From 1f6af493121b8e4132737c5c8a4506d0bab6e8f8 Mon Sep 17 00:00:00 2001 From: Sunny Zankharia <67922512+sazankha@users.noreply.github.com> Date: Mon, 3 Oct 2022 15:16:23 -0700 Subject: [PATCH 001/129] Update configure-md-app-guard.md fixed a minor glitch --- .../configure-md-app-guard.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/security/threat-protection/microsoft-defender-application-guard/configure-md-app-guard.md b/windows/security/threat-protection/microsoft-defender-application-guard/configure-md-app-guard.md index 382528bfa0..ce6c3c7ddf 100644 --- a/windows/security/threat-protection/microsoft-defender-application-guard/configure-md-app-guard.md +++ b/windows/security/threat-protection/microsoft-defender-application-guard/configure-md-app-guard.md @@ -60,7 +60,7 @@ These settings, located at `Computer Configuration\Administrative Templates\Wind |Configure Microsoft Defender Application Guard print settings|Windows 10 Enterprise, 1709 or higher

Windows 11 Enterprise|Determines whether Application Guard can use the print functionality.|**Enabled.** This is effective only in managed mode. Turns on the print functionality and lets you choose whether to additionally:
- Enable Application Guard to print into the XPS format.
- Enable Application Guard to print into the PDF format.
- Enable Application Guard to print to locally attached printers.
- Enable Application Guard to print from previously connected network printers. Employees can't search for other printers.

**Disabled or not configured.** Completely turns Off the print functionality for Application Guard.| |Allow Persistence|Windows 10 Enterprise, 1709 or higher

Windows 11 Enterprise|Determines whether data persists across different sessions in Microsoft Defender Application Guard.|**Enabled.** This is effective only in managed mode. Application Guard saves user-downloaded files and other items (such as, cookies, Favorites, and so on) for use in future Application Guard sessions.

**Disabled or not configured.** All user data within Application Guard is reset between sessions.

**NOTE**: If you later decide to stop supporting data persistence for your employees, you can use our Windows-provided utility to reset the container and to discard any personal data.

**To reset the container:**
1. Open a command-line program and navigate to `Windows/System32`.
2. Type `wdagtool.exe cleanup`. The container environment is reset, retaining only the employee-generated data.
3. Type `wdagtool.exe cleanup RESET_PERSISTENCE_LAYER`. The container environment is reset, including discarding all employee-generated data.| |Turn on Microsoft Defender Application Guard in Managed Mode|Windows 10 Enterprise, 1809 or higher

Windows 11 Enterprise|Determines whether to turn on Application Guard for Microsoft Edge and Microsoft Office.|**Enabled.** Turns on Application Guard for Microsoft Edge and/or Microsoft Office, honoring the network isolation settings, rendering untrusted content in the Application Guard container. Application Guard won't actually be turned on unless the required prerequisites and network isolation settings are already set on the device. Available options:
- Enable Microsoft Defender Application Guard only for Microsoft Edge
- Enable Microsoft Defender Application Guard only for Microsoft Office
- Enable Microsoft Defender Application Guard for both Microsoft Edge and Microsoft Office

**Disabled.** Turns off Application Guard, allowing all apps to run in Microsoft Edge and Microsoft Office.

**Note:** For Windows 10, if you have KB5014666 installed, and for Windows 11, if you have KB5014668 installed, you are no longer required to configure network isolation policy to enable Application Guard for Edge.| -|Allow files to download to host operating system|Windows 10 Enterprise or Pro, 1803 or higher

Windows 11 Enterprise or Pro|Determines whether to save downloaded files to the host operating system from the Microsoft Defender Application Guard container.|**Enabled.** This is effective only in managed mode. Allows users to save downloaded files from the Microsoft Defender Application Guard container to the host operating system. This action creates a share between the host and container that also allows for uploads from the host to the Application Guard container.

**Disabled or not configured.** Users aren't able to save downloaded files from Application Guard to the host operating system.| +|Allow files to download to host operating system|Windows 10 Enterprise or Pro, 1803 or higher

Windows 11 Enterprise or Pro|Determines whether to save downloaded files to the host operating system from the Microsoft Defender Application Guard container.|**Enabled.** Allows users to save downloaded files from the Microsoft Defender Application Guard container to the host operating system. This action creates a share between the host and container that also allows for uploads from the host to the Application Guard container.

**Disabled or not configured.** Users aren't able to save downloaded files from Application Guard to the host operating system.| |Allow hardware-accelerated rendering for Microsoft Defender Application Guard|Windows 10 Enterprise, 1803 or higher

Windows 11 Enterprise|Determines whether Microsoft Defender Application Guard renders graphics using hardware or software acceleration.|**Enabled.** This is effective only in managed mode. Microsoft Defender Application Guard uses Hyper-V to access supported, high-security rendering graphics hardware (GPUs). These GPUs improve rendering performance and battery life while using Microsoft Defender Application Guard, particularly for video playback and other graphics-intensive use cases. If this setting is enabled without connecting any high-security rendering graphics hardware, Microsoft Defender Application Guard will automatically revert to software-based (CPU) rendering. **Important:** Enabling this setting with potentially compromised graphics devices or drivers might pose a risk to the host device.

**Disabled or not configured.** Microsoft Defender Application Guard uses software-based (CPU) rendering and won’t load any third-party graphics drivers or interact with any connected graphics hardware.| |Allow camera and microphone access in Microsoft Defender Application Guard|Windows 10 Enterprise, 1809 or higher

Windows 11 Enterprise|Determines whether to allow camera and microphone access inside Microsoft Defender Application Guard.|**Enabled.** This is effective only in managed mode. Applications inside Microsoft Defender Application Guard are able to access the camera and microphone on the user's device. **Important:** Enabling this policy with a potentially compromised container could bypass camera and microphone permissions and access the camera and microphone without the user's knowledge.

**Disabled or not configured.** Applications inside Microsoft Defender Application Guard are unable to access the camera and microphone on the user's device.| |Allow Microsoft Defender Application Guard to use Root Certificate Authorities from a user's device|Windows 10 Enterprise or Pro, 1809 or higher

Windows 11 Enterprise or Pro|Determines whether Root Certificates are shared with Microsoft Defender Application Guard.|**Enabled.** Certificates matching the specified thumbprint are transferred into the container. Use a comma to separate multiple certificates.

**Disabled or not configured.** Certificates aren't shared with Microsoft Defender Application Guard.| From 675c0e151f3a3a9442267df27eec4db855594468 Mon Sep 17 00:00:00 2001 From: Rafal Sosnowski <51166236+rafals2@users.noreply.github.com> Date: Tue, 4 Oct 2022 10:05:57 -0700 Subject: [PATCH 002/129] Update bitlocker-countermeasures.md added info about the rogue OS attack --- .../bitlocker/bitlocker-countermeasures.md | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/windows/security/information-protection/bitlocker/bitlocker-countermeasures.md b/windows/security/information-protection/bitlocker/bitlocker-countermeasures.md index 4f129193e8..b4a4825f7b 100644 --- a/windows/security/information-protection/bitlocker/bitlocker-countermeasures.md +++ b/windows/security/information-protection/bitlocker/bitlocker-countermeasures.md @@ -155,6 +155,12 @@ It also blocks automatic or manual attempts to move the paging file. Enable secure boot and mandatorily prompt a password to change BIOS settings. For customers requiring protection against these advanced attacks, configure a TPM+PIN protector, disable Standby power management, and shut down or hibernate the device before it leaves the control of an authorized user. +### Tricking BitLocker to pass the key to a rogue Operating system + +An attacker can modify the boot manager (BootMgr) configuration database (BCD) which is stored on a non-encrypted partition and add an entry point to a rogue OS on a different partition. During the boot process, BitLocker code will make sure that the operating system that the encryption key obtained from the TPM is given to, is cryptographically verified to be the intended recipient. Because this strong cryptographic verification already exists, Microsoft doesn’t recommend storing a hash of a disk partition table in Platform Configuration Register (PCR) 5. + +Also, an attacker can replace the entire OS disk while preserving the platform hardware and firmware and then could extract a protected BitLocker key blob from the metadata of the victim OS partition. The attacker could then attempt to unseal that BitLocker key blob by calling the TPM API from an operating system under their control. This will not succeeed because when Windows seals the BitLocker key to the TPM, it does it with a PCR 11 value of 0 and to successfully unseal the blob, PCR 11 in the TPM must have value of 0. However, when boot manager passes the control to any boot loader (legitimate or rogue) it always changes PCR11 to a value of 1. Since the PCR 11 value is guaranteed to be different after exiting the boot manager, the attacker can't unlock the Bitlocker key. + ## Attacker countermeasures The following sections cover mitigations for different types of attackers. From 1a0db1f8677550c317734e3d1000d8fa23bbe2c0 Mon Sep 17 00:00:00 2001 From: Chad Simmons Date: Mon, 10 Oct 2022 11:29:10 -0500 Subject: [PATCH 003/129] spelling issue: Azure AD integration with MDM fixed spelling issue since Old English "thee" isn't really used anymore. :) --- .../mdm/azure-active-directory-integration-with-mdm.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/client-management/mdm/azure-active-directory-integration-with-mdm.md b/windows/client-management/mdm/azure-active-directory-integration-with-mdm.md index 467e007dd7..a7d44b2534 100644 --- a/windows/client-management/mdm/azure-active-directory-integration-with-mdm.md +++ b/windows/client-management/mdm/azure-active-directory-integration-with-mdm.md @@ -204,7 +204,7 @@ The following table shows the required information to create an entry in the Azu There are no special requirements for adding on-premises MDM to the app gallery. There's a generic entry for administrator to add an app to their tenant. -However, key management is different for on-premises MDM. You must obtain the client ID (app ID) and key assigned to the MDM app within the customer's tenant. Thee ID and key obtain authorization to access the Microsoft Graph API and for reporting device compliance. +However, key management is different for on-premises MDM. You must obtain the client ID (app ID) and key assigned to the MDM app within the customer's tenant. The ID and key obtain authorization to access the Microsoft Graph API and for reporting device compliance. ## Themes From 7901eeb850ae82a6fbecf31a02a14fc5df1f4898 Mon Sep 17 00:00:00 2001 From: Chad Simmons Date: Tue, 11 Oct 2022 11:16:51 -0500 Subject: [PATCH 004/129] Update windows/client-management/mdm/azure-active-directory-integration-with-mdm.md Co-authored-by: JohanFreelancer9 <48568725+JohanFreelancer9@users.noreply.github.com> --- .../mdm/azure-active-directory-integration-with-mdm.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/client-management/mdm/azure-active-directory-integration-with-mdm.md b/windows/client-management/mdm/azure-active-directory-integration-with-mdm.md index a7d44b2534..209999ccfd 100644 --- a/windows/client-management/mdm/azure-active-directory-integration-with-mdm.md +++ b/windows/client-management/mdm/azure-active-directory-integration-with-mdm.md @@ -202,7 +202,7 @@ The following table shows the required information to create an entry in the Azu ### Add on-premises MDM to the app gallery -There are no special requirements for adding on-premises MDM to the app gallery. There's a generic entry for administrator to add an app to their tenant. +There are no special requirements for adding on-premises MDM to the app gallery. There's a generic entry for administrators to add an app to their tenant. However, key management is different for on-premises MDM. You must obtain the client ID (app ID) and key assigned to the MDM app within the customer's tenant. The ID and key obtain authorization to access the Microsoft Graph API and for reporting device compliance. From 59c99697778b29f77342de24d3d046c2eb7e37ca Mon Sep 17 00:00:00 2001 From: bmonroe924 <68250482+bmonroe924@users.noreply.github.com> Date: Wed, 12 Oct 2022 15:52:46 -0400 Subject: [PATCH 005/129] Update network-access-restrict-anonymous-access-to-named-pipes-and-shares.md This was only listed for windows 10. added the extra os levels that it applies to as well from the https://www.stigviewer.com/stig/microsoft_windows_server_20122012_r2_member_server/2021-03-05/finding/V-225493 --- ...-restrict-anonymous-access-to-named-pipes-and-shares.md | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/windows/security/threat-protection/security-policy-settings/network-access-restrict-anonymous-access-to-named-pipes-and-shares.md b/windows/security/threat-protection/security-policy-settings/network-access-restrict-anonymous-access-to-named-pipes-and-shares.md index 9bc2a12af5..c5cd9e9f15 100644 --- a/windows/security/threat-protection/security-policy-settings/network-access-restrict-anonymous-access-to-named-pipes-and-shares.md +++ b/windows/security/threat-protection/security-policy-settings/network-access-restrict-anonymous-access-to-named-pipes-and-shares.md @@ -21,7 +21,14 @@ ms.technology: windows-sec # Network access: Restrict anonymous access to Named Pipes and Shares **Applies to** +- Windows 11 - Windows 10 +- Windows 10 +- Windows 8.1 +- Windows Server 2022 +- Windows Server 2019 +- Windows Server 2016 +- Windows Server 2012 R2 Describes the best practices, location, values, policy management and security considerations for the **Network access: Restrict anonymous access to Named Pipes and Shares** security policy setting. From 63f24cb23adc16c7e01eba2158381eec03061cba Mon Sep 17 00:00:00 2001 From: Brian Monroe <68250482+bmonroe924@users.noreply.github.com> Date: Tue, 18 Oct 2022 10:17:00 -0400 Subject: [PATCH 006/129] Update windows/security/threat-protection/security-policy-settings/network-access-restrict-anonymous-access-to-named-pipes-and-shares.md Co-authored-by: JohanFreelancer9 <48568725+JohanFreelancer9@users.noreply.github.com> --- ...access-restrict-anonymous-access-to-named-pipes-and-shares.md | 1 - 1 file changed, 1 deletion(-) diff --git a/windows/security/threat-protection/security-policy-settings/network-access-restrict-anonymous-access-to-named-pipes-and-shares.md b/windows/security/threat-protection/security-policy-settings/network-access-restrict-anonymous-access-to-named-pipes-and-shares.md index c5cd9e9f15..7d5df7aca0 100644 --- a/windows/security/threat-protection/security-policy-settings/network-access-restrict-anonymous-access-to-named-pipes-and-shares.md +++ b/windows/security/threat-protection/security-policy-settings/network-access-restrict-anonymous-access-to-named-pipes-and-shares.md @@ -23,7 +23,6 @@ ms.technology: windows-sec **Applies to** - Windows 11 - Windows 10 -- Windows 10 - Windows 8.1 - Windows Server 2022 - Windows Server 2019 From a9dd8ff4db835ad99068c43df29a5cf5e8e68ff1 Mon Sep 17 00:00:00 2001 From: Frank Rojas <45807133+frankroj@users.noreply.github.com> Date: Mon, 7 Nov 2022 22:31:39 -0500 Subject: [PATCH 007/129] Metadata/style update BitLocker --- .../bitlocker/bcd-settings-and-bitlocker.md | 366 +++++++++--------- .../bitlocker/bitlocker-and-adds-faq.yml | 22 +- .../bitlocker/bitlocker-basic-deployment.md | 120 +++--- .../bitlocker/bitlocker-countermeasures.md | 26 +- ...cker-deployment-and-administration-faq.yml | 14 +- .../bitlocker-deployment-comparison.md | 12 +- ...r-device-encryption-overview-windows-10.md | 38 +- .../bitlocker-frequently-asked-questions.yml | 36 +- .../bitlocker-group-policy-settings.md | 322 +++++++-------- ...tlocker-how-to-deploy-on-windows-server.md | 34 +- .../bitlocker-how-to-enable-network-unlock.md | 46 +-- .../bitlocker-key-management-faq.yml | 18 +- .../bitlocker-management-for-enterprises.md | 6 +- .../bitlocker-network-unlock-faq.yml | 2 +- ...itlocker-overview-and-requirements-faq.yml | 12 +- .../bitlocker/bitlocker-overview.md | 20 +- .../bitlocker-recovery-guide-plan.md | 70 ++-- .../bitlocker-recovery-loop-break.md | 6 +- .../bitlocker/bitlocker-security-faq.yml | 4 +- .../bitlocker/bitlocker-to-go-faq.yml | 2 +- .../bitlocker/bitlocker-upgrading-faq.yml | 6 +- ...ve-encryption-tools-to-manage-bitlocker.md | 24 +- ...-use-bitlocker-recovery-password-viewer.md | 16 +- ...itlocker-using-with-other-programs-faq.yml | 22 +- ...ion-for-bitlocker-planning-and-policies.md | 12 +- ...nd-storage-area-networks-with-bitlocker.md | 40 +- .../bitlocker/troubleshoot-bitlocker.md | 12 +- .../ts-bitlocker-cannot-encrypt-issues.md | 14 +- .../ts-bitlocker-cannot-encrypt-tpm-issues.md | 8 +- .../bitlocker/ts-bitlocker-config-issues.md | 14 +- .../ts-bitlocker-decode-measured-boot-logs.md | 10 +- .../bitlocker/ts-bitlocker-intune-issues.md | 32 +- .../ts-bitlocker-network-unlock-issues.md | 6 +- .../bitlocker/ts-bitlocker-recovery-issues.md | 40 +- .../bitlocker/ts-bitlocker-tpm-issues.md | 16 +- 35 files changed, 726 insertions(+), 722 deletions(-) diff --git a/windows/security/information-protection/bitlocker/bcd-settings-and-bitlocker.md b/windows/security/information-protection/bitlocker/bcd-settings-and-bitlocker.md index 4a3b3e57ca..df5de3b7bb 100644 --- a/windows/security/information-protection/bitlocker/bcd-settings-and-bitlocker.md +++ b/windows/security/information-protection/bitlocker/bcd-settings-and-bitlocker.md @@ -1,260 +1,258 @@ --- title: BCD settings and BitLocker (Windows 10) -description: This topic for IT professionals describes the BCD settings that are used by BitLocker. +description: This article for IT professionals describes the BCD settings that are used by BitLocker. ms.reviewer: ms.prod: windows-client ms.localizationpriority: medium -author: dansimp -ms.author: dansimp +author: frankroj +ms.author: frankroj manager: aaroncz ms.collection: M365-security-compliance ms.topic: conceptual -ms.date: 02/28/2019 +ms.date: 11/08/2022 ms.custom: bitlocker --- # Boot Configuration Data settings and BitLocker -**Applies to** +This article for IT professionals describes the Boot Configuration Data (BCD) settings that are used by BitLocker. -This topic for IT professionals describes the Boot Configuration Data (BCD) settings that are used by BitLocker. - -When protecting data at rest on an operating system volume, during the boot process BitLocker verifies that the security sensitive BCD settings have not changed since BitLocker was last enabled, resumed, or recovered. +When protecting data at rest on an operating system volume, during the boot process BitLocker verifies that the security sensitive BCD settings haven't changed since BitLocker was last enabled, resumed, or recovered. ## BitLocker and BCD Settings In Windows 7 and Windows Server 2008 R2, BitLocker validated BCD settings with the winload, winresume, and memtest prefixes to a large degree. However, this high degree of validation caused BitLocker to go into recovery mode for benign setting changes, for example, when applying a language pack, BitLocker would enter recovery mode. -In Windows 8, Windows Server 2012, and later operating systems, BitLocker narrows the set of BCD settings validated to reduce the chance of benign changes causing a BCD validation problem. If you believe that there is a risk in excluding a particular BCD setting from the validation profile, include that BCD setting in the BCD validation coverage to suit your validation preferences. +In Windows 8, Windows Server 2012, and later operating systems, BitLocker narrows the set of BCD settings validated to reduce the chance of benign changes causing a BCD validation problem. If you believe that there's a risk in excluding a particular BCD setting from the validation profile, include that BCD setting in the BCD validation coverage to suit your validation preferences. If a default BCD setting is found to persistently trigger a recovery for benign changes, exclude that BCD setting from the validation coverage. ### When secure boot is enabled Computers with UEFI firmware can use secure boot to provide enhanced boot security. When BitLocker is able to use secure boot for platform and BCD integrity validation, as defined by the **Allow Secure Boot for integrity validation** group policy setting, the **Use enhanced Boot Configuration Data validation profile** group policy is ignored. -One of the benefits of using secure boot is that it can correct BCD settings during boot without triggering recovery events. Secure boot enforces the same BCD settings as BitLocker. Secure boot BCD enforcement is not configurable from within the operating system. +One of the benefits of using secure boot is that it can correct BCD settings during boot without triggering recovery events. Secure boot enforces the same BCD settings as BitLocker. Secure boot BCD enforcement isn't configurable from within the operating system. ## Customizing BCD validation settings To modify the BCD settings that are validated by BitLocker, the administrator will add or exclude BCD settings from the platform validation profile by enabling and configuring the **Use enhanced Boot Configuration Data validation profile** group policy setting. -For the purposes of BitLocker validation, BCD settings are associated with a specific set of Microsoft boot applications. These BCD settings can also be applied to the other Microsoft boot applications that are not part of the set to which the BCD settings are already applicable to. This can be done by attaching any of the following prefixes to the BCD settings which are being entered in the group policy settings dialog: +For the purposes of BitLocker validation, BCD settings are associated with a specific set of Microsoft boot applications. These BCD settings can also be applied to the other Microsoft boot applications that aren't part of the set to which the BCD settings are already applicable for. This setting can be done by attaching any of the following prefixes to the BCD settings that are being entered in the group policy settings dialog: -- winload -- winresume -- memtest -- all of the above +- winload +- winresume +- memtest +- all of the above -All BCD settings are specified by combining the prefix value with either a hexadecimal (hex) value or a “friendly name.” +All BCD settings are specified by combining the prefix value with either a hexadecimal (hex) value or a "friendly name." The BCD setting hex value is reported when BitLocker enters recovery mode and is stored in the event log (event ID 523). The hex value uniquely identifies the BCD setting that caused the recovery event. -You can quickly obtain the friendly name for the BCD settings on your computer by using the command “`bcdedit.exe /enum all`”. +You can quickly obtain the friendly name for the BCD settings on your computer by using the command `bcdedit.exe /enum all`. Not all BCD settings have friendly names; for those settings without a friendly name, the hex value is the only way to configure an exclusion policy. When specifying BCD values in the **Use enhanced Boot Configuration Data validation profile** group policy setting, use the following syntax: -- Prefix the setting with the boot application prefix -- Append a colon ‘:’ -- Append either the hex value or the friendly name -- If entering more than one BCD setting, you will need to enter each BCD setting on a new line +- Prefix the setting with the boot application prefix +- Append a colon `:` +- Append either the hex value or the friendly name +- If entering more than one BCD setting, you'll need to enter each BCD setting on a new line -For example, either “`winload:hypervisordebugport`” or “`winload:0x250000f4`” yields the same value. +For example, either "`winload:hypervisordebugport`" or "`winload:0x250000f4`" yields the same value. -A setting that applies to all boot applications may be applied only to an individual application; however, the reverse is not true. For example, one can specify either “`all:locale`” or “`winresume:locale`”, but as the BCD setting “`win-pe`” does not apply to all boot applications, “`winload:winpe`” is valid, but “`all:winpe`” is not valid. The setting that controls boot debugging (“`bootdebug`” or 0x16000010) will always be validated and will have no effect if it is included in the provided fields. +A setting that applies to all boot applications may be applied only to an individual application; however, the reverse isn't true. For example, one can specify either "`all:locale`" or "`winresume:locale`", but as the BCD setting "`win-pe`" doesn't apply to all boot applications, "`winload:winpe`" is valid, but "`all:winpe`" isn't valid. The setting that controls boot debugging ("`bootdebug`" or 0x16000010) will always be validated and will have no effect if it's included in the provided fields. > [!NOTE] > Take care when configuring BCD entries in the Group Policy setting. The Local Group Policy Editor does not validate the correctness of the BCD entry. BitLocker will fail to be enabled if the Group Policy setting specified is invalid. -  + ### Default BCD validation profile The following table contains the default BCD validation profile used by BitLocker in Windows 8, Windows Server 2012, and subsequent versions: | Hex Value | Prefix | Friendly Name | | - | - | - | -| 0x11000001 | all | device| -| 0x12000002 | all | path| +| 0x11000001 | all | device| +| 0x12000002 | all | path| | 0x12000030 | all | loadoptions| -| 0x16000010 | all | bootdebug| -| 0x16000040 | all | advancedoptions| -| 0x16000041 | all| optionsedit| -| 0x16000048| all| nointegritychecks| -| 0x16000049| all| testsigning| -| 0x16000060| all| isolatedcontext| +| 0x16000010 | all | bootdebug| +| 0x16000040 | all | advancedoptions| +| 0x16000041 | all| optionsedit| +| 0x16000048| all| nointegritychecks| +| 0x16000049| all| testsigning| +| 0x16000060| all| isolatedcontext| | 0x1600007b| all| forcefipscrypto| -| 0x22000002| winload| systemroot| -| 0x22000011| winload| kernel| -| 0x22000012| winload| hal| -| 0x22000053| winload| evstore| -| 0x25000020| winload| nx| -| 0x25000052| winload| restrictapiccluster| -| 0x26000022| winload| winpe| -| 0x26000025 |winload|lastknowngood| -| 0x26000081| winload| safebootalternateshell| -| 0x260000a0| winload| debug| -| 0x260000f2| winload| hypervisordebug| -| 0x26000116| winload| hypervisorusevapic| -| 0x21000001| winresume| filedevice| -| 0x22000002| winresume| filepath| -| 0x26000006| winresume| debugoptionenabled| +| 0x22000002| winload| systemroot| +| 0x22000011| winload| kernel| +| 0x22000012| winload| hal| +| 0x22000053| winload| evstore| +| 0x25000020| winload| nx| +| 0x25000052| winload| restrictapiccluster| +| 0x26000022| winload| winpe| +| 0x26000025 |winload|lastknowngood| +| 0x26000081| winload| safebootalternateshell| +| 0x260000a0| winload| debug| +| 0x260000f2| winload| hypervisordebug| +| 0x26000116| winload| hypervisorusevapic| +| 0x21000001| winresume| filedevice| +| 0x22000002| winresume| filepath| +| 0x26000006| winresume| debugoptionenabled| ### Full list of friendly names for ignored BCD settings -This following is a full list of BCD settings with friendly names, which are ignored by default. These settings are not part of the default BitLocker validation profile, but can be added if you see a need to validate any of these settings before allowing a BitLocker–protected operating system drive to be unlocked. +The following list is a full list of BCD settings with friendly names, which are ignored by default. These settings aren't part of the default BitLocker validation profile, but can be added if you see a need to validate any of these settings before allowing a BitLocker-protected operating system drive to be unlocked. > [!NOTE] > Additional BCD settings exist that have hex values but do not have friendly names. These settings are not included in this list. | Hex Value | Prefix | Friendly Name | | - | - | - | -| 0x12000004 | all | description | -| 0x12000005 | all | locale | -| 0x12000016 | all | targetname | -| 0x12000019| all| busparams| -| 0x1200001d| all| key| -| 0x1200004a| all| fontpath| -| 0x14000006| all| inherit| -| 0x14000008| all| recoverysequence| -| 0x15000007| all| truncatememory| -| 0x1500000c| all| firstmegabytepolicy| -| 0x1500000d| all| relocatephysical| -| 0x1500000e| all| avoidlowmemory| -| 0x15000011| all| debugtype| -| 0x15000012 |all|debugaddress| -| 0x15000013| all| debugport| -| 0x15000014|all|baudrate| -| 0x15000015 | all| channel| -| 0x15000018 | all| debugstart| -| 0x1500001a | all| hostip| -| 0x1500001b | all| port| -| 0x15000022 | all| emsport| -| 0x15000023 | all| emsbaudrate| -| 0x15000042 | all| keyringaddress| -| 0x15000047 | all| configaccesspolicy| -| 0x1500004b | all| integrityservices| -| 0x1500004c | all| volumebandid| -| 0x15000051 | all| initialconsoleinput| -| 0x15000052 | all| graphicsresolution| -| 0x15000065 | all| displaymessage| +| 0x12000004 | all | description | +| 0x12000005 | all | locale | +| 0x12000016 | all | targetname | +| 0x12000019| all| busparams| +| 0x1200001d| all| key| +| 0x1200004a| all| fontpath| +| 0x14000006| all| inherit| +| 0x14000008| all| recoverysequence| +| 0x15000007| all| truncatememory| +| 0x1500000c| all| firstmegabytepolicy| +| 0x1500000d| all| relocatephysical| +| 0x1500000e| all| avoidlowmemory| +| 0x15000011| all| debugtype| +| 0x15000012 |all|debugaddress| +| 0x15000013| all| debugport| +| 0x15000014|all|baudrate| +| 0x15000015 | all| channel| +| 0x15000018 | all| debugstart| +| 0x1500001a | all| hostip| +| 0x1500001b | all| port| +| 0x15000022 | all| emsport| +| 0x15000023 | all| emsbaudrate| +| 0x15000042 | all| keyringaddress| +| 0x15000047 | all| configaccesspolicy| +| 0x1500004b | all| integrityservices| +| 0x1500004c | all| volumebandid| +| 0x15000051 | all| initialconsoleinput| +| 0x15000052 | all| graphicsresolution| +| 0x15000065 | all| displaymessage| | 0x15000066 | all| displaymessageoverride| | 0x15000081 | all| logcontrol| -| 0x16000009 | all| recoveryenabled| -| 0x1600000b | all| badmemoryaccess| -| 0x1600000f | all| traditionalkseg| -| 0x16000017 | all| noumex| -| 0x1600001c | all| dhcp| -| 0x1600001e | all| vm| -| 0x16000020 | all| bootems| -| 0x16000046 | all| graphicsmodedisabled| -| 0x16000050 | all| extendedinput| -| 0x16000053 | all| restartonfailure| -| 0x16000054 | all| highestmode| -| 0x1600006c | all| bootuxdisabled| -| 0x16000072 | all| nokeyboard| -| 0x16000074 | all| bootshutdowndisabled| -| 0x1700000a | all| badmemorylist| -| 0x17000077 | all| allowedinmemorysettings| -| 0x22000040 | all| fverecoveryurl| -| 0x22000041 | all| fverecoverymessage| -| 0x31000003 | all| ramdisksdidevice| +| 0x16000009 | all| recoveryenabled| +| 0x1600000b | all| badmemoryaccess| +| 0x1600000f | all| traditionalkseg| +| 0x16000017 | all| noumex| +| 0x1600001c | all| dhcp| +| 0x1600001e | all| vm| +| 0x16000020 | all| bootems| +| 0x16000046 | all| graphicsmodedisabled| +| 0x16000050 | all| extendedinput| +| 0x16000053 | all| restartonfailure| +| 0x16000054 | all| highestmode| +| 0x1600006c | all| bootuxdisabled| +| 0x16000072 | all| nokeyboard| +| 0x16000074 | all| bootshutdowndisabled| +| 0x1700000a | all| badmemorylist| +| 0x17000077 | all| allowedinmemorysettings| +| 0x22000040 | all| fverecoveryurl| +| 0x22000041 | all| fverecoverymessage| +| 0x31000003 | all| ramdisksdidevice| | 0x32000004 | all| ramdisksdipath| -| 0x35000001| all | ramdiskimageoffset| -| 0x35000002 | all| ramdisktftpclientport| -| 0x35000005 | all| ramdiskimagelength| -| 0x35000007 | all| ramdisktftpblocksize| -| 0x35000008 | all| ramdisktftpwindowsize| -| 0x36000006 | all| exportascd| -| 0x36000009 | all| ramdiskmcenabled| -| 0x3600000a | all| ramdiskmctftpfallback| -| 0x3600000b | all| ramdisktftpvarwindow| -| 0x21000001 | winload| osdevice| -| 0x22000013 | winload| dbgtransport| -| 0x220000f9 | winload| hypervisorbusparams| -| 0x22000110 | winload| hypervisorusekey| +| 0x35000001| all | ramdiskimageoffset| +| 0x35000002 | all| ramdisktftpclientport| +| 0x35000005 | all| ramdiskimagelength| +| 0x35000007 | all| ramdisktftpblocksize| +| 0x35000008 | all| ramdisktftpwindowsize| +| 0x36000006 | all| exportascd| +| 0x36000009 | all| ramdiskmcenabled| +| 0x3600000a | all| ramdiskmctftpfallback| +| 0x3600000b | all| ramdisktftpvarwindow| +| 0x21000001 | winload| osdevice| +| 0x22000013 | winload| dbgtransport| +| 0x220000f9 | winload| hypervisorbusparams| +| 0x22000110 | winload| hypervisorusekey| | 0x23000003 |winload| resumeobject| -| 0x25000021| winload| pae| -| 0x25000031 |winload| removememory| -| 0x25000032 | winload| increaseuserva| -| 0x25000033 | winload| perfmem| -| 0x25000050 | winload| clustermodeaddressing| -| 0x25000055 | winload| x2apicpolicy| -| 0x25000061 | winload| numproc| +| 0x25000021| winload| pae| +| 0x25000031 |winload| removememory| +| 0x25000032 | winload| increaseuserva| +| 0x25000033 | winload| perfmem| +| 0x25000050 | winload| clustermodeaddressing| +| 0x25000055 | winload| x2apicpolicy| +| 0x25000061 | winload| numproc| | 0x25000063 | winload| configflags| | 0x25000066| winload| groupsize| | 0x25000071 | winload| msi| -| 0x25000072 | winload| pciexpress| -| 0x25000080 | winload| safeboot| -| 0x250000a6 | winload| tscsyncpolicy| -| 0x250000c1| winload| driverloadfailurepolicy| -| 0x250000c2| winload| bootmenupolicy| -| 0x250000e0 |winload| bootstatuspolicy| -| 0x250000f0 | winload| hypervisorlaunchtype| -| 0x250000f3 | winload| hypervisordebugtype| -| 0x250000f4 | winload| hypervisordebugport| -| 0x250000f5 | winload| hypervisorbaudrate| -| 0x250000f6 | winload| hypervisorchannel| -| 0x250000f7 | winload| bootux| -| 0x250000fa | winload| hypervisornumproc| -| 0x250000fb | winload| hypervisorrootprocpernode| -| 0x250000fd | winload| hypervisorhostip| -| 0x250000fe | winload| hypervisorhostport| -| 0x25000100 | winload| tpmbootentropy| -| 0x25000113 | winload| hypervisorrootproc| -| 0x25000115 | winload| hypervisoriommupolicy| -| 0x25000120 | winload| xsavepolicy| -| 0x25000121 | winload| xsaveaddfeature0| -| 0x25000122 | winload| xsaveaddfeature1| -| 0x25000123 | winload| xsaveaddfeature2| -| 0x25000124 | winload| xsaveaddfeature3| -| 0x25000125 | winload| xsaveaddfeature4| -| 0x25000126 | winload| xsaveaddfeature5| -| 0x25000127 | winload| xsaveaddfeature6| -| 0x25000128 | winload| xsaveaddfeature7| -| 0x25000129 | winload| xsaveremovefeature| -| 0x2500012a | winload| xsaveprocessorsmask| -| 0x2500012b | winload| xsavedisable| -| 0x25000130 | winload| claimedtpmcounter| -| 0x26000004 | winload| stampdisks| -| 0x26000010 | winload| detecthal| -| 0x26000024 | winload| nocrashautoreboot| -| 0x26000030 | winload| nolowmem| -| 0x26000040 | winload| vga| -| 0x26000041 | winload| quietboot| -| 0x26000042 | winload| novesa| -| 0x26000043 | winload| novga| -| 0x26000051 | winload| usephysicaldestination| -| 0x26000054 | winload| uselegacyapicmode| -| 0x26000060 | winload| onecpu| -| 0x26000062 | winload| maxproc| -| 0x26000064 | winload| maxgroup| -| 0x26000065 | winload| groupaware| -| 0x26000070| winload| usefirmwarepcisettings| +| 0x25000072 | winload| pciexpress| +| 0x25000080 | winload| safeboot| +| 0x250000a6 | winload| tscsyncpolicy| +| 0x250000c1| winload| driverloadfailurepolicy| +| 0x250000c2| winload| bootmenupolicy| +| 0x250000e0 |winload| bootstatuspolicy| +| 0x250000f0 | winload| hypervisorlaunchtype| +| 0x250000f3 | winload| hypervisordebugtype| +| 0x250000f4 | winload| hypervisordebugport| +| 0x250000f5 | winload| hypervisorbaudrate| +| 0x250000f6 | winload| hypervisorchannel| +| 0x250000f7 | winload| bootux| +| 0x250000fa | winload| hypervisornumproc| +| 0x250000fb | winload| hypervisorrootprocpernode| +| 0x250000fd | winload| hypervisorhostip| +| 0x250000fe | winload| hypervisorhostport| +| 0x25000100 | winload| tpmbootentropy| +| 0x25000113 | winload| hypervisorrootproc| +| 0x25000115 | winload| hypervisoriommupolicy| +| 0x25000120 | winload| xsavepolicy| +| 0x25000121 | winload| xsaveaddfeature0| +| 0x25000122 | winload| xsaveaddfeature1| +| 0x25000123 | winload| xsaveaddfeature2| +| 0x25000124 | winload| xsaveaddfeature3| +| 0x25000125 | winload| xsaveaddfeature4| +| 0x25000126 | winload| xsaveaddfeature5| +| 0x25000127 | winload| xsaveaddfeature6| +| 0x25000128 | winload| xsaveaddfeature7| +| 0x25000129 | winload| xsaveremovefeature| +| 0x2500012a | winload| xsaveprocessorsmask| +| 0x2500012b | winload| xsavedisable| +| 0x25000130 | winload| claimedtpmcounter| +| 0x26000004 | winload| stampdisks| +| 0x26000010 | winload| detecthal| +| 0x26000024 | winload| nocrashautoreboot| +| 0x26000030 | winload| nolowmem| +| 0x26000040 | winload| vga| +| 0x26000041 | winload| quietboot| +| 0x26000042 | winload| novesa| +| 0x26000043 | winload| novga| +| 0x26000051 | winload| usephysicaldestination| +| 0x26000054 | winload| uselegacyapicmode| +| 0x26000060 | winload| onecpu| +| 0x26000062 | winload| maxproc| +| 0x26000064 | winload| maxgroup| +| 0x26000065 | winload| groupaware| +| 0x26000070| winload| usefirmwarepcisettings| | 0x26000090 | winload| bootlog| -| 0x26000091 | winload| sos| -| 0x260000a1 | winload| halbreakpoint| -| 0x260000a2 | winload| useplatformclock| -| 0x260000a3 |winload| forcelegacyplatform| -| 0x260000a4 | winload| useplatformtick| -| 0x260000a5 | winload| disabledynamictick| -| 0x260000b0 | winload| ems| -| 0x260000c3 | winload| onetimeadvancedoptions| -| 0x260000c4 | winload| onetimeoptionsedit| -| 0x260000e1| winload| disableelamdrivers| -| 0x260000f8 | winload| hypervisordisableslat| -| 0x260000fc | winload| hypervisoruselargevtlb| -| 0x26000114 | winload| hypervisordhcp| +| 0x26000091 | winload| sos| +| 0x260000a1 | winload| halbreakpoint| +| 0x260000a2 | winload| useplatformclock| +| 0x260000a3 |winload| forcelegacyplatform| +| 0x260000a4 | winload| useplatformtick| +| 0x260000a5 | winload| disabledynamictick| +| 0x260000b0 | winload| ems| +| 0x260000c3 | winload| onetimeadvancedoptions| +| 0x260000c4 | winload| onetimeoptionsedit| +| 0x260000e1| winload| disableelamdrivers| +| 0x260000f8 | winload| hypervisordisableslat| +| 0x260000fc | winload| hypervisoruselargevtlb| +| 0x26000114 | winload| hypervisordhcp| | 0x21000005 | winresume| associatedosdevice| -| 0x25000007 | winresume| bootux| +| 0x25000007 | winresume| bootux| | 0x25000008 | winresume| bootmenupolicy| -| 0x26000003| winresume |customsettings| +| 0x26000003| winresume |customsettings| | 0x26000004 | winresume| pae| -| 0x25000001 | memtest| passcount| -| 0x25000002 | memtest| testmix| -| 0x25000005 | memtest| stridefailcount| -| 0x25000006 | memtest| invcfailcount| -| 0x25000007 | memtest| matsfailcount| -| 0x25000008 | memtest| randfailcount| +| 0x25000001 | memtest| passcount| +| 0x25000002 | memtest| testmix| +| 0x25000005 | memtest| stridefailcount| +| 0x25000006 | memtest| invcfailcount| +| 0x25000007 | memtest| matsfailcount| +| 0x25000008 | memtest| randfailcount| | 0x25000009 |memtest| chckrfailcount| | 0x26000003| memtest| cacheenable| | 0x26000004 | memtest| failuresenabled| diff --git a/windows/security/information-protection/bitlocker/bitlocker-and-adds-faq.yml b/windows/security/information-protection/bitlocker/bitlocker-and-adds-faq.yml index 5278e578b5..552c4c894f 100644 --- a/windows/security/information-protection/bitlocker/bitlocker-and-adds-faq.yml +++ b/windows/security/information-protection/bitlocker/bitlocker-and-adds-faq.yml @@ -22,7 +22,7 @@ metadata: title: BitLocker and Active Directory Domain Services (AD DS) FAQ summary: | **Applies to** - - Windows 10 + - Windows 10 @@ -41,11 +41,11 @@ sections: - question: | What if BitLocker is enabled on a computer before the computer has joined the domain? answer: | - If BitLocker is enabled on a drive before Group Policy has been applied to enforce a backup, the recovery information will not be automatically backed up to AD DS when the computer joins the domain or when Group Policy is subsequently applied. However, you can use the **Choose how BitLocker-protected operating system drives can be recovered**, **Choose how BitLocker-protected fixed drives can be recovered**, and **Choose how BitLocker-protected removable drives can be recovered** Group Policy settings to require the computer to be connected to a domain before BitLocker can be enabled to help ensure that recovery information for BitLocker-protected drives in your organization is backed up to AD DS. + If BitLocker is enabled on a drive before Group Policy has been applied to enforce a backup, the recovery information will not be automatically backed up to AD DS when the computer joins the domain or when Group Policy is subsequently applied. However, you can use the **Choose how BitLocker-protected operating system drives can be recovered**, **Choose how BitLocker-protected fixed drives can be recovered**, and **Choose how BitLocker-protected removable drives can be recovered** Group Policy settings to require the computer to be connected to a domain before BitLocker can be enabled to help ensure that recovery information for BitLocker-protected drives in your organization is backed up to AD DS. For more info, see [BitLocker Group Policy settings](bitlocker-group-policy-settings.md). - The BitLocker Windows Management Instrumentation (WMI) interface does allow administrators to write a script to back up or synchronize an online client's existing recovery information; however, BitLocker does not automatically manage this process. The `manage-bde` command-line tool can also be used to manually back up recovery information to AD DS. For example, to back up all of the recovery information for the `$env:SystemDrive` to AD DS, you would use the following command script from an elevated command prompt: + The BitLocker Windows Management Instrumentation (WMI) interface does allow administrators to write a script to back up or synchronize an online client's existing recovery information; however, BitLocker does not automatically manage this process. The `manage-bde` command-line tool can also be used to manually back up recovery information to AD DS. For example, to back up all of the recovery information for the `$env:SystemDrive` to AD DS, you would use the following command script from an elevated command prompt: ```PowerShell $BitLocker = Get-BitLockerVolume -MountPoint $env:SystemDrive @@ -56,29 +56,29 @@ sections: ``` > [!IMPORTANT] - > Joining a computer to the domain should be the first step for new computers within an organization. After computers are joined to a domain, storing the BitLocker recovery key to AD DS is automatic (when enabled in Group Policy). + > Joining a computer to the domain should be the first step for new computers within an organization. After computers are joined to a domain, storing the BitLocker recovery key to AD DS is automatic (when enabled in Group Policy). - question: | Is there an event log entry recorded on the client computer to indicate the success or failure of the Active Directory backup? answer: | - Yes, an event log entry that indicates the success or failure of an Active Directory backup is recorded on the client computer. However, even if an event log entry says "Success," the information could have been subsequently removed from AD DS, or BitLocker could have been reconfigured in such a way that the Active Directory information can no longer unlock the drive (such as by removing the recovery password key protector). In addition, it is also possible that the log entry could be spoofed. + Yes, an event log entry that indicates the success or failure of an Active Directory backup is recorded on the client computer. However, even if an event log entry says "Success," the information could have been subsequently removed from AD DS, or BitLocker could have been reconfigured in such a way that the Active Directory information can no longer unlock the drive (such as by removing the recovery password key protector). In addition, it is also possible that the log entry could be spoofed. - Ultimately, determining whether a legitimate backup exists in AD DS requires querying AD DS with domain administrator credentials by using the BitLocker password viewer tool. + Ultimately, determining whether a legitimate backup exists in AD DS requires querying AD DS with domain administrator credentials by using the BitLocker password viewer tool. - question: | - If I change the BitLocker recovery password on my computer and store the new password in AD DS, will AD DS overwrite the old password? + If I change the BitLocker recovery password on my computer and store the new password in AD DS, will AD DS overwrite the old password? answer: | - No. By design, BitLocker recovery password entries do not get deleted from AD DS; therefore, you might see multiple passwords for each drive. To identify the latest password, check the date on the object. + No. By design, BitLocker recovery password entries do not get deleted from AD DS; therefore, you might see multiple passwords for each drive. To identify the latest password, check the date on the object. - question: | What happens if the backup initially fails? Will BitLocker retry it? answer: | - If the backup initially fails, such as when a domain controller is unreachable at the time when the BitLocker setup wizard is run, BitLocker does not try again to back up the recovery information to AD DS. + If the backup initially fails, such as when a domain controller is unreachable at the time when the BitLocker setup wizard is run, BitLocker does not try again to back up the recovery information to AD DS. - When an administrator selects the **Require BitLocker backup to AD DS** check box of the **Store BitLocker recovery information in Active Directory Domain Service (Windows 2008 and Windows Vista)** policy setting, or the equivalent **Do not enable BitLocker until recovery information is stored in AD DS for (operating system | fixed data | removable data) drives** check box in any of the **Choose how BitLocker-protected operating system drives can be recovered**, **Choose how BitLocker-protected fixed data drives can be recovered**, and **Choose how BitLocker-protected removable data drives can be recovered** policy settings, users can't enable BitLocker unless the computer is connected to the domain and the backup of BitLocker recovery information to AD DS succeeds. With these settings configured if the backup fails, BitLocker cannot be enabled, ensuring that administrators will be able to recover BitLocker-protected drives in the organization. + When an administrator selects the **Require BitLocker backup to AD DS** check box of the **Store BitLocker recovery information in Active Directory Domain Service (Windows 2008 and Windows Vista)** policy setting, or the equivalent **Do not enable BitLocker until recovery information is stored in AD DS for (operating system | fixed data | removable data) drives** check box in any of the **Choose how BitLocker-protected operating system drives can be recovered**, **Choose how BitLocker-protected fixed data drives can be recovered**, and **Choose how BitLocker-protected removable data drives can be recovered** policy settings, users can't enable BitLocker unless the computer is connected to the domain and the backup of BitLocker recovery information to AD DS succeeds. With these settings configured if the backup fails, BitLocker cannot be enabled, ensuring that administrators will be able to recover BitLocker-protected drives in the organization. For more info, see [BitLocker Group Policy settings](bitlocker-group-policy-settings.md). - When an administrator clears these check boxes, the administrator is allowing a drive to be BitLocker-protected without having the recovery information successfully backed up to AD DS; however, BitLocker will not automatically retry the backup if it fails. Instead, administrators can create a backup script, as described earlier in [What if BitLocker is enabled on a computer before the computer has joined the domain?](#what-if-bitlocker-is-enabled-on-a-computer-before-the-computer-has-joined-the-domain-) to capture the information after connectivity is restored. + When an administrator clears these check boxes, the administrator is allowing a drive to be BitLocker-protected without having the recovery information successfully backed up to AD DS; however, BitLocker will not automatically retry the backup if it fails. Instead, administrators can create a backup script, as described earlier in [What if BitLocker is enabled on a computer before the computer has joined the domain?](#what-if-bitlocker-is-enabled-on-a-computer-before-the-computer-has-joined-the-domain-) to capture the information after connectivity is restored. diff --git a/windows/security/information-protection/bitlocker/bitlocker-basic-deployment.md b/windows/security/information-protection/bitlocker/bitlocker-basic-deployment.md index 76f08567b4..4cf9e2a587 100644 --- a/windows/security/information-protection/bitlocker/bitlocker-basic-deployment.md +++ b/windows/security/information-protection/bitlocker/bitlocker-basic-deployment.md @@ -4,23 +4,19 @@ description: This article for the IT professional explains how BitLocker feature ms.reviewer: ms.prod: windows-client ms.localizationpriority: medium -author: dansimp -ms.author: dansimp +author: frankroj +ms.author: frankroj manager: aaroncz ms.collection: - M365-security-compliance ms.topic: conceptual -ms.date: 02/28/2019 +ms.date: 11/08/2022 ms.custom: bitlocker --- # BitLocker basic deployment -**Applies to** - -- Windows 10 -- Windows 11 -- Windows Server 2016 and above +(*Applies to: Windows 10, Windows 11, Windows Server 2016 and above*) This article for the IT professional explains how BitLocker features can be used to protect your data through drive encryption. @@ -35,14 +31,14 @@ If the drive was prepared as a single contiguous space, BitLocker requires a new BitLocker encryption can be done using the following methods: -- BitLocker control panel -- Windows Explorer -- `manage-bde` command-line interface -- BitLocker Windows PowerShell cmdlets +- BitLocker control panel +- Windows Explorer +- `manage-bde` command-line interface +- BitLocker Windows PowerShell cmdlets ### Encrypting volumes using the BitLocker control panel -Encrypting volumes with the BitLocker control panel (select **Start**, type *Bitlocker*, select **Manage BitLocker**) is how many users will use BitLocker. The name of the BitLocker control panel is BitLocker Drive Encryption. The BitLocker control panel supports encrypting operating system, fixed data, and removable data volumes. The BitLocker control panel will organize available drives in the appropriate category based on how the device reports itself to Windows. Only formatted volumes with assigned drive letters will appear properly in the BitLocker control panel applet. +Encrypting volumes with the BitLocker control panel (select **Start**, enter `Bitlocker`, select **Manage BitLocker**) is how many users will use BitLocker. The name of the BitLocker control panel is BitLocker Drive Encryption. The BitLocker control panel supports encrypting operating system, fixed data, and removable data volumes. The BitLocker control panel will organize available drives in the appropriate category based on how the device reports itself to Windows. Only formatted volumes with assigned drive letters will appear properly in the BitLocker control panel applet. To start encryption for a volume, select **Turn on BitLocker** for the appropriate drive to initialize the BitLocker Drive Encryption Wizard. BitLocker Drive Encryption Wizard options vary based on volume type (operating system volume or data volume). @@ -54,9 +50,9 @@ When the BitLocker Drive Encryption Wizard launches, it verifies the computer me |--- |--- | |Hardware configuration|The computer must meet the minimum requirements for the supported Windows versions.| |Operating system|BitLocker is an optional feature that can be installed by Server Manager on Windows Server 2012 and later.| -|Hardware TPM|TPM version 1.2 or 2.0.

A TPM isn't required for BitLocker; however, only a computer with a TPM can provide the additional security of pre-startup system integrity verification and multifactor authentication.| +|Hardware TPM|TPM version 1.2 or 2.0.

A TPM isn't required for BitLocker; however, only a computer with a TPM can provide the additional security of pre-startup system integrity verification and multifactor authentication.| |BIOS configuration|

  • A Trusted Computing Group (TCG)-compliant BIOS or UEFI firmware.
  • The boot order must be set to start first from the hard disk, and not the USB or CD drives.
  • The firmware must be able to read from a USB flash drive during startup.
    • | -|File system| One FAT32 partition for the system drive and one NTFS partition for the operating system drive. This is applicable for computers that boot natively with UEFI firmware.
    For computers with legacy BIOS firmware, at least two NTFS disk partitions, one for the system drive and one for the operating system drive.
    For either firmware, the system drive partition must be at least 350 megabytes (MB) and set as the active partition.| +|File system| One FAT32 partition for the system drive and one NTFS partition for the operating system drive. This requirement is applicable for computers that boot natively with UEFI firmware.
    For computers with legacy BIOS firmware, at least two NTFS disk partitions, one for the system drive and one for the operating system drive.
    For either firmware, the system drive partition must be at least 350 megabytes (MB) and set as the active partition.| |Hardware encrypted drive prerequisites (optional)|To use a hardware encrypted drive as the boot drive, the drive must be in the uninitialized state and in the security inactive state. In addition, the system must always boot with native UEFI version 2.3.1 or higher and the CSM (if any) disabled.| Upon passing the initial configuration, users are required to enter a password for the volume. If the volume doesn't pass the initial configuration for BitLocker, the user is presented with an error dialog describing the appropriate actions to be taken. @@ -64,8 +60,8 @@ Once a strong password has been created for the volume, a recovery key will be g You should store the recovery key by printing it, saving it on removable media, or saving it as a file in a network folder or on your OneDrive, or on another drive of your computer that you aren't encrypting. You can't save the recovery key to the root directory of a non-removable drive and can't be stored on the encrypted volume. You can't save the recovery key for a removable data drive (such as a USB flash drive) on removable media. Ideally, you should store the recovery key separate from your computer. After you create a recovery key, you can use the BitLocker control panel to make additional copies. -- Encrypt used disk space only - Encrypts only disk space that contains data -- Encrypt entire drive - Encrypts the entire volume including free space +- Encrypt used disk space only - Encrypts only disk space that contains data +- Encrypt entire drive - Encrypts the entire volume including free space It's recommended that drives with little to no data use the **used disk space only** encryption option and that drives with data or an operating system use the **encrypt entire drive** option. @@ -74,7 +70,6 @@ It's recommended that drives with little to no data use the **used disk space on Selecting an encryption type and choosing **Next** will give the user the option of running a BitLocker system check (selected by default) which will ensure that BitLocker can properly access the recovery and encryption keys before the volume encryption begins. We recommend running this system check before starting the encryption process. If the system check isn't run and a problem is encountered when the operating system attempts to start, the user will need to provide the recovery key to start Windows. - After completing the system check (if selected), the BitLocker Drive Encryption Wizard restarts the computer to begin encryption. Upon reboot, users are required to enter the password chosen to boot into the operating system volume. Users can check encryption status by checking the system notification area or the BitLocker control panel. Until encryption is completed, the only available options for managing BitLocker involve manipulation of the password protecting the operating system volume, backing up the recovery key, and turning off BitLocker. @@ -91,17 +86,17 @@ With an encryption method chosen, a final confirmation screen is displayed befor Encryption status displays in the notification area or within the BitLocker control panel. -### OneDrive option +### OneDrive option There's a new option for storing the BitLocker recovery key using the OneDrive. This option requires that computers aren't members of a domain and that the user is using a Microsoft Account. Local accounts don't give the option to use OneDrive. Using the OneDrive option is the default, recommended recovery key storage method for computers that aren't joined to a domain. -Users can verify whether the recovery key was saved properly by checking their OneDrive for the BitLocker folder which is created automatically during the save process. The folder will contain two files, a readme.txt and the recovery key. For users storing more than one recovery password on their OneDrive, they can identify the required recovery key by looking at the file name. The recovery key ID is appended to the end of the file name. +Users can verify whether the recovery key was saved properly by checking their OneDrive for the BitLocker folder that is created automatically during the save process. The folder will contain two files, a readme.txt and the recovery key. For users storing more than one recovery password on their OneDrive, they can identify the required recovery key by looking at the file name. The recovery key ID is appended to the end of the file name. ### Using BitLocker within Windows Explorer Windows Explorer allows users to launch the BitLocker Drive Encryption wizard by right-clicking a volume and selecting **Turn On BitLocker**. This option is available on client computers by default. On servers, you must first install the BitLocker and Desktop-Experience features for this option to be available. After selecting **Turn on BitLocker**, the wizard works exactly as it does when launched using the BitLocker control panel. -## Down-level compatibility +## Down-level compatibility The following table shows the compatibility matrix for systems that have been BitLocker-enabled and then presented to a different version of Windows. @@ -114,67 +109,73 @@ Table 1: Cross compatibility for Windows 11, Windows 10, Windows 8.1, Windows 8, |Fully encrypted volume from Windows 7|Presents as fully encrypted|Presented as fully encrypted|N/A| |Partially encrypted volume from Windows 7|Windows 11, Windows 10, and Windows 8.1 will complete encryption regardless of policy|Windows 8 will complete encryption regardless of policy|N/A| -## Encrypting volumes using the manage-bde command-line interface +## Encrypting volumes using the manage-bde command-line interface Manage-bde is a command-line utility that can be used for scripting BitLocker operations. Manage-bde offers additional options not displayed in the BitLocker control panel. For a complete list of the options, see [Manage-bde](/windows-server/administration/windows-commands/manage-bde). -Manage-bde offers a multitude of wider options for configuring BitLocker. So using the command syntax may require care and possibly later customization by the user. For example, using just the `manage-bde -on` command on a data volume will fully encrypt the volume without any authenticating protectors. A volume encrypted in this manner still requires user interaction to turn on BitLocker protection, even though the command successfully completed because an authentication method needs to be added to the volume for it to be fully protected. +Manage-bde offers a multitude of wider options for configuring BitLocker. So using the command syntax may require care and possibly later customization by the user. For example, using just the `manage-bde.exe -on` command on a data volume will fully encrypt the volume without any authenticating protectors. A volume encrypted in this manner still requires user interaction to turn on BitLocker protection, even though the command successfully completed because an authentication method needs to be added to the volume for it to be fully protected. Command-line users need to determine the appropriate syntax for a given situation. The following section covers general encryption for operating system volumes and data volumes. -### Operating system volume +### Operating system volume commands -Listed below are examples of basic valid commands for operating system volumes. In general, using only the `manage-bde -on ` command encrypts the operating system volume with a TPM-only protector and no recovery key. However, many environments require more secure protectors such as passwords or PIN and expect to be able to recover information with a recovery key. +Listed below are examples of basic valid commands for operating system volumes. In general, using only the `manage-bde.exe -on ` command encrypts the operating system volume with a TPM-only protector and no recovery key. However, many environments require more secure protectors such as passwords or PIN and expect to be able to recover information with a recovery key. -**Determining volume status** +#### Determining volume status A good practice when using manage-bde is to determine the volume status on the target system. Use the following command to determine volume status: -`manage-bde -status` +`manage-bde.exe -status` This command returns the volumes on the target, current encryption status, and volume type (operating system or data) for each volume. Using this information, users can determine the best encryption method for their environment. -**Enabling BitLocker without a TPM** +#### Enabling BitLocker without a TPM -For example, suppose that you want to enable BitLocker on a computer without a TPM chip. To properly enable BitLocker for the operating system volume, you'll need to use a USB flash drive as a startup key to boot (in this example, the drive letter E). You would first create the startup key needed for BitLocker using the –protectors option and save it to the USB drive on E: and then begin the encryption process. You'll need to reboot the computer when prompted to complete the encryption process. +For example, suppose that you want to enable BitLocker on a computer without a TPM chip. To properly enable BitLocker for the operating system volume, you'll need to use a USB flash drive as a startup key to boot (in this example, the drive letter E). You would first create the startup key needed for BitLocker using the -protectors option and save it to the USB drive on E: and then begin the encryption process. You'll need to reboot the computer when prompted to complete the encryption process. ```powershell -manage-bde –protectors -add C: -startupkey E: -manage-bde -on C: +manage-bde.exe -protectors -add C: -startupkey E: +manage-bde.exe -on C: ``` -**Enabling BitLocker with a TPM only** +#### Enabling BitLocker with a TPM only It's possible to encrypt the operating system volume without any defined protectors by using manage-bde. Use this command: -`manage-bde -on C:` +``` syntax +manage-bde.exe -on C: +``` -This will encrypt the drive using the TPM as the protector. If users are unsure of the protector for a volume, they can use the -protectors option in manage-bde to list this information by executing the following command: +This command will encrypt the drive using the TPM as the protector. If users are unsure of the protector for a volume, they can use the -protectors option in manage-bde to list this information by executing the following command: -`manage-bde -protectors -get ` +``` syntax +manage-bde.exe -protectors -get +``` -**Provisioning BitLocker with two protectors** +#### Provisioning BitLocker with two protectors -Another example is a user on a non-TPM hardware who wishes to add a password and SID-based protector to the operating system volume. In this instance, the user adds the protectors first. This is done with the command: +Another example is a user on a non-TPM hardware who wishes to add a password and SID-based protector to the operating system volume. In this instance, the user adds the protectors first. Adding the protectors is done with the command: -`manage-bde -protectors -add C: -pw -sid ` +``` syntax +manage-bde.exe -protectors -add C: -pw -sid +``` -This command requires the user to enter and then confirm the password protectors before adding them to the volume. With the protectors enabled on the volume, the user just needs to turn BitLocker on. +This command requires the user to enter and then confirm the password protectors before adding them to the volume. With the protectors enabled on the volume, the user just needs to turn on BitLocker. -### Data volume +### Data volume commands -Data volumes use the same syntax for encryption as operating system volumes but they don't require protectors for the operation to complete. Encrypting data volumes can be done using the base command: `manage-bde -on ` or users can choose to add protectors to the volume. We recommend that you add at least one primary protector and a recovery protector to a data volume. +Data volumes use the same syntax for encryption as operating system volumes but they don't require protectors for the operation to complete. Encrypting data volumes can be done using the base command: `manage-bde.exe -on ` or users can choose to add protectors to the volume. We recommend that you add at least one primary protector and a recovery protector to a data volume. -**Enabling BitLocker with a password** +#### Enabling BitLocker with a password A common protector for a data volume is the password protector. In the example below, we add a password protector to the volume and turn on BitLocker. ```powershell -manage-bde -protectors -add -pw C: -manage-bde -on C: +manage-bde.exe -protectors -add -pw C: +manage-bde.exe -on C: ``` -## Encrypting volumes using the BitLocker Windows PowerShell cmdlets +## Encrypting volumes using the BitLocker Windows PowerShell cmdlets Windows PowerShell cmdlets provide an alternative way to work with BitLocker. Using Windows PowerShell's scripting capabilities, administrators can integrate BitLocker options into existing scripts with ease. The list below displays the available BitLocker cmdlets. @@ -205,7 +206,8 @@ Occasionally, all protectors may not be shown when using **Get-BitLockerVolume** ```powershell Get-BitLockerVolume C: | fl ``` -If you want to remove the existing protectors prior to provisioning BitLocker on the volume, you can utilize the `Remove-BitLockerKeyProtector` cmdlet. Accomplishing this requires the GUID associated with the protector to be removed. + +If you want to remove the existing protectors prior to provisioning BitLocker on the volume, you can utilize the `Remove-BitLockerKeyProtector` cmdlet. Accomplishing this action requires the GUID associated with the protector to be removed. A simple script can pipe out the values of each **Get-BitLockerVolume** return to another variable as seen below: ```powershell @@ -219,12 +221,13 @@ Using this information, we can then remove the key protector for a specific volu ```powershell Remove-BitLockerKeyProtector : -KeyProtectorID "{GUID}" ``` + > [!NOTE] > The BitLocker cmdlet requires the key protector GUID (enclosed in quotation marks) to execute. Ensure the entire GUID, with braces, is included in the command. -### Operating system volume +### Operating system volume PowerShell cmdlets -Using the BitLocker Windows PowerShell cmdlets is similar to working with the manage-bde tool for encrypting operating system volumes. Windows PowerShell offers users a lot of flexibility. For example, users can add the desired protector as part command for encrypting the volume. Below are examples of common user scenarios and steps to accomplish them using the BitLocker cmdlets for Windows PowerShell. +Using the BitLocker Windows PowerShell cmdlets is similar to working with the manage-bde tool for encrypting operating system volumes. Windows PowerShell offers users flexibility. For example, users can add the desired protector as part command for encrypting the volume. Below are examples of common user scenarios and steps to accomplish them using the BitLocker cmdlets for Windows PowerShell. To enable BitLocker with just the TPM protector, use this command: @@ -238,11 +241,10 @@ The example below adds one additional protector, the StartupKey protectors, and Enable-BitLocker C: -StartupKeyProtector -StartupKeyPath -SkipHardwareTest ``` -### Data volume +### Data volume PowerShell cmdlets Data volume encryption using Windows PowerShell is the same as for operating system volumes. You should add the desired protectors prior to encrypting the volume. The following example adds a password protector to the E: volume using the variable $pw as the password. The $pw variable is held as a SecureString value to store the user-defined password. Last, encryption begins. - ```powershell $pw = Read-Host -AsSecureString @@ -251,7 +253,7 @@ Enable-BitLockerKeyProtector E: -PasswordProtector -Password $pw ### Using an SID-based protector in Windows PowerShell -The ADAccountOrGroup protector is an Active Directory SID-based protector. This protector can be added to both operating system and data volumes, although it doesn't unlock operating system volumes in the pre-boot environment. The protector requires the SID for the domain account or group to link with the protector. BitLocker can protect a cluster-aware disk by adding an SID-based protector for the Cluster Name Object (CNO) that lets the disk properly failover and be unlocked to any member computer of the cluster. +The ADAccountOrGroup protector is an Active Directory SID-based protector. This protector can be added to both operating system and data volumes, although it doesn't unlock operating system volumes in the pre-boot environment. The protector requires the SID for the domain account or group to link with the protector. BitLocker can protect a cluster-aware disk by adding an SID-based protector for the Cluster Name Object (CNO) that lets the disk properly failover and unlock to any member computer of the cluster. > [!WARNING] > The SID-based protector requires the use of an additional protector (such as TPM, PIN, recovery key, etc.) when used on operating system volumes. @@ -267,6 +269,7 @@ For users who wish to use the SID for the account or group, the first step is to ```powershell Get-ADUser -filter {samaccountname -eq "administrator"} ``` + > [!NOTE] > Use of this command requires the RSAT-AD-PowerShell feature. @@ -278,10 +281,11 @@ In the example below, the user wishes to add a domain SID-based protector to the ```powershell Add-BitLockerKeyProtector C: -ADAccountOrGroupProtector -ADAccountOrGroup "" ``` + > [!NOTE] > Active Directory-based protectors are normally used to unlock Failover Cluster-enabled volumes. -## Checking BitLocker status +## Checking BitLocker status To check the BitLocker status of a particular volume, administrators can look at the status of the drive in the BitLocker control panel applet, Windows Explorer, manage-bde command-line tool, or Windows PowerShell cmdlets. Each option offers different levels of detail and ease of use. We'll look at each of the available methods in the following section. @@ -310,7 +314,7 @@ Administrators who prefer a command-line interface can utilize manage-bde to che To check the status of a volume using manage-bde, use the following command: ```powershell -manage-bde -status +manage-bde.exe -status ``` > [!NOTE] @@ -325,11 +329,12 @@ Using the Get-BitLockerVolume cmdlet, each volume on the system displays its cur ```powershell Get-BitLockerVolume -Verbose | fl ``` + This command displays information about the encryption method, volume type, key protectors, etc. ### Provisioning BitLocker during operating system deployment -Administrators can enable BitLocker prior to operating system deployment from the Windows Pre-installation environment. This is done with a randomly generated clear key protector applied to the formatted volume and by encrypting the volume prior to running the Windows setup process. If the encryption uses the **Used Disk Space Only** option described later in this document, this step takes only a few seconds and incorporates well into regular deployment processes. +Administrators can enable BitLocker prior to operating system deployment from the Windows Pre-installation environment. Enabling BitLocker prior to the operating system deployment is done with a randomly generated clear key protector applied to the formatted volume and by encrypting the volume prior to running the Windows setup process. If the encryption uses the **Used Disk Space Only** option described later in this document, this step takes only a few seconds and incorporates well into regular deployment processes. ### Decrypting BitLocker volumes @@ -349,12 +354,13 @@ Once decryption is complete, the drive updates its status in the control panel a Decrypting volumes using manage-bde is straightforward. Decryption with manage-bde offers the advantage of not requiring user confirmation to start the process. Manage-bde uses the -off command to start the decryption process. A sample command for decryption is: ```powershell -manage-bde -off C: +manage-bde.exe -off C: ``` + This command disables protectors while it decrypts the volume and removes all protectors when decryption is complete. If users wish to check the status of the decryption, they can use the following command: ```powershell -manage-bde -status C: +manage-bde.exe -status C: ``` ### Decrypting volumes using the BitLocker Windows PowerShell cmdlets @@ -373,7 +379,7 @@ If a user didn't want to input each mount point individually, using the `-MountP Disable-BitLocker -MountPoint E:,F:,G: ``` -## See also +## Related articles - [Prepare your organization for BitLocker: Planning and policies](prepare-your-organization-for-bitlocker-planning-and-policies.md) - [BitLocker recovery guide](bitlocker-recovery-guide-plan.md) diff --git a/windows/security/information-protection/bitlocker/bitlocker-countermeasures.md b/windows/security/information-protection/bitlocker/bitlocker-countermeasures.md index 857466fec6..c7cbcf0fae 100644 --- a/windows/security/information-protection/bitlocker/bitlocker-countermeasures.md +++ b/windows/security/information-protection/bitlocker/bitlocker-countermeasures.md @@ -4,13 +4,13 @@ description: Windows uses technologies including TPM, Secure Boot, Trusted Boot, ms.reviewer: ms.prod: windows-client ms.localizationpriority: medium -author: dansimp -ms.author: dansimp +author: frankroj +ms.author: frankroj manager: aaroncz ms.collection: - M365-security-compliance ms.topic: conceptual -ms.date: 02/28/2019 +ms.date: 11/08/2022 ms.custom: bitlocker --- @@ -18,19 +18,19 @@ ms.custom: bitlocker **Applies to** -- Windows 10 -- Windows 11 -- Windows Server 2016 and above +- Windows 10 +- Windows 11 +- Windows Server 2016 and above Windows uses technologies including trusted platform module (TPM), secure boot, and measured boot to help protect BitLocker encryption keys against attacks. BitLocker is part of a strategic approach to securing data against offline attacks through encryption technology. Data on a lost or stolen computer is vulnerable. -For example, there could be unauthorized access, either by running a software attack tool against the computer or by transferring the computer’s hard disk to a different computer. +For example, there could be unauthorized access, either by running a software attack tool against the computer or by transferring the computer's hard disk to a different computer. BitLocker helps mitigate unauthorized data access on lost or stolen computers before the authorized operating system is started. This mitigation is done by: - **Encrypting volumes on your computer.** For example, you can turn on BitLocker for your operating system volume, or a volume on a fixed or removable data drive (such as a USB flash drive, SD card, and so on). Turning on BitLocker for your operating system volume encrypts all system files on the volume, including the paging files and hibernation files. The only exception is for the System partition, which includes the Windows Boot Manager and minimal boot collateral required for decryption of the operating system volume after the key is unsealed. -- **Ensuring the integrity of early boot components and boot configuration data.** On devices that have a TPM version 1.2 or higher, BitLocker uses the enhanced security capabilities of the TPM to make data accessible only if the computer’s BIOS firmware code and configuration, original boot sequence, boot components, and BCD configuration all appear unaltered and the encrypted disk is located in the original computer. On systems that leverage TPM PCR[7], BCD setting changes deemed safe are permitted to improve usability. +- **Ensuring the integrity of early boot components and boot configuration data.** On devices that have a TPM version 1.2 or higher, BitLocker uses the enhanced security capabilities of the TPM to make data accessible only if the computer's BIOS firmware code and configuration, original boot sequence, boot components, and BCD configuration all appear unaltered and the encrypted disk is located in the original computer. On systems that leverage TPM PCR[7], BCD setting changes deemed safe are permitted to improve usability. The next sections provide more details about how Windows protects against various attacks on the BitLocker encryption keys in Windows 11, Windows 10, Windows 8.1, and Windows 8. @@ -49,7 +49,7 @@ For more info about TPM, see [Trusted Platform Module](/windows/device-security/ ### UEFI and secure boot -Unified Extensible Firmware Interface (UEFI) is a programmable boot environment that initializes devices and starts the operating system’s bootloader. +Unified Extensible Firmware Interface (UEFI) is a programmable boot environment that initializes devices and starts the operating system's bootloader. The UEFI specification defines a firmware execution authentication process called [Secure Boot](../secure-the-windows-10-boot-process.md). Secure Boot blocks untrusted firmware and bootloaders (signed or unsigned) from being able to start on the system. @@ -74,7 +74,7 @@ Pre-boot authentication with BitLocker is a policy setting that requires the use The Group Policy setting is [Require additional authentication at startup](./bitlocker-group-policy-settings.md) and the corresponding setting in the [BitLocker CSP](/windows/client-management/mdm/bitlocker-csp) is SystemDrivesRequireStartupAuthentication. BitLocker accesses and stores the encryption keys in memory only after pre-boot authentication is completed. -If Windows can’t access the encryption keys, the device can’t read or edit the files on the system drive. The only option for bypassing pre-boot authentication is entering the recovery key. +If Windows can't access the encryption keys, the device can't read or edit the files on the system drive. The only option for bypassing pre-boot authentication is entering the recovery key. Pre-boot authentication is designed to prevent the encryption keys from being loaded to system memory without the trusted user supplying another authentication factor such as a PIN or startup key. This helps mitigate DMA and memory remanence attacks. @@ -94,7 +94,7 @@ Pre-boot authentication with a PIN can mitigate an attack vector for devices tha Pre-boot authentication with a PIN can also mitigate DMA port attacks during the window of time between when BitLocker unlocks the drive and Windows boots to the point that Windows can set any port-related policies that have been configured. On the other hand, Pre-boot authentication-prompts can be inconvenient to users. -In addition, users who forget their PIN or lose their startup key are denied access to their data until they can contact their organization’s support team to obtain a recovery key. +In addition, users who forget their PIN or lose their startup key are denied access to their data until they can contact their organization's support team to obtain a recovery key. Pre-boot authentication can also make it more difficult to update unattended desktops and remotely administered servers because a PIN needs to be entered when a computer reboots or resumes from hibernation. To address these issues, you can deploy [BitLocker Network Unlock](./bitlocker-how-to-enable-network-unlock.md). @@ -120,8 +120,8 @@ If kernel DMA protection is *not* enabled, follow these steps to protect Thunder - MDM: [DataProtection/AllowDirectMemoryAccess](/windows/client-management/mdm/policy-csp-dataprotection#dataprotection-allowdirectmemoryaccess) policy - Group Policy: [Disable new DMA devices when this computer is locked](./bitlocker-group-policy-settings.md#disable-new-dma-devices-when-this-computer-is-locked) (This setting isn't configured by default.) -For Thunderbolt v1 and v2 (DisplayPort Connector), refer to the “Thunderbolt Mitigation” section in [KB 2516445](https://support.microsoft.com/help/2516445/blocking-the-sbp-2-driver-and-thunderbolt-controllers-to-reduce-1394-d). -For SBP-2 and 1394 (a.k.a. Firewire), refer to the “SBP-2 Mitigation” section in [KB 2516445](https://support.microsoft.com/help/2516445/blocking-the-sbp-2-driver-and-thunderbolt-controllers-to-reduce-1394-d). +For Thunderbolt v1 and v2 (DisplayPort Connector), refer to the "Thunderbolt Mitigation" section in [KB 2516445](https://support.microsoft.com/help/2516445/blocking-the-sbp-2-driver-and-thunderbolt-controllers-to-reduce-1394-d). +For SBP-2 and 1394 (a.k.a. Firewire), refer to the "SBP-2 Mitigation" section in [KB 2516445](https://support.microsoft.com/help/2516445/blocking-the-sbp-2-driver-and-thunderbolt-controllers-to-reduce-1394-d). ## Attack countermeasures diff --git a/windows/security/information-protection/bitlocker/bitlocker-deployment-and-administration-faq.yml b/windows/security/information-protection/bitlocker/bitlocker-deployment-and-administration-faq.yml index 2b9f32384a..7efd5cb71c 100644 --- a/windows/security/information-protection/bitlocker/bitlocker-deployment-and-administration-faq.yml +++ b/windows/security/information-protection/bitlocker/bitlocker-deployment-and-administration-faq.yml @@ -20,7 +20,7 @@ metadata: title: BitLocker frequently asked questions (FAQ) summary: | **Applies to** - - Windows 10 + - Windows 10 sections: @@ -55,17 +55,17 @@ sections: - question: What is Used Disk Space Only encryption? answer: | - BitLocker in Windows 10 lets users choose to encrypt just their data. Although it's not the most secure way to encrypt a drive, this option can reduce encryption time by more than 99 percent, depending on how much data that needs to be encrypted. For more information, see [Used Disk Space Only encryption](bitlocker-device-encryption-overview-windows-10.md#used-disk-space-only-encryption). + BitLocker in Windows 10 lets users choose to encrypt just their data. Although it's not the most secure way to encrypt a drive, this option can reduce encryption time by more than 99 percent, depending on how much data that needs to be encrypted. For more information, see [Used Disk Space Only encryption](bitlocker-device-encryption-overview-windows-10.md#used-disk-space-only-encryption). - question: What system changes would cause the integrity check on my operating system drive to fail? answer: | The following types of system changes can cause an integrity check failure and prevent the TPM from releasing the BitLocker key to decrypt the protected operating system drive: - - Moving the BitLocker-protected drive into a new computer. - - Installing a new motherboard with a new TPM. - - Turning off, disabling, or clearing the TPM. - - Changing any boot configuration settings. - - Changing the BIOS, UEFI firmware, master boot record, boot sector, boot manager, option ROM, or other early boot components or boot configuration data. + - Moving the BitLocker-protected drive into a new computer. + - Installing a new motherboard with a new TPM. + - Turning off, disabling, or clearing the TPM. + - Changing any boot configuration settings. + - Changing the BIOS, UEFI firmware, master boot record, boot sector, boot manager, option ROM, or other early boot components or boot configuration data. - question: What causes BitLocker to start into recovery mode when attempting to start the operating system drive? answer: | diff --git a/windows/security/information-protection/bitlocker/bitlocker-deployment-comparison.md b/windows/security/information-protection/bitlocker/bitlocker-deployment-comparison.md index 58f168e9a7..a29f3f9d69 100644 --- a/windows/security/information-protection/bitlocker/bitlocker-deployment-comparison.md +++ b/windows/security/information-protection/bitlocker/bitlocker-deployment-comparison.md @@ -3,12 +3,12 @@ title: BitLocker deployment comparison (Windows 10) description: This article shows the BitLocker deployment comparison chart. ms.prod: windows-client ms.localizationpriority: medium -author: lovina-saldanha -ms.author: v-lsaldanha +author: frankroj +ms.author: frankroj manager: aaroncz ms.collection: M365-security-compliance ms.topic: conceptual -ms.date: 05/20/2021 +ms.date: 11/08/2022 ms.custom: bitlocker --- @@ -16,9 +16,9 @@ ms.custom: bitlocker **Applies to** -- Windows 10 -- Windows 11 -- Windows Server 2016 and above +- Windows 10 +- Windows 11 +- Windows Server 2016 and above This article depicts the BitLocker deployment comparison chart. diff --git a/windows/security/information-protection/bitlocker/bitlocker-device-encryption-overview-windows-10.md b/windows/security/information-protection/bitlocker/bitlocker-device-encryption-overview-windows-10.md index 9ee83c9b95..442e7657c7 100644 --- a/windows/security/information-protection/bitlocker/bitlocker-device-encryption-overview-windows-10.md +++ b/windows/security/information-protection/bitlocker/bitlocker-device-encryption-overview-windows-10.md @@ -3,33 +3,33 @@ title: Overview of BitLocker Device Encryption in Windows description: This article provides an overview of how BitLocker Device Encryption can help protect data on devices running Windows. ms.prod: windows-client ms.localizationpriority: medium -author: dansimp -ms.author: dansimp +author: frankroj +ms.author: frankroj manager: aaroncz ms.collection: - M365-security-compliance - highpri ms.topic: conceptual -ms.date: 03/10/2022 +ms.date: 11/08/2022 ms.custom: bitlocker --- # Overview of BitLocker Device Encryption in Windows **Applies to** -- Windows 10 -- Windows 11 -- Windows Server 2016 and later +- Windows 10 +- Windows 11 +- Windows Server 2016 and later This article explains how BitLocker Device Encryption can help protect data on devices running Windows. For a general overview and list of articles about BitLocker, see [BitLocker](bitlocker-overview.md). -When users travel, their organization’s confidential data goes with them. Wherever confidential data is stored, it must be protected against unauthorized access. Windows has a long history of providing at-rest data-protection solutions that guard against nefarious attackers, beginning with the Encrypting File System in the Windows 2000 operating system. More recently, BitLocker has provided encryption for full drives and portable drives. Windows consistently improves data protection by improving existing options and providing new strategies. +When users travel, their organization's confidential data goes with them. Wherever confidential data is stored, it must be protected against unauthorized access. Windows has a long history of providing at-rest data-protection solutions that guard against nefarious attackers, beginning with the Encrypting File System in the Windows 2000 operating system. More recently, BitLocker has provided encryption for full drives and portable drives. Windows consistently improves data protection by improving existing options and providing new strategies. -Table 2 lists specific data-protection concerns and how they're addressed in Windows 11, Windows 10, and Windows 7. +Table 2 lists specific data-protection concerns and how they're addressed in Windows 11, Windows 10, and Windows 7. -**Table 2. Data Protection in Windows 11, Windows 10, and Windows 7** +**Table 2. Data Protection in Windows 11, Windows 10, and Windows 7** -| Windows 7 | Windows 11 and Windows 10 | +| Windows 7 | Windows 11 and Windows 10 | |---|---| | When BitLocker is used with a PIN to protect startup, PCs such as kiosks can't be restarted remotely. | Modern Windows devices are increasingly protected with BitLocker Device Encryption out of the box and support SSO to seamlessly protect the BitLocker encryption keys from cold boot attacks.

    Network Unlock allows PCs to start automatically when connected to the internal network. | | When BitLocker is enabled, the provisioning process can take several hours. | BitLocker pre-provisioning, encrypting hard drives, and Used Space Only encryption allow administrators to enable BitLocker quickly on new computers. | @@ -41,17 +41,17 @@ Table 2 lists specific data-protection concerns and how they're addressed in Win ## Prepare for drive and file encryption -The best type of security measures is transparent to the user during implementation and use. Every time there's a possible delay or difficulty because of a security feature, there's strong likelihood that users will try to bypass security. This situation is especially true for data protection, and that’s a scenario that organizations need to avoid. -Whether you’re planning to encrypt entire volumes, removable devices, or individual files, Windows 11 and Windows 10 meet your needs by providing streamlined, usable solutions. In fact, you can take several steps in advance to prepare for data encryption and make the deployment quick and smooth. +The best type of security measures is transparent to the user during implementation and use. Every time there's a possible delay or difficulty because of a security feature, there's strong likelihood that users will try to bypass security. This situation is especially true for data protection, and that's a scenario that organizations need to avoid. +Whether you're planning to encrypt entire volumes, removable devices, or individual files, Windows 11 and Windows 10 meet your needs by providing streamlined, usable solutions. In fact, you can take several steps in advance to prepare for data encryption and make the deployment quick and smooth. ### TPM pre-provisioning -In Windows 7, preparing the TPM for use offered a couple of challenges: +In Windows 7, preparing the TPM for use offered a couple of challenges: * You can turn on the TPM in the BIOS, which requires someone to either go into the BIOS settings to turn it on or to install a driver to turn it on from within Windows. * When you enable the TPM, it may require one or more restarts. -Basically, it was a hassle. If IT staff were provisioning new PCs, they could handle all of this, but if you wanted to add BitLocker to devices that were already in users’ hands, those users would have struggled with the technical challenges and would either call IT for support or leave BitLocker disabled. +Basically, it was a hassle. If IT staff were provisioning new PCs, they could handle all of this, but if you wanted to add BitLocker to devices that were already in users' hands, those users would have struggled with the technical challenges and would either call IT for support or leave BitLocker disabled. Microsoft includes instrumentation in Windows 11 and Windows 10 that enable the operating system to fully manage the TPM. There's no need to go into the BIOS, and all scenarios that required a restart have been eliminated. @@ -63,7 +63,7 @@ With earlier versions of Windows, administrators had to enable BitLocker after W ## BitLocker device encryption -Beginning in Windows 8.1, Windows automatically enables BitLocker Device Encryption on devices that support Modern Standby. With Windows 11 and Windows 10, Microsoft offers BitLocker Device Encryption support on a much broader range of devices, including those that are Modern Standby, and devices that run Windows 10 Home edition or Windows 11. +Beginning in Windows 8.1, Windows automatically enables BitLocker Device Encryption on devices that support Modern Standby. With Windows 11 and Windows 10, Microsoft offers BitLocker Device Encryption support on a much broader range of devices, including those that are Modern Standby, and devices that run Windows 10 Home edition or Windows 11. Microsoft expects that most devices in the future will pass the testing requirements, which makes BitLocker device encryption pervasive across modern Windows devices. BitLocker device encryption further protects the system by transparently implementing device-wide data encryption. @@ -92,21 +92,21 @@ Exercise caution when encrypting only used space on an existing volume on which ## Encrypted hard drive support -SEDs have been available for years, but Microsoft couldn’t support their use with some earlier versions of Windows because the drives lacked important key management features. Microsoft worked with storage vendors to improve the hardware capabilities, and now BitLocker supports the next generation of SEDs, which are called encrypted hard drives. -Encrypted hard drives provide onboard cryptographic capabilities to encrypt data on drives, which improves both drive and system performance by offloading cryptographic calculations from the PC’s processor to the drive itself and rapidly encrypting the drive by using dedicated, purpose-built hardware. If you plan to use, whole-drive encryption with Windows 11 or Windows 10, Microsoft recommends that you investigate hard drive manufacturers and models to determine whether any of their encrypted hard drives meet your security and budget requirements. +SEDs have been available for years, but Microsoft couldn't support their use with some earlier versions of Windows because the drives lacked important key management features. Microsoft worked with storage vendors to improve the hardware capabilities, and now BitLocker supports the next generation of SEDs, which are called encrypted hard drives. +Encrypted hard drives provide onboard cryptographic capabilities to encrypt data on drives, which improves both drive and system performance by offloading cryptographic calculations from the PC's processor to the drive itself and rapidly encrypting the drive by using dedicated, purpose-built hardware. If you plan to use, whole-drive encryption with Windows 11 or Windows 10, Microsoft recommends that you investigate hard drive manufacturers and models to determine whether any of their encrypted hard drives meet your security and budget requirements. For more information about encrypted hard drives, see [Encrypted Hard Drive](../encrypted-hard-drive.md). ## Preboot information protection An effective implementation of information protection, like most security controls, considers usability and security. Users typically prefer a simple security experience. In fact, the more transparent a security solution becomes, the more likely users are to conform to it. It's crucial that organizations protect information on their PCs regardless of the state of the computer or the intent of users. This protection shouldn't be cumbersome to users. One undesirable and previously commonplace situation is when the user is prompted for input during preboot, and then again during Windows sign-in. Challenging users for input more than once should be avoided. -Windows 11 and Windows 10 can enable a true SSO experience from the preboot environment on modern devices and in some cases even on older devices when robust information protection configurations are in place. The TPM in isolation is able to securely protect the BitLocker encryption key while it is at rest, and it can securely unlock the operating system drive. When the key is in use and thus in memory, a combination of hardware and Windows capabilities can secure the key and prevent unauthorized access through cold-boot attacks. Although other countermeasures like PIN-based unlock are available, they aren't as user-friendly; depending on the devices’ configuration they may not offer additional security when it comes to key protection. For more information, see [BitLocker Countermeasures](bitlocker-countermeasures.md). +Windows 11 and Windows 10 can enable a true SSO experience from the preboot environment on modern devices and in some cases even on older devices when robust information protection configurations are in place. The TPM in isolation is able to securely protect the BitLocker encryption key while it is at rest, and it can securely unlock the operating system drive. When the key is in use and thus in memory, a combination of hardware and Windows capabilities can secure the key and prevent unauthorized access through cold-boot attacks. Although other countermeasures like PIN-based unlock are available, they aren't as user-friendly; depending on the devices' configuration they may not offer additional security when it comes to key protection. For more information, see [BitLocker Countermeasures](bitlocker-countermeasures.md). ## Manage passwords and PINs When BitLocker is enabled on a system drive and the PC has a TPM, you can choose to require that users type a PIN before BitLocker will unlock the drive. Such a PIN requirement can prevent an attacker who has physical access to a PC from even getting to the Windows sign-in, which makes it virtually impossible for the attacker to access or modify user data and system files. -Requiring a PIN at startup is a useful security feature because it acts as a second authentication factor (a second “something you know”). This configuration comes with some costs, however. One of the most significant is the need to change the PIN regularly. In enterprises that used BitLocker with Windows 7 and the Windows Vista operating system, users had to contact systems administrators to update their BitLocker PIN or password. This requirement not only increased management costs but made users less willing to change their BitLocker PIN or password regularly. +Requiring a PIN at startup is a useful security feature because it acts as a second authentication factor (a second "something you know"). This configuration comes with some costs, however. One of the most significant is the need to change the PIN regularly. In enterprises that used BitLocker with Windows 7 and the Windows Vista operating system, users had to contact systems administrators to update their BitLocker PIN or password. This requirement not only increased management costs but made users less willing to change their BitLocker PIN or password regularly. Windows 11 and Windows 10 users can update their BitLocker PINs and passwords themselves, without administrator credentials. Not only will this feature reduce support costs, but it could improve security, too, because it encourages users to change their PINs and passwords more often. In addition, Modern Standby devices don't require a PIN for startup: They're designed to start infrequently and have other mitigations in place that further reduce the attack surface of the system. For more information about how startup security works and the countermeasures that Windows 11 and Windows 10 provide, see [Protect BitLocker from pre-boot attacks](./bitlocker-countermeasures.md). diff --git a/windows/security/information-protection/bitlocker/bitlocker-frequently-asked-questions.yml b/windows/security/information-protection/bitlocker/bitlocker-frequently-asked-questions.yml index 3f48006d72..d3953c34cb 100644 --- a/windows/security/information-protection/bitlocker/bitlocker-frequently-asked-questions.yml +++ b/windows/security/information-protection/bitlocker/bitlocker-frequently-asked-questions.yml @@ -22,19 +22,19 @@ metadata: title: BitLocker frequently asked questions (FAQ) resources summary: | **Applies to** - - Windows 10 + - Windows 10 This topic links to frequently asked questions about BitLocker. BitLocker is a data protection feature that encrypts drives on your computer to help prevent data theft or exposure. BitLocker-protected computers can also delete data more securely when they are decommissioned because it is much more difficult to recover deleted data from an encrypted drive than from a non-encrypted drive. - - [Overview and requirements](bitlocker-overview-and-requirements-faq.yml) - - [Upgrading](bitlocker-upgrading-faq.yml) - - [Deployment and administration](bitlocker-deployment-and-administration-faq.yml) - - [Key management](bitlocker-key-management-faq.yml) - - [BitLocker To Go](bitlocker-to-go-faq.yml) - - [Active Directory Domain Services (AD DS)](bitlocker-and-adds-faq.yml) - - [Security](bitlocker-security-faq.yml) - - [BitLocker Network Unlock](bitlocker-network-unlock-faq.yml) - - [Using BitLocker with other programs and general questions](bitlocker-using-with-other-programs-faq.yml) + - [Overview and requirements](bitlocker-overview-and-requirements-faq.yml) + - [Upgrading](bitlocker-upgrading-faq.yml) + - [Deployment and administration](bitlocker-deployment-and-administration-faq.yml) + - [Key management](bitlocker-key-management-faq.yml) + - [BitLocker To Go](bitlocker-to-go-faq.yml) + - [Active Directory Domain Services (AD DS)](bitlocker-and-adds-faq.yml) + - [Security](bitlocker-security-faq.yml) + - [BitLocker Network Unlock](bitlocker-network-unlock-faq.yml) + - [Using BitLocker with other programs and general questions](bitlocker-using-with-other-programs-faq.yml) @@ -44,11 +44,11 @@ sections: - question: | More information answer: | - - [Prepare your organization for BitLocker: Planning and Policies](prepare-your-organization-for-bitlocker-planning-and-policies.md) - - [BitLocker Group Policy settings](bitlocker-group-policy-settings.md) - - [BCD settings and BitLocker](bcd-settings-and-bitlocker.md) - - [BitLocker: How to enable Network Unlock](bitlocker-how-to-enable-network-unlock.md) - - [BitLocker: How to deploy on Windows Server 2012](bitlocker-how-to-deploy-on-windows-server.md) - - [BitLocker: Use BitLocker Drive Encryption Tools to manage BitLocker](bitlocker-use-bitlocker-drive-encryption-tools-to-manage-bitlocker.md) - - [BitLocker: Use BitLocker Recovery Password Viewer](bitlocker-use-bitlocker-recovery-password-viewer.md) - - [BitLocker Cmdlets in Windows PowerShell](/powershell/module/bitlocker/index?view=win10-ps&preserve-view=true) + - [Prepare your organization for BitLocker: Planning and Policies](prepare-your-organization-for-bitlocker-planning-and-policies.md) + - [BitLocker Group Policy settings](bitlocker-group-policy-settings.md) + - [BCD settings and BitLocker](bcd-settings-and-bitlocker.md) + - [BitLocker: How to enable Network Unlock](bitlocker-how-to-enable-network-unlock.md) + - [BitLocker: How to deploy on Windows Server 2012](bitlocker-how-to-deploy-on-windows-server.md) + - [BitLocker: Use BitLocker Drive Encryption Tools to manage BitLocker](bitlocker-use-bitlocker-drive-encryption-tools-to-manage-bitlocker.md) + - [BitLocker: Use BitLocker Recovery Password Viewer](bitlocker-use-bitlocker-recovery-password-viewer.md) + - [BitLocker Cmdlets in Windows PowerShell](/powershell/module/bitlocker/index?view=win10-ps&preserve-view=true) diff --git a/windows/security/information-protection/bitlocker/bitlocker-group-policy-settings.md b/windows/security/information-protection/bitlocker/bitlocker-group-policy-settings.md index 8f2e37d39f..8b4a8c43c8 100644 --- a/windows/security/information-protection/bitlocker/bitlocker-group-policy-settings.md +++ b/windows/security/information-protection/bitlocker/bitlocker-group-policy-settings.md @@ -4,14 +4,14 @@ description: This article for IT professionals describes the function, location, ms.reviewer: ms.prod: windows-client ms.localizationpriority: medium -author: dansimp -ms.author: dansimp +author: frankroj +ms.author: frankroj manager: aaroncz ms.collection: - M365-security-compliance - highpri ms.topic: conceptual -ms.date: 04/17/2019 +ms.date: 11/08/2022 ms.custom: bitlocker --- @@ -43,60 +43,60 @@ The following sections provide a comprehensive list of BitLocker group policy se The following policy settings can be used to determine how a BitLocker-protected drive can be unlocked. -- [Allow devices with Secure Boot and protected DMA ports to opt out of preboot PIN](#bkmk-hstioptout) -- [Allow network unlock at startup](#bkmk-netunlock) -- [Require additional authentication at startup](#bkmk-unlockpol1) -- [Allow enhanced PINs for startup](#bkmk-unlockpol2) -- [Configure minimum PIN length for startup](#bkmk-unlockpol3) -- [Disable new DMA devices when this computer is locked](#disable-new-dma-devices-when-this-computer-is-locked) -- [Disallow standard users from changing the PIN or password](#bkmk-dpinchange) -- [Configure use of passwords for operating system drives](#bkmk-ospw) -- [Require additional authentication at startup (Windows Server 2008 and Windows Vista)](#bkmk-unlockpol4) -- [Configure use of smart cards on fixed data drives](#bkmk-unlockpol5) -- [Configure use of passwords on fixed data drives](#bkmk-unlockpol6) -- [Configure use of smart cards on removable data drives](#bkmk-unlockpol7) -- [Configure use of passwords on removable data drives](#bkmk-unlockpol8) -- [Validate smart card certificate usage rule compliance](#bkmk-unlockpol9) -- [Enable use of BitLocker authentication requiring preboot keyboard input on slates](#bkmk-slates) +- [Allow devices with Secure Boot and protected DMA ports to opt out of preboot PIN](#bkmk-hstioptout) +- [Allow network unlock at startup](#bkmk-netunlock) +- [Require additional authentication at startup](#bkmk-unlockpol1) +- [Allow enhanced PINs for startup](#bkmk-unlockpol2) +- [Configure minimum PIN length for startup](#bkmk-unlockpol3) +- [Disable new DMA devices when this computer is locked](#disable-new-dma-devices-when-this-computer-is-locked) +- [Disallow standard users from changing the PIN or password](#bkmk-dpinchange) +- [Configure use of passwords for operating system drives](#bkmk-ospw) +- [Require additional authentication at startup (Windows Server 2008 and Windows Vista)](#bkmk-unlockpol4) +- [Configure use of smart cards on fixed data drives](#bkmk-unlockpol5) +- [Configure use of passwords on fixed data drives](#bkmk-unlockpol6) +- [Configure use of smart cards on removable data drives](#bkmk-unlockpol7) +- [Configure use of passwords on removable data drives](#bkmk-unlockpol8) +- [Validate smart card certificate usage rule compliance](#bkmk-unlockpol9) +- [Enable use of BitLocker authentication requiring preboot keyboard input on slates](#bkmk-slates) The following policy settings are used to control how users can access drives and how they can use BitLocker on their computers. -- [Deny write access to fixed drives not protected by BitLocker](#bkmk-driveaccess1) -- [Deny write access to removable drives not protected by BitLocker](#bkmk-driveaccess2) -- [Control use of BitLocker on removable drives](#bkmk-driveaccess3) +- [Deny write access to fixed drives not protected by BitLocker](#bkmk-driveaccess1) +- [Deny write access to removable drives not protected by BitLocker](#bkmk-driveaccess2) +- [Control use of BitLocker on removable drives](#bkmk-driveaccess3) The following policy settings determine the encryption methods and encryption types that are used with BitLocker. -- [Choose drive encryption method and cipher strength](#bkmk-encryptmeth) -- [Configure use of hardware-based encryption for fixed data drives](#bkmk-hdefxd) -- [Configure use of hardware-based encryption for operating system drives](#bkmk-hdeosd) -- [Configure use of hardware-based encryption for removable data drives](#bkmk-hderdd) -- [Enforce drive encryption type on fixed data drives](#bkmk-detypefdd) -- [Enforce drive encryption type on operating system drives](#bkmk-detypeosd) -- [Enforce drive encryption type on removable data drives](#bkmk-detyperdd) +- [Choose drive encryption method and cipher strength](#bkmk-encryptmeth) +- [Configure use of hardware-based encryption for fixed data drives](#bkmk-hdefxd) +- [Configure use of hardware-based encryption for operating system drives](#bkmk-hdeosd) +- [Configure use of hardware-based encryption for removable data drives](#bkmk-hderdd) +- [Enforce drive encryption type on fixed data drives](#bkmk-detypefdd) +- [Enforce drive encryption type on operating system drives](#bkmk-detypeosd) +- [Enforce drive encryption type on removable data drives](#bkmk-detyperdd) The following policy settings define the recovery methods that can be used to restore access to a BitLocker-protected drive if an authentication method fails or is unable to be used. -- [Choose how BitLocker-protected operating system drives can be recovered](#bkmk-rec1) -- [Choose how users can recover BitLocker-protected drives (Windows Server 2008 and Windows Vista)](#bkmk-rec2) -- [Store BitLocker recovery information in Active Directory Domain Services (Windows Server 2008 and Windows Vista)](#bkmk-rec3) -- [Choose default folder for recovery password](#bkmk-rec4) -- [Choose how BitLocker-protected fixed drives can be recovered](#bkmk-rec6) -- [Choose how BitLocker-protected removable drives can be recovered](#bkmk-rec7) -- [Configure the pre-boot recovery message and URL](#bkmk-configurepreboot) +- [Choose how BitLocker-protected operating system drives can be recovered](#bkmk-rec1) +- [Choose how users can recover BitLocker-protected drives (Windows Server 2008 and Windows Vista)](#bkmk-rec2) +- [Store BitLocker recovery information in Active Directory Domain Services (Windows Server 2008 and Windows Vista)](#bkmk-rec3) +- [Choose default folder for recovery password](#bkmk-rec4) +- [Choose how BitLocker-protected fixed drives can be recovered](#bkmk-rec6) +- [Choose how BitLocker-protected removable drives can be recovered](#bkmk-rec7) +- [Configure the pre-boot recovery message and URL](#bkmk-configurepreboot) The following policies are used to support customized deployment scenarios in your organization. -- [Allow Secure Boot for integrity validation](#bkmk-secboot) -- [Provide the unique identifiers for your organization](#bkmk-depopt1) -- [Prevent memory overwrite on restart](#bkmk-depopt2) -- [Configure TPM platform validation profile for BIOS-based firmware configurations](#bkmk-tpmbios) -- [Configure TPM platform validation profile (Windows Vista, Windows Server 2008, Windows 7, Windows Server 2008 R2)](#bkmk-depopt3) -- [Configure TPM platform validation profile for native UEFI firmware configurations](#bkmk-tpmvaluefi) -- [Reset platform validation data after BitLocker recovery](#bkmk-resetrec) -- [Use enhanced Boot Configuration Data validation profile](#bkmk-enbcd) -- [Allow access to BitLocker-protected fixed data drives from earlier versions of Windows](#bkmk-depopt4) -- [Allow access to BitLocker-protected removable data drives from earlier versions of Windows](#bkmk-depopt5) +- [Allow Secure Boot for integrity validation](#bkmk-secboot) +- [Provide the unique identifiers for your organization](#bkmk-depopt1) +- [Prevent memory overwrite on restart](#bkmk-depopt2) +- [Configure TPM platform validation profile for BIOS-based firmware configurations](#bkmk-tpmbios) +- [Configure TPM platform validation profile (Windows Vista, Windows Server 2008, Windows 7, Windows Server 2008 R2)](#bkmk-depopt3) +- [Configure TPM platform validation profile for native UEFI firmware configurations](#bkmk-tpmvaluefi) +- [Reset platform validation data after BitLocker recovery](#bkmk-resetrec) +- [Use enhanced Boot Configuration Data validation profile](#bkmk-enbcd) +- [Allow access to BitLocker-protected fixed data drives from earlier versions of Windows](#bkmk-depopt4) +- [Allow access to BitLocker-protected removable data drives from earlier versions of Windows](#bkmk-depopt5) ### Allow devices with secure boot and protected DMA ports to opt out of preboot PIN @@ -160,33 +160,33 @@ If you want to use BitLocker on a computer without a TPM, select **Allow BitLock On a computer with a compatible TPM, additional authentication methods can be used at startup to improve protection for encrypted data. When the computer starts, it can use: -- Only the TPM -- Insertion of a USB flash drive containing the startup key -- The entry of a 4-digit to 20-digit personal identification number (PIN) -- A combination of the PIN and the USB flash drive +- Only the TPM +- Insertion of a USB flash drive containing the startup key +- The entry of a 4-digit to 20-digit personal identification number (PIN) +- A combination of the PIN and the USB flash drive There are four options for TPM-enabled computers or devices: -- Configure TPM startup +- Configure TPM startup - - Allow TPM - - Require TPM - - Do not allow TPM -- Configure TPM startup PIN + - Allow TPM + - Require TPM + - Do not allow TPM +- Configure TPM startup PIN - - Allow startup PIN with TPM - - Require startup PIN with TPM - - Do not allow startup PIN with TPM -- Configure TPM startup key + - Allow startup PIN with TPM + - Require startup PIN with TPM + - Do not allow startup PIN with TPM +- Configure TPM startup key - - Allow startup key with TPM - - Require startup key with TPM - - Do not allow startup key with TPM -- Configure TPM startup key and PIN + - Allow startup key with TPM + - Require startup key with TPM + - Do not allow startup key with TPM +- Configure TPM startup key and PIN - - Allow TPM startup key with PIN - - Require startup key and PIN with TPM - - Do not allow TPM startup key with PIN + - Allow TPM startup key with PIN + - Require startup key and PIN with TPM + - Do not allow TPM startup key with PIN ### Allow enhanced PINs for startup @@ -308,9 +308,9 @@ Passwords must be at least eight characters. To configure a greater minimum leng When this policy setting is enabled, you can set the option **Configure password complexity for operating system drives** to: -- Allow password complexity -- Deny password complexity -- Require password complexity +- Allow password complexity +- Deny password complexity +- Require password complexity ### Require additional authentication at startup (Windows Server 2008 and Windows Vista) @@ -334,16 +334,16 @@ A USB drive that contains a startup key is needed on computers without a compati There are two options for TPM-enabled computers or devices: -- Configure TPM startup PIN +- Configure TPM startup PIN - - Allow startup PIN with TPM - - Require startup PIN with TPM - - Do not allow startup PIN with TPM -- Configure TPM startup key + - Allow startup PIN with TPM + - Require startup PIN with TPM + - Do not allow startup PIN with TPM +- Configure TPM startup key - - Allow startup key with TPM - - Require startup key with TPM - - Do not allow startup key with TPM + - Allow startup key with TPM + - Require startup key with TPM + - Do not allow startup key with TPM These options are mutually exclusive. If you require the startup key, you must not allow the startup PIN. If you require the startup PIN, you must not allow the startup key. Otherwise, a policy error will occur. @@ -510,9 +510,9 @@ When the Windows Recovery Environment isn't enabled and this policy isn't enable If you don't enable this policy setting, the following options in the **Require additional authentication at startup** policy might not be available: -- Configure TPM startup PIN: Required and Allowed -- Configure TPM startup key and PIN: Required and Allowed -- Configure use of passwords for operating system drives +- Configure TPM startup PIN: Required and Allowed +- Configure TPM startup key and PIN: Required and Allowed +- Configure use of passwords for operating system drives ### Deny write access to fixed drives not protected by BitLocker @@ -537,9 +537,9 @@ Conflict considerations include: 1. When this policy setting is enabled, users receive "Access denied" error messages when they try to save data to unencrypted fixed data drives. See the Reference section for additional conflicts. 2. If BdeHdCfg.exe is run on a computer when this policy setting is enabled, you could encounter the following issues: - - If you attempted to shrink the drive and create the system drive, the drive size is successfully reduced and a raw partition is created. However, the raw partition isn't formatted. The following error message is displayed: "The new active drive cannot be formatted. You may need to manually prepare your drive for BitLocker." - - If you attempt to use unallocated space to create the system drive, a raw partition will be created. However, the raw partition will not be formatted. The following error message is displayed: "The new active drive cannot be formatted. You may need to manually prepare your drive for BitLocker." - - If you attempt to merge an existing drive into the system drive, the tool fails to copy the required boot file onto the target drive to create the system drive. The following error message is displayed: "BitLocker setup failed to copy boot files. You may need to manually prepare your drive for BitLocker." + - If you attempted to shrink the drive and create the system drive, the drive size is successfully reduced and a raw partition is created. However, the raw partition isn't formatted. The following error message is displayed: "The new active drive cannot be formatted. You may need to manually prepare your drive for BitLocker." + - If you attempt to use unallocated space to create the system drive, a raw partition will be created. However, the raw partition will not be formatted. The following error message is displayed: "The new active drive cannot be formatted. You may need to manually prepare your drive for BitLocker." + - If you attempt to merge an existing drive into the system drive, the tool fails to copy the required boot file onto the target drive to create the system drive. The following error message is displayed: "BitLocker setup failed to copy boot files. You may need to manually prepare your drive for BitLocker." 3. If this policy setting is enforced, a hard drive can't be repartitioned because the drive is protected. If you are upgrading computers in your organization from a previous version of Windows, and those computers were configured with a single partition, you should create the required BitLocker system partition before you apply this policy setting to the computers. @@ -593,8 +593,8 @@ For information about suspending BitLocker protection, see [BitLocker Basic Depl The options for choosing property settings that control how users can configure BitLocker are: -- **Allow users to apply BitLocker protection on removable data drives** Enables the user to run the BitLocker Setup Wizard on a removable data drive. -- **Allow users to suspend and decrypt BitLocker on removable data drives** Enables the user to remove BitLocker from the drive or to suspend the encryption while performing maintenance. +- **Allow users to apply BitLocker protection on removable data drives** Enables the user to run the BitLocker Setup Wizard on a removable data drive. +- **Allow users to suspend and decrypt BitLocker on removable data drives** Enables the user to remove BitLocker from the drive or to suspend the encryption while performing maintenance. ### Choose drive encryption method and cipher strength @@ -632,7 +632,7 @@ This policy controls how BitLocker reacts to systems that are equipped with encr | |   | |:---|:---| -|**Policy description**|With this policy setting, you can manage BitLocker’s use of hardware-based encryption on fixed data drives and to specify which encryption algorithms BitLocker can use with hardware-based encryption.| +|**Policy description**|With this policy setting, you can manage BitLocker's use of hardware-based encryption on fixed data drives and to specify which encryption algorithms BitLocker can use with hardware-based encryption.| |**Introduced**|Windows Server 2012 and Windows 8| |**Drive type**|Fixed data drives| |**Policy path**|Computer Configuration\Administrative Templates\Windows Components\BitLocker Drive Encryption\Fixed Data Drives| @@ -648,8 +648,8 @@ This policy controls how BitLocker reacts to systems that are equipped with encr The encryption algorithm that is used by hardware-based encryption is set when the drive is partitioned. By default, BitLocker uses the algorithm that is configured on the drive to encrypt the drive. The **Restrict encryption algorithms and cipher suites allowed for hardware-based encryption** option of this setting enables you to restrict the encryption algorithms that BitLocker can use with hardware encryption. If the algorithm that is set for the drive isn't available, BitLocker disables the use of hardware-based encryption. Encryption algorithms are specified by object identifiers (OID), for example: -- Advanced Encryption Standard (AES) 128 in Cipher Block Chaining (CBC) mode OID: 2.16.840.1.101.3.4.1.2 -- AES 256 in CBC mode OID: 2.16.840.1.101.3.4.1.42 +- Advanced Encryption Standard (AES) 128 in Cipher Block Chaining (CBC) mode OID: 2.16.840.1.101.3.4.1.2 +- AES 256 in CBC mode OID: 2.16.840.1.101.3.4.1.42 ### Configure use of hardware-based encryption for operating system drives @@ -657,7 +657,7 @@ This policy controls how BitLocker reacts when encrypted drives are used as oper | |   | |:---|:---| -|**Policy description**|With this policy setting, you can manage BitLocker’s use of hardware-based encryption on operating system drives and specify which encryption algorithms it can use with hardware-based encryption.| +|**Policy description**|With this policy setting, you can manage BitLocker's use of hardware-based encryption on operating system drives and specify which encryption algorithms it can use with hardware-based encryption.| |**Introduced**|Windows Server 2012 and Windows 8| |**Drive type**|Operating system drives| |**Policy path**|Computer Configuration\Administrative Templates\Windows Components\BitLocker Drive Encryption\Operating System Drives| @@ -675,8 +675,8 @@ If hardware-based encryption isn't available, BitLocker software-based encryptio The encryption algorithm that is used by hardware-based encryption is set when the drive is partitioned. By default, BitLocker uses the algorithm that is configured on the drive to encrypt the drive. The **Restrict encryption algorithms and cipher suites allowed for hardware-based encryption** option of this setting enables you to restrict the encryption algorithms that BitLocker can use with hardware encryption. If the algorithm that is set for the drive isn't available, BitLocker disables the use of hardware-based encryption. Encryption algorithms are specified by object identifiers (OID), for example: -- Advanced Encryption Standard (AES) 128 in Cipher Block Chaining (CBC) mode OID: 2.16.840.1.101.3.4.1.2 -- AES 256 in CBC mode OID: 2.16.840.1.101.3.4.1.42 +- Advanced Encryption Standard (AES) 128 in Cipher Block Chaining (CBC) mode OID: 2.16.840.1.101.3.4.1.2 +- AES 256 in CBC mode OID: 2.16.840.1.101.3.4.1.42 ### Configure use of hardware-based encryption for removable data drives @@ -684,7 +684,7 @@ This policy controls how BitLocker reacts to encrypted drives when they're used | |   | |:---|:---| -|**Policy description**|With this policy setting, you can manage BitLocker’s use of hardware-based encryption on removable data drives and specify which encryption algorithms it can use with hardware-based encryption.| +|**Policy description**|With this policy setting, you can manage BitLocker's use of hardware-based encryption on removable data drives and specify which encryption algorithms it can use with hardware-based encryption.| |**Introduced**|Windows Server 2012 and Windows 8| |**Drive type**|Removable data drive| |**Policy path**|Computer Configuration\Administrative Templates\Windows Components\BitLocker Drive Encryption\Removable Data Drives| @@ -702,8 +702,8 @@ If hardware-based encryption isn't available, BitLocker software-based encryptio The encryption algorithm that is used by hardware-based encryption is set when the drive is partitioned. By default, BitLocker uses the algorithm that is configured on the drive to encrypt the drive. The **Restrict encryption algorithms and cipher suites allowed for hardware-based encryption** option of this setting enables you to restrict the encryption algorithms that BitLocker can use with hardware encryption. If the algorithm that is set for the drive isn't available, BitLocker disables the use of hardware-based encryption. Encryption algorithms are specified by object identifiers (OID), for example: -- Advanced Encryption Standard (AES) 128 in Cipher Block Chaining (CBC) mode OID: 2.16.840.1.101.3.4.1.2 -- AES 256 in CBC mode OID: 2.16.840.1.101.3.4.1.42 +- Advanced Encryption Standard (AES) 128 in Cipher Block Chaining (CBC) mode OID: 2.16.840.1.101.3.4.1.2 +- AES 256 in CBC mode OID: 2.16.840.1.101.3.4.1.42 ### Enforce drive encryption type on fixed data drives @@ -724,7 +724,7 @@ This policy controls whether fixed data drives utilize Used Space Only encryptio This policy setting is applied when you turn on BitLocker. Changing the encryption type has no effect if the drive is already encrypted or if encryption is in progress. Choose Full encryption to make it mandatory for the entire drive to be encrypted when BitLocker is turned on. Choose Used Space Only encryption to make it mandatory to encrypt only that portion of the drive that is used to store data when BitLocker is turned on. > [!NOTE] -> This policy is ignored when you are shrinking or expanding a volume and the BitLocker driver uses the current encryption method. For example, when a drive that is using Used Space Only encryption is expanded, the new free space isn't wiped as it would be for a drive that is using Full encryption. The user could wipe the free space on a Used Space Only drive by using the following command: `manage-bde -w`. If the volume is shrunk, no action is taken for the new free space. +> This policy is ignored when you are shrinking or expanding a volume and the BitLocker driver uses the current encryption method. For example, when a drive that is using Used Space Only encryption is expanded, the new free space isn't wiped as it would be for a drive that is using Full encryption. The user could wipe the free space on a Used Space Only drive by using the following command: `manage-bde.exe -w`. If the volume is shrunk, no action is taken for the new free space. For more information about the tool to manage BitLocker, see [Manage-bde](/windows-server/administration/windows-commands/manage-bde). @@ -747,7 +747,7 @@ This policy controls whether operating system drives utilize Full encryption or This policy setting is applied when you turn on BitLocker. Changing the encryption type has no effect if the drive is already encrypted or if encryption is in progress. Choose Full encryption to make it mandatory for the entire drive to be encrypted when BitLocker is turned on. Choose Used Space Only encryption to make it mandatory to encrypt only that portion of the drive that is used to store data when BitLocker is turned on. > [!NOTE] -> This policy is ignored when shrinking or expanding a volume, and the BitLocker driver uses the current encryption method. For example, when a drive that is using Used Space Only encryption is expanded, the new free space isn't wiped as it would be for a drive that uses Full encryption. The user could wipe the free space on a Used Space Only drive by using the following command: `manage-bde -w`. If the volume is shrunk, no action is taken for the new free space. +> This policy is ignored when shrinking or expanding a volume, and the BitLocker driver uses the current encryption method. For example, when a drive that is using Used Space Only encryption is expanded, the new free space isn't wiped as it would be for a drive that uses Full encryption. The user could wipe the free space on a Used Space Only drive by using the following command: `manage-bde.exe -w`. If the volume is shrunk, no action is taken for the new free space. For more information about the tool to manage BitLocker, see [Manage-bde](/windows-server/administration/windows-commands/manage-bde). @@ -770,7 +770,7 @@ This policy controls whether fixed data drives utilize Full encryption or Used S This policy setting is applied when you turn on BitLocker. Changing the encryption type has no effect if the drive is already encrypted or if encryption is in progress. Choose Full encryption to make it mandatory for the entire drive to be encrypted when BitLocker is turned on. Choose Used Space Only encryption to make it mandatory to encrypt only that portion of the drive that is used to store data when BitLocker is turned on. > [!NOTE] -> This policy is ignored when shrinking or expanding a volume, and the BitLocker driver uses the current encryption method. For example, when a drive that is using Used Space Only encryption is expanded, the new free space isn't wiped as it would be for a drive that is using Full Encryption. The user could wipe the free space on a Used Space Only drive by using the following command: `manage-bde -w`. If the volume is shrunk, no action is taken for the new free space. +> This policy is ignored when shrinking or expanding a volume, and the BitLocker driver uses the current encryption method. For example, when a drive that is using Used Space Only encryption is expanded, the new free space isn't wiped as it would be for a drive that is using Full Encryption. The user could wipe the free space on a Used Space Only drive by using the following command: `manage-bde.exe -w`. If the volume is shrunk, no action is taken for the new free space. For more information about the tool to manage BitLocker, see [Manage-bde](/windows-server/administration/windows-commands/manage-bde). @@ -861,7 +861,7 @@ BitLocker recovery information includes the recovery password and unique identif If you select **Require BitLocker backup to AD DS**, BitLocker can't be turned on unless the computer is connected to the domain and the backup of BitLocker recovery information to AD DS succeeds. This option is selected by default to help ensure that BitLocker recovery is possible. -A recovery password is a 48-digit number that unlocks access to a BitLocker-protected drive. A key package contains a drive’s BitLocker encryption key, which is secured by one or more recovery passwords. Key packages may help perform specialized recovery when the disk is damaged or corrupted. +A recovery password is a 48-digit number that unlocks access to a BitLocker-protected drive. A key package contains a drive's BitLocker encryption key, which is secured by one or more recovery passwords. Key packages may help perform specialized recovery when the disk is damaged or corrupted. If the **Require BitLocker backup to AD DS** option isn't selected, AD DS backup is attempted, but network or other backup failures don't prevent the BitLocker setup. The Backup process isn't automatically retried, and the recovery password might not be stored in AD DS during BitLocker setup. TPM initialization might be needed during the BitLocker setup. Enable the **Turn on TPM backup to Active Directory Domain Services** policy setting in **Computer Configuration\\Administrative Templates\\System\\Trusted Platform Module Services** to ensure that TPM information is also backed up. @@ -974,9 +974,9 @@ Enabling the **Configure the pre-boot recovery message and URL** policy setting Once you enable the setting, you have three options: -- If you select the **Use default recovery message and URL** option, the default BitLocker recovery message and URL will be displayed on the pre-boot recovery screen. -- If you select the **Use custom recovery message** option, type the custom message in the **Custom recovery message option** text box. The message that you type in the **Custom recovery message option** text box is displayed on the pre-boot recovery screen. If a recovery URL is available, include it in the message. -- If you select the **Use custom recovery URL** option, type the custom message URL in the **Custom recovery URL option** text box. The URL that you type in the **Custom recovery URL option** text box replaces the default URL in the default recovery message, which is displayed on the pre-boot recovery screen. +- If you select the **Use default recovery message and URL** option, the default BitLocker recovery message and URL will be displayed on the pre-boot recovery screen. +- If you select the **Use custom recovery message** option, type the custom message in the **Custom recovery message option** text box. The message that you type in the **Custom recovery message option** text box is displayed on the pre-boot recovery screen. If a recovery URL is available, include it in the message. +- If you select the **Use custom recovery URL** option, type the custom message URL in the **Custom recovery URL option** text box. The URL that you type in the **Custom recovery URL option** text box replaces the default URL in the default recovery message, which is displayed on the pre-boot recovery screen. > [!IMPORTANT] > Not all characters and languages are supported in the pre-boot environment. We strongly recommended that you verify the correct appearance of the characters that you use for the custom message and URL on the pre-boot recovery screen. @@ -1077,32 +1077,32 @@ This policy setting doesn't apply if the computer doesn't have a compatible TPM A platform validation profile consists of a set of PCR indices that range from 0 to 23. The default platform validation profile secures the encryption key against changes to the following: -- Core Root of Trust of Measurement (CRTM), BIOS, and Platform Extensions (PCR 0) -- Option ROM Code (PCR 2) -- Master Boot Record (MBR) Code (PCR 4) -- NTFS Boot Sector (PCR 8) -- NTFS Boot Block (PCR 9) -- Boot Manager (PCR 10) -- BitLocker Access Control (PCR 11) +- Core Root of Trust of Measurement (CRTM), BIOS, and Platform Extensions (PCR 0) +- Option ROM Code (PCR 2) +- Master Boot Record (MBR) Code (PCR 4) +- NTFS Boot Sector (PCR 8) +- NTFS Boot Block (PCR 9) +- Boot Manager (PCR 10) +- BitLocker Access Control (PCR 11) > [!NOTE] -> Changing from the default platform validation profile affects the security and manageability of your computer. BitLocker’s sensitivity to platform modifications (malicious or authorized) is increased or decreased depending on inclusion or exclusion (respectively) of the PCRs. +> Changing from the default platform validation profile affects the security and manageability of your computer. BitLocker's sensitivity to platform modifications (malicious or authorized) is increased or decreased depending on inclusion or exclusion (respectively) of the PCRs. The following list identifies all of the available PCRs: -- PCR 0: Core root-of-trust for measurement, BIOS, and platform extensions -- PCR 1: Platform and motherboard configuration and data. -- PCR 2: Option ROM code -- PCR 3: Option ROM data and configuration -- PCR 4: Master Boot Record (MBR) code -- PCR 5: Master Boot Record (MBR) partition table -- PCR 6: State transition and wake events -- PCR 7: Computer manufacturer-specific -- PCR 8: NTFS boot sector -- PCR 9: NTFS boot block -- PCR 10: Boot manager -- PCR 11: BitLocker access control -- PCR 12-23: Reserved for future use +- PCR 0: Core root-of-trust for measurement, BIOS, and platform extensions +- PCR 1: Platform and motherboard configuration and data. +- PCR 2: Option ROM code +- PCR 3: Option ROM data and configuration +- PCR 4: Master Boot Record (MBR) code +- PCR 5: Master Boot Record (MBR) partition table +- PCR 6: State transition and wake events +- PCR 7: Computer manufacturer-specific +- PCR 8: NTFS boot sector +- PCR 9: NTFS boot block +- PCR 10: Boot manager +- PCR 11: BitLocker access control +- PCR 12-23: Reserved for future use ### Configure TPM platform validation profile (Windows Vista, Windows Server 2008, Windows 7, Windows Server 2008 R2) @@ -1124,32 +1124,32 @@ This policy setting doesn't apply if the computer doesn't have a compatible TPM A platform validation profile consists of a set of PCR indices that range from 0 to 23. The default platform validation profile secures the encryption key against changes to the following: -- Core Root of Trust of Measurement (CRTM), BIOS, and Platform Extensions (PCR 0) -- Option ROM Code (PCR 2) -- Master Boot Record (MBR) Code (PCR 4) -- NTFS Boot Sector (PCR 8) -- NTFS Boot Block (PCR 9) -- Boot Manager (PCR 10) -- BitLocker Access Control (PCR 11) +- Core Root of Trust of Measurement (CRTM), BIOS, and Platform Extensions (PCR 0) +- Option ROM Code (PCR 2) +- Master Boot Record (MBR) Code (PCR 4) +- NTFS Boot Sector (PCR 8) +- NTFS Boot Block (PCR 9) +- Boot Manager (PCR 10) +- BitLocker Access Control (PCR 11) > [!NOTE] > The default TPM validation profile PCR settings for computers that use an Extensible Firmware Interface (EFI) are the PCRs 0, 2, 4, and 11 only. The following list identifies all of the available PCRs: -- PCR 0: Core root-of-trust for measurement, EFI boot and run-time services, EFI drivers embedded in system ROM, ACPI static tables, embedded SMM code, and BIOS code -- PCR 1: Platform and motherboard configuration and data. Hand-off tables and EFI variables that affect system configuration -- PCR 2: Option ROM code -- PCR 3: Option ROM data and configuration -- PCR 4: Master Boot Record (MBR) code or code from other boot devices -- PCR 5: Master Boot Record (MBR) partition table. Various EFI variables and the GPT table -- PCR 6: State transition and wake events -- PCR 7: Computer manufacturer-specific -- PCR 8: NTFS boot sector -- PCR 9: NTFS boot block -- PCR 10: Boot manager -- PCR 11: BitLocker access control -- PCR 12 - 23: Reserved for future use +- PCR 0: Core root-of-trust for measurement, EFI boot and run-time services, EFI drivers embedded in system ROM, ACPI static tables, embedded SMM code, and BIOS code +- PCR 1: Platform and motherboard configuration and data. Hand-off tables and EFI variables that affect system configuration +- PCR 2: Option ROM code +- PCR 3: Option ROM data and configuration +- PCR 4: Master Boot Record (MBR) code or code from other boot devices +- PCR 5: Master Boot Record (MBR) partition table. Various EFI variables and the GPT table +- PCR 6: State transition and wake events +- PCR 7: Computer manufacturer-specific +- PCR 8: NTFS boot sector +- PCR 9: NTFS boot block +- PCR 10: Boot manager +- PCR 11: BitLocker access control +- PCR 12 - 23: Reserved for future use > [!WARNING] > Changing from the default platform validation profile affects the security and manageability of your computer. BitLocker's sensitivity to platform modifications (malicious or authorized) is increased or decreased depending on inclusion or exclusion (respectively) of the PCRs. @@ -1179,25 +1179,25 @@ A platform validation profile consists of a set of PCR indices ranging from 0 to The following list identifies all of the available PCRs: -- PCR 0: Core System Firmware executable code -- PCR 1: Core System Firmware data -- PCR 2: Extended or pluggable executable code -- PCR 3: Extended or pluggable firmware data -- PCR 4: Boot Manager -- PCR 5: GPT/Partition Table -- PCR 6: Resume from S4 and S5 Power State Events -- PCR 7: Secure Boot State +- PCR 0: Core System Firmware executable code +- PCR 1: Core System Firmware data +- PCR 2: Extended or pluggable executable code +- PCR 3: Extended or pluggable firmware data +- PCR 4: Boot Manager +- PCR 5: GPT/Partition Table +- PCR 6: Resume from S4 and S5 Power State Events +- PCR 7: Secure Boot State For more information about this PCR, see [Platform Configuration Register (PCR)](#bkmk-pcr) in this article. -- PCR 8: Initialized to 0 with no Extends (reserved for future use) -- PCR 9: Initialized to 0 with no Extends (reserved for future use) -- PCR 10: Initialized to 0 with no Extends (reserved for future use) -- PCR 11: BitLocker access control -- PCR 12: Data events and highly volatile events -- PCR 13: Boot Module Details -- PCR 14: Boot Authorities -- PCR 15 – 23: Reserved for future use +- PCR 8: Initialized to 0 with no Extends (reserved for future use) +- PCR 9: Initialized to 0 with no Extends (reserved for future use) +- PCR 10: Initialized to 0 with no Extends (reserved for future use) +- PCR 11: BitLocker access control +- PCR 12: Data events and highly volatile events +- PCR 13: Boot Module Details +- PCR 14: Boot Authorities +- PCR 15 - 23: Reserved for future use > [!WARNING] > Changing from the default platform validation profile affects the security and manageability of your computer. BitLocker's sensitivity to platform modifications (malicious or authorized) is increased or decreased depending on inclusion or exclusion (respectively) of the PCRs. @@ -1309,20 +1309,20 @@ For more information about setting this policy, see [System cryptography: Use FI ## Power management group policy settings: Sleep and Hibernate -PCs default power settings for a computer will cause the computer to enter Sleep mode frequently to conserve power when idle and to help extend the system’s battery life. When a computer transitions to Sleep, open programs and documents are persisted in memory. When a computer resumes from Sleep, users aren't required to reauthenticate with a PIN or USB startup key to access encrypted data. This might lead to conditions where data security is compromised. +PCs default power settings for a computer will cause the computer to enter Sleep mode frequently to conserve power when idle and to help extend the system's battery life. When a computer transitions to Sleep, open programs and documents are persisted in memory. When a computer resumes from Sleep, users aren't required to reauthenticate with a PIN or USB startup key to access encrypted data. This might lead to conditions where data security is compromised. However, when a computer hibernates the drive is locked, and when it resumes from hibernation the drive is unlocked, which means that users will need to provide a PIN or a startup key if using multifactor authentication with BitLocker. Therefore, organizations that use BitLocker may want to use Hibernate instead of Sleep for improved security. This setting doesn't have an impact on TPM-only mode, because it provides a transparent user experience at startup and when resuming from the Hibernate states. You can disable the following Group Policy settings, which are located in **Computer Configuration\\Administrative Templates\\System\\Power Management** to disable all available sleep states: -- Allow Standby States (S1-S3) When Sleeping (Plugged In) -- Allow Standby States (S1-S3) When Sleeping (Battery) +- Allow Standby States (S1-S3) When Sleeping (Plugged In) +- Allow Standby States (S1-S3) When Sleeping (Battery) ## About the Platform Configuration Register (PCR) A platform validation profile consists of a set of PCR indices that range from 0 to 23. The scope of the values can be specific to the version of the operating system. -Changing from the default platform validation profile affects the security and manageability of your computer. BitLocker’s sensitivity to platform modifications (malicious or authorized) is increased or decreased depending on inclusion or exclusion (respectively) of the PCRs. +Changing from the default platform validation profile affects the security and manageability of your computer. BitLocker's sensitivity to platform modifications (malicious or authorized) is increased or decreased depending on inclusion or exclusion (respectively) of the PCRs. **About PCR 7** diff --git a/windows/security/information-protection/bitlocker/bitlocker-how-to-deploy-on-windows-server.md b/windows/security/information-protection/bitlocker/bitlocker-how-to-deploy-on-windows-server.md index 17dd8a1f09..33ccd679da 100644 --- a/windows/security/information-protection/bitlocker/bitlocker-how-to-deploy-on-windows-server.md +++ b/windows/security/information-protection/bitlocker/bitlocker-how-to-deploy-on-windows-server.md @@ -4,18 +4,18 @@ description: This article for the IT professional explains how to deploy BitLock ms.reviewer: ms.prod: windows-client ms.localizationpriority: medium -author: dansimp -ms.author: dansimp +author: frankroj +ms.author: frankroj manager: aaroncz ms.collection: M365-security-compliance ms.topic: conceptual -ms.date: 02/28/2019 +ms.date: 11/08/2022 ms.custom: bitlocker --- # BitLocker: How to deploy on Windows Server 2012 and later -> Applies to: Windows Server 2012, Windows Server 2012 R2, Windows Server 2016, Windows Server 2019 +> Applies to: Windows Server 2012, Windows Server 2012 R2, Windows Server 2016, Windows Server 2019 This article explains how to deploy BitLocker on Windows Server 2012 and later versions. For all Windows Server editions, BitLocker can be installed using Server Manager or Windows PowerShell cmdlets. BitLocker requires administrator privileges on the server on which it's to be installed. @@ -33,8 +33,8 @@ This article explains how to deploy BitLocker on Windows Server 2012 and later v 7. Select the check box next to **BitLocker Drive Encryption** within the **Features** pane of the **Add Roles and Features** wizard. The wizard shows the extra management features available for BitLocker. If you don't want to install these features, deselect the **Include management tools ** and select **Add Features**. Once optional features selection is complete, select **Next** to proceed in the wizard. - > **Note:**   The **Enhanced Storage** feature is a required feature for enabling BitLocker. This feature enables support for encrypted hard drives on capable systems. -   + > **Note:** The **Enhanced Storage** feature is a required feature for enabling BitLocker. This feature enables support for encrypted hard drives on capable systems. + 8. Select **Install** on the **Confirmation** pane of the **Add Roles and Features** wizard to begin BitLocker feature installation. The BitLocker feature requires a restart for its installation to be complete. Selecting the **Restart the destination server automatically if required** option in the **Confirmation** pane forces a restart of the computer after installation is complete. 9. If the **Restart the destination server automatically if required** check box isn't selected, the **Results** pane of the **Add Roles and Features** wizard displays the success or failure of the BitLocker feature installation. If necessary, a notification of other action necessary to complete the feature installation, such as the restart of the computer, will be displayed in the results text. @@ -42,8 +42,8 @@ This article explains how to deploy BitLocker on Windows Server 2012 and later v Windows PowerShell offers administrators another option for BitLocker feature installation. Windows PowerShell installs features using the `servermanager` or `dism` module; however, the `servermanager` and `dism` modules don't always share feature name parity. Because of this, it's advisable to confirm the feature or role name prior to installation. ->**Note:**  You must restart the server to complete the installation of BitLocker. -  +>**Note:**You must restart the server to complete the installation of BitLocker. + ### Using the servermanager module to install BitLocker The `servermanager` Windows PowerShell module can use either the `Install-WindowsFeature` or `Add-WindowsFeature` to install the BitLocker feature. The `Add-WindowsFeature` cmdlet is merely a stub to the `Install-WindowsFeature`. This example uses the `Install-WindowsFeature` cmdlet. The feature name for BitLocker in the `servermanager` module is `BitLocker`. @@ -63,13 +63,13 @@ Install-WindowsFeature BitLocker -IncludeAllSubFeature -IncludeManagementTools - The result of this command displays the following list of all the administration tools for BitLocker, which would be installed along with the feature, including tools for use with Active Directory Domain Services (AD DS) and Active Directory Lightweight Directory Services (AD LDS). -- BitLocker Drive Encryption -- BitLocker Drive Encryption Tools -- BitLocker Drive Encryption Administration Utilities -- BitLocker Recovery Password Viewer -- AD DS Snap-Ins and Command-Line Tools -- AD DS Tools -- AD DS and AD LDS Tools +- BitLocker Drive Encryption +- BitLocker Drive Encryption Tools +- BitLocker Drive Encryption Administration Utilities +- BitLocker Recovery Password Viewer +- AD DS Snap-Ins and Command-Line Tools +- AD DS Tools +- AD DS and AD LDS Tools The command to complete a full installation of the BitLocker feature with all available sub-features and then to reboot the server at completion is: @@ -77,8 +77,8 @@ The command to complete a full installation of the BitLocker feature with all av Install-WindowsFeature BitLocker -IncludeAllSubFeature -IncludeManagementTools -Restart ``` ->**Important:**  Installing the BitLocker feature using Windows PowerShell does not install the Enhanced Storage feature. Administrators wishing to support Encrypted Hard Drives in their environment will need to install the Enhanced Storage feature separately. -  +>**Important:**Installing the BitLocker feature using Windows PowerShell does not install the Enhanced Storage feature. Administrators wishing to support Encrypted Hard Drives in their environment will need to install the Enhanced Storage feature separately. + ### Using the dism module to install BitLocker The `dism` Windows PowerShell module uses the `Enable-WindowsOptionalFeature` cmdlet to install features. The BitLocker feature name for BitLocker is `BitLocker`. The `dism` module doesn't support wildcards when searching for feature names. To list feature names for the `dism` module, use the `Get-WindowsOptionalFeatures` cmdlet. The following command will list all of the optional features in an online (running) operating system. diff --git a/windows/security/information-protection/bitlocker/bitlocker-how-to-enable-network-unlock.md b/windows/security/information-protection/bitlocker/bitlocker-how-to-enable-network-unlock.md index 4face62ddf..3e96a53ea0 100644 --- a/windows/security/information-protection/bitlocker/bitlocker-how-to-enable-network-unlock.md +++ b/windows/security/information-protection/bitlocker/bitlocker-how-to-enable-network-unlock.md @@ -4,13 +4,13 @@ description: This article for the IT professional describes how BitLocker Networ ms.reviewer: ms.prod: windows-client ms.localizationpriority: medium -author: dansimp -ms.author: dansimp +author: frankroj +ms.author: frankroj manager: aaroncz ms.collection: - M365-security-compliance ms.topic: conceptual -ms.date: 02/28/2019 +ms.date: 11/08/2022 ms.custom: bitlocker --- @@ -33,14 +33,14 @@ Network unlock allows BitLocker-enabled systems that have a TPM+PIN and that mee Network Unlock must meet mandatory hardware and software requirements before the feature can automatically unlock domain-joined systems. These requirements include: -- Windows 8 or Windows Server 2012 as the current operating system. -- Any supported operating system with UEFI DHCP drivers that can serve as Network Unlock clients. -- Network Unlock clients with a TPM chip and at least one TPM protector. -- A server running the Windows Deployment Services (WDS) role on any supported server operating system. -- BitLocker Network Unlock optional feature installed on any supported server operating system. -- A DHCP server, separate from the WDS server. -- Properly configured public/private key pairing. -- Network Unlock group policy settings configured. +- Windows 8 or Windows Server 2012 as the current operating system. +- Any supported operating system with UEFI DHCP drivers that can serve as Network Unlock clients. +- Network Unlock clients with a TPM chip and at least one TPM protector. +- A server running the Windows Deployment Services (WDS) role on any supported server operating system. +- BitLocker Network Unlock optional feature installed on any supported server operating system. +- A DHCP server, separate from the WDS server. +- Properly configured public/private key pairing. +- Network Unlock group policy settings configured. The network stack must be enabled to use the Network Unlock feature. Equipment manufacturers deliver their products in various states and with different BIOS menus; therefore, you need to confirm that the network stack has been enabled in the BIOS before starting the computer. @@ -135,8 +135,8 @@ A properly configured Active Directory Services Certification Authority can use 12. On the **Edit Application Policies Extension** dialog box, select **Add**. 13. On the **Add Application Policy** dialog box, select **New**. In the **New Application Policy** dialog box, enter the following information in the space provided and then click **OK** to create the BitLocker Network Unlock application policy: - - **Name:** **BitLocker Network Unlock** - - **Object Identifier:** **1.3.6.1.4.1.311.67.1.1** + - **Name:** **BitLocker Network Unlock** + - **Object Identifier:** **1.3.6.1.4.1.311.67.1.1** 14. Select the newly created **BitLocker Network Unlock** application policy and click **OK**. 15. With the **Extensions** tab still open, select the **Edit Key Usage Extension** dialog. Select the **Allow key exchange only with key encryption (key encipherment)** option. Select the **Make this extension critical** option. @@ -212,7 +212,7 @@ Here's a `certreq` example: ``` 4. Verify that certificate was properly created by the previous command by confirming that the .cer file exists. 5. Launch Certificates - Local Machine by running **certlm.msc**. -6. Create a .pfx file by opening the **Certificates – Local Computer\\Personal\\Certificates** path in the navigation pane, right-clicking the previously imported certificate, selecting **All Tasks**, and then selecting **Export**. Follow through the wizard to create the .pfx file. +6. Create a .pfx file by opening the **Certificates - Local Computer\\Personal\\Certificates** path in the navigation pane, right-clicking the previously imported certificate, selecting **All Tasks**, and then selecting **Export**. Follow through the wizard to create the .pfx file. ### Deploy the private key and certificate to the WDS server @@ -259,7 +259,7 @@ By default, all clients with the correct network unlock certificate and valid Ne The configuration file, called bde-network-unlock.ini, must be located in the same directory as the network unlock provider DLL (%windir%\System32\Nkpprov.dll) and it applies to both IPv6 and IPv4 DHCP implementations. If the subnet configuration policy becomes corrupted, the provider fails and stops responding to requests. -The subnet policy configuration file must use a “\[SUBNETS\]” section to identify the specific subnets. The named subnets may then be used to specify restrictions in certificate subsections. Subnets are defined as simple name–value pairs, in the common INI format, where each subnet has its own line, with the name on the left of the equal-sign, and the subnet identified on the right of the equal-sign as a Classless Inter-Domain Routing (CIDR) address or range. The key word “ENABLED” is disallowed for subnet names. +The subnet policy configuration file must use a "\[SUBNETS\]" section to identify the specific subnets. The named subnets may then be used to specify restrictions in certificate subsections. Subnets are defined as simple name-value pairs, in the common INI format, where each subnet has its own line, with the name on the left of the equal-sign, and the subnet identified on the right of the equal-sign as a Classless Inter-Domain Routing (CIDR) address or range. The key word "ENABLED" is disallowed for subnet names. ```ini [SUBNETS] @@ -293,7 +293,7 @@ To disallow the use of a certificate altogether, add a `DISABLED` line to its su To turn off the unlock server, the PXE provider can be unregistered from the WDS server or uninstalled altogether. However, to stop clients from creating network unlock protectors, the **Allow Network Unlock at startup** group policy setting should be disabled. When this policy setting is updated to **disabled** on client computers, any Network Unlock key protector on the computer is deleted. Alternatively, the BitLocker network unlock certificate policy can be deleted on the domain controller to accomplish the same task for an entire domain. > [!NOTE] -> Removing the FVE_NKP certificate store that contains the network unlock certificate and key on the WDS server will also effectively disable the server’s ability to respond to unlock requests for that certificate. However, this is seen as an error condition and is not a supported or recommended method for turning off the network unlock server. +> Removing the FVE_NKP certificate store that contains the network unlock certificate and key on the WDS server will also effectively disable the server's ability to respond to unlock requests for that certificate. However, this is seen as an error condition and is not a supported or recommended method for turning off the network unlock server. ## Update Network Unlock certificates @@ -336,17 +336,17 @@ Gather the following files to troubleshoot BitLocker Network Unlock. 1. In the left pane, select **Applications and Services Logs** > **Microsoft** > **Windows** > **Deployment-Services-Diagnostics** > **Debug**. 1. In the right pane, select **Enable Log**. - The DHCP subnet configuration file (if one exists). -- The output of the BitLocker status on the volume. Gather this output into a text file by using `manage-bde -status`. Or in Windows PowerShell, use `Get-BitLockerVolume`. +- The output of the BitLocker status on the volume. Gather this output into a text file by using `manage-bde.exe -status`. Or in Windows PowerShell, use `Get-BitLockerVolume`. - The Network Monitor capture on the server that hosts the WDS role, filtered by client IP address. ## Configure Network Unlock Group Policy settings on earlier versions -Network Unlock and the accompanying Group Policy settings were introduced in Windows Server 2012. But you can deploy them by using operating systems that run Windows Server 2008 R2 and Windows Server 2008. +Network Unlock and the accompanying Group Policy settings were introduced in Windows Server 2012. But you can deploy them by using operating systems that run Windows Server 2008 R2 and Windows Server 2008. Your system must meet these requirements: -- The server that hosts WDS must be running a server operating system that's designated in the "Applies to" list at the beginning of this article. -- Client computers must be running a client operating system that's designated in the "Applies to" list at the beginning of this article. +- The server that hosts WDS must be running a server operating system that's designated in the "Applies to" list at the beginning of this article. +- Client computers must be running a client operating system that's designated in the "Applies to" list at the beginning of this article. Follow these steps to configure Network Unlock on these older systems. @@ -375,6 +375,6 @@ Follow these steps to configure Network Unlock on these older systems. ## See also -- [BitLocker overview](bitlocker-overview.md) -- [BitLocker frequently asked questions (FAQ)](bitlocker-frequently-asked-questions.yml) -- [Prepare your organization for BitLocker: Planning and policies](prepare-your-organization-for-bitlocker-planning-and-policies.md) +- [BitLocker overview](bitlocker-overview.md) +- [BitLocker frequently asked questions (FAQ)](bitlocker-frequently-asked-questions.yml) +- [Prepare your organization for BitLocker: Planning and policies](prepare-your-organization-for-bitlocker-planning-and-policies.md) diff --git a/windows/security/information-protection/bitlocker/bitlocker-key-management-faq.yml b/windows/security/information-protection/bitlocker/bitlocker-key-management-faq.yml index 369d16d8e8..2aad5dcf57 100644 --- a/windows/security/information-protection/bitlocker/bitlocker-key-management-faq.yml +++ b/windows/security/information-protection/bitlocker/bitlocker-key-management-faq.yml @@ -20,7 +20,7 @@ metadata: title: BitLocker Key Management FAQ summary: | **Applies to** - - Windows 10 + - Windows 10 sections: @@ -42,28 +42,28 @@ sections: For removable data drives, the recovery password and recovery key can be saved to a folder, saved to your Microsoft Account, or printed. By default, you cannot store a recovery key for a removable drive on a removable drive. - A domain administrator can additionally configure Group Policy to automatically generate recovery passwords and store them in Active Directory Domain Services (AD DS) for any BitLocker-protected drive. + A domain administrator can additionally configure Group Policy to automatically generate recovery passwords and store them in Active Directory Domain Services (AD DS) for any BitLocker-protected drive. - question: Is it possible to add an additional method of authentication without decrypting the drive if I only have the TPM authentication method enabled? answer: | You can use the Manage-bde.exe command-line tool to replace your TPM-only authentication mode with a multifactor authentication mode. For example, if BitLocker is enabled with TPM authentication only and you want to add PIN authentication, use the following commands from an elevated command prompt, replacing *4-20 digit numeric PIN* with the numeric PIN you want to use: - manage-bde –protectors –delete %systemdrive% -type tpm + manage-bde -protectors -delete %systemdrive% -type tpm - manage-bde –protectors –add %systemdrive% -tpmandpin 4-20 digit numeric PIN + manage-bde -protectors -add %systemdrive% -tpmandpin 4-20 digit numeric PIN - question: When should an additional method of authentication be considered? answer: | New hardware that meets [Windows Hardware Compatibility Program](/windows-hardware/design/compatibility/) requirements make a PIN less critical as a mitigation, and having a TPM-only protector is likely sufficient when combined with policies like device lockout. For example, Surface Pro and Surface Book do not have external DMA ports to attack. - For older hardware, where a PIN may be needed, it’s recommended to enable [enhanced PINs](bitlocker-group-policy-settings.md#bkmk-unlockpol2) that allow non-numeric characters such as letters and punctuation marks, and to set the PIN length based on your risk tolerance and the hardware anti-hammering capabilities available to the TPMs in your computers. + For older hardware, where a PIN may be needed, it's recommended to enable [enhanced PINs](bitlocker-group-policy-settings.md#bkmk-unlockpol2) that allow non-numeric characters such as letters and punctuation marks, and to set the PIN length based on your risk tolerance and the hardware anti-hammering capabilities available to the TPMs in your computers. - question: If I lose my recovery information, will the BitLocker-protected data be unrecoverable? answer: | BitLocker is designed to make the encrypted drive unrecoverable without the required authentication. When in recovery mode, the user needs the recovery password or recovery key to unlock the encrypted drive. > [!IMPORTANT] - > Store the recovery information in AD DS, along with your Microsoft Account, or another safe location. + > Store the recovery information in AD DS, along with your Microsoft Account, or another safe location. - question: Can the USB flash drive that is used as the startup key also be used to store the recovery key? answer: While this is technically possible, it is not a best practice to use one USB flash drive to store both keys. If the USB flash drive that contains your startup key is lost or stolen, you also lose access to your recovery key. In addition, inserting this key would cause your computer to automatically boot from the recovery key even if TPM-measured files have changed, which circumvents the TPM's system integrity check. @@ -109,9 +109,9 @@ sections: answer: | The following questions can assist you when asking a TPM manufacturer about the design of a dictionary attack mitigation mechanism: - - How many failed authorization attempts can occur before lockout? - - What is the algorithm for determining the duration of a lockout based on the number of failed attempts and any other relevant parameters? - - What actions can cause the failure count and lockout duration to be decreased or reset? + - How many failed authorization attempts can occur before lockout? + - What is the algorithm for determining the duration of a lockout based on the number of failed attempts and any other relevant parameters? + - What actions can cause the failure count and lockout duration to be decreased or reset? - question: Can PIN length and complexity be managed with Group Policy? answer: | diff --git a/windows/security/information-protection/bitlocker/bitlocker-management-for-enterprises.md b/windows/security/information-protection/bitlocker/bitlocker-management-for-enterprises.md index cc4705af8e..688687b1c3 100644 --- a/windows/security/information-protection/bitlocker/bitlocker-management-for-enterprises.md +++ b/windows/security/information-protection/bitlocker/bitlocker-management-for-enterprises.md @@ -3,13 +3,13 @@ title: BitLocker Management Recommendations for Enterprises (Windows 10) description: Refer to relevant documentation, products, and services to learn about managing BitLocker for enterprises and see recommendations for different computers. ms.prod: windows-client ms.localizationpriority: medium -author: dansimp -ms.author: dansimp +author: frankroj +ms.author: frankroj manager: aaroncz ms.collection: - M365-security-compliance ms.topic: conceptual -ms.date: 02/28/2019 +ms.date: 11/08/2022 ms.custom: bitlocker --- diff --git a/windows/security/information-protection/bitlocker/bitlocker-network-unlock-faq.yml b/windows/security/information-protection/bitlocker/bitlocker-network-unlock-faq.yml index 11fe756cf9..54709b6641 100644 --- a/windows/security/information-protection/bitlocker/bitlocker-network-unlock-faq.yml +++ b/windows/security/information-protection/bitlocker/bitlocker-network-unlock-faq.yml @@ -19,7 +19,7 @@ metadata: title: BitLocker Network Unlock FAQ summary: | **Applies to** - - Windows 10 + - Windows 10 sections: - name: Ignored diff --git a/windows/security/information-protection/bitlocker/bitlocker-overview-and-requirements-faq.yml b/windows/security/information-protection/bitlocker/bitlocker-overview-and-requirements-faq.yml index 46325ab4f4..643d0f8992 100644 --- a/windows/security/information-protection/bitlocker/bitlocker-overview-and-requirements-faq.yml +++ b/windows/security/information-protection/bitlocker/bitlocker-overview-and-requirements-faq.yml @@ -22,8 +22,8 @@ metadata: title: BitLocker Overview and Requirements FAQ summary: | **Applies to** - - Windows 10 - - Windows 11 + - Windows 10 + - Windows 11 sections: @@ -40,7 +40,7 @@ sections: You can use BitLocker to encrypt the entire contents of a data drive. You can use Group Policy to require that BitLocker be enabled on a drive before the computer can write data to the drive. BitLocker can be configured with a variety of unlock methods for data drives, and a data drive supports multiple unlock methods. - question: Does BitLocker support multifactor authentication? - answer: Yes, BitLocker supports multifactor authentication for operating system drives. If you enable BitLocker on a computer that has a TPM version 1.2 or later, you can use additional forms of authentication with the TPM protection. + answer: Yes, BitLocker supports multifactor authentication for operating system drives. If you enable BitLocker on a computer that has a TPM version 1.2 or later, you can use additional forms of authentication with the TPM protection. - question: What are the BitLocker hardware and software requirements? answer: | @@ -73,11 +73,11 @@ sections: answer: | Contact the computer manufacturer to request a Trusted Computing Group (TCG)-compliant BIOS or UEFI boot firmware that meets the following requirements: - - It is compliant with the TCG standards for a client computer. - - It has a secure update mechanism to help prevent a malicious BIOS or boot firmware from being installed on the computer. + - It is compliant with the TCG standards for a client computer. + - It has a secure update mechanism to help prevent a malicious BIOS or boot firmware from being installed on the computer. - question: What credentials are required to use BitLocker? answer: To turn on, turn off, or change configurations of BitLocker on operating system and fixed data drives, membership in the local **Administrators** group is required. Standard users can turn on, turn off, or change configurations of BitLocker on removable data drives. - question: What is the recommended boot order for computers that are going to be BitLocker-protected? - answer: You should configure the startup options of your computer to have the hard disk drive first in the boot order, before any other drives such as CD/DVD drives or USB drives. If the hard disk is not first and you typically boot from hard disk, then a boot order change may be detected or assumed when removable media is found during boot. The boot order typically affects the system measurement that is verified by BitLocker and a change in boot order will cause you to be prompted for your BitLocker recovery key. For the same reason, if you have a laptop with a docking station, ensure that the hard disk drive is first in the boot order both when docked and undocked.  + answer: You should configure the startup options of your computer to have the hard disk drive first in the boot order, before any other drives such as CD/DVD drives or USB drives. If the hard disk is not first and you typically boot from hard disk, then a boot order change may be detected or assumed when removable media is found during boot. The boot order typically affects the system measurement that is verified by BitLocker and a change in boot order will cause you to be prompted for your BitLocker recovery key. For the same reason, if you have a laptop with a docking station, ensure that the hard disk drive is first in the boot order both when docked and undocked. diff --git a/windows/security/information-protection/bitlocker/bitlocker-overview.md b/windows/security/information-protection/bitlocker/bitlocker-overview.md index 8d83958580..2f7b795571 100644 --- a/windows/security/information-protection/bitlocker/bitlocker-overview.md +++ b/windows/security/information-protection/bitlocker/bitlocker-overview.md @@ -1,16 +1,16 @@ --- title: BitLocker description: This topic provides a high-level overview of BitLocker, including a list of system requirements, practical applications, and deprecated features. -ms.author: dansimp +ms.author: frankroj ms.prod: windows-client ms.localizationpriority: medium -author: dansimp +author: frankroj manager: aaroncz ms.collection: - M365-security-compliance - highpri ms.topic: conceptual -ms.date: 01/26/2018 +ms.date: 11/08/2022 ms.custom: bitlocker --- @@ -40,21 +40,21 @@ Data on a lost or stolen computer is vulnerable to unauthorized access, either b There are two additional tools in the Remote Server Administration Tools which you can use to manage BitLocker. -- **BitLocker Recovery Password Viewer**. The BitLocker Recovery Password Viewer enables you to locate and view BitLocker Drive Encryption recovery passwords that have been backed up to Active Directory Domain Services (AD DS). You can use this tool to help recover data that is stored on a drive that has been encrypted by using BitLocker. The BitLocker Recovery Password Viewer tool is an extension for the Active Directory Users and Computers Microsoft Management Console (MMC) snap-in. +- **BitLocker Recovery Password Viewer**. The BitLocker Recovery Password Viewer enables you to locate and view BitLocker Drive Encryption recovery passwords that have been backed up to Active Directory Domain Services (AD DS). You can use this tool to help recover data that is stored on a drive that has been encrypted by using BitLocker. The BitLocker Recovery Password Viewer tool is an extension for the Active Directory Users and Computers Microsoft Management Console (MMC) snap-in. By using this tool, you can examine a computer object's **Properties** dialog box to view the corresponding BitLocker recovery passwords. Additionally, you can right-click a domain container and then search for a BitLocker recovery password across all the domains in the Active Directory forest. To view recovery passwords, you must be a domain administrator, or you must have been delegated permissions by a domain administrator. -- **BitLocker Drive Encryption Tools**. BitLocker Drive Encryption Tools include the command-line tools, manage-bde and repair-bde, and the BitLocker cmdlets for Windows PowerShell. Both manage-bde and the BitLocker cmdlets can be used to perform any task that can be accomplished through the +- **BitLocker Drive Encryption Tools**. BitLocker Drive Encryption Tools include the command-line tools, manage-bde and repair-bde, and the BitLocker cmdlets for Windows PowerShell. Both manage-bde and the BitLocker cmdlets can be used to perform any task that can be accomplished through the BitLocker control panel, and they are appropriate to be used for automated deployments and other scripting scenarios. Repair-bde is provided for disaster recovery scenarios in which a BitLocker-protected drive cannot be unlocked normally or by using the recovery console. ## New and changed functionality To find out what's new in BitLocker for Windows, such as support for the XTS-AES encryption algorithm, see the [BitLocker](/windows/whats-new/whats-new-windows-10-version-1507-and-1511#bitlocker) section in "What's new in Windows 10." -  + ## System requirements BitLocker has the following hardware requirements: -For BitLocker to use the system integrity check provided by a TPM, the computer must have TPM 1.2 or later versions. If your computer does not have a TPM, enabling BitLocker makes it mandatory for you to save a startup key on a removable device, such as a USB flash drive. +For BitLocker to use the system integrity check provided by a TPM, the computer must have TPM 1.2 or later versions. If your computer does not have a TPM, enabling BitLocker makes it mandatory for you to save a startup key on a removable device, such as a USB flash drive. A computer with a TPM must also have a Trusted Computing Group (TCG)-compliant BIOS or UEFI firmware. The BIOS or UEFI firmware establishes a chain of trust for the pre-operating system startup, and it must include support for TCG-specified Static Root of Trust Measurement. A computer without a TPM does not require TCG-compliant firmware. @@ -70,8 +70,8 @@ The system BIOS or UEFI firmware (for TPM and non-TPM computers) must support th The hard disk must be partitioned with at least two drives: -- The operating system drive (or boot drive) contains the operating system and its support files. It must be formatted with the NTFS file system. -- The system drive contains the files that are needed to load Windows after the firmware has prepared the system hardware. BitLocker is not enabled on this drive. For BitLocker to work, the system drive must not be encrypted, must differ from the operating system drive, and must be formatted with the FAT32 file system on computers that use UEFI-based firmware or with the NTFS file system on computers that use BIOS firmware. We recommend that system drive be approximately 350 MB in size. After BitLocker is turned on, it should have approximately 250 MB of free space. +- The operating system drive (or boot drive) contains the operating system and its support files. It must be formatted with the NTFS file system. +- The system drive contains the files that are needed to load Windows after the firmware has prepared the system hardware. BitLocker is not enabled on this drive. For BitLocker to work, the system drive must not be encrypted, must differ from the operating system drive, and must be formatted with the FAT32 file system on computers that use UEFI-based firmware or with the NTFS file system on computers that use BIOS firmware. We recommend that system drive be approximately 350 MB in size. After BitLocker is turned on, it should have approximately 250 MB of free space. When installed on a new computer, Windows automatically creates the partitions that are required for BitLocker. @@ -95,7 +95,7 @@ When installing the BitLocker optional component on a server, you will also need | [BitLocker Group Policy settings](bitlocker-group-policy-settings.md) | This topic describes the function, location, and effect of each group policy setting that is used to manage BitLocker. | | [BCD settings and BitLocker](bcd-settings-and-bitlocker.md) | This topic describes the BCD settings that are used by BitLocker.| | [BitLocker Recovery Guide](bitlocker-recovery-guide-plan.md)| This topic describes how to recover BitLocker keys from AD DS. | -| [Protect BitLocker from pre-boot attacks](./bitlocker-countermeasures.md)| This detailed guide helps you understand the circumstances under which the use of pre-boot authentication is recommended for devices running Windows 10, Windows 8.1, Windows 8, or Windows 7; and when it can be safely omitted from a device’s configuration. | +| [Protect BitLocker from pre-boot attacks](./bitlocker-countermeasures.md)| This detailed guide helps you understand the circumstances under which the use of pre-boot authentication is recommended for devices running Windows 10, Windows 8.1, Windows 8, or Windows 7; and when it can be safely omitted from a device's configuration. | | [Troubleshoot BitLocker](troubleshoot-bitlocker.md) | This guide describes the resources that can help you troubleshoot BitLocker issues, and provides solutions for several common BitLocker issues. | | [Protecting cluster shared volumes and storage area networks with BitLocker](protecting-cluster-shared-volumes-and-storage-area-networks-with-bitlocker.md)| This topic describes how to protect CSVs and SANs with BitLocker.| | [Enabling Secure Boot and BitLocker Device Encryption on Windows IoT Core](/windows/iot-core/secure-your-device/SecureBootAndBitLocker) | This topic describes how to use BitLocker with Windows IoT Core | diff --git a/windows/security/information-protection/bitlocker/bitlocker-recovery-guide-plan.md b/windows/security/information-protection/bitlocker/bitlocker-recovery-guide-plan.md index 390b943e87..c909d61880 100644 --- a/windows/security/information-protection/bitlocker/bitlocker-recovery-guide-plan.md +++ b/windows/security/information-protection/bitlocker/bitlocker-recovery-guide-plan.md @@ -1,6 +1,6 @@ --- title: BitLocker recovery guide -description: This article for IT professionals describes how to recover BitLocker keys from Active Directory Domain Services (AD DS). +description: This article for IT professionals describes how to recover BitLocker keys from Active Directory Domain Services (AD DS). ms.prod: windows-client ms.technology: itpro-security ms.localizationpriority: medium @@ -12,7 +12,7 @@ ms.collection: - M365-security-compliance - highpri ms.topic: conceptual -ms.date: 02/28/2019 +ms.date: 11/08/2022 ms.custom: bitlocker --- @@ -26,20 +26,20 @@ ms.custom: bitlocker This article describes how to recover BitLocker keys from AD DS. -Organizations can use BitLocker recovery information saved in Active Directory Domain Services (AD DS) to access BitLocker-protected data. It's recommended to create a recovery model for BitLocker while you are planning your BitLocker deployment. +Organizations can use BitLocker recovery information saved in Active Directory Domain Services (AD DS) to access BitLocker-protected data. It's recommended to create a recovery model for BitLocker while you are planning your BitLocker deployment. -This article assumes that you understand how to set up AD DS to back up BitLocker recovery information automatically, and what types of recovery information are saved to AD DS. +This article assumes that you understand how to set up AD DS to back up BitLocker recovery information automatically, and what types of recovery information are saved to AD DS. -This article does not detail how to configure AD DS to store the BitLocker recovery information. +This article does not detail how to configure AD DS to store the BitLocker recovery information. ## What is BitLocker recovery? BitLocker recovery is the process by which you can restore access to a BitLocker-protected drive in the event that you cannot unlock the drive normally. In a recovery scenario, you have the following options to restore access to the drive: -- **The user can supply the recovery password.** If your organization allows users to print or store recovery passwords, the users can type in the 48-digit recovery password that they printed or stored on a USB drive or with your Microsoft account online. (Saving a recovery password with your Microsoft account online is only allowed when BitLocker is used on a PC that is not a member of a domain). -- **Data recovery agents can use their credentials to unlock the drive.** If the drive is an operating system drive, the drive must be mounted as a data drive on another computer for the data recovery agent to unlock it. -- **A domain administrator can obtain the recovery password from AD DS and use it to unlock the drive.** Storing recovery passwords in AD DS is recommended to provide a way for IT professionals to be able to obtain recovery passwords for drives in their organization if needed. This method makes it mandatory for you to enable this recovery method in the BitLocker group policy setting **Choose how BitLocker-protected operating system drives can be recovered** located at **Computer Configuration\\Administrative Templates\\Windows Components\\BitLocker Drive Encryption\\Operating System Drives** in the Local Group Policy Editor. For more information, see [BitLocker Group Policy settings](bitlocker-group-policy-settings.md). +- **The user can supply the recovery password.** If your organization allows users to print or store recovery passwords, the users can type in the 48-digit recovery password that they printed or stored on a USB drive or with your Microsoft account online. (Saving a recovery password with your Microsoft account online is only allowed when BitLocker is used on a PC that is not a member of a domain). +- **Data recovery agents can use their credentials to unlock the drive.** If the drive is an operating system drive, the drive must be mounted as a data drive on another computer for the data recovery agent to unlock it. +- **A domain administrator can obtain the recovery password from AD DS and use it to unlock the drive.** Storing recovery passwords in AD DS is recommended to provide a way for IT professionals to be able to obtain recovery passwords for drives in their organization if needed. This method makes it mandatory for you to enable this recovery method in the BitLocker group policy setting **Choose how BitLocker-protected operating system drives can be recovered** located at **Computer Configuration\\Administrative Templates\\Windows Components\\BitLocker Drive Encryption\\Operating System Drives** in the Local Group Policy Editor. For more information, see [BitLocker Group Policy settings](bitlocker-group-policy-settings.md). ### What causes BitLocker recovery? @@ -106,15 +106,15 @@ Before you create a thorough BitLocker recovery process, we recommend that you t 1. Select the **Start** button, type **cmd** in the **Start Search** box, and select and hold **cmd.exe**, and then select **Run as administrator**. 2. At the command prompt, type the following command and then press **ENTER**: - `manage-bde -forcerecovery ` + `manage-bde.exe -forcerecovery ` **To force recovery for a remote computer:** -1. On the Start screen, type **cmd.exe**, and then select **Run as administrator**. +1. On the Start screen, type **cmd.exe**, and then select **Run as administrator**. 2. At the command prompt, type the following command and then press **ENTER**: - `manage-bde -ComputerName -forcerecovery ` + `manage-bde.exe -ComputerName -forcerecovery ` > [!NOTE] > Recovery triggered by `-forcerecovery` persists for multiple restarts until a TPM protector is added or protection is suspended by the user. When using Modern Standby devices (such as Surface devices), the `-forcerecovery` option is not recommended because BitLocker will have to be unlocked and disabled manually from the WinRE environment before the OS can boot up again. For more information, see [BitLocker Troubleshooting: Continuous reboot loop with BitLocker recovery on a slate device](https://social.technet.microsoft.com/wiki/contents/articles/18671.bitlocker-troubleshooting-continuous-reboot-loop-with-bitlocker-recovery-on-a-slate-device.aspx). @@ -124,7 +124,7 @@ Before you create a thorough BitLocker recovery process, we recommend that you t When planning the BitLocker recovery process, first consult your organization's current best practices for recovering sensitive information. For example: How does your enterprise handle lost Windows passwords? How does your organization perform smart card PIN resets? You can use these best practices and related resources (people and tools) to help formulate a BitLocker recovery model. -Organizations that rely on BitLocker Drive Encryption and BitLocker To Go to protect data on a large number of computers and removable drives running the Windows 11, Windows 10, Windows 8, or Windows 7 operating systems and Windows to Go should consider using the Microsoft BitLocker Administration and Monitoring (MBAM) Tool version 2.0, which is included in the Microsoft Desktop Optimization Pack (MDOP) for Microsoft Software Assurance. MBAM makes BitLocker implementations easier to deploy and manage and allows administrators to provision and monitor encryption for operating system and fixed drives. MBAM prompts the user before encrypting fixed drives. MBAM also manages recovery keys for fixed and removable drives, making recovery easier to manage. MBAM can be used as part of a Microsoft System Center deployment or as a stand-alone solution. For more info, see [Microsoft BitLocker Administration and Monitoring](/microsoft-desktop-optimization-pack/mbam-v25/). +Organizations that rely on BitLocker Drive Encryption and BitLocker To Go to protect data on a large number of computers and removable drives running the Windows 11, Windows 10, Windows 8, or Windows 7 operating systems and Windows to Go should consider using the Microsoft BitLocker Administration and Monitoring (MBAM) Tool version 2.0, which is included in the Microsoft Desktop Optimization Pack (MDOP) for Microsoft Software Assurance. MBAM makes BitLocker implementations easier to deploy and manage and allows administrators to provision and monitor encryption for operating system and fixed drives. MBAM prompts the user before encrypting fixed drives. MBAM also manages recovery keys for fixed and removable drives, making recovery easier to manage. MBAM can be used as part of a Microsoft System Center deployment or as a stand-alone solution. For more info, see [Microsoft BitLocker Administration and Monitoring](/microsoft-desktop-optimization-pack/mbam-v25/). After a BitLocker recovery has been initiated, users can use a recovery password to unlock access to encrypted data. Consider both self-recovery and recovery password retrieval methods for your organization. @@ -148,11 +148,11 @@ In some cases, users might have the recovery password in a printout or a USB fla If the user does not have a recovery password in a printout or on a USB flash drive, the user will need to be able to retrieve the recovery password from an online source. If the PC is a member of a domain, the recovery password can be backed up to AD DS. However, this does not happen by default; you must have configured the appropriate group policy settings before BitLocker was enabled on the PC. BitLocker group policy settings can be found in the Local Group Policy Editor or the Group Policy Management Console (GPMC) under **Computer Configuration\\Administrative Templates\\Windows Components\\BitLocker Drive Encryption**. The following policy settings define the recovery methods that can be used to restore access to a BitLocker-protected drive if an authentication method fails or is unable to be used. -- **Choose how BitLocker-protected operating system drives can be recovered** -- **Choose how BitLocker-protected fixed drives can be recovered** -- **Choose how BitLocker-protected removable drives can be recovered** -In each of these policies, select **Save BitLocker recovery information to Active Directory Domain Services** and then choose which BitLocker recovery information to store in AD DS. Check the **Do not enable BitLocker until recovery information is stored in AD -DS** check box if you want to prevent users from enabling BitLocker unless the computer is connected to the domain and the backup of BitLocker recovery information for the drive to AD DS succeeds. +- **Choose how BitLocker-protected operating system drives can be recovered** +- **Choose how BitLocker-protected fixed drives can be recovered** +- **Choose how BitLocker-protected removable drives can be recovered** +In each of these policies, select **Save BitLocker recovery information to Active Directory Domain Services** and then choose which BitLocker recovery information to store in AD DS. Check the **Do not enable BitLocker until recovery information is stored in AD +DS** check box if you want to prevent users from enabling BitLocker unless the computer is connected to the domain and the backup of BitLocker recovery information for the drive to AD DS succeeds. > [!NOTE] > If the PCs are part of a workgroup, users are advised to save their BitLocker recovery password with their Microsoft account online. Having an online copy of your BitLocker recovery password is recommended to help ensure that you do not lose access to your data in the event of a recovery being required. @@ -163,32 +163,32 @@ You can use the following list as a template for creating your own recovery proc - [Record the name of the user's computer](#bkmk-recordcomputername) - [Verify the user's identity](#bkmk-verifyidentity) -- [Locate the recovery password in AD DS](#bkmk-locatepassword) +- [Locate the recovery password in AD DS](#bkmk-locatepassword) - [Gather information to determine why recovery occurred](#bkmk-gatherinfo) - [Give the user the recovery password](#bkmk-givepassword) ### Record the name of the user's computer -You can use the name of the user's computer to locate the recovery password in AD DS. If the user does not know the name of the computer, ask the user to read the first word of the **Drive Label** in the **BitLocker Drive Encryption Password Entry** user interface. This is the computer name when BitLocker was enabled and is probably the current name of the computer. +You can use the name of the user's computer to locate the recovery password in AD DS. If the user does not know the name of the computer, ask the user to read the first word of the **Drive Label** in the **BitLocker Drive Encryption Password Entry** user interface. This is the computer name when BitLocker was enabled and is probably the current name of the computer. ### Verify the user's identity You should verify whether the person who is asking for the recovery password is truly the authorized user of that computer. You may also wish to verify whether the computer for which the user provided the name belongs to the user. -### Locate the recovery password in AD DS +### Locate the recovery password in AD DS -Locate the computer object with the matching name in AD DS. Because computer object names are listed in the AD DS global catalog, you should be able to locate the object even if you have a multi-domain forest. +Locate the computer object with the matching name in AD DS. Because computer object names are listed in the AD DS global catalog, you should be able to locate the object even if you have a multi-domain forest. ### Multiple recovery passwords -If multiple recovery passwords are stored under a computer object in AD DS, the name of the BitLocker recovery information object includes the date on which the password was created. +If multiple recovery passwords are stored under a computer object in AD DS, the name of the BitLocker recovery information object includes the date on which the password was created. If at any time you are unsure about the password to be provided, or if you think you might be providing the incorrect password, ask the user to read the 8-character password ID that is displayed in the recovery console. -Since the password ID is a unique value that is associated with each recovery password stored in AD DS, running a query using this ID finds the correct password to unlock the encrypted volume. +Since the password ID is a unique value that is associated with each recovery password stored in AD DS, running a query using this ID finds the correct password to unlock the encrypted volume. ### Gather information to determine why recovery occurred @@ -272,7 +272,7 @@ This error occurs if you updated the firmware. As a best practice, you should su ## Windows RE and BitLocker Device Encryption -Windows Recovery Environment (RE) can be used to recover access to a drive protected by [BitLocker Device Encryption](bitlocker-device-encryption-overview-windows-10.md). If a PC is unable to boot after two failures, Startup Repair automatically starts. When Startup Repair is launched automatically due to boot failures, it executes only operating system and driver file repairs, provided that the boot logs or any available crash dump points to a specific corrupted file. In Windows 8.1 and later versions, devices that include firmware to support specific TPM measurements for PCR\[7\] **the TPM** can validate that Windows RE is a trusted operating environment and unlock any BitLocker-protected drives if Windows RE has not been modified. If the Windows RE environment has been modified, for example, the TPM has been disabled, the drives stay locked until the BitLocker recovery key is provided. If Startup Repair is not able to be run automatically from the PC and instead, Windows RE is manually started from a repair disk, the BitLocker recovery key must be provided to unlock the BitLocker–protected drives. +Windows Recovery Environment (RE) can be used to recover access to a drive protected by [BitLocker Device Encryption](bitlocker-device-encryption-overview-windows-10.md). If a PC is unable to boot after two failures, Startup Repair automatically starts. When Startup Repair is launched automatically due to boot failures, it executes only operating system and driver file repairs, provided that the boot logs or any available crash dump points to a specific corrupted file. In Windows 8.1 and later versions, devices that include firmware to support specific TPM measurements for PCR\[7\] **the TPM** can validate that Windows RE is a trusted operating environment and unlock any BitLocker-protected drives if Windows RE has not been modified. If the Windows RE environment has been modified, for example, the TPM has been disabled, the drives stay locked until the BitLocker recovery key is provided. If Startup Repair is not able to be run automatically from the PC and instead, Windows RE is manually started from a repair disk, the BitLocker recovery key must be provided to unlock the BitLocker-protected drives. Windows RE will also ask for your BitLocker recovery key when you start a "Remove everything" reset from Windows RE on a device that uses the "TPM + PIN" or "Password for OS drive" protector. If you start BitLocker recovery on a keyboardless device with TPM-only protection, Windows RE, not the boot manager, will ask for the BitLocker recovery key. After you enter the key, you can access Windows RE troubleshooting tools or start Windows normally. @@ -290,7 +290,7 @@ During BitLocker recovery, Windows displays a custom recovery message and a few ### Custom recovery message -BitLocker Group Policy settings in Windows 10, version 1511, or Windows 11, let you configure a custom recovery message and URL on the BitLocker recovery screen, which can include the address of the BitLocker self-service recovery portal, the IT internal website, or a phone number for support. +BitLocker Group Policy settings in Windows 10, version 1511, or Windows 11, let you configure a custom recovery message and URL on the BitLocker recovery screen, which can include the address of the BitLocker self-service recovery portal, the IT internal website, or a phone number for support. This policy can be configured using GPO under **Computer Configuration** > **Administrative Templates** > **Windows Components** > **BitLocker Drive Encryption** > **Operating System Drives** > **Configure pre-boot recovery message and URL**. @@ -306,7 +306,7 @@ Example of customized recovery screen: ### BitLocker recovery key hints -BitLocker metadata has been enhanced in Windows 10, version 1903 or Windows 11 to include information about when and where the BitLocker recovery key was backed up. This information is not exposed through the UI or any public API. It is used solely by the BitLocker recovery screen in the form of hints to help a user locate a volume's recovery key. Hints are displayed on the recovery screen and refer to the location where the key has been saved. Hints are displayed on both the modern (blue) and legacy (black) recovery screen. This applies to both the boot manager recovery screen and the WinRE unlock screen. +BitLocker metadata has been enhanced in Windows 10, version 1903 or Windows 11 to include information about when and where the BitLocker recovery key was backed up. This information is not exposed through the UI or any public API. It is used solely by the BitLocker recovery screen in the form of hints to help a user locate a volume's recovery key. Hints are displayed on the recovery screen and refer to the location where the key has been saved. Hints are displayed on both the modern (blue) and legacy (black) recovery screen. This applies to both the boot manager recovery screen and the WinRE unlock screen. ![Customized BitLocker recovery screen.](./images/bl-password-hint2.png) @@ -320,9 +320,9 @@ There are rules governing which hint is shown during the recovery (in the order 3. If multiple recovery keys exist on the volume, prioritize the last-created (and successfully backed up) recovery key. 4. Prioritize keys with successful backup over keys that have never been backed up. 5. Prioritize backup hints in the following order for remote backup locations: **Microsoft Account > Azure AD > Active Directory**. -6. If a key has been printed and saved to file, display a combined hint, “Look for a printout or a text file with the key,” instead of two separate hints. +6. If a key has been printed and saved to file, display a combined hint, "Look for a printout or a text file with the key," instead of two separate hints. 7. If multiple backups of the same type (remove vs. local) have been performed for the same recovery key, prioritize backup info with latest backed-up date. -8. There is no specific hint for keys saved to an on-premises Active Directory. In this case, a custom message (if configured) or a generic message, “Contact your organization’s help desk,” is displayed. +8. There is no specific hint for keys saved to an on-premises Active Directory. In this case, a custom message (if configured) or a generic message, "Contact your organization's help desk," is displayed. 9. If two recovery keys are present on the disk, but only one has been successfully backed up, the system asks for a key that has been backed up, even if another key is newer. @@ -460,22 +460,22 @@ You can reset the recovery password in two ways: 1. Remove the previous recovery password. ```powershell - Manage-bde –protectors –delete C: –type RecoveryPassword + Manage-bde -protectors -delete C: -type RecoveryPassword ``` 2. Add the new recovery password. ```powershell - Manage-bde –protectors –add C: -RecoveryPassword + Manage-bde -protectors -add C: -RecoveryPassword ``` 3. Get the ID of the new recovery password. From the screen, copy the ID of the recovery password. ```powershell - Manage-bde –protectors –get C: -Type RecoveryPassword + Manage-bde -protectors -get C: -Type RecoveryPassword ``` 4. Back up the new recovery password to AD DS. ```powershell - Manage-bde –protectors –adbackup C: -id {EXAMPLE6-5507-4924-AA9E-AFB2EB003692} + Manage-bde -protectors -adbackup C: -id {EXAMPLE6-5507-4924-AA9E-AFB2EB003692} ``` > [!WARNING] @@ -572,10 +572,10 @@ WScript.Echo "A new recovery password has been added. Old passwords have been re You can use two methods to retrieve the key package, as described in [Using Additional Recovery Information](#bkmk-usingaddrecovery): -- **Export a previously saved key package from AD DS.** You must have Read access to BitLocker recovery passwords that are stored in AD DS. +- **Export a previously saved key package from AD DS.** You must have Read access to BitLocker recovery passwords that are stored in AD DS. - **Export a new key package from an unlocked, BitLocker-protected volume.** You must have local administrator access to the working volume, before any damage has occurred. -The following sample script exports all previously saved key packages from AD DS. +The following sample script exports all previously saved key packages from AD DS. **To run the sample key package retrieval script:** @@ -584,7 +584,7 @@ The following sample script exports all previously saved key packages from AD D **cscript GetBitLockerKeyPackageADDS.vbs -?** -You can use the following sample script to create a VBScript file to retrieve the BitLocker key package from AD DS: +You can use the following sample script to create a VBScript file to retrieve the BitLocker key package from AD DS: ```vb ' -------------------------------------------------------------------------------- diff --git a/windows/security/information-protection/bitlocker/bitlocker-recovery-loop-break.md b/windows/security/information-protection/bitlocker/bitlocker-recovery-loop-break.md index 62c8fe56d0..3f8b33e5b1 100644 --- a/windows/security/information-protection/bitlocker/bitlocker-recovery-loop-break.md +++ b/windows/security/information-protection/bitlocker/bitlocker-recovery-loop-break.md @@ -3,14 +3,14 @@ title: Breaking out of a BitLocker recovery loop description: This article for IT professionals describes how to break out of a BitLocker recovery loop. ms.prod: windows-client ms.localizationpriority: medium -author: aczechowski -ms.author: aaroncz +author: frankroj +ms.author: frankroj manager: aaroncz ms.collection: - M365-security-compliance - highpri ms.topic: conceptual -ms.date: 10/28/2019 +ms.date: 11/08/2022 ms.custom: bitlocker --- diff --git a/windows/security/information-protection/bitlocker/bitlocker-security-faq.yml b/windows/security/information-protection/bitlocker/bitlocker-security-faq.yml index 465a4c3d6d..30a406b1d2 100644 --- a/windows/security/information-protection/bitlocker/bitlocker-security-faq.yml +++ b/windows/security/information-protection/bitlocker/bitlocker-security-faq.yml @@ -20,7 +20,7 @@ metadata: title: BitLocker Security FAQ summary: | **Applies to** - - Windows 10 + - Windows 10 @@ -35,7 +35,7 @@ sections: - question: | What is the best practice for using BitLocker on an operating system drive? answer: | - The recommended practice for BitLocker configuration on an operating system drive is to implement BitLocker on a computer with a TPM version 1.2 or higher, and a Trusted Computing Group (TCG)-compliant BIOS or UEFI firmware implementation, along with a PIN. By requiring a PIN that was set by the user in addition to the TPM validation, a malicious user that has physical access to the computer cannot simply start the computer. + The recommended practice for BitLocker configuration on an operating system drive is to implement BitLocker on a computer with a TPM version 1.2 or higher, and a Trusted Computing Group (TCG)-compliant BIOS or UEFI firmware implementation, along with a PIN. By requiring a PIN that was set by the user in addition to the TPM validation, a malicious user that has physical access to the computer cannot simply start the computer. - question: | What are the implications of using the sleep or hibernate power management options? diff --git a/windows/security/information-protection/bitlocker/bitlocker-to-go-faq.yml b/windows/security/information-protection/bitlocker/bitlocker-to-go-faq.yml index e318b5ed29..07a4939071 100644 --- a/windows/security/information-protection/bitlocker/bitlocker-to-go-faq.yml +++ b/windows/security/information-protection/bitlocker/bitlocker-to-go-faq.yml @@ -20,7 +20,7 @@ metadata: title: BitLocker To Go FAQ summary: | **Applies to** - - Windows 10 + - Windows 10 sections: diff --git a/windows/security/information-protection/bitlocker/bitlocker-upgrading-faq.yml b/windows/security/information-protection/bitlocker/bitlocker-upgrading-faq.yml index 40fdb23d9d..393ca5e94b 100644 --- a/windows/security/information-protection/bitlocker/bitlocker-upgrading-faq.yml +++ b/windows/security/information-protection/bitlocker/bitlocker-upgrading-faq.yml @@ -19,14 +19,14 @@ metadata: title: BitLocker Upgrading FAQ summary: | **Applies to** - - Windows 10 + - Windows 10 sections: - name: Ignored questions: - question: | - Can I upgrade to Windows 10 with BitLocker enabled? + Can I upgrade to Windows 10 with BitLocker enabled? answer: | Yes. @@ -43,7 +43,7 @@ sections: No user action is required for BitLocker in order to apply updates from Microsoft, including [Windows quality updates and feature updates](/windows/deployment/update/waas-quick-start). Users need to suspend BitLocker for Non-Microsoft software updates, such as: - - Some TPM firmware updates if these updates clear the TPM outside of the Windows API. Not every TPM firmware update will clear the TPM and this happens if a known vulnerability has been discovered in the TPM firmware. Users don’t have to suspend BitLocker if the TPM firmware update uses Windows API to clear the TPM because in this case, BitLocker will be automatically suspended. We recommend users testing their TPM firmware updates if they don’t want to suspend BitLocker protection. + - Some TPM firmware updates if these updates clear the TPM outside of the Windows API. Not every TPM firmware update will clear the TPM and this happens if a known vulnerability has been discovered in the TPM firmware. Users don't have to suspend BitLocker if the TPM firmware update uses Windows API to clear the TPM because in this case, BitLocker will be automatically suspended. We recommend users testing their TPM firmware updates if they don't want to suspend BitLocker protection. - Non-Microsoft application updates that modify the UEFI\BIOS configuration. - Manual or third-party updates to secure boot databases (only if BitLocker uses Secure Boot for integrity validation). - Updates to UEFI\BIOS firmware, installation of additional UEFI drivers, or UEFI applications without using the Windows update mechanism (only if you update and BitLocker does not use Secure Boot for integrity validation). diff --git a/windows/security/information-protection/bitlocker/bitlocker-use-bitlocker-drive-encryption-tools-to-manage-bitlocker.md b/windows/security/information-protection/bitlocker/bitlocker-use-bitlocker-drive-encryption-tools-to-manage-bitlocker.md index c276611731..a4efea9d0e 100644 --- a/windows/security/information-protection/bitlocker/bitlocker-use-bitlocker-drive-encryption-tools-to-manage-bitlocker.md +++ b/windows/security/information-protection/bitlocker/bitlocker-use-bitlocker-drive-encryption-tools-to-manage-bitlocker.md @@ -4,14 +4,14 @@ description: This article for the IT professional describes how to use tools to ms.reviewer: ms.prod: windows-client ms.localizationpriority: medium -author: dansimp -ms.author: dansimp +author: frankroj +ms.author: frankroj manager: aaroncz ms.collection: - M365-security-compliance - highpri ms.topic: conceptual -ms.date: 02/28/2019 +ms.date: 11/08/2022 ms.custom: bitlocker --- @@ -39,11 +39,11 @@ Repair-bde is a special circumstance tool that is provided for disaster recovery Manage-bde is a command-line tool that can be used for scripting BitLocker operations. Manage-bde offers additional options not displayed in the BitLocker control panel. For a complete list of the manage-bde options, see the [Manage-bde](/previous-versions/windows/it-pro/windows-server-2012-R2-and-2012/ff829849(v=ws.11)) command-line reference. -Manage-bde includes fewer default settings and requires greater customization for configuring BitLocker. For example, using just the `manage-bde -on` command on a data volume will fully encrypt the volume without any authenticating protectors. A volume encrypted in this manner still requires user interaction to turn on BitLocker protection, even though the command successfully completed because an authentication method needs to be added to the volume for it to be fully protected. The following sections provide examples of common usage scenarios for manage-bde. +Manage-bde includes fewer default settings and requires greater customization for configuring BitLocker. For example, using just the `manage-bde.exe -on` command on a data volume will fully encrypt the volume without any authenticating protectors. A volume encrypted in this manner still requires user interaction to turn on BitLocker protection, even though the command successfully completed because an authentication method needs to be added to the volume for it to be fully protected. The following sections provide examples of common usage scenarios for manage-bde. ### Using manage-bde with operating system volumes -Listed below are examples of basic valid commands for operating system volumes. In general, using only the `manage-bde -on ` command will encrypt the operating system volume with a TPM-only protector and no recovery key. However, many environments require more secure protectors such as passwords or PIN and expect to be able to recover information with a recovery key. We recommend that you add at least one primary protector and a recovery protector to an operating system volume. +Listed below are examples of basic valid commands for operating system volumes. In general, using only the `manage-bde.exe -on ` command will encrypt the operating system volume with a TPM-only protector and no recovery key. However, many environments require more secure protectors such as passwords or PIN and expect to be able to recover information with a recovery key. We recommend that you add at least one primary protector and a recovery protector to an operating system volume. A good practice when using manage-bde is to determine the volume status on the target system. Use the following command to determine volume status: @@ -58,7 +58,7 @@ This command returns the volumes on the target, current encryption status, encry The following example illustrates enabling BitLocker on a computer without a TPM chip. Before beginning the encryption process, you must create the startup key needed for BitLocker and save it to the USB drive. When BitLocker is enabled for the operating system volume, the BitLocker will need to access the USB flash drive to obtain the encryption key (in this example, the drive letter E represents the USB drive). You will be prompted to reboot to complete the encryption process. ```powershell -manage-bde –protectors -add C: -startupkey E: +manage-bde -protectors -add C: -startupkey E: manage-bde -on C: ``` @@ -86,7 +86,7 @@ This command encrypts the drive using the TPM as the default protector. If you a ``` ### Using manage-bde with data volumes -Data volumes use the same syntax for encryption as operating system volumes but they do not require protectors for the operation to complete. Encrypting data volumes can be done using the base command: `manage-bde -on ` or you can choose to add additional protectors to the volume first. We recommend that you add at least one primary protector and a recovery protector to a data volume. +Data volumes use the same syntax for encryption as operating system volumes but they do not require protectors for the operation to complete. Encrypting data volumes can be done using the base command: `manage-bde.exe -on ` or you can choose to add additional protectors to the volume first. We recommend that you add at least one primary protector and a recovery protector to a data volume. A common protector for a data volume is the password protector. In the example below, we add a password protector to the volume and turn on BitLocker. @@ -99,10 +99,10 @@ manage-bde -on C: You may experience a problem that damages an area of a hard disk on which BitLocker stores critical information. This kind of problem may be caused by a hard disk failure or if Windows exits unexpectedly. -The BitLocker Repair Tool (Repair-bde) can be used to access encrypted data on a severely damaged hard disk if the drive was encrypted by using BitLocker. Repair-bde can reconstruct critical parts of the drive and salvage recoverable data as long as a valid recovery password or recovery key is used to decrypt the data. If the BitLocker metadata data on the drive has become corrupt, you must be able to supply a backup key package in addition to the recovery password or recovery key. This key package is backed up in Active Directory Domain Services (AD DS) if you used the default setting for AD DS backup. With this key package and either the recovery password or recovery key, you can decrypt portions of a BitLocker-protected drive if the disk is corrupted. Each key package will work only for a drive that has the corresponding drive identifier. You can use the BitLocker Recovery Password Viewer to obtain this key package from AD DS. +The BitLocker Repair Tool (Repair-bde) can be used to access encrypted data on a severely damaged hard disk if the drive was encrypted by using BitLocker. Repair-bde can reconstruct critical parts of the drive and salvage recoverable data as long as a valid recovery password or recovery key is used to decrypt the data. If the BitLocker metadata data on the drive has become corrupt, you must be able to supply a backup key package in addition to the recovery password or recovery key. This key package is backed up in Active Directory Domain Services (AD DS) if you used the default setting for AD DS backup. With this key package and either the recovery password or recovery key, you can decrypt portions of a BitLocker-protected drive if the disk is corrupted. Each key package will work only for a drive that has the corresponding drive identifier. You can use the BitLocker Recovery Password Viewer to obtain this key package from AD DS. > [!TIP] -> If you are not backing up recovery information to AD DS or if you want to save key packages alternatively, you can use the command `manage-bde -KeyPackage` to generate a key package for a volume. +> If you are not backing up recovery information to AD DS or if you want to save key packages alternatively, you can use the command `manage-bde.exe -KeyPackage` to generate a key package for a volume. The Repair-bde command-line tool is intended for use when the operating system does not start or when you cannot start the BitLocker Recovery Console. Use Repair-bde if the following conditions are true: @@ -111,12 +111,12 @@ The Repair-bde command-line tool is intended for use when the operating system d - You do not have a copy of the data that is contained on the encrypted drive. > [!NOTE] -> Damage to the drive may not be related to BitLocker. Therefore, we recommend that you try other tools to help diagnose and resolve the problem with the drive before you use the BitLocker Repair Tool. The Windows Recovery Environment (Windows RE) provides additional options to repair computers. +> Damage to the drive may not be related to BitLocker. Therefore, we recommend that you try other tools to help diagnose and resolve the problem with the drive before you use the BitLocker Repair Tool. The Windows Recovery Environment (Windows RE) provides additional options to repair computers. The following limitations exist for Repair-bde: -- The Repair-bde command-line tool cannot repair a drive that failed during the encryption or decryption process. -- The Repair-bde command-line tool assumes that if the drive has any encryption, then the drive has been fully encrypted. +- The Repair-bde command-line tool cannot repair a drive that failed during the encryption or decryption process. +- The Repair-bde command-line tool assumes that if the drive has any encryption, then the drive has been fully encrypted. For more information about using repair-bde, see [Repair-bde](/previous-versions/windows/it-pro/windows-server-2012-R2-and-2012/ff829851(v=ws.11)). diff --git a/windows/security/information-protection/bitlocker/bitlocker-use-bitlocker-recovery-password-viewer.md b/windows/security/information-protection/bitlocker/bitlocker-use-bitlocker-recovery-password-viewer.md index 56d645428f..7cb185eb33 100644 --- a/windows/security/information-protection/bitlocker/bitlocker-use-bitlocker-recovery-password-viewer.md +++ b/windows/security/information-protection/bitlocker/bitlocker-use-bitlocker-recovery-password-viewer.md @@ -4,14 +4,14 @@ description: This topic for the IT professional describes how to use the BitLock ms.reviewer: ms.prod: windows-client ms.localizationpriority: medium -author: dansimp -ms.author: dansimp +author: frankroj +ms.author: frankroj manager: aaroncz ms.collection: - M365-security-compliance - highpri ms.topic: conceptual -ms.date: 02/28/2019 +ms.date: 11/08/2022 ms.custom: bitlocker --- @@ -31,9 +31,9 @@ The BitLocker Recovery Password Viewer tool is an optional tool included with th To complete the procedures in this scenario: -- You must have domain administrator credentials. -- Your test computers must be joined to the domain. -- On the domain-joined test computers, BitLocker must have been turned on. +- You must have domain administrator credentials. +- Your test computers must be joined to the domain. +- On the domain-joined test computers, BitLocker must have been turned on. The following procedures describe the most common tasks performed by using the BitLocker Recovery Password Viewer. @@ -62,5 +62,5 @@ By completing the procedures in this scenario, you have viewed and copied the re - [Prepare your organization for BitLocker: Planning and policies](prepare-your-organization-for-bitlocker-planning-and-policies.md) - [BitLocker: How to deploy on Windows Server 2012](bitlocker-how-to-deploy-on-windows-server.md) - [BitLocker: Use BitLocker Drive Encryption Tools to manage BitLocker](bitlocker-use-bitlocker-drive-encryption-tools-to-manage-bitlocker.md) -  -  + + diff --git a/windows/security/information-protection/bitlocker/bitlocker-using-with-other-programs-faq.yml b/windows/security/information-protection/bitlocker/bitlocker-using-with-other-programs-faq.yml index bb221372e1..9bd65aada2 100644 --- a/windows/security/information-protection/bitlocker/bitlocker-using-with-other-programs-faq.yml +++ b/windows/security/information-protection/bitlocker/bitlocker-using-with-other-programs-faq.yml @@ -20,7 +20,7 @@ metadata: title: Using BitLocker with other programs FAQ summary: | **Applies to** - - Windows 10 + - Windows 10 sections: @@ -61,18 +61,18 @@ sections: answer: | The system check is designed to ensure your computer's BIOS or UEFI firmware is compatible with BitLocker and that the TPM is working correctly. The system check can fail for several reasons: - - The computer's BIOS or UEFI firmware cannot read USB flash drives. - - The computer's BIOS, uEFI firmware, or boot menu does not have reading USB flash drives enabled. - - There are multiple USB flash drives inserted into the computer. - - The PIN was not entered correctly. - - The computer's BIOS or UEFI firmware only supports using the function keys (F1–F10) to enter numerals in the pre-boot environment. - - The startup key was removed before the computer finished rebooting. - - The TPM has malfunctioned and fails to unseal the keys. + - The computer's BIOS or UEFI firmware cannot read USB flash drives. + - The computer's BIOS, uEFI firmware, or boot menu does not have reading USB flash drives enabled. + - There are multiple USB flash drives inserted into the computer. + - The PIN was not entered correctly. + - The computer's BIOS or UEFI firmware only supports using the function keys (F1-F10) to enter numerals in the pre-boot environment. + - The startup key was removed before the computer finished rebooting. + - The TPM has malfunctioned and fails to unseal the keys. - question: | What can I do if the recovery key on my USB flash drive cannot be read? answer: | - Some computers cannot read USB flash drives in the pre-boot environment. First, check your BIOS or UEFI firmware and boot settings to ensure that the use of USB drives is enabled. If it is not enabled, enable the use of USB drives in the BIOS or UEFI firmware and boot settings and then try to read the recovery key from the USB flash drive again. If it still cannot be read, you will have to mount the hard drive as a data drive on another computer so that there is an operating system to attempt to read the recovery key from the USB flash drive. If the USB flash drive has been corrupted or damaged, you may need to supply a recovery password or use the recovery information that was backed up to AD DS. Also, if you are using the recovery key in the pre-boot environment, ensure that the drive is formatted by using the NTFS, FAT16, or FAT32 file system. + Some computers cannot read USB flash drives in the pre-boot environment. First, check your BIOS or UEFI firmware and boot settings to ensure that the use of USB drives is enabled. If it is not enabled, enable the use of USB drives in the BIOS or UEFI firmware and boot settings and then try to read the recovery key from the USB flash drive again. If it still cannot be read, you will have to mount the hard drive as a data drive on another computer so that there is an operating system to attempt to read the recovery key from the USB flash drive. If the USB flash drive has been corrupted or damaged, you may need to supply a recovery password or use the recovery information that was backed up to AD DS. Also, if you are using the recovery key in the pre-boot environment, ensure that the drive is formatted by using the NTFS, FAT16, or FAT32 file system. - question: | Why am I unable to save my recovery key to my USB flash drive? @@ -92,7 +92,7 @@ sections: - question: | How do I "lock" a data drive? answer: | - Both fixed and removable data drives can be locked by using the Manage-bde command-line tool and the –lock command. + Both fixed and removable data drives can be locked by using the Manage-bde command-line tool and the -lock command. > [!NOTE] > Ensure all data is saved to the drive before locking it. Once locked, the drive will become inaccessible. @@ -115,7 +115,7 @@ sections: - With TPM: Yes, it is supported. - Without TPM: Yes, it is supported (with password protector). - BitLocker is also supported on data volume VHDs, such as those used by clusters, if you are running Windows 10, Windows 8.1, Windows 8, Windows Server 2016, Windows Server 2012 R2, or Windows Server 2012. + BitLocker is also supported on data volume VHDs, such as those used by clusters, if you are running Windows 10, Windows 8.1, Windows 8, Windows Server 2016, Windows Server 2012 R2, or Windows Server 2012. - question: | Can I use BitLocker with virtual machines (VMs)? diff --git a/windows/security/information-protection/bitlocker/prepare-your-organization-for-bitlocker-planning-and-policies.md b/windows/security/information-protection/bitlocker/prepare-your-organization-for-bitlocker-planning-and-policies.md index 079b849ca8..cd0a3dd94a 100644 --- a/windows/security/information-protection/bitlocker/prepare-your-organization-for-bitlocker-planning-and-policies.md +++ b/windows/security/information-protection/bitlocker/prepare-your-organization-for-bitlocker-planning-and-policies.md @@ -4,13 +4,13 @@ description: This article for the IT professional explains how can you plan your ms.reviewer: ms.prod: windows-client ms.localizationpriority: medium -author: dansimp -ms.author: dansimp +author: frankroj +ms.author: frankroj manager: aaroncz ms.collection: - M365-security-compliance ms.topic: conceptual -ms.date: 04/24/2019 +ms.date: 11/08/2022 ms.custom: bitlocker --- @@ -49,7 +49,7 @@ The trusted platform module (TPM) is a hardware component installed in many newe Also, BitLocker can lock the normal startup process until the user supplies a personal identification number (PIN) or inserts a removable USB device, such as a flash drive, that contains a startup key. These extra security measures provide multifactor authentication. They also make sure that the computer won't start or resume from hibernation until the correct PIN or startup key is presented. -On computers that don't have a TPM version 1.2 or higher, you can still use BitLocker to encrypt the Windows operating system volume. However, this implementation requires the user to insert a USB startup key to start the computer or resume from hibernation. It doesn't provide the pre-startup system integrity verification offered by BitLocker working with a TPM. +On computers that don't have a TPM version 1.2 or higher, you can still use BitLocker to encrypt the Windows operating system volume. However, this implementation requires the user to insert a USB startup key to start the computer or resume from hibernation. It doesn't provide the pre-startup system integrity verification offered by BitLocker working with a TPM. ### BitLocker key protectors | Key protector | Description | @@ -79,7 +79,7 @@ Determine whether you will support computers that don't have a TPM 1.2 or higher The TPM-only authentication method provides the most transparent user experience for organizations that need a baseline level of data protection to meet security policies. It has the lowest total cost of ownership. TPM-only might also be more appropriate for computers that are unattended or that must reboot unattended. -However, TPM-only authentication method offers the lowest level of data protection. This authentication method protects against attacks that modify early boot components. But, the level of protection can be affected by potential weaknesses in hardware or in the early boot components. BitLocker’s multifactor authentication methods significantly increase the overall level of data protection. +However, TPM-only authentication method offers the lowest level of data protection. This authentication method protects against attacks that modify early boot components. But, the level of protection can be affected by potential weaknesses in hardware or in the early boot components. BitLocker's multifactor authentication methods significantly increase the overall level of data protection. **What areas of your organization need a more secure level of data protection?** @@ -101,7 +101,7 @@ For TPM 1.2, there are multiple possible states. Windows automatically initializ For a TPM to be usable by BitLocker, it must contain an endorsement key, which is an RSA key pair. The private half of the key pair is held inside the TPM and is never revealed or accessible outside the TPM. If the TPM doesn't have an endorsement key, BitLocker will force the TPM to generate one automatically as part of BitLocker setup. -An endorsement key can be created at various points in the TPM’s lifecycle, but needs to be created only once for the lifetime of the TPM. If an endorsement key doesn't exist for the TPM, it must be created before TPM ownership can be taken. +An endorsement key can be created at various points in the TPM's lifecycle, but needs to be created only once for the lifetime of the TPM. If an endorsement key doesn't exist for the TPM, it must be created before TPM ownership can be taken. For more information about the TPM and the TCG, see the Trusted Computing Group: Trusted Platform Module (TPM) Specifications (). diff --git a/windows/security/information-protection/bitlocker/protecting-cluster-shared-volumes-and-storage-area-networks-with-bitlocker.md b/windows/security/information-protection/bitlocker/protecting-cluster-shared-volumes-and-storage-area-networks-with-bitlocker.md index 803ad864c1..7048aca3bb 100644 --- a/windows/security/information-protection/bitlocker/protecting-cluster-shared-volumes-and-storage-area-networks-with-bitlocker.md +++ b/windows/security/information-protection/bitlocker/protecting-cluster-shared-volumes-and-storage-area-networks-with-bitlocker.md @@ -4,19 +4,19 @@ description: This article for IT pros describes how to protect CSVs and SANs wit ms.reviewer: ms.prod: windows-client ms.localizationpriority: medium -author: dansimp -ms.author: dansimp +author: frankroj +ms.author: frankroj manager: aaroncz ms.collection: M365-security-compliance ms.topic: conceptual -ms.date: 02/28/2019 +ms.date: 11/08/2022 ms.custom: bitlocker --- # Protecting cluster shared volumes and storage area networks with BitLocker **Applies to** -- Windows Server 2016 +- Windows Server 2016 This article describes the procedure to protect cluster shared volumes (CSVs) and storage area networks (SANs) by using BitLocker. @@ -134,7 +134,7 @@ You can also use **manage-bde** to enable BitLocker on clustered volumes. The st 2. Ensure new storage is formatted as NTFS. 3. Encrypt the volume, add a recovery key and add the cluster administrator as a protector key using the**manage-bde** command line interface (see example): - - `Manage-bde -on -used -RP -sid domain\CNO$ -sync` + - `manage-bde.exe -on -used -RP -sid domain\CNO$ -sync` 1. BitLocker will check to see if the disk is already part of a cluster. If it is, administrators will encounter a hard block. Otherwise, the encryption continues. 2. Using the -sync parameter is optional. However, using -sync parameter has the following advantage: @@ -143,7 +143,7 @@ You can also use **manage-bde** to enable BitLocker on clustered volumes. The st 4. Open the Failover Cluster Manager snap-in or cluster PowerShell cmdlets to enable the disk to be clustered. - - Once the disk is clustered, it's enabled for CSV. + - Once the disk is clustered, it's enabled for CSV. 5. During the resource online operation, cluster checks whether the disk is BitLocker encrypted. @@ -152,7 +152,7 @@ You can also use **manage-bde** to enable BitLocker on clustered volumes. The st 2. If the volume is BitLocker enabled, the following check occurs: - - If volume is **locked**, BitLocker impersonates the CNO and unlocks the volume using the CNO protector. If these actions by BitLocker fail, an event is logged. The logged event will state that the volume couldn't be unlocked and the online operation has failed. + - If volume is **locked**, BitLocker impersonates the CNO and unlocks the volume using the CNO protector. If these actions by BitLocker fail, an event is logged. The logged event will state that the volume couldn't be unlocked and the online operation has failed. 6. Once the disk is online in the storage pool, it can be added to a CSV by right-clicking the disk resource and choosing "**Add to cluster shared volumes**". CSVs include both encrypted and unencrypted volumes. To check the status of a particular volume for BitLocker encryption: administrators must do the following task: @@ -177,15 +177,15 @@ The following table contains information about both physical disk resources (tha | Action | On owner node of failover volume | On Metadata Server (MDS) of CSV | On (Data Server) DS of CSV | Maintenance Mode | |--- |--- |--- |--- |--- | -|**Manage-bde –on**|Blocked|Blocked|Blocked|Allowed| -|**Manage-bde –off**|Blocked|Blocked|Blocked|Allowed| +|**Manage-bde -on**|Blocked|Blocked|Blocked|Allowed| +|**Manage-bde -off**|Blocked|Blocked|Blocked|Allowed| |**Manage-bde Pause/Resume**|Blocked|Blocked**|Blocked|Allowed| -|**Manage-bde –lock**|Blocked|Blocked|Blocked|Allowed| -|**manage-bde –wipe**|Blocked|Blocked|Blocked|Allowed| +|**Manage-bde -lock**|Blocked|Blocked|Blocked|Allowed| +|**manage-bde -wipe**|Blocked|Blocked|Blocked|Allowed| |**Unlock**|Automatic via cluster service|Automatic via cluster service|Automatic via cluster service|Allowed| -|**manage-bde –protector –add**|Allowed|Allowed|Blocked|Allowed| +|**manage-bde -protector -add**|Allowed|Allowed|Blocked|Allowed| |**manage-bde -protector -delete**|Allowed|Allowed|Blocked|Allowed| -|**manage-bde –autounlock**|Allowed (not recommended)|Allowed (not recommended)|Blocked|Allowed (not recommended)| +|**manage-bde -autounlock**|Allowed (not recommended)|Allowed (not recommended)|Blocked|Allowed (not recommended)| |**Manage-bde -upgrade**|Allowed|Allowed|Blocked|Allowed| |**Shrink**|Allowed|Allowed|Blocked|Allowed| |**Extend**|Allowed|Allowed|Blocked|Allowed| @@ -198,10 +198,10 @@ In the case where a physical disk resource experiences a failover event during c ### Other considerations when using BitLocker on CSV2.0 Some other considerations to take into account for BitLocker on clustered storage include: -- BitLocker volumes have to be initialized and begin encryption before they're available to add to a CSV2.0 volume. -- If an administrator needs to decrypt a CSV volume, remove the volume from the cluster or put it into disk maintenance mode. You can add the CSV back to the cluster while waiting for decryption to complete. -- If an administrator needs to start encrypting a CSV volume, remove the volume from the cluster or put it into maintenance mode. -- If conversion is paused with encryption in progress and the CSV volume is offline from the cluster, the cluster thread (health check) automatically resumes conversion when the volume is online to the cluster. -- If conversion is paused with encryption in progress and a physical disk resource volume is offline from the cluster, the BitLocker driver automatically resumes conversion when the volume is online to the cluster. -- If conversion is paused with encryption in progress, while the CSV volume is in maintenance mode, the cluster thread (health check) automatically resumes conversion when moving the volume back from maintenance. -- If conversion is paused with encryption in progress, while the disk resource volume is in maintenance mode, the BitLocker driver automatically resumes conversion when the volume is moved back from maintenance mode. +- BitLocker volumes have to be initialized and begin encryption before they're available to add to a CSV2.0 volume. +- If an administrator needs to decrypt a CSV volume, remove the volume from the cluster or put it into disk maintenance mode. You can add the CSV back to the cluster while waiting for decryption to complete. +- If an administrator needs to start encrypting a CSV volume, remove the volume from the cluster or put it into maintenance mode. +- If conversion is paused with encryption in progress and the CSV volume is offline from the cluster, the cluster thread (health check) automatically resumes conversion when the volume is online to the cluster. +- If conversion is paused with encryption in progress and a physical disk resource volume is offline from the cluster, the BitLocker driver automatically resumes conversion when the volume is online to the cluster. +- If conversion is paused with encryption in progress, while the CSV volume is in maintenance mode, the cluster thread (health check) automatically resumes conversion when moving the volume back from maintenance. +- If conversion is paused with encryption in progress, while the disk resource volume is in maintenance mode, the BitLocker driver automatically resumes conversion when the volume is moved back from maintenance mode. diff --git a/windows/security/information-protection/bitlocker/troubleshoot-bitlocker.md b/windows/security/information-protection/bitlocker/troubleshoot-bitlocker.md index c9c1de7322..ac6920d120 100644 --- a/windows/security/information-protection/bitlocker/troubleshoot-bitlocker.md +++ b/windows/security/information-protection/bitlocker/troubleshoot-bitlocker.md @@ -5,12 +5,12 @@ ms.reviewer: kaushika ms.technology: itpro-security ms.prod: windows-client ms.localizationpriority: medium -author: Teresa-Motiv -ms.author: v-tappelgate -manager: kaushika +author: frankroj +ms.author: frankroj +manager: aaroncz ms.collection: Windows Security Technologies\BitLocker ms.topic: troubleshooting -ms.date: 10/17/2019 +ms.date: 11/08/2022 ms.custom: bitlocker --- @@ -44,7 +44,7 @@ wevtutil qe "Microsoft-Windows-BitLocker/BitLocker Operational" /f:text > BitLoc To use the **Get-WinEvent** cmdlet to export the same log to a comma-separated text file, open a Windows Powershell window and run the following command: ```ps -Get-WinEvent -logname "Microsoft-Windows-BitLocker/BitLocker Operational"  | Export-Csv -Path Bitlocker-Operational.csv +Get-WinEvent -logname "Microsoft-Windows-BitLocker/BitLocker Operational" | Export-Csv -Path Bitlocker-Operational.csv ``` You can use Get-WinEvent in an elevated PowerShell window to display filtered information from the system or application log by using the following syntax: @@ -87,7 +87,7 @@ Open an elevated Windows PowerShell window, and run each of the following comman |Command |Notes | | --- | --- | |[**get-tpm \> C:\\TPM.txt**](/powershell/module/trustedplatformmodule/get-tpm?view=win10-ps&preserve-view=true) |Exports information about the local computer's Trusted Platform Module (TPM). This cmdlet shows different values depending on whether the TPM chip is version 1.2 or 2.0. This cmdlet is not supported in Windows 7. | -|[**manage-bde –status \> C:\\BDEStatus.txt**](/windows-server/administration/windows-commands/manage-bde-status) |Exports information about the general encryption status of all drives on the computer. | +|[**manage-bde -status \> C:\\BDEStatus.txt**](/windows-server/administration/windows-commands/manage-bde-status) |Exports information about the general encryption status of all drives on the computer. | |[**manage-bde c:
    -protectors -get \> C:\\Protectors**](/windows-server/administration/windows-commands/manage-bde-protectors) |Exports information about the protection methods that are used for the BitLocker encryption key. | |[**reagentc /info \> C:\\reagent.txt**](/windows-hardware/manufacture/desktop/reagentc-command-line-options) |Exports information about an online or offline image about the current status of the Windows Recovery Environment (WindowsRE) and any available recovery image. | |[**get-BitLockerVolume \| fl**](/powershell/module/bitlocker/get-bitlockervolume?view=win10-ps&preserve-view=true) |Gets information about volumes that BitLocker Drive Encryption can protect. | diff --git a/windows/security/information-protection/bitlocker/ts-bitlocker-cannot-encrypt-issues.md b/windows/security/information-protection/bitlocker/ts-bitlocker-cannot-encrypt-issues.md index 9929bc59ea..2e17d0ddb3 100644 --- a/windows/security/information-protection/bitlocker/ts-bitlocker-cannot-encrypt-issues.md +++ b/windows/security/information-protection/bitlocker/ts-bitlocker-cannot-encrypt-issues.md @@ -5,12 +5,12 @@ ms.reviewer: kaushika ms.technology: itpro-security ms.prod: windows-client ms.localizationpriority: medium -author: Teresa-Motiv -ms.author: v-tappelgate -manager: kaushika +author: frankroj +ms.author: frankroj +manager: aaroncz ms.collection: Windows Security Technologies\BitLocker ms.topic: troubleshooting -ms.date: 10/17/2019 +ms.date: 11/08/2022 ms.custom: bitlocker --- @@ -23,7 +23,7 @@ This article describes common issues that prevent BitLocker from encrypting a dr ## Error 0x80310059: BitLocker drive encryption is already performing an operation on this drive -When you turn on BitLocker Drive Encryption on a computer that is running Windows 10 Professional or Windows 11, you receive a message that resembles the following: +When you turn on BitLocker Drive Encryption on a computer that is running Windows 10 Professional or Windows 11, you receive a message that resembles the following: > **ERROR:** An error occurred (code 0x80310059):BitLocker Drive Encryption is already performing an operation on this drive. Please complete all operations before continuing.NOTE: If the -on switch has failed to add key protectors or start encryption,you may need to call manage-bde -off before attempting -on again. @@ -51,7 +51,7 @@ To resolve this issue, follow these steps: ## "Access is denied" message when you try to encrypt removable drives -You have a computer that is running Windows 10, version 1709 or version 1607, or Windows 11. You try to encrypt a USB drive by following these steps: +You have a computer that is running Windows 10, version 1709 or version 1607, or Windows 11. You try to encrypt a USB drive by following these steps: 1. In Windows Explorer, right-click the USB drive and select **Turn on BitLocker**. @@ -63,7 +63,7 @@ You have a computer that is running Windows 10, version 1709 or version 1607, or 1. The **Starting encryption** page displays the message "Access is denied." -You receive this message on any computer that runs Windows 10 version 1709 or version 1607, or Windows 11, when you use any USB drive. +You receive this message on any computer that runs Windows 10 version 1709 or version 1607, or Windows 11, when you use any USB drive. ### Cause diff --git a/windows/security/information-protection/bitlocker/ts-bitlocker-cannot-encrypt-tpm-issues.md b/windows/security/information-protection/bitlocker/ts-bitlocker-cannot-encrypt-tpm-issues.md index faea2fc7bb..a8a7d4dffe 100644 --- a/windows/security/information-protection/bitlocker/ts-bitlocker-cannot-encrypt-tpm-issues.md +++ b/windows/security/information-protection/bitlocker/ts-bitlocker-cannot-encrypt-tpm-issues.md @@ -5,12 +5,12 @@ ms.reviewer: kaushika ms.technology: itpro-security ms.prod: windows-client ms.localizationpriority: medium -author: Teresa-Motiv -ms.author: v-tappelgate -manager: kaushika +author: frankroj +ms.author: frankroj +manager: aaroncz ms.collection: Windows Security Technologies\BitLocker ms.topic: troubleshooting -ms.date: 10/18/2019 +ms.date: 11/08/2022 ms.custom: bitlocker --- diff --git a/windows/security/information-protection/bitlocker/ts-bitlocker-config-issues.md b/windows/security/information-protection/bitlocker/ts-bitlocker-config-issues.md index 61e63f2090..70d3520587 100644 --- a/windows/security/information-protection/bitlocker/ts-bitlocker-config-issues.md +++ b/windows/security/information-protection/bitlocker/ts-bitlocker-config-issues.md @@ -5,12 +5,12 @@ ms.reviewer: kaushika ms.technology: itpro-security ms.prod: windows-client ms.localizationpriority: medium -author: Teresa-Motiv -ms.author: v-tappelgate -manager: kaushika +author: frankroj +ms.author: frankroj +manager: aaroncz ms.collection: Windows Security Technologies\BitLocker ms.topic: troubleshooting -ms.date: 10/17/2019 +ms.date: 11/08/2022 ms.custom: bitlocker --- @@ -18,9 +18,9 @@ ms.custom: bitlocker This article describes common issues that affect your BitLocker's configuration and general functionality. This article also provides guidance to address these issues. -## BitLocker encryption is slower in Windows 10 and Windows 11 +## BitLocker encryption is slower in Windows 10 and Windows 11 -In both Windows 11, Windows 10, and Windows 7, BitLocker runs in the background to encrypt drives. However, in Windows 11 and Windows 10, BitLocker is less aggressive about requesting resources. This behavior reduces the chance that BitLocker will affect the computer's performance. +In both Windows 11, Windows 10, and Windows 7, BitLocker runs in the background to encrypt drives. However, in Windows 11 and Windows 10, BitLocker is less aggressive about requesting resources. This behavior reduces the chance that BitLocker will affect the computer's performance. To compensate for these changes, BitLocker uses a new conversion model. This model, (referred to as Encrypt-On-Write), makes sure that any new disk writes on all client SKUs and that any internal drives are always encrypted *as soon as you turn on BitLocker*. @@ -80,7 +80,7 @@ To resolve this issue, remove the third-party software. ## Production snapshots fail for virtualized domain controllers that use BitLocker-encrypted disks -You have a Windows Server 2019 or 2016 Hyper-V Server that is hosting VMs (guests) that are configured as Windows domain controllers. BitLocker has encrypted the disks that store the Active Directory database and log files. When you run a “production snapshot” of the domain controller guests, the Volume Snap-Shot (VSS) service does not correctly process the backup. +You have a Windows Server 2019 or 2016 Hyper-V Server that is hosting VMs (guests) that are configured as Windows domain controllers. BitLocker has encrypted the disks that store the Active Directory database and log files. When you run a "production snapshot" of the domain controller guests, the Volume Snap-Shot (VSS) service does not correctly process the backup. This issue occurs regardless of any of the following variations in the environment: diff --git a/windows/security/information-protection/bitlocker/ts-bitlocker-decode-measured-boot-logs.md b/windows/security/information-protection/bitlocker/ts-bitlocker-decode-measured-boot-logs.md index c026262ec6..b1fdeaf64c 100644 --- a/windows/security/information-protection/bitlocker/ts-bitlocker-decode-measured-boot-logs.md +++ b/windows/security/information-protection/bitlocker/ts-bitlocker-decode-measured-boot-logs.md @@ -5,12 +5,12 @@ ms.reviewer: kaushika ms.technology: itpro-security ms.prod: windows-client ms.localizationpriority: medium -author: Teresa-Motiv -ms.author: v-tappelgate -manager: kaushika +author: frankroj +ms.author: frankroj +manager: aaroncz ms.collection: Windows Security Technologies\BitLocker ms.topic: troubleshooting -ms.date: 10/17/2019 +ms.date: 11/08/2022 ms.custom: bitlocker --- @@ -29,7 +29,7 @@ For more information about Measured Boot and PCRs, see the following articles: ## Use TBSLogGenerator to decode Measured Boot logs -Use TBSLogGenerator to decode Measured Boot logs that you have collected from Windows 11, Windows 10, and earlier versions. You can install this tool on the following systems: +Use TBSLogGenerator to decode Measured Boot logs that you have collected from Windows 11, Windows 10, and earlier versions. You can install this tool on the following systems: - A computer that is running Windows Server 2016 and that has a TPM enabled - A Gen 2 virtual machine (running on Hyper-V) that is running Windows Server 2016 (you can use the virtual TPM) diff --git a/windows/security/information-protection/bitlocker/ts-bitlocker-intune-issues.md b/windows/security/information-protection/bitlocker/ts-bitlocker-intune-issues.md index 1ba88008b1..2ed6a48c76 100644 --- a/windows/security/information-protection/bitlocker/ts-bitlocker-intune-issues.md +++ b/windows/security/information-protection/bitlocker/ts-bitlocker-intune-issues.md @@ -5,13 +5,13 @@ ms.reviewer: kaushika ms.technology: itpro-security ms.prod: windows-client ms.localizationpriority: medium -author: Teresa-Motiv -ms.author: v-tappelgate -manager: kaushika +author: frankroj +ms.author: frankroj +manager: aaroncz ms.collection: - Windows Security Technologies\BitLocker ms.topic: troubleshooting -ms.date: 10/18/2019 +ms.date: 11/08/2022 ms.custom: bitlocker --- @@ -97,7 +97,7 @@ You can resolve this issue by verifying the configuration of the disk partitions #### Step 1: Verify the configuration of the disk partitions -The procedures described in this section depend on the default disk partitions that Windows configures during installation. Windows 11 and Windows 10 automatically create a recovery partition that contains the Winre.wim file. The partition configuration resembles the following. +The procedures described in this section depend on the default disk partitions that Windows configures during installation. Windows 11 and Windows 10 automatically create a recovery partition that contains the Winre.wim file. The partition configuration resembles the following. ![Default disk partitions, including the recovery partition.](./images/4509194-en-1.png) @@ -143,7 +143,7 @@ The output of this command resembles the following: :::image type="content" alt-text="Output of the bcdedit /enum all command." source="./images/4509196-en-1.png" lightbox="./images/4509196-en-1.png"::: -In the output, locate the **Windows Boot Loader** section that includes the line **identifier={current}**. In that section, locate the **recoverysequence** attribute. The value of this attribute should be a GUID value, not a string of zeros. +In the output, locate the **Windows Boot Loader** section that includes the line **identifier={current}**. In that section, locate the **recoverysequence** attribute. The value of this attribute should be a GUID value, not a string of zeros. ## Event ID 851: Contact the manufacturer for BIOS upgrade instructions @@ -231,7 +231,7 @@ To verify the secure boot state, use the System Information application. To do t ## Event ID 846, 778, and 851: Error 0x80072f9a -In this case, you are deploying Intune policy to encrypt a Windows 11, Windows 10, version 1809 device, and store the recovery password in Azure Active Directory (Azure AD). As part of the policy configuration, you have selected the **Allow standard users to enable encryption during Azure AD Join** option. +In this case, you are deploying Intune policy to encrypt a Windows 11, Windows 10, version 1809 device, and store the recovery password in Azure Active Directory (Azure AD). As part of the policy configuration, you have selected the **Allow standard users to enable encryption during Azure AD Join** option. The policy deployment fails and the failure generates the following events (visible in Event Viewer in the **Applications and Services Logs\\Microsoft\\Windows\\BitLocker API** folder): @@ -260,7 +260,7 @@ These events refer to Error code 0x80072f9a. These events indicate that the signed-in user does not have permission to read the private key on the certificate that is generated as part of the provisioning and enrollment process. Therefore, the BitLocker MDM policy refresh fails. -The issue affects Windows 11 and Windows 10 version 1809. +The issue affects Windows 11 and Windows 10 version 1809. ### Resolution @@ -292,11 +292,11 @@ For information about the procedure to use policy together with BitLocker and In Intune offers the following enforcement types for BitLocker: -- **Automatic** (Enforced when the device joins Azure AD during the provisioning process. This option is available in Windows 10 version 1703 and later, or Windows 11.) -- **Silent** (Endpoint protection policy. This option is available in Windows 10 version 1803 and later, or Windows 11.) -- **Interactive** (Endpoint policy for Windows versions that are older than Windows 10 version 1803, or Windows 11.) +- **Automatic** (Enforced when the device joins Azure AD during the provisioning process. This option is available in Windows 10 version 1703 and later, or Windows 11.) +- **Silent** (Endpoint protection policy. This option is available in Windows 10 version 1803 and later, or Windows 11.) +- **Interactive** (Endpoint policy for Windows versions that are older than Windows 10 version 1803, or Windows 11.) -If your device runs Windows 10 version 1703 or later, or Windows 11, supports Modern Standby (also known as Instant Go) and is HSTI-compliant, joining the device to Azure AD triggers automatic device encryption. A separate endpoint protection policy is not required to enforce device encryption. +If your device runs Windows 10 version 1703 or later, or Windows 11, supports Modern Standby (also known as Instant Go) and is HSTI-compliant, joining the device to Azure AD triggers automatic device encryption. A separate endpoint protection policy is not required to enforce device encryption. If your device is HSTI-compliant but does not support Modern Standby, you have to configure an endpoint protection policy to enforce silent BitLocker drive encryption. The settings for this policy should resemble the following: @@ -306,25 +306,25 @@ The OMA-URI references for these settings are as follows: - OMA-URI: **./Device/Vendor/MSFT/BitLocker/RequireDeviceEncryption** Value Type: **Integer** - Value: **1**  (1 = Require, 0 = Not Configured) + Value: **1** (1 = Require, 0 = Not Configured) - OMA-URI: **./Device/Vendor/MSFT/BitLocker/AllowWarningForOtherDiskEncryption** Value Type: **Integer** Value: **0** (0 = Blocked, 1 = Allowed) > [!NOTE] -> Because of an update to the BitLocker Policy CSP, if the device uses Windows 10 version 1809 or later, or Windows 11, you can use an endpoint protection policy to enforce silent BitLocker Device Encryption even if the device is not HSTI-compliant. +> Because of an update to the BitLocker Policy CSP, if the device uses Windows 10 version 1809 or later, or Windows 11, you can use an endpoint protection policy to enforce silent BitLocker Device Encryption even if the device is not HSTI-compliant. > [!NOTE] > If the **Warning for other disk encryption** setting is set to **Not configured**, you have to manually start the BitLocker drive encryption wizard. -If the device does not support Modern Standby but is HSTI-compliant, and it uses a version of Windows that is earlier than Windows 10, version 1803, or Windows 11, an endpoint protection policy that has the settings that are described in this article delivers the policy configuration to the device. However, Windows then notifies the user to manually enable BitLocker Drive Encryption. To do this, the user selects the notification. This action starts the BitLocker Drive Encryption wizard. +If the device does not support Modern Standby but is HSTI-compliant, and it uses a version of Windows that is earlier than Windows 10, version 1803, or Windows 11, an endpoint protection policy that has the settings that are described in this article delivers the policy configuration to the device. However, Windows then notifies the user to manually enable BitLocker Drive Encryption. To do this, the user selects the notification. This action starts the BitLocker Drive Encryption wizard. The Intune 1901 release provides settings that you can use to configure automatic device encryption for Autopilot devices for standard users. Each device must meet the following requirements: - Be HSTI-compliant - Support Modern Standby -- Use Windows 10 version 1803 or later, or Windows 11 +- Use Windows 10 version 1803 or later, or Windows 11 ![Intune policy setting.](./images/4509188-en-1.png) diff --git a/windows/security/information-protection/bitlocker/ts-bitlocker-network-unlock-issues.md b/windows/security/information-protection/bitlocker/ts-bitlocker-network-unlock-issues.md index 00e41f6158..ed361f4109 100644 --- a/windows/security/information-protection/bitlocker/ts-bitlocker-network-unlock-issues.md +++ b/windows/security/information-protection/bitlocker/ts-bitlocker-network-unlock-issues.md @@ -4,9 +4,9 @@ description: Describes several known issues that you may encounter while using n ms.technology: itpro-security ms.prod: windows-client ms.localizationpriority: medium -author: v-tappelgate -ms.author: v-tappelgate -manager: kaushika +author: frankroj +ms.author: frankroj +manager: aaroncz ms.reviewer: kaushika ms.collection: Windows Security Technologies\BitLocker ms.topic: troubleshooting diff --git a/windows/security/information-protection/bitlocker/ts-bitlocker-recovery-issues.md b/windows/security/information-protection/bitlocker/ts-bitlocker-recovery-issues.md index 03932d4c98..3fb0214e92 100644 --- a/windows/security/information-protection/bitlocker/ts-bitlocker-recovery-issues.md +++ b/windows/security/information-protection/bitlocker/ts-bitlocker-recovery-issues.md @@ -5,14 +5,14 @@ ms.reviewer: kaushika ms.technology: itpro-security ms.prod: windows-client ms.localizationpriority: medium -author: Teresa-Motiv -ms.author: v-tappelgate -manager: kaushika +author: frankroj +ms.author: frankroj +manager: aaroncz ms.collection: - Windows Security Technologies\BitLocker - highpri ms.topic: troubleshooting -ms.date: 10/18/2019 +ms.date: 11/08/2022 ms.custom: bitlocker --- @@ -37,7 +37,7 @@ The BitLocker and Active Directory Domain Services (AD DS) FAQ address situation ## The recovery password for a laptop was not backed up, and the laptop is locked -You have a Windows 11 or Windows 10 Home-based laptop, and you have to recover its hard disk. The disk was encrypted by using BitLocker Driver Encryption. However, the BitLocker recovery password was not backed up, and the usual user of the laptop is not available to provide the password. +You have a Windows 11 or Windows 10 Home-based laptop, and you have to recover its hard disk. The disk was encrypted by using BitLocker Driver Encryption. However, the BitLocker recovery password was not backed up, and the usual user of the laptop is not available to provide the password. ### Resolution @@ -47,7 +47,7 @@ You can use either of the following methods to manually back up or synchronize a - In an elevated Command Prompt window, use the [manage-bde](/windows-server/administration/windows-commands/manage-bde) command to back up the information. - For example, to back up all of the recovery information for the C: drive to AD DS, open an elevated Command Prompt window and run the following command: + For example, to back up all of the recovery information for the C: drive to AD DS, open an elevated Command Prompt window and run the following command: ```console manage-bde -protectors -adbackup C: @@ -69,11 +69,11 @@ However, after you enter the recovery password, the device cannot start. ### Cause > [!IMPORTANT] -> Tablet devices do not support the **manage-bde -forcerecovery** command. +> Tablet devices do not support the **manage-bde -forcerecovery** command. This issue occurs because the Windows Boot Manager cannot process touch-input during the pre-boot phase of startup. If Boot Manager detects that the device is a tablet, it redirects the startup process to the Windows Recovery Environment (WinRE), which can process touch-input. -If WindowsRE detects the TPM protector on the hard disk, it does a PCR reseal. However, the **manage-bde -forcerecovery** command deletes the TPM protectors on the hard disk. Therefore, WinRE cannot reseal the PCRs. This failure triggers an infinite BitLocker recovery cycle and prevents Windows from starting. +If WindowsRE detects the TPM protector on the hard disk, it does a PCR reseal. However, the **manage-bde -forcerecovery** command deletes the TPM protectors on the hard disk. Therefore, WinRE cannot reseal the PCRs. This failure triggers an infinite BitLocker recovery cycle and prevents Windows from starting. This behavior is by design for all versions of Windows. @@ -88,7 +88,7 @@ To resolve the restart loop, follow these steps: 1. In the Command Prompt window, run the following commands: ```console - manage-bde –unlock C: -rp <48-digit BitLocker recovery password> + manage-bde -unlock C: -rp <48-digit BitLocker recovery password> manage-bde -protectors -disable C: ``` @@ -105,8 +105,8 @@ You have a Surface device that has BitLocker drive encryption turned on. You upd You experience one or more of the following symptoms on the Surface device: -- At startup, you are prompted for your BitLocker recovery password. You enter the correct recovery password, but Windows doesn’t start up. -- Startup progresses directly into the Surface Unified Extensible Firmware Interface (UEFI) settings. +- At startup, you are prompted for your BitLocker recovery password. You enter the correct recovery password, but Windows doesn't start up. +- Startup progresses directly into the Surface Unified Extensible Firmware Interface (UEFI) settings. - The Surface device appears to be in an infinite restart loop. ### Cause @@ -185,13 +185,13 @@ To recover data from your Surface device if you cannot start Windows, follow ste 1. After the drive is unlocked, use the **copy** or **xcopy** command to copy the user data to another drive. > [!NOTE] - > For more information about the these commands, see the [Windows commands](/windows-server/administration/windows-commands/windows-commands). + > For more information about the these commands, see the [Windows commands](/windows-server/administration/windows-commands/windows-commands). 1. To reset your device by using a Surface recovery image, follow the instructions in the "How to reset your Surface using your USB recovery drive" section in [Creating and using a USB recovery drive](https://support.microsoft.com/help/4023512). #### Step 3: Restore the default PCR values -To prevent this issue from recurring, we strongly recommend that you restore the default configuration of secure boot and the PCR values. +To prevent this issue from recurring, we strongly recommend that you restore the default configuration of secure boot and the PCR values. To enable secure boot on a Surface device, follow these steps: @@ -216,7 +216,7 @@ To enable secure boot on a Surface device, follow these steps: To reset the PCR settings on the TPM, follow these steps: -1. Disable any Group Policy Objects that configure the PCR settings, or remove the device from any groups that enforce such policies. +1. Disable any Group Policy Objects that configure the PCR settings, or remove the device from any groups that enforce such policies. For more information, see [BitLocker Group Policy settings](./bitlocker-group-policy-settings.md). @@ -265,7 +265,7 @@ To re-enable BitLocker drive encryption, select **Start**, type **Manage BitLock ## After you install an update to a Hyper V-enabled computer, BitLocker prompts for the recovery password and returns error 0xC0210000 -You have a device that runs Windows 11, Windows 10, version 1703, Windows 10, version 1607, or Windows Server 2016. Also, Hyper-V is enabled on the device. After you install an affected update and restart the device, the device enters BitLocker Recovery mode and you see error code 0xC0210000. +You have a device that runs Windows 11, Windows 10, version 1703, Windows 10, version 1607, or Windows Server 2016. Also, Hyper-V is enabled on the device. After you install an affected update and restart the device, the device enters BitLocker Recovery mode and you see error code 0xC0210000. ### Workaround @@ -282,7 +282,7 @@ If your device is already in this state, you can successfully start Windows afte 1. In the Command Prompt window, run the following commands: ```console - Manage-bde -unlock c: -rp <48 digit numerical recovery password separated by “-“ in 6 digit group> + Manage-bde -unlock c: -rp <48 digit numerical recovery password separated by "-" in 6 digit group> Manage-bde -protectors -disable c: exit ``` @@ -290,7 +290,7 @@ If your device is already in this state, you can successfully start Windows afte These commands unlock the drive and then suspend BitLocker by disabling the TPM protectors on the drive. The final command closes the Command Prompt window. > [!NOTE] - > These commands suspend BitLocker for one restart of the device. The **-rc 1** option works only inside the operating system and does not work in the recovery environment. + > These commands suspend BitLocker for one restart of the device. The **-rc 1** option works only inside the operating system and does not work in the recovery environment. 1. Select **Continue**. Windows should start. @@ -313,12 +313,12 @@ Manage-bde -protectors -disable c: -rc 1 To resolve this issue, install the appropriate update on the affected device: -- For Windows 10, version 1703, or Windows 11: [July 9, 2019—KB4507450 (OS Build 15063.1928)](https://support.microsoft.com/help/4507450/windows-10-update-kb4507450) -- For Windows 11, Windows 10, version 1607 and Windows Server 2016: [July 9, 2019—KB4507460 (OS Build 14393.3085)](https://support.microsoft.com/help/4507460/windows-10-update-kb4507460) +- For Windows 10, version 1703, or Windows 11: [July 9, 2019—KB4507450 (OS Build 15063.1928)](https://support.microsoft.com/help/4507450/windows-10-update-kb4507450) +- For Windows 11, Windows 10, version 1607 and Windows Server 2016: [July 9, 2019—KB4507460 (OS Build 14393.3085)](https://support.microsoft.com/help/4507460/windows-10-update-kb4507460) ## Credential Guard/Device Guard on TPM 1.2: At every restart, BitLocker prompts for the recovery password and returns error 0xC0210000 -You have a device that uses TPM 1.2 and runs Windows 10, version 1809, or Windows 11. Also, the device uses [Virtualization-based Security](/windows-hardware/design/device-experiences/oem-vbs) features such as [Device Guard and Credential Guard](/windows-hardware/drivers/bringup/device-guard-and-credential-guard). Every time that you start the device, the device enters BitLocker Recovery mode and you see error code 0xc0210000, and a message that resembles the following. +You have a device that uses TPM 1.2 and runs Windows 10, version 1809, or Windows 11. Also, the device uses [Virtualization-based Security](/windows-hardware/design/device-experiences/oem-vbs) features such as [Device Guard and Credential Guard](/windows-hardware/drivers/bringup/device-guard-and-credential-guard). Every time that you start the device, the device enters BitLocker Recovery mode and you see error code 0xc0210000, and a message that resembles the following. > Recovery > diff --git a/windows/security/information-protection/bitlocker/ts-bitlocker-tpm-issues.md b/windows/security/information-protection/bitlocker/ts-bitlocker-tpm-issues.md index b6ea2d5b56..cb1ce79e07 100644 --- a/windows/security/information-protection/bitlocker/ts-bitlocker-tpm-issues.md +++ b/windows/security/information-protection/bitlocker/ts-bitlocker-tpm-issues.md @@ -5,12 +5,12 @@ ms.reviewer: kaushika ms.technology: itpro-security ms.prod: windows-client ms.localizationpriority: medium -author: Teresa-Motiv -ms.author: v-tappelgate -manager: kaushika +author: frankroj +ms.author: frankroj +manager: aaroncz ms.collection: Windows Security Technologies\BitLocker ms.topic: troubleshooting -ms.date: 10/18/2019 +ms.date: 11/08/2022 ms.custom: bitlocker --- @@ -38,7 +38,7 @@ Additionally, the computer logs the following entry for Event ID 1026: > User: SYSTEM > Computer: \ > Description: -> The Trusted Platform Module (TPM) hardware on this computer cannot be provisioned for use automatically.  To set up the TPM interactively use the TPM management console (Start-\>tpm.msc) and use the action to make the TPM ready. +> The Trusted Platform Module (TPM) hardware on this computer cannot be provisioned for use automatically. To set up the TPM interactively use the TPM management console (Start-\>tpm.msc) and use the action to make the TPM ready. > Error: The TPM is defending against dictionary attacks and is in a time-out period. > Additional Information: 0x840000 @@ -64,7 +64,7 @@ To resolve this issue, follow these steps to troubleshoot the TPM: ## TPM 1.2 Error: Loading the management console failed. The device that is required by the cryptographic provider isn't ready for use -You have a Windows 11 or Windows 10 version 1703-based computer that uses TPM version 1.2. When you try to open the TPM management console, you receive the following message: +You have a Windows 11 or Windows 10 version 1703-based computer that uses TPM version 1.2. When you try to open the TPM management console, you receive the following message: > Loading the management console failed. The device that is required by the cryptographic provider is not ready for use. > HRESULT 0x800900300x80090030 - NTE\_DEVICE\_NOT\_READY @@ -101,8 +101,8 @@ This issue may occur when the Windows operating system isn't the owner of the TP |Message |Reason | Resolution| | - | - | - | |NTE\_BAD\_KEYSET (0x80090016/-2146893802) |TPM operation failed or was invalid |This issue was probably caused by a corrupted sysprep image. Make sure that you create the sysprep image by using a computer that isn't joined to or registered in Azure AD or hybrid Azure AD. | -|TPM\_E\_PCP\_INTERNAL\_ERROR (0x80290407/-2144795641) |Generic TPM error. |If the device returns this error, disable its TPM. Windows 10, version 1809 and later versions, or Windows 11 automatically detect TPM failures and finish the hybrid Azure AD join without using the TPM. | -|TPM\_E\_NOTFIPS (0x80280036/-2144862154) |The FIPS mode of the TPM is currently not supported. |If the device gives this error, disable its TPM. Windows 10, version 1809 and later versions, or Windows 11 automatically detect TPM failures and finish the hybrid Azure AD join without using the TPM. | +|TPM\_E\_PCP\_INTERNAL\_ERROR (0x80290407/-2144795641) |Generic TPM error. |If the device returns this error, disable its TPM. Windows 10, version 1809 and later versions, or Windows 11 automatically detect TPM failures and finish the hybrid Azure AD join without using the TPM. | +|TPM\_E\_NOTFIPS (0x80280036/-2144862154) |The FIPS mode of the TPM is currently not supported. |If the device gives this error, disable its TPM. Windows 10, version 1809 and later versions, or Windows 11 automatically detect TPM failures and finish the hybrid Azure AD join without using the TPM. | |NTE\_AUTHENTICATION\_IGNORED (0x80090031/-2146893775) |The TPM is locked out. |This error is transient. Wait for the cooldown period, and then retry the join operation. | For more information about TPM issues, see the following articles: From 003220cc76b1e2a121e5b4adeec62c1324e3d922 Mon Sep 17 00:00:00 2001 From: Frank Rojas <45807133+frankroj@users.noreply.github.com> Date: Mon, 7 Nov 2022 22:40:24 -0500 Subject: [PATCH 008/129] Metadata/style update BitLocker 2 --- .../bitlocker/bitlocker-and-adds-faq.yml | 22 +++++++++---------- ...cker-deployment-and-administration-faq.yml | 6 ++--- .../bitlocker-frequently-asked-questions.yml | 6 ++--- .../bitlocker-key-management-faq.yml | 6 ++--- .../bitlocker-network-unlock-faq.yml | 6 ++--- ...itlocker-overview-and-requirements-faq.yml | 6 ++--- .../bitlocker/bitlocker-security-faq.yml | 6 ++--- .../bitlocker/bitlocker-to-go-faq.yml | 6 ++--- .../bitlocker/bitlocker-upgrading-faq.yml | 6 ++--- ...itlocker-using-with-other-programs-faq.yml | 6 ++--- .../ts-bitlocker-network-unlock-issues.md | 1 + 11 files changed, 39 insertions(+), 38 deletions(-) diff --git a/windows/security/information-protection/bitlocker/bitlocker-and-adds-faq.yml b/windows/security/information-protection/bitlocker/bitlocker-and-adds-faq.yml index 552c4c894f..407bc85947 100644 --- a/windows/security/information-protection/bitlocker/bitlocker-and-adds-faq.yml +++ b/windows/security/information-protection/bitlocker/bitlocker-and-adds-faq.yml @@ -9,15 +9,15 @@ metadata: ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium - author: dansimp - ms.author: dansimp + author: frankroj + ms.author: frankroj manager: aaroncz audience: ITPro ms.collection: - M365-security-compliance - highpri ms.topic: faq - ms.date: 02/28/2019 + ms.date: 11/08/2022 ms.custom: bitlocker title: BitLocker and Active Directory Domain Services (AD DS) FAQ summary: | @@ -34,18 +34,18 @@ sections: answer: | Stored information | Description -------------------|------------ - Hash of the TPM owner password | Beginning with Windows 10, the password hash is not stored in AD DS by default. The password hash can be stored only if the TPM is owned and the ownership was taken by using components of Windows 8.1 or earlier, such as the BitLocker Setup Wizard or the TPM snap-in. + Hash of the TPM owner password | Beginning with Windows 10, the password hash isn't stored in AD DS by default. The password hash can be stored only if the TPM is owned and the ownership was taken by using components of Windows 8.1 or earlier, such as the BitLocker Setup Wizard or the TPM snap-in. BitLocker recovery password | The recovery password allows you to unlock and access the drive after a recovery incident. Domain administrators can view the BitLocker recovery password by using the BitLocker Recovery Password Viewer. For more information about this tool, see [BitLocker: Use BitLocker Recovery Password Viewer](bitlocker-use-bitlocker-recovery-password-viewer.md). BitLocker key package | The key package helps to repair damage to the hard disk that would otherwise prevent standard recovery. Using the key package for recovery requires the BitLocker Repair Tool, `Repair-bde`. - question: | What if BitLocker is enabled on a computer before the computer has joined the domain? answer: | - If BitLocker is enabled on a drive before Group Policy has been applied to enforce a backup, the recovery information will not be automatically backed up to AD DS when the computer joins the domain or when Group Policy is subsequently applied. However, you can use the **Choose how BitLocker-protected operating system drives can be recovered**, **Choose how BitLocker-protected fixed drives can be recovered**, and **Choose how BitLocker-protected removable drives can be recovered** Group Policy settings to require the computer to be connected to a domain before BitLocker can be enabled to help ensure that recovery information for BitLocker-protected drives in your organization is backed up to AD DS. + If BitLocker is enabled on a drive before Group Policy has been applied to enforce a backup, the recovery information won't be automatically backed up to AD DS when the computer joins the domain or when Group Policy is subsequently applied. However, you can use the **Choose how BitLocker-protected operating system drives can be recovered**, **Choose how BitLocker-protected fixed drives can be recovered**, and **Choose how BitLocker-protected removable drives can be recovered** Group Policy settings to require the computer to be connected to a domain before BitLocker can be enabled to help ensure that recovery information for BitLocker-protected drives in your organization is backed up to AD DS. For more info, see [BitLocker Group Policy settings](bitlocker-group-policy-settings.md). - The BitLocker Windows Management Instrumentation (WMI) interface does allow administrators to write a script to back up or synchronize an online client's existing recovery information; however, BitLocker does not automatically manage this process. The `manage-bde` command-line tool can also be used to manually back up recovery information to AD DS. For example, to back up all of the recovery information for the `$env:SystemDrive` to AD DS, you would use the following command script from an elevated command prompt: + The BitLocker Windows Management Instrumentation (WMI) interface does allow administrators to write a script to back up or synchronize an online client's existing recovery information; however, BitLocker doesn't automatically manage this process. The `manage-bde` command-line tool can also be used to manually back up recovery information to AD DS. For example, to back up all of the recovery information for the `$env:SystemDrive` to AD DS, you would use the following command script from an elevated command prompt: ```PowerShell $BitLocker = Get-BitLockerVolume -MountPoint $env:SystemDrive @@ -61,24 +61,24 @@ sections: - question: | Is there an event log entry recorded on the client computer to indicate the success or failure of the Active Directory backup? answer: | - Yes, an event log entry that indicates the success or failure of an Active Directory backup is recorded on the client computer. However, even if an event log entry says "Success," the information could have been subsequently removed from AD DS, or BitLocker could have been reconfigured in such a way that the Active Directory information can no longer unlock the drive (such as by removing the recovery password key protector). In addition, it is also possible that the log entry could be spoofed. + Yes, an event log entry that indicates the success or failure of an Active Directory backup is recorded on the client computer. However, even if an event log entry says "Success," the information could have been subsequently removed from AD DS, or BitLocker could have been reconfigured in such a way that the Active Directory information can no longer unlock the drive (such as by removing the recovery password key protector). In addition, it's also possible that the log entry could be spoofed. Ultimately, determining whether a legitimate backup exists in AD DS requires querying AD DS with domain administrator credentials by using the BitLocker password viewer tool. - question: | If I change the BitLocker recovery password on my computer and store the new password in AD DS, will AD DS overwrite the old password? answer: | - No. By design, BitLocker recovery password entries do not get deleted from AD DS; therefore, you might see multiple passwords for each drive. To identify the latest password, check the date on the object. + No. By design, BitLocker recovery password entries don't get deleted from AD DS; therefore, you might see multiple passwords for each drive. To identify the latest password, check the date on the object. - question: | What happens if the backup initially fails? Will BitLocker retry it? answer: | - If the backup initially fails, such as when a domain controller is unreachable at the time when the BitLocker setup wizard is run, BitLocker does not try again to back up the recovery information to AD DS. + If the backup initially fails, such as when a domain controller is unreachable at the time when the BitLocker setup wizard is run, BitLocker doesn't try again to back up the recovery information to AD DS. - When an administrator selects the **Require BitLocker backup to AD DS** check box of the **Store BitLocker recovery information in Active Directory Domain Service (Windows 2008 and Windows Vista)** policy setting, or the equivalent **Do not enable BitLocker until recovery information is stored in AD DS for (operating system | fixed data | removable data) drives** check box in any of the **Choose how BitLocker-protected operating system drives can be recovered**, **Choose how BitLocker-protected fixed data drives can be recovered**, and **Choose how BitLocker-protected removable data drives can be recovered** policy settings, users can't enable BitLocker unless the computer is connected to the domain and the backup of BitLocker recovery information to AD DS succeeds. With these settings configured if the backup fails, BitLocker cannot be enabled, ensuring that administrators will be able to recover BitLocker-protected drives in the organization. + When an administrator selects the **Require BitLocker backup to AD DS** check box of the **Store BitLocker recovery information in Active Directory Domain Service (Windows 2008 and Windows Vista)** policy setting, or the equivalent **Do not enable BitLocker until recovery information is stored in AD DS for (operating system | fixed data | removable data) drives** check box in any of the **Choose how BitLocker-protected operating system drives can be recovered**, **Choose how BitLocker-protected fixed data drives can be recovered**, and **Choose how BitLocker-protected removable data drives can be recovered** policy settings, users can't enable BitLocker unless the computer is connected to the domain and the backup of BitLocker recovery information to AD DS succeeds. With these settings configured if the backup fails, BitLocker can't be enabled, ensuring that administrators will be able to recover BitLocker-protected drives in the organization. For more info, see [BitLocker Group Policy settings](bitlocker-group-policy-settings.md). - When an administrator clears these check boxes, the administrator is allowing a drive to be BitLocker-protected without having the recovery information successfully backed up to AD DS; however, BitLocker will not automatically retry the backup if it fails. Instead, administrators can create a backup script, as described earlier in [What if BitLocker is enabled on a computer before the computer has joined the domain?](#what-if-bitlocker-is-enabled-on-a-computer-before-the-computer-has-joined-the-domain-) to capture the information after connectivity is restored. + When an administrator clears these check boxes, the administrator is allowing a drive to be BitLocker-protected without having the recovery information successfully backed up to AD DS; however, BitLocker won't automatically retry the backup if it fails. Instead, administrators can create a backup script, as described earlier in [What if BitLocker is enabled on a computer before the computer has joined the domain?](#what-if-bitlocker-is-enabled-on-a-computer-before-the-computer-has-joined-the-domain-) to capture the information after connectivity is restored. diff --git a/windows/security/information-protection/bitlocker/bitlocker-deployment-and-administration-faq.yml b/windows/security/information-protection/bitlocker/bitlocker-deployment-and-administration-faq.yml index 7efd5cb71c..9f5ff90f06 100644 --- a/windows/security/information-protection/bitlocker/bitlocker-deployment-and-administration-faq.yml +++ b/windows/security/information-protection/bitlocker/bitlocker-deployment-and-administration-faq.yml @@ -9,13 +9,13 @@ metadata: ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium - author: dansimp - ms.author: dansimp + author: frankroj + ms.author: frankroj manager: aaroncz audience: ITPro ms.collection: M365-security-compliance ms.topic: faq - ms.date: 02/28/2019 + ms.date: 11/08/2022 ms.custom: bitlocker title: BitLocker frequently asked questions (FAQ) summary: | diff --git a/windows/security/information-protection/bitlocker/bitlocker-frequently-asked-questions.yml b/windows/security/information-protection/bitlocker/bitlocker-frequently-asked-questions.yml index d3953c34cb..352b886bb4 100644 --- a/windows/security/information-protection/bitlocker/bitlocker-frequently-asked-questions.yml +++ b/windows/security/information-protection/bitlocker/bitlocker-frequently-asked-questions.yml @@ -9,15 +9,15 @@ metadata: ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium - author: dansimp - ms.author: dansimp + author: frankroj + ms.author: frankroj manager: aaroncz audience: ITPro ms.collection: - M365-security-compliance - highpri ms.topic: faq - ms.date: 02/28/2019 + ms.date: 11/08/2022 ms.custom: bitlocker title: BitLocker frequently asked questions (FAQ) resources summary: | diff --git a/windows/security/information-protection/bitlocker/bitlocker-key-management-faq.yml b/windows/security/information-protection/bitlocker/bitlocker-key-management-faq.yml index 2aad5dcf57..77afbc0e4e 100644 --- a/windows/security/information-protection/bitlocker/bitlocker-key-management-faq.yml +++ b/windows/security/information-protection/bitlocker/bitlocker-key-management-faq.yml @@ -9,13 +9,13 @@ metadata: ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium - author: dansimp - ms.author: dansimp + author: frankroj + ms.author: frankroj manager: aaroncz audience: ITPro ms.collection: M365-security-compliance ms.topic: faq - ms.date: 02/28/2019 + ms.date: 11/08/2022 ms.custom: bitlocker title: BitLocker Key Management FAQ summary: | diff --git a/windows/security/information-protection/bitlocker/bitlocker-network-unlock-faq.yml b/windows/security/information-protection/bitlocker/bitlocker-network-unlock-faq.yml index 54709b6641..e281569bf0 100644 --- a/windows/security/information-protection/bitlocker/bitlocker-network-unlock-faq.yml +++ b/windows/security/information-protection/bitlocker/bitlocker-network-unlock-faq.yml @@ -7,13 +7,13 @@ metadata: ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium - author: dansimp - ms.author: dansimp + author: frankroj + ms.author: frankroj manager: aaroncz audience: ITPro ms.collection: M365-security-compliance ms.topic: faq - ms.date: 02/28/2019 + ms.date: 11/08/2022 ms.reviewer: ms.custom: bitlocker title: BitLocker Network Unlock FAQ diff --git a/windows/security/information-protection/bitlocker/bitlocker-overview-and-requirements-faq.yml b/windows/security/information-protection/bitlocker/bitlocker-overview-and-requirements-faq.yml index 643d0f8992..c197e5850f 100644 --- a/windows/security/information-protection/bitlocker/bitlocker-overview-and-requirements-faq.yml +++ b/windows/security/information-protection/bitlocker/bitlocker-overview-and-requirements-faq.yml @@ -9,15 +9,15 @@ metadata: ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium - author: dansimp - ms.author: dansimp + author: frankroj + ms.author: frankroj manager: aaroncz audience: ITPro ms.collection: - M365-security-compliance - highpri ms.topic: faq - ms.date: 07/27/2021 + ms.date: 11/08/2022 ms.custom: bitlocker title: BitLocker Overview and Requirements FAQ summary: | diff --git a/windows/security/information-protection/bitlocker/bitlocker-security-faq.yml b/windows/security/information-protection/bitlocker/bitlocker-security-faq.yml index 30a406b1d2..2783b642c7 100644 --- a/windows/security/information-protection/bitlocker/bitlocker-security-faq.yml +++ b/windows/security/information-protection/bitlocker/bitlocker-security-faq.yml @@ -9,13 +9,13 @@ metadata: ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium - author: dansimp - ms.author: dansimp + author: frankroj + ms.author: frankroj manager: aaroncz audience: ITPro ms.collection: M365-security-compliance ms.topic: faq - ms.date: 03/14/2022 + ms.date: 11/08/2022 ms.custom: bitlocker title: BitLocker Security FAQ summary: | diff --git a/windows/security/information-protection/bitlocker/bitlocker-to-go-faq.yml b/windows/security/information-protection/bitlocker/bitlocker-to-go-faq.yml index 07a4939071..e63ce621a9 100644 --- a/windows/security/information-protection/bitlocker/bitlocker-to-go-faq.yml +++ b/windows/security/information-protection/bitlocker/bitlocker-to-go-faq.yml @@ -4,18 +4,18 @@ metadata: description: "Learn more about BitLocker To Go" ms.assetid: c40f87ac-17d3-47b2-afc6-6c641f72ecee ms.reviewer: - ms.author: dansimp + ms.author: frankroj ms.prod: m365-security ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium - author: dansimp + author: frankroj manager: aaroncz audience: ITPro ms.collection: M365-security-compliance ms.topic: faq - ms.date: 07/10/2018 + ms.date: 11/08/2022 ms.custom: bitlocker title: BitLocker To Go FAQ summary: | diff --git a/windows/security/information-protection/bitlocker/bitlocker-upgrading-faq.yml b/windows/security/information-protection/bitlocker/bitlocker-upgrading-faq.yml index 393ca5e94b..5290befc41 100644 --- a/windows/security/information-protection/bitlocker/bitlocker-upgrading-faq.yml +++ b/windows/security/information-protection/bitlocker/bitlocker-upgrading-faq.yml @@ -7,13 +7,13 @@ metadata: ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium - author: dansimp - ms.author: dansimp + author: frankroj + ms.author: frankroj manager: aaroncz audience: ITPro ms.collection: M365-security-compliance ms.topic: faq - ms.date: 02/28/2019 + ms.date: 11/08/2022 ms.reviewer: ms.custom: bitlocker title: BitLocker Upgrading FAQ diff --git a/windows/security/information-protection/bitlocker/bitlocker-using-with-other-programs-faq.yml b/windows/security/information-protection/bitlocker/bitlocker-using-with-other-programs-faq.yml index 9bd65aada2..f846ad1758 100644 --- a/windows/security/information-protection/bitlocker/bitlocker-using-with-other-programs-faq.yml +++ b/windows/security/information-protection/bitlocker/bitlocker-using-with-other-programs-faq.yml @@ -9,13 +9,13 @@ metadata: ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium - author: dansimp - ms.author: dansimp + author: frankroj + ms.author: frankroj manager: aaroncz audience: ITPro ms.collection: M365-security-compliance ms.topic: faq - ms.date: 02/28/2019 + ms.date: 11/08/2022 ms.custom: bitlocker title: Using BitLocker with other programs FAQ summary: | diff --git a/windows/security/information-protection/bitlocker/ts-bitlocker-network-unlock-issues.md b/windows/security/information-protection/bitlocker/ts-bitlocker-network-unlock-issues.md index ed361f4109..f54e3befdc 100644 --- a/windows/security/information-protection/bitlocker/ts-bitlocker-network-unlock-issues.md +++ b/windows/security/information-protection/bitlocker/ts-bitlocker-network-unlock-issues.md @@ -11,6 +11,7 @@ ms.reviewer: kaushika ms.collection: Windows Security Technologies\BitLocker ms.topic: troubleshooting ms.custom: bitlocker +ms.date: 11/08/2022 --- # BitLocker network unlock: known issues From 258b27eb0d4b967180aa96a77f0f26228cd99411 Mon Sep 17 00:00:00 2001 From: VARADHARAJAN K <3296790+RAJU2529@users.noreply.github.com> Date: Tue, 8 Nov 2022 18:14:19 +0530 Subject: [PATCH 009/129] added windows 11 added windows 11 --- .../administer-security-policy-settings.md | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/windows/security/threat-protection/security-policy-settings/administer-security-policy-settings.md b/windows/security/threat-protection/security-policy-settings/administer-security-policy-settings.md index 8d8e4c26cd..bc2b937927 100644 --- a/windows/security/threat-protection/security-policy-settings/administer-security-policy-settings.md +++ b/windows/security/threat-protection/security-policy-settings/administer-security-policy-settings.md @@ -22,7 +22,8 @@ ms.technology: itpro-security **Applies to** -- Windows 10 +- Windows 11 +- Windows 10 This article discusses different methods to administer security policy settings on a local device or throughout a small- or medium-sized organization. @@ -313,4 +314,4 @@ Secedit.exe is useful when you have multiple devices on which security must be a ## Working with Group Policy tools -Group Policy is an infrastructure that allows you to specify managed configurations for users and computers through Group Policy settings and Group Policy Preferences. For Group Policy settings that affect only a local device or user, you can use the Local Group Policy Editor. You can manage Group Policy settings and Group Policy Preferences in an Active Directory Domain Services (AD DS) environment through the Group Policy Management Console (GPMC). Group Policy management tools also are included in the Remote Server Administration Tools pack to provide a way for you to administer Group Policy settings from your desktop. \ No newline at end of file +Group Policy is an infrastructure that allows you to specify managed configurations for users and computers through Group Policy settings and Group Policy Preferences. For Group Policy settings that affect only a local device or user, you can use the Local Group Policy Editor. You can manage Group Policy settings and Group Policy Preferences in an Active Directory Domain Services (AD DS) environment through the Group Policy Management Console (GPMC). Group Policy management tools also are included in the Remote Server Administration Tools pack to provide a way for you to administer Group Policy settings from your desktop. From 4177e468d8ec4e6bda37498bfc7b6bc4959129fc Mon Sep 17 00:00:00 2001 From: VARADHARAJAN K <3296790+RAJU2529@users.noreply.github.com> Date: Tue, 8 Nov 2022 18:18:35 +0530 Subject: [PATCH 010/129] added windows 11 added windows 11 --- .../security-policy-settings/network-list-manager-policies.md | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/windows/security/threat-protection/security-policy-settings/network-list-manager-policies.md b/windows/security/threat-protection/security-policy-settings/network-list-manager-policies.md index f558cd0804..82252f7a68 100644 --- a/windows/security/threat-protection/security-policy-settings/network-list-manager-policies.md +++ b/windows/security/threat-protection/security-policy-settings/network-list-manager-policies.md @@ -21,7 +21,8 @@ ms.technology: itpro-security # Network List Manager policies **Applies to** -- Windows 10 +- Windows 11 +- Windows 10 Network List Manager policies are security settings that you can use to configure different aspects of how networks are listed and displayed on one device or on many devices. From fcdb69aa0f3b5ec3cc1f660ec7e6d95188e16e96 Mon Sep 17 00:00:00 2001 From: VARADHARAJAN K <3296790+RAJU2529@users.noreply.github.com> Date: Tue, 8 Nov 2022 18:21:04 +0530 Subject: [PATCH 011/129] added windows 11 added windows 11 --- .../how-to-configure-security-policy-settings.md | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/windows/security/threat-protection/security-policy-settings/how-to-configure-security-policy-settings.md b/windows/security/threat-protection/security-policy-settings/how-to-configure-security-policy-settings.md index 4d69ec3195..d9bdd93728 100644 --- a/windows/security/threat-protection/security-policy-settings/how-to-configure-security-policy-settings.md +++ b/windows/security/threat-protection/security-policy-settings/how-to-configure-security-policy-settings.md @@ -22,7 +22,8 @@ ms.technology: itpro-security # Configure security policy settings **Applies to** -- Windows 10 +- Windows 11 +- Windows 10 Describes steps to configure a security policy setting on the local device, on a domain-joined device, and on a domain controller. From 8a402577c8dcb8b5ea6f26e1623c9858e45c4aec Mon Sep 17 00:00:00 2001 From: VARADHARAJAN K <3296790+RAJU2529@users.noreply.github.com> Date: Tue, 8 Nov 2022 18:22:30 +0530 Subject: [PATCH 012/129] added windows 11 added windows 11 --- .../security-policy-settings-reference.md | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/windows/security/threat-protection/security-policy-settings/security-policy-settings-reference.md b/windows/security/threat-protection/security-policy-settings/security-policy-settings-reference.md index bfca76513d..c24623dca6 100644 --- a/windows/security/threat-protection/security-policy-settings/security-policy-settings-reference.md +++ b/windows/security/threat-protection/security-policy-settings/security-policy-settings-reference.md @@ -21,7 +21,8 @@ ms.technology: windows-sec # Security policy settings reference **Applies to** -- Windows 10 +- Windows 11 +- Windows 10 This reference of security settings provides information about how to implement and manage security policies, including setting options and security considerations. From 360a60f5e407a360b769f66bb1d62a32712ae7e9 Mon Sep 17 00:00:00 2001 From: Sriraman M S <45987684+msbemba@users.noreply.github.com> Date: Tue, 8 Nov 2022 19:32:11 +0530 Subject: [PATCH 013/129] Update servicing-stack-updates.md Made changes to the document as we can now deploy Windows SSUs and LCUs together with one cumulative update reference https://techcommunity.microsoft.com/t5/windows-it-pro-blog/deploy-windows-ssus-and-lcus-together-with-one-cumulative-update/ba-p/1967887 per issue#https://github.com/MicrosoftDocs/windows-itpro-docs/issues/10582 --- windows/deployment/update/servicing-stack-updates.md | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/windows/deployment/update/servicing-stack-updates.md b/windows/deployment/update/servicing-stack-updates.md index b1549aa4b9..7a2066d26d 100644 --- a/windows/deployment/update/servicing-stack-updates.md +++ b/windows/deployment/update/servicing-stack-updates.md @@ -40,7 +40,10 @@ Servicing stack update are released depending on new issues or vulnerabilities. Both Windows client and Windows Server use the cumulative update mechanism, in which many fixes to improve the quality and security of Windows are packaged into a single update. Each cumulative update includes the changes and fixes from all previous updates. -Servicing stack updates must ship separately from the cumulative updates because they modify the component that installs Windows updates. The servicing stack is released separately because the servicing stack itself requires an update. For example, the cumulative update [KB4284880](https://support.microsoft.com/help/4284880/windows-10-update-kb4284880) requires the [May 17, 2018 servicing stack update](https://support.microsoft.com/help/4132216), which includes updates to Windows Update. +Servicing stack updates improve the reliability of the update process to mitigate potential issues while installing the latest quality updates and feature updates. If you don't install the latest servicing stack update, there's a risk that your device can't be updated with the latest Microsoft security fixes. + +Beginning with the February 2021 LCU, microsoft will publish all future cumulative updates and SSUs for Windows 10, version 2004 and above together as one cumulative monthly update to the normal release category in WSUS. + ## Is there any special guidance? From 9c8f2a8333d2d3cfd6b2f21b4899be317cff8732 Mon Sep 17 00:00:00 2001 From: Sriraman M S <45987684+msbemba@users.noreply.github.com> Date: Tue, 8 Nov 2022 20:17:47 +0530 Subject: [PATCH 014/129] Update update-terminology.png Made changes to the Image (typo) --- .../update/images/update-terminology.png | Bin 62261 -> 50871 bytes 1 file changed, 0 insertions(+), 0 deletions(-) diff --git a/windows/deployment/update/images/update-terminology.png b/windows/deployment/update/images/update-terminology.png index 803c35d44742e0cce10e3a2ccd0108b8f9e9164b..81e1b28320f36056994826e4f4c33257f149920a 100644 GIT binary patch literal 50871 zcmeFZcT`hb7cUw`EGQt-6o@DY(yMf&C`G!|1d-kZq!W5OsPrNogaFb@=)Fsqu0TQ! zy$1-rm%CBVIp6*6yYIcf-@9YPk;Lq^_nLjq-<*qp*NW2kcocXb5C~u9m4pfigu4v_ zUHyFXD)2vA=Tx1*+ZB5i=@+1aKB^Vq%QaJR1#u9lIPCVRJ}&V6mdz_odk~1AVMnYW8S!eyMIB5RW{)Jor)PPh!g$1i6PucJ@ivphZ0V(bxb&Z`*$)k6= z3D!wSZY#9hkL5uzra|Y5+18`VH+wr+8S+x#aunovU94_auO7tb`12FlzIgC8s$|kH zwpc4oP4;m{)Y4$Yw%-(EU@F7kuWVehVggBJlD}U=G(k|me}85$50^x|{P$;)^6xaL zum7xO2z+Bign9kXY7$A-5`P%*b2j}R&fmA(>+8R|^lY@)rp_Wj9NB!sv)u7^K2|QBY(KCzpugl#Oi`uQaMZAeV&ko+h{W9 zCcOIu*%Ap(Yd{f(kxxDYAxpsC-qvDSQc}%BwUnR%x_2!E{ zAg~|sv!DxIjUy)T@aOQesC`)_iAc+l_+V;&>-l6QcWqH^DmQ+RvbomGVNx#-uhzM= z=R@P`-9n^rpKiCE`l$l_k{Yjk(hGeBG$?WEm9>KtR^j@v<#60+(<)}h45q%Ret5cS zd#0yb!+2a^m|7X%YWA=onm@N6T`HVwzx?u}z}sn-zkL7_%(8tya?mb;(No zggK8!79`Z5W)5JMI5uwUp7`Z^Vy&MYsvR57taJ5#wCa1!4jiO?1-8)%zT5_T)6Rcx zL$Ek>2$zwPdL~1)Y(W3R1MS)OL6zE*J}!zn(N}{OESFPhP+PKN8H0PrEa4j;OA}0m zQ_sJvR&#w=fCrKx+#Gzg3kS9v{lFuj(>_|t2!EL3o%-GN{z2@2NwT#%#6@rSx7+sN1qdC66tK zeN}~48><1_qZ6BFwRd|_z=H_$ZuMqyA0nBCWn-W#!ZB#Y5U$+f_7Od8)O{z(iRn$| zck-5d76Xh^4s5y_iR}f9Ixpj;i*gFIz6{?oMgw-Spo4LYt18kczz} z!=6nt_xYT+@l895l5!5VrjU-pky36x-`ImNOHfbj&uKo@h{pC3s%M}dG$=rIs4itz z`AxZ=%K$79*HVstV)c9&x^#e@>Qf8jV_Ughz9alXU6zon>Z{!9%?I5?lPbD_y=P}` zmBZr~i|R%6GhKb0sQ5j4%{TEsfoFEpdM2#N!g%ZsFqAWVUwy7m8~p@{1wl>kW!YS^ za`L+LUY9@YuKsVr-W!4~;jh9VW<35d^I^mR``ID^B#qsA)`rOdPR!2jI+^p%tQG5% zNpK?g3P%hF^xOb0!*X#c{Cd*R)o3Ejqh_jtb$Z(%=u_3F19R$c@D1Q&JeadQBYQt) zgD$OD8;XB!q)&5^?Y4Z78$jVb9+a@Rs_$Ihn3J^!_zeZP#resS!kxyWJ?=&o{620o z5bw)p(1$`2pXS)#%bvYnii>xGP`@`n+jM|W;>8}AxSBP(zCj~Y`HEWK?%(E^2(QsZ zCu2=uudP*gRBb$6ygW>GES3f!e9We1Hi*G5{ zcB@pRL9JkM9`r2kVTMi1JrS8MVFzd9vD~G*eGDU{46eymB7N@@#k0#OIwpT?3zGF@ zY%{_2ml zL!RgLUL7U3A~SC6u3bl4=~XSoNJnPwaO_O7FwFmK#IFtewTJ{XPnl-Qn&6`I zo(E1!vYp%>(o{F6@av2y%5w6}sdQaRx`13>WC7>JM-hFTyLZ}5xGc#^yIQF~ER~YQ z4l+pbW>jSkKw%--XJK6`@A=Wfz0JWG%e9YRx}F*0cD`w{;uX3r`j**Njhqmd3VA?5 zjSS)SYhaRIan*|aV57QdV>vvWpV2CKZge)mlMj8*83E25N@-_0Dp`KSp!Kc6z;ZtG z*@w;J?pVE_1NI?9w!CE~q_tL~eJ^sqq@};1%JPw99&MU8&aSvfmwhvM$RWqPpqPK` zO=apVr=z0(HEp~#S@}R`yT`BevrYyy6U{;rBx=XbRk#bd4jRues)OjE!GbFc7m6{5 zf^@u~8taP$yz^VGt+OHTDnlng5+xC@+A2*(-F><`1h=Sh>^gGS#*Z3QgjT;=#Gc;g zJtui0XFJ;Vmi6S)T;XZQ4Vj|3l$Hb@<)H)R6()0VUd`JgH!+tcpj{b5iD3{7SLi%@ zRnkH=I+s&}DhM3wD@gsIDV(JpVm=sJ^tJI_<&Ij~Gjo#-_n{Lj-5IW-ajyaOvg)>I zyDWlOp~UfU-^zK*vrlYpjh3A_EB%-?t@oY27^()@YI(GLSrGMxUm#cErC+4+Vh`}# zVR+PA{Q~Fi3Ur(F$d1Z0)-LI43d6KHkLfRkjA! ziD9Y1-Y0To`YDIbDn zrMEgh8PyM6+lttkKvt;}`IQ<8oKYatd);0tam&)0F0s7%DO_iqU3D>^`_5htGtcVE zFT-C+i*Ma2H}UCV^|wrd@e98~k!jVm+R=P=GZ%Yfokbu#J{f=vAGZHUzw-G4-^Qb| zp=!bdQxl?1&g!Wu|Md1*Vx_9oMa~b(0#!G>m#+T4{p|cJcnV6+G!sZ-#Q<*v6)|st~E)(c^(t>|)oF=oZHczc(m|myc zD@tj&Y2D$J{V5D@;NiOtiizO5dtzhp3h-=blW1mIIPFL zXZY-gJOyY5Ogk0V!uTnl(L)`dKIr|Hd|HW@f$>E*%Ot!0y68>Cf_Y+5_Sx$pr!96> zK6Y+Jj4leyUU=!a{%Fw>7yfsb79AvVY0*pBBH3nPtE_|`$gqL-@A;kL&i4R&mTt-a z)FIeBC*4-Tmzb8>vc{CiHaX6)nDbV<*J1Ya@=5EV`4ibMqfaQ`e9>6TKFcuUkUcx8 z32}SfT+%tGR^k<}5}N8-;~yC7bstzT^D;Z)|!e}O4=~p-hh^B zNLAR5RyHKV7n`TPlYvjsC!A<$)YBpvJ;m3MsGT{du!f0ssXsD~xn?$!(H2vi@;x)G zOny5t&kOIPQ(l6)F~e7}}_$qvD7t>wl0 zysUl)pN?Gcy2&WBY*d_N%_L}c?%gP?d&#Z7ndy0pUEO;5yPN-DpI%hWzy=@PNo-Yc z@eJWpb*pS~Mk)5KH1(OlccKnQ=G=7&1C5z_*j1)PTmI@Q@-KKh82y04d$AHpjgAAS z(?`ZS^YFkJLuGvLU2WDQr1W7fiDxBoBeJdGs$+Ua{&BSO(jmULu&vTwugLoh16pEv z&5>-i(PUOLWOGlp1IB+a=tTWY>918oJFXb_%M7MZ*#jE+5J~y)7;iarpq>+O)|+ZT zr9t4Q)g1zx1^aSz+vt~pO=NWA;92IK6{J1AE^{T1A)$5^U6V-01sW38oHBmy`xymg zCkmbCbga`OXVU5en`UyZm1{R7v=w}ZV~%-@-C`Nr2oDa(}%>k zgaG+u=qsGh^=0B|jyR7z&Sc$h@T8aD*2s6Rm>vERsQVx~6b(vmbO^jSUayyUfV%J3 zCb$AmkIL1*&uP#V`zkU6!g0d*neb{LHHS_*9ra}b7~3C{=Bn#Qjg;%P%>=sPBj@vSqz4Vh{E#0u#&e`2mfDcC67@c^Ktl*zT*X0~-K z{eW6srX`R0C_gYpRP#3}Gasw>IvZacac<>KtJ2nqzyJC#A#^;T0jI9-3$t3ya_>M0 z97^xqN~lX)y)s^1vdSdr>^v43UgYpT=)z4bocV0ep-A4Zc{@!S|{zd@&l{JY& z%j_t_DYo$?glc^!?*voZ0aUN6PT^+@Q|R@VtUd|E;WG>%a7kA%TM?SV5*R@_%Gj|-&c_B&C&IqBE!RSCum+RG|m$XM9a z;af7jEu7iKmu5VF6%Xw!Wg6ueSdNXdlUvU_#Q!86N636|WptR+*GX$^_-0xpcxJ7x zqesnE-GS%!q~1hHm9fqoU@sr8dtcXs?oohxXFCUl3A`R@oR^O|rqv&XhYzT<3C4T% zA@_LmMR0$5F+UvIH2oTD@sA*Q7L@DJU#(O6l*gE+zEFM4G6a;U7yXYCStSi{L=Wj% zb?J|*13D!8=EI!jJJlIi{4DEdvZK0zWOANM5%{zro-&M;Lk-WYN3><^9rx*uTGYq8 zJj8fmh#7RuK2P(qku<*$mXkYLhg7@QhwpwRi&gxvb5<&DfP3V355mFh3DB!p^)Lns z5M~))OnOI>H+xx&ntyBw64uORVO|5xLS~6g<-I#6_2?t>_+!_vRUab9!N&+!X|udv zF)b8`X)s63a(?oxsF4#R{xXvpU}C)m{;}C29H%a=Zqmil3msst0(Td)rLR! zowXMhHPaMI=z5q0rs?v+ne^?!)-QuvI1(*BC`U|g`3;-uHh5fY$mf7J0jbm-0KN(m zKf_vJV|-Q(w!b7vVP(>o=_0~*oZnsDK?d(Xv`FGu$~d<QWpDGor)9>K z`$JLqVuicOI@k?jW`57IwhUx!mNj6JzM&0@(MOu$)N@qyDrCjt&O?sZyZ*l92mF2XgY>j-Ca|DH~dlo}-wRxw^?UIbR$zT3Mo#+BQ z)C1jbFmXuYd_HN&wow7h+?ynLDek)1SY{Ig=~?NL>i)2fbXdjV3)Qm^cdXD!vTsbh z>hZqhJy*9LTvfeWwQlA3%7Gm>f3c3`-$YnAw^C?VT~t}4J0|4o zWCnc5~*-@CqpsP?@8Zf7qjW->%IcbE9DXU)QYJ ziq+2~I7J5=MvPQu53`c)Qg^86%<;gz1pZw(XYH$>k(ByC`-`HpMN zVWm02RR~n?w`p|`Emw=YymQeY|HzC+cJo(Lt7Jbx5`uilPovvTts{DY7U5KMD_Z4z z9{j;SvCD60rM1RVw$5aSfvBo(FeoANq1mA9h{R}Fw7azO@K;IR2$1`Q3W;y_L4$v{ zoL}~!{e3U5kfrZ=n$wHlG$Re*uYv}Vivd}VOoJ@$*ki7*oZRX^f+e0J0mU8Y0?Ubq zWqrvKmMzpxJ|g_I-oA2DX|3DGYe-jTVWeTA=;(u;Y7QS!cjvLAYb?y+rF4ayt*xtt zPkplzksX-0zQcu~(&Vxol@GvRSSGA8PI7_rNbXJ5Y`f>{nPxY8q2o^tXli`w%UWbG=jO*|&R5rzLpI3trjXEKv@+1X#HseLtaGM0WpmYS$?e(to~)~`V6 zT`_f$9-q+Fuj{GrkWY&*=5XLIkF{bvvT$7u_^xT#km7{r3UXO)4p{Ku;cYf(9EvVt z9Cyd#`dF^$DP^(-!2Uqei=NHicxR`^_Xd1SL6yNL^&UWXR5=0sx4=q07?%1xwB}yE z>96=v0?y2DaTV52Y97dujYEph!SAoVSE%`VTXy0jOxo;pf`%EM{Pmz=5x0gh^5 z1rLFO&trSeo#=Y-0;iCf)}T~k^2iGpl-le{Gg|fjx|&s6EYlb$4)2C&342aMrrX|T z*<`ibTlBF9W^2hNMkU9@P%&o5YZ&kK!kH7TsW9c_S<1pj(*$&1W%r%PTi0u>Ln&J1a>i?wY1 z_m;q3l}n5FD-2|_YoZL+BCG7N0ASsF84dGiR$o>(I_R$tP9^E)LkKtI#`r+nd_@IG z^8H>L?iP*D8|w~|8<{;I7ULj^27GK|$^qdm#Vk_BpI25IXmxb)y{IL|j80@d#N{_A z6WG(n84Y!FG9E`aK3HNtj)czI0SM)Y({7VvbzP(4=`5mZ&oH6=L4oreI(DQ4bxv~U zB*TiJ@9Fc3+0pAJ1&VXO0PELONN`B#Dtu&{+Hu*!E{eC^vbRfUeMj&&4x(Af)FGJJ zAZ^9}N~6Y_Oa0Q15J~!tLS(|S;8|7v)qy>-JXxOM^%>m+E(Mw6KXPi*E25KZk;;LS zH=bp0z{alhvnFmfyPhbOq*p!w_?08_NSb=mhB0lYg0zuGzM%E=V}^RL^I>kpjDLMo zm9cGiUAqt|>(B_Vn-=ji&<(cvU3{@^>L*TgPFTTs>!li5Q)<6PNh4hK546K@o7$MF z#1-|@dmd4l^Z8!i#w?jD4Ass^7}yfK2(OWn1y*I|~PZucsU{*habR7vSLH91Q?;pjgD14eKZCe=fIA9&k**G>0y~A8_ z6o}fG*`hgo^vo=g0Lwryt{sN?_{$maU0T8>U}||XzBAh?RW<8NAhhYBTCXX6 zVye232Zcq^aFT4Le)`Ddn{JV7(8tSEtqpC92@US4ELDpd(g!r?*f%@T&*Q$r#4-nC8{=E8 zmpZ{_ulCwp(b{w*2xkL~G*;KfVvsh+H39x6*{6B&3A(R$GT>LY$6oEAOfVPwAB2tr zDp1>H#S;Q!$SqU3Y?yX4?OfSclnfdc9qBL7DL|on*9Z8LdI@vxFz>^5wkO>L#YFq{ zxF8quSA;w&jpkXT$37cgTJ_Hx*B;92q2%1jFY+pi7=s=%#h-^ZoZPUv7z|&TY9{niRmwZ- z?!D1;US61mnFv*0QvKlpT7TBrrF)gb>#6f)4X~jwH=S(-B+)f_onH%km5;pv?4s(j z?82-A{cD~)peda_$oPw%r)k)1>e{KtB^dMWQ)5`AV=~(L$=Tc;g^Ow7upep%u^q^e z1Nk3@_htjmZzT0_xT-!}K9!v`ALr~mO;TgnQJOlVzaQ#V>2??vvU{uYe)tWTdB}T~OaQNEfC@xZ024N#W*MRnRT9Yz3 zy9dan8&>|CvTuwzQ=nH56zEam1*lGK2;m{nw!U6Wuy|Qc|8FiQF@3iEfpAs0{%Zd% zKZ|dVP)(-*u#4sc3cs%=>OfN*CTJ}34QSr-(+$4OHLSh>JkVQpAms|f>2pX<70zwi|K(Dhz4dO4e$meHUaa+g z<7<-gA}(tEUnJAxdmnadtiIVPG74^L$a&Mp$0$-X1ArIpr$BuvpfSGMJy_(jG|uzcoNW(kf`8^7oj><-~@$h_NbV zrRav|FP@dV#0y$j)<3=Xw~_` zaJBBm3q&O6=y}m`r%ReT#}&|!Nhsfc-Tw9PW@b9Ir}I`uRqgrdLbQi1q?AzBA2yIV zPF*lLVpc=3B?WrjLuK{ed=Bs&pp<}(R^r4EPzsv?*xE(w+3?XL)D@fN zo|*Rl+T1G8@uz>+0?v3Kni~(j@$DA3A7#QAfYRZB-lYm{T{EQxWd}h!5>kLxE~uEm zyEDEeM8Oh(A+H!%v2P@y_6_w{%{(ea4zjM?1+>ejln68=iI`LPalKg48@S&*@W}m4 ztB@d=RUzE*;9!b6Ndr>ZWTXsWKbRXQ0}4Mm-1@8^!im_jJA(AA?$4Yqc7`q&ZEVzc zf?6G(CQZM;27(b`oQccC5ySuu90K-L#g;i*X$J7_^3VLj%l7f(7JP#%n3dy!gf)R$ z-BJAq%E3mYvpR3el5zUAe@p2#d2uM8IAyEg6+odQ0TRb!Y9tZda&GsEL0CD!*EAHE}Ehn(a{=?vcoUz0H6XCYx#hpsssX9*{XfT9br}1KC+`P5W zJ3;fzfj1FJc#a4(gsY48AF%5XLU#P9d#)~#ZO_HSHPj2edh@L-pKOTbkfq%L7)xwI zz*oTv1Df+O1c9)s#B_qBd>pFmKO(RwftqrRCRmS)ItqL`OH(WKJkHck>OmZ@r6s6< zG4AJ{d+kAX^R9bR56h5BIqJ8WZEy9j&cz-mexX%+&xr@3GVOhnx9`SD<7URXQ1nM}HO&ZW*> zvWAz^=8`r4(}Oq-z*&x!((9S0i!3UToS@e}({p<#VSQXrHuO|l1)F9q<40XBqFnEm z)E;+9)1S-?2eCt%`Q010>ATbQ%vuFOig5xHBk#ZE)3pgM#U5M^7%i1AUWgP}ZS;53 zeEl<*;1!Z%r7>)xao(EI(?jiKuOlj~t?NR}z#@PWXxwhEpdQH^SH=-KVI@U6bP6Td zR&Z~0g_iQg%N}&PKBLuJ8j3w?%uCplYg^sCl5GjLO^-fT%wA;mc7kyR&}w%qoPDh~hn$3VwTs>^{fl~eO6 zPif2y=akQW(`UGd&XII>9MSy(9~X<0A&?E`s!q_d-rS zPcvJihifysEHfi+mn;@#uwl^?^9Ot93%2Dk!XkYp85%RqSlJ!%k=4@2CpGV2e?hod zbIZH<1^(8PjvyEpb^-l{PPb?-Lv)3owr+=+v~~GiX}~tLL%Vz}Uwy-o%B$%g9jUgn zxKiBrDb=tn`t5af-m*fY9+Fe3f!x|3FW(lXhL7e_U`8N9q?$r29`$z^;$}=V(1V}W zsUyl&-YRm%vcmS>U5I3#FDS3a3Rj5N%l5itO-GU@>$j=5udMubv8#d_h)Az%!LxWI ze8)xyd=)rJ*Zy zM*im}WD#j6P4w)y@CwCjz074}f0A_2nT>H|JVV)PShm`PoXfBP{^#kXyH;I5)fs{X z(67|eqgj*sD`=SM$|jt)&iB6;D9#(z>bF@Gaw#hPZFa$i@QF5lt8^}tq|y+Wl(y>};>)54`>nq%HN(yVRUA6v z?x?gpqU3@Rp^~^GGH)UCYZ6L(%3_grN{(i~-B^3epI*Z%uA^PB*e!J8w&TZczI3{N z#L09{{nD27H;Lx(c*`6gsOc&lcBu}|fe6x$&TprQsmY9s((cc7zD`dBUcirLM8k0G6EyjB^#^M{5CV z(mT_&`~(xo)ZSjt5eRdLR;kr`Xt_p>?>2gd8es9f#cWsF(*TK`R1W4)!LS9Zvxq~R zV+J||2idAQOkMoKt(_v4SgeRze1)126o~)eQlcST-iDiroFN3(aL^bg(qnZ`of&1z z*Od)~G;eRf9e8%-3v>v+;JaU~K_l*32$*JX?mkzlLcU>>Dp9puzXsDmcydMw7;hm% zP|6)mi)Gup7$d<}Y018^Gb2oN=%oD_Q0I}6LHdDL|4PJ{|9JRi5Nhf>$V=|?&C6sk z00X*Uf9dt%b{6`8)U!fVbU&74xDLL9zUH_oLu&}1&y`#ptxq?KqQN9B542G|j=Q*1 z8O4Q)x9LM*g}@aO1>r zZ?!izFKi0ZWKij1wB0n?b%lP6TFOcU#Qzasv&kCjDfWnWy< z@gd$~#kJ=66ctui7r8=;0s$*VZ3OpB1ocDAJ5g7&5RC^}S%1P}kL6tXU)`bmOWEzM zg7FT9YM`(Fu!)BV^^x$9^SAO~94k{hGll9rErn}aswoY0sPcz&Kz)of2*~z6?Kvl zmGIbmV|m1!1czwd(V{|%(%tLZ#fr)WKN(Oz`zrqWpC3F~9O|y^t=mHF=Ge={^5e51 zd|+QIs$TDD#$*tSp)OXbk5cEMTHQxQ8(^x2$L2o zS|#Nhz(15k<0zDf-UYIWtAMTcMrrMY!GeJ}Db2XJ$^6QZX)jrPpm-Vj)ai;EeOf#W zq3R^3@Bot?b6REq*ZcQT$8}b3-G;;5iscv8brkiP(4Bb(kNA8#wUKsv?OMGpg{Unu zF-lDOPN>dkE|RD1TnvFTeG^C}c~z}gf%!b`Nu7yXtThm;VeL7qaK8?lCNe5aIy-Vy ztz^oI7}H}Xr{G8&4^#HWI5Fu@&W3w&HROG0(XsPl+q3v=nqZiGz5nx&5#6Mb z9^{peu@NKpOcNSqzvC^%-{ivEP%Np7Y7LI&`)m0!!wWu#?ZEd>Z~%8o%K;>iO4aJ@ zD8`%M){56h+v7WV9kA5A9zR^t=J2+5!7g86Qfff1tt_1~R3_CK?Hz(4F?9+E)w;6$ zf7SP0OXE;#9)!KmbI%ibvUBMebUqQuRIri*xSUQSpEYNk-5zJ63OF`yHP(e+A&!4d zHuT}Cuq2en?6Cq}%wWIwL?v$;lM&}6tKke3-<>aL*Ykwzcsw)p4fY?EI9WhtL#3?< z?CZ~TK22_)ZhO)_CFwH=KBO}V`2=X3K{simo~Z87i!u?Cn}60B7Si8 zblAM?U#(|uie_IO*qv8I>>MM5rt5WHd95)yU4)Z}#c|ma&-(IB6d$V()=?jNA<@jv-*EjYCTqK z&H#Lr8uqegK_c{StnQth3l=Mbmp4A)QYaX}zvJ_7yGcT%-#V?hAl(KuHgy5V#3O<- zE1UNNrdcW&&@jsUf870#*R#zr(0bP$1?1=2;=aP<=$s}Cg%@A%JmL)!OyqY>d%ZhG z(+HGqmY=U=U?U@}uZ^o4DKxGZG$}*aZmL>T{nxgt1%{rdzw9#@s1{SJ09s@Bk92V4 zf?@Z%-~l|mWUibIbK z>3RG`T%WqP^8+jjW`M?1LyM@oK{lJjhg8VHh9 ze*w;OqdPwwh~>laU6qd8w>!>N8#(x#G!)p}1Xx&pWH*e=-f?OQId$BokTie~+-HEs zKCogm(+POM=<$p@a)y z4JK2&>G7`mZfwvCtV| z4=$3Nyx6rI@?SwtQrEdFc!UswsJ>BIzsD}1Mxamaeum^A)t`;7Bssp%vXg6org#PU zbp&-U-^u8fKb^Fj|0H=vXdMs4(A>5*!P!T5$f2ULKcO9J{PlG-+u40qa*T%Xm6$py z1o6qdRE%Tg{mB;<(0>eFFFqBhg+YTHPaloDRPzX;0(6Q7k-%s%ay_M~_Icx*!iNU7 zVl4UhC+l{~YO0;KfkO-yTL*nD?OZj9XyJai$kG1k_W5l4Sq3YkouCRL4WTF8Mzo1y z-VU9S%`gC~YTv1ZbH&WI%?4CkGQtqt$OuRPY*wr2V#Mm{xVy=^7w5taPW*ov45bHx z(6{h-;?L_@6M~OWosNe!fd?bA+?rf;eF_aFVw%X7t05nNqFtsnkNczdBQ9CbR}P0# zN^f&G3t2P5VDxXc1&bApV!x|ZA#?vt`-=Awum@@(t#2qzT=!S`aY)w+VQS_e$N1$_GDC3dP&v(-vD5I2|Q873tSoX?aIe1 zR(!gjPFYykH>-+e5bpHf=!0s zTPd$~(EP*RYL|Ao#KdQv#XWSrdD?+VaYhZgUvqS$JU}mF*sgQ9laBCS%#EGu&CD%^ z7Y~;H5-Ksz3yvK8UF)+D19~$3z30~V3Uw>>Kv+dz;YK0$;V>aO49#zRzP&jjxCIrjQIr#+ zbtxPAKU!$Iwi64{PASb9ZoCJG2`|px?>DXodiL|TaYP-So~>rFV|D91_fl`axDMC@ z5VP4K)QuR;Smu0xdAmfG; zKe(QqXN~Gs@6;KmYn{4||N#^``YBq$}*8%yG#PR8qXziYoK;giQs|N5z zf?!zHn+w^!cg#nucaFH{GyP$ zG3-RYknJajz5R6wBGa3^VVV1o9VBJxmjRq$b6gs~_nG}ug^A(8F`Bn+ofo8?I+&xO zu-osS%0+30pAvo}bV?$3?CkwA)_BL_ME6P})y}O-bR=Mn=F;nlZ5`odx5Wv7(_yhc z^7hc1S31w^qtMU)f|{lSsN{BEPbp0Ck87W_O7u?oc>3KTgs04uA*}&ns&e&Cnj@%Rd_d@u^eXoK7VLe2T4(SkXY)Ao_ z-{#`oQHz7|PROc@(Rpu0xE`WTuDfeo}zcr4#2WS-dr^ZJlv z^_9!0W`>y2u1N&F+u3UGsGD5Z+(-Pgv*9MWH6xFD*W#0tK0Y(i05%(^{75f8RD%lT z7&tOd!sH3I2BheH^l_Z53us017=Y=_Qc7w&j(X>67DU7lgKxzVAC~^KDQsLcd%g=5 z@z!y?ko6~64LLIfjRx|rHeIbM?mJ2LxtpFGeKw`IFj&ALy}Y4(yfTiIo(qb4C$aS4 zt;sLPcIMt-xzSnT#k*i#i1*hk(=`){J1@LCMyEyB5h69Ui6ZhcN&)(L5Sh(-WKv5P`ACcEwM-AgFW*R9gD&P}-EiOT-{mF~QY8yz8!S zm_zD=b0{refw!;J+kQ^?=+x`X$ChCT*FSn7F|wH@-QG{6;~#d&8MLHG@AuBimGqV_ zuajFwjJet)gAla*8Nb7z1Wp>h(|PnT4fIe?^Z_1Qa3Ed6b{xaQE}UtHIHh{avWYkD zh(Xchw)(GgGr(!tio>MPZlFx>*lS5S@^XHIzLSK@U1Q%+$7k<%0Zu^%kicZt9H%~|%w4bj_26US?SSLrP1;Nw^ zXE{l|q^-MJ)j7UgaY8*S{vxoUf&@+;O5N`(h^Vs2ac8ZAzYbS(h5RMSHbT_?#N#R0 zd(cqiutM9`0#G!h>+{4z{rZ!mteqaEcNqKB4H@cv$rpQPrSXV5`;C~_(7_Y~{CVRo ztV~ADG8>)@0vPp5wxbbcuO2`O&Zx$Ga&^Y*;3mQtIi~wb8}FiWM8B6i_30(Qoyric zJ{Y!gN39oZORIx14oa$ai`AiL2(8mO>(CcD&&6wz11*&74>u8i@<{$|arppu6V4L8 zeYTwMjYfNeqnl3?5u519Fmc-(PmePA*XWh{^*4; zg8)id>48;wuh9VN4zo~m8})#=q#Z-mZ)Xhh+Eqo6krG2h9Fg5$!N96n2GZKQVVTrH+n2#e;6n^nmv$S8@nn8Og- zMZ$N0KLntiS(?+TA!Oqm08{(3vyN~>u(7pp351XzTcD{aX*9=@UCbSENa#Oo~lt-c<2*NkE@>}WUB2F^d^bqW;d-B zivsEU*AVmKNb1GvLaI(%_KmAB1Q6s?(tzZYe4i23qSs&h&S)=Hmaf8K|T~ zU}e@2=UCOZTeU*yhWnUzbGQ5=$&S+IC7GHdzryfvh@{as=XMT|OW6I`x{8W^(J?gu z=N?s;Er4}--CYg6znHz`|Q>YWfn;^-H>5Z8N6QrKXK5a zb;XA9-SiXHl5TjS|LZgv>yhQ!##gn^;Su!&sm~??f^8$?l(MP~Q9J!X{ z!RGZ36Xr{A-4Wa@NR3GLyzqSnQ>U8xSJW=f6`_j1WA?O7?P&9&=ns07ZDD%0qppfA zf>x(&cJZcZW6g}D1byx%uPg+ec)JDOEY_<0xcPAMLL;_Rv^5W?6g?rGx{Ip%@*o!Y z(c!pfYd#%tgi5IW*h_zu2J-Twf*w=)cZWW!jcFosF{=->b9WP*m8K%QLkc_-YSItz zS7nao^<1d^SrhP`PSK3Tw6}0*vY5gT)0!SB729uEgctXTYbiiMjAyriBVQU4ep(mU2KLs_nh#)a z0a9wi_hJit+#idT)enV}@z~jS#6hLsEY8b)ToBO1ZOf<1JG>rE<4sig%^xT3jgWET zPlL}|8;MWv0w*bv&Eo!+C3;=+(8qt0ysC*TB5IN^Bo~Qyixv4~b2_%%_mjluqBd`D zyfpsH-{Sp8qDhhc->`fObMVCdPYFdJ7N6hyk!%;tX<*xC-=CC|`uE_`fI?20Hi4_J z|Gv{QA05G>KPfqBm~U0&jWl2VBPoBV~hU6TO@=h`9}rXgV9?7cIoxb(MkbU@BrzRx4n%y0fTzK!?VZ zuA)lE;;EEqe397HlzDjwEFIP}@q(uANr^Bn8+K4>AFNR%gGMSNa%x zg#`%uX;1<9)`z#irP$}De`hQ8t&85C>M+saxXCIV2bI%}BZ*EABfB)HDQ2hgK)i}r zL9pv8(eU@1Ee$D!J$YlTf`JZFnIj!ifU&9?h@4lj+hVR6f{V=@$gS0&DOhXmB?!{j10fldK2mAHC!JZt0|G0Dc*lUzRL~?JI?K z{Ym*nuc5s3a&@->p{G@;={z8>O`>W_KKh&lXF z*L-w6glZt%@al9_Tv+3}+=O5o^l77WTC>jpwBxMa(h~j-QEEG>T^;#=*y&Zq?Jr4& z2vy6aC#V3${Z0N;ao3~srtclZoWFS@_RX!XFZ;cL8Y*Qyq+@^euUV)54#ACOg`xF4 zHX^1w5>&LbcTRi?41~UEqyfVpBDMD^bHVTD<3Rj$i*weL#6St;sLltK^{>$%!CT>c&t@TOZX=R68nzNF2C|+=6PYP z;t)X^i~n^IbUS$)w?x=Wogv+wb+IFwt<0AA0lWtlb|u2k{GgG>?nr&8Hs zA7QK}?e6B0r%Me9ueaU8@jf=abEEUcRxPsuSX4SLb;ij6j7AC?AD}`ep95g~6zzf;!-Hsa*a+tDf~;Aw_QGsc9(xQF*`@l9KOm`+)Kiphm7S-X zG+S&_g==9xH+HP=VXg_hFdw~ML(NX;g|3t1)Tuwxu*s2oCc#W7;V5NAZ%y^l>8%G< zp9>@>e`P)1O2l~oo6VgzxB!)k8CD_q9?-A2WdMJ_R1Nu26&e6b&-`h*-imvld%UPI zM3NL!yVtgmKmI^AUUD2N-55eo6!49!xG%drjsqoNbLswoIiA90uDmQ{bXmjeKNC#` zb<76u0a$%u7-;V)5?h>O`51q2Mq4;_9JJ5OUQSEZUd_08Y;&TkfV*Q&g1Ht3pJdT` z@`&U1k+IV!e=p1Lp0{)xFJ$nXM7(ymf({j=Xs?FnhbJ)hsOlV?^aIl$Q=U9R!56wt z(Rj_L5`~4pWDPdvHN_PdQ(k1f&E}h|0T&>r_O2-oogi5d?63FH@c#a6J&=$<~0B0kdoN2U*qool@r^Tx;ej@ zdagsfOqKb&vFLw7W$6pcScVaX!EuTn zacIXp4}aR#@X6&~5;m`NowH{>Sp&m-w;)q@@wa{{S5nl{j1r4u;$CLmv2!6?>E~dBoL)@yu-cgnu zx?@%X{5hCwZrZ!VfiM3=Mzbleawm>xWFB9Qn>zs}1RZ2MK&sQtJ&WEe4pok$bs%MX zN#AV4E5iyL!=1dhMd}p9ewciw zTu-bo0n5CN7{QYz?&n0^$^sfYfB5-bi&T4Mb9QaDG?jUhzm89XMQb-l%+e72(tYIf z+bwDGoM!)t9jA(RT$&r!^rg4Yj@#=$u1Y$+MCm~|^UN-SHmXGv5{7+g=XyCZy}nj* zn1E`#Q=YL;anYLT){HIzcu}Ir&QT?6uoloZFY&Z~<*8q$9$D+E8qUVY}5lCt6EV5u1tvV|6uQ}qoQovzESK#kOnCQ0V(MkVpJ56RB{CA#-SNPN(JeVk_J&i zV2Gi6q@|^X20=m?7`p2_5$@;R@AJHSuf5mWf9!9q?OONpkJ~w~^E$5Mtm79aDHDmQ zl$K62W?LV@_!BDgW54nt8NnyZOr2w5E@m?_Y!T&jff{Bxq56GwZe2n&5!T^#14&r? z*#Ow6(H-&_RHCY&b{S7Vbd9d+hO1-?;gr4joNC+ck`CDT|qYUec`;YJ$NwN3u6F%|d#(St2;$QO4_B9+yQvRn&b!zp?97;FY z-=qNVNW1VVD%6)c9-p$p+Wf>|UNI`w=z0<3S zoXSM~6`k4OFN}B6?smI>p6Dovu-xL=*OgZw$MRE63yPX@ky|W!F1Jv(ehA`2$7e0U6PQVBB6F+YzRjzx#3po>YX~w0WmP%q2VH{%C3&||iq9G$ zTRd8=)B!$!U%$|POBSkZd<8-!UhBt@lVXC5ZmXH**gQvl7@*J z)!bonded*5tF8{e$V79_Q!c-6W0-mtU~%8VDZh5qF2JXcwUFP z&%8CBxHbw2V7&Dd~v$tQG*lX3k`tg|~G1a53cdYfwN0Dl(wMQRa3JT;>#D5h8V*i8}rz4l&lqd z4HsZVY;s`%*0xCJZ8XbFXJnVG0y~2Uf(;XM*4cZniaSE-4NXgOa6-mS2cP9zG=53$;C;(UMjIHp}5Uo7Jk8>(|Cij$Os=5+>)RkysoekQv@91rx|fVtM)r6h^oMd zag<;D*YofkQojadl__TYA8-}8_IMuM^}58(vAy^8iXvwjmDU8Y<{Dt%eo2{*wo8Iv z$738j(N#GqVSO`xy=Wby*KopO*>itVg`RfL7}KS8Jj&~?21o1n^sQSGa{8&0BO8DMkm) ztZhx1aO%7$=5BzDFkl`5zAgxwp5pCBh~2}_oZIhd4H9dHn;`~+w&6-WcQHd42UN() zuXTSqiVwh+4E)=-BIZO`KZU#;kp5G4Kk;5UhAMC6Veeu@WRZ-B*V);61tbrVg*h#N za;)O^#dV;C@h^-yo9cliahH&r_WyxdNe71ou&wI)w#tkd0wnpf#l&7&6hlNko2#1n zWcz~Tqe5w9F9k|b{J(c~0ni{v@(30{H3~S_W%|NQLD~Mk)Zee){;VG`88SQHld6-sKaE=dEOt9KZ*HEwTua7AQU!mZEf}|KZXefLsV%RTS*mbXvSMam zZmO@A%Z0hwygUeW&itIQz``%I<4#8Vkb!`Kwmj`Yjm2kP>vnaCP-|fU3V1-asV!-_4vLS`M)NFWGFWxT!2*bE7CV^ePVmFG|^2YoqO89I3O%k?#yC*&0+@ey6 zht}SRC?HAvMOrUcIlrjRb=~-5$!5nC{j+wwk$V3_Bjl;Sk?!gxb_K$EV(9JPrdUo3 z7aB$mr7!gJRkJM;U7{7G7p0l;=Wd1sm3GY`6L7!-V^H z3pYFk{~HP8Qyz^fq2InXK@@Lp1+4E>!`DoLnMmthW|MIDmg*;mU8wu25R1&b*0%^e zOB836zLkkoG_ML*Vr_ml(blqsq^M1DQ))%4iz;6~UH{~YVbVw2<3yZJce=Z-R(p?r zd6KIimdkwq>g&|vh-g7U0>RN$3N8}tli~a+`DUgEE*42o2TU82lGwHLBd~g$GBZN1$bAuO>pX<}uwQ;L2@xUD^;pL2tXB!L-0n9T5k+LC&JePoK3!Rdg z`N2?txQh!hST3eLHS>rZBL&6{!-*`3NrN9-EGj1c2E?}paqW2RitAGwGh=0PnteZV zVI@wMeaGHx5_KxQA(N55wbvZ)oxNETN-?|aZa10q?NGgE0jBJ^UqwfFs=O<_?qz2GVCF5|l@>7u!KIYqz${2RiQ&Ps zDEAhK9Wr8wi9Z`^au5}5O=?Ds<=^pc{f$vuyC%#@3j`LJkP|Kv7@|GGm`vNd&*D9p z3%;k#AU_Lt@t^|xUW-4225EEl^2pv^MxDc)Ln%t|^~5_Nzm_q-?%N4nYU=t+=+PiF zAtWsc)CD#P}SLJX(W6|=q_t5$w;2<2OA*1QHAe&pj9VTy;cD|CeUp6 z>#R5WE*GDh&7u@NRvRw;2=+7=!W~^kmzdCD|46*5pSS^)spd&o;fA?Nho4Yh0Q03U z0AbM46Z5>jH$9nX{li*o6XcS9ZPK1aV%R!G6#sYwWb3IHBok;j7GA(EE2sq`G~FHx z6}@|5t~!}1>SIaZ^|wdgr@;SdDB+x_Wha`68caT7-1;RfIkHBCHl#X!TH4S zrg&I$joI@IVyxeCZk`27F;M9nc5Umit#4lpZC)*;9qf9-cIv(R5U7@bQ^ zab-gFxGYx7N$#1ep^*m1L^`KL%9jzG73*YmiCR*731$5ht@(j|erHJJ=@NS~G5a$S zTyZk6+>3qUz&kvc&-hVO5H*(<_6EGZ;ecwXIe47%)XC$f+Oh#xaKZKKJ)P1hDh4&7 z2UbIa2_RnJDXc)=!!9z)dU#cc>g*w{A(8*g{ydm4(Tggv%y&)eJkpCi*MsN7?zQ-+ zTiqsHb`HF4ZL3h2lek0PdP9m}H1O5aV5f)j7}=?yjfdtQuyDJ5qNbtrUD`D-?=0X%=9u2i04y3za?j`S$EQ*CjFfpUbMhiBsyoT`R_e& zD@q~z8r;6bX3)g}Z!KV=dK#qYP&)D>(G%Vk=H%Z;z_GbIxsmppe#rEo@e^~P=Y8M` z242ghC;rott7X&k+uzlFYp;tc1I-P1;&VB$Gr@4iD@!C#*^P}|ncSkw*`q3liY&%a zxFqeSZSFMzdf?3)1g#RSx0hv{qBZdl7etuP-)DLdlr9>jOF7nn;w0OD@+6(mv8_N{ zAt<2YI;QkaW|;36qp5bY(j9M;Yi+Ry2iL*778w?a;?vbI8lPppY6!w$%tM0^8>s5U zzoT}$^tWYyS5S@7*W+`v>*UHTB;}H91NE+jU_^8uu~n|v8hrkERfU0Q{A*Pdqo|MY zaSsy}Q$bpVP=MgKu|mX&Cq~@XkBY(TLh4451S7qm1i}_mSf+dJne1s1q!^lV_*^VT zo4>-JjJ_JlY&f{cJ!mG~`p@2n7Mr?1IFT%fzQh-E^tYs8qdVnD+OZcalRebmyD)n+ z>Jm7z-nJh|y-i_XG^U|T7&@?DrB{gALdUR$BEHQX$_6{4mF0y+*_I)QObY%`ks+9*1AT{Ihkru|MD`8AKTM&Sj z1HU}Gd%y?)EP-rYe4Ez8sM}y2q>vC1wq>k~tQT}}5Mc>GFj%W<&R-He;GDX-9wXkt zu0QKvB&QNa7-wf*%o9;?@WFpvGV&XbsE!v8+=UWe$jJ0hRmC46pPY~WnpIUrkYWrq zr1{y?FiTa=efNb9_FE8QVLU*9O`b~pjgr4esAhN=fqXi#6Wo&KHa1nrxI1ZU#hIw# zrm~Pufx>b^U}r^u$4>{zyH!{Py6+1%#aLs7**S8bo6a`y+lY`^7$LXD%EcAFCU3>BPXx-yI^l&$M+_PhU0D8Q4Wq<7f zzj>t30XEt5ctrPT&lgJIQ`bj-yy1&J*t9-gU*6ahsDRB)c$TOP-sU02dn;~#uedrL zoZ=o{0{{Iu?WO8(BX;P)bJ7kPa-oB{<^A>}cniDDx)rH<8kfRq zSIW8L*~$l5lFQqLF}ArEltBx7p?c?%mir-I=ME%iQy$|zj~Ce({EtT1?0Tu(-%R;1 z$Fr3UHU~$fQgjMnY^}uEv+k621G-Lu%8f^(3iZA3@#NcRoZ)#V{t?g5p$KmAnvwwL z1w4Ur3a^IxOVLi-nDmWq|NZnSV~IjQ(vY7c^gO^$9PR3wjvlQ~cpk1Vdv4K{kxWyx z!sa%>NEK$b|AqRGK=twCRv|};kK%iLxU7sAC)D`Su;xU4-JTq^+(|}fKg5Z^vDt_~ ztYp9eke9y!3Ha66LVqW=^KY}NiXLzN`Lt3CiSIEc$@*?=g$k(@)1F`U-BUUaG_3t~ z3%dbwK~Hn`yP@leFT~s14+gTY>|Y!1+p}`VDO?can}ts$1^{h4SN?Oc-9fqcm($F< z$FN=owoUB@w97+1YRZ(Lq5vufe`8U45(~V~*X#v>F&EzR*axOV_UXs#$HKdTQwH>N zmvhZ@__ATmXw{55PVLK}Rsu3S-Ize^9|^veJSX%HspOw#8d#E}3cDqOd&Ak@cAIWLWiM0BGwXH&FCd=WD>)R<7uY+N4sBln%I3B zHjTkQm)Ns4YK3=SEIbk`^hb>D2E7cAxr_>N(htkTZGA%@u1_3uAI;@; zCaS~-u)MZHu5WX5?nyeyMFZ-c|N24K#PLBiTC+2|o!IKQX1&Y83m;Dc&m8 z!on>hN}9zU`b`1h&M2-Hc3u+_taEhiHxE3W3`gW|U4?bu<1o60!rkJ{M~#>twBH|X zD$P;J?}7o^7|+W$j7uozzVf}O{ay1vb_Zv1=Dcqh`KuN}-6~c6i&f0tA5n!gauXv} zo)s`;#@59(_+>umTr(-l9OR2X^e5>~g7N^E(LDA-=s(XQOo}GT_ZjNeWvof07j}Vkkxh9K3X=M*A@3EsfBVw> z;nh=3{+b6?VxC@6N41d4;MXPv?<+@23JTR8j3+@f?SyXr&o86dqHW8!IO6qMsGz!n zM4WV-39w(~k~lo)gYQHauu@nnxeKT}YMguP^Pd6DF`~=kYd7{zXuN6gKF~eE?cNqv z4wTom0$N7Ja9p0t9-U(B(K$5a*i^xjSpH8vj|h59Oo$nh(czogI0#Tof|;^IV@1`! zf;Iblq5gjiNHdo1Sa!SE1`-{D_NyTj*s_=XJG)mS4a1XzK&@lrKl^yIF|X{I1gtp# z$}ePpLF1bpl21a^rhu(u$ zJD0QVvWK$7W#>C33~8hI2JPVuU`r$QM2`W?eHkra7C!UhIGcHXM!GdBY=NW;3v~Cn ziDtg@rwkRcr6!6CCq=t`r@96B6Mo>-#jhZG6$GdkOrHNX`po27ulAJ(4WdLn`*fD3 z#QV~VcA*;v$>*HZH*xjKv&;c4Q>C4>56hiTa1HX>|Lno1NFp;jWZ~V7txo*SSig}2 z3LjP+li(Gd?^B%5a_&8jjW=Vq#|ig7;lAG5I0AMb`B%X#{15v+=5zvYs>{{d)=Lat zF-V@&m3_0b>I8Ms*rPdESF_UVRtsh~U~7WlnAwBAGeicKN`sl4=s)9`vwOJ9&D0`& z?3_D?A>z_Xf3!B>UYTpYoR|$i+L(LLov-G`7wK86=y*=>Tx-5X+T|k>NBP4^FbPYW z%pM;$A1_LE>4wLl6mN+gKB6!=JlQ!EZeVAnDq$HoPCLBkO*Bsb{sncMZ38$JV866Q z3i5ca1s2`&Tv(4hCh+p{JOo>d{kG(~?HnqqCzx!l7*EKJb21A2JVH`fDccwleSoKV294yVEz zT>#gR;B~|p2L0RQ$9#A6Fm--OD78(>L1XU;Lg`)i3~PY&IL(6Y@d1`Tat=S!wdzbBnsX?OuCGh_Rlhy@bT{*LSq5$IrMZ~RpyEl zhsB~-(E!8Hebb8<^Zs-lj%k7(C$xd(M$EfCSEJ8+#%)ZxAldD6 z4T*CViQ#mse6Q-DThCN}s}g)KG$9ZuX#v(IbKbAShZTfRE*Tm!kGQP=SMl*#{B%nJ zPTEbGG}wd*vD~HUSb({J?rR8P1LZWaO@0V)_}3FWMKLrNnjqWkqL#LZ(o12>{Ev|* z>pqy+j`$#J!7L%c1!VCG|~#g zvT{Mo zoN>l-HnpQ^C*Fxc4fs>s4j60ITiX-MxIap`9d8Wof)TqKZPat4V;iqquV*Ur!U(=aLa zi4Gm%9sU6oKc=FoHEq4_(g)hAJc4!+_C`)CGpQ0wxXrU&EV#{MY9 zmY8_u<#D`{vsPw7D-{mA;Q=!FUvhqpKS0HX>Toh#V$yE3qKf#0iFYZ(tNjhx4e-1t}{W8_}y`O(HLjX_fT7M7oK&|^=pWE{U^rW)I`~L68UJU6Ca z>mO7-Y$XM~u-os-J=lyI*DOnVDl(KLJgk4-;EzG#rwiE`V2i+!g=0cR1{huWb_UrR zyPy|EfMQX~$xC=*9ETfddeD z@Hb-}U?(x}8$slkDa(5__%n@g_ci2TS1jlKgtcA$`6YMp<`Bd%0TPs#kM?l3n=7e% zL{6S*Qk+=;%v!9kd;=UXZhQxm2WadeXJ8;AHCsg0I>l9AkbSlHU31_HQ~f3Ko{J)H zg&mQ-&U!+EXgW2`EEr4aw^kU7ZEfdgAG8qR=QEl@Ta^KA`B%q^Jqr*lyBz1hT`BuKo!lye`YZx;Emo{iJRM+_i||bDR^w`iC+qZ!3N`qW#4eS z01sKH%TTpg!tN~e+Ka~y{2{bhewx9-G{_-|h1HnCotrgmm=?|jKUj0ck`+D4xUJTj z&c!=tB_(4)(3xRb&gvAxN7HXJU2n{T6K=G(9Fu}I+geByAR=`d_}PbOPk-@8Okd=- z?{D9MHAB!wj9d{#-iSNzq1xZ9FZi|s7BT44`Jlu{hAb4 z$Wht8muJwgS{bWkrS3I{A~bKpTlyhW`1SrXPlIo2IP|IpAj0FXJp{-6le9cpUv^Kl z(h#~o4pA~B3>w>FI(}oDenkv+T_GxuFt@5_&9r8mt|?Gsi*Cbs)WWs`vVT|y++Zhb z8T0)1+nMy)^>B(# z2Rkfr6GQpE`}PXWGzN)M7uYkNYQHH+oLxJDtg1{cL@iiw19y&gDSXF5{qvirYX8B< zCfiJSz##^Zs<@w2aV&@#d?)E0b8ZO;6RUttpQTrasAF2sHH4`p+cY}b(NUjb#^X2o$91T(b16&%)^;-dHng; z{qNn6XX;?a@Mz*AEhb8;vvo13i#2Xi0h1;R_OEpOh=j2*n?%4#V~dq zK=A-RdrqMPK#kgH9`gHuZT-)TB_dRo6<$~A!1yY0b0vklX8-lPQ^$T$T|BSNeBO^e z{lqG3EXK1hkV=^cd2JTyUwRuKp8s8O$*N{uGHuc8Q+S&>x%IZ)vgtrlZvCX}A^%9e zYU%a!x6amXQ27r5Vc(mzC40i=?p#!pet|w`@B0=Zoetrb2rKnQ|M)z@l!Onjpki^2 z)FLAtT*c*W<`#t*|B06KpU-wfc5Gmaqj&dg0X+HZe?yPTPX+(&I@N$UrJ=qi&Rno) zoM@~6e+SP0+n+SyTi3*RJYzymVRl#T#VauPBP(ami+wf6dv&-t=)ua~q4YA^s(94* z9KWGN{y)d&Gi%O#w`6qHLfoW6^-;09+`%ebc*IPSAQgW-j$Y@G)c-2=Qa#=H$*J1^W0qrmE zSVH7K$Ffts{@bJx$4~q#id`6umPU!)c4M$n6~3Cz3|AN_YG8Ud_AC4wMaHfksX-#@ zf9{mvsNUm=;);}(^y?KEx5`RySo4j>l78mL;rtfCAf`|WLKTA}EnPbKq+3q-qg$wSQ$E73iVmA9rUBmyf9kR>8)5U4CC zaIe2BwoE-?hzC|?6eqf=02%B4x*o3?Ehnb@rqGOR(7k(eLMOJQ1vTwf`5umyCx!I0 z=yI0w4T$SBS0i5QR^+z3H_M=fwqecw_3cx^R83yA)l7~9aj<4-WFbHSeig+KA}txm zZd06a;fm_tgj)^qXJt+U(y^omuvPVYrW_F|7k+(Gx(3_e?A zZ*Y^6sY#2kt98^lp2g=Q$7ZeVTZ=$V5(s@Ig-+;HUyuH|E36udFsT{A%jk5IfK$(7 z>_ZWq)}s^L3)riPKyqgXvgAyQM`?FE|J5=ip^VTrVO(G!#yoF1#vb_JXxt#l&6)gS zHL%g@ez}m-nx^4XnYGi>gg39dwblLb#1f|$$|b}vn-+fmitc0FTu`v;4W$!L^gnSb z?BFHb9)tx`-&$|(drt9zVwV;kL01xhAV>Y}ks#<17zQXs5L6~Gp8QVTTZFH#T}`3w z*|ZiHB9*D?2A+&hf@VrqhlOtX^o`MYtu@_+`$Lm%4nQ=m!=snH3u%uuoM;QlT6il+ z>lMTDj7p(zHXPD{hn>6H3*+SH+Qi$CD9F-%ielFZFcb_NsekpwcKLwRV!+(RTnmI{ z0QT@%hT{1im2=m#mgZ@qxmKu9cqt@KGIB>}^M#GyE553I?LfE4NE3+&L0bDu1i_Bgl*XuVPe|Fw54z zPAHnK9iLTmx!L?igvOP2K}-ws{fLW6p2VN>K*+a&WvCU!sU_OMeg-jDkx<=Y`T_Z9 zDY34gX~}{d9WS**7uvajzrRi^W)r~@_~GqWX(iKP7|WoIR(9x-g_N{bwFdJ2>&hPb zh&yUjK{i~ru6>iJ&Vs)oBn$*0gm@tBJ&JY2@e8B=-a8xBN7kIEJFYtsOELU%qrbxx zVegsrDhq<@oH=al`1sKJg=y|g?@L)zsrQ}o|YpabukRo{orSuCY;5@OwrZXH~Y zQXveD+d2Z~u_01z@%?FK2blqz<71U9>iQZ(4=0BjAe&OiC6E5f>M{~#wB_bxNGuY8 z?3MoHxZs?#Y&RJ)gz5BKDk&(UrN>;6ehLhFKmXo(9ClkM~%|hMcAcSh>OpP*@jEcvW5wMp- zPCvy(QVnwaN`X8j75)Upyr{O9CP0wC9)u`qm2lzu!(DucKCXjTicUTDnO?(QHu~NY z#ZTR+t!I8oIy5PS!jwkYmn(*il5>n*HJX&nH)>o!6jZ+2Ml9c|m`d=M=-Ok2Q6ah8 zyYZo*AJhu#8+HdR?l!$)N9BvCsfvbnJ63UA_+-R~_HjL=WkH z;!6JIwB#JoQa8hdiD&1BK6E3y&w;6+Ve8@HY$0iif2AB&LZN~~s<7zB=--YCo^D$F^2&?l>{dSRnm?5*EW>}+LaJZluD=%ncmPA%-b0}~ZMn$wLb70&luG#2_XX4V zu|E$iAI#d2!<+-bg0K!srKZi~P*&W2$WSkVKjKr_-{iG{qh~ST9Iv0Vyw%klJYmg{ zia!OfYz|zEo-FY+%RN-W$rHGhC{mi1b^R20U>IubuhVXDy#HD8J}`4I2;Rz8@B0XQvC;v4d-I}>diyfj|C{#nSJ7^lMaUuA0X6moKm4liVv{zc3gHXA)%+T|8cW2 zwEFlx3=uRQcO=FP1Kh}$Q&txeAnUcL!#J(xAcXg<3hrCIh@3*6Q*vMDtbgHx9HqRm zO88+vO$*C@0EIivZ43wR$s1ULH<(sVw2_~lHdX)rqSCqd`Aa0x`?^O{ z(fQAxo_>LQR?#?wLH$qZRi!u3aLLdo15KQE?_I~*i{ij5GHESOCj5K=v*V3ib z(>?1Q28o5_G zPF&?ElSsa$eUlNqF0P{N6Aq-jiJ*sJejA&y_8r5wK$Rfrj=#HIW2XslQXcVVlPZtM9#I0d?QR5Qf zyYXz`;hNO&>UnLBnwlfxv&?B;e@SJQO>8R@&ss7}gtECl&hzS!zMS+T*vxw*Av9MK zqBRslQ9%^tJQ?LtGBq2bl17|%GAyyM=CK!iZJtP&sj7@7=YI{t-~_F}U<5J6BEH3r zv@F)!MhuTAX8~0PAt^p%$GfcH{bZHxP2L@w62s^>`s4Gj z541v6!i%~)%`8vG*&4_VL13mnSpB>sG_p5T!5$Mjp5T<%CwH=$1d_d}smynVjgUAu zw&(x7A2&h}8#isHhVFlL9b3I&psHj5HdIqM7F-!Rp6GC3#UWJ?}qE9zE)JA zMxCJZ4u!U4*`yR7Qy!vn!dWhJ>VeeDifO@i6wcPccixIs;m_v^!6#_3$=oT0U#sM0 zaBfBrkj_-#;rlRz92;pZ?4%^hfqD7sY*so6NXUtcFSQ!%mYieLX2n!?(I$ss;@^P{ zNrACY7TH!pY|gg0_jWAD^JCiqgbU3fGz=@)YLPQ7(r7KKb{N_eIA={IYmga&zP_7O zZsb?xIG_q~T1gL8KV`e*9- zQC_?O%W!gWO(`puUes&esIVjbl50u{@Ca0IFrvZuJ`z~|-UrdCKF!-yVf}`{!tMPe z+1}$aA>AsGky52JZCjfY5Lli5iuJ&Ne)Phh+w&KNc0SH=SJZEqjt>M5@;Ox_MDlyb zZG=9W?7vBgf2nDGzI)CZT@&V!K5RCcECjY)*_y;{%hol(h`_z+_5)K5UmRTSbafXl z3A4unECX9o*}>9He5EvvlJSl9DpUI2+|Fo)_1&9&>wwf91dBhErB%JDK!m+tD%0wx zO)LETG_AuAZs<6s&8JV-boRw~Kh+FB^#MNGJ@Wxx)}pyro-l4bJw`u1cK@+8Sc5jm zt#$Jz;#aBU%lCGSKXzEM)v(_9#6n9J8_dApKmOKR4%|*vHocan9K62{oUU)du3GC~ zel+|Og!^&RuqVE6uXoBqEguIy0t+&E65{539z4v!Qio$(H?Kzd7g={@z~HP#is4+x=iG zn^Ju^4lL4q>MCQi1Qcr>rP;MLFOGZiwL9!e&nYH?Wk9Mkha?E`X83+e)qom{0MPJ% zZSfNr&TBZlyQP;N{60D;6cL`Cu2PeI!S__u{7`De`nR?@K)yB8wdZm1AMfR!_XA@2 z34(Tq14kz}nd#!MwZcIsonEY1U7qAqNPR=wLQ&HCiAA0%A)soY^w&ZP{OPAuThDO` zjK8~%_nXb$(pobmI_x(-Oh<;bux&7`8P@(^BPruH)=cZql#YgGmGcO2%(H0FT+--S z2`F8DxrRqaiUpTKer398Kr5ej>NFryhi=El)6Y-zBTk_7(3a=Lk(1ST8Ou9L1bf1r zsbVL_Lr=OlN?^@=K2XBN^s|GD1WVjfL)-rT?4nUDxKu{Y0Y$w%r_unCvcTWxbw!j~ z)L)$i+qtl@TF2xXz|KPbvszJ$lqRVGMW40pjT}V_d>%$;D^R39+1s^TAdWBGdGrTt z{N_Ff6F)_I&7V39+`*3I;SNOs>W-|!v>_#wR@8RU+>J)Dr+Km4B7bP7I+p!NKPF>a|$NikP zvt67R5$A@u#t&1n{uGN((igFx0Tkqy-1k(H`cSDZwx4t&5q6~)`(Ijk7IG{;#V>P& z{qnRZ5bsSbCkASx5?;qRI*Cg5vQ3ET;FAmY*b%1tbAC@x(nj_gfz}~wSDgf4zX0*J zbg2IwO3{I8uljKGWe1>_yA}pQ(C0E}fe5nb%o5eE4i!?uKnq`p3)B|Tep57q=|7z_ z>S5BQa;ey#FqTgrSOJZ4{mgWAZPAdn{N1wOQm$@io80hGW%2QA>{NIH0O|A^G=Wr6 z-yhgOKFxnY5Q-p>jV@vY%FchVWJL}P>!LFsAyZ2i=bs+6@}51gJx$oP4?+aBGGYWV zJO+e&s}_Z?1^mHM&{u7~N<8-rWWiZ&zb_bZ7uVmt#lmwhMsNpg)s%{{tMn3ATJHwM z@S-nBoe7Kp>!SVXw%G5@1zd}Z4tyX_BB$a=J>bGr=l+##h)84oi4YS)gm0%5K2 zv1YhN5tJ4TOU@E@ZQM&4VM^Eeb<{mJ7Vb=>baFME!sWVmr|zWyiUr= z>+#LSiDJNH_N0!qVB&7;g6){@1FPowXl%dNSY;J2eGxXhJGo#4Tbc30ch7%}^7kpJ z?$;jw;;O;s@3v@Yjr%^XK0~+W4HuND0TSa=m=PN%c+tEt+4J_R^L_mzx>ewr*MW5? zXWWS&?0!^YNm<2yxT3(sUCbl<-O%xG+PEzUF_~rH$Tc3HQ_d6tnyR-?uJ=RIlsh?S z(|aYwb$8w2oq5FJK`Eh?@<~zr0ci0s_VhljHRVJz#H1qkNE##N(d(>G9ovic9>2v% zWV14`z5Cz4objG$48d8j+HHHXp$;gxO&6j|D{mg#y*FjMNpD%0eQmq+w{8yK>e~z7 z+T0v0J!dgtfRv39%0LVOb&}xw{nRXRF|F-x_EBs>^nycUQV`K;ux*?>2HT>?4%G?v zb*JC#PI`xf*5_J=a8Q0U{X(zkzM_@F_6v)mWY5Ew)EIfOUwCYM^sh#e$`S3b=Duf4 zq79Hg{uJoGA(BY?>Ppw+57!jFFnl)rOW1u|?~fpMdhd3))a(0bL=YKKKJp$m=Mu+n zeAP;QxZh}7pVl1;=rW%=+-xjeXVn{F(q(j$2SC8iyyrcjkf>N7iS!z8Ky?luzC5hC zj*G1*E6f{;;+Nbq3Oc0(zm=rM!rc$=d5f~xbr7IB*ZGZGf8h+RCyvaHO?62w(SV#K zFpwxK5x38_L>4-^&=Wc-&Y*x#_a8uU7)934-OujrS)pnV9a#EA-xYNF0YkurLoBas zZLU{SoiwT6y0Te+rkdrQz4mq6 zE1@}7n8Jg}{E>Bb(|7w%72uZ&m)bWR4OGhKNtlOkE(TQ=RK636HQNIg#oMYBwI5tQ zzU*9W^K`KmL=|agE!F$NDWqqfk~#hey8$EwEX&X!$D}cq)d~f;>FI|wgd+`ipnnQ? zw!jToE^!>jA04^p_7cq{o}2}Ei@HjSq#1%5V53`m1N;zJ9O89A-STEv|C<<&gQNU$ zPDcvmL3BVAHbNT6mp!A{dTpdC8(d2V1dN%t(yxuVvc}I-Ci-B4q7J#-&6{Omo$GxN zW(@mJ4;jT!pgxqP0+sNxLZ|djb7sLlV<0S zt`|?U6t^ZP-Wea`n!W;Hhv9;Olwp~FWy%V<1S+{%LZb2-@#Qwg17h{1bJj(oGtz|L z-GI@;`FAzSDbF6*tg?x)qm9SpkxL!Q=NkNAEMu8KnjcZYHJ`KY9=DODPkxJvy?klg zB7dsi16ny_rAP6w&|)p2QQ;%fZIL(t)U%q|N-tbxA2Gc-b?1rD^99sPJ0|t2BS)&N zif`3ZR0OgTdLJrPC-PVHj##jjC z;Kfq@lz4fv%xqQ@8B?dPaal`3*XJV%4)cdT`V%!(UBzX|rV_3V>Uk|KzStQsyq`^!v_B0O@_+Uq(sw~Gv)c5Y;z2v=BBYn5!T zUi@&oEVLvx&9aKxK}$B87S1*}BF&-G-SyGB!7y=ZOlg=ue!kK6qp5%+eF!J)aH&AW z^@ZG)B`Wo)B|1V{83BSILlB6l3gI6+giypxv&ClNYZXXfcK2Ar9^tc9zi+AGR~^i3 z`f`iwwhCesr*$Rpb`dh`=@_BnfppoGG`Y{iaEC)#L_J-5>-|dSR4L@|s;`ylzS6FT zZ=LCz++8Z&%aYll64nv5W_!O?Outj(6o059;sD`r{E%iFi2?U%_eoe(bYRe;ta``iH&7dl_O> zNZF%69|uu&gCGW6OLx#6tq9BLoNMI8$hsl$oi&_RtND2&E}ZIxehG79Rx68lIPd8X z^o{*mnT%FS4oaSY2zA5R=xp${czZ3bFS$F3`iy2aMRWH?R~RVhZP%bmL-@1D*Vu_K z3OQaYjT(L$0=P|y9lS6@x-+pyWSy1B98gEYw0+rVpQ z$M_e)9^bhAj2(xeh_0N?@wCZ1y3gxS-rH3A zc8!_j!TXOU*c?R$=V6-+3dmB!4t^eG_~qtZFQ;Xg@W}KRy4PQQ>yyfl8WZh5+_1l> zXhTx-ff_cwUJzo!?zxl{GCcuJqkA?_SAU&8+4h3O7%q}d9FH#$G3~*)$WGc_uYNQf z5v-ccC{I7%-$*V)kM$#xUo;6AEOb6Bd7i-W#>to=(4vf^YXZdR)6990IVhjt`f0u0&OBJwnU}42C~V)?JT34n4?HR2r&rjB@)a zZzCD8f-^?jEfIt*R+R2Rh$2UMapIY|R1(gxX(cI!& zAM~hH;ScYJN;LVM+x}GEjZ3Ba`^pV;%rRb(q<$`~KHN$vwSlFOu$gFz|JB}iMm4>B z?FJhv0xBvB1P*W%5g`K7n~kD0DM|$CO?nNziWI2=LI_o<(wh(<^cJZ~RZ8eR^d9P+ zfd0>U-+SLr_tRbLuH^^U@(0fB*|TTQ?EO5?3u9;sYs%0Ixd%)O_VVZpI+8TA7hdSn z(y}=!OnTqHiS8R~O-YHf0Q8piimI?ci*O}86%^J*1nE*RCUZmqpCbhi*H z{N+rJmhKTJM{*Z{mti(~!&{=g2vjhi74x4HCK$0A3JBB!EIL)%r<& zPsdAFaHw>6P7ka1_^B3QCFd+E5~67oIp#X}$}o^3C7(y_wcm6z{Uk+deWY`y z_qT1ENnQMLPX(MHk=OB3OJVat-tjNHLN;znQi`O%xQ2Y9%Bsy}wSJlXwIuSCkpx25 zbjkQmuNL)%ZXbRMZM49s`9)10M^oLd0B(7XLRIs+r<}fdC*OsW8+K|DiX4@?77~+G zyDcHQ<5V)NP~%&JO_*jnGvi}4WA*5|bhJSyG6)eH|J>%rTUt6P_SoSt{ekjJhaL?0 zmF9t^5nRecOG8@u7s~8becKLd_XvwVLTlg7#MMaH=ej@DCyizld1robTAGv`*<_anC&v!`oYV+>|A{sTW zS;gW${VjSCT?-1>I^*X9kZ~RW*?D&m%QQ~aE(?!4XTN%qG%f0PS_+gTi_;MNBD~VGd>K4c#SALto*3yQ+Aa0R@+&_*_f(0SD)>Ej{ZFZFF-R~HQj!Q^Ic5yE3{T0j*4tu$iZ%=B>A>fFiFIg3WX8K zn8x-kN4G&A3YbKXqrbH>mK9Zs37?2ec6db7AKhb!X_S1>zUtC7z?1ko zgDJ=2S3|lEl(pqKdEBb^Y6&^@W3dz7x;HC%@`C|cRb1=+TK5f=at8uzDR(mAjC`+x zPMm7Moyw)U@n!6{$pmTYNRZn*G)hcgQJaNh7tTn&$Ogkhr7SavsfpXrelBgrsz1`E zF*{J?7cJ6_Lz%A6Tbm2mw5MGVZ*J^W59{WlZ8%xLGw01CDypV`QZz~TtVcXBbMCR3 z%>|cf=s6p1=NeMupX9Ljhh%p@_Q7|u(Pe@z6H_~{u)M@m!N~asZdo`Z+&%;PdIAnLyQo9l+v*w<}$6O^!g2 za+g@Vc`X;pzyK<|wKC1mlWl!hd^k$k{Ymvqhy_20DeA~>zyQ$FAS+DQvuwE^Ay>D8 z8Vhvd)<0&vuD(N;c>^oxyL3i;kOdW_Ja14YwCDs8T(^?pu-wTI*rL~^ZPT$r^jUhKDG0Ws0S0K}ZB z?M9>Z)N7vJ6;UW`xWYANr4uT+!R&ee$bg_mGY5SPV1;RoZrS$u>%`9UT*pi+-P$_c zUl*@!1^JXzuLU6{@Mq`4&XV0w->=O#26E8`e9y6@5_NW}suvg|0@$S;9BZ~&OTms(3bgxLX}dQEkOSR%?e5R2 z5Tn~)gAl>R9fd8WldYu&S>vvPjmkRf60YY3lQj52f$t0UB1B{@Jzo=#6MO_{L>+6K z9gQSDy%^-9K@CJJhM$)GSfWvS`d&RJWl~De_6d{4nm$&#OyG;U^Jkj3KmE*$i@f%@ z?AJ4T^ox>>lo!uAs`ydqMB260UR?V9fwHbQnEP;LPJ{tQE?%D=s zZbx6E{MH*q{gSY4dX-|^G?)>>du(QtRk);E_7DE2v)`?NW3XHhs+iS&y0elYnZ zOW(+>AIPEl?8bG9ORX4QgLZVxB_KBuRVf+wEa zHVAe42`t6nWPpW5dQn&jF@SF6C0R$Zl$8d6O;%6F=IWBwNs`dSdCEgylxNeVLQSbr z5UrEg5%KHFQ`V=v2j4EM#pzMqEOH!MFM~@~KEC6|qAV{X(>#F73tLkArOWpoachvg z8Oz<-%4eFE(%=^;arY6lo3TYR?{6PoxKV+62F#eh?wgdctV0%n5=`lvW{q#Qrs|j# z4%F&jCckMB@84kOJTFC^HoGp7EvJ2bLhpeq*+QV*6vf@7JpF72{QcpXXwf||_opAG z*F;~F&gU>$;AIFaeYc^O7M>x6LL|R96KHmehO$AtZ>i61e4@cWrhcXVWm=|G^(B;s z>IMBQ=3JEmTt?(6LWDV#%y}Mk2-;#E7QxdLkVB!@n0cpXaw@Zbaj;b0i-N~=+tx$j z(Istm=@nmAU;2q$dZk?!7YiqiLMi0SeV9$&VNwrKtv6YdNkI{DIfff@QqvVKuIn#<( zi2s6#-i_4-)UQv15vEZAf95m*XA!izWW<^1si610@1;IWIQFHK{Pv&nOR*H0xiUZJhH6&oq;ce|#HWXsJNi1z^U|`Y zzUB%PGNXP#NI)02~*np8}aIwOl7W_39wne131vc?w}qc62D z>zu`vQ4*X>?)#3B^sO2WsjQEWXSdWaB*+mw7~Jhos0#A+)w7=V8r( zAa4Yx3qHgnuV>M|!hw`CWP*~XgHE-1PxFgKYN zkBPnK>B$E)q*2teS!)}33r#W9nOVutv@%~EPcF*RrMkK7&Z4DYhC}#i^(#!if9YuU zM~JC$XKFP&JpQt5C)SwG{w~bXYl)vQZn*oVg9Pr-P4EW@5 zvO*|x$Adt$d+Ly2Gp&fW3^?an)XH7YF)+YBX05DnHeT4yw`YL}O)2SC^=fv8!(=(Mjb} zmlg*bCC&_Ou#T>VP~7r?x$G7q^K5(e#<|U_LookrP0*qPz%V=aO_NcfOeWvZ=Ei0fK|g!X)9V4 z?GW}#m25aRN{erqWq>UZp~zg7eJ-c>J%@yGQ@|Lc=d%`0J>l}*_q^}F6sc!$%#onv zH1i{jE5g%4q&9x%|JSMTww}SOOwbTpO~qu5%6$PE+NbQO?H>uQMvuOX$;l5>hFs_P zywu}E=FQg0)yqj^zMfn=DKlw%)2ym6Hbd=-F4va!RdA3ldk<&})M5=MJQz&=*>gZm zx9eVgywLc|!}=dRxbdPx2S1%@6_g~5lI;@x&7H>eXB+$R+-$@8dGGwMNK|O-GxNSh zP6Np$1^x3XCesAye)X+L#_QE-8?tw{e+e%jG!0am*k5Gh{u+eieGzvG$#%^OzoIAv z!si2x^Y$CyhFhFQXqlXJ$EN+c8fRqvNOHIzt|HRSk9En@3@x249&wpTjHQA|4gFSk zNI^K`Z&43+d%$>|+jdM^f?QrleJYFL8mizC>5OuCw7k*v9T)CYPAkH@v^t7(F}PyZ z}=61YMN~HkFKz2B!4JBp>senM1G6;{-y!r5RREewq>tz zSzc07SjO_j*!3a{ov+d5S{a40al$o6_VAc=<~ZyWy};F~GCq&sgh0L;$VnBmTACQ; zx7YYDt-=NKQCOD@#91QorOKEpW&5) z=iX%SCxtTP-=AxG)^c1!4fNFt3|Z`V8a~yUojj{da2hf~j&mpk0${ zgyQZ91jWGL)xAcz5Pif#k>|p~fahm>Q+Z`APY+Tp6V(;AaQkSGiC~ajQ@{>%5(j!l zCi}wlk>$swnd;Rzr>wOm!s#p}SBHxbt@o|(n|QAt*`h7^u?w8bUW>#x+`>Y++XnNp z{kP49R)DaIx($8g1)>V0L4m9H(YQdroSRSI74Q>?*Z*PW9wVsVJ}ysGuew6dFf572 z!L!DFUJBp60lCLAHK>OnLxUE9wN2{^Yla~0{%oakkIBuQ_5}fe(&O8DopDkb;S5^Q zaUuY=_g0eC-u*Q$J2yApBGUMnZU%7k^Z(B^&;JW0R_Rw+kN?qIy&~S0Mx?$_0cGK6 zB4du`bqIvJev}4sjflLx$GUS00zXCZ6Osp*oQy3dq-8q+y3B^#|D3Dhg(#@&Pi*qa*Hebnaw~G1<#xFC9PqT+z z4V9s8F5kat*Um0#UFo87#oM0DNE4NTgbfF^2SRv2RTe-kfkQo@I*Ngj!SLx*7xArR zD)?5f8%|5G2fFQ(naw+(1~mFfWbs?N&;eVM<_1a-z-u-&I@b|=@ad&Wjh>I&GYJ2kqfjUufKzMaxPqqwsC!*G6e?(X!4fFEb-Opku)WTmew?H3&0bk)I zkN*S24b%eo1^#Uj2xDQLqdQ5z<##XFCiF{ka)ugi-riYPgd9ogm?4Qp^I-Ta-_}Q~ zK?xfJi?85!9`_vB!R3DgGduPgnxkBzh1OV(I>wI{;CAIGQ)PL+G>3%h%&-nbVwa z$muz4QDh0Woa@%IlcFUlIR>uH)#OyC1_QZ3u+S`6V#My~yo8U15XtxK_`xD006AMx zaJ9FjoCW7Z+9+tn$Z4f8VuqmOodM`)d@rLrHTVOOtoM&m%roGImTOgFZBv9$uhQ}> z^xWwyAlF}NHCcFFa5ZP%l97};A5=GBc?k7G)?g=B4YtiQ2^9=s%7AnrbZ7#QM|;vz>wl()ZdPyQ*_(? z7%QLr7FJp3JxJj#Z1_2RDYAy30Zm6*^mxVINT_6AO1%s8@-ziPGqnW5je$-dFPFPa zwj7s_4bQL8%N0rkU<9Sa5yXNKa7}L;h|10>ixB(bxGJ`|;a8E@_yhYG%ubCEac&fl z`@c6VXd#voYq|4c_GjPQW~|_l%BHKM^d!aG#4Cr1nX!iGzkwd1g0;eEf{hwhux4q) ze?xcsF}EkLkmA!UB@6YybiVbysEyTw6Wx<^&Um-r^C7W|VI?Yu3xu?Y@Vyb;_pL*3 zz(V;Espx)__etBw!X=G0F_=e#7O?~Vu8$YqWp9UAi0$pocEJ)v_veQiJAZ<$Qt66b zVcgqzg>GAP|Ma)w;sfx06aqtAtiLSxXW{PFKx<{vCN59?Wk1-NFIVyfhZA9FwL~!A zV$Wdmd}d68KdZw1{&DvUC-LY7DZnE#RA!qx{9{e`W%DlC^N6*lOQH?F^uuSGgJTyf zv{oim1bT>>VmF)JfeA6WTi2|&8n#TfMk3IQ z#uP(L@VM;Uggq2XPU%@E>%$oPv8m`MS>tI&F!xCM-2y@l?qP~fQF+1C-_jM#-bk;M z6S+P@VH~|yb9o4XPM>&&!e>L8fVL5c!0w;AN+;k;xyBU{|I7XQa~0UIzwcQsE(5-= z`^9RYFF&&=yjVDEtBU*TZ+zKCz<`fbl}iItNM zeZiQ1b;>ce{|#pLydd|@K_^G=jr@WYJ)kN}ZNKTh3p&4qEsl?aMR>kk@qqGc$xrk7 zLUkX$d}_;aTX|ckxcUb9T5fo)@{=U5C%0N#)g8=u!mtLX#&lA8_gKWD)FPC0^^6&Y zd3Fm;gSRdx7ZEc+fK!V{_B#Id9jA@VyK9-Jy=_iX=xz!Om|zg^;D!srPgyiq#W|4p zTCK@XM+mbIq1o`xj@!Mg^eJZIkxG7u#WAm^{~Fuve7W)t=xX%Ph~NqFCk5l{WgW2L zQhVXomELx0_Ofa@a}#lW!Pnh!(topq(yrnpY1&F~GTghu5 z-*TRekmvZSqBnDf-SCM`m{abU*~I)P8Q|{tsozgDni_F%dA9Oxo+Gf_!Had4g<7G(E1Z>unD*A zYM}72WdEm5zsW~s03HUzXf^Ve)f{5f(jYt1x;crVTvQb2S1XnS1y9m7x@+FwRJ5QblE!%)l7k>1_BMim z7>+EzABafA-n5CFm1C<5Sx#-HPTdW~T8g@|et%N^24o@?Xf;XjR7ZHrb^g+|zhWBv z8XE*->hg3aSOgA5&%IIu}afOx`R~AJ=R=S37 zPfE%ij*GcDRvxVK@`uI#2qodxv*R4_z#u-tCF46UFV(FkT_mJ)W^V64=LA53E0mbU z%3`Uk@OW+y!{0M6)jUNBsQHKYByQd+g-fnw_aCOl?3fE0Gdhp=&%S=nlK`Kd{GN0$ ziY^4&LsCMD`v`%lKhYv1wq+~P7irZAGx!!Y~x=Vq~ zsHCN@rv+_r!)=$Qm2vmUfC8hGc9xApv7$~lO+!z}Bi`VA<{nL?uK5gs^YO_3=`YQM zvoUwXJR5@qt(~y>b&*)I?D*Z4Q?e+L*3A)fc5umO890(+PIhPsciMOALlJm z&{p12b9Ua|r?2z4zl>6T37}|Z<*mwpp$aa!@uWu?YQQwl*OcLBI9TXPuB+~4sx2Y? zU-e~cE&}ro``|9&tGTKffW52N_j3l+KIHBhd;%}KyOj&d6f`tX7$pZnX@19}OW@9? zJVk%VEE%QH2o(rumlRke@r9F;{~iQ?Z-+1S`!v>&cGmV>`fwy!gNZ*}a`3?<2-qW# zKXTg(AxsHxvOY_}@m}w$$w1V!e_>9euBUT2^*mwN^D$T?qFn@gIfx0kVd+=Q=z0Zl!$_?qyK{Xcr#yS|^7Kd{iJcJ?=|Rs|G-{;nNk< ztf`ult`F}=9K_Gb!eoS7;4EvC116CAhRxKbyNzk+q2d5<6aB($(6U(eVdG~5e?M^p z?En`!v!|rp=eYFO0r&eP*H?SP?keu0#*(%~Ys`c7 z4J4%n^&< zHvZ)KTMmTrf!2cksoaiHU-Q2j=Jkrt+2cO~_}bp8+f84g+TFXMk;R=gImMA(Y~D=!F3gn_WH;^bFmg~rt;o}eMV%jhGE<6mo?q$ z($|!>rxF3TC*VSg0f{i7+E5=OWv$pjGHDJSyu!k`7LcUtqI_{_bn%O~D+5z6# z_S`s9L5ejdUG#O{p|hriJK_E>yZ3O(vb&kNpn-qkL_pAJ(pxj2*)o6U%eV32+vf$E zgS!F5wVCK(kAQ>OF*OC})P}^belt2OR2h3JV6EEpay9mZvbNp*fp-`L&`{<*xZTd0 z+z@cs+1sH5wJNBGy=4Wr_aEFurf^%u%RfEp@AM2(oQ7s`i0^RX49_6r*fL-0Fz(fj<81zD#(hxt-bS;=y-z**b57Xjv!_&o!QE6}w&?Z*h>J0ZzGx?+oteSb zQ>yZ&6jJIAu}JaSoME1BL3g;nVbv_3Ur>E;)xfY&wnXha5OE$t^B>$URh5h;fDR%4 zK+<7f5R)E!KRU3RF2Sa+Nw3U%h@^Y9B};X%ESVCrx2Nb)3lV2`-M@c5>|d!7##ZnR!E&$^=#PL5d}#3vHhVy-J~&@=-bA`CklM~ z>E`vnHz4Djl5%ZNUsX7yImlF-qD0z>;pu+w>{31u>nsVJg7y2h%!E@*zqZ$I$F0RI zxFbxW;ga+ugi`R{V%X3c7C@AL`x7lP+{Yw_yX=OS?0R_6OQKO0i7CUIiO?*^B>Q$u z6ne&Dd${W56wV-Q*58-%V&6wg=m$cj$)WDnzC%4<|KjI!xKDkKwv)N-BMKigNZU;5 zUAf9NQ-@Ct*>AZ*K9*J*eQPb%RMn=6F-WQn_u`wFK0hg~5jx7d^RO@|)?EyF@M6z_ zczlP-e*J8S%}U;)*5ayiEtvk%Hf^T1`#p}&^?~!mSMIyQtoDZ22zkrJ?(`qTM1Fki zBbZVh9pOYRsU+e;f+Z5kMAo1$jYd zKcdXW_fJFaJ)W{Oi?Kw<%VshAu!?YIEVnq8-Z@u*KySL6xz@tdOcg2stjqHH&bxeo zVVfJCz1~+hZkx{>cdw9`8$%4f(dC#OPr3Fh)7k^n-r!r(wlCHx8@PQ({eNRq#9LZN~$k#Fn~^E#6j0G)k@3i|grKn{9{am)ZHw4Jkc30XF?nmGk- za2EFvRzF7i_;({Ct3y@iB{*xT5PhK z@M1XwkfQX~8J-h(m+d%{YeK^RV*Q+Mk6Ur@78_&f@GDBU%TgO9IIjh*KMWaycgn z&v01I#WqR$cnTJh88de2q{k^>HSo5xcmch!ibe0|I=J-jEN{lG>*nxWgQR&vXZ29z z6Mt4g%>fNGbs>-`e^Ko$koV>vzF103yy^>#bRT8*pU?jAe*a(z>;dJU%7fKWGY4|< zEVovij@Pt5boLaAee%!m{MW}D8^{`NnIYE<7gQanu?%lMjgFHfdlg*3T6r;^8Ml42-;rVfK zaX?EiAE!$f4CjykJ;uD#A^v+*pKufR?^}oDMs)ukL7u^h{vOTB!@pbyy$H_FXDz+# z?-Pds&|TnLZ&WojHKk@w4c0**R?RtsZM)H5{@?W6;x1LOsjg8It{+I|o>U07!;}faC)O>%=akNOn;dD>o#BKYU z|D7)pK0ovG^V1!CIo(Q_bVl9TDT<0IQ6K%I^-f=kCEfD|?X3x!q&3#`%0EHA_A=Q& zuEk2ceLn5|bppCkRgke&MR==(2Fnw@{sJ}d@)1PLuUpUbyzp7=Ur3bOTnqz;pB}I4 zEoNMoMau9PS#n%Lmar;u|T zA0y}VM-e-xNegFRd$TE*n$#%^73ZaGn)mY;+DtcNu_Jjw^nOP&E>M|uPPSJen|DRa zM0rZK+r+r!jE|eJ(b%_7?~TkAg?BU*lJVcfEi|Tm&e@T8>;Olt)%#<6epy&caXd&s z`l9R$4GP;z5--Ge;*3lJpr4>A#esJPaG1S`KHow#cT&lD$x;nb9~QGLH?;Hq71=}p zWfT8%YoUlbTEk5~D>P!^kP5ACUq>QP!H*u+qRFR1v6{V4o6+Rovy(Gc4}?|~XxAuu zYA=rv)3_O>TwNUT^r;q3_x%XDALJSll{kgVeorStbWx)zghRor5b=rZfaFanDA{EtOp6 z<)KE>YYl#N3}+Yg;j7x`sJ^yVtOLO%+xEF85s^hNJ+@RL#LV7*B^(za!XNhm41qH) zZ4}fQ=6WuF@D9VWd^=t%G$sW_vTdw^_#+i-$VcY6=)ZBK5D&cg3=g5gxZ?Wd#xtZV zInPc{R#zX=hu=EeHZ(5w}yHPg3 z-C!>p=WpmjFVug`@A$U9pn>*TFwz>No}i|jFz*N@-%Pa^7GR-28_anhYbtkY;~OuA zs$=IT{N!@*f6f)gfy}(Y&THSv!CD|#E}B#k{7ax zzCt=M>M6)nvIaE49C>H*bUxtWET7{q@~gtt8pS8TSOu+Y$2Sf@T-8Ii&)e@y^pfw^ zoPOPvcTw;4nzvS-H9DX2uP){K^Qto#tIompicC35_daN+9!yu?Ql=}7E5F#&($=BM zA#(?NJqJfi?{uQUhId9=ulW?8q2p!YArB3)Ruls5cL#aE?$=pO7mtO@#PhB-)xFJBSC@u;Z+4h*l+y!=Wsk; zo0(Z^RD;hG3Bo;~n*aWWaRLLjA+S}}G+_*P)*S@2S{!ZP@ujrB3m6vovejUr-S>}>3HOc+i1WV0oTCEmgf+CKqW@QR=?R8 zR(Pj%+`5rqgKNtq6Du-E?JyJ!!+RG=c9Zr|WRquVb7Un4i@UgY@TG9$uH8X)x^LDr z_8#){XlA0Wr3Z^8>FuapM9b%8Qi8Rh{A<4@q|=d!3~YIe3x{ajUG1kjRCak2l_%Hb zQ6w)8sF<@;1@E{;l8i{|zmpyyrs&Nzt16!SZuq^ER&L+Z>5Q6vA?FvjPUQtb#X}xx zpJj?y={WmJ7&z7fcC}L&$}I?0!?3ZY`(UNWuuC8EbYtKv>c`|4QsuvPndTXM_i!8Q z;J1hSh$NIX&TSP*h+kN}B~PM6M;v&p?>LCp9L>H}t30iI{c*F>!TmyP+{qWF?*84e z$_7nN;`(S2)3@WYr=onlh!MGXwjJ?!s`luO{-VA}PCw@?u$ff7(4D5rR>4cR3@*l_ zv3u6Ib|HbEI~oqY36gAOBTb=FZV+Srh}N1>2j{sW`8pTjhc5@0M(rcgon$t{vlH@* z35Q3BEpHuWFA?&X(Ba-~)U40}o&N{$Oljl>O~pv!#mk>~=EV=-Wn5b0m=<2soF0P{ zIjln(m2i}wFS2Ac&G$Cx6VnV_?_Af(q?{Kpb)g;_TrE{pXN~JjXj5|otrz5$B3BDD zo@qUsM?4sojHpX)yxR3KG0^VVmd-kbb}-?U=$Pb0bP8M%Y-N!NHE${^9Qup}AjXvSt!Vh%OHS4_@-eVwp}k#?Q(%EL zt0_kw>|o=Y+xF0W7MW$0Pa0~A zUXO^gN^Kc(54IDs3o_tq(ISA zY^ncpcH$cxGWTOo7)bw8Rp6rCo8IOQ)pW9lU9Xm>+OT%M&q-SM1xoL?{boj4?tGbn z;D_A4Vhv&5jg@qst-p&BD}@Fn?>&75msPhjlZ&47P+%y$zo@f+8>wx!>X%rR_oZ!- ztI4oA1{nKJv;^KEco|-9t>)cntehQ*%%tn=Yjum>pwbUsO8a>IDjBB4@S*{k8m#_v zt$UlHj&(}13_=z*GPGVCq)HAQewZ2{N3lPd)eHX4gJJ zeC9TUY|x7XLjzccDT>zm$(xMwmfmVr`|59we#WX?8OFtR>PP(ywE0uC{iB*yeP=yl zDA+~&w97_-+LQQ$pdjAdO;+$4%?-4hKi_a5_@d^4waXD+JY!#G|0#{GhO4`Lx{yy7 z7;dUrrD%8*hUfAY3fHwh%EKZ`QL_9Gq@LAG3|8(!-Ey*>X;eGj8i`;39Z)I4>!BgC zu|_#LT*iV0gEcetA>11SoU%ns0&_dtHaZrw{y2=%&eCJHeBt!{boihMqU4rtDAZdl zdggXAbS9^8R*#31ByQ9v>uN>nr|2+umf?=s>u|$fXHt~qXp>^S=juis* zQrw~T9Z%8QIyO@Mscr4v8DIqRv37Em)Hu)cWlSVjrWpzhm-Xc;6bA070^uKCEb~ET z+qFZxX3HAa=gbozC>z7^XBAq2F(OkgH1xvvi_@h>J;=tm)$NUHqZYFW!+gf-U|ots z^dGdTT;`{uAs-?7$Nmvq7kUHp>Jdmox&%|goOX?# zTCakaG0|h)bgJgUEXNv^fp{`5uYiz2YYcPEP5jzL_RW#n+(l?OA8Ov>%)>vL;&^?W@kUmGjH|!oE}S!_r*P)64N!56Rb>YE(szYLp%jXF6%S*Mmh-J{xON zwS)&-oGAyF`-PSm8P1X}s=dI56lv>FC*)bcR#rG)EsQwpGR^ibLl}!197bajR_$1r zbvL#3&6o4-!9Vchx*`bI0(R!@!w7-G$KQ(d*GfkU=0n$IFs5)uLKhQb!h7;j79S2| zT^hQ0rAj%Q)J*4v<%t`?V+29XgMbT^*y1~f8c49dB&*wtk7WaV7AS^U)Co)bQ3=Fl z3RKTsq$c^andguy{TccRoZw@t{l(>>iTPkR@2>T+NxD~Bo0*BC_+3WNRi+S}j^BB{ zDPM|R{BJ6jMevaqH7PpY(H~z=LXBtpL1^3U6?2^`ow+vTur|V|XUbQM(7-?yK1QoN zCtXxv$#%F{dOQGD;ekZG5?<53;6{Fq8vBR*0LjA^6nK0ds`*D z_vDgK+paO+HcgB`vwk>XiR?<(9Pkto3?F7OA$T!5fcc}Q_Y0!m z1mUW}DWSRr(RjQ?Puq+n7tEVtqQG_|93gBaH6vq02}dr;DLiU1cqn^APdiZG09F~} zccR?sQ^uROC8Zo};#odpUTu7I&)r3!T`0TWeEidfwBGMM2`~ONstx$OSGM^?kK)gV zofRPbDFWX3A#wMaqJ6ZQeVboBWF;G^luB zbvW}ozJaHw7@;gR4+l08()6d@^0w^)3wiKjyog!}#OoZnodLP(sCdna zSVps_Nj@0(3h{>|ScXoE2kOLr`MZ8O7D5esC+lNWr?b=WWnpv^KBJyeY~B+u?GSq$ zsOXvgHPo3FWA#s_@Rq zwii(x!#|@{;=k}3N!qO&n@*lT)t#&%SGFUH_EQ(o!XRUwDAtc*=@FA^BJfp{q_lcf z6C3dIb~Xn4^EZ~>Bx8K_**$iX`^H%N8n=0-d{$v}G>a(C+7<;@!rEzjg zk8G}^KP529rjamw42{~Ie@dZgy%Sq%lP}RNT)ZcFBSJuORU4EPAA+h;NOOQm)ygN3 z2^et!QXjn)H!&)fCrL?Xco@o3CKvPkYqh%u7we~P?ChmxP~a>RAM9TzTh}%M=pA}m zehaoieEN08ToJxMIzh?sNBT)OyoY?>F&^9tCa}odHiOu{9-8kKH@C+P0_sqQsw|>6Om>Gwr-nW?oSA(-hy7hY zrO<;1;V2>g%sbG8C8p%ShA&W47gA@4yTz-;=$G!%bQI08ZpB0MwHaC0az3zd^LwZJ35hY>A%V+t^*^gn{a96CLX;ni;ssnI zwrNW`cicuOOyf$mvb+>IMLQqUGeHd&Dxm?k<*z+F*K)Uzy!-m{&;AtYv&CrlmOIQC z?&Zn?ch*-{8-iDy1TMN4?I%g@8M4Dfcy$c8cyf#)LZ(o;xy>R*qL#*`gG-(3z27L zX71!_T7#cNPqXA`I`68K`Bg4R&n~nr1f^L79Wicxd~T)B(WVm=4I_zP$~ISSVpb+h zbVU~wPeGg{#7lxvHOfclf9=Qbe@(ORbrPKI#racN_lq}`E`AW9d1E4JsA=6M+3B&f z(mcoWKtz~MD3r>!6z2@|Y3y-3PKKwVaY&Ic1(O7I0ic8@s>n&4eX!JQH43aU6yG(#OFs;&u@Y8qlg{EBlKPj_BgqU?Y2(DY3yH z#d-tDd-wLL&b7O}nFGv=sn~wSJjIcAi>#-RCkaL}3EZ-C%I6mN_>xBIl%lJfYp*3M zNQBMtJ=ut(_5n-X%y5W1j_nj&^Q-Dsf<_vXku2)O+E3hgV%3Lz^S#4DuF{jf^8iNX zZ+3mpNZZpgVW+JL48(Bmxa7FScg(#TCG?P=0nI?4yg1qeIxXb|7Y&z{h#Y}U=rpYy z2rSB>V@4r zJ82&QK&|SWI%=7HKb~|B18>0J;i+CgwArt(B}I>Vh}uw zu&%TUsh(ubFe}e~&+u8RiAe%#xCYSH5dnPbceCha*G1`3w0W$1_hNa#D|?A~fxYWi z#PKQLkx2$vz34j$g1?00y?XT8Mc5agCo#Fzt5hLlMkq?oG=3qpi?tD*X_$}4vM+t^ z4HY~&d+2&LNoEBX5Lgu&{4uW6HMM~MAOT_L@vUtOqA?{JlIU0Ys>t>-(ytYIx;h{_ zmeBd;m)M@x2p^B0L?ELHp&QaymM7+;FfH}XN4{Np}391?)4312KS{5R0Dsy0xxZ&=i-k8Q_m z+r{U|-c1%QF$o+;b^#JFE}>n>91vP3wx*KzQw^hivZLFtAcIG6G8r42uN`OC-((j( z|9m?WCWovbgVS5Ie!Lp!%F_W&8w{ihj6Ya6n_6fXiROhPeAx-fqD{2C2rJ_&5_3K0 zda3%k{`j1$acD0z;)p$yE6^ii57j0&1;wqkgc~{Ba}&qs&oC7?JxW(1g4v|E9)uoz zX;`D`;23Vk$8-v_a(c16EsXq3#qa>Zl#5SLEzYJGtG6Ybn8`y5@QM5t{CDW%PIHqw z8|GG*jEa1cAdt8(#@|VwT$tDHb~Lvgjx$tPIO3gZ^NP_ur7V=O?4&_2T5+Cfb~Wu^3mH9QWteE) zG^IAkzN^;ntAFe;ME~@(G8CGVkGQ#Z*mPRvexIMzdL+ucuiF;(!#XJv)`NYv^O`;ENds+Q{)8PHNZw){M$eD8LjEF6 z9YUw)%{v;9A#5TVjnwpa~7x~88C)XD$QTDLrD*2p6*ULy&`)#9; zUaHGZe-`H^S_v8Rs@lp+a8-^~p?A{EhY^f+_?GhN#oX7skebCmv?(?1*9#d7X*Tm; z$A~A~rihA+sB=;Q#?P|@g8rG;-Km%eE&t;XaBn|=TfmLWexh4Tc-UIt%~?Y!e{}j{ zN54uH#uak*HBUF`omK(toJ}tkqTTQ_rPR_+Rr^M}()pm-F{xK}^4dYIB|a)SXHmKP zCjwtROb?72&FLT4_GpH(qCsmtOUV0X6c(1HMGn#N<5jvXJNU+2vv7EN`<>D#;wT*B zYd9||Oy-SW89!aKhjWg)6z>Hevh;<2ILw?#_HaJcy_N9uZFp4y)pd6Q?NC#!kOC0g7QOB}880pu^+Hx-1k0Sx&l@Q_6;#SzT z!5KKBl_GY1Jgnz%1MFa0=S*)Ofeci<+on!(h~WejarrGqhEbh2)$A}g zaqqaL-Optvz1?Ap3vI4WqxWT5Hp69ih1tP%Mz55g7c8ZW#VA%;jFLtDP|chIkw#b~ z=!HhK`DInI?&kdZMEUD2APa@~qiPxfVdy^wiMALRBpy~D9qBSO7{5~t7a8z60~>X^ z-ohtx7A9O+nwjmaCAuw(slP{!M-3;5n9QIxgq;JZ3O0>ANjY9TJr`8me-yR|RRZ%Q zw089!f2t88?=9+Ql})b@h=J8|!X@-ir@lqZ`r>=H7L# z_NaB&K?l0FyGbxM4-;X=|X6^P;e-OOHSoH%{3JM-kDQGQ&5&@3io zP7S3DE~*?z33pCw4b!CLg&XkNb5%;W(|q$QZ7XD_8CEl1na*o6zAI{H)-oq=Xv6`I zP>xs{Qk9+VwUYGmU24I!9WQeAJ`g3Bh^Yqi5l;3jFVNEl@njHsy!%0x)>#LA<&i2k z_QR`+nFp;>`n75_!x924-LZ**IROURgwwM73>${YYD&$bXXS?V${$@7&AhEuU6RH= z?f}6MknXbET%(q%COlZ?OgXt!HuyEy5}>8GVrS+%ml%t_mtH*t@-mux-M!5{E%)F- zm~%wu9*Lawb|a0P@$?QO54O*pJ;l`}>=?S+0yo9Fm2jSQ5Gv&#yYSC_zgtp@oYP6# zKHMKVZx2iri+S9qro@=#^U%-yLaHo#_pmeIZ9kA;sXFG(oySKz2VV!;6F^aB@+0+Ps4866vjS9FlFbD_?K6wlD z2%kTcBrEvzvz^x#aaE`vbS(Bqd5_Z3yf*??J+aCK#%;v9zLk6vjp(-@<#f_sE-F$_ zM%AdQ0_Ln*e%T4IW>gVgsQ4R>H*vqx?~PpH55MzpM0fZheB#0j?9oZ8x1+b6{9cxW zt(Pk9BqX)^ETsGWyP@NTLE>vy5bvtIqv?Uy2B^?;QrljEt81)Ie$S&RnP`A^ zklWhsQDu<>&u&TKthiqGiRv5&u3I*_=R4|WXxN^%AFz=Ze;e;q3}^d#bnU@{`Y*an zx0(3y$c;(OM6#2noVXpqj=`lnI5?0H1!B)K){eqr8TVD6ODpy437iN5JZ))dUc-rU z5w0NTr_}i|i>-F6p@qg@pe1Pll%XL7WE!uVQ;o1F*QvB+*{-BK{;V>ukZ<&nfJvL;0W;BfP=P z1E2W%_p{%6@^m%_oxX|&V44e{B_NQ>l_jbe1i?UpfDDYNFsOb=4e{P9Z%W5m2@_(! z{4tYq1c7F~zd%(~E9!h+z_cQ^l1nAD;ljHAEslwf_QfOoRE4TP|1~lM&6oP ziN6x8M%X*=D4-6hKp_5_yfO74vr>Fi^mnn}S9L%jTd}_Y32XBt7F}^3*d7}=8_tu_ zbiz!XLj4lL55EY!O!g90SuzpKrJx9{~Lh06v$GS^58aS)2dEmeoI|hlFUO zu_>OCJ>vIzuY&lw|8hwF;v!yqlD5~cwvR1GG&6xd?EcF=&D6Z2)ultLK^;95L~w@I z>$Uc$oqR2IhX(EAje`>b0$!{?Z}<-|{Dq|IyhIKvGqJa?ZJgstH_BHv^xWSXr&R`|$6Hh~^mTyi%LSsLwVyzXGmr z(mgZu-ai_hRoBw&-Em|D@L<~-_idkF47ys0a%A1A8t1OtM1E>g9=@f|1?*U z?I}IqEGoPx#LUV%A1-}to6sb7h^Rgjw8X0j5bp(&e3QsBdHjdPT`gkswoO{H%<=a| z<>=!og(tr#J&=)&30cy<$EP2$&WuNGV!XS1zZZA6U1dWbEM`9h`P<&a9kv;tPMYfP zx7xm|rT0vvIe8{l2LC2HjNsYb8tVIm1&m+P*dXx~@t_k)DVNK^(npy|sq$w~!HKki zQZj+Sj=sB9872)B9Z@J@C;ovcnDlz#M2%Sjwj+cR99-+?hP~GvB}2t<68RY9f8B_# zzUR^*2_krmq3=tO-W~=P(#M=ihNuJL(6=#L({^)cWBuj!v9_)6*mxRYhvYx8X>@k_ zI_svnfx#DEc72hbh5ZopFKgW)+JPQAoq~NvVbu6ztJDqUrWh;l%0kh){VKwJU5b^S z5=t<+u+`ekK3xr;j~>hb5&L}Xq~dw~HIU=K2%n?FpEnCjdb!UgomNH`hU1Ehm3(QF zPIaa{mbGU1w;dXqis^2oO;U@!Waod?K$r6v27^io>)EPJeHVe{nc)4Gsx@?1gGZeR zpFAuVHOOpk=7|WNI4sF(Pbe3iwY!t8LMHdlkP?NWblq5XY6zP zF`9eo0h@rqmcq+?qXWGNZyo(3>@~`CXp7>d7M{23m$SnR9Ao3rf%LG`aktV83!lW2 zLYu=@Z3v%Vo~Ec$gxWvCKVX%Z4NIyCucbz}J9Q@R^^X$+(7Ee!1$UTgs8?Q}p;Fh! zH#BHCd%^bK+`cCK@>Ci)Ou$`%;sbCN;MQ&mDOal6%<5Q*)?{L!BKIAm zQho&f(ABI0{_o^xW%{vwg|)7%kCU;&^if2`rl7G8I@-g-SRp|r8$eGK{Wj!8&e_%T zZ4+3$7wo}|26=yp6;69{6}6DZ!Qz$LxzQ7&WnOBlpUm9YCw=Z|Wtm9q2X@GCM1=dz zQE;#hv6wVIg%ka{)w z+a*C-d{C)MY zW8B=(KK*f?iGnmzv_@MyIw+#8ga}lm>7^r$Z)!2vd-(O(dg7wCg1qV()j4m`jNLn6r}a_)h$IwQOyD z>f{XGC~Am5^bEwZe`3B^b;~M*-_D^t&skcR2o4=4dSn^e z^eES|^;Usloem>@Z)EF~Vc{=H(F`HR>cxVl8(?CZa2=($vM$LL^8Oe~F--AKQA-?wgPM^~fznT?H-a_S@1XkGgg0KbEORvDUqv3+he zec{nI;P#iiNHaAppeJRwzdiSuQdmIk}g~;8- z4Xw}Et@`wch;U~@_N=Y!*K{3x5FCTo6*=Ss!YcycCbE|--=)ls{QlJ|dF=i&z1}k0 zSGQ3wI^AE_fAUO?pRaltJGoApU=|wmYs5I|O3GYdVzIWlN&`0S$k@g*n`-Ft(y%;3 zo?4tweYjt-hLt?V%e1tBt^yJzpjN%9v$ldanLeUFVJLP;pR`yeaBXr+Yp1y?^V}}mU)K6^ z1!XdhzGEI?=oLRvafW5xa>|r|0tr^^mvWv|xJx!;mmI7V2#B;JHYYd4uxN&z^RYSR z=5JE~BQKeiqriX5Zu_-6gN_Y&rPbecM3WtIAok8oY2$~XN6uKtBFq1APO{D5)pRr_)lQi(^y;=L1U%jbO%7vOv` z4wh$`-m(vs&?8aMUq;O@`9oUkY*Bk?ThiQw_qQg9Knw8bMxmJ(@m=g`mLW+G5Tk8~ zU7hThhi%iYoutNWq$f|w;@*h;Vz_5-vsQL@IMEY}Gg}FcK5P)0Rnt$-*g zb(#qMI5M-r_IP36kI{_X{Zytp9&#Pzf1m4qN~YR{ZZ7sL3r8TqDyHOmDo5Bz0H~{ z)#O-Bv(U^!5?9J`>W%=k85bECEq}Y6XKH9Pp!;(0#R)^b?zaUjL!Qd;Z2s^foTJqk zIXp3@NBIaz)8{_W4!{d--fh5UFXp=Gv}7#(eofyh=&f{xib@%b;eE_n~FyVY4WJem_d#aUH5Hm$F?oZC7E? zJ@k}EChZj&28vMp{v#Rxl%G_9{H_g6A*-v8^~RBav3##e!M`nXdM#}V=dWiW0$}XI zw`U&rdr3{GTm4Qmn z&@UNQ;mYvt+BD7Kw51g7OA?(XJ?Yumnz2ZkZ4ADV2^H2e`TZGniODQ9H=Go4^!5d@ z>?3C&inp`bO+y>2zY-B;sxY8FkrXeBT$Yck^9$nvSw*$&?UBh!Q-mdqBgc<5gT& zop#5C9XoP;o0(Tk3*;ZHcHta@l}mchq)5F0!By$HWJs(mH; zq=I+O&${CIOyPxh@s)4Fjl_G`dwO^zb0u%*#IK*l}v zA-aLyU(z`cZAwo?AVrgsZPQZj`tjK#Hg}=N?kh2V#X~LDCPlUlfPtitK2Z+!^b4HX z#4zyFiLQiC4n-Jm2%Y@EnMM3e4r`)g5YE0PFrfO1FmsV(2Mo_P&L&*ke40Ak^+Qx(6vLA`Xb$OXG&H$hpoUL#tvD{1s3~ zwzZj=lx-2<5C>z9sP&m_(Ey2WBWQcx+_0EB%3BdIZC!v&xe*Ph zk)tC;J%iqD{rB61;6q}<{P=h$W%K{P(i7)2# z6?Y1u>ufu6?ZI|O6Ke63r9ZRmT2$Ke0p(BlP94OmHoih9Cp3(Cdzy_60(l?|QZXQ_ zf$+L@YI;{f&jt_t9u$_t1 zE0rG`i0xulujz9Hd*Y*c&g zp3W-k`yYgasfvmHYc#LmM5xub%Gfsgzf;?>kXaKJaR937UOAEFtaVkSaw zZhosR^d&Qd)uJ=z%{gHn89+2=vl&OLHS38hc5(=Nq)DFH*>DC4E;4B6G zBOLJucdk*a<}cp>tl+ZEeT~_-D`OMKeYyCROPBaiL7#fy^Vj^^nMuNf_zP6!o`!ybfu=J zhAH0lC*bdMjN)TVcXgGNxPrQQFAQ1y;!amxWIyF^**knLJG|`M&R;3@KNMdD7BOck}9{E}fbeldC2;9*cI(}s>D)WcMYmFP&jt=>D5xD(|)YH;N zZoDx!p2|2PfUNpX@%ogzY+*V3$CsmWV}N1waaKrV$BpJ)T)%~mgL34LMB36vR>!0U znn|VlNb*D2Deg!$FJ=E@>mkptvHV_0QQ^|LNICA~<|1;t`#2`>W9D4uo7p5TMM2|J z?<^n9oocJGbmyMV)ax`ixZdB+sQlXpZP-bBczbcN7~mS`nWXwwXpHj{5{obrm6sd3 zkeg;|0~4{{&>Qaz&PG(OLs~NveO{~IFx11CppqaoBu>?vH;^S-NM~J`t6#aU2YXv( z6#_fLO>i}7F%7;ALm%se7I`GDw0i|F+WDn2rl--VQ>ck#w9{_6@0WhZ7h|%2P6Zza zt~SUN$+V{F>qQk6`Aj;sz_O~<%J)n7s(f?NGhVv3SKd%B#PaBxB>4yc42&>iL_d&_ zMMKL+qHke;VEGu%C_gqI-eKhC68`|`?}(xpL1@7`-)g%wE-}sw5UfWbVgm+rG76~= zU)7;D)tKbj-aBeEA?W@g|C00{fJ=Vehz+R z;}XgA>W3=4|H_en${TzX{3u!k$U=_yVt{RPN3%VlXeQFohPlIKS94WLY4*1B)-!G6o1CLa+yNjIOeT(e=-z|=gJMJWXfvkzxxK3?LEn+0e@WPEz8o0; zJI`iH!maHuH+u;#w6I-dPu?LM?@A7&B*Fq^wWH|p{&u?a*Ch^=!d`6L%~dsz^{De{ z>7Lw6UwtiS?Ue4{7=D#hz?n4ODwL5sb<>$=`zyGcSuAciqTrFb_o41ppN=jGLOM$3 z$behh+V^Q9Pq{VTA?1->zr4Mnn1X{Zx7G3O?D&*)=G|VUWS4(pWjVsb6;d5$wV$hYdJ=VAFy>8I<}m$SWaIopX~`;@DJ(2_Y%rA5*Y zWq_pqfd~*{KrhPDGZk(CBg+3dA*m_AS~~*^0{vS5SMlyyo8U44AL)q{VLDWR`r@p= z2_xXk{~KwE=`KYsCUs+BiA3E~TSMEw70mw8|1TvF1ZtB7D!a5W7*;pn^q_^bfAy?p z%m2Ri`F}0#@EkI0@Sh168LHO_fzZDdzyHH4S?L7I0%7ju9IC z#LxEkO1ZRorMuhtZ6`$WD&d8w`xe5};mLK~Z7IR&U}^3eR>LC6cX28=Kri_J{rc_k zCn=R=w^4UjR-OksYqU8^v9>v@0`5->0B4H4BS{~$3_s#0aRo);UtV|1$fZv6;+oww%$xF%q<^H(ON zcxbPE?4$Rbm#OLQc z6s&1ZH*kC0ba8r(Cwk2ls)`zRw~yl;|4l=E81(A13tIhhq9lGS#P2zWbb~2KXKi4P z#}i3QTANUIe|7yS91SFTs7e+T>y;jkt)To=kM76mx;$ndl5OXw6XYn#VZLJCS6 z1p-)l$|P!VV`)KgFdkl!8alOhZ-TmgT0AUB5wK^knT*n2>j7Bwy8tYNKW#~cISs8? zfblB8UIp0-nOvAB`wlye!xWe^&Kg!ZOB1=b`{{t6Q>brwuhYu>=?*O0%BD0s_pp*g zW7NHTL|uWoP)Jh8Vo;8w%=H$?R*OuG=l1ZJJ6l3+19|ln zE+@qqUP9yjBP08i#2O(2`$PKM^fT2Qg594R*Q`3oABwIRdXI(F7&Pb49gIel9DjSQ zfp8jB0OWG$B`AvscE!*wr3h@2tfa1rEg9DyA zkgnjc`l&it)U6+r)Zvoln!}^gx2Iq{eJ8)ok|H}y2n1pjpahB+oCk?nJ04sn^v1#~ z3k*Zuy>D)0O1$L4z<#;E^DEEP3OI0=6xrV${GH88a4pZEj=!buKKzI7TP+ysh}{_4 z1G+p__|v>qvE6DqMMc>q(CbGwLKMasmNh0ThWM$+s*YY&uM+&=Wg}pr>dyo3H|EqF z&#D&um4fu(mq5Kqe_q7tetw4xw0>{o?eAf{4W+)<Bchc06@`G^rwSIvPV8XI_28G}y~*<1KDWdD!IOAK0H%Ae*UZ4WsyM zK0`xawze|lcagfcTk`YNVx%N|9J=}PT3m8i%4R%axAN;jK3QoQli(@l`O2>Y%j}cp zgRr!iy)*#+Uk_B9q8_>W%$V73v*I$G2v9DFkf%FQU{u)0*m-y5RQe6syzX{v#mKMD zPd*ZJ&67}T&_wx;R~8pYh}`Bgo)y z&HeP`MZf1~2sBgaut%DRo3|doPU*l=itU6TX}0OV-rCy<^1F$hoS96(MkSKMIG0!S zxD_3wFpa+g_^7|ny82IAdGlFD@)L)^J98HtW zYMrs${IHl;<}qb~1Nc>vzKh(uq?^Nt?uEW@T$*`0=a=m1*JTYNrIYU#R=EzWJU|si z|Kfm`C>*ej)2`tNiZ+=TKhD?VxK>?A=g@Nd2=bjRi>Ap?37alMnvG$Xg)dKY18Z&0 z`6*mNck?7SvZR;?ns#sPX1V>S`b#K4-qp&#gIepFJJk>}O)Y!VTK68xzm1eKNs!h; zd&>C$2{tUpa2U~NJ!VtsdwQJAR-!sKrBlqCvv+YXF`gKz5QkJ1z-txT5%{BItY80Yc<<8eKbwe&+UW49lW>)^bEg76v3)%iO;gI9OpWtB7qQ!E+pfJEE<53bEv$QoYE+5j;KhXT|7 zS@m15YCt*9mcN!T*A;B@y~{A-RqDkRBq0`kEpP_^bio-eQxK5$S1w<3pST2xjNYKA zT^SFBi&1B_)#fuXa$_$JI7o)^l&BVrfD!gS-EqP*tWY8FO+cXtc`I0(L*tgPm^q9~`-z zCZF?(@E-4#?ly0anr(&YKc>0-oz1h-SM|^&Y{LXyoM>~H{oRt}Q)>K4%=|5-poKmo zn<)0cNa9C))B1U2q!ge(0O-mrT&J)?V5*hVd_rf3Weer5-H=J3t0~4leS4t;Y0oHa zY}N`jZ7Bnj&3n?phZ)`Gl?BTxziNo_oo@cCWoMJX>Wvxae_|J%>5x5>ygQxzYVO;A z;M!k=Bo0s4{QHk2h6u)#Cp0NVE~=X9oJXQIA*RA*%sG$a_0BqpCpvS!Zigv3Z~Fzs z)WC^R`0LDjS$JeT4b+%4(z>oBb!~;R_eaT{Am3E>z3W7kMmcP~u>jcl@l-s5QXLe~ zfURF*5`5fs`!cNi%o8p;eKDi%EGP9HG9{9i?FG%1wYA=Y+j6a@EqMRQpME$=l!%#n z*3I4)(WyU!7@Z|Kx}ck;GyP}RE|J|b6MNz&R{Wxs_SUpheaB1_h-G^FroCo%6_I^| zT4z?WnPbeqH?!O7Mj2%3XGe2YMNrY2G4Z8O68};jOZtV=Fzxv zGDH&D3`;2v0j1fbY0>EC4|AtKi^ZoGivgXuxwr~T4wEcj^Ip7OS|`GP6g`-0P;g$yTI(xm@VsZLyvtB{z}fzSJY&@Ysv?E9e$|WvSR_qQ|xM zE3GX?OVOU5*&n7t*ibporDpMMVSfV+2TE)MRER#mE$Piu|wG3a%tpU zR+@J9#R>PX)-K)qAb3MsYWgQ6pFm0~kGqdHb5k>BG!u7IyelW$=o6MyPV_(5oKm(C zh@ACYHWSDMkOJ6KyPa_w1kMIy`^3{x30^BMNreH&Jxe=`L-Gx3fc=qn6;bU^G#$KozEZLj^x5 zhOXspt!uAgsW@aE@7-^rr$#-&<(G~1Y%foZwiHf+9F;v|FSspFfmEj*Vux^LezF&T zPFmP6#mg3qR;P_E%%!oORWJ+K@c;mBDNoluC6JPbU)mR_jO?gTQv$KO{f)N6RTj_F z7vyNTzWSs1*bfL+E=&~)yV7d0Ro=1rp6l6`y5a2}N0gRn#c{U85j7HK;&_Ae3dJ#C z-(v+lW#Bz>5nuiFy_3eq0IXX4d5v5n%DxA3?^|v|A%IoWs#{Wazpr)i^-;F%4gNj& z+fnmZdgn=$*+tF%X7T!888hy$bn}j5{~b-1w_7&Qk@9Y_m%IX2Axb?GkTlYu*h$owf{7GpuTtISu}s)Jgp`xd^jN;bG8|x{DlrDg$C&&{NTg9!>>(CcP<-gMC^{T{ zZQMH#IkD-=78zrt-tHDO*oq({qwv-V;h_9K0BmD$z>%0Knq`R`M@Rzl5om7D0ia<7 zYA5b$|A8L0^Ta&$oEMq4`nvknRUji5$vg5wF!)l3IIdk>b?z7Keqj!wP2wRx14U!gd-aM1Lnm3ylIxKr#tr~qvqmmdX#ZfsofFt_tMp+58txfR#RF1tT0F2KPSUGkD(`NvW#XtYRkx z)^2qmbBsH~)3*y{V4~e-)so+XD}r@R*lqw|;qP`Pt=+P^>X*ghJWTunt3Tg3eQm^V z+NqoQyq!*Vl3k097%LjkQENT|bkx`nDmY)wy4fGJYt`bHY$Tc+lWPyI%sqgV5*x>^ zoXBd+7L|cFUPV3^XMYs)^>>8bfl<%Tkk>|%j>J$$`pBm_<|fYcG2e7KnHvhi$8HZ= zY;^0A?gu1HhY~kNyMMCX!Uj=M>edlGpLn-H+;H+I+7HHz9c#r~X_siLf@bFrH9bJO z+aF7R68zYNI#!o~`Gx3DFeG(-U;t=-X!Jd#jyN#*UIAk>CXz9jW6S#(1GmcYMP8Y{ zX((-RrIY_iEuYBkmi~qwX}pwM#Gq)0?LzH_`vmDp6K$-)sZE*nNoi%X_V}Ik|$6}Ko#$?LdQ9+Vzmq=e; z=Ch5!5nQPu`LERbJajVV$N5hCM?wse=?3l}*_xC|7!OW%ns|IJMpgyaO%zGscpMQj z`g7zU)+-{o9c7W|z%ooi6%SX<6!V`0cQ{ zh2iw`UBJ>z*1||#f#C;H{10Lh%YaJVr-mY=PeDpbf$GTzI?9)be)((0NZ2oOli~{I z;yMQzxGwE%-A?0$qwN|nqOM7w1aTh?A_*gVr8W<8(JPbTudW7ryT~mK=Apij4s1V8 zdRM193StmmSf(odY?QlWof`6ay%u4y3O{g#jU&K+t}KNo?L4}`UNLnjhW#XfyY~X9N*Ccc=+tJv0x%DbZ|VZGAJzN&%Ur`Nkb!` z;%0&Y`7aOD)}K2MJD(La8T$;}c7$1Z$4;)V%$AzPi6#X|&T^DiRG<7xN-MyVg*f=y zIcZS_v-I!LshZ^oc}6?IhC6c4Go z)5))vzuUBJQvFQMGaciVNbXC_p5PdmKeNPih{)Rlx#;N9fuN)03_SxY)pwQIxlzD~ z>rs`cdZ1jq$l}dl$GIDQ+VI2PHx@bxb_t6EbyG^5%)}AT#qCu^N?C?4ARtijHbaX8 zQ3Y-i|NFgKWT94J-=jtN&?3{G68S(GAGlp(roFt}{Ia|oMVehnl--wAyFR^@ro?kr zuKmZEZ=-v5^jKRGB&;w8Wo6qGJK;)V8Ixb98ry1NPmS*Yee-yX#M7w&^b~X9Tu~+U ztJ*e|9&NY)1~L8CZR=oCj*}1w zLI407!jkCywP-55gpR14_!*Ln=q+R(a=Q?MZcv-r|GsCQf22 zbpvrYXD+6JY$y=)P>^t!B9=bH)m;wbkIU{KAkh(q$Wh%6*%q6*m>I(A@a7sGAs4v) z$#bz%$@@-6YaZ0be<<=(8r=M=v&U?E5|m z7ILbpb@&aAM37%7&Bs<-V$xIq=@z@k%*3j!bl##-VXi8&Wg6wPNfDj8#60VdO{+8^ zU*JXEU+}Ookr>t6ql!dD_rGB}JwbLmKX2OgB;ccw&UR#TCPus%Lqm;7lwcHDvJmGH zD`$&ZYliVJO%{$%TRo+@ZN|(DoyuV{>;@}eo(bFQe6jbe@dsyU@$l4+S8-MIgSqD2 zb_{mo#x@T?AH=L%_96tTvK#MEWb$YrjkIOpUC{K1^&Yu;{cd{CKZ-3nlYUDzj(J*C z0#`RrONI8k-)u*-PhDQ9#M@^fH3j9=^W)iK*k{j|b|$1&jq*+wL?MqQyXk@)C|;7k z5$vkNCi>2-@G%UP;ky0304r2a)X+qjxXkf9jF;PwW3Z%|k9JXV*c$v?38{m+Ys%U; z{23HVctaEZGOzf>VGz2b*Rx541h!23Ta* zCejwVb?^RR32~foMn35(8YakZYy3)3Xogdq90XG}sh;!U`_mT58R5gyU=_|yI5H14 zfvgnFTI!e@$fi`s5v2;_Oh$fhbT_d&0p9}{$AuRs7@CyF+p#{%{WiPJvay<>gk#dP zuC50zi6XgWd$gXK-d|zrOA%wDY)d|5&`o<+B8DpK4B8-uhZ>a95GvcC!cMs!bG1gA zq#;gSDpMq+g?pe>)!LPgR~`Vj_W`Li006`8pnI6L$0;nxUOSR?tr9rRKhEAdLtwC7 z&H~$^sa(rHO6&~*uB)H%TJ5mHO~&5HTc+k@TRmyw$B;1Gso56Ly|7JLTdm3R=4J41 z8s5>FJ!tArqDj47LySLRbo5uYE$w@b!}1E@((rTn3;PrLaK|t1lfk7VpA;X3g-sAB-UJ1COQ$M8=W5HA+$ntLltVr~*LBywo|2eG?YUQjs{#76 z9e%+zhF^tAL})RDdd!|!qkpjzEu?6dFtgij)@A>PcvkUdDyy;NO)mFzu{!|%3$jqQ z)QWFeYygjVjOca2H^y{N^E-OA0(dB@Ml`sZ!L*Mb5_uI1>ju@na?x@+i&=8UM~vTs`z)J@TNqsp?ptNOlOIAjN{X8IyRhOWMZ zG$?`?yJX2*!^DXq$7?6goAmW4Up++(XH0{zBWMV0nHhNeLdQI5(ir(9Ioa1VynMCm z>7Tb<*~LadA5^A`0H2HI<_oK{qudDJCD?4gVe+`;$qsT;@Y?ENvv(56hQph%zx{Fg zV?P_;H!rGM3mmJqkz53FY?hjfS-LjSB0KztMLb&H{7*j=yE|OLFLYfVRCjXKwp`3i zM3$GyWi*dlmhwSIYh7K*8iB(?c6s`fhU*|K zYQBx`(q0B&wKNj+0I-i>k;P%67jq*#!Y<6?-^ON58Xr4R5&a< z0*)|6bXaXvTDEcp{l!I}R7&yv7_UAHSXy7t7bnwx-jNcW`;8~&C}lY8KpCDeH$hf*awj=k#S zigfL~wf#u!g|`JHi4G+Yh!4KQEePb+R$U0b&>~C8)Ly&u-V%o4BWiK0|_Sq1;scGX6K6)VYW&O zyYC^}{4|WXCIM*wxlVg=$Eayc(MD=Br>+qPS4B#_{Z^vpv`hfNC zUEMOJh8nF1`*ceiB8x~l@-thE@_QG)Su75TT-Slpb$Pv5*+kQKa6nmJOPyw-f|*sauz>MMu&(GR<011^-Z3w5O6}*X&ip z?;tJBW)`C(%y-Q5yq2T0BxoB5gfNR%IY=T44hj|kVXoHJ+$+gDbL;?>y%BIqL#6kA zNsG6j_8o;mB3fl3{@8Xbp=?pfjE2w_@W!M$xF_>awYR`5`6Vg0%;W);r^Jrur46=%1($sjq0Zy*aX z8H_YFMR;9hrP^12zuwx-+C)i{z2H^qb>jzek%MN~=-PC<-eg7DDgGz+t(V@xom3~Z z<17=qS(IgPJIA&F3yFf&?>vKH0S21!g%bL?E51I88Ajb~UGZnA-h9hBz(N+RcUmYO zi5`vSPc(+wNR7MEOSsu^fMxlmF;eOgNQJ@xcM7iRG C^HyZYt;rz@Hdf<$vUCdO9Oi^9bq% zWr>Gz_KONe=W2`rC@Z27zo~dVgM+zqOj9Lv{dnXEP?hGL%CHG`HlXhD)@jy=m&s$% zfWa@c0QqCT8(>yN3bojZ7}+RC!zrvGMyA+%KNUY+D4Xtd-?Tec z(V_+-4rTkE8ptY%JF^_cn4ecIUuERaG^u^ZvH$=ikS$3S+L`!B!Y?gVONe~7#|t(s zTssGnFen+^QtCMYgG}Qf396wf6d`0RiI1Z+9;XNexUSvVePrj;5$F$fl;zXnarE_| zT78X!65x0OGs6%sRY2K-B7?~EAp!7*4>E7G9{sf7dgaYr$yzI{0z_yn5C-ZSbO6u9 z$T^v`X%c?>GWp=y9Eyx{OAG9;z(*~G8CkXQAIQg?(DsiY!4o8xUcq&-dr-zeurR1w z8)cAQISu{o|AR;pV|eps3)OJ9_*pLHyEd>~>m70Hznl2~)m6Xne^ZQqJ=Dat z!zQ1;7At7h5yH{ZP+6qyiXX~LSa0VBMTG*u7;Ved=PA^jj0)P56|H#qUM(IEj?Q~T zjuC+D$dHj{qU_A1YhQRc4s6mIx^`CAaRA7()(+??S*kiu^6I`rsVgn>X!8`q*n-K= zq)}814`Btu$2kO24*dq1gx((n(X8Ix4gLqQN(>~P&vOkF|6$`l{0C$t;O({|pI+)3 zzHI*dzX%XYwhr%f-I0JIYf}m3TSce|Xx3Ox00Ed4AeF$l8P&1;6H>ehX#-4mN#6$t zJ^&u#>Ism5=k!Wb$73}N$!*GneOxx;L!*JU;UfMB;scn7X^eY( zOTXcAX*Gl@82e5(mm4(>#|H= z-$mty7!<=u(f8_nphc zOa)>moT&ts*?QqqGZp^sP=whSKGA!ALymC_Jn-|<0X=dkN$kpLnRobo8B!Y=0et`U zoeQ{2X9+jfvEAr>Xy-V*7~+8FgB23LD*xuNIhTP z&#og0jlKvPQc*mLGV3=wnmW{?S*V=|FyhcHa_yUd1gY$BluYWr!TbI+-JB$5i8smq zU53Nw4#+!j@Tq~c-}xhev;*l=ioFu2{(Wc(j;!*6oH7)VC)MqDqI`c=aAFqI5j3OeOUAD!<0HxVaIB? zb{#%DGE1OhH;D8*n?lX&enMn1L>izZM+U$ZWndBe{SAG~Ocbr0#WKWjYda#_vCPot zk)nNiU96>(ZIANly{^`h?8fvJ=;KIDF`O5?SKx5EL>;pDKWdkzp^U+AQ_kPqU?`{VZO$Swz z9LG*z_(^9^JD-ud``y^?qP z4c~h^5e0Tw+$JD|T*fW!1; zIGS#TXWqn1hN4{T-tg#v7qopv#v9H9km9E^Z{J&L@8exn5j#eaHEek5XBAp9Xj~@e zKaWwcaC&Mira2p*lI+dl8yC*mYj@c(VaK+_c1F?kR8Oa>-4y^atqpYdB|;hTDbX0ZS(5t z2FSDZ=%nz7dpfm)(HsC@<(h7VsY`~e=JT2+j#0tlC=`^GI-2KxT&nY_J2+{$wqd z>obDPMgR0T#I+NiL^lVZ_wZvl2hBNO4~cqf@?sUm;4k4adw;AwQ*(SFD504%`&$z7 z4w$q**VPc&t_KXV4_DKEYbSDuD>v4zh^0CRTH|EYv zjEbU>AE{|*Cj@z4=#AR(x^_Dk+zKFHsK%E*&QvH!`fLj=jK7(Zj79n zm9)CdBVm|1Js)gL329bNuzTJmZ!u^UKz|zWztDdEP8OomxYj=@4Jm(rk2P8BsaKKh zfqivWZhXxRsV*Sc;5+U(!R$OC62%#%JHg0h%v7>wCzbcz24dj~;VC9XImAVjWf;me zVXR?(Muplv8N$tr?ALZ>}5LP9;$2#2}_1gDXqcVWUn$29Z0JK~L zoFW|A9y+f58EhMXE_p%GWF+0r!h{m{QZ|8;9E))DuNAD3Pd-&X+Cc&Ks4)Ze{(@+A zSzL&(olJ$2d>UbzdcNBSuc5NxINIav8J&EcacAS}Mq$rxiuqkDbGTjUB%l$X*P_Io z!sXW5_)0;jW_USm+?h?_ZrQyaIUcmoTYiY1gwh2%sl`Z7CemgO z=OXtJ9%2dWJ&bsEJpxtLS)0#*CO%+$K1EKgjvQ6_xJpaI+xJCg4FEX1o)kZ;SNR|m5 z2JJX6i(khwhuX|GNCIi4pK7wBY8qK=3PG+oY$`o3G`O+7^V=;N@Exgo=B~sX^it%f zky7=o$l-5R{~ia{p25*+MdH_v*j(FxmA3mLD-yRpqFauNsAT15vFRtSD?AJ|g5X@XdoqDCJJFLZ^DbGaJUY*8X!4P`F&|hQ zY||4cCF*~I{o2HqjJRpIqn0| z@{bislj&f+0RKEY<_&w#zU7+qD--TSHrPS*HWV-ziOG;KlI+P4nx(xCerd>>n)OUZ zjB{x3V0hF9Y$|vdLf$=UI;{~vSoXcv#EuY$B0To zYx%H>=36OB3lLgiP}N32JT{Gh_@3nr9(%l5FQL(N${aL`6`UUMi2bJ$eQBadv!NVn z0aGkEshseNz3I+Wv5#Y0`nv6sx;H`q-6%I;)vwd28D){mWg%nh406)h5SeF&e>c)$ zFciTP1LJk)U9Fq)Vj9>+V{uf`3`D8_uiSICSk1n9@xZHj1v$=NV*X-d+76o&^fO!; zBA=EF;zY`mTpy-w#Lt9i1W738{M|VF|8J>(DZrLQdbb+}5Ph3PzGheYM$%nX3eETr zx%s@Ucrz-T;Wl$?Xf7V)K)=_2w`nuNZ%=c zj@Q7h*lYrKP|T|2g`|N1A?t13ODI;lo=!^e>Tlq_b&g40dH$_|wG=9ZcKro@tbZi5 zK${q-`320njyitdC6xYmRtNBFE7Frf=FkP^t#I?2y6FMwz64v72pu(qS(?yPE|1%H zq0?a+ome6-#?%mV!HweI2L-UT)pzWb`K>9WO@xW^bk6d^p@`+O_i-u<&}}wvTkFD( zdY3PW!2?G;4a5@7jP+jzUh~o*AJ@O|5rcKxp%t4<7)Rsf|D7hqKU%>yqSTx&yFj*C zl%LeRGmBCe6Ck#XWecEX#hm75Kd(u)Vz>}?iH(~h6g8-)PCu|n-LLswGjmARD$5pe zvdCi3(++JPHnYcaJ!W;XDhAMv9Wi{HTWvmDc`-X{nw=-*;UBmoPpYyERITfW#$tSprcM| zzrk^Sj88mCS!KjgxjiM`yX-S2eA^!eWS;|G!xDO3!htNpT~bmsRi`)mkvjjc6f0S) z#T`Pik2Y*gnO`=}!Pz`jlUsKu0Ij2qT}?Z-P(NG&bH9Ogo(71;ncn(88_} zzUq$E`j|-uS=cvJ&Hyfo@!i8z=j97aMAI9_v_TtIE4J0tRbM)945n@dHNkh=&1_KW z`NBdC(If-Wm5314pbpizK(jZ1>EzV6_1lB$*bNapK?k4r+dtYs2j%OxMK`;3pZyc3 z(Lk%cf78`J*H;C`*ecM0B=rX@8^5C<29ENGg!$u8$bE(!_i9p&z{3>x$9^%ZoKb_t2mC>N+6v*acA}=G{bjqIWjEDgI6nd6g#E}^s?&|M* zv37xx*X&~vera}S>!x8_*m2pm_~e=K$mQlv0OiRSL$K$L=A_8Q`;(8H67!!6rz1sv zxSe+~U|UmDXb<N{-fW9T&iQ|4cG+&o)o3ISXTCH=eWPW8^ibco%?7PlzTS4KB zUb7SGqicKd#*1uN^yVO&X`X4y`{i*@ga5cB_ZorbMN=t9a4FVXzNn&&R!h0sM@l$< z8+AX~5qwcQI)@#S>~9fl?LoYCSXX}3rkm2dmMQnso#Se6wEeg_G%=-E4$2>lfv+_lp*_&M64Cs@zYpW{<6I@Vl$ejh^)rO$mBCc-A^laUH07dhK zVO{uG1W$Dt1K9UORP?!S3g66C%>Ah-n1}jU84Ux+&AHA&pJ<7&{muDIhoO&yX0eAv z=jX154vtSj{$nj(tA6h48aUtEswo8wj!RsMVh)QZtTv(OQORLABRQ1 zO7-b=DK^e@eJMZB!@ir3i&uy4&30dFujcDMFAD5)+`qjETFvx7mqgBJk%C^Y{Y?T< zUYv;j$fHzSW`_Y*R0@H8zeMud!C6sLMOOagKk93VJUdA#^+?YK7Ffr+nqj9`EvJiD zzgNp%8%>@#1T)+N#RpY9RRTGWh4#cv4Jug>^khE*z2-!t5go>6aEv|IiqT?dn=qnW zc~GV=diF?^7T$2VRF1jv14%eJHxzWybbTwdw?_F;;idl*5Hq1M`L}1N+cLxKV5z7A zrf@3mEg+^0S>836&Cd)vKC`YhRKs*k-c3IbU}s*nsE9QFM{^8Peoi&DKl$rcGZT|> z*z16>-3nx6iW235K>l3p&NsiYZ&_s5O?~y&yZr@hwLS`78d0`AVE1RWv!^IJ1i0Vq zOOLb9Tdr8E3F^Dnezv6C_Wf>gyMAxSVMulq1SMHdcD*_^4)d0JFv}w z=*OjIe!q-6M@cjP)u?ovOD(p41Ioow)4n+H-fN1#6D>ciFU_*grzEn^DpYIxmc!wz zuzc+=kxq2IX04gIdV9@p$E(q!>mKllsjZcKlfE8JcPW23?oC(hhTn0|XD0F2GV{KB zOHk)q53Z{=fAWEZMXzh$e7Ht)<|MhmVVI=wmQ>5dT9*G-gArlG`KCi;M*>Sj8OcLX z!@mZeTx`xa6S$Rh*^zxbzTT-9ErA6}2|y3p!Kfa@Q8u>5-n%}o_TRqfGBmgu2Amj^ zE>;gjy~ywmCw7|*zzC1k=}14L!aGnnq}iN7U-Aap>kn%w@a#pM@FCj zzTQRP=|nF1W^wrLy1;BYYMu{tAeuw!rq8`ygYI%x^WyExkBKDAyu`zrExQ+$en!e; z$=GFdx3Jr*VE>!J8`$Q`p2Lm#@5S3FZ9CrqDN)|_f#_7&Rq?Ua$loQ3-NSMD=mzHh zyHAw%_NtFBY~*|7!YvGXeKjBKFL0aMztTcNqC0lmaB+39A}G>b|G+5wZ})D2*=H}h z+?fU}0wVk>$}MO2W%0_~8R)gHNpVbaOlwV`m`U+yf8>q(wN=Wl{+08s@$~bp85^WO zT*^&EfFYfiZt|$}(d0wF!=b>6zPi(l+f#_;QFKZngtC$B!2=Nf=exM$)6cWKeqv`0 z$M@BvkJVzJnfiwDWE%MK$I)k|*3K&>oY3+3l$G=9+blza&2Vh8M?ZWnGyRubwY}uW zl0{E569YoVAHF}U5fP3JH9xrbt@REr{g9cQAdtu|krUZRG)d1#uWz8s-}Ae?jsY%C zdjrfKzOcSdOT*$mqK>|1Rv6Ik1-76b*UBd=R&%tU?tfRnB(MVdB;OM)bLBa*1RB76 zDk2ZG5`Cr!Wm7K$9op^agO>s3$7rh(mVqxwro*mf7SFfK@q_U|mKE1|JJawP7X zSzWxSWtXEOEiry9d}d5KDsvAyM%QnQ-+{*QJiJahGR^&o2<`}@_D*PDqOereZPij|n4zmd6xo6Xst=>1Y0 z@S>AkrjyFd{SL5^pT(~#YdiyuAK)^Xf{fb!M%+bbBFB{^;Qyj{Ci$l}91Ke%v6#9> z*99!Ccsq-D|IB^QBEtk<2n z+O2J-t>vjU6vojlL)@1>f0^^it%1Np`&Ih+A!UrAm)8*`{RGYj`N+Fz!V5|@FTx6T z6{D^+HFq`U~>eqH_PEWrb1A%t#I{!0}DijCx zwZL~~eQEy3E%xO@K~Aum22QcnS4jtn`-<%eosDEogqOES;uWD1XVKz{dx8o*MfX5u zck>TufY@<`8F-0~V#A3;&0J5@_A6={tWRPSje0d(ZjE3+?W@nHxI2r~C~pqL%+04b zX+d6l#kb0iE5V>|%YS>(X#_OFRjJTzrxft;NGaXxnbP!G;a>J z7dd&vU9rG_JtV;X8M?WvaFy8@JL+?^k}(4PGOX?EdfJNZ|BQW^h*I@8A{P7MHMddF ztCf3d5ASB_6csSb{RJE+^i9Zr)%2g=CTV51tT|dAI@}&c9-pT|je4;g)9w@KfYuU` z#rB0diWE#gxfH#J{EhknnlS7tQkd}Jt_8ZZkE{EUrSOvf)tZ!QN4R0qKZ@9Xt|R)7 zZErX}--2~Eqoq0>wJz|-0DqjjzXY>M==^n zEksXnmHJK+-#~>#mHM2uHN88`o(K)tP*-FYLTOLrZ&HH!U@ix9pT^({^b_EXp2qM{H$~mzj9zs zl3EO}L3YbR92>i;GlgEhZ7xCU+uLgFWa*{ncn-pQ4NwbErr~$A zC!>{@<(uizuYlQQjZ>^HP{wt$?N4!b$gvnjJ}iwqWhVgVWnVPmUh|2bWl*m~3N}Tg z{m{PR?{N1!3<{N!6Aw|V#um9+&7KGn$jeR`kZsLwJv$M-Z529VdX}UUjsU$D_&bXq znsocH*1s!>HP&foZaW@b*H~QezF92SzY6H{kQpOwIa?d>zfIi51Lwu=yI)}7B0tsifVq134UDGRvjrHjs{Pl6Tv{Xg|G-l5UJ~*BC84W#Z zNzu<_8oPjn-qs=X&q^3JV`OVO5wV};t!FK1OJpIy- z+oDr-yHNkL!8%#OoHO8fz|aM46-pW%>X#wRvtDej1^(n0)Y^Z$X2~$QE(hEH1wA|< zL>j_@4Q<2Lz+!)5eq{Fc@PyI~Kb~FJ%72)1bhXL@d2=z{ae3Vz-3H;m)S7^~7xk~CDsLyIa8b(^sceb~8jw~RMlj_fkL6o6(>b_$UK;2e~VcLJf@X7gSfw|d=eAE(FPxd_-ikNAp#&Pl@SVh^+fk9Fja1sR6>n!cQye>9kJty zWu}3un12h3)2(-?isWYeuB@HeyO=J_KaqFRYY>6bW>k#L@c04dwB^js9S@P;*<3H( zAYJ3Hl7u3N0sEaV5joh5|4~8{u5$&&sDAzSrdH)akE{+UWEp}VGX}yTP=Mm?z z8^4<9|LpF;51#oU9>GBoMeWAqO)XdtP(FKXU+o%z`~9DHHN2NIn>M2USD^-;&vH-& zJAzWfjYHcBpZeaQm@=3SMa>2RoEC=T@W5ZSQS9JnN-Dig`Jj2C8}h!T@?y%nBl-EAWCa>e1*Gn38d!Vmhik9S>foyoKyhPB1-mQZ2g{? zNUJrWlok(`wK6O|xdrqko!(of zU}ih@GhwtrakYw&33T{z#|zDf#;=HiO$c^zS3jV-7Pbfl>`2t_s#qWLrgC`sL~1Bh zS}K-$uA|>krkE9p3HTL#iWmXQV6Yisg_RwNON4v(mlW|Tg&V#QT4!fF`id7gCGoKG zYvg^`%ajgyCV@Udo^k`WC|%P%@=H!|CoNVo{SjR4bznRHkz8 zD#6yT#GI(ihBug|b$1h`qV8FsZ_neXOK_76rceZuZ z@-z`Bt9DhY{>E1_$#rQyudOTwX3)@5FLGa&ejI=pVwJsfsAO9S>rDa*Jm1IaF7eJP zDIe7fQK}kz!gBB|aK2j~%*q0-;EyQKlnsU|X$@}#C@@uTg>+uT2jyP?*G6*+ptc2p zIn9TEKCY+d8B;lr#b^e)P0E-)8JXu57p+y3HC&u}fo{V%R81Q(lFz7N5qGxfIh`H{ zoRJfs7*<-p;;_TfEtY$fW{b>>7<%^t@)5uFZ9FJu&2a=`l0hdWHAQ&j_9c@WRzD3S z$24G-6Acn&5-*Qwf+RqKqB_vsF_a5y`kTd(q2jrUGGOEFfW(9T3e~WXi9i3iz1T7V zf77`|;lowAJ8RW@-^*p&0DjHcmd^LJhC)l&K0+CrIw|G4iA@ub`~*{vH53P>1GFLl zso%1o|7-q4r;$-HI0p!f6EXyRr2&Vm6plF`7G*lzdtDL6NSX+i{kOb6a- zuq#&%=VNV?^yGl8;?KD~nvfXFq}n0zRhejJjoA8fn2NNJP%cK3mh>S@PhM+Jks3>p z>i{$t>F9YTy^aO}Z>;*JP7M5&rH+-G1J`(fj$zKIsMUpU4dfr^-V^hxAGqK3 zN<=xMLLu9wBAA+`l&5IfX;0RzDs2G3we|fMgjB5stPNUv&b+i66G~)L6U7}_;5n7h zvO^D50J$(iffrwQD!Ew=mcM9hF z=+N9hlba~7T}5kJtG%vAY0G8ldTz0-dYDO+AmLD2-OfaouMscr$fEHW?n*Ja%&!@- zBQ&Q+T2>C{Sk9m%lyDW#2=$V8E%4lk&*=WWAISLYZY*BsGAn9Hfg9-ed>UL#b#waC zkfUo!xX6B1+7d@BeI;?On}QdXM)9u!%Y36D0L2XmS;3PvVZ2QF1K0(XFmO!`*4)uX zU(*3AM5@^ay3EWXll9ISG`RyAuuYOpG8pbniMHH6u4)J8hN-BBp_pkAG6!UuIsd}0 z+}!}|N?mmqY6?)^7u|$UIgaD#tnKwHd!Y?qUSx*4mhMleSJH8(>ap83X90fdAsQD{ zl-_59~ns!ZZ29=13KMx zp;-2=A7v*qF3f#GtkDKiF#;+P;;KqzmS2~`q5xn1jrOH8 zL^9(DIS}ljCLx^OYh0i;Em!lJN`TAL1XZ@Y=Q555!L>S(WwQ3t02M)SGKD5?m15kb z%?yz&*K_ z8>?36HdfwObVWgGM3*htiK6(i2V2M)aI5<mdmbsfl9y*ZwolbH$$KZ{I9?~~sjk8*0FUuB5#K1YFyNzJ(e zhAsk4DG!WLHpo33w^Vnh*H!APQS6d?Wa`11tYb?0CyEX1kqmBD)c%Jt^bLLc? zs#7&J^I`e})ij&#ZGG>1Uu#{zWo!E$_+_0lPdtG_l%Lf&S|)~_QM^N%nk1AfgHv&} zHVej)sUP&%h$7tWkhB<~^>{kH76MdjlXvRMF=GhHJ=g#^)mIUs2 z)TYFCxgv|uD1b5RyV&G&JQ^nxyGT6+h)aLKM${k8g;c@3WelnpA zSG7J@UZb)bw1YEQQC{3l1S?lgF6c;RJ^2!Famb#Iw=X0Z7;L23(U4Bel{=S&U5QB7 zIBfz=9!o)LS))rMH-Bpa<$^+kIB+ub@LYzZ!nlQlVj{`MsQhs^o_I5cs0Jn}38ezF zi31Jk3a2rPBYWJ&@%uGbUoBn(gXl>RULo=X+I~3 z#Zi{)>pd0*xI|z)?7FwIhk=Ti7cL*_v(zM{ld_3-8g2D~hS@b>V!W)PUfB3s+?1K? z!Fe0ir|Zi$5;NnjZYor3o6lmzceJgim$LD6Ep!fuO9R^dr`DlI>OlEz3Hx7DdL9Iz z#y&o}v4K8<$H)KgzJdRxrhkS10vtXBDLp(CKtS9J1t#pv;*AE-fABlA#1LIgquklncj%{9OSmbyb=hi0oBAxViMy`g zCRX&Ot9c3H*>(pV^~poW*^bKS88m3C9YE}SkQWjOb(4F6=Ea~rf+l=bSG3NA^p(Zn zxh5pIyeirJaa?oD+H}}0prBaKf zyXX%g(Au_6TCCh+^s4cn7JLt%H2~ECk{9N(?}w@0sIGD+>Gm)DJqS_mh$+V32>0VT z+s;4gnf5&PT=@kl(p?Qx{0?wEK@_?g8@%cda;k`W`_4oRV9x1bpX%cD?n{+O3}L_ZT>H?Sar~s4r<9qv^&aG9J**mQuWBhbMRX|Y3hF#d196uvP52BAITvr zlY!LDH9*Z!|AQ!lCfR%n3kSf%bw0A_%J%@EpAKvFiB8E%;}G=SPw%xdzdav7&b5BL ze)hIk_t(g4;k#=Xg8%e}64#z^4+0~_FYrxG`DOAp0-z(FA4gs-Ll-*vdh(JFF}4Nu zr+E{$J&tY>gp766or-}0oEu=)tP$Fx>|OyC*&>XiVUEORAaVf^QY~-4;3CzsLWG&y zr4z2I+ygApQeAqKBb~6b(T6~f=4Z?X8oj%3K#c-v%Th4Ayb{Qz; zd?P4B;sL&1@1fhqCV1)|D{d&+HZuE4Zj-LImHG|XBtZDZ7Oa4FW;I!~EufY=N$wTE znkec>Y$Xn`l*;$S0mAp(jXgaIgqpr7zqLN!2(y(U{CoSoYXUVsz((~v`=FS=>CU(c zcWTaW!NKGrIXX;VS*8(sx5IF1vmpo^hf_E7v`!5D1pJygvtmJrR&_xnY4K#50}_>t zHcLBQO42O{hp$;m(gc7wDMzVLqm*$ZSbeM789PtF|A#0i8;cE6!EDnk0UPM&4WrZk zNYsqkO9};=%(sH}MkwePSn{?PF1Wt1 zgB0rKl*Tjv52zmMI8B`>qeUNE2rF_;TcDU(IDg;o^?suFcMypoG}}=?CD)29JK-uK zQR17H9+g1&^b3D-vy#+MPa04Zf>EY1fx$|9X1R;41TE)n{1?NdfM~w^@&*9yK*_kP zmb|RkbUQH#q%02z)1+H$3%Cv7%j8)#y>$Hu!Q?^$$TvWq8GZHmI_p&n`L(4~=U_dJ z$%~y!Y3ZH1E$n9+16WwLg$=f1VbNphFCvxc@hm5xnnwH{T`#9?em01At91Y=5K>+B zuE$lCZR&EdjN2JB*@V*asPUGDSIy$y!{#8*4<0Hx6)i6HZsUd^Rx^KtIe9b(ddF^8vdTtk+;oG*!Ih&!@G% z8ZjE{n^@4~t9wXKFLc2rJF@pz^V+fg_*w$*ZLC+Th(ZY=t! zNjeKh&O&*6Dby)HZj`L=D9Dt#ob~Ux%ARfo(*sYU42RMf;LPJJ0tVD=yVrFHr{6KF z*rHa(L7KD2-V}*nlzuv^?8G)VIu`Z1 z6iz?H7?xeP?G-!BjmFY59l=J6;rdC|<7{+9gJp&QD&)A<%|orIB6cFOEPR43LW6H% zvI5stT|4pSDj!$MIu}LiHomO3IVm7}eV8V=OF>}SfqF=awS!xl=Oe4WPS(qtd2=tR z%q`vIPI}W=6?3y4p?GjM;p_xP*^HEw0JWkv5o~&FdkRt6bzV8N$WhcHFMvB6mW>Rn zUw{j$(~XmUH~@bd6%d$sCZZ-nl?F7FJSDHBWMXSLiTa-`YO)c zn&S}rvgit1KQ{Jff5m6e(3zz$>CFUKiivbval{GeOL*(?KeEmmvf94W0VoAX2sM*D z=E@X|J->KxlSlHQiItXoe%b->5Cd^a4jCTojS=H2pJx=+q>TDCO<+RGq0qoRA2SPE zoC=Mcl-R_d6SZ45dO$+0L#Hm~-_&Y!8-lT!HUGgh-k77UaLZdl0S1eGTLMOTf$3w7 z9QP^)&a-%n%r3&87V6pW#fzS?y#9InPR}72X|U3*k)~_rm~0aV_7tzM^`a$qXpcpM zQ<-^Mna9HtpD+d!SbZXc=dd3$8fOixreR_M=0K?mZvETsu|>^fWIly^7S@^wwv>2b z3Sru#DSYQc449}jo`_5YoFa}T?O6u01xbNE5f~8L0G=KdAHq}5Vwh+T;1G$4&R!u% zSCj5@BDn5hc!ml=Id`v$i_Z)hTQ~1i#0k>H)zVSUD9|nfvZ%Q0bGs|5mL)U{zlPg?dQX~fMS*9rqvSo*yZHv-OltwE-L^siyFO4iW{VN68wL0^?eb5& zJDl9kuA+YKXC*>UjE~;&6q3QL(?=dAwf z7y%Tn6>Six!zignN2{ZUA1L$L@dtI;d19;6bj6AJx$IaXD|Hquve7Xq?9@n0S8{j& zI93g*HR{(wM9+B%w%qSOiJk?J$sdTEUp!8+UeV9PXL;UP9WYJ!TUNl~rT+FoL57GI zV$-eMYNTLEfv1!fchdny+-Hm`WBZf`j6dlk|7n?9@!QR&+-Jj#l@2NGSMuisEdLuS`Y{)Dhtj4f>G3l zB+7<)(kBYNyFTlRQ@&4_e(1%{oBU7)L~Njsv26M;?j>WvzT-zS5FM-H``2FBnAlA| zoCs{&HYB+0X%Ad8(%pqu&i6o)0t%2$_=%wx8ybGzFvfE0iOoTL9pNwWZ%df^-iz6I z?HDBL;OSV7U%&`~FrzqJ?&G8;UPFdyM|aZOg|JSgVm1Ixvd8Bqk5^D3wzRpm5u-l9 znEvqv0hG1Ew9?58>~pf5V4D(|9f3(tUPi#kb7^SoaX70rj|OS*yxzL8u3BBKx+l|0 zWVYU}q{F7?op$I6ppKt&as!0p)s0VC7);Eeu}8`1v*unX3Na;vwze}4_5O9Cw;X{6 zcM>iWnOGtY-)!Jk%IsW;`;0UG3L8LXbYfR5rYb=U&g~C2*6FSm3p#V>6XfGUAa@%d zaOy;~0P(|jos2Tv#W`^x{@(VmiZ;^7YLFWFJ+RDHE(@q{A0e(t1yt)7tG4G@T zA!L%5ZHL^U(~~-0qnfo|i1eev-n^s9#YskwV?P^{iArkY_h8aaI50}!6eiVx;eYxj z(y{+ZGJId{t6?$!PF12Wj%n6>uv%R0?z_RohD1(D=*{XbDA2 zwUD_gaQKQl^iG=2HYy9ij2J}%<3xcLiVtHwa3Ek|6KNrB5(ku#vx4C*I?^S2}VxyDk8_rc-ljDcU4}dT9KE5(h3{6?Ms~~e)rb!GV*8kBBRuR`%!z`#i zE{SL$)fgmXXYtRqO?(*}aMd))R`~rOmBwiPy!YEoi#!QFLs9`gEO{Bx4}UdAqzu8W ztxGrg1Z8aOs9g`5^;2*prd7n@0YuM5(^H7bGp>@yr%m~a1#}T&&>qqU2ztep_5imS zw|h81n0LL}LB84?%v#JwE0qe#wvH+=PfRr6Z`z{_-^i}(#Y~??E=~&HmcJ6&7X&}t_{RpRgV%M{js|pj zV=JH6nzTT${yzP%SXpOn$^|4Wpb&Wg-&K$0^AhQq$1Bfl%{Fj3$Ix7{R`*SO|5x?v zWU~@At9ZTVRTSBEe;bS68Ew#z*{)x#c(m(mN}suCLD&TyOdY|Cksv~qmjM4P=Fq7N zV_pX4NQDd)e6g_l{2`#P&W@%+Ko!ii;J(+gnsdddp7%Hc2P+FNXnXPuR7%7is>s8f_Vu_w+iK8S&!?{0@MF{4pY8)=&tiuXeV;g^>!}%3L%pethUTD{Q?iVK zS@I3Aosveu@ll6FiGpKJO?W=uBL6S|Gu%>C#_%7pP-_-sSr9M$;X7{-ylwoR8G6$7 zZ8yv0^TfO8NZ_i~=Kmb_{QuR9h_sbDxw}YD;1uy6z+!tp9xCZXoPE~e&bO~^+|Cds z4A3DTP@{oqbg)SZ>=yS>NA?vJM0Vz>6Ht_oZu~JD1D-U?5HFUkhJhQ*EHW~u z?)x+Qzd(K=uRb@z7#bvrbtF#jdq+aRDZFPYW7)kk^yDG72#U}R023pr?0E2k3X5+C zUq*|`FOD;#jd(2Y6k_yg=VcM6;H$W+ge_4sM~0aTTes&p(s+ zkU7__n2JgXQCxjRlh|2&p%H#};ypjZ}(K zCPw1WmDfQXuC!i_B2(kcB+b_M+a{N*h{h4bvBZo*9dL%v}}1cR7WG+(D$u1xBihjI=P8-%<9 zqJkCLU3Y|$!MYJ!h-&4x+i6w~#j!=pl({VE{GL?-^tnz>V$*%x8xLPe!BgPy8N!ZS;jDw_y`{~HqHjpaP>KbBzYA&C;y~AT~ z22YMI25KJry#i*EZ~u_mG!)XNRy1qh7MXDRn{<58d~H6$*%>giMpQq~-C(1915iO2PcO>#oHDZe%!4sM+Uo{h zUkznF>lmy#)0ie4$Jte93__1ZqqXC~AR5`RHeeyHn=1%A*kaJgrks?gv$}Ro9R9_h zyOS?S*i_*WN<1yHWpXqU()*NwEd|l;5{y}5NrA?BV`0xx7K0y5c=BB_-ivb zy^Flmu(aWUX~<4isa(MxLRyG3Yu0a-L&fLV6HcU_xDdgxP0v>i!S4zG+9OGEUTiO< zHai*^A*PLVEH&$56C|hKVWLd4{WWiqDH^~hc7FWCUMwm908gZ&A3Lpxtk5zc2>!2_ z#orBekWRQUmlrC)lX*ym{ucw4k5^ZS@FrRYXn`E77=K_D|D)LkA%j=Ve89kUVS9|U1zonQR4qt3^HtzLw>Fz0t9voOy|D69 zC*XSvs$@>S>DkcD>iccE7vi5L#1_)RUGWR!Kg7b`#66u44>DGB=U)U$T}6PiGIo^w z)9GZFcaBco#YBUBRM$hc)?DdgYX@PX$hQ3KCqvmUsn|MpXk->BF=oirTs(Yzmi_fb z@5sCUhS9`?5D7h9n!*Zg)dG&a5!)=IoS82a&UuegDbaj(PoaL@$td9aq6i|5$M+YQ z0$*ntzP>btB?ba-wS9#y%;MiCZOY95E=YZy3dl+vcywlXfr0s)TZYrlQFfGkWsU6< zAX(`9o&b@urCKeCr?F=FsCc}yld18Dke5yyTs>q!fQNad2w$y{h{O4(?H{F?lP$@! zxC}*jqlFnDI{`KO_W)cK*nN`JCNThCi&eF9rpDx$j*6nJ zn6%=x=g8LQ0unYil8o8MJRNuw;B!%44r%8}cCqTNi`YV_JJ%kUbB8RKGYiLk8)IMT z)h72wt39)bj)O?m7!CAVG?VlI_9KuGK7)pvHSlMNO)1GCi=rE=i|1AA~cRl`t+D! zBlVLHG^GIq?ZFQ?tOAKa*6^kr~94Z#6K?vrN8uvdVArc`ASKAy%5p0)XI*`{LOC2i*756_V!V&O0E3^NtUl0{YjUx zl9cf$*JN~&3CT%Zn`=YPwu5%kaBtnqMNo6f2oJ|JGqF$oFoPz>qRFPd+r^IH1r|@X z5SlP!>e{+K2xJ|4G4nB7=(R*v`djlg+_7I%l5}8NT5$<_&>!>_)QO;?54`FHyCIEges;zCRhFag*)A6~bT~4`4jpsylD^RieSVOyYC~29cM@+H39~}x zRw~B1-|;NjOvua*^sr`yOwNb0{0zj-1I3=O z7});CB>#)(YsAZ&u12+P3*X(^mc8r_^r|fffre4%c27^{%XccT+@j}VNGVqXb=8Ha z9qD6)cUVC|G_WD|H6bgIx0p0OK#(-dtwt6!;AHs z(3|HE&U|i#K5=OtoO)AdTl9PPZxtm$Hi96~7KP_qUJCTtn8<{s(BGX|@$&oy-u zuplpK1m>^NUesL@BoGO7ewzD$_PVuiZ&o4^`#jL4CHd`;Dyh#CubJ6~dbjb9uhG?m zV?sS##raLA`kJD{06Rp}MH}A6DCVmD_nfFY|Jz^$Nk!De!dwhTOP8x8c=Y@F&UOya zAww0euA+k#<1YzyIN!{07Onm&oEbD#abC9(jl;{Qx6Ot_5Yj7(u3p#FBMR)7uqW~f z-J$1IaD=T&aWd^FOm}{UtB}Qesi;ucTW%Ck3iwOi-eows=!NH+?eD#_VJx)aqIW$T780M~x_39-RXL)W?qlmsFQ2U^GhSBJH8sq+Gu~&puZEY> zV)q_TO5f$*sOv7St%XMxGlX?_p~nI(y_dzWh-QswQfT^ojREXi^Fteg?tM-D@|hLfIzqzXhXPkjAZ zc>a_e604>9(n#PLoBP4ib^}LP{}mdkK-H%qDA~H38)P2-Oyu%#t12gp;d51xzI%0~ zLmH=sf=B?}!ES|oNlcLgd?qNIG%q#29_zSxfp@2MD5|yT{>Tli*oX*H({nH^y`1=! zs41;ol7yY{J0vT5vG!u^xTeHy_v=K3LVC@y{f9<3N0iIY7>N1vb<-iL#E@DK+HkWD zmpP|br}e3IO3R>O9M;k}b}ymoH_(x5Pxr>cl`odc{DvsOTDSa8+fgp%d2$OhceF;F zOTU5(C7&jSBP~iho0!yT?H+aaq%!uczQHZCu}#z^Hgz-jLg*50Stj}`!x7gfu#~~( zwGD42w1w7{yLt58$x`ix*lnsIRLmn#PJD74z z3XKJ3MhAH|nQcc7Bi4}Izq!+`-z3;8J8jl z$t=c&ZnN5Hbi++%iT5L@=<5eJ1un!pph#bp?e*wfplf*@72|qDGHS2N`ht8kE@#Az zCoogRhbk&1a|6v7Q!G%jL<(%kEO+NRwyjz{4B34GtM6cCH~zIOIqz_3MS6Nflr2!RstYiRwt^M&_^3RMHDOt%SZKz6m-0dT2 zTkD77NfkQuEaF}EKhw5;OpjJ}=b9Sh@p8i>-%$lAD8qF_G?Xi*KZt-SqK~Cv^5MZ` zLk7V`vZqd(^Sj6`SJH}WqgwOhVZ<*-7j7V|&psB!_dgBenu>LpRS94tfqv|TTEgl= zguO?2GTpy=GUb+MXOPE=kwS+e_TB0}aH)+G+O}HrFcYtgf3O>JrQ+c-(avXq&6aLU z$3F#y9m(8^HH1a6qZ*=?=C7!+vqg$!+I@eyKp6IF%~G~I3;S2R0@R*wGRNYwS@~+} zc~0ajlQShryA7zxq?CjaDZ!g;!%V6Hi{Dh~3}UtE=$Co&1hVHf0yKAweRUej_fF8C z+a(`%jIQNx{#*N}EF2ZM?ivKH_+6hEH$$*} zmtKyjmog@Q#oG@lqLYzybY;V2M1B1zn%^xV>^p{%(|N7@b;UDK1c|vd!%dY&3}&>y zkIQOg_t!G7px$AMF$5A}!cCPoiK=LyRNjRwqKW3ywaB;h`%r4hbLl8-kAxqf(RvFM zrl`M{N_r)gO(k~3IG})0xV7$rtwJosPEuS9oA+vP3iM05d~YXdDRDTZ3=hZtQRNDk z9UED~$!O%hnKwD@*jOYSj2p}Ecx!&HyRZ<{9q(Y%n44)e%b)gZ-_e#oG!CPA>5ph8 zWyWIQN7IN_6u3Jdg{~hO`6=?6q#|=?rU_p^Yo6cAtS@)7Pa~d|v z3wcGA-dj@x1sQ{dQ@`|AkyW}TDL-`wB)|*#Nxj?z?3?T-q*||Wi&bauAc-Li6HUwU zJ#iZO4woqr_ZKfNyV+LEI);=KBK?M>dqpEcjP~|vl@pzfPOydz?%>oYHD;ye*WR)L zH1$FAdABn_<}+q1cVjP!oig3onqTu&prJt|5_F6SQ@D7FXftler!?I`)1lJ}MbtO` zBG*l$t4MBj?{~TS+pm2eJy>r(qI!6C!smXZNi2p<$K!n>kI@*ytLeBH- zo{E&szA5rrI#nS{?g_{$Lo`!F{qpCuS-vcGmsIC!-uH+(LudXkIXVm*SOh_1xTegg zifHfJZSt|9QA${&)KU0{{Fc+JlHVS~ zmfbz!C2az2 zejFb&SaYOjy=9P9kGv{$;Z2Nh{WlM~{l?hEN-$%{x77I4U6D%`l`!RrI2+9hIoGEm z#ad~$CnaJp>`5laq@Rf#Xy{7Y4Z{R29erow*E4J6XmA~{bH#b`2Q2mbIn~jLU|Ey( zpP+r>#o`2*mMHXxquigQd2l07EQ}Ow=!wle1yy%HJ1@08xJKidtL!}Il zI=kBjX`~u3$R#~;jvI^nI&Xm>vpdN4<=_BivGyN1D>0gtD|k9w*Tq>xL1qSPW!0YK zx2f*!XEmJ6VX0YNuBy;0+is+zGQ6A#Wd$5o%#TNuohFL0`U#qT9`)R%7`opCdfGLr zk93sQt@%4lDHZ)+@0p+n%@l}CD)D3lMs2Y=Qu#7Qe-gcZJ>EAgXh`rYTB%5>y|uX5 zU7%k!FBSsLEblz@Hsw!1WK2DynQPepuHgzA7N`N6-W?o!yJgy&i`^#Lz3;}~{EZ+P zinf=aA9s81=UB!OIFpB>bnavsfy{o8@KtV6xzdV}Sz5xLTQ>l#c{;MX7aM3}csshk z9rc;*l`orWn+~y(D{ToOM)zCK%J`y+zt_fJ-Fg$eCrYZmFcj8A$Cc0W9jEWq2z;E| zLk?l>b2O7`)?mL-k7vZ2E}VQ1pb$f!2H}%T2N9XL3jo;FH;<$_T}#RNN&PF5WWLx zBfOhszRc|~M^eHz3oE=8EmrZ1dc)h0GoNmJ&P;pOqV{vsl;bz@=nQMwvD++$q!f>%11qGZ}{vpFLSVZKl!%gGX#E=_!;`S z{AsIQzD_%1WrSt!a4h-2(=m&I;M#EW;>Z7Zo{B)amYsm2sWhlD3#60d>1z zLrcFTUbk)b5#40=cc&JfVu5xRFogSE5?X z&Fe!uMc#5u5Yh<^GM@#0jSf<-9Jh-zstrb#1}poC8$7DYzoyFIz4&x?`-I>@eoI|> zE_!|w-ECaoL|_=G9!{Pq;sY7)ES6yCpBpTGo;DV2iTz7?rfajMf-Alo&w{l<7k3tL z0)ep*D;(UP#V}V1mth1E-0IS`=|T%D*f^0f^~alrs?O^=J~Uw9)p_fp+vCPrqnrKx zMHytRvrF|%NvEb0drxnUN~-!&OLXw&gc+)i@P_1y2(+Ds_$>RF&a|ntud7y}<$0gL zlG(S|)m28qumFSnTy!%A{|U{aZ5);0bzZ{kQ|v#JBVXmo)`Tc&`}VKWMz${*xtFOp zRLofv-}IiTQSnbGiNAFOzBJn|j;3|MOgGQ7jeBOXtw(1=CL;`K4|5eaKG-Ba-fM=0 z`)`rNLCziS#vHB``#ZA{Qs^LbudrqNxt+WNI$mANC!M`t+2ZxB&)-!qUipexU6GhI zaiJ^oTq>yw{6GgG<~+>V-gDW^$-VwUz-eu4>P3TJI=_+r=E_!3Tm9B~(Je2*G}bJ+ zI@A;?#xFM%>8?21j#*N6QtqnTN%SC0BnMV+M8`ou9PpR3E0gSXY9)(RfhIB%@Me8U_e3$17ZH7z2MBdnEl7T|*ftZMiKH22j~c6($;XAb%0uVGR0AdSJ3|0N z^1Dq^6cPi;uP{^$oM_n|V4CF@>Gr2)!6GiK>tyP~ON#VXLLF0P0FX8&x<4 zncZaeI(}^0olmZ8cT1SaMJh0Y!sDQKD3Fw`RFMNdbt&AG>`~>q258Sua^U3u!-L=? zY}Lx$?pKmP063`qb== zXiHBz3&%1y_g`z)xwvoGS~|QVEo1klRDFLU5kJl5+yBw;A4U0vFml)NSJ`hk!^OgI zy$I6mWBGUbJ9|~_Gtd?l-wRmDu~byNSu*z*zd(#<8=(pVU==Mj@Aag%33N25F0+

    I&euoDz)D%Y@kD{6FLZRcH@S`id{ zCC?E^NKnDiXIQ{Fw4n4R`3-1>qH*DOm}zGykw3V4dVONEpwe<1^_J(I9ls4-12bzw zA6rFImxx-b7Ey^vmC)(VhiLYvEo(~YlNhD!Qap1QHjYoWT=|~Em}0!e=+>5}QI;1FW@g2Tsn}3<+}IkI}cP&x2KNw!^RHaS!%<#xpFJ$ogMP zhx8YaN^% zuKVskUBW2}06)6~0v z3g%eCh(-Gqn`=38V0y0d+w?(>^tzkuWwmJ=#5d=>okBMZWoG|PRMlAuKQP0ouhC?R z!}62H09oV}-3z+g>1AQ0$syGxm?-)!lokw>b6QY^R`Ak5)dPf!n*&9Xw01Xg8%<79 zu!w)|l*rMY{s2yN_B7x`|Iw$Lyj-9hCl8K`|58EMZ)y^tm--gh&}Y+u6@fXxniA=4 z+!*>vUo*+Xefghx%jqCj9dI5I+Uql=b5qx*s-^)%+K~gLBZvE4qLCFRS+-?aYLmgn zL-_n|ge~$w;`Cgds0acv;?^2SC;jkUPLg-);Mt0Rhai7M3HzDDGrmqso@Xx`(xOl4 za|^=)5#{lK(5ZB0)i!n7lB=u{*FY_Aws?g?G?r?5`D@+N4sN;tE&jdFj!zDsbF^`{ zx$(OFiVyLL{u)&g(an1^lJa&)bHY9BJEfDQ0AZ^J*~DC~*fYCYZ&`x443|!=LHDL7 zeFK(E-=@^($GE4>6Dw#+XjO-JHl1YS0aS?>utOabq4Fj!`GaBd{VKlqX6yOsbEsYV zKohYq+n6^Au)3a=s10JhJGkTdCQ>)5ZRTCN>mr+{J%l7`-il+VA_tzpj6{7lChx3m zXP=u+S)1QN5LjE}DuC}W!h^buv;n7GT)<+DG+y_56}RLYD5L%iU9*;@6AcoaIyq=f z2KoMEw566|5x9f)wIT?AOa8|2O?W9w{=qqp3R{r_qEWq(ADT~>21ypHk-01|SZ0ke zxb)!=H%v)OZLs_3W(sixdNFSB+1_y8}-D@C~tuAL(T!~K3avi3{ zoQ*V6U-G1H-Ex?%*5*eMvwFZp4+7&v#bmEE}!w zkXhgo==A_kqKi{K^C~I`j8~Av89O@asoTxt#&S^%|H$)J-(*{^q9jGLthW0rVS?e8 zGo9k!QjiaQv(x5y6YCd0I@Cpc`%TFtWXx6~kF&8kT8*M%B}yc`hjSzB)rx!DeVb7+i* zpBua|WO2XvqT%(Qip$-s-x07#66W}SZCmx0y}Rkbq5kn&i<6=-qJ-~v3}BO;3jEkv z*E9HZT=(Ob3#)jx1rpV2=MCxa)oi~bee}2url z{msbXtJFqM}OtXtdjmV%W14VUeY`_20`9!YQJ zWTyc7XO~nIZRmRM-ENWwN9j>31F;jzN=tcLugS~b|sWb$*HtWJa&czroVR< za@R7L%qDXvow2fe;Lf9(=uAYn$YW}24sS@$sMn^k67_MoY&M$mkU2!YDzZmxQ!_Yo zP9EJ+@JlecWi1KRwI=ahD4Jw_v2oww#9PodyJT3$sjVO()nBQYWMtv6Kj@nLxz5q| z@W7K-TQm9qFg3Tu3{ zu(oF{-;Z^w`sIsTjcl3Ej4iA31$Hj9!L?Ic*?0yyNxL&K34cdIci(OQ88XburPHIV z%AwfBA07)*&CMVJa^CdCGXM zJni@IJLx6*5tw7_YOluoid+=4Z>H5M{W0BhEHGPBU)^oWMfoMeSo$ve=cg=5wd@=2 zCvtd1^Qw1wPx%lfS}jHGPEa6~cmu$6w6+ohcA;>k8{v4lKBnd8n$3goM#;ht9A_p; z$CZm@&u(Nl>r>JEK-zWAJ_8l{kOrn87yj#` zNd{3i5<~J;T{%s5Jej=FcIZ@p{VXPML_<*|HI2HqO?Q7FZ{esAe@{6(bmu`u;w>*Jn4Z$rGN-s777#hV)Q}tM80C0&_c3?2S4)d+ zfijDYP-4=5%U_t@vr<4^Tpmr%yiHYkG!x6B>iYrTSQ z2UN+9`Ez9bzCk3BVt-NJwc1ee7vB;yjqdA}J?hT8TYcDwA+OmxFU7C4yXKqOR=r0K z8Zkx8oGlFG5c|$h8@)!W zNtq17+TGbk9vqKEGK+}%C$;1Z0S&$!?H8#`-nI%SHGR@{a~VmCx-8M#&&iU>fDGEw zjy^Raf~U2+`~`Zuy;6Wr^+NY_REriC^TAO8?Tt;d@;lkDjjmg7+|?)#%nlqrSrl(9 zQo!w%HfO>Ff#yG1MeMD?rURA=2;K3O&~=pD|1^yRi*wa%XiHmf8LG zRQI^C1$fq=O|&pkk)kA$7bM4*q514R+#e1udQ;DPtYSGrttwZQT^m!Lsia}AGqZCzy2mrbL1md5;#V{O1*#V6@Glq`{FuLDfJ;bP!IRwa~YdLMZJ?89>5|C}4hzHto|A6~<{-T)f7@J^SKBI@)rlg}8mKUR9`+FzSpf&P^d@n=iF~sIf0dh1DbjphpEIt(mjCg48Vy>}KkRmjb0WwV+*V&)aJi46F$*TUUB=*Mk;+`yQ zLK^JYhuE+SRVX7tH#*yI{27+KgdmFq@ZB||gzIOPlHcxo+- zf#;$A`KR~`1gp2l)+?_UF5Aapy?r{VvZ&S2EBMb@EOb-%-4FQK?z?P{EbaqIpJOav zyUkL&Vkx@{uSGf!0pbftBYyIm&oTH9N9chG$Il|tlRR#4o~?WmRhFf>nP~Y~CvFS~ z7vAsmv$`2_hDYDo+wEl~mz-~7o*XID>#U#TuOLqhBC=fiw8GZF2)wYK^tZ>f06^Ze(379wu&Hi7153x29E$$sIBCa*4wMsb(l$46R<)gM0IjoJA7*#IBtK(v$? z+l8FGTMop$w*G8w8Nv4>i}&?xyJCkvryy0RP_%N4ED}m5^qsINHQNc4wAjh=%S3b&`avM^*J0YD@qm?BI zxCm*1NgTM(3lt}+(zu%MG?%*etsYIBZT5gZr)QahT`q=i6tk_yBL7uX!qnx`1;uhs z&5}b<8k+*%n4fIx_gB8MORUyC=Ob$qsXXh>7HU%c_oXZt3@2ORhZ#K6D$VKI_A{O!X^$%`36kJ27;-Ah{M36NXuJf zm(Qs-@Nyc835m{Q_lT}ZLN%qadpT^~e-8N@jgA{j(&UgbnTP%k3inMf|9q&1mZuUN!reZnT`wxsZ?;I+=it`cnDkKiW;LND$y11H%Jr17--*jZ^+F=A71jCrjzU>38kO%Q?tjy^nVE)6WNdf5ktYHQ5k2&phHu@LySFyQ0i?0nD4AKzdtCxccsCf79=OPT8r%KdsaG(U(_!ykJ$&e%$`TwTnZeal+m zB9SBHP90YznS8;b&ae(2UUyr$r>TtNM^Co} zuL5fZ9naTwoeBv|(q$iBVv$B3ehtyTS0NL+CVD0XV4thO(#vHm;}QoY0a><$$S;A8 zbRrP8TQylRWX4aUZ=scJ@$dmaH8#8~jNpXV0y}K2ISUu`pDZx;N}OUL6@BqFMO5>% z!Ei_$mK^J5*>7K)mqKS83m5+CdzuezL+nE}uiowdY6XJtc?Uj{hMgc)hbMJ>i2w#= z9|i|9&fgRqT|(V=$w>M4oKp0Wm&qG10s;oHJ*b0VztL99&VD#7PNb44CI|d+~8H z;BC@}J5KSVY>#|tpPNr=u7J=(J3kjFB6BP$DX{Mc-Jp1;0o z&6R49_rM6HsY6U1+F4{(k`S@PsiaEJp&unTs)Im)iu45*Gkar+eM>^xP?s0M2#NGd z8F!Hv+V#Jov zQs4*0uH3~nl02|%lV~_c{HdsrPk07@bir<@X{g0?`{;mo9 zG4}JfA0dxRA{I{GKhuBxhh6L!m+~SdrC9ROX6h{BB4vErh$tEcR_S(qXm+O5xaK)O z&!?uA?MMu-@$4Cpep?hRsj=pt)4=#l#ByH!Q)S_~$mK%=!|_ z3V}z|c#fEYjqntW>rYkC5k`QOw+*pBX(pbUaJ4#2P3LqM(1r|y?{f|sOSyH>>aBjS zKUR{&404SOuF7j3mAh!}L!Ed>QR$AU-0zcHd(cULh~Jvl1cC<(9>Oqu5RXi=mp*i- zDbM$+49c+qB+VhKKx1tfhWbQ)Q&%n~r|@gdUG7~qi4x5VoKQ9<20k)Df0yMXKWq$) z*ixl;332Ylr#mAJuB@0dBN!$!|MU#%67)b71a(ey4kw0E`e){C zo^;g|V)culTLn6Y+gVGu#>IDoI_A z#v(N(S9<9k-ses|s86BqTXX%ken$ANj7_||ij$X>ZQq_Lkcqd`DyVX4GX&5L}vE!#Mj3^1TmL#QrZZtr6 zo`HtfF{Hzy8p+8qp3{ezmpM7om7|P|Qi25s8&eXi62nbr@Q+oUK&HrKEN9-y8M-b1 z<@ud9F6NpeDm^xEn&TFdNYZ8Ot@IUBP|s?Q?C{S zagr&9vbJTmsr~xV9E_0NQD#Z(vOOVh0c3q&6_|r(Lp^W|)wSdbKcNz(rb^Fm$ivgi zi5pF@Ez~a$Hxu_}_Di}|BgiiMI#V@wf2%HQkH`p|P0{9AN&7ETwQBsMlnC~>i1xT> zqun$yR_Ng7#^8sZWgjgcx_~S2`-wxk?Rdv>E(@1pxm_8C3{&c>(|S!D=#QbpT@ZD@ z8v+!K*Bj-GyAK|PFEnA8d&CZ zt%9^2l9w)9t8tUsFhtkVm;=?3surj&G9)NP?rEL^qK_3I`e5X4-~Z)CxtmDWL9?SV z!$NwM|3=tb9s$;JX3hLU67}=@)5)h1c2Q9_Ype{aOuR}{x`Y;G5_oe86arr~A$-3V zX5SZ4399>!j9`Sxckab0B7?d5=hi<|z2O7VIvf@e%}whnn(}~-r2uNblcuaBY?g0E zN4%olRPcG~~!L`6Ow=P@Y zyy^?=8pEeX=G1(>l{&kw}!dWxEsM{Qd z-!HSLTL!Kte+TipAl)tps`<87@GEgkl>Ek+el$+?`)uheb5gt$osEeW7^`LZ%?tT> zA~xKxK{dA{*28gupgoxh;^Pj2Yi{$UZ_^kNr+pDAjsB5z7+5FJ{evo9<52`@3kbsv z#_qc9CYCTSL+x`Hpix>6JpI}`sKy(^)n{F*%jng!~lvAS_dvnn`e z27>dhfV8VoRJWt$~ zKS${%p3bQ@9*2B=v2!LT>p}`_%Sw~B`5rI3$642@5)sT^h&er0G|EaM*q&Rc#|YYg zqZ^jpAmehEINLA1wANnvwCZ?`3;8cMC0*xin8`7(=!!7a=4^{b22@m2>=fURG z%P7l4Vq=)(PA@Fz*1N(#$ysa`GnYxdMxIz|2}$>Z(hZ8Oar+)iZ&CFzdRE}PW+|~7 zPV!B>q=yd-kGnqWS`O;?HnXvz(45FTO2fV#6^p{)<_?O|oaMRT^`V?pYr~wn5kq_! zR-fe+JoSEHlCAR%0_jW6484n`nd{ms=6+|vg6~F4ota|c&CkEM*}n2|gEo5t875qE zh+xp}ZcIy^tAOQi?RU_dKZnu_3%Dg!y=-BrKD^E+GS_~Jk!iL|$;RZA zocbr?h>w>+ztPP2rY8Ww<3E--jPbbdk_?wMH9l%jNp zhI@OuP7%tB9=%~)*OCg1B1(_U3LKcDB-pZ{^Zgk~<@pN>37OeH=)FfUF`rB%>~^rX zW*W_8b?6MfelG}we%F`&hd^;1nTGqJ${ll)udrH?Lyj)wN#=Yt}Gb61Ru?Zzr(s_ z%d&mi+7vubfF%r)j5Wj$7_WR+BOl2PAJx2ni|yS@Og&z;H<)iwhs$R;5jtLOv=-q28;;4PP*9){(c zu6sVf#Ndy<((p`$!%JY#l@h)>P+SVbpImZfkM!t(xy&JcV{giUzTgd)JYRsks+Gc^ zJpfe^e3Azw3SIJ!oNY~MLu*B8_yBkf{AKyiaOpN8R5JnmnHJe${PrC+S7XLXJr*Mg zmgy&F4T2LnX8tBjdEnmW=M>LosVMuz+nnA6Nz!v92c)6OfeFGAeph)m{8}fcQ>}fs zWt|5Q(K_hS`3@+~?*Z*+OkwUKQ_9cpYpg2zeYK_Ny%a^S)C5KxTSM|WA%eiq}5qxnnHWndoNxWcSqFe$*(OkV=KMav|Fl>_`*HxN$RLR_b+f_Mw@>3^F45!svsRf%)33 zfsY{we0jL|rc4X!tH8HVjF_&O;3lg;n;8qP4g$`k=xaW4Ps=BuuO;_#oDf1Cbq+}w zj2wf3!`E)My$s>C>`3=0XR1y+PFr1wj6id>us(pIraO zE8C2;&D&o|z4EB$LCE+EsDtIbZQGK&?M_0y8k&u4hsv>?=OQ)$=8&}5U`JMFM-cy; zPtQ7dO7+HcZ9q)2LGED;Wvg|(;}aYCukYyzQ40t0$t&Ft!-9-0-GR1FqKEvAL#jyxtaG>>Ujmie z=W#hD!DyW_J#ez{?*_fmff%9%KyIQHWvUsg8k>O5+Oy7aGX>55vzO9_+k>Sjno}Jc>s-dAM0%sApx&kYIkV%R**u;wm7Kc`2ssue2bLNDMd(Xfg>gQ1 zxi%}6{qwQswYvP6#BQ$uuGc{- z@Y-B*+q1HTciWAgZpS74N4GE^Bedx+^xbh27@WAGi~tJEFLalHvXfU&#)|E~zC~r0hMJ+o`K>?cx|2NdWRT7aG1y@XOGoVK3CIIqg?-$^KT3we0tY>urm-Er>=H z(72b$am(KOQ4Ps*-2O4|cGO}D6>^-x4p~DhOESzRd@_5unyM~_*!wjm8t8jbnj2Tb zw#nrW>vtjuc(#iq#R$4rpy-%7&II2i;(bdUu=9P=diX`^-la%ez_s(```o!r$rY)4 zCLFo6cq|2q4>9&1SbKH>e~v1lxq=Mr{sXRiD4vfWH5WZ&gT_vhSu1bn1GE zv}HveQKKuG340JJI-JCh$RPmK7hC*#$JsXi8Jw`usgGAGz(NmMxOj`~pyHdv6D3kqHS0S3myfBxS&uI$alHaog%xi^9KziBl98BP9|cjw-k{-2rjBedTwfp2n&PyLgy Q#XI~XC#@`1Az>2yKZ`RS5&!@I From 92dd269296098e288c35837e66dc9c577a388c70 Mon Sep 17 00:00:00 2001 From: Sriraman M S <45987684+msbemba@users.noreply.github.com> Date: Tue, 8 Nov 2022 22:35:58 +0530 Subject: [PATCH 015/129] Update windows/deployment/update/servicing-stack-updates.md Co-authored-by: JohanFreelancer9 <48568725+JohanFreelancer9@users.noreply.github.com> --- windows/deployment/update/servicing-stack-updates.md | 1 - 1 file changed, 1 deletion(-) diff --git a/windows/deployment/update/servicing-stack-updates.md b/windows/deployment/update/servicing-stack-updates.md index 7a2066d26d..1321e36c9b 100644 --- a/windows/deployment/update/servicing-stack-updates.md +++ b/windows/deployment/update/servicing-stack-updates.md @@ -44,7 +44,6 @@ Servicing stack updates improve the reliability of the update process to mitigat Beginning with the February 2021 LCU, microsoft will publish all future cumulative updates and SSUs for Windows 10, version 2004 and above together as one cumulative monthly update to the normal release category in WSUS. - ## Is there any special guidance? Microsoft recommends you install the latest servicing stack updates for your operating system before installing the latest cumulative update. From 3858cd850df9775104f611f5683d5deeba0aa8af Mon Sep 17 00:00:00 2001 From: Frank Rojas <45807133+frankroj@users.noreply.github.com> Date: Tue, 8 Nov 2022 14:38:03 -0500 Subject: [PATCH 016/129] Metadata/style update BitLocker 3 --- .../bitlocker/bitlocker-countermeasures.md | 125 ++++++++---------- ...cker-deployment-and-administration-faq.yml | 21 ++- .../bitlocker-deployment-comparison.md | 72 +++++----- ...r-device-encryption-overview-windows-10.md | 117 +++++++++------- .../bitlocker-frequently-asked-questions.yml | 2 +- .../bitlocker/ts-bitlocker-intune-issues.md | 2 +- 6 files changed, 174 insertions(+), 165 deletions(-) diff --git a/windows/security/information-protection/bitlocker/bitlocker-countermeasures.md b/windows/security/information-protection/bitlocker/bitlocker-countermeasures.md index c7cbcf0fae..d43f39faf7 100644 --- a/windows/security/information-protection/bitlocker/bitlocker-countermeasures.md +++ b/windows/security/information-protection/bitlocker/bitlocker-countermeasures.md @@ -1,6 +1,6 @@ --- title: BitLocker Countermeasures (Windows 10) -description: Windows uses technologies including TPM, Secure Boot, Trusted Boot, and Early Launch Antimalware (ELAM) to protect against attacks on the BitLocker encryption key. +description: Windows uses technologies including TPM, Secure Boot, Trusted Boot, and Early Launch Anti-malware (ELAM) to protect against attacks on the BitLocker encryption key. ms.reviewer: ms.prod: windows-client ms.localizationpriority: medium @@ -16,22 +16,16 @@ ms.custom: bitlocker # BitLocker Countermeasures -**Applies to** +(*Applies to: Windows 10, Windows 11, Windows Server 2016 and above*) -- Windows 10 -- Windows 11 -- Windows Server 2016 and above - -Windows uses technologies including trusted platform module (TPM), secure boot, and measured boot to help protect BitLocker encryption keys against attacks. -BitLocker is part of a strategic approach to securing data against offline attacks through encryption technology. -Data on a lost or stolen computer is vulnerable. -For example, there could be unauthorized access, either by running a software attack tool against the computer or by transferring the computer's hard disk to a different computer. +Windows uses technologies including trusted platform module (TPM), secure boot, and measured boot to help protect BitLocker encryption keys against attacks. BitLocker is part of a strategic approach to securing data against offline attacks through encryption technology. Data on a lost or stolen computer is vulnerable. For example, there could be unauthorized access, either by running a software attack tool against the computer or by transferring the computer's hard disk to a different computer. BitLocker helps mitigate unauthorized data access on lost or stolen computers before the authorized operating system is started. This mitigation is done by: - **Encrypting volumes on your computer.** For example, you can turn on BitLocker for your operating system volume, or a volume on a fixed or removable data drive (such as a USB flash drive, SD card, and so on). Turning on BitLocker for your operating system volume encrypts all system files on the volume, including the paging files and hibernation files. The only exception is for the System partition, which includes the Windows Boot Manager and minimal boot collateral required for decryption of the operating system volume after the key is unsealed. -- **Ensuring the integrity of early boot components and boot configuration data.** On devices that have a TPM version 1.2 or higher, BitLocker uses the enhanced security capabilities of the TPM to make data accessible only if the computer's BIOS firmware code and configuration, original boot sequence, boot components, and BCD configuration all appear unaltered and the encrypted disk is located in the original computer. On systems that leverage TPM PCR[7], BCD setting changes deemed safe are permitted to improve usability. - + +- **Ensuring the integrity of early boot components and boot configuration data.** On devices that have a TPM version 1.2 or higher, BitLocker uses the enhanced security capabilities of the TPM to make data accessible only if the computer's BIOS firmware code and configuration, original boot sequence, boot components, and BCD configuration all appear unaltered and the encrypted disk is located in the original computer. On systems that use TPM PCR[7], BCD setting changes deemed safe are permitted to improve usability. + The next sections provide more details about how Windows protects against various attacks on the BitLocker encryption keys in Windows 11, Windows 10, Windows 8.1, and Windows 8. For more information about how to enable the best overall security configuration for devices beginning with Windows 10 version 1803 or Windows 11, see [Standards for a highly secure Windows device](/windows-hardware/design/device-experiences/oem-highly-secure). @@ -42,24 +36,19 @@ Before Windows starts, you must rely on security features implemented as part of ### Trusted Platform Module -A trusted platform module (TPM) is a microchip designed to provide basic security-related functions, primarily involving encryption keys. -On some platforms, TPM can alternatively be implemented as a part of secure firmware. -BitLocker binds encryption keys with the TPM to ensure that a computer hasn't been tampered with while the system was offline. -For more info about TPM, see [Trusted Platform Module](/windows/device-security/tpm/trusted-platform-module-overview). +A trusted platform module (TPM) is a microchip designed to provide basic security-related functions, primarily involving encryption keys. On some platforms, TPM can alternatively be implemented as a part of secure firmware. BitLocker binds encryption keys with the TPM to ensure that a computer hasn't been tampered with while the system was offline. For more info about TPM, see [Trusted Platform Module](/windows/device-security/tpm/trusted-platform-module-overview). ### UEFI and secure boot -Unified Extensible Firmware Interface (UEFI) is a programmable boot environment that initializes devices and starts the operating system's bootloader. +Unified Extensible Firmware Interface (UEFI) is a programmable boot environment that initializes devices and starts the operating system's bootloader. -The UEFI specification defines a firmware execution authentication process called [Secure Boot](../secure-the-windows-10-boot-process.md). -Secure Boot blocks untrusted firmware and bootloaders (signed or unsigned) from being able to start on the system. +The UEFI specification defines a firmware execution authentication process called [Secure Boot](../secure-the-windows-10-boot-process.md). Secure Boot blocks untrusted firmware and bootloaders (signed or unsigned) from being able to start on the system. -By default, BitLocker provides integrity protection for Secure Boot by utilizing the TPM PCR[7] measurement. -An unauthorized EFI firmware, EFI boot application, or bootloader can't run and acquire the BitLocker key. +By default, BitLocker provides integrity protection for Secure Boot by utilizing the TPM PCR[7] measurement. An unauthorized EFI firmware, EFI boot application, or bootloader can't run and acquire the BitLocker key. ### BitLocker and reset attacks -To defend against malicious reset attacks, BitLocker leverages the TCG Reset Attack Mitigation, also known as MOR bit (Memory Overwrite Request), before extracting keys into memory. +To defend against malicious reset attacks, BitLocker uses the TCG Reset Attack Mitigation, also known as MOR bit (Memory Overwrite Request), before extracting keys into memory. >[!NOTE] >This does not protect against physical attacks where an attacker opens the case and attacks the hardware. @@ -70,89 +59,82 @@ The next sections cover pre-boot authentication and DMA policies that can provid ### Pre-boot authentication -Pre-boot authentication with BitLocker is a policy setting that requires the use of either user input, such as a PIN, a startup key, or both to authenticate prior to making the contents of the system drive accessible. -The Group Policy setting is [Require additional authentication at startup](./bitlocker-group-policy-settings.md) and the corresponding setting in the [BitLocker CSP](/windows/client-management/mdm/bitlocker-csp) is SystemDrivesRequireStartupAuthentication. +Pre-boot authentication with BitLocker is a policy setting that requires the use of either user input, such as a PIN, a startup key, or both to authenticate prior to making the contents of the system drive accessible. The Group Policy setting is [Require additional authentication at startup](./bitlocker-group-policy-settings.md) and the corresponding setting in the [BitLocker CSP](/windows/client-management/mdm/bitlocker-csp) is SystemDrivesRequireStartupAuthentication. -BitLocker accesses and stores the encryption keys in memory only after pre-boot authentication is completed. -If Windows can't access the encryption keys, the device can't read or edit the files on the system drive. The only option for bypassing pre-boot authentication is entering the recovery key. +BitLocker accesses and stores the encryption keys in memory only after pre-boot authentication is completed. If Windows can't access the encryption keys, the device can't read or edit the files on the system drive. The only option for bypassing pre-boot authentication is entering the recovery key. -Pre-boot authentication is designed to prevent the encryption keys from being loaded to system memory without the trusted user supplying another authentication factor such as a PIN or startup key. -This helps mitigate DMA and memory remanence attacks. +Pre-boot authentication is designed to prevent the encryption keys from being loaded to system memory without the trusted user supplying another authentication factor such as a PIN or startup key. This feature helps mitigate DMA and memory remanence attacks. On computers with a compatible TPM, operating system drives that are BitLocker-protected can be unlocked in four ways: - **TPM-only.** Using TPM-only validation doesn't require any interaction with the user to unlock and provide access to the drive. If the TPM validation succeeds, the user sign-in experience is the same as a standard sign-in. If the TPM is missing or changed or if BitLocker detects changes to the BIOS or UEFI code or configuration, critical operating system startup files, or the boot configuration, BitLocker enters recovery mode, and the user must enter a recovery password to regain access to the data. This option is more convenient for sign-in but less secure than the other options, which require an additional authentication factor. + - **TPM with startup key.** In addition to the protection that the TPM-only provides, part of the encryption key is stored on a USB flash drive, referred to as a startup key. Data on the encrypted volume can't be accessed without the startup key. + - **TPM with PIN.** In addition to the protection that the TPM provides, BitLocker requires that the user enters a PIN. Data on the encrypted volume can't be accessed without entering the PIN. TPMs also have [anti-hammering protection](/windows/security/hardware-protection/tpm/tpm-fundamentals#anti-hammering) that is designed to prevent brute force attacks that attempt to determine the PIN. + - **TPM with startup key and PIN.** In addition to the core component protection that the TPM-only provides, part of the encryption key is stored on a USB flash drive, and a PIN is required to authenticate the user to the TPM. This configuration provides multifactor authentication so that if the USB key is lost or stolen, it can't be used for access to the drive, because the correct PIN is also required. In the following group policy example, TPM + PIN is required to unlock an operating system drive: ![Pre-boot authentication setting in Group Policy.](images/pre-boot-authentication-group-policy.png) -Pre-boot authentication with a PIN can mitigate an attack vector for devices that use a bootable eDrive because an exposed eDrive bus can allow an attacker to capture the BitLocker encryption key during startup. -Pre-boot authentication with a PIN can also mitigate DMA port attacks during the window of time between when BitLocker unlocks the drive and Windows boots to the point that Windows can set any port-related policies that have been configured. +Pre-boot authentication with a PIN can mitigate an attack vector for devices that use a bootable eDrive because an exposed eDrive bus can allow an attacker to capture the BitLocker encryption key during startup. Pre-boot authentication with a PIN can also mitigate DMA port attacks during the window of time between when BitLocker unlocks the drive and Windows boots to the point that Windows can set any port-related policies that have been configured. -On the other hand, Pre-boot authentication-prompts can be inconvenient to users. -In addition, users who forget their PIN or lose their startup key are denied access to their data until they can contact their organization's support team to obtain a recovery key. -Pre-boot authentication can also make it more difficult to update unattended desktops and remotely administered servers because a PIN needs to be entered when a computer reboots or resumes from hibernation. +On the other hand, Pre-boot authentication-prompts can be inconvenient to users. In addition, users who forget their PIN or lose their startup key are denied access to their data until they can contact their organization's support team to obtain a recovery key. Pre-boot authentication can also make it more difficult to update unattended desktops and remotely administered servers because a PIN needs to be entered when a computer reboots or resumes from hibernation. -To address these issues, you can deploy [BitLocker Network Unlock](./bitlocker-how-to-enable-network-unlock.md). -Network Unlock allows systems within the physical enterprise security perimeter that meet the hardware requirements and have BitLocker enabled with TPM+PIN to boot into Windows without user intervention. -It requires direct ethernet connectivity to an enterprise Windows Deployment Services (WDS) server. +To address these issues, you can deploy [BitLocker Network Unlock](./bitlocker-how-to-enable-network-unlock.md). Network Unlock allows systems within the physical enterprise security perimeter that meet the hardware requirements and have BitLocker enabled with TPM+PIN to boot into Windows without user intervention. It requires direct ethernet connectivity to an enterprise Windows Deployment Services (WDS) server. ### Protecting Thunderbolt and other DMA ports -There are a few different options to protect DMA ports, such as Thunderbolt™3. -Beginning with Windows 10 version 1803 or Windows 11, new Intel-based devices have kernel protection against DMA attacks via Thunderbolt™ 3 ports enabled by default. -This Kernel DMA Protection is available only for new systems beginning with Windows 10 version 1803 or Windows 11, as it requires changes in the system firmware and/or BIOS. +There are a few different options to protect DMA ports, such as Thunderbolt™3. Beginning with Windows 10 version 1803 or Windows 11, new Intel-based devices have kernel protection against DMA attacks via Thunderbolt™ 3 ports enabled by default. This Kernel DMA Protection is available only for new systems beginning with Windows 10 version 1803 or Windows 11, as it requires changes in the system firmware and/or BIOS. -You can use the System Information desktop app (MSINFO32) to check if a device has kernel DMA protection enabled: +You can use the System Information desktop app `MSINFO32.exe` to check if a device has kernel DMA protection enabled: ![Kernel DMA protection.](images/kernel-dma-protection.png) -If kernel DMA protection is *not* enabled, follow these steps to protect Thunderbolt™ 3-enabled ports: +If kernel DMA protection isn't* enabled, follow these steps to protect Thunderbolt™ 3 enabled ports: + +1. Require a password for BIOS changes -1. Require a password for BIOS changes 2. Intel Thunderbolt Security must be set to User Authorization in BIOS settings. Refer to [Intel Thunderbolt™ 3 and Security on Microsoft Windows® 10 Operating System documentation](https://thunderbolttechnology.net/security/Thunderbolt%203%20and%20Security.pdf) + 3. Additional DMA security may be added by deploying policy (beginning with Windows 10 version 1607 or Windows 11): - - MDM: [DataProtection/AllowDirectMemoryAccess](/windows/client-management/mdm/policy-csp-dataprotection#dataprotection-allowdirectmemoryaccess) policy + - MDM: [DataProtection/AllowDirectMemoryAccess](/windows/client-management/mdm/policy-csp-dataprotection#dataprotection-allowdirectmemoryaccess) policy + - Group Policy: [Disable new DMA devices when this computer is locked](./bitlocker-group-policy-settings.md#disable-new-dma-devices-when-this-computer-is-locked) (This setting isn't configured by default.) -For Thunderbolt v1 and v2 (DisplayPort Connector), refer to the "Thunderbolt Mitigation" section in [KB 2516445](https://support.microsoft.com/help/2516445/blocking-the-sbp-2-driver-and-thunderbolt-controllers-to-reduce-1394-d). -For SBP-2 and 1394 (a.k.a. Firewire), refer to the "SBP-2 Mitigation" section in [KB 2516445](https://support.microsoft.com/help/2516445/blocking-the-sbp-2-driver-and-thunderbolt-controllers-to-reduce-1394-d). - +For Thunderbolt v1 and v2 (DisplayPort Connector), refer to the **Thunderbolt Mitigation** section in [Blocking the SBP-2 driver and Thunderbolt controllers to reduce 1394 DMA and Thunderbolt DMA threats to BitLocker](https://support.microsoft.com/help/2516445/blocking-the-sbp-2-driver-and-thunderbolt-controllers-to-reduce-1394-d). For SBP-2 and 1394 (also known as Firewire), refer to the **SBP-2 Mitigation** section in [Blocking the SBP-2 driver and Thunderbolt controllers to reduce 1394 DMA and Thunderbolt DMA threats to BitLocker](https://support.microsoft.com/help/2516445/blocking-the-sbp-2-driver-and-thunderbolt-controllers-to-reduce-1394-d). + ## Attack countermeasures This section covers countermeasures for specific types of attacks. ### Bootkits and rootkits -A physically present attacker might attempt to install a bootkit or rootkit-like piece of software into the boot chain in an attempt to steal the BitLocker keys. -The TPM should observe this installation via PCR measurements, and the BitLocker key won't be released. +A physically present attacker might attempt to install a bootkit or rootkit-like piece of software into the boot chain in an attempt to steal the BitLocker keys. The TPM should observe this installation via PCR measurements, and the BitLocker key won't be released. -This is the default configuration. +> [!NOTE] +> BitLocker protects against this attack by default. -A BIOS password is recommended for defense-in-depth in case a BIOS exposes settings that may weaken the BitLocker security promise. -Intel Boot Guard and AMD Hardware Verified Boot support stronger implementations of Secure Boot that provide additional resilience against malware and physical attacks. -Intel Boot Guard and AMD Hardware Verified Boot are part of platform boot verification [standards for a highly secure Windows device](/windows-hardware/design/device-experiences/oem-highly-secure). +A BIOS password is recommended for defense-in-depth in case a BIOS exposes settings that may weaken the BitLocker security promise. Intel Boot Guard and AMD Hardware Verified Boot support stronger implementations of Secure Boot that provide additional resilience against malware and physical attacks. Intel Boot Guard and AMD Hardware Verified Boot are part of platform boot verification [standards for a highly secure Windows device](/windows-hardware/design/device-experiences/oem-highly-secure). ### Brute force attacks against a PIN -Require TPM + PIN for anti-hammering protection. + +Require TPM + PIN for anti-hammering protection. ### DMA attacks See [Protecting Thunderbolt and other DMA ports](#protecting-thunderbolt-and-other-dma-ports) earlier in this article. ### Paging file, crash dump, and Hyberfil.sys attacks -These files are secured on an encrypted volume by default when BitLocker is enabled on OS drives. -It also blocks automatic or manual attempts to move the paging file. + +These files are secured on an encrypted volume by default when BitLocker is enabled on OS drives. It also blocks automatic or manual attempts to move the paging file. ### Memory remanence -Enable secure boot and mandatorily prompt a password to change BIOS settings. -For customers requiring protection against these advanced attacks, configure a TPM+PIN protector, disable Standby power management, and shut down or hibernate the device before it leaves the control of an authorized user. +Enable secure boot and mandatorily prompt a password to change BIOS settings. For customers requiring protection against these advanced attacks, configure a TPM+PIN protector, disable Standby power management, and shut down or hibernate the device before it leaves the control of an authorized user. ## Attacker countermeasures @@ -160,12 +142,12 @@ The following sections cover mitigations for different types of attackers. ### Attacker without much skill or with limited physical access -Physical access may be limited by a form factor that doesn't expose buses and memory. -For example, there are no external DMA-capable ports, no exposed screws to open the chassis, and memory is soldered to the mainboard. +Physical access may be limited by a form factor that doesn't expose buses and memory. For example, there are no external DMA-capable ports, no exposed screws to open the chassis, and memory is soldered to the mainboard. -This attacker of opportunity doesn't use destructive methods or sophisticated forensics hardware/software. +This attacker of opportunity doesn't use destructive methods or sophisticated forensics hardware/software. + +Mitigation: -Mitigation: - Pre-boot authentication set to TPM only (the default) ### Attacker with skill and lengthy physical access @@ -173,27 +155,32 @@ Mitigation: Targeted attack with plenty of time; this attacker will open the case, will solder, and will use sophisticated hardware or software. Mitigation: + - Pre-boot authentication set to TPM with a PIN protector (with a sophisticated alphanumeric PIN [enhanced pin] to help the TPM anti-hammering mitigation). -And- -- Disable Standby power management and shut down or hibernate the device before it leaves the control of an authorized user. This can be set using Group Policy: +- Disable Standby power management and shut down or hibernate the device before it leaves the control of an authorized user. This configuration can be set using the following Group Policy: - - Computer Configuration|Policies|Administrative Templates|Windows Components|File Explorer|Show hibernate in the power options menu - - Computer Configuration|Policies|Administrative Templates|System|Power Management|Sleep Settings|Allow standby states (S1-S3) when sleeping (plugged in) - - Computer Configuration|Policies|Administrative Templates|System|Power Management|Sleep Settings|Allow standby states (S1-S3) when sleeping (on battery) + - *Computer Configuration* > *Policies* > *Administrative Templates* > *Windows Components* > *File Explorer* > **Show hibernate in the power options menu** -These settings are **Not configured** by default. + - *Computer Configuration* > *Policies* > *Administrative Templates* > *Power Management* > *Sleep Settings* > **Allow standby states (S1-S3) when sleeping (plugged in)** + + - *Computer Configuration* > *Policies* > *Administrative Templates* > *Power Management* > *Sleep Settings* > **Allow standby states (S1-S3) when sleeping (on battery)** + +> [!IMPORTANT] +> These settings are **not configured** by default. For some systems, bypassing TPM-only may require opening the case, and may require soldering, but could possibly be done for a reasonable cost. Bypassing a TPM with a PIN protector would cost much more, and require brute forcing the PIN. With a sophisticated enhanced PIN, it could be nearly impossible. The Group Policy setting for [enhanced PIN](./bitlocker-group-policy-settings.md) is: -Computer Configuration|Administrative Templates|Windows Components|BitLocker Drive Encryption|Operating System Drives|Allow enhanced PINs for startup +- *Computer Configuration* > *Policies* > *Administrative Templates* > *Windows Components* > *BitLocker Drive Encryption* > *Operating System Drives* > **Allow enhanced PINs for startup** -This setting is **Not configured** by default. +> [!IMPORTANT] +> This setting is **not configured** by default. For secure administrative workstations, Microsoft recommends a TPM with PIN protector and to disable Standby power management and shut down or hibernate the device. -## See also +## Related articles - [Blocking the SBP-2 driver and Thunderbolt controllers to reduce 1394 DMA and Thunderbolt DMA threats to BitLocker](https://support.microsoft.com/help/2516445/blocking-the-sbp-2-driver-and-thunderbolt-controllers-to-reduce-1394-d) - [BitLocker Group Policy settings](./bitlocker-group-policy-settings.md) diff --git a/windows/security/information-protection/bitlocker/bitlocker-deployment-and-administration-faq.yml b/windows/security/information-protection/bitlocker/bitlocker-deployment-and-administration-faq.yml index 9f5ff90f06..7f0540cc73 100644 --- a/windows/security/information-protection/bitlocker/bitlocker-deployment-and-administration-faq.yml +++ b/windows/security/information-protection/bitlocker/bitlocker-deployment-and-administration-faq.yml @@ -19,8 +19,7 @@ metadata: ms.custom: bitlocker title: BitLocker frequently asked questions (FAQ) summary: | - **Applies to** - - Windows 10 + (*Applies to: Windows 10, Windows 11*) sections: @@ -38,20 +37,20 @@ sections: - question: How long will initial encryption take when BitLocker is turned on? answer: | - Although BitLocker encryption occurs in the background while you continue to work, and the system remains usable, encryption times vary depending on the type of drive that is being encrypted, the size of the drive, and the speed of the drive. If you are encrypting large drives, you may want to set encryption to occur during times when you will not be using the drive. + Although BitLocker encryption occurs in the background while you continue to work, and the system remains usable, encryption times vary depending on the type of drive that is being encrypted, the size of the drive, and the speed of the drive. If you're encrypting large drives, you may want to set encryption to occur during times when you won't be using the drive. You can also choose whether or not BitLocker should encrypt the entire drive or just the used space on the drive when you turn on BitLocker. On a new hard drive, encrypting just the used spaced can be considerably faster than encrypting the entire drive. When this encryption option is selected, BitLocker automatically encrypts data as it is saved, ensuring that no data is stored unencrypted. - question: What happens if the computer is turned off during encryption or decryption? - answer: If the computer is turned off or goes into hibernation, the BitLocker encryption and decryption process will resume where it stopped the next time Windows starts. This is true even if the power is suddenly unavailable. + answer: If the computer is turned off or goes into hibernation, the BitLocker encryption and decryption process will resume where it stopped the next time Windows starts. BitLocker resuming encryption or decryption is true even if the power is suddenly unavailable. - question: Does BitLocker encrypt and decrypt the entire drive all at once when reading and writing data? - answer: No, BitLocker does not encrypt and decrypt the entire drive when reading and writing data. The encrypted sectors in the BitLocker-protected drive are decrypted only as they are requested from system read operations. Blocks that are written to the drive are encrypted before the system writes them to the physical disk. No unencrypted data is ever stored on a BitLocker-protected drive. + answer: No, BitLocker doesn't encrypt and decrypt the entire drive when reading and writing data. The encrypted sectors in the BitLocker-protected drive are decrypted only as they're requested from system read operations. Blocks that are written to the drive are encrypted before the system writes them to the physical disk. No unencrypted data is ever stored on a BitLocker-protected drive. - question: How can I prevent users on a network from storing data on an unencrypted drive? answer: | You can configure Group Policy settings to require that data drives be BitLocker-protected before a BitLocker-protected computer can write data to them. For more info, see [BitLocker Group Policy settings](bitlocker-group-policy-settings.md). - When these policy settings are enabled, the BitLocker-protected operating system will mount any data drives that are not protected by BitLocker as read-only. + When these policy settings are enabled, the BitLocker-protected operating system will mount any data drives that aren't protected by BitLocker as read-only. - question: What is Used Disk Space Only encryption? answer: | @@ -77,19 +76,19 @@ sections: - Removing, inserting, or completely depleting the charge on a smart battery on a portable computer. In BitLocker, recovery consists of decrypting a copy of the volume master key using either a recovery key stored on a USB flash drive or a cryptographic key derived from a recovery password. - The TPM is not involved in any recovery scenarios, so recovery is still possible if the TPM fails boot component validation, malfunctions, or is removed. + The TPM isn't involved in any recovery scenarios, so recovery is still possible if the TPM fails boot component validation, malfunctions, or is removed. - question: What can prevent BitLocker from binding to PCR 7? - answer: BitLocker can be prevented from binding to PCR 7 if a non-Windows OS booted prior to Windows, or if Secure Boot is not available to the device, either because it has been disabled or the hardware does not support it. + answer: BitLocker can be prevented from binding to PCR 7 if a non-Windows OS booted prior to Windows, or if Secure Boot isn't available to the device, either because it has been disabled or the hardware doesn't support it. - question: Can I swap hard disks on the same computer if BitLocker is enabled on the operating system drive? answer: Yes, you can swap multiple hard disks on the same computer if BitLocker is enabled, but only if the hard disks were BitLocker-protected on the same computer. The BitLocker keys are unique to the TPM and operating system drive. So if you want to prepare a backup operating system or data drive in case a disk fails, make sure that they were matched with the correct TPM. You can also configure different hard drives for different operating systems and then enable BitLocker on each one with different authentication methods (such as one with TPM-only and one with TPM+PIN) without any conflicts. - question: Can I access my BitLocker-protected drive if I insert the hard disk into a different computer? - answer: Yes, if the drive is a data drive, you can unlock it from the **BitLocker Drive Encryption** Control Panel item just as you would any other data drive by using a password or smart card. If the data drive was configured for automatic unlock only, you will have to unlock it by using the recovery key. The encrypted hard disk can be unlocked by a data recovery agent (if one was configured) or it can be unlocked by using the recovery key. + answer: Yes, if the drive is a data drive, you can unlock it from the **BitLocker Drive Encryption** Control Panel item just as you would any other data drive by using a password or smart card. If the data drive was configured for automatic unlock only, you'll have to unlock it by using the recovery key. The encrypted hard disk can be unlocked by a data recovery agent (if one was configured) or it can be unlocked by using the recovery key. - - question: Why is "Turn BitLocker on" not available when I right-click a drive? - answer: Some drives cannot be encrypted with BitLocker. Reasons a drive cannot be encrypted include insufficient disk size, an incompatible file system, if the drive is a dynamic disk, or a drive is designated as the system partition. By default, the system drive (or system partition) is hidden from display. However, if it is not created as a hidden drive when the operating system was installed due to a custom installation process, that drive might be displayed but cannot be encrypted. + - question: Why is **Turn BitLocker on** not available when I right-click a drive? + answer: Some drives can't be encrypted with BitLocker. Reasons a drive can't be encrypted include insufficient disk size, an incompatible file system, if the drive is a dynamic disk, or a drive is designated as the system partition. By default, the system drive (or system partition) is hidden from display. However, if it isn't created as a hidden drive when the operating system was installed due to a custom installation process, that drive might be displayed but can't be encrypted. - question: What type of disk configurations are supported by BitLocker? answer: Any number of internal, fixed data drives can be protected with BitLocker. On some versions ATA and SATA-based, direct-attached storage devices are also supported. diff --git a/windows/security/information-protection/bitlocker/bitlocker-deployment-comparison.md b/windows/security/information-protection/bitlocker/bitlocker-deployment-comparison.md index a29f3f9d69..5599dc5846 100644 --- a/windows/security/information-protection/bitlocker/bitlocker-deployment-comparison.md +++ b/windows/security/information-protection/bitlocker/bitlocker-deployment-comparison.md @@ -14,11 +14,7 @@ ms.custom: bitlocker # BitLocker deployment comparison -**Applies to** - -- Windows 10 -- Windows 11 -- Windows Server 2016 and above +(*Applies to: Windows 10, Windows 11, Windows Server 2016 and above*) This article depicts the BitLocker deployment comparison chart. @@ -26,37 +22,37 @@ This article depicts the BitLocker deployment comparison chart. | Requirements |Microsoft Intune |Microsoft Configuration Manager |Microsoft BitLocker Administration and Monitoring (MBAM) | |---------|---------|---------|---------| -|Minimum client operating system version |Windows 11 and Windows 10 | Windows 11, Windows 10, and Windows 8.1 | Windows 7, Windows 8, Windows 8.1, Windows 10, Windows 10 IoT, and Windows 11 | -|Supported Windows SKUs | Enterprise, Pro, Education | Enterprise, Pro, Education | Enterprise | -|Minimum Windows version |1909 | None | None | -|Supported domain-joined status | Microsoft Azure Active Directory (Azure AD) joined, hybrid Azure AD joined | Active Directory-joined, hybrid Azure AD joined | Active Directory-joined | -|Permissions required to manage policies | Endpoint security manager or custom | Full administrator or custom | Domain Admin or Delegated GPO access | -|Cloud or on premises | Cloud | On premises | On premises | +|*Minimum client operating system version* |Windows 11 and Windows 10 | Windows 11, Windows 10, and Windows 8.1 | Windows 7, Windows 8, Windows 8.1, Windows 10, Windows 10 IoT, and Windows 11 | +|*Supported Windows SKUs* | Enterprise, Pro, Education | Enterprise, Pro, Education | Enterprise | +|*Minimum Windows version* |1909 | None | None | +|*Supported domain-joined status* | Microsoft Azure Active Directory (Azure AD) joined, hybrid Azure AD joined | Active Directory-joined, hybrid Azure AD joined | Active Directory-joined | +|*Permissions required to manage policies* | Endpoint security manager or custom | Full administrator or custom | Domain Admin or Delegated GPO access | +|*Cloud or on premises* | Cloud | On premises | On premises | |Server components required? | | :::image type="content" source="images/yes-icon.png" alt-text="supported."::: | :::image type="content" source="images/yes-icon.png" alt-text="supported."::: | -|Additional agent required? | No (device enrollment only) | Configuration Manager client | MBAM client | -|Administrative plane | Microsoft Endpoint Manager admin center | Configuration Manager console | Group Policy Management Console and MBAM sites | -|Administrative portal installation required | | :::image type="content" source="images/yes-icon.png" alt-text="supported."::: | :::image type="content" source="images/yes-icon.png" alt-text="supported."::: | -|Compliance reporting capabilities | :::image type="content" source="images/yes-icon.png" alt-text="supported."::: | :::image type="content" source="images/yes-icon.png" alt-text="supported."::: | :::image type="content" source="images/yes-icon.png" alt-text="supported."::: | -|Force encryption | :::image type="content" source="images/yes-icon.png" alt-text="supported."::: | :::image type="content" source="images/yes-icon.png" alt-text="supported."::: | :::image type="content" source="images/yes-icon.png" alt-text="supported."::: | -|Encryption for storage cards (mobile) | :::image type="content" source="images/yes-icon.png" alt-text="supported."::: | :::image type="content" source="images/yes-icon.png" alt-text="supported."::: | | -|Allow recovery password | :::image type="content" source="images/yes-icon.png" alt-text="supported."::: | :::image type="content" source="images/yes-icon.png" alt-text="supported."::: | :::image type="content" source="images/yes-icon.png" alt-text="supported."::: | -|Manage startup authentication | :::image type="content" source="images/yes-icon.png" alt-text="supported."::: | :::image type="content" source="images/yes-icon.png" alt-text="supported."::: | :::image type="content" source="images/yes-icon.png" alt-text="supported."::: | -|Select cipher strength and algorithms for fixed drives | :::image type="content" source="images/yes-icon.png" alt-text="supported."::: | :::image type="content" source="images/yes-icon.png" alt-text="supported."::: | :::image type="content" source="images/yes-icon.png" alt-text="supported."::: | -|Select cipher strength and algorithms for removable drives | :::image type="content" source="images/yes-icon.png" alt-text="supported."::: | :::image type="content" source="images/yes-icon.png" alt-text="supported."::: | :::image type="content" source="images/yes-icon.png" alt-text="supported."::: | -|Select cipher strength and algorithms for operating environment drives | :::image type="content" source="images/yes-icon.png" alt-text="supported."::: | :::image type="content" source="images/yes-icon.png" alt-text="supported."::: | :::image type="content" source="images/yes-icon.png" alt-text="supported."::: | -|Standard recovery password storage location | Azure AD or Active Directory | Configuration Manager site database | MBAM database | -|Store recovery password for operating system and fixed drives to Azure AD or Active Directory | Yes (Active Directory and Azure AD) | Yes (Active Directory only) | Yes (Active Directory only) | -|Customize preboot message and recovery link | :::image type="content" source="images/yes-icon.png" alt-text="supported."::: | :::image type="content" source="images/yes-icon.png" alt-text="supported."::: | :::image type="content" source="images/yes-icon.png" alt-text="supported."::: | -|Allow/deny key file creation | :::image type="content" source="images/yes-icon.png" alt-text="supported."::: | :::image type="content" source="images/yes-icon.png" alt-text="supported."::: | :::image type="content" source="images/yes-icon.png" alt-text="supported."::: | -|Deny Write permission to unprotected drives | :::image type="content" source="images/yes-icon.png" alt-text="supported."::: | :::image type="content" source="images/yes-icon.png" alt-text="supported."::: | :::image type="content" source="images/yes-icon.png" alt-text="supported."::: | -|Can be administered outside company network | :::image type="content" source="images/yes-icon.png" alt-text="supported."::: | :::image type="content" source="images/yes-icon.png" alt-text="supported."::: | | -|Support for organization unique IDs | | :::image type="content" source="images/yes-icon.png" alt-text="supported."::: | :::image type="content" source="images/yes-icon.png" alt-text="supported."::: | -|Self-service recovery | Yes (through Azure AD or Company Portal app) | :::image type="content" source="images/yes-icon.png" alt-text="supported."::: | :::image type="content" source="images/yes-icon.png" alt-text="supported."::: | -|Recovery password rotation for fixed and operating environment drives | Yes (Windows 10, version 1909 and later or Windows 11) | :::image type="content" source="images/yes-icon.png" alt-text="supported."::: | :::image type="content" source="images/yes-icon.png" alt-text="supported."::: | -|Wait to complete encryption until recovery information is backed up to Azure AD | :::image type="content" source="images/yes-icon.png" alt-text="supported."::: | | | -|Wait to complete encryption until recovery information is backed up to Active Directory | | :::image type="content" source="images/yes-icon.png" alt-text="supported."::: | :::image type="content" source="images/yes-icon.png" alt-text="supported."::: | -|Allow or deny Data Recovery Agent | :::image type="content" source="images/yes-icon.png" alt-text="supported."::: | :::image type="content" source="images/yes-icon.png" alt-text="supported."::: | :::image type="content" source="images/yes-icon.png" alt-text="supported."::: | -|Unlock a volume using certificate with custom object identifier | | :::image type="content" source="images/yes-icon.png" alt-text="supported."::: | :::image type="content" source="images/yes-icon.png" alt-text="supported."::: | -|Prevent memory overwrite on restart | | :::image type="content" source="images/yes-icon.png" alt-text="supported."::: | :::image type="content" source="images/yes-icon.png" alt-text="supported."::: | -|Configure custom Trusted Platform Module Platform Configuration Register profiles | | | :::image type="content" source="images/yes-icon.png" alt-text="supported."::: | -|Manage auto-unlock functionality | | :::image type="content" source="images/yes-icon.png" alt-text="supported."::: | :::image type="content" source="images/yes-icon.png" alt-text="supported."::: | +|*Additional agent required?* | No (device enrollment only) | Configuration Manager client | MBAM client | +|*Administrative plane* | Microsoft Endpoint Manager admin center | Configuration Manager console | Group Policy Management Console and MBAM sites | +|*Administrative portal installation required* | | :::image type="content" source="images/yes-icon.png" alt-text="supported."::: | :::image type="content" source="images/yes-icon.png" alt-text="supported."::: | +|*Compliance reporting capabilities* | :::image type="content" source="images/yes-icon.png" alt-text="supported."::: | :::image type="content" source="images/yes-icon.png" alt-text="supported."::: | :::image type="content" source="images/yes-icon.png" alt-text="supported."::: | +|*Force encryption* | :::image type="content" source="images/yes-icon.png" alt-text="supported."::: | :::image type="content" source="images/yes-icon.png" alt-text="supported."::: | :::image type="content" source="images/yes-icon.png" alt-text="supported."::: | +|*Encryption for storage cards (mobile)* | :::image type="content" source="images/yes-icon.png" alt-text="supported."::: | :::image type="content" source="images/yes-icon.png" alt-text="supported."::: | | +|*Allow recovery password* | :::image type="content" source="images/yes-icon.png" alt-text="supported."::: | :::image type="content" source="images/yes-icon.png" alt-text="supported."::: | :::image type="content" source="images/yes-icon.png" alt-text="supported."::: | +|*Manage startup authentication* | :::image type="content" source="images/yes-icon.png" alt-text="supported."::: | :::image type="content" source="images/yes-icon.png" alt-text="supported."::: | :::image type="content" source="images/yes-icon.png" alt-text="supported."::: | +|*Select cipher strength and algorithms for fixed drives* | :::image type="content" source="images/yes-icon.png" alt-text="supported."::: | :::image type="content" source="images/yes-icon.png" alt-text="supported."::: | :::image type="content" source="images/yes-icon.png" alt-text="supported."::: | +|*Select cipher strength and algorithms for removable drives* | :::image type="content" source="images/yes-icon.png" alt-text="supported."::: | :::image type="content" source="images/yes-icon.png" alt-text="supported."::: | :::image type="content" source="images/yes-icon.png" alt-text="supported."::: | +|*Select cipher strength and algorithms for operating environment drives* | :::image type="content" source="images/yes-icon.png" alt-text="supported."::: | :::image type="content" source="images/yes-icon.png" alt-text="supported."::: | :::image type="content" source="images/yes-icon.png" alt-text="supported."::: | +|*Standard recovery password storage location* | Azure AD or Active Directory | Configuration Manager site database | MBAM database | +|*Store recovery password for operating system and fixed drives to Azure AD or Active Directory* | Yes (Active Directory and Azure AD) | Yes (Active Directory only) | Yes (Active Directory only) | +|*Customize preboot message and recovery link* | :::image type="content" source="images/yes-icon.png" alt-text="supported."::: | :::image type="content" source="images/yes-icon.png" alt-text="supported."::: | :::image type="content" source="images/yes-icon.png" alt-text="supported."::: | +|*Allow/deny key file creation* | :::image type="content" source="images/yes-icon.png" alt-text="supported."::: | :::image type="content" source="images/yes-icon.png" alt-text="supported."::: | :::image type="content" source="images/yes-icon.png" alt-text="supported."::: | +|*Deny Write permission to unprotected drives* | :::image type="content" source="images/yes-icon.png" alt-text="supported."::: | :::image type="content" source="images/yes-icon.png" alt-text="supported."::: | :::image type="content" source="images/yes-icon.png" alt-text="supported."::: | +|*Can be administered outside company network* | :::image type="content" source="images/yes-icon.png" alt-text="supported."::: | :::image type="content" source="images/yes-icon.png" alt-text="supported."::: | | +|*Support for organization unique IDs* | | :::image type="content" source="images/yes-icon.png" alt-text="supported."::: | :::image type="content" source="images/yes-icon.png" alt-text="supported."::: | +|*Self-service recovery* | Yes (through Azure AD or Company Portal app) | :::image type="content" source="images/yes-icon.png" alt-text="supported."::: | :::image type="content" source="images/yes-icon.png" alt-text="supported."::: | +|*Recovery password rotation for fixed and operating environment drives* | Yes (Windows 10, version 1909 and later or Windows 11) | :::image type="content" source="images/yes-icon.png" alt-text="supported."::: | :::image type="content" source="images/yes-icon.png" alt-text="supported."::: | +|*Wait to complete encryption until recovery information is backed up to Azure AD* | :::image type="content" source="images/yes-icon.png" alt-text="supported."::: | | | +|*Wait to complete encryption until recovery information is backed up to Active Directory* | | :::image type="content" source="images/yes-icon.png" alt-text="supported."::: | :::image type="content" source="images/yes-icon.png" alt-text="supported."::: | +|*Allow or deny Data Recovery Agent* | :::image type="content" source="images/yes-icon.png" alt-text="supported."::: | :::image type="content" source="images/yes-icon.png" alt-text="supported."::: | :::image type="content" source="images/yes-icon.png" alt-text="supported."::: | +|*Unlock a volume using certificate with custom object identifier* | | :::image type="content" source="images/yes-icon.png" alt-text="supported."::: | :::image type="content" source="images/yes-icon.png" alt-text="supported."::: | +|*Prevent memory overwrite on restart* | | :::image type="content" source="images/yes-icon.png" alt-text="supported."::: | :::image type="content" source="images/yes-icon.png" alt-text="supported."::: | +|*Configure custom Trusted Platform Module Platform Configuration Register profiles* | | | :::image type="content" source="images/yes-icon.png" alt-text="supported."::: | +|*Manage auto-unlock functionality* | | :::image type="content" source="images/yes-icon.png" alt-text="supported."::: | :::image type="content" source="images/yes-icon.png" alt-text="supported."::: | diff --git a/windows/security/information-protection/bitlocker/bitlocker-device-encryption-overview-windows-10.md b/windows/security/information-protection/bitlocker/bitlocker-device-encryption-overview-windows-10.md index 442e7657c7..bf52810a6a 100644 --- a/windows/security/information-protection/bitlocker/bitlocker-device-encryption-overview-windows-10.md +++ b/windows/security/information-protection/bitlocker/bitlocker-device-encryption-overview-windows-10.md @@ -16,18 +16,17 @@ ms.custom: bitlocker # Overview of BitLocker Device Encryption in Windows -**Applies to** -- Windows 10 -- Windows 11 -- Windows Server 2016 and later +(*Applies to: Windows 10, Windows 11, Windows Server 2016 and above*) -This article explains how BitLocker Device Encryption can help protect data on devices running Windows. For a general overview and list of articles about BitLocker, see [BitLocker](bitlocker-overview.md). +This article explains how BitLocker Device Encryption can help protect data on devices running Windows. For a general overview and list of articles about BitLocker, see [BitLocker](bitlocker-overview.md). When users travel, their organization's confidential data goes with them. Wherever confidential data is stored, it must be protected against unauthorized access. Windows has a long history of providing at-rest data-protection solutions that guard against nefarious attackers, beginning with the Encrypting File System in the Windows 2000 operating system. More recently, BitLocker has provided encryption for full drives and portable drives. Windows consistently improves data protection by improving existing options and providing new strategies. -Table 2 lists specific data-protection concerns and how they're addressed in Windows 11, Windows 10, and Windows 7. +## Data Protection in Windows 11, Windows 10, and Windows 7 -**Table 2. Data Protection in Windows 11, Windows 10, and Windows 7** +The below table lists specific data-protection concerns and how they're addressed in Windows 11, Windows 10, and Windows 7. + +- **Table 2** | Windows 7 | Windows 11 and Windows 10 | |---|---| @@ -37,7 +36,7 @@ Table 2 lists specific data-protection concerns and how they're addressed in Win | Administrators have to use separate tools to manage encrypted hard drives. | BitLocker supports encrypted hard drives with onboard encryption hardware built in, which allows administrators to use the familiar BitLocker administrative tools to manage them. | | Encrypting a new flash drive can take more than 20 minutes. | Used Space Only encryption in BitLocker To Go allows users to encrypt removable data drives in seconds. | | BitLocker could require users to enter a recovery key when system configuration changes occur. | BitLocker requires the user to enter a recovery key only when disk corruption occurs or when you lose the PIN or password. | -| Users need to enter a PIN to start the PC, and then their password to sign in to Windows. | Modern Windows devices are increasingly protected with BitLocker Device Encryption out of the box and support SSO to help protect the BitLocker encryption keys from cold boot attacks. | +| Users need to enter a PIN to start the PC, and then their password to sign in to Windows. | Modern Windows devices are increasingly protected with BitLocker Device Encryption out of the box and support SSO to help protect the BitLocker encryption keys from cold boot attacks. | ## Prepare for drive and file encryption @@ -46,12 +45,12 @@ Whether you're planning to encrypt entire volumes, removable devices, or individ ### TPM pre-provisioning -In Windows 7, preparing the TPM for use offered a couple of challenges: +In Windows 7, preparing the TPM offered a few challenges: -* You can turn on the TPM in the BIOS, which requires someone to either go into the BIOS settings to turn it on or to install a driver to turn it on from within Windows. -* When you enable the TPM, it may require one or more restarts. +- Turning on the TPM required going into the BIOS or UEFI firmware of the device. Turning on the TPM at the device requires someone to either physically go into the BIOS or UEFI firmware settings of the device to turn on the TPM, or to install a driver in Windows to turn on the TPM from within Windows. +- When you enable the TPM, it may require one or more restarts. -Basically, it was a hassle. If IT staff were provisioning new PCs, they could handle all of this, but if you wanted to add BitLocker to devices that were already in users' hands, those users would have struggled with the technical challenges and would either call IT for support or leave BitLocker disabled. +This made preparing the TPM in Windows 7 problematic. If IT staff are provisioning new PCs, they can handle the required steps for preparing a TPM. However, if BitLocker needed to be enabled on devices that are already in users' hands, those users would probably struggle with the technical challenges. The user would then either call to IT for support or leave BitLocker disabled. Microsoft includes instrumentation in Windows 11 and Windows 10 that enable the operating system to fully manage the TPM. There's no need to go into the BIOS, and all scenarios that required a restart have been eliminated. @@ -61,65 +60,83 @@ BitLocker is capable of encrypting entire hard drives, including both system and With earlier versions of Windows, administrators had to enable BitLocker after Windows had been installed. Although this process could be automated, BitLocker would need to encrypt the entire drive, a process that could take anywhere from several hours to more than a day depending on drive size and performance, which delayed deployment. Microsoft has improved this process through multiple features in Windows 11 and Windows 10. -## BitLocker device encryption +## BitLocker Device Encryption -Beginning in Windows 8.1, Windows automatically enables BitLocker Device Encryption on devices that support Modern Standby. With Windows 11 and Windows 10, Microsoft offers BitLocker Device Encryption support on a much broader range of devices, including those that are Modern Standby, and devices that run Windows 10 Home edition or Windows 11. +Beginning in Windows 8.1, Windows automatically enables BitLocker Device Encryption on devices that support Modern Standby. With Windows 11 and Windows 10, Microsoft offers BitLocker Device Encryption support on a much broader range of devices, including those devices that are Modern Standby, and devices that run Home edition of Windows 10 or Windows 11. -Microsoft expects that most devices in the future will pass the testing requirements, which makes BitLocker device encryption pervasive across modern Windows devices. BitLocker device encryption further protects the system by transparently implementing device-wide data encryption. +Microsoft expects that most devices in the future will pass the requirements for BitLocker Device Encryption that will make BitLocker Device Encryption pervasive across modern Windows devices. BitLocker Device Encryption further protects the system by transparently implementing device-wide data encryption. -Unlike a standard BitLocker implementation, BitLocker device encryption is enabled automatically so that the device is always protected. The following list outlines how this happens: +Unlike a standard BitLocker implementation, BitLocker Device Encryption is enabled automatically so that the device is always protected. The following list outlines how BitLocker Device Encryption is enabled automatically: -* When a clean installation of Windows 11 or Windows 10 is completed and the out-of-box experience is finished, the computer is prepared for first use. As part of this preparation, BitLocker Device Encryption is initialized on the operating system drive and fixed data drives on the computer with a clear key (this is the equivalent of standard BitLocker suspended state). In this state, the drive is shown with a warning icon in Windows Explorer. The yellow warning icon is removed after the TPM protector is created and the recovery key is backed up, as explained in the following bullet points. -* If the device isn't domain joined, a Microsoft account that has been granted administrative privileges on the device is required. When the administrator uses a Microsoft account to sign in, the clear key is removed, a recovery key is uploaded to the online Microsoft account, and a TPM protector is created. Should a device require the recovery key, the user will be guided to use an alternate device and navigate to a recovery key access URL to retrieve the recovery key by using his or her Microsoft account credentials. -* If the user uses a domain account to sign in, the clear key isn't removed until the user joins the device to a domain and the recovery key is successfully backed up to Active Directory Domain Services (AD DS). You must enable the **Computer Configuration\\Administrative Templates\\Windows Components\\BitLocker Drive Encryption\\Operating System Drives** Group Policy setting, and select the **Do not enable BitLocker until recovery information is stored in AD DS for operating system drives** option. With this configuration, the recovery password is created automatically when the computer joins the domain, and then the recovery key is backed up to AD DS, the TPM protector is created, and the clear key is removed. -* Similar to signing in with a domain account, the clear key is removed when the user signs in to an Azure AD account on the device. As described in the bullet point above, the recovery password is created automatically when the user authenticates to Azure AD. Then, the recovery key is backed up to Azure AD, the TPM protector is created, and the clear key is removed. +- When a clean installation of Windows 11 or Windows 10 is completed and the out-of-box experience is finished, the computer is prepared for first use. As part of this preparation, BitLocker Device Encryption is initialized on the operating system drive and fixed data drives on the computer with a clear key that is the equivalent of standard BitLocker suspended state. In this state, the drive is shown with a warning icon in Windows Explorer. The yellow warning icon is removed after the TPM protector is created and the recovery key is backed up, as explained in the following bullet points. + +- If the device isn't domain joined, a Microsoft account that has been granted administrative privileges on the device is required. When the administrator uses a Microsoft account to sign in, the clear key is removed, a recovery key is uploaded to the online Microsoft account, and a TPM protector is created. Should a device require the recovery key, the user will be guided to use an alternate device and navigate to a recovery key access URL to retrieve the recovery key by using their Microsoft account credentials. + +- If the user uses a domain account to sign in, the clear key isn't removed until the user joins the device to a domain, and the recovery key is successfully backed up to Active Directory Domain Services (AD DS). You must enable the following Group Policy settings: + + *Computer Configuration* > *Administrative Templates* > *Windows Components* > *BitLocker Drive Encryption* > *Operating System Drives* > **Do not enable BitLocker until recovery information is stored in AD DS for operating system drives** + + With this configuration, the recovery password is created automatically when the computer joins the domain, and then the recovery key is backed up to AD DS, the TPM protector is created, and the clear key is removed. + +- Similar to signing in with a domain account, the clear key is removed when the user signs in to an Azure AD account on the device. As described in the bullet point above, the recovery password is created automatically when the user authenticates to Azure AD. Then, the recovery key is backed up to Azure AD, the TPM protector is created, and the clear key is removed. Microsoft recommends that BitLocker Device Encryption be enabled on any systems that support it, but the automatic BitLocker Device Encryption process can be prevented by changing the following registry setting: -- **Subkey**: HKEY\_LOCAL\_MACHINE\\SYSTEM\\CurrentControlSet\\Control\\BitLocker -- **Value**: PreventDeviceEncryption equal to True (1) -- **Type**: REG\_DWORD -Administrators can manage domain-joined devices that have BitLocker device encryption enabled through Microsoft BitLocker Administration and Monitoring (MBAM). In this case, BitLocker device encryption automatically makes additional BitLocker options available. No conversion or encryption is required, and MBAM can manage the full BitLocker policy set if any configuration changes are required. +- **Subkey**: `HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\BitLocker` +- **Type**: `REG_DWORD` +- **Value**: `PreventDeviceEncryption` equal to `1` (True) + +Administrators can manage domain-joined devices that have BitLocker Device Encryption enabled through Microsoft BitLocker Administration and Monitoring (MBAM). In this case, BitLocker Device Encryption automatically makes additional BitLocker options available. No conversion or encryption is required, and MBAM can manage the full BitLocker policy set if any configuration changes are required. > [!NOTE] > BitLocker Device Encryption uses the XTS-AES 128-bit encryption method. In case you need to use a different encryption method and/or cipher strength, the device must be configured and decrypted (if already encrypted) first. After that, different BitLocker settings can be applied. ## Used Disk Space Only encryption -BitLocker in earlier Windows versions could take a long time to encrypt a drive, because it encrypted every byte on the volume (including parts that didn't have data). That is still the most secure way to encrypt a drive, especially if a drive has previously contained confidential data that has since been moved or deleted. In that case, traces of the confidential data could remain on portions of the drive marked as unused. +BitLocker in earlier Windows versions could take a long time to encrypt a drive because it encrypted every byte on the volume including parts that didn't have data. Encrypting every byte on the volume including parts that didn't have data is known as full disk encryption. Full disk encryption is still the most secure way to encrypt a drive, especially if a drive has previously contained confidential data that has since been moved or deleted. If a drive previously had confidential data that has been moved or deleted, traces of the confidential data could remain on portions of the drive marked as unused. + But why encrypt a new drive when you can encrypt the data as it is being written? To reduce encryption time, BitLocker in Windows 11 and Windows 10 let users choose to encrypt just their data. Depending on the amount of data on the drive, this option can reduce encryption time by more than 99 percent. -Exercise caution when encrypting only used space on an existing volume on which confidential data may have already been stored in an unencrypted state, however, because those sectors can be recovered through disk-recovery tools until they're overwritten by new encrypted data. In contrast, encrypting only used space on a brand-new volume can significantly decrease deployment time without the security risk because all new data will be encrypted as it's written to the disk. + +Exercise caution when encrypting only used space on an existing volume on which confidential data may have already been stored in an unencrypted state. When using used space encryption, sectors where previously unencrypted data are stored can be recovered through disk-recovery tools until they're overwritten by new encrypted data. In contrast, encrypting only used space on a brand-new volume can significantly decrease deployment time without the security risk because all new data will be encrypted as it's written to the disk. ## Encrypted hard drive support SEDs have been available for years, but Microsoft couldn't support their use with some earlier versions of Windows because the drives lacked important key management features. Microsoft worked with storage vendors to improve the hardware capabilities, and now BitLocker supports the next generation of SEDs, which are called encrypted hard drives. -Encrypted hard drives provide onboard cryptographic capabilities to encrypt data on drives, which improves both drive and system performance by offloading cryptographic calculations from the PC's processor to the drive itself and rapidly encrypting the drive by using dedicated, purpose-built hardware. If you plan to use, whole-drive encryption with Windows 11 or Windows 10, Microsoft recommends that you investigate hard drive manufacturers and models to determine whether any of their encrypted hard drives meet your security and budget requirements. -For more information about encrypted hard drives, see [Encrypted Hard Drive](../encrypted-hard-drive.md). + +Encrypted hard drives provide onboard cryptographic capabilities to encrypt data on drives, which improves both drive and system performance by offloading cryptographic calculations from the PC's processor to the drive itself and rapidly encrypting the drive by using dedicated, purpose-built hardware. If you plan to use whole-drive encryption with Windows 11 or Windows 10, Microsoft recommends that you investigate hard drive manufacturers and models to determine whether any of their encrypted hard drives meet your security and budget requirements. + +For more information about encrypted hard drives, see [Encrypted hard drive](../encrypted-hard-drive.md). ## Preboot information protection An effective implementation of information protection, like most security controls, considers usability and security. Users typically prefer a simple security experience. In fact, the more transparent a security solution becomes, the more likely users are to conform to it. + It's crucial that organizations protect information on their PCs regardless of the state of the computer or the intent of users. This protection shouldn't be cumbersome to users. One undesirable and previously commonplace situation is when the user is prompted for input during preboot, and then again during Windows sign-in. Challenging users for input more than once should be avoided. + Windows 11 and Windows 10 can enable a true SSO experience from the preboot environment on modern devices and in some cases even on older devices when robust information protection configurations are in place. The TPM in isolation is able to securely protect the BitLocker encryption key while it is at rest, and it can securely unlock the operating system drive. When the key is in use and thus in memory, a combination of hardware and Windows capabilities can secure the key and prevent unauthorized access through cold-boot attacks. Although other countermeasures like PIN-based unlock are available, they aren't as user-friendly; depending on the devices' configuration they may not offer additional security when it comes to key protection. For more information, see [BitLocker Countermeasures](bitlocker-countermeasures.md). ## Manage passwords and PINs -When BitLocker is enabled on a system drive and the PC has a TPM, you can choose to require that users type a PIN before BitLocker will unlock the drive. Such a PIN requirement can prevent an attacker who has physical access to a PC from even getting to the Windows sign-in, which makes it virtually impossible for the attacker to access or modify user data and system files. +When BitLocker is enabled on a system drive and the PC has a TPM, you can choose to require that users type a PIN before BitLocker will unlock the drive. Such a PIN requirement can prevent an attacker who has physical access to a PC from even getting to the Windows sign-in, which makes it almost impossible for the attacker to access or modify user data and system files. Requiring a PIN at startup is a useful security feature because it acts as a second authentication factor (a second "something you know"). This configuration comes with some costs, however. One of the most significant is the need to change the PIN regularly. In enterprises that used BitLocker with Windows 7 and the Windows Vista operating system, users had to contact systems administrators to update their BitLocker PIN or password. This requirement not only increased management costs but made users less willing to change their BitLocker PIN or password regularly. + Windows 11 and Windows 10 users can update their BitLocker PINs and passwords themselves, without administrator credentials. Not only will this feature reduce support costs, but it could improve security, too, because it encourages users to change their PINs and passwords more often. In addition, Modern Standby devices don't require a PIN for startup: They're designed to start infrequently and have other mitigations in place that further reduce the attack surface of the system. + For more information about how startup security works and the countermeasures that Windows 11 and Windows 10 provide, see [Protect BitLocker from pre-boot attacks](./bitlocker-countermeasures.md). ## Configure Network Unlock -Some organizations have location-specific data security requirements. This is most common in environments where high-value data is stored on PCs. The network environment may provide crucial data protection and enforce mandatory authentication; therefore, policy states that those PCs shouldn't leave the building or be disconnected from the corporate network. Safeguards like physical security locks and geofencing may help enforce this policy as reactive controls. Beyond these, a proactive security control that grants data access only when the PC is connected to the corporate network is necessary. +Some organizations have location specific data security requirements. Location specific data security requirements are most common in environments where high-value data is stored on PCs. The network environment may provide crucial data protection and enforce mandatory authentication. Therefore, policy states that those PCs shouldn't leave the building or be disconnected from the corporate network. Safeguards like physical security locks and geofencing may help enforce this policy as reactive controls. Beyond these safeguards, a proactive security control that grants data access only when the PC is connected to the corporate network is necessary. Network Unlock enables BitLocker-protected PCs to start automatically when connected to a wired corporate network on which Windows Deployment Services runs. Anytime the PC isn't connected to the corporate network, a user must type a PIN to unlock the drive (if PIN-based unlock is enabled). Network Unlock requires the following infrastructure: -* Client PCs that have Unified Extensible Firmware Interface (UEFI) firmware version 2.3.1 or later, which supports Dynamic Host Configuration Protocol (DHCP) -* A server running at least Windows Server 2012 with the Windows deployment services role -* A server with the DHCP server role installed +- Client PCs that have Unified Extensible Firmware Interface (UEFI) firmware version 2.3.1 or later, which supports Dynamic Host Configuration Protocol (DHCP) + +- A server running at least Windows Server 2012 with the Windows deployment services (WDS) role + +- A server with the DHCP server role installed For more information about how to configure Network unlock feature, see [BitLocker: How to enable Network Unlock](bitlocker-how-to-enable-network-unlock.md). @@ -127,21 +144,31 @@ For more information about how to configure Network unlock feature, see [BitLock Part of the Microsoft Desktop Optimization Pack, Microsoft BitLocker Administration and Monitoring (MBAM) makes it easier to manage and support BitLocker and BitLocker To Go. MBAM 2.5 with Service Pack 1, the latest version, has the following key features: -* Enables administrators to automate the process of encrypting volumes on client computers across the enterprise. -* Enables security officers to quickly determine the compliance state of individual computers or even of the enterprise itself. -* Provides centralized reporting and hardware management with Microsoft Configuration Manager. -* Reduces the workload on the help desk to assist end users with BitLocker recovery requests. -* Enables end users to recover encrypted devices independently by using the Self-Service Portal. -* Enables security officers to easily audit access to recovery key information. -* Empowers Windows Enterprise users to continue working anywhere with the assurance that their corporate data is protected. -* Enforces the BitLocker encryption policy options that you set for your enterprise. -* Integrates with existing management tools, such as Microsoft Configuration Manager. -* Offers an IT-customizable recovery user experience. -* Supports Windows 11 and Windows 10. +- Enables administrators to automate the process of encrypting volumes on client computers across the enterprise. + +- Enables security officers to quickly determine the compliance state of individual computers or even of the enterprise itself. + +- Provides centralized reporting and hardware management with Microsoft Configuration Manager. + +- Reduces the workload on the help desk to assist end users with BitLocker recovery requests. + +- Enables end users to recover encrypted devices independently by using the Self-Service Portal. + +- Enables security officers to easily audit access to recovery key information. + +- Empowers Windows Enterprise users to continue working anywhere with the assurance that their corporate data is protected. + +- Enforces the BitLocker encryption policy options that you set for your enterprise. + +- Integrates with existing management tools, such as Microsoft Configuration Manager. + +- Offers an IT-customizable recovery user experience. + +- Supports Windows 11 and Windows 10. > [!IMPORTANT] > Enterprises could use MBAM to manage client computers with BitLocker that are domain-joined on-premises until mainstream support ended in July 2019, or they could receive extended support until April 2026. -Going forward, the functionality of MBAM will be incorporated into Configuration Manager. For more information, see [Features in Configuration Manager technical preview version 1909](/mem/configmgr/core/get-started/2019/technical-preview-1909#bkmk_bitlocker). +Going forward, the functionality of MBAM will be incorporated into Configuration Manager. For more information, see [Plan for BitLocker management](/mem/configmgr/protect/plan-design/bitlocker-management). Enterprises not using Configuration Manager can use the built-in features of Azure AD and Microsoft Intune for administration and monitoring. For more information, see [Monitor device encryption with Intune](/mem/intune/protect/encryption-monitor). diff --git a/windows/security/information-protection/bitlocker/bitlocker-frequently-asked-questions.yml b/windows/security/information-protection/bitlocker/bitlocker-frequently-asked-questions.yml index 352b886bb4..f0f6584656 100644 --- a/windows/security/information-protection/bitlocker/bitlocker-frequently-asked-questions.yml +++ b/windows/security/information-protection/bitlocker/bitlocker-frequently-asked-questions.yml @@ -24,7 +24,7 @@ summary: | **Applies to** - Windows 10 - This topic links to frequently asked questions about BitLocker. BitLocker is a data protection feature that encrypts drives on your computer to help prevent data theft or exposure. BitLocker-protected computers can also delete data more securely when they are decommissioned because it is much more difficult to recover deleted data from an encrypted drive than from a non-encrypted drive. + This article links to frequently asked questions about BitLocker. BitLocker is a data protection feature that encrypts drives on your computer to help prevent data theft or exposure. BitLocker-protected computers can also delete data more securely when they're decommissioned because it's much more difficult to recover deleted data from an encrypted drive than from a non-encrypted drive. - [Overview and requirements](bitlocker-overview-and-requirements-faq.yml) - [Upgrading](bitlocker-upgrading-faq.yml) diff --git a/windows/security/information-protection/bitlocker/ts-bitlocker-intune-issues.md b/windows/security/information-protection/bitlocker/ts-bitlocker-intune-issues.md index 2ed6a48c76..03f65fe765 100644 --- a/windows/security/information-protection/bitlocker/ts-bitlocker-intune-issues.md +++ b/windows/security/information-protection/bitlocker/ts-bitlocker-intune-issues.md @@ -170,7 +170,7 @@ To verify the BIOS mode, use the System Information application. To do this, fol 1. If the **BIOS Mode** setting is **Legacy**, you have to switch the BIOS into **UEFI** or **EFI** mode. The steps for doing this are specific to the device. > [!NOTE] - > If the device supports only Legacy mode, you cannot use Intune to manage BitLocker device encryption on the device. + > If the device supports only Legacy mode, you cannot use Intune to manage BitLocker Device Encryption on the device. ## Error message: The UEFI variable 'SecureBoot' could not be read From 4c55c01695e7e76e6393514070b5ee4d94f0e627 Mon Sep 17 00:00:00 2001 From: Carmen Forsmann Date: Tue, 8 Nov 2022 13:21:47 -0700 Subject: [PATCH 017/129] Add testing doc for Delivery Optimization --- .../do/delivery-optimization-test.md | 230 ++++++++++++++++++ .../Win10/M1-Adv-BytesToPeers.png | Bin 0 -> 102768 bytes .../test-scenarios/Win10/M1-Adv-Complete.png | Bin 0 -> 100498 bytes .../Win10/M1-Basic-Complete.png | Bin 0 -> 103121 bytes .../Win10/M2-Adv-BytesToPeers.PNG | Bin 0 -> 78670 bytes .../test-scenarios/Win10/M2-Adv-Complete.png | Bin 0 -> 105821 bytes .../Win10/M2-Basic-Complete.png | Bin 0 -> 549070 bytes .../Win10/M3-Adv-BytesToPeers.PNG | Bin 0 -> 80716 bytes .../test-scenarios/Win10/M3-Adv-Complete.png | Bin 0 -> 107060 bytes .../Win11/M1-Basic-Complete.png | Bin 0 -> 110379 bytes .../Win11/M2-Basic-Complete.png | Bin 0 -> 109430 bytes 11 files changed, 230 insertions(+) create mode 100644 windows/deployment/do/delivery-optimization-test.md create mode 100644 windows/deployment/do/images/test-scenarios/Win10/M1-Adv-BytesToPeers.png create mode 100644 windows/deployment/do/images/test-scenarios/Win10/M1-Adv-Complete.png create mode 100644 windows/deployment/do/images/test-scenarios/Win10/M1-Basic-Complete.png create mode 100644 windows/deployment/do/images/test-scenarios/Win10/M2-Adv-BytesToPeers.PNG create mode 100644 windows/deployment/do/images/test-scenarios/Win10/M2-Adv-Complete.png create mode 100644 windows/deployment/do/images/test-scenarios/Win10/M2-Basic-Complete.png create mode 100644 windows/deployment/do/images/test-scenarios/Win10/M3-Adv-BytesToPeers.PNG create mode 100644 windows/deployment/do/images/test-scenarios/Win10/M3-Adv-Complete.png create mode 100644 windows/deployment/do/images/test-scenarios/Win11/M1-Basic-Complete.png create mode 100644 windows/deployment/do/images/test-scenarios/Win11/M2-Basic-Complete.png diff --git a/windows/deployment/do/delivery-optimization-test.md b/windows/deployment/do/delivery-optimization-test.md new file mode 100644 index 0000000000..93716180ed --- /dev/null +++ b/windows/deployment/do/delivery-optimization-test.md @@ -0,0 +1,230 @@ +--- +title: Testing Delivery Optimization +description: Explanation of Delivery Optimization distributed cache and high-level design. Demonstrate how Delivery Optimization peer-to-peer works in different test scenarios. +ms.date: 11/08/2022 +ms.prod: windows-client +ms.technology: itpro-updates +ms.topic: reference +ms.localizationpriority: medium +author: cmknox +ms.author: carmenf +ms.reviewer: mstewart +manager: naengler +--- + +# Testing Delivery Optimization + +## Overview + +Delivery Optimization is a powerful and useful tool to help enterprises manage bandwidth usage for downloading Microsoft content. It is a solution designed to be used in large-scale environments with large numbers of devices, various content sizes, etc. Delivery Optimization is native to Win10+ and provides default configuration to get the most out of the typical customer environment. It is used to deliver many different types of content, so Microsoft customers enjoy the best possible download experience for their environment. There are three components to Delivery Optimization, 1) HTTP downloader, 2) Peer-to-peer (P2P) cloud technology, and 3) Microsoft Connected Cache. One of the most powerful advantages of using Delivery Optimization is the ability to fine-tune settings that empower users to dial in Microsoft content delivery to meet the needs of specific environments. + +## Monitoring Value + +Since Delivery Optimization is on by default, you will be able to monitor the value either through the Windows Settings for ‘Delivery Optimization’, using Delivery Optimization PowerShell cmdlets, and/or via the Update Compliance experience in Azure. + +In the case where Delivery Optimization is not working in your environment, it is important to investigate to get to the root of the problem. We recommend a test environment be created to easily evaluate typical devices to ensure Delivery Optimization is working properly. For starters, ‘Scenario 1: Basic Setup’ should be created to test the use of Delivery Optimization between two machines. This scenario is designed to eliminate any noise in the environment to ensure there is nothing preventing Delivery Optimization from working on the devices. Once you have a baseline, you can expand the test environment for more sophisticated tests. + +## Expectations and Goals + +The focus of the testing scenarios in this article is primarily centered on demonstrating the Delivery Optimization policies centered around the successful downloading of bytes using P2P. More specifically, the goal will be to show peer to peer is working as expected, using the following criteria: + +* Peers can find each other (for example on the same LAN / subnet / Group – matching your Download Mode policy). +* Files are downloading in the expected Download Mode (validates connectivity to DO cloud, HTTP, and local configs). +* At least some downloads happening via P2P (validates connectivity between peers). + +Several elements that influence overall peering, using Delivery Optimization. The most common, impactful environment factors should be considered. + +* **The number of files in the cache and** **the** **number of devices have a big effect on overall peering.** There is a set number of files available for peering at a time, from each client, so the peering device may not be serving a particular file. +* **File size** **and** **internet connection** **reliability matter.** There is a Delivery Optimization setting to determine the minimum file size to use P2P. In addition, internet connection must be open and reliable enough to let the Delivery Optimization client make cloud service API calls and download metadata files prior to starting a content file download +* **Delivery Optimization Policies can play a role.** In general, it is important to familiarize yourself with the Delivery Optimization settings and defaults [Delivery Optimization reference - Windows Deployment | Microsoft Docs](https://docs.microsoft.com/en-us/windows/deployment/do/waas-delivery-optimization-reference). + +### Delivery Optimization is a Hybrid P2P Platform + +* Delivery Optimization’s hybrid approach to downloading from multiple sources (HTTP and peer) in parallel is especially critical for large-scale environments, constantly assessing the optimal source from which to deliver the content. In conjunction, the distribution of content cache, across participating devices, contributes to Delivery Optimization’s ability to find bandwidth savings as more peers become available. + +* At the point a download is initiated, the DO client starts downloading from the HTTP and discovering peers simultaneously. With a smaller file, there might be nearly 100% bytes from HTTP before connecting to a peer, even though peers are available. With a larger file and quality LAN peers, it might reduce the HTTP request rate to near zero, but only after making those initial requests from HTTP. + +* In the next section, you will see how the two testing scenarios produce differing results in the number of bytes coming from HTTP vs. peers, which shows Delivery Optimization continuously evaluating the optimal location from which to download the content. + +## Test Scenarios + +### Scenario 1: Basic Setup + +#### Goal: Demonstrate how Delivery Optimization peer-to-peer technology works using two machines, in a controlled test environment + +### Test Machine Setup + +Number of machines used: 2 + +Hardware: + +* 2 Virtual Machines or physical devices running Windows 10 (21H2) / Windows 11 (21H2) +* 2 vCPUs / 8 GB RAM / 127 GB Disk +* Network – ensure the test devices are connected to the same network, one that is representative of the corporate network + + Apply Policy settings/Windows configurations on each machine: + +* Pause Windows Updates. This controls the test environment so no other content is made available during the test, and potentially altering the outcome of the test. By default, there are four pieces of content available for peering at a given time. The Delivery Optimization client cycles through the available content in the cache. Simply pausing Windows Updates might not be enough in some cases. If there are Microsoft Store Updates, for example, a download can be triggered causing the four caching slots to be filled. If this happens, the second machine may not see peers. Verify there is only one cached content before continuing the test on the second machine. +* Ensure all Store apps are up to date +* Set Delivery Optimization Download mode = '2' +* Set Delivery Optimization GroupID = 'GUID'. A GUID is a required value that can be generated using PowerShell, ‘[[guid]::NewGuid()](https://blogs.technet.microsoft.com/heyscriptingguy/2013/07/25/powertip-create-a-new-guid-by-using-powershell/)’ +* Run '`Enable-DeliveryOptimizationVerboseLogs’ to enable verbose logging. +* **If Windows 11 devices** set 'Restrict Peer Selection' policy to '0-NAT'. The default behavior in Windows 11 is set to '2-Local Peer Discovery'. For testing purposes, this needs to be scoped to the NAT. + +> [!NOTE] +> Delivery Optimization PowerShell available [cmdlets](https://learn.microsoft.com/en-us/windows/deployment/do/waas-delivery-optimization-setup#windows-powershell-cmdlets). + +### Test Instructions + +The following set of instructions will be used for each machine: + +1. Clear the DO cache: ‘Delete-DeliveryOptimizationCache’ +2. Open MS Store and search for 'Asphalt Legends 9'. Select ‘Get’ to initiate the download of the content (Content size: 3.4 GB). +3. Open PowerShell console as Administrator. Run 'Get-DeliveryOptimizationStatus'. + +**On machine #1** + +* Run ‘Test Instructions’ + +**Output: Windows 10 21H2** + +![Windows 10 21H2 - Machine 1 - Basic Test](images/test-scenarios/Win10/M1-Basic-Complete.png) + +**Observations** + +* No peers were found on the first machine downloading the content. +* 'TotalBytesDownloaded' is equal to the file size. +* Status is set to 'Caching' the content so future peers can use it. +* Download was happening in the foreground. +* DownloadMode is set to 'Group' and no peers were found. + +**Output: Windows 11 21H2** + +![Windows 11 21H2 - Machine 1 - Basic Test](images/test-scenarios/Win11/M1-Basic-Complete.png) + +**Observations** + +* No new observations seen between Window 10 and Windows 11 devices. + +*Wait 5 minutes* + +**On machine #2** + +* Run ‘Test Instructions’ + +**Output: Windows 10 21H2** + +![Windows 10 21H2 - Machine 2 - Basic Test](images/test-scenarios/Win10/M2-Basic-Complete.png) + +**Observations** + +* A peer was found for the content and 87% of total bytes came from the peer. +* One peer was found for the piece of content, which is expected as there are only two devices in the peering group. +* Download mode was set to 'Group', but since group mode includes both LAN and Group devices, Delivery Optimization prioritizes LAN peers, if found. Therefore, 'BytesFromLanPeers' shows bytes where 'BytesFromGroupPeers' does not. +* 'DownloadDuration' is roughly the same between machines. + +**Output: Windows 11 21H2** + +![Windows 11 21H2 - Machine 2 - Basic Test](images/test-scenarios/Win11/M2-Basic-Complete.png) + +**Observations** + +* A peer was found for the content and 90% of total bytes came from the peer. +* All other points are the same as Windows 10 results. + +### Scenario 2: Advance Setup + +#### Goal: Demonstrate how Delivery Optimization peer-to-peer technology works in a non-controlled environment, expanding to three machines + +### Test Machine Setup + +Number of machines used: 3 + +Hardware: + +* 5 Azure Virtual Machines running Windows 10 (21H2) +* 2 vCPUs / 8 GB RAM / 127 GB Disk +* Network – ensure the test devices are connected to the same network, one that is representative of the corporate network + +Apply Policy settings/Windows configurations on each machine: + +* Set Delivery Optimization Download mode = '2' +* Set Delivery Optimization GroupID = 'GUID'. A GUID is required value which can be generated using PowerShell, ‘[[guid]::NewGuid()](https://blogs.technet.microsoft.com/heyscriptingguy/2013/07/25/powertip-create-a-new-guid-by-using-powershell/)’ +* Set Delivery Optimization policy 'Delay background download from http' = 60 (secs) +* Set Delivery Optimization policy 'Delay foreground download from http = 60 (secs) +* Run '`Enable-DeliveryOptimizationVerboseLogs’ to enable logging + +### Testing Instructions + +The following set of instructions will be used for each machine: + +1. Clear the DO cache: ‘Delete-DeliveryOptimizationCache’ +2. Open MS Store and search for 'Asphalt Legends 9'. Select ‘Get’ to initiate the download of the content (Content size: 3.4 GB). +3. Open PowerShell console as Administrator. Run 'Get-DeliveryOptimizationStatus'. + +**On machine #1:** + +* Run ‘Test Instructions’ + +**Output: Windows 10 (21H2)** + +![Windows 10 21H2 - Machine 1 - Advanced Test](images/test-scenarios/Win10/M1-Adv-Complete.png) + +**Observations** + +* The first download in the group of devices show all bytes coming from HTTP, 'BytesFromHttp'. +* Download is in the ‘Foreground’ because the Store app is doing the download and in the foreground on the device. +* No peers are found. + +*Wait 5 minutes* + +**On machine #2:** + +* Run ‘Test Instructions’ + +**Output** Windows 10 (21H2) + +![Windows 10 21H2 - Machine 2 - Advanced Test](images/test-scenarios/Win10/M2-Adv-Complete.png) + +**Observations** + +* 'PercentPeerCaching' is 99.8%. +* There are still 'BytesFromHttp' source being used. +* One peer was found. +* All peering was done from device on the LAN, as shown with 'BytesFromLanPeers'. + +**On machine #3:** + +* Run ‘Test Instructions’ + +**Output:** Windows 10 (21H2) + +![Windows 10 21H2 - Machine 3 - Advanced Test](images/test-scenarios/Win10/M3-Adv-Complete.png) + +**Observations** + +* Bytes from peers is roughly the same as machine #2, at 99.7%. +* Now, two peers are found. +* Still downloading from HTTP source as seen with 'BytesFromHttp' value. + +## Peer sourcing observations for all machines in the test group + +As mentioned, the distributed nature of the Delivery Optimization technology is obvious when you re-run the ‘Get-DeliveryOptimizationStatus’ cmdlet on each of the test machines. For each, there is a new value populated for the ‘BytesToLanPeers’ field. This demonstrates that as more peers become available, the requests to download bytes are distributed across the peering group and act as the source for the peering content. Each peer plays a role in servicing the other. + +**Output:** Machine 1 + +'BytesToPeers' sourced from Machine 1 are '5704426044'. This represents the total number of bytes, downloaded by the two peers in the group. + +![Windows 10 21H2 - Machine 1 - Advanced BytesToPeers Test](images/test-scenarios/Win10/M1-Adv-BytesToPeers.png) + +**Output:** Machine 2 + +'BytesToPeers' sourced from Machine 2 are '1899143740'. When there are two peers in the group with bytes available, notice that the distribution of bytes comes from either Machine 1 or Machine 2. + +![Windows 10 21H2 - Machine 2 - Advanced BytesToPeers Test](images/test-scenarios/Win10/M2-Adv-BytesToPeers.png) + +**Output:** Machine 3 + +'BytesToPeers' sourced from Machine 3 are '0'. This means that no other peers are downloading bytes from this peer, which is expected since it was the last machine in the group. + +![Windows 10 21H2 - Machine 3 - Advanced BytesToPeers Test](images/test-scenarios/Win10/M3-Adv-BytesToPeers.png) diff --git a/windows/deployment/do/images/test-scenarios/Win10/M1-Adv-BytesToPeers.png b/windows/deployment/do/images/test-scenarios/Win10/M1-Adv-BytesToPeers.png new file mode 100644 index 0000000000000000000000000000000000000000..39e145d0f961d6857c959ce5f52d99515c86ca32 GIT binary patch literal 102768 zcmce;2T+s$)-{Tvpdw%eL5hWcXNHic{d(DJt-bT{nWi%18TKly1r&>By%T@@u1}cG6HVfPvg#Y3;F14t@np}TMDh0KJa|v z7JGX-o$hTLO_kZ(FUNSN-qHvpzDG_3^X@!)bfMzq#`5FiCxGdvDz4bjB(uK!nIw0D zF^ZdG@x7)=T0k@Jq6?`HV6UgJ{D)x|hu4B|X{62W_!v=y|J1aW)ThPSA%rI#g znLFseH)-mzyo1-2#GWb69RGVwhE^nrLT6)ouKMp48n~L2Ui=v3uDI|U#j}5}1`FR8 z74BAK@X44tYOvpjFN;&rE&fZ5f6r-_?_aEY@LxHmCnT!h1HNJT`$#5zW4zxA?>)(( zM}Ny4YL+jDg)GtZt_ zSqD51nrh~ef}D-4X+SY8h(nu;a0W4$P~gkx<@x4?MTTjjaCiS<&e;ZQ-+PBE6GRvKQif zTvUYNjW(=V*Ab;&??XSk`&GlIxUb0G{w&KT3%#HPg5IR;j4ruvpdET2dec2{I>6MmY4lA=@26@~_ok)`hHT4hjV1y%`U@Z95>p_=ia0NZ z8%*HDDLFZ`!Js4(c&cZuw5wEzk^EuJMK-=h)&t)uec06DzCE7NBcGH+OYRFe#B^*C zov%J4vL4_;Tal@*(Fma+mLL3ES{Z@D?dJX+zs$y&Cy|kl3-3iRRLm83U8e zMOntk-yNPAXryv^l%JOL$lc?%2w?jr(6D_&T`~QRY5dA_oEI=@5Y2D7B+~t)SK3}2 zG4}9k*&c+pb2=@k%-@9$J64|yZETde&)eqVST*;BQ+zQTZ4MHC?+D@tc@r{j(%MbW z4O73%Z%@d|C2O8N1gjr@^x=^8)Y}G;59}}Q?4vR$>f~0Tfb$&W&8XLxJ<8Iq>^~u| z8DO@wU`{?8H`0KCa&V;IfMdrt5mqt?ISBk-9_@`jT4HEgz%eqeZWY3FH+5`i^jtdJ zeXLtePs`o)zb6J(u(iLF3R!X9gRDOp6YN~uDubSZaf;bho}bb$^EWn6u{HL=ZJXj? zf%j!cn=^YNg1s@OwGztT7JD)PYSuRCOGZWc$1A6-2e+b)9R@Jqggp-qq2a^vdA`#T6Y~dbKDw)0nkC5a5~M zYl8zA)(0xTYg#Bhb5i9C!=kLu@j}l-=d=b=nz42ti`-be_GugIOY#X}v^d-{l2d4? zG_>T$a|jlWpuJ_=`c zu1$+oe_8~mFOrr7w0r=#EjUe99*0gBlwMpjhCVnr{LthQ?qd+{#B58#7cg<`7ykSX zK`8b2+(z}*W)YVH&1$ssthKu8`qjGwh@;=6dHi>YrjJ10xpC0ae4~b#5lFFKOLWJcfElIs9b+;=gE9NOw*Ea{$pi`vP4gZkS%ZWKBxg`! zWygE9ebPyX)rY^#CuZ7zc;;4k90UfDCe{-R>1XzO8j^Hv)@zCqwo41)%3M#MXGjtk zP?X;0X%RINaXM(t)~`z@@bv6a zFmN@4ej3XDd2fZeijtpZT?x__KG83kaG*R6@#_gJtyYvo)KAf6=&{O`r{3H|s}9@5 zl3Q|m90L3$eh=h`%rM>OV~J>lA?pxDZQSw7+v7Z5Z!Xs8p5b;>D->m<9~Iq7D+wH& zd^IfHLhAB11OCiy>egzfyW~(x?cd3n$IjFB#j##ZyLpylPr)ulliq?ZONY-!y&VRV zuQQv}S7f?NgTG?alat~i58r-Lnl>0u>hCE3Y=h3BIG0C?_#-Qs>7Ve=hbE~Sb`o*l zum*rzgQ*7d?}F05k+$W^*;gj-w~PA$AV5q^D#RX*Ajzh)`{>-3qulHw?@}yq{1#=Y zlH-Oh&woqm^GhyxQhY(_Ysf~S!?gien{Q-e##AsDqc{Vxh3a*z?YRE zx@J5AgR}Y`Sg4g6bjtvAkTB&T`m{QdFKE>F9PA=_CK11Y1MLnVB>|Y0aRz&+=f<=a z8;ccu(4WZS!{xiQDym5w8Fn_!mcP4F732luCpsSWgMy2rld33P_)CFz7v`#?M!iW^02We<#Ix8=tea8ds#7t1eNM)S~@PO7l$>z zrm`78xgkFcBYK5PP%JYpp=yKhK7DcF!^{hCPnev%p{DKLdssE`T0X^?w_xb|!Iz>L zLW`tXz$9J-e&yivd-qppBz$X6a4E&X8z6ntdJoktz2Mc85eWo6xYSrhF10Vu(9(Q6 zb^tvs?U#YdSWBQ4KsiZ@#;hL))abk$z4A;XgFa#R&^wxrM=+$~{T4nWaMX2A*D+Af z2O%9PzrO$~US;0dd;b~4L*0&G;^lv~L^h$5!VV{yJ+FBpxbI*yVp5*&>g-joVqB6l zoWD8!vTMj7_GEO&K@H5QqXD*C?+ovQx81JwR(B`^xbw!G>A5nZD?e?{d4f4-VaSjP zzsTZz?mO|UT!BuT1^8LaFQm7rDXuNLhA)i&enj3%AcM*ja8guaA&v_^DQ|;lkpr zeyt`?vAQ%F9gD8Mfpw*L-y{1T7u!V!*qRP>pWtxJXLAgfkGTV*+C*B5QRmeywN-Cl zxUx)cinG$-Si!D^5b^h0yn@5B$)Z(>N}<|KG!N499F@V+7=E|s!t zgw@q8T^+5}hvA>_wy+(pliK9D5+^g5JJJD1vz%t+;u#aG`$=1+=S%rrEvMlam>}dv zVX`-HsqJK=X*X929L9OA`w_Pk4%# zw(20y*5cJo=dv2b{>wKz$jfePm&twW#=3FdfZZn^V7oW1qKpMUDv`VWtv|q4v!SP{ zH&;F7W)mrZwQb>7oMX0_W#2wz%laa%0cb{>MwTE?D5A^s z%3S|UX=A!XUbBU}UW1-)dM%SYz3Sp{c6JPb(~njTrPZ@r;&XD!AUBYZ%75Ecl z5M)*8M)9hr%|a5l%VER;G7zSdM(93yUs{#+6R12a-|L)wp6M#aNg+4gNHpxtYTx1} zt^3QG=q2tTFQfZ5HX*V&lCEy;o{D7iFubfZkg^{syZ6z2(lRQ;`8OI-aPP7;S=O6a zcm<2t$}!PW(3zR~m{vN&x-qr`mlF^A9h2g)0%k z*Q(_db3b@2)cy)j9KRrGtYoWv)-m}T*zwyjf(^b@?Tz<#H2=XJcKKkvIOUo=nUPaJ zZs}YDXr~gpyqk*#Y8`^muX!gik7KePy#edaI;7=XgsMq>{rN+y{o;&yQ^2g2=Z46A z(YA)9))9$8MNMN@iS;ox?8ojqpMhLj>=6*>)wG#wz`K`qDz9)=19yF!2}SVcDd&Z=QjQdS=OGHc{|QwJIuSrJXB@o3j*G0Ss?|JjK=2|jmB$*JB3+HYE|~DH|DRJNtGG6<1XPkHzw7Z1N(Ae+WdjfEfb169sBr}U3$X;%hO-e}+q1+~20r><@3XT;OQV2&-F+h6@5X)>7`z~!6qC`3Ny+xt3XO|| zp}i7@`I;2ES1O~>At0t zopul_AiWuus1jGN=6h&j8WAo}+U4KE8$G?DeV3q=D;g!%G=Xb2E{yorj*4(rp&iFK zm)@>BOyb`Qu#0%-NR#~>%Y0Nlnyff_VfE|3)LLf};fo8Y#SsH%14f&hkTXnwPuF@|~6HnS(w!Kcd#H|Me}_ps^j<*oVj<0-wf#F4^f7urKGk1J6oxyD9>> z*;-JyV{v-uTG|8Pko`#{;ch?|V?UCeyS29H(yi#k*XSq~jRvp4(Y_(6iG)f0P?mQY z-*cb@njpk^job6^-VY7p8O?dgOkzJT^VUL!HJA~^+n?Ulu-5y@*y|1f^yK&{4`#Ko zp2Y1L2PoY0!mF8VJ8YdUl@60pO6-2fg>&fjhc{SFUh?Z(`0kQpyPeaWXUZ|ay#Mo zw)0_J+ihJR3nDf(Bu1GxWIo?q@ps=&<}0`+sL@YTa497U?G5F6968e)HvDMOB~D^s zb{uDF>Lbb#)njZ^xWF2~bNf)f>lSB|z{cc;sN zjxe(@x_PkHHb@?fV~7QE|&WP)OWpM_T|4+A(`7^zp@>`G^e z-+Qei%8bPWq>Z!RsTma^b}yv!FC5!~Q&g(%WduHx%CroJD2M7&ZUi|KfWtu@EEdu7 z%)OuD>=}dn(8Dg|$OEK(DKH=7EW4qbg{mS`DCEyd< zV>j>1Tw$W)@Q)UMHk1Eta=)bAkS3__1pGzN;7H#UrX0a7h=JfOw+9byCu*cc$*}=I zc`N>xgJyVyAN-=fWVMsEW@kL1Y!hRQ5I~oI&7i{g9tsG2M&FV;mQ#* z5KkG@bFQ87$upp}{EtQV>d*^wg(rBLW0~cMF86<-iuK}=BK1yqtXqLiM+TYT;WO&r z>%=%$c$khiBrt(+m52Fo6B3Q6g;U~tFUo7oCC0|UTrZ(l5jqCjv@crOg!i`b%?#$G zH1!eA`E{p;125y*{!r>@r`;$WS2-9q_YXvfG~t<3CA)V{hinTO@&8ntrZaWKxckfF z8uB_8P}?v-jl=lzwq(f$meY)bfVU#f{L`ECvE8S(_FX@6Oqtbu8O zBIf>x@MANQzi68RJq9&b5x2&@)1?5~_3v9Vw!WG$H*!f&YwOVsW1ocuC|1GvN2!7N zMq?RXHWK*`cNbHd2wBo>X#VWxNwW_-?4S#Elzzc}tJjI{IY~jGL~?#fJ^~IaH;Cj; z{{DS*40K@DCfJ1;l-UmI{_-MrZbLjkChtKNlS+L@ja@yTJg-i&*PBD{fNBcB{X4OQ z{JP4!C{rvW8trW_7rL?M0NPu{gA4;=^yp*7PingoBcqiZWk>8I-Yyw~Gqe_V6Xt|m zFx&ERi9tbA0g+?b12byY+{0-AGV$wsab9_JPzNBIJPC+)fSBeZ`o@=KKCBxY$b2|p z>Zk!bOmO=;1fq2V5Sf9_r4F?zL%Z9hH_1vt5XFHTYPR1G0XiMm5dCH;e%Qn3`yE+o`N+~izh^j64TsI8 zi(A{Ug7tBMz=tFw5mjVniZjU^~2~0Z=-@n!CzKA-V zJ1hk6IGX%B1)7%aH!Vt6M+7Az5!3`Cm(>}Bf}K3pDN%=hJh@l?Jd-Y;6Mmd#C$;W) z>k*B!Wi=EIlSPEcisKZgSR+J9v61lywYll0Gn7i|7_T=w78{+HRjJAH&E z2C%t_A8h}=8oVA6`HX{$t3KfG6&jS~an=(8e@_)euJK>`d$P>7&=S^PZ?X9Avig20 zvN1W=^7jE6_?f@0PGu?ntCByTzGsWAyZZM@1<1XBX#M{t>2>La@3RG5+*116JHhK` zsHR!VKPtfFHNF2RQ$ov0@SovEO}s_)=coTr1pHF0GnBZYr0A{{?IPbgZqRV-t!52FcAe*_{OUg_8D?k*xhlorMiOa4@o2SAW3-lddY zh_^{&?b_Z-!~8fH6H3j7^UE1ftJru-nyYRA^unAAD~hLoqSeh4sze1PxxbR$IL-50 zm7vMUpc0?3V<;vP|7D1ie%mQrmvN7sD5r7YP2ya;F&RTzW4ctCTm+k@pa1|6Nn z8{8Ch9+AGm9aH3U$JwsDddW_(8V9|XkYMleOM466oU}W%Co3JW7>d_=NBex*$7MSr z>-9(o9KzO@%78jFX+Xhgshj7)_CK3vSx&f7a!*gsO`ZFxckPbREITg>%;!eL7RL~+ zEOxS-MpQO^Udo9`!s+Q85+FfMUgvD+w0mf4Y8Y)rxFw=OZm@PEAnb8NSRT&oSq#X${zZA^x@klNy?`Xco6R2%%w(i&@ zS63lST!dbS%4{b?S#8134Ea4B+w{_(dfdZZt?L6$j$=V?FlX9C`{0BSq28F?l!5K?PIxk_ba( zOFY;BvAY%LhWVGB8)y2zk!?Q@?G>alm|~WWmboQfsZV{E7P{(SE6dfhuIC>$c`b6I z2+Tnm%GTi{P-K4*q*Q_ee?QsZn>*m0UZUCMxe=~PvwR*Q;&5y-LHbyTm~d*XffP7GJVD4o+FWnt_y)=|g-Pg^$t&f_h@&NBhHX`?s6eyo;Ju?( zX_@4$!B1P>Vl|=0HjndDXcd?%LX!~k_GdncIy10if;%$VEN*xGwEfk}oe=AMTjB~$ zku?R0Lp6<6gJI2gt;^q_%*oXbeA9(Vg%i~`2}IE}c#q~)+9!y0$?5Ud{kS_Ork{!4 zZW;gxt`nLSF!0s}^7)A<3`syFw9FVm(_5F@x2m@K`ZDc0q@<-_cIC%?q7zi-=4;RM z_es}?ZJRFtkSYo}rXikZACQ$X=-FH^uezP)xF~bVVUNQ(k8vo~rP&5qf5D`fJY}^J z|EVEZOYFm_8f>^%3bE$B6X3PJ#tFS}`ixkdcT=9Mzmu(=-GGEUaAhf7ycHHF<8Q?h zmP3}~k%0`SGc?=CjaQ?O2+A45Z9a zZ$=DwAJ?hdl_=9e^d&r_*|=kWFq6=h$7l(@>4+@;-XeA%&U3ErKl&X%ibC~UeoP+)vcP=qdls6_I z`8B}*u;z`U(feN?Sxmj7b14ZbfE=0hJow=Ht_v!&@D;Y?3_t;P-_n+6xg<_&3VOvy zvt}ny#T5wg7WPfvH!(h#KALavhdLnw z6W6A%^r=hgTHg#lhBMXq20AuzY*`+(xb!p_PwF zoYOw9nsIjQN`>ZY87^nA_X(fg%mk=53Xu2J=v1i_|K_IHL4$MIPw!Aio8Ug~7-YS% znSL`=22+}zt%fmMv2B?9-Hh~3M5{y8ey|A`lS2|d;Wf*#i`GF-lsU3o1q2}7l@g&H zPm*ya-5^-5lyZuFsMu0UIkYxNPjh*bei^SbjNh*@WI0UcCv_|ckucRmI5Cf?+Nw05 zL!QWJMA6U0n)EQipU%xb(#1c9V1-GwN45>(mr8!P z^zOPUQGV?n?Oj5&D`@6MmmX|4)xV9&wNXV$;GRSbpIsQd4zrZwJf~tEKNu;4;pX7U5pN}A&Icl@^lIbjrZ;8Qj6 zOI|5;3I%&V*lLF!qe0~x*sgwxnrXrG*lxS8*V0vCXO!bY)HP~0rzacsR`=f)k{)7w zkq)(|d~d3jTfq-bJ|{XdKIYZI_zvZ?f3&2>h$+R>32jwMO(82e&GY3mau8lo-cLo* zVZe-RxRKzJ9R!gH#qNVy2v*WAwy{php7IGhvI&aYuCmF~GU?OL%5j6ok>r*`o7O#A zKv{Ib$lJPGf~SK*5rQP>#+_X?c`8{Pyo8KpGTCnzckDmm2Jy~S{g@$bnwG*sW2T!h z!rq{LCs~PcWpq>Nb94jS?r=i&kU2jz&Xm3tm^?S4Sh3*}!y+vX{hp#7C=+DFypnMj zIuUB{Q~yjYQ-RIm96G#<+Cg$CGAioxB8Og(T8@oagXR$KVMqU< zY+_vA6Je5n@`EoKX!S>M_IL12xs z?GL;xt0s~lXH-0EG9O@Gc>4N%Z|S?38}0aSlO6ypbU(Pk@5?;XNr)6lT)0w|eu!XvF2~1gdxd^QBl<3u`oyFdxo+)DfV26Xji0FiQ(i@}rWby;^F*G3I)dLAlhl_yn6X z&10?<@Oug6+N6i;WwTc~Hp%ZBCASWbE5vh7jf61tp#t+3f-2J6TE}@LJyf~&17{Vt zJcZlx&J|vrni7!UFo6U%K!hj)m`>@^y>V3x-9D|t5J;O3<)Y<>u5FrA-A6vd`FaD9 zv#V|pOQ@GY!%G7jRMm`L6?=7+B7^Z%jadVAJuG;Vp#=$oWG4fZqkD{}F@fKA{ z7GBzqoqkF%U7nX>zcWzmx8bv>{IEvCle-+Vw8&Mgi-z*SL#bwcLvwy)4k8LoM|A=? zXSd|Pr0Ll4`H%yv-%z9DM{(GZ4GPwH0$$i2$;V7uSomhj_u;SWaVO526xe0q>~$!} zfh)whUNmGV zwl-%uR@}e|Cy&*u!}VMQok6Dd;GbAMimzG~Xn^Y2^$VLLoBm*TPj9$UrmLa)*6zrD z$(vOm|H7sinX?QITnxqbih47z4ua*J*1 zs&oGDZT`fl<7a(@0+mV}a#luDLdIfUquY{YeH?ZG&hpBRyDqz9r#BGV2iVD8{{*jO zTmXA%cJ;N|u`eGS_J}cyQ$T`=$|kgks_~`4jHx5a*NwC@8ZHw^7?D+5?_^!-r~1kv zp$%0P3#90HV;jHdCXhOOk)5LDasj`1=6(am#81Vpd6LG3&SSyA;pWXR<03^i+Os*c zyYFjZLY+N~bl=-NX`CQky8=k|vU@M$@?a97qT_28nsIwWMkjE7Fxiyp0E6XbRKli- z8IZT1h}!p!`tq}5xD<_z;aOUq4ong*Nr6}U!y4gUIsWJFj!IWHj!W(fdv0^ooQ%M_ zom`OE%+S4ttNrNe|VN)o5qTNsFRlM z{}t=?Ke8MDNkIHx-ka2n{~Z5KpqQREnO|hsn%g^?>fIH_Ec}u%J2Td1)40@tW&<8s zuD`Dha9pLjpjJbe9&n___hbhyl3SKllQ_hDqDz*rzJH%u=4CS^j=TQ2@%bJoiZUva zv$IhNEf>8Gj7n}0U+Z4$C!%5^a>Y0u`Th>%k1tw1!f30K1K8drqdP z&d9=&PXR>nnJ-<6suHkU-O3OMX5BJ*?pW|r*SAJKR-69L1)q0TnP{OM!T>2WYg}Y( z{n2~y=dD&EzjXJmpu&;I1T99q6ivT06$lIMgzH#{UYMout&vvrAq8V3G zIFvK3^(^Orkt?k&(b&gY#+9SP{bZ8qbVA_v9h%JAI49xv#DUH4^%(j0^IN@+i|OS< zc!!y5hsO8KTuDF>56Nurlhg7{1Kmj`&k9nR6T;SE$f6_CQP|F{V!d>ZfInXjLJRmY zP=PjgSz5K2!DM0`a_vhXip+{{Q)J+rGIv*GaG|g?&Yh`MeofN|^#&(9W6mG6oDlks zIXMoM5`VQm>i%+?PG}FZuW{mc9Z=(yvs3F??W16NN{?eY8;f6hgiZh3dv&l$|OlegG~S_&ZM5aWu9%UbIm1KfxixJ13m0V-kF=KkPOj z;3gp`A#ggu*jZiZ#VGLfk5aG)QS%n3zP8QJZX)6xuVGz1A0GSaPtnS#MZ59Ue~yYx zwFb>>f~`jvW|(pU&*Ys*YL>X&Mrib)S^(bW1b!<^ult*K-q}Pem#;Uu*H&rznYy6Y zF2j+-{7Bgw=0TysN=WT8CW5?QPgm7^jhZPYS6RJaf z*!vdBclUW*B>X#aoWQR2#!G}?ZaxQi(LB8GX(A@fB9h04?s z)v@`hR-EyNPFE02K4Wq=6`rWW8V20n^|1E&1lnC|t^Y(nBp0UrW=E@&-mt-BWhN=Z z>`_JobUy#314tm@ffs$4HkI4@Q5kX^Io{qcXGhC9!JJn;?0>0B&$I=Re{9B0M_I)- z#3Y^(-2e8|F0!7r&7N-Nky*k;KG)~J@~6Q{txv0F#{HJ%gMdUnv$VWBuI*6tvm#^5@qI8qJvIM}l8%a?km}m8oU*25*-Q+aRTX9zRFVu5h z4{8dpJ9dS0&7An13DI=$_kD2Z&zj2;Vl6b41)4c17Xv!|N&s9o*#XwBJF+ ze&}ngnVuGElI0jJ)%Uw^yDZq(Fk_sFwXdW(M|7UO*7%dn_$KX=TZh#f_Phe9#`y%X zD}U(zfzuj&M|9!aA+7`$=UyD@6T}Q+&^VTS`c-*FWPbb8^4u^6FLL}Ix`bjYON%hg+~cEBH7^S^)X4hQ$ur8$MIF)yOf` z3;&9WSyoa8=;>~TXnels|C~zB@JiZ!VV71AKLQ&nzlNqhG0jGHZdmwU!wm$KgudqM zyv9p){n#~Rl&0BJ81|rU-M(?s*KSAA)67mB^X04_Bb>LbA96XH@@gWP1rF9b%NS1- z?Y0sV6r6OW6z{S+Rb+ZAT)zk79wl7ZHZyl&aR~U-8L0;#Y7pn69Ztkugx5|qh+NJ4 z`Pd48Fo2&}RlOr2m+p_%f12&JgYR7r6;d<9$$HhkoLZA>;_QL?a}wl$Y+&;5_EX5W zo_7ffSYCh6K`Ay@S@~t@Ay2iY=yt@zp2r`tvi)OuE5Hkws2cCy zKf0i`X_8xPib!WPGNMXU{&pMCFm>uM%g=P*Th)F2z$|vhcYu=`lvI_y)Gd(lN0FzY z;qc;QHd)TxS{Rh`09owhs52!uD35J>%lzquqowH6VV}#RggQ}S4PEqBYCM;m1m279 zN8fV~$UD;{PUy|2>(Ar+pVdhr_>bHyWFdS2pr0)JHQx%c>$Hs1fYP?s^GA}Dn+uF? z>b}&iu0>X*gXKMMRG_+tOq#ZRzCQx_uC&^eKOQ-Aq@2ki;k3TbIl3L)UoL(!39?n8 zBcL9Zb5F?M@+ZB*23b(!K)4%0+CK@-G!rTVpnXz*^=XbotLur0f&qKb2k%3t$r>6- z3ShJrmV2$cwAjr2iedStOR7$O^ky_h16S8gnmy9%93wKtuwQCRYx?A%Ul^-vApK*H zpfz>+qjYZ6IH`HnpibG{%16n$;>^ZWeFO{LVa1>+S=-jKPx|{7=->4 zpd?0X@$DFeeB{mbTw+mq>J4={l|hXZU|DR;JQ!$X;KIF23yTLW3iU&Z#OLMArLnVG z#OTPw#}Dkj9X3nGt!vP)y$2^+*?Lt@;dow#CQXx-2!;Q$wGv8<2k6*2UTp5c<;$MI zuH4jU$aQcmM{)T&vj81UZNEFxx}?#8PcmCSmb*>=FPXf)xKQ^wvFD_yg?S)A+Ti7C z@Yr`hKnxh>W$=@>!|l!=KN(3l7h_VBI2#j3+rE3(9cGX|_TY7Irey`zJpoH_#@G0< zv}~7CS;t>;o{bgj1o(9*$LUx41T&YWhx-t##u);NtU_p7W1H-3I7SRLP3l7>Xb{yk z*w^aZ`uZLMUf{>v0!KcKD?8g$CipE6HY_MZCf4S&K(O(i7twr*`DAh5O!H|bU*<-V z@kW&31lQmsi@pceMjSbIb1S6Q*s5tpS~7o?ep#e9pkslALQ5OLeuu?T)ys{zPOa&T zjQNcX%4yX73*Fa7tAQ+tu@C_bwAC5024ug(;pN=?X<0+Af$+SE&b2`Pr&RI9wbw!i z+>uT63={{Z%?JgNY@+xXITgfkvhuGW;vTmvgj^a#Z|W(PJvx@L@WwtnO`+&K4BL+) z_X}0-ki^5Ng0_$ymrOclk^mO<+`#&)1H_D69=OX0df9|{)|ZCZs=~2P&>_{Hi<3v8 z7HPA|>J2k1|CeR|E9li9eM;fCK4sWWU$t`lxJX9RP5gx%Nh*q|PD-i}1ltPUj=jH? zHkD!=A4VIfE2!{HgV@}|7dcWk6~5z=&`N5sp_KV{jM}l74PzJWz0-Q9YhPD43Z{f@ z_}BOUOMFAX%qO2pczq#j3M1lU|4eYy$mZ-+noXH6sx0loJmLJ+;Pv&*#v79Qre`id ze&k&EsG4~B%>H9K+^Uqg=;ajlC(*Xj8Hs7^q3@+#^XxUVZWpfk+d44SY4lU$@#cMh z_IJ1}`2l=_uK{Mt&;SzC2)W<0n+!oW1oUTj>~#ln-i>|@*=hJH-Wu{-Y+_@Z{Nf>e zEoLNaSfXi=yp=yH+DAtX*?J1O#Cq+6$II^i=?~53))_tv`fI)6o<#_ukUB4Ku^1Ci z=H$%QsjE20t6zQx89*ZbER*#`HZxf@2Q0rvu6DQw`G@b_r@d3W7j7W*W;MU<)Da|L z=}!v!7a&lV+s!c;lMImY_rfKB6TG@H{zRMd{n6Q~UzarPqw;yPFD`b^TXf%%AJyG( zFhP}5Ed{3tm7@5c)mKXL91C;aRdyW3#IQXZJvL6y*Y|PVn0GW{5;kROI8o$wvI3u^ z8U2%6%M)Pg;y80M)9Z3?Z^>7h{Ja`4SimIhv?TbctySP`a|E#`!ixbYnT5tEUi^CN zNM6Ju2{OWA@vETRU-*V;Cx)(OEFqd+D1Wwi99WZM$Ui?*`FdrY&c0&uP`G;E@K0w} zXBD!s(k^W;cuIdW4t+JoIcF{#KxO4ZsRTH_A$n+=)sJByru^3rOR^38wBop9}1>o zoAtDt3euXKp;w9)Y;a$bBp=3IU0?7ytR&o|Qqy0y$NNz!D~ z4mg@mC^krK-rq!u7k2vsCj z;1*(&&R@`#y)sc>hh1(l;0Hc9_CXh}AL=O7t&V*||qCSqVhTtC8L0(dXk zw1YXdgY)xghp$r9r2;?I!(kw+H>f*(pwywF4lwPHGTStAv{Ib89HMsRE6LrWcfN=#8S{##jAhxQ z*P4FoJp+`)#&Sanv3ng!pI}wnP7PQ@GjJ|Tc3e=mHz>*BQP)1vXx1<~)GIAvkrU!UV(d0J$)|Gu z4-EJ3ql!DabWskyRBg)pk+Y!D zo{q9J(bl1RTbrwLX{e5;Qyv{|=Il6A(9>Ca$yA=*^H+6gX=dS8|7EOc23<6A5Kl)G z0L73^<^fb+=+B|t4tb9p#E>^WQUw<|zCt6czE+%<`aqV<@C~wL!4x0qV&1xn>z-k5 z=0VJqXOH(Qn}03X)jCqHv0YXVA=xe5SJd2<9Km}q(lp9Z!*4^*rb4*rbI0%zx)IE} zXvSD_I9ua?8K>NCM>C@*^=m!sz(Ae3Yk`R=YS-PE7MrD1sDVuvW)h>vj2sF7UV6~- za8=2CFq#kT29}eH)|yPLu5Bm5xspAf)x3c&kVU?UVaM#!cohG*-36O@R_iET=AIB^ z%VxE<4bpZGwJH2YtJ^lIYWVSza9`i@wdoIMncvZGF*S8aciP&Xinp2rkCj)CAFH5G zPQO`e=lSUp)rYlRt4EaQ=T<}>Q>Uvd#e{g0UZux?1D_GEiZ=@2NStr2?UUuceCJc? zE`P6g?@dQv*T-d!$hwZgqiQ%?(9d`c7-5uCSGu7kXtxO?1SNr_b( zseJFW#EWNu%$Tnf)Ototm;&WnSiMV0JwlrAt3#qPZ@P1(kGVv()+eAcF*->>_GA0c z4xMt8gMD?>UWYfg)AKEVTp^fo&L(vQ`=WmoGk|yN`TFsXdzo?m>ro31!L_8^) z8?0v$Kl6;f+FvHpyxgHA`&a@s;K=iK0;#O|p=8%RUW)qD->S(y!s;=P*6R}4Ziz3XJ%JN&EmzK_Py&p{vd}a@}!j2X& z+Y=x>wJ7b9IZnz&o#CvIuU^^7&KG~LH^G@1%|@~LS{e1qU7QEAQ&d}!x{DjI)T*r) zJDgy%>%J>5HG{sIC{jlHjtyi^uWHNYTG0bc7 zQ*}md{#fNH7VptR49>6PLQpAJhbbF;VL{&{lA(iTEfU#ZcIVR2QX2E>LM@$9?h;-I zH>F=X;-Jz`oc2Y-CruR1qS(%kljqvNK@<#&^j?7JsgpuRvA3u1p|PvY%CK?qH!SQg zpf;iBRFOTnN3(>&c^L05QphaX>(6Ew74`TZv_zA<`Mv)iw@EnjfB#a%pEszVvU5}l z;C!je%dg%4_JpKCwf!T1{I7p};-4h{OCb@lnzAJ$B6X22L!6Gpl5)w_f%E(tuDU-2C)J!OL385 zQktwJwTK+1{!u1hrEVso+2TTiAOjfYJ?8NHvIY(EN6wz~xQzHpvK-{cTq$HSlUs^| zBlfC}VG`HqE_+7eABfgvjoS@Emy&i%i>L8`Dzj2@X*ZPs%`lBXDO2jEccO|9jVrwj z%=QpBZc%}bv!gRutIV3#8Cwe8eFhXN)2mTTZCm5@i{o~W_HS_c!^$_UP#HcTASBY*X8*ja0TgH8^+-9{7oxI+{u<-r088DssY>psjHTNj_n%n|{ z3gINSF8<1-GIg<|s%+j7@k|rURIkSV)hrpq`sFt)k&_BJ5Ku^F*btepsI9191ysCh z=W5Z8l&93OpCk-d8yD5?A+RCiHot1ey!aX=Hpc7+%u{ImrKpaSN5_Dv7cJ`%&f-dn zOQeNtF2wl(LC|wXXr0R&+G*Oqf{15r*r-W^ zVPEa;hu4`{7DJJ`{=UNV9_3#cwxuy}z@iX-^3P!Re6CE5y`1UVJ$RV8v6;12vYL<{ ztN3LtcWYZqJ)9?(_7^qq*?33IFhFTNr=&#RWy!x548Hao*9g`hF|VGqKxqYtMzF!mpl?50eN-KhdfRak1l2S@ZqjWb&mlz;jGNg0} zgVa#NfQm?W4h$$A!_XrPvCjcqYhCxguV+7>?ThsSW)1&5&m+FS-*F#Wg!URuvbDwr zUUgjBo3EHs_~O<#HNjro;$^f3diD6#?Fd4;%^aL znBQhH540R%91Cl|dx14V^REnwEA(}rq%Tk5hot`*3#u` z?kg*;%OeU3H<5-st%2vt2hU$n?>m?&m1nNtgxS5p*78>Q4K1hT{PiiWvSrAn)&rt{ zs|?1)$c1S&yIz-Cyy5nINc^f#tyzga?pciRl97H6H6t?k_~PpKe{KjS_qKq9SXfac z6=eG4$0>IxHsvrZ_@2*=Ufv-z@v@$gs#_A7^8q881s2$vs; zPP4L_eI(-&*-oA=P4X3TpQ3(mu)aCTzW=aY8UB328eoha6CqlP`ou9$o49(qj3m{% ztC(a9dy|JOJA2mWE(>2#nHCGw5vG6)lZO+71TQT!=lSBn`;r38+);9eX1+0(k@`j( z)CyZNWzC{K`n27rz96^w#WD$H;kVPbSnqm7B^{T(EzBHhsc2T)V{Tf{tB__7dkdAf@iW>S=7*~GvpvaR+CN#`S zI8tHpVl6$+=9b#Mg*dE`<~S8BN~*{!4Oyr|g1WEaT7e+{OQ}ASFa&j%d-N2v+}4OV zaZKFe`tV}qO3Z@w&$_k6e#J^FdU)8}N^2nQJp^AJ=1!3_nw5{4YuvYww#60=q0@JV zCLR&<$=+&@8*H@Q$?sUy*H2b2YgX$SyHB&LNSJTezGhKC=iK!28DxX0!_D8byf{#v zBwK4y*6f!0=^DYv%3o#=7HqOqTKDH)JPw}RN@m~>co%KseFarNIP~(x`Bjm9D1Y)h z4bVj}nQ)tc4F+}nM|X*dtQ_K7-qdy6??|VjKc{zwr0LBZhb0HU#+#hF62i&~b7uaB zP!9UkJ{P9A0NSKWS<&@B80GA>4`11w>06kO!|n?j;v8Hi<EyR#gXe z=&y1hhHBo+j@Be!X+mNsZY(71H6C_!F)zr121M&v$}GvJZQn>}M~Xs0LQWT?~Z!RxwQAVOqvVhjr599StWLbSq3WA>eQ4(;P zRy8!mr<*t~)_pr?i_N4hRi)9lDYxP#KnTqO4f`i}tn@P(ZAS~89&{}bkeOMuej?K{ zG;V}$bo=R{dJ(Su5ZjL&e28y3I=V&WLGn+83`L~%%g{N1<1-D6GZPGkO+rJV4rVzo1$by(lphd6xJ<1(Uw`Pch^phQ+nxvdhacbA)nR0 zM@?jO0);5Ah4igaYPU&Vh;NHZ8-F}ZfNOOBewHxB-lXg#IB#^@u%%Yl4F~CpG)Q4P z+31^!Innuc4|;_C%&8vM&Imx$ffKgq@rQJ#TZ%D7jy24`va!&o!dA5kMa(Q!VWt5n zs5^WhW!~hIu`tDN8qdCxl0Xsa8(C3bQ^s|gpDIPZ;>!6Cn;vL~9_u%YBX$-1Hn6K5 z#Zz55Z$(%y_urB3unl3`JwC_P+pb36gZ-MU!#ID%r7hJd@tb~E&RSgqG$3udB{Th1 z_k0&cnp8a&G8H}jw@$lRl8}s6f|vV^C0Tokmq97v;}q6@n`6pK1m^nMAA#`@iOG`s zJa4ksCD!3FNxVKD*X>KbvrlL*(Plf3g2_N)IxW$4cC&OviRTN$kIt1qO1RMYUiYnd zwfC0#aUZ0-l!nw(pMUdH4SGVg@oJrsXmh5VXH^owqO=oEb45cG`|5X2m3KTa z=o}x6HLIkc=NTSR;Pt%A%B9D*r>*E?U}$DeVZ%-RAb-5oM*So1%g+Wb{G*_nOoNIc$0VN7Qjp3G0 zUc?L`NcT>CnkR_MncrD87Gavp6)w$>P?*UWD=PRaH8?`Tvk(xm##TDh9dUIZIbRx| z_Z*taxik^0l;q)E;Ba;PMxSC7U0RfqdqvWmAJ=>u{ zzBu?!QhZvbA@tII-c|ZY9}T^*`S1<3*WVZ-46~3~_|qJH8jD;bX^z$#K)$UG#9FO? zsiO+p8{A!{&(*vOK^)PR>JBmL!b3eTbXfis-42Uec$e(mZczYrN1J z+GlIQjUhn_!aQy*R66kyxl8-V3yK$tr?ygke(2;OU`-rEOZ`w8MI6`gw$k-?MI{%j zDa+G3jReEAp+-ea*}J-f2Rl~N-vw@xlWhHlS8hXpgk@cmcV_sVwvd!7kgb`mgf^Ov zG|655^xFJM!pFENOYjQz%k-4rcWclN{cGY`ks6Gp$s^KAhvayzG(Q zYeOO%lu7}sbC#-jT6q0FMpSsXXoT^D@7$+U`&#hf2eL!D-5cB&ye)#a({}ac#xO4x zjb9Do7b-Jk7-Trt}N-|T<{oN0>m36c`epLww9HuY+ll=cDPx#-2x&T?M zizFwxWoix#B=u5&%<+?U^-kd4JiNKndl&oXn_pe5nlE|iq2$B|ns&8JLnPx5=sakC zSBZ|AuTZ>Cjg=S2^Q8EHz=0$nbUkiC0~Waa$sl@c(t0KCEw;ddSP%Y#Y2aXo`r=es!F zgTEfQnYw+m=EJh(jX2+ui^}c@gpJq*K z5Y-s5<3}V_Lc*uwhDw^aYeckl^*t=8WhW8<^SwOH#*goR+(K6Lz3t~wM;F!7XbHu@y)PmK>4P6jO0h@6pU;%2;E1p(MEN-EPJETS$$*GQ;d(%=|rkx%4 z7F~0rbAB{{@nnZ2L05cChkeoS^V? z=ne8uLiNjm=Q8aRNQn8GL}q;M2|8&Bc07d(*O%HKbfnovX+owJzRzVMKX^Bj*I|sP)|-D;k-4$C_O&P`&g0t>`RH*#C?u%wfC>hAZC)Hr zeCtSpC@u1PRN^{gfBry;b~h#Sv4NU9`f^l238|W0BxtCyN7E@fmV*>u%O%mvro6`9 zOeAh=WrDk=;SrE-rDS(QDl1*7B^b9rr!6~Vq}r$1Cq8a#xqe3~eX-JRSM==SpgF`v zWQKFl-Bj@R&dcVtpBmJ+-<=Wh&ud3P#&`qdpj~g1u0?^Q=u2`M6_6?FaOigB+$1G( zPu*rrfNk;|pFsDk{s2<7$40)bdeX&&pJ1o+{r4!P9JNN52sS}3a|hia^h<5c!eG<6 zN0>N*K}&zUcp3jr)Q8tIux#4{}LS;IHxxWdevByhQq|SPSG{`t@cv>S? zw!aNrx)an??cg{FfIL1z;?B7?CD^USr|tp2VYY1-@Q zVOrgUmYXd`nxS2_{f>Yz-m~$3?st4`(yuM3Nz=!g^!49k>hf)-Z>cP9XU!9E&WumK z(l+Qx#bfc@DrM`bGF-s(Gu=1dQ@4edWYpwNb-f0ygqVdo;@)yUj#s_u8iDU3W*(Ov zeTPhFi)yZT=0M1;#Pz6>)wu@UqmORmYbjpD zpz2*^!E2;RJBAzM8P-R1yLaacjol6na@}Fmk$t#iR^|1)BaK9i3s?Ex!*4r*8n|RV zF|zmY(h%WGj*Pt0e&ATk#A$nA5Q{+GT^K1>#ZHTCd)4jS=LE(mf)K8?7tNRMc9r3aY*x zYc7RkA!+gEa_?uT(Q}u_1}Ck}j0EoGEs|(tfeL5M(5O$%O^Qle?)^MaMxfXT5)xKp znX7nG(&3*4cJ7(d{IEV?6x>yg-NWJ{4?qGr_*~ny!a{Mihx>$og7g5lCScwSAFEmR z0#*aJre~j4HLT0{-f$xj4og9LB)TrR5TD*6*sOdWqQfZEwNq1V&!G-Ym#7ni7u`&L zr~3HlDt<7Q(3QuSh^I|f#;-d$mv_y6!R`=d(9AnRD{%ZKP79b?Y>3sisN6%fdqrnZ z*p_I{*dpn2!ZvrEx|)4p*4$xk+(nHUW}bTw4-}_MK2_7Qc|BNv=*_o*=j<(C2DT{| zkB_(^G?$N$TlAm)jN64u#f?p9n+@&8CQrwVXE_d5g2CHNOy!WSk(@SdlR(#AQ{`uR9gWOg;b_vrUeD8@pRk`E@BF{89k~WDDWNM@T}MR8`(#Zp4oXJB`=odx5eTc=CP%qMvgv!zr2i>xvR4I6%yC68EA zT0goptGNU72<9@AlXq%z2Z%-HpBQ5dd7G+(%DaEx8q%{33wl%f-R8I(2_%x&o=Tq* zn?2Gy2vDhuWxYEIK)aE0R79e;%IDWU4}V!;;IgRq*7`1c_9T@fcq#rbgOYOkf7(V3 zQL>YNVpxLzbT0Y7a`>39ZfFAfkLpCQQ0e16$FHB948hCmCLkXYbHP3g=Q(_!fM9R= zISH^~NaQJ)s0Fxng5n42#gqu=$2#t8%xqmt(Tpd+c=NY3Hybas{ruNvOd@HeQb2b{A*cnk}N}$?7EV<#tccEOhk^;co zgMa*2AhCa(uGdRz>1o-2ENixi3OF3RpKgcGO&mCV93%dT?D=4O@zTDcGqAxvRFvi6 zT|LVbpR-vDps>;P-Kde|rH8EuQhZ#v`DO3KkR=_Cx1h$W7>e1FW}l?}RpUwNNww0s zow4^US4JB21&o$}xn3h^Do4S{mbLtk$^o+%3~#FW+Hn zt-~_8ORxU8VB3u}8|N09>z5Z6EfvMojMuCto|b**%h--ZjF^a^v+#%yEPD4u zL|=Z4$-T%m3sgQ*3+~@ZO@+Y+er)r1Xtp0%UYKj_l}_9?pjB7?Nhx$;_^=XtKyBLo z*Ud$ncjtDD%${CZe`x2`p})U319KY;-bB1O%~bDJ=?Zt{fLOqa{cha_!qTu)=6R~iO_AjBk}C-dfn zbNH^)(<^eeeEC(W9nX%+&*G%1UNUpEa9mNKVLo&#wn*jQgzx!87S+y_%Qm{O^bIX9 z2La*3NP+97AcI_7zqqjTH)5*o1oXDc;WAYV%2_Q=o6Kx=oQQVYIHK9QZ{u#z>i$C% z4!KQZSP7*)vK6L^ok)$-zH6Cfxm2DO5mz^^?k=G=*_8bcDs|)FD<6@^rQ3Uq=X_6I zR{5J0dO$-V!$j0|Ifbg*FuLP`)NA`UB+#ti4dn3vENGcGs`e9DX?&>dT*m*D6JOx& zvTY03r%~4Wg~pOZ@ypx8?acXXd=0c^(I3?1-KP~&_G#{=L9?!(N6}E0RiaH`xj5|4 zX2Ghl^13dhH70x+q^VjEvY8sWNXOi7VhmIbP4^K`@>7_h5 z1^mT+3x%R5>02*y2qEPXed?kL2;T13j(_Cl@6gVxVhX1G;PRTl9c)z z&qzJfIAsDwA{dYXVz;i|>2Ac{t1vHBH-pAjOUm%I--hhuJFV>M2KcK(DwT0NzoW~O zpvW|K2TF?uHFE|Hq6FlZoU{GDUsV=ZNoskM+S=YUF-}`!PpqTTwRz-OnLoqWV%+kg z1LvL(kx%=MUEu$S)GkipmGHHLA-BMCwi0M`8D^J zMgcC*D%}%lvac>V!nbX8AV@i57q^1Dt996r!+#B|f~ddT<_!8Dbds=)@NeB*m*uUv zl*Zmo=DS-hj=^Pb-7cSCd)13i>$I4>7$T;0WwWssVqpx2NgsTFiGVV_UbtrFzC-pyeT79Uo zn5}-J%)&rCDZ#lo^%1x$c3T_rnJ{s+$(>9eoIy3TcSL*C{uSb@FQlq+OXK+MefhDR zu4=XK6yC6NhxQlsg5W}i%uSKSaeLV(cFjDG=*b{iAElEgYIm2fX4)w z*LT;~yy>|2#<+A|dU}p@JiWTL%~NGB5Mt*37`!I?J6S!M;8Kb5P5|8;&W>c4gKO2k zzR$qWHSXAzkbt09K8<5B9aQ?GYpHQ3uOgl8wVh2vySL@fBoXM zK`T&%xm&;4$J5`I`k|PyOMikL|54sV#J;VK<4Qdu+4}K6b-C4F3nRbA{(Ou;{=Zh~ zc<31z6vmE27x3|Pp>D_eQx2aLH8$bC@-cf>^0GdJD8~LZIt)GOBL)qx`E8r#(OVckKK1JzI;VhW;zBP%FD{4{bOdPHP!3awKia8 z-0=jbRWlqNbA5$r?EahlOdkIz8NLKX zV{27o7pl>!h>QF{HAI1uU^m|Pv3u97d*sgLQoHSmF9aHMaQ0=^7);eqJ9Hxv`Rvup zaMa;`@5CovEx506sln92_`8M6J_nBQ1$wO=tkY6)-ExJrD#YzEa&Xiv4H%b=j_R5( zeH_!#E3^u_H#2d1YJTtg(PHS2`j=T|e26o}CPj;jIFAS)w3>y$pSm%4r*2G?@v5Ab zu!V%@6TwP+wsxKd6ca&OL|3kgn)cFNuU z@U#?ZHbPq{;e06=Ix{L6L@-tRPg4LbRsQIxHH^d{DHy3Ul(;(DpqtycEOgm{ z`)|F%5`Hq#7?%Q+pB_LmuIN(=|zpNf;ZeMznNVhiwLK7LwoMuGUdIOo+`#n>mg(WfTuE0#k5Sz zmk**BDz4TJL}3PPI_)yolLr1bSwe^1ogf_Ry-BgvZTm)%Vk56d=DN>1Dv}0lbR&L{ zjM_zQ1ul&x)7-^cRo{V@P1hNtoYIb;Qb}q!e!kI~eRRvP?&)hg$}1gI<4jLMG~38Z zpFBEZ5X-pK&zD#Cot(i^IE1ldO4{Sa)ARY_i3X)@fv_r0Q`dA3Awvg@rM*bu7L+Ya zcdl6jehKDNCdp(!@d9Eim8~{U$@(Sc_T=T_Xg+g9+--PSTqo^hw2Dw zaU^Z&)_%FyF&DGV$CXAq`(bbNYTVGu%eEjb6T&3Y3rJC(T?Jn5oCNs zyt`@H1p}2KkJ=Jz#`pF58-avqgwo=tAlF0#ZyW04sK@0=QiyYcNf#sCs4gdkWEg^0 z;*JZRa3NTdYAd6(*?%?4F7+#ruwwA;g2K8QJsT6+)?T1gOsR~j%um=TYe6i7{mJrL zzg*kEQQVByKrko~tv9x3-TuI7r?Ex#9gd-@{%D)C@MP?g>C?>iA;i z&i>N-P+BIGfzcY7)32ryDZ7zU;P#lwE+qx&{=)jIzzefabx_-9(ZPk*P7~b6EAxB- zzEH=eaTI-@N&%n>r|=P|;#x-@qF8U-7kvBnXk)74n)3bqrq358sNP;NEXrzHwQmf# z%GdB~TPietci~PTyHpM|*g2>0B=k(YFQyQ8kQ zZS50w>+y-SVY$e&jO!+@5=U<-MqmhtTlq5OA9#1`aWY{6K2sd(io^+NtO=Y#e=X|f z9h@6Eo3(s5_$kh|c>U*m`nw!#H=@UTrWNsPYx3i#3SqXVzEIa|X@yx|&t{)l+r|aS zL9$>5Lk;hK%+5vi(*jE?(-r0MMhI~60?UXUnc1mfw^C%^K5o@m=q%$^QBq>{*UZhC z`44PTw`lmZD?`i>7{4hJ1BDf<5g-sa7p+d))=c-t-K&?GNV_8S$LbgaTRq$iQO>cW zC15K9!feKGK$sn*Fe>2%blDk=-^)wWr>Lroh6k%WRS)OpvwQGsLiL)-`@%2#&L zm2F(+apQ%f-P2#t@~%d#QW0el>Bj{zabB&1H|CUV5=!c0>GEZZ@C5R0sLyi}G|HQ~ z&d<xQfx@5w5ZsEX>!f(q|s(H8=D17sYyomxh?Dx$c?2 zk`WeaqrsmHQz?&!HtnmCm~6Jil?NFh2S6XKsOC#%Nxxf&`*4W@>NA zz92#a`kG;It5vIQSL^&6=ejqK0_myZXqY>OZ$Aoe91q`NPb5eWcaoU3gV@>kwY$(p zC*2L&h7{+Ee*KcwNxBzqA%Uvg74YH3gDHWE5OF2A`?hkms{5rQE(I%#GjzTk!2fb; zMw=cu@~9=`jku`+E1%x}r!(5O?nAkjfARh;fVjk1l^4g&!BjTHYgsPA_v`tVhW(>*-u9+T*K^#F3Sm2Xg1W7B6sa_>)x9I{JhOD~eM+TP zkHI}Ov2uoG*wX^M=$q)LT}5w}iK0?yU3G|n%a)a*6sEIKKQv?co1-&P3Ekf6mz=fL zjaI^WB?w1}#p%)Km4{fH@gj~NhWUnSJ8-#&e(u|?`+4+P64VQa`;LdojHz%iE~R@yWT zidFSuVo+Hx)V{W{BEa2BFSq4rTk1QS<76}qY--*Z7UG1C1>#TjeSHi_)@4lYt?!b~ za5`G&URcQT3gvcqagzBUz0ny3;{)I3)Z)!jrq&0IOiMIEmr>6;kbb}OK>A$g~I$C*3b&mi?e`3e(i4;3eRsxVu- zTF{AJPs;k&$hGQ&&fNVDLMY-LM%D^@Jx=iPZ{2}(M96_bmNkrWsei%#q1EP^R7d5x zqvu_+`yUS+FuXFw@giKnNtHK9ajJUsALinpG%X5r-0J9Wm+I%>VBBTZtCFGlaL1EG zZ6OXi&}=XQGq_q}KfAG(t$j-obekt+K!I7_V&Y}n(wsVH1x@rueI}5gOB_qkl_tC@ z@%{1>$bxP7#wa>{KkR^;zb^vP&?-RtN^aEP0HacFScZ;tF?;Zz@^j|2gTk<Qh z4;KmfrZO}d3vH4TJ^ZQFb{0`*v`+uY*F3eX`M8DW``;IKI7sTBl#vJsR1H}iKDu%T z!mca;k9Cwjx2k7c;gO>({@O_Te7r`TsF>sZ_;Kjt!zwtNN+rmosS;7QZ$C{qx_J2i z@Kc`G18(AwBp;*0@-IB9p2Z)sB-#J``elzsh%?Fj`_TV)#wY2xGPtDo=Ys_NnaYzH zWYrme{{W&Y;vhBl_p!QYr~KorO)#zje);ZC!JnYp6mNztD)j#aYDjttIykapl6K8J zOUm<$bxqg)5E-M?@@u4XwxjR& zi)wkrc}l_G@B{@W=x8xH*oIYBNk5t}JOF(L54~&2 zpjfh276ug;Yd46#wR0VtSKsj^7PvW)FcfJxa(F3-zdXzW-Z7`{R{UEZvH;5r_(1ab zGVcXv(VBhQLXX51o|XsPJX$x{A8hWBZm6*ydh9Iz3W~Pzt(%AYnNAR-Q(HtWBxM>f zRxNKmfgy)v<8V(f2f*{`_2qhZJ|FMcoU9sP46r5%xIyHFg(=h7=-aVs=REga!zzDt z@IWfhBjZM*L`tU_h~i*nu3F(8K0HTOS`BX738B0`ULxBRk3V4>>+`K^X$SUcA<*aqd9!hWueGl z{k6AjC0>?r_bHuu)VsY#ljnOOCc3p)3pdO<2TDWghjPe_aRdwWgFm+8ha0g~)|1VM zY`2q*g5aoJv3kW7(Bgtr>Y(5KNm-$|k-#VCWo|UL$#k&|B-?Y#f+g&&A8BW0i9#u& z0xT&Hb_AMbfSH_W8vWV7>MJT!W>Ze4`nAz?jmHsb{h%U9br-gNu}&{CUk{`jtk#k@ zF;hNfW)D%sM9Vcj2iVU(&ttJk0%8SA>buKprbw-3TXW0e_4;O~r4}`&a8Kky#6&BpJK#RL*2LAejcwzj{C-wO=jkL77aI8Ek5#kS@WVPzJN-4N4E6w zz}f9C-(kQhP(IWjE!1mFio#5zk{LhD$26Mrm;D4RyyW=o+|PbSymhSU3VDzs0Z?F% z!}L^L0scSiB3rb(n>1ab{-d4A1Pebky=XDw=e`CMze zBmMoL`;RtdMFvdyYrJnm1(SpwPrSWKWrb0tS0i6WW0Lmes?W`JA90nQ^2P2f4uk|< zZ*q2j|IIW2xrD73*7WP18?Xe$xc5=`Cw-Y3+Dl}i5aty*&I%{l?goTf_>f+%dmCZ+ zp`1aaNrcy1Fp|d`I0Bh;jK@!xM;6TTVtO*bLscrV@ojLwgveCDzb9{-gg}&$qwE~Y zJF~jM7K&X<$w8zs`qo)9zCvX5DvPY9>v2!5P)*Kf9^1ZJpn)lCiiSj}8N>81~*|6D40J*N8LC7xiw z!PR~CP#_67Km(hpL?YRwoO&>&YI>ZrCFe2R!m?+*7G>W`Z+1e)y)1Yton3K=#;zC$ z=b{|6CK*1p0m-WPHjszc4hh~Re4cBT15uFA4t_qdL0TYwi_n@Nm9g4GsYN|9E^#}j zycS!XB+v~|oSVtE3B?gubN9bmW&|0(@&z2$->%8>-nEvICiIiNa?yt`ZX+xf>4JADS zrRHY&>7lE_e($UCONVbuNpSHAu@zU}RT=Yw={mvlmDi3pD2}7bs)jF{(luA_9YXf~ z+0QNVE4kP_Q@?7audu1p)F>}go|eloG?}Aj&lP|i*(c_~LlWrn*S9AVg^mmdFF9*i z^`i5BCelcS1i5P8`w+R%v+CyJfc|a;KmC)%o_42O5SW1XHZ%pXXsv2n-+EszMD}FL z_wF9DTY=F&XnHMRX8v_Y$uJ@qP z-MEv5TH~LEx=?|Ns>s>#Z#$p%X7m~Z#=fY{#;(Au`+;eQy9pj_=-FZh6&Fk*jPr+{1;&Qb zI0i}NzW@h1kN*Sn`X>tePn~N|SwJW#QuvM;#HQ>3Wn`PDG!KTBfB@~n25s3IkjA(} zkI>hn|J$E@u?0*=nal#@!SVPG6AH3e{#twC$(W?-n<9Vx{`-%peg&GgevHjhTzrqN zlpElJ>{bP^t=ldCiM@`ecJI~0IYu@f@=h|GYS>^BV#L;7sPjNjtW+F-mn5Ig2gjcO z7#WVc-7zyW6UBZlRX2tn_DO4Vz5e*Q12}Lj3xyuuMe|4OwUQwu{sKDiQ4q`Uv?>ga z5fRi$ZYPk=Oa!l@!*5p)og8e3oY>S2Jjyq_4z_5KN%Sx;}q6KA+#g3EZHmm_b)jf9v+q)h5H}{=Tx3riRhIY^%D0)dGwH z*T#b2RESx^P$J`Joay529pw79qgmD>+xl*hVv-YokzE3Yb!>gbMwQUy?*%LV`sUc8Yn5)VQA;sEPl(+C z!4TTlPHa-ajKFnaa?7-jXB)7@d}0@umo@!-@}T44b%VyR%M%D3PH>PB1v7yR!{SHN zwV^-A#-XYyEcRehYi!sD%7_`a&_Pp$0oLPVTd1I`%2P4FHZK{ObGh33sS+L{`4Zq| z$06!a%C9BQ=X4Bha+yW4*poclhArcgT;aCuyOy6iRR+#JaIu>JU{l;s_*k4$S@})U z>Q=AcFlXtFEJrX!eZw7WMW3|>mFqKuWKp==c0fq!@W=&Buc%-DUXZkKrIsGEHT0#7 zx?LDk+qgR^47t=}^Of7r<0g;R_SjUZ*)|ZL$~^}YjAPH*S$mJ@+W=!swhvTRFi@Q) z+cOCBLYFMSj`J)@>T*ipjF%I-3}95VkBdjNfql{(7?AD#`!jtyRO~TxA}GeLPxh}S z`}k!eyHAe_hH0R${Z*ibi&t0+AamNpGYJg?lkC?p*aHU9*ouMxK7zAlWmU^eTY$Nx zPs$c>5I0n2r>v1Kp2z6;>924OnTnRCcsYj(rsMa%GfTWXOFxR+iHAUCodQ}T>1vWL z!O>D*kx2%*GBUW2l%`h1#57J~6t~|ikz}LY+?3)^Blxgb5FxFIAKeg1p)7Jei|`fN z4PVrfezhx3q)b$S6qd>xS$1u6!pr7C*p;f zO0s9>n)I>d3Bh=@s6&s$b=rVJ%d}W$7whv`A_CCa{oSO+Q+)7CFQ2KYChJ>2_n!t; z(?C`h5A~&|-NaIFJJGtHSP3r+?0pAUd((zOH~+H)sYLYUShe%Pb{|h|tZWSdl!Igv zlwL>f*{4yAfcC%H9YD%=YMs|gBG|7um++v#&Gw@SZqSp~C3?cnvH5tV@3uVwL#H>w z+jheGPZL^bOT@iP`x2BfM$ql{v0pipx=qUSa=Lrjd4b@Q8C5mRc<@vC3^Yd!bndy+ zuw@t1R&GpxbM(qyZlvgPkVv{rCrK+}+b6AmPi%TW0en?>0XRfZlO5X1yLUfA=3LLcY& zOGAZw0k&#bfVn^5b>D)ME*5Ir~1;Kze@RdyKj*}xpdR!Z_NN7rr!5V!p&V&x7tJ}cCV>!0sxWU3rT%#BkG2o31WIkS9cuq*eMr_&vaUswkm%OeSW)2 zQboMGb&su;Y|>&$)2}FC0_#+KNJoaPt|>YiSWo<`EoeI@V%y;ILN5AKoI?8bB7WQS z=8Y&sr$?>w&KAj1sZroqQJ+uk49fbpJ!uk7Kpgm|*d$dRFB_4My3TO-j#j5694Y*V z1Lz-bL<5quSm^v4^APtJ+n)oRqUVLn#*;W-!KTnt zW*;vUkeobCWO!ttFhtvg_u2xk4fsF`MT}o^Ny<6Brse{$foZ)Su~P&Vg+H$)xGfls zpCQb!+<9%z?a_t&HBKsa>B4bNcJI9Ju9bAExX&U3i~F>>o+z|cT8m$^vPyNh)VV?fsg)tmf$_j{gvpX`mv1)N=EbP{trJX_vC2xU^wk4)6C$QiR|C8gV zpu>t?BbJyWP^j%N)D9^DChsN>RxklOh7>@sMHzo?suR;m*CBl#ap8}_XZ-s6P=$ss z8TW*azkz^2F7zKp;s4*jzvb3K(LMTOEn_b>0bh1yNaCDiJhJ#;DF1hDrbs0A;toE(kUzE$pG$rD z-DxA#$+=(bZ3P%c>Tc2^Cd`44O1`UWewW2@q^NGAmTg8 zcAw5$iCa;rWu^fu>ql*;zqR{?VWIZ;j;${5{cVn4oUQ(ZaQ`7M7;@CvZf$oiJR10j z1G5aazD6mpfeAog^R#|(KByKH2D5W7!U!Z|$#`dH%%*Xf2+|Wk;P@*0vx1Opo@$j@ z?f(Rm0*QCfHtig)eIH)~OD&{p`<#p&;l{KM&5q2)kk@dZiI7;;-fc$MrxIPrX5Y8d zbLLyCn|Q4~ zqvV0zTFVf*rpPm5+Ne9GQJ2I0-MbN<3rBzQ#OUYB$cza~6fbIgK_{7}FJ$kz z<&CDo{3?*@HDf%!!nSaY80nIUWE;Eb!&gu~|i+{nCFjKcPNMeI_Fexg{drZTCi zAN3V51dWlb#nf!-_+Byv$3K_)^K!@Ol7WR<%?~VpnDX0yBSPgq5{26TL?7#Q2H7l;X9PI?5*jbM0xEW6xHZp zs4qF$sBGZntz<}IG*~xbDT_XZ3B0#oD)w|)2pf7;c24hQ*d${kq%6EN zcFT2~4*GT~BAhwB2Pnb%stJ>|g=m-|J*aG$VPd>c~@!aswO}z$?5zDe&vBl%@3wW zmf7B_6&puTNK^*(H3q#_(eSV^%pE=TXYy~>c#=uf`Zx6#5upLQ?kaxd0ITuH*sp8E@l-}P>he_ zAMDlsL?MmFnaUFO)2`boX=aM#Zl;0>!0bUnbf{_n_zmsWZXu)=j$8&el9In#;XI_O z=E97+D3HhX?Wz;c0bfj7;$Gm@P+=xDT!Qt;#9}Pe5GxW6&eCI@on#8t#gca2qwK_WijTiJhRd46<5< z={sL}RXd;%^UKf{sugGbabAf}RrIEi^_9CTS)&zft;%#l3;xrSZ~CrUPe|<>0s-KWkl(|-8(&%VV+-B8zn4q- zUSG86zDdSKxsMt!*HW$Iz4}a_`jI6h9a!Z|=E~>_HA3Th@}4;#X}L(%D20W8?-wLH zV884cwMXiuTH3kE@{M{hJR(BY#30{IQ8U9%*``h;GhsDs38yNTIcJ^FWo z{Uq$ZI;q$1#v7I+&sR33V@Du@1%J8i5>7StOIL=0!J@WFQ{n}@){=_o;K{rBKre6h6MBN%R5GHmF8Iif$> zs%Z$-e}b9bZqv$NcdtO==jBnI+;2y3D+X5%ygdAZ?3Wr_Z_xSld#Y!bT=+v#{>$hb zx_5cNl5UK;+h|LS;$6(jTLzclNNXeJ+*WldW=FE2uz`? zgG6To7!-tJP8Pq_7ds1uR35vV`ChSlyXsE>+CEXk`G48!HcII{{rlKyAeFpt_xw?> z+l}mum55%?gZ{hdPeIcldUlzhnk0iEZju6oXd=Pf`DuDUI1xAARzR|Hiw4*V z2Kb5DfTSYu3KvV4{P5U*3{N+tJ|%J2&f21SCJxB zkX{v}_bx4nf^Xe? zx^bhYaV7R#@{n0yO`^gqnooQ&_Pm?6^#?9a{tJ%@Oq+8q>UP%u@=8PjQZGO&?PVel za;fMWDC+QG=%jK(KmTp{enBJ_ykA(mK@q{a~QAT$6w4E+kkFMCT^chBq`p#Q|m2Bg`z{Dtg`F#eypHQ|j_4>qmDOt~~o{uQ& z+~EIUU`4Y&Uf`c&NhFrD`bQ&6`PIGDNiDl+{8G&Dy>EnnqkaQ<6$02LGCC_&fQBMwhO#);v`;d^{eB*B zO`h#|7p&KXMx?FX(8<|17^g9aJKc>Lr6WEMHz~9wGtoBP{n{OK;ZeQtKr(M6z@= zC$lCn5qfj_(p7d;rs^?&EH*hzNcO(wWXY&s6*k*;Vg2otj9J*krV$GC5opN8nF0|5 z`VUPf*8J;)gxwU6eY)15?8Ld*K-rQati98(>AdfCK}exl_*a9VfSn+-D?9g|8i?O` zc6v5+E>f1Zb}jWo=%a*0CLz{O%|JJ;H&^F~h(U6{@%a~rQ+&Si(jrs)r=k@aOVhxU zbc)a|B7r>UzFQMVjpboeTJzp7RcQLH}kM7!jRQA$+rb=2m(5% zg5meP>i8b-PH63&$t*!)^%UX9a$*{zUFb`hre@8P$G2TxKCvw6!Y8TC9oWjw&YBX~ zdNTwBz>YKh4DvpECCw#5^3tvI6U|eO-&=RftOOr^Ea*2($Q}6XD8DzWfEPIqDfM#! zL$1$?i_Z)^ogKTiwoCd&ZvbP!bz|CncYo_wF?SVKX9B z8G3sG)oGTpLCP_pI<54peXaQ@<_r4AXGgu`n2j@hjhG&rBshkwA`~MjFJ@;reVzjQ z0SVpDAd7!gr+vkBuN`qLD?bD7H4C^NY!csg@wHL=JGX?Mk1x**r3og#ocqVg?E_=5o0job|w&O6ui7 zqt{6|g6O+kASkY2RhhEM8FGHzd=8>>41r%|#@YrpGx@Mon+@um?z{7AR)Tg5In$Fk zlqZt^E9a2SkW{FwHXa131|)(JsLA*-T9~IT?-z?TyeW_Q@)=Nl$`4xuocINC-l_Ul z<)(#~y1=QQ%-|GJ!b;bSCmGPq7a`&b7~WQ?Kv(r1VA>IH3VSN~+2f7COvU0V>LsVt z=DA!Z=XnXdoRi=#QlFFHE(o__h!eRIOWp~i9mBN+T1uaO&2w*@5uP)6A5WU2tIzA8 zs^0g6#varZv5g;sjjuZ220sa;FKJeV$RA8*@}DG!mG^GDVa#Idy$jSn*6Sa=_E`r? z^Wqt6Dx*jsEUX>-Fltdmwo3WRA*jg%vVeB^X@WEScxr-k6#R-i2BbL>r6ogm4-1M{ zLh&7@V5ejE=pnGXrhkk4>41Ci(*ZYg-uJ=mn3TE58m%H%7PPTWb258Y`^bZWmhgRJ zoa2@_rBBi39N_Trc{KBH|64KOf17p({BM7s`QNT+)bv1sUZjIiJJPj&~Y-9R&?%FWzT+2DI6mH8X_OEmbeuz9t)sy%1;q zm0HkeHSg{uaFAf|F(I=1^|9m`@w{5ObvCOV{vjCY0g|z&lb0_Y2AK!}4N2n1r*BY` zzI@s3^*DviFnV2eK*Bv72ikjW3yw`s5Y zsm7<@Gi(X-zz@T_wj@&D!#JBBG@q4Z=A0z89ho0({)2+vWtmP!NTJJ=Lxa1lHa?FT zqat06=s3Gbq8R1(I(H)t$r`^A-osSjZFo*W`||f^oh?ni79p4NK@8K7N%{m(7dR*% z;f~R1@RnY#-=Es?aR>UFEO-xB>isc?0o|cyk*%PH!&Ir#naU@V68%BE?=a`USH1>K32nJb6|+RPZlcXtE5 zG(}wMJ;tP_>!Mb?3Tl+USBISdSu1K94~~ypz71yIfDWQg&9jp+lNDC5N>!Ar@kxiu z!4C#6`OaL$>at=>>BT2W#yXx>4&7G|QJn`3+kV<7(N!fQGadswY!~%OGF<8-YtPT> z!DX943?f>Nssf^5&w>bqMMBX>?C__S3vrP9xk(Ua+uNl$n=LGmd`=-d68{&;Prnz? z1QpeyBW@%hYO)11O?Axs9_4i4rtT?ayXKR;9}eZVC`nMn?4GG5Zd~!GM4sG?6p4-D z3*ltplEH4CPdQagK=4Cv#p02e32+|wUCaxJG{$%j!b_%v&!#B}Nd6&IB0jxO=;`K6 zI1y+D<28On3SJFfk&~S3p2MT@ z-`6<)dpJhXr~u-CJ4+zO8~VE{ypOuHo?&{OP(A1U#u&lE0ENU-X3(Tb;ZCWJHJ^O%UedT|&LN(9h@{rE6)_ ztf_3I`GT=qdvIeP3qCskJ(A79FbcENB*J}Rrtid%U#Af%6W&8Z|FO8hD@1O58Gf*x znaL{)B;9r8l>qVG3A4%!wJS|?^|zW|0=_DsPIo3n~#o{M<}B69tGu zUx!@5_L=MDhax$c4WGt&d#B@S8?$^**ZfzEjl07t;++c%Y2KL?oCyi9jWq_IAXm+P z>LHHX4M;bKo&;R-*T~-o34Lxr1<+J_B13;1qb**w?eOjU=9F9>`?8xKt#}&9An+7q z#rOmf&lWSuYRd6JO`oAjr$WeABRGP4&uWz38a|iSSD$xt5{-_+F zlA#8ON(Ccd4evq^-rdq-SC?KwbBqpGkeP)4$gNUka{t_$nmTDthCUuyl)xPr-sF$! z7`Zqwq7NY5yd1$fAb=fWVq;U~0J_kNJp8bcnP>cBDBdEtykgchF#aqD&s^>MNehZg z>prN>?m#&;o_o6DgvzM*O_5E6Qg!-S7@r;>*2-^H?}tDt|AnSHmr;W?DNh4@!*SqL zQ%UsQQG{aAZcEDe+Ffz1L8_~*g(v|qmciAJg1N;RX8wh76@Uhk=yi*93%56Q2kpvG zCpF-V$sHFeXB8dUj7X@sJzb=o5dFRro64_KVs(B=Ndx>$)^?07c3Lh%@1{LK2U`RI zbZ~y9WT)088mO**x?W9KPMHRHB!2W-yxi{2WMh)!-o12S#EMcfEOy7-Lsvsl2v68n zb)VwUmg2$Do<^qgVZ*6u_|>XL_iG?yweR1)ri@vv%T1Wek;I6cB{@&}#rOY1f`k7X zXVOc3IyncHak1e{D-Q*Dm&Q|MIpm5$GlB0%h{y~BP?tA_o&6*Br1S90DXPp}c-z;# zRm9O5n3?|;Eo7JGr*YzK8hPe_(yryB!BIK8RFu5s8R0u#%j|lau(PW3aNVZsbp+6B zknRLIp5%J*NQLQVJE8a7X*#GP7CPXZ(Iq#0_|}y++3U~0bUb5xEpNV8UOGmk+wj{g zWqp_E%bA|j&Js#-U}4=#8tm_A$SD~=KOwz$`$<^0zF*9FJq>eDUT}?LDF+=XVrN7> z37j`3_js;Ar{7A13OH4Fm>jWM2iiKA>4~*V93ks{CCJ{)AzXaV$iN>GU9#Ia*OL~P zMhQ_ve(iv9=}Y7aS4q~-7S;t^k4QnjK#Wq$#qgyQxpP!w6Q#Ii#RJkQ?IkP$SOd?Y z`+`;3V)#jy@i#mPJ4_aObU*D&4@ES+AzeK2R&hQkk} zJ;u>RDM8q4M%k0VhTjtcWN-5njQ3kPrKY&nG$J1(IDMzafOZ%@di`+a{a-00+dN73 zgZc9@^SuUn;W&V9M^e`8i5<_yVVE*QpcWx{&^KuX(L!!7>Y1|{Z(RXpPJWcT^Gxyc z`Q{@;_Wg=m3AVxb_pZIav(L{pTMN4N7X<499+ui}`m_Mq z)?^8i8=-w#c5ERG{xrW)_Nx9mA-Pc5j(CH@jzbNLD;7Vt#!BI<@L4^0?i{-_kLJk2 zAf!jj2^1oZ{R80Fg~SAZ3rF0ryBo`Y;w^Ls?S5U*Igd+(XXFTg>CFcIPd~O&I73b=7iD;t za0*B?XC|77aHzk(%(a)My9u1qvGdq{oLY6Hb3oX^+e6Pb6orS@+9KG8Y(bn&tL*ztgfgdPNSq7k98HwP(l80}iCPB3))P>3pn zU32bB{na3px7W9n_O-I)Fjt^cO|@bElM1=eH3V&=!)fDZbyuRYCVC$SBZLhyw^VwTom;#akl@^ zM-G%=CzNmWG8R$(gEg;wtcR{t6^YCCMijaGHgp>NB?mvM$ZqoQrV>qG$TAS(vF?X9 z@9t7W2+x}NVRt|%w{%SQLXh^}J^?*yl^0h*0HkPOeI^uiTsfwSmWle}Cu0*!zSyeZ zj%PRCPG%1y925A9khCgK$Golh2^SBETwo|KtreFIOqmLmjN!5p|LA(9OJubMiZ_T^ z3G9fC6J@bobd0AMphKB%0-`{&u37R}lWo~K!$|%2zc}Ob3`%|8Y4p6^9AH*tH4H#5wwmnqgY7d0*= z)Zfu(2;gLKP==T1RK;w$O+jlMjt+xpobOx!OHqYf+0d^Us>h5|SK2GDraTz;?aWv# z_VwsI@~z#;EW1iq&$d*|=CN;sIXkQSAh{4oKtuW?Sv%HKyq&d#7FP*AraM}8kSuXV zIE$j+X=l@PFAf#!j@4{`q9rn0P7@E7Wa26g>a;JhqFRXyJZ7&UE=NANTtGsk!;LJW z@xJEb?vidy;~g3#u^lbrIRTXpXeB)X+fe#R%#2f$!?fn+VJKnHyY{85bxjF|tMHeW-WneQk=@zO_ zBAnna^<4K8B$+HA6gzzlE3hKEjHs`~{bS3fZqLzAmnctX<_9U@9eB-JPI_f~M_uOP zRqAe+BF5JJj2NBr?H=tRBCmT<+g%RhRQqe>y8AK~H_48Qlqgc?VniEwC{LK;lIO;5 zVqW86FDH)kAYoGv)7)q~5R4dJ0j;8-I{aq6_k5-6KZDHn=%KYF#S;WNn?&tlW`dWm zM{`G-nze5156>Ag{3v7dso+q7ak|^GL@C^aHs|b9Nd}T?|40fnm4m-6Y}aUkR4K5A z+O(#2EcC1Rc{5jn4He-o#ez3q$TUyx+_pD)VhrxaO8`so7+F5eFS_5XR$qNT=r9Bb z#7;XtJ7ZoRc$v#gwZcG~0a0;*c@A5Nrma@dF|w$y>#0^WXT{{g#i8;I`*R_isRUII zwX3%GglFiVGBrV}uUk#KAGc_4pj$|X^y&aR(!Fl`2ObRb{3g+TCCgzfCH9$Xg3jfc z&QHRYEL`WNOr-_c74aMirU`g&kxkavW;@rE2tJ*f&!g9;q>NKAmi*fi;&i8V+1zM_ zMGNh*1V;Db&h)(>bWni=Me~FKZgr}8K~ZwSYPj8YBkPMVnWvST9K`h2^`hb5lKHN* zppI=SU5#WoYrRXRBJK(0*#*kIsVX1Kdb~WUiZCwRHxqJvZpr-R66)8cg>#Gp{bhiq)D+U^)ipY(lBmOc5!=%HIzm-=qbb z+^bl|kI?rPgEycSna*HCM`np`l;5Yqp+WHk&J6dj0e6J^P0#8Yp&UdY0lDqUkMQOm z+;!VXTM`b-Cydffsofu=p{tDPVf+a<)1vg+a$Y8&<%5^-q=>)bzyk+K6j^#I5Pg>NFLDT`%;FBEv)7oG9O=;LKP`k z6!`*a26e~{6LWRjctN#8Q|s?YhZ2f7*Gt76&ua^Z@R!H)s|$suqPO@r98Raf?eGmk z^6htTTnik=6=yx!pjEpcF~!_Ic8|oN^+Tf6Cn;#Ibr2=*qIxv9$kc-!sc%5PmBIe+ z$2M9eALU+9xna2ZoF%KDrxJ&)s(D5UkY|xl^%ovA&C4`l3AXgRGJB-V16ERSHG42d z<1pnR1JKeVojwcl$_lXi(5JU|F+g_3=AaePw~vh)(0!zG?#X2;rEGWQg9UORpO?%Zdq`8iy1 z7x3(lTqmnU1zlO=%&>J7Z(UD4p}PI(UF(JLq^s`xgrZn=i!twnn>(7a_F^%7B3$>4 zywMSjTSZjSMfXj8Ide|m)JF-vxCWLIP}9zw>G;^&kT0(lxHXEpW;cY7Z#4QGDv8xL zY{2{iuKQA)i*Dsh&<5aV3uw|Ihp~X<_|461E|FZXenz-ZD+zy-cf)l{AoI*84780x zWNWHR6I#A#|2`FI4ZI}IR8;;M9)f2GTm3+kG~Ftmb?%Cm^Ib zn5j9IuP31gh-DqFU$xfHqzpB$GEUTS&97| z>>I1sOC04kmHGKr5-yz|o>*uSoQnIV$F82;He3`pd^(dpY5XSw-e((4NjpWrf-K)t z%VO9m!xrg~Cjj_?+HU~-e7Yy3>B?Yn6GgukLX-87=_sZ0)<}$_PeM_K zvAIEt)l;3}JM5f{);T2Ta{`13HGB0>5!-6^dW+)Fl0Y?q5P)lC;+lk2yaWk1^H zxHFg3EI06S(qvbTmo8;>ju1|EQJ~hx#W!*ZDBM_w*3?$e7S+nhHN~_VZiY%h{(JQ? z#IJ^*QC+B1{ITO09v<8vW+QWxx>)4hG)b|qr6lRMI4a3F(`n5$Pt(>0FqBTBQf;S! z(;53h_vocz%G5U{n4#I$@rAnTh33vj-AVZ4kD}~}GC(S)NcxpBGqADI<3se3o?&e) znzT3*&qN|0hq|;?h<31|PkM|+dwH!1tL-5l?cc`S9PdSTW$fLW_a&eE8!gD+)%dcw z<)>`^y~V~~(!2-Q`AUHv&`gwLgX3<@8)^-TS+)4|&ppTZHWTB-G)%R^;3lP%5}CC1 zUAFDVe7w=)Yox+>pc{G*2oO|QL-o>asud3sMonq zb(Mo;dSqAQ<ZAML4v2%ls2cYR(QlxSBv^zuo|-4pXpLuvpBdQ!w< zd~^@uvm9jePHV%Np6*=Ew=kayLc4cO0C3X|4b+9|f3&8&#KB=x8PEaUc^!N4j^3F0 zK>>iGx1qgETy|<=BRKD=TjjZ_gQ_yy7>(e&@OxaLB`?296pHK``1Er!;jU4ogW029 zD6_$LXtTGhv(Hw^hN-Khrjp;ku3lIp3B@Az!@~C+_FJEPV|5BPN7Yoecwo)+E%uK+ z2eFREp>6pt9Dd8Qm~R2BJ5}l;ausU#VQ7Vv#KBAVkJ?`6lEJ@zjNm7z4zg`*cZxu2 z>?R2b86Q@KJ`I2($=^kFy9fbyrbH#@d{a$w$syZcC=>CuCF7CLQ{=RClknVB)8AtqkdNlsY5O`T z9{a7!Pd0r0?rIKDQUKk`xQs0Nk;c6>IvFwc$^Cer(N!Ww&2+VKz_6jH#47w-6zFWO zk8w(pM7@OECb^_6*;LMN7|4egh8K8I@do0yKfcj0}u7=B=7WKa~8injN^~1T%_9tG>(xM00(MHRlL2BCHDw$RkEtd1 z-c|Q&pOvZ6S-q-id%+()q(Vqj^q*~LP;q=e%<;(z69>wT?=g?|9Ti1($>Ec+ z*(wC*u${Kl*t>_JWM2RaS7@z@Zw)NfF?Q%|&r`JFH>e#T5Ar=SJr1{va!RyQqvuW| z-7r<`LO8~VY)ePoRa993M=}Za7Jw#41lohR%f8Mm7s;*1`Xz2?QQd@u_ai>tDL6`1 zmINmJiXeM>kJq^*zT~gEOx_^GOR0*)XGTMkuqs*`tagI^lbHytiM+?#%R)m$=l1EP8+y2 zr_4t@PQvqk`a@H|nwc{$kcrV$OY->OBvrZM6X{8+GUjOS(`r6p-C$U|f)A`_k{_)9 zGOsx~y0b9kvd7v9ZE(Cj@uK;Dzl)8?u7<|^(M`Rab6EYE4q%FugPCJA#bE|M`&{58|aH@`b+)1Iq1e+Biw1S|4q_!#RHa26Gqm zLA7Z5TqIR{7iQX^9b@H_C1>E|U36fcRLY~=O4r0w)j&(9xALTinOy;mZbpk0dsk0MXkT9`n<50Q-|3{#E zo4xubBovPu1dX-MHvgP}Q>#Tue7yNU78HY(1mW&b_KA z!q9VY*NedWSFZ(s`9&(9`;hqpV8Vwan6`)*sj!Tg#^060{GO&qYk;yWwtq9Sak{9> z(D(Uw#MBM0+Fu;^BLx~lQWzsuQ}v+0B=hNW0>Z@%+L`_|X)8%hNlrQw6`wnIoAv*? zwE0&tv{n}wLgFsNQo(Nuu3>ZyJPP>rt@Bj_OjJ0}MI5!gy*nr@wdq4tnw)#Jm((RJ z%s5B}Q@*$MZhH1$*k}ksLJ>jd0`B-o-Tgd^rH1&(C@Jz~`y9XpNz-_Y6es7j~- zw&9FRD#z?M7wmi=WyKk~*o4;JqOQI7a5R6T7qZ0pxS{85R6s(b0p!lZ2x$UX6J66C z{bBlJ%=kOk4UkU*P`%UyjBg*jo_$V5QQ*L@tvm^@JSkp&kuy0!?JtuEq=d194@(H> zdE=pie9e?ehXyPwImn!?XNG~2?L{Tqq@L43tW_O5{0g^h?7hEe|DE5O9K;RE!+A%o zuwonzg3xa|8DVd0!NJpBDm@u*;PQvMwIp=qH9a(ecc`dasd zeCkZyar2R^?rrd)*jddO_{F9FtRzVFnSin?bq^ca$YY$Y+1$ehHC@nA52&KbdiI-1 zr>6MDqyweIozzV?D1P-q(*}gsR%Uo%GZ*XLpdGbl;v8G|R$i9SPI?>fHLIm_K%{|i$X*TZNOTMg1r!_~{beOj| z%3>)uqCh`Cn}dL0vtbh>Ft`M2wOuC5VdxLut^FB6z<5h#?qWo~hF zvP+-2C_lZ5WLy=Cy`W?7T*|Sp2ydJ8N@1=FRQFC zbEz`!hm$4D5j1seyN4KklgwWvSnInXZZ{HZyqadf$^(AuYG75iG-L+S& z-#Qw=HdIZ|JL}F7toV-<_i1CM0Pu-+NK{ z+SyHebroN!n9k~#n!3CLpjzytswIqVdzJ?;wDV;SVkg#Kg_>1w8_(0nzt@p(n5~s* z?(kr~s($Co+*GtZVS!1UbZd+o2CK!^I1;oqrFLoR(fpX2CnNRXg}RwdANQ7+QO0FJ zak6hCc-j3XWy}dK0{aNWuJ-p5OAEZ${vm&Pe0k#My&N7!%ssl6|EQ-4%rJm{6u3I> zH=yH5MeG31nO%cnn^IH9`VAwzR3B{lo61>@h8|t|IynfgHfB3x#j_XEl}nTe6{>h) z{PN>`Fje1ENPoJFzM}q#(PzFc0daxFUSP&jG)0y!MxD4JCXSDY$N!@Tz>wcQ1WsJugz=d&&ep>4tE28D zy{A~HctG=Yw3+PLBxkM0S zhndp|2k2O-sI8{N5G%W)d}{oQPnI5?@F$(nmmog{2YzSul|qAWAQAuxrv)#sft$-q zKon0`rf-A>Z|IvD_>^?!22NZ~-)E)V-Ih^H%XyvE{ih!6bjY znCQS5U8J+Y+qa#@V>0GyWJ#|qI@5w=xvIilk97n)}4laRU7*kg6Jo0sIAz*#}9_@YijoA)11s`Wc7%^O{T z_zcc+wna)EANMuja&?l%vXEqJT4^TpTXlCl2~Ox|LKVfX{J_QSxci1aW{+7q9|C~yChBwuBM;^GAgO-zN$XlhmjL6 zAM`FyC%I6Pj>Vc)c7C-}arYiyKabt*9;swO-{VU|1H5>j`}Nu7CU!sjs+~6;p#! zmT|NM$s--ISj7wKA~p&4%fWeYH%x__lhjM;47h2h@HXOa_}8$qm`3y?Qe7snUL0`o zchk|r`jd%4vBUk14npWdIS$Fw8Sujc{Rd%ulavBx^g^E`MM-6@6CvX|$|Nbe0lf73 z{Wu@sy_RP6#)I$JyA3V9+MLVo(MpeTez_S6PVj~_$}cxzM*Wv^!AyDTDyxqV7A<@A z!A3+c+Do>2{~nz)DH%}FFquo4HHxf@v8zX89Gwk!MpeGMbS0Y$gT+*(#ySfU(S(-3UH|J!p(-cm9uXB*YIKFFzXqxOFg zZoK;`+~EIBj-LuQUL$`CH{K=vhj4?}qE7fv!+zzy zKX91z|5~>3FQLaoU`SNdAv`+yUpkH_G9Sh=PuHt+=XMiLCR&uNpOjH5dTVjVclltl z?3b3qJXV^97STPH!Q|k%q~a@wQ8szvGtqSCg#%kiO#Zak4_|xv1R7spsitzj-F@89 zSZ-6$WaGc5rmO{Ft!jzujo|60H_C%U#*o-XC`pv}x5z53xP-CvMrFF)$#lacsZ z6VsUNAg%w2aN8Vb#f75yYn%I63`%rPi4yZ1n6yCh&9GQjy_G;tLLIlbgp zedUDYy_9U~{|2FWe?aI3fX@CG2=)98LbFQabDpKG;FK^^`p9FKC_#eAF|?VICw`o; z$Fhm}lixTrrXu+^JGt}*S3H_>y1H>GktV_zSCJ33Fw`CBpJ*H?Ev^BHgfEMxlon#f zY$?C)(QI@f(D^-xiTxL;d|~w+iMIK}7KnQ`IV9tM0nKL%R^E-4%Y0Mv;&^!Buoco{ zXh_^5F^Or3WCLPX6dXbZ-A?b0`IFe<-4VCJxQ07R03rQt^n{Qmt^G+zXN{f^(xT2M zgtW)!KD7_D#rN{c`D|z?20$&td8Cc*78lVKFsf5VnpM*>YgT_}Cc#xvBTk}ynPv`P zp;_*GsYO&4BgaOu1SRky{-}BoWXS?N*R>6&a~TP^+DK}{#=;dIn>;pCPd4B^bvf5j zWzG4a_D*gsJQc)^qx&c1+<~7k(PyJVozP=H*tjhrbHl6VrDwsv)EZlEh?)OXYq*@L zH57`2mi|MnG51rgfiP(mGe}7`e=1|Nl=eX!!A;ttrN8d;u@($ERE&AbCF1dI_Z1Pi zJ0Kx)Fx*eR+cu{vD}$oZ*%_z3QD2{eh(Ta&h0=@}mbP;nG1@$Y!OW4iGm3Cq0|Egf z9$%vPz;{0hW(w>H!5qj`8qT|T_J-=3q$YXJ2U`b7bT*De{C%Ol+_0eY2i6=GV=Yn< z^W_3vr%B`U*}XQ=L#Z*W8fC!6pZu|_X+KA3AS=+3qTp$5D)C$u{q1Vs{E`fmVn-^T zL&FSq$Dh?d=mn;l+MiS&0B*9@`YK!efjcaP&-8*O8=wCqiA|_#)mix~XjSkrV;n_2 zRfG@Ge-~Xk!5SQe^S^bZSiywg<&9lCHI!1Hv+)ZD! zc7A=a@DpTuv@`AgK(#)RVsRy~1c=~rmp?@C9q+b$zA)cO(KoFz6MA=&GADDRC644b zbDNjzv>oC;nd=D)eK`Pl-wWeN@@j{Na=$bebb#i93%3foxB!g_CVhUDSq*E@+^~5*e|S93kb@Y*A4_Pt1`zE#CS|3 zWIjDm@jd#c9Ua(mIKsM{5z`=5H@gTx&BM%=v^WG73fSbr-0U!*DtbAmoy8$WdKb~i za2VRL;*(m1Jcd@2rzm;O2P`r-Mep?#IXt=-c;!%JYNlrT(hX_4_`1J&rbql_`%%C- zc5mh8QPnGC!B547h!`VJd>|E|xbT%;KfS z51YKwk-Fx`B~mT*odfzikYnFn2_N1w*T}1lSy{_cS!(-;mVg8buYDV2bH*JT0|RWC zicM`U@DlDEixQpC!qDo#HhcQVkw1A?MQU9B`n%$&>)^z?3mly@Bk#g1x~`?K`-L!4 zf1t+BjG6n{TJRSM=fN>#RNlKQqxlBN)u^|u<=~u%vE&9ayIJ!|pKH-zp)OgZFArzE zotasd*C}=M2;3LS*bzsV^x+IDs4(?ndWF-#1zF4#Mks>zEffBa1^eWg7k z(9G)P8xumoP^3^xHqemn&Mb-}&l>N2xK%ILm$7borf2}s;f`Ik0KXxu zxtoKMg{6I(Oz6(`32YocSm|Zq^OLI=rC@?>LfvjJRVhuPst19S+j=kRl&1opFg5ob zW6VvH<2{!WU#4=Fq`PeS@Gb~^hpq?6Hz{X3^H=>=hJ;pbu2j9+92Rlv7p^(MgzMwk zApQgy&$_c|^?7oHDG{gg+$w;|ez4fCWV2B8%P)lVc~ZOYZ3t2A30L{3@lSGtL^~yi zQ)Ynjtj(&MKKLy^B=)&aCCOhELVoe4kqqv4(38?K0Q{6(6cGm&aNTcd!KUJ9PyO$}b9JpP|P*w*7S z&;-=BsWS)gY|W#&{d9n_+$>!88C&lA(0uJ33jwdA@;(`(>4eeQsn$6Gs$2H2Q!)v8 zVJ<0{ftPEcy>o#R)DhX5bV6lJh|Z$!6Fgfh19Q z7_26he;I>mC|~6i4yjDXOzx0UM4zF=9Z&`-dag*z^yU1iBKTQc>NwKzF8xmHCLu-C z+V;yddXCL76i_{6_ws=mPe(zE+6hzTCh>?#+^XYCU9dp4=jPbT=}|tO@`^l z-ef;)j4957o3G%<^3g{3{(4>9c9jvpAY^s{2!tmQd)a10RRDN@SB7T zNQtgHi-~t5wcH&|^a3p^&k42h9cnAlrxoOC`CW)x-gHpXW;(ifM{4YTdWTCfr(0_3 z6<$5&qDs0^hsuX(e=A+E88DBqb*pC7A7vc`c-Jm;)lSP|^3~9e?^EifO?HPdS^Dld zapR{mvDehLcA{7*vFn+);jO&R6TMRSE=bTdr#d%awm?n}M&@N?x zP=JKllK^8{NLjSO2|TE8HI64L4by2(nY}F7S{izWp^g_5hR#zQCwJ0}?^x)AG$%{z z-G>Nd5t7Xwk6M0#Ok$DaRLo3lDHgK2D3lx(I1FVv2n7jaO$)|8=`qJa;(amg8{;dOmi5Z_w z*uUt*tapByvD9o5;!!$-EBK(jSVrS5Kh z#`hzT=?1!~En8SJ2y|KrR*sAXv$9N9&Ios=bej(%mP!2JQ| zm-(IWi8`9a_QiKWmpeaAqAkK}!V_i}N^f~6;?oNUXFjgEDVU?ZiliFg(6=viZ!l`h z7UQgH-``WQam#3pVG2cZT{Vog*NA`{Dx`HC--Y{|il(^KL}hP7G~)P+suqxd5JWuO zbUV@6-IAQi^SC7}e}G#=8}c3dyoHB|x*NIrQq6d;xr%fDIX!D|Eubv9^R-{{&-->x z&#GWSLKHYj7yl~Nd=(wT!eLvJS2>XvG@Bcw`~&h;MF}rvTE%ytbzJ}8hoSzLBk0y3 zD2E#W;BHsJR*he;U>e&sTsOQyk}@N$o)gX+V7wQk2HD(Jy>u4Wt_T{3pH+dXGtvG~GsYtnt}>G@O*K%VfAnP4*P z(i%X0#NHfF_dSgT7{&wA+r*}B5LypONhWgvB7KV)&ZShe=oFSVYk~G1hqda9gWTwp ztTG$XrsnJZa+WnMV*A?%s7>()Bu_Z$Mp${Q58irQ&gp>EeINnOY-q0trlrsxF$4&W zFeasPn-}gGix&pd4v&YU5S-6r9@Y(iQV32NeuRglQoW?VU_&)>!_$u(RqgeR#R^{e zmyRTZ4cd{5t-kKgC62D3L*F##^l}=YC;H%(eY>|1_GAIi_Sp7KJ(WnNB4;XhD#=P? z7cZ&Rih=7iLb|nyBG5ihE(3`SdG99~6A#=NO`b8|oRvVSx>;nf*T=bfxSuwJ`XGfN zB1wty_vZ#{0?7mJ#p*F7{04p&1`*ER%jtj{!>6Kdx~ng=6^av6iuE2YZ&zOS zvX*!PV_Eg}z0=G9#516AaZe;?;~%(1TtWMA(%8DK4+wCo8vx^)`;UR;(Rkh(K!v~H zahva5-Ha+=s69LsyHF~{LqTxHdOb|9j!-%gIPWg$K6cyoR5vT@8sDoc~n z&tIpq*1w`V)0l?NJ$g62mhKauH#K+x%33A6R{3cfpE4l?xUM?rr0_%xXYrvi0uUGL z5T+4Su->>UZ!z(N%0*UkR|}SaKWHX76*_)&%{zntMhnXd5>Cf4G8#D}ojc?Weqs3X z$lWVJiF?MQQtBUzNV$2#!Xn@>aW@(h1rB5C^VaN)mJ<)=)0@L={0H1G5*=~kgv4Lr zlVth!6PG<}k*edw8OGt zhQ5<2;^kiglt$d0i)|+8lAA*Dj=eG|wkCM7k23k*QzmVY z&GlI(PJTQ^b-!GYxSV6hOS8(p}jUX4OHI!t`9TDdfNWj$P| zh07E~r=psY)4^9Gwf`G8ozr9GSzI((qsi-;jW#QeGiTfVw!|P#i&`VpP+MeqysL1u zcTtCnwrJX}NpKFg>$tTKET07E6p` z@2=hyP_ULN2lWdPx2&==#r2sk>0T4F;PS%yce4&ZvxuXT8pH4O60xymvYt?^-r%R) zvd-*Nh%lW)Z9+R6qCn&DjY;acDdeCs)Tf7(XI;8iEp{WBnyeYy}j2rbn(xDeL?l_!qzAmrs-ib3# zeCCN-*A;3KtTeskLernroOAxL2oL{fnR_+x{U2){mr&F9?!v2hYfzoCLbB9n%n3cq z!&%lI$$5^ro1X6|Wsk|<$bBMEyH$8Kp(o~`rYU`wC^P+{9?R5PvAOMGDsVr&X;m;z zcUcmP94P7Ez8=mQsAh6kN`=5H17gNUHUi2aV_4LqpWyt~Y{cc|S68Mw(!bL706Fxg zi}jf85P2;bLQ+b(rWRe0%#6DW4arVi?1d&v4MTK7L=zRQC~P*@H4wZD9=nsgYjgYD z^Tg|!-486Z2{TkZMdjM*#f)-BRYQwy8uRJ*>J=MW%gYK`aD}d1gtZmX!^SA3GMeRY z!93Z@JpS!3CN+KUX~qKUA&Sz+sfz?r{L;}rOC)bpfJOrOiU>kW{I z6^CuVwxA6;F6b$e9mVff2N15@(~idGtjsi*oa-z=B_S6|!YE(8^kcJaG`eOUe{6I=2z54F4gDdD?ex<5S^#R1-cl+DCTuj5N-ivt>wm4j(H?jn$ zO-oHP(BypwIO^Xsd3e0R}9gV?QA2+ zx^JGsxk)kQ_X3Sc@&*m9xe3Mj=ydo3&78)TwSH+H*VvVFPJyBSykdg(2yV z^m>M|LaXwBHbFKPUzbDn-~5S>Z8XB!NVqeX3oqQEmXKnKx<&HUQiP1X&+|1e7)K?;jHMh)IQXHQIc(O?BJE5{ z>456UH72JhhE9#$VtmKM?z8>){7T+o^Pj)Dtvcylv>Pp{;J6k06W6XT6%%k!J5m+a zkLf%mbE!q_RVKxAmj|8{9-8~>HLl3Q?q5V4yEO1m!{{mJCtPG1Tg$XROSIx%xQ(JT z+yQI(axI|k+*`2doSg7#wA$S#u)YcKSe%gDewSw_xwmccv)T7X){7KNu23cU>u^J! zpkCvSWIJ~|OVP^L*9OZ~??zEqhXi>g=*7hvF^pIp_yx_ye}my-;vn>F%EE{pZ=>PJ zN>!auEymWL9ptII5R~_F zGk$@E^Wl5NBU`O>X<2B+3Z}%hA0nJeHS0uN{=HAIt(BA1+CMikJ$803M&wlc2 zFu-XsrqndGdZPG#OGwp~LkyTC4A)%2{)JCO64CkFQapnlY%%n*LKP={Nx-}idqzuP z2st!TUEw43JTOuQpf*8-LKd$1^%;J`x58UIH<{2Dvj#fJ4 zjcWIK9o9^M!vSHVsfb$DP5oF}(&1W-?BkM&y z?k1m0g#tq%Ht_CFHSP`uPHg!8rQl}BTl)g}kFnlBPfmpYNb@wmycU4ZSckR&sp}n* zGMJo>`{?#})jE#Yg$c2}j`zQ2Q9plU{Sn?PE{^dIs-8Kbdw)4*8yTOpZwsW&t8T^< zoD;k)c|&8g_FaG+aF>)fzwx>A6q%E(Nh<5XLcejT^ngh4(L6=6S)cPjXnc0XD{k9G zjZ@n61-VQ=Ns{2pn#@QSM(F=srnYqi83zZm6`AkXHa~M#*tiU24<*4=1cJGVVMQ8Y zxhE^J`uUn4u}0gHE2n@rVa2$FzSCIuKzR4E5-$ch@lHWoznX&@9@q28P1vHmBN&Kf z1Q#;L8Hl<-y~>PbtIp4KE?;>~k9kS=Zb5VhN*sB&8d{Q9j6G%6)B>i%(DjM;lT^Ri zdY#||VudaOdPYo=sR}alx zV}CKTZNc6|!};&KG33R1lzD#l!zx6Ml0V}L@%9V8MCZHztMvG*oKvpo$|-f^O=rki3XQw0(CN{GXn%p6Pn-L zW-hY*mBXQZV((ov`P_ixh4z(a4<9i8ips!E{zF?ki>s@THy)=guxZ^0TbxLi33E;h znYP2G28G_xT9|+9J))IORc=3v7|-uBX6;XhlQ8Sms>JrE1e;Ot8ZwcVk&tq!eLmEp zp@Z-Aif7Lq3%Ui=%S8ptn`XP%>`GhGb*)41KISXGC@DNPZm_(9?Q@=cST?t|T{o06 zT`y6fsOrx(H^BevIkVCUshBlschCC0_rF4;i~m)l{LkEeLHroIZj!5v1--&b^*1JM z$8-DV-*Slm^a{GA7Zj+38yp=4_!o1T*52O1;bP6-KdIt2uShBU`{M~^Ya%?SX?$4$ zD7|gw3LeUT!_xPv-}sTwRJalUGnAt3$G_p}ma91C>NM3nG$q;9uG}wNJ?(_HSwjt~3^j$k4!2=+;yfI)uHiwslyQTod%(nR_@c#V~X#%a~goG%fmiDR^ zwo%IT+rLk}qqcc!)Xe^k?O`eMBJjK`W2>9Vu=+);QZu0X=9%%nt#PKe3l~r7~mf3quh^Ot~=75=0jPCu|1S1i>q4#mS)nQ}AI?=ICe=b4V zS|(zAySaQSA&X6s;3>DcI3}!Oyq)sxu;{RGg}oSVW0{aWKM3>qu^5lM_F61!dC+}g z?Rti2(ganok4z6)41G3uC!q83m*vvHaxke}@x&4)#X$=Q z@qxx5;JYGnZ%A%~A7EV(*+uR@v&2`W&-%{QV)S{;{vT?Od-lWTrfl54j%(;bua5a)gsT(lKFv*?d=s>LIqbib8Eo{daYCdzqeq||7iXjK zyUrMI^#0*Wb5!u8|2dDV(5j(XU-2Zm(s0H*%<`(BgG(f%JXIeyPFi61em!_!q3_4+ zF2t9J6(Dvg+rG6=*onbbvc;2JqY8<9k(wMet6jR~jFQ+nVsI92Z^L85U;}vT-uS&< z5^@@Ms<#;V(gV=O%(b%4N{DQ~vmXy?>(wUGk2zp*WODnaw)o1}IlZs~)&&RbP6G(K1-4kCa05tck}(J zmhHKfpQp%_@L9H}4N;c0Kw$A33*THnNH;V_w0y&022d855nw1KuTPyEeJqW(*$uYO z^wT+7k-u8qES*Th(DHBssduL1>2Iu99u-8nyW5|C7zj@tPth_ruj0+`Z#d?)^m_Z( zBG8=4lA1Y>O2W$xw6Vujt=x-uqWg|!Y z0_$AIg$~RnInRLNg)x9*{CDkAB`yXFxZd^3IO+sNpH@VlZ8Qb2lh$ak3;q7SwDI7EH>RN z&>i}>-5b2dZk6u3!s;|62`GfEk|}-JGLSyr*%ji5S}KfPi;wIpjaLJT&paR32p8Pw zl?fxY25A-txr68f$yP!4HB?)9_hMA4l?5ix^M`DCtSobNh?l{E%g;R)8{EQn-L?y# z07tp3py38;uouf=at~@vI~}!*(poUjOr)s9JYB^foym{fW*Sb*HQ5HAZhR>Xz8lB+ zqqN?6Xy1TsTFB9$x$x>vRNG?DquqjnerXj7_ucYoNT;=9C8w+0?&4HmZ7mr7sJ+a! zv%ZQi9^0QYD~(xtIsN)pyo!?+z!_<%byFqpy364GLceE>M}3n`M(k?DjaZ1Y!fZfX zPF#23jH^8>k+Dw>3}MSI=(#z=RZJqcYXyQQ&CZ_RW3GN(MfObv_U>=@>zx7jEWK z&og;glvhkHf;bI_-59-YqBv2ceR8>WY4#rw$o9pz{|SlTMw<6~^yPk%g{KSse=Lgb zBFDN4sSlD8Vq^BL8+CkS4apWo|08-Kw(hXnUKEz14Dq@VA<{47BGdT`%pr4nkbi*& zIE)<3QdxofK8vOX1|`tQ8gB`HT2fT>F8z?(;coE*e$pO-0`5rKwQ-X^(y|TYl%4({ z6=CP~b|G6rfv4)i9vQG6#Xfm5fqM=Cu?6O2M;G}XJ)fXnEaMQlAheQ1UhW!ECyecO z(-#R!{6tD2{mh>BJpaGfOI@;oz&NEBRb7aC4&nB#+q25z-V|s~l73cVvE2lh5ttaIr`iJnUZi3m=@vlOr@XbZ)k>_AJbKG}+jz47@ zsg4ZNfIO0c|GFwuy=(`o1#$h%c%W-&ULG5FAhjHtym2NYr5{L~?%wDlV0p!dFp?}= zhDpmd^mDBr<-v* z>!nQ|C;xF5rqQxD&VZ`%-9}FBEMOhDF0smSrJK#Tro&NrlSI!7wTOw`p`LrxqDkLi zVjE?M>-?KfH@KTbL$aPs)wnIxN-S-(8@~U_fOfM+kV4nWlBMdmv!VbF6;rS$%oy*w z_rKR)syel{;z=$YlpW_8II;(NHd@2=P+^9;pRmb|xS}MvRYSI;OMKUGpGf#z|dfn0UIGT5L{;*G12x1H2vDeSqnWYbsJ)=^u^OKSca!!w zB(bh#{%Aq48~zYlamD@dn6MOyOrJR=?eYGgxcU+-Pf*iIjP9l7Amvju8@zQObnoOF z)y#fim`Y)W-M#b~7!;@kIu~bwOYR`IW^9f%=$-P;g8#_Sh+CJF7?PNTh=GkXQRx!q zh!jYNN<+UM&dTEaN%x0V>}i9w5=n+d6pxQ}T`a`mtzA#Ri!~Aye~boMH#4!dv}&C!78wiEBwV zc~hl_3zX3x+Mr!Qzx+eYJ%N&=@e(%1O_RyiMomB1Vo-B+@fY!IgUWyX%qR@ck17jo zf~daT0igh4oE#3hlMfhg24C$uyS|=mV}ji!^l_na>5vc;`%lfY@g4t^eRY+Y!A7E% zS^TStgS&4!#(&lyo8Oah6fNj(99L93dX!$(>vY(^knymTt8c4Vdc+a#o^7S_EF=PWHT+n#6zj6qFb0`{;HGB?U^Qx05AGHp+!RCC14iT#>C^Nn}dKj)UM{;43|9?+v-Fr&A4zEu@-MD4xKlvPH%<) z%;h2`7r#RE)3>!250iO%jGIqWzi5}n@|(!=euyol9wTe z&UR<8d+nKU4!_k1z8XQd(L)H?=RSZ%TCFXubp2Bkc4^k~qyZ=^dy)h`fKwWSGQ{tQ zPY>T}j=Bz5^E(Lz@qeF}ENn&UAZbfVPS5kGRo}~vdO|YbJXdlCYO^}ykzuqe*iHhh z2ePJh8e4NFhD@o8g>JMgJ|m3vl0sa?tC;!IyVpzj2t!4UCMpp%40(6Yb55z5&t}@W zW!5xNE$H6j)`0DDG({LO^ocV34oSM2Cyun@l#aMjkp4^Pss9&E2MgQJ=~8{(f}!$H z$}D*r!Yi*i6ABy|LnGGrek{B-n4B9hee%I92?}McJg3n4yBUJ*?T%|e*XN@Sc&Y)z z1yV5cJ?%?b!BQzAUWC9iz>tU))kfqy&FIU8uE=>Cqo-voBX^@45|!c}fBF+3)e1A3 zHJw|8^;J`Ne*WWHQGQHF`I!8Qi_^C{P$!-N(ANDtR{lapqD)A(?#_7-l+!A$J$fcP zkyIA8RQ{_h)VVYK@3OEJH8A9~vzM~FMu)`ekI&oPBo5ztv>FtBJ+XG?=-FD@X#rfc zxJ5tzk)8znG%`K?Ul>@`M6e_wIpdeB7}&Cq$LKe4Gu9cSp+bOiFHBwG z;eB=Em$pZLjEv0v{6D|?KQps}gq3UH|Hi}`|DgxF_|5+*IVHUP$Wu~UA1Lh)>4zhH z6=*kNe%FJ;Xh%?eu7s$YLR!acmGI}b$qo54?r&aF!jY81g2NCm#;ZhmRuL73y3${V zRO1D7pynqQ$ME5E+DZFW9MlJ^iypeHSv)N%2l#dMTNKKEvQr%oxZP{}EsI3O>fgRn z|K3vtoZEO1gPKg~>J_$reAP(huHp8pm6Vvoa|k0@M&H%pu@A0NDPg~KuQu1zdqqGB zSwsv<*x0m0N~cBaNGfR$a#)YG7Ks~13Cm@fxOwSs?3rW-d%m*mmR&SMX;jjqtp25! zJUZli%G@Nc=k`)_$)}V)kYhED^31$^%fk`Gf5m6srO?qv2%0opW&kwW@*|?B{>NTp zTN6Vse&lzktmM6N^V0={TEt8GTflzW(P>2^TjOae%e;sAY<`w-#6c@I{Nxd)E9mrLWO56wEj z3GxQE>SgPq9R4@Z)`TCSf{drZv*qcWSTH|F?*upXkGQWrw1o^BS+XIAY9^6q7EpSD zjR0aV-E`DisRLdo!{88sJ5fU-2|kxN{O13Trd=w zM7e^MIl9IPy#J`L^BYpr#`vh8xq3f()W_=$1g=&uzQMtW7#^RX) z|6&DCGX>(~mG4TFrxSKe_KG9NHe@<1{Lza$C5GCTWyOqV*h*c$aFsj99n{8GCHCvL zpOTppXS|fXN`+aaPq`>3dx<3HqvM$`xg*`6297zzq;N)fo9Qi+|!g$1$)p#BAJoOKTG>3sg%HexXqakvp)8j9-Yq>yQHqN|GO&wdY{4m;>8*EneF&z``qY#dN}`uUl;N$ZV#yPcYp$PS@f<(6x=0-&Y)})Qk5|_ zH~bj-tfA{0D`Q6v28O$;)dD+;JN+Oy=JYJpi5?Ws0|%jCNn@pQbv5M8c7|Y&C!7Gv zxm2ox-Rql&!nv6U>@T1|J7La`yw@YAT-f2b8G!IHQ!Bd2Hg&;=BZbxlz0B9Y&IiBa zozf~kx>5jDP!!e!F~fo523D~p!h7?Iv5_-Xg%A=fSMa5S@jqZWt6qf*zCDXyDIcR9 zm)EKz`muMIQe1sk-Y&v#oI3sm_~XB$2Ri-nstTO6ch# zN2l6RCGg)>F5e1C|PB&@r z)%04tsTguKQM|II@mQYE{>~G`<`!mpr)<5HZeD4Ots10|YSx|)k(Js7x$8iMZ`w16 z?&_$WeteuztYvjSbNvT6=d%#2LqyJ|2AZsVPqO%@)*23rF+&i0I)|5dDUF9b)2aiq zM#hN1a4EnTQCk)bxS&~?)#?gy3m7v?5#0_3WfDv%08Xf`6@=>KJrFysyM3>-bJI4F zqgr`sJ6%b8^bV3!DQVRke`mnLW*n(34V5bpbcDG>vGLCJzgXy$_etld`+zv0(JGz< zxXH(NgDwvU`t7lU8;q201i(VzBRPL)i0wvmQB0{+!kk5ySN+F!7j=|OUrOwhrXiPC zZIPcH#4hh=#)BjN7rDq`q5tskuzt)DZ^r4KNv2Os*aqE-evGnlymE5#>Z5{m4=mi@x%N9r9VV0xvbaOXf4#wEW+-|G2j&T_`=8$+KC*Jxl4I3YG4nE=L9wXVX zGoJvn>t)L#Y%AUB${4TP<|*0dM{iontNPTmlSi5+>kEt@h0l>vwpVX27Y1!h{c$g@ zWTK=<^;bn@2;zgHH@$kRr4&QA2uGiPwZJE=XFc#B{gSLDDe-BMg{TBVZqRP_pItUg zM#Ly5lYuwz3kWt>n3{cdeqEfjtS`PKGap&^{XEJ5a6zWS5^9a{PI(cpKRnj(*Roex z1ISute3VA=9)|}#ZsmI)X|o00>4Q!k8jz4S86c9?;-KRV zrXL`V6e>Rv!U(t-#IHW8*SKIxRZ}~(sT)QIa*6v&8=dirpeLaVHBm6gS3B6Y;m{-QCu}*R1yxD#5 za!Z`XfOmLsY|r4Q&Ep1x?c^gk_8wM7R&UDY+iZmXw%7DvEiLgG=LVZJS6R~b^@sH* zPl3008rUv4d%TDZ`@x&zRtA+W+Y(4u0uwy$05=v6T22Soc{O%D1>`wPb}nRCx;`|d zsZv~w8>}mQLR}Rdih@uE8@sI+!d|zM2FJmmFtnF|UgQ}nV1>Xpp<6i}#APg25oYxa*~v2PSlwpMQ@W~}Z?k6s@A%F|Q_^-mhFph-HS&y1>*t^0 z_?u&8AgxDX^WxD1TcQc6=z3S#P!N=~zZED|=?t6{)XG^!RhC>{il@Wuw%#+0$ltju z$e^wY`gO>j`9y=O&G$YCvWc@*wjh@AV8SLiTj1lRuuZr55JV>gC^j!sq!t;$#jfNi z_9oSi=V89As$HFPcVTc8kMj32&%Z?9$vly!`2A-GKh%0mhFTxVytyP8&_rsRy*e#A_ueqWF+Js8j2Hm-VsBo)X_QjmKFf z%df|PhGFk>z8OtU_9?hR!wX8pO~S6!{A`SS1-owHl|1!aNKV)C6h>IkNxKmvTDT|< zfHCSQ5-@i8dOg|Hz#*^MN(8)Sk+m1+eO3HJ)Jrh&#o)}uhpSXC=WDrXN))$9AwIX4 zG`}c!7nL*kbJ6WsN}Pt3g1G@KBS)|Gy{fhdN3%@C0-IDJ3rmmt-_!Wo z@2{s`$IH-hMdc?527D3kHS1g+1mlkG%WT3$dLBK3uJ8+|*5=dHIVop3S4foN7@X%) z%S5+5dvC;nYp6kU!3+$zijt}(-o+Qu#3$@d+X~wA;d)h{Y1@d0eNXqIr7wMv7Vhzk zMhqO-Og}B4QA5TLY1Cs0GTj%90D`K>^6t#^6iDik=ah5uX$I?=GX^qiU9fQU@_rp! z_dEISk-N#|vs&tO{Do_U))GD2{5&lW??!fYkNe89B>1(~hg(~CZd|6aqS>gE5lgE} z&J`CANG zP7ReC9@s6fr#CUdomqn@UUk@+$Y*0c%?ollBgmtUBrC7*<~b8T0jPADXeVXM=xxXH zt*s<6nOSi%8orsCh^!C3q*@lPD|ceB^47w5F_p3vaAD6p?REw#{^dWZ^#SAs6OXRe zT-%lMtqjb0^sf*y|;IM&4gc-N zJuVsO^pQWGb;TZ-6- z0TRTT4(PHq2>HILo+LqhB5ee%Sa#R87(+Z5 z(a6aC>|X?eEln4J6wT(Fg+xJz%yw5bQY4J8L*T*4^snbRx3>0RdlOh%(+-Xh0e%&4 zAY+_0f7Tm`ykJB$y*J zR`75hj(nW_)q796tqS&Vid^gPEuqQ_LVt0^>(dtLTV3wp`7Ey;RRt7cfpS{LteTpo zJlWypM_cx*nSYTrg{n{FnjAp1q+`^Fnz%0WRHuC3f3)`MWWKDP&M&gnlgVjJuA=HV zG_FodFk%S2oRn0O2da&T&hf|ZF#B$`K#Men-P`=oFDfTHw0dt!QVP7H{a}q_@|gQl zL8a4aH5ck~@ePS1In^X%{MQjY%@^z8S49KmWe{l780-#Fc?q6%gn?EFwi)^iIG&}`u{a#~{Ci zcoov^zYOB;XRvkMp~m5ROFGOWAMy&=->F7m{UH`eBp-XzXG^mUU+TL@OZl3S@Raw=VjXi0f{q*tR$n zppyHyS6m3=^vz<2mrady*&?ECThiq&8r)oez{E)RF8EEiXwHnYw@&t8g|fSZ){}QE zPNJ${+QKBq`+k|8AHc7~ufw5-tuA-rM=w__%FG9fsY}uJ!aoemg}k?fVxnSCVp<0f z>`xnf%N&rT#LRSJ_o;%{UbOLG-jI5%YitZYU26)@CxIYKiRnW=Uqm(f>GwYhb6#@S zO)B`nJJhf`MBik$|DN(J-4PHWWHPhQW1)3#W>>SWgcXu3m4L>BoL(hbHN^r?v)k#< zqaoj9>&z4TD25(=l4k^Jq|S>2-R}9;QIpykAzk*)F(!hePOEM!SwX+zd(dOUgeSa%(q!Zo0jS(NUH$%i#c%V|h<0^fOb<8^TokNi`j3%aTCJ1W{k}5` z;ZzN5bsuNWJ9Z=W97mQym9Jdr4Fs4Og*^}V8rIaYgluv@m2v|EL3EZjOFJx=<)!Qu z@QtEER?{0=8Vs^X|0q?1{XI%zA0< z1=V!dJ(b?M7Ww#lGQ1fj@9r&hU9BGdc7cM@W~Hpp+ULy(a!d827*+6YHr+nhGK&1) zd?#ft(HQs%kZiCUY-HxG%8JrcHW0X88EjvofzeG>>)akf;ng(OT^&L&DYvzq{SA zKt`3dKDW*mcjX4~FeW(;cMuB`acr)Y5&RTConWnh9rQ6HeM=*3KR|4Q=T&wc2wsy_ z&=BlSb`|BYThWaHp?UaY9N2~DT`L$8-%h$dCtK3xb!Z-Wzw0DUj>c5x;EERfwQz?s z*VMY?9k@0y6=QFgejD*|#>dmg3<;K!{Z(_BG%hbruJ1-B!#{|luq~(b(V3o$YcJ`X ztQ~CI)kU2iH9YnmN|n_h)UoIuOT>WDc9-dgr);cPZ`P=}9lYuEa5^ykoGg5aZzpA= z!FH$XQ;C0Ik2rjyoP7hOnq7Y4M_V!FN1grorMgDGyju}tF+O?nd!`rzw$`m0&_u2! z{T0Y<y8Ol zJ7d7WqiHg4pN5&sRBGwV3R47L#HP>lP#Nk`@`VNt4}Y+pj-8c|$m9ttH<&Lp=?TfnOVN@GEak z?9cB|q^Ed^L?Z=X&_O~-DN5{rS+g~*!o$F=wbP-I_jW(7P=A^|h9K@usI`GF^&a%s zj^e&H2i#Sn9Iz|jYOfM64b4X3P13*4^KLZ_HCd`C0Em;ICU?${S! z)D<#ntJ{fVxoYrPvbPy^>#2$4lm+kQ-D}gVHa#{&(f0|ig)ek;?yTP$MDD1v^Y_a7 z>n}dkCA7(;QCjY>F1yv(IEng1SedNyP1RYcRh~#`f^PcK5@cz4uuWQew1x*oXuwvo z8}SBJbh(a6%Y9sM=G`QFW}JAMKwi3Wwu{ee)KJb}ZFu~~QNFgl#TGvf5_Ctuz%Yasm4)N88!GF(^otBC8)k*p zyED`4nHOtMLk(@4PA)i4wq_S{5UN%?mfh_1Z#tcwlciOAJ|3WW_umoR}Cp^?>wC}5B!N0sB|sgS*P?6Cm>@+x1#4~efQ=MK7zAG zEO!c7S11HJ`@~tet$X!%lTQ>~D@qLNJc#=il3n3xktj^DwuPpXcQWveK?#imxlA8= zgi=>ilf{y2_=hc?yl{0uT~(`lN4wT&JLON({+)0Vz<~l`rla0(Tz?XHs#CS+PCTi2 z-hW#y|9M}ktmu<)82clFf@);rF5QN|5$Bl1 zlAg~-#t0ck-BlM?^cR|w_O+xvb&*VbN(QaO6{c4ZAs*p?)yK9uN{6j`(a{Cul0q2@Lzpod;GN&zPWcpUwxOdK0Hqry z5E`HbK9enLx1ue^A6@k=DSp8?le~|Y>a@I>HkUV@IKWCdA=CPP^ekSNu`=1is3-vq zR{G_V-6f2>OoFb;5X_@%>4YF*^W0*TTl>M!%mQ-!ORzNpL-p>iH)M?5tPGKz3Fgzx=XrD|~EB~)yEyC?H?3>&uI;zwe9 z0dkqEfa*cnlw`JqGdu`WO)eTNdZG1w&^C8gA_15lg%_2Qm))GUcRDwA1}u1bLEjjVWO)&M0lNaV4SSwkg;E_0m zP(4;tTe9+iX@TC>*rYpNry<7gyeE{KdAg3Z;=sqRs*(CpIWv_tjW#xjoY7&#GnU{3 z+A1Q}d!b&sc`_=-Vi$v7HilhB!*<7<0^V&1XtZyn#`<6-kSlqggj(M(fO~shCds1# z+}j#(Z?W(JBfDHnq?W+0t)0#|zbFSm#FCd{xXsaQuU4ZZ2o)iRdS7~r`+%``fi{12 zS|f$LGX~meAxsE`5->6eI*F%EvLd+oT3uRY6>MBAsZFn37lQK1Uq=%OLB- zK%k_>!Eh@CiF`jE-Ws^McOc!mXWO&j7GTbm=a})@gr#~mL6|2uQMp1w>r?9hJsbtu z&;BXklRQM@II4`KXo|e;`qE&h&4}&%CK$@*5Yp4Se9Lg&wfC5W7ZMGRntB6 z<6I>)ad9O={UWWRi3D1PsNJij5huT|jzTLS)ZCLR)7={;+>b{%irbAd3tMsx@tVX( zetVG%W^tCZ(-$z4_}Liay1m*=0V_@x-|cgT{*637#*dD2CN@iEQukM4n9nRHCA zSe%0HtMtsfMJA!d!oto>XiX+C$e=|bbk9i1Aak8GQ`2z_5Jb+HeMTfD4`$5`WPQBw zeRF{hsFpPClZ7eH`o85%F_%2;|B*aI>XIf0hqc+5fGVbWz(k)s@x6zGtqrDkLa;&0 z`C|Y=wM5XSwB`N1sZw4?9<&up7~GqywDdfg>UrTv5tYscW*ix`@@%4A^E-nUkJQ$z zGn?n;{McPN40zoAL!2Dbs~2PR#T341E<}p-GTOMc6Lhg0p_-${nb{H(=4VQ5nNL?{ zNO%%klYye-O;RV_15Sm`B(y=TYq>XH#xpOjSlc{V-4f{nF$qTW(u{#tj>BTDfmI%t zl+Ddtn;`AnhuCBbe`O&8oj{qD3w&b_me*;c>V+}M4w0Ky!tGi7kS$*K*zOLo9yEC8 z{NX&EC~noI;>p9|l;>p^L}w7eJ5I+JgH&zV9`;)F{AEWPWn-WipME0;4R(+lt_?D= zHX>zGp|E)!H@B&R9qm!tG z9V1?MG1`7;#eDOU2xA^ur4=WC=^r<$l4Lb++fR1>MFGvA>Weo(W^I0QwDvfcz2@ms zl!Ue&XIdStCKvG~E!r z4sPHa>3wiKxBxHV7I*PS1&bqE5uuaqVV)F>7Not|Df#>xhjGS+(!p()X_X|ifE_*g zC(xd2gZQseDNlwG^AUa?1EI)UR&oT>&XsAHoDy6U6;D}}Sm3ej;jT+T^WxA{Qed{% zSn(ZHX?eBE59`~D8M*S$@f-((hH3fBs%KY9E?2z~;#g&m*}jOr#wt#$E#7~VETdbY zv`z0}P(R<=KAMxKqBX)+o3U#$AQvrof>1Ycy`Xz3>YF$-P0a}1-nq<8$IFYu8W0oEa$i=^Tdlf;@M&!uxu3&+JZinIX+esXY&Oj+WR?27}7n_!Epg2QMVU zZ+#(!xyg}k99<0h{wK>kjeTGe-ud>I1#OBO~DabAkp3>wN6U4vZjiSc~sv+Av>A6+V z)Y?tEfBaPiiF?*$<+WhCYJ%YjMJ3wGu%fsG>I}jJnp4|7>?-WjwYQpgYEJIZdU!Eo zvyO{afu)(UiaU1pskE|Uh23$E)YvMJsiPo|@GKX4Q4n~Js@_B*dyzxa&&h1Oh-+Cu(fj zI$a}1o1VV8WubqA;!R1v2uFSArS>G4_j{K@=e1F{-75mKC3gaJSoR*uvGf|!aPB+4 z&q5+|?TuA8%(jba(}!#35?O?qGkm(-K#iNdEFqEeUjc2x8@;oB5n0_6y32}c5SU{4 zD05s@NX)0phc4$yciV$9D>Oxe>4(B#9*f=VI4RLwb*|z!Z80D16K6)uN6l=W9NcHR z5>ZCbC*x`OhSv4ps}+zoM&C?iA;W^c!1C79;R|~<1=ftAO6<>gb9y|I1h|TOT32#$ zB|JItn{Qjd8yF&(-z=&;BXAmjv;8}PTn1mK?1?emoGQVd#Uy(WG!f%6knsUlv%0{Nt6_!)>`N7zWxY?5WwT-#q4J(lnoCJ~9h?6p_ z3Hs$eyPAO|JmKYm29(>Vg_qFYmI&7XJ=f_m?-0c9L!@i+$7Ea@G`ma0xhZ^do9}TP z0#S5*JU;e^W;bbWx`ytioK&JNraI7o{4>2XbL90CtGabgIRwMWN_n;UP&qADrL25hY?`5#6bajh~uq zNu<=tSU-%zq>(yME?+6-EK+9tM_G|S{WkD07iUOVxa~9nk@U9mkwcr94Fh^;s+kXXRZGE+&cZxrEv5D`~VcNNZWr~|ebD|>uz{k=-&e|45 zN~6(P%H^qZ(bx$Y51EQ*T|rf3T>;VBn|sfYi2mwNU}Ve7?GZ)ba4*RPX-C{Y{bxW` z8!=sa=gx~=i!ME}&FA_9-@o@e*}A}sJE>C_-I~(v%f!~7kIcciRy@0$=~WczV&6T} z^?5nJv;1d-lLy}hYrCT|D!pmE>YPX-%!(Tz6&GZZi0!M3!tE=%4!(9_Hl^wE+wsD@ zQxbCekG&m*Qf(?AKCGHQn)NZVV5cQPCtkc6K6;exT z=jVBezLN3T2(ulZlV5D%!W_4xb!e21BeX1Zu+S_!EZe6&`5ZR>+#^S9&PELeYh!k6(M_AA?OK6|-NVG;PQ2 zA|)YzzCzc5&neQ^dMju$-4qs(A}-71HgQ+IJNzWsJc$^&mW?Xje^@V4Z%3_t>TW?v z{iloHX2Ezt$Q2CP8XaEuE>~l14Tq?RYpn8ZqBoOJ_S4kpuB!n4&!8vky#QzyJKMiz zPR!aUP@T0}=(VCpT#$?9`;)9A#5!W?BI{YQS7^<<>b>+ZSXzN3L1~M`$~pza*A!@x z;x5brmDxS6+pideDsxtaOJ3jt<~SG(Vx1TZ+-Doeds6?BOW#-gmq zztN8F%D-H3eijw8I3v-&Ro8YqV_nytDDeI!eqPzKkj!}5#-xpDz;dM%uQsbeN;x{! z<=jw=_v|%>fTW=W@`U4T(mMSb+M)uAPeP2$H!pM8K zzJc+e&5B;YwG*O+J;u!TwI3gxYrU_N4nqAHR%W-U1oX@+*dNFqBkN+&xnHY+U^Y5V z+`qUM?L`X$16^YlW9%6{?KS6UD$Gzi{afU{UvKh4(DK7)GK4KuKY)?4jVcX*oXLC% zp5nVntJw_}DJCs>Pj(Z;@9u;ts(F=U1S^n|n&jlz$*>O%$NLrjqMgs!Pyg*I05c?B zY5W>^Y)TR_%!AAUhzhC&B!_AvrjR2b^7&NJ0y0pH7Q}#Lu^BgdDu^DY{xA)W-xLAd zZoZ02Jg;FTUP8tck6A|Mnb@6#Uo~$d%f57=1<7XWcKXYYwx|*{keYt>NxKS!l2m* zyR#vUj=LCmV7#MTP0YIeo7ZDAfz(0Lq@7d0m!=N2C9w+}kP~5pt~ADpj*4*IS3Ypv zDykRLW#Q1aBmU~*Zl5WX06M&Q)ugi9(-4%GvRX1xCrPZGJX(ytaYXeYnVc+Q0QMns zHx=!Ksr@F7Cl&)t5cY`qwq))2N~U8xc>_}F9+7Cjl#)B zeoKCn%{s@ZXyGZncCPG_dvZ1+PDA&To-UW*2x!na#{FlD2@gGh31}$i0-Gh9J=NQ%1~{mOe}ez%2-( z#ZyGjvGESE9}1BLAmiu324hLkfO+ zJQ}cmo73B@wt3)ExZI_E$Y9&IrBer_^%Q?QbVA8VO6a(Do!i7$Si_dLrz2FSB1=a5 z#xm_Ay~LE^xb6uBclxc-?v>y@4aOsvJoD$12hsOSn?s!1R&n>$5&%fo8_*2*owW9T zx1Nb`5vk$ezH7j$6y{kS0|d?}k6m5@*G?(~3_^?Lokn|7b)d}+I_Y&*jyf7p=d7W^ zwFKL(7v=E+0Ik61q`en?(OEzuK7Y@rWV~THq%(OM6gQUcII(I9F*Dl^w|+Ea_Z3me za{_7iHLXv$Y;J&)N!q)Ys6cWupYiqfBOX;afMHqciCQ&|I}RunXRmFmikI5-yUnq1 zg5^2~iz({vdDpQx*Ts2?Klgv0ei5k7qOaoD0{L>qKB{(p(=#x;y4ALP_DkTNS9_e! zW#mVcsC}uC(XuhKWh~ETXct9Z-WT$+A>n5iIoE<}qZ+%^c!M)iaNhbOo?e>n_;#0r z+u1>9?W*IFVg+t+6Sq4yo1@o?i7f6EmzwG;uniHPz8X>Pa`o<|3yKxu&d4v>|K`*n zYi3VMc_zPQ(Rv;%^>M%E->Jp-E$N-!!*&@jeRZ6e$sV{8zSX!7wY~>}tOLHAPhR4} z&5-$Ep~KfPAz9?yN9%%Tj2c#AN0CT72Q2Cfc?5%j*gu_ zxA!XC4i$m_hLP}5Xw;`tT$jD>1b7D(A=W85x){gjU#*i8CrhM0N2HJURW)HH^-~qx|(h9Bs(s8U?L>fL%hMcD*qWO zlL=Eb#GlW(biDY*IvSg_5(lH-5J{G=@fj2^!Prj3exCL%%HB54ecu@?mE3A-x(#E1 zrX$t?!Vw@7!IpZaD~Y8!LGhp<=)k&ci;0}+>9wg38z+?p2G+1kdY?vtDu?DWq(q~I zR36ivrmmSA`^Vhn&KRYBcQK%6kQ+CbFFR=Y)qnzV``Q9W#+psO^%QkUULolZ2FuL( za}XnYxX$%vscu--Jbt#FKtP;qrP#{Q^)eVxNlKXvgxQ855&<_#4O-uiwM+g{NVJu{ zx2Yi*5M$f0jqjR49fX!p&mb)-8U?cwZ@V8id?Sf*6vsKWR+sPh6p=5!i8oJ@Q86)_Y_<-bOiKctru%CdQJX7YRrmCDd6vkRRFfS)$pP0 z+zB8^A$bE-{6RsGzg4kRPf>!OnAaQ!RJc%0sU@48eIqY6SUqs=)eE>DQ>HFQ1(hGD z`}lsMBW0wpUDSS{Gjcs+JbmZ`=ZmQ0T>F!K9i%2JIzN$8zBD7Udr2({OF0e)P+(?i zDuIoTmsSbqqQS?>OY7ojOb5;^Kb@3|2_qYibJBK%9N=V%m2tSlO`~w_k}G77$~ofL1}4UqoY)Ds}4OJp8n4 zWIgMtd!zu!N%x61t~_|_YJv`=r{2MQJEn_%wPVt8rc)(Am)}ZhL9kr!Wy-C*uO3x- z?gp#Y_#WM9dx(AS>MNsU^%U_BizkwU+xU~-w&!*BcUSz*2FT?dcDG%9CGeducg7z- z_zAf2;ZyS&qE!gy@gumZqQeJ7-XS?DjIR;QtNy_%RndO$5bou-?g{6ZX&b-DfB9X?7Jc$qg zEPWm0*|I%LN5Ws>Tuw$anF4_RC~;7}83tZCwernf$v(HVU=C}#aN$eb`rrY>xgEmb zhe`3h%NdfD!sEo|r{wNtM{(C@io3Mxg*5@rgaEQ!pa{b9y6FuWK>o&kF@Xt(_>YlT zxI|2U6!%F?z+YHgoC@DL4#F;F#wqRa2u}N{B!0-T1fNbm<^_o2QP_Nml1asnRY|$0 z@Pj4O;^&%tVEAA+Af3IQf_Q&9Lc=ar*4{)K=rc;|nHVeyRl+H)mkg#r&=TaWI9*vaz5dg9_24`^?gr`h3O=rjj6!{^%@3iU0zZ^ zD1b-jz59}cz*J4xN3Pd#z8f>uFds?+f9m|QG>`YQ{=&hxq5e+1SNFUW#V>c3(6z9; z;cl@KWizKdKnZ3A#W`8`S@Khri;**-?-wI7x)c+_L6~3J zIy)7g4g7%eQFMRsq36q$olzekDXB#D4!lZmvYS0UYzFRkRhk+=Mm}1B*F8;6^r>hKy7j zhy%IQAfM#d_qCQwin0ddJ^bx%ew~UJg|lZsQ6iMD(?nf;PMj}eOj=oC9(IBRL{bnj$AJ~H_dh+ z+nsa$c*Sq5pEGREf}A^%q6CT>ai-hhPjsb!_Vm z**WiCn2NlDRlQp5i%pQ)PhzW~#x`U(;IvQ;W%TyFlvC3A>=&dtM4yf~ov8ZSp_K@e zPt2=qgPkCN#$Rn)Izi)&7MakFU7F;Lbqyz)0RR4$v-^PV8gkZx+_+@6i&${&dat*A zGudA(+;5H!eV8~M5R|6UrJC%x5J{F0%WVy6^O50`uxU7^D7y0|M(}m9I-j`kZNIE| zhpS!{*uYwzk)wfyGPCeq9lt>2!=-`^5mg}abmL-lgP%cM^aO6mHN2VsNi={vAb;l2 z6$KwSsNx;UzkW#6Vm71U@CtFv>l47x=aEiXCf(`2#2JZOUe9(Y4Rv5JgV6B2AemCH zOPsFrpNqUU4%OUy;roG3DH`SQEMeda4o}P{2P|(EKVD1Feg#e2(2iP}b@reBWXIwa zWy={S2zE_!4~&?~JF4EhzwIq)_}7rKQExWK>Ik>n6h8@aK^Eq1{W9CuEyR;X!6bh*Thp>^HOyl^4e`q+Ui!_%^dtsp3Z46&#)yL#XPua^|R+`@FD5?tbu&0sB|&y@MC=2MTZGTCmLRIs{1b)M%H6i`aRl zkkRaKpK~C7P9V0XGu4J*+XsCp*c`xQW_5(UIhXxm>mP&aK}BedoqF1a*`g|WP7vdS z@`$5rV|$T7Z_T}sY>#?Op3dEuXPIBk?-cG|ao)lle%pz^?2asLpIXY<`#LPL>tO`U zH`dvD0TbZYvRdAlrS0~8-V`!O?j@?3B$Vc<&(vBnC$O!T=hawV+3u+())2RhA}2{s#W`@R7mexw->7-hnu<-!6TxK?@)tm!2r!a~$Mh zTaD3S{rS3ww^F!OqR%5w$P#%&b@VzdpY|m5<2~fj!-3C*_XzN;=KO&BJT_OMzIL^( z`;KDSk+4v#on6cqymk|F-adil71337Ho9b7treH2-Ut~|M{#UJrcCMZj3f2Yw05RSldryQxzZ%`N4D9h?1v$ zeEc^k`!^7te57?yB;LE15wCLRT8ektvFXGFsU1~)W$j773#3EC!u-@ZVhS5z}Ha^`OGKktbeg>U+F8irg^GvBS zbLK3S;K;HUY5+O|6I9wy9_wb`${ZzdxH?ak4)@v~#tC(sYlHEv#pl~^l{tEl>PzJA z91^^p3ymN5yF&5bavLPzJ$=I(OP<>-EED3_J3>HgE5ob(pX6Xk3>*HPyFLPxBzp>7 zhfO81W%R`FMR6iWPZGsD3R3E&IrF*&Wi!Sm^b_vV6jdsz=Rcm{h%-x)lzfS*c0X$- zFDQTsA|C?NDPENN2=6oK-Pfnr^@bY3!^;v4YTEG{thDiSpNsat4$sY@z&MY7*Sz-q z7-*V?{y%W%ACayn7RyTsuXej0KJROL8WEUD#peLCyRWGL0qB=^O@|M4-7$1|X ztOT!f2{0Yp7L##4vCGj-=9Trbo`zSCEYdrmc` z3^wV0tllx{>PfgoMzgf3$^~u0=XPV*t}bbXH(n%$CQ*hL7|jT&nlu9Ihverfgqr>+jai zvx@FFYP?4H#p(a0`@}541H{G=JuTlkAdA_L9S|$M|0v5i3H7^i^@6`Jw2H+)_D8EO zmr#jWo01p|;XLy5yim49+xs#6bD*S3#_lEZu!#GM7q@gW4r^+86^xj3jp!yL!sF^0x zr?jm(2F?Rt%D*neHHE#`REzI?wEW)|T{twN+ahS_OVY$^A%|V4OSXZ;JBosa1Q> zqfiu|)9n)(JF?%p2Oyo*N`I2=?xQMZMM~3%)hRSRk|}k)%d3+XX@1ikUVdv~f)M}L zH?Z2VBqs6p*;X<@8`7ZE?*sGo`adoB`Bw{C11(6=P^)L{Y|gyP;&h&ZeXMesB2us@ zvStV@(x>L`ji)N*84QXFPMAsa_01+ zX+Kt*+W1nU7k9b#+e>ndmiDs}#bmv8=ACV%6j@8tY9CLhieuW+If0)uOL!9!&j1kK z6kCYIURktEeB@IbB;uIRz26xgMB1JL`y4L@Ec_?e13Sq{9Vj@YB!_YHUHv4LNuH&( z#n%&XB3%Qr6RWNewtnI~xu2Y=0mD<*G&FaPjNTUh8t`N+hXY0G#E)3cl7feKcXbvP zzob#bhLwhXjtc{4l!S({$wZ(4;G+qfd$&!BsiXm@B1Y+nEYA?17<+{mD3oY3{%gG^ zztV`ghRnh&uRq^c$mH4*uW=ti=GfoctMiQo$sX|o*ar!~yf)`xh*aku(Yj?c@4*B< zXQz{T%UHB0J)u5lQ~;BZBU=8#pQdrTTi}<*C~N(nwT3zmr?1;}Z?H=N8}{`4vWW}V zrsx<6q6fu^xJG(v{&+hBz~}whFr9q#zUefFtDkXJn8;a|Y3+stPcUx6`t0m+HzBDc zBV+scA=Y>1ar8)omtP3GtKWEoP<0jsuq-<|s#a4w&R{w^+Y&j)`2xH7(y@e>PEHnv zB7Lv_t6*^k(#q!cXrG*RKQ@2mO_gwj6Y}<{ zT5=|V3)VyswKXhaT+g>bTN@7^$48%*?5@m(;TCdU|>ICLC zSMMR7fFr!Dy*|4cre;}t1ex-@=r|VsSar}*%;d$EF4`*`Ijj;@UTI_>nX4n&UNqJ? z93fCw@)%vH%t_b$-YwEay)O}6$|$B8v)4^@j4L>{$9X4X91^^uVZ-8>hBWuj4xZvY zu%O7%x{?uxIF!?gO$KM3vl4Hf%wci_CaqWAUqCtOj#pT z{V4CfFDWRm8)}*Ce^&npX4HFH{4*uY;{{b~34iC703@H!z+HwSzl%k|ec zs#8{h+I4{V-Fnak^&TC2Tm^qKjZM4{)pOv5mv7}nA^U6xyP*%sB%V#G<@ zH$0agEgj@mNh}~N2ZUGxErcC_Nph6OIJX=EH0JPy)p;56u@okB&!JMI!RLh1;5if! z`VX4D8tRIOK<+^Eh!Tsv6;82Zc`4J=p4|co_+)nUdMpNjYwkX0G>)#1x&@i~G?Bq> zIhKeYQ|@|@miHJ;Uouo!HAONQJf~cz0C=$^cx|?HO60}b4ur18e;|QH>+K3y^{N{5 zip%3m=;yW>4-AU@(kIAd+_trCjuH0HjYa%UIV>%v1eY3@k8O)u(y}cF5XsZhdHDKl zPzzP(l}m$l>97Sfyg`Urr?lE*=HPiqQb#C>M6Zxkx)VDj?SS6fx&V*JkFjzf+_UL) zNOL?&xv`X*Zize&%gB)J?aDFD%k%dO>4cuIUS62*O4kB!)t_{sbi^n8toXWcx=;DR zqNFMYn>xQA4bPLP`;2pI{KGGQ>o$Lsm(YEdmP%Qb0(|paHocnU$m&Yk5``XJhDz{S ztRm91E=W6no%=;Bf2+kS4%O1NwTwAXo7`JaeauOz5T>&mkkw=yN~fNN^KuY#VmX_W#TXRE`tN`#1ondmAA z&bj^PBBB3fN#$7nmpCen`~Q{6{mGr4)2IGTqyE;6fC@mFWrR|-~xVa*JYXI4?Iw!*k59B%7feH{J zhLmu6TDn2_j0*WB6NSjOJ||lDnZ;wgfh-#U0s+tm0JSL?<8?BVs?H`Cv+GDumMHnV z&2=Sb0!TKt@BYX*Ew>neM_HLIE8K4{$HxFp1LlAV6%4$U1)bQ7#81poxaxE6<|@(W zH~SMzu+VCSl|J8nR!_)N$=!KXD1`$gFp`ZtGNR1)%_4Kt180i1ZOMQvsY=ru8p%A> z5i#-cgmWI}LF?)w{2PLBE-kB-l;DChX3QkCP`Aa@&^H`-3R>B8OsKK~VmdH^lH{brUaDfEL!^5LkUAwS<< zJOXz10K_V2=pM2RPby59sY^ux_2utMDq)>d!M((`7?%^f7B_1KYcU8m46-!5N4Tn^ zcK{w%2(Z1j8gDITnX#-s$hhu4zJG}asTxGf1#DxfHgY^I){8=%yL$ZWcLDBGo|Bn6 zud)fJU+o~ErMYE#j;R|WXVLLF$UoZoc$eepebIE1xa97V!?r-H@paK?8-SwH1`~eJ zz)(c7+$MW278Txu?+Y|qoK=V4zRKfYp#zjh0=)h35#pJAT;o5K$<&StpeqD3dOURL}oLUUTcpxq07%;OA$$eJeTUN&IJlvU@ehZd}x*9l3A` zRIuB+3Hic?2CGSJJW8VCau)jCBX#b}GHuLpu7)~!;fhwLSc)}Ft+E%SL)iR=YD?7ec; zr0I)PT&YsWi*V<;5fJQQRxb z;Ss8B>w)yiQW>@q3voN?F);ONM_RlS>#>TDflLI(q1^7#W`o-;XLmrUi)Tg?7|SDG zAMTSI-D17yysxqptJ_rTeU$rt45m18y-Ig3GrH-SJZ(dAH%k;s4DL|oR`gZ-CF}#d zTbz=0=ri&eZs?VGYEr#|QT7Rt$idMfbswBnZk5o{`dZL}4wj}*kjIyF5r6gm+|4bGW`uvUyw6L`N_ z(mLrM)4_?U1nPunI*;Utx^aOp@N&8>ja8&`TJDk$pjyi?O;1z1F*d69v7}il6YXs( zk2^=mM+TlRn7H?qy^VI@Yxska^o-me--!elYYtw9@`LVU)LEKtoj~yF3ZQSzk`S%p z9qYM!%WqY*I$9!!(RVgFlyqfl&D^v#x3vAs!RbBlXkP%_)ZC+`yC(|J2LdUvs!_ir z-y$qA!_MkafP@m&Lb7B`#$lX<)G+4=y1Ak|v4y+ajNP!BJre7}b`d&4>opHLzGt-oZ-Tt6eWI(pvH9 z!uQ&okgC5Jv{p(5zX9~yrPqtk^u%9-(|k%ZCaqT)VH?+QIX{zM3<)mzKTq5U}^hSIIZkmSVL zroD=lUGX*+*^=E780Z)UwkOCfZE)2mpplzKqO|>?cOFe%pnLhyx#%drks79P(JsmZ zXl$42zVi_m1UBVV@z}f~wz@I089jp=L_u%CDB}U7Un$eW%AJSQxeGhT(It+w0M^br zUwhazH+Q$%K>i37Oh`+~9_4rSso+*$;sI|ys`eSbxzJ>_A~|W|X>PTP*9CQIUxr3Q zl7a^?0N<-U@o@59krG^^opgWiyBPHuhBt8VN0{QLK)nvlufu*hezldihgyu)Uspa! z4*INom4a&INv#Lj0i+BaXfF*}6!Oani|=#0RTrE-t$sDnZ5y7Z&cII-v|chJZ2oN~ zMIzs2=;T{N3y3MDIQkh4)%2(I5e(DPxc%A4yDbH1rM->6U#zVyYjbPeWa-?8`Wx%xO zr_9Fm&A9~f+9tXs{kCwwa1H8&g!y)tlp**nR{SI-ua)q6gh zqfiyYBP(5I=X2l#$N5Z-5=SHw7bCadaBM#o&Z3_Y`M|*SA(k;vz zJD)T&Z5*dSo5vYrtrR@Nx_9;-m z2;96a2{500JIVh{?nzTqU~Rz%)4M5!f`K+J4N6z`y}qWW%S5P4v3m0Df0M6H0M%Jg zL7iUOlU6-7ok)<=D$As@)fwaD7z+H1r7yh$i%`q|z~E|JS2dU=MXuHFIlNWkFrPaS z^+=UYH5#HEakRdiNRg%0itLem&CFq}{W3AXoHZCyW54O zAF+lKY0a>5xaFcSY`gVT_R6W>5A;zz7)PnvdWXc_pIgVK_9ObF|&4^sum3dOgDiW)nYCr2bhcu<= zK{-5$mI0%y9E7Xpa@@^}--tC^?eBN)?bY6OADYBN)D^Ge6Bv6%Aqc0%j43m*j%vYI z%sma-2H(unFY~ErOos+%9WmN{bK-M1j6z_|!_U_+zXR)Ml9VioQCJYha@#HlnR18U zSY)l~m7U!^bQj-h+z8X@(R-{+At}pL@eO#xD{OC=+r>pa*o{)XpS3Q6J*<g4MMao0f5!X>TafU^^y@|9WI>Aa%Gov3$1pMDw76 zds3;i25*9iSb4g0a^hkQc=YbyAhZQpd@{o{w8uT&L=<>-r9HmB6!7I%rqV@?ClLWf zie9A5dHup}5Fjt55w;zrFa?9IuL7P*1g_*bbc5B9PWT z9=vrcD(YsL(qh%cch{CM{b1=PLak(nzvsS2Fz8Y2uX&)Av*HYLdhqp$2jf{AV$T7X z8(O=>SbgBkD8K&5?l!G*UB~`2=Y$lMFwKc z?@E~6Ni97yAo{>X>WrFhMoSBlhmKIaa!exFn}j zCXn!{q@;Sdpz@KFH5J*Xgwe#v+HO<^oXYLox#OWy^T*GPjgq*(FFgEIq>|A8DY#FJ z)|nW;eu?(J%xoKB1$|O3eO#oMiEh4^B)sV``~?mQ_|mq{Qk&DZbdqgf z+&1ty*T3P4vqX320s)ek(=c`$0;ZXS^R5_Q5Zu!PhDzVK-&+nbMeACxq}|FNvCUC{fe5lmfl7y6fU|8`E`qhLNejtv$k4?ZD@AK*A-1 z|Af6@u^OBoYM9h56gH1=);EVm0 zf=`Df0wBhKxTSSjKOEt4jHIFFzX=BH)ShrIBM3}XohwTwRx_R2{)$PTKJxpb_J z#cOrLJ3LxSURC$wX{fVTN7=Xc$f;%v^mX2?`pVNX^*xRDlRNvBk~Q ztag4-F)Udy$vcqLmI_y-{mDr%$x7wuTFZdrXDvnca2EQ<_iEAcUg}TLGO}0R{daM3 zZaMRiMo&oyUOuBC;tF`ley&QshQ4Lnv>(WJpVZEHS2f8Y(Y^jy-zR%5*NC%8_xd`6xLo}I0LKCvk&7idQhH8$9GVyG%a__Lp z7=bNs`}p2m@Le6?RX zLp$Tx|BO^tKFEamTq^PDy#~v*Ix4aN4bAU_tguXAM>43?7v@IY-My85BEqRm8Mx>W z;#!9Ob+oCOyqrAXfG3_Bv(P|uZh|yxm-S;m$o?Eb4?Tdm5A^@q|5ET$FankcvmWOV z)EQOvcJKTfg6{8kGlUk2MD35~Q`v^h<6shn^HKWO=k5FRy4XLTR51U4|B?RxA#nXU zB7Nta&dS{I?@<@(u%tqZjHhP?c6Gx4htc)#H)b~=a;FkejWHDVhh}ENd}@oooa!5< zk|*!(()?>m>C%dLGcTmef4t@YaN{=sYlHpDZ{x`J+WR{i2H)Dw3*~?FuUhQGkG=m; z^~wHR=xs$izcF*eJQoeH+xf=^DJyQ_;t8*yha9!-%nr~C{(LAGax3kW>A0$MkIoI2 z$gL5)T+ZR6=pbd)Wx&!1urT`fn{Vd_=(vx^YCZnmkVo5<0eh7MlQFR;&S8xKQr3ji zi?yC->i(Z{+_-P3t8}gzmfY9vgknpkV#O$Wp4&19Wp|cOe@j~UQIf?_JRs$~9H=;| zkh4f&m@KOS4Z&laXH*nRM|Z9;6e7@F=Z>iH2VLE+b`ocC)XUeu6LOXmi^~6)1Fr~h z0l+rE+=q^K%}&e4B8;NP`1B0!B?SW+n=Q0O9I-Le<#A;?T?{TYwpa*T$xNiRyy_ig zV;TGYN8;Oytrcug? z`yU(KHYcNOvil?Mo_yOtn0?WwwHMFoUkP{XZNPN*w42%(E5tbUH4kRoiyc!@*cA{R zsN_2pW@d@2p9U#Sw8gQ~psjc`7G$*agPil&nRXY<72;*9%VHhO-Z-2=cii9%Z$JHZh;T)R6-1dDK4kqqIA(VyW^a zlR=V{O9qyFRdF!9dLfj~#|6!mmreTu*0uJ76CV^8y}+9S0MQX>XUcA^xQTxJo_7~Y zZM$K5O2{Nn-3IC0&|ZB_I(GWSsHgi(;l*3cZWKC1UB9zUNcvBd@+!fBX}#Pzp4w{I zYZ5UrMUP|tw<}1L6wuPFMM$M&fWGc_aq?Dv0z z!us&_ii zoC4o4N8;XrD4(5~<}$hTA^rtC#;AStf?7tX@7+|7oz>?~U+m5>yP}=GXPmozUMd&9 z#Qy}6`DH&)6=6W>t=jM3`K9fjziC=5G(((cl2g_%))u54gZANwzFFx@XRPx7f0QR)F%_vRs% z$BUSC7oIC$#3ywDQO~bf$X6Q7m`(TtFy>CaW^DI8li9q;75<~|r*DTICC1M;F>37F ztM>22-A||DXFAnl!bRUx`un8fu5BcEO;iN6H*eS$X+2rR8jg_4#)ALKc#rTlr`Cq< zD5Ew^kjLey*1p-Gk;?Y=^i4gAppIWz8Q>0Uu218xaNRcT%cMlG_Zof_y~t3~QeM?6 zC;!HYKQ}8IHkM4yT4PR<>~Mie^^Mb?XZM{-S7!k@!o_YaTZ^tHU&UTq{mp#ipmr-+@RP22nq@&y@A9y7QWwbktqkJk?1igcJgJ>1nSilbs?Ajv;Hf~wrsH%C4G6t_$=ZH_N1Y0X7!gEdQXog zj*Fj@xcTo-m8SXjk9{Y5Tg23mUvN}jKK4V9>i6B*!3RP~c&xQKJYs2jN5Q7a3{R5{ zVvgrO-XIK6QC*SbPqRD?f662Lu%p*%pix(By=u8-XRb0dc&KKZrgh|q!bWU4%E9i{ zv-@0X%HxtiiLw5{zU}Mrv0xnWc&lY&A=~k_GHdFOdG+#sHvh*-wk$2Uk+azE z2lk=l#X;Pflh<^0lfx zBpmHYCnj;7K?PXP4MCOujmgUHT&F~gVN|3X;Su&S6#zFXU-aj(dC(?zkyDdJ4Q}n3 zb=0sTxaVy@w>i8Qve?b(6FuIcfBs9g_z@3@>hNZ*7ps`PN^!B)v&OyZu|>zbfBMS> z?w2}YpP!6#oNl8+L#@56&n8j1-%zP-hHVxjLT=wl$?QxnpE;1YdVb@!Tn!a3xK*QJ zm?-Ka##Wx}YdY2cAmB2U6XCO2!iwZ(r;olg!)4N++DIB_y1QWS*E9yKhubC%C!Ot6 z^!4n|ENof!M*s50+lk?SUVh&zI6mn4CniosMxLEGgCRl6%qs6T8_x_Pn|3(s|HK1e zMgw;CpNSQ6o*sSPpz)&Chj``gr6K^g&axs8xK-HX0t-v__2i2(6H`y4`_Y7X~J;8dvKwY0KKTzKNoHe{sfJ6 z-B9))sP*?_#Hpp!Z%O_c-ztkeXBo}?A%2qazN;}~Nv(W$lsQtXS*_c-aVv^b&y9Y> zGRohLQuRHV{|KECN3s&+y?pt~(YXxvtXHFiC1O92+y!FRgAYBF{U?e%HWv$WC-+_+ zTw=&9UC14Cov|IRLqV$EOPfy+yk5+R6~Hd=t54h-bV60tVn^SUUcmsps;6^bjB|Hm zi2FCb_`>)@*}{Cev3_akwfO9*OV|Vii69iSz~e04AyXHdY+Nw*Ig#RUWGJED4mTHLA{tYF%`_C%9P8K`eR*FFE*1 z?85B8h24uWO&#`PxlZt^DK%kqK)sjl;vDKl{U3m{U526ncX|o7GwDWWfM>+?KJyi8 zeuK#2z0goljm(Gsf;X!|1z!-_%)Y#RvX};xjd$^nTfQ#eOqHK{fS5UPtPR>3-F^>J zId0pg@nULI=|V*&T+qY&y1iI8Dn9*S3~OO^7W}E%5g=s#{V6RRfA=}_WYr7848<^> zWRRm*vYi70=)vBPT=(+ON@kJ6Th&X7r|~qo6-W_U$He1Ft~=0!uBgQxi8dhkCLuQJ zd8=LY4bvkNb{)-oNZFa&mgxMI3x(IUM|*9o?Z!;>(8Pn)PsC>}j*;q8u6QsIb3L`E zvyp~R+b&Axewag!!fSaMwS{hWU>1=M zi`+l&`^l4=$)2xSo(zos3b-6JjR#W)xs#Za`Qin9TgGr&uqZ7=aZq|{j0{z*Kax35 zi|9+HzKi#@XK=p$AH(_SzoIVE7{=~jDUpggR$+x!Y3zYz4pb#Rb?2y*WdDw|HoC#o zyC^G_{~K$mffDQmJMi-Zx$7^??r0(EjoXio(n2Sz_L(1n3ljN#wO02Tg#2H}39ncF z3Z&h|H-I?myk>W!^JNd??7z?2*sttw8qswN%=g-uIu`t-{9Lrqq81d*Cyp6Tuek%H zgij+RpGc+LvQ6_GXqq(hg*(`qX+O}qa5cuXyA%1rU@Vns_}=fcaYyLCBiVOU6&tu> zJx@~qeQWOlp?UId>=idAn_y{8AV}JUt;x8jmh>|e*mv-#U4F^4DoLiQ(wUoURo)dU zy#DhGay`l|RB%60$8jN@>n1k_wkT9VdEqrDfR4PVwVtQ0kmm%Sl>9S5PTdxBVaR)4 z?#0cUOj}9PsqFFO-ig*=?)Sa*=FrFXY~zH|;x)%Gl1$=(&UjiwUj}VLj&W^!_2$C) z?3&Xi@TUP=b+#w3Xj`!b-3!)Pt;mzS9~RRW`atI+&4gqvXs9wY+4jh41nqfJKgzWF z&+iMn6#OJJW?szkA@2Q@EcC2Iu;S>dYbwo2Y-YydKbIz?2~WivozA0KPzwPjN$M~~ z6!#8rsYh-q$Rc=H=;Tz{=L=uRKo#l2piiO`-qWtcKd-v`3t7)InBCTuN$;Zv9QTmr z5&u4>3(5Ecyeb&C9OgTOI4sEg&)>&GzyBvF{ogp^&7(hm|Fb@oPS9NVZ)6E|on?%=I-ThLpNLdf{JK@1G3v?xoPy*scL*is zUl;icG;O5D-j{0k4-QJ8^@}09U&Y4_WBkc0cJ01%J7#_Tq%=0!DT*|M&rQ8{=4@DL z6hsPh$axy@tnIyVP=NINt29jbDotRTe;QmVc>wQnH5FPfYY~= zed`JB%?^faNx(~k@LEw^g}GmAi#M!Wt@+1n6NdDFSa*d3Uv*N@YZV=S$@s4Zh^Ygc zDP*&8k;!v@M?&6M4_p7c5nTF}3o?~Gxc2gDw5Hw-BokBhRF68<-Za%2d>)PHZ6gt<2B@k3Lkg{c0p|w->xI7RV)7T^ z5HbvA4Sv${iTDl;W*QS>>u!EDy?!?JdL}f89Yi$~w9;hDCY%ALgI$^Oyj#lh>mCp! ze+zIUnkH>7E6DvPV1H)v920vr>q~g%pT5<(vHNwgr>PYfGsh>53nCN1! z4xSFV_h?q?p?c_?*hUFbTgI4JrKqJIK@t6gvdS}`_RizhPsirz@`+Hh8=_~_R$Hqu z8%pOhO!H#X716iVh4lv&jSFJYab+8&8yV|-zPu?+-oLwMW>NARP2EbVW)?N_r8!xJ zW%9|kEVF-XO=>upC&@@+Y$q~GE!X{e!b1zu$(0nz(VdMCpNT|xfz!}Ne7q@@JXdeo zifPJo?HVX|RSDnTO;7bLiGgGdwyEMlRk4hmoN^=|qVYL$N~w*ple;04CS>8IBcMPk zUbHWi|IH2`S>}ECA!h%hN_MIk2HAOlirTQxGvyVh@jJnNACs~LFM)5`rqyJoqy5Ya zps&+NG*M|UlNm4vM=s;tj&H_}0GtR)k!-A~fGMh3;@U8eccA&Cf+--xDnttk33CqD_ z@3G-(x@KzGvF}0#8VNecgjWBpUk}LT?j>LWn@Lx^?I*YZM@|~hMEf8W*uH-}u8E6c z@vjSCe6_-^f}K3s`8HogCd8t1nBOxX8V3ec@2K$dv{xqY1;AM9_K1LTPnNE2U{~GR@TSL; zZh6y<@w!vkWVR8 zSCV?oOxhAB#=g?ZIAGr4jAJlWd9kc(Y;dOil|0q~`8ZU-)XTz@vW-u^PK<~EK9uOK z77=4gNNf)Pyf?OrE0TH8G?_DE7G13$BJ)^$&Mr|%unQ1GYv~wc)ikZ zjYg?sq!ulc$D2)Fo1Ou4K`f;juoZI}UiN7sSFWkp&DO{jXsqXX{x4RfXFg8!Yi4ba(r(R`QyX6O@}CAlU<)y|Ucq!d`k7I+ zvp4H<%+CL>wDS&Xa$VbfM4E!2A|fIvuoO@MrAP@ylqN`M3esH*=@1Ad7z7a!3ss6D zC4}A~Lg-bONR?hfIzV5sLE6>xO=NQ8G zsR+WKkHq9P_12|G6^cK#DX9Y6DEs4E!RD!qdc+{{-7cd{HgMXNC>yPExF<1ma zNE1r2tbrcL9xwhzCnjD`N?kR(tfU-jby77F<5o@draS-AtQyy{D>3A&`vO(jCcm-4JERk@Q@(I--_ zblUYbHbf~45_=FQKh90#dZ8~`D6!^%4&b`R0`(o*v;@C=#^=BIS7;?&{Y`V?Kp9tx z0nd0ni3<-a)ELg-%Dum$M#1<{1FJ+w*A-7xGRYKki?pzjtJFKxNI)L65LZ*>Ep=*qmG-JogrZv>hp#90|{OM~_2`-`?K7VIOMC zmo>baj$5@vAl*L*S{dX-)E#FfCmOEh1-IUd4_G4pQf{3eg68vnsgt>?Y}QS+dapV- zt0vCl=P1!QUy5JPLy$Kw_iVPMdBR^CK1wfMd)5oklxbLX#fXrm3#BfIbWq5QWey*+ zmirV0vwa^FPf-`;mKNt_ugf7C^ZQ-V3xFAH$n9-{EmbO12xFS?tE(LfNm6q*>!m1g zW3PdOz2hloBiF6b?3!cQ5pw}L-aA#t1;0|aS@b=P`r zNQCB}jav^}CFMvj&AYxvUhQqSNue|gKBspX#AZl5)g!RihUKUnTS`A}$Uo2t4=`4U zPRYHYREZ2Rc4TuFTDd&vvNRI9ycBa*SbmErt&8nBDs7O!*%{~gz{Bf_M+Kh8w)4IC zMDgG)Vfj<%XGuO{DpC4hx&^KX_BqUHM)l@)-dtKYg3FTgiW5UE}8pS z1ZTLk=tn(F^WbIBO?U5;ZYL#u&29E<^Dw`kUd(eOF1N*v+tP)Sxzl(sq`x?f1QzCV zfq_z??_FFdWuCdvT4xoaPEM{8Y}J5O4R!&Ow?T#E$I)gc?)MS3)XDu}{Zd8NcXB;D zNtwGr&Nxbr(1E`XS=WP&xJaXYJdK2Y$n&Mo4*RrG-YJ7kE#BgvziEQ2uVR{aZ>dY0 z1Q-wYJ#oNvOp-Z+y>3J6zUMZsc6x{fW{m|QD{bpdZN3nug3K*dp)hlnxg`tykjPgp78V578l91n?L*Qz5pwi(EZ z9Hp1qpfO^Fn%O%FAw-7WIxYCmXr@^&=Obu}&mYg7T<@3}qH$HY1j%evM(1zlXkaKs{nF6dm>@k= zflzhr7)-y{fyTb}a)B{40gLE2^E1Gr)sYOTS2x@Id$!W1TWR+JF|!`THxU@z;6sg< zhJt$&dt*(~-CL2vUZ>VCS|Zeq@zsy8`^F#$BvtlmVW(PI&-i+06j8zCuV9wJEeGXG zJ^l{GnKNFh$;}qv%ngjJcXdb4z(Cc)q$~c&h3m|V9(i%O6Hix+TM>|mH*E7>Ex2eM zQt5#L1nZkLvw;YbKGGj8BYRaB0dnq5a#;-&*zaELFS*6bJ`<);VAC0z@ zvNGK*K+i`E%Stui&hlQCt`mmUNmdWcmj{gPw2`EIlw!Ey4r(@}UmNbi*H#6Zux|a! z?w?IFOj2oU<)wlO2np_`AMKCe<{L;X9f@0Kh`RB3i`yyDfe8EJU|nR6>`F^?c#}9% zjk{q;A!`QHA$OlW9lAdYqtqj{>-U&kxNiW5>Sb?q|A(>GT>8Iaq~iZMZx0_mK|E+~;A3n+^dD5U_1Qbk zJAeM$w*Y}it&#r)v;MLzdzA2*;E-^@I^5#yQWJ#hIYD0QXQu8VDk`Tdwk!~GkNGy< z+L8|y@r$mpPC#S>xFYlcs+NMoLo{bP%Ta3KVaM#5i4f z@&ku{Uca!gqq&i$miPuNO*;*$No}|V9bt~ni8R{b;NLRiZJ3?r`m%P>+89}Dx z288`Z`6a#Kns&)2KeyW>IoI|2{+MXGK+QE^`_#;nuC64GNs9bQRjbekjjich{(vRkCMV z{eX?ju{OIUw!nl^B)r2wE^MAfZput?Sc*HPFbZ67VBacxKATri!B9n%OR68f4VR0H zUajt$cxz)O%r8UmoA@YDaWK9vW$K1-2&xu_gv=4X_g2lwJ0|?@*yk&i3LHWDN!1Li zT`m(m*7IZ*)#+Q4bp)jRc%o{-h3=?rfocy7u-PCvxkg|hl2x*6?vsf1%Dgw520AOj z_N5#wIEuI(Uu${2x1;S%aedjZkl$r98PC8>yMb6-b*I}tcYcXvlvVNABma6y$S3xM z-eOyK+ohS@BxG8(T^eyZZ;$*qv%pT@?S`i=wG?hv>$}!%10BXg1rLhZ+p((G?+fi_ zeJ3|X?tSd%fAiplPWWXjR_8kPiQx7|&M6hR$X!KYV_zX`sucg&4NXe}pna8s;5eU| zSAB!zUde7SndC>zEO4}nz^znOEn=_dTCQ7CKlRs)(}$$61$I6$P}%P`4YDFwfpIuhLnbVo0DX1~w>kanr+)RuAelwp0kOR6{2=v#01 zpfy-4bZ?y;JktHlx~K{9>Ht*(PY+;jl8Z(< zRxK;NIg?4%z)&WxrjvlO@`TjA6-Hsm8Nh-*wrgPTcoEqiKZQq$9SnfVAuj8R8?$$G zK+ow&gOV|QiLo3*6DI+;aTY_`^utz@IKs&L0mncTBY6yyRyR(RQiF3E#h(j`W?5TUCfkl?CI(^R-%kM!E z3mL^2$&}N7GFzwNFTLAS-^($ssFyK|-6%-N6jqX=JXJz@lD)vEdiDx%h@APfnt@y7Tdqenrs^|1)CR5{TKR_$I}=Z`MF`zO zq0<|Zz{`?XFG-Q6e^TpIDX?W$S4H1x6D6AjdeG<|PJKS1+3uiUyNd*CbVpH=ik4DT z8(Vy5XB>QPv}Z5bHL^-hg8c$e;iVsmtN%~{5R}5?%A5O6%E?nBzh@kIOS2!^*WbKxwlxa^h3%lEYe*w+WT=(h6O6Gt((lx=|4hBV!8*ux?E4b zxAY5eU-o{DoQl88yEHo(Lp=4GVVbm(Z$Rl5{KXEMNm$9>Jg-$NZFG&ED-kz`4KfLm zxp7mX%{Jh!f#}mVgh$DPSHj5zh*7Fv^253jJmC?3%j)Y7+o2GyVT|JBa$a09J~}Jd zHTNpxNlwqf?l4c)7>t`Nr_#aHN=&zfX>-V+rwX)^p1o@BF?l*y-rTqCCm*oxsT}mtn9SUx!u*Mrpz3qg zsqGDtat!ycxlXzUSc!1NT{S^*b*JNZpg2(bR_Trx@FZX$5N(^9P~mwt41SIiu(BMr zH2O`%LM@!K6J+%4(1HSsWfJXk=aHNsJX-OF1owT&wi-XOPS7pas<-BjR&6E2AN-w^ z*?9u|y>Z^q+uDqQjbp{Owi93grm}f`|Ld%a&-M8nqU%%x9F5(aQly@^kWYqOYfGOE zidao*RpAZ@Q}9`jkCFC2d5~4;@^m)I7pUFS9Uo=HI0nGF;T7149k$?X>tf@* z)kQx}XARHbI?xH{2Cfc%nw^;Sdb^Gwa%(b!Hj{tXROQ2fqEf@AX|3nF9JzVyrqPsf z%J0W}He|orPkP)nm3weT1svde23mY*uCN!my zs|VK6A>nQ>O8pm#0Stbu_EzgCgcuZ2I9>)_rl+U^H(W;97>zGHHh1K^T8fbr3Kgf+ z=A#P2F^~uAyIjX68A#JDf3qA%y8}DECV;%#B;iSJD2qwPZtw%v^OupzzCEIO)Gh&- zYqqf+OJZ(k(NfpiaT>ZB?Na)HKU1<+S1hDRw@<9~-8&Fd8X1VRw(|P&;6>IK*5vt6 z4GxgA*uD`*`!Ls$biBLnrB-d0-a_%GdBYO7d%c2*?WvpI&nFrZi>*ETEXa5SO;A?S zom6A0Rw%wdY8tnxhyH_uL3ho}>-?-85XjsvmEW5*&_zF7tok?t9QUIhv~-uSQWN8U zsSdd}fNhs9cB0qdlO=oOr@6vJ;5v!@pRw|Nr80BRQfy|s{l4MZRoYb0VML;4p)(}n zkFvnS-+(`@0jbJPiU6wduBfax^3T7;P6I}l_is<|{~YCBvXA z@xF`yep;{D-=0vLwVtVuX)mgqC`x^L@dXC8-lna1iOHy!izv~>qwxfZb{s+@EpXG? zJ5QQc?xj5Whs3a$6I;DZ{bxx;{m#`se!iG$8JU#p?XJqA+=etBkk=94D=j9SYV5+%kZF*-CXIvsv%R{SF|tm|Lu!lo?!@0MB$ ze;pD5g#9?9etdfIg4}xRxZ@TM0P_n0V4WtwL;K|U40|BYp%`^}$rPSxDNs5aGn!>r zKvv|S>p&+Bb)2l714Iod37dQmNu8b3EpIk>qyA4zN>h?pSfKr5_j+^$bGA|B2#tn7VK7hY+wr0by%r74DWW>4!+uLOngA(Q>M_L zYvgDFsx`0xg%_?i+9hEJ05OxOkZ@i>_FPXOotpDCZm47#(!@SL(@tu$8hqF`hSxQl z?xrurl48%B5Qq2mgP&#$m0pxX$H+935P~{yUQElLhqIsIWxIDKm26^_c zUhkO&EXVy#A0XNnS&utV4d(KA_w!(K8sHCC)cu1gIB6Z)wT2)-l5k8hz?S6LARn|L zt7}xL2OJslJOAJi#1ivubNf|8f)j^Zd7;MJpEZG#XxvR0!GJAio{0OHx^zwuxhpBX z5Cn48oaa$3L#{aq^n%SiGlQ?1LcafO4*PMZOB$_6%d7GLG&$P9+LO4UeRAs`{nO@q z-D^Ate!ja#>HB2#14+O+p437&eS4>3A?5$HvITC$vR`9$yT1M0vz&-Z@)i9(jwCpsSge5H+q#S;!9EGje>3j?&T`;b>XLiD*?lr}lV8@0JQvNhRjyYz$^ zgvDtq(M-q8cz^nxFd!xdYQYw_a$mvVzdK)QQ}USCU@} z1$Ac~2SZZ%o&?|ZiFOjnNn`@8eFV71f&*(#bEcxdSjE)#;kxjGqrd-4nBJ$<34Z?b zzj!}ExH?Tr?&Kv$cc{B=LbMm9*j5wlSZxdAlCxrIlGnrZpDM?3|8x}4`R(X!1zxem zE|bp2X4HwQ2uo(dP^>e?5v^WQfjxXK=jLcOshx@&bLJEpz8?+9Tg;lPGQg$T=MSVG zzb(~bO4%}X=hsL@B)$#Q7rB<1`vjP@#P3+gW!Jx)y|&*VJ3(LAya&ni2?77>jYUH^ zXwJbE`A7#*nV_k$mr6z2~y}=zOF-4vYF%z$JbLb}so-f`Ng>ABhE7sONs* z;Z(nh^kSLs9o6`hJ;5)-2U&$&H6v6cgv3=L&-aysOLs*!se+b4I7?2P{N}>%VJg5k zzs-~N@7YZSGJeifbG2+;m(Ooqbl*Tsz+Jfx(&o129G|6<);Y@eeCwyy41o+w_kfzS z@Di-rRFBo6qgo~SNLJK7Bg`T7H!=Vo0u+VMl71CN*8!`Zijvoon})@vszFM6SniFa z>fR$?awb{WvJD+Qp3PK+g+l6W-ecZBFfJqf_4a?ag{;)+6_X}LkNKI(7DV9ZYpVcR z1R^e_H%@30SNPsY{)+w<{&V4UFD9(`hv#3m=_p~6IrFR~`{2%VP799Wp literal 0 HcmV?d00001 diff --git a/windows/deployment/do/images/test-scenarios/Win10/M1-Adv-Complete.png b/windows/deployment/do/images/test-scenarios/Win10/M1-Adv-Complete.png new file mode 100644 index 0000000000000000000000000000000000000000..a5d87e1ebfe4a913d181fd6bc50dce2e4bf8f3ac GIT binary patch literal 100498 zcmeFZcUV*1w=Rkw3i{D(sB|oVf{64cprZ6<0i=WUE-jP@s33?+?_GKarH2+NQbMl* zLMTFLAp{5{gtQaz_wC==`=0we``&x*e`h@pux3KC=9**7ImbKRcdQ6K9aW~k+5e`Y zpj6bX+NT&`4P=Pv^qm= zpL?TbUdag>Qv4z@}e<`GMZPxf$SX%z&UdZsi&qkzu1#9Ys*bAw#u_Y7X6s2C&fS!s< z7lc*Fxhi^XV_hcD!-Cq^KL`5`67$rbbW{gSoCkYS{`%*2PMPCd|8qQq-M@e8pT=z1 z`*Z)Ck4Q0U{d4}V-pcYnK3&U1d+DDyzPVmY`RAO*we#oce;N)P|M?P2TbkgzZUcQH z9EN=8`kXd{WLR5^Kts|#=Cfy6kL!aQ%zJZt<4@6EYc^g1PmboKTG+@~78V3_ZM3J5 zSU~_P1QWu0?6Q@}OCTZ$7M7Q1wlJ(-MnBLL%b{nzF!g{t@UpGfM(GMLPCf$% zJVH#>;@TF2G@lw}th?g}&>@Ob@v6f%J%k2Ad`*d>h?48DmFSw(ldZMNCa(uGHH#d= z(xE;sBK?^@Tyqy@jDq?5VXGTI>L~UiwyP}Bh-kZ2FlEP_vQ$9y@0S}OKP8hE-ij2# z%M89){MykYAFlsM2wF1>2U-Xb*A~nZf)6+d>(^v&ip*gpOE9@TU)43yH}nx|hqd2)XZ+?*&+=a()pg9dGx>H5-Kvz`-Y_$Ikop0b{> zU1^@0D$={^4Tc$vN%7F18N4iZ{vG?(7wpcW=e(w^|R@Th_Osc(GaDqRy=s z5==0wMSt%ZP*V1_h5HL(fVmX5=3u|Ognr6X^7fpPs$6dibdCIl2#rYIKG^kcB4pbh zy0;)@9@oTCFz&;tk0O;wDEAd`v#a|D5_mpgP1FbFjl=Evf-Pc|$d!{Jmu6~_1X;&} z#bUGJY|6bHR}3svi4$GVbYda^1B=#HWv?D3WrKIJr-T@o>LU(nrdLrGqV-PvwPni@ zWM@wbvH|C6-E&Db+OPN)aRd|M0QJ! zxf5<{VGf~Sfb#Nl6LppfUg9WS%HZb&^6Y~%X}LKC+(hkfu3iU&6QB#w`c&}A40~5A zC#PdE2YnP)gy|fspuKdp)ZWFpH#hYZy6-5^-`T0tMTq6ft*voEgcl|YefM$!dOI4+ z!Zgy=5kPik@bWAfBF{zufhD}lW+q}Y!Mdw(tV|H7oV91=d7mreh@MW>->pAv^Ls#I z3U;0h35M^sw)(1nH>cT|o3DrE1A^Fxkl0s4OgdJ1yDKne~pVTJJRj3e|=1|R4u z8ybHlEk#7!K@UF(`hj`>7SD6EqD23=@pSaFXy)51vVWhOZ+*iB(F4#Ka*tO4V#^iB=<>&2YngIy%bC@a2sAO!kxW4v?hIH-v7bExzoZiqj=JzTLyt~19P~e-s3|D)=BfAe=6pha3tlcXHS~B_hfiA@rueTIg=i4-6 z16xVm*4Tbex6)BhAs&J0-KxJr=%2}rU?x6d{uT`9_#(SK6Cr9O%ot9`m#{5v{%Jv= zAEXZLK|DG)sc`>pw(i%)N9PI&;*UM*;CJqlcF&~QY^i;97z?E zxZUX(Bqxw)$mF9lqhr)OmOIyn7=7~~SSDBKqTGrr2+smAXv-j|lcyBLqkbPu`;m^e zviXv~u(4%)U!S8nanNq_nw#EZQVk;|Nc`o(EJ7p*_k@f@ zXMdD~Og=lCUXY0iQmf)MQFYEVF;&>v+`JxcD>r7FIl`Ut#sD1L@weEqO&%&gXVU80 zy~M2v{a$`AQjJXG$*^925UcBAzcVDQJ9`C4`4%smo!Q&>O)(<$C;Q)_Lw{G7T~H~* z%1&A&sAI@FY~a)cOBeyxlKu;9iJK(Z`N9`&T?TxrUJv!*hJu8u92r+P7n zhn%U5SGp!w{+w>!L!^f(V=Hx%As+u4e+|GxfNu9%>L+=LHwCncO(kBQCtTUWGnxa+ zVvbr#14%j?=Q0+EFA+7mp!Xp!>B4O1$|1!GA;DT~hcbX2Wz4&`TSH)=<-}Y~MJX&X z>UC`5aXo9Z7*rL(kwL`1Je-+~fZdR5`r18DN~eJyV|zIiAw*Fzc_skBN> z&5j=|D2qeOrs&fx1ZE2pziJP-413uxAzxk(W0p(BsG?zera(^S<{D7zb!gG+4xxjL z#Os+6Rhe@y5(B*xJ3>li<$D(c>9e7|*S{M~oL2-`z|mi-Bm_bQs{bxr@?uaka|2-t zt>G*ltc=PBHiV+-q2k4N>K6Ho5+1c&4(kayx}68^m~Dl4J-KVEeMu%n%STCGLM9@q zd;WW^%_0&jm6DH@hc}qwJjF!gP0=ji&X+qeeOrA^oiEwv z_G#@HZluZhC^!0-lHXc^dLrDOj0@iK;sW;xNzeY?1xx05kzrooc%1GEn$k%PNBY1? zN>hzlb{lsC$JHq;_ST(_B-{cnb?@)6r_~3%K|k}&K5!v|*-P@$9yD+Jvd^HwB=SPH zd35C#=r@b8pAVU(p9K*eEroEWlppvYij(S&YFGqmQ`&)OFl8JjhKFfKs}4PNLxS$N>dBAzy|BvG zOjlfFC(}XO;WeL4B%hzlxwW@MziV6Rf2Pz^xy6r7UKu><^+n@_o4t~Q3#- zCs#=B__*%BO92@8+;>);>!d&dr^&0*;nUCN-sQbjU=P})=&a{!%c1S6ROKmU9RZ}> z;41dHve53otMc{ghOXCSihCk(lS|zYA!)_Ks~C3zN!`amP+HF;#+znzMR!E!D8;h` zWl68)q;9-%>7}z|l+xmrq_+wb5^gQOvz+n!!8{A=0TR>m{0Iq{8xJ>}Y70J^Hz(|% zQIb7XNhhHcZ|2U=(4pM5lk`1K8ciiqYvyszHt{K>>Mw~XURf>H0* z9pAh)1HPvqJTyLt^{djuIsuWmq`S8mYm3|F^k+;3!ysFeVf>o__p=VfxwpXT!1E#J z>2EbcZry{bNyQp+^IfruC8ZjQGZe zkbSSWE14oMZRInCX$U5EWR4A*4`bFQGw0+mMBO@_Cl|Mqlo6*NufH5Z(c-I@m@&)6 zKi;<*>?mJPJw2|Uxo;IrhNkcJs75RMSW^63pUl#4Sghy{{^%5{d;FTNBW={mfG$Hk zCsBe3Wx(X+;aLq=d(xEni3bt@f!XtKhnb4cME$6rb~p zyn8+pxv5_A>s06w6rf`uDgCsfYtsE&TSV>v1=`T#h!Rg7)%(r~AqL zJAauw<$gqf&^iBwCcPNVdm@i+Zj}QGZ+A?w`j=+=T2XZT%z_tugoQOfv=Y2r*pAAy zy%CRPe^iG-BW_h=JB1w83io_3VH|F~)K_pE7S@^d{KDh%nPDOEhSumtgLY$?r4gD6 z1c!Xnt#7_ENIbo`JC+UG&9(aBCJfS-YNiJ6Ti-&L!ml~rRRr@~d7?}{6cYN)9T}cn zQpgqIp&pD{Hto#Z3;L8}xg7#9*S(UsqnU{A14lLL$)LzVMB=4RWxy(aI%a4k`kea; zOXx2|{tlk@9#i?_!!HZO;O&`ot1T7)9T|dlf(A1k?9(fONazlqoHz->{rt182{(Au zYqkXcBFt4a8*#y_nK6b@>ze}FZ(Cmn?SPY&YHx#-jt6RSP){1~Qv(P(>{ICP9_G>$ z0eK1I9hsJ2B>bYY-!Y7n?cr(8h`w&MgMfg{G45$%BP(N9-OC$U|90Ms9Q%a>6lNWRfQ}RVAm(C5J)iE?%KL;s1GA~1wzFJs2x4j0%Jgh=HQ!W* zQ8F{hLH>;^k6)#(%;O&SwbuN-${|CN)_orSbng<8+gyv{f~9PM9=x&o`T@ie)p>B( z7w9Teq*0ttkx$v5btD`ds(;s(DN5c$*M&$?Upcqh|7kUUCsO-C4bIoQ?&$}O>Ee~Q zX9Uziw8UKt^?R$$EP^c4DJ$!vkBWmYDB*z3j?LDWGJ2r2H8*Tb=^I)I`-EUuvVy}P zcM-}KPBP9Ntjj*DAgukCgeHeDUAl_%Kk=FovbPqn$l5G6}q+Pvx# zTPurH9T(y3MzQVF$n$1(u~pJs zeYses$%iz=s=>>3>KKe^=lX!hA9RPvO5cAC;WeEyym+xT8Jt}yF7~^!Ckd+W-y|v+ zBH9D-bnAIPPfwOamoFsesJX@3;ko7udZyqC=lIwTb; zPrI==2M5aEmivx1#b|W#2Uo7L=$$bvo<=V;U(KRiWviTt2>gy%UDJ*zqqh#;k)KW< zezw;D#?00(_-FGJOG9eUy+67#IR3goB&0skN0yl7TeaciKTHG)-0}TN4(uj03)44@ zT0@#zK5PXi(_PIzSqJAWxwwi%w$pX`@m3pBHO1pTubj4ml(cj%GAT@a-g!KmYFcG2 zv+)YyEM8S_Q>~;J;Ts3}v5cz=x!;FpnEGt(S+Zj8w`tLz)u4O5Hu`T1)r?IH2AsDp zd#f+N&0{m!L82xwAr%>Pv?T_&LDj%2ol@Z+DI7<7VT4+2Jm=~+7KKCAMGPITq`aS zb2#lCcf>{dp%}A3=2s-Q4js))M*zzzh}*B>sf%?E8NN#S8s)t{hwQD~@o!(rbHb6g z*me3?QWI>mdBJn$Tf~SAY+D(aN1YiFk09*!-|P21uV}vKTSX@N_GK2&s+V8?{Gq2R zSUAl&N5v?=+&wZ#DG_H_+3>c!Czy}2+29UDkG?%G=l5K;$Hk|I!if=kc65XlFjqLT zuj1xQhCfP7uQFHolw}Cw?wafLK$LIR(`V%qwCf5PjSZ&+f6TRb;t84dd%kNOJtY>t zrD)mXdG<4X3A*-W@94l8C)he5#Lun8YU^pG2>`&$y|Zxv_JL3NF%|v(-*VnoIzLDK z{#^bvs;CD_JhgnTr`qb{mZCg^g|x)&oJ~HjsVAe#PpQ^#pAp?9l+mBw$FwzGP`hik zO0`Z8*u1BwJ#@mB92Cja*mYvG#PkZK_sfmw9|oDDb9|FN-#p#ghx{h5b9j!f^n7Zg zv@!al!SONHH~K+bjs*hMPL(-z{%W}r+lOF+_bc+AFHedNnm4d@k0qEd7|+we^`48e z&wa8ah$xR77VpG5gswk%J3u_pzyir>yj17+3Yd$=!^&EJAX zo=dzufkoaCXva>R>&*W_Dgy^oTG**cvA~ulBLS!y3<-OGcojb`7jp4gQygL;^}%1G zo><6$(3(i6(iMH?rn$|@5aR_$V=pjQ(gIo8r`f>qlGB>8x(OZXE|P*J)XYozXQRxK z9$FlzI#-Xf8`|6{6umNGOTCl$YvfwZ>kb9g4|`i!I)j9Fp0pz=i{)E)h3+|(NWS1c zSqy1rY6E|Dr9ZKsPj^AF~sS-fRwd85F%FC+G=C#_y|Wx~km zPN`K=cJG4fqVRE372RV^}6^L&G7K=D`Zhw^I(He&p!!k2ZhJ7r)Z)ouFCVI z-0Gkgz5VAy@A5vf{yU3pRsQcRwkr4ki}d!NFQwkn|9=_u|8t4|Ce`qN2I{{xP_-_W zHQeF-+W?6mF7nzrZjZBR(DJL)l)g8!io)d)NM4t+mE$vv35_d1vs z;NsV>BWzTDNNh9xHpI#56IS1s1?; z>nBvEq_C|gWFD}xWg91HH?&^i8u61;x(oMFY<`wFT){^Y^^sac6@2*Wi|TV}(e&^iW3NNooYw)oL6a5#HXTMGh} zuJRmcMv)$xF^kP%*a+&3tNk5-^)f{0=RjLE$gQ)uw(M~Ig<)}!c*9-HouINY&Z5Kx zU3S86v+?6(_OS1j?fygfVZgF;epC{L@a;WXwqLPy6qu9gQ=7XE2g9UZ|c% z?{0QXr=)f*QyMmgwv*;SOJ;OUo~& zuNghncBe0yeg`g<8yhe(gsz3VKA?`9PL@Ts2m}eOf|u+{R1tA zQ$7YFg$g>bgO-~-o8V@l1A0EOiBZ6kxr4dMrUUJPFaxZ8Yx3hm``XRz&4can+`FrD zVb%}nb86u;rfKnp^MUsC*PQyRbqykfELxx;$*qL#^PM*`^8=2}T&pqpvuo(_DC7N? zO2+caC|)W9rfIP_7k&jhfZeI%%0`}g2N*YklqJ`B+3QYyPOQhgB)1K0Z^{SQ+BI2Z zKk-9bG>RxA>ZhDTz6e!Ylc$8B{PW_&zsp&L2%+4tQgSyo|UG+1!`W@cuF+& zAfQsKc?O0wshlg_7+4-=XdUCagSIpp{`xCWiPbUcl6TC4Ztq5eYY%*TSQ7kY%cs_i zz4SZytWf5mPBf#t0oX16}5k(XWR|s0Vf6YVP;{dm2P+4bNSz7}Sofw&cd5NI9uN^781%2mp{`JP+*(lg_ zu3CgnQHQ9Y1I)1F+(!eZsnCbL{Nt%k;Ia;fud2xHKuZqUwKN(vbV%7v|@ZKm|vnLubz&g~U3zaOz|fg#own zDDD1BBWzy>kEOB5$64Asqb330fuH6@8H%n_`hDIa`4vz$_O&QtX@&tU>gFFe|8Lpo+lMy=(ZVQmhcHHN7A z^oAvDdhgwu!7mBm%4I8Ds;a)uq?S`dJ;RE8d3n(*9PCemgS#2d%(yJQi%BA&hHGmA zb?w~m_Frn29bJV3kHd9|Z==gLqrK?*Heb<^_Xa}(_wO6e8w547p06m*yE*O!;BNp{ zXr=J^ew8u8s*m-yzB%vnQl2b%IVEf=B1m=l<0kf2zXDWE;jB|_l+<%Nqs{cH(dtUZ zEd5~jF)xF#xpz9=F{P=1qFA}vb&vhFChw&z(`auZG|o0#%e8+PLF2ekkheDty2v1o&lu}o~Ch+ThW2L2Y;_=QzG($LI#S&6|_GwW#TzgQJGJL zU`S)}QDN=;@}9Gye~W>YuvKtj&hukBk2CelglLT89{S-5-XgQ;>WDHIP)G23v8mBY zD>hu4FUc+3lr;KAL}g6y%U!|~8_-qe+^9`^MIWwAfJJjQh@a_W9k+Q-3?j?9kXyoB z73Py&s1#)$Jhqs+`q-}^A`$<4+JYr^)RVkF8VJ%;u)b?I^$K<<9??R%`9MPdT*P@} z@)k*zur|maiAgp>di>R2J{gb7zGe4;m4;IgcEMWS!rK0|T|NrACyn)z+&-wt(&*W4 z!9Es$S^CAC5z(u+I7Z%Z~{pGA7(uLNL0SR2?9saA2#Cy~O6`06w>1>mgw1eKc z_)Iq>t{(xzCj>R5SCSnXufndw?kHz>vouOJ=}rN!uk&seQ&Nq)0Twkg z({uAN$fm(oDe5d_qY#8Oxm@!Zt0$x_tZhk^8B<7>5yA`QtwYc=J5t6?GivhXsA^oR zd0dUlbyWs6rY2u{sW9w{M0Thqz;#>J?80k|&i=27qA>KwFr*JQU{RBlDTSw`vfnwD zTYO`UdV9O5COhi~CHz5Q$Ww|k44tAT?%a@6!!ynNRr*fJt#`}1%hS&E#-`z#;#qUT zpr{gaw(Kg#SKz%Y!;hZoIY7%-29n)%Kr=(bq8WR;pi03EwX#`f6itP~rPieEm5+eE zeEsEs0m~2SU!6LqB)qiAT9`&>CxnMnkdo^W+^sZ<-#b9b&qcn(TDjC_MnL5zuH(_f zsO78l8IZTSYYlZR+I*ymEFN79Of#xj-s;2F2PKpC-t>h{|4{$Nu=jMs9zWD7lqm-t z&!xJRr?XxpplFMbyk|BC3SJ~L^?HlgxGjiHh0wK)C)Kw)LfEM{?(lq)nox$6q=^!A?cQ04w>Z5#GQ`Z&ay}j>baAGG_+L>rxI`0P?6`0KNiIfi78CWhn6j-Hk4QM+?N>-H;Fj_T8D-e)=?RkxHv(E8TCc`|*XzeI!`=C}e4;3{wqK06-XwGr}@>wg1;)DB5N6ity zoL#K2iGstEDX;$LQ`CEXD8%_?1xoV{JIP%-1@b>wb8`xKcs|9Sb4 z`G}xirhmM{g09Y*sj`@eQ_pQjrag%I^qFGj-^(6OX{lvte9F}5@sr^h7;VYwG%SOU zo}LQoAsCO=pGvO`EMBp>miX&3Sg9hhm7B9LZ|rzSU9^$kqrDWg2kA=W+#W5x&%fKB zUbfu%*U$9Qi{#gu8hkY+_cGz;Vxm7dp2=sZiKBedQrBlkC9Nx8$TxL>AEjwcbRpf; z4h{};r1PDpyOddm+$wH8MJ2K|2;a*OV@tTt<+&Sjv6Qu^CDy^v?aWGPC zB7y8>(RzTNC#wRE8XIR0DWW_IQ4zi^5`rPyk~ExrX%8{Uk-2y4@6dUF*Dk+m&VTz_ zKjG=@)a;a;-ct&W3Qq_4a>R_-Y4 z>)Y30OkK}LhoK#;h}`<-yUzsLWh>G74lMF6&a`>+Q9pY8v{BUZ+Nn zayqcuS}s?jdGGV8nu!qOIIJUH!IuVXbnHqaqb!J*0Zz#mSiVA5_dl)Bis~FF4G^da z$!WF6lc#mL6>3CF2gTf_8LEmF2ugF|JoZ;SRfnTt0lgA?oV*MILe}b+%yc0OVaCuJ ze<;65G%y2F)i`&~L~Nt}jD6GQw*;<)@8@1RCpwGwM3mx4#{*FML++^l?Mmyy)l#Lx zyeT&pY9#w=7P!QVbhv-6vO9MnW19uhG~(4#u#gU{5QBR$otRo5=ctexwVeD2`h9>7 z0y2O*ZU>A(M*)c@WeLN=Iq+TjVH;k<$~;B*F!TOL`MsJshSb>x#)EIU?*Tc-qf9CS|N6@|)it{tmKi{}tu0dl;>u-j zy;?ni3`0H&L%);^aH}8=Qj<78(~x{Ufq;LvWZ3>&xc`5j+;hD8eFV|_S5>c70p z%l((@3$fYJ4b-3hmvpV{wwcv^@sT_7NFg!By1VIaKw&wW9q*u5O~|(Z1A+p{6L?oZ zdEVcr*|oY^ziZ|cb_T*@l^0seSsr%CB>R{pa zgo>-bG6H5!ncsX0LpIDT+gbYQ+F{Os+FU7D?7=%YAlv2=JZ`nDueJ21#OqM z2<|r-(ql}H7jP=@tNfqvy43yHUyqoz_O&nD9(aCxaaXWV{2YzmGlK8+Hh3irt0G6P zQzpA?w+sYbS&xx+V$pgTr1X2M&-e##vc`5nQR@41FuamrNDjv9b&zItf=OZZkXho) z2Sc}QpOgmOd05fZ&nQ1=-I7@{Fz`GWbJBrDn|`_b&sZUj_BpqynSx&rqIB&)0$vR^ zMg7P;Ac$RVjCz4TRz~(k;e}{;XR^wLLt!I1zdt)G0THuZz}3{MG3@5ghldR|#p|>1 zN;SWhIe(+cAs^KK!sO6Cq1uiTr$#UCw%{Fdu~}$du`&>io5dX{xLX%7Ug-dRSuGM= zyNF9MZ9v2DtLlDwkLA&8@Nc2MK{fL}XZmjjy=(sAS;H=j48qSbYJ}n#w#CJ#+_U&V zVy^UjfGNE8AKyn!zKlATxinMxWNP+8!BV0WZO^RfUKDFQWofI(9>QfXdj1+0ObJ4S z1IMn8r%tRNtjofUKf?qLKP`Y`sX2yQQqO{)U9pyLP8V0wkI{@B(L9FC79&H!vD>%> zNlH>?5Ujox$p?CQH0rYFnzY@=HI84nQ>2@&ZLm>N4q~P>+?$K1zth38VcFei)cXAx z>0bZx2k8pbG#?2%(tJx}E;bb}W368qg75en%AwKenC5LW!|xA%OPIQ4so*xI=c$6_ z`YlMz&!DE^o?pU**Ne+53srOa&5xCX1=h@GBTr05<2n|%0;L}eOTYbT_3hcP^7ZY_ z#8iCloSa=IUH}z9!^sTGsT8_=EXl>wvR$sUT?@~i6JPtKDUUIi@4AUfsRzoA}0pUk1Q ze}`>d1IykBJn~)Z%d^LtHig;xINmxC3{|O8wO=y_>&+CkRQb9Ax+}ZYSi*losQLak zFH>6R*eliTXH^ZZdb@};>t6uG_;}_-iXwVI$n)JKqJ$qC2RB z&6TPT{sK+&C9tF^W8v$dXfqR1?S@`h9Yk0?Dey7C0@ASUI6~DE*8I+&LI0ryc*{!P zM{M_h^mND>v2FsCZ_+Lg2f?X{zlX01^?IW!t?&=*8-!4tm`;oJ1-n(!ef0_!pNmCy zMY>^B*O3A6{;c=;QATh4P<}h)`kDk!Xt|-lC+r3dI;L+quS`b8c5+MnZitx_`iVsn zGd9K-QOlN6yraB4lMe%mA=ix7156ahf}Pcjg>#02zGbhGQ1r3HE`7A`t)2A7X9?P9 zUs1=!yiv~=M%akb^01vD`8W~f4be3Atv~MI@ct$bq;L4@1!#M2Ccb}RS_j0Ube2WV zWnQ@VMDCmkkkX1{Zn|tM>idTFGJ6BeJE~$K8uhL}K!N7Gs@J9U(y~=~;y99fWYVDz z@4G^UJ()(5S9aeM8u+j_Koj{{0%9qSDbhaP{_4t?vEjW;prNp&q2_6C3+}|!{(Fyn zjfxDJ^X&A^XIb5R`h`{U2#2)G9#9)PVXd(@936M4!kv?@J}lE`(%QOvS=lNA5`Co` z>efY-q_LH$3(0OV&iJKq?jOBu4^?LubnA=SxQ$F`f80Lc?J5~B|Jc3}lBC6-U?>iy zr9l;zi5>j~KBJ7Mt}X_E1BjMZQA^kh!K#>7BX4{X@B4(zZr7EgPzhOcpB`lL97G{V z07r)w1{@^f`*?Ak@nbxyj`>51b00k2~JV&*HoF_f4Pk`966Yex4@dbUKW~bGIYVX#8sI zcP|91bynT$NB7{9Z+w)}^tt3@TqNLF@-2}$UW{M+5ZS`ywuS|-MArUEKJ}dJm6vIg z7Z=Eu!6LOc7fdz3i3iubJja&8-v_Ah)Ew(o1Uyuu?>>+&)|1?Mcvj$K6yGFp;@?MT z^yqbHFyquXx}PXN&`w(^zY(%#+~D*Z;@v**WOAs{Sp1nupaRW^8&~ypK4=u385LJ> zINWa5+Up0DZps!x*)0!_EcY88bh+jUT}23wtPuV zwA@;-u4kV;HJQv2`%CTh2r(2ecA#mY+nDFJ0IbOLvpfIjIO&HeyI327ED0N)rcQ4O ze;F}T7MiXfTwAkuD)1ab4F&LZ@xDSymrVQC%bRC$hM|2Ab*^|VVGS`n)9vq8PK8Vm z0WUG~T0qyMetd*h`4kxZg5UToiMPRamv!cM&lnfOC@^yv<#G6R`J6AG0(ZUxN0 z;o_G(tt8T~2=OK-D{FU+4kc)q(^HI{O5{`uk)tgaD=(FY*;Ucg{0@c1P1SSwz@Bh@ zZT-&qcVa@J_Qb8pG?tF!dekJVqx%_LznNr6$1ciYZ}YuIYJpHy0LrHm%=ZJ4WW|F% zvPjLi=+m{uG3k){XLt{T0^4p^S%3jmWAaz}s^sgF5zExd39|*S8o9uE~U6oDGs_ghM6sf3s*%7LQF(6 z;c1kmFAPBhq?BCKg3FI<>%U!~s&T+CJ{!P}>IA*T@yR~Rz`Twyp>Hi^JsNGM;Pc2l!+gj^Ty)b{+^-Fwq zmN=S0sZwK}L@HJTDmX-wvM$U_G*x%u{`u}6BTYK~+VR8LheiJL3U5?Y0tUvdk@;r- z5g@BRRqfgMLO6P2C^o>D;(CrM7NKMfG#fr^>aeu?_TmJzIT=a8vBussiyOr6-cbBj zIhI;=gngwG)`Hmtz-*|QrelW4SK2AdIteLzJJGYWpw4z$YlbV-lZ{#rGxD*Mr1(zy z7q#rlkbkJZPB);Sx!-kv_I)Ni4tkHjfi@6y0Z*(E7n`=F_lvxY3SZd%n*M%CA$9QT z%27SZB!k3_CU$oZJgi>OL2bG9WpbFCTssMhU*tvZRw0$qO%T*?YKcm}(3fv_5lMCB zbpzb<17{$!Fndz!T&hW>V2BI>RJK<-f;8tEa2GwXtqkbjj^}K2y9i(Mp=DBuKQMeQ z0*#~+g=P3>HKIQ3H9AQ}%Ib=UeC=Y+g-93KfIyH%lBW0C_gYhjEqf4~dNF`1l?`2Hrlq;^n5y z;IKx?^$jBXe4PDt%?Kj=!U%}KP6*Y!F+wVKnzQ*4CX7%GBBZ_V5B{Yc7*W)xy(G`@ zbo{ynNk*~ec3r0vwi;DDV+0maevgz%6oIUCP^G0{ZWbWu$+$yH3~$tx>bT` z=I8e6e#0naGTe8yibkhR!N}xnLyqzT_sMe`fOJ z2V~3wJg$!zXjBudo*%;2;NGNfa}r%gZsKN(eO!6uZNH!29>~rv&Cr~)_Jp^&ucZs* zv^$LZyUS5pug>EK1E8#Tqt~6zmHiW5oAwJ=TfE6m{V_|sV_4XV+#|z{l+3{=Rc8*p$xQSCty_~o(f+i4Lmr#jcCKwk$_epuaKE6;LgPW$C}!^ z%WiLK2_)Y^ux-&oy(>CE{a#`Rs*Ac^&xvMIGChxKXKWIw!Z+kjFtS6zKjsE8hS~0G zdg2)qG5?&4)y2v|3G^?##G1>h;^=5f9bvwMq5iW}i8Z!j%s+S`W5EaAv{{ks+&K3j za(nzo>van%6fzcV$==3zc=WejJCwoWgnTE%>cB+< zCIOCq`#OBKcR!{#0xVo6HWg1Ah>Kk^yq7Kc*i_7PuA*x^DmlrON1Y-wQdi_y|)T9!%yA^hJ6 z)p$RhRQ46wzB@3feGFSGxmY%1fh0nB;j@1?3~Pt{j^F;f`%Yu1B@ zF{BXBYXfgCx_37jUBb(?$R+0g*0kEWCc3h?+F#(P+WUKWi%`))8}mr}-%O6S7%In6 zo^79lbj7PtDy}=$g~}1$bCi=FxyZEWt+(a61c1M&)AB?nr9-N96WC%T%dWRzqS$Pv ztR*C;|LjvEf2k@a#PgWnt_*o9pOOszk?F}3be`LLy2T{sh23gvy0-gc-1;}oXIGFb zA`W3;0%Dogv;N%U8}SDLVqTehR!V&gHMuv7n`)~3J$go?YBbc6XFznFdHHQw%D0^t z&pWvNWp-}jZFq11oVJNwSe6p?mh!yq3rGM#i*wgJ=4b%5xPE0O!=mdIT6Chtfa6M4oTGEj(Jo7q-ZhVM&wqVMLg7Pon8Bs3VOtE5r7G}#c zpZe^-iJRJL@?V0Kr6Oe^5-YuSx9|sLkspw}U)KFq6(@pyv-|c=gv1O`_uY{~K z5U)5C*Gal+`h1rzd|}>sC(%&tuEW_njdh8^GviH@zL{h39HRbCbgh8yP~YY^BDF`Q zS;l322@7HCyq`cxmc5|8(yvyjk$vvt4xo~|gwu}lrsk3t&)qCOyYwg35%u{vc z==de{u~5}DOgSrq=SF3i9$~b6bEMrWZ=)XSUM6STVrfsQ627dw1Q!g+-usO{60$SIZ25_7XfhLz^q@iTn+Ft+gz3;9;7e`p=v7W+{o6 zcNfwaW|OVfZ+L)F26H4 z?s8C%ZW>!jI&lSO5H#EWN9 z^IxX`L0pJxI^(DDis^H*u3Ku%s}aWxyi=K{3F{?h9mA@~x4#WsA4IW~Buh1PQP)VV z#=`veSx-Xp^CZu*2HiBOEa&)mm$$ke?kT8HXLXlO#g`avk~_8hv>e|yj6RMGd=VLQ}%`Q1X-0Zq+|LR6v4_I@=-QEJWs?g zsFL`B>l=ct)6Cwcs}*YAL)C6uS%X#2T+($W(|d7ZAe&TKl!>v_wvU}EsQmqv@Baou z_mCv~NN5G7Joz!#5?PRst+(&>y*aW|x+Ohr96jT63>rnPIAf~iNjpox#`U{e(`llx z#S>+G_1V3p^%0}X4g^su28y{65lqFg&)s=kqfxTc`3rT5FAN#FE3S?Al(h6G=VUL} z|A_mO3FXX>iWJtp&?YJmExXm8|&eR23wZ zTH7>n4+_P`EXsbHL6%U062C_?rB#}aGi}P*{JG}C+gx+ zCf*86Ns@0eLXp1CNKd%bkJZ+7sjiX#43);)bq8IS&BOVsxQi2vn)XVeVG=}>izaSt z*xgD>V&9!-ssnA$B9s1QJM{mWjyO<|E*oEKHMfZEQ>)&ffAKWcbUH56Od1GXYptj1 zw_Qej5#E`PB4i@Xb>%ml!jNgVS{iRS$L@{qO+2{R-c`a*A?ErDFX1+Q=8|*XKHBa= zq`Yx?JlDAF(&r)yoWp&~Go5-^Qya9fyIJqVZ}>Q1K5!YH9goj#VI7~TK=oX`O2k54 zy|)6*7@0IA@~DKv9Bk5+x+k6sxhVI>bDUW$Uswdp6yaPnMoF5u*WhP_{j>1Pa6^Rn zPyF)u*O=Vszgs{1e*XLqzTv+<)Zrg^^S@K|ntn;1S{{)VZy}X?!XxygFUd@W{LgAc zKblz|&VTjxtX#tTbExx!x~7SP(v8XqC$+N2@3ln8-NI2|!N*cTH)Yp<=!9}?fd#kQ zSID=mf5d{!y+OmDrk%AEDG*@kF|OG(wCFz=i+0n*%$m_Tu5W%wJ%zhrY45AsMku^x zF%OT?Za~RsykLp?i>tP&^<~U%Wk>}FN{%^7q~hj(0#+eZVD(j(uYvwQfYsziyfnbEGG$hG}2tT z=l<)z3$IZ17fwcqQ{msG+_Ba-K2jg(a2$DhQIQj3a11_qCnQxfAd(`TxRIrFMRwQD;DLdWmV>;AMcU1_L=vwu^L{XFH3NiEEWS~e3CjFpN=oRSAcc@Dz0B^btxf5xqqXsT*dwBN`q ziFyZouX9E@m@+zg%L8b=d*jI?^ee-l@F}y6%+8-)C%9HjHUS11b?l)E~tNK;Op=m9~ zogv8;3*wgWcKl!Gt7%Kpv&i4^HJ@M94&t;wPrRNP?qgf)b;f7!v8HV z;`sP8VyL;P`421N0#p#FvE!9IrbOyRpjs(K)MrdcznxDUA`n)I68RR-U-4OVB32!} zv!hT)wh~%+fXYt$%oX37A(tcWYymmQT3dTYiy6r57bgi z?0BUt#3T1azTJi1sJ5moHed(Ef)!UJe#80#u(Sjtc_pF^xx%k!<>~$Fx^q`Z%uSL{ zzH)Rq7$gN`7DOe1vq$RuZe(AWc&Xs9C?ms7g=#_3?EEDpp{CO9;j1F30if&68$QpF zRzu!obl;b&cJVo`{r@m8e^8pM^RN+{C#{G}e4o zH_T-p{3;0w#U~_r?naky25SR#8Cdj*(W7R_O-mZiWuw0zn0( zYY0i{?od&>ksM$^7ajj|=-hg|=nc0x znZ$hT>F_t?Ru*z&5#81(82f6$>mhve{ZM}&l=AXZqe5xPu{a8ZAwaZZW^pRa^>E3~ z+de9I)+n*DPulGnc_Fkh@cx>t>jhS@HBMYo&(Z@XFRyO9jgI@(P|)wGi^v_eBxv_u zU8|bMkF^4ISC+%T)y62h$-z4`&v;ShkqE456QEDj;_(??!=}8IqdBfq%1TPU93>f> z8@l+uPczM1nX)i_fYV6QRplGuJ`GY~g)(NypqdIMh%lMW#5{!r@mvf!p?V)*c%)fZ z*K1re7M8MUR?zl5Bfry7u72y}@pamE^n|`AH34ZUR${-#J9W3>xXjBeSw*6RM~8Ic z-SV`&si?KGi(B@3*K%oFN%BMiNkz2ku*al5&5mUMBKCx&CtLr%?+^?7OlvGi5=IQU zYJlJMN}aS^?7@AQx4Fn=&8nS;qlJ4svCVz2=ULVx=MQDl$;SJG8kn;y6!8}g{thbF za@l7!J$_7hiuTzN%j7*!F+s+RJ~x+(cI3D_mlY}5#(UcHcwx#h@Za{74PVJxZIOSh*W*7Sql3f@Iy&m+J|AZf94ArAZAPu%M#!PFh^$rJCvY4I}Xg z`LdtnH3iG>e4(4T+-1DmTuPMew159E?oY>knkI$HBKf>K(+0~fM>Wxq$5c6Vr`LVj zt^WeI?uEg#bg;QJ*Ii*^aufC;} zBygnb?w7P^Kate3mby;ZG|p5_5_fAL%#M7yC9u6+{oCAkqzO|n|CPXNxz6?@Ypb%I z`uly}HCJnWejAz*sKe{?xQ~vV*hi!9xI}Pf&-$V@m;G0Apxp7tx7Q$bQ|>XHecrYb zw<7`ubsB6l!We>bbMMLtw>eVZd8Tf%eQEr=<7JL+tLuXgi)NxanD5`>nbSxm9;$_Z z(&0F87p}P$Nov|x*DAkQL5Pvad%gS_+q%MpR}#!?y-w@v$m0q!;bRDvPe*2zu99Wg zJa->@HpNU>SM%;qHkM=lXy2u7F5BkW+cn8&!|)PaMxLQvGEH9Y0M7>t!F?Oe3*~p% z+{?Bnl#n)x1n>~kNX`|Ur#yl-y29wT;5CcRxZ7*sK8q$d}hx=m|Jb7@>g z@~dwBv_#ZXiC_y2K3_lU0*w!HP~N#X8_D2M*NTrs?^*(FtOA>^d>*vwTwVQL@%JmH zZLOMuT+Zrv(~7{RWqHVEcg01aE%1oqTHAzY$du}WDhy9)IL+08Au~V+=1{ub2|T-8 z0(PMGv~zp4yNKB>Zi)vx6$e}wo=l;6NrA$>0s$i&g} zCwx5pdV)(XWshJ+Gb`aD5fU}daY@%Nag*`$;PNvVy0ZE(rO8gcYgzG+8L3=R`I$tR zmA}2Evv^ZE2%i%tLblRlQl9305TZ2KXfe-pS)9K0!g4={>jQ2Ls`+4(L2A~o7f&q9 zoO_Aa)y6wm9@)Gpg{{Zlb7>qhJ98OAL;HJ^80Fyy|;!||De z!fNU+{2tP!Yo5YB*R9Dy+kzM@Wd^KT(MPh}%vH49xEQH}@5POq*4p7IMR%-(K_-_V z2A_{8PFWB_)N|Fpni}$&v``sdX@4mliC5dj86#!$*V-EvfQdTT*P9QRDSWRV1-&`Z zi;1p*j6uQ>F`vTNYF9N-Y}MhkaFW|gJBV=Xh(aGn0j#9Kdw@vxbT7rB=8cyW6pnL( z!GZi(a8iG*yk9Ymd9b~mzd(#BERmj9@=CN>hAZsjHH?UGP|JW1NI>7x-4|B#`Lt;I z9h<{0uYB$@M@3u72@Z~Fi;meJaODtrnQI0ktU6ykxkcap!sW2Q0+qkrnAmn$6lF#> z(mPX(NFPB*SBR$bUB|mGC%oP?NZM=BmM0rO-qWJj{(elAAowGBTKtMdMwpsoq`3wa zJS|_w%Z`1hEiodE))<85#PF|$uz`f88L!1UQ6_JOv2v=PKx!cL?bx4#qAhwQQ3;I? zx&7g>!G{E2c5|QLX>ZDWxM^yiZMbZM);H22a^bKkJH0v$+N;k>gbLMa9(=9}Cy^a< zDwb)o^3Iy44%Ify3|Dp^SzB7Dwn52fk({2bsmG`4;JO8q6C!zH3gtYfPh85}im0(f z%9Hu%kYHV#0s%D=+)rgs=`0rty(vomfOu*s??~VW)Wm1S z$CS~PL@LKygmlV~9!sc*x__A$+3va%E5&m{x(~~uP|h$@0TSEQiexr%lyXf1{uG|3J zIhqkswSm;Y7mBY@GV$9&HWWEwD3g7GxbL-H>}Y$lh@b}tzoZH-spk3tqVoG*# z!m^sy8t!%dQFZBkYB_JEO485i_5CaDTGDh_q3>7E6wd;a0>MX?#CUvKq$)A9({6nS z_N{q@x$!y#OYS@7Q05Y04ph&j0z2)g!wD&AOyZCS`E4EZpvn{v_6%F-W7FxmEE?ly z+IlC#@8ICvzZ<12vQ2;gIv>9}c1K#Lx<9Bf4lsYAziHGr4m+=(7(O!#%a}t15dHoT&}zWLN1W>Q(A( z@AAVKV=3ASLw=!gcNY_nuJ6AvW7aX5r*ye$N8r%*SDy)#wkF>`HYZB%$w(= z!i@weLaD7zee{;3t1>@*bYhP6hrZ9w@`=F88npx;4<@g&L>V8gN!3{YkuK(fErtQq zP~9P&S~S}j$q7AI;!^cf?d+6Cw+fh;mCFe6-%=@(_U|D z%>KQlTIO1o0*7QZ+b~3Ne>;2!+P~vLSLF&=R$RSAu|{;i8|&`P5<4pJ+hLajl!`U6z8N7DBlsRIWcoUCegS} zYVOr~h!rm66S<6KWA$<=X9te+Fq1OwjgeVbSVwAO-@35RVzO9V_(mcQHPtp!2se39cI4!beq#y;!Z=kopXXvmA@f`P@ovm_nM03_FnbG z#>k6Wb&+7@V~k0+_0Sk9+G&gK#4;qmR7VNYNGIIV##pKB4LY~P^9G|%2$K>W#odWj z{W>EdO{xNX6WuAO(AD3t78*03+|8QoP3F?s%8}^OHKwg&uX#L<*NAYv;D=^)#|1uW za;eAVKD%-L!NQu}H)!q4_l;K{J*4M)gEhYeub;}mNvvdREQK@A&@t zb7y;kUz8<@e4NI~ppogVYS+{$g23es$-VF0Q6nVtNIPq@v0%FI!5#h8bFrV?FY49j zC%_74-Z(N$0j8qoZzs0<7RwVl(mta~o8MA?_=sug4x{#cav|)AP-LeH~M%A7Z{^0_qjUN-WcKc)Pfzu}Tm zhPFJI;SDFeR5RyD^u+rxfNrEdqF!LF-`VY>4LMtezref=q{@`qUb8BlsNBgLPAu>2 z>&WNw*TnIJYCNZ5yfy9H>3x+5YiaB^ix0~3&{*6_Mztq&UNf+GxenN4@Kwu|*QYA; zs>{8vRNeHc78pCOdBB`=cBEwn5a{gdZ9u_Vl<-B$ts*> zWU!FSZGBYfjV|P)Yu^~@#3Qi3?{g)zN^GfBn;E_z37}`iln{CRUS;WOe-KOmMdXUB znhny>f$3Cl#&vt7ofC%!rFr{u#i2mzuCqukgKn+OnZO z#k^BFyl!+oJVuq{McKUEDAD&>b#K6=%Y~!$sBDC)Ld8ZS6K7^Co`6QUIz?0?Tao>3 zmaZ{0qg#G5M!waec+Pyl@wT~dEEgL~1t*Cu!w6{ikB zwh5;WKovU(J4pc3@+IJ#v?E`02E27Wk3K%A&HIM{3*@)^H^(-Tp`<{~?Iqy9VQDB( z86fz!yY5oF^NejR?#A9uiDiUTlg-Jz)k4kZ=Z$`a>l@o8agGnfBTi2s$B0kbb)R-G z(XU3`7YRnXlxjFnOw%6OJ~|bZDahI^3V|Wbf>Hx|JF0bIvS{>H*hI zjESpvuWMVe7mj-IY*R*DB-6J(nSead+F?bZ7S6BdrIWJLP#q z&i20!{w@hboAu6pyiNK&yDESILysPE8ko3psV0(xBaN~EUpm@{A3Aa8ZOv}3M>_Yk zw24bCq5&`W(n^1i#L7xjrPX+l3L?4h|zO zF4>p6lt-(%GCnjJA@y`q&NZxngyhOQuZ80z-2tX0BwtT81LiqdT9;?fJ1^6V_oB$` z-LQ1zmBy9!my9aho|TZP0Af3rD*aBrDvtM2TK_zi!qdG+a(Eqb8I zT_lv*iVWz}EKdZF1-bXs*P=0_VR>K|MAtMXN2)Wti(HP{aIa(Cd$YpA@BT3B?HV`A z$f^Bsl~VB0uibqU8MFOL+nwMb-_6dnWw)vQ2eBY_-kj1FVMiMlF?!ij?pnV1Ei!4B z!d`<>41bn_!H5*;9HZ}b-;o4v06Hm;+JOCmuv?+W(38B5+F_CS&H`e@L;Iw~V}rHd zYDJcSDcfN422mY(Os8SuD*9Uza9GIGt7)+mI{P|2IsS7ao~0Z2FNmUYNAP`+JSWOLsB|11wCNSUrC09-iMF&pyusRqk?A0c>V! z%Y5NyK&$pVVoj+hNT@Qp$C7UU38Zt^*wwb#dWC5+FOY1x39V*mzPTbBclWo$XX6v| zMYH{dJ3w)581j1NNsHb15U#ixqoeBKq7l>8jvNvJVHgHKi(YPfeD^_KEa3WYV9Z)KuwtDR(J zm2Ax1Knp9xHR!O+0x&40+9n@0_si6b%`GMQP{Z~D*UO!&X4@492G@noK`42JvY0X8X%wil&rQ9%NR+zM_9*TcKVVN_@2=sB0>E(A40Q z1e}FhDj2zDGF>M z`8&3d+~K_^zISx={As|YMBnLDvu(?7t8$rb)7@`lD`$HMNG_W%cqGk5Ger+En%Jg( zx@LN_YgRiglwggn)l;Fgoa|s}~GHwLb zW1krG#Gl($DiEJRUL#fZO_K7ytUz-0?GvmBm8K1sF4ibfT?o+(n*t|zE>ewibgXWO z552sM`+I`W^}!nkRmG3@H6fkHT$hEje&Lh-gd)`S^Lk9z29McT>J&YFZ*3;myBYGS z$Sp=;AeX6bRb6TMo-tDV93#PRM z1}@jnZoh=*PCuTsy292a;7Z0rfmfHKljw38p;J9AcH#porb{&`j{Er5Z6C3{TzNCs z69t8+dZ2z|NRgb;2om`PxitQjlyqciQa?dS0{;FL(^1ly`k;;-sa24slea`bDL+}q6h^Y z&twMuvl1N6hYYYexQZYdL%Greh)aQJ=+)*0U;`qbldV@%85Jpx);!J_@#nb953C!e zACh_jg|hQrgNF~6#QDh~Vw*UCs>-TJFVsJ{hi-bAjPw+kk*4jcQFL|^p4yKuSev*W z@v=%GsI;eC2~T<-a*3o9@B}*Cf<~umtSofd)!$QVlrdul+L;8~u~#Y!K&6gd?w_E| z&EQ@FlY9CdZU*;_PeIG z^nEUjt3&4`+`m$mY%$Su+$zu3zV~cBq&l2Ay7nA+Qw;3=sxbW#6KUZ2lA&RZX)+SX z|MJ~ibEF|#q9hED*#@_?0pcRvNU>M_V&&MSaKX=JiuJpWCvt*>`=Lv^NkQrAU{3l8 z?5|*PbOU5cIL-A|qwT(5R^_0F9o>)0^CYxY{S)UYpN+Jpd{zzs}IfktS_1FJY)t+n1Md<%2c=_>nrZF^~7l?3ho(1@yF+boF z{x9aCI57d$>t^yCBVZ<^UfAwbzZc*t^%C{UK0hQsp3_JZ0qStrVGk%iy#ENG{8v~- z6WHaN;!V8O_ye@0cQwUS{EE|gRP+AA8C=g?iq)vbm<-yeYc{5&AHe=Y|=kSbXf=*QIy`zLo`A-Z9erj6_PfrJo>Fyh={GKFTLFH(pIxm zt8;axTPHQY!FxER9ae+P<$9xh!pafWdwvN8DF4C!^XguGs>@Ty+U_K|_1av(sV69u zCpVsV1iX_)_7O0yvef}e){UQF00}7b0L`d-5k9-;A?y2RDe#PP$wqdlDqrmU94H1- zMdkF8> zPsc`^F`h|S{^THeUm1hkDxslg1X)9g4&Dqtx6FllnO$R>8J|U{VNUfu$h=*HBP*9d zLBOT5Sd?XO#j9!>nn$){$F)6e&x)HLL-o`M3nhK9s}B@^P9A(DF`Z~!QrmZL(vEcZ zeAi*8hSkTy_P3OyokBe23*i`)*Vg@Vp|8$Ui9NpPzyAniYqh>v=1=5Hb=K;Oj5xks zC7&=e%||?zb2QOXuW=u#Uu!%|+5Pzb2}nm|em)c~K+iTF%tR>L2g@= zwLcP$<{g>&J^Z)l<{gFG)f4U%{LF-v#+wokj6WWCCq$0vdPno%JXe5cSTS@B0#`LE z5wz^WvA2^C(C9GN2sl(O!KZ@J$1eeBr68{Tdf)@b>ZB!!m%K%4W zKzYE^IJ*F}#X9&ygIVenqeqw8??QeF{f^w_oOyD^2>(Os7-Z_@oEs$`^ZZe{9c8hjvOZ`{}O30D5ro65+g8X4;aUn|#-6yMex{qKn5X1pY~WF=A<)+xx;E z&GLAdd0fVBktH09rgph+4D{5GkZhROEmVB`|H1v6*oDnZ+UyvO@Njmgpf+!vE<{*Lq-5r?>4LSH;vcL;R3-QvEBP9BYta8!k9g#}gPBLK??PJa zf{bGF%E)SRy|+1|K>Eb?SaoIb(FKTk@vMa9;{KRs-4x=l8J;e`5GwgTit3?}+2|!? zoPT7Y9(v2how$agJRlZilYxlM&a%?n%okt-%STv@0S&=Uec76B09?AcVYCTJVz7Q$ ztjsw&hF~Ov8%3W-_$XkQt+zQ)_c%i)z57cp#>>pG@blc>L1Lc~9xYY}xVM*p_%&2d zxRHTHM-I->5g+LUI)frrTN%($FFkzO=%N$=^ciE7Rqg*$3a@{80tRm2Ni4@b$1mIxlePk*nN}V+ zO(`{E@YQxFtVe(q62-;Od>U_RNPuzRoBNN4ylB0ZJEt(O^sTC66HIVYyGSmM?%r|T z5hGOjwmB9&A8?gMzJ7YLYE4)?q0`V@-04=e@rWs%0wru+d!YDCjLdO&ChKkK@}_pz zf%~o6shIF>1Z9MpTn_MWLVSeLeGf`y9l1_m{Po{jqb(i@{0-YT3ibKRBgb_^3$bYWvyahh9W2 z@>Y7k_tDVRKN4j~&g3fkoS{;i@h8xYzIwUI>5)D`?2Xvi86a4XcKc;2SG?8WDy^h- z(h;1YO5_@3UC~`vd+|2vSthJ25v z-?iRk-{{o0X>%uz!-J9%{jI_A-YSn}LCo_Lba-Xcyw+ca%R%QP2>bJM5+p69BTs5m zPjj@}B+&k>+9dt7`z9F;+~pggjp#>JZstmLM<1rl33rHg*(J`J#LNYs4rEj@&9eqB zJ*Kz|q2{mDaKyYRNzlJ8#VRvgmr^1-JPi0@_2ab;R~l*+{p^8nR}PDm1e&*nRCi>l zV!?IycLD(c`DOUXsR0$koW^qtHMu=z^uHv{K&HipP)Zom#p>|s4@WQDC7#I$xc+yp zKfZ*(X|U#(ejl5FEXbE{J&2PwTu*{s@Bt%2j4BTODje}G?hNA~6mxkw|Ng zpXEFK7mrS^@MCoW_fx{>MT-M2u-&fufKK0A| ztNCDOT}Gt`yxgU>9zbiQe0GohrAD<3tRjxt{yR{@YGHWLkttZflTXi0f>8+&52HDX zwG^2pZTj(UqeDD~PU{*wz3g7{D4s`9#UG(f$)Ki45!he+!UAG)X+j4YV3zcf5(;xR9_{nd2^4E@uh38;y zxiG=2@vsA%qLD@qRLp$9`jBu~Zv|Au#xB_drQijLm7(8r14~6R7KwaJKQv5dX@+N&!fiP`@AhUeLYb#RrPm@9qTx(t78ghJ*85c`z;M z=wfQDti^S|Kecf`e$D^!B#fFF7!H-za56TrU=xMm9IRE*hKP}q(4pDc(cDSQ!e`h; z3b$j`1MfdgEIUwH>g7axicX2q=vE4IiFnfKV< ztBSqCHC4e_w*OiuJaE0QNk5*Jd!x0pEC7lzM&${jx0r!LtF%9ZLo&ts_?JsX?`z?; ze7O^0Scl}$f!NJ5DvQ~49^;>=k|d%_CDXoO|UD81) z*KTQ8om-Z5o?SlvUVP_pfSr{83Kto9X$FVXfDMjxsB04Zeh;PE=@h#dfx{&VILTUJ zn;R}JttQ-!=8X>}8CS7AvF8f9&84+G_x6Qo)@d?5qwQ(WTmC809CRo2)mq=i0TgvJzKgsQjh)Zd?gFN& zi7jY3wOUM!g(MLzM?MqCOT$jC40(BBI%80kls;utaR+9X%o7)I*P9B>%}jQsauBgb zW#g+q&M)QOqzR-XN}1iXTE#Xl6Ar*-DaG?qQ-sKq89!)J;ofZ9m)5k|I92zQnhWo~ z94aljtR_^&q3m|bw9ZameNESwC#}1s?+#%sy3JhNqKt`h>JJcu2SbE_K#w<0--1U| zRD&6RkK;D+X@xQuKBzHxZ8xIcXoK-$-6f~v#n$>mE>1t|uRIK+;sIEN5Fho6vc^M^ zV@rbQ%=b-Prjk+?!3~om)_m57D>hC=d2!y4Y<45-G6VKmWjvFT%ea1KDpeYDt)Gyf zg&M18@FedAoT-s<>=GQAvOxzEl0N9-XtDP$e*g7R>5HfzI*@P7$M@Nf#xjEE;B>1M zq_WYayJ8GeJv%GPuK@&|=#ml_G_@-#_^^BMgzHyb+b&0}pJ3Xj|>(g;3JQjvs^ z^vEapQ+RggdDzOSBh|F=Oo0!jdCq(Ezr><48qt-~Y%!<0)ni5ZNs$^EZ2lXj7 zx5d<|&UPVc@{;x<-qn^`NR6WC^A&p6Tc=doYSB7X@KmR_Su<=R9M-g;A&&F~>a%@m#t)PS(BMxJ- zE9l(qR%7Sa!W-mmj&^|&&4Nb+NUDtS}*N3 zyP=cTKQf4}=+;X_>(RNKOusASY4sBvAa#jS0)}wj6@;@($M$AFxsWhBiPZlfg)$FCDQ^2J3xBqb3EQ4+nXQf z_QxBBxTSg5tq2NiCb>jo1enr?Wx(|##jXnVW4)#2m=~HbTQ;-vd%?j}O}=^o zkbeZoArHwGDnh?D2mbsr|1v z{=a9A2>$#}4vk@<>0Y+r=m$=RZ_n2w8cxHWvyUQaO9O6Qn0Iae8rVRc7WP4^R{`RT zMF1j6XimQc_{Wk9h+xOF8Eo}zyck{bZxL!>c*KPvmto@~G#NX4+hu-$+Kfy_E*{e^=wROPWzwu7u;IXat%72J`P&on} zr=IWFKmEnwCT$$n$?1f1@NQAK^8O*$iW-SCaFu=4^Y{`@y*RdkkNA6i7Fg$C&X3h% zNQbi@_;`$DU*W2;)hA6REJ`Rg6tUL36lrEyt3g0e;mpg2knl49a4;i=b<~NGdxjFV z{5xJ~(FxwG%i6Rs1O_}L6u`Jd=q7y&AEzo4#78H+{j^Cdk%5!b%K+-bzn-i}u9*yl z?P{quRC!Tjf^K`*zLf*hGey6loaUXZQi(cHCj)P`YivY>O?6%_Z;A{a@7BvF)Bo0( z5>(t)_l_w#IG#d}4#d5K*6^PlH+3;+do&$?Ell`O2)!;Obby?BDQ=1<#0=^+9wuHQ zHMot}gf0UoOqCX02}^y!E|qSQngHP{snLm>2l>iDBJV{Punye|H78N=Z8(+#Jr;>M zP0D!eDWcZ{;!&1Gn4Jcyj~I_thhK2$?+LuRZwoPsxC_H76gO5QT z(|$uVaXHR0Z&yL7o%7nZRtb|gl)noBnUmiC#SFiYQr~e82CA8k3(AP7W3SBCzKcVA zT`HSbF1kElh>=@zlaK_1tEJs?l01?Nsz;kQy)9~dh@H~J_KYc$xF z(nrrl-(-VwsVUI;nAYY%E8jhKApq+%7)RcYkOpB-buV^~Lo@LcX`#*Zfh29_j#R^s zM#44PjsZy60ND|&9ac4yP(H!N(&;q~op0X-@Zzb{KMsz7IjGH9E! zj5agm1$*>8U(b!wHOn_1uLJH`h0m&A{i)@jO0qmry8MB7f1t~hxVKalXu7m;#c-}> zz$S%e8`#slZDU<4M=Hi;X>c@7T1bYy_QY3&eh;1?gvV)mb{2j*g=&W4w z99$?f)Q>hYwtDl)Go;J`RK#i}<;^yCE#AB#>{M{}17;=Nscp&i&k{N`%|6Ub_psJs zLuDtDuATyC^9Q6j7rq$wDY}c!DJ@=GzG|oMdE9?k86a%&pmo{g5c2^A24xAYc!DV) z5x2*Qz96Vw?!)N(B-%xR#tB?>6qhS@lsfHGpLym~unX z`UB_%YO&q$urMfpeAy0fdNNmxc;k#A@e3daEuRlpzm64?UvX^zF(^X4F~cOG*kof? zyLRIBW??MO0Do*+kg8`1%rQj!%6Je@S6hNZM3MUFy~ny=TqCkWGG-3Dx^^Rx#kQytJQ_M5c7ydz`- z7P&VgOVF&_ z&_df&mv(e$HV_U>Hh`V(t=Ph#j%KB!e3|Sm;VI9T<%62Wj{;CBNXXXrL*cmM!^K0F zzK4AJQc}@JQt72}Ww@FQtt~IpOakc6E}KQUi-Cls1q~_Y?R?gB_VWlk3MHs;uet-wx-{VxH2g6wmw?s7QU9~9 z$rrWcPGK%lpkw~bgE&>ZGJUL45PSQF@MY+tD)bIpu}>=9CJK9|t?-*mN2F2F?nAQ4 zNvHDopyhQ*^Zc8wb1&PEFW~gO^d@6t8CVNlS`82CUP-K8KAvP~O%}d~J9YM((v$y` zr&?eA_%5TWXjuzNeq4Yf#FxPL2U{+O>^&=eRZ`g;#&A6;wezCQbSejj!)5uG%D%gW zJv|NA5HIj>%nQEu7ADM%hy&bp6U0Bv<^LA{*r#4b{**#KzjuKWe)uwEbPC7*!+(i| z{G_gSEX9ohYOuY2J{mhQjzkNX0w#qj#Gv{w_9d9tru^|raW(j##2ZslyI^valaZp2 zCgn$wKgAWCbyI==9qm}eJ(|)(Dpv)+UHC;QY0$3&+2_jEw9u+EuPb?Fjcg&S*6Cu>r&1UABMcvsm%U z`d+%4c^3mLpqZC|y`#*CkBSeukV&!q&ij4cv!y7u@)Ja5cSSn_K1bxotHTCnH^rkO z$w%6*y#O``)#JUoJIO06g6<~Y1U@TLq*TFQhgWM>GqC?~?)T2}wq|or(WRGu3cL?k zmRJzO1=su5m3#zMXnG+{bDO~7X3Dd30V%w?6WFWJtjGFKb2?F=wwGD`cirU}?HpyF zG$wCls#1!}bps{G>0O8h#@MwWN#`ZrZKPEFtV#;JKnOXnue=S(te2=x*94HIyz>irlN`2zVRAF?-A}f>p@pC<$Zm}X`5$%MX z$YOkr@2h?(U>>oeOnc!<=x_LuH-E0gOnwdpBIjOG`HH}ry8^@A@K8=wXn zA}O~&j!6_j^xSqGbCgB6_MUeF|6@&7BG1;(B2`*<8(xpxI1XzeY|pci%33hqDfK0m z1&k&gBhV^;s+s*+gx@_OitlYJpy!Mu=Oj9Mm{swA0AR{c=Km-DG9ms@T!`6ojts>D zj~o+(&^M$z7hRXi{@tkkcUpT9^Nh<`*q4@qObNL7ZR28d$U8)N9{%ed#kt(w{?_MU z@K^1+NvJ+{e@X#L{MQuj5`z%9*wH2x9YvK6aC)yhIwU6* zPs1ZKX&<|9cLiB)hLzRwymWGT&u-;iHZT(4j0p$b+>X#NR~S{QOF=8q<5eJLUH_8R z4gV$a_%n#nm(Ss(tL%?C(rBvv*Etw0>_-67^>%<9=A!Rm32CkaEJ%6tNQweBQpBAJ z;ChH{9AEmj5%?|Sv~PSgD2-MZat)x_!g>sQFDL61Ip|Hs5&|k&c=^6;CDJ%Ndja!9 zy>d%%)PbCugL5XjOYQIk!17c$&*Eg7^tcv4i~x7H!*jI-L#y^>^x{b7EfL-+J{5uE zJTvcktmRBZwTEZEhNm(c6-Ex|C_k8cTZ%+s%W+RSX4)s0`wXRmJW`p-S|-JUPd)D3 zZ#2n%ZPP%!9{34PLT{)S#qA6$c+Jdcah{zuO}OsZhp{?Gtraal5;gNtro^fiE6-47 z+i5h`hVDGadntRZqdiC@blzkU8+SS%sP$IvHuv#}Xg6sU^bUj#0m)7_82S;|iw0G^ z-LJ2^A3F5G3KLpqUOwcyy#C9Csm5_YelK+{e)}8%)pE&xwe<^M)cMjgTd|ZMN&3Qt z0m3XN0-7sd=Oa9Op+H&=48d}{(HPuatfp27DW0dCga?`#u<1)=A? z6-w2AXGxtmcV&A>=^`O^kYa66VA1qgJF#{j94iX(A-u#b_K^YcWkXfd>pla4$g}pEI~^bt|F+Y%)*EkDyn-o3g^|VT2(|;IL|0s~JRiAu zu@`el1aOiQh{X-#Mpz5KDP^`?b!uA6Rin#}k=@JeNKFBU%Jx$o(o1YtX+ZUAe9KFm z?dfu~zIviX-q~TUo67QX%mjbHPKVpFdz12gB+$umA5ZJ{aI4ZbHO-B72{KOodIvWG zZDyD^==4SfZPXmcldRs4a=|^)xw#W@7aw-~r67VsCN>=g2MRU}OBbE>QnVG>`+^?x zC(JA2D#iJvn*t6;#t2uO&)4w^ZpeF}$`2>(ADc^9MsjEV!06WyhgkFu&YdTyI1xXo zV^EZfYiIJZ-vxw*fln*Qm&Cb5SMR+9Fk_(7)vErs~h?Fp>Y;HPmgt){fBfxCQW|)J}+uv`g zDyH-oJV@f^`Ewd~J8CL&)0H}BY8gDj9-5&pjy%3T>#yhzYw+!#n|YHQTYw8aLJI^j zP=<^4#B|+ivXwEjNZ*Aiw>Wt`lCo-sSQ%#AU>xQ)qWshrT6Ak} zF5)Pb@_7-$0avXRxOmkcHoGkDCK&*8zsB!(b^L*0r{^Hxrw?H;`EJ>rWdSCBVi>ovD->O9JnyM5lr1eMGxNkU{s`+MFHjz7#L zsJSM`-2aEXwTqEd@cGv-e8BsEn#nx>9PdB%dC!7rP*DsyojZF1m~AjRAjY z^oDOO!;>d!HY&R8stOw~wAnT-2-k1{gceVz6O(_!2ByAN{4Jevo|S)@`L`vr78>$z zE^U_tm|$6r-CdqLHnj*FTziexJFmn|f#q7qRQ6NNuA1{xB!&wFn!q6IrznG6O)DtK z$rqyIMP2ko*xk2Q=ir)5F`ajg1Vr*4g#B&q-HC|RY-%KaH?TxNeUG>XdYGj>HaD3U z=?+ba@%=xD)E8OCv9+f{%stukkh*WXn`%P1kHcdvBo|_2)*AS8s9Tr{(~DM&&|A_bea<(QLth*2d%b#MO4zXGRuJFd<@!n?x{|KYf#NVq82WTCt@T|is8yYX@HLOr@*3fkwBYvsc z0KrCrFZ5Ppp>4A#nBs!C)$qH}`~1nBh|C_LUfYVN>c+%jTB6!M}cnD_E*X4~IdTHxP67G7Rah;NFCY_$+$h{e zBZs7Co@{%QJ$1h+uSZ8Ab}s)~24R{rai`@SqHbo`5Tb(7>IZ0?5knP0ffhxC#ujLM z?0xxAYuuWyc`RJar>v$;Th=5c3F9vqX5k};6kUUz*-?>j;c7acLUpRAV?&F(i$0r* z#KuKB7t<5CV=2&n9sXj5xRI?^6S^8;o)(%lf~#xzpu?j*2@{Dv4qH1LiZjRPZYb21 zSmlmMhU!sPW^Q`JOBFfyuGM5QLi3vahLkCOULONf(i#{1FY3NCtf_QuS4T%hr6@MK zi1aGbtAaG8ih_W^AVg{i9YR%Ug3@~lNS7L^5eP&zwcWI{7izT*D+;YvnEXdza^tt_Q9WKCwahV;)FWb>$x=t5!ASi<16Rvg%qgkgRG+ z`6xj;NLIlrUTVw6brBt!o%Ht9*AM)ZoA&?kQ$|OAlDsdSeUPdukiziR|F%=Qn~k`> zC6`AM588)h7%DU)uy=>4euHKPA*+m!m!&vN>Vt}Et|sro4lmgSn?I=Tb0WM%bG|h! zF;#-2C@F}i_S-~C(Xqq1afjBXByn!Igx19Bpos_FT3s}uadNtAjB4r1%{u$|G&1+q zDQpm9DMe~!qXgDPASi}gUY4^k`2<_^P7S{s(V}zOnTxT#M`b`fm2uA|PZLgMD@Rc$ z{w6~k+;`ZP^FSv)+B~nrfZq(LvrvQeL+>n}`#KK5-$qH}pYT_GIOFZ#@Ry0>tKa7i zC-l89wjA&~2LM=BPL*4M0q92+z!E)?Uf4j*RB@1}r~3fN`3eWPH{FPI?i_;gh3om8DC@2Asr5!Jp5>?$ZzP7W@GJ|B@*EB#M#zD$F;e1Re2wADdN=Fb zcJ6ie-i_iDxvpNnRZ{Omb#K;u3 z%Es~7({ey@LQdtc&r|8gg zx2Fh6A8T4|NjT^L+144q_Ok?X2TSt#jq5DDdzI;_hm%*`tHzKgH>3ysS>LTE z0u;3Q0zg6QPxiiycmpMpP5=dbNyS%!rldRSoavA z3wPho&JR>~#zj^oeCh77qR*Ex>oH}4jQ+8*0EY46{~xqY{0+6mGcdoA@)U4 z$FAQG%9j2}8{0~2lGsbgmBzEw=5tSDr{_2Ip<;N!oxfA6`H>;*gRibck4lv5cA*ODJ>l z9sUW3y^sIRI_F25qMh9uW|XgEB!2z^!Xn4JBei|9O$&bORf9} zU{IX$A4$)P{(6f99Tk6Uf7eR9`m8AYjW!_&k#?tUexs65Y9#$Ae;I>2Z&Sn5mM*7$B*s}HxFt@D)KRf;;xMOdJO^^9SMd+i5yY57F?bUUD*EszND1->@N`SRiXIGaJzL!BymbS zf+gOj_(^PizC#Pgu03uQ6H{NyVE@Lo2c6aCYTjz17|BeCum0*V!Lw@K_E}mmChMjH zAH-|DJle$$(z22N3J7wc{c#2Q8eaxsd>h3FQGBTbOp2C}s}KO9?SqA*PB;+qLAqV* zbl{BBFbBC-=%9UIfqqG8^3fTK(&jp8Bh8M?q&aV#Jv^v@WI0+Q5B7|E z*{K%AsCl#Ggt#@!e4jzRc?hh21lnvA%Ba=&S5s;_6}^n>WZbK^$-wVY+ck2Va(<6a zX{cm$t+T{;b1GX@^(=;8O{?>sc?$Od8d?f~+NhmAp<_m*os7B{%lszdDIN^|^&}VQ z4PVHSy$I`hr_8$uv~T61=UNPyVtiWnRVVj^TQd3c_&&eM;4Fd_P`>mLlRpzlZ!msn zxue6@!vaYmvuF-m%a25vQOS+pVt+a2K#4*_=bT<%?Mo+kT8NWsyCN0 zs0&TTjRWk)^ClM|_YKcUT#WY6wf;@J< z;&V@*MltOwqQ~%2dq;CNJN8Cw4CMvdFjFim13o9In&o!kSfJxs*RAJ|fH=?z_up|K zLgV`RD|Sn}{%O61u$jlKF($|gCU?ybw`Hu^74i3D+ZJMk#kHe~F8UVgoc5EY1LQFe zm&guXInB@y!q3@zfb75T9_$kiln*gjd@rbBKpr)QJFd?kdsmYD6QGU-&B;y$GsH~r z0~Xt(4u(gD_MX>2J_S&mdqhEfkoQrdy^7ic@;+4rmv2)}c7*$ut{)r4dHsSs`gl%B zdm%<=jbX*B>0X~pPWA>ga9=!Wt5OQ^y3LQAo@B4q!|U~aGrL23eA7Sf2So-@&D;5( zj|-ULxun@n?HBv)8$2)UyWSs3A9v{K7fr0si;{i4M2hfq@vDwSMLKmJY zVT59(n=#-)kbhsw!&-K6?r&%c=^W|>plRJ#wJb2%jf5GBQ}XN%ScJ1QEWKL=AKrJW z%mFmj7X7c#l;KAj;>LXC6sM|WrkqY9v?mV79^qYnLM z4zwd|Tpc7VwuiN327PcGi?v6I7Bji-_FaYU$Km;~jTG|uzq(wnr!1~@b=$e(;v*v^ z-vCw9s>Unc;tFZm(_Qz)c>6bE6*Zu)$|$zgq3S)C2vdPwWe!y+moa{T%f68!aB2xx(pLBiromFF$9RsZaE}xikuC&4Zp1FyZoS9*u^nN-o;Q9NSjjrXt@oD8aQ(NG3f! z<14@74Y*Lv6X4C(;2Vp|iw7N(vcf&-eJJW+m1 zX(~!|=)QffYuer-S2j{_Xz*8ezZd?FLcAOgc{uqv{yW?YE_orF1it&^`p+8%{^8&R z0EE~R`_pfGi63Q z=67L(W7(ho2Q@-}UD1D63X0LzJ1_Rvmu2@J^t1ebqESJW_5Gnk#@#x*nq&DsuAnFzEl{Q7lz^p0h9{laPk(1CDl?Gy$u^d7w4|9cMg)8}~+ z;&=zry<3A=3;s0u;e^$nNfhVra~Y}ps|~_U-{QTWI>sqNcNgg2g1zmxP!E{9XGdBQ z<=T7+cefm6fS4>0-kLv`O73~J%iM@|^De=C3B@??`)#hw=7cZ$ecNirrbpT@op?C* zq9-mVlwm$omHo`|t7>9Sx@TUWJg+*JOX2QlUB-P;_4;cXt1n@$tS9gB^(i^B(JvHS z*RYL}`)GZA{}USP-Iausc3$lmubxuG2!0H4M^1I5N;*GZfo`Ra-ZuDAQr&CxXy^NY zl~q|VwkFFn)muv6neg7vbS|!Rdl@lXfB0Zt;42t!^|JZ35^5LAK$wlT7YyR2UcD>J zd~JUG&*o33mtNNAq(#8eH+D0TVw3id;2nG;ph^9QprR10Jl0`9*Jrs{%CA<5Z$I00 z&uGx3ekN=Wa9o&3iGaIDQ0wb-QK!2scXypkHa#-QxsxyT)`6Nj$0jbHi&#UAF;(eyhulv@;(0(IXqZ}n|>gjtQ1f9`CJAkpG{sY%Jm2G?N6`@~% zS#l`6l%w#=>^(ppT3_zDJWkl3r3i_jq_r^u4qwnMn6(Zt_okb7R1gE zgbsdBT`vAwm1p+h;-(gFxv9WJG##$o%=b)sc4&QlcPh&7!B=&qjLlrs4byJTHU*!a z36rF{1Z+&OC!a0`tJmeIF%jJv-Ei)*WZugqYw(P8TGwVVBWllDMMD+q)%*3`A7s79 zhWdV;cNwrQE2o`z6J!dOXRrFt?l;a{?F4Oo`ta5Z)Ef*);732(TSGB*EBIcpA>GOj zBRth}ufLvz+9yorn&3ulJ@L-PeA4lOO-$uQmb=z8CC{gmq|YjHQcyJvd%zhMXA^?< z_#rG7vkS)nbu4`VZjPBu_|6IW6J)Gpjz1p`LV2F(u9jP3CshT z_!`joWy-P7g(u@80@6bwi`5}NsGIBRXJZ5Y!1vw0HrN-{%bT0$;<1kex6N7l&R7oO z2HMhw>fbhJ;a7}$MYu9mYaS;J4VpO5ade8G=mLsTAW7yf7dJCTf{;{N7pqovliunFdDU4*_(qAk$10iaVMim^ zYNg986O zKrd$F+y-{Bw`bCSzJj-ihVt_&wa^lq z`*rH!FpY1rU|pn%Q-z>&WsP_FUc}Cd?@>jb7Pe8LjLRQ0X!sIr?tVCVv~VXZlL~kDVA6Y z!Al)q9*>RH1^`$fhwR%L27&O9UHdSe6OZDD+7jO!=NjuRwM!x~F5raMFQCVjCd0TE zT)Wb{I5S9P7bt=`POP>zZ}0b_@P!74Q}38X3{aGtCNpQhk=VJH)}~tJxtj!z1WsY$!f&+Tf$>0PZa`4B*Me2LBPr2 zP(*#P(lQ`48R##$Lx2$c0>mk*C~zV-XtTPyL4b7t4=BRop_ejZewd*AJZY;=#rbsp ztdh0ygBLukrnY!4v%}f2>P;0S&qpTDr?ZaIMPXszjlN9S$i9USQlFBImudGtI&R!a zj;EwGBt1$2x3GcjBF#s3N~`rNHDA@)E67r|!3HVloPF;nTZ!{r;+P(59bz@v35qZ( z6KB~iTEX^w$u6==yyl+NH$y#JnQ4D7=vg{yo`{!){b1|9I&t67S*B|*DQBfVN8Qs~ z&V`t&mz(9&9(79T(g-57&v1Xppl(*6Eas(JwfXGL`MA>j!Wom>CYbr!8|Nm=?sHn1 z7LS!JSSi*UA&!g@FN!iLY1cwL+!ydI>fv5|Mq%rTL=%vgU%GFVPmZU=$yj?r@52uo zKE)n{#}XBjQ=Xl>XoNbpSLKfRorX{2(oS+<+J$YGeK89Gy(kFJ>s7?Icgoa!Ssmv_fI0Q%vW%u@Q4LhHaG(Y?qqiX!(W4@f3V+~v>ifrHlr_TI=5Upn3(&=QE8)N zFV3y_p^95l#3AGEBOridflV5?+n@XgxV$1|lh_k=QA)B3hI-*Kbu=T6y{lBnNDbQg z`udYz7OVJ>k(TFgbzUGy_uPz&2e6`u!t`G$|6MW5ko#`{`U26OulWx}|4+)pP!{m{ z?}SCve|^o1wjQBhpz;`xV&jp>2f(}Y|9nGUpOE7X7FFU6T4pq%bJet^ZUZ&W4wH_$Kr+L{ziln$8(45!{j}S}ZSA_# zxe2nL&gZLM4V6gx$PZuizcJQ54Xc%2>FZBOqiWWalZbC7nzr=ag_4ea8gUo?@p3#h zEnYgS&UfS;F|e5kbNUh64g{+XUa2MfyHz(J7^EW>gm(LK&ky^qV_>mNocyx(BqZG= zhMJjQlJuAF7vodkGRwo_T%nh2VzsMetXkRvj>;1rYhfJ~a;#vTV(Z6;lWRo!BCD6p z359$4g%5Ab8_UR^wiUi4W$zOvI5s8s)c#&Ps(;cd#F;gX+NRs$bNlHm#QV1=F@FFh zOD7R4XL$0|6AP# z;e|+h@+s2Blzm_F^OmN*7~ZV4Pr8so^<0x0BFm}qT*abg*G^jYw6xQzz42_-GPzVR zSw$n()z`3CHw8g1ftFYsYXnyy6FrXmjR{IKoBf5$ zRy_cKtgs^h*vBz3bSfd?0m9;UhkwriM9J2Q&})7fS%sTVrpu9f!uf``xu2*kCw;i5HDi)To;joMN!_#w zZl(5#l`FUzQOBtT16xVNeUlj$`9TkTrER3~jEo>>OUmd=-!+eEne48;n|wu5{?Bgf z#LgHuW8>A7Rj{G~GP)wv`&jA~Y0plv5A5M~TuVOHcJv&77@o2ke&5NB=°4c>lJ z?>xKy|}5AO{KfOc6}C4MN~nxg%a*b?q-sqhDTK(`|<;q`iv;QK*rUmD(4 zehkyV;&*969wHY|S_7N@xTMWCdEw+JgS=XygZ>Q3$RtTfnR{G^LI*q)a*MTYHg7k? zfhAbE`;w%*Qg=Sip&D3W&DlImc5S^N%`VcwNYYTTwDu^=)dA;xa6V^E_pNjBh6-6& zzp!0=ald7CCGYU+UdRCZqG1SAXro{Ll`lJ5$y^@9W>Y(mgH_3^cMWoeFO6fbhUWPd ztOO^XMcF-xdhVqq5*v+Jb!Eu3*{G6vE&AaSE>KD`ULW4^>N$7Zj1r~BczoTU^7NMJ z>cGS)|BLK_>%z243#r$&*e0Karlx1&1_)%9PSSnF(eu{zbyZg=M+P>$k3F@h6BfE< z&9Nm;sF{1pk4_bSL1T4ziF0?_FVM=K2G8D?7>?8EC-`b}AW6qKN=8HR%L(jXr3ICV zyV26ErD1_`T(>uB@)Jwqgjro(Z3u75@@c`u%94uJ&@A&2VOkAz_e|>ftK2Nd27f3& z-jG6vYPuAI?yw2#hn+`qvMlba?6<+6AMGWP8o81jNC$~smU_q@F@Tea`8S+fE#>3m z2o`T^AFB#lT~l_tS=ZN)xSpsMzL+b%>#>|+#8GB^_?-Rtr+iqJnV$)D*(I`+|{!cP82`(-BX z9MGM0&vk_|SHt?li~F`5lW*2=uFiQ2hn?Mjy^&Csvk#ORViV4|Jg0(cF;tUXbl+FC zzr_7)^)HnYEY`uR6UCdJnA3FfvU{hq9T%nb0p812Q$sKY$vdg2F@js%*QzgzWXF>G zt+||h+hp>TVw0#}^y{Udf7nwRB=L*OB#EnNK7^)$!jG~D*EQOMD2lxcI>p8@+s$Pp zb7yKd*h#O608jc@=|WoJ*_{DEnAc8>gm4-K_pdR?*|%c6*UM}C4%YWfR_HkBeu8`= zI<)2jU8v7qF18&(_zC^mz~zvxs*Z>5(%dmhS0^7&KfvY*&of8JZjRxdn!ozWi~iZA zmEn4}2lZG!Chks6T|HaclVSK`IozW zn+!6CnzMqQGd#ceoKk#%Cp(f@Z6S8@zPCw`Uh@hCgm_PR`ZV~3(CYW_nIG@!jdb+Z*M!B zjzcy`c%Cd`+5l}h+ps2GoSPKSOij{N)_O`WduDR!H!T$mAuF^fMn8^pOoGyrN!AUI zkb3H?W0Muo=VS=)w~vP$PCXBD;sx53?!Z8=T+8Lo-ww_$_{!VF7Aub-nAXdG;Jv_b zdJdQD0L^eP?ukTvAbA9Lw7df!21y6NU^Is}#ztiNtLOI3-or0AcI?}CiArtF;De>9 zAIfeO`|H0SD~=N;{TA>&YEu`c(ZBy@@P7pP{vAei=AoqJ#J?PP4r#||Dl(t{cuvgQ9;D#f@XV!MFmbqw~ z_@2-nZ~b)I$=TCzC7_MFPEe+PHP-)X#oHsdk=Q>*!Sd^nz52UJ`DhSi^MpHv6iE4P zhxqhHAAeGa$bBx{?i~L}DzhUNrIBjxjvvcn=R|d)!kVd5`KvCJ3Pe1ciLKLQC=;F( zIC^|euf^1X8Nbz1ft;!r2otfeClBuw_$?F+bZA}G>i(R3J}}(KbgF&xBXt5p)XZwE zkm2`PWbvGC@L0D6^2&}+%xpW^X)BMk(R8I7QfXQCZ3Y3*ik^SusWND@_%4RqIh71b zB2v$;oU0SoL;0Ak9?5-kY4L0vp3{O*Uw7lGj#?8s2b_P8Nrjj68@%Zo$s4b_heHd2 z^|7ma+gHaVMM$$i|9SjU*$>`)g;563U%yDjCdSKZi#v#dI`4L--3-U%r%}qrjlDT+UDh%@+3_0!c z7)X?7`epJ+uKyEg+5GRJrB3QEZn13!S&=cB!w}8gL9KSFu%Z@V5q8bUN#k51kYMMh zg{4z{4n`F7k?vS2LYmCLZZiGbG&afyaku&U;eMk!w0%UAY@MtQ?;ac2o$!hhF4S?e zQK9!hY5d-E>=8DEwu0XTVv6!PoZ$fEd1xyn(|6mZmU^ZgXZ9yZz z&NrI24k<-1KQ{n5|z`(zz>vHd&m{h|TwKsCIEN)&k{A11|Bx5U+ zP$YS%6yOcrHzqfOSdwj!W`x&oHC>Rf8>Dwun9{Pm%7PoHpejvw~2K4!%^D%9()B&KL))iK@S(=0aK6Z2$s4P~mo+uIIgJ|N5r@RFwUoy)&Nhsb_5OfGn9r>w19t-1wO(01 z8D`jpB}2s}+?DWmKO<@5*^3`vCQ-gF2N=Re{qHS74VZ-XT(cYR(78cjqp3~|Fa`#v z_oz89eYxKK!{zG5Tj2nwvJ9*5j(9H%mHOMX_c+&?-5Vv8c;e65Y#=H!J(ewvxQS~j zy}N{l<6(o~xBF#Y>p{Fd{mSy$5j+$P&t`Js_BB}F0icohj4^E4=&lNbFf9b>v^CaB zv(ogoCnEb#~f=w($J*vF3*A+PJ0n|gbxFL1{V*JxqxedoD2+jh<`_B&BNx&M)u z2KD?ldT9LYmgZ)$f*PBPI?|hRZ9}AwT&pU_mFzAv(l@%`>w7}eUsq2d3hHaD>d(^XVPSRE&(f=5imW+f)Eybzr^coAN*WtvsgMv-sTn$tC#`~ zX6sr#*@dIgzscf~>>fG?>@NjbAo5Gopt&;~bz)iQkgGh!W1usKTYx~CIwh@%YHFkW zzSzEs$Ilv-Y{It|cAkFCMwd*;M>8me_Jq8KV+Ac6hTeTIfreA&uog4>=7fpdtqH`5 z&ZXN>g*}eHLB0|dDb`qy8K)irB`w}41cpfmQukgGiBdI-_TfIFKQeB_i9x!KWER~< z5QZPg^+=xsnPNs4T*VquQF=EVL}(63B$u%*at!pp8#jPO-ooW=#+U>*1b9o2NOgo^ ze>gtaoXtuf++|2kjJ-@5HzlB3v-26LHxSmMy+jb-HK~UMvq0Bkn>SK7K=)dLmIzJ1-cO_sH!Yxgj5TBlxx>fDanu$i#O z9rA_ecq6IL7VEy)E9Sv7(6|c=al3aQ`RV}nuW|~>IB6{Jqi@0bG$_^we7IzOEAIbE zp6S`wJ?)eDZXFIP)Jb6AzO3E5K?K>~lyY>8J^=kS_Fl`)V9{K*F&mU$FW4sVgQ;Wu z`;E2t83smlaI+VNf!k|x2^~RqLb?;)UG|dqw&je`$T167pyfl)Ue!3EBLg<%E`#JR zN|4JPT$G+GXDxzSrPr3X7Qcj-!jPmpmkl@}h6z#F7dJ9V(ncdG!SVfqFefR}wwi$A z;m`hKa|;XM#m{y!5RKi66(yON+9x+})4?nAA8l}ccC$!bud&?Ce=9C#(LSOK&@8ri z1CNJh=_}Zvj={`0$LA|=$i;G|ChTjN7|#aBlVfTH75&gNC8o9#i_7h1OIsUtNyoN* zH_wtqls3V{*31t6;Qr2ubX(hK_?`|zcjev?l<<?SV= ze`J>hJOyr&gMaJf$I9NB{Z`N)1qJ=4FSY6DIevY>9gtPxuYW%lm+_A`%s!&$(40Pz z--(H@g9XW4bGVwxt7_Z#>woTwPD^V?YiXY1n3?IjJnw!rh>3Z*eU>OVjoCI`iSB~6 zyx#fX{NU^KlPfl^)$ZT+zQ-1+u5*;~nUs~0PNaHd}B^!+Aq z9HU$}Yv@ri{q!7xZAJLovvNw;Ln?C9@c)g9R1Mmyibm*mSy8xL_vIf*YklR;{}z*} zaOG-R&>gR>VrkEoYUWv+mCA3}tDc}DUvdNHmp4n6UqyYr#T37@Qe&6oUMKwRD-Qh& zQYP+xwzO*+Z2bbpS^A*3;2KYufR3OK+zhtj9?jd%QY1n?`t{du>cLPG&$?dxQmVuE zBu#M*r(e3Usz}_$EyW1b099d7y47e>8CED(wIj;25<&7((!v86c!@cJA+{Q;TodqcJ1D zz~f3H=zxy=AaO`X(mB!yH2+OUULWh;`62ZaJ!*q5 zs1f-eC1%EMKw`dd{zzhu1|;T17Zl^- zOEonZaqQTsqJg&dqGsKOde{5BwqXC114eRB?$RjYY=2Ft?eVXT3}X zZ1>Lh?!e8m#PY_KabJTN7X-I~{cPRu@b|c$bsh-)d`$4*+h!h#T2)`&3}7C$zm}&u z1HN0l7q9oVWY>;&MsAO*#?Pb$R$3F5W$G4zabU01+v2bmEy$)pT$EmbKy%`T*}0O3 zm|>sDUpxpIH8Xqv+bv>#66CIwB z@7y<;6OtTFs5UgNH`rJ4b(cTNdQM*eC-#JX*M6Vypz?Z=`a{0$2^PQ7%NZFTr0)j$ zRN$+);0X8qN3w|(;_FA)@WQzxY{>Yrq7`t3H#OrI;tYC<9_Q@PJrXIFJy4PBD^-Y* zvw60*8kc`SU1}iJ8|-hHg-drt83+1RyVn5~4rJ)QZ}_QckoN>_%yVWYS}FC$m&VR` z`7FD`=hpM`;E+l+8gNtUfNiYx0ocaK+qC*%IQ}Bg+a`8}%q|{YPbn$jM6N$p}tg!+p zTOj1#E6)^m<^BCU>xrL=@p{jHRgB$N4FLlF01ej9bFp^r_af&4*`x)3F-~3K2WW6O z>EEG2yFcxbI@xDnOT_J6Ck{JGo|RGC3zwCr>=g9?9c#1&49Gtpl!XgLF#am~1D{)^BOl%O+PZ|lpLRQ2(Aw5xRHb^F3w zOe1>a-8c5SyvDns<@bssR46;eI!=C}x5;}f!L;h!YIi2~N9xJt2&Ja*W+Roxb4?s# zRN<9Sqcr>6%7RY8doBlzifP9R-M zQl@2+O=b_T@Z0ha6jpD#Gevx*cF8c&f4_0N!%tj?dqiq!f&{(s>x1Dyjo5TykBdd>l!CDf{-~_ zG<^zh6c-||Xv=mgM!=j4sS<#uXy66cEa*C4!VyO(;n(q+f{1Hqs4FYqoIZ-L9Xp28 zcUM-o5RqBz%DaO+sze2}L{dig*%avrddlk3 zG&wbqqsemYql6|9-pFHWncIOTf4%34kZ_t&sjR|YAut!r8|3s8gHV7%H}u-7o}%` zI$#^ifMKNtYBly9vQpY@9IWYBXF8-Am+)^qeKjra`3_gJn_ra0@VR{XlGSS>IgW`; zsrF%qQTID#q`h$CP&<=m=pIq7!tG481q zKe8wMk`I`}N-Kk>k1>+%i$5QOL+|b?;xd#l8%7qW1s2b3^1tgPOp2F9UcYXZvR{5;Fv@5S7Z!BKYv5*$W!Me2q>DgoT+9GTu zM`7B2xyOefv8v)CW09TPaaLIY_%_lYzF`P<{%uR!LME!tVLL9T0O=f$J{&^xHz;Y1 z!mM>i3gHjfDCr<}EkjXzx%$sj1u-I;sRCWpFA5SbJjE`k-fr#%jx?{zECJ@zV3^l@ z!wTdZOW4>KPz1ju%K$pS%s73$7aU`bj!J)0*yk&4zayAeD_UU5sd&LK9$im6JF z(Nj)<}71-KNAtJ{lHxj^}wSOJl4&$hg=lDs2}Iv zg+J_<`L1#R(6sOgOU3Zk4cl&ucE0(zr1=X3-Na3#_czUZOLYJ&6`VWKdzKj@yx>-M zR&+X$Bu#KLGBhj4)uY>vOLM+N6bCJJhQ~^g9EYaX=H#p;-o_2ix-zS0>pO|Ev}Yns zVDU)~T9_-NFc$fVi=HD3Rs9?zRk&6Gaq?VtAS%LBo#L`NwC|HVs%x>5Vk*1BjQvTs zR}&#LAvhDh8Fv@jWj#ouoQs8>sb}Q{=@)1{b#2e`Ndhcd!3Di#IMRfYflydxY1__? z#V;08X|Kk5qx8g|u|`!e!VHGmKv8?tSn>V5)|4SbOp=f)KrNMT!HpBA@wHWbUS7ub zMf;#D(9NOrHgjDPmN!8#MTv=m{(f4kG&-$K*3wH!1!fI}HU~gQ6PmRY$i{zz@%RHB{<#RfXG4(K`*xGL2ipJ-idtJ!DMo#y_OsX@noRdg z**~$GM7pYejmkYlZ(!Z_^*O|aEL~`L^KBVv*fn28bW%Pi+#IL(n&k}}a|4^d9xm^8 zmz<4faHHPbE%vt^T+yc)iCC-Y~Jh?wA;!!pi~L0=g+r) z%zy7%lB0bvq#DYYwerT)`n|Cf(;BwmVehTD6aCLjfr5j8Tb*_>-i;}gE{6Utw@UiUt?z)q*>X(vVuQ|f?Dv;#zJg=)dOk0x(*V7#hK#q>YmV#N$I|1sN_K{knz{(jT$1Vx(r&pg~3iobbq zD7yRiT%#Yo(+C>AKW{>}-?tpKvU!G*$hF?EEfVa0f1Zy10C~I0ztzdRjIWMpt|U(9 zC%u5qUw{AM!z9xyng>xn1O)|Pk@MiX889llWpvi{wT6T|sOJez(SDd#HWyNlMW9|k zuAkQQ54|LtS1&Lt{_cF0!kAbh`{t~`fir-|{Dk4%!i=|K6V)_VkkxcQQTe{Y;yn;x z@U6r%bq;H0{D`7-&Fefbjy})YfjO)*(_m1=kJ;$^42c&7-cHmQs#k^?;nr^?cxMASn zH5N(*$ICp*Uk+5cMs9#kY$K<*?}L}{q3$Lcsvbi_AFX}!5Rs==wARya75;tIbj zQqm&za;dq0#I0dl1>Ta|B|TNI6$8RnES1u-v!u{yR=1Jl_u{ZIZHW=%`wuc%=hYKy zR0F->F;s|D7pt@cE&*`Gy+@CsI6nB{5v*_8F7b!5u!rm!qc2GNf-i2ot`p3GCPj;l zSyS3pjKo#uU0zf&5txfI$0`3TyPC2^+R&VU@!jSTee{@HD&p>n+Nk{UEtzbyu#28o zaBBWGE^eB~->zeN@PTxp0qbJ%Uisl$iFy6%EWIvx-)s7HjjEuK zm&9pvVsl^O6ErXZ>bfF?xM(LGG*$Lf=X+0@RYDogW}`lR8O)jgN@|@{&p!U*A~eh2 z6O?Q3wGZJJzmd_oXz3KHYm z{bcU*#xN(HrI%*$M-v{Iezxds1&)sSDmKo1i+su5TCP%R{wqAdV-9Gyb>%xJTFe)r zr*L{k6Zuwu1bD^_WAjl=2JW1Ts{yEqdfw;ZuUpOt`$bRRg-#2MIjeAZm{Gc#q-awe=o3h-S9CWlC>0$pX+uzGyq$E?zs`uD`P4i{&okdV^d zxMHiHhF4Tsov7=p=h6uQyI%HzJ#&^${oXt^nwLYFBg9PuHp6!X->`*!lImQEkW#n>GGPifP0MQ$L)>%y zdt@6v04GY&ZQZdcN6h4)+izb<{!Yqdi11vG&p)%qBf0)yyAulkE^P>%-1xe)^`@|E zH3CFXAxo2U{Iof8!PJ{89jG2d&So~i5H8_N;Txi!@ndvbP(eDAHAwV_IshX3=29r($icU|}vIHfl2J;|(<{NoAdqI&Uk6)SZ^oQz>9ZHX#zFLzUK z_bzX#E7VTb4;J9l({{;-o5qL}PwZo|NuATqaaozNu7;UQ$}Gg~4cF&atPkx%cg!Y8 z#xAhF?g#=YFpF21b}SrURXLbwf0jEs+lt;p>tEx&e2hgGO18>8W!6|zsw|s8II(~l^=)H1qjaj z3i^fwFok|4%EkNZZabwDJzP+5bQ-(&Uea6XbU!=g6Cz%|2v+CzF5EaVc}PlL@gYdN z;5^Qf*!s*xx~m?{FHN5Ht}nVNkbEjFZ6lAu+9YipdPzdXlWJ&st*Ubj>{WX89U5mD zf_C5D(EWK|^A^&_all~XZ`aWh?>AKJ_Hou&JxA`^`*_Z{#_yb`pQ?4Nw&9Q$fn+r@ zR-j`LktI2?}hZ_<=dp>G0qSuIlUHG2up z2f~lCS7-NbR(jh_Tovy}-=jCBTIL>{6RkX};p&MX4NVUF6zo1CdEnfhPf{X%tS`}6 z4A@s@E&jU4+#znEMZ|g)i&=o&0+@I6Lt*K_861lAvGbK1-%}c*>WHvxXlgq>Xe|H2 zM4Gp&^1G?HbeF4$Jhv!))8W@?_XJYShyX_*^Z~-H5H}1NL-U&JA}q`RFUaw>G8crv z>Ra{po(a(r=LDD-{AlB`}{yw$u|*pYXdYq|jt-$3iLvBm1r z2gagGYhAMv_=C!z4*u2l)mg;HmX_0ZZb?1-zE~690eGZ9xKT%V${N5gCTpE<%L2|Q zN1qg_^3zU5-!|X-zD3X6(7vb^MbWFRd0>SGz`ie7!>x`;=i%4C&p;PIRK)RnRJ$l` zBhp)QYW>2#8zEwVG~TrLzK!H_lV^*J7Lji+IE; zDl*4^4r^TpY3`~*gJ#v*>SvxbXE~o6PfZsiNNhDjHkb3uAuF#=Vs3>s4~_kF>mZsR zt?zIN?%!K(AAenLx>9>HE~k><%uf1LCwGJVEwwzj&^2iuh(j3~uTSJzyed>u;X z0|>c0CMK~Al6a3RiohzpD4!-alXqRd3e|OZ#&mG}$6?o5 zcLjRoz%$$p07&(;wmAxhs+&*ginqz9W_lkQZ$4DqySZ!xU)K^{HM)+K;uO9iza)`P zEh@lO3z?6(9vs14k5S((7#Jr$KHy!tPb*z&m41;!`P8ieO8G!sT4lw}zx-X`M5b@gx}o~JUji1wDJ((~;^sGQVOJ?Qp!*t1q^XrgV(gif{aOIJ-7kbxsg?%Te9 zH(W1^ss(a=T`Bdv_>BPISCs@eUK?31QfiQ0W?E{IHJ+`9KOD3+wwB|%fm=J4b}$i_ z#1feVQ17Qb#VB)3N4yl$l#kSmPtLvyk~slW(7hNY(cb+@@~mGJ5ZTiEj-y#IMs4(m zljOUwUARUKHd^E<|Mx%?Ozc{AYian^Xs-N=+PocT->Ssfk;HB#u_jq#6#~81` zVf@5|ee>t}P{eBkGDf2`fo~12Dnt4eq)B9goZI%~o_&)gJ=vGvRvI!?e`{PxR!ps8xVvn&%>KDQQQ)$s3u+gs^QZp{COPO}~ zOG#*T`2bK+rMLGF`q8;h#gSdi_MD1ysqL$yB>M2Ze3@L}jO}@AnjwVE5UGDNw*9j_ zzIG2wEb)GJCH3-P_J&f&=}*?T!Y=Nq{-*4DlAI@mqQp3XmN<9%0(#V5-Cr_EN@Bj% z-f$zPZjXc@q3+lE4F`q%#T>?myuW$3`nH#w^7%(eLvc9&0OfbrndN(!DoH^*2hIWk zV;sOJ{d~Q%V;52Pxcse7n6R8ZaH^w0EVPJF;w?-A6h8n~;gTV6&T4OvH^M%FVNuZH z^Nvqc>2~H)XGDv(6$57%wzm!GpoAebQA)din&T%!%Lnw7v8nPittM#Gw)j2BCV#TY zp>MU!)5vB;I45oilRYdYuC$dn5Et~=OFR!23-B++rJ6+k7;#-EY$IrK z`*Tm+yQ#Y(4x&o83!p{%Uvo=xpLRF>3H30Y{pEJNqvq);U@D*ADcF{!BTd=}bNCar zXz{%YIW+wJ=TchC9T2upJ_+7`{_2O6;o7Ftd?;ml3|IA4xZZg(# z?Z9seRx3Eo+xOkFreA7Tm{PJ~fBwHnd(XJ0wtZb#m&*!>f{1{CfYOTsilGbAn@Uky zuu!Fh4j~kkqSAX0p`%EV-a#qS6Pk2_ln@})1PGzt8F1~j_CDvnzjN;U%`cIenK8$F z#?$^-EMV{ItIqZOx@-D)F188#gEZEuc~D!6j_dDIQ48vS*b0i4*YD7t`+~BB(R(!3?)t8S&4*8OMJodzl%Q@5&Ivym_NQg9@$+ zsJ|KklAn4vH3Ld^zr;ZU>9Sk<2!K!6sppuAb9NW%^ZIOT!~1oovOOHrQj_<}Boi*axQ7H7Q2 zLTp#?mLi|SF^S9H1qlDL`mrm67iELK<&RLtj&FdYhcWAw5pT}b@rgSPHcEU20bBtX zT%mMKk+k89Jb>~xBka;ULiUB+KAOQM!4cjTOmQm*0%8`09n3Pp-9^_03p=}_;L59> zKFnBb6DELC>f=GTp6D#<7;9wgZfze>=!_DtrV* zhF`09hPV(zG61k&&nuY6hiag9M-Lj5cKPd_m! zuoOIt78myHhyL4Y9^G~VLLDL3hZH0pNZZyQ_*%0aZXVmS-UQA3?ZI#neF<<|2KR7J z*+Xbln>@+6usB9Ntd#cW&9=f?-MT&*aw^fuh|-7jdA|$bwP!yEr&J0EO@zz5xc8?D zX!mMc1@dEX8@0s3)Z;$R2NzkjJ?j#7ern^Yj1&x>BB%qoBi-Iimp<;&d{UU!)gf@o z&ie%u3Q&4P#Z)g+cDf_>i-1t;^6!NxtH>PS2*^yfRO`LxfEnkvS+^?ot?0}$p4w=Q z0ov0_fmpo_mq9Gx@^dMDx-yF`mm{rVCz>P9s;Ia4Oz2&FUvb&*Mz2>A05sYvA(uge zMN%P<_V{|0@d|JP$+g&u#-g8ZQYQOGUf_t{ast22p|#BXyuQ!k;Ywed$cV67S)9+; zP+}nQhe=y%-Re39$(Uke!h0@{$**F>s~GJFpFC_st9b+5 zV&OJ5M4qU@MMZ93If%{)yY;HNIWAcMDoSoW<(!UvuEA0hV)I+cPYU?><{r5WUjo%x#4kD? z(D`p!qEBj3CWiurrSGId40%{%N;RD@&m^YMn}#yCP%-O!IbH;xLu^yGl$Xe=p>n88 zZTLeKsl&2HPr&}!zP+yWz^rO(4{@6y4d`tz%Skf1kBkiva?(KR9(__gGsH%`I$MGO zSZKe$b&{e277AmwdXpmaa;H(g;AGxmlPTf&N#xF)3HX@yajdvvH2l!@>i!UpS%PPA zVU4%wIIIoO*<%6Ri?M)bHUXj3rLSsxI^Zyo?VC4%b)#qndDoneoQq<#%t@FA5 z@_3Cdd^(chk{Fw0?vY%e|3E6Qp+iQ6T?2Q6$BS$Lw(Ld6yEFa&6xFlskM>BYX(Po) zo4fDY3pcZ(D3YpZ#52=EE{-=uNsVg;^nl_f%LsSLaU9LhV}R);=q#&7$u=KNEan?k zg5%uFs;5zd^mkZKSmFfpuE6myPhP&R2b>?Xr(I!e)*Jc zwhM-IBki)KyX(#s`RJ4FzXR7#97lecIGtykE$*874fr#8#&1vQekJE&K+k;!I(Xqu z)0of@C2-&-{lR?DZ%7kfBjo~wO+Uv|JnfJ&8UN~ZHW*!u5K~(|m`En_#t|_NPdS5Z zU+rhvEF79oa%NqXz8d8nRs3I(O%D*v>}kN%hh6YDCEcs869%&Jx|mZC=Rm7Ji*fVV zO$ZnAu(xO>h1JN0>r|AZ5?7`x9tEUuqJ>j$6y`0GQ#iO*9tcZ8HQ`)BfK|=!w{lx< z)r*%Kdi{P~XltQyj-fB5eHVV-+J(V4M!P_4t&a10>~5-jn1-sWegTVaTaf;Vl##h7 z#w;OQqtCDf0BTRrcLfkW0c`=_??;XH+yo?3&vXN+VvZr}^2S=9jX=o@tU)Rbd>=!^ zVOopA6%(H7JEKO`w?r~l6DL~|Hg=`2*o?HX0F0%;pGgb0}05#V4 z2zR7nu@VqCPfh3{DT7LX_+A6AMhfASPJ6U&h*w441!EZlbi8m!mG?^FEj~}-EDruxCbSki~_OqF8#lL*F#z!dA z!RKEZecSBcFB;(LkJmTww1?CGGdcbL!KxhZ4F4Im{(tzuuYsR)O!!G8fXcNx!fPmh z|Ht-sdT+md^6vyq*Dtb%BX}zjv8yB#(|#StUXzafOK9&H9JuZ98yQuUSb7wV#Sy%{ z9|oW!FLXDHKC^A>$cs9&VsVLBudYs|+ORA5<-g@)T9DNCz(d6F^Gf~2Ej@@@$eG{a znJdRUd3xSmm^=vGq=g($NX15;crjJ-ep=bEY3Tl`N*fM(J8^PS&TiW(L zIR1BF-TeDeF27{+&%&dF$JnXeq*D^pa#)J5bo#r+_J>w4Q8rW&1R&33E|(#45ss3n zKa`8Tm_D`zTVf&G0LYXRpSD9e8RA$9+55nkEgTnCCLPIMgY*7Hy&ZE2H4?oIbc+nh z6=I%gGr&9kmBkoNm~hjKjIq`g8@I77FNptzy>TKa-JdKi0aADydF9YnubHv9s>>F@ z4OQV)v&Ldo@eiy>)g*Uukj#A<(XL3anqg;@u^n+duKW;W3Qu^?01FC5M5XNHkcuampHnyLh-&+D3OT*h;-MY4u%14Ve9wm zy^(R)-+?<{f!!I@QkV;yk4XTWoaP=#=_m)Wf!4-|-I|5e^Z}jdAzQQD^AR)tt?Tl> zA2zf!a`fV{_dHs*<|oi=P3ys8TN9HS+he`xhA70?1q@I@L#xDcb79_n&x>M^$)p_D zHgC~R7feQ8i7uKam8R=K*txOxY?b6AV&~nOfVttncpbnHepsW%L3Swo1Rs0{nzqqQ zJ_~khHELy4Am_N8&+PeHw^*-4tdoBY_nL*W+rMV-bPFZPC^F594vbj4=|uDr(V%3? z-|H`D;m{O71jBpo{Dt5IR?6j*2b0K`8)c(L5zD=o9?9EXOJE_X)sxV+C(h{_P>~5B zjC|T7)g4k+jZ4DVAYk!5FoV{0YQ#s>SQldhnnnzLMja&@4kPN~JX>374IzN<-w-;^ zcgiYeSbu2UL-a3h$dW0PjLv9XtFUvWhEta1C0EZAOaCi6^9}lZjLuB{3pzXOAfvN0 zE&qnj+7NpNe2EtgxRI_8Or)D zvx=qw9vaqad;7x<5bKWMT^g?G?Z$f6XJZ*W}F@54gn*WaXKd zD|ch1#*rhSl$#9)3oUTSHitEA|9VQ|9W| z;7fgTf3D4)R8G7kuF~4tZw9y~umcDs4vPQ4W~rH;Ar*0&%KMX=@_MTE=KI!cY^8<< zpx+HhrZ48=hrNmg4d-lu612OfX4AgPko6bDLrpUHD%t{AVf5aI2CDqoYS60gkCo1u zOz>WI@pwT7VyL6C8A`)`ltJkbhkx6g`a6UYvPob3oHt(K$6}D{pGV1ht%l66ZsaFnLN3KZV4b^R&ogSjI*>>kM8`nO|{G{Wg5;TNSlV#^$$jvtt z?{axUO6ETEUuX@9BcnCzk{gATN5wgw6S>!a+jE8I7pgq>ANurkWV6=wn52mIHKBNBS&Jq+}TK*l;fM+F@U z5L9$_zX>Yz%sNpZHkNnTyJLO!nNpe7d*Iv*Z+q{Dh3gyECEVR2LU73_qkv58@33$! z^8s-zuog=A;S~pGxRXW>a_*D`0NWyFt!*ojIKP{Zu@Lr_F<>xgMn_ebgiwtH+RQuy zxN=j$tVrvl+=>LkVG@V!J}@$j@^pDw&1_K@F}pnf;Vo<^n|2GO;j1Wb{!$7bbX`lA ztf-X$)q2AhbKqnqi^l1nOje5pYNx+>v*QU+;}%2R(K$5Yyt|j`;SnO^S^#mWO!l_D zngvzt47W3JI(|;vYqmK!1tayO{+j1>LKZ9j4`kM3`#%9!UH-{?zlog_C!Fd3|58|~ z{-d7q2V?rtbtH0T_Ai(iC=nCzk(NYOv&|qmY}9AQ{UHo}sp1O#JO4yzDoE|8_5#1R z0SJ9RP#E?Vi2P<-xbNV~2fBF8+)X&M&ty${5nXv>&yWMu&+9KsnS22VCFV3GpWK&L z6HZ?_!z#kMQSZkZ+D6}!*3~PYk>22c@k@}otm_xBWp%n(Z&{AtjYSvOqx(U^{|m(| zH$7xfC~gtY9XoWa)X3{`j{klTWG`mFkb?zKho~oAcn0+6)YLV{F&z}Uk@MdAf&Hm5 zy-C{l@_LT&*=g*5P+Ym`Y~?K8u$Ftu03Vc`G$a^upVSq6b1|mKBY|V#_?E1dA3bW# z`y*Ig@7GPuWZ;<3<5-*b6qbWVo?{o3jUMm(ys$hpft=DI`jxVvrsB2E8E0x9;xexjm!DJx(PaOr(fsaU(yGL-b$M5+uurkm-q2~aO9 zac9q2`i8?(jhozKk`5sN(G_|`bhT0aH$)d)Og$J}RA&wln3YUVeo&mgm4P799pzWT zMSdfqp$FWIt8^>Owy-&LnJhTVm4Tg?`ck4Wsfo#VScJmADJ8nFT z5bd#5_qOAUruIQ=T!)4?>+B8LV(hn{z4M}7IFjJnBF@wcW+%07bP&UM&I!CK*M)IX zj2(_riwDk$l^qFfqXE~eJNtDa26G~*1Lqx~Z(dt^Gub0EQlfy0osj3Qp|lc?t@E(3 zkHq5}9r=Y6nE%>(<#Kqbdjrm5QWTf=?Je<%tbaRttsN-iD z!ZvHXmG#!syw`gKrj^=L^-mA8iSJMjl0Zk`y>2?cWk1*uWdDlHRUApH+#wq%!JPY% zz>Y2LT*#I>pUgee}$|8em6K0ZM5hDoJYv=F0WiP=Xhc)sZLJrw)XenhV269K+owXZ| z7okVhCzjTKAf2#ydcPrI&8n<={6owuu<||p@4gSbIDv{5kmXdDjvT#+Te{0hfPOdl zvD8rK%=05IRFj;s>w z`70p8L#kdQ7|Lyz@)Q2bU0P{=e!))e3sm_`74P3ZNY>wEJdWeP9Ytv$RrK}i1n#=& zXNivj0fjZWt6dgkjD###H07?%e@m^7F|B-wCrt;yCB7{s5dbM~WeD(8IYLcX5RJ-F z>Q?{yO&tgb4leJ|fE zqgkXvb4WPWne#o}Rmwnk)oI6d@6d_x;H>6NC-GTt2_x224Nt1cC(wY3GMzZ3jJkX1 z8a1wMpmy*t0;~@;y2gJ@fGPCbuBrg7Xh~rzCP`$k$c8bYrc%<%i=CsGW@iF-E2OaS z4Cb*V3H%A)a6}=^lSoKIi;jXBp94$ztL5E=s!`azRPi}++ohTzEAG|#GV=m0uGMi9 zj^N*(4@U{0tL3jYLZ$LQO6l^A_Vc#Xua<||u0jw5Z4RQSLY8vITVV zuWQDh<>375-?C=vO%L(&?-WK10m^FW17$*3ijbOH4hDXCw_0Z`T;7cYr481x2Y-pu zz)n9@G;NWvINxygjV3u7;Y$iwf|`XuL91B!?kSE>$Ny=#HqfHA??ukBtKB<4>2z^z~lR(^xouelhMZQ)?8rEgRIj#jG#S-H+`3D%axF+r@v2yl= zvp?9);A%lvwn@K&rT$(UkI4W)m&v=inXZ1Tf9etT%mc3zkg`;%#&0+{7O<4<_@J{T zT9{2sA2Uf$(=>KVYhZE*JZ+=a^rQ-LyhY2pmBII_m0V|QFt2vaH$*;V}tZ z_nn!)ns3wassKV&<97Fnv|C5;k0(HX<&PbcEv!*8@LiVdt5Pv9H2102uVXt8@dKQ<XNL8^-?zCW zKIi@#HQuAoGiajN2ucWST8_hy*9P%AN-As#6l+eq0&XNjPRto3t$>WPXzb_?k2pI! z6V)L$n!>*pIdGiuNPO`I0P3@z0YQZEY&n5aYH1I*Pe3B=NEDp4HBmbBAN{4Pzf@%$P(LK^5YP>;eWwj<*?S?^{kq)(OBdmX(1w7od` zPzKoo$Hi(^^A79VJiNs9$}Q38_KCat;^!EjIK#1SzL%awcqLW7mS<-M*wVYkC_%lN zvp#D5FQ|dGxf+?p`IsBYQTg|S^%&2L@j6RFi5dV5t*p?rkwC2qjs~^?Mkbe}OW+fD z99hk`!|YGtDfES9V!jEvrJEH!HCFaNBl;7)(_dion_z4&zN_ABDMV^VEw=@fqDwiK!kZAZ->t{b=_*6h#XbFoneunq@jwSS7?@Phxt~q5 zrISiw-@Uho$tllqY80mrT z;l&kHSg>$ZxZZ)QTnP5~H<=Gj2GXdj`VhIf=m;uay_1-y1H?K$#Qj6y3NMC*%BRJT zH^4RkY6<-m7;XP&0FYn<+u(6S5}VEK>DuzTW@QI*S3`ja+CYGV>I$3j5;;;?p$TM( z9rw`IfK`g+8}thE`p=Ss0nvBykJP~18CO&=A41oz^=%gBS5YOvW9p7C-{q)4G{m67+LGOn}7Nndk=*w+jE_w4wJK7d2!uu z^p7`XmUU3K>Jh%iuXb*!~%1l7wzPcv#pTDbED0dv7=fdnsQr{>+VDl*d&vMRIowhX8x- z&abzcOq>@vl`2syoH^zs=&Yv~(@tS_{F}d7u^uBUB0Lm!_gNq;Z|ymnx=P`!?CLWC zGJ73J)~U^nr{y$;u+6cmn@f`=wBpwHbCTw?dtCq%y!#$tA)+D)vZxvJ;U^G{wSjx? z*PTj2ej2*c3}19{^~Nuct+2M^PJB|d1vj+;3r65L$jmhO z?&O62at#Q8rMUoL8rW_Y_YR)j^C@j8i3+{g(OkOBVCa6}f6>`dQk-Ek)6gLYF$CfQ zuZ%|)`E?Xcu->haLC(+ic>F5nw9pNO9|h(g2$L$IyGGoX)`*WbHf-2g^jx`lXGaKQ-*R2__nY0cJh0&)9@93EPiQ{22B%P~H1 ztE_$MNlvliotI`MPXlc38u%v#@jlVZDwtV9HTKd0ZI!yqou6lykAImP6Nlc05n>Q@ zvYk3RjM8fqfBVH%B0->VQOThRXmI$)q*7c)`E6@+8l#hQF&(0#-8A=}SY z4KhInS>LT#QTh@xfZ)Gy{E_5tdt$2_kd>Jb7zUrqeOL?5$3tRep$roZ`@Je$OhOHKi#x4XO5oBN4NBMP=< zCR`?r{1fn4H^n8~vHJ&0*GfD8FT+u4@+lC2@_^1elTQbKUeP@30I3|Lz{ zrEphEw|E?j&vB{u^x9gbm}OSb*M$?J2cy|qGP4Zv^I?8ZRqEQ_pHY07@vO8y*QG9X zkn3Jy6u4DaXZl={;DDi?tK{jvYGuY`O3&wtO#V0+Q4eAv&H{l&R8I^3)Yx%B%(+x^ zB#(mKZe>5vCGGIzfgZH19dcbG!*YnU(dH&lRVpx&DOcN>?95un9u_;Fe;RO`tlfHT zGB~tc>>8NoTQLTNrb+Bl&SJ0`dO;TagOjI@Ck_Mv1R&eQg*HzVZ~WjaF6h0J0h|y{ zzWC&rRSNSfoqhSk+*k7pt8XRo(6sPXy zjCkKX1~68%EW&no&uB24zP7OLw=ABA6pm4?dr<8?Vs)OZlgjNFvWT&Y?@_OQenHmO zCA3_}B=@eV9rSRVXe0^SG82qMlEuN*m;{KBYxb!(PPWq`3{D3UM&4{{t|~AEfHs+R zBN^|ukmgx=m4iAwQ0)09Z>CZ5WGhtrEBV~41A4r%7k$vn+yZ44JK3L^B!OPmro&wW zlQR2E#IR{NM2Dc%ovbH2DJkg;oCff>}_a$!M#DW2hp z9whb4HeHn7+X{r`+qM~XPau_>+Qr0oK0W=h*d1~sJK~#Y;(Z8ESNDAcY^u{g!MyvO zW+K_G919fNc$F`vRxqZ`2!g1{Upm1mek~vA~1sP87l8?&D&vu;*`OBoM% zB*&XCp56Jj|4^1z(l(N&?pYt_*w-eDB}dv$5y`!_5xp;$&!7)l-t$StTcTxtZV)F> zaZ*Nn1y~@{Cy{_8_xKgboRn2_#fvdd#~EeEn6))O+UjVTTlRl%RF5vAzLK5h!o#gr z7dONKBvLvW;_g$we&C7yRk9pVpPRm5&azbB2fhx33};MSUohnl@+1Po5$ev;$2i-8 z3pG1~rN>i>*>}wc7x07!DJqQngpujw(+HKF;)qpuykw9|HAH`bo|BfPKl*gJQXJ@_ zo3Q%w^4zl0h?%m40#O6ge%1k+0t=Eh!9ur)H!)%&l2RC`5#5NUo^EX2i>ih=Q*~cW zykT<6ms(;Kzj*r)^cF@e$!_H=jcIoVd=}m~WQ3gQMREE2DR)@w#_HyGg0b5M0f6-{ zh(&ATr)NXEhh`H#+a<+mw7sq<3diME6(vG7?d;WYiTIPV!QUm)E)lX4yr{K{-&P@1 zLqoB1^wrd(_lvp327Mc{HgzYBoFw`~H6P-?9<0=0yhdIRU=%H9JJCCdo^wAPLcC+$ z3mmh`hQiD0SVqLkDh_m5l71wBt2{^e18(9~UkOtLtKO@ouw>irOh1_mtB6DB`;|%c z{ny$L(y3p`EM-zdRAFzpyT1VT$nRi=`K|I3$*?UpolX{o{EveHATgw9oYMS9|ojclv!9EF| z0z1rFI%AI z4=+tTGm6mGim*5=-7^o!8Oot07^W=GPg0{Mw?-*W{z_JYBpmYMYOjXx!c^Xt3f^ic ztF(Z>FBN=JPuHFSZ+GaXyPq;Ovd|oU>0Y7BomJCVoh|X!I2!5EnyZO&Mx~Etldr1a zWOtnmNOiptHRB81R7TNkZzau?&rZ_YX^x@SR5%3i*TeLlU5ppLQRR@Sw|5Dy>y)VI1fc6`QR*+^L)>h(o4Bf_9w)+S^1PzGYCovh=5i{-m9}?6+3&!~5&> zZtiV#v^Bg%F2X;qhbNtEoI<>tlGO}|=OsMQgryI^zXf@Db0XGu!pWPSNi~a3OK5+e zB7iSp>bAJ(Yl+c6ECm1by4ElDv315KV~j1fHddIcpSku{%+nLd``G&1Gvky^n7!@d zr$5e`SOU@d9kZpZ%R-`X!t=|#u(~*6_)}B(IjmYq`I0q*%t}E<6Z7)w%Q`jHX{l{& z!bbH^aps)w3|FcU0Ra>^wbcg0xq2^gat#yeER@U2^B}5wm0Z7NYeIzKop!^kHnrFM z(@SRB5BOtkCzEUIpEbrYV=0!NA?oaE@m4k+RV&F(k}D=p&%>p2x#ce`8Ah~=6M#if zjOb5C9W<5DYLEnmg=)ah=qB&v3c?6JLOk(j6bk*r*@5RjH{P$@k`&7o=9=P$H*!+w z#Jv(j_{;gmyDUMPP>}k-4&EjqnC~lmIm4>IP2Vp*n83q6SyYG{$~Cr?OBHFdlAHy5 zwNam+TPfrmd*)PD~-nkug5tyv7HH)feADRbjEUQ`!su z8kK85Z)<_4J~zE}76w9OQD~-A?vSdxvlnyvY`q9|N$ZXD5lwu<%Lk{MVg}IPL&y8g zR$xt#G*@AlCHK844b4$c<7xYq+sxjX)E9GY`4vyt4=2S7)YKT*HFuBzQ6_;`EZ4qr zX`I%1TB0I&XexAhMMj}tgD2TCxGuC6vh3;kx=H~3?%CRML1l-Aj?47(lLBP`0&dp0T^k=8+Hm)Xsf?M@Q~ z!p2c`cl41~y%vXB(v-ZTwJy;Ug*h4~vIILN7#-Ta;n@N%l9)B1KWRAEklf(Lh)+R; z)?2uQPmWHMAUzG}`6uyny~3uvN)#+%TN`C0{!f0zxSL|Pw|Tk0cox;dcWf52-bQg@ z8?AmNCqY(fV*1as={h3%MO+}k6BQKVAv>2k!h=Zy*-@($XsF!?lQhs}f-gfXZx(W7 zviL2Y(n?0$-3t;Ev%Q+lKCto5ZA(a+sPMgX@Jz0Q$XPpJG|yYN+K&mgo(E~}++S!K z;z}h`lEqbUo>pu1MuRidy)!*)`slr@6zFk=v~YYA>xeDu0nfdqFs3D8|Iyo+?ytdsnvOJ?wmRKYMqQ>lgOjP}WKQpCF zAMhIrDV~4`<)`+%CuS$<>Tmq`xzUnJVe%+Q8S1{iDw8(#$-%!bzwOUKg+UN@@9fA$ z*5R78wtC$|&v0Y+c(>Yj!nO?(QYm?;m(`HT1Wln{bb9Vj=_^rdwOGBcWdjcwB8|U$ zb*8mBL7v3|@70oqp&3Y?U4wS%4%psc@=i6+DrteAO1uk#-AmCe_3VsN>I^TtE^v6z z4-BB+HH#^HXVF=UE$x84Lhrg>&e3C)V|bEB$rEpvuc-Eky_Hs!<~6r)K6UA)ZXq0z z)YwouwfRnKv>_Bf#(LPXs)A`zS~+Ah^A@slkyLPw9t8D$D}Jo+jARg6O4hWL`g``o zv}kk62))yI3YbZd=LNd4b|axxvuin8m*^B)+_8S$WRch}E#+My?~{<0Uz1#j!n zU8fx-`~oVu8Klk35AS_UcUWJ{R^b0tR(-d%3V&<-gTy8Ml->nYB%TIA8dQY`5z}{%l-Tff=-^W@P%4-fY^*9Tm=7E^-gp~N!tQ1&J6^$ z0j%B<2J+|Q_6_Wws~uWcH}$^iw4Ej=U#IWu#fMdcyTr;r*ZT@NodRnrhWAgS4n|4s z6rHJ)Jf-yU30Lk7uD6TBSFahz?Cv>7o@pVBDO6g}2~6TKy+|_wB?+FwZqwAF_H^=i z4Arum7NysvfSx&Rt~=aea#GG^j@^3ZAR4)lS*aXdG!p?`K>_k7KO!&9l(`lL9ZUT( z+SV;+MqI>_pUg@-IrAHKqQ+-{v+<2xVwhRlR;krtV0KvmD;^e^)MNEvo(q2JjR3`+y7#;Gq)&v0^1kUWwlOP2H8xPEKNy%}nMDb)*K62z!<=t$Lh)@e*MTn&R)Rhj<~ zan^VrH5~N7uvyQ5a!ek)D~vU>vHjB#@-nNu^5lt*DJn5!KkRFpxGWf)rE#CXS-%~Y zb|LHhDnlQWqS50ngJddk)o!K)+lH=D75B2~?5?!6`EQ2asA^?s>72$Hk5O8WSXtby zy>R7G`Jw!AXq|KCYE>RvN@VhglSl087(A7dCwB5ewqZ>#4ZH`Z8P+PA2Q37;k=Gv< zmTko(l}G-(SI$3>PH1qJ<8mT0@|QEZ`fQDRQO#ZDZa^0s0s{%NT@FOo6f-u(Nxh-! z!v>))AGVl;eW40O8VgTxYRj{DXK874j6ER ztCVYp1=N!KcUuZ%+tPBKGbk5w|3KA|Tn?62L%IfqCcPmdRLo2XXe+5a`O7f3lp{IWy%V;Y`bFD6Z_np^j_)MLEALl>ZCf_5Fy`3o+XYTiw#~;>p&B ziZ;M(_dljQI%RuTZ|R3AEtGk!8sHt8x#l5U0{MjOw=4Z`O;*NURbG~u1e2n$3GDGf z+`L+h+hfZ$(_-SV!sk!yusaTMX3NbJi=g`2)tm*?YbfEtPv8c7D?!F?Uv@njeR9J| ztd&adyM5_%_y<2G(@TZ9PIYu z!+SouyUNfQ;D1i;)-6n3M_6mpe7~QQV_^_w+AZK76)(7s#jxd+K^E{b#JQjAB|gCm zwsRUrOuSJYXiYIQ)L9Y|WtI6oq22=X$ea`#tMo-@)_w0n0tZ|c1RmM0cOEV(@$g>S zSEzCrLQ>D^uEeu6fOvNd;JkKf#6=wYK6&hM}*+u!IbTBMImwIu|vm^61xU;V6 z!6*=I{T{rA={f5GDZU<}Pmh+lD++`Wov*qO>!y5wHnNY%uLZmJfj&7taY~eNc5UN8 z-V95aaO-TQ)syP1JL{P77vlTcPcwGUoH)NE|2Y=U2wUTiVM52H0THl!1}WKm#i4|7 z)@n$Cd(#)YJyU}JxL{Z(+)jZrlTY-cafE1FS`*B^ay?zwz4bZxOUC+tf9=G7oD}1n$IbUF`6<+i{mUeLGLNr7HZ<*RjT-K~d z1T_9RfH7-{%h9{{;10KmiJpP0jmw4h0cjMeD)Pux>mEySw zsS(6X=Z^PlLbg+A?Pca$eg$86O%OlaHu8?i==;&=aFnQcGjGb}cUPNlw&w=|o#G4@ zQ}cmc!S@QW%aeMqs;w;5_{tyOvON^_ReJCJ+AId~o#t*~zXwzIZeISh%)I=IzAd== zidmq$2kz_mkoh(1>P)9Ue@zF*>UW!|a_u!NM|aN@sqDTh=B*9sruG<$!Mla zgs1U_L7NGfzB4055}MO?_vy+$cDPDuL!9{Gml1upgg^4L8$T#Tpd@<8uoH)ee{2Wj zuN-Kk60cOZPd|3U=B)m)j&0tQF8y zM0{>M6r_>AFur(Tj^L9Ua|l&>W$cEVDjVC?n;)K*0sNKW*ezj0QSz(Ajt`nEj zkAI?P0auj8wBM5Q^MRJhiNYDrSKFkxreJ9qD{~LP zPo4#o0>wHWg?*(+g8CF3k%{NX53Qs@5(613jI5Dj3#fI>tnaVuR53l=X}MiP7MljQ zIXK4=Cr{ib?15>Rx1O}8D{ED<<4(})S90~}R|@9x%fBfJge7&P8LdBT4590r)F@kXR2>BedvS%pDT!@q7mnVzk@2rqR4d8KOuGwQeQ{4K!D z{`k8M$bRnssSQY$o=QW#qvJK%nM_$nPSEe4;1v_a!NY)BOfA(Ar?(WpOl3P0AAw3d zl4>VzW!|-V6ad(jSt_k6#bl-hr5f(11my&Ze(D~x5cXnWa*S)Sf|g)C=Nf))pi-}A z-VMyImBy(V3|3O;Or}Ov zSp6x$WTn9vZ9bjbRcSRWvy(8e6o#d5by{}@QI+yniM&QckdtdF9bx6AMW4v||M}TJ zf4%!{0|pub{z{eSAEn5Fkkw>L?9m7b>G^sf2^Eo3JX;?mL6$W8X@y_apZlvNb~O^v zByNc1Lc)N`NeYwC;DVvO+9^{^x@yI*m)VqZ+!8FHAoNgpE^vCwj7p)8`R-n6j z6DXq{dI^K}r?$B|Gs$>LTsFW0j(DGl)*x$vehugt(33i(Msb|JcbNQBd_+?_k;|s( z%Nqi*32W1;;tR|=y+20kG#=!K7|`oFOF;WZqs-u%9pP-)XZ3dCIXK~&z5UGEL03bb zR_%?QbyESiKpQTUxPi(#V4UL%OMb=d7V08ap4a6$(SG--&S0sa0T?!Fo6`Z*BTgjO z@w!Q~MtfJhd_?#*^%ywa>7+OrxOh`^Iu)WiCM*1kxxMpLFv?twK8L^ra`~bLgkHH- z;(kg|az|%PT=4sXv^>nqni-z-wz|wbXKOdfY(l%vr(n&f=n9$+USJ5X|IxVDUk1tz zu91HZJ>=TGI><{^YkQsCNu&~ly+N$j*i82;Q%ez!`` zkTOXz>sxEZ9IN9!FXb*0Ti7IC2Z_s%s-2n45Jn4$*J;vrT00%OrqEu6J0bxMt#x2! zZ`Oll`NrxjP<^{#6}}3(8J365IkzeeOrMKo!mTu3k`W5%`xIyq`1f$wR^X}mR%Oo8 zvmY2}y3_Kyt?I#QzF-F~%g_#E3vkBScJ;UYSxt8)Qqsu9x;KwhqXvR(PyJ)|L)We* zn?6fQ>^@n33Z{YxB%Xm*WH?I*!EGN7IfQlxYbsL{)2Qtk8JowzeW#qC^)9=6B%kd8 zf>)%xA_#r3=Ip%JoK0&o!b98LH{A;UlxqxVcLheDLOZOL%9nwh z6VL(tD&fLiRc@{cwT7zzPqf%~gWp=3J1XT=KX;nRl8BBlCTqcUb+idKvbvoJTIkI}0uTUX6x?CEdvc}VKEC)s5&qk3f`EWVW%t12;f4~&^mWCbo88hsHR z-k%xXn8f_<9E zt;Df%gv1_{IMDELJh{P4>6XoEXPWVV&2%o|IYw{oIuNx7hDMG|X7;@gd_P$&#TR-n z*=4E7gwg7LYoW=HHnYiQ)!`s+aXsQ#-Z4Q%^3z;r#rz@hw@^#TJfzfO`S%X{GgXYAd29!y8pqa5G@v=(Hff`>#(7-#o$DbQ1~Csnc$b7BBbJ1|>VEua!~(caQ^m?w zp&yho=r*cDW6>MqWbm5tPgRf%$P#J_yDDyGO%L-nzbrT=s)Zws2%Dulp?G;bV?VzU zHVexxilQI4ZcE|9iW{KgfSBu-pX~(83c&07G5?X4hjA`+C_KtXj(7tmWUH$;V*UNg z%_TqzP8*(NF)2s%Up_a5S@rXQ*__54v<3c2ptZ9u)r30c9N zRL9o+;)BYTp5@xoceCF;n>5Waz&sI1r|-v&4*G`aZ_u`Q{kK-bpz2dcUWLm%F-3DvF6xNi0@%8XZr zHBsL~J+YGZws#jDIYghBLc9b-h0{Qq4v!W#x|R?ZdF*sA>o`kT0euG2(dJoW4Q>@H zPXmL!F6Y+rMGh)l8P`OY>M0DWMCk>L?=@}(NE?BJXT>ydkb0Od>Y7m7e~(o6M5gYG9IRr@`Dfn#PWb41%8|Oq`Q+5%weRraCg<10?<3$vbY?-c=3r)jrNAKcaOD! z&)X^n1q}X7L7HX7O^6wSau%|r5c{@P(zffAk;EGH{z*3(R@TqiW~s#8A-nizQSam4 zZPq@G4g9G`x*@1$07HFXY;22WHMa^ctP9*PDwLC2aza;ZdQ|L2fE^e;Ios3@ge@90 zJd#Kt16GukH5Bealz)HknrO^W;+!T_YIeMTtjMZvCGO*?Dd*)ieSKhTlUXt%txcRt zzkPi|av9VtMBVKTlBpqjLLv`-4X1O!0#jI}wu)Cmpz{Z&UfJ`UWC&6a8hTl-vk-c=VhkPZeKcH`ryl|(2x8+M19|UM`}}6E14CK}x0!V=wlwsR z9KI?+6j*L|bwbUTHH^3jHIE_NGp)e{2ni`L_mh3YHJ3sR+4tBb{a7fWBV z=SL3wcwTN25Rx3D@1}E)B+4vPZK&J{Fi$QXSgL!@ZI!C- zu=l>*c6~CxKJ2-CT}vg#3%WqEd;Lw-!(|8aS=k`Y-Fq~SZGnm!9TyNLv$!->8|4Yl z8Rsd6r|*{UHZQLay0vumzNqi1mU4{ZZK&pS?RJSQEXj7s!MLDd?N-@kTRkFDW3;^C zHF^Ozqce1~AEXep6&c+Ls`G7cOD{;+Ca+Jgyf-PxY5!dg{E>_ z)|w81T5xkK{*uV3rS&WV7O4Hka((2!oMa6c^)R9ez%o8^4e6dz!)r(XP@TQk`8h6X zYa4IT7*vprd!tl3dt%0x>xGS44pR?amQv4pD|(Nn)0wUEfoFY>!mC3N$!=b8z87|b48o0l zg|}!MZ%_H-5M0Q>Z9#Vutt6(l(VEl~IMCb76dh2=fV!Q4Yz>BfL!`!!cbsM7xo3)) zj3VB6?E{x0a_JN2G$RYP#rm$zJb4$XTxu~^Qcb<=?>&~p9DRH?zU(dg(OqusP^2AC z?3i_W226xwh@zo1^TykbaB7Urbm?(cqH{6xWSQP{S$Ce9S^6Df{gXOfE9uZuNsNS( z7gJB$BY_vHY2xNK@MU~g(pY=XpaLQG@~{y>ka6gtFU$J?JDeN)6ExW9DZTrN8OvU` zV{7D*&|KtY$Ffu=&Kpce3&_K3C2azDliVRrE`hkHf%3zfj_N%p7|(1P8La!ROiHXX zR0O42v?XC?doy3-{jP@ApdGv43$#CPi+ZO{-P+zQ=PNyl*w2+hsQkF_#w~7o{SN(^ zTtbc@Vg~GFd#5koF761^wA^_8jMhXR^}6p;I{em@kg~tQ;yR^8GQKPIsz`2CQkikD zU`{9GTD{H9CXmA=-D7#X$4|L6o7L^o3Po@?2ltP1M4iK$hkupjL=-}0a{J?FYydQ= zwS08_dmtL_SeDlPq{mBZNvvCyn4sK2#Hj|j^XBSI$O&g)%JnoeTXlnrnEVyEFn*eA z7tb!fI0)p;f1^%B1~0z_9LcS2lNe}aU=!hQVc|dB#s!~EX16gQow(>q0r2}wUjya& znw`#Oyzk=1yBdg$ zDU;^$d~YJ}z2B#5KrPoIDHyI|rd@8=?3rv{2VG@c>PMB7)&XO|%Lv1(^1%@U8#c0Q zni;vhxaq5%Z2hDNY@|mI@a>s$AI;{wbv}P*El+D#-T`=~es3kkhCC-UuQm6RtRx0xruuEvZ5HGkDNIw&z7%r`sBWIyhP@TicmD>^pKsP}ZQ znJG`k##5NWk6aVVnW*IF32)RsKN0;r`(rvxI>f+yAt1Vtw_<>^>2(A4v6s036c%8U z!@TMg$6c5d6A*-`D7l{lL~cmHWCGhk=uUlV^Bwb}=nW62CWk!P`o`mJLeaiP_0&b8 zOKu?-s7b(R^JZNDzL@&?%v#d}tCbY-AaicY$3-)dOv~#gC==!Oo?m`Twlml?Wg`df z(99ga65+1<&yQ#a*V6QpFO1HtGa%%uLAYO`cSa+2= zNhx0VFc2=|&1jakn;iELkvk9bWW{QFw}y0{()*eEypFp;g5GzYf;P!Y-iV+t`M(DFYrbyu%H;RCZ#|(^IEBD( z$GBDJ9;4G9$zTMV3bxmfwY$BhAb=+502C4oHyV)!uZnXsM0lS8%IIj**Rr*?)s2Og?dG*mwx+XdshOcUu_ zazC!<_!vI|v+tiDpG~?YtcSi=&r~+gWmf>Y7JdI-2S^U;-1*!sIec>WeGlK;&*|Oo z9XoM*W7P(+>)ew)T}6C?KAZhtJ?x+yJyOtp7b=Cj8$CYDLN_0U8o!wFGlfmva|5&r zu1wE*I`4T+&NV-~k@xMcmbR09Lc66N;kOZWk@ zb&a~)GrPyxGxk2UqBOYptsm1`A#|sX$M2X!liQfHWCf28@8BZr1nperyyaXHId~&t zb?gktUHe%bQ_S6f8iOBeCgIk*FZvomOkm&Q)QTVc*~;>9sWhRNca~eEXe7%dY21Ik zGrPELU}!Oi=)I_Ehh+(DX}p@Q(=;}Nf%^3iL7WPTzTBBUbc`X-1iYndD>5>^JmP{N zL(euI-QIjT@)4J!G*rL4Gdzj|wl()4!#)(}BMVZHUr zh;urv%I1T(s(wuP&u?F=b*p4(k{aYmuXw74c$AD}<2{Pr!tC|>gn`SG(vtFDheg_U zIqu8Gg7uXXOn!j#+I@KJThTUV(PB$}*VR)gMapDQCVIsBAvahHOzTFJ4Kor2&4FyX z?ZywYYSIz;rv|bt^o{l|?D109o2{aIS@h=Lbv*AsF7kqyn5T5boWSY;Dy}2o?ER@*<5bq`%J&XMDrY=jtdUdNf-C&X1ZvVBbG#< zq)IoE19E*}&_2h`5a>TuJ0{V@Q+9;g-KvbT8uNpG7wA+CT(WxuTu7LZVKOKl?w2Ma zwFkJf3Hi$d>Pp_3?IIuD`3jyGWrXg;sSNH6ufoeIt!Ei_vQAZ=XLRu4p~s+~kcm{5 z2*0Nc^Z-3{CyvCCQNqI{;4Le*_XBA<_Eb9?B7M`exj-;vzegjsYOTYUFB_lx-J>y` zUqp&+yBi@YmwP-vLsT>w#EvY()dVmmR)vfBaO=*Y@7}CTDSKfzSj08u5`CrF4m>Nh z27EGs^VeHUr!I^VuylQBkDLvptG`ka0uer3TI^2(3K_=-NR7mL+dAFFgKoH1!O_6L z{TTcLg{)vHqpYOy>S9VymJ3}*P~wL$RaB!LnElKn96 zg1MbGTBrS+v3{igcCx=YeZHeBGB%ze;7URX z_%HJT9T>u@tq^uxvK2-D>Zm|15VdT{=;t0$jm2Ti{d<@X++=~g_t|! zDs6x`yBnBxSl4BXa|g&5MfHpF0Yzsr%5w@UaaC?1v-@1|PExN1jNV6wr=E#Mwp0u= zh%O6hj?1$R=qYk(LMER|tY1eVbSRPL+?>D$8J}9L%*$CP2q~_82a=-SX|Qr|@0->D zTDH5Kk$F$8nFQCNzlA_CnSiZrlala>*>*-w`4uo{Pp72#4#1*8&+b#6sa#jlXw&&l z`f2^d_2;<>A1p|cPik3gd+o}yq@I4*?L9O}DBM`x0`_JOf;bNIB5$NG*Xk|QnwOC| z1zR};U4jyT!uO2*OIMoi0-4-72f6eNh4t6|9^@?ME~H_Y;6i0iDjpxL#gl5o@qE*v z6f2yI+0(c7^lJXF2&l)?KE|EMfYH<;-RSILoME_1=W=@7{shmCR?*Hp`N_vS7?t03 zOHwGEB43?fKE0nVZ13o<&{aP)@`PzA7&32oy2JI?Imi)(Kcym*LRZlU?|{ow4Cn-1 zQd3y9?lN4s@4tmimTkahET(Rv9xeeKneOyz9zf10Os9%}kG7eU%?QNVpd6wK_Sc=f%KUKNwIPk~r&&@|GdWQw`G+A|fb zagZ0{LXOdlfdTBEPV0A-{JvD8i%^rRh#x+R<;vuc#IlS#>$W&Ine|K)kZu6lzhWhd1E_q68H9|s^=ZeKn*eVk*E$+`J+U!L z-{^tVrjlK&)m_u1a#q^!#|tVB~6II4y~zY!OgPQ!COv-)|aowam$Hfc0I{ zrLSBEf8)LHJOg9TlW`{9vz(v2vedLZh4~ta1q>z|Q)bBW2@N?;?KFss=ZB@bP}}S1 z8HQLMZRvVY13SFe>PKk$k}-=m&3m(a*^63+YcjlR93w_@;mLR-E^t#uX4)`#BeD7P z1sMY9)7{;E?bEdSAh6PFFmn@TUi|a7w!Pp*pCO^`_U^9Vd@-{ljd&JCNdb#UB<-xrx*$%5*VeV=oJ-q!6q(83ru2U zcRAn4nj7x>@p&HM|1cf*>eX*z=Cg`^J3SIUg3Oms9gGf7i{rkdm;P%5dYYqsQ_NYK zqD(&eCw2MV*xI(5Ep?9<7{CXsDDF-o%0UHsg6xidx$_h zb-XXVDn)#y*ilxZgnyh*%-6_sefd=!kQFgxi*8^aqs_;1&4Lt8QCzOlK3FHf{yVD@s*_IGDbW>x z$7Pz}mE{~C^evs;y0rykXCi;FPN#le>*2$9|3hnafyg{yv&}5b?)i1{O2UJ;8W(D zr$c(l_% z#7dUK1&xP*y@E2Yy=HdgswuW{^|YGmLpA_I=Dib5Qgw=7`IXkOgMJs+VHS{DKlyaY zp6f7CoaOW2-5J|6n9s{o{VGwNbpi7<%Xx0zqSn&&rHKZCDdrh0rZV}69Ekrw4x~0R z+BrY{g}##{DmYTBE0~c`d1w83Yn_dt3eI)mBNc%p#_g$Q`wve_84yF>NSsdQzD7hR z_S7!A``c-`5olfe)K$Rn=G@-?G~k|gGKHF1b1J<1{O5`dOYwya^?>tmnJNVrgZszQ?%H1qa+S?-N-k z!L?mY3H(oNxIkVBmViE5NV7>!gO>xfeIFF8SPttRY+e$#w;Si^lh3>+Wkv$NOup4H zn%QQ!4pJKaYy0rf5nsJSG!zs>H&=>FKWn*^3t&-JRga&ILBX`lvROn^2J0(#Skr@9^597!q%-cAvX zbs4EjmJjk4^CC3HAgECGzWHhO&_M%>M@p;o_&52x`pN`12h5=;QJ1 z))aH4(clApkogZYPHY7B!FZ0I-yszTT993~e0ZoYBs@ZpcZE0|#`pQXH^!umL66h9 zLG}lvDQqMA29TQ5_fVbnwaGiH#yi>gc|Y&$L<#qpTBXNaT5OAi5`C3X@6sovWKB^y zxM&VA;}0kF%3R}Q{Lt`t=Xs#a)Mw9+)vAYpX(#4EK#AOm-K?Rws85?HVxwn)E3kp0 z*y|iLBBM+hMC>^-;4_DGo;oCr4{&G>ye+^s@?D&OrpBC|_z2ai~ zcI70}Y}T8m@6^HN;f>RgulZKZ!??U=et&FiCN=NTcOucnTUcc7+kUCv3Q3E1G)2*F z7tvcYXqIebxY0LpEnrou`i5+7RwGEK<6zhG(e1?YLf)Y=SqYW&2YW44Jh`Qx>x3(I zvo>Rx>aL>&D?tFlh`LY1x{SSW-gwvs53W(bdw$4yu$I-rqPK3{*F(#)2v$)3ZZ$J} zUb}SDRMCtXWI+Bkp>Fcwr+cumdh9m#L00nR?ccs5(#E|Z9RYPacg6~mny0#pbmX>{ z=Uwo+jZeF1>D#lj``^mk=4Thks>bZ{)>sJmX*~!@GhmkLnWb~(f)g;ZoyIQLMZf%Of;~AXETjf31DpJaR8|KP-OKkyw z^BQN4cq%m^b?m;%DrqhOMxA&pWJelwS0G!s1oB?eGpmDTwo_PV9&XuoQ|!bx zciO4vRiI)<$SLuk)?UGFJPo~Hi4un>ER4J52 zzrb3_TcPVpP3E1xnK&Q!q1V*QxdQa^()=BsW@gr)XYHOw2b6)&ot8+O)HN0QDy_w0 zZEcmFypT!}I27Zw5Tnm5haCJe$TZ14x7Va)7w;0XW6>xgd@oX0h)dD6US5;UyHQ9( z^+vxE*wQ!+g(huvNy^m>=`%!MFxqIQMXs)UGj!Pb%POAVEG%aO&7?k)E@jy3d-%4new# zuZMV_@6#Bbx`<#XP9x@HdgUK1Y!)p8|71Sx$XnB#qi$r*JU(d90ckd)@)(lp6IhEs zVeh4uzG#Pv+f|0O-Ue;-WERQ{BFgJG5^i2;`B27G`s<1^?LQW8Wz6a!L+tWbb(1~% zu&xfTlF%`n{0vI5KGM&u_xvWz>L`{dTx@1^NJyPaRb0X1N%6Um{mXWDxirKgoL zvyUXDzW?5N!315a*kYKE0W|Z9eoQRe$oqyHi(*-2K|!Q*)Z$TNxj5h1NdOD7Xls;_v<`?}6dpKv)V z*-4}gpTgBhxG;-t&hMk^-x;0`$mBl?@*BJ>d$D?>ynJt%D+!l=miV28CXUgW3n}{2 zd#-NgYzeYZ{>CFo6b!{}-zvY_@}d^pSsZxjpGlzm!koOo41e zv&Rhwr!P-Z2nAxGR-rwc&t#1>RJ4$3P~@giv0;oK_GQ%R(SYMLIt{c@IAqHXfI={e zF1Ddf;>6dr_+bjY%uI*I^c2-H7&BHJ<0Po#bg8hS0=;ilB`@B&+%H(LLB)e^bh%%` z3DYdy;*$@Fv?Fu#Wdb>&5%Qp>i09=qNSw(IeG&3KQ=M5QyB{9Yi?!cLI4<=h zu2o{9--k`rtv$UgP5Mq}+qh?I#K!zAo-@;Nry%%S+mJTO=lKlU!A4z-kQFjv@+&LpbI3y{Ng3Y?(T`dt1LqVeL#RT&(L%s%e7ET9c+R zIuiM};?8DpnT_XdK_*q};#5d}*CH#PQ0#!glT_-9Q6mweDVpsq45m7&m=T5_?zN38 z@lWTxFRXby`}Lw#!OJ-V)^SF@1Re4Qf0Af7-jfIT4n$gQaqdJVB+X1IPI4ca`bE(@ zxwr=+co<6s%F9{7-cWgS-sR80H~za3XhgWtL2WO8%oZ-gdC5w)vXf1{K-2qJf&xTt zq$u!CgmZFQ-?hN^0X#JCLbxS0*D=3}Q#BiJCA)~|HQ7XJjK9+iluRo3RsE&rEH&RP zEia3-Sl+g`YIs)4n26jaBZ68Qx=-7!BLQmgw#|)%@#X;3 z!J+GtnPGy0o5!>n69h?b)QKUvxivl-OvPoEf4&Dg<+gmz$!e?h`YIzovdKGxPu9aE}2Lpas$BEmE#OBPJB_nB`ps&G)vC;T!CPQBOpwjX_n zD`%`H3h@O5G@|mr^1`Tx3JZZT`1&XR)Bp2&Eq(kralJQ;%-9}aXcy$#}v8AS_0UdZ5vO| z>GOTCZSIOF0O1@mf*Rv!DtvNoASUdB@P~5&pe?iHh;}K#JN-?N;JkdOzgbq`#O*Zl1cA z_e5?WOytnpGf2H>5ayE+(W;*tewm%H zQoaR#WE3usTMAlijBA@ZX?%KyuF9zMXfvSbDEZTcfOC3BFC0^3qn7gBQvy;@^!O-U z66aF#oh6`_h6)(4ZF{>WO#$;H0P8Y2;PRxb3WeXVEbXioqq{|q#A<4_J4p#bHLjk7Aa*k+&`2D_>g>|I;ltC;|Neh!x@3~Tb;htY2?BiJ%yR@o zuBAd==E_c?d7f5tn;yZfCazQ80e0~(^Z7@jOY;`DLeWZ41%i#2E;@v&1F^**tU z-0RGjk1yqt&63IcrY)DLR(#7AuG!P}jT_YTEut)5-?5SBGhM&tU2x&I{GoImK~DDO zp8$!NfAm6&S>vf)wr#U9Ef^y^huQVUGk|D_B&1!xi*H@3dYtSv_UTk0m@!jQlsqkS zczD+7X04<=KY$i?!kL6?ZPXEuDe7v>`fSO8gH+>3tqaPFbGspt;Rtg@t`pL!x~32+ z4)mdm{^_j$+jv?R|Jr8)hl1WyIp%MB{=b4D-T$4!CYmlyF`gT&`A4ZFv^ts^AB~bv3P2$@ z*tw>#i_auQ6h2z@oc;HKU1k8B>Hp#doBszd`0ulmb@hWj4=6|U6`Jkr{15P^aO_jv zl0R|!=wFru*_Y41rBL^`t4Znxz1$JMVSdCOQZ*G|p5gWCMH6XFmu|iCBmLTzt+`lp zARA$9_#`SU(nms;Z6R}zPIaAl=mBF}K#e_q4eEKzf?Rn~ok+W+j3BK6l&p+I>2fET zrjzH1SEkMjP%Z7+KDR0o<`*BE4rK#q#}I#=w&`eD&pLdRl1hr#hKHF1y1NPFw#e8| zKyHUb&!U|#*d1Q^IS+sz9VbS!`2L90Wc73ZRauj-Q@5H2*ze#tP{ssgR?+V9#e3 z2j?uwE79FGAWkcN|CET5GgettHIub=JuSNxe~o)3)JfXDo7#Zs_$XjH{xR|&TikEr zLFw3~7P*h2R?cWrwR~n)Z{(W-bjSGy=W8PNjikW7AXV)X|(-GvF0ezBY zHi~(;b<|iS52TP$bC|b&da{RVzjC6#ePpRR8MSE)R&3qccsvYbmq4hU-D3H@z(Bjj zWXI&(&WdYl;<$F(zr-xS=!-V_=zt)P4?Q#C3)rb{mMXQ->~)#rk4g=KW_Zt)s}WO& z#jN7>5ok!?D@)ucRYmUn=Waf5>c2j~S@O z0Pe3hOJF>sJvX#sH^e5KEvSPd1*+ps{O|8-#!M>0WnnqQJ1%rId-*2*$+ znP1IY1;LH%m+YnJs*vT^Qjh4dc7ho7&9obN+bvKb69#U3jsI9D*M1>spHf<=sJA~U zmZSj$0u@faxG0fJoXuj{6w34-%;B}cfs3BU&47P<8{f(m!RJGBZtl(VWk`h#j_{cG zwE*-*djWvHe0uh^v-jT9BsLp!_xW}HV_*MZd_hP=-M&P4-v_AX) zE)drTK4G08J~c=^?Nocl#dT!)LA;rwe*KHQzfsM)0<2Noyrm)$IZA5{0!U#Bb0Jz6 zyG5Ms#Iht;VUkyO!i&jS#N%F(ON^N3XPl?J473TdmLEeEdLt zV(3H#B#Cw*nf-dvE2o8cAEp5$I`;eqot_Ax$)l8NT)_d8P#a5g=5XcLD>&xQu*lr< z(gm$aew7nM*=xHr)HlFUc~&`^;yW7io1kIO?phY92?*R9e`5&Gz;B~#(ifVAs|LE9 zB_4LR9D+xKr+CjvGK-mZrk=T{WxIqw1!1qKO&!=f*>#f>t^Q_vw0LKLWK0Yxn~JWv z`WAV_%?&WX3*MU|^ktz3i6Ww+30eXEmeZ!Uvoed!P#60y#cTyo_K6v3IeVs?>C+w4vg z?xXsWyN#>!ULi&|)s_7gUmu2gHx7L}No|2xmxjOH!fmSJ3M96Hj)rmUk{tgC3l31J{vKroc zK3Uuelo7eiqNajAO z&$+Lq%{Rl&jgib{m8^U@KnS}$GF@GbzS?|SRK8!#91&KBx$mOV(I|G5ow~{N=e4nB zr7%(pj_ofN$5pHa|O&XnwjC86GzMQSQFa%O~P|_1LF~oI_-yOMbA7Uf*EA#3V zR1e#iBeo~6o2g27pHygv?o5SAkGoZ`ZWbNZ-GA?3@MS7FwLmgzro(TpknHDITVIKn z7nqUOC!ON2Q*CTZSwZ5C@3{0HaQ|gIit64MV$1KWFu$>Sa-@ZkO1GEix?^67mFJh%X=xlS3qKAS3LL_6KXChe6s3X;tlL7;5d9P z$$itxc4FFqaCmS?O^Em!)u1i!)=&JIk8piH7?N)!Y<-Tb&q~X4v5u*i(sbg}xMrQT z!DFw+E%2f4WPqfT$D@noOcR79-Q&OO|KsQPg`RHefQHC3rs|4InI;YsnF`)5xV?Ol z&X0_@{335&+PendY3}cJocaDTG#3ZL*wnD&;-Yzr6k<0PJgW^qU2OP~+>SqBsaYs} zPa9w_id&9JDLo_jKnmINOs44q9f#(ZM zg)==KkXLuDB<(5CR<&SP-t$Wf95y{31c~QakG1KezUlA=CAZAH4izX-wtckn{jqY?qIBQMr(+Gyh6mTdt0q@85!{mkxk+_Mp8_p8(kCOW^ zePl{ez>%aho>srC-!4fsBc!_KJRLr?E-vWmBK5K1fl9ywhChSujctp8hD217=MpQ2 z>rR4jcR6oF7HF!c=Ui%kW(qBjYAbJoIg8s)xSVQ*c995Y{^ObAuLEtUi=5HzU-(8f zE2zkz`E%=9J;VTay_D*jAJzR7fn2%GifD^JAMho;{v36^{VT#i-F-J>=K9o@P!2ix zeauooExp+@EGgPKCF3c_L_Sn>d+!+Zgp-1mS@X#;?&+iIOV(pru<*VhlKGTO)Dwuh(VC@D zIXY-P+U@Y>&#H(CS3^^Gv{!D#w+tuD^bgEXx?jz@^WO-UWiRn}!q73%!5DZD-rS6U z-#%y14m!J$&yLH`PFo*R)lM@AZpZ)|uTO4C)&o(pea$ztU$uh5TcK8ibycEC)pdkPfI4(R`hR;*27=cwszj@EHb z64BQ>dmKcX?c&54#Mt)WOm%C1Bgw-|by#fy(`6aCsW{@)d&hD9bdJL|Ys7AOGcw!bVgx9ZsyrJFz${{Y6{q{nwp)d$+){w@w= zWRLOxSz1sM@&8$JA2JC4_dNWp_4|KT_$O57{_{($4=De8`({Mw|IZ)9{dp`x+UX+X zgs~R$6)37}l##5`hIJ3L<@oIZrS&P;O5^9pmP@xNDny64Y{Gp-8oseBHNesC^;210 z{H2oC)-3VRuA?oWe^f?eH-g7{N(|N@&r#T8R;eZm9k>_&YS_Bi@3Cev~$4Z(f-bYUhs`Q(<>T?h3kZ>WA=>h#W!^nyD;Yx)TC-ssxL=-_FI{cu3CQD zF(Z&efj>jm<7e}W&Ka{`|RCRezs;urM2-EM0*7GjTG7>seF#E?rBqK z|MT9o&90qRF!*F+i*{mldm=LFTr1vvka%>wXVJiF3~m*%G9P~bF;p$NDG42SzX2Y@ zahRjIj!eWI4pT9Omc$zq#@16sgdcDp?>_~;m+#~~DWM`rtputT+nnZg(+i4xjOsL| zUbdjZ?VUJlSLZT4b)DpCqS*G%u-hvc?^u5{=`&~aJMMjlpsd;-XYATsw6`&vqNFV-JNpJ>)lmsykCPbew_<@Y-E`oe_ClM(A0qA93i1_{u|Fj>6GrW={q+cPi7RSsKpOHlJ*F9BCL&I?+J# zvt|>w<#_)P1s|UM5fm|G_7d{lw+>=hb^r09O5Qs1E!@Kyj`MI!AO&EgGBhsnf~tUx zROHgpUMA~KDi^-N`<4ZBfbhzZufXB#$*b3M`+))ZTsAk)O-EJpm|i?@PP{^ERs4&0}xo z(4t`5#eMkpT7tx6g8z(jf0yG}6YJyHg*F=I|0W|z$FX^rE?+lf)g#+Tt)$d+ zw7q1A-lMQvQ8_CV2C<(_4Zhu& zPSx&*jSc3WCXY$$R?9*0(u+u7KQbZA_~_vElJ8xU|(NRC;hxy zXjZ~;qwyZA{SaXRPJ0sIJWcK`$nRHUoVllaa#G@Hdsla;nkS+Sl3$N?ao(GR)x(yx&R$J>b7iMqtu8eOerSHx_c1UBgXa1(K~DQUSG z_q)di9PZq0Chci^j)qvt7wo8zz8!soCfx=4YUAY!pBlFDc&=cr>WaA4^Iye1c)3wm z7z0OM6gcgr*_#L6sVGBSRLm;A8sF#f4z_vDJJ0%-mo~D_-Zt`+WzJJ)PZA;dP>Q;R z$0vLST9-WVc+SVUlISN%I?{Xc%$Ww+bbY;QF4Xma_~JcY*&`t82J&7pvjhe+0{`ao zQ>{W<3bwGN_r#W|MqsLBwHLcqzu+qfbcmh1^L7)uWFX2=oUJl!w2*(c&Fo~MW4a8z z+#q-SB-&q~%)B9bI2Kl-rjGaEg4YjUp_7coiD7XU*=x@22_gxdhfE7`(F}pJ@Bs^( zK$3NUzI)SDEbOA{WKAu~>37HY=;Z`Obhsxj!*;@JkR}jnC5O-9dV+1ipj)}fvwqc1 zHlFq?ROT<U0u`-+@SV~>&!QCz1T&e35CHkcV*7!z<8y|mFJg6GeZ>MeEgbi#y zE|xCwqn+$?!0h@{jpG!jaM4M_Idq<^d>r|z;mzP~bg&ny<3HVFI2;sF0DX8d^eyGY z<3al6Ibd;9DGcnuerKZVk&=hX*LI5ThBb^fl7QVidNq|PsqBc!oZ3?}Ja_^#6Xp1; z1;Us?x|>N2v1C@U@t6A+c$6A-t}Kq=0>w1CyGoT}gpJx5>$v&G3h}Z%KJY!VrD$ zQ@g5b8(+o#a8A?T2lw}_3l;gu+o?Wt*1I$65bj};&?@0=?LP@5hC8X0Ds`_Y=}wuJ zGa2j|7z10DVP<4x!+k$Z_?5A`EOH8rV`a4Lw2|j#uV%b-;_>WLS#ixbQ?TOffEwd? z$>|tOwdJnkjl~D^yS@3HdT?E8>0b>>>2im73&zf`e|PizdlSfqC^vdr-_+|$ zT$5k-?Fy$=>o(mLvT)koti>Wfjb*Rt7lPQ%SupX{B%*_L<}itigg+-DA3c|scTP9f zewRT#+wl(`x2a7})LK;PLpX7tN`-1`bV=vX6s-gD34$!Gf#{lUjpMa2XIs{8*Lp*v zrLp&!5h~A$)wYQH+@On9rOLm*n!XvA5u{Tu$3+YE)vvq1#tpeWg(8rXsJ73 zAEoW{WB+ax3<_Pj^M~pfKmR)L_I6Xsl=_sYreZafz){!!U;_0Ejk9$_BJ6{xCrY9) z%))8I4Qr-l($oD^4=nZ1tb7^9^HRU%yoS8D7d5}=L?iW`A>NUz@+{V5zZn%Y{WVBv z_AAU;&-2B8{@rCWXG`z5avjv-Ki}aTkMIV@3 znsdBzo!z?_UGxO4jYo6G8FLXR-dXO#3DGuIn_Bz$eUARsMjL7?gK1TZ%6I9P~|#^3CJeVp-c<{|`IAFFTWw!N1z! z*FB_2t=Ml7)aPc`7Yk=p7Ubm7>D5dvk5r?E`-XVL1+_d{+luuN(79Y$VyP5Mut(0g zuK`<$&(Ba-dro^U`}ohx!2WI6%nURAMJD}&7};bCcf9Q$zQlJiwyiL*k)6#}>?-$FYQA+2NN1VJKHE`-=@8+*sDbUL zg4!P#>Yaw^_b;IZvw3%~dz~~9o)0TOA3g4Xu+Hpd#q3w>(O`cGv^jYil}JBrrcfPe zh>9O2!r8V7DlGr3rJmfsw3(DM^~~WaJ#&7*e}>O@y#rhge_d_ux9BW&&-M^@a6Nks zc)h}B<;cRhrY@}$IKgBTVPE)`>wF?=&aOYW=gBs1r^A05?(CO1L5tmRIy&Bs?w}o? z=KBrJfv+6_wV(-X_5-yhS<>@DK(HTMyj(Q23QU_kyIXRFj6SayJ>rswsyANUP16R3 zjw9dV`UsTTkiU^K9#RD1s%*I7Q|xh1ARJCxHsh|+`DF};(VEt`N&SI$;u6$|#+OAs z9nFMHNx97XEqes#LSD+D(jSr2)Rd^{PNFij0%`3fI$dW~9yy0lsuhgSvIuH_WPdU1 zD8aR0qE)uyOG`NBaGH%Zsrh}XT~T`79s|0t=jYIwd zbT@_+-Y(Mf491(U7k`vazsNQ2*Non7t)Ui4fm|HklduVI?%JthnkWDl_XJ&Cn(K|E zdqXf+PY+x$@m=4HTa?%)M5r6Y%cM2%M#}?6Z%p5x-o;4dnqnsXN2(n>hi6T%pq9eG zjrMl&L2CQS9kX0lpo`n~mW@Y&1}hlwCL<;noQA*&92m->kv+w9@6d7OzCUK+0`2#D zfLJzqk*)u?pio+K5`d2V@PXoxyFQ&_30D3oiJ|qr$OwP%4eIDL`K^4-i%BQZN2HA} zy~{h#(hdil&%Bw*gvKap9qLb+#nn`Qbl~ik+q1R780glYL~Q6ojy!kj?#V`((eglN z5OvCtfZEc*-W^)J50?J0^ZF5Pr$jToF#Mr-ex+1+VAU)m5U)x)ic)i zk0e=T_&C~NCYF099kgjPQju*Z2oqZ5(#uLW)7!v2PWA>Aw!VL){re(!L0HQDp>(kG zC@NNtuJ5As4mA_k54rC1(NF!;I-QtdWrq#wqxKQNa}V02yv#^kS-WsZ>T^xQwS6Tt z^mMsnaRT97NY6a&4ifFr#_yA`dHrOI_a}dIIf(f0mocC-PeV;F_b5*1#MovzJFKoC zz|7|CEeLx48}XcsIHAkm5hSH3$d?IOdO+?10mFU%wlo5$mt;`O2i=MW`>P;>7ZaM5BOQP48-qUyb*ji=mA&FG@{l z-#19RHMq>n-L7M54A7i{v@Y6qwfQFKDERPumw)3dnw&EpP0m=9h(PkQ!7m&{XYNW= z?$?k1Q5dvF*FEAN<$%?prDLnWZC3-3|kNY+J7ENg(kAQ^c;l`z}Fj`BYa?FGKpniF2NL91lSg3VqM?BGsI1 z3~r4fZibdXE@_e`@HajvLA5s-2QL@9$)&v!6fGRUg#F&qCGQzjz`7PSo3q>%?Q;(G zAWcu6x-RBZXbf2_x6eHFF4ZiyNBR-Wt`dk18KN&!RWa&eXI0S0{j(+VL-nR8E_*$P z2Xq1AVGLk5`f=>|_g;nu{sZ`vOYRlbXHxau9*lM|4ICe`mc8@ku2B8yhRP9Y)%Y0Qv^d zf>X5nVgkcYb*Ch4F!7ip)|W!q~Y=q zsYI9U8}LNU!^x^{A|)=7To@$IG+N<{CK=C^olf`??sM*>)4*H8q+{s>xTpfX(>(Sk zxAI$AKj(Z_rtV_LHhQVIq%JB#K?X+m^gu zyizk6+@9NuwXb?h>QECqPz~DNBS#xr#`?Y!2o)`p!>sWs@J+%As_4sPh1J?l4^?3Q zDUQ9XDH3Q0C?qL_6HMzyG?Y@!+hf9tS3eb6pp*w(fc}Y%L4{%xNun~-`h6j}NeHae z+KH-ay*YB?UY{QKNVTO28W#&z4|tEh&*TQ0Qgxq;!X6BKsHvhsldEcXLxWhwmv)yt z)Sr@^-_Yw`>zotw8ne4V2g;HI;lg|5faLhQ>QYo+!|J&ecY z#yI>4TPpSkMMIp?YDO#b{n4YG&-V-|9UpFvW6;GXf#9Lz16e`4uuxxUHj6KUYu3WR zS5jQ!N@3kiV#E`Y|@i2#A~i-G{J!6Aji<@AYXS>4}_ zt0L=Il{^R16?08|UO0VmYWbzkaL&D*a@=uHPAhY+XBBs9+MFQ2k{pK3>e^pP-T0?% z4fq??%1Iap-e;~*@pM+9`}=~>$c0&DJHHfD?afEm*EY14Uqd9fuU)FRHzBX<2btI5 zyiCyJz^OC*xl4n?c>a=Cb6{5Yr;2WkaE)i3J1T^}>|9HCd(W3;a;I z{&|bku=DtNo>R{V4a=%VCwasMtm;!VZbuo4v?~)QrUmBeX3~FGG@{K(kAcAN(is^C zo+&=wI^$Qh=$aqOr3?m&cG4YMX^uyPO-ISRt9I=L8+Q83^Vgrf^%Ks7lJy?!2Zft_ zyW+kZswn=u%%|&_u0Z*RZR2=8Hs*Q`9SHrd-T43}*k;^xcV}#&hQB_lf1WsP65A(M zVo0vB!M4D;;`LD_j&-p`)8524f3bU{7CC1>&FVBZBNRX19*$cncxPz8Wi(xP7Q#Pkb|RhU7){a{p^8dJ z!>l$rMMK^Cunw)kX0o#-H5!m(0h_hw660IJ;HPO3dSkj}1|J>F-)CTl_iNF3WZ#c0 zG#*ceD2nFqJ7~u_ST7Oe0qH8L22NiuyV9w_S8SS#T_*3u)D5qK=?8eTQIap7A^}4N zk>8p<5xS*9sj6hqK8$YX+a4gtJ`E@WCkrDn@aT1h-N*c#@AjRS_a+M&OZPe{?w@}k zw7P5#lqcJ5naFb=56PZh63eE61gxe&mmxWs{<#t zyTjpv(0QDaF?+_OzXVA-(ENx+^|T;!Ts*2ErOZZH+?mb`-JYV$wt2Bj947C_)f%6C zn!R(7Y9z8itEB>gu$}&&5be#)!M=Z3y!(?QOX~9ss#gW?V6#GOh&K`oBUHw@$Elg5 zbmH!7H8#gT1fa18(!!VxyUcF%(nCGz2 zAWDekT}_B~A)y06T|h0UgEkg*)3Mv<3R-?8^MYKmTS%pGVZCI3(>ILb7~!QW&E|`i zM;Poe%0wrFZ&?@y`b>WPAlS^bhBA8CXi$M^o)91->=;<6uIO0!;g|-!h0>&j$xQcX zQ2X`X$n>0FU-#xr|49}A(cu{6@+&38LTvEQUz}{h+p75&K%4XaUn!n{Q#P2Kc#N5F z+b2y20DH#s)e>u};@PI>HG4N0ebv8QLUhl=x{4#|JUoVlDiF5Q3jJ@nDUI_l!!l!(p^Bq% zxL}?u!$j<}g2X2k=-0TV>JKv{($s+RZy=MaCX&LD-x<nmX|+OVH1}0l95FvV-odpKO=MG1TJ~Ix8Yqi z5N#^mYwJ9W3BxDy!m7e<%lz>In$~=OYj=hhczOsFTRoZFgwx(!3qq+nk3c`sL&fc* zi@{Enwhv?-EJ2{(?MB`s28PTxWGmy!5ZpBIJgYEKj)1?}mTqz9ds$Rbi6cX_eU7wa zz^45ps~-j-)1mL{+9~X9+%d$sZ@Upnk+^T`i)qVwjO~8t)?GILeODbQI3 z84;?xnnv?THk`96J(nr{p*|k+_*AGN62y*T%~AFk=0&{M$X*`e`Jmg6uI9w`M0eU5 z`D7t}I4X-Z%d)(^T)lt!(NCq^>nFmZ1LTUlx?S&D#d{JXJ;RI{VC7~;9Z>5>Q&Vt6 z-N=YHf1b2$SYL0v)80m0)vNo9I@dK~JJK)na25Ypbp}ISiNiTT=mLcgxkXxjot#Kz zV5}D>aLVJFy*E(t@$`N>f@92xqyESRS8dCr#nA@Wo9Kcb;r{fc5#g+SRG&-<6E zsHQ$XG^PsH+W}^hv4ZSk)w5lspxw_;f5%X3W;|i>XfXsCU`d~YIuaA{UYuN;{Exd?I}Ga8-*Jhyt1NE9 z;k?2OgrKcsV)0sIxTeiBXa43_GH=tZ9&F)k2EEGa4AU%;{()B!I6iV+R}w*zFS|Fe zcuRrpXcVimf2G;j7k@(}&IjE$_b>0+Ugk~gjoQc#ALf)5R%>|0 zS+kd}D=A158l~i9ngZQ%eP9a2*w1?TOj&9BdnVuYC0Uv}LuMzHMuQ!Vz?3ZyA3`Br z)xIbLc)GZ~ryug((31{2e-X%iG9V1pMWi2_Xs%t(2s(JUdYfye9!5Z!#TlTX`VJ-rY1(GC!{ht`m?X=<9s9f}Q_ zMRZ8SZ2ZgS)Q6Il%a+5`qmd1~$Lwy6B$%6w1?>x=evJ@tZXR?q(fpGcV& literal 0 HcmV?d00001 diff --git a/windows/deployment/do/images/test-scenarios/Win10/M1-Basic-Complete.png b/windows/deployment/do/images/test-scenarios/Win10/M1-Basic-Complete.png new file mode 100644 index 0000000000000000000000000000000000000000..4d958b58f70414cd34fd51b8e37d251eb41c8abb GIT binary patch literal 103121 zcmd43cT`i`*DegApwjf9ARQYh2q?W56;P^Dh0s)b?=2*uSW&u2Z_+_PDWQglilKKx z2@s?O2q98JfF$Hb{dvxL-#hLd_m6jcNxDArAGfTit~vPNxCgh%jth43OH!Y|L!NAm!8#cR}hJ znKNTHHfG)yaB;X1Y#_NSe5-}QmyJy~_!jsOWwba%ZJrmPr}g01Hi{{!e!DnX>%4K_ zQ_|(bXZYXW@D+1S+xt?(SB8T9w2 zF)rlu_jQ{YBbonvF(`Z7`p@TxD$W1jG@%vE=5Xh&9A*j8*OTPma}Q8~!fDv1WcD0@ zk2Ou=IfGsXZ2-KA=V16&kG|JEd4Ok_FS*o%$NQ@lE1r6X)2enov|az&e)YoxvHe>O zEHecrxdXn+>M#MCpSMBnG z4d;hdZKf@|r2$COW$NA-MvBDb_1%AEj=e33I6zKrf^79tFXGh@oD)mr}gFMI`ul|r~=Bftkgrc(i zw|0uN8=k6r>w1%f!(AAtxr*4+HvxLk-F)mc(`1jAU_8-mCl<>4SxQ;V4|pqD{Xz?` zU3Yg}6VQR5+|H3sAz-%Rot7gY+XB>sm*j^%jH8E^hqzqOMUj~T^H;gYHb0UVoOAUy zQ)hh}$Ll{s$Q>@~-pNcMRNlL;a8pNs5QKZ>Y)7_t!(n9(qpH z9eA@voo@4XrAe+4F^6ep#w#`khjQCJfx}gFE7kM=8bKK&@3^^ChsTwLYMDbPGr0YF zx*1DOZUuZ#(q{u!`}e$_72t02xr=;+yjy{UE?fE3!}&FKH+KBSfEQgFmc_06dS2b) zkO~RZf=<^Ie6!vpVF#A%m%JAx`^hE_bbY|^W$#7rlAK0_&PZ1qB=1H_IjSQ z_2D_dpgNM=uX|UzY%}-B+f4hpa4%i?tl{EDS60hkt=@aaE>4mC!)Yz{BdB$+=~wS9 z5>`7r{m+8MTm~PBH&$9NLEGd8)O#*YLe%2)#f> zRIiUMEn73^IB)1uk|9vh4t3e!$YPhZauS4d1vS0z)ZgSg-jMG6Ycy+!i>Lc0PENjY zx7e1dv={+u_rGB(GJ^Ye_lHjaQo1TK^DDkeE2FzUXSYbLhxsjscbRlYX6tS29*Vw025WlM}Y2X6i_3=VB@TkQ?tjh^(i+}c%d?(ehm zv_Z6`#3T=}Op=O2f}1*b?U9i9?oW}qZr8%~B>Zf3SDm0|XVmfAy1MCaRmBUGq_5&} z7MW`aD`R-L+GBk6p`SjO$|c!_J~rIqun0+@?p0{+Q|w@iZ{O@o%f4F$AFBLyX3%qQ zKroyjFXi;sjV`}62jY&1s2BKx25m|2%j3x}-)CH&g+6vl7zL{IxfJF#ur*JC?y}Xr zu`}5hh!u#Rk#DJt36zaBv4_#d#-=-QA95(NYb~ue6T16KdJ6$@jOKcry!5%hh`3MS zXt666h(Jl=os83)#><`h8=k2NhF;JD&90{gQ>95^@GAttFw*yi`_icUVbir6lw|Ks z%qPLaRg2lS$*9RgaS3sYk}2^{qwi;|2XYEhYQ4&HnP!`Kl6P0*YpC(rjvs-#5{&)w zDf^XJRO?ck(^MXZr;S_mfGBfr>OkTizRMf3s^iK-|JwzpW zv+gWcw(wbw1H7f2U^1j)9?yp1APE*z50RHhme7^qr^ix;(>pwfJEKqDFCiQ*ZM8M` zJE(!PWk|v>?@-V1E>s+7LS97}Zxq{OJquy?gfHgZer)>|a1i=zcYxIT*Kn<4jM$dB z*BJ7All@3r{Q*$r##*s)_@PJ=WfAg$h_$cEqIUO>z9=T`2d4JBbav|bePMmwla9X? zT|N_{0=12pC5d!7EiiHEG1TV5FHncBeaui6@SYjCfOX?3`4r~5Yd~B@X9!K=yXfywU6L8SLZ>mxkMc>W&W*RCOwFfa%b=?26}EyJZz9rF`}4 zt2JOko*2pfrx!GcuC8+z;_MPE!w?Rhp(>l@RHqfQr3G(P`}~ZgK)^L3q~(=CZccai zi`kcj6FjVi%O{6}8jGUm4}?DSzs!%)&m1RqF2)ufnVa=z4$=Sx4^>rQ(d>+1HL^CaH1ws%AWVO|CIrk>d#)KFX} zoQfvp3xYqnFM!gwZPlAyh|Y_j({|E#+-Jj_?#Ayh?RtNA+lLu7e!6M%4AI*gZ?C+E z($Cm@7kFpZk5ui7-cd%C`?shhT&rp3R8Qd3sh*~=E8VMLe>6fNCzCtil6I%F_8mTC zd^t|1`T!dJBc9q#>nf#4u?vPdB5k&YYS2iSXFs$A7ej(8&UhYr#-Evif~my5 zq#9|vZo3sQ2weWAe?1=JO4RHpr~2J1dburb)=p^iZr!cH+hyF?a<=R4vhh~eLrLa( zmk;4qUcXrl?#8}Bii6~uDed=ubRUct!@xJxIIS>T!YhlQAPCgtWNARnOs_^W^ZKO{ z7QJ)#B(s^82;`u6#!EesA0(H&)k)>c>t)La<^6SmJdm9ps_~HE3N9W&y?wZ~4e_*P z_%#Z|#hI-y9b*p=3K$l=hT~73e7bfOm_Z=O#|}X6L4E3G24*^p9NVWWs%AQh(cyhi z%mL>682~_7cHE|k^UhPp9rtoUd^KAX)3D#_wdW)YjOVG(B$nA~<1hBGdkO8zK{ht{ z==eI}ry^3Xiob)HOIv1YoISfQtLFHN)tm|$U{XdS*vyYHhzi@JS-Qn*F#}KI8H(RJGI`Id9_B=*xP*3%#*22Sg|dQRzlJd0avZ5@9o)-$eTx9 z)*6Bbn(|UkCAEPsTrB59pfi5aEPDU-2n zvKR(BFtXc^{sb3+?Bl`0)Vqf%IpD@m_tKpjOZxN_$tEN&Rt)bICy3nYC!3k@#~q)4s}_~_D{#S_=dKZrkYMD z>ve?NxfgM}e}%u*VP&zVB`~Xt&P5<2o8zfQ%J=qabNS~r{1}?|Lu6oMb|NhE z!nojCL_vFGOx;83p1S!_YIj+~XXzWJ^`JYR#5dMtGe@P`;okUh>LeN0imuQHEgj*; z71Do$k9{6ddLcL>F;*|1XKXO6pP%Pe8%mC_ez3Jko~iD?^R4&V2MjDXrW+}+`Zf6A z$J7)N<-Ptfp3*JgPxcV|Wx{ejuExQN4|*M7%#v$aPDJsiCSGMgyX0KuYOppls>Yqs zNH!PVR|IjW|9Gc?F`RtHXv(m-uj0(BU1v=fP?XCzUSCp+y1U&3BP8H+=+hU zmlc6YhKr(0_B=EHV`qZBQ#Rb)^`hm$849Y)@G;Pc||!?UTQvPH4U4HlJS|DMP@|xS5P zAD%ps%FGB4k&wjL*gVmmsMy6(5~Ww2ZB~T#;+U=LD((fzii-`yh_^g=4{FTWZE$sQp!Y?KY))Ho5}VAo zvzMU_(yZ)Lq^qx^>bZUnk2fRADe59rg?VFKz`^z=*6wxel-Rh4cA&6^{=p^ndz=;= zUocD#JZT+2bks?Z85riv*J|8Zas~W7_|RRn%#PGSgm9~Ib!)-cZ}FEUua!O@zNXCF zK1&>!scUYi{6bC_Q3C2R`&VZOlD!wlUv?b)LIPLZEqynfa9|RwB{j~jCC_|w)y+>j zL%38(kF}rf3Rh+vI;c$G_D!GV`E>g2h8(%U`Ek6hU7$3dZIXPSagXHgG;vC7*}KFH z)u2Ft0(L?I?op6imjO?d^Y}iky{ycBhy+&GR8qpu@+6S1TP@s*KDA+cuYeTvhOaXr zymj5!A$@)!_*MsEx!uAKU3B*((pKRlVu4E#y85oW zEbUO~!5h@--sYZGvq5vI$d-2?ojmQx2_*If^6L)+eUK|0Jv7O4qT97B3457Oq=YQaR|>PWN+Y4k%9+n3HYmTw)(bb_+y(if$cXdY>+DPnY^?~MD?dgC--D2g*XZC* zQO=jtz1N&r7>Cd9qx4Sd^6kX;oHZ#a(9xF2@@%wyDyZ<1*>I2k77{G555P|Uijdtwc$iUFqp|?XHg)Oy@@4Lqlja#9 z<&!(WIl=9XZ>rp}qjIiq)rGtmPg{sGHykFCc#U~V4|(?yc965W((j__J?(;Ii~VgouPzHQuX`$1i%n$+sIBV9By84R!&O8>r-aeR1kk0%oI}kT%KlO?saJU%T@&53$dl+jKzh^l3tZ z9ZTLvO7Mh`bg@=nIZLV*nLb2GTd!mAAg;CpUhWE|&Y9VuZ7lR_HWLSYmuW7uI&ljF z-#MtW3&RU4c)wZYID!Gx8NN1y@CLlE)LW&r;xhzNg9oS^m&U4wFwQWHr*h*{fe~a8 zw+ppEMj@2-r!#->b$5Cnq9R*zS1?p!jEdFXS2j0^*LQQ9PPVks8&vYom3+VZt}NCn zvF#31raLR2h-XEB$MO(VpS^>N+sJq}h}OjJCxW0hH zn5Kh4DHnAc=;A{Bvg(=Iib#|4zX!)@WITss1#n+(isU^u^ z_#3za$E+dFzhq09>8GPY)W|zyNh-kIUe)qSoV3J-op|TYJam1dsbUH=yD$@Lmfl}q zwH#G^vbk6b&RkI=Fqz|Jhvm{2_UI`VufeWMfT!*a-W(H^t9<%ihk1(4E3(#ojmeae zWrw2HC~zg*X1)OsZm$u)P-)-3{uc!H?TD1`Fm2+u!Z{7(ehQk#JiuiQOx%KbuiU9#pTxr-g_s5--m}f>mTl=R%dE%3V~V= zEFc#kWc+7_r|IZJeK6;>9jkfOL-HH)JKdqVUXkcos9~3z1Hf~^6R|Op)_RJg?p`0C z5h8rp+ixjz9)6=NElLTjQgmS^hsQOi4yv()!Q(A1GL$yQ1$!Y&1BW-aE5&KJ2d+JM zLD%^+nb!m%G}UjL8Hyu6+(W#(Nn5Isq4#jomE&Z|Z;MukE=)n;z40S=fS{6W!#%>0lS9nXDHmex#D_y1(2 zbtajWdOpJ)rPB8@fj8VL%sqIzT;%EMSM-_1BRu>!s5xZEOGW2?UoGyrarqT>pVOE= zH27xu6}nIPFT_r@9`xMk0w-BZ3W*zQ{mxd`*{+%1zpF`0S2uSo%#0f(E(9GF|9y!; z{@&Nj*`5ytO&KM3nsTwPUr_@)#DD*cc1Eeu7ikG{o>rFIz~9H}G7QcZ(Z}3Lh|2pX zOD@CPIC$p%tT?p)7(L7HOViN}o-dl8{OowXqrH|4C#Uw=TCa#*QUYy#8~Ut z{e^$B@>9%8wg1lF3%mU*w|@Vmb;2*UC3HCyBKt`3K*c`?HAtp~F@LwOaP5CC;s4|aZCo&Yl>gIGgrWVn ze{A+Y$SlwrO4k?O6=q`EIQyqDI^37nf7{`IlA$P-^hu;GqyMzSanhQPkMHYjE49($ z@1u3>W$*s%XpA4H1=s2N>p$)Ow*fRr*Z<{q)_=RX{oi+9>ihTDYi9iSMTN}H{AuC; zLeq3K{rS1Z`2UmnzcJICHjn;uX*#wM=KKr)8pkh8@BjJkztKiK|KgMWOW$Jre8l7Ssmadl`W_B8VmB@i-dWpr8{ksAfWI zo6lL2=BF1BcXK=Jd9?kM1yB54Vy=Rk+x$7aISRh@4Ewy}&V z0<>tsE|%zJx(})-gJg!uey?0=)!*Idv6he=51Qtn^XX;XW$z-%*F@68K-IaDVHC2H zhk7+-siUmcZwW`giVb8Ywg&DdjhF3{YJH7tcaW7j#t<8leE%dMWyqgEd3M>gW0TK8 zvS)-G0enLS2F`)h1TDhV?7DILXDv$?8p?BUbz9qIh{zB`UFcoyR#M9=qQjOUIds8& zkx!gL%8MLO>{BWq!rv4b7&3Pw!V}jh5`|+c`)|K#!hvEG3%VI^Fl{1@8hJH6*6kQZpfa#%=P`%8(Opoh8OM!1-wZ~E|bM=9-lko&vOnzYZR(=OR z>xRqIit(>A*^`i|zKC&QzyNrH=%$ppjzo`@R|kJ0<#0M&#d7k|^Arw)o!vuibHdQd zyb+}meM+vE`?EF$;;nzQ1wT&64Ef2f8zMm3dyHP`h!MocAc_q#{d^ zyjidg1B3q!O606I^9FfUH7fwBv!t@}K#-mG2w-e=V*IhA^FF6zIAr^An!yL2mmO-Z`ZPZo*NN6JX#e6&!+OZ4~b&j&BJ zb+3DLGhwDbjrc&{`Be6|DGN5ag;q3PNS28B4Hw1g%Hc@*YB6DhZ_w#B6E*W9)C;kx z3b?v_ZKbDwQS_#;<8xbzD)p-^j=&tIWxY>ziIKnZ}So+SId%CG2!u!fP>K~%32 zRh{VGl(}|FCU<$LRuBwZx79LOKFE=4&0e=0mqST` zszkv%INI0qw=B`9w~DMRSuJ8j>|Os9r)(KA-Kh4BQNhy6 zd7CEBBM?=;twKxF^JBsJv)f8bp{GXg*o_Ug{hW87=M{7`q575u4RdU5Jny|bU4(OS zV`}JqVW`LyAz{xXT@M+SIp+-EltF67gQYubB;9kLGDVnb%N0F%eCkTqMgzJ9*yrj9 z0r`HmJ<-y#=h~s)I%2}{u}o)&=q#0+TFJ@yx^BiBRua8Qk_rZC2~2dngl9cG8EB zbSh4*1nmF=52tB4=MyZZ$xhj(0_q=YMP=-H6{~lo2QogP+f=|FoKFi6B}PMSOH|pz zW5bJG;WX(5orXwY;Ww@8mF+LHau4(Bd#SAwC{ubXzJ8;oQ(3mEp#}R{_4&A?#lBci z(~|nkihR1c&?J==(h2}Lw#Qp7!k)LkqkBL3^R4QvIBW47Z7~wo&7uZiwPM+D`i_Q@_!>(Ax5 zeRm{22(yc;yVbqmy2ppJrXsyEgpvK_9~gG@OoFtd`mgLyWIy-Cn3$lSD)nQR`x%TF za$Tj-KSQy+WaE;UwU&hH*7XMC*6!9uCx;g52!0+l%j2*g_S!fN8-6MAfO zJfgr888a8h-6&;I4n&+WVa`v-je=BI54|$QYG&v%xgEBdmgF{4-llj-jEB`?N{5>* z4ko>twrTYG1U*WC8ziD8G`^zb3TM{DDd@TFfd~^m`713bJDOxW;lNBm|4Lq ztAWpF7v#{2+4mn|ZCSo$8L>jRc+{##a+%ti)klP>xn+sapOJRPP$Cakw$DMf$u4B# zF{AyC;QZkyEmaGOx&J|+@~2Iev#_H+JFWsCe*0Iv39jFwm9^x3WQCHMmm+pe@L;X- zG^HKZ_^yoQiJ*A*HQWtsuSBm!p_r=~q>`a+5{Bw#+XTBr#vS{tbd2IY3;qqY@=Av@vt!2b`;1t9G~P+K|?|pZcZ4J=bg5CL+(c05MWNYS5fpBo^WyEEaba7c>l3 z!yV3eE%V{tXv3NBdn)RXey`W5HO83Ggx`H$ZW&x5%2a-97`aH9^fkHl@OHd`$zIlW zTdr(eH88$JngCzHk+cjssTFFvQmxjL>|y57!(-y0Ci zNnc$wD>ms5zCSu!*j{>YiQg!rPQiCQBD?s-aGsW$Ts%+=y5LU4m{gl*7i1522Ir4p zRvx<3x@F2M1LcPxZ^r8{`{Vgc9Iin_B{ml zrHoUl4rOuZT%;~UfUnqVb%Ew19~J&g)B9lGzOU&*8_05*tD7SwV%sA}K5dt0***ru zXw{Yq!<5=w{QTtKg*7KR9bm(%9L6I*So&uvo#H%X9ez|IY!`A%G#+7uI}dv-EC~Fu zHsLpfq)!j*nKuqf%X`ZG;T5}8skujqF&Q(mipD9p_TOJBx$Snl06R*uaX~3IFANV~ zS{$h^PQ+UmU^J)v>j>zPkXSFBXgB2|$K94tHNXDUxKRA_VWA-9IFSun$6M-c!{Pp$ zuPbo{^`iYcZQHcIUAX9cq*lT>oQp@bdL)Ob{wt`s5)Z7PGX4ywT`x0A#7%j;VnR*0-qW{bk_%=b9rO1KF}#ixY7hbR$RvM*5-56WM|J=M1f16aNI zbg%3w^wZs(f}crV7Tz^V2DOPj^|k1Nu2QfSNF{s95K&hr=t*u# zSZ+1+7cfn(Gwgx;d+zo9gvO&E(|yl(JP*p)`f-`2N=mgBLX;nV0sX`uv1h^!e$3TM zdd7K3$4=XHjH@qF*!RC<_K!s<1o@aSNy?!?&D5S4m0fb>L@{iG(7@C4YA7li6 zrp5Mk+kC8?t7F!C0O?!#R=mye@&teXc(Zc6b@VTfo1sUnj6D(F(X_>oxz4}dzocoQ zjQY#dx~}NI4*1m@g}+P=E3SR4CXGkB$Pw+d~u6(-*T!+cduUJzp1;|UOt>4i(}M7`R$;r6Cs^_<76)Xule ziAXT)WOV^q?!_>riDESi+&ER`axCKL_qM7UBll-))|c3HH!8bVno?rkaLSVQ(g@{V zh}xEqqRAFw4JlB#M1v)6w;ZfOs%aU&2!egb6{_YajP06@w5s&Aj9wYL6mG6*){wjv z;znf?X@IOw$Zd4JvPiDhFbs@CPFHtt3y&#XZDVe8%hfT>@EACh}pAAHx$t`mWKwIr+(%^ptX8a#O6gTji*@y-%X1iySn^^IX!fB}<;5sEb zOv!=-3B&qQ-87527*G=^`A`V<#3G$Wi7Pq;h2=84c-7Z<^WYW=&AHgY!|?r~5*>7A zE^Nt@RhT8MaJ9ORu8&nY&%_AmDjpRKL+1qIVLbupjV>1n$p&mc#fB6T_jU>~QijGQ zg!K<)Gf7!Kkj-^n0*B^e?=5NAmj^xyt*+j*Sy@zcd&P-bI5`Z;5;OHu?hCHsz-VII zO2&$242wg?>ok|b!pJEY!*X1qf{yZ-SLH&3WjMT`Rzyvq1hWDSW}}HrR7(P3d!I}T z&`)JBfj_4gaEUBhky?*flK+{ZnJNCx{deYoju2Mm{7=TKAol-bEh;~|^`g_st%c?P zNJ2S9rW&zs(G{G0`hJS5&&^Sg3wgbdcw@-W%T0UI&8>w&RBDRsA2Ah6w z&&7WxN0~Oj@8lt*mp^HQ>GAYawO^LKqCC?Dn#Gtm?!W23m&U)5_%l=8+I#`v6)MXk z6w-KI7$iHZTp4|MzDYJQ<-RxkU|MPtl}eC|+4`Q{S58V>4xyVM&?*g5D}R12U@OEgHXs~zS^H&I%ECy>_fawyEEHd)(N;U+Nid^LY9L%Bk>E!CrUTszJV%Y0_HzP=I3^~~&l}eoIQ)Symc7Q~NE+{05{o)ETXyV7NT}RN3 z>F05r<~CGCA&X*LSz`E7n*{^YcXZNF6gC)mag|u(>}bG*mc8VE8c_bXS~ z1HUqT;&qp=7=j8U5e)_}wA%V)Prf|wFWJ?>&09AyGbexg*Z2u|cEXy^VZG93=j4## z*(qeCr~$g}>;&>B@J>76C_yWl@eIZkPjs$_i!cXobldmZn-m}lNCEzeUfFZvV2XAe z6J3&v`qqMz=G#Y1UovZbWF;{d%d(*{Vp2_|?evLl-dWLNdq}kYaS(0F9&V6W1 z@DlU{+fHX!vQwg2_!X>#(2x117C(60jyBJFnoO-A)bYSt@v^aYTQW^c zb*!w+XY&3@J*y5;`=UKyqM`Xd+g|1AT37e z`ana@OZuM>W?BQmbQd0~ps{>T%Fwa<^kMMf9ChDSe1!k-+rF_1&cHYTs zLTG(>G-0);u9SeNLZfW5s;zulIB~Z~2KJBakZR1{c35{6RwQf%)Z}Dmigp;U*y_tL@_VbF~Z`waTM1dGMO6V`9`%ZMKLf6z37 zSe2c&OWtc}(Ih88=}0w}6gmJBOUi6sr^FovbI3E-EKwwck7@IG%F|LRrCS~+z2O%L zN^iUh%IuH-HaSO}LHQN9t=2T%Yqs6$@P|ye*$`E}HxtdtsT@r}DGVdQgGZRP`;5a? zR2$v1WmfrUXI|nXrj=mnj>$n%cm_1V1@H8@ivj7afkXH8U8SSmS;vYG;OZQuhS_4FmD6p=ljOj&sN`+)?7ae-K+~) zt*;18e&$;DLA=FDs8UCJE7ZTpqauCkY}nKH9z6j!fwKN8bc3!+6_2m~09?;#5y3h+ zO+@s5W0`VqE*@rirDgEk!Z2F?9mTfiU{+vtAg<@jQ@vSeD_X(;7QEqAb}v}9ybpR0 z45`%o%l}%FhVmPyz}H>Y`lo+rqYP+CzB?v*G#lR@J|k*;``1hz@rCoGwZku(?XYnq zo#mI%$Iv9Lk^9^i8bW!xn$}$}HqZ2$w$4mUO}+^pm`M%R^+DY>{r<~Mjw z%uYZ1uKjVrY8w$4x*j!{9I6bo2YnQZjvNIJQ)^oDAslWhrD0A0l>_9V?TQ9m@$Dyj zs`GL|WSi0xjo(QH>#9wX&fnlSuAJl~g#3ub4PaA7y~ajs<4#z;akBbKWlWhW4DKD} zKheJ<#w8<|VAdiy7yGb%&T&Psehp22H?$&up-w6E9@x8Z(@~hg%cs{LxUW02H*YzIpCIVD|BP_LDp|CJk|3z zQFqoD0;nT%DHdAZIJ%M^NgIww1*s9#*j20LMIf*A2F`!UMc7c zy-4|%clBAN>!u2C$Dl@&dV&74+L|}4M7R~Cosl_-;bh=8>3*f;jRgY1DIbbRn6`q} zqU($fub)q_CVITerV-h0`nRD4AcARL&ew3kC`FN(pHeTYlP@DE4Z+ap`|f0i(P7FqW7a++mXaX(oQ#&}Kt z{F(tx2B`IeGW@Un5L(Z5#9$D`b?O-ND3&Ku`OsCdC(WR3j zZXb51b+4Q?Q3bu@972YjX$vFSW)JN?@`0^8a>&Htb&{P0-=N;N?Us+($&&$pp}ejl zH{+;fWv=&c^)}y+h5q(&1pc22Dl=zmm%;ffUF+{V0kmnR;Um84Bq20j-rP~in1ysW z7Nsxg)w5xHiP}h+ZHl&$)^jIyzN>eca6sNI9osMd4R z=c)*_kQhURd*v5k`_7)s&(o5Y>S!qzv|%S~g9S5A)eU~?X61cS+5jUTDz)+hRS49# zrrr%9uE<{xEZvG1?Y8zJU(Nl)4Mv33dwlD-pXvGg4BA+YYr8i$FQRy5hE2-2`R}6v zH^=^==IF9-&;8Bz{!i9`DG4-o_MKTo^!=>cN!4t)W=QjGt3-IqHAP~0Ln$$2kegN) zRa1oNmdgD-Drl6P7C)=?O5WDrY#cGOMF;7t{F65NwXp%T&3~cEgMIbz{}Tas=D!ng z$NxjX8Df7{NEtXdj-sm78uWK}9VxHgg@-uTuBjC(<^)}BFp;hF{NglK#jor6p+U3& z!$#bu%i&_$D!0y360?{UNNBTd7{oFK5o2uOY18a1PKYH6(Xi`IH7gx&;Eo^|F70{* zL6S=C>8a-@S!YFqy{W>&`gxQ1k{}{@o zWJh{yukCS`LNWe2!QF$wCubm25L*4kXHDiMA}le$TghHM4R#ICvt0x(5s*t;#n~0+ zu3`BTCZ9%KbDW9d9Gv@<)Brj3eR|Mw&UH%M3;@LK4!YO+0I*7rZFxhmqiNzHLbtYj zue$smc!S{0vUh98AFWGp_C|n~a4XhN%NVTuxz;uMf2z$``4BIyY1p>Gaa;u`;}B%- zaNUQc;1$U!bg$N}5A&FjKiV@@%zNCsrMj<{E)EW|v|}OW7d$l^hp=^~+&NV{O$@`H z{S3ccaBLjEt38aTv0GNNtP^<8o`8*?-Br2=_yg$4dp zVsP++3q|1?btdc#{Lhn7V3+WjwlAyPbV)x=Aeh zMzjGfAlw+~TWSo9YS<(2D(1)p&<(W`dlP1mqf4KltvEwgvolR>$HF<8i({cj%CyN) zWe7&O;p;GQ{EVnx4>T|IM~IhG#X$dHdqd_8+&y<#d*|jgv-D%b8&F2JvTT- z^re!FleV!HB-uk~rswIqDaM(c(PIJPOQY9!Luh2y4Tf^1xr4z%#UYSbN!SfiYKw?J z?+FV!VD9Ro4|(%;!^kF-F^9p*qP@2_=7f)%m9lch=dpAj>6QR(Bx0kbu|>hIelAG- z0Jb3?`4VJFy4DH;ltYJo(;nX=%?XVvkh0w3(^8ndlmzg#K-jt8Uzt@CFW6kkIbl{y(udf0I(lk$!Q&?YY@1ML0I zXT)r!2IB+6W4}>~Uq@q~lG4QY@P! zpf&8l9C#4O)k`t=XolT$`xNC73V(GsGVyl+-F?)f?)1)Q0-4W%rx8cbY2-jpVkw>$%Xnam!&JJ zXDtD;C~@rq>|W${<6|jJR+G``;uq!e=YG3$P*gIF`|M#Qz15pZqe+ftGZxO^Z<*DT zVz$XnQ4?Yw3$B~Pw8~In*+G|wfS^7NtN7P0Gf(Aug>Dee?3}cme7pK&*KIkZIlWkB zGUf~h+?*cF;BuNG*~5DfjMuYteVmcBFoo0*S$!YZ{>eMC*bgw?W*XgoBYHQZs!Zm~ zqx&XxDJHe9;u*-kS#09rdSh9#^gKaY7&P6~l0ONkH_i0SC#&6#zO?)x>MBmRR_U9A zL~)y80j_xXJx3wM#}#?^l0p83|9}Vu4@9{_aP7|80d2zLRw=ovKh5&`yI#%c=QFg7 z<;hJ3?U`y7_xvI5&%)#^1G{rji)6x1u=mcHasT${5%D+Cz7UP@u^*Ffny9LlhrAG)r*( z(Rdc*{h@k`X>~xS?F+5qV2j)1p|T&g zUX8DrwF+_;&_~dc0WDn1b~jXoET$9`kbR!4bupYpa`iwZg+adeCfj=-El2McwTTMP zWc7o2|951Ra;8_D014C`@v29biTsHv#N&+0OXqK83P0XUqSfr{RiUrR21L01Bw`Xj z7d2hw|H_-xe)vOUHj?;&X@8w1k~Y1)-xtFL(yiwgV_t~!@L%lM4A9>k8D@EzNNz1- zkUBT5J`QfDA09r7_{q7zkOBzD&_-AP0i9#akKHLJYWcT2dDaD!GN^^v(QYW9ApR?sqI{fT0=#LR0|JDD8lz zrJUaVimM`mIy>#CdQGCiHzPN4sb564T)uPo+hNbFM6?x;l{tUt^bWD8Jrn5&lGG5XG3i)#%lAv_-L zb5~B}qAOKX-FIJ_!C!f4vWUN{BwPt6?81}^a2<1DJbYtQN*lfpw$`KlGRMYk>kks1 zLG&J>#5|KY7;{f7pL1qGXx4ggy}ijE{c znjltlI)wQGf{4>&a5el#5U8R`7^G#0JZ|;XbtgpWuJbMHkqgUD%`D^Va-k*2kHiNF7~(H*r2s;eyKiYJ$U2r8!MPrb>WB889mZs{uPs9vGm0=oPyDob->6$@E)llb zmOIk)8>vwcOc?UvxOl)ivH8?VE18QXt?q586i__4nj?yn=RwoM=u-q}D*E|Xg314e z(zq@6ZTenl`TV1F)qwHj{-fa>ylk7GudVx!DE8LZe-PcEY@C^|*YCxJMhw^8__sn7 zu<)7deemh#Cd_XO(oUOt@egzIU&WYTI5B^Vj8~5I{_E`?7p=2Mif=O0Qw8M<8ffpu z7+Bc%IWrK=5NhTnfdz9eI>7-GjM-Da%ED+(lvd^V<}(yGmG#sR_}J5i|6DZ!b65ND zz>ZBfP~tBqJ2F`ie343|1`4rreJdOgukiYhKJpDRlBElgnd)$R*HI!h)m?exrJUl5 zU@#)BmAW);IyHlOTOY5M;@&}feZX>HGwWJ@Er-+dndpca7-;|C7g{s<`6`Ffob5bb zmwQ;GpRF(u1@sDVQ&wo+;cHR|G_Pt^6#~J$^2Y_&H_ke4x%ok^)5>CqXywZnVX9s) z5dd$Pwz}V-`lSZp8Y#v1*fBLp_5&CtGc7@E7E5UZkg%w67(UnmR(M$XdA9s@4&ddC z4z+RiM_k1Y;Nws6<aU0McPujbqOsktUUUt!5wt|JVq zx=gs|_3AH-n&fDRuAclr!6lyzb_lg*oVifMup2$uQ&X=ZX~ZSbl&9q>cZ!D3gk19L z;5jx|I*pOyF7&Ky*Fs4cL5oTa$S;z_wncSk>e@82xj${3aaKw8z@0-w^4Ncb?^D$q zruWmc&vNr+Byce_40V9Er#Bv*uOoM0zU%74rsRBjY2raC*h5qS{_`Z}o%Xk|^WkI~ z`m#iiIEOj-Ma~`jL7qq@bO7_!?vtWzwx=VkUmo?BO}if4-v9Q2DpxFjgBZr5lvo7#xlc?O!< z;9|d7%iBBGc7iR0y_J%=9Va#+Ff_?&{ut*ZJB7Tp)dmGPz~+={Ic_c6CcTnY!VV}e zvl1tNKRR`m2si7MxvswSn|VJrTRp_FDLILnZ`YTGw~Y*9E)_9+r&VGDc62R)S{sem z#4WrqPEc5_kknT8G~6nH!Buq_&o~_r;nlOQv!wyvmkpw;OqaVi#im$Yi33h$db-nI zP~nRuuhcIXXXA+-+EG+$y+RDvbeQ@qIVa4}=b( ztqYkvCv7@r-iO5_Qg`_(RXFj}4`}bZm@^wcT{aNS*brTyIdF`^cCG&5|03E(B{9E#~8iLEMK@yUsMe4M#=sa(E?SUrMG~pU!X(pGvy>3|9xI&LG zi?Nbd^5mdSOg2WgPCGwUT<^G8b~HVKzy_*TN#k}csutX!?=%NYU1=6J1*6sVY+S%J9?vZ zG$>vtRMoilvEHb#9_Xoo24oi=i4oFW4Pk3Ilb7FwUx_oHBrT6Hmfi9D%%b8S#s27k zkMdWa;&lC*@|rd4!H;)Wj}|;RYjjluexcZio)-^grsK0_Fn&dR?JVW>{{(UKwj4IF zqoe7oI4ZBsE&<^krS{%pUDt1faMB#ZWEI1zB7)E)qSeCgB4c#br4G7$RW)Pw zfo_D^N>-=wyh@YFz1YIw} zU5I9y2z=^#skQo?X+FxB?E4xJAPSrsJ{#DTqezr*Asn(^7pQVhUDa@kEL9-aMS0-m zyyIre9wav3^Nz4>Dy!E!dQV~Y=1A)d|pO4(HKicZN zJ}(Cf5F`DSfn-mX_n8f2MW!{mNfL=x-Y<=ZcX{b%wroE7#a^Uz4dHH^!4s~nYu*Vo z8IL6T1HG_IvQXcFx$H8O)#1m7s1JRHPr#o$K+9K?rXkGO{^VXD+2eA2`n`jtz;D7XyIs~S9zAU*mv;r8 z6`t&LwPpSj+oJey^W+J_AX=^EYR4}3X<`vu8kO3q3}f16L=08#A-#G$k=N>V+ndFS z+s0ELa!fCkC6B1JYfTU?f75kfES{|jLcx1{fHGb#W`nui*|ykBQpL23kLhBjA!;@1 zi@5PD4{wZwduNS+idx! zWf=4TaJ?~8jqePf&RIky&+yAoc;fQPxnlm#vekT7m9lG)o$?O72O1_;GUu5j#@Z@R z#ZdM5+C?fhrv7RU?_K@g?|(Z@?R+XL8<~$b(}kQ!35R5~w7BE`VLQZF-+VEsfjV#uay|N74_m=x-NVB!j(_uQMCMlrLl@dsv+A_psgm9&$%>l`EN^YAar6h{$uP{ zR^DCG&r!A}8L|sG*q%uq2V=;W#NrH5sW-sKCm^)J1gGiKrweiuio}3;)tiD!wQ=^o2&h$G5=#*NbZNN6$YE*5dD< z`Z9+Xo<6rTeqDrlHbb~DD|lN;raV@QQIwd;dov=8jpc=f?o@kt)n|6s7w6rzCo|aC z2A9qDMZ2~~?EHdsH|mSSYZ8@~pN|wUocdUiDv}>7B$qN@{iTKeFgto9DRddH#4M&N z`P|Iw9dlH%Y}-z9^&)}|>2zw`-Y{CWoa~Wv$f3tn95+U*xmKdYM6YkMUSL~9CqLCW zCq2PQxht8kH<`!mvm&&IE^jgwZZGA4cB$t?ypNVSDR+DUm)uLg&h8P?mZ|RT06*Y% z--(S#Ofk&Ad{A(OA;eQgKX9&eL*w;##$dx#L@IV4b=AWVYebC;<=Jp52LklgF7e>5 zqV}TuzWX`zPJ9u(e1aM%C-I(_wQYyxw}2U~_C%3DMVKg1H>XNQ4gUlVcxKUS$2VR< z-QwFNRPP}R~Nd!W-c`G<{6=(1iMNdPjduB%jk+Uclwb;LNek41=sM92k!Pm&=w%IFn*?QqIuz>z z5X{WbDN{}!56g1Ju?UJ;sqE$PrULv`VYA$=>m9Gf_nd+LvB03qGUW>GZ4ACKPaJ2w zjrf81&{HXU$eq1XKFL*9S~(&63+*W>B(ND~o3+MZ33t?ZqH ztX%^~;^$_Upt*9taxk#$`3%T~ybNEdT=q%EH#ZY|r}=Y=67$yL1GbswM?jXX7x~Qgru?aees66NxZQoWn)7SpY2!fA!}@5}U-~P1g%0xg^MKbh;;?z#Gj-2*2rkJj zk(DiZ`YdJESFs4hZtmiv+Z_b`%DJz1-DbOy&dNk=X3KL?1UubprM!XxvJ_J$IQhl-!nHm8m`kV5G zXrDH&DPv2MCeHgX`sGqaV5#i&SK<*`VtAuxvU!~G@(4Kb;qwq{Zvau=s|yf=P)_&- zSBP2C*5|=n?Xoq4rTJ{wWcK8P7ecsfzk;^xeR7ke$2Pa@F-9E*c1Qt_cT(Apg=L|+ zQUN8z{AoSdZelw@a1L{C0AjtwjjHa^XVz8gu`5NVi1TY>oKcJ9_mM6mn_6N#A8R>; zJWqPdnfH&&7o!IcB#z#ono{->%W^ClQ`LxiJGCG>37|eQ{0!akQ_O8`A>CkZZhYWJ z^f?XUy4q_lE;f4BhPCX(ce9+9V9QufC)3h{fvthqje*LDkdJa2m&Rh6TFi{}ESWsn z2H&H~ZyE!9Ll#NZ3sJi**m1=otVd$Gb>;aZ7PM8w$P6<~Ct-$YG-Y9cnB2a`4DC{w zt5qqH*t6z}aiJ#Wam`qFc$>24Bn;Cp(o$=-I`T@WKnhH`2|8gs2i=Wzp< zUDN@mC*f5DkJwa6G>oEeuADrzaeXb&DwCvP$ux8`9*-~ZQ$oJNtb^{fc;5QxAR2va zOXc6L#`WXt*4F=#Z$?nfdTr*$pJT4(eq%v-%w>s=lTCI1Y+*At-Bf{e|8#C~o_XY3 zl;(qq+~)n^_c>m@Xhf@tq&2^0Q3EWPIMOH=pEXW*cp(0_hbo{*ir2!~K9O92BqYRO zs~bOjst-gr3d2Kmv%5Fy1jKo{EkipUr=-`Nd(4+c*Me^fnVr(ikm4ob7}*fo*;kvK zprMNzGuSWYc{=E=D+^l&i6Z2y3+`0$q1B}=d;224top|FUCCbjoh;we<_}nGKHQ=( z-cI1fFBQIR0_b2f+oKNTzoZ}zGB6}5A=)}jBVrEPm-@v0x#1jNiOshc+iVkc?kNFW zQFrzqn?JpyQKdKXhWtLzdvf&WOt$XLp!SEU%+rJtR6WEi0@vWnNqeABLHp&@SG0Jm zbXNRQ&9Ld-bHZnIVq}W$)t!!lhrFQX*wDYem(Y~klBWmJh@TDON$iAi)m_^6*c4P2 zK}>U#-bI{_&zLo>J*SM7@ci;g%{6^tszVdX%#Pc+kW^#efbaF@NALAizB!b{5#GYt z6rEQ~T$BOGE$3Nv607V|MFoMTYs zhvhv%Ma+-SPBJtS4H^{OxV(gyj3vk-&RnY&ziw^vz#_j%!NDuS{3z8t%StTPGn&0@ zqZo73P2&g`YvJ81zG3^!;#`|@R8EtV&z3VYWk}+++bfDN1|P^y18I8on!5)ZV|##? zxNhV4+Nbw9hX zo~+KzkPZe>6jk0#yH)&lU-VF9JOe^vCu_2JpuKpYj`dKo+Y`5zd^ZfnlR=&dpulo2 zumy{AQS}r0WrB;K(G?9;f9q+3L^j*mqegbxbBq1o{9<@+Jt?j@GIqOvwBpIi?v&nU z?u-&nZikM2?aVlLT$0m2yFA#dqPGf{e!r2Fvn(2NkG$(j$Z+)Mo(ojubrrulIoyUC z*ynut+*2iTe#{yylm)`DD(eCX+!j4-CAPO^PSeu`zAI}B`ViCFkabl1_xzj@`b|Vz9q!22tzoc=m5P#jKbxhemMF{osM_U8!yOTz zvRgHs&%>{bEd z#rN7087wym1v-HDc)7~Giu$^wa_g5s?aweGPA}qdK}hj{<Szhuu*htYaO zfA*Xrx zapytiw7*}X*X5%DQW~JQbjT@O97EGF0^Xyo?=-kwF5x-S0yH4ca?kuG!NRFIXgfuT zSF`Bs;#5u6!|IpF)$Pqv%~|DFH;$L{Y0!bbQ1z!BkCzDDrq(6f;C6rX2GN6iU6T+? zjCtKu56THm*+1tN@;cpC_k0z)mq7crUVs@vR>S!X$rRS zW5Zm_@AvE(A$2Q{zgYG#5Wu1pC1Md=XI}(WPgHfY&v7@8w1vPfXr51ys|?7MI4Uvh z6;EBS%s!BVdBet4x9VpFo z$`NA4m!u1RF7phaSyeDYV0-0Cu?8sAchiC@wa97`c+r$#r=UHnUPX(Zz1I{8aHNyNVZ8}vH= zD`pEMq)km7H1HQ){?Ir;K=AMWk)zZ21mL3sliKhIM^n2O{NkUlqt~O^K^@k{xFvZV zV%XQ`4h>rYZbMZ6$|rHSs2K=|2E=zY^C)W_lww?f25b$`#X>!!Tc@W-f?yLN(< z&O>5vOE`P)yBODtEtoVX0?}~v3Lr~>3`%to;5iz5rH*p!?Vd~LUBHCxk{=k9d5$d- zSEizI{ieEKzyBT;1hM_<%f2dwpEVWlYmld++h&a|7qsAKitnSy zj~5d;EZHSJES}1&qys0A5A`flia+~R%3T4HQKxj(vpa!``o=1)^! z0%&A_p=zmc>$`rC$LJ67ufzuMkFy><@(N@a5^jQQuPjcwxmol)$YPAvFKB%UFRORd zpnj1)j_gI2MpR?+)URK+j%SM8V*54F&e*-F?j@pW)rqK`+NSv!i?meQn;u(QdxcTy zwcwoJ;Jv?nSO{ANxD@wJGWX>LZ>p^`S3xD;e%S(&F0eEi${Sw9rQ1KyKcFyX&G1{< zH|0Ss*~}hlLC0>mh-Wy*1-Lmz68%x=nr1}88lY4<>`84PP4U_{GR~ua#@$o zDY#?7XeARvRmIUx=?(&jtGnvpJvkGNsDb)o06azUwF1%Yw4=;@%qRybXNQ66iz!qG zb^E8+HIcPsg?9O2+qa|gjMiVrdtP*OXVd!{gp|e4`lu^s8Z?yDu#!BMu#yOpCYW`y zXioiwn#!l&te4hYq3%~rF4nlz!MqWWlz?rg>(~}(>dSRRktjP$ARjb-d*kbZjX?i! zCxxrmJf;G5hGpA$xybg?QGM1+Q4*@d;4>1q#M0*mIESiV6jI68Z)lnlY_7Dre`fY` zY4Fol_b?-Bg{d{Wf*q`-#VTs-iulyovGs7sSQuv|UtHdIY)RbwBhsV2!{o_PRaMXk zPu9nkmJ+tTewV9;s`n|X`fr;+5zW?W7(o2Bvb`l(Kuzz#^nt!pn$=&UK{+BYc^FNE z`t7%gBS|!2)`u=^4`$FmxjYOICFPzy#ZE1qw=xr)HQGJW>+Fn7Yljb+opJFWdD-n= zulv2~xdygU^9|Wc3*^<@&9S@GxT`Mnvwv2y6>WkUi7$}gy_sn_iejHMh{^0qa#id{ zDiM_fa)F<-O%)?jLV~hK9yuUkhM}z2?b`FWdwJAt|2yfDP`!^YX-%U-LbG~8wfe+q zn!r0nW+p6(<%>2%r`63zgqLS0b27#};t#<|E{UHYypegWZ1gg}Owu-;m!bd`zNrrp zzkSGTSgC!I#Ba${m)$Xc)57YiI@L1oHDPg96pT&~sT19Q%nEmRvlSP;oe<$2?%Bg} z7Pe)RmMbC*t4Cp~;uVr*5*KezeDRz2qI+enJ?TdR0%*2it^C)FeOn#5Wm29;Y%`v2 z`$HU=VRy{XWX${=)>MJb@AAzvR$k|IsrC+-OE4LFf=1>>^lAANx!t14be3R+`E>J< z4z~lsqFCITg)|Va_o_X&R%u!SJdxrJ$pPi}$)}okvwR9om;3iQZ?}wbjA6+04t-V3 zd6+-#RM9MTh~@joVYZFO`aU%=HTNlcq)XoVJwNMSg^nC3>hemtsAzNRM3MDQl;?zw z<+Gq0#g-kHoPjRUZZkA2V61PViRD@VXis$QUGqTob$GlWal_cho>U{{1HY>Bmxcj? z`LQv?_&l*s?o`AtWXjmB-~8mRub|Cv(WGUmFrH&ykQuTR}pXN&}!O(Tw_Pgp8YW<1JLcZ`D^58MWwDZ1n zUw4uMt?u`ovBfvq4@*U_Jkg=jJhc+L-^*I;8p`r(0-%yw=kkA+}Ft1-?0>&b~ z{*f?quj=@+!>R=L6ZV{>rqXF@VZrcNwx%zH*NuRwDj-XaIaZx7E0u7n#s0Bu6|5w{ zo~S2e^h$ohL1wxJ%ZODyWSB3!8QAu=5q zvF}d9Nb;d7)&VU+@0GiP()DVi2+SQ{ZpA7JsN6i~UB%B+d#zA#ii(xbnXq1f?NN`y zUnLL6e@xHS@CJut9vlw2nM#8pXVkK!VH&|W-gD_YDEWK*o>`f+Oo*cw-beyI^AM& zSeo_}X-ggsEG+@8l9Y-AUIJ1-FN`$|b*=>X@LKT`M${HvD(UvvaA!Kb7|qVqk;okk zL_X*lP?Cs;%3-ueQ#Sbwf)j;}s_)d}@ti!o@ft_}u}a*?Pe7rlHhe>xK;wZi&x-2ezlwabO4`)_=xj1y|8LC7KZ({Ze?XW;^6 z6_-+!UQt=zPetars0XYajsT*wCVRP4iNHs%L9DJ0!# zL#qDK-TXqm!{rbng z!^z$;27II7j%cM)y%2$imq0{qy3PZ;dM6~$vCHfC$1hL_$oeSw{>p5s8n07VZACO1 zcX6u!wLxHq&JgSNnc%M=4+&mUDS8)~P@gXhb0XH2^ut#|9_}kb4h^Qmg^s_O-G%Kx%%rg?HE#(rhpaa=b6mCbbB*dHN>Vbh*X18 z#(qd=ku(V8Js?;W9X{67p!~bRGc;zFa7yt;Qf~dLa$@Jw@9tMegM+9_m)(I*QB*J~ zL5$tfP2g!QoU^waR%o55kXj$4Cosw(g?6zNHibVrY+ncs^>8il{$=52IAPsOx9wDE zD0;Tt`i|coi{QA}A3O2`Q@tmFC9(ZxdVokbVja5ma+MlG1=ECop+OaXN`uV>x zF1xW)5}SaAE!x~hueCq_cA(yDqjB|RxKoiF-@#iHDJ5cKo4efe^;9}$1k8OAfQg3I zv(kLL>FH(Cgfw){kN>L88Ot8tzT0l_EN*5)VJ|wOgTz7E3;JQ*5?(c3&t7=yMz46I z#}VQVyY(*%NQa!d2$WLW$iADP*zmvFndOv#c&CelUgL3~5CW%^ZtXKwp>&5?- zSVpF@|EhI-u87ME%PalQO}Uw6`)%5$a{ZZ0c!cSJl zf=TB_k47Qg!yrO`pEK$7&}bhT%VlJZB;7W8@1iu%t$JZ6OS1U4g%Ia!Z(`E#QKzWj zWV&bi)!tlEKF8yBJ&xBPKB49DmlSySs93bad_IWKX+VUYr!@R|&oqB`D}gw5@y;nq zYO5}GSN7mW%U-5x8a^mvGyOZ0vOs+s=HmDes8 ztQk~py+~{=y;^oANk_P~^{+ri3aV}Tyrmo`3&nWGcqh z<+G5HmL14!euQ+PO*txb27mQGBAGcb`eqpxyU&3;C1}I*1YOWkUkKE7Q7Cl-c9yD#w+FG#}`L)6ai(8z46+w4!MDlKB0TtZJz;$GA4K zkwsqJ{05T)J#yJRlESFp{hFV)c2(yO@c~C3Ed-wAI}(Z^5bSSD5r_324#y6pTqNO7 z*r_E(dhYnhlBMkVs0jn7Mf|E>PXW#e9v$YuOQ7Shb#G>0nCv(mfWJ>2rdrrs z+;%a-=zV2f*3TA)v1_VW4w_YF@hv_GH`Q?6W5^o(>`13Va38lgF`x-_sWtua`vL#1 zO-7~|_M>mS=fe_N*sQx!A7OKcy}!9btsJUC=bW2fZ}NZ^yuIhtZ!=Yl`UpjaDESXU z&50YGM#J3g5LP?i57*hBjeqGQbV_$Sm0(J{+Bd9-^;l$NEesU11jF=y#ok(X(!aCi zgn{3*+Lex{nah|j`ceHC!4-p5!R&JB7qTu(pZdfYJ78UI|I_ee%raF ziMznw-pNIf>F7%w-+xga?Ql(7wUI)bdZOOcFk&M*_GW$k&H}#F*1DqLIPVWDcXDDj7?rNWZ<52bH!Al0?Y1-?7Pq-fh z)sLzEW{t*6dao`qV;y5{GX|z-g$zeY!Bhq{W1c-zpC#~;D`v9MIf%iU$Yb55SX2_z zks>Z|&CE*1eiOahM;Jipa^Udgb4^LpVR*qqtr3}dtXw+R)2IG_p?LX7LmeGYJ0IZ8 z*c4Nq?JQa7m7Tt%11m8lwtp$0ggJPXWB!aNiqMEBQ2;1iem%jHgvMB-#~kv~Rc@%D zq|C?l{nFipY}99mQK9w+F-nCL3d@66B8!-d7)7I-AHE^7DQBwT$@$Nm&^%=H-uKt|61l0)caw?f-pnsvP zE5v+ri2eDklbtL{#5}t$`JCCC;X_oBU4AmNce$6!4(1xk!PqeCRti>*l6r*ExbS#U z&a%BUQ?4BO(DUO65ONIMl?v!l4rod8XDd;#DT@e4wh**eqh$YMFoy^>z3r=bhg=xX zXdOD(hHVIZ=k9^_$dD*J&VLG(d1T$lbj3oZ8sA}SVQV*_v{cuvF1L{D?RiSAK+DBh zNiio$yfE`e7Mv8-ef7RG__g_wZ06{ZrhGqgjGl%Xle!HQWLVFQ+pp$yGh4QM6vhj~CPs98KpbN4li_i1&PQLTqvfqjzVo9M$?Rad$^Ksc@YB~LjVxLA zb;oM4wR4&Ckqhgwyuu;Ch#op<$YJmyTvw^>F@B*(Wi<3_tM zs0SQO*FWYggjovNAfDQ2iGR@lO2XVmTDO=~G7v0?c-TE#OsH~qNhv))GVr-s(rDt< zTi=N@o>3W%zdQ_RTb@SzcS-hwG7*IAjz6HaWY&wC1;sFEi1+3#nchRh? zWyOzE5wa{+vZ66+B~u;WRF1m&KP4fFhZuYpiSEv$LxJ_V6jW4w{+l$-OLp7Pn)O#w zNvpfUtB-Uj_!J#JOWfNjV>g$YA1}2)8@k2{XKK<`y{GgR1tU(#Q@e{bw@62RFFwGO z$E;Hp+BImmFZ7o(*(}s)?OaiU!tFZ2BoihZw=vy4Eq5}`CI}lNWS|LDDqP~-I|TCR z2`!X*F#|cHm>X~BMJzDYkfVhyJ>B32Z3hwYLDWuht=rs|z}kVlJ(Ie1k+64;#in*Q zD!_3$;(0vV0aRX^iK)-*q+Ia(AD8ez3@tTm&m_d0FOt6aj-pJ3m=o1>2L-yt?3va; zHMH;JuudrarA(=k;}Nj5Q!|>~EfL7mhIs}~n)6n#m#h!9?hTOOZwGpa*YGXAGN*H$ zMSv=F661&fa(h<@C)Pl9S3~m?*_s0G`u$1=!wax84be_GbGy~0<;PuzvH-?7FQ@W! z`ZbAk9|CfSRx36vT7HObd$q7k#oaE9ySb)RDbj+5EcemWkblCFplqN zR#d=)*nR&bI%D&;Ci;Ezn_)Ta1#$)_jYT}XhgsLbjTNimP$E#wci8&NXUgmwsPm_a z{71nN4HO(2k+^RKKffNb)GY`%^5?c%B$%@Q4kb;Yx0Y@+$p+)U(~Q+#SkM`?F~|0iYyykm80uXx$^k8+(iwcUduCa1ARqam}1vrKKaNs zfC3v~v-(5+)*J!y5TQSkjx(i2l~2N&MPk3!M!RzWTmS13W{yJvoGE1d_P?4+jqe=< z7I4E4*$5qW-HE`{F*5hQvWPvlbz%ZBnN&}nx^??JX;RKyT?Hpku6b;SVh5M?yIyo$ z;lVgETbcjjMFm8oWzz05Wkt41$okh~Lv-e0XsJw&w-SW^6nePHdG~V9?cK(Y^d~?O zSMhrkWv&2G#80USVolCqrM#bbp6RaeI4+~PgfFpa?ptO;fp5Kuf%kpe7~ss)9sGMN zRWE>p`3+3}yW(MKEfOdq79M`7np`3B9$?fs7u@FTR8>_au~ zwY9yjA~`?glyZP3-)p#y7O=E`GRTS^Vjo!jNy_N4}+ z?{j^1m)xBmHgnTtC*XctDei>nOneOh|M8U3n?%n*@6`Djt&HCL@sQfN zMSIm`N~GMopGEA}BC$7%&q=LTly$7{@TsU7pd?GT8Hm zO|V;+=xLvo65D$=d2{)2LK#m;=qHoa>hOs@SC#I_drr5ujjg?UIdWnL%F1XBGDvD~ z{xM?J-Hput=?}T&zHEU^-MYeQ)tW~W*1b#WHvGPMGJfFccA*s~HGpsI^eoS(Q?)sB z3*MluistvFgSA;!*tAAYo5-CO0H{&EzD7(fhs_+Sn%j6CYQK+ISah3(w1{bGpwl?=3 zubR~uncl<4_*Y6Syz%PR9ww-){#*bPW4b8_l> zb?&K@w_4#U-m9Y)I^);OFbMQmwWDh7N?zTVUN~7mx5pCDvAE06# zt!9y0Q;Y@Q5-%ut^h3H4TT_pwrN+n@!1~b6F?_--#z7!pc_Nq zzw`8Cdhp;d1G`~a*ehx)v9$3E!S#n%^KG_wJuqd6oqD?XtdAQbw}(tlF2l+X9=j;A zW5wJaP|O8;y|DkdH!t=P5I&4nRrSZEmEA)!SnkOJ7454y?vXtf|JS6D;lCD5^!e@so+j=gu2J7`?(LVPt5l z*GQb6bNu%1-{!I2{eR5~BG|BlRW(-9l>8b<5Ab|u!cF#mwDmmn(})Das@7Ighfm5#ax!{YOs3C_*>2_<99ogH z70l*GwNP)WcCBa^_ZbOH*w{qy#&xs-|BrIN;;!F~0{RC5;KKJG#*Ks-7rGDT=HLl0 z9V-y;QEJ{xeTR#z8u77{M&|56$zLcG%a_;-XZ>89v@;<_!*K1yjGdtNFIy?}U(;4> zjV}GmZ~DKQCjT?^?0>nN1Dq9ZC_Fr~v}0dtC#)8BT>ZvvUGbAaqW`itE6tKpyFGhP zC1S-3&+Gp1g?yfX5XCXc%Tgo1_yh8MVTp&1{Xu?(b}1kd%2?Yh#qOO?yS)apRI33{>V2u>Otvm?! zVjO(~sXY ztPtFFL`6h=+oP)S-<$2*8<3<6+dY`Jqj7BYsAw-s9!_&IdA;NnEvy90i=J_`*{}$vjv=Jke+rD!Gz%I3)o?S~ zk)X&kjqkA*(b7nzO<+L@?nnCN-tzmWrWw17 z_@GxhRl-;q|NC$Z1rJ58*7RridRk_a&~6ou_8gq=2h+jV8gA+YD6BoPfSVblYeI47 zNmo<^Ay;;<4x#YH)cFT1(V7}qQ!9KnA@(d;9EUz<28~dtUbq2V^c{^+GvZXl7|GtD ziGdAWuNQ3&G5I;Ex7*8lAVS(7`3wr|5ny~v-ag~uvPZY5`RI`cVt*O7=eQJJ0;Zpj zhhoGxVx6zz(O-&R$S=vSDp@kA_+i}$I|y7|A}H#BSr>?x1*JdWLlm?c(zgIw6s9aS z)YCGZMEwdQFYnEl2wDS2YPt)xl;=(SN1)iD%(dDn5Ror?%eY1EVgYl2!-#rioNHY} zo@BZokM50~*#U)kCJ!T`xlg9%eY2aIrF??-T>EQkd!S~gps_#M+z9*za&xP!Y@X?qU<$aAMroFBWUz3K9$mTN0Khlh5! z0}RCAPwEn3K@%?}5wDiaNYA@O8+m6A?INfOx!o|ZCnd>n6UGI++81?ymil1 zqwn&Cm@nRp68N7-E)e$Tc`C7knQEWQY56_E^VWMGXc1pLB^g5cdXaL&@7#eyhGSuE z-hj4+&(mpQx;8KacYuIsVHp0nSn8YpD$5egjh+`avAI~nEq!vTW`L^_c~^&6UuCa2 zEJaU)c}%4$1_P>UL~Waj<5DV8cGhX{PJP6dFJl10FI7p(^32r{xXrv6PzF?X`sTn| z@gdEpuHgw@5H>?+fVGmwpNU`02ZNVM>u$B5(W!izNHz>YDw8|jU=U1;e~yaJ;m;_g ztKs^3nKho4H6$a=Ht@0+xD0dd)j;a|5um30)G5L>E1*t%A<6half~;i*?W6@$yR@L z5fVc-f_W7mWIJ0Qh5E@pB!Wt!iqNI1m~DMXN2Ley&2{lHnWpB*rSL+S1pR~;KZ~Fb zzx~hjfC^WWx;<_g05;JAo58blTZtu=K-cbk9;#G(WQ|AC za!h^$zJZd0A&2wvOZiM5FYw7c^Q)g94&2;}V2!D+6vU2Py$EYXGz@Ug!D6lbu;3k+ zK^OOyeBORhiE(nMK#^f@AoUap;uou1*mLaQfysKe`^nK z1F(`^^H!|CmU-yP#A_s72z#rJNRn*5CLW34vEGvO5ms-hmmTf!M0mh3@^o!Qylr9* zg0?NFwP$_$A?&w*R>^JWJQPfY;lPnLYvk!Hn65Co=0%piB)scRqWEKAQ9euGaQ-8Q zF*K>Q@As1qIENtauJTYtn~;l7t5H44X8{N&FKPv(5k}Y$3?3yS24o_b`mEu6rQsP#3=zJ)?glM8D$T zq-VKvm*(At?~#PdDoo4OEIn!n9rkI-`?}^MlEJh0z2k|U<9ik{kBvLdl*eZ5IU}kE z<&jkU7)uYck=%JIknUq&%*_B-{~4qt#>aji=ckQ5RZ}3wSqy6U1(cUjo?ku#ThD#$ zaVx~{F6|r!s(SX_5Y??g_a&@~GtOn7h56Bh4f|#Kv&G?VDl&$-MUS!JiShdk*)(%M zB9|Fs_q(nf*g+9$vYol|?A{YV^!5rqxjgCq`C>NF$=#Rhf9Cl=#iTRL*)B@RG`c^N z?w}qc$McDxjk7n8+>jE&L&8?K+z z#go)C3vu0ts`TC{JbYx_B@M1o1*4f0K80>zoeVXvjP^l}_tpY(aSh)b&u4(v4PD6E z!N4~paRX>HodW-@(JUs&O0Iaws-@sFLnUE&11^YH+$*(RDB5nxmT4hRj?=1iy`{)X z_F6yetLXm#O;Q1nKV#txC(g5AV=9dSI{AUsU7KL4%mL}4`+r6Zj<8-&Jj@HCp$5v& zU~#+P<0FLqv2g!iq>uma5fh;=u_Hi)|Er>e>(THX(wOX z_*ho_VC+~F>wWZ2ba#&2fnfie|J`|qRzK|CET^bV>#m8wQ{9MoZZO$EK3)Q&+_Bv7 zvRkA&)}S^4&>T;I!^BaWYBVL~xcUU}ijHL&`!wj~*5ht}N4izHOuV`ObM80bj-&ND70qW zlCRB?d&HKfpC&5e6CEWILmpD~d07;G?(%uMwKNaA97QE3 zKFZx9RH-KSWBwRe(wi(2usf&m25-Ut?B!ftZJ_jaQzjr)9IAohDY zQq$IsU?1TH!cso5zrs?~NT?E#m~ExrhOl1aVb7w@pJ^9*>wDj%yQ=R|L~l5<(Vl%Inu*@KUU=x{CM%z@P15C%`$wQU-a8Oz$C|2%Zap_k zkGq~OMsV4F#;@|-I|#!#>TS%qztR~d9Q#n ziWnK>)^D%GlWGY6O(#=?BCGidy}`kn@A2?#&OI zTgz?*PPe#koi4JnQoKo`{9{m9p_0K+Y}U62t#`|AJJlH&bi;kre*)ZF8{O%N)9BB?*hS6>r}q+{R; zLHK2&kFED)N7^a&gK#iFfA{Ohvl?yKO$IeXw?!Y)@Gf4rQNJEYRcbtVMs~^VD`m7y zZ=18G=d7=jHxlxd@q&7ItwcDhyKuRUPyg{~sM?>YG`$qYSU!W+Nt0&lJa)9|2k*wi zTnzwR*iFU)7YKccZY*YGG$)kckK%N)E=LwH@(W$k-*>9cJ?+y#kI%7n>dIH_iYurF z7+Y4qm$zG)lr+6*MTu@1FPG#D1V$lX%~sdjK_xz|xGlk;IblVcM7}Sc+PKJjk8-pI zi&!upYmsWjR@-n3ikEHqEIZSFB<&cw>M4A2X|{<;=taJMEjA9fd0#AbZXbH959<{P_j~CjoLQ#%JbqL_6!p^c z?R=+$n-G&w{=P#=bj^9(c6LTC_y!P~LVmMaIM*H^_es_QF2p)M%0o&K_Y&^-XQoJf z;wyf*Svg3SpJe5BrvS8>d-$XP`?O9?T2G)ZKm1Y76Nj$(!7&bE4GLl5-v{sG95D_1 zPuqO-qb;nQ<*w_xF+LzbRKz3RO;TTnpGvonDS2LS8{Rwb`K>#Nph%@Xg39|y(NkX8 z8=_Wy;>KlW6SD0FUJarQdkq2?N-yIMPc1GUQD*IkBA$t{0Cq-tD*5~NFTlXMboHlG z0R8vMFlSEyV7_ju985*98hAO#60N^By0g9;ke2g`>{j(V!@)YnV7RwQ76Kl9PFpUS zU`y(KVuXqOhpE}+(wER~v}b90V2fY;VV&z8r%>o*>$+|4Oj$5nC+$TI*i~0$ivsT^ zKt}Cs7gOc@;g&R;Cq~qOUvc=gF=3FkwD&^~Mh+pmnDI_gzG&c==Y5O_HtW#6gIH9O zMl0ef}3~}t0-;q*_cv4$fahHM&Nh@%+}^lIUnz@nRya1 zv<+yAZlxpE2H&kX-1F1$XY&t(>QdF#)MN2$w0vjjUt}%wuSCE6H9Z-arF~m_hw6pO@wB(9M>TSoKubHx)_(w%qEGtFUjv{RBZsQvgoq)-f z?|HM-(=#3^;0RycdAKtypw!v^Mt9?<7-<0dq*AuJ|BqKk&+Mm+epfOVFgI4(smVGt z|AQ1bDYlLwWH~`^$Bq4oQRM>+sC+p5suzwYSgk)16sK=dvISRH+2qom?QwiFvBaph5S( z!>kOM49Swam-*V;gYFV^Tc+wP{;v6)Grwbt5TWi{d2U%_Dg|W8I|D0!FO)Z3ABZKy zG=Cm!;nN&`2rwbYUz*LfKDpWfk{YlEZcCVbeu>fhg>6eq)?mk39=|T$56~Torb2RZ zJ?wrz?%z?|b-Jk(@(m0WAsb}>^GA3ODS5ec6#|rw%7nPp1U7gU-z(=+|3{Ks{nSKH zP`CHm%D{PD51jz|MDE8_LVpN+cn?bjT}X1-I{xa26S(KW_!Kh}T(SbbM^cyHR;mk^ zj)8wV`aZN*S=j|f1+{jzqfgc?hC0SB^znbQhR@o+tf3vP!CDso2W{^i*3|ZPi(0lQ zBBCOqAVuk2k=~*rAYG()k=|>75Fjc7N)?dadlMqP6BU)-I{_j!w15yugg|l^f_v}Z zcg}a7@1Eyg{L3ehXRfv8nsdBkjCV|}_on7&tA!lv?5jb$1Fb^PQIur z4842otDT1G7DipJ>51(0iFH}EinQ_JLNIVwqcNs#gbVGe8&$anTTVFdFN8eXs<`dl z#9L6C{*Xd_Uc_AE7JZ18_~zaP=zw_;DZ8i zkWZ;`cP9|hC*_vsHX>Kt6JWQRLsT)Z9$djvz8P@u@g*5b^Bme}p*ua*D(Qw?xq;;f z3ansFek9ra`HIb>IrJo-*1+^N)YNnTWib#k;Ybz_wb)Mm^`Q7r4Vtnnw#TkdE+7DAj(-OqgvLOY5M>r+vr)cQ_$a5*sz3` zk5Z%V{9P!(g>^yczas|{YEnD=iqizwEbDSxVV_Y<3sv8MmWh#P6Zs0L34PiDf*a>j ze+M>WLc)^LH;(~?I2JO z$@TJu=YKg@Eq!=lcw})knfgN#f1}y)S=a^Q-4dz=+_BZ19*45~6`Q5BN*Qw z?IU-yAOn5)E&PK}6+&U)t7Rp2=dtm#5AyTNX;zmUh2BLJfISx9P;#&FPhggb<2=z# zX!efNc&iu4GxVP3M-JE1Q%$F*2}m5BaV4C-4rl;ipNdAME$H7}2AJwxTeFVk^23Az zYRw?Z$i(7`fY$kq{0oTT?H6`HBp9a7e3+D2)RX3XAG++7|EC1V+&}738;$(y`Vr&; zdeolE?L@R2Fn4!rrqc8^2&@Lax-d;nWumy5$-uiI%{JHn*^Oj32?$N!x(6PYY?}Z{ zIAG1{wE>sVKXuF(UpR6Aw#(r7<8DEg|JJfI^`Visk4z(Kjtq(j3BumpQ!kI|C zYdntr{z=?j4wB!h{(ip!es1K|G&(fuN6#FG=d)h&iyf;cyi(>9c^Afc*!bV|-w=Mq z!Y_7dMDPB$uAhmCoD0JUhI4Vb;#31^lFdFcnx^@^qM!0ls;5qAUN&+fPrm&Gk?cPq z^ndDOvvmUc*to#6Tic++KDIaXkI!f^rchByO9Inh-H? z(jGziuqNc?ZaExLD5cXx=ksJ#vSyYHVEq&D3!CN@8Bf1_ss+6mBhUNcl_Q29>~5ss ztb8(gfhh)Vs`-41(pWkTsH~yuzg7q;C00G68PJ`_Fwe=M`Mb7*LNpWN8x8FjZXdn# zIeq`(7R~Yp+@kfs>D!W@re0-D9>${0*j*TV&tCnh@**cXsq~Di)M4kas=dpj5O=Sy z)6E}}eXi`XBpSTMQnm(z42xPNgR9a4{Y5D5L2 zDRP(!E{6kg1|i$>7*D{LRMCQK9`QU^?Ob;UOd)6WtI?Yu;IyUR76_pqRG`)9rohc7 zmu*nZntRQw7dQ``f)E`3+|?~h#YflgB2*>hGLt_!{-6HNv(1JYK&%*rhC%?ltxe{< z7o5rD!T8p*XO_m7a&4=fn(|+!zpi$w7=$+jew2Pe#aH!m!&OFaPszn7+1)SY zwYL1)pxeOd#Z1{AzPV!Sq4Y8e2uYwm>?}JxYe zn;nmyx?larhiAHo(7`+Nfv$lv*8j5;P8aBeTbBYl;Z7ZQ!hIQ1#a7SN zJlL+LX;eZo6%4(IwiiWyKh55H;8d(BC(H~i6nm43*~-15%zW4bE{BE<^$hsH?Y%`H z++TZC9DcM6K0zFbH&Z~IN6~I~v9Y!x_W-7_g3~L{TUVZ$E|5%)&8b>vg1^H>rE&Gb+PzP6~oeK{e}L6a`Y#R>;Of9wy+q3)w@J{`kW%)gHv|2;$A^hW`>ud;7;%AP+G^si>R6d)syEdPAe zY)jH@yEI?)@q9YLtke2b4zmuNw4%0Z;EM)Ytd4(PgDd|@z4C7M0RKaAzp(qi$-w&a z#Y=SmCr+Cki#SSp=qBycL$>=lfV5}+qabRk|4f)>Xai1s15|Pg(?vH(UG-d=m<3?u zO=R$-dhXb{-Dj-t5*ZP4eDG%fOxh>wMu7%;xx^II`x1Uzl8&+ryvZDej7N@wVgpl0 zQb#|zdi0Ti(}I93>6b)V7_E~je(#I~I7#xJBX@B0a6UrB=sKK`DulL}S8 z>#zm$yXlzO>NS7+G@0ovG#Ch#-9_*GWFs?ud7bW8Bam~Tx795BKc%<-D^La82u*}N zZ1Fw|C(rPC z6~S9;c~Y;s^->P9(Kh0)uT$*EUCa+md|}j;vA7zkJrl+MnvXEslPZKZtO7r+0e5*C z_?gTt^|^okpTby=d;CQc@eHsZc7UNI`2p(i#C!j~m2JuVwb=Uqpt^sk8YuVxsSa0sI-{)S1&{cLy_=?TqqslP*}kyIJB=htr!ACo+qNdSqN=xP=svHGme3nbwUCSe`1 zH9#|;y8>> zkY9);{Eb@K|5wy{3e4K|se(czVO!M+@x`|8IavnuY$Lt~BV2D|D(YsYvZq4Fijc;9 zxIQI6lJ2+(@s^kKlW>u;J;bb^yhI!4JkdQipVLAGQyhIHZF_1e(FNKt!{VN_QE!uF z@hRt1)P!=JzSvK3v0SkGDY*@nm&Z{x%!>81lfT0iK;|J5_;sX~tk-Q_3@y{d=dHt> zat2-;{QF_h@TujuPq_}073}I+{ti|+B(J+o4&bNp#6!?Z{tsw91Ax}K5dS~y^*q_o zX@I?cX&uwt&RYdH<;)dON@y?F5F#A>pohKiIm(gV1&)4s>68ydOSMdnAD&mrz>-i} z>=CLsI&V+d%*hdcOa?D~|J2lxW<#Vg)y<_FiV$FY-x~$Y)DCx{g0yO#?vzn6|Ftzy zB-7U;mfH3dt>s=S(2`(JYxJc4BX`5zqeD9+@pvDwvuO{b=*-J_yV%>?mgj3zx*u7` zJ(>IVJmtB3Eg)3*g%=PiY=i&4I&**>JP|(cxK8pky$qxr&~PO(g33-q)m%PG*|I;{ zQi(gFsUPd8Z44LSnADYk4&fV=Sr8>;A&X;pqN30}jSdt{@~8jN(}AZ|$*;E0uR9jV0nxmQcBocU~R3mSu1KKu`}^eng#o2q3`thBSUF|0QqquFJT#c% zY}>10>gVVv>~3;89J}`pIE}{4d?3*_q}+YlD=6{Uum3oc?OWYFN#TKmH6ZpYCd&o@ zv~(#z`x6_KBE;=?`%~wEGg)ud4_6syG9UMnqPo6t&)O^XMSw9?bcc0IL9lAT9cq#t zu)pmtJzbZ(!@Dh+%{6g~t7HGY2ULANO8I zo+GT(j`E!S)5TOr!Y;0W`JOd8tx#TQb9i1h?-??b^~N0tXz+Y|7|px~ zqw$Ez0C9UiHD}fiLv!h8X_rNovw~P9*QT5gJCy_;8LMMn8C1U5{7(+q@R&m$<HhS)3-TtgGLP7wGdZGlpbfHw?oDrkbzHrlGUxTw z?*Wo>NT-SK6tRIR>J5l)C9qVkmd>|aRr>3%NbFKl$89%s_G~89}@TBmN!qEX17TO*WzlgwJXz)ft*BJz|gm@fY@S`p& zN*$&fqQ^R1=Z!rEbT{^WYBL~RF>9SZw*=7CWCdSVojbRm)c$Zy0ldrZuchl{j} zi$^=F=8>tzf{YU1nK9K&3FIxSt@MUoZH9Pd$wDV?%IvF2C+Y`V=WXwkM;sqQF~u;C|om3ZA5m^4KPbjXrjW$37Yh-l{s{L0{;$qDcO% z0;bK|rd2v>1qCfE;$!~I)UnrMGe5IVrG>?~;Y(2QZzqBrAV`~BXPBzY1$FtGeFw;Q zyGoViJzY(%#p49^YBw*uiSW$WDnUm_E~6*l=W=dRO^LMlo7{?K5o#?|he>97UfZTr zT@5RiX9hdB(VHvW?)9ra)s17K=V+WOJHFxTgT7v)om4B&7F-L%uPJrfc8{j=9~Xo_ z?Uq&vrlcCnFiz3gEaRE99}u6F)A}?F(#PV~iKVbf7JebA_fQXmJDGx;|HNFpg6$vR zQI6_8Qy~$ReeDexqcaNSdJo5L9WNLsTyXF2waT4O)!T)qvO&r;VgGf;{qz49 z)Cw(sN{karH-rE;^3l(Wv!^{`wKR&bD0>>4Odv9;=~}5UPuy{@W!17c3M@k3nI%>PhCnAv}^Zhx;Qu2v5<}2LX6)lvB*HfcL_gm}w zle(Ol5}m36)NCraio_9TwSCBr{Ese@o%PD2iZ%Q*4wXwdE_+|ZQ&geTlz z((ArYZFG*(P$k&nK9sySN2l=`+R<6KTAH#V_9M(-{J>+ksLN-AlH%cCY}$Wa^j-2J zYTpp0c{@Q*dgUu4$`(3o27_AS{QYH{2h0;a(@PrXlA5`b*#ZT)-PBgg^Q&SvyeE(~ zZc>Edi28RgMYF=?&frQ6ZKn?GFHVT%yQ?RxBIY$*b!8YuNQ@t(oOoM;dpck9giiYp z${a5a2ET%rCa)1$q)>9d`a>el|5D=VY(j5#6bFOW5@BaS5~x0VW2mvZUrwy8LV0ba zdE8D33Le~Y!|zArY@cG-s+rs5+*bW=c4qnl?m;!vUuNJhGfGy7%517HJ-w@&wLDm@x6|k-(@avD>V42m8{t^w0TQ$Z#2`W2HXzGF%%uFZy3EP zp@{8%=QS-X;Ox(o%Ia@X$}aGQy0evT^k}NS5c;-Qd%c!9IrEZ$fQQznPf-rTc7kpK z1`xJYbw@VLr?Y}Ia9*z_S1MSvFzmg&*=K9Vwy)s~<5kMpGfIsIM5${*=z|)JO;8Eb z%4&fzbqKn7(xKcmU~t$cA^B(aH=EPRzpW>xzUK5^Uud8+9aB+bo4jXly?QEN?f_3d z@ZSn8{!1qMo1y*IBma1Go?zXhvID3a{H}$b*_mEjy|~JVHXkXrHN%F=fiaQ&w>S5H zv5o~lB#eBkbV4V|-u2v0=A*izAb%B?*O3=6Z3Fcs2qyS#h*tfzp|y(2D`1R*p)G!0vj4z6)AM_= zNV9)F^sm*N(fCpGaLHa$B@MLMC9qOwon4Ws-R)|a3HdL|8@X7Xy6g`7n_NC>sl2uf zQFGoCQ#GE68fp~xK2M(VlBEoi!<8i4PGRgX#)){Zw8aH|UwArp>1C3DaoZhnV4G0V zZq_5o`r}Z?%f7|t?*%-vtMZlT)!7B3Tt+o^F8PC)4Olr%LZ*x4PRFiIuDwPnt=9zS zIV7Q`e_fiP=?AXKP9b_J=gSRt@{taMc(N!3*#)nuUW5>1F)oO)e}}(hH}-oeEjCID z=5$R+spJK`_paLnjdZ?RbtQk^lwYSKv)TKY#ESbZs#B5M83N_bQ!1;TrQ+K~{x_0R z1l_k1-kH&ntwqNR+>ky}XI`8N2@DBYMmk?^wjsTBNHSS%5nO)QtzuHy^i4V8eS>lR z273S3Uf$jN95kgms+M-SVRg(e${85j;}X@ge7I$KT)R_goE|+zco98hD7xdT9@h%r z@R6M!hEb8;TU#B!kbRS&EtM}*ArvR?{lX*S3%Vz3s(u( z=ohvpa*K>`=$JP=<<1;YBTeA$%yWE5d_cL90?DR1Z1FN}&>C;N_R$-|smsN}f0Nc} z@y95t8*$kw+KHOqPK&*@5pAi`fpMqSXr)&T=~H|KY681acZ~3yrbnOAptD*n?ya2R zU@Pf;BiL&@-ZRmhy1kjQEsW>xBd;J$6t-vAxyicK?RrLcV0p2B*k#vTAtRdwEz44N zugbd*BP_6l?kJs#$ZTpLoMc2~n)}F}}BC4GW zl4EAGe;BQ1(ihUGapP?hNvTiym&KQ4DWfgmw*N-rdxSVaF6?sOxch{#BgQa7h%>9L z8O&9(Q{l6dB-t4eoHt*eNS$l?JzpRW+Fjdt&*j0j7Ry*QW`seNX1Qcv zme`+vGP`STjG({->vWyJwaNK(^X)6IBDYqRX(+2<)pi1*RM6k$J_=bsAbk_aU4vNH zHLC)8C)U!t(rkV(gtTkkk6$4=>Ift#n$vp|1ZDiRMa(y-BGAb=c2|BS4v{qDP3Y%H z2!VFG=DlKKXy5s6V^YP=47*u`+JKSC+EZRx^yJ8(-WTW$uqil7fV`WzC0aFmi zKIIb8vCa2G7D|g5WrrhPYaKLez!#CXnxJY1#keX~=EX62o;W^rx~m!%sCr-;`FE#k z`#5d**p^<@VT||hw(%cnbRX$BPG(C9Yi=g(z#zNDf2^`Ee|xAoV!SAMvtFY-vhzc~}H9L;V3Di)Ng{bPGD;mcJ4 zBELpyA%8wU;UPQvQ11A>JaMA(;lBate~VQA{XzdAC2i|goYrD#`?{K{6V)!opKtq= zI6R6+5I4$5Qo{riS`vcmhP7|@y_Yg>W)2{3eGF)k9^YRqn=~SIn+`Oa--vbgD($Gf z+5SA2TNHl)N_l71in38(RM_Y&Cl$S!Yq#IZlHe^rxNp)>HYXqrSzdOTUkG5SgRYkG zZUCOW6Wh&mnKknrU13H{t5h9i2PU=9PM)*swQI-8xb1rcROI|ZXFRcZM2X(@uGk&k zis7QQo~8wX&&Bzu`2fjI6B)hhJMkyQRvpZ(wAWwL@xAAxvfHv5_=Dvwo_v^@b&+M4 zx1JX!xjI#{W04Ar>H&kaxzE#5rTqx@f>$J*{8T=S&B^E$%Eci@7HvW`Z>3RjQ(5#c z1e6tP>70U}pj^fe#}m)-!c`LBzZM?+Z0Zx38@9K`L62|Tg1Ot@-kH98O18C2F{t^O zaPYVwe9y8i{jp(7@Y*_WyQwPsXepu<*ES4cAPU0c=K~W_4|h7(%8jr2v+gX3Qu_!D z?e|tjPHAscB&)2aR`!?{(@p10e$;K1&2~c~)jm>gnBhwrF-v7(Dr)U4&ZIeHU8;-J zgFS(;36DE5nGHLQLW%UTmq|?}+n9~EZhGxRR5iR63ScP8DQL3MpkuXPN=;Sd9so-&hDVuKC@ryE9F3x)`Lvy z1yQBOlMfcm7*{wWY}1e57{2!dE}1Ok%?4H3EVHq?RIssoq>I22aGB_4oJ;!NW1hhX z3s>7#-c>_{Y5G00?U$gC7D5A)sPukqqZ83)$-2((9p>!kNs1Y<)e2KJ;kB0Cy7nOO z_T9@#@J!>pr;T>>e_gzS?^aG)AVK@3(x?VsOIVGT8 z`_z}U+PU+AP42b^7i4X^VZ%|jrD~`*K=t(KIW4M%VdiR>`nqrs$u4*LI-A?ixfq|M zYvLdPCnj{qcp4jTggQIO8Z=(1I=mJx02(^JP`-IXV=Q?q&9=5+Q1E`sQ%5yI_&^n< zcpvCOBmc(gad~*3f+V(1?HY;DWNalSCs*78&tgw*w@3Io`mA$oyWv|N$#K_G*x~dI z%$ji7C6!Qo>JqW;qx_t;cTCB$4P9&a7ihXh2r`)4{El0~=f9 zTSg4tUqc+5|Jt(j3OIpsE^ts>w=j5JF^TF&J03LNG5e$~(K)psJXvOy+OL3 z`1Z#p7(Hfs@G_MXs@RiNvE$Lmw_3(_g{}QM{XWiI!KQ+!cKdSrVzBWScK9X1vx#nkT$wdIp2&zb}7Y3H7$jax_8ocWgu+qNoYlN+BN zvmMRztM4XUE>lts`*z8p{6pU<5Y#OOwpj&f#+hRMQ0a>hIDLZY|m4f6ZI|O9V_@!n$+Hhoi7Yn z=Tj~;-P%||1j9P+{jnn0@K3n78aZc(U6k(a2t?lSC8%QI)MvUEAMdmS@8!HEr-LY1)URjse=~OR_1&4Ezi|#Pp`7GM&Bg%U%J8- z3G5zj)?G5Ab%3AKI6a~MQCXBI+_LR@Rj-=D6zlxd{S}>rxE^v?5Vv*250N5{4*ly1 zo!}u-yv)Hi-2^Ax}QHyD*}L6y@NL8ar*mv1}rmnG>|Iw~`YE?KM#E zU^p+kwV;J{k$%w9raf-_rdb#7Y~iNFXxqjFOB`6Jp{=~_tR??^194^hiW8`@y@d_2 zgVaA8|lqsIAQ9U(!rM$<=6R99_2)Bm=nWbg5BQ`a=U#G7Ca}rtDZ&Ng*C@mlXgw> zwpN$Rzu#4N2iBM(BelYekWvH(HoKoZCC27gHm$bg?ORU8BGltLs|TS@nml;{AytpM zBNf8ChPzn%>3RzE+iv5VEkwR5`I@}3YF&R_1Le)$DiL{-pzEsO<}xM_aJt{|jBTD- z`g3ZX(LoM^MEATjsHjasqBmG1>l;=fNpS0AUuV{+Ms>L;6<=}M%A^EwwP1eh*cl3s zK#&d|n>70_BkcIh3krTdnj*g#Isc6CQpLs>YZcq@-}0iR|CJZ*EdDUvq^l|xvFF)Q zFf^#am!1T*3Ecy@ycQRggAq_Sh>69ctX@I?DRBig=9 zyVuw&qPLGF?Z-ma2|+cuo4ipiS=a@v;k>JVPkQf5?|&=^58PS; zBPv~}vYW^*FxY0scp=3ZBP=#`aFEM?P~fLxmbsg>-}4H`S`b+R$8tq1NK4Nuws3HgP`x&7;ZVkfHs zMEggMKXD@Ej{JYegI3SnwtV_G0(#-}{OiBiQ|T!eS6*jD%k`wS^`Uv(JH+2dFQn-E zl@n2|i{oVn9PJ=duh-TZh@^a2^DJ+jxv?D|%y4tPeNi-WVR6ry7>#4-Ebwh`*Z#in z_!^IPUEKz0=CzO{Q64G?@-dA&(8Y)`(#689*e#!b099fDV%#KtJeOfydd6e<{q{C4 z;^61w^=Tj8PQt>1=!tI(R84HUR#x*q1t|j?fekf{Za>4~G>&d>+u{Zc1Qgk(dvF6D z$FJXheEQg>Q(P{Ik3;;05oA%jX1Dbm;K<|wu!;9sD{|-w+k>03O_xD;F+Jt+sB0$Q z=Fa+rI$C__NYxX!gbyZ3C2i9lKe-!^==nXO*K>lGSmys0 zRXV_`Cc)R*Kf@P$tqr9R+Kg>kozCXEg;&q0y%YK9zmp3R>}b$IAGj3}{}-&vWBFAs zeV?7m`9o(MWLQ9!=zDd7!pqBAk!UBVAa@{L{e0DXD+zC8D$q_r&93wZpK9whXq?C0 z!Em%viqeZwY{9fB{f_&>SjvQk__>Y8;f88W&dVh-^l?B1 zVYYndC@c}QaTc3TOes6T@^eQ!0dw|6l^#DOm#h}W5GZ17i-F}7Vtr+~ZM_Yq41_Dr_K<;Ej8Ve;f_TJiHg(;?h;)XZNz!I=k*i@?-M^vsq^*{Zk za^?v-?M^n65+e<|qbMM@HQe%7A0+WkINfyBHZB==jPd#&a#7M+Z7pd_O58Sq?EDOt z#%}yjKvP4}e;7{-g^SxID5^kNpF_g4y>2!0)xQW&9)ht=rb}(~xB$Jvxs>!|2R#KQ z>P(kM7{SQ;qQH4Du18a7%Tee_$U5I5G|^kfcsu`r#VkI#+Hk73Pf@{xP9^oW88<> zir#^c`6?#I+^L3*NBG`AdOG-oI9bQ~<(s9?)aj+8WVmw~J$VEiZ`z!@yR)xu_;ShK z8FgM_^4+-iTpY)kT9AvN)$86bDwlLgPD|L3`G71)YkTyFT0WNkojm<*u!p+roEw*e ze(q=m@cE-TD{2A;LyBz1vR`lHFr{9;fDr9jG^x+I40l{H}l1 zf$JtI@T7&hNsph+FAmSX(in_6K-%EbBDh@$CRHqo9?usB*p)n`qqDO)Za?L&1E)_u zLUUh{?+nyc+QbTk+ZHvIDtH_y+xwsKlO&ADDYE#gH2PEC@&pY)8z0MXCV8be*gAq` z5GOf4^Axk^cNvMZJ0t}?Y?wDr4r4xY`rSX-9~3$_HxDd_#sF;n`0x<6e%(KWtxf=J z#oRUhk~4_`{IlrZyU)0n!Os`$hP60#JCcyMBK>?gMZw;zhE_6fR|+qb47u-8a;|wn z))(CiSA4JeINEX6KH(Ii-CO^u4zW5)1v+t}JN7zv5hED~<2uJpEbM;;skmAV@?(%1 z@v>-{4NlGGoCu*j1gSY)`gI{q?9k<<6;Q%PZn zkgk(?L2^2Kp_Bl2;+SVCW*KnlA03VVWi#xQ8LJsvmo(Y`{hWAo_XhQIVrRsMkMZF$So4#*Plj_$1HidwvL= zu<9hLhx1?vtiZ(8j(x(UWCC;3scm%C6JmB|>p>>?d|&V3sxy1Ujnd{Fa--F$@hp=& zN95?^@llbZn`?685MOk2eEhlZz5$R~>8QjGcz!2ct5i22vlO|B=f2{uC#H2p%5&(b zxk*7(O|%^0q}q}R6$`@>ygU@Z_yGiEE_(TjHlWlK5``6ZLiy zqT*2E7e5%{$&Z1j&kG)F)c*#wB`MiOO*M-S-)pyzv3&OGFBA=+CjnyhIpM1Z2OI*xDu1&B2O#`6#h`pTiJes!B3Egit0 zUm6~6|0mM4I5(f;A24eZ6m(p-pE%KX&*q=hF6n^((FZ>DGqZZr(H)b*<5Pw0m|L)0 z60a)R|Ma6}&>ogbOoU!d07UU=H#Hgsm44<6=orjz>U{tX=*Y$$APEhv+;?Q_Fxuiv~LH*TlxiJsny zKLOA3cjueb$CU;KYQS!|RF4NW7EO{18*oDThW;(hXXv$jn+Z}0>uIwm&Q02=F4jbL zrIY0gD1DQXgzn)+Em%D!_Y(BVTKzsg4dsQEbVps?4hZGJn-OS(&U-~QGwlco60m8yG$V{^odtysa?|4`*&{wFYj4Gk5nFyX{| z8AL|IGO!e+8(MnEkCG#^_bfff`6)or+=1OvXDEb8ekHNLt70ls)r=^XWTfFq9E`F56a8J|EIV2z+E3TD3c>EBdd3N% z;u~#b3ns=;IjB!z@*N`?Ke}Jd3Fc8O`k-p4Kvo(5Q^oF#vx&h2;%~(rNlx+Qe5^qs zKFGIfg<){pWhtR?F8Nqlj~)RS(0bSmxM{~qbF|Y-3WG5ePdl(vFmC%q-~T=93f5-a zcB;hwk z$New8-XIU=Nd#&QGp4`A^|o}+#Pc&nB_5#1lcEBCdCDKIGXj$N{otB~hpO#k!4GmR zYX&C<`Y#+_6%W81_ToBlM3I=jkI|dnTGM_!Nn~FUGz@nvRQuvZU!743Z0S<*J zHSAbJA8VyMHa-9vIvxLSHuQbh|H6hE-jMnqu%QG9z=ocBe$0mM*B!H=550f0p?aAB z8yfhvdS~9moD=@#d>%NV`*6&MZ0BiRy9KL}IW9BQL~d+d^#ir}AFUjpWv))t@E?u+ zg5+Mehzwgq80VTQL>+7WW)ViITqTYXRT>qUzfZdJv%V4j=P+5m_t&{Qf@0pbemRoH zBh;5>eoN!)zoqeV&wr%xTYi8v9sxU~K4ZrWZlxSjpAYwy)(cPzbvkbG88!xz5}$u9 z?C6~y#ey6ctfFtW4z4#>b%x0pB#=KRq9}#uX~qxlZ$A7?3a=yU@MR&&@Xp+iw@wL@ z8u~2$8~(E;P=_`6VS7sPP|FDGw=b}*1NG`Gp{pbLCYeknlYAXJ*O*dDM>uFMN;_pAxe`HsCs(6A&)38|!yRr@jQ@(*Z6n3c2Hw6iIK?F+jYF%WYk@el^d4rzR-M-w>#SZPK3Xd_^VaKXec%^ zxQWDc=7{B#ovZ!Ba<=B)tzJSWjZuHhr32l<=(1j-czA> zeL7HbHa2m@QqrE_Inb)PSoI<%m)eR{r5U5(z7RxobKho-Me8sAI##!40YR&;qp-tB zb=}7N_09H0e0UQA9K8;vRx-* zx%IeZ>R0D`ene9S4J2Fe3X~L^5${5nQDx-cr9oJs8XXgJiJni{-PW6X^1!2&RnFo^ z+Hr2>NbkybU~H~ZLTsbmlRO828eKMNKe*6;%wJ~h4HxmDE{e{tg8v*fYm=)!LL!X8 z(pJ);sP+odevg*FwDE}8qHTmlu}*9!7mZf`4&K6FNCM&-{ac{4Q(*n-IBazrY1ahn zceKlOcv2Quu)A3hRhN{=tS`GOL@_!y9p4qCN8bCkZ%|K zsd(mJJQIi3&`i`#fZZVvcb@+6{9Zy1GRF1kdh-rJPy_jn&zT;O^x*BmGj9V=*Td)q zP2cK_B-V*K2}5BJnyTMIxCTm1Kx+joSkh3K>em?qETF)vlLHoopYcdv%xsvh(>~-Y z5h6SF{ZbR13-m|$K`qjVg@1x(eK@s>L+lSE6Khhl`YI<6h}^q3|MwzyL@5es~EO+^I#-*!vZ zBHp1c@hRhk=*zGh$D_~ix;uMHTAkjG+kMnR)LOP1(7XXjTD13UtIRttxxw!AmD;}5~_ zl%a`!l3VvR{ror235&6krfMC(UO4Vwh3|`x5f#_@OJeJt&01qd=jFg-uvntB5Kxn) z!*CC5P*Nu1h~dv}GT3IwG7chJUjkil-t(tXTyAP3taHYP0qp1UJy(_P6LZ2FSnU3#8L|J&V_Tb|sZo6TC8J*NGZO>MOJ$M`i z4&f|M1!S#h3EgbU)3YTY&(DVFBrS<25lLhd8D`8=ZAPjh#k9cST^IK4cFi{3Fow_T zm+|Uu=f2+tz{~zf=kD*o*cTP0Pg=g|IDXe6TRnuMhs6%K0Ja>jzY#1RPRkLBJ)L3L zb?&18I42410@OV_<<|a$Hp4MMmAAkzy#99fUTJTU=d=XHtx+#5U<9eLr zz3fH(#8Td+0>P*Nj5JI#yz;59s{zliCcon0F8{jLN8P5*8T%i-6LF4PNe=95$hwZx z`a&p>Nj=}A!IH-YUOb2$x8~n<^AGJl+?!CDT~*J~(fL7TDvM6u<@oW}N(?0#wHWpH zYm5!W(^S7QYxceLoXXd9nyyqufAx(py_`iO(Ll5>k^1O#(|23J$(J;A|9e?e!%*tIh zt&|1DfFJulk+ke8?+1e7_k7kb_wvYb81=fVHKd|mc#gkavEQ=cZ))VS*vc|x1YE(n zJ~m8zP{wJ!^V}uy;2J}V)C84Q&1aH;4|Qv&Bkgx-eAQF2v!BWyiu*PetlAmVXj`(7 zN{;oay;Y$Mn+Q|{ND!S6XL#qr4yx<6wbw!O9T^*mc@q{8o7>iG z>*GJu4ExT`f}#u@s5jijyxtQ2{nmX{0t83(%2N-aSACw-0M&G6CbLy*Rwkdr((9tN zApfr*!m$7Mh7BQ-8H~t4(Em-1lt5d$NG{d}P*;fq!Gc>t&zqz}JKUvucIy(q{$#B0 zaS(i>q%{1x^+WH5`@{rX$(rwkJ8m(r2W*%Z6@ zYx~<3ILRe&XYRW=RS@7rEo|E<&8$<xXIybA?hrWkCxu9{v;AEX+b8bvi?1m3`*rO-eEH(-!Ihz}Aw9ukF7L*qNjmCRt3D zt9-MGHSRRDZmhXblQ{N9t5_h-E8j42igiAV^PKu(HKJ#;dUq5BGwx9VY{DEUy@DeTrRj~%TNGq z|9b|Q(Bz63wGo-NDj-kcjbb2CTOL#mQ(IfO59c|`)C_74q|z!t)PIF{{e->`g0k8< zdsBWMybiFY*0v6Y>gy$E&45#gKKA-a$zZgLs2>SzjPeLM{CeYaF2Ak0?j3b7z2N2Z z;+bh{B>q5&A@-DXK^rOTWl&cz;~*{S*DaanvG?i*Gn7Np2JfH6(mx?HoN?rdpoRv} z0!~(IZu`~BQ@XNjb-Nd@P5GWV4euoEIcI{i${ExNNb*52X6dwZGDwEJ6kjW4TataR zD}{zGXxXH)TrymwOYOsw5w%2?EJu^cmO}Y>9hhd-AN9h!{`7C#ewsgteSFetX zrnb&%!c1>3g3T>EbkDNd4!Y!AGITq0@Rb{f zjSYXf+T{g@R*|bq1)!40@Hj!(qo_+7N-gXYN`936y0M+W=qPPPHL$YV;l`@xiW7|c z{WSR-0n?0Uq_QVyN24uk4~gf`;$@rP;!W_Q zW#N|$Hp@0hzeaaYsw8k8NP)h-BBx#O-}f>m&S@BodmQ>IuFpRRjKCMDTcz?sZV!If zo6r|ZOJBF;pp+;c6F+l_A0Auc(0sFatu$V8Q_#fHF#nBUwK?}dz%*$=$e`d^!)e;C zn>10EZ9cR1w79jJR!dqV&Kiw9O4UVg)%&fim7?(Ixx!#=-mIl&;W>FVyQTb{F@H(@ z!#$wn?`sGdpyPjKlEf$~AbSw(i|FbR(#c5>n{YbSV+s=`6J+t^i(eBdlDu?aG#M`T1EydG3s|VGx=&B@LD;4;ke7UWb92VzW#;00=4IyiVNf~bL2#GYyq6gP){^0FcZFHVRv9$Gho z)-?SP-?#kh&F7xAO7EJ;nnP5^s0?>=WBmN9lALAU=%6_gE=(zpuDavAJy4ai-GQuJ zvQa_>6oEf}xhZiI_bj>GfXf4vW%w%V=V@V}RiQtfr+{@;9h1{_n%3g3@4@R%p226f z@$|r!*6u5HrbbhMw3gEWq2nuGL#|6pLc9j%jJ^p(dLW5{qU|;IeQ{;&KcK+bNZa-F z!*NgVGCGAZs*rPOd!S}tZKOSs;0R3XNFAB#aOQY-lo@f~IQ;_&f9M+p;eY!^QkQO? z;h$8$y>WK;(ZK7j2hJU=;nKWSvm8eK>oS@xs=mdsll4;7CLh(l$k?2zED?HBLcQDQ zah5J$LTe_P;GN`zethvF!SYVEGdEuo7`EPQyhFTZoWG5oYl3b5eAV^6I(xFZ+U_3Z zE#>H|s;3oXRh#aV_0k98Gwsop_x(?+DdngL$M)F9Fw$m^qBTR*rH)ix-P;Ra9qGIVdvGfCf&p6l@f87dc^pb@#!p$f_|3*CF-SyyD&}f` zd*w)PNOYXDmMViV5>L(2j)Nuun!9V)u zZ^rzER6S_+Z=OAa_22&C|7d~x|L+5}N0yoFhwhg3FNZFH<5KO!l0nP2|7f85axLUT zz&e+Y|DhnXr-y*Zh~ZwUxH?I`T0N$RKH0u6p2;fzXyMZi0-P9MZ>pQzgOTio3uzCM z1;wR#1Bk^Az|PTi$Re8*w3n_UpdWzNwMkBvQ%`9mL4Zlv&5O_`1p>;f5nT6RnoIT8 z1AHmd{kqjw6G@?jqnb1$0rof@55xZo#v^iq@hE+f-{wtSOV1A=gLX;4F$`E+UDx?w zCp*f0v$^5nJpj@XKCBjnwoblFk662r*vQ^cto(WBxD>9Oi%p+<$Wttu?<4gf7XFs%{vxn%`tmX-&L=f;CJ&q4xcM`U2@psYUOJ5b>9`BrZYQA;fWdvb zcs`Scw7+Z$_-mT)WoE61y>%G2n%}A?wO*p6*#SJ-Znd|l<45M-LQ`K7y8a*1-a0DE zwO=1c-6kRyBE1y^B^5zB1Su&60cmNF7`g@ql`tr2X^@TqrG^?tLFrCmU=U%b0frie zA;0$s``!CJ=RIqk-|zU3YpEmi)csudRiB@C`A^|rcP1{Ax3CUU?_Gpoaa=C6Snr!E zVcPOtm>+M~m#7CVMPX0pCe8!!JA5IS$31Ax80}gp@x?D ztOflrH^#*yz7{5p?W`9VQNxIBOdW~xVx?Ka8#sd0VOCY;5S}+ndd$230Blck5ypE3 zY=+9VcrTsRmwvtvHol5k8N;-K3)Hd~XlD-aSU;34}3bjz;ooSwgGm`B= zTj}D&w$p3gU|S6(-A#%+xHil4|1gqw{(KWGq;h;Y`B6q7J!1`LB4x%N7mjQNAp)Jz zE~RxI_|^rkv9%s-Zd)CmE2d}q;^KhB>RZr;2!ji(V_2U1JaQig&3doHZ`EP!2p^y9 z42=zjmMy^~Z+=w79O1U7D82N{_D896@r>kfL|fd_$TQ?o4#sx2yQ?G>KLW)or+Lur2AM+F`@O zPStY*ER20Y?XP>iKdwq&LF|`7*2`RAv5@|K_o9+(C-+tb#uRavT29KDi>Fi+vm8Ee z!X|F-oS}dm}=vyQ9fClm{Hv!I#Iq$$1o`RcQ-2_)DZ5LU+F~CpCDIg z6DOu)Y4?GxCb?WuIB#s1sVc7xoYVfrvZd#eH?PmEP^gXXC5#dn`azf@wV7}*dzQl7 zZ9_&bD`4Ae)1S%h&hKnegb-E&KGk(?RLl?enrRJU@F_XGQz*pFk?PE2RGW+aBgH5) zCfe1THd8OObBlMaxp>EYbByAPSWmKd)B@*qWweh9M>^ET_b3TuSiDZ2>Nz3EWD{j| z?vRN3$#(g9Ww(;=q>0tKQ)i&LXsN*s;z6Rzd(W!vykhd|9=d|x*ReW5_`0Rb$ex7h zER~neKH1{p{ruvXks1!udAKrBI411MZf&u7)@sZn2O3z@i9pjoY9#q_ zh>l3hax8As3=TJt%ujW!VQ}tsZyKcN>jm9LN{tQAZtMMebCvie;N38Yunqd1G>Rj3 zyfW%ZE|Ux<{k3eWmFj$)xNfg@REYY1Z@_@ke9Y)Bzu4X9v4L~$bzALfk6_C<{Pehk z_iC_xWp3AGL|{PxODxU>dG}Wu2+k3F-ghgy!W`r+T{_E;Og+}kZ6TWp`epwL3BS(_ zrlKu+RcmaCN{VcKulqwL!VP?n*D_J+)S<091zP&Id@8RQ7o)L_TV}cfseJrKhLK}| zkLga^gS-+We1TGDUBY1GlM8K#VL4t%+1`Q>b6kg1%i*DJdUTYKQdce(f7o;4GDI$%<6d-rAGDR>`Q=`p8kb(kK_>b3zoGVI0LR z!SkPN{`^o`HhBIz$0qbuY-;?UwPD)r5{7lp8rIlEBfme?a%f~v8+0>cF$;K^0V=ay;*g;v)*!pkKuhLhXI*Z(8nm2ZF*N}Rg`m$6mh@>qT}+^uEVv2 zR$o3eY(kHJZ=mEC(^ivod}rVy4E>0e*&-M`7_`*~J04r1c~;E9)m@(7{5vO8P0yJR z*{xIQzh{o?-dOJX*ev>3!THm!G`oBhm%H1yuN}&F-=c+=jUXUs%7E)ZL5mZXVPl;^ z?Kw~W^iT#5na@*@wMJw1Hru!nel0YyZ9bI_xMsrdMl7Rofoi^M2oAH4y26W6` z5HR>69E-^0_fU2Bcmp8 zi34B1xel>ULL0Df4$&8md0&e zaJWSo`VA|wvQUg=uokEA>R{CtycvKmK&%bef9CiOF9E->CKauoE>gt4;mU7UX=_N{ zqoJm%hpN*$8&g(mI!P8&$I_qzA;UVxMxUsz06GP444IKf+IECA&I3_jFmHDJ;QjjI z?3VeYU)b(U-X5tBH8t$#W0hi?n@c-j60vx4btIIjw2%h=LsZJkNOFJS7#+(enpSf3 z?H&_ zNMTFpG5v50FVr{Rw$EW1HXgs>g~>R6W3dha*?aZJ(g$`^TwtG=a2(ws+^N?Dx`3G3 zUho${%zJNRQ4f2|%QjLxZm@ti|F^7J#Y>tIHF`0_FIja9pJ227QdXJO#b!>v>AS7w z-QfV|Zox7R$#D^UMm%?iiUW6sSPxER=RZ8?a4uHf&aRGTOM*-$aLindAe%8X8#Zc9 zIFU<##MI;)pU5e0wX_QhT}$)YwY7yLXF!+ArYBo9hQatxV1xssejT9UpKKssX-dTS-gR;j z9##A8U#@KZ0i%0Za2W&p3D>7iU7Nyq_qoCLZb13A*Ic6RH%NOjR6|53%Iu%c#l2P6 z@J7#!3bEoui*ibWuD@GEH!y$(g;^vB-={XQBa!@*I+qg`trHTzH!cC&algeL&SBnN z&qI*qa>SbF3wN^mW{A4L>tz1G1kwu4p7^N7a94mkCfRCQ@ro_1VfqVhwQlcl16Af& zALX*o+f{y4GSt|HC8kWx46DmEfg$Njv2_is{N?CnfS$3!Al@_LD&H$8v7RiG@dX0^ zY0?sim%B2F+_src7LNR$Ww#dYDogC$`eXI}1-aF8-R$-OeLW({@m9YSH;71_jrEhd zf!o&fvGe3GsTRp}mzurdU`3MVHMFg~`g>nNUfpha*8cb$RgrR5r^WX`hfmob=Kn(@ zr*^*rt^$;M`QCO3JIM5hbfGE3UE(r_t}VZl2a({cM|1~?m)9VK-rq7)+*;`&5r5k{ zZb?Dj=TMK+b;}}eu-FnsUrXCLFRk`N3tlVy`BO_4WQf`fU3U5P2X4D5l$2`(2iz|Z z%KbN0Jq%DO>PAsw>^>3A+Hgq`grw`L*yi) zC|mNDRJ3Ljl@fA!b*=k_`JuP+iSzJz1DDg+=1bbI9q!`3xz$e8Ykg@0MGk`Isn0E9 zJH1w1n;K>LzHd!FTW|Dq1Fsx;i*Ms8qRifHPeuc|7MXeNe^gO67L5=Sv)uQKxGP&{ zB&yI6Eq3}({W$fviiZ)m@&dxYXO90T7{o8Yi6E5j3_VVN&u1);&Pr#!Tto zg6Utd-Gy%?g^|JGHUH8@&?!@d3m7)q1HqsV8YeDKwdRwB^*UJX>U4pYA2Vy8qy4{< zL6;$wS8GOYo0LHpf}rcw4|(8@h82E8N>v?6Krc86yWs-*A@+im3Ei6hm_7R~^j)+; zQET#N7=!KD5O~j(a>3+Kb>qk(w3Kf#m9MjLY=>BNfx0^gox>loFxLF(QQu_Rivt{ve|@*kp#DY7 z{4=S7+x!~^y(s+uZg~7ZeAyp*km+<(J&_yABO@dy~C6#xxBuiY?eEIDD6 zd6m`@Ol!U|)U?&H_VqKhIcHOKbI~m6a4mUJa@nDhoaI4N0_&wNKl0~d0~C3ileJhe z(8`pa%*-Uko!En(CuXatQMaY-a~1#>Y*me~c?yf&KAY|Kw2iv3J}K=7=?HL6@@IUk zANslkz)Cm80jztGf_uE?sl~63>Eh|%kUXPjXwN*R^dDgu|FAQL- zLGcq4IgM|;fV!b`#j@S!c*RFs^(&CExWv=xegc1V>D-OV7OHXiiQGS+X~rrRSD^P# zfXC&RMwvog-cx;e>%xn%lL+{;r#+)TJ*osC7oy-6(Beqhry)4tp@un$7+t{UH% z)6;`?)kIQ1Y#R#w&FjpivtrlvM)Y(e+eB7vxd=Obo`!>K)_b@^hq2W^TF_!`zkQDh z-)-$!JQ>fx^AW(Nfv3U|FHPbN9gj}RKGgt(CgMF!VOE{X9m(@x*8kDOk<^L;20ZY2Jhc@S_UOEaL~ zXNoCFZsdan2V&^FCDtf$2|7WxS(^Oz?Uf^`w$Eba?Y2Efq@ z@Ka(60vHphZvYIk&m+JWl&4rc(yD#wRa4;jX_@dhXVpM6Q|`@1GX9vkLYc8iwwWg@;IP8-)f-Uoh%AjZwMK37(_IvapK zE1n}FQl8~=<+rD>cRKjU5ufFS9X|Ibk$09GZzUBT4!PmDw*4lU3>(&_$O5?f*~R;N zL!BDypGThdELy+GyC9{a3P78&&!o`#0M2sY6FosQ$C~~~bqki9<^|I?CV-|YEJ01k zM1{;Qjdm_=?PjA%q__p-0$MWVhc}RWw`1CN`J=U4lHHhwSoLHteBW4{2)%*+B;a^o zGF-I?YSCEyUI48d91t}!1}weR?S5mbV`{jfY5(ia%+#IP=H2Ow=oL} z$|_kyfd-2Xh$G{_brm_Qcfx5NZ>vs=Tgx+?q?b{V*uUEwEIFDeVQ=2lz+z|C1R_~& zb6*oLE`g}d`CplzBa31x!kZwE-fS7BBt~%FaxR>dVZIT{*nNfoLO>QXHTZt6K3oO_ z)D7e{&n9-x8tJ7<|K@rWJ@8mRDR|n=D1#vNA@lGQS6#NQ ze6!IX77*_=5u?FIP#a45!deZxz4EExa#+~Hn>T{)>lGNu6ykVA%pB-{YK*vxY1l{z zbIO36^NTEh75X%}r_IK9a8>a9v@f5^eC9Gt_{-u+ey2Rrx4px?Lc#(S?e=;C6;Ycy zT>48vkPpSvCB50W;ryU*u}Gdv?#0Y0g_v$qj`-a}p!;IlIixaI=TQv3Kk9zaqkDLy z!;FsbPR6y`$MK!0OHB4@=}{ZIzHQ8%IUZpgEr6{W-PXJ9%szMFG~XosXK!9hUyt4` z?&)J`ZLgk2S~x8H+7a6Y37y zz)a8V`k@JqHVutiEH#`plo?;|m0etDeN|967FDB^L7`$%ZKyC_9OL$OP2d4&IG`Tj zT629h4BTJtVy_ui3Dt%Ug;KF{nn!p516Hz4`}~{8hNJ?5u85J_ReY>uuRlez6r!nd znk5+V+dgScNO-bi!8!6qE0i&cex(;*0gK%iZ58zP^qOs(-DvGDFI&=Cv?~8Ckx-1}>~b%Cm7(o4k3nx=0EmE_ZP56G)5`Er$KDpuw3*lP-bHiwT(g zLEdI@_En`Lv&a>`;zdudjye^$i#G7;2CCEo1GFZqsQ3|MgxsK4xtw3O&Oggq3}+oF>HklZx?S9okP#-VZ+Z5$QR zL+2Ix_Fq|;+0!9^lWYIWz{`L6d1-(AM>IDz^xxWpjPGRLCtg;?O{U+fk{pDjP>1>c zshN}$_EYcRexop=s-ovDd*$w7)w0g5?q?A7ZhvnBc`K@~fqxd|El8v6Kbiix3i&8F zrFZ~jr5P+9Navf{jQuBe>=E;CV`O`ChNBVMkWfc$ZGM2eq}2l6iTcY=A4Idm2nt+Y z2M$JVa$AtJZY<;pw!DXquIe*;&0a~AyreY3I%A^`n?L#%TmBzFoBNU4vxYvYsd zc{9`Rc#Ap>%2?z*kTmbmNcw{e;VMjm&jB9xK^Cm8Q|mcDs)R!-5%r6kl_gDIAYkZk z&TOXKCBsPaE^7opbb8Z@;s+-s$?d;V&TGa4RjrRfTT~S>5hc)iXLYZRf+Dh9>B0Rc z8{d$B`lG3*MnlK3t)p^P%mGl5)j`9!VW`-BKEgrI(gNx^=wV=u8``Cngg>Y$xotMh z=qTZLpvY~PB%QC%0ULCW#@|Jud>dvsZyb*|ZtN^Pj_6rmvZUW5aB8Ciidjfv`0MdJevRHy{WggH-T#DW>Q{r6dNui7_z^|A66$d%)_nybB7=8f0(WAD z3$)^yJ`Kgz1OW=I276>)AS7yf2p)5zDv4FSOhZZ`)C-kDy*eXzcs7{+;Xb96l|!0v zegbS+^Z{EoU7x#OEz!i!ISz93TsD&F#fYLMV^5Id8SW>nGO0tiV>?LdlAlt2|D8=6 zL*y@H2VDlWlr>Qf6K3yHCuz+TR>>bRV23tQQO?zlCEgiSS&ZBcAI3LzzkGa z;kD?7Xw&Tj8e-aEA~F2eJ`)iZ5W_yMA4LT?9_B5-M5SECj)S^LrDJ1_{R$QJB#<0= z%Ss#hA?Rg3T>Ko1vhVnV6FF9q45yqk@2C0CO@A=j{d#9WcIbmW2>k!rNZklc`AAab z8PDBcG_a68w}Z6-wPzfW)bC~;yKzL$;O$MlScM@ZXT_{9lkQy(Y>9 zBK1CkfpGga8D7yu?DF?J1m@y~3ruWf&<7n>H_)f<0DJ}ES6a|km5m35MM%E7;Zi@v z0!QGD1htUNQu~p}xLweRlxFg$4>y@{Ti>aun?Io3Xhm|E)DT>EVHSDAoqB9Z{r`bm zdz93v?m7f{@$er_L5*jrlr3hSibQ@-7|#{@w~UNy@kD*GPZ$|wJ*HZ8nQ)5qj>)Ka zCSIQ@YnaRakJ8^cPTxFC7|_fS!V?%GbKvb~d+z8<`Z{)}4+ ztDH>(xQnLPzfTJgZFv(W(EV)X`Q##Gw1U7{Rl8pkwV;r)(uB34l&x(gyyiKilXjemP4-WW6ArNA|M;Y7Q zAOfN}!4Im0*ysRw%k3lHJIf5XxIz*vOhk!abyBGkXMX#37qd<0ra32GW48?OA;Pnk zdL9xiYyuaPQxhYGlU(f6N?q$0Q0~uHbEk0En<1wshD+L05BJmG2%ZgczY7*M==dq4 z;8HO>yB-S%x#Jisa=_#OAsG$~)&Xx|Q;9W(3m~i23PDcR341D}1t(tvO&oRHy@k=^ zAZ)li3|8uTcu*1OC^?fM#}8aIcK4D*ulN}PJ2~xDX3AxJvgsq<7Zh4|%pbpNv!G;cHNKkll88|* zPwVw|1Vtl3h;oA%F|*x!m|As?KT{1?xV8wpOGpfC4r;#{w_Rd~=`ob+vnLvXE@6gn zC6>fCU_V)KTSEYksxPSBxw(#@ZKEFt)fma$t7DHQrGLW}>8`FJhh&=?wdK7AD&5h0 zew?Z)YyL}jhHUJ+P-?PX3dMphzTRFlgY+gJ4{t=>uGjD8^-+A6%BcWxMw8iLjm5o= zIayNaYYq)RSv!Pg;P;cES*BSFdM$6NWI>s-mOZ z?^Olgm?YnO$A*5P#dOi>mW|z;#(hR|D0eN#52SxKJN*uy1qzDy9e-D+yIcOF=O%~c ze@c@4j}epq<6qRSQqjf)-XPg>>{YVU?BkKMAZUy(s7@8El9=LKxBy0i9-L>27nr8M zNxkm7&VmMP;c8DK$9}^k(DUb;)3O>$=Vjk7*{OAJ>WeXKq+dbQGkhQ~$i)d<@8;yv z0Ms$*ny}aM*bNy~cSBt>W(@8)e*5Kxrw2cwIXC(Ot^a|Hc<(fIKf?*h_j#LMA9fx! z?&eTDVz(EDbN5euUj=V-T-<%XDlC$Dt&YV~e)k|XLLuz}>>(A;(;uG!3|Fpw^I-a3 zma%1=O|9@_G_(Yp{Q9jr&?cXPlGrOE;*rNB)X7F__d672i>)$ROCbcXKA@@1KVIAo z`*6sQ9V&{kBg{@c94O#2N$~NWdubPcW0ya%yL2${eBNv7p7WYRnf#aG&pak_nN_za zHGqInnp*k{;U+F%(GcZXtcoA6vQ2lqAvnw<60J2j>ExO!&z>{Y^L$bi!4Wm|IJBvR zjZfRk-2IE6>`zs%E^a6%4t?F9C7C)*r{RHW7-%`JQLws-2Y`1s6 zgXh3bMSMDdrZHoWDLpBxs}ixKN<00#>a5$T0H@?q{+ z5$2hl(GWXrzUEEoNzu}QDYvq(6X@j4&z`2K7l_NRk=B(rFR?#YU%~|E#Ar=n3h`Yw#0{mKEz#({9aM4oYu|_bpRre#KDgS-x&N&O>{tHQ>61 zmXp%KfoOr>4~|4pTdyI|8^l8QrUrNUr*wqlTj%rPn|H1~sGpFnuxI`Lb6w@peZmwi zY9%9({KnLg+P_$ElL2IdcU~g|BYM*`9$+T(#8xq=Yiluj0s*ZRySQhC{EwkquyXH# zPGu(mPu$v9o-l8wS7{VVg$4xk(*&c{vFTnk2M1!F{B3c)Z6QvD{#+8f9&8qTeZud4 z8+xN|F50qoqtDn^v8RK1*PmIh8?BTe(tg&Mv!3!5e2iY(zo(0FKRAx=wEiGUvYqCh z`W6;RY`-KTB}Df`JMsK=%RCmzDfxloO6rc5KCd^KffEb8Hx(49cGtoY~*EK`{453au00qOjy zBI7E*PpeO3J4!G9fmJKxcDHb!ia1}?a_3t1(y;UWwgA4m6^2tMFsBA@>1|X@K9iF* zh96Hab|1ofn2Q}8?;B3U#C3V-u)43gf_x^SQP3n*{A<$Lq7~LBCRmw>5Wj^ks|nww z_u8-8A{JhAc2J>A#pgY|Fm?el@_}JFSyR50GA6s5Y`JM|4S~U1K3{|0>KP+we74i= zX(UpvZ@d3a!OsP_xuOPPWik11nSdiV<++G%{a>1q*C&$nlx_y!?QMJ+bY2s7tfDWz z1aTZ+V}9=%{MBLr{m{Xh@TlmVpg|=D;ZQ#t9dUtE`##N+DQdv5K=&&jv4I3$`Xlwd zncs`SJ)m5PW?E;U3u>knU^?g_+^gIf4fLG;2k(qGONNJzu>mYM>&CGPfCWZS7i_6n&IpRv5E0 zBjhJ%R;Vr}r}}JfOvO#PQMf8t+;8X~nCda`qB=VfVMr$N#4hvZtH`zGzhLpcy|6Q? zV)~)Z(p3yTJ#uhLq_;=N@{hMN$YPRv;7|x#SDC)o$_)3GHh+MI#H&>7ssm@zxG0N$ zS*tGv4FXJ!hxznuZ-aIK$i5|q98+uy9lEq)d57BGddAbWWZ@RdRDHbI#YlXtigWUG zjFo!bQ1?@2h*&tgz1$@5{Q8t9h;ztm7xjD%jlJm#?g{(dJi9rRr5Ir0v>ZpuK13=M z4DE=hP=L@(Y;m|vAQTk>a34Vw>I@k(LXYHrGPr9Yq!3>%8`JQr^u#|ml)fWCf_}0frlnQeBoJsWmV4K%AZd%mzF`kUX zfW7{c6knI?GlD(jXsUX=BBS(UFe_~br@}=*?ebS$xObi_(U7i0%l1kqZ@!{#%wJVD z_q4Ukd2=EWhdTh*f9%({(?60+YM>y9Dd@$M-Xk+-KuHFMs~G*6LFHVEGpd{O^=f&N zw7jjtk-L}jg~;Gtyaf9gEoBA-|W%eze)FhF|X1 z5)Jmj@|0p2Y>QNg{bhaibINMHvI-U9%ePw-wlm}AIqBWET{>A*O_nm%klLoSlcOQ2W zb~&3h*{4-;g`_P3SQj$?WP~~J_ai1n@&wW*j#4;Y zUk@(k_voleZzfvAdn8{H1Z5&8YW=`WigMqY+^j3Oq-p`_rdcWy;WKQ_$8q6U{B^0? z$mWyZK?|sPsrUWHlXhEzvcrkjCy53rW!hG^jH5ibTl1Ghv}{!AG*lwSuTnUkp?Ut7 z>WiON*4Nu$oLKO${Z|FDgk} zlYY<&gq&B6PhyU}zpr&qZcs#I224F!zzqu7me|sk_j@P%*nILalQ&{04|j>75?PK* z)n-&TB%6xIB>B6jD@YSt`PW%4XAnnH)zJ^({xKk?Vf=dIaZDoBoM&~NU-gYPqQPES zXIwFKANsO3gM8iuvdHJnW-eCTn{DE;2H$!_de4uWSK-Cajrej2Z$rV@3MZNvVVRs` zgjhqdl%qC=Y*fER>6m%~vZi2&pD7$|lvz|M>lSr?EXONp;Z$Dikl|aKZn)2wGLWgQ zm5ISv5E~z4L6Yb}kC~MQDg(JHP?B*m!3Um}$4D;H+n?)&J>;QIR?~~+?|C#=e zB`~XqL5j#nL6`g3#_BT^BAM6F8@?x{ByG5O$`RYyc?{x_a6O()A9%5zc)!Qlw&bTd zmhjQN+Wd^JS~nS1EB5CO(ZPsLm2IYU93i&Hw-mjK<32e;%`#X%c`JI5)F<6Q4~ zJFS%XK#niFtVMcZnXzW{+eIpB$ZExaUBD|eYSS?n9TmErLoYe*=QrH&_1D&h$CM_Y zCOvrrwLwQAV8M~ocP*gBLQhv-<*bzs?>z@T@yxaFVaSQwRG-@jCH)cx;bGTtxj$>Z z)kG9D#TB6t1KoOB0%Pr=<5nY-Qy`DF-@$8_J}fHNm-go4_*c0b$%(WDclis1P#lHL zb@6VZK7Q}5F1GyixhG;pAhPXVZSfHITKW!%titt^F{e>Btw+(U?ToLbbaOUhUA7;) z)Ac?Cu|==d`vxi7n2*FEuch7O%pJ=hRL*F4!F6;?exe2B>C*TOy1umJohvyroOq(a zmBlGsZRBdAs?a{w>5}Ol_f@qCTi%(K+3hG9H8yOyL#$Run-P99AxOB#H<(#{y=T)m zijWk9RmF+VlqKUE-HTF3v1*+HZ~6$gWOo#TcdiVoRom26NoIF#Of4ZB-PRbpV#3{6 z%2v#kc#DUmlyL=hl~W!SOo<^=CcEe%E@+8XK`XYqIev^FNa`MN3ibWqS>&8mZaX_- z6uyu+Vu<4NP@Pmo)e=*5FPl_Etzb~elPwvFdbAJyTY~qTmO!9hP)i?y+cUxnSYlQ$K{ZHPW@oFN4HWR0Kx zyxD7M4fkk>%!a$-zGRMCJzn;u58q{C+4DXMD&gLav#@=-lS0rX*H`)QoM6(dNR{_q zD)$h_RP%tVKa7w$A-TTMvh9Q&cf{S^>zc_n?^%!4Y>{Yr7kjPhG6u1;iXje`OXjFW zK=;eYmtV)~;+lTS;_S@pnQ-WY%vsNw9v(_&i{zoB&ilN#-VbI?A=t-tbFRUIqakvu z)=*~ym*Zhz2diS*d^&MR^n(Y#GA9%{seD>}u_!R;JiY2=ksP_+>LP;3;+97SheuVP zHvQ&J+4Zu7mr@7ex*LwdU- z1Cw_-ll|AbwC^y5bHU#xS1Nku&Z`w=b+koq7b{|~ykMU3adM4j&0=A z3g5NWEsfJsLA5NElgBoyov?kIWgcT*GoIHgi!O==x@Mfc^$8-!eyIaGt{=CXbOlM2 zk`fwzKR&;0F+_=LgoHT6AxVC5msR{f4#_A+;H$W+?sQc*uvF30h~*Ro$S`{^Bf+gY$|Iy^0A_A}Jm zd)uU~_4xyPIfl^=qRhgMAWgq!SzS2(spQT3h*dYf?E6I*XcHclE?IsRBYDJ*Ef=oW z-!u@my?RTha^8_OnY#sZHH*l8^Pw3mbhDw{RUbHHtlF35rk#$X#!y?1H_K~KtU_+_ z`y;3HDv>HIVkyryqvP(S#t9pUtGpJP3k`fuM|qJ#d_%c2c8rNf$P~L11;xd4N>xuh z`@XH#{g$-DZ}eKTVr%bKf`eYfly}Nhe6$!|G$(~2tZ+OheWH23WeyM@|p3C#K!FMDTJqs+4{ z@SkE-M{Xx=^m~{sKx@*Xa;ekLwtN^j9U&oqcDnRo*6G3(;y}8q z*pJD?P3#Ga=Yqu0GQWevD7T7S-kcnM(b#7x^py>q>ggrRa~Rm2s4Mu&w;78&6s#+c zbZ_kO+IWkLlt&GcdI3GC9xnADT(-fbiX?btY?LYeJz-}2Gg@*}%kJqlsgN|^{)eXv z=B+0aMYQpZ9qa+3w(M)ZK8d7fwe+HUS`vG9OnasC59^k`j?Y%f$}M6FMp7tY7GX>& zT7vN<*D7-2diuPN33qs3x||iy&%9Q^Y?N1Iv<#&+X-x5PcxtI}7+r95TVKTLHroC*}f#_L+37)I-wHN*V0GgO@x&26`emBMV$j}o8 z3q|+iM4s2ziAWROP8%`eUQyFe&w;&c>y4V9nJ_a~4a{1f5q(+wxEjer`}Y&eBRl9^ zwu4W#Btnw;3XU39BHE#9HKef*L}<;MO9kNS+|mxZtb(x2;CT`;nJ0ApdG1{}bs0g6 zuXcuN!a~mxIUBW64By#kOI>x*@LCDmhbYFQloOcLFW6_fg$aDJdqSJM))-jccN#Hs z;BqGo`{^VFE#KWX4MWc%CO%x8R&7_tdo6sMFw%A7nz;#QB(7xbNiua$62*4n=tOH8 zNY%7{8MFzLGEiR7D=yej+P;8g?-AfN9w^HlsM4-!6xM$kz&G!{yQ6HD-Jep*I&$6b zR&>kj-x!)vf@Hu&`ss@Na!Sh1)|`XHW0O8;Ng)lnEumup5Lb)fCqy_!#u<4e$nlH|T$ z#Jv%b)jNX+P9I0&8Pcc1Nh7( zJEDZh&fpQ33sYbik|Z<;%GFtc!5_BRmwrib8#;5TeGs!HGHeuE>)Co{q;XWA?$D;@ z$#S{fI3w?bZgIhk1g3 z)JO!CKG)}SefMRpd@<*Q-YGI%ZoenfR9j<|`aCVUr)4qVji?g+(WO4%o)5Nhi8goB z0C#HHfa3*A{qV)Lm2g8Y^`P`5hmUg&Qr9KUR-2Bq%wK-jGx%_~zEIsXcKzn%uq-)x zYu3k(6LF&HA{4dWqqm#+tC&@7OvEBD>&|d1ox9O})r!D2HH-+uutcXxCe<;!*HfX? zTcKm(DUN|rHLq(|KkqjbODkqL%srs%eGKl&HQRm6c<90)%glXm9jhsGh<3p>ieXO^|r++j-Suapt-7Xshieb$MLhF2#a4q`U_ty6x=cWg3uNdVo_!v^(kCmi-oi{}-&z`BXN;@nB zrJh?U+HL#1I5czb)R6ul&8}f2!86(jEyQ<&rO7sfL@(akD+-~Xm0UcDt&<39`@FW; znkr7bOsIPQaW(V)r?Hom_cO|%{Tx&vtM8{fsD|lSnrz$lO@I~03bD9~854UU>!5$6 z{v0{#q2IL=>J+TyTdD7x{3d{}+q<@szfwhjd+4sEgU1Bc=8kKiy~YU*-ec_9_fM-K|@Aw_VTC2bt^!(SC;Jrwk(qNwKO3bpBb9JYVIw z{W_uI3jD5_3Pe!ovqP>5CsZssT7qRtOo}7ogv4%gjBGqsUype)`+C!*CqEeH|L9t2 zZ5GPv2umNM{kCTu*(S8GV_vk{w0^bo@r54?N$%Sp~TilX;m#sh8 zbH#!=oV2upkLjaVUVXCaflIKR@lZ;cyrmgi*4fZOdhfaqM?b8_yGUt#na-^l zAlaJs!jrxh*DQMJhgKnV(u<;7ds`tJ*lq@xP<(h}J0(7qo(@?5MJa0m0S*?X<6R!9BjmUi`6ia_( z8?^nopRd$d9vGSB23KHz1k@o^YA3a%V5Ow54slIbHN^Ex(=-X@#ftP(-P0b9l};JD zo6TFbC$^ZOudy}o0plX3qiVO-_f0Fz2CMs>tGHq2rfRy2x5jv=ZXJSh zR@+zc1%KvKI*r?7B_S2JA2ttVt2uUZNy!iuluUf*Q5*{aT|8VQ%7w%N&lphOB8lnY z@4Pq7rt<~o4u)d2_=?|XjvSQh{Zr94IqJHPde1_g&?y^QeTA-2MEHGwH3rsP!D@9^ z0hwK=qF>`DZML@C=oL;_pu+iZ#Jr9~jEFO<%)?WmLvSD8i>My`Io$TR9}9FRt~#yD zZ+bBawe!1i^W^?2Z)?^wMH_midYZ1Age%Q#E%3-ZoF|GH?V zg?F*Kp%xFtUV*;g>9;>JUlB?;kwm3Zel9q7S2Y+vTO>-%?c7_9trR;#Xk6o-Q)ys5?@G)H1Yc@8bZOc$g zsnwiH;396%G;fE^66;v!XR56+w_Mf6K2HG*rC|ht7q$(tvsY@ZCrzu`4h(u^q;|sV z5Wz;2`3&S`^!S?oSJwi(@nn^v#{3GKK~27{$khw_sGYKn&YZY7R{`y(80h}TrYN2C zGTsj-yj9eZW)IbHQ{q47ci3V?ENo)C^k)*MCR>uJ^)d-xH-g$RH(`6p4p>_)^JMXV zjQ$2Sq0E@vmYvoVQg6tz5w7J!FgX5iu2Zy> z36E(h^m_PlMJ#y4khd@x?5xi1mw2m0Ejo4pLsSaB`mw4P-W=d%ucGz?MlUeb>G7!u zXKH3EDzptNCDNoXdNyTzt`Ku`LC^VeIs0|H;lfqvKeRm64=|nITKR)qp}%pn!$qwv zqiMYQtVq1CEf2Ve7rgMh9mqwvr58_?Ol319#QpLu=-RY@?M#lXjbkHwe}{e@O-F`W z4hpfx(iP@2k3`)WpY=JfRfTK)rFq?_%Q7tETC&^vg4VD>?rSYBZ?&4eu@95bnp}t9 zpo?4fOlD%<&z)ZFAC|j|L+*7Ot6{#zsz$aMk&;U3Wpz{Yyt{#ti8;t^QoxB%4uBTn zmer$GJ+@oaTh{5KKGCVJL5k2;7^T7B-|3}o>S5>XZp!aNo1Q3#C=S(IMt2Y?3Cf7lxNP09=d1#b|b{0IPT^< zuul(iJ?1#*>Pr6jo8D{FUSv3X&T;U#%Mr%xE`}p%+vLyn$>X0z4nQIq;!}P0tqPlX zs^9WwUhSo#AUlWCctBa~+W?n<2~O}yZJR938*lpj*n$yP$0*jpUGJzD;^(gF>b!J2 z`Pr7fl$~0R3{Sd9>w8m0A&NhrT&DOLa=o3h8y(3`Gq{--Hw0yky=`%dBI(>Pd&>=# z%M=tGp^wP6d||E8KVZmS>mwAx60S1CE^niV-mV%wG3#%i9-)xN|8wxv2Vk(S2c<{G zH41-j9C{wXcvUs>PdofIOSj+M{b=c5qK;$ab@FGfPP`^c?KA!LuPBmba}TZae~l7I zJ4qhEnK3|)yIuAsPqo@V;X2lwB*r2*44P%n%pA4)vhqGwFx}abK<`x}t7zLxu~@+U z18=&^%)Amev7W~r(E9S{M9j&(aj`|R`zM?G7lwZJM)b-Rw5ppiz_sRLOpT>J!6cpTx5^h%Qem(7E6M|lp;XYOg zh%D@U`3-vo67eiZzP7!BO5n{VJ-5`b?C9u^;MUG}b{XH}0mBaToh>XIM}4Ta+Rl+n ze?UQT$6(Y!i3Jn{#F(2GkjdF|Pt3(e{3qACB;R1pf}zucpd;5UY7q-2q@#Q6eYUaY z*2!Q}*B-gPR!~(4TR|*B6e&{|r&UtXFVB%uBys347UgY~CrBpvC5 z_Z*rB3u#_w+-85{HUvJkXyvZW`o@wU2hAV@?IgC>yY&lmF)>^Oc zV?=O}kS!~AKSZn(jGk=~D#J{}H+JPxFAqd=_Ca;bwOV5^yppaeE=4M`HAU@iOkc4GPEUI68GT61G6L>ceT=32xphC zBBuI7g`AU_@Q#MHkKUqta}B47dw;c{2|;B_nQQ0vEM@sgQ`4 zOCL>L58XO6RuWWcu^o&GM=}HrhF&2dqDK51pc3Sn(K;Co&cWIDF^f0HIyE5-J#MvT zcQY7z8{W>U76dUnp>6m4(>L9d>UPJ?LA+A3aB=v!S(J!3B@}&UCg-`lZ2*lbu6ATt z4O6BqH`r3}2-fFzaSdD%_6bf=U-7`=s!`GwAZGjw=BaZTDhlVoyxm~Pj*rB$d|1x| zjJw8a`Ez0d*L7vO;t|ebiQ$SqWLaIwPo_54Tu{m&X&+I%Hjmx85-Z3Ot<-h@k&~vz z4UY?BH=$8yz0v$whu1QCfD5(FxXa&LB2$30t%-W)V|8QBRnICb##xVfmZ&8Tw<^H6 ziGqo6nSUHRjr_zRRTh(e;}&kGEHYNXjV(b5aRr+gb&JLI+E__%iQi%q>zdDU#+qv1 zDsY+akh`4va7Yz(7?>fmDAa+n=|q{WHFcrNiYg`Tx6Bplj8^(gytA(v&mre^j7QGw zf-c=gH9`9+M4?5kQO=U2i1+U1kZdC^C$|u*zqI|H(d`J6%VtxHolr(IBW*zFQHrV0 zK4y)h)|nF1h{f${ueJE;)_N^;lnGS*+`>osC|V>7FYI_Xc{(6-bL_5i{&Hv%#<5*z z;d3ej+^eZr=mn*=0tEWrt0{@S+w~ULb3;(_GHUR+vkrEK;792VTK~hpmS{fWW zr3RH!Qex7Tk#O8P^Y__aBw5i{gi^yWZs z#^aNEhO@XAaeU3_{h64Jh8$S*=uAkSix|8#UhU(rz7wvJ*n=4VIIe2Jd=IpHS&gZI zsD+l%Lb-A&&A?s#yvK*l)T*ra-!x3QukP1>kUBPPMk+ygN)z`bODnuQ)l?xEk<^m7 zF|}pGE`4N~iVq1_m(t2nW<>kG(Y1^%q9gF3FgS3>u%Ca1Gje91tME0*Ltum6ecpUbefL^Xr5((3ny|}p>DK;9|7eDd!fpYmG+RcIdY^3eS)0uP zK;w*$Pyq?5?4l`~%Gr^wx)2WnIOu9nm1}8iQ1x7b@pZEy=dlE@nV}>xko=Rab`5Zx zYx6wjVL~zh2{S!){v+gJKX7oCa|9`-F6a(ClJ7SRyy8&1#?c6ZoF;&hXn-?qBuuKw zxjryCn(l5AeVC6Vx^d=zRrTt4#U$t}z21hk{qngYK6!|wH@SG@f<4Zw0x|Y-8V`ob zChmB%Ha(9iOrK#3$t92=_q0f!>ftXHRP)jHp1msssN&l+EN^IjL^Zu@(iU!VVY&Np z8cb7y*k&$WcOMlyn?P1t<|0}=v#HKM(_9H@*6A?9Ls|a}eMoT(bJcyeuc%M7J{+&2 z+_2|9PCX8+@)Qaht9v=@j?j>mEkNbMSVbv_J@!-O$#wPLqk(<5=_!LpiG9BX`nLKJ z8?W^^(1jE#R=GCfTV5*F>o1aIc-CsZZ?EM)){_;7Z|+(D3hV48B2YKMXhd`LR~=iQ zV@?xSFPSrgYqSURmAPkORIr(e#CCwJh?N4#}%iv;4ts|(?W^GVc-4chgNbkY16PXhiU)UD-HDR7tV9 z`vW=!*z-DF^M?w61)<)6RJMF=iv}GI?L+Uc)(Q_aq*?-`?4zR|4(r`}fpS1t|MtUa zm8eQ?FX(7a9KG;Ca@-B+)l>PMpZOcv;MzqpQVTlOq^y%C4$YHvhTNL|g=(X+Z!vOq zyEls@Z@Rp0*0wNmfiJTy;lr|=SYrtA~wKc4ry3F;ec}@W@GCTVTm2~vOk-@6e_y%&jdmOQO z^Wv|QDl6@ITAEBuCz8LrT$1E6;IuC2w4OE8#->b_V~dBD7Kpq@hWKCzBcqmhgX-HS zT<)AnC=!?tGmqUN9qQm4BgVJ25MA_aFwTCUL>R_D=Q{oYlA-`nyT=}0lWy5B zimal=pCi3gk%y$HQu#eK)z9jnNJtwms>UyCU-m zlIT7~5HXu;UNopsACImY_IanK*~^uue-DTe8_9kD$jWQ&e6F4%bpM-N08Nq zEK7he-!D7gSz92GY)<8(>+>;#_LAtCIHT)7tqwXD$V8@`S6$UEe*$$>B`n&DMEL^k zH8E0=U8`G1eiRS2Fuc=?BRd2Zz(DVvgE*u^)@rb{F<-#e{!f zXV1WTgm##roRHXvFKB(y6A=g{%HA{exM7)bOm8jwSrY>()jbjIpcF@Fp9{2C{-$7Q zV9+gvvyoCVw-=ZRfUT{uH?O1l@YFtRE2^Bm;QLYUjHAPNM*fLAXO1rGtv3cj4^_oe zWXkR5LfLe9EhKnc#SXvwyPrU^4?BxhW*M0NtPR_r28NIqhXHykW_nDy~3)mz1YLcM{GGW&~;9_GEb|`z-fGu5NbRs>YQ3!B z5N!jwoXQjS$}-iKyNbA;kH*56M)v1db5E@rf`i1$EwsF{J$L8OE9uh~euOMMs)7V8 zu?#JRVit|x)@U$LQ@3xKQDtMUv8f#TB-GvFsl_giAwKDyHo_Ki!<9n$!X;>xS2Rw< z_Ki3=Pa;*qsvXk{jmJeig27-Jy3OsC#mQpqUVL->bTgVjgO% zI@TcKn(Z`r@eCW$2V@ES9C&$&7Vt&OK6}oU z!yXFcV|vFtkNG6ml!)OUwjCK1N|$Q}{ifuaz&g(vbM>8VO|`e&Nx1h*1p| zBdv$uWNMr?y;0Pwi9snrCwrVO4l+%mZGUH}srry>7b86F4TBD*;Cbl1#* zYu3OJBY0S~+$Ma=RoLwXN2Tk?ZuF$3+T@8slZVsB>PkmW+Kdz2YwGSIAm3V_sA#1+ zYE2Zs)&#l`fm>Cd*lD-WwvwTu?!YV;vJ7t8N@c$(;cKT8C#E%oA@3~+GS<1?hY{Ih z<;<*GZP&ghM$oB}>atJqV|+HD>8Fbe0byAu@DGmD%s0uG2g?b_3~}ei1Y?d2;~&P2 z4Bv?!KI_k!SMK!}JErg0{HNHxMRmYeU-5InOWjg5A;h}&?I(L2Nl|QQ19s$5rjd}1 z^w`p-aX(U|MnvCp$=rmX7K7(kF9rO+@i&cgEulO)XepJl9bCIdA8fThO$Rb zqSMm*E#xE4wOdAL1)91x!7mr3GpJ!vDA#+(^9fhdML85(3P~#vWgXIYLuY3{GcWe6 z+Hex`S220}qGQ6n>7~hNeZZyH7&fF6@o0KbA-`($yt)v)3FyNoTFCP(*8p<$a1h0B z$&%#W-R-q3iG>Y7Hl-?@HqW#w$9aY=w|EmrFw3q{k2L(}T-^ohhEcJ`id+0n2i{6e zY;Sc23lx{WdS;<@*rz!I29(t_m%#kO2^e267)5pN2@FNX0YX}rY`H&Km?8CbidI}a ziv)PwN}BJIm{++3yVNyn85De6<@6F*VMX_GspvPeix$HloHi}U+A#4;)uK{Y8~PkR z7nhDT+tWpo282OIKHDUmOr5Vmkv2>aD2HN8!@#ooFhh_;l3y>BZIq^_B7Tlj2T%V2ar;Oj!)Qne?>^sTUsLym06}HFvhrvtw!PXgVC#lLiNPr!p#TW@f`!bgL(%Lvq}7 z*H~UrMhmtiBF!$n`=LU}$k&Fb5^62%`^vREZ{yudwa+1rD|U%VD_f_L?8;L~VFu2m zACG{_5on-gMOvlZ>XyNjfow4ZGo{iEvM676R8Iw`$=0V4P+G}_R+&nX+&&qJ^Wa+Pc97XvuLhJ5 znU`Tf6{6492J*5axRtJ7U=ch`4zx5zR0kJ^TUN(d?@2d0cw8t@GDEyNy)VgQBO+X5 z8i9`^sf|7oV1KpSkuvIEEVd(CV{F+(CpI%?+IPQ-NX!0iIQNEN44e$1GF;J_9TRNS zoR7I0ILkER7xeCYBTne7ZeiPXX+2K;4xXTxwmyEyH$p945kBngJ|!K~!@oh9U?G~j z&(X;uwO4}3Jj1XbBuU`ue0l?8RKhYcA=JenEA z&8s5qaX<=yi45^AV(FWrQ6bQ&n&dk}N*y1M+re>421veMuA9A_MKdJAovd8mhN`;y zHp1J6!CD#%qtJUz&X|rQ*i@eSeDdjW802k*$xBxgvp_YuosOiOs*%F;I1`d3uiHLb z-}wvAgOqh7tm_-nPDgg1e`{LeSURt4yk4=8I1|vNK zpe6%EW6kl1C(QH&fZX`6T9ZgwuZk#;NrEq<<|oE>TDwjHhyV<4LGj+f(&$e1hWH{6 z2Nj-VWVXclg!a5a#9ZaAvuNk%i83ST+K|kgg^a^r9c9$}|IExq6yAC+*u6oPtXrA% zqomvYQ(Avn$Y)JtIHWc>qKJaWYsXt_vge<+^5W~k6*ZpnKDD66!z`=b)Tz@hQ92RH z^k|?ATx5QUg>EN0K22-Ki}`d?Ukni~k*74ydCY}1be6KA(IL7}FEQ$M2pm*Z_!LBe zd86lRpVRslp&d|va<@KH-qY~q#i>GxkE^)Fp(sBedv|y%Tfy^V)1DQ#rm21PCaEEz zat1LH_S>RPJd>R8zJ3R8?CU4BbgBvXKb>H6MoA!i{h0V8(ByuG#d}iK{l~=NE|~>< zgQ|Vr<-c!aaBL_C;0Qr^OB9^sz>XL*tR5E%1G*KPu(}e3wIt@;_bn5?-$13 zttM{usm_a};~q@u$|LZ*WF^(m{*B5uqw9smo{vTBJdUgx{FM4upL$hqE;z7{sEJvk zX+dfzP*zDGYE6VIlqT?P`Wl;Ds3Xm710+GoPi|E3@`Z$3wp4U)-Pi{}^;Qz7{}Ol? zdUivYbLv&`dshF@tK_4l5oP9?9c90o>M=V{c7eIw{r3h2`3ra5<@4Fq8U`+&Sf6yy z3`b|l>(#hGHLd!-ny=nX+6bI{voO4~2VzxY8&TZxq1j?8B5rtAyw>@kqI)#Y`VwIpkU?c+{v_ZQp|Omyp1VH=2r+U3KhphJ$&>sMrj=(N!HBDJSpUZ1lw&*Pr3 z&21870Wj;BbI%fz7L82Pq%S(`A`6()a*GC!LcxG=zc_<3iX43@T9xSIq`uaHyOw<< z9+wAho87H2U4e1+gJ-WKp$(}?HU9LRh(hPO4PRpx+LWANpsHqgr>n`f0q+9}Ns)Cqyo z;t#LQY3$Tr=6DQNhMQ0}Z_r)GxA8SzIFwt$NY)G@RWJ6B;;T|JiYZeYm98d|>xQ9; z@4JdFBLU!r6`pO^#fPzlroAuiAc?w*%n2xy;RssukpWYJ2Y0#Vr`v76%xvZ_YN--k zq%R_=m>mIG`v(`Z#iZS7Y{0rWf8tagM{ltVuvuzy7SUs4!&PI?+8YLzoPdO&3$INt zBiKV{dYxuM7#-CNv(O_hu*BrhE==uX!A#w1IjceE8mAn-U4EZU>dO|=7B`ryl~9Y@ zVS~hrT6$TQUZtc4<^s^@#V*JFq=?CTUX~C!f@F8Spz$&A3k3@;;upG`y)|!iznwWE z5XW*}oSE2>6`fDWMWz5FHpj@=94${Y)yGQHnnfD#-wC6!ZakChaIKy5N4q65n1fWy zjYlAojkS*b(QgQjrnqP|XyP9)e zMIT=Sm%Mj*uE=n3)K@#ZXC=4DUDlc(qQez>iH^e%_SL1#w|=Mu(dr_Io{IAx24^8D zlBk33AR}v-VPf?=_)UdjzLwE|OGJ=E8CuLnV3*N!EA^?3nziUot^P}}OuXdL+6Y>wbu9H+Bgq7uhl#{bN}8% zUm>`7Qv8Eo=LxXV_OS>@`?oRDda3)Tr^A>ew0j zYK)z3dBPU8*+n&{?MqkL`h-d(J1sBVlbaviXvafq^mV!{0CP569o^pd4PdGle)xik zC*3w)e?KQuNHUt|=ILwR8vk;X*(@;u>ubC!{@T=Y?rG}4UNI2$&K$OsX|BM_b^CZ8 zxAH!^w_SV6qhW0vNQV>mkHI!qR*oId`ZjD{aK+uZJs7E>+G4w+bl_S<*AgR0R~cg; z(Z?ZjQV}eeU(HsUa1C zVQw$2&{R07pRY>o_}`R)PM~yOQoo-(0TqqdQhkmk zr#ReSYExtV&`(O3E;Ywmswx0)LMNP0i#d4A6vd*_W?guH1OwvhB0L5qHcV>Ls#k|y zg-&gU2dg@bmHWn!`ox}|rh~*daUiRcVkC=`f8`K9%$W7j%c%SHjaV7sDfbItj3CNu z4L@feA-&Bu;A<{Er|%e5lzkC8}Utzk|fOFU{v6tEQiRk z#_40u5x33kORWa_PxT&RC#%Z^!Jh#VzdoBq9W}qXEND7^&a@QLBx`12?#dTA zUKf*P(P<{@5#_F&u=x+J@PYXgvItjP9Y!z!6N}Cx=ikx|9qgUar@n5{Py`XM;W{ z*_goR`Ql^yi`RFOr()t85HvQYO%_q@`$0|F>UrZw(Z_!k=|4P-qQKm2bGE88nzm(6 z0r0o)V<`3{X931T;^zUl$>KU`H9pQi|5X)&GD$zA7cnYFY>p^oxRD&j;=(^NHXQHt zb?5$JLbyJ41d1IqB6|LZ3ntn1Ojz*0xVBK$e^(3q=Klf`mZH!ltxjk0PgXl=b97?h|gG<78~EWu(%dG`XeZFncUJoYP6~v&(l5sZ*<$w^O0xu(t3fv zgGWhkEx>%tWfwfY05c9FyFEHz0#Z`Wo^!?&&VRUc!7@^3Mpx&x{{^ReoMY^mX<`gL z3@zi`&1-t<;mgAAU7#mQR@P$o@;{2^AMwy5ogUKyDy@-CAbANedrHt<06z!7;YE^8_gT0E@+2&R zYH!G5dg1*aQVCQQnlSvq{b;@F`6BEtpmFRpH3TRDWU_nYNdvhb2L@8e4FIm=wbCs{ zmy%}F-I8ar@e1+5^?SK%7J={*ofS`;t#n8{A+AMZTy`Y$#ch_1qA3C3W`~!qUkYy14^NsG5llB-gs=p}zK;tiH#n%tp^5Ih-jCZUl0LtpM`&gI2j zj2M%F{ugGRQ_pv*t2`5JTN_RijSEyZSp-6MXnjJo5kkay%U$ZSPJH^!&O4*AVb@6Q zx#s+qmUWLNGr3rq8d6{LD+wSk>PJ!F^|_IL2wFvEh-n^cs$lZ~pzM!u_B*sisUU5#OQ=Xj(uFPzCtW*(51 z+}nBtpLKO1>lm#P@Pa_O0$KclLaJ2l<`g6;jyu;kPHx_f{uhWA*_(;UQvhUS%cW=o2O%^|X*V zj^{f`-YMP^UvixF+#kjFE;utApbEpg8g3P%QwZ0{FbLD60UZ+g@S~P zIRgMNaF@Ebl|TrM))xRCFW}asC*%>x35~1Z1{uD2E#L0myfp{y_`^>yzgE!8_{!4q zo2-oMT6^L9@00jXWNSYgZ-IOC^lndIl1^jW54e0?<+Ej)$UOiDy9TE< z7Eh47uI_1d`fBm6l0$;EUJr!v?AyqPYdEj@;bKMvTq*gSAeAHi4)G`jp>gS9Q3$4~eNcJ~+n%r7^ z#)vI0+tEx$`B70cnT`&5FS;BYZ3QAb+n5Y%c*nKgRCL~;;oo~Iw$On3T?kYX`|KMd z@`?|s8TeZ|N;CgRhcLLdI`}%UGQxTsj!G9Womr?uW@Eoq!P&qAw+E-a+8&uw z7fjBS2;m!g8wD_J_R-K^{O#?d$kgm^26|3SQ4pxR#*><>GMdBcbHOu1zfA^xr`5&N zWZDC$MPlJI7qYIr^5W)MF@S+meieLfn>NnDyd@sn5%iGHq;@uY@`1Me0SW*SlBh53 zLWVrnetDOqn@~eX6Azrsxb9I_H$YLP#rFp+h?i-SgAN_lt9dzR9z3F1iAlzv%RYz; zkUB14Ics?}Vw#<}_f9BPIx@P{U&#h;pz5dWuO^(kCVJ2K8g@POz@EF$8Xvw+7)&}! zER;pSX>^(&@0_^1qucS3aW(9uq<)y8|VQ#+-o)w%ggvvp#fX z-@SoV;11dVv6F(p)UESZLR!~70lBrolAwDa3>;H4;Bffe{imBDwn2j8rzv&qCm(ob z>8GHK$!v4raqn(s0aOUJu%gcdhe~cHLbH!=F3^_PGfGaKz&-*RYX`KD58d`}cG}r# zlx0?q{9}=$b1L3;mEXy{bg8*CMd`CDGnb2Q3(`p)rL8uZI-Y(bV0&1oiLNmTG=*&( z%GQ{S9n7uxlOqp;)LuEUiEkv)z>3WNxrfKg&WxSt#nT;rLs4c&|dF zS`xYLwb`0~^V+-f=^T%+#p+v;q_7Zx^2@?{*Zx5eL1Hll5_{DxjO;TE5+q3WN&ou$ zq{ge5z!cG!<3DasV>u3OJJQ0@_UxFM&(BdbhqOK1l_A2x97LbKN}VR$^MX#XywuKH zYoL?rKA+nw5xuxityf^a6=|{e-MF)>(h7?Fu02piqge6*t|y+#5XsCyDAJSr6R1xs z7dii)eM7HLq$V(emI9Z?<3aSRwJ~eH&E@mioUps$knjWX*q$vjk)q+OoLDb}sv0*__z5fxw?t~}d2y>?88uYdu?WTR5$R-US5<}|{? zqcHsABhJUs-}DhS2%xMBuWKf)X6S;CHd$%no)oFu)GAkt=}`M82c)!tO;R=K)81W< zBW9_xQEwI2^XMhhNr=yR-?2OJl-_xWgXo=Y83VL4xKRbN?CHi0n*8aRu<~#4ARMr5 zQnI<=>{g3Yb1XLDd_B!wR^M7EQ`H~uWSJQMuv3PIs1^@f>8UPa%6bKxeK}^>_@$uC$qTR zkJZxBMs!&^+%`?j_5=5v7Lt;j7T$>P_xLzdq`_wS5nwG_g~0^VB15bVOIr{^eLD z6o|1mp?CB}Uzeiiy*Wf!I4d+*|&!-IlI1MQUN{Xrk0cNHk4@$2rEMIkGi< zoktfxd zAkEXwSUdnyKV-JM?2RtlPEC)+4XgmM3gx|an;77VZrazIa*0V2jL2IT^WbWig9Svc z70bVZOi987y5u>~KuW?U*;06R&*oH9lZvvcmtdVUXRK~R3Fq(3kV^W4pyYlr?>FBv z9uxUq1=I=4MpHe|H^c`Xi26XO-ISy_P!^UJoM9k5`?Yjx>10J&f$HV!^#){E|FEyo z{wRkSk<3Jdvx4;x3m__ngA*{~cms#EU#qt1Y)>YUMksm!W5@Iv{+J3NRZ%-LlgvE5 zXOct4C9qSa-LLuRU18a*e{UWjNJ1R}Lzh~4M^=M{ZM+e^+NU&Pz4o*Y*~;EpI%AAoqJgF1dO?&R-Zp-9H|2__gg<`K)+uK zgjyo#v%F^azNQU9_FbnPc0*KuZJYjptT=GCgumaK#@eTq`r8$s!oKa66EqlM(sB40I_WHp;VbX`!rILpl?a;qG!HXe2Qw?`W>=NMbyZBy9 z(f+YgbFV$DzT05c!%NkxXe*-26+k5C$EYIQF?TxvTnEP`&Ln$MZ@^*1F;aII#O!9u zRC`Pr8cc5P&e8D%^1E$W%T&*s3RK3>>r9$&!)I>2US5}%YRJ4)r=W1}H~fE>I0 zy^BN8T+GRcwT$1z`%34sN4RX+WX`C~fN5Nq`o}j^E8^foUx<=wcrLBx@4%x5Pmy3- z@I9|y0nvQjTWc)XM4P14S1c)$hf7LPr))#Fj_fxm-+^!*Rk)5mi;vmX>*}U$S z&V5;DW0Q|*ICGyk)8}ld5~H1XpIRvkXKANNGNze5C0@aRjBiVS&0Ho?i2A=@HFG==AoR1yF$ScC4ZtsdmwR2K`X2&v5a=kM8dTG}F9WYkjA} zTJ<|Us_#lX8KY4k-UmeHXcKKSUpkBJe`lRm0HuZ@hI9^N-D8j+9BE5F70F6aT?%OTWRKJ+n569Pj$Lvtx zmmgTKcNw7NQeSN+C8mh>E8U|Dm_JpRq_Df*gl_%oAygzzv@(DDW`|Q}r8G5nzO2qi zt26m8S^0myVMJkgh)G2V1K?TVFl^5z@OhjLAbsQCmSL8Va(#OL(^B;Qb3Fo`r2T)> z0l#KY1C&8`kGSR12{y{Te^VM)C2;Z*qSIUkc!2SX-{ucj|!LEJpJwvPi^L02U*ZgMO@8pKr9g51b z_S@Y%&7L+`^c8a-;Avg)ZaI0ynd)Nl*Xg-wlH1tzC$oCm$5r;V{5Q_6@C0GnSrMvM z_KOQkmCpfonu=+3tu&zsS%496G!U>HLgV)!tJk~n7XT-;v;lNRf+r8?Y)ndUQVjJX zD%tUY@z}j`z(9= zl}DsN(+|x)(^I(k+Jp&~c$d<@J$K?YeCQAcqjs?W0fL9h>pM_&pZ0|}AEda*QYmE9 zJ*Vm^KY+ptbEBADEI}gCgOO`M$C84d$DMewCoBRWO{knDy9moBWm0O~Tz_rY(Toa_ zu`%XDzd2uY(a6`l@I6&&sn^r!l2>B4yDoS4Z9l6ZYRjr9QHihK^@DSzrq#l%?j?`8?Se7+e)64OO)V!hl=xz( zI6IlR17s@F>4crJa@0CcxKDc{WRt9wIos}87q zX^RTcv@4Tia8j8tmtN}0jd^r#YL3X#yJu1f;J>}ibG9cr5qHhE)AVRDu0h?tMkRh9 z{Cau3Vs?@2$EkJ(PpW$0c1KDt#sU%%9I`xXtt6+= zvgE9nFh~$TY#{np5mqPU@7S1!=AAG`b*@bk{g3HsPAY)MqJG zo{a1?S4=G%DCF_-H{B6hC~IEK;l8sLH#|@qmqOm-vVd2|ID+)hMI#}HJ85O|>ti6$D%Eo$@X>0&Pi5H}HBjBL z+a<7Q-4?yR?nU`Xsl$y?=eB@2$HOH4B%x5_L-@9?b=(@hHzWr9c@WtCTmIX1d>8Ut|pE zT=S?Ig$GbeO2>|Kr+I%ajap>)O!NJ{E*uB9u;gUq?qQ_ zvIN}z$KO+LCdJeLo(0w%V_2E1EbZiaty)roh!0q+|?g_OQ#{d35&Stn?JIPkEZs|2&>o z?1!a-w>=v2iiV)EYenFC@Bgk3XTbAdE2t5AF*66@+zZ%NlsBlZ=(DNx664KwC_A*-ucx<9yFIU$c9x_9E8DrdKB#sB67~a zjzhO_7~%61WgE9kn+e8Ss(0K}|LrB|p{VBgx>YJB<#WE=sn=a|CoYD%=j&=WK7^`> zMx=YWZ7+V-LDjqUPBu*sN7(=UR7Ttz8glP5xu*=I&Mnk(qpKd~w(s?jZhfK~TDnLu zKha^h(#VH9IJoTHclYNJP6(5Qi53?dont~Pi^1_GalWKF1{>e&qbty?r5Y*8!C;v9 zMpWWP=W~h>`V;{ci(&YIjsMhzGWB2&<`!G`ciZ&?@*uR`!S9geN83mKq#g#W(W|n1 zc@ad*NFUkNBlN}h#HV@@1@tOe_GWFi(@VuOlZX;+7PVi{%jt157A)C^RU2{B&4KBF zt%xsMd}Bp|5#~Fcam6&rRngJ$`|qK^-r(gRxx?J_uhC-ghF4mKrn}nxR+s?<#X5t8 z?6M;}SWGyyPO|7Wh zY7#5&haY|{lDzQIJz_oeV#4%u;oHwKi4J{MA??$7?cTNn?wu*c2s<}X(WiA@clw66 zUrs<>De(hZ{`pXmb!gJEkst({OE*e#YyLT1+^FY5pQ9<0&--_r)Lv~b&pP|CHh4xg zs|L?ZQB<{X9Y@Fz`W;hms9KyP1LS}3N}$cQLxezyGW1(^xQxmlTViET?k2>l`}~EI zukPoV>&=%Untf1!?5JFq(x4o%>2B=jXHHjO{j1?Llj{IElzUN-g6ntK4Vb~!jBbrg zM21#Y>;0d90js-UcI#Sj4WcRcFkZ*XswxICc9v!^(en5DByX09a)%J?5KwI_iNaQ3 zH-XikhEo0EY4FO=R#)CTXKlHo1@oChVBYMHeIm~vi#NlKZKY9NbTCU;`!w^qxj2Vl zO`jZdUucV6o6&7>|x-3^GmTYT)8Lg3%bN4pB5GlIoV+J>0h-PE@X{M+x7pg0lk*UnE+HkV(Js^;bTq%v!&7DLN1-6?&;iXw`q zH1T7tLHd+m6O}q$-{vR`63i=|n4EbvdMO;}TKgu$eo9h^Z}=HYOtze~tkmiLdpF}# zGhz5c3!~NBfsAny&zU_v*rE;_1o@oDR$>a4gH1a9KL+Me%pY3S0~4FG@#V1L3w` z$Yc93gBXOnR_)jJV(AL#&XmW!RU-SQJem=J;HniYwvn-cH-{ z%vIVeA9IK0^d9YwVgcoG@smP=^qONAnZc)jJIDx%voa{?;+Xj=@q{$Jj_gGj)O7Mj zov5g-QlSpwe1Yv=hi`FBsal+ilzAA$k=xRgg4B=w2g1-PgP3j)guD3P zYZ#V)N<;qly%~wRQInOEaJOyD1JcWwaBaTH*uCt-be9iK3Nh$a^NhM5Nuj!HIf0Ga z7DDOqe2IC)RxQQObZbIZ7L%g2Z8qZiJEa$SywcNnBV$Y{H9_3jEepP+Y*;0*VmY4L zyDvDd^|x1RBcNBRweu~EVeQuk!LK;@YIdSuQFEIdg>wmS`Ah>Fdfg)>sNwP)3b6CB z47x55AE)Xsy(wc3n`j0GLCT-^GjR2+#Ic(sZsnIbE2o98-l z{d<3dFwIS42ddn%umA7cYT_TD#NVsK{lDKm|Nng=ye4ZY>j_==#Q@pK+7kf(GS_>H zKt-vy({l3c*p2S;wYTxc?X%h0)|~tGZgT~5YjDbqz}G9a`}R&f-A!f(YKh}}abmMz{ufK_l$6we_V!Ie(+7g82QFtF*K!#~R$bbgPfg2_ktq+hl22d2G{Q z-32#ltD8P`^D|jgnLap=+NLI5wI{nexw2&zG^1BE?C_?q-<`%qLel2fUgW0+50U&C zO73s33N?G@Y-J*`hlJgWda};=ZT55e8CSk1Z>|8lz;Z*<+0w!cI9ZK7;1g<@zzWRC zQ*&J}hW($9PaE819RM3PDSG8jc%nnq7YN_xg>Vn#rd4E^FZ6O~LZ+_7mmK|mW&tqe zB~gD&`MAtT+q)QtmKKnoD16L~Y)VBTU9_vAANzM^5x4g_MWNV|4R=+%wBqLOjWtIV zCS_amq;O!SWxt;rI~Xp-;zq3u3H&iNcfGoMXHTQfEoo&EfPMJ=6&N;$Nl#R7^i3xu z#;3Esx%q8yrti)m#!>r^**YcXWo{Wh_;=WbQ(lRnvPMSbH-Ag+3|N`lqmXnL#XggP z1oS4VrJ(-Fh-8;3U&j;@>KDJYN4O%Rsc_ znKW{L^KEaxZCQ9;F8VyTJcfT~?{^o;?4Xe-eb;EKcLSLhz_x1Hdo&ObqOa3Id^S^9 zEZUf>-9&mgW3$rqH2^q%&mP73IGJf3^;0>Z#wIHGl6|j!uhpvShIXM-SzKD$Fm8Q46 z5J{jwCh@MKR@ve)M&wIH_IAD)&(Dy?-t_{{p>9nlLnkK!X1KR8?Yc0BD068sl^26K zU8<0Sbh@8ux|NhUKWbhOBubOiZO|tW)AMi%l^!Ux25(1H_iWAVw!OS?W)=2i({BNh zau5xVpR#sC~n);*c)-)vFXgaH@Mn99FM!=*p z2we!25j6cqbY7I|uIcN5$9>a#L&=Yz`R(u`5hiHUSRI4~mreL9W^(S>KMGIottyFc@&X})EO|6{_kswB^jIYGs-*l{74TNqqEIzBPm&?5hqWsq{wPA1y3 z)?G^}ZX=aai|%^IkK;DqxN!h@bi$?b7Q{m|FhZ_$(~A=DD%cP;N~*%Z4O^bxj}hTgVhYahaG)jH_8HS23!V7qd5B0 z)Wo}{u}laH?`72@4AV>I!f<-lHL#1z>|Z*ku5A{iNM4F~Okboi~`3*xOJlGv_B0=Nb(cNPWJ)7I`8p|cI4sRFGX zRnN?DJu(p&Bw%(Qh_JAozZc1!*vgpRnsGGA`h+|8>a1Yw2iowiNv1vRm941!Cjw6y zzzVD|?Fx@LHB!iO!EBeLzO_OlhZeeCi%pqS*gS2liOC?ypD7gi)%jK7a?3mVxWr2E zli`qt-=drB^BHv=ruo!J#oL=Q!=w zqwW7LD5!v85L&OBKd8@fhh;~;0tOzyS=;~g9!&l8d z#eV+JRg%Viry@|#j95IR;e^Hb*;ytNjm`Px5URPm=2?TBxixb#XXiF)SI{p9mrhg3 z$qS^D>e}ZX2Y}bcrA0%ph$w5^A@y?hkFRW=laZ92-H+Xyx!F&4Csm#GfvaL+Cf}w~ zEVead``tOF2IOgNQ~fi_R;M$@fzMzZv1!-hUY|~2VP;8eoj*RRLAsd7X`tCf9lbQA zWqq?{j8DPx4x(@yT1wMGMq}|&*KRK2^g4MI=fk@_5$^w0+I7Y?v3zY56${0NbkPga z1S}vOLhl_cNE4|7(t995Q91#nC^ZTq9V7@Lv?wUON{OKa=_NquEroXx_1^#Icfaj! z@|&5RnKS2k&NFjFN1nsmzeEdkx9Bj9flhVrf4q8I^q8JI=T)r-EeR_p3RdE-7BA+q zc~8_nIhkOMVP>}V32wS-DH^jS#;N>KCiO-CS5FWZM-4scrortiQO^u2rn#K5r!!ZS zLY2?ir+s}frR?w?T$-_RQ`oko*1q9LMy_iAj#(bNXAupec$K79(z?XD>1y;)!qpvL zpo?;VgJO2xm1&k2XQ82*rTI&IA|gLF#)d05Bj@>?)Mzw}CI)DV0pnOt__dz9;kc92 zr8UCP!zVKMZtaj&-?lv!UET=kYFv8JKFww~22AbYTZy7ib*b}t9+M~1mlTmV3ZByWxXqy&8US8LM6&9UxRhs8R=f8hhwuln*ZRqS`Z<-M!i%y7otI zmSoO1s^1?`=Z~o~(Y~~4_fpHetlc_i0z13(+50T*g*!~l2Bvb=J_E^IpW-)VQ41OO zEwN5EthI}K9>5H}@pNQ8f!@g(>bdj=Joxs06LF8VidazL)J)(57#P=f%VBOA3oL&< z^m%jEbWPpOC7hDl+Df!qr&Hsqc|us8nyRb0t5U`wm$l_W_?|qo=yp9Tc`>z)Q$J8= zv$iuCj@)n_jFAUCDfmMf*INq(u=$-?J@D8WtB&1_O6 z9#hw>g;6idb{^_-l!ziR6tn9k?gT^-(3_?HRC06M1#yyiUTWJn_3y7)+F$X z9+SPAR&mwwhP04)nzNwLa{FlM2fEMG5ueFq*jDTh z$Q^LX#cnIISIDVFItIFilPSH@wiwfuJA7lpz#8%(NZ%J!f&X_n<%pwQTJV_C(YmH; z&!(5W09%6jUWlkAkllRof&>Z$){#@lhP&KtZ|fqv5~#zPDdcLLchMd+T4X(|W6@T} z)^|I3G+vgltHA3*{Mj;;$lk(afog*n+CKb6#8w;h+UJa7o^kGdF!1~E*dZ<6iB9!l zjVBZTRS2-kSwEFCnjDgRHNBXC@El$Es6FRxq=bz7s|ymO$h&>Z+lq{?pe+f+nu~hw%SaMs zb$!aOtyKIVl~vNDNWhqiY-ZJ_Y5H&A)syZSC{?TMzYm6{U!~}bU&^qwnt5PcbOAbZ z5FY+@$+P7c?g#X_MZV;j1rYw@mdeuCYjf5h3x*$={**%XR<_N~ zZ0>91!*>4!iJdMdZoi&NAnG-_gC*90|2xaSk$B77J_mPekZWAw%` z?(t49tH+{7#n&RVzdtxe#dLo^E_yQny54Pr|538QI%;<4F9ZuGX)cLn>bY-1#in-` zVrP5;tW++kb#$`AY+QEYi%?*D6?-#5*hWh$Ft$2eHM)vHS}!S9{x@Z>T3ev@MyeA4 z2nVhXrBl6KlD7{v`^CvDL28^4RC?6Pf)0(d-uYt;Xpja z0~|2q^_&Ke4;%A?yPj*q$Mohme@*Tp*#%tD;<}4b+HpmynABq83TBu z*sf%hEZBS*B6THbX!rdZPO`-nJa(Pl5mL&W{wA@sp2Y2jlfn6b(a!C@S{2ABfd$EM zu#Can=Xk&heOpVMgXq>FWLMkn?bT=727FA3XX!&Bxva(8(4~xDYfdnHurVgQkogsR zk^tdI)mKX`(LUR(H6J;cMnBwiSIe|Jp$O?P<;4R`X4d-A&%0T4u}T*(w!7`})_Dds ztCC$}6^X23g&^?6a<0#0p;S_x^9MT`4gESqz5>D13NeR?@~ygj3|JhiW10oS<*o_k?m5#iWa`)<&Cx)`rjdmpJq`* z?&qY96JeKwd?lQpki!Tn)~uyw)NzzYoSw4_8RJDAOYqcLfOBkVdVxAcHQW5v8#}P4 z!*+Rn=xv<m3nRA`so&wAYI!zX|PkHE(o+G!K73)Gx>Pc5rCmCu92g z)4Fc%v;_(SJXFBEr;i@rr#gAW~goijZ_nlv|Ik^a&a#LZxg(gI6--V80L2DMo%Php& zT3RHCZG|F~Q9M36AEZ|@G;lBvgOT#Xo@R3=K{~I<-3oq6&tbYnfo4$Btk-D6$K7X{ znRV8LnrpMg3|dv@L-*bC$AYbpWg14E^_LJiK~Hh{DcThaDBP>{OgOziW$8H6%;%Wf z8)|1hOyv{-Al`YD@`jU)NK~(-NUm&2vq9*ou0#*sf9UJXjg`o+gtu8x)RQaTZ8dTE zk96>nB!*wyq^q)Aa9A|LlKE|#9;TDE&3v=bu{O)9{M@ewF#sg7F=5kBbC`N+T-m?+ zED#B?QEQ@UpqZ{jPCeXe!Lgw3QFa-#o!z%C6gs=7_u~5&!3rRFNOS21dq-9GVm-r+ zG_=ZnTzSSR;;={gKO}1xV!X@<##Gj0I?{x(ARqBfh9*9iS0O-WbbSkC-}P)eXjTM0 ziAR{-YF;z0tZUwr;}8g9cx9Esd`@!L*3@V8K*CM+c{qECgDG~l{2OO))EUNXDc2sY@JV@8hP+cltmvUz~|C~)D)K~`7H!BM* zo7kl=xOzrk7ZX*?X@qAEutc!<(ASc2j?I!(Zs(q;e*GcQPrFPFwg6n*wk37b6abM zFDI{0xDriDGNi7Kv5^QzZ&P$b3 zz?Yl6Af>>$ZJl>{%n6(`LKXPfxBC z#I7SDw-R9a3pYK_Zr1734$occY`rS=CQJ2|1Bd*r%933{ufea0i>XhWY(HUU>hiXO za#4s1ANs7zdapjEC%_$9s4=mis>W;)H_h>^MX&>5_NVsU`t`%1{(ebBI512rr>Z?F z&BUZ%l>@V5X%urVm?u4$x7Dv>NWqXLp_+N?>Z7@JJ#97R2iY+`^3LSPY#eeFzIVDw zJ)Rr6wRxD{BUFr{^>tl83IMoX(y!GviZGIt8&t&^o>WMa`5Oxw=vTys+T}*=p1B-a ze@`g6^GPk-5%9cY2fGvs2?v37>_GaxWk}N4e)3p@TsFu9ig&1YZZ)GR7+>Xvxdw1FQfa>{cj`9HSn&oxD}w?7&q$^XYVoRl#^_ zq==yQT&p2-s{t7o_rRsVZ}!T<>eoSO7rV5bu^0>g>GWH>(yV5nVLcm3LPp`aj8khH z(WN54I>Th)NAwx4v*+cZUiYUxtHMbpY~GJ`oRnU3mRH~Vu1gg>8MZh)=E83&e+MdN z8rxwbdOui9&Z(-wFt6Sam&Gc1`EhcmnBOpc?6en;&G50dnLppxrc2?vM>EZuiu+mB zD}wKH^%qBazi_aio+#?oibLZLij!@~F-dgp(+i2(1ru6-X>RuWnkRi?OS;g9=Z~STV%zRyTCkf2z zSVSWuNV?X33l8?WrUBJ@xs2UF(^ zhVRbFjg}6tow7YT^A{>qJ;JHA+whPg=MJ7k=xp>SUVh&QxRSv0n;YAQn6>jSJ&0r{mS`+vqpNzTc67e2VaQF-TVEdVk7Sxn-LFgPvPE; zNq?r)M>d)scc5?4y!VM(u_;rqv=VA=G}l%EQDiBTDbko zUUf=0JlwW#Z_J1G$NM%q=@XBWh1MW4?v?Z5_bfQ|fcd513IdKhPr;yWv%djx8L9Hv zSZ9&IF*7GoPI7oBUp`Uu%1gi*#C4PNJQNgpC)+PW=b%Nw>%87ikosr+CznHO_CTPv z{SwM+REEU^ceQ@6ojTZBMjlr~Uxn`%_uO92E``3SU z!bhK3=fX`_^l*N=o4sENZ$ZFq)`nXr^1ck|cE(Z)reGY&fYi%O>{L&r?nB5ZMbG+et83h~c9PQ|T(FAB2=${7+fdUs(cIkCpw) za#ONcr4Ep@KUY50Y60Q*-xp3GMq2pv@$=??9t6XxxcLeDfIbKJs(Na)*o?9?R%<_> z@aH|%P~muV)KQUt#Y16chy)=+yI$SMw!i4|t&wmJF8uxJYbo*f10>!N0x{XX_!J@=c$WJg3{mPM&9HPaT!%Hh+~+d%tZPI{sMqUKOcW>(GyVW z0my8&B@XK$9IC|w{l*4V(r^bY{_UG3ZvZjf+w9{1K*OrT*$sGys5nh>`-Xm1&45?s zH#CTN!=D1*e=2n>vm{0f4i+4V@1O&{y5oBTHbj(6N+9LSkY*x^IM81BhWY5IZ}FE8 z!bUdb<0J`WX5zJdB&`$J$2XPr8Zdth;rK*NBvab^atZN*o@K3Iann%GXSo3@#uY^UfJ% zzO*u}$4Wn2^S905DA8QxuxGRUA=&aYV7f3NBs+lf`kJHXL%V>{3sgWPecOSf;?{6r z#<1=~^rRTqN!? zOQ&`_Ih;-bpm58D-*1ysGmiDvx_YPz;#f~6c3;OA^J9xyUI`3|RdhY03reDsrTO-> zZEJkBi;YTDOWKSO04RP9vXLd2#g3)-@32p>ozd+MDnTE-C$xFEP%oq&OaxNC=9eDM zthjWoEPp{#j!vi@uZ^+mVrlYA2_5Y2|6!1*x($;O0N8!NU8*pJsRo$g@^oD3aRSH4jxrN6rP zqD9+a1RyO2iqC@lr}!dRM-`yI$Ph6%b@>hA36m@3M`L%`e>UW z$KQITv6&(+NvMT2L)*^yvQe@2l9U4S{Rla&$;Ny4fsjMl#Fl13(yF=E2IkG<$1fj$z1s zEi>x7DA2S@oeAB!N|rs+g$pj+McFEBjg^qH+1bfh&36W&a*j%~w86;1p}?jNc4qAY zoO9X|TKt9KPKR%r} zpwQ&4%L}By(M#WBJuIuW+L-U+SIfwuID(=Yv3~M#WZK9D;Uk4&S8~$mXkLMm>bzql zGb1iqoTlnA|9<8=pm&I?2h_n!aV@jIjfd0+E=l1){tG}YLmHnQ>#L(iJhOko;Yn2>>F9)2rY!3b19wTQiGuWi7<0V4&~tf+xCLxD)p*HMYbWr4F_xN zN7@sL9&>xc!lw$R_LFDrmX25aR`E_<;%Qe*nDakindsuYig&XH6fB=CI?@L6vfH{$db%z+)%(Ic>XY8Et9{ctlLIHCXV( z;B42UPwtxZQ&FEdMu)|33r8`|T8WET4Cuc;kgOB8DtQtsnni7;ghXGorh{pzx;W6D z@&PtY17VfI>?;dPMv|vaF*4S`Vt4*Cz!5{4lmA@1F^zXUs$mdSOC(C)e%;m5`4qWu zv=0{U^kwR!3dP@#+sP${uo?&~=+xbqsVS^r*}xIy$I^=A5jwqsg;d>gK;3KK&{=!) zldxIRErQ6nm7=8Z#DAxIdg3Apz4k*t>0Oo~|L(T^{w94 z27EvMF41q5PBQ+zsaExCR&o1qy!=0l{{P5%7hq@X9{j0hut>wdn&X~3ZPLPT4)zrt vUR`nXRqBi*hLgXy007_Pe{$-a|7V|bb_cu1m1pSrkDmV@7N+wd literal 0 HcmV?d00001 diff --git a/windows/deployment/do/images/test-scenarios/Win10/M2-Adv-BytesToPeers.PNG b/windows/deployment/do/images/test-scenarios/Win10/M2-Adv-BytesToPeers.PNG new file mode 100644 index 0000000000000000000000000000000000000000..3169fc9cda13d13a5b5091e1f9135df4f45a7598 GIT binary patch literal 78670 zcmeFZcT`hb`!0$~k&S}rRzPV=6BUpky+pQbl&+uxQWcOUH54gH6jX3;1f};NQlti? zgoF|hKO)kk1_=-lAwmcNAqgZTIScmpJLfz1k9*F&N9b;o&)IcEiM$hlgK|hvyLTFh6jomX4AKz8!$rUjKuqc2IH|_<`5k z*vgoPr#?k!_dXx+vtaNIM+gs(RKniZft1A!FCHFlshNrK?Z>XG?7n2m7liCmDe-M# zQN2u&P{eP+W&ur?93%XlA`Ue3NpzGbd>aq0a#9Wow@1nMU4EqFEf|(eKA`owA%Cp; zN$gV->l5dT5^@XTHI_F(@y^El=s1+akEy7g!?Ev~qzA7>yWH1Ti78oC+%4`egiIWF zlsm5`%-w)*AtX7k;0y5BZJAhB3ScPkxhvQw1K$n#zOuyK77^i+zQ98_Q-rzS;J;Et zxJ%fbAaCt|9=z;zMPkE-GYr<>C2<+>=oYpT_xrjHd^a)yP9p9wKAidIxol8wQVSc$ z-Ca*f5qvpEWTH5*h(rJU&dxMV6wZ<1;1a-GH#Sv-+sB=QM{XmyL!909NbVZrI4ni7Ypn4sJY`G7sK%+YMUr{Dk1laBuzR>$uAUV7*-;rvWfVjEg5Qxtu&W z9o!rEPmAtfd_dp1H0~}}ibLQoabvcFIAre7yxZ<3moZP}vf_w5$sX!(mIvh%Ke}E$z{56$=6m8yJ_&$ znSYGw{Jr<^{*}9Zs_6bjXRSQoTEORti<#;E1y5^g()nN-g|og*kVzoIV~nOfVM;+{ zSSyph5X?B;%!p`V6}pk^zcmDE+XRhAaCO=Y*apttFw!RTZ!Eg9Z1pV`vi)~IMi;)J z4Y$qOAz*h#yAfV65*{?M34c02%mUttY( zTNHeaLQr5SwH@sEZnxcWqV6tb-bR@FYiN@k`#VWqu9mZFQ)QIsWdw6;voBqs*y2d- z$?=TYpse5u^oqv7OQ0vQm+m`eB>fb)W*3x@g(r0nFg9d2#~G~d8M`Leduuex`gSmO zM`|{PT182~dqtKL4K%|aw+(P%;jGx|1yTnA8i2Lh@ce|6xo8jPFo5QRIP!vuS_l4x zW#?fdw;Nu?dD;^>v-8NvBe$1M@Y*L}+4k_zZ8ElU>Wy;4bJfG--b95^4@wYsuLphD zU4d^jivo?=j$dh_GH;0!p9cdpARlKTcfu;zfWe(N9kk3%!(0p3Y$ATACdyjdYX76*qQQj9hFtsBau%< zQY=V8T))<5&#ngL42=cB>GocbJWpPr4TOusmsHXCqNv#8XZd$Wi(+y+55N2ihL%al zOCUWu_|7CZ@jWAhH*TRrTHD;TQScdGcvjNS>SdI2swlyKg{`G$jY{QTPp~m=L>}9z zO36q9y1U9bHMQ;y-ziVPa_s912vjG~gPgT(8QeV<1NO%yLm27UPnAtarV2FRw%%+m zG5O!dxZQTpGBY(%|5?bNOW^Gqd`fp6d3SmKYuiDkwn5*HSg~MOAzOA+w>Pm4aT7Uv zLOHzi@%Ide9MFJ&<1cc#&BgrmnlG>T#w^Iqjl|+;@L6BYNt;bB=@6%z*YPs#LVaBd znSe;ZMYOu)w4ys)Z=&djX2;RDxZH4=XC;o1eq@#U*GCIiB)%5f8!oW%g+jEB7qqHm z{Aco)+DbZ(MrTT!w^+0b@gQ5}4EbM=woZ3fMQ|P*yJ^8tCr!(SsY-~JK3$)l`D#H( zYq%ou1|BNsRz_HQ{5sSR>rWURtNDgE`?mgDX^FG%%oII^_X(kOl6!~o7a~IcP7cPE z#-gPVD)M=AhQx!al5Hey!rLpk-0aoAkV?!3y5MWDu0Pn=hk<>R=IimxqsZ(N4I%uw z{W#f{o%t8i#=K9{V=GKGS6X1)VW2HkS-Y?-e^emrC%IV!L|N{+!O5>?J-RG2hOC_0 z9{1T>5R&)50Y+LFIA4$mS%Zyu_KaMOnkG5VHD8e!=C5loja%pQ!g!j9$s;b>e?a*7 zV);f{f}n8!L#!w?yLrLeq_#g7(?sqtLTqg;T+^e+akekonC==V!a$~lmdgsX%J60* zZ&F;hNAy$n3AX!WjF~C#%ta^W(-BQdZ!h00WP(3nf$4!%^&@ELz!WIH^pi01L9*TA z#6(Ti=wo;Ud$MMf?=3gXKo-%+{SIuvv`A|v8OgoSEVmNmLDBhnaKO&GFLJ?9%`hU% z+VmNl#(E#5Q#+9yKbP8@Xt5RU3;I62a}?NJhLkV0D#=9~b5^JxktD>sRsziNiGI1f zggRd4mM^H7GGu&n8`DANZoPcoC^G`0&1`HaKecp8=vsSB+6|8J&1nj^P@$k^IRYL^ ztL1_#j5JZ-IN76R45n;aXG^V{*eUw(D@0j;2sd86zB!Qn>Ca7u>%o$>zgq@<*~NkR z$tlAehc(7E)KJB*dQL`;N2BTKqSHdNq^*PR;2OUw3*O8TQ=e?W&%#}`8lw108RK?J!n^M}FIDav-xsvcT z6?TRY$#xk!H_0Fks5Fl5{3&W_m)}>$OVnD#`J)FHaP{4QqQ= zuG@U$T*On1@mIA-eBkljd#8@|De(>phN`OPCEbWCQtDcZqno(6sfwIeQ`Q)F^Ps5) z*yJXOcVHB<9y>UpBF>ooA?N-0NGoiG=wjpyW)O520@k)mJd~R&^docGR(y%?&}_?> z#!JqG@_t%hA^TKG*Tysz?U9=te;-}Jq#rlQsK;MDS}-b5p~AvY;(H;iFn!48Ibbl{ z?DjUTE#eS2|7hyc?7YmuVmqRk!-b<;g=tCWhxya5#}T`n=U|uWW)wnlVW;`q6TUM& zp3>`yPhOql=tS+`t0J)QJq<^sGz?q2`qFsz$>!WA+XTn1AT-a9+jI4e zh7f30n*TL>6s$Fqe<*?Wxe2V5$V|5=rknW ziy2^yDDi+jki4`^lC8#XU3WlJOz7Y; zswPcz6N)E3jGC$Jcu9sn@id7{R&|1ZDK2t9Qmfd7gv2rY55>AXQ6Yt$fgGTz-ki!X zEH@l>=F#%@&2fHRuaYNNlG*HCOAQ@a7*!PEKd=)q^YW@+>)>st>tCQvo}W?!OgBBw zVqf)b5#o%@l6S^*97dIHF&eMJ`jM1)i!B-&dJJ*QH+kq5d#ZAmxwp{=-dDCTP2wG} zXf&SFKqUL18t%_z=9052I>Rp?F}GPZN{+=~(Q}+^G*d0vN8?j8L z2W6xMJxqE8fzBA+1rY7D*4vzSzp023CAe-bJ3NI|9T#I7m&0dq^8=a@{6xfF@ zR<`>x)jMFu$QD%W4}qN_`5Z!fJpCZxo%>?$?udB=$CzEdq3xP(&5uo5d%^ zpTspAq8iwD$DzfpF?6TP1-w6#eW?a6SA-|VwI}4VTAY9&y+W?&D9G!BOe7fs^JRpn zTP;j#iPGu#xEuri3cJImT7i=ZLI=6G;0fRLzCD~KIuySZ`o%x=_rc|g3X`k3=cCMA zy-%)4GRt>rhyvj;D@@_3H<=QW3955aQ{09~?U?hCP}b(U_*$sV7heA~QHAg`8sCC? z)nD3N8bdxePu?`cDtN7^ALB}|OeCXVGGVxK!rf7~q26q9;!r9En(q0@fg4aN^i0#Z zdLC!ht^YN_xVf>P$QeM;T{lGI;^6cwc=R@TeI;dqXzN>~{s=wGHTwhmBWb*A^xat|nnO zuI@+lC5n_q82_vs9Is#Ha2U}ZzT&*KcwLXS0VzZ+qLs+7G!0|F4kF*g<7YbZ77+PD za7(v|mpd=F` zEv|TQiSR4aN_va%267Ku>}g^=6S~9-XrY+uBo73Y8`J0&&#Omiqw>~)>?IF!`QpS_ z%@qlC7nHSLtwoxsJ<9CdgLe>+5^p#GAD$$^TQ%bTVAe$T!_n!23xdzeAKZ)`yYV$3 zAZDa!E`7FOhR@5ko|yXtZd50cA&G#bin7_SWLQP5@%l>gpP1w!lvkPBsbo|WuKbF` zEv<;uC$wja3ly7VnGk7eYdcdV_l!Vybkl+?M3}_X%`OnR;6ZY#vyyp)$9MT)@34QV zk?C}X1~|fcNEdL#ju(55c(`i_NCvw5$g)?R+0^+NmXmKG&rhn_DtNlf=ngge^7*5m zdStg9c9_;I<6~T}@6g?EDc2I_wk@$WDkv=p(ew!w?@D6sM%pUrv1E4;5E$mdj#%PV z8cAX7rQVc!c69|I;fCoLR>elXK#sS1rS)-2Wb^fTxCr%qK;I9e7pD&f#kX!ia$7fT z;{8bc|N78{^8;HI^u#B3<O#`FZjXIMA?2e_?}5pSm#R`lE&UJSE~aY!)OIfb20OJs8+7v7 z9wAed+R1SKC$%P|B~5mX3FJtW6QAgAWTutt_ZEjs}cO`DlD>kgfgwQCs`8Cb4O-eAs5G%}sE!<&lwsf$g9>)f72*r@ukai|# zbNzVprXHJkp&}LJ*6XcHqKgM*JxGEXB`fpr$n^dzO_Tz^thSx7M=`{xyTOI=BHcy7 zVY49_Nt3hQIwbn(|9IT&7U{)Uy(kxV0rH!G>)1VuR@@p0_1=~9`i!f;^V7N_l+ zToUyx%B?`wQSZ59v(1jDd_ki993;8FKv$FRa;TXq*DEeYhJPo?&PN z7SR?$-m#!JEN(b{UvU~QTWEHZ?!j3#K1|Bw-8PSp^B;O{kvyzIVH0my3_Z8?$2q;M zqK-Sf=jiLQgGRIPl`3awc;sQ{1T<-Fo5-<9VdsKMH?8S{Su1exTG%7JgNCqbl%<*> z?hw!V&Tguw$xBt=I!bfvzWKd}=PsVcI_Z2KdOM0wO$B9~eENFmb<&OacdufxE<__6 zXL2P-17B6j`u1!4QoZ6~RK)+mt{uQG+)rKe6sqkg*NPbdkWpDq9#k!pc?bNab*{U9 zv&ZUWR=S}1Qo-_0(J!H)f~JKzTilhFElCj|ctP%hzAw&S5Aujv;dIBc;Lc^=!Pe#k zMTrBknlm$>&)ygrD4-S8sJ~Aay!ouvC?T@wh5j9nV~W}$IP#F9G5X_9bf5nmn&M0T z^?TY;bW!w?5jsnsLPqn9q_RuM0U@!OKDb#+wndMR*%RcI^A4e^mfu2?0)2?KF0C5XIpgMLDq z8pz?gZKjAnQMZzn<26Jby=m=o0@Iq2HT04qRrQV6v;o=l^mWY=xx)X}*R@+n>)! z&jE$2CVh)eGTms>ZKqqNU(_WHN(%_}{B(rY1-J3}Gc>|gUj+P%hZcMUIcqa7?$VA3 zc2&TtpiiZz3r-B`LvSI1F@KUiehhH|2@mE(PK>GOka7W>(N%6?8paLo%@NU2u`;!! zDrFPJI!nVKK6SBc1*3e|dq{0fU4K_Zwa6d)uo!C?&ISUHT(h6e0$=$m~C_^!8#x0Pr zdCKw>hR>e`#K9N9^xU9vL|^Y1dYk2}$&_TQfH4a$SLdk%QeET3l*pq;`%E`voa_R~ zl=3N8rby1xLiRjrkvn;C(n&3`{=r&7+F*i5*Gq*>zp>e2U64IeST8`wZOA3z&Yrz;E#EnyYtS*2HG~ zjFTT4Z_DDXtmJ~BR(;OFN|lF{<7vgKG!l&>fBE+ST{j#QNx@b;nVO>WqWxWl!!^;W z*3x+=S&qR*T$KEINe-;F*2ROO>z%Z8X&L3d99>cBHKm@Ln{z#0uM2d^ zp5nhP_0orit_yX}N{&zUz%&Qm@^w4Jb9JjCRTT2_nZnB#5d1Rd5NrqB%wzOH^$AEt z-&@f*y>NYSr3=$FP4jL^0hU@S`Rc(YeL(KIE}mikw8q;fEA8~(A8qQZ>pGr?EE%gFc*Da>Ji4xbPv}Wk}G_`c0=tp*DKE!z6 z_AnrA-2&@aaNf3*^iRWOuiMcISt*;cYf6#jOC#{~1F?$t*MuU2v^KYf{ehZ=rj2J9 zGDL83^J&Ig*PO2D*74Z(EsQ<(Ub$bSUDjJK{PPNWlFPdZS9_AHMB_LtP66jV=zv8E z=GRKSQ#jC(3i6mJ6pBe2M$> zz5emt9-#}Kl`<ZmXqQ>K%mAtE@``NYjew0ouQ&jBeEE!u;u@Gz$h{ zeQmd1D+p?dn|f@G<(qLRbXB`!tEd^lX$+9uH9RbsH629C7lKTMxabI*Cj&dffTN!M z0iMosbJI&^^8Jo!NuO&VYv6nyqqIP4XR)^A&DD`2)6<{K`W~sfsiBu>@lI@7rlO%O znjU8M%qx^uU}3U_cYIjsR$RXTSqqP`3Vz%_DPAD7-o#D^{G~r%f%MVUqw&YC%D%-T z>d|Xa7$DHBD$xm(oQ8!OVBV9+8Y~qDJz|;pml6!-d2}Q^h!y=qX9=dJD>ji#F7lE5 zU2-%PVi0s0Q7p%h!5YKlQjf+Gk!bRzYVTWaxB#TM{+}#m@pk}Eb`vSqtlr>S zSz_t;XcpjXs=;FBOXaB{H?P>A91Hm30IbB$uOy%l!}Y0Hp>H*CzB(}oDc3gNV!XHx z2tOzLtaTasK=iyEWCKh;!|{-O3?7N{ADDIm%4jLw1J@p-wnN}KJiXbot>t38X1VD0 zDf>r+qJH!yZG`M{X40%V+!n=$e~zXn<+PecQ2#)}zzb82Kknt{8X9@KqAU*i0nwf? z!R)S|*`U5c7^4AS&jfruWmxN&6#dq?TusdT1s9#bUZVLRT7|<>$vyp!R9J3-bLxdL zp|4}*-2H&LD))32TlIb~Uw_k9QKy11_c+{xStIq15@d$HKN3ts-@IJ=caL$ey2^W} zLFfHG|CuVf3}3f4L)qJwsb=lU=>)CIup7t%X;=*VUV}ZHew>-~QvO0tz{@gCRF49LTAlw@Jm%vf1g)O5T;VF0vs#pX<%7 z*2?P)H}Ufu95+cxRf%^EG(9QpKfQh%eBQkJX+!*i#JgM6?hYkuhD+#RfrhZH9W>Nh zW^7R`1@(dbjFQ6WnyS|TQ6CwZ;+9YqpqC|TeP5~(kxO5A&x*dzd&kcR{96W_{>_RC4FOR#zphw z^ug^r4~}^)Pq&YmJt@u=$=ivD1@Gt@@itZNM3gui9sA(vMkbNN-2O&}k2jI(ry{U{ zj0CbD0lnAB^4847Lr!dH(xie!eYK%~EurGO=ci)z(^TQX@hZ6eR+QHSLdbZkti8wQ zLUYwcCkm=^VPX<@S%T_YQ(($|#S0^8XB3_Fl1IkbvlS3@Ll z68E~BKA=A!4mDD=)${PsYg%$X{0Ff{3h&=zysUl{pgkIq2Y6)fq$mB8COQ1Sn2J`p zr2_O>wEiv!s90x}BNE8{)Zu|q8Co=SC?T&OgB=;6?_1Gn9|jb3#~Fx(EUo(W{W`YV z_Tk<{P0D`N{|WN_d5JeR$4kmi@GICH4>RUMQ$_8GRFTL#?U+x0EbiBg!A{q0OnKa9 z#!>r4)9yZhxG*#-x9}P=2reyMMVkWQLLrc#{DwTx=F7P%>K!&eWVg>h+^{!258ETv zo;80=FP~!8e2&9r#R*d;xZT>M4W(F$$RM?wHPB4~z zbpFKEgGCxpm(N3l1_)JlQYLO4kBXO#4bYPqhQ|f`1n6sm8#mw67v1qJrq zG5lNN2eQDO9JJ>ks?wz!ltbGahMxS4q{mU)!-UB~y18kIapk;ADXpM!e$5UDF=q1> z@$;ic=9iyDz@(hjFlcT0LriS=(@j|F+emL1`}VaXuTzxd{y4axswm*vTF$dlE;OZd zal*yEr}k<46X+dmYo&{w%>`b6U{5CEUBIP_BOr(wqj|t)WAetn#DMI4N#YGQ4H9+P z!wPhcKW9qT!fQ2Ll2U*^fh2r(Bow+{eRR8HHc!P6t}hTgi@+#z`=zum=$TU6yE@#ez7_*_^IJUkX_jqXRran;J|T9 z+EB0FydHY=)!saJk{HXWqUFfc8wLE;voW9t0WmzGBjuf{5;u||tIIRY-h88MT&BE4 zoC4X(1sM(faQP>=xxH4EutjmeS}7}Q05$Pi7b_XH_EUShk|Qoae=Z0lduWJvr%tEi+p&olu;THLZ7q?_&dT*?d??9c()S>k%XGR>i{OPu;xU}17 zx>3{3oV*w@CAkqL*<9WB_EGqK(1SG$egKbamZu2{WlUu^w#G3;K>4iv<wVVZ99HX0<1+#llO)R^llBW3d16ylY$sZXBbb)6WfJ6O!@#c+!Phau?ul*D- z$d^s`5$P;lTxvt3!-uE!(~=HPQIe_~dJ{kmhnaI)WYcbt( zRf||a++kMdJ(${D>pPUIw>B(2NA`1l+PE5X#7V+J{1ZC-5iE~o=#ZM^LmHlT;q<1R z@aSTdZpO6Eem-%^B2~IVA>d5z#Rhp%(SH_S%(ioHqSi6HamuncJ7i=HwXTx5{&ozu zlb5g!qr#kOE4ed3T}3ar;ZB|3`w~MQ-5CQ-uzf%&Ln_|*n9&{CI=Uq<=`tx?UzuWv3btSd-+0vJow6A0m)2H9JHckWF>2# z{`xmp$Yb#zLaIGu{-5MyX%?xXfanU4Ww934e{F3B7wi~fqL}Yok<^{wG)IR0y(wwc zg?$Z`_(f#$-h$%kj0xTVO19@~+ojezNO&QmKR^$xVp@*;Lj*rzl>YC;JRD=o(*&#w zdPp!bD5uh8B@Sdo?s11p^E>OmrVs+a?m~LHueR}PZ|<+3p57HD6_oYIp4(oDxr6O8 zp#8cx@H{7U6W{XgrLJOgmA2YlsJb(074FSafSRf=o>A*vfmj*avHC_pVJ?`H$EPN=BCb| zuWj~##KHC`^+FA`u>91^+WX_Vdk5pGiHy zCSp3Hz`b8vHL$SCv;3cNX`*MJhKQvd8qYr#zeXG7qokcA*Ix9%ce-|VR1#grYtgzs z0a!jV3qvk%biVgcb$PaVM_KyJ{*<^E{H-AOD>777l#WXFL)WYki|^Iq0{2-PG=+K%2*fYM?N)h`Ih*$`hpMtq^L9*TkM*i$m%? zO)BNH>q{)v=D1@s12WVIB-iM0AtUbAc#uM5C*psEU2h+=;7Yu}{TWX;mtRHxPWO;a z9z`(ow;Xpr`&wU{X|AtK8SM=05e);oSIi`QW?JPe)5pBDe)>NiVv_#FL|2-yFr{xG z<@(fCynv>SwI&>q=eCq8IuiwD#%PO4s_0;WkgfIJZ9rz3Xwgq|vNp>pVvJo|V$5rL zR*LMoSs8%3#5GSODenV?+BCt+lCGusstYfSE0&rJ`r=nfyxuRK7T)%av9%+lV3_v& zI90J#Ck$1yEbcGLV<+(+fQ-g9M}v8Kwl&+qDbK{YGICAoIq&z|!EM~rO+Rb&@JnPJ zMAGLWw}3eH-F9~1$K74Sj6~|v6l>{DBu-auP08vn;fyUOvz)hKflkp!SLm&r{g@jY zfVcn%O&%kJceROfKbt&!uU22y(TG%{=u%#0R;LN+G+~>%Dz9XV9g1~Ql(S}x?n3n@ zvm2TXyG}umy18hJ2|wcvddQZA9xrZKZ9UbOCOW_&i|FE@Qdm9>XYZC*K7oZPkWWB5 z|9kp=`?Z7RUZ$iUIk3Hv5eJy-;wzV({(H=q$mX6hs+-1Eg|B&({7G><#zQDJq^e5{ zZ&4lQ0_E2=kALa|V50lq9sJCX{$rRq?()tgU-yE4?nwEm3lIqPyQc{)hQ({5QI5l0 zvNG*=VPJHBOlFoCot+<9i|LXC;e&Mj`<_MVOladHJ@Cn?WGTRotFjX6XWK`^FZ}Fi zHuN~K@m6K3!3K1W6TlYF4zk1Al&xqz42X%V!3lpAw{Qi}fl+~5>(!n9Y5lyUpG%cJ z%O}Jvma-KfyVK4DSDS~&FAW1|(eYkcYxAou!k8qcNNumTp+IBe`!*@FcIrBI}NM>WWRm{X# z$lvr!f*-PYsjQdJVL9pnPcF71SPK_T`B`Rbk6iU;2mOX#cnHkqEuFm4*MY0csDEah z?}Qsfqlxhfy@~Yc!hDe)Qhn(rYpm@=<0kQ=?n5)ei={7@%uIOqLtm$~kv*vR=%?G^ zF-%8zej`gIR_I*p`6f5c(%BATD>1Wb1s+LNMF>wnI$3@Cg747Rz}`gpMEn?%o4hp% z_x;*n;T}fto7#w7#g4LhecdlX@iA;C_WVX=P%1W~iL~4Cf>E7U9@m$&I2(C{-+24V zWusWz3k4_2QVT2&(%BIGox3L4`VVFlmwuGuTf?kZ;c3OWU}1Au%N&2ZK%$$Rdq-*TVryzARCi>0 zvTBMf^9~ojQPyw#H%zH(YirBjuIo+2Jc6Qj39{#Jv#DKDR2qf|lMIwD6j4LQyGPQn z5VE${Y)H(*Ln~ccU99&}enmw1TX6Txpc0{qI%|bLO7SVI^ywL&VjIY;y&xiV-WmEc zPaEZCk2&c@s%0REm79tNR#zUcTpAz1vOl0VF^=$W2DvdHSui6Bf%pC3X$3D>EB77x z<=-2IJ(=-l9~sX+E&g}WxYPFkQXSL}(CHJo3@-aDO@uoS?*A_({9pf7gRUC(G+|qO z*v;ZD!gFT!76pJ(((C>Ks60Haf`9+llX-QqK$-%i@&MvF6AdWQCl)uEi3@Wpgp}?X z|Mw)q{8|jGK*iY)y#Ef;@0pPWNr#QU?h6=_jlVLapLLkX0PFhCe+uC`*BwqN$<=mn z4chW~{c(>@d}?P#z#mtmB6DPY@I4z$8yX;d*qmRZUvGAwsm+f=;r_k1*vU`^rQ4l$upUv~TH#)Es+OgePv)!ulp zPMqpZ{DkgJ{JD6)_1UNEfHd4F;_E$7u?;9rcNFpm#{dHpmp}W0zl(EO7#SpBygjwm zl3&_gSWJET2B7jI=p9O46x*WCQ_{qOFk0)TV`@XN^+mmrar)PS`yy;x{G-ER+vO!S7FTo+dK(oO#g_l!-s)mMH-3}=)|5Cu$x%&nFJV+mX%2wzBMESRK$Se7S zgZL9{$Or3|rJC$Bd&!&aeKfGY@M=VN4Log(6_d=-K2qD*l`Yypb3W$di_ft%-ReUb zSH5A3#NPlUiE0wT4=(w%*Y-OX7wHSLVL-JxGr49y+6DC8JM#M0SIZ|szI({MI8|K_ z8XGt2(a6?0+!No?7BrJBtSWXxT0bR*H2HI~Ksv}`A}=>4=0AChksW}@FKeCnL7q`~ zlxyUwr@bc(Ir7|#0ZjCqCAdz4Iu&^EETn7L%lK&neSh1pe3$f=SEvbJff7Th_#5&VBUoGU0$H2FiBac0f?QZ09VA9*z56I>Mr=<9gA?*=K^km=g)sfBs9isvNdM0Z*!x5+_(7SQNV6`$F z7g!W3UQ78!XEyifk@6S0*r5Uz1mdAx1|i)yxSnFVlAW6?Hl^F4M;yUs{X>#;jWsEY zyDnt)?=2o4-TU7RCEoC3AXwa!+ks~Q1)N7_p!cm~7_qT4U$7HCeq0LOG|t$c>F(#` zTNjmWl5L@SWT1vPj&|~<==cy)t7Q&(FT?UeU5H!BL+)-)$?=e$@Ii+e^W%;R3q_vb z*h}i7O<|U`xyYf4G|eEZbT`>IXfoO%eXR%UNZd!BibJU@liy?0gO*Z$D8u=DF0jeLP$ zMqte{$lI*QtGdIUSnf8IMu-qw&zU6tW#ki2(+I^?Rk3dUdOJB9o)^B9CTdk+(bH8I z^j$00gTQr)zEp-A{ZPc5);aHM!zARY>y6_*D9RE7fXT`;r~Njw>yg|PuuIL5v^uitCVs#M3RHPX*u&AD2`F9Z_o6o zDqw*;YK78CIFBol(q)jqJ>IBd=euXYOY+C*raG&(etC!DdRX3vM$25@FZBO_h95sb z0P_-cPri0LzV(XPRb$-g`%X422skV-e*3HMY>Axr6aFcG+CBumZXVV-A7Ilf{t8;4U*_TQ&QmgdRUq^8fY?UR^3I!F zfHMNA5&#NHL(}cL9m(`c^(fa;m_PKy>ueuXuzKQph|!vLNzl=FJWmm>a@{7-uUyEw3-Kn z7mtA+$>8P7q8qobJ!114|CCS6jGQW@*Dk8db+tDw6yY;H^VkboI%W0!e|ehp>Kwj{ zDtAxf_h3r_wKc8LNXK#yB(TjLQP>=`Z6FQ(KG7|`CA)urb9s9zgx~f|ieLQ7| zFIBW_YA=dRcvVIxl;56Ou**n^OtVoCyqgmLk-e_|sTGI=c>fFUf=j~S z?5LK(-3|aP6XqFyXVh#K345*cY$pK*g&5oaS5ATbhXtK;-Tp)@upm~p#FE&xy72gF$hcjkHz>kz}k zUBP!rAwjj#xklv{U(x~npzfrN*MmWHl=(zo#fr|QQN=vBG+HIJpWgKa!*^fUkb**t zho8m5g73I!d^E@yY#nIw^kjden*gP;D5KFJW3w1@rb>7?3pnD(JlkOXJJN9gGm57| zSb!LU$Ed3AQF_wPXYgQ=NE44dPZN?Hokr`HeSBs8SMZK}->Kfi+h59t$gxGJ63drp zU8TrbfJ!XuOW!h9utSjv>tQYrXYLuHFGCHZ^bKYUGnIX9zRI5p^}3J)yXb3UhAqYT zhlEWPzP|mQ95Ir)Opf%$0`u1CEw*VBO1KU*e-oqMf9+{~agRB63SfShW z-tal@%E=UJpPe%}Ey)MxQwodo{6=dnAp!$5ckytaVsGO6cDc(ZO#XVBvMut9DYJM2 znds9zzWa__^5}4=CGVjJov;?hBXP&r_QsYLhupGO z$?nvJQNGuel-k2R&jJ#z4z7nw+Tk?r=?TApLJf7wJOoqe;#;?&nU2~H`VmYos*Ri3 zh=!DGd~mY$E0XPoLAJ0p0|)5Ej#GB?a+Km7Qtpr3U!^Kc$*&d(mxc>%+SR(wG?jq` zUa{LbHMt27iXSYu8B7!w8P>`Ld{GV@`U3lV>eu~_AfyGlLl6=e*{&1mY)#uc>mAFt zcc5{Y;}NqSLk;Xbu>+sfKJa|q>G0treV>Tdeb2966PuGdEvVy(KWfbw=1Yf1MCJ)A zbiGh50;wG>bpC);3yJMn(Ju!G%1ck0A4--$p^-;Ck1o{!E;9vqIjs z8SY;nWp{jHru2d|I(nuc*4U#s*C40(@C5T@Gr#KnX{tKhx7M4uHQ0A-^#*r#x+0G_ zd->}b>S>ukHI+2}yDwz0M`X;~h2R!=wf9bHkL{@C7x8?9n@?Y9b|nF)8O(Cr2R6*O z%|JN^TzXTcuh!WP)j}QZa5WSj)G51#dbL3_r)xyV{-Mv$KH|aj2#UUhe3Lv>-wBl@ zY)q>uLy`k)f4U+@4Fbk@4N)l$OVgevtf`_mQEerG9#eBrdTwy^!17Z5yEl4eWmBVT z@OL}s@rCajiPk;eSFhhp5XZP&;+hzr>^dY$6G zX1+2Zv~rZL0k>b$>P=K(F^}WC{q#%Am>(WXdVaZN_;5z+l%m|JHE+LG3%cMfOVwJz zV6``jBWoii^Bek?L;A~EDuA(^Dts|24Sms^gqk1|%t9gWBa>yGgSye0P0fM2@9@w1 z+m25JoEVs=QW!_dma+#OVlY>^P{@%Kn(wm?a%u&nXDaO;At=Bp)qf^exA7;lAp6W7 zmAwA#xmTK}Nvt+}Gi8kfUP*{NC;W;n9dC>d{Z{nxudBwlZBg|`@8SN3&hO~`&ZiNv zMotBFNbrf;U68mKnN8DS9q-P@^=&b@&US~2nHS}W}$HwOyEOBtKZl+hb3Ko7>W zpwO2KY5dYaxrlaA)f7BCO-)D*2_95`g;~&)estlR4TE7G>Rpe&vQhXf{>kZg1Mrc9vsU@V&nbp)idx@ET_+nTL_10zjc zXvxT_UmZ07R!RlwE~7Q3?}}}?h7>5@s7}uKRvhSi(+ECbmYRd3y|59kF3`YDX`EV@ z;TUDO=lI*yH4_y{Gklv70Gn{`yu@BDeLd${=_QH!b6@qvio_eV#K+m!;8DTNC4r>} z7MK2QPieAE-ff5BLfF>|H*9@}s)PVZa@5D{W|b#+IXlXdx?97Eghp=m>%_TL{EWSH zUZboa()8dQ1S?Y7#nwEqI2{`mIFre{79XK6M{XiGP6`;;8ba`?5k|yHLm^fTVGZ<- z<`%-1P9yLAn}_WSA3p$^1XUjOhZOMCsO<1aXSCVOprA8S@S$@hQY|9(JM3<{Z~TpK z9koo*nKm_X0dL9C_cJ{cy@?*!8mm)XH#bk`jp{EjY{OJlFO50{Jy^SUrloMSfV2sD zd_{|jutSwTWfc{~D3J;@@l&xeOSO&x1w)U9reHB@y@`-MV46Cwi|rkSqJTTEef{ap z?&@Dd$pEoMMnfh%>A-W%$YW*330nn|w4iw@)_pFZ{#v<}KL;4z`D^V#d`G^dPt>rq z{s@;8>la|_cI1h~5DOfGlj17qC6L%4@LOu72Vra{OxlG|Sd;8q=Q*28ENmr%%vP*^U zG0GT0JvfI-*4&evTH|X*{cU<-4^yme%x#@ey*ws!y_~eEt2jh{vr`4A`T)XaIA25b z_K=_%VRSR{p;5L030E){03cusA1 zH3I#F;)7ycLL^_czbG3s3vN06ZlF!Q1Ca`2)j1bIv>=?w2UujA2ykg{Mh07}tROAY%JkAdUcLJ9!v%>0&Ua%3 zwr|+_tL}JB*8acLo>1s;*H`eFLNEm~(s77SCh+-dU=>E1p$F;F0~S z&cOeBHvw*R|ESDt_zrC_~*IO|C&} z6&%Jw_hWRGpEV|`vbiALcL_M%+prma2j`5QTVb*1Yp3iR)^@{xV(wvyg*!%vSvo44 z8ic|f|Dj>>&@i;eh&sSJ0X^n2W2D5|{%_2^c|6qZ+dr(bBwM9Ih_ba2LiVLxO16rk ztc6OlPGg@Tx}qyv$j)f7%OFg~GQ^eaWt*D8h?C*e4Lt@E4;Aq z4P?-~Dk;20R(-ZU(e1aH~Va2U2^+}qu`(pa??9L4t@$Wl!zF#*8 z%RD^tP-+LQwXVwS_#@7;C_=qU#|Z)~ zfmTfUY)84-FZ0!#01|S=;9G~)1H7i?gyXGL1e5n$6KMK>yUMV?@-pF63lRByGTMv| z`W_URsHUp5#BG#H7yO7cQ&Aq`h8?#?&+YVgpSJxowjrQIR_t?%2jiPt_+d>of&uHb zVIv8vC(}|;$RuwXa5ulF>c6kNxFgI1XCXNtU8^p#k641HI9Fcz^FED`*wbG{*;dw>ze$T$Xcau2URMemT|{(S1BjF27;C&uF`$utA~HjXQUlCSFAj6=h?an7}9 z+hzL}{yun#@w@iPOuChl}A5-?` zoT=)qvT!T|Z7|zfyA*GK8v!jz<>psev1d(xO~~#}8oQdY-nii8cy8y7%f zPSxa{>2qHeS$P|-dMiw-GTsa=W{vO3E|xW_f77B{*H$sce&!8}D^lcSs(zuHGj@IN z=6Y`{CnI00zW?NLUK@cO-xXAiP}SWPDF26rYI(Wk;(ya>j9#jV`JEgXbtEo2E9GIT zNg)qgBAfJAR@HDlEA}^T_o)2YrzFoxzg+YvvBZcNjDVSwUZB2>~Q3J-|*S2 zyOwn0Cr{_wg(a%JBc|B4^AEG~bB>!|T{TjgKSo0LS+0~wmZ`zeJBVl?P3ebW_wFk({`yVXegFrou>_d~h zeBS$R^f{cE#`VqcftvxqslZG~;URUsGzv?y+9B##;i_9yDZ6uDkNnPf|CYS++4CLk zX0U?o-(7EI$OTeQ?LrE~|Dm)S1K0-B)q-*e$B?k$Mf-a+6|UO-PEUvB_!;2Q_^3!`c??y)?Gz)AoPl7eF zcA{%Us^~~v^+Lb4x!Xp8r9_V?L;a$e?x1e*CGnX z<7lW~=Ol|yG$Btt$)FB=vKxIo>=6CoWJY`c_wIhyNmIdCxdV@J82pnbNQWu|=<3-O z_klwRxB8XV<{;th3_)xe@Ae)phvD@4S7*3Wm(5JFBoa7(pV((5b zV9Al=k5wd$Xi03Q)?bTdjcs_jIb~xvzJE{pu0@fT@rNy3vR`@5j6tZXqk92Cj%sY1 z1_UyYEnG8xU#dm&9_xqCkcQ;d%|6aQ@thAIZ+i~27~O`Ih ztW^&91hBu7WkB?C-Gy>oD9Ia8*tM*t5pC7u(RFbf`gV&KdQ+jF2UbcHoim!zfA5U*Hg*_}h|2^*lf zo;7YZM)Ib70Wex4wmW&N_c zR_18%&PMf!rdMc_H!wotltW-@%}sI72l@2tgG4qmgFT;w&4KpVbi&^W^b_6Z8w+{j z&(_tq4D2oTMV`tKro!KvM!rKLrNB2e?K!ck9|>GtuxR!6U)7|{Ca2R17uihhd?;!2 zD_4t|n0){i2a1#R_x_-H&m_Evte;~iR}l#cCjpmJ4Luoyj<#EVVb1=&@kzd}@{X7h zo^&aNF)j!r0Q;(Rv(8TS7A;!!_aB}*SuYPgn&4BTp|ppTXieXUD#n8?Wmr-WmdyaO!5um<(r>kXkPS*1;zMV+{%a_4WE@YAY1&#M*SknzSU zfkd(c7EGW6cYSJ>F{B(O57I!Pv+T}&LO=r)`C~=D%)B(W5%jr&ZeP}K#sh= zoOwO`wYe#q7NP$V3SN&}a_6RV3Nfx6?)8T2p;jjMGlJHx-m;gKiMRq=xB#eT$LfN$ z9I|F_`R8S}P7H9v@MTF@IL!Ww?ZWGE-(K_Q!w_mZF0%^)1sNFg#JYMaOm}YN%>bt( zVSHtKo#AEv@2>;1dK-Tou_dqIeQodQe@)~I>G9}PWBFF$cE3AFLor(&#nZKCG2T|; zB(F__(KDNyDj%1A4N87(YpTma|oHJurzm6K|Rx8i(IA0ej6S9mVQ8Kg6`vcXeSXOfT#-T-qn{omu z`#?c^(c_<;2U^4;`j}MRQsTq7OJrL^=s-lmQ3(7g zTlb7Bi0pIih+AGsYKCjv9phS$Zpnv5-hHLIt(cwBY}@=MEOX8;RON8LnTbT#11niI zRvKSKPpw?%GWAE&p1QWa3ZV!;l_z!WYe_lhok-K16JJjJy4d+Wwr59O9a%ObG|S4Z z?2Uak`dm^SGRMJO8Gp78S;fr8LeFoQ@y)NwVtc*|?{$5+q!f`X6#s_Tq0h^6W~J7< z9ZN|%a_+0))q6+8o|Tf6pQ%3A_2}Z?EBbYOc-(tbC@c2kO#KGp$LPmqeKPskNQ3Q_ z+eP*AIovb#bp>mRx-Iyo_p_^#FQ9aUfQ93q@pkA2SpM_9fG2{xM7k{#9 zCsvI;J1>|tx9@j?;}N*qUnMGQy9XUcvOEce{3Y9;O^Zo|{8OpaSEwoy*a{!p$VZUzyEt5&le#RKp@%==|a^_n-ILb!?)kmR!vr z+EkPFbag@38qT42k(*pRG6ImIyu*d~9Fq(C_{%L$!@5BRk*c2&s4a4yf@eRfdVF04 z9WghX<<$8l&KS*2MJ#4EFF7dRjT@7!$f%t~#cEm{%r1i^-Hkyk!ISn_PYSFq_2)5v zxwTcPnvuV~>-`e;Hb79UlsK}akfu3`Ww)m2*X=Zb-kd9%(ei6@)1WHn?$vQ^;Tf&- z#Nlp7j9H}1xytVT2nX?^&T0jLn7_5dYJm12QMjp!41Z7}Tw z&66dedJR)tcl@K=f!g1@asb+u!@mB)QHsLbUTef`Y9mBEQn=mT>%-9Ie_^EqYeow< zus3zSHI62Ht1)X-9a=_NlIBM}t>iB~cmk{k7kAN2Niw-el#Hn^Fj#2&H7We&*gzbn z#DY}cRPJ2-{JyK*sk~D;R^;ug_B$zSaP`1yX1DCs=;4&>+B_?0z7AcizhFkGy*65a zLZwDeN@$zA+_%|!a-`X?sZVmtG8EPM{}t7@z5X553H2UtKWw*8Gc#F4_N9;BHo0-T zBS_pVY+H_A@*dd2-3x+3l=vi7udlU=UFgG;3m>N>uH3-XtsM_+w6ov3#_@l`x6YmI z3XRfz|;SR_xv3OCtzz(20N= zR~y!&4s~MlZ0vyiVvBd@W11+>89FAIAhhyo8;Tv<`8Xda)ktwLE|v>~{$j7ZnYlZ4 z2vXL`E1#a8YQiL6P~AShkXf(Mpu7Gtl{f%GH1wHzMWAh6e7^sb6-&nv-6Z9l05)MR z|Mim?1|hM#ah@=Dl)Wi)?ti*p1>{#vMgAFwQGLv|60HPGR268smP4vQXJ#O=sXVRjX!4LvQgM=4Lm*6$L~)h*XFzmF`eE|bUNKG^uvkg zd7}nDd6mitJzLow81fUS^n89{X>O8*HQtQktZ>Mcyl zf`7ER%Z##Ge?Rgt4)x2;xCX_* zK6@5?&ljus%oDPnhQ4R;nM6K?fX4FmJ<`{ijMogo;lhdp*{Mqgal3b@tu=qjWC7nt zf;3_L>Q(&GD7Ft=tG)`*fU^|ZlX+Y(l2@xGExyiTZg0HV(5OOM7k~oS?c;;+2SmHX zSi4G8HND@{lr?z%*UCG6aLMNL2cQji2|D8$q;7K1{NURmj0CwB295^)Q~?y3BM6;| zS9@c1(A;##w0%#sH7qEr$WHV%U5=OAJ=N(1aFP6{iv)duXOG9itemEZ%cF*({pm$jl9jmOsTSO$t zp8TUD<|ya&@>U%*)zD0)A@>MwmSK41Ee#-1oj#Pk9Wl~l?jtwmK3|RK`#$2k4jfZS9WgemLDQ2eM=|nt+;h)r7B(_vjano~J+!W6V#EjeXFo3l+X5`|`7 zKYYErA|vGaWs#BT+Wnn)x(Ir+=`)hh_Q%eh>hu}GA52n|C}-mPe|Kb4mgbr(eXwoG zh3Mwt)BA>>KAnJ%R^z>*-Cl^^QMQu2aSf+|&Rj^wH3F(?W+HIy{FuBOETZ|&fmC=$ z%-6s$E7FgQF(aLnvCCQVynrENkgj*g@CFtoE#SS>u%SCLM5EE~hz98_)vnIEM3{X! zEw-n-?@n|`5?S;R*ztD#Z6ai&&e^X(SmzKnzkdy-TMY#g>3Ol z_CUsxb|7jswCTXnGxW#QKUS66OcOU^we)c)fauRLh3T4NdtO`Z%XP4QRbthz3a-r| zb=eMBgmOeISRl^4T4OCn61M-F7rTJ-8~dE!q$RX=4fFxfcg1;152QV{57=f@O9|81EsJsJ zo^m;QlCBT1cNXQ_56te>pzxN28aSU(HXwMH#7YZtNF}h(^GiqA^p)|@f2Xh5ub#95 z(F1_+hnQx&c~(z)=RU?idNIvNJl5X6g;k{N>@w+y>FpX|b;REVD@Os7O8jB=k)E>C z?7Hei&E~#lwrTi0@5Ax=TAa+mq&>}d_9gE*CB)Q~Y-j%SyIXV%oq)Lq#tSR*zL&$# ze4Ba``hH?bOZ?MEl7~)sAWd0iuX*Fydvq*7lxx`B<3g^0{zmqRR6B+vH zSnfck*s_ zGL<^%*=MYJs{&m~jdg?iBo#Fkp!)lXTL{s;kjxip!DVYXEXKQ89ci#P7itpo$BW4gZT)c^n(sz;J9BIn?W2CU(!zA&j z0W%ZXCy|N9Q+u~{ISo{U?leMq_|%e*xV%gOVXMgnZe&2Mz++k`=UHD`b2vSBTsSw1 z#M!AH;r;7xMonPX?Z}%PxU<>k4bG_^xl8$4w(fu{@Mb53&9;!$ud#fQin|wwN6{$# zF5sYQsvc+~)q5A$fM{$-FKCK1Y-aAEdhKf5 zi&jC#pLNY&5&}JTb`@SQ;q;TLQ{cu%bb0vx*b9FOQZ%oO3fAN%u4;2zrjT89;g?h% za$4ptCyE0InP&IQpSTapDo579PfSG>Q!UIJ?mvsYi%~DKzj10y85vg*mg#1U>6Pjk zEuE*6kT%Q&qs)O{X+`#feBW&lL2s24g{iB*2-U7$iTtaC{x!c2hnj0T=M}TFz<*HYitzZhHdV=@OT<_f>C<6J1`-iLi&bS*b8)g$lP!Xy`o zxuo)pwKwAS0tMFBY0eH>SehEV?C{rLM>`4#oY@x=umD#&zeTv z%jtG-6z~2!A8t?NSxVk5$32v+98G{IAy~pQ1Z_MU;GMA_TO>CmU{SBq%aV~;WnU|6ws#zOE0;p$-$R9S=gvYD=VW!VSG~@ zi0@5phZh4>n@reb4j^hJlmoqj01J`a1*K$j>JTACWv3t>Z5{Gg%Lr}zJY7$0{>1jh z&iv573L)Fzn?sz{*%`Paw1V+T z-ru0#L>}L-cm-iBJkw=ph_;{-q<$(8=5do3*(qDiIcZFMbFv^B{}isvzkT*sd?tNxMT+QKUuvs(c$J zQKlFE(rhp;;g#79u0qo&n0egiF{GX&JFNyK93X)q3Yi~A(O&+CvzlW9d&p7Qj)rjk zota|~#Uq{koaY7UmD;acMiwzt#w=@nbR4#ABHKm)&4D#ppId$|u_nZzGah_G0l2!hiLPL5o>bC^P)UIC{Dk)$gawpRIvDebDMtwhkEFL2ftd zSc4T~=PTQc2MKMHDI=@=u4QS;jd7IuS}Ql`ew*`q?z*r0wZFXc?BX}_kuuFyIB%v>$tDRQBnMpjwb>2J=%^L^Q1E!wU;XYd3W!N<^9g>^kjZ~ zhZnRR5q*jf(qm-!YnnN3`NgQBPBD%171rffP{ch8j!+FF-xR*;0Jy;}DQXXA-mBs~ zTDskB(@){1_0jD|MCOP(Vwc1Bh0blGTHfrByZgVDa)(Q3u(;fXHCN5TEP z`v>D@8LLH(`T;)-TK&LxWFcR?v=9ag10D`2ebVAjp`7IHJfFYq z%h9p@Qc)f?lR1s8@OFZhyG350X+6f&%WF-$C`tYUleZkg#%Q zd*6x(IpX(;8=gQCOXs^-_^_;^Z{$SsOC?cfua#n)_m^HajV6e81#Mo#D%_o2Z{Q#_ z>_bfEt@sf+0LGAn)Vp1{YsJ`DT4YL?PP~9v#BVOsPtcxDt{C=n+^!#O37Dpzl)xm5 z^LXtA!gxkJPwJ+uFx)7OAI2JF3oTbZXuh|9ljj!$lEj!Y+_^6=!1>fVB2rNzt z=lbOQ{iNWvjW{L8Gh>*IAWgkx$}U$}Sc65vRj_Xy`nZbw$+1BQ&)Jw9Ud^S*F_}O( zMJ>=D#a#(A8kmVLIu{Y<8yz&oXvqhxF%RMbTt`7{&ku$cXH#q7Vaud#OM&W-m+pNq z92lPGa6=mOMc02@QJ4s_&xkDwclL8=tp#djqC&upq0QWbJS~KIpy)rM7k*&G1KEL{ z-}u{j9Ke}z>)FbP4QM$a$N^+&!ofrNYBT$JffnchY|@v$xk5h&uK&DUzyhwv(|3ZZ z(_jGUdw>k-uiprzR#><+Mv48}+}fibw}6lL!&_3STapa4-2c~IMfQdNpYy&-fw@<~ znAOTxQuy=v`Q>W~7(fAwKLaG;nn;V@0sOS?8*<9OF~I2S<-ZwV(+#-a46rDO0k+iE z5C};zY-y#}12?oEIKCnI^o2=1LS(0|Wq9?i*HC^gQGV*XqE^VmT(I!aoFYV-C$xog z)ITBMXz^EtV}zaRgsQ%i>PzA6h`OrgALe~e*4E}2HxnO;c5)6DQXYXq!YiER0+LzT zYvrX{m1%ax7S7QH#MAveHw}P^$^d7VR!5Bd)U)en(lgH2d-`pG!+>~I<<=(s=`v|Q zaZC^Em^jg>AX97JuznF#@hTENjrGrga6^Jmkc!4ei0_Q<%cs(px#vrU`EK9;AF$ZGh#W zdX1$d-u6P#=#IaR(E?Btm0SAt;eTa5(gK=s+6!`n;6YJ}k5p_?nZr*O?vlv?%t41@aMlYw61e=$Eg3Kw)b+b*~) zYioQSR%!M0VA$K^_QS#khvm9kg_+P@n7%hv5{P!B|F%h#7v(O+N_RIT=Y`n+Z#iPk zA^(XZW?5r5*&1aeZSiSp3zi0a zN#a3b?Eo63{Wx@6I z;`Xbp(u+^bKPf1lo+)$~KPGUakZR%=>XmrZ0(4)iiF(TPgO1w**XCrw@UB;+%j;hw6ziXBUW!T!q$&A$tz)ymlV`_+~4c^`s=%sV|=}r z_r9fJ4lo}6ngR6q0P}(XYTR{y$?3gE4!=n6J%3d)Swm@xSy|`RITw;Ry?57&g=0L? z`w{Y|g2}6qhA)z?zb%F;?x)A@{KfmEvY9bg-t|JxDDSSfJ)ro&b%qhgeGj-t*%zB% z3O{bA#?LV4Y9^`z9|{e-GZ$1J5NRuv+K!lK2)FI_`R)wT=bt=(1M%k6m+LU|Ns`$I z@i5L;_~^OO=iLk=V9{HseTJK2a|WkQEHT)S=#s=yRUH&kbF$Fwz0A8E@FM#=gb@J2 z$BWW2HhB8lQa#N=w6_ul`}LmPWj2PWIN6-hJb^`m+coMqOhjfxh3=i?-Tud0-pE%D z%0-a4c)mZoSb7oUa2=BKPa~b9T%Yl^(Q;yooLf~_Bj9&rW7I`;mVDkmM5`3Ctik=z z-ka%~c|&Im5F*frsC&5!DTq@lw!bN7Yei=iYOM@yC~h^DBi`PE5(B07w-1>rHVXb3 zd~y(X=FXo&1JMe5<7t`ow;yT2O>?fm@UOg)I?J%C(M0}xOx0rssS!Pn>|!pJt-`u{ z@@PL-R(&%qiDR{2`qHI?m*OWzmsy7Wux0f_uohId9r-Ot*qEUe35v;k+BryrqS?uZ z>ia9-lG6p>i22N2hA&*%)b*fbw~(Tgq)`s1k~}ZSEG)KlFL~T8^FHTUe$F+ud%uVO z?I|Qy%U@SZIn_>dW6VjRfIQ8`gl^i8yzFlBB^h=8pffEQQ+ZvP(w`if-Q((XLR?)u zaBjx>nk0LQ?C0Igdz--KD^YXj&R)3#7nAnzMLjj@&^#)s1BNbMflUhNSB(Vk-PF*a zd`J3hYN(#FbPV_J=WGWil_Mj%gTsg)`nOQ#J&v#iqVEQMx~iMNcA{C$d|w6FrN@=~ zg+5AbZe}!7!Sx9djO=0^!!*u_$G0-_A5t~uQa!8=8b5`!zd&d>gxA6giyEz_pR$gqp6K){f}sBBCGo9BY1EqFwLXXg4dQE zj)?6sC%w?#IpXsyHa)RcU0_#khz|F7s=@&is`};Iodmy2Hwuo5U4|CQns2;6>v%6j zzsNjyVe;&_uA+6CS@KQ=%N^4&CT~ak0Jf)E;o|g}I@Gf@&yEKBt|jMC-89Lrx;3w< zn)@^)R201YC&zpz!5R5DWLuVbo`*T?4#UGmU*ug6QdE=kBTryMTDcUMKe#8mR?is& zK#*zGCC9$j5Ovo)4=UOW5ZT({UKvTQH?Exea<+jlyr-eYSU<=)Zi*2#Gs)aVLC~ij zzPdE)Jy&gf++YO=e8ZBY%Tc6uh}V><*_4n61{}_M_EhT9Fa>CQw+ykY5zyGJY;m}(}j6V9|2)Wa+G)JJh7sybZ5kwyvdV)DP8l3+J1U50h zeT-r`31m1gAJElzDot#+H{Xe7~(6u12v!BA{zD#Y3oi zjMJf7z7gPwXTsv_9I!8td{W4~|FzHM^Sg~US~Sc8bq-Pogt0L@FfjU* zHYGsH3aXa}aqfG0Mn|hAJ05xG$lC$+Zy3K*PZw9TD@WPa+pe=$57(*UaF6SQ7djp% zxfxp*OhqTN{*%nlzqSPci*PWn-^Rn?`yY$hZ>_ zSKSkE(S_%RXB9pIE+VbF_D)43kUtWd1TTJ2N7-&Re1QO|mJO}_i)56`_jPt>ae)t% zx<^ic9Ju(=dxzaYB{QD}Yy0zP%0Cb7X!MMnZyld|V&oEJcl(P~-6IPCo8jXomT#SX z4Q4{7PUWh4FnmNcXX5YR!t4E?7~y6|b6viwNDk_W0a3%{HDqV!qSKSBm*nk;c(7no zd3|*HTxX6*zCY}NXjdcWq?fJ&25|&>a3T_9PJ%W`WZ2nTCwEJ3>K~A>PmWC|4u7G0 zjmE>JxSzoK$9;#li1dje$CXC`k^aS7qn3A;=9bk&ui>fqI|dit$%|FmhEC%Yca5#I zf3V45tQesN!^MvcY&QLYOSt&KehQ42z|Yg=CJzozlXJ-HJ1OSOsNIe{Y{li_~a9KiU3e^TbT2FU4*yo%B#7{d9FGbZPxvgP=A1IOU&zVJjx$Kd5=C8n(mB{{fozQ4%d=0EKGs53= zPG4j$3uv{z_SssRGyr5ffpq5rW=~2ire6hHfQ}xH^|U*YLlpm(E!Mqxnj#A>z=3jx z=w#LC#~rewkB!FVo3#&R3$mf7hX8u|=(7bqjn5%FV#4woF}) zlVSVRyav`yi0~I5@2XZvGd^l+@(5S+@clFWF%bI7ysTI&Ph6F+(Ti0wXBFNA0yAy5 zhUf90YY=+wC01)AnfQPl{W{sk(%+_p-Myj&G1=s#}x zCj0f-bDuuBq&-G~E8)G;J4xJ}^%_dxR1LRsCY>gCyBSv$=)H9>VT=sHMNPpyG-_pk z+r9Y#E$D=zbxJINV8fhPei)Dj$aJeuPHKmHLt8Qjf8?I!)<(65ou4spE*6p1Z9i_X@}+?(o{{F{f4Kk%Cb#^G`X^sd;~y{lT^n8K_wJj<9kP{M^`G$Vj@||n%uzhJ3^+sA+}Zu6*j8oB$>iOkzaQ8j2%-gEZNe_J z*;Gj(Yygnnl>q3=b?%;%5{LK>mmUpq7{KeV_mDErfdM*`C3z|aD9OOQ*UR1p))WZ}AIlN7DXws^zS1!+`J2y> zU;LB5`qCR9+|VVXVkQv`i+@etzM`@!8C6W-EU(x8{$2QpoI9D2GQj0kZ`?A{bk=z> zvS!EB1~H&PA9a6o{;+)5%YnR`)kmbZMF;ai~qX0&?pZ@-zkFD{(lVW9L4Bbg3QB0GmPlQIEXxgyUP_#J0xa z9>U|jGvsf?-#QiT(`;y@oT{+*S71Pzf{gaOH}huWB*UXwBTQJDnETq9v2Bb@_aa7O zX$!16pxa0pMicMoj|V?-#bVKX1nV1^+c|(h;@|s+7b}TmHhqndTZ53ShFdOMZz3kL zCv{mWO^&KBb$Sb3>vRI+O+G-4Tj-bvDzEEnwq@pAPL%C$?76%Knt#sqGDXcLHxQl5 z9HF;%he@W2En6$yOy<5n0DtwaFY zT9cB8mB(l%2}6%s40=9DyMo9`y$uq1k%(vf!+DbcGU@bG)Zs|{10=quIZ~4C* zoec`_U2?5B>6=4pmy4guY&yiWuiv;3dXahnPz-*Co4uC$4*XX7z%LV?4kSfE9T?L$kPe@knR2IwKo_EdzYrw&Kwl)q6zOF z(kv!t2Pyp^vuli|REUidbIZkFv|?sE*71|S=+VA9<8kf30y9^(l=Ip)z#16(KnJV+|n6%gp z(-y6lzgsUG(`2)n=)D!eIcA{d5kblHV7B~0eP=LRDZN}EF|C@CJ%24F)^5*7#bRPU zBcyu-EPsD{^OvA_*AszT&1cV@5b#hejWDo7u5aFnj4zF><;$(Md*$Ux9y(%8lX$Cf zm&m=UN;9RK#KTu(J7W652r9H00oEG?wc)N{fFDFkF)V&T9sNNY;s4En_9a6%yjDyG z`YOWA*^<8PmS^T?@lQBB#oNLi14IH2e%!^(4ndfSjK8U64mzK?Phl)mzNs{9FR(2j zYz)l9&qOT|m)*AC_tFUfvt%EB{gk`NqE4-7CAGCio0`monnyjAmDxo-5biv}BMcX} z4p4F^LZ2h@^=kDd_bS*cgo563M(KOccS(M;Y;{qXBU>>RlEr^9m9vcy5%R&;d0|PM z+a)>A_ga%)8eqcEs1{WpA}1Zi!Er}so)lfQKM9%2+TUq+JqRlG%bV9OVQOdI>!+6x zQ^5E28qL?I)jMENJ2_cpBic9VdMAwC@E8X>%I5iy0=!Sp^Z z#kW#_vlItUh4U~7OHq)tf1s8^U48~yI=StOfMd#7iJTW!1l$^I&#_|S7(z08;7-a@ zE1NeNnBkr6@D2y)D1;_|15^_RT6Ta-4(&6WMDPc2gYb;rHT#SGFmmYURzUV%xiNOX z9)hV#&@aJw|B-z8tOPr=%R`R24R(Jf4S(mK{>&-)|KIdyq`(#e! z3Yjx>TxXC$!_ee7nOQr@u_{{LM3S1#9V4u{c#k!)2V=%jrLJx=*@m#!aZ1*-SIz~Q zfhAi0_gQ(b%`0m4iUT&vf1r81-m}!pZHuS1u3@qY-5QUf4HSsLSY#<=$N_0xV~|77 z0z^+X={fyhRkyL3Nmw=D(s2&>yFcuc;~Yen)|H4{LR<6^@j_9uZI|Tp^d035DCLUQ zgj}0I+F!rmS(ZxKsb7KPShe@S!a8{5m#f)4vvjC1=YAN^nC)Gj{T$}3V=8&>SmIpu1?$@^c>XBexK0kvhhMA>FA3Jy=dHxoK<=_Y zD!7#i0N2(XmJ3G3@)e)?ID0;F)w@>6a>F9)@E5;#4x)EmpCc5j1FcI%lhT>_8?S0l zT?73Udw;aPSZLfe;^vV4G_nZyc@OBXBn3Nm4r=Zs)CZnk8k=4!u}X6@S=0&m`rUYPKkZ1d1tQCR3olKnL@a)6TfARe`=I)U~U=;}hRcoE;PYrbpx zG2G{YBHNu_IrRnK4@5@ax_yRp#f0~JCd+}Kf;3!iI#(h*cUSG~?A#`?Bev`tnWd_==e%3iKeJ_tZ{R zkJL?ajJ;L5Bw5B6iyq1`o1|Er^3@Mf3iwgavAU`e%^M3GZOjP50xMrV@7!jon4wP; z*LeaRn1xsAnbd0zSzuL=P7)M#{kBfoob>}bD#PArclqE?O9OL4seM5lphZybNqwt1=!nQ!$90&bcJVnPy^Gm^uo(Kdp83|zz>GS)MDz$H2CLq%R;Jbxns+F8Yhmi3L# zB0d1$jJDc>$SW$+8t^+aDRM1k8WE>=Mx1vIe31%zNU=-q^mM`H)AqLu&;!drR|re+ zSRh_N3DySBYDTOm$UCw4$!=MX-1+cD!G3t;0<>x74Hwd{SVM9IW zNdRQzSY9|PL}@tYicbVKDgHEp1+P=w@7Y9(M|6RMM}?^0~DbWh2*K_}W}~f4X>S z=*YDxO^$=5WZHMr7)!Vyxpy?6exQG$>2>#~q~-43=O>c))XX_%cQekxn0EG<^2Q!g zYs1)~SCg2K$JDkeuo4c}t@Pro&}^mz=Y4;p1SLb&L)~_JIsfXf|5o@t($aA>At@oP zH-j(z)GoKUB~NfyB754$cMRt|i?9KNia`&1vv{j1mAD_n`agVo!FtRnG^gzqNDJ!_ z$znHhqq4%E@Q?+o)sJCU^;0E#dF0%$m=R6~NPcu=k{{W&!do^6f`jiKUpol2f9OV# zja*%u4r;?bpl(%8U5_A|l-hxPQ;`J6h#=EEgvX^5M+F?t&zEl?o2S>lPnMjcD~hR* zgjgZwk^@7)l_j;=UAD1-@#~vn%vm+*H(mKREjdMN~ z*yW8kdODdt2uWiOr*;#qVG~ItYirogbai*+A7CDUlu}04Me1;GV>13vFEUi+LZKeO z+Pkygc|;vr*jBWv7qupRNn~*+NN%oLiZm2&B{zj@m+l$dwf5PZTD|w8h2a%?d;2VK z{c`+tbWjmN4`9SE4n*`5T*B&+{`{G>1{kK)AyjeO*--;~IhnuW`#`q>aE?cNPlLnr z&Xh!T;4Lpx=|;XJTgvG8vGNB^ncC4*pZ$7|=#vt}nsEum<8SlyT(L;!F-oICl{|T4 zIRqJfW;-&* zjZZ08OD77egRvmo3xKpY!xM8(8tHonF~v9s(1;cfor0CO8e*5zis>biv#+!?ED|^H zAcIQUaI(J*SP+_l5<)u)9LOVOx zJKc=0;uukDU4#d{mDy${YSi!L3S?ujD3`{6wIT-oV=JPhXgr=hj%F*{+G<6V9%}Fe zLubK%|Bzp**HjjieAzFJ!*+H34Sw&u)&iB?n&3cLLk`mHA96U`|M%{pZ0!AiE8H7{ zt4=^Z`#r4-Kzo5{9bH-1X1{kcldU!^r5gyH!m<2T^(KETt@#ErfnzA;-IksHralm* z(hQaWaB=??7`Vr59UUOLkp5{z$o2$<+j^lt5CMGAE`DjYL|e*-d%*^lOU6SF8z4&k zV^hR2Z);^TX!TgP(Y-b&2w)d1{sVCss}bbt(Sp7qh^5lR-bYYHgDMqmAcXID%rIII zK6qm%sTkt5CGtGjevydN=Jv*`X#w)mxfl@m7DeHSPKN$XTKLk3e*L zU5U2se}Q8pYyJc{hL!w-f5$O)O8zGtLkHzzmkj(pK2!Z=(Bc=FH%;|k%0K+PxMEuW zzO>pTq4h7UMSPTK`i#^${%`acc~yrk<^JIol+P4i^1rg z=awVDiUTs$G}{LyNJM&P9h68$^vOUe$8`Pl`B|hF)M~(kR)epO)a!q>8blcXv>I5i zn^#9^pTWa@Fv1eW@pDMg!xg(hu-#o_8vAPQU||LB=4RUxe)!FX*AdfCv^%fO>(M1M z^D9)1Z8c#AfUco(|4yx56b&d|K_%`x8x*ydwcu0lW_)JYit;m{?7R#`1-b?Q!6fkA z=5qVUkv)*ogLpBjwRIfHe>4pl=mJ=R0)`Z%)Y$crr3GnCROmgoPh)C^`nree+CG7K z)?JJc*-GUv*KC?lRjO0-O2>rDXw+)+si3GUDwU}^n-_nOfBN<=?#;l=kC2w1KpVlK z54vN&NfQw(4$|QO#Qqm$LNqq_G{_NL0_uCEeMgsI20<8kAbsys{^@iD!|-_;xgygM zV-6Yz?@(^BvCpT%NiRv~fss5Y7z)snq{-Tg?cxmzqY|Up(cebyJ6{i29|MN${}FKz zOu+RQ+A8syz>TQ$97Eu!3`t|8IE=po9EjCbU-{ys(;^?8`XArK1+YMWH%flbNXkNTJss~ zC{U17!Dv*kXds1|N#Rs6gUBVoZtU3&u*V|=?l}`e(;vY3v6yH>iX95QH}jflN_9+% zJu1eN?|R3}+3LFXSf0&7NCiYYRo4(1!o_71p>H0Thd|yz0BAVfvXEzSt)Z7^E=nzN z|FYK7t}G?L%m0CMDgd5nz&V{f5zbA;&@y-*odVq6hvZ9`MaStWjK*U)m0-=Y`*%OU z&wJD<9&I*_mWq{=De*#B35%~Zx@On9-*2!uCeB0c;w)ui3Bz@h0vBIX)`oe}8*9nk zhlME`(6Ru_7@T>p&VJIxz0CuJ(lL0}Rx<#&eSdwX4ti$bG5DD)`cW*HaTtNJBH0YEX7}E_kIo^n zFAh3DY!4c-Z-R5^AK7hNK}*VZOV>`5k!Jn)4e5tjum^55^(!=CTbZr6L%%x!=wlG% z;4h`M)d6Vuzj%B1c&6X~e_TiPlB8aR5T#NPIiI)GD;1&A0dtCkm?b&eR#Ymoa?WYW zVaZ`~p0f%ehGEP(*|27qnQb=T=Xkx|pU?aI{d{k~&-eSi-G0yiY@T~w*Y&)v$NjqQ zkHa1Icgl#Pl{KJf52So7A10^*`4fW2jeGt9uoxQ@KX7FEe@%A$ud+^{)1K?zcA=sO z!Dhe?z7_QmR-Wuy#mJ(Lk@IuY&v4rIyDMmr1|BmJ3v*xhHLQdWaary;KXN z0`Bi$YFt?e%ELbcJo)J&^P~1RUHIhOgKMqqu2hl##R0GbNI4$zHdS{v8#=0>4mfoz4wF?JmEKn){f!km@`>oKkGg% z8x6CzP$cH4DVQP)jRO{Kx2B%E+=Ye&yGryIl#1naKFjd%JjQtRjf4Qrcdi(Er*{4Be1G3?H-MW~0B)vj;3iP5@o(I872xLgL*eC=t>6D)`v1mFA$o%y z+pqNndL*sw{N)F$J@Aoj-}8zGIn4F~s3pYv!U!OnTRIs$&&_V02HfDCMiPPbqy<|8 zpeBdQ{b)K($G1>0nFL|Zf{c=uH9PEu`jHYqHAUgcce5qGUA86*tKX5DU4}N-7&m%?Gs;kP-~qx zf?A=FSbFMznY6rupEsmzawmaJ;SUn~ChYn!g+^kJ&%;Qx!Z-P{@==4_gYy{?p5! z<)-*;b?I}d9?ij$Yc$Ws=rK*H!q}nRg2$mD>qY4{4K$_|g`f3?2=KD;mjExv9|S9| z#MwP47vNExT?d9%D~!xY>ndx0_Tq_(;e=(c2}1{H{HCDHQZ4-JQNI z2^FwR?neQHMw+zz+MBj?~4F87sliw&B%f>B0``FLAf}0M}~lx zj}<#ymdL9y(qqK4;kDXl9eUD%M3rmm&KDk+ zt@{+zJUh45<*3|A0KM`233NDXY^Wd1SVn=j8G5;|e) z1G`?uO!szjl=Z%&f`b4sRdNKG6Ww*d`O*8~`X_>vKOmHC;^hlKQuuGSK5-*;q7*3Z zf@Z}F9Q#1+UCV#LpVj&YE6!hvJvU%bz=-`{RnK(+ zn<;h<0=f%rv$r}7`i7;5Vhqcqi{*uo+1X{i!Lb#;X}~d*;T@kwVQ2eAI?ED3YrGl$ z-P+I8TS`{PD|-V&@RNemHz;O38$9%PH6HA#{(+%}!t1r}a6ff{{bz}+Tp$A0J6s%~J}NgyLPqH%6AvtHIc2tGA5BRC z&`t~2>{}~bn{Y(B$j?z}^Tp%L{hl%6>*8sBCt3GjUp)>`l&*lA=>`eF#rV2XX2cY_p_oden}GEtFM&xM}f1q7!Tg!uD6)MvH1c%W=w$av)JU zm2uwQB02bHWk1;oXWhnJki@S&V&+C)4>#jf}$Me>mqQKj>KLZqbiKss2(qOPvuZno!C{-@p2#5TE zdG0sEI}eVtT#gs{LU}YK=?H^{e0YF?G8PDc?EJfXkgsrm;|$Zqs)+F_bD<@c)uYg# zW3OVw(^ih2#g2wQZYP1J`%j7$)BLVfNWvbR2 zQg65VP3qIYUoLL`(coJGBYPjs1IBv6v;3K3giuzWKgl3Zk-O^oUHw5~@# z6;sg~MNA2d-(&nK!REhbyu&{^|h8NC7OF!D4GYdGGE6@R&O(CXopG2eHkf(jPn zB_iz>KnB%gwbijf_3#XDiLEnhTh_Aq(+lHrJZa$wil9lr#;{H_AToNJ7iTDSmil=) z-w4DU`-2Phc60$2RB6^&%WuCcW?WHF>?oTs%Czqww%X5+=!dgIF1&k$HiP2OXJFf|X?z#k8muuwsyxkr^DSm-&pK$Y5|5iz;c%Y#?B=16LquTg=C3_lPkQyzWw)^Z%Fx+< zHAd({2|DKrZ;d!a-Mfbdo>ondI^k&veyq8}BFal+*-xcNsce+=Hm zt8-KTFrVZN#J_92@NFCj#BX~Ks2Ax5fN6ATbo+>Z;!EO_aw7$18W;Yur>f~8kOmB> z`(>wGgfWH*1(kb$CW4!lWtx#lEhOq~w_?_q>i>dh&g zF1hd^P~`#Oa8C~%nL}YSr-@Ky_qTH{);Ygcu9V>l&gYEfEXP~*2-l8XoKPj< zhMV1YnDPy-SjLg$8NYB{XeHCOU8g22<*7 zj`wSLpL_(N?C6`;oq_@gYwMNNwu@Sgm<5H6eIE z@Ku>L@b5-|~6xq$H&{3&X09lWuxAJOa9n}3qnmGo&7W zt^LmDQ(`EtSM9VUY(8&^+#4puPJMvzAChZB1Fo_US~Qz#bS^H(?Jmfu0$aUE*tDj0 zct?7|W!k%_>9us7)Bp;Jv8dV8B5@FwcuKI-ax}IE3X0U!^=%4Iq4VUwc5RgS_r9&2 zU|_E!dO|E*!d{ls_(prj!zb%On#PqHi;sBRuYP3+mCsibb7$dM^>ig4=L zEtI?9K7Tos<>jcp({rBYXY#Vdu4CY%1A?g6gPGeVMG@J76-e*ju)|0M3jfmh@;i4x z|M@p%SRlIRh~K_SWpmg`4YV3TMY`>lX1n}+t;+a+^*H~q8%g$i4j<_Sn1;)6{e^)a zrBmnrfi1vZecA|<+$iP&^bENEPXZ$U`=OKn_MhX4l>i^H$_L8!CSukL1+G6iboY7y z=l|@XIDgEwGPP&Ym&tRxNk-{QEmXTyOH%|@R)ppct*0H6b9c&vN69*Ye%#@$Nx-4b zzh1C~w37-|IcYU3P*#|mIlVI`!oNna*BrrtfzUXH13GHu%H((qMQrQBsz;~nq~Ngm z*aYygoFa;;1tzc-=M^Axd0el?IlT7nqY9Nz=eKtHX|d{ScH^b~`R6)->J&X&Z#W`X z7|XMR!yJ4WC#2po--V5!ePk|~JlILAkptd|cb)WlQp%E`&f;IHm$VeTfyf1W6-31N zOkJH-MbK?Tg}1B|s4(RE@zpx@u3@BXtB=Mrj>wq#1)d3ik!@cEa;ow4Fzl<`OuhU?GEsFeoolS$t@JFxAkrRWwCa5z6{ zmFT(UiQZ&mgHiNBpbC=^kByrU!ppqRT(hZDI5`ayw7BwfSL%XN7k} zwjG83v1!(8uvSjDo^gvedh$uP*%DI~&=PHZ@uRM}*%-1M zHTjj&BX@CCL4RtdwoWK(DJZXuf3*2ZieB zP=$iqFm8Mz1~84qsJ#0IhaV?yr&m2*^Z{ff?nBIrR9E}Ov?aEEH)|_3Zn#>3Kt5An zSLS|?j7CNR@geo*OxXLiFXb`y7i#&Cz$=-BaxJmqz(OdM^>M6q`P{90357pzl>_J! z@^y6qHKTg+$~-P>(r-3(DD0mJ3q*~7V1+dQ*46+5K%5|*VUKAqCiZRdnCJJ-AYN_$ z^~`vhjrcBngu7|s{mZ9~J(ICpe_~c&)y=JG&ka|ZC*;nC+(tVNMTPsPh51I~F<@1% zlql<9Z)}jWh`^=@^2^LkwswrLF`EW+8vxr<;i4K?Vogg1J(w=x3 zc`sC(LIhHHomv+r7?C?$hV}e+Z!q5Eb^Bxzgcr4;kMPYs?l0)zbpHMJ%@Zd7oNN)``w?= za;0`g9@}`EK-mBwz_q_l9V0^G8*ca0*v^Hq-tOFOxsx`t`3t7}BjobCD!UM!(9RXv zMFMno?{+|9!0rQ96|@_$N9{mx?!uEB2Fv#um%o<%>lZ}?iTEgKOhA%Oz$zu&h1W1B z*OBKRUGMku_0f-`+mV*x%~m~5$SPEhw+~oh)6^B5-N>tUz=*@s3Lq+b(tqd8Fy?@= zO8?k!>?VMvIrIzQg4X~I-58)`xTlv)sViO=)Fl@(N%1(jF=unuwXxJ(HuXDyW=_&DxQNIhRay>e2R*>29E!2qz+{>z%3K*|r$(I6B+#z*s z8|EIUlsf4j6eh?gc#L0H2qrP9PB*}3Yh1g^MMvG*0OcDb)lVH-dt*=VoR+zs{Wy## zd>_Blzk-$mHz)AnyuoH;R`uPja+W%U>v}0db;SZfWq0uIRMCb}ImbyKL{~X_X*yAg zu)R7-^FSVlnv z?ZYYy6pX9JA4o*~@r1~c-pd4}V{Tpme3tGqH8+^mb5O=b*(kFuKK2>ED-o+9Wd+9{ zNFb=fDUq|cdebFCcl&XJDy2%9f}rjNzf*fgVOG2$Ai%_a;MQWrM>QX{5+VC%Lxk?```f7$pO_vDUkTI^X~+WbO~o#70Y2Wh@NlcZZdW3`>o zQp!-`RILqF`ck!Raz4@Rd8JL-lNt7I6Tl+m+Z99Ao##SDT6-q~*MnSuWV5-}7gaxi zwoiH^8q;XOYR{oW4e6bYOi0vs{RGQ!3mzjmAt_WH6ZEes-`P&Srl;?I&#BCFUG`V5{h zG{ZxpF%bql$&QW@MjW|5NbToXW9hV8tsn?na9ur;0(?fETUeUsNNszOD8Im^PR=YR zZdL2kURg1$H8h82$cXLq2d6u9!d*27;00q*E0=jr?aW5Hzb`A`Q09Ve;98&o@4ehc zJl1M(v8bxa4|FO>_*tZbTx=BL!w@D|x(3X`2oK2D9MVIPvaa_aNVX8p1 z2e{@9zH8S=E>N_#zFUMDub=~iID?VmK0?8L+ZSiXb44AjqptF@oLH8>g_TX5;(l<& zgpB#h^XTxDB!BWm`C zr_WJfcInRSL6qMpKNcrPMbGbSEY@t8CDedarjn6L;5M_(Ke~frG>egEy1YK2Y|C?b zacH69tOXASRegs2az9P+)zOjjz2Kh+LJTrY-(mF+(vyzJva(dxUY=70qP7s9Kno;Pun#)JJRkh*^rpf+ zXYJd!K!(D~@e{GNxcovsVcry^Mds{^>xj8$K>>?mZ5*Z1g|?VINyB@8mn#D>RiHX5 zw)-~`QYcm@Jf?V$xuDVZ`Wp1};nv&lLN*=<3~zs}q_}YY#Vs*GX9wZx2K-*Hy)v&C zU)86bLADJcKh*4bT(%Vocd#Nc_z<}aQIDUC_n%b6m@}{SJVOhchQG?u9Mrnno>S%# zmsko}6@4|tj$I>ob}w`$pf~*yln|bq=uTCg5l-RwRm-iEN*9V1-XpwsW!uTyD9gNOEH?&qG>)q3Ygug|`qXK4&-u+xx398-vLb~h`@oI-00s5`!3ZX>djWr#~Xj# zohy<&9Qwd)r^7R+`x69?X-3tJxw;Ift+!*#Z)UPNQ%`qC!L|m7sq382FXyL~))2=k zx!Kn|EZ#4>ZcmFIgq7aps_i+0!uApn zdAvNDI5WhI%KpG-e8=>5zcXXB*AN1!&Q|luIYxmsdE2`J_ z+=}0pZX%)Zm&|Vm!j{}7O{<_oWc5G8$}h-n8VXyL-jc~w+xGpn@wC6ebYr`we0rX; zZ_zBj>-+OMACzACq1#Y0a+w9NAy#rj+12tn|9H~`UOO*;<5a||QmxEq16LI~l( z=MoA}w`xv7_R!@#-rV5xj-W?7H(Mq&?f4ve3fwu#h(iX0k56$JnzH+3!HI69in#ZC zO6}iz^{HFkXKBc5z{fW4*Zz64u4QBsor&L!t}HD!PWoX-j9yp7_^fX73A8 zHhGabr0;(hyoZc{=A))@pcRMVpYOFDmWz~cuvnfOL$G?N_}u{o#4Fpb0~;R*33(|> zM~W-|9f|kbU{&rX3LJ;bEinLk?g9mAMcU92ER3mb(qY z87f0){8VIaA%|1fu~OK_F=Q=iPS{Rqz0HpuErC%eOwAVcMkh1`wsHxMS|c#PL<|AT z@P{xl4*>%Z_}>t+RPwEFV`pYq@>aQ)A^F{B>+3=3-kF*V#YFU|g{rd2N5pj`_a*N! zdtAR2?`9OL45y8u+}6xru-(c!$0SL{JWhzeu?mZ3Bc#lv-68PV3pCk3!uB^Pzi?`azGLeCMTFhR$Vs zQ5n{x@x8PJ0^-A^9;4w1eJJ4O7;7yHFO=}~)T1BcG`4Usxmo#UkM-?!B@6KVY@x>D zGxFeWt$sz@FIu)NUYA%i_sGVZMC=|^sgzuh0U4!)z<0I4c7UE+T6iv5T17OyI9Xs@ zcl}Hm76ckO3$$V!0K=^jo=5BV>~UzvVzWh6y1g$~-A_B$^~ela@((gzi4s4j5)tz=bgK>srOUG)< zU?pRMVa9LJyEHUj7M6=D^J-UvL-$awRUg9X4#*LYorIjs$j?$LZ`?L?y3>rG@#sH; z<0WMKGsE^Lqh_Vd#HB6m&QD{A>5NU+J*pGA(;s{M4on26?9o_ZsCuyvc!FTT}QMn}#YFYNN`J(5hFly|vLMfK!HSpYK}8RU zeL--UjcQ-CY&f;69pY=g0hD@bj9g}#V4DwI;1nsyCa!+~7)Nq%h#Bazg&Ie<$3zl%4 z%Rh!=4!i4IiR3jbs^9xxcYfnRffd-wv8N?(?6b!M-q3(s zmf|k>zHHjzIr#08^a=ogUD!T8Lv4-{^kIxue`61+$NPP4Gx%BUu>l(Owp~=E9b~N( zv1hqN(&zP;5APB7!@4RwqrDrQ1KtxascFY)YtrQ2Nb&ySomSGjdRv6|#uq>1WD!@c z8@roT$F~hnes9|0^SQk45%}ut?=4*hOW{T6rWdCZz^7{YThB_kdA)?HeO*U zUe)C3*@Ub_@bhH3$){(hZln{Jto86T9%JSLKjVI!iQQebFV@->_4T43Tqre%EGv8* z0+5u)cV(h>ZJJ^%%rR%|%;v8zXS-^Y3FhJk;LRPf6nj`Wt)=KuZvvs5Gngf+8U1I# zldl6=nk6pC6Hi5AkZXw{2E1$0wFh+8R*j58FX@5T0nBkK zxqT!22{;NG0x0UF=6w4<+U{H|dfH_A33ttcE{Db>Vp<5$gvJ10Ush-^n!3b0pzy^r z7DeeRt7KCamVOq#D@FpCB2-W87@3@zU@{C*`hms$A(lQ#T!|>&#nRM zVM>2^xIT?#4lLIq1t}H)yu^ydzTFVo~F4 zo1)VQKA`e(pG+wSID_J>!pH>BX;ji$)|#Gb{hKqqA>sN?_9Z8~&36i5TcQ9f0PM2B z@g6p%HkhDFBH@Lf{c*m`g7Y^V55rLv5t|qi^G2687GEtY9CL^N1slBOQH=JnS+tQ8 zaRRsNNc>V{wz-gw@caABTvggn`|{K+^U2%ZNr?D<`EEBwdBns}m!1(gwRhV*gLxle z2^+(-dZUvyMt4 zZ}aQCMSjzWyFcXol;^N9;*aCJs#Q#$KEAzU?%Ss6m3`TBu|;MN6!j6iQ>mNgtsN3H z2NK9PZI8A-^NmAE7odEV(1mcg1*o<<%cir;R(}3Tace|YWam_PfT@9{>%%oV=|QIp z0$wY5Cl~Jy42~)L#HRB?L)nZ;M5Oq_YBxt4qVfYS!lIRh7CvZ6A)mSp0}v1IX&N$$ z45aLKZK_-UGR{siz=))B&t8>zsxSQbXK3Q1!}4)k-xSxJ!_98W zdJz4v$h#DDI=dLB&)VL-=%3QAhOzHdg<`TxdfiIB7}UbhKF!HZ=0b40hPnXnS#k1@ zFRT08o9j{_fAJX>BpH|Fyee|q7rXehcB!<^`OVj%}l*j}sG`6GzIr?V|C7_PkY{UN?{SV`*ieOxJy7 znnv7BcIcke8Om#GZN>gD4m;F4El-*C%vNx+#1x(Q`#oq4?zWA3(CE#xTDzR=+~u*; z8|PbtM@s6!p`KkQDfnx4QIc588cW1am)wX{g~ard{(f6{XkFg6l=))fg&gkO+wj4JADsn@pQX$LC=V);*B?oILy zDh*>VXbthhMcKTil^5W_pO-Y%=od7wwq=$%EN6oWvCj=2ez}4GYKIHt@ zj$at#lZhrG!*PI+);?Z4q5`Hz9Gb!FVRbtIZ26YJnRX2^tUckXw5{f+;ZMzkrWY$? zIh;oc&{53RKQ`HQE(+&^EmdFZIme;J{$NlKMT&n>zuiY(x{l+{9pg=H7{vyQNO7G2 zq$M(av~v^MPe{=wD-gcKJ^Ha^YYT9~JhAwM$wsMSx6HN6xpubuyaUjhd3jb{7Q80< zl7V}*>GMmjc2mcQ%b&k32`k#3TMya`b;`PZ!aEHnFmSLdmq37Ps}O?2WI^TOT}q^qU6mJbJZ0^lP3o@YtdsH`h<7akx)LmNV>) z;m^2IPKy+mLsKlPbi&3Nier-*Z_Fw{+B{9q;L)qkfA1@ju#4KGz!WztQUUW99vR3w z?iy`Z3`FNl+9jW?Td@XK$j zqpq-9hvmmizc*K;v|mKdxijpv*3YS!j+;|WJ6aV(75=70d4fF#5a6PiciL;?qXxlY z5rA5kzmJnnNPy$qB-9}F&v}v?yH2Eb{a>nIWoE)6M@Qw^I1W`l>}6)O;7J?P`vNds0A|4 z1$&`Dw5|$7^oR3n5S<>Qj#Ah*N+DiQfh{O@C|FtXIi`;XL{7dWW#Me zOokpey@1o0d&pk7fEsoQUF~=gnDb*$u z!6@3h!hey`Ed;aSy3t;MLcxHaiO}&(&c`|7$3{?GYebOuukE_&WF?%AMK;@!U|Nzb z`bD~gUM(rkeZ`Ss%iqrxL#sc_kc)~$myH>WehsbQ;+d zyAsDWK&83LD35}37P_vDa@Zv z<AJ&p^1JN{MjK|i#JRdbChoM;#evB0c7KVy@yZPuMc{qlgSIJ)C&0wn>39D!@9HZz#Ysn}7o6fD8|sb^Ax`O_vqN3nA0H}W$li4w5eEu+}896DDt0T;q z)PrURUkk`J#Qx^Jk7AzuG?;g0f3hUKX#YHAL6{S2r+POiOZ?TTCHl(L1-HnaRJ;z7 zx-`4MX5(8tmCzw7CP!O{%l6|YqT^iaL-N0jFQWJxQ>IMp&0L`2c7ZQ!#=y5)c8!J?lzJ*SYT5Ja(=9FGTTouKb8hqKZn(vPJK^?&f*h?{=(Zq338z>WfE`n zGP96l}4v&t-cqY*ql)F6X~`Hep0Q6`UjgH2tPz+4J(Qt5x2mVGondhYPpp&ROj{ z+;NoZ<&(AuR#!mElZ_oBQTWd6enq8#JQvQ(Q>GFmbEz9;FG)13?fV~(oqSgvfVg@I zpVrBkFfUAZqvhDB$K10o_lP#aytOn@#wOxRvPYD~j@Ei8)5uTt6ff)lqBaM1dli@lXgd5`AF=7b8EM$_lo7 zR&F2FdDtl56_SQ2p?~w64Vv5km8kj2ie6IxBHYslD7;t3*IaQ2c|dgjV)~rpK#4W? zmN;IX;ZuHQ$bDrY{r%31Ia$B&hy0<0d$(7=O@}>k_1#y}w1q~nJq<}5Q?6gSz7O?tgW>#*; zX(I*%Cg*3ujiw9xI?#X@V)^pc=m@9tJM-n@BKHrdjR6cg2K;0>b6%@p>7A{Vb6Idp z=pdkOTPEuK9>FZutB3FQF&R2dUhJQHnZS8knW6mQsV}Ggm;s#{V)Bad9W~Z7)`J%F zUqXNDX?{OOVVuN6Kik5U%S-)W((b;|yr2z5IaqX`cEH20^n^)Ri;2uwXDBPu= zO!86EVaJ>q=nslpuJG2sFTGMcV;W9Ed(NAP3LWTY2M>Zl!l)wnkABtz-UEI00QIs<+L#H)-D`;y-I>|XiF1cLRn!qQZlCm9;{FlT+X*DN z1e+H?p*WrB(F$LCC^U%(kohjVrBcqPcKiF<`W5#oE~Qna7eDtuiRyk^%!YR>HizfZ z%3PEvGw+6+%Q)6v9@J6o9YM;j4t#zmdxgDan(9JkaI0?pnf}$pE14_8_GG*&ldEJ` zW%VLYN6!&MqMz*@1W5SkKkxFh5WRc$9u?!-yPcM}L6tAFAP_d0iv7afqV$&PzuV_n zc?-8H|6(XZcS2dGa8)Ln`Oh$q)m{7r4D6w^<;BAp7YV=!FF>yc>5e`$zt}tXy7u49 z(5NQKub`}?3{>ED==H6LtK~GJcGSD+)xi}a>6~ZDz#-ok>vO#8lV$67E!sQu{iz-3 z27{DQAy1^CpC^dHZ=_bZ&e7C@;mXjWi%9AWN{?#2FeR5H9Ngpe4jaOC_bR1Fb!I|l zOKKAFv%j7#&UFWnUGxhrp~`WKJFu2Hinjgh`pqK0A<{1XVm%S<$kRR{NqXI zn<;zlc<8jmS3EM$XTDXx3{P0rPa*GPvn6liucup3-Bb%)MT{4-4J#)PK31&54kLHtVvENJ{hmqMK5q^qVy$=IU9MDcM^@@ntF($^|7Z=i?5Cv zaXLeUzUlczSY+SY>Rk;|GvbJs2mKw zYbAiLy2GPh^DYdjs-PFzA4kWs2vnSFX4V^F{-?=>dM~V7T5~9S$F6)+oKOc zQ||KovqVcnZ*$}L_GUWt+vIp7j~5TpZ?jh zlAE12o|>(xFHSD@ACLD~E`)0#qcT^kS>@EoSl^(ukMvGD>Bc{_5^G&d*Y|-Uu zSb`de)Zcl{_vax-nbmCO=k7WUQgZ@l#Z#RUn?v9<9D=)na@-0({iw}0{Hcw22|lLJ z3*p~|U92`J^9-H|aY;vW1BjuaUGO{9l{>pHGk+ZZLW;1fvbA9WzT=tODtJ=pVP#ie zKNY3~6j_iKOr9U*{4VJ2hmbOE2s^f%FsE{?TfCJ^p>nqqNVP}x=+QiRi8-4|7oCc! zsR`ye%D|nX zEh|9@Sb70?qUa{=_*k&j{p$BD%#0F*m#)_1ogGwt50bnP@i<+_x<8~Sb{L|>`p{FW zW-;~&7+~j%2~ZT5?hgNU>EKuZS#4tW1E!?kZOP`x<(6}H7Q8?VCHelOGS*Sova+xa z`r7yVTi15xQh1i(7FJld=l!5%?8!c;Cnys>tj}6r+H%JurCWP|G*-G~l+S3r=KG<{ z@K}N2MQ-PGQb}*i7^RmDJq7C*E?<_#P&t(@pL}7-5lZdfhi_S(!j#dY9IRR@LR#Pk z#J>JE!|r0&)iV*(wn5251tt8DehkKvS%ZF{?3yOyAvg=G*NC-t1F!&}z zPM*k;;gWCe5QAEtet&GUdVL2?ec%B^A?a4OGx9jCy7|e2K9eY3CXCZJG(cZzaX9;+>1^7e3BvSA8%aDusKjSH* zI7c*V3V*o5O3Gf!l=ZaW{$w9Lmfy{mfzgC<*)S6pp%G{1n~SKuE#3QFyIj&I{m1>% zmnwCQ1vBv{a^C5;hgTnVo5|Nc^cUR~J#jq5Y#1jm2I|$G4A% zm{IbXsm0I06^ncRB!61$_@wO?PhK3=q~WR%`(!;T(yPeI9;tKMFAkmZT;zsL9kMfp zR4XQ?D`gq-I|AZRWuVTtuKP0a!U-HN=$5tT{<~L*+);PM+8s3<+bdcxm8>`EJx zai8>|$~<%*)LshjrZ}`~o$frW;re?;KjFJHR`a!Fhhjp7FKQI0qpePV(M{Fp+1}5; z6;gW<1_4gWe#%jJVmWXISdwi|8e;JoLAxJ5^Muk2ay(~e)#tqiH5~EAPE5OF94%R> z=jWNxKyOMvd`SPmw_`sK|2W*tzvoqPwT@ZV_1jj?^>?SoDTdP#vw9@Nl4vz!=ABv? zomR*zR!s?rVoJH*_jHlIlm={_S&jY7ZgOgEFDIya4A>6O3BN8+xKMhUIEK3c9E;b_ zX-{t;Y@W1x-y+mAZng~I|0z50QGX6;aQ+L2k563)tA_ zXgxD{Kkr`hP>u_OJA90CYK*uYefs=a_@{`T&XRmFTkMQ`)yUlIc z#(4&o;BPi(@Qhj@b<(j%wW&8CVX}?QrVe~~&Fd~tZ%Ygf8P6wSD4N#}S*3lVn`!sD zJ3TNEm z`5q?UwMzwLa=^6^jcT3tlq+Tj#}y;x$k;n}b`N)NDwJg@+i9$czW)*me~A_`mi2uh zO4~k;Sr6T9Kt0Mm`(fFm@c?iW#&cV&3c$!ZH5!Q!^W6>`ga!jn3T%Un^ZDvcD=*h+ z=6MDCQ*Wj>e^hV`FVEV9IK{d-9(4HUtIZbxFRRF$P364>=fC(7rq5Qz$rANw_NvmE zh=DF|A;gjOc&OD&fZjTlJbJffnEuvb3we*w${`M-It_LK2%qiy`vKyYwiZHaBz<0j zAL_i)+bUEi#uFQEli>qVNvGC6Uk4(y^w!z)zX|Z&3P9M_KV&!%h9w}@|L?wP*k4(T z1l5Lyrt^7Y$hUaH*EED-bO85PVGCu3$7C->cs`LECtHw{-P75DnJ~Gh<$OKp0|tI_ z#!57rSEDpl)OB6r7Tj^6$(hbB7s=v;9M=)ha zaOg2wRZTr;(PaBrg4nHsGsNGo%lS6Y2IsAXvXSET?J)Z&NjN@kG$N_~iKqN}PfNhq zh4W5L@il5yIAmlS)1Q+mGr1nU)rroU2@0$QsAA;e@!d5w0il~Ux9a9hqDfD@%|Nq? zFLIFenv2rVEoPvYi^(}_kR2-ZM+X3c`%v{U^vx8dpx!X=b|$;pbe}ZTQ^^yg0HrNu z4XQ^Be_+IMh$+gxMPiI4#%|11T69{b ztYw?ZmTZx+?}Th)oylNEF(xJkV~p9a51rrN@A^F+_doY_Uw_=6|19&F_r4s*@p>MA z&0kJKNgm6eE#Dhkv%lJ={|twY|2a)jm0~keR6IttJMAgZ{A8^BxLrSoGUuap+T=2Z zb3iozBz|>>r>GWCO1n}k`FiB;+oqop$a=jn-P^uY#me|+CvCeQybUR-*=w}E414Uc zxYkgoyGWq_TDPeNfMzE5;x!lFmURS1{sZG)nw43U!gk-z(xttXK0<<}6*v^DE^2C` z#Z27C!^IZEtcV2P4@^x2s%+9UJ%T)*XcuWh4oAc!=M5A!EVHyHL%)c0+w$&xSbKFA;=ITRbe-wTmPfCg ziS93l7yDdH!)6$*48~_BZxuHEtZ#bxwoFkmYo=9-5@bJ8+Gjv~a|#mcqw8e~%J$Js z>(F{J!b#^F6}(Nwh3sM3bja1h0@w@sVGBjRcf=)$=0j34ZF_M&_$ zlp0PN1j1lf)11opx;F4!0D=vPo3TweN%h8YHLsW;7K}3~`#&0xReRPA>bDRP5;?($ zwd}E}o>^yk-HT_XX}v80W2FUm_7%xacDg&2B!e%cGh}pDit2MGjnLCo@e5AHT4W|W zxModOWD%q&Dnmz_`oKpbC>?b37>4FG8zLUH>9A?OHxXsH(6V9yw{@C~%3J9;Q*#c? zAq)HRLs<7t)C_{vA21(SJB6Uz3qY~8I_bhG%kb8ytorxnrTU@6S-8HD9Vze+^bYjr zSKxaJo!}(38$@n~o~~ttWcjS+Pub^RRCCp@Cm`3K_9Ab%v<>0Jad4w?JDZ^qPuTU3 zU|^Z940gL#leg&5&?0XN!m(Vcy;D>urDkg2>Ts{=zM;}=KBn^xb@WQ7R4KSf8QoKX zc@;oGTf~fqqd2AH&BoNlcb*u@_d~2j`ka4}(^J~!(2v5xmQEy0XT{?=<5JZa*xhDMz33>u8tVl!qDT`j#`@N`eL7&yN_h z-QO4vl`p`=;_34d%5KoALHJXt^agCUIHbk|=0^y&tC0}rB6(Bb&Dm7ue?e} zW|lGjx+{2fThf4I8WAbGTb_15q4 zuivhLT3^>R^B7A|O#tKaDQNe%&OKQnl@*vvoiFHfjJK$B6{rr9@%M~rCrJ;T;6vn&ngJ5!-#0U9yH3m{QlWGYat*i{#kqLMavyb(?g=w43 zyK$WpKOq6v%u{?Ckp z-9FaVG{2};LwBrUer~ZsZAroVVrC=A4vp;u5{pj{k;T5{;;-P~6_>Pgfe!6HUF4=T z_u`-=%+G5#F93x&_9eC^<+Ua;JaU#7#Y`ymg@)8y;dMt#07r>SPeY?I#NjLNbY@|H zCpZ!U$$sU_s!Hlf)=Vl>Lp`q_y0p$44s*1{4bkJ`w>y`hsx0}5vdZAW<%E2;!^<9Wg+b+@LSJXLWS8)%e!j1u6AWlk$?#76QBR(b$dU>te1- zr9L%HDWyJ~;JQYA&kyH{^ zJZWMyUc43_1FiZ&8SGy^};Et#^P#2je({NuZ z)RlH7;>%HgCtBSLX!x>l2Tpq&Fmv4`MMVC7hn#mZY7kO5T)ed1!@692k zvYZ2p1TwGjYvvb^47-je=lVYF&7(&8+P^hT#SgFT!{0mTJRCY06h0}71c3`1Ry-b` zLKn!+M*7r{{4R{2Hwytt5yG$J8I1i@GofTYFETH)(=%Q3Ae+R$Bz$BPS=EVfDhra- z)d{|IkRj*iFdL=uo@6yISv4NmAKDwYo1qXp zSP;J`aMXKCRc~4x%5!VORAs=Zobb3mJxlR*vG=>9g0xi7QT414dGU~rm%Z**{9>0+ z)5J)kdMfCVW2n$#sLezgn0+_WBfR=7H|c88=#DZ)md0|F8xh%>{=Jh7ZC=!0$pCYO zCMMPiG!#f#Se_76J zX_*`Hd2TI9r@gioJ7TDoidE&U|w zrl}rVNmF@@+FNEw7M}4;=Xl9zVUUUeBaSaljHevaquY&zFCMGb9Kf=TrU*>zio@AF>^b#^|n zaVmb~IO@A-)u7IJLzdIUcdP$)?!O{(W}=PAy;=r(5ELITGF8lKN8jI>_hJ{>%(~=H z-~DL0Szx?2kY_=>4)J2Ow;Fyqt5?rKV8X8>V-Y87U*oUZ`wec+##&IZ%F%A;RK27s zqD!&NPZ9dAPGz#ppYG~#@Wju-`BgAO*#Y*F4398(4Ax*o38ga1CQOwkasG&11*rjC zColY}h0o_sU={r(m4M<1R=%&Y(6oh~hWkg;OIJv@^4xzLFZ`qr7Ciox<2?t8b64;T zo53n$-aR+cCR$W->&q-;F|*kiL$i-=^3k&d6)Lj^M|XvAdpUN~_m9VUPJUUrq(-+c zarcBeMk@UJ^q6SCfi5_0bXMwx?zXBQtorwH23mL|Cahy5?^$FX9Pm5c)*To-y7fQZ zO*Vi`O{smz1JJ* zxS^2bt{XBtM3Kq|?Q_L6QmLWDD(P{=|L7jFm{{7Lma zndo<>vdwKO;Rs!^X8V<0V%aN8$2&XG-1Ivue-*1eteibLGkj-J+Ro{RFe}42FjnUx zD;T143bXQ(EEXXD-Z?pNW^@c^&zNz8P#a3XH0cw(3lKU=-WgA`V?{5~x4KTsoZOgM zX;x!K9S%B_+7&i6D9ajC3F8+}Q6r=qy5|_zlvLYQOl8j>D#vEx#CL|8P)( zr;s~q8CU`Q=EQ0L+FVD21_MwHBtzoKAy8>Q)aQsO;d@u|p?d$=!k24;N8@5j)SO5)_>e${|G6{b~3G_8+_rT}JjYsx2Yow`7n%k3kS zAM3eUB^f<$t~D_~@#a2U&&bZIARna|_U8-Eg%0oajKYp|JUL4qO}ijnte|LtBZI<} z@YfcN31#M8`2(enVOYwy@wQ`CBkGFOu82LNn|Gn#d5q7LQ|fKWjJP`HEbWeLtX9ui zJF!F5@UFeuksqPS4HO_49vnJluXpR2`W!=~KTG73?#fHqa1&M%v3HgO^%+Y9_f|ot z-(OfQ?A3fYIqIhktXxg+31~L`2n1@HHqo`Na0GFZJf5u=*F_(519c^Lt7*-Su;jF= z91dBd*Vzk$rH1IqQfEA&Y~+OkzB37xFl*s+>;fZmuo72MGM7uZ+T(!%zcp3x+25@k z6hE%EV8~ymYs6A1D{-Zr;WGY|edMgIhv`r@*A6NY2T?dn?nXPeh7BWr%-e{^lb|v_ zYq#A%(>}+T>8&bpuoS`-Yi;nHbc(8hRFnLu&IHIkBdw!Vc=`;DQi#6`i8QcRDpiK$ z2kVMFbLVo(jaf5v!=m6w;2fpEk{-krBktCUD`F5Szm=1qpu8bs+5iYrS6fqX$5=1q zD^u36&UWPhrtw`tvKjQtL&fd|$)RTf72S8WXuoU**g@a%c#&33HrqsLqUk(i;cQG{ z9ZvZtebz^+$~LQMO{UFYGmNkfqI=D5RA!IrvRS=xLA|cnp_2YwHxsc4b6ONeUKXAA za1n=48QIYRZ)KdP$W8cvrH*>`5a9~p#IB0filC2%Z5>cA2(=h*T;1rJX=p^*{k~xi za*jOB34iayV-!~C7u~5GRI&ErEX^uL)5i#a%5lQ8X%WQlW#kW1-M&!@33k)-Qk2U8 z+3H z_~sEsdw--{gWETcielp}M!9UyX&Xx^z1#qsp`F%wSrI|iGLaLSOli?k)wr;Hq8JFQ zyqy0mABiQE+%91ZJuv0d1z1)l_HynrIeMi419Nyjla|)=ppWvsG9J@m@)BEh(bqKS zW;`UraGG$pP9(J>-pbf?qxtRLLcQEAX}cPWd%~Vp?wbSrg+BX}+b)U!jIc5*aQqvL z^zvsYG8kFZnR$x~gS<$I{6+PQHs&z{Z|{wXVR-MzeC5X-=Q^7V(-5 zpx9ffK@ruF#X6HVL6J%`iTzPOg4~HJy^*8PoY?Kf4t#0ftmQd_h;?Yr?B&eM+6V*? z5m-h9omXJl5Ng$&tNK%`{LO%s0^gBlRISCRcpQ{L=y)P$W-WD}HwAYLpQlv^zxrEK zGvBnXf_#Sv)BFizSN4=39ZH7Q%aY7`I+-LLbmq8S1$(qBG@1qfQr_V;UEzULsxTD1 zIYhvG-q_!N^yl`KrrCiA(g~}RMv*^xn1E;0bj;&>3hVXuyWJ&np?U^&dFC{YU&Tmb zW#iu9qoPOuwDO1G;fW}uXM#>%x-(bkcvBy1iR}Pyj(sMQva+>cn11oKPM|T_1c54F zYaZfUz1MZ7VvNF_?Q8(i(pQ4Sd@;akr1p9C5F)~Y_%xTJy1dnUXvZ+M3QP&U)2*2X zzS(ad-W89LVMqL4ULs_dI-{yE47LVN^FF`Np~n2!w4z$-g?V(J%J$1|VtxhqB$>`K&RaiV_K{%g0{NcGJIL&F3Cm6n?L0@HQL2!cz3B zYbn>9#vZPOKOZMBzbc>$jwM_&h9m@LPQMSX5B4d7v^!zB7=N!LqIs%~d-L%59C&EM zgcw}*jZ>;B;Y<-sNx)>GI!ijcR*c<;J;(!~6?RyBbk7yjQdEKWb9f~th>%6MS(^5m zBys&0>nWP~*2QR+8~iPFy27E-W`C$_w`+s>JYDen-IyvvGm4|H?7pcfteT7)_X|0yzfFzl+? zaBS7%bF$X76mHA7vz{Zr*}c!hJbk3l|Cor(zGG0Nl=~t+%E!knF%OEG_Cj8$Ko+7J zd(z*(R!yeXGc}GWjoX4|Thm3&R*l25Yu~aN&sC~kSUDeU0Lf$EN;q6`S%amN{l-S} zE@xEC=vk!`^MJ&um-KGZMCwfEGdPYM-`NmM9Q4R}T?SN@8AEqC)GaZD<9wuwbk}QW zm@7t(B%pv*uz30NCvc~<@=wGqDLn$FEboAGqvUPLjUL(~-_4l2o+!vnKV_yvlXuIR zz-bn=m6tv=i@~`U&R*7y`WQ)hS6Q-MgRYsM1EOsU6Zpgp*L(NDcQebav}efWmE)eE z4L_uJ1DQh?Mr)b3aKebaNXZ-@2ilk^7RO3XJia^+}9&l_S*EPj@&PLFDmHY zNN%wS8v)kMr*lOB#|Kdl?F1SUdBa3i4I5SlI3JX`>E#DMnk4lZ{^YD;Dpw{Ke(^0}CSQh9hW-x1T2fWqytUpZimxa?|*lq&OUQmVpSPJ0lz z&sO&oI84#)T}E*711qq{x6UI+@>9xp-B7c{c3*92RJ!JeA5QLs^Gv&b@^2OB4=PNJ=-^6w<)%;#N{;0=TIiy+~gQ&_v zn!*fdHUr({o}VRXzZW_hpU86Pok7BHgVIxm=cWUD>fJKMfGE;PcrGZDxloN9?Etd~ zvH1s-UR5$`n$*k{feTDWs$9ro{%y7mcaF>~k`1Ml$^C?;RoU;n>9ug2$v!6*(tl2w z2_X-y1A>*aWXs>$5tWRj)bv9u^!63a{Ps(TjD_ht1o$V|v`l?gND9la&%>}TZssIG ze`Ph?p0d9TVRSatOcC#ZtWhIZ${Z0@LgCKv>5Y@)q#;(bZkvbuN|43MvEO*W_I#i_ zHM1@NB_;P?E{yfNUM(XBCF(Ea&aoif*}oktt*##V{z=^vG@sTv=eHqI|Kr?PzYD1L z4IVbGq%ZRmf2ZyZkhu*U4jxwIfQ`_#XaPun+Ww+EUdO!UUj=~>;=N+b0hVlo_%~VQ zMIDM${8`{#)lYw74UcpVTtQj>huHAQ*)veZ;3+A#l$AEcBf0~+gValcOid_CfHi#=eq91%Q9>D)JhXnUcud4s?c>F2% z|AWT;&maEZ0%U}Qlzz`HvR3&`0&@XE2ko28O9gx}q~W&CJI@7?Su%^OZu_6E0RR;~ z;NXZVWgg=&`t(rw5^u#MW1N3#$NJ1}umHH*{zx&NIev9*|10T-HXt5Pk4lcI8kQwX z!W(GcOKoG3dsT_t=Ri(H#dJ?3o1I%a_ffCZZp;-DLA#574F;R)MTQ3P z0tG^JPpQ~|$Z1{yQLO|G?W|F|PCy*3QwF16tg$SblrUovxi?c(`xkgHHEXloa{xJI z;wF!Y{gjEP+jnKd9ouYdQw{5~a>G`K!pGmuXu~gm7%ipak0F)MPe6Yn2FC@BUK^5> zsXuy?N4DT4MClapK6`oPUFY*VLy{FmyBRr z$S__%nw>Dl>i11?6phw}9%MV32wO0L)aI|-J^_iVeJUHxQ&d0P6~HH61fUqnR-}GT z&{@0|`qXhWHfFSjSxp^ttJvF^orUmmiq)W{Zm(oD#X(tj-K2oN(2LqM$Ml-$GgcFS zkgwiQ)nGz_OgHcfRaN3MPR8l7G8xHRUT%87keCdb#+K5@9a*7B<$dt?uN zE@D87`%<=_V(n-vS8lROQEhDc=8znDNl)S91IV7319E-$=f{0j)G|p!mC+K?E6Y=* z_8{{Q@LB4dGnlUVNf`%_1GJAW;8pZezEI~C=JFAg#oTAp?bh)=8{=!w=J>h@-9GC0 zu6_HJ>8pB5h+3~Y`0LgdCApm$GR_z5{g(U!RZi^U9-dc`O-)u5;EbhL?Q`F* z^|e$M=-NS4<&GEN8*siSn)1qYn)Ol(mo2XYF>ftZKs4r!SC-kMjzib<_72axH87SU z&v(Oe_QH809T_S4r=4SWQjSPoR_aT_zvk8A9(-dgdQ&XYti~Zga7402dWyK1bSk*f zS=%|(C$mWp{2r7WpfCrB!M+M39o;jovDVq(uwDVu>EdhjR3fY+M#I0(7Kq;SO)JVG zFoxQJQf2W&k-cpG{_&yGzXQPC%$mwK%pjt~=?1s)w|X~U3GUl|m@o&LV%>Jr-0d>E z_3$&7SK&% z%$~L2)s8-B{5=?o$yp}9!k1H><_~?v^J<2m5=^Y?enP$@v+0)a7-hEj28g1{UV`70 zLl3Cu!9L=zNYm)7Q2S$?mBR#=vI-1l@6W(bMSC6W~8^aQh8|&n92^x*>6*0To*=+SM5H8DDoUOei%c zRiw+ADOK=lZ}KH`l@QMF8zL`$-2Z#98;AsHa!L{z+QT?^Zo9%23<5+8A^+1)?r+*R zpGT4OjcQTJXB7+LivFwJUj*CRDWbfYPG` zk?8O!f%#5@ktfIG7q-95S~u!5&&bwzZ zX(OeMycnL@xhDCzME+~2apSo%B{vP!YVyN=i%597D%)o+Ek+aU4C3iD@EoD}Uc|90 zU@8)HxDJW_5e(pa{1CMD&&|oDuG1C>5C|0=pbm1Km8-AVD%Se1CX&B$7f}O+A_iju($?gjHXOKNo zLD0Z`nm*s9iH^`(L!2ue!J<$0_*Lv}?|RdN%Is``A2SH!s_@flRTrB5iUKov{7iPx zWlt*ShNrCQQD-N4N1Ll=%-qPYye8@4Hz6P3)}7bzCzXw_>n#*2^s=XS;~#*G=B!5#DODSl>upaRmXelk$g^AW z3c4x&2pGghPcmFhW&0RA4*q@A1&6YoFaM1eAeG#9db7*@ytkgAVHZiPupugpFMu6M zsh5uqRq_}qDRDUI6IpkvL|n)Vra?DvH-2TR$H7Eg5j$3~`b zSC0GT{6}?ZFN3p0=uTWSTS z8X+t8gs_^u5U$EreYu`1dxJ7p-juvIRj&$yPpahs_bc47{g+4bbHqRQLWE~WRTgXO zyOC}Fi;PqjBgoNs{5Vc~)Ds2R9IT-*Qd+ZGT+=dJ{Cm`4F1fJ;gS^gjgvzc2k0Wv2gMS zk^O6xNY`aYpU^-gm|%D0g&B89RDzBkpw!U_8Y%;nyr8BmmX=o(^Opx@R_#^^1Z!Zd zaeCxjg+Q}3zHEUrqH1*C8%lZ#G*C0`-`%?Sv6F1z+bC7)BP)c1<(+tqrMyI!dnw?{ zac4#RU4J-Grz5&ks-DUBWti{!Il2ztQ3~1lz-zT$5#r!ds^H@XjZ|%v^%Cwm`^fsQ zT(c6$L`Wj6c>G=k5XIxBRHJrdZ0Oy6qIeJ zUN1&03n6g~KUyWyx%P{+07SwyGf!{c886Fv-+E%NYbSgOnIZbFqW$p)i{mrd+=$VI zsh1x`5;Go_FqSQ7o2EG7V zIcZKJrbp#`bdV7zL?;@N^_enBdM1wcv7U~lxtWGCN@zIuDb#9LnlatGG1}!=zOk}V zG*Rv2+_CYKKy6FzWjDpIK|T05Gh?Y$r_=!n9Ap02_zC`6EayR2w~HfC;ibsUF)l=U zbmb%H;NfeIiY~i=_%zUjt0Bbym-_di9meqsp(-CnoskwzYoadC$|5;4;yUc6?Z9d6 z5zTDV#J;{mLEnDiQ0HgZ<5rUN(xenGT(Nt8A+?zWE-jTSV3kUag1l z=^Cd^NDX)QpX;Q$%PztS1R}+1_vPEq9vsNn`p>rh;J=%QDAA9ldny(}@Lo}-@jkn{ zpvY^r0F;F~lV4D-XRho^lW7A(c^~)yRd8wiKQ)o}6qOR(c(7e~DRQusDc`cT?k6(B zU+e(ig+`gi`Y4LAB6btX^laDb4qZ`L1nR*({cka@4y*;tf>oOkN(+%z?CG}e&k=E^ zwe8>IB~BU%Uaf%va!zP?7a`&_a!HHxd^a!!5TO6M+yg(o_&+DS0-xS|fEz!e*R>tM zw*o9zK_;IUx)C7xpCHX#j;B;MHXyU;ri)BVd(Y1J zl^BZbV2ymKfxUL>Z|%)uxoB@_!K%Ri`|mIC=KKP<@}DIS0Ope^i&Jml+IF4nm5 zmtmFjUo<-7Kc^HUPyp%ZTYS@uYrBK&!o+1=Nk1Q|`=FueI93V&QQ z{CN1&0&h^V|xMIsbt1lk*2pJ=CLr-nP4+q9LMDp&HMD#I0Mt zva5xw{0!!&?^24}rrph|K5mrtVr|zjU|lLvQbN7L+KkPj+q$W;B9lkgN6s#B6dn`U z4xTC^#o3xQ9xAH6)^_`Kwxz3!(Du3)DoU^BV4rbjLBatwRS;Nc0if(#7{8bAcQtlJ z7TzUctu(Tk>_DiwaRaKc)FLcD;N-@$J+n*el>YiP@rN(PPs;S`CpqX==h%v56vZ51 z)Osu1?;NNA!hpF-%LXe>`pXG@!h-4|ZIM=cchQ#L!DA7WK|4q0o!vwB1g(nUvdG*H zUG*6<|5M{1SV!gS;s_Pjo-_L>e&>3T4wrKh={4`3uy=Ky{rF07&z#lvL2SkD$GW`P z>LGE2$|?Ki==oERMMJn2YLP#3|B4$Qjc4D{1WHE1yr%L$G_OZK z_b)3N{bqb)+qrZp-wE7d=!K3}AWsjU)sL}=Y};aD2*kPEZpl1j#m@17{>Xj`7=1OX zmNaYM=zKc11(Prm@)h@){ZW+*Wm^e=bmyo3+Jhii!b!LpF_f-k~6oqWmO6m;IF0^T zIOuircHHng1MXZW(IwtprS;&g!6zrn;3@`A^p->NXtN;2ZS4S&=9N9d$&+_urGe3_ zN6?vL{ta{W&x)h;J!VDpOnle2uA24e^Nb9aI05Jv>`6+V+quQ~Ggh@$_MAUU3SbV1 zQ#88fx9a#xj;}bEUPlh8oOVeSlfEXrT@%YyKh;ke+;U#-dqDpgqPoC)5O(mF3SeAx zc`>7ssXTVZ9S&-^kGwiuE_vXICB*R*YDryg2tIoW>+=>fDC7ISp;qefXYHH;cAG!^wXDHMWASk z5K3lbr@n-lc)hxUQ7(j2N%ja?(`hxjIJ3?De3=lkBb~ZDEXI!sE#-nER z$@lfOteq8p?G3i?w#tl<(qA0tck`KWM0eL`bxBC<@tLeu$BEkq*MXj`5r_UA9Qap0 zp(?GmjaOdnkS69Mdq~f06nFHZ17cA;2hdr1PHvcwms@s!qo107ymUp$!@y%6{S)s~sUmb#2c8Vx}r6RiQ0c7v%{muBl(6 z3*e@2=ND3vAfMyvsBR9iZ-$Q&!ZRP#2xKB6^8)(9R0-qX|Epkq_5ZE582EE^{0L>_{m>g zbdUY{CxCbioD!5v%YQ9}g?DYaXg zjr5~sZ+8`c^5<5`?^^rw%>X;HuUhg4UvKZlg<7D{vl1sVQuBW$R(^Sf zgsS{po8vA-bJGtg>5a0-WpS#2RbAn8#gOfa@S_a0tVgQ7c{ul&a4_pYyNGrL3_Fm4pY(~TCCl5u3 zs+jV$l?|^NayT-+YO76aCT7P+Z^EHo1=9K`l$oI#T z^fgk5%86~C0ZHmVt!3t1pJ!>I!Yv7>&DGh8B7$LXJhu$W554l}LNImK+nuFt`7FjePk+x#W*0)5@jY zu1}pEUilqT&`UiPvuloIu>Rp|bhURW_8V5_hD;R`n=irA%!z}v{{oJ;odt2T=r`Rf z>(fsV@XK4SzWDs;+?sRy9y%*<(X;X2Dm?Y(C>X7Oef;IO{nj6czPv?IhTGu%fS+wY zq1Y%eZ^Xgn!#lFOZF{rLyw{x7og#IEb^08xIJD<>%q5ZMFz zOYLL#&&x(<^=BgK_e|3UzwW$uPD03YqDsO@Kr|EmkKfeuHLwN#TM!`C*8hLFsICB= zY!khII_g_W=uFgF5Um-~Aw+>O+#0(Ob z9vZG$)xsHeW1ewA4ym8qaDa+gMkXMZ0e0~bPn6Sp0YfB80iq8RKjpd_?LS3 zu=xHsMCC*%GSb0)b#$M7?8AjJx8~nz6@+4L@vFZtT-EG8xTh8;lpxlhg(O00m4x}a zZA82Hea-w}#Nay>T3t=6BFG^eIM+LTwfSXf7rV2ODalphJ^EACW=uj~C4iiao;YLf zIPm_k3;X;FMWetSKN}0}>b|z<+CHj{TO&;<>WQoXC%?gi)#(HVz*usQ6H*9=161!~ z*k5k%QNdF=Vrb3~KTE z^RS@b_gR`}0lP~6Tcm_`&TI5f8@@9V=KIY!7MLiNHW%5J&BHQ~ zUUh@I$v^aQj4%J_xL>SnHu!o6&Mz%->Z^&|LwmE6mE>U%@|0+G?2bMej_0e#0pup0UG>$sg{4r5Vtxw3WkI`)7%a7bkFRJ6K=f(x zu9L|z>L0@tiw_3Nu0muTIDc0V_osA_{ZEk_}*zJby5bG47<30hDWyf$&kKJ)QFylp%Bf%1+Zr2*gN<>E)T z7Og-ntn*<{15L;JSyfMTGF#r+SObVWv)DDNs^dsrvOi`~WLSj~SOpq*!+;v5P2BcT z{JEmYllz?rVjeI3yAxX~#W9!s!eD!a&mY3>T9!0po7349ooiN*EKcS)T0QFwHd0}q z2_=%~SOqMUKm9edtiOh{^-D@=u~-1a)}K-~kR4_gIcCVup6+DC;26C<<++m?jZiI+ zZ1f;YaZcM(b}o##S?{UBO_V8jRzvLYQ}vO9($|>~{d^+)=R0G?(7%Rq{Q4DHr#h>3 zoT=!Ky+PZra8;=E)F&pXo>f`FM@FSiQ6W_mx9r8%q6QJVO^fqK8%i)=^g#0>c0&Eh zazu|CiQ1ovpZQg__-8{HnZ(9ifVv`fUwnS37S!MtA*Lj0SGSmL5N0R^!H0zTMBaq? z-tD+w+A#YmyW@%80~g}hP)Pi5`wu{E_&?qZE>BZskI~pB8MFkY5twP6rY?TulI%!Q zw^}%96P7x4w5zhm^%|SgMOB~2s810zC#Bd!Qo%k*MYFlS8hP{^v7Lvvh{@~f$6458 zIl)C(&pL>3ZgF_j8Qp~x07L|E7kJ@_h5-+gun~4ky|X4--fZz>B~kl0VP4yQ1v+|W z#&K8kdHps5WA2zJ{zL_B$Y_y7qtkG8c!x{_?b@=-L%!K-X@&7eMN`5&Oi5!AzsYHM z)jFA!UtI^wdrJDxt?O=O?DU}HU}D)Iry&l z0o8$A!G4@~CeD4M;VWaG$@D?f$bLuk3i-hx<63~KLF;!b2{Kb;yky4p`e7;;i~rA0^|vmwJAX zSuy>wWG2bWXYzk#r)coufWB7MHnY+QU+6&WDWHeD3|vWDPRo)x(tPg18DS1<0%bjSVRo z56tk(&g^ucrrA;5-jW>bQ4{~YP?24q%J09s`}1>k`iV$b%$GmOyMI3|ggSrT@1b&r0_!;;*aejtI>QcnJ40Kf(VxDPz7nL+D)vI7jBi-|g> zP*1JV$X2#&b9}Xm44sCNUNZZTdyus|2BG$B^C9betxkMpZXs>mZK(Eoqv;Yd6XbyA zmo?mV=zk3*w8cfOhj7S2B(yWBU$B>czy3NP_-Q9i_%R7S*j_J@h5zduBW!$8+47>zd3=W`VOjtd+IlBCD5P3x?H}%spqH3VIt~ z+UMsFYG7^z4+#l1rg>Y}NXq?GAFmC%+DuMN1j{LLa2xCJdWBN-{_SI`{sRRMP~ZTk zqDlCX?gaLo@hSRh$w=pj?{igH?cN0(Msje>nv2np#Ve)eih1Jc0X~WbF6N2bse2;N zh(C#h-e?}OL5KRg7Y9VDZ8I{?jr^dKZ+nV?ny*MZS>EVO+v>)QNsFX>azSluqTUPI z4Q?$T0%ezXWB1N3pG@G3J4dNz=1wZ9$=(5Ic77=wwat<{->58fjNMN^!*j}4pB|K2 zVD*KqowGo4^@h`z@_&W0+6WZzUK}w4H9PGv?b=>1FjzR90;c7)NU)w(T60Fl5*F>z~| z87ZmJrJX74BCPYGx_!r*xYD|Ft&G(-b;oiTeyxv_&u`pjzjbaaCJg^6q@;E>%mW1w z=EM~yq*LFl*v{Xk!3?L*cv0(h4UbeR|8(#I?N4F(^h8Q+)ay~{ao|u4_!mBHA2d<; z7Y8pib#}ww;-IoYdER{BA^(TJ`1kYwmy91gASsq!DLNl1V3IZv7J-GoMSzgBKPeZu z>V2%u+ydeD7NSHS1-a3Tr?0z0TZn-~JeI&|q5vO1{tP#%BUKTiQc~ z;2W_PCEjx-?%1d=BS4YpEZeqhna=vUGdD9~`=LKQJcWM^n7#(XVX?>e9qy6}VeW7s zR@eDG9LN)D%vNnatM8>wy1Rw{TvdM2f$(JUZmOadt;e!jd4gyxJau+JJO5==gX|Bf z-E$46_FhY0QOOyLif9Z)28qf+9E)x)RJ!SXEK5=hv8k*18twh#I4|#dXz+5-+ip3Z zWG1I3Lw2S3A71z7C2bvaUmLE{ddxX|dJfTgf=D9?HG!1;y3j*l&kkXpP1gk+{WM~i zQnk7OREnw!Xg;qOY{9+(sIv{0I;!+npEnVAST^2%v{T3~r8#d~Dw8LUtN(r;MrKiF zTYp03r~IyGFSlR~YN1N$)tR$F3r9SjHyPL+VRNAA4T%RWDjjyYv@pWl2Xh=V2X3V`{xRJMcQFzGPDEtY;JK9rv3SZ~6)7#`#Z5_3?NH#VOs^HXw9yz>m zYcJEkYC3>RFsgWxTLV?HFFO1#n5n@_7azQ`Sg$^^<%fKVsv@h^?4zkJiil`1u8UiX zGEM3u_%?7^yCXFO$DjFS7ZjQ5?ef8J?Yqg{_246$=U~!{joebv>w7V#62$MNq^J3Q zKl6E|!%~xUDLd9)3Yigp^&Qi!rVxdta^s?gPMGj(BccFl82U+u6H0II_t49FvWGH< ztFWK;en5BMYBbv-BtHia_+9V+?UCRY?^jxnI9*t!fPVEqio5W$CzMDVzYc^63TWMGs28jtYl<61Ze#Q}Gd70f?UC@|aKzSm z?4j-K%yqN+HHdzy)i`Cf@f?au58!L=Fy6cKE-|ApX7{4BiLP6T^t|h}6x>nitxFL# zUxx_wH6lIS3Pm&IEqYqdY&-Myx*df4%8hrTx_(iRXQ)lG09^r^lc0-X@)hlP;ibV} zR-;b#RAMH>J;T-`O`MlH(P-OQN}A?^1vsp6*BpC%Ggf`+a@U3fXFaZvE8I3;maN`P z=f?{n0jUn5^|@6%H!-?q^vqvXN=9dWn$yFC@ZAS1uH-#Ep4cwh{>OH+boMXbPPBSe^`}H;0sefIxMc!>HU}X zfxyauw)Ww~O8pmS?M=f^qsUlq%z->~){@^Rs^2x}}{o9bAWf{VX=b#_@F8R zQ8ckt74J~FRJ>Ieed==rXfgM2Y{`V59m`VzV)u!uQRN3%=OYPyLm_qw?sa$SUOsH> zeUWro;m!Iq7W-iN#7pY`s_pE6M!%R;HN=Yr3RT zQF}4cN#=A-<)ySv9o^JQJbE(d)hwt2*uRJ%u=f1!9{Rw`v`6WZS%leDZuk9BDFWQ!Yu6W(Z!t9pkoL2hEk^)g` zQCILncxn_LvE!3;j@PW~ZsDA2Nf@VbSPH`P?lQTzB( zYTJ(W`SoRT((149Jg(J$PqcO819xLaX{J#VW~g2eR=|HZ5*;yPnf!viPcEebb2&*e z+-Owclcv;TbXriZSq8}oyz*qBaKS_Kowp%~5y02Ib5}p3LaRp!Mu`iYaR9fiP3*`m z7dtK-4YvF$q#Y7chgT0G@NLjp%Cu)ph;S2`|7mE(rjPves%bOQ=ZQdAYg4ZT;j!%WcYjr*@*^gT^_)%f5S^U$NeOtq%6;s$w{);jIXUktc|7b8i(l~pf`90HVJT19zcV0iI5=&I(Xc7-E zI@hV|`c@>CIEt#G0`FYa;Gw5&p_lM0ZYw98)=buWc#Y!G0^CTH1TzvXM7tam1iD~$ zUoL&H)DCR;#!iZqGKEm=v!c7@rgWVJ6hAi*HAQ7n_A>CF5jU(I*F{m(YeoG znz{9OkJswOgH0g(&!6z)7%CYEo6{0Q1V!n7)?*Q(HQt)#(c0_8jDwW1Q2ygluGN+z z66~#lk_3Lbh2&1nwQ)>XIIGSEUQS@X{sUpbyO;0>NO&bY?(UJF9MX;Vh&PR6UwENfTW;B zy)81P-P!@dg5}E$(LCh2P6M10a(fyApkVRbQ3piAIl-<~{WQ^suhxNOw_c68T*^c7 zdByzf-WU@Kwl>v^UP1)jTGa9+$WkPGhCCA1ZTt~g6)GhMg1)bQAc0P;0%=K)A=o!7 ze+tw96wIBJMMt*6RHjZXcKJ(KB@?$>@J0(-mDiBgO4H?Wa z_B(lsl&HH$O1sTxt-=-g zkK+cN!`+LBfpnd-<3h*J0Se)Um>Z#4CV&G&e;X$QTf{1Lx>@S$F(VaLxOI$nR!c*w zRiNFydM0GtQfzG);R~-t_}sJB-%tY_{AI?OZR4Il3|i{?1guL(QoLeh$JYVhlQRfK z-0u(+yHKVN_N>7~Oko*@MW$sAJpJu+%!U&m({2VhRPFv{+g$pAl4HvzBtyAuN_C}m z^Sk43*ctmx4YGV4l3hpvY@zn~Hvd1(4jtjB?>=|<+UsGoA>Xkp>#X=Zj5~=nHbZNH zA!1C^CQ<-RDlpC2qW=O@Zii*D5%7x4$7I3zvV zBe6tFb4~jQTXT6*m5}j1ParYio7*qyj#SmhC z#>m_rcGpci)$4l4AMHz!&XN81d^KylV)i|Mvk9))*WPpX3h`e={m4q@nya*42^?DtMs1qNmUy3+Va%J@U3<_AnW6?_HCxnta5;=$$Kf9h8 zAAW!azp|zUK z=;gq)mJq17>u9265JM{}GiZ-g%cM;w49f}udTI1jWlwvHiXgKY)8rW5HCxC6UUj;Q zRpw{i0L1_3mGP}<1C9P40`OKXs%^YLBESJgIe6aFoh?T9=J(XWpGWP)h2P(veCBt) CdDQ9v literal 0 HcmV?d00001 diff --git a/windows/deployment/do/images/test-scenarios/Win10/M2-Adv-Complete.png b/windows/deployment/do/images/test-scenarios/Win10/M2-Adv-Complete.png new file mode 100644 index 0000000000000000000000000000000000000000..e48269c3678f6fa9b19bb6d16af93833d4614b43 GIT binary patch literal 105821 zcmeFZXH-+&_bwVl!B;81FCx+r6{RCpK?tZc0a2=SlwLybC4h*iNRuWY1fWmjS zE&u=kMoo=JdH?_&9{@mGex8nc=er^J9rcCATTlG~pmKm~oqBQBK}AOe0H}(;c=F;L z_4+Rl4HItwfIIs1hbDey#|{9X6lgwDF$l2SB853}t!FF*E6IP|BIOlD*JY|6EWOuD z(Ty>KQ4)}nUy8=-%AvO_1lVxJY-!eayhO1Rf73M@+q|c(|M`Mt#^bhhM!m{f@yx7E zF6rS!?l^3+*_5@Z&b6+I^F?C?kT8*>U#XW{B7em-jcw3JN@}*HAQl~p>i+QdLpN_? zqSH?Tm@i&RpPl`0ceU2QjX)GWP@cTQOW9HWj5vxxB*aiQ5Z>|BZu~hm_P(cS?Jjm) z#A__8W3B$Z9o{Dap!xSgvI}tb-}7!R+DreQ^LaBU|9c+Zcjte{FC;D~6YQM4En88| z{5IHoW2wGy?(R&lU=tLS4;DO|6#Ymz9^~4z(1L4r)rr@D1T%Gg=Ovxwo^0Fg*WV0V zCR_GWFQsbwpt+%C zciZo{#TY#fZmHYcyH}2Ef8h@Eb2PS6g`7YAPj^LL((_3Jn(XYW)ZNcbnYQxVDE^FC ziOdE!Dq>p18s@xIQU!=oke_oKp^Ak4cUwUeKZJjMC7v_0zUynUx9%gZ<;n(|kUEDt zxoNlao0BGqa8CKR*Q?<>kBt2K=B{rp_-Fs@8w4gKa)YUL9D-zsuO|)-?J(2Kr~L$s%QT$% zqTd7$va`P?ZZ=B7HdeR(e0ATdL4<{Nesk7a&A5ocvRTCC&P=|ci1zD0#=n7wXT2 ziGL4U%j&w8VRuplyyrkC4kq3LrXoBCx#{V{zTULzG7;xMJCJ-@<%HN z(S~p)rkUdttS$>d7NL7|JdBBr328--l)*?u9~0Ili?4YearH`7Bv!IT+6mZd4iY%coRnO}A; z#+Uyw-mtYhL6_}%r^&9YJ0Qdna{qjqqAa~Q{t0Oj)kVmLDM=cIaVSNji0e)!GTbw$ zUS4Rz#!HG3D+OgYYF9lUY#7N&72xsP8kAci^umqN()wD05Te{H#D2oNxx`{ zZ=HQB64=E%x9V3>U%52-Shb;uhzZrtZ!*_z5=SG{R{-IVZ^9v3VyhO9Q|u2}6_s#% zj~}b1DhNMp(z}i0HjdfwS##ZoKx**DVe%pfQWA36{fv{o{4%5)LN3<@6CI$94m~F+ zEW^_BVVD2HZYrH1cteiUBwe$|Bf@w6$Q7&+4vNu;<2~M9U>F5&H-3K!qhPP9-hv+e zpmxF7WqXWAYd2i;SSAHGymmZkQ$sABG#b5ru3jtHbqVMXp*SGip)z~r@By&b6EJRY zi|@zwqsDO0^-wUmk0{v~va~%@ zoKCu}h-1f-f5MJj7W^p-TDVEq7mk!GY1mQ=%$4OLwF_N8OBj_ZM7Awj)fN#+h5h`b2+fBnfzwi_e$e(T zrS$v(8*0+<(#S#3jQ2@2oqQ>SlFND}{+UE%OLdB6pVNPdAYQ1ZpTn>|@i z+ik1ZACl!Dn_#R%gimT9N*@t~DHh!1mJk5-Lc_m6B>>23oY10H#%(t1yI@f!elKez z*KPAPxh+4JFqQXk%8K@M7^cO?0gt#4+h2Vcd#86b7DZ0%*FR7g_4kIY5(M`MPtqGw4A!QJGp`sw;KZguz6v#_ zDwHdl>0@hE=f-E;a`&dpQc9E`i_Q%;-K&?7y1nq~xINiwMRxlz_>Nn+Eh@MLoA-1& zdajdPryzMdWp(mHr6n{LZ#NK38v3G`-5&FO1T>NnIFs%mUvSGKM7y6Cy(wLp~ zWciQt^^u6deAe5hMN1zPz&b^RsHyTwjF<9rTVGKnJ}z~K5i%!Z!$#yJb=HZ8oj`k~ zd=$vd(9eg;F}bZk;R8;D`IlY3MTS2S zYzieEx@S7{3@9c7Czc3XK7u-vIMNtTJx1L68~2)rS(At8#l&PA8aTYkRl0U$<`|5kE!x^~A|KKMP}j zX3;HN;2x{-1M6lV?qt~BjH3M4=R89}{9y;{X)?xAGDzdPqKeTY2OtT?N{W~VyD#Hc zbd`uYdmN`u0N~&W*Wfri6u$bJcYli`H9cyh#3SQi92pA*Kdo1;Rveh?(6w!!Evp0htFmW>gT{vWJ^61+;|l-mgYhc_M6lArYAR7ckO zD9h!HZ~cIYnTeNgMt?(*-h?<|&z_l$J`N$DFmitWVD|T=yI8Y!K07+J&4?$d&#i2R zWQ8`*K@fR+kSZ2kSFXAqVc7f*53ug9^?sdQZ*7&JISA0DXpg=oH6#mcxs#g*&jlnI zzpU+WprmLAcI_jr2<@{}$2(4=Mggg)1S`XP5c~D=V3rS*ni_k`voISy2GVo#KCY)M zbIbPAAxs&S?mF=G@tB@m4Ba}*zlhhV>X~e z1c&YULw}Cx5?(^NPY1VcXLJbgdUXaNg+aHVQsIf0HO%n4zaET>vBvfLLpqdyaC-G@ z!S8Y8OqeW&GUj_Y+dZ=b7K~fZ*XviLuYoyA8w~kY#?<+7&D^L}Qw5vatM~9lgD)Ls z<$_$F9n{WD!8pyv|KU128j*O{4>2$E9ABDpq!OVPU*T%Cx_Z59mF|Wln(oWD4bJ7E z&6Un5Pq_1s5G$7gobwO&9yZ3aIplP$ioN}?wes^fT-q?dDAu%KAbCfN;k?{}1SGyN zmJsvW+I7TJE?9|U8LH8BP!?u-=dJM*Css@L+*0m`&hVm@kwKx+*C|FXn@P;8s6%2! zPqLny@|P5!oNZ`rTQ%L1&2&N21k(qDq*||A#nT%cVb-D|)FEDVK<9t&+lL`rAd5dI zRvo+i2`hDVI9zKzTIob8cwnata%w_Am&F0i`7BloA!h~gL9OFMnYupLtqmH))4IYs zb|Kf^%D-MYw+3grkh`5<+;Qe^*wMe`q>wHP)w?`pm6CHz?Cp5p3zIRBr*5JE7nJEDC?+?96v>%q71_mWXL*Hw!l?yJHV9+!2-_rt^$ zDz3UZCN7jFHkk6QKeA_}AB{W`bUSl0Ra-=U8X1t7^3Qz#Syibo?T^i#%U~z8L2q_T zP?l?07h-K>94BuH*C#=JSH=Lxu zq}#ao!eyLYgDfX%{T|hw8R>e8vQ@FC+s|ean;?UY4Iiufd`KR7!hH>F@!GodIO%-N{8@!6@(6WVlPdgr8tBm-f=-+(bQI4?#F&6=)60Gn{h1 z;7nJ>m0NmGr*&iUOOhW$bowe1FYDKh1-p7~fM7=|1r4=kzWHqO2N|0Btgf4pv#e~k zFd2zgAVaYq+)%QOf~j=YIK~dKOn;ug4d@#=fYCE7cz3YNJl8_2|4gb!B;0ddI=eQm8V+jXIHe3Jy_e6Kdeo- z(*E@z?{g<>!*(EX2jP#8i{63Eupg8GE5Ia|_k|Fm>S`EA>y@64GOIW8djE_+6VEsC zGYoIRS;3vS=j)mFj9;xe3y3PWID@wlsSpPPTi#PkdDP07ziu*tqe9Twf+h4J)X=su zqsmDKp`TDd=dhd>Bh-b18;D_K6lZ1e=_bP z?Rr{tuh>DdV6`HrP<58kSDv;KV2FXg{B^_-wzsztGSH3-5o9(eR%2sukw6JP+B7?@nQuyx z?am-bgRF$qQ2&nF!1rMCM`2mf;KAjKd*%8eBAWy#)*3`OS?8;P$Ba&9mz>AxbL| zQP7nne;4NRC1VN3)P zN{~gQv0zG@Z=N>fQp5ZgUxRYOOb!TS@i-G5irjB*4kr8GDyfelhjtR-AbNa$SFNv; z>Lf6QjxFi;LTIVNO*x9E1T0{Ctxh_ux;w%SP*V%b-@f`}nhYPD6Oe(mLgoeD6*Bbj zizd*;x||D7Iy97*+jBH4BrL@^-4etpfXx&pKbl)vw@8TPsp8x8iROnbpxs=M!O{Ii z10D#4T{Zri=Cn17=JjPn8~Nd~v8_|d;y_CvJ) zwq_J*>e7^E{0P~&-7l*GhAYmIMDMMH8ih%I{QT-xKY9sfkuk{Ej94DDBw=-vA`3Ve zCdMALlaNYm6;V$ML^qn}IY=QrP;rR6lNE&2da`y48VDT@VwBg=Q|k0V#!-}3Uwk1z zVW{28JOsWnZ@J#Z5Ps}zK|j1CWI=xi^{c_pNQOwOJA&7-8>O47t9$G!2elyE;@_R@ zG;V{PtrSvF_fA);ww>*NGnco&vtDAZWVLnnH1osHig-it0sc0Ig`L%9nmK|2ZjPRt z-%88X4~vM%6Ee$R#On3%Em?RBL|XbN$C=e|;#L2{b5u`wUE{L5X-r2xAXTCmE(eJ1 z%!n$rLD8N9&#yN9Kvh;nq}+9i7kyIUSA*2G24cO-{rVk2i9IekA+GH?@QnnW3Aq;@IuK`xLzEo*P{)( zgaeBJnXX8S?(l^9nS%8S?z(kB@PR~m(XzzQx(_hkVD0a_d7s+p$NP?J`yu#G=DUU6 zAno^gIrR|TlB;z^YJ?m8Emp_J#IA7-J_FcJWj{xq@-(=m?gy~j9eFk6?MR9sWp?>E zzP<)&Z>bQ*MXo9y+VCs$Qjd25{!z3)}zy z3;(~B{=aaIM&6cyod+i~VdO!|lp^E5{+7V=fAZW_@cy(5^j#P+7Inmkm;U!N%0cD- zZ(C$43%Da|k${s!+qnciBFuVwb{3-hH^0GzC0EJdtA8kw_?q982q64nG?_3yoW_}0 zU`M2g_P|z^kdfJcPmSPBD#;YXS0k?8pPPkHjYj6~m~S$KjbBn!R;=yW#7CO*B;ZeD zdij15Heyur!4P#e=8wslB-EXJW$>G#xYN}BgXBEzg>BJN+Y+{Scenb3C8eMdD$HU} z*Ee@|Msge|d=dLBxib6{`&#l`tYLaXJ--?D*x6@cafiACBLi@1DJWP50bf!>#EPKp zzPMPecJ6xFbdhKPmY$)Cq}|~Pb3O?e?qE+93PF9qpz9FL(t(zhtw`ZH3+zut_so`M zkTaR=I-8a>Uw@#n0d=8t-U}|1^vP{SeZ67wc~AxW{{A4oN&P3nn0_9;_jPeEkl!C| zY?~X0Dh)bJT0!f_)9ws7?Nu`b;r-cgy+2xxHan5sGNuFyJ!8m#Q~k48FxzxstbNHi zg|}oL_rNsP(%p$`KLGjds3E<4i4rzC*8*w`9#u$Vm=?y!Ofz7Du^-U3-?WuWaW(F? znYE<2O55YL@1wukZ{UJq=Jb~+uk_-)q68=XE7>x?AvAS zi^yHC>M(P{23H6Gz~yFdwEbmXVmfHM)t7t=rOlW!P^1LQCDC){ zNe3&H-Aj{$4$tkcG}l*Faa7HdYApsgcjL%#m}&6#wGNqSu@JTlWU5PT#HJ`Cr^aDr zl=6^?um3?1YV?)J$}Ed|IFqasqNeV?_+Sezi(8{utY6mYW~J>853}WdtH1c2tl=`B z-)WAzF|P1Q3z1I|uY1hur3Oq(Y#dYxXS$SX8{D&*Av44Gcma-bS-#DF&m!*2Sm|1k zWerVJiDCA2Wwol{NV6*RMTMW}VY9K4`$gl8$8x%QA za{I~O93OhJ(qu6HK2JgJGYSx5wHxK5NWU!2!Jz`j0wiXgd0*DR1F4Jb)no}asEn*X z*r7Upz=~bdnFncGZ(sacTA)QoW_<=Trwslc1H5OnX7aalTz;P!I~bY86IOnqf$9c{1d7#!AKo#J9pv$`C-9_f&o3NKTVxRBlZb8ZvduW(~c) zvshow_6<`33N8E!;$`@(d7@b95A1h5!1+zPNO$-3G4Y^$!ur`q4&0Jf{BsSF#Z0zy zamOD%)@$u$X$5mjd&Smo22XE;z0ejjuDxSXUZ%B7$3{Hnnc|Ges`PmoijW}a@EiOo zf(f3HETSP_tl7=U-hbv)ulb!f1} zv5b!^)qKhqYemlK3s0Ri|LjdIJIBWHY&yPB+hdS@xL_9Gaegu<|4=u>axug{62Z~D zcBlPgs0mS;tNR&uwO|KF`{x_KVXe%qUNT{%AuGKJex%va(?BI5sst7H@ecfuvNY93eK5)4CbFc zfP)H})!=XJz7b~+YPh|S@r6!zJ{svz?ZMygpUa9YZbjR$4b{#}WBTqnT_}s)ejiCS ziG5{cCv?~^RCf~} zKx6T1XUHPj6REF{ijuF~T&<+lrG+?2{l*4-S~B!}P2#J<4&fbrXIwbL>=W?3%@2`1 zB@7RGQ(GwBg!3a4YN3&ZH2BDw9e@> zE${^3WzNO)*KzC8%D0a(%X{lf2P_^`jC++cuhJs!^`4u`;3>%-;EyCXP4{^flra!0 z*OhuAt`mt%dM6r1`!~*JZz}P|*PC34lokNk*~bN=FY62Eq?5)%l^Drxnd~ECPwijX zfjvM=;Pu9l{uO@rLk>ezw#UF3QGb$S#ud&0OmZ%MiGG4(P5|S7t(a;_O7?W8pV?k* zRUMVD-M@#Q)SynoV+v}-JTJCZC1bN6`P>X~t!V#*cAr>M;(0QC(;KXlP>Ec&AR(Rp zIGH^VGok@3WyyPUrEWe_SRT~s-SqAIMATYLV>Sm_OghA(2*DKM8&;@8meaouI*m~b zyqEPPvO+1fBxc+v<@aP>XCUC&pvbKAKr4urwX3AzdU&4hUY|>jh}hSW59;{$Vt{dB zmWwM9>*#sX`^zG}Ydlv|W%^YxJjk(er}}i0Pf!iokEiR@z=l+B+3}NXXNe+9!+|aa zj!$O_WaqS{(945d@d`yEc>RMtr%{}rKGN}l2eI8j_9}Pgg`54dcQ}s4Y8N>e3-i)5 zq0k1`44iq!Cf}&bnB#VEhG`vXt9Kv{oJ!jDm@4e7>iD$h)pF!=+|yF3Br|X;kLp*L zi5wx)lb^`J<+28wuo)6(!UjB{DNHMnTY5X)ei}b9I&nIyUS-f;lJ6~iN%v`(Ylq5Zr$g=8?&Bn$olX&-)R{G&@P+BZ<0G8fD*>}yHy)avb28EM~oF&3;l>Kp>h z8cE{3BSS}bFe@!Ha1KW_Svq0D9oMSok>W;@)e2adEqNs_YbZ(=BVYK)__Ls*I*BkJ zq{{UX9B<00+V z=D8Vq*G6)#xzw*}k?|d3QpG;9z1QbCA%NOkE**6@z&COJ^ajcAbJdT5{~$yfCBuXP zT*fQ4tTTEd8AZ+`QyZ#DHBEnykA_Q+S|O!s%xO)fR`1K?u#y=^zGMqP{2mGocIl>H zv-mDx73fj#+<4as+Sh5}x{{7KK6EMOgp+I)Uk?HVV-N?7I=e$9{3fSXX ztEW=cIyEHU7O7q>n(P+CN#I}uxAEwZ{jUq%|Yw1XEyW4laxH6WNE?B z!nMMSdTy6p=zfAwSWGYEfNQF7irh5cOaM!$pXND<7(wotLVqP+vaEpuq$0TfZNMz% z$7E?4=&PtcwsE1)kUOM0lDR&?sm>2%4}4aq1o0!esmu7qwhG{ap!ldtUY3Nq!RUf1 zfpTgLFAN>FzGK?YijbM(Emh6!3NQo8;hz@}24n)b^IOzv2-y=Koq=FZDp7BqlT~J+ z(4VDCLOQ~yMTHA&wATDjR3zEEQ!1Z9+#KllztIq-QBejYv-g`h&iMH0yNU<6c3h(SN6`avZD!CO)vYeb8^j{n^=b zoIxYnoW<0PpAT^uA6D*rWp?SS8Z_%Q_|~3_bV*oQy^eB@=qPA30HN=~Sr7%OJA7b} z_uG@cBURoH8ps5>nvm_Om}lXL@Gs`^c@*>1f2+JZy^1Ia`$eKp3?A6!38r)fIF}!W zHBT(H*S*pfr8}&Gx$iDcNb%7EFomH@7EmjL*!&F5j!kAzm{~%S%$eyI9Np7y9`M~( z!arwtod_;0j*WJ-QU|qZs~eOyBE|$i57&;zv@*o5thmiJR=Ge1hxLdd)HsJ*Z&0Rb zPeb5B*{W2v2*=^4D}R_Vfmx*g#6c3vZ>;2O zVH!D9mP`GXGIGO<69 z8VDsS;mto+tq1NkZDZblXhiT{ImrGa?4vf$aTxGJW$>*z_nI^wPXDA=Bfc@%w#6C! zpL`%dxy<*!n*zRe-}=HEGp(t)bqBk4#rGquv{JNL)xW*h$hKF}DwdAGE6$+hAB%so znNwtS3Z%OgD&6p(w=lf~wCeHEy#2V1wzm>sTj*Yb+{(yuU?ag2>f_&dt3}DjAG&rB z^E1@Z%I%R7VY`-^qlhrii)%&VYHsxbwp;tC!`>N3GW#6KgFEW%>JP6%b>Xm}-nq&8sRxGU&>(d7Pm**3+hsUj=1-9hTdDRQ+=A@r!_M%ZO`n!at4F})$BaN4nPfR zRX$T0!oX~tZ@lTA8N=_Pva|q(G~N)mZ1#vZy$eWG6Q<`Q2wbf8yL0K}{rkT-XaGH> z6tN%p85!cdMz|F%&cPdPhyAX+FjuSuct$3@tr6dhYW{F#?xC&}?IqdnFcZ3mUFaVt zsrgPY15g&6-#ZXGH@hU^o_WVT)0y_}VivN{-xBL73`YM>iMExA$^)KBog2lzRH2F{ zyJq8_Jbgf`?=1$XhkIJRIfM3mS$-;2tahOa1U2f#H)DP&`4oTMAPoLix;CPP@h$Rz zOJq@Yp$0Ha_~V3_zvYDV+sby5B4Y+B&6k+=NZ!#Coyr+9X?9TWNeV_F5$;>Tx_&*@ zO6F#czf6yxFS_Y-9{R!|zzfVujtSs)Mx}r*IdqosSH(s8YEBoqvf+AcT72Ka!vOe# ztke=|)$*g(sNePr|47uM-zH3m)pk){`_S*lnmiGnRH!CxLw4tk>I}4UKf}?Gpeo`L4GXn;Wb{aG?@y=f9tYf8bQf*`F~e{S_l7d zYM8qp>o!VNUGj>%&7|-|V0<#AqCiCJ1?^p&G4{QMXD%XXZ*VK=cV_`Q&YFL37}YrO z?|zYCe^nyzTPB;!2aA6`L^f351&Bv8e%^c^`I}n28HpI*0`FzP(f32`9Y$Oh6h`8m z5NT2>nsrkckew z>uZ>?M-%@2+Zgwdw3fWLQnhK0jYCI;*Vo7rtt3*R_~>FkvjqYMziU;7MF2>y3W! zl|SZu_6I0x2}V4Ct#35un{`6^n_xl@BYYm`8gN>C-+eZq1eHF&T2wKF=odL!kFC~y z_D_+s$E^;k<8X0q!$K{#oWmI$!<9Y>J=v7$R$f(rMmG0t>Q4!7bw6VD8ty;TY_F{y6i-)(inWk81s!8s;pL;?9CuZSg4MNSR=r5v`tMS zjY@GLB<)tovNryCKZ^ZJD?dN!oOyBPG|*!Ovmf%}$QVQ_bhfOtq=|4Xhq!2$-ne$b zF3l$h<1tlUUFP3m+V2-Lye3Nq1kBz`Z~sfbd8W{^)c@%p-^j6~8rqNTVy@4F0<$;A zP|h8!nIE0=NDqU;l1%oM^=3~|_YqD;)_ObS*&p(D5)e5l;~INsg|!ccQ>i7d51m&- z06B9$DXLZrFl)!H*7D30(-uhb*qrQw2qL=6W>}-3T*i}U6Bz~e7*hqgdT|DRB>W$CHs{uRs z2!OPQL`zf9vh87DBEzh?tFD zmz=Q4mXRJBJB1S(5d&44jGYHsR=Rij{1+4_th3lf5~#~V?Xe*pM|V)UllY;LU2(QN zyWjwI0!%75(Lw53za7`_b5apSO=0Gq>*a?u?qN}B49i0ANiLyhIQMmVt`=va;+;uR zPEe?vu5<8yZ zindx{6nzh@W}OwN^#I-nBKx7U-sRu^n9u3IkN3L@(K^jLv^s?e7LOt3mg)$U*0dHBbTGbdi=fijMYe6q=CNCCe zD?N)*b!nlqY6*o_N+__;iurdikUQ~tKg(!(Kt@)<;~P*;vgkVy?D9+inld{UQhd#R zrdVy}PnAy_{$FB!?d_FZEVWQX$_8)eW`pV<*$<4DGqMxX+duvtV!QQXEpGr}_{mnK zvZ*Zh?h=kjW>1dOHsyu>w1DzH>mQRWh9K23px{sgl_#BN>*|!gA6x`eHnV+v;EfNi zNgoY;h+8aQS4Tc1HKU>h7?jokKSdQjJ#`O0Ciw;c4?{L6q9yZgJ0q@tOt$THvoid* zBb@#!MhaJ*`7f@P%k6(@Ig)nB!MJgOSuY)5XW_+N(&~Q-h{Oga_nQMPj{HC zL4))dPpaU@ET}?cFYrGtZ+kIDCCeC@tp1nB!4-OLMb6cr@AlJ`tdBuosaqYJB^FJ? z#YVqdXr6Ij+!(c)f)&H(Bbm3btS#U>jl64Ak&!xYc51trLW0ZKaM%%P;59p7KCQ8; zd3LfYEXI3ii5qp)z%Fq}EcruhZC<=SGfs~6F5SOF4s2PCD!z3iF(b7LaUq_uO&Hd)c?%32^?wy%y{<7jVpf0@KZC@w8=k%AxyQ-j#{)=MAZ8 zNu;F_{Kv?H)<4xiu4hbg+d}_S3q-9FdKVCl37IZ2n(5bRUC*X2&v5CiwDg#W@P?5E zVmLBdAb((#Y$FQf;t6>QMsaH96-MA&XIZCAv&9b-4!%ZyoZnF;lwd0@(@k!7>rqwV zG>p6Afn8{bak15h#KJkfx;ms=e2eTwSe={HR$T;4Cw4rTengyEEAl_^roZeSpbGw6 zA_CttGn~#^5>e6^BgOnOms5iCkk`sYZ9bHxvr9xOQSDY2ZO}Grmz_fo(2du~-PD3Ja-3SrbW% zpS!lfySL)P%xRzy$oY}|* zV=ps3LE25MH?#d6XphrRi|YiVS4eQUXDyiJ%LS-Sn;U0&3<8N7K)FCtLmaPU`pPWjLXM@?bT$+CZyQe={&rCOPg92Wu zoJ=+#DBPp;DgE_(nh)it7Favql%n;Ox;Ng5xqd~%4R_ou=AUZe%#8n_IsA9h8zE^A zmcPCkdi#0ZmtA?EJ@`mT-0UwEWyWwPLV{!IE%@B=kG84q{pNDj0f+6ECt%Au7y9$n z5#FTvb$`BNg;Am3gw{P>$W;11$5C7eY#;vV|0=wv*87}>_s8R>;XOy*{}|re7|ZAD z|B3Il=wHWRRcL*l9u7oLzadKcd#mzH75yH4Kt}31;E_Z@$GbZ~%)@%^9NVb@Tt#RSwbnRM6p^9LUc@^4*GR@6$b-ZoeCQ0d0e8uMn z9bBl%(DWINPl=nMg)Fo?XqGwMnHi3|bhX%U6G2v~rzPu)TSD~4(d`wrBdmJNbN-(G zo~_O=)=l?==WOV%9@=3>x5*$Eb9EUKH6s{{2{aQ zBRg09bAJy0*;)8XR{@Xk9U+1`I%`IGj^4dTH70l?yW0s*1e2ZfT%IdkxXd-q_X$$} zfFfJ7P&E5fNmcW6X?xaX^k{7?Q8w#i@X?y(@XB*sa`vb8bZD!a$WTFzN8NM$wk)_I*23sETYe zZY=8P3`ssg!FFS-;mfE!r^Pk9%?JAhf8|FvQz@Td?wrVfGT!%0K&R5~A($Q@U3M$U zW~w6_^uC86x!c6pNol{_+*;df1$-fcT8=IYH;1NanyQPA+rXqI zdLLgCuTZXILV5`6URE+}4v{{Ymc`9jjPHG@BUMyVto`?9v$;6Asq*Eqp)v5RV~>1N zr`VXf-@gci)$o6cKx&V^LN46$DLYT7?}EEeu@`F!OKp8X2AJmWb=Ea&HcA;xrdqIE z+Duld&>DKh%3U}gKJYvRl>XQeYCnLM7&W+NmdHOgD7Pne>B{h4Q*#~#tC*N_rH~R} zIK$z1%ffD$?MQU!veV{t+D49>_O`_+Uy9Lv5$BB>uO6w2@sD%PO{eJOle}c4CD3N1 z+Ts&qMPX^d^alM3{+j&ci-DV;geq%$UOr!axiR<$_o+-Xrx`^&8ledOivo-ksO(H; zLCxH6fxe1$aiS-`++eO5LD8%$~~)ff1KQ?4baR^0Dqx1v=UuOa-3ao@s4 z(QWlNp4IPQ?JXg12>Mx6%zc!uj^#cYrtu&#_82orBn16g^J>3SS&G~A;r|%fH<-1o zt4qryS#bq!oBNgViRsKtkvV+IWNV~1_kO--8rf=~d5gslOl0XjqK%Uhcw2<#Q7ZDf zgMG`L##0b?vekdL9K^`wOXcoWk@0jE@(wP{ju)DSzqD+Qsw{{Q=B=$(=x5Zgqh0_> z8CxXzJN-{9#+eVO6bZ&=BW28Oe5@vxJ>+&p$Xg1dP@N|7Yf10l=8Q&Svva~y*v5)a zhQEa=)TBFCBh7hWoBklfs2b)pTY~(ocS%WL?aFx1p3_9+;4H(6yaQSYp;0zaN@}>u zxJ+eLXImt~=)9rkpce_75-^zrR?${h=b73&)?DRFyZa@9r4^4u4YfJsEMjGMv(2J* zOhSa3gIs|3sb$%kHObPq%{C|-$%S*yApOCGKXI)xoU7%sc1M>i=|`L0X%@ALXRkar zqVTlxRrP{ToQ|_Zr4=FQ8%-lEu8MAR>jUXGtVzfHfi*8BdpJq6^ z!x{5kwoNvLKfCwVm7@lu1?E0GeYpzFMWX1VcK*XqGQjr5vK5)C3UffU58g)cQDSlk}}GoQTRIM z$EPxfT-;K&josDXyQN0ne=i9OJdu%rt~+o1b^p_=UJh%&_@uKa@qXE!v&UM3{ELo5 z`R4xZz%*x}!^Dk{TI|CIxhvuJgGGm%hTml6CA_FG=uLjeY>Jfq=Di{Ua5QvkZZjGC ziF8}xYO-|X-Ml@guN4t_H$p-kf<=*AEM;J}IhH%M&ub@Kw#R4i8y9Ml+A%%}`YwYF zT`&F{XnM%;KLbs$Fd_^){I}?XxvCm|hf@htXKQA``W}yad5=N<+Fqo~xpdRn)Hy{t zP9$2f9y;jkhvxJu?Ob^HS#7W=%g6T{qv(Xi^OOS(qEoPQRACqD?dVxHK;j7Icbi53`(mv=?o67uR8rv> zEENQ&KF9%gmnUw~*MrZ!2V5u@ z4o}_8@+LPukH1xFTG~n^J*DQp<<(R-yt(hc!b8*3cwSDtH)pGN_PM3oRs*oMn@U$G zbS*E5BML{b^Y!JVMV7{ACliXJ&3-TyMW4F1zVP5nU*Rxut5D12cpRuFH5hxl6fJ+3 z!N+4`z{^sg$ut;L>jJ#nw9nD_-;{`&P~ha8Ftw(BnVcgo$IlxYU`hva-$v+RREe}uak6Pxa@?Zml~s0F?%^NNNp~ZbxglYeb#z;!wPvODhtrrUr2Vh@3DBDs+3ot0VXMrD?U8?1#XTW9 zK6yW*d}x^Y6FRqtF~n7OcudsL-mUoWeHvLLj=N|U(z*2MubAP`os+8KYgLx#A(W>t z3@7mW;#rbaZG2}vLbiGdi=?NJVp4nMu^H4nmZ4`Or)^dh9`vH+5}9;W$aMxoWsEhx zGXKm*6U|D&&gHXKRDM~XZtqtP>08}y)sMMC*{w}K zVAy3-koBv5fo`1QcAWdbX-fZ*G4Oe8UFNu>8NOG2+AR_DYNqc4J~LQTOlMQ*KJK&J ztivBa9m?-BR(8C!eCTuS>4LvyeX8%O-HqoT;d%t3cT$jslQO(HD=cQfyiUqi-PWnm ziz?i!ut*uYhU$rQQDvh>DLiaLhaAhuUYgM6ybX%J1FgUWPiKN$@UO0V z&V=CVmh`ePg=mDKc_Opek%|f~z~+_dfh9fo*_vrhk`_n?gg127!d2b7r4Rg$O7jON zk#bGO`%Cd5Ax_kX33%^R#;$m#pC5P?rxD66-N4Jm7$mypZ(VXuxb_P5K@rj)B{hkW zf5~ag{TExJ5)u35gPPt1h}B`G@~>V0o)Z04!Lp<06BgE#^BYJaI*3{QAQ3t7W^c;4?ZCe zwuVigTjFsrkh^|wj#`eTF(NC#`WW1to5H~TrCp5kd<4t&rcSZCd?NrD_Y4w?H>STo;m2#DFnVv#>^3QnR+TD%2VkgTo3%2fJ>@ z@{V(aC36l~ncx?kvC=B2krO_0EvpAyQQrXiSD+Zqq%nW|bjHJK)vdDoI`NNQTzOQI zGh9MNCyA`m*Y^}idU)6F*}d+$XP-q2Qtl4p1`Cn=c`H6F@q z_YeG1+2u>@uH$Ed^bK6vw-?T--mv;fL<5#2QdwAo==A%Bv3>76TJRcw7rtlzW_rl; zVaVJ{%g!hfCbd?+2{dS9Tsi8{T?q%F%wP~!;i4Q3jsGH)rF>V(%E6d%uY(h3lP?*9&K&gBEq*MQ?m3W5l_9t!pqR@;2Xu?{!0Avta^-^ za~tL2vK|T|BY>WDhNqGK`mK}CWTLH8?r_uug*XXEgeu%_j+s2&X(Ve zc0GTvrR;bjO+m+-pGv0K$BrbTw_L%mCZnmYa4%weK4MW~jZEMqadU43&l}ahY^1c3 zoz;0w(eTp3nYDbbCQPm0^OsUas^&`7?laX-m4=w?E20GB6$-q&bl=)tPydg39NJpR#?~HfZ(0rqb}O z0(@Oh>|1gqW75s$TG-;%{o{^zM8#WOxm_Xk3zna_Wf?pagz1`fGaFYoJL@RQpWY`K z6nR?=FQuUcA8*?j4ybwKtg!X0?<7&)IfJ zuue4t!0}7LF>ti0`vV-wqICn`dcq#3@?F~g>u6cDu22b8hqn)xtKRFy|Mh0hZF%56 zR|Oz2I#kdmKlXC%56ZsQgQd_A^|o?NQyq(QWhsL+gd2iX!->vkPhsH1UfyE&fYx#iKn~ES z%#v#v`9ECNE}056$}L_!+Ke7*Mk=|1_ZxEqww9LAGWn-e)}3)2?@7zsPWx?VH@mA& z;6&F*G^MNYx*+JUVk;qY~iK|`-Y_@%vu4a@^jJV zfL3m{hW?!?*{F#mpT{SW^D2f5xaugbY$`*69*tNRq^l6pS{N3i6F+St;>;>s%AQ8A zDyt_PT>98gLZmSLFP_X|&~LQkfRE{AYpmRfqN)s6DB5!}jXuC>*>2yFUgXVNRknfK zERKAql!?-n(WaL9q?zavvc$4bXjFy589Q{tnhO?>wh;2^Y9t`j&)qV>$;C_c`G>GAn66>A-SiAi#E)Yz>#18d51rJz*X{>hkt%b2Omc*E&TKgwrf`N_zl7aC zT5rSXc^e8&zmFZgcymW92ihnpV60EESMg|SU%$T6cF-voz7w4KggGVf+s$!Z+UW5gr3@K>!7}J$EsDK&por6`k;F&**PIEZ!B9BXcwy;YuhF* z26(OKe3+^g+AHn|v%aHZu@xAXY}Z*#$gHB)#E>bz_=A0Ee0K`_tlr4fHs!y2a(xm* z3GiT@NLr^yyYd1iDzW6=aZnKK-^qKL3JK|CTqK$eUa z9)n(LnGy5P&G7vCoS{>13%S>Lm+-a&#^{8_EQ50& zr8Wg0ZjZzzRL)iZ&@+bC-!xG|r+`Ow zYbigwc{k$sQQuhZ>=`8@sI|Y&M@}*6JirwGRueM881gqpmCHcg2i;Hh8ayCqA!Yp2*=UN!BX70oY8Em}_w-C&!U~DssAilIA^uN%SpRPvunx~yw%)c5 z&DHrJh@h`p;T@3vd9O-WX7?k0+ixK(WR!B{je&Js=8<|&ZI5k*;u|iI=|#DmYP7V2 zfx_;y-}`|>qb0CqJa%^0g0Y^Ue8Jkc?k3Op%3dkx*q~x-#bn=yB-@WWzmkaX^Q`jJ zC#~N}U~X@J$BKPq(SUE-~HRk~!Pmp&RS%nO2SMO}NO91QI)~v!z28|lo&U9|y z{9Dy-Z?qMbql<{CS|()Leu&yyI0hfn@!c+R$H#|Ag|eFGriMesqUU^osG;YN(-3qYRx5(NX=e{DRpSEZ z77^&q%HxhjaUKz#Gw_>KDN@nMMPcm5VjJQhB*Hh}gTp+c@oWiDp#{d2r`}!$+L}K1 z;(8KpeZYaY=x?vO`Z$PzO&VBq{(H_l)e`b?Ulcmpc)|IZZ#B1I?5gT6Y;8wK_g0!Z z9{bdEhyr-ZYF<7}*wi3~LnUtpugVKxVvath`W}2(&r?Ps!a>yCWKM>X^6!g-{)qlR zpRnc^sKXDK=RhmoS3}Qfw0!&a-gdg-a$_+( z{9dssMV;NJ&oaqTSG8Mf;^ z<+*e}t?UfKz2dJMAlfir_l|rp6Wn~qRg&S5o$!t&kyN&0DI14z%gzo)BxBhC(!TtS z$$AsL=?VRAk)y)1i;A+}rsORDSg4aPo9filTIf_&$z>SGnE9JpWqeoQ*Ml9>W>#*m zY;|56{ve}9T(*k&H{$uOo_hO?`L4ZVpj3XZ?X~;eS4T;IGP~YWPxe#HH|~al4toFa zGGAA_b;$vKuwilkG($OSYe-SIFe(#}rpzAb>o0aPjwsWujAW<9D9=1D3KN7B(*t}N z=pDSiCuVkVq=%$!$;NB~zhE34MWFA3Ul(m9COA;&r_6PC6V47w0xZ5p{ULPVs7>WvBiEixy0?_=$w?&JW$^B@$ibO$<%t+^wbb@A+(oDt57obKfgXR0TP`vMrO6Q@pBgOsmLicRj3 zLMkb$r80}8;=Rj*!6-6snOqfoKVW4$tbT64qayvDF|T!u?r;BXk}==kVU>rRNT#Wf z-uW%HZ0TEa7@+$2G$9pguY+2V!Yq~B&-vd0y*PG zf4Qpn&H84OtfxZ9{OF6K(b#WssZTPfT}>q0d}I=Wjo44grfTLf;SPQf7Des_3@Nek ztdS|BJtZYx#abqQ2eODN#&x%wu0IL|`*d`G&NCZF?AOHQwjv zip}AB;o%If^%SzD+jmLJrnM#6emTHtB33rN@U$}3{BewYm#|K6?WyX|V;#E{HtE8D)|wljRt zl+;#fw<~eR25Dum>Zc?W1-H1dyJwx3kZ9L)MbP@h-I26Hs>PPB=V}iSq1>q`?4ZO+ zxOW=~DcOXts?c1H$!69_Hlu{Pc=@Mlg6npRg+3~Yp*F8==-emWEx()W_nj+^A_^DY zFXk>E2-~h?i=2A;b;p}N;OP*H`k)He@Ar~eaSWjh>r5SC$E#jP0cseB`5W839P&?+>HR|(hBXY-=f{r$KPvgU zS3m~~7e^m5}_9-r>1K|=V#sEn)69$zywpw4%lzgwo=0`Jg|suE*X)l z%f8WP<~wE|gvPqH-JK|cJTm2Z-iL@LgMF=_p8^*$!tN#M9w3{;Eb^-^U+|MozR_G{ zo2oXA8R{BPevnsjTo|?JfXF}9OBXH(ze&WHP%A}+o@p6Rct}w?-FN@nOv%H(N^@I< zP*e>oEG_UmG29J5F;ZjYZ<7Z7o~c#p${Ez6#plNQeo8{TLpW>T4nu??O(!{WYD}VC z9Qs{oZ6jLiBTTuZ>oN|w)14NQ3a_Mz=zY9L0F3(-Lm9i2o_AK@phuptF-F4$ch+WS zSmkp=xh99qBlcx)Jo25wzLP9fD&VAd+^^nP@UijSa{YXmr`^2=B$kCPe(wjLyKx{3 zFZa_~g7Ue~R^&3Q_NW?O%d@FE#pYMqqSlwPys`7peniek&R^C#29meT5BcD7lJx zZ%=Pn+OA~)R!f|#jojUp;elEuGzWF;v7@ECBnFQhH8s0{r#7Y+;s>Q;;p4Z zem%19O-NH671PdX?BHhh*$C3$j4Z}7;~a}`^+Rm^be?rk=Xk}e8ft0*S?e76dV%71 zK`_z*<^CQckqUERMZ#W;$>ChB)Pk>KtZ{OTgeF?JMz#8W33mKUChGNu9zgM3-l`sx z_i*p?IXR3ZcTE=E4;VL@n`?q*M$u9(BsY3teQb$4k)n_6L+>M{s1f0-M2g$rda?D? zC~jIpHxU>KHR}_8`ITepx+{enZ=%PDmz5zlhy?x<^;$qL@irEdV%z+tCGU5=C@|4>%P^wd`%9S~f{Z!THd3KY9C$$GwCQ8{s$s^OG>g z8`%C|B|5ewROQ0~4>x!os&a3QWe()hN+I1UT|xT16Rrxt?;F=;A(=u7?2B^2p0pMG zwcg2n$vs2wjL4ue{fl7lN~8+oa`#58A7VfHBt^tfsQ+C0w1FFYn+J$r0yhZvnq}P7 z)s)rNOD%Im7jSM2j#`4yEY6~P2!zOfa30zdd-v@d^ZX6m`M*X|?Xbfrz6SQ(p zzY7bCI|U&%>K7t3H;Xh-_Ovrk>zjs1;hrw`4dow|aKV}K>KNxD)9bARQUB` z{?Di5ZMoS^O`on^iuW^xU+CtlHP2V|cP|ewURK^tnj&lG){$kOJ&gIbU8`k2Qov_z zRcn#qc6{+Vurvc@a*s(?{KQ!yE11oNWcj4J#Xq>)Bs+%qQ*l)h%^T-%p}X;A;DVyp zulOTge#uO7uJMxK?oT?c=Mt^7qV=;Ig{#u<>2zg}7HkmzfAW6QDVCGlbkM8#<7O@- z;48?%YP^)$Y_9f={tTArc$@NNT(nyI4Xqn{o5=r3yXq1Cmq9S*|0&^WMV(TPr8QAd z)bn1YD1}pPi}bPh2Yk}7f-sWsTK@L-c0n(EtP{{Zhcmp$LP@ii*TQ*i5xaNoXc4a6 z!mD!ovp+!wVU%zDZ!{nK48(?7l8yyG`pw1nK8`tvU-3>|Xc(*Cd(E@_6dMn8vA@jL zvwmzkZP%MDtT?H8;agTrG&qZhr2CD$|4E}CH3N1r0FV2=3vV9`?9xPJA!Oa{y?pID z?C*9GyrvtHw!#Fuesk^5;ry5jws`7o&*H;hx_k~YCd|*Y?McR4zP^DS>y$Th@u+DK zgb%E=!@m14LKqyOi7?Hg@*%6{-jG5sv9Ttj#g7h`gZRPP?1ws!^)J#&B_}`D=Ie28 z0B@vEzjSa$VZTqd5XFR*#Q16oNq|yp_NJh-z|Gw>;YMi({UOof);RAQpX^IHZ1;Yy zO$KieqjV|_iLT11Zt6HM966=Tb(9|6Q?B_G>mcgvEfC@}v{479BP^4$+X&51*UR|G zh>SL(x~GQ$qrSOb`NLs0mD+{JbAATyId(VbZ%aWr=x|5N*0Hl|jvi*VW@uzkmb$P_v#qSdhvD7r8BU+Rxhc1R#PI(fo_^&(N0JhZW&pDTdWi}v#e?jCmbUwTU+8#1@y zAmVwIu{{F;8i#4O$?*M*&1uagp6h}8x#e0V+xUX@mr%Pe5* zunM&|Y#+4x@Ex{^FYU_iv=e!m-L-~Ff8sx}eiaUM8apP25`3$c-Piu=iS*O&L#Sa< zxb~HbemDA(_+Hz}V*40}magovsu=#$<)qy@MM153h54|^n(@)K_>+pS{n$IOh|~E4 z^mPqS0GAFWmOY_%=Qaz)IuKVuJQ2xR=6j6qGBKzdU2Vqwt1d@mIyVt&lZPHbZMCQV z{&UKKgkNTgU*CjVjGtamGl`2PbIl~wx^xv$4;v@ZB!};0Ao;6KybUz^gy=)~)>ZK? zg*c#~waHx1P-G-li)=kebYDKFbU#Q6VzBGqfPC?Fewc7Wfa|Ju6oE6bTn#8q1pcLL z=6s{R+8)M!aa5n{^oJJ{;WXsLP!Ni{(so{h0fmh3lTxnmJxVTr_kiRByBeiK&OFBc zR;jG2DV?(q({Aq;OD`=)*1&zoz{(<_30!S_5u57ldhg7uj`;Y>ynUXZpZFU}PTU1} zKZ^Qldu36jsy+#3Xs4T2eC(Nn0q(r2{QyD7=HJ?9v+zB_oC=5UQ7jJQEXU!sXapUR zIA7iT7|coq!WkJ|<@ddQnOTL8V2K<<^}7aB0Xwu2ywtnH1)r}R zD=g`|q|}W83h0&pp@1F&VclEo z@3+@}vfCl_hm@J24sf%{@28Z;1gzy%W$W+Wly3P}*p@T}g8S)EzhKuRg04%}eE3RD zy<8K;?B(M&SA>Pj)lgly>mE!hVOz1`Qzu$~@q)_gBA8fEiHu0}mGW?WRHORlDnhzF zU%T&q{}5D`J)hvFg~6+w_|~hV$JzOzD=ECAm7nGzs;MRGhu`Kn^5hRo$Y5=8{@H_| z?ot20Pw!RieAzU+gl{#2;z}SAP{i6@ zIVVm*+Kan9pRw@pnN8;N=&Q{4oX5f&c7id4<-ygN+_R&|94WcKf!rKADlt2ML0hdh z*HT7nQs*fNp;Gphv3x|JlZ3Q)zXW;dPhT{D!SjZfGKE$*%Rh;ncF}o3Z?i-3cMCoS z2&Kyp&-4%;^egREFw7l{o;5E1QM+&d%}l08k)J`utA^)|l&xv`Mm5aP*w{@nf^D_2 zR#tR@^vU8=QrphF;QNR_l4|5j|0{Ek%B$RRSw$;YmnYSt{8Ao}+&{i?cPhOP`jHKP zJvWTpy1ma_$oYnu79f4YrtIB*!Vk3{mK68qXT8>u8`0i6s>aE4!SdHay(T~BB-D{l$tKFqifYkt_9qt>?9&?(f!;q5CQV{o9q`XK+WWu6fwL#&HP zp#QRGZRwp*W~4^Jqu?n&=I3@g8_)c=U1zHomuF|&+D6CPzqH)WRVh8dv>FibU_YBwz7K%zmXy>=50~|9nI@| z6Luewn0chguHR3|P9|BPe5sVL@WO)c=D9n6_-7m9{bV@zJ-zk(`+|5gwc?orTFL57 zw-_tZ=A6W=7QZipWS^VjOyXPTReK~tX;~FNP$W@p&xb#Syy>R(s1}|bA!9HakH7CF z!uxrZMxqF0lG|wJkD%YD2PqedI_SqJp>`LhCF)m8lH(B#kIrP}M5Z8TS@H0&nzQNV zn-fC0Zg;M@T#aS(cQ`jUbK2XkhK5coVzG=wuxN7gkuTm(I-mW3?y*Fi+32mc2E%5$ zc!!FhgQ@X9_Et>9<oPY)}bvlAMcXM_T4Nqx7X#j9#xt(Gqf0|q`RTXgdF0H$u2BA@agjyN#$BA zg*I98O4JQ}4{*G-YjQQ&DEXj9%n`x7J(f9po5_OX1gTBEoHY=>GP= zt*jGa?WH2DeuZqNAZa4zaAOEW z+nkQ#yl0p*${F(YApRtOD3z{l+L1DQ-&;3aM(g@0DLNx$4Ns>b7$Fog62q776)ur`V>q=l_2YeiUNY(Z#9x>z4n~d(Z(Y<| zsbz+5kG^A390w;1?W<$EV0t2SnKPz;$sjir2P?zIlDLm45zeAr@ZHi$8{7yMDV)4@~MjezJ)q z1VQc5r$S$Rw>jme-26$}l|FUldRH4!R$A{n&_`5u2Zg*;-rCi*u;F33DNw;>r|XSx zr_x?h8EA9nXEz)wb7StcHp~}B2`_#IOLTi0y1sV8{kDh}f12L}7UV_Z8t7)8s;rIs zsPWT+*lLt_vUguEW{$kF(Itw&X3gGbl==%{g4OVR7Jn1*+Kt_D9!)7U?AT7tIe^pO z_qE@0AMjHscyfG;!647WPkz*I(*O9b;8@Q@d|pw@nVVzL#jS6UZ#X|W=N}1lofilQ z>><+2HQLJ?mZ5zn$L|6d={vlUC(iJGJOEx+DRf8sTkh;SlQ{p}3Sx}Y(W9|F(vzGM zF+6Mi{z>egCt37(xo#gb-QcOP*vfyg%`E`d{(0U1Vp`zKCy*(*iKvnv+@%%z5h&@E z2P{lb8Fm@1-|s0tAwey*(!j&d-~Macv<*nLj}_fMJ^wA$CJq)zjI~hTv9ROe7jqk9 zHz@^T@_0rEnkTS!?ZX0|D#e%a{(MUzj(`TeMndhRH{;o$_w-0A(Hi4zlC|eUy<|ns zQJ>&D1?XT;SikgVrtxey#L~BI9clZvtaZm~i5`8B|Bo)H6|47?$fi+pmXY_ZK2OYX z-FT?y>Hh#F>_v>Q1P{et8dJU>p$zB8ZNS^#5HV$TQ)fu@>O7RN?LJ;7s z;zN#NRvE>AEyQNc0-QwCZsxFdNnSGicy~|U%$0$p3#s5*W;1J(fAO~td~ev(!ZvRT zTCUXZ14=kc^b9)e`yv^n^+QqS8_b3L0{Tzxi6APq_$-jd9O;*}4e)7P=#??2{GB>< zVXgpfbi-aZhjOm?Z-S+WlZ>S+@{0xI@&+5AOO4Xc?I*vr>t8;e7y@Cj_z$cqNK{Pj zn|8u2Eq4`mdhRtSH5_i(K1;i&Mewm_>uz_B%u{r2`xfNO=MkF7YGXsG!Z7ANiW(}# zPUtLBeLI3yGDpyA>;DR^e4a5K82krXUFn<0*LU0M9hO;J>cSF$n#0PVMzrJBUd5HR z;_;0Xq%(1pvA$B8VQ35KTKC|@5wK48>|zwyrf5im5-Qr9MjvYws&?kyYvDoNrp z?bx4B`ph?Q#)aNdo{$O4RJKYDgQuyN!V$Br1YuvDj&ZHz}$Le$?}1Asz4Q6s|fip45{C_GJ!p$Gs<#< zjurhqY<%$dmZZ~yQSqMGeqAr14iEe`3dNR_qqf}to~H@W*2kP5C^A33MTx&Ad7Mo8cjDP{r3eC@4lLuvhj<*?H5)-5_&~(d+qPw=gTB}26@L4>f?aO%3 zy~yqQ1M?nW@LUWvlL&on2;`k;o_ zgBL8#zELs#dOO;-xjwq}qyzFmuNX_Htbaj|St8}9R)#-FoP}F?Mk{6X`N%+J`#%Ie z7Si$nX*gu?PW2`eJ;4auCXVv~8AN?5fpaU4g8=Xv(<8c{3*bh(c{-K=A|WQmZ1Tn! zv67l-IWNOM7sI(c8Az`Pk8Pl~c(-eeAF`oC-l4b%=cm1`} zDG*7jdjwD_^_6_jD_Q+FLeZU2fMK4sy|XQI%4lo8m|k^pHto_w{DEF}`m8cn(>F#mHrWgf#b9;>

    mtnwps#D*U^vNA;N{eIVj#_J`j`$SN^?hnG&k5DjEs_L;BRouKebUgcPHN}!G^=P{32tf z=Y9ui0t?mMk?2cqW`952X#0Tgv-$9s7>DCiAhN&fV%Dx@L!uc45m{)=Dq_pK__tkj z(Zk4-c9xH2WQ>iHNZ}6(@aLZNpIlUumc=L2zfNIlZ{MCOp5?~oB`k_pu7t+I@~V0! zgY4Y(hhn((CN13lEQ~6E)rsuNNfMp^_UKlphSB(Q#Z;M+6FY%IS!2_)9Nra;8u)`~ zN+O;p==(1`aT}=-U_f@^K=jOb-VEe$ajDIDaO8(?&3Fi%n8#Fi*m!J?TIYr6%fa*( zvrH`S9`WDpY8rpIn;QnhoGJ0RsY9=R{oJ8LX(a6T`|}qEz0j3&0h(Hhaw7dVnXTvK zN1i$68Htn)1=7<#bJ?FZGQ)BjM30Rn$H({D91w_d|1c2F7Vq_OE)-0zF)QF^u( z-hXza>Kj^>Sq>H9s}DbSHBH`1e6i4XtC06xB;WNcC&=~3IzhEpv)GRXuvc$Gvu*W? zJHF8t+11Y&P=TJ4kdVK{DpED4SR(JBZV5u2FR@=rz6}E^)?mWQa@0f%u8 zwXlQe@a$WuX3}i=A}z<=HV2nXrhv76bz=0?p4c~j1z6wBZRLknMV1;qqw6G6`U504 zg^cYR>Q1K3PHKbtJZm9;#m74IPD|ysfVx^TCB(vD@)5;l{z1d=OBA4q^GR2t`jbRu zZt>2Y>W3<0_NsX@fBzgl5DtzO@hqrn>g)Kk0-S+bLv9COHIFRAEisrfs2Gwxv->>DYQ&-t{AT+h+1qT7RhYr6;v1OH3I;iAJY z2c$%0JI!2VYsP2j^n$OKPVr~_S-s!(B*<$uszahsh){@4oAo25=IiX*^jD~ ziLRaSzArzTe2*oc;@ad}-`>ckf+|O7_~Sy#2Th54d#JnN)d>whZa-OncAaDka-#WwoqhNcNZ8nOE9e;-t6poSF zHH&(q;l0Qs1Dq()>0msIH||r`A1&vv^}@D+N8*nxY_!G-cJ`U(`=5ZJcmne#GL>J? z#o5ekt^<>T3aYVoV*hN{iS3?-^&(_R;nD) ziw>FF?;UNKJ0#r2Re+Qd``X?8J0mQ=m&@J@wZ!^4J`2>(jqBP88cCn`{}3|{yCR^t zerR>g7;|#N;P|!*#$@qWNI=rL*~{;{=AN5ZwJiJR2P_uAByleafli7AalY}6%~42- z&6$cnJkVrZo7Cw@(^t;rkMv(%I4&=MLX+nI?-DxT3MS3!Zl&n_EN=Gvf^#<*%T~jI z_FgR!NhU}i|JidfdysGctRs zHyocufK_vVKsFuAR}Gh{L+kr6Y!wfQ{>w8;Sd@c@E6C;?f9LD$?>_yyU^%Y#_#Lb@ zryzI1M7R`wqnOu$T@De5d@WLblbDJHKkO;UWYwo_)J-wqJe;!D{~h<@4!c)5=KTA& z!x#g07rQ~iwLl5yA^fmKZ|;GrB5|g2#_)I*{~i1^=gkbDus$-_8Uu-8qhoq7jcpV9 zMM)c)6vzGhfW88PYZu7WK+fR9nUF1<}q{83ZF9`U) zt*Re1CJC5YIR6qN4m*MHc?NN~Xe}@sf1;SiXlwtI_sF(Jmft`vqV`clg9N(vy^M^K zmh?C-kVe6+OH!>r1OH29jb;Qe*lYo79I?-xPWYkRF0gVwK0>e z4ZRm%1!u%1=FV@d>GBPbJ_g}k$NNt4$3KXJo;KZXVC07*026wrEdGFx*to7~A}42Q zVmYPxZl;CHk7`oA7gEieU9b?*)gI?7ae+7o8rK9SAy}K4U4gL|lXQifYf6t`K6JyL zf{A~(w*$+0O9{N5b;;nq76r8jZs83&oHFSwrlp`1*F&X!%EbS6w|RHnH!1(p)WPFe zpUJ@sk`OQz8;DVEX4!&a8FLo4dvD%uKSeM-UYaQ2+OPhsm7;+?nIaMU@>vVh{O?fOYD{r(R6-6F z>d=dr{?Q>iD}(E;e`4#Wyg07btW8J63l$=3f>#-9J=c zmz=&3q@S?!1k6lF+tY)Xt>&Fa0;G(<0l(T>}`aLvU^hdk=L19|UGK#E^%EE52k z@eH!_8M|JXjYviMm%!LP5Q&x?hGb^tjcyzw$187R{->f7uQ+ONG)}NfA;)gK0{N`* z0=c4hhbU%GW@XD+`KKGDZC(YV61O~CvQDcbx2uG&4i=v86FlKD3q9xCvfVPinp{|m zRvv6wJuqnK^RG3Dbnm>Nn3x^q6}P$#lBsKyq1I5x72Je<8&Cf6*sMnGc1pQ}Y5#-N z&fw$331IewkG~y0istUrBfLm*!h&qW9tp`?6Y6=_cmwtWO~tq9&PJT@aDA(4o0k#9 zqiUIWW2MQ;j^3ZBV4PosyZF{2MnCEmS^7}(-#d~55tY85^1C0~dm4V**SSxe(E}b4 zlZqR%n6|c^!x=UM^GK$;#n^@vhqd`e?}8>?$qZLup?t^fv`7{%VKFsye^B^dc!OJ+ zd@V@S_8t$cgKmV#PSo)P>yVKyqSc@Zg=eitSjKADrDH2X*P-%TtMGaR%FRK|Yimz= zHMP>S7Mt>eVNM_7u}AHtFtZr215Fn6Sg(6Kl2fMfPf`UWWM2V`JIAtnzrSV4CN#R+ zI1dq8Iic>*e9u%3ffV!hZSeLP-V452#C_y+_*>7S$2tSnFoJ0`9 z)n-Bweovg-a8RKS%Y5{it0rTR=W*rC-KuS`m5zElqc~2H5YqJJudj{+A&QRm2XXoz zw^tOmRXHg|0lhyq@mYoPIW|MSRI+`L{PC(cuJz^42?&2AwVafRL&&>|N;&_^1z#I% z=uh+u%Y6^YVOCi=7HN2&r#F7DCxmXqsXKo|KoPfV^IL^;)|b<<4*j9|qmPfh(AMuO z>OW1OEAQFyO@|&F2<+(L7wK{~BW|K3WqIZFrjB=AOD%K0ponOS_--1&=z`iH8sgW^ zd60?19+yDggxvEi*>n=)ll73R$7zJGbb8Ov)Wf}>1Lwd%b#XOh$TRNDfv9kQ3%^nOwPh>AIr5QI!~9dS z7o1n<5PCHRv!EX#rl)l*^q9Q4D2_+_xjGz*9VQ>x%iz_rh*{KWo>_zL0{NWU=oz}z z)yn&>ePB8S@ez>m@yY3LrvAH?2ie}>`_go1Jjj`cW)Asl+}ce8iH|&`ZO6Uk$-(uE z!!Nj0cfzDUH<|ODjbZ}L>M-CQz=$(CxgmkUc!xhUjZEd1$4HEkF_@o;%im7 z(z-gH45a@8+X+a3CCf}v>t=*~YN&wH%z%9=S+&FhDh7J4MvmQ*{ z`QPc-t(V9>K-Z9|ikN+GcCbkHJM<=ghZsBMN7^1&21Xy)E28RKm>4 z_l9aj?fP9^w~p~U>Feg+cbpi!fduDdfL_zE%h>AewK=>@74mmEL{${#s&H>?9Az8-7&LY{!8=zfdpq_I75LQ|6A*&ZNUiE*0agG^o= z0g@3vhA(h^eTU-T8YCuz6X4#-B?f{5Y`)5{Nimq5e%$XoTtk*k{lz6csSUcP^i2Bs zZWLQZzXuC&^T6~jjv{oFX$BX~C0mWT>gV==Oh~xft?k=w7u;T7qw1|e9jC%q8@Bgh zC(}falA9w(a@v&hS@9Kl9x$lv%4vbE;h31OE%Xf`xcPw=5TO;dk3Xt`_gqpPo70t1 zDp=ICpzEsxU(Xit5z}>(hBl-(!W;}->Ye@F3y;vuyF6g(W3DHEAGvh)#5>?UN{WpS z>~aE;y(aOG?o*eG-44cwGw`)P=cdGPXT8j0^038}hG39xMn4cp1$qeSu6HdR zJf!N;r0KAx17apKL7mc|G9Mw+gS1mHSt`N3UPa^0nU~4g4Sku!E3-$_G>Y3pAyue01jhj^6+IgiiD$AJ3E>(@VI>gg3`#j29$5M?_kXMbiIGC3f*?{`nS zXc%pb_4(@p&kvN`kChj`{$+*ma4uQtf#&t+P0xo|4HX?L4@QrQE@0Iu+3?G5IaYn=#4wQ%hr8wZh@pm!u2Mr!`daqYZTOe`vmK)BHEG@s z%&H>RJC9RkM^a;%C086DTxkIb6qz?~KGWqpg%v6P#YqKfD=MXsQJB3>_DO`^9TUj{ z9OigKA~e5(EZelI)|L72zbFKYL9fo;zW<;eB=IdFJ_qj1=v>&oB^l3sI)1-s1glp= z!%GY6zjL+tx_Y5RrS_X}jM+WlA$?7n<^`CUSnMj09ps(~I3X8jtYZ<}32LnJXM@_r z)HWTpU-a>h(UpXn0llI&^{28lMV+X?z@o={*B`-K(F&CoH>x_jvW*Z6q)As!;68bU z@rH_8KYD5!zCt&i=8>~?%HPUq9+q$w2B+XIJ-3_eS-zPp<%&H%!TW4L%fa~(I(}#K zwtf4!H#%WHqg-ymT3`d7(`{2^_vxzmZV5sE;7x!HH@S9x7;hmpNDu5>9#|{TpUpAN z6YU{^$TJNLF)sU_#XHxQmm!LV^lZ}nXPqUlZ+4+ZPVX(du(@(b6L`psVw2= zGOFU*Z{#SP0W|EyJOWF&4FBwBFp0J7b(t+?T;17563f>Gkc~FPH;Q<< z3~ICsQLEAM3r>NSLOp)A!&#O}MfF^B9Q zK)FXBH2hG1x%Z54At2VK~bzG{zej)5cF- zh+nSBPkf9)o$S)l-5XrBKCo=g$==YjKmIG3NQd)_u@6YLflozCpI;t2`cabIM()AW zqXZAd7e|Am7h}f)+*7CeAxy$Yvl1yvh2tMfYAWFz&>_PbUfe@=ml1CT4lNBi-HlioXs>`A>3=+RXvU7iwzc_!Fp#Ym%H>Y&yux zk9E+m4Dzgv#JNHTj6=eB>^?vEYPiD_A1sZ;+ubF_V!B}gz0!#baKj3 zqPw=%oCVa--<>$W>qN9&4JHe#9=~mn} zF#Pj+1ZW?iHMW`w?Zwp7Zvk^hyW5_ks=r zD+P;lf91Q<{jktaEK*4x_#_Nl`!!Jq#)WiSm=1w?j-Z13v2ksssp7VW?1VrO19`gF zvD5_u{r7ANm+&6DgePCsd`nC&#`b>1kw7@Kd?WdidnfYFE-LnqZ>yTD6YN5@yIDU3 z!j5)yz}J;OqUhf9#wXVEZqPA|8%BqNWb1&Ko~DWSSYiD8)_wjPWb6X~Dc{r8JU%{Y z8bEG)GP~-NEVG^!YT_-;s}qn?kz=LsCm^V2n{aaV-$`jD|BWvonwL)ZD{CvA_$#d% zt{6HqK^mYd(Q5pD-cz+in`+@VZ_6Z4o_)v0otPh6zCr>bYWqggWn z!oh)KxEF8kZ~R_s!~nJIH>IbiNV}0bMC*7O9lRy+6%(#*24|fJy|vU>Wu$vib~&c z0+qg4xI|XVpzU?K^F_xp+B9&Qt*nd1->5zWyNasGXT-8rfd%0V(VP5S;#Y%7~SjrbHKoh8g%jPWusf%Y87ht=4tV7 zZD2^N#lT$iYz!Eeid&!6CZYgbKe_K@K3)grA^>^rhf zq7KlN`<+$SwjSJiQ;z1E`!O}#`D#X(!|}vGCQM~9`M`rBsAz%^a|PGGr6bUi6D$yJ zY>>v`Epv9EsHV$f6^w9EmFw}w{EHc0dp4uKCN0>i-g(@&^Ty>$RodiM1raxrbK^(8 zl|uHs1?HnawUXAA=GAK;J4eA8mkYwWHu2EylAqSSfj0^}%@ATEMVhrPMaY9%F!<7f zeS*jxH~a$JG3)Vmv3Scm9S$|qt`4Tb-DR1cd##OB?!ke+)soXMqN|k6Q!V%jPEgF= zD$bqOs(r!!m@R%@lSJQwct_vKPUXvgc=7KDg==x7Pp4vxsm{6lD+)@PJDSz_$73=w zHwFx0Yj>IQ@v8mwtON;Xz%nUS5H#@1LeUe_`!!zmSU5(c+}c#kqnFN!uOi1dOViHZ zo}JjkB*T}ibxTLNx;}M;LBW-({hM4B>w$CV3fKv2 zpvDnx{s2z}<3{rGEkKx=SUzDXtzk91b>C{1jtL_nDpy>=Ce-+u-!}CH*-e-+U2MVw z*ZLHP&f~LxvWh6L2pp9&V9=_A6PcIO3!z;f`DH5QSBv@u|DsynFEb~a0XZ;gH;yu& zid0`8kAYvB-&|pdgGtzQaA$oeTA&$R79)t*+mB6mm%1SqYN>_f) zEPzk^=99k5@m826hN4;HG}*_N2MWC`*o^8l2x2rlDYo#MYP5He7Gwkqmcu;tUDcm?WVw9K`RY6RPa#5=+dW*!;>W)Lu z#Q5N22~dD}aXQ_(nEx=#XIFH)Qg-@Vgk^9InibeS$l{-j;Az|xGw#4_V#vqZ)j?;8 z=Pmt}CPGg4?R#O7mX%~zyWjF3>sq641i$PIWuNJxW34_>&*1D+Q6=Z~=)kYfgbZ*# zPM1F~HUrDxiR@hi4k&gye_ld;AI}9EHCI{h)P_+hhEf|XD#g8#pHdkf@UCI%QbS(_ z(`7|sVwajt5q6JbV49GlcHv^ip0suV>u{;XAWmfpwFKlJI^%~DgKPL zwl7cMvSH%7cjzU!cE0z~RxMw4g8bzIgM4`iQ!Z86`RjI1sE$XSP}mPIzu+m&&x$|H z-7h9y{#u)SmzmLq8w%xqI#IqkOjK|zLf5@hn8?aQ^0fzQiJ$Jvb^jtX--ZK1^Jwgt z2SaXW+MaXS*6`uT8hb8`#BI|<@WNv?=~o#AwZW{GB3==9c+VGYGhTa`YeZ75`22)c ztzbWzY!V&ykarde^|OpS5K?+up!dr4C+>qPtgHW$HLmo?f~v$rEh7`j-+o$qh^;=! ze9oOCxa6};xd~GvuJ)nAesywX#~$PKZ26|hFB5J*^3S>{DT01<`3&ixbuV~~pY?*6 zv6novpip)lf>f2hZUBm9f~S7I)}#Q)nWjfgniYTeVf6T(F_ujCekvEE z_9`2?8)d*|vW6QfZuJBWMD?*plkEbh>cCY!>R}^>_Va$T*wwTlKwnjSU|kVkcj6T# zg2iYMU+`Iq1$yrV34wdxomJ@BwW(PfoTYre&Mr*K(d%Bo`X}MirrUsI-3N;If=-8M2 z;Bo3LaJ(~aSXG@Ad3ViFKYZ+ytY_H&QlGZooz0|N-^8Of*F(FcmP5gwV*@(PX+Dom znkf%z$F)E4de(LgmOmD^SS0)G&*f{wV007$Oy;HGaTysmdiJZ+6JTmO+I-5}cGba( ztC$$!iV?m*)xJN^3^B+VRufd5U;%F?rTTEOdFv#GQ3g#Mjc*&M?>01&a9{VTOhrHu zz_zRZ3ARz!2SnSeTors~nR-IY5#>|MI#Z%vbgX6v1eq%vqr8CuIW$havB8T8)n_XF z=jqFLo{BEYm|w2{?(8p)6_&+)je`(;f&RX|!HtFzUx)S3BebORuC~ru2I(&T(5+%& z?Liv;)dYHOSef;4Uvj&M0jQyTJ-~7FMj7n6-mT%oc*a#3&}1(0{nd)f5QqwuyIyV8 zld4I#y`-(mN_!o4QbR$g^`rddNnQf|pI5*;T?QDw&YTS*aWRanGw<2_=yZFh&vXx%xYdM_%2xG}_LbVfTb-5p5^2+v{ zSl@0dER@iLATuvkih@(cj|Zw*`vW#EqDi~<(k_(xvifxd``Ulj z9lIHzF|iN+{=_4D4Q^vkf4zvP!}#y2<-ZpsOu=W~5PLjrWQR2mzPxL@`fJ(c{8DN($?n1@fXWP?#~Ox*;2bwbvmraPN_FTR#4^}u6@BpFvTJD#nkX~F z|9dQZSKGj@XI4#{G|nCgrL2HpUZR?g^V_37II9gW*Z)eP~^QvHO^w)XEwslPG(Xxv)jwn0krQ(cH0L7XT8OfK>CAISbka!lzn4hZ zVcE6<3%3$=EB~J%@#*owhIRn|--$$%@|jmf6rj(b342Y!_DJ z)sLj(2+a8@A7JPq7``mQd)=3)mWpDmYF6ukhj)E{+%mNy5|k_u7e>8Ruzk;iC0);X z4tg}2W&C+7x)PoWkYR)fd2O=7?@3{c1v^``2muVzGIm`FIQn1GPQmy&AsXC$Wkb(+y3s`{YV8sV(-v5XWJ^}#E@Qq2`9uiBS z3?m5LsAHy$BT0p$~!aGR3-;&C{G)P(a@Ly9|?jH{8A;j4~Hj za{q=>n=Kg+wS@Q1+k|$(FjIE(72i#v-)-h^Fi9plPV3fPvSE-W!{!o@DO_m>U=z0v zx0ZQ&)W}=nf?ye;eU-%MPY!4kjz!Fr@OD}c1pBWJhQ=75dN|3*)y+kb4fy) zFP19ro$#Uf`9-0kJL1tS!bS>O*v2Kkf?c?%Z523VG99mBQ z`tBCY-wG8a{4>7t(37}!x$|t!c1`|b$S6_~4Dgs^(({WzL!u$^%AJYuq;r{TN2Aub zG8ktFnH%tr^Mw>xZ$sx#8FvBkFoRFth?+@#3RwNK;uw5^p0g=WXG0b zlbK^nv8OJlW?$Ob-jFzxGN_93cj4PMFYl0bwSYPwy~MFA0NIuZ*TQ|!(*g7{rMrjo zK(s$bsJK>OeEz4>FCHmR3ruV7QN8sa4F=36C~B z81RJyfPUF)W1q2Q2xPbyC3RklN@4ZF4&g!XRhoIJ`4mid;6jW42iUIfayAM0%`jUrbq4lj1As@w8<&1D=z|fr~Acp5`V`7e= z8?M-rK5AngjH(X38`>-`U9BBoR}ix?8U1=Q8AzvnVkmic+bcUiewk9fjr0Hvy-?%F zN<8cAxs&a3$+Q8dYVhow!SesyKe;7IpXU84J9@*Kza3jaQw?|@wkO_v^-2pf zxVE*aOfP!^SuC^wC#y(+vQQWzJ9Tfk-99XyafiJj@h4gcaU0e6R?k_h;m5W*Hp*@?B25hUN#?EO9flX{b%H`GepcNAyj>{Nj*pn9P#_$?P0mnqvf7XObPN=@Vcp@)(* zoOsbh^?mfyfp4=V(5=Nt$2z-B<=f4MMjx^+LtlFI=AV^Rs_Y$ro=eh_;b-Nxbg7?Y8AYTiKmHYwxFENk?*P|x$nHna1L#bJoLLC>3)ehe))6zjN9lvD-nqk4INZqBLx@ zT#dJA;msCUA-~8+-G`99W;rVUq0>IM+{*OX+#keuesv=j4R)Uga`osfeO;Mb63*>x zDR!!vL`vEb571powFSb6&&B#rkeb-AnNd=hhku;b6cPbHEp(O(R)+_WFCF()+P`0> zZ1T;f#ZCGtwOm#(&L-J8^hF$vxl!2{z)1pQ(-zx~s$5G3XtYMou0e_5<`6KBRKvFS zc#O~BV^KC|8#IJ{z}Dh*aZK+tHC265?ei{`-E<(&-P={Rk=Bd30A^QUzU_}(QY52M zmLx;F9kuEglZF}9Cib6r4APj6YGN{p1KB_|VnH9(1E3(*TF!Ff>%ORRCF+TIbHpd^ zuj3KDVa{=k2O{p55~>oPd3}yvl2>qE5>6a6SsMbYg{6OOprhF;t)M=tf4?N9HwQC- za<90dfuQJ@uw)^sp>5Lgz+wu{>iVs_m4scu1b8$P2Z#r#{<^ZU7Jv_2iQ1=SNMi}{ zVmZ{X+TMLTGVm>LPImw1Jn6aMaHs9~uR*=7LHlG{)WuABYw7AJo z+{-U>)x&!~SK8h|=H^jRcrg}vr!8iTA!6A8I&!umvaziWZ7*fb#Tio!8GCld4@abI0wtwm$cSdbT zsnB;~NI_#(4~m}B!2eJN%oby75zH`1aq`0xcJfQXzYNSd_afR)q+|yyv-X-u-5o;t zyq~W$Z_y_uv358bDC*Krec?n;&+C5=2C)=D)BJf8N^{VY?~p26aRppm??Y%(cnbtW zSgd}6>_f9EQJ?M3o5XgBmV%>2c1XG^YGGoy(wZTz@gDEJ)R63_!IxgDN)>aXH2M}? z(t2(B7R(cNJc$!%>*|)5Ae@j#|?ibYyCB z;Ptc-?rfUh*VJ?YojcT)J}mxg$S13-tgfq6i=ee;r;~v@@vQwk{1v8RB}CGPt~+;` zGGyS-l$if!Ajid=8pxl&I5CjNGEfZ0=SCm-$DgMaB|8hZk!9Q7-TJ&DY!9dO7$~sZ zl28ZI=lYG2=$}iy%eZ2<@w}HyB>i1A*}Ihp>uOdG6Th{&8vFF4S?K8HvB*$cQSDD8 z*%@2AvdEl{?YH=47nbOzm~)$n7Q27B;X7{oGr?D$-$SHkO&}ja#RAb>vYstT_%2g|F0~ZJtPQ(s{@oVb*#?Yt5sNZ1A=Uu$iO}BO zQv6*i`!@%;XvlY}CVBZ-SGwll$Kf_;h;|;^U+|9IHVJFdngPay$`-qz;6sn5*fE(y zM-&9S__;PwI`wCXWp)0|L!2`bfm|_^l)mPTp1{?*ZiC)Eud#&S7Bi3Zk($e@6`84+ zqamO*@Wqr8U2mCuXYehQ)1STGXp#A=b(M;!IH1M6t^dNgl{SdXzM+DItH>-ceNP!Y z+~hyct$p{Kfuv>=jqqp1opam1E2OmQH9U?J8t9$Y z;he>2wRxGt=AEQ*FZ53C8A%v z^e~vb;g2lMh3({R8A9;;g!6YXRZzpaxcCp)r8FdBAKe@aqAOPuVQIOUgO!xr4t2Vg#kS82%f_|5tLQ~RQVL&t9*l=#k%VcdJj5`E%%EZk zalFwd=@p0;OJhAjYC}$Q;YR;si=;^h%YlQQ?ymDYcX|5!)g{(%v-ZImAib%Hbav0= zSWHTOO3wC#Ggdl0w`;Lg+wI!9u!FyxX#Q1$6&FIvek%fLv^`b)ggXL9is*tb3Rjv= zh)Q@E?yI<`vr1z)X~!GgZ|_gl?EgiDb)It94@nY5l1!MRQIAYVvn-Ms>n6)_HPe}cn* zzkN%+u{okcvuvWv=NxwewJCluSSoU2HX!fQ4rT4lwL}iGjUNFXFTOQA4+x98E$oUN4KzAA5Fq-)Cpy^nsT}6Z z@FQ^0uwrj`neobc?vv`e7ekue(~{O2ewYxH1EtxlYMY2f@6E9DaN zP+0@r;epb0iPhQ+o59+TV52)sTinGg@#-8IKSqk~uqBA;4+MNYUw_$b;b7hQ@n|zM zji}LmUFpJQ;nj!<{Y?v2BV9erjCGnAjDjxpwo`4~ZDacV<&SP1w|h?;ytvMXyjmCm z|MkdxH@+~j8{{v*{5qBn`5Y1xdmHOq<2=!|SF)~h^Rw!TUQxn%l%kH)MMk-rEoECP zf~-ip7x}=DfN4)&$I!w@)>_Jt)dK@Hn;>*W9T#d7|FAJ=(Y z1ce<(G`L>wx{6@WptyJ)g8uw0S_$t(uE2*a0-h^B z+-I$mgmf#{0*5L?FZEhy%MeJ@n}}l?fSu|wNsIyX ztmP4T0#73$qq(ePrFgJnq31}1Ce24n^E~J9K(kDR~V;A(=;YkXK78Z@mn)riuALJ z#ca#kVKL)%aRR|roJsBKwbnL4ParLI-=|0(ENtZ0oVYP1tI=b{9%WcOidliR#1^<# z2?ia^m4^}^7EUL?9E7OI*k=;ryE3&OaqyQXH!YpTRL}YH zi(w*8v2gw!{k&wGuT6ixBUi@9JfB0Rc&6giVbPAMJxvdt3dD4zh}BaUlobNHjp{!? z^2zU(=Ki|I++}5xcY(bv4165VII6ljC_01+EZ|eBepTnF%%0VutFL90m{9cDZidHS zm6Sk#t0qQQ!!a`@@j_CMZ9Yz`vZ%2-G1)=qcDvfPO~rPhXjB=MrR+}uACYR-GvaTO8xt(p)V;3pg=Vtk z%+baT&)~Y_$qFco^X}mB>y+-5GO_Y(_@N_ds0c`opkWP)hm$`q8X`_n>W92 z_O9`Vp->ay+pv_@j)94Tn;6L`W31WieKhm~S+$W|a$6M1EI zVxu+mseAItp2WJbtEM(HP@s+H3Hs~8p|`()K~d{YyCnW1QF5PkaTVkpT3A$cg`YSy z5X@Q7ig-5dU+PiLuGV;X`qX)q<3aolpYWbit%U(U-EOb)Qk1$qb)SP@{=1YUb|=Ql zn7$um7}i6bZ|?Rm@C8n$(zMIuummB~B{lHF#}bAz z$whk}LI;Km(LGB8Pd5=K_wCi-(Q_kwVrG3?bL2M6)9g!_H4O0r4!=ADV=r0F*d0Ef z->_bQcJfBB@~gzr5AgK8bJaNr*IKmtvD`Iq&{ZCWF5}rW#jGBSgpe*Nnq*d?thnyJ!w^W1qb1R*-JC_X2B?)E#Ca12ABJ)8t<_Z|k}62o=s9kBYQ7Z3Ecd9<%iX=CB08{G zPL&DHS+SM(g-4b)wLY zFCg@F+-8LG-hJ#3+V~wb!<9g^LP7VkvczvZFAr*6k@jX$VX{) zsYIDHwWxMFq4wJH%>WWd@tp7jOE9fu%Fa#^<1dK39U?=88!Rec#S4>xP5Y|o+P951 zI4jyxDG~^~F)1Q3Q^fP8w>aOSy-_kJb?=uv?c6i>Ad3?Nigs%rr5Bgh-6Vk)^RO=A zt!qPu-83xLS;M~V{5J7s(goBRw*?!*4j$7==-6HIVRzTp6^06JmHByp=#Vr1oZx=- z!y?L6NOr6$em&4->&|6zho{V#bz26qotTv!XMzni;Fo*)_$E9rbDM#3=Sf(TQeR6{ z>uBBGwN0=m$yC%MjxHtSxha}Vb0Nhn-s|%!UGsZ*5>ym`kZzj8yYiwzMfb(So5 zhlK2>B5cQ%msbs)7H)Ki5~DqaYHRV}L(_%(g2Enjsj|{N@+Z6AtG)sc;s+BRI$;5- z9(jl@9F=K?R%ANacC>ow{+L$fj`t0k7R9wRw-r2f>5s4k`^!Fq3GWRiBEU7}G8Av% z6Gk`cQC@q+Oa`CU4a!4DMc8baTRYfs10bD{`lfFzyq*M*tAXg2t2(7sRy(*6{<~(YzU>pb;pQ7PwYQ_|Zz`@#l#zv`e@+rl>H92YX~40z z9`(r%)7xrUN(FBpC0v1yo|iDHeWAl+*=HJd zOZ-o{$kzv?Z+o%P1KX|EGxpLszQC#Gd|5BAvBL;tgwAEx594-CD4~3~!H)9P9bqyh z20oWeh5OeXxNH`rJ7Vv0@&R#xBZ``~g?Kg)?pL+1u}S)8QEo_ps`%5l_2rr0?V&pu z>dI>ZmmAshO<^!87uv1-PWtHQkZF-opR|l~e%`Rra3%>4+t3#Kie6!P|7yAWH(h7u zjp)NPAsp0;o>#OFS|`%9*L`c*3k~e3M@5$+Zwv9 zO11m67|MKKpAsf6;`o^v4fMe0qRqr*) zs5kp^_7!Z}donitM*d+m>ZY>HIN$iLpwEHF(>z$@yjDT>lkz8x`sZXvcBoAo+TrTn zy!S6VbR=K;`e(Y~+QFh1bppS&i*dW@B(H}NVS@0~N9e?kNMt`M{`z_Fy@D+yt`ZAM zW7GF@|Cy0Gd|Mf)ins78=dR3f4!h3fo+X6S`eZhJONAvcqa^571K)apIClj&(3ng{ z>X@5f1JJe$llaF zj)udP!5)<)dd(%_&ct*fuYvKdiZdM7i`3o-bXkt5j@B`4uQP57yU{Ov>xO~{W?Gc1 z(u@7D768tb+8jCgq{%I=exmef<>>f?vA#zn;vcr{7$6GEru_x%5Bk#d^_XKHuj!1w zhHt-^lD1V7qVBjTVy_>LsoLLN!c&H*HPcY8{osFEebAYt)lAu@{^KyV!LUY-Mr3B) z&xp=Cvz{zXZwWG@PL|Fw=o_q~l_$OetkSIV!7hp7p)mzlvD<7z?MZA10SS-v zF>Cf_N$+_x8AGkb2a9c*dRmxcxO)Wj? zmI@29?FFOt-dE;@aeVc<$PAv`EBpb)%O8RA!GigYnOw?RZ@Oe)&wjfb)C6?HM$*>w zp7Y9yJuqCnj>doA-s3px;JoN<6M^5j50sdFOOu5PT(HazPnKRtm?;Hwxk1$_$IAO#4%kBGq;a zWui((6Kvd377uwaU5y--l#BSH7MqXtXpOTIRsdts)Mt#M&gW`k#-NtPu%DJ@#4*{f zJ4N#JpY2EBwwc=w$T?MRY4|QeNc#wLB3}xDtkL3@W~abSB4fUL8gw-I>=@2POH!6y zd_6OqtMa(#S8Ds0bGyGGOp`*cp1A0Amx1g*apw~TR_7Ui)hFQjE3C{X;p4zM$Tz6z{y1UJLxaY`JZoKdPn-^zK0yQptc#LfZdJsAmG=*CMyP< z7S>bSHa1H2tJg#RU$CO3>p_UCsq0?)t$mn2W2jMd?7-dd4!MoSZC>bNPn&8GF+U4q z^P!%anFGAmi)eCBlF?m`PfewzA{_n6rh6>_2d{Pf`KIl(rhr2q^C&RRf3>ZaXZ zm|%l&{J7L@=u&DeEA8gW%;Jbac>1uzvWZO#^Dg>Hku8=19O~oFdt>wNY|i%FTRj(gQ4g zx%SG=px?oODOJ#dbfuqS1J$9KA%C+HjgP{1>()nu%g{_s`$UiHb5?ls(Waf!-4T_! z5AvrVan&NU!54srV2-iC-A_0zwCmQh<8l~IXu*srh^O2>oDT#`#EFagZPyCL)5Wk6 z5I~t`+tRVD89!bQlLJ{Yk~|*7T2`u>b*|RTRRy{TGnH<X%WCA&8o_j+H})&G3%IBk_3cLv04rEjY> z$0^mv6w+xcV+Z;6Dp~NFB!#^0cc(##-W-H$j$-10E`wGIzhStgouq?t^T!D8`OXgI z7SHY4_ntVGA&CcrdX8=*N_j-`hv$Ti0@K9ti1i{3t4D zx@4r?$7Y7Goh6>+w78!Eu%eHyM@cDSHaPs}2#Bnl5VO56;&g%`G-zSmDr)CcO;JVM zqr5O$Mp!LnD*EsbZj@4bv7!n4tx1>5m35QcHDVShaUaX4PRZeO&nLf@IKNFJ#aEO7 zqTko~DzlK;an~a482r&t;_Pi-)*3T;zyDr;uA)uDRvY{sZ@5(Fu_&mcb#vDjPD$y1 zG2nG6ss!3W5iabA-g*(bW^}<&@lj``f$^fFkA7EPR>sR(m+iQimFnsgObF%>oL~1i zivdd{X1PVrbeodmh!#2gwt0f{3T1j&Pp;)v-!cmUKTeB<66Og-1cCIm+QO##{@VVO zLvOOu#|16j{`-oYI^MPnf9=aeyfr0(bW6Gt$aL1_RK&=S2+?A@mdbx+L_;qP@A2u% zffMcTQO~}t!Ogzawxzzg1HMC{6D6&f`36HqjR0F*jarZz7W$Lk>Ei_*%8R(&mAfX- zinKmHx*3jGOMPg$1trG)~H>1_m&RbXowdPBdsKThe&2tsD}McrPp(M z)@!y1kd`eTw_&#v(n7!o#o|9|+2kge)*djA zMDVMq?ME5T`|M>^2V2Q?$SCooXxG7`?beXmNa)?qX+8NN+eWU`*6z*Z&`Jtvqm(aZkoUAZ- zrT?)sWyrUzPwBhm6o1yIwBSSAwelTJwyCir(9<0x4Zr?fj__axiH+U(J`BBqJm7&^ z%JLML7+ZB}eEcA0xxSI=jq@+s3JKVF%RRTulW#yGJ&fZh=s8H+ubid2?o%+3+F4OU?OqQs1R{hRB5A| z?im9vGsD2uJfP&S?i3A=dtJ@*5Ac_q=|$u$cUv)ks74E5KzWI+T++w>C-`@GAHRsa zN!VOMf(;MmyLIs1 z;}gi&|LD*4 zD|Vow$V$&$^(hXyL$|2)rE2%!F*VM5!_0A&n37}`Bzc~1KBwJj>0|rRB1^uy4=YNL zisuq7e0DoXMb{(6oa%I@Y?2INVR11$MGa4lSJL|{=^;-%x1ca`_t3WxiW#4n z%$7hpJG$}ty=RxMnhX>9ngisc$JL}yzSF@rT?0t%T{{b}dnp#2Owjn=S+}|Jd$!L4 zFRmdOcSgY=o91Z}TTw#4F}C2aD9; zgH0$N6wN|NgpO;xkT&WUo6tEbMx&MJXjQhC*P2)C4TbvuaGG%tZAj6NYRzU70kvU-`i>{ndxNcYVa51Irf2y5N=eYzM}Mf%rTMTrlH zL&L?jf(fm-m-MP!ckVbv$zX>pvlprkzlK(z@YjF z(;|*_?pnG}S5VXv2oKTnbk&}*@wzzmVRa&*U2BPFynXBvJOP2MRh-9=4Ma`9seJlq zHYrp9+upACVJuKubhqIdMlR#{>@E#-0Ly>`5xNS&>S1`Lc`MfMT8bA9S#q?Ao-D;A zM(Lo@jY&O2!x$yex^<(fce_GeD9O|AKfp0iNB>B6j}W^w_8v5GX8mtFfAj(A8-lLS zf!b;-@O&^gs_G4=mQbijCZ3X=vztvlJv{IsNsNR&0)B#^=7^ct7oAB}!yC;SVaeb1 zzKtb}>VAmT)2y0T`%?Q@@1Iz;AA~0(tU@`d@u`I9gUB$v`9>GM2Hz{Pf>~>}c{uOA z*I{(3brTV(CZ-V9zY*qsf@*hIT4#`b`~*vdNcCUwd$0Pkj4v(~5jG95)c9l{Y!3eS zJ72kC|9%}&R1oPekWHj6LC<<}hX5{h(c;ywpNXB$hGOc?Oomhis z36(FKwkyA0)w6X7KWCv%ZQUpJDi7btBmo{(!C@kK(i{AGiSv`H%+vOV)d$XjBH>|1O&yBH)Bvx<|9t)&A-)ZvAy*6@HCM{ z)*;}L>{heg#@>FuO`JADV6tl{?H57nB=%sfgjOSHS{pIH?|IiS;ipo*cJ>ua>E89C zAL3VqpM&~jDq|5{wgN#9MkS!U*06C$IVTIwEJ?I$J=mSP#x4Za;t`)O2I`egkdq4_VKCBJ`i$w5B{*qqa&d`xgpxZA*ca;ZZmdR^sP*xrc6#rJ zW5jE)wV1z%T|3{b+-9|;t=CzWPu&?!ZY_Mkr^s+A1(zQ6qh9^q+tw<8zZ~UA44aAQ ztEERf@N$GIHJD~)-tY0Y?$UGA-nDl8glDuA%k!Ix@;Mj?_4`lPxY z8evc0$`1QBtm4Uv?A#R_H9P=@OK#skCPL4-T=L`in+WYz#Ic&HNl`R!VH%ln^Di42 z278*G-D+2>QOy%U_W-y!RI^8)o~NA?F9nydR+-0xM~x_SsFI9*holz1Tx-19P8PmUA^6J`5ZDX2 z0+8$?Z@oUIpO&$Iy8>8D*cAX*K)N5`3RnhQ0U>`Ly8;}=f4Kt4#ZO!T`r-eIfp_+Y zg7L?$fCIo4fLV>@FkG~`#}%LDI&rx{{a(rAYs7XfxVe@i?k(l&`cI9i>o+N$d^x_B z!4TL%F#g%Y=TqK1zMZjmoV{;Sa8)4oKmBz5*vPZCSqHtGEE(%H8Rzz6BeP=Zkq>di ziiHsBOSHt3uOp}pU&~i-7Ao?lQU*B=8)ruoRu)?OtP%j5nMb$V(%hQ*b1Ikk`#dvJWAObfCk(x&cN{OX0nD0AoGg|f78A7?b(GVw*M*f^G8x-(1gAHhs5y_Ctj`glzNNay6^lT!Z2}rNa4bd!alRpr==l_ zD&>W{oQVh{s3>9R9D9a{aa^F8*Efh^<4j+jIWkk!=X3WtUr>!^=eNAaBnH!rR~7F+ z9zWD)F!|{Gu1m5TG;*~!{}vxki{mD^v*WCj;7qJJUvRDd#@%?2ribxZ%I1$W_X!o6 zksN}vB37iE@XY9WGegwLvK12t>_`?jpPFT}@0LHldt~T|irXu_`A_b1xh2Qsg!)vY z`FHBmVfsI)PfQS{NA09GU!wPBrCH2AswGYtJL0bik@8%57eaG6b(3Hh+gA6G?PIM| zp5?rB->x-@c>(s~1K`U<_VK*BVEUHhfUP-HrB1)1Em?eqILC!?!QACK@{Ga>#7#Vb zxSee-e#<#W5`Wu=QrJl#3{lemPU4pp`z7)J{HMepJaHuPZ%#kHFId@Y(6B2+-a}K% zpG;{Gk<=y2^RuoF%;D0JIra7h4U;zD0=Ta(08Vfifw#NV9>!0A`1`JJFVD6}wqRZ_ z-v}*<{)m;WDtszb)YfeG>fQc9GHiwSUfbflp?I>-VP-7b>HU|+;}_r7dTzHuHHFUh z;eA)YG7%+;?^^rp1+3IMTXFy=SnD&eibyTEytl08n)!4jF3_1UXj=KiXz}G-_UD0> z!&yyIyCXGUt~|NCRXmwvvh1C(9fD~@i4j>RLUU)L)#y&@ce4q=XYpYq%e@+lb8>hX zJRrE_+M29hZ6Tx1w+tZN1JZAn_`0=O$)l%Hedn5IYj>Nl$PTAb1aTfjm7uO?Qlz`UtxC zwkrhcvQM1JxqGl85|1j)XbArGcZLd*AHKf;sJ$ZgI;&wT^1z6YxB)#-t1IJ2eS!my zCfelPDN*PzBQB8`*t5223JYE5pQ$0BkP(Dgs1O_VM``IszcnE?b#`YC z%6)w;sL=%dX52*>lWxwB(W{`d6#{qH|6agKt{f$p8QY~M(?@sKQ z&z%a}0M4aT{+qj%jsGX;mAp)OA!s91<7IK{j+V+Q#U6RjUzx&|zdmEUds>=`pgqCV zihydH0<&%T#`hi_*;%kZJQm?=d1b)WE*nWlCl(;FN~3O^4IA5ov~T!58I}e%3=*5HY$15wA7R z=5bYt^fDM;*+)N^Q-{0n>w;j>9#2!NpHs6t#{}=S_9(I(+ z6=HoCZ*}o0$TO@cO@a}*Bt0}lzR~--;W0u0VG;YC#WK2vJ(Qr|K~TmG8}7)|C@2%k zUGTbthBdRHb7G8FV}7I9SsM=Jwkl(Y@=F>2=X&V%4vMx91j7MLd2#z9#KzF#*^nN8 zyj(D|nm*dwT9h)v(-l55x1HZ^J35q+DirF+nP8jW2TbHbsd5yPIH#s)chIP{GG~eS z+|9;qwS=}C>Yr=i9r^z>yMFt3v#YC}4?_d!h`r6SK4otOc&y&_2CvS)(>5JNsp?-X z&gpNhg3qj$x+zEcmzZpX+HC|E#$LMIe6#2}y1E*=?t<9P798SnmBL{3#D61I25-go z46_^;_|f@_%q@;lc#gl1`Jbp;Lm%&5Fz$5O0F)pVHRf!;hXqh+wpH%B|BH67HH04g zH|^eD00XR)XB?F*7M0FGW4uPb7G9r-?ql82=x zc`zoF@8{sapChJlPB;x2$CT_;|$E-Yfr4zLv)Y_rKt4odE}HsQf8kt1j`2uU(-! z=4*!{r4_#^ywK}n77A>3oQoTD5P=Q5xF8seMgsHO6pV<8x=EJmP7uo$|D4Siwh|$Uum0>J~$+wRLF@bOG{Irk`+fA@)mvmRoA98&UED zVyaXpgcx}0sgIkAUE;Q662{#sayG!CwdxQA!$Ukty5pk)kxuUsY3J$a9^I0}>=Dkt zIDE`p5P*ADODpz^a1pUY_)gZqgZl%3NA;#z!XHh5lwHyGo-`rxyvdJ=FyZE^VR82vW~sxBKNd5*c0P|b=sv38Uj1-o+ z7ZBrst%1EOr)veG{y z-ni}-eX5J&HqO+Ul4d>bkA!eo@FU!`VKoTg+wYAZ&Zw`Sbctb<`=P zx*(N9`i51%9SuV!5|+;O7=Hs9d1rDcoJ^I-lc1v%E% z%Y?fmh2JV^?beZg)0*`@ID3EF&D8a?PXt;BAWCM<20|~$kLIcjfD5+q19ne&v>VQs zYIKCjQFipVKlnm_El1~S(xmsI%|gUp(wU;Lhc`nxp2;=*ag+UOXlR9lp08?lMSeSP z+@t&%b2A5N=2&m?85RGRxWV_p+21Tu`h3~mYhXTo38!7t7_&bE!IYp?#H znk#0B$ey@5JALh0H{lyi?Z4cbL>zK})-JKW@!QUMF7Ds$oYH6e03xtm%NZR6SRa1@ zsmb!i<{N)EV>vIj{`0qgQjekk8?I7PnDRn&6$#dw2m6_umax{;lU{q>Eye|8?P&hR z=#55nRf2d9%85o`hW{5>Wn_9JJ2~7<8r#~gIl?zQ>3HPqc;wl!i4PAm^=tfP2M}}o z7bkMhAG?nZ0`5R?WE-2i1sk*eydyiYh|uzSz>w#$7<+2o+?amEGqc90ZC1S|JIAA0 zRb?HU+P~@a3l8p2cifkg9b;IGMsx_r*VS$4&Z|v|or?7FkB~ml5#W}MA!nnr=!Od0 zB>2X5I(Xb{!`duT!QU>y4n|N1cUSofqpIy3j#slwH#GWCT1ZHS&BzP?*k(e?P#oFw z)lp`xj>ON~YXa58+F`aCUhCl91~oSGwhMSN_;|e4u1VbJ_+I>!!2Y7_HNPHNMUT8K z4+qbkbH0^4w^`uhVU|J>iwxZI>jSMfZR5 z(8_Lel4w;jwR38kP`zF>mXg{ZNM<)-C0u6o)ueC^Hl*$Ixk?I`t$aVg^7Fdk%35jQ}DL{OGxYG*&?HZOlN z9|~f#{|R7LpEuOC)5wPN>;bj|O6m=FyYuZ{A)FX z`Kcnwvv8q5yI{NSmi7ExVA;2WA$lZGE07~-!%OxIc1y|>u4z_Vx?JiiQGJMc41^R z)ccNOrKQIcp`wafLE|?&L#CcnYBjez$m~X2F&+Phx3>(7vTeJD@lr1oK@1RS6#;2Q zIt`GJkd_u{iJ@bF8B{`P1f)w+x*JBi8A^tnp=*GV9EKsja|EyZy0`b;p6&U*AD=(` zrEtb^oX6VNzSi0`s>=@IwJAmoydGc$ceM*Wf4$dM517O+ex_k(=%l4$>{0|VzGQSC z$vok z?1$HzOIrQbmxWjM9A3h*loMN}XdUqL`J!GA6x?gSDJ1wfibmi$BDNs2(0EBgmLZUp z8qDNxwv;7~lz0bjZ&qA>lo3>BC->3TUN}p0X`8m6+veer+fJOI3@cCM_<8&ms{kLI zU<4CB_jg}s%=fU}f(%zwg|Zkox@AF}0kLi^>GmL6^N8vqrJ|M1k2-wy#?q-Y)5X39 zU;?jS((z;M(mHCmE$GNb*AYl%rZN$*rdxJIUyU+Je_l&i&u(?_?H6G%96laFS#zEu92sjc|7zht=T@xBYd(dQpE zOR+xu8AhryN?IFoWCi{9txNro6EA*ZoJ!ZTsm_4A8xW4OITgd*EcxO~o0t*-iA>@uQfAc#3lszRxzd*22EH4<$Qn9<%`0h3& zdny3i)IK-FP%d(PYt~l%kx?_RRBHI@9@nLXA{dKt@vEz=V;h*+;YR+2!^o$`;pDhf z`JEVB&jo)rIrS0>rH|b9;#sLz7X?#DD`v+9f-?5{TnM5Hc6}zD>$!J7jT}{zEPkxM zc}gE=Ij=4Nvgyj3S?KWrBBTHeddmPKCq1Ym^D;)5p092I5Q?BV$A5@aq&q%Zz7)t& zvf(8-9&YMl@F_JRc}RZ1EARz#0GXV56SlQ!u$Q0wrJzo5JyaVd8O}TATDdhbFn{)0 zxmo%5rwd1$;+w_!kw9r8e!qDRV{Phu(!ON9AoWU)A-C>o6HO3g7LJ|vvh5$T6CC4E z<5(+Xt=z4xv%CE$Y~D$XD+8nZI(8`i8(L^oH;2FF9(l9Ryk;NHeqc{{{SD-NS9-9e z$g`|G5}*L%9C26w5N0iMdDA+BT~PC*AN+o_^F3T>R{i>g4+BIjEw2J?7RLm+Jl1?# ziCOAYQXP(?B^Q>;co)S_P6WzJK{Sv)pY+_^AWYP8I7dkmFXB~>gx86Cb!Ao9_2U9v zTt5DvP2c;W!yp5}(Q#P^C^Y9%} zb~tp%UDbN`vzzphM!?ovpRD!dJtBrdJ1Ht!j)H*nr>_=_n>Kon^+o=w-uS$6cVu`9_)srR<*uLBC#Y0;NM z9cx-*)^A3)PwIMDX((pzZZ~1un@BVLVd#IYSVX+;`IaBLTMZ{=d@Kb!KvkNtO-0(} zCPq4R%-9ZgdZK5l)NEo=*q`!c@siW*A%z|1AkmZ09|k1qdG*W17X`n*bH3ZzqmKnU*mpqo;8C23XEg=-I@zZ>g9Zhfbe{($v|ucaY`Ua1OQ^l5NMS zN=7JIlM>hHQ9#Df-fDmX-f?a|*4y2~^`%7ZZQsSfXMekJ!04Aee@89;=$sxVvfmgA ztz(=@I$|_wRhPIR*%7}#tq7%`h)J=>x*joZ(nz9w3qYSAGXZ4Ny-EL7J zdMZ1>fF6G{*}v%T%RCe*sdLQW8Y7oAJZ$W;?S5ysHunQ zyFwXJ#K)sLF72OPQQ@TyV|BTZL|Z%Yq&E`8>naDP4haRMJ_Mr8VenQYD<3tfp}{;jcp4L{cr*^N=s4O+tllLL$rj6zd^_i?8jqS=r#5 zWu=KOG>jrqBkP044Rgv@^CO-`uZ&fS$UibJpi|zb4?_^taVW{%nN7kMp8f0#uQPA! zEkx%=5PmMW_dn*nUNN)zff4UMAMpLxC3cpb_WgzG9XaujNnbEfhekXeSV~qWX3$CU zuKmdMaAYj*dYsjgTRMg*_Ls3X8qZ&_zs*I>!L$x;;xkJIb+Jpw zwHg@EE;KO*Z141J8o(+WkUwh9NOG`a%Gm^1wPDht;Y{WY&77a~Wi=MrCZ4M>aKr0bO_A z^2>rAa!a(|8l`?zEGYlAHb2B1T z9tATP7IvtT8KT@*h)fv+}4^6@Co zh>_I2An0q3GkYh_EP!CIB*prM(n7{)=f9*wvJ%&;mQ8f5I;v=?c0G(__HLLi63R9- z_W6sskAo!=F(8?42%<`$qF?s7UDYeGx0b{w7zEw>K+T{$u^U2Yl`-iH3 z<%7TUkJQ9F;onUA|LYp>|I2@%*NDyS1d7uVaX~<}zpo zt0aaitQ?F^n1gfbc1NRD{(fh+#B@=OyD@%d@3tH^0~A7cMzluucDt76DPxn}+YP-- zI1LKBXq(k|oxG$gj!b0$F(^eAlZ{_nVb|W)GqmQB3H#_rQ!UDGfS7OvL1i{jVD`Y;-Q*!p)YUqh!mgc< zL0%k1N>4oQ8z#l`ZgcvygZ9=_D?!H}C>kFHGmq$=tbU)=D{r3%L)62dt3WfQsM7E_ zmrwtt6~pj$Kc>SYm-^PEc@0H}NZ|y^UxW>-Ro3QvT56h?AlpS;VbX`TB^`4pr z`wKqq_0G~S>JO>m-KURGsQ#Z;->y!mw_CURJTj19BAWniBm~!BB?J|U7yLL*f$F;x z1B@N6_AGb@OV(B2nqzJ5w<}>(-A@RrBtFj;XGC#oH zalBW|W`G(J8ayM(udAUB?DgLyCo3)Liv4A3f4=4 z^=r+>IuT>9bwUB5(&1wAUT~62AAELq8D!3GRkFkb9}F&&_~JQzZ)vm4>(9!2;?Hm6 zeLJ7K!%#Okv@X?9q}OL)pfmWWpK&6W+|)%ac^3fm!S#dCV`eCP%JK1>(Z!Qjoat(z zhh{9AwiWbD#mG|PTnMv$A*qRm=90cS5XrIYeq!}0xurq8q2bOp9vRrMz13Q!&rl_1 z+DtySo;U1kIgXtA5?|8;ol=}qLKiHar@9zQe2L(v_JSE%g8=QP9{lvRKAGMnYmB`9 zVrkRWg+l7278HLXjr>YpR?^_@2EqknDtb=jW?UpB5Dy3MSlrIW*4Fj=z303*a{1Zi zjNN%ez-AQ2=HfgaBONt69s!-~=?3VqD=Y0z6gAN!GGXL;RrBhDjEn4j2V zM3_`9q}B2Gp|J2Xr01{9L}jCsP``(=iFJtCymtRj59gV##sZCm5gw!FMGj za3g(J?jKUmE+H}d?@xI#M^6)u%Ra{rNk#pv=N0F-{@S|YvH`JWokjkRIS>>l;5Mmk zz4`0vndDvNv2&0AN{P3e+Vu<@9Cfrclh3@;Cw-1W<@X1e-`ydo!145vBq-5acwb_# z@i0Bu^HKl1hw$ljSCgRoq*x;Mkkd6fx5B~oR8kQ9Gm94_VQ5lTb7#V_nU`XsEfp)Q zV@Xw5wi3hQY$;` zq1bdT`>+nMgS2}rKY#nZA3qu>(IoOGqoC$XR}r%w=vOEunQL43!GHb2J+OyHIBLt3 zEBXKNfqQFyKs~06v>ZgJRKr70MU=x0Jx&ys`8DC>>Wd=C<30k!33u3f`ePxkxl_%M z+r$vgy=5>_f|Es7F$6z3z4RX|n}7UNxmSJPtZI8b_|2|Wif?S&X=fo%^$asRBs%ox z?6zmsR|WR!5VYlS3asE!f@q=6u(Fh;l$x?}>bJUqBh&;kG{FdsrCc)vx6aM(mKhK7 zjfUgKhkAesn{Z{vDS5Q*!bfxRTP7}S5ZgMq!PeGNE9Ht*#mWw@5&g8=7jF=oviG&5 z(EM~=q|mC$JfSo11qb|D?%rtwQP=-5R!uwouMmJi?cbl0rYNatlD-JWc>kesy^RC^ z^OOGDqV>P@bls`!(o;MJguLt3m#Md+|3I8DzrR1JExtmA6KG^)PG{mdsL@q|`o$(4 zA%|b$xm;Rh)ysTP#DZ94YsI?G0!$w`xaBt$cB<+O+QO$FiB~pSfV!`)U+}Q(< zbLXPHQ#R=CHK++$Cx~0RBER28w8zRTnnkh&=ec3L8wnmVXmBfd?l?@JO7AUc|hH-@6n~#3;pqvyVJ1 zJ)#xOUt3&uCz?c$>Ob(oH1HHYh|$AOPG82q;Dg52rB9BJ)k+M+4H5e(2Y5mwGHSiY zP6!kmFzI2$oWB}%+zBuyF&}3qvlz#)fE>dqTz+XYcT0@f`qRcleXGMBm#Q_rZunBY zr;a?Qo0u^~8)ci_O1BE{c64!_2b;X)*7qFk z4?9~QCTzkNhJYPj&}p4<%eRTTpmQw~APqHrM?2hOH*V6tXg35|cPhDYGMP6!mk}IX z6|-&_y!m&g%Y!i_5Hk8%@la6nM*Ni0$-FvP8rtWTtM-O|BGAC&x`!$@Un>)&%%_lP z4IcAvPq(y1Jf6rA`-1D0T&EQW-2ct6L;$>GS`;o=BuBHQ_4<=%};?{88rA|!w zq4yc9I^4z96aE}$LIv_R-lLFT{R*$>$c=}XV4ZX5ry1`EpkTvRVrwM0X;93gXxu3= z8QO`uf}QMfd)>&0^4o}4%Cn}G1q1fEASC7@wzs3U4=B#j+sBA&lApai2uwG&p2}-! zA<({7%+9^bkFjK8fKMK(5&-a1lZURW3i5@Ne-pu_l70*EDW^%k%+jtlw9#>;ayzoY+hhTxOa zT^e^-UVcr&z;;Ed{+PCgJ3CJzjEbk{!wa5cYigZrH9*9m8Gu#RL=SShJ6#<@+!*?vDbNvfuPi9Jl;CJFjm6F-q&6BzP#F&(qa1fSj5w zM`USlsZc5XPv~MW68O;@;?Uvd<2cXixFGT43eRatE3Io;k~VJ_`BY4u3l)^f;!W*E z1bzyt1VrJN)4^gpJKM{%j`qM3*$YT)aUwv_yDkktmT@p;A3Z>)K+h&C}Fbq zS`n=6+196f@yCj~&UvX<;oN|1xy9QnC#pt-wPib>gI7mWdVO`sj<40i`Dw+HpJ@jw zNrcX=UHwNZ2a16wZ*26KNox(?t6B?i&>DOj3<9}1WE(O;Kj;pYP|%ueYcV)sK^ph0YdKCGVCi7UT0iu}U>OJ;FqZFHPLgt=ki_R zk|nKMl`lC^AibbxBD)^=$_)_Q+Oe1&`vSavzqbK6{bCKaIM#NL8a?WdhOnzGE!$E4 zB^Jm5eW1EX*064MJLzz*rjooB0a;R`1ywMro4S;4#_SX~5DpI{AM_>f3RZ&;e5XO& zOYCzni%_JI`wjd=ck8x*R5)o@{pgmP#ImN2D+l8;4#)f2e6ZkV0~D&bDA=1UuQm^y zO~bDkESgJjFVz?0+x6xyF`d4O1f`5%?;^^TP!nU6=7`Rz?VMes+EDep&!GHxJXMxS zUd7kZq>d!4&QeN@(oPYA1mA{51IF{bN~oagk+jScjy5>hQV_PX9t!Ir+2g5if^34v zA6e3@b$G5@ngLbCYV+`J*I<6xhNgtu-kYap(X&f!_%&u8LqolAC6joiWX1$Nov)Kv zS{CfrlCyG;D24VkxaW^K=+EI!G{5~1WV#{qZMZu2CVfb8 zf3BOTkc#F`|MmYCEIJC&#e`Wg)i1iAbja|kywRUu0z=L&{SH>_b~F)D;!`=Pr|N}Y z0VHz1*}=SkWkUB#rdExYTOqI!mLt{mGBXljd)V)8SvV$+&TK&I~7*&ak z({|JJkLB4Q^wvCvQ6yyAr@u_L!`l0yc>2;GGJ}Pky&l1&W#aX26zb(b)@zdf)Q}+T z2*<^`9$tLVJ-eGz_ehNSIYP^1!q8>7gVq-Gx<`F_+S0z)1U6mT6%7FDmJU#XuRrM-%(vw}Xkc7LaCEv)zQF zG+(cG9OnBwJZ4T0@v8uc4O?(D@m?Jk1>04><%+Jf@t97EK0e~7u6>Pqj#Llh0%QU3 zjps%Ac8R?*4vPmE2lvGfdV#*l1M&+iXx-gp%Dg#olx_~-JNC3pNeE$e{%>MrD0`#M zZLL9kXRp^V?4D3&aSQmj

    uJX(?V4h(R-G*fMmpM*d#_PD+{QlpEoot&?z?k282l z`|^sz_a_h=<}S%#glVKqpdst&(*=y1f3(g~kN%q7Vudg-ET&BclkfU1pckZKLK>dN z8dxX%(&Q)y+%`6|*0P~F*3mTMi(G1QE<7XqDGEa0s}Jl{36Y--fIvJmP+dfnQF$Ej za|@1Dfx_RS=~msxpeEZBcy z09kjFaUx(2Fkxqe+?O31+4RBR$``CKL4=2wu26oyI8rPgS-<^_M-|&EDp<)%!=ffY zU`qm;3Sw;jAxi+O&kU-MR1%N`sC%r-pf7})U=B{ZtRp6H!=wyaORxL5AJTnumP?1z zPD55kKe~FPn{f$C4+kR zR+}>?aJcBhdgO#eQVST)karN(QqLQvp`GZOnBrgJw=cIgF^9fV@je?<=NTR&wYL>% zSZq;Is!Ek<33QxnS9wpI1)W9nYvaiED8v{N6afF50}3=RPyc;-%?9^_?}=2I%Clzi zF`NppUls-F_Wmn(lb1Dhgd}5%#qlq`w5UU})OdqKZA7j(vR2G0y%p$nrbz?6&aM@e z`0FoNCzWoCq!*XuM^%KjgMQO851C|mDPFT)VvZb%Fyv?>xYoa7U{o3bGHFIvO(2b? zds|2HNqebf z8!ci8?X}`ZIgdjeb&|_G$y(e|SLQ@;)r@AK?eHLdYl-*brz=&duuV68a9m%jQ(RM*%dPCy|W3XV%LE7dECl-vTmKjfVw0uHPd7uEX;Lz(vMB z1mr1uoLB*H42lBan6N~9#A3VQ$EsiDcK2V7r*T`q?7!{2_O`~AHDCFy1d(1#;YIqX z$3Q`oA@wQiP7m#ALzal>Jy5{zdlDT*s5xXkzd8DXQs<2AvE)3eO(u_9@_-%N9v4Qa z0!2JP>L~8VAC|n`Bep*nVlh)1+S_y*Ej2uJr0H`Emw6Q{@c>~K0>9)9sCN|iqof&rMpUZ4On7{}w2bufY6 znF%FC_srPQ>cl#`b7wnEh2t&jw-hs~^kqbjo25Q?)|Lo)~HQ9;>S7s zeRIC$~6PCI(2Ri{5g5^y3Tg=VAwo%``9% zs!C75g_8b4XOFBDojGVJ`{jRmWU4+^JP=v^eQ=E0(MY_rOAuDoY8bApyv0BLInfqpJ!~@vxVsT10%^SH-%*rX$T`>uHvXu( z>R#(=gOex{+zi~wbs|9?rHr-Y@2fPuD7yc0{I$dPCbNZJ5C%5$fBv~ZM?)fD&G-Ai*8+Ee^1TDjrgIJu*#BuPP0QJM_a`Br zH>+iS(_l1y2`R*6=v1u*&j7{A*VzXa8QTZxWW;5JG%EH1oQT@@&b7giL+j&!h#*gI z+kyVquAt;fG9U$l7rj*exYR}BlK}y}*q1VU5$8H7NoprDpfzVC;JVu-mdq#9F z@059A{xl7+?bp8&f3k49-&=SJ+LA1oMP!2ACA)}Qx9^><2&IsJ3_;HKFAV8s-dicq@M2ff8G8tTtijYSzR88*FgM+B}0>VQ3Gq*AJT> zqit7RbX@rvs~)(C*=22Gfr9qSS<>S}vTN6EBKz%>U9NrsjAyuDM=uaC@<#G(k<@R| z-Z_+?2Ln+)kGoR5o{q+r8K87N*KF12dwQJI?~temD?>VysqXB|!q*JeFNS1Id39$M z-z$px-6Q+b{#N|BPoQZB>RC{Hy=@`EMQEyw^`t5`8py+-8Vp@|a0a}V?cBXzjEAK& zNsBxtZ+^eF0d}{1BSdPN<+$9lIw_J1eK;e0dP%EJW*4N0z4i<8pR6b6bph>qGV%#p zL0uh?{W`x``i%aKn`^gzZZtS6z0&qNP4$W6Z*q!Jt05%CqfhXX9r6*Eb80a{S-YEk z#BTIET|cUn9&Y%T5ONo&;+1clqG%xKsocu@$*@OVeK>_%eK>i);!_AZY9+@{LNqKm zLr32tKU?M3zf;Ds>P8+4+Z+zW{$lENHb(K?A1E-~OpsJi3JDWrtg~EF z8$C(OSGmKTFld7y$2zRd_MW1yADfhL5X+i&27C04h1b{QgX>P~Oz$672%^n3DqZcV z-=31WbY1+dmKC^YsCtGTqTD?eH)wjFr-bf`a7NX&8SnaFhAv+7K3P&%oqJ)2g>&P?ND*mkCI7FG?><3VPb3Up zmlhxOHn;;Fw{?hq(iQe_*ZJe?L3H+Vg82&MELkJfOtbCjet-KdoFb_AWiI{Y1RCbj zi};u}hT4z@L&@65+i^~NhY2QxLroDVV+L)Vww_flys=B%ON_?3AvX)k0VEgix`&tt z0Nt5mLKZkRBBOxmu zHm}bpvVxV0qZIbi_~7>R(A`!JUh%C=oUUqknZy|hCLIg~Vk!)*aV~jZV7iu5`JO3D zOWki01#Rp|q3%A)v@KDJPti#cE4iGx5mp1O$ls|VyhF?NprX}t-5 z-w~<72zIS=nJz)Kzy>=a>rSWA9iktd{r_%mo}97JL`46}RH^s-PmqlFT4CwHmb{B9&O(Fj&QxP+-NLK8Io=AHx0})?%VMiBTU_T11 z`D4d-+7hd2uAEnmSpV`|YC${+a1s43l5F*s`rHmgayDPznqSz8RKVgum+H9~V@%E(uj)H)>c?Jz7sNB>(4*`7Afo>3;3-S(eG?XZoJ*?d zrg)*J3c#w70%^(X`golc*Oq@0XU0m90~9_SJwi=OI3^Er1>e}4gbYYXduGUBT!>3MB~%Ze(q5a7G-51 z=dvLVt6V3z=9oa8Qwuqh@pM7H=T@R1WY-r2HOq24HZS~1P~77$c&x8zC_{U-0VxkS z2{x(aLSYl%$(v1@fB>H(;?A-Xy^wZO6fg?luFjgvZQ=7y0h&36j}euA-LJ(F#I=y~}M;QusY`K#eUeRt7gLbOSUH}tI_>-XNOM7Ry6a@Xn zYQGV64mR7NE}~^~G30XZb@J|FOIq3k)~u$0OmoLcqK+P*RcU1t7keKrpQD=A`n_H1pB}c8TMms+J1ilSS72{301s0SRL$ zNcVY|o?&?FRCc2j!rfDxL|>y4G)HCqAdNt#W~0Yi3F7`iyHP@r%&{7M@C{$15=x)l zsE-2`2_ad_4c`F_dMhttw2we!H5C(J*u9-w-m?THWP_m`ta3;FRxgk{yP)KyO&2-l zOc*qC?qlU=nm4JQ^Owv=*mcd#rc<2g`v+vv@ z64a3^tl#%%sPd6}$DG00C&z)KeI|$_8+hLrSr5z=W*%a*q_kxnkv*+`z2A;odtU-K z|9z9mJV^c3=YY(jXAKxdTtA-Y(q?fb^xBowdFaM*@>ZJr6c=~w!;YE8FD>BOXbWB+6OLHd!XH$vs;QUSnsW)?U5 z$Pxy~$a2UywX}s5K3VzI}ly*Mk z8Bkb_@I%}KFQ+GZ{mP^_npWAROE5`*q=ZMDJ(JcV<%5F6@)_Q zQbP{|wo@M6CAn$hF$|<%9k}OKeCzfxT9tY(!`&JxV=1=d(I}NqXkreD3MJU_>w{&# zr3l(NPLNx7M7_*C{_wYL`^^U>AjxAIASGM!cs}j%j1iI3i&uV5U?rcut{mQrcb89p z_jG~X`Iea9Wn{7TTY@*QT32nO#`07N|-R0^+Yt!<*!AeK*QF!T14y)Ul z-HZCWXs3_pO&>~4LVh9dNVVoD9zOel1aFdHUmCo?;lev2Q0@u|Sf2n=5E1A4>46^R zi6$WfhM%HEMrT)9sWVZ46$hWy(eynGgV+P0Pqi7vpEhC1Pj!}Qq0>DD^lN|p&aD6@ zPCzh22cJb5fi7m%B+zm3uoX(6Q|EBthF_$7BI+Pn0RZWvV^*p<7-Ppl+dd_#UNm871;uPewhYpPfdy(P3pcbE2wUa{ERX%P5Ex%4|RdlO1gnV!pDu#2l*LPIgu(Wj^>rRv|^ znI5sfpFT)c2g=o3N;EXoah956j(4`Bawhri#&hO#1`1kSNdA6P6`D`ES0h$zP^Hu* zVc{E*FC?F*hIJp~vwkJU_iAR&vL^BT*aTo(X=(VLw*%OHPHcbTb<32Blsml?Dh}BJa|cn;FfnR!3^YqTTS1 zVNiq2o2D9Q2X-&f(}mNq_fI47-rX1=2nkS$n{n{FGi7W(UD3Nh5Mup8(q0~U`Mu+_ zqBV_=qpJAR+bnZWTtc(|%3j`FhCnslBe#x$hDQAf$cD^1C&9}^Vl#LWu zem1jBcnd)9R~Vhqd}wAZ&NO-p@NBX!m%E~BH->?te6X-INxv|t_VspGIQ>{IhfLkN znt-owHcxIHz}js#6b5+tF1yt2`dNCO-hqYIDnZJvRAQF4a<&=T zy#9l+o+$l0_WFO)RC%lYjus)L=&_`nqM_y6{~J#3f1=fh%A5fIF3`r@LTnKlq}PNa zUFZ8sq9snpv{*NqCYrH39%y&AYkc2_N`}N`G^#Md?L{R4XRx-pM~KxgJ|@O0TAJiA z)^35LZ!*FNtmUh81vnzoBmQkLERCuf>5-ttsT7amyNF7Ki5DiZsg1={~L=wK}C(AXt}K0(3{QUQ_$;q$}3Hebp&c<0QLP2+VwG-m}jvVevTLLQuBf z{EvK{Me>O<$JTq=dc^VDK}{tfYxB#a6OppeoJnihb_5!qrMu+`r&LD2#U1QJdBR*N zOf|4|N|uV$vn(7_gEEfkV)Cn$5_}I6ZbyCF)#ycEESD&@Ph1n>*80w5Ch`h2Rz7Dh zYZc80m}lC97y=MjTOPw+XR*e;)ztt|bwTP8uekPskk{|rr=nv1p6WtOMUD}ra=}lL zHt0xE{j{g-%-$f{^Aa1r?Enf#Y7yBbNK1ZoF>(IMZPjW@pI{5{mW#yO{kw<3dP43U z#8=NWxBRh?BIz38j-$kdn2~vOgummsc;Ry$HNPrhZWvWhc4RBZXB9RbLucuc$Lv1- zfbM>K*tsl(!;smPA(qMP1Gu|{=1q;enDo&2T{5Tn{@=~(VeB53EKa1ON9kv#y~*84 zgDl#~U7GzGk!6^OcuiDcEm!%uXOHLV*p|yEs~Z+@3K=W_q%ZVRZkaQeF+&gH!mVQ# z>Uq8JyFGeDcI-jPQ7RZ15X@a-5nZ-ea+N5hiX2%c8HPPcxi_qV#BdJMJfZ2jCa5^b zB@xH8{;1XxRSC=msTfrCNG^=8X*@rc{j&*5uxePWfk~h zns+NmWOF3;9qhTII!GG^a?yn(ni}Gbs%u=tlq~hd$oTZ8rzVz;tZabq*RhMAl|jS6 zfK)xNj*a!&!{Bq7_AMU8Fs5zf-s%fBeN+jEb6`Oj-!8}VYkxAJ(2g(| zHR5rp{#;JYC@^o6JND`Qo0BiiK^sAW8_DnXJx`8I$xG!|$ELo(>v~KHL;l9iiTWcG zeH8r{Gomd`sd*oTd~_(b_t;GR!c(~x{L%82eo)uo^!1%0J8cX&gDpVoE|yu!8ICM(jBI$hgGEPB$kuj z@X*H;22SFM2e;y>HIwWm3-l@?v;@16RZXy$4w+9yaa?k6jR8!x*mx&GI%7dF-u9SQ zb-p)keV%^Fs$hC^89($)IDMhq_Nzv3w*h89&hP4gSFU8zfy^9M5$Q;y#g`wLFyzue zJ5dcGi59&$bVm-6MY_qzwWX^kx{`@o9RDOS5soLPL2x;UMN1BN^}h(aSY1Zr^>svR zs%qIaj-I-(yZNA!C)(wA+Hi3=Cs0>92xQOE2*-m9NHU!J-;`JDRDytkjH#1?!4K=V z8i~zR=t~n5u*d6k%GbFq*CYQ1?B;Wm;bVXscG;f`{d>%lZ&C4_&aA8b@apzT#E8?2(Qo_5z8LKCv7#0aAH{9((C)70UQv1;t?yvn{t##Z z9ra!bbmfN?9BKUym-~F1rn{^}!A{v(CJ-z5@gLMCZpYthHf#qF9Tr*-Vwb&M zIg~aixsFlpIJop`=*e5NXN!s${wQQ=cR48=&>s%q0HXi_fYNzx?6Eekmz1MWDPytn z-oyYr6kfQ;d%Fgc*#1U){{gyAd(P4YFJ z8rmOBD!uoBM$fS|3Fp%f-g&nyOC3%zFRDza=2(-KOI_w6#4kkdTY@i;*=<*9&d2Ic ze)*nt36_)1KngEVofuJjm((uJJ9KG_2# z{Jo zMIfD*66cD4)yS_*4g~YI7@_o7dO3kb&a-be7>Ai?=c3)mXieri8>V7;VrA9JIf z&#wN~TfK&*t>re8qJjn8aItX+lFgyF`YVDMA`$4j^AJ4>Yr~+P>9gks6|Dt_u#K9P zXcfzSgs+#sivAmH`vGGOa(8H&on7d&Kd{X^L26Fz8(8p=-HW_C05MyrX!zu6He^WE73_bt1Ffd?{eKGvCuX&g==L zK93W<8|`xiuXU&t&x;@D`CUzPonH9X>k0^0RKWO|A6@TAZKP@Yda=)D5BVua)XEw{ zF|Q>aJgwZ?RY`yP?z|7fFQ;D_n8X&3z{aAiwP(x*9q-&SQ^JOg#6;M_>Ki+4r(820 z75g0;y{gHlHN;VKLWJ2G!_sci z&DrdfUJXa%<29-ih$hDcMRImboj`S}3)^!N$H~fjBq%J)yl_?l_L#AORwMf&`a!KB zIW5HE)>O#ejk@_0@4@!i>GrHjND-%}Te2%fKvHrA#JoHlrQ>Bzk1uoKLa!}(hwMP9;ChTO#eadv(I&j?jY*)_tC88bC%PI@wAnP^2?F09{9pniVtiR zJVBx&0SDK*!V+*?sfnm7jqbMNwc<;g%Ue;H_1!|Iq>Yx<^W^nQG!@J-q5|YJj%p8#UZ$6mNNS;F)M~*X1bds9Xu zdTc6w>`9N^UX^c<_<&lDy&D6lP;Hd|f~mG$^~j0q`FRaL*j=QZzy01UA78-d$ZY&p z+9>dz%DD}F1!0eoi_P>yBwyTSUR7lXMnpHvT%;qT9R%JXj|fp#w5HUuBDgtPReR@3 z&J6JrV#ueOjw-p!FzDN6*@%R}UekM)(ar{rGh|lrf{TgMC7>yoWCxFgn5g#k*mBf5 zgEG?N(Nram;?maxWOB}!M3r1MYMWy)?p+#bC)^%IVpoj`?sim~sK%0me+6rE1;7LN*+hE?j* zX?tBV{iI7h8)Mu1Lh?cM+-I8e{5~-w#N!7!(a3GTA}+2A_2WZ(h53hj-N{>yI_{fE zCs2i0*vmNj(7=kpnkO``1-b(IF5mPC9QvGL4g?JqANU`x!8qie&&7H@YNuZ=HwsZ* zq~w&xxUXFp0|r0kPG^7r3%i+dEU`W`hZWt3rv6gX41h66nqcDjXC60zOIU_%Ca30`4E;8_p8ob;L=*a%7^bw}q zL#!IpDrWQv{u(oEf$G9-n$a)yN9m6W`s0yRo=d|=NJCNKi!&5Eg1&pJyb+}=B0}0S z+q7wEB+1DxgFnP!i9Q%k#8&=m1{*`9Ls{b1xI$NKOc`!L^Jk&hOGkz70YWm|>V2SP zlh+PRR~eJ%P?rA`_Rm{LqiyclFVklsxdt`60c$4xM@bB1mzMMyRUL!xc z#Q^2hQ_&IX`DU3?6JFR|b1R^O|8jYS&}x5FYM=;diy7Ev20Um|MIQjD2JW1hA4%u@!`z9`g8gt=K@H8AsRDuAuo}E8g#+L*s#W5DDKwC*3Fc(z7OFedosB| zNeqz;-mw%%g#tahA7 zEj>{E0<*TKbb=uk{syjKvCMN^ZhCoL8N}fH@`9GKsP7djrVXl+k}pM_RCiO1-lmyh z%_mTZ2YXQ5?$<;S1`Pm_W<7malZWUIbxCh*Q~fsQIQoXV*XnxE>VV(5(%{iYpu!h- z4=1R(CY6>m($Z6Z60$A$dg7Xy3e$jUFD&=my}pXY@ujrn3;Eo_ezJexWXGJSAZAgN zwa3@Ky(TTy{C0&iE{|hYn#RId+3j4kh`k_Df<)u5CfGs-7_vIMB zp>F%{JfIk>3_&tR-l554@O8Z8SDv*{Z_A)uH~XNaQxDzLBmx0G8zJ zI1EevLI)kXR)mf5^URMo*@`)7vs2kWq*J6x@WJG{bXR)1mwD)g$Z+s(#LCO%cVrtX zr_se!trlJRIhf?j))a!YViO%c8{;&M1qV5)~+{#06 zTC0uWL`c@7#I=0C=aI{hm}rgEuEp2;@35IN*Ixk*5eIc*-(PzI!x6>_*C`_6)jMs7ZA-Jm_ldM@>suAwg?O2*PU!sH% zf)Ka+M~wKJ=23YHvcQyk>l?QyZ_ZU%Cr%1R<3HM7*|=*hWMF)vK*t~GlHtwOq zv2!@neJP})j=+>{F7JHy9+&PW9{Fv&0jvD5zWu{x6Jt}=v5A%RLtM%zPB?&1XauEw zF;ct1bYZ~OK{%;s*3^)dS4oq-fy>5ac&*`~!0`vY8rvld3A?=lIr1+`aBrVwC5$%E z6I8pRM(o$~BAmrCP9(@)aJ#!RJ=QZLuBL;l9KKMt@y>Rm8UcKL)B(M9 z1wCtMM}8QUw3kB79hcOr7YE`u?x?Ny876hdBrsci76e>r^j=WD^B%%GZQ?OyFO0id zvC3p*q}}w1<&#hwAIY#?w^egKgcluws}k|-GtB((Y$$JzF_gD`KEqO{#`Mu9>Trf1 z7)!B=B_mQDjaTLpyWq$HvX5 z%r}!6jrrQX?i_BsRa&=HCT?pg>$=A!nT0nX2Fja*N>Kx9W2pK56>+n~qIP}0c|+l& zHj6;rv3Nnos)Xc%tVSydd+Ux=Psh%*@T*Wz|e2_kgr<_rMc0C6~Z)~$e@;W{AxjHhgDZ#c!oB4i*_>At!+N(9M zk_8O8^Wo7TllsO|XMzxRzkE1zUYb(PDVf$Az#E+pp!@#=ny_ePdF{9U@Ix6fzM$^H z+g)PoRd0cfVMcq%S-WhF;J98keL1he6yv`GUV)TAm#>QKH!OOwG}abLYgYR z_zMD*LkPBWHtrA;t`|W0n2S{zTVUcKGEIl`!1+d!8!9|1cZr#Ht*S?;K*90kU^!k? zwTlV$4vEeq;|iK zr;0hPaqRhz?AE8aosO1S zHs84o!z40?@v+++@vRWKzwy%#a)>Q)1`$BYZlqoj&5%gfr``K^hkd#$zq=)nMt5TK> za}QNsEym*?-gW$~krzvtiMlwJGl1Kjc`FNSmKHI;O5#GD>l^xd?>rc??~H(0eidD_ zTgE#gD=y?69gK8)mBgWb+ZWgrOWsyI+Cx5}dG1RGde1yg^~G7~oF*@wmATD5BtSbq zaDM9eK%wTHzEdC~N_ggilrC^S_T>(-q994XZ~e)D&Czcs8TxLDVS}hegasqsu4X@KzJ`QT0TM!eSIr3=4y z^XW=+o@N(K7A83gg7l;SzfL^$|1c<{@BBB3N9O-kJ^4q_`QMpOf1l9mbRK>75CvG4 zBc}?_Z8nm5*eHiLM1v$;%hhsELC=eKsh!N|_#IPWiA}O^;R@2uo&e|c>)lJ3L8+V_ zbF>6%>RgcV^gj3M^d(o7!nFAgGs{IBF%|m+OXe@zD(834s(^kD`;#a#gTe}RZIAPx z++SUuFE|ZkTl$>glBmN-Z&`4&(TI*ZX^jllyG_ zmof5RYA61m4yKB~YqpLVhR;d&-{`0JY*4vCq&~_Vb$GMmzXQwKPrufP(Q&m@{sM&8O`LA#V;2454tAKGlTO?doN} zyr2Gnaj>;&P?TY5rY~Zg&1feCk3oZT)U9qwm(GoVy;M7}#F&l>VoIi8U+y!=x6Y%* zaF~U4sVGXX4fUA2WiwN&#V2bb@BN>{^=|n9EPiVeWrg*IA2f{Ou&X?(AnnyH#!N36 z#dJ_RVr8;3m`~C)bC$oaF@06iPzgZZ607k5@)jRbOKP|=%bmbE5K$TCx-Tn*M0mHY zmk{RrpkD5)DJFX{0dhp%zN7}5VDKNG519Ju4PxL39-?@*1XFYx0tZ0~SAPey-Q*!K z7nc2(=~?*V#S5O@X+qO~-s#Gm6tEH?wC+Me-v__(pAM_I?)BEVcz7&IzB_^FA`K%{QO6FCqdExHO`ncp>+K7(-rvz z6{@!yo3wbgV!U_);(eI1>~U75f~YrxGMyvRI-VA0SSbU;b-^4`ntT%@MTKvKsEz)GOHkYwFs1FQ& zu2!ML_ZrA4x7klvk^DxD9?NVaJw;cP-i{~ZOg_E80z4lM|iZ|Tr7=jE-cI`q{o*==x0k(Tyb%1X^3 z`}Ax?FTMR_>JP!VZUHE+jF|Uw5i-N8VloN&R(BUuenyMcEI00-__Up{oq{Z{WiR-5 z8pnXE< zh-Cgw`@2@S{d{`GboAbF-yXrZMKs5%zkoj4VX7n`Nfhy?)GEzkwg&D;sPcN zeT<=Q@|i)1Q7kDcE|1soHFHPvX}`I_js*Qg;{(4%nsmg59JTD9e6BniG#?W?c&LH> zL3WLQU;bH_tMdM|cDKBwTdvSiE>3U5B{)0-Cmzo<8UvwP{+J~uL7X4{E#o&(2-JdH z!K+8?b5G=nj2=LAL}j}?>(z<9pYqdxWv%td3i0;cSh4c4#(dIznT<;)tRh_YWrjlp zzKUCv1~ECYB6Tmxm&PS=^szNQHtOkH!#c#3YEJZ4LdRP;T5N=%rN_sag7}Va>9_}k z9h-SaIpINq@s> zh@|N`Kt}pWZo~ck%$=F1e686I0D5E3gqP2)`F$jdm!>PZAlmDxD~g!JS#^C38}wyq z_mbIJ<96WA^IfjCIc7T)P6~K&v#N0z`{ko48mFr3M9BBI^vcv!-<(P2DM7;x&x&Hf ztH-yF1lO(2o1PUFbfyElm1t-ErQ_tM{5EfHE&sr$;|*` z(I1G|>8Vs$=T(8!vG2cKUY?uq9>$){WI_8K&_RP=DJApmk2za)!~1QOG~0A7EU%TD zS0|;C%}W!ukQ3wVQl(TJn$IqSP)B%iMda#yeJ;IF)2{3ZwyO7JT%X4bKwz`a>Y7WX zE!CM=j_9o^`JYf)&T&IA+N$61nLxz|-X=H9HKdCHN6J2?j&C#`L3lsVl>FI(v+p;J zT7!iB-ap11@X0@zT)Yx~`RNFJGK3&>LY8Z<0%)l(F8_uOQEdK#aLHdcY=R&g3P;1< z_kd&l&;3W9C5qn%Sx;U-mfoq@75>g}kb0roBU-dyFwWL7qoNTa43$^5sMpkFMvbvq zf2K5H`qttBIFr8Ni}Msc8}>7Ckp=QMbgsPFZ;$m|pYq=W%5qOi)o3fci9vQCW!Xe@ ze_o#*u^~W?(|Civc(v`fy6H^e9OWe_TyXmsE~rw+e1~v4isU}?Z#8D+LAh>CU+OHi z!~}^pMXt-Q?x%Jvz#xB ztcVIyS&iowJ~(r)LvayJIb!S(n0W)tf`B}md}^}RPzVnpaG@TTm|)*J|5^r}Ww|up zIBGf^i_Zv$b9@W6KF-=8Nv`$@hTBc)DjjVyC<<6m$g~_Ee;7`3kUb4(P0j9acThq8 z;BN&FfMj*(<^wrd3r>%*>k#v2b@^{(b>9oX}BX|5Mk<( z=#hOmoXiPkyjj!$l@#Hxxdu#&-PmKo&YCT+{e@Oy2~)hBi*Yehvo?rG4G4$Jjp>i& zmQ>**FYa^9eO7#bUWV|ilCF^L4e|%`mFy=E?^KsJ28hc=G!2EbjIu?iOTH?mh>}p- zaZrCJL|(hN8X=W;`pAAl>mFo+_PAMCQfXK6mVw*I0{ZG2)xlI^uj`L_Fo3h*PkTSq z>o-*Sh_|c~cUkfSpLBr64^iz+T1=~LSwl(BQc{LHw{FPDW%TG`tzub>c;$K{m%`ru z$(^Bhz#`Qg8U(2u_}FUw^Jj%O_wCk&(U591)yvNgj8(mRu4elc+r1cf*)5baJF??S zR<$&~-tGC_!LNA#%Iks|Fd{J9xW&IXhfJ6Vc*-zgzAwZoqGEUBgGqs3b8X?WH0~Lb z?`d1dCzIpL!j*>1Y~7l-j}UB;iZuvw$&L^E8t!viQ`$9^t3Q+c!N!}c<->I@KH>)D z8wkvf15LNb&xuc0{c{V%#zpqFcj06o_6EnAH{~`uvJ3VLZJTcpPkToN8#%ZTj_%L4 zD38B3cK3d92pYC!iHl}~IDTW}jSB!-l~z?piUpyBQFQ^QjVJJ*p7+aFx$kn+)9Kd1 z#EwVfEFc}xrmctaF^h%HZ;l4x(pS1;rrEXApbp#m;v3V|0SFQjduvW|xi0&9%eXne zl^yAu_SZ~r{K8&lzw+pdaeI%e2wcug$n+6-H-nPl>Ejif=z-SsN#PeI zCS;vQKo;wO1j-!lTP#0A;<&w-IEl;2H34btL^$Y|Fcc0XoJ)eVSE_c_AtcGu=+RqS zXx?%;r#f){MO0Qv1+|K#;D2{6>+7nB@`|rE)Y*>X}Z}$g-a370_^=7f+ADbgVvzZhmYti zgSB>LdCY>a-U;@A!<85PhxtK_7PzKnfLGlj9K|3&6I0xsFHOIpzxDDaix)XNxJ-q^3^Zw&-=q@mO{*jl4PdaRn1+ zMH|Z+Ev~VyAbzc9=`mh)$SL;4gDkd0J?8fWYx0&(2DwQ5d29YUpDO%%fLtR-^pE5` z;RPku%ci~=L9RSS+yOY9d|mt63)EMv0$tBjVOY-m+D=C`*C&QMX+;~itnO)$g|>I z-Eqn|Ikb$L<#=l)apLp!F>AS85@|5h;RVJ+lEV4ZEw*^JEz^f^B|D1iO}J*uQdPhl z*0NGCz@~!&%41@K=X5c9;jbjHe@!`b2>K2$FIo38$SSHf`2hS!`SqxALi}l(K>Ztz zl4)t21C#H5+dNa7J2M;M_!mu;LJBDiKXZ31r&f?dxE*U5!cr1OE^Gqjfz;x@@tnP0(wVJuuRmq#ZgUH)&y~d+%;rc@?*LGRX<|)~t z!yfL-xO)rOdz+O;KY9{t+S?nPnA!WRbF-pzKxR}o9M-Y=^59<`fIy#b4E6RSL z_)mwl2e)B7d~#spIYinpdal!m86Obeb`R6#KF80X(d3Wsmvk9B!m_fknw1yyN-@;d zP5w65S6+Nk2lO|Ov^CZ3&XsA~WU(c5&a{nuuCb_Qae6oA+Lix)QT5aIoF0bkL|mIo z*m`S65$u1S8N*p6-zEXCu5yDJ3*`O9!oP+8L3oX=$Rl)(a@fY11Q+W+7~J`2Upf5}&D$jB)Ci7*wY<0! zT&aD%C)WuCgW9}dvus(BS1BfB^q~Rm?vNY&A%i?B<~b9B z#jmjeVQtPekU_=UK5-zivO}teUE8V%Zf1V*@c~xD{9jP%l4so^3FRN1#$ILWHEmf{ z#^}D^T!x-nCcR3n2UiVdZvl=%?TDP{wyM6wpC7$L8^ZOryajv-hqWkT9IOC8lh^el z>g!mf03YCD!2*+3O@1+QkQ^j@_Q7?1R(HIGEw0oLS&aziy%}F=qb9*ug zFL6XIxM(ds`fzSwR=2#H3^l*$=_%a8{Ot`vrgz!=y;{rkjf;Mo)IGOKk3Mr?q6C9c z2A&=Z``cGrIvDQ${dUr-pD!nCkFl`jwuT`B&mV{{88!E}oIJcmn* zx#&}vWNh$Juj1*cWh335%fOM{@X>1)eD*CPlP01aL25uY|D|P)A0d^)EaTMk`z@m< z%h1N`k!14qBa?#+t#x+~wZO}CqQQy}w$c~-4{BG_09n2<$#NhNN?feVF4V*pvCo62 zy|d5TX@bP7>if`qEOlQ!koJ%_Xt=Qe<@?+$S%m5Hn*1}MU6M`gFRz-1sJ>hM5%Pr2 zQEgzVNiOI|5a7;~LG5b|?A{Cr8i~I(7L!*uFzUfalyMIdDDpJp7NpR-#jq=<@G-7+ z>?5RXdR=jKf=n^&JK`-#a6ubWeJ3w;|Xs%fWG z$N4pW(#F%9pZNQqSbz6n8?QQykUDqjM=s%7Hn|S|lH@^YRw(hP(=toAOLgq&I?*3V z!aUqd(J@B)jZB9bd-sJ$%VS18TowI;6a<~;Mo0#@R1O1h-W#erSHjoC(7NlW@}7j6 zlADMl_-mZoXy#KKtRH%XU%mcT%gVVo+C1K0xN71_oc(T4X*OKYGM?3o$)5Lq=eGn9 zJmaQJo&9#d95cT{4CcNc)|_H6%%?hO`4F9Ga&{hv)?es>=1ra4j#*tV?;T*8)0KMa zKj4&C^A~sVy*0QCM4$*j?SfV=btaDQ2zIgx=^g85^O8nPZn_p%;GTk4E&lMAtB(wT zh}DOoAB}6>2yx+T<6nX>KzUD)pq(tE<%Iba+X(NtSbl>a&p$%4KRXdfp&UDP9T8}R zscurLNA{Gibb;FR7;-}8NtAQ;Gl|lx>SjS3E5csQx4Q@SZ`X}CxRox4yauXhl{j#F zmL6*1U#_T-9dWyBe?5Snj-HcYGby+aU4TtJuC>>^V;_Id3TI7JD$u-}8tK~`{0g<) z3(-tA=wGPG{zV=c8!P!XdUWc0V_nk;B^e55wDKnABHnVTe2DU02iN$Qqt{|$bRTxJ z((cs#@qfAFL)1+UE@&=lSR`F-PUQf?W;MPY9k146+4a)M>us!0Ls@sexCwu9sm3K6 zvBGDXx>1&Honps2bC9rt)o;)?Q?L)PyBs71-M#|MKmA*?CY^U=x3PKN13_K6DV&TtGaQoIdvk0Regx!W@lGnIN|Z!*Ai9yr`W`S&nDg0jkP)7 zY)OsF%La40iHjZdf&q6Mfr(H8!*RQmck$Lq1~oKO`w=X~1=+A)-9!_Y)YhRe(4m`Y zbru)%Vbj*b4d z(LJ;$w?AfMk3VvvLws8I(HmYND6tUr7*w(X=GV;hpk#hvSZyd^@g{6gloUFF|0RJ> zS#7_o^oj!h*(JIb6hI1`3xJ zhdhIwstR`6<4ghFL~Wv025mZPWEpZN zAspz;Xf;yfoSV(CzRrpACQy4sDyw!Z+IupZ`IirI;!9hLD?#NsDy&@cW;9Y8Py~YS zqc+uJ#yQGnu08mbNT!Rv8sA2b=!($^yq(?Y>(D(hHC&4IH#+fZkV@!+6o=~GMje|Z z`*aAVO#p2(q&|=*1;yak5;s-eGHJl!~jVH!+&xZ zRBPumfO5C=0Xd~W0r%p=;l_yuxQCxRG`UxB6>j1DvDjFFhffpRD_7uicWU5`lSS9I zV@lBLrK19z*jB)CtKQLU!M=uSbtL?Rk{Ee5cLQew_aMqKEkz`I*Z%U`NK`i-!(EOk z@vFe*{|@v{-sa1p$*@v%UhRDt@Lc^$P>1oUNAa}ZhPQxJ72TFfYBDj&E<3K+m?Uyr zrrIMru*EbW&c4(yk+tU}py4(9V%7|lmuX)I3ZtGX12$_+pN_) zugp2Yy@<4Hlm5w9L&iRm`ODU)c!xC4KgOj&M9=3|L|e{zTcwxBSgMoQ~q{Sg}0&soc*A7&&=V(!SsEL}ApxpfJgFW3chj9s;WO()Q&J zQ}ha@QQyL;Kx$bPWb3TkUY)rGorAlX3Y(BMvNh03qZ5jq@ zJ3EhN17-+d?{LHRKjmw>1rGAf^=}bPqLZ~89&nNR+SP#46a;uUxb_n0JKC_bY%w%D z$3OPfg@2A`PLZKf!hUM8hk%crG48=y!D2gDDb=%kv!AzxF4IS8m3hklE=PaEpWyRV z$KQv>os;9w>9Z0e+De=6Qsf5yWcLMOUP&?YJq1z`d>i-xxMx~l>j-jU-vn(-)p9#t z@$sX7>Z*S|@xI!X3?3&IUd2A!>$vge>RbWGrxnFXHS#0#)uyx#Yelo*8+{}hc^pO8 zznm-k(f&cC(Rp%%vK<8!AP79y%x!OFjwg2fHGCdqr@~OW6lZ%h8Xa%N%ytXajg9yp zcy#ywy3h+3Sk5PA{~kOnfVA`P@&Cb4XE~44{O@wSRvbV`mmQo}aQnG5@~V?Iy~T(>pasZkQk;=u3Fy>~v*km?7r_@3wPpPinkrZD73Z(kFs zT3=pgljf&Cy46QTVp2r_XZ+2wPfssz27}q z5!qw?+b5>ZKw;g$;6~or=k1f<{s2RCb0NmE7fr8s>`2#`*;21ve8wG2JHZrtF``<02mqv0K*Q=(KS^2*r3 zfV^YBrtCj+nIwk`Q)Y?{a;7aoKNBJvKJ_*M zFffnuc4td5A<4AJ(LxwNp{TD!)%m)OvTAqW{u(8|XkBv_ z7K0e)2w9iIMkjEwS^JGX#(Y=0pRIKO`eIln5LELFSdh?3DBRU+O|a2+k=gq0qFHR* zN!R)9{(u2*NR8 z8^}H64{E3r(}<{f^DGFpb)JQT|Ke9_N$~6J)WcqRjE0-{8QnHTau4w7)mT5xN4Z5P z8*hmh)!TG@Blsn_^+UBzgR-++roe_*!_g8yZ~_89Boz)oU_z*W-QD2|4JLbMKX*3q zCW1`qc73CPiw#i?78^EmY{~kw0l?wCN{T+8ok3>Wyr)cl0T~|4pN7DPDOUGQm-?H7 zHnc-5AqFhBaOrKeJ3OgjcuuX zR0IeNUo(RQjo?A;EsJ=x@GT=50r_EtRO;Lbf9C|uTGm%K#?{h^K2ac~M?4|p5wENW zHtZD8Nc+w+3n_wK_;ET4CeeFX?Qd;+spo8d6!rH{utnz*(CbtV=A%QXb-J}SSf8gZ z-sC+pb8&y*vw8dMC}BW|?hwdC&x&I)(^heORM$6%u7}8=Qoz<7@siX4RGppJ1;JE< zF9SSnP!DZTt~d)b%MG!zjHs*fxu>;1poKs0^U_$3|7u7sZTI&j(YZea42dwvqo8^K z0+JqQrylGM6l?!_QtwRbv$mj|@5e&cC5Be_Q@x|kK3>_k7^MR@+&h^4?RcfHM^j0|Vn#ZgeU zh?p#E)f7DGqNCh+urUk(c~cz~q>KR3q>Hz0wZ(j6ASM+t7Q=?==%KFN44?d5JAO<< z9o!)}3EVfH|4)75Xj_yW{j7Q#tl{CP$Wr|WWjh0ywxhWHp?Nj2E3@%&sE@HAXZM*K zOd%()^Lm=SNkk_4QQc#U!&G+oK9ZAMIzcRedYY+^_$+GR4 zB#fYeJkifI6Lex_F>Dz;2NpHid7u1uh=*iUnVs%AqN_jKdV7c)Rv5oHiLPA-!mE9` zEZP}}gOS4IMl}Oej3?N=&9Zb%+Vw2MM*v0~h2N3HnEorL^_Iu>*777Qbv9ly?^QIb z7Fq<{(Pe$$3IPUpJFUZE^4UXxlHeAmd|<~a%A&*zrDI?wb8^QnFaEg z+P+Cu)ysN2=3dp;5C?`PG2x~cAtOhyl)V`%J)^g(fT45%uXEdsyJWauJ84ynmS*B6 zLzJ}UdgNxE?sQ#zDG!yG&-y~o?Dn4s9KgaS+FkFyi#q|7)lQyL*R5~45Kcd$80n9d zh4aZmWEcxXw}2r`K^+QP{2fh@w0EeaE6NtsGWr}v-%%^(s>UA{LDE_vO02C;eU!V$ zY*UQnAO>YB{%;{lT)u&C*JA@TP4bG3{uH36t+ZJ^)76)E2kL^;c1e5hokNxqNj7LFXP4^O!G zG1%G?d_A^-C3&0b_xJM=k>=d=5FdD)%~JdE_J%V5Hn+kae@X}coev>@*HO*HrYjlp zx3sTUmylR$NQ-exNKc85_9PcO4jRfy)T(;ZsowU|ybc3yqV zf63yVb9sU+zD~C(t@m7z`8ugv+ijjW~5xWeMq zLCrtTc~({i_bV81bbnIOpTsEpMuodrA_Y57lmk66S&R_=liCi>5p(`NwHpEtIZD0j zzP+g|cF`?(Ot-_0OHgkloYt+>Y&jqaH-&7Xq6~qo$ssy=9_jawafL<9hxpxF;yIpM zD}s{AblXZXdA%H;5vGcx-^c^dM5LR z>*1pKakjLOKZ&_#>??|CrQGZ7lY#q_JnKL$GhkpNKOgtq`zzt2`r?P-=CB_%O{*E9 z>2`1x{jPiwezn7q!Qjf9-P(E6j*Imuw3ROiRh^M=U02ooYHPH%RFe?2U4^7 zHpVt3(w!%zsZ{dq-#R}E1j_^8k61ev7#wIY{LVke2%?$bD_MmDz~Pv8K-r z<`s4p2Rn8zjjP#Kw|zo?*7d#)v#c5_>t3Sl0o=rD*J@H()H8x#)SvprBU-U3F-GBM zYctgG6X03O!GpOfo?FjHZm0wIODg@GoFye%czxygsSZeetB-FKPH+`3d?rjm{MaNS zl_e!!8#gJI+?OoJ7*LrUBOJ%h^)|YShu-_fM$`LWVq^<^)@W$t_Okh&Wj$oD?K zWY+UbUV=&teEGVI@??sWca4~u-5yvjdnSXi&y*2f4}Rq3G9dBzh^gcL=eJUZS05iw zslE4CIhKmFmbsYG5y>Sw9HtvFP|lUF&%}4vYO=h^;DhnQZ)^;rOs^?d#zu%CzDI@E z$N5M-z5^6O02D9A$|rh$g=;o$pVd%WnrBgfYYA7OX3KB6qkzu;Yb$9#4W14RR zS^X{(`j70I+!rGl8Goo1J~!gc8HrV*JX7G=m${Y0Rn^xXRnDY2T#6Hib2ey3gwDby z9z8LwgogVLi-UI_D%zl~F&QLMeKE65%X-UE<913p$l`uXwaVfwOnwf_&=os>KeqNF zVw!jweX`;DG|J6Ucjc|!ujE!`rNivq?yDd@I%pMx;B>*|Sjr;sXOq<(KcCt7z8wt( zV5o*)d}Pp%d2m_RLl>15*8~oBb1h3Hm#EaXx>Hg!F75*Nqz+gtmXqyPWFSlMCkb%ZYm- ztHX6afsbUxHJ{fBQxg{K_?SnGzd}->k z0+cj%{Q5cx_Ek$Z4IDPwoSj<5fn@uxBluePkq98ccB#@*_bn(ozO-n5qGOy0yocr< zH=v4w?%8>cE%7g!lgnn~R^S?$TK8*!M2$_Slra}^ME*TwD82F({{q`DJC!scxr&L% zYN01dk1@JKEH|Ur26E`wJF-R8h2THbm~M@Y_v=d-zJz6EI`G|^R9x{zj@fEG-ugurllEQ%D39lXLf~B&9LvQs?nU?1NLMW z?_VU0C@$9NS~C@_RVtdlgqv$!rDG8P6$i;tSP#~Jo$aO{jm#`WAayu{9&ywJ%&*wR z6>Ybuj8_}ddz51HeP@BCPGj}N3lSH(sD30&V6Rl8gPLi)o(cYjtoEQIGR|J$D>E}- zk@2MdaHYjpUO`XAI11=zlf_<80~YO96On&kcw~yjOq;(Ph2$rzXyf#2Olos2i{#Wh|G}eoxIBb zMn?20_)+JpsOhQrzQeuoL+{=vNI`6t7!p#O@(v$fU~5*;e#eBMH*LTUicH`Q9(FFq zPOZ)iDw^EbFfEIRcu#i3TZC=wm!M*ZS3<1qQdZwtcl^X2Jl)X9+gf$4S3Hjaeq`Q{ z)~(QYshYgX_g1{fK;&)Wh=tE^vTPMIL&!M`@=^5m%dq=zoy8~~qu16dTB09i>yTE8 zYXvavxKR4xdVQ4BO)XLPKWP%^o9nrixeVNufx0cag*f=un2iKV%oBK~n8X)=3aw?Y zOdGANP?;%7ABe-vRqo{w!TIJJp+cN&j!`F%UTpW0y>pelgD9e6q{rj8_s{uCpI1j0 z6`{+^pcdan<}>;W7g9}}(qozd)Y@Riansc}=xLpd6W7irK558+s_V!+2B+Q(-V@@b zc8lG6{>=gFmuxZ%r)IekX0muh+_Vr8u$(k7zX9U+CdM&cZ8H3mrB-M-UIa#ivIk}# zKd()zRzO%KaOFY9LWn)BVuHy=+ z|CBfVHdVM@ZIjV8=0)H+v?wvtJOz{y)OLt-iTsyKVt5Ook~^9)0_3;4IDu(rT1E2V zcu~QjfZF}#0rV9Z?tCMWK%w#**ow((``=4q$pZx6(NS>m+#|*o9Qk%BGyia_!+yFp zYSLb1|C^0H>Bz+C<Yj;_y zTMomntt8eY+B)vw&l%}irg+3WHqKmN^)1foJ1Y1jz1<{9@+LhY-MrE+c*UmjoQ)mO ze)9#=dk9hX zPkP!LM34&Vl~Yv6t+zAVoe%f?lb^$I%}kQmZjuzO6Z2x%FC2KRVH}+G$C&{p`=?<&HIg1p<#?OA?!Ww(zbP-2A)HPa!jp zCge`sV!Lis=gqt^#xsgsHe<_SVJH3rwW9>7XZsO|` z=*mrKVNez-#jP2jCJBh9#~z0?J9vboL)LLYolBM-)lB6P{*cB7I%_&*^j-Sj`LH+D z*dY1ipOsG^vxou4E}_m{q6?h&_#W`L%TS+JfvmB6sr+PbHIH@&d%w>#`PHtQ>R$tc zl(1~=)vk=CnKhd|g}DAymQ_I8_KhA>(8)?x%<;T!_#FL53-}DltAAIL$f*yyiiCSw z-()TNsFc=4?pt$Ah`AoCH;7XXnRttmbk{F6VSyjjTWMboBhJKCXVbT&SVMo-9ZHBf z?>fXiAOauNeB=3l*O+AVQUcxcKgX!|b*2CO`_)%rz>oLuakKCIX8m($+`aT)8;a~+ zrXCj-3c%Wgcdi7mhc?-)#D9Kl)a?0RUXfPcS)L+?HBTS$1B!v#fBsKK2^HBl2elOB zrb`I-OsM?Op&TTUo%ku=W8DwEv}w5)KK%)wO2dhlX!ub5DzHJA58>D*BGNHew^+)6 zvUk?7SCkc?ll8FsqUvHY?{J7{b#j+>Y5Axe6ePvj<1JXR9xEs9rFTK;8VME2h;L=5 zf-5qF1uXsEfy+@^s_P=-mr0WRb)P)j=o{QF&0{-HB{+NJ4}<*#OUY$L>h*)dh_GvZ zoW540`-Hjzx6T1#1Mc(gq_!1JQSTBKrjU|=SfsDsC&zlDD?T`^zasUtkQ3JGfoH>u z8PUn9i|oeEphkTDNhuM-cVe2B=Gp?b46^BIFZq}SwF!e{yeYG9d@i+!;x4uK+log6 zjWPni6vQshPntFV-8xDk>y-7WxDKlU*6V!eZV%#LmJs9cnBHM(T19kBb-~)bsdf72 ze^(aGr4HudSB;&f)eynNf!lQ(0v=XarM^_tfRJlmJVlOD<#K@B<7@|Bli6Hvr|aJcBCG;YZsdLp3&F~Ey{dE#)A|P zf=7GlpM78anr>0i9++biQr#!oPFsN)*IbGrkrL)MQ4IQE zfpXx?W?cKj8tB)w@iQ`9&PVITZiMln^#BH0Sa+4mT{htFr$|XFl3Ho4vd1|5kF6;G zB_>u5+KoKyQk>gE*!Qml=B96T_4VuC)`XGeYiW3grj$yemqSBFAWbl-GsVrR$rfJKxm4lnvA~du^>v=zd9rbP-XypbRwe7e>Kn(`Wjq+?(wrNY+7I zrD+!7D)DpIb7o|cCJZLLPvo;Q5-L2U~4cGl@`Q=4N0cJ`mHr^;CP zLOzSAU2e-ynom6%PH(iSQfMh0ZM!+A979xOzG}xh(z$fY=1fb{<|wP!-aWRnd0y>k z(XH;-H_7b--x#?>VqcId7j~d#s-ZG zM@>hhR(}&pB!+3HC)TOp=K|zZKy#J;!h>=X?#^MMrEY9l&VHsx_+q)jmp^EmM%>9k z;i2eelI6*0O?~*1WPqfqr-j9Eu*9bZbSEq# zQ{~VppT1zV9!u}U4xl(VK17M8Q#){-h$PhyG zDTZr?3w-tx`;A(#Z4GQ9dBXe8Ze*F<=w#=zE z`giOw>5H501+VoNrPZ&PoKV`wts~1zPh@k+mq8;@8THWxqJ+TJaKgI~<2HKo$|I1& zeZ#d|;n+DFzN3t3Y|r!*Bsp~nZc3qSqvOUYqKPSmN#I!i_(!jf2V$#tEDX*b?L zAl=t7=bt}2&r94?>1#d*JpuHz48!VRS^6}+V}IH1wW1P(OHe<*x73fFM&8A4I=3)se4)CK4YN3W zX2&HtQiD><_~X0C&si}i7_ky`Fdo^*?+itbfWmzcv=Xo!|0>9+tE=r^_)LXjTZ=Zl zbq^MID7q`3a9M@@w#l8?0hhX|Q z5%UVp6*+mA0=O1~+!6DRWp9NkUAD|-3-Wv85Aw-8mk&^h9x#Ck-C*3(Nb1{Ce(J{z zL`HZL8$f^Ig@nl6ryFdI8Mf|oiM;2A+8`eedC^Uu-t|sf<9SD*9}d~VYBb^>zjhG^>{)0Dm(*Abgt^fC|=D*$(^pzVdiyT1xzF*fq zzkYes1>t^e>0Ls{`eQj^_o1Y;;qWhe!6sFRfy z+sX74-$#cv&19A&w(>Q;f1l4hBPR+jMN{SV*sn9k_Nf_}zuU42@y9ev)orE&csL%a zel;?XVlkiq?sB`7&p*v~aA+rQ`nFM`+zzaB_^crNy5{hfV0d(w={#J>(G_t9>+(Ps3iL^%*S?9EvX<85hFF&GNM#@&t7tmk z+=%{2O-&`eYhvdOO(~SJ6W7*g*_b4@m_}(kF&gFH<@lV!@@3a(W+bK2dHC~OFZtcd zL0sg^cMXjOFfqxGA(o%_hE554aF>v~g>K^L`HxsF{o0(upI$xqQnfbgg32tfjn?@F z;lOMm=oG$GGfdLw-(g{J8-uqXY|Y8;m(5U8Bvk7LiYN%&pSGG-ZMMA}oHS z<(mBkw!*slCs@+9WW#`Q*dJv-T;C_ANlAspup*SRiZZp~lW zJK_3Ni`)o7m=*yo`&V_5vos$}`cJ7>Et+)ZO8Mbzn0u-_iR&{hpE5!ety_kKKcfOf z|LZ9=HdXq&vp@eL_W3vce=QR(c>VucOZ;CiKK`#y$iGCp{!N^;KRVy|?C;gXq(Z0E zS|c2(ib-3tn$`rH^{+Z`&IR-#ZeAFrWC)8O_zGJ%h2-wF{F|})>QyU0dz2#hj9o=; zZX7)!q{YnGZ`1vS;)10kgSR@_v-(72RX;k8H=S|AANlXy`0YZiw8?h&!}VerAAjt0 zb?kNBLHB^R^L1H-577ueYP2>$bwNqHoV*UY4xMMkpH9~fg}85Zgq?350|$k1$d#{1 zn7vIa$f5N#=FMZLqS>_T&F%`>(nn&ZOrIAYll`C8zC0Yt_U(Vjx!q2rvm0z3y(Z1RReye=MckYH^<_VYOk>m8CIp^vmWpG zI6lyK&nv<92{k8U!`>bMC&RLY{H`|>W6BP`D8eXSE-^raA*`AuLtAgYtng!~`6H7zZ^vXO1eVq_Si z%Sv@TYi)%Ofh;B_JKcZk*n-V(^L1=y_>|^2>hF#o6yGw&zK$hB3t!Ltgzz%yAJQ0y zEwCtO1r(BYu^pd$Z`Ee2$PFnl`CL6cE#e|&!4sJQ&?h)o-hfW~e!B@auml^qi(gHF zGIwu%K0SZ6G3rCj97?R**OU9-n#0u259OBIT+WXfx_zp9=Uv(AeP;c*K#t?bfSm8%k^p73tE2n(=oKI#dva`ug`mw%fOTRCr!V)vq$47ZqdLI{5*Udo$)*Q)Sk zx&85d0Ln(EnVPBY%nQO7l(?HV*XYA3AAFqln8^f1MoFr9ZY|De3$_i&UjB9=X~gnp z?ysksRC8pPYflUm44aHEqL3XrHR#5J{ zYSJmAp8fX|UHYJc6@Yr-N;Z}r7n9$~Tp*o3ex9vb4%I0cnb-#L_fuK0>a2oy0!{sL zGFIoVp%uE?Vm-p(#Ewsh^cvo0NRfVzTenwx3vNKp$7$HJZ;5>rGe)Xh=}|1(w6)24 zYGc)EAVw`kC_nJG>w5{Zt)^p-7aCT?O1{(#>lPmuW41-@n=HS(>Hp_N-QLsi)XhfA z@9&Q&d~&O-=if*bjx3)#r~1~Z(~1zfB8yG*{mP3uiJu8JN!BiH3&TynsnFKV(?S=z zM@2nYu6YQ06pS>)G$8N59rs7v$bVQTiI4vZ|22mt)Z-Stv$`eZy|n`OJ%8&j=70XH zOwAVf&)=X(3(y}i9|*)7L-il7>zyp8g+QfYPUC0-S&P{Lt(~bFn-T%E>J8 zjw7zbc!<2?Lw}%8F<7`u9^IQhblLEN!OfwF-!DFEQE&izvtd5H96Y~7{FF8fa5Jm4 z(K8hwca~BMDdKBlKs}Q#vp7#$TnhL=P4OuxAd?jP?G0s_b_EnEc{B z4AJ8t|JBac-2*J5>jt+b-l5pZ;*y1|1kD8`CqAFqjxci+bJt-9j;TNT0gS3s{w!Z- zUG4sOocSucUz}L5ocLY@0W&d4+8Fg5$7>5-q}a)g`YP>x*)!{=yj@l%atAbu9#k8l zaMyd_*``lheT(al=Lc04El-cfeQWZBW@+cA)L&RR2|aiHr7Gx_0xsE|gytM>w^Y&I zDNvf>5HbC-*uy>A43u=#s_ia^1m3FTXqQfqw(5HTWI7%M>#Jzt^?^`_j1g!jvc z<%|Vj8C87cIiBdBFP8-Vl$D7Wpkq%~`usLrNyOx&xvKa`3@vlGEE~-gDWfXY?CC20 zwBRrwSCLbXqo5{Z1YrLgYo9SXl@=K--N$i;7n)3j7{clWN{er)Jgcn3S2`4h_Uah2 z8%W3d@pRoAZs)`rn7)sk>%;c=M12k!e}>F2>@=fds=`la3`wUvsoqFON;dYw;^lKke+R)IJLJ#3PGM;CqeCu(z=4%ywEgrB7TN_Su!MQFI zZx2jgk+D#L*#?PUSjVvRjNOfD$KH;d8i?M-G7Nkj*^JV&_smY0>-M`4+so&~i>?qd ziz)4F#7={K>s%8oKW1>FW0n%C)*2gp#NOielHc@k6G z`{hMEIRwgevw4635WaH%>rFNVN>;_?syNb|Io4i5azJPMMn{w4oD0I9HzLM0t*?fH zXQf2-yx5|D$bw{XM9h5jUhNbwsfgX0P0&+)7IN_;c+=zHjW%)V!Oz0)aw{vChvEFo zL*?C;Vxik>Ntd)5SiH%SUZ$L|?Od}MUJ)lta*|rp%~1HEji4gS@}H-d`?*GMZ(rx- zjZt9b(sdj4_+88FC32fIR;Y)x%^+Ia(iT6ADxPw_z9fYlJ{YOl*2DQN#W8M<5Y~6A z{Kte{aGyLPCsry~$23%uE_QgPuB--U`SKCW;xTUzq`tRu5AN5KFQK&#c5!=V1G_$N z`ng){CbCVdj~4w;i830Vm;HuGI(SwGc;riFNqes_JtYa%=lVH4i@u4_id(lV)p*jH z>rZdaHtgg2W^?$+X~Yg-YJ9)vGaedvm4zVf@=eQHM&hNlcuMaj$AkAT!7`8nDSyg{ z4FcNgmZ|Qt(!i*ohIFPkk|aAg#ezTnE#b-Kg}LQrN4ls3axo5})S#-v32C=9m!ykst+D@@A%6MVR$cP zqGy4;2+asD$lz8Y+*9!QBFIa)_eKf&3m0q)aI3?I0$CugKc1zEP?Pf|RT#261IHA| zH_xn^gxfmPKqmaz7k=$;H5$CNZKFpG*6#xtjW|X;#AsmSLfSlwugl_%LYzT2In@OM z?*DATMYR4fOk-ZT-?+fDCI@94qQjk$S|#v(C-3mPMfiGE*6WNFZ1buLfFFp1r(Y=XW@#B=%h4hc6?-^$=mOtALSrMOY^4}Ov%T^^T09splryFb!1 zQveW}zOS^xOPl4Cjk@1yovF@_c*(7i;X*Pa*(_33nlyi>?+40D4wB6_2wn=rr6(1T=i1o;SNYHw*2mK~EF^-zo z`i*&OVa~q2&U#{`3yqzw0H9w{xFQuTP7kgpXzSjoaM-~%LWe|C7X$u%)7%Fd`e}6z$P}u0Pk@{%7R4DRG^5fqnwnef1 zx~TqnXgr|!FI~T+z2b+BC>l9A0m?EVERuA6{)NA*WQ5j%XO?f81 z;#BG_&JsUAarc0X+|Y$5%Vi4Ee6OZ6%b~2D1^{i7=&NdlBwdMumu;aO(--sOs*3O_ zqVG}?{0y_ZtHar)yxe6{6c{-aN)sjw_3^g{AF<^vWv=?~7#uJnKz5G^a5)&QXY?4& zAWb$Rx}4$323a9Vq2C)oh8#s zjepLTm%5mjAqU5VMTl1Hx;xwLB%B88oC_-?f}4Kfu2%*sZGYgc$OejUjl)!9R2bj4sZ;Cho(!Lk zxZI-{dAgnbkv1V+ZffeW=9oVw1Y4^K&-zu%Br)H>)e-X@#a$=BSX7BVYnP3mM(Pn= z#}P`K+n4fR7iDAzz+R(uw|cPU|o0Tv}NZibuZKy1XWAzg<-kU8ztV-2!Wvg963W32{4yR0wWw{j)&*NgQ8hPRg;=<_J-&>_ipQ%M zU=b_CM}7d=>q%95tXOwPQS&wS#xC|$h&1D?sib*oabS#42%Kw(M`EKuhS%nz;0`!B zMiAAY3#`xkatnL2bsS`Tn%w;RTayXD3ilbtEC$DFXBfQzg0wmpjpMC1zzO-mUaj8k z-1;2UvPaAYe|h^LJ>8K#-LLnRWQmblV;}oU(AtX?=&ijS1+sMJn%tmIs$fa=Z{wlv zQ%Xq<87alUk+FKXO3H5kC`N@%2Mxs&+$;vV_e35>aT7LXGUT`e_P_Wxdc~Zlsm~)` z5AJMx+uKEs>}&j1=Xg}>>@}|wmS1U{b(Kl>+6!K25d)tF%E?a>jjJz2I~9X9$ymE& z+t2+K&NsGdVm)RP`RhqaBEZY0_8=Q0*EBxI{D*HX#-6F!Tl`KgUv>s)xsQwk;=`w-&VvJO4n&d!d zL;$!UKAm|GS1GND513TYtNh!F03$+qMmMt)EpeZ+c@^m%j8{%w@3zLcHBQqw6#=ZF~$BY91U=8u?c74bZp3z9&QS0rbC;J8ZT2 zg?wTKX?UEXJ@v?JFlg)8v!2{cxhQ8eD)UIV$3@l7Wd1Jy?v#lacehIr#iqn z&mKT4Nv5@$W<^%djyX!hj-=c{LJ;?pJkybnDs3OKeBG@TQFU+Pw-tI6OUlaL6}qlm z?0iXTjjeMejV+8Co>tI*vfgRF`c276_9OKp%qjt2TcRa(e@RLM<^^UkCT4f2PLDt* zN62v0*_d?djRi{@ZruUoC-|s8#ctCk>y_t4vSPWboaNf>yZd|F-j?#YgjBj_%e2mR zKL3^M#*7-GQQFe6NCBQB=y39{K+>mM(CQRv@=+uJfs~8f#{NqY;Y_*t-%&vT)ssJ$ zgC1V_4;ulpmHGe8F>3^sK<`bvI?&YABmv*J z0By3|c!4V7O{1u{!~kSvi^2c8h1)LZ%jTe`nVL`i0S1;pWJVQQxVd7FJ14C1FWJS- zt$rX(NLa4uyWH3a7A&9QGPz(vRVFbYluwHitN1MBT}=@)`F*ydVj(`tYi`jU2goL@ zR>|CR?LC~;CqW2)babjH^%p{UN>5vyEPTaczPK@Kop0(oPK`O;*kBNa3rh7ZqJ%nEf-XO>(T~AbArC znxxf8>CL=YX~xA!BS|yC#fJjW`cXEa`203G#-5&ra>~zylI`j@2$FYVXIm7z^C7$6 zhi(vVk;`Dnw>01mkv}>>yavBd_P>vB@Fj4W1T#J0q+_pDkQSnbi*3J4*=%gnPG*Rj zOxnSx!;;%Ad6hg{Ayk1ys&Zi3dXi9vQCu}5x=5f$anLq@emJh~plmtbea+Jq8_%U) zO81QcHfM4rOwG#9Lci})(UwEL^LP5sNoMyGCCkebTsconUj#1g76T82YW=pnTT;!7 z3HF)Z(+YlO=rmRDno{l^fV#m@2eI-|(a*?R!G1j^SLNMldE6xPJ=UJ$V^d4KOt#_F zqh-!MpM|d=5Qnto{^VGFo~M{jbsQB)R%&t-#&s=VL-5iVuFn=5q`ede`k( z%vI$Fcji?rq9unzq1cHVrmSk^DA$*!fGDFs7mgaew!ds7b%o+EENHY-l>=xvDq@ES zaD&#!GVOC*!lT$<`LwMo((MsCPLb)fw_2_nCF=u{FND4`A@Ex2Q`VyW31L;8gaDM+ z+{jjk!us8Xme=7KTfR#7pK5zC9+G9t)`!#X%h`mHGpEjCbJ{Zx6zC65luTXg$QZ^3 zdXFQeZ5z|_3D!gl&wh4K^T^yct!MBr16-=fBeR+F25+#_Wv&%^abf!PL#Vli;qdM= zn{u?X&rN79FwhB#0W_0gp=h}sx{WbF@4*KX6hr+?Pv|feD5NZMr=mRJ_sb&q)A9h1 z8%5aSF)p+BtkEHPkrmpf`n|~sJ$s5kU{Prrad*ZZGUTXk3oORk@K{yUGv99B^AQ3B9sEV3WrCFTt7~#G&@=-p`&h&|i77C~!^)b-jVhx$ z3m+C;6pGx)w6da$Fmmed-I$5os_xti@|WMMRbtx&!0+l@!m<};6Xt>5mWrm=><}a@ zh{%-_kVp8$5!ph+V|v4q&MY&jBXMzw)h0R`VsSmZB+YB0h1oP^Ao;^x*%`;u(ei^4 znz>vqLADdOo3B7dzDDv?WKVtesR@}}qKJ&oDPro zr)Wtr%$w5JdlX$x(%S2zv58kuwFouLlJw@#vUhJs`Ofr^(GwWCQ!D*l`j#O7o%-#a zn%_ezdmE#rA<0f} z1lei_im~RC%R}DWX~;%(`!pr zNWQNmyTT_7T{`y#XXvEtm6pJrp{X~i1tw5mV=^*ssy$>z+#L6~Asq7Ja|k zXd}nev;VY;S#wK4l$uE|KGae68Q!I=0F_(%;@e-K_&&+)+BaA(+5X)#*Ac>W+G~Ev zDc6i#^if-=-MOpI<7>^h^9%O3y0p#tvNAqq1#RyRzSS{F^I!ataH8lL?Cd4o8KV0WF;{Xg~M$@OVoSa$mn1{XXNkOHF^bGF(vYBJG zg@2WPL`qlO>FwEGf_H@=KxGvds6ZtzWS^TXlY3|TlM0f{&kl6I$*Ic~xy4_)_c@3o z-D%7h62c@O4bBJ9@S>g5sjT^>68G$c5@J@8kD8UpnrDwuX_`1c`Ys%5PEa>gSW29_ zw7TKEcKto{2roGM^ERGnI&}jxEHcKj!+^LFz;ZWwq;J%Gt~Cfo8Fe@T(wzx!k{em5 zAK4P^%o9D>dSJ>+9Ow>NUMlrlN=%M|QyQIA&R=NWV1Y8|VK9#lq!WM%tW8!q#i!#` z@^^zn64<9*x*zcRpURX-qVoFeXtc1yRswGtW=Z^08Pv7K7a>XrS<{*&n(|c>iKMK8f zrsKQa)>!pfLp;}#!VqPpsaKZ*NveP8cghU3xpV*_>F?0;#BM~j_%Z~X@-EuZ2qtW5 z(9FA7qBk91VzQ~PqI#R=;5+-UD-Dgt%Qg|*OK_eIArzW zt2QsuU&Hj`fZW;sAbO==Q&w(@V2T|r4@bAsl)wuK@r(J*6Gao|cOy=KO0pv%2MS#s z`scv0Nk8lOGGh9^t`d}DE6l7=%kG1oyBxKiB>EgEarbmrpdr8*KNY z+w~D{R_a;7099mg>RV3fFvA%mpn6iLMoS$yYd4ap&Ts8oO|PvOQMF!dVf=Bne{>(m z084eQaim2DP!`w|1}Cd>da6X%UF2Ozkxd!w+#aX|d{q|R=7^(_!DT`iX6eJ`P?Uax zP^1saVPCWFty0}+aMoeR1LxgLyvF?7=Ul~pZPP-P8fxZcyNZ5@G=9qo+2z|yprgx- zEDG*ibALV!xo5mEsW^4r#$vInKPg-%ZzKQ0S@`)ql@)ZxdimfJv|p}!=4)|{<}}|{ zO#D!E0R372M~Ndww89RpcL+V2CwpZyam5{^LiT86L)|VB$r%_^@%Hs7$=wZmW*9Bo zfuO3J5OhMXEorw^iGFvPP87QKZKH}*%Q06UW9%e~p*9oj)PMMKbEu#RW52ewd;r(k z_tdXdGdqGnHKzZ8YKU^t=saQZdP-C?)fRej60Gpf!YwQG>GEq%&fLBJ^ANGfm$sfV2>;dTP`>*xF4KciHz$!P8E71 z|6OxJ4Nye@5)O8@v_u^5p97Wwfd9<=nvBZEzoXkfW;sI9oSl zD?u~kKn-UxNWprwH{Kz)%LJrMd$r-hUrxo3fXjiV{CHZBN5bJ<*xe4=xbS%Z$k)x7 zJ~kU}&yqK6YdeB+-V4_w3QlX@3JJf4na&iN7<0(o+Z2#o}k(e=a0Wbydnok7RB9Bc`aTP)gZ)s1=&qzOTGfU#_Lq zZaVl#`v<8|pH?zQSF)1f3_1Q{^UNS8NJ5iV3-SV1+70)6F4GU@b&b7_6>rFD&JEWf-;mOKOj}J;A?Ab+s0O6A`eGlRlw*K`UH+TZhf9!y zu6lY9q5xV-89A={CWBrHCJMl;(qV7hYn*!&UvKd2%A>4UiOR)FFSjZ<)`O9}e3 z?UA@%5b+`hxof|^-z+Bf{!RbS!qjx%*1%Yq)__7M5{F!t==X?#Xk}FV!E_{kX|#LnucViq?w1Z;}M^ z%=pLUr1CK&d}mvEg*7_QM4gm@`hs!!7~C~M1P+rA;PD)9&@XiVw^@Niq_TN$A=|^}Y=<(>K&WHD&shHs ztkQZa*5@IyKGvTSV5_jLgbPh{MyLnw)k{t=ekVU`7D!3}oa zS*GQ-%c{y+`&9PZYmy{ilV4{4;Hx;OT@FBxyBXvHI*Sq&b_w&%0-|v&Am??!m^Cd= z2+PC+f(<0(P_U6O*lcQDncZA+RJ0! z_OHi8FV(HpkYhXNET?}luKayGdjMZ+@t-(fb?LuIvl{Pz2gd(3^~TNj2h=>*#1J%N Si+;U>L%*| literal 0 HcmV?d00001 diff --git a/windows/deployment/do/images/test-scenarios/Win10/M2-Basic-Complete.png b/windows/deployment/do/images/test-scenarios/Win10/M2-Basic-Complete.png new file mode 100644 index 0000000000000000000000000000000000000000..368ef195b4df08e371e1cdcc92bd736a014c453a GIT binary patch literal 549070 zcmdSAWl&sQvnU)0t^pDVHaG;g;1+_rySuv$?h;%E5AN>nu0evk46cI>5bVpjU)8C5 ztDf`T=kNWoYwxvcSFc{(z1mjy4@G$ibQA)VckkYzOG%0a4c+>vh@%an0m##N}3la9;U=M>LD+zqO%72!u|9^qjdiZ$;OFuKrci95} zhNFQ$=w^DtTii$-!n$d!Y3eur6xmu`OkD=Cw;g~>#_{NYP(`>)V~ zLDAKMJ)u8!^=$rE2z_yELt@$XZM&tM4*oZ6=>0@Z3gZyT(GY8@x%J(t)RuDgjwRdq?(F;f>A6;Z^E+cfC$3R=Q*q zdB6q4abCpYSlru&u-tm`2$XWG7yCZ(&{YbBJAD%3cpTPnF@In+vr;bRRtJzfbo@2L z=iaw552GML(!SsG08tkm=nDKk9NqPl1V8M3N7vOX z^@#enw?zr~a5}1PE>@#Rd{2@5?j;2Q?JH2Fm?2iWuU*H1K0HHp@`q_F`@kdbaL9Cx zsgc}Ic)cNU5a?uvyDokC&&@|kP354c9?wBuKy{>gLC5@#3khcGcfzS82VH|=Zl8U= zaL8G~ih-s<^eOVyum4fESM+|9aVdv-$4zVG zJ~ei0`X>MIy?S)-kH|5fZR-^TQsWN&AzPM1EeNOoZXC?Q_rZ~eaSn=Y2{BuRLv7!= zP>Zv1m>%5976_qPTr_HaGV`j>8L-mow8r8nLqVnZrD*eK`_o)N;gP%O%&p4|Nl%>O zL1>Hr#+c{T!}#z`2HrR@B1hHNng3yM!S@2Zqii`4dOK-oP}xB<;1$z8)18L1Xr7g6 zAZnl+F%a6lNbaV>U@3C_)7a-wVgxcmvbWPs+By7kZ7cqj(ZvP$Q7MgOm%LY!v7isRf%Y~^N<8q+o1AuQtG2jK*xfde z_{}<{H34BRG(UvaZW@1WaVromyYU$}a=HrA@j>bK)T2wG;_fS|A#6&n!dtjKtLkyh zW>q$5wXv>ya(qd9GPboS2zQYDpj<3LzFJ4@xrVu8c_lglQO7mqCbxS1NC}5;sG$}V z?VG;5225b-pz_T@LKH)64_) zMP`}}g+vvH>c;7Jvmq-?z9W)^#P1 zf123){$V@meDi@@1kwA@9+*CFN$WDeGzOW9#{{T^wX|dU3EM@)*nBTEA(>pTU+!AK z@opee6ikVF8{+OmhGyfAU_6K~nylor={D7Wv^mf)ESd}tWj~4MYc z17%vB{V^lO(fXJNd)j#A)JFqtGRlnIx|XsUes&XgIsJUbdNJC$ zO1WG0m!_KxR<({++-E*UYY%S|k6=}jKkMBN%%PmR-)JC3|17Sll>yY7TYAzNGQAzY zB5;G@vawYl4+Ac&%z|ih`w47kJ8>aj{6m20rf(weiEix{eIs@F!W>l3jtD~@%8*;F zUsZKGSny@chYanFMcaSWV`qd zAVYnke&*5U!e5nfXbScaaY-3E>_1C0r0Yj{{Z|MB5$&hcA`P1QX`12 zeS6FAeQTm|8qR!uu!4r=)Z|B}K;QPTaNJ4U2C_5sku_Tkoh?aLr&+hFPJZWCNW>JY z^QBE>)!LMh2yUDQ;VeLPBff?i*<9K87tUMj(%aHF>0J9g5AmlMqeu+y}I{@!yuu&M=^=gRW{fNKWs$ z{j2|%IDT$_MN>Gwj5@t!kQn5?6>ESC&6Ms*>*h8TzT#g0c!%Kb(=s|23-1-VUs)C%cxxw3l?%x zCK!z^M~>I$Ufs&rq<0-fpBU9R59eqTaJCF73x~lcD@-gWBlp8?<*X#0@M6pA4Bx1c zq2av!Bc47&;QVd9FbC^3Ja<6-QIM~b)UC6F2Uo05Jyy>XSmt3dXLBS+aO_)Nvmsu?Qfzx^FC+)+NgEZQvMqu=5uIyYQAFfZQjHFCYQGClcJW zb8A+rW;9GWhrlWO=bMg^nfa(!(1knCrS{qlXRbVKI&_LLA}u|J*;k0zphKy?N2Ft$ zA$5*9w_|E7mti18m3iwyU+pRw(ujl z1=>yzmvhLAZI5DiLv7res%*?>9jsPLg58u<8~)@s#_a}MwVq0v6(T>{QL9;tT6a$9 z7^DeR7$aS*5OQSx+x7oHSRW{(-%H>tz!+kjus+^C0DO&`-Wgu=kMs#A5aR84PyrEa)`^0(s2exg! z5q3Xa18f;Azio(-qx@_jYN^zV9x3M25z6DW!Fh$=3+<$g*iIi>@n6Tq06qQj>GpUA zZstcyjNp^em($BSJCLLBMo1}_?R+-VE}f@fgME!0F2}mLExIPo;j1O}+TU$GPc1xL zq4iE*-3ayIbD8dvA)jpk=7PHQ(Z}Nk!Eyc>QEK-LL-QQLaXhUzhe?oYPA<@dS)l{k z0-4|&dmBW7VUsx4U&zRN^QLZ3X6#|ON2IQR$nxA?_?m;K^)e84oy@!QwAKEof0nt; zLlMD)xZ62Pl`m}()+89UzJ&^0w}xlb?Iy_3o5-v%G!1RbFPD3NzeiN5nH+ps2opB# zgt;pd8-w273E!yq&64&)OF0UjmDn=X)5+F1@>gekn-iG4(AS%~`|jw|O6eXEw080Vs6b-}=c6}jd3wP+Mt zZ>E-WLnRre6k$YWE}Z9>t|NPgz8|}bPN$?%(&OA-a>E6fOhb3>-v)N%9v+|Y zmy=bZ#t~N7eR6}^hjK$Rqv-jGzB(RNOPGtLg7S%Zg4swp3FZ!{cdU61&t5tpJDbw9 z%sx=R>LS?z%$_a+cD1Lg=gTGVK05p;{{+5*Ry%>sQq^#9g5C1Xq{3B4mD{qi z*Pkc`m|3Ks9k4ni(P1)ke$V$ke2|hQwgihCRn%L@JLKN^{jxN|gOGP!;;&Ie0@%9_ zmcpBPzQ9XMS`76#A33(=TH!snny4*0f#-q z5^+0zt}*2*P@zMLc142@#r1T-TG46Eunu>B_Nhs-lZ@z%KHiaxb{rYoM?CRClq>KRAr5r!`)ry#2cCD6zFzYoQ-0U`@n7btTU6~VjX2@&8(7E;B!|x(8GiF z+WU|E#OIcf5%8j$i{n<({N^4==EsSVyU+C>a{tLnYM@9xd=y85yBWp|QS z=iEG8nHhTVo|C9Lf=L3}^x@iuPV58pZD>6mvR8Ka~`# zlWd?6jM9ml;e?okhbN`SK_^Y(JxlAM)e)hgrDC@MAUB3XH&OVd-RYYw)trXISqdZB z>W4Ffu*(-plDXibO3!AJ=5E|@9Rqh!nM1|-HQ0Ur_Ng(W!Kjey6>FZh2;=8#LeEwU zBg~WgkX?@!F);dL0~V9qV#^gsVCJxLtkzG6+sbZB%c_8oQ;^xL(u0rU6olFId9Cn4 zg0b6Qf%e(e>m&Vswb0$LML}V(j*qqDK%{h~^!ay>GMdeoE+O|u8+n9QTjB%xih+-p zQ%2yOWf+pP^#dMT{$)<9NK^Tm40G{sNi^==fan%FUMzBNi|KSdzOT(Ea@?J>B$*g| zCTs5^hAMEmD$9E#=Q)oub!%^mSUOWH#IBHj6yuiJe)zEAKSgb|(Y^ExxuVwC<7qPa zgYJD*uyzuk?>3ZBmG`hC(>*%*JFi-Ys%wqLBp*i*%bcM@kobPON}_Tc9Z@J|U@7}6 zS(jc6XA8BgRCymo#i`La=CH#iN51-2q*cQS3s>8wwGngNqBhQT+#|SX>1Wj^Dv*}L zm2KD(DAMSrf1`nzwZ1BVjoG?hPf?YMYF;7@&s!*F@a94xOViV$+16n$=nL4g!3@&VL2A>2x9O>0&B3Xlc2L(< z{hll-la;0knbwFAk}OEX53*4;Dn7I5ULqzbI+cI*C}RGuG69(@LZ_)wk~SEWHfW8> zV;-L9gH|#!og>9s_nzP{q~R|j1mCUFY7o;+F zMr@;t+%X_UH8IByU_blRL_N zkLGLN+0Y}}Ur4tn!R4C)^|ls!<0M(_Sqj5XKY(UAK3ofESutY6AsV%|?5subsLBLb z`-{|I@6o*W;gHI%?1#PD_s%w9M8gH>(kXnMr;uekGf8)sZ?nP<&o`euKFZu6v6GpVQo=0uC)?dGPrI<`%cK!Bblll^xq;Tx$;r4D6jPMboxlo`!JINsi} zYS_D`CT==Ap1BgwGe@Qe@o`C{S_LTs+vW^VzxifIlY)s`M4uwir~S)-~w8 z*QXXHzv|00c^FaHjbT}|JiGY&VFfWsxdn#-e{`PaO|f#n|>>Bf{ZTZre5x=ZnX`!&YiBFq!6C`8jr_%x%a z7?}Z`TQl@62<)B_A2f>Wahmj<-9qT%ez@mjkRKe!$2QC&3VMJE|1#9KhCGG9F<Aa1YMH;k$RfFN^%u0@7RBhXc%Wmx(u2u3X<;<< z*wJkc2Tk;y(>lZ7dV!F{t8ENs55%MW17|%aWHzXou|q+9d>`H%9`#Opazfh0e7JUr zCWFr37`!CZ$T^Ls|9NAU>S<1*NVYHNZ=UEY)n_L%eI(~|&?^X@xxQ3vbJ*((*ys)x zUk1C8#Mb*wsA$8v;m@EBO(oZ}gf0RF%;j>~58zQ4oNUv4-YP8|)(_-X`|jwPGNZ-U zh=gf$yl_KWjSHKl=-XA!`H7%Rqwr0Dwl~dZbZS|-NYT;haxTAJUwV;qHE)_twNq>5y>0~u zxO@%8ac-fg)mj|=U{I!)xf7oCIs(aFB+US?Gn&p7m%Bj!pxMn{`rQzP8tesEDg|r1 zR`wd*O$m;)tPEqr)X`>a!1n8XtuJtl$a4B>gyuKT1~}fT+AW@~%jJee;M@3(x)&L^ z6;DtlAJ4h8kg99L-7=xeQbs14WpIIPbUsj$D|u23k!X3FL0Hl4jhxPjg_px<|5xbY z0gI0)+6(i(%y<`alm(~Z$>)0r6wSW(`SiEb$RsYM*jjt~&WF(;= z;JZ%;S?cKyxNn%uND6n6scOKrEt?C#*6$(@qpqhGS#h`;T}6sq?s?xY%oqq&HhF7W z?MD2;K2huFhmR{Jx$=mja7N!GQTBMN>QmB-Ksm)cjMI{06d8;oPvkxTmBnAf{@i(f zs+C5PD|}e@&gVh?L-v|UfEKh;BP>(;)xe8J}pZI$_~4ikK?N`xkY5^$GV}K^?<)>y(2Z@RR<_JW8`HEKu+0={fme*l80~r zj1bAhP*Tnt^5v4#y-vrkO)d5jZgs@$lSq5SaGOkQg>$Ie{yH|@RowFV>5V#j@{UVuYho`E;_}~U$B(C zLx(ToVnzZjJStAQEYdCLe_8vmw}?IsXv1Bc$cIPXrSrw&ulo4rAu=>(1Nx1J@qVea z;ciF*UL>ZKCH(ci4sOAC_1SryY-#26P}S%HgfNJCYol6vmPNcCOFE7FFhM?E&8gM; z+mii4Psh|riwDrw4Qu7gRO(uBPLdQ=&LULgXDHh|?vSev*8wH%oiehN9k)3B$%pk- zZ~R#y<*Fn_j6K}ETh?4@EHrLWuPJxWFxL)Y#^ow*pky^elh(VR^JXBmtW z)=LesE7HA9V5)djGcIBHm1VHHAG=KN(=1<9E!`%pUI7lLgVHO4u}+rMl+0G_ClAw| z)fIENX1@IAT4X-LuqomG?Y~w!+U8<>L{1~wX#bXXvbjxuSn`_?|F`jh({sgCaFBId zcUJpn!^RqnSC4;=F`3m3Nw@93NoAT&W>IYmEUQ*!;>qSIX@0T_Xs*FcACYmAMXn!5 zckD7iD;8@f>!%FNRA)c2CYYIDA)~T-8m5wTre-oT(C4e7_+70Xl3Yjq;GRP2yQTm9 zCx%?rjlPZK(6d!0-ec8NS7?G{$~kjpg%YNRVt-Uf$&KyFx6va-=k_Q$z$1z2LlliC z#o%&8@d5AIxNV*JL9~0cM(^4YaoiBS#dh9lL4tXiu&@^`+x2*YlIo9VW#rGzx58jB znwuQFcI3E|Y@3dtqb8-sV&53yRhbJUS;E37AqRzb?B_3Tr6BP2pP%H%Yx<1*us*C* zzY&Z7kejMWI@VR)n-0fZtCRgGlZ=3T4+&=QVc|1c&A^wuN&Z>fE^R919gD}2zcvI{ zqbLN|wkBeb9rw#Dv5)(MYQvn2y6c{-&mo~p?eg0^r)qv>^CvrPMl^fv_Dn%LAx+HIO3E9tf*J~gq6o&3IRvXv z1k=NX0wsho!_n0-g&=U$0eGTJ-tojz%*g0d>_M`YP)`pt5oMA=(2)@}W$OZX`3Hik z)NnJ0_iRQH^QX_`#k;Gg7CX%xvy#rXB5rw;2}D*BeKWwLxrxr^OEH%+yWX{s)Zd-1%YcB^55T*{g0eh(w?sF<*&#e$0ZbBDZ^zz2*i)YVtG+#p6oP-|XEk#*a*tdE zq74DVTG!knaVrlFXKSzAgm;bDgH{z4{qo2_`cEk0Xh1$7DJ4JLM9E`+Sr=j~YaKSw zQ6yJ4yuOGxfUR1F>RY916%r~dnP4ulH^#Vs#VI#Fks_~#nZ2-Q8@`yEfa8r@qI;N$ zaxTU5oxqWem4uU=j{m{Br#_pwce?W@XJ<}uaR)mqpCns~%yXTG40rbOHYwQmj1PGXt^(CSEN2_^t^XT}p3l zp%0UnsYlbT=Y5kl&UMDt?EPy$oxZc>z5x}(QvhaIy~h~k*fc~!ygvL7VU334wBWu) zGX5sbAWicSODY#t>AcAfEnG^Vj-dfn|daLRix%FoAm3qhn7pS~7dD0_-hOeaIz zIS0l{lyLj+ddo(L*J5RAW$XFvn1`hKg26T{{$+5pB1MsdDT>by9fX_{9KAy=7?_(H zKagTfJshqFbV#I{E!Rfb$JRHaT0_J`BpUmR6oMDQugfY`!ddFLo}!$_zbdJ@JtBNM z;bbYOMAX?V=h)XBzYn`QRUx>CxrfLY($h+YXCY=OZcu9d&HxH_(|F`wmkRIxye80E-X%}ArrWv^ z&vvzJn4G?G5P6GG0Ra4n6`M{KDNM$o+VSa^5sAFsrA2HZ!NY*NN49PcFGDcQh*1>p zPs+56M(JuL_SL+EA^JAYSZ)UVp_l)%fxO%JGZ7)R7?j@JM)!X2tuxH}g5kJ`_Xs}a zHVb*iDF5mI;+sb(Vz8|K5r0g0@oS$cuZ{tlS^G%!*g%#|l#@g`zWq5HUhHV+c!ED2 zMw7c@rm6nW1T4M~I>Rq<(+Q3yKL}#B&$N7`O>cdpd28cZAFD7ffmrjzr3wWbM(b{x z=EoLj|I`9Q;GsKZ=;vCaOp0>Tz@+OAQAS*C1J4(bdf8F_ckhPiBI)4g>gHfATtrEj zBzBV6EbNF>n~+ZV?b6bAk=!p#vx=(vYUf_k-yhyzJ| z>4%o7)FFXQ-%6u#JpxOgR`z(^PUMN{HumE@7JpE zZSWSz#--4lHy}UYI+NjU^K3M87-Y{xSAVlnB8>VoyN+D>4!qywEn~q-R1C{`?jd4u zPhxmbZWGMul;_QB+yoF~NOK^6x|Q&)?ZI-6AwDF5_4yyNu2JNe zgN;j=IpeY?!hf}<0J+uafc*aR@?d$x+D5h#;uV8pw{KR;R3Y4ccd^%-=ltDJ6%FvP zNx+aeDeb$d@AJGm^6+RNIN);qhimDOtU(1f*>6+%VEq$T9$j0YPOLLBE*;l8V%%$h z2WeuE-UsURoS;CBh*sZ)&~1Qmr5ljXWwoyvNY`FXo1cz*FvRX06@XK5QaFn_h48cRywIk>anbPBIv5-)^%ah}I*^MciEuB-l||#-lep zu}6&D#3v3FYp=g0qlk8Bn(joCG}~d+nupVci&6Ahj(zp`DkzScG=rINs5V ziIa@yiM}*263gY=7s(zVs1F|hNm+m5PQ*jxI_wz`Mwe1&_6GEz#D_4y>=36lL;JmmGTcvV7lLZ7=HkG zos?S3=h&__3uDXBv)&k~DmFi2N7q!-vy>ylBvQKbvtAHLx>8Fm28gKP^WcLdm>l3z z*G$Ybdk1v%B<>_EM7uJ_?Cg@L-;l`kO60j<4!qf}6%QHZq?SvJX|I!{SR+J(>pWZ< zSSi4Nz4raBLv8j_^zjX6dU%3^9VxTnoU)=DeXOpk_9oeyK>47nP&+E0;Kk~Oyde*> zPMK3T9d9isE2!j+(`wK&4^Gn#FAyy@d`XDlGp6#C;KsTQF{Uyi+{iFCB!$y!;$Tk> zzYn<2_2VI2^(7(+?XoqV6WA&hW}`&e{ibIy4{YjVFGjb&CM*EP31N(T0E6LlrhCv| zR&ME#84dwgePMS4HSfnC{O(K~&KMiRw<=NK);bI?qY{AodL)%CFE6CNB_8KN3Ys*# z+MQR~pwYJh|9;54jgj*&rGw%U-Gai^5V#?nAhS7;BWmOp=h!Z*mhMcsh)L{W?SI9K z$Qla+7HGake754wUoOsvgLvdDj!~Tyr9uIASqyaJBMU#+sw>R;rY)`>7N!dz^Mqs% z_lVugj`LVm!fYj`r^uJR7)NG--wc|O`A!gUS9AA9q3bush3rCC-#6o=21iD}XUw#R(YP3ww^$69X z>ap1SPKLkPydY#dZJ-8@9`N=>tiF4_R*-0&fPOOC-SGPQ!Qt6}uKUsW!|Tl^#BVc= zoqxHivqY*~L)0q9QgAn}M*uI@po=IBZxc1;73Acs8n?KOLOBYHfB6l0G8JE`YXkmR zTCL>Da)2AYQ_eX{D)|HnbJ)E%9xG<)l{k3h?L%M>hR@RZ>SbiV*JCUwR8l~T`Yhqh zF}m>V4yUYbG%NYG+dtrbg;k> zluLb<%|hMgL-p{vV|_kOy$4&|PYvh_c`VaE0sS$;wZ?IlB*PxzN!;*9r+6dd>IteG z)Vl11ppwUD117#;3{SlsY9Aj}=+}#@&>BfH-%_SEtB zmGoxy)b1muWp{0ZpIEA}d9Ny9rzY;tpThke`f3bD`{Xly$>>jijh5M@u;bGW2|i>) z#RbTh3dx5I#%-7O$V}#FS`Vj>msQ!9@s!1Nf|@S{9yOk|d@$!f@9gjYD5S*XIm~PO ztxSFRx_b)Tiz77cIb`@*+9EZQ+Mi9sdEWO&0b@ID5A;`AI+M_qr+dZ6sb*_HD;)2lNXn84vA)-bcD7@`eW=;~9qQ?!lz7Gr?1P&9_U7;Mo znSig-EZZ!L{_aTW8+Tt)BJ>W^l@CYwBc~yQ&jJq*U2+eb74Y$lu2tS{spn(E2^(4i zL_ZM`=gJ(Y(yxiN!mq*&x&nIqQbGs1>J@2>U|z2?-IO_3Kjjs4UHGgq^swZ775by|y6cyjBv;Q3V{9`ZR-xxk5Qj!c5&yZ3eDD zXIL-uC9#W>53eF|?=KO+O>d9j0t6|G+lhX* z=+idwwboh~@-Or9H!SQlUO`SW1x)~$UCQL1Z#~M8V2gpPiLO}ZD)n(n!mAu~L2mso z@DQr^8kY-!+)YLPveHo3EK})=R58M=`X!)osc9vBruiBGd;SL1N-Qz+r*506!huX~ zo06x_Sab5X&YsTHYIPday|bz{f@r@ZB?|mnizly|4dUP)0d{-???u9qqDi+7-8kvr zRNg+Bn6G}{e;9L&yQvELq zxr%1pCLRhdPQmk$uMxwhP%Dy*oJj^L95407S zeXFARE7%I1&8|(_GvhGg%n7773`T)w-zk^%(DAsc#?!~r}`s} z6uez0R57Bx>>pNz<2H!_fHzz!wQbVSUUg`G>bdMQbKfN)O&KN5*&JGou1ze7$51zR zxY1HZKZ-@?z0n818(Sp5B>J9vW~f8j)hVDG=buX0TX*62Ql^(NqdGv<*;$b`xPvBv zaUdSG)ZJWDIt%m6DkGWw#nkeW_n}W7;Kx*U9TTr&bv9>RBj=>+Zs)jK1-7r=;%jN%vX@J5lxhxmC~+m=g`S>B z=9fK#hs`&(I-Y4CXM^j8u4HL8Ml}Ju-vro%e6eiz_!h7OS*Y%Pm=Z_^cRH`b&fh2F68L`Bn^%lVJvod>P zt}d2TuH5P}VmUf|F#_6SyN#iix1+?aMVrjY`jK{c{VU`&EAHpm*=Nq zI^KK)nX8ply@=QY61Ks=@dUCC=Kk!;`W_w76;&7Uw)D(YX`gIbq@)esHXE-M#<*?lEC-v>kPkF6%}C5N z;Qkg#iZXzFWs(bON)WRc8I_B5ry9C+pvgoTT`#^$aqWM+RKJeDC9?HM*XjxcSUQv> zoUtgR5#1e?Rf$W<1E34d1}7+F zsz~N%9nBJ{Q#upexOXd$L4IIYLk#v9X$q}5dQ=%D#j5F^B0S8g{7@*-_q!`p9a#}Pr_X-p-fZ6JvPi6Va9 zZ@^l&QCh$n@Tk;Hd@KdX-_(brb6v>q5`L}!lKpEaR@q&<`B-r{KiX_xXWc9P*!`Pl zI^pJ)%{QAk{5fR;v#7A0KyC-xvT6|a{aK>#uegl(SxTzga!@9h)s`l&nOl#avsSN1efl9o0(oLYHihsl^hj%QdR?N4@gjzy0jD|be z)`iq?X-&nq<1W1nU8+rq;%4xC1qd3sjupww@(EWtuCo?MNQnuOFiOjkBhh2V{gZ!* znCeeVai`y$mZr zudiq4brLRFx?I*p(qiGZd*m+K?!Q|1VlmpF^Bl)jE@S@Y$SJ>S`tNr1;)!uVyxi9w z2rJ~mQw_q^a?(X1SIgbtL=nT_fASK0&FEO9W9yzR3P=*oOLi6s@pk$GM?_9>w>SUZ zcuW6Idas5)y55SOL&P8=eh%3v{q<>xyVZtS-^YUf_3@85|IIj4XIqyxbkVJEUKLrr z8YB=>lNG0vI%F(gdCL9Uni7fJGYR{Xvi;B4!&yqRmAG@>FGYkNI~x>kUo5%rGb5=a zekbU!N1KoRjFn0d2>yGU@p+PHx_Px*!*iIGh&Lm45`*{|+hQkU;l^pYU99!3U8~i_ z=&N}ccfXdj}&R*!W@);GUck0chm zJAxn$HF~-@9p0fj<@`=rkkU*#i;Hm43R71;Lof7TF-cB{QF(v}-#r4*aOBSt_ zgJDe*qKEg;XFuFqKf8>w(i9MQR}cR%HUt~&U{4cxqv*iJebVHt(vG!HmAvTOcc@>c z@_j|XjoY0_{AVOw7UqMeV>2JEwdpG5vo@$P?j>>oUo9Qt%tNh*W7J~L#n!((( zS=B`1WBCiKa7rTu%%CDH-f+%B#)*-v7L2#&yym@~KpT2i4e8hpU5J}jIo_>wn~Byu z*{P7J!k!T_}S<1^3h|qC6moIkzB-hD7#5MyYxTv+)LuaBn=4CfhneGN* zTg_{p!Q$aT_#)L64EClBf0Fo&$u(6)I0v+Jh_4)ZAzLQ*#?lz=z8r{U^RRv3{_O8X z`{8ZnD4KliS{2q~d=Xu3L4LV$0bT7}03u}@FR-Lj6-a63l*|w#EGo*LFVbNqWMpCM zwS*t~cmHB-x}&g2jZ#{kR{nKo=e{SihAETRC$IF~N^A>F*tR{l7>FMyc7vj$Rd5lS z$GXqeVi(VuFfi*^(6tf0^`CD0*VpQC`+ zK5qpGdY_0x;J&XuY+6Bx@iYEWr<~!uR$#uKR0OulA`LADUYXigh4l4N`t$3bAcn6G z3SacscE6x1XtUUOr_%;WO&EW-2kG|5hCjRjdv#ic1}VM7_yYn8RWA6`GfFa_-}WJ3UoRpOJbTc1$4Hp@@JR8f1}hl zkGqwZSJFKf9v%JH(HT*9FL;t-TpxQeYfuSxsb0a(TY@G-JkI02T$SZ%yx}>LLpi&2 zvF9EogI4`#%&leu1^#v@=v6aVLR~>TAI?I75s;fuT3%vWerhJzC^PJzWO|pgHA{iP zSX$MP3%)7K_wxJ2KdrH#!9fbPgoz!q4uAp}*Ub#>B9IJ3rQr{qr1(LVs!^uA%{uoM z7eNIeZjaP&knKD=4x>{(rH4P$CE6r$T_?ee@Fg0uj;=>xnJOh51B(K*n3zJqk3Ig+ z5UaSH&CEC*942W=r`)kFM@Q?vdL4!BD~GJt#}_-^*c?IKXdB-^7tK_*PQ<&!7aNC! zcZp{et0v#CTsz0B)S4>lX~FXOsAcw{XK6j2 zahkaEVQB7^(+cNfm&R^WP?;VkPy1Z{22h# zK#nr#WD_ncWiI2zzOvo(uT!b4=$GR*TJL+ifYj-P1d4RMqihu%$2kwcUfOgGfMl9Z z$hC~p!)6T_QqUv5-PZD4=NG4oce1*}&W?G%o*l<$Djam(;nj(GAAlg6qZ88MFxEfa z;|HtY=Wvwq7CsWU%e6H=oN*-o5bbeQ?8J}N0Af(s`kRsR`4DiA$({RsD?)0?bT^NL zXt<_3JM?m0IVcnNOBBND-u>QT!`%#bHef6ApZaWdXJIW+(J@A>;$QqQNd`~ffbX~7 zHf?~MEjF?%Kk3HADkj%LTQ(n<0k6M$Aiv`16KL>%Px;lQWv4~g$R~U6fSrRYRqXwi z@}#W`rFE6q2&i&x+mSq8rd&q9V60HNUC&4k>wj6)-KWBjq_7alIh2Tgs5c&iydJ7B z8~$Pz9PDXM-PRPr%RrlQ{E-&K;j#I{qT5@byNRFZhjiAB%5HkxZ(bQ z!H~kGbnh;u0XN^+h9&?^w~dPx1ya)h&yFPu*jn~q-RVG1=+~~KL*X<>5}Ev(7aOf+ zD4vv3WdiotbeSES8-(73?k@u>Kw0XMiU!T$rV^jz3bZ=_*I}HqfN+~Q{>GyVcTuf$XMDkRr z0IVrai58I14hoXC(6ac)kmMhB2wGQ)ZP|Vo#VUml&<5rosun{=tC0vJ~id+ z{>R-nQ6U|d$HRYa<}>;DnP+>0X8+k5bLUa$nV4%6iZe;*<8v3+dJ~tky|Pg>nt;iD z?>vgVXH_b;Nch&<;||*S)^yf)au8jnl5f`Y`)YLX0(3S<09qW)o^m!=n4Jj8E&VVk ztusQEEhs+EE>OkL0?Tu43HrUYsX|RA%@)2fvg2FjptKc1;6g7g?$v`acErdZrtx~k z-wjacwOx0L)h-_C@-Y z8jI4I3b^sELft>d;feAm$joECor%WB3(kFw{BL7uTE?LFITeS zYAxsCk@~HNoedm3U6p4Lds7nj;{_0U)u!nJw#*SCK_!VCaBvPxypiRMlP(u2^e6ml zx~@~OaX9zO%oGgU_RzU+8&A3o!&xx{*!h*hJC(;arxw2#Scz(D(|2}xZyzs(wT2+T zjngX-If-}<9WUj`j0g{lRN!Pk&fxLvd%?js8$0V#G!mfV%9V-N&U;QxI*&+@-)Dy)!2L4oO7);<#~uO2ndm8J=@Ve$M`X*7PbU_|Fo-#<8Ocn zd|yr7#Su;~vk=Fzc#9ACLb$@^yVk>4OgQIh$!8UL%0C<=*7{=g1whSp39m*%i^@^~ z9VH#pR=QIicMd@G0?pim<0-ov?R)`xLZf*?}4&5cdRI)pDGO?jIjGGAmYOo;9*o$=b z=D-V^qpv?07fxnaDt_{6K)v77;NQI@gfV28zjq>QzeQR&-TT$oxHU}eVjG5V;XVqN zuI@L`As4`ru9b8vSTeqpmLd8-L5P32bTVXjQsJ!HU6!|C%wSaWSxFbg%M!SJ605Aw zMpfD^zZ{dUy}HS4D_6e}IQ3JLn7X+Jj-{_u7Zk*YwND7aYg}JB>1jKWAO2d(vb_kB z5&NVp-n+B|NxHhK+okHz^Wo{K3d2Pwg^1$*xAvl_iX(66#bu@F4T{nug`QC@x}fM! zmsIlM3V|VM+Pp#`q2~>{ygpG*?lgignoA5%|`IB5=L3Y=t|X5_rNM0E(VJi zo|0+|M@uYgKE;IN(PavEx1T$*+)}XWNW$K-4@^yM8*hTU$TYE<# zckE629z(=j9K-vLT~|PepCD(Eim6vLkX77$79E|ft-Y{M2HO*&yipyw%FV=BZ=$Db z!IdbK1a0oEXkp_j?PJv3w_kb7-fZ}WGIq{!^2RRvvZ2CUEsr`gTK3Vn>mU9!PJ_#f zC_TDlss`n;%UBUh=IHvR!t!;je2()qoguwFop=Ci>YpEt8?sC_8!o3aONJpHnZubn zlx(63MY~Hsl*STo*dXuL(ce&&{TW_X?2^k%7}24`kFlFKcFP4j?vYORl&7~WR&qSN ztfP2}L$#t~SQhtM*1xx-?x4-_{Sge0;T_haB){@Bt8}u0Li6XGpe3&vw%4@Dm3m*J zX#_(MuT|M07F@#-u``}fIyyv$g}-tXq}gJ1Cv7ECScGxDS|%3FpMy++&qKGzxbUZd zFe%g@Y(_W@xR05L8$^PQ)>!YvDjkCIaV{ww#ftO|watu=hd2y3gex$$jEwPz6tePK z-cQO&iAh@ECD7}-acugHfMTCZM`PvMwfcp&u)%voTd${-rC9iW)X)wVw%nSH*V>-` z!Cc4-ewZ`5paQL}u{x#S5#;$KGWsf4xzLFi-!}{C*_9k5VqbdDAM;ErP~RBO>O9p} z_YJNidk=(RbstjyH7*xm6ZhVd2I5RY?Z@OyD%W7Jw5pyWtEHd)ca=FB(FqC_@* zFW8yYMQ^Pt%lt*Rh})JAL(kT&i~H!OIGWu*cd< zDTzS+5Q&P$p+Cfd&0_h)-+1kMAXxPG#Kxj;Cr}D5X-!i)LxJx?{~xseA08Qg=scbN z6z7_*zIB#ujE9bd7xBoXO(O@HxT_wsOt>`@f1`#_@WwY}U&8$?+&GsX-FO1y=Z3|B2!Np~`fqi-N(KC?@Lhp>E&l6K~3(l0)DHmqQ z>%brx$Lo9?7&V)u(Z}TO-Y6cK@7GDS%boZnc`Yd~!xWM;a$vl*}Rpmjpqd{`3Ym-1IaccNv^doEs?nl!2r+|6Hg7l2X?{5 zZ8(^T{aD~@`&_Rrk-a^)($TJ6Y zO5D?MV4{S~0Ut{j8jl_hk`Lw(>}QERK&!~yw;OWDj7R)E>?-R@B1Xn7gzmi8B2Ec} zS^%k^60}`VbIN+I2C&)Tp4A?D`?420qKm_gc~d?Yg77vb59=S5LpXrf$+QBK?^3ab zFNpTTPvm#9;lmQA^{O>)sSpIFt7XNko>J*6uN=D>r^B&LB`2_4lGZjSpyu8&qsbRn z-UM-LW-Nz`Q4&a8kWp1>Nq9R;@{3x)5EP%d_jl>0!Opw3YDqRR+eM~UmWU)~2Fwz( zwnEsGj3gIps?y}9xwi9sNR{^9iorJ$c1UL>M3mOYLD`$MSxUMZoGBO#K+jYER76fi zpylfrMq5c$jmI!L2F^_F-B1`4AfLOxktUrzbB-;22Hc5E4_+7ImnbZuW*)`uun#3v zV8QIMejh9Bq?as-*=NkF8%~REUqTvipTl&dMK}j6c3FBfNHr`E$P}CLK6&{~xg$qBv&$do#H_yWr?6U_ zy~2P!m$NVC(|eOx7ZG8ztUNaaHbRE>8FbQzL~*onK~dtcIB`|Xv^GoOFyGya3Bd4- zYL@DxZEWnjvVpu`T%bw1<)CCF897_XzUf>e_FkpbR65y`D2qtI$Xl}Vx?1x&8L?!J z;N~h=O{P?uoiJ%~@!^`j&|I0i@9cIkFKgv7{+PlN*idbv!m%g4vaw(g?2n;qt?O89 zt|(?1SuBpNndy#4^ZWSvvGTGPVpFC{E(!=wL z>uh z+}K?DdN*ddl62H^YZX>}^LgE|j~8Rwo54Fk8oX(jUKt=NnEw0$iDi?$PjM6a8wmH79G+Jtrl&9~ZFuKEMnFlpwHOTar9#`No;%sN>3V`hFgvC^N zit~bzAas-K94KbRC%huHkQTRt>V;SQ6Q{t{)5E>1A{?+`@V4T*Vp2}QMJ1SAYn;9o zMOU(ChY^{BaLch&h978{&o{d4@EOk%@eb0(er5c0fv;xGH{Sd%LLFI8r9bs~Pgl^V zBGo``i2ceYFv;U(narE|EBJzjHaO0w>5qKROzG;vZn{x;Drj%4{hI6m;umv)OO&|` zife*is>dR!S@sxW8G5%C&7b=t>U*s|*F`QPGA2uQZ@yh)-}*ZR6T01@r&nN7?8kCT z0r3Z`*7Gr|RuC9 zD?B|Gi8iWs9+&PXGikRLDUQdf%Oez4y!bAlV0wr}V)nO&9h4x{(HHVe*qHKX4RYs0 zuwC0S6*2hHW}zY*7<^V7{A{HXuX30>F2jddt_4cb3{hO*Q=7H#oD_JF*fmLY0=04G zYFZOrd8&&w+}`%RCsYScrG8^W`LnZlOlDYFVovs_+<5&mdqgZIbK8+N^gJPT7}d%; zD$&E+<0e$&z{*Q6dD4dCH#)N;nU@95M#4A>`;6(A_YR^1m#rxT17m{`fWRV`w^B z?IRFXjgBmjBb?4NQ9yp*?bk_h!Gg9^d_TtRA&lM*wKO;-}p2%l%B7;HGdbv_&zTOS!p~x^Bq$zM^q>AC} z3Ujn-s~5n^+cM!sZz!~Gb=25-U$Jq(^zr$Cs0L3}`|%asHKD0_h$2Y}{iDa@BOB1Q zLDwzXpgeK7F|jRUgC@f@u62AGfwwK?hl<|BhUeP3?Qt^0G6MUGr-V$F39;Cn#lpTi&$ z&O&a|3Gd5I`-W0!KNd4*8$@y4oF@3R(pdb8)1GEVYOvtgqcFa5rm z%X;U;u`y5iGJE9cc{`EJJ;zF=U+oRJ>LSg8cGlAHgEe-}Zkfh<^-$O?Qaq5`6?kPa z+W*SVh`aPS;E)Pv-Fc{|D0_c{+_qnCQwiW|-uZP5&M7y&3c*7S{H2-d6REMb^7d=AA8+q|7qBlN9=*yBMB%e|5l`>5{I~554 zCZ`>i35(Ww45Z`7u{7SSLTVDNkawiERbFqsdpeU+IdcAa9sQMqTDtsw5xBg-MQ4iw z3!io}9ULR~j~2fcOO=aKE!aS2kl)cgM-sIWRc9k1Pe!!Fx(Yfae*D6mU7)hHh-Ysz z@CgUj4C|=XZsF&dmFmjUe=34tT2^CVxxRQ zj_98-nBO>agLg>h=*tW&54jR@Z60%tDe50nWkWDZ!p?t-(tO;ZQ8GBLEgZ51*9uS^ z<5yKb3|j8j9|cSrZnLU-!-=a!HNLO=2{ISStQYlryznHOQ;Gvp*Yj+PvwMMgr`S^UP?IcggV$tyaS$n@ACqd!zL z?G9wf{bYnhqb`kNujUbJbBSbs{=B5OVeRP+kN9fE^Kw5VcgziY+*P2i7zsj%>gnNY z#xRE>pLm&*0j;S->9>r!tC6M7Gcq9_wR=#ub1y(+aphgL7}Q?>Jm}=0v7B36%BrX% ze0+U2=dKd)+hak?jJd2a;_AU`@Vqoy{=$c5I>uvn>KV-d4zh(?u^iXkOe~7)IBh+; z9Ia^GU8k?c%}^!WPO!Um#aDiO_444{)U2BTBHdfr#y8-)5dn*52a)8;JQ-eY^4QL2 zv+Ryu68s0AS_u0shx7H?IT18o&&j-6HPGG-G=_GQNFoaAQ*KGhEJvF2xM!*WjU^5A zO;oRMvu4}zv>Z9upQgM)cR|WP{-X{H;m?zSP;|!*@oMBA-KCjohG_;UBD$NTLS$tL?Y^sU{@d&@%3mM}!um zL$$2v(rIMq)<)ye#^+z4jbY|J( zKRd5jQGTu68#(-JPl%dMXVa-Bkz)Arc6nKH)B*Uvo}(=_NtwbTLH8N%wC_5 z(EfJ(nsyW@P9KaCDq&PbM_46xV`H2e&qjzHM=w9-Jg^jZ z-gyKAzfRpHz%0LqwIwQJM68ysFQuHYUM8YU#Eu=mKpq*put=?T;J?POlR>eyS8=z# z(^F7DTudfrp-zS%MOYS~%tSq72GlNf>~iNz3Dq_zl;!*=TYDmshmvq^;{@xP?(rJQ zN|?yqN)QFmh^%Ghv+%THZEuyUCLE}?GYPoQgs1IGIveg|tEfm67L=b=--*B?it4Yi zcGG#J_I-Joq`4IAcONPXK2Mm5{YvY;bbDPqxtdiEQUBQJSxa)8zLo0(}fvIoKX zeiOyL*GY$;YUd2Ag06S1L*t!y7~Mr|RrW{-;NJO&cxwoN>2+}IU_y7(ZN4ViS0Pg< zN0(pVrA>7*DW>hh0K`qkx*#YGe}8b9b;ie^f<^R1iNlvj1U1xJDMrPtG(&|t*{y)l@&1joiieF+y{2@eG#^Jv zm?HV}?VbcUx~P5>uTMXdoHzw%pMP`HnGCd=+n?|2H#M$0H~PEtla{+#Ft_uxVP#3% z(Z_`Sj8*fzh_1?uHP5TgRG@qjh&8wA4yRiWPn2qG_ zPFhTpy0K}&f0_^1`m{&&#CmqsuJ|(C1jZL|w?8}y2KgTiSF(!KhaJS$)6OZW?H4EV z)+I?m79Z-gYNP}Mv#OIG+BYmK#pXFJZHWn=#=e$bCeqeuV#Nni2yxK>ujPQ)4N3fN zAwdVL1yY-K&9E(1`Y?m+9nve>)-Q2lkwY7XpM?COL4t@L8 zm}m^o^w@GX4BXWGe zxr{j9sMQ6ZSC3yIGS%cl3r5<~eR6746O*bTJ$XjJp;`X3O=!_L)Kh=Y;v+$8a}1g( znf1|E%T5i^;+Q`S2nZI640Js$qJGs{R3_1-x;f|$BgQK9YqI9qi-F$>ac0HcG?a>;)!RS@-1}Zs1^gCNC5Cjx?XGlJnM7%kdg2)7&lNE+ui zlWyOdgg^I_rHqo+W|g0(MZ=<*k8i9hAF#pmLELX7f`4ld99ME&~^ zZXoD<45VDm+4j}hkS;cddxL8}SUnGt%0@T*v)bew!wl)|2jS4G4ZbBwU#4J~7ckk_|X@ z8UJIe%ZcjsxYSkvC`c zq7+6tRO11fwFUab>x9I9Ao?`vlQ5@5teL*`4aEH$dKh+i!)$xmf%R-sX+4;Jz;Nvv z^=7MH>34eAnda! z0m@d)2G2Z?CmPi)lBr0v0juaCSz|mwfOpw#C*}KQ)DE_?OFXOJZ<40G$ASWv?k8U##>m1{H|OM0Zv z2e$6>0Y2Ex84IYPUI(4MpSu1tW;AM>D;Uq0*(%CR?8Dt(D^PcZUv#}al)2d%4Y+)M zf^UsKV|m#kb-5k3q4hNKQG3wU>?zQN5W(+G1<6g9GWM`T(NhtXj zKl<}^ocP~H;mGoJcPDq9rLT$r>#e790GRRnD-YW|u;a%2oGMLxh)Z^eRFzhInelmZ zq!j{`VOxrz>u5y#q%PLMS$s!%LtSgCbdRstI5#ZO-4d1Y5osHq?UvXcTK0Lf&GQv9 z#bz$=9lO=~)BP2B3aLR|Hzgb+wZqtA<8A=n^;Xz%KwgE-sG7L3P=-*6Fb3HU9_sDF(5$tO9$WaP@0 zUvkW=iG$v7u*4#}XK&txYvFeBn<>24x$1|h>6H1~16Gf{HIBlV+o}j-DhU4ZOm?zh zcVfYt2iAFu;rZ3c@TqP+gLEo>+A=EkdKh&~wRKIBfP@S3=^35pB)PkQ zsjpLcsae$^hnZB*C{Nce>gA1f67xknAceL;e=(RexyGm z&a=1lAFa3i(%ek^<=aR27>YaK@`PFZx*r|xeyq-s+Cz8tOb;0DT5`${b(57nF@fvo z$Iy4lWq#c0NS5}>LhnO2M z+#M9O8Am?aLVx;9J{o7REFpeL5Q}7~G4-@d4Sq&67r)e>joqz2YmWaG71voLKlRjD zm)m4lo*sLR6>_ID_x0p@bw)O%cp0(PcG&{SMFSE1+B*1?4OX=5Ww}k&9nV1U`@xQ< zV&tO<&nNo+A2H~{V5(6vE|c+x8*zv2OCK$`90t=5rBpvIy=R1%KO}>41eusk<}|4f zNhXQOwrWPvELiJM;gxx7>oqnIi~EJjb(Mjb9hZ(f7~IQ#AyvbP-^BBrh91KJllg>P z&B)znxoY8U<>fimhuqyI7BrV~nwFJ@Mjy9?;3*;`JC`OLt8<$)m4k^aru)@9W6=ujNBD$U5dwP>;WvOi8zBSe4r;|bcWdhuzXlM>`t zCB>{Lu2X);v2{}iWxbZR6%`>W3JP?{u zU*h}`E5EtQ^qMAy82w1{il=F(y8QZ_u>umZYR7s)Q3`JpE`74q%e_5cyjtg(95jw9*u zv}CA>%7UBvaSjI3Y(N1c1vM<+Up#C8KT-@t8l&RbiF5%5LnMAk!q1n2KoX?r`_k}W z{+$QTpmCESxZeCLU!R7!`>WX9p*uq5spTH^DNSH20iEe7v+9)QuB+$meS-k}6&Ovc z51fMz?6^$Z?F0HWfFqtm(s-WR9!9Jrs`dD`wJPP7@>yBqKD$gR$HT1I%74Pw_svGG zX14Yzz1UTm?8NN@my>i#PLeIC5^*;LQFLj5cBSAd97@$Cw8?%k2U0T?})RU$Zng&=@XW&rjJIp ziu(|QwhYTfKHutG8@u~_<_xg>7}hxf)7v}btfV^EX{}CwNRuWPeGrh7G6hp~7lX!Y zheuaU+1!-_{xBsuNbOLsXOw-L); z^3o0$+uj)SH(YQyJg{&7hXX{8HPS3N4conU;;$+ zq(YT%{)35tFA6!pzoSei>)iR|E}c* zy}D8$v?`3~Btu2Tn)p|#tp9r->IdhRpV{tk-?A+wDFkI7iZl)Z_Rh~yrlo zyI}*5P^d(MkqdJ`zT7+9Vp<#|VSqo}8QfA+#nBSdb;?-TvVf)inU@dDc9dKRDGebd zmZBVDo~Wp^v&{M3b&2%W<}<*X5$<(qGYIjr55-AFm76u~Kg=(KDnB}ri5ny*?576Y z$tg?kF6%+I|E8f?A42`&R@XUBWxl8GILK(*9fPRddaX_dSUC<^!N}NRC0Mj-Y;qzU zL@K2JqI=0;ygfZH6g%wt*Jp^o|JrFtm)UIUmizv{XnfRCH<);p(sBQ)(Dc81@qc)i zG^HUAhYt)~82;LS{LjDI?EH3jhY|e4+I1#; zwqfc?6*!~KYH^MH=jQ*C{fmJJBJo>?$3v{K;9n*6{ZD89cPs0mXgZybp@&xKbZ?m= z-(gX(x(pXEx>CHUH|11dI`B zT3r8txjzotrC3z~eOxbk6Tw3ZkdcL&E{AB^nWgAxgtrhbE zo#=1leM5aeJ#w1ficX(f=%X*JNpBO92QUfUuGqgC z#J^HiUwCTp#{-U8-^z#w{xtUgN1vXi!TqZ){*`P{WcuLJz`N3-ynPbMI%9Xy3v1>T z-=s62u)(G@HRp|LNs;RV23fP)^^bygMYj0%HZ{}qg*@a9`+(^RdfR-04{Br(@Gejn z-v0)3=AX9%A4qfw{<7J54ccGK`#f0>5fOR+upRx|N1Hx`!fO~P2REp1W}_HU0`J~7 zVae=}hw1HrtDzn}-N@VC1J?RC?W6DBPxG{S?k5BX3XgK&{_7C_MIHWTpCI7}30IwD z&A(MgG+1np{<EzwS|A1fZweJTb4tIqWgNWqju8H+s`Xmg%F!Uslx+EKwHYZ5YHh z0R6W0{echRI24`&hxj3AH8X>~%t-Q$8$&3TETei8np{u*s;sDV zXkb(apM#r`i%go8{u^85FOx6Hs;cpq=;LYSz<=W!Y{C_iPaz#af$2;CA6h~he5LNP z>TmgfSZc7-5V}=u%mdO9CspFFjKRNlIJ8qXh)toDgXCZT`Zw})b+$38a|?aQ#G3Fn zBl`)$5Xu@n4$L<;(G4#a#74S`UOqRk^EQQ&Wojkgv_x{de6xAL2b%|t?bq$DH!FlM z^mOHwxIGRio!_%R|Bc!JC)TL}1S!*DU+w;UTi<*`NGG(X(z;GV{^(m!zfFBq-;=GE z#d;(17QX513)c2zY)CWn(zhQ${NND{Tx2ShYnuK_DE`%afDPk({I`xxdboc)G5iOK zL>J?STz$K-mho|Sk!j`C4||)P;0Lc=A>5l8QEec>o;oE&H<`wCeg8MLpt%8w22%E0 zL3GjH*zzfm`41!gp9$3IhQBg)dArDd0W+y_*c-XZRC?*#zpYp2kRzb>&ER(sZ_>OU zKOpM*n7-nTDZlMx)|o)xiFiia^6Gl?KZE*LQTRUsKvC+0I|AnX{ry(X-`Mxlm@^3; z58QtZFa9r+oLmTLmVgE_nsCp)AzG69m;e7l1J^?_Wb0~^={4#t`lB)ye4cT3u-=oH ziF}Y3;$9DNQv8IeJJ+tKcmoE7jhA6=PWi}eNio&>j`E~PrdV{hToa#DE-*H1YH@r| zie9!}hKuzjoehKcXa^z|65B$@ozgx28FOZlfrE96ClCd%C=CF#1 z>+|V9@GW+4cLNT3B{Q?!a!9$M{G+ig1%1Ngyo?u@YKxJ`MQd!>+dkp!B3PI9bs@-2 z603fjA&}nHvseIxhubl$_utK8Mj+e3cONzhz}cILN&!%Lm(+qdT|LjR*ZgJhT72Ha zK#K%@<{jk#My1aIH!7)^^}(j4sA)V zt4i-Qj)3WNO>C?fq#eLiC)BJKG~cbHmXh~&^K6hUdh#fBY~i~`a{0+%izihyLQ!V1 zGPB*U+zFFbaVmxXNhT=jeRkc~9$(Of0|V#nJ`?TK>9@UStBRMeoHhj-~=L1YGJNjaZN z^<1nYZxfUWu5v)PW;sH8JX&7I9Zr58?t6Xqr88Sl64FGh!9E>D}UU%K9fPmucVajzLcD4?8XQsqJ zhmGD;+)}$v7>^UKQ$~~$K@0&G-`n~+dv<>GG*IJv2jnWfr8`&sZ4VakXtfAsC;# zesxmr0h9##3zWmwcbxB}r6J~M6P50jvkkKB;O{2Nl@q(Q$PMheq%ZA&07GkBx%L*} z*EZkg1&VlVA{DOEI4t)1UR#KPoQw`_ZTi2k_MUVLS~Fj9^Zb5Gmx~Uu*WRDn#C|oH zFde(cb*K@u&v_b_XS4#S6EAM3C);V`?Rg7a z%fqEyJHTW2JU%|z0He)31N^S49EteLy~D`#i~(HLq3}EH_t!nr_em-m8d0svZ7v_{6EKu zd?N!T9e0SCt!b^i1&xi}X-k4;5F?tMcgj zL>Gx1(BJ{FNbNkRu{5cs5PG;M03fk$4^cFnp>+(D!{e$}_I3YT{G z>Gqio3pR8Bz_ti!n3qOL_NIGUQ%gxKvx>Z9xPq9 z5QU|kc(x`bOvMwN^!uR59~q@rJSLS{7#jxP>eC;KuRKe-DcmRx4AQ*~yKX4lEJSC# zb*N`nLj%4sUj9HAAMbC3s;NIqf+B)pa8UZ@8@AwhR}umv42>VRv-pTsVRi;2HVQ4V zYlI|`qU+%G9kJcbgZcjW$(FY36B9PGz5g@aR=9jc4S4`2e}S%{BzAM(?c z%F=m1FYq(bmbj_|1OK`O_vM`h-A##T|3lf`i}lTCNdVtsJwIt%oqX|9*S>$BdA_ci zCe@~Y+B%83d>JjE#E^TMVBleN0933=bRpvkg=MWh(stst%q1M9v%{j#k^9}@JVeOl z39F^_Y>qQ=P7`vxsxu&kc5ll!7*i+0nFrwh#OPuqLyjzt5fbLA3NCYruZF8wMuXv_ z+&P22rsDL19)Gpr;f;GG@5^9V)D;LA33HuwjagjsJv>PTW!y&TYl#1;be$v)6I5Sn z2^tMUu#6X`ohkQN`RaUtMkkKghsX!(g4k+m=?RZ~yc~?eyBuYSf%PC>(BWlc^|D$1 z@lNri%h|gYo~U3h($y-`JM3X?l4S1JPvCi@r5s6OZ==MQsqmZ(tNvi?vwm8An@U8@ z+lmr$gM>>XO?k;_(5h&l*?p^e=3$#``;6 zc?q;~4g5&zRjV&Rzmga9qmEev1H%490vy$jvn%t_J|>=w+q%KVAIU5PVfo@1(Qw98 zYt2JS9pdd3)qkS4+L8>dhMbKx#zEkW3dT;h)8D?ZMhjVN_H2arvlRFiM=#5gJG33a zLzu{$8Kblic}fVnz2T2uOChAVw>NG) zI1xpHE1~n0y%yuBaOUk}%*5n%$|wS6vE<_J|zq07-k8`n;;a=R86{66DqUVMX6pwG?(R}#&4?1bvDq|4l6 zH%mM5e7AN1B?cu(r^;M}qc{$5R|Kj4PVqmQy6UNLk};um`;Ns`c`1AIwYAn6QXWY$ zMr>_vI=5>B?_T`F^7v#3Pz0C=^K}jmIU2W=aZq@xnIF{N(UCZ~;l;1<Xd?-pVk z=`1x_kaV{J+yPtRA_Ojuvs_W#x*}THt=BPd!`~k%Z>8_RCns%370RYoQSW_Xu6um| z4H77n&B5kKF;C+ngIZ9M4F?#BL(yuf;#8JKOl7-;}kW%c9no^enDlgwC|&SyVwJ(#qz*~ z``|DRU{;v*pYNlZgpj|8JYFAVK4BuAY@F;{369jJh{ffNIMunbJM2TRE+zOs4_u16 zZ0pXwpl!3(X4vl7*-H^zAPhwVWCOc#YgpzzrNu|=6neL@0*s3S$Li&*X+c5p0b1o2`7aL9K_S3gu8zF^R}PSGmb|Iz5sh7J;|v|PPv0ImL(RG zP{peu`G^PK{XWKV_1LpLw%jIMO&XZqRQsD7?9Kz4u6*_959xkSaE^Pi0h@{WkPS$O zm3M`4ZG|$lvZ4^93^^TyaxGfg0ku3NX;WK-;P|`886r}f9g8_U<_>9!R?+Ml%I*{CeA`)Lt!}^?@<9A+ zVle%}sEGw%((j)MTrVQI^x}!7EKLF$YJU3e%(gZMm<}@4LH2~YkBX>Es3CH>(c~a(M00DyH z<8#eTU3{wj0njtcWN~)Zrm(-pCt%9PAhN^}g6gs)C1w|a*3~hKncs|$kzJXj5&o{P zzdKDvq>z$+900B`2)io)eF9PGLq3hKTxe@{uAQ0A%g zsWBQV;N;%aEW+s?f*Ta(L~Z~Rzp=|u@@7I6SVLWQ+G zd1hxLKJrE%qS)~gU^z$|yV{D;?NS7*?g^WZc|E=S#?NJQj9j|5$(2#@YXuO?saBdn z5CU-hU4k)dKkev_pQ6vZ6w0E}wj^r@<;D^_8 z5B_qLKqJ`3J6962UK|QbSczMs9M#qAEqk?5uN&VSx?`s12ff27VHXp_*7)0`6MVC< zO7A^64=34s9!1|NWekV(bg|GI;mj%=7ILF_r6FZ(f9o^c&=hfBG33}lv%0)H9ZzDK zb|0SBXT8m6Y`h?GI|5q1Rw$xjo-oT`(L#|Xu?gYWBp;-I+hS?i~5&x5d1U5!>MgwLDCQhlVi;{$#S@DA3J z1ENPYRg5*5hG;(!#KmHnmY8j?ui(gV$(B875_rpg-8Q%W&Pe7$ zAU~?3zuUlC&sO}>tuB-Jz$gkA37TesnE1lB(Q1@rnQ1g&B0tAv>!j>%#~gW`2+Kp3Va(TjM z%8nYZENzKjLxjfk>ar?~5Jsu| zi(;4R3zDm2>u`Kc;2r_nw=b5O*ShqcJ=dl_`xXW%PcO}aFYI+M3bb=rST2oWSvfZb ziA8x!5a-PKo5gj&pO2lU<@6XKMMk-*|=+#}-*#~+-jl{$S)K&Rg!iwX_VvgLAa3mJ2LGY|l)>hT)Q92f>UaF%!t(r8^o zVQgTdvHB1Fw*DU-xN9+&O1r}6ktmhBj0eVPSpLtp#Fmxpce*#59Cr^wmwinHGmrJ) z+67q9(3l>6vC>qu)>p@S3(W>@)T3BKRN)4Ttm~e+^Kl^zcB4xzw|v&Co1rz19d({x zJ>XnaHcSWgJtLnHDe}vCC#%H4WySI+QqMRreKvsdv7C#mbD#%8dWuN>s2&zdUw(0N ziv1$F7R*H_U;MrGN(b8Eq^yvZcAyKYZ{95zme#u!t)|sY_Gxy&<+@MmF8E}KA~i%e zM9Xi$TB`p9IA&5}$*<-`xcXX)S^h__%0i1yPn{O@fbtsZO<<1CVsg5R2ajEM#PP1k4y=x)X$hF|rakPRZsx+fE#{`<*4*=&bN|xKx{F zO$@4{gAE4VIe?Gz!1hg6PdQqIo5Nq6pOc1kgM}$)j1A7aoIBi+Fdv6mc+WmMSugl| zd!+elCGa=&sbOZ2>n#+2^DxzA=XNAleZ304yLBI^%qn_CFv*SG#c>+50onK!9A7gf zPp-}^`ZO;ZDNaYUH-5)i8>3K3-mW9mv$6Ye}OUaAx~SP`yitFCED(qbJ_J- zPxDAAjA#7m6W=l&f{SzoKc9s41>Zk8{*xOa{})+r85CF8Y>g(6;7)K4?k1_;4DxVyUy5(am7_dy1i%X_|a@2zvbpIx=9cI{pDJl$*c>ecBNQeo~>?}ljU zWlSegr@sacnzDsGp-_*TUZTr{74z-=avQQ*P5ffX8Cn3{`5)P!+O{nBux3osUS*h@ z_zVbC0B?J%(fQpx_MpvFN;CBsRZb0)!FqRp6JMDYDE#q1?5mm*nnnCeQ}YP;c1O*) zm4MC`64`UrD02ywRNvkr+SgifxUT!M`iBsh=zzV7Dr8Y%5O${-4*OpQZkx)u5kE7c zR>-u%H&#i*`HHo7lX&t=+$v-`#$QH_u(4}hs!W84#!A+oas3|RKeb0cUXYhl`BYfh zicQs;-5dcCvWS2m?6H}KW|Xv-BCy_b1b7wZ-P1cxbXsq(>u@vX1#NH8%2>e3gw6Bp~I{Ir-(P2m51>IBgQ0!{IQ0?MPq1sAr zAeTjT4UX<2avcD1b_`J+5X7}QV>uqcnA4wR2jgY02LEauDSJ4||Vy2xY7;z!*|39-Hsatzrr~;Mq;9jfz95@TNXFE9Y?ksp?qI-Q9 z<00!eBIGen#|l%w1IxZ5b9+?vZ=l;)y9L8;9GFj(?scUy=Pvr_1}cyMdiNiXhg}%+z9O_1k*V!t)OH!ptSm+2!kbi{t0>ZfkbZ7Q=UjQ`&Um zmq>_!OP&^t5rCT#6^WYbEVOlG_wN4J2xPHS#__FZL(MJ?GjPCBIc!M|F)oW9wDPc< z`aIql?XZ!q1sXI_FytvKj2hG$+MO+Iaa4jie>Y+DUi$ca>R$Z8TcQ_&ydj*jYm z;I&bS2VQkzow(&x{E_*d+DC%Yp?QHmo1$QbKYv6Jl@60(4qJL0j&rx@S3TXW=-wq=l2}+0Kn3vGdcHFlGrdjA-GkSnFCnhZ@_J;6 zU6Z_txm`t=PNl?t_i&UBx4O?3P4KI(1NS%GE0AYo+8VX_=67O2wJx!wtK(y19sWPt zWmPePU#7ar`3+r8hkC;Z1nX#*(KY9{Y96}MW9WL;$zpfIjZK&jT5|IPl9XgLR7_cM zu6LEa%@=wmzGszJngCX;%a6Cp@f64pPPHkYu4ZBr2-XLA5=j=LUhw+{G;n zc<^`5%-~{9bz$AY?y0HF<@K9Rv^`Ba2CcUXKMGgxx;(u81;Xm(Ja# z{KVq7Y$M$8-wyon&$*gTXGqUCc-EJ5g_se4F3uAMj1n(o$P!MQonALGBI)B(d8kpU zF8d?Hj%a96t7AUkd)+HQ14>D0rsJTL&4lPftrXHcxg^Bs()uBvhPJw@*8;0qA_u<`5C(@|wUyg- z5=^|_g)a(17Oy%(TV(3Qx3-aojuy6(MEvh|-xoNUU!$9CJyL05z|a%0?zO^ps!dvF zC@L$*j8+U{YOhAEue%VBo_CtFjw#L>r6sZ?;S6oRSb)LU8d_PWan+NG5`U~z z96KD|?c3}sJ5FlquTKp-2cw`Xz)5U51(%4kyEAssw5>Rj)*L}-6XO))by!t6Z>^e_ zLUal@(+*#y^gYl~(|ILp-g@>-C7k63S4{I@K*aW7pxJ~S($fJ+Yd*j6ytGfFBv?a!X=PsC_o={(!!m&HcHUkNQJ-%snNFF7y`eQTE39hL>uUiyf{i$DOB&JR zfoBNg7Yq*B)n#@+60~qhTig47lOuPEazmQZwqJ~e32P0<5w7i17(U6-u_V8n=vxml zCmihDK2?Jf;zoN3ThGI@oYv5hfbkcbS}iokHyi4>t#vdLS`qrM4?I5BZHcrgV-pH` zwD6DHMc!3I#=K*Fjna}U#DU6CLp>k1(_MjXvjxLbdZvL_6@aeb7V#IOwKj2DYm`;p ztj%q~dqhx)A2TSHY1pia#6gZ-20J)Ig@v{2-K9u7> z(H(U0X195H5xkhb5OMv$_}t1wxtvKuRZn%|<5dG4+)*?faDJKHnh>c({Rnqoj#P61x`PaL-)0D29yDL3Xxthq zbP=E$|6}W}!M&XOuLcC96=6{Z(JmNP7ggD4Ub|}nv5NmGcR+q;9fAIg(KPa`kgG+gx~?+g8ame>%JiRl)G zOJBIgY#0CYkL+MSIlb$OZWQXpm;8#Oo2v;gyw>kkw&FT|G{Sy+oXv%SolyjFjasR?fMUF#rMEh(WXC_S7KtSin9@ESl+9>e73{cN-dzx7T|lzbEkb)A5s#dL}!BoUEvUKr{q^tql2IqTm+E zm(b8ZwMWLK{qr$7+r#f(5Q5k2uZ^|JO|-wAz_si@V-lEdm0&81ZzH8E1MS6-_G#ga z%gl+&q@6DN!U$W{fkK?UkrCZBNfj5=j zm#fYf=%eKtdpTrV-QI*slV?#q5b{w?VVu%&IIVPN@P+jP8&fI;!Blkq?_JxFs@hNR z!Y`jDB7&V_?zhPFhc@(98K00x4rGGb&YZqbM|{D+j7{R5=v8h-69dfVUoE0_Kqhj# ztDnywDn0xa5TzwrI+kLGajtjRj16SFZf;Isjjys2jHj0bX8CE%Y44YT!@17230Dgr zIn4|$EAW0SkHq_Jvgrx4B+;}zhSfbyumx5u(8)zZ38AkeCztsmT|5S*4O<_0RQbNq zQa@BKlt_K#L9UWW#rrr;dk{Kr8sdpbAB_Z4=+com(JVCHh&lz!+Vt}m0;>kS8nYjX zEh=AawOHL`Vd8yHj6iK*!O2>;c_jfVXy;;XJ)?s{)&p9xy`V&)zv-%#3~(E)DyYlAuw-G zW=I=CRi64=@B>^VqYlNZqjqalb)l;mjD(~AelCRAyw>%_z4CVy!*>>h#Ft(WjY4k> z?*yoiPQimand0qGse^iHErutQib;8@ZyPh(Ria8_SDRpbX+CEG(?)pS9R2Eq8WH4C)u13rZL1cUkc!ab?s)Xdx9Z>(4B; z`b;~&$PeKOabQCQF0f?kG0`BKzkZ@z+` zp=DcpM{pvn0;Gh{e46qPg^7>HIopW_>VNhn1Rvd^dq8(8MSncO6+}@EkCR#*&?)Lu z{**WsOX{B^RbqaQc*K3MTW4l)J7)1*DHQbo`HcHnY{j(RnU#-*6z7oLKno2uwAd_` zp29kwPU7P+RtCODWm2wwbau4SOIcA(Q=EJ`9k|Kwltq40^&H{R@RYer|)0 z`VpKO(hk(kgb&oe9AXfIo9mHa8#zh|G^X(LZpv_ z&8UKJd7}6yKH7JP12R>pt2;_JXnIao2j*9rI|%rPVJ&f$Zt%AhM@>rn-;SKbSZlt97Zd8J!972o3XqR04k}=1aCYlf>;2&&!y0oV7B&2O5zVKa z+zDpTG6G|2%HAd2N~*&(ioy*Ct% zsZ4!e)>cBxl1%#v9%@^eza0=7O!EBl!cHqpjQnh~HLDT#c!hO3N-VX^$zYkiiAEI5 z933mYt0y(k9{vaNTKgrlMK$O&O8$_^;tNuNOGh+ZS)S|{&NX>Qq7!R6%k%vYClrMB zRvfh#eAgsoQhi%p-PjPbLcUnuNOdB%u#!1gBx3j>!5q-{sT8gCTqTCcJaN@6?JvIUm}hv4pkN zL1+s#;{CJ`djwaRXQjwRy5cN z>U%Zu?CS_DB_B6e(>+W0=$8#Kigo3F()U$*_?bgo6*1nAG;jC1_&Vuj1HF)xlwfcp zkp-PQ-7*UJSLld|Zn#p7L7i1)n2}~IA?o`j1-iOm)qT1`G?GM+n}jUi0f9NUS2>YV zih7jni&!xbnewJy&oqB0PrPmX_+zod!e+ezDURhXr2Bz9J7??ejjVl-}8c?hH? zD6X17)mO+uFfG)l?l66t!}cR1k$c6Wps3Wf6s>Pr#=u%?K`V2X2OQuowH^3;dq=_O z4!&P;LNf#dS>%~1(@3g>mrANheED%6Rn>`y&>~_lgGG|aR&8y!_RhwjOt>rR@IB@2 zq~cP;_nY@Pr_B3420cBa+ORpFPax2hpqid4WT+?Len|456-|GBVgd9Nfb=D~@o&%( zr8M%1(wGaQ#sMLtNW~fl*@}ioUwbF9xf@9@W4lT%Z|Mi~s;19RZ5hZuf@fR*UguJi zkRN;Uz5ijp=6=`goF@z1w{3CyeI$>Rt|Z^;iLIhjm6oen|1O!)mfM3P<1R~EmbJD2 zn1p!uDRhqRXVv$lAI7TFg8iT8U5aX~hI2VaOiwojPWjVfXNFDbO2`5dQUo$r0dR*u zO?Bc!ub-QFOg+*Td%4+Q6#Q**wwbk++#j%nmz~jAFD7~r$CXm*$`ng>U(|KJroM3W zB$UpVSt%;bMOeW)<|s*B(|Pl&y0{zkjKg;M*-U)kXY=C!`g`jRw@t4zeW*d+amJQz z*Z%*{djFjQ1O30ll$jT^dkD0)QgSgMWuy$rKU0Mn)H_p-<5)d_&iE<7&zH?cfvkBV zAA_6YrBSbce{S)2B{#AqR7`at-FTA0t+PzjP}ZQ&zVUso)k{)AuHVGCf4uKmDL^lK zRL!g+{IT$b9@*R&!o$HH=($bk<4Eu9lCkjhq)*G|qItMwwx6t?@*oaYRKns+mBPdl zrO%hifClcuzjup54eLLNdNej5-pIyC_3-!S7=75Re4*;Lx`JkwT(MEs z!G^YdS2*_r{&syrx=;2y=FpB0Ap##eO&=C(IZ09ux#oWsH(rhu=Ju|Pv3_vImbgV5 z**9=za?WR%0sqf33&avJT!n`={8wto_AQxi1YfH=m&{49=c5$B}sd zlOetHCnBfALy|TtL3}?f%I>dp&22nLI-*Zg>5g#SK9pntuD)AsJ|CvwW=zVpv9sVB zTW1)a3Fq)%8nAUD{6Jpk)VL1w7IvC)(O*{t&$n59?5?RXz25w2gD<}h4-LiIKEfM= zF*D#NhK#v{#ZuKNUQRzh??MH?uxXV#6;+?^dGW6(C2b(Q%XL0^c=oNON~E`;5Hk^M zZxFC+sRHYZr)%tQX8!(*X=i&(Q}RBNgdA4KZIZzg)Y{)?F+#cA?v5`+#7d9RRP3qX zRw&3PamRtX^>)PH%3BGz61&_AnVcsx*=)30zqqs9{`i|u5Jt$Tq?IZ%wMlY-LbN}{ z%;)!^+Q);`Ubp0c^tY!WVtaW^Yv7zZ+bzP7GAm*9@>Pk^WE7CFt2DPa1C4o&x|Q#x zSN_?9btNd4xj!uMmDD1mZ0ZzOJUoIvHc5o69M zQxHej(BdkBwjy2M_xwgi{gCy7A?Q#4y0Io)Q)%`lAVztjbqha05qNze`+jnWld?2Q zbMmeDQevCt97s}|Gn{qqA2C{%Aio$Hm6CZgHP#W%9vvMAYbKf<)*Kusk!Xcp> zWF!JC^2NqvL!r5~-Y(ghawJGjNCZh`x<@e&BSG=_#kmRMBpk7N-<{w=I<~7A2^et# zWG3=A7S^dy)t%`FBdWs29@8#fn^6HJrzV8Z&!Z|L(Hhed)uwn_*1XbZoiHco{NMrmltbH0ZC`@<{OzxL!%m$}` z7imr|w|W|IdaWg*3PFqeU+yQEt|!TJ3hk%G6UmjlXj>)p#%dAW`zMiz42q|H89pVz zCtKF*iWx-TGcQ&Td{^=(O+x2E_uK(s{6jBh%S$b@2UG9ok7nAtCOF1-;nWU5^X`Td zNoV1#MOIaE{akh{$Zc~-ThjG$_{FAqdtE92_hR~SZfTZlo+@nZV)DgyMWBd?5!JkkrHRrf>Up_GL$03HE8U;VUgjJ-aklmk ztp68w>*@ab(RdH#Xyb@BHp;UZ=0S8k!}F6`40DNzN$4LuI~xg=z2B8eWJkZ&7GaS| z^%%m1qL@y{=om=p;5np+!T_uM#TB42k3XxT{|61e&LJfJ8t&V8y%V>2iWAw4T)1+q zI-TFIv=}WdFjf=hu%tVKb(UFg{5rQ@i`#MxLnjFGfT-7SGpSEU+iO{BbI5h8{*t}CVs73BcPCv`hDoYzV%2ndZ;QR zG3GYQ@uNObN%r}U-e=P6(!ph3QAO>RDFgrRXFJUp93|jQ z-F#kSW2!s~>SPlkzlm%G=+&Kdt$|_*Pm_Iz|JzvK;oDM>D^+ynI z*w8#{chExidKha3%D2>*r5j6RxK?D_7T_AKjH9qQ)#J)vG*d1EDxAX|*fhHyQuX8n zi*!!@4mw(Ff1yd)2bbU)b3M*)mXFuK_rAH^LF4|T_h`|gr_!B38vgXo7h` z)^2Pf85;U+Z`}v}IJVEdO48*iYY?A>u-GbjhZR97C6|Jx-TXEqwDeBf@lwZoJ@Hu@Pv5ru9-&o>_I8=0KX7r5E}nNmwR|oe za}>a?m@h6zvf_Fg_pVA-;yOB`@#aQl8ar~pGepthpD^M0DiAr&Sx@g5FAQ;=n~cl^ zGXhlg2ndOb#qu*fxG0Mo5C`Udv2k*ThPQLhsNsX5jLA^k*#(te`LnP|>S)M|{YFgj zjxOe3>mSpB`5s%LYaUQ#P9)1qvT7IS#x9{43r2-rGItf%V#95Dn#R;vk)#+|QDYch zUfOxXdz8NMVccF!;o0whML$ijNgsY=bM!mhC7k@J7KzI*go=8AY5uO3NM$b!Z)eo~ z;(0qn213tS4zXvR8$DEh`13y)oBsrxGv5sO!tZ|GOy46}b53l=;JpG@avtaUCl+2q zR&vbk>i=Y93|;U1;N;;6s}`VK^&mIg!wDkdd(4KOE>tZ{CQ(dwX(Tl!84tBsIFrc@2IF z55J_N-0LjnyCBk=U_MbDrW6OXO?Uo|sq`!Emd{my$>mLz^RfI7U zsdCQyoWGin-Mrb&`}lRr9KkeYruL~?vbIZas{L+E(yY&kb1$8$=0PjZMrM$@Vb8@AJ4*?ck43+)>v^zE2Albl6d^G@15yRPm#`$n1f^k(!CbcYkdWAE;m2EZOhDBdt33nOJ~06euV8>+)ehBva}ok zogsGD%WSa6wSTvuo&Brl^J)AiDk~b#bfe!_CTPymo+~c%`MG6C<|BL)<3IR7Q}fa} z0$u^v&aS3HZ2;DBGg*RLsg=zT%ctGyCPiW2Kf*^pBA@$BFBcCd;m?L&JXrJ5@GMia z;g%A!mX=alqX3dG&>@9QQGOnRaixp5jn0<1u$|KVk_^rt0dX4eDyf=nAR#}@?3XJV z!A@?h-qCVBH%l_VM-j5kr2ItK;#p7D#`@wNPFIrb!BIXSP>$OFk;_3T)Xv1?vbi}-UK#g1FkboH?{HR?-5bP+3Uh!q{0w;mFb9joQI!%w)q7&e1aYQ;g0NA4;P#0A(LQGir#9d zNJmPbim7U^;=jJh6^1NliFH~ufa`Th1XI3vt3>L+C-CxqtwMr?Y~VM^QN~L zwLh+v$@8mQn0Jo|9N2mVt8OcfC=HHedEdQUDJASE?B>wa22fhtVHDPer#>!9nW9qu zf8Vf*1QXS7>TS(jr7Js-jUKx>upr!LueTihrX=jY7X9|{^ii;Thv~LhmHqAz5^3h` zjhA0N2(Dvzv+K8Lo_{2ya$XbRt-B@bPK`v5(;bYiF5W~6R$&$eVG!YkhznM$6KQsM z3kWC<5En^V8sDLq|4BQ!wLw}h;5zsyVWY+wR~KrH&?m^e$!`QvN3&)=qADVOW;ik1 zh*-TG+AFMg2+HTp*TCk|y=bJ9Wt8+X!%i=1bu{?#waG>+P?Be2;JBZTNs4V%^pmql z?`i>|il%(6FaDl`u_KJXz+m&uS{{!hbiCb zh!+eROaQE>uz>LFa)KYaWJ~|}ehx?HD5kp(Vg$rWx;v@N1s*w={|ZlYD&cILy$e@D z0}C*O6;8bx^mSC7C;rQ^A!|-meyCj^RkLxtzH^EquKgOL2Nw1{{s-uI*!O#mH9q#2 z9GYh&Hn%4OZQK@qt&Exq@Ev?)pPT1l4|VHGl2Yjf$o;)*;BycrvjP z($1tiX{W8BE-G z)@1q!u$t?m+Xs;fNHXUkg;&RTfdN)c6B(yZyn68a0q5tU<|zaf??dkmrXSS@+WXcb z#B~R9jsk)Hc9kdx7n)&Xywh(-(S_4sX{gGEIzucYY ztI)xUDZDN*<0z7&i@z{KZTB|}-u|Y~`h~VI@g}nS0X;_nB;c(KShLU$sqa7zdC!FxWE^5wmDZ9o*%5?byLu?^X<9oIA51RR#U)B_zz|PF0e~ zZEsIu-{LK%8~5KA98!!*3nmIm)9|Tlv^Pv-&C}(h<$w;F6m~{ht~t>*?G4LlEqZTr z==lkJ#$#xh)VAC_JP&OpU0r!WzMIGp)j0q9znW7$=79mPC0>j55BuT+&-J~o5OVRz z%|rWQ6iq)KVg5A!vjYQV3Kq7=ob5{A`sl9-X5*sIk>Xpn<7AD4`1u8H^^D|q*#Fh+ z3iS7ekv^aIleXB;6b`?$OnrLMzuQa!AMADB?}@~2CmEa4{WYCY@^4#}UNYpb;8x)B zP=G6|FNOt#e)hQN%m>;Sk?I+P4LL-ZZ5fPF)>Xc%qsXFGLis#tNF-U3{{EF@m)8c( zOMI@E$}326odMQmU`N-PvKLb%N>pE(Hmj)U-W*_~@=6I$6bt{sH)ku<=xas6`y zGx+ecvCdjDR*8 z1&#!t7Z#Qy>U8&0y2ka+C-<;)t1?-@kAp=YDWm4+arUh^Qrco}m zz@0Id*PXhSq>UO0_dmIDl>K?h&8d5~8b_C|IgPR4Jj$}h7q^rJP51Ye7|XMa zx^U$Jj}n+i=LCa=J^2bxt#TR=BLa;I(l1JlYW&f)M}0BLhf2}5o8y*}Yiz zOy9-~9*Z-YaC&Hk9pw#*mU5N;*bU-B*%lT-9L}Xnh%@Oob5l&WbHT_v`Q0reHA?9d z#@{{=K0U8D;@AU@tW@yl?B1>WtFPXCFQFh0KGnUB*61xBJ!A1S^cU0OMpqtWb1j&9J~HgTD^z& zf>MV|O(vkO_53=+iji|M+^Z+}y2;d9;K>;tY`*kW-A59+$bmrr(bI2=JMZ&`iheAk zCBee4r&yEOyc$chaj1~55M33+0O@|Yi2gJ%UD$NIK0v76pv0`DI(@Gkyb$_7d)e=` zMGjpc5rFYgjFE389Q8`EprYz?7MItZ>NT7D!ivYP0ITei=T%DkW&MtJgUf_GzinIF zQ6aTwi><9KVu~Yxn%-cLEGaR=^(ri`9)RCLF8<%lh#W#{YTEamlE7vn)D)B>4$g-I zKq9@JE`NF`lkGF+A&8E2gY?GTh&tP0H%R~kh(r7J7=Vjo`DCCBo{e}<|ibZF{g z)~+X#p?ndgdNyaOAt_}>>fyZBP6RZk}PGSw5nB8L%^;_#Z3Xl5zRC&nh*fj8yb2iM>UB9YbDw=Tv{ zRX(wZaxo+4Yf%@M7uC<3AD_MIv4e=%~_|jPu)DW7iN2=lmuI{f3hXfy?(95JGrt?A9wA_t z7D_jtT9i?vJyqY%{^t5$ic}>A;ip5y=Uab$f|(+8{{!ad=PZ{3+4+!D^b$)kSZ6nP z&E=lKUQ!BGi}bPCvS(pMVJpIEK|$Rr2_=RLUO|O2x`k61UULb1Yno}!(}XPQBhKRl z{pXjda^Gp%S?u+3Hy3Hg5E={2*OMXr{^+osC;zSp-mXT3a#-%sTs!!?o=<|k-Q7JC zWH~>3e4Q%{Z7h*zLUnGORTGO8L?q9=k5C0K*Q~pp69LE08yhjd#ItyXCFN#3h3!a6 zSOei~;jJ=~1W}(+xHfNAo-VJfrM!wGr}D_~WR-Amw?3Qm_n^%2{B5fz0@rcZ^LISg z0`OzysGr`+UwBDnbm069)mO~u{d?myq8U^RBFFQwJID)Jw@HmzM-TVTujf6!tZ}mo zWX^U&AI5ImQBTA*i#cU*hVv--f<4HRfv1OLT|N_}T|SlUi|hZB^jq$&c4!!1Z;EMV zKa2Qajvg}jVh6xZQG-7gIsWtLm7frlW|TiPPHJ~M56RWNvym1LPWGH`?V3-?g+SWx zx9^JHUf%jA)`vKs(iPWuN;Ix5PHaR8OmCpa=)ufCMZmLm{<*ao=ASw#NhaB-Xcwxsxhi zh3+3i<)`%ZkqXM3^FP+alRh`mO$gsS0ZjSUeY)QWl;f)rKmKoa)s8f9>E%y{=R~Ke zyRsh}?ws|MJgYt9zP5`4zPE+n2&s*O@m^0?lt^29QAIF-c+KbXpMT|$6PT9)e&N3% z$>v6IfP(BN(zn~4#fPWxOOZG@b}TQr`6Zp(RVK@2MJ6A}9dy7-Pg7j+fo z06O@s+uI$G4D$_EpMr2RqRgtz7GLmCFFnjwudpWJx6#-XFn&f$ewzKboo$*fX zf!|a-g@vEzGVXQchq}YIOhZIdJB>1J!zjYnU%!8uZTf2seq~cZYQFM*=MJ6U8s#@= z)wDwYjWYH=Xo*b2k;=zLAT~_tr)BB%)y@e5ySxxr>SaEl#O4;DO!xg*O4%0G|IRH0hZGsz zhQ@J9%BeJGD21x_eTi+i3o-uETZlC^oB4`nnt3mg_P{KVP)n8|X?+Di_cEIcK9NufRYWW@pd-G4eeXes$isDrL z=qGk7A!I&KJ;6>Em}?uIDLtomSyeMkD6}*6XsL+AS&#*o6>Q$sNnqV!v!$#7>3usnIYmv(-q3xTL5om27v#Y2Ktj6552hUHgfiLmoW$&+Qp zDG^tM1T06rVb}{&>e)!ZH`~)Q3?mT)?DIqy>Cr-&Psz5c5&ADqu=8Te9C_|=N%#+7 zI{1x4HEh09mh)+6i|PWZyI5YxZaom;`8J2-7?Wk#~(2^z3|89I3fA_#waDGRhHzPas?mKFxQug3gy=omxD~u zQ-Q%c==uChWD)?n1=P#Q?h9oKq(w5qMKYu0s=>JP{08s8M{4JwJ14V^^k{EV?a(0} z2};9#IVaJLS@uW0gR<|l+oAWXAooqc?XZC8=+?5F<*LeOzV!J%{C~qyMyYc>!-2l( z#wzsugvMVykNX7{w$@j$YZ68#W6068EQc)7@$zPYXA}7@jKW2^{I3zj z?wbTA}OD!SKO@czF7YowL(m*OPst6Q2$Cm)xd2%mHdw3y#_V z$9{&@A%ItW`)8MZbv7vSP!sD$D7^Y-!|ZYbxdiNJ!yFqo^!8=ig~u|Q8>x*$58oUg z54FWPe$`CjfCK-xt3>0ct+!`n(nlzOm^p8TCI7E=RH}K3@e{pY*VUEj^Nuw9o1BYjAO#&q!vbsIO?v z+4v_Lq`b1oj}xyz4%JDeGUXk_gOJAiVM=62^F-9=FyF{~775A=>`>R05=OwPP7uTKeRj1w|-f5ej zI$>&9e6STe zHgY+-kHJL6360SFJ>5K7*@@9)K+*L)=jtOlL2$+{`DAjs4ZYvez%x`U5h8AAEEyZ= z)j?6pF-*=-P(n{GL;7FE2t1Tt%?iHK3`{5R^wpBSo z9Y^$fOW@~x!J)qhe8gFuHOEbSOnVy#j0=+RhJFR;`<(WLp`-5Esq9)jbse$^CH{jJCDd)CF+1`|5~aj$Qn-^EIli@*8(sNrHKF2`QmG?#v; zNeETkHcX`ak<}`s>jP73`wImZLU5hvHH!G%CxZ6tFIo24jc^Lwe*La=(YXk7&M_z7eaZ?%#jaoQY}cKsgmijdEw5&5uMLJH)Kq{!~=4 zcB$K(;`~cju+1&*d85BISF@HJt33HLNI@;UVkV{bz(hD!!{wwfAc@10m<6g5xU&|M=0SV!gIx2y{0^Nd1O`DeY1(7X=J2A{UxJF~dI+{Grao6+or_2`; zJ6v$~p`sUmvDH~j?Bq49HSsgp_7Gwu0zal=V+M&4PHHeC^@a@)YM!K;YlwT^fooma zc58UtJl_6pz{fafCgTUAB6kit+`|KAmDF8os`0YMV(1vEMZasE?dC`{Wi%4;FhRHN zO5yO_^?Cv+wfM#(hU=0)cAl1v_rm5n*4}TEL~2SPN5@!-G>pBArj$T~v>$5Y^IbXa zyGP$_2Q7}xq)T}wYS1#0y&QNo1UyMl9(SR9Tzj>wzAk9_#5W{A;uB4UHTXC<{&=@4 zlAS+f+TPF`bv*lE67YasJXo8}C<;s9+ZB6jlSStEt`WBNW{G5U=^lQmL}*Mbh?FQV>Zw?; zM(|pDTf4DiG%Qp}EP;Nn|7r>Y7X_FQx@6NfO|1Go6VR}~?_!VzGBf63@M}h*?eA9N z*X1UhF8-%-7BBreIU=<|n?(?MguTgIq`)Er>^c5C?qI^Qb-at@OY*qfSW;P<<79J? z!kZT`b%MMthf&Mt4zqD9X()FyQ5EhZ(@oI

    pIf<>RBzR+hj`X3H~{k6=Vy`+q2V%dj}QZCf}2f&>c$hlT(lxVr~y5-gD5?lkW1 z?oCK=cXxM};BJjJ1c#;x?jP^o=bZ03``q*1yMNZxU0t3_I6;PCg15DPtynCRuIItdZyAQo3Q)R~LIk-t-CmWbGFt)0IF4pmE zrgT^DZ}y86QKT+Z_U;j#%>NA$4+2njvY~+Kx-#dxkOM zCRw)D6{D<@5k{PSk1u~~m`JN{!jztuBYl#6uZz|HInrqsG@F5b75$MRyD z!Zf2pV(e1b`^Zy6PjGl$Xlp8`kPhFvAbWgxG&%x*%sAAWU>t1#7iOKn>=4w_L>_O# zyl|bAT-XL{b++~x2X-)M`tZ?L_;I?rrq{#DpcR_XA7ldSo^&{leV{OEl@^k zZ*y?@N7AoU*ei|6O?XE2*^?z|0&Lc)T`#%x&HdeE9Uzz%4DFrSZc?6ev|d}7jQuc9 zdMYQcZ!UR(S)dPxUr9POQQ*2Iun8>mwM->vabWL)KS0Z6nL$wEu(foFV#FBs7C;*G z5Ek^JVBplbAeWMQ-urw@+dW2~N#B!I7Gqnzu~%OKUna8hm_1%(n*t}IKhm%&!n0@U zMz>jE|L4dOE$_H%phPAC4Sn*W@9)=_Y_AZ!AO8<38<7j7C;^C|(_l09gd#?2my7FWd zcz+jl6~@6y^vi6kB0g>N>7)0A2+pOup>(d=qp^O7&d7UKSH6v2Dm6U)-SA10y)cQn zy?2Zlhx5p&{66n@H*x!jR!XG(zSC>nM{it~==+U1{*coRU-rk_BLwfdZsS<;1%^B_ zp5M@$LKl5Anff(q&$`i7JHm#FsD1#uj579F(;w`CQHjOnDgTxlsywpg$l1xz8>2WB z*ZQIB!OFFPv;6xh@3XJr6Iri*GyXGCw5vs>vz)MQq}kNM?x#*Eq4H*?ciUH!KAo@r zT7lPCz;?*pvpd$C*y+h?Q&^i4T{Fop{+T`N^3o+cJN#=0H$R_O&;Sgvf3#1yfexr? za_kclJ95Q*CDoNAip|zYZ4#7BSX*6yFCS;+eYT1RteKygbuZtenR!Ru(Wx4fbfGp?$ZlcIEcG+iTEbP&xLd0*L^R6nlWCL|}A{&Geh)nJMr=kI+L) zGS8Ly3b`d(>%F7fAvVQEWt1F=4lh1+K13Yx>c;YPWvf~pS}wH|jDEd;rLebfZAolM z+Yk)iLG7Z5d0f!6lK)NF9*AF7IZS@_&ASoZx_qn%R3cSqkAaX}tCA|xfE7XpbJ%@^ zmVmLMU;mz5UJKqys9+~+Ix^xKIQ9^hG@}T+HerNQUD1*sDGB=25!(9pNjUa4gsDf# zlO{l;Js&DvTP=Mn`2z`cg(5p)i~(OW_lH4%$6G6et53l{7rL`VwPSjN&*@%di4&^uL;adMdfOJDi)uV1wZJ6}GzpHSVK z;pMx1!_vR0;9H5PiN<>;_R2n^hrcZ7W$C@YKmz_r^jC@l!H?uJFh>$CNL^7;MSnOzx_Vcek_A-R z9*ZTS-r-K%aS>>u-sRiz;kWQK?FAU?7*xbE5Fdy4&?*NZXq#rYBA>Tb529Gv!aUqD zzCRt5K7H(Gz|*OmP}KJv#|7s2(&K0e?Z4MIE!kyT3GpT)R3_hOvVheGCdZ=~wxyn~ zJ>9*1bf~^eiFNu-oE^DqbX@YP$qY;wt)yJTM$x`dwG}nZa|}TsTe2sxZA;)O5OoUz z8V&7OUk@9SwCs0TNWDUP3zWycxX5m=epyU=MeY6T?Lf8VjUecc0G;=rjN>!n>XAL2 z%gqdGbhuM3_%G^^DAI8&CvjjuSHg?S)KjDL{Cq3jHt|Px% z56?T_Bk)O=_pC-f>^bT4n}QEc_9Z>F&~v-!E6XE*-z`}WSjc+8iC0@Ur*EJ3gb8h) z8UHa0F_C|2DWI34CVFPtE9!tXxA50*k;B2x<7@DYPNMaebcHD=9~ZMnck~^#P63vr z%GP-PYR8H^qg}nLE$V{FCIJ@HF0o}uP|3~?I~m3yn*dMevn@AfX4HVGi0L) zaThLbo`b<1>B^Y$UQnXiz``v`!bbNoyZV8+$s6z&qf3;B#iNrQ$XrAX@=pEy4F@0$ zpDAU!`fk^^mxAvXo*5QE>fSqW7urn7V~`xZq*5PX9;*CEe}D7v?Rt&H1YZS)1D5Wr zCdlk$eI2_%9C<6+IRAq9?%Yw|)S0l-Z1`mfnb%{pw0&hKzfc7OV$`UT6*}`m`9XPx%ZJmpPkC*r54=0oNGlZ%sglT-lcJPSPI(;KQG|0bNm>a&fmJJgnYb*c({;0ApF+QU_vMtrY_IV^VY{#A0mLU&ba@P#ony1>zu@~1 zZ=tchn!L2;P!fi1-HRxYtU_-``rTuo&^^268WC$*8!`6Co$pd!BRB+AjrdHVi>Qi@v=~OA;*JKJlB-H}Ayx9Mb# z42k0TGyoO$a9(K2L|#(w0=8q(C$snX05nW~ISNw2ifL1lCXNGd{43f5?~AAgR!IVr zj8crw0aRO2J=Zeysumde(ZOR`K1SkK^A}lZf1Gv5qz|f6iZ$h$o|5aZgi=*HIFxk(38&zp-41 zY#63$OP>8mzq!B1=&6YgbPJ{KN_O9lUIfQ!o|M~2IxAr*08Bb>@67K{9ueYP;I=<6 zDl>dY-nA-0R^(sN0P`7uy1+`({lhQ4C^vHix;+)H;LS!~*#RZk%RwYn>?y>Wc2e$g zu9`h$eTxwyrOVGIqDz&XD1-a}-ZNJ6ep?@BjFSS605|az4n z8yQqJWflDi&q8=;XJ&WlZh;ND46VU_%T1HDJQ2bz2+r?AKD}!akxzf+palB3AnMGA|OABdptVTlsL{9lGJ`%Fo4@EZ1Nlp`?_ZB+ihwga?U7Be zs_p9Y**i;+mee9HWQcwe@B&Yf`3?r9j5H|MzL=-DXs>_()5$edt6f{ao?rGcr$^!M zQ%Ih`X^2*GPe4ewZog7#j1g1fGq;8Q{vq&eu^(;RPJ1*DYcPhqzj94PFr+t0AS!CC zwna$fbr1L>nU(-_g zdFn52=srE)X}bp!{pxsCmSM0F_Ssry?lV3=j zx_v=+QYE@q8#KzuPWqp6F z@Gg8otjA`B zM%RXPCJkPW9<+%Yb2_x984V`vV_Pi^qU`q-t`wH%V$$UE^EK}xtbHj5y4)?^3>Fni zo!mPLHR2a=>6Y%lEaD*977*ISx+-^cb98+TuF}CQB%&q>iY`G<8fnGx{t2!Y&r9#{ z>uhhKIC1Fsnno}XH!i}}=#m@k7?4~};(dh8a2YD*-AXj->dP0=Nl|ci_x>ypCz-fD zeoNbc^Pq*VlU;Ld1(+}TbFWq4#L?H4{#9kC2a%^kiXxwBMxAj`qi7Fe8nlGtNLD73 zNdgvZ+;(w`c5kmo0wz?Nf_l7dy4U$n(}DlmQ{ePeY?M7())vTuW@g@NytyzQF7{Ye ziQQ3gaA?s$Bk$+&OA4g#y^Af*rRS8a;(p^77g{Tba(OixMj}I93qq1 zQWBPly0D2VI`@rHH&zraMs<2*)U_kX16|}G#rm<(o<*+JhY5yCf^@3SW+ty}$?qA- zq15!X1t8V!a`#Wl#la1p`cZNDxTiKY<8)ln+}n%S5-QD!KaAR1Nv*Aqi;l@AWordF z1p1u(rgkngx&EM((nWYbhgixge~pU`?3aumZ4}q-w3#!rz7|DdjScazT^+5E=}|m%ve4=Yv#asEg@uge0U;e$w;l4Y*hCpHasH_qmY_CG_sZXh*->%`LN)RiHtS2 zz4ewru}P2%DYh1^<8VqH)~(rTGS@8qp|zG4c3s<-#+t=1%{gC@*QQ^S2r@F%MwO)s z?ZLKMmWG{cD=fcz#Jit&vYX>!K!db4n!y;bYzIe8fm z>6*)`X}$nwu%yWtO!zoTN^5_HMC+0~%fIxwtDkceqAZ&#Um|FiSHAV}!Y&&PMLhi# z?L76}PhC)QqV~uw5yaiu)OgT4rc&&2_7Lmqj*6{upROb6-H>xfS?cG%5Wd0ftZ(*u zpO#Fe8^UR>956`8mPUv#nN3(1ux&~UU|LQ-P9_n=ggapJyz26*Y?Ox?HzKSndhWX) zh+GN3MM%7c?YY?|Llt)N=cm=@*F@WyS|C9oLX3_N9gA@T*gs2g4u&7xD|Klg-*LLR zlH|keD2fA{^ZBia9?W|^l4`y%P+|3YK7-_94H{~+BqW~Cwt^-4ctJIl4F!Ew=m5Sr z?~8ij@;@P?y$VKhq|bJ35xo}!1?5yHmV-rxBsIv8{jOq@^;8DR`=*3RcHc%wTJh_& zCR$pQdY>E;0AZOZ0P!}O8RWLLVlIMeZB3oBnDvvGSjB>SMvBhUk`w3)UbDRRe~9ur zvN(}s9MsS{XF z6Dhv$U?X0qz1V8|c?Q7rUbsS;T+muym$RnZ8a*B1Itg4=ewNuw1a`y^5SV}+^z~e- z3i=+B_#@oE3lg_4t)YCwq={sXy4C^{cbo6orcsr*;!Yh5^Qa6+>Cr}qA4$(dN0vTV zBshZ%06^-x$~B4bXDUr-Ds_4!Q-##Q;oz%ori(Kci*SOE4i zis_iX(-un>u<*OZ^x;I920!$V*3|4MuFd_brLd_@k^{rmgu?j3XtK@-zfsdkm8hcb zdMr*qr_8d*FNJ4!^{Nb=`Nh6jFSm*w1$EtmXf!qjSAaV<`udnDa~pCy<8lB zrZ2^SKHECCQg{HC+Bc_TsBNw9GUR(c{shfv=#>OD9^dnNIheMuY2E7MJH+%-E%Gah zmQ1rC!_- z_Y4msG^mJ!5?P8}a5W)9p?PRIjoD1eB zoBIt^tlk+0uDrqf9o$^~`01Q0q=DZ5X6DSk`&x<3C*%HBtoYn}jp_Szq2Q&s8VY$FI`y*SJ}s+lqrS@ck=tG zt$iMB){2rfGnPcfLcMgB&T14+1LZf8dz;!)2-Gtd6_-l5=u(q}Iwfs7+vSqkoE{Dx z|C4FEu^!|H4i}M=v)Um2?XT#H(qwmP%!5M!n4AlQjeFoFI57~e^*)Y zn}+RYACAf!NQCl=is}UkXnoA(2&e%NlO0K$B@(!+{ZX2o44m(%zOu(e1=?j{Qvpn; zigf0F{VD>Qnjhw!a^eHO`xZ;CF;$ ziw%3mT24Bh%uZE)oWw{stv@mWGd(W`WWJqW8CBIrlUc;ZO^20?zxahZHJ-F!{;p$jw8D}MF618c)zKkn~%2T`uG zvRwuYk&Nx)6ug&9i>!oa*~(pnABSvi?feL?>~eR6GSiHI%2MP zQQ6<^G%pI#zJTiTRMk@kQC7%~S%b_+2f}Oj7wxl%2#4zxt{@|Z*TzN+>ASh z#|W&Ff)@G(1yjoO?N0j^Hc~)^*I0n&fGstK*y+XSwOG$ReT;YrhU)yhT|@Tk$V3X< zT`8lp`;TR)stnUnTdWj1QmZb=S8A;>Gs2RjwieR5(OEP4^{()$b_90cI#|D zEIO8;kbVd|68hWRYHJ#PB+s6H97RUeCj}1MvJat7ZRZ{zz$UY~b>*(&5k&D2yaW>3 zCP``N&~k1yJA_o1CqX83Bh;C$RQ#Zyi%cNV|LR*EXe+@+v0Cqol9OWD@s6EFJ5J_0 zZm1aneJf@De6ZW0wC51zNrE8dc#g_;>3@4p{`J6X0JSK?`*LYlW<Z zF4ANfk4;^cs^r%3rdY$dsOh=u-7zfs`mWPYR5Za)&~SC5cMn#oq%-UoPsd6~h=g=w zkef*m>X525#lf;-rTrkn6RLIH;b8gC{q*`A7mk76ds!(I{-h2I(RT&9#_T*OQq?h! z89;wW!};`>k}RVOuxk{@)Q-unT6{`Rx(HA70xOx${6p($W}|F6H1T?QF$*dl{nfb^ zkQF`%|7udsjUk|D_zCG5=f?=QY}hFLV$;tHi+b)2>3Yqd662Linm?rRX{=PL+iA@v z;~6h)KRo>@jav+YhPQ){Jx(m`qSO1C3+A(ugf6&!1HQUMBG>(@Z@Qf{m&XY9d<3mZ1Z za%l;%nV^U7>9yFn3v1zeqP0k}59v^29vLNe?OH4nwQFgQcS30ol-%eh=YD&{w$2o1 zsu9{B`7%5#a2l8|kfi*8ka}Wb+Or`8LxAZ=y^eoXPW_86qKO_Ugu3lZ+H>_$C}4zt zjx7q_z$D-gkS2~z=SW`5cj#M<+&SRka=nzNFLvj&xcMyYc6fAuj-%6gJ@3%BSTv;< zAMjTCYxSKQH*l-T35y4gh0(S7hNP|h+i5-_hg~y>pe2hJG3q~^B!XU`xk*dupXIt5 zsF)%DP}retuECUfS07=}-NA0(G>*MX~H`-s2JKOYcv3zZ}jz>l6LKZCDU zGW80h0}Q^YML7Xko_Olfn5k7283hT~%xE&&esXN3xZq{-g?0)*;XEphq`zoHZ1Hnr z(#r^YS|;zI1AR+!o!_`$!ZqgIdvn)km?D!J%OxMwh)apZw+XIXi@8%nGHU*Yf^5kN zzj9@Pf|PhITA83506(cKrrzA_`Kn{quKjjGc;UL)YFdU2Hz{l z5GarjbvMfiysi-?n(wZuC%_zZ-Gn8g$Eu0O^WCy7_jz{sRazVOwV0!LXbS50{c@xQ zx^=SRtZ|_HZA1qD@_~&Esw3bY)Tp$LpC&WhQ!$G?`wiFms4)F$HTd$e8?C13vHGmq zVAXJ?lL5E%EvD$>C)Bz=MIS`X;&gs*p}LpJq*3sBfA^07VVqhU92+h9DpsA(L^po~26)rxMVLERjrFWNlYijWZu|F6LW?Q8(TSz9q3>`qGK`{mV ziLkWGuLGpF8};S}?63~B%!TvziJ@@vwcNlby#X*Cf^g@^fm*Kn6E+8z0P}nToj4wV ztxG0YLOY0>zfNHonz_Qeefrmm`d8wy@IsGiyXEW`gD=wZ)yL(vz=ZMrZ@OM9ga8t< zkDf+v|8Sng#;Js_q!1`am#JaicM7Yr*cqpQ-&q2zS|h3jOEFc-pHqq?4l*G(a&p~+ zXuc8C-?W7rSFO|b*?FoPZ1CtUlff`^u5xYL&1CErAE1Kff(Ir z8^skCKm&8>ui?s=GOeRH?L0)VJ>Z2C&f14w=WATd=E!?L@U#%w{hfK6V>3o^oPH%J z>t$#2PyRm74e~uqS2NE=%=4VWf;i{BnFWKaMwDagtt$qjr`C#ff;CD?_4Y2nqiQ|h z?Eo>^h?ThgLj5J0RvU@de4l!eyj2%(F1-&(DEQ<7HTQ3*j@3=C28rtNc2j`T7W zD>VgSZRtRrl((Z`3v>EFUB94tIf$$gXaD3-%o%5<-#Fo2eG@s2mudQA^RbioWcElm zg#n2p-{o9ZSpin)8HTD4@Iq@6esZ*rnwYk==*~q-K@(4%>*a(!10JSiR9}KnL*~dD zQf%H+FiPjT(RmEh)RNACRx~Bl+c2uF-HWXgDI_D*V{J78u`_Sj+yMLD| zb`8E~EAQ4)8KkRDb4X*Q7@Ov=EtD!#j}&ZV+J(Bmz|FxB9fvobNGv^i;ay=WeE*jI z2ga)p--#7zyGN)p?Deu*P77Nm3^mwZdB;&i&qroD5BbCV&+U|mCM%cSQNa*_ zyxsQ|?8`aO?;EQ{q^6?As?^Vuaz^h};iAf{*PpFPQ}(=^oj=d)Pp+c?;p3 ze4?!%mOJ`1lk-*Z5A)7ih%`~dKr7{J3#Qa7_v^uAhdR4`3U0)i46uTasFgVam2jE< zymoloEJoT^PZ6)1D|UAh&IG{wqREbfm?Di?oZ$?dB;cVxm!R*aJ-A_QX#Q%QJN2|r zi12!kA=ZTjjkPT{x(-aaJwN(xOqmW*VpPXE;%0>U&8NV|QYG3Df#E8~Qh@giO%_iV z43{1IFk$8;%PeZ3$?oZnxAL1s>$Ah;yiXwe#3DcNnT%MW~ z=A-6Loob*fvCdp1ur7ZK*(@I!1MLwVx-V!h_zjl;87I=s3kwBRLls$9 z8&H;79YDXHNtI13CAnE`1B@@u8q2zWR`2Xhv<4yWGT3(v5tJr)gmvG|W12Vrea>9_ zjx8+tU-)j~Y z7r2ut-Yn?#C~=3hG^eBH8e6E?`Gr$X%7PiE^qxvWuG|^%+}vWg3&{&);_dn8++~M+ z-ZRgJb9>TkN5sDuL+?w+hkw3QTWBBz=+@gXBwNAZaKU$W3h#HC`4r#ZWvWE!o96p- z<~MVj2JXQ?QWgrrkX8&XRpcfCHPx(~eDvti*kfYipyM-boJ|`{PfmO$Ir(gRyTHnI zp;2trKNjCE@;hG24Mun4L^k21C~E!)C)5)Oy!vsVIAgjY<&v(pU|-J7%RN{_$GWIh zI`viAKW!F4`?qs0%*Db{WMLUa34Q0?d|>RDcHJ2BwQo8=-`pyXS4Gd&R^KqXNu9)& zT3de#5|Fm~x#?4AW6BhIbW$PY1KE_1D!kfUQbkEbWKl!rRa|PlC)87O`3oqrA|rWS zPhO$Hg~V;C)F9_jT*Krobz3EItF&HzX*Lf3;KWvb-OD(+`!jB3i52Gai`hHx z;lAJZu8%@hU9Wc9=lJZo0E0gnE7|YNoGsle{yydJ^7E?(?--$Yh z8CM=>f9-b07)U>Zu$ibH{Z_|*^;hgAo<>OG0x5n`-q*)hnS;Hzw?co}Oi}uHHe;y( z2*Nap{8cQe-gK1$kC&q7#^^@NCCg)9BVtW8?RH3AAFRIoZE%a4?*%_XSAD$uq!(+U~;o(@TvVd)r*OYyf3z6Qy~z8-YoyC!tvwBUkE}EnK2u8 zSL6N2dYIy?Le)+)uZ6BwK9o7t1`9A^CjOw)QV4WimtPV{lE`-mN~~ocm0MQQSq%&5 zsaDmz%lc&Hv8Q`<149^ftq;iWNkz8hM8OQ8hn7E`>_=3S*hNZt6)_sF)Pt;<2e2HT z&AgJ_$F9?Z-UTgc_Ow@^U6{=A4S24V{qo9ZMlf7Z07WAA3TW?gAFU!(gHB(2IhG@8 z-#XfTcb~@o5c9>@L6`{HS1k>2T`{Lzo;=C|!y^v}+CHnAj!=T{#u(bVFtd1Zq&91` z1$q6W*z><(Mg9{4FXwz87F;tK85w(v;|zBWj{NEase1^RHvKuq1{4%f!=eTX=Fsh* zcBG6%4-M^o6|rSVS`_mEsnJ@zl0&nPFV8PAeLa}GtDMNGYrW*z7L^0@VjN;!OW%)0 zyXha32e$G`8&*qWr*N`DcPI3^pnrIjU9WOWV~{t&SjxY7dm!s5HsmlnF7hr#XMu{k z7cv40I(oFo$aj+^XyS3T#AHPB+mfFrlA1v82U>e`@=*Zk_k!!zEgW2KTV!~S^$Oul z92Wal?8X|mNpsxiZyp{FwvDs)d-ul&?Jk~!^``jYd-i>LF?l48oMW>n@j=$2Y~ zR^IPkQ_g#XhL|NaHPNP*LjjG3yo%&LhvGsq&5o|E3TbPpF<9}hO~)-TT-d+f=~K!y z7b@m;7BYN@`l{EIY!2MH>ndzVYBn3+Tp&z22fO9k8W`I6cLmE<3lG0+u)ZiNITkOZ zaJSKlp>1I8me7j#p7ipes^U?8rQ%3fC*S^TY;r2KPVk)G%)UK*4xr}qyHS;S!RF`^ zLk_)ndsg0Tu0tI6*UODi`-W}A`;~fAmINfN-Wnd#%KPp2E`@f-CnQPL0bpGDN;aJa zQxO|2+@KfEvtFGu63Ox*6 zmYTkw#{xC~JqXSD;Undw68(vi*mLuQ6bOHJ;@1S(O$l0`oj>b=Ty}LS`Quknr7lK# zT&l#q+_MxuVAU!ZNK!-WB^F+NZiDS7-*;sbh>!*FE$(nWfucuyFOmz1XV9Hyud?uH z7sxMkQH6%D=I+fSyqo4|93+(*&e@aOQ|+N7MBe1d-En(uAyiL8Li$i<;2_LAN9q~> zxpF#L<0GLE_Ep*I!LNl_v&Q*bm7$Tb>jNt}$PIrP*)R^LcKM^`|Fcrkh53eU^Y-hH z_-NPlg6W}=J9sO0jeT|wA_XrQBzTX!x^$BNX#!>~3;NCHmfjd05kwrPup` zkSzpfyN?+}txD{g8|iRp-M+(Sf6-mAth$+vc~-?fN`7gb&j;@oYx91GJv0ZHoZhpx zvOqu=(HAhmO^4uG>?$(FI2*uD$Y=4@HaCYD*dDHlB&yk|`^(4ViL7lf>T?AHHaFq$ z5WX@!Twr1Ql(!<$m4p+5IuP;txO$Oe0x+(2rG#u-Vv9bAX3fs~ku#f_E>FarJsYDv z5(RfLArc62^vR?)xYg$)4Oi9zGZWvK@6M{wVFqtT1g*QPKWn zvF6%OR}qN0iEC8F1wL8OijkFO*)sktNP@{r!s%V)_2uu8bGt~i|3IZ=W$hh)pxV}g zN$~LFp@s_huZJxLePl|NzN`6B^N$sow<}aAM2o62!KKb=-$2WG*u{QBoELHTQLzEo zW~B8+%2O{k4nsC#zl5BEbcUB-V6QGUl3bqVS z&!4X<_#~pM<8L}>pro`^ z5Tbb_VkaNrl30mR7ZJP41Hx_5GLqF#%xelE@dtzJe=w|WoarC$U8Z=?B9S@5f9)ZoB1T*oopV|NKE9*Ak*NU1h1H?q_ZX z*ln5R+hfY;$aW{87kVa(vH#N9EJ3WerdDP@AFw9=+s?uWA1NY z2jH$f{r9&{)PX?%mK}0A%dV=^i`{KK zZHmSf=dWU)R{&C!Qy|+xnUtmjvIvPrtt&vjJHO7uDH)Vy@EV&!z+xU9PoYA}QBog}M5z{VYv>M#itJRKB; zU9K!w&E2A8k~U_2^W!L$M(M5v?ci<&$0j9?yKap zHL|StST_6o^gu>5^_{}z1O-{o2!(c^=%vnpKf3#;Vp2b|Dim$9)eRdFBzZmh%k5}q zyqQKR>5HI-PoHhY3n4CYTEBH!W(4Qytqs)i>it6gP>~sG`S49=42~0K*SWl~Ahd1r zSe)6L_~hk`{pTyA61Tiok(~L_<$3QPmDJORWg(~mL|o(IZ1Hr!{OD^ESV(>Fmy@F> zEmPBpjTZ~}f=RYNJJ9SjQ4VGc1ROq>YSF+J?s0$nym3VSFRK468_vd4r%DOD}0RY+JVx7mS%h0EBk4(okgppYjr8^!2{t zaM*5BZ?F9m*M}E>VB_KntAQBaKa735zI(JX{jE88)6*)K1lU1L>23spB`33 z$SSQRep$HDzy#NY5Wo?!~zAB)Q0-P}JN^?Zq`&uaFxSkj<@XcZnx>+w=oq@={U!?-RfL}Fag zquD`*(LtZ|klgrJavBkO5}EpTqS32+vQchM+Q7U&80?#?DcZjYoo?CfkrNfh_>8Q{ z*f9MwuWn5F_@pmdSKj}NwNlao4YQWZLo1oI*Qrn4TCDj`{;3kGOJk_BC0cIq&(o2& z<#aZCVrEY-JUm*J)N~_irCp(8=c;&Y2+O^zuh4V6vP?S;WAyL>U8xxkLMCSl1Bi1A z1VMSC*P)H4BaOB8B3~jCVBMuR4eiO_RtAR%E?0&3%q_$^Y*2N+DffsjqC^r%_kJ1k znxi-8Q_~C_T^m~9>wkLQRo>KP8WnZM6w3)*?8|r*tyJ8nesz+NSV3{3Y;SvoDd(K? z+>C*p^-@mu=|%qU!TR9(=Bc@crZsQ8Tz55BP7)HL=FIizTbFN1Nhv)kHxq>nHm9=o zR|)yoe>ez-r!DPwo|Q{m`p94vCrn1F6ZP48E3=@N2jhD{(>1f%+%)cjxf>EGg;8;+sjpi7^&T?EJa2Z*kMO+mxS`fhmGh zV@`fH`KWq;NMOBwRwoMN*+qx+ZnEcabSzm5vX&4#7ANtP)E~A~>WR|w{p)O40}Jr` zRfE!SE0T1~HZ^_B;q@mhCxEh(a4k?WiBX7*X>uLnUs7YiHG?Y5_8H)$YJ-Y)Ixzid zhxw#ZdZ5_ww`!gL$Yq|1o&Fn4{OHNcDl8t=D%aV`BJ>nzT7qx&?8*bYx3K4`XnQ*F zytr-QLwWI6YR;r&h5;8~^V#O*XD@+&YB7bhFffAeXrUQFx$HgS~wiBOyBaY z?BP5XwjF-D_(!>)BGqqv7Fo>E5dQ1!GW=(ybvNggH09Jph-tU4ZZ%hJK;;)ALy3E~ zh4e^iOL~V=PsNdyF&QO1u@=y8fO1>z)p4MTG~J%iDENdU`jVVJn%CnU3n(to0Z>*a&ksYj_G`NH|9%&Zgr?F zChf&10LV@)S+jd!29Z&`8D+9)YHn@}beQZ|Wms{3Y8|UG=UUHP5jq`2mZs4d7WPV= z$oLhZ3N;BSX{-w8r3@#d?6qW&elI`^zQ=)$lrl@X-DA>rbAWS1e+=BlBY{8Y06+|^ z1HrRiX`jba?|c$XJzQ}8Y2VlQba;;8=gR8}I> z$$YiQXsfm9K}c0lbJHD6y$r3PcXCO5KHQ<;Ub63l;YiDz+q;0T6;U|{#!0ET{pD?u zkKXq>IE^l^$QSG0T)iqa5K@eMOOer=d<2Y}vel0Z#C>VjJz>RnuD9J)#34(|Ct1;# z*&#%T#xoc9Q@&eIgih@4lQ8g*^VU~BI^OH3MZ>`^vn%^M#_y)v9W1Wq)aO7a69=K9 zTD{>t7B=gZfBG=O_}UKWOR>0#*xM3Y90Ze9k26btG@KxuPL|epi%C0OK@%^Eft}4 z{}!px8$;WmkRGozK8M$ZjLx?go;3nVsgT~@k++QVC|&8L=H8~14#TNR{A_IrDN|_j z>`8|UFtLi&xdBw&9c(o{>}!6uAIqh0LR&bJj72Q;>h6~;&^R_ahf8MRw zh<|VfDJO^^Hrzg0mkrb`&l{cfyhFO2f9HFmdr$xD^=Rgb3}*z~M0~Y7mlN>u)$ok>16%I^a3VZAokTNq zjxfHY3Zx19ytZv~Bu62U(>LbmS+`>~FhrsjX=}|#!zV6w^L=u^-^v{lwaqLRH%;YM zWpy@-bEOx#eL%ThwY}O{ke;sMZA6!+#<^)MY8|ouzi^D+q7se8faf(J5X#cIm(jvI z|GxnF<;=N`oBb~F{f^UN)Fk_S@;dr}u%5afv#d8%&?CN>dnJty+rm1E68M8xwIL^- zzt`IGVk>$luqiO9)hv+F)GQia>o_{n{KljAxny0hhSkJf|P-FjT41vXwV5_4X?fMTg2_VV#+cE?^pFw$kaHhh*K5DTx zgW=L3^rAB^A~8eQFYsP%JHt`cwrAe@@KpU>nr~chuAW}N+$nkOCVUm~xoU3KVW-~BNk?|&yXE600(lLNW42y! z$;wXVmn{TE51@O(=Z6Af#tg7eM58rtqizGdKK})F{AIv$rtWulBG>oiNf!XrHR-1B z(-MV5E{F{GZfhY)YVcBT?QWp!>4n*e^s=Sb)`8M!aQ)8TFcTFF*oqbg z5lu1i=A?urd(&mOd7#6#Apnb>i~4-PT>67r`jj$PQL4sL_uLeQ@Lcht>mJ#erCC-& zWWm}(lr8Cy(1y|B$H4Mnnw56zCI-$cr=J94<*OjlISN+3=-ub0au0DI+Ow0y_wANH z<=!R`3GpOe9NS1(dt|!Pm zy&lk9Y40LKY*vH+@jdQpg}mg78qu(J+lD`iVGiE#{ z&12|j44y(C9k2V>UQhDsBcRyi?jg99@2!8wa&@_ky5<2Q^?AGb!U(p>W7(%!1K}`B4!xCzbqVbTZnxY0f z@|)Cwq|iD1rNzObEU?ISQ}Xnx$jhd)DWp-TYg_yY`}D}vfHJFP32J1D7JXhXLk~QjZJi9Uxb}YeQpp2Fhi9R1;65gI{_pqL4Nhd{)n_AG_ASVV?TRfdQO0 z+%vW5;;s9Irbc5Ze`%Hf1v#|1IVEpu61y=7#j@LC{1`Lcd)#-kGpgq0Hb#GE! z3s&`hi02qJIKJd#3cpImN9hNx7m9v2Gfs1T2lD{2h>t}Pp-K1pKUO_KJoU;aesv}< zm{I38L5&<0S4eHZpN=nDGXJU0f!hN0s|a13;0{-3l2!3Ib;N{l=)QPbX@T4&v!@E? zeL!IK#iRN|3xC@m%bKjPQ?$4y^B?s}G5%&|nTcuw)o^X9D8k8?Fj0?bhSb zq>qwA7gln#oU$ZqnDbS-48M#Wk6BKdT3lS~8ge>xBY8+ng@pmoEnqOA8Rpf?f+`i~ ztWbw#TCDW0R%u7OmOOy`)(=-kWFuKE*Rp0$%!Y|vBu`KF8jW4ibmNk@ELJm%tftcdD#u;-q2*O0d~eB2-JNVZb?b177((msra_sZTnyJ^k@Y#GVp z9dr*;auLv7bnq1-km9T#PU6lSu!(%hwJ^8QS8?Wc1~)ls*A7PzV2%1bcuXD!|D`B| zd&u|0C>_gZXKOKLUAAbcA$hLpYgdPTyN^ZpLtG_=joyLST)OG+v{C5~_!tZouIc{= zwbXyBI@v`&FX`ymGaAc+?`r4JqT6?>ob4r6QZUuWs;Hc$7!=;`Zs|Xcg7-tIQ=h$^ zEJZM0Z=olJWD2h0S{jj~QQ~>{)9~{4OCmt0iP=fiqB~{SRYO2% zF83(?j8A=?OIB_rDHO>Ny2)4O#4BaFqtWIY9@3Y> z{$VI}SWbiWULw%$PB`|~`3&O0-sMCF09haQ#Ygsk8m|DN(X-}`^ zuG(e0YOPmDvHhF$$A8)pmBjO}`@9IWDhMFYI6F~>9r9`Sx5uH!mWg$Ka!uJ&qpJkJ z)UX@w$En3{7QnuaaK)njLu%iq+O+`&cj6J%buzP?8*U zqTzr^Rb?aMZW4I<+dvaevn$@okM_YmA$eb<@^gH>NlISkry$~_bz%0 zQ+T{>Hre>~0<8Eh-W<_uT=ba-XNRA~wa6K>X*(19IlrRIvTq*q2V!B91Tu}gXFbq0 z;DPTWpfi3!W$UC_MU79x`Q{i!_ul128Iv%cw+EtVSQ8#I{9onb{|#1uG4aumorzu5 zV*9{9THT_pOXt5!JN^~V0D_x>fie+?)}@iid)uB-v?vi|P{F(P25&>Xl+Rm0e zSL-o#;N!dht)l-l=>PKqJR{nvIR=|q>nR4^D#Rd1d4uz}u<3u2W&Shn^PfNeZ{LKx zLtCdUBG|S2l(sib{_hp7^0{;Ib9v~n=BF_saXU&i+<&X&_sr@n-7Den4iOhgum5ZP zKK@VNWK%--*Mepi8L-x~3nYFt|5u&3|LLB;H;Q2QiYAj4Bi8yf$-no!GoK+%jp$HU zjTJ2@SC{nf729c%f9y8O ze3mBOdBD3TsIRITo3kO-wN>yi*_sSHB7g6xzn(|njW~Z=LH?blkL0-0E2@^qZB0h& zyzBVp^^K>Or=X+QzQrssj8K%IYC&Rdy?glH`A}3)GR8drBb>L349=M*Fk~(wloV|? z-<5i-M69pymw>qF3Q5hIZMk03x{;0_YLpy~!r=GuW> znS_Z8@9U%IM`a?%g|(w1+pp#KPTz8^e;-Y&E9so^EI;4dR@igzO?~Ds3PN43dGkw)v*SmO9Zu9o*#%>`64mu?|pP& z#jqS%`AIT;7^g=?Cl(ZRVDBKNA_F+`P&8ODfhX7DTCE;NP`8xWd=UM$Zv4fCjSu0T zqN3LX08yIFRUE~*77j0jX_fTgUhH1df^pa2gH5xFS6T=uu;0CKH*Qiw=c>tZIMAQB zzd%Fk+pib@@a_Cm(9A&banR9kP%t5^JM9)S0MX`*cF4$yNLI0vjGxj#s|{q(QRHoy zXWNLR^FwyO^cm%!H-Pe0=cSS=UI>voR1R@*Dsh13`4kBRKGHIsohar3s9Lpz%?}h~ z=^(bDO&_t(yJV0#+>ce|e%%|02DrR9!W@swLcDVGr&=i7yh%S!EDgOTe`^RLT8`GP zy?$(Wx^s*S?+Kklxdab8j-u=etdeZX=QX?nb+2`K26&s6dls}S?3&-exA*yp};Vmbrq9K8Ju4&1JD2v7_!PI zYm4#(p$h2=_%a~sv?8Z3^l!(0_WO*`*qQ#s!gZywJRQQXyOz0m_65ex1c8@`cVJe} z0|foiJY(H-GH)8e5wJ7{7B`!tT(ccJdwoLX>ymE;z#R%d;mZlHDk?Fvd9!7TJH6>%bbd zJHa|$4EG_7DN>b>cAyATXntei9hF7X%!Lv6KBxCZ26%z0?BN{vIC$x?U&7X*@Wo#Nl2f*WYHkXsX4e9^$bvCEy z$8)(Zm{m3O`y-xi@lob!p8eQeAK1sHaaa!$7i*O6T$(_Tu{Vg>P2*%wO8CeSW|PF~ zfUlO<8ntIhg?|s%MBX_@EJ4UKct{jn@26=lUMXt49g(P`z8O%rDfJa7DrrO`|0|h{ z!5wruQEDk-md&yHyoR~ufE4vAkCUI6^F3h0ldm`vAG)ab>cB3d(ZY;fJ#?kZ&Hq@O zt$d||Gg|0e!owNw4(bP>^$<9auK58p#kvZ~&H+>QL*KFIa+8xL*9?El7#aN24E$r2 zfkk){AdI$u7t6V`I|D9lg%L7OQfEFo7x5aqe;HnUtFR;yW>Sf1oYY^{N{an4v@1nx z$Hlz9(#1qe3~(@r9#|ObF=pcUy6mY+!$0)NOzJ`~6JNd2onU@pZkjnNSwPTg#`zzX=l|PI01UCs zIJo3%P@Y~TD2!AqvgIhq;eyractp*LE$HI&!Pj5)fbZZDNHpBr;oz$I9ayZ9O&g7SC7`6m<4fIJhYitSLOW}oCf`WdDM{-vZw6ma~ zmxHYUJB{-XMG}Gq1T7NAuU8cJBV60yZp53CKPvZz`yQ<>jgbnZjJy(@523Io;vi;w zcZNg^puot2@^EBWwHd-V-@_}Z_T8qJIhN0cZ7F+ zfL-RLYu!Ei-pKNX?T|6~qQ?WK`-cktRv)tyuQ>feF2kZRu%QjQ4DRvVOw{A;$KkWI zu1JJk^Vw3a`E;5^re?1xksw!%H*ks+7fDPXdV7H8^n>AL08Z?K;VL7q4Vfw?l z?zfYetjsq#9j{N(oLpRNyFR0a{l59VZHG^|`9V(zkCOxLR{K5@dApQ9*x&Fd#-hsU zbG8KNQMv!P&UpN)AzdR6EkZI8dBcdVs3lWjRjnXNOd};SUK?tx$wN>HN0VKM*l~a? zW2>K_Da|vsxv7>?4kkxf)|UIKdHPb?zr_6tV8f(4*9=<>Rn6ed2#UfjFWMiA;W>xv z9q%#0pofqEg&JKsex891E+6i!otm5%X{0PfA+|U~&l?MSCOXkb%WRckFhKGmN=DA| zjIh2}+lpX~xCL+HL75oO6C)@7@XPCEA<4ZA(!OCuPV>(Y%?^7k{q_w9kYFWaS9}k} z;8dFN8U`m>R_N5o|D~yJe0re#D)Fa+^}5f``_0!j`#hqmOPbv@d*J-l7yaqVOL5H% zi7MNW-Va35Ue_B2e=cDPZ1+!o-Deg&AWp+97sS=b9L90cDC^h5u~zvgkPno%Z zA#k6eyXTIcXa?`DT`8tDw3_a2I_#|9+v^puV*Gab9_K*A<6vf-Uay8gL7)`}3$Op6 zy%qm$(FwEtT6fA20s|Lz?8QgAGgPz4vBi zUW@U(qT60a9Z%PIB|uXFW)+YFyzK#nuswwC~mGB^%#jf-in zJ0sGV^kJiC+2I&KYpTnN5Kd{fW*lE036^!fc`&z`?o*4>f?^^i@CpfQoCBt&CJn_Eq`sCaK+HvIhwJ3B@!TLzN{7-_X8 zl1J9TKM0+@C`=rDJ+U5VC!1&`r_(tr9zoC4E3>g2Bfvj7PJAa$LjJpOOHoB5e67-t zohEE3i;FI(A?*uT0Q>SsC1bC|0_6^btthGQ(08gGVq2Oj_TDS`aMp3hD}in0Z;q3HXqabx;IC_eW0xrP zn1Ff>sK2(k3xLV+X{~nDf+%w02RDu1R&f%Bmi$2o5gU$=0`03JeIFj62ql@A>BB(5 z>)%}Gm9%`o(r=9WIv0>4{MIu+8bR@~+*Q{mZVWLdR$tvjINmQPZ*^ zcStwi-@}T&-`^a6S^!^y1*uIQ-AVB_ZGGZbrTdQ$02 z9d-B7&igomF!H!XQu-^p@y{Sqrxnu|giH4id3;qZ-;V!$@{!#?L8(kkzkJQxM4a6< z+!*rApq~PlZp7jT-7%2NIlKJjDcoGTb1}HEsGnaYlhYqm;0}1mibSYOiq@|)F}+#D zAYZ4Kv-;59G?8BB$qO>-8cw|T6KW*cFs#)KWHYOlJlZar`Y_0a8Yk$1-`*++ZIjWz z-j#wdOj{Sp(p5%?$@6Kl3$gLC-+niCIN&D6g?VeUod_=} zsVcM6iM8IGxvx|H4^T zn3~Awml8iF8(;p-22(hoS4w{hn!d@|_ReASB%;B6aoA7$=0F&#E5{3EHu7r-;U^L0 z57vBSd`o5AID$#c+VF+|{&>$CM%h4(d%sC_C7&)KkI*t#;_FYx#jpFB_kI|o11czX zR6ed0zjX!>2L`elN#4#k;TCZY0}b1QwxymLd0PzSWl_&OZCN;3Hmt!o?@sw!tB+(1 zdN9tVdhK?=W}P4Hk)Dp{A3*F`@I_AIlJ00OQI_7P0~lZ-QmM}R4}0|-2LOG0ea$*^ zp7z__auDkzj=ec)2iz_?pxCI{LyGibAW&OmdIgLhlRAXO&5!|Wo7hnC9?Z7 zDK4cbfqgn-CJM5IbK+N3`P=3!>`e|)6;a|ig0GgB1F%TU|)a`21on^+aydp%dx z?nZUA%<;elc(U0IoY*w^uWZh3)$w=0IyQ_sX8cdW{mq8n>STN6v(0mJ6mS!bQH zR=I_G?p7d+P(SJTT4oWCH?m|JLAB4E({S(vvIwe+|C3jJPCYjU=`#h4t1HQ)`{pz& zxmns&y<$b`B;JltHADYl>a`ktW718PfG2A7+Ax6j4tPL1S?W)HvI5EK%nPcU^@Y=N z+TkX0zrFfCAAtC#tsCPAS=^4FV2*$O!EQ^7$o(n`)2OXgK_yaTqKs{@7uMnD`XR%X zH{Sab+`#xw9vF`fZ?ueKSLZKJS%?8f&?UV;zwN_YQZrbo$qjCn|3AEmAilGX55v{( zYbVZ->@C3*#q~LTw&1J+qE9{vQT#wy1yV_y$hW zVHgG57Z1c4QZz>BG7Q?OUVNQBSin62f+JgTcr$4)P`-29_%u@Nc!eg%Lcmma!W!@- z2Z!%ExZXY2Dv7$bE`hd91YIKf@$}GI%t>94@mFk>D(FZ^t%#I0ps5Xx{wXcq>45z< zqf%JjCOZpa4gHmyyJus}7d5PUNooKcmySs7rCYR`qWAqN+z|JVh2YU<8s}udUWHpj zKzSX5?u!6eK+2>)M3$H*HAH1}M0=2c1%pZl#EX%eZ0EGAi`(ab+XH>wG#=CcJ3n6P zmx`#@En%zsZ&(XyUX~Gae-yMSl$3LJ?YY36YY*;(gc$7P>p`VM47&rziy*FJ@adpp z->2b&Wpi(i^A?+E#EYrjn4S)#$It*QIXf#8lX?=jC$cK$)24}b(n<772p?? zx}vS_;>D;Kf}qufg`oZd^x8?qasp2%9qtyd{~+Tshq>S2@U*%z2jtgbt2^k$h5&;s zC-R?fhrSZ$#BC)uq3r008V@vsQ1rg zny<_bL%SqetWVxPprfj8$OVk$_3PB}fJx&9xZsT|%-E!rr!S`^DT*?4a-KZx@@hk( zm= zd7#f)zi(?MrY%=^{TWnNSe$^|9H7Oeg3xk8RqG@7D4J0_B|&Q+yaTWYI;p+!c++f= ze*=#3MqFyi4|bx%i;!=^d|OkR<@>c2h=4UH4#DNS=TfKkTwG){nd${tpU36w)Z%O1 zGLCQjsJpdIoS}nFBM)^`lAMvL9bDb_JDrHLcA{lY54yvcHLgJs7ND%%Nr6+HJX#Dy zJ86yJhgy7W@|!oYBz1(gABUo?Ik9yN!{+W0d#D%-#vm0RsmA(MDBAj~{3P>!t(Xp> zd=_sAm%DD~I5{DAQcqDQBSvrVV)vL{O#7a?YW8LqUl0a@QCLx<6uk~kuwjjFLbgD3 z8zI`Dbru1ddz+K7xeZdynfa{6J~-%w<{oSdA8Rn)N9f}>nLEFTEh4z*c(=1DXOs+p7(X=<4B6Jd{`YNH?$h8;j=``jlX6a9*!c5;4s!7%O zHF@)@SO#Qd0B3D^0_2D%It(@JeW+gOg{O7l19>(Z%iF%YHr45zT1C$CebubuM|ZbF z4fWDN`z@c{b5_&Dtt#*F$I8Ic9NwXVzUud7e?iMWnR1USL~_Ss0`G%fWuv?WDXBv5 z^nvGHQXj}OAEw!ckNKBWSvs3?QybQyERXUCF?!_8vTC2E9rQvIozwXdCS=5j=*iP& z720|s;lC&)GnlxP#M5hsPEa&}eQTIyK<>Jyz|Cs13_ zw#srsP8;3BW}-UuJ1+|}spC})N19KuJj!x88(D0`2GE3CoUJSK|_f_BP2l!W@y*v` zYrimV`-X}P^Ssow?{$Gj8a6S)0a29Sb~E4Pk7K_X|C2S;_cX7Zj7-2KcSBwiap4AU z_!@f_-XZ_yAs}3?npQJbN*GY5kweP`=eMj88qLZ;l$y_Dxhdhjo360szOfc5N#MlK zG)V%CRd;08SX1S>KaN+;olWpAtp+3+xz_UW1CX5#!AQ?}t)w^b0rPCTj?Z&G*xV_y z1vZ{-k$UInk?h`V*Ev~&{s!%G#o7{TbUdqGE6s|H=VTSL*BxQ>)Jt}7T$K4h^&+#c zZPgIKT>RKvPEHQoTEa1OC(pt z+*Y-+AK3E_DKHKaxVb4<_6V_;`l_gggXRO_b$OXn_lF)lp#7Ln#ASApho-oh!7yq8 zRE|}@*>{9#;JqxkpB_KV`(l76SfexdvJ z-zNCZC8Ms0yNQ(PWW1B_(8R1(XniHsDQlr~ZVJ)7Ko+a}4^EI+#+w{H7<>@6+u+cT zf2JLd(Br=s`rf;iEo7KD#*&3As90c5#PT_dF(~M_eVXH%ZZ+9^rFAy~`U>IOVmj_F zX+V1jQsx`9?ulWS?!lT*L6y_hfWVzy&l~?WTlpf4@0kbtF{jRAynD%XUOVa{2nff^)Mv#7z-@-*Dh*NlF>V z#vCf!+%rYf!$_`72rtZfa%C>I8>NZ*q!n+iT%&oj+2RyG%Rg{lc7s>#SB`nI(-)1){Ed_D%DerKH3cY?(T{E}Xx(B4ttfu? zyCx7~@%)xeH9E7#cLQJLzF~CDMqC4f(;y1UK5lnTqzRy*{IQdB5!?PGb3l->Y5QS* zDW162(0$j4M-k<9;!X>#I_S_z1iQW|!gZr>-wgD;@exTzoJ& zq9E?=vY3rV9O|FF$cNKBR_Z7gt7`&A(Zk0PDHB#cjy$RekP|^?j`=0f%_=H{?dZ{S&h_wR}+O_Ps0>seAW?%2ccK>a?ofCMx z4THIBk956`H;Zp>1{BsgjJNC{FRkgz*Cq4cP1=tj5-mJjl!MU!|DY|gQ>sGn~;F2*k* z6=-JHu2%hO5+l`?j;y*CMmjpwb&5%FuCk9<+;zb`g`|!5h)lCaK7UWzm{P*y7R0=M zzq-jg8CSBS!fh}g^Sd4Z0J<@@pP-Cf)U~{K+}QiP+T`2bu3&4B-idKtBEizpIELAL zjC$N@v7|`G&x`8L;1Z@H1B@juVE6UJCNeK6v!}Ka6hlAa-81P(;OmCEK#%IpeV7_` zC=Fd+#`4`%(yZb4)$Ne)w38vL<{rd4&<d+SuJ`X6s6ks(zv*BCg;SK$mk73e9fjf=6Yl zbeaw%>w#v|5Z1L|i&@SQl(E0+xDq5&#W+pEdCJr1y+!uTp zevrvlWaQ1_oF2U0SW*9Wf~-C|I%+ypFZ+8GHG)L`2fN+m*upQnVTa{}k0ChIzl_ZJ zB9>wa&2-EI`bI~~Ub3{l+(yz5Rg)C*+?}?@w!!Sbo~Jflr@KtJXg7z_kCHC~+k>k7 zEWS^eunk zg-r;pMsdv$DfM`GbjrmP)o!sl5CZjaf+s8ZGXy{cZ|erJ&hiw^R&mPvWLCaD_Et@Q z4TRe!|H+w0T(e0{xSmJUaPZ5Jt(l=?Z9#5PVM#fX*#n%Ev|t#6SKRi@DZ<5Lr~v5B5lUHyeiLi_nkge< z*JvKGijedV-BMIjpQ9PcTrXU;Ccrp+Sf#Lgw)<3$}e2$Dd*(BG8Ybf4L;0dxFTs zUF2gbT6z7nHjCMH!LKUyTVMbE#xA(#1AT7KAGB6nSLE&}vGaVGLSl`^R4T|;SLRTD zgFNsYtXY-;3>S`KWY1a(i)*0R?9rpD@*TkPuHF44_{BPKc^c(XrOY5$W1Xy@f3nwIBiBnM{vnRG~;9`7#zdCA|NPM+$WHn(zj6B8F zHK!#X&6VDRWjQ^3z8CNItQ~^3dS~I1l*X;%?^3LmU`x7QJM7V@De_R$R)T~7T>%_3 zHc-8JJ+s)_a4ukZz5c@+gF8@8_mApqNkW#RsBIO)1`j-4-a&tEzHx9hx1cTk`yj2m zHb445<;t#{c?I00PoTBam+hvAg*T8FtNt4|oYiS)RRn5JLNQdzaCM_DoBOTsVy#u9 zg9ows6CgL}`+=8xR=34~v{Ek&!o5`tgVEl5f3>J?OsgJoEPU2#s^WJ`8DU|FL*6uk zjQIZoT^RjY*si-W1Ag?R37%};fatP5mQfFF@+?V06?boIawvMl{!6hqx54^Q+1`}v znpzoXc}^)Hx3&j#)1z>ajB&deWFk&&J=3}Dg?yHB5_p)^zfd+YFR!1%!iC;YjvTD= z%5&oVM(tLRKz7cm(W;D|+~qj-$aNI~Ab4jbA|9hWqXVbmz_qB9`{Z1w9hN0I@~(Qm zpAabuAKb3=GgyA$2o}RZUzCL7?Q28+?Md-TwScxN$vFGT6MBTL#+01&f=!y!! zFbC_VBN+lh7vHgg{v4+PEM+%wgh)#ZJx!3+sE1jZ411pVF82f(OG?T_CC=cyUx)TV zdu`j?TCuVg^aC`BjhMRvMIglnd5an&XW3V`{F60~vV#YMZYN}Q**2B}aye!&4ZBted zEv_XuR8^hwzNm>C&m=Q1HR@tquhE}N|BcuSC0)^M2VR4VOZEovB8AOI^_h9GZEvsX zevcSXn`ml$*Z*=4Qs6~LQ*z__?H24pt){qTyJ@=`ZVlhOBF7IgDLt6R+YO;+k{-YQ zZawMVDu6Y#Q78%VoY#Xv*{;@#o>O@E?+zUw{t+6*j0J7ItJPO?=_UBjMQt%R6+$EEd!RYw&yn4*_OW*$hSdW;#mI;U%r_U9&p)39q!B*J z8+9Q%*M_XXvLdSyu@Uq#^#A@+A?0`~Zt{iY_W4eY|31iq>9M!O^{unS)nPM#dv_2( zW7J*^XE%omyq@umYZK6=m)iuX1@dp-B{mnRCoFJ^tgJ;Gk!OPy{5+irIY1YMKD^+3Mrus5!Ax^m#@MZxU z>Lp=Wj@n(tXrGv-6)u=UydQf|6n{tDVTQd@(_D;3Q8(61FG>afA}2@neP6KJX6SE1 z4c;u!>rAUM4!bhf8v`z z)#a4ZA++2jsBMC>?9FC1THwIUsq3AjS29iQea)cE1QX(c^uQ>HvCZo#$mM4{Y z=|lN{os=h~_z7RrQWuG{&%MLlfs9%^I&LkL9{1dgr@G`tW@t_3>mf;xhoI;-Q(K9k zZBAij1cU#^Oy6cjd8SPi!TkzR&9YJGz@*o%!o(QA5l@JNNzh(=lp8^%&el??3MX7B z_3<+LWiM>5jw?MwaixrpI5Uvn&P!q$k5!GnVjKbJJx0DX|?b9F_So^c0 znuuzeh=$G{wc*Q5m8TsUFl!%~^o$!!f>%(>^Z~QfAvKss9`B;nlVDP9_??;?AuH+s@$UEqEN%KZHnvVunl#bL;39^Vzt>$h`eQM1As8h?<}vF>Tf(ya zuMBRRj76RvE_TEX^oD@^sr)`i%014Dh_tY!E<8t*w!_Cz%AGx2Hh|~zFmDXLzf`hn=lk?|1h1AT&ES>2Gn~ zdy`)h>@jXabu3_p<4Afcw%~DS2zT;o_00nsc6B>Lkm0|@2w)PhAz_qViX8Z(dCN>* z5FXbU0)gqr5tjJQbd|jkJI3=s()1u!JYcMTPd`Mw<+!h!U_`EL@FOED^zl4H7rz1> z_xuhy7Zt{eGyPaS?H>h5lp%nb|NA4=8XiMVe`2N+q&Cv`N z^~@2`t9ev9Btaebs9CkDszy@k8CBNR-0nOQHA9xEcS=-1Z)QYSGM;F6!8urwh{M0J;1DDnr882>j9|BvO;0!&z3GgT{^6GhnmVkrvb3N*UGmoJPqTMHinj}`}e3BNR zMxKv@3u+7adVa>x->@)m>EpM`E`&xjR{$if?fm zBF@%|WxNs7p9_7msDYTYvnP2KP!PPpfXPRd#vvk?Q_KKCu;36^?h8um<^~B9B3iLk z2bV@M5EEyD4~@~7Bnn~}$~I3$NR5B;u|^BN$B*==Dg3bBh^V&f%55;+{AsC6mUhcjUkDrm*zw4}sdGrh7z_K`F71wm<=e3Z6$S%$zoCkwuH=8)9=eAR; zAQ=9PGO)b~v9f>k!fZ%2zK z|2s%e0e5<$aBF*wMyk}jQmWik)_Mw2&wlB9V!N&D)zSB{We;UF6G|cS z@Jlv0eQ3KL8@+u}0cTY%&cgmbC|Wb3n|_YM0|o67V-bbDy&*};Xpu4jwp^x+{#Tg& z%fnQ7cAD!%ptkrhF747V`Wvu0;+y+l9c2;CR6tzw#DTuW4n+eNr3(O>^5_q-})?R6d}u|COebyq-Lu} zGhRM}kJgd4xNF$C63a{=3q{)X^0xUwj<7@vAE;;ubYA zsl>Mfbg-*>C*G^4xv3^WRH-A+5#=)~p`RX(vsYAL$Qe;fE3JiH&3LANN5y~VxN>Vx zn7*cz*GvQVuP1E|hJ{r-jS$*SFi27+!q_MLre4^y|55Xo1T07L_liF6e@mpFRCFWE zS?|;qflo+-=ibi0@Z$}Q&bef7_MwGcGz6h-|JEDIfG4XyD~7lVi(>{3IH}4^!DTG{ zVFa!#hWsu7`kuH-YMz)r-#+X%m)VRsW#k!eAb{LnkXk{lLV9u!mL~)e6j9q3nRP~p z^{in{#UG>5G$($){rLUf`PBMYSj7Y=59ANQ&*q8FdzLGPA!7Go#ADJ44=YINSx$gb zCKsEhnfu|hFS%(CpQNLsqa;Q$b+UGRSxT}iRe3UEO$5H!$xb%0%e@QcUcJ$WOM4K} z9}>Qc3-90V=m3NY_7o|K8|#9nB~sa3KiDm|$sRCoJy6L(~ETww}RYNaQHS3x?0tBjFjj2)hf;y0wFcsbF_gZqT!JQY1n+ix%!Hrw z8#H(nsI-aF;?v!50B+g+e(qJPpZ#W7_dSPC?y+neWeX=9x+d1SL*Ib(9bdBsd3618 zLJ+V8u=>RXhS}81*#c4GJe$8>yZMN*xV6=wWuK08+MB^8>Z{;o5K>3g8Sia#VJP%N zcTnPx^2G{0gOcrIJN_gwH|uHdf6;8AMaQT>1scPYAM7g{=!HH1TC3fpfAx|*UlWTH z<7aX@eBgi7+;Qv(FbmPnG?)71`;e`sNw`0}B-7z~ytA^R$=4bXH9{n<0Iq9LF!XYM z_}PcET$QR>Z_2se?gQNnZ5DR%92ItXHBX%Bpj%;uYnHI&a&OO^>e^aU{kj0L>`p=@ zZjyLqDEwF96LH~kweOkm_0_kp$S)Noym6;G_1i6Pi&1eCvmbtF4J6ar(rxOBlRdI? zwpHUYwYm^^-7~?6EJo*1U3Q_6f=O4{;?r~j)O`&}XG;hbM`e4u6omTE{a)zLJi?Y5 zU%Jjp!v=|oOw8+9X4V~vyUwO6_&CGTjEE(a!rDCb(!r^!qb=vwOx@{zAUvU`k%9ZW z3igbBf&(tI=qom7$E~`Bi|hs-PEiKJ(_Z(|VQQC%^2-5ojO zGzd76O)uVWrh3?tYS+HM+i=;k&v|G|;LQjhw@ehD8Xu{k&*vYLpU{+TC^WFFH>Vym zKe`5bRsdWkE2ua%{tEg2`>{OaWk}>`z3qOWQm8-7`EGS@!YI9^B{s+v>6ivU<(3U?KHdADI$rBl5-?OnuA<<+ESbPPzp zxZ8Kzdg;lh&SU@Fpl@{&JIgal})BRRshtSSp~Kf>h>L2YYeQ6TIBG3dvkuIHXGf zimN~G=AKyB&asi}{976rGEP&!@S&>;kd#|im{Zc%b@F)-QnU=McE4{IxotiqcMi|#_ZfZ>F>+*GEXgSbAvtf*sO~-1f=BavV#hslahYbJy%F*7K%r)GcXl=%E(X(RD75tnlgQc-n{8SoVXjRqDb%;wr zTN4t#9@_ZD+0OOvoC4tP&8g)X!E^Aub5fOYN7#xZ;kAzSH=XgO7Lhlr@*?9ZA}wywb$Y#SR2Q@LilP!R4vNkd$%Dx6<@T1Q&|IYW+^K}l^2L&RcA4_lUSxKr zfJfF=Ty$KD#3Fn1huDvt2QG?xXEN93Z<^Ha&%6x??dTu(KD*q*@^-F&KW7e#R-ZL% zo}3M8^7wX$$;?o&W4px5+gM@-4#{Ovz zwIjpM`VJB$qePnbSxz8d#3?{?fd#) z>-0|*{O60#g#`acn`MW?`oCsj|DEsrAB=YIKBOYA)Qz!E4!duDeJx~rf2mvdUz#Ym zb0NZC8|kY|)zdNi&a}qAQ{6XsDEQXI6Z?O=TeM++h2Ck{wDxNM8^!r!9#H+9r-f^! z7|RA3?+8X`6p#Nl?-6LZuwh>n8dad_h0<2@ctqcb{Sn)#N0@qVq_S+f-FdbP*kSR#L zHsret`F=a9gOCD_KX)z(5!B4DhCYeDquYLy%bxB2MpDx=7FX7LMPNf&;2Yt z!Ymdwgiw!^4vm9ovBit5cLO_KM2w3Hw4BoY{FrhTQkfgVLSMGV%wt3e^aWv^W$eXL zk1%;_^K`jF04LTZ*F%&3mF)_#vGRS{(MIQ6(eM1YV4HM$zKGEv?`Bu(9M^Ppjorx9 zZZ^BBGyZp9+W$e&A)t~SYVLUSLSBirb!E+P=O|K;r52$Kq+ZPPdrxaLLd|yiiT{2V`yO;66n5aeq|-7zFtB#QT0P%8Is!A+CrI% z_G0IV5b+&9Cq7*+TKv;^;l1eyVOd8Sj9W}ugX^__0|q{DG1fa^z8<}nV>UOpmI%&l z%yP$mfd=cI=mzv>X1U4hBdrrK2{hH#cp-NA#mfSJG~AhZhN`lqS_34)kbuiD4gw!S zz$U3~lNkchXm1a&Z{rBdUX>TWu=#B}LkC`;G3`@LZ}S(KMShsMf9%}Pf{KnF-Q3%S zHIM`>>JW8lDg`P6!%s;LEK5aKCZbJ36@rH5Df6Q(|Be85B^{6#hcXW00?VyRn}tEv{{b z-sZLu3WAPG3L!wxQ_}iV)Rr{y2td}@ke=TsbJNU107SpMJT;}yx2I|OuxGe$h~R*M zz*tq|PiQczI&7n)!R5J}_VB70;!^BdWO@8?DL!4Dr?VRm>lOVE5}hUi9Ws%09$L&; z5p}7Akrqj$PXC0A&3UY$0zz+d`VF53_SHCEycjv{fFIG4%3m)wj%r9n`Y5^ua;{wc z@H1MPRh(FH8^nkUNP1)#D+bFU$@+o;KG?ixSA2A&(E*BOUe-uwTAS!kfwJD-Brxk@ zmt#>P0jwYR6$Ggz$*6^p^ds|Ejl!mSuY$uWj))pFkw58Wh=I2gj8_5Ad zsT@T%Eu2^a47!+jfVjeJgIJI%`9mMZ<+{cvFiD#w#r$gh`#AB~6QG1)YMyF&GY_*yXxHM?7j9{*Pd@LEc)Yn z$38$${YLgpPtOPmVL`84jUZ&M#xE3F>)(LGyE^J#&`Qewd;j906L@cDN&2TuGq;?G zh-Vu=Esc_#59Mlq&|pd0wx4Ucw_iRrVu^>xJqwT_%N@HAd_da%uT9=8UP{ZaaBt2Up+RGOR4zlQHRrmIr)HM>g+)Kb&FBUXmLF>KzFm z?r-Pf5?KOA25AN_W@C-7HX0ZKAA7Rwa(kn4KUdkB{y%A_=jZoY9dz z%I1QZ8|(d?&A8?(QUia-w{IF398A;X$r4?L$9mplHdH}hNBAY+h!BSGR{a1a59KJHew^g;k7rs-} z%&6Ee-H{x(qJyNX)0L+)Tkk5d`biu(J=_D>j4#?a8#?P7v zRd3(jZKbvuvQWz-xya?TNcS$M+YVgCRQ7KxxFE8s=#CZ7H6wJj^5Zvs zl-X#BN zcWNkrVPdN%X9OaE?y|Z=#?%yRlM<{!;&7M0WmC?~{nK_x+zvZP?q4*$)MdO@%ul#} zN1p7-h8yXO7kZkx_9wif01?!C%5wqcpm_Umjq;lX*%#0?+B+f?GLGCdcC}^tLTE%X zK5#hu2|LOuFkH9L+Ox(im{Zs)O~K^|@fF%82mS2cF@CznSXBL>MjKvnx@l+%Fg1m{ zcB#+1*Ta-_?<~vSw}z2WMITeg6pg!ANyw5GlT_iJ{$3;jVh_1Q&KMmK#LwOA32m^J zI4Y{zT0cJ@s3W8EcFiCL#wyQ-iZ>8gS=0I)n<1SeqT?qg|E;Mc*v&g^_l5!46pI|j z+du@=Qa4x{x6QPW|^KB%kAnf^Mq-1VB6!StvASO$btZGdHS&+Z%UA%agyClgFlJ!An52w zAucHjxx&l66N)yl({gdYX5E8$QR^#X%MK=$9qQbsniOy83+LXY$^gllCQwEUp;&tv zOP^FfSBf>$_K>k8RmlI&7zEi`^>+z!`6dhOwhbOiCe+sd%*n)AJT(`>*?*jXG(4Z;O?hzf~E@N4-jPU4n{MEDxrvqk3kETagBoU=h*C&UFd7%cOfYh|Fa$Y zpY?b58wX4Pjth+3!aECpZ8hlc(YJ)8i@XAeime%()cN~XW>yiABYjT~auUsngu~Mr z-y=-_H4QA}MGrUq!C5ngY=U5JCE<5#3I5EzkO193v_g_KGwV}f%ew;fa*c%#V`-#O zy!&DXDpvCAxce}=p!sp-qxdwnUPd;2dzPM7M^r1AG;yZ}jy%b##-=20eO!)cDEdub zMj$goIC|g7aDcTP%b7R`gh#j{@%9g7e_zG6G5*8a*@O<_ea< zj0GReQw=U*@i-=wcRPVq#Lqu%bdp$|{khss^SO>PQ(s9l%;eI7v`4z)-C$`W)O@u! zoFX_7=5Sq(3NiDY_od;h{z`aN6dY^F%t!E;|b&K#X|8{pH!PPixbrAh@)Il%a&j;>C)wK%UVm6O-GNb#FY! zi0MVY(INWa!x+l7Z+0P8MLD`AuMqTd{4_Quu@B-vfw3TtVR z<4)cNDfKZyBI1R$H}>=W)a7{T)bv!>W3I^xB)v3{r4U31gA8>HzU~c$96jsfzUZsu z@S4cngmmS>EK7-_xuM_Z+e&k7nTqSPcsbZ~$$rl~BJFn0!8y}WGd+ak#*;f$~<;&YwrMjD(T3c5-#q#8ulUMrt)*#WXo zzYEEBzzE|4YOBT5ZEEJsU~J`Y;5*}?lSlYtmz<&!3b?mkb{OX*;K8YKy7|Suy3TOq z)aI@6zJ<)ILdNoUII2oQ3>Ld~>qnMM>x$wsf@ie6H-WroSN(Vv;&v|<$68)khB7YP?ucoPS;;b<-!v4F1c40rhhKQvl-jg?_>jZ^%^ z&^~J@L;vt|M-5GxwNO#eOHR%G0mFLUb>+HiG^z3)-us4R>8}O2l$i?*8!C!(zO86D z9vPmPdd9F%U{>q|RXx>U$S01GR87{h_0e_A%B7GRbGc6(WW(YPCIqYp=;5e|7RYL9 zD->f>*e)CuT#YfThc_fzpE=vj$4f9UIFMqX{Dx^>aFTVB_Fw8yZS-ZCO}lxuVId1= zjY+`&DvvNT!2;+{-X*8^_7Nq8yMkJG*{8WB0>M*Q4KD%ad~damD@DZ*dw#rKYes{+ zo02Wi`3LoO^uUbW({rcqd^s1O-S8O$YYPRzdzItRT11uF(gDr$05vO|S9N?aW})AH z-A}J+samhef%Ij(fP&;fZ1-nbhfyN;Zf~AJp54`!+G?%SXBBXyk*{Mls=z!UzH?J< zf!IXw6pu>*jO~*R8!k?@jwwY#ZGj|dN_dNzcIH~~81TmqA7E}Za#B+xI)T!hYpvI7 zOq<2>jBV9xlwp-GRbA_W_Ftuqh{7mzGP8ysj!xm#>kAvWDHJrJLu49Rg&o1ieZHfjrXYi@2}^=vQ)*c;lv zH@4#AvE-R?si-GjdDRY^UsvlxZ`}9A3=gkEBkuBQKYW?(Ba9}*Y1KF)=-0PiqWCz6 zg+2Nx-f(H-xYrkB$l@!};EhvaW@i$7{kO)@Gy#J3_K=4BeQ2uD z#1C5?lJL>x%GysOdhH~P6*QxaqT=@abSrK4_DS;=4;keWbp?2Q{Hx3Zxd_X(PM)4= z9CLSqh6#Fgrd&4Rj^d%eNLXiPE{*$x=-56{lTu;2Y>Edj2-eKD|a52rjqbZEkMW^RE8bwi*^W zF|E*VY5&q2`;gw_=-Mg5pcyz+m?o0w`k6NxdsDCFzJop8hZLWm zA;WHVX^d>ogXPMJqUgZNmF4E_+NxUToQkrL?3RXuQ{#Tw;Qo(%^;Nd3BY3k-3ZVbGcaG z)82DAhqYdKcBkZiUW9W~v&W=7TZT7yv4rDV_&Ecf@1f&k^UwtL*>y;zpJTmq?$Q_v zspBDiJT0Xq=Y_qzJ*|)s0Ui#qlPTfr9G zyYFbifr%8(Zil1FYG!Bk!OqxlyG_zPX`)SKNAZuuDyz$`w$THdMD`r5Af+z#=IYAR z%ZK|{LX$@XZXjF!berzVyU2p@1}$m6ncuyi87D=wXPys=O_(bk)=kLb@#8J5D1l-?h^#!;w ziFnK(%m|LK?i9JVEJeDR5IZ}CQqHWA;Y2|2GSP!5BT)#RVIO7z;*f_}MO(_lk(E=TY;4i@G2|F7_rH)iGQ}yD>E-P4n^>U&>kvf|n9COZ3%(K( zl_)#>LKSsK+c(PYS$}Iluq9(SSfq!}?R}^P#@^oSY zrv5dFsO7LCn1{kdDG4?fBZ4GW`o*)fWO;{YUWpWci&?So_RvNPzhR&91^3A?(sa5p ztiz)OU>q5O8E!Qac8&FC+PE{mSLu-8G;Bg^>682yc6sM()3bMh9wuHGPKZ4z%`BA1+)n9N1t+s1WN2TYZrwP3q{w|>{{t3O^ zJHc+UKQv+Bli$bHX40}L(V#ULslk_67yK&0C%!wS+ZTS5^()dWUbRrzJ*v56S4^3 zp}z6T&p|A5hWf}M!}e|mO=Z=S>o6we0cmL&{%d@82c$`!D71I z&NVm$ukMTc&YWhbeOTY}Fj_0fkvXL6;7rB~4QL`ezm^^l0LeT!EfIA;vM={J6e$Ni zFTKC#Tj()e@j^a1Ybv;Qnrv8(2Th%LNHh}&2n=oCF)eX}$m{DcNj^S7_v(CxI7tt$ zhG2Z|8CnR9r6I%+h7BT8k11+v$CyLUO9B3D&*#i|p6q&iX!AjQ^1MRidayMuYThEV zj&1BqV0W_I52WhH0j6GlhPax^5cQEIYG~UXoqUe&rQh@h4WDm7!mWVr;D+Y`!!uMB zee+H$p>bpZSKlTp#b-wN`5`sEdU2dE*fie$`X?*odqL#Au_Rw)*Il93zpW47O>v|n zi4>Hzf{+OUvNK(J6q*lL?zXyZO$>s|+}AzFeVdR*)dHDmYz5{AXs#+|X=BhGg~~xB zc$CK5+7884Gsqn2&@f(peEkf;)s_!Ad{y|oZjg(K56PUu1QFe|^ubYLL7k|E*L~4c z(x3MkdfymbeI57Rt(J#!o@*$O%LWZ{-$0yCx++lyfHeu82t!etLdJ~f0bE8io@&(N ziR7)EtTeDF6V=oIribFdG)N||c{#JTqo%AK0XflT{8urSHNxBTo}l;0Mb*2)1WX4O zs&(EwL5}w)iFeSwsZaTwE8RAKh-U@Gi9`+#>8ijS>scaSI1ii z=gRqqALB(V9aPwAU$0`}OD^Mw)!tswo-fz(7VS6?@WSbyCdw9Lqvdp$0`jLdW@`bB z4N)Y|83g%C2KuUPsfxlpE@<8l`w|zdO`I(qH^-oh)xJ7AIX1DDnA4szGSVR*^aYg1 zVu-q05Zyeoj4_956@9<}%GW1NbQbV3f$UlN-RUZ_h-6jPn7OE|47&1I@IoU;Zu#HF zu8A9(D)Twx5n2Ms>6len2{E`P!C|Xm_3$re^0K2y2P z3Rl4)%aF_Jw@-rkcg)Cb1)(=Gsee{_+6^r&0S6>pg@uHfa^Q^*==VG5y4=7qYR-1( zJaaai(Yz;TDjQpD=3t8Y?bzbU1azLqozm!Vy!GO_>)|$Z?&Csg=7gvSB?Q6Zcima@ z(GkTIxrhk9OH((wHRtQ&EmFH<`G@^~6zS{==w5CpMWt!-#zw!MDx3s{xxl~8ABkbp zE}if8^w0|4AKC1Hwzje}h%y&SeUd{G+G71jxsG~-iF2NazEm-fJ41n6+h4u=AjP*`*9!w6x?Hw0Y1J8v4RwZfN{z5YDl6e zKTaRSM+-pkye{*iyae18C#dgixy!GH^Hs_s1PEpY1*E@|HKC@?qLNMpm$80v`17U? zt9=xApe2q4WGo-Lw^ANm)%^ zPSo(^x)Fr_Zd%K?SmUk)uLK}vSKMkH=k2w9z#(g;)dl}-{fpQWz8#vvNp`o!f)_)@ z(>GcJSL9Me5ik)60JKM`mo2Ln1RvsiM%|xe{$WO%>I5@aZ9ENM%q;#xV>{qCO)zcB zZlWwNIhdOI*OIWyXHu>etjm8vuJb6f{`|6+O}67go#pkFa1^$j8EQu0;l8HUthns` zPwn}khxXn6RDXG|rK%`m9zzP9i*boG$E8Yr>P)7J?_(ed6S=O8xCyt%!o;=$MB z;U9yu_j6J1I{Y!vg8a|oJcsLHqtF>q?Ab_iO@b)5=mZ6_ni6sKvBHe#ZMQODVU+5B zs*C@}bU(6)R=4c8D#c#K&r~9L2#-T4r)LJ^q^5SX^!(jwwqi)Fi+B4s>jJ?0q|I1< z23Yf=MO$0iMq_J(+GU5{Y(aD3g(D#vcQt0fe5U4t6P~t0>khe7*HJ~N@9^Wurz|SP zxyeNN!FoKBA=F}D{8x5Wm=dVQ3(^?TUFlrO0B8`3U6~fbSsI&JII=#Fo`xm{0hb#dgf9BgP zI}`%x^Zc0(kJEZ5zr0c=5-vOMiv5%s9m?%RbNWvX${LjuM3sK8czkv!hW=0{Gp=_= z7Wm7%5!%FTM9T5|1O$>_*OH*snzvxG7QOKGK24cNUGjtZ15uG|aD>bkVDPj%44L8B7^^;qciE$xs)H#%cc=3et4h?}4dSK2_Zd<$Pe@f_{5wMD@?Ge|tYhGCc4tvW3SDH$A zy#v!vea1(>!g~?xUlf;@Qu33%yfS5eskBtkr?np6rE|2-a!M;(v>9=eluOc8r&3q~ z_BFi{TWzK1{H!}mEH9J%PkZm5XaAqCGYi>@myBBJeA2A(Ll!%T9|~{#{+M59ty}rr zZ>7io81|TZ^436|V^JmItwA?mwI1=-*@gGr_8n{T1wy|NfI`*wkR$BoM02csH_ka~ zB0)*f8#eL7aZyvFXK5aHBrU&3?oeR66!|JPEiDMxf?90G64da%lWx10+3-{LiU5Zl zYu=8#H7OWdnKJLl0z#toHJ`(eJ8vEU$hcDT&u@A6i6d~1WeQ?7F@_C|n9=DvB^kU$ zd)=Eoeav7m7v_hX1$-lf#*G%O9=toQU_}rFzYe~`!%L9o5~Ky~b1=mCM7!`TI^osQ z&F`O8M6AaLEHI~kFiiVuhyG2(?~|2)7N9S z-9lZ2tGgJ-cnM=&z9P7zj>UGd(o67-_%#&2z-j518ROT8p<0?e2j2nP`=^op&T!=$ zn5V&d?+(R}$L(|!n^G0!IUm#?#EOB9LibyV_w&=V%@IOxLFENJi6u>)E`%xg-uCG2 zPGY67)wdu7xNn2v(eG8`u7+ROV?K4=u?&$~SyJjUy9Fvr#_8t7k5G0IhyWNZh1e{n z@mAI?=#eFUDeE1*`lErL4@X@mT9-d2Z~Ad#UMFJu8Ku3o0dX$sF&CF=t=6xhz0Dn5 z#ueJCgt{jW9(%i3O{bG`TJeMd2HGTxVS(e=+1G}_d%kkZ?m#$)6giLEhp(2??-D$1fPrKi zA&1uKRNU3eIcD)c#_n5mj_tSC1{fbmkC;#**2U%bZjsUbpG5nRF+SqsY+JPKk^aM3 zgV{1`40d`_bO?~hHITb|Xv|D)82&w!%=EJ+pos;qyuL9nw-k2iQ0(VuiSVzw%ShJX z#B8G80Ah>-wtMckkL9EeX4J;h+|-L6hDWQ1Zr3Zw_LliL#K*|?cKiD6&}j}&hrif( z&1zUcg2HowyXq(X2J;0=}k8)clASESq(@oC{zvx{pr4m3~otlya%oA_P5G0M^&Bd z6?CZZZlJ9ak3&~nQm#8mO(Lhb!J6k8A)tMLVG_~)S`9hW6;6cCh6`lS6P}tf+TCWz zi$_|RF(84!t=pg_xuRmxso4xLyn!`w1C_|9CPl|InUI$iNHzVC`cLTRf4bBDhkbBE zoH8e#P1V7@)6KA3(-_?p#9qgv`M&fny!2=^qan?&Kgng*>jF8(4IomO*!mExzdPQv zS)l7fMD%(C&mr(;^mYr+!T%=1_xT+5?ZT7l^$SO166OBA?6cXLu04Iz+^WjUhHmpQ z+403#9PG|4L7(%b(U`6Pjw`72hw)uRMPfr9@DEU7auCG^UG?6Bi&CFFDoTA_C`%Uc z%E-ma5O?0TRFn$1S7lOH!yHtXi8CucXeX%_k^Oqj!XFIBklnu`s2!C}wb(st_A|+& zi>2UKTaDp9X?wE9khG5GJ(GG+NY*Qw&izxL+mnP;jZHKHtTsc+VI?Uk8@_9ZvOLSr zDN`Y=G#Yyy%{-%{r9;o@{``keUVjK6*Sl#hhQ%bO8{nLZmSs2_StdjWQ>~6iPS|!E*PU!bcfLIE#0ex}eQd)oyeEH;vVxqb*w096fGn3W=G85LL*b)WuFK z2nq%s10MPd_sIrzX%_@T=z+nl0e{#JH_cFiR2woJbL^Dbo0r7c*-rH}?FaE)uLEyH zbJSg&nNk?R`1b5p%}JD0`?#?01F6y?xYAlIx6LJ0d)GHl$1B&@==0}G%J(2gOzj+Q zH7atSVOQ4ZMinaYBiRy993DXA#q@ixmupqOE1t)f{(3~y+q3SvE+4$E`vsl$Y?YWj z7fbk|^}zL2UOYjyosWa&Rf;nX){@^n2ps1uD)jfUf(tBhH(JOTx*6oyH7;W|x6wJb zn%?*$Go?puj!clS0Y!;-c#PH8(wo z_C>R^HI4ruK60WTMLEeDi}e{DU&ka4%WcI^L8nj0y2~M%t?G4Ew6=kR%CMmtb=VOB zDRa8gLH+^MP$7aG&8z=JW?=q{7-R?cS^kcWEYevwyh?oXY4A{g>`ywhJAiYujox!( z%SvMDQbA0ls%r}6nzP8ra6-y_L7 zcxo!yEXxrNPPG?&2>~OCD0^=OdpktFyD&lQhQ;-E@b;E za(wCHL$_^r{9tP%CDKZ9uDz?o&n!uH{x=(9eBTSHI7{PD+zLAIm>@PK}<;e{#5h;w? z{*L?NVAS)oLm>q*{$=&jT<#F(#ir99GJ(NXC~^Dw5F6}QFsKlu#%@}+_r{64XxG)w!~o1tuP5Bl5Ma?z+nGS8QnYPXFw zy@YKNVMFHqdG`AolFsS|v%%EyHs~w$5OjF*w|atp(`9<_`IzZ2wn~=Zh?px;{I^c7 z!$(l7mcoBKNq$v8n1(;qeX)1H5nWwb?Q~+&9(C$tB>pVT``_@;#w;%dojrcG}q z*n-5Hf4Mu>a_Ddq*Tc~lvm9jag*Zk*;_J-nd~oYG5ff~Uo?(TkVmnoMUZT7@a`dO$ zq%TEFA8sLFsA-3#$ns|Qm`L84jgviQuNxCDL_p`kTXnGK&tw9qE(R_e3)~6KWW_+kp zyP`*?m)=WA^bwDdy)4P;OAo#8^uf$ujC}nT#1U6AWA4N&kIS{kM%swC<+j!w2KWj-$7z7I->P@BXxuS6K^4a-js&m2d3o^N$4!z&I1 zc1OU#KhqBD1wGsTK=Wos^)o>%) zJX1%xTpH@tFrnlL9Yqpg#8!1~=G!{~TWcJ1&l1%%PgZ%)cw5kTv_kVM6#+XVwxl z7G?KF?u>Q7C$Gzm%^mv(BOUE^huE-1j3YCizo?vpDd9MrtT2|Q68&SLJ*QG7ff&}v zrpIN4FJ3sU6{0rWcMX>h^MZ$TiV$z6MrP9%nEKfq4fUVDKRF%zQgd~!&n@JFGacoX zAHShA8MAURvQv)3eft}Q(>Jv==U>;-przNpZ(>SW`pMzqL4|5@TukakV_5@?qM=fT zhGg&8)C2UgTG_|7Qbmc%VqX z;X#eM$4p`^bQzPJ(c052y*yp(`9mNlIr!U@pRn}G{%b%(-ovhr6g^6$SxhDtEbKF; z-tfjwGE`e-Q%_G1mI!1j>cJXnVg7GJg#J@RDM1bi>*s_YVjj2-BZRTGCdkL#%;mT5 zloCG^yLs05mSz;{Qs1*tG(Gg8Le1pe)fG!bWFp7Kr3=GXL>MtIyh=m8n&x~!MY*5F z@foV^JjPu;kiaS9voA9<>n3-_=B_ci1eQq3b+)J~UXqZsChvS_VR?Icg?RD+2L_qB zg{6>%4h7_ikI22j`d}8nFO+P>+HF;h0{gvFBcxPYTJ8mM!PXUt8OY=lM1s=eoSDcD z#n_AU_)c{l81JXS``d*Wsz9VHVzz)3k*TeQ7yP~=^qK!}Hl zEB)Qx2Lxm+O0{$a<}4UHwtdR7Y83ZG>((a?WJ1J$tUJZzNa0Vmy*r{mpZlAES+4qk<_{sOKNlD*T>)&ob3-677xvz<3U*Bvr9KucM%?ab#Ok>h($qEH2V*avh%DxP zIT{QAT>E+gdjv+OLiFdm-(PPhhYB)<_6(`(Qij*UqtQ%kfS@)F>raNpoywKH$3&XT zJ#*C9b$!GeCQAXAwUS@6zi;yP{&V<@n-v%O=|ZSo3R$C6sb<@b>T*O}S7Skp=o8rJ zOH(w5onMTu-3Jr9&T5L#PFH;PStIi!y_mySG`oV&V!YJzkHIco2S5!N{M$LWEd?hE#p{3(^mh9!r|$Xjj7iG(7{*YfyN|?a+$rL z?^c6D+!ZwVVr$~+i<4>!!S&@|GA4+PM@xRVh#`xdYA}sjN@%-NIkebX*buOm@=SSf zyT{b<(EKOv`F{qv{=bg9($}|jO&)nLJ{KON%S=hY_Z*THdG#^T%0xv!GR>%lsc1yDDuW;Fcto6Y%)I6Y2$s9&4GDRL*REJGuF&p^nDM?+ zF3o%OD4TZ|rA!?@hNacEgf(EpYOS4l0-<{HSCdB1GB@FsO)F|uhXZgP>;RAD(iJF< z*4U#~dka&Zei+SFgzH^hIao5o-UkbjOltZ>@Gt+`-6o90YPHvX0f_X|4j5u?&wcqx zQq4Ht?_~7$Z&c5j2lhpPn`#qk;aGMcdl>a$vK}XbXMyL~C)M;Ks|Yor~O6X;RS?u=;`qIgVA6ul;+Nz*`%U*C*J$z zKgJEKK{bp^Dn72AKe``bqvH@inW$Ljz~NcgD=77{F+lBv?vst${FXnw+Q7KouUuVB z9?^(8(AZAjSy^I#99Rf&Qj-7;ctqLA=yP;`20N>J}C>nJ&Ir zkdaIA9S%YFi8IOj*fqs*!d86sbJrCQsTb8pW6!IN&oEY?3r0S$7oPXN`|67~)ik{= zwsU-q*~ov;{r~?x{&N+E{0ogkR%3Jnq3e9g-)d{OH8EbB7-2)|o1t!!{u ziCowJ_?|P}1yTVo*anRk-yWITZ#REg9VT0nj?*Sas$${UHZyg7Jg>YEt#-yEBqCH$ zoC+l5|26aY*D7Q6mEaXrDL0}r`lGO=gSr=YY$&@62Z?N($!UHrueDR`oGXYH*j^E} zu_YhelywhJG?B2y5T#Iw%(X=%w;G&Y2>LQx9mg)GN&8(EtyT8c-Y)04s?D0HG+uD% znru1C6L-AjtLz(2xDr5wJ#zCy)3|Go3yB&mw zZV2*V57#s=Gk~j`NtKOUYO3tvN2YWVSc0ep{GFZ`5;)xWMKrboc*y?(DjQXFMH*@! zaJ)E|pwu6>vXwCv5LkD@fAeG{7&4DYdc8epgb&NuB$#61b20Wa-#1TAm9<0 zp^ks3QulhrSPb6kLx8>%q1zJ#d|_B!NI)^CGJEcxx!WQFp5}0a@QGfpkX|z<#w2PL zJz2lI`H}ds5)~gm zLX)%=eO;^jN0Kuy;mAnb`eK+1`yB2`%G@|lTj@-?UAGO3aQnF4AAy7b76$ESj6YnO z`|+I#N$17;i!;=g-ya>aE5KhVxlt_YqQQacPNgMO;R{h^i%%e@XEvT6&-|of-!$-nt z11cakg$E@+d%)Tf(55@ttJmL>A895KO$G9VSr!4PV~mWOqo0X!u}N&{Do%V%u8ES9 z1Cw3z4Y5WY4j^QDXxVdR_UpAjS4nIDGv7J|v1f1r@olsd)&}MuIaTSx@HxqMfhKge z++my(j=8fKl^SrBDfZ#L6Ip7Jnnen3yidfC`>vP^v{7s2+wVq%<}{BUlI*c15zq?u znr7RiK0PAr8^q4O6mAX5P&!%?f{<$WAPb+&uw>Bye;>vtx4;yL_YW_G}D2$l|ZUl2z3uGHS<1=^dakrC*>%j{{K zBYp*E26wHK^htYBnjAIdB}G(^(5GK##f!*lrTa&vPZ&xm(guHxKo==!xRF>r;dXm4 zjaTpCB|1J_mrPBeT=>_uTmN70O+>#MMErh_dx13*i_mrsN^fOS9qy&oAm=a<|C%rV zP{vzK?U^fJY0K656qN*2%UV~QQ!ApzPY+m_4c2st?wfgghWapdY;f&r&VqzwXk|%d zd#QQBda9B*pHflSlu?vjnY;y5@;gCl$SuiaJM1nhb}n`s?itOrKDXATf9rmZGD@U< zW>*EzLV~|Z##*4Fs!^{3NY5(mTz}uP2j$TQlo*>Ywx4scwrQzLrLZoe8vo?}iMN`^=)s{jr}IO@n_V^uTGkYv-TeRL z?r6rX3W@x&NuwVOd6qYcweiB1ig&}}rr8L%&37PjD;w16p_B`wWAWay+@sc@g+log;spoW1@|+$SmfaV56euap zL6wL`y&R5EYcnsZ0~U^51S1tGUxLjQZsG1z4&VJ*U<%t zRNr=%q=>t`z6cx|btlgg7;@i*OjRax3 zE%&lP*&g|9L`AhJm>#cSK!&P2@?C8fbuZ`M2mudAS!qD%;upSpckh%R`>OWinbKO} z>OM+fGR~KWjj#xTlE^txD;n2SSlz-j^alO%kkaQ@cIs|cY?t@rbL|+AUGfR_aCotQ zdFmHc!d$0`*<%)Z)8#|Xn0o7efX(*v{+M2)IeP7ciT?hXQMq8OKZ$9X!YB_uTtrzt zgVN;E*i%x3+`XG`O$k*7$=b&8FleUZTnmf>wU|{V@ zgBSJSROgpDHZzNqK^(?8^HUGgtEY2)?%TreG*OP@-ZeTVrBYixXj3H;314sKIhr>^ z!R9IW4#8BwQTkp-LB%)kDMs&QpLQ`@JtmxDxL=Y0RY?kOtkYazez49;7$m?%%JnY}4+yZf2@Ame3QUnSzCo;72%6s{<9 zlv62*Cim}fDLf}wqv7Xzc31)f(^sNnuK$(N8HHF(8k${X-88G`Q$Sm15Mt`4`2grxAfWB^mc2TG9d!IAcagiz-&o9za8~SsQ0TX{E|lPUeV{tV^LQS|IsH&`yI7U z(Yx$^!W~oq|pbzJSKBqJIJaRrzTx%pm{6I7EcezhA%qCVeCZ}C^xroy;$I2tq^y&VL>D1kHIqLFD9!cefNaM>iLX?-57JQ9*bTr zc4D4fg=mn1*to4leV}2fk%tMk+DH8P>1%AULUGHjpEG0_d#0{GX%%;Q9{6-q@AtPJ zdJ3;oe>V--LWkMRZQkvq(Y`fW3EEyvO^A*%Pwst$Q8G0+i=>epr_cP}*NFGWj;$$) zy)$vSZfwW}@%Rd%32ipNXmjpvM&U2zSa-jznnFj~Lwxjf6NNcr-c)ENen-q1B$^M-YyPmxMBTI76@hWI~!g z_z}T90oFxKPwUH2If1F*QqY7Fy}i&xR|7W9EfUJW4sA~g=FBn#cJ<>Xb_OODV052Qg)o?kiC$@72wD6I2S6wjYjmXsulIBZ%n*F zKU88wH>g_-mQ=szX9_Ql)GB+c`_(Dsz)vPp>_6?L_3!mk(-lF%n0j&+`r70zhkd2_ z))qQoZ32%X{m*7zLnmk^*-@0d(2ZN6!0*`kQ7NIVRjn-bYCmYZWHG)sZJa&eDX$<+ z;)feX@QPh(C2mGPF9=veS>Zh?t1*9shIlo^80Ob{hd>Eu%%X$PT8yuxDjy7&VHu6b zBH|TTd64j{T+3-<8eR^Vl3cL0S^{(v2rD_jGNW9{nPqxk#-ewuPrT1NCQo$DO>;F+ zU>xXWsGzwX8Xw{yPJ&FOhwiq08&aef-o<#eccY2Cyqp#{LAWg8s{O;^H-B1Ukf2D~ zJP_VKzW1V^q3GhS`3%{<&&^xVhw5pW%~zy7}{d&{7@o^IWj z;O=e<3BlbKx^N5b?(PJ4cMlRQxCRLB?!hIvySpy@^48wB?%wCV=YRI8>Tj!N_pG@_ zb#;&NjNcP%O3bengtXI@@qgk?HUENE-ALn6Sh4%vlZU91T#tbln;OBym))hQhAx% z2d(o9Z0nGML~jKRL$%Q_+a)7g-u0mRnJVdnqRjvD-2azV`uA%EV*IORNPEHBUM5}A ziW~cr`0{M`6v5y9^$^#u#?=)4n$*LcuV)^4ui_vFnzjM_f6QL}_jS7O$Z}gf zdmt;d3wow8v649-@J`xEHBxP2WV*RnAg{>JBffE&y{ghfONLQQY#`!R4gmdkY2L1$ z1c|FG=61J=_(FgEvl`{UUB)+UM1|JqzwL9c8m_=d7!Us%0AB@%lmbZTqer#eeHrKbNm>Xw1ti!?}wc z|HJsFU-F_e9@No-^MU+sQyRnO`|n@l|0gj0Z~v45-KV(`n41RJWDd~pBo6Ku<=DjN z2MiVt&hV6U*0I<*-SAv-1qE(x9i8dr`B?d~6-N6H8>)Yv^uMeyg`sFepqR3IPBco? zx}vS9qY|E9ONgDakYE1`LD3!+0BkU&~Xw37>8R80g#7X7dD z{_hhyAHPgV3RNnXKSQktiTy+7=if}xtq~p|T-~+tmktUlnS(IDMMcKT-!)90;guI- z%DQ4}doR|L9g=mp5B~U`iG$lc?*vIm@ut%q4W)Nh%3t=nCOA5sP)=>U)%o5p@Ma|M zfBM#&UKlL!*H=c}E9e7qn3tXUQ`Fx`D(x+x(mwb(BO}Q3xPvUmr($@N-+jBJpS97e zuLgGedB8jIxLb`ZjK|-8CH~w97^FXKS1$^yY2n0O^JXXQGGRK8c@PWmjW8#Lm8)F=e`xZ1d4D#CUFx+?OCdQtw-~H>*=Xi#^!3$``ft+PrYD0 zW_WrYzW29}g=!2TyOB^64PSjBWIKoebh^6{igj1Mt1-PH&{?%b9|XW0s#9ea60qlsYOFqygzC z(O6i0Bc-%aZ?C8vDBW>6W`e(qK_mG-SqhWgaRQz+yUb7uK3HGr$C}UdD-dV9-NB}; z-@=#66*D|ZncMwP)6WF(CS4i5s!%eb)YwI@y0OFG{^A)uWJ-RR`oPmt>N-*oCm*~> zsg$Kg(aHDtr4fQ~ZlEf+j0(fTp55FU@*00bw+Svq_i4q_*pb)@U5@dj@zJAx?VuLQ z=Yk>P&KXKARGxi^A7CUWY|f0oA$~QvIz=jBjw}C&KThY~7|&@b_*=1rOdf{h8`=xo ztOugwT1T)ZY$M>eP>>iNjvNVJX>|0dW)=5j{Q;O_9U$^pbMi4AQ~XbO{Vl<1cIR za>RTORLyjrCiY1*K_@Q1B-DiMdc2)vZK5h@72>P6q-@KPn~xHzeCH=A&5x8UbU>p) zaRDQz&^asrl@ZhRVoqYl{46AH_NNb91LPZ#(=Fq<=!{<7Q(qgRMpeucXzLhDJ3T{E z9+G#>Ef{K~J-aqiDlNRrqYbnjn)i8*{(#|fhraL9*=gGxVG7teeS@zDmxx1Z|D>S= z^I|A6=I}|{Smr~w%PAE{3awV8e`HLq9LZt!cFs5F!{!^+VPVP>-M#>Z@xIsGeFmkf zH~Rlf(_84ghiRw$5A=2@-zgH?)s+Y2Is78RTLxusg2_W-nA6=)nP)d#St$J8Z!Jz_oOHAfzqw zc2o1Bx_^PC6zqlhB(Gl0Ih_P)WhW^rhl7Z8?f8Y3;KHd#Rz{6p+vAh7j(5dNkBZ0V zdE~@C>gYr{OD2hl;b8FA-*CrY4K|tq_U_8>;=P%MkFW_Q|iE#kNpDA@cf0*{CP zL?sh^3yS>a@p{8=I_G`}MCPbW!Q0+`t?|&O$%leMKeC496HN`=MAcjSX=z_J@VGENi2v*H{GcO%m}EFikPW)P_Hu37Ost#9h6 zL8WQEw;Onve&h5G2@q>t>6@E}E{^gF$Go)PZf;5@r{qI|L$lbfQ&4stLh((iLyPQb zKZK~*%_1N;L)Ac1!7ob*;2!-|zfkbI5JFPH)NpiPm3ZoG(ztp*(G|S)x!VOy zH}MtEo(5{dL44a_lCsDjCm2`8V0>$HD^zNkDi;X z%^AjQO4^MC0CZ1+R8s4uu>N5WHUL1vlE1wvl;eZxl&n37czec2k;=_mdh!c!Jqg5t zKlDTDgT9&4>X^YTH<*9W0)=HmsPp+}OPMN#w9K$Fz9cMN-}QKNdj0ZobRA3<1N|4K zRXeF=r!I^7@TK|M!N2?%wo4^6TnXfVj)~I^v5FFme*ZW*{W7w)4;M1`7iZlW87zh3 zNf$3QU*34n_|wr+$CqC$*GE#0b!8buts6tAsHYw^c4}O>fBWq2i=`dQU}#kwCg;w? zRnnMy1B>9%7t_Pw4`7IN4>NPdh$ErzZ(&yK)47sm93_~={;};N!xdMAOVQA*k4Mv@ z)at`|PRbLG4(3IlBGl;?_zcOtQG@-U;2vV419k2E)rqaV(BXVveYqlNdGJ%G@b3sD zE|KXL3MO?M34u9cWH73s(E|CQXIi$J??b`f5}ZmuPNFC{1h`8)Dr)7M87FEG zum-)Zg6a4iW!0SHEFNJ5#lD1;kg66{&wt<2h$S$O8i9Nz6o5lLTI^MLP;X2&y)w28 z`vq3pWkE07gopZ4e%WS{%tgnE4mF#hKeAn-{vkdTVJN@C#n|L(OV~W34sJvf_~>Oa zkx`_1J`)5RXJzged9KIQR*i|H2RpUM*Teh=MVR!GmfM z`-U?KUgoetv38v%(dvH@}~@*`0KcSd=8sNS4#}70JVX$I2&- z6)5)WMXr)7fE*M*-{~-K$8avIkq=bZ!QWT$6^sBpV7nQahvsY_ddd*yUotfpy zGae48{aTX}%ABh#jCj<~jvdzz)Ky{(>RT5l1 zvGDj0qlK44ueA3wt>T}4J80EA~=enJhii_-7MO25z zZz@&5e7)#qZcQf&nwi$dxe$gmk@egu_ip_Y_7JZQL%H+jZ4-bEb+lHW7wn7A=<%D1 z4+;t@?NU>8uee=z$9H*2eq(=F%Jba#O$I3T0bt|IgKX}{WSPro^AqTCgJAZs8J zeDEF}^i_dMzOxJJ-K;EX@*5KZrFZD$;4&vdvv(ws4~k9AQGAx<{lU&9P+Y*J$8f^N zCi{h!RN7J0@RfiV>>@zAqB{O~cFdfpoXt&$^mX<6HD`0$!v@IBj&JZ6I%$!tnHAvq z3Qw@EeLyp&#bP2tJpaDU)9#e7J0x6={f*V7ub`_Lu1R)BgvFJBur}$k=?9vj3Gcx) zt~2cSVAl7QuUElkzb_kqbswEcUiDtMnIPq~?5GVY%EXC%nHb7wTiCuT)!+5Krg&@T z!2%Q?9;C;gj~2uZaPwH8a6C+rF|_;gm?r~z;_L{3ALYifYl$8UkIUPo=J)#}O|D@i zH#yz<<}<3*E7aiaxmS8TIYuMkgS;)+9KP7wrGWp8zpdYB`VU{rh)Y0u7uxluPxeb3(-mn(*Lzi?(R9)OGb?$*uO5>TgTaP?g$%7aN; zs#P}Z!Q1$vU-_pmz6400DO~VTeNP&^4dK zkZAI$YKeUx`vqWN}Tn zM#Uwe^2d5scd;*1zNbJpTVs-G%#o~P7rE~VnoA56tc_xgtXe2{W4hzO_BOVo+ z=s}juHrZ+j^jx{uQ_{AJ8Bu3PYIrA>)|6ORf37t@dW}kvF}Uv+2C;F?kvZJl^HLg$ zi9Eqm&Bu=@%v&A7o{OoVxPT_i_T6TkjC8}{Cep!<$hWkL5%Gz)Sk0FUWR7Di&j%+* zvhZ}QZI z({-!jY!0b-hhMiVo!_Geg?;uhYRRDT?%5+eXk9bLnToMBmvMpeFe6pi79~B6h0u0! zC6L#=9VNsG+fyA%6b@Q`D?c6@FosaVtVQc8#r!DhMrV_EArOovzmQ+xeG8GWokVzn zzRK$VeS#Y5Fo{dl=i89*yts1MSwD|Gu@@=FPm{d85*6wte*Eo9X@SM zX7>|=^}+B*l7jVv0%C@D2Ix*~$TyWQMsv$N$d<0;dsFu9)l`6?Z@=|iWKJeCrs?;0 zVjGxP{w&50y?H|tO{zL=%@iFZe2!a#vW%c56wbPgcZtb}@SP$d$+;Jtf-1$?r!BkOhq z{E}N=Wg{4PSY@WeJBh9_gQz#8&j@~8e`T7$PAjQ;9@bcOLwsH?(bx?m#uBjtSy?7mb)c~UpGkYwQ&7;t zTOEwUwXYO+4&fuYpEl6%rJ6{_oun@eOBIW@K0xEcz~=3u9Q*PMTy#J>_&MGJ?ONIw z)qrNRa$BeT3u2cy9dh=v%;yV*fiRUjOWW(g)(ytK<0TFB%l+pycZc*)z!*z->l44< z(>FX!jZl*b4if|qgW!XREam@ger)qZG=OLJhlrPnt4@)rtFm8B^LNbbB9t-BlhB$D z#w>g=5j^yXpbOgzE;s!r5cmqw$Gw=@+>?)dYW$P_>I=Uf1_@!H_k}?yoMyb^z0j@J z#r8|k`Qelgb#eAYZeR2FHr!Lz@rqIIhZm6-D)Z#cWP>}u<&gnP&?8_3l(WJrNFbD zBL$j+*jRe7!}ZHXnqFOlq_3U;Q}TSluQC!?hD)ohV|bAHD(Y+l>E`8>f_)1ls&A^LFv6Oj zzb5yZcN(ZaL_B^Jz^@zj9K5Xq^@h%7XPpC*rMU6)XEBCYq2`4r|IIb#qx#una;xj) zCP9BOrnvEIkNto=jtUFk%JL&?8%~2)kNqAul7&S`rDjyl8avU$80wHI=t1}t$6qQ- zfN0}sQ0B!d6zSzm0(BD=yqnY6^ug5$i`h-8gLDz((Z*l&pXXoo9FhaCXBqa>Jfxfx zpGQPwMP+LI?gvQJ^n?&3#mV>i4vofk9$TVPg;c3xk<=)0c84sv*#G{JxVaAmW$teW z!r|_$3v+ppv9Q59+v^7yu<}hU47e2@QF(Wdh`R|Z5vG)x{9-aBF%Z{zR;QQ# zr}QXjWHy<=SS|~FRJKzG z50+waV%IpqV=6&&v4@rnx@i(kxYSkPIzFe{EBjz?GS0|X1}A6N4FSaE3T!-bh@;%qUrNw9S`KJd*Js1siC6v-#1<6R;jm1%IA z$2HxZk#m>Q+#(pBnTEr!geqg+yp2Zgq=ffMUQKJ02Ku}}fO-?Yl^2}&O71z@6aA)G z>NNA%SL?y_ITvI}(8@Wl>C_X5q+21EYga1bUyjD|&S$qmvP9sLnPp2{gh5{4YwslXI}|AC*<5hOZKvNqqO739f+D(J)| zjY#Xif^P^@bN%8rqoBWcKM@F7_@OYRPT*ourhYlbV^ z!;Za-uZM+yKRXKt-y*Vv7gxJ?GqeR!={fplFc_vMqLvftM#S|jA0!rLyfx-Hc31G4 zq6O?`_0g+2NGkBSA-ixY!u=%=k%vrBBEK^?DZgcC#;wV#k%8WPg}`z$yS$8R@3UVz zS6uDv6qMO=B#skqGZPplGmDG2ZQ4M-%;=kth9BMFESj)6`4~oD8yUN&`X;=3cbPA$x&imMU;~ zAqqKBlJkRx-|J{Auwh)x^3pm`vPv`9=Dpa(i}h^wV$)dA=1sVS6hvWA9VYT;s~75|o-4L!`(+Ijf{PZ*{IAhq$|= z`GbFzD*yef6TYfEA86t0!OpJ2RNPwMEj^%B)R}$#RDzVKJ|DFoS6+Su+DsbVCi#%b zdjMlB063ER1HTRl@S+^K>Iet!Gz1X{@U1rSF`^$6&*2s4$Zm8I1^M*@XWT|Q;)n1* zHsgO&5c_|Nm4Ty}9|fu#Z|#AMAS$^qOSau`PiE$dj6KBYR7_%pk)f6s*!>_qYZ>(E z`Eev8Ck)Naf=|}hjxX3C35)pxX#|~252FE+y6P{}NaqcYQX3su{{A~G>ub)aI!SC! z91Vy?68o1%Uz{MQddE>(!B_lvMK9aj3A_2G?&1BD{i^0=k6^y;d5PG@USi_aS|SHq zsa|hyrcD*3Ri9ogIN@H@b#2WvX#Np5Bae^cNQ^#YPdC%tI(Py7lKjyca zEhpPer?w=-gr!9&N*!-#RzA+DA?SfJ7@Bf>iH2{GRAiQ-TK5F&@K>%OjKL)OYid9* zN3?aX3$pb!AH&dCNIKDMz&h_Dy9Q zpWihsrx>OIh5(#){abAe{^Y~Zw67lK4r{-A^8HJ8^IoQN&9|`33BbhpVw``6uS)_* zHBGy3bl5KegzcjHYk_|gja@HxYm09Yp#OHsBKQGqV|*3f0R%`RbF|rjSz8KI-=a+*`^5-RagaQaP1;DZizJ@s8)FM^2}mNa0xAS z%I+qK7R?~2b%9oi8T zo2D?#Q4Xpflj^|yErclxxqLEY>_9(6b;h_sws46oW38lx_>>*na?aIu-)go%<%7@Z zogge)EzVYpT_F`$E`_u{`Vu0=#fp%#aU+Sc>!K!Ekr2j%nK~<=3k}kNi`i7H(Mj(C z-+hsvQ)hv6! znYozU8}hD;nhjSbfTXzb@?o!+7eL+VzQo?QL7-wjF*H&(aXDXGKa_|CJ_z$ko(}7j ztRNgL-iOcPLYN-gZ#w-YVkbwygzZ+4(&I2-QXi%(E79U&VSxvh2%%VCApE_|tBUiX zU^P2Q(CL|;L%C6h?hXEQwVh-I{HYXIp(Hb-JJA6PxC@{`IAu*Lw} zL56Aj$$}3~7NsVT+=g^v??-NKK5S9zMd1tj;XWKl1D0iO?~k1Jmg9qJdYrWc`3}(V%z+q!G{zsfTMW{cCrMOz?Vxs`Tg}uU% z@GDx(JZkmzrAUP++8E*FPH^SH<=|FSG-spQSVN~HkU*y?yXQAA3Y1H7MQn|+`W1~p zvt^%_&-ZDFqGeBSQTkf0obGfwSg3RuJ8SDt+{L$SdB?n5;w+h3;J4&>cNSr9%Ha1S zoGOA(?k!bkF7or!+gFwG5Q!yoR~e#_G7!T@i41P;}r`%x?p^WPcK^9Hr>{`h} zt=dO(cioTdA?C)PeR*`846g+>x4(6+#=3I4*-!R&QZ-=@qU66Zy@ohj;jontF-x59 zoCKw__iAPZ^&-8#O1G&0bc*V~T{NsfJ(7?-LTImTK;|*qnGF0%6TTf5NJCZBj&izr z{AWN#^lP$W6tDR(8^5Cl1?kTUQ`QCJ_hNQn&iI(6xd+k8Qg>31!)q-KUG|LCl?KbMue4ZMz@=%fpwK%>!RzuD65dMQ|qE<^IEuo$#;C9y3y{Y6?NNY=LV*~Y3bknU0i20Pu`P$HQ+|CB;O71A;M&cMr4r$B9 zX-^_fMp+-`q>&}ka&TT&wRCEKVFM~b3RdG+(Oi6@t@!@ZXa1*!n+o6G4#Ais6(Urw8JQBYB_s<8x>xer z&O|^lg+Y@IgW$FT5)4cI$n9-i+f_|D&l|x+ZC}(m+H|aaL)jMZ0f5gb1JhG5<}JZF z8cyGfaOKU|*4ekWsSk_X0RWTPBJC$+Z&;Su3URN2(m_u{cC$AkCH?W3Q*!AfZNxRy zyI}?HV!1!m%!JclyUJt-Gjp=~CA~+(7P(qcc24`jZfzAP$g1(ZMn2R(IzqZNa)i#y zoITz&-n-kM-$QiX%b~l5K<_?z>-4T^WvEJeBjV58cv|CXN}T0bi=k=JWLZ*^WT# z1)=uPpK>nTM&zt@pCRLytH@Bz9%r2+*MjJVDdq}L)NYg)-Ns@cqsy1hyKu>xqq`iV z4IKrecV|#{7+^ha2oHuVYlPZ-N7Qlde&%3mF5S~iu&f=-yVT1CguJoufa-dp#e-Sh zf_BI(Z)=x9LJA3i-duT*4~j4TRMME;|F+{9oQ%+kj*p~bSvt1M?utt4agFeDG7Y`T zZsi!6!|dY6qxlcVbsuqfeCX$AP^J0&1evt6Oqezc`=5zn5>}^*p`ZA{W+Pmg1STp_ z=qDBkquGSS-u~=@K-CD9Ig(bg;=meK<9%i^;{-+@TQJ6Kw(|FB4Bw%9htbD_>wcQg z^2Td+8ZsH~O0ewID4ERFgC_oZdx8ij1j!s0`zlWurvlkwugQOjXT4gd{;CECWf7n9 zeUB5R-J>bBF#k@mcZMIO79E6suo@XQ#xdU}52X+v=Y&gihm6vfTsAG`!W}fSh#V*Q zDGdX_SqPZc#0La<_)D(A&BXQI029?hlc;+~Q-W z_+nm{!BkYgRpJUaJp>*IOiOA3R8m;4=p?4%JWGUyXL9pr?pl!+zC`@ChIaOF09Z!M zVgE9F1{%E4m<~_Y?8~BEPw8uf(^Vg0K*^OTsH!wAcT(8S7FE)GM0A@= zwrOw1Pwua&pfx-3*5CHYU-7f_iL&HFxc!r;y*k%DX-j};+1Q^djlKlTh8qo-o*ckl z8^Kgp!uP1xD7RM}j)rCQbMh-q9%@2&=GXx_q~gOzvCsPoccLMgRJO6p39g466FBpt zczA4vt+}F?hB+@l60H}zc0o_28UE~aV-%jnI%c>bwqw{7B1Kboy>|DIoqBS~ zjj+V0a&SZg-hTCd3q=X9z4XoKa&8_9X|OF&O);Kg?^7O7?FYGtaVg~1J_MdC^Jy!6 zTE|k9w)L=EnpWQ+GsLJvb|_U|Mc}Gz%bLoO$AKwKa{G(ZdZz|U?Y9W@=2mDgn)ub# z#W5H;xl*H4+o9&d?_Fsq=5fE_<#Z#$@xly$<d z_JpQQT1r-5=c~n4Px>$Hk$9mNPdJc(I8*>HG6t<*nMD*62=ai({FxQm&PX=-DQOy8@rbqE26ECOaNo zMuRfO7jBYaM#8kqwaNAdL~#PE1@Rf(9MQYT4v$1XwhV=P7q|S3B7XTCV6a^>>4psK zNaHIRk8Y`G8v>4zZr0Yh=_d_t=UIIkF*_(cwivnq7FKEJ=Ul0=Oc2RNL=m0xh<&@X zc-|V1+!O-RZC6RGFrF3SVp|W)2Uq4>X(L3)Dr}7QPYJtJST_=2`QtzH<1&8 z$847~G-a8u?a!io?5hvwZ^NFc>wg`C+)DF6&CPk2>0J@`}Zk!JZ0&(DWNm(>~EB8L;yGGyGMyY593H>bLGpoAH^s2Y`O7pC_VM+5 z3(JWF?9MEAqq3%D6lq+C&(_+jU0RWdy`{}7l4R(z@FZ8M@fs9nP2p}F|hv1;v@`u!vm=Y7d1dv9v+lqip-A6g6FOo#-$K7!1lXfA1FDkxK@A#bs z)k>|@LW|(*JHG54N9d56Ou~Ey54n#rJZ3=|$6xh;SH1}f+ITZNCXGX1Z2TgEGGMjC z?nlQg6#?MfkcV(RvqL`n^1*3n7lDo^#vR%8p9~@#3o!9{HY@jjtT36Eq@=32)xjUY zHP%(ow;#Z-`}nfIU7n))XfB4XgJ6`9;k7CdZNd8+*}p_9|N zP#f7$wf)#Zxa|&$Wm_|P+^PC`5@#0Il10xYd7ak1#P!6{^mpOqJE+MW zC78liW@z~F0Yxb=y1FFk8XHYOlXkgs)}lfi;5m3+z+?O4Aoz`2LR4-IJ%>izjka#5 zh07%Ej1pX!UoD7{LtItKeeX9Sus$4f?v*^xk*8x4XTPD<{LJUR9pBXqn0(#*^5SL( zG`F;#QcekDd`?GjuQ(n&|E@_5Z4UuioGl!Y&PswN#}@AD040Ae7~u{Qh(eRcrD!Tg zq;~U(`?0|jfFc>Kv@~j|KV`crjgT^IUogsDj)H7N!hxb9qKj^<7CX}`>(gA0diNs* zw}lNqOkLiw&}-25ucqiqg0sCEQq+nqI>w=sQ}nHKP*)v+D?{=@6Kvyz{N>KYmfr`| zlVhKP8)xjL_siJUn@6}G>RIb!e)D%TR$j(UqV2#xQbaBXMMf9*vEU)elB?;XjOaZ% z*>;jGOEXwLc_xxM*FR?Jx0VPEGAtX^46xBJUPg=G0}KCBG3>Cu-L3@Iq>*l4h7RTb zaKqKWF{TWj2VBSvwa8CI+$*IKSVIEBdv;2;XTtK6|AKE*;xD5&+T(^=1d44Z+rt4J zjYL)FAIhbs+R|8Sez|cPhSu8F*_}H=C=;xoA8oH-QxN;#s%~m#Ct#eyeVr-NoFt7W zBp+X@P>T%V8R4YV=YBBdbSB~#lp-lQw!lynyrlbQSJPZRigqpi!Bu$J7mx`%ee+e5 zqCNTfSYgv)Rk|O6(A~Hz&{GhHxw9P*K2l0EZ88|@t7=(G#H_ZY@DFFp7YB5Fs?Bl! zqGNWC8vygpy|-U557f%ed%y4dYT%E!6tc`$KnBO!sFZ<`I7x;!-&B@6X`BA@!+!?< zS3fW=>4s|XaVkQgp+Q^+rY?gK%HMhU+00C3m^s3?Rf9(KvVr7F^pv7fRzq6}A(fgy?$_SlVN!iz!HUZXhPTM9MS93j ze=WA&#jl)!8Vb9oE8$&l*B8M)6j#|@JBj|MeFqg=0%I;k*{A3^x9PbG^8Kqs?go?@ zxG~;%;l|UZ>>Qj6WRJRx+AFZv6f08$49zp_Iok^FVEA|5jLqV&csKWM zY}m=E;boFCzN`Idwo~O@-dk;}eFR&x!E+)4-*+c8V3vf zT^vfvBL=RU2OEr;dZ&5`%L))b^4!#-r13zh;ShgDtaOZ5Us1qK7S_V*yuw6y)aIDsh4$H(KUYe@N2%)95UVcU_)iSner@hz_OCNHrW z3>8oIOi$bQ61U=Cs=wq#P6soO0+xB(szD79DR<+^NA7`1?lklAupps$e=!ox=lQi% zt;7yrB;mNC-ECFDN$yguYRC$hEU-hL1DzS`kYSE)ORt}ZAdjDo!=?ZyvWLQTC`e1Y zmZ5iel4}$1-4Djy=UuD9>y~--Ew*9f9Rls08l`QbKL6bMTZ%lk}VL;#xY_fx?t&4WtG<*#io9;zS+GpsF_kV!$ zd8)eDPPrH|;We9e*exEzYn$B9PrZQH49d!=Wm81(Q$%rNjL8k9`~tJow=|DG$B81< zl`wRAnTVrbkD3RMaNBEZz;t*t($jc`LqkK{b=&l&*{qeKH?0}duZyJ730(zmqX>1wp3y2>iX(U0N>TaE$ zhZyPZb~s`aAo%Bi{9{<$&kFC9k|K{He-dl?lAW&<*+Thhrs@?tDN~s6E)tLM=CH z1gELlgObLG$*-P?F#6>zmn4orhlZGD72f?0Y2dq>bhDK-kjCjgpRIZ_o(UQ+Q%Q3! zEb2)ZXz7bycMi*6ANOSUTuKve?&4fD^S#bI)aZzz%gKagPASa8h*74ru$+p8bb(pA z+pdluqm00}GW1(Wio91y|3v>!_sIc~)}!(+iaKHVO%+(>c!D*7Z>7YpX>GiOb$@2{ zO2>U+nrcwLC+tSM;TLWOvH<8-ye7uOhpOVUj0J&m8EB2n3P4bIz;MWZy^E=8V}8XX zD&d7;MYD+jX&Wu%jm4CYVmwdD1RZ!RYT*0H_ZmTIxsIi9Kl9TQ$)+hu{X;Yd$pbz4 zrsn}Dj`*@1niL^dG}-Ru%!8c?qF!_v1g#{UR;0j$D`z&pwY!7;!W(SoZ_-&!uJZa! z;q*W`+x3QIua*<2)vaSgxCUKh9G>NdrrbcUs*(fT?LP!`+$v24_bO!BI51vM_ETD{~{=hLsFi|R}JxuK)`_*wqC`XsE0 z1A+*QK1rb~7h0A7vKO*hnSER))EL1x0RFfa-uq=EGt0!%ZJLWyz+W74N63}U=kq6LP5 z2M3*ymG636+=`(pl2O$css(qex@B^XQdyu;Uh1yWU>N0yepNw`2kv}TW^CsEV~=+L zZq3rBBkRzD$367Azx&Ot^OFN$tBjl7sk9JfEtlcum#%Fw&#R8t%Xxw9DMQ+C^X@4c zhWfFIX-;SaXXVR&Uj(U3)t+g^$dBID)5?yt#A|1*02s}GJ2sc`5<*~L1SwOc6#vqS zm&~Gg85mUjJU|FPC(Pp4kE`1|Yy82|Flf%GsDvP?0TK}LyF z7REvnC#ZC?xTFaHS^BM9SuBvN0oDs-L`*7`fe|QvA7!z5tecpubP%(dKvQSxIh5!ntgHB$Zg7JeHy z$oWe6!FEf=5O9m^a&&Ls5m09-j4g^vmXrE!eI4EfN9UjrYFxSs!I@2pCxZ0&#%n^j zEZ9E*q)yc)x~3M2MNL-%UaK#t;4}Cfn znUFv>mQyB~P>xK2cwax8P8&TD9K&C#TP5J~U4K@^Uo}q!!j>>N;qido9@&C!Sy3Dz z7L(v^?Jl-^n}!5(&D69kcY_@c3}d}{w1o;fIq3Tn9E5SpXTdEM=%9USRLL?%grtiE zx$O8^CE#IjN#7BB^svqzqJf%DQP;E^Ct8@6IB(7x1M3)(%6Gzw7P~mNLV*u&t!1MO z9P+Udp^AP7-O<@s4qCLuZQiV!&&vHdZump82_TKrv6mOFwc)mo%j%!#g8|OEIDK;P zo#C&@Ac+!RzfGsb6#boFarNY*sv+N*{XpbBrLH56WH92$YjG^89g191V+g*9e%_Y+dxpV$x@>EP=BoQD~m4_s;MJTnPabnSR zL&oTGEU9w=o`a%9C9=;57SrRlbw%X6QM0Nn*& zG5FXCqYuP)8pXYUL@P?3*Bp&A7bkJGH*lj>q4CP3lt|SO|9(s#vv^jU>hNZ4ugY}JWgA5nw#hH zZ7cPX?1}byLF(1(FIv%7=mx16-RsGpGoFWB#fs-Qh06}hT)Pb$kG&)lj~!z|ebjhv z8d_9td(BXXahLF5WmvuumXs*Tq~&KgngsI-p}`)GmzxjouGk*ql0Z63Cck$NOk8NI zEo$Fw-`-?Z&f(PcYMCz?pY^eN81Io<_!c6yKJok`mSb-QPJOw?y_d+7W-LYd`?krb?l;^szcepC417 zARSF%@RMsBlbxVusi=AH_EPgr_JHP@T#q$kt3oy!6g~^#w0df|N{-#2iB3kPFgB89 zUeD=gpNFFX&F#{Fzb&2|{6FL*T!?h0mKlXNa_NKkb*f+Et2Qh9_7*|pdv>Pseth#L z8LY_T!zL^7+bJNxU_@|ekY%(wL%#taKCtr~{_QQkFUgNP)b<7}eslQ;P2Hr@8_DhU z;t-!1;=nUx<-Lh}^qR?<+Ne{3y@jy5=CyB}xD=cb~#%GVrOhPv_t)7vj zOn0-%gVgmnEmD!Q2ZKgyhO7-+hRu=^h$jdbe6gQ#5R{qR-@cigxm=*)p^Jyzlwmt#iM3_O4r{A1!IEl2&(h z_v|sp9Al_|d*h;_4@pgMU7n^%uj-K1!ImKBL|s1{E;CdTGjlnhXoFVLb?;#Tv9}kO zuZsFOp&ho%kD0JFORoKT$R~x}wQGQDJ3jrFgJNznt39Qd!YU?C~7O*&4(rQCPKIJ*a2gN zcGTS*|ChDfk{E&y&2UoA3NKDAup#Ir`|w*GHIIRGC=J2fK4IvICWr0F`o;( z-_x|hDZ#bwfj7KrW>iY{Mu5DOdCe@;13gG$Ch!OU>zd=|S*H*?0x<%gSZ(u{IotfE zbZj`>Q6=v?cHhS^;pBDA`wZuET6@8A8T{@hr3!nEkrV zpmSd)wxqi%GnP=f%Xyr0!l8Ari{r*TonbBRGa+N`X+h!pv>Nm9ILOw>qcbAbap*I9 z;h_sQ<90DflI;t(S$GP%cRXfp)!E8*8)h;9!~V~&04ogx?@+gFwv3Vtcb#I4Q@ILi z8VgAmr;C>I-6$Segd`>n9-h8QF$f%5`SM)E62PfBaFE3WRyp-(a1eX0NvUca&P@x8 z7RDVKn!^8yEIpl8Swx_r?8{nvlMB5{Dxs*1H3RC=mKXh@7D7yc*-P;Ma%M`Z6m6% z#L@oP^_9{{<&C8ftx~$bwlWUF6`WgYH>XbOu$pI*RFt|OAiAFL3s)=OkDGr*MKcqJ1*C4J_#h#HXE0Zdd%#nmaw-A|j!+O(WxYRykAl~;JGn3eV6vQccR{Hw z3g|ff?YJXk)1hRJ*fvY6wXnDZ3Pzn0k3j|;!$i}qu>nw0LSzzp8Pz2@_*pH`eqQy+ zR-b6?2L$s%3PlQbkHz* z+5#V-{06E|5nfo2E)13Yv9P?6VOZ+qkc_>7XMOlCpr)V`RE=jlHB~IxMT0oQ5mVVT zD9AoHx1rX#YJMvDmB44xJom!BW0qv{#+Z9@*|ti; z)`f3$Xne8;xe}dC?uMw_6$X&s0u2Vx1LcBK9yRzW>h-UMAPRr#ix73H*ZD5lT! zs@F8*U4D{(Z5a67e5aS-KS!z`5v(@^R4Bv-yp_y#E8|4&3-kn-;1BHPZE#WM4UxQ| zE2)bi44S! z=ja4IeIfp4iTL-WBcM#(pZDNu@Gmg#o0hQba?zar;ux4^0cMBp+}Gv`oS?foZEray zPZo6srBzkeQfaUn32?R~QDWvhB@K!_%GgAy<{7cQ*Sfz6#Q!}&*I@(S25g7*zB}Rd zTkV%$3V+|i$E?;YF0b+MAI;OwL5b~N8yIu&3Fm4reyPn1>bM0S=Zbi{(`POH3|3b@ zS8{8}&8vkCD}xrsTJtde_viS#c7OwTF2~mt&3t$$g@qMWnQIm#A-u@HfD*<8|EVyw za_7*#59hH>KJprJB`7C-5?)^U!!wfZoGFrIPBatuvEu9|SsN6u7BsA)*qyp>O&67==xYf2-(QZ#?A0 zeDYxt;rWEE+I;ekwJXP!72ot#48}Hu>EHG3zkOb6w3Bqu=7MNgppvkFFf13pix9``_P5Z*K#u)SeE$VRXFy=knZYC;F25Z*j2y2OKL0 zH?neV;^<4~`d`eH|NFGfu8{p=@wQ_PY(~U1e>KmC&Y;y7sCPwxJ-C|8(KM-}L{r1MHgpIkp6(du);2{QAtm zNd*75|5wKteBswVHm!wkgN^8?4R9=PaIqT4Tb;EgGPJMt{&hE&1T=ABe}gyvKmDw^ zRfdYH+hpGlE`wKv-Py z{9?$z1V&Qz!@!5nfEhW*F49K_$@n)nJzo+8yB1Qr0O6tgk7}Iw1W-O0Z{Qto{>-KG z%%$8dZ$%kG`*K- z+p`S|7sUHCt`rY&$Q!#`{5^(K=AznOWA(_5F_GB=f0KIouT@K5N7#8i7s?rB&X;=2 z1}EmfaFdcB?o*vddiVJi1r^vKW^4}5?|AL*#rPE+5V+0YaNF2Q)tG4Rr$_3|W-&PR zSRoIG_z3Pyt?$Zf9jwS)Pq)%!x(dQn0aI9(nTV*e&yFblR72bQNpPB2M^XWH zN~oDxOENv@q44bN1;9r?6QIF&nB!*{78W^gkHMTGmVTWpTu6lzhX~5*yznkNbM9X% z+ckzBsQfw{Q)4FfsJp}$LS1jK^KWlWOKmjyB%M^i2ZcQ#U)g5Nu&#b2gxcf*G{{$wD@msOx zEY{I4EYhTfq%pDu5?0*!!=azx^CS)r!367r~mMLOz1(l zD!h}ell-(@Qb#4x1HKJFh#%cQZFgIAsHhd+TZhRT>iQz^M?o6mNG9&@^kBqi5=%9d z1Tb~!Q~dnQ2!v?A2tx*(#F!`L#qso|E}Mk%jb=-D6ZQ9d{4!bFtK2Natp>qfC>xL( zR2h*U(vsOp(t$)|qGo!?dOkuZ9HQkSu*lRz06^`<;$%cWy%3DnkLifO8}|0=Cn2fX1h~`gP zqZ;}F7)+g^`XqKzwqpxZy2kL`jIo4b#R&$g2e^I=GlH7EGhEM^kWTRJ2U*p^EU*NCJ~VUnQ+q15 zHY)(|>s&Pvqe+@t=^Q&KTd?z2=`VA@MY+fuz`2#U0no=@kNHRM4BSVPm9u<`LTNtm zVBu=%;I6Q1L+_$^sVN)#^~1Z#Xg3PzJML~n;CUx%;9hHJ}=s^ z@zCk(AMQ){T zuY-lzCCBPdMRdo?KYZBpDuYIYd6gAMU~$X|C5rjf1Gh`D)uO1MrB32F#`5CPPlALw zOi~&e@+?Xvvz>op!w8^n_tnr-{>%sXKBB%-%wk zG_gA?Aw2onXKvd9H36H778r63<A%xBUescoMcx6kcI66&S;uiP#ZpJ3My|8yneO z`)K$ZV-HMU2Ifh=5a7hZ*{3}lRro^R{xT?&k<*e$HC}XVs>WWQ*HHn1ZpLNa!0SHx zlw-}%lk83FCirDbz?m`8nKAH7W>hgMm;01A!D)W_WnwXxuE}EjBdUV06UNYF7+KiS zK~T^FmSLS~93Re?`NK7Q9vo#`SNl`j^fw*E$&mF67&T%pI2BYq{nrN$D4-INz# zx7`ppy}boEeg}+^g~O5yoaaNa{NeFYp5XMiM%S?4Gc7RV9mS&)Jphal?kxQn>l2qY zF!fMkMDC-l(ht)GfgBbrV{Km?%atLR_5w$^70a@CmoGRlv$F9DRZRI(JSM13cgm(U zVI;b%NmFSwxEoXc9U(haS}7)o@NimXv`ij|mK9V+2TVOp3!!8`D?50OzCZlXhrS~m z>zR(0%}-h&`(|HaS*uZebVA}ZkVCu(t1y^H2Z44n6?--A+}?Whxv}sYX_NI~ny!|y zuzDR@We?bt70q>P9-Ipl54Q}~jFc+}XJ6Z0Ke6>IKSXw6T*p4j`@NbmDr?nI8c{MP zA_?wPvIG3Z#mGRXvBW|R&UA};&h8C%5??Qe<>9=~2bx7jQL&L`A~2P_Vz78>oM4QTs?uX)d1Ws9KDc;aqTfkt)Qjm}gu4Kq}h^@yJdT5129KqXhr-MW&wj zH5P)e2je+mB%e&&#mrj&7{y}hYeA`g8f_h*pnHLLzYACkTF`ReqbQr?W0FvfcJ{l+=N0k-xgx7 zb&|&hUiMuO5k!BslR7k6AEvRAELwIvH@zRGmIUAEx#DzAGBr|l;NmL=lB!Ln<9i0)iB@Mq+l`3?kGmeI>**r>G zAnZg31#Bzg#xXwVlXolcCMw$=oP;S8yRX0Q5unD5x@fgqYf+M#UTbx7wuL(|YV5+d zeVyBMEp=isRZt-8o5_cz&qVWQmU<$xvJo?J;-W^2|2UKeSjlyZ?iJ=8eBOS8sqDMg zfFzS!jY*5tP@7k^zlA4`swpE-4>7^qwG|Q2g^{DUFsaFDOTreX=>ROA#P9OLIvA4) zj+%?PtUjPM%*_FsgRxCGluN8m%r2%D7FVNOweS|UU{(u8;@l_Y_6sA_6i?qiZ0}(xgv)_FNC78) zC_;wg$EPR7_z@M0!?46?-lRWIZ_I%UB+^YbBay55#+R^LsxM5`Z{&GkZ&V zFEX>mJhh{H*O~YJHdtFqyaT;vC5T0E3R!k?xT-b_O$+L~3 zBz+(I6}KKbNFVl`G05in~P`=*Vv zW;z(_#LcY!W-1p6O*7(kvH;ZJ$`P^NtmtaQplZg_h#`~_`TFPO7dl6h7Yyu3Zg8RbhD!DXA>WN%&_Rp;+4ns2=mT;M_vBk=I3UaF1cx1Srn^|0~cSyd|b z^tp}q%U`bnB@rO|r%0{$jK+)Pu9l+u&CQR5&A19e=yrb|v%_LXRQT+MH3FP2`|a$q zuXMOeby>VN`1$WLUEGnXxmo zYIkF2C!UYc(Tr|HYsG=1=uEBSDooeY@-pvu5x-ISnk~%@RTR1KkH*Gw&a9TLabcB`JRwOg zXmVJ$IR$*usNf(L4LveQ&;!p5i_3Z&o8rjI#=RPN~296e}!(3FdO`_caLS_w#|~okn-@d)(>z6J`~HG-c+OZC~1m4z9YyQJ==X z9(jaKrQ>WFAp!z~Mq$}hl@DFq`JPo9R1P)4Teeo3^;t2lO{ci6+paePgbUwf;;z2H zw#_~v6m=y(kY4@#-cFysU=$w-rZ4B)<&-wmk}3~7>}X7G7At@=1A>7c$q&A;im@I}t74S;>tBqDEzGpk(y+|P`^ zgS?LRJH1c0VOj+8iABN-#;dQ02rg6nd?GiMnH&wHvT(jGM@jD5tw&M$H6w(zJ{RNr zQ)GOYf^piqbPo_+E}0>`YIcB&ftKnPjRT?_XIeDv@4G-tbVD_Hy@+O+Tnhrts4{vJ z2iR1a)QCb3f;WWk<}=>7j<`Z3{RyE0Z#s~Ha#R^n0)J*?4vc%q>q+7IZy4=OmBGQeTXVe*Q)9AqUWc1iPc*8#1@ zzLI5ko{Q2GC^2>!HLultZ=xJ=PHrtAsPeqm+pWKX3oeioaU(+C5TdlJ1ZNLF8s{z4 z0-`>``)~niXT^H1UHz$EBw^pr&;NK51`6}SsG0dHpE|yw>9_;`a-_&*6tV#~GtN#Z z@GJD5rtFdKM09!~LVcUymbSP?ogPQd4`Infc+Xdg^wr1<*ni8HQ78~pH;=!-x z=XLEbuLDw2=-9V?Z`5{4Q&h4fZMFDXTge;-Sn01-bGR;WT?zSP;wDutCV=-9MOmpy z4Kc%XB_g&a2&JC%xTf50k&?1$Qiu6J`PzD!GDdp}#|di*pTpJq#wLQEkbsk5hu2IYtOoz6W!})Js}yN$&&m>{~)Rt@;nfz z0u7cO+wlDk!`;k`5jiO)Bg%D-O9jQPMu6WUAcRC6`>A+BrK8XQ`gTic+v)#8I`H16;T_f!R`YB;_H(70-ys4g;at_i*)N6h0rEIe8 zBkR*l4i52!`=}T`v}ylyscDVxhQ!w0?T0e-y7d~jcjk8v zCVUoriqaXjOW^+O(s%mA@xt<5nowiFVA`hc6A&w;eT2C_(rPqCxGz1IgFgz9TJJpJkkJ`0jFMsMe3LZ}6iO z@W`2HbYFPs8c&BL3I)6eah=v-qnP*1FPhGj$dHlZ+sd^;MO zyo{5f#iDpvwExql! z6u?rd4InL&lw8~uM8b4nnWbxIAgUj200(VBXKerL}5Fy^k`&GEt0kM$Y zL*Ck8b8I8={pou?Hm=h0$)}hJq)U-IrQyPolk-FH%p$tp^;2rM45Q+kLl)P(Ux5Qh zcm>jSMBPR84Of_Po0=1CHJT`Spil@eO<3~lSfr*+u3#zWrc>NYr% zfRR9kX3V{)50NchMetd`*s11@rUmCtomyE7zu9Rp&oyZJ=~p~w0mM5DB5ecvD0>klrV&h9SP2jrxhq0s`4?#2Y^!PA@W%M}dX0ucnk?95KV6}FFY`&`jH zOgaqZ$MOL85s&Fd`WF}BnRv83I6t$rH@$LitR@HT%%3rP<6SW3F2Gs}pda)bzk*zz z@8;`jcxB>*aiBtE3!Gi5^C%^A-qTF;giEA^f8Vb7t%3w?wJ-yANgEpe1P9;c=D*_z zHWjXQ_OcXXI=|Kxm8JX^d~bOBo&77Eud?WZxz~8yEp;`dOFt!;5BsrqQ$&({r)edS zFh6r-;BuRj9anwo3DW4USG-&kGX}F&OfS$l}p z>_Mb+%tAz@89f$$)oXOgN(YTKh_-3mIiSvmOZM6_KE)3ATke|Zt!0MGT$PU=e=^k9 z;&nN&*sMaUAA2nm=bV2AYmlMqJbwkH>!$oc=IkI7iuk8|7o)O2`RamB)+G~;Y(_dw zUuz>VREYX8zDMFbAU`#5-S$mdrwvv}3orD$9_=VJiDygr)qr?$|53SR#t2tW&j3R*(!hjucC=}@Afo(n7uBx<@L$WM7=~I^NLzl@?oBi`>}QJ}*I+zU z+l%6T9}VYH*VqC}D1CDWUAJUf(v!SSg~eO3;r? z+pKKAtk2K++ptgqNuJxi8j*vep4ISF<9qn{s3|RhRo^mTT+FKh!Q{=$cyQPw9KL{5 zl$F@S9#12z1URD|@v;VP{h^I52=9)NKB4L!L#&mSAOKC#kD0g_$CJ{_6N5b6`$r~l zLL;w%ziaS2Qc@%>+|-wZuT+0vhG-5TT!2~3B;vUxL8uf5+p43;giX^ehn2;+Zj6JW zqQ@2i;vOyno@$K0TU-T*b+O`BsiS;tQBD4MSZx8RgEFuQKp&(CdmDr~tYm|0E0XQY z&90!LrbK;aYR~0Z4NYg$V{sc7qN~sVukp}4c#?pMDO$YkaF!?(#Pr^tQ>4lCkD6tags8#YA5aO~D z44L1r6oOi$R|?JcBv6=B3X_R$2l<(?ThX@~mQIXa&CtXf0wE*;VNGprA{d+e*7a_> zA*8ex&w1)IBWjuwEVPqlkz2{|BcbX4n3zmUczG6* zO3`P3f7>&4s|H*W)Y_6#mp^85%#Cq6WR`bCopyQkM#gz`eR2M$19tNdu<01O(T5)W)i0?dE;LKw)*}ErnmVmTuklF;|GQZ z<@N*;0%-0`4}?qIO>({(EI$C9*h@_83v7NrdbT%XPIB_Kz}a{t#qbIZN;i%(DxPzJ zB=+*eI{&@{Wg|f*==lWIF84|`Hj(g3TUR%9O!9^<^t(umJ&B$p{m&tXVx}Nt@(4{? zdTq8P!q1vpUH&TvjAPy~)kK=H^$q2i6OtAflt~oHjHqbY%6n~y8VI$!=l)CQ_BJ6L zZKsvO0e$E9yk;*G!b+!N@xFk2&{p9WOoHNXkNq*WrT40(-in(K;C1IB0L}XkLxB-) z*^JFsUcJX%YQ0IkcOyfz08R3c8HM4syq&W=(ynDRS7bI&m)(ZkD+kO}^}(kN4~wt{ zw*$5G0XIS4t0`}O?n&aHmJ;{V5s2Z#%b_cnlx<*GF_Zg;A(G=J%#zA%1UbCBIK%f? zvAE#xUU@>d3cPO#D_~}epS<5&r0lhYQ7qj~d(-WRyH{fpArARaCf|PuE)2BwrpDGR zF8Nh@(^Kcr=SF*n$ib)PBNYj*#i9rahBl2o(YX1TN9lD!bJ=MIT?{GNxoUAwSryWs z_lz8#Cm^7_^l_=hP{_<8siSRD442G4IuX~qCqC4Z=oba^fij+bO`Y2-RL=klD zaUzSCHLSuF!1;oIG5j4%HTAJL#L50Zx9rj&pADM2+xEO@=g3@C^*fm0x&x$Lrlq7r z*;$7R(<4{5{xCQ_r~#wemsKSS9mpmv8D$o{$Apq*c(YEx;xjjFy|48qDg#`H=A7*`lqUim`5cTu* zybE`dpOe7t&$n)A8~v;z6 z%=Q%G&uPq4RK>jM;>SLu!Z)}53Mk{t*xspG(1u=2ll{SkYi}88aE~+pEBq+DyhrUg zQy$Eos=;wIEG@8q)^tuKIjyD+17_nDSIGC=_+`6~p0K=7j%g)jh6-|ouBvY`yBWjo z-JQo4_LnG|N$KiTyr#K+kSRuzKS={2OT*jpEEmm^z_jqN4mSD)l`ST8s7ZIUt>Nan z7?>g1WL7RQDKu}DSXDZ?B!6oe&__{UJuC19v*A@#{eUK%8~_E4Y&;2NvLi!)|I^0+ z=Iy1d=`!q|t)|12eTe~4N$xqyMaSJdA};V6z1` zKmC1Ya^MglBpXW=?(zNQ%x3NCg&5wJE4Nt@F{%v4+vu15YSYEgSD`K_#Y%Yb#4(&# zhONa9nw|G7WI4&B^BLz|tX`WoU+YiZUvcl9Z#;T=#1oIMvDGL!ZjO+kk$|F5hUDyz-maTV#UCvj_B{3K!f)`E`S=-WLqN(+=gi>s;#R6~FZX6z6F`iQbiT=lB&Vm)h} zPx$#Aue@*fuc}LWI*~zCv0Hy|IDsQvveUv)f@(c*zY_?f!bSoXU@}(e>%--TuZZ0; zsT6@a84MFdyg1o=eqxfg~sr?ito{d~oT^iAra+icbg9l7uBRuc$)Z+$FEgTG?N@^W56l4oRcgph*Zkw|W|U zlu3Z#hR}uhic54%Kls`TYSA<$GGLl{GiWN`nCPz;m8#B-2K23WBwxaxZN?G$S%U%8@H#F&h%%gk$N+f=zA$l(A!^QwNPtu?a>!dsEH+t8i2L z60%j6_2);TZ#?42UG-cTzCWv~=-Ryy_XwjDknL4s2boOyV9aQ8ew(xF%4Te-%scU5_HHDKTZTtWm zp1Z|^^t0d*`ozG)4oiBmVhaFi-i4vKszl7z7f#?ksVPaYXam@*m<;`NzHK7 zZ9W0qducfE`9Q+F6ClT(sjXGlimr!?xW=qm0yQ$iG`GiO#<|OH>zw@mNq@Hpw4xi-7I80z4xl zJl&e=^CAViG6O}o_6tLb%3*5nEUhOmBsYUk7S%BK-voJaAe6jjyv7m5nI%R~*pSI8 za*aow469s%{H{d#TN&Z#OsUCAnR?$8g@y=VB7ZJR9+>ocwGI?+4MG`e5*7z0VyAsi zBo3De@9yPct9E{<`AmaJ^8r0Ls|hm}O8lrlqz&~=K9o3!V=#npbP7i`%&-KP3mAn^lW?8d>tJq8NMS8X4;3P~UJ?t`_C$$}ZOBpqV1 z+7H>1!#^*mbCABuA>kjvR2pK|&mFP^jeez4xv;j-hfpwC1mxO!Z;mkea*KYcgG!P= zJ7h^SJhGNlcg5FxG1&AVsj?OdV(<_+%qqNTDJ~*%83=jsephandiLDO6LYuI2aEld z%3SO;v?hV(Y>jEqMF?a6{Z7P0g#j8q7ddzFb5LF$d=~LsopM^jEb>&wKZ@(Vij@?yaL6~8rkSBlicP+^d}%Ou|EaJf{(&rHDqTWxB(%EAzp zBkCCJ2{#j{JHK&wAYv)y^h= zYe0h*%PSX59YU72g&;g%n(1MB!p8i>lSXW7@uOdLM8IGwpn)|&O%5TQPdpbP@Z6h^A zW;7#rU=)BDmPL+<$8q;^Xa;T$ZlM}Bidc$?N-bdqe;B@ky3fWynejt5UqOe*sQn&1 zN(p$BgzTM~(n4+e?(}dy*7|&-E7_+YkJ}$%E48OG$c+>rwtpl%UBOKeX#pk*Y#JD8 z+L2mB;S@93$Zulj2T9jS+aS#vImQou6SyC#dl0e7sRl7%5aC`BK^jdrn}eV`_v$J;38Tw6hCUbTrW!J`y@R8_BxR5eFYo3`>uS87 zW;BlAgru)3SM;5$GyR>~rojzQiWPl3$wxw(j?N%{7!8vk2*%GHW#i$M=;7=Y?KhS% zLS*IXYL?pt>yx*$E4+Ad71#C)&8SUz0hE~!^OP33Hm9Ls`mfTo=GH+9nvc>G+Sc=? z20;BA_!;Zq>B|_dn3D;FZ1HzDqD+VbkiGa(1E@f9<;H=}d%cJge{R1&C9t+-VthY-m<6i$D2|Z^($c z>LpFBM7l8G;ArS_QJ*qHCnPK~J!V>}RryG%9k6Y6nlObjzY3^&T2{XYWxBha;GNoJ zy_KhWwNA+)EYez~7x~WNnWNz*6>#0nPNOL0bl@=DtXX=_;kHgM&_M#J_?qQ_IZAr% zK@8V1*?s>MZs5=flbu8@v;Rix0(aAGf<%!*R+*HAxI(~JR_9QM8#AqUOCsaQ1mEa* z`|YDmZrjX&2uws@_?;RC4qw@rabFRVURhyo!Ij%EOFY3#vUasTpqaiE?SFmKTED<3 zpdKvRnxGHF4-Ox&0-eX<>|~`{K4e5mBQ$mC0!cEXpS$X?g*t?wz8>jI^2PHBUtoj` z`8_cEdQDoF%g=Nh>pV4Lv%S2=qwm6@v@SE`>g~GtnBt$!*QJ)c9Cs2~3|DaEtRGkZ zBFwE>N|N=~4wLEeT@)^Vz4Tn;pT#08l~h|yG#X1bZGH4}sN0Stb}?b&ozNhS2}JRU zrvqj3ecSe1_+XRzp0K9X|nZx4Yq`$5n7kId-o z@7qIE;s*_y9j-*aZ<#I+)5o8JA7}8malrDR@Mr}VCIFi#$CM{i%OMkY3Q9&~x5fuC z9~8JWbo(d~b4|qLP;(m7<|7pf#$q{2qJ8Er(;se(@K!bYeL~yPuR4&3X4dJ`s32k zeN`X1PqsplrqL0s_-nfX`5WEOKRa>Qxthr7iiXn!{NCh|Yt-U?<~KYn=Z#(B>cXsr zP7c6Ot|v?ktZ6R-!|oaT-Ox)+V_9I{U$4s^p2?mRT;7-zs5jqfd|%5BszF(sa<9$z zD4L);A9t<}w6mLvf|_l}th|FtEMmWzn4qtmUo)7NY^9-vMtMiH&*wgvn&h zG_WB$N{wGiDqyQ>&JUF3a?^K@mi4s?naRyOEN1B4-}DZ~iQ-dMpj0nf4Hd0~KcrE5 zMqSVFC7+IG1yEb1vi>a7mOms+P*V4Gr*h4r?VD}|jGJ_$^;{q9+!1WsU+B0kxz(%O zsbCxz54koqu$TPYDfidPD^$rB!1SN&B~ZNRXMFlbcC;p1g#w!$FqG9wgm8Me@Ai!^ zjZZ!&{}N~u9n_8&qP@|hO0ux+Y(s)YMYN8+{!V?ahZm+^>Nt1df#KG<=-<1KU=|p2 z`WK1kr1Kqv9}i~k%oC}~+Y!-jcZJiq0$KJOeb=kxS_3=!;&X)IY0f>*u_Gb&J>Ru^nd8%@-#OYE_EgXcQ5$IgL$2GEf`JT_8Ft{uN^&CVsqC|h z>U%S8h&lCEM5`}29}h>lIB(k-uHS*!)j{`B7empS9_)B_RxHHDLSww50EhGK!^Z*9 z{X#0eh9f~XRC}_(zH)wNKPdN)|BC0z5Y&F3hUeb!@>N9SfXfFa6LBC4>)y6~PQ__p zQ;RdwI7N6aPDO^OK40KOR^$YfKj@tgzN>=)0f(eO_Yh|{1jbgcP^&{NC!W^P5>XDO*Cggq?!9`SGJ6@%IHnRd>Dv=I5zWbv`cL5j5 zs^A0R#Ti5QM%uI;4E9qrLKfOn$dLUig^V=(jLtT0F?zHa>Grqs-a5C??r)-t=f~J{ z>~}L}C7^Zx(u`)yt&1Z>J3JH4BAbD@_w)dar20>Bf~OKHPkLKeVI;2x9F^%ML6ZhB zTBQW>#>~C!I*;OCnu=JrvS4rB{EI0`U_NY{HaGb~z~RLa6l3{@sopgAQ_GfbxsD{Z&^A0|2&Hg}x=4@u2KHgZ}V-E}gN zqW=F93DVtyfGI(@wdI9;K;Uu>BjJTHFJLIH7#%PxDXMWX`+}ULN-|cXyuo6(u*oDU z^;O7p0xq*-F2gvPh9)%Z<`85uChWTknczm_Kfil!t74)Bf|50D1Y)wk!(#PZjsJ zn&wYb3i~_P?bz(oR#KuM@=~7li(SNy1*p#6XDCl)jr;Hrc&+a!h-->xDIlv%TO35&g~Ikdm$otY2~xye7@gGm$COK6o_0!ii=x}AJQ|5n40oT zxX#A7Q0f1hn$gLJn$dk9m6E)dIJsxx$XrxwE3&g{)uRYpCYK`01GERl)7qnbU=v$N zV~DZL*P(Nad1~v6Iz~Oz)Oe=A zp6ux`6~G684fR&Xe&w=e9W&vGanb)SvvI?7V%TxlRswBU zOfPx-wzJgE1>yD8Ysv`!DZdGE=45qsS|n;U7|K?bvO(e!B%)aj(+eJ2`QDioYp*h8 z6tJdqx}x}6AD2X0(aT-P5{<4WGRK$hX;c++CEgD@5q%vQk^(z;(@@(>GI|FfTFdKLp^%r5Bg|`rXz!)h1;xc+U^oj)-9zH2d;__sx^0*(3keRm!$(vPIP z6K-ZMKYJ_ZP*}Zv347NpHY?Prc|E|He$?lV4GK=@o^v|ayX55l2?mRY(@n(F-V|Ow zFdj^j!do#L)l!;f+0U}or@}|Hp)O=MU|W|vXLkh@l!Sm6^|EkG=fQiZY581qI-kmv z33F1GW+J$%;^s6>hDSajBP!WV62mt)HZ}r)YhD@v|Irp=fajU^ebxY@<6#=P!|HM$ zf`TIgJp%{zAEy4!U&O8Pwq7mvEgb?nYXV!=oH^`VFh`W~)D~UMPPWz-`TvKquZ)VT z%hC=I+zIaP?(P;6pm2A0m*DQ2;4VRfySoK~yHmJR1oyAro_DR8?)f^a=U?6Od(OW5 z+_U#1!Y4^U1-i?9F$%9z8h1UYo4bl1GGEO2pxa$)eD6Meeu_m?}!7kds!5 z9mNx9lAX`E@+xXDWY|O4%f$~=S9zxM@SqwtPw5eiT{De1@A50Zv2Rag$7?465`@k? zv763$CDLD|ITbyjrqdoo*^nFV6tYm0!HxMP4zm(+#O!nM^*2QxBMdfK&+9D2*$3B{ zWlG$hCAv+(HQ?JA>Rmngn@c+pwdc>+_d|$qxm>}RBE$*H5+4_<*ZO5@Z)}BrudwW^ zTo~hFIl8(Bl<3FlKYlLbyIWq8_03{P)X|Mw7f>{r&9Ob5u&aaF7><{gl_>tTD+;?b z?N;En*4T|LwTH#~g`Y%6SU3(8^l;m=zrgF~1n%t-|)K_y@1y1`zH;MHPdCw1f*z z+hgf47ZbjXebJGPH*TOqFT`+}UvL_}6Rl-xrt-NFbcLTSbdzC+jNQx2Pr9b)0t_2c_bM+rQbNbnI)kDpml zuX~O0Ix493)+=R2vZD@iUy=PTwTNNcS$;5I#QX`@@lRwc(FRlduTu8a;$GiA;Co}H zGLk1U7#@5Nj4#AgX1h5eJ`JxefwcqM(Hs_b>o9*=d=~%rd#nG|QcI&Gm5Yq8r6tOC zT-XX4+W3U(S^r0r@xR21PdemwU@wH1$aLyM&a?hMP3gZ6(7)aWUQz}yBHv@M&6DCd zO+6vn{6_hw)BfLt?*H*j7bisRXZmnWMj+t@OKjF=#D6@RTh4G1MHqC@9en*y&W68* z{|~<@2qAZ#qB)lCB6h`sn!Wi)WX?Z*?N&5mgj9cLJClKrK?m&rVRr6k-j}BE*`@qo zS!0SB5&v?4QHJS$i%^>6yfkeY4)bf3N8YgQ!I3Q)KEyXd(s%^Rxl|QlX^bjC?-xp! z)uB(ve>5MC$%wK+KE64LBc`QiDTS+__r|L;k*F4_HeZ2K>eSS|A)ZrW+ zc3Z>zgnF2HAM%h__>drIFO2C1B?Q%kA`V~ajkaK`8A(GdFILw8Woaqy6kl0=aPTLj z@Bc_Hy7G_(dsq9~yK-0xJiK}Or}23aa6We_XqJ{qGj!4`^YcOFGZ?#O*e2fg0>7X% zs0G%H$M;bB^fv$ExPpQ`WT={iz)~bt??-75eVJ^PKB*fS*}nTK#LT&Zt-6nCv`S!+ zAg%b)HgI)DI2WPUh+;!N2Uy4+jFgZ8i2>)ZQ>L_9yv5+uAGN0RlcV1{5<{J5-_hpS zt%vPP(2j>o?dU_?V#i9OaZ<| zFK$js!TYLvPs)kOIU}V!F5Pz=gnXE0zp!AaqZjR$kUpl1`97W?*xi4I(^({;<$8^LnX7T34Hxys$ zQyduEMGz9x6EKBOhB~fSBTScU%w-5-uk8whhXP}yFBj66S2JHb2@=POfNUGss9h`VHI#YYz# zZh8NYjQ<*&1UJz8*UQ=LB{@YdgTtf6kx4atCUxOk6TzHD2NKruMWW^&=yosl6~!-3yr&(WD>U8nH79mS%HIZeBOj#Y+aI4h zpRbO5%t&V=<(DyznB`lg^}6AO`2v z+jI?=Q!Ftp6*H2Hjw}M1N}$o&r>Fe~?4DZD2yb%a%W!nfjxB|@6)wft8zVcG>Umd- zy*w^PAw?qYZlqx>WL&?**|EKpl^F2^p-6Bi?Bup1)6_E0b$_DEWxtl(dx2$3J|AY{ zry~f=sZabejDxQ0sy2ye!0_*BXakb>q{1`E6Rv^^n4l)V;S=_Ec)5na-1-E)u{{M_ z%!5CLg030lS3{9*i|@{S*6q88U)v-uPNEyHt{o3gMD?VgqDJun+7_ZkH`8Kx%?K@U z>560<5grvXMpm%&nerN>vJ9pwt>jiltma|-;>-4;=YgDARwcXTHk8mSe|MwR@Qkdh zq}8n`3xMVJY&g1*{U-&uNrygJvwbjO!%z~tn%fNff@+T3O~8q3>>b!5Mf)qyi9&(pdC&} zugvm|Fqg{^Q?*?FL*&SS1_D<8-8O~=aQH5?fBo~cYCc2AK!m*nRGj^U82pRd_n@$; zg@M5_ScMn6Lt8v=yNu_}b!AvuQ)O8%WTG zI02=G`8hxcg_Rkv)Fwq(P=mAQ&_w^4jS48cNGzi1M9fBwXtX>7pgkK#eQZJQ>@4*; z300iv5Nsod#b-9;vIu`u6q7HEDx;u*5-TRTi06&0ys#e7u0B5CCU%R))l6Dl2XDqD zv3S0cLX4XiBolyBAg%_`X;bnnMsRZ_!l+vB+h#19Aecr>1$x{~_WCH|sbZ>DRhG(# zB^%C0>Vx6?FM{Ye=TU~ApeL|z3gjKp6{bP0Q%DW@l@Hq!gT=vI3q9>1te@gsUZ(Ea zA&jzpFFY*0*@)uk7tEopMOZNWIrRKF&OmQHc_I4f=$ac_#Ms{b=%d9WjnMeef4}Z; z*^rWIH+tqv71u~;XJfcg;BAORhr^obzie&_53lBGXb0EynWIBaonQmIbj*Ph0Pn|C z$d2E;+#N2ZNa?9~JK&vPr<_{cqmaWkSlbh@^z8O?vkL@&fOLUKaLMtHL@x*TOVr>(7o(1uHK!-aI(ZUXX}sdf8SteiKI-m)s4&Y>P(y>MQb=Q zIaKT6zWr9jooB_1Tj4%UVLK6fKiF>+adjwRcdXR$P~JUKv00eY{siTtZ7RAkm<8u`KH%cC z_*57QWKtDfpXVU<_d1dOrNpqcpdY^yWb4y#!-_I>xjS_Uu;=-s&Jw5*4UNfwb+Q1> z%X1YIRQ!u-7{J&~1|2U#tO#99P_xr|cX^xxNq9Odc0>>^;=_~jsF$JSa*ZkcbPvZJ zKleGi$IL0dUx;UTXTQ~2HZuzJdVy+~YeT4B8Pf{|-v+c;6+1YGi~WW)BTTVEOYl?F zqw$IQyC}~2N~$xeb3_N3-X@{@By18>IbU$!q-bI1vSi2U&`w5C4gS`rhJb)!#5W2%3oL-$vW6xfU(;OtnBU>s_0JN^@3evs3y3;cpa?2 z5Igkj+VQ+V$5|STUeAlp!{l7Jhh|5+^a#&QRNa^p&4Le_0A+>}43EPepByW6$_)Ps zH<#1pRE%icwe$Tp1PByb_wxLu9n-zJ1%=v(rkT(;p%1M{!ZjWPag9qGT$Rm!LamBq z$;8qV$wY9}q5LiwV}nrv(saOv?;=f2;n4Q8rw z03$8HY)l!H>)pS_$TXaC-~oJrg67>2+gqws`a-8Vp|5IX3US^=0X^nMZQA|9{@V5f zHy1NbKX{TyqgVjPA+|NGRYmJI*<&L-w=%EoaGvI}_m&f1hH8bsZAxlb;=3!>F1Q`} zKekH$^0ReY=k2%hb)A<%kgU#JFHTo?{&rJ zy|Qt?rHs?ORyw`Hpvk%EaqF+~-$%45ee^z2EeBTJNxGI!g8H#?RPW|cjAi%a4xfF{ zumykDPm2VDMehakfi0nRrN-vty(aMnGRu}gP3)uad*I6i5^B%dJ@1;wg}D$UmKOqj#a*H}4JU5ruT0hafRxc+ z(g3aNcQ_)yKIQE^aK~EQdt!uKN`{g8oinc89`dhY6iU2buO?~NdM;%121}h>gBe%f z^iw5KD7u0qItiPr3P?p8P|c-b$jzpG zD)cfUo-C*P&VG=y(ahnn-Ufc(4Eta(WS1s@qk7c;%4^^XJ( zYJyA#0l=yWgj;i-;#vOJ&C1|7Ren84?{vb6i8weU$3RK;-$uSbiY(r+&iS*0p#ZT* z>bYr&z!R~wx!W2KHF1Yc)Uqih6Hfx%gqb^1n!^T87^+5>BaZxN>~XEIZb@iB+3$3q zpCdkN!QR}*)5#KdDwq%aR-iswDOJag)q;SCDhB?d8WZpL?+>@O$r*?1?K01GV>(tK znOylveq~n{=XoQu-zn#UUIuCN>OjcZeNQemtK3$8*#EwE)6+;!+BBu7trN7~2ceau z0E)Yol57#s9XG#D!cvJmXP#41uPyDy*>93N9b?ODOOCQ?Ya?X^b8lOyipt73~Pot2}NrnRt5W5KpMO>vrLBQRQP*LqzM-oGb4*Ol6rMg!h=mVJU&?yv*XJjUV$WIzTqC% z!hX@3>~f6Og+N81o-~jf{)Qo2WcmZ($%?$%Tx6tS4n=>qhR#ca$3yuoc+p ztrY1RGqzL1Ka~8at^wra^AQ{(t6t3^6hGvvZ81`KXAa2oSj!(dBU=nNJaZ=TL|G_c zErFvsfz5ZnlOFvl$*4HfTUm`)a;uTI!Whoai$vx}4A=0o@p7&GZC~Q``vd4_+|Mf` z55M6lpTjdr4=d)TQ(^mTjtl!w!xqEkN{Z~}$B)_?Y4L?m)ZKnpMx&sr65-MhI}+qy zr=bmRPw_N~Kc)K?Qxg{QwMGur?6E?B$QS^DO7h;yH7TE_p3`gK!2Mgq4LmUXZ=NpC zwP>q|;hFOm?USnG&2+zFWt~1^^)+=qX-ycrcj}-g#pjKRr~`|$Dp zT7Y?@`b9LszIVUGd~|t?v#I$)e#WigC){-}A>}Wm?qNK}P*!XJ843maNg3gretWR= zI%R^2!9{u?vttcONZ_L$&i+DPj32jhKz|%IOX$GhcHD`DGM$q*ARqNusWPB&0Z;q5 zQ%JSh^wF-34HK~6$O?19Evj^sLB2bGmlrmX=ArrCUWX`{YML0%F+t)aFU&v|4x2e6 z+SK59b6qR+w=;sJ3Kap+3w+%-Hc!9@=E$YV>(L6UM;J?_HdZ&)L=Iq_JZQC$Vt+E} z+!FE0R-IM~C4JN;P|EriKZ#;y_>|B1SPz9_L=1ECkx1zKv^cx1VDaCsy#eu26?V$_quvBs{Kl^?sI(KKD2=i1ZDLU996JT=@LW;9=^CSg~6AqXZ8U zHNA?q=(7D;Fqo>%gY#_i4NYQsIe(Nmjn*^MK0!<@(DldOQh0`(-6xo7;WY|ZQ`mpB zdHix6PkL}9u#FW#5cVI@p*ITkt2&2J& z6b99Khqz*gnhXK6a)1%Q<^f>YLd1F}PR=Li2++vk(JY`Xqs z^C;h#iuX##TO_;jYA&653x|1Fclkd$&;;&^wsT3&2fVKz`=Qry^S*W~0ds0RW<`~= zz~v=wOpleetX=IFIG_`lkP!2s#zo9A0TzRNJ+F|9eLs#qi&r&dwy4swEl3r+7V}mc z^_N~ZjK?6KgkDbEi+3C_ln}vP;NDoNjzllDs9~f6;;(jj$dL1S-IqY8VchN^*J{ZLuYB95bian;yrzdjj-C_KZ&wB>pT(-3 zl&M91LOteiaXbW&O=z#i0=Q6cEJ7%$j9$hWE;9*k0M|%GpQ4L=56>;dhXN5e0r>Y1 zL65U>fsgU=9SWv+0j2E_P!qxcK1=lNPX|uwaN>vfOeOeR;!`3{%Y)WT2+_v^@v( z>YyB-uM2zLp)FGsg3gpP-bAP%Cr0g0B~Q|XuJCN3z`HAc0GA~g{(zTLMX_kuRy8XH zroav>HZHYxwA#6(|4Fyg(G4N%$BLl6r#SVGPn`C?yTl#OeTp?^_q8{R&0A$u_8_~_ zf!=1}fjgdgatYZB;$@h_6e};f(M*0orEA!?aGw2#sY=`Y-pdi{!hmKExIUpIM-t1R z{3>jklXtUwZL9Rf0nHYqK|=GOXH(B{`z|9P{>00qeb(6K$SZm12QsuFyMno_7( z`cUo^q+S$)b0#CcgQATUuGxv`bLfePaxqM?>*yIHq2a>j{_@1t;nhN%J}zgO)ff?( zULaWEs9$Drm;aU8M_Rrw^h%(ik>ZJ$i8OBz9vZ5$)V_e=;6R-_Mg;dR!n5LS<4_mh z9Gr?p*UerGGpg#Usy(8%vk}z$`l`lcRSQE9omDcO_Trp~J04m>=qX4T(dQ%-h^Mm*N84m)wNXB_!2tJF!v| z_q1jA106znp52*L_ipxjcekQ+cXGWmy6(dHU2kOhjQOYb%l+v40b}}Fy5h{i9d6)7 z5|g=w18k%AM;^y;5_*BsT@**;@5JjoECV}{=Wy=$-X0m}Rkt|Xn(ACL2uzM{^E)YS z=#ItUoS#W_MnOr2`RXdMpsW%frA$95#0~X~s4Po~@qP$eWzq(ABr{V6E`K!YR-!NuCTb3X#W-B{@2G|`9+q2y8^BS zg8sf~xT39b%wMd^bnf}kM-QWIQM7O@iQkI)amSphoN4z=5X%*%EysjE;|)Gt`j;F} z&+{0bWzrK)ifXX5{Xi-$5k95ncj#-ylu!_o2P-QT3#^r;yK$JQAM9ZlMiWZw^X!VI zugwJraWzNP&953Mz5redB+%r-3X9anSu-&I#HJE>awp zOn|;gk#`=O=<%{RADnNqdwW&PXxq|YR%g?+bq_Ppuw#ny&FKa8V>;VQ+kQ$B#!HDM zi$3og&VMd1FR&A5Q+r$L{PA-o-n-#76poz!6LW>ehse^{kKQa9?L>w+n6Wf|J~TPs zv8=|{m@I$t#rnU#Vm;ej(iI$5iU z;W$3#h*Aw7Jw+>%g?|3LC{`kT9ra{%OrkR=@p-4jhE)yXh{RGxz7bl8-holK9jW{I zRojPWf{1tspYYjJ;Pqz3ufw-I9X}QTO$a7Ce7zzLX627&?kjdNdLbqiJUs(8Ir4E= zDAcL%UzS91A9PKY(IKw0V7sK~#diyGpt=ar()we)>0eI$O99}Y4!3+DjcZknJB=9E zz6&)gfl!Ewmb%?|a-POuJ*{^ySKOZuWZ~<)lR!w(1IW$H1IQe%aCqkubf;pJrbIY% zpPqkXTI3&cv+wuGUgi zV~-=CN-9k~HF+-rKdubdZ|aA@;=qzivzTV;d2)C(^&~VQ`afOB6sDNyZ3+f@DCBf6 z+1c1($&E26tuTkc582MGb_m_^zCKUJgMOsOo480rWzbQwV5=NCI0*34##-8(NV<(* zzX<49XH3s6gc6VT)fej5TW25^z5vFPsLVy}^#!!Gsk=M`ko2VK7rl&v)#)MpKs#(M zR;QPUZ!b>FaY-I}o-zhU9F{2=D*%T>X_cqlukSm3&2jm?tibJ~s5}G+<;V5yzrf;| zG*h!1fxm;43CC%rwWV;tB89GPU9L1V2LAL#MDcF>N2d7@fRY;^!rW=TW7E=No{p&Zez&9f4`9?sAIR9jR)%zQ(kdaSan}yx4)2 ztV*|E$a4oASDYkoRHr=<@9fyw2kQJVt`W8`KR>j#VvRqGL;N;Hjmd|f0g9UNZB zey_nFcr~S=_tsz7I6_CqC+~WYURtib2;3g5{?xYy%_Bxo^+Q}-O5|r=tvB+z+*58m z7?S7{`aK^MLV4P)viZ2T;SUNafMVkN3ut*lPNe$_`~3K6UE1r);pedt;Jic0rzId1 z^Yx3fDdxQV84=tAhIGTTzQSbD?7byp^i5cIA#T*w z0QZwO|5TzsB#DpLR@Pob+07&o-%|3byM9QHK84vg#W=?3NB(IQ8Q&=$qMk7wXUCdS zEIZ69>_}Bd)kxBB>4pXTJ9-DvR4P*|mdC?$WS3$HTepCrY-nHZ_e~`N5fhJcri6sq zpLXJMkzQRA9?eyTi2p9LHz8`C>Y-s`g@xApY;9^pUqc=7>du6fvv^uHPW|SJo`TQ(H|wsGs`5hoz%^H0>xmv6JkMr8QW{FRFUs zkh6VWVr)dgA4_pLkWWThWwVZKW?K{B)XWaqmK>xN<%Lm5gabW9UI?pwIKff4x1;Lg z6GOiRV8GygG=VV7gM=l1E&SSx42?LTg%`G^HJZ$&1Y`AMt>&@93-_ndgw?5_=p!g= zhUnJZQ5%(vGty+LGy9U$ik1B<;c^0jsU-Q8yDBpax$55(c~`B09yjDt?vjHx*S^E32?jbCNu`$=Pbt>4Q$P_X?( zu6r~lT(5_p>~z6!P{vAH0X8Q*SmqZZnIkj3KPjBqF>}q&v~Nv1Gs)|zCt|YAtjFKf z7Dc@37__7(o8;l%Cef*PYRN~zYdyNZZ)Ea3zWKa63(55D3F%i%>`;F#`;yk;ixS?o z0{!p?eR!u_xEarI&+v4_XpE}uvnPY!r9C`*+asClOA2pUUcnA1|1D*jjT5Y$$U9y} z%!lJbp=-yFV>fsFy|ptF8|u2?2;}Ee!vM89*$~jxm9>gL_Nn#&Y<4fi*5D)d$#)=G z6*Bve1|Kch(6n2=T@$G)B+44q@bmI^Nr`5G(mQal$MQmcCz9?`Tur$ZwXZIwp6}K_ zyM=8?#kK;yMkvpC#nYvzikMQ@Kf}2$PAz%S6126mGew~ySZ2UGF zclX(aqPqy25B6?{#QzI?{8X3U^-28Y`Kxo1%9hR9^As(oBfMTf?iY+b^KhwBFXJ@Lz_n^(t6 zFm#KEm=INPO!;?4P5fxEc-Hr1H(G_UA!e^)w2DSIM3gJ>(JZ)@^rvZeL8uaIf<%$M zXu2(-CGkxL#=J2!yUtRUU%mSxU7;dAfXL^z%RQ-Qi~GLRDxC?}K#ryct!k}VuCp3n zq<~J{C@MAx$9#G=OImTiA*<(0%+T6lT^Vow3?;{Bm5%h~IG<7OMeA&IbYj^`r4T9y zJIfD{8w+8`J>i(#h#};rtH;<>YPCHs!@JH8BXL zGhHzK!DvOu{p6Lz@V&taP08D?AHh|5yGhJ?wJ!ldAgPRLhg@IE= zCT)LvCVNMT6(uwNVR%^yEK?Zw+;rEBa~qU5r7n!aIWxt~rJRm2-w*Oq7(oFF1c z6L^$CqHvx+whm4rwIVmZZOn`F9bqHPvMBx@MiQ||E32?pDGX%410&^(6%#`dX4|Y9 zB2bG0c;=g!n9HOkf`P^!{gW18M-zNFPnFFRfi7=Y{kIpU`@PERhvUi?V;QP%W2J7P zNphN>NR>*rj?W<-I#IePP|3zt$06d9f<8|MsG6hVJf^3DrpmW$MILMd2IC-qY(%z@ zZNQ7QsV8Bj>}&-}yCN>S5X28`V?^NrUp4U+?AU&p-TQb@MUA$V1&!>+MwQGqj)uHg zFieRr|2(u8Q&FS3wP-9X9*pUF&5y1RU2%h3tO$|iIc&VOED?1Q^P}@BD<4x$y@i{NFh*8whdru1&U$jD_fSeb}$oioB7@`kxkHO}nBBA3;F2EmFO-H(% z^SA*0g#h&o9PP)~z3O6ac9l~dI~Fh;A>-;F2$6qx!?V~HaHDVs5IzpAR}Rg~+2Fyr z+9{~vkFc-%)TX2_mOc>MX9t4UiH9I^+v8RKcvqGDDw}~5esTa!J~|OmRRFmQCXCA7 z1($4w2>e=~oBiemxE;+?wMl59B&_w5I}GvLnzhBI|GA#16MF1^EKoU3VYtsI*g;O{ z;)9t4!E;THnC#Xlid^aOZl5_LQq3h8UF=PGW_%SAI_s$MQz}c3ybC1TtO5Km+s9L) z&fo?8!W6&bM5ZY5QvT;a^x+jxGhn==>itGQpgJv_O3u8`+&PL4G4)SNR-NOj-U-A6$_>;UAxD z+9O6g8Gs~5(f68)fS8pb`Fo=LnI05tUI6#qh`E!q#K3Ms-)CP?@qf;B$DMtYXN+)EzPq zmp0FS+LP2-pIx0PrcR$_NErt8vi5naHAeGXZ6G1_9_407}h8Wpk(Ad#6vd= zn|GC+rYfqS`^yKuBs{qFTU~lAYt(68<1GZ%W8kCl?Wq=K3(By#KS!JO?-~z9YUL|! zfCx~(GU9iO%Ohe-21Q?(7*tdN2JVc?7GBw2?7rtwM7RzMHQcMbs$my}H?zQFkF(eg zW-=?yTSS?uyu|zWw68p2lBc@kM0Km6{~?6(S<5bcZ{$LQoY#u^t8a3R4V{#qI|_=r zB8T6FBV+8X_*a2s6^HVHTcJHmRuz#&c*R^^l3zo9Bgv{?eSi5(MR>6;ZHjP`P}@3> zy1Kw44u7@~xNjTHbIywq^U9GG;?EV#!UWu^z>thv*%;?4!@iOFR}^eTXUJW-yDBZ~ zMH0%zdV#T((#FeCTAC8k6y%glmcrie9ZqRwyw2_)3|G^4EWoR$?kr@R?5}h#sFMS) zUM0qoNovGnMfJRf5yvXnn?1oUeeF_JUCkg03xpCM!ihX+-g$R8_&d=MlH}K_iD4Z@ zhavCl=NGB*QcI#YF{?y+AP#m|<^qdkl)z20usfuH%2EC6GsD~j(N`(Slf%=jTHA5* ziqD`B9Sy7rpAOUuEVuj#PI){m;QRu@mg`>n5n^_U0AwQyoMXxM{uxGT1AYtaBN;Ux z*ta}A9GaLsf}X?adPK`sa3zR)Rn4Sh6Ljql=1)zYAZ-5u{N9|J0^l zMeZG$7=&zEC)&w=Tc658XkCY{?WPC5MJYrx*ZBrTkdT_6Qyj8r%>;4|b8rpChs4m= z@#rpZNlD}R<7Lh4-C$NHMEn_%;ZLjdiL16buAP~l%+{#HL+6EqIKnut*0-&eCDlFn;lf*>VF@UX*LAu^Hhu}Sl^}CqwRwNHfaIgf`B;rTDY;h1j3?451Szb#pdx2h9J+|y=}bFpl~C9FG_E!x=!)>> z<;8M4+l|nAEPmT;aE~N-J=R{Uz!E5s?1SZ%9gpot1?zS8j?Wc;)G>z8&toYB^7w$y zUFUC=JoU0srS1dywFiADgrnl7%1mzn?Sk(cjVC)w>FNzWSQrm?W2EtBUSbkavzGX- zB4$|PBR;)1LzpUS&7)T7>BE#$+PFOL^Q*hh^%0$qCeJlLqIeCkx5)E8A0X+zzt!r^ zZLFh56ZK+()@aIyB7_0+-C;=O;`@$B8Ihwqa?f3^_xon(>pb^i=8lJb2%niBgQLTK zF~cgZj`S=V^}{8^-DbD^&*yPko}A`rH-F3Row6a?;0)P)IOspTj1dM?peJ{_ zy%C1T!xM86mfhm67Pf=E#nFFgXpK$FQD4_O{8Aj=STyK)`&6_9Js8Be;>f67i{}3# z7R2?*NqD z?jy?P-2EXoUe_%=U1ZQ_x`PVy5e2t6P$zx-h0ik-d&m1e3o7Owh>O_McL=>+C08XV z-^ns+HKO@@aUu}!6L!2kt#ilgwbVtKq9nkw43Ole1rr$mvi$t1|0>?0S>J%hFGq3E z=%a4z)8Y{DDe3i;qJ;cZMZX@u_H91C*2x09N#UOSQfi2_;o+UG)5YZZ&?Db#T2V59 ziU3}ZBh>kze^I)8pIvrw0s?`45u0#mh=>L>96vTJ(DvACGHu=QT*(S90SA0@J!~Iq zxgc&REzggsQtAEz&7wq=6$T$@K8AU)-B{8D?4Lu(+)tF+Ly0ea@O;pqgY&2(;0Vjl zN5DIJ>FcX0)>b|DAwspcmW%{im#JJ~Jr{s<{=ldLCpTk`^#-Cmf?VvjNblatBB(Ry zlA4`akIVJV?$})7!@`-}gD=U6eZzZvygD|L-_V|ItYid|rPn|9_Up=f ztX_`Y%{m4>T6o+p$|Wg(1w&oP8@!y>&4h3(suKjhXU zJvN`wx;I>hju)AdtQ+mA)4Xi}nSSpbUSH&&eOI-7%*PNy7=*VGJ9e65@jk`iNE@YV>1PLz4NZH4pCJPmC6$V6Nz2|PNlCy&hT@L3cvXOFVmb z@ht2xz{jPK__um^|CdGPw%5f1b<1I)VvP2(cx<pD1L%q{hzal8L+ipN)tPFoFNozji;{kbN*YfR`x!IWF zQ(sTevLbbi(V=8R(;~2^s?zhe`K^h0C^PNI;pAxh;Ey}Sc`$gHTV#;Db>+|!U!FM$LWH$dcgBBHXwS&DO1WGwJ{no znad+Ia{wz$GIYOjYMxp?=(l6r2nHtI$PoPD;wSg zb=&1eC|G|*S7|lK+BvNp&arxnN^~xFP;O=k17rsw(AojEjH?iA%jv(Drg;t!WB zgz6Sj--^6kW>$J$j$3&@Bw%rymkF-Ju9OiW@@{;nO>KzB&16 zqt%OUpEFP?Cehf}i1gNh2bF;vQqUHI_gQu(-iXIhh_p-Wss*>YVRt*VQ!3r_ok>D| zjGF<|n$fHz+5nyTnCCiX8^ht-W#7w#Zw9?!L0>mS-qzUzy95@q1-U7S+!u?{RlvHi z@7poM7f$hFR@zk_?x4|-_Gq@L>8PwZ=eem&1>IB%-Fl&yPBi>ol+G;Su^)&|#dWj$ zwTO5#eT}4?+;9*I&LaW@01drhleyb%WA12i`0RG<=|KKAbGon}j#JwmUHWbI9(fG~ zC~9_d!X{BS4yh(cLBY`zp;hRrudB-ta*yJas@6D7fq{P4_ySX!AB%QR+NWkXZoV|8 zsFj?UsV1O6RK+r?@tLZIb68 zT5QibH{;e;;IzV~`-^Yq;17AQrbmO0R9lc{nOvhhVR|=Wi1@*bDEjlBcxQtJ&_72r zh-%}-lGhEhy0Z@XB6W6LeN{)xV1ey&LUYR)S{iDDZEBIIck|5&*TG*uvOIbnT_pEU zpx6KId2Q7pM1(r;i?hgN%4MwHFNlXF2i0}>1VPqVu0wwJT1*yEcjy1K<6+GXSaMDeUYBs#jR>g0T=O`A>2MTEe(!cHz5?c|ucyLBc_?bVW-6lp z>4xiH_?5ab0ck6E5}rQO@@H59A>PFO#W=Zrz0Em2CyFe+cJ*bG9ClhHXZ_wX3^mOU z(Orn$Ise%}`~x8z_I{x64gT_+1^+6A7Sqx3M$)qewLszqwVn%BZ&IHhZI zKu{7b^Yc$~T>tcESjkC=3BNzv=XY`scYIO*m&yObp{@j^FI&HNXj z55W^vreiti{}3cqWPvVt8(G`F$k|-P^#6GfQ0m*;PmW+AaHc06;w7-b|Mw?-${?{L z2|*G4CgA3zLp6eAg*n>%1B~l5ElhWh?6XOs0s;u0Kc>9#pf<2a@>E+%DcNza_V0UTW?-E>P_=&<5ckZphOt~& zK4kwrkz4p!3AFE;X$3uXAX6p*eN~m{GVu#}=_nRk7^puBevAI@qg-pFhW}yi*}o|t zb{=J|3NGkv`bP@vrT%Fd2k)QUAh%y%#WZ2c;_uSr?=z+HgC=G_preb)#-K`#j!=ZX z5}!r_JYadF-W@fBe-DY)K~uNa3?=cq;9uidMdTprKHcfY9|Dd+M0 z)PemC*td>zo`w^@4e!ga0De^F8vVFkU!e|o{%fA@ixCbx(7SE<{O))AJtM2uGo`CG z{a=YU-j?m|b2BN}Hr3$A7uRIwvcjJWAi=i@1K^7&Bbp&mYb|i5srn)C3izkN?cw<> zDkwY7#*{Q;m;VNzIU^rG(B2j7;nxb$-R1LTL$J8zAd(iDE_UpI zi$}uzcPQ%mLb500_wua8`afTzJRePXR=~N3&>&ywQa6thkBW*=R(GMt+rjl#0G@ta zkTPFIAjD<&A$GqCq^#Y++TNe3cciL>KaM>UcL@9mR%94htuDIez-?k^Xh?f_wgvAi z%ShZN3>MT}1KL)JKb}v5p6jcD?G*9;ej%FXR){?yW-Q&MDqk^tt!)v&@35eL)C~sBA z_iVcG1lj=xYT>8b)|jfz1+9xnSBuYS51@a^V*hlwl}SyCaQVBjrKPoC=&X=x*gaO#M?-DkhL2Y1SZn7Bp8gyUm#7V_MVV#kMe7t#=i++_ zc`WCX6~OHLn|!ACe{tnOjhK$k9#WzSIDJ`QeVXLYEZVIE265DKUILSai6B9qX82yyh+y0LXP(A`{*8bx@*CuScG z*38($V_O*$HKC}C!)|$1bLp1zPi2>pZ^j+>V_!6j9mF|o8)+)m1<;cKxS#zwY9|DGH+k%>s*O1!xJRZdaf<^0= z74`#(${aqBf@oViNU3Zlhh_GnMqd!iSLF{goDEzXQ1B(8kI=S`;b0#guwgT%G_^y& z{-##F)(?d5Yd8J>p~U|NkOx+`2GCCRuND+#UQtmCo$f3e&aWhU+S4V|Iq(J^yxsC` zymnxyag%DUL2aeg!GsgT2Upjxg=ruO6|spBc^mjcOcKLpggIPCnbDWJ8p);;gv>`n zCSsgJ_{+?<`Zj@GeHcYhE#k5Ubzq|b)~xyM@lkaK#cY}lK-sj^pj3ZsR8;5tZaP9n z%&B+-PE=IEE|_LdZj;5guApX=RFk)~_Cs+{&-5}D@KQjY94XFuj$5#|B~o62>5 z5m9US9k9Edy@sh7uQJQs{Hg;;^Vdyn&pfSRB3)vQC(3!d2c7-hg~Z0C(EW+d@>2G4 z90S%^(s5y}>%8&v9#Ho1(Hl_X`{A{b3yQ?l!vHgJZJGpqI$yJk_WjtmPV`E*FmZlN zF79-%sWs)$U%^)Q_g8|1Oa)RFdf$RKu+gEt)Ec&!1d+xLhK%PcNF~9pW-?D`U3jiw z7EV*!`}ACr-cPy76zyH%;!EG4Hl)f*KnKnAK%ZHJHR+wmJ3#+(M&^24#hkC_!#Bp$ zpJ{?Hxuu$G&)LIZlgOSy`%@sI3DZ#fq>>aSn2-z)&o(l>=U`&cG&KZ;g7xZ<>dWO^P8I$Ku z|IX6&+j2YV|0C=xqvC3iZG*eJyIUZ*yCpb5g9i)l+PGT-f#B{E+}$C#1-FI}oW>jH zG4suxx%1{t-XDIj&RX4Ft4_(T+Pn67Ct2)zIEbNwjA2lEHrjP)qp<19^?xRs|L7cY zKjwGh{b9jp_tn%NIq`1O*wJxsW9)jN`pe`+#-H?d#4#~Z8pq|Z3#&=6%&icePj!I)UM+|o z6LE4eU$!v@p~_W1PZ>t|P;?=5chf+7VO<wJ>b;&)aYm`@1KrSDwgtrj^Ut97V&0f9HB=}r^s!V8jzr{u z(l?OGhz>`GUMxgiKOw)Tb$usG2`*~QoEO7`Imt;9lRv%RHn^CBp)#J5jUX#W+5TdK zfIjp0XUB^cR0Afm+OLNkm)xMi@cCFP^_=@W3gp9vlG*$Y$%CmwQ!u zYR9|EZ52Viyp@rlRV`3L__v)nM-o)I&A#Rwj^RmS6#Cy}Mt&*^%^P9E__Ai?c#oo< z9cXgxF@%oo2VF-fZlAf3dB68|{+O>BP>X}n2W~HR=lKxWxi?US4{OK9C$-)#XhhfY ziogc`W^d5aG{*R7Ca^38H^?L*v}6<;vV=IUdljAG=&;JW>CAqVG)z+D8=u_|_ccyo7{^e0ApeV$$pYokI2EYY%co zDMWM6Zm%Mu4J2-OhFA$nGpk}w+g3+ZwM6*iO>fwj%V-)ibn$z6GZks9l!f#o#Z%JKf^JD{JU24IJuVXF<-Slnbe{{nI8(0C5L=&q@XSfcjt%eH`^(FaaBirJhs>Q zt|_|aWZ9}5Ev*St6ih!%5|_H_fh1YIo% zt-2-OAI%KD`!$r?iebm&#_wDFN)XmlTV8orXTTg@ULed-g#1IGcV0sy=5(&H)ULoV zJ$Q~A-kg!z%&gW)4OVl(J(GVSWS0IbpDMsljgndvzkaWTdTul9UTToh?m%j%CB3ms zCc5UcJ2uy#AouYL=G3wMP;HnYH}ddik(_=>;PYB=dKf$Re(5LH6z-QbBS+tWSDWOx zK(+ao^*>>KC5)6d!upV0QnPDJ7T2inbS$Rf~DSr>j?Z0f!T+ z=$@+3_WIb-(n^$%WLoko(dS2eK;toxcc%5egh;ZO!^uU_LlyjrV-C~smb;)a@BWN3 zL_SSwwhzoVA~u zzj3mBRkImJJ22MnblBPN>7q|0T6HMh2-(;SS7s4`C6M1^lZ78tMQG}9#>e~qw4c?= z3)bdJxE1+>U$Hv&BS)A!AM!ALm7>L$`plQ#Tt*D`b%m!OuabM;t3p*`h zuXVeV+Z$yE<9W@DASFvtr>E_>>wVv6Wa=3L8srUt_;Y_g3{SMwUBtElp389~sZ2 z-1w_m?n#2Cwjm&{U_Jv?y<2MPhShJ%=|8^_{ZuSJ$}o+43Q}h*mAILn#vHdG$xKS~ zWs5G0Bp(%23$>e1X&d@nRL;^b;evHN*);Q1ezC=*xo`Kj^;i7ZE@H0WPJRLyN)q4G zN}e$4x7-Y15>4u-0I9I_uzzuIlZ;4@To|`_XOF&+kmE07k~1quNkh}vl$j)(k=fzA0m(y+2&Ly`sIEG=JrXfs+W&om_~FwMbRY(d@iu=%5?}= zj*eWo861p-gT-|dRg}FBrHEmh?$&HbKFT>T896TS%EJDcD;bSjUX&9$^e3h16C=nb5! zhl!j=V19Wc9Rf!sTS4xziIywY4k~7*Pm%_Js23>t`QhuouE%S9{AyN0tfnhe7XBj{ zeMWY9+T8NIUi)yyl87ypy^{5D`AybLER=)ZEh_t>Abh#|j=S1I+gnXw4EYF+iubhA zz9_q|!FhbOdQm`5BG=Rb6xM?Dreo{{l_^Z!oB5&rrN_A*6qC3S&DV zpcxWTM$6Jh>}WiO@B1=5wR7sw9SZJJ4aZ4_saZ)vRG1vBlLHSrjNO__N{xp_EsvlhiaatGAz+Zu^OA@bFKMacmUX1JWRD#s6T`69{ZnKSBvc$uq$ z#tBmiU=_}F>@I)D1K@EH{1OE2_J*e5Z2?gf%P510g}GFML$T)gC{5l=tjJe-Un%&$ z%)l)*(Bd6Lszt=2l0np^DvH&AbN`xgE}s($I#^D(>4_@;YI!znxzQuly%FreJidQ( z9&Gdpbr$9KPE|O#zq;Ft`q)WS(*?m%Mi``>$bCAw*hdb>BW$m}S|dVPICdAVA2 zi*@6AwfI1>Ca9MhCY)9xrwCxa_{mZyU&u3Qi1Daac3llhqYRb?2}W7`@UgS$G>K->sk&J-0^_s4>{?Gi9K^EEKQs^BX?}jML7mO{1aro2wBHn~4#RHBhOp*SBLY zSyJsA$}&4%f2!*KM)HMnlKzYv6!bG5xs$d;N7~VB#9Y?MgGM!Jh3C_JGC1|zVZLUAV7R6ms?KbE+7|ad z9VHXL6Dzr7tR~hwq3di2{qgzkbugA3yyTrv5PT>-Zln|N;4sl|cbSi=4DOD@S*Ui4 zJNN!8@V}!s4*6j!<3It|QAW_fD}bNy?AMasUZ-lY`jwlc;@f0zG2DEWv;xtv91xU7 z&>Ytewl5F^4{y+;xN7{|Y(nodAs45B>k7Ae3FOA#jUl_d?l7r?ph$jsJ-|n>I&EGO zeo2i}`}x4O(kMOp8jiT|-Zk&;7^|b>1o7E#5;6E`#k2&m5e~DHK;vd_)O3%+iU+$&l{d`>m;~m!1c2XEafO<6vN=SAb`076Heg^?Za}e zP1SIAv)EAe%RQ*&;ne-{xV3xz?oDmW`K57cMla=-4&Apyrb6N7(C)~J?Cx5M~!hCXwv8z9{ca5qvIt~ z1Ohz#mLsaEl~u%Of+7{IZcBoTH55)v~43 zh%>lSEv|&1l_7DMuyE=FDcpTo#AKBcTb|gE8xbyersU{Yj*-D_b1xk{MZf?9nyG6g zSKU<+gn1urK%gnrmY%e_a^U6hiCeL4yylJxM3Nh%O62#ukD71u*KeA?MXx{={T`Y` zN+);p?8l8APlyL_ivUfNivt#MWeJP0 zm*ol#I#qHNBX0$b?1QoUVe+sQ^Yn#gWEVgQE~bf}JzJNjW?&t_*qu zSKcFiT3Kvg&>(O`KQZ?DNWE4y`aOK7nSXtxU~E}YRp6S(1B1I~740YBj7fJj+a8XY*CsTnz8MFM)GJ>=y5K|ZH_i(vMi zPF>v89A_-}qM`D}qcb3|YEYwMJ02fq+69^>8v40QZ;eZci0QfOtiZW}_bbuKRW+a4 z*xZ!;{blywU20gN<7E|nTq=UGy{goi zy-@PJh>X2m^x2LleckpdxCs5C#kJsj&G|S7aLrL6SBCLuTQ5D~>a#7Gw@W6b!b;Gg ztlW#$e4x?Eh)&Mn-By{}h~jC5LQK2*Y3#|0zpo^iS$Q11&Ka`RvD@;}m3+InYK?kT zt%*9=4m)?VH$FOqV`LB#n-Cb0p^!3Vyb6L+1WWn!^#`t0YU0w%nE1s|n1*E2{ZIP- z3uFF|zvB@Bw3PBs4H=5|9@p=4m4Ebi(1k92!iBazNnSXg8-1HFQ7_kQVj zJ~t0FJn@Vb^gf?+3z;J9J-q326n`nLC?YztgrXKPJ^>PVs<&YB~_1>RIZr^*&#~U4w$$8*U+p?g*y`w63XuI-|%LgILI5v`^sB67c zHL^N`&!S@kc)2mL=ACH-nUT|oh;&4sH|pc{!hX&4Yc=U;HM10Ik>{yWN8fc5-$R~R*SI){@0ip*ZJo=%YzLGT;F&X&I~M1xWT@)mVC@FA zm+Hj~eh$KbyDjJs!opL899j`e;l~D^LXKn&SqO?%TRjB4G5GSj!o7n~m`%N@V~+pc z;=Mra6Q|cgj=+*Ao&~-VRDerNKmfmk}ZrCxTN#LFd=T<^q0O`Mh;ZJQSlI&0cr+5 zGMP&kM-%{r=s~oR8;0e#EX@yx2=bbG(;m>!*7!L3KRTrUaJj$gN#9dA+AcpRmG`BU zrIYO8QpBjC6xZajC~}G)2%YE55>l|jkLOcCDfEO1>Iff&?S_8f(A`??A=y?ON>$wT zb$rI!WyY8Vo@K$4P(SU)KU84i%8GH9&>Ao7-|TnSDl(9|l{ltSL-7)Ly*@T+PXHhE zgjuXf$;AcD#MDPfeINr+z>{s@Tg)w7M$M9sZZReyR{217*0sPH!C1Y@^D8KCGbL!5 z`!oVmnofq=_3GoT|3N<`7LEc_fGI%qg)!PZVRoD9Ln zsberE?LLCw)Xn`cZ+*Qgct!wmH2{aY6`N`W@fSSj5ij{$4V$l&6t`+&&L2{V&l?PjJvuRI!)7O1yNTqKvt;VuVMA%ot^It* zxx|{u$p_c*{oe3u`q`i%YFs-Mvn_njVun!m^dXWn@JjVnlZE(8S+g4oGn%`n&AnIF0q1N4&fX+^BvGzg*zU0by`( z_S)sgdrA{6(rxHqtSYnsS(2!h*YHUdUJKSJQyY;-l_M3&%q8N=TeK|!t51@6ZeLFS z3FzIb$BDnaEz8zY-JBE+r||YU-p@141&|+ZidYThuA`fEqlw%eFl6WWfoBC#7s6p&ss}!*Pl@uE=cE(t?`V2Cb zj=B9-QaQS}SOy>DWQJviD=x`}k^{lE5=uzd3hT~@;H+cW+W4U%l)tJvG&V}<9@9 zW<6;PU}zg-`@@z*hyHA2ohT@>DosBmw|UG&LPG}aux)>12m2yFOEdDb<8k)t2MFXa z$~(z^H4gI1JN~eDrG0XX-w+!=l(z*jNO|DC9jAS5PsTt@3hG? z4vxLd`(~`&3Hli4@wE>iwttLI|DSQDXHP{Ow=nWbIwUl|pD5N3GU%=D|BRjq{9l^l z#Tt|r=YqB?HK-~a`B%@A{hs%h;b%8LCQ(M0!}oq0FP~JL9ed}sx1)y}y{^o3c%eGX z_51&S^6ICo03FZ~N@NIEg|wt0*FRS0|!}y@r!K5 zhT84u?-cyuN4+`>Ev5Gb#q$p{ULwbuFPJBQ$FD~Wv%ix6`Lq6QN8tY@GAYUf z<>cW(fC^7TI616c`v7 zLgH=b-@;V?-|zX)2kc3qocy~ZgV*^c@3s^E>8<}a+V&rzBL*=7@XLARfDS*J=npEy z|6wD0LMSzNi3A4j5sFBlujDFvOkxsv%b zSVV;(6q#=!Y10cPLFOYc5HxpE;ZOhLnSmMFJup}zj7)OU9r(ol-o~@Dz-(T!6$A%E z98u^0dFtOS{Wqr$oKhA~6!QnoDH_4G-4E7$DiPD9pUQ}B?|yva_cEZkmRLEUngTV! zCVK^Nw_j}7)6e!q6!Y~J$!?>=OY=j2)z=Q*;DH_Hv5VFI7f(KLN;04v=1z8}*Fh}I z-^&(iK`t6pUfPE=XUU1b!SDw#bAp}n+ug0WD_P1rNXTbO9yWxd*`SU+W^Mue`njM4 zEa#m}L7*^VcFV3#22Lz&BdMYrCAJH84Yx!L<}Xt~Npv{k<= zR=-79SA!CwyE*t_lE2K`LJj4n$$F7e-NQEX#_gqLfO;PHpzoAmYD>q3La^HE=#d^j zm2oSO6xp0R+w&evI2DY7OVP{H?L*M*V8Qg?J>iwUdj&^JwX$DAXNu)r>ffw{63&n+&4G`>9Jvg)-%Ku2u)4spEKRyihU2j&8oJj0^wC9++mG+aP+&$@-IPc; zFDgXt1GQQRuJV=I*m#;*ck#}z8S_*K7B}z}lv#<{tDuee_-4fQvRZGAM*M`G=_G?-;*Iz*n(a3Nd^8xb9>)=GcS(lNR$=x~3MOAM?xU#0 zc#v%msM|lpqdf?#mY)Iz<*ORuNjT<8_Q+D43xbLrWy%zJBNUf46ZlPQ=8I0XCc8J57WPUzEuPD;`!Ho6H?$$xJPFL2=c-ct&Hz z4;QtI=SR&d+bRtA)!sST0jdKPCX{Q+m}?VIu#?r06#!mJ*8vQA4uSS9FBX1uE^-kfBLerM#xEoVE1Jag=r-n3q-BceK$Lb z-3*l@4CaNZ_-$_NW{*4DHwEmS-wdAB_{i^DgD%(3;0JRizc1fdfBt&cFM+~T_VS?q z_Q)pL3cIU4=C}tYPr(P1*WVmQt9bUoX37L26nRaS{<%iu+K5uHl zc<&OkGAa(vJ~D>P`q0+&t;~kpo$y+<GH}G zey2*LA|?8m=g;iULY&66J*PVuULT0H27csT?5lm8i=F+lqoZ>2>n^(Hixd5Cxb_*B z4upjFDW)fXV|=PWT}z`S(i|YTv7Nj>0#X`bv3}3mFE-LE%WCvMLR~aHZHryX#EH^9 z&xVC^(%=9spxIj*ZMi3lj~rr?4adozX?j_x{uUH zMY@K9V4%oo4*aqUGc5(tmg|)cH%p+V0Z}it*!%Ni5NYKnYFxQZjE)A(NY`yV4Y5x3 zvR-fMJYlYFhIE7NWlLNTIsbBMD`t|`DENkHX zE-A^RAlZ;qQEa(ygZ zrQhZkJc4G4a{1759o8&_rzxx7Vt8yeV`d=F)dVcO$63HRT{km33+}TGnlP4y6p|zl z8^s13-+6j!K%M4+sZeIk;)x5=u0%{9pETlni|OaJn)7D4d`bJHd|38|X;v4Jq{@&u zn_2te+vKV;$-8u+f?7Kf$fQN?QCIc}yIdE2ZS_*)=yW+p3a@3m zho$ErIXZUyfN(^~ph6foZwA}R1P*b@9wAm7;6_3;9g`^LQJZ5bc?(W9iYriwlxmAC zAQ@6QkiHCxAmq-y8*h1Dex8w^njF|6nT!O5%Bbt%N>I#;by_=tQ z3W1|Ev>#x)M_&@-KWA#Ib#Veq+8V}(-KEXQM-zz>)b_Pb!&CE%L!}Ks0Z<@k*^x)- z&41uVIKCc%nU7g3vEzN0&bVcRANq-FOQcO9XUj2!zStBH#o@d5imMbHHzKd=6xYRD z^9qR||4_uJl!g0k&p2@W7Rz@(e6>7^H;E6@i)a>Blqk;&cmvl1TAgc4Pb{<-T;~iaK$1=q8mP z->Y(v-+eR?`Tb*QHuKhZ)Bssf;OAW6!clPw8oS<AtQkLu$}{#zD-%FsljyB5bs@t!iIL(WgDg zsZf~Mx0~K=a=>D;60P4q=-)^og=WudsK^VlRN}0`Vj{OcojQoz8ogb|DW@4;4YO}j z4tn@az1A#B;bDP5wKNkORmZEzjk?LViiX|-Eg7Fc8hV9Eu%5H;r)?=NwtgWC#_u;v zJ?eB2j5U=mVlX2&mtmOcEGlXvOGXpC;x9Uz`I3-Gj`XsD@4Zxo;YJTxdSYZ3p=e$g z#eh^rNZ`ljg$=1Hn3bl#g=gzC0Ju`{)YZO$fm6jFDE-k7-{ z0K}{Z1we)??{z0kDQ-sqxmT)%YfE9l=CS;K<>=%iX3=PbNk zo?cWwiirzc;F$yPaVrKN|5E*2dcXe=P7aSEqRQwCl_wCK3%m9zx)u2hGtI+o#sSw6 z3eC0$v!Q-3CN{3049t}G_FpVCuBQ+gPazC;yKFe4aFs|%42xv*d$o7 z~2 zN@Nk5WmJY^<)}E(cK?`Tj}Vm0_CCT@A8p7j|Fqj7VN+)-O84!N=%bw_8*6Q3L@c6I z`6x`ICJ+*R{T2;T%p1l%n&^74qy_+H>S({j-4K|GHSOeB_#RP|lZaN@F5QzMIURqu zyUk+6+EXm>rPNzr&D&SV?>ZyvcFsrcd~}lQSa>dW^37-^^0l0_CgUSOI$kq*hm~ka zj(X!&`j7e^WEl5(G%+qJ&w2CpVx#vF@8hA0(D~Xob<#zzEvX_Sm*6DL@}B|eRidO7 zM-(XO5bg!guNjcp8M&MQ+#BqJRHkSF)9QBxZnRPpY}f@#`GXf9kX5A>w+h3FnbEoPQsThA*?iY_ zDY7OzWS445)Pv$?JR5fpCYfAbJ?Hk%$A53QZ7@~CsMzSBFYEfSSc|7-1C=ucRin4P zVPu(=jrwIdx<_vVn&lTmM%{7rD%D}{Ss1z=e<5BG_2t?io+dnG$?eQYjmCmPfj?E^p8q4=+AxJ_eO&Bgt$^W;_a!78fo5_T+G&E__paMxCu=UtiX6!u zC4&gv)234bJkaW-`W}AT{R(r#A3*R72@SqIniOoAo5iH4Dh_BOK?XvBvrh-#h%_)H zX!MBqqjy1mu@<(%Pk(YptbTbi6Z9hvhO~>5m1oUk)3FjNq#K9O4vXulg`sD`UD>W) z!FNQPZc&uW;EIUzO*`ZJG=qDl{1o<*hMZJOLL5rr>koV~xnsIGY%8Qo0`-a!jrycr z*>O2Ne;qY%-}G4xtO`!+_`dPKTg898`EKTEO#%=TQjK%r;Vs49&iy#&5%WU=GNz*I zhw$H#jyEVDG6I%l0EFQW(nbgQlKgPNdqoHm)L6Ys^I^sIqt9&vhj{u;TPf8P0}d)4 zxoK^x>Vev}A~W*3>VP-qdOsw8%Hu}owarp}+6I`W!7A8T(x@=09A)GvglPytEwV8JI}|Dh5PubG`ebQ8V`>-Y>$Dbn?AUYS~TZ| z)ioKeZhipB9F({p+L0>)Bnyf`gvI7K?1I&UXr+95)8(j=xxC2Hrcii;EyMT}%vr=4 zajxI7iARGLJ>0iGGbDe@nJ4kp8|wf2#&}?cgt&I#eH${V?b}!Hl<=s8Wf1aKy=Ef! zaolhgzKbn6>wUM`c6MFydcQ{d9Vg4IgRL}I5h+tMo+mg1YrTG8?H*9_&lulT`2Y?n93#=gH@ zPA?3i1etIw;%Mm0DM~6MP2TRLkeT6&y4ZeqOBD;^jy1UzU^hX%UV0wKw=K&v?qbD4 zQi#;~3NsQCVhO(4rwZP;`W40xqOl%o0+yf6{4n%{@Jd4ls^E`b_EFu*90HXkAl=8B ztXIjw_OS#8Yv>508-64&;8+^Xr^0BxGDLytPR~6@nlGzmSE%2sRS~FUX!GqC=LLls z&~-JVL{>T9C=8+tKio43iwVMmX#nttVLrn zn#l)MHcAv>8kj(N&69K2j4XDNa6c!ohH`%@Zi(H~eW-eaTxuyG(vV7@8ErOv=FrU_ z2w{PjfOGDMwwsPTbQjSpRh*E~EA#J@xIFwrdSG?jh29otCOfSt95?wf7~ENqaTy{@ z<3A|5)=ZCKLmftm)4X-7#*AlZUHtYYG`gS~Vg12yxW0X?rn?t0c%3KF;5e*k;*9}C z@_iviBo$VF_%jRc$0u5pUHv&AI4@O92pa1P+`|#AVf^N4M67Nk8JU)#kS3dJ zUdBMvxv3WKGc!?OXhCZK?wB2eX0_1qynz~)N+~uFPx(-ti`!17z zCgm96ec1Ig=_6@HG39q#e$|t}O!6D#!M-5SLvdFybByMEe#I2%yC;|XrmH}yi~@yw zQd6#iWhgT(;dvU8e7+Aws2qpR{UljmQ)l?uS|qQlt}HksNmm)egh(%}e!UZ-)CNI; zC=spuujTIW8=hsLG#4KPEWkhCkfS@*bRh17BGi5U0lrsxUik8b-Ixa4MMwGP4et8d4a z)4w++C0+kU@*7{o`vJi?|5~QcgK!1rXSalU2fToFFD3@M`t&nvx}MuUi5NWd2T`lW z{LIlHFf&2a+I!5jgaBzY^K2CetdoYBlL3<9!xm~2scq=wF=<9Pdpi`oV9trGgzPrJ zQ9}5FN0mOAl2bVvvmAa4cTz@4MEUSQLTvc%kmHIcg8Zfc>`FeRqwsJ*F6sdM6Fs>~ zGXQ!+;_M?MCHYg4hR)Yf6RB4`gC%8)MP)4v9M{nW8DSQ78y2oiE0DO2Coj^6nEG&D z?~*Pydq2h@lyQ6MFDu|SljN09_%g7ryDfE_Q9MKLL~i>RyytbY2({I&UKLOd0HUs> znq0yQ1WA|sj(_AZ7^~fQN)ik$Ztj{0a&V6E4+N-f4 zNv?jr{Dxx0aojg0YA+RSa^+VX0F3cg7-s2!D0OyGoRBR-^%~g)x>o~ z&kq1=LX-e5Y~`;c3my?iUK378K4cB)F@1=BjSn(UJT2!CkMvVFktVO$)nkET0^d1Nw0$n&kcEBs;)q2F%>6mm?$P0 z@<1FrheH@Q-T|w4j2_$_e37Xys469)pC@*s8NEIq{>{bGvA92^t5=~&MX;jAY?YkZ zsf)sYV>yDp{M$Qu4{ba7H>TXC{08{*3u;ES%`h&)#o#tWQO~Un zgt@`+-fDDL4B)g!v}o_R_D_VV+tDd8T_|)iA>vFad7H+P+IwdnFznA<-z~%W{vhY@ zHWu0x4z4{khLLK<+ZIbL9ViCZp{>^Q@V*)3Q&6qsQp>9gmsW;T0!#s&Xsdu6NuE;u z6QEl6hcydoDNbi(^L9LDHiHU$Ft#x`jtAeZ9;(@7#050R#P#RgC#!GiS%j~jii>?D z?c6tQngMnuodAebE9~CDzrEkgF@AIo@K<*=1XyGu_q z=#P)BYy@3~Yq2?CE4d>bN7KhU^9&eZp)6o`mw5x)PU$_Gc17@+QVB|TkP24UZ;wq_g`&+9LXV6Z!|A+HEKV~I+ zm$+_+)#>7+UW8#ilcMnDwHX)3u>zwWitHy|(c6B$+TBe)P!54r{PtY%?mWk2RzGf0+^LEY@Iqix(*T!R ze;Vv=DZ&l7kAA`*)k79*ier-``XEKLal7;0bGyvQcxV3z!M{)J(Hg^0cs&r_`||o* zvUIB^Zu3Hc{@xHS(lSAM2%IXCHuJg2e!y47XP3IzKzVV0BN-qterfe%n96t>W zRvuMgM1EZb$~)=<2ULFFLUOd&#rK>yB=Fx5{yyE#feDmo36I&|zy7ogcqfb*sOc^o zK^{TEeUVsnZCwo4<_J`NQO2%azy*C8UzR&H$w_vKBXWvbgjeh@AUUgo` zK7@d6)@<$^=rKeoZ!Q6-hss(nP}xNSAB2~k&^C3xQ29Nk0B%#Cf2;pE*5*2m1aqpz zZ=jb$``v|h`Hb`h=N5S=UIX^2rmDuOugkjojdl@u8hu+Gv6x{(C_k}(%P-(b%_4B>jT4SnrPjy%HXd0(F&z9>noj6?-CO4X0dm9<@$w^6+ErSM*?L2L zEy#H#iB<%Q=uneYOU~FH`6;xEyri_yHhSawhx>rdUt0#AaMbEwYwl_%ZYMD8`^D^H zB=ka5O?JEu;7d;;;$AmrTV5+^-%R}FdTxz1z9QF6)S*!?C;7Ou@M!3UdqWsoO)_&q zuCG~DRGJ=#ox8KUrhK28o-a2=hWs&zAbU|3Wa$s3zPDB#Lh3L|-lX5|HI5DwX*^G2 zA!q$YFJv!gJKZx!aNeC^;75CoY(O`$+~|D=n|v`OTV;2ptlJBy1|KRJJ1B#Mh}K#2 zt~p#WhhbRO_-BU|BAM(5L6{HtBqDWu*5@C^L0|-sJ}OT-k-l#*OhSz_Q&j%P={Oq` zQG<6MMjF6{hNr>vn`>e{7*vNnNEtWNrTx@qwRe$4jD@Y3Tz-yoJct|Uf9lmfg$685 zslc^D&dTJcx~Tzcj!c>~CvD*rS{f2$MB!dC zX*!v&bN7|I{bmAxySELTCWs~2CtTq~#W(m#St8Lu2*sd{e&`}mhffVr$x-E7-4e5T zoMx&%%JhtOHN%2%1FVo=gVByhiMY5!>Ofa81Orqg{rL;=H-cglvo?yS*sZ1DxVQvi zue>JT95k&I689YOkT3bQo?86*=GeE>%ZSBh9G^HTRBW?jA7A%}lxIdCzmlhYtvfy{ z*UKw#0p+=1e=lBQsX^hI5k-|k*Z*zt)8oEB9-!Y!w(v5_%CnL7pv(hc(3K35-sb9>iJ<~pk zoK4nAgG2B$C}JWb94y99()?R3S9?iI5&GiN0@UZd_C7C6039w9k7(mu2lFAuY84H#`ZDzsG1pz(lID7^_=&HzCr-mDwxPs{C z@X^d?@>|kx&fSk*+ka1$Jq;+ZLsZPn=&cD*@$$i#Imuyb)06`r9^#4}f`jK_evS8j z-FUEQriL!NgS(vscvn=Q@^^J$L|{oYeaR zo~&HPM1I^T0KC!t#)C~>+~oI&M_>|v+h&mo7Tg9!TQwqt{k;tS34ptINrgI0kvUMG zUP=}FBiE0yo|V=}#&nT$Lje{#?6gReh=OAq|Hz2bA9KwO^XlSHALy9BbI0j;*Vr3~ zlIwj7qXt8OI>i3WT9s+xJh59Es51{C4h}3DN z!WgUHj?YQ_Fl-pn&c`;OA)twz)kUsaaba!r37uhO@?)NsW#|TwoH;ca$ndS$)E+)o zj02^4O)sR~`a^5By$*b4&14T@@l&p6@E-zvjt$g||0ATHT*^VHiPT0am<9hXI_hk# zdpxk|f!_~u1n~4SLeZ;EGzI~H+tJM&16)o#%H6l`eIb<7YyRdW=K*z9d*g%tqV42& z4agtqJCA2O!ETTDCtq*pA}@s$+OGYCn?xy8CbG&QzxL_N{IAErpzCHJ2uz0KQIJP5 z=J0ageBNlQ*tGJ*_qf|x;F-5wCw1N>F(L_5cYcynJ^XqmB;FmaLRY^+wQd(r_>B1} z;JD@O+3646!0NR|LNNmzx0&x*ejtL|xk=)Vk3JxM;jTRKW7Cd{uhh7MaPbvTCp?yC z(cznCH=HM3L7W%*e=Sw8vu#CY0w2Ji0{j7tUlr9*X0`-7E_N`^`xd@rrb~3B>Uy>8 zuozu$)MvhmoiZ5ys0w}fy~szf1tR@Pw^7xj?F1?J{a!x2^BE-A{AduX5uFHjy0viSsSioP}VUZ*v@SGt}jIQIBUK zMH1&A6tZW;)^AOgOhv(0`cnmf0<4tpC)MYSdw$aO1$Omc#Wg{9LyzPRxZQHVru@<15`P+r#u(8xZ&H z#;pB((gwWa-;}iN%6Cmv7ovoe`A9xo5&rLc}Gka>RN3i`y1BhPcnHYNQ z!OlG1m$*iI!?4C@1aL#~>wF?r^o}8P1r|H3a#~qSSuQ(uJU(cj4+Gqm#5DNgvblV3 zLH3WUMnF@WRxBlS<`WSM245A<+~y`&eZzY~4nI$LxdR7T@aevdxLm)kujWq#lJ5xR z_NGmQxqQlg+i`XCPiFDmhgy$kPRs&11=$PrW(QWiWz9x?7)HWTkTJb!6QbB}D7%{v z(~EkM!C?Oo%V#h^cu`W0TjqVjw_v&RnQ%JKk^xjuYY@ncyP&<5l%n&Rv+EL!;8Z*& ziKb#giO)(NY&LU1JpXqoBZbz&3`NazBV1c3()!P ztQde*mB6^ayn?}Q(0T<2dDaboC#3XF)!yQp-UcbT0c;Bv@uCRk%X zjQoBiWd|TR^gem3JX(pZ9L4n(QNinOByYe<4&}PF3M{>g_uK;xR80|1s@vU3AjR7{ zS@&ukH0R83&O@g7xVqIL|6UX1$(^A0nHC->lzpjxS|%J@_f2&E+MtCGBSde{8z9QY(zha>3OP z&Ot|YQv#@TB*I*wAj{&e^J$pEYtpVwWjYE~*31Ix+p6%cy%9cWtj!GrduLUn z>d`tiHh}DW=)j20!d$qkceUo%mjcQhFcfZnyiJ+JE{ za3}$w%zNG>Go#w=%G{kzNEbeRqW=NoI4u^wVZkG>Z6lyZ;4&WX1ct(lq5S=!lly0V z@=Z+XVOdk%Dq_C{^i2Mrf&YiHw*ZQxTi1mlxVy_B!3pj#xP=5KSa2t}+u$;|1W9n$ z;O_3hCAho0+duo9ea_jZ?)|@S->R;usqU^`J=5>%wcd9|T5tDXB zRY`y;0&0g3+mZ+jcms$It!GG&Zqsp(!Y!O#=alrS<1aD6 z&d8zUo|le`dGjl=rRg--8V%ZTt|83Qpf1rbCZ{}7jkUv;|g((64RJ>5Hv zMxG||{uh>-lZ67--pNikro~o2lC=;`O#c}gVxfg?UBRZTaMMde!H)w$XAC&S?5JRB zfQ?yw{RmctT*bm}i2z(@e~lP3(1z_*R>o5L6-XJc`;q0Q_BfvRk^$MBp6)a4RWL0N zJPOZBKz@}RZ1SO!>X(={(&Ja$aoDr)|0w$z?83goBvVM#%6VRQBa%3LS13UmkS-{TG8W2SHr+FW;b|mXH4B8?CZ4ik@O^Wf`UDu@=7wwR+lG~1pFQ4_eaZe`r5H)VfGD}-uOE2k)5!VqeGq3#uyDx2^9GfA zqgx?lEX*ZTi{kR`=##=KQ+=B77HhV&n6Mh!ze>d_JJDzvKj*UJk^u6Qy;T0n{GFjr05II|}*}2XAavZ){lwsE=AyOIu%s;RE8TXw2d7U89 z?+aYus(dpg&q4+mX)29sXW;&={GT^7ZL)&4Xxh)!PftuvBg{O$Gd*wfU&8R zh;{<8s;nBPjrq5AS8b`F9o*dspT985=6_G!uY6GYt18U@?r65o&{Z*?;fdf{q^K^U ze3*rN{xa=g{ zfg3RYSkwOZwnh)w-q8=E6Gu0==dQ~_GNUs8!dv*iH}~Iog@3gB!3@Wm2W6Rs#nPuI zQ(hSA-)=Vy_I>sSmg3XBtf4cbq1$iU9Em*%Q-3C$^CGHPVRM%D*L@@Fu`l9Nc7b}l ze*R2f)7Sd`>Z$+Fy|O{nSBoW4-GzE8jx4aGxBTB3VolQj%nauKG|eUmrS!2pSL{;B z79HAyq87<=zOfzijzv*2S{<$&^I>`Q|2G33716*2LFna1sZ5V8SSD z@$v?X@az@{%M=~8)2Lp|+(B8%(+nSj9uwn(x~&c*zsaZgGz*3i@x&jmgNovn{Z=MN z7GU735BsPyHi*>H7qY6r`FK#qY3kXeJaXOPC2178(~gLw)V(&2;8=_}HJPsR@kQ(j zYUB^}^$kY1@N{5P_=%VJRF(CO%JU%!f9SDL$t zmK?f1pz2QhhUJu!4*|ijN_*10+SqSZh)Y*+_XP58(7AiplZl~nj{rNd7x<2G;b9zM zW7UTHtHEJS&YH&x02w3puaCvoj2597ZfZ&N+fmWwLxK;w-Ip3*PTol^H z4?#eB5g&*clDO&4E7-lX_EQP9GY;ZZpARm+V`dE%cl^mJE@SB#RrHIo$3NHnVl3KI zZF)_gRd=W2mtVur@`#_Gt#yPENbqT>1y?i4QHZo2NA|xJ^>l5~osT6ECkQTA>ewD$ z{9`l+*}@8`Jc2@zyEeIh**|rE#+7=C@)q7lwc)Ejqo}v#kB$+ED0C6#9R^YSPq_Ve zclehtbE$ssg@q3e*0V(S;k^yxEwK_~{aQ3=DI{3}0d2VPdW`u1t`x*P+5yV7LbTBk zG3T#lR9p-u?qI{$YTWI7gzoV?nZ8w3KI3`c6T3^>2-);gg5|#;6^OJ|G8VpC3Y+U1$D4Br( zGNg4r^WjTtI<(G4+FtG5T!bmAX596?o9poVhe%p&@cpEQ#)khxG5v%JQ;0(*24l%8 zHW^v8*3h^2*BZHD!kwQ3=iVGH5dWrQtvf>I>!%)_)OZmNMPp$+ABiss@HU!!lTpg@ ziNJSr8_s1|{Z(Z}n5pTJ0n3^r=)?i}mKZ*-zqZ`pK4S>5G!*`NzS}@OLj~Q)SY4cl z&}2ZM_~9mkGMp zC)vrk+j=T~V09Da{%qWrbUZ%w$pEJh>V(p{{asuQIk{M@b=_Z@$n?GINYn>L)G!(s zx0=a0T7kp%CZm~PR&NIyo&hF`L#y7Vnj1cKGs*FNXyu1zr84-16sT=Jh4o2uIftB8 zP#yU98HDWB*aa&TD-oaIKYM4_%d265b#fr7D+N?Ya?2g2=b}@lG*n>RHMfc_-^8+*lDFVn3Pyiy*{A1Lk-+6rV85x3?r-*D&=k->ds{^(eRy&`o`D9&S5JLDiLyB6 z$nFuiI1kEd>K+GdAmKt~NiV))S2dVl#}1%9W#OI3lkIaY8aBydAKN#6iHwE&j!cf9&kapW4YH$?6qr#4lCEfQc zu7mlIj!)RDmczq8PpE26#&@815E5v#w?%;`taN282*& zKgxEOvhjDrmz-~kO=~uRvNKy`-^+-~LQ!=WcZ+7R-V~4>>7aq*J$?RA(=XS?QCLeaE zVX9Jkwu}aqkLjtoO@SH*RZ()CR8k532cZ^%`1wIB0)=Vum-9lU?JjUWuNI8r$M6ZH z0)7o5d{H0hJO{{mE?^n6qr$qL^XQoo4?CRzyt(a1-6#_h8vX&he`ce_pe}AOf@p<( zy3>y1<(vC06wq()vVS#MSu1$Hccg#U6Z?bsb0&uEPr(DqWS$jM5x{0oKIX!cvRgCE zN|1mjSMHpdW+_CeZc#)xwYxB+5>>#O?GVkP@Z@d+Sydi9F%R2o`HZ<@ALZ*0zja5XX)Q$suU325h%Qsp-&h1Fxa|7tTKxnC|A}-sCDYc|)k49MSjmrQFV4(iaz-Zl9MR?t&E@upbw+G#}1CGy<6jhvXQ79mJqj1U;SQ z=WiEztodg`Yj8)a6&^>|V6b|r;ND5(RNhDD&sQ>{L>Mv1@-?Hx!>#P>**m}aJX^?6 z!~F?iYf68hLvy$KuHx`C_eQjqTsE*ku-5adr6|Ew6xsIWQsC_3{nW+%(xXB4@tqB; zkDo{qp_0_i>dDq1P`Dj;FrvGZzsY?+iC=Wd?MJBUp0_-j5ac%*A^z7bcEIT~;PvAP@GnQt)`dA)1H zuO((B?YZaoILc+JVgXuor;!R1EVVgR2kma(g9)hiJ`AM0mG@15+HVxZ*dpiva%~tU zFf}W+?j@E(e<8%K=CH3b#=OPiWWqSgxE~JU*TPeno2T9?XHSU_NpYILd2~HXE5+T- zqat0@lDeP0OUh#F4(_)BY@KM_>D*pzTZM==I=bcE_ReQ(H;#>RL9xC^Kh{q{5|<9=d~!Z>g;Mvc_-9qso;ADy}pwJtNz zORwLzT{*IYzzHujnV+fk%U`Am{)(SOj~$h>lJq1pexdCk`YTgACsch78|(BVAKT5H z*Aosk%ME`7fhp48c@lgzn$D%~;Xv$q!ADi&Uia(aAI<+_tkh^kWGTbQF zUtMFW0s3EzP?!@Wr6chh10&V$nsRWyd+`=MFjo zLu!85?>+mQE)(zLduX5Mw&2`L*w(uzpOh;3X<^>(%Vr^(b;Rtrc8Lu1@qAw7Jf*DN z@pn5$s&OF!Q3=8F{BOlpNrn!#0+$w_I1b-35^!SXDTedvT(axxaee1=WGW7Z16R8J z60#`=n~Z_4CmX?yR<1%(V*G|_|CCAwlP?CXt%<$tNO%_rqb$D9D_sf|0hyzbYvTqU z8vr6Rvk%wlN4}%DY7)LljhP;X*ST-|kKXq$)1Sd$_MGKDU?xY*TJdZ&q_Xma zTsd71jjW^W<=yF^jt|isCa1`}foG00vRC8hKh_9SAf)}9_J2Tp|bo5@~Rt*%nvJXl{XjSKD;NyqVUv${avM$cz7 zYzJ^Y3jb*0vGifu7kER~-D{9<9-FQDS?9og+T_N58U+OkL7|3-u>8PB9Fnr2dskAtZJ7PsWQi8P9mDRj!bbPbKmuXY?Q=iHM4z%Brs4>aC(p;7Mj%G+V$S zj(YxzT;*Ydj<2G9+*zf2|CEiNwqK>Xn*t8lmDop;>s==FWt2Y&s9O_V+7D2&1aWP+ zHuAc$CE3t-UmimZdXZEaA#nrx&(N5)lUUo*VQcD7WuVK#iqOdkyfXke>WPmpUAtbq9GcSCgXAuedh{FBpKU0aZ>y9$90FS`O7zC zK5cZ#}5pC(_+sSzrl)KH=Yd)P8Lz6FX07D+xrX&3*vwyNNk5Q8?T%Op(dcb%DY&ep>A z|B@PB`JMraQ37X-93r%Aex;t~&?UzJ1CKY$q)iLGsL-LAy@}HGC zVOX#}p`-D$MY{rN&v_GK8XKLr75c`*-d)Vd5JyV9E}<}i|0@3hFq{*U`oLXi+Jo^7L#KS?wM;SI0+H?;Fc7=E(R z<-&xlv+!@G$FqXm(Fa;cmEQMLv&^pv(lH4<+DFU%YB^XuzK!YI%oELn7c{8(X&)&J z2-;A51}VjWge|hBrd#>#q3pgavdjL629tjc`>4=UFfg~d8i3e)_a(>qj`G>Re3U?D zSK=lMmBWRtn(NiM4K=4EWq3w4?D68uP_PxJ2siQp*BSNq+&JkkFlsAm{svFb&o_7i zyn;vUvO61r#au3>-CZE7VvI@ z_%wb2tVGz-!S8E{KaS^vO^~-R=}xL#1$|3AU z_}zwa5K0E5|8OMg(l+FE_D=xk|1RJC=Thl^e%h)*e*`(+PQ$39+~|@^cE|!r&-F;* z@Zb*eg#AN5M)oZ8ThiyuMH2oxChw}b{r{`NiI?IERcI_ikfnGQB)DZIM zJIC`WE*20GsfM>LaJca@40dlQMWH(?reka~zn=X@itg$~kZlL?p*(H(B3Czi5MR{s zchg^r(LkTskhMWzv}i#)@wVU;$PNpWwB|Aesw#eyu)+KG0aueWOa>tcOzpe!Z8;^Y zQ)yHgRC`6JComsbL;Yl9J)PV1+wakJQI8rfg&|z9J)w~;VbagdlMRjlgsWt+$wntQ zYsJ5jxDK{&g835v_yGfvR4Q+KINclO1LnV)Q7U|V zSvn$7R$h%3P~=N0O^pyL!_K%RPUH7M{z{ytfp<(UT#O4YAfGoOLN&yQeJL!>!EkEPdWU~x|c;Q5_Rln2J$SE)9loR=`W@gP*p9npP zXUqBIT<4oD?}Vr4OvC=fl&N%u+jwmxd@F&Za_3hhUn_*+v9wM}O{= zSkIxj9nHXceDLhSKLWnfjSMyDt$^n+W@A$0rEBldD4FGs(&HH$&|ack=nD(wg9v~9 z-UtYNO!}Q`6o-%RH^_GQwMSo zt5>umL&Mb0HWL!`-DyH%PSyUqd4g&0mL?g`(wKi0WVuO*0QV{U7Y<`QYN%sz_fRG~ zp|lm$a$PR>0tLwKY)1;l5fGY-)LvSa#x|_iDq%p}vgzr8tirJoBiTHpPy1}E%RcyD z$GCE5ylf8l7YoP_RcMUjjbky15S_d~XnQ_Qnu@%!1BuVa5P$TDj9|PZnpb(xIkbLs zG6IZ-VJ}9ra6uy(`v1&#mDuDlc=AVQv{LALA-S2(72hN4yZq%nXu0^3S(R%3_z?zIvh0$+=%@+G?54(Q>h0$Az+e+MH5YIPr zx8uI0LILGs97+m$#Dkhz#Ds|+bmN{Z$GdW9X9y+3IhVZ8lg{%I?xXfdIz7KC*xUT; z1iOiUMnFw@6$NJ^AHjntC4oN=SgZxc>QbK1l8c-A;D!{%&H6grC1^P$9e1z5{)909|SPkz+9l2{(}V z>-DuA4GkKfn)p@l>umtTM?6%vdGH@6^D1Kk)8ou34^Ez737$IVoT_@8VRndIJkUeo z)dM3rCLIOrrjW7XU}CKxEh+83muH>#uFXOeeA|rN`s%=c`=c&*aXVr?4`khbqz>BJ z*lCRM{9cif8QxU9F|(HTZc#it(Bbzzd(lby>e1%60k(&k$kCxPaR2T$)bT36M`^8- zwF3M-qLYeW4g%x;Rd)G6q-#kxCSgh6vn1etl9Wg{XdK}!p*C(D%)`aavn7gCCg8}i zO-VV?D@`e})33D0Zw;LCi}@u#5o0a-6QgX8(ILTe3UGkclP}ksHUrfgl)<_q^2)c2 zF35a>Hs7!Xbt75WzV(6DbHXsxOkPAGp*}Zz8Wka3B&-8an@}dWm5x%-{`_EPM*$s| zyesblS5L+~u%UVlH95vXYR5Su>w3o)f!*HivPD-*oBc#$>e_P9Rb4qqIFimw;I`_4 zLOz)PR9S~6gPz$_54_pWt0SEu7MGeUuvh&1LDdAhN{y<}FE276ev5bp`K1-CQ;9L( zCMGw%|69&<0KpqGR&>Dxqr9)9EK~wL5u6m=`%7|FRGBO~seVH(80ByR(Rw){YC<%a zSC;v`1>-X)PAfKY9tsYgL3UngE(HGZ>DSRA$iXp8G9aNgmv!OG9{?h4)Cfbt%wk*zn|7f z|GPDVTxUXy!TvB$lp=WN{dfD3ab!v_hGqtV-D44Sf7ffx8;-aQi&M1F$8QupP{QNfUI82d;x{b;HpfFBDm9TsB1<{|ZZ@vk4 z%#s35L<;wr_jaJ|fq+t2)TAB>$;iq#-JAT*#fHzL0Vj>ZlcBja;R{<`Lc zEBTAF^Axj3gbn%*0)X*(su?)%cAMKcg3}Hvp_dgr{Z1|duWXlj*W8%I9x1Xv$^RhU zm**ko1=%@g*BOK@~HmNy%`%VD+Un9dvC z9&mWPx7^&H`-n+xnnK1?f8je!feO9!Sat8S!!*6_h@bZXwtWQgc;~r)puXxa1cJFNfURQs+ zZ>Uk1M5>Vs8MCMh-|)SH>u+{_R|7LwWxQkKE0}r543EX<#t6c?i3Z@b%-p4 zWZK%bY{!v2jj$#6=TpbDFD;_IH0j>&io6iJy%;e0bW{Xan+K0L4+r4|j5?w)tCPT; zvQ&8-KCRf*8LQBHo4^s6zL88WY=qo!T3<6J4aV|$akpROBV1gLcL*GSeBe5s9kG&> ziL0zt%xZWKNw84szLPsv-gM2(hU7}h<8_MENy!=ijOITet5lN8j+bk(d%zUAAG&Hh z^E%rQWSz;bjeZK6;#8989rI)z~WesK!)zDVz6|Owi%aNZq$0w@Z%!b*9SW0 z_3^#ju^Pv#YASatHGZQuG(dJoTXKY@x1qh3Sg~AQtQF%6JAVzD$lL6byN@DD$z!=| z>hs^B1R7uAdb_%CNeir}kf7}-VXi*%)9Uy_l$3$|pg^M^_ms46sK=)YKL0zsx zo6kp=c%yz#DT^bznJ*Zt*?=5-eJ#b@IchpoJ82iiNxn}ndRBgm#IXD5q6?} z>e8|D@z0n0T>`rvUy)|0-$r?egc|7HmzDrW{&hCj+b9rrmi7;XCLXO)Nu4y~1h zSpg3$H2#h1+wAssG`uMILl~fJ(^xnA(7ME=e%1Vm?zl%W6f4|Q(B0>BQ`YSj75oqR zFwqsBz7NGGSvD%gmWQ7{lroJ}t!FWLi5gti!xY(FPdx$p-2jZex(z1T6seDcihPA} zvIQBnVl#|S0eN1O650yhEtbNvD+&2WS$a2I@+gmmZ0Z=J^W^$Q-A|*rt=Y& zJ?J7$PT=T106oG6Q&I|h4qFLQLul-3E256cjHu*t18z#b&e=tMaC1r10juTYYO`*+ zC8MZJx<1o09viAD9<8aV5}l|hUyKhpRllO+d8^xI#N<15V_B5-U3f2D*s-SdKbevh z<$48ZLIJcJ>dlEoYkSnW?J0L zvVm7x!88eENf}j)xk}=uCgLFQ0~I|pEK$vLEWT)4;ip68 z*%FyKt}Rb`$60eCzrcXTzz~I*457$3FPk|Uecy+3RN#|>dIdS5L6$^4p z0+D6_2@psLdna^#9?(=y2(VppTR3{krzR^p-FY`Q=UncdPa@hWYa_G2fl3WT-OQC# zF~clH`!Zi+Dx$aS3BMF^V?ku^B{H3ed;F(Bk}BnunfE$-j)(2!Zk+@w5j zF)Qa^z!Z#>&>jifCxR|2F9}bvmRnef>0mSm$mFOqAZ3g0;&N>@-Co%D{8!oiR+3!8 zohr-Ywkkbr>y0#FQAg89xdB4bfDudv+`Xkb{hlh_6-JifjE+VAhpivz9(&vCUvNeD zt+EX64pjbOccCC)T}BHlruO<(vp=S5a@t*LuCFd~L(W7}jj%QSaqPzzLUsxyQI(L8 z;j<@dDj`B5BJH4w<6jl0d8=0hKEj9?=*~nRR{a|44(T&|AKHHFt%)rC3FRb%0NTDg z^_(S>LpNn&FA{#J{$BhpJcK;tyW(jb8}JFMo+<$E(FbMG1$PR6F^K%N zzwBbp7Z6A%oaZ1F*woLWD5n(sd< zo4%){d5;gbu|YqG`7Ko=w{|2XIvS;6epmi2n` zm`s9em;5)lD`6VwDup$qh`P*SMSbC(r9ja{{+u@!=dEEIN$KK{k?HT0*>n$1#71`O7z$)L^;W|c4LhP`p7}oB^ zWzk+eMgxc?Ad9Ue5Kil>1Ws(d1={QV4ApY_4p{aZ0}HcwK`PjB*@$Cryh1da;B}{jqhv32z#5IEy19!XylM>X#u=I5Bp1>4?iZxv~mj1ROma{soFWje#q`V=~ z=eTDs4t2&qSI6`8&h~nS|qZiZ_S1J1hen6 z;!O&XE>q@Q0ZN%&5_&BC4G75|3pz|2=ekxU+pnuUk9+`Y#+)CYgg{1uCaH^+0@qTD zL9>n!RYs{_FIrePHbFqNHD~%5?hZbT$r!a z%-IWP)Dj56O=61-!UV=9V*76+BD?oV8>+hsgzq99ja-udK7{Zn^+XpIsF;XvXS2In zWDGB)G)++dEPJ6O<%dl17{&22p+)RQJ88y-KOFcY#@%LLblSH1tC<2(#%r9>F8G%+Um&cZPiO`Cf9hg#BGt-Ujuzg=__?Em(owVqA?T&aQ@C$+k zm{AYnxVgIofmZ`Wi zM%Ko6Y0LkO8J)1G(A8ZWn>^P5xw)jWr4*%58$KIihja65&q%#8-jiu=>v(}S;TC1D zTMmPnZzD_ev%3!LCIb_1K)}-EB>UhPp?P!cE`IutZi{N(KL$)%{0!8tY)!hm>XJdP5rAWge~0AFaPOu;Ia7Fy1c-I9#6CxSyD?mOSY+KIhs_ zb4sov|4p5HB*E`Jhu%}IO1Ym8M5d)W&hPF!VG-yV3x^~sO)CM&f616NG9}4<R)xRN=K#Y(Tsci&C?HlwMl=Ki$#+dgXw z4yNrRZ4w2u5|S1sT=~{kY-+L)53Ql~Hwidm?PevhQCaX@uH#^vt7Z{&wa^5He;01= zXZg-!t%REcU=knh2(pwB#fjKlK=_n4DgA+e>@g3i5ssKNQ1fLoCl*&M*`xL}O>2mr z)a56hG&*i%{`$+pX3hNNq$R0EzQOsu1+UFc4XS$ty~&51tYZIwPK5?UF^D%5N`$C7 zEnJn;_d&lgn;a21^`{B#uVE)k3hTK&QS|w+OB>Ipisa`kxuv#Pz;{_kT%88howPYM z5?CexftZgM7e6^qh0OXaFb}FbmGvVy3y9Aa-nW`w=8Guns|2 zA|UjwFJ^=-B+3hB+2PQJp~$47D;rnPXOl!c^M&9cxvo1(qy&!44febVLdWs({9Zy4 zdL4K!4PN8BVsz)JVZ8`N!t>jVh>uPxWI0mTG`l924rtK{NB#ZlTNNQG!&r2ER&5x{ zBk75L4_p0unDS2F83`MUj3h1&IF47m6UZy~B_d4kp(8Ggvyu*Dm73mukp)(!A0WG< zEIGR8?YlAVr$ma8nx0y{kX5?zZtU#Ekp#UibohZIMv#IfkX6~36=IR}(K zk8zm^pGqNFpfk%XIj6u8W7U~GPD$jo2ixhEbR!S{I#9JCF%{HuZLg>nNqlfEDwTjy zcWqJ8n-N&Yx3DZ?{6(~NF1RNeKafNP30RJc9e{hb_Z8V&y*HPFn=lSr@NtRQ{%~8X z_4bx1jiYfwq>tM*J`*Sm`pZeFKZ%kkb~@%oZ5oI94UfqDdrHJ?uH)`&D2SC+L$F@K zMTP4jihOdvAO>0gTbpl4z=}i`-&7yL#(?uMvI5Jn#J5Idu>x1F452Xn^gpW7_lb$4 z_%}xedBPh}yOi`Wy|F6Ar(&r}yU)+_DPwqBYPzh4k7F285a-&mCBI7r!S}-L=Y!z& z`X%;t-SN*Ad>UlABo8&^=ndJ(AjgHcw{QKL_4Qb`Z( zO~xG{paJF9kLa`m!KjPd&b=YZ>o%1Hx^+AA+NKf!IQt4`2*gtKvo^d+0?)M?#7L_E zClPn1Bc*R~B^v#3dQo9vOjr$BPhp`-yuM~=8KJEm4Xw}A{jJU0{mvOdj_w+SCJ73M zM{+=xjY{XcR7N|rR`{vbh4{y!Qa}$~^%M7P#*wrZ7)BTwkK-~vD^YVoR~I}L&Z8D3 zgh&Z%jJm>gdkH^Gj~lm#iED(R<2o?!VV%?T#bqB6{Zz=`O(A(g;&V4DRu}q}ACfuA zNa)PHI190^A|F`Sf>|)UL0CAvZ0DsCwvST5R(!UKBhBhe<|wbpa*||HXU;Q>ool@} z8~a#5C87;@8`mjoRSOR1Z;GjzO4#gc z3GLcE2wSud9+MOL8Ff;_Hhh${i#a5Qh)DAbNk&w4dNiEMF1)lLcK7A%^m(zx#XA8e znDPjB8>7=F^gLtMEOizW@LuL9(X+Q*8Z=T_;^K;l6Xx}I&HLF1sU;5f1m1eKg26Ui zYlVzio#ubX!?2ZvRzB^vj*&Z!VbrC+R{NvF7}x#7hrSSVDi|eE>K0X*!RYWSQ1+lf z;z!sDvUiS{R)hZ2L%chiene+T?*0B5>-rixT9+$c$4f-75wg&yb?SIgssg`*ytt-x z^hez_w7t9wclzAT5B1` z$Ur@n4N++VjHrlr>k5qEBWFd3a+#T5OiY5FiQ-w!5~&__gFQIZu^PC1c0NDhCzqqwLu%7=xGx$nuuNy3sUrR>0;bl$F)evGq8c-}j_`4B?1W3^C zc#wA!~E8e|3xc$K*r%Jz@Xu`%xxC7JX|4WMe{J*t7OtE`X^s+F+|w^7FvB z`B~k^qlq;9^59QEMaME@Oranvaaw{jk%ctedhTaYm{CqR)8%RQu!B;J$$NxjE({jV zsjHO7poYm` zlg0cMRYeoN|2R}eC{ngU%(b>zvs`Hq-|x_MXY#p~<=KV5%>lh(J>M!mRf4M%SQpy8 zv}L+TjQ{$g|8n$R2ssoSLJu=SZ6dEYmfC*Xb0g}nB+rq=q8C(Qml3QJh0uKI#OGQ{ zY<@jse$QB)R^g4?`qzZSf2D*&9Hm9MT8buc_V;2gZSkDd7q|hxJ{OCNN}@W}i8mSh zO48*SK{Vf%Q}!?)<6u`;sN$vZcMKe>iFXd)xBzyPUVz69DkB9G#JO zHQ-Uh2~q!riS~C1`W9j+H5C;mDK2dCXVZm{=QK*_*5(!#F|p?gTq_W>E6~7XhqY7V?LzPQaLsODi``G%XF8J;{@)cS6o!tzF zKr&*FHX50WV6s`pAfIq1UgWt8g}6Ao2p`kELp) zbeB=S%6#OVYxTRGRiD6@7CKroshZ77VTB<7Bu62)A{5;hUWIY@7!J~*gQ59aE@FQZ z)~3!i^ye=U?h%vev@yE zy_opZrt-RBQ^%A^A&oQVi3)t^kF8v#JUA37p&mr+|9b5~2U=esv%e*ou(RwQYfCRG z9JgD-UHX~9em_Y_RpEge55~j9k8bSM+%^xPRN4WH789=S?ZO`*E`GWY6v!w(mFf2U zSbQ<~2~8}m17L!^A&B%rp;_YV{#AP&d7tS?(OFeDn`NPxHU~3fcR2lo=Z~KnKZpWl zh(hP{2ussQIBij#Ss*gqYYP#a=2psoOu?%@rcQIYsD4!Z1p4}f(FXd42KYZc1uFN> zXjae2RlVzoU4F*nhZ80`1_ZXOMb_UIL4*75;kYfS@e;a8i9r2>(|lZy~M&huG7SzixH4(60j zV1sR?-(9s#X19cunX%L6j)I!t@GW4#uA_zQYtY&>>)kEM@fz^K>LPJzZ>uoa=%)h6 zFKS$EQ)fVJ|l81EpYqarA9iP@3Lj0_Y zH#ueuMDbwVi7x9LL&C@m`cyMM8jpxwcIw`Lv!xSrB@i*o=5XVe8PhQZ(RUEiN&ivraUAx_#t2vCnKf#2^cuYZ^lEXSx} z;ZkI#hjB-6DktPheXA4!wZ{2slRATG$5S4WNd=toy%f1O4RXW82Wr=_#{Vhp)8}S3 z%~s&)Xg~9!VvP8Qitz)|Cj#@0F4Li{e$l<|Z$VW}FbL7)eS!!i_9gyfecSQ;2g{yW ze!kAwmw@FU^FNZ}M|8_Wo|Ae`_#N)|XlHI1TX`=1g3LovqSy~nZuTUfi|k4=)(u{l zb+tgEe-R110e?24lq1W7Ss&sHB%y&XQ1fiJ=KnZ!JM>NXYgUv{d;&6bo}ou zp;;QOU-sFx4UYkJq;LAbl%qxaO(jm^gQCK%$NZ=k8XeX3901EKXP;GCkFWwSn3mZR|3EZOvkHVb zHzmBoDrV4p>wCHg))6T(MK2LBl*+VUt6wyXAIw6G6949kdO7uMu&U*6#wcN!p%!NJ zx(gBRv>{KD3|p^Mja?Q1WmY!|5vssZ(lg=(NA#>OEu!e=qDNidZT&bP?8$jL>seu{ zDfd7XcOeYZ30^O?7J4|B26;#bC($8vj-P}K2#F@2)*Jp1_M|V)hp))|BPMcb|9wIZ zPDOuv#g&eHg%5x+f-dIw8_xR;>QVZ1Wmk;XTG(geeJ`a*#4R|9^D#9~Tv^1#JPzMF2<&yy)4gDLiQ#FRTv}hjQoL`Z1er z#$@}1L_ZO}ZI?6lrZ?;w8K+?^!=mt%a;g*lhtIP+fzc zjM`@b@pApQBnSn}ID(_KnUA}|yhN*OgHk4E49_QabaZ+I%9ff{6bN^?G`VbJ7`6jY zx4<_9p^gS}0Jrzya;pS{9g?a*4X z(7uw*K_8_3}lsaj9?R zt`yo=|0GYVX$;{^1{ZNP_3VByKP5d7+lXWID+<2PJp0hoY>l^FR>ya>>hsJC%*$`U z;3ZLpvmA8dZod_!s-98jBI64n@M(Z!byMkomL2f`g}6=M{y3j1N48Eq)MMKr1X-Y3 z-rqLx8W}6Fb)(tvxmCj2*%bHlN5BZjj|JyCXWr>N|Mr?W+rj?Szd74zb5(Z#2;z^# zLn91F4P;D^n^uh504DZqG~90T_Jts!CkI zA*!hZ8_0Nfy+uE_G!KpcCjp~>-Y*<9f?}N$q|wfk2G+j0b~cQL9RxA8RTytI^gpZh zs3Pw6?5CRCKlExU-_r#=N~^G{Q06i+5MBMiHRu_BXRYV*%Dto!)AcG$yeFxc9b_KM zLymH)9mu*|g^5v~3U0A%TT0qf@lYN9Q+Hrk5LppX7k_KUKN+(}6oKrpr2G3~e;3Z( zz_~-s@&BXj9iuDzmUrQfZQHhO8=a(Mr(@ez$F^O3x$hYFjyujd_jkts z+uonnnziPvdaCAAPq}Kz6Pw9qDAy8YH=5sDgt<3Hd*x~5^uvu&lhuwLv}C^&RvYm_ z^iU~;6WfxfZoL!ty8ggz9L8L$P%-Z_VE=WacPfwzb>?xSl^y7cGobw3T9hRFTc^z8 z+s!Rp5G4azmYrT$-JI9+yjM`(UcE;w2n)sQkD6PW%qP>FHyWzPn{7G(slT8$LSuJkF1pCWYx*a%F2=4m;n%uyu#_)*Hh- zs+0uGWG;WrO!_o zw6zxeW(7~+gpjc!3PEZus2mDOVnFLEjGdXFc&;t^wiE>8?DV3GU2CWaIiH;k$VrNe z$w~?mb1KKS(?jyIX#0NrKK(V{4r!+a`*{{2&|eOX7ZMDm&tc(%F+wEF<{M)XjP3V_ zFoIsjQo^B=L3;Wq1kv^;By|_Y_Ow^?KRB~sFYw@nY>V}Oa+hD8PF$v73tEXvK^~rz zZuj|POq>zd=9kyxeRD1yIt!qt)pACNx7uj3w944}so^B@dEqla2*KAff%-UlyS``u zUd&(+*OW(YiJo4%E^5P@9srUu&As0ly`sxI1u2zUEb|X6+)eL>qDuckl&{(CQ(gjA zbXH$j(5S&t)9+N0pIIqb*o0^2?-}u*=NjWHzSY3H8NcT5sm&_wP~T6yg&-QncA1Ea zzB)HRdYeN8!R8|yO{jo*0QJJ46*Ssy=;v#}$(5TMt8h{hv<4CpWi9VHEuAp32bTeh z!S@$XW-Y5pHZtj6gQGr?zL}iJ^e6y_Zd`(8v4CejMPO1Q9{pGz7brhPAuQ z>80+O&QdX*iu=r^Cw{b8(P2$0&|m-m&ZhtM_ue9AJpI=$T_kJ+o9;K^qL`-H zv$Y+IG*O_oWu4zeVj^v4F-#DvSthl&WG|ePG8_HvSh^F?NQ(C2%xuw1Y%(eAD%c#|pi?$T_s8K}{0QEq3R=ilr*ixKBC!^Qb5+`sv}yYlWt;Sx1x9GXYv`h_wG#PuE$E ztt6ly`6`Jt+62TtPf!#0e>K~!R9(0emPZQj+h*MYeK3lrT^!V$1YOTTw^|tOuRK^y zh7!;*qNQO);U93R+l}&+@3zqrqOV??9EAvmuHjhgBk&u?MVKFWheJqtLkL}z5eLVX zXna!X7XmH?`*1bl|bT#9mpji2SkKA%cf=qoxHe>9=Eusej$n3 z%n?JnXf(5@Te?Nl=P~awJR?cU|1tJ)^hLB|kd;tz1HDTu8aoMefQLySiBNebS*j@_ zjs?RUlU~vh%{d!l1jK_DmFvXkp7&Z8f^XS|v`|=&?~?X}vF- z^V_X;^SylfHy3^#j_FY9V=>Ya*{}}CnoWPAj&p1O`WA zJy}qH$QOfz6$AM^*AKx!H>MB}ceosMyyxQupKnHiICj(SbU7>DsW1Aj1HEQo1z$0L zgpKj7WfwU*Ms3~j*X66zr3JII^tQ!ow)Ne$ zV~6~>8xTE7T5p9O^wCvRNBA{n^wfyt5Q{05F6KGSptjkkf^GKOKQ?Hx_HcOu8f9&L z&u2|yc2s5}Q9gTx;S1e3d!vxa8eAqn9*4`ON=@Kb1Q$8tM8QOMz zulx>+RIjQF;cc_v9^|ooqdJC3OL|udCf0PZ1J}Oc@or=`+>5jMrY@N8L5F!u!*{6% z264QON2ZExEe1JL&F*UgmO$)%k7cr}GhRNARK<`JI>%)OJUY|dmpKc&3o)q9Cdlv* zgkSJ6XC(T*M^o;C^QU8h#%x6Dzy0~{nLn?S>hr<+;gBfgbY|2tEr%L^xfr~t^Ssx= zYCvwPy#C02z61iG!FP)fo}=>V4*p#+c!kk{hK~qq2I29K@|sFo!u-NoMu=|(TWl_` zKZgiAP)X3KV`E{(12!R`KIb;q7>ox~;;~~a7%clcM5rLF5iBa~hYJ>$A1Vue;Nd=U(%xT}Chq=pQPVhd zi3HlC8Bm~0Baaf(585vbK5?*EYIZt-^g6uLS0k_wX)i{g0=!(4c_eY_Z-l4xyOG@) zW``$D{a@z229<`2qL!pW<6m^QeC<(grVvEc{IM>^uAkNPuy}`ip)*s$DE3jo7Xe3X zZR5!386l*wZbD9*HuNc3MzvPr=jUG8wk3i!0}bQb^{DPsQIfG?teIo@e}ueGL3Wlr zTmR}LQh1K19``)AHr#%L{|NvWMQxN?ELKP=H5gkhz1-#e?0mLMsx8JbMS=za4Y7sC zHtF{U*#4GlG}9Vd`O9;c2xZt$N$$IIsY?8k{oH-}+&jzD>(V#-NsZjjjFV+w5`D&D z+9!*T8!@DXhp5-gLhLDl>nJSD+qycV}7^v|!O zsYFHrGo&=4>n0{|IcOZ1#cPhI;!9BSb{4Pr(um zf!i^IoPK+G0ViJ30f`)j08ufD_};5g2v$odfPHB$T`!L6jQ_-FeY^vYc!;Xr(A{g=HuSn99j(D@pQD5hI0*ZDkre5xu&K_a6g;u z6P?Cvdu*?5bjoJ17&xahlTTuc$`DNI5tn47DBZY*-IcCZLfu(}WLMWPJRN{_+9_~# z=$N1C-*2T5S>zrbqfk0@Q0JO}VgsS<2T%WoW(X=D0K@!me@-F-hV{>%$iU3}TP($~ z z5lQaIi9k0s!X~6ps*8CFZkJf3^kkz3q}H7l^xrZV1l4q7GXzwQwcgl}jmM069&MfwwXOZ*Q{n7&O3hb(#@Nrxq4zv#ow+z54ao3 zsB4Je8tn1yaC5&FB!3?|w7=`_An#5aa~J!e7O2N2V8``sY>BRxWSusRedvNanjX)# zFY?)NK3UH7e`5qZPU4_|ZS$9edEVPa){OoMs^ zdvbU<*~RR!iKN+=7_7@%D0!%1OCuuC$n^8qe2zEQdTWl=gc;DIw)2WW_=k{%t)MFb zo|n&E>pjKwJwYdy2iM2)>T0q5^cja7oE_FsF#f?FlvRVsB5%dRx;p#;qFo-rPQ^); za_7LLI->PVxjp=gkXREA3;S!atZ%CFmkKx`G346A;_(PVW=-Mi=X2UF*t36wSBBxF zfD7lc*=nUfrXFzN(0B~!`hF3*$Z?Mai1mvcq)dGv z=5k%-`t&rT#sC@X#``6xmvew1zFv}NGo{Y_IUo+2t8uQ3gN79$|3egx*Fr%X4NihF zqHr4A;Kjeqs3;2?QGNXd7}Mi%q67uZ=FkU6B>(m9wdh-pOhD6;yIV<#r;iuqZlq8u z2|>!D8CqUq1XTYu=eU8_$Ur<_SCg$4a6;B#Fgyv(whJw zy^YlYdj5iY4r^Lze-RuBWridnWNX4xmYI$AgR_mGsmo?zJULq**=7#RN(vana-9Ej zB)$)Wc-Sb^9!VS4 z2{^SYry_Me^Ie|2x~OT+drOhFM1YU=@^!FlQYcv#qgpSj&h9a&@ep6%n+mCG*3H-n z0+5jP&i$nmb9FQP0O7$J#99|Mv%kwT{Q!>}7M!g)XMWUU4TaO=d_A1ZqQHS=Ll}pw z751fI2KsTZUvMY!rLUK2I!ycvpKgkPcdhCpzT1=ItAQ{@+P!EuV}@ufT*~>@=XS4n z%27w|ey7q0JwZ&a#_r)w?YmxkZ%8duv7AATB4hNAtKtxTdc-*Lt^t#J2#QekwWQ53 z#;ivQ8^&Zhbxn`mPY;^}Dp2jvjT^PNk0209GinW{LIkI@@vq6WLkABI!|ihbNKX9T z2Mb8dDoW?{Q;M1G|Kfdqk`u$kMtmm7i?(ikqQbAm!0yn27Q|N}qu>R{;4L}=R?Iwv zU#jJX-!vg~H)xWaPeJ&d^9d;kAW^NP-U%riIbr z6xE%|T~PjR3fu|ChhuL?oE>h>I7-!FTLw+3yJ&$13-zyA&boW$=cMlsy1M!HYu;2u z+^?hJZcF~CH#_LT6g!_5O#I<_9~@X^OToknIla1sL7vKSCr%u?q@vP$4<+5&lMeRN zLlSSTnnGSovXejMbebT4e_qe2dq6_XrW|NyIXp?@v0uzDtb`37@akF+1Y}kVmT8y7 z!tC7cn1bLT$3!2iIcGK2)X>`sO)x^Y67|pDP23Gc?Da&0+xG|BRn@d(kL_-T0|?5+ zX_hl?nv^9Qa=s|cKbrvfg05x6N3 zeGl=QEl3;ugfU>4kQzPG&I~Uq2X|yA--z7sP`WEtI(Cs26kln&J(^JgZ5v`o7y+|$ zSl7fIMSIemPw{3~T0Q9VbcrZ39F6a^H23`eH{kY7fhV=4gk?;sZeB6C3Toz?{Q4ft z&cGVpnI%pwvN{@5k$~@Gd zk+{)pS8 zbG$B^&mO|R9w}B&fUu{Q@8c8lH&RZ2B3DEu2xwqw$Y9>cz`RUp3wb=B?AN$E0WTa; z(-2IoRrm5o_Tu4h9220`JVm!u15$4Y)z;~&PzJKDu2Nj=kFJzE&5?4qoe=@a$^_aZ z-{axevaWnlF3Us{PnjVjeyq$xHqH^CjBQz%h}_*BYZ4HP==_n^#czv*>j|_82yLgf z?1w<@HU9kH}vr@-x)df>p5_iE4Xdj2jXVflV*_YtYKezAB1t{t7$Dj80>} zqHE>wUTw$ps3$AJR&Fcd$WBsBq^-sD_maE2xfsL6_>SJ;l_Ujj_a1;CBAG%)vx^pm z4z;{EybH0#`}q*?#R+dJ$LefA#VsPXfw1Qiax&Cv#CEqUwcgE)g<3dt{4GjLbznS- zY__>-AW`@s{fr2NgB}x$s~(m0=LxI4cc5%T2mH98+zk(g+A3VQohpKhC$1SfFTw)i ze$K221NhqY^?`(0N;-)9fr7xYD>ofPkze{t*FqjLi1+n_9diGOVAA`e!G|5yPI;-R zkr5FQ(V*f#sf%GfUSEkb8%409eMNha6bpL>-9&XQ2}R@mdnrZ1HxDrr^s(E&gEWPtvHq*{z^{bCoP;nR0<+S=HOwL zKqxC%K%H%Ds;DXl!5-u{>@%AZiYv+C3DQ~=PB{={>!v`CPHslid4BFd);#VLql8tYcFWU(7NqYy`1mO{1txu)nku=)ZoMr$YPrh)e5ovJ_OXqp@@GWkU~2B}ua z&5#x{uPiI@4U%dr6F6v6qv1u5PXp`6zkx@E=hsk=gl=%6TT5MB!P! zsjc_@Q0hGb;a0pp4wcZ4WKEhQ>j(H8-=*rQf3!*b`g~KCpmBykHWvM8YfO~mD(=RI zWaaH_DO7 zF|BDcM+9d&$J2ai=bzsi5aGd-V1WZgt8t|Y$TTXN*$vR{TPEkAQy)t+bz{;W7O9yND8=hp_s zo@Rz{H-?UV`Tafek{Gn6Bj!`<96rG-M4q-lpfimuUWZsN8C$z&qk1T2*7C z_1I4tzL`|0417#6Euma1SobZv%35NP7^YH|D+FpjtsNGQonZUyY(+#)Yc+_Ss<7_S z)r}B%e=FjZ4BATwX==t;+fR=;&C(nHb9ARn z$hiVw*bfVCLb)Q^)s~L6l*ItDWym$Yih5HMTvWB>eLapgoSngR3G&{~cPW#JAmnOU z1Sv1o;%T2SWeo%715trJhQ%V*OHx?eaVG<6E32&iYuynU5|U0pE3&U>-xd(r#6+8+kWVM5BY{X z%Q8VB0+<;2QFAMCUwiJ#Pb#l3VPWttlf>a^F=*JQ0H#Qws4jRSHvkXWFa}O(gT|;} znm8>A&JXk}V)KCn$4-W@FE|%h;vB2JiCU+J=Ln|-Ne4B7z0Ge(yX`#G@+dKqb3Ee0 z^K}jiMR4lB(&e+d%tI0hbUp-C4JA`*W=2^Qp>^<~FTP@(eOFzNoe_k~{s^)pLmcT4 z{}SKJoAf%X&Nx`y7-NUrJ@cTKj}VrOhiCnmth0Y^O}g;uoA$(kZ*|4sVSFxr6at(NN^zoLeFrAi>`FnjE*)ex{@$U5`7ve5 zv?}E%@r6ZGvMm~?f>zkn1AN`UNMhvk=WC+ZQUcjje2}=^h6T0^9!w#>d^sHzpVMS# zUyvJO$q(j*w37Ya>1LSO+31a{q_vJdaH^{2{MBU-=TcVEC~397AEn41%|{140$4zl zWm|g;tKSi4SiM?5JvN=7T`-L5OYBgg><^gb0Vi^fFU@0LoxK0Ag2Vss1GtbtCKgig z{Mf~VEIorU1rCGSkkGd!JT6m;UdFP@8tA&PrOus;yFr$D;f@sTpvgq|h$rD1OSRcK z+zWs8!V_78QBqAZ-VG0$6167)SGrHGlC!#5xAY}zY+ax%{P-I zTxIm2s@o2TRyKd}?i{3|hrLXtoO+Q#A_K`{t&-nRY*t4%X7a3ygV_;-teoA}4HulW za7yGG*xrWgHNEXMH6vXa^(0tMm6BAqWTRrNCv3EWw=|w+q@3FlN&~f?^lCO(L)aG+JN4% zHRBdtY3)F`r}NlM(Cgq^A7s?&MMT<7j1IR~7)@QC;B>}~k(l366Y{|}P9Qv{Vj}TK z3ax2vAcUHL)h&1BC3%2ecZDskRuna!GXn>d{P|Ml5EFOdj-2JRrrjY@xlxTk5GW@$ zG6O_~H{@|bHAmls#wYFNv>QLF*T|SC;cZmO-R_j{5ul@mk5s@&Kc@B%@PS80Hn7#6 zr$mZGJSVF7YNNba-#Ml>wwa@Mhc8j{`Qne^S}snS)<6~x5H6`N6JO%5GpEG^1!>*j zsz$5JSRv4{v{SIwuQqiKNr_1yqofW=<2i$ra|OIYH@=l-93Gr_e%wl@_m@QljI+Wg z^uirCztT8A2sqPsfm2{?W5-h$kh`Y_ApamAomBp@6(ZRZ%h@FFS(ff{W=T;7&HH!F zg6Q-PZ+=PUu}05#pFsFnQS|tToHd{l6g5glyv6s~H`@d{TF(%p`@2BcS&w3$Nj87D zJ5ui8SKnm)J#gHctFHoyk_zi(VU*awEAJJLPGw;uYEUD%#gFGKC(rK^lfRh-LZ|4g zV@D_OFnsnPrtLmnU2c$-XAqobYmW%~mqf3d1G{z2tQPA8wteuYZ#h#5D!DmT-(_eA zb!^3;pbPIzTCnco`4QGwaFoPW~y6XC`wAl)kH38oFCgg7O1Lk7Jp$QY7B<>Iz zOJ|dQQ^ZeBlUElBtX+hEKBa6Rj<&V}ynJ0ota`6HvMSz4vVz?4c8!L#oJHZ^XzDeh^V435fefz zA{DoNOlKT?)#h=d@N_tEIuR9RVl-CabV^O?Z>5%6tHePl)Bi70;m@|Z7Dna zHeCz2>1D(h$O*RhfA{rSDh%A2yeX++(;L*BOH4= z%md^O;As(*+vi~`!=;40>`8`>2pW?#5TxRg0K-)k9sU6NfjSAMn#nBZQt;KQ7V3A=5MN#AYJ=!NG~ta z`R&DH{KN^9C>_^EK9|nF9cNk1%dO>ZZ`l0Dgcw~4bFUj%eKf9YRJArmCdXu@`T@WKwu?I~4FI>6B zy}5sG6}$bKFW|;o?k*w|~Gqcl2gh-^>OW$zg4DmG3-7`!#*%eR2qlN)lM# z!Zo_N62X8W|6KLC?hu$qMMmh8_9StHOl> z*$hn2r`mm28`6+z(XQj2z{g#hf7d~$-&LsS6-`cM*c3_peEZ9x{a+43EP(2@6A2?f zsmbV}C`WkOQSFy?+ciKLEH162jE-A!nTm>x@}cLi~j&T;E2g=7h0T_+y{S z{{vUw`^NH$@Y4r)wF(?ytE%@6q*`Vy>%0P~cp-YraF~j%s~I-`p2LC`E@Y5BQ}A-t zYl&a$BJ|<>Us7@(WMpq|&!GhRGz!##6;C$>E2^+0u!=bHL_BHooJ<16<+=jPE8)jb zujKD(jcd%}UEwAfT}YTx>jSlQggjGe;{@GPDm|M|bpGQ9f)2+(rDhN53Q4t(KAQ8?=?e|)S9klgU zJMgyDAB$bec;`t(pq&YWn(JUYIwZIq3N0pmTJx)aek+EURfhXh$><&$EaSteJbjtz zb+l1iL0SpWE|T<}CC>Ozv@b0vs4_?@VOZgiu{&5rMp!3-9>#~W^AhtL^%SbS zU6u!zcsMz>o}nvp2a?}TLQ+zwu4P;uYM|!(?&&lNqL1Z0dKKi*pZH;Z7T#XUiiNG$ zl9eP)D89|>WxcE5v|S2#kR=X|Zk?41!TGy*y1F_0)^N(#fpL`r(0s0nV3N>2H2qwOBVD*@5SOqp4n8O zy2trN#O~x#UT^ED`)J3J$SDLr50oXG1yX`bt6XuztF%;n=>IWV$s5)}N7PB4m0oN+ zJj05xE;H+67$a49AS)#A5CLtiop|i9o#?13a z9-?avIi=gVlvUb7+L1Bp-#W@Z>sm^OQa|xz6Mpt$2@xYWZEpq#MEHS1^@`yEFcC!5 zObHR}QXzsZ*HNG-09z4vB`U@f*ZGbgC5BU{HJTl=<%BKjlY}=?M9Y%bM9d3+ zVVtEOm3ju_TRlKD${@+26YqZZ*_!Bw3sl^b6nSoBc2iIohH=OoOr2%QN8L8mPBd^V zE3HS^##l8+$=JX~7G+*0Xkr$SikKg$4t8P;!~LyCrZ+%|;r;=YSawni^GT=IQ|;J5 zI%7WCUT%BdG#bh*Wa7x;4T$K#qkA3(7i0v*ltKz&k{!qipeP| zsmx}9kvTG&#c@$hNDHZ^hVO5tTbN>=Tc0u9o`HNmcDSt=-*P@TPbKDD_3N2zAW1`B736#9^p{LgR4k#U}p7;*7I{J-}ZPhdj{6*I{9k4h9s-{FTf^dj@cEf=&$ z_42o7-iRVaB=VWir~iv|5^ z+^MWg$TJ8ZWMLU$0<~lT(ZsTVLR)qh(yj@Q9A)P8Z}sowmNsHyH8EV8)UgMA`A?)9 z+53=m);sv=nzNhb0v*z+0wGL#t-$abg;70gust#g9D`~pi4_TS_6KdYJ>pV5#7SZs zUCd}~cedu3M{bX9kf5Y1am+5_B)a%UUYJOchY~+`x?hS|BxPx_DD3d4^`e7f^`4Pj z*_P9J0-FIrya>nAGmQvv)~f853XFFsVu}sSo(gY^nez3u6C;GG*v?iY?MOO5q7}!b zUBYG)4Z*#jNG9b1g?T#YlxsHhMPAxQLCvm1#SPap$@!h^*{_&ZigdQ2vhG@tS4^#v znLx+ydjA~YWLto;r)_%}d&j|sNRI9g%-Rhw3^Z@|5AZWEE-WV2Gg3fD-k`G~P#iis zsz(+#4Nr!%1ZE`$P{Gv5$pH0Hps`qZ{9o1z_}Wk&Q}kA}pYP|Z@zTLbR(?ZN&OaZl zIjfhb5eu^8x^K7Ow=p7!#)}|4W|+K){lxplE2XO;S*(qdObfAf#?}&N=oMG1nHVG` z)P`$$GgPmpJDjjM;vuNScIVUh#KL9b;OZQPXQpNF8(TOl3V*y|l#LN{UQi$UmRYoV zRcuor+Gujn&GAXXbd+?fi3SCUirSFSV)(s|Q0%8Cm-aaib)q!MEzFqHo8HK89S{hu zY$yZ^aT7S6qcP*R`t46Z}-U70tn6nqgQ!Uz~b zQGYR%KaYKN`&zty_9AqX%cVFx9?$cDNUvLRL>e4C$5~o{41VK@b;7LFoBN#f-E4_kZnKeCWwZ@uryPx!TcC8O$~}))ThNV1_y=k9r^M zKTgDnW?JFnpo70>j!&Q^)-QWJhM!9#Dfhz&Sdi^M85sBy0TMr*FU?R3CH=$=Sj(!1 zk{%>Jl~xiitXaOdaz)xC2g=uO9@bc_!g=fqleqne^L11*=ngME47@&nc@jtfq7OTu zZT~L5r>4uYvXd>jrvA+vZr}0-o7h_uRf?h})VqPP=0!s?-V8qLcSZPTFAXlU zp&PtjC$%%Vd}DY=I!O5uyWcX;)XPwjbvv?|wugo1YYD4x# z)4zK$ZX%4#yk%1Fbx8YhTNMek76=vkO95AxXtBfHRe`OC_I;%|W2N|Y!TRnX@cYZ` zY^*Voo{6cT#WW4r9$_Co((ZLO&UUAEGvys2jFRK@TNbcPIo(rnbE|3C(~Y__Xjs#d0vSV)3Ah%Hm=~`Yj4N0vJ6hjDRivn++uP!cXd+0W14w% zl$P<~Pznu_To7`;!)BBmUtSP-( z&qCgyuOdH#%!+D%{V;7oJvFen%NN97xnF?e+o2^t*W`=L zdGs|}O^E3e@W!{FqpWkni?fCUwS=!&6$k@-{K2$Qyz3ohiT@oA$J1I|Gt{J1wg5?w z%eGzS`0>y0labl8r*2MxflsI_OrcvMWbHk!0Joo_h_VCLMu&{od! zhgA9tB(LGzAa>7i{fWXE7+O6L*P9$0t})J{nGm--|E}k;Dxdr_Z)U)TeO_RJ&(kFv z6bi;M-XLg*pTYGe^}nDNG7v`t10tA+(h0Y0(J++AlBeYPBbzJ+PSdcG8uazC=Yui- z-B5$XHN7pKrZom#TaWk)+SSy;c3 z$B)|~<0JRSA#sCFKDw_O0nHKWW!j)99#32^z8%BBzS!99A^{J#+I$@6By}sEP#o)e zHk6U-kNt<8BoFgli0p!U%ETq8xgC|b)g7KdFbJz9obr2_RdW4IFLZpNSpUyY-;cMW zZx`%IBR6s0Jz6~QSt@zH_+2}jappp_Vk)!W#K|?=HBZ&xp-?+pk}KNG$KGFN3rO*; z2vE9CYv!?zNGtGX6cO2ey6fnHXCEb3NRGuI1X(3;EuHSS%@T}d@N&FaY;$X!il&PR zMAw)%*w4PdY(lMbi-5M-#>{(m#Z_H-lyZ1BOL7fm7Ee9TbG+{CgI;Fh{}#nEHY)D} z+b+?1nGlNG8!>62zAA9NF~x%;-_F{YPjn}=|2QN@WOpxmq8;;k9jb`+aE{?%L`;2{ z!p0I4;P~P`o%RWJ(;ONrIy#uk8&ZO9W0cp_^k=*Y!Y`I4*KU#O+FUlnCfu(M*OT4O zPh1Qezsu*V5-J8W<8C?{|8@MhLh`45fd4NB7@xmtb&#H^9xQt zOL%kv)Gt2&rQUG`6T!;4W$oygxMw`Xydi&MYDpMjO9wi>=NaZT&MWZnSyOIhIq;fE zSneG z#uQ|$<9*AMO=mAA^L*3*ouNugL{uyeK^lLdRB4)g{8K<&dSs!fuLy2AC5GCb^wv(6 z;d>OpdVZJZVh0E`lG@;+jI4U!*v7X9fgX!WYY{C3tpL>U4Aj&wbu$tcpQVLv?Rs`V zAFZ4-)pA71D=X2!!Urj%ZfHpd15BWSp#?E2=@v@9Lw>YfAd&BceR1X*`Eartdw#X; zw;aya2h8>u&CD|B)Dr^kmc^9?e)zZ&*wm8}ZdGP0%bPQ+7WO!I4EpIRO07&C9|$>T z|7xw;7V?rx_4~N<4w>C7w^q z+L@bM4{KlPElfz?YRRgpj0qC1x%6Vw#&%+jk1qE5N4Q776h+(Ug*01#`J(XlTC8g3 zqEqATvcgNNPTUvTl`S^3+_7w77xGh2Jz>W(UA8{Gh@@~FfWA|gkBSPcwPWXME@=Oi zi>w5r`>Ad8{`B|2xnl+W8nj6 z50m%1%wCRu<`5`F%)sByv3f5#_ClYWvS<+{lQ{!Nc$1-4Wl6r|T+LK*K#wq2`4O4D zUjc%$XVTk+c5)hLp(q=hCGFZbB7gf~$v3hMISJ9GcnTq>>UA6P+-(c`x}lLy{boxl zdo(mZ!0p5RP$33PMA1Fvr2nEW{AD#@YqC-?ne%amAM2r4%z>X!`biX-$8)L@r{&DD zW~^7t6?w;&O!6_UoomAba#gunA6=M&pPbpfMMo|bx|ZrY?cy9~6$~QF4lQ*yrSqJH zrGPre%(#)p;YslSmGAy1wz9Lhu**A`lGfFAm_wy*_{mMjG$3WIOL)KS+wS|5Z99c- zP;d95$EQ#iP!z(q!K>tM+u0>}>z}VT{uTTB@WMoF3v5l0YJ)^_T)Nw3D%)$yr=HOo z5Ycy=u&snr?{O%{T>QetXDrz=#_T$UWPcv~2WIuZF6o7dl2{{t&DP#t3G}ht;5576 zLBzrZQqX%=z{4&I3RL$k!J8Z@JT|#7?9IH#TannA>R;dR-|5@`=OKZAtw0Oy|LhXc zL+T+tnQ;}gD!5NG;|utrq&K3+k<;vvwuM(^QHhHAAYW2RJ>G)7%zBqK^wlFgzFGHz z=Z*gl7V^a;H_Q&uq)pOl>XInDEFyLO8pb7v<8Gt<3#zTuNH3F0H%!OjV9)4k%@;9z zvP<)-S8&*e^Ph`%|H4gQLq;AF#XLMAfk#?2s4dEP1Us{>9O?LgHO*lfyKM@6*(;L& zINY^AEOCx0UrDbmau-bbXF&3=+p6Cbw2;aF^hav%4JSUsnfUj#gx7zt@4pe}zbyYE zj*RTy+$L6Z9=dMxM;tyKYT|!pMqy&&R!w@fzIR?Y54Qipa{D(1KUaEyrky>~K3Rga z9kArp>3^_U{?}q^a{@FOlLkZ>!!_x9pY&hk|2e|_$H$i~8d+GJK^mkojs4FSzV`;L z31J^R5wgF(e|Z@>`}3dqLjU?*9Kc{A1o(UQ3<1)qC%QxLkWQy^EdS{X{Xd!>()(Re zk)a?V1|-fw`MR>?fUR>eTEyX5Wn8GJWbqBu=nb&_wL1SonGEOc zr?J%Z%2tkd8GVPZkog)yLaW)A`qvmU4vlF8DqbbIkuL-{bB zeqaw`x`l>>rGZ_hpj;dvm+$GEbv)eM{qwoGIBv$5UAh)SVn4m?k&K0@_=)T;Hunbp zyJ6dDK?_%fxGgIfe~(#1!K$pBhJ`e%eZ0xR?aOSB|2(Vwu^C%=Kzfu--%oeSYs5So zcVye(r$7`s*4KlAWRDQyuEXKxI|vSV=pq^=pgXLm0m?cr#NIV|dffh?a!5wx&^rez zoy{^l!Hx%;IQ;E2t(Lx(NbeHZ8U;uM?~EE}3m8OW#jO-JW`N_a*o>WPs_jb~G=R_Y zr+%}4TRkuQYS(G`0+_9k-tMRSrq*2YL-%M|d2`2OLq9?Dyg)GrDn?cjk1DSZ6cK;}s+YT$tRCGb=AZ6wUMcT%N z@HdxgUzFlGE^=}VtBd0z75hM8vJ^3iL$TWSDUO2a=+l=rz>7)drpRX3qvlDCg2T;! zMoav}Yv2Yuk0e)vR5<0%sDc3_xNi3-hsAJN&Ew2j1vLjB9x=HTxCCC?(rBikhj{p7 ze5k`_ag+wg9!GvlVGEM@3RLrh?88CVFTtY|cqk1j?dD?OpwyJxr6ZKL&W^!-c}xdI zpYf>N5tXTa4-fvLLC1@C;>YiXphRdOQ9ZDg5fUD6_tp-8Mr?Y7C*g?AVK$AD;?w#( zKI0(0y}BAv6QX<$Kl$L}->m=j?4^r=CZ4?{6IpsKm0K(nt{%V&Ri5|Qb}*rTDvVD| zjrA5ma61)%mR09bvSX7w+}(-F=ktm3zo{53gr2m5oSir*lj*?(wNYW#{1R48hQk*M z400bIl#q@FN`y3HZ8SE0&9!Ag%wZrh;~7v=goN5W$d7Vy85CH``|$7}@(Du&!h9Nsd=n4zk%n9^j5r&>T-{|N zAlSx>e;cdqqMl03#)jmr2sgX-lO1W|OIcmgCju{M>%oHhT8z(D^PN3y{)H*SuUFxp zy>Gw20LXmmb)5E*DqLd~f<=NjiK{1M?q54tpN-jrI)C2SA8}myj_64cvcsmuhrQS5 z9xfeJ$JZ-+k3?6abYqnX)(Ij9`Qp0esIceE58FK!R656;LsQWVP86WNDM!6lPzfU8 zCzFaUlgYq4Cz1Fn!%{|)eJ*Tw{zh!PG_U@W9uzA5wHRLl;mc&fcRua8g=HayH8h)f zv!`T)O8_EMD7vB=n>Mp7mK6b>f>*iD@>wx@Tc8~IKrHmEDs_(<(8WD$Qbe?I(1HzV zU~V;hCs%*TB07CS!0WL{X@6f~V(m&Tyj84jZ-8qZvzx0A62`@oFgG? zV?S3xUkyTyK=4XOeMDqy6cnM))t4q8E9ALd@R_C6aAvz(@Jo@z*Ty_rY zxgG0(YgY7?%%&<-Kad-Tw9L8fxiGis{NI)?^8pD@*wbXPW<3le2cR@d_su;KAMeL1BDY2tB8)(sIx9;p-3M zhOVf1h#v)qgj>~bq^hgA3N~_paVRS3xNj8$$Mq|!;SP$ja;SFMBHs=m!3C0Oc^_64 zM>Ns{mL2A*yt?RxQ>;Cd``vh|JiPQvaC4j2WhOq9cYz7UL(tCQ2af`7u=2N^x!t&% z8^R?^1-8)>|Ieg6kSRJ4sS>zu3)?py_@cTpID`k`CHSd4_wbPcJQ^Ii+nhRk$*^Cw zDejQoh^B`4ET2cemmQlai1bVQU!cC{C)fCDl47Ibf9Fg6a4&{cDVnZy3beTQ)`uZ zx9f#Cdp$AKm4a5LMg3iqR-KfX5)n_R567LVlO%IkU;#wtXt_v1FL=AoCt$k_Pq~;d z$a0c7^e;vNJdOLqz@7KX!Hf=C1MM)5pGn%;wU~|wh~k2;A3zh$3t?!ndc5uj@Ch+) z@Y>)NvNvTb^yA0QQ0!;RxNAgzYMo8fjuQEHTvRQTZ%fJACm`oVN=AtGJQC9C-?Hre3F) zfXSByY_?ox-WFtR`*^AWYGww2g7`u zH@I!4T=9`1m=jUkYx=n!A=sZ$^L_6EgMo$^>+L%)^iFGSV^Qm?W6qF9f|wosdhD<6 ztjJ#kR)B9AORaHbsHlX2>)D-9Eod<7t+-k!o=g}xWDy9wE4(kHd)bRit(v0tEZB8f zn~ixpvdAvo-iR<2(Z?n4geoQiq>SCQl<48@WS#G~ge$W&3Zi{X5o~FIvVZl=}4?I7y$ z&J&T7@(U%U6Zi{b8enQ$=!WFf6Z87vK}fdojPi<$W{sG1t6I_gHIJ!gNP2v{aQ}ka z3QV)!1*!W_VAa!aaL&P%b)~7_QVk7>10!sRkNoX~3N}$A(6K)l&%_KL!M$!gAGc3B z5^Kkn(GrnW6r*pA%M(3*@$g|=!2G&dxZ>^%mezYVkmlK(UcSQZA*S9rdYH09q!xb8 zh~187CoXK2ZSz?`uk3mSzWokASdkz|8Z@ZX;&zin4duPQoo4D+IZ;t4CO1i%CBzM^ z;qO9otwa?1bb(u2Q0blnB~$Ax1D)+f0_SS#rqblh5+3(i%vw7dOPWPfs)T2>NE443 zkx7H6tO46OX_X;t)4F{%a&zANYkD9n&|IAWvhKB<`{!!o+5jg7{I{n*(Wf~=X{krY z5C-SRS|>g`-Zq-b`>tZThcl#o$lRiH@3s0o<%H5J*gw+zQ2O^N_e-sA0bH_?2xlI+ z;gQKUY)Jm~8?=nw4-Ky%TF>So$V0}qFi~bOwcCxC2qjgIl##%|R)OUKb7*CWmZkW& zWPfvX>ti=oYpmj^ge;uI`XFw19m5nLquIz0VUeMDMb~G!93L}dnO)6mt|Zw{lAxb_ zx0dxM5;`x+U~!3Iat%)Y(Txwe*Jd2Sp{NZpw3Bhx$d4EsRk^P045m&fncLY`7wTnr z$&$L3T|VTPj=z^-%+rt*jMbNd4o-22@3s7QtU2L;t#;FW2S_{!nW8)&~N zosR6WK0pvOsuLKXUT@!|O@lC=hAv~P6?~ziQX4;LmUDRPb{jqKcBaqhl0_qK>JK0U z34EyINyNAz>!d^b=ZMa@MvQ%7l3~cyt48)R2BbT!MGnTS&fU(~H?KyWrw=&`;;l-M zSa;*T`E_QKR(LmAwt_-KjEsSJRQ5P6_lj zgAFLLM}_?GlO}++2u9pz16ec_fmY@~>-X~yiA?@=W?DvxLtWJRz_=8maI;{dMJ*hq znVCrKJfG$?*3)F+l~#IO7XQz!?d_y-Ru5{bk-TSjc%5y3*af(>qVwgUM7(sjB^_BR zuOt$`v0C+nR0rmz(G-TEB1Vm6Q?zL-W$y8Bc+ zJpP%4)D?}-#0`lq6R<0GfM)e1{H&l>P*{(^aN9d1G9+%8uv=$gP9s7|$klTMDL{WF zKHnQ=9ljzD|4Y2$=6Y$U)mICZjPJaP5|(1vWgn+Gzfxkrx%0^2YwKS@pjLa(1pLBT zvAt>JG??opd;LItX4?nIu#kFvArl})H1DTo0LxHU$+E2%<-o$+&GP?iuH(pOA zxdk209UwaLklN~sFEauYLHXe7?3wyfnbNWZN5Fc=tm1rt1>g@&$jvG~MyHW(nMypY z=oj?Id=UxFHJ<<)&rAzmjSA}uAOyLHEi~Mg%k^&;|G`3Wl`ZkkwkuFD2PK!*Mi6`# zqz6;|kCFvTg$~A~W!D`;ai%Ck-qsQ0ZAaHZqv&6#FB9}B`G$2HMH>LzaOd`?!Xd7N`A`UGqQV(NE@R!^g=x% z7uLXl%SI&h=#-AHh`FVDKDp!3nXSoW{?hq(hW@0YzG7@mTk#4I*|zU1wlf%HwY_`upU* z70s|p1n1H6B|{<9&8z_shmY2uwIXBuW~XE1`m;S~r^2?>Z9E>jF1Aty?MR`}Gb(z~ ztje9CK~GJO6qaukUYGHz6cKBR>F(IJzHx!B@@ixwfQAbS_6!z!R}sxL!G3Vv85J$L z`^cu_TBS}&NL$}QkHqbZGjMM`?ik{UVk82bx*Sbo6~U}ae^_#4xJD&Wo{d0nYMorR z`C=qMh^5dcY#ZIs3$zDjY?IyI9VY;vNm9 zVG~Cbi;%4C(~DS+x){Y#>bI~VR&D|ja#E2rA*mk%il*T&_kLS&V1b$r)*w}o%QJ1HS;Jw)1Ef?7UFCUVBWZd70Wj}Q_ zL)~Qm#m$k$RYBEPs6iraoeS}NL}$0_g#-v~Qhb~%4z8njt!KmO;1#9Bjz?UN{rCWL zS}XtTqa?LjYtIwQ^ef_Oi!d7Yhw(~qB60a{i@u!&-Zq-&g)X66ldv4mXo}$D!Shx+k{aKQ48~EiP7Yb62Oq8n6W|&K zyw}kz_zzYJv(F620V0OvPlZN*|5G}Xn{2D-!V*yJ_M1gVI(8^TjRgDZ`*ARyOW*`9 zOhRP)e}uWRh%S5$Ls3XEQc#+1)uhUIukO+eOQe>G7k|`u2=Cw3bU?Yzd?pH!lQ>@3 z->Cfq`{Brp;%VVABY!3biBwO^)>W>B&>#yRt_{HkOB`{s-&V65cs`9QE|zyK@uTuej|Fg;$*)( zMy+=&d-t0`o@*N(bRg7#A-C?PcU)Xj)Wzdwz({KAfM+X28#m>OZz*`yLQnh_&Xfb* zbDo{iUy=FiF)E?-cvwSpXL0p1GvFj#_AH#{>x%lD6;}ASON^lkarL@#f)aQ@yb3EK zlY-!e<1%=?U3Mvk#g%bv+E6^KI*(y#8Pfe?^pbW#>TKk9w$d9T3Us)9<$ko?V!y&b zRzA8@MG?WKCRJ>INZy1KM)kN0mrx?)q@7EdhcOqYOHF+CbVW(6dbwPn33RDkr{sdFDhx`K zrc{F4lX{5-#pd?F3IuR;GBg>2%#m2&fS6X`D@sy+b+@Yn@d1uqeJ50?`9S{xz6tQ* zWM;{yXs`P1cEX-{mS6UOBy|!ilrGj~WBNMI-+P~xE_+mne?a~CvLSjE!_o6NA3o1};-yLCyd{13hfG=$qf3inf zT#k0_3gB3SnXm=y5H6)}gzG2vXPcLlO`QV)dh!%bOkw@X<2(-qqV#bCV|@@Zdt>#h zWrR>ra$Jd3Kjw9?=Di`^+WX^Kmoo!)Yft;8jUF8prk|eI1MM}5*c-g~b8SR#E(zVZ zTd<4xjcJKeBb*hyiF)$7x1LwKo}RtKHSq*U5x!kgA#Pfmfr^~&yG_C91_C3C_giY> zT^txlxZSy`k`@#|w4$8*m-(iGj%((R$1~r4evn;D5239Pn>}_UZNYS4{pNx9amm_o zmPqGV$Z$i3Kpfk%_V5|$UOZi1JbAREBfF&H zoJB)pXq&Tzm~UYBLK{euZhcHwxb5RJ?ac~iiEibtYRl-Fy)z&!t-MV`jq5LuR@J#r zq*5E+j<^m@@&Ijr7T&0(^+uBj*}#fuCG1nWy&&M<3?51ajkYVg`Vjlvj%>P}m_d{_ za&rFvG46l*Y&ksOhB!DHG?`h_cg+oL-1VHC7BiYEu^R|jTpSN$p9i-dV|TIwpSd=6 zVI}`a(T6`u6kds?w9Jg@Te77C)|HA%e#)C5VoNGRH*IH>Q{?ed5w(P@4HSf)C*kwh zHGBSq@Vs2%Q3O`#Ls=i~gHPu&(1jlxxOxZuy5tHc zJmQ%(y9)kvYB^hvY1Ls(_;Iu&_w>*natZco)9@h8Zp-W$xsc$}!e9D>H zbi#ztYs{+jkR9#)c08L;3K6AUk3C&8_#+>vS_YFFs!z%g+7(qfNojiK4!w@~Sf)X? zGYg^`uzg>h*RI9QDA#U9$$?^h;)y^SKdA& z;&P^8k-C?AWu7xEOp!2&7D^X=4*jkx=1Au%uJ6V?XSM8{3x5gG7{0$E{kBIOdToo| z62W1NC(tYpDRVvB8uwYZhL+LTn36H|i@77Bb>TIlkd@V7lzkJ$5=aG%8Q7d*X4=cf z#}_3$zC_fVqMEiL291<{3W!Vm7VDVIKQqGv@KjENfdQ>0AM3=s8a3JV!=@RDk8W05 z-PVB|z@9Ge9W0|;=t;o05V)V@{yxXhFnJfLeZo6|2kUcnq?^P714yHSj*vYb3@}%R zOL=J`i0=&8~>Z;@c(QydDX*(b$NU5lsg0_1y#~ju^j+f+22>H>v%=1-x^QtnWrx-1s3zV_mKDtvpmovJe=D4R3tW!G}UrwZ1nE%x@k zlIH7S!>9p?oobZ6y-qh3OiaO;<4s%-Zi1YoUlhg4N`cS1TcghR9AZtnFf%pO@piyh zID&(?iF190M_xW55ka`P;j?yuEUUu%Sy3{VKd5)6c$i5SR|ZDDzFnKsmtO5T2Ja&i z1}+eUf?uQ`UXWFL-V!ERWt-;L6_YYzQLL8liL^61*ly-JsBca~p+=Qage}<~14{X@ zaRT;wt#)@ef3jNYrX44UU|4-P2SRI_WgVZ&l&ZTH5D`?6bMFqGl`} zG45`nuu2-;-nm&la6`uo9zK}t)jiuMk+u%&?9He3s-YhThYVVBaL14C!w*t;8njkn zmmr(&E_QvtnfigOdiE1_YZ&=*>KgG;_|v=ImRv^6=&BL&XF1&iw`aS*uL6!TLgz=s zpEQahSnX=)-D35$QM=n4c`QwfNsQOlC#a&o1c9M<>e$h@{HTxipGi}EYIP_1If->L zo1JvE9)0fUZ0srU*k&TKWLBUJkvCP7*M*IPa^9cn`!Z)Ds37Qx>MJ155eOrh+(jED z4nV(lbi7`hxY`|ASf2j)O}fRU9F2}-g7O-=TYX_Jb?;PXI=M*@EhY_;p7Kgt0mDcO z&MhQEPj2Z(U$LcfuM5ugiy$&-*KKPXVD8y#AeOz!q04t<@d0bH>^L#kcQ+#RZD2HG zQroN!m(Jgu9bi;{Wezi!5S$OjDK_6Nc-AH+D#~%xKn?h5sc&YpFVwZc-sC&)TPd8= zy#6>e(r!>p_g26|?reY&Y}8x!b;l9(q=q3*DxDRfmeU(EMGqU2xx&z4=8w=_T6eVw0hU4wvIFJ%@n! zZ2*CaQ=|rab!F|{6W6P<+vTuQC+^#)^74oRU)*Sm_M_|=6oOavlp!7FNcuX|Ry4`1 z!dP5M9|thp-m4;4yt{2XF%YzFAZH%cMASKdp8;(2Myxm z?}qqH+}0<*Ub|2kFpbKHJLiiZpDyLbc3b5vX}9Mwl#Xb<^a(lPCT#51%}x@J?F81I zRSphG@B^s3BXih<28_LRSC=3d;I@`34N;c4&pay&(o?>4KJ9RKIu)W@8)w?5mhroSj-DAC{K6uQ)v=`Y)dF2RN$&(kq>)$|Le|%9P zdUS-gab z4e{fmot#~FNT%xRG?IIj7Pig=RhlAfY~v({@m_ul9J!Jb=6Qcjqc9+KbYRMX<$GK8 zylGlbtflIMA`(IRJqt9pr&5~3x9_&GBe&NS%lE}`51kJ5@ja0Ku>(t*I%5UgSqLXn zbunYv#tTS0s0f2t)O96KQHOS**$AjToSj@r-wwAcAwm}f*ge^CX7Oe$+8yNKjS+R7 zDhj~sc+QgL(O=ErTKzfQd>TJRtt9nyWXfQCJGrXXxcprngUWS$A2`qT_SSb@u{TpP zqVFoWCXS969vIgdXQ46T-XGfuPfy`pV!i(5Vb#3V(;vZD)lg?F z^7kNve6`{b)8N3bc4Ak?JK@qIIA@Ngr|Vr*Sq&A=cUFxiMY;RB*5hl$mf;~LV)+bG z#*LA^-B}%M%{`I0-C*FxMl=!nV#JVgT7mlZM-|<*pk-iPoY+U5L^g_IYbc4yBCFTM zS%#fXZpNa3dv!W$2AFUi=sfpg4W~&Yv-_U3f_QUNH(VT1zcykB>TYm5a!_1`!pV~9 z+eeDH851lGK8YNB$>?NFsGFO{K)W3^FD*mRJD8-wn$UNO9(a*s(aaIM;@Wv8%a_y2 z7S{AwhTdr4fTGhI+tBqU8oBi}$N0IycXo8M)N1+n)n9{xBwSwhJ^t%*Z26&&8GZFN z0(^fn)(3@7xB;~a88bbuIqmFd?)2{@u1cNkpv5ttFlCEbrw5uXUTy!%be}ul;&+4egk!B4RB#m+Bux0Hud)NUJyBi>{ zrTm)(`_8P*5cp_w<%_d_#Ew$Sv2pkRsdb#;V17L}hl&<79b+|q0)Jn0Z`E81^18=5 zTJZ1-wicz@%nS>00JU=2$&}vg#$IDhX*N5T9BcJwuZ2OSa__^=`lgITzG%JRC`Jw z+WRT=Ij?G{%V#2ng{&?jWRYRtoMK<}P{nWBk=bAk`y})O2BWleYb@-D2zpuDm%Fg8 z#3+!ViM29kX7ew`mGIc2<}A7DXP-E!`9C)>=I7?&H1(%b_~ZVk9#VS*zKlF6J3A}} zWhfz7Nwb@asA6uf&cuWsedFgb15d1I=x9u9A@RG>{Kc_9YWvn9<(A#0?cizy5)Fvl z&D(K6LJu1eDQu}*I{H=M^8yS@cQx$wZM(7V6ViRbvlGMTW5AM{B`XFzn#X>1Smd=N z^D24hODicC*C+cMqdK(6WSL{`cr^c}$jsS9wcxdfZt3PR5#2(GXEHyl$1|qvzHq9w zHCD@IN6Du|o!;V(Wqk;Kjeb!tG#o+!S|F#QRq;sqHtD5^%EQ>r3PHHFjjVn)Tq#*x z3PCtSr1y?UhA{yq^g>pdxVuSe(?)M6J1KCiNc;-JPipNPZTke0*kdasc#iFJ@|LR% zw*Kw78-1i|KZrE))&+CTv-rSBj_(u`>HY)lGU;zjSQ`?s@bCI7v9i$hI2!n~)WzrW z!l2{}*kIl889VfjV5W%?fg7-}d(wA>Ur~`mLtLG=%mOrLFejUAzyfJm?9~CyPIkz= zuTyrQOjLC}Ki^K}fO?+>wV$1;7zxJWcWRw$G$DbiAwsTD=SkTVFY#%$%%+C2>_B2U z+Ec)~;vB!Spq3b`fl&t<&u9PhFC6iDn=~M&FZ9Sn>HVfH1e4?91jR$j(5z~#Mao4k z_in5zr^_%KCMy4Vyi1lOJi_hBpcSdY`L>E-ttT`X-Y{ot8amqk5AW}Gjax!SSzesP zCEE=9=aJB!GbRb~OSJwi<8boXA5tK5%sF=dZ#38=GZKCVgggK`dpBF)Lw4z)JGz-< zGpTORw%&@QQSDSPG(W%TxR*=rSl%S0uuoWlJ^fd9mRNiLsak6Prm8luXA>+?x=mL7 zA%i;0p$DWb+G1nYc;6!Dr|^bDl1ggwC<c1RernFQ%`>?Ku0lDUAa?Q&ajIW0xev)&fls8>UC@s#R`1vhoTW%U+jd=%v78azx)`_N24Ryy? z8$C(0rb$j@CTi~khD-#~%9@p)1LFGN6b^K#Zs0<9^1Z$fF&u$+qZ3?IpE+K@1M~VeHSLMsEGI8XaDNUi@_Tv zI*o`|4rVVM22b*8F>ZWO%~%+vN9b|aFn#SpX24EQi-$mK*)fr1o7A-8Liebrx1S4&Xvlj!2TH+ubsg>QNpxJ{ zR@bH@21faDosEaS&HMZO;5=7TMo$j9XBOJi*z3Qc?|heMlvhRSqh$oxkNc=*lhQp> zA)S_(y1mYMkaawRIgrl8)|3dOM?$AZ?zugz%62Bs^Jtx8LvQDbe1hww!!9K`%ToqB z0w^uyc3I$ilQNd;w8tqp9`5hLhbJ0;(REVPP14@m?ZPC ztRg>5A+tXkp4}Q6GkVU>e~ry&1F2XoN9uZnLzieTQABhHVcPn#Ru*-C3S$>_S$wCJ zLZ~a7JyV*?^)KiT1{O;hP}j*uOg5jwXY#v1*K~Tq*Q8DnWN6@sd$D7r@q>{L55}-^ zJ-v`mnd46Wki33rgU&olM~7{=a!{9yfOekYT;4U-VoLrLKd`vT^cWzOvOiu4I9YIGt_%|jSry$tu!$`MjeA+#i+>foNn@wrGgZ7g zZfd_0{Ewh|&Js*%;OPs^?LwG8?OvUtw?kQ!m;+3n4QsfA;p{O#+?UUbFI4{WH8_`{ z^^+xD&$fA%VdusaR^vM))OEUK`JGpFz#xNm_W=?;l_%YRz^;Bg`3DNGurZqyv2Pr- zh=;3Zo2ZxTv*K`+CUEdakMU9-92>(DbazI!OreQ^m=3$t^}ic>S!Gjh2KD_;by09b zg^_pnCPk7nvM`bDuz~Q18M!AEEWtqLv{9gj>D4D~LsA_lPwf$#Db^JwM2lDGS%t_4ZT5<~ zR@9|tS&x%e+}s;{(^fxcV(_7m+GfHFbACl)^2JffE0a+~@;Rn*is(I>FV4Bb1yYaE^AB5(xtiUx4o?XC8$pKJ}9&+ z{0@fonETxog`fDYxI%M(nJcMoMfLOX%iUIe0g@rP^?nuyms#!+e{}HPE&%S<{BLbd zJ2rGw?^|l$W;0$Ld*&7_B*Ijg;PR9N0L0jKz46i=}==;r%O@?2c|IPdTKi|ge z3MppMw3d*Z9Guf*hj=uxR^9f!EfSsxjYSiG_mgB9tVAMF7NK?N=W5|-Y-U6~$7L_F ze*}-UVHcl*1=WjRNM%hVd}Y{J8+2wwT}?j3e&L~H|LrvTzu+OSPRK*q>kl{Ez?#3a zd;e80_Qx9XaB}Xg2Z`br(_i~f|B4`QXoAzb{nFg>;`n=6`Y$&!jU05@G@8_9$iMs3 z{^Mb=p$Eh6w57N02K=`M`4bIv*%2&->%iYOihmiRJ~(H}Cxk7|6wYta|E)nDhJh|~ zgiPo#_;1Z7d>Nra^$G?pEv=_#gb};$%8TKzAmpM!NKDXK*vgP1r5J`pmOHE-q~%tm zo-yb&4;h1ahD59FC91X&(Cp;HmcijEIJ)EBKU~_Cy`ny*vI)qG87xjPWa|fH^gVc& zdOgAls6y};XXyL!LH>LHmj53Bcp~K0h6meQ0C=6X_$SODAyx?J_gw7LC3SYy7Lt-Y z;=`S10~7x^FQTZ6*y?_WmQd243lV|SZ-mpFpPF8t+YWUf0rkvC;XB=7N_u7A8F)@J z>>m`d#!qJ4MLddxe?Ct$7}B2P|HFoZW$A|J(!GJdo#+GS43c2zRr#eA+O#7y6qB{m z#)NXU$@j`vEp=?lrB4AIpaG`p7_kYdL>l#Yq4`!ptRbcngxnpU zEf?$?LX4+-%y5r(=-7mCAF+6`!fFmS;)$OG&5TM7LV1#k(Kd8X1OszH8isc4gQDot z886n$P|3f`5cPqOR0vxZ8vkMF@=FJtm`6uI6lG0-p`uzgLRnNP~`VUiZShT z0{`5Dr%g_c?FUuc)^BhShpBdw03=x^s&EhJc*qwmY>Zh=r&bW`IC5E6!tU_*x< zmR3Be*xP|1zgythj=VO?{G&f&zwumtgHGg6lt{aC5n6{+ZKYojrOa>lNmbJI}XV_7pHMOpUqnGGwjKJ<;fYUmLsta6fei z)(!L6jo6^?1CP(}{Y>8qLN!k#jth%g|HOOVY`hC=?%Ucw~aTYQakw1`>D&DQxjr*HJOj=ZT;W&KYs-%{~v6fJsI#hmm;0_7K{%E z&4xd3Rzu$BxfT?r-CtsL$B|)Qj zBMfM1M2(gQ|Ab4DFr1ta)2e%VmEKoKQ|clbFgEaX``3lJ4SCi;(mTK#wcDIB5eLl8uHXsy29@ap0;J5+4>yBoCUp0|2$ zCm>P*JLlffSCHjzv>%i_tWGT|iqA76AHf-HtiMAh_m4>aA5C2IRK>0l@CckGdohbj zng`ayLd))N&#xobKJkF293ZZj;D1>b|1U4Dze#R`%JBa~N);I_JH-!pm|GQMWj*q2Ep)%Y$@DJGNlxVz}zX+8CZ{UM-;dtjauh;F&K1y zVG^XM)C;>KfqL6Vx7^gfjYI2NL(b%lk3?APG9zpq#D(g^o(j`Nk8Rv18T90lU13&P za^##yrZCcb^GaHf+NkNmMPcmI zXnL*uIkBsv22O{*xGiFCr^5IL%jCz$pCh4!6Y(P@uQ=vnZpMIxNrm@~8)HqX3j*X# zcHQic8ryKm>El<)JzkC6Omz@bl!tz+5O+p~Zk@LpZ);(8!{&K3#%=;2)!v~xeaaD# zOexV5MdP#gEwfN~k6B7>3htGH1CPqO`LI%OAXO3IN^R_EpMD`SweqgbdN}x1bWkg& zB!~+j9#@u%T9aFgq$y*3U0?D`s4QTw$#u`dO;_s;MW_npI`fdqz2D|}+57M(QcYDO zq3*yGZ#<;+_tuWo>c*DA=tMKM5u1W3p#jBN|KKsPHeXkA??%-MmgBNj`L3~znur<= zvjio(8&@B8$nG;p^rlQuj65i!lzaDE{P&A-AvBj@-l5|~J{>oj$ zaB*V`esr)J%>~Szir7iJ3e2^VFg`qwxqubJBzdD5mpAmUC#94on=WQ3>>m&W$(Xl& zTdnui>-LuQf&uKoG~Au|u03->0t17_QIq25AVQ~XE^f<@$nFou1yxl&7e+`bjomo8 zrD>?>cQygyjkmzKR*Ps3pk-{%@Q+=a1#VgQB}J^5D%I@lR-yr8ko>hZY4_IRw; z?LqJH<%1G_xZrBoW8UHyF#!W`m^F9*I^V$pgzGe$ZueD%YwnkeKit}GGr^48)y6L` zP4?uw1^r)U;eXNR+i`;@fc%%&1ue|XNLZSX86Y11qYH4*t$3U+&0H=joHd;8OwW!M z!knAjzc`OCT>-v>f;29lv~7q4_jSNwG;_1={t`(u2N2-ah72Ls#I?%m7_X@I#>!{6 z4oWrt36p2Y5n~F>-AWZ}ijKS)imuZ{#gZacc=~*Br`Cn*!aA;v0OC3aU0)>%P7#Wi zR@#b&N4GMD9gr$1t$5*^G+E0I6*t<^M)kR)PDDo74sH7FYGZK(1#kUoXpc^JXJ#Qf&j1IKK`*MqM#s1-$EiJM-;Q_?x_y?* zuY2mN*$dLl8cB;A6gdwi+B#>^?i5z|iquijj61lfzbK~twWED-=)$MEG8CjPBkK7k zPWt{X*M#E>L$O3Xc3`4VyETY4GZMA&>Zct#Gw4>inG|D9M;4DQ?s$?PSgjKJ!n66* zUZ>}07*5D%m{|9D4Z{Ce#K;}a1wB;;c=Rbq<#4x!NH3_!W%HO!X_g73Xw=RKlbbL) zPWP9J_${iN3!}FVW`nJrxEXlN5vPCrW!LKz{_Uw+j9vjT&l6<5my3Yem_SK^!rL*A z+h1H$LL!L~rPjvvg_mEpV4l({JMK$YUBps9_L?0@WoT0)QP3Fzy%8wdXZHd!c>&Q# zhq@gp#r%xa;KI~OFE#A`!_bVeQ6xSsgd@Yux~f@Ahm;7`p+FOm?`d`=3}bGrev!#V zQCPHViBcrLYd8HOW~J!@g$%R{ZViiy9SUKHG?yzh5Vcq-{6{T@ZmDb5@jA=jEJ)4= zwN5=mH8gEz_2nX~vJMY}JFCd()*W-%HLpAsnluIce|9T0IU(4i<+!BqErQ;B3>L#j zKeqU0Vw+QdY2fIn7{@W1pk_oM|B7op6wlfy$?-|EBkAB_6`pLe9kWkQLVx zjab~NIpMkkuE`0SEIy-6$2=gzrBO?aLWz_znN9KcJ-+A-HYzYWb%x>1JhJ1nshwok-*$d3TaAiu@as-umX{GA5BvOcwHULQ6o&U=1(sKF7=GlfzvIUY$Ko)?Z`7>3{vDT zYQ9=aK$&zQN%7TM?OAN}0Ex~-2&%M_oA;8WvU2Za`U7LDheS^V!dM?g_yrgNk~&O{ z6qv7!(u1bNa2wJS89h|~{rs4CbZpmy{4(|x6>#~7zy-C&-15kC^De2do=5eKhEZba zY;p*^o$XIGP!zqJ&G6qkIk3$K^CG#D*6eVTJkUZ-+=okQAMJ{4w)- z*ukWS$LuRS5jo2x+!)xc^)ceP+{6rF_eEoG0^A{S_qo~wl=DSVd5`$a%6MK3pFuIM zt}=WnFX1yXk4lVQ=`eZrB-DOU;!khy_F)f1KNQlC8YLEKYHR>{3RR_63(7?8!9gl) zFYP?DnrzDclx(x3H{^Co;DKCMnJ}xPaY)ee+1yX$oK4*^(=3G zV7fx`!X>=OMgwhE=G);Eh6WyMhP=lFV2Lr8QkaKt9}E3)6zaq6-sN*QconYYiN=?04td%7dbg~v%-#aT3M&1&Yfk# zVM6t&Cu(RJ>+%UA&?z6pgHEuz5hpuqFh14gi#xT6mRoN-o{?ta#%Z1orL)&;GT8(r zRu_Y8tf%cPtpt3iSqP&i(`Q%MpT%QFOe@#-u}EFvB!=5f_8bjt%<#M=IPzPYkruTv z2+;T9(8ckibPumi`uV3>z)YCm-UH*sG6E=E8gD)e0Hlek8~eWdq$?Vdj7}s2-%It0 z2!vEz(BKyUzrW#GWAZv^cu);V%t^p|q()a$;&4*xW*+0Q2@dRj{X0Um!3?gEyo2D)}8SAox1BwrI?3glG zJ^?m9E34O*;O_<$#;xPUySA_LOw~ck2G^h@T&{*l?j^&T@rS7OKIkztM7Ir9q}6cU47S{x>7^m-ETdCAaw z+O*^zwIU87BgJNcmlWf2DaaQMR9W<92k&dg4%HymO2G)tK@a`5Zg&ii zAl&!`S#UhgB`HBlM>PmxaL&qJ@}Dj@4h(6pmiX#5V881g`75_>bU})~RkTBpYb_I> zSQS?XHB8To3Z-g`c%KeqG2#HUs@h_nBJOaK%Oc)ZOp-l)D{>`#0Nd(3OgX0ADXrud zOZvQRPo&_Cm)DAj%Yn^@CN>pJ=a3n{s!3JoR`pe2bvf$Q2s|EJ;><=3Gob5&B`r1j@!Ljl&YQWQPeTR4 z@HI2!lN;&U7$Or4!&mN#5Mf+cdssM>zC#nRL@whiUt+Qa!2?2FFsjm)$SH@y^z%xX97MDnZg6Hrxy|<8T}tl+2rR zb4T~%X`MGw>ymCM*8s5}i?!1_HDVh)4sFkR^7``1svl(kWme+!Dx5dyH>umIZesWc z-;-)mye>G%!?s4+aaPKaB|(qZ6B$9eFbbX|el2C-m?T-%hJ@9mjssXgYos0~_nmNP zML2>bV)9#8N@V2&X{l6gj1wSyvU8Xy(>6B?(`Y)>+0y>?^BULgie*-$?T0?K&*KZr zTh`J-#_QD1#t_jRj}*(yO4!n{ON9wvi^3-`2O~{XoUr8Z>_+Y2P$^D$1yz!sdP|X@ z?D_R;Aze^+wD7gxwiIgQ7k6;tel3gomIw_wn)~{|(}@wDn^QQB+AERufF8}Ht%M0> zRRcF6itF%SQMm14^fc}P9kKklb@2b7YQH%u7(E^z1rq;?zN)&H(3cdDKX=3bwz?Y8 ziJfsbN&4HjTQibpoYB(BDR_?h(*$jmoI%EgjMnaTtXLEZT=9T~Q&aOUL3m^U#C;~a z!Fl&i*tN4nTv|Ovq{B_s(HFb+#CpFf98}0g9s+j*!3Rv|d~MlPw>+g*20Xj`yl4(? zlN4z83YtFEfc6(`O!lUNDN{efu8UE=tmva}JV8g6vSwYfc&b0fVFd7r`WkxP*0?5E zikAd)+Ms@|6W9%{+cMGiN!D}+QoE**$goKzSPOp6$hbKS=fRZ=2yQ_qqNsjWQa}f| zt`r;7->H$-Heh2>$L>n+#&Lv0EOz=_3O-Gbsqee;h=^G_K`Tn5gz>lU`6%BaS`SJAKzqUDufz;xBBG0qzswko3Ac5>J`yC zX+Xhsc{(OAD8P=L@omO9I`XPV(FOy@!%~;P&1Tw7H%KB#YcC*W4#`raxjZ=N8EWV9 z`nIve0V1hPTU+$ZGEAMfiPrIE?y}$9QOW7M>nOHyfrDI!^822Sx+N z=c1C<-15oJ`Pmi;bZVamLwQ6^IZ5x3gTqvVsnLx8+xDRV=Ka4$pA?Qra&Q8v`)YF=&jp^pXZ=I_0>MlRrNHZmdKm#JR22p{o0V^ z7&#H3A?~V?lvz5wI3}p?6(j5VDKD}#?Lwhl5ht;_Dohl^+?W{c{*`nJBUBzA*|Y%p zV$pdeXF2HigD_WFQkW)c0Erp>q&Uin3Bfe4FuMalPEdNROMm(OC5O6r{*lgRKH z9US-01q?^zoxjn-_r;Bk65<41eyfLyK zbQs=KOL|6v_Vr48``VOKlh_)V&q_k}vtRWL2+q#ve+^io&`F=Z zu(JEB^3!e)?kBxT{7Qho3+BP$USLf7qNN-b~$OQ4`V zd-U^KnUd;URR0&k!O!EkUsL^Pg88*N;O|{2?VOy1zkDI_%8WKE@>qj+%7SPu81H=stQmA=v)9G|Z*QobBv&RwFCaJG5a$D~6@% z!#y7zl=qilIK$D_46)v6=%X3C$X)sZ!Minuy zq5`MsK2;vAs>W7QCKcOs{ImLtTW=(ntW*;+LF-g~?JiOC@oRjia7f z_!HayU_)&k4wbGsq$F{fru?x6kC+EJ*>*zLavfpY9Ib1hnWv(!0ET1*PpSG-&}z?p{>434jyG5h@z0UhRR)m3 zl##>STa$g<_&F$h$yD+zVApUn%DzsYkI~pE1{H^_9E|Ts?#pV?$IgnFQR{blM%#(r zKun{Y4o{X8s0o%0O@Au~)Rk{MpXNHMtWS06H9PG>+N6E}aU52|DqT4Uu-!(h{wX|; z%jp}34_BK{>Q+_0vJ++CWKczBGhh|b(9{TD#F6)>R1XEVRP}xj?-RvOv_G0-{vWix zRajh0w=SGOaF^f~Ja};T;2zv1xO?O7?(V@YxVuA;;7&L0?s|G{{r=}aJ8SKWbH@d< zx~gW)s!?OSLJq^(>nBBN_q2_+Z*DGf3;K4yz(aMuyo5X(o&1uz!Bf*Mj7-&s>@A^{ z9{$v1s(|#!)UQ=SAhfH|-f)HK^1E%%WeL0OHm=B?A&1{qlMC2YK6&2O< z>qDybBk1h?6UrHx4Rt^?*5X2v2oqSptPM1UGOt`5gZYfBxgLXzekZqG9HS6tTwDdv zqef z!`5Z%i6>mah9Lj=?8p{Tkaf>KstL+DP~i|e79`{zf(`=zxJ zi8~CVk}kp};;f<9f^9Rw;>fskZfrfb!@TnJh;q<*hip%ZC;y_ul-XypH}sk%T~7;M z_6^#7!I1GVLMT&v)+@yI0$BliJg#qs;eap|Mv`x3 z*TW_(Y77xfhlSN?J4JV4{Ga9be*rA~YjIsh{}om{OT%94U%dY!N>3Z{4f8utaX1S{ z?MzuTGc*-fcO=MS#2jh~*4MAq9%GI+Syw@}Fq6UVnB{G8JU(|WYkV1q(BG9RFBxC1 zojq>~2|U%;5okE%*wRIQ+Pz@$UX6=i^ss2zxz-~R-7a`>o%+H(yJAcs8Rixdncj88 z5DUCOfIaixM>~19#wF&A3^;aqzsL8kg?ZzevuZG1;4B5=Wrerpc%q-Z9t%BhG*Z(! zy*W7o+uDdAI;L(DPP}3e@R(oUh^i5 z|5EV5zNW{{)ip1DP>L@4CZs@z*kMw&pr~p^GsTr5BWRF%(eVgL43Sj@cs-$Zk!H*1 zx-_}fwH}p2d?M83-CEO{_V}A^0gSEN0-W0NoI4*Lg>-Gipipa7%}hXg|F*w>hKz{Y zJwcrNH>#QOkBVcPlD5)h+PS$-!-7bFsd%j|JJ=_0J~x@}WP~tth59{Gm~d9QH)2NA z{;%~2fwzYs+N#p(PSx;$B*(Z6K8_iZ*&oCa5wETJ8Uq6uK8vmEuQs{HUnb~rlv*qig82X=n9<3Fg5Z75fnc&xKFo-VURbK2C$8#V;yvE#M=HE}l`C3-TA&rGZ#3s8sw^zSgEHbTGyY1i%%NAP`LRP{k&aW3vc69vmU|Ea^mEp=yH6Bxu zY1zo%_BKfewv#rsQX@=GhFK1awgipPk6+F+YnvVdxBo2SRlG6cRHnd1H<-7d)xIP^6EGB6*jhqB0~{q5ut+^}*3?&63{If&|*l&4M`e(=fr-q5!MS za6&vJDGMIOr5_Xqso}0;$0QUNKJ`yAUcaZvRl&-r`<_HVqMgx-+1jFnwPe-%84xkM3%Jnqz6%`3O{|e0>Fn$KE^@XP4J4sx zFP(kf(ah15#(L4&$CA#44Hq-CqQ-)5=^oqVH5ivT(E$?fha}FT2J)=TsQPCVr^$+J z*?+0HtQ{N(=R6x5{3=`$!p2aPQj9%61O!+u^U#PHeq%#3x^mw8wnxg9Jc=Nbfp7pW z)zY@wu@PjN2SlHHHnWCUwvE;7$qOo=#^*z#66gBHV@h05@4pK19j>&->XZbF$=A@u z2?`TGL^|4A8v*NfV|)j6gU|WQ6|e6faFe z*oN_mu;C|`@kvLC{jIqAqvrF)#ZEKh5+T|T1^6M_j}zC$#QE4oAiv3qp#<gBho1ETHq&U*O?LhwTy>{j4$0<={Y)ZEACi%afSca|? zrdOkEj7dnR)zCveRKPg}btU=HdP4TuA8lpSa0OemE;kg^YMK!) z@yO_k!>2Ryq%)$y4J&cM^=(sTjh* zC;LgV`rf9>Xp)NK-u(k`egFh(pD0{)5KyERLCI~&AAeGP!*Jg&jcOMmY-Wa;3|&rA z<0!7IiJtrbATi|kgR@us9e8EJv%j`!KQ=GAnk-jC$9trcnfv3S!b2b9w9WccGWUVL z*{{J12>LSaT}Opgj=vAC!A!}2LA}M6yL>&oMC5&Y!|F2~_7yrIar#crt7xh<3}007 zMSRqht&s$5S#cQ6NfLE6qeyF9Gy@AV$L zLTWUOeFFw0gu!~ATMP9deKWE3^2sfjCpKyYl)l?!Re?uLqV>ecaXDu*o@;m_&jP}a zS#=x;cmJ+RO4*r&SWo1M#@Oxy&6x7b#z38Gaf$39+T&tL7U9CqpKnfYL8PFtg%q~0 zU)4%H?U+26bF6;&4fxLGWOR_$*u8w95-P5F@4^|diJ%yIL_26JaK(Pxc$-H2Ha%uJZp%!ACjck{v7c}+vSCR7c|{|DiErs%N4A~V}{^&X6X4A#%d*Tjx%ES zLk95K_(L1KFi|C4pD(h-8cu^tV$OJ9L>ISTfm4a#=q3?MEoD~*MA!Vc`zyWL^TP{h z)@A*lf?*3bxYn=Dx*gwh2k;O-Jx*Orr8eFpd&f9iu+P&prH&+Lgw^rX- zcljME%M&cAeDnWy))}ssMdp|Bsxus%(x$k!l9+VAH)9^^f+dn)e8Xy1&t)4}yy^`r zha3fXrRBMJ9l+XNLDaY6tH4Sjy9(Oa8d?(Ua7n(BBv4IAeI2T%)Wracm4dG+W9Rq5 zg3Z4>jsl;WMYS;rxdT$Xy)iw+_6)6lkafn3R}4=S>c&k|GqM8uZ}A~aDByp z<5G>-`Z516SiA{XdOW$Do_~X6bK5*7r=_*XWJRb$&CyfRzS52ltgvDi&O6iB$L;lf zdC`ku?HVcp;|<5@!%AVt3XH!%C^o|D|lV>b-+FT-KO81frMSI8&j%T0bJB1 zx1gppdXI5090M{Q>-W>4Bd`yeEtePr8&jLzgL+KuJ$(LaH# zmFbw?7|?nmjT`%Hw{emQ`*vnG-?%=e9HhUoVCKcI9p2Zl5l-^u7U(4Ro_`cf)d(g) z;pGGF@iZc50SkUCT74dTZMp^Kc$CPwQADgQOgus7ENMjr2U~2j-+q&{W^un9Q<(i7 zwd_U^%*Mc-q3F0x;(fIVM^I$CLegS-4?n4+$ML}}jAVg5_g<7z*C#96rx4PNK)=R= zs5tO%wNU-=CG;JFUHh0I`h@K_g7qz5K<280UXWAf8H)3ZzAPVg!1~~05}9uOSeA1d z@}3VI^1wW0;(OQatzYX|faf*#YkU(uDoxO?+!p-c<_Fsk)C3@E!tzEwhqdI0;#if{ zNY9&Xd-W2V(l(!W(_13L@vCsB4mHlAWP{z@W?HkuwQ!WC;#={LyRG0t2!y{yKlgi#>H6=W=>gT_Shsl04Ws_iH zndhdJN)%Qo%?Dyx3@)hN$y2u!EY2YIBr7;iGETJLP!9Fl%djgmK}CjltypbDL|8Mc z6Eer0*irq|6yx%#q}T2VZ`2UUDLW{(Qpi$;kNGY!FI9{hwh~LcI*zS{A63d4iJ8SR zPHT>3gkQI0hzJ!e*tmQ%7FZ#&1gaaZJP_NVnDvNLN34#uBUfBIF!MoQ%A)*r4AuH_ zGF~#w6@+3D8b9u&5g0|{^d_k&BoTS--_^ESB*!tAadsr+p+kEaA^Glt1OkAV;yicP2Fr0v-~ z!_8VYb0*ahkxFWg`eXLT&9Ix;eFH&x9l~`11;`#1x7$t_GOw8NubSGhhNbiO+by|| zn_e9$SqPTIYQS7`(jmWa_h0=zb3?>6(kvALE#hf+VK0B1A^Zgs3g?1$#6 zF3X7?2j+pYQU(m2j0>-}GuI03s-y4zvbv6$VF!$!Nw?pCAr zY@Ee?rNI!smQWFKDMi@|jkDJ?9XrpxzrRlW*VOodojgqan*!Rfd(}4l&%6(8o;QzN zfjl|m-8y6bsHc=)EhnHnQ*}aqiSe0e)B>tbW1jwZ^a=UTeq0#sJ5n4Ue$e%qo@$0L zu6Gf*R>1qlv}15l$!}$?ncDvpjVkk#|NOO+{-4nw{)6b!4El>zL&S_TRc-TCLxl_s znX>OJfq;oI-dyVH4BV5O%WEG3^w~x;{_i}Xa&#d`8#Jv)Mn`)m^*DpCjI9?ui%Dy6 z3`-HCT}VSkeFqGC&SP=K3UGG~9^Wia)8zl1{N?vHxvtYa6;E$BG8ZpXS!Z^e34a)v2ji`*nxqmeuyHO-BcEc0v?O+DUNtFf?O zF8j%=&Uy>s?4@gOVtdbV((SY0dw2z32+Z7fP}KkTKkYiZf2aVoo}PX$7z?$HL^dMV zJr_e!N;A5r9-FKx{_)xWY_S^?Rz|be1AcJuo6DzcKkGThdgR|t>3{q}GXqrB zQecw`XXRAy(l{iVqEIT)Squ}5pwD>peQTxpiyc#J3gk>!>}fCpkxThkUW<~7`O)YtH8 zR@;$zqAXI2B3RBHX?B!e22j_#%vhAgw;yLjDLqeP^xJ%HiZt;p8>6#{ zcH?(hZJQ`q9B3|_KWymKCQSO_Z1t~M^TdL(+VFOvF=Nww7lS%I9v5jVKV$WU91C7oRpATtALY-$s1VF>);#yw(*>511A5zn8 zF11{ zLOzvO_w+bQ{NdXY^rOX85O~;5kWWfV0tvdqmC->5iVgu0ng+;L`=DMgFL3uTfO`R< zB*cLQcq)}^X2-`}y<>XEOofB1FbJvxhV!gyIGXrz4OB=}T7JpvpPN^|XDOXQWZAM3 zt$|5cJ=w7BzMzMyTP8EjxK~}Q@Ir`c>)JsKW+Z8ofz3{GGS6RyV68#E!{sEr%cJis z_sB!v1Jxg+jt=|;1q4Kc+{xBABJ(vdG-VeYVzsGm2`Hhc?bcw`of+(qGW@8Bv?HS; z(0_7{qI~hTDew;Pe+ILc&tR+P4V9hWEzHRGIJ2M;Q2$Rm%U|o{_^&se<$ezXWAsAm zgTq}O=SGL%fxH8pN+bO-vUi_mq3mj@e|{mP9g3aLt68|*hWoL>#7XXPDk-oD+k`Qy z|JuxyQfM8 zCiao0(87D#;^zz57g}~yTFAm0YaRYqujbQ7DFBZ<^3adp%3+a4O9e)?^%(Sg+yFN> zL(N2#e8|ixP2J$ZU1U~Syv-jl9P$$2PhEfdL&eV!4?!HPje2$R}F>MZ!Y<0o)@&_*E93X()9ZyxJI^-0YTfTzJZc}x&S^Wsg>0pSzM8n@jMJ9BLb_V zpDXyNz>^QAQJhT~3ahg)rr1;$vwgpH=}lGHHPlpJD_RC3v7{MW#eW6Qk-2bEzLcYE z#=NC)b5p*M)&N|1Pc@T6=U9Y+2k*AqA6Q>o+3>3~2?;$#E`Y~7h-w-}UQWE~AAn{!LkRZx2CSpbb#w>>3ls7>siv-IQPiwLeOs92i&M?QE}F~t#na*$W+ggz}y_68r=*v&~b#k{%WPZBfqNscKynLW@= zaQ}I~{p>d;1)vS62j^66HT`Yh0H1dA-?zP&?rp>@9Oqx06zBQ2N7@V@NG0#P?Hwe>`0prqf3o8_w#k8Ra^CPK6FojX z-+rl~uy;Gpsswl+eQu{`bd6ktHgtIYqR&Jr@Ms6~`XuoZXn0vm#Cj_89$rR*#O8u` z_3Atdz*~es<>KkP(H%#JaOupZckC%5j>~~q z(w(u{9*W4@ivBc_vFea;atqrQtWPO(U_BA_hohR>ju0V}cCO<%Lt!*OV>17IGQDj0a*+*{cIxw~peuzxDFW*h_Rg;7TfZ5c}e z!3ea&>BViER0QBDJzK8S<9XZzfm`6B3#b|D_4q^lkq+McJu-L!ZfAuafGNR|6%DKd5C2)u>8(?0!a zVuO7~7dCqX0oAVC6q`Nz5h1qE$Jro&9kKnZUyFJuqkugvQPj^aQCi z8LJj35`!1KRp&d>ReH(K9u!@Cm?)PJLj!}pJ*nFD1|x|B+aG0-QS!S@CAtrBLqdlE zbaC@wFEZ@Sy+ZxcE)K(@DU#_)LY7{y-(9=~=^VRGKt%HTh5I=H&} zCCp4!Z(<@x7Z?303YMwqhMGT5wy@S6S1YV!{W0MVYW=Dnw+)@L z%S^DG8SaW8W7gnQP@V_9WP0`U$ga^7&%oX#u)K-fA)^ee)JP9-eADoZr8$Zx;=fyR zt$ml4l-00im1{%L;RN>yj6U>)DM8*OoIlHL2+ zd~S_d4&gBFYA=ZiU)qQljr`;IPK(ApNgKu*wpH;d#6~X8>dUahYQ{F?*(uHTD9$=A zkqB=1FBiMZ3t_`h9tf{lGr9`lZwZ`{$J<^>mH?jS7EEdsp!Y;I?dzst_x$@g__{~8k^SVKr{;O1siU@Jz=q( zjc`R?jb!C8hQ!wNgQS5^Obe3fH`*Vr-9T-`YS0OckvLa05k3CL1d&d66k@P-jDd3? zHipf7_N`)p+sw5m-$>;=8Q68mkI()zY=?J4vftZa7F4+(*O4=GDPi|*zs?7iz; z-uAv^`7*PrW%2z}P;qg$seCsZ#OIMXb&fIY2^yY#f^lkY<-p@-F=bi5U==Lvuq=M0 zF)UFM?KR&>l-tdK3d%$mfz)N-`GwNAT6;1^+Sv6Zz?n2$>vkBnawkP@3 z5!P0@h|`vh(b#QTeVLv}9xX=kmh=macJXhlBJjv@gJdLN7@UYST;UhVIX?9Je%DP2 z=Pbf`+HU)4e%vX1(w&Zx4gsB@l&yRtr%tOJ8otWaX z>6I@4*R~*rL&>J|ebZO&-p+m4M$cwqpC=&QEwU~LZ5P%68+}Qvb9XsBZS2DDmJTv(E;w89NjviK^dQ>}+-TrDGXcL7W_70z=Gh4Wj>z&74JKR0RJp5faf|>21h2kc zTu68;)^=m$ez8{)oGnij;jAX@<5(eu?IErw07&PO{R=;n%otH~v90wJ*sT0WGeGH2X`JpMGA3_n zN8>fK1+$7aOFr+%t;wxPk(}zP0VBr_)I~*qmM7#*Vi<6I%$Z-IVNR8$6WDu*mAHrt zI>hibR=j1}pSUq@tXt^gCx`#NK8@a9PIRL($NAZ3W!*XK`-Lc%GP8@d!Us~%sPj50 zC2m^CF3(EX1Nt=uRT>o`^auJR&c_KNt8oj_usLjRzdZG%lHdZRTlVH9%h_|MFM_^vF8#p#agDdLj!X}$&-G7t7EsrcG(g4o(-^pYUN2PY^Uhn9gZiAW}Qrq9qOZBB%S--_jSMY`2OlkU~9Hj&s45j~$}m;;)Q^WrIs{nb3efPNri7arj1Bn!w0m3_qfgM@uT#( zZXPu1VKwc)kJ=aK_y3`{J3GDVyG3lBl0rRwZj#Mh?S-y3zL=vMy?Uv7eQ=y-?=1FH ziemf*hTWrb5G%ogXUB?>!%m>}mmHM2in&Jf=G;Z!y@#WMPE*CO1_t+r~?#21)~k<7}X zcR5E&;XK*KnUoen30e0)u*+&D=4jnR%Ppo(rNiU zaa8sAOeBsvFM(Fqw8teFT`KC)?yh=&nVDYS+?akNa4duLq|pMv!m^4JsO>Xx8PU`jO5^p;7nONPHs(wJ~p~bxE;2i z`tE*In>BMp#83GKg`#Z|sezC!>V`9U&3~Q0yuTAaGizw>5Z$lEeRLuq5rHf#D)FKk4&^qweu#FnDfOXiCkS3%4s5E=5p!f;_jr|k9&&y2hXMQj zK2J*DpH-$wR5tXEkij~h>PD>;k3EhJzK1U)Ql+R&qYbxIRG$yU3czq0`I35)8&Lh6 zrlLyW;&k4>`axrIY09_Gl*ay8{ivIJB%yvulJQuOn8WpOeebo}8(IX6LtB@*PAMMLj$^ko|&tZ?<3eZQkD7m2rJJDQK2k)G=B(C)Yw*lB4|| zSP1-HXY9N|D?WC!Ab93GLnczCb%zN|N5zQ6iGRxs{6Pi(>--9gr76cRX5)l<#K)2& z&K5TkI5yrvJ>(s?LYFUdISZNo_V?)YDKP&g^JR zAvOwkP0`;;KRryyMYR92^A6TCwh=avBXS}9HE{aP*(@>gUZL$RdjeTYrt|7H8kA~v z2gk!m*;Q||jM=|ECr1)f{0^!}EEmJXEv#tmJ4#0awZQL(@U?|5?pPLUWi=-pq1V9si zyd7@+EeDHq;TzL5v;W?8Hm{@}JtREodn03faa-TY7?GTAHf#=VOxkJ3{xFTOi!qs0 z5m1%qS8Z~s^5RWBM;e9bwcIVeRP68XHXO-_)Y1G=JD`G=9*pQFfxsn;#4+@SJr!C#_iKy|5t@Dj z8^Ko%H#nnh&r_+sHsYeqhXt3dG>(~{1x48OWV*;drIzlK2Ky9LifW_VG^{FLye^r= zKgnfsdX1zmCsEX_@oLb{mz1#rP2yB@PZnp?% zs=xl}-K0YNmEuFu>6)1iSl)Fp7qJeitHU556fbsH*%yo^Z*L+luU9D+8wlqF`x znn)$yf~+iq3W>ogDEVPLZ7W%tURh%6$1LV(%pcu;2T$aFS&jX|`?Sw~vDo#u2&ybv8h%xAFkV~-haWV$XG#ue%F4B9B5 zBlf(6;=Sp$CoqE;Y-ePWEWqK7QaN16n9!d=m^Sg*_Iy30cwUGo1#BtPj~Xx3uq@Kf z&8p#{h%gG)OK5GjCL^nRcuYAxlRY2EzqNjs@!Covu$oj;lKEDLG_bw#_Ppu##@nEBcMSpHdz=G`B6u{)qfjX%j*e2K3Y4(%){D|uO zXPbDM8kbTA9@}yY;gtg=f+PW^fxu51^Ln~RM4@SDI#aCMTi-RPXo_-EEOIK0v(#p+ zw1}7VW9JWusuGYjlvR9ve4Gd-Pe#R~zB5F(*AmMUHTr_wYY_;Yupl zYx#VBfDW6H7RdOrExmYCEq-ym^(FNqr6s=%D4BLmDH>Z@G6TtNprRACc$C}j_38Tr z?B#85X0zW$|8XYi>@2$+s03i~=P4w!)8LXSz4~f)ZMFJSAB$bIOy71PIDb=2dBG`L zV0qo7o17sSg%o--z1KHQb?awlJLQ!|Cr)_gpZ|$efs@+02d7HtkTIY{6;9C z0*sG6)k+D)?h{c~1LXoBZ+ zVim|M=uZFS6dag(|FnPPya2lB@|M69sO!V5* zquxdR4qCGHR+A8Tuoq$u2TC=5>enC0$5rRz!3oP&^2>BXJv;d&W+B9rK1iolAhed=VHW6cU;^znT+V(+m)?CF+NPvMxEn>oB=Blirzp%)LYsjm<$ZdBpopH(|%z z+$+F@TJuH32wuFT3X*SEj&*6iJ$Z}Ued_EGA|M5Ov+pGqm1M*k1^YuVG}*d~cHoI_ zG96fIDFPC8XEC763yM0q0LG>djsLwt^UW)pI_^n$D2b$MAhe<8>=c_(jiD|b76pK` zI}dVh2pJgFH#cm3AhhrmqLl{7#`$*U#(ZxH3@YH z?p#3Tev;cRERuFMKnPE=S&#ShlV+NygB7X}XIvhYuCcaFTkWV9Aa+rj9)#Wq2}9biNsKtD~$2V*piG8pY3d6)uHmMm|F|I#D7d@7=wj)RMG;mvS<=Rk;o zQnNQ8(y85hD<_sRO|ythiH*`P_JMSE<)Z<=1F{}tpco>qn31;>Z!%-};BwIEKBso* z=<==N(N-|!q?pnVVqujiYFU9uuaAO90}v*&^xULOq<9=_4d|8yI;dF3&ONEuGmW{F zCsToj4*ub*;1Wn`iLVFi?vH-`7i}NTF==Kw20m&5CI9wkF$tvGS*uakM6rlZF~*uI%FrG^YD5n5+h;B;1cvhR$4mRMa3V{0Wq?I zDtdahva+%RjM-}e_5V=`?i5&1#bsB%@O(A<#nhAt+~0T$*CVVasdRb1&?Myb0}cRo zOc83B`ZcDDWlMhXgcWyP6R}I8UqXaLai_7FLuD^E<8*1`+X*H9T6pvCvYP1Dk_vXP zt9zUr=)m9I3PI`bJIl{Z;_Nu1emxthT%>&Ztg_sAcyKT3xl@c{)IsNRXzr7Tk?DB< zTNk1BJK<4;_5Z)7E6s4*E9qk-NNuwI^7VO#QvMz<_%LcnR|tLeh5~RU?lYk0KnEGN ziNeb(8#Ch8p-C(7ni88@zj4fXhjVlTw(hR(0_*i&t4DSsp zQLJdqm$whPPiy6X)(<}=8kY{ycu*7G*f3tf6^)@c=>h3@R<-$~&dd|3O@lgZ{e3>< z@*b4nlCJ<2L#~lAMZ<^QFYhrWBDxy}VTd1=S+t?n)2jUOUWj>)mQ z|NH9k(*35-dK3>uZd5vgURMVt3{|!dGDg_Q*q7~2%-rrmC^4S}YFpNiz@!{+-#vj} zUzZC}x;FVL_zljr+-P4f?8xJFPK-;#F4!^fq^{1BpLKb^1z&kHR^4y%#{S_}PJIps zudOP5C2yD6&ibdU_rHLd^b@=9>Bq5Qq!P>zV!5%(Yd+HN6#wLL#`eCubsY7?iRhC&TZsRgovX~d)n*vbll%7tZvTy-t;lC{XkXM*G9c9d$L z#ORZTwSc*`(VV;7x)uLSJPcL~zT>PLJGOLg$z$wq19tM@_`6gHZqG5 z_mR&UsbqvFs%bJ6TB}m)`=h2^Z8M>tx1610Y?)9c`p0lRj6(;di$R#Sa}#$+i#5Zz zBot-OPF0FDaXhNY06)<@)z4f!?SprU%sb!hi zlF81@@N~Tlc-FafVmv=93M{k|Hn%44^6l@}lC+f(x_4k4XC5=+B)oYWW52q!8wr1L z8_5MCgO|t-+^}nuT&G@UfPXB|D&$dw=R(QiJ@Twe)FXd$dxD()S(TiV3f7js9G??3 zy{9%IsNx&98Fg2Er5VHc5a{FyeBtppH*CapuFZr{JJ0r|bm(_#}4q(86I$>{Fde;oT_pTsHYvEgr z9w{iOQjGw(wkYD)MoZTU5}4FZd*tI!RK7kes_2VNQq;cE@bEN0!F(d^N6OO`Yeu4K zr(%aLcZH4LCc+A&u4dBqJUWR@c}L#UNzvp8&<+onpTmeKdLo;egOjUec=FA`CA?7? z{%k3zlY_u3ycxS`EvB)ov8~*Yr#=6zY4ovy>4UyxxIpik`)@^+uov;N?bFFhkaf`X z_ii+}t4-7+Mn-Jbg->^)49o+{ZhqZmuK1CXww!5Yv2lt)$Kftc+J`2C4_A2riSYA) zm||}k-c$-AO$Hp4(SwRwXzs}DQ25(8=e0E;8x3fU{%Cki^L7r2nz~F_(Nch0+@x*i zzWbiMKN#>yfr8N}lPipj?UH}km@e0H?l9N>w)>je=L292fgC$@qR67_}6(ze;5c{H##FJYrkWL-_f^JM`8uD59ODh;BOX zc|A=_Q&B}Xp!ZU2#TJX>k1==gSAFH)C(-EdKuY@=&emQo0Hyc!NrO6};n%AXFla(A z<6QXt6kFcqsU!iS{2yxn~CcV3{OL$UYG`-E*Ow`ZW1 z&5CGR`}FOjXgltoI`?0TJ}0m{k-WX|j76AqZ!=qKVXLWp4P?vu$>`1ecqJzUy+wMr zO(3jvm+c>cNIhFWP*xVU^f2O}MW}%Uc3Zk-ZBfJnSUlUc(STK7=XYJt7w%?$@)f^F zN~tlqD2_;X75UQ*{lCYZ@R`Z{<2oLUcr$dc!R@sfom7~hX9=16N_fr9+W7t5ybJ-I zxpA!rvuX5R{(p_`4}ruvE_P~tpleJiArjQmq8Ae+IHfWK<1u}{8}f89iOs%s^UET! z@y2to)a~gH&HM*!^{<`9I_}PtQH!rh$a`g{KW!C{;a(Hx9Sz20pKTzipo4kQ2PDS8l$`LkjVkMtxe9Het;E^`_Gi3Pq zH^=c2&hj}q$c71D)W4vI%8hNQi}Nv^L@bA+np5+(Unl#K)6aEPlOp?dQ5dnQaI%i` z5^AzMTys%6)=W}mOlF&$d#3q7Gv1Ug^<~aXI7qPP4$a+;pS-;~_K)|4r5&l3J&I0S z?qz(hC_jV2v*LDGl+A;o#_ab!s12~yuU4PpI|x9mAUBJz-&82QpMdy_)4!uG;fOhE2rH4rNH~e~ zI*icff1!v)#z3|QqgV?YDRSQubB76dr^ZyE=T`d|?!C|*8{dQu)UrumJlPg?>)8OP z{hUtM@uwD71IeBo&If6Sepa><@m)?s{M&9!T`iCuTQI;0ZcH0lu8Ag@RK8!uc6|+G1IAu%=yU>a3=?olVT>?xpbCE?f`{cI+Pv z*Ylz7Cw$h!y1XgSe!oViI6|CCgTF~2xGm(<^H8m5J?|HOPakJqRRB-7S3j;!W=9QR zK*@8ZAG0VIZ@QhCq~5^{<;nox?!2xbA7#hn*L2#5>XPN?`RrdSmVTxUMH3?BnqT`Ir&!MZ5Xw6F&`(V}U0s!_lt{ zJgM_lfsO7Wqom=AuGh01SMa8%y#k?nFtmw*7Q%K{HN>HIPdcR;+w;)X01m$<)&myG-)E);uRpKOQ^T@*f$5kyWsvaH6RpL{$Mts&{vHJytd%lHQ+3{|{|%8QfO1 zMQJ8>3^7wIGcz+YGczV;W@ct)X2&rz%goHo%*>e4>*?-#Q(cvrKlAUDN|scz?mcI( zz1Fu+C(Js!GZw&QOCPQg?!?XFxZk6+;Fd02p1RkUgEGo2iWV|v*!>X}|IbqMKlWiL zt>ol+cpK=4Cy}6PX5fF!pz6&Pg?e*gvmoWqDUGoXw$*yVCRc&y@db3X2$G=Sa8GL} z_+<|v?)EhZ8KJr6(>eH!mW%GdGB7i7b``I%?$bG3Y!5V9k0I` z;*pFjI45NFo6ex@;zG<;n_0?1DsGN!Lu#zSkz)S3Mu+y1fS0yU}^ygM%C@g7$*Y z$f5C!oZAX){%KBeY4`O5MP2=Yw+$3)0zC5tEq@?Y$!c+rX6~Y+1fBAj*F7>7vo!s@ z5-aYonaDaPF6vUeNMWcm6)pJwl7J&~e_~9NPKhd`Qc;z~DcYt_J2HN*m;MWGxA`E4vUO+#?*IjCPIRSaYRiLrbd%l$ot()?r;^4is~YPbi$5sCT;EUv42>Q$olp5 zgxh_LdyA_oj7_595>3?5Itl&p+S$zdatxU=zQ-V(vLwq|DbDsOW>_#geIM^rRX<>H zYG6ZnNiMvHhhO~po^?kfPFkSQepO+Sk$99CU&i7j1mYX!kke#9_YxlBZOriLg7(XC^peot)Pu(2CX${Hvqhe2a zHC~BSro9LiMd&086PfMHJMD7-M^uDlrf?uF8TL@LBzL$Z?>aD`cKdg6Q`&n$f1hsP z9)1`Ub=z5);sVhf35eKBW?I<=8@thk_C&^2K+g-Mx+*}jL2%=}74|Hb0+3fBOFP9@ zoL>c{Sk>H-4-5=j%uUb^U$}b)X8rC*o4)e`au?|JH=jzByUUuy&$H6qt|QNG^v?>B zFKFn&M{GqjbpgMr4y^Irdw zQ45gv_Q9HSh_cG8x=%7-fj18)S$La2{;`pG!9Y|Q)S8ecF9x-7Nv1Rn`(9Lt%is6_ zbIk=63z2<%^wQX5rF7|Qg5_YvT5`G9wMi8{+3?$o4BAYT{Do_dLl&N2s%?f`P2GNG z1bVb^X_wFRY>~qt^4imP+B>4y+~ZyK%1v{V?PYekec=c4L!5zUF<7t{q5@6i`x2m* zcBJFAz8#Z0UxSl7-URI3wqN^hb>VJxvf_;}g~Vq@&R|ET&<{NMz7yyH`M=n29xW;_ zm0i?WcyM^>Mk}G{hZQtzJWqi){z>S+O}7220d!;adHHA$m4zQ2!O7Y|WM^I0X%%5Nb_%Jd7T=x+5(_?LE@jS1SV;|p%aghkZ z^Q-@!!ahH4P-+yZaK$ckJOu zfW$4N&^v?KLk6ToYTiNYfO=Z8uBW%qP{Ub}x(I$#1Gn{hsQawd@Ih)Y`yBxRW$Q2D zO~)@8uXZTHm&weV?LO*jyDvZaPqlY<4gDf#9(8C^joy=Z0qQK=JYit?iGHpq1%~^W zF}HqNXVLuwjn5p2$I(&umX8n;nz*2>mti`fLk-T*8I2M#kAm## zF<#8dES6`6DI%9v@#~8Od{O(Yo$*@t>bi}F#~v7sG=q@3ew6MNUVjV1A8M-Z z&v_?c``)+B6-Ds+_OE!KvxDuOaGswpRG+Us_P~aNmiL#|sgymC+him75wAG9RcY!l zqPUrM$odSWcDVy;upsbxs2((a>P`ImG)8&ZUPz0NyPddyBTS%he*Gcc{!pgSI!pLR zEy86^m|i0cA}x%7lj+x4*YiI8+_g|&M7^i(8znSJ?t7P3X60APEUQ!DF;a(-ROKD( zBCzXG(L`v;?;smi}TO z5`Q>jdtpOC+SKo7A)X#DD@BEEU$|6#Wiby@z}jU_EPSLea><2=;pA7~y{$bCBj6!t z_HbPk$`%poPo?+qFr`?&6Ik;^u!=gOGcHDTo5!}#{WUE7V1>IZVIlZ*AcMk3<2S2yGt2J(pGMwWB)-pq#I8Q>~*$0)R;&mt)Z+bNSoX4P3 z+u=1j-9Cw|F`ug;6PmOw?LASxwK8HIwj`7qTsBsbu^8CV-v#}!ORPa>i*2LG5u4KG zsR{F@Mm6=*i^^Fc9*NcXt;Ye@7Q;3`fR=+b<4Z$-A1q4Z(XL<{y&FgGRtM}#D~M!u z5@Ot66bfqENI88mIMDMZen-aJgV$BXi?NPh_8?W=ZAZGu;j>F^fthydnO+Kes#`5W z?Gae$>KQ_e2gOQeNWVf`k72Vy9;EZQ73i#vxE2(4VP}`rlilm+*vL5e!syI_O$tgR z0NPT>J^Lv5#a&L-j4q~zO8?_J@9D0z6O&QmL7#vZ3)97&<&zkgd{u6 z$_xp6P;X{Kv`B{_UQkYw8k^e>i=WedNu+tT#1u!Swu;;A+D71>0Vp7bQ^=J4!d%JkX$xcG>C7b@-f4`ZXhPX^T5@U5?tr=^}OsL+=m#dtro||5*|JcrN5B-grt(6z8Tp|avT_=0W%n_!OOm;Sw9(R&IAUKlr zgK0Qz6^&u3GCa3Y_hYvOBm-6-@+kSCUT`sNw$5qJ#7Zi(1F`$=kEgh!Xt`sy2f$|$ zysp~@e$=_R$R<`e(i~BzI48=g!7=GDpwp4>Si^<&MnTlyJYa(v@jh5dPU0ns_>w*5 z;9v=ZQ(qw^{4vW{5_l`#POQJ#za|VqfI*(@ZUw zfn-vq_h^x1<W?BhZC`tll;+45A_)+%in5uL1F0c9d-!_H$n&(L=;fxO zwFr<1XqOH|cmj1j8GCg%!hi{4MiO<6;#%pRq%_?}wlRGu)pRVmvO{yW`28vKLO9qt zu##Yn4ZWKKfX%wg%2YM7IwC+jb=yo~&_WRzaASLVDL5yq&&@g$s8IVC4k3qXAidWk zX~CtNlmdFQGsjL@GQw>f0~8x;8kO4i$w$^`A^Gm;-B^=kwA(#`a!#Lw04X)Q!RnwQ z)A?|!2c$zdGN{8$rv12vxo#XN%CAPX9)RGWKKs7xFo96F`4L6pwbOYLc2zC#T2<(F z5tz74b7MD(o(NB2+mN@l>9;*h5cJZX*TI0#8f_itiWt(IALN?Vj37o&-e7EMa5h=! z=6Gd({v#5OQ@%r+fT-wAD8Lhcezwl{?2{_ZNY<4UZygMr(eMGL0&yvy`fc5jks$;t zNrf%HNXww84o~#9LUzBkMX!s8(*{OIqI+yfbn*I8JnVhF5n%Ll%pYXfx~l2uW_rn_ zPcRw!c>{8`JFycOdSb;43+r!H2KG!q&81HDWV4SC;nsI-Z?1*c0m+ufo&v>CZU!(9 zhR4hWHue!COpE@dae7&Sxg3UgsidO!tW%OU3TGy;u#Ix{l&5Zoi`(}2B6wdWbg{@^ z3*=RtZs;fzS_-=6H#+uH^?WGN>L$c8lRhMLy99;W5-b+C^sLFK{q}DfG=N*GWf~nL)EbTr|g2n0BQ$5w7j_ z$L!v6Q?BWav!H7Z{-AFy-IAEip&+9@Rq4K^czZ>(E;myl;rFYc0qMz!v*~vq8;DK^ z*;wh-v+{C zj2H=BY@&sMDaYvRrlvUJUhBrfFeW1aJw0;#!t?rdMk*_wk*mFxkZ%S55{p~=$8M1g zZ?;(}O@Eav_x1atGDpf%1iJf3e)CvVnOAATWCbQhU_GpXVKHuPLvZe}i8Dhlxds=u z3~XO7LupQfrLdj{rbA>VK|VaUro6Y6%%?2Q(@m~W=v(3xj6>= z`AabEkmRf(RXX9-j;~3IhXnz_jsVZW?%Iy+Q4-TUR++0}1fg<~Ou^xab!8>pC+^8yW9|s4G?wwZsLgX*4|gXo5ulOvI%9hg zBB|GTy1>z+uh*?v=k)cm%kl@FghN18DN?(u^i$FW#GjT_pW z-Bnx{@HnfV$XFJZQyXEbQc`c8zv3SR*49WF+3p$BXJ(3n2{};i*ebeR(WSvAl@TX? z=4cp8r~M$NEr-E$@33=z>Van;?Ag#XwLGmrD?7z~2$MueY?@Fa)KZL0D4hpgiKR`kqAMEiw+cPfriE8PmE;SS?YVn=jKVIKDU?*=k zI5`(K)S+Lb*gQ|=glgMrMO2R`S#WZOmLwv`aW#^#O_2_hv%_Q|@6%fHgknxFEk)LA z4wzXaC~es{o&I*gnWRcgne(=T1^H=Gx!=VumcA>OK*$QGD;`YkXKkRHuko@}C$wB9 z7(Em>EuI%HJ6F=;aVb~go@{#6y#7*k=`4lj3RMQi{z)pq<^!OjXX# z(QfU&<5Y0rhYBA6HO=r+$lp>RkBAyj{rMuw^ZsFaJ;4qWuf}+YnVG=&ID93_eTsdt zA6%kP0d(f<{0LTUk=N_BH>2u%Y;N9LSwb8^fvEfwf2RKl22f@)%SrlISH^Au%;oRv zPULJv3rtE5GNq}eI3_%%+fMA?{td)WIB6(;>CQWr&i6xPE6TI@exolY-j`}T3`3ww zN<6l(E)NTW)Y*(ds?Iv3q26U$TD7H)vwM3xnsg+`j#X`Me}oB#W7=VXo$>aYOF|IB zqe~!2S%l9I*LZlTHrR^f$9lSZKSHhLaRO?YbgQTbE8Fq}`r=UbuaMDtp&tF(XzmQ? z8g6a+_!NA<*+Hv_iXW&bF>;LG2PRgSZxH|RRKnDtJqyw|i&ssA@LrJplah)yC|`=P zQ=xM58iQfB$!O*In0s{i&i|2lys&N^t&_QEK_?aViBRf!qpqzmZ~)6F(Wv%^9EWEA5;0SBfXE0 zDT+z3*^H8IfNYl=)D=KFHLyo}Mym03VX!EZN4m4_5GYk1cy;@BJ(ug_x}N59RpPq) z7OA_F*YP}tp?fPNZmi1d(Kh4`I%VL}e?Dlge=cv?578qM$|h_I*Kg`+T6xladR16G zx3)aA>*M;+`MCbQr}Uz$+F9P7rnnA=T^25U67D`1ecoBJ8Dw7^A`)8i>ovUE?ecvg z`)rccvuXX^^^@OT0O7w}A^*p+O8IO1?+mt57+lT1()I9p$4AZS#dWHYMX@AAZ--Gk zqp`2Rx0&x&bd90eJ^0}>deD!!*({gVf5aLqth2Z1VADu&I--=#llLt~Q%SkYjQ}$gRmBKG}Lw@>B+4K9*d6@s@^;xqhR}sv_!mfGR zsC+)C=e{n{9pKog^4FR?0Fa*PRqMo5^LR1)e6+r3pcnbqe;mZz8oaFuT9aG;p}wd% zH~`0tP&wE8>07$rNOeX%mISZ5Gr9&_vnbVm*6AY|5E-n}Q7-P(r1qfk)54mUy;|0! zK|ZgOqga_xSVOl96VPm*fTvuIJDwDKm|Q(*-jXUWq?@u5{&GPtd7 zYQQC3W`~+9Rq3WOKIQ$g>KgPDn1$)8u7iduQhmk$Y=NK3wn}L%2bmDf5*KgPF%zYD z{uH0;mOd|Xa7sTkzqK&p9v{FVY6=O2|BbX(a~CX7C)$aU~{agtz9 zNpbPy;CT6YLra;4dIj@#h=a3Q5C8Y$7SoE}Odz-vpzDFll2f-H8fK==J#BF!G*+S$ z+ARK$@;}$-YkQFBF9r?^YuX|D#!{|!kf0uLKQ44mU7J^;Pt^>*v2(!r`=y~(uxyaJ zmR_Aw+GXhegb&2-_A5_?+BNAX7}Q+!o}>_wb1$rHJTa+$yNNCI<>14=!e)LQiuYNRYzaX}SE@zdjuzU}28|GtjxC8d~oDz$;hWUqHK z=Me& zAI28n{bk#5!-Ld+Bb-fBzUfHk@Tr%W;kY=t1u~}2#J#H&^#M?!k=vGO=a|5m#HeFe zFXiQ=vMq9|2;^bVr<~%H=k3~@cI+A^)Nj%+26*4Bw8}hS4gGV zY$+ZIC24o$!VUu5wWf=9Bb_d{KQJYhWL?R1w>nALqgXz4Ik-1E^BTNRIgy!1@caOL z*L_*tpzCq87IcUVWA_MzdG;{}u*aCNIHTrL3aEDWt3FVX*uQu$mX!Wxg)4wVx^jVi zV0+e5U}+)P@opmXXnWmA(a-pgHfVQ=cDKz%VKXruAC_FqUiAa_=EakQXzd6MwV#xd z68RafW#g)1d+ARxdr49R9NNHH3T_5IFu@$3u)F*2UJiD%w^KWYN;pyDy@sJqsVg5$ zWqVm>nYu?8TSJIC#Pe=MpTC2m{C_{LI@}K3xL1>u7VX(oJ&C25=58i4@pu1@wEDa~ z(SocERygHNLKlFjOq=xZ^aP1(;Am|ww~qN0?T@)=rD7ZMg_}(=j#26FhU~3eQ8ts% z(U1NmT51ZZ-^2=yMzBd5XSVc1dto9;CLTaVlX!0wQjp}KVnjUu?@DQ^HqsNlEhxuS zNIAK>$JU`2Mw4VIyKtiCVE4YMzAxgX94rfx#VzA|-7w31zOzLsAftv3C)Vxme-`TOztC59e> zV)LV44GaH>Q(e%rlli_Hl+lv4L!utZUYMw`Hm#v-9s-HoJ|3RvF_-?{DKa9Y%7XNO zVWZ<#x3dStkle^4*Zs8|*wDP`oul3l!w3$&5U`~Pzrsi_`k^2LK?epD;jHalH_|N` z)OPG2My=4A76lDzos7v>f2z1});y4^yF4M+wUk{17k&3s}n$A&; zL3I#vRG~mwH>mBE)yfNX5!}!SoBLs+;v%zek=iVu+b}>^mS`!hZA&f=)zaRsv-zE@ z#?{=KQEwwYM*RtpuU9G7)y(a6-e{NIU5mOR8q8K2b(usGqNYc7-F=!o0}X?7#RnG# z1KrIlE&QumRanzdJ012%+YI^0;oeHLnblc{vIGVS`s5ICkCH8aY2^~V7dyCNT;l+C zQcyE8@-Kf427aR~@T3R}`gIm@1Css)wG}<}Et2nVjJ)fli`yrV@|u~tCo%jEcaj+) zoRJB&GIboQ)T7k!QJ@*a;9qk**0>HzrqG9<$xAjm6RtZ~)2!lxT#X$=c^s)uQnnGG z>{}Mu4qDxQjY+OK&g3n?@dK0_XFnQU{^B4)gnSc9*u8nV^7(r8ej@n(x+6gX6|47X zSXT^FmKmo<(zxn9D_5BRO*5G+sWG}E0{Js1Ck>hRT00?CKSImBHSFI(IuAfg#eJTt zQuGb8+TJI&`gX0k_jDjDQ;9yXmG1SR6YLa##B$ESu^6LTQ_*IEUJ1Oj8?#b> zjvB7hDwcg~m{y>Px(|%42((gP^EUMz53#p1Ew0`oFV$M1!* z-CzqbzO!GmuCJMFhtg8zbGaz%KVb%UoFS*(xZC89X@Dt}OXa?UiR>H9_5Louff20@ ze7MFJ#Gv{M+D@h^Ezc>$jEMHNV;b z1zD#Gii$x`Tefj*$AQkXv}8^rW2nhW?HlB-{I-`Y6*>7F6pqKy1BjcUD3CyQGi@9h+W36)N-_S#$u2?-XLl1bSdgiXnh{|s2}vEOCavGo(fLw-rC zN{+{yHUq}Dn9-?0yb}3PLGe9*#8oX8j(MVA0xcmg)9AOzM;*)S0vG5}$~*12JMFH# zDqP~X!cJAJWGzKq7E}--j{a%B042Qtch*8uCN)oLRsZcj0JmKMjPnLNhm;4m6475X z@8%kmxj*huYdi#T4rLRiG(ypn&bMONpU}4zN-?bs69Q*{VtZ53V!Z*atjEED+1r;y zXPnJRhD&4OHTC^LgZV{=El*`6JjS>-uKeF#-F~_FH9WZ3Cp&k4AY?sxPXjKGy*U0MqJuZzdy z@Ybw1G;BS>_K(6#*E00t)*=h0@zFv?nnZKB=%Ja2a`)-Z1?+yb-wf7jp+WZ!q?A8O zr9~Gr=0FP(k2=<03%ZcEiB~-EB;=Q9Qxy#;U?cgP^Ucz2sA`6;A)aSC^hx3O)4kA}kMD zF&M|E_g5ssQ%px!!)EXMmemP$SIO5O*1vY<|I%plAxsfzBjzG<%Q_-Lp;Q!e&(Fsz zhI(4diS%-(BRkvh507xx=ijV@P%8SD#LwTW!qX;9K01cbDpPRDVpt7&{i#y=QK1(6mpF{pQ=1_x{}=z&|c1 ze@Rq@EjH%;QsR<3JDTRNvfgwc3JIwo!!kB98ctYIkli@e`*_T?U`soRing@f@xHm$ zn$s8UI~fYzW|`wZ{?1Qj)6>(jNiV;kADDV8yD%4CO0HAY9pX(Bj2=a8gf%U+NX_fW zRwOM;QW}$S^PL|A?98Bl4~ZkhN@8YuDyLLH=>^hIV&ZdDDKEyPJd_)MHOh{x$UQv_ z%rlb|A`$snb)hH3z}^I`kREB_XUK$wZwAqeU)m4uR(f&2QU3T+2+_ z!(}^6*dvWYg1e;?Gkz~)wdnx%Hr77lRBP3o_27WAS*91cFLA&pgXK2-TFq5R!qFEH zmp~Klf;nVm3^z;N)?9^iLe6yaS}tDGwFq`Xz~=@fj9_hMaW3ZC%qz3u@eJus%*6*c zGB<@8^2Q<6+X7)+EXv_Q252Wmo}DMBCm&9)BHO7j!d)11WadOx zYReleg*)t1u6*WSP@!&)!t59t&TjMp`~l%3$|vq1h7T9iFa{dzKz?C8>VPrXv98lJ z7uF8(_q!I6(px+qu@44X2|b$HrouJ?Y)`}#g60(_Dn?)D@3ueAqalxrwOHAPLB99= zBVIs0o%gYIX?J)7oL2+y#-k34{%&hpgDrDT7}!#PpB6cN{cxnxt%0N;4dIMtdh`a= zEvSJCPpizrxAqhWR8d}>hl*Z>K}19p8Bro)E}`xM(C_o

    RW`wDGMQ?p(}y&9I#5oMtqDOpOjr&N z;hZmmeUm?+xj(=0ZT8L(4q6!GSv%J%kIz*0^BzDiUG2EG?_dh~z00%Da-UZzp7-Wi zWU$KPc6Bs(eRxQ`tTYoFW1j$^iu~Sq%hWx>+{mG77#!J#%bS2k>+K`qRZb=j0ht*sO#~r znC%a^QVG2Db2Xd(%`ft$GO_XfZl-|T zoc*r?@@%n?_r7w$>6wtNHfs!8Ltd%y3E9u!;-RRRot6q=&G7y@lJ_mIGX@uRrveih z88^t#zAa5y)&Jzil{v_4-JN6@2rGF27bd6<(xhKhu$)HS2KfNNnky0;jyToUd@-)K zMqs zBvNBs4xS1``4$v%COWudx2@d;Ez5bHvSnQK*Zliu{#6_YL8x?PlsDQi1rwEXgITMo zmmUvWLjl-=}>(eU_S(VdripA8@k5yrKy3bDKX)03zACfFrZ)|u>`O9yR=o$Y8 zO3t)+9_S4oZdt1~Drwr#Tk=}6CKRO@PT^K@NQ}8~s&RfANS?*3H_WXH(?8|K&wJR$ zlFZPr&VH=NyD<5H2waU!G5LxzUT{sG@r!L1>Dt*O1}wXrC^J-dtMusJw`NNoEhN@BH zx5n=5Xj@w*KMkk7Cco7;r`k&yw~-8c?q`i=X|cu#Tob)ta!1-*IswXJae5JbyfI!J zcGc-uS6o%HM0dSgbC8i%C24em_;AAl zL54c86!zxzDl}qzh@#1ojp>{pv0kcL zt{wAvVo|+H4sMa%zd=;lf8{=K9nypKbni~SlC8hx(b;`+V6qu`qyhCBH}yL42VXjl zRXa@&BK@Zhjm++F{#6!NLPtrtHIKb^C$@6By%L+XK|F5h|x2gEgQLPML7ijmA|N8X*SYAs)gR&@+f9^8= z@udIt@}U0~sDA^Z*s~JK|JP&xTIL3UqBOZdT-B2QkbnQ{t<`BkQ5sd$+i(B%*guy4 z|9^Zx57oTa(sexb`KQ*xwX!#oL554#N`(=AS7D)1xOMj>p>m6L*CU^5NhkEB%B32_{&<;{|1QfYF zN+?E5f|b1RLb&lYLp+y4iRP7pEB|M{rh12@bYT;dtJ;po$q)k!gjba3$e}s5s_eZ? zor~XC2u%T{O+I7PlAl|}cNPzJB%qmkPZEwSMV$pHA8jXlG(iZ}Ey^0H1U4QQuFluM zWDUIa*et+i&luBe{#Enu=D?#sqJ3%NYkMQua@FK!PRpJW~LN*NZs&c26ewwqizTb5&?i^Zy;; zelUfNKR@8`7rC2;Yb+?GLhbUthPOI77JE?*siN({Y{Th#n>1L@*aeT3&Z$NzdBPp| z%iH=R(|9XK`qI~(TZ6P<*K~4V>TeqYrJ2ww|7LeN=z_v4IOo0AAsKb79evcnsF&aQ z2qyvlkIhe;XPpj2)!0mKC)u$UaLWnr>7YTjH6Xw7ZP+q$CARX670i8lO*-nhUAYknd9T;0#_v#V+2ncGaDUneEG#W)D=RDCM4CPkRBk%w^}cnP^frHf`@Bh20mf^^ zMC_n?7z{>7+HF-b*AfaLT25)c-@R#HkNPWRwMIqC87-YP^=hLaQZ+*UXAXuTQ*bSI zXV_I$WG@cd_Hl~r^WmYGlM~`YP;)QU$Zgdmp0;yiQF*mRJ+5tuf1n(AC7h8N1;|@7 zyry($x<-P$MZMH~FX!Rh?BJs2roZ5XfX_quV>2H25048D|MSDI{jqdw>TfNt-Q;9= zu^UYIXS*BQhBd*Lop{r2RIVb!vS?#GYhUKXwL7v z`n|D>Lk4^f_SYZH*U#J!Am#qqzNxXLLzuzW15J(OnOJR*fhQ=2Y(IxK3B3_QqTEun zS}EN(-1;2j(zo(5KwKmGYgkxhpSlfVp!kg<56Fr<&~dBOpG85FeqdWaEzvfwq#QhY z?**i!=R+GQxI}+BQd75eBbyjNOnK{_lhlL<4NHi`-c9r_8mM|sRmm?9DucCHq8?p4NDf83~L?A5?9e8d>{G#+#B6fh;v9A*7I((rHCLpohdu^E!VV}JFH zM)*n&POrgkitK#&PaQ8{F&+d>SW|F0X6SrSDHGWh=v^yIKD8-i?)~7cxvb*0KdT@R zamf;V%$aEU&@VQ-;&Q#Mb&RKBZ3$6$1Vi4&4u zzO>tP?XqvX5&2PqrMS&-2%68C*HHmIW_U61n;Jov@^27KaTnA-&d-*{=; zC>v#For1yMzxx@3Mvo8G65K-}E@8Xb2Xytn4@aG>StF2lq ze`q8i1!=q?q>;F{Ry({e@F|24uW^%+U&jy$|*f z=mR^7Rxa{pPInHkLZ^T7zZ@0vx1G)nQ*or&`Vk)WBpyQ~I74zR>b+Jp(KjMUSc*BB!H9L-GrVN({I?k8fyj@F%yvt(j&^Se z<{He@DD|Mg-4j0EKBc5Q;y2Hh-l;0|WZI2XnY>usK5kRG*?t|Aj-5G_o9MR$#=g}s z^rN3aB&0hr#r7H*DE{AS!{8spf=DF$c(Qj26Wq*>MG{4AMhCF*M(%Dtw0EI~&V!Nk z!Es3KY3sj}tFu2tFB05n9-9hoM0kNFQ+;Kulp5^(Sg^YRkcX_(;QkIMg-!UC$!81T`M9GUP3;buTFACr74_+r2&Nv97=h}3k{SmiR~E3*09&6 z8Ip?Nb7LL~b6}fyj)ck+jX;;w4&jluh16V}`V7al4uxe~`!~ah0Hpp_kOLJ6wzhAa zBKAUD?50h+0r5JXZ5D?|m>;t69J=P1ta8zt zKll`3uOF&ux}$$#9b1&edpF^jLRM?9{1htbh?-dY(jEnuWqkrljI8qM%k^qY(qMV_ zF_`W}KTl;EGV~P!OfdUSb{JVATX}iFKjN8azerY9QpD|xW>=tYy2q2e8j}J+94vi5 z=(v3e`m6#2B>W41yJQuWlGF&}=(MqQj1FX~@GDS}7L!vUs9Ff2tL3iP)1&AmTNmP% zJ)T;DOeZGSDR)aH$c`mF8lS36L@yncGnNH3$l}uWgF9)cLYvSg<-9bz7wkPBcz#s} z7!-F|jO)O0J`+-ogKt{@7_LkyYA1-wiuq4BCE{MJsPKm_uGo0;a@t-=h_E5N11a0& z@Uw@`{xgH`w|2|?YO3DN(M$iLc8(yipxuyGpF*5~SL`_Qg>7QoUSZxiBs0Dv0uWc~ z{WvXaMmci!d{mKfQAd#QmcZHLs8!aHbBbr09q%eZyG}v=#5NjiA;ZgCM;i%^>s#3 zqlE+J`^N*tSn`ohP9Rn!%&WkO0uuhWr$Ht(Np}B$MMuPtM0qfqR&V4^f-S_tA%#F9 zcgeh}4*XRC_2mUs>59>(5QE`pFjVC0s8l+%xtd>sU$QRFcg}x_PB5PI=8<%eJG>iT z76OsbQnP|oBXrM8pH^P^g&f?ejkgh=N8jKI&cn(9ZMcT0b0yBX7jYMbsxGINB zlbD``Wp08o4c#4E3->=#dJ5YS5Oi7BY)eGU9WW5A*~fKDLge_~3M^{tphmR%;7=`e zSg9u8u%o#%`!;8S#%1!0W@@KT4YZSpeSt<2bnW=oYBczS79RB@+T`CZd@YJ)+yJq) z!g3bGOg%}EvB}4YRgIYZ4sLS;wCfh(zP58`mv`+hUH#r^rJW^G zd&GP_AHkJyL9|NHNxIwm3~S)gBa~#2X62H%8Ib?$iv9V1`3nf#V{!S-p4YPmWzTmR z_I+BYyl#6w-hoBR!I6U0x8Vqa0Zm41tv!JRkvH%=?6eXUE`w4#|)#Kjd@%#n|+9r1trn>dy$QFGS+hRieB& zBBaOQ=;Q1MxU{zZNw!ca?sy1p0*w@+hYy+Q!}d|KwpGs!Z17&Yj?}m5ab$||et4XA z`}R|>1zaWPc@42wNV-23ijt7ksGRg5?!(}RjE{ub`;GQigW-uLO%qp?Ra4MAr z*8*!1%RB!dS0s~=76LCdXs@W*My@@MrmjZtE^iaW&(=Z=@0}g!$0wmAL;m%7c()e` z+_obAHfM^R4g$L*;nPRj=iDtT>tGsD5*H6^r$j+QhhEcBK^Fxq{>NqR^OfuD_3q+K${P%1 z;>IWvo#IaAIa7CWfP6p$Pt1d0R4wX-v+**p{##?hbTTzJ5*7Nc~Q0rA`c=0SElCDFdO>1YhkgnD|vwbG6uOq0EQ?-z*; zeesxJG8nGC8CEjiA;-f8h};Q>x~j2CukeJ*fHZ3KwqwgHBTRT=#Jh{u{k|K#$|8Z^i zM2H4-p}xNseK;9IAgGVN_ND%b$*Bo{hv-W3lA2Xm!7U9KQx7HNU_!t)1&1{Dzv`I~ED`-flIW}j4--jkUsnMmN(`wurxL9D zrgU?^#n(UgvJnS%Be?-Y5sGUdLau-H_?g>?>+5-d^x0y%kAY?HGUWn%AGLWW9+O*a zf9!5BpAF$0W+>gmaIULE1&uXA{M;J=8%9}cYHYKVLnpkGpqnjLbkA)ldwiJbU2sMT zC9w2w|0Y@7-T<-4S}a+z z3-EdLr=r=q9HM%FI~1lk(67kne)e>847}EbN>kJ)%X)gp(-tlF$WAMv?TFKC|0@P+ z;?}$4Vpv+zKCplP?eE*8os5{&LLExtCq0 z=?KlkUfmQP&^eN{Z_iR>unGKVLKOIS8-W-nfZ)gHt(9De@WaWR+uO<#h+0@uTe3n_ zt=vG^4#WXjJ_MT+)*W4gs}r5DF?Np6Y=SapkS{Kz)B|X;E^%Ic;#w}72+H?aK0nUi z+&oP2TqwP_S`~j5fH{}MrFz1&->&_fbVlIP zgyI70p;JPpvCgEHqK>D30WsEJJH2!oR}nyj4CLL*Z{GD4$+`+b#1k84@d>|*xf`V{ zc;4Q|85)!JLbH;p8Nc!OJ#3s#O0&yx>DG!65*1t!wnsHSp%&b@oRY`B??Tu`;ZN2*02J`bj zyh2Y??r<9t8u73b&FeN_-5FPO*l-fXj{MUa5{ur3YBh0nx2foTtXfP-7l%9v=BFcI zN^LgV%kju0v8bnFtm%3`CNm@RT~(9P&Y4)V*a20OTx+yZPSY&&D>)P8&Sn#w5#UgW zyTysge{53G&p$>T>83(R>N2S^6zTuAYgdM79Xjo^tCo)h$Vs!`UtWgkb)dVJd^70G z>;Tr~_c!9qtwpoBe`<4i(zS_n4>7U>2OmiD5)OE!CXIHAySiekKW<6At{QQ0=$KbJ znM+I(pHt{{8{5Qvs#g`&$u}@?yco0>8~@G8np{5vD-Ov~V7F-vtqtNcT*2ybAl`l5delHd1Zn_!byHJT|ovmrPq+|xEUaAC#< z8f%=EYQ*SAMjWjrYHqyCsG2%^KTU3k24%JjGTEBPcubWF4_~NZ5I)*v}A3r@e{9pk-4Vw=0}?BXnOdJNNfucYk-lN6z&Q3?L-YuV(_&y}BFI zovHhegC^jF3cX0VPnvG+G*Rqe^Jg-p-QV0-ZZ%!hNORnMM!kSgt}0ya2?n-W{dl;z ztWV+X!yBfnDn2;GIdT21@X*l67D){)pp|7Ed0NI230Xg((=|#-EV*%uKNrWp;+Frt=F7?+1-+^xqO;pMmV??4>KF1ciP^F8+uRFE40oVgma&mC!+6( zTPX+yd;N%le}uuzNqs@cMSXw@D$s~gHgRjBen2%D79rlkn@1q@zg2T89E=G)Z&f3mQ_&p*(*$ulCS<87{Z$W$JRh zZ_c)_LJ*IifX2wLl&4+pLasjL_eY(!QX;cvhON?yo`BHeUkV8>ZKYE;S}3ud^L#cB z3Ig0zoK0dJrcbu4P6Hddh{jcd?OK#ZU1U+8()lL8B~>J-Q~5!ks=9><^L}jR;pEw4>Wc9Uooq_N2M999UdSgV~ z$X$ri&u1=O#fJxv#bfRh9 zb`lBM+N(Oog0DmdlKu`z!Aial(fe{r@vJ--=C|sHw%$SMz$J7EA(8!&hMlfv>^*UZqxC5?zmJWc0RClDmW0o(;H70 z1=8eo&%xge$x8Yho;QYeR!*Yb3rm|^oR9yKVf zE7zSQqhL)7n;z3mRG(J?{?!{7vH+(f6{*iPk-MMhx8L4Dwa1nxcYSjgRV$!@h}F-P zbyPX5=ucu-PD$UnF~X(qz$(}Xw^t$8W2P0?Gu?H0ggnR$L#c;SLjJFwW|aqh_IAAq ze;Tju_4&dx{}J6e-T*#R7#&%8AJE@#?_E?3GQ?>&E2`Jt(>QFj@0u%pk00DuvApiu zp?J9iF>N(n4B_v{XWNDL)+4=~yzBQ4ZrJrXm+o;h$dc4c!y=>%9cjIT`yTG^xi;Il z#7KpYoFPS*g^KU=%Y_3HCglQz$bwoOWYCvA+Vwa@J^S|?16*0-qE;p;6*f%iQ&8Fl znxBXK8tm;v6Zr2b3_iE~w2%ArFF*^#txRn555)2Jz>>>7x4lt%+4jC~Z4Fu?e4K21?)ADqh!)_{N-m{M&Lj^PB(WCI@q87_RM|@7b<(7*tg(WWP>4u0P+Ysy zB4l**NvPxSAmpMw%)Wi&m*)(0T05s2sq+En%f!Tc(DSY?Q0S2^YekzBtNX7*OlnBA zKqFG*C*9oL8ya(KachVSFB+3OJpsi^i0ffkd!n@ndv?@u50m@UbE#084p2^@J+(0t zoVHfIDJk@HMs?uaH-iUwmIHA(M|P-)d$h24?A)){449fvd|{8UXA;#vh6U&vdz?+y zUH02M?m&>bgzBupb4V&f-~NyhQPNjlUD! zClj5&?0t8*9$r%314v$sxMI{s%TO4}v^w2T&h_wUs?VgvPdPA^3E`k65ZH4I^FO(c zER#0+BFS?ZZYx&uxs0Lj9)WJOlcPhS2R(#`)x9u(e{z_-=Pd~D?IGVN~ zK_ifOw}mbJ&0W@dHZEP}ZF)^@?$?zn)=-j=l4LOH2m|5usy8!*?)+GCkdCJj#Mr@; zX06IV+Y4u*AxBi($9gK#*O~9{uBPryg1QQDdtd)X-;m5PsX}?}tF@=5h8l(9Usv$% z*Y?(HB*Da6&CLueGjzu4v^Z^XhX$xD(57K zfd1ffud+#KOp!*ttBY@$_AF;Zy7KzsPo2?a>A7I-9|ZR**S~d4L`)7$D-rx|6P78? zW|;V>WeIFpzHae9>iFS|oypV2Y6Y#NR!p@Zm5d z`?ug88CIul*6}2vuu>;AkZ4GIa?K9Ae|Mx($QtgO@52K;b$t6Glcj%f5l-so{&}=h z^Tv$lu@1zh5BpJYi>!I;-1XsTL1U-3;VleItOfF=#WP>iVRlO{GdTnbu&VQYEB;whME$hwm!r;$)Vbfr##Q?_h&?|+z?oKCLrp~`lH{p&pBnXNO>I~-7wnZm?mVlj0?KqaB(O1Rj6 zV+Qo3t7)H5$_|yH8eEh2=Pc0w2R{pP1f64urN~#YhL8(_(^N;TN?TKs;U^h3{{IXo4mclb;_xm2YiH0lV2~&X; zO-?IfR{?k}h;3M0YLM5tu0PHBj}S>tN+Y8%dj29X^)WrZQml@@_M`2|SyO0aJ;S|I z$^~Xi5yO6_E_!@wn0Q@&Ew>ahL^^m_YV}A&aM;=X?+MESh$WCq`2zqj zRSO%-gsHj1 zk}Yc@Gc{1Yuc%EfpX&_Pc%sZ#$AB;<^y@VWcN%b59cioO{|a`0@S^zmvWmXBgRmi7 z9(FXWMe4j&&Y4@-sXxy!kHR~G_<@)2#?>Xe{2`%#{5$_c&wtp!Ih2W&4M~c(6Z_`& zq_S|~Uk)mKDJt4g`+*oSejtSHi9^x8vlF*T?tDZKuWioZ$yd0%__nIsN|?3C65<8ZdKj>VM? zrT7z>+T4H27J_4Oe721Hd$!U3!<|ld+GxI=wjXyapD2;pz9uGOxW%7WTEZ0=K5Q61 zET$v(_i8fd#De8&Z}K`DgPxzF&t^hAFD0K}Gv?5)sk;ol6n!FCm~Q*|nd)aEZe2o? zz< z-P$C;3mEGDt{Wa0*~FCh^Y5UDP!7XAH!Gr5><^)-Y9r~p9wM%_T5N(835a6HThj7* zb8{2PU30Ikhrp-@z1h(WAz6InUR?GotK#lv;24Zf`h6*FbN1m-%Z4lYCRO;}V?0=& z@UuCez^V_2g$%uJsZl-FpF`CsWWI2ivQ#>jvA0FV1utCtb9c}`LIbWTvMswr8s z*DS~cEUEd|`@KWF5Eo+d)u%stWXQ#i3?m+c%>YNBYi6d&4>augMa-YxAD+AbvnGHqGrz9Yqt>EhQ0|w|F5N;`0s@ z;;eSndDIk+L@&=>eF-8O^(B@0(z$tZnp^I-7XzJI`KppxNgXOIJnZbSYW`bNyLi(- zb$ZzqLi|^06htF&chy}xp?vb(6w>37RQ=l*j~Kr7g4oxEQ_ns38@)Rhv$DqSFBBDY ze9bVyCT~93eHROWZdLn+HPNQ}bmCN0yg)ZY##Zf-+M|Q_eglODiZ0Q?($&Ds*>YHh zo{26_)RXuQssXN=CCjti1(|Y}rSc|8?FQ6pbiL?`KpOCU_G!PylA`pBj({=j_7;SF z)AdC9_TX0vkd7~)Sb%Gi8Gjrziv&MbZ$w4=A}`*Zm|q%O!Mg!}`02LD@=bgPR4xB% zI!BZYNa;u&@s=6%Go^nFd6`*!9;tg6HYznqma9<7Ea3$7QCLF1z4m#e?$crQcgX0* z@GF!#6prXu9))xi;rcy~@Bz3w5PnnS`7RxF2Eoq%?PhJ$J@vcuyWEicH9htF8PQjk z7G-q)+rULvmWy;KsLO+5{+T`62{(0%h2`tch4T5%N0#56x1?{k*K3RX+&H3veD5t_ ztO7x;M03|M=eWz`8Gx^SPq%Y!9P8<(_`{kz_Rif9XCfr03_|v`(s44(gJ)XNZT{SA zvYa=X7P(-?_{Vl)jwe)-L@S7C;|okRy#t&~tQ|Vg8*d{MD$)K4F>52u|DcZgj>jtl|C=l2KON*VGu1aU1f@41M%)^JGcl>yiKTI)}CZATk$R$5-i$ZHQXVn z^HJlyrP;mD`vvR|cvzaBW$dOGdi^lrml|3BHLpe>-4`9M!${!GrP{j-f451sQ>QJ| zx2sSzWM1EwY4+-mteGI^>nX{Dq%aeL9M1cATHe-G{lD-yzxzvL;db?UNs}VQ-%QDh zs29(O2;Ceda&9&7aJ$$DW%*uz&=;5uTa_ri>HMDbXLoCIV?H|7!x8S1y?ae9Fe1w3 z#m<1LEEKb8X9M_0q2}r+Vg9g4!;-{Kxo5Z!swxJBnOABL!ZhPJ$mkw^!8etL-|u$R zC?&Luo9~w&Dm@7q?1A?lt_kyvq5;izEC&2NVbbtCL;TVbospN?|laU=b@Kz~2W zU`=~JDZT#qj+GaAy)7!&&JfAIvw?sqGjYUBS|914T0MTzIYnl!5IvRn7^bPG z_GFjesx9~PWmwDH?hCX4s>Rj&dt-G zCro~B!w4-e2Ww=3?Pk-Sr_AQMm3al5ABL_OYIiLniv<^NrJ-$nIoJKH>GfBChh{=! z*GD52NxvfO4-2|})U$PPNg6pf{L$EL7#d>Yb=m5ICY=NzvC?H(y0`J-Y~!8!q353v zJnq1Jym??5R6M0@tldd*%4bwY*Awm&3Lb<2Bq~4Y=@_nLLCMew0$BVc{{nw{fBcwF z-!AJ_80?BR&y*b0gd|ZKOxW<-^lUT6>WiBCmY6adr8)G8czM06Q!`HIQ##1OFM{dC znk}~Vh=Kp|JeWQm#OC1S8kkLq8ed4%+?DX@CT)tMT)>MEa9K{RRpX=j<677dw(C~cPMu1*)`K5 zQJdJgT=F)_8OD?7>F;;&aHE=ONq!Kl;ptyp^$v~CDn;i-Im2J%3aQSkgp@-puwT(} zjv)kM4-cbq&x;K zxs|zN!Hp^RTpkOpe(VA@#!Z_zvFdK)0w#Lu!d=(#W^c2uB9G(SFU$`EG2 z>ZCEnZo3s0dJLL1u#?~x&K<^pm87LYJSdd*w^r{n+xe$#MZDxcDVWR3K0YzBOBu%! zKr>2qtNK=B#GA0Jh(^ZbA)WHB{Av#=^|S7!OImff?EUz|jg)LiPhU*g_cD=$hK-jX zT}fLve07_5w?Y5!nuEc=Nh`V=7?|m{e8`J`sz{d4^Yv|Jhg}GHAkK@IOl3L3Rll6* z@zYcFb9kddX@1b{m%RlX_L?h&MyT}jQL^rC#yE)c z$Czd^_MXIlUGZ-`{x8jt3>9gBXqr5%Bc)<%MMk+JEux+?JOhM z?)hIfZwW26K6zh35DG4{?Tg|VYp-~9=+pqR|63N^eWT=hX!vP!gX!^g( z8UG&z$3Hmv1q^8&1=;!~YX~@PD`K-#$KYL#Kk@xEnke{&(l6 zvO`g~(?rM9{I5b_AZ&BhU+@<|)%1n`<@wT>hP__Xv>xRDyXO4=Xui6SPX`AF2UZur z4OL-xR&F`G`W_Qcpgp$6ln476im|oUT{U#Z>)L_617Tp{GFm&g{lc)no#3a5Mk?mb z?H+f_0VN7MRLA_u!(dflZaD{j|F^Wrfw*<>xxJ*B@>jRhammc6juT#7p-`!RyY>Gk ze8=Bf_!rhXPAasdCKn~6UN9_YMK9)k)N6sEdOZy#j&G*D6(XOT>FBY@f3f7_B^ z?tnY*eXh)pi}=7hBv8^YxqPyDR1^x+0=RfT>+aGQ3Km^BI9rmi4c2(8MkV$*CgZP} zBpQ6d1f027Zy#ZFPorAgqNId{3WkTCPl)j&0lwOQd@y;GcXl|ioeGdWpg z-)9~9Q|ZZtOOCU7|K0*OO0l|Wb@ts>8Abnbm<>>hKwGB^5+2Bfz%1FRzbaWmC6HlZ zVY!bRCaq7IZ&2j@44A%QBl5~aqy>6_FbzH|_PaX=hr|m%FFp%(x)rYMIl8WQClu9m z_{_Ce)n({iD-iRhAu3KF#7PjD-A&Y<>NdAa((zEFxaA-ZMUySus#1V3TB3QVOBQ}3 zxXJf-*tx=N{cTS1#k8$@#U13;ak+0?m<{lkI8~e1i1psrCR11fD2!Lv-%mAY$mG05 z>%8T#t_!(bhQCqv`<;H!uvKx0f<3Ax4bkbGn{iprT_2rqhn@gy3dX|PJmTQ4SQcVJ zR3EGVL9cQaB8X)|+`c+0x8pi*VxWOJq&(b`_Yse5|%nA-twlw@<{;Bz}t= zx8o%vJkj}HiralYRPlGvj92%83r`&eF5YyHh)$IX=H=@RuWM!2xa2>_`s#!-Xp+`i z9>8p|UvLTauzxQG1t!H^Si6j^^)3B#iCCZ9-qqKTj(0mwNmf9JqVCq1^EV;-`S*5^%9; zh@VF1V0r=N-TX+~m}CG5(r~Bv7+-8OcMM?w?#3u(;!k^jOlHKiI*A0&3vCQY7N;q# z3c9-UxFKz^!hl9`1JyAq;KF(q&eH?=euh%aE=k8EGilc6&^=Goa)Cl?S?uBvg<%J&CT~xM2UW9!qI2;PAi_>|%r#(&w2qpeC_@{mHk! zo(0TL;rDcM!xezp+xS35&BzKvwM2wT2-LYy=!sBvo}zS)3kPzVZ59GYlpW%>eyqJR zoA|P3wbMWk>)TzChhFKd!prI)kFYw`dYl+}C$72mq(V&7AVE6qR)uFRTHhvu?^6%9 zJLDy6+peZ32INmPwvqu{QBlKxt_W>>FZ&_|aTa=UscAj}u>Xg-Q8)d+EK(qGv{0)7 zv8frqsDxGUium45947l_W{9??{H0`W{8c^B@e95*pBWeOEbRLjc&cg8KY4mhG0Yk2 zt*M|FxrI#ep%G|&mc;~1?2<5wJS}PKQrbHlS$l7L(fV21bdQMYOZ&EHKDZ;%^?ybK+lgySTc`Gp28#K_2DQy#oZl z(lQRDw`4wPvoau%FE1byeNy9>leAWoE3i|x+>3p_;zv-mZEE0LoM4!XYf!q{Jnsk( z;Vv|@c_5-lA3u75M(2&T66rh3QaVICVy(f1%K@_h={gDJTt(yhF`$d=!1SL%$2|ZYX!c}l^)460_x^F}h5fwC#vI}zyB;nUMhT>t^Frk<4J|lM*TGKR= z8>yiOz}eiY*IohVipGsBrB%0k@6}GqFPG;rf%h{J8MEFQemJ!<_5`G+W4P?B zF^z~ZJ;O8~!maIl?$6W0AH#d#@Hud%g}XPQ-qDyods!RuDu=_g^rprJ`PGl@AR~fX z(lJ?RhA__+P#j_blP3j;{((@8#QJcNEO`^NA;}?bE8a1yAz6_mg0&b;<1g>0Yp^al zpd>D^P}sWkhtFOY;svzI9Xfv^Y=;|9n+L*oz7(g(ugG6frOR^;+j(-%DL5O0I?7sx z8ad%|#hZ_EjsqJ9YNNMM{eOc`&$qAz&H4ZoZukQzZWCQoqrt5%kpn z2(9(&zdx$D{2k#h$b7!A{;?o2&xaj1N8M=<4PNxAAe8*8F`W;cw59-u4k;E}irX z;Na$xzp(r+7!6Bygcc%hjS-h#7We|O&*-elgU7lfM#N8FR$iM8E+W>hlz8VK^+-86 zdktCX`}mC+_M`p~I(}x@t-DP($WlZhxeQegYk(U7CUhgl66{N#WS1(eq3Danvj1Mu z6aIujzwB93P!AEG&}&zT|4mD3HXr@Cnp`EWAx5G<;_hn!l=eNZgYH}?G-1Qu{idpb0>ks!@v4|V2^vg*G%OSSUMw7;(T@upi@h-WC-+352 z5#jBBi$u?w5ezo;6rwi*j>cbNx-$-h5OTmA9|{8XC_{}2zm{~zS@C&d z-3YKUe#FaV4Z3gG)Z)7xs0mDIj1!i^A;anIx zFM%AL82e*F8_s-|eugFCC;&DlQqoRFB&~gci}CJEi0ehK$iqd~6m*1c?v#I}i`r`Y zsc%Q*VXRo%ABx4YW`27tt`06rI)w%4sP@fq>-=0)lqb4t3xKhV7MB|0s5zAyut7Q9+zMz~T=V3_};eL|?N)RWN%*xOzZ^)i0{f^5N zt|llJEwO=%#zybW?~O~wjvh0WIi5ki`|1eOU(z3|M4(&MLw_OZn*@JR?uZ+XZKR$e zRq!iDLm328%_HZ*_z|uwD7l4>Qz}`a@UhVS1NQQ#YZYnO+%HWcx#FhZ1cU@&euu|N zVOF8b0+}(B85Je9xnG-Cd3=NKEqc?pb06kFmni}Vg9D<{)~L%~EP}+X$5X3QCy}t# zVH&aJBCkGirr(2>BRds}?W_OBH9jQ}BJ>y2kn?d6hLf>MRcdHi)UFKiI5ohq9N`Tq z7D~gCqrzBrsWc@TGYdfd=&Ma4mY2>j{HpfqwrJ_mYW^_53Yc6crnKjNxctwl%#42yd5=0B(OG#JpNiQSt5%vg?Qjv> z-9O?}B=IXmO8Q1XQB$2^o#owQEt>%TqPXI+;`{|2oR31vpZ<+(#Wh|F!u*fRmhIo^ ze*rUWzc)m$TLy~8eur2(4CgxFEaX;I;zToAX`&^4;40kdBhe0ExJFiToy$AS6n!`u z4F&i1V6^+@!9c6m7lv#47aTH+f$($jZo0K~BSq+r$kaanKA!w7FC`V8nbqe&Ab7dy zWHU4kwC;0$mIdz*ThE#Qu%<&=Oon{FIEZXYE}P*1(*P5>>DYU2>;a2V^SAMScqU;=S9G z4r&liFbzn4KXE z!}Tj=4_Y5xFHT49K%aHWeC-q^2p@xP>2!>%YRugmv)pKY0A;CxP9}cf@a=*cUi?P-j4uI3BwLUq)6p6-|(>4lP zZOckdwXoPvQ+&Q2{Kf$muE>?CU+vF(FGo73=1N7#wXyO2cY_}R4_V_6%dh3&Eu9qO z=RxtsR!&%YoK&)tb4hm~^4e?FRDs(Y(ft-8$x6gTMb4b2Ey%Go$!+xu>#r1UvHESP zb{m4XdsPB(G)E%Rt;^<~NZAa22hzsNwC%(4KCY>>E#N2*iJ+-!fQFrSNX-=;bA9dc=Q(hP#tdju)y3$SXdJ);C5?AfM zx%=k1ES^No8g=*ewM4$na{V><`7#N}2$~negJIO|$CD`lQYy>UUN+ydL8QAv83Cr& z^sVWchlSH^P2P8+5Bvl3Alk-rgWnGGx z>!Zv6idDs1ERb9MV~N}ec=zE&%`0632CGSG{a7HTc}cu;@V zwb|T^>PF3-QDLmRcP{dBFPJV2mhN)(0%dc_9pAw}*&b0fLM*Z1%;s<)M+BBl-EnwQ z>Cssci*eetp;v=T3<0Zvo^#8YKEGy2&g_q3_CU6;H?F-Ka$YDkN%$dA+s04PvtX1U zh7pnW-|_3lH2qchr;J$Z*3?Zh4nz7KNcVo;C-sC9%isnMh& zr6pQ2+1FW+`{renwPTHcXPeS>yPA4_bsdrUQ~f0Vn3iJsBKooTS&T}((k*^&#$CVY z!#;&-Y3*Jd>?H{*;~-HB-O%%jL-UZ^QYT?kZ`Bag?z&T7cHRjG zR@fOon*7OK{b*v>YOmWLRvC-LzBwS0W<-8N(qOb#2K^vcbtPck=du$$VFHD1_}?D> z1V6r)EO7Vb<0VC_1B?t%&+O%ef~hA*7923IK2^sz!les&bG=>2o`7@tF{xC8J4jwb z6E%D#Lkc(Zvs+-h-d>!%U6Xuo>}}UHZnTJEM@_>bkP4kaSzPKAh4G{XlK8p#uY{Ev ze64L?WqHq)$mza*GI&`kzMS*IF*d75A?xfyT;S-fcOfG71z-u*G1!H`%FU{{h_Ao8tB7RB$3tK;vqbVQjx4i=<02_E;sqE z8}NiyXJSkJ3vA+K0nf+lyBq;w*z-=>Yd%lp>p6ZnBbh*A z_8z3mA4AavDx2&n(uFGBg!loZ+E4;}!YE5ezh~TVEd!;?TZ=fg($gHS9@ieW1o@((Oy(TJlZ8zC--yBdUR&M+5~ z5wFX5dOO;RcTHQl$d_yupX5s>OAS%nRG~8!GWh2tHYSSFIu^tB@33`C&^iNS?Qwmw zo&_gCG0X0ETcvB_59XI+7Zm9uQNXCkeJ-G`o31G`5V3BFnV0c~uEk#W^Wg4^Y80Zh z?%-kbq{U&UrEV0V2*DKwg}2FdhgIL$-UHr$zxG1bWQQI2G43sfyns;wB7tT=71UXv zsKf9L^XGDO^lyndD0!0K?6l)!_%!-Sg|~$LUeRB6+!c3(e8KMCZ?KA68-B7v`pMc; zid3wa*MDlge=u@}P6H3rUR%R87TmNm(V)Xg%M--RyP!9&` zVDsanYC3nw3W2&nHc!j^6&+Nth<%nMGj)>S>J9$ri6^J7STh)-$MZz^exC+d{rqyEXY}39y&m4M?1|D3>k6TCtMP!PCyPl>W;i zryh5OTh8yo@6Vk2{0k8p+AK>my5T;+SE7x_OR4Or*NcgDJLuOzp>tY+7nHX<(3Z3B zgQE8vDyX)po#4&YFh!`HU7doA7Yn$W89u=BW#Udd1K`8;=B3M@xb+d)pP5cCTiz>X zJ)TgGo~O9EimaE5v60$Z0yN-<42;YsDg0C2w?j_F;ytz{gS^{S_W|(%x?k-S~9y670g} zmO2X@NtPrv{8W#aEt~Qv<+dTEgi?BvLOrKzPQZFfkPIdT7P$+Hv{uI%_RG2RBfC*p zncO5-C}}XEj41Q=p>rC7kfPv_Fk^OBV9j2?6hWdBh@-*C;+IDL%;#oCnzLf>mdci3 zTawmqYHMcT>5CrWo3Etm!W1b=&lZSZ(xQskkf3} z(8rEH`Q+K?D^Dm$pF7O&yr6&g+yvlxkIvt4jrR7q%?GF}fF+8spe!mdR85P}SdB0& zyxJDOneB`yT^Ox|6%n@Lzj`liPwLnW&*wOak7IWK6-98h}6<08MLZYg&@f*vY= zZSwP!l;~|ry}4{fqVW3!@%`ERzB1WkS;GhG)|xW^c7wjNV4SX-|0(`RIp)AQ?M!hjV%= z9$k01PTl%bxq)Ktk=6 zm7*i&d6*U(CxSdS%fg4bda@k#w`XN?o(O8x;8K=Dr`)Crn7LQG8{IOlRW~G8&HUzp z2>pW(x@zJ@`JH&Z#yfA8cR62^Ix%haFP`77j=b!9i|ut{fa{6D$iF2hmDF!#iS*?u z|6H-wdPw7Lm$u!(z^kZzb^F8z)t6U1nn2DFcZlOhW?KwHalB-|5P`8iuMhi;^=p(GwVq;md+>lo*$}tsnm3~Fi#nZ22M@7Fy?sMX zgf?X!$&DpTEO(f1)VXV($u@Pyr`MW>xviJ=4uFj$4+@9Ul5=a;%DLE1Eh23m$r&H) zp`_O`&XQD8N9gs*!fd%nn*IVut=0F@{19hR+5T>0X zEIVYP4vTB0t2^y;UQ%M19O9Tz>z2*J?343Cm5$LrD{BK9nrW zfatq>!h&63md2KHN(^!4Kz*yv#n%^CKOO|yzZre$E{H5ghxv1h?4>z51FVe1v_NM) z!g@|3bj!pbgT!C`!d4dpqKmanXnai51#w&02$z!%mxTHoUf2^U&71fIKFVz5XtHK6 zG?id{hljy|-yQbA7{pO78Lw6nyEawoJ{su#QiBr zr9K2W+H>YsU5h66tWqoX|4p4G-{7g|K-o$9PWM-H3QgpW%obG#OL@)zUbh}qTvNiAB;_c1_gvCd_Gp}P&BRb(; z#O(|BuX`Ya7FeOTQ=*3npnX5iIfM|OGH7D-rIHkd_H0{mY!of7<%2agl}TwS>aE)N z?or=a$wl7y*ha8P8K+uik+k-VO<>sZr&%@S(yMK^G~8UVZO^odW;^(Et+Ze)M3q`6 zBm6VrtU%kQ%AQcJeM6Jwhclic=SbEDsPN%ZfW?o`QO8j1$sD=$?F@#-@X?4#Ha5E4 zgM$Nqu<8fkqa!7;OC&)9RZa9hJH4VT0=$g<`0vedVbZ1Zn*=!iEI&LQZFFy@-BFEn zgJv2`)eyg11ZoHzlB7FNh5*+xwg}Qw?D|~T9|`}5O(7I^^Cff@w97>p| z2ihwx992+fAqTg#O4v`Kw|i`UAg0f#p`O?Z2;DA?CaqF?ba7e<0vu-K15%OU1&sUT zhN2dXW6S8i=vRm>6uch4R?p0?h2|F`2C=yI=uJTE`27DTf6Q4QXnd>)obc=8l{-w>Go8=kX>({8kb@=4^2-i&8aEXjbd-tq%rBbyj4nl|_f2QM5cu z>mSWxpqdCmv%HB79)TO%{_jhon3X}U-I^Y7Nt$wM>eN)9%I!8{s{L+v04`p%#y1o* zt3f9SX8Ll?NsZ@Pb=`29dPHslj)XXsDGFl-X4Z_?^~1J+vldl0D^V}9GibjGq~LlC zFSKwi?|TjJcR!&>BEJ`2x0g5T#m5fd4(OfKFIky+lAZu8_lV$i{n~yFy?a0TE{ZM;Z;>>O zKz}y6xbBOGDx+|>oRR2;!XM<9f3QTmMf6jQ{mcu3C+HRMe7uf_nVg-5$2n8XFyk~7 zq-v)!<_#T@r^{4B$jst$r!q00t~NoDfv(i*q6@8EK*W%ZYd_R@dBzcn(e!&)KlR&g z%Ljf^d?9$d*=txdF0z%NsgOX)Gi#|eBI|q|w@sY0zxXoW*hLT;D}}agWT!8?SiENZ zdt1_02k{tq(N80Ei)r(6HTtl$o+eFChaC5H(FqiKc{3pt+Tr)C@oT5a0g^=vPQr?l z`u!+U*U~cOs98v|&q0?eqKk`vTog1zh z)H19NdibF@{pA|dS_qS^tYlurCv_VAK}gO$;oA)_6)Dq?Hm@Mz$jwE$Ri_0B{PI8YFwqr>-#$kvoJ}5Up&g2c3{=Wep=SUVo4%` zw=XvO6|7EzGHI$>ZhN7F&gkE66G#kqM1{K3U_r!OJ~xsNyMFwUerM&P3>`IU#ge-W zE0=LD0#2c$>7%oB1se@mO$DLktu464s6>6)mghOQYd==c+TKf-!N9@ajk(a`<|x}b z*?u2|_|^k3u@_P~d<6Ze#Wje8B2wq8Cc)A=qZP8 z;1)8wcm#=`{^7{qA(xmvCBWHusy>Q|tWABH;o^co0)}#(3a`$O0)um>0O5 zrfsyW4QC|aMS1rTcAAz1;v8%s$K<3}XGqq`QC;p@Q^RlrF_bO%kh)>Zpe@G0mB6KT zxE=!_&>ou@)*P&J-G`&28;<1q&_{}VGqYZC^ixh$wDz!w)uzA(wOexv@+214YV zKMIJnU4NM%^$s;tN8o|9hpLy zhVab%uR#0R+&?-{ssZp{@yO6D4+&)=WHVlCo_(9Uh+|k_N5=IZQ#Us^a58-#=9MiU z#&o@1o_TEy(1RW9nGh5Wx@X#AVg$36UGeQRswASF{dVL-Y%+OeQ-r2IM=4_j|p4Q)A2a8qcbbY+HO#|-1J8994)E-nOKqZ4N zXRDmK*DOTu_o!*c>}GyCa4aXR$PWkBGORMa>XzaPTS3qEnxe}D@Em%mVtHitL|&Id zN)`(Zzo0u3+s_Zv6f8o`Ov!(8c$soOdU*-_NKFL zE6gYV#X7$W3B@HZH(Exp?F)O)x6ej{WbB0e0XS}_eO-6S+YSwLDTLTDo4XETK_x~x z6MC97@~nBbltpdXw}p71$n{^kLz;_{+PuPj)(2wB?fPp8U5pB(qq2m5~|e3oS~6E+oSs8*4{``TUz6z z_pXb1vwYyQ{olbs!UX#hOcocZvGHEdr)L3z{h4bu=CZ0|>otpou>xeP$%8SoeS{2RS}9+`cvo6ltITB(-v(Ia$efGLjK&>FdXNx8ow zs|~IU=lTSJ7M3^)9X_8G+g%WzkB|631wU}ub8~@jJ^)?QJ=mzowPK&0yuTdWyo_V; zMi3Yz|DRo`onq5J^OXKeD?(XhRa0vT+tJYdo)pI^F=g&Cek-wp1dttuOaqO7Mbzwbl3XR2E$5~?1 zAxUY-Q`->MT}Fp&Ejk(z?i7hER;Cs|Gslgjdpg3>aHtfulE&vFOgu=w`Mtsk8X|M` zM(wq_eiOO7%T3&;6AgLsXq4}kwja1G@mTuT6ipv2R-#e|cf)+v_W%$y7iYsLTo4UKTgh5cEBHKQ66voHeo8;svx#+m(5k9s_UrcpjS znGy^3WF>h-I1Nvqjp59+ zB(qi5mEeKxNKF1CWN;47hu2))ioKjpdI0T5h3Hr5!)64-j_Hrh#c34=zVNIJ_Ab3j z*h>;MhDKv?kXdrC?HN(%AmkHP z1+q4Hgmn3(5$%U^}&7x@|=qnjs980U-iIW)dkTKt0X0#Bof4c z=8?tli7SmS`+)mXyCY(JQp$N~UjNA z4ZZ$M96J&GVc02x&SYYZTm)`0h@#D^RgTAHZrlAY{plPhB@x~|@G(~dM;F$v+N*gH zFFzxU@JFbH#R#6Cojg1|lIXs&UQzoQwWcX~5S#PmVqn*WeC{JhPw9E zbO9u06zB3#A44iAQ*%Zn>{l&PMQoP=BNrY7lLQk576`a_Y&BOEsio^N>_mc0>*}7z z0V`sbO8FS1Jfe$(v*4aoF~7+ z&Tp8G9ch$SFwZ`CE$h~GU)q=fiYD{DI~7k681c6o=D5bM58A$U=%u95 zVvNbNl*pD;J7>qk$7U@l7)LFj2O;*n6apbxuLf~IJ=N=V|Do}C@jeNoW|=6;af$$d zXK7d9n=3qVAdt-0o_|w3=*hG5qJw>h-Rym|_2D-ca{V<+3z+Cor2zImzN6B+0#neL zXjphUOI_}EPDT9vuQo@N?q)6Jw4JX4_x<)hH+$H>0waGLm#2$D*-_GkEK+V~eN!J@QBqYD?SM zr9=0d7(4a}%^s34wHD95UJz^02-Nc~go^2Ob`(;6wwi%^Ll7Qs3Zyjy=}#;af0%l6 zlRZ1Y>k;kgTxl8P(^dvn@3_vIL)@+R2tHd3i9AeC@$q<;95FGna=WH|fxhpF3vlq_6ZN>6w9Rogm=W1mlQB7*=&I{!&bPcNNRA z0SmJQrh+|W#r_xL3i)BeR!?5z^NC2njfG$RqSABW8qqr{JoaKFE%Jdb z9W`O6A|hQ}-Cx=qGBpF0-JE@t%;96s>T?!lXx3ecijElTrj;x3?oupH!MkEl2RAgk z^4Hs|Gp&$E@$-H&CS#il+y(AxxE)<0iUgz3T9ln+BErbBE7Y$ha)HXHkV^T=V8ogo z*=-k^KaRs$;;z_Y-xV;l>g@6(fNHv)*v z{F?~Uy~~@ou6>TlLF9b-{!9F?QR+SOp-rRBU6{=tn2Rjq!|=;wbOPC9MN>V5;GxfIk;xM@P(6G8-9jsQzrK^&h!mV^Hj8jlq4-J|UEIj62^aWB zPauleZLgh3lR=`SJZHhvKo1xgnDJ|a@6D}siyLMgr@zf!!$W7VanSVF>KT%xa-OanwoszPz!~AS=fMT>$T-NSJL3+pO&rn9+ z%`rPD{o?cAGlVlaX9T&K9WX9{IM|Vyn$jQ6S@;et!|Dw7m+Z z{=6RU*%Yl(nBcQ*N_Lio+=pmXxh}+v5w#ryO=6}9Tt_OyTH?Hrgz=qZClU!WY0{gs zdU>GB=}Zuo-qn{z^V5LcK_*-FIXq(#Kg>_I*x(?$h-5^x1chG5Th@`ED6~#XB@_bA@mW zM?}5)#L%47Jf&)wkA7Y8zVn%Iga)m7H>bubY4B7T7~cnz$4ME)jYCkb@#Zze2J{&+ z^t|OOX(+-Ts4~Y!W+Hchxo#;LQ5TXTqvDTo$VeDi0ms{-Xd?z-W`+pCi`wJgx0qA?-kojuJ!IQf5?SwK z6eUx(Y1U%bcm}0HMGq?$8O|r9Cb4vFMjeY_uU7jv{Xx62RR(3iLrl46Lb>uyE32L4 z{SH%jC&P>w-1o(ZIy{;@NC}W;N2A=!_r%9J$-N(MF%FP{&dU0UXZWR)S8ja(D-wJ(Q=)v z*(97NRyYuDo8(9?#E5;X zT18&H^0h|fr=~TQuj%vT_*{~lpB6?N$JH1m#_eRPLR)ps2Fe$W^uEEjRIg6pTWuSZ z1dQWXZdVvzUXettY{tfyO(6}m@qN%F&QvS?%N77N8w~EZ>{+>%ArlcgW>BeAq)k7U zRahK?A1{AAg3g1r4~5^TMjsuX6&mN5NM<N)i{>jvB3$!KDOX&d%F$Zo?M~Qdf%TTH9$?3}qdUd$P4%HPup4NDm7fozMotK1f%?Sj$RoQa5+y3$ zM=aW*ERd9_+gljnf1c-OYbrhLC^y|A#)t5*;U&h$Sznoi3`Y(xNB1vn45vZ)6kfr^ z1eE18e<_umpPGpAqiFX?3JV>9JKG6?_>Ea(i1CXgSj$Bky%w?A9ej7)g=Q6K?pG}X zS=Rqi%?BL}JytXyi@4QNl0z9iJ8{@TF!bA{v$7VceLx13M10`?qBQ3EG*9>hIi%WH zU!xZHL1EUE)d}hxQH>l9x54#_COVpC*!@#s`94Uxqy? zD0eyzi3$2n`3LUPuJ3+g$U&tB>J%mse4I(U-GL=H+@G5ltIdIVDs7#%-` zKB%OPx6V~>PVc2?l1YkC183lrCn*)8WRhtKFse&Fc&ecO*+Y(+$49Z11&v0&tkdbV zPLq9oCns|RZH>g03DtFmE8CTE{UTBlIL1uLh@hRvubHJvuBeca(B)iTZAPG{{men6 zJH0YY?}4cAPc;`4f^vjz~|9&l`W5+rt@1rhG^=Eo@P_-OCSWyix&}R(W1YV zLDj(?N=f8Ww6P~sDyNcc zPWAg(Rz63=t;F#_w>T}6?GuSm=e6APU`$!ydnAzP?PpFH6inb-@6-U-r&=g17mhbG z)A(atc|^;i-$)Jhq9g;+^`@w?9jE?WEQVj5x9G%;7&cAX66@4IpFoHen!d~%R-^HZ z(>I`vSFFG*B~O~=CDpTWOB2y_TFsRS<`ktfs;r{;1e4uvK+=8cPGwwW(OIxNfb0CU z$hes-6%nm!fX}7a*X7o~WYZ#v4p(PlOm+$?C5`>?$nGY*0^C%I77-n9yZBV!WUDhj z+xBlt@T)2b>4&wV<8Ge&GtF$1<-Cl!8+wu{;ySfx^&2T`XDR{Gcc@e=Y}!<8Mm;SQ zVtJ`KwGdP>0&k3RT#j@o0l2NjURsBbwu1*Q#4VcrM$($1p2QU{KcWZvt1u!MS8bf_ zWNk;`PF9UV@NX6#>B8fU)@m!*2?US9*ST06;>LG>XhU`I;_r4p>`wK_1b-w-E;uT=q_CV>dK~F*nSChiUx7mi~mgUqtRC7E+Y?B2-N&AJukvpQ{{YxqvlqGmb8x}BD zTx@(~m$rYYv=-GCV(rEPpl1rVY86h?=>RZ#+1%A%V{LC}6-2oV#m<(ZY_Av!`~Ma? zumEa|5&x0cJ^1vE%I+B|f zXyL(@(nUE%Bi_^BD*gdNq|Y9zC_=)-8mi)LJ>XSSk>DoGeHQG3lgyc*aXT7z6OnS}kAQZd6WoXz8gKxzLmO^rFA+6IzNUanFTTM4qNG|=?54gxa<0(SoNHc!y#y?ftT)v>42XGqM&aS8SJ2vm9$(?3We@NFm6OG}I z6r&1s=>d2olSa1IID0W@DV$jez@rPPPRMeMD+HsB`$l2P(1;;rTG~Hdi`ZixzI7U& zxw*I`olcZw`1~b^Ocaw5F}DP*pEuob`B9kl9U~LM@;I`l#(G$)?Z?C?af38fD|WwA zwrrd8_i!14wRMw5lO;yuU3h1L9at56S}f=|^sVWmk&@BY(1I zsk$0!ZRj^ja>%K|sH-fy;@PgQDM#|e#r3J3csm77Iw$ME&Cj4^I3p?1UD0VVK9WuL zH@`Doo;G-&IN+bOZN^SMR5wg%@J=|KiBAIe57b7(Y-mT+m^3Vl-t2I~V`0o-V@&ff z9GS)>j)SX{Fg$?v>NLXN3v(V8^5ZvLJqw~`P8%-0SMi@-VV^%9)RWWxo5o}%LBe^e zyy=4{Veu_>(~LF~+9f|FiJRZId&p9+Go*>OO{2gos6h2g1OFFMs9=l~^k6*bP`1$3CQ1dS|G zLNCG-d+YAPcCKGS#2#&=`Uj1$(5|FEIET}-5Mk~fR+Rl|d`Ay%W!k4rU6Vo|$8adY zJ^DO@cscti-*MNy7(H|SqYl1t?-}U`_%{C&c>6p2hCf(k?5lJ|I428^@~kHTsHFt# zf*Wh^A3!_F?ul5~Ck+}iAo>{6Hz)7-D^7mn%WyYxj-wCnhzoJ17BM_SONG+_4#05@ zG!!7J#E!RFT?yElS;L3uy{A859@!25vaCT!`c+*+QZ++=IFPr##8i!Y>qrv2avV3;+hEn&R2s1vSRp5@eZ4o{L3=UVtmVSLq;G)f7(q%5Lh$sZ7Rn)F1`tzXQ1+8A? z(`rsD5iyA?1(Um6mjd;mM1tcki65zB1H7H#46%&0%qa+=E#U&Q-$d16AmX&Kvh!53 z5-kwG?|{vh(P@aVCENJ{PiAjI`oI(ii^=N9sF7}!@;b7EoUami(@>_XuEcvKb+~9s ze6ovi7tUHP!^p`5R8l1a>9;2P;UWbdR?Jqb(fctB)E7lGWd==Tp+1mC$W()ww3ryh zi6I=;#1Z~Q0ten&k#9N>uzy<!citRC_ zPlQj!G;>}w*sma>Qu;dp8Kofvyv|rTC59H5sU+Kd`;`nK(95r`VGGRi<6ivrpi54= zUi}F^-_|YOSaL~Y{GC|GVVBn3Nd*$07cdR_;hQH>D|M%S z_2DQ`rT9&US zf+OFbUG$3AZKmdm=sz_V^aio?xoIyoW$HUK$Se9GS**3)&*t1w$a8mWju7ALDD7o@ zLWBTXAd?8c-y8AO+wirGzy&FgDWJ0Js;!L-x?ci+{?mSuH8<{mRDqJrvrbO*|5>~8 zAE5VM1Y`4@@sDDgN&%053yA!i^KdEu4Si>Q2iq2W%_^q0cnYT$ln&sb}6aO}zod}&;W$EDlzt7$Bk? zg-%UfKIZS=$iL03?F?36D{##di9h;p(d2)9Hs(UmsTCw*6+-I<{M%dj&m%5tNYEg= z{TRy$j~K&oky@uRB;Hhq zXPCfEVf;=8&nqgfxrQuYm|kK`Tp{Q<~yF+B2@OwGk;)C!sj~R3$I@=!6VWfL((^GJ{a58!8Q-KhZ(k%N$;b9 zt@{@5!!Ruj89!L!w@;c%pbceaSlK^hpKpDphHyA<1+2F7l6!xRmeP?q6F0S*8pr!t$Ob|5 z;K;>1fXxUPovpKa9mCtkyMby=N?U4YsL6Gj*WPd^0#nndno-9$ADx{L-HGCn}0T zX`CVHmo^`PIh0=?Q_JuaDKx7%#l?|qKeF;jt9kJ7Z2suB)X{pg@+n!QQ1STF<7!H_ zakB{iv7U88+^8(1I2sMJYszYt9G!pTJB|^5Ipx%52UB?~Z^RCp^P_rXxzVlghZ&^`?3@2vo?}KNS0! zu9Lda$sVA`%0t=KiZb-5w!=azu+bdR%7Dn^4y(n*-C)5>YY5e?FXpHh~zwjVeS9mzo~glN$yhG z+KBW?Eo=LF4r+}5aN8l0W%-9xg|iwEC*}6Bot^G{y_2BTiGVyU4r?IUyuxI3V~O)H z38+e*lT>~wRdnhg{d>zj+g4Lm4IWMY3Tgem6gg6>0#Nn zU}-)*w)l|t?|^Hb!>|3W&&`EUp71}P9RJ^TU83ss_c2pS!isZC!26sFmEM_kqKJ2A z>CFx^7c~oSHV92Ki@*b?op~rc_xu7p>|ruLfZ3*(u;R}b-4RxuNc>-PpB}w~fREjm z>H)X+FzGXK!W*^l#(T%nVNaZb&MSeXoZq<&`55UCCep9AvpbcngNRU8LtrEgVS(D^ zK-SyMtc@40g4Y`$__f8_(xPmZKL%K7u@(|Iruy+84}t6!=<&}kS6MMg1SG>+?xgsSYd!7u$$X$wDt6)9IY=D1yEH@J z;Su~Lu7DQ+ZM6AM&zD@_t){#@@D{u^a5rOiYeC_K*|PBsw@}S>b3!~Qv9SAh^t*&K z)y^5)==WW42;%whUDqT9cO!3~ZW7dZ$|puz7o!HMQm12~VXHpc(3ABHV)mQhiEA*wUC)_W=*X&OHQ3`@IX!{Mfn~Wl!AY}X_mWFAuT~HgbX*GdX0ukpQ zj))kcnOR$Dll?n1tu7`}DXX1^k3m=$R=m?=)qx(UsO=Vq_9NBrtObk~67iPVMZp-$ z7=@`}K<5})g|+u0o@FT4@BDUmY0Yh&V5JT|Ak`|Ko!iJNTcCLr*p&6m#a?d3sZ2@! zdRm58*2GOL_%d)91p!c>LbS}@2$ivn$^@CRG)ZN2FX01nOA&O-_XPZ#VE2Va_qddi zy13xV{ty((>ZQKL6f(>gnZ*xutYWX1vQXqsTzKI3yB$`K2V%qmf4D*@PLR&?8i3xX zDNBt#RSWp&)bbBwxeYABcqr2J!{10n9h-el8@1aMg4+2pD_loWLSEW2J+ z+o_zN3-aY?Q>`#&jY9cvGj|MZ`P<*EAmMJ$YBxAp0WLheaL&Y{-&yBZm2r)Q0#HDB zJQ;cxbO7xkX|Euj?S95OmNgrOuY={=TR%~1+b|G?I8pCjKZU->fm)jSXK@7$h&e-+ z(M2*9bOEu9&P-9J77H~U5n$#RE>BLxE+ zUK&P1f4&k1Sp1jM+(#XD_;gG3|1xhE31px=@mOlztX~60pTfivQycH;7*^92O30Vg z`Qm28o#9^g*Y6EJV<-7mr}HGv++*c{Iv7B5*p^sU2OA^embzqZ%<4M|+_h41Mj@vl z^_x$8A5jbOV-dSZkYOdMwEJ-I!$G^FOVcf8GO{Mjv5^x-$*_pyeIsWkvBLX@n5=|S z-|0wi9deRZ^gdbA(i-6dS}9qz(7yeEOInNSPfXF_EGmw8c`AE&ev45M zSc>7C{(G~m^GbnDn`d`OqX#9k&WXqCrgTa2Jvd~*K2dr(jKpCBgyCH`);Ih_!}25k za?ME3jb;{0C3+fufX0*Zhm~yL=AT_drHIMgBvmw9X!1pEoHAz_D-on2I)Q~QQU?L_*ZNR~>kuXKwoaSQ ziTXu97(i}qb&Kr7e;4U4(AD?uRy*nu2EleD;D{c3AuL z@_y(Vcit7=_*?hIw(PHql{XMowS6TNhg1l2GMOSjQjS)UKO3_Kve z%fa=5?(9`%ZV9^KU5e*{JxjOs?fbUpKO(ENR|EZnuAHBhI0>sSM|LHG$#WiHK4NRA zeB5Ur%o1)<5 z+le0*u|9}%KLXCtwIY{qUtFqv7`_}!mG6oAChg%rhamYZZ2d4QNJ?7&2GhDPODQ&= za5Lt_!~1*Rsk|B7z2Pj|+KfAbZqj>Pd8{!{0vpMQ#lMyrrjSFj5Kw^#XWa?BMPMPh z_j>CpcR!8hMga`+>iBNIP>{C1BJW)>F0AMlvl9i%k~bd&qT*Z=6vFSQhbQuLTw z<3+!GId*|i)w)&CE$(PQ7%6+SuK6+4$t(EQ(%W3szk*>&+TM@T%30!Igr%Amkv{v*i|?LQ~R6 z0Y&m7`(@3A>Ck076hl@gA6~f+*27kkIJJdj4MjzrE3JNOw*k1cWL8#j%v4tO_OuonnR0tt78E37)@5*yS4{PimGm_Ku~QXBd{KmGNKMt-l98hi!R@=$1wDO8*aR~iSku^-yBi(8bRb~Rl+Hq{ zV3L@y3Me6+Gx`0jhH^u*X2kjNC$&c4u8yWg8WBWOx2o)2jL4ziDFy_Vl7vH6#MiDp z$xrC1Fb}_6ISE?=I2UE-$k}J`-%UD^h%Rj%qnx{_)S0M0{+P4xuus}F>rnbgkk-!> z7_1`ZvhNlUAPZX}5p&R<2>me*N$kXxfSJlzo(aR3ruewgyD}dKQ!F`7=$+6*7XXxr zh>5-<*kxCh%o&dPG5{x_tcw|dbp8g28jfn0Bf~)rWZdqnNtLX?u!yEZ1nDnqX+d0~ z)=6@nBH!JahknOJ{Mmm&`@8LvERToeRe>!)YNXn4UdJQ!kLS-($}p6`E|WHwMx?!3 zz^}D_;v_&ZCNvMkcIjsL$1JJWllHI0&)sZO&pb5QMGv0%%be{^Ym-7a>!d78;OBC4 zm<9e-%D&@2MRxfdxCxpui-5B$siQL%ad*1Ar#~RdPo|k2`>lf;mcs{m7KuqA5@(lQNXfc1^D<-J+vDf=O6BkuWzJk)WvT2XdXE(*V&0dy9 z3Tl#NT@8P|pJ97?_#A$Bd!0_SoLUc5j1Z718P4gBit0Nf(*E%)QId9{1 zPCq8@*QlmS5`4f}-|fpr&7CM=_W~O*TgidFQif;3l&9-`44;zJBa^S$?3U`&X;KF` zPP`|fhrDLcSC{Xi+QHu^0?|vE-0)T}?92E-kAhKLcDjei#ac&$ppH`cg8KH)Pu|=9 zJprUW*VnFsv1?ohe>G^%Q!1dJWzDmbbO*kZ5%h}Kvsf9Hy_>wD$wok!*7d{dsAhjr z2!wpw@)7WDdFM!m@8@q@GAO9DjOdt+gD#4LUf~J>pMFZ*Viz7B8CY)`%|J3_9(TDa zdhM(<6OODzfyb1q8Pnb_Bj}XsCq|TaQX}iWUI^G78+2LB8&q?OMA4sAq?-4(Y^5%U!IX z()=U2GSlVLSmYVSsW@Jp@+WDu9Fs#!Wif9(#_Y*s%0;E1GTTAkObcdKdbc|}9o>(D zjg=HX?OP^TEhZvm_>T%nMJ$4&8coTzHNn^RXj1X}cWk)mc_-a%?Blm(TKI&*=NawfSMUb_BM#$n3r)LjGfe|-`1>Q^4cSBP>anI^1 zK_qwg^5BzqP+Mz7z=LP`@sXX}+?hP&dZQSx4I9JTee_ z@rJAOrK4vP{hTMkKHNYdK;3gbzwcQ1c59=cNHq8Gyg%&s;x}CZ?-Eovomt-yJv$(9 z?#RdD@v<7AX=8M(4fluI(Bu6%J z5W&kupg0#w2<{GmPdc-Q)JEKpuQ4opLoNRSME>nKF1cBj+G4dANu(Pgvg2G0H2j!! zcHuko%=1yL;NW@u{dYGyb&j>eHNuH=WZxovatp*Pa&K;VDkea;-jhtrJpsLFzB9yk zbK3F{d$%gm{RaG3zgVoLa;z(Kg5(TqIn>jn!0K+7yk*X1e4Y&}Ei)S)oeSXx_9%9m z!4Jyz`|(y<6?*Z*A9R#s*y+SyI<`Zy%M_7u(u9K{z?p1RwCkie<>B4tn^<y7^c0z+CkI65X1I{>IPdvSLL>4$INQrKeF@ zC;#30iStxHkL*i`4-dD{BU)|-^NsfV!(}Xydpp8OU5}Eq8(l9H+5sT^7RYPoO$L1Z zk&9Hh4yDlYn;02`&#EzIktBZ00mcTo`!_xuGX9?Gw-{sUaYKDSa@GBvh;g9xN{c$H zQ1^ZUu4ZQ)i|1RT>qG=39vxd-EX*{&^`QBYZrcW*8@OVmhqB8#$~x1o3%b1R0L+(U z-VohpeXnTw&3aIg`U|ZKx(pOxKI_Qba>y!=7FT~k41UsoJDKiTIwy!|IG0Fi*mr#L zRbCrCW8f5@nn6KDG1zXyrQe8L4e2r6W)K#w-%ynq=XhCDDvDZIIgWw#^q`dM)KgVJ z@3dDU8QwL;FJcziVhcm5#J}3bOD-0Zu~E|H3bgY}cwf^Pni^Up9fy2viPQ7;_SSxX zluE^ONe7lnVD3d4H14YVc&qsC$ukVO6h zV`S6uIkmCBT%6p`bYs{dsGOiQ3N)}kaaNZ;eXrkOjQ&KF#zk0*MV_c=Z(qYs$841U zmQ&ICfRWDM<~TGZd!8VyGI8|x8*i^WOSg}JZ;<}K?7Bv8Q$|8_;$(duAo}3^jn0tQ zpl;ZaT;;Q~x6WYr~FdyWY{I|3O$$(EvO zJcC*b@Z(*y5wS|Dt^`k6%}mz;%IEXUFRWc&I$EZHnT9eb-1?{+dm+!iJOi4 z=$mHr%bIiUq6=Sr@Za3g{=XRdKZe(vCOFw#TcQg7hWe+$xIK?+J9qu)l|D~ro&nCz z+<66u^#MWn=Z8dQb{OwKsY|NkPLWrwDomtm5$d;1T!xgSs8$@bb=ClZJdj<>KG#%v z)3z7=>AuL?cu(B^p$;;^H4&_083$V@Vd2C4ySwLGvVyC-LiM!>dAy^dWEF-HwVDNs zMalYPsU1-N^6x13(~zC0vFEB{O(u-5*BaI#VmZAWu>0jqtJ>m#X{KwoFNhpzq#O0C zJ~)y0$b34U zodRHB-uQb)PWMN+O=Odx=vzflmg@m%U?`H(8GqS^)+P9rr{Kfv%=!d!goY~Q?O2n( zA5a2!tUhkQ(mhq0Jj!M$_^}utl2-TxSP^@?92X;dv8VLP{PlcVsXJyvhQh{w zT6u~mU7o^y+>5i1YJu?6g zq!qSYSmo$w(>K(QJbxXxr8Q#NSHj|8njbw>Z3v4J(`mt5FN4bYEUojA$t^V;laLBR zI{}1$)X`dC`UBn}joQ@n`3wxrZo(u*{CYf>PFU5~b zQ{4xP0438U&!XJauQ|VXc0bUV2YsDf0#XC_Mbk$u6(zKGMb1OlIhw?+Y#v(LdrLQKIdEBa{Ad9`QJRSf zw&kp7NN5oHNjmuEs6PbtBmS z**|t^YQxrX^<6DSUZfNeCcgAQHXLG!G~J0TU5OG)K_*H-_G5jn4}+@moe;nOsn+V+ zI#f)DE%(y2WEFf5$XbBUHHwg|e!cIPCgee6&zQQI4zr9NlyHIJV@s0ut0Gx9#iuoT zv?!*@&l|Hl9-zV~EKEugb7O8Pud--L-&`Gq5ozhbJ)MW&!fLpdmWuJRwc{!QX~_)H zQ&JDbpK$OSGKQa*-_+<_En9%3M1(Po&c0)>Sov+XXlXT$!cl%&`$a2f=*Ix{^I>9J z3?ISbvs|b5;ww@vMNRW+Hym2=@2oq#>#qiT&U}V?$_uTlO5pF7i?}Gc`0!Trch}Mn#QiYoSv?Y`30o+tWZYzGq2ZW<#K$r~3=?`7R6nvJyzN}!uQIgF z>w9-4-&7=~pHu)~UXGyCNQz}pJe`rFSS1KsmBF5fAvD0?4xxxcQ3Ez;{R+(uRx4gkx+`b{43i znHY#HvcyaJrQ@u3JK>Pq%Ah~1N}=a#AxGN00VKWt76rJaGNpW@fR}S8nY9TEbB)#$ zZ=KtP-wJS~!E-bY6L$U#%#{*#F^mOIn4!3o4N4sb35D52MTsqvrws%`;ICzutRJLi z7ei9D%ijh{avq{dX-J7+*)&P`5vceD zrw0=y9dYK|t@pB(zKcL~{AXq<*)G>=d3 zlRCFW!!@z#{u8Gj_|^g|!?>>OmOlSgbn=#il244N#yM7=K$Yy6tzO!(gLDnr1#`}c zOj<{CFpyNWDTkV@o8=#OXz!!(|4*ky5N#51dh0M$sZAnqnN+w_>CCq+vGd`rvj>r- zo^xNHdZnbZD3Jce^-WJ;H;(SxO5|!aMH^Hee#enI1nd-B)RHf2Y*)XH5Aai027aH` z9a)n2ZYe%hyg2|=y`H>s(;DM%#H%}-g`U^(&J|2QAAE!M3jP54)MnS>qBnX*4;eHX z@~O?NW2RZyUfS9>GmBigRGI$1)-dZ%qEi>3;G=0+%aS?6NMcXBCd*Rf1cftA8 zwTd?7@)+otWoI6%&^OZKg?~0tOjA6e%B;xf>Qs5jV0B_2tbrk;#Yx+EnKqR}iw`e71T@0NT2FQ@29HSfqt3>&psdf7)aS3uUJ_4E2 zqPLOkJO>laHM;B}KkbR*Q8eu#23-aNAvCm##KVNgjPJX!(1Q>8R!L`K_+R$xeYRa# z*Nat-1b{e9szJLH-S^J}3?=(0_bwau5(Z4333I4S+wDs{%S*2#aZ24HC_BqKox33=3`;&W{@& zjUyV|T69Y9PW2&sr1=fnvqlZ5%H#d99p`=Oi;=w)m%SF}l}B*z1{}+9A9+4Yl~(L( z`tz9Pz zTQJarSMyM5M060d1PH^Vh!}bouXo`{qC%bh9le;;EDk zKZNj)yY~&sY8#BZ-mI~~ny|So(E7FJZa{gY@mm$HW4I(@d0?UymCfG!vR6#&*?x(h zN%hrpeFj_B67oaR@=p!t&EDV|(IJ729jRo)@aTrdeUv4{rO~2-FB5{at>wtHsKtHJ z6@hVq^@Md{@2x{?{KQ{wYCb{6_u0+WpADLf4wTGRM7=zCGPXXC6!faUN{#lUT^GSE zBchYq2ir6dSprE_{Y{6IJHEKI^cNCcH3t@v;{w-*-KS3b$Zs-Be+j+e&B#f-S!*S- z5Tb`aMrnK;&4TQ&?KjkTvHT9~iomX2i5yuE9p-)n7Y6&GB#~FiS4)Rc91Wzr#3hvB z#&e;ZWZ;AQt(-R#DxBt3+Ctw}l9pFaZWjjoB8dkbk|gr2aFpp$x(UEX*pFHR=8eDh z7Gp06$W0ZtC4CnsgQp(~SEM>Wt&s_ZFVJZJ^ z?z5B5@8{98-$D`DS8b2bRXOPVDn^v1T2Q3O8Dlz*!>KqY0BxOWHr2HiH|l1$W1#W{ zy3nh|ppl#NViIk~v#ThgvNpAv*ehK@KqW359?Zq}BL=e014hBfV9{>!*Hz6hqSoMx zUSm>fh&j8^nSb!zTCR2XEdnJO)d2lpe=H2&C+>|s;mo{CB)kRf?8aQbPR168zV*oO zjt+^~<<&lx27G;J1 z9Roi&gZwLHVDF-+egtNG2t`2KS~B0tMQYU5@LI)DT|u!oEM8;Kb|G0gLJ(ex_@N3d zU%<>Drk_rDSuWEA-E6g{L~APssm)s&^(t^dz^4JelG)!J$)={k+0Da^D)Z~4OkHB? zm~(#b;gJ)fuXla4=}2)!MIsb z`x!LlhghZ7i;M29E}RoPxf%0K&#d}6MOudWVSq7nzdVwXI;XC@#QL;*0N}6Bf5b$j zp|KpzbyU{N)YqMjsz|bgU$0>XGOJ*xQC(>iw9ZL(7C7DIB1lIq)11Pu1~UE zW#X7{(Rmhsgf_gR5>Hb)vzN1+Rpqpmb=DSU!_ieIOnb>LR)n!!9uJTN{3%DEo|H*L z38;2NIEt;&(3p-e6*Td-71NXbrFk=nL{f7E|8pOl^wR=Jl7=GM+}x&zP^_w*)ChsN z6qUWB#aRky=rdp7q-r;M3P(?BVPw)S=49S zFZX6?XC2=OI@A}oY?`mvD7KdVTQ)0*O^^i^(`G7@c0REZD(`eY5#C*d7Ki@tP{RLw z2N6cnbUEJ82i*5hVxoW9TKuUJ$!ku)mDAzr>FI=dCnx6r?d2MvI$#O~1&>SQbM*hi z*jon0)pc*5A-KD{yGw9)w*bLC5ZoIY3GNQT-QC^Yg1fuB6Lk8Xf7QIt`_9ar=L1zu zLv`)5_wIG}xz=x83xIKT{@)I?8<7SjUzvs^QI-@f)VBM;DgG}y=YObfg2kUjJUWO( zXZUEOU*B0!9?0FkO|LEa#eu9X8&|fo`F8!zFQYH^+x{}u|BsH~iwYJyZhm{Q*+u+u zf26~$H}jkA|CphF`_*0y24WqhVo$R6zh0&4ZU_(t>?HkPE-L8X)?)r)jY-=g@yGxB zg@v_?`hPC+uP=P@RY9Qj7t;DOM(2~7xEMprldz;)pV#x>EabKX@me}=lq=;D<>BJe@jXJ zW5%AcVdP~2KnXHsb2PjLG~PrEIM}z3FIU?IjX?kYn2~+uSpiEk+*f4s7xZa>GavTVXt8=wGy-M1(uUhA|oIK(EO`*v@fUC z0+RbNjaA<}qh;>%0a_m5_uD`W-q%_N7Dlit8W^+^4A}zXr&~p^MEMB(*IiHT#|i3x zPZD}wL5Opujko!Hc)u>@*=;+^u($UZO);%UbgfC0+1p@WRS6Vb-F7H^DUZ<10V9jQ zo;r}wY9RR>DhVlhTdvnpTuIYA9WSxePz5#boRo?GpjdSo1T>QLxFGX<)J&@uH{YrzO_Y zPZ&TSTD7MPQzNrdUl0f3dIRK8=5plWCf#6XB{IzCO{#wlTHVl+hBv+D+U|6!$0)X3 zWDEHsA+nx*#z)3+)gG%{AV+-st7(@KtyqGnJ85)dDWZ|-VVy>pCY#?wZ}fLlbbyS< zH5aamTx_{)^)V96@JbJf4vVSCmGA+;#pLAntG)h@>LQCj}}dG<@> zpy>(*Ym1FZCNtIk{yRvXexYWZ=5BWm{ynzH>uhF%XvG(_n-YQ~zB+7|7u(1EMG%78P5%w;bGzNoL;#%Y+1 z_*Q#HVDni2^p?e&)Eea74wz28xCU%|A{>p`fJzM zj8*z4IwR(|MLy7eljgDK{4dnKZy8Fm?#vnr?D|Su^=*#n?^C`&p$>bLP4@fu23)Ra!`i+L1Wyl-VyYQ*--4 zv-G}-RiZF@a-xi|xnz@Kw%E@v1QvDN(@JS%(F|Aj=g|za#>aYYyX0REw>H#i`4?={ zdEcorH{4L6!x=1yn2t{n;YBn&ps*xpP>h74r8bX6qP@xmI;~^^f!S|CoX*6xHD|ls z+0aO7=p9(l&uidU8GN1*^`xWaL5ggjlIEjMD#4EYIbjx%FAGli+{WV}4;+~flp*+TOM4C&4&gP2rxRBTU^pds}raorEY`X*cBix@} z-84wRy=c6z71~{kG3?x;kSoBF&=)S4IMkqk{pw`#V#IiGaIjBIoEP>vO?_duazbaC zA*#$3EJ^fU zozVTfmH_~gGR0h1o)@^HZ10i9O!bJVJ+;8T_G>#?7mHM+xC5rky956%v*ze#=vSP+ zrprij{T;XAy?lg>4}L)M+*r_->(cbv52-Hu4_^m4HxmS8k&x8E@>wLg@65ckI#lW8 z{d@Dg@=?JoVZpyaOvs6^D!~cSW++h+IG5Zb$ks#j%Wc-TEdlHp_{(@G!U#v^^acIr z^xQ`&&8?#TGp=cTK4SbYRXrxeQNcx%Q5QjY?R8aPUtK9}|4cG!h1jNhpYgm#HX$bK z0Xp&iJ%G57vPi*Rq67?38xK6ouQl;N%JoK0jRw?{Y&r5xuV{qsRuT5c+i7lFoIf?R z=$r6jRqFb7c{&O9!ar`6`IPkXC~@1iWN7@@Obr5YXK`qS3#Duc9S(3GZ_cD}>;Cm( zB_CH%)2IDaeUn|Ca81kz{-qUI6~K>B=uBHN_ru?=M-Qs*ZvCcPl?r25H7=G~u{39a zCqk_rsrIkkxa~J*mS^QQ{@-axXmOWCdSB*VJRO-LM47dLnZ_ ?$?F*bABN*=vkFuy@uF_ zcgio-7CS(|)MR1vB8?jrpCQe)x+w{3t77OQ#77818EL~UfU;ocf!UjIa~K>UEHsI( zZ>(!Ayh{KGCRKGsw-IAcv3Ib2>&7tD=nj<(Vm+zekferl!U(8__EsXTuF9BA$*Y+! zUZ+&oT%2yI{e`IDT?zV_4d_G+4FHsMB(D1)3Uuk7TkuVFXnw%-m4B_lXqwXGrlm-6 zCo(ANniXVR%@_Zo>~n|H`3w@s$UhwpFI^X0^j(cy`d}bevIu*>!{|TvjXmixPANHk z3P^6R6=UW}P;zWu0aysSVZ3Cyd+PGb^CdrtV*#Qe*fbaiypY%Zl!{vH%`cf=?^@sp zXk31OvuY3N&6W7}G2Ob`e8hK_S_ zp8Qu+=AL%IOy=c^T+9vfV0AJnaV<73+b(P&fCcWmO~E@Fis-Cp_4da2(`b@i54GlC zB$XBzr~34_;r3mw*Ax1dVFk3Argt$0BvDy?v>imeqx11%dLB8MYc6dOzCP0?L5xzD z$1UoQPC|n&a`@Z4x!skL#USJPR?eq~N1}do;wZ_W0J~5G6qecGqM*~zu$PjF!E_S`dE-=IYWZJ zo%Zd7FQ797L8(tl$VsTv(+bHJHlr0*zXoGNqG^XcYdwlsupUQe#?Q-()p3Zf04X#y zrTKPyehI5Y>V)!QujBQ*-5{Lx`<32P7jsqLIS&*>eBUtZfjzVL+aLOYJuL%IXG{5? z{$0#i)?EYG@xET9@p9Aydy@v%S?=<9KC(2cm@)D#ttvtD6U=rp{<`F*K%)WZi30JZ!D6;1XYuxEsj@mRy!MXgI-b8|X`65uqO#DYa9;qa?>|}jz&WP-3 z2BmuI>Q5K9@}5=18zlPEfC|p@&T*IAMg`usa74 z+)IvVahmP8K)#smvIcLb9ct6`d#DhDZgs;Itg2J=vHIgP51iL@puP#sj_7@eYAfqr zeQtHTo35pOl{%ukI2KW-59EawPM~QE{K5(wLH^fMW*u@J}7_aX+Sj` zVuowINAOm|V@_EmUa%6@%kMBe0T%NVn(YhW@tSzRX`~6@N7ok5!;)Jq#?aV`@~jkP zPcZg4u*9@AV^mvHm!a1e-TC4Vm#zi4s+t&y81`uN*SzdvL_{^`LS=p8gkSnnWv!Rm zNnvJGE0c}e1g@9a-pPB}67`|7)yOSV8Vf%qOCQhaZ56#xvoNB^<;YQ&up3960DqRz zVa~$qX($Ks;mN&7`}0*z22XS}LDa1fai+WcAl3Js%INZLy%eed?l;yyp9l7$U|Ca8 zOZ=B9aEaqZ=fS+nnW@+j)S)_aQ0>mDs0DJW--k)HEUOJ|m>i80W9m7x_ta?>wT}pL zm++(we61m`|-BAdmr+EVw+J#8dcn^53VQDI_RDcp0d1}KS(Yhe$8 zNTfyO`Sa&#B^V9WE^lUEDth;rkosy=M`B5-%BQs$cV561fyP4Us9IWF0+-Z^LCT~J z(hSR^pgX{=9kmC98zwhE@jViCvnN=rJ2fLn(HEz?RDtoNKm|xigW5#j^I)L%Hunqh zSa8_dj@0U8w!30jJs{6vNAOQR2aE&ETM#rBP8Ud!V9?C8kpY=U=DO@{U;+`9V zo)cG876QUrZ8@g(8#oJWEE?OU4;^~e=fiquw9~IszD;dZNxs{RsB^4_%`9&8MClD( z^@rkZZb}gyf}nT&m@}-4{@oKPpdR7`_RA!n-eUAZ4vKXL?XQ_Sz2av1ULA&lw@P%Z zU39nczVU0aJ58+J61|t}-b#3Y(_BtG0aVUn8VZ(?p9mX_iXJUeBZ8suPaK&$rf|GP zY^8JFh{I!EUoTc4{c4u)5GG!vc{qqg`LnrJQ6mFm*t>FW{p5{JL_<-TR|9)v81cQy zAakm#5E^m$h>>M^fWcr+u^3V)6=*BZS9n>RX5k=vVIY@+PLQ7y{e6Or=~#%E=A7lj zf^iYd1QQ`QyuemY1?hsQ#0n%y!d#u~ITE)r#4x$PE`DjfA8ebYQ3Q1HO}x_mZ*s=} zOZd2K=uS`IxMX1J$<&j&@~Oh!wXi}y1Mfs&5KowC1Uc~R6ufb-ulYxbKw`jQijIrY z-oRq$Ypb5r>1tgPCDlDeuAdW+%ngEat7cBw7s6n0eC4|Y0j|+} zOxq;#NXbWr9MVCA0qJcxVF4KVl1C^!OMauhbx+&u^W0VrVoNz5`OH!Lb=Yn2e9D|S zie*!lUp<&A;)p9B&I@w)LD}mxF0&c9D-uBI#P0bQ6160Z>T<`D z!sk_ST5n9oAN-5x_NB2qouZvtiOf`{ZAu3CLv7-5COB#0v@_)Uqi%OpAGu{m?5vHw za$G|q+Yq@~)tgT&skEthvJ67O>kmH3=p`0y0mTH3X{o_jdwzuQ0jIRS zMzeVwU-PxW*&JO}++nR0st==@bH(IXG{;gM%{dHD-ib2RZLPIv>oTM+VQZeg+VU$Q zwQyjBvmvmYm|56eN`8}Ar!;snl|VnSNbD3<+J9h2iP7mQW*%}j1AWcv0^ZnTe?PYv%Q$48JBpL1V5|4}+lCa||Jg@6cdp2tm3 z{X(M-38kukSEyOOe0KVEg#@eA|EzN{n78SJ!~DLfd38eEc>p|n>PtGlMiFeFA%GpF zUz?lyq-(1^eX=UdeRVY>xOnFif06(nxk zE_i+ahD})enAcSjK5B*BBSv33P|puUqv3S4p91GQFXI*DVb<+AefeV4b7mHe%LhZh z=8uAH^z#?n$H|d%dF!K5JI5L{C@|d(XqboF&1}DhM)^X^wPjzSz*#!^UfakBPs(INVq~qdyW^T3Y^A# z_7gSg6@eQ=CaKsfU6ewXg^(-IJ!N4FZCU6&nz$+e=PWo35cF?2!d zR;>IoL7IS`BtnWF3w}PNP;jreo75cLg_#sQk+YOCkAJ5ex57owN*k}z4$Hdi6PTR; z(yVXdsA2iX_}|0v|NNC0;QLJh0JNkmTf~Sov(nt@sR*wj6+={#BS#|a3R$l=X!vl* zBr2f!;gs#>${s$KVyn%%?pqi|I`yzV1$ByoiWy}1Jce<+CgFCSH5zuolEqZ#_ogY+;gE(>g#hLee7|r%M;fbV+oRIYdX|X(2e<6i2 zSfU~}+Rs@&hNFgMFCa>|I9f4n4r8LCc`oN<%<&vce=wOmjTxx71hv4W$MUvE%nz%@ zhWlunQ<7q*hR0#^~}`ae9|FRgksDChkFf z{GS~LknM@|z9R&_KPq}<@Hgf_T@UgOJAJqGHIlz1BAUy)%L^O)Eb?|JoLKH;aknfa zfa{R_PVL}WKtl!loTwJmoCMq1-y(+qs9^gmW5N}n%}+XlgJy)aCX8&|bB<`iyJgz# zb#f4di)y7&M8ZV{2s``{gNGUVve2(W#tE~&-ch|wFzXrFB4iU1*YNcmOY3Dlf#hqi zA<6>A!gX~)Pgl5kKFfmFeoz-hiv!l>WqOL%NRV6neJ!i|;my+6 zP`)HA&sU+4g0{j~UXS5>-h8{wur##@>GWg8PqXJ}g3*wIpFY>{qyV1qL57o^ zdSO@X)GtSECUdeL-|ededQ@hyaIhBGw+A|Yz>uh?vjdHBP}XrE(MUM9;n**J>qsmS zJoV_l;4~F&*NRi$?@E1gp*~6?h^4?Y3)VqWmp@RiuO@QUj0%BQ+opxprOR^h$Yg3x z_MlwG)d(Nf&jTn!YbzH%%8yltS7T<%&HA($@owu)gV^zouoWjnQ6szGOTAc2es@@MP>~mfjEt*@#ha)WA8)L{ z!&f{tLE@tPP#kQG+{?*(Df$Q>{oU6Xy%9xh7b)^9Wyc%z#VKS(ENr-`e2RsVaC+MN3#L2?tM*x4NiT z%`ju!yG{WZ3MNVv@@_G)CIXNmg}u2bsfz%nK?sJ!^U?uZVXoQ-HCp+~+{WPehV@||pqqcism!!)=XCwbNz}5xZ z6;sosXXVduXaQ!^x_59q7O&KB9Tc~P4I;Ng?t2*0*I;=2oDH-s;VLXN1e;>m<7@N$ zAWI{-X;L~StQ5;$FN!}GW|)*&i_Gv+?Y{$qz!PbTlCWDvrR$NV>Aq7_dYkOXv!q0X zAW_nTKHH^uk}R4??y$(%%$shZ97g2h*dvUbZ-oky9Me}*rBEO&ZrmJ`Y(!nGkd##2 zHFL*=qOmr&9>$>|Cl>1n9-Ss26m4+IVy)fuH5$pAk(!@c70jnrTSjL9HS;m4* zf+j9#mtE|zH)d!*T*j!NZGI&>#zOm?*jCa}i)BYNamw6XpypRdf5~U>tY|DDZc5y&j;!zLY2Ue@5qg{e{JrLVU1*-YU z1F6K0VWAdMi2C%kePS&?NU2B@MU=dftU*A&5d#%FRljL@F{m>fQe?EuwjjS4OW_bX zDH%p6FJ>Ury>BRiYJ9cxAO3QkxS#Vq^_$J(MIc*Ba9PE~sPGYbJ{n8wL6WI$>kLT5 zH*|30kR4z1c8Gp|?IQosXI2&>w%!t6-y#zZqRJhCD3EjMWu>q*+s&G*zpWf`B6@1-@2mTVW+2n%c9X zC5)8h4_=MKN&Jqa#BZ>}b0OK*cESUH*v_g75}Om&Fx@RKPrUi?pzlJa!%*dA{GR48 z%5_uNU)KP8l5{!FuDP}KIFmvTSo(I3*@2F6ox8l!fEU8@V$1uf%rz01XgJ?#jL}VDl)kT<6kD7V;eZHBn{(c^KQ8^-We0#&Nc>#5qE9kTdGQ_O+ z238{Z7-2!POHz^9uMC7a($bTCi{8%EMEPBISo-WjsAC}0X9jiT+zrI=qEm?eBTomy z)YVomR@z+Cy5Z%(C{oUI9mb+$b#iXM3m&0(Dg&4r;gRPx77A(IBdfB$&J3yQ-E%a8 zypy}U)3z$sZGo@yC;enJqPU!n^@o$kt5obnB)f0WL@zs_T-9*f?27sc;LYW$HqHosxJFeJW}=g z|4N82p^KO&-^9X764Ji24NJ7s@2sEQxd4b zl~vw1@GST-dOR(L)BIN8wcFL>`syGhBYa&WY6ftshQ@ zHlDx{xZk2=0-g!^HTgn1yKP1#)RDFE{paC(QOnMyG;Ihs1lNw_Tq825<{~u6fR<3I zy~QDbv`tV!z8NtFTLl1A+$#-$tw8e8`K zQ|HT35p+c%6Vu>n6+yofFx*~C>ze>+c5pF)>sz2P#uu$=9&uXp3<$|%=`N2clVedc z7uW|uABf2$=bS{6A$65t76MN5vRKi zxlEQ^B5gBxm~T<$B19h41HP48OOC%k^HY!{-vV)(m2 zLIN(17q8}~JY4e0a(A98TutgNYBfqMpAAZSl!K_AtT3OAb2t69z~Op*{_pvkasVK zh>_RF?~9q}5JH0SpVoh+z5Ak|Oaqw`(1!cSVoQibci%ezae_mN&XC^HzqtZI4ke$% zHN{CyQ!nEy58%$)rUINI7bi6c>MD8{P5w25^JEAUV$GH2_VNDqR3)|9dmLvD7(ff* z?2*nFh{CM*xk`)zOM@irKyv08oXOV@Mc}1NAt==pr9_o=gNIHWBC_u>YRb!tj;qq9 ztD`F?Bg~%fKF4xavsIOj_prpQl&z4IPllTT<8A5-B1(hymCy{FIi^FT6tzUYFg*Tb zO(<|w+iI9bHi;)5s?d@;f%!o9OU}}6w+48l+&gPh*JI=~wK16RilOh*iwHl7xIk;+ zV~4w!kbY0BezSJ|AW*eJ_lt5bBwgGJ^R$z4hMXdAxs4_UTZpIMs-n`!<} z$cYUN57XZ3NFEnvrK_VDvK9?=+8oUAN17+!v|G+y+YB%3rb|7L*E%EK3ZhZf7*psZ z72Xb!l~vbP6bgK3ubFfQ;I*$6Y@$OJ5UY+lRmEpU?X8e`U($DtXNnl(MJiOt1B^u^ z&{4HGSvUx^3UxaDy6?auBOH84|Aa?OH@Em2j>{*(eud<}r(7w>@vWOx#Uv;exswO6r8Nrw>0^b7w!_yNB z^M82%n<>8x`Z;V~=l*!P8U5jL$C%D!N%WYipGXuNYa|`cNlK;;%lY>8jL+ngn7`{1 zU#dfABYcAm)6&aky5~b5YCrQoF1WWl*F#Dm zW+I0zM_j1oDvMwfg@zgFs$~a7Qp=ec%1iioThNOte`u|Y(1eD zwkqfh?d@8(T{~X?C1Gc6qUfr7)~33JXIB8*i#HASvc+Pv&1HOe;I!I(wUB-=zu|;{ zsr`E9g^P-3`^{E@plhOybZcImgv^bQ=w-q9H}coW$}^&m6;~~tF^8QRp`ETMumMpS zRKdT50Z`-RVU?E>6#(7e5btF3_&e3qi?MXY$>?m2G7r7+*9QCvs4=2F| zCboMdGi-DcLQztC<`!0-6&Mr=kyQI{-}WEPG8i z3`7$_cb7`#&WSy@59lS%TP6IsaMsh*zM11)-vMWdEMAKXmFs z-sNiYUch5I0(<8XkYuai&UL5#4`2)4ZMz2nQ$C7~fX^9^4|!or%L>IN9@XzpTGCEb zLx~nT*C(k(+}8uXm#fhMq`7wJ^Zlg1k*doW|I}p6(@H+<3_Oh#agipSB(2KAJ8V5! zp79t&#V6_=<#-7RfcFy3s`Gv=6*1Q4h#SzDYjOp#v^Mp6uE;z&E}dh}Y61Mx>J4>J}#+xXOM9p#<X&gKjv2fAQ6lFz}! zL;o4wMMh92{ZM?)(iRwYLzt{^&vPXgD=U@T@X>4~LVaa&=9 zVLneIisMDj(lyQXnhjh(oM%y{z1;sY&?j&9XBBQtMdS8kxed9StCHSki5ceSCmH9T z9gm<`(4kqTRm<2i#HqN`Uo%^mwoZ}eNtF>8g3Tow% zu%P$x_GB|W42 z-)BTbGVh@@D!lysAr}*h>MmMS%U|B%ZzJaMtK-dMZA0S?f1(+9)81NeJ)v1|#spV{ ztJN^jgTcr7p%!6@30g}@wc%ooLPjuApZtOp#!K|ur@yT>@d9(L936BCS5*YVLMnZ!}sCp0ew1mk}*INUhV+n$tf`*NfnU#V5|)7x9lMJjLe% zSoJP<*&9dw)pj@D{YK-do@>=yA8|-}T+~pK*q*6a;iX^ z%Q*MGx;Q?h;ix5v)LS#jH}$;Y?Qf6pklS}q*UfYN4mCG`HB*02dYViPTvLS{3 z(!ZdYfZ9?yBIXLKQo$gYs*6Ru;JZ<~7zPi7k}JqDQ6+wdl-9TH^GcEV z-WrV};FLv(7Q=QCk1{1LNyq)9QgdQ=mEky(5YpzS07%&>?&U9$w?OZRefFST|cyumUC`O z2r1wKDD!vTtJZ|sC-P9~U2~Hd(s;`)nrKmyGovfMD2ry8*F!5VGx4&1I|>m4bMDwpBDyjAy(lWHS{jA;%Od!EE}Iea)xiX zc;h>A8?xh0uL<4=;vG#Z`V$1Ky%uQbVtX_Fw%0VnGTcQxy&g|yCXEwA|6^4+tco zPPqwSN=4LFjbzGWdAxCK`tYT;%nw2@%7ZM)U~Y`bHDH1 zpUBmk_|YQfIbB;m<{KW?#2&?QF%eN1wDSt}hgSjqyEo$9R%q{tRqrdP%(X>HSclYx z)H;kWlqFItB>v(AVU*vXa5&zpU0m~WYKaP*lT*g?_%35A6BM_vie!+QzT*|T!bAz% zLyh|(LKAQTuamMqz}({YU84EJf;ZT5Ytv>LV~sd`dErirGveu7;gN75$&ol|JTJfT zQ+Q_TH@%rNXENk!KfZ$`KXnEb2r`!lbsF-@p@kQXonQF1v5IDA&{3TsAMbsd1Mbz92_y|5L8RpQ14{dxB}Y{@wZWPXd&4cG6!(W+V!3N|?Q6ylOI@ zMMJ{zyY8T0SF2pNmv_%IzYSzofQ*prgd$fv?`~t4+%XpIeB{(>?z{zCNAi zIk>!MeewEme|?2WYl9R(*isW`_1*giAB{cT& zp|Ebn{J0&rd7AhI(4H_dowY*2k}jBFzAb)b{nyhD7*?}3#6;070$%EMfiTVZJ0a19 zh*cW6m)Ay1*@ZCXTDV=elFt>2{>$x`p)T)6MC7WdlpQ%Iqry6zS`ysS4R`o1Z*yjE zmtrK!M*U=)alo}b+5?jJ%Rus{z6+>l zf(oDlb9e<|V4F}kJ2OGI8m2KfZA*Fzp5M}N$sv^wg@w_Zbtr_FS@8AqE%PqlhZ{oR zKKKzEVs>Ey8c<4cTjqzq9!5lZgkcufR0J>UxNPC%s>jRJvLznHOsQW(0z)EY(<~ z1r3ky$Ey{qpv93$d=WG4gazWA=EoJUK0V0Aq86gRsBm}CJ;C{L1aNxy!+NO}=Xgc9 zxCF6n(;ay;zY`GooE!MhelCncBH(s_^YL;P(zj{MPDNsNR7-I#B5drOUc$|HDb2{d zS+;%dBIQdIApVn59X+jS*JYwxyXu69(6)txBYbH=@UUF+yKAft?zzAmAO~(H-CX%8 z+}J0%;j;60@^3xKQ?%KJWBm96lSOmDe z+N@^;qKmQY+#>$+0bo>4b+E9PBoJ2oU+9{PAG&n3E;CPDEXXa^FPJwJ=CM?3*i-@< zPdv`N^KdxS;axNEJW{s>etpVH8@$&4oBTZi2|Cl6p-Iz>(d0R2$6Q?;*{k#d_nzvB zm@VG6%OfZlva)#JCF;uJ{lHnj%8psG=M^1^wO2oKY%tr1xlEFbmt)TOBh}BV@%&ID zwoZt^oIW#zq^$0*PZ~~EHZ=SEA+^b@{_QxX`a4xi zci!x=V_`cvfz)E}rU9lPEe5biq3j1Gdkli|dv4ES7`sdI-~+*_*KbO-i?*yHG~nxo z1&QnH?=fREHN0#Rx}u+QO0Gj@p+$`H9@W2Y`}5+jSXMZZ9y63fUOG={&vRmOYnbIy za95O7Op^&{fZ;K3Ew3qyR)lrWe3m^KhMHEFgnd9yq$%t?%I>@>Kb2oaNo4+_Q(;kj zD!H1Co|nTnhRV9T-a<=c%Est;C`B%d4f9Lgcn#(hmJOH(~)Ya|wIA1Jq?(G&Ag5=txAp;p9I%GcTM7X0foLZq~`> zqLRhEQb9=`s_ftZ6lvF*F3YK@ya=Iyt^BM!%SMCiL&S!@xbPuInHp}D7?VOTOy1W| zt556n1>7s9x4K16buy#{U?%VHV)lrSeRJ#x!SYfPJO|s2_?p}7^fNWmm%?MXrN3?t zVB0zLWD3ODiu@iSUR{*pw%BT<2^aKw?!!)<67geU4OY|K~)Zu%_3 z!N<;qvCTnZ>e&m#^D;_X!d86(eX+TW*=T1rLB~issHCC7EmLo#|(>h zdwE62X2*^Rsb^<+9Q?GJ%X{RjG3t$;JmSWj8SXj}rKBS2xeEI}QY4Y*cK)?mC!UM- zxX{2_#W@1zet71Kp1Zta%Wu??#;1u1ko6sQmc|v zh|8b;0P4`<9R(iEwLM)L2>1fu&sEmm!WXaZzoboHVxSdbZxC?QwRGg+E2i%AJD}r^ zT|L(^Z^vE=`AfZbv2&Xhpq;4C>B?AzopAOtII&Yg>m3ni2=Y2WtD7&)n~7jkrZN92 z>$sT^T}U!No1ukwHx`oBl9eo?S88M3C2VaCD%uzBL#r%RkUu2M(Igc8AH!i{>OZ89JDzofgem`$*h~EsUtr@Mt2zoS&0UQ zjo6y2dcfo(4c;5uY>nIbu*}(P<<4F2kH~$!z4|neWm)3u&sbb|f=rf*2!f7IIdaD( z@)D?oGOFTccg+9KeAxftrqa#vPt1=@u&7gJvrQ%5YtoYjk;Of>&dRmkKiRHD>Lp7v zN7ZfzKNDyD%!o58tVvd%@#rFmCpNIViv4Ej3dwMEek#?J0)<5@TI2m)kj*&%sDdZ# zi@pz}fqVOB=t%WIG45irPctltWJd;Xz;c%9PwDWBY02vvH-CHBHLQdHjV+j=dg*z} zvhdz}Ks&$SBxezpvbAbY@-!We-Ee%C+x*jbI-&;ok`hG9{K21{PA@#-wDG3mz4ws3 z`_Q*RMh}~!<@yYZiyNwT%pPrV>OqoNB>uMsRp!Z_%^d|pUCUtjl-6QnVXLM@0)ivE z%Kq)7kI=TRx5MyG!AGI0?INHD3rj2a7sk|!?B!lU)3ce9oV?|o)aA2&o=xnpWcJe$ z7PBm8v$PV~YO0CgxaxNYr16k09CdGbRZ>h8?Uo9svB~N|xcscRKDeyQ>>11V&Ni|Z z8lCo_Q-LJ`PWumI$BDKy!B&EA^AQ@DHbK+onZBP*AF*ff4jB2LcV$cfvnuz(sgmbDUpMYtdhz7{ZBS;AnPJFOUeB+A5b*W`+X z^2@Aroc#Oj0$<0;=N?hm#c2h)Byw(ga7$7V7I`6ffy!f1{JS5Vjys$vYH>Mvvk>r< z8xjc`_K3(^)_Pw&tX-uo*H5mVD9WSrPS$1x7XZO?b1{}Y2&#V0vcdGrfr3Mhsv~Pb zitN_@iXmrQ$vP)j5AW>QUL8KUP(!ISB7EA6o72d^Do7hHp=Q% zTJq0Uz5J{#bmj-Fmh~Y5iwA)w{}*HL99>!SZjHvaZFg+jwr$(?j%^zq+g2x?bkwoc zVFw-i?sLC;#(Bqg&-nHG-&%W*v3ISiT2=MTXU=D;{_5hqWg7uTBh*wjDC1>ieFHz; z9BeB)ImO&s1Q*(TFx`2%_S6`Q;$cSi?_+PC^|1CMC7{G@0}6#(V#!M)z;$~Vs%(qr zX-3qGHkTty)HJxAzY=0P9AjfTi$%^E6KqKYdpbG9vlaD92P>fq_+`dcKj4;CmO zAaHVZRavIbl!LeK^2;8-77Z378*;Ui9$t?vEV(R0R7L?kkzGmlQ+--QP2z6J&q@pV z>)9&{#S)2?4iVOmSjkYs$mF9@T3Ts`d8rZ-K3HHqgb?|K#1|+!(ruO$)lv=_mfi3$ z)(Sm2F)X z>S(-lL|wQ*cQtWJQ-H6s_Cnmc<<;E^sqSFUi94<>FU=bDGATDFAzw$Cu}maVvM;T* z>C@`3jQQtqNOE3A1exLwcD=l1&HUY@0o#vO0$bYvf?q{Jmfdng#clQA2JIr9OSTB-=w&=+}lOTsD#T&!;~o`&W($}QAfTl13pC1>F@#83{T4Dm}RC%U%kyG zA$?3;Tg5}f=_4e|MeTcu_FSu}i`jhK<_D3et%q6OQ@52c!G=dLimr276v9cl^8{!b zScg`>h&byLWYkVc8uo@l>A|qb+=y#s{4|Q58+G4orGe5(R=vB+QZd|C_>Hj~{&|v{ zZ@HE@Zr;GYik`~lAd43(12-bWf{TvLN=s#z3kBR@o#YdcWKioBJfvHX*Ef?J9{(%U z#ft~u4tUki6$7Q4ZR26eBap105pMed+?RvCpV=7Z5-(W*Ew0M#{E!azO53x9g6`ov zPjwZiW`+ciH=_#u?|uEx6X@xqOQ#UsR_`(_$z{Lj8KW*AR)E?gWh0n=jU?629VQg_ zwuGFRd*@<9k~^RsgzgcTt*vO^=CQ}T%J~arqdqQ}*a1bQ%et7Zqp26DCW&$G41&oZ zrF8A6pTNE}N_1jCkP@tW$CYHl>?^50bZwu`tnNxS0XC=hbEMYa}2hvKNtg{>IM%WG-5YL#Gd45|yMJlU8>gwe!y>`w zeGVu>2f^5D1QrHY;>9QjM4n)X*wJt9wcp`+DZ#f_?^uBkM@OA*3N$IDeXlncv1nV* z8!HFfvrc0xT&Em_ackiTlMNEB%rYm>)L^p7-zlc zbbt^1$Yuu~yn%DYnnsg8D-qh}lS{HXncc$g)h5FO`Am1KkxwJ5gAVBSW@Tou|NMdS zB98l_2CxAE`Mi@67g3jvCM(>Mf#1H-I|w(}E$CG`C3ynd=pwLoT8(Br5VG$W8wONU4$WGSSGAlPXAm4rBKT700FR}|efJdawXDO~vw_9+bQ`F=|K_HK=>=)uD;^jHB6&iuKo=WOdsEgF?v&4sK1=NR04qvAUC=@XZ*NLZR|{v!P&Y2M?6(=mB}4U;{LF1kngUTstRxz~w9h z5F)-9>?$B_2qRWli`NS?3b2E8lqM3sEq;IMASN2+d0CTwnP<}@f*Csw^hUnatq5zL zI=`Oq%>j|79Gf8MPfd(!7kk>eLf$WY#hX7|On0nG9>{^B@;~z3Byb${6AB_wBCMS# za2yhm-u{l7(u2^kqZ|z291~vJIi`JgECyc{$Q$;fNSY^sYnzITM6bMA4eF2OI#H66 z^LdqdFNQ;$$T#W-?>LeqF*q6zo{3DT7n$vXTbiXbWdS=RgQ(WMnRV(<;Hpv`T7xB} zPD6Y|ju+Xy@7VoxjFHS)j_>am#PNeN7BG6o7P!acet5Zkavo%&<`bvN7KbbEGqWietfz`F>MYvRegH4=7(ANmDxTs5`Ux0U3+Lu3f;{~DH5W* z$bq?_6&Fxp58QzCU0|3#pVM7{7}fP+;qS2;>UFBovJ6vKT7N>K4Wq;nfdg>UuilOK z>vImpA9vA!`j{5(`|WeH8)nklCm|icpWBjQv1RT~WyhLISKr!XX6fTKAq`LrZu31>?>DHgE7{tctd;C}>QU|`_Z{~3p*#uS+s#_aV_)CB~Z6tVTwf)gs5XHk>Yp>!G~ zY5LMYRS{H5YM(c8d;Q8#oCXsy%+uWa=E~^l3WyaZNZP?MN_*_$L3$8}BP*Ll*5*q;wWrKUF z_Z3uk7PhEEIMkA<@T>Pb1`mM|>d!*lO!Ti5W>Oh{;_p z_qbb|+n$eCM5lCpd#fgBhl|EYB`syar75BC=A%=>*jp-9Nc+~5h>*m+qh0LX9Sg;L z=ixQN=1D3Hg*hhS9<}Gcv+x0yhlL}jWXd(ha8zouNW#d2yK$KX@VRqS>hWOT71_JW zj#jMJ{T3ElL>Q0!QrX*rG1kV8QaX0&;ml*qp=W%Fx;$OZ`Y=Q%9(jVID08Wd$6bQh zII^Y>5c5OcA2S$R)w7YDcux3pC!udjz{vpDXKsW+uPFJ|)HtU9dfdEYJ_<^Aprb8Q zwSOuYe%$=@1Ks=4`L;95eJ(g6VHruEhKiCMe*oxM>C_*9GD~QENAVMC+yHyq4xN#w zOg86;uu|muTN|t%^jD?4p@9Ov(6d4H**4rcu>hYEe|`BEUV@?_%%i&P5YS^T-b!w| zy2}IQRbwa(GvW>fOk`1F$%wdZyWU5>wP4hWDK^0y<~lvxfzw60-DWWdm=c^gan~f6 zU;Cxr_re@V9jX!0Jgle%T#BzCzPvpuJ2qjWgyGh{mgC{DP4csXzLw9~8_F&z1uIuX zTp~H$v^w%1c8`}&7WBquxt*n1869HkQHJwu-W}?p| z6a`RYC+O}m$9p!Wv8rbhnM{YKZ+#nIH*Kw}r_a(Y+WQFfAe2la+6+7X@=Z4DRB;}? zFem)nX+|9EebWl|0iI~Y{}RPB-)0!lb^vZMR0M|H@5r(HSG;#j9KT9FH-(wq zIPaYt7B&WJk?>QZ#%3OwDRc_aQv$B{qc!s!ZfWtErIa1m*EY5lxHX2zvi>iP*+LY6)Q=zweiz&mW49$Lvxw*ej)}NrOwDr;I;H z=iHG(Z=O44s@s`8P9Fq+$({cXfH!yn^VGG~YS?=XvCbnTcsGXD}C{u9%M02NA>9!2}hlJF0nJ-zb`tT)>B_6o@~vG7s{E5e^bQy|MY*B#($|<=%}ya{%tR41OEmn zGm(|Kb7H(}#)Z^{CF90x2rZ==K-!2rPssc1nzc*Jh;9 z`zid>yh63M(-Th45Fif{bg!E^&Hy{;c^H|vD*p4 z2(p7XgR*=!F1+6ALXAti0P}yv&TUj(ifsuBLY*D(fMRN!y%^nkkv{xoVY0Z7aadvV zBXfWVC%mr(f6OAn+fNHKhVONbqs8F1r;>KJk8$CoTl>6=(H+sk``Aip7x`YeCm@Hf zxC550*TPo7(eF^v-%|z*O&_>d356KF?-S;^f>@fIU2`;cg_$MgrY4+cmXopR2ryE; z0?RP#>KsN-vSFlF*zNjTu8+=pKm7@E7*60Q&Ll);6JQ+pJi~B~wL#F!!h+YNpNM>; zm_|mv4@wP3 z5PE8zK%ezRKImM!VDWds0xlv=hZ$kV=0D8`d(FtR#J#o){WAMM^jw<9{WP9e^Fk3sA)^gj{>C+XmJXDLG>+mmCWz=sJaM>K*;~&gc!VDPsxS1zH4Q;g)Z6?a zT=2Q`GIjkx$Dj{5JZl!T)WQwk9rRR@K8{q=Kk;ANn}CMI1vWE}HT|!hA@s~tyO9_< zyVCSJ9cYgZ`f+tPAIk2UdxzV}es{SM+^QSMHsWZUj)o!7j`9*Aq#(AOe-lb51rK(n z{IdE=gWj|4>hiJWVkNkEQ(c=AZ@l!2KKqHCL)jExphGN7SX?C+XXP~qJyYIcV0hVoGs}-qJn@l2@6-DGD@cI$mM-$4cXUn-O@1*0t zbmubEE#|Z~5DgYg!?vpI?zTU0^(DVCmI6i@(&vG)Jm47-c|_n)n0O}TcexpId|C*R z$6WOx494QI)yXct*0w2`r8XkkY zDc|~8jPuD$c~oH_@1nEJ{{%3}2?5ZH16fy6F8XOkTH@`>R~CJ%N8DctUDxx_*ld)QP>C+sg#>5 zNPU!-9n%Xyqv_z7rMKU~2C)dR6w73FP?eBWhY9vrS$;iiZa%^Il?5k|E(MtTDNoJ9#oexJy9DmP|cnEtZB;~_rv)T^ll)%w81ek-TOCti))x^$KhPGx+ufwEB}Nkgb5wxt}EtC?_T^|PsS02 zT(%_Q%JO^h2zxo?^+%$K0Ykpn6**oNt_9r7-utIB1^DYWi(>L1vd95_upn8G=tx=@ z{@o&TYRUtuLqu6aAA-aIy|@+I@yD^6KH zc=UQS6Q-+E1?*#?6^1hydBYUWGMB!LXq1X!!W8 z!EbmVJo0UQUvyZ<`Dv0owuz_JZyc%L;f7*@#-z`B!gjNf62Io4ivIUEeEDCTdHn7W zPJO+^SDf?Ho5^n_eB4-H$5!_0UQfk*EBp+AMJprIR_YD=^!tqx=mm69bBM7#`Nvu z%Nh(*ApDL`1uo?eW&2fDWG*N92koa)?DiL1j6OGlAm387u{3`I!j!!X2#{pC@%u3W zC7njcjS^syIt3OVS5v5iz<5@;ugE@K!>UiF3D%A-mtAcm(kERCSO^>FxAJEQM z$bAj0BEBzqL*am#aGeXBpOL~sP=}*iTv-WjZp-WT&2~x5mG>{S8T+g zF#%UFP`c2Lx2_zxOX2@o5`2lwJNv%pZ`3RL2pEUGX*7M8eVZkR=V!4Iyn`$7KmM7< zaw>I>D@St~k>!r0vZ?fKzsF-QYUW$Fv3&p2s>lVMO#v%aW`jY(=Z7fOFkiyH)&Ng% z2OOX9mSB5VvB>40h|ViH{3gmy=$@cgj1QM8)QMBW1DB}c*AcPXz4Jz!V^{qFMqvEw za78?H>y$aXGGx#QX|$EWcPU6)D&D0o3Qo(2ikx`)b)3;?F7}S?^W+btY6kt_55DDt z4|C`r7Xiover-?yIw>NQ%z+Jfqtxi<)m9I}kE;Z2X^FO{YJ9#*lYjEC%;Pq_C&AAzks)Hbj*Q>PK!^tNyEuu!zC!0 z88PQ-U?w#JvEb!|G^bh2>F%x3WU}F>Xib4O1X$s+sM2gDTi;jqKQyAVh)X3JnHTk_ zBJ{B!ES$MhMu0>c9pVQ~_!_81tnAPwA6V_olJZBGD|E{NxE4a%Wb%^3bfKBRvdl-T zVYx!P6FBn#k6pw^iZ6?qRiqUU@e;cY2ue8yi4!)@m2YIjQkJ2x$ z*Jq+euz0WZ^LM5RC3W{DNe)3zpZ*}XAF$b}HSx=aIh$Di`PTIXEDQw|H|{P?8A4O5 zv^o*3Pqaj*I*gtX+(;iULAh^z)QVuX`hId;ojtI(5%kc8x+1N!m9e*LfjobHgoK_$J45y0_OlAMJc| zVeV(hl)^biC8MfVX&ITpw`f?DZezy6Z%|{hC7qt z%Lg~tnIY&`gNXwIc^nNfVryaAD(OZ}?yF$nM9s}1{w$C+s>{gyP7rZ_Of=64cp*~) z&v~XF8STI3&AWo1Z^Q(g{m@E7F?C&Y%_+~pJBgmO`tTrVAa>}f&D!)l!1Fhgx`Z@i z4L<9tDTR|27F7^U9W*LCMxno zO^=F0!J^evW#F-+7;gq+Zeq_$C7EWmxN{an29V0Sl5ImXv1u=}#;_^9Lj;0zxwvn*P# zY0g&MR6zuQt2tQ$2c%35pV@FWcA;DCtO2+ZHTJ{M)9+et8d?-M-RB{Ao$570^2%df z-k1IL3rj_7s|k9xzYN!tTdZnn14O5uw9|Ac#7|I3iAR~+iaWcpMHy|`wQ7pQJ=aUh zwQ=Y|Q)KG^)Z*j}I?xVow1S&z;Q|x3D%)%bF6I>bWbAV~dUM9DMbcGY7$|xtO%4{c z%Obv59g-Yg2po-)hH+-evO4L-_H3$CPBo3VIhf6aKgD1 z)iGe|rky{R!RCYBJF^{{BpYhNOm|SMQoBnNy^>n2X5)S`AvF}>oo@o0_^u}a%aX|l zGU>CX-9?5jhfq}ZDbjmwLWs0{@AD`WKl59r31E7e}yORCIP>GLQ=qPQv{02!m`>=h9;YgA^Rsmxr^koYLKrXf1Ie9TTZ8} zm;^k9+(vT11jQ<$bx!^?&}kt<)>w>?t)5BrfE?wwEe>|-61x`Pa1kDMYJUJK0cs*< zTI=KQ*p4bDPlbzEXGl@;il+W+LcD!VNix47et*jifBWxqq;u;bIVGkS0_x#jQZFUl z+cAR4=$xgngw#38JVzcT#pj}zU5xq$bu@uNLWae&R{}iG-88ni*ZSD~xm|sj7RM)j zl{GF^<4CmWhRZhkI2V_Ld$AO~Tgqf)EQBjNO<;xD*pZEUia!%Z539t!qaeDooFoy| zNm3~2IW^db0oe|kCj0G5MrBeo#bqMY{Q*sOhabBe*nL~(J|*#RH}E&R@sk{B;*3QB z@GQ@>TOQnsusz?SC-qjWj3potr*N@T@7;rnrVuewX_Ixu@kdb*=Rjg|9)Q`>OdKi7 zQL*Ayj=jMl-!!G)0fx4sn;vuiJcsfSjN$l%jxO}MIgo~43VTMFuox)YNib+- zzfLR*jjaMu`j$Re@KRN`mPT6{v=oXh8lPjaUXjuPJZs~W#^|ak5ob$5&W4H*QMvsj zg-03O_b&5B#0bhdZY{fe{@1^A8Z?YA(Y9$x=jL>WP{A2i`@EP60#9iSKZQaeqV$mk!VWg%}*-~V~<&WPp$j8UH zP4B^tP08pT$|yS@FAEihOjC$8Q;k?|GQG8eQ)UxnCI6)3UY{iU23V3`09-mqN73Dk zf%hqbL**Gn&p%vS-L>cG*q6BWfC_eAJ8;3x zfgpYPj7KRF>WGwBL6*}EY+4_lr_HeM6Zd1lQ}mVMN$k%~W{PpB_)~LXOjJkP-d&T~(@G8CIxbNxePuTAMhIf*$ugH?WejGpiZWUkEtZyjq8231$9B>q#Ra^Qh zR!L1Y5*B6xQ!K)mrijg@5g$9LBj^3f-P_^ERN!|H;ZKNVsgmu52eW_9EI)Y}eS^}* z4CUhTM{XRPx~E~VR2MHiOB=jdb>yTA1i@3?B8em31x^~-;gR*FUFzNi9S$v0xF;; z{9j6D)e{3gAL$GDHx*e(0g|O+p6#F?!@i^am1IAaiHU}d15gFMKWPF#d`m0u+L^=F zwb!E-*gR;6u@DzMx>403s*U4scLovS!k&OUPZAnfodyBE4!D6vA`C8 zRU>b!i`Zl?A=GDFmATb!69#|cfsYl^x7%>kB|*Dy9eBA-ezQ6;HM#`lv#{u;4Ur1k za)R6(XxZ?oNvE#E4gNv}0i`HPs=y3-8u1%SL!S!-llpx6FI93%4jhx>kYVPuo7|0~ zF5tY4NODKNLo0;$w&G zJk=&2hb&&4#CNx8ogVLrzaah277)J}_qL=gT4#wy#0D58-GCNW>ZB1;Eu0FioDUIL za33(omr{1ARL9h0ij~1-E%=D(>WcXfT>a)XbCHaB^<_W~JvdC#cN8MaqPDuqAKj06 zTYwJF-{V(s)U|_j(`AmO*_~-|ea3W8tc0PZ_tNEU86(yP_GU7aUwi!K1Scab`MkXL zoMjTNeqR`eVbP`Ulb<{Xsws4{7$xae+@I8fyV>84jtFr$!EX#jVzGI@c7Y~1jdl8{c8|%r z=rxvy3rJ4E8@ZsZ0I+XoouwLPHM!v*&F(%s6H&g z;`3q;*&QdK_F#pMXt@?tPoy~2i>tbyEG~i}aFgH1-ja5S%ytf3!Bn%1esKy?>FM$@ z;iVF109Apk%1S_il4;7XpRx2F335_j4=)NJt{h5)4NOpp-h&1v za$bW%^geWB-aWMTbvw*}#t95FjCasurXvh`*NaZS2g!Bt!tb~a@+*zToQO6esFfaz zvhn!e_vAJQ{x;4Y@Y4pvxt0gK7vLu+F3S6M?iLp+2sv9aL7W!`rtX?tEDDhE@$AA9 zi*4W|Xid8>8`m91{;;1#E2-oSl_!Nt@B8piK`YcIfmuT0>=x>xlb0@RF#)OenV^%>gphQAH`FUsqvXOY(z>`Wt zGXj4x_US#7Yj=nr(wv=Kmm7NT&C2Tb_Tn7O45Y#Z1~))6G0T}Y6zs*gZGBGiJj%!# zzbFKpDrd_MGl4cW)YoFT);OlPSVY?)?1V5&d)ODpF{e+!y?SbyJYe3YKnFO`sHn9C znns(M3g-uk7x2aYBG$~JHd_vTi*W_*R2Ma_MJs|g-C0oQ6AxI3t#p*bcZ}VRHVkLK zL{@z(`-AiQS}na|Ve{QXkYD9U%WpH~?K?J3yM(4|fv>yI^AgGUgt-!sJJ?*lfu7p8 z4?lKD?;e>L#?0pRCTa10d?LsL&v0y@FFt6~F(Mz9mb0#4-Np@+jA)MMeU%}tC}+Mq zy}jA(!@nNGZ%HPW1^-U>u*;O#A3d={HxV5fs0~G1Uq!gGuw|vV=6(F12N;-5w6~CI zpo4*|L!>XR%~G!xGna*Gug~E+va^UmLYS zGO?@!5~d23SVU$-1c2_CL&>+g6xZB* zCRZ>K%?qzv*V1;@0*R$Z%v%-HLrl3iVn$x1ws3J|Q&^OQ<1xoGm(#pB>AO(t2%BD- zx$xY5+Uvmn>D>Oqd|jb`5I>^7QO)$E`BhXq$UoSUT}__%lweGi7VK1eWqFKC9M)0x zLy`Jb?wF?JBMtW4LCt8L76eMrmfBnJDt?l&MM-{PeasCj^-pqESzyn)sjDWp4|O3* zNI~+sD4b6)6lBeQkt?2xt2J=jb3p#M<`meeRh;8SeXH*r4!xA$MHu3KGDm)gi*)GE~NjX z0DAXpLji4vK;OGHhwg3#?$G#1!*0;Wu~H^~;wv%JQ0|ea?m?*&nfCmmT`6bhu2jpB z7^`YBTCK!rD|zH{s)t8uof{6gXU>sAc~$wsBr(?1S$DO6S5OufuLemgunwTj?|Zs4 zsSPQic%8MdIqcsR+uyI?Ne_0G<1Yp2+~|?TLF!=h51IZ@gg4~>_HWLfLQ*zTefGaO zL`Qj1t%V6DQw1;=&nj5DE2}!}e?8B1+b(5U+YS(W(<=`_DO~!X)f-GR`kPFF<;0n9v0?N-X}P3IWJSi1-cmHb2C3U3Mv%l z(RQypIM;B5iooZ?f&XPi>}dk@`)Wvpof>hyn6D!J@Tt<+I8mz_Y$A~Of_L?|vYGW! zg9L$yK@#girzDKJ-@7Un;|yiJp&=oK8_;7q4E=JGmqi>eF7MOOk&DIMga_}An|>^> zX)boJPt@qr8kSq%1eo?dP#vi0=L%gSVd_JF~{s%W=Uc*Y>ZTP%b%d6*D1 z@3R*y^yV8-;n>tMhVezWvx)(NnSiX`%bd61ih!#ZD_n=1JH5OWdrnWX5?`zH`{Cn_}u~kR%T<0Tuk*#j}r_Bk`RwKw8ipi>*m~TI+;RZ0gi2MPwAa1($8^4iF z2%$R1(7lz*>}uOl_xANH+kxpWqN&?K)yVwWoJZ=F%<43h_C*xvVi6w$g?_e?2g9x` zz9Qf|`iOm9>WJripxz{2Ab0i529olKYl}c~EUEy4$egWYy<;9-x2G!O+5a zpVG_t$jSR<>4QK}pe2~20$9poi_7~0`(atR$;kM#HoAlG+q5TJsTVRk?!4x9oU9Nm zK@2y&ZbsDDsV-1fU%~BhPOj4Ef#_+U4d573>?XuC**SGoZ#QIsmzq9tf1dfzlaHQR zQTXk81o^YEtqoHuCU<_BIzo^P>RhXgjENF&?QZJ3?0B!b>|Dg;E?#4?Qf)95JAn>u z@|~)vBjKnpaorOAg{Jr^j{?6YQyQkOqHMIJ1UVxahEH(_b2yYrwlSR_AwlSBr!{Z?BPQ+diKGA!tk-W{ zYx>v7OCp4LaX(j;&BJMn%2~eyEl@`%;Eyro8Yt*>(n1iwlq3?PSNYc`3%_A>c|)Pa0|Nv5B|Rh38>KpluEG ztQCo-VZc36XHJTC-d>}H%_>ZdIRaLMvnU6Bm$IE(kdZl%aVWzGQYP6{asQD98OuHg z0;Yiy3YKp6iuRBx-ft_#wf-7z-Z}@R+nBv9Mx68oRgrQ6@sNnHLQ>ut3s{4@gK4z2&?JU>r+>~?116ei z2m4DV)j{{s!K>&uub2~SBvi^5S|l?wYs9T6m{FWE<*6#c} z1-6oy0iLdBLEabLS=f>+A~y`h6s;lq8;{*Ek1fMTt$y|Jq&dQqtF_OQ+G#+UDu3UK zm!~9}=3zLg;uSIrBJ0W3eOST=f3~5`9$dK0%bYnbm_}A*_RCMSYJ{O^mMHjna#`xI zkbT+mpX5JU1}JKE#aeQXB}im!CB*hr-p=D?^K5@VW>h|&#<~->)l}nVp25pVp-(BM z9rzn@?^bv|$bbp3;NoG$R4H?i-Md0mu>+~PL4mx>_4>QfljD|n&U1S}ta@JM5R+9y zzQWhkRiX?>Y$i>A#|^K6$eNEhl@XP4OatbJw0I;LOgD%SL^X!;sn|DCSbR>V;R+1g z;Wq-_uTn+%SATmdJLYwCVa$~q@4czp8)1NAQWk~%RAeWttHfPW zzcH;(keh{Xl1H*pML|Dmzy{kIT~c?E1=ipa;DesAj%PGr0U^J(U>eqyHPmkD3r^3lA!v8*S2EluWHg=vigS9Z-aZ*oK3#w{;m;xxbBQWa%?MH+a`c+aqr_Gb z>j{2}wJ-DQ3kj-Uf6z_SV=c4S*}ACw(2nVZ5I~58DO2fLp)UlS3pmUcV^apDdcY)W zz#1EF|MHbOUcmQNSzUZC=>sADIxBnN04ZdU}Xg>xvh;_e{Z3NqaOoBKR-JY%no2mYjbL$YFBunTo9#Lv4p_h zB-_@Pa<8DlC=qaF5Z}Z9`^T6jUS3L7B`AXW4v8>osQq3JF;C?ZyB+_w4q!$0b+<^q z_M1s*SqEV}BVlvsd+|>wa#8_AyNUI}(9kLpYkjPrY55~xf_$)@I3J2V*kk$NVVy{+ z{ARFXWZ+a|WXcDKF+^GuyyRIm6{03JXi=q6k-bg-Nc&*Z^#FjWSTf)NPR5#f8q&16 zp%V7hNGM8cTL>TqL@(H>BD|fIrEm;PXrh#bi3t0PQ5zXby_ur6gUiCgk-`*&%EX3R1>I-QK9=&FsC#B&4OHh(B z&vimprbC@wGz?d-6V2{6bgl9~(%@~XI>L&}M-iBivePi|nH{cU)VtvwmSc*o??kM} zu=0PdI{Hh43&$NxX-`YEco+U<^8_kP>i1KAZQo*R6bu%uY>#_=dZ10L_t<#u-^n({ zbjRFW>Rs)B8Q6%$o>e|w4k68Bs-?dWqfraMb9y^)csn{3TNMjp_4|T2tGE+=VR@%@ zIj;42?D2M{A=^FQU3-8|6>!3}RP<*K@U)d^IC|@m_OoZOSR#Wl3P~{W^JBu0KcEDP z18X*KL(Y*b=k}7oemGU=mEq%7i)lZRIIU#Wn&`3X15`G2nR9;>U1@jrlYT4&Er;x~ zg@e!^d-m-B^6lhkk$cTV^mERdczutcXl>I9X>W2zAbO`yBfR67j@*5ct?vn69DH0R zz=Yrt)yXJtqvx?CKt)SCoI2>0qW@u3rB`h}l(G4CE3Sfy;ANM>a82tndJO&^a(G zV98GP`5t6+KWd(B^OhGxN_GClcHH!j_t8_0Uex60>%@1p(ZfM)`H$aPO5UcfkE5s* z?vl$Hnt48#9B-#HSOle`#a>mv2TI;Am1!!{fB7^=$uEDp~~rV183&e<q79V zOO*RU`_8ZZjOLV$^O5yYYLYo}Rq7eO3t=x!6=X9}(bu#3qTAz;#!v8R(lJ_SS+|h0 zdM+-JulFX4D0nW2`f*)MH5$Z_y-LXLVmlj^Ca2J8F)}R@?Hch$Dije=)55lK181J9vfeu4d;?1y=*@!cHS7(r zC1Aao(5g|sIt_Y4op8THaHJfS?ZxdF-KlL@%35ki*BsQEB^6jlj+yStK%6aoM&1b# zzKbn`6ZQ?0@`OBX4xJORHpzJ99EI96S<;8QJ?2OQB<`wrgP+Kfxv6L!=&wmH`cacO zl;%kAIeONTf`lVniFCD-^<@E4;-|%#3l}Hjo=WmLHb%oQZAsO88`vBesiIm5i84Vk zlXF0?nd*LJWh0oCXs_D`iNZEy$vu6>1#HvkG+9$SloI&h$Yr6-=vgBhqzMpvtS{a2 zt%d!u$d@=Am=EN4fR($q<&Ev|_5#pZkG;OjP?UUO4McYKp0|CIeF1Xa;XzB*lG;T* zIDdO|6&a@(a`5!k71|@1w77b9#W3<0XyfuB3K4hN`ZVMdopGl!h+$@?f_Q;LGI{^i0l5N-zY+!gxgDZ^?TzXJ6u1VD%2W{Y#Z3 z=~9Q(q?G_Xy~k_rwp6jIcV6gGjCj-CK~!?Z2ZzuIGdLJ_r2?2xaMTUz_d|jznJ%Zk z%Kb~qijj($aWA0aj4t2sd%(B9M9BYKh0!7EUs8T;n*H;$zg#n?gHZSKF#ano$Nwws zsFwjMN{mvs#^e9JLCS78*TjEIcK)u88swk_+Hcr3Z*g+eVYLM-#2Kb4A`*^la2?HE&uw_oriPH{xAK^f4JSv!2r6U zaI86OTK@$~{l}v#db=U~eF*-$#rmmWCC$xnkCUm?*8{TzL)l;J?fy{wDw%(&(yr}4 zAll482#1j87ZrH;xTP@+Xn?ai-rv=-E_9SWk>=gJ8*^CAsgzVUquqX==<%+{bna|W zCb!&UcBDx%WJcx_Y9Xlcz#<6T*XZ@=#++biX>{9${CBFmL5(lMY`qP|)4wpy)4rL{ zNlB73u;8uHq8pJ$Eklr;z_nXBB2kuXy@(NG#gvW0l!@D*l7YX43-woUvVdXGiBCw8 zvQZMS*ap#r>kB&l%V90F2E7?U4tfUE)zxvUZUW^9fYuB7+8@!9Sd>20{b;3PsHLg% z{_CXN_DHKjL+qy27$0eOp6(pQ-R-brh?eXNaeLR!kTbEDl4Hrbd4ek;6?W^w@^xAy zK^}~*reGv&ZN-PqunD=Km3ooao!W;$m+JqAv2zZRtXa4Iv~7FZ#`&}MIb@qg`Y+X848zwjad)ucLXpuk|%z52J}*OR94=cF_Oj7U(2@Nn&Lz_;Em4R`{&g zvWsOrT(x%P@G$>+!kRv#rW&aXHT7rXy^+)UB4kifKhqDEBBH%9LV{W&)ZFhEK1ylN z+GjhQ-={hXqCV#9!Zk5R;e5P;_eI#_pK4QXstUR7R(;+m{zWjbe$UEwQ?!dNFN`KA z<;eC^PT$X0r0e-?&w0cg`)=)Y|Hh@7fo?x@>Vp{~Y3|tVvJ%8?B*w&o1K6x$JS(YH z#^E6SwZQW{ijK$I;p_Qc&$Ht$A%s8ue+_`1VY)w|(7wK?;8b9_(XvA)=>7TbtBF8I)~`TcbFaajmCMSAXAGh!p*$(&hbFj#NhIH2kLk z-ju$NVeMB*tbPMfa-X+vlh!H%A}qZ@XbC_`)i1j~F0x<}PV&B=XP5_3|15`IIYN&h z=SB{%PHjXDf1bL&-LO0_r&i{JXkEeE-q?Y}Lk^G_ZN@x3R>9S>OMW`CCdU0YF>gH$ zlWCvV$hYuWj_iTQ&r|i~5AyAMZJXCw{;QE3zJc44_L&0(5>65no-QAb3vJ9Gk8(|0 zw97Lq)FZqe1xtd+FqLU?NK!u6x3PW8I^q$SB~Su0XJ`0+!oolbsveet`2Qc26+lah zj7k)AO4NdY#3(P~nu^+gpq07uiQ0AlQ-6E0#yw{rm~m|GeZa5RTi|6`7Ar=H|9}(Y z(aucSC;nf2jR82YGMck*y?efyFT*ugQI8qdhAe+VuZmhgL#cR`elpi3EP8htIP2QZ=I>l*Abj5v+Yr29QfXKbY_<)f*+G;YLc(H$niD*FcsnY%l5$R~1(cg{R2>FfXH%RwPqF;Lx`sA(9#b->`x({^9H5d;`0CW=>%376*-C; zo7dfV`RZv9pAW<`qejH_GyN`U!6{ZCHF zAJPG-!O$j!A*94Y5c@}XkfP9WF+*=`I1QoAF!rA|CqE7dp{hX2qLdQkY@v%&(eZ;* z@0#*5SEr@FarIY(Z%zKST;T%^O{Fr~Cod4-4_;iA!sj*@3Q9;0O)Z$HiW2CJEPA@= z#H(XU%+A;+=XBUXcg?Em$%7@0#&lmi!Mq3n39#}c93mzVOJsG<3(oc{$auu549n|= z*cX>_7_StN5CbqP^(T}j%@Am~n_(;JD@E+Q*d=Ct9xd~&``%TmLy=N);kMRsiK7^gZ3n$AoJghkn-Eu+72cdjWJjk#Al~T>Cf`axIQo;E@;dM z=#xbqS${`4!>&!A(bxi`^|7p;C}bQDN$U_~XJvIMD9sO>-P)X}V*X0Qi*UM#{^#Ko zbGON5MWdOD;5QIv?5GD?MU4v^Bm((-^(8Zw&-vb?ds0rf9l~w17Pa|s)@CPG2;a`J z*E?aaAO`?lUZj1Um4USr3lFo-OYi=U?*m4Z9mlxQjQdE3C>Gd_Mv1T3VtFgH{;ToJ zQcZr-xO{%o0Lc_Gc#Ji&4?A8tU5bPl_)%_Lc<+R@G1bg!OgU*Ir%yE)FjSMWnF3tV zvW&$Qd!tCCI+%|bX^nlnKL+pCVQy8&M(@YIBf8!#3uyvonUH%tc#s-ew2yEt+}6vh zjhz%?u-K5%Xr#w-mm`YZ1~*YgvWY=sZCr;4U5VhAh;1n<6JaLhn~r}xF+=tQslH=T z7$0{C9Ia07*dw4wz+wt7ED4XsVzNTxfchY^SH}of_XW1SA1b6|Mu0bB5QyGW(b*MCu1>j3tOA(a6mz|nAI*+LwkQ7QZoXk(+nLd4TdHxPq&Q)@V2=wXKb zeb*UUarO(y%oiHOOfkg*92c-d;vsx03b!+zn5_9wS@fTQLC8Nh*_XeWoQEthL(`fI zRF4yc$Mu2cFo87dL}ijgv|L`?yBoLwe%ymuRGkVst$jJLqKn}s$D&=N>&J51kAG;| z*;sPh9d(Pm@=e2FZ$msCH`O4k{QP)XSrOQ6m`TeeJHyJ{R5GO8>++$gCDud@} zrO`+9V3~!MpA_Gbn|$8a7nv)D2}waUe#SgmLvHE<)cY0=2-LVS2pV7+@C{2}`EafoGH(1vv{2S&p3tIp{b)bnGi z#N3ZYZPr>47U4&M)x|}Vor-qWQO?!+TW|je&fzlZ1HVcZ7a^)IydyN-z_D+D0faUWvJ6;EHr$@y@$T!n*DsHr_x{ z2vY)~KHk~a{d8e}sh~c=oY&6KIq~=$XV*jX*y#!AkBPrlI=;-jdd~|cH#q=3VB$#g zr}1?z1YLEcNO;OZc@*SP!!y>@KS~o)B_qPMn|J-}B8Ad>w^*?Bmpg2cd-cUeFB)mD ztNgZtq142PwE)q?Ya@J+Bg9O|uIULJ>Bwm(XJI-F_+097m|^&aD3Ie($evM)ArrBp z&Lha{F){9LH8_)!qptRVC+y&Ihfe2`DeJ&4aOw+UJpgeg7rL==QS#IIFt1(B?Q88m-NxLMuZ#di>F_VB8j0;{{`@}9kE`GqDahr8i zL{6)R9Y+37(u+b@o0qWy_p1dp71z1SixGujauGv%A7+O(sII-&4#Y>j6n0}M;%7f! zC!=N2BK0YPVd*&DxUjAlZDw?Qzvv{lPaGs(y=XUFNnU~2@R;AVS~YnEv35e3z5eu% z)qPbQdtWyMgFsgQs$G6Sy7|ns$H^kSp(6Qws&=@}hBsX=m=5RU#Y^((#iYw&;T!gj zOw4%rcKtAWriAC3o}Z4~xZC=9I09FHJ;XDQ?_;S1c>A#!l7o$ONPr$LBQqq--$qE= z7{H`a?r_q1cm*t2@ht@+4vMA2a1w8y$4C-EMUMJf_4~<(OWNasCbR?a zGMY?C)A(F8v4+WwgSP&$ov){k_fM@=P}p}|CP2(AWpzgTo_UrF-`$Xb(`-tq$JP~{MM|Et79tgc3Wfhoc*MSi*?cZg-?&Lv>uP!8K zwu;+c;r~qHqg*fX+wm~-NxGQx(ti1>YKdIuLTNXZdpNqhiq2xSH@HPtP{hv+S4$@s zceF`?zj;qV_*Q*2{`&3W?b^$In+by%2^#dEs>e1$&}lAI6F{(u@pto9ZOk4KB2gg^WuWP}GV$Vwt`iUx$S$&HqxU1di7bKm8FrK_J8uv9#e& z>32>3X5a*V!#nC?h&Ds#kQeQebLb?t8!TFB8QNk}iZnK+`*hDQ|L52kfs-_msmf|_ zJ4G(PwgO96iRQ3s-k)Mvko%?cT|7EnF|4RzE{$8lySN>}d9H2Nz9Zz4zX>YN*8ww( zCSzLU{IToA@#r0Gx$zKx?41l5B7~G;p6F#}FCbM6+2qhz)D;}Fl+J>dJC^9fhB2FO zI(p7!(?^BFW#`Wdq>4sa@Z-RJciCB`5RSm0amWP3i~&SBE`7sE1)(F3r9@%k)vPnb zy9cG!sn*xM-<_>y5Q$P;7T>uGS&;?9q4dM-`F+il03B~BB@~1Gslx8)LI?W>=8^bq zn@Szevx0Beno@T;crHgnD`RTt?9M?ne~f3D4~(?1*jZ6lsCy;Q@W)`Um96^Qca46b zGrsTJcIcXkwUb0Fa!>W#uk>gT9+D1$`DFqpKV>q5auHo!@>te8BX0#Ho*Uipt*kf~dz^;7<(U6$K^rUy;}YodvR zzj7r=;Fx9*Q?htw&x!7Cf4`x{!o;Sg z;1kX###(=Oy;FWaBG#H(+tLSZ)sca*$M}UcM8cpFU}(%k6BT)FD2cQRX=%npAf&-R z&t)Mhtx3K~ZzY;EBe_4ZAd$fM&muF z(rP3y)~oUUt#7t3{e<^?qO`(ZFe}DngE{?JZr?OSa-rdQ2DdEq30veeDEFv@`OehT z{T>{cnMVjpe}BHB!)nlLgC|mB?S6A+LxaXx#CKgx60E{LaZ+L;=);I0CL!7Tf?=tF z4-CXM=OFKxa6o#T>sohcdm~2U6Tkk$sP47XyR`k4Jc)8hSXuHJ_^ftOP&fbp*g?NB zV?pBmcDR!vK%85>A>do^gu+*0-nuBX0y|v#L2!;=rvfVc9k4ShNYAOF@<-N67$`O5 zhMcgVq3+#=l^VbMoi}rufJOv;0{f2~cOYmwzn5@6CA(jm@qAD}XDzC`Q!mn3*7-Ag zM$hc(;LB%%S0j+F&1z8+LsJvIN%X!SFG6PYyo3K&@3nTMn-vZ!uC&=XW9!xMglF`2 zK()`d6QJg$wPnqe5D{Lts^Fe6%fIh;yRY76|OjR2<8UI$2{SSroYPo>l((Z9QSXyu^$N5U-%uf-* z@hO#JwL?fl)r9l&&N^3>zpYoN*F{a$gDhO#Wx(^PS_us5`lMJI+bu+G9ZLzX6Dw8b zQg$5kAn7DI3=F0N!uK@NM=MMCk^EB^kD?JVh^OOzz}#__H}Lu5vF0^)f%!3 z_u8hz!qZmm^NPG?p2u=s<`%6ivbcm7i`=)=Y*ND!6~c(3lGk7zkQr(EMo!U!S}F#_ z&vJ!RB;Gs}Xu3tHTlPbfnVgaD=T*``9`{6~$ zP$V{UQzsaN%*eo8)@618qrMH~0p93PK{WA;8mh{ckA@BEiv?*?_vs~DCK8rcB1U5H zeG7tDZVIcSsKK1fI!C)L0DhR?x73QlKX*hCQ_K-Os?PG3w- zC+_HSJQ1#A8Q_5S5CB+WAc=(}O5^v!A0y6FPPmtN#l)`3R`}d&0kdMSg-FhK%L=p0 z`_E1>T7qB=Vqs~r##?Wge_H|%sE{+jJg5a$Daa>fHxiF9j#0`V3(|&sYVQ?y(ic^_ z{+Jc+xo&;+9O?`(bDukm_ECC*m>bulQ705R4GcXlV|CAjJI|uv%m)VBERjSV2ucs! zWgF0xa4*9-ZGEv&ovbk6x%`^4#xS@2W*J^a=GNDN08Fdm3-VKvTwNl1UtB(o5$_Jy z=WoHsE6wb17LtEa{KX!LIv9|6bx{vfzeO1f*#cjlPBWj}wC(N(ePB*WT-!>pFUBHO zyq?tT7wrB-g@`NqMaYE)UYRW*77^_Qih`1n!Ic6vy%;#jp=SiBy7}5==G7eLT#OGy zE^|@Uc;U>yq5Rb>scHWF8%_)1;kkm!qy@!5ljPkc5CidgLF5Q@oeVt?bq3aS5yShm zJ+X6Ih--Us==3EX!DN)~vVL42{cJhJli!i{^6F`C--ICWF5quy3gflFhd9&xpNL;{aEd$^$+f8}AkTW`DP- zzug)1fD%>on38uSL6Yy(8>2|pn}d0_Pp?{vAymbkyJpPT5<=4R`W(wv2q0JSmgnE6 zgq6y;pe2c(mn`tvHauB0tIF&bswT2xkW#YXm*sspG|wAt>1jP?6bGLg3nxgN`o7Mr z=0K*8(&6FeHx`7|{8%wMB%o6FKDG@MCY>^?-bMN52h&wc0;@R#d#9e&5BK>< z()CtA>8{)qq=G!)J*$mt&EuDruqi5lkdC*wDmPH6wNI zsF3xY<6T)JsI#INzdgrmaxOHdV=eG!)!`Dxvy8H)|02KTgz4TWey6g#5t4E<-Qwu<`2ErT<68IaAr~S@80}<0 zzm4OW;I9RRgDFI&nTBT>vs6uDvcvSW0TaE7)Nzt6m}ePx6v4r!B|f``$`*V`qVg=YcisY2ue*uv2;efKpxwr3Yi3|=I^anCoko!6`HRtD5;WfS^!XvpA zOdJVqeXRE)RxSVeQy7IH-+$gtoU!WB_Is;^k0no4#YS9gw&ByW zB?@l2fLI4^ULt^PQMI796@~oV72Z-9(p}I z+PUmH6mB1KQfBaTZ-4yCn&X8Eik{yoQ?}RX$nxn*b7bwK3KTb$FyA*e+P7u}=1s|{ zR!9iNGEHK#)&@(Q5a#yXEcEhgZ+sXafu+93O8Zmm#`{A)fn5-Q~WEkrj2+Z%tBES z6V@O7!pPF2ClLf(G7+0E#SBsu@O}D{L69T`$QAiypq(@H*W&&Z;Fhf`?pM~db!1Xt z@8a`lX8uUrp;VBe#Kmc!N~28VYhHlsKd15NVnOH>13~O09)ER+R8JcVI~GHUJt$o= zRSc%-Xy-Jdb=K)#+4?qwgox!@TM)a|)JPHTun0?X%0X3SVXQXGhdd&#;NgL<)H)#s zu=t-S4d3PjAcXoF!r>J?QR&gX9}+2s^8-uxSC+^Q(qIXx89}c^Z5Z937l_`M7w~kk z%F|3Wtt%p|?QL~s1fr&5@FQjE!*8a`O`H&?Xe!~*g#ogBkIcm40N;`6vj#~EVIBlJ zD+?DP{M_N4MvoC$Bw_3cR;-(gO|MFD!E^_@vB=>GIN@V?$m!{6grAb7mLweko2DgJ z^!;`%M|zdBc=1(8{*jP8&of!Nn1v!To+OJ~ZG_fFNzmO#5zub-FmKe341hR5JC>dj z7c23%5xI!oA0oKK`?WhFilo3?x_Yo)ufIQ4deQ&~_ON36n1B`qx|Lrj{7)|w-p1yz zeL6u`r<{>ke5F89nEfwJ35E;bN3uvfZbKMJp_f%z_k)ZT4K!4Nkopk%FJtlGHoi}g zXX6NB-xaXZ%T%6E?Vab~X)m2uEKgBbQWV{tobs|%+& zc<#d7kRq4qXIob%9$4a?S{XXi5!+D-Sv@jR7owjZr?C>i=JQ|@NbNkBwhCuZ z;Y)SPz1~KKw}xhEm&;$|xMT5WuzM@StJ%ajfTM@PUWoS|ZK3q+LKLX+Z{8+~tL)kE zkWwgmN|><5&8UZd^tI&qINvnY5cm6@h6c@_43~y92Aq77pux?7u3o&;9|){#T<9yb zn8rRT*vyBu9$DluRNM-YEQ#1n!eOR4tswfHeh6LJ1;R80Zmb-1@HVKBkQ0Nh7d8Zl z_|(E-bR$kRA49xRSA*ol;kWoQ5(203&6Zqt>*-MlkUZ~h5U!V&f};B)XIAAmffS@| zkXf}#y|<;M&g*R~V7Gx5wFK{wC^_BH7gNoDW~v}XDi~edFhlu{k#SK$v&{CyF2(&Y z6M|iUIG3r-I&{4GJ09Uz;tt0Sq#__xu1mOo z+rA3oL!^G!LhB8d)E7XYrd#FcaB+uwVc5)>I*qDr8BfgT$Gxw&!c2@>Sd^Muv21D{ zn?ay13OxP9M5;%!L3!J%J((Zjwl?5uI5rUAF80V}L)o}$(K3mqSVpBJ=xOBS$ z>AWb$Ov-AyyNwQR6zeHRuAgd7^Yi~dP{m`=K@iZiF zH;C2DFt~BoW;_R2Z{dWz*5bktK@f3J!N;s(=#lN4I&#s~VAKI)SHUf7cnR;%rNOsq zbQME1wtNM_nJ`f!wigC8Bmkd{svA;t$`?PM3P*i<*&Us(ckojT{vp7a3?&qYwLuq!&)k6cFm2? zq5Q((M7X#&OXt1tRVK;&3KhYsmW!dIxKV>b+~EOKCnZ0ytp;a*f5E-`2Y0a9;VU=Q z-OPv<6Ca_PvJn-tg@Fzrnv3(*vLgg9AmTP5FArU;6y*4MWx2_hc+iAGjbhrfQMSaP z`WGV9xuV1(eC|Pf99VDwIy-AZLaLdbSrImJC6b_$8vA0kW^@Jz-1{M0r=ut=Ci$!I z>|DT{7nP)3&R+R}`ia`Wuwj6FxIZ)O3eJp18k$Um)^@g~&~;c6r?%+S7#EMI7Vf}i zSULk`AAH`l^07U_#$!P}bFIxg$&}LxyXQs+L(0YJos(hAWfx{9Kr^ndoN$_ctA22w zzUM8`A(&@vM#meKh!ynxkSG(&zOz0qyUq@N`j&%HL~4qUz({Gf&gxufy~71&!x+op zG?3FIIP#l`)zE9VAIc|9F^DW!-*<{Wignv6>|$6ZMcf$kG6Yd)`0pu)yDt+E%S|LW z5P2k}m4nMmg&{<$C^#oT?Bn%!bgkoO1_h`P5(Z-2j1&26L6Px|Tq~zWvIDkr161KL*MMe{> zF+ebSBX3A{<|vOUzuLT*bHDB<>G0~ns0tF!W-AGiP3n|A~;#CLkQbPvlW1vrkpUv7-W4#lgE{Q1|dt^fMZNsLk5~T6j{B z27^&7ksZ1hQj3Q-aFHP{w<|pUYi@U}S!d2*FAW^`ds#zk7tsP=#AaRB5r(0IfJ~7| z8UN2xqQ1NEf<{#^8G=%PH@2VeEt%F`Yd8{8;HoR%c9rzR;Osb+3DpZD&vs`;`4$@R zK|rI`%|>D54G8B>cR0DKbG&9c`HJh>CwXe`<~nD!!Au?~G#?&`g8F0?DcPgs4SRXc zB^ZH&i-3|906`2^nsp?AV)bopTGr9hH6dj6i>(RMpeYk70NB|Pem&-PwSYq*&f#wE z(afW_I7IqgFv{_P0<}17R7_`qvB{$0a^V6({?N(4fFU#jY_UyuhSewW;T9ul8=G;} z4}{LFbIiyTT6|<*zkE~F8W;*8_1xnsQXVD#r9Gph7mXB~Gx%DPp}1gLqPe|!UO?6n z;?-!J8@D*nWHc=~)*NO;$S{S84P6F(8RdbcY*N7? zuv7SLQ(<%b$1LBq(WK%qc8b*HfjkVC(%M$TL%er3_dLg+f2V~0)6vrs+&n0G>Z26l z(A-L(iojRXrlyj#xNBp{%&QJrLZB9@`|!J zNX{sBT9KWv4#mZPszp3prAp(vL42Y`F2m@xyATldAdOAN=H=(vQoDS~eqq9RgDlHh zK;TqfhaQ{i(^k|0x|sRz=0gdsgtKY}AwD`ATF@!2WJmKLc^dKw6D`lgN#h^SksDm=d5?vy`%w6HE})b zx2#BnYe^N>y-QXD-N@IMqpjDf4U7EO^P}62hPJ;7Xo~J<=$o91LBRAijm|i=sp4rI zW2e}CYm z0~bE_n|6az4uANQ&k5YTJh*S`-?$7tjpTod@8{HO^dq-;Gh=IGcb|@@9(Ib*Y@IZu zK2~qG7k~Xre)=DTsy&pdJ(oW{jlA{#{?y{%Kh3fEE2RI|YsysYe<&FL$8s`X9cbp& z$ABw+4))*v*?+rI?_UrA82bc?yHP%AKAyiVNB+yV|CcT|Kt9ud>)C{ZvXkGj^Ec(c zw!=A?AkA>Xa!{ULPzL8tJr}q`S0(%F&w#(3M3m{imY0@(&*5~$@AiFx27(rRBdMR} z|K~T=svyld=r><*?xg&}bzM{GgO1!<{wNd_g}xRrvS>-H4F9#{_j_& zBMG7?Dw^~<5V8AoKPT=`Tz)G>m=X6s>GfAA5bMlreI!D4RI)+-y$t9W%>|pB{sD0< z`X5gwARNJtf!_BYtL%XR0(3A!QhGZrT~sANi$yg= z*o?b`B#f}LzmMFGU>TB_iqdT5V9>x85sIbc2(;o?hf<=UCb>iv=RTpUxlY9D#g-jc z-3(A688P!>5>+CgVf5j^HBlYUuy_uqi(UR0ZRX?)#=9>nVf3;Cc_5g{9RM{ZGi91~ z^Ho=L>5I&y{J^mu8s&EAG}L!8vq4e@0Q6V@;Y(KT>aEv!k0=8se;szZ!b>N)P>h7_ zSM-lNp6TTS5qW7m+;Xiyuka5L5fZXON-daqKZsL#cpR!bz{JAfuwE91`M<_jAL|ra zf)ss&&C7M>TrG9O3CDG38Pq9tzHVOwdLrMR&8rD#o5yn7pm zI25TER~^v8^WvrOJ(n;>xF7p1oRH{n*yoib_M>`1kG-?&iF0jyI9to$&Mh^ugKPle zH}NT3es$sGEl;%YQ+f~w<`oKZ7v(}&uz_Y1VE`Bb6@9@L#_H=df0Wc_D*Tl%B?d{* z{OWnc==ZgfQ?G;-2jq)|ms*8FGZEtS>%sxUuMOhL`6xi#p6kkwPe5S zk-TK|$HNKFy}<=P+8Tj_g9{WDtH-0GhJoEZn#ed|IR&#yw_}Wck>tF19m;yT0TNPY zI1OpaMIz#_vM*pFT~fO}x%eKZ*}Zq$99kx`g_YHbv?#qnn9CT08)B^8wR}*L6C+QF zo;p7r)vMU|ncL+rpqO%c185cDL?1!UR>bAml^#|#JE<0KJEN!W zp51Ef)Mg{WR)^z`4?DO54ZNbaZClcB3HqfXbqOtQmAnL4o((%xHL{dAsiOGU^|M8NvGClI{pz zKNxC_I?T^&{m1PYq7DD4;V+?*^-jgz!xbl4H($RppmCvm2j^LxUR)1FOJu`DeVN<5 zOMouH*=)sq87im(9X`&8E2b_fjJ}NeT*c?_?@D!zdWxZA@(BG_q#;& zHuqwH6>^D>VdVIZ0z=Pyo3b6H|CgDgU-wBZ8}&LMhoq&IPgP2flo_Wifo34W%fQaI z?}H-ukwn!jG2vRn`S9>+jj?io{&oksEK@M-X|AC+HAzFf9>2aH3?*0XD+31#Eovdt zxB-XL1atFiig1~1j|-36ACB&KfUmC~NK^3mIST)b*Ah7?A2||-iN!V}W^X)xP$nzb zua&#iQ`hYe~{Xj$jA1FOQdvzBO@aw{lnmKm7pClypwUP%lwu`VEEaq z-2exNxuISy=FaV0J5cfb;ymS2$EC{Rs=HTY_1uQM=WJ-~Lwr%5t_F%BA3qq@OcxeGqTP8$o-MHxcx9q7x&^GWk8L$yos`cS`d0wJCW-*n(1Y$t^T zIo#}_1wvmg5tq$WFsW@u&DOh(xd=xb@*np3cQR`3a@Y6LSy^0-^zq;O=iD!XZY=LZ z=p;adMZk^F{S^ckt0MDoz%-v8bj$8ubs(}oXL$ZWBlRG^Hhb2v8~KV9-3MgVGV-zT zf8q4Oo_gEHc&pof3n>0Rq8%T`xRvR?z}b>FI7@GR9l}`M`=EfP_q3UFy*KKLf04$^ z)T$)9pVv1u*uT#W%_1?st=Mv!u;wt;ArXwww0)Mh`}BV4w#^x{eYC%#TEFDjQDO-L zOp65jbVaf&C=5gXDbCLsJWRM2){p)Z4FBic_sl8|nEfMv_w~n|rQHh`R_&T@xN}Om zKh!UqxzT2Ko}X>h&XH)kE>#wd+y=L4nrFpZ#CFf?R_h+pu*{jZ?vFrVQjPfp)h;8x zSy2?3Ak7Q!0pi=+qRL4|{nMX)^=o~5Z9w<144dmzjDiV$dR$m{Hw4E~(Ge|oh|lYk zp_?Ywk$QWAEj0VjwB%-{JX51a+;UjZR$MoqeZ=)HI*8{R-}y|wSnd4zhn{fcBlth5>I6X)YU{NW1vY9?xG=e7fxv=uuwxa8+a zz%J50eYXhZ{xI6<{<6wY&(dsxwbHJQ8=Pqh(Q^Ay)k3Km(iMu@@!aPNxHm(Qo7%Y% zAXRo*}&?6t$r|g8{)$~8Ak1Bo+ z89$BE#&AwcnD&)ebX>XNZnv*7zTb(hw~|3#C$qB>@JmijaL;q=l1@z+!nfmRADVd) zZ8%Y`^K5*;?$Kq%P5EAUuBYeT>0mJeoQg)RG5#J$fXJGDm)4o^{F9I_ zL{oDbhd(9@>)Z-@^yxQNv}KH#@>aqaa`-gE8D6V^Br671Hz7Ps!5{&aI#P!Ry{bB|GWZB<6Nc_S~Fn_(b;M z@siBRl0hUrFWX@KiI6sRY!=m!U-ufIO8TgvYgD!ysaiWTq=o^H;CL}Gh!KCdy3-km z+}3%@cIH!^eO+_AL78!d?tXn2eEWH0dg$l(UP_PhAx1i2LN&O@+hU!DI99Hlo%%-V za%QmrVk?54eA$A~Og_iV+qcHpz-39}v;gA$xR0AS?ZUT~;b1$YxSwDO@l7LB25fM+ z8t$@@de3tzF|$7#452j5Fe&MnQ|H8cU4b-*#*hz)XU@JH+5jT$jr(94Z9Ce0-#fmQIs1S<5zMdBO zCmWKq8vUSbniS`6q#ftqUvP`d+jHT<7>xP4{CsGX<~uE_?ZgesP$=a4cyKf9wf!5V zQ4{!A{fs{gyWK++^&wADFw6a&bCJL(Xt^mrAc3dC0z*dLZq~5Bz{&M=vRR zb6IHc+d}t=zd#mjTTCNdbrE|0;lz40JrI9#Q%V^Q7iWxa{1I{0niHG(b{cz>DzbC zU7C+Mc(7w_RDABx^9x_dTW%u(m3pE5ejK*I={1qUnj%1=I>R{V!MdCMaWK6Zyt4~r zg30eAqvOZkNA*{egaH+S!^XaX03{4Cs-hNd>7`4XWLBc@%RraSK6m(fLujt?mqk9B z5{<3kzPWu)4UI76n9Uml7HZckNBuePH~G*Wi@!|%+Sa&$ZytYGeYR)Lben(NZm759 zyj%RqU`ODvlN{_DAx=G#o=DLLL@&v6@9Kl+)KcRj}Cl#Psx~2 zB{ivA-rJ~x?-q@>)`qXfvQfP?RzhLr^yeUA1bnp! zGCuZ7lOcmb>{ZeWsy9F7CD-uCX!W;PhM|1dn_I9IbTTDCB;*eZ8l*2}deEOcg`d*d zS^W%t{FuIM<#%Rn%x_ut^5c{m#Y3yYaH;bBeO7GP$QAXg&eRA0$NTE_wo_PLO&1aY zme!-V%!-*Vq+K^Lga_oyd-@Lr#_sRxKcNe1LteK@zD@xTTP~ zjEgvo!8b9AU)gNa*?9O=Nm-}~aV(o}&I0>mKWI_7&l!)Em5iyn=B%SgY4{FBy zT`KYcK6S4|ua5p=W-$*T8Ygic8TLKNZ`gE_grgoZFBjf@Idgw%kjr4a+&FSWAa5oX zX;jjKSt~WVzPMHX9x5Nad-u}8MkTTIxrZjm54pTRz&*NWmVm^sZMg3PY-9c*$`w($ z0oZIN#t{ICdn7EF$91fKR-E{>UM}>*!WGD!R}I@Xqg7T05nkzPUT;6^A2F{Sb(a>O zP+3@5f=s2EN5*X^U3Zw+ZKXV9yT8AVJ*|?3u*%L2Agn~7Q96!~+l*pLW3sT+A7~#= zMzi9^j3lF#bRIq~bzerAUu3pVuDqVr8`_!zEcw>5#|PRx1jFI3=Tn1dviHXL?lZ$u zT!_+fd1fRc(?&Dg`<6_IH$F)_#tk<$BBG^nT6&Q~xLZo$!W8UNP&iw-GuhKI}!LqBD&95I)AU)B)T-5gI9ktVw3u zLVUFK!_x8W6fq%jq?s}?1`Aptfq^>SiCQsAkiEr$LGe*=P;!W)gM+ganhY(NiUAkG z){Yc$0pDU872pwbnJM8?YAgl-th+?GpKeB$cvc$V(_3p{u|t@wNbs>n7VQ`?=nEsT z;_?IZ5jN}HpGX1$XC%&?(ooK;n?t9|76jexUf zZ)!9-;$(N4LmFiv%&5tzfh@dD6)ohc_4W-OSyZmIKqF1L2B)067Zoe}q4jnV???ix zJx0@f(A&kGrBl?{vE+^nCG|M*__cxd>vVvpBYZlTrm!{Erh(ZIVPnB-DtvFV!F4Wt zI-6~D)PPrPbuW|O@WE?T3Q1WU(fy6ECT{TwG_DMUKHeyVX}yipRIeDKsIX4vB2!sG z^rvRVvZ)gz?*jO7I-|XVV|v)`5QZ~t?(6l;!4Q%Dbu_63UxJpKyod4!pJv5|yhzUf zjP|8=h}`o{3Bj(NqEyRF?yRoJ02&N17?tx`#~bxZ6dO-Vm9G^m|#0IBPfhEV;T_u;hpDvKj-`@9~aMbhdgB4J-!Xs+Be2WxN{ zwHKylYVYdzr>WU>Y>Lnq)QRE;8QrF1&FJ#qn3zf4$v-nZ889honHIxlz)|!p<=(2(aO(5fHv3ltKkfAn zWS?K#HbuGJpGr#XzmV=2Bl#xP?aq9m$YgyBfkVH?4*@igW+?G6q>+3I8!ekCCrD{w7e87?mUWUYTm1k4 z)`$pj>^i;=soULHFLRxFARTpo2suI}AeOH%m`f_N*{2Qrjaj~VV^SIzGjup>Xs+ZziEUMRn z*0Q@%&4we-$-|~ppUN5WgB(WFUOWMfN$3+ybmO_kxjuehz*aLhvAj@|rMkQlh26a@ z_oFA zYG(UapX5y^+xRMwJvV|M0T&R`7hao3E&RcRD6hgJplNvFRRNqlp$B9a*4{OWZk>(~ zWJ?Y-b^sWx1zmY%zN&#tcZ!p?xbm$jfssayu)O!GHZbc=Jk>U50B>1#Q0oamH78>h zztlLU^k_)g<%izE{{wA6lD~V1v)`O}YQBdx&rwS{)OlqcU;nH2$F0smdblupST$l} z%60DSLVHUaiuj+$s?-x_zY+Dj`h9JL>>F`!O2-UkP2i|?hZdg|`)8u}xt;wwT}PM`_Pzs zK>6R*_8sRkNgO2qiMTM#LL7rg z{8?g8i?hN+$hG)AjdfM)C~ZBdw0(Fdl5BhGN$z`bjtPA!)a(v^SmA< z>*}>o`UkajwY1I?>1yHI)UhYUT9}LTZ=CN78$ntFm7kP1LFKbF?NiB5O8ZD-?!ulE zx<@%*VMmQVmo;TZPuM8ZKIi%fJ6B_I)N{~#EZ>v;KG71A08(bd8#`qX?Bh`_fNaJPbk@Ru0PT#kDe zhG4ZH*;i@{aCzr0eEa9GNpYCR=(~URwX@irN0xwY7tELygjK7&K{wN|oS56dK7=fN z8$94;){3&!YuNqPM?c`!h&~-%CAb=8wl#h9Q7e*1A;1cx$1I<&1InwsM1e z@C?S2NRe;aiu{Xb@z%?455x`S(@nzg7X#@4t(m?YfQ=#Z0L& zb4A3xYp}%E4S`x0KSN_5%#ELouRJ&lk#=m0TU&&yCyrq|*Hy#`pH#;RUpk4uke>Zc z4z+EyVCy{03v_{fLo-Tq%TYr{pvhMui>ng#=8zq&@=>bpY2)2{hvY)THdp#THTL8r z4z99mr|{;>W9XZoyotxRXW?cwsm-TzSbGi0rnO;{B%7LhQZ1YBUaVrmINMoJHX}St z$CXWE+Cd|IbCbhCt(!$m*VJs-4=rJ-@&!y}15Fkh_VCVCB(ks8i#so&(ux_s>sR5$ zbq*AW6ukD@8SJDW=5-DCmQ?V>7nd(H9>x|1yzsR5p@(!-+CyRO#J&v?cyKwXEF$b+ zCpBLJdi%ObKU9K4yRP9Vsm%&nNAjd9>;e!O7mNS@sHhjyW9cZs~2MVvM?<5wIT@u z@6epb^&@9-;QUQ|I!=|A!pWOdlhLF>2*WH^LA&s~!U*f=YC&a10d5?>f}Ph$InX>> z%oJe%bMHVber!255r;tHAab#WaX3O8YKX%~1ZS+;h%MVT;@O~1Tz&1=cs7@7*`9X*=W)DWnDeI&-ar4YQ;Q!Wq}X79Emfl zja09x%x=AkKkOfFf}$W>i~F1<_~0RbSczK`uf@i6mfPB!3R4F?yl}U7_JU@>h*6t; z1E=?Vguf;Oolz_Cy-hRlNQ^x{Bdk0lSlgS^$wL8@kN9?A->?6He_X6YV$aI`TD zlg{DOw-4dP++q7^!nJ56j$M6YuEie`#}>$;{zX5IgFAb8?;fXz_lUJ{ZbtrvYxvW@ zQc$RA8%Xcth6kVDip^2%JC|_-d*42acPge|DF`ZgcP~Gz+z^j7+|RzkX(}0%WE*Pg zfMuX3osQioyg0gtxAtt*vhwHWV&Q;p^hm{^#@ z%F_ns24nZ|mT(9T#mYyPU`?nke3=v?aOmmnM0rInj(l(&$15alI9$$Wt^n8mPVbWBALoe*Whs8a}*U=_HVeP|S zv2*bIugB2VF2s?)ox(o$;<~P>?|27r4-UB{9K6}HYWdbJ_)0_*F1+>uK1pguu~R4( zKe$-3(Iref8c~zMzP2A8=iLFQqiL_ObcbKeT>SnUG4M0(K*ru`qOyCJ~OR;Tp$*ZL7w3dot(h4eb2GSqb;a zbmUOD1tK9nl2tXKm=S0_j05*Waeg)uPqIf~awF=*VWu^rSMsj4E*8sel>7UGVlx=U zQeSO~#R@)4h>T%#C2n50f=>@6;e#>!LFzd?z&R}D_tc}Mtq!?ax!C`HBF>QtyoI_? z*HBO+nA^Bx#WQQMI?@r5w#IBy!lB?fRojHTs~7RX`3!uVKQ@oDn8UL9GqHJ2z%9)| z`Z-c+V&OKt`$#C(o3pa#;7L6G7U@jJ7>clY*t9ejzgkI8oivPKX(IxBOuifFLnm#B zwq90IX}KHnj(>y?j@{t+IZk!;scTzPn zbvUII?7?a67mO#@#AAJwBV1IKJA(?+h}IV3*e8iNb-kF5^Wn8nz#DUx&cfHeOiEkI zrjQMv*)h0pZ7_l?yHS(Ld;YE@Wc9kjZz1iwE#BN)O(;5kh&W_Th=Vvo0%ykJ$?t5% z!#?e}@y1TI(hY7img4|6jJ6I;9?&O^dj}Ii*n&a3fTyLR2-iM%U9zn!RN0U=E^b)<%yW1= zqy_b-j^U$&H*vOCOU}F7&|6i2L+>2KNBJGd)Y0!=8;4NhKuH~e!_mZYWb0U3Q7J}> zBKXe?z^cUoSU$r8LAK)C${}=A5i2BboJ+>r#GzG<1NR&dh#$VR3d{6JQ+=u!|4O#S zx1L{$*I)DJUP;gS2;%D|uYQbi7N*sT+XFGsLB&?th*5>iHAmhJ{u z#?mt$^YHu=@z~@~U*wgGl&?n2Trvym8T5$_u;<$e1=EE3tEo6hn*V*Qt`%pWuA%VY zIkqMm4=xBCfy3y}w&Lcw%lLHH*%5kQy%sB;S%WnpwotDHm{fwgCS+eYi+9=E^>DF{ zg;f2Bf;MIJ$~mLYu1W@4d0$#i z#>Z8vGfTg*3~8q>;?ODf3|0xL!ii_(`q}vUW?wdFYLdSDF{?&J+bZoLsuP{Vly+0N zT^-W)Ct~NnlW<=3LFF7~jj11A|Mmf#CY9=B^n=jVkug!Ye_0fwiKjbtwdjc5MY$+1 zCnMKc_EV)lIlq21rIzs3+PL`e+#I51zoo3tiw- zk%Eu^@;+Y4A3)Psbml^5Sd&|M;RD$Bcpw%GX5jt3XYkEkW9`7crCzpzPt!uS#1r2DfI9bdopgLmcN}p(A-*s%#@UI_oSpZHP%Ad z&RSFhsjpB==mjsdi39iiGdxT>C|iNh)0mo;q~k+iVvn?J-i*pE26GZoiQ9mQAQ zE0xX^;Xe_+dwnBISXs}+PyVnHtHO-XeeEj#{n96re6~`~6-VZ_SW$}n1 z#Zf4mi`T@`M)Zfj4FmP!6YOaZ+D?}K?y#^PL}l{G9^SfeI9 z+BM_gFvbxu;eQTWwho)OuE%$x2T*%qH-7g~20l$|Mn|7=vnZGhWM&b76||AQ`TQ)* z?5V)szwO3br}CtjmPnYxy!-ICMsslP@?hJbepDon?&0kc5RA>weHY)G$#&;Q z-^BJ$FXQd3sUmRepH~FL@?O0}DVte`@#A-rvGYpR(4G`e7P1*OcRn6?>H$0zGKjQy zUcwtE^2U_Sl^e-EK;PU{a8T-c;V*VX+EC>qFpFp(g$b{ zg)e&yFu45u)|prlPA8FzHG30Sz{biPwrp(gXlDz5KW{`k_Q7Vb2`N_*_gY@D7B z^wll^xXgdl*~8n~5jH+Scq+~jrahHNODn^*p&s5YNLU$+ za9<lj zbd)10t3>YMed~Hg{-%t8jKF_50t)+J%$*;H$5w|Uj1-X0F8XNBs$;KP_T0Kt@2=Iu zyVfKOQL(dd?;LN0yOL5#I&Q1s&AdO`M6V|$T`5@JiZBQh>#h!>Rtl+V+ z5*2}>!duj!2t%3~{;b*-=eOn`czG?)Opy|?`gpln&pt3K!kko}Va1G;b*rofF=a5% zTI>7bS#8-@kyOwCni=#Q(y(_3!nQRbh_PdGt}(q?u?z6Tk^sa7aNev+vR6IB-rfO$ zR{c=)ci?L2*!*x}EtV{ujR%+UJiXnuun)xSIpNqkhj_N$#LnHBNU9{A(_}Bq#_VVA z9gSzVh9TUz2DwReG84QKO-Iy(YauFo$6kvQS z;k*ZCq8r;{-rBiH2(pG%OEuqVWdH2x*zO8=(vF#nr@yoa_ssN0m*tR4L3xZwYLtD~8EfahnOUfM! zjW~4o@E*e9=>@na(gR^+2~gu;Yh?i^2PRYoI>V;D8EtjVsG5i-{}ylvoxc=|qrEZ1 zLwgU>fzZs$IBiUwfzg3(xcCPkBs7$L33qqemhO+EcEWy-wUjJcTUX$zMg_BpGs#<{Z5iLRo`$Y=gCY@P3q`L>1FUfA}R#;%=d(6OC4GQc>$gug^e>kS?OV`ydQ}> zjxBq_QSXMBx8Pa@?>E|6Pq!@KZkW9!6pP{*v}1Ljd8p{|=fysJ3^LnW!p_bP#shko z&0zPUIsQy`vVnuRZ+RG@nTJI^=_J)vQseE(&f03E9nY8UJ>xlJq~L7iB7E(k1U$Ml z1POsoWEEB26IFLTS7$4Ddl{gSwA^(qY!jvR?p{$dF^^1H@s9l{WP-B)l7$Qq#$r{Z z3j)>8vf(q`9pLO}27{s^l=CvCcDQQKVJ_$3!SAWhTswZ(-NhN| z%tBKzL?0O&i!c4p3T&Ij&$-*c)0TT#t!Knu@U({MAOmeB6)4oo0vIueCG5Q&;5ex{ zD5S80KOT5?6~6SqLOilE9$Qw#V#^#~#ClqiWyTWLZr+$Xdj{_1zYYB*1ma%59$e=c z-eSj|g3&>EINnY5&a51isy+p)fs&QMO2^sPRg#X(ymF-0-STD}^NWh$+1R{!A-=kS z^r4}y2ykMuJbf6_9bV{Mdt3PV8KRr5O=?R=+II@CP{glTgzr8Whc!{22;?4iv{m{+ z#GgH7%b)$}qTG$(G+2wIa<#&yZ4(iI)oYpLM;X`mqvJT96qA8Ww&z*r=;R2)L4Ab9 zFd2cts#(-Uj#gH1a-koixf8YN^{5;V3M+Sn%!tAhD?Q-ek%z-{d|t?DL7m1{Qqc7m z85@UZzr7C6sMc%C!f?sHbEjhumJaX<4#UdDv@tc;Gr|JqgPlmHu22u9Tts4lulAWi z+j5YJ_J?zkL$*L2u`=CnK|9LI)erYA^M?H-dw8qm;w#TB$9=RRV%!-F<60=?!U7I< zVl7B3YQ&zn@7zZ@PoSK8sN|eF(#C;FQS?=rcDABL%MMVk>nu!!gTr7q2CHjF;b3CT{l0u7 zp4$|O4e>q*@t`iFPSMm+t}fJf0lo+`s76Uc7b%0q#uEC0eb*nIiCHctv{iUsMMYt4 ztgwT)r|oT6B~R7?-Zd6)o`VGuZt!ztWgz#vvzsBRuakneg+50KQY8*+0?pyY#DS66 zb)qVR0ow6;y4wd~4Ru=r`)k^<8myCnp9jcpxFCdmUHO|zn~Z0WlM8$u4Pa~3j+6N# zcc-K$XDq}2do%&}Cj?=Jm(vIwwAYiW8y&QvZ>HoUS@kH*wb&LzJ>bf-c4$uuyOzCD zy{%!~!(OZv47!i8C!ctJ4IWw(HEK^v=Y=bEiH{x3E6P#LhO8nOraAm(&Bp8)f6TP* zMbX&?gsxkG4Xa}4w{=Fq(3!Xz(R8bK=EC+2y;ue*dk$^z`kXc!72DCa=@$IuT+pJqvIFecIuim>_EyfFb^ zT_1%-Y#HURsjJn#TKcxzvTD&-)jr}bF4iJ;!5k*tEy3uuQ2DHVogn0*yRvqKuXapT zYebqqW@Y?rA&GkxACqgjgTM zPO^u$cps1_RP4z|7`#{-py6+q?5K(Nr1n~<{pLe94CTUE$VD%E%9c^bOs0-NV=dww zT2Y&Ib7(E5YLA<7P3GNmFYb?Ja%N*5lFnbl>rC#E3dvM>j)#NL4VpL@6&9kNei$iG zO|Ofgu@jU0=OfOOeVp^NaGuG0hs*kgo-KU$3MOInbT-2=EDGMv&Tt)QMq};`T(0Hq zk?K~D$&LMN?^9n|iL9JTWLEM1LPJyiu7lKjT}+Df^6|o!NG4SpHY1(EtgMn|Xx9FX zw-&>(9MbQzrgoHE&^O@f=7qKMTw!9;hFr49l$0@%NF!@@aFF*C?*Ob}zxoifHsoKr zfveed$k#Bg)pK};vUy*eA0oXR*k@X0(~@;Yy8rVIVMtr4xoTt&Z(TSv_b~RMS|>FQ zK>k`A235gMw6ZNs}xkI9dHi~$)l9_0`a zg&DjXbQPu{tF#t0%OtiYSa`EC7RF*#172i|96fPeA zxc8BjSnof8iVK%;=v)bs23@dffhX-kR?=V2N7@8Eyz7kunf%G(*(E-_d)f`h_P7=< zw6mkxb})$&I)yGPis$#dx4F#CoQEtX<*RHJvq9Ewq;2-;L~!1u00r zd1vk~V`6OT09O}xNjA+)T9K1ihC;TyXw>i-3EA`u4#uiAeh4&eN6wi<#)DZ6K0-EC zF;3#Jl?((Co=VxAEDnMq-^4T!U;6GkwpEV6l2F=x&b;fZ@2kYp(%KBHuVzw57jn+u zUJq}B=bn3x0q;sF;9b+p3mmBsmPOf7?b7h?>_9g&os-t*$6qd?Jy%VCB&cS`m zfL$BF3a{2eTw(?F`Q&_Dp&^<@jfd z3bUU_1-zAw%xBJFFxRRR#aGjj%)ULE0dL=!cti&>fN#SJGd&y5DG~w36!5%!oWI0= z2N^Z!vSqN_gNC;SvjCald!850p{yHLn;AO=u%d`Y$P)Isc4S|Tx^ko^(!rlxh%4!Z z$jYxpEhlcmbcD)t1t@2hvN$Z1I>a2Iv9qy$y}0x{A&59!9s>t=qb~Hf^1vx-AF80Z z(*bX3iXx!k8iM=i`1NxbKudWAvxl;gN&`X;c;AjXmcJ__AS3W!i-27q;%2gU(QG$Z zllslfvIoVNi)d6djPHoN9l+E9?>TO)rJ(ss3K}1KJ(xEa;oQkgT+S%O%@zi+t#}r> zS;N<^1=*~QuA+t0#W@-%`eDQXc4~GJk}}9v(liJwA8VdsU8qRU!WH(9I+0Sye;fY0 zmYRnfITgs|O>aP-L9AY0B+Ho;l~IDk47w+5g|VWC{>EBlu&Vq7&&|s`H#MJe^#;!y zI!EiprIpWstsgcn@}@J9jzK!tT!VZOq}PO-IX7|nMh=p0)}pxC1YT~A@T4=Uud5At zSrw?K{h+fxiEFW74l6-pTyA?UJY(iy*}PE9ckV_*(kZ-sPB615Go~jqEbJT+wrCk1 zo$CmrvNT+{n2sYi+ec=PPOuiG$?3RyEpyzp7;`RD3V3U*g;f{o3rlcPN5I?A$QrYj z#2}hZdsI&%*gP4aRG(2^vdqcm!^*$)%qnJ|G55YIWM0q2`Rn<(lvaqe+zOPj{8m9{ zsi_Gw?8_%Hhg%5rPGQ|$d$d-^k@b^)HgF9I{HyU|`&K$*(KDawS9hg>=uTKh@0 zNkiX~_F&ejM5I=>OG%icaEP&iOC8_;TsAJI7T{_|Ic`=kX_Cn-LA0w~^xEj?ZbV*1 z*HDmH=lpL02T>W&-B^Rde9k+o42dOuFz1EDnmVqP7rQGAc#GtG?Mh(1{x0;`y2IJs z6Z1Xj6h66L#$c9k_zdrd`!>g74IMSN zf`h#~gAXw=(q$8*^z#m9K-HfVfULN@aw!X!QY%r~#VSrucli4-fv3I*>6L9LZt4Q# zOlWZo#X=uTc#)p2v9SRc)0#%Suc+iVGPXg&#wA!9%tVIj0wkTefgL&R)8G_fpp8{b ztG0x}ok2h+XHrIUztpFtA+ekNcx~tm8YMkm+I%H5KZ#BB3ZsmP|n z>NImfaELD}s$F2k#8)dnfB4xm!MC1${u0x0iTg6QW)OM|E(M6-zHL9Ni|I6P?ndXd zG{kmB%sfBLVm7y%g$3_(b{J%JdVV#X3kJ3bp!45`PU;{Z1{3RA=%{UjDTA+e>@(Py zQH;_eI*n9{chsIN8-O{JN5r0NEGa|M1Oaaa-_g#8j-GoK;<5P*)L5}+C@U;eh{GA; zaE)hHP9du{S%ztBH;Ae;1t=m8+69pAp%I7)r$f$OpGn~s%#II3ki7zZ1$nq|fwIaw zXOj_GN<5gqZvhcJtF&Y@tEa}WV7U)=Yl1UgZI5KlV9U~gvxJ1Hs0$+Zeg zI|l@d|E~GxY>HrVw7j3lfL15%mfj9@)>TP5F)^bVor0F%kpaT4X5?K;Vg+s<&QtG? zutSn_kjyHR%JKT5PEmm?448ap?TzK@7viC%Jo7zGVbD;H%%oIYOd*>b=a7+0O3*sm zO->3X-7|5mxM|3~6O~=zOnSU`LoDtkE1VVABJt8qT;TjKXOz;xRgZQnJNVH55a7yc zD@8j>vYAlEJ>91u%S5mj7A*FGCvmf*6Unf#9OZ?qx*f2SWJA#X`B0BqkhkFK$r>2= zu#()~nAN=ucBd92eH>0lr+`o-ER4naAR{tAoWsZGOOaaBqouQ55H>3k4?Zy$%hc<| zfUUbVaUlgH%=mx1aecMd)1;YB?aC2J@q*g6ue}8oMap$cB(p~kZ9PZYr~Pd;xW+Rh z`wj-Y#lH3nXK;1HT-?9N9l;&!FUhsIs9K9OI`P^pY^1gDvY-{o1fUeM9|#E5PFy2X zCKN<0#4`^>V~Hyry!p8}do~*vRQ7OoQ9bJENC#PsdXrO-OS`&SI1d@v7LsMvSx5Vy z4q3`^PI)i=*MiA~33~ZF8!o2ch{_I7@9V_0d|b~gMkXEBsv>EaSy>|_VKHXA48n#9 ziB4Xgh@RyQk0u7PuIKW7ilu;~KF?ThPcmZAFz0`s2ui3Qs%IUpAv4lXIwH za*Y)5cEZXnp$K9i(#ej_eLH=$rzRn_oxuuAYq+xz#mUhE!9EHUCfB2u@@(oM0?-Di zZ_(@a7$3$s8XZcCLuOcRik6 z=!pmha~g7Taf18dytKcYQQOZ19iD5p2ApthK8{?@!qH24NTr`rBsqy;?ZqORrEz$2 zwHHEKNHNRbR<1=MlCw)uT+QGrnT-1DYS3KB0ER}ySDJ&hGvb#o!&CP~Vvb$+h&?IJ zi*lY9X3mb1Bj2H~4h7}xIo!g%tDy_MB4ZF0>`8iB`Zouyne!EiAd4RK78c36MIgqR35JW; z&chN96Le)>#c96d@seQ+Q7|6#@I2Dg4+>Uwu`Wu|51002B7dBKw^VU!C zCQnd5bg=5$n~7>dF8Z1pkg4+3j>m~%YGs3fgr(Rv&kas(1xUGc9UmpPNc(8`dm`ZN zk8NL0z^Yh(#7gHT*(b;bAzF0`AFVZmBct@JgCRWo%dz8X-4Kg{KJ~JKflf`i$Zyhz ziz|Z)l#5(l0icP_#VG{5#h$bwBWUc>#mYTt)sCKme4L_OsBM_49=0`bbQrNGtGOpN z@6bXnR;-$hN0xa=Ya#sRml!|Ll#4!VQx=I;qb{HKy|IaEhTcwdEgTzjka9IeT8l}1 zbp%4fRg)rTd9;jE94yA1Iq6aA4wWVO1vt4!y+C$jBZG z*2N*xnamdzj5DyH?*jFk<`4l&J)YQ>fia{3cSN8O?;^z+ILYjJ7VS!7kaX=`%`FVp zF}SUZ42aCNL4iKl5>EDw_A;D5$z+_eRw)rg9mCL;i{Z5x8Ow1uQObpgVF>w`zR&-k zNKo{j5yl`G^%belEt$Zm&kER1CPG=bx+5%-OeqNwOxU%AQDGAHpJr^PpiPPgY0qH` zFKj^u^*rk`ap?x_z|=ydFi==j)x{py)ImIAx@t!TyeEr8RHz@;2QxuM3x|osW8#0e zLJ$*+<9JR78h4}M@>K?qTcME;C_RFf5KJiNHa=lk;$@2dicF*y)grA{b=l(o_yl^v z$JYg})<&=;6QdF3eSmh8zM&bM{ev(kj;tk1ec&_5MAnovvL2VAm`PH73R4E%S%f+- z1d*1l$Ub%k`^j2zQ=?MDE+Cvic``c9XJRGk)XiwN7@Z=# z+k>eHgD|$Ijm?BR`++LnlTxI6Z+1mD1`Ms>PrKXGae(*UGSt%cP$r~^p%L5D*puSy zzNp%hB{fVKG_z!jFcyo{-h}~g8Zx3SfRIfuJNjQJmF_o{1__rYtt3aw84Y{72o`_n;E#=jn7mn})sDYf(yi z(zX9%g|Cn*b)lmZ;+Zk$aFxoQ-W(yo#+J75nz;~PTTUaymQ~i-IXHXq22PTy=`!i` zm@LWO5jODk^u)|XwrFgk6LV;OG*nF8v4lbYm2*fNUQ>wFQ^)a7;*dCm12Mj5G5%)_ zGqfY9Y+Bo>#H(?N89ka+=2L#Y4K8>XtAOj#`^Qgc&v>D?JqlPF=+= zwxB5E!|Y;L;&HN-_^zM>ByJXyxEKU4YC%&=Et+{I{^q*!7Zv1IiC>gJYC9T^49DhQ zzK9+BQgCRT3M#!4(p!o@>HDJLM>xLAURe$_8cl18arWI0@dhU$IRPg#?3`e0)`^Jv zLY(8dyX*W7B<3}ueUOfa@CC58U5I#pZv+HZVZCoMjndIH-_p-;En3^!Zfh-+My@4h zvG?}OFjBTRWa0ARbQIEaF&Ua%C8jj)7_3;iA{cIbubean(Xy*XWK)aJ=}oW}H_x)o z%!!-huEk{F{X%?33Oe{%Gi=^U8!&y4bYndcrW+H-O;dtchPFQU@ zm2SPCAp#662hWPYV-H6oLP5trSrHB%yM|9Ll_Et|rs`_X;L6%1c+kZGF4P$#h92L` z)PvdEGqH50JuKP7>*}FnczJILojrZjE36h|709Cdm*H#6SQR*v6@e8E$jE7s?8)gI zIqW}{b5W%y3^`Hn1$cp#ZSJEe&PV@hX>l!X7F461)ho6kp$K(kRefvCaB)H(WYdx{Z*PcB&dr*4iBwl;9 z6SJRPip`$P+Bami9FubmHI){f&F~FDP$L~6Svfd-ffw5=*-q#ZYzTsr zKN&oNucM%v=UUw~=JK0ZNK7Ds?ZtTQ;9;EZ4}i~dd(2%$+FUXTG-h1Dm3>7xRpx*v zSjm`RY{5!(w#yJq->UZ*wI_X-;sqxW^q(A_X7;WKkDG_@t@MKTKnn^o*aqv&HJl<2 ziNrw!oa{(V9mKW?5wYf|ZDV_nF(1vI&a8f&v&{kRwXD#%b{)r$C$cS91&U#Zd5>(u z(@fUb#NhAzr9p7MLaNmkGL@Ly!-v%!-&pC1a77!+=up~s_%c2|QqH@os7|*=KwK17 zu8o7$!Z3J*#$jn>F$yV9#U;ZxHkS}Oi6gw>)7yo%)YJHIXFd+(woA+$`V18LvVBQ- z9GP4g0AbP3h+(8PhXT^!9yxJ+QgbMh=Fp1bJSNQXeUv@{Tl7+@5Ef3YV{l6E<`m)L(;`;&(jn@>Wd63|bX;Zv%b#}+;OSToEFl%DIr|XXi>@+bc=81eV_=X6 z=FD<~S!X4#oXKKhOX~<`IwfvhXlbZH`t_V)y~d!h11oXE$k2hddSq91u##EJ-C53L zC@s3+vWyh&XVUqq7DPds+^;+`kMiV9_x@)vOk5GiK;GI#o^WX>L-y%Ycw;vMi>kFS zW3SQp&5QB%bqvz@1Y-WOdd#_6iSxAYT2!KC!piK>RWlJn_6ZZx;a)p*8h_khMVVFx zK^@4n7tEfi;iO6zrQPa+AU#%DBkLmmuA-|{kh;+)C?3CH6_velC(6=q;FEVwW9PUf z`PvvUnJF$9?(LN8l6;&wdI}$(E5y~RL0Ck^V3V~wz7=VXpfCnfGm2oAs$xeW4hbt6 z_}9YWB5`Qsp47x)9@~Y?U)DAXhe5U^Y%9Nst9-ApZemt5o;HK1BEqGe&nBrOIJ%Tw{%J0Ia%!~=M8y#*eKw1h7cu^LkNKJPZb zgl(bjVGr0?J;6-HK$&2KXSBA9#UV+1Kct>f=?NyLxKUPT#JMn8a0>g$$`%&p7MRms zhqFnS@ZsKcoMRGjErTb%%PjEo2LfRiY!4ex54KohQHz=ZlFo2DM=w0K&;z~}ooG+a zz^OeK@DKJZ75ia;fuvcyKRwLEf``LQVBD08gCAYS{*<~AV(A{q3VG^k&(1b9-8haN z?=q>hgfh-&7?S4Jmn;U6v%TQZ%A^793_>vnR=7R()wzhVY(Zxlo&NhSW4n3|Bk95|YT$>|-e?(Sj0Nj=(_fTArI!E=^KI%!IBF$EDC@lozcXTQLq zJ=vPXAk>lT_!sx2@IMT2PlhrHY(0ayntQT@>%myn(2(SUc8ppsw!co@#)K?QxrmwX z1Dl3=7U@kqS?#r`PAVB=Ehc`JuobS+p2Vwk#G_ zun_Ug(Q^!1vYn9{PEpy+M3yCMVz5rcQR;7HnK(%AqYM4m?o-&WtJ~UiX7L8AvupGr8wc4+IC$4{|1tg`TFcojC)` z$gt=`T~f*_`J-%EbXpkw(qQtir3GAA)HulGtzs6CwlKLunV4+~2PVnSU9$pDEhZb2 zgC1JT8Q^v&YX|4+$b1u(ciL6LE@n$9Z(q*iiH*3J9vsZ8;vkIxLOyZvGa)|&w{iHs$#`ACH zVDHs5>|kuKn6W);ced+TyBH2zBgufk)*iu0sHkit(VNJ&Q|`%C8_7tfwI@&Jk#UQA zSL{h27Lq>lbvvvhqs2sRye-&TI3Oe#^Tl$D(aYqK-fqcnS>Hq(Pbzwt-l5l7J0zPn z2~G&1Y(C5&_snZKO4%eU(@e6J33e{So4Gi1in2*&wISIQE!)_7P7{Y4SI^_UgG~OJ zEDmN&?2QV;Q%}VrnoLa%H`8$J#5H_)mcee7ui44ggDh4H@UWW;NPKYHLwJ3LhF)ta zTjt!rE2o=KC#VK(0?6941>gP2b9n8S_uvsBP&E9<8U{v&2v{={Gki#q%}l@?2D_hq zm07Ss}jW6Cd~Y~lOt>Ye!TeMdHjuZbR|3x z6m$U`yjCpHrSr#O=*T`Hlv>egNDO-_pB1a);7|H8^K$kIJ$f8J*qMxDJh?@%Ta4Du z7FHN#;_WvsVt*waCF&Ot!sJc^kUdAe^{biXnuPBYhf5kbw6TBqsqKexfGNC%`abaR z3&IBS`IAZFGZ{8C$`>wPgMU2{h+rC4tvOt;6jtK%*FTSpozLW@FZR8;49Ar+U2`YS0&Bn?{59sb=Bk1x57{Rc1MHw<=*)|TQLRCT=o>1id%l6nc- zGx)*2SY&a!TSs?YDT&vKQ~9w%}$HF9{-BoISn_n4PF= zh_$$xmvftIA@Jfk>0<>ScV_6fR=sk0qSLsLy~x!x%_FAAODQ~p5X$Ts4}k-FLj8(8m9Ntf6|o;Z zzIkIMdtJZIUTrz8C^I5;c#scPM}3wrIf>sYsYL?=bm?^F4mdOL=3xOAx{Vyn+;(wy zMyLgE47JyAG`SNj=2Z?299#xVrVWRxRQB`Rxewnukc&jpvvu&cl2Kg2`+=$%J!y+w z%}m&r?nC{K_@(ul-d4x+|hXbDEpr7$Dj6Ov)V-T zbEShn_Zm(lrDIQ#5ey6+5E&t=-qg49NzZWN4|Y*IT|zA}tN8ub$? zI8P>oyxtZjKG2q=}##a9BnQPe(^Wiy#qF^>Iz>TjamGE zTS;@cgg-IZE!qQ!SEd^Zg-I9j>3fIqdX_#JQEW)1?Fesg^^H|IAv;pQIkL*Xmrj$E z)Es1T;njXG(Kot~J*N-sKaK52n4G4Sz@|Ni5BFZ3^c=+9UXR@$-}&=f`103Z#Ag0& zdj3^x`gb<2h?XO@c}!gRK>F_^{=WAXHuG*=#Jlm`G^~i@a?;TU(ZOg@#Wr7Oj^Y2k zm576d%3!w`T|J$wYRtlpw=Q8%&Pe;tZ&@^Zz`Mb>shn&u$MF2WGI5gLFtHYTbYc$l zR^j}P5AfER5?rWaKS~BiX2(0x$tik`YKa)0ssd?_bRb?ijvs2Q*QWnFir=25N07-B z$U2VS{pnw$*YkJBvHjwmQg*kvLtK4Xok@B|qdHXPB;seUXW^{IT6DFQv;^!AA&w2P8HR>j!Saqg{t7;*4tmA*C( zV)@0M)Wji&Z9{b7(9=Tt%RPJXo9(CZk8`<0!EW&rLPr%OrQr18>qwEFNUD7%N7&lx zc$=m==8dM|9VW_Ltz_`LUC6(fLp4r($TmkMMJS?yU9V$rP6nGvf2K<$BpkomKbbQ+ z!Buk(t?AfzEETV7&VgsASc^lSCgDUAE355durS&VvwX)#Cim!3yu9m-bY>Ou3>JRU zSeI1+L$w#_K4&(cr`slsUdiIAq@bLCrCf`k#Uu@D6aqA!Cp0xJ#R>}qU zI3Od7Q(BRxmUg+13&Ef?984{f>l=tG_}l#3HOFHG96Fmf%5 z$-tm%Ehh8g!d6_mJVvq=+plMkv7wB*PHT*VgZQL24t0osZ+8M$Pu zBU6R?Ra7wyab9T3g@|FOn9Qaa=QH9=EUjVXdtn=s9E}jZaVd321m=?Vd1#QO zD`fs`Jg||;NegWmFdY$=8~RwrsUvv(y*-R!)uNjIyTEx%@bw>k8GriKWBAFvVVLL9 zhN{yCslOBP>J<$-5YbMJZBv}YMPtMu`;ucIR)76z{Fs#T3w;JrmS2n`AE%(4j2hi+ zRbtEUF-IB(EQ}2x)wGqVF*<0@D-0a5ddofd;}4(1u9v=xeO%9duRhPeFX7Ga&A~&A z>4`x39T|>Hl86q+wrD<`K7x0T(I--RYxjqi%!}Bw`&0as=S2=VDusqJ3Ey314662IydUqwT6tJulatBK^#L;mk?zKk8; z-H0D=3k{_HU0o0LscA2MsGW%KLHCE2v9O~tWy_eiptD`+&;!-ReS z%BCg`KlragAaCH!pk2G2fM{j)i$@IppmR^{J*Co&0b$n zplFT`QbHu{{3jmy?QZ<)(@dn4cfd&M2^WILzxn{)eC4ay{lDw*!+2J1X*iih4=)1) zXUvOqgqwp2X^a|>O}e46#-*F&jIU`VGnO@-fx!r+GPo1I_nwAIR2+N_FPtUq5~-C& zj9O;8w9`4HHAw|U+{Tg=l+nzXHETv99b74?ldsS)UQTlUv>6?0ZtS$M|9e zq?AFgqPKUS4R7MOU%|)!ll2?COzFc3(`STiy^rpQIO$(Rr$Pxgc!c znQ4mwa|!%PxWA6>kFiZkdnKh?!Le2|WcObPcqS7Tn}A&sqX8}@=#tZ|(HxHIwf0(8 zq_b+fxK~vB1xAWIkQd*Vr-BW+m}`w2j@^`C%#mTpr6bHFDoVdNgeqgbr@G0Ic^4|TqZKk9)%}%!-Fsz# z0&TR@LozDNfQBnuY4`&~$yTGY9Qbm9r(*r}H+X{KbN9GL&K?wAn}eqaCBH}))M+cT zX1cKG56_$AsO~Zi^n{ZmfL?A_c=S!fLv~4h+}%YtyLL@^QTr`4V}b=BvBeio@Ml=k(; zJet)xY6m8^h2D;Kgos%~I({HS3y3pun$^Wjz#kvJH-0s9R~ScoYiVYA@fcDi@29_Koh zoLwI(1xY7$lCido*9-5U;0rfZ6WJ@afpwL!%W>KCARDJ^N^e;OOt{}PqC(*-UAkWgvttbxayQz*bWYzt5<+0*W z*i=sueSX2(bv97n-ZU--_&-#xP%igB-6lcXpa53MblD*y<@E+xE(*&94S#gIVS96v ztj7B5@};qZUXD$_T5Q8eHpR!&?wrKSw;l5!BQeacOLY#1-kf;qbPT`_|M}Z|H!w z>1tn0o^$&B&23@@iY71D!5K}J?Af z*v6N@d*czb!_hJ(@C8E{$P#gXT{HyO)UbIqBb+2}Z;yX5V7B3v8kG|WwCsDxmiHmo zl!Dbe55R$5J*vcP<7FxLMuVjlBJ*yvY>o47oCoaaaw@q7`RebtnPvN8&7nnpe-BKs zu5iG~izRW>Bdf+V%lTv*KmC$f^#U zN^sVuaN{y#p$&j}@35Y)X%0zR?jF%KWe#EW7Bk`f=K?y<=bBAVKl##!1WFY;cLH0g zGOsebeY7-xS_pjJ$-V8S?=SZetp_Ao5>%0~x-Hv=M;RkZ-5)y!#p#=tSvt+{y)twE zEvg>%ZAfIX?JZGxT90ksZf8NhIw|ifUx&Gxtqi@gdnjZokYh<1o}Fd-!nRb^=e86K z!c2o354~Xs>NExn3pbf~nj&>Qierq4s}JxHlHA}14Co!bx^&C|b&e$YO24&#`oeRa zEH7GAbhAkB2Kmmu1LK5zjqXVGhS)AC)&}oqV$iDOfPX_sLOc~TGjTU-1>mHbz9S$H z_jz6P$ND|+Z}Ge$*jx|h+sI&6&Gx#S6y`+ zDPu|)Ec9`1d9Y+R`7?G%jx6fyF|AtROqdZDCz9%ajSGwXJ6RiB`zq`0?H_f$KLNR0)R(MUl~qz2l*S{zaq`GlY(^Za_+H?0 zQ)?1dzT~<&N02L!$%4#!(2K{D+;Ro_?YLB7$K>N(=l&7?^D#MBFyb)PgFHb4)MvnC zE^{%izaP-b!M}`6pXI0chHzUS%vN4<^LQ~hb_s6Limpa2v(w=BC&v|hEB|j~@LX%G-7M)tvv9K5hdq1a=I3k%#VF zPK1R|>}M(F&T4SH9%kVfLbe&4@ffhJYE0ffS{5$dZYVw-*^ zgyqAi&a~h;1G3h%>c`A8C-Hkxp1^Kuh5ft|Jz`g&(v^{(c)Un;$M`Bq7JIYE#u@s? zV%Vt~opkodm!=aKb_bAt&CYR8esza<#d788EO>%$iJ>D9P5gNx=Y492?eM45SNyNc z3SSMviiHWV$5N^}n^4;f%7F2bg{)Kfj-4Y`>0HtKQZ0p+3!7#-2?`X0P@fNbQuMd)_FLSmbz- zwpx*vG8b4X&RxJNL7cQGA(=NW-rDhCjj5fgV5#If0O|&t<#^$AKlgIJ?XL_PTR8d0 zW;5SY;4U#-lXCV}`dzeFXggw}Z%@=jv7JNK+UK1v7nb&=#MPs06& zA<#|DCS4}8ZX7A$q+x?+9Zod6SwfXk*c9q>OLhB)>B_8wpFo<&_AA>%Dv~Y;x%*{i z_bC%uZ`@54M!&i}ex6wK$&h{R-6c`-^`IB9@>&=6o^6B59VrMZZQ36GeEp{D?JLk# z?~ke4)fO1;2GNG~;KInjAO+PrC$%h=Eq6589wpS-fc|+|jBcz%Ph6mg#l0M#@4(7E zPR19`NHBl7gU5{ixLJ?f{rS*Dnwv7)>>}iQXHS2C0?(Qq!&0`nELlX7+sVoSDD(G4 zbOvRVdZE01UcBK@ywfHoMl1_8x2xU4Ko!i_bhux&v3oi<S+>H9PXi~apEc@SY+2$a*FXB1V&vV1Yv$BPKMx4J%SCW?2y zN6^#!17lk29`>&3f~2*YB&e;RXl#wkj{PX$NUS@%JZH$D`+U6nw4R!}-TTW)9rv`> zKHPQtSNhA}(udmIqCM&=Bc(f7`lr@5?W|R|U%d5Qw~`fm)GDk9*VeW+effbFG&bi( zdY;&IF)cs*W#C|PtTqr4rM_v3&a4HEC;d>Za#g75Vlm78{bKoyo&ZMRlc)%pEA2{M zy(h~BM^bQ;E(C^f^%s%9!K-SO<;3hWzvD1_hUbtfvD|wn<1j6cfhkNDIlmh>vp4VD zF0co3?wrZBDlHWRUj~|F&Sk_XiEpM+933vu5^H}u);{IjCuqN2ygmX(f(wI@sW1p@ zs5ITpYb01+n-xlKlwKWtjV;46aS?^yZP_Vx`;TWO|IHh)DPY1FQOUur{NBy`1!@BW z%Bv8+zu%c*WdQAL+G|T4W_amdd+d$9Xk0we>TQApZ8P3Vz^!{i|8kNIc|qznU1eV_ z{a+k`{b26aTZ)GWqMgou>Tuo=(n$olRvfwzmK5!@RUR_)K~w&EPpT9sJY~s9`*a3w z-KPcJ4wrne&(sSD>^s};&7kW^0y`siO>u(q;_9t~^V_J;O^eQlyT~0)Wcj$|(`t8G zH?0yKh6AWXmv*EMPL=3qA#kBLd-A&+c3TWJ%&AJTJvXl0nx}i3y98{XR~p|@?so=u zw>vTn=5}JzXvF=$MQiCkvN9ENCYW*z-d; zCAc8-Go*4sP}*lW*o8XAJ%Kt?dFT^d=(V@toP?2|c02eT)PAoD#5=LM##cb{pUHaM z2b0zs_wDBe_nu5d3p_PU$kDK+w_tVr(?A*t zhMQ{LL93CX7c=}n;g_we5Ta4X)Hc=zd1|*Cop+oP-KrDZe4Kxpmuju4W6@0BEdddX8 z>nby3>S>`fjFk8qeZ*OJ$!$i)$!THnGHKRoCQOhVZfBN|p2L!6HU|a@B*Ok{d4z$% zEGy6}OP4@)dtoe?qe#x;C7hrcDMsT?4SNJ=$TKXfG!jt>9k9TSf#b*JETW0mx(Z%WS)NXbcN%!|U3mf_g z3aLLJYN)|=Y=^Yj9CkDPAHU$6=djMPy=RnhGPu(~q1wM>f$~~6y^T(wnAiFK6Zy47 z<+P4PsWm*j_}q+O0xGo!zBV@Iy)S;>%~DkBi}^(PZI*`llx2D2$LM8w_~706 zR1%z=EJZEOUaZ^nO8=4Pm`z3c^`3T3C91@V#fc5c2=ISvI~wi+?^we{+&H42lv0ymXZfCSVr;kWaDIbs#6@9`#~F_Q zF)|I0yfHdkV1M#tzR_a|cgx*==e z*H7pENwG$lgp?OMf9PO!U{Jr>Tu+7k$b@JZ>%{AQ`TIP;Qhr@v{{0_U;baw91;T~3 zJ3nIebTlBRJ!*$%NQTCZGiSk%O8{}^(*1`eQ3PV=z~KGII*womDbeY{3u#!gh!JzW z<7k0Y@ejs}`GU=n!&y%ADmt?pF>=jz9Cu_uzhk~yxn8LA*(mIZIyCIdUjlntz{&!i zb8kg!qgpbp%l)=^hg%ooAhf)Fu7H)gTBJ`S8GNKDL4$Lny&_(p(jfSvm;tSD^)9PH zTG&!?6^j_AMob~>nIfip(!NTBsJ@-@57u&1ag)HM+<_ac>Y5V*5$F zH#-a$eyA3Txx8ToH;zT4kuuc+Yg*1|6PvZot>7g|220vw@n^{!U*^;w;&TLt(z7Fd z!}YWf@O(d7z}qP4)ypS|V;nES;oKQ*jRk|O+0Oo3rT>3m78$+=Za|$!g8OEXCrRVo z?biu_(bV`7dX(@rl^aqVpFY?>9qJb`KJufeujzFJFccDOgOms)#znHQv*(;Yxf+dR zB@se@QrDag7`W@mZ4Gc@A*7rNJ|^*!V^tRX`~A4GZ5Po5H4$CRJ>m8t-RX+Q!eQa_ zya~`9G0W7W`aXAt-W5ZXJX5N_X&ziDbU-n%lQS3}cB_xU{fQQn^~+b`?OZTr{6X)0 zx*2SL<8j^MW1)(w=%=OY$Klg)MgzT0Ih`DB5v#tLW7s25YQ38)N$xB~G=FDJzaI z?{HEDMBZAC3}%;f!gm^!-E9sT-y9Ed&wcmOoOAJcHei50J!Eu3iP&6!=`K=Qs@b>X#(MRG6~c&2-_n|7rhDVqz}f~f^h$c%-qh9cS_oE~?^?e7kx`U7wlF`=^fr2y^8Er;~G5vix=>lh5zQHo&NYIQ| zl=~({_=zUz^ZKJ3VZFAC_Qz$S7N%5!RNX3(Lv&F+`Stg=gZ}epJZCaFN`oGm?yQ;X zXb&BEnI0a!R;Jts^=kd(+*D#0@``=%eK8BHX>!6A?Ykv319}*>6 z3%)k*`y^s`p-F6uKMGAM#NM*+c;E9}3hFjBI@MZ5{&289EPZ;Q3%!2y;j+K-B&|+O zfUaG_GKf^$elF$Ol6ssPaFi_mhM#|fL5V!a9m;g)yG^Jm;zM^a1E0eqne6tF)FR4HqxAgvmtqRUi%yem^HY+O}oe+jjMJ~=%JGXX(>kfJ@EK0 zyf5XIYlmr5J9_xA6_m=7sD2?zK#@Dou#?A3wch3S<-+gayZ3DuZd$*vrI&Jj3WJh= zhhrTUtZRI@^NLQ$)Lto@@altno&Wr`A1(&yT5@ZL<7s;;r*G`dYd>@B`pg=7^~IbV zgKBrv>*kkwKA(}~(Fr8q!%ij>ac?Dz@=CR6d8HLbOqgyLvXHwed6$=6LrOIkkJR0* zgI*-*(ciJLv?F%^STH#!U3;}uW9#*pvTBkP657iRdAWaZ9n(RuKr{Kmok`E#t1izh z57nidtH?`X!GZL|JxrQoAco}PTIg*etaz5fo82U@awl_|@!=p2yv7h18G zwyuHq!bpq+ypcM@ddX*BbUf^u$*{@(+x98D2?b5){W;vJ+5#?x%sYXZio<5Lx0Z0_ ztC?}mC+r)B{Kw~s!DXiW7ID`_3}V+s@pk#f^m8WZ2&c&pAky;(nSY;9$Y0L{fYJRh zuXa)4fsRzNG$dm`EoR)C#3q!u%<<)PlzQ z`;C>ZS&RyJEXEPEY*1ttA@B8m|3L`&m-c6pF9Eb{lSQ~a<`)ZVF9t$S%ouTGT`{29 z$Q2yA9(wXpqF`}S*yuBQj`E^+gXen=jEBJVrmfo|MCbZ^(vt6WG2u`0IDPFKH_**H5C(&T?%} z5sX*wc9vGYx-=ams>^zbm-)wM)^laEJwrZN5FQ9wk5V#=q?mM+y3`m~QG-obyu$tZ zfxmp$h&}Ya_HYZh-X)Jd>d1~drBW?S2Z6$I}>#hxb0`Ig_FQb=&4K>vsF(sbGUr<65lXYf(HPR%FONyxv)W+$s z?g>w9oyY!x{~F1A<{@=!np^d`JTsnCZ|$Zc1$Za%N@~9{wRuhNw&tr;linW_uYg0( z8NtdQ7C4YT%;m8l%9Msw16p-K@*B}QI=m$+TvzIK1b{cUOIL~5G27Z-=~SY1m;;>y z0X4Cru-%mu6;_!aJl+S~@^gTMQBX}At_mXU{jx@XPI6KK$If0z-K8r-AIpie$?zCM||yBn14myI-5>-F{V?V?Qm6)7|c(PB-Km=(S%lGU_K9v z9j2yU{puj6E^DOHO`DRb)F+B)I-QYg-tLjS-!qxE*M#1`*b$G2i8NEn@&{Z$^~0&7 zosl)3v}A_#h)i#7vLaW1wa=>mwiyM%f0W9kAUp7Y{ZSmeU+I2PQ`(Ch_Srjv!B2hG ze-%j$v2D2-eN!Qck!t11w6=`Jii90Q+!OoZ4ePbiR_odkJuMY#p#f$?JfZqN%ys{4 zd%tYykC&U9)vXR}#U*bvz z`QhM!O5PnAav?JV1IBwLA^~yn8UII9a&@_a!mu8L(~!YJ`?Qv@e57=>$!&lT5mU@9 zllNt35(^8V-mLbv@o7jp>ANfzt+>1`j8_F+H)%o)w$xK!;N4Uilcd8a=GzVYZ4~=J zNvI9y4LV@EGs(03$G^p)1W#_10wf%qQQLF<9xX?hF!~0pA_8vz^H2W3r3UYBoKa&? z67@T&-4>%w1Bv0(7TszVkO+Kb2tz2ASktQdQ$m{qT-^d#DSpF&LaWhgw_c%WMZhC$ z*z{w78?>aHO#n#$7VGVO;nFboU=tyBn^-}Lv?pnNR6q9S^C#L0g;sa-z#oT8 z#}|9OzJWB__fLJ*e7zTt4BmhV}0k>23%!piqR&V7Wnb?d%HI0QG5CRyUydb zfg)2XLTc>bxCsC04=bHvXRnB0h5F@hV<$s`yEN^sowF}am`2fya|X7fLAcQR!x|AX zM!?Z<)JWdep5}njpGly^1xY*x{&BuySgz*_Oc$CO6DmXt-?w*u7QdXwvT&L-Att=3 z8tQXJj92N$1kU`X690D?Xi2K($S5y7<``#W%hxa2g=EZLzEK!?CI(Y?0124mf(+aS zPJL*BXlzr$LGkDxH8{6!FloivQf>XJ&>a&p>1Gn!7R3gf7sTZg>|Rk^x3?V8RSD$G zw5%w|yxE-{?#o(64n?s=7~prjGx?MSwLkFhUJYH@Ky+bw%VhJBe(bEUpPBf#=pETK zU+aD9QP{uW^A<|JMMxM^+VzMb_`Fv5)W7>Rt+%V;rp4!*xPlGT`jkU{j5B9?Ue091 zS*C<>GH$ygDGB32%A%;qQg~n$7neYQkQ$_%u10imLkPxNI0!j5%tN&-wiUKnR1yNS3F_iDs+U3?< z>L-kyw-wewJe37-W{l{(n1gJ34TkPvYre@}yoR4^^9%ob|AP9SEz&Tb0fMERd~an^ za1|4g`-euy!{Oytr=H#5=NkX&jT@SCgi+nGzKDCvjG_6=qrgfXFfh!BZ=q?2MizW>IJ&GA@zctA$t*2&Yk)DL%25a-G@1<54-TTt z^&ZS?CWi+_O-~Xlyb4G?QxRI9Ha7udgNWTS?sin3S2iE*acTh5kzr=i{9L#Zjrn?{ z=(c_b%U1WZ&?yy##x?;d2dWLfYL412Ww<XO;hTn%0Gr`b))&*6tJ38$N2Jq&-FUtId^+5i?mL5X5v8=+(Z%y9G-J{KD@J3jb zChGT@WoI|*BH*?!n^eJI-s+Yh|BWRCb$eamhK zF2A9eg< zm3Q)Qo^_J-JG{n#?yUSZm6xP|lkSO_6_0ZEO~|b&(3qK#VHw|`Jb-S|Ice=3zzFO%|D!HilF}5Ak;69xXe_=Py+Ka2% z_XlGZgwA;{B@t`tzPf0yI=3hR9(rtn1nuAR^TG_+GEon3tstXcKa~Fq>;OuDYTj+C zg8TkLz}G;jv-LygGa}J^ryc5jZ`Agy>xufh?7W-z&IYf9tF`L6b4^^`U-t!O8LJlC z)e%d6=5Bhjc8;2|4y-(NcU9&m%Cv|PY-(SAY(HQ2&Bs{6w;+zWMmqs3RG3OAu)XtM z;>py@j7@g^3?NJal~W6t?I&(Zu=vU24JYmiE##4cBZjb^u8Q0=0T(IOHU~${tY{SW z_V)K+gSp!I*s6}9)=#S)d%cE{B8Oj7%17J|2X6769%lj*iy(ohSh<-$=npH}ROGhn ztmrecH)TRj>B(!>}}zuB%0T+T?*(Y?z!f3V8{4l0U4;uPHLo(hhdPlWulmL z-N>Sh-#wFE0*7-kqTRj}J2bH{6`a5qQM4 zw$6tViOty852p)zTbGKl9tIhtfu&n-1afy^SM>rUoU|iJU}RYm34()d-_MAh?|%^8 zRIcV9Uc{zRB2bh{C2@G+{IHDuv^o#bIK?s;qvr}*VY{uZhCiHIsyFjLnMYq)7;m%F z-wgPQ4iFE1Hf-u99BCdLT!1FM9eMSevbK(P3Pv!o*%Uf4+uVTc|khLQ4= zQKzZ>Ou8@e4^LjOs9e222VqPUb>g$Si(-CGMzas8*iM+7-jS4ZBC<~s4(9%mVSArA zkmJ^LJ6@XY!O~pHx66@%itUA0#zP}6Mu@md*khN3K+GFu2q-?mBYVJeWA=aDPYCL- zdd*yI;9QsCL>xPwBB-V^a_zbCk#Eaeroe4|$4 zJvy6y7q7+Io@s8ul9vZP-il@oeraP(aA*X=aZxKb7Ux84ZNtGygjI47Nc(Fi#0Mvi z*JW!?<;Pp0;^A`-Hm2cNWapw_lg~;vqAbgcJ?uE%_use!zJb0ceXrs%`}_s`*YRzt z1|S-Q{y9d`kr`7IqSr!#rG+jEB4Ld3|6|f3G)Z`EStw~mCeZPF&on77BPK~uiuha5 zu)Y-u-A>wm87QC4#+9B^2=omw?h+gu96vd>#L)GgrpM-{FZ2+M;IJ8B4~zozCIoR? zt7F85y1&-rlb05k)O{T+b}?r$6sn7RR!6;v#+63|;noZBpM%Yw7WLOwX~rMxLm1W8 zzc9U>f0v-KJrzZ8fQ`%zwF8od6s6XwIGjg_D+&0lhJKK$H~MmNjz5S!Id{LY3)tEJ zk>9HLZH!URDz*J>sRv~o0O)}bVq0!jDJUv{Ui#LZu{b@DpS@t3%ZHq;Vh;Q+q11{B zO&`eYr$VnfbzMaM2M(Fbj;yl^fRt#@%qKOGw70X-+V6PXLx0G!ZX@cPHzg{q)2&z$^e zX~=T&f~1emfnTXQfyV-aYVLZdQJ3artp(yaljS)axBNGb`w##tC8utT*aX^KZE7XD za#|o~$aO5(@wUD+TnNdZUMLDHoU{J(73 z3e~|wm=0bDPw!&k%Sy~6I4-W_Dyta;9Y=oK4JdaDCQ% z7Y70KMc7G!=R}`YlGN$kwCYfrcBc?EY0pmwL*_u(qHf9Lr2<*OJey<8u%P1F7CSi# zQ#8VR-biC2Ix9EeS_c-u2|yL3E`p&|E~UoQsRvKhhg-Kv_8$5|zjIUokap8GVzRMp zqO?$rOUQsj712#g-3m0P#n_ekRktx&07o#2S9aN8Z?D){Mui-yIuzZPAIe);^>cwa z7TGLcYy4g!AfzXjvsw*f5gcDI+$>2l`Y_o&b*}Hgx7k=%9~2s!_&dxKzbPBK2Ntxp-p(HIm=uWG%z9I(=AZJsD zF^`Yz}$Sr@2IW&1xJm!p4|0><9>>M>V-UgF4Jtq#J z{-cFhHpyh>BzNV{8|IcfI| zPfu3F9P@2&DXh~BT1f^u_6uTVdMxoxF>tgag}K(&G!dMro(Gupf^e;&40Zd34OAIp z7N?1bsLObWkWYAM-6K`U4*FxMr0dFu41f|Uzb@S+LS}Ot2&RPU@M0Nm#PdWr9IFp^ z{uW!_j3UCo4zd9W&RFbjExm1==ocmN3_*hE#6IqbHMw*{(Rfro(MFd4Ys>#9!Nmca z@%-1Di@$*@D#DI#u0~cO5khEyA3dzYu=iuU2!j^3P*Bixwb5it9z~75eyzU*q9Gz{ znQGi%9-RiHCr#$YcKww&_dP;jYJpJ8;duJ;-84KunLTLRgB{v_mD^dRNDeQQk5V6= zD92QnF-(h_SkF_Ru&YiG`lol8$by{rm4)E!N}3Mg2x>UF%f$K74(=EHhbjOfPM?T? z5IH)6d(e2VH5IiNC?qfYPBd5o6H%R(Dev55Uh1xRkF9!9ZZU2eS1=8;09Bzt4yB9x zEB?}eAthIVq7`E`b2>w%tj7l35#WU8uMsJAVj$A7U3gY_DefA=QrJ1JMjX7)hBkj~ z4?^vQr)-RE&pkdS{Z-lkr8`7k`^k#w!8qyLcJlhu^-toX53hTi4{s1kGFi{h#rOuc z!)q#`*EzL^?O?Y1zcow7su=O+RPUNAak#>mN$8grhhP@~Ct!x!Zr(2^MfRk5`^TBs)$6gJjE-pHTduOdz$ z?tcmyfdP-S!HHa0wi@BD!P?(eems^OGshz3cwPAUDr#u>j~(wby8#TCy#z0!*@J@# zEy&84eboI?2R;&K^@4~Gn2MA`k)u7>r#&m!9G=wiCfBXS8TLhu2RNIM`&Q<@ZU|mn zIn^3X(a6^?5j;%FzuBGnqY?$|6=XHr%6vZ5XGGj3>pJun zQGx!Td!fK;LZdrrwLDGpwD=NnPU@Ss6+<*;4}sY8_4VYW97O~o*k24^h6c!ar;)lm zk;;B_M(q{@C3B5UlI?{Nm54m=j?W(Vpw=cZHy9VMC~Xe(n{f}fY47)<;BWf>rJ(?| zk0Cmf;O9A<|AdE(&f}}Ps?SC=I++PkGpUKUr?ZU>d{G@(h)%~B8K4fkL>Hnauu6Fe zU}#WuVDbv1#tJ~ii7qJ|2N`* zA=yHS;6XfE7b~rA6vP!ggZ?$rCGiXdqRm^m8K>3j$^BtkoK>`2QS`sXj)>P;Vbp;R z4aFt2_6;*oQ4GSQQ=X*Wm4vI`bpZiz*EIX1-d_%QwR#r(!z~Yn#$Sv}iV{b$@-`mp z3THNkb;aI3j$SuO=-=N^_e2g*q}aHxQwHRdnM-@C`9G8V^uD~<(j=mK_U!Ym;W3e4VM2z7<2?fSrcSyAeXLN}j77V<15^$65WJUp+L42B zsOs3Kyv2w#ZQL40M4eRE0vCY%X2r;7e7g@D`^VRt^Bp447uJ_Nja$%AqJd&%(*9AM$CTXfl0 zUZIRa>}I90LWvcZgH2Qf^rO4!=oHcrnu3vUPN)A$>PXoO)#x$GPZg@^7#v7=SC+y~ zRF;0g#XmM%V1^@$ek?Pc*DPg-{x%ua+k~m3j1>=nl&s zF>|`ONG(Uf{%iL@-l^g!L4_FIbt?Xe^0~VVD5a zf_*H;-yD=ZX~h(nLw%Q}=W${nmipmhoMOJUb+C`@r#dT#3F8lr@Oz~j8vk}#RQ9tw z=rkDUP7s-EPhe6dg*(f}0S@PeeDE(yFHs&}AB2UDUTA5$gb3;uM)>mO^G-%wM>&x;QfdqT4&WK3TE{r`(j{!wkn8L5Zds57) zjBz+>m$czF6wnx%e+CVQl2Qddwi0z69#d#rl|T*zz0wR|kKw8}?+jKJX1?#+r2Y9h z`cC2pc=%&vIJ4?bA88m@)(s7nI<>u?=xkail}o$F0)gA8&5vpG)#~8~TM?ur1GbsW z1T`(1B(m8F3iMaEKXNH2&Hco(7LPeY!A1q%EUw!JNaF_|U zr7~-LyjnESwU*k(%Mp|71OQrEA*dxS$fnX zo3Tf;D}S?`OiHf^q?@x{H;549LT|6D*a-bgK`##k;4Fy7JTgd`T5 zBMIIs;8_Oo!y|Z)OTU{ztC?Z*ZUy^ZiPI4F&|ym&FlIli5}x(D2_Ut%N)0>)n_Eov zF3o(iT^z#WmNiAjOEW(o>F6LklS$9WOZV{X8Js|>*O9Rp8K8v}fK1Z}cfo5S)t2>K zamq~Q;^i!fZ-w$str;YrXZXr_mO8-$rx)PRE1_+cE248sp702BzmgHn%l3CJ#RmK6 zualGTAIPb0q8yQ&fg~?7vT1xLvmm2qM>X{%&b%g|$KNh1L*bQ;!IXC~f$d#UV)*AO zBM7!4IXij}`*hMzjT z9yV#_R2MrXauO|RiXo9u{9I8$7BdxsK4}NmU#dZ8dvEz{>fe@Zd`3!|`H2*Q(hFYB zGzeOCqaqOpWId+gD6L_^@(|n0R>hwy1l@kwuoPY}%qZCVfzpjNBw?;56zLfJ$B-w5 z${lS0N#leo6kkl}LTx0z>Aw)L;L6oCtu+|ZMIz4mASl8NBxLIjB2F3N?p=*rkVle* zC(xggT)6G5GWS86W>hr8YP!C2GPL5=a|@cjM7t0rw6v7&j>xtohSQ58-q~qQiG1qL zku>K{4@4tHN0XKvaJ=dBQLq_6qcZW}spTr^WN_*91Sm0@1{;jXQt|OHdyulhNmYXa zs_UG74`#b(d_CTmdq0wPZZd9%r3#v5u`DzDW@UCl^AZuHbG9pPX01oA*-|Pon8J=g zXB9+253TiGR52&K0Z2w6gIp?uyrbXiW4*i03IX#|i?{1|SLvlFi5sZ76PbQN?r_Am zmEAK6hmYNsSo=qil2;CCS#N$`;&?0~((H?&3T%plpC+C8C!TBmmL=XS!fE`{chOjR z^;XKHh8G`mlkVdICkYyqwqZ7mu|j^7sm~3il+Z`?bOPzj+1w-`o2fhLbPEy>wvv5k zK{iI|U1a$~;IabgtZ&|~z_QdTfHR~)4bM~Z42Eg!>k0D(+r97B|My?Le!DEE9lU09 z{ugo5Pl^+K8Rg&n9G`~TLov{#X`J&jeo}6Gk+r^5C~jQT%6us^Gwe1y*>n-Hpe|!R z`0#gLv!@<6Y0p}WFCQ;@`)kohTfdT7Bov(mfC+h+pXr3+#FDG_Bj<+>ArXeO4q-UY z2jX5s7`!}mWmzQ;)c(7_YYC}O@sPi)^^JXCZX!oV`a4aTIs;GW7YpQ#FyqGix99EU zhJQ$&ch{<^fK!@l940Dh3B{$Lw1yvMDcqF{ZecPPw8uuC{L1$Po!i^zV$Zcb!ZoDm z(dDI3`V_*rUAY?f|la= zd4Y$V{&CJ6#B+lB5zNF?(tLdVkv3)CXX>acb|QKWk^$Fp-8hxMS z1_$J7Yj>>P03+3GE#~=r2;6<80tHb)?wXcjWK@}! zm?ulY;r+LmUqFUV@U*oa{u$9P!v zDAI2?2hq7{hu239F9LM?!C)h;h+%Pyq*girDAd04{82ja4`w(E+^N_^v9 z{ERO>+UQu0T(gfBhx#fitY!|rSu&N$puokd=D~j8%-Wv9jPPvh(saUJZS6E zsXCmjECZhXOj*r4p)$D1j;7uBG#S4B>`=EUIcbv||IFi%FHmLb)n&=vf2ja z@sWyCsIX?((5=eGpNMUdSS#0t81&L3W@r9syq-_wXZq=Ao?8oW{=uLTL9v^&UjjYE z9DTRX(>p*71F2r0w~$mz@I42k7a|DLA?n=Y_Tz8;)+(;IeO=JVzja!C=`5ZkA2kK; zc4qF$_5>j#uRy%oPSCXexGqs-sL{Gb^WwJY54;V&IRDHBz7oy*>MCX!&$gMNjctn+ ziI$x5SElkfj4gN=dWEY$*$zl(LI$xnfaQ6dzyF6yTmpxFQYjKz=jv*(Fyo# z@dX4{20AK82G^sA4RD7#xF4#+DOI*!23dm@`t~gVeh<~Cfm>he_u0R4X7T)!j=IET`H@J^|(uG9rUobZxeZC<>IU1PEU^<&~KS` zy{5#cdo1}n{o?ARnOI43e5x9mEIi9$*D{UrD0QvI$cal3Wpi4z_D@GpSrZkB#>xYp ze8+6l1HE#&hmn{jP6^z1v%a-?>lg$RIX4f;_S3{$1X21&0~7);#7)*2kvuW)%$F8o z3twzpcNzC|q$M>iZo|NPXk@j{tSo*B!yS%}mRnX&Z8QD%k_C5HEXWO6F2VxEUqbOK z_K-#Fm#8Zt(JnN+4}!if4H?M_qVU{|eD9ZH_kT9lVrB#5zVQw*6OLzbVt zo~ZP*3wzqV`8dksQCX<{ z*Eb*be+tk&zN)7y-Ef2*;alYu3YUVG^Q5cSVRzN5}4hea6? zZGhP_85FItlSQv8*;rp7YQnn*GqOGy^RNWzOS!yh~LzrVL=EH zX+bVyR|9J58mEiGmX&@#SGrQ2{}p4#8TyEJlkhvcO_ymc`7>%*-ujW+sc7naN^iW@c!yT0HvBnRD-p`StEhS48dZ zAKjf^`f4lYByMTWXPd5r`7Kl*>z#n@(#>nb-O2SDX;tjmC z({2ZpmD>8ESne2ng7s|iENQ&$_`Tjeh_iZPvfs^r9bWNC7Y*0#Zd-!hHgP+$Iknyo zx}U+gCnUN>4K9X3f-eD6-}#C3o1Ivea$1?uP2DjFX=7caFMoAB-r&D#1Hzr*vkM=$ zS3HikYuTYvPZVk0x$Lc{JOGwHM7)cq7llvvK{31$A<2RI*2tNerySE57p8eaisrnG zQ|Ck2AH_Aa>CvK<9OU#o>?KEr6O=KaiN`%x9IW9QeY=F{`O{ZwT<<*skR>D2{7}iC z+h~)+yEmj=&3d=%W|9qza#?tQC34ywPv&`_#}jl_gGN4&6^DlrtHI;PJ2;R;IVM&* z2#0Eh^Zx< zCfeQh_87tTo8o6drv8}aN8;a|G||JITJ(3tL4IzkpEmfc+)rp-LyVafnRMH_Lyp&R z!_1vQx%94nRM@GTuNMk|>WpR#!)4_KB(Lw9A$IXo8If(sj1TZkX#~Yusb%}SyDw|C zw}3(NR%B}oPygNPV!TJ9WZESrI=r4}q*=T4uu`=a1R(GC@cYAWEq15Wtex%&Om;ns z)wVqe8UDz<6>l-#pH(+SRh4xn17}48pbOQ!!qNCR2!zr0u<82DOd4{rDLpve zwiC;iHJ%5;<+79n@JyVUB$#6KBaJ-DY&pZW)N1P2uCA`erg1(29C(PiD9=o9({KZSKQiK9Pmgz67t-_>SsyWJZQdQ4&VAyS(Ebeg_&e4<0m(%)P@wh+$^=v7iC*y5fQ1E+@CSRxYZ z(*C8!ZTQ^}tMQL0kwG58cDL&S8Zq#%Cg34~bH9$rw4jSPVw5CH-qoD${eI+Ihm$w^ zt<26}fe2+7(9T}N2(~Xn{+@QdBkR$&?RO>1H3XL1t;HhAs z>*AV%8e&9)o2qq$8Aj0A0R~r@3g5@&mn+1_<*DQ3#8&H5>_2Jj3gN;0iR}a$9ED}D ztC30U_FWIT0(;u@9>{p?V5(oA(V}m%P8te~{`B=dfv{!6P#(a()DAb79|{rZW+2M}dnAzVPqVqjdvp2)#lgPqg@A zfN#5BZJa2ngp=C&D=Ogd-!=mPo`q!VRCCuowwwK15!lCQN_C4yIO!}nwyzG@{-uUN zG*s@JunHvnBjt-oM3fs_Yrgw)Ve^e_cF&|#he}e(c@w>>WNbTKjSLdn6K~|+&Vf}X zb^4~NG&Wg$VSOQ0k+Tc1hFzUU+^_dgFlyUVdR*m@QNMIc+xUM0C3|Hq^&9n65jWo# z;T$6jmcwyKQfBLTOv#WXpah9LWzt?TZyP$p>a@pB=v=sTJKnF|{-(2Ee!nFK-8q~<;|6M3t+FFc&8Xr?eL@2&hd#^tO{)#Kyc*LV zGX4FGuv#P^J3WZtXR@8ZY~S~C3g%8EGH2z~>ZN@CPu1?AJzhaD)xfFr0Nsu@ZwZI% zlo-@sx|N3-+=GqCP6Mb2+LpQWg*J{cDG&QZv({YKv|p6+Je5k5%37m zH8kgzhkIwG(C%32pk|bq>2FJ#6ggYge89}?c*f^na&CIPQ0r_=>?6M5VsK>G#^RpvP;-C`WPCEl5N< zRH(RE=XSxGY*3Ks_4^G3kS?+%lpgjzuI1&ip1mf)RMylBQ3kKwUv+Z=i_%@`qe_7m zxAvjd8DO>nPwiAl(4XqZzgxm6Y%Z%nE5sdoU3;@Ggv;)X(ETD-fDe!Kt-OWiu&M`$ z58bPvtMZ+xh5cM~caz9aK-QJ&loIY5<)R-c!d>L4eV(Dx);2$@!9Yr~uedl%P*jtQ zGC^i%dV~tJadNm8WIMa1s>US7V+!+rpU(kZN8W?7umOrBg>>N$&EkQg^CH9doAvTP z`emJp(uDhHm}2IrtP|NucmB6Mh$lbX|8VmWqNy?z+fmkpVAHSuPJAN9;M(@y*<2R( zg15JEjH1NAKM`m{I=rBgI0L!20g93wCQ^PUaV#baO3|CWf`v^oy5+57 zWiJJiY1C0@7&NlZ=g?n3cwd>YGD?VYwtP}zOP9b~O&h{&|3>HLu0-j2OZ||0AUZDi zNda{-+D<8#=8X+}y})}t`27R%^eV`Cev!}^laA&^(k}PUr1eSrF82L!m%|Ubk9+9% zYkrL7IK9yY1x2vpn4Wz{pm*q2R~-Re_D^&y4hazzpX|P_(ZgIpgJY(~ z6LyDf==USr;##gW9_+SM9+tb9U9TT<*(s54ws^gKt~$6V=NJT*Ot4_b_$g*7lH6_;0xCP&HHoSG0H8sXLLjDtlIRf zkG6#dWaGx2`xg9oK)|a5w?T(~ShS-0{VTJw`_;#GyV=9R&f#lFqgq5{M#1;&Q;pc( zwXp>Bf@g$deZ3EBlhb-V$D07`#iGrg)IEzYFQe32?dtwKhU~w|JWB>O&Shx38XHru zM4fzcj^{Z%pT)ns{A%Qv(pBG@{Ag!K@NmWd+w9|xxTF@wjU7Bcdz)f^=)gKjpIW*t zT+Mk)zS*YGyFCL+XusR>?s$55igPsE#iiBBb^Ji(zO~1bNH1b|asG4CprS-%JcV*j zb66N%Wb2^~R`n}$XzGNV1l};ZZd}Xr<_7Uo7713>GS!-zSNz4ncjb_R%Vm2BNV2TR`u^}Xop-P;sO{h36oA5%fOh!%aMUx2yPu#w;z8hK99Jh z`@2M_G4l@Bs|RH;2fLG%l~>cOxw*&O4^~@#!1qYkTE@+;L1>oxkdLbxWz8k;=w<_M1_c*Sm#$zy*9-O^GhEsD~(O9g|oPXz|;*r5P05PLY=r z+Y<57-UaBwMcdJgxQIiH*9DF4-JMIPOFkwe|4te;O}lD03W-kqIoHTnc~7wZJnl}= z`HqK}hIySHt(SI)yV;Ri9MorYNIy}7MoN4?&Fkqi#PWx_LIBnIP)S5rl+4Dv zgCN8vJ~>u$bweSn7YFKkEh2Lmm#kFe4JULSCm3&T*S{^@y za(gCPLs|ZMCG#6ywjZ~4(RH_tn9+MYDq}|V8~rtb<@ef@G8eqzK304*C%~O&=%$hq zy8f|h&+trBxLBp)iOZbCh;k^T9og>nXaWLD9KM;tOgOtI#aFi>ip;jd=qhQi2Xfrt zg<*O`QJ2}F&!oP)(u~{7Tef#NxcIk{OF2u->rTj%4uH>5JLsevNfJy3J!}xqD|6~# z$J*G8wk7iMc+N6UHs+Q5E~zf_=Y2pjR=jYRv9D?jLhjU+|ZX^aj=3mJTqZ!8fVkf8gP7yE{%JpR6b4?drcs z|KTeI(wKZ`Twu%p3oj1!nPqs^FVOm=s)7B7m6U6=ix`K(lNk9z#w5Au>pIE(JuU62 zQou$wjGXI@=(4PKCzl0q;o(#NQEt=|SdI!r~6F@4&4) z;cMQwF|4Cu8gcCMmf$|Ft-j{0HNWn|yBvX`Hx~P?nHi6GFwXldG#GWot%Omm;;Wr= zpEKfD&{F%AGi1B1lw*x%E5?Oj-Ba&SX}r~G_-6rg)&NfRWvmfXyJthdnTvhNq^UxW z?t4_Xrv@kP8Tup1v;3^9moHzJV^~xPIDfNXBg$if0q_2H*ISyCFhxfBA+ zoW0r#4Xs<$gmj64Y=MPEQ*8;4lo+ZW&8rO+OqzG2id+M1oXo%zXAW%SXw>#mYz>FR}9 z7LI0tQGj?wI1$~6@WRbNERr@&xEYd$TX|7ZX)WYTjNXFS^L;*B1@ZFAp7b7~d#XPx zcV=xVXwY4uNp*U8Q3K9c1-X8WSW7H_q$47k6s=H260(+cAC}7m$~~SnnfZ6;MukDU zPS_6T<>o5K*6Q&7g%V-Z>{}Z2%bZ($VBZ2p zlV6p11*}i-&%`&DixQNh6qBH4HYx~3b&f_d%*e))k}v8T(jrNhDqRG0A_yDcoF~qW z*NvpKmzR@@8WE`;*@KE_M75)35N;k@gDH=Vc}0ddrO(j?_}Xd{Mb?;!d8{ty zbcZ%bY_qno1`--DV-5V=J+3VWsZpB+!t0hBFYG;Fq)9t;~b!~)IO)39B-tsvdvWH*4zTy27`M6 z0?pz11)@f?*Vyio9C{$FJ~>x~GaxCHC2za))|#X0hKFJ4=2# zt70FhYO2GL!JYpxz2R!l0aCBS|=$ZT>(NRXt&Y0rTvkDpx!^COH_Tt%|z zEUfsVPq2qwkW97~TT+>6c4yDWyf_~luH+gk(MjOhfw$B9=6fl!Ua(oV>tX3cHv7bs z_tBbEIgx0Oj8y-#Fayqf!r$tcjiNXq*)?QD;Zv7dQr_#-C|9!XdP#0Lv z5B1~p%wBjk!T-k$-ewg>jZu)|ug4^@^%EC4Wq=O_#HI8K;L&ULOY$sXVR~GPrE@b& zZd=*6!i95T&K`sEgWl{!H=Fe}kxr+6dql&Lp!m~e7+(AiU8mSQ>caE}V^7zvjEHj7 z-Sral;a&Sob|tt``3H?#xLf~nm=ilmDmk5rcOZ{}tcIg(o0PfiqDmZPmqhbqZ9$bI zDNjWP&k9jw2+-Z@jpx|R@)tVgODbC&qbihgXJt85hj=~EMCuSm#q5w3(O1)LRPYfO z@OWv^JzJ!bs0dtC`0b>{M!4Ub>@=n`*);1lmuT9ezz0u{)yHDJqdxXh)Z{&#RgfA` z4p;u$N_>kuuy6m6zJRLn!N^$}?{Rq^^$21vJ&L&Wuej;iZxc9F>1+reDW#`G!JAQxu!n?>z6JWI zrr3#CnI_Zh8_mAo9u0NDOz}6)WS$C+g<7X5kQCjU1j4VU z7V)5p2Tg2yx>m^Gzp`Ie)coos>ZoPn8s*$IX>h4S17_<826MZjn|M$?273wThoU)C zsL_H2+Dp1cx3utHKo9XMYXd1f)Is=0FHl+43k5A04}uUY`dT#PY%EdaFsdf6G6hAl*s~VA4%i)!ado_oh-6CQozN3a zHMww_B$b{ag`uR4{m?H27z?1awP~z4PNB3fe$3m_q%vz|iv2n@5^mE}sk|mg{85&z z9IJh7M(V{jRcXxtgZ;Tc6(pGb zI9*ohzV$meFwZ6D|MmVTZ>u;DVY_X!DF>`Q z6q<5doBX;oR+%`7W_ndEM}aTx3EGiO_i7IE>ay*UXOyOAI}xcgy1llGD}CH&&@NsM z-+hb}7AoNhvwM>>&IWFy&Djp_l8TihKd65dwq_b-%L>!NQl?=I8R<_nUL9(v$r$YJ zRR%35Typnm;Q@dIwPfNKTWdU*S!fQQ+85;13dm4YBU;=ifN@ z4cL?W)MCLsUKxuDPz3x!^&2EzSf;?6@{pBARs}19l31p2ke==TD82a2Y+hmv=9noS z($6jTup#SMfg6cuD#por(VZLep1IgzN!m)AY_Ra<7u1*}xu&uK>9o{yABLfshW96` z@Hcr@baKmr*h`+RW9~hFA$DX;L)tgj24bW0RDX;n{WO$gOXE%tq|uP&3Qjz33nn=- znQzT%5XYl966EDsrO&+k=72{Qei8PjXFQ~$&;S-}=+Wm`LS7|=UjN5=;GrmdLy5OK z$7diO?U|v+rH1)fDC*RvLLHTOu{V~121m5%ORls{&r2XS5Venu#}C{~L3uu6zI9h3 zS8^~=+roH41uXrOi+C@#ROWny`qFqO;l_FQHtm(@p`gVTE^KBUNuW9QT$Uw~VUjlM z#o3v=KFHRET-=3HOzN`UV#Vozt7YZd+kk1P z6vNmKM@wH+rBH!dbks+=uDw=f+Wo38yu zdJc1UU}DDzH*LG}%PyJM1aNcMfbn zI@qs7Jv3H3L{{Daye_^m+ym3p@n?BRUNNiqXJ|`A)FzWV88tt)ZcbFNChZotJ9w84 zZ>%+8$ZGC)LuBN;n!JP26mRi#O;yHf&lV(GpW)3~PP6q7L!D<@FO-W$F%QL+cM+Y4 zcBh_w^M9=Rv`Yk9s_5#7DLwp^>AxwD{&|;;^z|8Xu*NAuh@}2Z8{T3hOCfyBYJZ+5 zD32T!N9Ef6SufaFeEsO2md23~6n?eNx z2IWFKGzXb`bJWTH+6Cx#ml^jQaZo)q8$)yrL&rXQ+WB4}CnnbJz$F_#{b3)!c1S+| zdY_%$j>$?g-YZKGBMhy%g;lelYj4h?aB0@JLC097yWYC?%t1)LN#JK)FvH`RS!qNW zcRk>hNq0BixU{R_7S(~FdyJk$Mo0Yfv(fWF4<{bZ1?0b?{mZO>O#5f>g|=;Sn4vr( zaWvIxm(V;H83yG#gUOz^;R`=$ahxS#hpa7E+5Kw>#(ecM z-J{cXq1}0mjl~N>fQQ$&F!%~5iHe28yz`1fu-&2{#_W`&s_BP)-V=ElgpKp zqi=IN9<_9ve0qvMp6z9Cwk#%5W6>EL%6XQH-agbn6LH-c`p&r_H@6Gs;NH3Qo}PoSD>9%u8H5ZR<04T!jpTOCzz;(ulc9rD-1 zNqp!m>;UPWLwbgJLt|AqN(qVBKLFIUsCjwaoIL!XLL4F@@EY$XRIAnSnh!htx^k}R z=WiNFZe{;Htl2DIVFfpp&(~}0M85cUSZ`Yx!b?tw*XX)>2=YjbO2z^5zaQ{`A3s-+ zQG8_miyz$gzxprxzRevl|3RhxPp@6E|IB^eVdDfcntv^Ze-_05ut9Yk@ca+I@?U>( z6(r;fW;+A8gq!!ggoCN)HviZ3`}Y$3pY(nwBEQkEK6SxHrxO0_F8=3k{{OwU)I*n$ zPaIGJx!~$wo&Fyzx!mE|2>rje1SEw#JvK3+tkv#@nb^@bwJ-V~DZBr81G44+ zJH84DHp8ICvjvAj+hj-2G6T5BF#6LHm~UEVS9RU}E$*Z0k(s$U5crAL=iJ0ckpVw8 zuN0N`rjW^!9BjP7S8{oG-68C*jQqRd@B7IKU>DtsijxO(6wxlX#*#)hk}c0J ztbf02RuSeb>>C9ell-X!*%eKk;uuTP9({RCDzDboN5u@w=f(N`L3)L~j_(^(wNl=5 z^n2OsRXaM^#M}0As-Ga#?7^E|Gi@?A-T!_lA%lH`XaD4T@Nqy_5oznKEXMt|vUHt+ z1UIw5#a_vzqUJ%&PWgSygB=U8L7(@D9D7K?f-oa`4z~Wa#vYj-aM^nF52Pzh()^&r z<~+71{{NUNsiY7U+@2^Lrifh)Hl)epH-eGfT>c$@b}lYUo|*V%?HO(yM&mYkrTHlN z4yy$IPS4}w!%$sqa}$gsIR_U<;BjZ-ZJ(aPyOI%OJv!$X=0Z8ZA699wx-ow2K$A;Z zZExcQLw#zwR>B1^u=OJlZqAR{AYQpN1!ZQ!j6-_N=xl_ZW_{SvzYFTfLbL~%j{gnF zFx|^)edo5#MBW}@aYpA{3bwR>7dB+#)Zm<1ek8b=b=_t`gOnPrN9rAP{=~wK{h?!E^7&Fv9>-l{;DSde zmYyRuUu_V_wq09CoBcgUAArZiB#xnh!NkOr?K44z_aw#{A8mE8>G`;H#}T9W^0$M@ z1GrMJPXlhb><-!~_2}I(osPaaw=lwJ%Cmm=G2g-Y&{YHb=61DY%dakT;m`frU1JO9 zsHNr?gs!IMXFCRaTvNBi^EJjMqBqzM6SQpECsmD;Ry;bx!0zwXd5N{!v#>-E1B5R? znhSo7q})$z%->t9!+^U5@pXT-2nq^P2zk`yMZ?=f_&6c}?0{ja=;?pM_;7s(5H##PRqmqja#8U)BZ3#3D52grH|^ z4oN2Ia)BLzQO(bsteT(Kgm(|lRGlQHiRxZ7SW{c;mmkIoKmUm!jDe4V&yC46Q2w=0 zVoC6u4F}Bh2P4)`vjteIjaGPBD4d+;s^IP|ztt-5AZMV^W~vX6%b2I+2VTh`Aa41D>EVHrc zwFSS^SJ*@*!8JZXh8jvoGbs^dF|2{iNf(cMZ;Y zMOE0&c!KqpK>%)Ta6vV-w7$*NFYd3j+TJM*l%F)i^LqmFP@FGCRsEHd{EAawWMIzh zR7X$ z`qakK2s*;Ce+vIZ-c(9HEhc>!x}r*yXT)i;Il}a4?ej~jA}!ivUD59WDNAM}kvRL` z%xrra&x>GgXqMnaCpTt8Ia&DGTC=saQ>E$d8t(OM^uLOp2BlT8&J!-dy_;CV!IFbDL291Gs!8DF3enj(BQmZkQxa8NEbHr;KudPwcr3F`M(>N1EX*N`%4JO=com*n_eLhv0XLiZ6 z)_WEdEHZ_LBJyon`Ozn&S#<%9b$r2ZY6(?lA-d$h_RPmf@?vNc0d0!9EMYy{d+Cz5 zuR&wc=JrmJ79^zzo*ukT;Nh{%L~M~)Nw`9T{js#P6tp_3G0*a7ho|Hb*gDQXh*tv> z-t$0n4eD_hO>JKKSzG|_BX7_KZA1 zuK%|>*YOI6#v$I^LU3pp3(N+iW_ro5sf`&XGV%`flfAXkS-QmXEV~Xf??rT}AJS%w zZD;9xRNZLAjdeOp#feF*6i!qYie24OKtnTQONn}X-x;^2*@ZkEGbTFs>6=r5k#FtPQwS^Q@Nw69M?0< z`IXtayN{iNw6HnrpFRqC8gv81RK$4TUt9jN*wi$Spp9i&Ca8unOwM;#c}8J+5T$LF z-qV_Vg58tcZEI@`F(>YLd}<~t$pd7g{)vm5_8fbNIBAFGP7%vpga>X`Y5iLo9VoU{ zM=2!iR#V*>+Pu|KP{$qGD~Sq)387)hU$3~Hs}Z}!?zj*$?i;GKm>g<9FQ}`HJsKjN zV`%mjGeG}tF@-P)T6hC|PPLtU)fO(R1EJBmMTJXtlmQAaRZq|?n}tPc8`T0_6MU1R zO@o~2UaV3j>oD#ly=P(ME53{SH2$Tivke6$C*;gzzE+Vi0)4Zfe>q`f$eNo78)3cs zgJz?YV8+q@vASXI(3{+oy3KNXo3}L<=k%m|YF}bD=1W}Pit0el=*sFFrE)AWP2L{%8V6y2a&u_YkHn?MycV~^ zzZv7hxU5#>&_|~IY0jO=XPZo?+0mz|4C}a3J67gmcVr_k+c~zfZdT?N!q$TA`+eiC z2*sfbqX)T-)C9uP;PqpDdN`C+Zn`<#PNnjjSV*vU%psXO(C!oo>K#+z87By79r^^g z<^)nCFVnse!f!Rk^-&3pC{v~Q81||^gO0R6;FHRB-@h<%^)t3u2Uk6qs8YT zqf46#xy}Ujvda+_|0cVyOqaqxp${#(JPs?2Ag=KUBVdJqrk=$3<96%V(a8rMV)|Dh{+g>H zZT&tJvG;U=s+M^8>t)-I=_9sKUoS61iY`w}B*cR6r%i5HOu2j`^BuKkJ4t}MT;#yJ z$2`E+65vq}0}+Ec-#r+;ZGoeNp@v3pzAu@2;DV~7W;PqWi8PqayEe!#jfiwvarSBi zb180KTr8wcv)&+HP;qa5SCz|=sySI{JMAmec97>D1%SFa1_lHuV#Kf{zOXA!1= z7UI!>mfbOc{k$4@SpkyS7)_JrcSPa^df##IH4D+$-YKW2m1;MOH$CII4XFXh?oG~Q7 z+S4~i=5V4U!vK*{zTmGZ11oE=>>ZJn=2-~zXfw^hnhNj8r?$-7*ez(KE1Y63c~K=E zie@xm3c{_Xm>Zf$l@!V3AzJNa-w~wW(1rFz&fF<6m;DVk%kv$+?gGh< z&9yS0+g(F;exisKW1c>aIYGzFoC$R54-)QK=I;zO@|9PVFplt`BuMX=wfe1E$ln!G*JSXGl= zH|Zrs+mu_>g-!NoqQ_@WRkg@Uo-ve%jtP0-(2w(L1$@65Co)NUoiAJ^tFL2$3;}= z{+$B85Q^xV@#{;c6z-IfUP1)D7xw9cw@Bs-Og<)RwgfFw8#&OOg0??J4A^e*h_^;CadYe!>CZTyInkFUlQuK zuCs#XBL!;Ixbv|R?5uIW;IuOBW$+CGSCH`!A~B=x8DR$+m8lEW-KuD(x%1=6L@nlA_O{(TM8Tx+nL;dyhG8)S6$l6{HZwNjgox&q#_cms7 zo3Bjhz*c$q@ajoZ9DuXhPUN)YdbQMuK|jIQ%QbKOdecA7En%@KuhwDm?cvrIJ>N0y!j8$CRTW-fNZ<~nV z<7tNfle`CQ$>t#B=(?V9Rkek7h%P&FV1rQ5EW^n))>|TK;0LD+VBhqUHZv03|5-xb z=@Q!IgN#7AOa*0f?@#d?<+J|}YN-Y1`+>!z88tRiq#JTXwTew8o#3&NFwp+3RDsLQ zcxvK;LUE;QO`WKK6m-)T>aPt)csIm|jQQVe8Hf(?*Rs#9rT`Ts`ko3v!PBpbe!NHE z;3Gg3`4f-g0f=x7bFCxI8edkem7$LdIDf_y2rbk&nD<&)x}sF z8?}GC5$?Deb8HdW`$=aS7dEHMgxvi;Bx1F%z1dit<=FOfgCS6-g`Tz9dWn?#a3Ns+ z@!kJ}Qzyt#Sy9!h7nhUis>kE#Du(VxuIGO3?pzW;GWdOlRgrILVPotoQh*1BVQN*E_#a?I(`El9&6s_)BNU`tvHMjeJZ`D!%(*mahxEE9iqnfWz%b$0 z{M^HKB{&7>%uV0Eh`<8udb!31=Dog0iL*XyLp8v$u!1=!YF2M157Bx)e~sAg$Uqj5 zK1xFufi{{7(G?pEZaQ02?JG^ly{M!nk<=*OZ*g!FdpBr%b@Oz%a*)gOjlk1RJU)a- zdNjk4`~61itIeaq3=Ob;N^bGyR}>bG1vPBkd0%D=(;^seXD=`AP@5`F?aqjH{1!f= zoL?R>aPKn4LT-aFysj8~FnKz1E0_mqdWo%SuyF6_dM+hFzQ1|PVkEtVs;o9m_z$LL zim0BVKbgPQ2~M>1=jU%}OLos{uu~B~8Xn-OqJX7sASTS;rOz~QK+XRhc=}iL>0h0j zHdx&9UC*1PSM6s+6f*4uDsp+|Jf@}5bx*hZ9VYtio%i+W(vJG}2i3K*vrW^^a+fuf zj)wti*OXCnbM!M{A-5@-_x!^1YI^Q*SGC=%X3R91?$=#$Z7FXBBq#Kn8_dUg#>h{% zv-8)8&yAWGimiY1o?b_v$iy_23O7=uuWqj|FxuFTei67C>GS5sk-Ul%HzCg3-&QZc z20*~~0l}O<&CRicdfh!uYr)S~;wnz%oDrM1I^{=jMSKQW037%}c2M3gnGh5!l{Aeb zVYzVD#AGePWZSt%O}m#Y@cZgAOic2Hr~5H4Spck$w_YBAz9V#A>bc8~tF#7sp)P$2 z2gJHs|4B+|lrU<_TXi9r6Cks%9qjo z4bTuAl^yWrI=1&y*Hg~`mFQ$(t@~r8MTgo&k*B}tG)wlQ%k2+1c;x%o()N@O2u0`Z zQbN4zjeKj)`XiAeYNXGQ4`2|^9qAgn^$afif>30`yVvICku#^X!HlyYE!_E;&$sqR zdaor=NFKT~K)e49KN=7RwQktFi&TBtzXwwVooYiWu}B!tNqQ%c(+o+rkXz+pL)RR`8}1IDfUJUP0??fZECo6 z0O^8vmtS9u2+X7w62~K6l^VsVDOXH&S6(#UU3bDVtTjUM!))5>#QwP7CGBV#^BTQ# zMtFLIPye_MS-ZMBv~y9TJSClC$>PwL;^e-a#jrwR3)<_b4yr?E2`-iYsnars=?5=V z!VK-#X*7Y+A<6Z!XU5fk)e-BX5Cw*)N#(kJotX(Zi5mb=t0md~Il~Qg`K_sEGwT-} z&HWl6On^z*zEU|m&{@%&Aqv~t9BF{kIncX|%-rmVyAGGdr60!ty0*pd<>CwPkM}J# z7V{g!+{p@I+Y3{^JSUMaj>3Pz#v2XbX@?D1+&j^|?7wvl@ymOQg4cYcUvKq*+5~v> zB)2U86%*YY$pc5o!fpbaY1s>#030Ju>USuJ@uFu{ryttY8Sefr{%$&HwDmXFI=5YV+na z{BI2c#>Hw_if#v#Z4E$=>2Y0HP`U@-PM4*n8tm*El+Jz*pXLdrecWhV za;p>bqmcz+|L4$64 z#X%!%GXf0T&FGY@)tq@5f0yqt?N=cLwtaA10kujaxcUSXB z6&qiG4H4!30&~8tUFbaGAbmdGAL~yA&b}ye^}09|7?ix6Hk3x|jp^B0qvrI+yCW&V z2w_4U>YuD8wbH7pNI%r~Z@T%~R`k-Nz%kWQdl8)lRb?S6w0=EpA)+Ea&9qMkBjl=~ zAHaJNIVIuo_%_3N#6HsGWGjH1*GNd(Q`9gC@P=u82-0 zWJl5eNK6iFwz;jtpl;3#Io+<%yvN&wYqqcRrediJ9v{BNtheW6G}oLz4~nQgZa~#! znttk|E?ADJUhir?nVHy6HJf9ptr6c`4qeYo9Rn$b`#`u+@Op=50ZE#yyGaBP_3Q>^ zG<7lRe(hZz1m4#mhyG=C0iX57=Hs@%G4Jj6$;Y8yc9>{^m1Bc&g&@fclFhj zb&=#V*GKZY9N22X-0e_1*P|y4CZ3F#E-3_nb~XS&8Bvh>6a_u&K`C?B#~bjYuC2}8 zukQs1vnPn)Ga>Td`_hxHpH6RJ(&6DQvwrPkR_c3_)?5s&3;h!#?^=9jAThj#PU)#K zEHTSR{ht>$iy7>Ql{P%rTAU@#P9$ykM5p>6iXm^L97nLR1Bmr76PPkmup~lzm|Slt z0-q8yKWZWCC|Ph$o}BeM3`S$cosUh_IvvrQY8*)h9iUey)Irbn zh5!#;B3|xs2?K!^mQ?kg5M*w|2TnQDFQuH7VE)J=6#Yo;1<7@e_KlhFg2LESfprE$1OT2!(s(i&1N z6=?~?G7S$ox*sfRU=cY0?rtjh<{{4BzHn`iiYD%7XGDz&_~qPugvKIwqwJ~QKY)x9 z)3=}d7khgg(!7>wFRoD_1937&(^ir%LM^M^4|9RZAQI2#olp7_b{J8naygzH1XVgN zEGF{s|1*s6;({8IHXN7QD#zbGF-TPeo$qk% zFx@PR&m|)`DPc^kH1@&myt$bQ@mHf;F}vWCPgGqGBuTptZb%K#TqkD2sd7|sSO^SQ zBQm9yUlXL@PX~6Gz5(u1{Lm{*^a8(yt%?SEyy^Xe)t2}vi^ zri?GoYsQCEqR?J3k*qiPb9+j;fvkSGVUa@UIvR5*#4Fez&)>N`{B5-?VZ8}V1AEHW z9Ft4U`mA5qD1bdjIW+-Tq2X_d;0SM2v;tss9WKM$+zO?F@$rbsPld%Lk%Ul_d?SR0 zVY$0maB=*ja@N$N8s5mR)~0B8A`A_0 zK*V0H377X=$F)kr5%b?<>@4ZG@xtxFHt^PJM_GP8-c78RU=ycQ!&5)wC`%EJ?5rru zz$^cK7$1(w(VmOBIF#FtVJ!xKX*(UP%?VAY3A6f46t<0aS;`2nXXWRIyB|!zY99vj z8Y^)1#1*{z-f2nCFA=J8h_HUP?9jEOt#ckBWFqHT)HJUwdsCFw%Gm|Ww{OB-k?cfk zZX#^$AO;NBp*hfqtB3NC)6xsY)P<0#h^0(~Z4Ae9CtaAZGydGsvv}{T3wZnBH5@os zhFTNBjm~7DEh#0mhEaF1T7piTE>t_$Ie;m+usC-_1{12VqZX$=&O{cwRV2y|cB{*5 zJ@G&UJNnv7k(616LpiMze_L?6JG!#lz!4Tb#W=O^9Nu`3XU>>i*^^d_67HKG;mQTH ztGT5W3<#UvNjqMq5Z7}G@`1O#9<+*5@Zo!>@X;}z!TgTnDaFWYk-@>;1{Q=^H=(WW zZ>waN$NcW4%*q){HV~0zttUc^dr_X8iZ4GQjO4y6*q2<4f(}Au5{BQ5C@?na!-Vo| z#?d^*z@&hOb;Pz<4cT4o3VKJJ^0QFPbBdCG#YM3ZT@Avwf7W0 zKFIUpFrVi{CJvmXe2=hWrK1^TrS-Td9%McSDHAO0ov~wuGYr|)mXT71v^jEkdoNmw zXr7nGU6m-z%#gZ@l%n6-dm^4iSn-Y;7-*}&3Brz+67s%>seLob)Q*QYVoQiMJT)6p zl}Q?w&yM4@eaZOpcpk11W>nqE3W4^76Lru+V|Fu|i7+DXAC|!x>$fk)9h(EN$Vv;w zow+!%{}kTYa}n=wgZ!^j+XomCR&~P3BTS*3W0t>h+s+>bYDF2%yMjW zqwaK;BIDe7{O7H+(z*ZDiF|1eYL*u8vo(R4jUDtltI*TlIzcxD-A7SY7EYa=c!uve zk%N<|U9gPgT|sLAEqO)AzFvm(TZ`AvhXhRg4h4BI>Z(9`YNg8ZAp8eSXFuE-!u!!c zEwYQMa5!sbjWKa_hmRjoqFgjlnS2%(d#%YR;EYwyEOu!qz`Iv?{~kcr z1K`EesG}S?nORD^+U9?urvFBfgdLF$p}nCGW)4=cb+TdMp$=RudXY~mn0j`~3X7~o zDk9ev8*u+hFT`1rQY14SZ+@78tAv5?m0$RTKjh?#2YIg84Avtnziieu9W|pv7@^%Q z&CkOr(NU;ycTehK$F~vbmwGBubm0ho`p!jsaa1m^Y54k79dl(vLioX#UeZuL-_RWeC+))3Hy_4Q9+nrfh^-06(`vT z!?qF>=VasLRA8jh#dIVhk)J){9n>(;UWG#^%23GyvR>+@lPkL>pIRd6rcrwVuARS# ze^WO{?<)Do7Txe>q$acFxoK-J>1Jy)DYa%O9B_(XhkLgy!6S=p5v1FMWS*1Ednq5o zq>*T;LuOhQ4)Zs^=IbQy0F|0H5`=$8Cg-x}3|{$M+=Em2%Er0udQuh;TKj)e_-6Vo z0a?s*b6J!lf^A0#$2_{m0+3GJWMriBun14UZ?^lx&$0=5XH)R`$Ei3;J4--~dF@8M zl_ilG*upJ163^ZnjwpKrXtWg|eM}zSmHSf3Ik;HfObRY-IO^8p*mcrSQ6DAMAhH_* z6Yw1(Ntk0oUAwRt)kTLg-`9-O3Y1`0F75~n z4Mc?HFpA1*p=rSHBsEZ15zj!yD>}PaO2%`s>G$@UIK|2BW6t`{02Iy zszZe3R);;G<75SWjK0xZfRU*gV%Dz3W_xw|1@v236a=*vWF9LZVWJQuoH$=n{alSn#a&d~W zt>Uf`qFl4sj>swYgz2_4*2EAyl`FZFGj)0k8>l9Hxjs@-uv5IFn}1G%TpAgqzIC^< zFd>wb2gY#H>V=H3?*}LNiZ>)BZ1p;9j`KpeK|9*BlJKWPJVSYL9nd8OinB8|$J7xq8Fj*A0uQL*mT3P{BBzx;Y$z1Mt9i z7Gt@K8vWKnoIi94AAEccLMBtHc?+SY=%m&MXsX2j~pu zF&pi<%8Q|J!avQB@P_DkbfgnTsG}ubI*`>Ce!vj%aXH; z1MKX`^Eudu?$R=(wlayW3>V1R2TMa-uuKGo%d_#u<$7M0W?1uEn8Ou0uaS)>0>c9F zc)U6E8*=dVp=5kYNA+TE^|*{wH1=Y|z!;X!j&LK7V)M1D$gS^0naCFlr*UF2icAitiK z1-YHbNT*3y>#uXhK(444K|T(IjMhOzVLmQgy)NlRF_Ru{OWX0xCEfg#u*zRv%%7l}l})`&&KVI>_=a9wtLcQuS?iKsz-!eOJREHary(YyQwaC9 zj}UB><@~ZSd1$0f>f?po%bFa2yx5C?e_`DOZuDu_;YuzpUt>^#dLdtjlBS7zakFzM zDyRc<7o)?R@*W$8@2vHJvu-Q0k6&hBFCF`m2zAZ(6*3T3-y>rohe-U}GYMjdk&;pr zklVF}T)|>5IvVO`-V3f-MUVc3y*SOiINdNf78ulnJ-<6V#vLv+c{Qm_LN~UfoPi>3 zLJ7J>#$i(syR#X9%Dvw)hylxrR_?z#Z0s1Evm>W8*Icut5UC_W?NoAj-qaje*5(uD zMtf%iYeFPfrljH;eH_8HYQ(kojf}>2KSO9#XS2}13@3{xMcWk<-h=`?dz8tAlexG$ zZdb@DN6H8h7&NdWatga7E&HlaRYMNV${T5W4J{3HH#eZ*S`JQK;WJVoCCYTTFDja zYQ~}%BGr$O79;U|l>!%_HjK_yYDBHN3aIjV|r0q-+}hlHfS1K!PwkV(hCbFN=}#bkLtyw zF+m=*7&J|yJ)ulmuq9LH8%lV~7>KqdtmpUdT820lacI^P^72Xw_MA(@!OMk6%b}et z5%x;RcQenNF4R@kBA2}6tW#ld(go{R1R^2a1>WZ5>1}NtEnHIK6o@22P>2uKBzPgp zhcZfd_HObx^eIVrGmis40$Z#q4w6~5@C<-6sCx3LXjtb_5R zJHy~*)QOrjp1Vx;e?^(Plt=qm-h^r<2}g7d;N<26JMu)LvWk%PX44)g3geVsx3N~9OpqlCUp0}~SZFKV~NR|a19h2`1 zN)q0=tkN=Yqdc%{EspXa?pmRqmT)mbUyju22>fFp!>ASUGEQ zRvCLXP{EU9?gKugSMkO1Oq`%@3Li%3 zW^D(#vUv_`v&+(%9KS+0>)5$jz|5QyT4PCD9phGGTY^7UJB>iAsSta401>%b=};SC z;<}6e8-K58Y(47+S%5@H?N#o2=pod!us3_JvP+Tny0D!7h(fYkKH$+B|`Y6&Hv4Q;WK+;e#si;qsgiaew(aY1MR$$rBzFj%|y*5KSaID_V$w#%@ebB}&O>+T_q6Z$ySux57NR z4x_ftkBtQmTnkP5TEf=JhdzCy(Aa1^w!|7n^aYbC5Bra%lEy#FL_%K8x@4<}u-| zTT96DQ>XCOr5kpjl=@TC!gH%Z1J*94uyZu$xuM4ROgS#FIHa2yZ$aN+VdaPwo5GR6 zJ&Tsx#>szjFMZe$kk7!1oS{e9C=9VM-+2=RbY{A6)02vRDoJQxo1rU0N^=BC=P!za&plf$ZXSB07^+530C{0vF0tR1ip3Sy0>CC!VImCM-sZ&^3=}Sa7$BJZ}XWZcHvw66X zQ6|}_Di-jzsO!VP)B^q%2Cy>jqOVtjTHeRId0uO2*|3N-lxRshJpHwqJhsNN<>6Qo z%C({0HPc|BI(;1jq6sF%`OxQcMlkP7X8p~mqVkF7`6d(IgZkFA4?!$Aj>L8!H8wFM zVm}Lwk7p8*WlS*#2DMq3WW!{$J#0zwH&l8Z*Bg46^j1I8QqQcktC-?-OL_Sp^X5fM&%y4W3IZu%H0n~QPgLNY$1EjyK5HWtHSQ7L0u-GtrOHMN1OgEg#VwWzOeM;_0Mn<-FQfHYTr zZZ7=o!U`;`z`_bFtiZww{GV9?;a~*%^P*zYi{5(jqA)R7P&5A!STgcP%IKhYgoR+^ z=9T#FLtF8)XLjSaeEpuUUp=)2KYnOA9@*f50CIaOgOrw$w_D%R0iMfN;5KhMJau&R z3BPtYd*;qr)Yq|!Hj}}~M11`DA^h=uc4l2-fTc~fZPXy#sC7&v!X1oZ$K+^1W+vYH zNK_#YLQrF|rX8KF^+-ORg={8_+lRbzL!!^Y78A>rOwEPr`fF|f_c z051d@gy@Y7_PX(J^7nW%Nh#hVf)BSahw-N*bg70exfaQps@77CbY2dN$gin5nrkXi z%&O<&c2Vc63q3tGKEv2M*gXk$9b8~1>*t5h;I$8r;*|WS!sPH17Cl67GLbWgwKIA0oWQ3UE$luVh8ekk-94QpC}9D}DD%wAANdYTrY~|sR2!; zdEeq3M37lr+@se9ApHByP3{8F4qR|qvxFEsg*>*iG!T1?i>MpkVL-JGBo zj5&!lFl0huX^;a<4b;)ZuH&m0((zSM=XkfCkcZ|x@}QG@^ipjv8cm&91VkNBK=PYu z9ZvAOgkDUy4!1Igr3z4ZMsBX~3h+R%UN454Sah&I6ZWHb2O zuS3pu2P}%^<(OTwst#Qf23aQU#o6nMDdJAFceSCcMveT^b_fh-=b|^O$(d~N4fMjc z2uC;?3`sDqIVCsOH>x(k=c_HnnWLxhMN&CZ>xQ6Dh;*MIFPQ5xh{A_a>+42GSrHB& zOd*;G_4rT<4(E&pDMW0yiSlstN)hcJvs{AG!I9lFgrsv)bs^^XK9(84!YhCQ%Mh%z z?L=2z5(AY?O3l)RY#vD7aZl1KsJEc8>>A$wC=(~IcYp|b+)pNc$l08EArIH9*g-dF z2s0+t*Q{Yc)MzRs?#<4D*fnTqVG^N92ReH8h+Sd@J9c~8@SKha_P~xXTL!DTkWXm8 zG8RP4b*QyBGWeQ;ea92=MLy96s4KSI4@U;@6@8h?tX!NtdPO?3N*O(rADa>yPj)r~ zw@f;>4e`t+w>QuH`5tPmwYZ){y<&I$SD&B4d*@1Vy}h65bv8M14tbf`c>NT4{6t3; z6YoZLgnHz^-FOBjLk3t_SVm~dJ_g#o*d-Tc&bP9g%GVR?SU4GEt%;7-W+Z1fqMy8x za~VP}`YMYgy%1|8*9$Ly4@oa3OT=V(Xuf_~C7GPdoRqy+-`<6^DRJ0J76L1Fc4sDD z#Rp$p#Op_^Q9_PxqHRh;$oI%F<(u%4A6;N#OxOzz?ki~<)^58EKm6`CJijv%x4DuB ze45Cco&y7e8`t6I-`|K|+!Kf}b5bcNnUtZWHTS*)XVtWhu3f-kBLYgHe&q-dK-{=;tW1LLsX{9 z9u{Phro@-`78YchYv{t&-<3i8KvGLEnU`?|2anOGNoQb`Yb26AY7CFo|Trq?p}wVaBs!kM*jNc_qO1<`buV;z7w`;ZvT4go{P6KD_$BvI{`uejU?+a|_4AuDWdVHUTI)9VMMgug4>Ka6t@Cd?Y>c)?r+KQJ* z&2ona3xISbk5wAdU6Mtdk;|6g@rSmM24e*tTg74kea&&bkjs|4uOC+5#(U)>+wc_#XA*{#AIC=nMg7C&QnpJ*?4`A}Z!4bYO zgvXCGgR?euJ1w8*a5<{^xw%=pc@sUQUnK6O&5hMK^d%EJv^$OJynhGyVH=AHy-ZlR zM>$)`!r^5uGIZ6IVDG^!WDsU}{z|O$B;8y}>M^-)?qz|M(9L=U-K@+amoIhm^@|PT zx*6!{G_SgOODiq9t1W%7?)J6#*>{%XnRUK!^AEx1O@z9Ccnf|Z$&}F3E%^C8q|%CK z(${vXKPqFo4Fxv70oZ=W?fCW6Tk+g3 zLiT$RL1WT)$#~z;cVOefk{H~52hXu5c8smVsJ;97lN<4aJEO2M!d8MKmRmX_GebBy zTfv+OQ_YSNBqtW*?3g^re?qOR4{artxX63y-}jfHxNh{;A?_HO8hVKFv4yRf4%#Z{ zH=ko+Z;nWwjwa?LpSidI$3HrS^DLC9WI?sPn;SMb(ubMsJTMM|3L+QOvvAkOfkjiE zBq$+z!;HeBMJghqgcy_FiMn6a(1`2RYOwI9kIVCjt`BXWDGaQLbmPX@LP4HX$R}*W z|I|?9Ev<*>LODdO`sl-xM3N#MQ#a+r+6K`}z2T^*HO6C4|JNx9-x2$za86B;!-tpS zM{69Q%UG7;5Vk(^QZf=*G+nN41xM<{56PL}YN#>pr)lXK!kVanag-r@^#+s_7UJtm z)#xVbkFsH8ZHvG~EZn$rgF<|ew)?S_cw&=3VqEme)jmdsAS%YhnZ*L7VFszRd1lRa z3)Gg*EXE9EEcl{}D?~utjhl)Jv2R}z_I`SdMW8Hxro9w4N{o6I-|oL$jH6j?6b^2% zEBUVp89xeDuMaI94{YZ-^uqm%aPO)xERI{ovzsx^r+4EQkF3K(t3wdaxXY>y>+sZL z+wrSsw(;+YPO+Q_g_|(q)w!LIG$BA(LS`-qLP#(*Xg@z zXd1&mlr)8w21@6qM-)r@Q2I`!B+;m?KnXvW*Uez4O4n_n!2TVG< zQFnsSO06B34z=uNzJL5P>?}gqYCQ4CMm)D81k2sYk;;FRyF>=;a`W)?!{+-JV;uw0 zE=qsQ04_H6xNoH!jP$w*b(6v5YsswhRio>gpO=i^{pl#)I8%l4*10A0^~guLGQ=I` zMtbPtMJzuf52rc53DxJ~`B*##-P#;x{~ZhRO_>`j3vJK-S@}Cg zST$SQ#7=J!f!EW6&KT#g2xbbsxR#M5>BYY<^3pm-y-xUb##psB5-#Mv8ptlfbtb&8D1Lx? z(bGyqjxpVgV%76h-E@?6Q&BIvrOFI;8EG;2%4m(QHoKQAh)O{C&B;R~ABKnX2~j_Y z##TZ*GjU*TrTDH}S%;gSgQWtmq_3kT0?8{p$n&WFOpKr_N1lHa-;FhayNpnb zJO{qGaO>3}P3?sD?c_#s?_tC4I|fzcG0uKMwG|yajMs^xA>fApcZVtAs-3Vp+=9u` zI-LAG2`Qp`b(Tp*c{#ANkpv0k%&WLam`w)C1l7m*U;+d7?(no@*FLLpbhr+7wpP<{ zz~0;()Cg!@B6W?iCxfyQx^fYr4cS$C`(`})=oUQUHw@#B4D35sj)}z&b6fF#7ARHJ zw^D8xj3XDg84D0x=k^uSy9JbFOUtdxma?C2Br3r%c2)g79hihvIqOW-n4<6QZNkOO z7PPZ-%Zc2Lp>fd&@sGd*KYbcctYuf2At9&>ui@2$&FCOB?#+${+C#ZssIzEI=*1Lw zg^;<5GI`{~%PPs_&CW^wIakVaoUilf|1C|#v6L+AD^{&gLao0YYLyppDyN(D1LP+p z)OG;5zctAHt!y~3Sj5$V$On{(p`0RIA=IdxrbhAo?(xfU*FC%NQi3a7MZtvhk9usv zW4HI3yYSa7&RFC;zvPpO>(G*#g|v!VWKDhu78sd1IDmCS5cyGa(hnI+evR-#{IM>U zNkq~BHCNXo{ZcyeSR|pWuqr*d02xFgXwlY(rVTrT99g)?E>%T;_1yVFl(1V!+34gM zo1b2cYSIn$nc9(hh!CDC^P0{sF*+v3@ZGivKe=Zy?usTlkI6U-x%6QpLv#2C#bDcg zcj1-o&Iq-i8lkm|2*sw|tMM}ij3aE!$qRcUXsk&tb6aZ$gx77tvv3>d)m*!j9PXminXWRGUjVGyJgC@NE;SkjEpcj zP(Om6>MnG1jhmQwn0$^Yo2Vv>v>dHWps!0xEjludJV*uy25|X{12}lK2pJuu^sw~8 z_n!2JgM&i)UEH;zZo~b{y|KoF&Ey44NW6R)N85)#K%Y)G3y7>D*G(6Di+R<}d3z|@Qwv)+Jo2mi@#K~eB(QsSR0~DL z1dAdg6R_eu)Q6h$52t$%ptX zvrZ}9LU|^W;a?oXkwy(BikN^~;fs|kCUIB01|c9m0Y6PJCbbMHkG{N!!x!?Q=pRe- zv?c1$s@w7APjACL@lFV{)SbZjYhmVq$i<=9xSSoEeEV#PNY$R5lxb=fOvGuxK$rJ} z`ex)Qfv^@niilI>l&~YXfyhIIp|;`Oh`G*5L-;04cvq2{XpkrqUX0W5Z$=|7s*SS7 zHYAs^h>bKy;yiK?=9Fkldcj1H(=12&1tPuV&eD*f+E2~-UGjA}Bbrz$L;<5A^jPGT zz%yk&jy=)ktyY_i{Veu5livd)@@Pk_OCZVti@C;TYef2ymFptlMcDJ<{A^?p1?MwX zqA8=h6Cd$ju@3j&wH41Vawdw4JU&Pt$v%XIGrRDQt#=tKM1B<2l=u-$^ zd(0!7cCE}fA1hNG7TLC;Rum?V1@U^DnvwPOVf^({F9^hUbHmgDv8$u;)T6OHyXoEV z=r(ooKCxL(WA!}kh4KlD5^*yuArgkL4+bqQNPYhu z$v$LHf^|@1nNtPz={lj>MbVkHuLs<@pUULKfe`t^_toP2TFBj9&d=5KvO~K(8Ar4G zh!SN)eY0Ruqv^Ek=Z< zl-U)iWx{*FjEHwUFZ>na2y@xMg@pH9R%_wC3oEd&0t+j!umTG!@c+;X$ka3;vx`Ek zzb!kL2|L+VgpWU|Cj`>mlEJDxvP{pC9T`jTxBCLH)|EjZRt2UVKZrm4^w-$*onK?= zJ-^1*C;x@#|9l)@q&E_#Ptn z`11#(IkXm{s_;7YWou$^$P-)c-odURR%fqpgFoTP{G%3;Ywb2XdV3Ij+uKlm=qr4{ zHu#L2$ZJpgOmmondvoKh&!Mf8u)&>}kSlVxWy1#H-TDWhnaRsM|2==UO}LeR=N#Gz z!=!4yN}YS*$-P(?C3KTX3C^>c$)Z6fioQ)lhY(*r+aJQ4ulxjOKX^&C*I)0%Tlad- z-(wgsfWL@*XeRowt*S#^Nfl1<+vgOwqdZu7+mFk`m9Cz7l?R!LE37@kup^kTX4>ph zV^?fi+N9(N^`f*OcU(7jKXj+0o8OIh9@ow9J+o2LO+~%Po5FKw3{x{bCQ+0x@d&Ho zMMAE#rw@jPM4n(!eSFN@I?Qbj*0hsi2>vc}1|%#^2)*9ZgrwvK>dlSwNWhqTZn_75 ze|`gA*x)X8jzGXo^79V*x`g1LeTcnq@CurFFZeZW}aC)M1W8y|w>qnnb zeJ{m+{&oYtw@ic%Z(=aP+RLQ7ka0z?u#bu8tWPc=rJg}UBX@+vt-#CAufd(f|F`cY zst6(LfA@O2WJ7NbpG5V!PL_u^iU($tN%=RsuiZIky*T(?KS?jhv<`b~JB0g;ep^m% zDWO;Ap7A=DRfdxK7U;7u(%H|0cAf}E3XeXDUc$tWhb7#&g$<20M7+qMudd{Dqm2sX z8Rleg6B~@YlQjqyVv zh1ZX<-%y+OJs=7jyetquV+SeE<)CHw?(^Tn-rwxPPoh{C7)R}c6Qs^1VD1vyB$ za0UNnm9`?Ks)4l$0!VumWokgbFcVikd>apPA6AU*$Bys4fuH~D0ufVM(LEg&HfPeD zPYM$H0g3$Y4$6Dzh85Ux_cE-vCbY2{yA}84;4-<&zwM)#1x~5-X^L6)U`nc_+kf^T zc0}02%b^bkEv@>gqDQ{#GJ#NQcwy9FB;na6BD0`hFSQuxXJ$?q6e%p&p`Q9NRC&Sgz9E zC=Qv0AJ#36#$UF(NIrL4UOMgFJG6JBwobh6=kxs6N2$16GSL_}*R~>`iK-gLp9W~7 z?t5S*%;jH$%rkS1JEF=}huy(cBIqbsax;GPUTT_#C84l`f z$PjN}$93)*Jj?ysFt%^<{gY(!zb@d5>$3;gDlg_BBdr8E+O*ZSi?J!%0G>Qo1r>{_ z2dRQWG+}MXm|t22&R?7)O!9eB9zc1B^dXv-b`jE!eS#-AhqZj|e)%-szt#y&#?HwPFWci&D+`(vYfP}_{ zvCG#6Ce5`dOJ#QxNd%h+#W~-@g4KTUD`K#i4wOwx9{JAB;SZlC;;XAwNXe}tUtATg zUeCwjbIEw)tt1>L&+g<77MVG@@FM(id$=A9Tdw2tgY5Pov9#d+`euhN9Xks;XX@-c zBkUd%AiacR65zUIoPjT^q3_tS6i=*hLJ*{buKe|WDh}oGX4=z+o~$$Y`CmW0@o)0?yqAeH>@pM`oVPLukzN!&wc1c0>WcF4 z)%&00<%{Hi(;!4|bPRUiwHYtHcpqMRa5=l@?cg*}hV-wG)-2X=YtG4aw|*$Zngf9%}76~Ftz z1Ni4l^4Bi>`Kfq3wu0SN{OnxNl9bJ%vbJHu945=GjFt84cWsq^{~z3oUvV$i`;*gF zrvuH+RXB90e$D|Yak)^}FoU0~DJ)F1*g;H=O7g9WwU|>vcp3#$*CYhD1uv-Xj^wAL z{HyYEvr?K&yICF9VV8}In+?qMv@y^sIGBwQxo!=fd-NXs^~dtPWRmn}oAI0b1F(uv zqLVB5g*@0XKq{99`+yK7^04!!<-yt01<|p=@YW%>UwRs@6cbjsdty{y=tX5t=D2Rw z=@Rypx_Q^V>TH%m<^0Hh@#+Q!CQ*FnUsZ|KE*%z?1BM*5Uh8KLF|(Z#~2VRAT& zf*&&nFRa|P5zjN>zb4oKverhVUo1uw3yOv;%wSD>t4i)d+KWj48TUdg$B;U?T4hY= zwh9<`A}yGk!A7eK%@+^g=dYi_hwN&|Zn-(mF!_4R&kz?|Q#cV?a)3n$jrl|@VF#xw zHAVu;-=A&$OWCG4!V3A;qH@lcIk!<& z%o~dw*o|JCjSmkJYLYyllWAlp>amb51`x?nY-BJ@xLfWiyMkGBA<+;x1%~1FovZMZ z+q@9tsfn8FWyoQGwM|NRTf&)1I^(e~y!koYn9+cGADRdIP~N7F5ltgF*iqidv3Tv+ zVf^sb3pkL|fNJu&-fY-k$f=>88A82`$=pHk{klffG&E0vvy_o**TgFpKmPH(czNu+ z`RlXW@Z(*9@EfSW@vpAn!=nO9cjCdTsl%>BTRYYFQtYRTphZzFfGgm^^>r+;KFSI9 z7UVW%0Yz?es_W!o&>I~Q==;Ve) zcIp^ouo-;^J9=R?8hCWpZbNHrCC=pbqLc8^Q-&7%hB~=d$(Qk)kJ520w*sm3s}o5T zaPd+x@&(MasXhHzCIH8pdZ&KLT>nNSybW2cHH=igkPdHVMcbatZj#4-Gplu7?O zoQmTah0@(-^i_Z}CsT3cWcK)8xLE5=*^8!Z(&~JDl6!cOR2R8O$|;jRf4z`Cd1e;A zdiNp{$$Q+wM6d~cFXji>X{BUNT85C-ASRTsGE<%~!80-v}kz=@l zHi5+sy`4m+VBrQtcNqT^J?_?47Kn``N{Wv&RzwgA)p2r$y=N5Bf|XjMaN0%n40s{^V^g-_+NZhXYp%aX76Nn%eAAb|RXOp*GrcvXOW`35UoZ z(5+C2Hu<~F35&br4#oS?r2oDv1RH!N;cu|hRp_Rrz^Wh9&6eqkS*V*sy>;WdsmXTS zaVo93Jm@$5UM(gK1;TmRdA#=7RlIvPAD1ap*RsoSYEK%{8#>XT&15XkhzYu>Z$=;1 z1#3LX@2pMwv-4RJguIYR$v&iB!+|5|IB=m1&D5_E8fkrUFb_5m>2#w0267=!_%U+ke~+xT}`M=yMWIU$@ko$O&Dq~tR?q%9M^5}ifF8g z^hAVKCt9;F;Wv8XnRvfcXb8I zN}2o}GKL?MgB~opmHVAj-c8ymH5(IH@a`l^Le&PE(9u+eO9kYe_Hcz8JH3O<`Mb_C z6w}7kvCw_gw21SD)C^XPBdHEXH80ZKUr7|EHr`!$E^9F1ZEsKbXjaw<#J>LC4wO;; za>mc88+({l-9i5K*@Hj*9i_-FEWz0vKB=}bq7niTNY3y8+UnT&Fa(&e!6G*sS4EtU z`=)e=z2TW<#P7Oz0G##h-{&c=BpUJ_ct7RzUd7{B?UUwVPf{BBrkN16^SKIVBhL<}F zEroBOIP7g;MJlvl?S5#smf~7zC(4>fjruSX-t8$xC~hWFoiV8dorowz|HM#{N`Pww zTOR~Eu~1Tj-TBqkxKKdkA|Vz$FO1l@V8KlpuB$^1Ce>LT=?4ciS;%qo z=Y_gV+(;M3!U`;`z`_bFtiZwwEUdu)sTGisLr}}i1xq3wS&1n_YiTvoc+nEju`2j~ zb6N`-lLZ!p;awDE4GY~N)boOUE{+|#LLS!9*C&bP$Py%l zgS{B6Ex`U0iR1q!f6u2^STQc%BNCUlFb7lV8%9TWTMP11uHw`+LbDTw5Qet!3JSoQ z4Y61g;R=6V5H)&hP+ZJTt-KyqPtLzDsOlW@iwfpE2R%CaUgW9U5oiKa!rqtU)*v^p zd0d{v8W`}>YQ&2%7&H|D<%GqNxbwC++_`b$>kjdEgyXt%nKOB*w8kJpXO}2tbI31h zoiK+f-(ta}RAiVmhdVaJU>&*7>^0g@PQLhKr!#S2j(Z^^?4yybBO)S#v0U(H8TO&R ziV)_6HxnJ8^HC=<+{YkgJ_EF;67k8w%c{N3FA5TsM7f$eBgmoU9jW4E6SQwIl6p0m|BXpuw)$ zpxCiB;4|MLo?CkUIP6{@jdcu6+AHBlp6fd7Wb#Jng;U#bMX#Fsx-Dsl7M{Cr+i~aAFne7$_NJa9f}IKO2&Ud@mOH8_l>EGF>w` zdAVWb5@$Fvn=s6-X#rI&Lh6G9T`0+_CeJbh#M(wMck;p}+Rj}oJP>3%hVC)DiGbj9 z)G)I~U}zAQ_z_~(Vg#LSJVVa1!k&qKRnB1}M>j+Vx?`n>9t#6lZJ$zwGA0@odo0^4 z3UTQo1COfe=kauWlH7<^CVofHUk1mRa0rQy!7_hBH8z(bH7OgXirM`;YjK=NjBriZ zUZJhUWEkOUJG+_8G_v4x2V>*vIBZ|+g(c=)C`e1i{^QxWK#uZekuYJx#gIulQBZMf za~Sg@*liLJ=7B{a4A{sBzuO~%EW&>nLKo3Y3a(Y5fsvqo>Z_X{3+vW}LJuMy(=!*%_9cPt8JZpH~Z1iFAOiKyQoJqwO$BNl~PuoT=b{(F% zhN9z+$pw8;c*WrRAZ@Im&zauir2kEM>lVh5cHe;LE?O**(&pK1Alky2G;QOb)7egO zM#*G7ED9rM^fz#I815&!MqWOH+GR*C=YGkF+@Ta($E&lI>`OX-y7t5YP0*^Na9$xM5u>3i%4m= z`FHmI?r`UR=?fdhB$9zH=O^o<{8QeD#xl@5h;Fg3u-N!^X8sUy>YDh~`g7oGgLOd(~tl-1#>Zrpx7FZWo z^S`C!BmDs)(4-zKKrUO*=Fgi|$#mV+o7B)o`%sRw)Os{>oyl~>(SdSye`cgqOSE7! z-3bh>?BN|X^^PRBad*YA=yfu0wPYumfK<@U>2^x!=Ew+(c_!#4@1mO4h#>#$?PGqd z@MXnoy*~^2m`KwyGKaMf(UaDX{{84H8oSm8A=+A-iO`!`uIWEC*oBVzQXD^Y8HcVg zImr9DF#RGC)>2T6l9nDxH?^1;pP-v8R?{&yfdf@dOM|{aX%liwStuo!ck&2V6%%^8 zglIGLe`MC?EOypb4zJCkDt#L}ETVmlb{oO~Q7g`$Bh4Cpvf0i*HTu;)G?^{Woca~n|!6&hLqY`=I>2%;?YD3-Oi z1YgJ-V2evK)b6uWwui|xo8dJ}8VvoDO5HekG)2~}Ck-+5hWRsq8A3HU{RM zBbAi-GRMpjEYJR?QGS}yZ!g!pY`D>oR+s+46BNgV1-Up?SRXgJZHNPakAkmKEN%&E`G71G9HV z!RWls{(nbY6?NWF4AMle8{mNikFQd zZCYntM*IfZpmW-_32=hKMEt~I?r+wmov2-ex7xrO*C(KI!Iby-mbwzRG9(#Pq04A{ zb5RH^`69Lh1Qa>8^l)h18XNAl^3D0ntwpK+)T8I>R17|)03~xi+Sq8cu!6%{<2ul& z_eJxTsq7$ltgF9ChL!C1dnh#}<~qiqGcpmYxoHs2=HNv4YS)CM>PRLLu?x3o5+D^g-D2#-jFxCSF;tW)ro7n^ zFsJH63S5X4a~rK4apF@4V;O#Rn8(HSI_KmlW{P?d6^LF)sIvavt|kZ=ve> z+B2q&Pa_%R%@Vjpwcnroo$rq_pB|bx%kG$e6CGG5WjePccCM-4Plj8F8PkZaDdN)o1G$qPEc zP9bzNM<5*3KrHItshWeq<<{mBX*!pq-%V@gmiG;J8_%Kxp<+6lq#bJea8 zyBFDPe|lYzb=h4K4M3bMx=#AcBh!CL|9hwM7~CIFr?2?uy2JbN@~nCyVH&U4#nH!DR9l?Fcn0TWEkSXzZXt*xKpb5F|Whbih; zDs6T5sX<}1t%DdHDJ2_?C{#G9wia~plcDrQ>_upWg0-wI+{n~D_*mLL6L7GiidFXv z-DnXq#i_y+edHticpBiy_TkwljUap;M>d`BZ->o}QJc;Wlh4$0^z|geeDrT955%#3 zsC@LyKT{)51~+ZZ|3eWE7`lSU#)~T(>avIj6=oOeaQB4bG#Yv^yu<9Tv|}!sQv`(xyq!Z@JTs%xKdQQ(<5_5V<1T|I&e;f@ygH(0>PCgyrym|tDKK#b1okG zOT(mY$8*Z7XZ?PT&J0{BGrN5Fy1gsvkLYT9oRS_6Avcft{(Agm3QY! zc2ui0nL6qe&1~P#95d-1zmn`!zGa38v%nRYvk@n_JAoeMN&@W4f)k= z&(htJm4tAJ7j4&QlA1?2srH#aE=QgmhZm2L5k{~`Nr@l-M?_;azD9CO;fhP?E!*~; zXI(3@Ph=h}io6pNT2i;L(eOE;2B?6JS#_rsf9yv5z_($v!v~A1A=8&un{3j%?qV+c zwfa^cRfkXeA^^fOhiQ5GR-+Bo_vlj#|yOWMq6>MI;@|6lw)~I3U{&!_K9gsJswjf{SAk|48 zF?kznEx*>ZPXI;N`}FKzVNJXf1MDANktT-8HYIY>eUiCT+N4Ixm2r62FFo|@2$oPq zUBra3#?KdE)F@{uR)x+Vi;jV*oG@avEi>ElzHLKNWV2AEbbeh+shGC6~KV3PhGZ|#zk4J&Ls$ok^B@aF0x~7XHtmdS(YhFq~oL)!prH^ z>y+#bZgQ;YbuYdPO<(h0MU2XYl&Qa}1i6)1#NxtM@9a5hu`-c*Btne{OYuWk72Gg8 z3o>~7lHn`z)h3WTq}yu9qJxNNs9N2;0WRm#Y>k;h?%!xIWFE$VI1GY-l!};yh(?=Q zzz7T4vX9cBP;m}<0Wz9?CWX^sS4+<&)N`F4L!(28V5HaXZo2a$cf4H5YbD^*z+Zt$ z`fE@}>kgsNbouq6><(~{j=C$sS=x_ZT97)=Ui z#89{l80ZIEEh!=ckn5pXDg_W9^qI-32W`tTJ5LUrPkuu^?{IK-q@Xb~YW^X0^gc4n5H3u_Sn6!! zWr4*`!|TH)1aaz%r};YKrohTNd}n~FdZTFkOLYQ9jn*m=BOu_QA-A{-9o#F@CW_JO zl|!DgGifP>>@P{%`v6f1hJUsnrc`s0WcTB}N6Ill-ZTbG{k zLLI?`bhq7cvlpKF9WW&u)s6Qt0p!A&QkbrtRTtjZWr@35%*eGi@8p=4Ox#(FtPLa7 z+>lwsbwq&oedpPF^Kx=GJj5wiWr7z1=v8aLtCeHxNw_${zZuDl9d1MpK=*ZNH^q?} z+)G?BoqJgGIo)`8ZNyw}f)9r|%$$2c!8z;A*Y?@#f zvK5zjhILqJu`j^h$FQY!GtpCQbM1K(Vv~XtAa`2g(1ozH(dKs3^RiEeU!rI0j$V5L zMLMAklb4JD_jSn7nJh2KlZ)k*cENedE+pY$Z-{H-4OeK%Z^jPXf74KSYARbbRCv+3 zn>QUKyHEJ}-1EFAcrK)~v1u&djqWk|E!Bf=5*Gb5)J}>=e@1e+z9xGYnz}PI!)GYa zmbE1z!m8H91%^nAR%Z~J&$@SOy_TJ~B*km!5=92iv3Gdz+(!&)Nz2Z2NlC532Y^OV#FS}-7$)g{tqt5VcTNr}bfN`uJ z0*p+k7!mgi077lrU>MP1a2z`IvJ<|7;*}5Fvlgv;O#lTO89BJ-c&{s3+$dVUbyFky z@Ra!42d~pNUH@==ZMxk%^X-6hvR1q#!WkI1MA&-aPY@1l>q6~#k!d5|V3pO0c|4}<%q^8E6Jipoh2qz0Wy%71 zBquzm7G|RW?yt^2KL_q+yDD!lV-Q}k8`&vu*tgvr z`E)i?Lmx96FcW>VaALuv$R_(as^^n>`qkSZF8!hO=5DsPXdW^os4^kNTJpwg_+K4 zy})}uMwnh7UtD)*UV;plj3BPfO^PN=Z@18><&{^(=ot@v+3x!X;NSYTq=zoUp=3X# zdxmKHf&C+S_!AkIIWGKO-SDe)PuMSH*$(e>KGvf@;y-hkzfbtW@00Rd?;3rMetNcN zh1bZPTo~U>JVLVS9D?DSYwA)@8;bO&;O3R}SO1MeFJBHTPf!Yg%}fy)R|@?~ts9WM zoC9#zv!BCs@nfnrJNKqvDpY(3BQ!PauP;b0-`=qtKsi%jg9SQLw-z|qy&1tty+)Eq zlKc|t3`c0cbdaa>J8J%*yK{7vbAr#!P1wvnfWz&h_xPf7<$fUXdBloeauWqVo+j=O z;7{PS0{i+BLF6MlNljKj==Qim_;17V88$aGCk=#^R z3d@q2fP?V4}hE_YrB zJR)bLcCAs-YnUPxT z?7vuK1*?`Cl~HN5+J zg0ouzh|Di(c{%4}e*F=)eU6=3;DP{R-4tkb#;kmk-bKF-OqS|xHLn-ExKDi@=s3BH zRYV;%Z23nKmcsBxMjKR8b&hLhE=Ve=pzL3o?cUJB8p`O?mKHb}yeV;+@cK3`|J^(e zU3xnv}H>|te9t2!&Jxd7REdFT1jcM6`z38qn-Zt&8rB*S?uegJ7 zZRxuI@iJsMV!-6If?}|v%iG(NcpkUK%jmx$%Po$b{eJvx<1qY`cRh*N*>wWN%c&aP zd9UL{&p@FQyi#kpb9V6xNWNmf6mtC6=m&{hxDeeotv~)EM+s7q@Mw_gYKqPk0s2Ya zL1bF(qf87#%k=__>a1uc21{)ni`$Q{t&qw3N=mH8L8PO`kcK6^{zPdhbqDtz`J{`2v!09m4M&<2vHx~gJq5!1=t z`jm=XW z+Wwqm`*rKWEetYsV+6?}GuIQ<_3O^@(?*u{d>zuCW+BCm2^-rsi14@_?i}mzzapK{ zl|7S_*+HYbQ#}G%6mJB$sUU=(76wSn^OETNaihzv4)~eQ#K6WUp`yHe+>+=e!qgI) z8I*V{8-oV-cHZSNPkBw20iC*omB2dd?spn9D)9ln9)Kt>^*=_swQiaCdIr*Ed$Z!cE4}q|9aJG3Sk(r{x#*_&SQ4omCD{`ve6mJ z9#Qx{N||Qn<8m#!Y)0$yV8n>QJ0~UFTu1ui4{8Pjml3zz7_B)-sKw%c9d=ZlmCWw( z@%een*3FIu+*@7;`^6z}V~8I5KQnvzbb^SxA0{ik-J&j+$e%}DoHO_}wt(Ao5dY~e z@%}A=`}_KO!1V0sMp+&{p@Lcw1MuhxPEO1k+Ay1hh)z3~I1sksWey)4S^Ww%NE;wO zK8L@tn2{5{H_=n=k1Yr#FoPKGq6Q@4LH4(mc`ps>5_XdaSaf$ zDc3cdS(=eKZx2li{vH8;epy7$H;Q^C{|AXU&S$@ZL#0dcMF^{jp+&>I3N;W;Fgcm`bG&5mi6#I%`=GR8Z-4+J zp>R^ps#^i3d7a`+zZZta`e)Z!P6A}po&tbMyB>-8dRs&< z;7V^vTx3=`Xd)IiGeB=`=8D(5 zZU?W8*~)xw)VoHHq8`+Is=saf&$cUG*zE!C$d&J0&DW9`iuVJ)t!^WZ`k~iA!K~9Q zmK@sGRCXuo{frSN0ZJm!6~j?Ksz@+u$OlY_osr0?bzb@4qbybcc4?4DIgex02q2OH z?Cc~brxXUFEyzom-rY~9I7-~ za|X*TkiJTm8jJr8+~NDf;PY-zb#J-mNVPx=yY=6>dN30=oOb@T5Ep>fd7hk0M*CzHSX?KP- z7}mUe)aiwfYc$%*VALC}XPgDS35=@amTFq5VadAsl*<**R6JjCYT9Co--T7xXumPi zyUaSXPo?q|TXBah$KY`?VNC3!|09_?Q?7`qvKH>>uY$r=S^p`tp+}~vZWhq zP1lQJE!05Tc8r(1Qeabfc_ijj0gYlAHm`mM!o@`e0v79`EMRj_0Dsyr4_Ld&xK)lb zh?TT&D*pEyi4efs5)EmKOBWP++AA_hS!Jas;8ctId|qd8CyRFDHWpk%SY7P`;#PsFPzleE1#}!v7Bw88hF`Bk5t&%!v!*J3L1bw6Xf9mmn&nI1NAaGZg z*M@+l9X$+S_Z9o%IBv8A? zI-IaIm>Hy{D#4z~G3}n^>ZsM>p85NB*#7fajFa@8?7OW_d9D&6!E$Qi88`sRlATO^uveTk4E7<@B9=0Gl{)#$Sy3_3?o=HJ)KQ{@U5T3}MHZ^oUqq+Qk zcBxzlucU|SjJ^V~n;9;jHih1%TtM6e4GwYKtKAya0}*eu;+0|RGhs7XfK5^pVuzz7 zGj&?`e_P>M)nqlK=^Ei>8(|Gz4w@yXyNtT2gVc=};h@roKg_|@`2@e{D*qUPoXs_C z{_lH882eh8j+9nt+jM^3UtVyB!~6b?&6++vR*u2ZbQPJH-mcu70dR7tc=bLRd7U_6 ztfjCq8*)0XRmYzuGt&z-J!VKT8!un-8)1Ew>qk$0Q3#a+KD9*Zy2fUxlL|;tF^Jxp zWs4%R(*2ze33&#wvdKELDrtzpt8EV{lQFd=*=ynZ7)snP>(jE%kd~h}QXk@#nI7M8 z^tG?ol^ME&1IM;j1reVPbv+B=ekPYA2kxQg9}GI_MH1bi6>y|GW2``~PjeZ^@!1v< zlI+@2i*`yU_CeUY94YP#v)=wS%x>Nqh-RbRfFaX8>Xd^!(H2>5-yY<^=tBu+lU@zU z5m4&uwJ`kqPw%rDj7@a11_;}ioz`|-&1O~ zFeSwfbNH_jtmZfeoA zx|)Mrow5%kZS!q;;R9x5Bc z_|h4kI#d1l;eW}X8HaA9=h1DLXrhdJl4h%%M21C54eaeXo7?=|w`@)RX^=xTxlYEGH+$`=*#2OhV6o){|1yf7|0q6TW z@-m7j>1z9p7`az9%z{+$2n!bjiwkVR(`Gdx`a2`O304;9nAt@s98M>++MX_SU$-O2 z&xb-1Eh;b1=eT^8!-tkem^92#Ygekqv_`q5s`dweTSCNy2 z!RRQcWa=w%UoP*!=HQX<vDxAK%%m; zm#e$Lbinte(@QJ9M>bIWzaO+lS6{i(^H ztM#fPsApC|Ogz0sZjP`>;_?m$JCSz5rgn%kyKP#9#}9L*KIk1Ou#k7yRsvLhyo=7| zhJQo167M|~|2uH%deaWqfHHf4#vf>yAznKAa(PA zd~r-k8=;trBorXxsizpnBwO71Ot5%-jOituO^h4phB)>t*>nNT`4@&dYvamvS7~kq zAur)tnY3s@WX>T4#UN00f`)o9dG^3=cTXjwWG=8Zi)Ifbb9zXO0H=XTplt zd$wj*PdZl5HISi(5Z_3m0T-#5lXCtR+y_hx2U{_XF$|s?i!oB6Fk}fgeSI~dEuik> zSDB-p->UwpaIoazd!b8!BHM}DLbb^&oOo7JZpnqW_nY5$jZzX}$DtjDB3(Kg8%Nc3Uoq4wTrUR>q)toR*Yh%+hEZat=UjqFfCPB7)O#fE{o<cC@{5qnkPeNYvK=-`ewrPmMN*mY4d{g_?_7SzpzgKT(`(#CaepOg!kg7dA(64yeGi#))n_b^)&yhzX2R;Nr>IQLy34nlqPqv%2N zi#SdZP;=7>IGKSrNx5lbxRqfI*3!&CT6Z`eL4kVXEg~yp0?opFkZ{w4yQec8E#n-I zc0JM9(|warS3crOkK+;{@k3#y@c+cbl}I-;BW%0YIHbNgnyxvGii`FGy~o^6B!Jt= zwo^=1W`T76LN(rzIzQ|F0Ong z(%l#;cnhq@GTH6wiuY#$0v@#i6`W@dtJob&#Xvm7#4uQiMRJ1_$4fIyo(N=Ml47HV zPoU9rZNUTHwLH*Hvr5QM)~Z=a7?-0j2_0wsoeSql#Btb?qPoc`$h?9nfZkGCga-Cr z5=aWj)Yut?0*a3hBOx!f*CmyhC_jP1SbgY%`^AddIkd1PIm_bf>q^>?lMhu)m?237 zMDEqe5N47HsxL!8B5eq$E!REhEHM=LHY&|cF<}(QlqFt>njGG{^vHu~6JOs8kOOvj z2-=rl2`r>0mRIQg>i9rEY8&kYGF`U&;0R3s&8I}Nw&tOWZH2!j!~D{21n?e%zfv{1 zy4gcLv0*V^RENzmWZtG&1&v$)GAPYdaQ)x~1dT8gyH7Eqn4)-aj}UlQ#<{p07j2d; z6i%=3q5oDiSCctm3|+J|8T*VzWqeqOO-ZWMqdv%Tdour|6R;U0Vgu)`H;1XUsBsqJ zYa#nN^K#C&qpmnuuM49~(RpZ6*;)7^#b{OVBO=cfnwGkq^=<`@sf#L_)w|{A7a_q) zc|ni9YGwrT)%!whNRJ!D<)Z$oLAF@UwN z%S-3DCR5_CGN z^U!}dh7GvSg@Fni5`{J8$@DKd3#HB#OM;|^tuz>E6RCMbH;%Z%@99;$*mDN@Q7IM2 z_Uqxu3@U<2egQb~KfY`(a5EwaWkP+zd0qK6K$K&sWhZY&$7e96*kG^GQ}v@OC?3Sp zqod`*h{)VKgQq6RI|MHZsr+6{E>{)O3m#UK)5_Oh^v(^LLp;(jkBv#m9$Wqa=k*35 zye?bCCI_eXWMGb-VaLpzhWanj($Wb1L7AW(iJq%#3%!TN)X;N(c`Wq|N=?P=Rx=p; z%*1P?-#;YqmglEXb7)!Z=JKbC;ZhbG;-a^Ps)ZD&E{xWPRv{U_(GJH{x)D7}hV39B z{pcc*qu#@I`((H)zAgjB;aGS(cvnOcmkV=o8?0Qi>74*pdMDUn#e>((Mxsvo9%Rqg zgdU**(QaQ%Xm43G2U_L45)p|}+9ZpU(kRGopr9|?|P3k6qJ(Zum?sxf8dwOF0i31 zz$4A+5JEZSA8VRD)4l*v?VLowwRI^?9*KMkm^sr(N(d-r&9hYR8T=jXpv-1GXAw$E zLFWcSii=EG<8o*d!`wia%baLih8B{c-uMm#?9djq_Fm0)NM{rPhnPrI9zGJQ|DcX) z5fo@aWYE?sR>PJYOES{#nK{yomoM72hdVYl+`_s3UuqcO4ZF%Axam+MCzEslB|F8W@K9NAz`w4mb3es)E(uqhVACIHD1{yTQK+7 zD^r{LjUdOg}Z3$Sk9&AysLP2*-!`!QQ0*VCfn6 zZOd2DXrQ>A+Ln3u;vr1^Gn%UKSWu5zB?|O1t}sUk?7J^&i}yUH2_1F^Z4VI6)*fZ|%ryOjq(tiqS0q77Q)qS7`Q* z`<-iljmm|Qdx@qxu@(QHXayK~>!oWG#+ z{`{iOM3g#$ohJE z8UpTGm5%A30$p_@^BBu@$>|*E@?bLpm;(YroDR%G>N8^`zf^`jz!Bg*-oSviB1jm$qm6O&Qj+1!C86svhO-t>dqP&-(EQ^e<3kp8I*ua>&L|!J!XCBbeH&r7Og$u{7wKyo|Wn#>`k!z#_glctf@ zpVM<@R!-i>=Cgr&=O4qGg!cnQ_w~Kgdh@oTGmb>7!%N~$QI4A$ilDhrexFy$ zCyWFDYp+sj!J?ylgBpYsHp-3C_o0bjT!aNHn z7y}VXim^e1{RzOx@;*#24r4X4;Gn@TUo#eyS6gqZ36x^3Kwqd1e6>(Mj?1SH?Y{>z zN?xqz3V?vIekwap$k*;Yi1tO#@52mxv2PL$>fj9lYmay7f_VaX$gw6}4Gk?~sx<_6 zA>;md1UWa=^GCJe0nCVtOQL*K5*igh@JGg1)45&LO&J#T9MPtc1L`d}rJgk7T%5@) zV1*jYo;)@^H9?x)VGBzD@EBSa?CdaC$^Xn7kWqf3N@)QY$N?7uh ziOumJK>(#`IMC7ekiy?51IlJMn2}*feZ|GiX=4V%uD1D!4zwFJ)6TO;oN8(yM2iDK z!Hip{*H&P2{g9Qs@6tr#o@Wp6$~%(vxwTmXqN*bmE5l?(Q;oxv^bnQJwgWRM=?zkK zKx5=|yNSOO^p;@hBhA+5kHSbf!NOk(Y}LSj!i^3FV@xSIC?ig>nC^yx4YFqNp~vQV z^N7J$R;yD6PSRo-(A^Pws|3h4!i*Sb6AhK^lF?(Q)#>nlTGi&E5f`h;62!)zL{d%> zg2?y`G$US8O*jfV{$GHNE~f&WoZ9d`>WlYhKRNBn=zv{ zQY6oIHlDss)mR%FVh1jG)3^N71DE|TQvOMgK+lrYbD}X(+x#7DSnSr(ucr%gPya)X z-)9(T+#e%(@uE`Qc%Bm`v9!6q5j@!x6VYuNhm;(z~e4=i+fs0FQ ziau-JzYu@>e!{R`3pFp8eTY7bd@d+dx+(u8#&@zTU}R=_-e-EkOA}XhT7?QVjD-QF z0I#WX_x&P$(fj$o{rwvQS+kw@(}MC*6~eyL0}DVcwb1^JyvRVHs1(O-xeU#A`#kS} zG$t0ZOLm5lqYqLqPa3p8X`UPX@yPSW_WDd6Dv;ky`WW?ky~{>`iADLKP6aY#YS7V_ zG`_JKQbn>boT=(vfnfQR*%s7b4nVU3HXi52gI!j#H4Oj^LmPM<0Ib*_#MKupY-7@B zqR&hsL?rx(iupzGrZf0~^z&DrPDsAmst6Re`f~H;zp$w_XISBXI zQFpqGzyTDQ;+xFQr3AE88pGTKNi%@?WGf7G8n)WNVG-CA9*w@fu&D<$-O!cL9t}kW z9`Sn%PCmX6H+Havyd9J<7ga@R*fUJb&!)?fW!WAs<4x7h?Kd9$98&H~|WH(Vx zPpnSk)pxM!C1ZD-@k``hYI$|`1ifzrA&V~9u@)jJGZJHPh3tP%T|+p`fh*hUgkUka z2HBXPMAZIHoBQf!Qnr^%?`WJJ4=V#5w5!W)vDaiiFsA<;(ar5<_fPIX5@wC`J}KdB zx&GJlbpq~o3i{S{2F(3-FWl)77EX}US25oWgv#znhKheRA&7@~I*D#OBuKqkznqBT zD8U&{>SN=EsX3N2xvya;GZ0LP}mDhW!?5#X&WOer*sA3X$Pu$<+!~B|V zXS6Pa`VlA`jtrvTu&lp(1F%7}7HV7*MJyG_Opy08QG;6eFCUlYAF7B>5hbG`LvAYV zWprDK(3r$D8SJqU6!g$l{>)Y%kJ#~6*Txd8z6`(Gg%AhH&x@Wi9%F?^m>z>WpDmWenk)g1}5Udbf;P%OX0Q#-mo*!G7mxyZBjF>A^LbulJte z|M`~l3jjZ~|IwG4g#chFMz@j++!km#%Y?eUGw{UT2* zl(z{kqwUO(K9qXkN9Z-^K6)dL(ql54lBFD?ce;Er2jTV5j<2wqT-}$dz zC!PlP5HB)jn7F4Ce*=VhO%GBcQqm5f7y&*t(;Cb%N=~pFfQ|9*&s)wOe(;uj&Ear{ z8kEfi=5P!s*uc=S-QjGyRo(-qt|6_Xm|d<9oP0~|2y(~4?cXvi&W*;q?@IiGsR>ju zD`owXYS<#5%Kj!50U8aV-DjG1%+jI1J2x+*H}@t>O=#@>MJbAdw!AoW`QSMT#<Oy%3!gR9tG&+u!%Z=ixKyw{3Jg$ETb7eTiy%FBy7wEUa?Rbi^{789Af&c@OgQ zJ*S%Pmg?7i-+{j*>X3=x4Bc zdanii6q5vvAXWUvL-5?!iQPx$17Q-PVDV6|9|UF3`39PSn0Z_6RPeSlB8I8H>!CAu z!8@DKn0l7!zZsquu$H&={_=EC_BIZ;$R>WFpxl)`?3u>noMbn`Z3GXE!^R&o_-*zi zf8<7eW3;8{3o@&MJNB!?XT5b0@tHOSI9@eey->T~Rd`6m$zO>NX<)4(z^~;K$1y%s zg={xSs{3cZXW01u2%2eif@88K*)rbooKp?CPj_#-S|b7+Pb>PQe-d$&#D5blj3fhH zmkE4o1A<&L;t+?dvjb z=a-xUX80kjX5mf5Rn-xg9Znn8d`6n&$uz$J>OGKVD5<$7m`Pb3hzUGYDOhJ2%oB7$ zW}aA#+|O3q-}OR=&*w=S_rlYq^;w8;DRSASG)_Xn^qw#k{X0-F(jeF0E*Uw>0pS$x z$sTHK0QZTzt*aob!%wS!By29s0o<7SFdT8peelaJ1G;P3!2^^%g@z0_u9Mvcbw$#? zShb`n_3vd7XEtFZRR;I;-;*>0r}AiIAM4~MNr^CAZ{U(6xSYZx6eeq$#!lQVUGc}$ zdgDUcm^QDZ_h<ye56(I#DR7WR z&yN`4;2}?*60!LNd=|uL9G@NB!2@!iaL;f~4KmpFJ9`JAK8Q7Ss2#>))hVZxpOUOU zRn!6nH8cxnfB>ShTesdvRxB)?=)y& zO5D0SJ;1FYX&3Co#rIW#!xL5SR;wMmkrHIk#F*u6C}}og)q9PA?6R;zOxN>Yt`DyV zy2N&BSmesMoRt-HJ$axQFsdClf~25>ylu6Yod?eej)q9 za+MCIf5$T7eQs{TfgFeDyWvPP?xU&r#DSm@Z_PxIzO=iVt03M#mM|f;#jx{pb;g)Z z$2UOCa3TEFU~W$f7l0tLNmlBVu0Nvlp}RvGz1pW zHBm&YRhSg%tWpN2r#wG1bshcR`AFqCH$a-{)GNF_Za}L3NCk*Eostgto%_1iN8Nvy z?GLP-?+0ptf-Fp@`d(@_=pPOVqX=90>7Q!AMbQjn`o+HAt{Gvd@aPl?coRLLln3;W zP?oxjj*OP?QBGM~7mbbQrOu~EAh98cb*sx0j*h4I4%@yjwdX11{jQ*{egwB%H~E+# zp7mjs2cb_@aNN&7_#O`Wb7IJkI*w`GHg5!5gy0vzD^2y0`-<=*?Xavt?xP4vdA!xH zAURDps_PNl%)$gi%FQ)(p;Xy)0J$8cCCK0kP1dbmui;t)FG6j%1fZlUDXAKv{?F@Ibu+9e%kwmGer}=FrZc2+r)ip( zC0efYTJe7p&1z~usH%U5WmMF__ok=z)G+^sC_8Liy7NGyr^Db09;)1B9)GjO^WqRG zCG92~2L)|a4%d;hwRABB(#iL!iQ3fD>^CvuR37jkBLB6ShlcTEiTjA$8WlV&I75gV zSm<02RfnCd3Ee=#!E~`2Y%*MlPg4oE0?TWMm?4iqFg|>KhJhGB=35T~f7RrAU2o<@ z!A9#K?oHuN{Bt}L5O=o6uhtb%SO57^jYo_`ZfRdw291W0lU+8~Xi^#u`6*syJ_A?k zr`MgE+P=Z@G8H+RD$Xtf{zZG3+Z{$s4rx1d{bv4gay3?obqezC5R^VK(h*dT7d(+= zv-yd0cz54jLkNb+tcSh}2QKiUp|;k~7c^@!(Jz{tUOOcjSht#c8^!5;XviJ=^R94v z{S+YWg~Uv{8?qH!Jp|l=Y*+g)W`9W1+7C82yDql93gP8mU^9WjN@M6I%0Vbd9bP8Z z*?Yd@~`ci|)V-fGfr;82iMGfAkH;=cUn z69k9k1>}|lxvmS7BSEJ#j;81E34QZafq^pno&5!p9kww=g7O(zRK`-NQDH%1T>b)o ztoi>#*;_`%6>aIFxNC3<36S7kxI0O3f)%cXyE_DTg1ZI+!QI^*f)(!W?(jH$Prr9g z-@ZNW`?<#2YwWS++7Fk64BeNo$xB10+nUJwL0 z+LN_=ByG-Xzzx`UOJBltIoNPM^R4U}6|p1YF!0|?BPdLc0UXzZk)kcT_ZQ=*rv_F~ zqFs)K&`77pW`9E7i@o}=nUQMQdiB2&M`z0Sdk$^K#1Z5xl6eGkOir584h2L7!Snag z^`Kl<@~$GX!BU={X)s<{UJiHC2 zb?J9s!cwzJ=~}ULyQy=8C@@~-$xo%0u!6M_eF$#E>`DJHllH7BB>Ze}bt2t0!B`%V zN5}vmhY)Xm3zc&WYReH^sE_m{I)oEua7LR?-nZw1J9W)gF+mz0vycT$$myuFut5W1h0|^Y|CrWJu=2N7Mi$-jzvlp~WiE zm&p8O$;sQnFL?H$mZ}Ox!wYk1Ks(9E%zF%*%co$7ccMtHYzQ=st~6=j z39*?93D zD8d^Pcz$#q^xxkfcI^789a=Z|C3iXAQY-QC&&7)|1l(5$CvbWGZ3t6oxrIqP#92FJ zA4&@nnLu@7NdJ1JivKtDMD2%KU@JfeqTrxzpX6yLe#d&*tjxCIBjWA zeB8!C<`Nt8+BsL2Ilj;)6m`#Cu5F)Y`!%cvuLzIzlwM#~+nBw70*deDrWU*SONn*7 zakV;gJpJ>WtSxrtR+~5Jp!I18FDjWe@_@CaH8PFEYw!RYsNd1F=G-zlL|-ltR=W&& z8nWgmkms#EZk7_;iBFQ#4J_`nlOblhhN3m2W96AHKR=1T|mCJN`0`%Ta{_<N(r2oNa`78Eeg*S2C@ zACAu2hhSM@vA6&5aY+D(kq+k5S@sviU~Y_T6K~f|H|!1c)!gB*wW*df84uei7}~VbU7vhbe)@<#{WS^)oynt6Tc-d)n*&xuhj>PNyC1}UAykjd zeL)u_-TpRba`AUomRc`MT89y4kf(BwSwD=xEpC)U0XFvhPr8q*2LjOuH; zr!N7(4&Sdo7`GcxK-#^r=RUZLRS05+d`Z5(>7&QJiyT*w`*>Y@#T_Dj7U*(ZT1RRl zhRl!ny~Hy&w-|n+h(}@?6KKUCYA??vFON9By&vHw?Agm-c~4)kLw_L%3UwfJ?f@aimYf?$+vZz-iZ_FXR40DV?V)A2(b}`^aznnI* zo;8NLv|wHXdX;{q+NKx&Rl*#_Clui)jQQxh(Yb3>9(#7=>^-bh|2H8Xk!CJASmge(DiW5@*CA!nC(^E^ z-{E#y!%W+vX4$lH8nr&Wr!AJ8WKD9fO?FnFhKDJKa{y-u!GgT^>up!}m)dmIp}je7 zQS}ZKt-fX-DVY$IJWtq}FT9x4p+bqb7tGG&HL)+<5V4;?oy8@biR;Sv#l`#6ZoyLe zh}KO~;uOkZ8umeZgR(u7tBE>$WXC+ePgq8Jr!v&&Qj6G@Q3YMq9q5nZw^H`nWBjHI zqmoWHwL?C`O!dMP9L%nntkfUqt!dqrX9!B{@!)!5vDN;VgwzH9z(pys+%S zL=ThH&BR@^+8=Q+#DC|*=^ZnOxS$&O3DlsWMK-EIpVxCy{^s9e`1SXof{~R$gPG97&dxBb$q$X>SXS7#Sw*ictMW)^*Kf zMu~0JTf>W}4?A)7@wF{S^nH+=;<{VN<41_zC;O#XN9rJVYN_G+gW^yDarSQCq3?ufDK6Rmp=u_jUPm@e2GzV1fm&;C$ z)NwJlp~mDAOiR7{a0LN-%}JT4+N4&<@Ct!EKK;vI$Zr-T;F~i1fjdB>O;mn1+G&Za z9HO(}>jByjaK8X1vCR37Fv}LD5klFwN$!xa9Ntc`34C!HN|w00^vRuZo0$m7Um(JW zv9K%3;mme%VL)26R}{BGB1N%_3X2Vx@l&fUcotu%=3mpsYk7EBU%%;yGe}hEh3N!x zIRMHfD4Krg2`h&Y^C4Z$`Uy-^$xLorx8^iVFHo;V6PFB)SrgLUx%~KDLfZOJZOSSm zoheYfJtN>z5Z7Ah&HVup=*=4-aLb(UZ${PZ+O#()qx(hLv)hz#^y;cdCx%f9#&<;T zQ4V1?<#=unK3xAxV3f)EoV^qC--xwXO^Mg+aOQ(J8aMMaz7#kxO<^QP6)dSJ3nrpl z(?ZYE5FCaS8i-4cis^#BT_`II*fh4jV*JQ95P0{FR21tULMCR;c_sF{xEPj-`lGha z@y3Ka;)A1BYAjxH6U=;tZV!$0P+i(r+8&!Ge#Q^0%#aI3fjQ<&vB+9AF0a%sF+GtP z96n`fg&&1Zu0&7rK=yQ3m1y3l*6VQtjDxU)`(wAuUfzA+hjp9?nyt)r+s}V`h_p?) zi$3oRje!i_wx4KUKgpI~DB{QizfgR@g>^c6S|C~$Tg_&6$tA*Op3Xd4ANk{HtFF~v zs&CEu15AmQVL~(2KFz30dmt+F2I0H_@9K}`g>T>o@zRC|QUk@mTFiefTISbuddCuA-^{1w-w zrx016>e8>YZ>X|wU>vGv1hw6*sw!WMA-IvH97Q7ck(|0N}7O@4Y8`KYc8?{Qd4M-H+yKijb{TrN{%v$lw}Osu1UxX#mR)ReJ%annLyORF?h> zoU`{v-+BA@FLK!SVk)b<*|u`sjRnvGCVy&vv^1^&;RQHD_wSGKj(d1L@POE_#SWCy z*;)7qXTGm-6=kQp+(zE+xseHSb7~tk14h_9bU83OT1nWy*7byIsh`6e(&E>=YGa+8 z|DerUx;*CW!_|yquY9=&S@CxhyO$OVtd>1|IP?GSZ}@(ggS^Uj5A)79NH-&fCd_M!#f z;+CWY<7`W3>3aPvQtJ9u1`XQN05AoWL!pC_3h^3%dW8@rh_xZU28JZ-%Pk$e?H>iZ zi0~d)0-hr#szf0!RhaM;Zvxip_GsO`gtya4RBK6eW!gVF-lI==qgIv(9AlULUhTP@ zM+NaCrzFNzw@YRe8U~BqP_>2lbA<(BJE#30VWLm;$CZMLvw>wK>9jl5(8JvSIkI$ zy;PCcunV3TOs$3*F4m~uUKULJ#%(S3(H}y`&7PasL~WkBqt6;iWXX|z`k5%9w6P7c z68;&o#XE+xyN`E0x~*qY93+SPQT;M#YLdZf(T~q;z3=9G{;ViCj~DJxygT_H)*dqm}j; z1p{?uY~_1==iV{p34fN;5)05-dkFxak#lQnCs>hva)PBjwn5z@i(r>(!|emt*@)CP z(t*jMJ>mj%xly<2zZl+TV+!EWnQO>CDsv|Y%CdM-IQIk995odNg@;7sF8lWf{TG(jVzE#rm*Q`#9N z9S{QgaKw6lCA4Mdob|CdIY!Z`xURJB-+zAgqkyc-7 zJ%D)ukuoVPt!4)&$3>xNXz3JQ0d8)k{~!WysoX^PbE znp06gOtgohk(R6W#`s6C99?#(D-Ht<&Dgna%U1UmaV=ll?KbBsARv0nALi&He+c5j z3XjNBQNq$1K=`3`uPn^;qavDGFq&|~B+N=z4qz;Cho?^@V1-7x^2Uyh-IAYrMyw-a zeT?txegS85L<=A@)QSjq&{4VQJKUKH%IfM*+}i*~1I2W1rmm&M6#@eTXpPN&Lt065 z$Ut3X0y1eEsdbV0!7e`=f(HB5>huUaG{I^gPq)ASk0@119{YXV`eXhmqt7b@yM2UR zT0}BvvF)9cSrfImz^8OeyHgd6TcDf65_Y*g+NuiK_re$Lm(N(OiJnP1U(k+}moBm_ zV06?OO7=f(aUy)dW6McbxMek@41V`V4F%mmtB9 znP;%AW>43p1?o;fnk%395-6#6kl3+3xs(l+&jz|M|+f3TN>Vnks&hcuG`^F+)}#f z!E-D~A|XLje1r?^tdsQn(EtyW*5F?X!mha?io8?_#1#7EMP_)16w&qS!;zqxQ|r&t zLq~gk?Ua|_6jj#-%1+OIj$@y5AL%l9T^H>A5#+q}o#yusi{3O(F17OltSJ>8`L0wJ zbb3t?k==DaIj+lS_ZI2`b5@DNeFoKD)^+wn6Hl5>OzUDq1+{8fRFU$nDLTXV*PQ)4 zIaL#M%M7*ooW@^-AUY7Fodz56A+Pz~0W+``_Ntl_Tuaw6l4jRpeg&~NkNNll@14d) zi&;hL^`MxfAY^4m`~xNQ#y{M#W0i? zc&c#cBavZ8Rpg*QVPxjlF&!C4+XNUo_r4dET7)N*)oQ271L#X))fIz{ zOf9a(B86%~Ii)?#CQ^qdZ4$$UBWV4&r{f$rLh=XV&asckPey<9@bL87j15Z1p7wl#*iCmtytCW&=hB|G$Wb}J-3_pvOBr_ zOJ7ygAnvxaMTjr(WORGTCWTNkXH#b8=Y_uEXmX(!HjjsZF#-F?I$;2a8h}Yas8LA< zpepsYx@Z4|k}3_tNuGKRDpl}kl1nA9)@-kxsFy)ro82YO+w}Z1Ej$JTtZ(@ZFO8N@zV22JIiwAK3rKBRgpS+F zpST$FS(7g~<`h*IbN>GLikHXbnZ$)O-%sSC!1XUTkNO&cAXBNN)|%fXJ~&f3^l6q^zQzr!5u?o2i>=>t^`XX#dNDKfgvh$clrKE00OdvwZSHVG zrbl@-zo}C5T(T}Z9$J$jweP1|mt}6}dy^c!-gbm8SV}8>s@Y>ybA&4)annm4yWZCh zg*@X|k(7M)*9SX)r**4!DLIq2Zxv%$1#C3k{QqcifTiF-wNGwB>D5_^&rRRSCw~6jN7`(YU9FE ziuYComdK&1AbPZ>;K{tj)CsFa;<@utX%BN8jn~KSIn4or&QY^c3j;7tc0^j!s_Nl9 zKOd*c97V}TOix$xuG3%2D8F!;iuP5@45f^0BvFsXYEF4F#Wd61Sf+tR5@Gt0uA1 z26WlBy53!qIaHzJS;6+TZ*U#w>oCQ?_FG-Ipe-Fe=l zp1R&L_S%GiQJ@3X4pDhJQ5>jGd+q*tN_=Geoe$gRtzTrivZ&CAdDi@h#nDSWEo0;3 zB4pVC2dH?TH-`IN=5|Od#0dtbuzEJQ?9keppGZ~=tw3AJS23xD#ir)p$1vvCV4KQs zs$THCZizlN1gkY0SD`x->^5~%;7DUu74FqDW|&Av`fw;!Wz{wH!`pzJSj^`gR@FaV zsj$23UF-uoo%jWkN~XZ1|F z-R~PEIncKAkjYwEZ4eWMEpR=1=a^v4&>^&tjrN+a{*@N)ixOyIa zEVY_G@Bn~*;f6a!Yxem)V7%PX#2-x$9|Q6qgs23g&fwnT31P*^8QQ7Hq{M!#G6?;& z69Vo#+APExn4ZR2S1&L%&HU&O85?EBd+dV&cXP5ye=YVL_jeXqzw~uv8jbpic?j?2 zg>U)9c6~cIV8ofRh9O9z2t{!YGdXLwj4j^~8h7g^%7v`J&`CFe`65`m} ziY&QRZNsmnF_OGPny}|5RL)7NZ5ce*lFOE*6B}cUa7GIDQ(^aIh<>I%$@#L{*}>3Z z|G1bUIZ--oF}L5&N{&KL*xPy0>58>(IY(mDP9!6?l1v1v zLVc^LJLTbYVu$zXr4{L-a8&d8rI~%7c~U#~f>)3sdhAI3Z8{J%jfj;jX6X6=G!9F$ zhH~7hV+8Bp6B#3&<86DDJGk(}eC6}WzQ2f`qDpXEnf5Ppm&H9&q2l^X7vl@!E0iAN ziL^S?QhSDiJ&V5QtAlt17GpMvB^73>B~6+&-T2?WX8I&o4*_c?51?;%eY2}M68aK zPZ9JNU$!RdhFyQCpPeLW?`kD5xBQu{7CckhoU8oPYYwBCM~<3k-%mvV^2u zy<`2wXUL2ih-^V=x;eJ6lBLP9b*?XuL?H@A$E4wVaSyDezcPyIckUf;wz6j!Pu5(1 zw=j+()}NFEtRWMcLDc%Hsw~aCzkDs;c%XS@J~;&j;~kl5rC+U-`RML#^#1f}H#J0# zJ%}t2#Y1~S$LciIY?~GV#+Sv#pEuy1{4%^7qXoo!}+Sel8lD8$i6WT?r-7*jikyMK^6Y>3Omx?`JS#Iue?{9T{rR zfI<{f?zrHHx~DLH4w;(nzHVTeA#z>~$sg z{5(@9Df@Nnr`*5a@_(7_|9O9ZqEGr#T98;RE`6O)1Ovw3-wS8<3LtXHXB9hYVi8Aq z@4}L=g~DzH-Oa9;`Her;w^F|N(Q-(dSrZA#p9K}V?;xc9PL%5r z;e8HhRPE(qF5{%V7Q={!$?r-308xSLu%3}*_|)1fR2nSuO?Y8~x^|VXOr&~FqtD55 zNV3U(pXXa?5zed>k9R$4`q#U)u`&mNw}h4HCiqZ zo+s|k`W%IQp?n`UnC>f-5UTG?F#B{+EmMtrJVCl+y}qSY(?cZTBh9%X{6( zlC7}ob`B#2@FBD%8L?|9rLJn}P^qt)#hr19Djh4u9LB|`J*ADFEQaw$GyzX$6fL{6 zcN9fPiNVe?fr^rY(Q$GnaP*kkUODvu<35~BVc_TXAyJrfiTVcOdrzk2e87+CR33MF z%%*vLsNeL$!g{vmuX_!+GFRqJb-t1<^2{>-17o#$p^an!MX=qK-SZ^%g-N9qC-1cq z`iv;`B95z|;}vI^GZN#d9fmR!-yON8!n^ax(Eevhdr0jdW({X)fQ1Q?k4Cn^ znb)rjfslsV?R5!JVD0>M;+L&=CfqlFnDpli-(%@yy3-EH9qY#% z)pa^|q6R0~-NtnF^PnF;eY1PsGIBdundTXP++n<7e5a{M=ZqBke2yaHZC+GU6<)?l z8!P`JIqHj?V!AheIyZTD^sf&Ywk@~oVe8%}H(|A3{*M$|myzgPTtV#O_Qjc~_(wwz z8v?@P)XGXwQX&2)pGw%X&)Zx2sh5W!F3b1cl~V0!TR8Xbi3LJ1SVX}SmL3?rK6Xb( zJnOn;Nk;H7K;r%Tx6JSxXTqA2!QVRLMietLMYcr6Ng)DsnmM&RAx^F>Mcj_7ad6JB zPilFdZxkDT8i8?*x;ss-agWBns&u+>c%DE|fTT_NcPhg71?bz^VR^p@?pvLRe7!WV zT1XBgh}Z1MAfPLI)kcCm1nF;_taWCqE%gNXhYbU*)zxW;{~X5FI=_QPgCc93YZ;pn zxUpL+y5xUSBmak+{-6K*zb?Goks=9Nmlo4wGgE(H>OCOwUwJ4o^l5bnWYRI={X;y; z2KbFH6Q85>;Bd2ar@`wYxqx{irk*$(^2!^L25@lBA6pIvk4dri!p-dxE3`?WNv%?b zNF$>ZY(_GBa1bv}3?`Xyu)YSvPY{8!;&3R-9Cr6I4 zSP#59V7GQ~^{6nb{GWMO^HE>l3g)|(ryGQ@D}hcmAOQ9e&DPooRnybS z5by{RNj5_H$3@#kVE7XKHwn#xgm(y;DPRv6? zW5UM5i|#}1sbcL#Zr`1knEr(=whsK918fNK{eq>&jMg7cOT$C>NB=oBO9_Mdzq`FY zB{X)ciORnc>mRBO2U?uJmk|_w_I7OFdJ!Uh5ks?UC>qOz)*(B8o@iOZ7Rj`1f7Ea` zke$_pIk8L>z?oLDEIAC1>>mclVE}QuE4!Zux~^x(NK$prASHEw{qMf*&OO<8c1{pA zX2}2hwii8&0X7oqT^Bo|h>020Z+*Sqr6r2z@1!a&uPSh(j0W4J;S1%|c86tB?vkYP z>fV2-hR6SV9r+JdOn=Iur=^|zOhdD^z>O1|rpG)w+25lnV1$K|koTFGNE={SZ1`4u# zqG)O%Ure?9;52u8etkC(4iO2A4WQypiQbHj&j=GIa;CL7PQ5PWLy5Jk7T-Q5>WtN!}g;8;i}Jm#u}+1)2o;ZwO5Ryn$eS<0%dVCI$m;TYR6k0-7--Js-ZmIdD z{f+tJFCYnVe92z0p;|1J7Z3Nsn7EcDBJm%3J0S+l0UQR!ao<@_cp9MNwaEF6>xS^% zqex;q>Y0sT*jt9xj#>7DoY7HeEEYK<=)I(q-;$7!HopYmO?p!_G|`_#T0m=c)^XhA zOpGZJ^k`&X%MByQbaRv-MBH40NcuiWk8W_TX3+LzihN{v721(&HQIUAZ{!nQD=BHK z`pkTO(i174Zg^bzNP_|O!Tz)97I@KO4cB0x2jlX4(AHVO`uV~)Tv-RoOg3p!B5fN1 zlFtFd8yD-?_(6V6s5jEnj%HhKU&lLr-s~J* z1N%{31@I#tUM)0c6LPkf>7IAoP@A6;on4L#Yp$lXPS)yYf?k%R0~_ufbf)t{?;H#C z^5<7Wqx`AkZ;$$@=wvMiuSW?B`6eXqyQpN&_r<8twm)rNkdsPjny#75Q<9pl{W#jH zGLFU+Q_UwOvH4}K3SQ+HzQOs|+!gTG} z)=)x1{&MnZoWr$Bn%QRfS(|7Vsv$|+ID;pUyV@_yKMYZIci7nx*4{P{x!E%06ts85 zH&9B%7ljU!PsvIn0Cm+Uq}>?fTv_pF*lyE_>(&m<^_qT5>^}_Ce-o^o1PYz!#lN#2 zO-xKae;7~BFD%}Qu>D#4|LKAIW#oNE9V{Y1bd;r${fgHdT=cbAZ8kv6TYKZ|0FE5f z)9gNLwzLATEz@gA;Co&JFT8Dd&{~Huh9m3>cK;Q;+>sG_lsV$%?QUL$4YNie@|yuo3@EgnuQkL`9J ztx=k_6;g!kz0rHIj%3R%%>!EKUiE+qXtq&_#(9&Y<7-3=G#XpvZ8S0GQR}^@;_D3X zKI)D^XdmCsVe?P5$2|O#HZ_NcCOcyWP8z9=1|vl^kZ-Cn_h&i^V41D@(bu!I6_F;# z>8%WUPN%syde#eS^Ie?}EqLJG@Kbr|qLDR!CaxJ`yN}z_lw;=GJ{}ge|4zURfSp{4 z^6wIwv8rk5P=(5M8bLMdn(I78)G@I_TnauYVflx>?U#oCM}>{?^hUq6vuWTZk`%$S9)~5ZBDn_gQ@uXbh9Z4GC*NxA{v>QL%pb4 z4ZUIaE6;^#!A!_WDotR`lCkYSkBaEYy9YJ0En^53I)9P16;pL&DI{hO?(aVbwIX1a zhxO7|h!S!n>1&BGefH8VXajVEB@Iu~2$$O#Nv_0Ou}}BPvjNb$8EetEcD3rFoREOU zX0F=E9$yoZLNcx7mP3YzmJbkpn-l*X*RpO{nIDym%klI1yCg@Fx8qg`wZL`r8EDfr zJ0KS$Qa?$$niF2ZW<2}w%R7C1YAQXHINIBK@pO0Pz6gNA*sU=WCYin0(=##E%F}`X zYQ2WD8CZVY`RjBumudGZpM(1S>xTxlb5IkCt93>Q;x2!W`0S6gJk10Zj+|eQlp!L%dJ=rB z1dSc&ygPD_$-Ci2Iibw>qxg~9%_tq-`q20-#68uSVlw9F4kL+N4Y?zoB<1fNY{>Q! ze&x7(sl25H>}>gevl5BxeJI@Qq7lGjeLSg3Lf&0VohdBM-c<%+1kWj_3ri5cj0}3* zpYFxoZMis6I#QMOQy&?-lSQ$?m6LT;G#v;t0oUnqoCn)Dew={$&8G&0u6fyz+cYWM z#F@OJLS(t+wV82fUFh+17p`C>6J++or>WJaK898LVa6Bm9Bb9x`{Yhbh~{l>eIQZD zLS0cRql~<7Us9-Ed8oXQ9l4dn>HuQp=N3{E?_E1Zt_P~Ie0_0;s& z94eF@r5H^nHza^z2pH;cLkyQa-6d|jhYePv4|`hWdsHNDGx{f!En_vo*Bx&-h1D2^MR)$v8qh(`(n$aLHDaetz@ewQ0R-f#EX-ptE20Eu+&De z=krF6T#vutd+N5!GF>Qd#OHhV!XKBeOZ21jv8X8xBEtaxM+D=9ncUiMsp&dq$2ER+ z(onk-j)B%jK#Rsx+{i66V*~gomc2bD?oGraF}j4b?#AE9J0_g88+SJYe;vkViMqat zvyJA!neS-ga$GC9)ri_XD~~#Z&%c|J{uyR)d;Q7TgeMoiFKOwjuIJl3b{8C?#O(oz z{szvipU`%d*EcaUMvy)Wa@!xLWkg?pJ~`;~3!|u+1^l$Hg)-lQJNtQIcSU-15nuP3 zOo};`hHxxvI~Rk9fuo|@koTt%cjM>j`L9?D;Ysw7Lqn31Tt)t{MzbS@DLZpCn=mea zNiF16uOpu5y^E|%x@#LeAVgK0PE!SK+s;8GmV7C7&6r4vS% z9QXKuluL%Q4t89_Nq@wirs67F?JoTbF&04#{Aqvu_0g9%`Zuff-!P^hB7Uk)dDwgD z6|9#TLPRR+0DBo!_z0|x-40m1UkhkU&O}B&ktBMShJ_JZ+G&{p7anp3XZ=v^`sf_g-ex65Visc%&Z}YG zgvcGc1(4T{9&62Z4NOgo@1@zNXF1w)%tKZ)4k#U4!4L2CWwsgXq_z5VhOJf`lc4Ch zNEMQdZ|5$klZely*KA@H^=OFE3ArghTxsSlfR+e_Oj=>&tGt-$V#n)zli_Kb^xH@C zh~rn#<$J^g5|gBqi#j3oyZ9<|b$NAr5gj3Vyao&6|L!m$`B!{+_v1Rgwb9K}{?pA{ z4@ag=wU=)^05DXV|0I8QM&G9s4)PVg6MB6dXM46}=u3|Tb9e%`w2Wka{>4D3#i|fe zi!?mtZF?Rl1{53~iKy$a-JU7*CawIgbicoP9iZc}lvNt-L2$V_;JNMsFJE;avOIfV zoz_6?TjAV+A6+o(qKV{?dR#jIG3Yg!`oGI0z7CT;-=>n@4}{R1AD&K;jIM8QpdteC ztSps92@W>U=)(~V4BYm$N-8^}UCzgdc$!@?UoZa3Kku$cw6^e*KOo@S*}011)_h#a zBUNf^@WbGr9^7w>^U0*^S}Mf=gVH3AC!TWP56DwpM*UIh-WA0Dp|G5gE73{Lr z)eu8j<%6|&3s%|Q(;q0Z_YT$FX~UgPZUp4q#&chcj*xGq&d1nmXYbMw986=iRNOYV zLtc(I)(M031Y5`$o{!i6evb*iu7SLE**vewAYPoE&|IW-ABfO%Wt*ocRe74p2J3HZ zHr-E+tttZkOvZW=YOO6sti2d@_*gL20(FuuTTw`gk<5c-T7cLQ!9 zlkXFuXp#$3-I0hOtPRFaG3)IuA7+@A!!7RJiJ#E~#Fsa| z*jMp4K<#OoCiJHSfFO&8C$8;b>D@DSGjsX5x)JgS%o<8@V`&oSWJH*29a8|8X+lh9 z@D0SiSyY%zrOjHgF6ls6N~mUI?=T#6sLPXLb|IxK=s{hD6Qff{!p#`nYef|-@{7Db z=1z^W#va@+Ed#=lZAxlJU@ckc$MyFS(UpP?8ggk9tji6f`(fKmx)yrZ4^yJKT|m8+ zO5mUT@$v^T?L zyaZGoR1KUjA(~Rev50CN(XsL%7@Qb2Y=j}IZG1F@KOxj+P(<)_bt8`A0?5uEKC%ngG zCB<=s`@AiLYhx)wXMHJaDEYpW**#2Fh%|_BbSbpM*ObYp`Y$rG)Cmt;*h)Qg4G}5T zRwcUz`tMa@+?`zm_3<6=8Ry_pMHkdwbnepLyHl+Q@)c>oWP0+UaJm`-MG9qE^ny{r zx3txwvF?6i2J%;g)9?Z&J4>=SVctlZR~8)JS~b*{v9uZ!;6otgF9b4X4z zUA>iv=3kv_k4=*5_2BXd`ZqlNxcat&?RK9ztGO(_?;wl$ha#h( zdKlj)-}$YJbsO9ncFQqAxP~=nQlIl)4}tNQj-iRNh-GYp5m}Kr3f1ezT+5lR(Lus2 z$L@6_bBy$IkC}PZb-STYELVva_@p8H_}>G6bwX5PgOY`4MX)>gQgw~wmX0bbp%`yC zq_kc^B*RmbwkQS(W%@=i7Z3&8o;$KOG6nRQt)CZO8`<0EP`op-;?TU2YYB^8N8}zz zzCJu33|7z|ZwxvET&^(JBF`MHywiP0(vC zo_J*KCT6no&!c@&sLQ!SBh8g_ZoxtNV{PenrmXYne?L91AtGLsxDqldf1#*z^aBOO zYl+5m;P>$@2mLsC9I)wgCD#r*t31JEu+|`tv1N>u(6%D6X&1zhNv$g_XOu47bQ~S~ zEbu{wKx%_eL7Z?lyQ@QwM-n>z2*q+jSEIby^FTszqDm)p<*O=f+0iCX`?I%rvA6)Y z5JE#4s(7FYPP8>|xDk9=QAXZzi@e@vt$_QbxeWlOcFdV$)Z;DEzz&-RzbzL&8_p{L zbAZAR)Dx9KFpO2Dx@0s~D5oK=4!^Yt6 z@q_9F_o<4eh*q1!WsUdnsd7C6l~|hj_x~zsL~T!7pDQlvn?tMPiC%LVXf?C9B>L2g z?Ps{V9ZTPB5xBAx?7SHpnQgE2ZIsuIv-0W%JmN3fD*PqoL*zEYFYkM^$zcd$#thki zv@h+1!ba1s&Jz2F9=D1&^I_m`|VFWW04*^1x9u3fWPm9 zt-;#k4LwY7guJdIAD8a{yNhIqn6BlI=SL>|hv01E{oorPR&VYPT+2IH+qtFEyMqcB zI6t2d=rHp5%wo8lM=LLj?BD+#jeHKLHs+Rfu&t>Jd3bj7qFF_U4si1RI^0{oHCv?e zSWtuK?UhATR3bM2lhh5Y&O1IoEuT#^B`CO3R8icwp@vSWQ?{{X5gL8!GIL_uN#sfj zTBt}0c+J{r!s>WCOMh6dg0l2-Tcc$`h!SEhXUS(hB%!i@DV)9UiJ3pw-A0C;OUbtK zI(p8-ZZW3tX^)&hVKO~`T=kf_*6I}QJOtvj%6WOSxvn?}5St*5^gDSqKJdKuJ+2~? z0CkQ(kk(vk9nmZ4EQGo=5VAs(aCspVm77V(OKlN)-k3*{JcR#OT_dJ1g-mO!ZHxo+ zpP~5nUO3s&v5ozWut_L&w~{u{nllC2@7T+-&s`dLyHN|GS)q|g@2C(DjZZ`A?@48Z znfmMW)MDh_K4pkwt$+C+k_9>2?{TU-Vebn4T-q#$z>9Ruz>>q!ncTT{p+3FggMzRF zDcJ%KfWZh9qt$e~F|jD4rmcwFt9%V{i>5qLMEFM`9a?#O`47W)WP z&E+OX01N9RUSAo$El1JN^alZXsBh5dWx~dC4)z9BqO}B?=?}D?X5xh5n4;F=5?7{t zVG1Z3SZZDNDU3e&AY8{KWE_`%@yvoT_^{&f@o(^)Pa`mRAZJ_{VT7x^AM;G_eIQ*( zjW~$k@t!zO{H2oBg{%ExEb4x!%m9MR<+3*6L0E!78(7zn`==Vg++@sbe?O=yk@r|T z^`b12W{2ID&(}vL&L~|b`Js>yr2K%f0DVYE#B)rL^@zo@S5d>q@RgSTLWt#bYP3-8V27S-^ z%2zTJ>jC=n`|F-NQCeswRnxNJI(*YA1*QQtq9M+4`kEBSI{5|^$<8*h5Uh)o+UM%m z=LiTOxx^1za6vYt84WRPAlL+Mv9ZCa+q2lnY0b&ON5g?(kUUqOF^^rx>KeDmUo z4xOrJFtZ@tLmg;EBOSTCXsuYF4fxln=DM!JmDldEwq%706O1~+omIg?BQ?l|%>1fE zU_#n!bSdLp)>6c;mN%)+wx{S9pM}9jCHAN%H0r#kms_cA(@n6K5wi7XOb0F=Q(AZ= zIL^8lT#LdBc^^!OsDY}G**jqhx^U9fvwD?NxlEB_g|-pOB{wgtzjlL+Zo@4YE2p}N ztt+BGC)TnahAG;a+C&JT>qlHW7xwuO*Zlr{W{f=a#l-+XQK$|()t3o8i=*}MII>~c zAtDkfGN$=bW$Y+?+`c3Axaq|{>_o;>6zf*#>RXjSk?1a5exRzRlO^0u@g#4+Fb@{Mv z${pI9%*D!Y4y?7N+Q^;|r5v_yFI_=7i=X-%>Z{kDD6!*`3wJC2pvfW)g`%Ti78Av& zdC_4kHfHy9#!XXIhVgErV=77Yh>OXB>Z(S)Z0Q%05O82`_zIisDk)-tRTvHv_H19T z0>~f$fui2_>eTv$*w{p&m%k(PtE4yy-KqWBa|!4eWgv<;c9UF_CMaYafhGIk!(z8r z#*!C6T1z|MgB{etF2JowXN87$ojQ2 z$=@65LEG}ptDI+v0jB$|u?3_-cN;#v!tC#azz5a}V5O?8E%Pz$K0)ppn2Wx8!Ahym zS2hk+A!-gf68B{eG)^|W;CMcaXnRLZNU~J)4zhb!(lv1^3Or;AsLYg zIFEX11!h(;Fc_wV4&7B`hw-?e3?m641!QgLaxo>$Fc}fpat^HaCM@^6^EB5$t^J;6 z*Oy)woieg<^_OxbHt=nfTh}2AjSk;C0pc#FfU9&_tN3)W`j?7itufmAa-U|~H_jmA z@X4%&$!R?DI-eWodT|3qq0kgzJnjaAe{L$uf7Ku%DQreZ%NFjp=m*oun-=Cq3dC|a zl<1cmYmhrm%}yqgG6~DEMT4*qiGf=se~f`S&mb)mvhCAs{4cq@$Ojv3I9z|IeJj9m zR^N5Zv4CHQF}p;0xQZewa{zXd_TEBPPL|cWpAWXams^H+@^?KgGJavu^7yS6Sb&&m zCE+kMi2YRvJ&%bU_W_G;4N=>GV$`NDAXF%CXF|azZgvxph;Ae8&!R;XxP^mRwOiah zVDe$EhW?EZZj|!0&D$FU)EEGkV=w%(XYT6EOjO;4TCufx8AC>^M-x?0=HJOhLf!(l z`h;9$=b*zqpPVnwzPPB)R+saqKwM}ppa91*a)&=W9D24pCe(j^`XTs3VIw03Uu%^p zB-(AF5^E1dpfGGU99akJ>D~dZ3(I#S`bC(ua2-`lL_`)^FPm2-_zeRb_A%q$)I+X@ z!Y!)|fv1kjJe&YkX{Wa8>KmI%@!D?YCw^&eNT!hNa=*<2b;f8h3~g{~8CtjAqKVAc zL^GU&yk$OWIQC3MM*;ZOZFH?cx)V>_5BG4a%P&A2S#WdVfUEbrIw(Nsx2uq=hS2{; zH@&;39PdXOMLa5&6Z=^Q)#sMqP%n=mL_vMIP#^9mlt%I=1(axL~anR zt#=#J+w%-R?CC21ih~P09;5429xQSwg@0OTNl`L9G#YVWhFN6U_F_{!AzkHF7rrg> zSUx!+7pqWo%oGa$^HK22F=V$7229mB5S+W03#=;Q!m?s~T-g+<`Xxg0=&Nu2AZ zeMxVt$Ag38`3L-SpWt@dPE>rncC?gsxRB(qB+E(BN}GCSfWi{>L4Hbe6V2V5#gLsi&JgOHU@;E1!p<9Hq&Q3omGnQ5B0oPDhqJZV)=>C^$LJsUA}snd zJGy3sIi=%uF$?#@n|&Kl4zW$rJk++P%&FWo$--g11 z)yu(zlE;2(caiCZ(h~PfG0s2866~IUyWZ7kyer_ls+1B2+KQm6vnD@3RYqF1-!-%f zp#CK`4d+0?DAlV`KfuZ=J#Ds;E_wJJI%>bW`lNPdrFrz^uT$6o#oA7%AI9q4)q%&x z?8)yp1}zr_UcU!P;?Bw(fCueiwJ_e*tlo$;b-On5sY01VH9i_0@5pD{KWlnZLB9xa zt=ff?^P^^8lap%4G8p!+uB;N0mSfaG@l4bW36V(L`sA8zjx^5)&q%{n8WOYP6@(rr z0~2Y1Z)G~bfp5J3QhmH(yU4e#=DcS{bG%$57k((>J44j($L;hZeYyJCKCD0VnfJ&Q zqpcSkDD;uEoqp`_2_jWYEnfNqDmTm<_5nDTc-Wl9w!nB1l7fpR1x?Px52kB+p`4QO z9xPRsVc+_m0JNU$9znus$N#2iY{VsDBGpa_0c z@)Um$)K*RpJrcTJ*Ld;3SbZ9?zTNA@GCn9lopu(cWFPY3Q9cj{-({? zTaEF5;2XZ-d0Sr+4bG)Sf1L$K)}x{}pVidJM$P0k0y=z77{0`#(#}0Yr9GrpU*Mwb zWPPg&FuiB-dwYgiGjAhbj^ckal~`lXXCr6_z4S?5t|X2ZPwQJ!jmTzv_%EH2q!mTt z!YM%+-z5Z`Zcd;E($LLXinStp&H&0*4A&oRD0O(fVxlptV*c+bR9vhKVO5bSG#L!1 z@2;;+D2vd|m?Y3^6eUvIDRB7Djd(k;LcgFM$vEAmRuPY)X?h#M$u6qGj`1)dzq1k? zh+b~88&7|)VsYNBoUHVn7zjtvAlc@W^n{dGw~;hAn+-qmbOq=U9XDCykar{z?9^Js z9`-%gbA)p4yd>GseDSe?h>@`!=33c^PX==1ImH6pR4Bap8#iL@S$Eb8B7aj5B_tF)+(^;v^5(-+@imgMo|7@l}z}xA9F1>Fl zCUU$ah-`f~^<=d7%i%A{c$D9&(c#Fp7=5Ui+fKq+{GyStk?^gz?!1S^F!Seo0c17@ zn=5A<*7Tz&3kp@u3CFLv)$hxKM%Ju;;NShb%>u`r4_prmQN)wK$-=IxM*wd*6{iAP9`V|)p4}c};12_< zZILgYJUAcjTt=!K!ekBKlcVR2iviLmVO@s@EXb6O7<&zF!D2h6?`-?~Z3-2tjM{ha zo`YG4CnFy7knvI!mH7-GHP?%QYuekU{ng(VBi|q|*28%70#?DL`8L}SVBTgA@8W8-d4=a^~L-SxB(iV+^YVw%i+0gc#^cRY~SU{HKEKMohDFb-ZrxQ zgDYHLz~BDD-=KDxzpv75l5#M&_qg0mlKjYjAki=v?&|9kmu4)TtVC4ID9Kj7Q!heL z1#*b39UAX)$!>hR>T_%NctD7ya3awkZEk-S817{uuG#EmbX=%Y)OhkwfIPOpyq31l zM{t>C73aU%iT|S=H86X{!v0C#8WsQH#gpHas;X8Wl-qh(nUgE*9%MC8)z-b$QB1}< zQ(Eka%&TXccBGQ3vw%)6lU zS(C}7AgL(vq!b%<;DPznv3pE|C7O;k5PPU;qc`NYcDU>Bz+lqrG?b;GxT&$QQCE;hs+hn&>Fc!Qj=cK=v z=|Rr?4s?hV_>Am((y=H7WOernDv>6d3lFMU#z##z!->98*i~?y!FCi z+CS9z)-onbW^W52SURioxds#p?n>iC`V?-oSUq2boo|%^V)@s6(hrYLSo% zH+yGL@cv$KBr7ho*TBE&8ns^nL#9-A zwgPa}fB7NMFyZ4*`S7Hu3s^4{$3kZqRZ zkmJ}?{?2ys%X4K>HJopDJ<9_2A$vm{5fZECYzln7zxQi%t3po#3%4bRRv+%AEq04f_i6FA=NQ;GW9qx(tLX|Y; zl-BfwPGHV!2b(*~RdC~Pd_j^_9I;`OQXFS3%uaotgx))qAJZ1f#&#G$a|4!B)8^k3 z(Zq;|>-*sdFq|8%=}GMTkMy_kJ^abh;12Rz>ZOKp+}fFXhT+k!p@;PGsT-}d@t=Z? z3#i+V7MHo!@?PCw5bM+e3+oNI}UO%%&Wn<>}yBq1$XAK=?6gtA)L?IRD7`|rz3<4|@DMN$W|0tvkn97VxB z+Q1e@QI1OYCO=+l$0;axW8Rx^E_~u81U4hTQ}>4Ovb=7l*?e8X(Dct+&XMYjbYm`S zFn>0?KP4PIhRBZyNNcEMf~+D{E^wyD!-3da1@zj57G_76gV(pijD*L5OR#>-$(E<5 z`g8cB99bIKzZj4;?sSd1hn)h>K`d99{%W|yY%Zy3whBP>@8LjA7%#|Vz8mb?j-TM5 zJHMqk;#z~a3;D+^NPs2cBy#*7-psnM)Z?{GL1EEk^S6`Ft z#Mxkzi_vs#%(}t3V_PZy8APJLq#SDHmCqdXE3bg@rBY`-o^v=*>wNTZ=mS_qr~VjS z^!^itvqVpF|-wgT>3sw_G1lVuZTL5>Y;#4)wK`*K0)&14y0r=}quaxrx7A|TA zc$K7>jXO?H#I45XmA)p^M+~=kOT~UStGEO*|Gu6=%)pjOuKsw*r9C@MA$yk!?zP;r zT54d!Jg@{GAA!0l6B2&X=(guq+Z+i#Zly$HpBNALZ03%{n9#*Xhm|*f5M(M-&KQeX zV1vEh-hn|ncRO8_wK+v=m3iM_nu)=^_U&Pd&rN9T09Nzsj=1?Tk`NT>_3EONo|mVs z&yPC;W=&!?U#15)|KWq91n}B;AlVA7`;Wk#GtNK-{LA$}4X_ju4nrw>TQ6R&)EVuG zA(Gzw1qejMD-J$dJp5#5OFG&3i88c;1OtlB67gCi>wkwWdOLel{d7lR*iS*xPpY^Y zL|uHYIk`@!l(4 zQZJz6rUlotOYs{KczQ|V#&|alALM6WjfK!IL*lVtiY`&egi}eV_jHLgw0DJXHI;)L zBnj1>@K8ENkw1K?UBoihP@~v~e9;0KaUScF#_51c440F`o}|wmPj!bj3osK!cYMog zTe0+F{_f4PJ4k??4g>wd{?zg1#4sMW`wr@oq$k7qo_r&%jdvn-H>=5caod}#+1$j2 z-hXn-DGj?Yv3ewYHvXo84n!u`%>d`W2o0rco}ai_rCri~(Gby=c`aDR(qwOIB3p*! zia2Eh4o@VE_36gM z3Vhm0=tF7VyIkgOxtTPW5L?8kd>Zsn*_HRw$skNQ>Qr?{aDdOuQnB*UG{ub;~gX{ME3u z(4e6C?v66G2a-bVLAux*U6K!KAO2H_@AV`}Kc+Z=U#D4Ll=_vby|NO&kG9<6B(*Kd z$=n%be{lb5*3QE01De-i+yLDZUOCai3^o%Dv!<8o;auIj)iy?gA+4e5yls{h-wTA5 zxddoBWLVgKZ>n>%}+_{4^_o8Gyzx_!=>Qu0qHQT=30 zS1a%!J!CQq;|`$ht<)?#Iav@Y5L)Ld&nZfYDRk!Hb6fbV#Ne) ziwB%)EV-W4bw~KT8K>R2nnHUmqc*N(#($+qV;{FLzI7Bm`X`zcr-(@?uWhjOcakJ4 zI>pErU@da_yAuQIuK?TAio!^FJ>I* zwx(xNnzVY?d5X=VPc-UnA;vWNY2$|i(z!MptCpabv;%p0mm>Lmj)AqbXy?NU#_b9j zi(1bIz8{Fb`y&x%lEPnv*YY?i*l3K0Ye?NvWz|PByr<^(okrK!lB1oSP2=`o?)Z{9 zUZFjm>!x9VvVl1ewbY9U!sAG1A;ceMd1wDmoZUHU1-bWaNmOlN^izUc1D=}gvWuuu z0MSsu-^tvCm|4g>eugo;TFc;ycL$1?2!U=Q3<3!; z!O}p-N3Qw<_M!Ec(f!$h3BV8Cv?#Q)goMQiUe(c?yWEJp-cYb#JJ-fjAEq<4-dbLv z^EYLrkGQXtShe&wEy3!#-n_e}lq-lW^E`A@_i)5|s?vRSr4U^TsF_}?aL0dhH`>C4 ze2BkcDzkDax+5F^7aKVmZ!$rV)^o;GJT?{U+vczPZu_bIV%e9$9+Sh#MmV1<)-{JtgsS&XDk!y{qXB-J(9ZW6OWf%YN%ZI-^8F1aXteJ)p9dC`WBCl zIMI$_v*hwjm7&E^vf~N}zV%96k1ohZtCf0u2KmjfE-!c0xH%C?eM4UE@1UC)1g@PS zXV`~EB12?ugW|@01|LO7!-ZB%B?}EX6ZU^tKU7>H^GhYB3lr(fF?rnuf8Nld4aES4 zp^R+s>E zmfX{&{%UwqX>{s1f9P8&mHL5|-kS&)i@jd~J_8F&+1`{$?BYsJlSS+-+ z`T#bs2BpOmub!zE6xZRVvEdR@AUU3+?7+P`m#`4Cv%|*Mk1O+j?<#HX-m#zi4DKY^ z(rYTVV_V9bTEl~BUA~^Wkf2H`U)P({HF2sXv5gXLkyN;;PEdWGQ3)ST{9&^wK_A0P zf4UH7>f>?>h}*1sZcHNuv1Wyb+h>H+`XxK0GLb;X0R&c9ke`l0WmHHVliHt>biH`B zQ`3|HTwCeguO*xVZS6G~^7vc2_-It0$P}O`LJI5c!HjdBmw@ZjTAe$9LU#pXQMIc- zH722ZUc>JL%CQMaBVP+r?fk^W;9rim-72Uu*gfVAjrQByKdyLCo;g#c|7(Ge>_31?xOSHd8YI4--~W^T6)v zTl$8JjE`J@)zhoT!^1)1khVW~l22q=`xC|3SIqJT6s_L*q#NOj29l_B$$#aR;I;}O zQga&+=FRvwh&K7pRz9{qnnqR%ZEJR)JR(ijH=W}>qN z?F9xY5+Re7^!IrJua=Bw}~ zN{i&PtkK-c1aa+CBIjQhwSIo{nVlC|$M9LymX9g`=% zG5PEI_gA+ZIxpN^s*(qG+!2vQ7U()CVl0?_iw(i753ZjdN8qcbj$W(UI}&nw)WiyD z@gW!GOCfbVcmL1c`QI|2Z*Q~Lb>i61Yc`ku^DLxm>w}AGfW=qZ1CX1W4i#k&it~mA zP+K)11d(E+@+6~&bl^$}Jv(V+Zt4w*H4J#1SI>R)HQEw)NpfDZdTj=cm`Nf^W%{j_ z`P5V|fCO}xao|V}P4Gqa2l~YD)vuKq;SoJ7XPA<*C29&60 zf!JP-!r*jMJ9_x4TwU=b6S>AivVpAmelU6iF*q`{e?zb1v^$fRXB_{wo?rwomo#18 z(5|Gr6r7)WHaNUG4fpUrPIJqf-mo%wWsYU0gV%j-liIklT-LLj-|?T;2~7)$9B->)ov`mdK!pJbMRrd1{S3#ykvyF9Vl5r3vZ z@T6eaKTZBF8yJc3RkZYJPwh{5dG>0U`AJ02$035thHXO>YitU5I;YnZS8zupEk1G! z@tV^H_R3;*)H0)d@kCKPmMu@HC%*$13Pl!K&~DeOUVa#XtTQ%Z=eIMjabd3UfKa=> z5)-w%6}VyOxBtkZ#1sYj;oWutBx zJ-4RFhh*L$(u}SS*p%Q~`y%=VbWP9Z7&CnN?DUrR}S+Z z8Tj?ke<69 zx<6`ZT~kR1d#C+FX+e3hCC@GVtwxsSXy(r&y^)wmu(lUDPEjeS#Qs1gE;QJDu0}Qv z#aGq48MTOxrn>6Qe0kmZvGIq{^Qk${IITX_#N%;dl5W^C8fnKJho8q70229{BU>|B zSx+b`KMb;yCOyGWjl7Sd2;CUpAg{;%$vV+B3qp|WyW*FnPvOm^LPpH1rd}e8)=N9{ ztM?tTo-iJr`=WQRV`OCijWwc=EQpe_G`-{SqxSw}WlTN?19c z*9PB$hS$Vsl9@S(zIyARSRI7HNXGiC&;F`nt;?^_6kgqJ>3N)y`+F>6mEXb0J2XA| z+y4(xQe^LKzW`LC1|EL;FEsQY8*!ILc$eBU*Zn?1JoA5!0jF2A;@#d=AMmdPL6*#T zElR&rB5nPBa6A1g(M!xsfQ-I9?P~?oWm_q&;JSZ1Xp?LfmO2W#jiJfgbqcPoJmNl0 zXtm90L^862Aye`U$AEy}jm*LlzJ`ZA5Th(hl1PxoIP0)}QE}mWft2OcP`gbFw3gD| z)LEr|mJ2I_oI{O$LRHISGgu*E-!R7rZQSMtqJf4^6l&f4u}S-}4C)qMTR1<%10%H& z@R!(Jbc(()=;o{%Lse*zDxRgkE>K_v5fP7fj*w-?>n?U9Hj~!C1M5bT?IzVx=;&I; zlzch3h~mXysb@@T>mqo^VeIvEcq8PTFx>+g8EV8kzR=jHAl*1C7ueoCDCz6=w}mcB zqsH@>&>wSS@;~DDVa|s8mQ1_7&KmhLTXvK_Y`;?Z=$Zv7)1>k1^tXAqwh!|1^6T=? zj)BMMyoMt4Z686j4Z}*O&>8&!^ZM*x8-SRH*>^_zsUL<2xv4}nhByU3>Q98OTz^db za|o>+JL6o~&%sJPqnK#Pfa_z#}q2?Zb3%;&_LfQfXBt_xKJ4lXg8n zFL$~3iw|SlqP!OiJt0qWWlR_fFqJuKP+3jHw-S}sWVufg5x3>L+>(uX;;=#%NM`r$A1Z$enHkhaBFih_Nh!`>yLgzY#qTBy%~xw~Z>D zK9@UKjq9_G$WFcmO{n&ewiDjRNdK3$#+!{kFxk4LkjQ}hrH9h?a{;s$Tby=ZR*P8^ z++2vZ%xYUa_)l6?PqI*#o~%75trhU|D{*h;G5JhMiN}sTL{GS8<#p$=7ryR)nj4~m zaha*q;s?Eba=77jz%Blfr z$jmc(@w)Sfw7(x|B}h@E0Td@Abk0;(b!Wj?{)jTqzT%Ki){2X`tUi1m+WcMU*BBlZ zO)Y4cQO`GXz5gdP!Y5;ALr3ftoBpI&?9>mJCTtEyA~!T9k9zRCX!3jPeE98pdlyxv z%e{Ngp|l$EQEIWCyFUMSwwG^Hga~(>OKaNTF?9N^R90X_9zzAEwK;K`!t{vTJNU3` zDB%CkAqlJ```_%hn;sh>%YXgv4I=_nikixbP{K!3@+v|*(#YhC+1Yz@U80)geRqi~ z${^EO)5-*q7|uc9U;%?DE3NG6_j*skk2k>fh`xb$JI5XdLe2H z!!|cdQOFt0r3J^`KcL79z#SM>I|Pk2lhC;`iML6}8k^Lr(q2MT09JKeZEPjV(IsaE zT6DkB?p|Fb|FW{3uaYz$iXzT>Yw3p8tIrFZE2%r~R6>k7q$Ulk47`?6KV`OaJ;2x{eYa=B6G_O^O{!b(M{q1e~?@%z;Y zq=`ToV_hKERGG4Br3aZ05}&pMjUZ7q`l(XN4wdDs^eqL5!2hC%eT`JiD=S;$bmV0| zilRLuY`KWv4}4EQT~JYJ^VL#|EZy>D4SNHN!WzV=5Hy$`h^7E>7xGhuI58j8*KHgJ zlZm_>^+%2iMv1wxb!fVcp$@y&1#UC>FJHR5R>dF;k)fwZSnT+pfdB9YsVHii^tW`? zGO&=Stc_WH)|%h)_Wx#c96(juivPyOWyF(KLIXwUYei~!=!FEf55DCrDvG(H!P3<< z35#1@fTf@4WOGLbksG%Lw5CSNEOBNkrWa4@*ijS5EI6VhrKOByToBhf)oZjbn0Xmz z-7YQ*c?Ats#v#jVdl#E2vzf!h?d?OPdSX2W*P_e0Dl@?$-KC;B zOaW0p7^Ai^$vbX#_h&6@M(VnJuNmzLvHD{i+RJgb{|U(Ct91CDz?T?uEJ0*vMISotc}n6u~w9l$!B$x{mtt zi0c4C@}@aI5}~{%(Kc&VY^-P){(Ve@&{iE&uGo) zZYDeOUN6XdGTSaWSZ{TMtA}BT(bUbLx)kd2h%u$t{!DZlT$)seSZ);-CI+uX;C`R) z5@ma?yIw8~tVsh z`ft{o{oA;FekvW~rrbTA>j_`GQOSVA2+A5zVJChkp=CQbi)i&~R;&u~S;{QJV9c_9uY0gHEYk{T8UnE++w zO2UeP`TY3UF-eW(eHb_-9wZZ1^>u*osfA1St0Z}xA!abcrqZs1*>WF0JIv3fL|WgC zmW1IwxjEV3Ai0poy%(iuB2QcM&t&zLqv64BOJT(#V#(NMG{>nyY?g~g zm^nLB`E)f?qxn}Nbyn2wdjwjfI^-h7*}Od667}zA^^G60|G)y`vXs10jE`$PJsd)r zAGK6f?iy6gVJai{9oEV4EVGpe7xmoosN_G9KHrB@76z>swts0SZdYvs%a>7NcuujL zC98HENN*tps;!hZ6T%QZlE7C}pSP?iW)XKzRg3gXUT13&S!ASSu_;ORJf3aUWTO#| zUG@>WKM(NS+RE{Mn8AKG4M7mGzshmaaAl$3_PVfHlh86ItJKA2)sLu>Vz9Sa3M8!G z@wo56EN9r`Xja+KVi@XeB)8J$)RUSq=dxwiiEmS0Zj>9*C}R+J5ba^k3;JOYBPQi8 zV*3<5q$N8;)ZXwMkxm#zJHhsz??~K$@o3puTWQ+Kv)dWD%I`Rwqj0NUHl8#?>*u^S z4?^#Xo6C=68sLL4CT*edST*{gdF%$Rmi7-mjDUe4+=hyDk{^jbs4Br%9=^s^PPt+P zj&@9WH{(m2Bof}Iv=>1R&O}qXmbqDJeF(u&s)#4#D|*quhS*8I|jlBw-}u^FR<`9pzmTD79p@;~K6q?T!?De?CzMCeH&&MXXDFfuLb3ZgldQE&VI(aIK0#v7<~!5bjasY1)loYp1E|}jg%t8# z;Kyf!6|<4+KkD3*j;5xRz*#c8FuYLU*oL9ktFvnY zxxE^dm|nq9hXm-c$hwB}F=lIs=Cx2os;umNY13oDq}}2;2}#^{T-2uf4sxE3*^z5Q z)^kkmA4wbeAt2OQ+}8&xf}pCu-@a$#4|_bF4fQnX&vn&SV!F~I-EuUNjx7IXezEI* zqgiW*L*AM-fB4Gci)03{wkjAcrpatN#`(dFZ;(VGJ1aW92)XB<>r%a_d=$80>{wqj zShMk?E)w)s!_FP;P!^~cQcoUkCr!M8Ljk6IHQcDnW?oFMa?_ z*M3S;QqnhmgVBgJ%eL}6uZv%0gm3>Z3*|6^Q|0RPc{hW9*me70aA}G^QzIC%XO-i1 zbM(2mcWJHX&|D0Kd0Y)wk2S2yO{sTa4E)vr-LBOYC%K8^TLlZo2l_GiQwW{K-Kdu5 z(UNUnOX)G2rkHGR`rvk5HJP}i6dNX4zO8vt6kP$Hm{u@wxE~YqHJKs4LHzj)&Yz(7 z^UK14LIZJCLy3tgKpnXjqn(FgaHO{)qeQ+{r=fsq{pj6d9Ru`1Y6wjJnyRw(=XGNEbzm@cu01m1(P3fm&LU&YO6+}Y!Yj6% zm=r;`o*n6L;a7Y|%AI??g!5>wL0m(k$*g0E_>iX{6cK>U*VNM7Wj@IpQiXA*c_5Jh zVWb$KAAOCp=K2v6W>FAUZt$KwBR`PXIwplr)sPN_9d@5_2)CK+U06qiR1dAZPIa@L zXbjo5HFNps>pT^oUrGa_Z4Byqc5ioCY}N>g;~tJXFx|r!dsf;okOV^c`{i~~OLx%RYN6_Fo4klU;3-c&qdqO05xWMIhcbLjkA@3tn+C17Jc!9BY=J{v6`;X9EB#BD|+F|xKozz2R&h(-7jPX+rU%7JoXs67s1Sl8D!LmW`SqP>TR4FA5OcvCM#Zg{F<3<}BT)Kr;u z&YhWHCM9e2xhN1RaCLB7p`e1FJDP-|i1%IZ=6-*1jD~wYf=;$0b9RYPqvdMGI%=-E zQ?>5n{BWAszF;Vh>d_!>6I_E;IO@VO7qXmfT?`hwx`TpHt$A;5IBFgLP~lz5u?&o4 zI*;{-vf&6mwITHX(H7%t$7$y#ASFODDsRLA23=I&wX5H-SXdEj^BF+l{;O_~ zQrZ-9_I!TD4~NT(*IKIgSI}Q-(N%T|2-^ae`-@evZsU=4H5v;XHG8Q#huFk{cW4rh z`OLM-H;3Kcd-DG*+kLtu+&ej^hZoReFJ~&1<9v@e3|Vb67l=CmI*qFhM9jkIYlf3p zVOZTgRcKn_3bp#2dIUtu`4Kq*jJm$BCc3^uIroAiU5%c(YtLFo+)8^^BuRU?6kdkB zY5AotV5s0Xbob4~yo56N%b#H6l{j^W>(e0i{+cqfS`{_uaE`f%;i#gbScQ8vo-(m+ z?Qj%vBfd7Cb0$|~!~ag#d1`<4I*~8L>DQ&B$G%aFJ7{*!b9nkiwA3<<%huvHy`9mY z6}(f;S{Dsai zxD*OE;>hp+O-@U6<`P-;pgiwv927?}z~FpU{8Wm_HLfpQXU z(3tRsQo!L-rl66q9Pj5NL>kXdXX#>3=5#dR#@5m6`&y#Ok9(H# zE5uy^~hNn9)nA}6mu{yM~QN)H(X+dL?x;jfZe6irtT3lC{povs*ceeTl z-TRtn8Ig!#w!i*92sCshC<-I3?%?Iv;sh_ca;yQI9X4CGj~pF+9=O)zbwcV?i_Xsb z@u~!D>4pL1I!8xH8h$-mc0F?wM9+3^9A%7u?>47ytv`}!(RG*9y8e0J`u?T@98CH+ z!aquyFwAnpf}H58E$=jDRPN61P2dA=|%_L1H?K z!TN&?q-)YP{eE5BdS@+!15G>m1{g4rTz{mew|0UXfnSzvJO!ZlNaN1qfD4N*{Emzv zKsG?X&bN*4_Cd$a7J7c{IRof6GLam##c+=Qh*S+% zG*)!t991lW4s4NAZl3)23FJTNhk=Tp#nqIQa%2@0ptbgNlspEg?7pbUHD&*0Gznx6 z2{8Z4ZTAd=dr*I5SbY}GT1|_>I&TTjGK38<;Y-5bTC`kvm1`E)um@OZqLgOP?(08?ir4!+5ow8Og zU24id2ks)|=GfcE)z@3)(8D$t35; zA@x4^iDExy>;Nb0>q&*&^y#RhgE!Hv&}7zNCCf!P<`8rsA+)A*(w#kPwPsbGN;@^! z$xkS)|H$m;j9h1wCSMt|((M^&>50v{q*0z6J2w&a>@qtx z`_YxPwt_V$&0%bVWM(z!xsXOcG*MEk@ zOhAS8fow7fFZu&cEIvC1r5+qoidJGQn+PZu?n+xNrs0u+O1#QScfiM%^eTf&@5k`l z72W8_C&6v%qyvU7p|L}f-XA;UKj|rSL&7UB0?WAgnt8{i6#Tbyz3IgepL8op6Ryu3 zZT#SrD*zD&XrRl_PE0V2y|+?bP`65OOsoz~NNg!~HSYM|1l(%k==R9A_Vnlu@MCJe zg&3-q5@Y|ei!I7%If3G;M;xx}l*-@079)ZD(rwL{^)mkvvc0gEGnH3Mi`MDChGg z+m)3#;LF}2(p1iHAzEBr4HJtsu~NttzD*9lW!Z|b;EP_rGMfG|JLZgBTz~Q0eB$~D za{qAc?E62Kg;)AT61QoP$=$%EcI)xK2Xt4=$A9uYqwek-?sdWP<@QpQzw98ZEtc$B zk?EJ8+OC#_JkGwoiHp@xt|QyE%ZVShXRho8%Q7je40(0jKPCCA#`HuHB>rH2(ZQ)s zSL(O7$I%Cl`GQ}55EKy-SjtYzgV%y$7zMR3rmCF*0 zCN=M9&E3}(#r$#o=SBV(cW)UGSC;e-2X_k=Xq+Sv+}%9{2ol^axVyU~c!1y@+})vZ zcW7K1cX$1hotfR8l_xvz$M@sy?%U^{@~U&Ietq#x25Ye=>E~T0`!07-_anrYGMq$W zs1x0csa`G6is$=8O!c3`WLV}WWXwpoQU`_)JNIC!JC1G z!NsDF?luaOSn6tKJ>Zgg9I#vMT^KK=SrgkPLC1s_5kGxk3ur;!4>Ra;?W30$QiMgZ zcz|OjyX&d=-O1(m%9+GD)Hh3F^rSUaS+@pcj!fI&9pzKGF$Rq?*M&D5$sA#{RtFu0 z;vur#x4q3-&C}Rp@o#Vv&zS1@%$p4WE9+gz%B+xz(#9h^LF}rHjpvB=sghiT`>rNP zkIk((TS<2&$-`j;a8zbdErv**SF6wC(Xym_>6uMq91{1c$1jD6_uERn?)VO`JKnuE zZKQ`!#f%sYbF^Swy6@mW;ivZuo&JcE9!Vf>MVPWkGZGo`gMF#(12Gm^q5Vstg>&IT*`-dwlaJV*6_k4c!Z3}+mSoqQcA`QQk+<8a>Hu)O37_$qr$FJRf!CAKR zu&;YP*Qyz(+QHAO^3Il)bd4 zKmhJq)jpG_72a)`JFF-bY~zq&)9*U%ufLNm@eE;uT$zGVj~X#lDR|CO4Ia=k(!>iV z;0kg={Y)OaU%-(|7yjyV0vbaS_Z4Q-b*|HKqjGfF9TVfF!-l=rySx^T5mnzGnVATx zs&N*5)n_oU1{q|;oUAG7@1ckV=f=_$z1Qriu8S0qZDn4AtK%+L*wvlWiU`(SoiGMo zK%wp8OR7xYTioABf5%JkH>s^bs8`qS(q7^Vb&58t;|uMYTUzoz%l~rSL;UoGVwt)- zf2Rm-T4qGz!@ssGTq9yeA|I7nZ}n&Y);tTG_Vdmrv=H-4;2pvbAvCP-1&4sg-xamf zi;5WaBQqPpiQJm3^t$#0y0ZE@#y4wjn_7y>nXvX(V-@rubV+)chgFh)9?CeNy4o&$ zmm$zTS6l@ooK1FzLSNZ|r#BPLF%=xnXToB4kbc*nhm5>aL>M}os#LaTC8nr~Clf18 z_c^TPEtIhE4A=PZoG^-$nvELDG)8uTf2z{g)2S+yVoR~EHzJaD0QI^$uJ-xZ?|sTZ z-5-QpT_p)Ms~C^?YK8Nmro!y=0!hmwbtsZyW*^w;HHZzeMzoq1K&nwe=M^|u3f>dt zj~qoB82lmM_cxo3^GgH~50qoC7IDuU=siRT51e@yQp#tP^Lu!PiVIQeT^xE#jfLm8 zk*$tASqwH;JDLMzSKkC0$Qnvj@L32GR@hR$8as8r@0G16yue%fDApc!QSWp(+>xM% zD1n=pbuNn8FNq&HLen!KjZ0X0L9?$}Mlz0pI+)1*BYC2`Xtk)*)+1-hVD^YhZNSx) zOW!dPe=wzOk`znU8zsgf4YpgnU_F(CmM1Kk@QF|;^axrQ%(bQ~1mpyOpN zPN3vsa~OxEH*jcz`&t))2lqA3-hJBWN_2^uRY6?S2rjzJaw%)cDr zrZ+@k;7mO`2C8v9KDPEQ^}{PtiC#DsYBMFuD@<~{wZQVlmy_?h`22Mj0Sq{N2L53D z0IERVQC|kK*Rp;zQRY<*qIO*B?j9_-ya+6X8z7FK$Vp5%;6fa{*vOVB)Kv|{4msJb z{r>SAxOmXeZf@ePW8}+4O02)t=fJGOp!+#l&4E*xY76tbjp@FqnpqC6wiL(~+=HR1 zqIuqm3%Qs*a}!Z@&gq?7OO{bs4bFlu^)NggMx_2%_}^iO8q4Wj8|N}MJi83dk@n!P zsN0~|*fu=DtKiUH)#2N_E<x>ztMh!G9Pb#t!_wVh;9-6M{_w$sXxe`daS<}yrh<}fSHXg7 zX-`1?Vw+?xeqJ4AnLg&I5=HI%hdfgehd7Kv9{*@JG_?>(S=l9j(`*g6qbR!tsSGw^ z0W%9iKdk;pVH<}EciWUXn6@R2h=m}ftiT19A9m@}wnfwryF@R27*Gy2d#?841E~*8 zg>CSmbi^1HH*?;=I4i3~xYbiapnNXV=|SZ*D`WLr+%_)|cC^H#s&3Y|xTJu1#vtqG zb=HdS809fCmQd8fM%?z4V}+4OiAMW;mxr<6`|Z`lEG$Q6BOuZ_C(#Gi9tn?Vd14D_ z!`C;1&sohh9Ylaf1Uxw5gEt)(x-4P8FcU-hV6HKgQ#nd9llI2kIKpx~R}?mdh02(g z|4SRZl&V^1TOX8MDqC62C!1yfS5~+TvZe-oKjMJwFxOF7T(F@W2#$Vf07}@G!Kn{& zfqej<7p89}HZmY$xNK5Ti*t+fs8<2)sIXpYR{URPwnC6vPdyKsZZWm5$of5VgZO!f z1C+uX4Z~?F1u1!m9D9;sSx!-$?D41SbbDOH==DiycWl}4Nbk!REtSDOX&Cy2ccL9X zuumN8COUS@6#HSAncwN$WTCCJ;>>hJ;Y`6@5_T{reGoU)LQRn|G(gS`Fgpox+tO2r z!RC@wWn0;L>K>p0$hyPejVjMOi&`^R9>>ccx6G}D@8_1i*gpY|5Vy1Aa0_WV;~YI5 z&0o7=uvQjMl)Sb0re{OgYB~GE_bRs;c2@ftHDn~h+ozm!-w$`SCxX7G;Dx@u(QEJ` zE`O()2D2K4&GSK*n&XBMlhcW4=Wfz*e}@l4E^~hk?-%EXXgvcEGVLK7J{ojGV%u09 z-krQy(07fSdIPk-A8Y;neVklUlJA>ofvNk{zn|Fu{tX`#BvsCO0{2XZv_4E&0HYX% zR${z5`FIar2qb}uTLZ45J*}~k*ukLXTL%4O!8&?P#KEx9@loGfE>K3cS^Ks>9~2k9 zO1uiNOd-3@E-UDJJybJqdLi4bkt}lRtXX447T&AGa{6}kL&NuSxq);j8#-OSrGpom zcqlhD&m2_181*SZ$x*UrJnsAkz|o6Bn?9g{3>fg=Jm? z{-~V&S5&eG8fqQCW6qG1b1&X6Sym51PcB!uW+y9D#Lk>~7{g}CIr;Z-4RP7Ox70lA z!tW&yjijH7!geRB_U7-OJs*f3SHER2$RcF(;v~8|(Rbb(N?Yqa-YR~og=FvKO3y7P zdUNNvDh*;%HoY3&2L%Lvr)sKVN5c-IIX629_P!3dzBy_QYc72_7gE1$y7#z0*kWI~ zg;xhPSqXcpp*prW;U}0&^$fCYBXO%a*+JRzyTe4dUtP^yH~L)glx5|KX2owuNTgX3m>-3x${nG%*G99S-&!;0o?X0SI;FR4H?pdH zMA+W=4keFxLt{z96=$C9sEz)St?JOLCPP_y&i1C|pH0HwMzd1<>^x6-ZpQr+|5rW; zrk6HjVk2x>S7ah7emAXybs@98UMnCH@OTeKZ%KzE~$;w3PbbHbyUBa6gq!WA&toq(6fCXdx8sv|+FZX~aH zUR)K~`)PjQbKHLpbyjhVTSbZ-7!1scG0MqcD^0M8R&`+K!I!mFQ(2km@Cmcn97;2n z3EHv4OW2j|_l(>#*q)Z(ZyhO%C#*b*W{WLE-*du5#K;>c*JkZ7TaC?NZtFnnW4h5a z+mLSFy~^U}2N;ECuSLtL2B+CYm+abesgN>Iz4{OrMAn@Hm0L^H9+im`Lq+w?{5gTt zh=!IbG6%DH!5oHE_(o@wHn?%gDl7Z^_$afcVZpEFR@(RZL)IVq@Q;@Pv^jrD#YV#? zy8jOS_J`&Cqkj0TI2R<(HdOn$>QRUV`Sh$ZPRTVQ8y7 z=l9=b;GfS}6;Ik!Uah`hZJanZo5*JN%HSfBheN7!z18bGovky}#9Bp|5=tNDG3U(u zH=X%+p8w9%iMKlG^7#zs33U;}oyctX;?U4HWR8yLILDQ;H-m^kUvzqZw;5pHphQJ( zPlf{CD}l9*knLWQPFRli`OmwLqq7`9c3_;82Rd$EV6hLP*u-JW$XXwe$N^3t(gc{|mMyC`QN-APwy8#QM;30{?i~L%g~{5x4eO_Td;o-9ISR{T27) zCAyXy7wQ-?Nm;|DHPsmURi-g?u&pd8QcvmIUvy=iC?AG&zS zpMp(9Uo#Y-A*CjpX7}pJeMj+rnpmsL>A9hjKIx=mD5#88I7G}f1Mr@4i@peIqw{}P z-e-&eY6wL^L7$%(u_G<9-geo%)@Z05yb%kbaP7r9({f*`s_bTx;=iUCQOQj}+h0L) z*!=Q!u}j`Dp1d_th{JwP?OVE z4QbzHo24Ji|+b}xLo6a9T419I0 z8qWV@&BzAhn6bLfct1`5F@1a*PAe7Fy7KdU#u~fZsET5E(MwvYBnm6PQ(7RhOpE35 zNmWo`H6u-+`uxQFm%v1|7@X-?U8>Nb!E!Jhe~$tZYuONgu*FeJgwaciR;k5% z>FWbcyOV=F!AS$co;7~1(5hiR1yObQ^D zCf!r8vI%nBS4X?%ifu9LYYDJ?4mgvDa_7Q79T^T@EX7XJ}JPNspi`m6w9Wb z^}s{9-+b!7oB2Pnnfb#?=E}ooNG7giMynmYrsGA`(Q~Kt>lM1DCSJTJr|_?b*yi0z zsqn~1?FEKDb#zNeQTW^{_<)^=(fR4Hz_*AmDCEo5ByhqvCNl~gGSSm4 zB7N3_okP^w7*L6@mL6r4Ad zrn`d5%hu$9tv|?V0o>yLgWjbbd)+SZjFtgO6P$MX)SaCz+R@&bVr>jzjdUJ+rkHg zsUN9)Auf&(DyrnA35`kK&lsBN#i9%MRB3s99#$I8;qKOQur3lB-$zi5jK)((^mH`* zstB>nhpagf*=xRi0iTbrO~vU7Qsb!0@nhQ*Xc04n=!w*`h7YH3p@`9*Et}UAdZ-@a zV^LZG3JwEvM5q3f2cX4kkEY0>dNkyKJSi*|_6(P{(IJM8btpY$9#C?Wm zZgqkpYUO){VcxNAk%w|}y@Y1fb5`3xCSk{Tcei@Q!(i3LbboHt1d?#`j|XV=$_I_p z@290-d?;gFLMs&0UNN%fw3YacnyKDzksl#+RaTAAgvrJIhab-TdPU|1+Rlt-#veNYTEm$SiXD$pV7Abpdp)nX7fSSkbNkv411Jpk_))aZmurIqK=*c@8nTv|`T+%?a`qc&U4j-%l=^%Q3;*hlvz&^%b(*x3G#EE^iTLPsisUosz z@5STQGTd?dA+(k_o4mR)R*8*3UNlNmvTIb*qJP8Z&nlG&fmnNfYjJw1xT0q{Wa|b7 ztHxbeg!>r2u~CP?cA$*r7UZ9RTs2maJ!8NgddOuDE+T3Tn%PHW0z<$fX9kKXG`D&? zNHc87mx+bF#z)gp*DkFUeVR6;Q!D~PWs|sVIqmM%)0{1G=?Pbjr#ot{0-#qbsHVbp z@;iv6*}{3c=536Tk?sh^duJ!7m!4T$(9<7_zdJ^OrbK7*9nZYBf|aFHK2JVSVAFhjZyM7cBJ z(eF#NjoEcc7&h-_N^WorQEr_eQthe=CkqKF6LZCGK380L_jMMRq4pZ=oWq4~YV=_^ z)MY~;YciTZkYGj`tfquS-WC*`;bT;!o-8MEQsZ>wFL#(HhpA^Ak%~jNlUU1zNwQO; z0TAR!9Ct2l%TuT+Z|d_bO$9jtjB3Y@Cl`jcgz+!g|1la zV*AgC+MT3q&{-F8MOYA1fQKFuI9PK~q_il@&iNH+;Liv96+_SXkPjH3>{y>G-}`utZnIW_A%eP=F1> zfe$?sQHjKs0u)A78S>X`u#h$S_Q-~_-sf9jmb;%G(*xlgIx2UX(Ed!7}si>qc3Vo>7;9` zn;?ze=^aVE6L+-Zc7+WTvBS2jYvjg{blWAUFqbOJL+7e! zs&)BzMm7l`S0=ebJeS&;Mx&SDFo#54RUFLfZa2;rZ^B}Ic_LB<6R?)3LBRRJ?24?$>6(CQQ+pZ*d*yuAouH6F zAT5C6Gt5l;yiK0W&Gu0D6cXcr5?I|y=JDo|Nn0eWl1e#rUh`f9gK-|o66ygj`G#6qHIqG@sdEgYuE!%qF@r0GxC2z zN*?6!k@Kx(EutL+>##F#F{BsQX2+sv5FV_6^*)k<1fNbaN%nRMI&?}=rJ&R5@HpD% zx&bzVTq^jiU~^N1VWTN+&8&u9*>6dK+Rfi15_85V6qwSJ#%9KYP`mux7dCso>eccZmv{YtVptzH@ zw>rQx!!Om(wxR!dAfv9Ula987Cu(f|>BsFCb=Iec{7`v&G-Tj#4^(RS<*nKlxwE`ZJjiiUJ$`-t4PP%o|I+xhfQAJw^yG}so%+;vyk)ZQ z{s_UtHVxy6`3x!YU5IHp*xU*wwj6=wjD3ZI-$n1! zop{L_obwq)((x0{Y}-P7fLiX1X{G!z*zPGLEaKzi?6C%!qk&1!f%M73I3&IUF|5N- zUOu5n?oz48x8i74kXe%4K+*lu`$vt0YXnpRuCEbau?&}qbODx~Ya={9xKFo~OZSgd zJUq)7C2UpSWSpGq$%`TvFdh} zF3{XBDueXXx{iS^iuh+~ZS$vI2jdm6F_icRVcydG8i+R?jV9(Pdtv4iE zXqtI3Ub3S(@maG!UY^6c8wIeF?ek-^&8q$~zW7Ip;<*0ht2dlxW8+IcYB&W-<%gBg zX%x?l)U|^d8pC@fw1pXv9rAf?Gr$wR3LtW@^ZI_PxcPd`%MsPf@hnZ;nk0=?n!?WI zU|&@G14ZIHGPF^$g}IqmO3I^w3D>6LPV}nwx{;E0W=nYH^EFmK#X*0cKaKxWU}Y?` zq56D4Nh(oQ&BrxUsW4p~BLsEO4%_bb59cMf4A6D&(m~izFJDqPFEPc+#T9?IUFku0 z>oRBfV&BDReV~q(JHeqEZWxN)BDgap=lfCa7}0-#*7&dKztD;u*)#VKg_>(nx>z+C z(ycAl2)$+5S(_*-3DYudsD#N?0*3{qyfKA}8#9Wjx}u7)RJ0cZ_?w#)o^I9#uv)cc zfaShQEHXK0P7ayM^S--8*tawZ(g)@!PU>%_ZqDWt-#IG3W37DWd=-{w)H< z6$7?|VENkkf+H@4ey~G*qcKo?Xy+1^`J=t>zfwlq1yX;h9rqK6{9Pj!FGG8}$Lm%7 z1$1IPNF;?Wy*o0bW(T&X07lx8A!!qSz9Mk|6ZO2fJ`}(XW8OKWL7jfZLhn)wturq*S?B zE(4FB=G5r8&$t>btO<3AjiY~JW(DWNbeLGRvTnNk$uc9AQiNw|sSl%k$j&(+2*TWAgnOT=AvGAP+l~r09C-U%<)#DL zzG>v9O9VVd%iVo zAA>C0tPU@P%P1(h(9&kckw3RBshsq(AFpdhsoL3IN1H?(z6$T!V*?X=H9`P3Ie{kQ`zNSX_AD!(#F)7nV0Ca?(AgIq2|ew&=Yd(F z`+E8&A*yW{&MQ%(bz{>I5X?Q$dB!5@N}TcuWI&^ni= z+0Uaj=Y!QfSeWMmeVZhcrFz9s<{8i{k}ZNe^g}ex@n(dR@JT~9bqI@ll}&DSi>TVm z*QR=hiC#7Zh4vkkyB=IzA3~X(984|U^8J9iJ^l=9W`|ppg6S<_W~VYf+)^1p#{I-q zu2Dyp#xCc7lrzpRyX2wFW9v+^Rgr+W;xE%&MPqvdJtW#S^B4k~@R?J8;|G)B4*Apgd8 z)IQ%cVAE2Mws@=X&bJn2vsl&p&6!_0_AP zM!-*YPSZgwdFf@|m%RnSfb1a{8TSMp`-BWO*fV$MEUK%dek}%Z-+`~%8f)@Vco$Rh zXme3GMYqBa`G7M7rbb30aMz?XK+Gt?RQOBVz}(n(gOX>FZf^k;cKEWBOaky&V)J(l z#umuT03>JmqD$0cQHk`5G^qP`yNUMSN#DI86x9qbD`WBXaZH{W%tAh0NI|L2J3166 zPSP>3M5soZM{i?0zLx~tH}7ZE>Tna4m;a66bb=_-6g^0fOF&#@2hapY)llLD*eH(>)YZOgbyDPJnDrg z%N?0yYb!Hz%aG2*gtu?e+4Z$GB5JaJAjgNeh-IvuL>7u3vRFr_{d6atfro z#0#@YEuB?_kp4<7 zKOootNkjj3p_79UI&^HgJ8GnYhH9TlQ~LsD%EEX*JF+-)cVQ}|poE*k_}ulGBxg%9=JdfS597#ULjnC2s0s`>!+xBM)D4Ntl>(2enm>X78Qz$u;I30 z^cje_q&$3D!T)?>=UT^%EL_Pk!}1y$wuts{pBULm;d6m978!3Ly3t_v%OTuUN@LVIK%V%4gb;dUZ0}NVq;-#e|yF%+D}4|7)q0jeK^&KtonCU zooD0xyByqmT`ob9l+JHt=@# zwM@lqSY1bZyP!;nF&MUr;YE)q@qOaT1TCx80-KVSF&!e4MVS#dP*N45I09=Ol%l=vIN z|JOU^A>|QV8oJuT{?cvnz%UU3Q>Fw4=LLzy%@(GA@c!2i4jhuv=>&UJ`mLNW|E2rF zM0I`yUWH9r9Mb+JdM@n$6s=0L7ZGWHVUyN=FC($Au@mUDnu3kAxkF&7(K;zQ^|Gc{ zjH#kWRwiR1lZ)|rxuT;{6C;i94N_1GZq40Y%U`5@W}%0Ne)|P^G!VRGAsBq7*m0Ps zb&*-x3Po!HtHG5JL>=Iecet;L?y)8FhoaVLLB17d_Yb<&7mdeVZTe)-4OQ{+?W(;k z-uPVU)uB7@FE{KHAS!VAaOCx5^xV$Mk)(!d=D`87TJ|q30g+Rwpb;yu78IIAs^}6d zniW%2l~X_Wo0JFFT8Vj@pbX>CMV4;MbFScoi65y3^6s^l`FE3c+g=d9cV=y@wT9TG)MEN2=E=Cd9{#EzG?ZJZ~=$J1a{zY zmyP!q>XDvK!h%kEN-coGCx_Ox_yTa{+pV+C$Iibp1S>gYBnSKZB34%Pu&}UVuuIGQ z-uu3`EOQNHWHY#K_Ux3=!}wTQJfXy%4^DL<;ft%+Z6VI*BNWGvv92uk=WT7g1OxiG zYuq;8S*Ngs6i!LMTV*XsEmsk9wNS6t0bJ4+Ta{;z`P~oqWDbBEDfFqqQj3Yl_Fpae zzf!Rd0bU}Uh}X1#c(@yh*hqk=39)v$8R;YJ71@s8+NDrZqxv9uL4co6g&p@2_m)36vFDe~Ej<+qIQ6xtr0z+BuH)8E$Mq@h=I;7L>R)Ps5 zEIT$O;PR+Wt@l$#%34v4kFMGq2t&&3Qeaa#aZd)t1DZSdm>iX&I~zJA>w~vg&#H&wcfRvF5piFe67qq&Pq!W+#D76ik5=N zE+$+^A+#RwLt8B|`sr{3+9iyc?F9pdF)@Nr51|h3_?*KYU#Jcr5+m2FNT-&>m^@rbMO^x3lDK5%u?(^ zVKc)eszt>)r?S0>S=B>n6t(o_91%8vl+sB>a25~JUjt>&WV4eUow_tRWJ2Z}o+-0+ z7_0?hQ{#g9TQ!R5}hMM)txY+3GQfwg&Q2QLHXYsB>2kU1;o&1`l>@bI_4wM6-haasfC=0Un2 zd@0=DSWvdc_{6ZKy8%%U%=F9j%}7=iAGU1~dIA-7RRDVdI?c@ITqru*!m{R+Agj=} zM0hl4SB?$^Zts#g#~9qIjQ1Rigb!tg0cb)gccV&LU&$xoPQtX$1@-U+ygst4sjER8 zNr*UelTVi8K4@NW2&V4kl<=LoyrtC5K5wJFDrwi8Un_e9LbLI-Jm;Zp+Bwc_*>+gB zcPtOgFM8>qIT=(ac)B^3xZ-^75=VRX znoQSFevyL$;rq*!I__b7sMo{^6~qH*+s8GNwm;$NLdABnCTflGS2ZRojNApa71rZGL)9h2NN>k_T9uw!~k!EB{Kh zugMT3qNAhbw6wwxEeE!>FiIA@7ku&8CkJ#kHbPP!LDn_jJ^4HoXMp|W@QwL3HLVUv zR3Va4W5&L76SxD@UHUy#PS;diksjrU)gB;gcvRu|Rtn!DBT%!WFnfbrA2&^$u<3`f zdHHws^#NIGsIkpRncwNU7HjFd!gb6zKv?8A227Vp5j3yk9EHG}L1F9OEl%0EkdsQU zJe$%f2sUp8YzM8>zPho&=oLFanU)%?#@yW66EtcBuF_!(t>WrmHNcxAJ7ikCSdS!j zf>#>7h1H$9&8~A&c(n?LFYCdHnfvkcin$iE=>ZRVgAIzMdVzS%oiTikWs6Fc-U)|? zM0cCrbBFS>H%=J9eUT8ul$+Vpo$WVo7)q*B=ob=#>Z7JEVHhLbIRX$gb*md9r$kWP zEh(h!${<(eh@SS%ktvzuji|c;{VI4X1Hwy;JR|b8w+q=jY9$SGaaW_i#~Wgpxm&H7 z=S{aOZ{J!yt*P*lDikk+%AV)DMM!nKpnSBCBCE)U>4pV%6rkYUMXbfOas?nAh*cra zw72=l2PwR`wx3HER)fus4Rv39Y4>p2LPYK=^)}wGD*Mv<3awLrSv_P!4aUGl*?POW z_Qa2vHzH`~8348voG?wdGSP&3K3}K1=3!PgIFE5i=DfHN{8F^XswG5z&Jx+%Nden* z_^`+8=~R@*u;o#d=VTz_BnY#s*Gis5$L2L>H#x@p7SpI>4|~kcso=SnK^uD>;5pSV zF&=j(^G{b~sgGj=*L}+)dfKA=p-`qYs`%cKB)GQI+7`EO+JZyReYD-k8%p+jp6*S{ z(DVqjJvK#o&Ke(_PXyTHspfQbi2Lj(gGO|J8ZIfR^j5g$W?qK#%MKAUNo^zchCFwF zPHsf@U&;Bib<-I}kPx+Zva@5JimB=K9BbZq!33p7HZAUb^bMF+at7Z|!wz_7}_q-)a zGcYOT2@WCP?Q4T-i(ms1-d~SB8G<#SvgO&+#=|ZHglG(8RLHaSO@zOG(ue^nOUznYJg;7!JD8lZYpb0Uu!V zT|Q_ljwPeRSjcKw)@Og*Jb8eoXRP1y+?y<^kDgC!nPNBl{l<&jNXmtW6}AQJ4c`}y zpC_MZ&>Z`yRmtP4oM53$&7i`QQ&jyRKDfD&D9sZV#N{>H&cVVAPc4DPQvL*%lHtC6 z9n-SVfiWz@w#jV3gy*ggxw2&rx0eGOvyQW3Zbz?n3rF7j21}c7bQwnY10J2c#dJju z#LVn$+s7mL1pE6Ro5jyT$LtB__1TT>r`oGbJAs9ex+=WUPx29J-*oADmBoe~Kcumr95MH?Hpq|kF+?zz%c_x4M@}a zL#gXxk^^HLVKjs>%k-z;x*tRlULSTO9S^0*&7iNp5Kl70%pYkCzJd5Dx<2&pe8Rgw zum3Or19$8RMl1v^;HE>azkN*%>iSihkL2w=xwMp;Tn)mCo^#F0$aR0+kbZZ1PW z7K^V1oGYCz+R5F;WQMEXjxiJVT#77`2G!D0!lHSE5iHr?7jh7(1W_p8kq*`%DZ<=v zxRT(($zYQt9WoNMS(sVCuyPh=GjS65u9X{&)U=uP5G>C{d-Lknlzj_Zq9I{J<50l2 zd9y)L>v$q`T@bdWMSplTrReG}XK|jN=wn*s6c*j6IX>|<{M7z_jW}%;&FamXjuKQh zSL>JEZ_QAL||56497Y(wApK z!Y^g2P>Cp8boI9VftKTv%O8eyW3k=f+Pu+B^SA_> z3L=tJ~&lSN!+4N7n3wja?_rTh>RV%WWT*M}Rwl!*XMz9e$=e z+d>u!+)|&G8^G;+_qWp{C|cZoCo{{;$M0*}+>yWxrLTKjjXu&N8_sgvfI<|sysnL@7+Q8}?^9cg$^EJx1jH2-z{jl(CP;BD zSmQ0fQuXz;ePmlXjkR5`R_TZ$Ygdk}hyK=w6in zoi#?b(S_8rL!QS`o#6ZSL3;VQzZXVU+Dbx-18p94k!bcO*np4FN^eAT6zZ7o_e-^O ze6foTsz%}9^ag4uJ59_p2yZV0o?ax{QOQk#VEm#1?&NFM%eyaV$Z~^RdyjOjn{cVAzHUF4bW3s~f$Bv-Y}*qaf6 zMDKKMWJ$i$Yx{CrX@^j(u9sz*HHIR^$a|0{+J>B{D&i(;ke7L!+49u$;?Lu{kTMxx z!vj}mUYRddAZkDDQkfsicGx*{Kw(X3%KFD-av5B3xA8i1dY%F$7b=-vP?N!yMj)PM z@C%pOZoFJ@x}xGKdxOkq|L{ZZjJf@dBRL0&Ck&^irFMjPt*D-66Rw_cP})Z(1f*_@ z0T1vINzjjSgfLbV%B;ef9bWQLcc!04VucE#8jXk71APtrB4Gie1%otrj7x|=B2+3y zysI08;aOGVk5()vC&&fu!U+sdrG_c4A6C1*Rxi?ZeV#Vkzg4d6ZuaYVC=Ct5#LJ66 zdxePMc}(l9=?7W)*agiX^y@(>r}BMxJDEGQSpY}z`kv=RB6ij`R)%af}7U}M;eyGtSOwY zdKY~H3kV1vwn6Ww+tPfdI+X;-)&X(i}<@<{XxQG}h0*!=>LGW3SB z&KZ@SrxBMpjx9c=D@#onhmYG9ncoG>a+$-PQC5hSLQWC93m!72k?d%z4PS}9!nFD7 z$)qKHG7EvuWYHd#wRO@>p={mME041p&dcDan8o!#w&VgPyuWOwX^Q4_B4oJCcyvdkQ=A%8V)#AM{=-)P$1*n19X%2Y3oC(6Q?j$NG)2&*mKM_Q z0b^q(sA2!L2Hk;xVb69?A`1~b!g0InQ-&`{+ORHJJ?uwCAw^=IR;}0v2dQ_}rs=h; zqH$k7E%Gu{)ud z!J+(7OZ@4aq@@JrmY0KkAZ%TiJJFrD|Gc07s09C5-g*rq9sY<^ncc0)if6|r;#XDl zfBrjmMu?r`nfjP3=^_{&`(N9gzdsldMdIh_5!7W$;j;JYEL0Z7*$zj16KhE@m4<6y7?HhygHP?&~+c){8 z;KNH;joX!1GE?|+i*^S?3w}^##x4XkZu1%SG{jpYTjY$Ts3;T8heEuDvN))(Lt?WG zPVi9rjnz1sLC&t^t_QH@XR!NN`ge+9KZFxFQdE3=-!~96m_mIQchxT+n2DYn(@+nD z@@n=+zEzxW$GeQHp%B6`%WB5h;3=n(-%$=Ud5LakH`^~dvu$XWnndx@kUYC?ConZ> zg5Wl9B9OD_s!YsGbWD0cmu>$#v7VH~{9^S2U`!WYJq2~{t)?-P^tCddl`?g6%>WTb zuhs&%DL|WirzRJf5F*@jDknO9C38mPJ~t!{oT5i(q*m5#MAI=GE@WBomjOk}|7VwkY0Yj>-?`mcWn5YFulG23SxFm2*+O z7$aS`M*>Y`2&c>Vd`EiUYq=xb5l_GK7J!l&N88=(RMfrr0TN@IO4!PQuzz4zZjt>X z;iHBnwE=_BSd?RjmIYMp<4_dgd zd}Fzt*1oX1b_S@Ga0*dm|A^k00QChR$v{wNBh@UlqBs>@`lOX(TqM9q{BYv@zuf)G z83_sN7@T_aHL>a2gqLin_|R}Jq`u+3W~fg7w~fI0DF{>Q`WpqR+I)m~k^lrM5sRfj zxT~V}#gL{I(0o`$JEFlxEcv4QC$hpkBE=M_ZK9(ORsAS*bcgUZ<&6BJAWr^Pu^ufbM=<16<_3!ZI9~YS>_b z`<=t6ZDUgrm%g$l>PW5e(A#jW!O>EVTByeG#snQ0H*u7E@qK@8cUCsp5!U;??KP1& zMAaCaktiDT#UVRpSuei7GZ$1MY z^ljq1;&Fj*B&%UlUD5pS8h|73QE&3#$IZBnzxC_bS_h^@zzOkASyx62Qbo7PZG92& zqK9te)-g`NbFzOsFL(#QTL~mV7%q2{DMN@-M46(>$hAx zzIE8tCzI1oYZMWs-InYE7o6vd-E9~|w9i!NP>u%aNVo<%4h_zw1Jt$lSa z9kZaSug;vP_I!S4PIT!N8S1xj!GOBpoVF(-l64J#e?3CT#^u?lDB7@AaSJpQ?*_1%!{0UU6+LzK$P zVxPORRQ!ff!30EkCOYt91d~mDgWt=5Va@2sGtrFKTZo*9g8*KFhrxG}Pg`y$lR+B$ zPaPOd=Q8-i(x(#jvDjF)4H3tv?@bo822M&p()272U~l(-=sF^D#SPk4W|!23z;rLa zxm0w%-ErC$y;W3P0g$en1P#^@TpM>naCd2F+#Q0uy9aj*?(XjH?(XjH8uT(} z&AI2yT6gBY?x%j(T~)jO|NCp*fA-@E`4R{o>}YA$=L0(bsHq}WOG@`c9nu57mAK*n zfElTed~NVDqU_0s2b((Ffu14x|4}%)A#^{J!E5;}d*MWwe!ic3wzaWAWiH6*Uttug z+C8ZU_W9Y4x4f(Qui-dzar~|RQpiB5b{1<5oSnWdxsb7H*PPx>)90QV1_D8?iP0PM$Jv| zjyZZ^ZL6w0`)`G;(^MIuaDZ6AvXd|xmZ)|$e{EkSIUh1;84~|u5nQu0sH27_?MocD zlOu6*-o9me`+A>E_V1ep%L_rQO;(&UhwP5shokQ{q@BpKvIL^Fo*Bf7JzE0 zQKjrU-MU8N^1B+*ZGxbe@5AfMWJn#$+J7e~|Hlw`$j_gWmWEKW8*yO;-jI-1O7_iR zJy){H67n41hNIW|!fK%&2IR5l%lHsQ(|h%2N?gr@9Fl`;$K_V)YsiJgE>65ogy3je zl9XOX0^@UgV7ZM=ukVUvi%Y&yf~9+DCg0IpJKwpuAI=J0=$gO9vsKl)ldF@Ewcl;J zVR}7(<`=F8CFrRzi(vls;sl%)g^{fFe5m7VqEGwsXW!ZPQIAV_czakoT@#WQ??J2 z201p2AT^{{_>Qug2n&>Q+zK4`Cs(uaR5Nn(1;tp-zSNo@?906dXCjS0n)9U2G`P4+ z%f-K~bDK_*a4$s}X_ls%&A7~$G!%q6Ovfx7jdHv=g9dgYK?GfV-fa*%YC^>iJabny z9>DB-X1jUtT8BF}!SWVl{*D=dyk@>fT4qrh@F*dug4N1tdl&C~bq;)^zj$k0y!v=g z_C;WPouzWVf+`)D+Rcv+8Rua-VHTBpSyN}(aL*onwO$xZKG{n|1^`0-hfl1r?_W*9V7QUdQ5gJ< z-iS1J6PliC&!Fow;6^u7@8GEMwX`073bX|Z4t8(^F56CqNJX%1a%_i(tF<7KfJgiNPJA zj{d9tCoI`;sKSiJ*f81F?e6rr57DE%di0O)ByX3FHeSLe-}U8(J0v~9govFV+QP-V zY6mL;z{`@$31+$1xylUw|3^;k3WpuS!<*wf&4Dej8(Ci^at;V;WOJ&V>8{{_0d~4$ zSf9ysSC8qDPTQ)@;aQ#M%!M!9#i+rg*TUDG2T+!lfy~b5qYiLnto{9uPzq`TrMNut zE))dMw~;!3^UPb_31f*oK%Smu#oP&Yy}Dl<&_lyAWr1dZ+yYxjeM+^`Cg2My}cu{ zLG?v;SYc}AB25(R0#G<$-k=_bUnC5YQwD!{0Dimg^Qc1n#UUgQ`dwV?Y;F*7ivHC+13tb_`0+8Ac?J+iQ8#RdWP>C#m}vX z-n`V1elbasbu`B*8XVchCBKDdxIN`hUii2~FJ!I)9FMQLu7yId69Rkfq2tUn`DG=1 z>(~e$^zTdf0IvgfA&R}B5X+pWN40r9=Gk=c>#c~`M4lAv?B_*8sjp_%Wf~`bCP0p7 z9CO=?UP-i>`#|vv24##GBaX-nObF&os@|(6snheIs^9efGi!Bb<|3evtu;KB!N7xq zFZqi=dZrq+#;k!*$M2u|HRNib{FysFpahGriSyIpvEBo62 zWv7%PJ5TPH3L_E_D;>%~z{!lk^KW`zl%%Cq^fYe@ro0s<;WLd&hAZ<(NZJDH1DY+)57zCqy5oXFdB_hJd;7BA zl8hV%4~m#elkftHVZ7nQhd~@J#}?ZbLavL$49n9@ZfNA8i*aIQ+gXkUID?%2vyLcz zx=W%i3hTNmD^I#CQ$ZLz>}!%>bc?n2YTgvAl*2!4Ib!6aJ5(o$4OwTk*jOHCzqF9Z)fFt#(@^lXBAR|rnjaKsE|KeA z4#Z7iEd&`(=gmeI$UP%VJrlA+zsRZ6UCn$x_ zv7!qqmx;8sep7aI9U2?!Z9e&KwT17ap|^&T&ydsHf&lvb?JHvY>_)TBVdi5G-3#ca zPS*WerG8a2`G9kDD0aIWgbj`qf0@aH9fz5zRxwi+>SAa+Ay3qklhbJJ4Zrsg|B@M` zj>WQvtQ}&hA>QPmxmQs|sTm!WPW}>X=@u+@r*%i))?7S@di;ZCo@4^V6>;;XsTUAo z`-?E7{P7>67xIIGl(Wp@R`@`M2Dc<3i#R||8}wp+iWBx)v6b7>)CxXlos+wo1R>e_ zNj4{CuX*Eeh=o8jfrLpq;tk5}Dke?hDaw`^qM-~uXG-g@tsK8fue+r*sq%w+>l){h z&9HyCFhuhlQDVC;Sv!!1>6)agR1Jrpp8jv-oC+#l0Rk| z&RJQGb?z7aen7y#5E@{iNV0Z~Lq7~8$T^v} z*(RYaC?1PO&BxqjoJe0*{K$1hO;oL=HIy@so^_uyQG;~j5|nXLAIeEJVA#j_F(bbD zMaM#;fT@$uK+ZI!*g^izl@(9)jJF*iksp`b-KO1?ytoR>7bSNZ5Qg6l|A0Hq8S?f^ zP8tR`9^$UUfu|f-w{Cd+Ra@#AZD%_)e^dy0k61*-l%XaTK3eQ@{(qjm1o(3nUy?Mn zv}EVEB&Y9O^Nz3;8m-PVX4p%TOn+uNl{Fu1KD2+t5mScAwT$jjzwT zZ(^c6Xf8a_bedV9CEOXS9y_&rPs=x8*P1ajSOawZfE>Ce1~Y*_Gk}p%jp1-(EhQE`=Q*Pxc zb*I2VrpAtPwsfO4LS3$1MomR3p7A(A@vVcPdg(O0fzNI&va<{Dvs0>T-+XOP8@>Jj z2jo^HDNiA%Ksu0MDRI2>g%Yw1TlJ9 z+VZVXRBN2jwVw!%4ZHy(GH1PEK&>vFpAm|@nG4)8%P!M_@ZMz_nBhEm@Gjg@>D zx!a#OW7F0FFQsQEJvC-;h^Hp0+^Ye^4m*$H#W7&0IW4?BNd9^wU`39_kIarsmFr2?!GO|g9V-~U+v-Y1 zhmK)-Ni!tp%p&dm3{IO+B4S^ApPMDL4X>8#(N+3$Z1YPkMrdRdW}5-U#bQ)%P0(@bJkHOwIq2|Uuu{9L zdQLD;k?k+jL5V!#Y3~O&`ZulTZn^jI~(9hlG$I2~_R$F<`q?Eor z<0Q&`=d+f5m!oYum!VF~V`HS9M{A?q+Pj8RC%C9b1BKV0uUnD*Pm4>uis>I{&fJM1 zI|Uiv)2pfNoCdg`=w270-G}JC{Z&3(5v&zC^%oyMAY|y|yIJ*t8?MGcuSDi|cB#^f z0eb*l&zny=r6gwr@cj&-!U1PoZgO!Rjha%hVTYbiJ@8(@35#+>@Py)W`?y^(R&&oH z(-4(Y&#Tgvd_%MMC3CiDyM6z3vrzGvXz76GA^VO4IvEg5J;N`UCMS2MAy-6!Q! z4h3KzZ3tfo8!+o~4pfOZ-k;!jr7H=lV+#x$cM>1zx)&42Y40ZjFufuVBbB!JhiL_( znrYt`T5TUKQ*Amy5I;MvGM_4IwVE_P-C(F~)gc?#9sev#X03$md2dl)J5}g+15lNY zusP@RNME*&{Y1VqxELtVvIb18@E8DF+!2b(XuEuz|Jp<|ZW_$jhc5*o%Dlp7Y~c7( z3gJYyKYZ)(Zu9Pm_`M_d!)-IJvIQU1i4$D)V9<6y{oTWzzCCqnPACtn*|1kMK2cC^}RII9~)y@h-LjuQ@$ zRs%H<-`umBTo}e0Ovm@RJU+yMWkhlD!AGs!hD`Q>yLUg*pL zd|FcP*5nUlRrtfo@Mohu>lfiU^5RuSYI2|R|FTg2ZyeiLb>|RAk-#C%8avRmj{NV$zl#BeT2bdQZW5`=wQ{YBVf|>6qdmyi{88#rY9q z?Vd1S#2MyH)G(_dV21pM46o4QI<}wX1@*0C?|8R#SpMDD7u?Mb_$V0FZsRqyB(&-# zUHpuHldD(b<7nlEGLE1iYeKWMmT2>Fvl`zRrc=LGyQhPPxknR^Lrj_7`HvUghtOTN zD7{S*pR2`anh6?c+>18vtHXprYl6No0CZ2nOva>VZD6bQua1XW(A6EmO7NC00CX$V zSIa!rSJ~tFNZ*^gS`>W1Vj11*>}@+)XJ8xew;xe4vh&@JRfhzgZQQ?R%FPT}OwN+C zME9q;WOsJ02z!Poi?Q)iTSEVCq&w?QP-_l~M2(8tT(eU2tlS|+@O`UQZ`7qYA?T~6 zziPD9(SnH@a*TT;)V|V*M2kev%KyxyZLAs3l71h2BjGd^*V^qwdz?N9cV~5x zB>Zk`O<~dDOq1be$8-_$$ZQ>qoiWWStsSi0@x9Z9_}f{^{{({}T}tyt%sL>;NF+%Sp~0DYVT zv1gW;Jz!<8)*jXC#o_7o)Gr|e1uJs?9cKtl-Jf0~+!5^`7N^b;?#k5kMt~96xMIp| zOXhy5(#pN*AzRsw!@~iGvb<#qY{-yOD9y^K!vl2Gfr@{J4Tb-+kzp3%teEqQ3&MK? zg!}o{4@4}UWiRyY40d{d`KaN-!=)Tqno$mGZZ_*xPqJj;nC~y`ej11FK%=5N+hcPQ z{T)-f9_@*o5Lp95s}TeOYBGkTYaZ>DM5`!=>L&&@NI*Ul3ZMFmjamiGigMKe_`EHe zmzOO~fn_GO;f=g#|KaqiZjyV*4os`G475@|jI*(ymvy+^YkpS(a|o`p)XB*OHn2jB zM^tODLmOWA$y_vxV*Cg=4W<Y8z?Oubqo_vcso` zYt`UH@l?&WX&=q+#s^$?FK{*PBxhdq>F=E(Rb_LY_xhn<&hE6Y?5vwz!uV}FWr%(_04vHpCMNipecduUcP@n}Ca$EW;R|+Vdbf@aSA{t%gm4Jl^w9lrdr zU?e1devHG3u&p>3H7@k28lV8hv2SISb?f2t&OlaTcQFZW=Ibr2_VX2<_RHOm{9b90 zyc@*4+d|hyr2MZaaZ_GLAm#pP67Sxge9I$7Oixl0B~R5$HhZ5Ndv~ukR6V{(sRC)f zq=!xZUBB|e-R90=LQov>%}Ll*)UD$YcBtt2>A8TGIMGCAyMH^{{(bj9JIx}MM2t~NT1}$Z;lS&{RP?R>4-~fcx{}5S($R! zucRj2wA{Pe4AaYLnw+r8#`-mk%Fux_-^LkmCn(mpwI<2w0!QEO8hD^ev{KJ`yLML) zw-pHy@kAL$tngAP8b*Z%N4xF?-vCL>25f;O7GqPLOd0Bb8*p=_~8uePNC! z`N-8VXuc&FZ-XxN9~?sOEg1~nlM?7 z&B(xz5#Shcesgsxe0@Ju?tzh+AHw$b#6feih-oYnrR9wQ)rC~bZ;RzNG@VWKNU}Jq zrbb#!%&7F9)V}S@m!I20e^1eC6j;`wnHS|x4h%xOa8ptRDJ+K=_OQ`|BTC%z(!m2< zFB7wlhhvN1J%`Tager(YH1U>GZYi<}s$n=_i1mdi0vP_RdKH4+_#OVwnWB&bN2h0`A6)m>scT za#I4*^XlCfanw_f@q5IDjytq0bhRWdzh0(wm0qUjTF@Gbo#fsS>M>=Fep#W?mzoX; z?PflQ4t@POGcZA!hlP@N?osQ+FeJMuD}q~Yr;Xy@-7rsdz!bXYy#WKUL( zt$bcIn#FQ*Ie1OI9Mm|>i#KV)55FA5zq2cCp5kkfS_Sx5r|r-Jt*3?@?^t~*tR+Am zAH$Huq$xQ!rB_Xu8n|U1@9{z3#VdkLWE_r-~ z0o+{kgs8G`WL9=n%`W6dEu_cXQPh1AYhOhPYLxy?0RYt*kne6yhq-(hKu6}s5!Tlc zI7%xj{LL|?L`JLWaKr0V4J-HwKDFG1&b)%<{x?MIFHsWnybRU$HjM6JmmgPAD!{9y zv9T2KwPgQv`%+}u4e5xMMgWS#pSnNMmWo5pL+|}-W5IwQqL1*u@C>}h={Cakv3masTH=R9ae>;cz(T3*F3hmpaG6G!r> zYG!8vabs^HHOK0XGN=(1kJQtqWU_A*nA!aTs{N!U@vza$DJ>OAh`|ufcA@uj=lh{y z979=^7YCO;33$-d(XZH^1_WebAsk7DM1_F*jpnG-E)ai1w*tHr8=FPPHP6kqnJYy|F$0bfd@L?JGGSmNVL?;c+!O}Zlom~#W$msA zUu!CZW!C;}QPbL*iYTd*KLF_kP>v;K62E=jj^oV08<#dfq^3X2j>};}?A^iHzbX*p z1j|{EaYQu&$YP`owj|A{7{gBFMDK0q-FP$|)lHx|3CpSas^RQrLSGQL+7jJ+HbkLJ z9g*VMn*6=-#JacpG)WJqJc@}mNELeeH-Q)GT&hZcZyQUnq3BRuxQw>1FjD0PCdR$& zmMn8qF7&KIIlC1&+B|nvb|aT4FF8)e;iAu5hJO=kh*`n`Sz zz}{g^FD^(rYZa{l%SW4c}^YeSQTa>Wmi(o)<-;pP0%dqugw`vhy?G z2?1-9G!~l}hnz%ttjyvZoMVjVD$f9lGch3E3OGiZjQaiknhY-oQGjahvIm+*b-5S? z{S*NP&bN|1m1jtIM6k71L$P1!Cnw8mQ9;WP?~Hb|FT~zehwO&!n`!6Z`Cs@R5^faC z^Dn6rZkoL6{y(VuEPw=l^{ERxxTkkl7i8%<8cFb=Te8bWx^(zB!vInHTOP_#HPl?P^438j*FSBhX96S5YCgp4 zIHJ$0@=`4X@$X%SkoFR(Q3MTz1wBlKgbk^rJMEFJ3qRv+UG82hOwzfG8@qTld)*m> z8vj`ii`_S$*Q<6cN9ipX{)$5*>}*0)<57GkcSFxu!S^*psw-yLhs!7&H-ni(S_!hK z0rV@yDdn|8fDsL!vM8;LR|tsCdZ!sl+?2Fce@LtS8sb=0Pz!D}x%FRaGMt$b9a+Ni zFjQb~d!d=$SPxR(Avf~}m8tqEU1*t%fqS7!Ff&&~$3*cq{Azy17wnL&Xc|z3ov?z0 z``J?sr^PSL=a2i1)FhXTWP3FP?rSIxWxeTw-dXSF6OuSIEg^p4tjH$n@L#U}V~J(0=nqPv3M)&?h@<~FPAF`J;?rBI;YD5R&0H3ZHpg8#|~`Isl-I3 zWV3LLB7#(p{>~~ZhDbS@J(p`ZPBOio@OV@xw*2$?$Z6+_ssu_prdkjX0LgZ$f?YB-2H9t-{U~4rR zHs(Z&F7-! zr9%IB^m(KLL|C*q6RXeqU&1sH)8B{JcP~#R(8X`t@MavG4 z4T#{`tYvQ7s^Ua;hd%3jn7yO?Z5!6Y@O2C6ff2}XdT5PXo%~?w%dvH8|C(abVL>FC z9;sz<4*{d)FTFc7mNl7)z!vg7gu*{2`5apFpEJ>qB~EwQzG6fUEDAA_RZxAmxj)kp zr8ZYwU?2AgslbGy++YWFCNVbCN%T6QPi`(wclRE2OvG@h6|uFk4Ezl}ncj!b?GuH_ zd+a4d4x^BSCBskSLwy}>00+Cp_8}+|`Ox;1U@W$dyt8~r@ROl&aj0YKdBxM6U-&Zv zZ$J`du*0;&KWm>i-?%_TmLJSo6zvz}W!5~O+u96eh)KVDpIet)SQS~(dZHWC_2(uW zFE1Y>s|r+A>!(iVH~y`gu!fJ)f)dW#6U$c%|F@QcZ`&y5^-Z-In$u%yt{a(RVN+{+ z!oh)UTPkxNU_u%e$vzOth5NuLnciR!wNE`MSWG^j}=Av41v^%PhNh>tjMp5bPmbQEEv@Efm(z}p$7pp-st(+lo{#M zw7;y{@~j9jBUL0DcIVu0(N(5QUQhAoE@tQ=%;x9^utrpt%)ch#O=;9aPFafIgA8I^ z&em9JiX=yHVgeA?4Jr(X&i3Z;+$y%WBqzLeDaP>v`_|{Df(1uXu5My1Zr$W0@jAkDGdkuAX-eGm?@d3aD5@CHPN#Se6{tD}ij|GSS}lL+chsDG*QLijDj=~i00u@gGMnkxHp_1q$K~gV9&9?_XYTe ziR0Nq3BGUE99p1387EK{2fDq@4>l^V)7d`tjSfA_0 z4k~Uv5%ZxM?D|Jc4!e(TOWeTSI;`75lZNp*O$|^B2B+=59w?HysiI1>g%)20f!hBl z@!cmEBAaEnIH^wJ6Z|I2YIRCJ&209dF)Fty!4@`!;bu zeIh{7_74`zp0&Itp>jUkFt&8Cx0(uqYQ1_(NDe0m$a&oLkP%3{2aS*l$Fy!C+=_&ekn! z$NJmv-L7pDK?_}UH~2cF=Y(fbhf|x*Y>y=*MP7(Vk6MOV@O4C!al%cvJep`u2tq^s zQG>=@PF>T7xaE?Yd^jon`RYF@ssBy1{1;?{<*O;Ah^32*i!AA&EM-s^Q8qi46zPTQ zjX>MeE1=5x>B-x9Cs~68`IHP~Y|eu8s>_G8rzFJAFlf%x-dgl0I2KkNg<)Tt zB5x?e$_9Mj;2X1N3XtzWg7InLT+!1H=d&o=qogVq70D0IZC@z~GnW$vl}4~=lK7&C z;bI(^boMw-Y5YzMHF1lR%#) zv+FWbGsH0kiq*^Bxs1|m^E<)bR-LkZ$)!^X{rWF)zG2fcdngK7YQzJUw}Br@zfO^9$i_`j;oDDXjl<*U%1SdLB%<=l38WUf&wvX@Vnd%!q--F=V=krcOE9ZSuk&vx2t0K4%Hl zTuX9yXJrCG@6z1T1zMC)^D@!L;s_uyMU|p_8vthqQdmOD)z#;O)ND!`Me_0`k4N^} z%*0o}Das}kbopzHo%W}8z6`LO_IvaE{S&`SyQCb)BY1ftoce9=K$1%;H+=jM>U6|R<9r1bKJ22wcp&=v>_bMP%a$?exoI7BW&qRfeL7Qy8KQBjBU zhZ=WeV?kbrV#ia*BnL|cXvJE`&t9Rg4Duys$qmg%y^@*D$dkbS?ik)5ld>4Z)Q`^w zy8Iwa&)0&=C1RY>UEK5q(E%C6MuVxC3A#y^R&HVxkgp;Vcd#J=pUi``a5Io5Z)C4r(ebzF~P*{$r0~qy{l~uGx{h zPt#sm`z6uqQMX}}qZZ_koY%o6FaT1X&KX4gz3nO`F6RN=;8X-|`<+OGN1R?SINPQp-&en`?9@Q$IA9o8$2Y6U2V|~g`laFMb zeEU9j5ZF$tLtQ#0>=Ysy8d_shH1AZ~JdNoUp(&j#>|c&?$tZ1gb&Gx)*6%(ywb^?& zf!y$1U`=gzVs^GgyzyZY_$UWH>)_P|?lIK@;&y)5c^(xa0N;KgO|>7T%UT@AJ)dmn zHwNLxGl+9&h2n&;wSSZhONYiCI7EtdOfQA23t^UE`u{c>)NO0j{xmsRv|WCE-Rp+D zb*pB-S-J1gIs8Js=_!ROkznH_VLJXp@e3aSQkD}j7pRBPdE(Vs{pZOe}9kYOLlAozc>e%svkkZ?p zJw`iJU*G1L48n+yqiffO1%@0ck&U?SbK8CmG4`;U% zx~kVC1^1pAObeo@;}_-6<@8LK!e0fpu4I%*NOvYvuGbFJpy4jkcWdGHAfNseu{5LJ z`1j-=ppD;qYpv6D{FjxPc4{Y95ToZG{Xzfzh~D$vK$>`@Q$!91ttIQ;mQ6z~K{1GL^<`|- zk@(R;f`XIkR)o#f1AT7|RlrfdBu?hpBsLefO&?=>T5Gh*vKm*hT&c^=g!?6@HSt`S{&DtRo-^v-QV<~Z*wtOgGuYt5e407a&H1q;Td0>7b8GC0 zpR>bsTlBK5l-c)JlJ>2`k}iHV?1{9j8tio^8-Rn4PB64xOHgoQV$2yr-YR@f9Z&O> zac_4@cu7^PAD&5VN+2sAow|RJGwE;hv@q9pcKfr}&)PVM36^CK5I{bj>JN-FPqmp? zl{ZCPxnj5_^WHclYdN zXW1D=;a~iG1q`|FgmGadOLXN1o7;zgs06c($lG-*R?nyL!v0&$!uyu#i6`g;JOqxz zLNa&>Byu~j6bR#@<9&BTP!L##O9fY5RuROjI=Y319FB~iPhP*2$}pdmr@T-VsTzph ztuD;4iXzXro9|#R0vO3Qzm8M5uavHgS@}V_ePv}L9Gi`K zuIyChXeZjlB*HY&Ra-dquZNBC2bZU0ons-ya^d9eeIg&8Ax-ALOPTAQ4hsY6xXp)W zkR84=GD^EtQ3;UW8K5+kuYPV8WKQu=#cM*98x)oc$GW~3p2LWa-qWBtID7aaPgc&u z*^Y$bW0g0mcRSD&e|A`eTlbw`xCU-8%U@nmwV7ya^}AK5HuIuVwnG*k=IyE+&8*<% zML;|nhZI?^skFSM>5NFNP`Haz7^T~@HO-2@uGCFZ5r?dB#b2}MhskVO(qBDdC>#IK zd&HLk@eAl~I@W!E^}V#G$73LAt!I}OOdIAQ27WpiWc1KfdNc2HjadWYcfs@HhgYn_ zmRs4*LKaO(#E)J4mQhuvkE@0K^RJ)bk|&@s;^XXj9< zja3xLHos$)Es3MZ+dVrA7baA9Rl}N7k;Lk2ut?ll4|GzT0Ri)Z0!JK8J`LWNQSfBG zu1f_DL$=R>X-IyJ25`@jrBT zcVpm0^d>!;jd1Hr;bImU`Bo-?9mlrtEeQ$;H~;>(@WK{38R7ZG1tXUqv@m`j)YQpJ zi>&;nD3F0HE=36feg0d9IO;BCsbxXbLHogxRr&3bum2qrfRFq7R%;1w>)WHPl~=oG zlDIeKO>+XCgVh96f(S65Fe8$-2giqH{>mFv3sFsJS?KU5T2#%RO{zy`9mYp!h@9AHR(6S|6icsyPjnZ z5yeW6oNraLou_N*RB2R*CME^2Q%H20>)&h+@hht8(?4?pRbbHXCi2S3XLegg*%LJV zB}DY~f8Y;cOVb`y?Akj~d~eo$e#Vv6HWxIGf*|hktagg{V1ES81-UOm6EElprDC?o zscafJwbAY!bW-Bze0*dK7}N7b^6_B%y6}blC9+?${hmT4zwxKVsD;5$`45*R!i~+J zymBNpj{ZINv%$}!KXGhDTgTg>BDO;KCT0SNmgL1bA7~9N{s+OTZ0+1yD0oLay7Y^p z&w`aolg+f8?&0h%`ClUT^8DM`?tHSFtU35YaIA`yXU%@Cn#l$B2p#GZUs)>+o1I{-E1`bL}t_I+Fod3HtS>l#b`6uAk~- z=J+_p$scJoV-5t6<;6|3)%`-nep6#lTnHBKwKo=p8D{(?*3jl9`T zfo3iQ0}sL-j!{ru40Vd3P}zsApMW17HZ}(>CLirq_(`xUTW>~SzF%UTspt5d3YN1; z)tC&IGf%=xsP$=hs1amfO0ZQjO@=kkiKCLG-8;+@_Z33$q%XVNZ+-w|Jl~v`cqXb( zPrZ8=yw%+^A4M8+BGX1h3y7zjR=dz+Xd;7H$W@Jn}tLy7Y> zKmIIWZf7)HIpc*#vQ6WA zUM*J}*#*)?-RZ^Je`StbHmYw{K}e zWi6Xaixw(5c|4EFo-~ZWZa}Lg*gn5}h-}{J4yo@3)Df}CQxDrnDyztO{5bD= z;UBD(dexPidesL_p$>Dv%(2@hJkPkDsGa(Vq!<38gOc_El&EZSrE7GyrnSLaG2b0B?(z z71mnMsnxm2r666%`to!mE~?zWJS|E2s=Jm@tqah5m~|;^u4!YmB8It$Yj160hcIj~ zEQ@Tpy=h7Yx^=}IMHSn!va(hUu?cu38Yc47FAzuTYGs%k1_n}f!!pFV^{iH@uI*0? zB-^kAt)Muo86h?Kn@Y57UjscG0LWww&Vx%DqFx>@b^$)j$-0k3#-iWJ4Y*x%2QOsZ zg!x|wz5g=;Her7s>UcZ1{wS-d`EfWiBDXGbOjaySfaY=!nhOGZW83la$O^z?;Mo5fV9Dh=+Wy}ZDxwrKnv&}`SQG^ z>471B9(kl9Mr2tcI?#-uX_{XbvGa08`z-5B4a~2PV|C)DtH~b1@uVcsC=1Y#L1(-f zy*3?~kBZsV(#tXX%UMad_BQX>6fw}I7Vd7!zR>SVqHYZ^2h&*QEB2-mn= zhWKRsRFqATwl~uN@mZ*C`^g^i*2O38423Yxg>6T0%d+E~SD9!bZzG8!?MefRKR>$_O=1jQX-rv0MHxC(hsEZ4`HC zUkj91dXx^qKns$pz&nAX>4N>Qs;CmXmnwokvr{tf{hoiV!4Sb;{`s|beUvg?6MQe~ zU$`DugG|-%6=0F&HrjX*Ja|FmYN`6eH(s~GrciO>a{~lC$q_<(vqHo#EqZW_uE9>O zk9&3%!)U+r>2T`$not8<;9Bi+z2v$bHP66`B}3tHh?slltYco>mHmotuI!%b z$T%j1$d!Uw;U?2J0HsfN{E&svTTRvt>^>owqtF@1?j3$2o#Y=j4N3vS|1WOl;Hx_o z2R$Xei);}vVL&0>X{SL~1fijl5R{(DGnYOumR*Bjtz9H)1;315>-ni;t%_rCQN)Na zzgeBL*Ca*qQkJK0;hylBSvkdMl~`RC=D_tKza8b67zT`lvg$SwPNmmKHI-yP-iRtH z!YU))n=?fipEIg7B_FNy+3ii&`;mi1OpEJ-b&kKgH~&C#Lb^hH7~FXhv&b@UEF*R$ zWAEMU$0;D7vix}@cyVl?NtMssxR`ei?E1oy&B@%cv}XxJC-RN6rKx9fbLK#laAOst zB?FB1=|%l65XiA6a=W7}fy=^3Z;%x37d*pSS0}i=1MTe01{q=pWdOW$)9It|M|Dq` zq#>?$Rr-~q1udKD1_i^{?jJR)L8ym0ZnZ$Gq@5EGcfy8YStSetr-YJ^;x zIC~Uij>mgVwfg`oEryYvcG`rILA}5Pwud4NxukekXfJk`g)>ts8=(cQ_ zAJB%?SkIXvBws_#=$ly_MI<6(=A*N?KZs|J%&!xm5DmHMU8b}wxLXxembU}XthAd) zu)T`w;D&;2Up4bx&pTQ!K^C6X{eQ>9P|gJo7vo5H7+^x~keFJMx%__`muQ_|gtI%Z z?B(Z2Xw_ZQFmfW$BqCJeqrfsN<;1cxkHu6jk}!WmF@V5q2LCoR2SjE4s+rw!jWN>b zj6Zl9v6%t2S}`Bw??x<2@AlHvQyyd0&FkIfWamSH0rX8xQ${q-H2`L4pfz8urz*u+ zFSrG>d^2X{tKzg#NN-R@(m6yjrTuBHlv0L)2J2v}+`1c#Nts5pEfow*h_NYse5;8w zze66^IQ)#`isNC?iO@;*Y?JKNC+>eVMAiPKTrHvIDZB#xpCGLvkqY~iyJDFd#@l}X zkn~Tin1HF_t}EEJ_bszCqV!b*uS9r~=2MgtD~U@0BN&FaNjtnSwsyPfgP-xixKVrm zcb#8QD!g7|Q?Ji}0biXqDJiU%fxb$hK7^&gwQWP7e-ou?`w*wocky`qqU?Wk7LL{+ zE^a}gtU_n{_P~wOVO~g4|EXu;8q(IPK83HTJ@!o|Q-ac|;_d@BNx;!T=l>}TQ{}UP z-KJmCewwWOssA6&-Z8qea9h`{Bo(V-ClwnNbEab3R>iiB85VK@$o4g0;DA>tdenq7TqZ!vhB6Oy><9;!GtWF zmbrc>qbT5+gcg3nf|(Pf=tmis=gNS;k&ItHFX=F`EJqD0aiBWnMkWPg6;MPG zkVeEj5($(t8z$0)WRCazSX!SC3(wWWrb2B>pV=50#>piH_U=^a(}iQ>`$}hHffEde zDd|P`9m7Cyt6gMC;QjP(ii+8 z2a1iF0UKjQ?3C#`UfRd=exaDSxX1}%qB~1fA2;n@-#1wvl31~fjv>P)Hmt69hx?Re z4@tAl|0=Xc7-s2N{yNwo=#^;x{V;6mRM*MLCHMDCtmX&_9gUeh2i-yNz+Ci6fYm>u z!`baLnU0duktum7UEcl!J*#sjASCO0R#Iw6$DoG9G$1+m@Sgq3KATG{dK^9sktz08 zKf%uJG;?b&JA`PMo;?5`+vMFvjEoE6Y-KbyH6tPr`tO#w10)I#AqnX! zSE?qBQWm)TNLd(t6xuG%QXgro0;Jx>HJbL8@VuC5%}OLWgj_WZye< zn%I~mv3?I^XF_PqN*1kian4z$@|QG##EXJ|8}4r6q_F$N+o7wR(h%dsRf}DuXrUm3 zm7W<<$08Ti}nXtJK#x+ZU~Si=QV= z#C8q=W7puXEh1~{iYy!i8FeRAb*~mz)W!=rSlr_`P5096e*JYkA`_Ecatxl_yu3;w z!5+H~d9RHE*v7dkYb-P2>nbb)rLUm;g>Myp`r~10hO3_ohtp{b^+AtHB)K5anV7rH zSkhri5uMeVE~lpZsC;aodiJ?VSyEx~_U^$T?^g5+SKH!iNp?Q&TKoPor}Gb@L8^FX zrs?-DtYBa;2v@n|6fSk#icz~W2wusG(R<+x;zK#)<`vK-Uxt%G0yJ&~L!NK5p?MKRV=$V^tiDO^PWx{9urOKkY7sPK@TG@u-sxi5GH=lnv1+Pxr~>8Y)C| z40Kdlg7)RT8kcD@k{VNa{kA7PVPjBI(!o`Y(y%fEpu)SoHn%yX($Z0#M=VHSLuW^_ z!@5lXDHB&L2=0e*ah0HH93+s6M&+ku*>w>NkU(4sX*{!&QgjEiV)Otu>qJ!odiOIZzYGa*rIuD9_?`0D`@8kSt8hwSEDOmpf~PKN_H z-BmTenJgd2ar0?1iWPie$Icw!!mpZ5i&BE~y^ApM8srGznNSe2HQ>lXP{M}d;j%q6 zFl7`}Dac1G-o7{p$FOYQw)q=S%?$r1lN{)(N{b+9zxuL;vK_Id?=k3vT6bdq@=mt$ z)$k|V`D7YAuyJa*nEcx94DZyQHp;g||0g$&AZRrxhhNgq_k_8**r03X0eu4jz5e-d zdz#5Xm$=zmHaIWlwGk=p^ww6_f=%v#<72+?yX6K9XBCm5f_2(+MZ`9IF`hQy>y$)i zEy#q2C5d%vwsmdC&Lig9KBTo8@m|Ax$#suzMp*%5I3CbuQn%~N;1qt@{cklA|LChR zt!#tltd{$6Mg`BO)$~FlQbuA`rU7@|UN7Hu-odwvlzMZ@F#FBb>`LQjlr(+3(sxwj zeO}zwbpuEH6Gv*)pi=AcDa?spR(Yl^0JsWT5=65MMcbK;a@(~tNXp?c378cf<^Ct1 z54l#4QG+@4nW0~!Sj#1>(=0z`a_i+;SIJNb)({?9t9y3Ls%Pmg-t|KBO(*K^FM6v z=t&uR{7>7u`P>c8V&MBME(-FAvI;n|+QrOb6guY=nL-S!Tk5`UB{D}PxO=fHvYRQu zHtb$}2K4&8b}{Axx`ADNYIwHcT-QiCANN97nm<0ZzFM)sWB2B13O?UpDfp_G$07Rlk}^9BIO8QlmCQgxHX3vn^B=9<_F# z;)=)I#5#Q-_wBsYRX%iMYKBL{#mrC0VjdI=u#sT33W+@f3T9)Cjo3u8 z<5&*Aa4A4#MzALPlzK|v_9$XzyH9hN=;mk24ZL1v_Pf1~D_#C>q&Rac{n44YmxVomPm?X65t*nk-@_xca6LQ92ZHRZLs)mygCLz6-(yfVH%xerAy1dx27a=tx<{_$R=|D(QzgyYB zi_9-ee5a(8BPvKDTsYmi0oUeEmqZB*=3M`Y10PZzRD8Z-WhP=_fG2Vhrw>+>Mf(*pWwCwiP4#s>zXFie@-NQMF>Vf=Ej2N5}s+R%JPrG9qpFa3Jcc^=jA|{f}#u$rPww44m7oF zodUwm0G(zIjh50C1IMb5Ma!wtphUr676<)hy;dw;V@!I~0qJqN6BaWioN zkN-NL{h>ZCJR_(x0Tp>qNlyiakI~#1OHhXmAtrd)@G6i1%0N!(b=zbO4F{5Fij*zz z3dlg&Ny59;*{70^N@S7ha7W3Rcsu668Y1;WRDNGe*#v6#+8<*W65Iw9s47 z5R8IyGVoFF9p-XMGu{wMEbEnm{gG8!GlBxXYz$*#GQ>`T9L+x>#Mm#UBvVS|$52}H#@Z7!=FYkfQ)X}fIc zkH70`jo4v6G$@!v!g#t=w6Fy)a#9Sef7f@}B%}y%(^m#ljnpLDbR{#QG{B45jx^Th|rI-Bg3=7KDbfR@JLx7N@O>#*S4gd!$$bHy{C}Fv+R>9uPu}kFh*{PCgZZ6LJRJ$R(wSDFpvO4eloC?I{g7Yf}H30!UZKy*u z>mKt8LHiS~wr6T%BbpO|#ubQ;5lqmml8B@;rCH~aco}V_kP=S?3LM7S@IvV0$-@ZL zUS?+y1aNXYCS_%73oGO&<%+NhdvfpED%}5(laGB*P+nCvmH7MjKfUN^pAln6sY+MU z08?o%Q?s)`-SDb3^RFq9Age7MT`q6bv&-`zJOd^k$hXgXAelxnS+F)-sNmz2CZ`3&f=rc&4)e9`Kc-Bke0}Z^mBW-mH&$6oK_ohWR#^%B7Ykry|JfTEbt` zUm3_XXw2Uf(YPYb#}Z9eZUS$0iJkdu_;UGsK5&O3)}~$RTx#@^??113l)%7Vlzt^Wnk`DUo{r zRbctSn8<#!JQ{#cz0d%IFP zT0}Qpiy&cO%ZiXBT}J8RnB}2-`DzX3=li*toBa6V<|l|)tycnOY(iwgIvA!yG!8*L zTm9oG@Ua!3F{Vn?VlKTa>p5eTsx9jfC&*A>W-3*W=^}f?s$+)k-bbHy1Pq$Ma`d`$ z?wNqiEPVdCLUC5DD2gQHkRPEunvkTOtjHe}P4g?iD476dhIn;Z>^Kd`!HwWpRp|ah zJ=pt%!fMV9zmIdzp0(>!0#7U5>3>HzjXey6PT;IqpjG2%KQGY^7#N&}EZSgHU^&dF zRTnxd?cF|Ea-{i7=;J0#jeQem&Oc!#^D&ZWbPf0j_4zT04isvzI z1Pi}Em5g*DKX}Vy^|fy4<24`$UOJH!yw^YY*qswLDC~|$Y(J`8XOUe@%~D%|2Dqar zBN*a?_Z|DV1eMB<_#`7$mUQ#nTnXcYH7H9i4d4GXWY$edNIBK+Gl@rdP;XEVtBwrY z=(1gs!OsxgdI%KQ?e)n1UW_2Tef>0R$J?XcDCqO7*FZHKXYX{K<^vroN|=8ha~N?- zo6=l!{k!V!Kj8NsFyeFs8^i9-i;j#P$^YnOG7*EJ&3E*N_O>D#A5QFg^7900w-~k< z8_6UiU7plF?fVi8ilvkaXf*uaLZjD$z7}G1IiWdh6aP<4M}BvKQ+6R;LNa{6ApE!U z0{>;q`9Dq~<^Ext`VWJh{}yfVUpNQIjZ}oR4 z){h_hqQyZb+|s?e0VCv1z)&!kla#fgG8H^wt~*)u ze~IAsYKE!meH|s2BSicktjbm)aToQtEv~}t&;JQATaN+!?CQf|I6>^+E1>^(*=CbD zOl+@~!z@BF^#24!t`Dw92rh)Oad!7{6PhU2^M81r_Qu) z7+opRT{62@E_U`Ioqs5M-q*HH4WYH*EIQ4hJ`0qz2*3Snf!EBwO2-Q9XNRQx!6FHC zn&MFxAaAV}HOOUVqM*vYpCYE}f)F6IFvHNsKNyH7dHmtn`U4pYroo~%1 ze5$PwClUlb?{hKS+H2`yqro!8X`{O1+wIa0mR%cY{B8#fYXpaod@HekGJ;Y*Jc$4m zry|~)_y8+H8{>HS3ugz^zOSC3;T;UZ3CUt$meG-wh_wi0xWlMjOEH1>TemkMSyv;- zInxhzP5rC11=d&Sr|(%aAz~g&@`pTez5vKDoTQvMfJeWb3H1B+;zOKp~)jA*4Z=-zq>laU(@O)D~S_Xb{fsljC_P&Q)-NsIzM?q z&3vRCRf>r8)cnM<%!LcY>y6Oc`JQFbHu*3Xgrj0hVFe$YncFhT^FWD$po9&Gob4R- zGjpku*@CKE9_%PSvs1IKq*-e5zpUBSo^J|cGDLG%NK-~q0UUQOG*rI~|NLT%)Uh_B z`75Alf-+;-0;(HJKg&9GOhMyu$kD}I`4<54@n!phlZTyW%8_wBzXk`V-V=x3b^AmD z^7AoCQ!Z}Z*%I2J7JN{i7U0x4mqXh=2+XL8T$>+RVkJJ=HZrhRIT8Tqct-D4Kjb4t z+rGrh;*SU#suGOw7x|CnBj=*~DISN0ih%u6)6Q{i2#I2nqe#QDhN^2!B4#N<#bQoV z;75MvSZ*dIVgACC?D=~$PlA@twA|gM!4+FRLoFh4&S3^v)@m=jNx;fYx0&px9))jV zL?3=DRrRS(Z9#X?0V}Ca%~$>EPxW<*KX-0j#;lmG|JCz${1E5RK-){|-}3GK1;7_M z+t&Ys3T7(`mX%P5dtNZ=c>PG^6Tl&hLF(*}7PZ-q*eLAL69J&XH2!69*-eLj|6mkw z*#~dPN)gPqSE(DShw5*AO{|V{45pU}HzCw+d1)prqCm_X?{L+9jjm01E^Nu+*^U)- z)r9uXR52Om2kStU=rU!N3BuUHgI?On4Xk2V!ISc`D#4QB{8)6op4mY6;*O@2m@9zd zvN*%f%yw1j?d`>R*w|b1XM z1}eyH&wjp;ek8)9BXDg2L1eo<1V*e^1#fkNv#%VUyLB)6@ze$t_CjZHdgYpNe)A|B zp?1~&CdH!_=l4Uh65Y!QDfXPz*r`!_+8KoqdYrY|@594Sd+$#YZC{Ov+9Dbs^aj%V z`f8}D;MOFH#F#49A8ir3SM&*-8hUCe7Y<$OK(>lJ^bnM2vsVklG;>bzq*h}y)-}^z z9AofOYGV4&JDlYYwZPUSgt}l5>r}_grlPwgU}t}nk;p(`=y4TqpP zFOi!I+5Cjwmv5a5M5Cyf>G#Cpcir}pfQ+Xzl4w0*;3>kLfl2Mw$udQJuF@B-&C52( z&&K&cC!ze|zhVN4Bp+{ggG*wcY|FX`Xnlnco?kCEqHWi4fk2YXqt1ScIq_F;c@^PfvD)6Zs2c z&4EjMsKJ@7i#sWD!o7inw5-n-cp2&R73V_|w1Xu|sZH{UF{6;yOiqupsu&n+-n~~K z+;=yh&%)Ia?Ld+e*7d1r%r@EhrU9CvB4@X1Co1EIJt?Z0S6TxqI>n#CS$=N7c@)Ad zI@q6oF9Tu<@jK($e4d!3p{2EFs6b$gf?6`qKxuJ;Ol|^O@V+xh27Jsl#*)^1pG^z! zmkG>-f&Wr%P|zOku~9*vcD`|9e#o5YOI_ohdrTJv$kX>_r5`C}2%bXzJ#XB8)C(J= z2;Z7c^O%~S6WD|drt@I>Uh5wL?cIiWKM1!Yf=7tUL+K>a=GF|RfUv)PnNvMtz9A=uVhG)h})glWxQ48Nf-zPEu6{_iIn zR&$-LO+Js1w|bi)BH>EAy)sd`HF~Uc9&(RFsokC5XS~eQ_$*!(Paka7k$_yGAI{e= zU-WAvgawqPpmDXJ7iFldavpDccEr_!uxnzK7l6q&3CkFK#tE(6jGUO8-ZZE$9oiYW z2pp6NY4XWz!VpvZ>^7;0D1l+Zb zv5UNZ6T~sg`iV^lE&{Z6p9H7Ze;Y-NN=Uz3b7V*5>Zh+B5sJblK4|ta+z1uRut<;J ziO0_+PyO(IZFEbZMn}HoYl8^6YnEj zIU;d2!PZ-oLgZPzVK!5ZY3&F(@vfMx@PLgu5oVzR0DNZK%txZ@%M0BGFwvlL_Tk3+@{HZVxn{h~7(uOBvbQ?E{FBKGO8 zKOJl9wV;|Yj9IVl2WCV(%CAqm3&u3(8t-!_^Zoe7S4B<@QOu>ZFs=5EE>46^k+=rZ zk2cYS-V@EK(tB6fo>DjwwW&x0hnGSYUTE+E+CiEpFk)_cf4@C@{JT^lEv>HzbbW7b zcYB^kzM5T}P(q(w+68~7Lpzkzlo#r!J-lL}937SJLIeX-c)ET}F$`-5AGo3Ayz3Tt z+m-`fna200-zl(yreW*Tp$s&6mOLPPo4J61Ew;SuV3dEEw{^(~b@6;1Z7A=uy}Sb! zCC@Jfv;sk=5C*NUC+uSJ^vh{_qXD{(YtZe{XErPNE?b!xr!#X9;qwP<;>%tyo!-K+xSsejWR{=bGl_@j?1kJ zr=dNcfFavCgB<$x6L1gK&3)TUA2%~TZ!ekf2hJ?5e`YjVX9fT*MV7xwO98Y(I*yO| zDD|Ws!gyog$&5X&SgqOTcf@VZmDok69%I$@q){`!p&26v)QG}_>PiufB_y7%qDY@Q zQ=+$mg~FPYS-xmtu{kkJkYQQ&EwLKfiqhh8hZqTqtd+1l@Ydk)q&$BY-T*f;CK=v= zc-tOVdO8)O=FC_L)y(ASp^|BA9hC@eo-SK$+Ibj2LJ^&F@(KUeWxx|*Z z)#JbWbb1SY^#(MpVr<5re_w!sb%kzb*d{#&fp`(c95oMZMwS(3j{8sbOOVgWpWW^Y zMyuw4!}uE{a31PJ3r*Dev++g?z(d`&7}HIRmsqivpB^N4-8zVkcH?89Ju?qcqvI=& ztyYAVlVaUoVzv%3P=d{`(ww_Z1?fTkc5A)Ku^M`fCv94L6(%tG0EVlr7C;Gnw0gn&hqJY=?A zc>1&H9r@{f{<|63mH_1TmVh^9QWKKb4yUW>xn%LarR@!A?0jAfBC@)1sOE(+6R?iR z*jdnYb+j?a_fR=Hx;XY8Xf+rlltS?7FyGCHX8QYM=KCgEXZ?ZaDx0I5Ph~XvH?~$? z0mMuty{#;aD2J7M+sgJ>^AY%$M-E>22uW9(Xtk=qVo~k<=;}M}!ObgBOzYy%N{u@p(g`$4^p4dwzwF@dH+ zZJULqHB5}H!`L43pMCm+tYpXA`?XQsHs~w&Pc9G?L%h+(ct4=RwX#3j3|d^$!TvxT zE_xx9wHwpA7}*l7+`x(se;)d>;N$91Rc0O98zwh}alm!)bjwO53e7g7hv(0)Z8r(p z(lnl9zQW!%(T7p%?Y&C~UrIzP+*^gYHUGEd;oG$IA$MF{H2+l>QKKX+EL48p5KFZnPfz?ylR4s|1wW|p8ygFAF%1K>jKH@o*=Wa# z60E{xRD6285o(aS{u^6TiEL9;5wvpsGZl|FsxLq>VD5%OSs}<(2%hUEy(MLhRN|U(8b98(FADucma3`2V(4o8b)+zL zpNdfw9aKG=q^9{0LByzOjEU>htAzEOP!*M(n|ZKQX* zBZk3Mwc_N*A<@|5^j_FWd>6ODIHk<9HOg1VSnajYksLrBTVr-RL6Iq;QerVD?t$$aQ+bX2^4hI6G;bAl76f_V>R`BE|_ZdyTh&-)e z%5f?M-Po~ETkFGx_MWHj+HWR{m&4>z6)l)J$+t+?Dy@wWMqdEbJ1L-64d1JcN14}r z2BCNxEU9g@@PGtDgA-9w_J{Ok*HQEvSFRW;^kN(pjYK=Bm0A2=>(TWnOI1r~9S+ng zyBST?*5_Mz7!ioHy(LgI^WagD-R-VcJ&P`}z24sVF5y1qF@qBov{zGsr}k1+q;JAu zvJob^F?s?hKbkJLqw@ZuEmmp;t+LY(<~^48XSp#7FYC3-Yae3e56&1f*q!CYloT;; zTN%REShS3x*yl=6(VI%iU{q>P3{u|3HD>`DmR}%=`xXg^cXUxvD=KJ74121~C8!$c z3tIAAt$TYtRpat_Kq6mtimioA%j=_PsT-v$Z_R&+%cVg;uCZ@C+b8}0PBt&*OVSq1J*MM+C!dc*i`31(+ z-L;@_6A|yP_MfQIeM!&R=(q%7)= zLvn>)rF(f9cH2O0@$&RMu#fdiSPo>#Aj8&s4C?hlm|=dR5;}LgDU9<`j`AD^Mm=Z3 zW=J&Q$fZ$H06jrV3HHR^qjw*uWvfUOou8QQ?7;pqm6ghxi;U=WTK)1pDIw4s&YMYN zSzsR}T8o{2pb`ndV!Z(|)~ej?pGGIT^jD@SupkMjakLH?7@qmj?cbEjjS? z4qbaL*46&Lr{%sn^!i9l$Ad;zm!_*fty)Wx5}Mvh*-aYZ0b#Xxy?VAmVR05(NQzdn z=EnSkBd2DTvu4}LO?OYFE-#)v3nBL7{sDLVcK_BwkUL(sMvm2$abNj+v&EE~#odKn zV`D+uC37h2MZ;YdV}kSdqBgMOd2hQr_&(GMblF67FkH3bciyU@4qP=^Op?C=2ZM)f zUwn}MeT_Nkfz|gRJ$+$w5qLIRWPb%dFHlbATNZ)buuc$zO@voG+-em7zTm)kz>26-f=M8Il_K5L|@qQMIkveA|L%F_K%Vf3O4#Q zCOXj5HfF$(pAEmiQ8I!eqq|uHT_Ty)NuHo1JUPpfWW0#589bU0OugBKi;#G*Uz1!! z?hu_c3IOU=DV_6E+V-8T1+AvI5wFO2UE@kmTLfUNQOy|9bJY`dB%NTEt{M#G#S9#L z$U8~75S+ZshibJ4;2&)t;I23HW>(KA^d+K!YkN$Y7IzQ#Nh&WytGOiw+@!6_OT1I( z!ra;<;jQTqZ2u)-p(%h^dlR~v60)r3>cLb68H*J9WE8cWm(;7q%JZvPhxaWc>3&O@ z$P|^9Ntyg-9oVY`X30~a=vMG|Isum`{uahrj2$J=-Pujbj8<7ig&6SkJEJXC#*9gt zu!1+a(JoiA81??y@p#F%8slAc^;qFhCqaw)T`e z-hiCkZap^K-(N?QQA?)?*szOK=Ff<3p2fW;G-N&9(>@j&UXHZ9>s}bQ6efD3Vrer= zIDxPps&jx9EKk9erQs>oDMo7T+&H@;tlhlEl~ha(&@~UNq85#@8zfBpwu+3jKi!&s zZ9(u#U6?Slfz$2((L}$368^xP0Z0ghcSk&+lVq{@mB+hIecv&f9d&~QpV1JdSXzSg zpnca})2rOKwlIyjQR!k=|0B1(88$4DFDIb};EhsIR)j^5es6747uP!-p4&R;lwaCL z=w3j7WPj5KLLG3fN*WvR*^$HR2d78R-E`dwJVBbzg z7#{|QIVGnN_i$YwAfQkeZHt5y+2xz})V))X7+wMT+Zj{GW5nie*5wDG-t)Xqn@cY0 zx}xRpo)mpNZ~bthTQ-{gtwFa3e%~0aKZLw4pPfce-`fdU%9yCHVwF4&QOh?`5H9^a z_IzuwI$y5;Tup(rF|Ct-1}NtqH^9WowQ)kLzNu9Q`r$T57BDQie8QbA6NYy!XgZNy z^xJ-(%el$l?H}`RfB3#qX7MRS=cH!{#Euh{=@4vfnZaX)qo0;BbOpna zS`0k8CJd$nnp9#T+S3%nA7-49?zXM1vKv&Pt;MNac$AdgkVG=yw{4$r?{_PSI)g5~ z6(iOLbP?Q|dZKa{7pA{d4(x6=g^%-@{v#855r36_Kf1gG#*KJ~!t{e}BajUq+!=Cq z#u84h3iadpvsiDebQt{rpIa!-MYN<&6`{&Zq2%r!7JyVM0@-`9lF(OxjngNdXq68s z;#d`5*grL_Uf7r6m^+slFWJ>4by`x|2%K9R8q|39mNyE3Nqc5l$q6v}Slvs^kIpWj6C<76X3kgG;fXXy4RFKa!KYrp}u27A; z_s^yHM4Lt~0BM!~xR(Qj&pTX&iOxKWa*)y8txh-;+f58*aiXMIC;LU^Q1tjT=xSn{ zliDG2Z8xLGN%DS*U^2|KUY6DUa7yc5XHrPT)lueDwUX}Q#*>Wk-GKp&6n7`3w$CBm zV6m4@_J}I5-aA<(9tAGu9-W>9YJBE9s3%OUAiuBnNXS^JS`Ct(nmd+gq20_RT&*IX zDsad`1wX5PC#KC=bvWJvv2ciu;@S3jzw-!o;$8fdpigtKh$D9uwF3b?Pu4eEjDn{cmm_yYi82H?O@fQN3rW_o5+@85PHCI8R> zPO0;{U>Mvj4ej;AFzTIRnjB{db&n9F+_jSe|0>@X|BHvKxz8#AQn z`|4!~YLQUyfKo;IYm{Aj9=y?lV@k9h2e;!q3xpzIYWs-Q~Hdn|?2~?r7 z0S8CaprRY^hQ-Ph(o9Nx3-thk09An9vJQ%F+T8v_CEb;XE zVS%nH*Xi<9{2CWEGBMfxJcCplRmzjV%7-W7t&T*jd0iAluw zNbq)TIUUNRvV8}Acm-6OiIXBITzqHD=IT-^6Pc5T3k_*QrI7$pptZ=+xy70i4n3;y z6%o@`X<}8&{n%Nt!H|@d*5@HT7G?AE4-}XEw~uT_tPJ+Qv}ds=+}O-8{>*w4|L=>A zTP7q-*jX$BwW>-M09(G?fI+SRUX=Y)7OW32{nVS@Fl_-mz9o-tSw7Z8BD6f0WONSSy!WMkcibuY;XqJSS8t|PQcY2n5 zl7FJ1St=cN;395)TV^Tp4wH3eH4X z<%#9D@rbg;3m6>QQaB#6>!s!>69pvnZkD#aSyI0c(t_?}LCt5wGhqV@T-}e(#_I~b zju2mO`d)1@4~AL3Nn_u`dtIBoE2M{RL-Gm*oRTJGP2icv%TeJ)QO1G{wTPTjorN#Y z$w~1TFbWTK;cwq;jLjfg8TdEL)sS*D%BzvpqN{~xTu0#=1%bslG)qA}^oj@=ctIFr zU3<%NQF{w0BzZGeymQBN^Mq;70H1vet8h|^6`Q*HWP?w!B=q4GsY~?SFg50p457?8 zNuH^Vji>_#jPg4Hx1;HGH;+fuGnl&IHfCtsk9(cB^8_pH?2KcXy9?q1dl=Kl{8sGo zOG>4CgA;|4dqAj0{a4p#+7cIgdd0uW-;X6(RK)eft?K}D3u%=ny}epvFW=1PK@TvO zdZp=#L}U=k{B6}xz|9TdAO2U|j>k0xUfPx=dVw%y9<2R>SrqvHxbIN zJk_DhU!@rj1BV#&bKzzz+39;i$S>^7O8Ty2CU(*1TWvs1{U}R=JO>7y?uf~D;|2wO zcNSAcJmY1cvps9k-y-B(ZIqnjJbrKwJOlEAiaM+Rbe4C^Rpcp>Mb0Rpf5MPsT= zDJvlR%2e&PYOh(iwGMXlvbDa*{JQHwT6txYpN!)_!jjhBqWPcxQjl6`rP-5|5uzf~ z{HP+w*TU53E-S*tV!$2RUJp=(NU~rK<&tqspeVxT{`XFX{?DXL@&2A|Vyu`ZJA2!C zPot~5_?H=ddJl)B1q(l`Cl(tj54iUf(I2EPO}>})!&O$tsn@I_gM~xwWpM@~Po|Kx zx-esX@s_zL6%ue~;cER`5x6M3aXHhX>Tol2D2%dB*70pp$&zMV%!GZO{4XAwt)ZEK zr!L&b^~aC4Dh>$B+w`%xB@%*MJwKj0bnC)8)!uo2RM(AKl$hD;y{YRtKD?_rKH92@ zO_a(7)Y`z+g#{Cz6H`2%DP_H2(iFTY*@=rX8L#Tg{9<N5AN_ zq$gZ!hZ)srnaWBCf86Ac@;#I3ZhkXSR&0Mb7VVj6Ltcy)K0gUGmNK+kx3llIV0QI)IMg+&ftBz=Td7a+h=m$)5j zV~haV877hq9aRt+{t(nC9MdPPP>lkDhSMwmB17EOEGtIN4o*xDBy{^~wOvj8X!|s$ zxzR$mgM}TO$dtNH(xQ@zhe%RMJO4u28jU|y^*B&EPJ6X=#q->bcRja$dX>Z{RplIq z$Ew37&f}E9zQCUC1paCbVpRwzV$OIv!)T)haY|m3mC*EG(}c@jUgpZQuySCX)cr=T z^pgAUQv&GbxBDv;!3Nsbu(@AkJG+e={hjZRoP(b}p}wA6kVT`#F1wt8u~Uaz11lD1 zzO=Ah<2py*O&P2(j;w42Zic1N*<&uLJ_Fn%U!S6*WwC`B?tjS4tVcfV&_3P%*&LkI zZ3{(KI+^-;C{883(mx%2qD7;>dl0cC!*f-3xz2KNy)M%c>VlWlng}lTLJgjA0veRF z9Pu|3@=de!jF}Z~7eL`NjD|^&uTZxq;Q5P{i);VqpRz6vWUyeUI3L2LZzeGSNeCaV zB3L$=+h)$Nd)qGqfDvw?xOD;Apf!#kT_ z@if^E(+0=%wADQkB%e~ZcH3TsT#ky1bj%3SmnC_VxU0}g#Kss+(E#zGZTg(V6VFY4 zKRtx^)t$}bNmD)E@JBgx(sqG>&(3xp|CmzVN9d1qX%h;T;a{7NK~_PT--EpM*5nnG z=QPW7>s2iqEv-MT|Ek$uw%0G{YE{f@R^;aHgwzZp5r6B!1@}LD?YK-$CA;;V_(kmh z1q}7a4bS^nk@&<-$EG9mo3yY67ILeqI%>Tkj`n3!$16cu{Y6*k<)HINC=vZF1i z4E}Vfa@|Bc0vpm`k&n+CCij^d>ODWM!+1=Ev*8eBw%5=mR2hd<0HlCWxOjKiSvZ%G_4(Fmz$w&3MRahX*I`2acZo1(NC~*#C3rF90Ks*eOu% z++4;vgq9_5`!p1|Um37FqU}-%gCH*uU(=i+mt6`Lg-BlSnVZ7J z&xdkmL<#2N{+ykIp&~h#3IDIp-m-vogB)(F-@q;_19BPj0}_8;A4|nx=n0;l$}dvw znp7Y~i}J78O|quChy;d=wLdwXi@9CRD=krLv`J!Ma-QZ~y9P>^!ON)7m!@eEU++3% z1+vWL{0P0B?P@1Oq%Nwtc7G;kE%8*jtX?!2epKC-LyimpR>J}T>!Gdy={~Un)5|iM zk!mTCFVvmZ%&q!kiP&`7+>*?DQgJP}d~XL)>u&C9)Hj~&34kUZE^&4Xys?=W{O8wO zV^8D`M2JVZT{Gdmo7byLaB^wrLa;xBYP!EIMc{--|aLB?cv zQel(&jRYq+%g2?$FI<%uHzb)4L(AAy9WOy6#gSBy4XmWtXM{CCxFc`kxc+tqqsh`5FGSFs7AQC2j6a(% zy?3XpfAnH8J~iL+0|x$bEN0J>Ag`C=lG_Wzx}6$avcN4uuJjJt5z++0JNf4^X@GBt z!n!RkvTS)TV_|UQ|078KiBWz#>7Y}HLjGJ`iZr4=HjB$XyJC>^QyS>x-lrOwBXAZ^ zrkh#ZT#9f-wenqVZF+7Zagb*6+P7s@Om3y2(ip(|>GWPCK}u#^2}JS`$0hDX}hQD zqMg_OFzR{3>3z5`s75BZS8oUS6}!EO`xKVfzLapeS(y8sbKfU4AJ^ODRX*0Z%kjsEw8en*66u?X1WP{e9ZE{efhh25KJ{mD;4K*?R2pivcIXv7HLf- zsNu{dOJi$;a5zKENT7`0W9j<@?K1`1cAlivKUO)eXMM?cdUyAkJs-C)rKHe6jv_>z zFEO24)18;SJm!I`(UuDT&1M1yhtTeq8NaoDi!-wR8U!@DU`};)h==yFoT++0C3qTK zELl=A@FUh|w$Z~5yWSoc<<4j3C~hpn+sXYUD_jrPUyxK>`4Lj9%P@5_Axm2`YB5D6 zSANbz4v}989wx@j@Fc;lLFO2qHl34!;0P;8YZ0qJfkPhsq0USDRp3L1>&BEZ>mw^P zoed=}`e7<1X{hahjq|y}`-`_mQ99l~elxZLIAEJt-DUCK?P9p!?N>>s^~a&5vBE)n z1Id?NQBP9lVuFhMeR1xopo4?$ith3NNR0wEPKED~p*$=8FW~rm$-wuL`JqdhS>+4Y zyQ{~CzI=7YXEga(6+gw{C0-tU+oUh~DV|>r`dWKb)WQ&`he6JvPiNZovN3+g5q6XJ zO4TG2Xj#dqXBxGHmuIn_{yh{3%IiAhki#+um}G@Xxs@8x^O_OiZQ526R9)9^n9W5; z%xBEWDbPmVC|l;S^SH63@A3y^YJ%^4qx*H+XQy*qoZ#2+hr7eZKYn9ci46ObdEFb6 z0Js!Gyh{3Q2q$O+)UKo)C+_7_7CrgU7l!Vq+wZiIca3-%-T3ax|IVNO@VVCJy&k%M z>gPkNc3SItG#Pn;$|H>CrWUDO5U{-KSqf7Kjfog2&zjt$8jC+=no_yA&(ChzIP!;i zUS{1#+Yc7kn+S{Ic3e&{wo7JA&`s zPgT`KY+{3-JO>~(vGtc35P9^CoH;BG1|)m|DwYgaPj*D z{4g2+EdDuN&DZ5ytCUP}n_uwqF98n+C^%!y1ko~F?m)1OZ9?V&spP*i$R%%v2r%7y z?zL5J<&@ygh*S(T-5a|NsUe;zwB|ySvWeM8Z6dSP7T4Hg@K!$;s)e4;M!nTj5@QlJ zv$QI2vl2TNg-rjP3b@bDxbSf{Kk6c1e>hCK=bQ>G59lHX+HxkZb3*esS%ML2a3MBM z!V3I;v&y!ZzlTf}UrUcgLDl;88q-MFuU3?%FhBE%5qj||_8g7N=T4%! zzI;o-cG0$}Q23H&U@o+oP#EvHO>t;=(--!e{;}66bN{iLmtZ)UA`$VF6(;c2yJM|B zkw&h9`EO%pq5uas&M#cM{Y^IQ|1M2`feexQ`Myi^xwpKtV|d1+`@P_6`u5(1|8H{^ zCY6KnQ>sZp7jwSwai}Kj$&aJ`%d?z@At83yD;jsPhNde{N);3!6B!3iaBo-DZETaQP#qi-tU*i6Q2c=4h?m-J>93y5598j&#v2; zx{GshFu?o(!&S#4^W<(uPvRyxOY%Npvy&hGu~N~#{n>$J-8^V_=Y*mNm9gjOr(~1_ z)KszfDuduRS^QJ@>DkC5_Uob6>GT?Lss?xe42)?Wzv1q{c5?clzGy6=wP$TCb*mEH z>Ab8w7njj7HW8;A6v>#@P4kMDg4%SnOTl=}d15e2)lP^+6PGaI1qX)V?#kCQfP%ju zIjJZ)@~uv9)h|&PL*A8X`QI`BtFfz&i)&fZ!5xA-1b5fqk^sToT>=D$z~CMTFt`MV zV8Pwp-CYNVU^7UtV9S-ad*AN8*~ee!$MiX;y1Tl%>ieorm$e|IOKF< z+qVn6AdLrB#Fhm^?!vsINXQ))=G6iBiIZn6>l@$zD{BnV}6QRr}4LrA#^spypu696Z%KDtj3%Bm&NSFjS zB==E+F1A$^x1>QUn~uyc-|o9|LAaA+_q3ON*F(gBiB4m0AhGl5ZmPi|!%3k!+9ZNB z3rQVg^2)N^HM>?b{X(2G+rpElGC1x2rvb*TvjU#>ol(3(0T}N`6PbiQHF5j1XO?&b zHGIkbfxFy@W5P{XzOq8f<*FU3A{5k4(7J)gU@_nj)=STqyE^dB(9Me&nJ;fe);KEz zSZe-ACg==Jd`&`pT0tplFGIPUU; zFiX0vr3lV5wH0i94=Vhw%$&Z1p1aEBu#ys5D(g{Y{!&o0#hv1n06ZWP5R|{ck2O7P zr;);1%MUAMJWB7^>+vzWh8ivFTU}1G1--8z{FHII#9v~@|Gq32htkm0jN*BH`{J=t z0CRwoiCT>KlV0XMTqXhCJ6!?n(Ij+_S0XXM^K3d4$OG8MyOoWcZl|Nv?MiHtMCigw z2%LtEDrwCdRpvoBVcYPk1;n^Sch0`rM~v=b-?e;~FI3P$xD<-M`S3-gtA!KayiI7K z+Ov01axcaGLQ8Ga<|KG{6}?6X798VIWfx&CyJ)jRk=sUS#{;K*eShT6RYpih)J(R_ zgfZu@Ep(eDSLyx!C8cL7tDVc_k|dQv0-~^d86N$N1=C6`jwPk*h3@@M$%h0!SJ(Oq z$+fG7vkA5<3{U&^@+8?8l+0u$n!VcxiLs|~X1dHLl`@XvnKl5n^B6sr3)TMpkXuxdGv#NI4;1DZ6!JCmXWRxDaP@@mOD`3CsEe6^CR6epL8v zEZIfMBsPgA8rRJ!st!r+Z}%CE_Ory6(aWv|eal*lh_AMo2=XbxnM%mq+O&iW_;Bq) z8Sj~R-)s@J#?fKe-^zoD?gfm$Fo*>(;a2`s>M36Nw#|3l*FB+WEPz5TM3-MmL+|!o z7T}wCQs$iZj;mnvV1Lgfr*zv`Pl?cIc9M9fkDKsdnZ`w%aKg*zz3fWh{sKw&${o|r zH(B3ePJ7l~WI{ekujt&6d2vF^<80M__91O`)3ADqQchxPuLhGjQLemMw}r+cbuy{@wyO*&XHb1zT4LDI8)=7~v@ zPQgj~J1f*Q{PfrFFxEMdltxbjr90ZU|TpIcuRfUh4z94B^5hhxB67dzdl~G`>+n~VeJ$g4@~%dd8O3~J6Lh5 ztHrqSVybcR(m2UR)nh*g!s9Vh@~ydIfNP;=1>+5+`iuwY=qo1|ZrbAyu>XRjl2)mr z?`ax4xx?VY!5cOhl3m>H(&rEQU2Gqn)|IMzh53M+l)SFa+*bwlLUorGN~+m*MI0;d z4%;jrFL6?Wgix~3w_2obqda#WU*8~EtASHrIjX6x4#B3lV`gVo-J-K;^bH)8ZJ#_*pG32K`)pda{#P-;5-*r6Zu!`%0t zxs2CkAC%cBn+D{2?*%ot^7F~8R@;a=jM4&m81UPNCGponLLJh=5PI~KtIyC@YYIpR zeG0S)KK3+G{=MU!4LdFm<`c^ot~19zNR%&ksc!LlRIHB78!f;x)g;rjsRK2-z9rc* z^EPiEW>m*X?_Yky#kd=mc>YS0VQXz^)jugOXwhiWAG!wf(PXpHr0)&TE$%qGT|tu* zxC50uFOEP*N0ZiimmGz)QT96Q;i#hc?<)dw z%YI5v5Ny9%8t2>_w8|R=m&AtCMzw7#X@%5l_V;qhEi`((2dZ3AUB4iz1D+X(Yi5|! zU4xDK73ea~<3%E1WnG~*lS#6Jyb@balXQS%yI(lz8FaGu>%Sg}Y;V~qgE<5~$SSv* z!DM>bG4YbHNtCsk%+Jvw^$Vt&kB;?!Wm!3$Um-rztnbq_yidpTgnusQMd3(=Po_D# z!XEm-N|1ec>%Xs-K1)<~0+PvJ9grE}(XAq;L!-CS5o zI~KR&61A0&7zW-nk2B6@hyaz=f8so?W`wQbS_ZDw^BR~C=WWJFjR?oruDO{}Uk%Fz zar)J%rh0UGNzlD^ICl=l8YD^8D`IVlFu*{E(T^A2&xc%|9%;chlO=dnf{!-a%Jw_R zJlz&`gXX(?7Gn*=&ZW3?!-uH{{fLmxFPP9yG1dV+FT9cyJBymkUiIBqLyab00 zL0KBMl3^d;4ha3OZguEXmBQX3YfruF%Bc}s*+9j*l6ZLQn;AC-BhnsJs}`crLvo~^ zRZVc_|3y}zko8NTi%XAJ!Kjcn{v;JB=>~Az9>~AfoUM{xheCtDnFnUz;z*e``t=Eq zl)Ro0T&{5bo18lI-8G9^CiAgOv2s;L9IWL`AqUESgr@F+awLUB)ex0oJN$a>$>p?7 zmL*1oK7Qs40E%w3zNhEk^=VDG$o&2{^KIXt9N9N_1EHVWzHwbk)3tckr6zh$XV=b~Ix_ znA^SudACjbIW2ij3F-^)vi)hsD&{JnuhO0Y7)Gdx4KZK_LC}#9x7G0LkQ2I+5S|(( ziDpDZr0(>-+zqx2enBtiPG1dk<2w#QGnCY3rd;=tM#6w9PWxsw_?#vpTn`;>mrASx zFke}EelTQ~7}DzkfbDeL;cES9&G{HB^tsk*g}=O2U_a7>Pl{@I!hOk3Ikj9}CLrNe zCIFWBYk zeW_B1ZDKqb@xL+27xG++nrJPD=z5(Y69#F-=P|b)!8yQAkSwnHFHd{hE~e4}LS&gL zY!8aXwmozfdOGqxh_Cm#2{#U33LE;e-5Fr8I1A4%mxtD-Bb)Q-w~i4ZAiUA%!<>2k z^wBgkO@q=mvxkGOb~LAXkHdDQG&+mc0fdq%U0q<1DiWoEreKTE&s*L1b4)WY;7pnl zxB+oFSJo|DF`SA# zT=AQFzAyY9It<*EkV1@3Le6gf#bKb*XD4JwrE?Qv+~0dO(&ZryfP9G^Yz4x`@~IF? zk3I=mmj2w$)#ed=K|vE*b?X4x_{5#PCri~x6&k>j|G#*U|MqF=*|%VS&U2AEMOp?i z{K=Fw{)Be>VC3G2U}hTp*4c&Tg1-joEfxJ@8R9T-UD+lVlX&m*i|Y^ST8Xc235-pj zcV;7FTd2S5-|zHG016`e#@I;EpEe_a3F|b2Bnqjdwr#^DVp>0IZIs(VIHx&n?Ka3#{J6HA)^L*o38@P7zQrRNU?iS>D0^!%eurv`rE zglJ@NMSJIr-_6SoowQF>`F551mzoB;Fao1x^n$HuY#rxNnI2S75ZZ-o9k;Kek7J+y z&ZhmzA+@(bqq_TfO`z#X{qb@FOlTI|K7Q95c9EYy+1usIBt6syK3f6SrQCE!3x{O- z76j2ZYJ6VvtD6%!`56EA(Ee{e>e*^WK(Dv^H{`=bYUJ~Oq{hBeO32MFN3&blN-@d$ z*Npt%+x|*!Z3IFWA0O-6IG;n^J6#%*j1|7Z|Hs+*_rWuMgXn$7*(wc7O#JTOfB9Ry z`}wU}dScL^`I0qwvaDYW*k2(W$02C9VmVMS@n2>Br^o-M?d9$MWqD2EIv}kl`AWEd z>Hn|qc6EVw>+_Apf{AQ06$vAXlleX-_3Vq2 zd5EFk64mdDN+1HIwf+K_#b8!OZan!zSn=DvG;Wl4M#xSrG7h>CcBAD#>pV^)JlwJR z`kA8MoUV4pJ-g-9M{kE+XrXFnUa$@~k(2$EqpIJ4px+dj;e`}1GAmqAbF{x0ZtAlO z)N#iVe&1VzM(E#lM8DX7Y6c~KkF6Vq34gPy<<1vx*l)nZFgdODWB;$#1U-8#bp7jA zjdK;ek_>p=HthR*p_lYo*(koNyZcg&2gg%vu}8=&fHU4kip~MTOjb{VV+72qd46cn zHv8*d7!fJ7k5Vw+lC2!`(r^P`ZEtX&YX{W+&Av9hV|@8EzJ>s^s+<+_(KQERd- zD`W4u)wRABmLkK^oHJBN>trCE3_tYkx&c@Io}T$rWmqY*heyV%6S<#y4t@Al8J61B zwoXF_=(^>2XAK?ABJQ~n$e$+Mykqr))g<58xe~j^^3LX#e}$LE*x5L$h%%FQ!e!3b z_e-$Xcqeak;@|T0KyklPD)Z(m{J=H1$H-_YERPoDuwwJusit0I4+4g$mnb;x0Nw0g zVJku{1Flum@6vRBet8-Z-dF7f>3QJrKY~Mm@UARAfF0_$M&fq|$+|%d;((wjM9bIh zW!^wLp{&5Chbew{DwHgt1~Q1P%)nO)AzHxOUoF*23-{|i!*?MKxp<(>K|WjedKr3{R^8`vc$5K45?9 z2b?b&xs|oLoUPAixHw1*q_hA_B6@TGoY=qGg@5t#od8ua&Q`7#uGZ^q856quprA@` zw^!+TEwWvX((7WuQqtQ6^e{v<(G(PABt;hQcc<#Tiyc4Oz(?&beD(h9UP{LC%z$A# zJbpm-P78P9XTTV^I8<4$@xxbo69Q+d+K3-$pl-!190|~J=v)pK%9}$~p(>AEWAC{m zdOdYa3rByNfsaTeh{;6eMWO_ZKV-I`i%HN7?CC3j`dOxKStNBHGQ+R3OrLvm%F?!d zTVWye1r?%{vMKDnxXSg9hBm-P``J=RIP2-G?xd<-^eh&NP@BQV?k22d8z-bG&d@%fsUFIr z+Q*`XQ1+6Wv7 z44=}nT7IWrXu>17*)MJ1yM?4!DcBdchu>D&^qYkWh(IJTzdyZl4ee;hj;xD2&|eDw znY5Wfm*dd6688i15i%3xPSvy-H=c-lHF6*d>`-1E55ZY#?A#Hx_dghs@vN*Hv^u}jG%Bz%7_+BFz zf}N#dT?%kpdI zI*A+0Gbahvq5^;b>Dt`>Bp!4R?Z{zWl9gsmzcn{3;_5?_1MH$U?amei7VqJYtL{(N zXCKp%LrO_+wh_YIH;*WP2nA+ccValLPrqwqxwqXT!m%XjViLWFK1v;hd0%i{zj+XL zs<0MpR6afshHj+q*JHj~#f{}#FMSYcH9RJVyv zHr_g89%L~>5LDcAo>)`4^;26O-6iN7%dBBUb;i)m=>^rzu@#bH>K(#M9K6Kfep1xO zuNg8x6o5CRUsF zINC)2rPiH|4{5T2;+h=>v>sw4TOaToBsD>6CK7G$DGmrmAy9B&CU>yIH;kk8;E-eRFRn<8S=rb~cv!Ha+b&0311z?UeW~P6 z@H6puoS{MW9CAk?r%2mXKkiVR2KX_8a+UC?+bjdF@_n3 zQ7qjU%V5Di98X?yjw@SJ$%H%9gnI^Z8VVFw5c$p!w(Frr>kuri{bSl5r?<{o|Li)n zzlKWb@#4o5mDgh@e}eGwz4Ooj^ztv}@=Yy+KzPQH&DQ8i6No*g6C;AYY9&a0iLP<3 zw9&-|z*9%=R~zSUt^s8@WLl$bt`uZG<{aP%jA~)-FJyzJ{vc7JDL&@s(@X{6bMGhk zq8nlEC2~(sYt{$08x+M_J5;U;nTHKmH#jWtG|R#VU`C)3tU_}~i$u_s9v0SaZb`8# zXD40-oO4Cg#M5o%-`{PE8is{RTW>DJ|6FrW3NYB;YSKIF-9qdoaDABg6y5R$(&E|s zhZj(;+{uNPOKHkMw@UiKO9>bi-J>t+@WyDihv^Zoea_KN0-2eNboRIGJ5mh?sbrFJpIHgCF#5l!^?vTXVlLs}I}(ziypi z9X;IGgy|@pYE)UyuailO!rySzP27n@)4sCT!aaSqIMdy>Re2w<~6? z8#79^2a8>Zk$$%h;{4Jy{sKdk{N|84S5R)aprZ~UYw+vN-gFaajX<69DkoP6SVv`2Kb z?L8EgrXD}iQ+TarvhnIoLS|U7TcZp=52*O*R8aS_k{uBKk_$q52?VZ zSuiLb3kK{6Y*2=IQQZ|=9{m=&pnmc9zE&b4kD_sEXD>cB{}BD&oc28xOAQfCkE{Id z3TOpC_nUrbk%;O+?sw`q#S8~@$OT`w&9PN)=)tC%)@M>9^1j20__N*eTuxAWfBTFo z^r{^WWg98x##+EtKkW_)W5XDfF9`JjR5fc<96q}-3r5Y;@9ko<$FtYxCTn<8yqOL_ zELoT99aur%Mj^a*qqP`(kQ7eMAN8=YCmRlDbSj=eWzzJ>7%?hNVeW810;duN7be-} zffu8%=fMNgEoyn>OM|>NCO?w!G4IncZEbtc)LaYgl8O{V&Q={4{@D!Bv$sMYWeYt6uMqnO&j5a5X@-~mmZuwJnf@_aW&G#3wvzzfeu#U$o zY~NU~(~Sioy6fdt@&rh_^2uHAYVi{N<`2^Mw$DS8eSN3JNeFmv?#N?uOuYniA`NL`W%YGbw7W8FfJ;RK6{+u zr+{EB?m+`iB?iB9xc~TSO;EwuQzVRVdiLe{R2~j&goH=)B&v>n*peK$B`RSFJmjdazvs{eU9MBiC{*LgXFl_sDvJIOJu5#DsYj%T_RhEBtB{%V7Jo6<*z4E)nQQ9>Epfr3$oH=)BDqwW@ zSX7P${ehapMiE@yPXlQKysA4$y@w$7dgg)TJE$>g$yiIN0|Vmd)3|7{}a6yw3N z#=t2UU-~o*w&jj3(#k&Z_+ybch!mUPMth8AQ086tHd}_6iUlBVslFf%+3-_15egB4 zRWl%)E@uF?N7|66P#`v-^spIZ444Q=2)(wL!(C(xIK4t=YPA^Gz_+AZiJnuHMWh_>Si4Enx^`fmZSfc4F`_1s{%fGrFbZWg?HLBd`!gt&!{#HrX00BJp)j!rh z>U+$UU|DFKSP}N~<;j*Ds;n#`Ur(}+dfu4a4+OF^UrcrZUNX0T75N;F?*DDcl$ej} zkl3~h+#Vr&evHDz7{i=Dn%F1(oM9tC2ww&Gd#?V^KyzI)z+~u@RWRM(PS9=pf@HU- zQP9+(9XI-EAKU#QU%K+AWyI+sv(b$J)2%MPc0%!@cpdi|*$>1k2L zAE#(a81;5d@}2Y0-So2DJ7)%zit3v9gH{+0&yT%?K_X-`QV7PiU+@m04u=n2iJs4O zxB4=@OFQJg{YP%bx(}3`0h}{eO{_ch_NtOBD^`t#$XUIMB`7Lc0GkP-9Vl%d(X*AZ z&EX}RRmI1u+Mlf)-1NaI)BPf*vtBcC(@_G;&<}u;`EbLJ&P$YyhSB%kdb`qblXJE=UX+jRZup=_Q#MV%I*cr^P*~6{sbf?saK#}t2*H6QG=E!Y zllCZ!E2y9jJErq0Op@Wo`9Y-g;C9d#WYmE0^phG2QYskUmPi^?ys_StuK+!(P)4gQ zC@`5`F*=vw-Je|{oh9n$lm~sFvFF0fjm6J5*jl*H8r}>ApJHa9x%tNcE@b;_K=*1s z$&4EDV*}U-Lyw?m3r9vfn^_Qk0tMgQ7(Z~3u-LqPV2^InfO{*mnEH8P0bIW(+DfsDXLy@!DLvuo)2xW1B4Ja0VQm>um$-O+j{mwj;i3B-kb%5qg7 zP)hWAy)W&v&8fiq=j4sQN3a5Hw4R}${0qs9t+kUP&IWOfq@a@{zHK%(KmYxwN<6j- zQ1r<+VwJM9-n;`d$A?mx;Gv)Uy?SMFKAKr!V>ZvUcjgm*=J(syR=lS=UP7Y+jU1W! z_{tlAbCKPL#M>rf>J2;bhci<5qcR>#)SsR|ZZ8}}MtZ^NTrPdO%YqiZPE6?}m#04* zPxj3dUj{6Lpvn!!5r52f@dIf-bi~tr&d7OQy^ds1k%|afx8rE%t^o}ZQq@s+O0UoC zg4C=pCl%A9n{wOO$HxLw1BH$sH?Z%|{Xi$A0N)??cjx z8&jCa`~B;)Rg|oaIgI!!rWQC?PjdMTVRX5I5UMw+(-+AJQhR?W-cwD%u~r z-VThd`=*4#d|DR^4aovZ|1&$_IEK9VPW-~5^ukr4Zqe(W!1tnGgoM6aI(`Z%s(c(V z4sX%Vtc-vVp*R8Ix=8~~by^?J$N_@@75&TX>2pRpGUJCSN}a8G|AuczIxB*mGomC) zk7t_9$k)N^G$$EMzoUAcx3Jx`(E}Jy+o6k(S3T~#Q&#dwEwvDcgRW+Z1Xce!>9{OS zOg}V^IcZPoL!#B8)|Ecf*m+0=a6W4NBh0QlPo&18?+tyXFApYz#+a28M>l{2A>3RfXJY6wue|_2s`}CnBX?%#@AVS@pg<PYYVbTz=SoE`{4kAC!)TeUU08 z@lwbh-WPKpimi=EQ;R%!A~nkE@x*hLC?_a7XswB6SGtshSn*l%jYA~uwOn>aPP_}V z`;9#!|94z;CQ%*ul;wu;te)l(K>XYDK#iIN*w8LG)=V;jeTz?;Wvit8U44RhF6Blc z_(s}+aAv?$f{>dw4Jity)heqcRiS2QR&d5aD7y!?oatG8{!DRDZV+8TA1sB~w*W~O z6y2T2uQ?N>@|NN>AGqWkb#ogc(?lCx@yJq0{lhYS1{Cr|bJ;!0fniVWsC@1KxUoMF z>%V6XI|p%$etdi^`vJH;+zM)MtgNIb2| z9V>}7*}qSge20sP6}iUL=jBFm{P}^ZsV3wZ3W{x1^yTI0hB3Kv9W1HqEPVq)n1e^S z`2=q^T}$6fq!-h6O&^6nOVOZV5<~Z++(es`3YLTH#EO1&VBP?(FoC@8`byFx9P)YS zg4Xokl4GNwO{}HA!BP;BtYH#k`oARS3%->V6Xbr$v1NTUvon>k^f&WjkzaxB5tFKDeW$HPGkDP>-b)QHo}fyGYC>S(4Y2);7MvDYVzrdhkjsM&cm*}D;wM|27a0*<+z$0Y$|UiJf` zN3iwvrWm)?-_~$G=UgwBYdfxZGp7q6&rr6#BqOtJ@k{0?vT02dB-Y8^-?E6-~klPWz)Tdb__0g;p z6p#oUkbUu5Uj)5SiS>=WZwAZY@-tfdMY{slie^$+gcCKMw%@c~s5H}Vg%(xKYz;Hd zLDEA79t%L;J-?$*Qgjk;CQ@j8@ku#B?3{k}a?y0P#gx&$id0L)%=;yMmwg%5F|SOe zmnn6D+Y>XZ3`RxBN82IWxA8ies~E*-J;bM)UBJD0TJycMjXk@V>@bvjNeTA%TUMh- z2WtB4Ta@}VdZ0joGxW)N6E2mG7J*jL@b^rJ~GL??@3 z^T*t_IvtopS5>E{?49`srP+6c3>Mdm5+WYY-i$`n&B}rz(36Zmy>fwWp)crx(#>l z{1M8b6M+Mpc2jynKYGOiSRJXh9rP2f#YbYd!)u_z3Ru5K(Uy%&H$2vMjX^f`6%qNW z@21ePm*E;i_H?ygfqpB;fTpE|kmmMav4)CpB?@P&k#ob9jWKz0aXK*F6a@%IS3O@P zg)&iv+bwl+QEjX_9tb|XS6ggi!q7q66Yo&x1AdEXDfoNi^t*#Sg7ZDKr{!C5QymN` z9v2a@-sG#SpAo+DRyL4h7HNBwYS~6tzby*y)-(3{%Nsig(hfmUs7W8#@7@%PL45_ zXOuC6bhwdjJ2v6gK89mpmgA;KR-IF#C?=AvUA|K~Eo$?PwMN!i2a(06BAL}HvJM|> zG>{TY&%p=68eJClp$+dndd=FA(crBkxFOhA^Nr=UY%-JRBWDe?~iLD)1DHJPke6cEF;ro{Wu*z zDp5W@PQSM;w|X}{&ku0C* zh`UH~5#{fBth0YQnYc1N$WDB;G8g&5I#HgFt%+2sH;QE*)9D#uyFy$GF_cWf*C?6l z+Mu_a0%V~S-7cH(=GN8W)?rmSvJ3Ql&kpe!=(KBWe6{eq`xo%+k^)Vl6yXVY7(dG7 zM=j%_=&}T1h#5uY=~9^mKQqchj18%&c5Kc|j7j?4Il#3jcv7HezHO7LX{$~8K?29L zIp~EYl5KY$=xz^NGd->g!kacQ5W9x8Gadr8udXg1?-p zuF+&WYy5&gBXA4wg@Tyr%=P$+k^L%9wor%z#7_(5x!M=`L&tXKgCyndHVCE7%X)UvGHWu!XKF+zfQ1u zehZKrDv6ui+7fv3&*@};9bl+5f0mxKKda>b--$HNLt@_$o*pMy`K`R@|84FM%?kzJ z>Ot|Jw8Y8o{ETDV>GdX)mpAnnq55A&mEd%b=imDB&mvK&KBu2ydMqzm{d1eYs#c|% z_*=ODtm(7d*fIWpW={V_pZ?*pa}YZwZclU1J-YRxAMY3b(f@3ljeBs9qB6>7uO|IT Sm0vvny?d+prd+}}@V@|1x;X0q literal 0 HcmV?d00001 diff --git a/windows/deployment/do/images/test-scenarios/Win10/M3-Adv-BytesToPeers.PNG b/windows/deployment/do/images/test-scenarios/Win10/M3-Adv-BytesToPeers.PNG new file mode 100644 index 0000000000000000000000000000000000000000..ba85f093128d915144f87b48748fcfdf0244167c GIT binary patch literal 80716 zcmb4rc{tST8#mc1NvBSh#HcK(5JD41+AP^3QPzlTV`nVGkjing@B32O_w3sYshRBi zkijU+U@&&ZnDKt;^s95;>;2=M>*~rpzRUeQ&;8ub=lS z=+MzIgXriON)IywEn>BnqriXkt~$!M=!(0}&H-N-pDSr7(b1KKv+h1+0=^${QhDr3 zN5>nq|BpU=dc~5CZZAvqj?zOR;^NHtmv|Fu;`pj{b%I6H}prPN*K4%oQ+2&6mKra`qNQa z62I&w6IL)G78>mY*%!8tRY+tyTJ;-yfcgW+#myG8~MA$UocY+FDzKSl9>Hmf-(uI;{fv z`Ln-jVHo${JbII&(@%0JnhZ+Xubowbizywijh2Y_9#1_O?>$usToPnT^RZ;AF)3PIydpqJo zgTCK<m*8K{bygy% z)mnLoU9!*j%}S0$M^18AQ2A8{!B3UYXBq~ZPb>@b`3|Pw)(#?Ys>Kkt^h^L$IN37R z9M*Z7^x#(F6AO0@_v%~m+Fw}3qT!`#Xwm7nLZGg|%{H7@)75!Xlhf^S-j7;Y?7$mX z0gzaJXgaZ=p=HvXN-W8_fAhp}k!u=ykyb*)%0#j6zsP@0b5C5He1fsHGnHAWiNySM z?By#>_3i1j{G!GS5>FqrXvkN%g9A);hnnxS20@-i^m;_GKWeSXihw7W3@!D~%BTL# zQ_4p+w+ZREZa2`<-frCv0UFseNKn)2V(F7_*M+#err=>)5vAjGY}0p_lX)c6z}eX8LQ@VG?hcQ?sT5zcC}T z3Q}Du7g{wSUtm^WEEgb?O05qYv#4_;*g@%w1)$)mm;$IFeov*T8l^_XFI@21ps_L4RXKA#@Fn7~9-qRi$6 zgWUH+CEazogLNnCi0{&bs06>(69jP-VKhvpn9&-k76Bt8Q@25-9Cu$Vowl@JZD#(A zX&W4{mw7{S$vj8`*+Fu>G0unVQuA;~_U+~pcU6e><{wx5%qre1o)qa36JhI1TC@m1KTkPz7L`PEbDtyG z^DF2TS3s*YR#qw|t*gtF2*ee-hW@=+VGwOmH*jT#V4Cd5MT4jj0@$wP9Baps#azS3 z@}t@7Aczq7w}wlpEF+hq*@3Q)Otriv^6d9@0^YaBBLGV4u$muf7q8|S5CAn~_^o*@ z%v0_T7tF048i`7pY8m$As%#DNlMm!yE^N$4cq+e;JMNIUIS+H?^zXr5t$`MYux}CK zM4-u+VWSN@fwk|5b1%02R+}{r*EG929((!nbD{5Ud~r)xdT~bs%}g_pvizr6vG*Hp&Z6${rJg#nIn9{C`Se9b z8SSs;MW!8#VQMx*adC>IZ-gYb{jozavD70BUuM)+oe)-(hN>f~FFzTm`F@xjupwPZ zAnD?bdwj*ZbMDUIhF4Y?>c(h|bZ)rrl^wg8uydj1L_dl_CUHEKaZEm;+PT89KisfB zRLWxo<4AUACj^K-$BdQqU+zB}o>HF>(kEf?*Do+UUgQrN?DLRtmS4g&p_Q%uc z><(hEl|`0|M~JS0zkmi=*-k#=F!n~iWSlYQ{zrS(;LwFY_Nc6>Xk-)yw%rN9rP&tcOe z~5yu>e{79Xr4Bi?I=d3<$@UD%E6% zl#l$dFZLkTLJU%iY03iAPyx+MalXHye0&+_?=@$D`E>HoG?a&#+9L7S;PfRm$TOjP zIy$g7F@G~1!9=lJ(031P=`yXGqhHup`PFxxr%Ko!`ci9Y-n?N@Z%c_j_Fef!nw9C( zs|NWN-=+djI6+Zb3$RGCj0gO^ZxHmc)#^Ezyr9M6lck!^r_87_*^UmYmn7KlQ7$wX z-f~R##y3B-8;r3qmSd)R-5`~_@f~zjjE{;^TK!hZBjvu4HPIE6yF!T=HyTIMt_Q8&$7_(tLk|>Da6$4T0F1CG*j=z zy`D!Pl_Q~5sORU%8DG6(P4AfpzFf(O|C8}r^EV0e6ZKa!2+Ws)UQ@nkL54rPS;yoa z;U~mJ9tz95X#qu`(VFKsnyWfV`VOV?_CW&(eOpvJ+uLMcIbZe>Ne)kk>edt%vAm^( z&Cf&4_aj7WjSIM|LnNFDaC5$?kn-$mBKo!?t~cBOmb-#+xx>?izr_aW&xheyXc5KNV)2acz?5v2^QQvia5AmuCuQ7MpTZY*eX-R=+&txD+$xY^*K3ZHm_q)HBiVol-+i%>MX$i4 z9er#|g5zd&zym{%NE(*~y}qggw@B`A{OLnEl~isXxnLjo&NHPG{-kORMokJ-$2T;l z-num?#rMpltI{~e7A6K3q>f1vb60AM)>FnnvmSc++b)B_6JB?ypz> zHH|&T2)O6Qj=Hgz1nE`3^iBrp1x#_Bl2{6@MWY2z=VCwdyZ!B(xKfHNGxO^(ptxj> z2(|Lc<|*pDJ$KntJj8wPvBh%Nn=g=doCkpDJmebFvx`4f)!LU{;xmYkVlTsNP8}@D zEB@mwXNBj(ADp>~Rcm_*y|yQ|QC_7e-O3_*tOiEm=EJ|uDCg%h#OuT3lDI!yZXvb;APuzOE})`?miua^Vs@Q^gIo|U`$c0JY3)#P zqy@4G&Lao$LlM%MEYeR~izl)$VX73XKRervq*)J1Vl?ivP!}aOy7~*fw6P}r$3-6K z16%eP;=piN(R5T)?E&<^jyTw+ee@l3+gSxbRhu*6&qmf6h&-JrtsO~2@mY#0g)ca< zTuayVN|{+;-N=JS6Qi+5ck6>AEeIpH#Rb);PhYf68W>}-&s(DmaoO+^$G$+)Pv zy|Zd-FaY`Yn8>?WA&~6|NAy`)LPCPv$q|e^7~^%-K{L_gctW>3ZihS*9-sj6Fdg&c z1-qU%(bB|qsjZ%q@zX5}C=s(hjSP9H*dl){zt)nrVOs1HzR;u8L{UT)(;h3fSS#a4< z8YQnSS-_0fo7bwKB{y92!S|?AbJU4Ewi~ighp;T_uAZaVD~gu!-GUC;FuTZSd0G;H~{r*)~}p=&`X2W*9@ECn{BQQv5C>ik*}KHKaV z;9=vnMU+9mnN3Rrt@^zgio@C6?v3pPZ`YYW_t(z^ymuczESc06i=j$yt~MJ5r%+!nL5QnGQ?W>E~bWk~ewQ;>9o+hsTpvA)SGx##H$eT~BRNDtk9F z{*c30*r3ho%CK)Iu_5h>Rn!e4ce-4Q>+$_TaFRI4pJ2sCy78u-Wn&panLm%b& zZGppwW%u|@QWayDjv`PHV-)h1!k|Mme=b`?QUJU-2f*x(XXAQkv&;V_O&hKGxK zb!(T0*r=p$r^|i0=cco6^l%tK#pjBVAm&~Uwim(8=# ze{t(yiswsz6~*p=I}dwS^BSW#UhKK56kn#_nKRW<-8X4bZF+ZqeB6RRJEhdG)yj>p z_}5g0IJ@d~2ELdIq%|}WMHX(ak;=Sp)!GeSLO&ty3@p^+t&sO*@t@}(KPx)G(dD!q+wMh!oh0nK)kTb8UH-Jqh%lzOn2(rGKJLyQn}e|yi7IX@lZ%CCJx z7sBHY&*NMY`nzMF69UE_)+iazrD$Kf8!>mfo?7q#P1vSHei=Cc zSYB?YKhWObbmr%~AD)P2uQsVw|8>EDc1irzyGT>$WB~7$3);4(Q*lBE9f=`=5@>FKM#P<>CQ9#)`wdHQ4BB!>ma}6Uro8^g+OVP zqP^U-`a8eIbl*M1X`7^6g1GOKEB_m;2;gFqo$&bI$f`?#39BSv{I=I!&3_t3=l>_* ziW~jnxt!@fCjYtLYw7N<9%by$%H}TX{O^vj?@q9dzw1`Nzxnqgm(i)X`H|`N|FqHy z*atfc^gsVLtmdmvqkrq9fDmXLv3+x_#^vt6t*Mg({ni;5pfj%FpghBp0d>%tsI zPyE{t@jeLMv3h6S-%S(-jr*F8O?Lfa7=ihP6Bl8FW5i#+a}z8^|5Bs%{k48?l2>s?O!1{+1Q?~|rO|G;3?8g3TD3SNm?KG(s`puhx zRhQnlr#;s2-yt2ZbvHCdkU#u8tTag17ZsbPiIGd)J@X;7*;DTDni8vzTWIVz;YAPR zg-SvDdNCO>1wA?8y3`!o=epy}bju56Ch4H^MPGNPK5F%=%3N7maokrF)xvx~m{>kWU@l&Bg<%b^V^;o~L3Y)l*( zuTtyk_D3Z~R(}Vjsx{bLWmNp>1I29CVysxs;TCi}e7LMck#MC|Ya{qXNYP3$w<0VGw=e zqWMtQW}DurJ0}mF+{y1+KC0_0n17^Bg;+|aCJG$ZuQkyk^VC=)cB;-MO}+T@j;zvS zM8jAaA1l}Nz@&rh=atsp?#9T?p^n}pe-r45(itO_M3*p4o5a1)7&&FmNIAUiaGA}u zHH-k`24N=bo5)T@{>@4lr<%`aq;b&O)}X&7pUl-+>}4+xF?0&qrgtJRLmh#7yt>dq zJ9%KNyFfs+BLKyL)i>hnJcGLr?Ao?h_x}2TxEK;Iu@^87#kV$EHVTk?u9MZn1!K*i^FpPAv?6A={ZF?&c?y&dy(AgR57X!aD&(B3^_DK+Bbf_v>CbWXs4>c%A5W-eh~?+ZH;~bKEu5Jv0nMT^7+9S zRn=5h3El1oE%MA5qSjlZPH^?I{Fj7xtf5LX@P0L-YU&$rQz3rdu5aJHFA=Pr6?Ph2 zknLpATp-mbmb1V(+avS{w`LlO6ItFA$_YaIImn&+G4>kJUE=Ef`DxBHlB^o_50FLM z_LSl=!92xm<4yL{t)BiOvgC+jWu6jNx<{XjGoR2#KdS@#_Xl2}rabaF&WgcO5^o^M5`ETE=EVT$RRUUOS*G{J_p&;x*^B@qMj(gC~pDay@7ZME$rG zl_I&x-g9pa^mXPEi0TFV?6^kW&Ce(;d`hcP+vqIF`I=4%y1ylPpK444>C=_koAkUj zTjZTA4k|Od(^Y4?u5W)2JO7=(|0Qu_m=uAm&+rK-Uwpnrkt#90sL%7|2&Q5Nrbmos zk6aNedY(BMy;7fgJdSCmxoQMFpDxu2>nuy{Bm}4Bj1g#~c_OEzJj7JuB$US>uf#77 z5qiRC9b@AP*@*?mUuZw+*wg!G$E1?W1EOVEdbY(;eIzlsmy*+A|D# z4GaTS<|E=t{a$414!e~I-5+X9b~=dbbWP>Y4js+gD0Ckgs$p8^Z3Y8 z!iNhL@nS^%Ld7>74^+EqY-(|}F74~C1JWPDY@xRVuM7>GMzVao2;n?Ra9@qCCx1ID`9d&MB! z%_*b9gB|o2yc;ebLQ4~jI^`2qje5)}YgLH?`TioW>_?GI);La+&CeK2wCh61clq3i8b7%Rnq!`S5b z`%OA;_hiIoME~_BiQQzG4|Zw+}y9rc9@y7ar#dM}I;$3TQvMp=@`^ zTiViGt^1W_M{gNT#kQ+9$*c6s*&+q4`wVNf8=e7+w6@J`M-2t5(X0$t8-+zbj)ZrW zli7oeB)c}QJog-`9|W-u8?%TXl{g~dU=3-mfOMN)S+XdmJxJhJVK8J=kSZkcUR;)*CoBLY_uobPGx52*{H3LJVg zY`Y(B)S$z<6NVjKY_49vmn59$Y>ncaFBXZ8@)4Wji|+&9z=BkP$Z>;RXYmZrn?4Dr z*t4i8?}eIS(#Halg>TwU0(z(BOO1_(SWdO;V2tzUu5@I0Ga*T{R0S{UA{H`7aG(C+ zO+3-{kM@n;Up2AB`OloD^RkkA%}Er{`%Ic*6zdC4u%*jM77Mi~_CA?6v`j`|I*d=X zzZkSi?PN2rQR1oY_><_~<(LNQSgmf?aH)Au8-B0Em)B?!%z{Xk&vTYA$2{-FFGiU; zsoRHzF|F@7y8u0r5+WEGV9yqT5q4d*eO}tY4yK^xN&w=Y)u{Q#o3)~u1Z)S938T?& z>}V`)X;cNR8{1s-E4+Ytu!Ed2x|lljWKcf$dbTw5esJi%H=O{Gp{(QR196mFE&k$0 zkY!lPom&@k)R#c7M8JCzVpQdZ8Cno*5u`>}dS&c_;A?#yu{ZTXal0lDneukQ^<(*Lmy9AHn0M8d zc7UI_9^cydGsQIv1H^i4NIEWQRgfb_uY|)q|$>N!uz6Q6x{aD_8 zNK87bG*P!xKKDt%rIEOkJU@f@(x_jCm?^T)v7)Lqh!!4`4Gp3!zWKTU)6&~AuWeB5 z()BHe_U@g-Lvu`zKBrA0TM%#t1JF{P-iJ->@Gv~TYID83nXqw$K9Y;{wU=8d(gEr? zFX_wLcBRgQKpWo(IQ!f*u*z~*EM!C2YC*OS(%wM!3&3Zm;LV3-R~|3J>Sg@nq?9Sh zDsk^h3_e*=sWwScqL%RS1Hl^PiFLoW=!7fA)w~N&UVGdLmi>%Cap!^SX1$UC^fAAJ zY4SoNY>|Tlx>6;V=Z_2uoV0DT4y1tVdnCl!5E_)!z&{ zNp~e0g$-r-Q*Cx45MD=XJd)*Ff_LMA$O2eoV#V)P->ZE((&DT%aA_TOe+)4 z?!dn-lJvVAaWSaJfN$2+0I|A-rKI4pe%HO#Oi`SP@4&9a6co4Xvj+P7?R5I&-nSxE zMALkMQ0fiMg+bjsGY&fW%R<&s^&W&Xi~>m;rG}1^8(-`ij+;vpq3=`9Zhy%ufH!&& z+h|30em=*Od?`?zUbz)sN1>7$IgFPCM@$d>Q5G|G+XSKJS8Y7l8dM0jEvCheOq*^r z7$mN`D!EcB3c>S|)DM=)-pMjcjQU}Abx`TO(1&vDMtR^7UsFZq+BJ=WB4sg762eA7 z+O;v5BpnT+Nbl{!-o$$UYjOtqkAibrflEKeN?1lgTuGT%iXKey~}8lESurXkCNik>r=Pbf-rRqj4EzC#UHEuI@01 zY9y^?f@S{kl$+f9wB)qi{3}kA1=)O6$QOOv85VJ1R}{(}V9`5MhOt}M9~a_FKPR#n z&Pn$ssy%+4h0eUrtp4~-Ldn>h`JrL{nla&%=an4G(RDDvie{>pHfnFnLqlBvwDa<_ zldt>G^eDc3z%i1oM?9@GEYwgfzr&tn?GzLgcP71AW(Ve?%K3vE@?X;e*s-phH2rki zx-0b_F$K;AIrCBan0ArRYG#EZ9ltYa^@-)gaA8?X!Ah#Mf&s=Q>gba$k39TkM|H`- z-7@OeDs`!7D_LO|oyHDqv6RwtCKn#6ZV5d`QsC2j+FiBfcjdX7la$cPDuj7=4 zrH50|A%Y+sqFuVDj3l;i;EAG#uySyjbM!z=Z$tf=m!y`L=<_Jpfm=A;Yt&q6>(<-2WQeA?tX??y-zd)`gj@Yc?&6gl6UZC{T0 z>oHrPi(`!6E7FzPdWasIeOX-EI5R$HHr*J1UXk20h(~&U9gs#iYSw7fuv^%t$`YM* zrj}j+&MtE51C%c=cuZP{;`4(J1EQP^elMlYYwZ!Lw+`ZAb4^4t-nRO9O+|Q#(~GAT z;_OB9TKAgl{-yy5i{#o1YD-f+n_n_UtQIDC4UHXNmx?P>UrN8=I2!!_ATJTmN zz3JymHJc-L8I)kq8ahwz?R6z?s#$Q}clgQiRsz!;k6M>LSi!UM!XTri*up$zp4d%c zkGnR1O)>bFcQJ2K-3O4f2A+SKe3u*YTy2It%9Uz(_tq43ik^}p4dEzcM|JxO-?1On zacQqn1v!tNw9wi4r(65*z8ddsYK-!GhqpG4X18cgKjV9d|BtJe7Q??13~t(RQ|bNn zqOlESmC|;LyntMX>USPDCBW1H(Xm?@_BLL-Wot8v4vFQyFTahO`X;+C#H6E}0=RQ_ zP(yLCiB}f>qVS364~0{=HJqNSYntBQ(d|Q9uCp|K23+JK$@i#ku;Ag2ku!#PG;+u# zik*7nlJRHKDEA+%SVA$0>Jce-(Ix6^aSHMkx@}5;@7h0%t{FElHa;Z342MyJJs4!T z>3)Az3w6`-?WP=6jD>2hi`vDec|of2@u4&L#d1u4KvLcd-OMB!o&Tp|-ATK_hYedN z7?ohMC-{)VC|^=nLs4DaM>k!X5fC zBP^fxvYRhnbOb~faYc%JwN5B()cwRMku8w4vlO&_BT2>RPv#K}miQfi(s}e! zTSC1e`k4UwK8Ep!%LBujOhP;wGXg{xb!NU^iO53a+l}RGhYv~b@r^3!{DP5RD)S@}6dXMI}{p5D-ZURLcl&h(6ql@0}%<(<~sLe4s_wTv} z`?!y3r^CpvA_CpiK6OpoZiW`M=x(e4n%Bt|U+Ggw*{b7;Hq~pqd7@8o&qb;g4MIaZeccNQZAUOa zrLx!n01=GDquwr!B1Jha4zj#9JfNC2 zJ=Mx$w$X=TT}_gz+hit`9iG?37_csk6a?Nn-n;5|p)@J1iA#xkCI=1Ah3C8b=X7zb0Cz3F$dedRPzXlzEGbAKCV zBrMvnOH?ZE8Hob74rBYLe4)J$dA!yQ#%df)uNz0hBT5E3*iB*tKKRS~ys+(zdRx`B>jt%LVn&bezsj)B;|ong+! zDv-5D(zPG2K2;n?^C#%ZIr!H8WgzFi+^%tWd)L`DnqBU@a}@EhTVa5^)sVI*V$t}a zJ=-dFePXmt^^!Fhm*rQ|Aklhk6|?yqC)qhXQ#h8HBx%vgLctA&mcd3}F8&CT=71;7 zP}22e9mnVQ@mY=SK6BAPx0l)Y1aH(i?#IX2-Z-JVX54vt=?$aB$EL7d;|t}AnJH#5 zvdrFwIbz9IN_|~%dN)``>Q9Vtri{24Bh&$9oEwf4dDa~}&ejX(_=>z7y`*Jm^`eX! zn}{%pDbbVO!3f{&;`JHFVd&jq_uSLNi^Kujd`#F;)ppHBXmaWkB8A_t+^;5mh>J&7 zRfD^;zCdXkvdg9#`or%1imoTMH+ep`U}z`QzUiX*zaYtVrfBMb>!O%*(q(adok!gQ!g(4p%UF(=m^>MxNG~wuLO88wV z&16?-L+E5Hix+kN)ZaU6v__UmBJ9$N!_dgsQm^}(bj!e`kkaiRc&Hd!i&Cl@U&YHE zOs-Q|>fBU|L52eFENNVLV&j4=-6QT0?s}blF&P-ALZ3~mhg_d#CaK?aY@2E+OQDo`c!#mj1AbE6J^Nb^Ly0I(&BC(X_#SJ_*$>I4U$6BvI9sEPY

    (F!{r?P5@;V$aV+kKxcBf-@AdqbnwC4-ito(+In+Wkb3LcUjATNe9)r} z;R_SecM(_#a!;t^6>ZKVZg*dJMD@|Ebwi}-(*3R^v2C(3)RJ|L-o9TJ-Sz9PgVNW&+q>D(uu|76g}mz+pntZdhJ6^(SfN-(=V|>n?TRqj401W0VbXUMBQRK% zuy0E@FI}p^hd$)2XAN?sY5U8FToSz0PVc#=^4+d8(dFpyqDm^MRpr*_zknRTft!Nk z;I1AxlO*xaR&^3sXQ3r~X>~p@YBW1IU{l9e`^GO&^*3#5;R3hy8CGn(08@kiTYQ>< zLan}Fz3onUNG(Igg(5EtJ3H)%Tok-#hkB=Kj$tL(8vtCymfzth`LT%*wU4+YvdFf_v#mI^H;5mjT z<_h&|%C8wWuIq~dME9#5sc)n7SdA@}cMV%2>Vk3nSMBT;Qg|pP?W&MDQ}mp>{GhucgnX77>FIkx+AtTAGY{j@XszWe{7M<9F;y7JKAxi zheD`YD`si*NT?FTPL1N_U>fUqk={a(PfMk^ptOU8h2;Y2vFn1=$cgBm;C`Q$bd>iq zJV3#@fQpzIp)*PyjIn9=qL&EP`y_t2?0&uAx#ITQIxknOV?|eMP?f!p^sdbbMq8Rf&D+MY z%|6}AO4$1_trrs>YoxwS<3#DDZfiQ@WFZ4bHyG3QWDZ8xv{QcA)W^NJzGz7qHgrd} zM2!g6k^4ruz%i@UYQXS3RQ3CG@mTHDMiJO?ee71Vv87l&ZO1Zetquoqv;9|)s!0V+A&h^6-VnNGuhQ$87{ z*B2okM}7nepbECn4Uxv!{|A5Q{P%So8_JIPc0|-l^1ue}i~kq@>5G}_ip%f) zM@-bicuQyy`(R~({vdh=d4rGfxkdJo5eK6YJ(fkX$BM8_>#Yxp~ zx!*X|17V%lPQi+1K$N6>=TecW3Qze!Y?L|RGyFGhuRd*_3UqFeH9qwHiXf=4ocFyD zdEx@uUt&&L2@($QN`2@4WZc@2Pl2*1Z9Vcf$sSq&=&nUal*(!*>oP0O_SR~q)o4EY zNqBNiBQ}N`T(U@t(EXi9YS=>)=VvPQKOGYCyk=QCR*7w8Id?U?q%ify)$%Uje1Y{4 z6Z6I(at!tytgW%yth`EZu|C2%UX(G!aBBHD;=%$r`yaH|ElX;nY!<&-sqF1CHb$FF zqrP}Uu_&eVQ9A0bSj|A{;U{x7Hq#bROsgm$BtLnf7}*^(GhDbea`?bivE4e+>@*9> znSc-(|34Yk8kFVUztS%pq1!G^OTnBIje=XFPMu_Oh!8!)&pL1X?AQpklfiBbB3Gsy z!ljeAxgz|rMzxitg|$gFoEuP|=iM-(8gvrpF(1fVRa%P_Np)k5y?cCwx6>UA7pfJh zo3XBL!}0e}>|PFf-GLvyon&TfGs3?qp}iGiX-luoL=Si4B2p&ou^a^XR@IJ?N;gk2 zVy(l;Q()B7C$`X1`W-iZMP(qz*Rizf1dA3A1+Q@1zeB7Y#oqg|^ni7@yCM=5x|I8li!K0T4H)Zb_lg75(hnX4WPD)Lw^{04%j-UxA1!9JVT!k zft!!ZX3QZ^^c%&FF+tETGQE_veBGaK9n!$16{i)`%KTL|&9d-9@P#PkA&ARqC}`r3 zQyg>3BQYTXK7u93vx6-}D>B*tlCvD?#ue;@GjD_mf)=ii$i#OsNLg6~RFsOE+g<8Y6E(>Mir>7G-j zOhUbL5RZU6G2r^Pgy;kp-(4f0h^|jB%qZvl#M&AzqBe*piJ#mR;SL-?j!w8FT;sYg z^b%cF4Xwh(bOj>CyEcWiXRx@~a*Ijc^o(K=Li72xCnxO;HNNLt@eK?FmVXvVb0Itv zA&n;Y2g}$PON~4;(!SR%Wy8xBn%dpBS71mySwr~l|0SBBGnVpPg zcwT0m|W+6IrN`6tAcA(iYZRcH!}VUX{vDVtLbLr&kBUWkrEz!-uNxp z^=oV6wXDq!r%VH-UHv}!5f{L+|6~1B^8W#@f$9gqwJN;mpCz#0jdoIF(b8z02!}!S zREuYibYpr-lUjb`lPfBg3^g)MI8)yA!yjTpnmzaAdM7LM@GDLuENxHLF25XGR967F ze#J23WV@MWesWKko~|F?mwxvxiaT0dAwA7^HPbCD8=W-8fK64<->n@i@%@-m9^mW+ zIb%V{te^3C4SV<=`=(hY82_pa{}IwF8Ko^@J{cEfh}PKoYclT1Z7K8*j{7Dc(nOM9 ziRV(P9p5maquD2w+8@$EgumErHy83ZU3<{;6(@AEP>m_^BhrH&A1QM>q^OWbdAg0Qh0Jn+miBbOL33z#V-Uo4dg6oSE+BVdnMs(x*+?6Q4=onh^f!oAtIuz%$HIF!=CoSRF19mn)VRO2w4G7X zP`GYbr+j9*QS0fYvW?5`v?+MWbYUp9Ho}Pgd-G08<<0v=a!(d^{}y??6QwvK(p<&*s_NTaR%|YmL)QVVv9YUqSLTjAhBC>VVV6NM9tafmW7r zUo%65;~8+i>yJ?hCF!+}y|N~aUas|KVFfI$YRq6ZzJABoZVP`lXc;_hf_Q;Ug4EF0 zZ>DnkbQuIq>PoP8NGL!C_VD21wQly2?iPgi}~T`)Dy8532cGtM5=e3nAzD zWAYMNPH#*sIE6dfnrOAw`&>F)S0AvvEXKbD|4Wdm0w85zV%G_Ia)4;^>v3@4$Xuq)h}98USyP?x)#kw={Jo%d+NwcY!^d`co&2^$#GU!H=CcV zEyZ5(o%XQffvC)Qox&LGf`#yzu0|kY%M29C)!yq)pQ`1`3EcKeY*@Q?3`yLO@)P?+ zsNgN{aQB`{VI2yub1t|Ty-i&{YG04n#JKz*8X{ULj#sov7Sn@-;NF@j7s!;;#3w!*Sq;hsElozI;N+w z3a&LNK)#(VhaQd+nb|JnCuhWV5&OU+aW*4Gq+4_0TDs##qG@VJ|LhKI1FTLcz`J6J zCs)b+9q%?RH&*KE$R5|U>K@mPYC6f@srDWBx>QuK>J@)oE7iU3S;OlMH!8OwzVN>g zeY;B*nYDzEjb^_{V6N1Gsr+y<;MfM=LGRXZ^RzJ^bNUz}XfWD2R^;cepQi#qp{rU2 zqTVdum+kY3Dg4K=eBk#+#{@ueH@!v5yu$vc>m}@8-V8(K@QtFxIhwA^l27=oT>SYk zLTn0rdwgp!ki!0-k}n0nhxA_d|5Zo62!OetxBcf&4*UbI0X3BffDIZ!aMLm2->BvY zc+;zjvf7d`#hp98@DKY^UvSlNtwBsDB#fQ7_4BEOKU#wXaW(4?q5C@8aLvK4>;|?+ zjzFk1MSd>(nRx8Oq_AlCa$sSxt~=c2eU(i5agU>RlYPZE62gZJ{CDKTH}>nfVEdhK zo5ZPyybFtv=z8XwHF|^5LU0Lt(%P_L!SQ~An?~Z@j;bx(PD5o*UiX+4v4<>X`K)nx z7~)dph_!#p1C5mUG8Zm0BAgkLJv9Fmx0#Gj|5kNS(DgmP_i0QB;-GuB-!gn(HUnsE zfngrrp=}K`vTWhlzSBG3-&+AKai!Wsv11>fC4Nog`EusQxS_9(C2(ZKDKe|u4!mrl zoBfFMPW-$LBXRc60NZ*jPk)$_DxxCEf7{*=pCxRM1CDs@z6Q4YMT4AnHViboqbCeNnEMClRo%S%s228q4yX&iyz_0PmAhKIFa+6ur9rm~YG`v(?osz8^ud`7|2MbPA%DRj zcV1M?ggb!ERx8-J)&t($+uG(w$i2hqbG`?~3@Z8GSsrJcZK-pcxH*cZy#hsW7 z4|vY??3x-O%+v#Rl^MD6l0!_!H!OR`Rn(PFh2VbW+Y?}XP4%Ca8krB3ee!a^!W+{B zs!DhRlV}N&g7nUf$JKB+e8o1`OBb~0L)~mGC(aO!{4~7-Arv4P*e?()k@n2CyMk11 zHte-1ZjaY{JKa2f)g949B)RoSU$H>)#PtV6ibe2qGjpopu;I<$kc~H_rx-5*)J}p+ zp}sTR91wzzi=GP>lvJAuki*KYH9b(t$1oDq9cp8r3F}p@ za1g@~Ou0geM0DGWq5bP$D=yb9G5VHI@)d$(Ewpjzd1&1NRmeUt$qpemCcI5^=i1jj z0m|c3`)iLKVLFB|NQajy#i27BKNup$je{?fx_9Xv6AC`IQ1}1bis817I#s8emzr4b zdl$FMpH_^CD-Uo18$1o?n}16MC8^tL$|z!pIq7Q zjc+~1F;LOTeEIc8h#+US8blq8Ew~QJqYkKrT5ianXq)1bst@-pEzC|E@N=DKJQl5P zbS(qqa_YI9LzEMZk5h^;=55zDP)ff$=73sr&vl&_q{Ae*3u3cra5tcy4zBxB102#b zF7Xle_E7}O32ow{C1o4{&Fi@LjT}m}k9_4rg>LTyVItji$4^tY$*eh4{x?(xljG+< z0SCjGKJjZQnc;J74DFANkan6vMqi6WvFnEa7|UTltweYPrp}7*ii>)vALv$ubE$@s zLLPNy;K-F^AHSR$ySo~RXRN4dC%Z5`!?lmxX^%pbpomZYH5XthP^y=mX6Kn$L$m{D z59!j$D)!L9wZa4WDsWI(NRfO(`dCjG^_;^?L`1SnZSy=5${ir^E*qNX9Tx@vE6Hl# z5l8tAHC8iyQ|_%>wnv(oHp?4KC7jvx{LEk~y)oR)(-m7K?{S29r(4(e`KxLxX~IGP z(pKID1DK`b;Y-|l?2s}gl-Z&s6;JXq@8?Ht)<-9^PCA$cK4xI|$xD*!7bF=%% zKn)s42)FF~$2N^*AcrRg`b9MqzyqFVJuA9u+ooc!8n8@xc*t>KR5NXen|Lea8nf;? zCN`OCX)AdJXF0I$8@bZwLW$PxE)sdfvNtI$*yPPSv_B<@Sh1Hm^Gec!|wc_ezSj+$(6V@Fy^y0!iJ`C#SfeLA3wQR zASzqxJ!eB%m}2@!?XgppdUXfpB zGPts`Gmf1$twfc5RiOMI%HBL2%JvT%w@VTa6=fNfrA48#FGDK(QYuRJkY(&UV??Ee zWD6lGk?h4-21CjuS+iv@L?+7^+Zc=)?=|TA^z^>R?>K(`@CP&Zecji6E$8+5oagx& z%$WVJx^zlZwhDk6ATwnfqwJx-ASmb$;Ev; zRV;1Kb^OHG^Rer0!rpzt0Vi(t#pTo$g{}{_Rh?BAce0f6ZnEj52@sZNl?P^y4>r~K zyo7~}R-2x7fAqMVY{mKldcj>SUuf&4pJW27A;|-wKU5V`F(kTI)o`BKI{s56_8wP? z&OK5h@`N0ly!k)eI+XzocLwW zb6V>Eh+||Dps5~s-u_7Ed0!j}L`RM*tY*bzXqAcrULVvd58nM)(-{#@I^zozE+XP# zxvE{)ugbcMJ6z}+E+}nr#s0Zdh7v4rHxyU1U}a|MnQVy9)A-(&0ETV}I;4d|73tu{ zKZ49AAP&=yxy_}TU3@QbAlEQ16cDVcbG|NN@MYiozKy0J&E8jIr{oF900v*!{aC+Q zIwLt>PyLpBT-TCiio%JaoKHJW$J#Y4Uk6+MX>F9>VJl<9{mB+q#q3@3MWf1Hg{+;V zj-d^vv7XFDkOz&BJu=yz_55me5pa}gtxS3v*Jo8LKSjf|^ojfr@9^JE3H2m~GL&4O zwNK6#yWBhm-Q0x$G`R+#i8W=SuO|Z)06^taOzlH?|ELGG@4$g}>oegb5QVK<`6>P8 z`^-~whWdrT*f}1Nqd#hG%74t?*uGB5PI|1sdOf`wcwGfbEIhAmv;58H>)i~N;i0+i zL%fZhrv<*P7a{1wBE&r?MTv-l4znUEa zAbINo;I|GCj{+E6O&+=ZUyfzyA_{jUpz2>nC0&YYy)jGf$)F7Wi+sO;8Sgg`!n?okZEg*oUa&2LTQH3>MW;eyBE}L9m%pd_mV7(!wiSTx zI}Q|diZf`U4vgbx@5S|$=SYmNtIvS_&XM&=zE6^E2fVuq4n~1Ev>UYUUR%Zt_m_70 zG~8WBoIfg1t;sC}dgK)u{&x5BxOe`q_Cxk1odqoxAW4@_s3r~I+R6_;#?o|B7lOCi zBnD2u+<<=5G(YUy;1bW>lI&-|9q{QLL)PoQkE6lnf`OR?Rt}cfn%SI|Gj~R4$JR_$ z*e2yDmxbN1u$b@2x=51&tAqp&InvhkK7vz@$HuSN?%Js0a>1pB`!WJAi+R<~Fg~AT zB2GUKO*z%MP;f4G5@7ks*hxv2XAI{iNzj@{8aS9uMBi)I*JVxaZjjc#!@?{6>V2+B zRaysi5(gNntuMT1TpcC099uhmK`3&f0!egz@0gaYIi*lpJNAM)NKC+HHdJ2e-WrQ^ z8EYLy8+ws!9n$U2!+E&^$MJwkVUABu%)Ty7}{#sel4M$pydg)MCAhZ4(s@y`87?)r6KiLKbz4V1mTbJZ^89AHA z_`NkCRqhor9jW<-*9xKWv$gSe;`~fJ$(L8sY}AblQKjenHbQvwa5JYBs+1iNm+U|u zY|PU-xb-wgq-V5ai1q@};U=Q|kM1LGG@Ft}I;RP2c^c(hw3UX3m+N&nBb9)!fSaJ0 zH&b@bSMy9U`TOpC%=UhhrE?K@#tK>;L{dAF3YkgOcxoHlX%2ia)Emh8!qXqT^53v4 zw!6t#2(l$6e=30dbakk#OAQZLUzY=Howu_-z8Rmb`EsV(Q_NGl>uT)NQ-vOg@6RdP zI{j%FsjtsxzGW|doxnY7Fa5#hJY3V*yJz&ay&cJeQarU8g6_@)$Bh?7q z?Ta_5dlwdG6Yr&pSU=zI{=QaFBf#2wiiFwE4;>kX50edDDe6M){jze|U?DQ^OY8*H z(tM?y`k)EcXtTu7Uqs}?f)l)0BXrE{st8K|;8TGT*Zc4p6Ef4(?Bbwb=oeacbZo;M zxx-?bbKnS7UHaAb>HwC8NNAWcIIWCp4`lQ1pwbR8M!y`_va`;sPvS86#B@DgMpT`L zrLpnUsG=^Ts6zOxyK4$HwLUdDGzIt&l>3iKvL<h@Qor4X#M5Wz2%tPn}c8Ra+p2!b}!M~YZ)g$ zEFZM68Xnd!kFv3|xesiLAiDU9C%|7NZ z{gBNuXzN)~qVA5pyJr_LM>@xaHQ8>}jn|-2WlQ#LZXE*~txv`a@+WqNdbD;)$K$Ys z_SKS_zcjsp5&HYr4*IxqBoYV~VR-_@t(84=`Y3-j&Fz6i;{L6Ni?E>$0 zbh*8|Q9BmPW!KDpc%Nci(Kt8r7_an>cfc~iv1o}Ld0jg)Inm`2OH!Kw0HYoH!g$%) zm2Q#DcrVT*AybBL@24-V2_dIV;4&81kFUv@yuq=JEcPWkEISoMQ&a}_4_Ey|J6Va_ z?|$mS8a#E|_m8etTItNB-B1fvlLo#@a(C{W71%*!IzO3xR(GMH+cKW#{(jVl9+s-7 z$)N%g9BkNKyqug8kev}aa`u)Xq5A;UMz8ofn@mi)Po<-wpYC*~+;!Qk+nqaFjM}*ttm$rEYe0MrMvTs(Vgxx``#F_8n2IZtY>OR)QdMq$#m4c zsVn|)<;^3Or{0mj;B(r)VnZC>IyVBdwauIAVNQtq8Qfkh3hC~cJGSib;>K?cn}H(;|C&{yYFr+n7ncQM;xH$4BnI;O4+0Z;*vw z$;SFi1rphmd^7SeKl`&x-s7|o7PXnPcVC6sMvshv z_aZ4Z-q=jwX!EwIx+eOns(W?pUNDo|2T9rTpRK>3ut)wGEWT!3zHF%#qTNbtuGu|W z{aRPR+;Z6J-Prvrnfj7Q(ASYEF{LqPd2V=gv}4ui7VluUWRC zwCs#3JR~axUt+`LsGT6C6&%yDYI&=o&_KP+fpcoB7wG06h`Dc2)8aO3#o8kZ9Upq| zzu`tY0>F*N%=OD^p-a_tvAn>Ghxs$VBXjlN4@*Ljh#V31>oaXpv!(nKom{HNH)B5F z0-Ir<^*Kqz)r`<5Rw<#Ps`i_%T=Z+F8-wd|Kc}6oU0V~hyDjU!@FL_|ZjJEo`zmGv zK1D2I`8a7{tok=R1X7>=L(Ngv@j$D;{c~k}yfO0+FH}G9H3)SE|AzvFPBV=%M&ww* zsipr#YwN!xje8oki~k}oa93<3{(DQh`9;_g26~a(Iz()rIWk7yxQ9*+p#8c`aQlKC z`JShw4wi?lpGxx!3IE^7%%t{TWEMBs(tup2HZ5Q5%T0jGaiT%!VmjD>QObSO#`L+r z>xCwzq6(;@EH=R5F*mvAYW9uH8dX`W!m|ZT6e^O`EQcNDo|^n3JoCE6Ij4Y(?d#@u zH^U-hT61okcATY=h|X@i&QcEyDXXBj*6I;E`paICM7#waKmJF7JLh9^j=si|P;+%a z&))X}$VnVC<|1bI;{z?4u*2f)xNok-HM4EY5!qTg=Gd~6vWMJ?Ihv!uAsJz6{A&80 zZJ%l6c4wK>-zf%b+~aDyaBxR&nOW$v8On%%-JCq$nE2qS(_O%NKObl|Twyj7n>hxv zLDa>BkZ;$uWN|k=Vx)}@?Q~D|G(qY8EHAj!RTP&ig?BfMn z*IeRHh@*3<9-S{HIk#DzCC|Z2&s-mOn(BOoA+VK>Yf&=S360=Wsq-iG8Az zz%(J@Y0soS(0^De`xN1@(xKQmKx6cEsP+=*&W*I_ocDs*pDL~(7z=!U7P~R(PHtb! zdKz};f%;YVtXAQQE&w#<^VD*vgSRN%(bp(NJ5YrFF#`s3OAQP5&x?J9LPNp!5R@c! zpN?bes#MV^H8>8ULnONI;N3^9yL0Z|K8p=E6YG;^c4e@$P*SiHFJCDxwXVi0EfROp zIb?J6ggfa1CKkUWu(ZVhm%&|MyV>4i-@yT36D`;TY?k|Lp~7!`re*E{(B>IQIQR!> zt539zy(qQf7|3{%j60nI?-emk3+=Bk+Yu$PV>c5%!*Ic+h06pl0kNA2j>8!(s_+&y zTY0P8us%#E%QQZ1REm5Zrd=~8Uf?CK)LA|>?NoANvr+ZR-~@wM0zkO>O0tj;l04c! zA#r{X#`PYpzS13=bmAK^Kt1eIy=$5DJ;kD*noV!*2cGb%jS4W_Kdsy1kSQ%U9Wh$e zQ|hmW)|#02?pl5p_VL?Xg+8tI-EHd7>_v~o<&;x-nA)F6!vn80?Wz#gcQQ?$giX8E zZZAyr!65L3`@VL&8bQ=V-QHt9|2k61R#dGf`1EDoj|Z@3Gn6{mA~KiByy?&;oRc}4 zBsJN>!oewfx4$3LusXevD`kOj~#r zK0|J-zt8pZW2CsaX2GCn^`7+#Sf-EF^J95cKZX;Vs~QjG;zmn(n6I!lN0o=o0LVG= z_02W@vH|V9N$v6P^;FNoIo_`XpybBoUnmLd$HlKM8(H}BzM`CHvDmPOEjE1~a{Bgk zRNmh(R=jiDHY(hY?wCU>_sCZX=%S;v#N?v!b`GIrmQujnJ+V*51!v(EIKX}zWXnw& zVfIvm{hSLZ?=?Uuat5BmHn8pjPWK4Wis+W!$zliUfqz1azTb@6u#~EYgk_>;bznXS zK9xq444Z4Ho!SigHvzI2I3BG`^dXFgS`E~*BTm_7RdNRBG8=*?FAcx=p!B$Na^@B` zV;OVCO#Kjp=tYJzJT3OM{M9}d;dky(p~J-c{sRZ$&}9qWqI{)z*rO$t8@L(8pQ%48 zcs6_4hEA2k;?|0)1IS^h26LHy7SrskD2PzzhR;ptg^O9$heQ+OtK-k~v50e%g`ZOi9q?vmNLRK1?UHp=9P7AkjMFO%A8+-9mQ(Hxj zahiVtR{N$BWe1kE9$zGR>8zg~peK0$Az~rn#WU9<4KA<5Gj1^R%4RCMsNqUkyXfi&Tv}i#xBf)JX`DAxc>Q^^_sbIi*XkP0 zsg<(@ru#XSiP***upUFzqb+hyD7;&~$__rTks76g!_!$$L6 zw}AG@OCWkA)~w}Jt7`&x z`E3?1RQZZZ+Jd~P`4u&Wa1!#?!V78K4~4B%auyi(fr}0He$+2=9*uMvk5Awfi-WHx zo}M$lz^uAyqra0$kxm{R$zO$;OZ+y%Gv@}=yt5TGHKm_SiE#|E6qT6r?8D~K{p#9^ zOL6yrgOOd8!?WLp{o$X0%~?QqPqLM}f+s}NEA*Fjb9Jc_V(=dTZ7NL$KWb61BL%e+ z6{ElN?e%xT@yH4tW>I^}Sbd2x=c`5=fRB(T2YgC|6Kj_)(~UqI9w6ih^UZMs-H%%p-vQDn4q zYCN(Qb@pu5j{0CPK9)Su;FvBP>#LhF0h6TRW$|%xtL0e0$2$=>i~*G?FPA#Rvm<~t zhhjIEwng9AyxLSx+SJseM$E}co3^W(8re%;I)uG%qpEjHHg^oeY?w}Yi@wQzPB%3_ z!zrRB=UUvPcF2Uqrcmnms!d;W;5*SA$Cv<0XHq%NZ`xz=+D%GPwB>u)!eKQLf5?6i z#SR`U^+D(lpp?_wTbH*+rc)|l98-Q=@mpQxr^I~7ze0L-a&YA0*ULmZ0c`s*ph8yM zH(bcbF#R@U=2B3+=qIi$<8qOl-Z^#Ixc!ObcqYx%LEOV1<64eesk_aqdOih#%xN?= zJ$Sy$XZYSk5Ehp8Iynrdse4IOJZaCbI%{A!E@4xx9_7F|a;RjQkO;&hgu+#>Jj*dl zr3c~9f-g~8^Y}KeH6jIIyEL^J{rdSvEHDi0&`e4VbMzB5pZtX}{EU6d{rlGR8K6J&m$>2#>owT)@AALwugG0L8s*i#aeE4IUWe$18F#F z2x-s*p(i!s4Z(=9zR*kHUf_gUE`(i83cXd4iev0z&6ya$m^5RV>w|um)%r5M)etEr)$lgSw(Un4!m z8)O+2Th{#0Vnc~fp#~ceSlsrB49h&0g+THdPS?`F;40BSxu@6#G3-lirX<=UJtIQ|z+uh@N%a{u_A%>nJ#TgwSU% zW^HASgy1uAT#n!2lM95!25h_J+g#(zzZgu&UtyNRh)gXWnJ$V)9kHol<3?<3p298- z#`^bm%)bW8nlE~^!tR(6(s1kwlNV7JP zd)qO(*d9mC2_CILsX%;r95yA0EDf0xxLDHO+_;1|g*r72eS)4^`FV+0`>PJ3{%lK#JW@b^ zJ?l`K8EM@Eu1DVkzVxFG{*azT#yb37KW^9t8vA<%ykcIdU=bn$&4R&#uPv2;yZYKD$beOc2UE#50&$|KNdbv9QEFJOzp|$O zVDW1`!7!p?!mbLBmgus=vE)J*i%|ior=T7OLYgN`yK5|`*?v3L3pR$#AbjM5c2v&`;<44CzaH^Hw>{k zjy1r{0}3HHHEHDTx90k&-PJ3MM-+|#7;>XIb;mn0_9n{;W|rkXE9Ppa{Hr6YPx|Hk zgcvmJm`sUJ~l3P z3kUHT+_cmAW19Pq{z}@JvkUovWyM}o%p*-l#^F26CkY$|%ssz^))2p3Sdx$d#kD-x}*_Kq5rcZFa4+#AvWF2eJ*tQdXZ z>W(n5Z`ky9E)OXm4 zV}|OtY*DCX-X+Eo^{>j$l0(ghfVIPY<$w(JUl7TDY6#`sgif0Nz*QBtd{7-`?CPS* zCQ*=KbG0MC2LS#Ws-ao}a>g{uS38`mWLM?MQL_&ay64j`X_p)#Cut_2jB3bWS44*LI&#)^Z9%CEk7-jC8t z@Q(zN<$jp@WRa0vrgiW@w@1XO#szSnQC9b7vV&iC4W`J8WcpH%a6M$K>>nh_Iu#!4 zDZZHM`t5D6Yg$bYX~nguXme9CS`S{U4?$f}!0svf2Bwezb1`<X+rY`Usqok-}~P znC=k#U6UINgWV~w-dpgg9Clnda@iiopJL8T8Vx2-j&T! zW6M((K`IROOXK{P6_)gq@zMcLzifS21Ngv*3?VZ98*Nt)B)@m@_xa067)|+9JpaLY zt1%1=CUhI(RUhk%6@bC}`;VJ!i?x~L9@y^_8Tij$(C`2>NzHF#nE6k#1qk{ynbkF` zK;{fK>ypK)UxZ}NfSq(ZtI1$P1iaSJsHv=>jbL#Ia(5J!47?{^3|3?N2d}6^<4O0vOy$hkyVtZVsCYfP3ulR;mYcrAvT_hxRetH(O;aNe!2g%H>l&D;N z?|7rN)DzRnS;N1iO}0hW;<`_}Vf)7_vN3|XKR>L>yW%!%zx=`+{4{+ul^wqD`cU&l zWt<-Hzgr!HSA0Z{&U9jYW@_?m``m(dKl}JGNVj)uug(H0)6Z3lFQ`Sv>MM+IN;Tk+ zl?>}^z_7aksd!~%hfO?cHn<6d@)cwrxV5jFy!kv(5p zs!MLpRGAIMrp5;8yv+rcs*g3PgUy-juko>^55etAbdSMO#LUmRJPsy#lefZwo2PhW z-Mp~h#w^u85^ybQQjb^K!#pD^W&_?Y zPlc|!5KF^LJ|@aO#!JiY#=?*Rk(k+6;WhNYI(r(by_Q828-P$9s@7k7SsrjuXiB@F zAMkW1NV;a4Dz`ru6;O)=i4*TXFI(D&B$zm}`GM3ChH{@9MkdLG8Sw^yio&ft;12f)jzwR;FJPnsX#c;}@BqLvOD* zgqQM=)me_uGf8B049E^V1t%DJ2#>8d7495BsZ&BLc8g98qJ zzARvy8a6URXIrhVoAne5Rt#{}*p%oPX?$dwoLDrMk=h%`6+<|_T+5{#0Bh$csMfq5 z$8&=_fwf4+JUw9#NE6ucbhz2a|3eK!!Q4^<)n0#4p24qTx;}Hhq)>p`>Df{kSM5f3 z`pLrFn<6Rg_6~M_1@B;${WC#B;`^4Ax}on}X<>1mg3jA~H$@zn8ALc-e@GBMbIJ3y zDU(6&YSTupxrY68 zuY?t39u>bmlpY3Z6_j9JXG;&P1X5s7{bu&$Dt!%~SWB21(8N4h8;FhZq-{R^pj@`k z+uadCSA1r-cAk;Y%>*L_dX<|9byE=FJVd&E{h;Upwht%`C)LU#0M?pB1~^0W-33n~Y3uh3%pBGAey>QC0-)df>X!Wc@XJH~k)`92AZDOx3|&#(z{iCL z=q?=GRVMwGn9n0+Ogf!&rUc8rM31!#rpW__<@&h@Yhwe5!JY&rLltnHl2&`bXfthR zHdG!4cWz^T1+62Pr_{APNWW6S<)lRptQyVWcr=B#SWtDa+S-S1+}u9ieFw-&Q%azK z*}y_VG(%_45-5Zd!qgPe;Xb0*cT|n3xuk*Yh>oHmgQ0Z)`Ygz+@g(PE#G6Pjl*>Lh z99etE8{LLqvafGjrmc5Sy)rXr>#Q4f&wysGwJXCcXU)Ij@S|)}6e=6V8J8e~i#@}= zmVGx5LoI^OT=5x9Z+{!ly?0RqGVQ*51#_BoGT~Wp*?FdQ%kMeD6W`b3#y`BjCD@yW zdj2u~YWe!=M8TD{bpKxBoX{3Ntp7wm$%QP!fss-nNT!C1D;ct#bY-%U?@-&*D>tl; zHWI9V97lQo5FGE>rlaf{Jh7Pc@yLy!^ne~TpPP_!2KvqS;zog*K`ft8=0gxFvK&>F z!AP7}?tM+V^@wGqb$%v3U}5C|c#XYjP{=(@*u`M?CcH&((bft*vJOJGo70&<-}PQH zwkCX=eb^Vrkib9w_(u7O$)au%w!+tt8md$KMquk3fbakXqr!)Xs6)(LDx58qpYRe=-S|z12!C|w8SrHQkVoKft;{tv zRAb%RjZE_!h zBUS$H0cx??g6*_tKLQ6r(O(MlV+gN`hN4hE$nAQebs5M-7$CN;vSk@%9#Qvd`<5`F z3hPZwEupR)P!4zpJp#qLh4DXwV+lV<0`Cdbtmt8Ko^pReOW{lCqv(bU@0Vf1@&qsB zbniKYO5Z(2cgkUhFWcmxCjiN|*8*RZ#kE%d$jb{2ioPtE*5{#4R&Gr);!7+F?1cyWX+%x)98eJ)|l@w(LUoke>s zOV57EYtPx#KnXf_jn`!Lm<3tlj&VWH>_ zj4g-QCof7=!@9;Q*2V^r#ghoiNp91k{hXuol6k8+sbiw$A#a1895aO*+zr08$dwZD z+=sAgEud(94$-ICJixmyklaYv6Z!0%FUGH)JFd_!jNb=CEm0c+E%%uNtpGK*6die6lt#>Z|q!m zcqoN8A;fp^a zPn&b5`yBI6j!>$wV+^UCO~vf?3xN4$;)}*imn9uScilrr4PUqJxG+f$+P}><26F_r zF&oew2@;6$5WxgJ(Iv_w7MX|f+z;Tdnam_)_Hy3R{gAb&!Q;8R<<6KGYxtmOIjYch z*@?-?YQfg3$*N}{##-vl<%H1t4}?#9%(9T8pYB)6ai1#znkeOfYGPAto<+{hI!05O z2W9cu&KyLc%+s;(1Z47^>1Qo$b$;<}YWU3HSg&pNtlu_!b~@WCv*xDnhDg->O>JMU zjLNM8Gy_=1*5@cVdbr$MMslByLMDdkbZJ)E&Hs>Sl^@*^4Li1DFB{sFkyvNIGq{iW zg65@$**-|SGpNU){Elfo$YGsq0}9~+k-JKO-s8O08qlLonoDF&w8Hs*^_wj%SghPh zLuJU2ig3Y%P;~m@z&pxe-K0_~vCh?647PR#p&VkzaBWG`Fb%vQ~*NEdVCZ}m~8A_c0cxtwImE4Rmyo0zsi<=#otmdQ*!x6F}I^W z-X4wQAYmCoX-YL;Y0*hu2yK-{6@^RF1)~!7*|_AqZ6>29IIvgX0t<@J3wnTMQU8M5 zWryaBO#Kk+!ygTPg<`8VQzvzIe2lgnb&0sqqObnBA9z%3dY@CBO)@@Bi7ABHS1;H!vIKvnV^6aC z6Rp0~V6hmkopKblrHUTPq?O_nyZ-G9FJjOMhH5`vK?S7O z7r5c?#tKc^@HBS6a}$q`9!DO(D3RkXl9=52Fg9=2=~F24zMn;s<(jlh!@_D0%3nLG z^$Y}X5hlrPU#EH6gcU|ahF||IGE>6OouVXIG+F1T<5;Nz6(1D?(fiv5_)IOfLw3<1 zl!9*-oSKLM`h_qC{g=$D3vK1k7*e==x$pYLR7meqR%zw}B#`qF`c=1GTG`sfG_%40 zzKp<{DagqADs!``r-71$%G@q3pbr5!kouB|3v%@+S_fJh?Nui$ zXOpiPBBHxa1=l_E+gQMhsl7wbzISCQ1K=mRO!j(hNAEb_~^mPJnOPDM8}1@`JXbrfim z&kg;SZlQ0_{K0Z&hE6W9P#U*^pU%bdzrjp&gh7hp;gvubb-Tbjf&WWFJ;T; z)$ALjFeh4~7`<@d5>P+3?E6!uf+mGb^{@k>{_8;vPP4$RgBb7&pn>VI+!loz%HV#a z_csWw`BtHx-@cDD+GnK5~{nf=3Q68^l zJ`O^M#6dpJXs-nBp%&$zgx_D@{Qq;>c=FWzwDDg_uXY5fZ>m)R_m}5;raG0Av?BXQ zmWyuVHE9f3^TA8z{{^bFB}w$9;@Y+9zo;Ss)7;%dD&+sxcN=|_xpA-BZ~F0nKfFF% z0lf?ytM_n9VShWYB7Eug@UZ_q#Tr1t2&&meRPc0R!2b_?irONK91t3tz;Ork%m_&$ zek@i`hMX?0kk8HNs}CycOqaB1SnJGyZdLRJq-I61=x1(B755}adVm<(mXzxD^?2_5 z&S6{cz++2|UX{n6s&T)YASum4OWrIg`M%wa{OP^b*v$iPJ7U?oThIeU1ObuQXXjeO z^uJ;$sjBA0xsy?}PO}hx(N&(d>D3HTN4FhWOj^M){Yt6D2V0eH&ib1761OvyZ6e^9 zkZ(;(3SJlok$dweNUD*}p8kB>zoL2#Hhgna%is5hEJaoYGo%m-nGfEs&hk`xL$gv?uYWO_~;oN6f>>nO{IJKZ-;HY!r2 z%zxQIx&`;XP)X5zrXsg^;z~|%0UawIz^6UuB&+XsTX_JP8Xmna{ye2?)AB?DuiKO%WE^GlHtK=a~2%B4yjHz&5oTuxo4 z*cc479|HKzbjAMiX`BoGR;kzzsU@)Ti&MFNbA*lb+ujf8@e30U`S@1;G?mOjEsf1oz zG&fJ%?uk;+6UA^s+SKe&2!YN1wk4k!S7dHi67dp`Vj^FeybCkxUe%W&&a>^sgIpCc zq|>j(!f)^uBr}D+0u6SftD?inv98^Lp&=OxfaO7tZK^We~GQIIx zX)AcKRrp{b8Bz3HHRwG6FZa8lQ|EP#+|k6H%sRk*!4*7aDKKd3kp5X7yL0$ZEk7of1muH37_K)otCc?A+#RzY|}e z3y0g?Lac>ov}}*Y zUh5J{oO@;{{@mp900=n_lmLmE|SWh4v?=F$LmyoZFIAF2tmkdnC&d~L2_+55S|?pyzhq1n`e z>BudQe(6{-`;fJXp59D2Y^D0}_3v~&;H1(slPi%h(tvC1UvNYcv497#=+Pe~cWxMf zdpa3!#Q!%38b*4AzUWaikNgX{tUGO_1+S<4;i6Bk>bf+U`3Ir)3LQ?+fc$T|82Zn4 zo(}XAy^3+>#yT_)6Ps!He^Fr-EfjO2w=rJ$BRcGzN=D=j2fhlK>7rYlf@-X!(vcP5 z3FHP9p7H&MPJ-1$ZIE_$xeM>65LGT&oUQUpRL<%3rC#f^uhtW{=Ygu{5|k>+l?Y1g z-2=BKe)QU&md*$oXuTK|vh~_-2!Ur$qsLK0@L?!TqpUTM)wDU%9QE_?YDw@nF-QSO zNtQ~L9GeUZ{u}TdH}lBnw+^ft%Ho#E09jkp5_t62(Mi<~UmA0d#Hx(LO9#uZ%hh9* z1$A+uM+75(DOFVE`>*-T@?3sRvjo&{E3%yDmWGNPtp zn*EDesDVDF8d!{f|BCE+tT~nbZ4Kpl2L%DrW{YKW!Aoj+KD!@%8ykAQ!6&(oFz7y^ zyJG2+ZfN&IRl;@ay*&Zt$k*o~w99J21TU24F&>u$?l1-yDHD%~A&J0hovZECF0t~)2tDEi_eU>a4JsYa#Sth|kNo-|Kh z&XqRnKso^AvnaU|R*pYQ19*aDBTH3v`P9B~Adl3MZ>AWv)s3FAV4xvZiZ`@sDQ#fO zD%H3Z;zv`R6JX0)%gRqFkum%9m{kkI96!4ksr=bt>Xex|W?)1DI!JUR2(vFFVM)#G zEjJ7yo1o_w=`{7zCg|}+wQqtR4CeijRT(_8z4s`)qM4V$BTV&6XgO>ec~l_svy#&i z!Kbd+*#d^p!(5-n&UAkZd#;Et5kNdP2Dk?kq?k;oI?bQjxYbm}4f>++oOU;OvDpG7 zF`x8GLQjeBy(P?9V6->ekNL%D5=kQPK-hC$wj1mbHm>G$rI6+r+pQs>6oMv*&Bb#s zo?3RHxUXNjeYUYXEhBWtfP(+mt3d`RViPdqptq|oGi=x3*p+X{D>3C3IpgV#KMZ*D z#GI8cJZlNATjDrQT}3LPb85%7!M78AshiAPH&6@Pqw0TDZ!>{ue|t7wl+(72Vr$1$&-^1pdHZT?C2#Qy1iC+cz> zts7~Wc4&13&H0ggs<*5V34Lu}m{LRwrCzO;S9T2^yHlECB{AhQwh8aF+D5_ zb9U!k25DT20Gi=im;=giR>aGe;Eld|LgZi;J?4V1@j|@`3ds}|p=Uu|1xgb);(H~w z7Y8Y@I7lK^FjKPxEHE+$9j5<`4!{!U&zMo5qB}T4aGSht`FR3eIAeD~Zd@ip0eM?Sp ztKigsWXE7{8SIL^@M-@xTX?DxPg=X9yY7GTk_qhOo}^?e7myddlM}HJ<{3(BKdjmG zQWVydu}6HZZfERHU3ykh=ijVkI%e}W!qd-aQm1eru=mCp`?g70+^@~nYv@(cy#NWR zx0x!c3{uJn?O@C~;p69eC~JV7V7yTD&VLi!jG4P>RQw5U zw5zwljrD)QjolyM#z|teWDrzm7F#v>F24w077!cQXBu#_;8uYj?s%J$RFkD~j?wIj z59V6_l6`r4P@C))&a12(A8!NzcB)0XLU4sqs@eI}j%z^E!~APg({q>6Omc@*{AMDt z7g}^~59d9s`UFT5V+=T(S`&}%=ncV2&8N8J>!_FEu9Ou@rzx@JAzycw!Nlz?gW7Cm zX{9mkE!Tt9F?gfU?Gs@ACs9eTlwSmn> z)SDMaLME4+%~F!xiwlpfW^qwYRuF(icA107Hz2znAReEHjXMqQ7L(_UeTTVjar3K5 z`=IQVckW3Y7&)iHtq!mMbQs(W{kG^v-JyL)egZZ_B{YWmSJ3x4K4A5pR1xvE(&763W?0Y!L|eqEB^j~IY=tn zk~db+-Jmwd-pyDHNT1aN?%Do8I43B0vfhZJCIkcL_P>HLX6O|QQqx$)Ul;|5Jvm8J zjhO#Btph#fxvx z{=YsSg~pl^YpBo7ZNAeT+ATt~fw#>c^kwioo7O(xGS|<7m{8@A&2Qb$|BGoQ2DwCq zC||PppsoiB>-kZX2lt{8SAUFo4gg2^R%bk8IH{sDooo@+dSIl0V<=eEV>^ufh+c|e zh0a}o)b+YQ;R}U=l;0fSAQu4J^f5Wt)8RjLi#h&gR;^DOhZR|I6GIiho1M6_rvh*1jjQO zMch+;)tomHt67v&*kLnvLrP)1FpVx5$?< zl2>x_(P=)B?}CNwd@jC`3=m9@q4WtfhZsE!B_kdBh zPQ`6l(-FCc!e@QJp*q5M|1s-x1K{HLmS0!BUtVXNMF*5*bzjgVw{W_!XDsR!yA6}}O6u(l@df+rccso*~NT;Pp(`Jf$#xNjQ7$A-NYsa?K+(p3GWy0DU^?ra-rEMFqb ztpnIRgZV?I+2Lg{%8l`#U*k&|f{Y+9$F8S_rpWz#9LaBF!6yNZobW;=^>Pd_jl6e$ zg3oX61CZ{&i>({`k@>!J& zj`J;uaU>xXdQYs%sPB$D_W^K@L19iA1Udo*DFkm##MHEC;vc>8MTW}zgXOia`oe9f zkkvo;dfF6v-HgtUF=NC2(IIWgGeDAhxkG zEFUMP_`7=uwUQn<5PSNrt>%TyIPTY%lBlk-+km_6qoE zK=q*h%`%!tj+)OvgYCgq&o~qhj07y1j>4_AMfS$?i4r4y&SD3TM>WC|m-Dz69z0;- z(?Q4se}ysA5QAJ`)>gI1U=Au`f7;yVp~eZWpU>bAZw-1yj?JCQ`n zXI+GW9ho@`+9!Q_xpSwfAyMXKIi#4mt%P!$MHTYW=<(xom_LMjO3o0yS2Z0Px4(N zU%8diZe@T=npbd-5A3i3*dY^}y#Y=^S6 z)GK9d_2P`q+iW7yrGs6!T`_!Uj&*A*m#S?W%XST zLT@U{DoZtcu=x(`i_-Yd1y9rwQ|_IRMcIIW7gXt$x&Pq+S8tv=Em zYTR2UW&CxA?Z8;$Lh}Jx(QVL-V>krRq^Q7kE`@4^f8^ZEAy|P^BcZ^re$QjG)<{5O z)s{9)Zaf~j0M5pgAX4^9nVRf$qr4GdAPyd>_EqeHiz9^ z58LSB5_wEGx!Q?5FaM#MK?kyx)vz}cSNxRVt|USqsg%m6SsPA*4eag9nZ5j`d@Ijo zGmQ;sZx!DQw72pJO&MkZG(*V~%=B`tWgPWpZzKVM>%9P$YJDvYZScsUbx0g63V;{@3RkZSXnwu<0^U#6zA8(R z8Te|B<}kOq_PL!GY_He|`uQxGm3m&Z{+Q(1J1|+4_Z$99Q3pJnL0^r+0&5)!z}Wl` zEf1tQ`4>5*{Nbg@S?GdFExv)&wgZEI7*ir7{WPKf5OZrC=5D0k&N4W$iaPqL6oK z0}Sq-E>HbVT<8nIOrLzGjyLnw_65mbzFa(5x^;wJugm5-P;9zY$q0*HG^ z!^}PE>yPHFM}KO)#UosIl#Obc{;llW{#N$-K`XtKO=YiKZM+f)^<+-CSTnWXfgLYo zgIY5vyjZNWH6FcOebunOPf)TO*BhIP)Sw9JGiVNmizlYD`%yMX1-sI&;=aSFu9|%7 ztI0A98#2=^e3o2wKqYePTx^C`k*g@o{W;9KR<)Lp=5ljn_|4P%n?hQzHHUqv8?bQ` zYE$AI!_&FP038`rvIO@VFA^b(3CRu~I=F=6dme_pa%<-sv|g()Mf>E5{`foA29`(Z zew$==cxfXwVvyOH*Jo0ZWf=-)s7qGAJP0YQ?jiTB@q$@|j5ZgwJ+dfx9e6iX~%YPY+zjZ%f4vB|rqnBN@I^&BA~s z@+Guk;l|QdOvG?ACc;BMxAcePZRd>?=fmeu-8p3&Oi2Mh8Fj)+-LVgmqCoJ6S$RYR zP?P=PK{bS=1>}Alh2TzZj5&0yi#YNR&Ya+_4 z-uW^^jAyhK8dB`e74Uuz0M10R#7lUiFwLU3R7Sm+<8tgjMruWvjZ+gZRGPWg^D zdH+tJ{~8kv1U)vWcAX#2=mWe&qUD2tRlW6QSk=?Mb)02YSUBIDuE||zX(!Cflz$&H zjJOtD<;!yUos}%!;E`{jpYn=lT0zMzlcK90-E`($5?ho>m|_DI_`Si1yl~^Jp8!4E z0q_Pr+w~npm1Z7clRl^?>gjBql(=*9jDfJ+J}dpp$!8fw4ulADq{d=7?jb;WVV&%9 z(iW%IkYcyBHtAY z9ZDlr7w`e!vy7}Y!}rGLR5(?UD&pdDj#93Xg>SbGB*vE9@BQvs?FHX5m;j(+Gs~LK zduHlTv8JRFqyEs)k=Bzhwx20d>+HAhVeD>+f!597ke+jG9qe*i=(E1fW{$(s?0(j;GeR=PCUi9dWw= z*lqM7pje^C|H^r}COt5qh8KSQ;C=OXSYk6!5h|eA8@|!r=|AiXDQiY9&|e!U3;X@I zkzKkvABOxOdfD&ne_{Zb)vw6=219;2|H$j;wq6b2$hG(fO3}H#>e>?{@mmG}CEhA3 zjQJzTj{s%(e+iBlBiU`y0{^f$8svo_O}{6$(d=-w9m&2y>)Y@F{x1CDjWCGl=~(V= z&_7b_?r1Dh%Ce5Mam!u5a>Gfd|3*Pg)nTBl!o`+-KK7N?>PiZl{24Gf$UBN=6_Zpj z-u-PzGHjw_*M9^yKx>5cY$W-LzUC?r)_5z`%;SiW0g4Hd&TJM%|790UJp%`)>=3YGJFw2V^%1K32BNm4Z!)b`J)26*)c3Ltp0-YEXE0PuwRd;m`nZ7bWr6MkD7 z{R;oIGJxg^G;gMzL4-?vVa4IDUwg@~Cj zAkvM)^BHm)C&T8sZlBpL%zHWUZPlJGnS=Ywx6^kE2F5~Xnr+l zuwGjz*DpQOVmP9*Yi((KFCGo_F4rgwoikRrp#z|IOBVIaDKca$StFc2b*SUs*1~TD zqDNj@Guc2-k-%%nv8g_Ah18kzZTE_8wQvjd*?~{<`8^V=+TIKRC8Ny(^lH<<_&-bX^f z_RZWR0Qk>mA($83B8~M3_Z9kF67im#l=f2}4I$c+lPN!_pA242c9ysMU;a;!;Yi&Q zT%nr%cCen8`{mfqtLIn1hi}X7;f@5VsNh7jKcSIhE@1(j!8J6a_@esCtKxvt8qKoH zaUX>!ccZU41?nN42w4Cv`8<&_!ejpXt=sCHI(J!IUQU@LRi&-7ZR<#Lr}mV;UfvRi zLDY>h1I9;<+rG0qeZl*76l}yBhS8hxhI!?UcmsE}aX_|qg9%|-h5e`1i5Dl2^750H zP8@oq)HL z{FbA`?>CAbm@V|4>1CiGuUM>dkKeQ4+rnqj4d2(C*1x4cFTJ<(3!mrLsw20z?29Pa zb8~qy#F-d@4Sw-8#M2_(&DAXc7WYVGHQIM+l}>)x!Q3jQ*?g}W)>?dT83m|JYYNe3 z+nNJZunEo+A?cH1t~ceBC6rM*7#kc|^^}O5umLzDbZtiQ=!*pJTi~7uZ%56Vjo?XW z?${L|`jQ3xc#M(|4Ga{c7u8G-Pi)MgZG*<-WPr(rKK~+Ma-$H{meW}9N%W3P#iEa( z+6zGala2iyIc4!6>-Te%Z|Q$}gfzn4^l!B&8}nx`zc$*a7b>%@{cEi8B-I8eKTAUA zJLMU9bneP4pM7oCs3v&0xAVuCziPY1c2E1C0MBf}U`@J}-vU5cVp4yPCjs5ooByI7 zib_#FDv$x$D0E5;n10E3Txl!WG!f`;&c&V(D%34mZ)Dhdgv_wkUhRy38NCBa7IuW;SIp?ZM6)|(m%=Y>@g)S zjaH{nUsV1Z03lrN`Z3-LQMpMWrXSPLk;Gwwyq7PQ2dM#gk#TzzUv{y7ctr0=`l+v| zyZaUW8ZXnf<&T||T4*Pzj0W0P7-Zg51V=5*ee~pIa|*K2)Y;>Y^ThZ>z3*PY`y;$oOp~`6{g{VWW&wm zhb_Jq;K#dw`1#tjG144P-r5a7x>odW;+4NJGOHb19y##grn!My&&C+J)-VeGVK)5I zSg#FO>;pPnZ3$<9NEWDif4klpiCne)x46OHZTe5(TXH$PiLidv)vNH;I}-ruJ)z*` z22E?n3m5Wc(UI0;%6zGM7B-CKbOyHVzHpcT%J>whFM4)vgU(fEdaj9tFlst(bWmY? z-1+mb&Va@=*%DJLo9&{~7*eg!BBt{hPzPn<=VozIU980ZjSf=b;qBQo40}ODz>H&G z*B2FYqpa(ege325Q?>Tx0QL{cw;re`)ET5g<3ol$gsj##%Topco_!&%T2}@=0}X|H zRI>Fh5hjZD*X{G2>hh^In}TEbe2zZYv=FjlKy{Rv2&z@&=` zPE(0cidufgOxgI(*E6c*9zo}lma#@>S#8xPA*xPNwi zF0NwBuRn6_-eSXi0sfC2msH=DbgwTAPKsXH&wcWjcLft`)JB;KJ>8BeM^2Q_?UwTf zxMyBr`2iW=!RmG;mfj3_@>HfoaHp?DW1Tz`{z?M$s()dU1-n>d*vD=7Oe?FPVAfO6 zWRmcK^@nren^(c>E3Zq7F!sk`-J;!+B;lf4mh(nD0izT>zQ6+h&I{Gg(*YO*1UK>oJ3%;x#7 zzgB!3@J1pX=hx@^kWqyC=_poM#ZPQMh&C{#mS57yYfCqt-`Gdg-r$TqSls%0Oj z@jwdzaCQL`w*ZPX@Mk0FMY_#G{bC&zKwqFttk+)*?!3P&38hPww_8$Ne;p(BQBnjH z?A{YjF-siO-`#bqBxbqgHG22O$*Sq+)Wt30_XD9R-}itQv`pObG0FAgx!;p>TWnZ! zhlU<>;TVJmXYg0_WA`f)Iz!dEKyw8}(nFx-sv4vCKfL1m;iq=!JY`>4dQ&>sdJBrF zx;R+(Srw|8J94>BE1AZL#H8hp+Jb@JAtt0-$ihLbpiHlQ(~9E_GPb7M6V|ZKPL9t} zco^lJQg}hZZU9=EvZi~-;DZ796k1jU(tVhk9A9Gp6v#a(rhI|}(caydVxmKO7L=Wy z8scu%3k$qY-QMSR<@GcX$;PkH!S9o@!OiGHO$@d82z$+85e# zqTRdJ#qVbI8iPHkVq(;k-z`Mxyh{`EQ9ll994L=w-DOtCeAE*vhq|Zo_pQdJ zp#3S6Df)K>kTLf!5!1%E?`2KWWuVzO1D;U zVn=zIJxe$6O@|=Kd!FlXCYvO7jdmmMtGMI@89Je&i$}$Gd3#7x67(++gGxHmlBpbd zEFttVT=KKxA-jw!tS;a~2GrK+74)lKK-)jPRW3U+G--3FruAeA)TcTKtUv2>2uj>7k9suo{v!1NW#O(>GP!tX+KNS)$ZN3IJ zvK65iOfCRL)W^$BU1z`(-k9B4AU)TYtWS1MvsHU0-`Q+~VM zIiCib2t8vN)WovAe5ptch~jI3SlF6^YGR?_YQjmO%ZHb8CL)Ej3*D$i0P;N<*V2whZnrtwL)hr-MAkd{EcA`*ysu`FjlEqnr;mdQ|c;6hL?Z#6^7kgP?wyJub&iW)_4Y22PG%T&`8TMrZ>M0A$azr#s8IGDVDx?1MLipBmPP{3o9)pL-|BxAs=PTB4mrB|9e{t2W2mIdTn)k28o@ zfE2|hJl_)|T1+G8)jaXdt%UgG!So0gLu#O;Q4*p&m$7`Fw57<&rap@&&Mn^XW}fSO z5Y)#zq|EYKFA`{_**#GNVCA*7U!OT{xdY9aQgUtILCu_NyaTJ|RxieYQ1&d5ccSe* zZ-AVeStV2{jzxzOzQREMD_8?Llpr&XMI?a~MmniG=J4u;*Zwqb3 zwvwF1_uwk~nKP$h;$Ci+=gq&Pf6!DFo233tLf?*uDXZMWhB2L%mJUU1kN|vlhO{Pm zG(rc1t_qz(L+81K;q~caLKeaw`ff4PC#67Pgt=VPlG<2phgSKSAv^?q$u4P;bnb4B z?##l`p6+S74dTevJZRR2hkXAMcfm-4Z`>I?GZyN#a@l2KSrb0N+TQq+@c8l@c~9$95Vc zd0&BeUw!*d6#|6!zwI=R)4yZ6fX#OEHxCr>zcK$}%HcTkFOFG`|I#jWeSLX${DZe0 zZ@pZ@^dHYd#C8YgitN0^eO2qt{j>Y_ zE7e0QCPjMNAJe2*Xef(EUHNA9h<&E(C`&-HA+HKNsY**nXhtNv}i!D)zB$Y zF?|^!(Ea!M9t@`KOT1^UnYJ!1?Yu}CTCcFY^f~PjEi&y95Ncz&NJNr`%FTZ zu{6NlDvcFe?^zEN41=F=k|Rf3C&Ayyvkw^fB(7wE_vU+Dh`*F=sGNarl)425A^>JH zuw`G1DZ;2H_TIYJ4{_>ho1C88ecYPl`%8xCJ=dAa)k5|(c5GYdsP|Z% zEq1J=MVZ)q@o*hThe4gHgJd$S?lgQn>Lz`4jFK?}YK%bj-z^wE-s}Q}7F1)E_bZXt z($dJj5m-*b5Yu@Qpy?X_*wJSEoEE;2!VQQzf*&6zyqt>NjW z@J3f&MbOsrMIEbS>=!ZGnGw+SrJ)SjDsU9loiHbEy*67o8d^&cbH6DxAfTal0V6e7 z%LNwHJlw@7WWC@D$(7ei)zvgRpWLIQWtBDf*+6@sb8Z^71^~*?Jr|jmslngX@l5lk zV0)_8Hz_543p^h?lyERIeKkcm*nR7u1>L2RuJkIog0;0CnfnBu-=|8i;TqTli=-Hc z2swhU|FNReH9l1#sdu5ma^>ouS^6sGA+PEX49y8qC|i0|vzqZ;ncpmO)VDbKVHZ>R z;OMr~nM3G@?O#lbBp7I2zf=ZG+voo*z%owl`_4xXam*D zbVrK$ah|n`IwXg5lgQS(7`7)1sB;?o>K=%ix@okxs{I6U)M8k@`E!uGL@V%jAOD7q2W6i(qpz3i#)EI>JfF7C%yMwx4z zr9!@2qi7E*`Yr(1CUFQsA8n5WR(#RWNfR z9vEfM4qN0awXNT0xcE>TcpOJRRWF`F%DM+niG6T>$|yxt**yAgy4Mdk)-v!bI$5B} z1zJm2-aj?1h~<98g-j8Xs~P9X#^{H2_z%7Oy%{}El|V4fzT-&e-M45N3tD*kWR2V~ z>!79hd1EhjGj?Iz3pD1gWQpB5{n;i}Kn&Gcjzkrd?WDIAD_7+0eGciWc#D!WAFw*p z&h92m+Th8nO07I~qpIy#T~;Dw7qaC2GGyAQwcHj#eNc|(r#ztk#eDc(c{hvfeNzzS z>I~wcjOsAc)*7IDun@fsutNF>5hfSsODyCn%G7kwNrHW6Luf9D7qM9E(p+P=^@SNGEGBYw)&q#< z>U{TKE5*8>i$R2Ds<4$vJ!()cmZqJ1$_Mco)j|)7an#E%PhKmctoWzg`5# zGZcVLasaM1xVqtNd$DvsY-?amJ#Xqr(wmU&NHUNN8CdkM9(eyFG2Ih6wEZyPk+`t` zUVv|n2w)Jmox#8V9rW(^On^_W6f-#9{5L{=?klNL)`w1>n_Qr=mliOE-PBN6#MtZz z^cK~12)0sqNgD6S`mH?b%)0@V(9JsN0Is|GqOf_ev2~KMa%ksQ36ynqBZYUat+Rqf z^-w*lw7-BBBTz2Sk6sdRb9C{XzLW+5b;Cmxwo|#3iWzR}RXaa>g00s7nnYBa^SS^R z0FcqR>4l0k+acEE9qlct9z+C^y*9);L!?|QYI*j7|Kr))J>M6^liMDK-cT80V@*SO zbvKp&N{y@)4&Hh{;9w8H{7}eO$}k?rVgy1(=rB*q+BFTcDW!`cVpY7$%eyK+4RsHR+ z<)Q}7(d~|ZHOzdLIH<~ctm8(&$%1+Y((^HP#~qYF$FN!y_qR5UW**1OV11-F$57zcZjPYdGLbc2+zgLR3y=f^n{{9nr`kv{A zaF?lO6dC+2*I_(V1=lct-B#Oeo(v2Y*s!VKCE&;F<;#VCR4%{0lq@jLT#a)dj-;@7 zR%8$ZXxH6adV6@;;t{nWRf7lhD`@_kSUztbuj8pQn>kp-ZCq_gM_Hj|^opkSIxfX| zk4rW49>!;K5enEa^`OU8PK}tuXi3NoD?a#0TZlX5lBfBWYz2EIK zP`h`B(jb3|CIwZX!FTF!pX50(%Hfw=q;-3OFmJST989ZA&mXn*H*dYKd+80`e@*^t zg8OiX<1|R@P~mA?B~UIUSZ-+RM9o(NTk}Bw5{650Uk?Ik*Dh=Ae@Rih8g@>Me;-nJ zT@j;lVpl^SIeD>pP6ihX)q(30)Ir&c6`!QZq?X6c(0N3FKEhZ0bmpb&&i_C1e^K(e z&MQcICX(aDU~DXD{P1FcTstqdIWMf(e`^NAkDc)U65FD+Yf+&q7E}7ZcPGa{cg*7>fw9Y2;FpdMFoe)bR)&N;2 zkIhQEmw&qqV_s13fO<_zTBNm>rr(~u$m7=fbj&FSNpu4lH#x6b7VHMrbz_ZtDM!8; z8eT3#ERMuAHN>qo%=ysgebdrMF0ZV>G}JFfYz>d7&1w&0r2Zg_x%Dlau9}ywLQ0o6 zU@6uY23>t24KwD#JkDTE@wG>WQxq@1=x6*{4O)!8Zsq$=x?M8%WE0?xl@dx zHbZQ+vWEXq4_5Yr$TbU60}|yr8^gbFoyMBHaC6&6C8k#~+~`XP{!?rYR*%*}++$CG-^2D^@SYUY|TPBV$Sr*D=nE5xDBI#|5(O zEi~-H(tzFQ9B%rOcNrP*Q{@~~<|<<^WP5)RVZTUMgx=2bX=ZUgVs%jFEsO8S$$yht zU20gBaiK>n=+@s8%<%TtbL_;K2pj zb{Ua4HB0tgHbC-rl%rw!k)4-7mj^dhf%7pO&3(AbWddYT=%+hIHYgkrl3z7ZqYQl5 zcIIZzx`Hc)?;V_o9a2c$nfSRqY>AR&!4wPUH4_>4ZMij9I(RJOO~^M#@PqG_kGbrP z;7`0NITo_yzxqhQPM$EzPLXbaT4P}IUXkdvIQO^5arvWfY03zh>W0(#-e#4I1JEq> zUh;O)jEngw>B@1>0vetyz<8VS$7O|S z(iNSz=+i5byNqw}IFd)ND1r*o!Iko}g8L5T&ovb~Iz}FkclDt@K%witZfP8hfxOj# z#PKZJL$gbRLO$f*w&c9|8zqogNVXD&VN)2ho}oEqHWj1ONV-x9Hmn}p@>@cQ5-Ged z3%gGw3T7^B_X8ll`^2~{P!aJHc9!SHhGP=Ua19MDeYWYY5QVg>j<&lv-@Vyt{O{MzTOTgmGYkCLxG!$!AfE zZ7j+=w)%f?45UqwLIreX8k!rsiD&!0G#miG$YT98QDlvNT=Nq4myNRtIudtU4_5b@ zw@V)vu$!w+R>mf-@AST`cK^i1YdDL=eO$0y=Gh(Ja^)XXix5em=X~7*8nvnXS?~^I z32a!cpc~d!imJRnuO#J!$w_&DP^c5Zjhmu8NB-r^^vf3zC?(*!jJZkR)VfW-Aw^!V zdA4)3swiUH6!6Uf+=Mf4y>^Ebyg&85rjnbD*r44E23F)ZNqM{TM!=63z}q ziKmSM>TTa8`$dR0BJbY>p`0#9H>_o3^b-GHNk~vzbxDk7j6Jo%WXKytTJXL_Oa)yW z2hf&|JsqglOCshiQG2=y5@4%pex7~fYUNssFQQf%45q`5Z{{H#)auyC2Lx$y9G(zG z7-lbBE(`Xm`%nG%P88R|6p{vJ^ws6?EvnrUJKHL_#n!DIraKJ5Dh_3eZC@)6j{b=M zSH}f0_}e!GBB990f$8l9^cb5F7yyH7z*pxe zORHiiPl`h*+kwFR+xdw^R0)x`_LgJ*(mf^6FEL05pg$^$`UX+)-4E(WfQ$6KtYO;? zqT@DHAoH^t^%DA3IfOmdC>_q#7fRXGd^{s2td*2mo~1*Z0-?STOKLpSRocL&9NgW> z*oL>DHG_Z`q+Ve)9@q#x>eP0Jl=`{bgD~x%!=%iRgq^}Hg4jOgO}(p?#7J!}oXg%s zxsJJ(EAyKO6vQx8^T?fcd2Bj^1fG;b>h&=MwZxS&w{0TohPhfRzP$2jXF6%lS%W8c zjjoUxj#(R@on*uE^aGUg`TWWdH0VBd7fr97z8p2nb*Jw0>Q+ul{hZs+_OKF$luZZLB1&FxABBI4ox5lY4pZ%TXs8H5x~+AU z!)s;F3l<}l-AxRk=BF*hE&7wVssl@D<*&HfNug1=Z#0hLib1Mvsc`{{kBEAlsIYw$ z%jXu81+Xirg=IDm4T_4T_nRT;%o8iBqK&l_)rzdmp|J$~Tc6b9N5pie9^RaD8tUOr zlE;JFdnB_T*JQ%ji@}4Nc$`)-5*-=ZH+r@tSzA5XP@(dI5Yz82g7=Z3jrdKurU|0a~??ap;w(5ud^8oKAU>n#W+9*$cBL*Xw0 zhXqF$kZGhhUz}}seO6IesJ1Sn6AC(wR@Z4)P zX>UE*ctbdSuPOweA8Vl3>8Dc(D@hh$mC~dmxR4e^jfz(v3^ufzivK=LRcjhxk8WKN z*RP~2^Yr6-@a3PdBL8@nc#p@-+&buPI(dvpoIqRhWeElwpa44*78P!>AT@F+>u3Kq6)~jYLPa)%Jal`13)_}6b zpzF#u9Vxf))idt~WPL=*2!riR)bhC-0Fc@6<8Yue*rC<_1O9C~SjO#aY&%Y3b`)^( zl6+d-o7Wg=YhdYY&r-0|i?lFFue`8u|;42Or+Lg>HcbZh#Ui z&<&uDW=^Wa3FzvNt2B|5D4R-&#B)1TzDXuopykug(HZFe6rfPjqe_4pu%gBz);OI0 zFMLj_y|}_TSFyi%a7%|xkBl!l7aUq`{|jH()h9`e@X%-?TU6vX2K3jwuM?8z|GegJ z+4Y4iOu#lUSEB2(k%;Odq>k-f@wDuQ{tKSc6NROiZ9x$TSf0N)?sqH?J9_EQ%go-b zdT?8os5*fL1Q$&Aj$%AIo9{CR^m>))AKVn&UhheV&{~2te^55M+*`;^`X4Br%LYo9 z5>d$^n|6b-P-w?ItzkfAZ~52A@p9cW zxGnfjaSaQeXg=B$+}ovLQX=e;X^;zjKyvKt-+IgXxjTdZa?mCk{-t{UPa%`7WA?vP zNxy&m9|QCh0&vddH8nt0^#ItHGTm%bIjzZ$ud1qRd?Ul+Au`+LUmP|_XK)dt=;+^J zoS@s@R4x9Vbu~B)u@O|sW{rhtv;z*@q-{ZWCjmB(1fmrA%wMyet&=t^U1jjzWP$oQ zZ~DAP02q;qy8~g;-K#W;w$YDOv#EBTxyL*yt^mA05muc|rxx!4#^Sz6U0YZg#|bqr zT+`hyg(cu>7;b)xFLb|8ZomX*ch({QO74d#*L9-YR{Yq)nTf1fDrMx#BT_%Ly3Z(h%vl$Tg1nPnvor? z(Br!6J`Dw);4}MOc37ABvgpp>(mrge#v8|<8K&9(h-e_Cp-Oi^0dN&OSq3y~#bc}4 z!qXSJxm%m+s}Qxc3udk8TQM-{*62>A1;^-ll&+lh>v&Z6v61Xt{-NnU z+Nu&v1q1rdm1n)Qz9!)s8#i~_$f}ztOKZNcxpzV4WscN_3S=4QJLL*!h|z=jGl%MQ zh*sioGUA+iC(o;)4$jjJ{^=*Py{YfA!Evs_iLqz!-w!k=3+TwnDJ!lMdYZWjOYG4u zuh@L)b|#F&cBQQSY@uuIH2fX9E^C$4SSs@zf-ZXIRdA1>2wI{a+&VK~6kWk99Pt7q z01cfNNncJa(2(Fg{({l6j*+gr$04JVpOzC zluY zRcPu2$pOm{d%45clMlFpC#Jg16&tg19#A<~R92HrO|CrA<4pI_*yD)H?FvW%`ceTd z=kJ^0MW|y$?R+oKDGu7N>MGwBoF>Wc_DE|cSSsyaa|qFuv|d|C7N89W!rF&8FnrIS zHUzR9L*|c-c>jcP6kY2+_W8FiEiCt^HgH!%zh|AEklp1G2aA)Zu6N?7!u&GIrN9Oj zfM;D}dVQ0PLukK@qjv`@C*P3v11*oB*BoV&8*t}1%dv$g7?m@9QIDYfxcBq07XdT1 z^`y}1&RyGajknI-fSWde)jFGeeQ(d$4&yZuR;zoUb7dcEav{Yy!9KE`$5sbE_Ng|7 z|IeQuoCR``a^d#W6RYL9;BdR-$UVVY94u3W8;T)NxQ`JTgdh59Lzy-lCrXdeVCdY+5f|nTBXdLJA_>I_Z zkLeOdQ6~6~Wfql83{tk166Q$mH_!nvtep*P<#0&JEt?jCQALmEC_z>7YcP0TaLF)!M5k z&AP75H5`)|c)T^qC_pwwz1j0^#W&&BulmRXyIMjZSz0nGHa$R8)>>AUZ^9RsozRJ! z6fe0D4RJL}8&5EZaXB}pO{Vo>CnS>(@o1g~&O!YC&e{cP+fGuvf!iTxz-g9;+*547 zoA&rYer}_lT#XhHKmE8ec%)mm#!^2u@=GOgAsSKSRzg zRe(J2m>}O7`_ZS-J)!(HKb%Vse!Ywnc#|L*bC)R+iMGN7XU2 zP}4EmcROfKq_9*8>Vkxv=&0u0ngZX$al!(SZnNAKfTB1;(jQw`v)~cMB{uo^P6H=M z-~QA-pGKc_6uUU`hv!&dQ*ahI9sky!Ix-8`gRs@ThpEk5p6O?aBBheX7}zS{>kT|Z z7!I)gRYX27duRD*)TN4E5}7IRh8>9Hs@Dc4h)AVWj?l6h`pZuZUD)wGUCxeN>wiv@ zfgFpvbZ|UuzNaV5_w{F+<4e4#GL2(ajjN@sPAjun&sr$dv5BTIL>5vLh4dm2x6DhP zO^o67hO`gt+xu-uLl-UxKlb&@#}@dbUoR-~459eAm77Pe4SZUj#+bwZfaW`fR)=Az z1E!>gU!$H$0(`V$##2YxL&;vnoj(KWsw!&$fXjP`&pEWVsq9e?WjL#yr}~@SfhDV> z0ODeI7z`YcX@^!lOX|Z_iP|8#9Td6H6>YC0yc&DtZoYsb@eb;afMqnQOQT+Tq87={ z*qHX5r+M0;0LxL;mVVAhc_&meeF&b^cgKZe33F@Bu)Vsf#DuPWX5t^+TO*k9Y3#yu za3cDCX)tI#x)7%8IVAMDOIK!p@{(u0S$V^Rce*_PG9K0su^_(+5V079?dEw{)u=cZ zkr)|saLMW?nz7&Dy}u!frD<^)h%xmMkKqqmO@9j2%xS`i50f>d9Yr?|8?<4 zYQ>K@Pikn!&`2wBW~ZrYy#*v`=hLR*aZj>=E~D+sflh-$B-k4N^LQm=f2y@Ax-tA{ zeP{7yxda|@f4%NoI0}oQ7T(T$lt-mfj8iQyDL9h6(9Ycf%7s7g{A_Ey#ZG^L_vs!; z&~Yq`^dV1@6Jk>F$^KjCqcE@8V0mFP+ap$26D&ZLWI%yro za$h#t)EV;AtnzWLzjVSHQnb;YPr1;%d-c<}Q0=oGz^_|+6?(VRvv8SFMgB>QZX&GS zS!|f1=MYIoCq49pjc1KztEKd3@2P{ z`uz@xu7+g(=!pd3rAmG!BwgTYv2Oa|Rtde!Y7M6=J;r$+%KJ|fEkvK*JT-PtIEn)S z!q|UYA@V8g5^h9k%3`aW>`wD)AZXi=<{Lks9gJuUOlseU@s6@WRP`2(%hf|ImH zJyh9Cw+UZl_nakn8-k?ueg^#Bk7C%dz`CXPU)?%=n_=I3vgxL}=4jCZ(e9T$rMh9p z1X7&q4IHRNA>%39`TCr4QCq-4Yo$_sA|d;_ia;esVKiR?wMY{rBSe4=nV13H6F%Ey zo(n6SaE0io73BAM-&Gh=?Q%YoM6j== zU!Pf>wDSD}8ugIxCe*b&sjFg2(!7LL+M!@fOydzZ)f*C zMvCvtdTRSX62}}Is%3nES{~@ZE>4!y{BOFhJ3~Up=aLreV`ojx33w+F+`BmW$^JtG zJ(HLK?1x@8A0{~k4W1*rA9lHzAWw$uf+{;r%hL?x1YX5GZgmz;s5^jfo3i%xg2EF6 zZ5fHh-fK^02GO$_|ydoM+@wCUAo#Zs+?04wFW-9W7sus+tf;^4(_l z10!$|Tr)M(W!MT)^&_Wx+j+!A{913M{@VL&fRWhXAS`=q#V2aFV41um>_&pV!7=qq z49ldZ=C1o_zwf==@9!!i8^a~;tlW9$Wpgyp0KuUV3RjNl3zvSM9Pnwj$I6*rC!`e6 z^~5e_N_r4!2!KWT#MA1I@-y}f#b$DPEx;9^9$QY@+8{hWfAw~5j)4*CaFcGq0G_!7 ze(BiK*Gj&iQfO3go(#)G(4Zf!uQ-+3>6E?VN~c%iCT5JjSCUpO& zW%SexYDiH?acICB-H~r~Y$F%hzXnX#t#{XGih#^ml45f=(1Xx6-@T%w~ z3p`t@eQ#*jcr)JICiAZ{X*mXeJa?S(ZC)kXagEA8|FH<1%f*Mn6`z_tV)`vVQk(X1 z9K+KBRE99z^bE;2P%z>ht;J+|AL6ttzSH0T%Q)|tu6H<(Ghak94|9vVnwst8(WB(58p zYeNqoD}LtC8s~JBr;ItawB*>zyn8MT88-NHDa4pr+?~&8!>X}dTk(YVJlyDMwX2Qip=J^?K#e4}8#l~6P z)8DMDu(&6#o#$)(;sC03s_T?(GpU<8Et}JeoyWy|o0NwRc60xLx4=I?sIsp}+e_yp zYLG97d`cFptd5ZL3BZdT*)Q9U!!yt1OQkmjk6_+w>!%;(34BF)4UOssQW+M*hk1W4 zzCF$Nyh}{-9=b<68gCQ3(tPi*{$E>*ubI$aR%mgtRLP#>`}YD|>jG2#WN*xMYJKsW z){@br+701SS+iI61A56Z@_>M%H0{UtSUoB%s;ehkA^fgO{C%N7JhLaw|5Tkbc<>uT zQr##MCyVafh1(DPX(&DV_C6{l4Gc9!<<11GJ)s$*N~qPd11jQ+lhYV!i0jLtH6ZZw ze1TN(^TKSI=hyLjro=yig)hKK+sdnAJg1im(#>&{%hp2&Y#)QO-yyr)g+-*sMq0$r zMZW6;590f(0&Twwh)`W2=41y#{ZvjUjey&KrQ4-Rl=iyx6+oqDmf|DI8@MYLJv z7sYR}`RKPdaXW%^er&92-I3Aj21$6X8?z4_UJkLM-eG*p%9HN}Xqu;{Pjri-hq~CM zWfA|rxDtA1*IBNP(~gw%M6T=1)lU|WS<07SD2C!KYD|-lql}Pv-_{aqwtT#1fKq%@ zHfpL6fHV0n04%O#*pDh1N7`~^7T>QNS+&hna*1t8ja zc6=8~ZNFtnz43koe--C$M?If^_cXl*8+hqs&ezOEkT z4K?2@bx=b8r`XxkKfHM&LSr$HX`O>Tap0Mp&I!e+eFWHUUQ?&HMdF|3Gk0O+bD&oF zsY$JvtC##Uv_zuu(&f)rFps$#gPQqp1PtP9o zp!hVS<=IN?xFdJ*fklS~&3WnX2Wl_qT7Lu(qd()%6P~mFKjz*$sHy#H_{EAI1ni)c z;ISYg9fGtVc0h=V0)_x`kP<>@p$LQ`hKtd6LL)PwP%4fN|2SsM7yG?bVKhdt6=HsB;@|0s; z5hWS(d~;*05zrZILp0ZdPHNK_i`#xThQHU9S`Gu=WV&m~W0NEe?2roHIuM9je~U;T z0{3YT=t&p~yeo^x0|is>T)0vFNkA_I%_X!#CB50&UXt z;j_kKlqQTp8l(WqN|}j|$c)w3@3jJDYm(=S)e{GUMUgCj11k`@JjH>^;DX#!#T0@r01~Fl zIM{|C?1L(TUsZfay3e`vBWOk=U`;(kf4XbaOe)`gVtG#&!ZkIXL>oIY8RWRMQIe4B zGmWzLiyYdVK!xK*P0(Gc0sktNX^SYgKD~P2VLzj9hy@pMRo!A+loBexvp0tC5C*QehF2f%f zR^~!+TIW_yu1mY-DSoY!`yzYO46L7*zhnyOKZf@l!7OaJZPw=?05_Ty_7IE#>)m_T zO0er_1bfIIj*ZFfI<;(e0(HV``5DfL*DIwqnmwmwqa$*!z3;$GekL;cF~L)>P}pcP zU6lQ~=o+l=lLR9T{=+p5;i1cv@Q5=FG+P#Wo}>J-oQ7!gFK(Zbt&a`4)EK|CBpT;m zr>P*IZ}q_uM^8`~AV$29ZZIErH_g?MuS}}UDe@xeg$}KvTxhP- z1{TT*R4cP*W)sUnx*Fs(hiP4F(aib4c920xym`+F{ou?Clz^SqNQ@N2m8sg zjOXn$)3e-O`grgzEkC&smxy{anc$A}KR{c(2}9qIi{h~S zH^nWOqDow>-j_*BI&~?(8!$V0pecDKo5O9{p1pFVV%L4pnuw4bRzaya zc_CRo-IzWHa8_SE#zLNWpq{AotbHgSe|YhN)#wN33A2gRHa(?G>I!Eic(CRb!uax5J)?2pp9M)`5m>)968wYnsSMs?MGY@}Gi52S#H-#E~ zx5#J8d3(EXJk@Y0YV|~rTNkk{irDF747!Y+JXOKFcp{tunKsd!8nUc%cTW|%!L6a{ z4_RJSA2p%6eGQVO4##E9UmvBUGB9JV|j)aGV<&{;@1i<>$ z?Iz$Rylq)cFSYn~CqVO26mSd2r7^n>Fd<*8avDh^y297|TFUsdQkGY}oizn2Uv3+q z$$j!3&b#vTKuB874!6V&XYPkNkLyoQfkB~rmM_A~J$R=!?Cv(LJI^;tIq7YQ0EWQ| ziBPM*0kict$Ag!4>xr$Fe&zkz&!Mf?A2An(7%@Be8CpEa4m4w=5_`Wfac zw(`?)JUTyPiwePHLZaRCZ?5jt{5I2AtkI~=<9GJeA7rF~#V58Se|ZB*^kr8MvV*+8 z?p}LpYV&)K8RAL-DylU2`=y^59UW-b+o`ES-G5AtrLsw)YEb>{T*0|R+Xnq_5-T!( ze+j^=MQi=W${o`Y9wb)VlVvX#tw2DS&y5vQE!P5*-HNWKQqkYNttTrIhxaS3v z)dtN#H)(isG5jI;Uy7n7{)+P2}^hz>SF?F4qJGh_*cl_VoYhtzPx3r%T_S zky$=rg8x+3Qf=|2Dh1n#sFDuvbgDZ1a)r?ILf{0P+C@Z5D> zKVwJ{SZx0Mp8ljwey!1wNfc561<^yHh&lab&j(%wrGb#WA5<47$g)1IJ}u5Bqqfc_ zo#W6gl2N%G+&vWy12&O00SAKwl8DtalIKh5;EoR*@oZecsyBD;_+%UlNR;H8IbqJ!HS#|@-ruFi^Bv+S{r z>S|kxIz&lPozgp%W=#EHg8f{9(hGpI$A(kl_c6#x3QRD`)zAvrR*cJcU&f(x?ev@_ zh3v4$_e`^zpI^d{6NB#$;u!GmA9D7aS;t@m*}R~o8h7NM_D(MG)sY6Z3(?^uaCtNC zb3qaxO@^^aHwvIP0XL*T_jO*$s`WduCu)2Z)Wcdpu_27 zWMSzKZ>E8XV%b@FagXO z%_v`Cxfo6UXCnmDa1CymJ=`mLQ$I2kcC9ym)PekXL8zO{lc&79UfhqIqnLf)$>C=EUT6FalN~ z17HgmG@cgR4^i09Ad|)H25LCD)4K0xZlDyM7ZXZ9uq-)1Nsd6*pnz0Q2e8L@S>_)5 zdOyhuVyaIy={*^Xq^VVE7zJqq;S>U)Z>O%d*eC@X!yiV2L(78S{As(}w8iA0&!*pI z|0?xqV5=h_V^G-T)>V*K53 zKIQg!VAj06o;ZTn>M2SwOdAMKYaMQo*9$f%Mj(Yz5WvmiOi8$fd`W=n4zWli^tB&m zfjF2z8-;bGrmrU3Fy8;|4E`)xlUyazrus)G(Zz)m#UXx8>Vlw9DPH+pZy{#D-y0Ux z{6Lby``i%qDIc`Gg|^$4Z%W(mWHN9LUtb}2@y>QlR86PnC@AITy5cDQC!JE=@V)_rE_-wND_^NYZ+E z4X>c_wxoxr;r*1k?DOTMtY8!{2bf_T;mBTDcIiRMO8b#+Pxq4PlX|blX-KBxrzg@6 z{F+#5-=)PE_iiv}h^o_`!?dy>z2wtUI*xi8oG0Z{-4u`bHPZ5D&e% zodvCYdnTgM9K6pC)D1wjwZ6y!NwtD9=pzaV$lz}W@V)Z_u;4FCN|Roq_Z5T2KfgMM zWe{`45b2CJr$M7bx-$Ef4jTLTD1}~_K1LafAC+E>TStnz%-BJ0<^LT1G!iYRwH0?t zQPj>fang}G9(Gs`1(}i5saGtWc~4pK`Q0`A54~f+8rNdO)GK{XZQ&Pd82M{NA5%9R zWpbLzbq=R(ex2of4G^Ad`ObH04}7BC)s-`V|8OPf_8QqBi(li!hN_LRs;vZBOXbs8 z+ar-$*s)ZX&B^C{_iBu~1E*cq)m_KjYg!k?yi_S1vO!Xz&g)LDKAs%)*WGQ;lvaBR zga?jeg7n6~zG#SAh*tnJfLApm>0VHxPp$sZetc{2FWSBd?v+$Dp#RT3l*O0l4W49Y z^kA*V0I3vsDNktB5n}Vid_v9-rC5bD2`YE1MHHWXx`o@YM+v{9&oC!$tY^?GSPMaW z9NQ}G`a~wuTfNjrWqPS@h2S44`idsd+Wn|+cr&S@zcA-;_Qkqld7RrJwuxE=G5(u8 zL`U;OtD$W-x4`pKC4n2dD=^mE^B?S*$HY(*Cd0#3?Mm~JNuf3cStD1&f?^lwt_O87 zOROVXgSrW45ho`dD>5{H$Hs=NM6G?XEgJGu@Zu-*1>dq2uL2*G){RPf6Pkxp2dv#+ zY1wNxPx6Q_o;2lggpHn&#_Zt%gNDSsKbznB@6b%1TXzRQpQGA2sb~#7ltPqTdw%*E zULa(sKYw_TwzU3w`H^7(blEjr0gZp4xHVAq8~x?@)@WH3$(Sqa24R2U4cK%gWrO#s z^QRJJUs7)Kb(t!!yQ4i{ZL2{CXYzVycj6NpSl&&>!QZ?@Tv8hLuxssGcbP!@ zy+m6#pKLz;q$guJ^R{^D;L%I^2b||iTL#0&5@^AH(=iqFVA+sG0|I3)jfT0xvb$aQ zY7MBm?rErq&7jG=vuE)*^I-mt@O75KMW zZs2v|XzH6EE+cM>h|}K=WH43nR?L8QZQy{%$RF;f&2VOZTYT@5(UR-q-39(J0YXVU zTP)>Vk;8hBOW6^ehziH&$e04B)#CC2vvL3WF?LKM!z{kb2654Iec$v4A2+Mq`U8Ak z-e$3GOpW&KAlI$o=%>{UtOn+MG7mS{^vNq1Wld$!nukWU?{l(UBphh+1sxh`>d)Od z&sTj(R!@TaWMR2WzAc?71hYPYaDUljfRt2?R7~NR20dP5686uFPflR(2Y@E;*0{gm zsTIGPaNi<&dHQFU9?4Td-kX#~&sGGOL2g0z0SZ7pV(RlO$g;WwcrNN@B=5 zUk_EAC1iG@Yh2mhjURZAB+Sb{w*7`Vr7kM1v6MC;+;A;Gd{(n()uen$;DVHE`VNc%xvK{o@v(xQ)P7SqHYQvGqIE ztOs0XYU#N}GlX7zG{52VqOZO3(N4c~yuD-&jA7EdHHa=l~|7X!bzCewHh2bW8mb~Zk1%IE4#p4QmXGXyNtsd5UrI3fK zu_#apn!?lIPn810PgzmD?Qp!FV}7#fbThG6n+;ne5#6)Lxj4=bl34Uwg-?p@-#x~c zLK5y_XL|RZX2C_V!wnNd=aT7V$Y|lCeQSoR+}TZc=KbFek4D75CR zQSHZsy8$+)?MYq^#&q$w+dJk)mpI_62${x6Q~16!VO z$TxK=je%G(Ax;Vqv$%csaCHQ&zY>jTy!tm|)zQ4x)5uFyGB-V_a7o~#lpnV+eLlnO z8!2N`QcHg#56g&)K?%nD^0jkj2SelAUgg0gEUkDdUZAatsXj0N-Ry+=!*UPWWyhM0 zahU^EZHO;LrMOC$)|-F|xti}ItTHO^!s|L~t25)m7vHp}H`nL|@cQisU-wX+A@K_7 z90IQfhS?FynBoNq-UF?_r%C+Pw z>ag|^m}h*zJy8IwMKCXy&n%FbUd16Fe3oOp+>+bCATgSXNl?Ics8-+KgT)t=MBYiv zwEdimyuUQb&8jDfFEV}fZr@QoA}~=kkzc{DLP9Bm$3T}Z=>M&*H!J+5rQrveZ5DXR zhkhP#YC=xY@e##g!9B)eH)0h=VS>?2^Ows@Qd+ zP~pxO_xoE>U=?F^73tnv$rMY-aMfTC6VFLA&feY&Gf$MIMP|qcIOq+Z;?)6>7+j}Z zF;#)SzaJvfQY{r?mwuGl%6ga*uQ8IM#IlPPV=!Xd0{--@gDB>UCjQqsSm9rwYxXeR z?5xJKKEs?@VG76sz3(+Imfw@gNSzTCu3t+hpCGx|giI#}Nt7E;>auE!FCs`}zZ>h% zJqxnibOy{hG&csg8?U1`4aO2A-Ger=)0w$txRn{cw1z`*p}Z zkqD(Sn5%!Er|82}H2k5es2#<`_FZfKl7OX-n>X>PDrnetTrhRA36ZN{#ryhRZ-D5G zK-#|eD=MfE!2xu;zS4KrR|Dw3oyNQ&>;Yet!?NnNm}N6LE(k9aw;3hl3fN+6d^#7S zktnNL;(0S^zd>O>#=^?jHK++V`Du?+*=ybe!2A@BLp|yPjA9oGHU{CDcm<*vLb!vB z_RIWhHZ2XaWK=H6yaDC z#F?|fnD%KP5xpR3?TQJk1?JC2KPwfdHMyTx+{)5FmIRm2Snl5}=kJ~_{CAbBg#<8B zrrF}|X&7~M?S1f7m~CYT)_i-Qdj_HkPye77jz2v==9UvRFRC*iZs;97E5nN3Gd>e^ zDuFUKDt%9tj+fGeF&-I1>IsvgDrti6drPB4jkSnnz({irN%Uz0`$b3D@S4H>wC2Tc zFCJv~=r_|ea{Mw&F!iYEtoD|eQm_>*^S*+K=SE4(vr((&#j`-{1TK(%*90>Bl@@1Q zEQ<@Ov5<&NL!Sh5DH_vtN_AUGAy}Fg^LS(0kI97M_>q;{%;7w&vy$7u*sd;bc-e8b_`}9{ev7EAM zd;Ij+I%z-$6+$c)j)M=mMenm$s60o+>z!&i{+Q9cl-R?T0uBlkw={5{YDfTsO!w0R zqfv!zE#$OrvBcMd95AGa;!-;YcGxH+fEm5Z4;_4|htY1~!}q+X*=Sx!$T2PS=a zL(8-J9oO}!+fY(q>_O?gD`}Wdf>{fv$-HF&EWsim6oJ@tU#(m2+7x?X~x5D{qTrg3f11mrOO0VSLsA?>jI83#YFCAr1eozJYqv)}ohSJ|_KA zl_F??f}k1iZ4!eo>b@U$Zn08YteSB}qS7u|2T6;ySmkXX?H5KZIa}9m>PzIVPO#u1 zCzr3>Ji5MOe@C;oYDk%V<9$@_kdJzPLYEuLT0$_KVF}nhhz6!8NmmDs#cxTE!z(5j zam96D>$WkXByY55(PSJlf2aCeP#8SE2odh-a90q(jXH-ns>7?tq*1&0L6E zkTmLq>~rrd0;gsw4zBZJj04qXFj#7?aHnP~f8qVb^K$v|U{x5cszOu)0i)!Nx09IO z)8i@Xr1<)Sw;VVRHH|q$ZtaS8a3`*Pic{TL>!+B|M)ShaHs_`v#392YJ2nWqpl2#~ z6qx?ys<+B>(%URf=-8dm7?nAT3yB*7D+jP+NP}e#>5OszN02&n?OE(p-`!5^@oj-s z6QSA2xZ1RD8R|~GdKVMEwas6^4u8Ef>i&t+gklPPU5Mz+@C~*UYIgv1)XnG<%c1gc zGfH~Q1op=u!>JlfB^mfZgq0YMl<=-X;Ur8BxGyfovlR+)J>jm`9L>R4S=Au|=&`fw z{Rwnc!FhxQ!g1U?4dZo#pu>Pz)4FCQ8-lMX-RYdTKN>Ka!7S{dZDx2!CeiO2DqyV{ zFiAl(2oJ*n==zt*sc+L)ZF9krzGNdCu;46m+|yMjm6vE>62Cnw~ho%aN)h!tt4fUJ3K4ar(14ll_Lx8eC?iLXM!(N9!t6L z$?qTJU#RV0Fu|>`sGaWD-(Eu74JsQHcA$BOvQ4{t zoHCoXQ8%j0`pvbPlp54ulR=GJ${n<-ZWDX665X z`#nBZ)~@lE7uNaQh2ekDgqMG8=b){urvYY3&EunN*oxK$cfk{LsO#$!-RB#qI;?aA z`mNvctnaEaYK`w(BNn}#X!?uUHH;_mA4Tie*JC036z#pX(%iHyBV&-B%L~#A?N#I* z06ybaa^MXBQYFwmwVg}nA+m(|u$kCZy5kl4;GOsz+WCo+DZicJe#B+D3m^FS4H6Q{DXSB+7nZ3R=U`^@Y{Zm?h!J{b6!2HB-=EPb z^3jWBXeD=*lttLzbtW9*uONHq`D+Ej-=S?|^l$~hZ$iB3%xQ^Q2DeAwMPN=&d`Rj< zj4;eSr3!>MIpW*kxhkojGGoP0k`Vr}`eXjND03gRQ~SdnbX9`)dL1ycI1+n^;C?JD z?XI$4GwZ5pwJqJ}&(7qXx#3}*fgU`Zsv|0M`U3|Q?lJQhTIWEdkV9)ofZg4}Vo7CL zv%skEBrS_UT^G3M?Nnp`Tz=$vt5>H0^Wa?@Y@0o5fMJfOTKG1-c_Eceui@X}&|lj& z0tqFdoEE_0_Qv?A$L+Ag)o-@jq@YZd7w$H4m2!Dnrd*O5+-5hFqRj0HAqzTg8{ku( zqzXT!twyQ?IJ%7)f1bn+@cASfIV!yX_3G(D@c2wFM~o zw@~S2D48e?IgtL|?`X54(nnhg3D?u&85oy|ccq8cgA6Ns&>FJO)({N+Wvb60|Hy=V zQO?}aGKVfHfX4H2dRvgZ`5txvt$cdlHK#E64fm6vi$HeDRP`Z{@?X@RUD^s$M3)_u zB!M!anxhO^Sz+bmoo;rq@=BohKx9}pIsatNfz=*C-eiC#h*A?V>d4;$PPhWf>w)62 z#!=!r<1#2+@YL`iylD51CQKmn6FE=jEU7Zy-p^`-AZ)bhqma=uBtE?mTNPg&d#xAsY@_Ew)GB5b#=tt>0`5o70{Gh zUGh=8Y&%=46-cajE8c*(3B$+GiDBnrZ@po+6bw@17J%wE<*+ahbL5@d_u6D9 zE1_G7lFjq>CH#3lxJM8-pyL)P|h3`GyEVb*oL^!Rw zJ`Ix-lJ7P8HLu)d*=(4^=EYDKJAKrU6Z3wywjrA}!WRql&8Op!0Jx%UK*4Z0V2KV* z6Y|O!4?FcXOWm&I%*I~{G=X-nPP*i!{o#WeOWFzsB=skWZF?Ljq!ipvPmX}K!nbn; zi7Gv4x55N4-HBIvW!6ngQLw|9@~t1Pc;xbtPT^ev_=|Sw%rfI0CAUM191ajGi0XR> zN^jRj7}PH?h}BfaUOb!~(lx>6CD;FjM=RP|;*%Dy{JwbI)KYfhiIJL!k-Zw-kJ7g= zMtJrYCBngrZUhFMWXhpVqx#R}sz!d1wOEc#&!=j!j`%HcmnyHjo|w}0q#syYfya1A zDoi`JECw7%nLC2IQZtUr&U_iOSLjC<(0ZWa{m&Y)XFNER zV{NjYeD%G5z;=F*gF$jRtjWn3_O1_FcC#1%2#z_WMUR#c3)Q2a-KfM_iC+`i6>%z= zHIScHs%9&zMq}GY_@Z~zbVwSmy{#2?t)6ONkJ_?9$R*SVxSyPD-`;B9BE$B(-@_A( zm32@J_uVBd6|o(|R8nWOiIWtDYb^?6A|5zh@Aoot5PuED&wSO2;&m>)*3nPVBt^OE zVQeq*S9LqLe6eF`9SvK*XJmho)y~iJ9Fo9Gg{xDB->Dl8*Mx|zembAH{a&uzRv1Fl zM5i(z0MY<@QX;2&ubjeGBIJhN6YB#M^}S`s*`Y;3vEw}7r|B}?W}@(N->~4-@7^4pL$Pj(+H%US#bk#dpGnge`8$b`I z`NDc1-X&$+J8=Wp2!U-25!EcOnN9^YslWBV+jhhDhcfRT0-z%f0D1|ywx5CY_+2Mg*j?U{B!9YXHB{8WTD$92T>lIewR#LgS=4k zi3Jw0=;J)@zT&Vh>bfDLxKg;d#0HEi$RL*5wU4ZtluB1b>Lb<{l5me7OWgAE;l5s~ zc8?!VGnUF*(sI9Wadbs@YZ|_9HN*}K{_d5(*gIx_%U*qqp^KoyYVPAgDD{g$BQ5ug z(q!F)i}y1w|7WpZt~}qZT2~dbnJIMtJY`|8u~E*O7ddCYC3-!Lz5V8NhmPN%`lB96 zxK=#A2&JFyhm@#bnYl1w$_;1xhK()|7AlozD}Sq~hA8Z2#Hq(I`c#YzKEkvpoaEIv zwZffS_^9}Wnx)}te_JXAe^w70s$zsXXcVJBZ;NCbJ<^=kBnNb>I$=Kc333D5&F{Gq zcJObFb4QrxO+ib8>s#m(;hv9p!fmW(pHa9vY3xY!*H|Pk#~L|tuWn;hF*ZC(C-NwmqPwDJ^@E)3CafzhP@AGXXXTr5yChp~KzMedS z8%>0e|MQ;i{wx?czaw28VA|OO({$#XjMvt}%)HW`i>P442_#(VH@e91F_%e~FcZ7k z&k3Fo+QEc^Jp)Dt*~du`qVEr~tfb)5i^pt2Q|XSPhv!~q?IuwO?TABlqk0oX1D53u zHo@1lOvPxjn{LaqI-GWcuS2E0xtg&fY`Y$&N#WJ^K(}Md!KReCql>xxT12gLo#kXw zFe*yNjcxRn47kbp+N}Urpx+nTjCYiLHgHlk#66@QHPB}`AJdjJK}`U?;FPi$Z3&+% z$~S6TTcWTX0ebITBkE7Sh8E0d@m2ydXZAM+9A@cb?OT=xhU*V3aeXD9jh;!%x3hYI zgu^VZL#kC=s=?6t!dzqirb@a@uw-SAlW#_J|LV0-T-|oXmlgiD?Mhv3$1`}hozJ?Y zDg)51?F?jrY*-Q+=s8-U%4#iY;QkpmVyM zRhsnBJ-ciVJ170iM26ZTnQnN=_BGTk5(bE;nqEpSY&*8HZ4_5;vn`ZJ+b1|@R`_rH z%TD4lU;`18lWWT}kNy;Yyqcyd^~ujI?~`}3NMysvK9Voa;{9&1a^M4Js#p$un{mk1ByS-*`YfIWb0II**s>SAM*%iGjl!P3c%>Ip;ae%`CEOl08wJ) z*!Cg;?Dr+MuQc3sQ!aCq)&f%3=zhx@k7nFwkcGjvfggFcpu|Vv05IyC#rEk_K;X`7 z17fs)Seb8<<6E-Qv#W#Eb8}YWAaOVn`10fQKNsx_pK0I=`mmwFXY{8~jMM9dKVeM` zqJTH~pU?jcBK-Bm|KLaed&7T=Qe4c|1kFefnS!>dqFmmzx02*9vL}Pg1W>XqgtOn=gMLzLh7Yd~BY7ipRXvNdXFv^s0s57nmr-Fq zQ`A|If9(tc0<(2#z<;%ESbrY=ZFJGydsDg(Gy7{0x1SAv1rS9&Mn^_h0Ax}a(@(UW zz9HF%`86cl7la!6@EZ55$m(I;lp72@wiW=)Lo+tzCzez{k#IVwE;eE_g zu@y}0a@vgAeJbYWDUSwVVbMObMtBqQ%=JZc#0IKf*vmoCqqal)o|VuqqEM*udpAfG zRL{G<$aYP`4z5p|Exy{Xc$xZs7hgdxTgVt-8TTqZbfsit}H~X?GQD^?9m#6Qnew5+;!H@UW zfqHKFfyw3(iFSA0oW-{P%%z8dB0yku59Z168xcwXjnehZm@^mz(>$C*enE?RmJ}6w zuYZHCnn_&0rTM>BZK(X+e#|WQ8+U^d9T1Bpzql8~Weq=BfpwNbhO>toUv>g)d*L&P5dD6uuhS;H+>ct&MP-pH~-M~n%m zGyQTu`L}-zWx!)B-qr9Ax}W(XW>`I}a8PrPtBl?t=Eqh-1VH|m{o%go21#kCHjy}m zHSr<4b^>xyhKPw^(kHt4t^br$dsMW_x_aVeMW zYsz%eUx$rtwj_1&pS7?ErvhH>S>7qA|_I2(XZUpUJ zq1T&&KIMfHS4+ol9WJ&2s2?rw-ef!m5HN?_@{0G57m|1ub5z-2suOO}OkThZU<>|w z&Wb6Je@UA!2)*=XQ)Pp>j&HiKqQ7No@MI==t>^E<9mxQkQVY9GMX#P|l>w|#E3eX=iiQ13$~q|@P5P$mR242=;D`RpwaI=wB| zfEes2(|YwLNCM`U`BWe{22U15gpX)zfgl6dQTL9VN zp`LyKKro+q;|&D;VBPcAesGoY+1VkQ_=P`(1wuR5|9s&ew4p6!V>_@KxOLQZU-{fG z7}snO(H)|j8E#^D*^q$&QsO#VHrMs^Leh|{QIWO!n+$;W(?ZTap0uzjMY8>R{{lN5)ne94#Ekt#b7mUaQIZw3E9)G z!S5FHbt(|+tnlGG1-Vq9xUyU&q;rY6?|+Hr8+2Bq#cQ=W0~Q(ZnbI=Q z{>%#R3Qd@LA+DtziQM8 zeDnLk#FQBDlv4m8;0Q))Yo>o(SH;>4(&}hvpGG72wdJa8gN5bey>`@;)HU&Tyh$FE z6sCVPZo}37>f1^XusAy!P~Ey4%PHg+-`rb$K6|HPzJoHNhv$&`4`YQQ4O=v}8+5M* z-ajY{$_q#nepRs{@D0Xad_{o&f<~=OuWEv(ZZv8+L$-^06a&vJTdy`>K|G7|Xu2GK z?lyf*ZtwB~(TDo9>J-{| zMiy)e4me#n%qi-LB z$cX~ysQ|V)mbNKMJ;dRDTuZj_{2WloQh5D&u1YYKLSR#g;fw!N)Kp#o;38_@F7oe( zhTL@h&YND)wdDnZL6Miv%RUsGR7c!T7qv^rV}$uf_k=S2T7d>Y=p_$--93ve0CJSevGFLSMndd)c>Jtt+VmCDM=kTAwSQ93&@mWO@D0ErJej&2Hi3H zzk>)!cKZdW-TWzfep1;p6#hx@m{>h0Dvza)dTK3?u53FpY+o5yTD@wq@5=*dTX!$f zDLIWxzH4%$HNCiA!RZts<>2piV<%^rKWF<^ALdR~h>51uMJ+<@i%ROv@eE`mtBG5d zJBaszr>m?3V4_4E;kG^^>knPl&IA99jCelq9u$0V#Wp{tYhn+-X}I?~p)uDca(Eje z)QOs%Tcxav(5+U-nznhk{)JF=MF^1U620U+-eMa#do$iqbfmAkS>|=#Al?(c<~!qV zKU8Pqq-m>f(~jI4qy~Ct2~SFAwXwIBweZtK6r9Qi7?+LFR zxm>SO@{8t=Oy~obO63$MaK=pd=(biF2xygGU^{)xY9X!Y$=X96*I!`)ETa$Z55KA6PZO8q=R2$4mJ@Ny{COL^U99bH-D#0v%;0B zK007=AU7=ronEG=-%H5ezqybzfzsTlf(Y(l``;Hin%L5KA9CcjRP4E4hFjgJ_L(4I zQ@4u?ky4sU5;=|Ts33~4rTqz=E7pH)m}N1oQsxkNeJ`_Fh9+qJQr7C#hg{>Xh+c+D zD^91*-l-k_YW+TpeL6n5NR5B1_$ho8(Knv%uM=vT=;M;TNKm1e#A%Je}yjb^C4zTv?2CQ@N9+q2ylhAOHAZd+zLtmaGF z4cAzdqdN=|POs)CbD`No`nUlfdE`^9{78dR1OJV6(Us&3p*oH!x36DSETDI_r)#9j zB!C4);11-nqf*cSAl^?8=!Ry|a{bSm(jWb5XIbG+!w$|vME1@db|261YwKw1iu!AA zpU%XbCwpJS(0|kkiL@v+2l5IU`b3ZJJfUE4Af)qmOl1K0W%Z|5*?O%9K{bI^szB4t^tC|HrA zhS-3X6sI$(6x~|taDT05oZB^#sgK`mJ^eQXTdnx&8i*L?YkcQU4KRZLe z3=kDU8s=6b{3rHQdYi26ge>p0*0wQ<4^+Xo%8u<6NWFa3)cD|OI*nKQbP?D&a-kIu zkR>@lHxvNF$s0d-S4dZ6DqK3(QyC%@U(>Xb9gg;$S*Wlg+(q{0vcen(`&E5!bk*G_LgP2PJ3xL>Z#KcU zwONLvsJ}Cc77Owq6s@=Lek1#Q;xDyv3I}L2#=)glLPj}o<+s0MMy%UTFK>_k`?D|Q z5&Lf=!p;U(FlnJ#d!Ke*vZEzJ<^9iQ)7#A7 zozSt`i6^dBz^w}13xtDV-@23i5ZSqIX8pFwDvr(m0nvsQ={j`=uvQwetuShrq47y_ zO}WFAYpRe!VNlu_AyvO<&bR)?hkl>>nQvMa95a)kPxg8os{))A=hwC$0^Z(KAyyNA zZHD^lB=OBPqay&!N}N7+WHmEgbjh9X+ggxJki3XMRNgl}IeqCoG4pT1e40b+BI3Wd zHYr<5M`1@}1}vzevH70FSaT!Ms9mSwbReEyjmlGDb?%?EO4qRmAgRa)?;YUzFp4uR zQ(;?5Ip3W&qn|V0OyiGoswz0Drg;m{cK>tkeuK>#r8GBl9F)j;`n9$`5unoiXRzO@ z$=nCV+Qs(fsZ#%22rq*jCXlyCCZ?}w5dJ2|Ub2dmRvZknyEA)}5_dxfSm8c>d(YZw zxu83f>YR86M%zncO{Ld!P}n~ItW1ho5wyK3k@oW5)_TQ9JNOW93(KkL5T*LEA^Wx) z&LC>!J}kPIoFr~f}7NH^jNT8w+ z7<&&X>RV~acyz&ib_UJ!(;2<^A6~MSh~<(+a2I{k_CsQJ+UsV z7%81|cif|y_U**HB?wz1pc5$4m$bT2>|V`3!tyK#{@H=coB%Kg9{V`pbudOpZ?DoD z@+%I&Rh-!4FDbAuTw-Z3oF{5mEA}1e8nEVXNmRJ)|HC=#>>ANZ{F}0WUB*n)sAxz& zBqlrqvhN3hm@qLoZYz}ZPfthRIKkI+8EqpwtK1}SPvrUfu%8DdL>@9p>&ay>Jf4=f z>iT}N=f%*WK?m1S?R|eXPu^#jxFge=qjh9~6Sm*}B?5JA6M=gcKO3%f z-<)aY&26mPHkdw7-wA58SRw=Ymn}=+m#f2Ly(Q+k+n^=H6p-J3%wE>zRcCeg6__Y{ zDM*-wxHsbg2X|q4ef*T>2NmZswt`c(vXZV2yP2C|-QGj*Cr_+XR*$o&0snP&57k#C z;dTiCIhOv(BVMi>z(B+pBg6L^+%Y-4H`VCI2Qze~FWTYDt4TB0a02zk9ngbXIiOf1 zxB{rvc6HR!GsqJ{uu&w7$F8CqNMMYNY20r1QG403@Id6<(0dQD9%>G_ZheWJZ|lCR zytbvPzgrdbf#D9d_9?|YtzWy|+DB}YP!S8DXW{^1t>`>9bJ~HHxg=wLpz zg6YOFP{FRR=2g4@-2Jneco$w{%5bY+h7CqgshBM`+FE;UkROsKHb@l;0i~>@&BJ%@ z$`u=}<6F|J_{yN+g2Bk~!D`Qv&mVR%a%>X=FIZska@2X#$8y`f*>wZW==9~BpySx9 z-@YC8j@*fQjb@&mU?ZI=Qv(7Nmgv(# zu&=TYj<2C#&-#R>=*8Zy;KuL0XKc*`1iB8aZ*Y3c5D*_*JXyhh)5e2qI_y2n8 z5~TvLd{h{0WGqwdJ-%|iqOjX{Xz4-6=Os>?@d2Yp7c}HEZ^t*;Qsh8cJrT9;Ldlu2 zOXY<7{W%G(D`pUM?dLAVO*6<5yYlIouKPBD!r;;EmVKjF1D!?M@4PVo zYUOi_yu?9)VCf?sA2d1X!rI#WM|I~+qD7tYTs=A*Y~Lx{cKVDU&`7&cDN?Ogv$U26$O**o(fS)poXq<2`XLubnRqvn3M zn~j6eEs^CF8^C;VJG=GfYscMdm^sgir;AmJuryz*Xr{07L=sdkS|r65y){;^+A+q} zKQxB5hU-8#oZ6D3*Q!Iv`8Qeh;?$o--9oXWzo(0C#vh&+GFeMJI^ww;<`*!hD=26) z>bDZHV?DM@{(kUN0Qnte1U@)2uiE$=9(qB~FK%shuLb_L@<*b*(=#_k&=tH9?>>o5sv0Q%f{0OEU$!;4K8yCYT~5wV*^r z(;&wXFBl@Xv%&0n&iOHa&X4o`g71O-?6ogzuW!BUdtW$dq?7&=9=cz=VxWTQwM%6|Acy?^;yR zZ94m+A<5S=Mf+3iIo$?Z#86p3jgMoQ_KC3FSC%Y{bIe-v&bratCZB2MdK)Rd@0x45 z$LsPVr}^ZNjLbwT3IbWjWPMe%Xa;#^3Y7gjxE4PWKRBCU^e;?aKHTd|dHf*VW7(b6 z|Lm#n%(V$GN?1)AJlqw_5G7B=I0QdURpixpMlP&Em&Bo{8$CZ61kBKZ3y-MKdI6O3d~pLzJI!r-`wLUi&T|f+9MZ zLhB*1j6+*l#XKkbSks(V#xo-icSpT4X${)2pv=mMP?F}}^x@I{C<0S~OX424Xo4i9 zImRo_CvR7~57fpn&AgN^PjtR~Jt2%b%~z#z8u|6any5IPY|GL1j8t8t+rP*Mda$lK zrnKu6pl5E-v`!k5eQIbZ(ejr%>uQO0$*5bKg=%a!O}>9O@t|8|orz=H%*yughex~| z-+DW;o*=SVkZgx@jmk^6UYR_GsKZhcsnpnu_kswbDx~Gnu*5gDW3Z(k3j!A>l7(_8 zK2@X)=eZR5p0`8fCi$Z1_!V{WB$NyDn~4Wl=|EE-6frtt>j{e9o#nnGlNY(1Qamp5 zT3NK1>TP>fvZ9Qf0W&1uV;}DZ&mq=##iph?605MWcJ_*SGo;p>&OOynW zRM*E0J|W}^0Gr)~t!)S7zT)lQX2>VmmpJMXQ=FL2|H0Q$)yO_>t9l^G?m+TXXmIaTVOBS@= z^#{iTB&4PV| zB8=p$T?qK)bcLLTseoK}ay9-!_rpW`y0Mo|NE{9RIg0jPoQWC7<8EBn?s#dH=2$e~ zPqZv1cvh2}^xXDeA(i98DH>xhEr}p16Y9v*(Hnz($6oj1mn&G&7BQ;mhNs5VU{+ma z@5$4tLE5&5yLctEdhM1^*uaIP`&?5+8yp+OwCJo22f=T1m(o)ETD|6+#a)dvM5h6TkIvn6Es!-%0}{l9pVjFnsHQCEO{@FS3*+{Y zNijH$i^5G=;)m6ljecK%IfjO1+i~ql3K>71glvcl_?C_qF}pG8I3M|Qy|3#`{Pk9{ zT8LQ2U1>O1)gfSKo*K{jFlL-))35MQP8(y@H$xxb0QO?NuhW`#mwV-;l7BjTg0_>% zM+KyH@IXISj~5?Uob~Z!D5kfIJb)i>Go>V0%Re5pfz@Z8Up*^m- zkbRN|UTACBj(8UqZhpO?P+F{Fzq&E*Mk1Qe#vLs(C!lMNm6XfhI;ZZ`ozZPbH$93a zX+ZW=xhkJsy|ZHqp?vG>nN{e!JBzqPIqB^<1M~u3a2NsUNiAprgc)j`&y<8Dzk$xb z#MM+O!xEmfN>}O@`ibm86y`3CBz5_m;+8$T!n3TqlFJ2hk@{(Gks<--wWrJ?41Da0 zwUQ0Y#TsM1`iTqqUUxoghBlx`;T|^xijYPVeTT`N&iDfs;cI5^`OR^{gBJf&BIVWR zs0v{3p9Q4<>sQM^hgyHb6d!vM;LOv>0MXIyw`DhU(c{!>Kb4cC?}`M&N)MPRB$hka zQH!ZobXCM{(whf5%I3!C#V<=?ArXIloF@nUna-VqtER63m@VE99)Oe$~8bcR25iKK8G<``%PkIW2MYV%jD9#4*#F^BO;!${EBz-oPBzyqm(y4fW zdwoq<7Hs+=8YpClXLS{K4T5pdE;Hh!#t8bh6kBNjfVCab`!NuA^2ky9Vs_p7#j6X$fj0 zma&%^b+4r8jR7$V8{4hA#j zw8HGJ6Z8dtoGz(H3E(GDlZPZgC z5FX?JIJ$LWP&snBji8n**glZE%lpx?*`IuF5(xxhb#L9_l`SYEuS@IOdbi#$H?HnP1($j({Vu1 z?Mf)fpWlHPTWfx`igAz`?PoqF$ug?AyxH~OGjrgJ+U@;5$i&Yb{z_4@B~*Z&Vj|LuQy(j~drYD=}2FCv;?4cuCp-Wspn L`+p?=5OL<;rYQll literal 0 HcmV?d00001 diff --git a/windows/deployment/do/images/test-scenarios/Win10/M3-Adv-Complete.png b/windows/deployment/do/images/test-scenarios/Win10/M3-Adv-Complete.png new file mode 100644 index 0000000000000000000000000000000000000000..0fa7cacbb91c7e6d6fb5313c26be7beee2c97898 GIT binary patch literal 107060 zcmaI82Ut@}*ex7I!3NklfD}PRKtQPik^oBYT{=qdNUw4v;WY47olm4@5WRt zU(H!0*;cFFd(c7U)x#~B;R}yZGIcDzi^0z{ zEnsxCU#m{NRG6N5ANY^fOS;5Vx85+(8L5&y#Vmd(E~tu!m$wRRMPye5gM>y4RCPIo zP~HA2fwO^7u2C}cOuYh}_;DLi8e~lA!>`Ms0=rc`-Q+jSm!KS;Gp+MG|M^#Ustf1j z|0Go!p}!LV+79UxzY}&$M`QQvk{-T${@CwC>aFx0k^fA@#kY$&#jh}@O3S^yIkNlO!UbUZMF?q zTxU)(A^-LZU4iYmIrUi^{Szeh#mb!Rj1)2(_$1uj%?X1$})R z^-c@hz~|z~2|nAeO~{kAX}K0BX_g(@PNS9IZfZZ<5uPv0@)5WxJfi6DAN9jb94z3(T41q`Yi`z zl9!Rd{iwwmkdOu&lNNFk3Wsyp!f`^lxAIEf&9F7%L<_QQ&!yH#ZqNA&A!KP!?_|j& z{m+4gaWjR5A#bs)2Q2=ulGp#*Fw^j|G^Thu`2qiDsaf>2M0T^9e-vxdt1#!-qUy3O z>gfnqs!y|V-W$qgC)f4iT{?^tGg3E9^KGo#OBzwhlJ1bh7YjDz$6#`+`Rn6PXSZK~ z5L3b_Ti10VC_i_B;c5;N)z- zgB>LL7$>9m=@Zj#y_`tQ+lD|oftAFX8oz!MwxtfAttk;%#?KOW9(|JufUob>h1CUQcMx6P-oP3NFS z{0-rfu)TWK3^=>#EZ+YLt*@$eAIju(PU#lTYvFL&MUC6|)MK6ddiNZkZb&hrHo<#M zBO_U(OxMQdd6a}k&2Q1_e-Rb+N(_(*Q)96{%bVncc4jbe6Yr|HX)jgmJ|*%whWI`b#L`x#7!zmt0cu+G`kPBR54^4EuWcjbzG^*- zRNS>4sx~YD-CZqY%Aosc&YPJ9f+BI)L0fPAkZRD(HWNUOiq)E$`TONF#~jb(KfDsW zzlwA{s&>Y%jo-r7W3QzZ!DhAz z;tjP{pl8)fU#}!(@ZN?3?>vPQ6kc0h_t5lz2r;N-?0@7Mw=kYVyjd0z6+oy6XOW^= z#Ks(BMC?NzP6>dcKZt7dOyR*-S)e#@d(K0ZzP@gi;GLSt4y`nsl0oSF2cX#Kw_sEv z353rJGCS#EOX%?aIipdvtM7v2AKc70%`~P9)Vh3QCUV(wXB}Myk0+5-d@NGid z8of*(TXwc;fe4Qv1ONP(t3yruXGa3p}vB%v0(Ut!`d1gegpBNe!7wlIQsLX#FXz@DR$qLRF= zwJbvx_IGDB2CrC^4Z3$+^j?{ zS#~z~hL?%!n={cqforfNBH@6M1qJ5`7;B#I#lYQ~3ypBuLh|zF+)i;QQS$5xsqrm! zcCl;99=@%$Ez22fK^@bC+aNd|9E;VjNjv?n@kQ$XWz&1dwhz51>xnCF6JYto0$p_2 zMPM^{Kcj1IKAKvi{#^{RU#5bm3OXEXb?spb+~nI~Ix+*mr!2=ukHVPG4YV$mvmH8t zZrgJ8CAfv7vW86pW=4`a29GxngBrzLBM0F4(p?zUCwu(WB;0uEqcTD zPa>uhO0M^NdSdwXWo_RR$C2_MG& zteg=K67T?GhZ;B4G)eThG-4>RP)Uli6>vfHlh>`vf>$V$e46@ewzj8UpvJ=~;zu@O zU+2zXie$&3%o$87dCMtqE#Kc6S)&gp1wLsN+@Bx}g94Q0Ap=+Z)_+cLbiW_DxDy~*^zaK*7ZIJTRT#WorV)k-Q*<4sBNQ$`C@l3C zs!8XWN!iHHf17$mTk*|}?N2*{&ZRJs$lh1|#7S(Y*^(sK= za-%thso4Lj%I=(WNr!$p_xz;~mL61>XqTyT-s*{se?a!6g@*pPb8*M7B!2AURa9)0 z!>LEaJe7Knb%+!1>D!KT>oep*YElbfCg7icO541FY-(Is#M76R&pJ#o2X^J~8)`@> zq|xebS@c?wZ(azG&$%}xlzj-qqsEp9P1!m`^dZIw>h?w4Vs{5sB`o&2jKU0qw=b+~ zn|aVEcE3sMx}@t;69H<~ze5Tn?JCgRu--VVMK(k6U1J+|?Y8(?7z~2|!j{3C3VZLf zZ6E%G4Vrg?mR;0qK5<^~Px5TpUk{n?T%Je93o&rmUfMrdA~K_9?yWbbc2{@j+my*J zuH@F$lCfjgK)JCsarQfc?QulIGpQ)J=1ASk#iSK%^aXO54?x!WbWGg(XOGyr*HQVNB%Ftb|GLae+Wmop3>kPa-+h>{3}^t)0bnDE?OT#e6p>M31BhO(#YHM!O*L5<00k zwNGv-`_29^rPTi&|V@$PKN+Y{z z=-Goc5eA}XillDOFeGwaUv_IcmB+^)t8tslDEzvv z^ud!{p_jtx$g*bb0^Sep{mV?z-p-A+u)L;i+t=fW4}4iAR2LH*Y=6FYtm=d9MQTrG zWRK0vgbKNT8NE{Qs`=wA5F-^Gs2@TNLrzOSsyd^PG+drF$_$EddI%AH)34geAUozM z{^8RwxZ#FcMLfingB6yOQIs=j8LsWzC`ZpPmpfm?u|ANIuZl0SFkZ%M)LAr^#9VOt zDBHGSH_A3elp8ilPkB~lC#r8)-wWY}NsBn8tuMujuJ~TBa`_ zx!W@*1}CshSA~8ah+1da+X3By5FOX@*a+<_6wJVP`K<}+tX>XJQC5ax^N%~n2-9%y zxXBi0(_ScJR#jTHCbsF|6ImBLo%!_eXsDjksQ5cNs&LS7GC2{e1g5L34yVZpZ|@}u z-Osc4s}wYyXTiVv-ZMz(N9u$zI*EH*lpPqVG27i+F+ipI2%XP}W#}{N5dcqbO$#mA zeoT<8xjkBAydNm6NZRXtW*je(d6#|ks$swW)ICoQQ5_J%nXNj#=sJ~jma~rFZc+VgFzEb6k?}eD^NNUPhJ!Wb zD!1%P)-R1xFGYHKG=13F9Aop4E3}?(2(%iL@G!8_f~_pP=s%910SGYPJhel@JiQkTnOHmNSg})8|5Wi1cf8= z@3w9hHjzm1#NgSgI*w8Bg{J{d$Z!XNyK4!`G=oIM zpa>t3`NRPN;RRYg1$f=9`4zhO@o23~&!hxYor0}a{rnJz2z8Tn1|rcAgR5bgR*teq zAD*jlRf&k}IhsxY{fiMY-gUhvh#=XxK!j9HQFC+AD~HyrG&BHmmu7LpvtI^vWg`?B za@yvVU(D47Eh75vlyuwqcn+@Le-)(Q>PTby9Zi47CUl|mz44|lFiFidO?6PTX#YW0 zJS&vU`YP(W`VeI$sh`OzV+&$KNF{B74U8J4(M(?$miU93Q;ub}`P7;?>5Pd@=43Z} zHX22ilt+E?b5Jf|PHE;)VX(#(E=n6eayBsAY~aUZs0&7*kIWi#{psKXZEzOxc}jvFIlgpi?8In$B+V{(feY4}c$ zh}~nsNZ?g45^r4_ZD46-Ltf{BrH5YUw-_TGZ1pNYn_q%vbuA||pE;L2o$7N;0zHQF zz#*BwpoFsYA;h(#Nt*js{)f{<2Zs6EJTj3;NEj^CGeo)hq!XGJvAKSXEKVkU$JP3F z@~*b^_xC)tgET<;$e?Rg0%^B8U8;asGqvFJMcP}|d_Sg>M!ns5-+RSD;GO_!@+`CK z$uly`2kTc^R**Zs+>fOt5UA3cV~MwwqWF|^y{nKK7NCuwJ3f7O>oG%)nQl&PbB)Sf zl}!$7#v$eqEqoIa8eVuIW?{SrR^L-;(f^^s>(M7+*L_TryCxVNib!MkiRMR;zq$6f z5m97aGD-^PWDETJ^Q}n* z!wacm?QWdfY$sudf!lH)rLGL|*t?L1a41lz(ebQ?2p?ztf-6JY=n`%)KV1LGc@9U+C$&=}G0)=DfS77aenTr>IMu&=71k zaaP<9GR21mtFoI)RLXc47cnCquVs z)W^|ZrJfU%@Ec>MUH8sw!Q9)EE<{o4dea{=@Um6ZmguuUFU#HZtDqZ1nOH*JZJ+ib zeKk*l9JHJJd;|dO(hFYJ?|>fMCPFSlT|wO1LcbViVKcq%PeScM#C)e^{S{gu`v=>JA zFOLooHu6{KRtB+D z_mDXCpYFuvz#g2q`KMJvnw)=H5m9*I$=YAde=Jc#b;0G|j%LOTNow2M{9E98UU^|k z@}+-2Pi0?!BL8Qc&it*3B#)?C+5G#YzG(Ga_jeC}kInNuMbOqb=XPg5%isMU(s-~H z@*~hH-}q0Z?|0{;fIN~ucmHa(8O6c)yBiNBl6u|%e^(A*;!9V)$Mx^Cg%$jl`&nW| zPpAGV(eq9wS?S*)1JKG>IQ;%_KzKENtT0bsiXT0RyB)icEO_{T z28e?jclmdHnH7I4N4J8|=(5F)na2N=uXQ2D{v|10_Ll#0^)K~kYslE>qr_<4%h6y< z!vl9eS^clnIXxxeg7-zAm>C@2zaG4Sqv$yq2|_~t?+wL=SM`qrYFO}S8U+LLb5+DR zx#sqRwE%OEbgIfMh;7~>Rvt*3*AkT`70ir2>d& z>){HR?A?jX2ojXuq-ml-&uq^Jj!<|g=RCyx7`Q1q)tyrM1XS2}I@EN*i@Yp-vIGWt-PpDG8ZJ zAR2FC5PITb_ju#<0uA)4pzOCE~$bc50m)2{9g1K0WQR(0zgl%LK$TcB9 ziZ`@d6q!`)Be~`{fX*t7`ZwQ)bMMkWeKcnCURY=}Zwv+@BQCiL^LjP$W^^NeQ39ICu)F*50ax$J=a22V0PY_cqoIsFFJRmCU$3NnW8#?w<+M6USa{ z$2!I7{^-5xT8}Hh)i;LPN3!OikEXvskFw(>I{A?woHB-XryhGXq+p4WcFY@@EcQGZ z+3e~tTr2>rB`gO5GDmm$7hYvE^-jdMJAJ@Ri}-4N72CZ+5!D{o0#9$5fxNWv+d(Br z8rx;-nM0Sd_t*T!9)wpW^Ev74+O?)9$K`X7T;}dISee(7zAe5!$q|=YAWKWrv zAniEx%v_a{CphwF&do$noUUrjV(CUP4!j0Qt5I@Y0y4#~fo`0g#H`Fsel79=GFT6i zZkfe8A1_+>5gq`s4zjIe3!qD(djWC4J#amp(O3sXE}r`k*HYzWP*YPg{ZvpQp|-97 z3QXN$8^W_~rINZXyLdz;FuI!4l4xE{AUfY<5vP+GW53O@L;%Xw?BE3__40d8?8n{r zZk>JA1QfZhumluC=s7qW&ffoVTuF*}^OcF0_jJsFX*;h+mEaHR5Xp>yuZK<{@>nEO ztAzcKc5!$8&MObShNuFL8a&Y>4_@J1DqQEHZM8BpaS6HJeF_h35`yuBPki4Ss{wO2 zIxzT~y(I!my+K&JJ)HNDqj2YRAxAzhdIygAdSld5i-irpcy8FjDvj7WY&iVf=Vtds zMB=XK6U>NrPj`-*J0UFAD(yZj@M`L_2!~8_odEly_nQI2@444CVgr{P>girOG|M~M z2j4)Zm5tT#pG!<=aUH5R$4>*)eKm_R!12vHyiC22@w4jC~eeN?RB&v9xYebx$Zg}u?0y)Oi!1b0MN(nvu`LsCmI{feStvs zrC~{NweEAxRpOpvJ{Kc?l=aNmyV!rToKaxMMjenU;OlmCfN1KI*iysh&+zLfA!4OH z3LEyCpK+IliZIT+-$W+Cny;I2rl={P577>PmDA;_T&%Nf?9YK&Lp6Orp5|@bm@dwx z<_yz)Ky|&#wlo8sx%bnY)^OR&Y+{e|VCP)yu0O54v#t?3dHvhLNMJ-wDa27!t;fMu zYWz82H!S^LrVwz}3;AROtBbV#@D|i=R5oS5F#SseeEo2RFZA+=l!|z?asHOje8a?FnuRlJZvf}1w}Q1 zeR5QIw7X9#Z@SljmoiT46#E2*EeWqc5ua`WOtA;P)qPC&9$OyQT2gn%yytK@JyHcN zLgatNID2$dpG{85OkuM!Zb+s8f;y8$tXZ})T7EU4@p~zo8tN%kx$_WCc^6<@GIfJ^ z=Y+^S6PBD;Q!z7EEUG`2xTt2joEUKfS|36tCN40QgPIA|P)nId ziZbFHUsr=}3an}5|1!A@Vzn|Kv0#>cR4f9W^D~IhRjmJjSVM_4zK^8k$e$YM0#6T8bE zu~sHBXGl`tac_xsWEv^dPuaN_Op_N~sP<3?A%5T!tB|h4iPPC5+7IHqO_6r0(S#uy z(c3I395=f}FE||B5uRtF%`0St7L=ZHrYuyk=*$nu0{qzo;_{vmx{{VsKZ5+lM->fZTmg6)WiJ?Hi1K-`! zZw96kp;^@d%xRVPy#|Y;vV}w%j-%KPM)*>*{quzR9^LIT?-I?3%zh}h%EdHlZqP71 zZTmK)|1yI|bH)2-$H>~S42^83Fy$;wn(pdKxVT-SJ!P$yqHNqO&9bmmnGW1wVw6aWQNT(-)`30SebqrkfOS(!p1 z{+BOCj%ewHCOXxr=kg*il+;|e*1m=BZD4tHRFGjgq7-guN6w%!5N8@TnE zQL@K!FlU@QrD7O-(kb!KE5(!Slm7R-cT=Qwi#&a zZiLJV^pEz(qa8Mck*#Bf9vMvIJS4iI@6cN)Z#88^heq!8bs9C`&fLt$R~&f(i^awa z2^^o#$tD9#cG*K5zJQhG;Gh!HY-H>LlOFg?meELq8Vvd>&otYSpH@{Bhm9BRLYZ}>#Al*67?kA03A zux-)Qk;%bHTj)P}Ntsxr7iAZYEx=W81-TwzEGTo7X|$@q>Zj{HO+$4d2?Qf+nFg6n zSsjvn=`kG(ycy#B%`S|9noE4X2aE3ddB*Xd#mBkyl^HHw?rje$nRFNef9o3%#qJ?T zXYDiScb$5BBt5<%r8q@U>`WAevB2hhmi^QId_C0EGm005=x*)VlQKWdZ19Zlswq4) zwA&C_qhY{xckvL8Rv~>;8d~!EuZopypeTs$8nn(ae{gxYh*+)qkT5t&aiL4mH;^*o z&!&VAg^(ebJCyc6ct0fRvk~u!2P*an`?RZ{-4N&JwWJdKr&Ftle0_El#6AqWEFJOe zfcR0gqdKK#eWMcnV~_MA2(z3I|@rXsp5*(=O1A44px?{+AP5ipSA@Er?ewW)c z?|%MSef~bZbBR+eGgC(esBGVVha>r$q4aO)Jf_2A;&^)?!oh zJ6)pfMZ`P8J501!OGZt$c`aw;U_873AXW%ViF#QGlL(~DkYlwLbXfV~dWUQ9Ua%mm z-LgAUJ&2;*iA)xGJH{VYwC_riEK+uNm&>%EF19p#Z>exfl%)t?djcsVLrYW-#?LA{ z9}zGkJlHh&mivY=%3u2`&~K=C;6a6ioN@k+zL2#6W+lLY{Na1z{0TC}WsRqv+9uz- zrbK>Xbi3E^09)kCyjUxf%!;UA7M#Uww6Wv^&S%$^@vaZAeRvTz&OZOOX_qB~PwBc= zMO4&y=@0M&w91ZPV3DV}5&9%NW1oVo@SSe&T(^9bG$fk$jy5BAc<(Nv2#}P z+%rCug-Z%4qggLnm`|%qq0lRdD=2uD*FV$l6-H(0$>98NNIMgws?@UJ6PUsx>^RdwIwgASc_?zMW7vIXNv&3w$Jyp#&h(II5+%$q ziCUn0KNd&NS=+yz*i4pYWhp+48h7}`!?prNMb&1f9jI+6h^5-~!7?_yDDkrJ8(-pw zb=RuOMp=u-Wa?^t$LZ4YveIOLVk~L$go*kTKuu&lxBk!^+Y)fK8E%@{;jM+I7IH6L zo1REOER(bk0x1?_nv?42xn6nBcDXOW$lqj^Flov(u2QXb1B1N+JX_Kv?|i{Lz)Z&f z-TcH*5Z6I3?7M{B^m27m4ne8U^scjJLwW{e6&7a)I$b)b4>O+McfLAlI0qJ$UQU&I+M-IG7*5)nkX`RDaqUIo<>WPF5g{!k|KIc$)_XA|`v|Dl9D zc@i%E=SK1mTTq;FtxNr1w4PEL*;@7wkMwdEwa*NBm=U{C!F>I6Jv->0Nh5F8J3pO+TR~RUz_a%w`*iFpRqZ+HFwM4@Y zLRb3tlJoCTlv2V=)rQ===`wCL`D$ZHOV;}%#l>~lMY~pV_kzr7!Dek-x0iR%)I;LX zGK)c|F&D)f*#Gvv$pc*f>keI5_KIzT8cl0(3eIkU$+x6<0{nxL1TPsiucBE*84gH-lWR7$6r>VlH62YVJpEZw-dMH-GXC^juo>w9T26jU{+gOCoP-D69d&6@Y% zXiV^v3#Jj{&wst)CUu(XaRP zHMIsAV@7VNUM+Eon^k?b{-I0fmE{}%cl;B`5{PfT?|Io^Y@EyaPm(RqFikJlFGyvY z8aEokYP@QjT&SLmrk}=U@QF>d7R2gWPofj#86#;4M^TM*7G%@ z(n#gEzgb>(#1CA+GVj4F1=uprQh9{l)2n z@ALd8&;qIR0mG7I76Fe6>t`OoT;hz3DFNsD>%CE}-VJ>!6MBsUJKBdh1M+D}s)ukc zuF|Q5pHm2+O(d;-EL+%1pK^H?P_@b_m?gselKZyAB(8g+tN49A;w6rL@&HgL<^(Xc zWv^Dk3_et2Ji%{!r0WYUPkIH|HdD7gBqr|#5O0mcxsjzQdh*JNi(zLs4bbDqjE60P z)|!V>{L=}!h+NILXZ97uMXhWNLda&{k_{G3sB{hzs*SH?)fkFHKHMhi!g}AuBCBb| ztPe{J>zxdK#rg}I_;*CI#H#1cJQZxyWjMmp=Oe6--xA^v^d5+A3%NRz&2X77i1x()!X-cQyp+Tm|D#{q={ z*kPh*8>w-b(bX82;UxQ*Wgk;`El@M;V+~pBr_zGdj zz3O@n`6kl9yiii)NxgS?oK+eJGjfp=Cu~RVj84(g#svK0`ZbmCTODjk>5@JT?Jpy< zQv!=JvpOChm<+4Uqh=Z?QQ$9xRphwuPttdziQdga7Rk_lS%{DKkVe4B{>V+OZfd`a z@96=LDqcXQkaGQWb^zKD8l6siDH=l_zLg)t$7X;!p$fM4*OE?F^&Qc`UYrfFCq}{_ za0c{BKY9UO>%ZDH8~+ThE=$na&LZ96bP)}iBsY7EC1v~gQI{4Ci=B(c=(J4&L(0I7jzqU!zQfFr3DU#98awC8HO@N-bwe7Tk-#EP{xu%0>bbuvdR?w(Jj zXlfxb)2F<<=-t<911ZWoU6NPDPXUQ1gDBDZgT2#}ytbS#H&a=;K~ztbhY?qX`mqjh zWO+-ingoGnp?l$(tNE-?QeJ~(;C1u52Bt-uhqvMIF&TOf{@@qhors3}x92a&RXF|} zZFaTAc<7aj%4Z7{yMArDMtsCCmoy&b+4!GdRSiz4KRe|0Sm$*e<3*_s>xLJrQDrz#)$^>=J9f-r*dO@5T|zT*c<`CJSbthcXFW3B736+ceZ|sIw4eOZ-dlc zNa26AXOxzQw_lRp6~<&1rO<8-+U^l#sc=gs$J+=A^|EJL9o{}oa;&`%bF!p)?#XTf z4;H*hMVn*wORK@j;z5U@WcFH@8TarhgX`xn3sE3kk(x>tcbdG~Jqm22ib%Wi%;}Eh zhVbZ|alND(a}W?P;6OS3B94rrW|6dTykzIl!0EA9s6i9VJcwIs-A-i;(-d6+-xx8+ zb8lMB=U1$T^7Oqf_`0a!3^6OI^XAP@b?#+<1itlX*GIEOZIV8KkGByY1({oR%rg>RB+V4RqtDV=&@*QKzD+Pt z!{xyIEwU6V0ATVmGqrtfMytw|o*i17*gNiO&$p}Qtnr!ZJgrG9a}2-zLw#RQW*n`EIHD+qxiwkehr)|gyWhy>vbi#$jyxvo^DQ`POOMnYl<8@ zrIYM8aZ<7S6sh^f)a^?@5c!c|S#5E$rqpDUZte+%tewGz^ZYA%^36wGc}s}>y2pHl z@Q5W)>Va`Qz91E-6|U?kMPm*ND(k;L#WGz=4q-eIxuGy`OLKX$xM8no#2k5OdU3+# zbj?;j`E}uGEtxMhPhd5te~q^*dfvX?Zzs=~CxNsm0FRZd#ZWi}KA0%40Iga4R<4>4 zG7n*FmYOuE`D{fczfw>F#)D@5a5ytt85ESgu@@-6r~6Mxm^S(VAbojVrQeSjR+K*` zgKYvjSdOBzD=Q^A>PoQ86p9}QcgfA3imAm8V)D4DQ3d;PVoi?vr#p zx>IIgh-njB0B{tN6z^JVr&RN6?H@POhEEXFC?O4waGo7xh9@PU;D4?nO7OxXW%pR+ z`kTMAo>MDhCb7r`%68%Nx7rW>QPFWDUA^&d2iO8LY8 z5lT@9{XPrKsQuT*#i+T*`Yk3I|8rO_>s+K-GV%&Yy)%*MYFghxBfHC+4wX@4jf);3FSB&=o~L_ar9HcJVK1vl(m=WZ92qm?yj_B^~o4 z!h(jTTxdKac<}Ua6r(6rTbdv+IYtcm1CzBN(LB%0BuLc(2Eke?c$R0k@t=Mn0KuSl z5HkVaH%7x0&ZBCdpakwU$oW@u?I#WL%-&X43jLcdz4dr=Yt^E+s&!ebBz@6 z(cSx~1y%T(<^67?z=(!dH721d&M<{?QjkeHm^eJUb+D{AA|S6g5IHoX;*Bv`Cr^1Fqn8q??GJzbZgwQGsxdLvi zjnq{?-_oU8TF*w#czCQI+Wx^bP2dUV@kem*jWcS{95#m&MaPzkoH)@cWcjHOvULZfY6#T zV}s=oEz@>w-Uj0+$51*hV*fF%EHfr=x)07(ogPcGfY;8kpz3_g+V)N%UY9#KihUfb z*+@jfW@M*M){0B&f?J8>$v$SY2y89^E%_@XVj47rI$Wxyyu=x9;a%00o7L1A!ltp@ zkAJZ83Jv-MZa}Qffznsh?PH7xCbtmg(WPN?S|!Wb9iBF~9Ma}E{Ru|>T&HPIrNSx4 z)^H;39OVM8aL$>Va?o&Ux4g={2>s)QQinB??j(=euS4)MZk0S+rx%#HgZHZfpa9um zds~jl4@2IjA9hmsg;cU9oN1?3{GAQ(=WgT*eU1##<}T^&>n>+Lx9+>axFh6>(5bHzFpS$k?JsEEt0Hhq{65?MB zHMZ3Dd6bjS!_<2E{?Jc*Dxf1E8*Du!}sF;^CQ*<8I_m=J) zqW%@r%G{5sGJ9s1?tSAb_leS9!7O%lyOdBRcVxf_XY$%pWG0j@t3tKa>g#Mwk(>;1 z_fp&CYoGJOJtED)lmAnXjK6dl2P(BCs9g&Fl>Dak7;kpz93ClH8oS_Lc z^|tZzhKocKpML>RO^aG)IfR0LKq!hwt4LNUCD&>DtTno?U*+l&l@tA`JVw*8reR)5 zppK|5iesca1i>1>qs!o=NxrL|*ZLNQk(Z@-F8jDJkvGODEA81FLmuU}L9nJ7{pDMu zf8bC1@W1d!V^jroHPl9()Ffwf264&EW5Swjs*ZWsYgSzZRhCHpg)*v! zpgg)LUUlc1K}MY;p)K~ge~hhF6u6Yi(@j=KcLFb(Cb)rAvV$m_jX$o=!_El&t5)I$g4%w&*)TPn^^VUTj{pF2B~k5%zVkO8~eb^9VP^ z|1aFM)bH<8+oaT<9el?yrBoA=$(riYdE&G1W7Z1`O8&q%_3VKa0t=}r6&G}wrazjG zfQ2>n6$b@@T9yrQMTlkAY7sYjJLhBRt2&V9aDNsliK#m+;K)FKQ{bC@)$W}Q+lNlw zld05Wjf9iLz3xBBkH)a7V`y4~(ZN^MtRYg2C#vw+v zTQr}t`@7C*Cv%`gZ|cB;f5sL807|*=gFe^p?5KpXumO&C@Z0xU3QC)`BL5dyrM-Lw#5ts*$~7(U-~`w&Lpt87-6--t-+iv9miJ zjwsZumbB{2RV(Cx1W4658dKpKD2Fob)a@YD)?acSRMH>I2`uS>oG&Ja2#wZutyQotwuS9kN z*SuD#d^+3{e9%1bM;h+&S5&xQES@?|37}q@?LkM@T^y(!$zoeH1&%tX|4S?cwex+$mhrOx2v_a6#ubFm=esEBsyc726XkaHp0|cvM`}KWw!u=_+ZudsOlNm-d9FJFYcaq?1=_*@}*a!T|C=2<1xzR8; zr(;tE#NuvWQNP)}%=PIp>E>NLaM^UKh;q;94p3}%*~9ZLZzJc+sYyuFvvCY$M!5rA z`Y(Wlt`D^+fRO*ek8Br5HT1})+AT9#Hz$614i*7Q#AXaj*WyBHF9|;6a^;u(QlhZD zc>2TY0&t}ZHIy$F`JJ2jY^c^1HTK}wA>gB2+N9aZNq3Du7?GDaYGD2*<;uS~6t4?P z{9&8*CnlWott%uv+Boav$A1e^VuIEE$Z=Ulf5Lj3DEiY5c;%N3QJ$1pF~ni~l!o(n zTL4VF#4qzvJ=swYzW)s$DFovGFmn5IjFdBe0!g2Lia$}IpNYOKM|z7;c1KErP`Zot zrD})Y`WCCYeTjZh*;_qFfT!C+Nb!R&$22E@KWdX*g=J;6D`-9q6;C$y*DO_Kjii!R3UmezD--eB%pdewPfG|Ww z0Rfd#Iwho2TBTz&j1C8)AcAyvch^XLknR{gkY>Q>!N%ab2l~Fx`+djp?LX?~&fk5V z*BMtsE&O%<0Tdgp|Df$Pc}GVyT2>0Cv${`=q;+`V!O|$a0L10C$%Rx?H`oG*}$mA^LxQcSO=uo z)f3MaD<))MGCr6M&>+$-Hn_baJ!o1?PQUrVyCu=g#%!G>C_<=#@;|K0px2p<%blQd&;T zQHRI7d0e*18Phi^E8*6f^*pTBmeWfqaH1KW+Zanuh9uCR71*pE5T<$wT+fCa2~OSH!2c+^pyU8 z(4YxVpE)nI2U#vfOp1%#D4xvVRlQfAETH}}DyMBF%ySwO5FKO!ih0*?^}wBUW;@t@ z`LKaJRava7&?n&naZL8U1)9jEtQ>Gz;C~N z(GWbideMx=R_A%!bx;gP{V$?_*31brH=eCjR^s9h-cL?6Fo+HF7`Sb`)H8;y9u)(y zEQ;j3KjLgVfyKr z%fIz#ImKVxt7qkVxb37g?`7-VZz(EFI3yoa%KeAEst~^G3?2Cobwy78w5Q{{5(^Bd zlI(jgVJD6H=*v6fV2nZR%}v;?%e89qfh8y6n-hAG13&$5NmMl@h1zl2(%jkN$i#KY zgjboX_a<@(ZHkqgq`eZ7AGj0E)S>ABbG4Xes;qj7k}K@|Q02luy_C70r?=wD?7XFm zeH)%FPpZ1 z>@Fh8aeb3bm4H%p$+TrCtH@X8{qNBg_x@C7gQ*nBhA>^Y3?N6xsyebK^&_t2A^CFN z3)cvb5!5w?#2w`9b5_X;CBus*`H__&SM-A1=nmrFot`zBsVA!M*qNElX0#A*Gu7>_5PPfk-l8j~4L_b2ch1^aa;lL(y33riLBr;zNSJHfePm`q z;~)ho1@uQ@ID$npy^G;qGN=rS9{MNO`X_u#&3RR2Oi3H!QBsfBSiTm)9kZ#;#(-KZ z2wl9-Y#sA)PXU0Wrm~UoWcP6#wS77`Xvg9N8z9#Ww9<_ZnHplCd&!M6OGE+k6W}BA zXf_P>+~B5gX89)NEB}n$y65jG>h-SPdV|>b zeoW(Q)K{D8qh8n#Uj}*RG~u7G`XaqGH-D+e7V`FopX%%m-myS>(A+@P7*J&L??8`& zKz@Us1#DgM+3dsgKHAt^j}J+=RPu*C=xX@0pb!?Ud5r83_ie{ry0QimBCd@47SbL zJ~c8IzM8#Liw+WK+e_zme|@mRO_u__8JA|!GLn54jeK|}FztKs+eAF)NB7gx+#VB> zjdvCcAm1VjwxqEdJ znY|P}BQlEKPS7(bhB97u9$ByS2a$gsB_z(Yx`09nWuUF#W( zqYU-}-OwXGdG~r&!C1IQ7Ii_Bg3-3EJeh>G@A6y__Y$93uM?f8)e(Uy8C)t1$QJvlzP56OHN$3GnUXhrPo-zZQ()|=Y zp&E5IZxivh0l9%AEQR|W+uX=qH{vGmb!z^hbg}J)wL_G97_#~D(sW{{7x}?Hkju0S zUOBOr)Be7ci>fPHqzRT6RDXSTz&;F#P6M}BZtgNSRItlPQ0fmoSTq%pGbbq(0p-E1 zp%%3(2;@5G*}kq@Ltl(crt_iLKtZx>C(w*IS(d_Ha$s*6HaXI|Lu@RNMkIIMipcO( z^3rHefm1m<(KE-M-~9QRkWCK>=k>8wph|9e9-o#rPk#$8U#Kq4UFobv)t%Vno{3QW zGN1j^Ttt7{ZM76dQ^9@Ts=u2`arD9$+vnqfc+<+%(5L6G#(0hA9`mK#G!w7f9>Okt zn|5~%zF3%%JFPFcuJX-a#n(KJ+grp6FECl=_K(>Bnzhb6-}ml?NdMFz^^Q`GhewZ} zgW}xb9Z&VxmTn6Z@x$^?E?b-4N0jvjvGI}bHIuXA(#G&lGu!0Y1%^buEGXswf@0j* zd=n%8O+f7Yoy4?HbxC2!4cb97#%K9a63~j?x;Pp@waV?ftcVjs?d5j=F zS-U-pW}^E}Zjt8wyBZ!Rb5gn%Q4zUUzdwgeP))z5Ri3T8C(Nysx+%E<_pO4*kuqBJ zTpH5ApmkYp4}I#nyOkqbhOA4nQ0P?}XgPI@JdV^4h>AslHUu9iOW8{7DAesh(-H>U?W#ITB!w7MOk_}%<$j`3$(Y!N>Wxe}>3pgEc~H1UT8r6%47nY<5dx+KS|#{L zcomf&&YgX1sdDc5ZXTvMQTvf#@c+}O_SMo6Sf3_=^xFd z$tv=Mh*IrpDl8mc|NCo+CZ^oUaGk=N!ra_ zq+uJT8sOsQ@hOmmAd;9>(GOdkLd}G0Y{q=*h*B$0ex#?96ySSDpcN;>L{Z zri_{=w((YuC;J`j#rnADy1eTWruxL7?^=Tc`_b%>@#_ z#KsLvBKSB|i3V}A}x9Gy|mi<+N7Vk{ny40sg=yvqZ zJwrZzSAeNRy}p6SL6+42llml4-p=-Ilq#X|BD5!SIo*l;_?Gy0o~2CGmQ@GAn?ktg zK<%XylWi=On<5U(_$}48Xy1T1Z)sP?HaM^5V08W!TK5-L&%Y{2&28fm@S38K!6aI! zA0J2j8`ooBjW{a8pp&a2$)m=0U9G>1R{_21xT5A^w?8(-Xd~)f{0js~lCg>`zf%6} zun9c=3t<4o;-JnEG7a+fzHR4mJPR7zGHlMpklEf3^5_kQUt>Kn{?cq|?7 z?`w_I-R#ag;(J@Z&!A?zByGpOC$9yQ^4-?%d%Vi+wyLJ_I=dcTYYet5e6DQ0RXmCm zIXhZ6!GztS%j$}S&^1^1z%L6c?{}EQpKc9>Zp99)bko+l#jxggVuBT?!+l~SxNmLO zA`+^gBqLSPr?I5yp(?t(#8*oHi})K3U{Vg%)tjBddbLQ6RQeWv-=F2w=O=}Lz@=Y} z`@xUyKoRkEklj8Z&+px^zZiV0M0#1p?T)wLVqU5vlOI)i758Nx<6|}zv%h~F>MZ;{ zl#1&F@TyurHC-rRwW^Ove4=yb?-qOlB;A%Dgh=x>{A5d`_Zk>{;Bf2oyk-Kbrp(4u z15n>I1`{QR>ob6<|J^FVNbcK$iP8TWam@rQB>w*J{}a9{7kp*lF9}Q_0)77AB1OIK zvQNQNAdQuiaBy*S#KQI|tAU%hq4Cor#GeiN1Y9S)P8JbvYK-p#JT=9Kw0^-RksBqf zn{)Q@yB%~8pxFNWt{U6^1Uh8d8d3M?bWgE~=K>t>Z~ciYdk17;@GMU0pgI;NmaXZ2 z{A~~vH~b>z+*yjlO8ODk7CHb%SHLp5w_kC)w~s&j4_#dLTcc98v5@!d2}#2tzkV*C zIXZXI8hI1eBs;k#BjJkZH#RW32u{zD!34DH=To`I<5~1Tyvh#761#BO#`~zz6p!f- zmTB+BZwYl-rzVi#Bmw=yRQtNqoBS6Oo}x_CDoTQ2rJkdlz~x(|!Gn#M=`ceW%QBNm z0}52#DKls-GpS9y9};{oESv)s`OUd{5KFFw_-tMMx<0$d+Vboa&^!L?Ap-Qms8iOh zllL=?n!O4pM#cq`h2joV2=FvuAf^p(Gk*EuyB`nh!IW4r97N`n0aA;HTJ4j`#ml!>zaF9^EJL@;`_fJ zfuR}+ih$Oz_J*q!F|g05vCX;e;&W&0vn#0;bo4%!XII}RK;2@i=>)O7>4B>}PCi|p zEQNf-LTW5+wb;%=Ph10iBsdxAQ>u7GtJ4o^-~ea7^-ozr4Ntq15Nn(MtB1IqqyIpBR1c2zWKz&*kx zU?KIzipH6&S;d`ACg$oHrp1mD-Jhi=h-7-(gp(|qIQH(&jEG(ltjhf%$DMflS&|*+ zzJ-T(o_Tdi4cL)L`_#0RbLC^3MwgJ)rNx}M0mvlW-ioGz zrBv~C$INnM9W6Bpo&x#x zzw68W!Qdx*E>DfPCbohYB^cWK%0@&dP*sB-(nLDVB1syuhn|;nS<(7|wjuMQZX1_Y zYyBou4n?Q0M`R}t*ux!E+Q`TFPvO}lEsmL#$q-gPFoIW zye-mS#QqhAT4+4I4JeTKa=*8E7vM!?U)6t=5pnC>*s4tyZbC6CKXxF%v}ToZ_Pu-T0VCIWC_uQ z4BYDPclEXT&mP2y3&)H$XWh-aC9+?YcomEU^WG~@B=Y4-lz6!xvT6C!A?KlO*zs6W zRP}xhm!O}H;h+YfAS7jzjva2VvTnte17WoXXqtrl7nGR?A=egFKU^9|b3R~wE;^!J zOo(V6^Ly$yGc=RFjg`r&vTPHMwxuN)DQnSa@Y-|x)^uW-NobMCB-o1=Z((W`I?B3Z zMTdCC%i9WME96xss`s&?OGMp8FL@RacBlGA4a9=g)duC|_kJPbBDnmOSAlzDpqRRsgbmnbf~idW`(x?$^4sE zNcO0cl_0VF+O-DNK}1pCbTDfqZA80bTJJBN#liN@2k@`l>8m9h8ELMi}Bc~hm;?kI0mJQDou2VHE z>C`+vxN(+#hc!aG;CwN6u>&2YTz!L zWdsi0^Z01Kuu}}Ge-dQ9RX)F>ln=iOz8GHNA4?r?_^GmTBgKs@^JH&56iYa_L(B zaBkz9wj8TYd3ev~+_~pdKmMScmcBx+Ouq1#kCaa&#T)Xd-?RuX_Aww_!mp`MZkvj` zG!<9!_!f`ynEi8f$R$6WA3(~y*?F4?Mbi=IHAXI`hMpc;8>f_99?};|e8-Kg)jVH_ zntyh7f9|)Hxh~Ik^ZLs#b=ZcjkR!3uxg4qKRk2YomgJSbgX{&#^0cxjIvv5dsnJ3+ zLb9sDBLI!mH`S?8CF!1CeFY%$Dsss!7ZS-*as0WD&5Cn_UnaN{v>7_eIO7&=?F3;W zM2p>5pUCT0*ZL|91QY0;a2>`5YS{7ky|Kw|LCvmn^S?8z=H`r>s=J2!~ z!TLDAyJf1*&@%WT;DqF<+4D7M#=INnSBD;dNaee`t58GkKbmOU7dYZYXJv`wkSRw0 zoQg!+A5TjCqJkB@cyi_1H*>f00=eoHhxcnt-S;4H8>b5hi|PS*qFpPr(#$pi&qFgi z{w5OH^_2VSw%M3=vDFt`W~uJdwKF&P83<=TIDcPgA@h#K881W@j8l=Z+@*t?R#0yD40Yt zyrJ(C93tOFW{u(2;EMJx`4xEZVCG~;^dRQP!N}CBCVQcmB5#k!xK}K$w&SgvcI91p z7Er#vwrG?Tj+*w3!z1Xm3D9KIGMzgalyXhK`%`}-PLJ2;rjt-(9(w4<`EpOdnCrdO z#2+_V=O8uHP;dNEYY8+I$DZ>^?4P5JDSKwJ!CToe0}}*sQKrxNA4*wB%cr)4mov>$ zWjYF1((Ban^!xmrWcqx|8=aFyTlZdNBZ4H!l6A699i^D+ITd&%jD1vrlP@lSXZf-PJu3ODi)8m{6EupgznXkcv;TFJ;`A9VoGHe08EQ3e0lQ zpkArx)HWLU=Z*IMzq2)7nk;4l?RCKFv`M~io`iL!2ER*kXFDE`PK<6P zgYY(#1L{)1n#j+f<7&kMyvuhEX&!YPRpgO5R{a1{c|Xh~%c~MIx)7HvVZBE9i+;n` zo|}XHz9u+uK1~~TqqEY)%p`QdKW+6kEYuC~Pla^-cqsA0a|VusrS8(gqn z^eiP*bDk%if+!_^M!%6|lA+@$f@M8F-`98h z;l^l8)o7z~pK#+w*t#iy^*Mb^5tjx8aA~u8FGITZ8hIo?vzh3KXm~s(y76bZ(1k;U>4~>r<^kEG;gVvgh zQ~y}Sf-Ml|%}|ku!jSC6rJi`}+z5pLTg5J<8G`j^?AL;?0?5(XlTnkIq4ID*={UME zdO;-jPaso;=7v6K&_S0fO0hjfN4*#jNgI`srh)}#>`}@#uvlQ$ zOTI@TU-HBC*;0V)Zn%nOg8!6Sn5TWawE#j(kwvp zgwHL&1Rc8W9CB8uPjEG@y>weiA~M%D_hgB;f&Om8J*Q2RJ`|(_s`3-}35SG~n?5f9 zOXS)IWzZn-T>qi6MFd^*w(9=FMelN60CKa8=5mMz8$69kJppjbgO6&mGV51^uFhYd z1d@+n79qu+$=4z-{f_q*`Z6Js6j`kZqqfpd7UVNC&^aWx2HcX{B0&71i(ol?GV3tm zjTL4P z_?j#{N~W@7D?{&&hs5PJdA%>C1=#q5(ib;9+p;+<;yFzBzV-d;+3e@K=fxkf-pAi~ zc(5A9Ib*rowkWuMbPE)pRT?*n2yvQR=G?3_Jg_!scrfbCkw>j2eGZ$C-n~Wn4r*Nw zwm{lXKD4f;s?To5NeELc?IQfNEW`B;>>ft^HZ!)?_>?{MZpoo9CV8YErXO54~y!?8hqGJVVE+;pys()|{%^XG2u zI}n$sCf}OJYurPjUC^^cDCk)%LHrc3jP_j)EE*OJY95XFtoZ2q?TT-czcM!3ueB1@ zh3_8l-keCzstkN7L>DpONb_^X61u}2p7v2>gTvL^K-G3kQodmu)9&*%p8tb77*gi7 z7fV(zgB_AweM2)ox>&`WlRB+^l5}x0p3KTp__rs~W=lcknZTKapT`LGk3q5<$7x~; zVNhb0;v~SCzJVSAUaZ<2QGY=HtanOd7P9gfBVXdJTBOIBpQiz&MBS*CfB%f>w~Z6P zN;e@W$RY|7ni!;(ro?WCZT`L0D;DfO&>OGlVQnn8Cf(`Db#*b#Gj`+KJ11cRQ#86X zF5_7}caz`pAXNbNIhWbl2?o>MN3(NFY+b)ru!7hL5se~Qef%-^;U~rDrHcsRL4&ej zA5Qj!gL}bxTBdK4S9R-^wxDtZrcM$g@e0;J5hbmoCTy=$BFRNux-q+#GOu}9KLTRB<9{9Lr7W^!TjU6)$NAuo6+I@;^}i|>{Ekw?wj?+--t5SMZVu!WL6v=y^2Uqv6zq_ z*-g4g!AKigjT2>qEWyPHS6bA}NMjrH4Hi6SDEg>8$-BP9Urk9yk5g=HBfl1L`VKq3 zLLJS1rhWK1rSdK&tAgIImuTR_keiiuJ>L?4m-*6B#LcE2&a$>^l()=4h0N8*6V&rw z(*gL3AE)(+`kq%$kH?h*6xqz5#hJVFPQa57LoD~b*C9o)3b|I%P@_&< z;X6uJm+FEYRN6+*80JDxBTSW4H^3osc_`pz%LM|mEU7Qa=4G+TdSS~%Ocw7=YQK^# z?)nj#KL1 zd|x?fNO_JuFCKDUPYefKiT>OVn;>MiaVDc0L`p2qHXWa+(>^1=_0Q8wllc^b5%Y-4 zAl^4EGaXtMi}k(iTOopmrfz1}7gz#mEN!Q3plNNnD=mck9od=7c@S2}s`C*)7{{;D zwZI;7^#`^kJx;R6{`sp#?w%q4G=7Kh3a3GIo2DL2Yrj65Agsfiep*~Ll`Sq-0SM)j z)19dNC|geKsDxFI?kvnfO`cUMo16x+LstR1IA++|7sa{}^1-Bp8|#s#RxN*~jmC&F z=_O{R@UQO=aPMK`Ojv|r_lKMA3^$$6TJy1p_5B<+EO$S*l4SMcD0|n(T3V;#J!~!n zLop6}POFqrr|-57)5Q_ooE>CrkNtX8KY%nrh)dVDxR~F;AnV0%!ONR$^8N>F?=_>d z#3m{&Oet2@nQ>Oc#8;d_z3tz3`3^0KIib)f?JWdoLAQGX4z!mCqMdT5fy6||Si@cJ zd5@1QHuKq|mb;i2bS3>ld^!ZUXwqfz)ETNf4T#6 zJ|^GD#&--AlZir(Jx&^k*Qc}F$ZJHTUj{3QoirMnGS^7yYKKMSg5DA8N;^mDs4%{slI|S(& zC}ngDt-b#Deo}X|$hzx=Nd(sCXTm{;lKJv(On0~}B)(g;adh9Kza;Zx>IgI1!1_z; z%B9HB5hY2<*Xa{=9bpwt4-m-@H}QA9rMA^!*J6QONCms3)_WfYp&s3^aYE57;e=P# zf!N1%?Kv9dz1b7s;|UREL}H``sXFJCxqQ<wwmgE+&KHP*TBbK z6}XhI#7%eV4c+A)o^PC6iUIm?Fmp5~$<3wHe5xYXiFGqSDWL>UP>)COR! zcJ+W4E)ZTUg-*{br|a|#pt_o;%RUmg)MTjUMlek%NCdHY*9zR{jpDQ)y{)I;tq`j7AHnlo^N^U9&wS%z$=Y{* zJ5>MYUkj|Ooc5e7s4{^#fN_^xx9?zewM1H1g&ODlt9xb&}>VCuo#!i0>?ftM0M6mZM;n`LDQczN@q zs^Etx3Ka97%`!aU7T7^7HDZqXjCMl2nE-)u?F&~Wz9|mqD6a+}vq5#lJ0!!n_q$}O z>tVpW1!L7eTxF{u&r6>Bc)@apI`u{)L%6j$|8Ac#z6G*0)#(HD-D48 zCO-HTwNRz*u<&KPO9ENELAu^H53WAT%@OkAU$nt~tOlRJY|iM-I}v+h0IG8q7q=g@ zdzyshC zwPIsK0j6@ALBhDM=Qe6z5=uD8grEDizHpWLYs_;etEUf4Lx?WoWQnf;FP0x=)xkQq z&-0O6`n~>*>^?e%0y6?1dr#(EI81riW&MbQeO$ewD^Z79FW1%ZbEco6$_c^0^8 zj$3I@ClLP(GMpmog3pA?$7mS?XZ_J0)`QORRO{V>x7)~{lL^zP(ILwsDo|7(`61jNws7y}K z=ZB?Lv*eJRhk4ZFg-RY@J@0;vP^mx@7q#xrI|##fewJq)@V5Fy98cWvhZngZ(>INXlw`5@c8_fK3Mzq2+Le#{FbadvH|iNTWdZcZubN*L z)6@Q4#3CcI7FgiUGI3e1{!mO}@oE?Z1AtHD5D)lV@kzobnXg{mkfp7`2kEe_mY=b3 zovfD*IpQ1!BcO|eyt#29g{Ps{;>T~EIamWby^K%aJdF$uV4S@hI-JrXd`jZmysYq7JolK$qruL~k7I0`^OA zmbu~-jj>A7SIKE^G6rel{R$%Aqhnr|QSGw;ol*FQ#bf{WI(c8*j& zbPwM`m<9F@*At6pP#1Hhy9vI~3iQM5-}JRv4y9iwe6-=-&}1{2-#7hb(tR(*F~(8b z%bm)kaG2%%oG+DzAs?A6A*`C&-Ov5<`{M*42uAr~h}-7B$u|}A^@#k$6Sf}R+C#qqfH$5o zk^Jp&hNjH(!{OL@&A+L-I%$B20$T5N0Ns}I^peU#%*D(N9%6{*6H22&=as(C0#ipY zA$+c9LrcUlA}+d7)qn4_*Wb459i_of~F z%=|ANX1~1smvss~Zm1x=(FzvhNdl21vi8Xnh8^-_aGGs)6C?qo&%PG!>F?-ukh;$- zLCj3yj)S_(_b)KhMU2pp6uqn*e@&_+&Jbz?+GOF5!)XDQLWmc`i@53h=v9 ze}2;M0N>LhEy`-GF)&EOF}o^z^VNma_})2N2z{{Xn9)KVd$fWX17n!H@vWl#6m$NW z=a8j4i0$Iz3OTzA+1e3U9h&-NTtCsAzDwibA;8-A(6j>*V7m)huLpeGUTV4ud45)n zVg5iYo%T;3*LZgydj~K|4qX`Iqti&ns1i-^B#SVHFFwbp#D#Vnwa07z-QuN!yl8bw zrNfl{m;WNU>wqhydUZCC=-PypY)$OoxRYHcC|=$;rA;aN2c`HSinISIM5nk(sa zi_q>j&kp1rOd21Tw`uK9#OOFG%8=Mw)FOsSB;@}sodhrpwkpc|E!6Mi3Z(*8DK z9)rofDNKNmUp^@{U6-R^qt}y6wV+emnoLoE(*uKT|lBIk||6+ebyQ_3G(A z1iWWTIRnZ;tyU}drVOK#FJ2{xlODReXi9iZ|8rvHcNE98_|OVl9JLM5!25^5H;b>c z&*vHQ_CGHbfwkm^|zP^mji5`lIc>7 z9C6jQX@_|UqFx9PXW`S%El_HlH(5`{j=5aHGmzlKxe~L%zRN0?oQ2ppRunZ^p%Ld@ zaiB0($W}=^)g%-4xk=uC3CXZWUjj*{=b!zkFvlf!_4Y@p=jFGi9BCB|z&aFpSJ2x>i%P*vp0@&Z+!0!MdF|If z@m3owi8H0*QV*s+xO&M3{R^RGS+AnDlX%mlE9Z#=Xp}jcr&=)@j;Z|`PcG%kA}w;# zJ{Bp1ag;e(--vuJviTLXMrBtk`_x^BQnD<2XS;Ym=1J6xJXZUdxeqDOCKj3h)>CYE zb6-&U^t?W$=UJr-S&vZT+n`D}?>DjqhTZ9v7|-E8^IbWDiJif+)%_%Ob`?5l13R}A zkGPCukv2OmYF4j8dVD)wE`a3I8iv!5CI%T*)Q=2VM7^#wf3Cf8Hm_@Wo-SDn`3?M3 zOBDVqe-792rmRPG=Y#2empp$xL{i5X&sa<}L=3`5_$15RQ^DfC5y}DXzNh4&yi7Id zd!7Hv`ykH8bbc!@{F6fBQ4zN9y}Yv$_V&6Qb2dXpGhUiEmW#D`2}h=k`d$H&G#~i# zQK@$?u|lklPz76FA27Uyrnk7e6aiW5G}^x^Q>QvH=#O5}FY}wX_e%(JRC5P`Th(NW zae9<|k+CzY=O^9GyX-UigiPC)Wjy2Nv7b8V^kqq(5~J0R4g=A-zL_4)k5%@L@X0cw zcjO7x!6j{fpc>UT6%XRl87DkctN&l9romTqjOf3(c=Tc7a%H`6qeXS@l3V^Vy9JQ& zat_yWoA<@@bU{iF`%!9BiV`68+7L9x4pmdZBd(O$_;?Ea_!Up)hHa~5zzR+c(RBM; zb?G0Wp-8%wrvMwT&5Yxl%)zqAo4HB_+CW0x+l>aC}IiP>$u9O=;33pA>*--Y(Y#kNB7S&-(aB=@bcAgeuu;+h>xUoq z39Q({lr}<`C)4x&s#ldJ=)6DIPm-H{3P{W#sF|qKu1;_@OYQ7*Ze{ni=AX>o(Kg-F z|NKEEJ{!fqzkWW?)N;l_DJ@Pv=YvZ`^}YZ6oPZ&$(FqwfRqNiy#+1%^zaqw|v3*%* zY8oH;e)f?VTve0ZI}Pjq&}G05Bv~$gO>mNozEgg4q2WL1>@_fACNWGQd-{XD*Y~~$ z4kNdY{sX@#pu^3nP0?>q(j6dN6B6|G?}iB|q61s=93a(3mX=-r;@HTC82$WVqc z>*L%6o%7@};M-;?j=dSiA0Gba8(jKs$X>k;@N>#PY$1@N#NmnF)C*K6B-rE!P?(lh zQYeQhey~ga2tM0r@8nnK+nuKKU-#J=1kT}i-J%of>#tljh@=$SJMA@k9qS_H`}1%F z1oT#Xp>}22Jp!ne@yCQ7+2?!4B?(ODm=5#(tZQ1GK;1RLFOO@J)5wyl>zaCw`ML+1 zW~H;vb=9r}5r`<2p+0S}0-09JQ9M1n`h&iviBQ+V(@>qt zYbUAx6)=1y+(VeJjOqJEwxAGJ|0AY_$jmV=end0*@ZJ8dhqM!9h;fGHG zw|cOwXc%>xG>;Ehl5nwVr7TN^?;+ILNgSWjzd;OOj+##wzGZmUlM5Jpk-lJD9VA@s zTY6RNNggNzJg|Za%kCjK81MJu`!Gm_S-v6s$3?MaD{TV?F9xaO6Jz8XhP{-iOo)t1 z#F_=UA*rEB>DaWVag}Zm)BE6n(<{B7N&qbb;C?4AKZ38X0nMB+99W7WMg!qxQT=BU zxS%>>R+1XxFMnZHG`pOJNWV&SZ=Zq#{#HB{BQ#@bLT_Xhim;~L^e&#f^T`#V^;57; zKDBQ%zRc5U*o#T=_Q_^Z%h8%D`GE`8JY*(huU@SJ#EIPG=6!eF1;;KJLbiLO+zY~6 ze*f&gX@+umVh_NzfPGy{x)6{jfz*I;<$xZ{$au-`nlq1=^N-FW(yW&&3)*w!lMx>5 z(F#X|WZ*&95EJ_P!vwN=HZP?F3qxaI{EC2+Z_0Jx!JCn^UEnj2>=nOMqmUDfso-@ZnHN=E> zcJ~{3aTmaM2R;Z6q9mI2}1XBWH4tB8D& z<1fj5=a7f(cP``(mQ&nn`kKx=b>fFCBfY?+SMfRP(>qDUUPtNP!~9v@RaFqI@wXlK6OIt?-ZHM$dJg7+H|GI-8RE z3!t8Rn@C4PbhV#2DTlmKRZpa6(7WkFoJ2GP*Y%zPIL16|gM{btgyP~&-1tdEy_v=o zf@@?L7TYjWF0bX7OU}mj+j9V`P}^*E9?rPcFP*JwE|Zx@9r)x7Nk5In^}+a!c$XFv zYi)&gf$QWx`s})IA?|@Vcc#yvSZ*=q@@r722(=G!+iXmhNN4Asw4rLd9;SJE1OZ4& zi|u)I%Y&J7289b)*~i?DU*VACu6KwD}7Wja_74iDFIr)$U#Kmz$|$b zFWBlx(VM>OfLb(twr9d5mza{)IN&LKiC83TZ<`PM;Xpk4;#N+f)U5>Hfsyfz{T}^f zR8%#;_p{fgVb|Qix2!nNZVy0(xn@&|dt8e;e%#mIbgTlExq0MBV>g;zHs~Z|!5}8b z_l=h6wq$PWdg#5_@;>=a60+Cht)cQ-2($2S2lCXQ?)LcWkYEiMXoUL)=Ss+&|B*fdXq=7tQy>zYh@7mNx8`=`e$gd?%7zfqsuFfRNnbb?Cv zgsP8S-EppnIsC*j^|_dzo*uP^tWN-$2A0`PG0g?>NY!Dd_h>Qge3&kQt?<9XvVmfu zUURYgN2aP4b)t6Ue(*aX%aH1NAT2N*Dqady>wjvryE8%$A9d~I<5D%eR+irL$M|{*aInjYx%Y3 zm5;5kbi>vH#9q;}TKr_ebQ=x6NZ_-!XgV+1ou;Js;4yINKaARypPoOxn|E%TN(k(< zKPY>U=nMo$0`XBr=0NX8-(vf5CLpNW!NSGMH_v~UUU#+W0OTn}fBK6TpA~NwF#}hK z`7k1??Sh>iD)RaVFf<$UobQE8bEem_Fse%s6Wq4o{nmY|5GXzN+kru5wAAtqYUJkU zmeOWu>IaJ~I$+Y^Y9jwMu+1DzfSy>V!As8LGnr#5n$g3Ot4NdcDW3!a_f&Aj$I-P? zAa9A2ajB4+e>;g@KKKnJ8iw)XyD#TE3=jvuWPtabOt1UjZvZ1PG0KJ4OAP~b{!=KL z-Q%bH{=X5K%l5DS4(kLqk|m93aMyHv_FJFkURP&y7Z7N{!=Pt9?Od7|LPp^8y0fF) z-o)ewcBbpUTB;NUU^M5WT=$qbX80?H{|w$M3BCvdusD$|zThLda5h2~zi-z#FMfZa z2%hyc)**lg3bh2A3VCKb3M+rj&0b>s!#fKpkZ(>ieOgs z*-NVZ21*YX1jT0M`B93z#T;x*rme&^dl9!gT{}y;Ux66)#TmlZaz?8Oa-BOZ!!mcfs8j@c5a;0BhCI9L1&q>7vVp|gClHZmxxAet3ZxTd~|G;R)(wlpb zG-PNG803e+m(cV2l%gSEx2(glKu{~r;kRLaD%lS1q}#`_)=6mERPFleF^}Q&L5*A@ zqqo7#^KXvP$7}|x$Ocqt?0sr$2*>$Rn}q^dBEszaAlHA`qR<1T&KiCd!gM#sR-z!L zFYK$b3zZ(HdKO<({6#!vnJRk93OJp{ZigN$4!w>fYvx9eS-iJYTq);Sb$^73K?719 z`sKmfn_NUnQAFwB_c(lfrkTz){i?jC-c`$J@#6h4oCF$mQo3Jt2c+X<@v^FJB1Hp; zCv?-5bPB9D6ad0D8C6)8CfRi1Pn6@&cQGP*bez(wbPcoelz?pA4D&6Bsd5MyYWLNq z20?b4SPUqk2HnTRZaux z(*@H&lFbjq7D#HTnZ?xxe5zc{vL4!z_?9v6G9#dBZ2HlEl`pM@rY z#iAM*!AIs{u1)lvu)FwG9Tz^le#`QT6<+9tggl0a{ zojLqMR@2s(meYIk{ludr7a4)W%A!**XM!hk4ylRqwA!NDr*89`4FJ(BKYVj~af9$p z9A2*f$oCn+6BARd@swT6u)BP`RDimJRj?T}&i?>du@h+T*@XAbqUBES$9u_4Zfq6E z5jC2!7kl1^Pn}zAeO~`rUn0_96(Q(%cV7e98@tKz`|q{e_u6$=An+p1gbgJbTS}vC z=nD14MU%TZCUiO~fQ$;#J)PGI8DJ4+Q?0!KBDgX*TQxHjuS4mz*AT^4>nbN4QkZ67EUv`IcFfHQ2V_S+Zc}o>{^HX842+3+N{>Dms#3`dt>+|+OFyNgM50v#4w*ThsE`qm zX-3HAF1vX3PhYEnX?e$${Snm$hbv^NWO6ccwTf?9!+%o0`n~fWK|8SeC=d`{%yiUk z54pP}R9+?e$BklaPp*x8eg7nyafDz~vk+MXje@T&u3+317c&%Sq3L^9N7Em>C<+ zYB@bJpq3NsBU^DtT0`-2C-iW&_dmr$YQo+GkEg7cYD~WUAJ*PGs;Rx}7RClPKo2%R ziqcd-5Gm3XR0OHgq(-H8q(dN45l}=z@4X60k={Z?q?gb`4V}&-;Gk z-Z3s?@Q-Yh-|lnGHRoKz*M|?zAhj{&_3mL$RvCksDA%nEfvpPs`DGH^joCNSMj1#3 z1^X!PKBahjOJTA3)<}rdFgKUkp3R$pqbU@YL5o*|LNfwYVmFy3!}3KP^NYVCI%uaC zApUs$QSE(_4;gpEk`|#_bm=4W(x##MBkA~uDZ*Q>r9(Wj=5#P{QU=AjG=k=zg(iF{t7xZGMH0;-!F5- zAWrgaHM*5vRPWKXWlIiGVUXI&+P1fYOW~@Amm=PoRfh0JQ?4q3>QVNQkulvq(Bl1- z9Pd2x(#;h|XV95w?{3D^UoqaR8L(|bx`oW;uOUCaKX@iTbRUUfg2tx0#1a;Pns?-^ zE=mQq9EaC~)9cL*=LaWSHsh>W##bPIOG$cU3y8xI;o+%8oePP zRxWwkB6Ifk!>dLoc2oM8{WXq#38v;5mNElsKbtPU;%r2}Bh+FwB>;@Eqr9?C@bY;_ zd|N7ze{(*^S*!WA&J}K@ER7s?8+!oB1t_0Dny6pO1XA55bS$Q|N7B^?Cy8#2dcPQ=~ZPmE^xR67$u&@;2s!~;X zACMhJ3?BBZse|{>&@G%pp{(&XvYPzh>9o4{adX=hHpl5%$~UGh{|VwKEY$!NJc5iP z8`jh~xALa+?duMlR2OCV0otKGBBqKJ$am5M7r!XF=BZ#*H)!vIo1kkMN%EgR_+#LDH04qJEd7to%^&}r;iLk17z9v3za6mhXE zTXP*X{A-Gr%^s<2c=s4CR3B61U~T?HnNmu64{pE0o6k4G=_PWou$9k$i`+Fla4Vzh z)1fMr^=?ed`@Ngs@L;o1h7lDYug$?|z5Fbd_i8p=$pgk5xkg3s%5@^00pQ|^H~iw} zQNcyYNEn1KF21eB388m*Kp#GVV#LRSLAyX5kdo^9#g(?%7B|orAKsO&w2>2->Sx?3 z0bT_H**0uc3FQb=S@Uy{3G-O@ni{}`N_hrTXw?a}%hZ~o+Zd(_rBrM5#;~~Y5jQ|0 zh!f{BZf>HbmQ7pS$EZ{D$TvLsih;?!KV>)I2mAGA=m2msiI2Q0{zdS#H>c=WhAL|# zuYs(~6+im{s)VFlDCiGxUMn!{IL+jljevv&>I93L>tIafUq(7Ok!2&32K=yzrQ$=I zjhO&+{cyPsMNCJtonHviz47vx)Tl!P*oIVI?I)QyY1AXA)w75HW{dZ1fV;F^@>p3P z>VxvVTh_YpKCwjsm1UxHDosuPz%mV}73*)7ZC=BqG1FT>TfZ`i6)bhfqF@NL zP9nXY7kc{uTLNffwt|n)BbS`<+%@7AH%_uJSl=)^pe#M`faBWXX5~A~1qjUd?pl!r zWdkSRE`ZV~sB=ETasg>C550gF3{&sMuEqAZ2~x^2E#0bGh%JM-)$+hw_$&rMXz5;V z7|8qvJ_VETP37?H25si*l|7_lYq|3XBDAwCNlTS_+pEA5;!<5bHWJN}=4wD&{k8TR zK!z2##sN?B3*D1WAg3ap;^)rS3NjCs$?0aqjXPPys2uP9@JYDT&GkR!g)Z)O0~zrybQ2v+N+{t z2`>E#$wau9r&~qCtF~D5YYT=58IN0F>+LeNo0WoBJUF1rJ{NBLY}eR=uJi*lbHV<@ zwbEs)kPv+;pf7Bx&gYKTiK4$D4sM9t^eDVE(#u_jxAh; ztliJZt(tr$oVA^4lqY&{R3w(VL0((og!O*jvN`kb!a*zb7j|vNfT`PBl|Nkjko)5C zZ7+dyG^=~At+x8%gZIUf9J4EKPe;NR{2OFkao^9gzJXhrRPLd#HLwfn-mYMt5g z-`WDzfq~M{(M0AkM(J<0voDfv-@E^+n22nvlVZZt??PtdPT$lIv$3-SavrEv`t_2Pw9yqeU;QPqQ(Z`{!K@aRNGm zdB@Td6Dy(~WR@G5_x-xsqr~oJ7#EaZvsRFbXToG|g?!eeXKLG@QR|iTY4qUkO@hq- z8n6Kj+5=AOi-C0Totq%aGdDpg3%91#$2P0OR8rMXmI4I@4Fpn z_qGG#=aYThxi2VdF%)d=YYF}mef|Jk><6EdFzP4Av4 zkgdZvCc@GoE-XgY-#$G5uyO4d_P9)*+AbQy#hj#HcnhgWGr? zKLs+uE*ArtV2Y})fEs-M1)v6h<9y6t0}v66A{f!faV7kAoJN%F*;$wE$+y~WeW((b z>PWf->-V5de$_{NG+w9xP-IooP+6)0-qm@5tbmvnGU0g7-QD@fS7ucdx#PHNHin5= zSt!8!bW1PnaW4N!cLOPbL+JD76{k?oXqD?I(2$Qw{e{iF7zVZ++i-wzAc94_0EHhr zZsGB22Ok)pKF<8wLY`1Hv6W}X8&_?96amO8tkuR${qtvn$}l%WA#%cym>n8tFHrvo zB*p()V>5t&ia6UtayiafkIB583KEJ;NN;wZT!hp7SPG!Wk04w$Q*r9b*W#bO3__|P zE`(R+gg5&7=@ro4A@06-9QZzuo2;9gnSW3!efQ?wpO;c`@wOIIoyw{G3FotB=Mi&x z^2q6h6N3CoFi@1J#L1BNmy{t}xnS)VCFe%Cb90gfd6C2U^Y@h%^-$mQh19a#UU!l( zqdX_o*+s9mK^||Ho7EF)!{H7NX{CdgOU$R8&t0-!G+p8H2gME3T)EgC(|+QUhIp=& z@CZxso8m0@?r|ijhW6teGAGOR;1Z>Xdiw#G;#yvB&S1@OwYjot`l(}oj!f4m@SzzX z54f3Hz0;=?-H3^)4R3T@GI<>71BVgo)tH)GY zFNF4gt#9;Q=G&*=fQAPua+_JQcL0Y*pn-X5ZUy=4QayIa@|ZiOo!xl{9ZiZKsq zF5FJO#BK5txu|Df2X4u{dN1~uo-pc-`r7usw=wyZ*GZ*gPHaY460Kev&Bf)MUqM*j zg}e84(&je0_D(Xy_4kVOWt6RzonmnmHDDVQ@bR%>xPXwl5486Tn2w)}GpbpRxE*tJ z$Y+DvPA`keA6Zh6eHR)SOPlH;OTNlwGu-r5?Eci7i_Qy z(EySGF^I%P##lqVf-!zi*UNeU?Vs=0jjJ*Aurch4xno=L+zE8}QuS;6XKE@Dz=175 znKb$;06+|&${SwZYu@J`*O-@Nwp{Pa0;1~y58)#_mhfNZ;TK)=5|TCU^h`W7HS-30 zcGa3ITNgVrn~S9$%vW3v%vF0UY2znS!teM{+^SP=@%~w=cdH(*q@0Yv$2;XqLiQa{ z7@PUa)w%t=>utF2aXBFQnC6T|@+2f8k_)Q2*DNMqeAHd_PBY zNm73%!-nXYZisGvnJMm&=yl^y4L z9`bI(%7-YY&m5ju3W|hHB$VU`I3#$>q5?YJcfR{ximuHFKxoEc56j12GmH16_4M>i zleKiMcUxypReXyJF3Ou*f93MdbK>A=Qc!$<0$tP_3yI&4rw;9T^;35f*Q9UJb$GOa z*fo0vFY*9(2C};a2vmfUo(ui{pKj$EnqS4j75*5P`k#{T3Vr3x-@8N6X+94ktw%Zl zP0xROcz?|*TNnD5RQy!8xXV(f%=tfxB^8Oa_e-AB=l_3;7b+;()lttu8*R`o543*{ zBCuPN{>--i9dq?}4)$vpb)ZtyAamI{3(dz>d`)S3Lo0y8bo#Mre$)PVV9UW=IBqh( zObP2T9Oh^T=L)s@T!p4!{}1=C*JG5(tnt92`u`*MFZs*=h5J`y?=oVCyJBk#WqZf) z->Px*2w_KfeEeo!**DuVn(uIj19AAf?d(x}+%^zUG6M{q)#}UHpOzZh_=)O5vGk21 zmLjFu7v_wxvJr6auq4o2ht} zp8<93ht>^X<{*|d3Tn{?5ySPIHfh@bQ!m~rN!?xCy{92OMp+NTn+gB)y5gY1Nm z@R#ITz(%|NeuUp5S|j$X%8+xdoCd{EZ}^qgN`wW=uZc%{DW$s(kFh(}BTF<&brWT> z&7|t7Pj-p6qEm2Ts6M(bL1pcm1w)Pnk@&pKOKQqc+!VXrC;p0vOF91*48#?=3M`kX z?+kQ2EY>4=2{&R;q}8&Gp;u{D(|ObPvH;$9LxYp$%c7*J7OqCgUx>`}c#F*~ z%J=g^W>RFOs1o6MFJ{>LXIJ-!AFYNl@_PcqkBS(EwBrPCe%ha)Dzi{xM7150xTsF& zz#eo|74I!V11cVqmL%3ER!OQ1zS!&5?-I5&S$P+C*XzlzNv$&_lb$UfM>FR&>0pz723OYQB%q0ro#UsTi%dN-M9p_}tzs^VX=Rj4CMw;LM7SNu%#l{LZ2} zb_PM`w3^qmX|Z4JSnx}8v~WUb@BSoS@|EJb!bHgRD1}!$P8PRUiEKoU zeOG)CDf6|HsoyUxx&WX>A590e=<|0JzYkF}f0avsp)%yyj-vinqQeiA=$ns!Dbd+8 zeUybviz?dQ%KUnwXi5Q^_i~X`yZ~ zX9{4f{Xt5u9rQnlzEVH*ww+@G2EVXJIzFx0_AWg4gxgUTJ7iZTT3+>|Hll)Cc!w$6 zZx~VJFqPe=b^hcnZgLqAPN;E>_)zWEsb6W-93E?;U^((6RkGk!P9oB$@JKc=hgQZi zemwO@Jh3!>iL|)`bZnl&&YxU3eykrD9oAKRO?aH;ZjZ4=$5q^n3i10k@Rk+gj+{AD zVS03Wt4G|rO4*_%@CV*zxYEBiuv64P3KY|y^A~l*-~*nUEy)RUVo%(bk85ruWP9X^ zu-^Q`jqGFuxRKFjqrmi~1m4R212=NkA8zD|43DA`R)vFTYpUd;2gL)$%&{G_{<|Fx zG44_`KkfDds*W8$F+^+G!i#WeC+Ft zg{eS=(PN{;(QGR;t`^b$-mJ}lT)mc6Yt>d~X6(^$>^IT9STEPiOXW0}TgXh>*Y6&< zP(S~-9a%T^#|ytR+m~}}-u!I)PS4na;ip9l#Z8Mn@mSu;c31JrtwB>H(!5w$iY@;R zzH4q-ej>MMGNLt05S+ySBFh4K+WWgmHKslb4d{G;@k|Rw39iyPy+BIdvr%DTV)C{( zMB(1x^YAWUQpFvd`tDD7_Fqc*m;3xK3H~;|_C1l_n@cTpH2dYCi{o{lUI>Mxf zaqG)j{Dh6K%E0NxtDIT35i9ufms7_y?B^fW)u&{!1}fX1&f&L^4c~monPYoKd+lB? zNFpdXpvlhdf_eEj5#>r%8)}(Y4kpPYwy@2;Q^MyY+zW4H=2=YT^L~0q?JYKe7z-+Y zR*2PeO}wMwFwsNV(V`#kwNWzZ_KqQc3U+mIz2%HeL8n8(h0~5)aFy0Gdv-56{B8{M zr(TOLK7T#$Y`dBG0h+aNf&hwvbr^XEj4PCqUQ$E?mMW;1uKRRj8;fWAwv^;XOwP%V zzUNz-#$4LfPOqqO^T_*s?6Tu7myrZnDL)%gI3;rtz7sYt$~`>x-eaW9TWiJO&P7uf z+xIW_v^Xt0)Qpb@g4V9Mj_9mED01ieL<}E$)8DCf_LJ>VyhmXG^U3aJqMrc=X);B} zc;8yRKrMRld0zkJ{HlhH7ThzoT#1ARHkq1`c85Vr#`DULTG*xA^mDN%dQPe_pE^Gl z6x-->uq)jQ1R@s7Cr#S%2J0lUOqwpX=C>oRk<$7&B|>uqTZ}?18xx~Mhfaq0%PA4MKHn~r4ymB>dU|*0=9jocmeTOY)LdCK??1SK(;x#e z4zi6pI*Dfy+PHi>w}-RWLjxApTSIm4p!mFkafvr^J0r23bRwAs^~IvhcI38aWp+ZG zmbRA>lZKU`i1U%Q!k>}N@j{F$o=D>+s_6da`_fj3S&^%@r73#cFlWQ}bV`^R_PsXt z#?rS*==ZxiaOhc| zGfQOFIPRVDILi}1SGH8?;`1%SG6T&Si$XG2=npjlL7I)7Ft!wJh2mGxo;RXT!CyP$X+_=51!jmfm1~ z16~8Sm-X#)11e6t)O{wk13GSnTHEQ)OP$$bicf5W)8sHO2c>z6TyG3_IlOnaBnZ~Z z%o1+nhMJ26VDdAYGTl-9yw1`6yE!(%5G3Itz`*l|FML#wdSbklb#mS=QtT3bb{vYqL5x$`?zO7cun- z`}tt`xx|Dqdp8SG&BBa$-@@vnh{((`k!lHp5H2gtAuG1p;nLUaJyOwFCb+GoU7fxo z*HeKzRTIlFy}3D(Quq>k+vk#5x5BTfV;^<3O7_6X2EzwMsw$Hi@`4N0vz!}n=}K2U z8ax5c%%J}}bee)D!XDPOdcP~@H*!xgFlos!KibipFsH&9Y=6cKT30QvTs~4;q337B zKZXFz7^&548Y4|k2S>-pa4c3ODr7@M#DVYc4`1)8;I3L^WUGc{UMt_CwOi=x?A%e6BYTYL(aD{M}8J(K}iJ@C1A^I!MXMTUf_v9|M zz0s;F@+`I{WU+Ou#TNTvBwF;g^PMVy}N);2>7m<2~Y3I}p?tKlt91-I$s-l-1ZOufC7oTom>Ud-F z&xjbeAc3#XQatg>Ty|F6uIl_Fw2`Y6Sd{EcsoETJ8NG&li6 zKTi%3KAskT_dX7|trXQVM^%k5?^s{-RPs8ro?3~xX9qYhKXWGGRBKwLv30}kGg6bc ze2Hk{_T6P8FEoBh%u(@Y?#5{K_GG)Alb^5SdQY+?7)|O^PJ~n}!ON;a=sIQnXWuoM>SWmvg~xgKR3gN8(9g+G(uyZv64f4(BV!o^@OFSmk2D+eYQ zzR^%E>B~AgYvLF%QLSm%nC4vuG7Sv=URpiVh0IPja#Xr)c%$WKwwL6N?$(zN<<+4a zh(0|oN8LtiF0AKgZ`qA^6{HR35@Ao7hRUsGU&T268-6bf$IkQ!l;q|IwzxlTJ-7&y zd^MK%PpC_&Yt+OJ}oEbGVu6au1=NY zsPwSW0AB9}Go^a)5(BMbIeQssg8%uQi!GyaaAeuMkf7C=h}&NIW>kSJ#A8T}yYll( zsNheziSxA0#S?CY4EJn3EbMYU8kg5QRGViX(OzA ziEwMwg191h*t%Lkh_a<^uEKLCslw!Uiz1Al)SVejpIBu@LlE?*Fq_?urLHwvKkNJ-%jMADH zQUK)D!jBroHtt~4sH;0S~%yuQQTja(xqwaYw%?au;{|wY`TB3LF5`3sJCzSd! zDMF>{@oaa9^*l>uVo2oXAxF!a;t0lrTBW6cH*mj^Y|X~5ZgsORc9nz~%L5Ww4-}*u{Y?uf>eNE_AQjyRt4bCgt$*a#H_fi>j zp%OM1M7kS)_Mud@QL^x+qJ!o0df^yau2 zc>$x+L?;a%fd`S`^9NTI%?!mCh|-(^s*g#fR)Np#VY)Bn z#T1taDf0$-bbEPGZbZ2mh4yA|y_*7&vT>Ia1ztjo@v+(b(#@K;&TquUChJxOW_~k5 zqUfE^(aH>booY}|Qh(rnj0+r_i3UDNO~)dX+4JJcU6>(TyxBcCPYYadGZU}ZFU z9SGtuB7C37Uor85%thz&A%w}kJE2;!tBOPciE&BfVTmEXM1JffGbVC-dGvTrcnf^N zT`0`A!~;_{6r|3UOLw~CX{TeQSelk$j8sCDqrLS=V%4<@c1KP2a1O*wv|Q1^qUUFL zI^C0lg2R)MiRi99*|H&#f2bt5Y8cPdJ(19#5w7I37NXzPaAGichSuoSU~3FdOsA6E z41rK^)&t3)@{H*uer@{+(OzK2H?XKsiXM``0vcQW&}Q+3p-gf9kAh-yG}it)P*C`M z`=_8#?U>vyc@%3K({Q(sj*-QYEX>`r7A7m_?*14Vj8h!TznJ}bR{fm2g5g50MtRJ~ zOw1=2@!_ZID=7vEI=+Mmi}L%+UqvyKh})+}IYkJr;pXhUi@Rx=SZGAKGrM?O5hbEhBrkU(+*wV17C! z!7!@q9^Z6FI7Aqc#j}{EwD@(G!B6|%7za1Fr?YT2P`m#pW^u=g@nA<_fdGtZ_NJm8 z$+3(Fu+F+YE*Y#-w;gDmiw;Vb@os5fPwPu~AF2Vog(8!?L%zBVo2MB$J}^9`+@Y6& zFJq_kv7d>J2IM1f9M;BUd9UPE+c)iP-h6+_c)9VtOR^59`Kqm0IB?Df+MJX!64{K3+a3n1Lf1pd6pM_pM`A_O6YMUDLw{|5X8Wk?YA0 zI6oFLJ2n^X3YcCFe?lzo>1^>qce&jOYmK8%fB*9vf|C?!hi>I}-V(+A8nHyT$y4)f zF9Q!eV!)PfzH}r)_S9Tlp??$vyHj|J!}i1dC=%NlmST zTjv|NYn`6L7<=WiM}kLXuA0ZGcmH0*J26rpbPq8Icg12&_EMqTRd6;3AXH(qT$*x! zH`l=|P4)HpBO$ZP3W#ciix#DcT*m1~73K4!g2vOKJq{+{;U7w_(GgK54e%l4LVS-u zA*aD9q!bJuH7+$2yjk`qhl439or#iw_q)yE3eZK>~uNevnrCADo<)9#0jOQPiF*A zO4Br$pX>vwV6V4cEHNdRJD%257&n^SIU()xYw9E+5&H;#!zFrZq3w=g+up!P6|U2_ zVG)SSl|UHCO7QNXH}k$nJYuJwZ~9}R`37Ci_SU#n zU+VSlj95!&UHoKeC{D^6k*?Aw}yckLyeXl~5rp_2~Im5(K4+NBJ0l&3^ z)bWjm^Py%5kOsKoD>-4J|Cja?6_&RYs*LBhb`-uCN)-Gv93(FBL_gg; z*EvlOycXF1^+|ijFxt}?%+PN*U_d!zkz1dplPPl{)Qs@<95wVIyKH(+U-uQ z&+dFsya=mYo*5M11)w@?rkFg~BA(Y{W+Iwt|3Ih1;?a6>X*ZLKBR&GAf+$YCo`#>d zpHlJlveMQqBgc3Pm(Gt+&+Z}JdxxS?ficiBQ|T|a>%g$)AkZbr$XW2=odXN$fMUkn zwMcvU&}GAh9z#6V{6DaJwnw;C{#>wjiG#IVMh2>_FtC0xeDy9-WaP$~_};R=A{wA^ zx`I%_%_4$VP#@zAzi{m;tC8Js*O3Q}4SqTOU5%=&n@W&ks%jhdftZrv9%7NCFC6h% z>sFPLNv@T|fWIU&pOQ+W#*hokmeg2AB#WuV>gMbDJIP*z&94Ev7A@aj_t1%zLrKCW zv_naEaX3znEbPRdzZ(te<%1`#Xwlu|j@Y-JU&*@viNy0C4A0!ZPwT!^a;k z1~&*C+$#WZ9~~p>?N0DPU-QMUOch=|ndP7YUUtPcDP*yGp?-v`6$0SB(&ZO;w>tpu zJ4a`N?@Z2jleZFD=d; zbAE>J8KI*ID`R@t!G@R@j|>V5OZglm?#={B2tAJZdOL<#L-YYnURR|V z`@rjXSG=zChrBj{gdPBoGlgurISiDUT5uHDG|>(2?YOwJ2rTO{_Ebh&(F_iBS(HkA zV5$fjyt|$<8%xn1$v|njTWn=~o3}ZFl#IXWF8_OQ*mW@|VGY?weg2#E^KkP39F0z> zt5W`YR6^Hn9`!GO38i`@riZ7TVHs8^2ij!VM3y1b0`sY!vdYFh<)dDfce? zFvq#0N(zOQmxDRQXSz5{@?Ktd&FdE9K{Nz@#q48o*=JW(itznBcTZaYI6anZnRJA| zwWj25?yy&TZ8xPNll!y2=W%BkLsT}>SyG;s0%$@ttn3mZ7&%&XaDLw0i;riDU$3JL z_C1+fK>c1r^x2p9b{{{jLGX1d);`9p)k^7wlKLNG!pB-G`)`~W7B3sx6JjzL$AY^8 zH#_BB=oDje!t)^v@0m5j2QU5!&))*@9Pl;d>8R$K`goWG272FK6y4%@x@a9UTGm@> z^!QqI6qx}%@A1VC9N}eUrYqvu{t~eef}S{kH}mtUuJo5>${xERUAzZteUh}{$3kKs zgOa%bUZc^}+x|gpnaSYhE$Lfz5c9|hx>6BWnotdqr#Rw=Pbzk|aLys4uevk>FRe#C zJ<>G%4=z8C8hJSZyRxv}k=Q|%yjytTv>oTKo&okxTuzF$LqtdudH@P+YxkPAM*_Hk zu-Mai8&bVfi?VjhxSP+kMPi|Qe1i=-EF=enuI3i7GjU1*gKozA9fb- zxnZo;U7u8lO@q#4NT_ zPK^R@S|n|25{}3A)kwkp0a%&bf}izG5vREDt>#s*GkMQf&RDswrrbm!5|q&EUjdo_ zR83Z_xQs==r>hWMzGc$B=7u+msPxLYBfnPLIpjDbthB7>FW7V)xQ=h;ZWV1W3b{rt zZwEHH-_3jyc{V{R7%Mb|0iGlR7kP4=WVUuwcymf4r$--E9a>U9EQEE?1k+&8Ux>fw zntMaL&A1f6)7eZ#=zM+bd_PV&?;)+PQ@4#_be6R`izCUCj@f3;Ep=Q9%1SUCMa)dT zzWdSgq8*4*B{6)a3E$edVdxmjV3tlt3~aA7TsVd%oxtTbu-EIDpO~q{TYK$<{^iHT z+mT<0;KdYE#|)MUS_C};u4XG;Y!C3%h^kf}vUlfF)tZ05z=?D->Eq})#AB9=VI7U> z+1IXHf&mWGt|_R2Dj&62B4JU&HNoD;^a*A1rI?)?EzHo>g4cdWHy$xh;%$DIHi_0a z3ChNiC>wiTEu#GIG#U<;dEb-&W;r8jlWDrmtHfX&Y%(?!+>a;5h=1K2G2H6bw`qq2 z;e}Fnbv8O)a_1b}O`Xh4$H*kIJq`sWTIrAo`J*XIf&_n-Y@>8R1s}G9jVLJmM(U8W z)3x4IE1D%80LQGozB2`I%#=;nue{E18MjnNh z$&qI50?Q-kH$O*Sr|YtOl3_9Fb12!Qph(>SN$i%bFM@LCj|H7#%7;h@_4dAf>2Om21C@6vw0oY5B7ZVr%122;nP>8f^ zhvY2@0^R;Q6ZtK$U87HE4dMdZT-KX!h<~;K{m3Sd-<&a;PCpDRnZDWvkNIQKgKc~)6a!=zaANq~)KmvZQjWgx9PUToQ$x}6Mw7$a zd%OQ%=T@39kvI+17L$hk{XJe94gQaGSfKs9wW*n{)7}8jEfuxo+DdWNrSx^-4eg_! z&$UEQaYQq^oH^LFH&@~jdwu!SAGxkOKD6d*RwaLtm}dt33j*INjYz$Yd+#r_71d<| zMc>}h##~sk4tPYbD7|x?EA}e&Yu1Mw4<>vScXwZm^Mu2`v)z}SgKv~FUYiL&MR!7* zIqVP%cR~*B&q?m_h}~GOnS9bh{z$7E(|Y(wb-@kpSqp_fYJ0Ei9gf|ov|G~nuQ6Ka$Rqo66vDmplpu149WRqD< zjeUvZMJ&&K+oXmy#g&n}mh}Tg6CCzbwuhbg9UXQS-7N&rd|oT?&ra5P&Gly|Uvwt;lv3VzQj6k6JFi&O!lxuu*Dw+0h-Q%P4itXmrn5mQ(q5 zSRMZ$*2f}xs9#%dMk00Q;DD;iVt|$kYJI>c`22b2<)#eK`H~7&ZKZUl$g^-}&?)Do ztw|&)1$$PzKU!v@VC3_ixqqS>#u$l2EETrsc&aeo&+;uY)_d(%%KThfyK^Oh9~Ze#8i*5Y1ZF)p&8 zA!DZbacOMXs&Ar{AxrS~M{6(7s*ntw4wVK+2IGx118o#At!9}2QtkyCIpA#hGsT-S z_P&z4ZM+>&ZO(B0R`Jg)!gr+_b#vFvgMsI$Ho8W5wE}Hqvy3&d*TR!hm+Gvg6ls$1orb4EHiU zI&*h>TE=Z!wsqr(eU!62cJ)IvRpWcvo^xhgaDg|$4-XazAk;)+(P1<67eqZL`wOCe z-G``G;sJ>IO2SV*J2o8;`PqKrh3tockMSkfD}!3Ash8EG;v!7qVb=w8ob{}+P5#la zWH(k>dZr9dief)$%k0)FEhnjyyvG!h&)Ie3i>s5!wovZGm;*|S;{J0C9n7_53g%o1 zfYk|`1F(9gVHVJ|_?n4r45?ws;lMY~*y+`+?XU?=GMD@aaf+&-@Xsi#R#vTkHOq4E zmNpOq7N_xU^)a86iOjj?Z4u3DAG!yaq`0&xmmK36ueptce~fXwKu`YAHZ@=S?ojEX^$yv z)4E@uWUq7g!XvuM`F%x7!~?9(lzjHFm(pnFEEeX>keCwpUGltdee!p;RQG1R1u)xz%7fZ#JI3Lh!zEQr`58}+=CCqe3%;(V> zGl957#YN+!#J)h_k`Et6pBJ^8wVMyA?cs{4F_j@K7URnmPqd1}S3}V4N=6KF%MJ&Z z6l?YrRM_biZY@!glUzo|(q#xNb_6sW$v2VHQg|e)nfl{qHOW_T(~nCqFm=Lr<>K;( zw_n1$&CT^b_RjX9P2S08N29N)!$GLwyYh|&Dwx>Pgn;tFuY zC`zi0Tb6RArB!K};?=nhF&0tjO~*UJH|1-TB`uJ!mcqb}(B#jrx(I4dnSq0i{DD#f zQq1V#}Y(Kp_6kF||lj9h?ABU&(9R`pR+U#z)c3Svyo z>%P$_)=FxyZC->?1t1c^$N?IcT$kBnFZkx1o%&kGEP-~ZKI65ph#rsl(n8MzboqUv zZ%vxSLV&qIw~!FtPl?2C-j>?~8xj_F&Ibn?7_Vk8boG4K&8qIft_ee7%s_c8?OV5r z-+%qyv)cocZc>pZ&Ka7fvR!i$uo9R15vXXOAeH}n8;X0?VkPtw6Lo$oCSqa_He9WG z9PEG^WaMExclw`57iiE&HZnuo;BB^6`>iuEzMtB*f5TI^US|T5oJp=-p_3+a?;;3L zv41S!Z;Tm~wY;XAe|2WGS2%uu`+bNQbnO$Uc}hiM!tielJDs^+H9YM5{fVs5c$g%q+{vl?pRCAr)UKa2Nv($5lQ`14Jrr)1 z&JR)UM=3Z|pm_iOe80zyP`5qlAtDJ04I?jv`V|g~Uw1VPdRX1?x%Iw9G7XT^bg5*y^SdD2fI_js=bWW`C(#ZW0a4J({_xXf5auo{(>hnIXbl zw9FFr`Pt5B1R1tIMJrtyS+eEC68`O#T7P4r^V3eAyVs2i*>M1Hdj93SjC(#+N6Wf7 z0!+NI7C72!r)^qI5Z=APEM0&YcwCpF|1nH`Ta34Pq~N#Q=jR-OgvTDJYvPwV=oeVR zxkjg+K;=2LT-y>oloNyAxx4H*S>JvF8ZY0vBWMK!Ta{kWB^lGCUh7aC@|P?r@sRaB z9gY;SkgB?-2a1tqvF##g0W>iL!g%i~2Ume#aqVV&*=Q37RyW>$Mq>t?{FL$&hGrRe zc)nxIICId>e3tY7CWzZHNpNEnDr2Tf%uzxEZN#1J;)ircZfzBh+njqRXkZrjvD~>P7G+qy8@SSW?r9`^Ijn3#a;ZksPOfL7<&9U(vs?0G zKK3U$l{TWSQ0dsA7`;~)Iky~bJhYi2%W{V>*XnC_G1icWdm{pgwj1l!c`Qn&7U{mpUxcZMwL|Q=NTfx0UtEcD}`?(keUOOaT z{pBcc?JcblyM>|WJuphWVGye#feqGkK*W|mXyQ-*NfUb=st>i6Y9m)Iy><1fj zNY{CGLtUrEU4X^68BAzKj~(4mNEs&n(l5Y)Q`WRSoMqy6 z*UfR67D+PL9GVxRrWP+GyezLRw$sOyol+ELvEV;^26)Dk2_jH7#Lf)g=+jJmIS4e;zb%lB4wJT$_Z18XHejHkom|Gn2HPw1Nt($WG50|r z0(C_upn0wJrnpwRub#r!BHEr++1;HvC;L{7?GFt`f#xp_MxrE(3%D}34DEQ4^!9XZ zFFxW}yvm=7j90%D87&p9A+!Rs@%xI5q2RGMH^jx-g`MjErN}7B`rj292g)(RDj>my zQS;J$b{xBAwVoHhKsp96is_6{0(CfLbdG z#W1Q0?tQ}1rm3qt2)fukzfx8z(`jKlCNN|e^3B{RJhM9f_=H~D$++e&2mQUAw@6^I zz-a)56mOS^A&!)o*QEs3WLffb`0(az4sF(j{mJEp0g zdP#Q~L)!LB98eg1tKIUgnLB)Z!hiZJAz>B}#q_08R{Jf->)8-vw)b#2xVfAM(7mis zy1InBLIblsnWbiti=S2@?UiT6;hTMqm%Uzo_oB0N^-kC+ zYWCr=@|G%v8N&p}yBe*9cDb*YcEwU@uCv+y!}aba4OWLfT3l!Bl+rD=i)cN^l$?e# z-4R=pO)RNAd(d_LUfZ|pH%2yu>}-Jcg(2re{zt~QW0`M~@j+qdNAI!nFeIS9@UL7D z6$tbFvai0lp)OxGUVU6LGe_27hNHE{=Vw~`x7W}W-|3Jx&0viP&mc2&^K~SFvNz=) z@r4L+*Wj1mIX$#2WR!jEOqz7!-SAX5AKV} zrjzr#DWgCGwz|qZ(k$W{i?J@(G2&O?@x*Fb=K8QB)?KsGcy;q*#)iWODA5TJalfDs z!Id1e_ut6oOi7bykt-yiITb|Si1+(np*2Hbk+`Sw%0-)e!oRUK#oyR^M61T?d7?)$ zn1HJ2nr2Mbg`mgc-!qy5Czp-^*h%)B9+mvy$o}Fyz^~U`C z_V?|PA=;g&5R)-mP;A7$KpN85vH!07rOqw^*r2@6=M-8k z;E?XHYX=K{lRvdHZdC;%E}0eXknv`=YA&_R6BZszQ{$~-mA~}`_5}d+Uc*E8;Dj9` zqUiOITPnti)%FJ;K|wJ-Pne%j>Fyew_#1j>eh*ZfIj8)$j^U~&&>x@S+vfx^``|ly z?Qih?v*AC%cRqx4W`1tYiLYpQ2p#nCUB{WV@P881nVp%)wNU=*;lbS~&($$g#*4p~ zNx^JD&6Tt7$>E5PhgC)XULT;emT;H`HRVILto}gMK(Yka%>T#PdxkZ&wOhmNZ5I&{ zQ2_x31f?pyqaYnYx`ZaZ7eRWnfe2EiBfZy1?;u6#T?h~eBApOI4)|zwN;~rz&u=<^U|7)=5zQ)?{)LWC^ARUVYI`p*xMa04Hue2Y!OGQRRl%BL@&us< zyQ}ecx~B<8myq;x($rz?N5ctB4rHz;VY_m7V@e!TRF<%u%AwBEzO!9yb8h9%A_r&z zlcOPca`|Ob7f3@U4Qj-xAI>B;)>$2c#@fFT8EhQlr!u9MlyRJ zV7!5>rh|CdxaJ~O)<*YfIN5rRoSTk^=Pw!c`$|36;QXvnDv>#17;M14=WUyk4hN56 z)G3wB#X55#WJM|MW?b&l`okfvN@j zOUK#d44R_?;0nwIr%DnNG`dLtTaI}TcQBv8P)Zl)CGmaswKg|dkq*a(o5$_%g)qG` zVRH>M*Ld~Bw{0k14!u_TTMj*(kxqvA%`ab1)Mj1)xOleKP{5PRP9CuuFT&ix??c!g zHUv22D(?oz+Rbkk1yRc`vG8&akDYWXvRmVd?-dW`!(J zot9Ev^;*R=s!@}*Ek>o{?>J$}CM!C8}|BJTO63RVARf zQG3>08OijMt63$uNN%E{)-W5CJkm*Ls{Z<8sl^Q@sAP z#cQUlZM{C+n&om$lMie5yf`oG&ZW;So%M+bX2PqR4S>4Y%Bfzc;XI_hFKHE**bni1KIE2bh-0?$1I@>S zEP)a#NTE1TrjYI$hr6Wi_g(TNtX|Ut)$M=TR)xXI+7wTHpD(;+50+6_KH}{oqB?}HON7*cWS(_f1Akdhe zQ^ZMdKOg{uZ8!+yZ&f5f5@oO`jnECO6Z-~?#}cqrdqAFW~S$iVCjPOp#^tgQSPhX2*B|WhbJm+w-bTt%QHp>&?m9?+a-Dm@ z6QbMeUH)$bOzgcah26&;Djkw_j+G9VIJ~rX{!u#At0aI!?w4_22^3YPJN8As(c=>S z>S&K3BXvK>($3~5u~R-LMhonb=j!R;6I|RBNjkBQk?Iz>Itj@$!gy2Xn8yVr%`I#8 z{whb<-xn!a;k+F)aY29g@6vP!c)1k5QLa1sk&^ZVXm+PWTQS}WLzgDsg^uj3S+3jq ziJF(5>-o;!bONz1#E|V|`)ur zlLYhlW5t83F5$4&KSc5O$p0XU6}@*Du?sCUps@%UQN7OI24-Q092ys$%M>8BW@5ZR zoVMP?F)tht_mY?8($*9zbSGKAorucR*pmYP?Jhwc3M(*zR8(1 zJ|l`(VHXNIsB_^-ld)5H^{pj^wq**MI{BKGltd$_)J>~SJ)@LKULo#V&b;Yh*rrR- zQXIQE#dmnQThWr1R=>bI%fE0Me8hv@2bv3x4lUI-KiADr9LGo|*!K?+=D|-rp}U}S z%s!5H5guY#bB`4_vWOX(T;X$!*~?FB*u>LsYp#~{Nw>_tuDSfltXv*rE5mSpvYnUH z`D?lxx(E8xaSw8TmX8TOLLBiTAFR0+CKLT>53g!&GB10p1BXYg;u9VpmFm z3fOSUM&#rlx&_6#Wt&VPk9l3=v_E-aY89GaXb!Jmr=nWBXDIhpp?7zDv}8<+xt)wx zX5czN8jRb$L6wVyf#8Ap433oAr(XzrLOT zuK+HUI+**D_H`&v6$i^)=O0Q4pxFI+pMv(+#~u*A*v}Ryg_ zb+=OP@v~0kOVG@v{n)RgLA4j#yXs; zuL%}5Zo*3(KGDo`^thkajU=Hst||$hO)OM+AM7uK;KZ~QLG*ooR*lnRdViOdIZv+# zUz-`Xv@BYVq&`PfTBqH($kFvT+8*jR4N@19#St*-59kLgny*oI9-;&mlJ2B8U=itQ>=xH_`c z#q5lrj%=`jN8i=O7MJe4*N)e1b)0w&IMTM-pGugV9rrACay?^r8D9k+J;WwZ1H{#P z@`s$JM&pcb&*JEjbqko0m{n5y{lV1!0n}AD`0%LiM*Gs}geI!p7RRr5*n+SN`Nupf z$3>fxS&e_SBaFpPq2z+surZZS!WnT=>A{j`lZ>tCZ2Gu%uw>AjOk9?B%w0Uid?~~@ zo~6ht({}q)dH0CjsTvm~@eRxnKcmmp@YIZk(y_CJ81VWQX$w)yoCrSfcE2&iG27}ZPawgWc_OktSxoAcjJX5>TKiquQSEevrymAGi&h$l5iB+Gq#rHn%$BzNR7s1dBM_ z#eKCkb7tlvU0akYIYw<0W)?crf_5&CK*sIh**p#n%X0ZGz{)o<)KVU2;WF61kv%X< zFq!@^`^xCICv7M_XTC9=Elz%NI-Lk~>qa3PtN=+mrK&Mm&9X%(5ZXc!aezMjf)bx9Z^mAbB?P#%rQuR=jS z8o<|$qT)O^`crCx-Q@2FQknNBd3e>f2$M$2n2XCA3m=elF?&&;7p2hHPvg%-b=y8D zUTOw+D?oLL2Z)=QgL#a88r`-EjTGi(m+uHSKN+Zc$5fM%wr|yFSfOP$wnnh}7IS*a zr}J-V`t3I&`h7j`ugH$C(OW|-T}>M)tl8U!H_Dy#Wg!glyvd*A>%zcHOAl45ef_U5`E%i!4OlLRRTB0p`cZLe2b&YYVO*_QzHe{Or^-mWMw( zwc2~e+~rI8HHBnn`eZ5cjr#6gGdwYQiI_+Aq0-O^(RR_jey?wYJ+OmhuO$%wc}P3u zyNq@wJ`)qJxDCc@)31(RzPABb`rIgFT0 zYAx?RN&aLUpOn_}(NPcyE9l6Uz|f|bnCBD4pm)_V4pJFxtgY77e5IVJWsF`+g&B?* zEkW9c^~|(06<+K_agsh%mF_TbCt^GUyjsec>roPQhp_60Qe?#~vGM&C(rXIIpp2XG zp}~x*ish*{va5=bxd6^FIFdQv)_anvgVJSzUrT=%do45}@kGnx;N~A?zV>-972So% z1p2alEwbKLent-0Z#`nllb`usLwWAf+0|!3nRZP+5Lw3MT`no9J7zZ=^IZzflUt13 zJ--EhkV!ZV3Xv1&RVfF&1@pxUP2c&ZXMQ1cr$n2jtVepXGrwYqfb;XyB6mdYA*;?Z z#D97@rtKhpIkW3dG7HkEuODRvTK-j;UHzvaD!!cxnX!JNcVK;&08x61cd?<%@`t3$ zf?pYC9HZR7*HvUIAocDXQ99kDzmX;2F3foxZfRfiBXVwu@cX} zZs=sa)$4t7iXyB*UCg@8~GAG~wv=fiQtF66S)BccF)QPe5nVt(3LB< zL)#<2oA)wk_LyrDu2Y7b(JHi}Y%SW5g`$A{QMFFp%qP#60pjFvK_0uhUyV0EPRJwQ z-WE)lEhkMwj)oEM!ui@#;(Vh?f?T=l59eDi#`C$22AUPGOK#jA zo1n*KEL^%ET9NnB2|9|dvlGBS3y*(43kA1m#k}7FldR|$33U+&=Yiz-ZmT*3Q{&dD z4#7ptyppvN9c%buX(MtL?XZ{dF0PL{2J+ndR#iT9#>SWAq*6>!X7aWt^ScBK`~E(4 zcr2^h*Gug0HlQ6}(_9rV{l(9xOb}2+7{~ih zw+xIqdF;3P&5lj9ztaoRbwl^6)C1|;giVbu!5Wtr-+JzmL!^BH%oWMON-w;ZGtB6hqc)Y zkx|$f2y-Z{1HDV`*!f&?H>PWChVHzV%e_bGDioWpsBM}&jyjF%8{c8~G(Aea~7jGZ+ z$$y`a?)PN&Hm#82-%aZ7;}pF-kTvn=VlG$Z>xTeot{5)fCTJ_*pw`?4>Kl~EFZ!B} z?wjZZUp>ntKWaxROwJJ7{g}C1@jQ-}h+w*vW^drOp#;3z+qmq?c{O!5=XRnN{6>_B z8b0qz6_FWu>1zfBk%y~~k;S0dS)zAll)79Sx=IQ$z3x1!<4@Xr5R`nBq-=#LF`ilz z+8;siOo-=r%S_jr6S$vS4#&@io$TPH=RjarOEZyxQZ#B%9oiP{M7pfrEf2C*?XB32 zTW+cO2IJL_*;v<>K0%t$c5r{fX(3q3JiVJt<(A=`%8I+^Vk$?aL(MfXLNqE#;Hu;0 z!MRM&SeZ9N?M@1Ro$RnQW?od3V2Wp+Q7HMK(FU#{7!@t)wFZ}ttQaf`eK_;ZHR?m4y2jJ!>m&QqiFo0-TB4VElW5I$N<3ksS3++1br*^5XlEao z`MbQ9sUA#Ht=>dncV<%H`DM+J$8T2B#@nq7_w(Yl`F$$ZNiTD{n%rh^TQ5p`C{qTLIiNj*&Ow(*Bcr(?0y_tibZyA(h4ud2Fz1X{@v);!I$nn(ef6-J~oosO% zqM0#em|{Gr+4ISN>pfXYikNUV!iwW~adZb+7lKEr7xQC8lj}@^q(CrCs4h-*0{XlK zoj1bQuT(Dj{fR0y>3*ZS$-;CLx-&CQF}V+WSMlOmr z8W;CR=WX_CjQGJN8Zi5Ax(#jbGg`sS-nSiJ?6A0&Oye?Z zqb!|d#FCkx2xnihrJbJ6g-mb!c0GN(T^mzj&=V82VCd)-uQ_3c%#KM%16R?{?|w4e zVZ*Qls*J-`neAVb&F!075Vv7U`yo+ML(EXpVq!?L74u)T$hRWUGS7D1+r?) zp;yP=mBkNS09zDuGRL5*-5lp+ks`E5P~afIo$9JLm62vk)T~RtO{T6UsdB22HBUY> z5~j=B=Kk|hM& zE%cs7$Mf_i8{Io?&3PCR3}gT@r{RaB(o%W74m_hTTm%ty`JHaK*;-L3eRu5XI$*83 zZ=R6&-SrCJ0|B0E(~CJ>aMvEjq>UYq+gm#Yo_j}E7CWMFHDAGUKzgOjdR`ibg$&`= zSItJWa!EABhiV;_>%Do5n3Z{KL3I)CMf{apjH}R=3{kmSri2#E)xqYEV=3_9>!p;Y z*`wbwnFkbI!G4FB4F6ZFpYI=a7uTa-|M4<1`436@1tOAP|B+;D_RptT#l?SruNnCt zMP5hmKjIyT@4pX`bo>0r+gKZG$PlAcS`X_lCBBfGy`|sqzob1@H#-E(67%Lv@qIPo z7cq0fC)hjA&XwJ+_+@pyaWdK04}`TWd==qcy83A8Vj`#afsIH(6poX_V<&5)LZc15 zC2@FpwUB0*j^n3rFn&QB3RLAl15u>w13=7?RVCHI5b{V zD=9+IKM=}`mw9@6Re6Bvw1N;;XIw3u?O63cv% zbM3E?zLj&DY}646HfStfk80EEzejlV`4H)rJsidvKZnC-!ZoK~I2|&5@x0g15q+Cw#T6_KqRUVoA&2(PLB` z+c}*T^DfzA*JPr=9XETmc_rBVP7&hJQ!C*vuh|p4wyrn~Dra}xjP6%+Er@#$JdAj3 zlVtP^`co~ZUU=a$RSeUWnG``q^We;w^*2qA8U1)?FiRz$WJ6mh53A~ZvPxw8xpg;C zUAtj9qoa<tVX>WL}d<#)mAtJ$({FBx@dv;W# za%GpdzIks87Z>M|a@c8qtCA=KLY7HKUs=j!+olIjEc zEI8_kWZaH9o3{A`*cbA>EGOp8XLmcbvvyI^`Z8r>YY=b&?m(^~?IQG8PxScd>ooyY z_nWWgSeyKvP%e7;+?W*sfpbNK=ZflFbQsh(HG#licU*37ojnXQEewP_1@maaw{D9e z(9V;cn`MTNhN?ZS`_!&F%h=}2BGZr?)E|>=(0W9Bq$A~Vc>65ez0Xq{aigrm(^S&> zDQ$JU&y($pO<=~&>KFsum@}lDo5m<~&4oY@FlyS4L`I;~vedSDOy7LBUlHRRJPUPL zrxRpKnX5GItf%d14S<*@ihaiHwo6&gPGqe)=?bfJuYIw-c@_s*wm9*S_3qHB_=T^V zOR)26Kp`$MP1vKs)KY4C@HwVjA6QtYg3Z}W*z++r!GUk13H};=kU^*4-}&me0a_w% zCH_{yo|0%iC790ZY?^onwB(pqcdoa-Zl9&5>(;Fvg!#nwE$FGHi1h*WF99?yA zb6+!;JP6?vsyjq|OyXEnZ8=1=Hm|3u)ClJW|7tvH+B*26 ziSsJ{t}c=ov%&n4cY0A*{%p02l=_BVvF+qW|Dm$E66>IB*AWhqfIdD&j$LjrRQA-} z(HZKohc*>`N}L{z97469*`FsJm^Xy=VUVUR-4lH!LkToDZs6VgUJurv;+=U)Q*OuI zi!I6jSRkJ<=8BNz^*SH3YATbWFYJ?<=pSRz_bI$gKKu}X^f>{ZkLVq#<)Q!odQ6BW z^Xm>GGH$c1)MtFDb*pY)TLQs#5!Qo$sgdfk8S&8l_13 z*j3}VG-e-4j?zVtMrVS>UDNxE-{IDBG#3$%QO?H0F4>OR9z{=-EYfM_4IGwXY{27U zQ`3{Mxi;5!%3Pw%d=uNykTlb%29mkv}C&J7W8Ykep%Z$MDiOH z5Ip>^ki$iJ@kikG-@qpq$gBS1y1%??@cWHHYPmCQ2nbTH%RG9h+RO1@ee3_gBNTug zo~|x6*Zdbh{F2_x&*jlld$IC$QAVWY?aDFaRff+%AUt=bs&hTzRg^LP*D7f?B=-2l zeYsbVbIZVa`_sbS{oZJ^wl|a(oTMSZZ51Po2?kNSI9UUzoPwj1I z^F9#0@L{&D#`9B}F%-Z7_dwT#?aEBszS2VV=bK2I5nVbO0@MI6&;z-^;7QJ&YA!Iu zm*A=)8>ynjmvU#R27^K+HN)0H!4?3Kaq>xn(NRvcQUec zQue ziu5I6Q*`Gw<2?7nS9`u&WpoN`lmtow*)_Vw%*6xtOkW*CA5CoYyRHWy)m%S^y`zje zekA#7{*i6ZaM1o7-p*pV7A)21a~)Nk*S)JTlmjq@r+OrvgX#_UJ!2do zt;yw7uuEe8Cz%r?mf;aG9$Wde;{t~vgRW>|E`~eRwxx`$7pYZV)E53cceetD8VV}0 z@fK;Nl|%ehG$46TFuTT=p`-r7(|Yys<5Bbk^bsm%8B`+>9S~=keVH~BpZc){6)t7^ zb~>ozY5DMqfLBGZrr`ae3pL8RQtnB?H5SYv<>z@H}~sB z6bXbrzgP44FcWY)B3GwhD>uw})3@B_wssfFGQbgr-3^$o{Sh2U9L2oz2HxvAa4yY?yfRQvLT!PF!7G28Ny> zxo?pJQx!iNKV;o?Ml(%_I*A;3JnRR#bATPWHABP?^A`x?-gVUwfz-QrtNkD+Gd&3U;nB|-n-*vx;KtBZbGNHE#6w_BYVKXd zXa*QEjsNrGS$qDi6wq7A>xlv@*23BpB35A@iRg9mO5en1yIobS##uLoi07|?2s!(j zxfl1tP4*43C427D=z+D@`_+5zS-!`#R_$#$K+tFpf*X$@2snqV`1|`Z$73`WJJJt3 zX&n@AM1jZ4i>bEl4c*C=tXsernh)GL?e6fiO5p*x9HlEq?>DWt;$1fs`uG^nZCfk8lKzI4)y~psWIPaZwnjYa#CVf(OI@@P~du|`T z7hYp@b?F*P2H6x%{PImRmsq%zSnu(p{L(1a#*c5ShVoQlEj^k|a_X%p9eb5&*V_LC zHBZb^2JzWnWdkU7EAdB%k;xxd{}a)uybmN^qVbU-3e*Uzyc$8oC3bWvH*+&6X?M>% zE_i85x}j9^#|E$ebROz%f2K=T7C;j&rE%eErm<&{-p<(8ci`d3pk;e{&e_4O?b|*L zpXG#Y8czcX&n1B!uf3&VtYGZWC@6QV535u@6SP^Uk=B?T{@(UI`c;6ns>TcCZ?E!XC)k~6)sbcVM;ys8a~jX{p>{p@W^QYu*HDEtGyET zss$$_&#XVJ#$VKfo}TJ`flQRZ491qd?RySZ#isugO;Wtows5UNxW?&6YbMzHqL(eM zAFl!)kAwX_lP&TZ8N<~_A%JAT+f5`YV^zf8_P37)FiL^Ufh!{kt&teWT-Nn~jS84Q zZV`jrXGOX8=;q(_{wi0Ut!C>z#?diRzwM8UA$;DFX8!q>N;kH0M5|OkH{!5Ih|MwvzPU;Xsle=h2D(3}E7bX0v z8d`Hq#G7qw>$MYD+JHxWA>D=sfo$_yaDT*f&v4*b9lgVpE=2|A<{~+{h^MOCSZ>-O zBefXhS_k^lELO3ZxW>u$Gb7!^pFyfEdFhp!i$ilgGOtdv9-R@_lfg^+Zt{we$MlH5 z>QlF09wtwh%|Mv+n`L|+oqEQ%L`TAqs2D;C*CKD#9X6KMDy=eD>zS84Vjo)LV}P|u z`^-_b{;x1wHSy*c8Lg4DU!=)JK$-w^lgUv^t+*U>Vw55{#_Pv#db;$UM~4yB zG4+1DoXQp+z~PkttuFm(OQ!i10e0$YTUf0ppfR^wxUOj0Vrz+~Q#xoGJO)~2&A)eO zEc>*~Qejf8KtMz7o;~zu32T1soORoo${FM$9`5}3(Hm;z#+u)$(2;!wTN*06pIyhs z?8>$0c(et*Y?}Iq12ucp90Sufo>>fR4!oqlx3=#=?;!pu4^!tFIR-{KIHi> zr8ML~y&9!fXSBfvev710wD%xE)FvmtoIw2Ta{7hUCNrxwkV z&6f#y({e?}HqXVN$L&EmT|PXK7)TbK?XH_og~u=Hi2KgCTklK|0&YN+_u>|wW5AUF zHsBu-=Gdj=h{2`;(;dJGY{@VI)vJU0>Bl|8lpNDy&hpmP^`~Yd?vYJNXt`R5A+{%N z+LJ{dxhVt><=s@Y{!xJ{tgceM2<22AwezNAvz2nk1pNV%6jWMN{$yXo?gRFvrN~)# zLt?4Ub#C?_grwG37;Q~v)B1g}d@C>kkhwGUR15XDm`$>`enRu6L{n-}rfjPFPHCU% zwQO8jQPN0Z;6tGoN-*grrnYut-Eec2U+-9ZH+h<0(A%Gi+vtU87ybUxqv@wcPSOXQ z*3S}_TF0wr-zN*#)N93E6rIgwF7Tx2&+hT@!TapMSQ8)bBv5v2+f^FWuwSB(nShdB zRm@w=#YYR*Bc>Rv{1jdX6H_9EN~I49UP&-B~Q> z6I<)XYwlT7`h$?$xX?C}o)1;$C5!+67#ur3M^Iy`!G_5M?QazWv@~!@DLIgo;&gj= zViBFnZP?3Uu>YqW9Mdc$Y9G}szxJEN^PgDkYv0caQE;v&+O#L$;(>Cn{hXC5TTKCu zGwjCad=gz?JF=G!U6d`Cj1{4VJ-D=0I>t>WVkWcEx6-#+t8`?%PKc>|5n~oeil|@xYqmS_x%WK%{pe;Pb zs!G4{k!C;es0B~(64FjY(t!ONybtX&S0BI7${q&UBz<1REYgOk`gM3JC|;xV;=IKT zm|B8C2Qd0vz(?);=zXsn2NmZ&O>ub&u{z-hofSIPpV3chRSwDhLMJ>1} zUp|!&qp7E&BC%VYHtXE4}1hu2do18;F|Ly5}%{#Ol1x3-@k!{awZ zF-)FMic^XWSKXG}T+KnaAv4W%6!aq?q#oiHxV;9e>jsCcP?ns`U7Qf#lAYKiBI?Ve zDmU%Vd)Y9D;KmGy7}sV#c+WrbMfYXLAXgeUoOzciSVRb&(4qOd2L2({1V3igsU&h-7rV z8tVOBwPMlGY-scEMAnEX;Sp~glTPKOQ-{s4rjyo(dA&0pRCmLT44lM8z@#>PNs$ND zX03V72oW2~n?T*uI8#curz^rq=K}&tqvxc5B{cK=(WQ3oV9i-!7A(D$f*#edF^@*w zb=P(SjkZuiy$-xkvhIeiaf_BSo`{NY4@F;0{0K;`Wi?NrMdUA?*X4uUbuzL4-n@iy zpT%=pgK{uq1_mPqeS1j3g+sTJt+nLP=1|<)Q1$hv?5Nd~x5vx#%%325(XO=)m!-tF zYd8h0+v5Y0$#b?ZQT-n@1Vb)Wm=gcagBdpmfK9~x@I`$ydo zkshDHj0VOgx`*;J8y-sEs!*jfdg7onHnK)QM!_Sqj%+{dj4@JVe@b1f(Q7-iuugmQ zYh4WfN7T&kYvMMlDy?%@L*ST@V#JLjXP5B#w(20Cbnl!^EwGKeM!F#b2esM9SGme< z+YSk<5x5*jWX2k(>wy>DCi|JVgPs}_N`Ji3+~y@xm_dAe%N*3{|4a+;A|g4_VhtSzAso|U&D+WG zMj+br>r=of$)1hbrz|pvw16(knvoxnEbUpjBN8GWdXfxF-VU0&-`kc{V2O|9>b3sx2Y3S<7yD@Yj~|7qTaVM`Hq1PHy#2ZESn5|{ zvEO41UKLO77?Efq zNSM6x7#U}2uM|}YLw#Q^v9Sci(#+~j!T5=}9Lp#E$I+nXep$WW&Jmq3p1T94n1orT zA-!aE`@N6I?3aGK6tvpL_QUv`BmuJonjnUPYZdAlY=FR;)O8W5qg9)VO0-`;9X`HS z=ERP<(lW4AcUwj0*0A(p_pQ&c(8kM%($Ebw;Kr|iocUD7H(v6;wb}Z9t`Q8DJd}|N zDltj$1wx69HDz0G{^t1ZLe69dG>cbL^Ze1Ho5egqLc)rlj6hpD_d*F&xdm>+h|1Eh zo76DfW>1Q(+Z-ge5a75$Zbu9qhbQS8$_E(Bmg5Cnd(Jpg%`DDPM;vOd1TldnIP)-S z<0A6WG+Q$W948mh^yY9qI?xyAXB4zg79JzUTF>9G0t?p1M8J0DW!>s?GQ!KbD%H$y z?5c}!AFr}6Kc5)5w7L-GwY#o7NMF_NyZbFY62jzJpjcD9tBA62OngWyzBRw%C@KF?1;pBrFScdcRcI5+?kg&YD z8v;xVtJ^OU@e#WJ;ZqnwA)ai3Sii{e(64HtAW$(PSfh!9h}h4{v*u2Rji&18lu{ce zzY)z(rQKrFQv25fxp~J-l%)V6YXH<`CIE6bA`RUbn`b);ldY#SDbR_kv$V8% zZ`|Pqx6@H$Gpl@>Dle^~9#MbIplR@{VxHbXbu&EDH^v@)RB}BKxvZ!@4$@ARmx6$4 z!T-t09!dqDL@3S@_um$# z5NPLya4~nSZvP6Ybkcxws(;XvqP&FA3!n~QTq9TF6&*eM&Xhwx25*5dgJ^07F?Q5N zz}~;LDTM3O6ZJAdD!mZe6BLr@M_C>=k>u9t0B`~ZacNz(#{OZ)(zD8>83Xy4ko3HE zw&kM>XLe2AU%_`)$C~sRI@OB zEm$!!dg|_&UGis(r!}PKdyJUQYoJ>nuQRc9tb$C4UV%dR0%%vnJfh^2F4^tvQ@5B& zUGaNo#PumrgUu{P*s|jkD{02=6Yp1jjw2n25A74T77epjQ z*gy}PgcofA?6HjYV49OQ)=JDNI-O0s#U~}#kGRv^4x=>?-M2o*xm7CV-e4j9VbSg} zep`2^xH2*Xnt(H(mAp>KsAmVaXu^8wL3v?P+;5kH9IJV9&YWzte3F!>xeu>y`@Xqk z;OM??nJut%DCAa^%2aLS9Pw|oyRC1m6%)jWs>=qBj%g_ANOu?EK-teiTt&^uP5Nsu zH}I@>PHx^r?A`;D&f**49r1RWOHm`q_|Zv;=N4XcMG`_7YBm#cSI}NnH3~yT<>Xq$ z6c!fAH!LhXSKZ`}FLxzN4t9wox%P*YZYkY0i_J)G{kK9h{6xFoK0G)TPP1dU!p%$b z7E@UZ$p$l3$g@uJYD+i+hm7@46PW__r<|@kGM~lMCC4-mI`f0{j2`&9{ z@?rI%skS297G3X=Eu$b!DU9W$p_a_(9dPzmB}KaKn;4yr%OcsK(M5c>@|U3J7p5uF zJoE3mQ?As>eKY9KsfmAJcw8C9ek{Dzh^9g+CTSZ^zxG$27Xu#oMLZujH+P%<&~r$CZf_0&wua@OsAsUvlp%E_h~O z3r%n_WyP-mY-kyMO>Y&}n#cz)X#~xm4LXeCv8=EvSUP%RzwAc>)59g|JG>?-GgO*h zigSs4Oic~F!teugRDTpDTBP!>k#RJzsGG=v)&RH30pmW%CJ`>p*3mT$XS}wKo`2vlFFsK zL*^|8Q#LNL7|^N^x^G#t{Y1hG{bOecI`V`i^Xm9(rjekQD3b}1z5ZZD8j=0^RBnAk zf)Zan-x9a(x3ldzLfGVmqlG^tu^F^QYw0*<8j;)U1ScuUzDc5XFFvHe;DGQ7OS7A> z+pZ3=gn9~Id%Gtj_*XHAzcfUU>1I+DQ7cydv~ZU}1b!2P`MYCSTA>xe-)`~3qeU$l zt*w(ceGY;lm`M4LAALa^^O&v@a@DB&OyWtHls*UVCBX!NtR( zD_j*X>7aIWUN>uf@#obetH1jR3^!bMOZ8>kuHmmWnsOq>$D!}9(WgL?9ZdS6XGcSF zUpel|BCqKRPVRY1MT(Yq7k_+99Wki{U*}%mJ@?pb*5$?8Jc))cj;rAohr1gamFjcPx<;~Zd2+}E^Red^Iay=9X zyKF9AB5>{Z{keVu@(KZVOT}ro`0=_jGpMySee~TJj$3@18}~7`#YN$25xq)al2V0^ z)C4q;BXBMqOgUPsoA5~H=;mUA&m3K)neHFmI-q@Bu=h)T3d&a11nrU(+Zx^Uo*;QL zfBU|-_C+QAEW@8Cy)zWF_v+NgkZY}OGmZvZ51A9JPAMD3_s$JwOul`6>y0vv;yCJf zg6Y=dL0Q}J#M~aT+IqF2Rm|NgsM2$^oVyTHR~=Stj(Z620)^f$-(UBu05~_9G>H42Smw`d!l>3 zdA@`Ev~aN4;yQlaz=v7-M_p9OeYJVPTMKl-^OIl*HFT8S-^#$h(52$zxOb#xWEgUeK#>{cf2kWkdKQ43{XeAXFJpmo z-N@4#QWr;q_XLxHAav~nOuy;jY@o)|MR_WU`pTlr$M`Wzmttvib*X$^C7LD1afq?< zG>!4}o25g{gUHaE3GLb3yCbc_00zsXVRvqN^$6$O$sL_bO5-+`=5d_}PT}d_dDdQ? z@bmM`8bZ-1+8g5Olx;tSJPlq7t;fbw{89Lveym7p!O_5~0 zaT>S#Aj%cNxl;5YgoauMf80X@E!&%Mp1sB7rTkly812{+^>=smK033s=WOvmF@H=R z_Be9lI)NQQGtZ-A9hx&|I_s_FV>LTZ^NQB+9Kd#dUxT!M&Omr;kJQ~P=ZBMvon zq$YmjKb1ZITieDY`iMqt`i<3wF0N~!EDWTc`d+9+_KNu17cx;14`CFm>9GlNi9-u( zoBId4H_>6;8N11eJ7Tt+w)o& zuhZlT2=MAXN;U?r*HV!9`=)t9lYAi7!*knC0X}#0@K?vpU|y4_b2#vD$Vwn{yW8yp z{U__dcr->Qs{AQg^^y2TT_jvywZ^(c_fbL#CFb$Bh+fe59X7SUW42z}KU|(>6d>l+o)xo+!L9xrFq7d`9qECk`H% z_!oph%YN=4um@ueLc6m|z9Z&4GHmQX#!LFzoTcX=2(z5Z(tiI!d8mC6XaWT~wHWUe z8D~ugi>(fkTh|#nq$4#V*L(rDS88#Xwe`U;RM^3k{ zuTKKB*Yj*P?gjpx5!&otSbIwau_cxo$(A?5J3HT*RxS)Y1%rEPXKIzt-*E0W?=A4C zr2*C1?xbGE?NPbbXAOge*oaQ;YBo>q%TL*riRP}{5HWa%5kexAlFw;dDwEXmSv(HX zf7diT!*JEqjxV%4-;M6N%fwHMi8_rfKna~{xNMLh&bY=W9` z7e@lv2iE#c4Q}FQ3^uo3i{C-#k5HZ+_$;7uS8ng!#1t)%_3rBY9FJD}$*F;Wo88H6 zkF}YVTrMA#GX(qOZabS*5<&n!fhcdHLGx>T9Nx5@!CUOk(oq-V2=VX^F;V`yhRt*6 zW?hijz))L8ok=HeS%VZrxhvrBN&BJB%Pru3H!qjS_ zp#x($+|RW*avR+#FKy!y1!WYA`y1s0Hks(tUDM@vgf-0T=fcbw^fJk!CakI|d7GtU zrQ+HIW1yAcEve{W!qrPruu)C*L3a1rsa#6sM;KNQp-HJt%;SCsig2F%flmV_b(C?H zUdmB|cL#3D!ZI&B4?c}$&5C(3;Njr)Akn&Y&~gx&!JohhT@W!dY%Tc&$@7RD(x`Rp zcTAwVesM;B4_;kNc{m^NOKarj*Hf-vp;Httx3{#@Wi9I`EgbKc*aC=LrOh39UuW%S zfQgddh(e?Lfk_Z!Ad7kYT_Rt_im9=X_a6y4rW#`$TQ%(08(&oRO?gZ^KTlWs;Vb02 zR;9gB25UbpzUNh&f_;ii&#W&cB+c?rtlU+Z6A^hVViw0UV>zLl@sJI4lO_8mWhuJv zwq8Wvb>k&%J3l_XGqZY2*wlyc`-iv$r+cNhai$> zeVndE$dD}ps-MihVGz@t;eNBD4u#!&c!82mGtm*amRDg0m8oru@lSfHW`kO^${T8* za^fOoFw6)MSJB8ZqLPbo-uM~4^0qu=69deatPP%;fCX zzTw?S6Tuy90~WT772l~{pJ!(lT@!$kr|s*6-O6`pvvsU1z97Uqy3CT zZYv5yr|D&#;;g)y_$!!wPzncj;@3GQBI^5e;kzDlc+)?wSp}O%R5|)OlvpX2+Dm-w zd-|zL>ubD5i+9^6RMhiv+bq~5*3oDvMt}%(hwwT2L>N9B1I4dpB9hT3>==cvcV~0d zv~&<;uGc&tNMP8SZB1;IE;rUf*VIe+N}5Xy#INnE`O?HpvI=}R=N@Y`;iyA+ECdWs zfwY#z5E(DI=%_Xxn$UJ80^BD|?Y&t~?5PfHvS$4U=ox*glM%7ZTIm3RkiP`ADJPE9lkTXaKm#h=DKna6S6+tr}i*{e3F zE5}HJNjr0U4@YIlY`u)u-ND@BoH8g*crB+kTN|6Tb|R&6O2&&l(rTinMkKx|m=b*k z`K-LwW_QherNnvMbPO7DpD8ih~-1VoS$N+6*~0trYHLI?y%gb+N7XaD!!=bVr4^{y{oUPi*2bFMkZ z8si?n+x|x&)m@i6`3bSks5Xn%-gIqOWhjht=!7iZVM!aPI{mY^rEmLQ$_Nv3= z@6iHyhzxMVUWq!u2u}1ds)GD0>9qvFHkeE|Uh#eX@Sx+F5WSsz((hM~ZO-8iAN70J zdQLw-V03hNYa9sRK8(vgpogSe!)MusaWrnEeE68kKPSY&}>UZWju?qA``<{1PxQ`p0Yey(m z=+u_&J-H69{VltuCg}J1(M5oXMsn1>V}Evxbv+ENkQ=MnMfl6vcD@KycGyFUnCK#&?G`Es0NglbX3&Z7~&61#8 zmf!P(4{rB0AHDHNuh@IHrr(fAePhRMQmn3xaR>*{nP8zpC6cA1N$99_Wu@RzsXtoT z_v3TYsC3iE&mk72fdjI0f$2eKo2l_0DN4UDX@%8x)I zK_SoXJ5tLM8PO-Q6p6MhA0NNRoov?=VJI{Z;qxFl05^#2AQt(2agQ<|W7vPO?vMeC zk#`}t*s}+HSoc8^9=qux!0bU(vj5Uek&LE^3`-ZU<|ZSk34V7blLiIFs#kFovh`cV zI2$#E6$x3S&sWHwe&#My!vWv1q_-_w&e`#7KoPxUNAq2Btk2?BGxb*}-RDkzhv6!} z>1E@Rpbzq2JjX8O$@OpumvKHY{U0+E>(rP*ImXij{G>~l;EzF2W;$W(=X*G^Zq*F+ z&_Zl|K7bj4tLdevZY*R^K)$PRaBW)TynLj2p-`ic z`v6haeCmzWsm0=eD>}=UH=9zH2%08E^AE#rNx#)Odt7ilz`+@?DTO@#*TyBs2hiYD z5yC`~^W_gU{;ZVtdNiJAn>QEG^0OKL=q_4goCW<#z{aj#jr#?E%^$dTQRw;W|F z{FyHNSEV|VMXoG8=~zJCIf3~S#j(P1#@l?*W{pGj^pIevS5zBLKcL~W2)dB${$2PW zFDR4h-dWHV027@Zd^us5s?7)Cu(Qqz@LBRixYfmYeyI0BuS6aYyjfiI8u!y>W_aRb z++!R-(ch)0P!su0D%0c%4p7=WK2>eGWFZkj+zX`p? zyH!T3m*{;L4~n&T+>1!*WV1I7iFBF#7%UOMgN)bZ0Ek*XZoD>?nRdZ7tEZ!C26E;L-Foa<{y}<~j zte98q#ySXel#}zvz5O*~9=;e#wd+8Wb0|ClSV>myb~0%x;KK6`rbPmo%_P=$F;_6} z@y0MaENHCB3A#P;J8R7_%mmMz$y|bh{%0*Z8!JU2!{&0S!;@)Ajt$Fox6^2gACEOi zkn7iSkZ-r2PaahC(If(n9Vbai)E(T?4^so!HnF1fiNdOdk-`Ac(u?P}hFAJP1eC4p z+A>}`3NvkPv2@|IVG7G4Iap9yNtTg_x{f34%%|TV!|f>=8Xd&42Ff^QDLQzWgxrtM zZx*`d{%=_tcu(V}TU*9tSWcXJzk9d3+jbzjKnx)AzRnu&NW#E>@4j)fi+K}xmw$@{M!oYzM~2!XBfs3at= z35OxlOUJj7QLk5wmrUh(Z>CTQCK5N$tSiH4hvLrmgJA<9G_}S`z^hEM*Sz+{)WoU8 zqO@4FUJAbw9>xcX0-M->*@Et-sg&yaeE5J2TZYdN<00)$^$^pDcZssa;AGkB9xXTc z**`9CW>N$~V0KlT!p0>Lt+fc($c$o@e6<_;B>8<6&R^>tLAHK$WaRVlRYZ9;69*}q z*jzYZj0yHHEXHR)k+;1$u(|fbXS@7?_Px&5Z-D%V5vh@w7>2|OWzJscojfH2= zkLLJj2CQo3W>w3)k0r|bw4VdSkO!zZ^6m)l^C*AbconW`&2gZPoe`8CK*!zu`(R@J z6#7Li22He!tjA)T?z0$a%PZ%z4KF$K?v}7BUis?k4*ZLW)J4J+CY(JRVr^_Rc5LvJ=ckN zZg`bOah&XRTkd3;ndG>b+x~r%r6#`95}HTpx_(ar#XCgTj`y)kkmc5L96yR5>sn+y zFG%-m^b={nYY*(*A^NNH{aVTJ;bfLY_=F1oEBeKqb?AW5!Zp%w#3t?Q^c`&XNw@fR zP64S0p?qS^jH|{`P1RuwCRE0sw#Wip+e)5rRJYFA!rzAx?k}Y|aMK*$3na0^)T91d85CJ+TdsbMzu7=Dl?!}+v&_mQP0pfvHE7ib zAlWvIGa`_u;_&Sm6-=XZ#yMQ19(DAE!$&&;%5ri zL>t}0F>xqeNNT1@gsO#O5CAEeEBDiGJJ6z2;F-#`=Xhx=FHLgrtIsRB_b_!zH;oZR znEV33!c?JSDk$L3@Ux@|8*0#mhfqXlo>bxcntk zt?!a{N!^rvvImyXIDK3rhM@L4j(jG0^N~kg3iKWwZMZ-NB(RoE0wISD+?}UlQ2S1m zw|+BE-D@=R$viz1Q)-*ddx4CY?KN|?IQ~KhKG?GQYjM3vKo4jZcN!pu)m3wrx-`%u zFjraJDuJ-}r5$I=jzR&;j=~myHEHi_i9#L;kmxc#d<$-yAAK}l(_-Vb)9!-MbZ`B^ zVZ@W!uh08h;~8T!_0T12Z8K{rcS$#~!;ia8i81l$a1wzr%7Nkycc|d-6FxvTdZ^Eg zRyxEAL7U<+vq{Fca~i`3vUMYB4hSYuY97=W`oU^=(U#c7#Y)G^g6BG+iUE9kM zB0{jhRHHn%sGSdBgn+ho92^0<)nOgu;-bSjW7=K)YlfyxKnC@#&6hHCWb-YYP0SGn zKhfqV8YLY4EOk=x-aDF|cP*D_T@hPAjkM{5l z%l1b`BE#LDXkvBNsKrH;A4))r^afrp@e!O8C>a#WSJ#65munEZv32fGh#~3d`)nd+s7f zzP-Hn=+fh;*c@l;`NVwiwBXn0V%k6-sh%Q4@=4Yaz>n@ z0U*|%U~hfzEWGsT(AB`?g!>lQSIRf?1#;5w?*Vhhw#i$6E~IH1&=X0L^@Cl$AdU4f1GhIH5`^k z4G^@d3i`%Z-n6Wg?vs(THKejP|57BX5nPvsJj=v~oEqn>o73n;gZP9D7N93>)@xa! zsTvHJdx(>QF~tqi{i;K$LJ@?oZ8kwBTrPu*{pPj_Ut0x0G!gt6Y_ncoO!}QjI>g+T zYT}Si{8ZZCU}u~BUBHO`R#h=1uc3{mfHMJM!A(Jj9HFS4^6lSlfCH2*zJJTz3^EL9 z-Lid!xHq1*#L#+)_a3GAN|*q z_lGW~BIt}Q{hh{aM59CjK0JT(O>J~00WDlB*X!;m@ZugR6u#ah$IM-%X2 zkmKYpK{xG}fm`$%SKJ@QWqpz)BX>txVui5Qko-waFO%!lGQ9RqOWKx>XM2J)X-hTO zvB*OxR-W;Q0g||RAW&!z>^wh~_@#{pnG|?a;w^h1)OCg|4ZtK54EzD(5PcX~ay1Xz z_P+q#!zX3-!EL4Vz39TTNU@cz$Vb&^(*a~weeF}24C9Ucw)d}SC68Y-cDVckz(_(X z_g|^%B%{t}`sBw*kbGMUMJ;x0A&D5}+9fT961Osb|1i3ru8iWx?%MLk02mWt6aV2w=hM6#6jy;iY2vR?nhR*JC>%9iOzAVIxTvb6eIw)Ss9=u` z=4w|kyl&5UCZSdi;1HuIA(u3OPU-IH-`NHt=G;rj4Vn)MpWjg%de1ws-doh9_g7Fx zS*vsPglbql|IY$phdtx0t$F4M-J76&Nr)Sxni7ZC&zTS>tJk>9ujT|`?s`XsN2 zw;?7Z3#(^n#H=DJ(VYPC2US`wnix_|kg_-Lw-0Y+8w%@#mFyj$7xJ(={stZrxx=Gy zje;%?OnNTX4*Tg^#un%3SHQ}dHk>E2?%p2oB{jl zFag8S*?P_Cc11Gkku;KcHsqJ zsUHoy?8ZRT=FWxM=~&1CN5(1L(+;YGR*sxD7~JG)I5M*45#jIedA&|)Xd6XST)8UK z zxJMyZ8wvN{iEk@ftVkCIyb32RB?Rwb2l=3$Eh|L|MM7um;FC11`+y$dYKj5n8#{t$ z>zIf{%{c)7R+n-U(Yv>=f>5(#l-7jH6>FB30%fLoNkATL9lE#BPx6=Rzdba^Nqd{! zI!b+e;DJWxaP12|SDChOok}3~eQmi}cDZZ$F`x!RJYD?3HFQnFkmnGnTuSTSip!3`{XeH0gxJkIzCP=y-+4-%w}i9u7;=H0LR!nektw++E= zAN@cOEZD`SEFJ9fuErfJD2XlHFNH8C^sR*ov={a2@el|iWhFOKD#TtzhOfL&N^tqG zOE0B71Gd$^l&qIKVVpksz6o0jw^9X5WDXl(!v-lU`_pnuL|11}8QJidBXujq!NuZU zkhWe)^#?(AA;HkeDy!{M_i7oWnQ<-^g&anPTFcl)D<0>_ng4t5@@2sNtTf6_djCj$ zUZ47S$kvT4xq)9!#cn|VAzntkDUk(LvuQP~GoE z;^VHQsP;w;hg6rQY60v|sx30|Uwdn0x+-mNU@<21>zO&(&bYO=!kRp%5eVY`f3}kt+VRIwgXDGh_UKi=Za53?X zf)9#qPnbyCyA8MYydu38Oe59q^RJGcRkjT6m5?@4`9+4R4=qIN$d+h*AoXU5&+PAC zmfLe|viC7tgX8s~UXvY{+u&R2x^$IFX@BP6;vaSJ86doSVYE+p8A`Jl<-N`hw3B@( z?^^HuAo^6I@s(25p3`chJ)hy*iUR+%GJQ*N38w^X!M&k*qQxo)8u5+&#e3;0mf`e_ zG{KjI2}qOEG;_i-x6SO5Vv*gGxsrjIR@aXoZ?M;S>ei5k%s$MGrJ<>jZ1*FLCR2hz zJ8j#!$bXEgreB;tshccTBiC1#2b5iR_Qx(*$Nb)z_MnFCCz`5T)vQ%Kdu&)SMTWOb z_csn(*KK?qdK=xb6Dhfps6qko>Aw`Uqy6mKtwJ3F;*0f3MvLVs>$#26HN5)fbB?CC z0NlE~UO;5sh(m7VjgKk^87k+spvoG+ybh57C zprK1Ht%;M108qEy0;Xzpo}!rqMbD&=NalGCnIaS5z_0J~*9_Y#Vy9#tW7l2^hb(%3 z_kf?^+^U2_>_5slmi4jvp@bEzeBflLt8@u+=`On&H)^W9xMSIf+s^x{0apOg!mc&+ z*s~$)3(0@L05Sa7ITMgH?Ed#uvXUPW-zh6v&ewRm)c>cWD4*F^#SXrPNvp;-tdWNM zb#or)-C=_)Z<~@ClYq(K>4w>onLA96C(i!hbm2+#?8+bbFz4aSj%~-tQbx}$iHyIF z+3+5*lIU9Bk#YX6*iDbzj`}iId$rHRr}3Gk74A>``rBLso6w7?L7=^POoGk`uROW) zF;xBc_3sokUO+Rn*l?h+o>>#Vn$Hs{xi}6Aief9dJY&Khrl#oF`&ZAMRh?+bZsnKg z8ui#kpTvhYotG^R){b_x+5Ns1I(^*@@LL+lbDajnbh`e5f=U67nJ7LAt8tY`QI(kg zkU|P9r8KC1F$fpXk^!mNQpt1(kkPcVwTkIZEg~C5%P)(1@ElKEHlCDFTwx~gKOAk= zZLjF|Bj#jVjY9J-Ve2*XYwlGpQ1F5iXVIxHATqeu+QbLOCy?X!wFeoP5c3N{!6K+s?xo^oUSw+p|H~Ifqc`gS}036N0d$`*g{xLJ9)bZ4h>3h2Zc4o$+)p z&C!wkgH3@IdcvgS%*Tp5s(%t6&l}(ZvGhY+k;2x=*c^Dc`9b&*TvAf$%RW0(2#=6j zeC?aMm-E2|RuWH=_HW3~y}b65qM!^N3LPCoHeBPL9f= z&`JcVD8tL?rFU1b2o8~8L|Tpese)VB9|sERSu+_3#N39@(ZL}d7er`klyeC&!F0a;?9em2$K=jW zDW7&zPU4&C`rdz1`aD1f@mU`T?toBz=0${9uzLmf>Z+!}`eyu?v@x-kZr4QOu&s6Za^)v1bOyG1I>)sUyXRka zir|OyRY^a15H9Of;)@H<+XmtUd$60du3R2gv9w{`(YG8qEO>3tss2a206Q9zgZX4X znHw3!NMY<1UAsV}c;X)DvoCvYXtRa(eqNS-4hsOZ*YDXRB_*t{oq(Qf_3ANA&V6#Y zNJh6KyE=6Je`#+zcQn@P1!>{{P1S7v>gJ(5d+So|1}T~FJJer1?RA6b5_^K@$mwDU zxp?jLKgnf5_hPq#lEi$@KGG{KRruH%WZlL-%pLfV{lT5oviZ9pDn)6Es{UPoNM zI~W8$6@Ae&uqp`Ipq))2|4Wir_m>QVRX)l0{Q14_cN10bHs0OZp;w{^HTUyXQ5MR@ z^7(P-M#zKR^PI2rT!vWnoeiQTCrxpI1C{T|&dA20(9QOOeP0tE4HdNRkKpAnWxbzO!Y(|o!&rc4_6Cnc`$ay(YI zrWm#L3-jL7j9U*ySH(CeVQLtQ;-1&kRqH*= zkc%d&*|n~EtsxGLjZ6XKG=kHj;E(si5BI|DDcJ+bu==u~7JvDHV47-8+7ij7=5-(} zA~aoS2Y5@vTpiejh_Itl7^~&){H(3Kl)R6OqLP~k*b%j~(Tjd4_7(^)Y5zRrrT#Yw z_R8@zHk(FlZP4ApaOHJG$U4bdt?|G?a)9ZcB$&T4q|ckKpQww*x=tg_lRzEu;;$8a z-im~T2pJmLQB(sexGONYXQAz9Z)PYFB7PQ~OV%$jZCceqRKw#;wxPoV=w;(*M=C|s zkXOjlXUF2w-Krugwk{sL3zOM zjCwPKmM8)v^U%c>17pwFHou+ZINYx-lDG3mc~67<%%_E2WkowObUrjUA8@48UhAwR z6Q0BP^$o7UR|0ByqfW(e^QfuVkI%k6slJ2al#6P=c+XpbtMlVxtv6lss_=s zjpzBE+OCryWqE#0*TJ9KT<+MwfZz7AK;Lvz8(~FS`}^Uh62FWjvB&W^U0@0w4yW*G zn0L#*iw3sI3wS_B6EF`!2M4KiiQDoZ)nd>+Kd5#ol$hKW5D7EYxFDx8pqxh z{l~~XALaf*IZ`FNvA0MN4+86(OQ@Nrli?nDSFvX%Kpp8B1tfwYe9l3#i|O9?i&eIP zJj2EAPFZ$-!Zx(ytRrCgHvhxC>3Xe@q5O7F`fkEjqm5+t$M+4zhNKslmplrrKHwh$ zRu3CRpQi#nbbgIG5E^{PKBOk$P1M5s0e40LaI~JJA0_Lu z#NWsIBZgm9B4ICXamzh{!e5!aRc8^e8qfr%3~8T}#s>!~*VNp^JXyQ15@byDdHcoc z*WLUygevl9a-S2ZQK;*nIa9p5cV^p(>hUIJN@rG`6#KIOGRa6M%Nd05Pn*y-?zynD za==In2oltnIQOhCc_K8opxEV|70a`O(+BUM)Z!s%SYG*cO*Q$r9$r!A^Kau@TE$Z) z3{)N)iW6i-BQKo@nFg{g1E|y8y^mP$S&LF~Jo#EKu4YoeD#Gu|UO_ zAI8Y5m3bLNS5MkuA&NAOBmYvzoRVUC zQ0w{+SzmVVNR3I#Ma?zGAT)s|;KJ^t`ON#Gs+C6hZ5?9&sDT}YhyJu5+XAklHc0>c zvfKCC8C8w3MP!B6$!iwxs?%2#CV#G>=-1Pw5tQR8qMYj*+doz4YR3pvz;$>&;+AA3HSE@mE-c2oMuR-Z!1T zO*635``9^|-D=|*3@SAn*gxW3>o-f|TJH^Dw`nwA|C+j88UWSbKZP9ZvIM)S(;1dU z@PriSyl(Z4XL|ggpXJljqL-TTg3~}*-P;;U!WyR|`Ed0jwXhFf-}*CQTP=-6z$2LM zFAr3Nfd7f{dZxD5c0=`W?2#=?^3uC${Sa-9pGiIdKM4F6s?`3uP{*A`Q__6)(ZI@= zB~vv%!DFi9!MVZJfa&)HG*;Xj}(^J?<0+>@}n>DV;h93)lU#>RHnWMouTU-kZ? zpVXS$CJ}#X{h?EPz>bEcXvl=@*Xd^W=G*m_!jcl~EegwL^sYu|=v}kr`GZLXtze~c z;P`$LE`i!*O;$S0)n3rYLq+)ivMiM6qRFKqf{~s-nxE|L&DTCO8Ysp!mq%5`uywr6%TRiDcK2*wTORWhV`T&} z8q;X~N}FuHz3zQ|NMW)zd}hKQ9uMI!!#uh?JULVxwCW$2i2alvyx63?_@VTr^+KHe z#b1e%u?c)<(m@XwhmWuyA6N>*tH^P8!depK4n(D85Y7{X)l4=&n|dl*goB1$A@eWRwSee4mV_;wy599o_)4%`3Xryo%HCO7j-$IwjNR{0>-mztuIi;skf#2l) zSyX6%?Mvq10sIAQY75{imoH%N*o!#|%X*egd4LSCPdX+94`CsC#Z&o%JFk5bJmc_> z7j+yD$!UCIrt6llw zVR)NK_!roq8)UD$M2le=mQQ+@ayJh?qgf{8y+CFfm5M`6Y>M;SsKNn4~M7%2d!__hW&bpyf`r2eJH9 z#cPNWH7-eF0wRjH|8SC%4<}i2#p;wt3Hw+u(J0Hj-KR1g0y4J86PW4r5Jv(rK9uyo zUU03p-avuo$)0wP)zS*b+{6!`2F>DM9V6t#jUIe$6KpT~fZ2dkuSZ$=ybd#1#Vbn-!5K1zY@S=E>EK>UgSAmR`LJ0NQp{UBFe6r1G#y7mJyFD`6(@;%LqI4er(l zlzrV|WppKB)1`F@12bP45^&RPY-}yoO;qsp%%TQyPTC3ZESA6*-KBOK0SK;lDu=(p zJWzDChdeMW3LlaD`{!92r1G|km$-(t!Q5>%OBci9wVlaWjF)|ciG;VrEd>8-j5@Ihx$UdS?;r7BEtkD;v!z(-xE_1GAp{=qKqx;X4!Y>yGIjwX1gB z@9<6Xi>^p&i~suf0&~PtB^}|PJB~MjN&$Y3*9+3N_bo70`C!Nc?RZMZ-lVpXfP1r# zYR2$q!1M}Qerb$Cy7w!HYJ#DV!Mj(*YxiSQ6xl6sBtXSFKCL8eU)qSIN|lj|k&P*y zWv+z&=gjN>>tG%almK6}400utzK*RrhzC>WZ`e!)tLNtet_NA-4J~htyl^?oY2V}f zA|Y|TC3etbWitu1X(-A05IWcNVXdezuVii9-w@BsnaCO+ICvT7*YZ7;>5r#V!s!xRbkhYdN;?5XpZNA4B6^2B>e zz74$cyky$8Va}`bT={a8P7dlA=)eM6X#N*emNtSw(Wk~ zg>QzA)e7>fWG_VN zUltfaCkhxI(t~VwnD{3mL$?qfH$^Ce04FVzdd(y~{DCP>{s9DbD7)?D!6h`+>Pt|< zdt9almqoi8_)W1x_>N|T3jH6Q|7tYbIN4X#>m*FZ4Qp9?EOb86*0>{_h-yeG^XFh@ z3ros7S1LLO%$#VDm;nyHup(aCh5u#&(Eed3`u`MNI*~jJ)-&a$qf*Xwa5?UVGrD|^ zA?by=Alp-uU#r9Y6Cs+!6%3Q)98J~{Y0KGL+{Y8fkpH| zaG;q}o?d8yiA7t+zhAxgf4Lm%US%I@bqlCW0dW6A%=yuvZNNTqI=p{CF573Hb=R$< z+zxxl?Wd$G!ftb`5f2VwQpAsmGlcWNhMo6s3mtH0eE?|m$dSj6qXt9Y|ESoMedf+@ z-%JKT*aMG4GHhQ(xczwz@GZ;KkHJPB9FD{%ga4Pxi| z^Dd6PcIo`-TNqDgvvc>3AGJuLXT z*G!wxE~^8Pkqcc%BSMyj^8^!?7%w5Ypa3L2UxgkQF|2~tuj>$>T;^CyVWZG<*Zca& zQeybBcx4K2>RWRsS=lkNUH!6=39ZQ`Z1E1tvi5Jdr;fuV2Dx51i#J@-gJ$EPwQG&d zbt)N6h`#1Hic(^faie#Xog4S-#I(Su*Z5dCLv+)@SECH+*tp0jL80~U;|ndb zOhO$6$d#<)>xdMr@Dy{dVw!03cTLR(A6@Kk0y4o4OWASdQF-2_S<5AG?kC{L*caw3 zj!{aNSKI2myzfFs-fd}=k+ZUspRq+JsMTraVL-5`Fu+yi86^EL?b!PF9~CfXIDT|!)M z9C)&VNy!;?JF!Tj2GUZY1T}-6ZV99gJh`9rbzS!N?!BIQIm;gJmb`OffmYhTkh9?? zU7RU(YK-=ob69$9c=6x-b@>L)YwMp^wR}uFjJRUWOj;u)JfNRmt}LHg1S-N$cGil5 zHV?>R2n}V+(Nhl%^8>1S20!_suBt|h*g_w0C_SgZ)laz~o2`=LWm@M>8%iA8)WC|A zt{gpbK7spTm5RELb(2k!9M;hiunOiA4o&2fAMm&X3?JDY~z4#A@^1iSCId zP6B7xAi0%dczPmCzR!jFY4T)t*6g1opx5j?pdX%9o@6nUZHl}u8kLp7Ib;8&=o>wc zj>yUWOnPp}a(7bgDJUWE9TKS zlcQanV)VP6NUnq1Fp=iX1m0OSW|>RgIj<^KRh*iIt}*BfC1^VGp~9W~67>yL33!{4 zil{(YCf`+`+38ixuX%UfINQlw#lnkl$mHoN8nnXka?UwEj*v={!qAi|zny6l8yAcQ zzFgWKT5oq@;M=azTag?b0g#%^`WFcU88ri4MC4Wt`)^v@UQv3`#f3U{nq(BO@qCh- zV2RkxwjXZDspGDjM)fb2j0U1#hegtjzR>gp6n^S|?)-9f(Xc=6+}X0n7+J7wnB+0T ze&M%FrfGI(@`l=pO-(kb>}<3=p;C47}gWCHwe}_joRY(U{g^uhMPrsHXfak z1YrR^`y6Rh-cR>kDlOdzS|6bC9KCNlx4bM;u3_)uYLHus44oYt+SpCa+q3!YVe-Y8 z^aS_$Yv=MgFlheIgJ7>-$F_iP%R^SmOv}b!^+~cBolyU-a96YolqiNBVPk_8%`aql zO*P=vIwL5-!Isl!de@P@W%~Rnm%QGJ8S>{jEN=BbVmWX#cOfUwsy9$TUaa|pKA>K! z8B7KZB-hC5;P$38S$5I05l8Dm=(d^k&cU8Z>)DZ~x3>rVDGn;C5a_@7p+j z1cI|W_PwmsA+jZ1xzI$E4lS!Qe!qnmrQr4zWD=a$Y3T(q{YU|roW}3tLlL>TJWLIK z-(lf!j+Mcf=XnSPkSqR@Ql5D;8@xS~pV8pzaX4LMEnwMy66e>Vum&2pl#J+&Fv;E9 z2BEZ5Y^cPXuNEBHOHXPV&TtX)sAf9qUe6U@aIs-uJXXGv{)Q!9AhLwf%CGo#eF>Pc zO!Y62lr_boq1dwp`#VicvGs4q$8XI4YT>!QjUl{7R6NSg0GA5zY*(e_SAfB#VFP#6 zcX#`C*|g&7xXQ8QM8oFG>QAKQR(tzhd8l_IDs$FQ8-t+E%M|R&))!Gs$ z^V^9kNRY1XtIe~Smx0vWrRPjE!Ms@K2^{?%25L5&EZ4_u4{=1kmZN~ks(i&)?8;YF zq$^kT_{UF{{x6rOdLv*NCvrQNC zxyDcR^JH8%?EI0CXqT0h95sHN%Fp8=YjK}rLgk!YN71y;0~us!_Zc6~V)sH1?s~M3In`d8kX;w|1LH7za z@BB&Bbj(Jp)O2;(pZO8oQk5TKtll4x+q3vbgUp=cHnBgQ`PB1E^M~VfEYuS+ zTCS%zYV!;Hm4bY&YI~KcysoXg{ecBI*sa-L;2+!6Yzxg@4Kc&V@HU1lde=!CNvIRrods7Vv*BFN@g)#lYE!RcVs41P)TXq&+pbo%@YL{aador?&+!U9H|J>OtnENU%1F6nt&8o&W}N3qeq#ajn{}y{s@V3J zChMhmnDo%QEUm{F>%1Gag&)&cng&&#eQV45r#lneyJ;Q=e{wyXr-rq)B{Di9znf!l zCk{0!wu|o)W?)?r-MT0xtB_UBv)_7-t&C%35p}6rxf%H@q!UU~DFpl;^z+Mg)C(_( z(4v{QvFq9AEI}8a)}_A;P7U|L3|l7Lq+?{qt(Rxu4>uJgv&RMGMGl|t(B4z7zaV>s zvl`IFeY=m>O!)uK-%1rYje^n#H{8~jdGr4{?}eRNR;}tXjJjT?D{FldrG%%^!+2Cp zB7>p|N&~}o$+oyK&?#~Jv5!=eRzVp>A|0x~Ijk&ro zB??)9FS!bi+|l+7WZ=Rj&&{cQheXvCqadrE@810`-_Tnve0@=5DD%f`2}fn#(JC36 z1nl%h;fCFy>kb@&%$V123WV2g(zox2BVUB2$zR_IOmDbj7FH?=$qH8(xa!KNkSquu z*hn(xSaskiRFHqXQreIC7Cg!y3Olpq%I@nXd90&a+r!{^o~0$Gb!F|-1Ae5{1||&g z@{h0Wc&&|byXtU_kd#J3)_XT>$^G?StlX5XV?*z0hOI+p@b^5#?2Me~Fe4g0N%&j# z7v-~r=!MMp_6)Vih%i5v9&cqT%Q7TJ`uu<(?1Af?ZcX5$o$vxh+mWw8kaVQ^_o3u! zq3opJTIkDM-}c|fLun8e<1Xr=mrwl5Rm4cuP|Sl(d6~T{Ut@i(OFxLU{G;u&;K9FY z(3$)_?vo;7BFO$t&*U3DZ0)?fxEV)Xg1^tN&y|Q(6X9fxoQwW|^SI=(oDV;2?OP-qo-jhDenV}E>JNh(jPl?qVb7-(_qX$xB{xmHzVUP@9{ zsj;r5eIuPT)Nd;KF1&6I8moo}cr;q^>5@thhJAY%cJTKR^~F15OcMk0RR#KB*4n|R zJmW&N^)3X~7B)j3lM0zYcn|e4^@z`0_gmnw#Ac6gIV-uC50Hnu{5WE9{ z_tZ++mu@N7y1#aaI}XE+$J$3`sQD|SHHI!7zf%Pn@_ctyFHNC*sU-0IvgxGmmkmgV zB+g4;tZe;O^O;wawCr*RvpG|K{YEamJ$#!88QnXzY$rL^|;&o@^{~0CYzUOy6gyvN?n6Of~M;<2H<)@ zxfy0C#1h8fm3@HCIT%Lhg4Mdu*5#qpCt{&b5458S?VS zW1ah?H|CtR!oyNY0=RU^1bs52aYQ4&NG*v68*rl#A zP0PW-dly`92L3S^w~5b3$;J=Zu_(ry7gx&-s_FkKk?|;AKc45kl6TXg*F(KtG274E z2EL~}7c5HHTx+!Cc@W|j*UTT1wsSSyI}&N~XK?3{z6WYS#Y9xEJ^xdHqEuRzBk`_F zHxKX*e8fjd6`13S?<;BFJ9&p>)V;8S-O*%VnO|nlWQ!Z>3-B4+I0#-XXHL|x&&5|- z&B!9H5WeeD3|JZX(;~Q&P?Lm>AO|2EgI8- zZWb0?1`*Vm=R>Kg`YeM->l(X?4Af6T>pr{8NIMlwu?wwxoLvq>orykJt_WIRzdN!y z;airjiD`CRA8P3xb-H-j;NacFwk7QK6afxq`;w$kLUDR{_2Q*a}wjbMBF)S;T*Xqo`xCwm)tfqmRkP-Nh2LPkKP5%WnJ-u?V;!_r;Qd~t zg_368uh%}ajC-5!BzF&G8?9C7^jdJv!X%8mIO5^p+Zyuu3eK&^@wGJ&MFp#=%f1A& z-)Ze&jN^(=x#v}rp4P2<=>O8H{n7B-Pw}oWDQKcg=eGjos|Q!ocvvPPx`%~2baYVW zV*}vEOi#bt>`wyRs(X)JE}{04dwfLWw=3d@}`oHVnPUe8cAs^$&BSvg^jFi z!6G@C$o&L$Ydf?Z9002k6N7~1LX8I`_ZbaqM*Nxs0_SSXIKH zM2ao2CpM8mdYD!BRX=dJce`o=XGc>C#%x6x)BdBK3mAJ}VC);OLSDMI60~5EggNfB zgkOuL0{7f3vlQC{o#|)N8ocJWnFGY0gtU2OuQIX0T-h_gK!ttZF^K%z%)c$(Jq!RICb5VJefst8cM&fulMxslf|QiS;|&~m)r1#9et zn`=T>JKF4%&$CDLAs!|Yl};KU1MC!;AcOgnOQe= zlFn#WfnAc`9t<;@$}VV{21qLhU87th3j`2|F_$Z7Ckjj_UbrvGZn%9?Ueya(2&iQ` z6L;-M%1z*B;_Uv9o-q~lD~^Hcj2dpiC=$BlB>DPa$D?9hm!tz}(2*c$XcJo6sJuZ+PV z9yEiM*x(MSK=v$aRlG-3S~%0E@THAXMDFmbPsf1I&62k}h)N4XIZ8B}8?OK6F@vaX zFY;k6p7WOle2Zv&*T+a+XK}bP$YJ&ybb;qe?!7qK^*2>7JM{QUIO#rvoR-^ZCrc(Z6(-jJS;#A?_ z)77u{I~&x}8j5Wq=6$Ki5JJkQe&T<@@9?68O(0 zr46j8|6K0e|K82Nf4ehq_;~;40xw|#@8#0t4R;^kKWJ6Cbu5_ozyImC=is~M*Tahu zVuQnayPvLe?5+I=QV)#HgJ-(kp~O#Wk8UFB&$acs>MOdk!nWgHe}4t7;dKhu9^CyI zClwo;o3)uAXS{6)i}(+J^~jwvgSB^8GNt;f8uYUSRufoSp)D@YpPHq+5u5(!tB+tT z1Mj(ucCX)S+TC@IveY?k?jHdVy(Lney_tGI`s9D^-hyl8-N=c;45Z1son*E_LA~9d zY6>k0jwl?)2~od|@%CHEK5@)xzV55dX^gT;B6TTF?Mjsf^qSZSi*zQ-AkQg+Mz*Xt zlj&;w=C#ws?6&q-AyNdHSMy^b-XbTg*7lgG4~FN*JB!(JYJfB4G7hbQ!5IA0+ydvX z7{C0VUxP~sbKZ}%WjbwPR0fjeCwZ1HO{}HwS+LJy#Vp@rT;?=1u=i4e-&py!Sudae5bZ?IvRZ#*>UZG97A4HEKmt6Ca|Ar5ppHeEqSq5k;pkS zl`niMtvf0vwNz#3B(s#-f2boCBa)M5T6-LQs_bnqhfLrzQrG)<`zD1OmdckOZWP~H z7W087FkeL4v~qRvRt0#=Xb%xAk9Hh`Kb6{6W}w~k$LdjWKa3lF&b=zW& zTT0lQeY`-)%~r{8|2g(&8PTI8%DwpL%h=_F^PucyiHTU1%B@YS1A8Cr31UnC)&HGL zp3gJ(*IsvT!#B5Lc9FzB)0h!D)WJMUVAWF5`JSZ?N{|abZo8jehYXfI@cVdH(CAG! zWknV;OF`X8-bV*3nRolt(i#2nZ7O^C<>JzTW}Tynh~SCWPv`3DT8qrzfzglxf%zEe zqJ%N6mqA0%J=pmn@2C218T#AcmrzRtFIglz?1K;L3x` zo)g4|^Ik8>%poNfKGHF6BnVZ*Y6>;xGP||dleb|T@;v}J7LSB4Ff1{~Q(TNiccubV(>qIcYj4E=x5`a%mTPto;&AJ<9wZlc;g7;561@(I6g-_0oG$glm0mO)-W0fE#1Oe(^1x zNUJ;!pTJ|6STs~@fspYfXk0jg+lc-Xwyd`PiRw9T=#K%y@2B%Pi~95YzhmC3$bTYc zx4!=ES9`hOi(*?XyVjErKASgN7`Qse%dpHqv!|C4U0Jz}fD zjT7q;F8x4vA}vOKl0--c1=)ZB#_MgTZaL2Uy7wrA^v7{-D6K?$fvhm6Xr!S}fqtmi%KMqGB|*gF>URuK2h5zfAFtsmC?2hz^S^Iu z4Dv(^-Uvvh_ zR)3g^p4H>j%ab4a`Fsq)-!|4jlC)Fm+MjLqWTao4K?8=N^lck1ohQ^ zHHof3(VbB>;j=fu&MF$U;@GiD1?(_>D9Wl>KOU@3p<9V<$C|pAdCp1G*KnRC{t1Ga z@(&zx$wmen1Gt0Lr9|gjH8pppr3bFET3{mEOX=aCYOJfo;&y)ln{?Nk=nQW*=3Ap9 zKWF81XhUmocv$sv+KWrEC6c5wY5t;?Bngrx$6AsX({hg^;-ecA$kje{Ln@E?K5pR~ zou&)2T|H{PtJ42Z*zf0ry$$2wPVxF+u`UevEG*8mc;(w=RekRc+bWc!dE;CDc1pkc zag_8_w;*eJmhQaq5DeZ%2Sn@6jXqXe(2&T3CLi)i#Ia$dPb~_^shH1w%e~igkf@Dw z{6f!u9B?Bobu&VGHBZU5f)5M>%KpAx!mWUr+THJNZQiYV#KeR1HKI+2m18or;`@CU zYY^y7q^bMe!1jwYbr@yv%`8>BK~Sll`TNoc(IP?;mTwnvYgA3T6!wT1lU*RVsLem z#(`Xp3weVA>6I2csR%Y4-*0ER5;sacP0{UmW_$}AH=jU8DzgT&uVh^;kT!c4YachW ztjfY$FN7TcIEDM1QL!(qeEdyORnKdqq$zFufkNJzRsC)6%3zOskbOrw*xSusH7dGs z;hQFd(_~X^rm6fX^af;EA|(mXPIhGN?^nv2?M0lcC=7oTP8pbx_$Hs));-PkTOcNX z?G>$8z%d!hE?Scd_hF(xzt$KOS2SFbBoxP|e=v^(dwD5ZC!dy$ZI)L%^nDonc4RQy>jTZ7B@Q203wx;jNa)_g zNde@^aXzpR8c;0?wo~3fw3FEHK5~?LnONp%_MBQ>!WAO=C>_&JDtu3c`o|Tx??^k^znYBu@D-Q{(cs>8`IHq{`b5D zNm#FhMb9dXNL{06>8+d6Ih6P-a^kgG+0^Ez;P*TZ57#_Z5@90W&-QqbN~gN`mY5k5 zzE?c%v6pHcpUJ0ewQ&Mg5|V|ALBg6A-143oR!3CubaMpRA-BHJBc(+5*qooveNp53 zb5{H9_I~P~JN)yhtdVPF4?@+s1&~lWQ<1gPy-4KTdx|bEW*2nl#?x-;#ogoVnx#Eu zdnU9XWGV2T4GTA8!xDcNhIHd5}Rf5A!*%clu{l1#hY{~~@l6#(Z3{CV6n|G!0` z|0>9JBrJuAB@ySF7T)X=Pas|kJHvIxq_>^1Tcn-q6Kn@YFV7O|=U*Q0`4T#x+Ihp9 z<*PL6TO+Qnt*ULV1-G>0O8Zwo7me=R0I#3TZ~tZ9dwvpoV$EDrL>L3Pje4mmQ^IkW z%BcZDU$y951JZkmhMwbL5O=2DY6bcHg)%|iBEh?@{%`7vM(cl1ME9kb$a7RB@!ZN3 zHEj5{R6*S(-^qq8oGV}O=1vHstAw!ya6=Af^}5U(_oLyut39x~J5dBc7QsP6wLNO~ z<%`>Dkb{>@`5jL0l^6qyx+yo}3?%h(+qTIQ6|FUb!{%Ba)Wlmvo~X@nhMbWT*;P1% zM-MBawnuG^%_~Ud2IXvzR$bwhKG;BM5gIr`wAatFL$YwH{s@)YnX2| zS(oj^H+-;HE#>5$lcAekqqkM`R0p&WJVn=X>h9Sg>(A~@Bt&gb_Aw_zB%(`4jIg7A zJ!eG77mxz@zSlzMb{(8`b3@ZGlTbmQ-%!}`49BE{rKt7r?&6$2S>m|B=I%WIr%$@Y zQieDmlj#j@(WwbilkdW$5K`I`>~!>ND`yuuK05wL$NO}BWrTO~>)&qlQFT2`Z2Wb^ zA?lG4&_aE>+}ln77QdR{G0QBP58K0-(m4rm767+1kUk0Mo*N2{?I>hLvo09it|l3y zwk8Dug^QtJTP1*U=3*&Kf+|1O6CPx3GV`ES?Nta`I|=0Z2_KaW>fR{00jUu8b{+^T9aY>L4( z4S&a+%SVoF4z0@3Gr9*HivlVyTN?&@N};RgJ`IsA?x*2?`b66z>Q)Meo~RYL_pZoG z!CJLfXC)!b8Y#&f&?`d27~gMT%`HfjH}CYpSWTQOFVz_KZTDUQDsYxJr63+z*v95P z{u;^L#a1|8fLs@H=ND2)s*48%41RE5140Mw;;>#q8GG4;41|72!tkgj-CY2K^}`JG zvE=)VB1_sF3l50CFIGzbSoHm4AgMk5+D$2Z?!NXx=6;oN{C8KMh>XK;IW}h4&9$#7)UuaR9 zZTsLOMc1x4jK6@T3h)RPhP!?l(Oj*C7cKP9xPWWcLyGQn6oLo33LAWDsTsmxbPorG z#1rOIvEhN^b-M-54Xd-4w})*vXI_%(%r`3yaIvUydy8@VS0^eZ+$4p9DBDhP2C0?A zID5?M;~`unai~L)BXSc9D10JNSIC$^f{lC>PC zb8ln&bpkGn;+8ZubEqF|-Lut|6~`a()r8qwApoDcm@^5G@uU4$bl{P3hU-eeaetjl z%5l2i)@5R8yX_UKmr1QM6>=;zs>Q9z9?U)wv4NDtu`xs6RQel*3YI&Ka9+!L!Y^Q2 z+{r$K%2=yn=7xfqWhy#Umwz;fBr=tBlxe4L_B&F&k>Rgt5=2U$K`E?`Z62c58QDsQ z(gE<2MSRBg1!E=d$%J>a#nvr-BKm0D>qaGJ*L+wMF__&d@OQCbpRn5w*XkKEGBrT$ zt!k0sv|4KVe$;n6LBM%K1Ge~3A3UpzW~|9rWO0bFnu#A~-sSQN3Hq7ndr}k&YQN#3 zqBxj|InL0$j;Ce=NYU;wu;^gD)s=nH0@IJ0SbFps)*o#ha%^!!qmjo+9Ysw`!@X1F zWf&ZxCr;VV(GK9<6~MTVaC)yHVk@e~;k z8sl-~Fd)FPF`kn$4m8nes0P^LqT=qYNIxf$XUxtCoO?pUK1_R`vCHpi(M2D7yz(?* zdG>WRGij4=85ctL@T_1mjyf?P;N0al$~0Qw&L=|VI-&46-uYxhmN3YTJl7ez@7mO^ z?sq#%SNE~q!|g7wHDUe=m9Qi&wgLr(qs1{zYZ^_=RNm8k%Q?r4+46KMU8MtFej(Ls zeHre)+R%5H>g3qsJad3YH(srH(kJkePV91|&Yj1&{^0C>0qp=Uuw?Udaf=LplMZ}X zkIo2p=hElesv4Sgzj2cIuE~C>RtiqHwSJtE;oN{$?{nJRyPMLJae8^uSn356Eq_fH z!BRUV(*a4U3b1n#xG;M4@F%$8#ifa7t%eUL|B`4hF@jPdDPG57crlaU6T3WX<|4x~ zbVjHOLpRzmp`STfS@I$)H5n2tU>O!hN0YK?Pkm&V+M7s&f)+wf48|c zF1Y+s0XG}%U10=1c`fCJ4=TbSS!uhn)?rd+1Wr^3+NK9GY)*xsE?7tsFW%e`LCEeIC!fV7d1C>yR!!@Mm{m#cCjWJHGTVHH7 zFxx=*UDaCj&})6Cb2y4F-yX}3f1PdX;QLrC(DWtkhQ!TObjLk#+&F7Fo9N)rYbmh7 zWxHeT4{&$dYFPI+`Gm6rMZx5cO8)82oGne}|{ z6`z_*DPGxB@1u-&WWg)Zgm@3>okK+Nwb^fGSwvS3kn!`z0TnH~en-zaM}J4rXPgo% zF#xfuW~7&y*i{Hd+w0we)>-!A&2lsC0z`!0Ru2M*)bE#q=sffRDOHVZJ`q{yko1Xg zpckI>hU*=b!O;PYUoNyYDfvk*$_49esL^W3Eg>m@9%2#dZ5Y`4J6P~-Jss%u{FTR; zS-=rmPuKq%{{f!L3e_3~x$0-kdX{=6q$VxatjK@7AFx64RB4DR&dYpGL+VqqGnCo@ zlo_$Yb}4r_;AR>ADeV^rciQVmoS6C2O}v}sdX@`*HFpqL_Sz0Qv=8^N`@S(3E~XH2 zZZp!iONG0ZSU{`7`F(fVoH^t_^eZ$O7LOO0b&t-EbH7bA&8YlnUNlP776x+oQYSr4 z_$tF(ec)Klhl`L}N4Y8#|JcuY2clFG(Py*V1>S%>Nk*1D>3XSeVxcCN=~Lo2o2#zM z7dUJOmLFpUOOF=dkW08Y0fu;cU$onXwrApVtb%l_n}i9r4ObxZz@w^ahRN|Ed2{QE z@8lV&ucx&6muR)5<}&&sBxT;kPlq!#jlA-?qSY=$$MBPZ`JiScL*;4rHuLTpHU(q_pHDAzm&jK+UTNY_~J)h^j$DYYMY?UOkC zczpuA1$m|>`54YM*be?&PMm(tZ_=F$YyV*=F(Vc4)iGiC6*2CK2>pd9NW?mok6kFc z1D4;{@CtM&8FMc;a0c#YLJUq^RMXh)k{~XR=BJ;(VlFF#IhY+tkCG-e!=>`s0$PXS z!K+iZ2DRG~pzEMpeMSTqYZJ`VGr2(0^5k{qw> zsZiY=UbNqqtQTS$Xfp}E3T@01ABy`lw(n8G_?Kc)o&$Xv8f}lAGu+BWt?BTx}s1j-zROGz>6V@oVYXHav;j(N2;g`fY0az*_w~@ebI|REepRN zRW-igo`J{zFv}8%CRjDx_E^m#uHG8Wv5UUJ2dE{Cv2B`=wgar5fbM9F)Z)Pt4zHt) zA4A7Q)AX%34TczdfL>C9TdD9`#6KD$;~&r{^i&PtO3q3ZR+h(>esX;NOOjOHGU|6f zXPpV{zHFcUnXwRTj*X&;8sM4F$#(p?qG@~PbVY!S`%0yRaa5vubP>PG!ePpG*k|)Xl{V{ueHq`Ttjy%zp_0&|J&Yfj@r* znri+}Qt-dSjybrnyFBr8C<<;}$n~UCwNxP2owRn+=3|fV_FL+knHcEWm2^Mo?^mSH z=z1L!jqUYW&@B&qH-~`M1_h|7sKHdAcXr=*?~@aAZK{Ma2jV2(0m+6g`5f%+?3USL zvNsU6HVRLkDA9&?L~%x1K{vj99aUe_drt4_-Rm5+)#^VYUGrlG2hksfVWe=8U8cJ&=lOm>zl)Q4B%TlSE`rq z2kb*NUipr7c}R7k4~sYLtknl~BVho0FqWPoz`Q<w)sN>b>T*i^a8eCIW|HMYuRb1hCeIMqUX=}@JV`QoAW=12f{$;aO-8B7v*)A$DiKi&R%CZA`4p4>yMWVJd9}l#` z7TWZn4}uREwakZkBU4KADceNXOZ|YNrC9D*8p@oO99Q`+BV;7sQgr-J9qO-aFU6%L zEvjupX}$mv#k`*{xEUJ7Ml2GjO&^_z@B?io`oKCGR3RYQRtA#1SB1aehs-Feq7p9O zb?#+g&@JSm+JlHk0YuM@YWpCP<5s;ZyYFffu^9lLS{>j$Yd0>2IbpUgR2f^pws)FG zcwmxeyQ`b>g}s^tKypT~e^q-i4hqMyj?475kYS zv#v5Zda%RXdfpHvqDr?8vvtBCu1bAk0B`+EP^e}uC%O85>H6X2gAK!`=Fx%nM)7qg zcY2WQU*4yVVx5G134kPMq)cvf70KEj$HVyqn5D)u?@+ze+qR`7J$awnOVY@qS+d=L z169HUpe%LOk3Sx$VA(AH@E7nD+&d5^yi6r1>(P#1>cua4qk-zL@gS&pyS={KHf>R? zx~ou5!m&HsUvfNVIU#WTExpypA@MfNv&?Lta{25oeD|?2vJpqNZ|;UH|HOj>YXN>4 z6DqSMAvF=ln45-ZuiP@h=OJI9?5!TQq+y7^Rrn_}cFwViZ3gX!K0@q&AHEtuC26&X~EmAAk>R z=oBux9hD)uzijAz)l!!$_?v)hB)I2|0Lb;4eQR!QP#}_0+pnh|WSzwHgPAeAlM5sL z+JWcHIC?R+O+89)s9g1_ayENp5 zJguKMEBXVIAnQu?qQt?L+7{Mg{l=;HnZ5 zDYn00n#y-W=;h>@t#F9z<2&$E-B~()av_KNpy0{ih9(lqyq)1G7rUbJ{g zcTMXYrQtOREgLvN&CSuP?I1&)WSV)Zy1mmB^Y{qfeB-r9?G%QCF5P%;UvoCcRv;a) zPWnFP#JK$UQR@3^$O|J*X#2W{>;O3u-SjdGR< zYTN(%c9dJZwbcHS21VQD%04!xv<;Q&^&hG{ow10SEC87j+}S6ewNkmK9mX+4^!i6> zswloOdXV=u$2qmE&UBB<<{?NnzOpIGNsIVRXFBQOvu{4V^4)X=F&-CfD8vv0{GnNR zDt?@%?Bu8A!2RTx6AY*5H}QF_9OfDR4n4_a?LLPou?20Dr`1XaR{iF^Ru%j^ck2UR zr!u$+?jyB0g_W}NdVGuYq!B_spMPpQ)5BXg$suB%HagK6=z3N{z$FaNG@kC*dRcwI z+a*KQ)61-cWdz!|k4aJrb@Sb{f+KmG^vEw`HS{c`I`DNKibr0c(dpNxJ zol4Sg`$?RH+F$KUE^wW~+0&q>o>C0yItGQaMBRc))g2|rsj<3|Q|xyh&e+1(TU!|# zFZZ6W33s5IPsIh!T_zQoII!mFX83=+|Jr)uz3_?Xru_ILE; zNW<}%eJQW2PrDiwxc7hB&L07gspa{wu>byZ@aYmjugAblFF8h?2nu?1UO6C-N7w&3 zgE;be$|`#SbeWMcX%QkJr-}8(!d;j--{QCrggG z&|dIXM0dGA)dl^}p|029Wn3TU)&?6BlD_VJzgTu26y2g8gG7zL0(qsoXQUPxmN*V- z_D(_XKe2FOH$!UBjT@iwWrsb9uH-k0yX)^CG}>AaZ;LQtP($k@{N@*UzkN=>?JZ<& zxs=k5m8(J9bam*bZ|>^D9Kg2ZmaU})ceM}Q>9Q|j{(75ht?PoG3_2cGP)EujHFfr5 z*TYcHNzKB!LOLCOe(x=%b1!IemNcS=ziNMXb<&eQriAQwqw5G**ff^4Zwij;UXlcxP_173?K2%mFF!!+)0yW0$~m%j`w`qD!HZj3`xYI3R67N&VD z$O*RbqNfq-lcziT)ezbtxnYz?Z#_)g@Ab#%DZ$a2+OWK@gKj4P%QGVvrZ{GPw`Mnl zXgJ?hhn(_6@$gZuTu!zReT9^rQ96@VH>EJB6Fu?bt&Pxv{$_>Gb8cNakli)&G()

    ;j^Z*$>e9@hh$%xirALc^&UoE0~sQ6o2qTy zYrNYxzR^|NyoW__m#bD(9zk!6m-=R&ao}B z9CYOz3xkCMi4G_rCB7@!u*Na~KEp~A2F_8ek zOpr}?yqckXjKj&g0-ZS)UYJ#xmRZ`2ztYn1==8r4g>^}j5YFAz?0dB6;Ad65yvKT~O_mJKjGK%Xpmo<@)bE8D8A4G9SR zlV0`7Y<7YOg~|8?-1PwIa!6E8$gGVVp@CV{|>!qhBJAl+Sp|2{)eel|P3Qr^c>MN%x=*I)_!|}8G=_1}U z;r(4BUNyqtJGI|+=p!p^N7=Q2hG?j6s9FXdA&C?IJrA3X4^+Mtj@+joWF;7~6(lOl z7bK=UahCoyK6C->{uDVRB;;UoJuRdQqYl2KAQ~6!1zY>T<_OgN9>q6R0J_fPRXm_8 zYhg?0it*R-wko<}mYRs2D1bA9%yezFNCnQO(Oqa~nsI>R=zpS%Cu(O97=FL{tv&E+ zK-9qoAqGf?@i3W-6eO~=A6VAjB%}K4ZQ#mbL!8B>ROFSN!;h356hM;Xj>g(d!R&L7U`9T#7nMq$AjZ z@|A{&aI4^Tj#X{bN{9kp@xH46)qvX_e{u6md5vm2Vg;B1zqY__$9w|6Aa;^Y5mGht+GihvZpC)dCtzcF$ z*c4Eb%y0FC%5lY-vQ}o6oozIAbZ)RyCR`T!H13ql;OvsVa`5jm$h@z)9Cnv~`E(yc zT~FGW(#QaHsWI(s96fB(k+pb`-FkFRTqbV5c{cIwinEA|B6QSldi*?b=bj6|sI6^h z-UL-?4F(IT$EYaf6*@k4Qf~Y5{i6l*)zq5nf%X4sO)g-~1C?1wnRs>QD3zC-F4ehf zrMZ)0QgQXL&Jpv^-03u+%(APrkF1cx{PoU8ekjgKncp*EmkdPpe7?B2+Ph@IS!a`c z_pI+bPit!iUS%=x1#}{b@8J#nWc!ezzi!~A7_uy%Wf4$osgl>g#+q7a*av7ZAAceS6FX4G&zeep zN!J(=zjmt8S7J`x2ycFoE6as$S^Hk>JXQGoLwe_=ODowP9!*8k`=n3$&zYt2RV|{iOr~H}->{nkg zG`eF%h0e&p=F58L!h$x1>rOgQHIgc8&^iWp)b@^iFX+~iGPJG6Dnp^BVr<7E&MGx$ zvm!i#>2D8XpaE3jj~|IY>FHW}pK<pP#t zsj#r-2y$J1))cUuXpd#7aejj8gCfvs@(#IU&VK3tjCI3`C{%18MEyW`F$1na5=ZJ%d literal 0 HcmV?d00001 diff --git a/windows/deployment/do/images/test-scenarios/Win11/M1-Basic-Complete.png b/windows/deployment/do/images/test-scenarios/Win11/M1-Basic-Complete.png new file mode 100644 index 0000000000000000000000000000000000000000..14f539ebd1c728d785c4fd8d06c19d72fc9079b8 GIT binary patch literal 110379 zcmd?RcR1Vs-#^-+rOT+csM)H~)~ZsoNvTp*yESUWtWE71Y0=tLsZCmY?_H!QN|c&G z5Jd#BS4bo|Z~cD0_qp%ib)WOQ&L6)su5(@KB_iehevRkrv7QOn(onf{{`&b7Cr(^a zeX68$;>4M*6DMe{(47Td(e>;V1iqYf*HKYCQP$6~417alqoA&E;zVWag(LGb!1w3g zJT-Jbae_1S_}|G`?3VS36VzN)C50D0rmJLz5f0B*jQ2G{x(TJ9J}RjHo%DH_XQerf zX&lqk^G6GAUEldqr1ifWgfodvu-@_wdospz>PA%;o%2n$%1_EtJ!fvnN%J^4U#SR@ zVLX|_8lrtFA{kjC@l?&R@-*`8m_M7ezx1ma@F?LAA)$!0Tt?a1&Bl>s^Y`%U`NhR6 zsL|0CO)}9)fa7qo%;a0dM70e|_3K}EZmE9y`$&C8&n0iLia{WfrCdyXHT@B~b^rRw zr(5b5&d&eyJjbrn%=n+@5~ZwBYX3aXyBh5J&u<#4u@Dpa_ixp^*v0qH^WliLhJXH= z-K%@7N&h@ozx)5%Urt)>yFVaQ_HDh%LmRg$_0N5DScuKoaKnyVx8}L24GkNuqzJSN zqNQ1%xf1iwJza`yJ2=ryTq!PW`SXEYr?`Lj8-^81>AhQ?gDhZMs50>weA1aHY!tDE zu4j>&_R#e$kMV{d?SMgx+mmVxiLkXkEEVS-2_`|P1qWuB`OayzqrI*IwlTbWvlFc| z>Uh+1WT6aQJKxLwCK_BV(SzSZd>l|^Yxb#mJ{pTpd{}oTn|<9~H(CgJRa`ATizzk{ z17K=EiTqQ6WS0^b&UM^|{JPI*4#uN|o3a^N$e<~MO_(FVs05^cekSa2b>j-Plb33G z-n-ablt4h1UO+&Owwk!}kvyBthuiKqzF0owB5G2mx3#nXP~Ex_hJERWYjY#I8bXxK za*6}CW%x9@4IH@M>RQfJ@6xbdwar8xMD9N*LD^iX4=()eGR^a4pk7LZd5!sOOZoYZ z)Y#*}Q?L6P!)kL2pYm{$E7Oor^RW`c z&OH~2tjP|V7qooc5GfClKSjbY+y+FeF_$F z&ufC1?~+LH!oes42%++;o$wa#f@ZHH-l!vg>LEmvH}W)aqf`ofY7}*vwZ+k;!w;(L zDwlkoJa)S-pSnvy$U6H!Zq+QHTO#>*LS}!i>M@!#tL|`ehs!#=Y04422-A^1mVvnZxdv zKlISh}pKK2+SidROmCIfCNXq|QiLh}YbAG8K}$0Ty)n+CT0>RseU^O^fDd z`q{hwl0@Y|j4u}bU}9Be`+AT8+Xl)5mJjnFt;%I@gogv}#3&|^!%F#opH8cuP)fTk8uH`+_=4*qe< zqC&-S=-?N*EZ)d{;>-sN;~UW3=Syk1UY z*w~uwM~gf%w9Cl!yQd^OZ^IRBe}+x+bNMdB%|+ZTdwP?NNQ2l4TP_jqY{gIv480^7=});&-vXe7a8w2t&O*Ev`swxplgcmxfmw|vnM zF47;dl|OJ)I#;v-Nl+FTAh*!=`p2$#K#TZOZDN|bM%^S2jHoCCTzOJY z+ds|P{1%v2xQNom92tqH_U7KU1$O?SOA>)=^cV3(QY7{eMqQ+)+22=5IXAWuN1bbw z5XRaH`kzw9D9DhBF;sVIYd>uEZ(bC1yGP02Pq2_|)phQ9a$e&h#dVl*n`d$RQa>OCr7 z80g7=MTB6y;R|x-DY~WqKDdtMM+A&Xx^F2CFT66FSQ{~mr>dDqYr6B@5c0Vkl2D}~*g4_r|yJU5>IX$d|5VueH7~kFb(~%e^CdU#RE-oEKS#-UJ*u$gpNxtiJ%4tGIWy68IJTbqa zz|ORr_HkA=zW?moXSyoihn8eklV1*fO)nn@is^tMfn40ykfrLCur*-H0z2E>I(weV zBzLSOV+?IFK2I{@8IzpTq5BhdCdo0la3|o(L^YkRqR&Cwh?|quobTRb5JXP;>cW<@ zV2#aQH6m~F3#c5P{+2m6vaj2*l|F5FQgGeJnbOY(*0!EXg18+6pY^47+fj`tn-O#~ zO(t+tu}{^b#4&RZDZ1)y9!4P;%`fU&HT71lZ561}c#GI4ze7#n>J~Iww^8zHqT&yq zG#r4BvZ;Kv`egQQir-C!S&NBntxtnXp7b0C1PXDAJ`K^J-*o>cl1)-8LJzg(ZKz9@77 zsl*n4ASayNX&K@sx$tZ2x=t_eVz;cGq+y+LKG~~>FDWPSd-4$X^V2Jxy7W2p??eV7 zn{S=tQ<*z)$^1x(7w0Rl@P?)bW$N!_|2W?I0wiGTi4$o#AD&kS&-7n!taQ7(+c~TW z&M2#w<6-j27>}VNJuZfv+6~f9T5HEqXZH_pH{ASwGa=#=ZB4?*FzxD59`7p)xmPH; z8|jIY+NSV;ANW{jO3TQH_gJUI`-yC118(J}%ezltr6w@P@Gn>ba4Z`Vt zDH-5V`55~Q0+Gd~K|XFprZf>ur~O|XBQ&DZmp19zr1^HbO+m1tmVrJzZ8PD!40pJi zG^*%DrxnkX<4et^&j6CoPfQ&oE5V)!A{9b@rAg&)^U)wm6@R7Nx5-Ov`u(!RNFF1D z;}8zj3hjRJc#XA?13GLqQ6#%u&l*QYLb#01-cT0T&+wk{EyVIX@_e}c5wSjd!d!;d zXB*ig08gjr>D!-~7D8JU$W;uUGgVnByAP$@4F*o(islFMHgHd6`@%KjCkAW^TA-UP z;VT7QdMwJtUJ--wFFRhr^Rk{lt4)6vH9`?^IRfjj6DvXTdDj!4z*Km`S#OX@DC6|W z&FM($=MizYCXH|6Y->l^oKy$jHFntk%-50rWY^tC-5!sq+LuG$q-ZrypS$HNMEh+U zd0T+WJ&Y;Bf&u9!*`ltMnQpYYfLo&`#^a1B-OVPhubAa%ra5empf++@@nZHzRxLg;DtR zUx&7f=4K&cJFgE(oSXN9pt$~w<->Cpw;`8#*JN0=IrjqA8&y=S+&4r1a(?nAD;>&YLir_H;WqHkoN>3Fv5SI7%IrJQH*f2avUMqHx_|hhQ5H#gwg&!1` zWQrK(E>(0jr43wG;B={bf21Q-pS-8r$ z;jqt}pm*aIW=B&$7whcz<=OE9ZMyf{OkSDE-F!rpkA+T7uG4k~PT9=|P+YQ{x3h0) z3Y4^;yYG)7nc9cm2H=#R-bfLhA(&_z&|;+Q%d9knNXYt{D4D%>?#{W!+p(YI-pnqs zxKK2xbxjB>{hJc9v2%^+1o6LgVBzB3%TrixtK%8bv+PW0=W#UC1KhO8!(*^nIB z9WvjU(9fi3zsV|8oL6S_lC>9OC@wHm4-aZmGZ98BoH5BTBWE2wHGQ3vw8xexn6yoc zRo#_7$4Bu%gVmj!$MHKb>Toua5h{0W5|yAGz9u}ztFpvC!1O0@l-rn^gml1!F>NEr zYgEzN#-6DeVl?HDyG}&ST-^L__S<6GCvGF*w0rf1;C|cXhUZql$@_r%fGgyiE$3SO zsTp;s>CH_(Vh!`DM9pd1c$o7B-j^iJR@(gn+ zb;JO5&u@;N{44b>{)D{5+0-?`vG;pTfc!EH9N!OzlNzWLQg>n;w&id!ZP;@$jhiE^ zTOYY8Hc)WSbo6)vXkW5&Y8dj)oNkGscfoFeh?v;uIqMOgZ0(&d5#MtnhB%|nF1m=4 zvq?J9GtE~{4%c6wNTW4@5&JOL3DRY_fnibk4cOLCgp^)j&>mTifogY%ni->Ia=f=K z&ag)}N2&!0@gmg?Kd|2G6GxqKX(`jJFCcL2Sei0T;;dgN(j1m_A8RF**e`s$(I|mu zH802qb%&NGx$sJm-x~#Euez-qU4k!vm4-gl7L4(M=&Rs%Ov9Q`r5BqpAIeJA;iQOL>c)av{B2el&TOHPU~4 zGMdYGP}TIFxp2F8y1rjb{2A2fd%~cAuF~mzKzk48AM> z!FMQ>>00okjQ9`RvXX`m#^U#)1EZa?{Nymo0)Eko#dbx|;f04&E;J2H*XtDWxDIkK9q3WBa^2wb%rN?TJBgJ<<<{39y(VNx&I!;GeZbv=Zs`t|dgW zr1h-8KnXjihF!uqc!4Cde`W;aVw1((a9sLzIM2?m1B&gu&KU1KivWQ9-xe%6+Zhs@ z9^g(U?m^FWD!lQ%YMUcmw zwe`)kMkYpI=xlQzg!ILJN!v`_oA>NNq8UGQtIDN`q{UEbD80qh>MM&(rdT?If^K%K zxFSfs_Jea&rsI2NOl|7=?l7K#XD?#!W=`uq1D6c{6%|o@$4?W*=7Q5)$v7$n0SHVh zCbf>eu)QBt15-IYQT(uykXpKJMOoA{o-4P${~|?N&pjaMKkneTVLqaK7A=7PNw=cM zZ|To|CZwfA3aa$+x@5)j{At?O+dG{OdfuOq3Iuj@(Y-R?>G{1J>>k)dv% zM39B?TBoh?DV=t^c3nVtiytWsSddqM>^)M@T~j{)S0vBrxyPpxr718%XOnY}PkOy! zK4#lg{m1cp1t4M|rc{`KDZj&mw8t8&|$+#-UMC2Vk~J_P!5Mp$)dq@8XH z1E(epouj4BmK&$`N@-=j6K5q~?BcxlS9Bj*a{bY8%Wm>U$;>fI_)gqM1in1qS?Fo3 z?_hEa7jE6Y(1lAZy``$lEU>{#hocEB)o{E6ysr8w;j>PPcEH|f8g}~cJAoI~FD2^4 z9se)jQF!V935~zXEWmr>FVF$5!Q;pcxVwK{j@_%njI4$)2V?}fyYt;?+TOo>>iB1} zfif2VzcDHPziY4j-*e@?PtVS?n0RPc0(HuQw7=G=E;apPMsDVAd9z!e^?X+}7NUak zM43p{HGj$(#8QX{Z4QmV8MsT0@KHa6DT}5$ay#p;af*`f15h-1N+TBBng=YhJq>9$ zD@^X*8av%o%?xMU z@Bk`bw;mJdUuip-wLRuDI`GH2Zjc|2Q>QZgUh_9kM%#iV*Wg}F)5`v%zxKzjAOq1( z^;g{&`)+F-n@BqYU{OH#)-5q@@pI(#zZZu3%DLDbU;z~y4EUCjx7-?va-V7T_?k!}g|hU!cj6Wy>|8o_ni-!p+pWQVwbzaPgxEV1>IH#Ub5SWMtNxoIUcQ+FBw zQ$3%~%)2A&UB%q=f-Pt*xv^Zv~do;D|1${~M-JI;ER@7!7MHiCmce0^!@^&la`2u_7D_whsW6fi|1!VlfvgZYP&BF? z_}Vd}EH^!qYLW0JgscfBdt7fmIVp&56XoK^pU`0DSiP};g(gugYBKnTJ@D!7{kO}n z7D}kLYWf@tsh)iqXzIHs%rac{f9FqJyiIzKYd%Np@V&M%xyyY~;7OKs!Wrt|DvR>R z&GbWg{vCm&PZCV~hO6bomU3BqNwp4X{o6)f-3lOc-!6|jr@)U@?JFJT? z5;C%FiatvW#Udd_bzi-*RllX=!8hJ3IA#moNA}NKPI{Fy#ky=~;=SZ-tD^U}L2DlV zkK+%GJx5;_S{sFlNi0Zi76aC+tY>w`gA~ocihN!5yydY!9id1E6_Q-i219|l;piIa z6%>WxK{H0CLt5VPtaQHm6K-nW7AI!=(9;;oY?ecBC(Jw_)3V%OpU`?ZT zQu%fo6ZDMf@c^K0MR+!2Mi(VEF3GV&gr9M@!3+6}LiUMd( zB4vQhCOvM_in(p=C}AnM1sG=UeANGqk%cn3xHSF1SlR)r9=y?L%Ytjyzoz{YD znx_9K>L3M_KIm^?Jqhd-?t6PG`9(eDf791V5|Z#Wc`Svt6Ww8}aV9+EImqq1lAGf* zFo>#|S`0ijU*wEoQ2*CR?n*jUIob{#M;79(0V$Pg9wkb1Xk9hsGatPSb`5x!^V&8* zI|~a&9N9=xcE%#rL>h0^2Cx~_J5P_Z=mpNO?!Dr(8xf0$5-kZ>UduQ6=9QZ$+Qa_9 z@hPuKqnN0@fC>+_lLeCVpqp|ZylftzZ9|kz&@j8+y0mj-OebIg8xX9Q|FVLk5CQvC zO&HI-;}8n}z9YkihppA3@*bephyjFe7-2xs+Zw-+DMf@1=c)fQo)_`%-;$iJ03~zE zK=pLuXQ$hz+QvnSfbr}0*fA{_-f&7l-BDcc=7t57wBAbwMv$D8+JulX|vlZVCtdhI6GL+LSRM!E`hGC^6+Px&ik+r>hRKv#{?H_?+ ztwIFmfu1E<##>^kpDtuSh64soB{MDM5Ki^AFWzSImS=#Bq+||OzYHOUybl<(X$8in z0lxP*-Ij?w38^+^dN%U8fG!FY^IKA+k}@hzv*ZQs2SCe+@`=GK_#GhYB5i`Bi5T_n~OppIpdq%Xa zJa_ry8TdO?K~uDZ?||eX)kt*Xy$0#a^8PjcRLyD7jm?0{nNiQ9)#`y>2h5TehPi24 zBdy=&chfY1alg#4n*V)6NEb3mRI{9StrbcdA}4VDfnH5*=Jq2y53PB<)qo7=A;+8` z0D)4^dv|s|z_mE=-mJLcoWP%e@Dlc(8G8xk`h%2?`tD>CjhkwY1viz79HuP!Z)CBJagl5K9+tP{&gTjuD;pJBZM0~@cM^Ez27vXdtiWV>pJh8+fhg+ zme-cQFAARI9XS~`m$I% z&9f;ZZ`A*5KTqA@qn>bQ&z>)L@Jc%PJ79g zv^oS~SAa=wb8_^533yoQYXCY*o-~%)2<1n6#jly&^enfFw|4kf-LQLgX8sVySQyQc zeYYsdx%FV|4>-Jl^yyV8RX{a6NE;gPmGkW46SK>tAK=4yu&R^5wsjxkBXu(r{G6A> ziZ#N`MT%-Tfr4tdNe)48eO7_MR>tI=K(E+*c%bb2l&u{%ky4LuAR(2guC;6Bv{>n6 z?g53vDXo*fF55FIs$w(M7C^%?hR zXIl08L4N3OrQyQ`vdOgmFtxJ(kn|OUAF-F?)Wb*)T49*8s|xu{Lz&;)1mAFpCp?aa z8pp4F$T>0LpsAr0hErPJ+;z1eiZLK+)y#=llG(# z08PaF3O+OeqBF})x1z82+HAg0gm*9~280W|wdUqfIG=r?_|G|##Xfws`}A-%H@QbM z@RPH?%I2c^$#<_;2j;z^vLcyi$hB-Gou+Sx{YZ+^(X2S#plD#JP3)8Lx@9p;U~@<*>kDoH ze-?jy@ND~|L^4%O{(M)Ti}~z!BeVHyPK~TYunTw}l_uq)F|3;vG+FIQr!&_`r(qD7 z_oq5+p!`YXwOquY0J`2qlUHPLjabuhl0or&`=e*?Lo~p+qT$*hdl2AqPX{{VCWX~r zBI>m%1MO}qZ{I6CA6{ws$PN?|e8-a3j9TgLJoRadBkjx5y2v~zqwMsIYzD&$@!L!A zrhM}?U!F;;j8w<`;AG982u+EUv+DZ~w_5FTM=3>Vgwv^x=;Nhosw-hw7Z~UaXeOTc z*|y+L3YjDanjpB|vq-1@*vkDV8X!Z7C*UE}re@D85RStE8OW=HSpOL6)BV%P$E8mw z^DG0Z=wC?>RIl^z8?9D-xheDBIEwrx0tlY z<_T0CRyZ0!xO(-P&ehJ(k?)RHFlidY3oVRiTcX7`IwM)~-_Z%#TqSH7zrz7|n7zyE zcMU_+=yHG-3bO^9X{Ig>*t16P<43Ii?!{3nOoys4zRtm!dB1)V;<*#}DBkHCdhJV( zLj*r^ET($8Bj$qU2-JOU7Fv1^!3_ZC z{CzARV8i|wMq)q5UF;HVTFSCOCJJ}%uc0H;oSO=py_@w-eX+^Nu4r~7A|_E|Oy!@; zk>L0rgTEW=mu`3pEDpdSrtBLt{u{z&2nx}I+(MYSdmKgdc&INGs~5XQdunY1MkRIT zCYipParX$^od&p#;f!v1{2riLOr+Rk8cw+(g**9@j6cy|JG&n)ia2tU^)bNhqg_M+ zj)NMN0K!Hl!~nns*KqBRN?GY7!UBBG;9s< z-6G=4lj^(X-L2QB8asg)LT0855MJqQ^2GNdxPa_xs)l;Ny0)U(ZRK(o(cc-zn zTXZsW?MWL7HqP||MsBNDDKqoAjK`*y$|JS!+)dx+sY}Nt+M4o%WH>hnE#}+r5L{B=Ujk zZGE}c5%{uiy(%%?J3Hem@0Tl%qhgD5kM1H>VXIS(_kTr#3P}M=b(r6465xY2h9N(_ zd_zPakmwLgZN1a(#x=ZtU+Z}J4#`2rpg)_alDC#bZIJF!EIt1pu>fc5AOXk`OSJcZv2O>gvxF%HI%~bPaJK|t4TW$ zd`)`+j?M=jNL=>dVXo133xQl1jZQ9mT)+Wm6Ky@Pus;nK5MrlWUycQ$qdC4$;0vj{ zM)7tAXB8DN8YmmFu4J-zBQ_r;SAi!D|18}D5p$GwVbX7zn{cZrh}AC z+VC$PhHm!=U~9AYI^29K(BZ{pO?PUaGk^7&ZB)!B4b!chi#(U@4yJ6y>Z+M(zQOdk zd7)iw#V^tN;q$_SFO0?=O8-?Cj+FwvzhhcxWu+3ua2{+a@X?IMENUeiD?nlZ9n9YQ zL))eta^@&KkWm2&IQQJDMa+9SOad3UZY`>u&@^OFv{HVL8z*!Lx}GA@y|&u`(x5;Z z6}6R|H}}?ts}47JXw#pb@=D1tscA?cy_wmi_3*X*Y0{iQD4e`%V@E?A%2m_lezWWW zd8myTwG&qlb9WetJ|C;S>j{fLu6=eR(a*)W6doI&efQ=qyfIk&&1h;ZP4Cuy!oL!3 z%4jCV``6_&^FKSILgOM1=jRopQIEpk8V>^%> zlk&-vrS&tfFIGGgjoj>~0jR2J{Y#zH# zduRRxR!y`eVUm%z$8caHknn9eBr%;QKA6#1uk_XDcD(HLK6~nOUEGxWfVwbl=qEPU z`fP2>)8p}#czXI$*EwN2)}o{yxA|zPyx&1uvw*h4MH1IkJJE6O$3YdOluxbTdpL4# z>nI~W-<1j^i0%h{{BkBLst-06n+KE%PuB2XOOEtqmrjxHC<}LkZqu*Vo)59J$Q0f{0jU@6o+WiKuMl(vY z;0eF|uWRnC`mvjC$*a=9UBqYk_rys(pZD_i=Y!ivMlLO%Cpm5?MkV%X60aT1X&NZm zDm}dvbhe#JS56AoN`I3!n|3%F9kpr=y;T@NR<7;$LUfj!k0)I|UmeTK_}arg=24>d zXo9yn_s=%fyzJ?E7f2KQ6A$@fw;@31?k&CT7|xm&P_ zMnj;Fv!9`6QP1+QEaEghA${^?EReuMYx@BZX>~-$K7{P=IdTNx`&XvL-J(A2_Xp&4 zO-WtetveYbRiII(u@W_o*>qbgq7qpzA8mJF#NjdfsO?__ju!-z-^%;Dn2Y{0tPetb z%5(y+Oz62m>0BuKSkkg4?9~i0FVL}^?&dmzO1VPE^mJjTU_U zzxKFj9@pwZr#tpGDq{5eX*Zq~2kZ{26gu(s7Q7L=uMEQ#NjCY97GWlrt*-axGk&R_ z*?pY8RC9;;{$tCi!i2Q#zpB4rs$QE9m!sHCIps5Yq8Vdqr5C_{Oxe419CV%MZcYBm z#^8DF{4BX8e(vy(^x%@Xe?-Pjja)A8I48aJS9elx*`IVMEH(1BcXR)Ed2K(NrcGNJ zyH=0UaJoC9UhWP^ulaSuOyi}*(hRTR3QB^3xd#aU9H2qq6;QANW{KtR0h(7df0H%# zZL%nyhV32TK1?tiH#~CU`t>GNw`jrF3zYL{X6xo5JOD^Q=KgVl{ z>2hb9?Fz#}j^UqjE_@On=pcJ3`v)8OQeu8tz_Tx+E4?|Le8h;R#i`?{^eww98E+OG0+`^y zW*cYOG40gMKXg-f8V+ZCR8y3lF^_z}J6?1!G>}AWVsbR9cNPW&KmD2OFrd62lZKP0 z*aGQiG(1!J@x#j!qo6e}U~AEn28E6466#|z8!93ElL&2kdu;FL?xu?MWN*qo^Idjm!{e#dS$YShE|JjoBj>`p02)%FUszq{JLufZ*PJpMXh zu{XX{3c0h{cc<5XQcgrU>OL`Al;|qn_vqu+KUm%TgaC5kf*kgl8_n65QQN#F1s`t8 zCmxnU5P>?uIA@f~rrYt{;tF7QlAMi1fcth!~M8d>JT+J)I+rO zId1H#bW;9Xl2nIw-GPpcwaMDz-`VdTAKqW?yV z{uEHnmi@|{xk|av3^bD%DuoaUoHRAfxTT||Z+|_zd{Y7ZeW8$c!n8NUx42fXT%GyY zQgfZKPP)os>SO*dC=49f!E@8z7~xExx$wF9Sg;1+lG+R{*;rGxG{bi>rBk?mO2^o( zhi}=;+zfsIB(3vYA7X%29O;Q4`wV+nq>7NtSd5Wd z7Zhndn5(2-sF*u>{I_Yx@s*iZ z#^MObuL7pZUq9Yqp2_XUdr?fVl32A>&nMTf(g$-0z*4jTPKf#T&?1d7oR89P#Yc+V zgWgP9?`GczpV54{_rfndXCC#R9ld*`XU^3yYp~JYvCBqQDYlbdGI+9td{+)YY>O#S zK4+rKuT;tTysy{?qyjGz!HX^eujqQpH8I}PjBD%YxG4yTGapv~d=E$l{HVV*1)J?s zG;k&_yS%Y4`CfLj{_)M^6q*D2^jBprGkww0=FRpCb}uA(*Obj`3=_b<00tOxt6Z(2 z*^as+@3EwX9Q0t#-7`1bM)4%3dG>5c?+s-MH0Yd1_hn99QX zHc){TdWT!a)DywRlK0o>ON%^RDkMN|YmM_A6!3&I0AQdgW04kopzvy7MFNj1=ft$P=_MoiLK)A zDvQpD$~}RAuSd`Gp#paH^DX~&>XusuKs@ULtX;<`omqQDTS!p;jVg zu0=~fD@T9z!ph9f{}jmoB$#BhcJmep2=PbtlMlMV8p7`$wm}7u6HbV)JrW#CrD^>1 zA{FH&|FQ}HTOj|_!E|^#o(yhmuIO|I++=J7x=M7}Z%QvdubAes?M1Hn3~nq&Z}BZNAIJy3eQ@xS_P>&cd3}K+@mtr-nw1rXXOV{6l%j`Sb=Mt^tgU?{xx$8;uMvon?Z=pErP{ zKfJfx=|1pKO3(T2p;kOgh*f7e^`?=`A$MJSW28qd;?v4v| zgvYg3QO7k!Rky9?PVQy!dl)dRI%&L0VVjcRWuw_hu(>uUDCNt$-*qp;V@(+&m>Vv4 zi6ffg;#x{Hb$vJG1xw`qs0W6}cfM3B1#dpQUGM;gzyfn5ol2fC*2mXBJ>SioKg zX9uymYHarVRchi`#Ek`)l`xh7)+#Jrslm7b>$F63LVNwhk;ZA^d7bx6;kN$VOzSMMXJ;&W1b+{wS~UO!-`N;D`G{Dj{=y*&hQ%Grlk!PJsE&7~~&`Yg4<9ny#9UC@D9V=N5+j2VtRr5dW31=(9I_pG)yI z7Cmn38qwiDpK#rrYRV}|1vIWi)XG-zr%j;qJOS0Zm9Y^ZP+Owu86t_lOgqhgJp}}i z?q#p*lxwt{(pnWj&E6Kpgh8_eX8sm?^_K|UE2PLI>XJ(owC7>wlS_t*FWSTPk~%^e z^1Ew0<^zet@WlGoLT>ckpfJ(~0(?f1=JKI@5wQ_O?h4Zg*zm`wISB~PKlk9h@%KBadka3~PbjlST3B;2+@{K;)Qi!iZBa>U8*D{1BaG_wpGZ!voeh z&g@ggNgDWEFWJck-FweszrW*2ev~yWPiz5l5P+DNpXh1WceLGLMLW#@nzjn6n%WF{tn;$z?VZT3#;(eu`mD;zi zhT`Bb5VQw(f&AeTyN=W5(Z+Lb-sw|c*C%TohAnpxt{HKCe*nc1Tf2DkiVd3p5Gu8T zet2&tr|c_gP{FhJlB>5Oy;<)NTH0H_d0i=b>rQ)7GJ}9pE|+g>e_#G}FUfnoP~p7` zB%UDcXV>?bH!jU|ug0I=;GR(dANFVtIn6+P4>(TVr|t8Bbd#cSH@`4Bye!xfq)e0ONJc%Rw-tAT*xH?g-14la zeV~O{dc_Q&#VYpmnJ)|gUrJm=Jp+&Bqgxa6F3$kt;8~1@iSkcwY??wE-LMT6*8u;; z`5Uz$GubEWFvNL3TZo;MMCXtH;ijYfo`@@5AT`KNub1PAPK?7eLC*G{HA7C{4OzArLfOQ zEIi-Sj?E3cEw_+qvot47;f3;sSlr4eu+c{D&Un-OGGpHm==ItJS#inCsH{THW$t`= zP(dy5hq$Map9z>d3nY67eE8v?l1NDwykdj7{2$B=6oV}TL5c@H@sr1Dj%|!vs;SOr z#s4D{n`54m2msUL*MY}M!vD(8<#={2YD2{6pFi~}1|q;AQ?>E40|o?lvy&LE0WJS8 zee2r+NnHmJXa3Etu)^xJx}I_k>rMCwAW+P>EXd$Sp>vQ3fDJ=3D84X+8e5g-)P# zUTX&ZO@W}m4CFOkT*-T=r1}^OG8kZHL2GLOSSw|0zp8nY;n1D3P>s5 z_KEX2;@#yF5oH6ak!K)Omlx?08oU1OaM0zR%Qw^@S^^D*cBZ?k(@QJPq)XEpJHgyXJf$|C zsX$A0?B2=j<>H${xO=6_3IF0LMR`YITZJKU!N=sMN#nQJG$3Xkl^8dQPxEu&aFkCm zE~_Mi~*E}?U^yw zJ&u#2B%Gl86Lvn8gO?i9Vau{1y_GQ7aa@vJP_Dh|-E1bspwi+=s{XEO8NlUJK3MZC zlxuVl5kM|^nFxpi@JZt+k=XAhe=A&}RZfuWsfbz!)U{(PS~A0qO;!KWEjpG1xuoWR zr$AeF5%6Ilvg;cOyJlS40-oX(GnMkC?MZ+pZ|mqgsK)(v8Ba{LwtF8J^Snd+1+I;p zar4WKEA50dVRjj@CBW%AahL!#k|h@JVj# z2Q$(kdz}VaG*}4I6(hhF3H7vnPz? z^9t|xOY_$Hj%P;V;J`6r&tz?~@(liFTjK>`v>9%}8Mt2!|KB)!^LQxx_W!@4P}wV6 zc7?LozW9B^H=W!gb*Xwy?;F({=Pa~~BuUuGCMmxFzKbF}sHAv6t%sR}zQ$0iB(j2chN3~AkD^e&Jgznzg(1icNhsO8TxyfI(WXS_ zI)wr(866`!8H$gID@;_~_2%&+Fag-ejS6ufDD-UzGR{#&e1iJEkvuR)T@mT1j~S9K za~Mr9GR`!=75XYax842QW9bBmq3h=RtHO2;&sV~q*&P%=!?t+)m0JS_whA{tc0WFD z36N#z_KS%f`OzJaY?KTH!W=1p0J52;;_o-EZ>leI_pI9(ll_@@2gznBRkuI7nhD-2 z#55B=70Fw2qrpWWYCcYom{0L>upy85Gy&7vhZ&F@86B25%Biw2cW67 z>~pJ~@sN0zPxs~7lWS*EZ3}8dN}qj}=mNu~il4=u;hdrMYTMInmgJd1de<9}MtH$= zj@A5MpUqc+=UZz^gh-&znFz^ET&iC|!CSWz@9oHJ2Z|NuCiRVAP;`YoH?q^xV5~TK&-8&56+lh$ z>f)J^iv-`zKAG*$!+UR#&B4C}|61CQG}cCsj^Es7cKXeJe2r*|$>7${k$NBDF)e04 zqV@kNL{-NTwk<1OcY_p4mCKzJeU8H=oTULzWYF;IIPq)=#zHLv^;k;Oy2O;!i&xfP zV`(JYEP+!vyJKJsq45Ug z_-uwzEZ4&**aHEI$X6NGeA=RqqF0`_1`*~{pMC^C0taqMwTRJC_2EFL`{-8@TG=sP z|GiH1+&k$f+Q3@X?kiLZT2;gU~Te|_m^XZd&|-Sr!=qz!4an%#>NgUp6vi`U>0RmQ}reSV$7Z>|?g zYfvT|3u*7OZaek^BR^DW-GD94B$D4Ni5m2@59GxhyiY>CrzDw)^9#DULKfUYG)frj z(k;26Y(s=#;riMbiye&B1f!Zic6q&tt3W?5F=6AJBxL5TCt)QgYJbRxDH-WG(9k*6 z&y){t990aA(Mg6`1kni}G$go%JbOSHri{uSUvj-g>>v7!~lujBniPS#qcf4S~$h%s8|a_L7_YJw5J z;GI=@l#B-Kxv?60W$+)en{@QhPT@agw}4Wy-?(8G2W<$5*Kbf<(pAWvOUvCTWO1d8 z-RSdCS4epJRKwMYCet@Lw|*K}Ig^G7!&$4XbYU5Z(rt`N@${^$d2#N{lKyEeLTO@v z7`NtXEIi}*BJxL(pBHBYFmk>pwK%UTxz<#qkt`XcF+)CfabFk~y=7e-*0Sj)t6Qq- zYz3^8Zz3|Uzz97s(!b(-{q~OdV9r`f)g|4m|492AzvAT*C?{M9i3$Rk+O`~Exk|fD?|ICv4`&O)sk$_0Fi4^ z2uWeNDXN!Jwayt(8;qHCi(9z4l;C23y$v*g{jgx|t}m$W&5gh8hdh1GJL)T&*ExbED>rf59S| zk}$ZUu5-N+5@t&DgT6dA$n56?|i`Be8@ zwHy!lURBC8Vqe_;`0KFKmZn?x5$aD>ww$=ij@gq?Em3>#!~2x-ux#Hj_m_vn=nlof zTwR0Jj*-d#5HH)u$K7&QE3ZS+WrI9wI<>DGj_v(0A+n$LcUBoiUzI0E=J2aB-O0XR z_?gP%8-*{K;sdd=759Yp%ltZ+VII45VsRx11)5-rowaXHPxvDLDzk zMxnOGec+EG%wzfXvQE%h^4IcC`()L35-@?jKEe@^LBiMlraO(cSljIry-;#Q<~bu{ zBZESfO-hSfp8k9hS4Zea)bikx>_OX(_K@kHs&qo$>3|L(r` z5up2K+?YM}*A^TNTwU8>stc}=zOSDZka;wL-PEtYSk1fF;|8g~3}LC|-c-@z1ITHb z99_Y8@BA?hE-^k^Bd;fPTB>&L73y$Q=S@PbgC}i{F9Q4fKpvOzVvEA505MasEoUk& zy;pM1OO2Wv13gpF^$7k$8=sqIMUW*$7it((_qTKYY4~f_W)e@nC7ttYwBw&}Ejs9b zJqV!3w&=ifc73%2*kY4W%_A|CB85bBS z6ily-=mxCc8ROk+r6X}CM{IOPC@^@j)f8BJskt0K@)*^Y*2I3e*1sW~PA@qkfP4r# zD|57uRr+f)4eukS5ED0b-g6iMIomanDXEwbVf&$@RrzeSNReu>pmMbO+t=dR<+gkC1Pq=gc5ethA>Jc299$GxZ&hPk z{pb!4ara;S3oa+xC*%bm0KU7Umcvo>xDlB9LT1bLfgb&t7bNtG>>bEc`KqAJ8jGvW zg!-x*rvs`6g&yoPe`9p()Jg7^A5k@Vq?cLkF1Tt-!qY@_XSs}=v(>%b{i|%L-%&2} z((*^*!DLU7GL3D5lxK3-H%yqnSGZ+l@^L7BAmS;$&)aM15bUroxY0eHXGxRbOgjh= zzb+4-@**@Qv|h(M&0nCMr$bNqW3$)}@p?~y+=OC^;*v`2br4w_eDRqc3N_egsY-33 z*M~K#^SP)xJDmrui|G-N$FUV5Ta%gWaO+2R`-O*@2c?xj5`GE!-9}@tH@IIK5nc`T zlK`5g<~|rerI)>YW*QGQdAK|Hoc%(*CsN;7BdYzh~^Lbw{eh9g<*kCTLB3ESH>XM))EG)XqSA_i5j!o}ETSBVEJDL$C}qC&+R4D#~OIa@<|8u%Zc5zSq9#cG_~ni_vd)vS^)3 zqg+Jc6y0gaG9mqoAJK>WW`XZ=q;+Hzw*q8Fx|?t6h0ud%1Af2V{8aE_3$uCQ@T=7t z;a)zlK%s*`<>jDPV4by5ITNL%*;#+805%O82iDQ(I ziWMC34w#D$270 zVD<5z6sdfJSPeOz#e3wcHW=s=awSGy%Blc|+IpPD)3sOeah~<7H z4Upd{>9&i7h1+TwbQph*l=GI3?~mQH2Mnkt|x;j3pd^L!BcP6B&~k93*uQnAn1Z+r;o zUh;m$Q-1B^F8%ZKQq*KML6lX2Ja zcBDS&EFgQY5Vn?keWada?Jb?7*j!+`+4nl8y50zDxA( z`30&>morayXht}v;@EMYdE=9RJwUgIy1)C#ej|7Lz`5MR8At(RZEdU1O}^!E1sv-4 z1~Tn;Yp1!7$G( zgDBVv2C2VM#I21|>nNh1W%pg#+3s~&nli!ZHm`6%jD9+EADw67O z^uus|D}=n432FHzKHMaJFnrd$#LG`WQLYXo3}VX@>Io|IKuuQMK` zTW5OrHi+HlOluM+%1J#Tm%>C#k)&+{_10+(C}RM2Z-kbjIb{_%bP*2@+JK( z_e;FhzvTcfI({6aJ`(a}KzJgD{%k?@x}w*I8Z6ubrkgi-398(RfWvbNE0RQ}dqbEF zr+=a#HY*EHN-d~PGnB@?B{@C>qzqi!tK-IyjjcMXCN+$j9iRF0b(0#O_7)&>2O^u-iJVqblozLsCT-eCsZUd@+v4I`yVZ(~ChH&&EzC2!ER3oXZ{-?vHA zQm2a{&l?nY*co^2Q^`ptfe_11hw3%T!h6NgTz!%1RJ^dQjuVKGq%TK3Xg)0z_(Yn( ztnOZCw$n-W0r!H5$G*XkARV)eV_&vf$*S1LXr%h8Af|z7$<5{(XRFm3HF?+k?U=rI zqs10VRb2)CSB0@Wo~R&;x56!XtnZeOU?#;_^fP%I;)6D+)TTO?R2>-vCBR1#2DSSw zPW5Sd&o*4(Rc3~xD@TD!d;a&b`qAtk?6Z)B#12TST!MfKfW4c|-xb`ZYLn~uqr%CM zqsbMV#XNqSX^dh0>RFB);_8oJm{+aZgO(u9+`4J`<;6Vq{NAHv*Z_3rOo_VpbccY- zKpLSk@=Lf`zQC&-KKfOtX49a&Ajh?O`tXi5C5ijiMiMcki+QVQDOCTWx>Hm)17F%Z zkA1f_DOnB7lYT=^+(k@R@-3|k4ILasAPiKVUbb|w(XF7A77fJ2%J*ZB35^r3So~O#Juoomc%>#8yr?01`6Z?P9~`i@a%bma%qz)HR(OJ z=UtMk;5_biD-8c&6zU+fxO}~DMq;JB-BTq)qeWI=%yMBzoK9>Pe_Pybis{FfH-cJN z!*rC86|kApoTa9cQwh|C;pgiWz4L9-AdeZ$*h3_c8`c70FvkL4gf+TSo`$puzIRRG zH)Yyo8uBlMZVZ&H{X`~2N-oNcR&G$XCP&BHjUhs6TMy&IYxd9#P8g+^5?3@IWyls~JR)`s@eDEtB1JY;M&{k`su1D=GMte4U|B zrH*)6_;n`5Hq9DC_}eODY>0tD>q9GOgyR=rVxJ9>x*z%@vz0|v^h zuk+iUJ^J0}CFjCGDeG7P8H1Fp`fT-FpsLC1w_!|s@O)a>L<&=i(myD%!|RMIv7tTP zd#3{{lo64MF@hm`cj?EjG7Bs}tKK9cAc4$TuE}H-4l!F`B&jh13bw4A75qc_5CpXa z2I5*=QNdKT3uz~B8Wcd6NEN6(dIN+>#E8%DABzpWIWEQ zjPi;u-f!wkLukTVA3SH&+`S3mz|nK-JyG*XE~++>ao!+qb)R_X#vYAw#e$yvFn6J(M*EG+I@RzmiSi!uuD*9lC#nbD#k?p zh98m>VM=+Y-e|uo=h@De7a5Hr7m7qoUxyHsfH>PvCFZC26jx>{JH8ak$UfqhM)gF z0OGToHDVLg*(tyBf({zjkM>uyV)t|vwB`?!2-F*U(+l?3Fhcx_1vx@*c3*=O_&&e~ zbC@Z7j0u#ZI>Y2`wpKP@tSPkS`%AvKqmLW z8Fu#>$XuifXb!>g5g~O9-S(2}bsM`jpDzX`Egk;oT25sIOmo1y-K08%{7e3JG!MrX z=KaFTR&}Cl9WdaP@Q#_t&KDFelGT&xY5#eB=_7cKB5xI0gx98uxYNsRKy}B3 z7NTmxr_1jSat?ee|a;=~$ zr&jCyrfa?iRO#&B_){e*gDPo^6pRj{kz9|_#Q`C>_mC~;btL#g2br+OjU>x5+Jy3A)?`c1Hz@aknf!GGM4E*D%aOS*Ma@peelaU^Bk=5n7S)RT z-1-WkxB&^oU4E>XLl)?wDPj}KYgFy2sYc6*`$52W3!7;d{ZkArp`D!8RZhMXb?*Ot zKTQXbLTwqSXP~7G5E!fDQzA$RU>zt0)mvd8g`j0(_>_8zem8he4nTPTzr*+F{juarYmsbw45ZRVc_V6Lu}Y8<~i|{bmHD|8oE$WF}JKC5XS5CIvln z*GAO(b{RS~Up7zOmDj5kwjDqw2E~p5|38|4WA&1((<2U5rY`4Vk}s?&$7n4z6?>~* zN0ls7sqgc11Z_l}52Z1g7(){YOhPBrd-`B6h6Gw@swT(FgG|_m7FZl2&h(wFR~;km z4`ov!K-A(l;}`m#D?IL$p~?pn7xcM6J-LU_(|vL9hVmV{v^XMXB1e}Wf0c;#@tIXp zB3AJyxs-l>wEkxlwzXEWj*ou(*J$GK)l{KLp?`#7=^l*&ulI09qrKSEuW zw22U08!;=H*&pnTy+&dE;6W~E^9xu#RR{N?xbG)03?1_tl)cxh_H3&iJ43N0DZJ^T{3^J_hD!7yN2p*xejn$Zubuw**rjgbeo;SY0uo znDu|3fW3Y=lZc=|PtWz<@brXS)Z?O#V@VE_JWWDgm0=aUb!bz}ALmF!sznn+XYcv6 zgZLne?5=0~K6h0H4#XeAVqeUM?|Ukb3bah;E^7^<_!$RYd}B?C>j^D#C`k^w?FOzE z72`f%iGhHva6gknj#71cjT<=(z}a}q?V6(Z-M5dZj$jpv+{-_3s4AtX889=6ULWqk zm{v*-tu$%tK66Td{SKxXvtmD|Ow>lt{)B{lT3Fto3MB#6 z(smlQ5CdyV8qwIwUg-5jZff=iAh>8+#gH~|`w3avSFwkB$<#U9bBT_bWmLd4MS(np z)PR>9JU*@`V0=$3LpVn>+bZOB*#G1o)vKv6>uDFHs$r>(_6kOws!Th+(G{U|fS)p- zaozsl0Oe-4rH?EIf<5~Ok4-#T66Sq?y6v;S|6$E9r1#oheU7ZDAO7!{tqH-W8k6GE zbY?MP0dV|}CDnuV*~^~FT9!#pFq@4+DXMN62xP_5QH6djJvoz{?PpZP8}7FIz1uH# z`xDURRN$X8`X=D-{POx9Cy=3J*Tj=U@v{F;<`N50M?_W|5+)NF?Y+4rGtzZe-N>Uw zz1CBK`mk4tHzQU9j-W7Hr!96e_G>36AtO9V@8*K^?q?y5h}UF65+C}#W@MHfZ^T|3 zcu^QM8?vXde3^?hE&WcCe3%JK$}_T%NPlHx;@(Ce>-SDu%W@k!d<+kce5wLwx(T(J z;%7Jql3RaEw7NHoTsmaSVc16!iun*H8kin82f+L?8h9mm>JHX7-#j_7?7KWWJWZf5 zO~nJDrAVB&m%wC7Z3O^7HRAyMG$rxc}4! z&{kErjc0rg*WoACHE6zehBkU&PrBm{4=x;^r7~1Ey7>|q?-)1wJWC9C0uv8T$r@g7 zX#4tt(a+P)51&rki`#&Ku2Z%Rf*WNnBUs&7$?HJnIlK)*SSt4Pm<)$U>qiO7n;J24 z6T)++lsDT~kAAIY>S)>`o8~4c2-?pD>|7(DHAmGSg&gYT-Hz|RNJ6pxCqV2g(i|`Z zvNsDeCd??uiBosBTmmdwAluOtxQKbc!z{W1&O`oy@|CU(V-GfsqRpkGTxZ>vi9XkG zsJ>Il0Ub;rwPD3)M8Bw{=QH`7DzmVH_GxR|>{7N911U^s=Z4?;;{gN53=xH3vb1X( z(Y1d}8I%I&Bc7&?rz+?3=!N(pfA0Wxgc5gv-&T>=E9o2cTW|ZH3-X^Af<0HX2|G0T zX?*V5wmJT9M8nk|AZc8eU|!dpZ9_saS2vLQcg*+)>BnCmU|;=#t!B2=8@TQl-7M|psw6uTu z+ih`Yo!o(3s2W@H-^JSe6C=Bk@7SoBo?b_rTw-7rUvBJ1kMswH^)mE#%E#+wv9wuV zD+n98aOPE&8_jEzrl+t33BpvO=bWpjxAVN(zIu@mIs+0uOKSkHzTeuNS3e>)n0>*c zJ4Xr(Y_*hf$YEb}6~3153ls0&)eP?b_~TFb_?agN9~UP7d-!-GL;vXFn%7bYuCmeU zSAXWzbnmY-5eMwkh_mE&uy3*p=jEPN^?V+E+0)41Q1vhG#6_%kqGSpT(fSBmIBMi* zV%smt96HVd-Y3{pFs@HO^h&5|%7pVBi6{$G_@TS@!AlN5ZS(_lSGdVlUlPPnooWeV zn81ysI+lOWBTL5-eS7GLVODk3zkDdyHnzm%ausosm?f5??uJ^31#AnkrnSC1H3o>x zqN$EYdJR9RFYDEmT$tP&0kn=@!WJ<9ksQ?}-g_~7xHGQCy-^U<;3YH9++8S4G@E#C z&y97*{DC?0{A)BVE8;~BZ|8iR|Me!HSp6wCvD56p=P;gLmV;|7mb?674sQ;_c?yri zj76c5QI7rdszo;_w}^I^IP*!nuC&jAb^t|j)3>as>p<~kcVpEn6kvyAWi0DlS{pvq zw$JxlKU*!^eEV$WT#MLvo=7_b4%YiS7|R!Zy~^KbczhZl(kLMKWbbF2_y5<&lVxNOD7_VNsn+Qg&pm+l#E!h)mhK+4MY42ezQHQ zy4|}riDoI}M?8iVPwZ&E$2C>*4Y8Nr`b^Cpat*Y&quilm)t ziG>!+GyC`ylX}KYyp}q$@GTHS-mG0yTyZS|FQD{eu!?jT$GFoWZ*}*qwZFQNK@j@a{O~VtK)V4KTPJ_ zgNziPPdrtB2O>Mtxg;wc+4zBkwNG``# zl3i^DYf%`7YZVS6q1FN+eA3IiTvRmtC< z@i;G8mZbcdBeUh8fZxs%A;#)2Zc3dYo6Y^Tdq~uN_<=M|*aWlWqj)e~xShn8>_H*=C1WzGgBkMTA#oLLmM0^xrYTIK(8=af=9LX zPZQSr_J6uFEK`bFgC$2Lufx0jH=$ti_ z0|;xiJcS}gw5@$F1Tl>g8EHtRS5V=WIhZ8vD@K7Hsd@GIXfPvu7NxVdeeCwSSZMp}PtD zOC|jjk6P#)FM+RG@`Kh7{R7 zO;iCM-bJU9Vn09a34{{nRcZi@KJCIR=ky@xQ&q+_4C1bCl-i2F}ZIN&VhNH%_ z&5Sj^g+K`?fcjjpGBOm%*%`~oltc~=CcZ_Xi>9uo4vW1R&7e2$Fu1!0s^9dU1@wCh zeB=B@-)x^wwF4q4YVvs79Z_}7xj!T72RE2n)mDLs`)fUxO{ErC6Vf63LvMi(MtuEE z!c>f!b!mZJMk3rd+?mVchm(R6@TWzr_?XLMz=75R=b1$jBaQ07WKomx>9->Q-hxOA zaSrnw7qoOKkkaoB%9eZ?z?#7#XY-XgkbG5!j%|YEhY{d%$#`~Q6E7DPhCS(26#j?G zP#dSo{3ICF0D+A;FH*;VPqnn#{Sr8(&Q0F=6zxmW2*A=pI!fiVFQ=O*)wl}o_s+0B z4ZB@2K5twBJ{m0m(+0cpa@(a-o_$0rTGFq>c~b@YoF_y&;M&|^Lh+vTHj3=a&c6It z{893kY5l$x{=j5n{bnjouLRQ6Fi4z_;;Tjd?vLV?QQW>aqB9p^1EuF#s2{dkiSi&d zFM`rL$4uV*$OE>dF?bcxyJuBvG}p)7a53;gp`?bAXq_aKx?YVEIxqINJ=l(~_!Ei+ zJ)3PWTJ^n^fTXRZ4HEt%5@Waij>m$CnxFU82+PMlo2`IGn=*XWKVp8aHw?UhPicD) zzRP^_2&x_CIr_*BJiIq?8dN`BTf1nv-S?=52|`^$UdV&{i*bg~xxq1TmyiZ4rIU>O ztNtB~jb8Nl&33=Wj7>1WUUXJ9$od^z62(i-CIcd?i-PQY+{@s%6+h^!?gC|a90S32 z4>l~(Ro~^eZSgX;T}J=79q2@Mjxv9S^U}yo|kAaw-GPP6s>*)s|3<@i96Huun>f#H4v$q*^avG7-U@9(XxAoI7j5 zkxA@@rj<~>U_CO*)fc#_jBV<6YF0DKC~JOB1A35#(Jg7;WrOh(X&~K?MxQS{1U3x^ z=f-Sl$RjXS$;lA8xurw%h9NG*RS>04Rr2Iasj9mEbLh8c{oQR^%J48qB!<7J($EhTCmRU^uI6+NJ?*THjDI=Tb3A4 zNU$D4*mkg8sLi%+eQ0TOuY2C$PzbfBaQI!P>Wx~A|75M?w@L3$CV@{l{f(aZfIRN( z2aNQq^!8%!ttHn}5fs-C2#?f%!tpgG?Yxhp$7t0&;uYUY3 zoLf?&3Lw#~3it3z5dY_SCYc7#GttgZiLAkI&)MBVk7a(jM=!Uf6R-hIZdLVL+PQK@ zhy%&wF2Ps@C=yYlTCG=+n&SWxa{e#p()^5_D!=)IC>->GPK~JcKR$B8iym3r4_<@(rW3aqUlYp_*S1kg zl%H>Q0%tnaE%%>dnL%8ASS0fY7Ab-V)=SJnCJ&hU_$c^gG-&D@fYjA#Fuvd_{dT|} zO+c{mSjv5MEZO1Np6~w1ILIgxJLkry_%Wjw*&aluo0`_O_>ugi0~t}sw9Hs@U(nPYHx_HtX|m?JjP$ZMZyE*SU-R|8Cu2n4L~8 z&%Ft10E?du?Hb}TcM(%)hJqA5fI9|vyju(QJ05sY*#0t)5o2fGV(Y?wLD=J89ta$t z#Q}RjfFH^{r}lSQqDl9^TPN=P1OLCRhoFUdeFue679il|d(OVr?Zv+SbPZ^&@4rK0 z=62zd*9Q)gt77U#bi|`vbg5#@-uR2ScOMjd zva z_+q(NqeJ9TMI?DT9~1|39vVGzfOb_k3lADikU6UG1a2G%g_AK-StUJD6hrEQ^MY6p!Kzw3vv%cFxz~5iNX|UR zx&RZVm1F`0y1!C+eWN%BQjgcqlC4~H{$3^fL~bGsjPkFQYC{iQn{nTbuV_Whn~0>J z1mv?x*GCGs2O$j5dFSOhNQGw*WW?BjB4KfLZ(5wJ{dBvkYn5Hiwrn|J)rN)HBdn`; z%P>#cWQ6}BR#{Owdxx}T`hp9h%4CLiN8!z78>fx4K6~r4i$_?y-yTa>TNznja|R_o zlgSak6zdN4TWYf$9!OT$#CromgH^qlEH`Tx^`js#G7~Lz^Ze3CDkHh=vJQle^fFyvC-!@% zx)~=)>o=i7D4$ZXgf2id+rk#IlPJqPvP@=?B*JbYB~pW3n~4${rsh`WP-K$eKz_+Y z-`mm@et)-t{vHHes$0}bpnL&!7F?mt!xaRod1mK7LX zm$B|Zx5k4MAaA=S@6BL(uqhTCGu&%I7T&+>C2gEO(qCYK(8oU&5NTyNb-{-c%-W4? zh$M2mQ7Is($y9>Bnp#;k+_50Jb#>Ai(-Wm2Q(&_Jo$AP$n(u5}g<*xby)-IasBJdcRCYaBL) z41VVO-4Le^ZdHr2sNM6UcKQ}cX~pxX%Jt`(vJcjicla%x^j)oJXH)Un{2jqU;Ah0W zeH?(HOUwQw2{7UiGK0VHjfc{LJU>+xG5h-_1GyKSlI`+t@rIl(p`tl6%i$9`JqjuW$cgm!;?TL~>cNg!&rGcM~l z3v8-~f||>q>}UK_QvvnR7r7p#&bL@z zSX{<~%Gq1+Jw%E{f$%*%J|pHv2>A(f5R2}UY__M0b)>}AF7nF4^EYv z|6ZkN4MSEuU~Rj(h72Xl{<#&ghi*;n`I-{lwy$=00LT} z4n!}+AH})8hj;{FQ&}*dHpt#Pb5#t3N1eCSLq8)WxewHPUXl?Qyo3AgY$t~GJxksE5);@ zcU6*waNdP!JG7+Qo^JB4qvM3i z5S2Dx5L4#Rv;yt8G6Wn0>-0%b_DKBlx~}=?9G_H%%sW+gr280{mFP_vTrMr`2IZVN zW)Y(9L6E8S0SyiFB=X2)^n)zr`wZv#N5P>T%6Pb-V4iVnfi7@yNuc+IWPX*j*Hbz( zX~}NrNuY@O9S@LWeEoYCqYLv`(F(9@1~V-tL<%&r00lrF==g7|-Ab;Ar{yjty2Bd; zMuBIt8SGq<92opyl;&$-BEJJRq(mzU{&Qrb>jqrrBb;fo2KMZ3pcMp59YC;c(F^Q# z(f^dcc9bfUTQ@+xS!``HDLi}FSipqw>I#AeeD;=ZBTQ!g?Pca4{BS2$Q`-PFyB?T> zn^viEhTndA<(iH|jB}SaE+V1;E&V2dx3tNd0DmER3-;v-VpX$y6U>LhxRiptRUY8onlp3zp*Q z>1QGU9;WfsiP?(P^V(+mB?X?q^(rCMTkbQxAQ;72iWK>aO^gaA5(Gr}8A3mn2Np3N zM(hbDLF%vG^0o>g%g&Z&q?Nh*c|rTE#(l^;DVFcNYFclCxHPC=mR{@XB4_>rffyIQ zrD(FaMT6%t2Z~Qy`vSiuj=X2>0%$rki=0+?h3hl&tR96T!?lA=!20vEv$g?uJ!e+F)R*VCZOs1&g#c0Zb|NSS zZYXFHf8AY_3}BDQ31_SQPs5{h2-fgu!cR)Y3oMU-&kf-3pUULrKh3h-{z^*LWWj>` zk)Cw_3-8kJIYN<#j58T(Vo%7Jd6+Fm+s2`AaTy3ascGFJE#3^l4DLa2&KeLW)9!6tFy*!oCsfEg z?TIwZ52tn1Z%I=+@j6Iu-X?vQUUTq z>d95$W{%UB`?6%d@v8Vyg}4=BJw~9N7hKrR7=u!@BI5CTpZDhBVEIl;r78&+8@iJX zF%S}O^sL$uxQ)2-ZV)Bg5d;fx_B-EL^YaFdBQ3h1O1lIJ&lQ5h;kAPzxOO=TV3ps4 zwKC9kDx?QaLz0GJ>JER9es zG#@PCvMd+ApsE%`e>}N!BclkkgF^c8^USx?H=7>6EXD_@L1@DE7g)CtH>|_%@xHMh z9~1NqWG)Ns;RU`}}(b zA?mr}`&bhK{fc8S(em>}E?^}Vq1ne62y z-t!p1f0NDczqjSrZOO7G0WFWoNd`7d8=BKb!auKXv1=K?vTNvDFrB^)C@3^V9v}z3ngjHZ zR$aWm$Y!vzDe2)K*>pkS2S68?cebs=WIoo`1gYSU@OSvs2cFGAZ9KUd`17DvFW+YG za^M!&(cSFa;>)3ZM{2!#eE;$=*r25M3wl7c&iPME9FngCY6@6Fxsf*hh5+8``^JB? zKG>8uF*B$?PdDqCUySS$``Cz`BQW_)>g{okb=&y_8*^d{dN$%lB4gul!>Y|X9`~bU ze~*T!tI13YOnPq!XNBL5d4}JPsA@%U;JcMjhA~_(MC#9ILx|Oz<7dv$z}hGX2U26j zEVRxY9!`JjB{1feR0}h}?*tpZc;yQEfN8+o;XTvs z*|o5`WPj!c>>`2D1-XyzBlo0<**P+<+#>w+@JeRJxYtTfE3wfy#5=RUu(<=Jc%GMN zdxdRRujZDHj2wOd**i=|@{$n19e@om0V~|F<+M?uMkA3hkueuwAB}clc1;`IZaE6r zsri$`d3iby8^DgQOdj8pIyyv+@q}}i@lm5?uUF??XfA@vdl=s^xY#NHl0=ISm|j(e zoKIv@w(BwWTe}kdtpTkRQ)KI97cLTnF@;vmV|}EiQnFeFY0Y@2McBWX!#BK`F)aQc z2p=q(XR?y9BeNL2Rv^dKx`u-B{K3pyu2m4n)}r63dWGD_@JCgStUO(bdRtMYEE#(= zaY|Vjputx@Q1uscuKDE(f@{%gx~9Vq&yMo2WxEBkq~=!b;1>P%zD@c)w0c<~UYrdPJ6t(aP&6bM~Ftv<04%E zNMXBG;ZoQ(qne@rN@1t_0SOOUQ%rXhwmvt*j6a`lhrTjD6PlC_mMmg_UAiAo<-p!` zOte{_ab?yn0dCnd?yJ4%Z(Hr65h8JyWOi*8PSOBi6SCyZXKU}`9R>b~xC!T40@uur zNIOo<=22|)b+tq-p?em%Gz4(?tlhlucVi-PMDsVBJM%R#1=s^ldh^fkA47rW`PxI& zW7KW%^8anOQIF-f**YE_^zfQS*JY-aRevZGtp*O*vm@KseKD-o0+0UDKx9D^z~1== zux9=xxJ{`59K&f3YeR}k|3wcR-a~c%{``(()$1wSP>h)jaVn8)1CoJ(>9*SoK-#iG zV^|Re|DFyKqWSOXpqi7@6-05s(>C<~oD9nLU-zqlhP4HhpLv-f&YJ6^-kAxe%d%o9 zydvXt3$)nDUR2z1ea;ai3yeWlX$tG+G%tB8!~udqC8~ddLBxz{&F1pphc#3~-9hcS zC{cIhgvRB+Xk$T~x*$9_f1fU(9YXfH!S*PubfivZp3yMcF_4n5UslxBjytWaw)h%M zPWhg1YRtPsi{3vM+}Vo*`y$>$=;QFkEJ&P&Zrn}-g}Y%+FnM=PEhvpPEytXB%Xjz5 zS{mb_)%zd`_?`BEKRrOAh`mInjQO870QsM7fO~=UEnq6-zQU!aK6ayb11y%|*iw0f zngM$@&XNKn!cdi#|L)%+?Te7u52NFWb_Ao!eVw+$E8Ew%@J2W?RK(t*yIn+nfZBc$ z-nd_ZixJgKh@Zw@{{I;xI#d5&V?<&UF%-)G5hL>WJ%Lqgw@5c$dYzLSz@@ZV9#4Ii z8^x%1mpi~eyMhI?_s_d~jX`stWfOXXnk%DXpyLGlPuHqJ#V4bYya!4a%O6#g6O_f2 zg4*9lfG7EXuGq!cJT2rWpb3q_)yuM8j}p|LP)|-k z`$zO)bb^>TrI?P}0ITMVFT<}NsZowppXcY-Onw!8TL9GUI;|kC7-^HCJHIw$9+6SE z!veW0nL>cO5-|IvN4wVn(pUcTm-^?PBrv#uK=fi>s_lgC8Of9@P|m#kp#qdt&RIFj zs+tyIRynn|I1gxr{U8LB%+T%1rF&Hp3sfHA%v4a0$Q+R^?`txz@=|$GT616fr{ENv z;!i>wi^&pa=0RP6RyUM4{(DLr6y#({P(e-_N$_bRYXdPSnJE#qi#186suY-h#m-~v zT{K>@V3Af0!;*zH6M+{xZ0{C<*Evi<2O>!1E&nruB+LD85u~@J4s09$iXhSB$A%sS z|K>Itk-+ZZth_vMbE)s6bn=AoV^=TaQ$WS?&mTvT0iJ0V`le(q) z&~a;h*TEp=LhEU9+*zx7Q3%|1uGijYh`2oB4Ew*!CFNX@TU5O>3~+D4r^5V@pLek? z$5cDua$FeZc~37S=XGZ3z!}2%)j??ECAsO483KmvRr*;bYOmx$B?pM(lbIVm=vrJR zN@Ukr#7%O(n{mW*>+tt~B$b9}KvJpr(n(TjDVB-v-;+vb`XuH5J*kwzL&*J*@yw7r z=>D$W+Y%t3>(3#4qyGk3Ra5Q0Nxap)xOyOfd>VI@Hba!*BSsbtZD<^IcTTR&tg&ASimxL6*5WJ|3sE5Q_oEYM}CgUXj97NbLNAQwuCUU-u~;7`J?+G4tL=O zXIkTpNB=OKw5Se)=p60|qd<$F0At>e#D5pl8?WrfZuJGHO;0la$Z#ZFA<7cJO%@jt zc#ye{M_R1|LQ8o3mEZ&Hv(F0A7#~Y_paKR1OoO(YpPjflx1 zSOFR){<_j-KC=uYha3W94vG+={ANYo)>I7}<&ch}(FSB4&#HodR>(z3P=!pagx<~+ z5t|g6rJNG@4p@bUL+%OG87nHSGJaqAgYB0~2aS~MM>jqem?gsM#$|BN;Sc{Te(SKs zub_VHE5yGU2a&KYU>uycxRnA16GijmU`tqn!jT7qF>$=?E3F#Th?mqRb`MI>i=%gp zPREBk5!|eubca6*dbUSj&UUC>4*{V1@P29(7uau@IigCLR#gMcLy%NX78E6Q*d!gi zLwbeBP)vs;*j}njl)SDAm#3i(f{cBX#$Di%iYsHY2VC>-c!gC7P$eZrN_2rbHln28 zdqx}F*z|dKjY^?(!a6t8E7K-Nr26}JWr7x5C#7s9NHV!)K}jZ##Sn}gkPfF+8Qy^2 zOy<#xC*FVRSh<0}>)6|AeS<=%AWE1f9bJs7>BFJg1rMWr?5e{xjKg@Xl>LQ0-(0sL zgToJ_LMyJH=-(z<11q>nxoD2=Psa_oh3IOQYKhNrp}$_4-J3rZD>5J*Td`J@B&Wt{ zP9lO4&4Bg;`5uRpTlU z4r;`+ZtZCD_M<%b>ys*xHnTQ@dX=C-^UQ776@fF~Kg*w#aOjRU@P($6K{W*}ZbA&M zTZ}aupiKsAMZcjG)TBjtPaZV+fk5soE3Whd8gs;b(iWm7qQ;!WYQQ+T6s5Hst6vg+ z<iYora}hjCS-akb}Kda@7>@B(T;U%K{x;CphWr~U@}uo3^?4W3V4zR(A1q%8-O zO#1hIg5@62^1d|?=t=K%y}XPv7IFBYcchK`Db4=>3{0_RR|E4`hru}30SAx)mw}Ce z1Co{3$Hw^Uz~fNpkw567wQij!WWNRZ)b16th+s)L;?fPV|GIs)4WFGF^^s0a-@m zMm+i@*+XDokJH>6%h(;ono7ti2jWVXbPb*EVkA#-m!rIwa!N*VeF1SNh`mY{8bHen zA;aAM{zFA`wA6YV>of)|1mM|yeTp?6Kq;&r*R|BCd4;hU&Qq~LHn=LDt(VWZ@h5#r zn*1VTHKu>~gE#(l1lAC6pSBw06F`+Y7z(YceH76Xm|(=wQ}6z^r`fhCAe68bfCHA$ ziqM!D3C*uNtb3e)o&LSds1Sxt(*fS|CUC>YHxc0(JZFKD=a^d=^ta(N@z;4%DFEz6 zLb=X;W!RPF9>bl^w!5(zmpkhCh&$Dj33hf~MqiujZWkz)l=S$~YQ7Z9&j9#fRY%CZ zLTP->wd$BJ!ER|Q3b(Z%WmOb9xUCPqo^2mYwg76H^OIJE$?(-`%Z?Tg|dqb*~Zc)OUhbgUk5{BEHl>1o~$#< zlCp%EkYy}md(Ii^?*4o~-{0?f{(JhvtHR7V*L7a!d7Q^_ypK2Ih8^lIwG@o7=j`r< z82W1o*uyc@Ry*UE&FfZYIuuv1z_kNN^O!92?b4l&a+A*YG`uK!vu?rV(`!NaUeYHb zhAVCdAc}+3_SF2kr)1E+#PO93KC`GYlG1XduBANb#nXxWI1bruV0q?f5Q%0+^3c3tY2o-(AT_V%cr7sTIH(x>$sah z>#G!k2T;ZDh#y2bKHnd27MHEw7r&>l{{2SoOfAhOV4mzZc4v3i5zCN?YrVq9&%UhT z;d?}NP&W14nEg^cb&eEL@=;a{Qynt?L`&u)2%stD({5ULUmp!}4&^XOw4(DiPqU+0 z{gok_2i4c+=5Mek1SJ1MFl%j9d$;_e3kbRIkRR!2F} z>Rkdg=Hp*6s>)4r_p1KDoIIZa=6qiK3v;pnF5=UA`a##HbgS@dRIXg`Vv;8*S=Z$$$q& zsag?jfsfff^Y{r~M$L-{>=Umg;{_xrXBbAo*;NAbAPnF1{o8e1r<*bUVM@{n#=P1G z;p0DU)@eI zdj3y}5r3?8!M1U6beLLBGYM-I8#`gbC~>?l{IG%=7)&F!n{gzM{3GZlMxYmC*C=fF8NNvE-|;4 zA~CMu3cfq1+Y*hP7uWfspfh||C!Dh8A$t*Mj1C}#w8%GP8SgQ$U5B69a&`yOzO(wT zkk;m3khZI|H$qK%j6ZI97gfHbxH&(;CmfGddb`x)X zrSvaMH43GBUgz_Z3hgp*Gm%vj0O&4H8NV%)4UumhW(Fxp)%A||k*?b|3ypt)T(@nI zON@T@K=JO!R~M!>sU)vJlmW)uu7xbe=Knj`v*|&$Tn&#;ut1KFLivKvB-MFcbbw`p zJtG5{LN?#n+IVNAtV#DH^QgjyX+C1ngL6!IB0u}*ecD+XBhc{^&wq^XL=X4 z-uvHZcuZ6Ye$;`@=&9h(d&EoSDwU6jvPKHr56FijmXdNiKsVttGk=F%0K7lupdbm9 zaW*}~?6!LFa1IpR;0JaahmWb|6xl1}Tp#l)#1HrD93};?BkYQuCd-QImrAH*ENLD! zgRf3U^?wpDp78dzF0P(WHU~r&g?Ba#P`>;Nd_b8kbXm(TWz5L!Dje>gTH3hplKpZL zV^6lSqsZfBK6%aq$ULAb-0!^CX`)JR$8KO~v_E99HejnlDQbFubqtg6((%lKU(D{a zPgKAxBpGCm*>mPZ53 zY_R;^+z6Xy-$UeJe5AXOz^wtB%6;!wd4VVKC0Jcw`}KA$s}DVqfB7^p+4jSk6zeTY z-#Gd^Z6oY?FH)43wP~=E}5$kl(I8+1T-Y>|h1{Xy8>2IsC|I%M0iVC;yI=ZTau8 zdcx)*LRfMeYk^z>v*X_XgMGAe;S%L(>Y3Q zKsW+adofr4QCcJH=>aoZe?3ru*$QHi*2SwAyFE6#)cJL$MW`;+R>$dfT0cU{N4bR$ zBXJfkC#ll%NP3vK=qxl8@U2CkfK&R7%Mf-xc~mcdnx{ZvHjUPgP~Gt85-;dLVR7bH zQ;HPkf2Rg)Uo|Y?)9P>h(_fOeKg3O$mBHz41IRCBS2HlXCX^y9L%;hwm-?r-uU;EXG$3lJ7u^D0Yw*vER{u z1{iu4VeSe8dSGFipMGpD0XF7KH>D#{ch^B}FS{P7Z>vaXnl5uJUGoJZ3;^X*B$sl> zqr;y(MV#LTB_oqd1iyq;?YZ#|t5~vc~h*CqT$b4}yW9sLy%A^!%Hf zNnlDVU}){5eU(_R1ZrHn@|E%55m5i;Zr|!@CX6w@JpWq%U)Br;v*dWnH_N>wt|Cal zakjmC^%Hm&DN?E;AMZ9*T?HJdTH`VxY|$-JAcV(9vdl3;yv)Ds%ul{a;e%Cy{<=x$ zze-aLnLAlt{fhV9)aV-@Dn@>dJrsmDXrcu|?e;m;4<0sJAXJ8X<>h_M{{%uEXcM_X z3xwj|$MpX$5Gv!zEh1EKaGcrYj@|8@p6(aiqkwAjXS!pDc-z3$67sTR7h{^7Cn z@iNsi+|@YU)0ajBSQ1=Zhjb4|PGuKW%7;(GjP}mH`Gh>4I}=ZB-iZM*vsa+PdE+KL#f5`%~~m}*QhO^ zr)25vh8Rcxa8H2FT*iG*qWIAJef$${TsZdgHtuVx&WB~MfMqYEfrA4~{)dh`@1Wu( zf=xo6E(O~+4QmocD%A%aJ6N`VCr2ue-c514j(~O^GE-0e%f;~Q%l}c5o~?IaN;J5c z3;HrLO6YX>T0FH&fUIF~Fl+oXPkq4Ez6eK#3v5@UU$+NbEmyzz<)d*1-~g+5UJcVI z(w9f94-~mr-%P3!ze}4!Al!;<~!-@#C|G8YlXPD@t^UV0)yd)^HnQDs9oBC z_u+t+BIj|YKf$ijEj||jcE7fYXlgpKega_kFSZ9y3RvpxaECq^WM}yNijrD1ERT;q z|Hv;>f&NZ`met4XSOfEvJcrYLP(oOga17%}pk86i62XJF9ns%c?bK%|^Irm{7Jsp| z)u6QbDc7o2Wr&>JiPZ3ClDg|$z<rx?zzwrf_ zx_OR%SYS0a9JwKhPda~Q8EiMPeOUEc_0Ik&Zn&>>GZ{tv+paKl7lY*|ArbGt_WHT& zl$B=>*d5NOfs&7RwM8Ms`q90pN?H`d2pqd;kme;GwKNC7~|OYF}K%&@vWV^+8bb8xbOEH);^0VKH;6(O0Ke+r>%8Zjt}HZfeH_gX zI>qRow|w^^zmh-L8|V9fc3PiFSOYm&{1$3)GL%aGjA>A9D|L?lEll^^%jG7TWcqHD!XIA4Ur!8AeLB(HH%;rgZS?CZV&RVS1yW{-%BCFG*sJ*`h(>CivxHSatW|P6`k+c`NO-Td(DI{3$kXmt26hR z<2;?)SUol<#)KjNvHl5G}D5z<`uNFSI!0Cd38qC}TIS>&7A_T|_ir->xHa`?g* zt3O#@`eeZJ&Q=^*1ff=^-^RbL5NB%wJES3Rh7Fi6`+DyQ(G?_@K7Tz<^C2HqJ&gsW zFmaJZMqZLv__RWdyt*5%A8SsRm)hWI)6>e;=rlg?Jh62R&0}>)_Ux9(!=5l9(mRd6 zSAFHcIVrGtW(e2g{Q8nVtwhRy6u1M=-+~dIPy7IeE{kaU1g`OE*t@2(4qtjF-;GAk z_8_$Btn+`wV7=IVcgJ8rK}}7%ZgYPc8TM45Is$4+uB4qmzVAT8_M`B(#zqWeRNe80 z-X67(v!U^ag$yolI(tE!5h|YeB7LG zwK@Kq2X>p*;Q00WMEt(Br$;W#YsjvCPrE@VuxP{m`c?uDR(|z6WPH1r5=;A@jW1bjGw-CzXzd(-4!Oif#nWNdw> zW`A>Ma@>VigH?o_FBjX29cJ@PFpjew6AONIxA0$Z4t+rUb}*}U#Ea6=?O|gWrQ7}! zNdK_z{LbI6DGHuGxbt@|{p6K7VNP+&5Fy>FqY-@70-NUtL0nfl@B}r^BB{X)lc3zM zt0h`E!zf3$Atf$nRp+H-!vS!Z$7cNNR?V>CFMOoW(S`AnSgKLz}E$4XFAv=8*kFnhQ#It^0{(z za)c9P5f1AbcQF_)GuF#N@{pgPz?>}rmW;d$LRe-VZU!M>aBdOS$~)iQPJ&T(g&aCQ zq8CKbNs+(Q4{8vlz#_67AfQR!1fIykLI&E4_ckzxn+?00Lqn!90M<_u&=xZbK=;CW z2z&y@pyT7u{Kyc8Z?hBT=x3_vt&NT@?@h|pVw)!x>XJT-lXk$s?!q;>8=h()V7axc z%-T55bd=%;>bmD%Y+ui5GmEe}fD=`LA%q+377FD+Te?fXE=AlN2T`-3An$MK>IHa> z-vwBuyX|^mJo!u^$8&Fr@i54%IIbk9;{^^TlVJ7qq(5%(IkzpyhR@^?k3^*$SU~~` zsJRtM0N1=j6s5U={IRc;ReUk(6}6LJFG6sMm#N|wIbgcz_>kahpnWyE=SqA7;N=)_ zi0Al9APRe)6^mo#YO1`Mp}PXG1;s5CdDky~s@W%vio#s(is+Hl;fYcMWh!8*HR8FQ z#q7QIf8I1C2X6kPO#{V{!s(lq^#h=u5BIGnM-OMrw!cK&6nHqG@j{nC-HG@Hu=K%U zkAj_<{t^|*Nlg|pIen%6`uJImAaBI3RQqmmJ~`mEpVLQ3NhIa~6EMgXoWof$Nlv|0 z?w`+97%m+@q_YezDK0e|>9ssF3y!k7+v{76ea08-QAT$d_%|(34x!053)|*?f#@%@%*?tmW?(EQiu9^xXi>9eNWnD z*X6@@y9`#G;me4JwDzR0G9{Q_1NcY&E^2rJgE%a>^m1$dvNWcSh`ddF5Z-`S5`g^?Td%0tu_;TfZ1_w?pNVBT}vUUJN zF>ce=Nnszv!x?z2QI^#{`075%R`5ooZqaZa>DF-#?;g1y%FW=IIbw*qo78_^wXJ{5 zobO~pd8edZLu0w0=9Nmk34y2ZX5zby(vH`%>16XP5GRgZ1ht6b_;=UHwXbhB9bEph zpGQiBZ~JMoE9!@Zi*cO;j+j1aWyw#u78C4JedjqQrHg7ev0ChU>syUY98lxCs;cLM<{!O##qv3CjXewwYZ?;q!L>?P9LB4-0xSy{( zOqyngKDDQN3*8SeeaaDYRL13%7W*^pr=-0{5+S0bPSH+FwPsnJRwF`9RhyCOm(Y2M zn%n?a(qAgjq7C^Bm3dP$b1#QPm02I{`~{Ql*#U|U;US3S7yR=YhcSdMU6Uq7)l(A* z#mN@0L>X^EnLt|!qxiTpo zT%vV93G{n)k;_=kw_c;`U{Z5p zz?>@C1fKk9dl;6-I4$gWM+floR*Y5v#!S2G3g+wjfc) zf9y@A1Y`T`aWO3x&m|cTMV0HuB4nKJZY0fg+pAXs;h&IYUt8oKOUUuKaS=j$>s?0Z zAUB92$VQlWgr7glz1zUi9m8hw?6Utey=1x1{$C1s*%c=9U9{He-aOine-g>B@MUEK zq?zHoSB4$eZ34~Nnl+Gx%gBI9kO3I}n3yqdc%c<&wSCPQ^N!<|CXQ>e_&2&FeIZxX zR)Nd3`{6S5oq_{)(n@AlVqvys|6bHgGpI%4g@3cVl+X8s=x2=!*-IN8rBE2T{)Er( zg4@XZIJo;*nxcBK!l)E+`8+!8F%VfR2Q`2CrgX1X-Zpq>aG08pE05((ZYK2^ItEgw5s__Jgg8%J)jIK(XtcQ0fLB{%vWV2DS zz4E-Ny7^~Oz z18Erl^ya2GCN8%fYjB3BZmv`|rXs@b#4Txa1?+9X??H>n4@VSq`rkpN3xm(wvz#l4 zW-uq-Hy?LcHOs3@W6<$OV=C;IWzkwMtJqK8XBG6$&o79sg;F+LK7FT%!5{P@RZ5Zh z+1Lzbg!!6i@Ca=zsk*V{Tt&gbBTPt?Z5j-E`1CeRp`){zqHv6Q7g*PRfi&Qwo~8am zSE-utLtJLeZe;bU8x2f-(jgQR0(1%NsgX^zR|H>Dd5*G#iwP87tDx*p28#P=P$Drb zj1?G<3;$+uc(>KuhmmNg) zoHu;>JJDZpEtg%zk=vT-I&m0k1j=CN3&r-n$W&ZNL|`&^cjZ zz}G!*YFlRqD9Ok%>$XhqT+8m2ade?xjDl}bY8=f3`1#_@dx=7$3eBdE%PxQW6@%WdtI4j#L*?NQPhqsr#{q$2&yy7wuGGV&P{+jQc`2VyJAFDGj|7%4ah>9sY_+FHrVMHG zJU6opxerryU+4;Oh|g@WY3%tc*W z6rDv7wj&eP3!TMJ;%d!Fiv}5Lm2=Wb^LCulR^H?6@!zwi8nWX%$wnSLyiLTX!Ja%F zglQ1tIXFRac2u>#eThz1X^ne;52_E3{f)FR7saEz%>M_-`gz`O<>w?o^$xpvBV4k| z_r5-1af;eRLENM>+v)XpVASwf=yXL}Ru<3sYC`W6rM~9p;!{BS$+4*d&cq!$7@fy> z>|{lLRST$2>|D`-?*^~ z<50kqjnO(`v++PXIAYiFLTy-%;oN&Dmc$PK(~!5+e^>%$=au=G#WW_gs{ol=W*%712>HaGx?~NKjbqltKjT9spmu|y0TY3gnKBoi z-gy|hPp6r(@1>B&=-+LF!~*#4+7J?mw*&yYHDiBFjo7Cfz z_nS0CH2e)%i96`-XlT#u5RQ{&dqpla1K{EfM-y@L?X00HbT68mdg*}?)KeAB)q^b* zX{D57Oh20!fsF(=7yi8n*)@D`^gv(vVpoPb-0}9tQ-&g9afYZp3u1Ao@~$u+Q^wcA z`2xDC;2z?+dMkABd|Ck+V!$#Sc7Q9!ZaKOZezET6R!Ym#4i`t(oW69@?dO zW;PwGfF{?hMX#jGHw)_}|B!bjM1=B- znC9PB$St^D>-%i9DN+U*Kt09rZ7%aDaK~^!+@n%R)x-Q0u%(QqorZbFKA~1nM6B9> zF}-C{`l{S}g(W(MUCdO9!ZjQ7jC>fR$MhPo1nTyeIVa*iWfTVGWp2ck8NE~pKxPaG zIvXuj?Ze?{3pZWrLA~{r!At+VWzCA^txFs zo6XTc;qICYld}g@NW_fAWqNMRsWOgG4WbHc$d)UjXtN^Gz>B9n&Rj_dq7N|SYV$jx z=+alj64?lbeo#{2^Y`iG@&a}z!+iU$UB~e9*}1f3r3F7k2JYnstbMKCX&lC}iS^b%u&Fu{wTcUolm*r1yoU5L!TD31=kU zV$+s?k^2~R6*-(vz5l^W`}+Gr%Chq8FX9`j3pRL_w&9!QK6?^!H&B=l4+u7g|2aPNGzaWl&RxKrEYau`_0HjrCfLQqV{CGX+d;Bt(->8|( zz19^jZ$OG=fZX=n22%__c`wWj@}7Oa+13YuT-=o0$%yKLPgz@7FMIOR)vL z9Ov}iHmj5aZiBFkE>N~K^qN>7bwX?KjyXWdH@vY=7`|zsTPw^rx=N{3A;4Lj0St>! zEGxBx&Sh{cc)Ev$@5d%*p=IS?;H(10`YyZ3anP=Uq8s(7N&m}NS)R^fR<=Ev3knVY|5u<# z=B2$^s<`uk@U@_Npl_=J+q`><*=Jkzas$VE0hMG!Eo*~2QmgQsleG@@1>~Ls(3!cj zwaIoz&F}aF#M=c5>4r{snoXuZWdMK;(1Bt3eVTX&%M=NaY+`}H>*9M2%Z$rZ>n zDlVU3%;^_J?i7*l&txGonK?O*6r~RwPZf87xETZ zY+U!APx}Qsn>PS2L(4>E;?2X-i*SBlTu$Ic^YPLPg@{BF6 zS<*-TL&o(Qe#Tz)29e^H35y_{6SoLX;2!qeOr5BdyBOWlujz*5yEu^Z+glgTut40S z*ptf}mI<5_l6<1-@DJ213TanjVmWWH8gLkUuAXHQ?|6AOM_)jv-oZk?HgZ8)xQgeKgG~L3h-2$Q2p#%;%_NgkH~Q&+DZwK!ahgC7JXs-FFA@ za7YW^;ly>$>4g?BOZmnNnR^)>SAXhpa(g!7Fw&=I%9%`3b^KdIxhg>(>b-C)4iP=y z8@UY59NN_0fR@DN(P@R=PWc6Ec?j~H}eTF=k^kTQDodF?-khlXkV>AbSq*u>FP> z&d^47MP7Nodq9`>V<{dp061URAuvach4G@putg*=WQ)gA z@2XDJe7a=0^IHjZBXCC@a%V`vk>bInVYM5pUcAkK(&YX9shZY)pKMcg!ILkH)7EGH zvhT1^=2DB_x3`dZA)HayFR;1M2U10;V3RlK%+1CM<8}GYcnRwnES-Kziv#Lad8`K? zDDk_Cf)Rx*Iw?@MM9f#T3M~I?mGLcbPQ5#xJr3+(0qZ&y&)iE)^I$~;%23~rncWyU zvo_}~U{ltsoQ?8-7C-K#n)w(8tL-30T^_=|*#1O~8gbFiB-28KvqJ78f`9)xgA*Gy z_$M|StDt0JM36Q$1DEnJ4HXQrgi8+@Zq|Tun@?HDS7 z&Mqr+rP~OJRAeW+p9v=&@vOO$JT#Ia&cxI827SgU|G94-rZu8xNy? zKUZ$@m?G_wDVQJexTF2@Zqa_m$BFtI|!_h%x5$GO^4 zYHyvPduj`PyHuz!b@^vqhI%B{6h}DL=ppkB%oMQyBC}%W|1kk6oArX@dkcFw=(2;bFx1H`C=3v%}j@ z_OPKZ|0q&x&Zcu3XwF_JM9w^r2ymt5GNP&sCpRmY8qLER#`4WsK`r=TWe=twf1mdR z_ZZ6@P(ZN8wXsfUQv6GPZKBxv*TQjY_>^&1w`}I%$K>hiBblqhvzE;_SgL#9sR1DC z#YzRTKJbPz)^xCX=A}8OA0@pV{vK6Z73jUkv6(CY}*ut+U0uFh{_#N^md1Y=iVt5$v+c)dYBU1JkhB91e=^%fZW!V6P zLic|{KK01fHBS@A7T}i-_BBG8k9th9XHP#`wmj#thOF3WMKHu8K zQ;~GND?C50ez*4aq@<%W4~B(rO;IZC*0vV5zR6GSA^O6U+%SLtE%F=uc3Tgf|LM8- zZEM2DL(b>yW-ih}uuwjnETDo2OWS;l2-^Sz|LAYfo7;HUU@>6JZMtU5Ov=msHr7zX zH#dcX9RfP6!*J)XH(p`#%9nq%yX zKXrcn`W~kL7iuSc}doL-o^vak1IX%Qne?IvMau!Ey}T_(Zz8JZ9wZDO}lekEj)x;OFjuAo5HEY zW&n?B9}-q%R%8_cj>6ml-CI&(uFx&edNzHV|D61LI^_!pm9d*2Yv}?~_0ZN^(7-Gm z0A*DWf*sMcEv<;mfXCcGPft$@LF`?L{=P}_vljZmKOaFAv|)rcKdSnqtI|v zu5@WNI0kTnFv>Q6d9NAE_$76R1G5t4Rt}Y?9H1%dh5I4C09}C)^}$rnKE43K)+ zj*+r_eN8D1SrzTgs#8>GCZzr1Yw#kWV;VfnlJ}ec5zN2C1lGi@YmNXSO%l0W0czkX z0waS<(G(>!Z)#`c$Z=;Nnn%V)FlaJ`r^x%u_E)&wT(`d)$C<&AxI8=TwNP5qFU^l| zes(JCn72jAtq8H3{)J>>8|9;Q5jOuC$WM%@3Bhmu1bxdhz)~;Y&FNM`5o)htLG7iA z;{;nGFRLcP7@j!x*^K@AKvmgL>BUFDS2b$r%q+Kk2%&o*GT3zQRasJS9*vb{8smZN zMu)LqQj}~5JKts!`3FLW1+zRr%DGhsyS73^7= zk3+!82Y%Y~8o@c79Zk9+e5=5}1y8WyB>V>vYl)_t&ZW3G4knMH1>wr73 zZ?^dtj+>I~jHtuca@(l+o`JZ9xJ<5}k9wTViCa0AMotAtTK9QzVMz_WymMPw($!R~ zC}=Q%m;zCHmU(+ehymBB=dfySDLegtxI*AWQM|MA^IM@Wqrz8FEW%3ZZbbBcpPK(c z!=l8P)-GjnRG57=kvNN7U%4j|3L-IM`Ww{PmHvjnV`WxB6&+74Ds>qI$_>2^&PKyd z87a3E4JiN_Pwj6>vi9pvm@z^EUz!d(-0jkO3`%WC5E5pvuF|{C9Qdid(>) zI059H8(RW_?h5aJF~lZ-4KQHE^A+40GJLU(dGjqG3~1GFpp1>!E!p_=D9I3_y&;fS zUCe-UP(>BWv2mGdsUr|+sabLA^q)j6G%e~x!XS2JR`t>HIy1UY!Dyt+S@TkD@9}mE z_9*(2^ioSI8@v4Jos7wLo49gO>$R5UdN&ME` zVY^0eK*RCShy0x;0=>a$ORTyOFDe-eW977kJ_RiCYF71nYKh$@u@%$@e!1f>&wt6M z7o$v=6%oiQl*)@*daXJPoSK$-^RE>hzX+q_Vr5)Snh)FQ7Be&W*uzn6hjFZ<%&5I- z2;s{~AwJZ?toU;zwX7=w4g6;Hs*Z17 z_(?OrCE>uEVNIL){TH9Fo%#dW0w=KT_r1}8oEb61h`8Jq8+lg6O%_WT+uKx}35~?` zml1N(l!;30U>rCi?=v;8snQIWq+ben2(i?-dSiPQ*`R=sM%P^By)gJ1Rx5O0z(J>w zP|OsS%Q6ofVz`b(M8?S8o8->(3U~6a*IIx7Phxh3eTSGeT>A}b=>mR(+9>D*SVV_k zsMW(RIdykTq$=GXNpn}8&vwziJdOi$s>~@KUHLl_5yVhP=OXWBG05676F_O_=e=zTuRi2Ah39r2 zA{*r|n`1ECVLxOkLYIep1?2Lt2B=}t3+*6)O7cD$^dWZe7(T|-EE3`bWsB}DFTuV! z%@Y7<>N%VT@q7AbNwMb4x@^k&55wM$yx%;&P3i5ZqzIqelp>II`BX_kY%hgM3-WVa z6&ZJ!+>?OGja(A^7n3V!50Jx*OOE5LrYiIazW5?kM4V~|Ltz@70aHz1D2!^ERpwX z&$(=8UE`+w>}hq*&f+D(-3>GtpqM1;dd3O@(PF1FZd1m12wjsr{h(}fhnqe98u7o8 zyoHS6`41~#%%u8oVzJ7`LlTGYCCk6ICnjB>C_?UZVPHk@H=^=QuwjZ{DXek9b3)PE zZwh|OWGx?@2h_I6wVQo*pfYGqJt^%Uf;WzGT7BoG=vsY7no>YOrl4UUFs=YG{MR=Y z5B&d3aIdIZ5IxIcT^@@NW;=QR7HI+)I-Zx|wsGgiaHd9dIw-{#PLT6{RwOAmC$z7#;wp zMfgEJIj#tjRz3(t$s{ zvIArNF#HUR(X;-D6T zWvRyKM)H3kN{&(Rf?)@b%8orkV+2mKPW|b(Tr~TGjJ@PO7Q#yy;wt6Y_Cp}-9r;IF z2(9+RC$ANQOCVDaS4tp$UIt)By{LLA!O^|~WJqND%Lt!X5J<3sU)O$dx*jrxP8k4H zOeGzX2eCB|=rmOzcKa5*`X8{7Aq`E*GW`QKqHIUo&hpp(=yeYOUUG4P6U5PFkntEo z70|wDCD}T!$~frwY;F3R@x`gf24Uf^?Zd<)C0xHKx7DSH=Q|bGbR^1HKetzI?T`7) z(K%$y(u>hZ_BS~MnrpZrj0SA_kE#Im+zmzK-I$>rg92IM15FhSHUFshB9ph^1=Lb1 zaUCB}aSEq^7B<+@{SY!+xbaWDdKH7bYn{M2YAGMh_QFhtEDuTN7^A~&A(lJp@f;OsA@h`E9+x%nVXY5Q?|XF*aA>ZDm%yn4o8z>ZhL3i zfh(WN&O1DRG7VAsw3u)QKEOcC*$Bt0;uA#=9F^_O0&2w_6rXJV)$;0 zR%6%=2^tR7dBv|K%WFbP#^A}K^QMoGX6R37#0_mu^H?1FP*D>9jd zr_(oT;Xf8<^`C*5&vUk2FITsh^|sLY{>EfNAXFnrUPdVg_U=hy2E{WgMgF zby=6Lwquc}LCoD7t&KP|Q<-_#TaYB(n`Ik*^dcdPNs|(!>1zu~!iO3TRg2i6+3HJdw#F)}Z&@!3}Qt8rvaY5$O zT#((s1(}+G&Ck{B-*v#>Yi97tW2}Xpd0*OL?-D|v4~mb93$KhZw^$^#8BLT0ZjJ)E zO&n8Kk*muyFiVcz*p|8`*LG}>LD>IpgABa=FB@d{ZyTgw&Bl^NJh40q>bD`ea9;zF zk1H6+(*6<}qZIP23XxYZfPtpo^@!KKNEilwD|o`vT7NC-%N60J?Pc@YwY)z-;EQb# z$btF~5Ex1YfmC&VcJx0%;QvjX$Gl=OQ3n^~*O2h$1cVdw=-|mAl#wD{Nk7sd;tY?M9o6+`NA3@z1XAJmjKRgxL29(vFtaEllYm z6**F$`MtXVtmE;2E==t~)8!u~B9LJUdWU5jY_$+Y-`cGM>p;_NH%jcut+oPz=-|h| zdf+#v6s7^wCHK8jQ(BNA-N>(BmW zdE_XfSsshb>#N4@i~Y7dGPM1&JnlNPZF$t+pOqRzaW>^Pw~7({l$&ZGY!Q~|8IORs zj-jt`KVYOT0ZHr5U9)D@&{QOr5#=9|%V(m4Fy>q?UUK~pc-FvfW7MWhj?k{#K8MiJ zJ>Nn!v-CPftTiwH1o}oQ@ckm=0v$Yl zp|iw$0G&nbb;*-}!NPuhKaU^{M~N^NQu)9+5IR`77qh)D(9!8*3jO|3)V;}Jk6pJ3 zGhhW4|6lBk|GVsNaURJ1H;VwV^M2T~2$WMx&xd`dvUo=?xc?1|c9*5V6S-ov1Nb)Z zU^0yX+fo-0<1>KMriuSCAa!)4K(Y4oT)eDNwmTspC ztv$KYz}B!}pk>1xnxYW!WqLp=!jQR)cB>SN|y_# zxC$4kro(qs39Cuv`VS&57>6BgOz8j>Q@q|A)2;y|!wkAwhIa{#43q7>|6DxZUdm4$ z2p?Wk+sdD85>N4XTR|<`V7&}nSjOnwDB%zXRGi=IOui7*GSN_F(W1p|eX7?%XQ6mm zRuKN?hN>KRBE%!R)}abMz+c-LQRH{K%iZos0H5g|Ra-RwMl$l^bXtb_@Mp^F__+Gk zck(^wDId%-_pg(uyjVu{T#GVoHht&?&{n2OUmK##aWn5Vi1TrTd9&#kx8;60d$7F_Ty<<$F*m1ehKw zrNpi}pd&za*OcMDmyPjW-mM>nTgvWYGCvxsn%{0$=R6PXV5)JnN;h5;?1Jd?<_rOw z06WV=RQ`;|f)sU*1uo@YI=$(-wd6Y2nE_2dHHnJ$BjpJ)biBJ5FIINawarNBE&a~PNlwq?Wx@pM@648!h-<-T%?Ett_g6-f2CsBM*CP5glh zF|&|fOwcnZ`#^YH5KIqqA&;Uv@alykS4Ydc#SQmh6>p5L`r|1*17a=n@nrvmPFd0E zLRUreye3l#=y|h$?5g-A0S71=C*tRM-AFlmZXBLmyr98Dbxnc`Kiw^55`!pNoveS_ zFPxXiK9rO`4vg89LB4aAjldK(VL1Kn)QZdE@bxvK!p4-I_yLoDmZoU~-)n=jO`l;1 zF^~|JPVHG1p%}!FLIc3Eb4$B09LAllSFf3rd$91!4+1qIAE=@ASsK)M+Klna?>RN{ zC%l9CkJ)&4+xbCGJDCF)D>|y-!9u)YkA;)XwV8~PUt1#E%l8DJ93@42P&;8di+H9W)qC6JMqGw5YM z6y6MM8>5ES$&VAVP{*!CsVPMPfbHna%$0b|RzF^nWZZ8)9GEvb0(18*NI(t;XSXZGO1GxEK*4$hOn)UC(l?-~4} zVfJp1%c!ZCn15lkCW+r7$OPBE4w6q0_QGuDd=QRB#Vh3N&h&c#SU+6=DT!5OPe7+g z7E^qdAI2yRg%%jmRnrU!Bv&6$@mQGUQH&`K5IhUkc9Re4Yr@Ru9QogXv&KrI!}!Zc z?5FO4`+}=9K)CoN(;F0xB3D$`Wod2Hse+Bf3BK* zTq&}MJT3G9OA03NqdTA!?oDGpDY7AfYECe{|6*b z4_^#ZPPNTIvea#u+zXp7P9IIVLF*`>u0SbJSjT zx~X4q*6+tbQPMlvDe9>z2^4T@wHemI>D{Y)v*PE=z}as(X;XcDrc(Kjx#HUk>I$`7 zn5$?;mK$g+z7_hJ{UOEk+-6Hgk`$5N1eC?uWFTT24aD3pRu&ZF?^=PyU|>MiUoSuM z&iH_pxsy+AY`MmgS%Nx&a)uCq>rkka5X;=Jjl0h%NMf6G>}@rp|CF~w{mw2A&rAE_|>G*@n|TcNjy+$#8>`fii5?@+OBP>tG|zBIo5+0iN~4DA4WL=Iolq;H`fFC-&$=Mmk7vuqzs6mlq5 z3ugLPQ>NZ`&z2hrC(C~3ycGVS@5jXqx!le9pVtQLfYA{5h*EyuIi_%#o z)d7TP?5r_TSohT(XkIKoyV`abiv&F03t9e4gY680=g`>VH^tf+HFk&r zf5R)>E5N(_oI7_Il!%Sezu3gO2$=_j7WNbar6PJscvIy@eqlTlU4KLQ-_8oeL|N|r z`(HM)nJ1?&wBT4;`ul+VGU->m)Tg#KT`&wabg|zO?pGjvOWbsQQPq~gOo!C3F2we< zZ!aCN9SX8%@=!)>Ki05IBRRMUM7;Z+niQ3NVtU5{9gVmlqKRNA0(-fXXSbbj+)_2{ z>A-Ch`4~fww?$ubFsbKS+xWLungA{bm%ucT$;FP3$xh^F(bv}uyEolM?5?xi>#ZQ( zHm#lNP*IvoM{`=BQ^x$HTp@`Yd-G4aBDZE#AI1dfvBdQ(0_S$@grLf!_p@)=;W>)d z>C?Ih^U|XxIs=cV6?)22N)@j)OJz6D$Gp@F@r=jtP3CTROAh-Kg@v~V_o&VM`K4Zx; zmSJYT_cPS#e7@h$_4{1c@BDGDuCmO`^E~(czF#W~wK$c1*o8hc_wx%_Xx0ah2ak0z zyf={uFfB9qI2&fQ73nUs8@LnrTG~FIp`T~A?GiT}1DzE7uKf1THktJ+U$%j{^5@T8 zbclSn!tm?}-&A^m0fgQ{z8ZM#)vuElYVL=T4+gUEgSqCh@vAetTa%R)=^Kt`7M5n@ zCSsllj@=5tD!(#(9iWnrueGHJ158Z@4oZF2C)i=k612F+!Dk}M(sJ{!5m2%Yyca_RTHGGyE0kjUe%T!CJH$FEXHaqmlYed(P z-ex=FR5f8B6#0z3X}K)Ibx-Z~4>8=$Q7)MVX+Ki8WUs-cQQ{6v0-96fjNS3h(>Lks zNdLx7obc%Gz22G?blc;Wb!~ut)&*P7tyw-6Vug3AyJlfrbY2S1v}Atf5Q)|FX}QpV z?s}Ex#_v~39}apV{q3dVOV^-|2Nw>~ecVQ?K(@86Lj{)?*dpdi)H3|1zWj|#+B!KL z0LiAo)=Qj-=!f%yv-uD$MJ}NN!Rw+*P2|nU2Xb9&2IIF~Vm#XmU^Vq)HAs4B-g*lZ zn#o>F)Iq*^mm}c~sq#ZRj_Krdd^pJW!k}dUpwi|GKo$Jm!g<6&qhzwI5I$y{mszN6 z#-nwwTUf)=+EPwuV8ha_fg;SktAw)_)Th}8nT+eMkhg^>fF#MIW zH8zAL;QCGP(Hg*|yF|7Jps)qEJ#7pmXnb8pfSJ6fDJiGNn`xTwR6ypM{b*tPLi+q} zKF3n#S*)V3e{>mhqlPQb0?~odRbauJTmY*^<&Bm?(H0ZJGJ+&QHtxQ=3mKOi4$7aR zNLfAcBgxx0E+5TkfNhxTcq{u{5 znTlKM1yDT!99tnu1=t@zOWg@x9CXGMA}H9*8!wC{dE=@P2|#z-*OX+A<+l#8B{w;k zke1%TA4A@pqNyiiXsc$fANi@%INyxI1*xQpUDKCD7E%3izL#|bU>mQB`i6BN)&Q>F z4>H==QbphAb?)FD$)*N6N+S(2vHC(z6PXrW#GPFqyY~0#q0c*;njtO(=8Y zs0wyB&yqVImwqnr7}P4eg=}XaY>fvtU8mHfa*hVRtry6N=@zWrS=FnirWOrRqO+X` zjy1ii59{`29vylfUhm+iS@9F|h|a_z(k2jeJbK3$V7RrNgoe^=5Yn7)81X~YJYkHf zBMmBqRb#Jw4j|%DLy_Z<(pjZDsNar2!-#CWF&1_kYmSCVN>&t?ZF{dby$z94J zh!Sha_w`cAmHR?oqtI-Mrp6m@`8Hh_pTXioT%R{j{Z2AGGd=2m3gnL1#OJ5FsWXse z$`iKMHobN{ow8aJb&0Tp5})CRFi(mj|-m9FDNAEa{^JbA3C^= z=bif(YCy4hRWA=U4w9MyU@8)fEr2?4`2q`hDbIHGk(R|VOx?{e)u z1r!DIQs?ufes)nke~6CzoG&Ln z?=^rs^WlR!^XAZa1XdAURaMoFZnVX)Ng^4i)&L%a$uPo4PJXFJXPla%SBL;f>#OoF z=2mdqZ74!@cX#1HSDw;BVLU?lfDD2&u0!=>!lU{f3{P?B`o#!Ch zdg|831(*D{sYvk~{7DpGqx(SvdKrWVYL_|YO}q~YtALQd;lItKZDkCa?^B6I= zcCcx=R!nx~>J3zQM}fdo!k57pq?+NWkQQ7i@py4qgSLtJfWid{3i)yN9+|I$p9fy7>Rt>bVCm zS|87g`?b|W#&ORXu>Q_yB}nwV;nen5`La1RP7_WAJt@9easa45jn|7RQpdrI*8?as z;t#VxdSG|6Kg2G-KEUM_4A8|6usjm)ya6DfqVajrUal!f#u!8eZb;s@6Qe zd}K!%N$p@l1>m)vw`BC_GyyYICP>&!FB$C0Sy<>XxEWMX@VrbT9{xB7W6?DO^kyO# z@g&5;M{3c;{0kd(jpyY?zMeM$v}7v@k#RbxUB6(ZJ2nt z2vQoEX{jR7Up|53uMl9J+pRVIIIjLS7o3IWf(6s#mM^4Gq?6WloyWkEC@mk^tn2(D zt^%qa8Z%0jWXaZuMViuFqnKo>XXBqCa&IeISwo^nuE)8fHr)Vl^S35J!t-qB zp{hIuaCgUVJauKZy?-?HD4EH?r?cZC#@kZ;htReW*DAh537*RDaKXTb^09BB3Srq( z{GYmG?;bdIym+W*)|TE)HN(Gk>ycUxN(2Yh(PZ7wW89A9zvJQ*v$+%`y``!SQAP`9 zyZey<`}Y#GJ<@8J%Ck@YugHQpA~>-;6I}a*I&2eMT5Dpl@oJmis5ldNzFDZ2E5%i> zr58d@@NSW6=%xo_qrdmczkEEsODBp#QsG**X=7k0_D3W#gK$ngWK$x2u;M)({ogZxn5rcsXM)8UqWmdn92m-w85nQBz4;wQ=Bt1xH!BX0p zZ)=t;8-uk_Ej}QVV(UGCu;sB2I_(g`=@$I!XH6v=T6z8S{ zGzY~`xz&$Txa)ywq?kuvTho%$zW})K&%{eLdDNK>w<#9r+&MouZ+w-w^U{VPhceD| zfAc@;^yl}XAaEl$3E6v`ldb!z@4JrAvmnZ7xzhsqSwn4Z3H0B^gFPTH1RK(GSFi{5 zhFVT>fR#Um{hBADW3u-I4FiIYkS%r8*Dx9=Gsqb8lWJ?{L-UeQd!t!N&iNP5W}k0}P>V)a*bIv`>; zKW-(MzToQLo?ld2R3(ySckc)LJ(zgjqtY@5Q_*j*g=OWBL(6Nk%gdX?-E=o!=v-lu z3~yPPT0=ovS`}6!6^tP6&t^Cg$1YBxa)MK2ATgf(L5chuK%WOvZsfd=vMDu2iTW>C znIeF}8hAD%L?#1tkw#l?#F|Lo1!==o!Cz@N5;+>y(~6rvry75tSD)*K5qx{@LM)0U zew_2$saJs$j(q(!!R-t%iL|ONUbM4?=?~m5=YiZN!{XTf;Ig4VdxlB{YBsi<`JVzT z=s4NpbpWuq=R#wxcv;NcuR*>^rl@;|v?H1&Yd#~S7-wZuc|Cp2I5c+8QRB*YIqIpP z1OnHsux4DR$$?6gDM(c`i?-ApQD`QEHC|-fqX#20K1g0ibN3tWHxhin(a058zd$@# z;x)iy8L?-7Tzv`j98Oz&{egSswqsW6_%$Ung1Me*H0T@3`8*7$=Sbzlmc`)m&gAT{ z6N&MsvFP_7S*JdOHENw2utuzPs6F1y+uQn|C(({8mqG`CXBNkj9`?wMn9uSSUK0#z zx8^R^geH~pD0ZtXepBT5+LK|;x-auG$F(B+8bMU2VO<6o##H5N%{dhLKIv~cN6tc$ z--kB0!8L_YeSyE`5({=S>L+i{DO-^FHdf7aZF5^Q=aX(!ZEeNeDF==`;AkBgj380| z8Bu8Qq#ROy-cAVNkQH(ERR5g}{%H%*NTxbP+}IonSV;e!WZj%dSpF3;^Z(<^eViQw zJG1mVK*m}IxWd}t8Hfapun>3vF7#LTw9?UK2SCX_#_LodddoLo;dZB3&W3`mYK)}{ ze5CG^y}JRwdWKqsU#nW_`YiU6o(F=pbwHuc^-#EUJh-m9kc^7FJ<3AZe02h5sp!dF zOSj|!U;}R^w<<6+Ai9OJ1KMgg@P%%SwCxiIkgW%T%pk-0xxDwl9wJl>u4_YTdCt37 zc%0m&%HxUh&f(nMiC|vT1EG6QckVx<5h8uR*>E(|+KgB(v)CA5dW|NA|9t|QSKQU5MqjZnW3=)9dM;@^ay3=pZs@TVK0_vsM>ED?gIwC6=5a)f2Nbu zgh;kDa3sH_Sq#E_aBZd-uRi`f&aK&m?^gbh+)j4o5m>?G+}?U`B3NYuzhRqp)?1w= zZ(j>Nf!+Gaka#kSL#I2VJxoFkrRIjgK@x(CyE!InSH4HM0>ERY1`(@B@h^yrAYJ(j zKK?*9N@DLK2h;EMhUz3TN2M&xYs{CRQYpDRnpB1|i_|?JM zpaIHIl9iVl1zk9E@Pz=@;B!W87OWi8U}%xGy}78Xx@)gd!KlfY4Ca;5AZ2*GAl9iy z3Mcat(n(O#Y-&Djjx@9c(o5Xwx#dvUYf6r9IwdBH7CR9ZA^Upc_Tv4|$9mvO^&_S# z&N1U#c38cRNKURs7MtJqW%7Q5x>TSgsS50ym4dbF)25_MUuL!O?loumh(CY1YjXLy zX7(ocIH^z+795~)g^%~s3t)}LDHKP`9~UQ=H7Q65#hSqffsezq4{Qy_GbaURqEFd?F|9F-nfl%YoHBMBSsLwLc6;_(lTEOn%B**1>PEUP+7t|# z6(Eox0{>ECBe@tqV~%z5?CDhE;Wm(#EB9#5gkO-7sDx&m8k3+YlJe+fFv~=iw);?p zgVexT>h_eqTMuHmukz>EB!xTj+A*i7l6SZHmLpEd&Q^A_W9v2Pv`jS*9oBXgg+Y+4`Smrkz<#w@5!_qJ%9GIUE=>yYzv@nEdt`#fW-DYhQb_>V3<_D z32mEk*lBO^{dK1e;!Jzrbon zL0%#--4jD^G}7i4NSyXE8d)Lb9F#z=??+HA5_x%E2iAKnOjJi}4gIj@@zL@>K%ilD z*G2yw0&?~~=r-?D%GW;ajWw_I zxKzMNFR+O&Z=#}Yt6FgQ9`^2WAY+t;DJqsa*0J?UsrJd!AX@UL(s9R^ca;d2v@Vp! z)s3M@eFK0=#HpI@vewj7S?;vjFUe8}P$=RmMik=S7GH zTBLp_+&r}kDPB~pzEDq0?_2^gn7+Mt%OZ9KJ7T5&xQfc5V$|LhjCren9I{q@9Xvtv z+}IG)lD7m#+*k#E7Q6g!pFl`1@%lc}@E3Rn9txTXNn_Ju=GTx~dU@CoU*O1sI|7tF zGn{{Ru^HId*-E$~f}SW|Wz}qLi>%;2lF5-a01=_hPq#&5w00m6mWfY-Z`GMyv|bnAcn`iP^+rf#35r` zX5#M}QU=-pj)%9&gL1fr4^}XqGTLLpxxNU+jSm$0FA&I|6DiT2{?0&}D(Y3Y3g|+VdH|G-@R}`-YKJ+; z5!i!m2I48AKiB!>GdJFIoDKq3+&6^8T7V(wg6a9m5anq>n#~&}^YZQa_PMRK7B&Ug z+x?|2U_Z?a|`3Zx41i- zYf6&k#r8kK)xgf5z-^Gr@n|t&C=s?Xxdlo;%A4gCvvy>FZ;faq?YNz-`qi{cQUW34 z6FIifs7^l-+-o>Y3Po~dt+gByBq%`cQ1wYZ^DVv|)xLjgjJjabBJm!z8RW(a5V`OP zxnrOFpqo<_tG@TRC38fD)-1T^jfgZ@c+77A*l{{N7J6n+4EHqQL zF~x27pvv6_#UL4wQE3{WjGP^tF5D8i4Yn-%>xLTcF_6-MiTjc*{D}#aCS7yKADS=p z!oFuLQ`fmr`V^ZgNaA}6Aj zO*wmZ|Cax-;?5UY7D{t-DD(2FKytsmJtCbv29~6Cuw;Zc4$kHy}fsN_@*q#U!X@g z^>l90k@bNIzB6x8j9_S}Q>4mUz1FU)cS^Hk6^L{RQncm%3RE=e{Ej6d_VA%Do1xV@ zBka5#=vm7IL1PMX_SGvFMLVELebqS0L|P~AD3iESY&Kk7{T?AFLT*uY63j%vbU#*u zrQ+BE+auEZpJSpKzLN=H$?r`nR6nvW#L&$j!fNyLdNFaipQxHc>7KfFNfVz_q-HB$ z2jt~k~;#GAjdnDhIS-m=%U5%FW=g2DMP0+6Y003Nk;Rl+JwdI**3L?A8s5>@h!y~f_QvScdEmuiz0$-R(&=#^X z){mgntx$d;FZ zB`BWhVwclLWv0bqKF8S}9ET5j8}z_0v3l9<|50_agJZkg}6;iQ> zc*F+~Vm!PqA7}`A1rObc*@Fsds5lfMa?Mw(r4Vi ze`7*w=wMU-zFWW=syGoIlAQaSOahD>u#~SgtlbPvpIqug^=+d_S>d;Fq3}70u zgKH(Fh+(!apTXDDU~G?HqfZ86v*(JKOkcB+A-8UHpL?$`1f!ZsU1%W zbg&%k3u?4C#~A5P5zK(**!YUr8Nd?T0obb;SN2FL{-~TgU$JjN1iOtKQmhNn@)IjFbPGH5ybOuMqY~Wk!V@~h-MR+BHf7EAjxYI(6;>t!# z2;GDO<^W@pj+grK1~PnpHAommD5_t~R;$NkyUhP54|fLSX9FHii|lLmhuoT+XEB|q z2Af;v1hZOAc`&65SFrgQKWt_n2HA<;WrEhbU_671?16W;>PVjKp zZD3vwMWU`i1W;^YP{a{L`N_-BpU1jK;P93nD9};PU*6MSVVl!va*f za60JB&8>_8?7yL2=o0Jd~xbC{cT877sXccRvwcH81a7-5n;Mao;Swoag1>ib$6O=Ie z+z9jm2T$fz0rIAS{UA+6vFmYZoDwPY1-e%!u5rXpeL~sNnnsDk&YU|n@G#Hb-9dBH z>u?XZVKAt2>LmP6L5r!zS+~AHDG+DlOmPDtu(l!OrKT zzlFycq$kYW5pq~H6PpF85;HXt8jGMa=&#w}a-bt?%;}LQDaI@&hm8W#=k_5~#^u-+ za3CKx34kuox^H6O@hrTDnh{hRI5E+YiDs1x8ml*Jy`6dr>r0!>gbG!Qg5Y_zOakS9H|4QKjY3Y9tc#enUGjpbAe+vdwYQGm( z2Wjcz?E@qek6+eex<~r}jFbTa%#`{;FP_ixjNS6SV5^+kUlUg?0Ft1L5XG+u8d~JF z`h*wm%;IK3pr7yb?;{s}f2tr?WiW>bumemuu?OdUK85hcUjm9BXTCLT)Mci7F86T-7ve!JBb6f^|;M8&C5) z7{%o$Rq5KrZztj~SbaaP4$vW&?6s(sR@V(%l0OXq0#L|*%S&()&iookI^Z<-y}pB6 zuDU&M4bgQ!4tt0kWu{vC%`uS)jlHA7Op;6p{yOnsZmP?)l zK)!)q%EU=*9JWj?Q)jORLUAWzFC}iDb@{ws;37IqL?KTsaV(wL*5L}MIoXNcCpmA_ z5+d1B!MYMYq?!*jb*;7{zw|+2Hh>2-ZcU=@@QSO5_U)g!+2z9ZUh?9&!>&@G079@< zD|MR@lJhvl`)kzSwON+KqcWy5{>A#G$^VP><7m(W!k!6~73O@8D2B=K@!>^pVLcQ! zyEy8MRkxbqi*LM;I-bdr8aAjV)Hs&O0?w`Umw*izRqORG7_<3h9P$eXr>^HVmNzSuPb@F<6Tic%{ra${kq>=YCk&v&OmE(!$oJ@d^&=Es(@RVPn$rvJmjeY=srhTD}Mv1|IfH;PVV`FGBvEEdgXRdGuP{ znV|Uc&;KbL`f;X*R_2*uKn)s@jiF5ZYaSxA4NogT#TWUEOT>oMz|n0Jk`iBb!bW6x zHb-M+rr~HupDJzX>m374Sjh8lG`*^H*9;evF$0lvcz~cd0v2RbWuI z?sJJ09EwpZRBY@!It_3gSqM0?gWqFBH$(2Q#}7#sIbR>}h>Gy|rvCiFKZ(A9>=Gp% z;>P0UJGl@#$4pD6sCxo4rW{$l+SqyCDr@`3fU^tac7g$?nHiW&kxTXn_2jALRd0vI zN8eP2Vv&1Hu&E4{@E5)i$}oO4QHN% z`=G>hzhbRuUS}nj;m-Zh3lsyxGLRA2+50Z#neVA zvw^A!JVC!S$f9T;m3&^2b-+38TN;~VE1`nT(hcFsdkD7cY-CtA&~gME5)%YCOk7e9 zR8!xjfw-x5#M@>K>6Np`S;n`U{VX&qsQ@FnD43mEcSyV9g4X;LJtyX09vEN?&Y^yb zH?mrN;8vcTKjV7m&}Nph)~1v0Cw73JxEcs~5Y8tDN~DF!FsBQO`8Q7x+MF=#Zw^&Z zuycr0epEr20e=nM+x=o48X*1+sf*_CJU}2<)RSV%IwOv<=RkdQ{{?uhpt{uuczC)U zU#TtF3axG46-5EBAt6&uWbvw$M$lyE;bnW?7eQkQF5mq}%kIz?t>JQTlZ^R-MA8G< zS57^`zt>u9*m;4Y&6vIPmvo2)x%*eB=6|h=`0q2w#+}ddzfyny4?E_7C+_TKfFcVO z54LPT%OUM507Fo&E9=bS6kYu@V1kB zR{S9OCwF z>jGNd1!S=yEBChTfqKz&p&a8`)-)-wvU>ed52`3Ysm(H8Y>Dv$M5Sp%YT?w4553G5 z1JZ@tA#&Pl1%lYoCKdglKO(cE7uyNEm@0k)LH!?uFl}(MkS#uTe`Bh#reJH!peRUT zm{;>!*mV7&ZCU>@{UO<u;uHKk)sOukW!evcd2g|Av3mxmMWl`lPJ#WF( zuYQBPXOrLqzR8J?p+&pn9oNLxE(~W)3xrPe~z*W*Dy1UeOH|lGQeDJz@cf zd54l@vfWP2B!N!LG9dDC1;rwfwMDVUNvCB%e%;!^x+ti4?wtCYAwUI18>S-106gQn zqZHitigKA^52%$GDKSeY)Hk@8&(tb;7 zomL)fYge|SwN&Fgf&U961lhoX{T^-{$|j7loDGcWA-aqR$+O4h*pGrDmBLvY?0XBK z6FYP0u4qH>xnb9S5VAn1sZc0zkA{jOhAPy&JXPHLE?PCs=P9#By2wR(%S`d@GAQ@6 z^jGlH)CgLV63dzdgz+vTW?1MaNbx~M(Ht1@hDq3wV>lIYvu(iPhFL>7EI%?ekA``hvhcwiZ%x8B(4P2xy zwl*eG!}0xnYcMN;{41ZXgj%f5RLx$>4|bxw4HF}v-iEaRV%zt_ zQ1BYYP&vJ6ULviS@SG%MP3xi-mql#5B6ARPOe@d1oXyZ}^ozl>(QO}-Fehbhl^#ah zm+^8^p$5>#b2U5|h2UN@f}O!hdVRYUcnX^hwtQn=UyUKtJC1=M@wzpebYEV=QGtk%l~ z@8-c;KN~%vGk*hlB*C`%*PvGw z3gh>xn)yj&!t_Tc0t(G)VW3VG?$|* z1EsRpt;C%ioZD2|YjxM8GXGW)*h_J66xj1C^K64NAdWv4Mco85g)3A=;jIpgO{|pN z$vT>kL6n?2fn;5GA8^2pvm)6VjgaywK{u3>!+SBA4Gj@pL+*60YSKw8mnHYr%y0L@ z)G~rSgIa4(as}ii?Vm?RLasY=u3Gt#JqPy{5G9p zF;&vNz$j++?p)n42#iqWf3b_hiTA4&S(QUh8_l){oF@Z31grQ4!;Wn@#hgV9z}w%= z0V}+pZe~wkX;f#@iy|C%_#8V_c+F%Iw zdai;fU0}c3a=926pWCc7EBCM_T(%9G#DIH58yFHF0rQ3sDm?TNZkO=@1wtqK`pWZ4 zwS$q2itsq!lmJisFrNAzMbxOT%~uOT7xq28hbFyZZG|D%qXMup$BTr+{d7MHHv*{Y z`-yK*G)Lx>&WT$=!1ZYqv!nzj`7&lVLTX6~+k|0RTW9U(p=Io!@4M{GpGnY0C9}5$!0c3N*G4*%lM-6 zHc52zVzjdQRR>sVtvO-p+zYA6uRgs;do(3E^`O{*U35olKp6-rb^n;jk% zw-E_&7`>mN6#wv|#|_VIPYT{aIrM(IYM39;fZA+IX>QDfGId)MPBwailoRVoloN1n z%*0wZDI_mK0lAAHHtae=1d}6az6DT(9@WtC2i5Oiq7qg0o5cP2E;E7fu8)Pu`-gD8 z(!hiF@!){7xx*SyzF`Ujm*MO=-|f!u$5HU1xP_BTFv_H~bF12+3r)xeCae@lXgd2I zY7jRXzDpg<)mRT@=loi0dP63Yq72k$5Xu%?zlZOomB@2^?sD@jJ^?B6rIZZkNPF<6 z20l+fk8$!d^Jxu8mj>AP<5v5)qNx`0I{b(-S#jA482Z+-Z&4wJvGKI~HAdl~06SU4l`5+i>svuJdir2Aq%NUe!Y=aYt3XG@9f{*Mz<_q{wd z*Ie&f*x2?lHs*`8sxQ-tZuRLw{vzUCEJ{Zt2EKFB*nQJqf^5mp*=|8iYKj*I85ntI zqna7i#azndQt36(KaVWF(hRkYm<$4%c-bANKsQUgTe8H?yqo;lpc~I)#E{tc5)i1k z5E>K@zASh8DNdxLw27JUD-Sl7Jv=&4ce2RG0RW9mJQ!sf@85T0Rm8y+05riK-}maE z%}+0p^03pB4U*G;zFjAouWxqk4D#ol(GB}&LAsywH6AXxmmgn5v{&weV=Kpo|iT0UuligJ2u;& zHYIhf0MS`%oig?QUXciENQau4bt{c_fp4AmbZ1$2*oUIeWF9!@A55!Zy(pe=T1d_S_fo;AE#(swzkfKwBN@ z=P$#ofF|FLt0gJ}k4KG;vO)Wby3FVK93+`=730wA4Nd_w_w*Z4iH%TAT9Y2%T6DG6 z{81fpnB>hVTb~+g_2>IkahyEvCUBH@sy@{Yb)UP*GauOM|u7)QG|<*!vPD!LZEPHFAU|C$&Z z+pIBuy5G3#X@M5Wm!KqB`uVS+nHG_&YtAp$WqN!$ih$_=0p85`5q&^>Kgw^x$^Eok zS6*y406P+_Z|WNgR9SoJjHe4@rLz5~`Ij;*g|et$&9X6xW7+&uOL_F)_`7ao8-LQSIG+@kU2;l1f|@YtlV8YO!p?r5oR(uhVFtguUgzsjw?oKyMq zB42CL(-RmEpA#BuoM!n!;fGq}+(kP{E9!=CMiKGV&Z^O6*->*))rzH1iBwL}g+u<& z_4EJA;JPe?mdXvA%6I*!PT93oh0{8Kqvi}*wfF@UsRe7t5_u-1-xbd->J{BkC>k|c z?Sa7O$Bi?|gK^f@ksh^v+4}fwV9j==<4V1S`k?e2E*6`zVyyazpNNlCNOn-}^d8R? zW+;rnq(!4{mB8T{LkWr;cA@)M_( z5aoN=un#%|%;>&Xu5nH$gCb_7D4wZ`>7MW&NtqZ@qRG)eo2vqs`dmQk%V^1s@cj{e z}bpBDs>KpkAYZ0BOAW!hWk_Zuo zdjQ94?G|_ZEPj0;)#%x(1j_A{o7{kiPbV2w6fa{)TpP+D>uI%NwJJCf6g2C~ zpWam(B@Nd*M}9h*-E>-@R3+nG!lcDqQ`PRQHxv&otH_bW-^<~6>pG`4*b8qHcI9IEKy?A4-K9bNWS@E%mmzJy{-+YK`>j^gwD^+7Q@{Y}tl0c9?3iVg7&# zc5rp3y3S`^W16I$jl2Ts#)>wNTMP!iOiR6@l~5~Ae{oUs-1>27FBEp#Q|$D-p@M7D ze`#nZE-beCJqLK`PzD2SFnxhp9IQWd7;O2Mlpvu@jwIZRD);Kd)dxa!K#AM+8#F1< zLX+Gn0Vf0cZP}Z^bC3Ix%CxjDD;*pijZ=>=>%Z`dJVP zrbRG0`WZXF?(KWW=Hb+^7Ri-w-s6_@QXkIsiYCZi28Bm6RZiB@$=`a1uW2zq?qo)k z4x{Rv&w(TF)ed=xKF|GH>I%2*MG*7AXWeW^KDW5$)><47wTHMC1ek z=L_-mOjAKd?WDSi-DBXOyb?!Ha+n076XH1ObiLei{%0e&j7cf|TFv?c8(1twqr3cF zWk<8wbt~ylQsG{ge@MrdG$+f#Kd}xIc>} zq;1KBD1iie9vnv-Twz4@8FxaCdb@lCQSgfqD5YMW(=_vIDcnhwkt1|kHflnqr_=(fiotr zqmEIB>~sfJ^!wz&A*-AR?22x_o>P@A0yq`YQ~kPY9G(<&c4Mp~of%>joMp3&7i?tf zriyk6BlQ6sSlT(41U|fXnrL`(!FCv3unjy`fgoeevaeJmuU}-ZV!j7s(S*T^2gJTZ z@L3URf|T9K4N5E5_Sk$WL9_oE;_VyzfMy^2a@H|PcGYCKPjyBwp^s@>Bw+71(M^#?~K z50({jmiDs^KgU|ofk+WZx{FWyq!#%JV%oFHl5fSD*Z?5{D1&ueTIhU&GDRoH!CP`` z*0~T}uI&0--cSa2IxSpE=&zU^uRR0C*!?IjmR5vAraIZ{&zsLh0{{v9b9YDvX(X^Miiwg7qOWqlPNCGNui&t}UJw07Wky!gy!=|Q$rtW(N%TRJp!;Bm!7#K6KIT!BY0(P zyA!)VsExQFNlD=Tqk6yg6f0Ou&L?5#^CH|&<5Bc+lpoq;IFEauOhufv%mih?=0tsT zbzeyW^-q&b&g&1Cr4_->x$4R_WznhH|6dM9@DbKlidW4~G5S zGg&j8_9SN+bIxA zj*d}1Tkg`Wr$>qts#{{Zi>mMM7hTbc&)qs|)+j_(^<-}@n1AKBZsvy!@0`nMHCZU# z!vI&Ny98BmRn+`p^wptVV9LyxjiDIK(&*zYDK0N|;~23jzT!@_Zo4hw3|rskD!CoR zMm|ht&IRJfgHFi8!4;lAcxkgXC~T1a#0{MeU-&ZP>NCd7E--n>JHLb0Rr8#$>kliW zh7iq#76k{ncDlo>CUOW}9|Q7-+Q&&+x@GDfJ;d|p2dBPVK$<0&&z(w{M?_jM!>KHx zA-Kgt_gSfKF|hPM7IB68-W$T@&hZ)0s0x_{2S0|V0Ys$~Q5G`<)fRBN2kg>>r}!p4 z#sqrqCz&!5TvBduCfal}o_d`+pDFx`Iy$FVc&IA5*HzFC-T5Hl2xdDxHd(3^HQLtD ztNEhn^y&+1KuxZ-Y(jPY%R;Xin@ z>oyl}cB>vE(=VjYgIe8kwLiHcdYC=NAGsdTb%B7Y+4;p&*r4EQR&`64ltb&-)u}If zzJ{ae-RhD?G5*O?d(klhEe~6zR|n-Pl$OPv7kV$0%JQCFl6hkfCQNAu61j5U^xfyH z+s?Kf|9G?QpbsOdLYCJ?J;!z5y>7)h^0^KMrW%~#iX)q4W>M!lg8W>CPa#Rh37)_m zFY)>c!=*nST{M9*=_=SxnL6GPVAZ=r$r|JCFlrJ5n4%#B(S_zu&cMgks2fcv$(R$I z3Fwb&L&D~Sj8XK#Bj3lPg3ja0s8%^&|9VQs3g@AwkBO7J%aN(`xtt(tO?1po{Uc@n z^NPZSeKE(#*VcB?g8S!C0C|;w6KJur`zfHt?B)q{0#MtDD*JtcZJpK*r0(g_%~4-; za^}SxqNHYlQ-TCcr+ep_X-Ak$0R`~Md__ac$}!gUFw^Sot#?4`h1b#eOR^m<{j6&W zkvn-U-%gYAOV*Dd4w}+w$ct|$ql%iQk4te^nV&DX!Gdv3O{bw<@jXU9*W<8q!tze% z*JsScyQYX$%Own6n(mw0A#h!V#Sno;@n8u&lC@odheK}>KitLW+)VM3XVf8EjD`=7 zXDUp;J8cA*hUw3?O>?2!Y*Kc8v@Q1ah|m5sfA4kmmm5YYUY7G9nXJEt2Wny zrPN7|Fw0_vHw+4DFN{(BypOR)4?^`CMhiV2}KcIjxz z@2hA23<_`{-e;ziO$hMbw!%N+QUh(RjT|Qmy-nactSsTC@q0)S1NKXdE1EZmkF`N9 z^A>(46g}a_6-MU2j2-FvfL{zb%)%0W-rlr_s7JlP^SO&%XL_d?%e!}))>50ucZgbK zk>%!}SzN<5{nIQg|6`iTZJ|$zr=*o2JQ|ix8X}iPk4}0!w?|qw0PDab5LwnCK?b<< zUqfsxA)(<{@6DWs+$X@!;YIuOGs_I4@=qwv2|?8WpY*=@)Am-$>)D%d9A6-d=RDo zc<2hEcD?$o<^h~EmWlXTYv%#xbt(`(6%D=uNy|ak);$mDUrg6 zoNLX_-C)?2VBcn=E==Lu4FYzE zs;SU@9Jkrz619)+N!}X%uv@stIdayU8}p(s*e49_dESRDCq^=PqQ6BzJ~bM*$9#*< zc&4*i3ZGBe9(OaOYc2e9+2{%6vahXRmv_#J&q_m|>Mb}jHYwl(Hq@Hyv9f>UC# zTvp*Z5GdHBR!d^sA5qgLpKr;uPVrQBPYxfHPUQ->M4#U$f%0AFBv*|DW;F*0m$u%Q zg7X{#-!^6eRPbiS=Xw#s&SD@-$)Zec5%to)4_nyZklk}aO9at)6)p;|2*Cac7tnIG z*QtQT7L#h?K92XMj`%cJ$sU`yV>I3ilgW&OEf^A%hk#gNENtl}&`UshDQQ?B!%_Ou z#hS_V+p%D};nycvVrnHou>alqx}k5_lcM&v-XJXf77L585N zaHpE(KvYhbH)7wZWH{Qk#wc^>5|9feohG9owQ^K}%7(c|;%3FZ{<_po9`*J19T8p? zr`?`i=DhcCr?A`C{(MVJyEf;K(@)LZ1%%7OcWQv1dVbHZl^sUCQ{PG?lK*&|JhDRp zXe@;$?r9yBouAB2#g%!9`|2Il%ZX*VNy49vSZa!Ml=eI{bwH;?swjC@5 zLHCU5uuNHc=C|?*+_Vw9msFlp}sm2BkQT-oEGE6 zP5Sim#E0x0SDS}i%p19xasS#{bjCnAAvug6LADItg#^*Xm*7?%@_7sDE1;eZu;nVJ zMSIM+y%1E;ir`MuZ7LVea8=zZLyl%VSAxu~!p!AjvaRtkGHQ1sdj57{(X_IYZI4<< zT-R)8Jt>ODNmYoXJ)j@O2KEPQx8yiqNRo{lyV?crT(MMe=YsHnsD}YO6PtPB1LF}J zQRI={oGH4T_jEbYwE(f}&E_hd2syDBQp2ZQLWL9=@O$u%$;&!RX$Oc}Xxobvi>SF$D2G9`v$0q$i~MttM{VeY-c znoQewZZ#>&ndgBtQYxu3gS*LnWVN^XK!!FE^?2}3xuybq(M z*M8bpQ`O8UGoHt*58nqi5?_LSe`G6lNLM!e=-mNW2MjmN7E+GNx}(=H4t27l*1npD z%?BXc@`~i>C=W6ptZ(4ObTxu5#vG^x`b?bFm<6Y}+qi7y6t zLOzpeygjoPMP1d*zPDoq$FYyhBUW@uF zUN|3B8mNiyxHxD_VrG|b6!tV=J>9qKFfdHdW=%r%!SsvZPJYH?8l)U)Zr6xOTaLdb zC@s;+I@#>^emX63zxpv>l+teY1Rkm*9xU_DmZG0!)bVwI8YA5F^LB0}dijZrp_RSq zYpmzYlQ}W=q8Lyn(oyqI4vCyw51;A2FUo%pohisuY17Ms8nEkTrKfJc7xo{gInR8A)+m=vT4L~fz-DtdaND-S+QLrZV$3waO`B8@%`aA2fxF`k?ZQba~;!B z)Y1#L%s4*9aiQB2?m)j;0eR5?T+VVSJ81e%V;V7@QIepImhc`BqBn8F9Z4KOjgDk`bvI$gg(!v>OdL6Rd zQw=?RdRVHyjb&W3aei3uIOSr+k&UyA)(EZ<;V+zcs9rB&FvnEnfZ1Asj9+*^fupOO$jBESCXD<20Mf}fJZWp47 zy?b6BH>ATvd~Y4ZT%IRxmdo0Ns@$3?2$d%yIyuaZ6M>f&cuiv&h#4*Qu7kD2jmeW~ zo8?`f6x-0on&93J&lCmFmQih|owA?Fn7AB2FDd5tBhioSkyjbkGd`WCcSStIigKN7~z~njj8gBsPidcv@>mvRAqgFWo@Is;Mm7Mcr zC0KUDNv&J?x$zNP`PF6)%!q{Q3Lh4j#*+aXglV2&OU{-HbP*~0>}lQ;5rH>nQo$cI@U07Jfgp@Q1+vaSRlXzkq$f%x$GIgA6Y13azrL02a zBMzfC+dANm9p&z{(=FaORW59#5l4XFE8ecE-}9u|*r0#zujv6>5z`T!x<#?qD~{Xk z$VX+9N$R;Ib&de?S(2>Ei)ylhuILj;6vY5K5sZ?G1bymibx6v4(1AJ*bPAw;eo6qM zD;onCrSnl9T4%0Jfc#`3}UyNm^lfLxf8S71E!om5Q7p9fI#+uU9tPy{*-XM1<#A4vjpuV zP3t%2{(iU66;BIqHFnl?6p_AT(;O>xX*#!{!r3O`?JyXLj`cAL0_H?4tOSv&b4%lv z?O3_Bm5Ri4#(qmW$!H`%-5ExDdOpOv#b?BN!+&!Fbrs)>&)v*-Ef0^D>y)T$UQ!6% zda|=ab^rr*?)=c^Ps8fy_Mwl?pNtJ=zgcW?CE!-yKAws*ywLUhwxGwDYL(&Z^3oJk zDe3vx6udospzWVRdd6fWSpmba08K6n3#WkFUlcX#J*~yhsLqrn*3rM9MG)dfUsjKt zb}%+d zTO=}`=vBVpwQsm3O_JcZ4Q|%aLdyUt(?UyzW4KI6#hoGz!w4Qvp-^})NJ2Pv~ zhA*l-shWm>1`N1n!w;DY?0MlQ8n6Fl6(eV9$$Nbltz2mI4B1V{Xw3w46&CAn5_l=3 zi#udqu)LX8g00uUhYzqH=Vx@DER|@nT8n%*2wfT%g!io`ZmEiU$O#Q*7)y?(L{7FZ z-$YzdX#pki?k*w4fg=jP$4hnxq^+qyn{XaY~={G^;?*|(%@Th|97}x`)c@BoZ zS85$$iKtHT>(7>f<8#jb9$QhJH{0{cTR0I(cHL*#u4yarUwUh5dCPyIOy-)nQq#m_ z+*YLyfAPNPB<47Y%p++Qih!G>0r#WyzBMm3Ix4h#Pr3%1jHeCS(#8yq=2Qb zsVnbGj&tTzE={{122l2H;T9@>v#$&p%)o06p^nM4Rr5>^=ilzcwPiy!{i?KymQ8z) z8yn^Ur74LnFe3Yrdk@N|FT5%xGZo1ZrCx2-av4;xJwC*gYSRXltuISax06 z0Avq1;`U*Uq_m*26KM0FPrkP4W4%0)XHTpSnoX}_sBcuuCanFnXwElxd1-u8g$i6- zjRE2xt^T!ExT$6bU~z%YvYPblx(|pV^HT5lDB-xdu%-o^i`oc|6-o8hYrq{Gzm6{l zT~Z~MtjJ%elxP#)EWQ&ZxCS$JklUYAV!ZDrFnc+(xxcVUhSQd>JuZm z9Fz7uIF8$^C%kg=)@^BJ*=X4ZOP>sQyZQDw>r2xQ=?!vjcWQXoQrQtr%BtN3k{RhE zfY-|}Jok2?{0UnKl_n(2wKz>&F!~Y zZ&|}~OJ^a>2ZHO0%4=u{GjK$#P;e>!!ghBUxM1jm9G1&#H}!Qyh4~Cn!a1SGiWm1$ znmkpoo>1vvk*>M1MskrWvp1iNVk5IJc(Tc}>x1hXoxO3JU?_JFmi}=Kgb^zuX#ML+ zlOXF?E>ODzXoUxf(K=z^EqxH-7>Ff5(WkJM()VCu_mYq4Fo32|k?+$Uw>?Ue!XEq&8 zUnep{c_y&&eXB`A>idT|8-Ee@`!@7$r2$oQOVNzzZQ(1(4hyBJ@WcX4#(42|1<*CUOE_o6Z=FKbm&$RA(~J6``?QtjrIINbysHS3hFey#e=c9Yc& zV7TkHW-YK;MElJg_A=7XRn)g=$2rJK!0jdQKBnEx4SZN4`b{5Hak*B6*;DMToN2Ip z`^q06@c%1Pw%5UY7Cf3p+(Z*!Z1*8IO}uIaVK0AMf4R6e&-1^C(XzYpuO7KV_aE~= zxX>5BP43-Oocv(mB}@(CNS`tP^HW)nHvp^m^IYMW4;ID2A89LrHwp_i!SHrvsf;^> z=qXRVl}~*@^4MSva=eA!WWxy}uuMz?F?wtOurriKHw~UBOBM8&&0eal&gTKB4#dJQ%-)rdJmvS(; z|AnbDi2m!X_WiYnc4SEb7No(JzW3NlP8|rxT2HzuDF&F3UbmM)33?iAZ+npJ1-1sq zH_rST^>a9<`N6UZV6giFqsDrl1GMkF>u{#jT3oM09)H$&2)3B_Pd3h0C9#^?oPnrz(I%c;4L1aQbu34u z>oweWFrTI1md4>>{!=#gwIA|E*-@X2gJ8>>WupM31wBtUGehb60EJ+)YX5Wd8bqG! zl9yKT7ey%fTFsnz6sfO#^B&c3SXHnZ^X&GKeAsPPU#bGVzdYoJ~?EKf6jn!rv%(RHLV za!51I8!Kh%v+Q0MjY$LhQc24D(oI|%J073vaSO??Y6<2vrUCe1{8`_mpihHc@qR3L;|B>+ zZ71d!oD=+_DL@_2iE+^x|0pHLw+TzR;2F)O-~Nq-BB*s6yq1_@Elspjo?Den7up8= zioB5DF!R%dDlSP>U0*8c*_Am40_omj+V2CuoEp^YjHNIhP-7$Z3dw*hG`_fX#(h9x zndh>3|Dt@t(waZRfwzUvgQJR>U)~9mYv+V81TKtefQ{3LgX(cqWNLeaI>!|#E*PqL zjgt;gBqf~Ue}Wm3;ywKB&17C(=^zI~Y?8?jsvpJr_xpYhhpsdlD$_TyA>@DZFfF?3v;Sf*9?NH5_$p_&!lry;#i>}!c z5_0UVF7|9MXhwhTW+&B^8B3o|6_>ck_p+>0oL)cXezHeX-cY%pAQiRct>069qfVXu zF%Rw;e%Z5SiR1lJtZZo63!k$11nTgdh-2X0Rqq$g30Z~SPw$h-?!j%|;{OGkZ8(OdMNb^&In$cG_KzB9c~zTV`%=qkHq z*)%|k;JM9liq-b-7Q~FceJn1D%9+pYR&XB%W$EmZUWur-4q8jQJaM+Skhqaad{hS0 zOM#Q0rJn0j0B0FEK?S|$+NW4>#4$UWeqN;?0C+eT2Ta52QO+LrDC3Z=#g@gAiJ>~< z`6bsTHI;?l-XNH%M=lFYHX9*Btop}(^@!X@EoNI z+Vzwzs@#&6UGn^GLAB5ayL$?`hGd!t{L(a7CO{g zy5y~Mu*mOT9=F-ao8?W@=QW0XT3|8gtvN#P?jsqMa$)O4_m2Z--yC@zG_R6|nultj z+jeRd(wadHqTEZ~BXOR3Q(MTLYgXjY$NQAd7kpH^R^=_cUW( zBpJ~~4O>#6!hyX%TWx_7$ADbAWR*t`1UL!xAzn6Mk1{; zLP{dbv5|kOsceAG+&A-_gO^AO??mSdvBR=WX99wNQr6y0{Hy*>Cg#dzwScB4i$6f* z%-U-1Rd=Jr!iip8bh22ZFF$cVY5SXNAU_iSO1xQ#P} z-0%x?pZ#<#v5%(w+51XGFwA|Cy{NSvZTNZjk?qG;GTKQ4)jt6oWYP2y%FxOz0N4<&5a+n;DdBA@;lz}z??Ake8w16KG{-S1 zN9nB6XBm&8Q7l8_{Noh)U)tA?RO_C`W?kOep2EU@9UWI>|5TWyH%H+)lB4iofh{; zIpQrvWC>L4>ntbCR@QoHh#uBGLAE%Y9*&rB?mLNOfA_y~H)lgWC#S_JeX~W4)^)|G zgk~!(C6H3%=m%{%YyJ}{4UTgu!(!MZ$AcXX@MKwcdgrH3$=MHCuoKp0aU193TW570j&iS}V%XzcpiW3%(85X;@=p$22D6g)5gZmHaKspew0=_SkSF@5#+X`fJB2+UfB_IwLy6}SrDGW?Xe#_Z=blC;Al|5}l zY`wpw4zJ8JxYGM@>0l!YM@J6L@2Q%MVN+ zad>hEhrDu`vMuR$r6QmNCnT(O=`P(Oz)aNBev^=xcDLOFa|&^&GN8=yMo1HIIIX>1 z$_p$=BZ|ssseWf@4YpT4(3`q1Q|n6MNp}S6o}AHG5jf4;?rA-8YjHWvp9v)Xt@31N za=g}S2PnN1LO(U9rYM$@gFjWy|6LXNbl3pt#Ka*b2*O!q(Xfitr9CpOtx4?js?Eb};;V=edUTM>;v^ zwHGZgszdNYfF}*W#(gf#o~l>B_4Ff}w@c`@(lB|v$drcA;+ku~HlZyUVTKT4z7TOQ z+mCB3vs>wX({`INFqIa`uD;Lhif`ORT%aRsZ$rsGe@&hds>RoLR{w0xl)RjCwp{Lk zthe-twY!?2`<=v#o{f{ka;QWcQSNc)>412FEkvdDfM%!GymTE=h!~vNm~5T28Zy$J zv!`)q?Myw`cGTrf!zD?6EKtz5I*~zW`>OSqv3a|Qv{=y9 zEaEAM*t&G?8ix@?d%84wFklJ@%c-@B0r}42gH~%bKhwLY+jG=r-Oq&RggJ4ij6y$8 ztxbEL5bVNGL%`$v%r{oAI!ZlQArZ#Sm{8a|xw6^N>*NUgJJomc%v9*gpN(N1-l5AU z)1>yM;0`>U?1074{g=z>4NPgX?0VFFJ;H`F19ojKCXX#nu@S(s`<{0F^vjPfED3QaQfC+) z&032zUp3%U5t3Xc3Q8?3amwXW=TrxJ7o^{mc-qSIyv6KC?C+*&nZLKLe^;O`ofF`a z4Pj}ObLEwKLEjD|(`neHjGO2N$dw$wn)%mQu?|(^S;Z9V8Wyf6P{OD4v|gOR3)%`> z3AQsixcMP$dB3?G$mce-Pcaz_bmrCeJ52A>ae(-CJ7LUy-xM}X7bQ92E@7i1wl}(f zZdM*7JIrx006SZ*qwWf|t;3-$(`%w%KY>d7nwHh<(BYJ=ePI|ALt9qS=lx4)=!=`t z6t7mIc#9U;kEpLmxQlopbOm}0$Jt}@p^N-!FlsfQ*ZQtXsiN#@TQGkxmIfnZ(VJ7i z`6BYQ#Py2U)Hq_vRyUYI75B;xUyH4Vbb`-AD}$q^*Gf#2=1xXx>!A6 z2BV)!seuhcV;-30O2%Wqy~HI}TUqFzVg6CTpIG;{z|z2w*uRC&dOTj&>TOmL*h*dq9l!m)+A^RWUY*Z5?&Kf7r8-}uYV>zQO1g=C|GS$AeJ0jx?%IW}?U7Qi5q#FDS54>fB~h{S zgCRSQGy1Wb-Z4($K~slUg%;H7Rc~qNqxQ!U5f{VPyysGif~N~jd36HI7%yQlY&vn< z{hWzkW+C#&8V5ZJ1B>~C$5Wm$$_i4+8&ro5&8<~^m!nK{B0?} zh=|K3Z{|In$n)%XpuvhUb`yN_=Exm>brk$Lk1wjiR`pG#?%2k<&MqA4h+1CF_NC0$ z%VKEI2vTrjy0$2RCHf}90yA$JIuc)&({4rM>mFJy)2_@ODm&FX=}kH1qE3Ddu@ch8 za@~jcx>twV!e0s9zMbTcOes_?3X5LV@H>otSIHJT@Ae1A%M;rm#mh2*NK@m_Aak<$<8D1eTkvP{%mC=%ZJ6MI=X9>UUlMZ%N@K;5lUp0-KRC)W0P5^~7ZFPi`K3k#m=6iF+ts_s%f zB-EZs5%OB@#=6-%v;HVX#P?BcVlL9-bY*i3q3+bP9@&z2Ua6ZB!lJU(Gr)O7gltD5 z$J5e{a|KU#dy{qdVVI>@u2|Pq`#%EK&RKyfPJoPy2c>LC6Gl)M)|l}~QFfPgnD}_g zwnt$TGn2^Hf!zRn@&_lUf0W5(NL?*o>QlA2Q~H-PXM)V`s>5{$df_!~NpmP0>6;zE zZ=X-?I;q%hQCajQv`U06o?Xr>G>x4ws0(C(Wb50gWI~hRA3idNmxvI8-ypYa$@bbc zx%rvhKS1c<)V3NU$F^9{2g3dci~ISs<2+`~YJ9zSX&`RHvP147YK%E$Ln$V0*S&cB z%#Z$wt+aFoY>-NyZc+`G1RR!@1fp0+gw@vd`BTN2X@*jn$|Bt;QfxxvjkU`BB5T_F({azi;hP&D+-X?kAN+z+w8q^>$)t|rQ}BO)lF6$%Egxm=;XOJ}wf z;SzVg`|IW%xk}>Z-yh7JBgoBlm4C%NO(NAu0X4z^zVpT2;ZW4rWFdtdPhI%Q(ZV`F zdn1kvpn70NxWorq_b|MI)3}gwuOrsSi>tKrQtBBW?G*3yOL?dAW=jl)oXt_zF7doU zw|xH{!0*01T#bU+g`o`W3s>0mC4`d+*K*S1YQ1v2 zBm$Y2TZrF9fmlqQy;;NleiqK6*D?>=`&O~S+0`+V+xGmJ!U>GXa#=43%C-|3M7q{Q z>-s0AK+r4%Woo}(lt)RZhU;qYc3WXc&gxQ$jyz|M!dDALshalede!rA;C1}x-hu7+u{c;S=6S}z!B>h#u!pw+z-IQHVaONSnJhoU!n(l4dY?o5 ze6A-nMC{we4G@g5 zwBK#G-0tO)i@0f>{TMB>&AuP0%!=Z{~Tr?>FW&qHf75gb`(2-ryeHfxM;S;hm74CB7@0{up}#;%J;Z{Ef{@O8%=eCT_rxXH2)Chw*>pj@|mo<=rWHggj{ve{T3 zd8IwAd2p^yiaXX_{Hv?SiJ&rXO|?UP4ZY_}79HWt0*eioZ0JKB`sabaS)nkoBBj{2 zRxk`GG#x=%I~nb~fNB3&ulD{;0wP(kyZTOUX_jYtvZL)qkyqrYfwY29vZh5g>YCtk z)xdyXZ{h%|u43YEFn^*vJAwIHtY@`yK1GpzC}T|El+D_0eZIZ!YNlh!Vz#^^IdEJq z9&UCV6b9B6D~z|V!%?aUg$=f>D)l0bpK@il#uOb%S2(eshUj9iOW2nqCQwS%*32iX z{2j&#gVYwKRmVKR(B zZD-e(Ue8Yj=Sw#lJmPHQ;^7IEf=MMv1h0)^Y5-m^A3^2ieuo;yql_9=-C z)Y22Vu0@~AnAO3528whI@rDNH7&2mvx$gVU1B`<|%?=F{Wo>v9RslLGqBJt+XKTVi zsiQBuF1! zymbT?5NglU6I#>KXW+SOXV?h%`YsA`BMte;buXISvAY{n+6kp=*`GE@jc{aj6eRJNl~P4Io-q)`CmB&2dt z%SNs4K&ud}s;8yEN&ty*I(CvWi@a(AwIy7Ts&~p(68hP{n&I!5^3}F}67UUV+C=4* z$&Q1MIuGR!`(->p#;yi&x=ZmPpt}^SbsBWNa!;0hPTDQ5n%=$79B@T^Pi8CHe#`Ta z{@7$d?}jx<+6%I&=VxXD3Z?6vcRq+VQR8+`&CurHOJQ zwrEd!jOa!casJ>Alc@W_(DO8y0DaeURY`XQzt0!NX-&63D}^9+_M-2)j=t*EG-4_v zAm;{(_H$Y4clCE~-w^o5+F63q<*dZ(-(FW;9i&9>m^`{mrk%cuZgIo|Clrj7d-VIY z7Yul`<%za=inMlooMsN2Jx6gYKl&hWYLUPUt9ma=ra%2;{OQLoMUPn?{v+J=u*fS` zQGcAf2|Jb#Z9O*CJS1^_efP0_(7&D^XpMNcyV=~2_ao2AlX3$JyOrAZ{_5mAw#)s{ zo2%QAX;%}%54}8oDf**IBP*!>^<+`$e4jmQDoc~avY8;%)uHHJWfjG*18I_6bGo3v z+OJ?d+= zm3c}4M07!HzncJqJ1nsGQA?aMHF!A|dFfGsn1SY@hYiNj|Mj@!Vt)Pljd22Rdm`+A z`}w~}aI7GB@87R5{J#j!ZmWM2UPgX@F3w-lwr$PQ2vYK2`l+uB2*}C-OFvyM{qxVc zI!GjvAVY9JNW`N_FK{}9AP3CPM1AqPVqwEqQ2KogO6UlHo$v=O%D6rM)7b5{bLAcf zIKc3F-?VZxk&#@%JTd-pXUGBH+Mz9Tjykz0UJ&54j2zyhKtF8124OB zw5S+h+yZD(^s$67;04-At^v^siUaQoK!`yTnDKfN)Ld)F2A_oJ3GY*6H`#HNdz{xa z|ABokrKd697C;{DD4>Rpf`(y%f7VIB8wmRTRCqL1)^?BY!vRS(IF`2CN#x{Xg9 zKIZt=rwAzTvKFXdh2-QMWom}haU!S${&EB%>zvjiN8%s2~j%(f~Hn0x-Y`0HPA*e8WvQ2zLM&(z^4 zmJrrZJqX&;2bAG$N7*nPCJ2tH2g!HqgO4(-;5VD&MCgVelQW`Ay$H>+xC55XH^_ki z=IRAN2%tv&D+v?4|UNh}yyyWME^ zOe<`)8ie2>Z{Jo``aP-@b*-(f`>iiM`Sq=|vf=+bxY0q)wY%$l0Hl^`Lk=l=8}=Q&n6wLArubRu@oFLdz#a1zxl#oYBqK-H2eEgUFs%jT=LpQ z0m6e(LW;Rxeswa&V)6&j1+aqnwl2bJK+XDHmkE>vzUqeiFnE^xI%u?u#fFH(zqqT% zR+f9k$|qekTEdvU`4T~IYZ|CkidCq+f|PaC7~??wFMUnP?s(qCQ&d&1IlY$SY6ny6)PC~`@8r6C`KV0S(XoTOg2-aP zkzK=>K@YVjgn}TZQ6P>9A-cd)^vzB~uXH2@uk_sfd{~xmHzy-@O?v1QM;jtwAnj6^ zcwXp|Iojh94^!Wj*r&RjSd!P1FMM2mMA@9;hpZ-#_CL=nN%5L%&bcvVuKei$eN#lzmZ#g1a2m-p#mi{53#RGRQi|SEMlcr{6}*j1)6a zJN6*Xg>dUpxW_^7Jl&f^#HCtYdvDM4O7Q5wM@57*5z)x=LM-6t-=&p*uAH~1x;<}B z0sYynCpd$^Fz0EI$;KI;TR;Kv5KPZ2SDO8SL7yJ$9)L4~%>VxCxVRqLa(+SZ(sOUY zZ}uSPYGI)Rq_+p7RjH_b6}B4~=?PF3TE!@|&3%6rduUI-pp(@crBDu-X|6PFEg4c# zoln&HHSDx_z8m%^cnrOHKj>^tLG(fZC&1mt;QKW@`nK-@T>4#uYu`m>5NfB^R`2q9 zQQPl?RLDK@cc3zLUA&AtsI|QqA3{t$CmJ@$T-=~DI6@igP7cT2jOuwe%pO_r>vF$X z#ksK6H$W@VCh2z>sSzl?H_6ic`R~dVFnR(nEj>NV-jHc<>0_8) zDR3HIUXZ-h0QxLq!NR02hlVGQhEG?x1)k*jTX5y?hqcK;Cd+2{+Enr9Zo%lR=Vl2G zS6V+J_DfC|dII3A7a@>Ab8$Iy*-mHs{K!QhyKXplsba$1e$~g)>hplK7r=pij(*h) zOkIm{(V@GK4f&orKwMrNKfUv5wJ-Z35PBgzK&lkC*`|h|CCkTX0DY3ntpG&VF=3uJ zj)5~5#QHS>DgVzSu>Q)hMX(U(pXuaH5j;QO%lDVGOF7qDg>iFG^v%NqYb+y)SnTAlKn zHaTbD->+%m4|lHaY|1$Q|1K=8W9%UG$iFD_C*YYsT_LwWaq#4S|CToKPnYh~)GLSo z{fTX>U1Q)C|CMPo<-ipeWsv0I@-Ps1Zy(7w{EAr6dh#pR7C3holmYy3c@70Zj{*T& zFtP@S%*HDw{^W3!fj7?wEQoQ>xVUKg#6RVUTh%AELK{v31aN&Qt4=L+s}>l0W9y$R z-cuCX`Rv*ZAkLZqQq=K_##zS>NLJ<@AGavJ{RnKo;vE>?d_!L|mAe4k9tTf7&IS7n z!hk8jC(K%i0D*K?l?0Dr^ECdN-*+L!?TKUx5S-r#VYLI!c?<{jlV7>Q z8^NQJHxaFnpe>3&HTK!46-}dY;Md0T6!YDS*a8I!sp$McH}pR2DL^G4_+=t*F9z zn0{E~{S`vZ*YzlR)}f`&xu6+!G=Y1dnzH8|RGfTZ@0=gzml@mS?x6+!z_ z_oMbhHTAY1)b15#@TdR&uR{ye5R`YXSoGkyS+ltg7uN-iOtz^pFPO&n>*HyRf$~~c~`Pn^eFjJFg z>AVS!R7V*9Y|pGda*y+2OS5iyAMXv(KRya;2H5-cx^H`;7U zCElpq_G=Vud&L}~uXdJKg|CJh?4XHJS}*X_zlW3inp34tkk}8AAU!nnjs{EtIw zqX+a?znqJ|9zu8;p4@b3kK0ivyiCgz;ej>d%SIa0%ODT>Tg@0XU`j;mHm-B-ZZ?;x z@%lq*;O6>xd`RZXh7_xCJh`9wYVXcln;KZ`9tT_0=ZT0)Nb~iTZLkptA(m=wKg2te z-##u8ph-Wh0qZLJP|rh+M1xO-=@(^r(tqR>4c;|c1HKL^&fo{B>*Mm}W&15OB)?(q z=WqQK*OE+q(!1C$`qjg~_xBgBsN1)DeDzT0`R^ZxoV#Azmw(2Drttj16O|qe_YKE$K92e9E!NFdDdyngrxazbptgDS{Qt|*H3!yey_@_Ko9(IU8 z3~W4q?&h0)+TOn9)rl7wbq|HB@8?f00$LOEeoCBUU0CUN4l=g+H&ofBp_r#xFbnt1 z|FFjOUbp)(5$#|D?0Ylr)MBMxcqZU`UJ4|sxA|E<1iLJXKPFPv+b+Yk_tr@9X0Yc% zVf6Fe+J{9R&s{5wvt<18&fh8i81F z`F4u6ERG;r*1oQP4fyjZ1V&*Ol5LExc zZc+Pg^gME8dV7=oL6~Z&Ixc^a0qYYlTX~G``FfwE&6KnJuw8t&#FJ9NR@(VSRxrh> z=4N+*P&YucyIXFT8KwmOG)E(7;6b9KZhM_MAX5u5RFFjlg02+7U)@yoP_sKfzx=Hk z8QPvIdu5LQJARZC5{qq6>|1#XCQ{}q&~rC&C?O$aYg!d$b37CiV!_O>b2|{V;98Ka zg&ZS*h3SpA;m(X51mc^iN*1^lsV06#fv3ne`3?|$_o%TPHCA^PRc)%P%N=!fS4-_7 z<5PkzPe62gFk4$0D}<%yQbn3*o$l_ah3~Pke#ZC#g*O;gR1~{_+Vws zDv!N{X@WlaC%`H;74Dy31=Q2c0Rx%R{U+#>dzlEAT#U&%z%cws5L%z_09K;>rpcL@ z`w+DSwM~(iY_c}lhOK1t=8le$@b4glQp-MtX2jX@BqaaueE~ORfxW%Jv>N_F+5^FM zaFQz;-DK-7Pg$zW`%@@wTr4x#{mM+g1*g_3(C!vH#VzAG?2;*wts&5eJ@(5$2fRC%P1 zUNys5pDccq=v6gPd)LSYhcdIJ`FZdNF+#6~USL?Fv*W8|S`EBX;=Ot4iVNpYc#XR> zewZtg83&hn+>or#i z@e68q9}azDYm$Nq?s*eE>QX8ft=e`|_@12LSCm$}IuB+RGsnk;8dgPr`%!zCDWd); zivNd2G)t~ON$$`o^(WnHT3{pAbO5r++BeuTOUH(0_tUT~DCe?? z+P?CT5{KC*!l6?|84K|S{hx-XD4=QG6!PmmZ-{%B_h0TSeuj_LOIO#6;l|4gJ8?ZO z;zqzyw=dlw<{0T1>7jH@el&LGKb^D&u=nW^7<~R3ezT0a`+i$7uFDktRm-UIw9_rZ z1MGS2r*%}PG`F^~{MLF_dhSa}Hzxy!DnYvZZ;lNUqs3F{bShsmzL=UJvDyB^fN(%1DI5h{>njH$X*f z)l+gaXecyy0@CQz<0mb63asZ>Jk)Hg_rVXl+e$txnse%NQ^9%vQ>(Ez?Px0amLB^6 zDYmbKASc(cIpnur>>YZ-;$ro{<(VIUm95m{Id+btgAYFWQfs4^cVHSF)UA=gg^VrmhFpj=!!mMX^FA6wum7P4Z-9)XcXAH{BW z7D02|kSF`Leox``uCP0H;+}1I^VLKEEb1lbD|P}PJ7j<9w9;fPw8nYk$SuGZf?-RK zeKAAJsPc3wcKved5p^z2YUR}DT=fWD3sfR?t)(d4#BqJPApS+V4-D|j@f)H1*VCOn z34uMTlIJ>iAF;YuI83V&v#fTEi4e|5;5{*}{guQAZ}*#p6wmRVaAYKULXp2B#nzSN zIuv6IWBw!59RR9H^FzikWB6mKhnA?>r!(@*xZUO>{@0O6G9K2nQyWTS)>~~-DtJ9@ zc}9ctdfL=AYL z;~6-LTV7b0Tz(V!G7%|J;LHeCj0|+b(wZhre%PULdzYNwT0xjdR^T>ZOzG1G7{RO8{!u zdPeQX2K94|n|)7KR%f;CGjTHv0A7cXOw0W1_PzQ=aM$6F-=zL_)?`6z@R_Uw=zUKl zUGn%PP>rYw{`x>C8Yy3tsq@b@HOzX&h`)aFfuL`|^RgWr0xnzDH5O_us5M8tDzZ7` zd%AD&-R?*~og3kX{4~hpmt|>+U~)L_Ley&9my>shsBO`)*0Ore-l^}Q$awjwl!$h` zJ&{v~T7Bv^Al|Vk+p(~-*kd!F?P>lvI}NsGo3`(Rq>-kQ?Jf{gUGc^u)u3OtUlfF- z&Dw)E3!FWbgKU0Y?ouBo8kq*8WXqf>UCnzPnEq<9P>hcccpTtm*I44wCo*@V>#e`}ns=b(G#y z=nQx+YkS3c>1S&bL@C(r3N`1UmU-jDl-pHZ*u%2G7D6hm+(1EdU~%50|2~MDprU#K z>;*6o(kCO@2ZcZQPTzW!;#?lAYnQRH@}OhHYo}<3SR#T7JC%B}{VyvGYkO_8=3GPw z2FeUi(eI%Met&v_F0(g(g1!3f{aAnXLKKpG<4w6G zkI%U9nGcMb1*l`MQoPpD+Sf<91lpHfkXGM%+w7x`H>~>W*BvSx6tXG5a!#qE3I)wz zG5e+$uBoUVgx*n?5lNb4-lylWJijEI`J5+uBR){BOJFu}#UqN2{;UB{{-7iAe!%q{F@doGa2s|>%$0m^=y#-V zmU_LBrJ5i&`+iKhi-c~Ci!npzY+2ubjDT8oaG7+9XQ?><9x1Mh+(P&@`iGd^X&1kK z!_DO_WWm3_fXSA))DN5(z5TeH@5)kr_bfH%22wb2`Y}TT^39Q6Mw|hf&X{S6FIBAG zCZAc5L5jFwimQThA2l zgVa$1$pFN=7Q^fW`({IDGq6Ngt^4cOYw{&ae#yDsUgtB>rndX; z_h8h9*WlSvcH!$B&-QWziTY_3X}{9l^x)$-v$4_f#WsGC2tNT^bBlxIIR^`)R2&BD z7A!aIZxs-TB~3Y?o6<->YlfqWu_kGR!BsQ}4%%3|g5-I6MW!j+o#K@;&uc!nS*X&K zLM~}%{a*Q`IdxT&=1kxS2ffkMj$^{vS7}kEIzrhp&wPIzD@nQm7X=9?Z`PYep4>T8 zF|x7Z4<5k`<8VlJEn4x``Y_G<&WGxe>p4a6USHL8>xa7SC0{?kv5PQXPZG5(ojGdS z-Eb|V3rM9ir%Bl;uxkR3=*=Dl*KK_nHLG2J@VNg-c0CUERZy4%i)8>N#tcvU1D3tO6A6l%-3<{GUnVz{J;(iUs?i= zYi$G}MeP4-?7E|x%)V{FK^+irlp-LYqtc`(MU;+W0i+{HAfSVx3IQa9fdGn#B2B5% zL8{V51QJ@J(#b&R2q8pz2}QaPLf#GhbmsTgdTYJ>o8-%PZ|-;RIs5FhH+>Qyh`92R zC470%6nkSxT{&5ycBf+P;ES-n+9bQ%`TUfp_B%TYTh%YMNxBrI|5OZ)qc#)Tnma|~vszkv6*E?9cLX%QN@+3--c_a+#fZUEn!Q$*dxQA2j9xMadDyV4v3B+bV z{~twLVceco5;$X=RMC5|Ba%Z2*!JCKQCR-(vYO%DOj$2XZk9nx{I%n7IFHT@DH zm}9xJH;fthzjJ9W?tWcNe=Y#~B^2x+XCOzk z*$U0bOxgqo*-I0n1j#Z696c1Sr@7Gww!1kpz2n zr-UMCTM7|0G?GCl!Jkcd*VRq@_Jl0`+7i}x;lPBMN;)WiVMYVf0Z1kVoDo{-G<`xg zhuSW9%^ghe24Wo>!02Q%z_{zNzXPyXp9e7TJZ(4NG5%kWb&-5y)NYcD@7zjal~k4h z#NO#_lM)d2yE4=vWxuoijzlMe4(JPa`jQp8W90yBMp*y>Atu7aSsj#8ksxnfVln18 z7{-c);z1*|=za~w)L{u&KFEN&w$#TEGGG zBIrb(u}ilU6KDT$vJKrOV^yA{C<0{FzQ9&~4Kz##O^y`Nw@8hAv+|Wr6cEOBRbj%# z2Glf@PSilV!Qmxi|@y^kPy}2osLjpn#Q! zb49XmQ7QYEF+kZ2SENMu({9$ux4i z?9k%yb{7gCvv_^n)=K5g%KBe(6t11Cs7$+9TA&byfKo`FbzLA~i2YfI48L7_%u<^t zQ?q7Se%=);w;HRJH?sy68`!$V8D**llmh2g|I`^Bb5WJ<24_!LokC11w(qcry0vPklCLY5hiR?ZG0OfCIVV9WYwUSYF7eG9i-{Cb4(PKwo>6E9Q1Z`T zmzi!%r0e6rCZ_n%UH~Tb{y?N(X zzFvhA%=Lgk-S?VhtQ`@!W<=m=j`}92WD*|EeH>ALk;(RW zeh`d$X2s05JW*^K0!@hIS5^;=OyAeQ)IG4GhkQxBl%u-be0qm9OUC=1X<$xyenFyP zics~~K>04tB@3$>CtXS=KL71Bnv`s^A|VE%Ei<`v=(@3f0p)6(QK#za*DjN;xdTq| zMO~YBoD}I+5(ZrN<7^pQ{kVBOU-PhvC-C=yz$>ehDG&zfI3bi6&gG37XY{`!e7{I# zpU>E)YE`BP#Sz!eyJP&#?0rSU+dQ^ZwoI+M(PsJAcMpETpxkD>TcX zdCuI)-+cQ_x54=$YD5GAbL5;+<}vkN$zJ!~>paqV@KjQ0rg(>IdS;&t)=6*m{MaT}@PGPS^a|f=52MH5PYD`okwY2ZG}yg6+}ewLUM5cb zBdrysf6K5D0(Vx@#nS2pQojwlP6`+zZ_U@Q9?}Tj29K@6V>TBt=4c zp|d5gG}O$Rw|s;Rg7k1QJOiZYvPLg3j>-j4M^Fhot?W@JapOahyv73sAG=J~wJmVP0v1^cP>5D_Dp-1VFH=0==O z+S;pc*R|_hvL7JeCqfO5==Jh&Db5C~g-Tmp_SVB1oT-b^qe}U;1&eh7#N=)dD(`@> z&&k<+kX8GIp~?molyjxKBi|)GI6N;kiZxmCw_I};1bw{$>FvE`o>QuQR+C%xHeVIc zeeOYFbSIA`fHe$`xX#5w)+))I-&@c0qtEq{0*qwi+Hat86M;vU#;nUBdi4$XNZI`A zT&$;8LW+#G!ZKnv_{$MLH{=jh(8j|`;r)d;Ud6#bs#b}{ucSu3n(~9m#2~g<$i*&- z^2jb|%M;@0<4K(Tz^rnjSqILHukRS<5e;}CqXjn(1b#b!D-YL#Xgb9=)B>IcCH@VC zE3W9K9|k;$zd8l5%e@;94&X2gIvv_e0>(0qXuF)-GS=9yB&_b#F{RRjzuNST84D$9K%;S_b=r0v{ zts7q?ykhK5Zp}w8w}|0(#~^N1bL6YJy^m;2AdeS&FwJ`TR_5&lMoHlPFlz8Jac7Q* z#s`g7O<0yoAxCTOeqv<=NU$FPk`9fgeU%0$a%2qzfT_%k;d1#LAb?BmHw=$&iznvS zzi_Mpu0DJeivp{*HA{A!!dAQ!WL~dHfNkE)6dO12v>wp;XcZ~vzZWX^c+Zvh$H)0k zcbuYxfX71Jg1<|0ZBI`=R=6tgDdytGq-*P`}G>LQ4+Z zP)rBd{;)@9c%w~1$PVc0;bAZg77rLNML%8-33MTJfW!^A>rJ40(q>%$Gs zAcKw{?hk##N^s^m!=<5=62&?b?<8z8@LTVF#acwRRTv-d+g`P9 z`KqRNxqp7&xY}mFWddQsI;tw|idLMu1OKqHB@8IfE0n$LEcc#=Qc7ZO5?+SUfFJaT z;TgqRN9ELD#R7Y$qp9xanu{i$_p@Op!c9A@0Ej-IC}2^dn6i}y5xCZ*FLdKtQ;|8G zMXgBhtd@uId3RvVjXL3Xjm3e}kliFV(NJJZ+W3eC!5%Nii0Amyr=<8ehsI}_$Er)O=y`;ZIfek@UMrPdm4wyy+yMWSv(#H(X7|K>FXZ21c zt?7U$E!^E!Ij5RLu0j$p>Mq;n?G6!BRenL?OAj=}6%Io*b(vHjL|iDT`7ZKDhAFv0 z61#C(mv5}|W#d_(1t#cYSBh7cu}`~U2&Tu6C1aJawoLNjNpvaL;n2D%#=bKwVj z%h8o`LT%17fzePI#+b8q$RpUx7muYKRuWHsNQU)WPpu)yZN-Ac)l>EXb0_|xYlRVz z)ele@LC*pLXDh0**r1<`tRuIQz1-XzD>I+K)*t)9+@{rv9gO1tq12Zn$K9}p;X$Zz znu;8baH#cC!tKj(=me4Bhhs?u@~oHIz;?zhQHJQ=a3B!rcVaOQG0L9BAL=UGA7HBE z7Cn8hE+N*uHZCbS-rQNs*lvytXZ8ayUz#q2%5VZag*wxWH|nw4{5s3cZP6ctOibI( zNc$}4Ds)@~P_9Wh|7udXO9Eh98z^|)1!q+V34=&qgk%VPxga|?3}F9h*zWbtXGk1V zjgj_xmlxfFsw^aoS8Em5akgTF)DqF85oLw#_vvfnjYF#A?OX!XcE&{hv}u>ArZ>>( z>MZDDIuWnsn7XO|7c=b)lU~l`hNJPhe*#XVKSLAHY@irLNRO`8tZt8IjcyWP7+35O zy6y`_Nk7aASd3R$pHNdjSuC{_zC*xR=0s1y<%HVB!lx)AFZst>e*t@18VPXM1)03{ zRkx-{p|GtK6_Drm8~}I+`#UQPAX+$z?+(iGfRI6siCjC9ue6?{!Nknw?3iz<5RTev z4?~GkeU$}_bm1U1NBtreTO`JA5?n`>*tUl6hicvjWp`kNY_mkyDJv8RWZKd&x!p#f zE?fvLpN+KhuGzzOZtAssZDq5F#|EZ`vW{&k`EvhCob+2xJ=%Q08Zfn&*gdV>(M*^} z`r4StCHIrQKWMLxifRMGBHwt~>U%e%CD~&OY*SYZDXU|vfV~gmelo}s{eO-9HsUm^ zP$OV23ZL%C#3}k7vD*I7`&JYc{q0n|B;n1(U;V!BQ=kZtbpfF#AJJJRV9WJO?|0|8 zdzXPMqGPzq%nGPZ$cpY?=jRYt|(ujFW-lhLmi53$2~$@JJ0Ze0}~?f@Y{7aM|hUM-2mdJRW^rYX+d= z37o&*mXBbS_r06jh^ zWKz=@fO+oUw&+71*rkV`gFhYtO(a`=`MEydD|>zB-Z!ByX5@BHeQ_{krcFAMsnO;MjcDWQQ)p7C7eDtaKv99 z{@&}>2ZJUP`t|3L&wM*Pi@LUVvM>L*)#b#IhS+Z;sY}BBph?!QF+3EkN6-rMN86(A zK1KFeaY2%th#}a2mZSEB;B0Jjagr$EYesqOseXxeR5#)5xi#Ew`6j5Rx;BL$Sy&4 zK)kU?f@W{hbspC2wQX=tQbYMzM;h+>RMbt#VXl6~$T!K$BuAum3?y(r|4Xw8wBsze z)XesI!^h(|l#|b6-w2GF@7H9pgP-UNn|)$Y(B*VJ{P+k7fS$CA-1eT40*bAeKL$pD zxaC{KRdYKbh-8jk1gx1VYZk4|r&6~7&VrT22EC$eu&_WiOkj6mDVWO${!+g(nmD@D zuWp@|a%9D6=hC~%&R&r6T#m!40hA0Etk~A-H1SBC z#AmH{VgZ4N#tYd}IVa7tILaN{_ntA2p{zGG{8ca>7Sp;3I4>RUt&eNZIB%Y(Ah=| z)Rr7+yT`AST?HjfZGXu5^Wt}k?C_-}$V^ifBvtBkwGH^uw-Y|QbO?yRndBu81U$q_ z%vaPQU(7k|@lwFCQ^f9~`FDv$;ftu@KbyEry;nhJ4&c;yjeLHZPux5i?z}CEyhpcU zvl$0*|GF#FFWXoIVs<_83w`2}3o*3gA-`9q=~F*B#EMTJ!PBiv#0=9;)Os!eUha#n{b@koXshrV+g+v&@+2`m z@J1!XHSGKPF7U^r3B|hK^FZqZw{-;y7bFe}Xv16w3(z-hO)pjib2V`bQ41S=F7wv( zd6=$!j%a;TulL@JMvIyJ&%l!mEyvg+t>Ur7-!1GbXJ0XfThoSKCqEmi{A5So#23=F z?y;XYGa;!IN)%{5oo$ZKA`R9NIj3UG(l6@d5OQxlfYWp;H)DNe+Z5i+XUttK5E9N4 zz*dnd;zzPHfq$BVAHi^mSYmjBLg;=?4NsG;is&C$(^>vVXr2ls?nj~bMo7f z(UO&<5}H0+Tz1lXb9{NPaCTz6TeZbs4ov2rD;FW{ki^Ms1{wjthFu>IFQ zxBS%Dvt`1#u-)hQ8Cm=AbP-yC*1&%&F z=?U}VWt;ctxj$RoAWq_c!+gHj%PxrLTyg(F0ql79LdydliqeKDNX3XuerQ-JD#?nT z*HHX<`J1P+zG4>HKe_iF!^o)L`ls>%O}jFD@0&`({I^uD@F|tEVYJ{SH2%u;Q>Evx z_KrRX1Zr%4VIk;>yQ*)8eOjPUSfGQSZwg@|g__y^vjvZ5B6eTe8c3=)E1GzMMrJ)X z8B@yu6tPGkaIKte;?X1iD;~`MBe%0QRwB1_EKfJU%=_K)}J z5$WUJsC#2TABY?R0V+zU(oI9|KeGiX(w;CiQ$1^T=($+4_v(;mVwy0BVSl_^mh=b2 znrp<2#lu#+#>hgIffqMbeRm;EWXjuv$N6W&05mRW^fv-;)U#SYses`z?hAMr>c_eL zD1P+x*B2fR{@z%dNwkg6DHm0653R>hPi07{{IMb#zx`_tUlMuo)wx(3@NjhQyZk}u zYH4xPgo^IlANK<_Ikib^ms%1RPwReiIjd@H(_j%^U7aeZdS}d;_2;MbUT+8yk8YGV z+F6bb_{pgi)6Ao)9nSv~pHi3jM-mH5P8YLFG)Q^CBWWh1PrqYW$9+?g{friPwF>!U z|2*Z#^)lkVKSK4C99lZBSMwc;Y+fn4FOR3+P|BZDnNlv<`mypLWxVj`1rop1_r8tC zmM99>%B+t!wL}UBlu&Wr14vXrLCcRTI$l=)p6b9qdTll;WZ>J}YN#CRj{b)8D-B{lOLllt00xvBMvk) zuuiFMegd3`1z+o88gyhYN(Mg)jb-~7vB+hkSJ8yT9u_&Z7{33`i3}oK zZu27hb3WaC?$&&9tD%WfndFC0mi;BK4v+ooZ@3fUV^V=ds*4M^*bk|-Pbd$4jXc$P za&NxCFFhl&6Z31yn}r@Z!Bfu)2-w3E2}uB`mdYe7R{62N9slvkGC6_(*N6Jr!qO)B a1;#$-c%5qo+QnDy2K^5^*CkZ| literal 0 HcmV?d00001 diff --git a/windows/deployment/do/images/test-scenarios/Win11/M2-Basic-Complete.png b/windows/deployment/do/images/test-scenarios/Win11/M2-Basic-Complete.png new file mode 100644 index 0000000000000000000000000000000000000000..ae37e90a4fcc6fd1b88d31a758eeba192bc37eb5 GIT binary patch literal 109430 zcmdqJcTkgUv@Z&XQlu#&y{Jf+CP*hBNRwU!1VR%5=^(vCKtZGlgkFO5j-d1s5Ge+w zN|O>PA@mYzge2$1@7sI!KKI;z?wvDp=FE^u0wnW3ZLRey>y6RZRi~z8p(G+AqSn+< zH6$V;H3l9J$gcpuVeeii2A+t04AmbJ)eNz%18+zjm35Sfi0Trrp4(mq-cxvLnEL?# z8h!B~PDJfH5D^iIHC2_31HfCj;GgU!3%^fHcm;d5*CiyP8oKN=UBK~|BVs(S_K{N1 z#ws(FDkLbm8eOqC>jA$vS!->5o(jj9zT?ELsrSn5wvYcwlodn%os9e8 zDq(;2e!0{ZANH|&XqN}wUkhnljADIfY8@)6P?BZqK0DXq6KmDx#}It7bI-jKyE<8! zwcdHkNtmQaoU#sUK0+>7?!)Ebr_lr);lt_afKhK~rMpu{MY)|Za#&lAM!x2*=2)2| zP1y={FJ^hY6ehgWyqqv8r>DBS`;8Y?)u3$@!n0X0%Dnlj&R%`L>k@6zA}=mrrv+`8 zcvUg_eC_gPJg)l7<~i)-hp`SuhxZS57?OwC`)Q=gKe~OPXaDr1xYZq*v(?W`wQZGm$p7Z40HT8G8EDGc`2r{4tRqaou2I`+J>x7jDuxUq!R7Q5`hPCgnJ>j8htD-D? zn#iqre?~v3%o7!Y#h~~-4QQUy{WfcOVd6F8klp~65w?y(y$-`~ZTo#+n*d?0j$P4mg?jw-|o6v^H8;?Kpllemb2n zl(m!q_tO#E6*&*tXMJIo;%8 z9hBSE`;I|y?0`;%ej()G$KgTqbT8n2)bx=TV|&sEogKBPZm1f3gzShRzFqr_K@hj4S+y z?pkKO7p{8!9R?P97FxFr3hp=+Bw(U$@NwNW>)NCxM7LQy)~4Mh^gtvy_6AOt+abqQ zcJq*r65A)wX6p{7oM-XBa^V8_>R|lmqmA!sJ*jF!3;5lH1WuQg?m7Z`9~my^VJ%0l7!xX<&6NL4c zE_QI2$&s=Y=_Q{M(eKfHJf?fu(;sbByilp8C0+VWl>}^9o#NyyjZdNIT-ki%=&QR- z#tmSW#&qkjK(9V#$D#$0OcZ3!9~oK=59>PV`Xk(Vx^(0FyF8iT<1Lw61pE1L`P0>G zk9XGRON`4ZpQqg;j8P8Rt`@l=mwG9(skW7%1 zkX7sFBU6Kr^ZovE^bMcc&utSv^KP;2JR+Gn>8P1BVAnNIH+$J5R3^`+?GtsT`!N1D zPHQR}?}2F7bB{(;XyYO2q>M9tKeDAt;g_(F-p4M3_7<9uVRGzJ^PQz&u|RI()KJLD z{1T+i&Si6AVZ;nOMQEsug^Qld{dD>u7P1DDFvh32)oMFw?<+L|)=FP-B>N04RhnbD+MuFR?%A8q9qYXXwsxQ+;8_KE#? z?~v{Gw8=3H^r_wqV=DZZ_#J$Yk6HQzCS(v41G=rOIl=_Sz{=4l_qYb&*cQPXyv)@H23Dy*Y*H-eya))oJ zAUa1qOBd%T276^M#bYNbO`GttHQyRP=yvYs(mC189)vEQl~WdwMv#-bRbXt!OLS5L zm1yJH&c2>~8?0Dh(P^S~MKW54B$0@&Y)@8OjQf0Ca2QN0Mn@`j@e+h*+)30?6z{R% zY10Tx(qn1IK#?;QrRY}!=gMUzH&oR4fmHFtmS2aPC!FhW0(HLE>z|(UOE6xcq|6W$Ncq(cw}2)N1E)C&uZ+ z63P2og2UJPEfj~x-+^&*&&6Kxz8d({phb^VZ98dMW5rAU$@&pPIqJyl=P!~(z~>b2y=6g)}yV{ zcCrq;u-J@rt{PWwhE!-}p~O39uJI3)CZSH@>Z+qtYQF9e2B4-v^v*Jf6*$DE}2*XfLQ(G(6foe^@E zo3?mG8TM=|TSnWEZ4INauELWeHGv0|fr|mZym)NC>FdcB;mze3U($a$(pC z5)f*p@FeT^3&nUnmb?y|v%;jXaUH1!Fne6AaBJDo7R)$}mR;7inHmw!*%9Mz|4 zlgOpplqcH`BYH^6RRdHV&?uhSo1JGnZHU9l+D@%?u8zGgSC@Mt24ZvN{7cZeB03Neh5{c7^Zo5)6BpzWMs1Y&=@ZoB|H zr#usJ$3Et#Zfe9om$T0ndy88{$WnhDsO4?Sk%n%M!m-xH!**6E!M(a_SCvk;TLg}c z)A8-vl0H7Br5;hq2-W5gJScnY8(oJ1V%-r&fEdbBk^a2Rr>v5>TgZw@kWsl!WT050 z_U6@IW^w&8{PgJ5tE*nmT`?>~?Uh)6-DA323G@k}s|j|eGory& z+NtfGu6SC7C+i?+Oq;)lRwlju`+-`g@AM%{lVen$ZrO~~h=m-_IF>>KMG(_Xr|kzratm&7 z%3Xdkl>$fA6`d3}!OgqK0F~{H_;ay0abn?o%AcUb| zKC*JTqoOtVd)aYmIn$64$1%Nv3VtD*kO+-Z-lE;*m#V)FFT54Imb9NXUuGbK~#?pgP zD&pH^CMFzO$r9|;?a`F+rYuR8-*}Y9G%c~b&DW{*SX?_Ee4UMv;lnJ@7b+!^PX0Ki zl@(P@WOgTfM~}a9%+NX9y7ks%$H5Da?XM-GpF>;%@2~y5e^*t}&&Yok5%jHT&3UZo z8YeN#@AfGva5|nZFkplspXG$lW*W=mIP6IkupF5#Z*b^fI}IkZkpJ)t0ZzXp>+&CM zHR$E^d~GY=QmCG2I(-Vl&hB(uh5Rw`pRG8| z@&MuY6D@{=7!@>reLKkdO*gAe7nRRN{3hV#)$bC(6uwoWRK5|BEA}$c{>}MsxsoYn z$VsGN`lx3ozIEu}`$~a2(coBo=X~M3JaY>F@%^Y#n~GgpYPi#R@5k`o>IDJqr>y=> z6oqq~jj_WIwcEAsTwn1D3{YnCIGCjxj^Uu#X8DyH#sA}q#N7IklIR=xrOEMaQ7^%8 z;f4Nlfy1G<>P-TB#9XI4~C1Fm^$c&u|mbF{JOfx?2}@P&PSIz1*X%GEj%Zq z>YT;Uqk|TiDDF4%(sab6tBkk!G(;)_K94_}EfH^&2`Z#xinTA+egB!!i;=m;>^LY@ z++#(Qm&|ItlEcLQD0)I^Q)SRm@`>;BENq&sGGuxrX6>LJeGtX&n(ln)26J)C$5{|}wj{Rd7fdSQakgV>>w z&N8dr#0RmWaLSJROQSzN9&ATKPC+HmE`1q|G(D!X6IylxjwwnvFj_WHbfaBy^EJh#k_rcc15 zd$9|oR3^Va9jM91KVtcr%YvP|lAcf01KQvcy>akm#J*IBgh>KZC`GDa&g(Rg#=7U~ zBE#2(3`|UrM}kB4dq3Z+iniEKMh6l_I}F06jOX1d$L=AQZcdZRODEV_PmAo(8NUJF zT)E2;ve&)u_AJ<=1(kM~bF`{l8~_PyX4;ICF-By$&Kj$UCM@t#!I#rruN$Po}0pxmT_QziM+J~+OrjpZt=3%WF!?!2h)3@p*Fcu7wTEYh!y?1B1pAr$9RfM0YxlaN`!C720IO8d zo-iBlgWsD8M`OJmR$Q=z^V}2dD#Rtt6(r<8^pn zN+sXm@vDMyPg<6DmVqMn<}Aw}rf^p!=I+q-pwn54<}u-Yt_!TMWHd6y3+W@S?T3=4 z75Y;urwRmu(MU&z)gNV9HqGmeChJg-+)lmYJMQzA_!{yYG1y~<2;R-f>TEiF+lTX~ zLJ{8W(Z0#i*PaoDGx3b0f?w3TZSkJ5Vp;lCvAgF?+sEv0{05;1CEsM^og~ihOpnm? z$gWM$wchIq2yM+U{l+@xKq|YTE1g;BbyG#RVnm}2vOPr4@&dO-OPwbLK4VQC9Bas{ z?9Mmn;m(+c9>|VNzY|=v31eMtD>rn6w7Qv=9=#s$$E5dhtXrSP62O~q`q5^Gg?D~T z;z`Il9;9Mp@y1zke_sUrP=B*FCP-l+D+Kf%q^!h?;lq45_wUqB0pJ;xiuUb+zORK| zZI+m5H4rg#0tH68^HOIe!TTheckZrJ2KGus;`e2PH*Ou9$gt;M0<&tPvAN#c_^E37 zE-plc0ZKB%xUoWtQYD}uWMEJRL9*(%UNrl)52!GF?`(glcO1_9*(F5A?4- z#g*&Y#MBG3?rrxZBd}X*fkb(qs7F8L3+>)hzSJbFD0jSnJnNz7oN(nn03lUYh&!As zqMjK4KwdlRR(vA)nc@Z=kqswe5RDzJ1PXqezW-B^Cu4fz|I)bUm^U zJGBE7UNt|RrJ;Y=Xt8rRUU?}IX9p*Dw>%MXlfIP^5q2D%Mwb@G3YRQu`I;VBn3_*ha|r)3L`@Xhro(L;Dim3^PFjJsjrvi zby5Cwm#XL^Z~2C+CHYhGOb%e5s`O#v<4B9!WRod+=azWOkMh`uUHvxifa=?2PUTT< z?*xQpl2p>^Wu@GKj-gec9y`lh6p@ipZV=A}VQuu>@K1uXS zYaZ5u@SL*5^C(2W`^E(?&KeBx+a(M^MV@WuJWDGz3RL%Pn238MuQ2P^MPKmavKLRz zzqkhW7m(I45_bRd1{XuoH!W-xtH~EcdejAt?)=Nv@G%LWw(E@h7i-{aoio@lcm8G4 z75*%2gm)B2T9p-{_b_|^Q}vt$8`l8-DaO`{c5N@f^oM0*{G~` z1fA~n(8gX+%tuo{U-nQ--Ef(#(i~@f3`eCifk4A$It{xz@ zyTUJ}b|0Ug6l&!nWBgD@<9Z+k+hAGqHb1uuzV|b}qIMnsaa;Q3n*NJ{TaCfU&QO3c z2jzjUt{eee`Mbb_RR*8c@0zuBbGu5ncRkr|LV~};K%mPmow(!KrH+#Y!3XYh z(wz_-Q=k6`#iqSN9cZm_p>dfiw}KVp{$33Ja9 z8vhza%{mr{+{wA)DQf=wmlxL$V*m#0Goe7-D0R8BlU+T~LrY2K!_>&u>9mmSn5qaa zU3@EdIg4q3O~>)C!}A|fNH&jW@70KM3F(62RA)uq>X(z$CvwDgt@g7@Mp8`j^n^^vhuDL%Bz(Yge8pfT%_-U@L}{phdO&U^l1Ojygzb22z{tT z^v(^Pvw5`Sl;ZHP7Ddxf-Aw@xJ$^odX)V~Q%CbeAy5a4~-XFo*_T)U6H-eu(SIcS3 z@I&uokq+pXK`fYObb4nM00cVJDc)e8yQd9P;K#!v?R#IKtH2f%KgWUyXd}dfzAzJK z@3;g+{_vY}PvE&MaTJ``#Iu%4M_h2hv|J72ieKbCtjVg%x27j0r=am1LUoMGIoE4j zp>zGgo90PTBP*zGdOi81Jp1m5%hisB_vsTaIhU{mD!tjS`W|Z-<~iXsa{8SY7E(VA zuoO?p_>-(C%aw1v_~E#^nelxmJozWJ!%fsg{$PdAkPL6}E}RgiH3$d^v6G)-%G#eu zY851XJ?DrN9l*#6OiPp@7%v05VcsEje;UvdpYG;E(6`|rfQNt{M=a!<1hP}7RS4GU zOpY6mBeyTkZ1Hv!ZFEV$6BlH<^SlkkwDIzC+mLvqJY$qsT>TGMx!ptuxlr|X_%|8T z6KN;!xMQEZ;|qQ+sHSB#3+m0LdPjEU;0$_D0K=90#62+A7yI=rb7b3+2_>e5A9s1>mPkaqB=-~^7P`SepEa43#YU!+ zFd8;AF1t~Kj=Mjk;ao~2F{F651&sSoM~&)R!=^s0Wl| z^KJg6zV#fGGi3uBW5!=5YMfp|1!HjUDtk;Vy?O(BCG>B_stp5jQ|1`kuA{iVz_XW* ztM~aHd$esgA}XQ4p7Pc*Ptf9m{fIy(AhTI$3L*2>$-Ig75;9t_mxocP2= zC|#W$YOL#Ed;EL)#njufHmX?@v}KuioIMoFa;m-RVY84MVve{0=454c>1dm|*gi^~ z)xHU%vVkLq0V?zD!Y5%d9CUzsm0Qd^16Vb13P!4y z-ifa=SXknp*_+z^3}_pg;K%nTlt=__JlI!B2JsB)NXOpkXLcUP}9vAJIFn)m%Rm=_@9sO6q;Vrb1Ww zKnLHH3X}UWCTmN>;>OppAsoi8h3#m>(}j=B&jLfSsPs}OF6PMhp}$)guRWpmf{b0= z*cmQP2mcE4I~Q;Poz4yTyXWS(wC1&*-LF7yhb0&Qapmgr{O-(?gkmS{J}-kO{>%$T z7n8MS58V}rxTB|V^z)RB#s-)!j0oquk(C@5Z#Jq8%Qcid`)k?FZwI+iFNC9H8jKtj zbP_g2flc;k-ka?3W4;tQ+B_jo+N4%WhVjomB(Oa@!b)|Ts{hVU92iHg)m_G_bDU^Tf=yv zVh5~=qGGfb$DrwaUz!bFytY70RXQ1i1=x{5NB`bVA0>Il!0@Z$!;SC-no+Yv^({!t zpgb@cml-YJkCnAQ=*7`T7lZGEw2A0`%}nn^UnFZTkw4C@wF#i?R#@R z!wq@3SKH6ZuGp^?)^Q}tp1rU91v|~%bc9UjISJ`IuL>(UM4IWDm*SX@cOP8wic8Q+ z@v+V5=QFJgp7^``5;AIM-y&tRs?cY+g`Gy-KEeuKkp+UTb0q6l?UyPD+536DT_tKya~9HxujFHfGI zk?W6;C)A9{FKJnur{H2L2@)S?OZ!L+HF1`5TXgAU3+g^H*$P*5+Zr}oj`&5>M2KG<<-36UWL-s!C|4t=2~KLxN=!F z^;8d?k5;~exlViiUZ#GhdyCKu;)(yqgbZUAkUkP3-77lBd1fcM|Bmj8G3LvgeaN-Z zd!P;Dj0*j({0eU)j%7Ygqsyk(%cR|F?!VX$3byH62;Mf+?HJr15T!H{H%gJy@Rpfnhp)NE1_-$BG>$jGXq7dNxzZ~0< zbE|jL!930SR$`)bS2rk3>EL19!w3@Ib|C$idu!PC6#0CAo=bqC0uKdmPn~ypTI0>g zHZ49o83YMy8d3Mimr;%S1~V0qX!PWYOA9PojtZH!^T+ao`1>yn8YL_Q?{=*3dMAdr z7ig+TBMwgGYUX-LimVTJg-b( zQ28r;a{ZXysFYkMCuUxORCe7z;(bcvZc_St`T@orjFzc`g2^537Wl~T$0MRK5qJ90 z>cx`QYRNqGs3+h|mX}!7-uRs(837mVQ}c=6TThM+!>ya#=PBYf!u$)aS-zpTaxl!U z8u-Ia&^+(Mjkwy{hj--_W3{AahsDot?w>I?PsP6kOMtK`}POA+#Nanr0M$1)ewxEP44~{y7gTulaUSeX#=7 z6lVV$a*K7)o4D+pP%KF|EI5N9zAA{>T3>0Dp84|JQ$6v|d~LO3UP9A!4aF)?%0^=yy2TyStCm ziqP8;+=Vn{bAY|9cf!=#%F=Jfq1rT|cK3I8B)`U(rpVbHz>8<@m}??r(OA{IlKj~4 zy^KB&hqPzDTRt{HZinxtu%($xCaZh%EnFvnm*LWYZZht&9p*s-gPd(QC5jvXNctw= zNdwn;E%z-Q41+v6Hk(UfVL@MxU)K9=|5}QdT5!TiUV{r>y(z?}3!sX_z&8I~;RhZI zbANWdbTHNH;(|}A_<)kj6tMd7cJzf2cKqRjjULFnwCac8<&h66%h(&(Paeq5rTu9r&2UNf&`GxiQJkxbUM4l4R>YK? zo7>1>vidU}^JaoffcPDXb@!o#hBLsTyUwo_@qPTkxWJVKB%c<)uOmgVTi`_>E))x6D@tVMCeGjO8 z(_8R=Hpj!#(r4-&1_L-of=h)WgxX8TJ@UCV$6W8Pr;HiOxJ>B;LDz<~9j*s9IT{MU zjlZ_YPW>;v zqQ0+?ldHDmoY1&NgKu7Anr`uNq!{2$api<526?2t9Ss7*N@P6iU<8+e^#Ip=jkS%MkpGBP`eO>t12SEm`dsv43G~ zc)j%TqAC23$;Q6-u);}^{O?g0^Z9$o3JG(buXDC09r^`Rx)TK8vYvlRA~P02;2@4TTiTZn!;}bM_ZtzReTdLIb!cizmoo$t=QD9`IqqA~;MoR#~%z zj8K59N{`>?4GMEhzeg4fTzyGpIH_^jmZ8|ae-WKPn=#LB+ivH+78gH*KhI=gvKfb< zo&%Huw}d-~X<9{qcDTK{*M_Lt9iSC$GjI_O)U!TM}cfhG>VYZ9?o|b?k#uclQZ+_ z63IR3%*y}hlxKT5)oU})ULU+4ZI+O)&qwP9#Dc8t=PU1FYxMx*=us-6j=Ennw3>43 zia?x%xRWd091(+Ygxa-3ChiD+(nsVOA3Fik1qbZWR0DS?`Wo}+wNQ0)EzxlC1SOIV zes77Dd>?oD+mNO(#j38dltC+ocGc!^~qh{&H)RmZV10 zeeT^iB!GbaB3k_I6-oanW^TkS#Mt>{7t{o5ezFkk@h7`pi1w+fO+<@fhK3~KfnsbF zW?QaJlK(H5wv2UCx^!_=+?~|7X>-6u<6VvM?I|>+AyO6R~}Ro z_c8jS=6IA6;?hdhVYuc-(pdT;Lyt?OBI=;;4(45;#i<1#jWuFNr>CbmErwlUg*%NA zOl|Yj3{!pwuUE>7yn3tR5VupiD+HhaXZ_%^1Qc-10_mpQ@E-~vz#YX-c-67)7d9aD_uT4ffGVE zYnRJZ#bbmRI-0Xp@(axSOdbiepb!$f4xtu}u9-hyJ(>qHx&XA$i|jrkMcFQZ!olf~ zlmcoFttAygbl(tF7E<2##ttG$M}sLy4kLW~Jv5-%MJwt}Hk9F!X4WPd?70 zhFwl9#<-DLs|~=aUn#BS__u54(`Z}{^vU1a)H&mSM@x=GIdN)>5Bg@C-?jh%ODrzx z$!b&HAVBlc3y=qR;%b8Ky^gI!HFOlKI}_+RaCzLCEJgp}S7-#YR>U%jxGQ9@g_Cjc zr3slQ=Rp9{w%5vkJ~avC?TewdJD^T$c?oaLO^1N1Pbh)-+oW(XcAXcarZ1GaXHcHjW?_QkX6 z@fDIUpl8Rw{c3QDm0AcWJepEHuMsl)m@f?sejL5M(9t&C9_X_P@0a}6R5Dm)R#%WA zAO>Tl)oVDq#8t zh-$tB4uxMq53Z#y2k1Mq@(3JWC`okM#0-6?!E{DBzpV^?=X;wDkmt7r){LvZ-N6X6 zJjnl|`+gm$0(5p$Bz&xVCro+)Pj+nafEqwdTR6Aq+T$ulmx zO6U;1Xr=82a-F|M3nIf~DZ}nYH-7^IT-rWYlbixb+69u~pcRt*9 zJ|w^CS>v-~bVdKBKF^2+^+mgf)+GnB_(1630$&q35%g01xz5ZN@s2CA6u;<{Y%P}j zW1+)~M?m^-I~s~Xpq|VBw-Q)+W}tN-r2-k5@;kes+-zZacVLKCw5MkH{M~!Hw;+PpQ_XK8*M>sGsY|rpT{W00|zgG6;O#j+!8Zz!oS_00eD)V!b)*Y zHk(vNFgz5PbU=n2=xmxBkC20&ys^~tygl&GQ}`0#zt#kum(K5PrgU@ zjO%Su8(^k2(#ns1r6)3LE`=O<#w<){e2-q4AAzX z`Dh|)qT@HALWyUzTX#&02bT$VI4{b~8Wz*Vcdk@|N^Q9AvV*5AcN1{ZjJLUDwW|^j z;ud*HIoIAK7jE4ZB_dH6&F3vZ0@IMo^hKY<3O)JES;K4+9?33be;$~x)h~~W zk~E!1*khd8)cv>S06YydWZ9G`TMr$p3FiRF@Id#J0MRG~I*9?vd01EuP)?P5(Qn4Q zJG>~n$LNTok@({#{%r=eF6JWA<#6&o%-SM%CdZ+B_IgR3Iwaul|AF5MDy<^f}frL*o5}u zmT2VOQuGw2vnq^wU&uw9=E0;^gcf4VlTywL{WYK|V6rFYQa(nJsw#Gw zk0ofz%HK-s5|*>WFfVAM{4kd^4W;$qfZ{W&-_K3Fwi@_xVITJ4t0bjGQBVBH2EAuBc>q{G=cL2fLbSw-`>J5aFuTG+6~~^bS{>4{z6T$YDE53Q_4cr3Kd{fV*0j4 zNl7Oe`4L+7@Ogb`7@hWq54v~qj!dj#wjCi^h)XwnzH}O`4|9se*ad3nFR&|++>yb2 znEUwch~;;7Tzi^YynV}tJWEkK8FM!&LYjo)uw-ELeWC@k(Um@{FB<}jht81$pbGR1-9jNYeHG}BE6B;5Qv z0_rDVeNp!Og;@U;56rnlssA@XprY_EAowC%5y20br>U+gJn$TS#8~{9apl(h`1+qA zMHI00SvM;MS;XeGQSE6ZcMygV6k^b%g&WwwP9O#wUm3G0rHTX76&+q*p1UjEefDP` zcY-X1F2>pXcf0_0{a@k*m;VJ`c$B&J`ZKT;yje*K#&&V?@g4#VfTA&f_t#?RKNjoU zfX$(jvMxoSqAkCr{OEzT`V7~J<4AKv91OSR$iIELhnigbBhvVsVxad<4NFtc$Sd0{ zMBqIgN33UiJ6n9$!<=9Tu|;3)SM$c-sjm|=cnU`|ksJcaxcGA}(~b&VyMVq$USyH= zHl{iSoMxLrixN50QT$5U<&Y#o>iFw&#vP)27a8aK0AQ)PRYIm=`9=s7#7?{5vKs~N zHBlC*Af+oC@O#>yf8zLl0g%R^^&+|MDmk%oaiWP743L_NzQWuoYluSeij_8t9F>tw zZL#vAd_`7|eFgwIh`;?$kRvty7Amw<`&M(jF8TrSYo;A~2Wz?Q2>8M3kH^ln3W`8@ z=gm#CB`{N}dT&?bYrNFUXsw;9A`k(1TXcM2D+EVubNx;7 zE1pec7flK1!yNMd1a=n%7vTtgS9_qOy-<4S=wiTk=e|X>BLojzd66dgr){Dg*N5* z{I-iU{K?R!H1br41wX2?1mHdmXQQh7h+h^S9ljx~{8H13s>HJyCN=LfA|&d;)}b#%w7McbueG{gl98iNJVey>U)6 zFq7wOd{Z1HU)=`ksNt<8MGry+`*ZRAC)bq={4nzQNjDgRBDhJ-%+f-a&*EpVk23+T zj@^J0U(72x?8i>OD|H}WAiL^HLok}9gZ&UtYpPt%=7lGBWPq$mbjLUh%Dc7Gn5SRL z<}k}=eOp8SZez-#;`iM#U2vaCxdqr1H7lA%L8_4vTg*!0P3jyJ3J0h&?fcb1Wg}fB z5lksxuLyL(3AkMg2)p{-yszv;+&yPEA)E!CMUFDKgB#SCK?(a8CC^FH137M#pOs$NK%%q#8-f+ z3Kn~1MF4Pf2(;gF>aBB0I%_lyMti_wdtAEmb}x_zc^{^&!+S- z;R4&xaLAhhtr(0`qL1BnZa}s5x=cz14{tPR1>sABjss|W}DN#2e9VM!9bsN0+~^(?b!pjUlO*=hWId`TT9OjQcEsseA$S+=wt5IrOmg)pzY7& zfLCS3V%%X`FHGfj21$gFD`%h)Ug#rR;E!dXcf_?r0AP63h#7*cR;cwjyi8)%oUo8j z%AIh_@}lS~W%|QcLI`z)!`0u?zY!v-#{lM#Gnu~oBLqNKq9dNA=Yr`m{{R;10G5LQ zU=EG2*H9YgHFQLL>9@{xn0o-&0{REGkS~4YFjS15;;*bQ#?|cG$go`yR5B6Fq>|IR znB`Pcu;%7%y^0{8pFgC2TCD<{k=~g(_&LC{Ee9&?=GK$f@8$U^m;w9k`5j(>#i%jf z0pNr}X@u;o{$fe@M}YY_lu~ABEqjgCv{VQtJ`Wcnibu>Nfq5z2?EpF948*da;P#s`BpHmcBFk&Z({txG-j z(+}wOZh<%eQ1rQGAjJ~kdg`fWl|0MZsm=%&H_JdXf&*-|d`7eHl1KuZLDt=nM8Mb; z2Hf+&Zg-)>d5F@mW-e8*-dGC@N({+(+@1zPT=>!`2##wMn{T~-r-b7Yww+C#AuCDh zeNBwG6=Jhaf!digzvg;`xT{Jad;5Z*z_A3+-X|DNsJMlvU)g3$5z?>!O5Q`Ilg%{7 z-1J=MQiT1p_d)ZpkrgHfP=H=%Ld7DTgKuJF$>!)`m;d02Y}_tXNyB7>iv{(4BI)cO zLmF-FxBpi?AkbY^7$#qVjH*b4+XNF{*^bk_<7o0wzUD@RmcQkq%ar|{ z8k)`vaIsBx_6`38bp${k%gia#mltzjz(1V(a!j+@vBQ=`1q!Mh^3r!d=Th7SoLRc- zdSRFps2byW{e^;1EjZ$2vlFf?$(PMG<(p{Gm??PL&TCB;{-AZc$p|p*wQ}gthQLFb z1|mQAeEB0i%oO$zXpc@Uw2TAulLiHVG-N!KZ5}L)|73Q|Ng9*aNQoW3@U9xYV+u2t zRE^ejGZ3znf!T3}9aUNvzY^#+!n{&9G1mv0t4sjP!&{74SfTf|8#RAm7jn}B%quO4 z8|4{~98$F;OusvQ9(^M-@_v;dj}gP{KgIJElH?FzzN#KE72jyjdM6eFMl_0T_0nIq znxSuZeVG?ROqY<~Xa^Woezz<#<0|KsNWnx@AjQDuS~7*G<&l+w^0&+otCW#JNnoefc%T4!X#&4t^It;&C-g^kI9iD zgI+n0mTRiMd5t_%$WoN%Sw7vB(io-bXYV!-N*-m6JBV9GH_p0OZm}z8YGT!tGEa;W zk}s@ibX$!6)7_(m>P9RIdx(ym+ZwYJXgM@ZK^4uY&l}tY%r{a>{e7=nkb@LV5oG+2 zc#sNUKTt7nI5f3Xz%Bwf3UroI?~S(?Aq?FHu4*AZ|e=0vmFOruBDk& zE|zDx{ulg2hlj4{k^>|emZC>$?I}kJ;n5xWuMZ3;cAA!gfR5v0-#v4{y^K6XC#iKs zzw-v0cdix00^Z9LA%1^*_4#cC=uS|QgbdBn{~+zH!=mciux~)51VKVlKtW7EfuX#th)Zb_9+>7hYNQeg;DVrZ#v?NRUNe!f4x?|F~+KMxOuJ+t>- zYhBlQp1NY+@NJY=gXczb_X|-;yFijBnmN1pf=*D7Jg=iF{4>N zA{4Xa1r7j37F6g|am!=y>Vywk;+!lBH!554ElP6%3yzRML=J7kA<^~occc9AZHYK2 z#(^a}{_T8S8ZBYVYfOqmmQpyAa>)(nY%6-W|BDE-MvuOVb0~reHs9;I@;5RA&n;az zY_r3uA9TM?&x?pCFb-M1IqRqvL;ORd=Rl4e<>;w!aL>~Ste}xX+&1vXlU*I9!m?-I zto1t=zYK6zb-p8W1$1%xv!enOgvz&6kO$!x)D-q?c12mjsUr&7C953O zvJ>WT$nc6iC=DNabq?3m2V%sXq8RPLyAenFM&g?bY)?S?+$8nkArypk7W_Ps3XE9W zzWFx<9!Jinbs@7{Mb?Qqu9KdP;yw`Qqqq?++GpiUK6uVI%2*ell`HgDz0Npj!=!2l zocdfA*dE~C8?vH}BHR8&q7}2``D-{eC+e7cZ`su3O4URWr)s4~p|%_S32ieBRf3_= zRiJ-_U_TC*^UTk$ZRKA?scx0;*M%$|AJ6WdO`8>eueEG=MkvuZ^XXAtPP`qN9;Ug z}H#J@BS&@YI*-9xo zo*HbAhcbJpwN0^J(8TTV4BD!kT-PAoORv1ATYc|8Ro_?P;PSv@4wgrFbLE}1zBhj2 zm0u{02Jf>Cc%Or3&fwFb^xC(KnGjcnKNFX?UgC}8^b5JF_w$>8%7Iig<2%ChOn0pC znKFhZt*SJVB|2yCQm_}d#;_#&3Liy?3ROKl0$8W)F;sK9`m!kHVJx|*l_OK@$v|?7 zI9Z$S;~Dvq=)CQSU*fkTkAXG49ivN@g^{30|GktMFTWXBMM!XgC@khWGQ8Eu9rdlx z0<0Y7Dv3zo+Sj@NaXl$Fsc{+3;po{R3X-<#Ss#+)X7jCQ>JZ#NKXxe9daPy*3;vLn z_u(3wut2hF6Tr^~j?Z?|f?Y1zG7FrctnIUzfd6XFeLfP!61nH2Vx;ST%kGsUjkH}A zCQ0Q{kjp~kJKqO-?MKwf3T#pRy^O8+M3^1tPmX08)*6V^&U3rbD45f`)@dCvvc3FB zLeNwEw!dUIU30UD?NoZbKbG8s7Cm+#&a&=>RqUVErPk%(_WznVwMaqa?94vtkQI`u zO6Wag3z9W^6`=pl;x!Uj?0#s}HTDTGG~e|Lv`s+P@1UFmy z2!hRm%{W*XIyYO&oPgCOr?GoU4xdA0CQhC!To@9>@b5~4{z25OHZcR?s-hRxY)jme zgsAblq-))rA&XN5P#7?(oMlRutB+qB^>aKm?(R9P^JQBly^?r5rQo5IPhHS~K>_m{ zy`ITWv*6W!-y6~1-hMKUoS}s+!bkJ;1p;a>G34}gY5Ct?tZ`Z8fa5s9)hCTE&jSC( zJ_RG}tJcHE`}nDMug2WI8r@Z;#v9#R|9nqam}XyYv$_y@K;Eq|U!gn7c=ja(&8($lUz(cSb*yTQTq-LqEH^WJ8m zX0J}mq)C;&oxV%GEmfjby`=K2voY1tym9zcuA~DObSERtqJE}dW+E$Rnl<+@MtFS( zMzXQY6`yrseole|Nmm}K!oIWDaa~6?FQU-uCFcCNesyDdxlTSd^Sg`5c(Af$(!GbC zv96e{T9tz&;I3)W=Wsr}L|%Wg236v4wp4ll5Q(sduq^n#jEa9e%DOruITP=0TaiQu zemB(FJb`H|M(+*MWn=F8N0{dsE=|9)(ub>gcRRury4{4*GmZ~uPaAgh+<5!N3Vpdd zOCD#$)*fyr5VG=H#Z^A{ipCr^J)dx6_*D;YZ$2azv)2nPSpTr*KoOQ?Nz`__l22Iz zOcBm-EQZ?gRxaEA*gbv9F9Kl%*V6FV6OCSHO;!9 zl5O?fl7Ji|dw9V8%4+Vy&>YW1U=UZ`D0dN*W3UFIl9p4-Tu$6ar?lh&62`9!5Zd%|}M2`XXkDmoF`^GqVIeZzE#q>NwejLf62 z1ZXwfoTy-$tTt`-{RZ4R8mVOf+V=?b!-`H%yicb=_qOfmU`uCW_up2x3iSPH36a%z z??Eo@9yR#KJc~W?k;e1yz4mHnX(lV}G`eGM8a)BpQrp#7L&49W7P3Jg9{8IVpiEIn zCNXErqeJ&!E4jlJ0D`vuau%Jl+O>oHaR)$z%(x`sd0f0E4Ruf)r+{@u0Unp1880(c%xp?{b+_9^9Tvd zonI!*cVwdMj=U%mtRJKasLpxs837e=KGgxM@?kS-iMMQ2)}(lKj&L$<&bw2pzXntJt$ec$iGSxmwu{1SLX z>q*(uK1Cn7+xrI;il=F}j&P9msdlYGSUWwK$zQBpYM#4xet2Q^&*BAjb0~;5OLq9V zXzz_sq`msEX)ENC>+|C(%y7dcTa?gL(eQazQh!U5pP#B(`DE74tfs5tEFOVSzyXUn zrTN8XdQ@S7QxXmlE;Vv;Q)*ORrMi6;d^v8b$v~R*1D$ZG7Z)ex$gc}ZxM-0fnGmC=<7fJ6AH8W<2a3L~@O0Nr~mf2dHNQ5KIsij3m91r|!WijzdGM{GDuY$#05xhDx#VzgSWU_B?c_mN6vT#ZLTpa!J20LQF1d;2B9?yzLM_+=2xya zGjWF%IA0f>uno_r@vKgCAal-$R)6R5$NG-Izew z;k4&%NwweEVxH;t3lW-ZT{SZ^D{>Q_tYD%sk`j*zK5qCH!lO-6e6QWL^@P>9o5iK| z@UVAP>xJ|YOXKlRJDo2)#m1QUP1Z&$9G{;dDvrR-|2p$IqH(~+&KJ_eQX#J ziGv$a15eClQ)+pFEZZs-<_>+KHNxN~9yIO}d3{mF7>(DK818`KHszdqZc^vq@~f?1 z-TaNJR?^>XACR72?&quD9ug9OHLK%kNf31oiS#)T(zd?*Ja{8Kz-idXwVs4~-#VW8GrrU0Jg1{E zqyDrl8L(BVogvTDY)*Sip(nG&*CRabtn+kAyV=yx9scA_{_;>&n2L(H$C_D$`_^>mqrvv6eCpnKY8-_Y_PC{1t0S|PT2L!$g>KW zLa^dGVdL(yVvNOhtxXFl(?US}7yzpNY99GwY2C`kq40{t+R~9}p>tkqd1pL0V8YIG zD=}(uS&Mxq#LSCg$&8-Nq_}msDoZsa<>{Z&T7sS2u=J9UVDoB}mBeCys)+=Up68eL zQjaHqESC>BX!VpLd-^drd}v^SbZ+}_AIcGqu|CR_kYLNj4>Q~Zjycwu0`l0 z1i`AOvz!{FshWBrR`XLExBJYQ&7eZf&ZMau@a@7${fh&?Qy1+ekxoT_w}P}y--jAmTsPZFg~D|h3Zs+<&v*;1-IG5PxrerVOgSFJ zv%ig(X3;LaPk3s2bR-3`^D2pe$|8NdqM?HlM9+}cN&EIA>>@!5SSnj!mRSCgrSn!N zIQxJ$M#oMfVI3!)9KJ(UqN=c33@-FBXPF0_u2x(C1R^p(_JL4ht?PN2Vcdp*ZYstI>h z8kS79+u^Mj-DrNcAT68bN=x=FL(Z~1#S{C&lFKJXRj3&IJXQ~{daCES{lLK!s&Y}$ zMRAWmCTiI{$SY7K*9J?uE;EF8G&a5Vos8@GQEQ=wY!uKW$DZRQ^+7E+2gbT@23lf%%$?@lJqG8$uEg0 zh#HeOWydsz*Q|Dp^g@qV{VSm~%(qbfoRAAN3>-7__x#{#c+tsKa-Ydz1%uBXjuhxx zrGyER z_>UiX`jm5YG{Z0I4G{B{&2CO_NM5`DflD$L*{n&z5JZ~Em_-!h_{y=NO#p>Zk{3l1 z0&)`}cW>K4=OLHZl^_)je{~<7?Q&_g3Y-2ENp5ugR5mAyTpLxS&%qIW7Ojqt1NF5x zjmds6F2T4?w`RRHImyQfjB|6(j;GkRJWAk`M?~)RnTk)u0)Mnb-3{XJ$=o5-_p`?w)9NJso@RT}#;dI6JcwBxctG z*Zps6!eND))#&f+mZl1diLAu97h}xD^IvxSOv)c$2bymk4{{nb!rZ=GW07l+1{rzo z{!X}Z6!>4tno9O$^|yMWLwMY;71Q~HC))HR(sdPJ;GZ3j7-Apn z0Zr5L+rF3a&tUo&MQ1g(J8`1bD}vFM6r0m!FW`<_e8WP;-)t4Zx~r=DL)?j2(;?#M zO18H8%$@o}0?>{uaY30XPFSI#V z<#=BKfdKlvY(Skgo4GhBxR*J}1A@~ftf>x?GLN! zW`224%4%ZyFDQj5X^5J#3FLs>C2+8H{zdAkfkI2I8k9X!6tJ7Ad(@XCx^gq-aC+TS z&w92&vZzEQaz|()ReY@~6S4qlbhrL`UiMF5OE(K`+jzVS!KB;rb5jyL{bs>?_-MX8 zZ2piIq^7Nmp?-|>ne}uz|L`V4GACG+-zN(|mSL9^Lc%}A@|zfgJ{+5F@zwkv1%<`1 z3ft-X06@L{GCNYvik}1KyxMxe=YJ72YmJtPVe$!)<}EJ80hh zw(+%vn+)G(T(9D)r{5hm@-@&|9u?;-c%PDkfNVaDq~KJb_tAB2Dn3PLaA;eJ&D(b4 z0^9(^Z&j{xD;@mxk6O92hHbbXL(*@*hA27;T-B01K6edbdr(OS0XHU>w=#bI^W*l> zr*r(OR>f;jh8lQ-#*p{29tvMjxcuTd4LOP+8TG2gglF0)G1OKx8d#xW zeoj9}{W$)7_Y!Gx=$|04pw>T6!km`|+*KU=g_L^LAVORewd;3VXnvtujusb3yXFy; z&5Djz#S?Q*e-fX^yQB^<1EcSo9~zbQ$-MR}%n&VRE;eawaP*>UnJFIXafE+cN$6b? zWRY=ReZn&Ng4RW-Yn7vW0W?Rt_SLiVc^4a+xE8Y>y}-AnV`u^5&MnlH(#dE2Z`3nX z^M1XPeV03VvhjenUYp2JvD9b#kRk9dycK7v%7%#C3}G$y!g1MW)CW@4-~V^o_z9y87YYqQpP7vZpC`h3~{0+Eb& z$TJUuXqRG!au3nh6je9K*E!Fc%^xJbP%td}d3II77-5?*<`Nsc_qnT5>qYL6vt0az zCHt8?7WO_#-}r5Y%)lu~QT3#<1)fqWq?p3%Gk)VK|I#<5SM%RX&$+!W4++H|lz$B+ z#Y`Rfx%Rl1C>le*LOr>a|H!9*GGk&zxsk5e`}zQSr=kVdQtZJ;)gU7Bw(S%MHo_(GgeP`}& zE(h?mMM&Bd-PNP>qcqw|w__c=No3O$! zSi;UAdr2a%&gk8Sox^068#Izvi8?9smqu#Z>yio70I~N0P+8ZO2^&Sr z)NPj%S1lx6b_tIND7VosL^-O8koA{5m1J?==@_(mcAO2a8)HTiC+yXv80OZ+0LADU z0i`Cl$xiMYFA#pnWtA7TrAroTdjS>Oe*M}y@e5IZ!>}7URMV+J?)t9EK_^u@sN`^=-vt-7#L<-=bQQaNz_Kc z`{|Nofkp@uTNlfe%~@ZWQHpdQVih zg87GG`&6-J-=lh=xcLI3gF$ZhmQxVYPAa~RW#xW!w6}yy{aVh9DnD^t50gmULT%@P zH4cDK)l{?B;R&kSd~`bwsU`fLR9yWcgo&msbha%AJr)C0VUC$Fu7Q5!m;5g*3jJ@Y z&S@A-^{!#tH8d5%NSg+z%DVO(D>d#IVQMK3C-a$pnoH(IVz=}zP2dt*w8bJ}Q*h8E zm+JNMg0uw8!lSE<%yPd<$-xvyoXf)L((wVtN5$&E<)m-v zxv1+8{nd%(*Cq>We<8DMsS~rZgse#Dweb(8enF1bE4Ce#KX;rdkuD1$5=q6$xEp~ZEjQrU!R(aj)XTi)8Wh=w_RrHz^ zd_V6)G^a)OH<4SnMuDvnRs~Fcc84c0-N*)vF)Rx|0GSUze~yfG5$Cdr*`acNoDNv8 zd<03=Fg0C*YN}{(cS!L|xP_Yzgzu2P_&ODmLglmdnsw!ItgZ{lB69?pH{>{8&x~~p zY*NQJ^E_TP$^CF?R81y#dR-22Tn&VKc4h64?UHZ;A5)U(yT!$WcQbU*8d$vx5V-G? zM;l9Q56E-JeHsz+&J8V+#y1*L-8Rkm|^a5d|W zs%vyF{APfzt{&0~#XQl!BNm^+ySlDS6T z_g&;SobpmO^sBe1P?>7Sxh5Y-%q!C4sF@EJ5Ai=oJ9?kP?Z51y^#5ct*Bx9cuc7LU|K%k8 zyjoH8?`YhYrBpBDqrbF=iZWi*57z<|hU53G^4ZfA1+)nrws_NXGz+p{Z{&-(7DznB z0BX#UdUibezsd?3{6A&ILx6K=!=Sq-`Q+!)F8R{n%el{jQ?%#_eQvVreHHm(o7J

    | zToU%i@Shr00pUf5!Ln&Mt^<;)knmDctL+$89GT3cRnh<`y%0hWof!2|P1Y zP&-j?<#*vA8p+;!KI*hkuY~Vjv7rGl24A~5HSdB)B7%<6(PsE9Hf4ZeKJ)Gr{@cNv zDR=stU&k}a6ReEj;R(Fkf*^+SYG(D-K)54r4%!cU4kA0+4Bu@TPuVPWW^N%X|D`8+ z{{2omIkK}01-8OAEXT6<-zYIFpUwh(@>imY6>lW@xnMB(gC@oc%&!UszJr{-*N*rpTNjxBIw^(#MtIK`LIR65DoR8|)CqI-o7nO=F%r3LbI(A;S z#T*MAt8byl33tUYKF4NvWJYMLl{vp1eVtknipt@}yR0kgNB8KH;iYQ3hJze1k7OWz z3JAl4$a~b-uz@%h$*=+pxrqUB_ln-XTdQ!P#AQZSQbcuuP71OJULVoll!mGVCTeK$ zr33RiZl4xa&LpIC=t^sTePuhMN}_+Y_!VeSK{iVtd{}wU@CCgK$}9Iz0A5v(fR||5 zUiXbTW)uB2D^mTbBqP%(%_=FrXw}<<`KQajc2;@z0v*A73*iv;y?ao}cYG~hvM-kIQ6%BbK>wW!RS!kT8gaMfx;7^%Kryhb z;Fl8RbZHwCwC9cCo7pQgIfg~sK+(MWPe6#dHzDpjONKh*`+YDo9Fzw2 z9!k~Amp)k-Ay=}w^Lie?#}9I+@ZfOQ%3iC`O-~B;wmmZT2mMwQ=!K*X0k8^tb~Q+z zie~?y!o7f!VU}1D4tFfqOCAN?v#h632jgmFp*dugeCdrt_x=*qY&2s7)QMVo+Gx-DHkP<{DRnEIrmzce{-TP9;Mwe;?|+5Bpz zuSrbA$WndTC45c@j<}sf;xZE5zus_IEO-oZ&f53=J@UWAN;Gm%AzB;!*5jIt7P?Z8 zx>B>?+RwL-(#q8AUFbyki8YntWe*fYM}cF~j-c6mCf1B{!nI`nuQ!q!0`HL2ZJ188 zx@(<~$pNtbr*%dm)o3r;UlSFAGgOmZ*TTAqg0|wP0^-*r31tt)IXq1W%9z0}qzfQ+ z*;DVmZ=V2#HOZG0-K4x7#kHsX^*FEQft(TOvAe4LO|G?%On3;kdfcIOdt&N&q4<&Z zAfMhMVSa%e^8uZ#-#NZ2)@*!V)Ozok>pEBG1gv$Nivg4;XB#Tq^0Rii2s1tCW4Jmj z7pPQOxl~zw9B(RBEApRbI7O_>46!MNXN}Q^M8>uZ-taRHR*o>#bQUI714v~hQsFwDc3n6wZV{gj#MAu}f)0~r3qa>Z0dg&{w%g z?!`E(B_Q`clT4iWa<&y%buK(s@;tX-xuH~Tbg}+oCM_F*WWQ3aO(7*<8l;BKzAE>u z44b`+ClR%Gq~6wAXCCEOSGmSsnLf4y;8FSY>1W}X6mE1=o6i|SZ3d$^nRr-}p{eYN zu`jE$S25C=WM)IUM$4&f8#Dq{N}~PbGcmu%V#N9pBcyb=Q+U;UMb*y8=#m93M{h%! zJ?J66L+4@;Q^J3$7UUFDtzFPMJ&Q$NEXF<0#&Ruy_XWW95?v?n-9BKf=bnX$@+JxM;Fv#CFOKp#hb+-VWD0gL z@i-iIskgkqnBulP!!+Ub=d%YuZlR;CYPIXDou~bW-9E&c`FxFivj=qBW*y-lQ^L+4 z(8&A!S2eJ`W>wI)N0q>PCcMNFXOo#D@|Ah*O-FVbt2jckrvZZJDVHu+67~6|BxOc5 zW9b;RhWFY;yA8RMx*cY=41|s{EoKN=JYH*KgJyNH5AZtIyIYftEX!@o1rTEU z$@xRhlgrmWy=L2Jux+t323^Le@|3!xSB-x@;ND*vot$3`2|^e?gIW9R6LP~TNz*4A z@6P=cyX;peE5l2?^L+#YJw)(?m1H^1Y!W>*CWL)`$u%bV`cZCOe@_=4EN7Yn@gv4U zHN4aP1hzo7RSmy9UJk+_#ALV(D)5x~8*Gi;UR0mwzOxq?cSlRVe+NE0(ukv9e6-&+ zMt~5fQY!j0Gupy3BC z{bnjO`JNw4U#1vQ7oAPOo?Au&ZY>0oa7Nb`n37-$-It+Kz%+juDg~}c{3!+6{*(gf zJ)b>FQ`YOB?yR!oiEW(6bvuD#~^y|zI<+ZtT+BC55GLU^7V?Tt&Ek5v%Xyy zwhwknypo4pfmuLj;oKkLL1WPlG+2hL2dV;5tRR&O@Mx4sg(#j>?aq>S=P@BQ*i*b3 zX;GjGKQnSUom%zl(|qip0C1o;0#ck@1T~W3x&W)Zew?`9Lq^~Mv#XcKRs>ex84YCo zq3JpSHlPdc>~ZBj2kr;A-y?Pt)Ne~I1kMptEep7zP|-ZOt&a<^|4Z3L^*>d@;J=E8 z|9ML9&?~q9KQG>s!UnrU)ojdv;2VmYP_~VboS7Hk_Fj)8K85T4b6uGcQupfs!G6UKkBjt7@>(O=QG1&dxE3qd zXA*%ZT|Fb+cP5Qel1opGDoLJ5dDbUl_IE*aKUcrT*$NJ z>p$d;cPU?)8sMD>@P4!gz>IkW4(6rz`Q|OzD>7h)&W8u&C3aI)0ya9^N9;hAc{XhK z3S2}^PQ#)m0!#qbQ8AAR;n%}_(KW4p+c9#J*^q_|N(#-BJU#IOAS}CcL{Ap<$PW!P zjNrcc8@@k-tMM=$kn!$>Us(s&#~$hJox<)%-R%9Fm!O+0C`Hj3k-`K~drEl^JANCR zG@QTs)8_1LdLoAuJOMwOhP!w36mT$HAn<}@kp(D^=VjA@44gZw1>8y>09k7rS|@T+ z8t`BMm!l&4GA~MJ1zjv%C)LBugRe$3r-0rDjHJ6Oc}C8IiqLbrJdlohsNrW@dPlo) zSyWcOv9B~q>-)X-twT!OAV9Z)9WUa?n4f~!-t_M1F_gSPvT$VrV{Lp26+26o@t9NB z)!3{kR>~Hij6KfDehO&Rx0)Jw31ldIR1ltuZ&2UT0_O+n6K#hM<{=)*DUTa13(c-1 z>`|28z<&bK2G7_>~%ViB37t}u8ZTW)-A6b5w?ER@y!vuL|#}KGy;rjRK?vPLfl^;M)^x(D>RNb>)N!ptQan z`W@a^lr}%Yk{EB@IKpN)BEbUhe0{^4q{iqNWJy53wI)JdC=F#r>`nbrijRKA80i?A^dQ;`t$w=!IDDS7lvV zR!l8E^xi+UV$w`6KZ0zP2yKk`^^GK+(67MG3z#dN9Ti(M7z{#q-PNem!0T0sU2Y%p zQ5Rc;?@jMqr|k)9pz%3$Hk$ul}@i#~}&-U}r+ zx#zpL^aN&AjL*MMS)uL>pH!tXeAGB!89Y0t7!}tmJ`_=< z@fG-qM>BpP)v3CEOh72R+F7B|Eyt3zBJbL-Tg2n==xiTTx2cDDR`ePN-N_zT z_BF503ghu=U5wqUo<7BliFfVgb|J;k^vx&xWISFe;3?wJn`eeWeL~#GI$EMUQXO1& z{XxDsUueMtW3p$7%@zzit*zhf=)IBh+tZ5ADeuy~6Y~{iA?3qDGX%DP+MO|Sq!Bq? zH_KM4w+jeaP>PnOq#iAB7Bz+o90-K(pXZ&<%4vkNaFQbKB>1Lq@9s#ueft}uv^vxrE zsvqePzvLsSx%PeKx1SrqKuxi1-TKQ=EWH|P;|cj+uM0l7hY@X}JAvxV{I<)|;H|u} zh+J{*xXLLU3+_z<_8)fr?$6Cr4GFdeDkI22&>P#vV}ah{s|0@s1Ua4uzZ_gf7WRLE zKd_Jde+AvGzMO@Fj@|>v9RSUUZ~$GpO5IPux|mTGgz6bf^cr z{OAoeJ%nV_x(?WcZ_BTw%V~uDVODWL&BW0{zfG`rRDi-6sCf_ia{|OBZ-edgF1{)B zd4LI5;59SsAe!5k8*)N-oH+~TyD++wla4}@v8nCqHgB&+=Vy-DbU%OZZmuz;dO;F? z%X(ZBd|lF#V?B?tw`UUSlgS$qrBU2zh6as`-FasQBha}XT?ysSfxV->>3QDEf>UU` zMLwa@9LXY3@^!#4?MAv(jhEi7kdyW@mzFV~b1fbcjBUy8hvsHLqjEm(0}Ep)IQ5rc zSza2p)RQqw%EE6fezbs=&#=?tV{SWPX2imqZy@V@4I5AZanNTVM?S)p3NdBVw^^;f z$eUB6Z*m2$T+%lN+w*gn-&fKH^}t3Pda$(=(U>aw35ri|zUcKj1BP0PAt>sZ5cLu! zdbOwMMp@OQ6KD#z-7wTQg*tR?fSNlzTU{VAS5NBn5gJLA(95yICk%T$F}o;?*;Gl&mq-*<(!xoyw`Q^^NN)cH6^ z3V|Q?%Yo=8;J( zpHYIZK(#BPsmzQ5q)~cZ<_Tr;z zFatJSF->rK#Rvfh( zO2R^;xp6RP$(pwLTL^w4ZnVibT5+@aXYR_QUMaa zopfV{mRYXq^4_FwakRyr;9fpLfn1aE*RN*O!E0%0D%IX@VdM53R&d0==UG{kHU zMH`W~eA59tZkELHU~3CyZS24YU1M9^i>Q(i!BJ)i2b|CDBA@9lh$@3+!b-5vDrf={ zckdgPLHT)Lc)ZJy3 zJdhjK`BUL+EvmG#s2JOHIiP_Tv$xaj#~LHKv)>BQwA#PLWF|k19Rts;rwZ}@5-sjG zEt+>h#%x%kS7P4QgCPxO(r#7^FjRvHCtwbOCKO;wO%YI>v7GjK%p!i8l)%%W8spz%A~d zkAZj@p^b|Eh|yJQFCc{VM`kOx?Sqk2++h!;0pH?Ie#;B?5!v+$54q1>LIoHxey8{w z{s(3S%m{n2QF?P5zD9ZV#$R22H~J;s@BAQC6%pskgsi?|)Po81PtdY2-1ZF5(#Y zIKyL8A&`!_rEy>ROdZp0{K9zsT|i8w_mb}BgY1_qFF6ntTd}2T)(_?mSkGMg^Xr$D zfD7NtTC&7H#JK0pkd>iF=d6kU1J!$Krjs_+GTy$0p+1F30L*v_K-@HA*Z_{YQoYUB zF3wcz2b<{81l>piN5ZR%IBAY*Z81WPzTC>mnzjq(clpt7mwJ@&@Y?FtJ;XyW3{zJF zXSnfo3+zLGL1~wrvCXHX5R!JTR%vaAOeiSys29pFFA4WJlUW#LriaF z$x(gfp-HX;Ya@1?l*d2^)Q@()&h|Xdo1g`76?L+Oi;v!D4;t1ZcZg|*yP6Ddz)QQS zE|e!j34=zCFAz?29+r;1M`scpDWarxn)6W4q%1(qXwy9{hzWV1`u@^^>xDaX&NCqE zg8_49@aMrW?WhxiMjGjZE{*$MBV*j;m^tVWX#Ke=Foc7g=J8ratL{By13auSmYqyv zCbM;h9=v1khhP0n7mSqrEeL`(5%*gmByfDVsMJn>*N0xhSV?#eE|3NT{ed*drH0oz z>s+0~SOv5^hA^(s_zu{jMtbEOsGxrrx_kuioT>ul^IOUUSCw0ur(MOSiGz)OlR46X z>2Rp$iHvzjs5gnE76i%t22w5bjmNowtNpE5G0lQi-UAv6{S5$AC1=|p;`@#NAn5;+ zKmTWsVuqE^q>|I&(9y*l@RPt9Bc>f-seNjn^d^j&NMrXn(2}JFTQAS<`s^(7qu0Cj z@@~Gn{Vc$&7^Qx;{?-N^|y3j#o>Tk^Mpn3h%A1IB(f_WggL?K>i#X-m4 z<_a@mK>uSil(0y4xwi>=%(S3=q=8^=riS?O=+obA0Ud{_;`<+;%3VJzMA;R4N!&GS z>8-jmG=~jj+(704Al@;4Am%16;RgK*9gtO%i|}y=YUQn+$2fWi7NMZhR_zSLnAKpL z1%6AA7jG8SS8mE?T*X5D3xz!nQxIJoi!t3zjWX8zaSC{NZ;^#}#4gAx;c*?ESE#;& zs&4rcKm*_Q(DtnjW*BskDT9`DiS_BU{D_A)FQ{I2$AHBtXPpXPlkU5mS^m?!F;!XS zR)^Xbhr63i#N6_|Pkx=;Jx+5|iMo7rzO__i$f(vedujWqJQivqJ@NJFN!MQU(b|!Q zeOVnV(de)KV&dX|3Pd_?=zViG-vURG#0}Bus7hSkev0TgLUyDc=uuioXlh<`3WR8o zRzY{yfIIIRIH5Iw`3`MNFhif8=6!Sl!wX@=F%SqP!~`6Z=H*p88Sxm6lTrYiSmk6*6I(;liBQi(z0zzhY)=L(;9jqC33*!!akV{z24SJ0Hwz2*{dO=D{ z_cqNm^X{1J4?iFiN47t&jKk0V356EOT ztDD7NW&=7OVBKEN7GWSOd$6X` za;Pj@`m%9C3FP!dxfO*fybdR4b3W)9ehrrh`5DsBnR;N`O?0nRDx79l)FkG`!VVa` zGFr=dWuyJjUHXvHr-rAv>Pj{s6L^EOf>btB1pbxfvO&HoKaN#kFBCn$tcF)nn3RjJ z=+6J`s5!4fZJ5yfcG8Utb97PI!E{Oy%xc_JB3rdG>y=YrdxM4+fm?4PU)|jgIsx$k zy-|!0oHujQd!C~tX+b!+CQ5r^z4EQsA0`UvU~oTMm^V4uP@NX?KPn$AP|*1cAHxj7 zl$&|lK0EHAa9Kl~1*?)@+_9{bLZG*f(23R5y&a)_@b$mI; z6*hiAChF3D-fnwlJcXYD_}J-Q^1+>9V(kPCd zXI+=n=^KVptJ(N!kB;d^Dy)!Snb^3LH>~wBTVVNkDe)R|l&I;QY3wE^XE-2bN!Kzu zpQNA>?8qOT)1p?O;D-6lHerYv9FPXh3vCjH&`q&0i{f{J_(7((tJ9_Kyt`qC!-f&? zC7?C5msPPkikVFmwiUk_5*TKBUfved0r8~U$MxRi8w31;&*njT!T^6(fa z#Jq2NZu4=GN4o>#pLT)?O>R0v*bnTn@mK^)3q8U?GqXv2Im=x2w7ZlYkJiw@oJez9 z)pT4bx0>S-k;=g!+3I&)A@wgSZpOajF?E&d!X9o5WKJosXAd$Tuom<+ELoE7W~_ja zq1GJ=|2dL+=_ZPJk6D7U6yvQc0b2_#o*9Hxshd!WX6zHV+FxM((LsXC$%*P}6LmvL zJ`9+UR|nV25S@+>r;y~dTt>IBS83Dh@tDbdCXyJ?41aj`IB4@w2;c05F8P|_TeIVy z!%s#IbeQI8_;Pa7(!j>!pw`DBYg<1(fZ?RbqL)e3kv;n-hh&i)MM&M{@s>JK{FrZp z*Kk?~N*_K&GQt0%DQVh#&z`&APf(j;yPrh#qqQ`3{31uuHNwQ()i#uFdvf^jrcIg* z($&g$&_NS-RGeg|7<@0YpUxY94 z^99_c5-@yuo4itPO>yelON8ojv_eF<`-d%vQ6FW@jAmB#6AGGV9V@ozNgEqh^Uw&r zcui#mipHx%M3!rT1(>j}{$Z5)LABAz(X#T{2w`xad+~uaQq!RU9rIwwsrXeaPye=Y zx`PTj;ehM+^)d6N?a4Fi&mpAnK_q(fAM+l%3EvVY%4BKXqapUMUZ*Jat(lO8Y4&!7 zFed)^XXP6?8Fpl}J>w&cs2#N;4!hU2ib4t1Aa7N$8@9W)Bk8o;Ja`Zdc7`BBD+2Q#j?op+N_vbO;JLM+@tfP70QEdUVZ=KS(uSmbv>fTKP+f`W(XACmx zVGQ5oUN-Qr*2YYVZFw%@uDtvzjeZesj4MQadL z2HsRZj{aKAlu+^s7@Qd7v659s3iiv?c~<*6#dTKa`%gYk=H!Pt@$vIKk6+CXSMOj% zpINHM`p>|9V#KsakPH0+1lMusu$?J8-97!H>L(9b4Q7f7KGf0Pejo55?S0xkYWMWG z8_DZpQPRym>SVnSGjUt%_!gd7OLNOIGjJX6suSZ&#oc*(+&kvq8G2Nkaao=DJ(CZ$ zugC)1>@m=Bz97do*F{r>Vt*P{JDMlt<`g)zJ@Z=@)!Gx8t731`oZ*q$|?L#Q*b z;J&Jaa0ly&?(KS;gfD;&)u+ou<=4J>+q=@pK-Z-Kvf>SEfhMA#3|nG=xSrt3rl}&B zB>*jpgz~HDL!o~d8ID%J85!(qv|v6v5bM^KTkvzH(qA^Nkk|^_Lu(S)IbZRnY2Tc< zYIYzD3YYe&KSn>=KbAh8$7|FaS8v8a=Lzu2B`PQX1@DU`d{(x?#*W_Ru$}os=KtTA z8UL4YAyngVentJyaA6OKsSidkhuTb5d^CO|WbkhXpLS2Oc;(Lb&8=-v@wOEk0pFi$ zt7tf&(bHh%x)X4a&h4Mu%Q9ShpYmTw3$yCk<2AQ7;4d8h1;)o{L>^cFasTapP<_`( z3mPQXWqFf$} zz>GK~j~bNGZ}32Xlz%vUGZu^>`}e3O%c`wCFx3g>MXMh^OUew0K2KIhcHOZjeNXZX zAM(CaFtoRP{DYN_`5b^!fh-J!yN~~D8xPKbX*(*C_yQPHlF5#S^8TY;->Al})B=fR z#fE<}IpFMX7vOHMy9!X7>Lmb?-pid#mM61xpy_F8kMXF7^h#ZG&50#gK~|R&gv%fh z4YT(=Bcic2>ksiLva2m$57%bI&YTDC_7@~fQDg7H$#R?iD8iW0+-1zK=CDPKNN5hE zkyOp$QMzU7zErx+CMdy~2cD(%SX#gtS;pOHo8Vd2p-w+=0*CnZ;MM&dvmyWo*H5}d z$zZ_X68uBf!were+GC;uUeFTAetSCt;{{HmZ9q95rjTIxy7{jG#=VODfkfKQTTpG` z)KJG9F!V29pW!r={{r6YlAU*VT5PWb$^B}j(#TrUFEy22HL$?H{;hHwOyW`D21qH~ zE1phfLD#HEL37BWE;rHjpS%@h3dD4HfIV7w18RP5dj;5fm#vklN`2-8@qb$uDxU%^wxJIh+^p6r)dS;H9(z6U3VVu zNQC>F#hblb8HiLTVp7Nyr)?%(oaPb-_A~9@mJ?ch?ZQzib6H*T*Bq<)wbEE3{={bb zjp~1c>PHRmjfwCsbP{8+5(Y|$hH?+7e08*8@$~;g+*?Og)%I(nN*IKIfOHvjgVH5} zfRuEHfUrawq+39dF6r(Rq#IFEYN3FV(jANLbI*nPKJVV|{`MK;jPV`*c!q;V*P3gt zd(L^?*Y66K{=2_TH&<11>&Jn2XvtZp1(mS8ny~}TQ+1kg_+l&3uV|7esJ@sUE+?bD z3XP}ABBVtFSidpjN6(E((XE)>@Uj{d?=~%CP!6j?u`dYCLG*71aHB zs56iH#&UessBRnB%ptvedzL=Fcfux`r zxoPqljW(p$D6tPK_!o~CSb}&XYZVJpbT$*J?nBf=gBG3#Mejh4WAW_~Q5ol}{wQBu zaa(=5@TYw`pFcg*6$E8jO7T}=wp)it8Q6faP?CMug-MM1a`Z_)KejySYEVUXfi)`% z^Vnf(P@p9@BM{KdMcIC5X?xWkcH^`8;ho1{qD4`vebgvhbH z9PT)5$yj-BFF=N46o17?hkqowKHxDLZEkg&siNjWK27&~vK8;T$xRO>_6NyeJMo!t z)I*Uk^!FYj15bGlVsbZ3`6`(h=RvWtgpBJKLG9f+rcN0>>SeMY~|4kFp zKy&DSGaAM_HvpaT6p-1}OG7U}sY zWQWAw{zye3_k8z857|l*>0zrRdqA7S*_%$%ZgC%5)fRtCgcqTDkkJT=kPxDH6>5j= zj@m^e$q#MOdK>YDd@+1$l-!KnzD1If@bo@LJt%dlRQXPcH(?moHKly zMjoO~ve3}?J2O94v1&W<{IPZBC_8y$H@!mF@%}}TR>8;Qeiq~<|1M2d=E)sC+AkU2 zu|NT^pd^#U)%25yu=ZpfMNWdpn6b`zMu2h+1xKeM%T{X2r@&n&JhQa>tUN)5`}2or z#6O)%gpC3S|3lr5jgyvh|KJlNvm4_Z-Q$Z1pt3SFNvC8ICeoh3t=m6B*Wby95wczX z@{L__@1s(XtA@rvPuJZl$MI%2b@Ys#jj-jG4;ILUAoGvXvqJmGJ6YGGFJV=K+muj) z%zVH~Kx++Mv{6}i_*TU8tZFxEHv(y_`2vhJZ<4R7FmI=csBq4_P*b75vneX^(NcYt zks~|N|3zWRa`Ugr!%3R*T{jt@ny-2eS$Tu2w&7A`hC z9_gGvp$!itT_nx2`Cfdn;Q^uS^6JDXP!WU{A1^l}C~bKvqv@$~BA(pmY~rHwZ2jiE zaGH0^_faR=N)UQL9g;+w4d2R+3!OmE5Uxb*ez8KCBWZWWUqx-T;59wKa&fh>R6|EU z(o_&oJqD=trsFS$cXdA?qa{Ppr#;D%9^i?i%Q68`sV*`FjZZv?o_PvHt2Pu~bwD8P zJ|r@teqCcMRbvs!b`=deX&L(%gdB{|zn0#tGGFB$qr}cLXe4>ZMQ9 z>wCJp_!pFU#(M+u%km>_`ECKnoIRtmo!l^}xQR99N1;=#O&To~Y_%qakI3hg1zOC! zIs&nU4TYxt$QxiJmPH2+A-50I6N;38+UypCctOQq8F01a1mD1!kr553GHePSYqbx& zPj()gkoW28AMeu->VJBl%+PLi7@^Rre1%1Yg}Ut@&W5`6MRLF_kc-8FI~q%E<(WAq*H`(gWaih7>K zy)Ix2qf%sp6D^h+E;koZV7}wDsB#FVBVcb6&*(oSo<)Qsw4;cTZGFGT;I~$hRr05} zA0@-sK)`ibA{MQvvusz}s^U)Mc1v2hvjc@u6@Qe2)qOBqZt#U{1M;=t9RVl(_qcZN+YuHUim}9b!3D9lC zqUgh^@iZF1I2D@aBb&*Nbe(`kKQNe#=N7chT7gn~p(y~3h)VKxxBfSEU@N5s-mxz; zjWXClP7ch5EkQjKxsXfwuB@-9B0VJ<^RYyR<8NVP;KyG6g5CUYDFwx~`OtpH1_a(` zPojn)_Mx#yhyeIxFj`_TK($&d0ulZPU>-BL0u&B*GN!(N1{#&A>NkaGd2eJZDcqJ5 zR5%Q|P0t0I%AS1*BwVWb#^z&>rg%W{#x^`kkFnkZ0PLy>2Jo_SR$v!`02#Uj0*>pl zeKX6M&x!matjW!mrv+|L5sF1anj@9vs}0KOS23DUIaVXN=ati|(i$KI3pYNN@r`I( zoS^*krvrLT9_}u^-)%_kk-3C6P`52p0!ZA_Za<{z>KeTiWBR5aX-W{_2=N3e2@A3l zEah4-_J7CK%X>$+rjH|W4mi2ZPaSl=nzs;+=*jz{ubEwWE$mIPQ$i|cZ=hg;r9-f}jZo^R4onk;sx@Ihkd0r+ zn%C3R776iie-dngF!&ql+~!v?c>QU0{M}JxFy5uiNI)J2IDFwp4gL!90ISaUL)xxi z&dWbFZ1l-Ly^O55%`@y?0E+PYLRTSs5^*#TKX`s>#E+ux5N$0~Usa!#77lo#EQg36 zHoFUt{TiC25z@!R!(M~06f)<;*1kr)K=mTM^Kj5Oj=X!%`(YYsUU)Ci=<)^-X7mouIVv$G*(%oI4>ckh*vN5<|%hMCo zDh@VoCEZXJwDIO2ZT)_Ri~Z6^X^TY1WL}0HY$%ev>#D(q0-DI2_6Q@B1Ysi2T&JHx z8G8wPzH@+Nt<{Azo@-x_$pImCdM?);2Je={5&4{#V!H)|6EU}gie=~?KHfgSMLj{Z z5xn6y6KVHsM1$@2f_=ORmx-1 z%T%NV&c3_p?^s`e-fKYJsNR4rmh0-o_5IE*z^Z$@`$Z6yk2HT32SLM+hI8RP@_(+1 zW5Vr?4RAN)3Fu2N)9dx~=u@U>=a9Y>nmY7hc0pod<(lucS?KGI zw3u={{3X^J$w!dy&x)K$5KiE@DDE)TMqZ>8%&D6~ZKqMUsUpgO2Hf5xIt`usgR8|D zPYZuHc5_GjHEv`rZPrsQ537mA)o&U}`T3+h4bydo!o-bK06xn>N1ajH;Yc#6S*#ou z){NyHd}0GNQJ+T#pzSi@>~MHWW9_HrJQfa>jNH!Yj9+B<>5^041=*^)2P=VK5>fpOnnck5nMA}U81Ao+ zFD(nDi2H`6VMa3eT>U+Y_$Xe2y-6ECdtZFqMMBZbD6kn@3>(FEYw^}s7$eS(O%NA% z&I@8CaNd^qh5>|EFy&fT@&kba8$zF*?~ist8NxlXK;{Ky2?Xc<&JqBrGt^m0{>R_) zycRaHYzWn*xWS&E21w2U$-E513Y-2?-!`9B^;ctOMNl@CX5zc} z1Niavk)D_{+t9*S5IPT{$!*zu1EKSUKI+~YfXYQ{JN2@nM^e-FAxNPFU4;+$XVrJwoItQydsX;aup6byM)DHv`r;?YQy|03 zS~xX}7#0lGyN4xYNEvm)oBu+mjsIW38!nB;uAxBr*|7SFMdc=!Ec%)pT2t?tK1d@*MDxcJ%-ea`*4$2Hv9rJ=f1?PQzd z5jWd@a%XX)28`fs2s4|_f;50|l8ZC|FlM;gzv9T>VX_E|FyC*I@BZ9KeNGwwl5BbY zKCef0q(Y8?WaGGOCTZ3AJ>u2{PI8}_XggXRrQiRA{nx$VQD6<)Tm2CU zH}l%Fb)=eiOHETvHu8}{-e^l^%r@cl7D%wH4#4ucYNTVxO%N0C4hfZEf^bm=o=sDH z(g_>Y6JUH^CH}T35m`T90i5^Q29l~q;ll_$LbO}F4}MspFr0+Wgxbx6NwG!4%E95& z`BTkkF*)Tf|RafYe7j?_>_X6cE!Z~2#0JUWf>OVb{Tqw4V zNjT zP87!ZZ5b+{nB01ae@yioEyHmZlWqz@XxlI)6S9l+Em@ecK|=2yG}Jh8Kc=vne*oq) zv)qM0`eHft2UZ|VDP&tSDjF&2NrR$K&>f$Vp959#&nxJ}+4g{sATmv~kz9To<_ci^ zJEVtb*oFh-2pG7=am_1s2N41FCG{e}?j%A3*m$=a zVz?;x{u^Ls#-^Ou?_w$;2o*jub16!Ay4Ht^BN*2BL~r4sv*K9aGQIlbQbn_Cx+zw$8fh$FOqwIs1eif_6UjPLCSk4A5*|Xso#t3tYJW!E;+Ke$t(j9qPN0W`qwRbLea2-nb<=G<5^nC9UDX1$ET#gi=+rHR84nE&(;6{A zRA2VGAgaqCqIw{SbTWfe6%4S#aMcH9@?A9f-Vn6jSzHS56Bw9vGB1F?JUYEaouyvp4J^ z5odN8Qu~5UJQT*$4;zu3c|iLpxEWPluE6EyH$ovCGtssqAd|)gRB;;h7-2vS?W>K6 zB$qpzeB9O~fgEx9v;;jMu?~n|cEdLYL`&jlo)i1mh?q2>(RbYr`|NAvlg5Wf|MfoK zL_B4Nob2w57FRnYrGx{hIm7#zPo%>Rn&`(f|ACsHkWiC!9g=OsKn9cpu5n^gp)%8}?mEClIp@H=mp8&vgT_i3}#EbIqcF^KH$#ZaIwU!jAQE_@T&g>xrO= z^Gs1v{^?u2+cv5Vd9>}L)FA@^WZD#UikCDSx-DD~xxy)S2}any!o|>a-pLLyIN<_P z=Don^RD+P+AS{kou6Z6pxZdmo8PVJB10%XWZ{PMIwI0yNZuKoZXeorcYS?&Y#ZXgE z_&pbd9{dYuQab+&XFl3U2Bi?8B>|Gckssy{IdTQ;xPMUjk9uuvL6gwFmTkoA_o}?K z8Q$%tv&VY?^<;uj>vruyqw=?TE;{Cjm%urR{+(ZreH?9px&3~%y9XL4-xVWamM(;c zZxgiGR5t&b%+YHE-#;RpPs}By74wZbyp!uT7&bMcY%=DE5(aO56qtnscojVuYnHHsfx}D)-|F_6-R_AAG2w6xS;? z4Fr1#bAfby9&9p~hp#OU{WYFP9i!5!6p_+?-oNQM`HS}_AhNU`ObS=}ow68F63shb zJLKdbC?awQ!Q%@qN3e6Z0k}Ni+3CNg?LF7M5=<{{ZtLMevjow!}EQt@Yj{+9+b9AJ|+$i>n4BtV&O0w0Q zBu)#)5S4i4(SWgMtWNZK`|%G-6xi4eUTeYASvnEe>8>vjAk4ou`SDoT4mY0M3W*n~ zhDn7&+`t2K$xJ`hl?a1i5ube9A#b@KuAN6)dE?E zF^bt^QcCys5-n&>{hLjRTAB!k3wF@$* zF$RXFzS28|BKPavB=AhxC^f=RV#D7`qcHsH6juUzfV( zfr)X*ruR)5;(^y3iHr@D2RS7lG&2drTNo!QhOux+n-595mtJ`OCuw&qP-3|}H1e5) zRP4Y2cOdb?%&R`l+|8M+Q+z^wA_d%pQo=xntMCGZTw6t*`ampk;yj1JWXA$1AS^`G ziMn0E-hH+0Iy;Fc6aj@IY@HeuzXrXhMI-gjc1L6xC-Moi4&$etyR{Z_+tm8Sx)bHc zo+YC(5cF$z7`Kx@ojEqVCZA(h_ZBJH=1OEz6(Y!}pXIe~L^>dmqV0@xq-Yxo(u(qt zRKY^ms(h&_)BR5b7|c!jo_pR5>%Stv53T=1fU(7T4Yj+&Hr(>pq*T{%wh2|%a5UBd zbe0M>6m|r6tR=pY_E(b<_`t(({`!>q%}1bE|JFhJnsyRaJY0XnVJ~OWf-IYM^g(`o za*&;6+c+t+?8e@?9ida6pMzL>c2W{ z?SWJmNQWKYw}jV9g3MdO_OIseBD8e*yqUa6BHkJ%sS{$dNZ|`54fmic>s`3lCqtot zR#IvZ&}s$P;3bF307?|^E3DUKzL)~0gQA=EO-EY95 zjRG7>^of#=IMj6lDGGy=zks#bQV61>vP;s&<`zKigRJgBcd$yW6aLFzLU`2IE+Ujx z_y0yHG5ceFM%GPUx)J)11SQ4*F`%t3o?r0Ja^`RG})H+iu3-qk}~3etIC zBXM()pDE8DZU$98>Tw>Rx`2Tq6DpH+8^IqXwp;pOary$06a(hkHG2D|xT8ZrDx}9X zurdY0XcQRYLD2%DcG6D1XW%%{fX4fSVcJP3wey7XbziItqS6FORNhH(Cc4HMg-SP| zoIdu%Z{L@a;52Z37IZYflCk5yIkUV9GHTu{^~b&&hH8}n@*?*(Xro3!S^Lmyo56wL zAl<%DP7ZGvO!Rb>wG8`qa$QJ1gbX^c1q}EVDDzr`Qp@ zK<%Lb`@W#8w&nhevsW3~>GXrBrnG6dZqP%zpaWx7PhM*H6b)k>{#wcjo>4n4|I8mf zOvL;{C>jifpQr4xH^rZzWm44eL zKiQ6J91Vm73JwlFE#0lZ#n>@-NSe=H zBK}4{TO58)+bfU@Q^k_)` zJ8_`mgz0?LrQlzdk%F(fxh(k-6zHMpx_0{S+)$(-*^u-PQ`mqFn8Nrz>`1oArV#ma zOi*Z)Fz+yUn&(CwPI==j89 z$CEKy2TK*YBfbmAIZUI&h$Q4hCi-A!L#DlmOqi(>T^6!rKsr8z)&YtRfPTHy@pr2I z*Y3}mdLc1Z`Ipo0Z#w9=gUU|Gz+d|R(z2KR>Ugqu`pY}*zUA)W?|lnc;yG>y{|>!i z4`KxzEp320i)eeHk4;`^_uEe0=7j48AsLS)voNq?4AmhI)dJj(as}}ZQp4TbDICl7 z)~Hfyj6u_0|Bh(Ji+>+dXT~9u|A7HiMF%{%m-a7Zo}2=UQnsxa_}KB+L6CLY@FPKx zzoYF2Y7mxo!AOrUiwm#83IR;zp;-L_IVVj&s3#|(*nv4zP_L(4s8M=b=sovGyhrx{ z3D*pXe4RyQ*a-ES0Jo*R5e1$5D!>*wgBfoiQZ8%bp!5-^<(~g@2}Kjo?a2_$Z8sor z&n0zJ0Jl|G+Hvh?bn@V6zaC@6&bjHv`NN`W#L0P6{A7UDO}qF-UW_j47f~_NlBc+D zF~ke(&A55(^>eS+Z0cK{wDT_dc`BZC!cOecKBrdltTkcAKjBK?+%OF@B^ zZ4}n#mY!1H<<2{%dZ}NRYwcy3D@bQ65bN2G;M{{-1(o!+(GOShb=uswH zt}#}$F=kNt`O|(-7V|M7XV<4oSyD-qa62+UQAzLeQqhVzkNg z+zvKKUqq$}uoO3FVmv76$XWp>EggsfGDECpN&uQ9@>-`!_bh7oM2MX?E3b30szjkyMORXa4jWvH z-gfQsLSmcRO*}ljaCvoSOhOcN;Fb1H5OF^$Pw>Gga6oqfNPmob3EYDn2iclV;Bwum z4`n5i13y+o8Oq#y20GU)1tPC4_Uj~>L`0iGrP*6Ld@9`6ShFn1jBqk7wBG=K?)_v} zANOYznNL1$S%75JANcl{j8btE(>|&Ah0WlX1%=M79+0B2GN~25Id@4fcB6*hNbFAJ z%5{-tLA{&z=-qUKh0l`|7jL__qw=cx}=X zj&et|=61mY*iqRt@#YFYiffJrERPMD~5 z=$0c1i=XrZ&e!Uu9>6=2_q}}se(Z~51m{e_GqkwwwW<=fT>bUR%{XJsw?MMiF2}I? zo@KT#k#DfbcO%{0-&QyXwn>%PAB*JXpX2RHLA1VWzGS46>A+Isw3VJf ztDU#$tW)=@N3Q$B{49u_uvJd+bbJN!r7SU;p1|Q*PsWo}Ydvr;b&@^mFapvZOPNd5 znjHH~2f-+)62NBp;a8KM^Bm!Rlkt0MeXS2^Bu!a2XWnZ#qG-7s%y7RZPYE-LIFRM+ zVd>M_%!L+-d?FWkoce84*)cdz2sv$1C*woQV@W5v3Uu$-kXiTF!eT)d*JruYAv6`0 zwHxyQ=FDfC1QBz5lFREqj&^f3L1(Hqe^PbVhhj`KYvpS6i@ktLV$nsCh3Vm0tHh|8 z45ME)STcRj^Y5^WlEUu?6zii6xzV)K?Zh69WD72Ty?WcdbEZ9XJc`xVz}iNu<*xRp zu_jNEKL^5cJ-1nlw_mPx7XTQW;s&Qi?8bk#`59yx@gT;HyozK8E`()w!u59^LMtra6vYCXKEg zJb4z+*6m>^><$06x0L=T<OzZh`BqZa<su-#SFl$_hp&su+k7Y6zQ zpWS@5^ZGI!W?#8p8sQ~B^EM3L-Kez->}!vdMMdvg*e9 zxtlP_*Gq(6v&ScEq5BBnf&OA=IN}IL1ICs$O{$ej?t=8JkfK&9V?wauS|Jh7(tQ}B zu*iY^^sz85EC-lvYN%;+NAf>AyxS%a6rQYYw~_zhq%{;T`w0AG4xSbk6s+VpHR57) zbe3|!`^WDVjb8Q5;H13bXT{hi3#jV5TZ=ujgSW9ln=33OQ>hi6T&cSg|CyNN%qZzl za3+}hVO6N)vFzOIK%UU0-K&Oj&qPQf?_hg}t*@_}qA)rS#>-$7aW{+R?;YsZ9&9#n zSJ4Ua((b)6gr9zXi@#2MxKe7VLA&A^90SW-+!6~niOf>E^=9X}j@7BTN%;1I zP{{>`VH!%z60bn$F0q5ovVv&!$}GPtjhQ_Ka;q#~6k#C*#{)R{a<9>~UrGy``2L;n zd>8HVb)PGmDGHGfDzBwvZKgb^enHR371Sd}`lFIPD_!0svN_)~k0KKyQ4+k9Tb2zyv4xd{M;?J+zzM>74wa zZ)y>wRScwx`A$1Z@VCx(MrHsq>2V~joNd!pgRV(XXm5R}jr_jYa_^>2tJ4n`YT}PK zx{o%9xbD5=S$k*ZJ_Aa_wQhOII3PUN+VL3z%(vpf0w-^`tQbKP~@XyY#t!M7sKy%|2hP&DX zU31b@H0g?Buw;Z^H%ofP0_LzEEK_7H#%Q(3@}qxW2Ngnd0X`3mdCQd?d!kmkFF{lR+#-dBo&x~JhlK1t!a zPbY7$Ohw3D@Y)?n2rQRFm8Ws`U>k>QRD@Rw?kb0y>R<@BMxh8rOEY>1$HW2DoX}+b z%ZJSTZcPZ7RCk;F_4Z-l+b{S^EPhPK}O5BV^;(X>oD!!JtC_T$`|I$~^@yH)Rv1bml^$ znDuKt!xHaH`$qU4-;3+}!6(M=vr(xg;E*h$bYtP&922IsN)|{LwS0l9ul*#;cqJ2( zJpOr%13Zy7ecyVj+3e(CtIr`kwX+IaHnx7yD%uL;*aY(sKy&+*sXAz1yzMT_G9{ih zQbHU`dY>`*T{^(}IU)CzB<6g(SVsK;+r8^XcR8Rn0H@BGF=x#(3jt`nJv6ZqNiw1U zi*Db(9|u%|tQCb}_IJ)T!`6X1Vx6S*GV^05av$~{N`3|1oPtUHPyTA$Vzk@J%wIbu#@DM32u%7fQ1UeCR| z@kqIaLdeDb1<_m3&0Y&Di^fQ42Tc1|IhMJ+#}fP=&+eh4DafT-&)%%N%c5KRZCo=8 z6P56=UhK7?WC;0Ewu*5ip=?w7&s-nvfN~i-z04mVR7a<_GzD~pho0lJ-W@Nz*=|!Y z6;|?eGX%*0u+MjaD53iNUL9KWT-D~Ymp51Z#h&1tzm=sqb`0swZN+SM>ne5-uJVqt9>f zEM>lYD=GZR#H7)pt6h8VDQuyaQI|NEyi7#X*V?}!(FiUP7uEwrwtmt==#G3SmB=gQTC8X5V>QKu zvSs(ao*wVd@Lk-BzXP08`2Es2_DQjbN^y~oh3}wk4jBaW7!?7~%XwzH^2Alh?V#Vi z_k%~9yE71ej1%L6SPX|Ev;#`UWc%>kKy>o5u?AP39-D1) znXt)3rmSoasJ5%~9FCoVR%5LEsbk7*bnEkvD$}bsV2JPZpil_ZS1f5=XFt30Pt-Sb z8HxJje_cg?dAx*BmFNx$vj-yc#Dual<0pB{5E^U)XmHdApuxNP>Nc#e&AuPr`976s z_N8>QuV!}N?ncB_MF$TgD2D~apsCRF_Qi3v_t-h|YdU4`VmN+e&{6(H`3DI$rOTRM zZc^&0*N2ICoH+IEZ%i~C*T@K^D5!Obp;I3Udmhg;K*ED99pb%lEo-R4#MHfT6keDg z!@p(>LSczPbwh8@d%OtCui6DSYm?b;1bVs+GP+mZ@C;LB)~+lx#fp|>_G)oCp}sM$ zdm=~-T{y{@G|RkT(FNH&`tYt;Lv=dwPLp^0f;JBu;)*klPPYJu0W)+yBX&N5n@h^{ z;X`_Ax^^ci@v67w>zFE*B*WgHcnAfvd$jO2e*;EaBw*~LaAu5v5wEm(7ILMSjs;0B zHujsPbt%`eX64Ko8Ok4s{xC6vO?MyZXPB%K`%=eN zAg=v*Kp@9st>YY_kYV88G>(<|A{5g5?Zf4~-5%*xKE{gFS4iaD(wTTJv~#9ger_JsWdZS-Qf z0R|X+&u6O*^laNxwZ)`9d{5r(^Uy_IUHxPjU!^ebx0p|!KdIBwa=)^- zp}~wtKShBg@nB=cROP2zm37~tsLIw51f z>74-$(u{&oXB7-}s*K#5qH>_!1;i8u9F$li?+CaKN#NG(9A$T9_HBOng3Srgb|vl?C}RZr@HyHDOUf7`(*xVHm4XVgCaG`6Y^2RLsIZ;ky%W z+5uRxZWZrSKvMl1EZRr>L}7&a>cZc9f@rNgBmLjMf3u@j;dq#K55t#`^A(1#A7kwA zce$OEUE~W#KF%Q&n*MJnlt2+WJm`l(>N4TQpYXzc{`X(gACz_u<|u@MG+~PK-EUy1 zlMeiGl5`5mLGnrbgiYF%D}eD!Oqi^7C`hPO9y&9P<9B!=NMzZcDmDP{15pE*6%NF5 z7)?87ECP;t0Nl&d0cq5>u_F`=PdEk0>sh(gWa9w^9*nM70g#EIZ6Oq7z}nn*$_ldG z?*FW`(6$HH+krCjb0Xmx0kFa-9_j+$`H7{o+d>ct*Vu{#w=-ha4Cs~z3N=3_U(fbx zay|#xU`v4Q)}AMz#w^dT^S_lkwl4bF=c~f?P4U-_Otv*of^y(8S)GTe8eG0S33$(RK)%!nB!Cn#7H)ZI zTe4<^Jsv4A4PmZph@1gLYI22YF`L`tvHiI-whBCFaYSAnWp3_(>_Y|r>VA+ zFB6I2Gho)^X*mj#-p+M?D&oWs2T^&_v5hOHaMMmgA zM)cZSUA&Zal&95kFuFtCcr;&>-EX7Pp|nJ$!|biHUzi(iSrD6*)^POXBez7OSrhAG z)wj*m9w%FmdF0BxR{tG}{wmIB$hEfRNf8L^93uEj0a|NiA^uW;@XLQGz;(nRzYmfE zY*#V_(Vpa3HoUx;tLg0l@B1~u(o2t3kM=hnee(G6@C*d$ zjq@L{*2<3Tb5wZY5WdoT{w??EmJWe#qZ?lZlN4bz4&%y8GC=Kr+fG7z0tU^i^La0M z%+bXLT|~mZyep>DtiIE8^s?!tAgaFVs2bX+q4(_&A~9a=4K|N0OdgBZMp9ZM6#F2m zu8!d$Lac*R+8JJ3d_o)HA7hBddHqTy#;_-5#BostyKzUDlRR>xXs3D>MWv_GNaE^a ziQn1$)1*nZYte+bQ^hR0^4I9CO`};!R9^j{Vq90P{Q4nK@>anJS9RW&_6aWU z2btPQ3P#N1DD?@8f`?`4sszUp!{oKGKT^wS?^3;f_sc2kIDZ; z1#6QgecZ1~HtgiZGl}2&8XGO@Ap(H<$m3FAlykvx)0ZO+E1Q zTEWeK>>CQ>lpDt@i#!A=a)rTJ|1g1lNG6a)bQ1_TYG4`b!V(x$XQp{kKPlj|1y6xe z4;m^|xIjL|ao5f%#W!HuJ|uToY|P%Gz}0l~(~OH4roURH7QiO0)qK((S&UD9o@p@Q z)s0dx-lb9rcYIjR*z`6tP1S%2F$Cm8W87=UHU42aPj?URK!*aq0hm!m>trs|kc0(G z*RoC76~gsik?k+R+6i z0tr{QJH6=#!_*6>zc?No?*TD=4J;SjbK)HzehZ&`1P6xI9`p@TY-0)^bJPVKC$~m) z+0K;*$+w0P<*9`bJdnyc)Kpg=R@ic*Aqa~!0@cnh-<7Wut0a=-_y8oRmhHjxhFj2u zt01B`16GuPN8f?(_CX+BI!O1I$WUA#U}5;qm?*|MNY}Wc@fkk{!KQIS;y-(Es!5Wf zkdBX!_o1i7ui@lo_PeD2D20`~(~P!x<-^8bOR>2g-Dr0NIK@)a^LXSInaWT*FKbYf z!HG%XI}J*S?aP78`0+!kvpnIrzX?PJKp^4_<5D&h|ARmj??%^($V6ARULE1!si-@5 zPF`=-AW>0_^vzb1+E`u=Ja_R4Jg#@%<`hYxwP05he)3DiqJL0P`xWLiiUnzzC@4rSDdEgA5mmCfDCa?60*u>Qq^v1*$;wSQ4vc%#+VSdIY@ z`j!E*nj`^bWY>hLUZNKaHs!Z~g@WxY3b}Gk3+nwa{7f0sRoID`HE;p0oa8fV!`hD+ zQqod?e?^6Pp(lZe0`$X?a+@ih6iZFshu|JqaRZsskz*T|V-fox)M1Pd$?oc;0Nan19JZ^#T4bT3}*qFfJTN$!Ghy zXYlAr(FI3!F|S>D^LJjm(A!W^_Fv|;{zl4o??D6G_rd@3z*Y_YzYlCN>_6J@{9|D2 z`QqmRqOe^-KnnwyVtQ4Ln~ARgZZR0zRi8;F!7N6ts$EYve~G`RtPIY)JdXPENBZ$h zcb!EVY>MrD^aIWFzB-G>+ug4-D;Vrpr8XpmQ!g+Xh=#Uxj_FUH+=mLaz2!vd6RoaIZ6$gFypZ zGva&VD2{6Yd^TJ9eT+b}Lk4Yf6EIb^un6>bprL3r z8+i#O6#}I1NU+hR*zu)(qpxmrhYp1g zeI0gSl{&5N)zG^;sgef~fG#UTEIcOc&pn7K+FDiw1mEm79(b^NY1;&6Z1WX^iYT`PCXQE=c&3QCr>( z*pb(dTaI1^kqs%UNomp9R3(;w;I1mYRW>`G!dO{^)%aeGYlw6Ti~}qK!z>DzidOiE zGTqJQBorgOvx-Q7p!XVI}H-(SlrLk;;J} zh?xUZPz^f-@Nd=Rg?8nRCs7EyRVRGfh$sh}1xM3pOB^)O{A+@-VB=HE5It#}^{r&= zK|TS|cV^M2lHlOB;*7O4^vaswvTdBHlv+p}7F7^8eXdpMhqqD{+%_IvmRYIoMTb!# zp8Tv)z1KL2c*@!LUk9{=deDHD{`Y`ZU`YkO`tJkUuSbMB|307{MJ1Hk3+S@B7|?!U z>}$|9(>j*gP|JNb+GWtR7%#rh9CQ>^imSU^tx z3vFK})L=rXr9aU1tX76OGFez_t%vy5Wy8iX1Ix~iRjydL!`PBv{cAXDa|bz`y#P1-ECbOcJgb5ce$9VZ=3(3`GyNe9-Ah3Vh2;oAHvOKLPD2xP&ps`_Q zz9u7yS#Z$BPhg6mn8e6rb)IKtWxk8nny9VpUl5G%z~f?n92eB zj!3wEOU?IQuTtcbN!4TM`}bXCLH%p!v$NH>Fk+G0Mct?hB8JS@FeX(n;((7rdU_zC zGe?4$^8Cekkf>O4-GPemAiMDEa}87BCg5~DD6zM9HY@K_k1Kl%?_ zhISWpfV@9EA2^qz%Y9HbOS%jM|b zgH)gzng-AC0Wi$WfaVz(=5$Num!lhBxnUg(SdQ`XG&!uO@$_^nM9TA4-cAafn)@eG z8cqg{&62?E@NRv)j>vOalcxJMeQmOs?-dD5BGw=%MAHmVP3uC!`#B<~3_qJZo9bdz z{8q?V^&7`NvVfK(n^8B!Z09#~%5Lkms#CG=ExYM3gVDtH`1|JRfNQIB9@+*EX9>_I zGSAh$eF`O#KgSikyRkEG0=~UWJC&bv0iRI(0>C1c0ME}LT7_it^PK&ROE1_kirt^m zQBjGr`=v^8YDBdI|MYYXeJ%Jr;Gv{CU0VjC=*{4n((Cc4NS^JoBeo2NChenv-A(6- z1s5Z4G{r4blE#8Ai#xo%=75I-3=*Ef)b`n#N>MaSRJ6s1q0saXpLZ;LrU(2hpxqgR&H$AjZ0q~&&knn)2j{TtsE3VFiWob3Z6nPF=@MEgoU;}`|}pN zpLP@a^sBAYOn6YbGB1yQHjQM9X@zD|-}))IYAB0`$=PHR9`wk$JIqy0B$fb>nCZ?4 zmN!jUAmfaRmyAG4`y#tw9jmT$G@{as(1xTwlx--PV~ z8`c0iI#3f#*Gg*uw4NbWx4v3WQ6$THv-R{fMRp}+hZ|s zgP<6Ai%&N;a!UXhEW|kax zx87H&E7=~eey1;bIvaa5s{YsmpW$7->={;rzwsexZUZwr{~{FFiA}=E3XjpY%b9_wI~9#d)2UD@6npnS+y8Rc>3)Pu_#<+~am-g0QW zfiIvo20To{dk4$fX}NMK3#pB(1wifZb4Sy*btR501rGP%(@zp*xG2YsV2=9#u=d^Y zRQLbiQKW;SY#~%QMkOKR7$qYjd#ez#vyv5}vbVB#_B{4h_NMIPC@VY1UdR3Z99`G< z`hM@<@A13u`*HWj^|&6=IiLA{zh2Mv8dU(j;2nX|>tAJoGQoa{m*VhOs-BuuN*k6Y z=FY(g8=_aQ1&R1+ar^YhwS%XZbd%26zR#Ujp;~BQP!a1sCuuX^ufa#UNbyo$A!j32 zMr%eE!zV&Jpz4WE*9AQILx!ePi>8Rp? zH~Eo={OJyPMmFlM5YIkFw9r}_o{z}&MoSpz?d37-X+vx2y-s|%2X-TIy3%B=LDTqC zQz&Isg?FpoWq4k@UwP5m)NL+vrwxl3H6qZNWFEK=ec4~O!|4HwCAZ&6UQaBcPAsQl zJ;NH7cjZ@)Qvo4jYyD!Rh>n;FW-4v+obPBrwN|zTQ1N> zh#3!u^Fg3it=)W3Y({&vC3Y)+(QrV{d7z=SG}4?M=!ESA6n>UJ`{GNQ@4(D`SmB7# z5pY`7jZOeEKOJEV^zhpIMiHnUX4DM%eO(i-g*1d-tdw&&ni{6!PJo7`y1r9uD*#Qz z2F01`>W!(!(*g?nkepDvst~cy>%A30SuAF@E5d!-!T?MSW)Qd|B6;!5WzYnTs$`~( z7H&Pg0bkiw^{g&R^Kq-+qO{J?qWhM@fpVJf0+9m_`iAF|Ay zNx!gf^IHpR2qa!v*swa6tuSGKF#W7FDd?`%3gx>AbazfF`5TUw3O{!OsW`S#y26z_ z0_L+C8tysfwBY$%AOUz+n%Wg-QLa<6?$-`WpydtFvy{UujZT`#lKj7!vx55A@>Th`Vk{ae`-1EfaaY zw>5kHi0X<$!b2^*-yz0I_8yYMr}N_h|CJnTQuu8KBkNq&oiE&7ms8FjL->T2_&VRx zs$o6tnH1AVnUGi>6{K#v^1mJINQ0dW2$O#j+PtP>aeDJH*|Zysl^=VS@}>F9!Lc>0(<%>!H2Ld7_%d}u4dE<`BJPJH3Jd#$ zRc3v>tfN9-F1&fibt%Pf%f{{5c9^^7yv=9?*z$BG`#$h^{H$!* zwM=ng*K-%|q&yZ#`N#SO-VB`1V=3Wh2^F;#$epC`mFkBg>;OdG__q4)cD%bri)ol-{t?{v%PZ-XJapf|TY%2ht`6|N$X*D_dWF?CA4w@)|}U?bH8b| z^E8vwI@GD0eU^ho*FB5wuwN}kZFfBDJRpz_Uk;9!9$LS}j|l9&K@mk6Mws#4r#Hk9 zK44bSsW@BlV!kKdZVyA>h!;v2ibowV3MrZD@Ju{#3S$QtJ@=wCf+ir`S0aAoWc3Jz>-+S$1K#Z_kN z`a>By8nF-wf2xOeH$f%@8FQ;@+F+ltcgHQgwd}9XPa~HvAa)z{Za3~3D)#=oyxltu zRJfRB#kSXi$7Z1to#Zy%9An*|N6U&3^tZ3B7>|F^WI5DJ7gIJRUuYuh|}oL@#PTfEL`|-m0o9cfWb!r>7prTro+$QUq!m6PVZ) zacD5jZh^_;&=pX?Kc|IhQEcxrNt|MA?L5{JYdkZVD*kilVMc=_GkH6{Y3ea8%$DNH z-s)9Govv_4`TnCHJc*R@3zJPIrp8~YG}(el2p61wemytr<-L+TWu9m2I>CWl+t^{- z-2H9Ziro7Bmf2kES?9oP#{e%W<*EI8HlH-l;MPaa30}RDFCisaVp@6-w)gqhE$&$K z{l%|aUztQI7hPqW`@PC!Jga|@pmTs#otR$H#kK8s0ZQEcSiJHt>m3u3Gx<@_(KjY+T<+fvdS zS&2_c_&)j`V(iOf4WC`3>Ol5#{dq4AsWl3IVMO~@p_LZ}KiSQZGTvbA^RlOz2wp}h z29-DQJ2^Nsd-!m^mX{JbH_zZq8z-$ceOS0;GPW14?s;-{yi4c$7m+-v`IgiBRucPS z*!5tm7~g!6G_mp7X`xZMW90VjL7ad(CL}v*WLadr3VT()t$Ogrt5{Ji0WsU^aC>@H0=i z#BqA;4<@DnK~c4xE_f$^<;3(MF(uqlH7W06ymT9{)MN51WPH|>BISsj``&(dO9-2( zHwSSdIbG|OFK6XMsHFh0=r=$1`No{LP!CgRdpKLQoww_AFuprqK8BA2(DBv8NSxeu zlVA}u4Laggj^#vzn~*jb2F~ZOs5(sQBi9584?r`N?IYI=mG#=`A(OSqTW^7p0T)!t zbE>_vv9jszm&y|JVIHT+-}OMG+L}lO-OvRKSmxJX7oSF&!tsGtApk(PYuJpJh1O`q z@Uy2N3V&5Jiwbp$t9D#=PyFiTd191EG$_G)D2au59}EBu0O}A-)LH!l9p;zaQq9bq z%X|A$`VwwI%*|p%av`P?$`=tewA3W_MXuwA zjhBH|xLm(bR8Q8|Je#`>80i5pI7!z(k}L1g zQWZubb%SlmLu%)9*LrAO;6?zCpqZg=sb3-!Afs`&<<|zcDp7`#ZITzU7XiS5hJK`8 z3;>e!N;7>`3rGwAFDpBr!LNTRa+%8_R_%RbS$E8xPPNPu3N2p=wXB9T%W<&ItCR=s zn0}I=+cUf}@^YE;VB)+(nu9O~KqfV;_!!vU#khHgqQj1c9$X{uCSeJ7HU=AwFlr~M zz}oqGdBDsf<$qXlB_cAFmej?mn{k##cN4n;^z3EEH%B=;FPaf)N~}) z-IsjNr7X}mFXa{_qErZXqJ=9^?LO(#80XJGx;`2IRTYK=Y{HJ1w#Lm>yv`9s5zi!` zf?g(a+qqh}6k`)Jf{<3y2%=CEk8GeNT4Pq!c9$)Sdy!7g`k-O~A{$ST_rb{XnPeXY z!6bOQ0_5uD6>+rNlBA@R7XqvP0SYtvk&#TKsY&1pf@nq2o%=Y7`kaMP>7!k!lmtfz zCIimQX$f}x zvv`eBOXB{HqtLowyH9T}H&zJQSQeR+>P#gbJ5mDfs@FK(Gr&9fKxX|mO(_L@{S?Wtx^^}Pk{#@tO_m$bMl z9YiHM8t+SmDkDrmP)iv4l7q{=#CXYZGy7T zaggP(QD+dR4$KKIZ7Nc~q*VaanN_`egy%2Q^ll;k`YazS1c^S zZ;{dHYl{<=c2*rIBaed(Q-{JNfcpzGr4ba+*p$71%>f=S?u|6(ZxlVhg^eQ3bX-#G zg<-lX+7sW&HOq6EyOa+JA8c|acd1-aglQ3~n&$m%FnN`m%WV#LhQ4fv(W&*4+%E+- zg}KLiPc9QLvEVA6wb|R?39{W#Wf^F(H7f;$ezk*2@@TC~xeF{X@qtB7qVE%7Zc-p7 z*q7J#oGpPrO>Si?r~+CA*M{)uhMhf6`njW4W{vdktx?zQ0lY$XS$hd+UXF8 zaHOEGB7ob97IOXu9wRMV=95xdP_0*Cixm0Jx`1lbnRZGXD>9UR-W=Mxl|fqd3A{JO zs#Fd8qdiyQ-9Y9O2)I(YYm|Wx^aR2V9?r&0-J^q#LL9DY+L5JUF0H}Pv1Alpo}FpD zq|!A~r=ajihNvI1h(P#A`_{*h=|LIc0Xm17)0Y9|=D zF?&17tHUX6YkuD2j8?@LIbwVr!Y-8$b&f0Ahdq~6Dg=ZF99Ymm}11Z!FjYBfm-h*{1)G zj2!>&??_XIJRM-_{Ka@dTb3A67stc=lS)JeeerN)1|T@nV5@W70Q{=M;G}7z7ePN{ z(*!u8G{m2-0o#LcmHW|aNIUflBn+>LI{O*^15Gps4$*!{6nFTiVyN76TmoBs*E)ID zY3B&E57?i! zbtr<0hT|s?g#l3y@X&B3m?zeKywGu(DO5exhpus3HvGD%-5*=m9XI}@0TgPbDsgIa zVXz-yjS~#YRmn=8?hvWGwWwCAlr;i4W!)T#focI{f)au(i@H&^CkKF<_aS8=8mCZP zaM?E!_nDhh|Bx|I0}@?+0cdp98r}m)UpsE9+|Dpn|9nK$bD^@ptW7O08rt!}oH$K+&`nz$B5r3*Nr|o_Jvt`Z*+e zy3K6(Nv}IuB?da8 zjNI$g>L_s4X2v!Z9ISdTM0UJn1m|AdNO@Kb zpse!qO9#CXE90PW$}utls0v_cL-^AkkCo*a)FT|mUj=P8hU8Nr{E@avWLEC$YxD5B%4Eoe>#9wx%?m7 z=T*{qF$od;S0`&m1~(ohJk{Rhw?RP-#_zzO_+dzIpZ;s!Q>Svy$ljMwy#Q0S#JNRn zn&AB{2G;7tF(HN7B|-Tal7?XJ(=A^wIMgI=!xDcBx~LVyxNjkyHbqB zOz?OxpBVRbVFr14l&clD-*8N;^f{qD)SLwpI&MA)q?^r<(zIdmClFY~foa#`X=()a zUZ_@gr_7C;>Cfu1_Sjt9=lPr}HY=A`6Ryy+@;w({=j(sDRrdltz{EFg1*2L< zgzGQFJiVaJ6OrKqK>HkMBXE2idFW*7&>KHdEw5WFG}YeM=eM&5fCp_hL)Fh&-i{IH zz~ps*P~7~El!zFg+F^rpE#OmA#aXi($NlXP6rrMx-5pPq&haJy>ojWb3iqq#HzjH+ zH>Ep%Ry7DdJh{aALvQ5NsY&3~{JwIOL_?bX)Qn;eiD~LFPb3JBMO%srS9Gc!EftMp zdI1d7+I@TV4HGi66I2SQs;n8H3LY2rX<1`wF1yZoZ1Fk05nObX;2o?9om%GM6Fjr| z8?80P`qF?-MR+z_HelCRg2W)$609ueVI$X^_E~B_HSm= z@i7$Y2sElj}z^3WTw#S$Kgl*Um5c#3BBva&F{2|%( z-GSiA03Oi>kcX-=+{oIPXH2#C8mx9!qkTuWoP(kD<87i?F-G%!&G2b_PdW+>=w%Vo z12Xc=--#m518Q7Zt}g}R8(=<5P&6O*TR6VQsDzkSD=3xpl6bBS!wUBqXm-(u^4e{TSb80nkw74IG|Lo)c&nC!!-#h>M zm;aq*^1u1*7v|!|kPHc^22ub{c)!G?Hwevb4auD#{mPP*G03q8k;0dbHD1R8o*MUX zvJB7xA`k9GRlnD5odS_=VE6S0F|P*AYh~}eZuV*e0Xh=2dK!)8_IF?XegY!N;Z9vM z&NIvd?=&9QF6jQ=N_SP7+m*R>hN#?PbRgXNBc?o`0s8QPXk@7m*iHXMnW=pQy7}HE zAh%kt?tc6u`C2E~iBrG>Qwgi1<+sq}14Y9xFp4jmCjCmS43oapR+(Kg=&5;Ir7^K0 z&M%RF=r++kUk;CO6QUE}>n4FEX=a>|0~`p|A0vUz%oNm)>(v8~KqV+jnE;gi)rR+! ze6843eIb*m9uV9EA7{crfNE-aJaNa_i+)!w<3)gA*J^c+8TyPF+DU_&SGI?;P+uL| zGqf#XW<60s9uFk!*oR{uc*y_Ss}l_GH9La=8TrM?*IO@k5>#`_<8U80#1Z8LIVR)wPSv>*>y560yOf82`nlB z@g=HJr2nr73)B(BPS7V_;YPUz&`JoLE%Q+))1u+@Mp|xH@<|OOE#K;{4tT1yEmmo1 zwqSu_WP09ph`!ZpI{fPv?93uj z7q02BFD@%r;&_G=GO;NwTx(M@3Xz2us%}mN>yZ1&eF3aI%5ijuH@&z?5MT9X_^V(T z0p*39+%Hkn2Vs$+f3hlOcex^^2+!x?|5XyeWKUmuDeup9Z!F}2*?1X9Oy~$w)LWEU za-8udQ`5bme?RR~>zSE#I4RA|1_dyY9g?aijr~Ka{+&_jht+K-uNAegP%pkevmuHc zXn1?>(ga^HZttzMo6I$qW~AzRqGN#`d9d22{7JXyna@Fe@U1huOyh+BV@NOj$;dA$%RS4IcVIdMXAZro?rPVZZ6-}$FXJykmsS0+f1 z!SOfy&r;5d>`p+)vIvT-Bc<3XvKR6=sy-TN!I4Kp3+PXuiM>v=#4atAr#fwiYmg{lQ<}5S6nEA%fppx4UhKAgT#{PbMhC&f{ zUe3q}%pT+d?$dIMb6LIU3fZ$r38u*78PLuBTj8Ok_t&8qqF_9FRWligV;-Q~`+}k{ z2AoCdze)->hCM-U4~-9Ny)VuIF6?jdxr3_swKLt_&cHH>oVVi0BhJpH&`D>0IQ9xp zRb+#O=t(f6shrFthtD@4Fdl z7~}bE9%|U-oVdWC(BV=q*|N8l9>?x~3DWjm#ha1EUdtDBW9EQ(VSPdcB(Mg|$D}$V zB0bzUCZ ztQit{M{FG=nte@ZYosAZ<|lL1)@E-)@@kGqM#jN7X+WMe7a(sv_d{_g)*VW-y}Qgb zxG48b&rHt=Aw#UcM~TVKym(Bp7kleb_FSS^`x+b5h@h}mFef#%3@%)~Ax}&R1;$#* zCA)*($f}N{#ilUo1{4R8C8Her5z>;Ifk#=jVjLq5OEE4MQUGgY-XgF`G&Q$B=Gnq@w5 zbaE2YXiN`l41Y$aHg&i%S@`rGpXC^zfTC3NTKd*0PyDJ=qp2QQZE=FOKP%b#3KD4k7ty3!Sx2l)JC}n<6f^o9CH(B$ZHM(F?cJM>c zf7*{L%!VJ6YcgNi1d@Z+#MjD?<>)uVXEVFB{ZD=Q;{{~fCpx@MU6v^iW3xQSNsr-=zV?8LbuL!^oSI*1?B}& z9jiUc307pg5-4jILZvn>IKFkAn<*{+kL8WM!sjnrUz`7;k9qP*c>-kJQU9~7`+r6@ z{tvX_;6oV9{ z-)G#et*$=!^hEh$Pl{>&6ky0DaKMj{o=r3pJcLRKWY_tWeqR^9wYQqtTCMZpA{2> zK!H6y@WzTAimxzhh}R-e$#z)$#u42svo_iHT5?Z(=A4)B85N=oYsemWR{rkUe;1mA z!nxW-f%#L%44^Znk81=E)i0{X?5vE>&$*q6Q~mI0SVLQU^Sf&j6u$(L6Tv1xdl~?hO$kMG>_#da z3WTQYnHzWMW1CiY*UUh)W~1UD=3sl|?1_(KvsLl*~B)WUAMFI<1=o zWtR_P)GM>^F_@u(T*+9juF0Uk*s=wC+Lg)uBZPuWMi3PL0wM3&Gz!Osq>sp5?Tn_Hyr*^9Ij$u_V`22 z%Vf(%mY#oAOgUXx5(Xip$+%|J+DT2OFlj8~MC__t`7#|~8_ML*#&g^2f^U)UGUag! z`f?c_e64y_pOe$+7IpaSxZL#=Fc@AN-8MQBQ}}Zhy;$&A574$5I4+0hC3P(R9sdO; z()|KOm0#ySiz?1nN@IKz3mLzc>wjg0`c$WZ`6G)9=OqPFuEKZKpU#%3<0buc!X*>oxwIJFRc=ci)a1-G$ZqXYTmJ+SJD1V zM#G#r<5bQ3+Ze~7Oq&ETFQuuS@$_`$TeFtdp8p=?iUI^mPm{B(O<;p|&h9W_y)nf< zL%-xs!=-Gazrn*=R^4@)t#Po7F=9`v96D{q`?^{&#xSB}yu-%*>zn+faV{-l zy7}s!Q|S?vociOR9*$kEf1@)mr0c9^u`(t+TKuaVl}7HX*Vr)b+~6MSyHty#S$G-8ZAqI8g^+Z;4hh zUsCmMS&kt)5+D3Lz*S4@*TX!|(~DEOC!^BTFh^eQQOKjBA$rHNR0eKak+I6Mnvg%u zI-?7Vj4^0`+C@=a66d<7mjXV2J|p1E4{Hy`ynNN~pbVM!?sL_PfY-WF&*z}43gOtT zD|<&X=JW#Wc{=I1O8E1+^O=wf?sFt8(wZ=Bi_=$4wAs^^$wCyWm$c6MY~d6oEvJ7I z{}M?iq*y$H@ocm=k`F5VF7G&n{;?LTme44kGi2=D+RNLPYVe`(iubX88}=KN(Pf2F zeGMiFtRzT&LC}~0X^M~Sb>3Pl5WWwJI}HSTY=Qrat@Y4t5D^mV zBJw&_;>*1dgZ6Sua%D?&g{FmXAHh8 zRg3OZk|;ja2U)qFla(R#M>qXrt3!svXUHMqQboqT3q0;9?j>uc@g_kQS=AWYOAXTL zVI8um`SekQ8NUEj7UimI32`zKC59cWY0itG!N#vZuma5SrKoRf)^mc>ug;W^rY&0A zv98FNe+#{!blre@lqq~?S7!c7!G0_E(#X3P_N2@Pc6mxCDO3Ai%8Gl*O<+?Hp?)Jn z6_WMMR{97;SHDM}lm6iW$luii_7Gr>mVwQ;%dx%UVm~hLEfG~cbpuDGQ2OKGoTV%v z7(kSB9ke-JUl;S@0z28O=LZcU3olp3N_XSgB)32FU~eg$|G2mo8*B`us~16f3twr< zR~PpsLZ;yVsD8jPzcU3Fd_UBr?cUUgdZ6pWn>RTPKI^eUHQRlm$5~WxH`#>ht-mT9 z_V0faEi+PSCssjdcb9-=LQfO)hvJ_VT_0{xl& $ z!FIV`eR50#(P#c?lq*(<7rF!7N?SPf1+Hc>;7c|u1VUvflBfSye`+dd$}4xQ&~*%Y z_3ol$)lSwR&p>o1K}79(eV%qHJm!|6Z!FlCA0UAZO#p4>#=-RKbze2PDo6%!=L4H( z^zdKU3teHM5OAtc>^5G(-q_5u#ml!TtY%dHpk#LdrW z8Dqx(fi(>yKy3rQ!bJga9e?5w(h_P~BI?^s&YURs_r0dxbU+l%(j^yLHbzhsyUw|p zB?4_mLPsYcs8a8k4^u4edY!MTi|0|TMmFK zJ4g&C{vR0S^Oa+giYCgruVOX{oLBbPL+2d<%6WiaRr)C=Sm`KV#(VH^%~2Tp3=+H{r zS!Qi#(GU|`5^gu{hR1(|#x1TOd1)B#6QvAkxc|<=vLrr%fApByzYU@pRpUBi?%HMK zY(BQt1WFCXbWaX$+RXcdV^{P1eSe%^g`93x-kQh9T+Tb6{VdHX@u}4DOwg9&BLz5o zXd6c-0Tpl+`EIc~2M8Qnzug*w6LyFTS26yB#leVR5O`c(8hJkxJ=~XANoaYm{*})K zj){+0DFUPo+&BSkR+k~rhL1F{$SnDh*YGh(r->TeKh5F&zbie$Plu@| zLq`VM(pZ->dmvW%r&G2>!WCuk-x9f0KXQ8%XN0H>6FN8O-#G*9~ru9m4Vp3xB8coyxn%(d31E{~o$$5~euE(52Oyf$Y3&cA0+OlUHDP>+sV5GB`E(@%5%YF!q$t&d z>q3T3nT2z{v!Hj3HrmC|4P&`{p^kHp*5fX0C$|%e0CnB0+wR6{@YAC*(Hc{1&-~~r z*YerK_2E#b!%J{pT#OJ~5(c>H+Ph6Ss>G7VTd)~<@3#D9mTVGid(=dI2Ox%I6W|Y( z-q+i0)hl>L?zBx#-!>ceVHt*Rf3M@@Sn_B`Upy9SwLaImUI#6HH6OJvDm8+p7X>m$ z>i~}>4WhJyKq%Jm?WnVZ0Pc_iM4LxOpDT!HeYMK*Plr8ihw84$_1BUs5=O1h4HrOs=T4>mIF1}`^G}DY&I49?GVE`a z`g(bwFyxXEP-(AO^uaZoj8IW3RhGaugqzA*Ww` z%mUWn+=xaK`CJo*=*kM#YBqvmV;}@n;at_t>v)ue%j4w*CIJx-1gVfy%)c9jis6r$ z4=xp3;=(z9lz<%0HLVK(1u4u^RSxsKMxI5O$4zve?7iuorAO2C163#*ZBLt{A~adm z&{Z{u6>hJULiELaJ)mV?);h^Yg5K0n>W9DuV}|FCv&K_C=X_6B-?yxhc9btNMCYSU z+P+o~@iRNQ$fj3nz>T5Q_c`USTyrFkgv?U*J?$AB8)M1mF4u;AYY|J(ctSP7;Z&NK zwO9T!4uZX0f_>v@1a4-OO`TzT>r%)#Q#v<#p`Gv&f?|zh-R$Wg#pA>Y7IOOI9a*$vwRa`t z)A71VaDYQqv=etJ&6ebvb~#)pVFMITR?NtxV&2a`rF0*fr|#iUIzYYrH=j=OAD<4G z;S78_#b0qg9ZJboXW zr#D5(hjyckP6q02r5!EyKefM5!Am;0vIi(^;$&feJI=bG?;^CMzEhMTn*HXZims2V3zi=bDmPDZ-qtjygMFiD30KT|s&kS( z$>z6uK>{B(m+S2%DnSaH2}u6Ab~cicUMaMfcN>OYC`hH0c$ac;smjvzLL=({%U#C+ zx8V1x!FEv_lyM$v8@-m*?({?5rL!jpkjAFA&rGS`%4n&%Mz8q%)YwvRud%7+C*3Hw z8R3(s3Pf3g|4F;iIhgVoDk}7Kxm`N`c--I17^MGyM`H{#!Ik=E1SLm8a{%Um*M2sm z`z;p;<{CJ^-yKFBsD1Jqkn|G76s4lE+vV%R-9G>E8#31biL?rP3=}olu^lA zE*vsBhq5!hosLVmW%z&(47znfH3MWU1&WAtHse{dR_{mlgck^JIju^4*T`2(*U1c7 zZ~{3kyoI$8EW-_Q(6MiK)$_E!hd(fTm3X{y*RV6K_B^8q4M0h_urn&UY0I}+SZW!D zx$+&br3IftjK@BprC@;+H1w3bZrxD}NWPGv{cdab>6r0wlM@+IhyR1UDMA3g}IuD_P7e_vPx;C!MnkE)Oc>Q9klbe;8dA-YAVU17Vo?#l1Di9$@fE z(JFavOlS(AH@te*iL9TI8g0BQo6x|A1<3fq7yP`FLiV(_(#VN0DgNQXM$JDn-1Yf7 z&NhRk+DvNv{|Fu7lyRI{OKP^lgX%N%J3ERat^ zxF-kgE)1p6vfLOQiqPJ-${c`N#qvqy>Kp!QzX+5%@QpJ0-t-8J)+Qm{2a-*--u zm~u&jD^J2sXkcsr3&t1v#QMFLS$n3SRcYQ@DjXbQe4qUil*WmDsILl6>kx%LijN(5 zCOJHQ6MS$-S}Dc>JxCp7_B#m)D(D~_+x7uYDN7XP1__1Un3{QKDt`izE^91)YlPk7D>1J}t>p9xk1C%C6Y>`dU2sgX9oS z!Tehc9iZ0=@Z+(vKnCFbzTw5^bljI>2W|5wA$JsiTgK(}58jSfE>qEG|&ilZ@Rw{=8p7848yySVIPg zH5v_q=QBIMwV(&FCMszYI$%iHnp{EVSY!_|z-LVR10BYV?D}Qt8@(2yHgyK{y{2q=+j6{oWh>INR%W zS$9d>7!05nUBX+MeHVlOs9GzjHGkBC-mFn(L#rc=-aFrOwI~qwsV>A=h<4#2UY8h; zyzEjo{Ccuvd7ePTg#o3c7F+`(3ye}3vC1-AfHiw=e5)gpqD~_E%|BC3sf??j=zBH3 zkto0jRXZ!4?-~mVF_(FqJg$CUrgC_A`D08-u~_5n11pd5u7@{jDSAaIixVcfW_I6Z z;B`i}TgPK#DPOt~x2GBx<%`Vgwqbv#F)$r`o!?`uyYXZ04&-qT@F$h03vdex4VJ9mlP zue@&{OJu$Dn-*a{-nxx(hx88%Y@OrSi$2ILZKJ3)mceq^5?hQZ?Gm`%pl%HFG0#)e z*4Fx!{PRocVE%`)o^zM3S8!BZdOECCt^Wmx!mfiP_Eq?JnJp!OOI$sfnGd!5 z2zGTUUx~3hDvO2mH9bsM{Yv`mnO2{b&%BN6FFu2upAy$6Xv>1ol@zCR{v!sPTjCRk*#+-;cRCFD=y#P?e=IhqKad_WF)0{&o-PF!cv{6kIWP-2H$cGF6646sW;|B%~rfYPZ&M?P~~HxgPQebIizYi>4hL0zLgyFL>aBx zvSLCpjai3NQNGcWrm{%O-{pA$P<5U)2%HwxW>J0SGUUnQQ5rIp0vx@!NI4F0vkF{Z zmfTzs`q*`PCEE}w*S5|PPH2qL`F#A`M;9%LF{Q-B*{L02L#$12K9%sFS@Yotck)}z zGwuZYo{cz%?*3ygM|hrdAI?~J`cs#YyRWI^8-EtotHUObZwa#xb$IuVxzr(pq#LJkv)w*Wiwz!$ z8lg+>YQX;_yr|{uUh>*S``zDH!8m{T%=jk0yw!5KGp2vJZ_I&4FfjZ&)eZLNTxG&Qu^wFx*y20a3 z5ER>Nr#OmA;5xyf1#l$z-D-M?x##sI`T;F*(UcRIG(6TV@3unTYLEn^<&&B{swZ5n zK2Hu#2(yuRERwL~=4YY9*>P6w8Om{^GsafOIZ(np9Isz!r?rk)b*Mq%YN4K4-n~Wj z;X7&Pr8;VjDYy^pau?*92k+77zZn`qzGb@*hPBs|8H`<`fyNZYoApt^Cp#m* zgZPyxvT^yFLF5GQD7dUoP)l<=MjCU<&3a`rCAiq|v6@~kGDXtCjK zJ$K+P_0>mo+Vg3(hfE$izW#c=L``T%@-90zi^SpKkJ8y6-p@3aUbl?PafES9`B1?I zSLsF>;=z_$Z5G3_@E}?P(R(Mx+<}p~Q&sDxRa%#|O@e(1`Un|&bBH&YQoGcWdDgp1 ztDG^1Z1hz1M5BDRi%0I#8;64;WbYvAbDJ|=c96MDj!%Tky$Fs2dJN?>b^pbL_4~le zXr|Tt+K=6Cr91orIA4?*87B5Sy_&6CXSlRNjz{^u?N&m{=kgbWu8ArxU+X3~tNN;{ z3&i+Ow9h0WyDoL};&R${($JUK7{E-&@si7*ECEVtg>c?!TuriRDtTpM>&gr$Rr%Xju@?ac~(rzRhnyfYW8Oll47$i74ln8P#ETkedTM~0H?E-k6s4Nsih;F^xP*&V+HXB@g zph7V#rNgvT{6sNf72%+ZUaas%YJ&yrzRW1oq1dO-yW>ncpDh?t1NzKwU}n5Srd6Ei z-X1>x&avjew+U?pF}%)f!68RQuG1IFh}}0VNGRL4|C;C^ShS$=o#?2;6gJCx&+e(r zm&O@dZ2P5nPxpbCg8tkN5H)l;p#VE(UQp?;N<}FCvq;HIu#x6g_2UO+&p-PbzsH7} z4W^|_lps^HBAFISd+qQqKHe3=Gbko8G+)@3j^fkFAm*6JP|T`g z$;t~PqoFYqhH9blTLDFSyNi5Qn{smDN}bbY30=Ye$)X z(Pg?H`{5G_Aws^g87_>;!;>O=r=)^{IbsNz_ekB{+4o~31@i7~lrp0*SRRU6{daSZ z!`c4Sil-OHtZ9dDVPN&nT#9sKhEaEW?AKBfw1-PO46c7d(;pQ)0=43+9>KHT4BNJ+ zDpIAM%W$%XNc=KsG1=w%7`9Mhnx^;5w7v0oW#h7ZU1F;$?ISub4&%aA5ROq1&Q)nJ zCCVEVY}{sK#OQyOethyOFYWkR!Iy!+CWX-Fc44EDC(|Qh6zP(2ozZnjPj5xxqwo`lNwRk{lA}>Q%cpf%1gx~zTdJ{}lhlV1}2?$zO ztyj*x{>Tp#+69QP*;biP#07bP-N`tvC0j(NcVXWaS{A)j01u{fu$fj~o$t46X%qA; zY0HUShEHhAKEU*~)47a9jo<3KY|KHArUqTaUUxR}c;t?dTonaagJ&LJ3Ul&fuM#_q zTGtu~5Qpvg&1OdLe^Ig#T}67vFOi*~1S;PgsJ$hLoGcqqkw{4!S-a&d~__;N8t(lmX_WG`U3#F6xKjqr9(%iqo5e!ru_n}#5$FMI|$LmbTx99|{bPs#NH(A?CprIV`pMPcC z?~Da%sH>;h$Ci* zNcJ>B_>VyMF~mdx1-R6o;ODvRJleAGd{dAr;)Heph8 z`dcD7Tn_Je2NKf&i0MtvEA6LLm(hRIIj8hnK#s=*|JC~7`qAg`2IKFQVp4;2%w`RU zB9ukFTEa(+z`>ZQhoE#8*E-5|5^(?mnX1gREa)Sh^&!&)+O6nYXn{_a-_j$H!f{W3 zZUbA{C;w^VbK9D3+iOY8BN;jhy$c7*b3!pYRhNnxqd**i6EvXL1S_p=!+qV7OKF$~ z_c$YooD|qYYz1zv^ypZNOT2F)adH8J2*P(!^R`a!@ktVODqkAsSF8Pc%SQyxl<54P zkF84)2`-g4nf?AFkWbJJ1tEU^-TMt+>kxh8Ef$JSYz>v8B+%LRHiiVQW&X#ut)*N; zvUs%ZmL)a!l4JO|QuB|_$u9NrC9!;UR7p;K_LW!O(u3-T{$&r0)aLMj)4V z>GnBTzZrlQe!x*IUrQw52vKvkw zJ5E+|KZ^S22R66CsS2RN*h!R4zv70lCY$z<2Ay+S$Sv%$2Lq}_$G2k9hb;<4K%k|; zZcuFWVJYQV;*ZsoQlv8!XpIcO$$dl3v8&eO(6HXQr;0K#wPEbrGzS?v8-XEs!n^Yf zi)I}?5pMWS#w)jd!F&u6r4KBkGW1cLVPdgG)g5VH{K42*y;69AaIz%kJf$h-&U_qt z?AF6ydxjWnk54Wez%vxQL$==POZ)3PNe+FPC#tv_oh)w)4MaNz!%Qm8s@b8m_sAbS z_)ga?t_WldkxUXgKK#OPp74z@;H`S+mzxjFcA0n11{!u$as0a4FFk(zC~DS@%X)2{ z)*r4LWe} zkxITzlaO)Wpp-4Y%K26Ki6SvCQB2fVZOf7J$AeU_PN)?+daipK|C(IJ%By zd>iOrKqedY>BM@ylM3+u*qt;jYQMgt|HavRMm4#$@4nKJuF_EfMM~(1Akv!x(v%*g zD4;}&s1%VBihzQ2K?G@11nCe!iUd%)6oZCtP?{JzQWMCYPh9JL|9g*d&e-SV!y39E zCV4WSS?>F~ewWx8p)zgE^h-3cAY;S7B%cR%Lip7@8Cq98Xx@y$cXq!`()Gji#)xZ zNw<&uEOeLj+93K2(`4F=_*EWF7cRens@djY{F*C~LtnqHJdrKn2^=4#j3nKU3U5*h z&W0!ZE`&13s(+W5sfh6bv_Z9+N@wc{%pRy1OU!Id< z@3%aVuM7fth&4?ge~D+%RyHk8+Eh1LX9@{1Yi-zGuko%C#`eq)IGSpb!H>U7ex?=j zT=I5R8A;1zMffGec=DwvT;+pVTk735FncUCERE-F_t$*P`OOsx?=Zn9$aBj$hGZ1d zxH@J7I(}tF7^;5t@L(0WTJAy}R=l*q(65M)NZ?K?T&g*B!t3z9yV871^f15V0}>F=1at1!2g`Qec;V; zOJ?Hltp(G>If+}#RyS=uEEsa>pG)4A{nK?W$3&uUR~r2cX5Gnfck+wgHfy2A9V64& zpw4}MGwz=c>(tVdp@2hn>_$jXby&_i<8g99hS&DxhmD+y3lrLHAs$sOVocZGPyfwK zyopHoq;_ph7cS0-Xm{7u7s zc9;6%BUSEpElDHyVlouY|A#}FK195n6Y(%kcyjWlP=(Cgz3(C#Gj86@RSY+e*$|RH zqiv)amW1WYVhS}kSQ@4dL`0_p0F-m4;cXe~`)~p)X^qv>@d~Zi?2S3yxm1R@LEPYF zX?13I{}6HqR7BhJMqSt6pMNijWt-2sCb8gYJw*&l>V{ z`gqVh_c;)bWfIoHl2ZXq3G(zk_w-#b9zfRWX%KO?AqyPLuYJg&>@j0o8W2d~-FQB= zNWeRgeiz0jur4RQ3dy4?vkR^)lha8R*)E4x$xyB|$`jh@%N+ zca?Ow3PsqK`T_aZXfq=y*^&!(?KDU{yvj!hRkPr8jZgboF2q_5dfvYq6z zH{X^-KbVrvpe;J2x`mwmkvod;YmA z{(Vrkx{U30cpGM=a_=CwY&v~u+ey-s+`N?h$l&O1RxPbC`gXQ1)rbn?3uVL}fAbZ5b)LlUYTM{nNA0x@wH(q7z=F4BLp0C_R6^NeVnPu4qOG%!U zy?@8SD*6zQo|I?ogF8IR8Zy-l&hz?grvs}pXDGYCHVkAVjXR5&>9+yh7le#z4)o`7 zrCgF;hI;TQzyjSm%{2`DYD}ISDSequD~Psn*))EtvcQ_X zzB8<5HR~re_}Fy&ae|cv{s$?xJWp^WQ@$Tu-v!#K=kBML3;#~2%Cw@FtOfmQc8|?T zDXPEl?#ZdXs+o4XvnTjHR^mnP^9vnY4(!6|H|_kbH(l%cT3%8r6MFqlss~Sgu!?A& zcv6kfc=*8Weu8DsB6TjpR35zt>gi=FhTznuy%W_gPU8YQ()?a|aOww=w1Zp~lNsg} zVa%>-zmP(i)tkqdUphRveB4-LqyRbK{qiEWDzo*ngCjQxLx@vmwV9dXJM=Zc`8gI-4u1MK{ zvfzRVAU8jm&1ADE6&dtFfn8enR{GXhNj+JH58EP_m-?dk?Splo_0GyBH>ur@gTc-G z>#yt6HEMlC9O$%POK}Y}%Mny}465$8@ije`Hp?&8yq*vG%U>7}z9{yx%PJ9@>$BE10Y#CAu*oz+m-`+9wJHXM`S zMDx+855*$DI?-67we}G+aBu8H5-az_(;1VPTzQLp3g~+#X3aOOJOQ_3UL0WM>#i8L0N-UnZ9&8>W4GxlkA|Mk?_wzpctXT@bU+)X_|C| z`XsUBRC{oEjt&>@24~6L>IxHEyos+0_0g_WL#jNR?W^nR%yNCQd`6XiAk^hR%3E-+ zwPLz@FqL-Oj{_0XxZ(3_wOAS)x^%waN@1JE=l^?a2;zSrbt|ALB4KM+^u*8w#pSBW z<$q#J{lS27Bo<+~u)#V(@``oJF2SMCwCL5J#}1teSLRVm&66>vk!JQ&S-JvxYY+VS zBQB<|Dz?X~MVv^kHLURg^wr5k*(Fv#%d+WYVVfa|B-&1#8pByjfzRPuOcA-a7s1UF zDWB7tQs>}3n5+8?6p3>8$_yJr+wLhzUu6CDG3(rH+I7dm;^z2er<|{-`}P~BvuE$K zj44d4O7x&Sy_tUy%Gg%28FL9I-nhc^TzPY@!B0%i!4pf_u3xMEqo3>>`0j;IkgIRt zDC_n&^|x9Z6iFkC`6!@Wz0$&B1VS9}#`GJm;Ic^M`geIv9ys3aChzP8omF)=ja_+B zcU615#U4+I1$@}9Xe(OCmq6&9_ecfZIyMe_*ZN!wPOj0;@E9BNH*g z^4;Vrp3P?#9R6gW6Iyp3*z5d0{^0Nly^TrtmVk~OzL?OcJr?sY-1~5;X7H!qgbBol z$)79o9+KzwUxn+}icUV*VK%>&L?fX8)*ED$Bud>Yikd)gN~9J{%K~&zkpnt- z<%1==PH*`gpfQ0&GaOs1ICWl#Df^$Q%J2o-+dx6Qa-agGVUbZS_?|AnAX6JO* zFB9ax843sy>)kDY4nSyl8d8A(9dw?@MBP^4mFpaMO>s=4YYWS<$A)-4swXG2&tS@F zW;1{^R&i45#h3!&#`W10PvT0=MgHZ<^1B36A#{P*gOkzo z;VQ)Cg~``oPms|CLJ}UAYa$3{@(yol^f1w!eOvsu{_FE-DmP5M}6r4bn%DRiZZr8Vl20DE8m#n)in51@F`?@UW7U42T zPY+|UT&K;x`Jpu1rNmU8Kg1;o(fR^Cwu16tv@rn&M=hS$DTCWL&CGdEXt2I znsXQyUj?v5x0F+6m@fk{61jVqq~l(Fp#SxUgFHy*i2Oz?Dx<6->MN5!w$`0YLZ3D{ zl@UXk?N}pJ7*r)pOlN@LeZ`ZT=1r;cMZvyGqu|D|7>`asPMG{^P4S#`XNt$G8vXH1<<|bB)`-mf$^OLEPy9;+4-*_(GSc<Er~j$iL9`{#L+6;O7o1WScYWY5d+2l%R@>BCF<-t{BxT;S zsc12VrWk}6!&&y@rE)S*-}r*Lv8e0)gD8C&&f*s>*kKBmRFCkaZ_UGYq_c$%b@ z+M`7g6MaMtN|L`|ZtoZ|aNBjN`c?-+y{deFy~mFr2Jc66DOQsxrV@c_yZl;?%dY?o zv-!>k2wOGD?jsovRb<4bjx3c6_a$K2i5D&XD-A7M=9M3*zrs!?g3OcB3?#XfRr+Qx zr0Ioan<`ManDEND5L)dF2+zeDPXjL&s1gi0!LRTN%1j^&H0stCEJ@LI&H&uIBEgx?7Pus4qHZ@s^yQH5>Kn$n@VL~{{itEoexdE)jkIm z5yJWnC7Zo;gWGWU#6q&)hv5ycaq(9bG4tULhZ`?Fd+TfphP~p_oX-;yh_?Y%Pj}M? z-dOk{31J6hO7Kit-FTDnL+I}b5%?1vI^cu5Y#7@M?v2A{!Cn4%<^6`@OnXR`zlO^w zrepQ^kGC&BB)ucr(Rb|fxbw{v3f=!8^s7rLS!E}g=Xg2dF$rU&`j8!8}Mrx!K5JI)}o-O6#!emXMm zpfn_TN(uPQDl^g(h}d$JR8mFB(62OX3N0W__1<&vRl-)Xg*-0ncn=x%`)xx;eW^#n@Vlk78Jzz$)*ma;vrBKKm9Jl1uBu=76%NLCBf0ur9V%M?T4f><$w; zQpY2$$cKX3=m^#ej9$C9Y~S~UZ2gaEpdyV@`nSnZm`XbPQmpR}jxiwj(6_uUPzy)K$3 zlV*|gwn44W)HUC+Hzusc<3!gt9KTy*|IWrAj+U2PefO_`_B`?c?=S^sFsc>D3DQN* z!&6tc!wsynJXr+y(pT%f>!W>nTsA01PnWO@Wqh+$WPVcqb^s-nUQvQsO2a17x@>A% z5Pi_w<8GegaUOjc6-FiXCB3)^w%3db^Kmqy)iNuzp~N?mO7uBnaQ06nyosyQ)niQ?rQK_#-2i!X!}MRW8E` z-vi?|Ll5p*m?r<3gQo_55G7xw-aYjqb52p}koGI^k<{j0@{1~E zo53kD+6Xh#IF``o`|R*2J;=|9PhaL$YO)P8nSw~V-X^Nv|F+!QpUK(?q{jsQ{X_c$_ zP;Xy_v;5<^2K+=fj@XZTFGjQBoEs6w8jf#6&+t?mrUOVLn8_L6tKn}Yd^5Zx&5*}F ze^Ft&+zMVGdKG)PmZ`#$Y#=EOuOGTQivxo(pas`yD^q44i9XO$=U^`JURR^>;)@b2 z!(YCh7}(!fcKzd};jE>k)Tm+m;1-r1I!pihDwki!wY?<9YCrPp)c$%r{tD}wS}}~d zu>9>8FEpNB0cC-J2Xfe6w>%G9Kw^JBndwpa>vzFi(Umh@ zGyY{8CgM@ILnZ5?0x!piy7_;j&#np_cz{^A^9pr4V5zwZr`vZ25r1{Q`RpJjD6%!2 zv{6CfQiT>xssP_px$F(P)`c24#kuvb%9Q;Gw6cZZQx6Ic($<^5Wu*mDP77hBX@yR8 zH6D2{@oiEvd$l1ienp!iCCn^|BcWJyKZW1klD_ar56*wLtFwZA-A-P;aKnn7<}$3d z*>y@w@BxUlT|q9HRck!6l=>KajecI0;lR-UhDe0Z_qW#_`@8jb zI~H0Sp>x-emG*UgqkaH8Jz{jtTNUIw=9dQAS!OxG@9;jE4Y#aR#xIos;{*X|$;D0E z9hrSad!yFEn2bcxC)el-Epwq&fh~y^;m#kkJHt=UDu3 z+;&HSPqE{4-s|o6&I7U=9Jr542D&(Vo31KDIM>m}6iNP}-bfTJ!U1KQii#tTsB1)n z%XwBC1J0u2hUcIR3(s`lD3~*k_RXP2%6ty)Jv7I=cR#s=4m7F6OwD-mzgrW zJQZJl!tzy10ax9dI7Dbs!q(SJtWEXC-(AB?++=j`2Bs>e?AS%=bxgD6!UzgqJ|}=})|T4sZg8oP5JY%vB0|Se ztLs1u(mhOlTGP!ip+ei!SN?cXg)X!MO*G%8*Jm(O5ew_3NV|@xSI#=jc_i2;v_~~> zL%PpTql9ix4z$sX*WyC*)rDS>-=~qOOV-*}CvB=Xp~ct;5$5Qm_U(zoQC#eH)SxMS zK4ouCmF3V}`Ay3obt!$j@!oUB{C%O(6}S%(43!7c?2DiF8^l>L?|#o?bN51K+&Hp9 zbWe_mdP1acSF(%89{J*d9oN%0|Lnpos{hn`@|zn2BNP6RtI@+(HJ7r-&vrlIN)5b} zqkkmFf^zq8b}QX6blC)6f0YzKbUT~26OZU#)zag2-usmoKl$Ro1`tCt?#++ax(zOA zC()RVMuO0h7y547iKMF1Q&+<-9?Hsao~#Nf6lC^bO36<^2?w>V#-f=fUUJH7x$cDw zPSies7=camJ}cBes%GoQ5j~5qmU#4W=lDsv*G(4XZ&}pwzklzGWdRJ}(aS%=mFw3S zyJC0yF@sHK*NmE&^%v$4;X~ao$k&w79Lj(k3rPX;@hfUeBN5|8V%&>jvUX0y{LoN|$Yd_-?*sO=^(t?FfAP} zhwxZP$~{nukwabg6x?F4+1< zpYID3F}wE4RbXje8#A8z zgA{Dv$M7c&9IisR2(5m$SI<@khrJXSa+dUaXDa0IvQ2Gt@Ap}czlFI0z;Yv3oHn%F zd>8C>g#MbIfQ5{4834vDBv8YHPhqYpg%e}Fy$0Xda3jU?0~`3?q2 zd+JjGOh9x6;O+j$66ODuJV`gBG_^~(Pg?8jOZ`L0N#yzt%szRfE%c$)AN9j7($hoe z>0d~PIFj<#I)L$9{x7qc0h5Cwzd!Jw|EGj`1QVELz+ofYARs z&A+dy=Jvn4xXzsUW(r}V5zipYIw)3t0aX)TQ2CICC_KdM0U1Duv^vrS{+%iFto%M8 zt$Op{L&+8h6*I*q)L9Ea@pG#<_t(ZoR^C~jdNaAqOuaOdjRk`?~@C27w=*wVoP zp!@s+^p!7Ax9+bqo#$$OsrOXPop?sqOcj5*@kXDLfI(cgP|E_SI2eiZLcvVn8C<~4 zc=fEU;>Ac1)#0;QX~0bM5D)iAzj*)F;H9?1!1WHU;s_;%Kmb#;|1%F}F?(U1yk=(7 z=-3@T3!O1fSa@*3kV6+Ju4O5=aOR9wyIeIiu-HmN%s;`kbssij9; z%tcQMGsHj!b5hE7>_E240s`oMvl0TQo_gHj2+evo*w760lSGg6#5k{01Mn!chYxWe zbVfFqxO*qe%YEjb*r>*tCkY-`uZGL_ZwvshDP$dM*qgo3jV^S~i~>0;Pl16No4kMt zP9CnbOBObI;1AJyBVG!A02MU=#_t`B#YmbfZ@69~k44G*fPC{vDjFQ)I0okwq4MCz z&+$PHS16Jx!!1@cZpNaa)S^S20efMQ7l0lNac~Z=wOCvhO}l3L#>=Tf{-idc1=KEg z*t1HsDB_omEidi`07+K45dz{-L68F}+FqH9T(Hu$%Fl#5p=RLgGZXe#1I zzeRXlr6qNLWMA1de?TPa{AhVqy=dt?aY+}5p5K&jnI~32{W?Wes6Jv@5be?T5cuJn zS1ZEZ9GfbU#HpMumHw*{Yu0lNd8WOBhZwW0^Av6wPxGl-`F4{K6quWoRf`c+Q%KKTb% zr&y6~M6{NMGOWR;N{fYF%ckRrcitOHOkS^6VK%mO5Rcj*}KJT0n~G@C}*T93StEJMY{oNEGw)5eX}&$F?XY~==W_ai|b##qREkC&S0 zmi_tovx5DH$KNtXaz))nTSOd6PXv-6DncM9#tV3_Ud?fZ)dWU93?Z%(ULyCn6z6s( z;cdjN3M9Zp7|1^an}QsdK>tn6v8~8ZmGS3`MSOr1zLZtVbgQ;E2`N_g_lFzDwoSW@XxYkA zXb7oT!_2vEk$dO^U!rkP5mS}NF6e1YqKsX@Hw=5675UCd)nXR!aPZs8vv;egce(V| z#D;x9U!@P*=OZbLmItZwTJ_9~g={Kg0E}fa7J`~pneWuHv`VVBM$_~GFu`ka=>*@{ zUg>RRZATnDa5OkcaaUClp-G>*K1`!vQj(b9QVlGb7UgvP;3dflIGFZB`~3tF2ck?= zrEs3_!V`Xff-x!T`xTtap-GM9$9<26%M}vl*kAUyvS-RK21O+Qy46nN5f^F*I;4*$j_WkyJuRyTe9dS&&&*?&kGB8m3-SK;aHamDH_ zJpiHv=oE{y1Q56Z1$Y8eDc}K*7NXkaX$+k`&UW1cQ7Wnvy)RS}Q&_dvGS_Tv6Lw19 zY~3Sm-}6lWbok)T%OFQ(yfcM33~Tvxdr%Rr3?+<#6?00fzTaV>oGz8C`{ipwb9SW5 z@P@H?oW++-dG86}l|c!{zL&DSq+n|`7T7Q68+=;X_p?#Zc0k8gnp3yRYE@YsD7y@- z!v-5rZWRZq`9A(0f6x-IGf=bIW36u8tFJTNZXl0l<@cPJU9-t@2}s{t`^Y-=0=132 z@*Ei~;$VXtY_XR441YELcvJz2l%T(fK3{p{c$sd}ZV;nQ;VV?2>1|cr;j+&@?8JC{ zN)X+`of?5j?R?N<_kSu@>JS25{WDSdZ!r?K6G!&gZnb@y=JE43~FFSON>{Ed$> zd(KxGlCk4w?uj#&$Q;fqqVEsGZ0b*J_+fz7Zwl4BSym*s$QefLsH$&neOxRvKIOna z;WTsh+~xp?i@R#o*;nK?0gfi;5-tZ9^kX|3I+Rii4O{A5((UN16)BFxIlMAmUZ0z9 z+rE8(MQyxxqruPrPL_ehddd;FC@x^M73(*bN z3q0{SzjU$r4+dnZkUBRBoYjV>djf~vZONO>Ub<@?iBGwyY$Lqv*JMm?LbxOy9B8k9 zG;pIK{P;sqwjE&tXZ%m`EgaO`C;LrvH|qQBK`2eM`g%Uk1I{pc^KqNVAe2BCL~{9h zMfVfKJg1kSz(=)n;!BfdvNnD%(=Sw%F%W1c>Sr@W#7(a~TE{KStwyZ^VyEZ62_Tes zrdzPpL?7)MkbWQ9%Z;ETrG=s9Sp>VfR%FftUD?~}w8+)GZ;TWyYJ>M@cQ}H*|W4Jaa51jVop)4CSxNW6-4OT1?C8Kq(?6}(HdEGp1W_9M600(`48>DpEF6!sIH&65 zMyOUEYzE!nYM6)bCq=$CYsP*1#(~_o$=yp|&Z~|@Va3$o6xBE^Z-Rk3aw3xmH3|^d zEf!89D4MqGdZAF-w(#}DuEBd9S?9u5wiL-UD)2FBS}ti3?PI+d_<>GzCq2KqDDxJ?mWoT^SO z4kz!oe2F3ZG!I}6+rLy9YKb1A?AMpB=o9Fv*Qw z1r3UXjQaMdc%KQsYY8=2R`<A+MER4-k8c_{vIfdD!c z!Sirq-UnT;LY(vP_drL*^6ZjHjavzG@2l4ekJF!tJse1^D{I^?Tp#{XJ7OQR(4KHl zD|q2utCA;$ncGxaM`P(4;m5)USYo^+cjx2uImJf(@mdm))p+)*@hEcz3HCW7Ua-Eq zVRGKTB2Nu1(J6ja(eHS2nfZo-c;Uv?f;O0)jU*3~X7m|R z(a|Z+Cgsk6SO$0xgTMG*8y6fgs*uEqEeqGWI&LSj@|&=_Sxsr24oTAx*ioU*#!aE7 zgHhQ-sLAuylqa`|IptX0L>7133!e=&4mY&SuNn`Lp*FQdEM>0;2V?JC@J9Yn7{)msVyNjq2ZE z24-d-nQ%kB2|2av$NgJjHwFD(8U6By0}kPclmC;|O`Kw>xWD~5P(GM7D)B;sEw<-4 zOt)Tgu(sZ!x;z4O^cH%5rr#a$Des9LxF4o+gK_u9H@l#~;GqOLJxeysAYjAn4NiT9 z-#^|B)Rr$Yb|NH(4dH689gov{0#0r1p&L3Wv$3khr^vP6x|yy?=>*$|ytit;iEzl zi@e!DGNXY`Ed-c+U| z7`k>$Zp?wirGPN5QgQr^S?gWR({*JQYP-`^igV-IEt_2_`r5qKIp2fpcO@$~jNyv7 ze|INuUs>8^PiR8Ls6`*{ty7aOpBpo7sdrl5EX1%d7+bRG{cHlBKs#A1RV=ri;xwe*Kp=|f^T2Xe?WoXcA`;F_Yq(!Q5`*#VeTo+?Ge%9>9XXVQb+V#nm#Ys5KF8WRr$fd`!)1t%aRu4bJZEVC~@>9{> zw)g9rdlbelh%e8@XFGFTar4dAQB=%V{S5*tJj6fNDVrw-dX$+h`Q?8Do>AqB57_9! z-pvcEtFLR#B?wOhmC+ehIkf)oQx@II9IfMH+d8&FGbr?Z2W(!Nr&17fG`@FERZHEW zC+`%7qPOIecP@<^Zv3EG{<}rE#2&IM_%^3=_!7q2%v1cN^|^~BO{@{B=?rGOf)_P$ z2bLDp#Y|&UvV6Nql$LOsiTx1UbFEzp6NeY@a>HEK^{1~g@+~DY+{QrS#ux1lyaD6G zpv%dn=+Rlxx}VYw_NQ2*o|qoW90%7rO3@>qiQ!&HhKc<_kpAwOr6oM2 z|0}rFS5CwJfrEr~D?!Eg3vAiY!^?;v@l74xE-CPK$_=>U*m|yRB*s^-*u7I*D6Kt>Tci_6GhwWA5iGOmY;1TSIdcu|Qe_8xWAvUjYL2b` z1B#^goBpKcyPv{@O5K3>&hvXEn%Yi-v7kD%>#{4&M}OI7?*pVkcgSC&Y{oj^d-rL?= zm1T1{O&s0K8;nOxuFuzMe9aZ$FXf{SbmzgknEY8|{9)n79(XnD zt!2nL=7Sx+s@nwrMnVForP80_Ft8ExF?MRZV0x_H<)UwYXGf2?_e4?Y#D!R=yZ$M} zU-i)f9^HIPbp8>6xA(qc6DPUC_<}oz)du&wkv9IQq681dIrXgw)W+~DpXz)5@{F+L zdP#MwWAdVJeupTI(5mxWKbE~W!nvLD=j!)G06tbh^vi7%x>wDxN^SrOw0qj&3r=Y* zYx%@NhJ%!&`o%#cVFK4kQf$9erpttWb-1cfMl~k2yOR;zIYAaEKmI#&H$ED73ynSaL@0mzlwU|kZwL?wo73e&6j6dzP$ z2?K|*hh_u^OTX;K(NmlZHo<02+Z`}X_G(UvM|Igs5p*k~Hghb2bjZzM%O7u~-&D@l zIK7Tk!>b&H@woq7MTMST?EOe0h6#zbuA>+lf92E6iY~4H5s0JfqA@HUb(Z|t=xdDm+{DuEC~qD{p7>Pd zMEnuOUzo}YkMJ35xprB9{=)Xhtl&>|JdBsETieS)^UZ-YSGcX#m+|j9CQ{KnaxJ(% z8SxqCes+P%?nE-FVq)+R%^#Ef6Oy&YY5$0%=(mS#P_RBAABbf;0Q$e|G9zicX zyc9r*)cugS=hFixa!c1q5~~zRjPPnOzv*D*AP27O_?pdE}#1*BbIU zbI_f|db@A$DL+t{6jy~>#KP{MS%r!`q&mKlFkKw#W=n9$VzZy$5JV4%O4 z@!AQ;@;%SI{!Js`Ll5wzPC25mvBlD;W~d(QQA%{An%QW&Iu=IZ&0*M6=pA72KT6Bj z|ClO9D|rP$QNbzuIRyXe&r($mt_L;ojW4MZ-@E`Nr8?!xMfc!HL_(~gc=zwQ5lnwpU z;S+g@7kEa)P-yt-C#8g1OSU7!-&ST5RF0G?dIC~e8W6yqP96Vft_p~ZAZPGkffy2$ zbiUH$jmJ8&x|4AJ3#Z5szC}jz^xbRPCKB=hfLN`5yq%*ogMDpAKU)8}o4ofN%Ci6m z;F-eF`g_@KbFDjNHyY%Ecb*~lULx-g12mYuvx?`6S|4lf99J`0n};N50TuNEkM4szWVd1? zl9m7Tpl-Q%3eA-?`1o{L{rBjF-(6MH+?aPy1-LIB_E_pdy^Kr)viA2Au!>z(ETGJE zKXr@auJw`pSKvK2is4=|U1qzO<3i)g5e{ahAtN4Qipx8Vxol2_K#}kYIS*_~WNREV zHa+m%%Pn=h-`4ues+X%koB@!Nf7TCnXX4jyum|l-`K{l0pCBLNv$_X7)U$;sUM)Cd z+HA{hG9OO*Slx4ALDx(9yL>W1X?+I_9|qyqm>@VipWv@{Zm}H7Y={pam8Nm^=_zI3 z_tEP3(T0b2h|eDEs=<*$UEzXj*Ieq;*r?MaRFC>vm#`LMnWM`!wqKdLU|Jh@pu{O7 zp!i%YTz0Qm)VpYlS#Qtie_WU`katGFI` zyHrKLwJtqia?Nn8$I@x3#Z0;wd zN1Uv2{h;CHI8tt>8gFA??W|A4c>^a#XvXp8ADi2wv#_-wGCCEdm@CdQaiuc4Too%9 zwFq?EcJSj&KOVY}U-f1w2j9ummo%ThKbm1ygraXh$cvUiA5WP4@y-EY$4nuoX(;Ye z2V8j)Qf&kU#sT{$iww(CW*uda1M}HZLTDCHNPTQq0%ukL6@J!ltlpd|bZ<`2 z2e|HrVrC{=%S8DcWs{mz*^~9KMj_}DqLQKN&Gl!Xht(j);nMhXm;QmZTa?Po>)jcj z&k*4uh}w8bOaoMON%Mu|!dB<4Vi3jHmVJe^?Uk%5AnNaWEU#o6A?I{|&`|i`%!o;bSG-#$^ zi~ZK(9F5O}Y>S6#qmD4!J>jmPLAn2E@<)$3*7;kDvtrTiW7Sy#%!FHQuVH(O?bFSN zYUfw!o{>#_E)%ZBPNbQKppW$n!Tg6G&=CH4C-JJnNm*dQ_X?|3d5r&nbX4zGvwci@sIdMdzq6IvTySk6j33oX93ukDGdYAdX6`%46oC zcQR$0@ONooJYn;yavWI5My?d<*WIv~N(8rz&Nx}rQOu+ny0YTQ#Vs&RQE0wmRcf8s z(Nh7+XGo%_s zeJmZl#f_aH@5QKRI!~%T{?i~ow+e2m_ZpTqy2GuF>yg zvHbRtJ$OIxkknJu;qpI(2SJB+aHtL(jxCkQe)6Hj}oS)0SbPAhzl$ z09?E6n4bnu1e8SbkD)&v6VoFP8Sth3zra19vOM|mzlF+t6`_KGj+I}0*(|_Ok{{P= z4Jcty{}za5k7ZuG|3)O?KH$E(etT!}1sErOnrx{q@e>*W&U`oX&bk_D;o-8D*R!qq zhkVet1Rne807w>gj+z;20D}uI^?RhkftW1{&>H`V_YJyKgqZ;93zp`;&(X=}Eue%! z?eH{Nr%B>J(JMM;Z;fMtt7Dl`EdI1=bh-TpUO)pJ{F|i+ zK$a@s@?^vCLFT7w?|2^IM8vnhsAZ9nI-1>YK-H*y%=;3E+e1O&1ydrzCRryxkPZoh zWp_x22P*`OjAcKlbmdV{(f-K~Z2$mtRN&qN#nn~hd6ejJ01Sq}8W&`j$A!qBW{PjfA!F=|(bI>W9(U{4#?iAPWZ++f{anK=lo=Kw?%Q0C6Y zKc=>Lt|KH}ouE9YJtH>GIZApqK5hO9SsA@l=6RN80G z^m`dyZOZ!lGQn*W9F&x6wkGo0bJ?MA9`z?Jgu@aW$5yNrJ4ciXIn>tuYIVWU3KUj2 zvQ-c6mwq|)G-HBu)sgrgadPp6!lzuTw7CSp>T*+W_+6(Tc|rllhxsrn7(|g7uEzyW z7;OrOYB+{DQigxV%ud?(Q!+uomIe3>S*as=rP?0!Y`wF^#XTHtaNrIF4N-cgb=Th@ zuy!Oi_W?+bRLo+SxSEcUBo8DomVO^QX}Sm1%wMz~iPswVm?hD6QTVyPR`SCD7bU-y z*BO|wb9j9md1M{e_gh#;qqEag-yn{^{gHUE zz?*l`Z9u+lC(cHB0+@t-O@6L7304g_9}%Lq^OhhZ+cq2=l!=pO0&=h4xYscfR~WmPTR4 zw%N0UI%RSvVg=uSOcOs;+b=3*Lrs6_P>~vEb3JqMMWp=V%1W?sPP?z{is4yrQq_UM zc$L$Y!RZ!#mB?{^CM%tNh4Q>ZrR-*we@19Q)`s@96PWL$xF3M2EGw1EF-zkkIpg&V z*K>jQtq-WL(<`u9=gxiF!6EsPzx6|L{4Y|b+d-7<{BydDSGZP0ddY{t-@rpZFgmyN$`;<@Nu&^j7lkg00&B|KI*MnkM0&GqKkunBbmT zR@g7k1L6OjNpCP2e*sY@lYw@CzI`~kod%(`|6^JN#|?|0yec656iRu3fKZbGL`mpv zVP2YJv|KRx`s76v{kZ<0$dVYq#vYZOkT`=80}jNWl;cDx>%YM+`O@!7`v$=ogllk1 zYLcUN1Yob;03vhaP82gAr{syh91`AM3B2^Qq}0&x?2%Wf05IAdUpQ1;ak zF@EiZ>wj_Ik$2fP(ZwCP)KMK6H@B>+mRu)+XkBneA8@V40FvX@Gd%6c)H_)K9BW z;YmoOv@;LkxsNh0&^Hk#(=WJ95Q>fFasJv0Rx^@aJ@@-BBgyath*vIh6fWsfH|13%hg;{n?= zsEt8)RSJzcU|yY2gm!Ql+nk3N&ptQ0Wi*LcY&%kW8|>#iA45>3tvx?)a9~*}q_+`% zHYgM>i2XfFHnmcUZrcH_wvSWM5Y1DpEXp2iGsE!7cI4b09U(&yDZ=o}I{<+_lb7i# z+pe&|&d{m4PR;>6`hHiFJD_0MtXocBfyMCrr zE3AqJV}H1N4v<1aS0@@CzIAii1lpaZ9qzsk=#3#h@&AF7hf2FSuPKEIu7`Idd_`fJ z1n&HYn~vX+?q13exPvB~-f&ItHtopP&e<|?@L_X{h(hQX^nt7!WLbD*tRnS3Ayg{0l@(jRlo8js$xL$R%_jyLn%w-z7ucD$S z&Y#h|rf(h=Ud}{vLXMoj@GS`cx_o6~=R1it+HA`1n}tu~>9;KpjeRDGpHNKA10>^D zE4oSYEDNx#k55`CTLjg+WM>E8_2TM%o(t(GS%!b7f&rDuP(CxORqP#PNX{p41bcnR za?x~J{m+ngRK@M6a(QZ9AkS$TRQR;7@a?l%o}|fM@J7?JU{li9$cLWPl}h*YlZ5o& z)!^FO+xfW>> zh=711iUNWnh$uy+V?aO!2_-Z^x{6YQbPz%bB3}?xic|@`1h9bgZbA`|5|D%@y@g&A zT4?Tx-?y_n^PAb(-PwPZznJ9Co!oQIec$(a-twHjnI`b(D#IWDql?n_&zw1fnBV(Y9i61*)jEBq%j~cZihkM|Ie4dkq z7rt~mw76N73u&0Ld@{>*Nzab#l7Z~ZW(EP-uNQKpfjSujZ+S|)Bv+7#9Qntk*VemL zi$!gO8LfbE6c^j5MMD1p=xJvI2d%6^0s@BI1r0h?J3i<8;)%Bo+_@U;*AOF2p~&(dIy z+`u{xxwaSU)K8guu!EMf>Gf;tvIiNs@Dus?L+ z(!4pu%@*O*taVU?2AjL``uvNBP~7&!+n5ghxyn}S^xIROmNIf%L+-Cr+i^;pM>L{J z6gD_?TUdDLIWlTh4sTQ~b zTA0{%@a0{#^qIqyh%K_vf2feZ2pa*evU@{gS7CphXuxf8cvifOkQcnKP(Dy*%Z;T@ zC&sANJ{3vz-~8qB{6*ZPd1>6%`TQV!(P4zvud!errw>8$IKnV^P_Yu0i#zEf!wGr4?dRM>>zEsomUhb#R^n z-1K|nv`ug6A-gYA`&D@OU<$UB;l3RzGWF7l$*zoNMsXB#5|(o3*UPjs$3E$vya*N{ zN_)u)nUUZ=lBKXy->iH%o=(>P*Q8>$y#sT52_n@?e`hQLF4N8`k~%~5nv<}sN;*+m zWP$dOrCdB3HypfW&0Th_Q^HjGIe^4+By4uFbJx?PdN+D{^Z=dK7x(8!j%e4KEayT# zlt%d_KE;JEE7InuKqo8G)yh9s@=xJT?H2s(X;sRWhi%*w(OSpu9-qHjVLvs$B1EpPh?8?rbW88iIpF>^8dQ@_-ocol6%Kk$E}s2oC1yU z2_V@71IuC%^1ND)71L(I<{{ildF%LXkKAU)0xSMeKAS=Y7iX1RJ6IEF);`W&Pm01%H!@$5AbIgi@E@H=^XX*)S%vs@bwA*xvtOkZyNaQ=P? zw^BKi;(u__A!X})Z>*=&pjX-RUpHTj{#lEyBBcwXyBvq3`klTzR{>%mM+z63#fOml7wAtOk0aX<=F|fKvk^+r8~toBG_BO9L>D$TAxDSc)s0J z1eVT#+a}i8kNp5BrDc~~LnE6vB@49m99n$BK7C6pL;Jn8hi*EoDlk(Pg+qA4PQf5I zFqx~q-;uRDWXQ2d=ge2k(v+AGzmRkmQ}IaSq18y(4T*&oEQm8%SQVdzS|+#tU5}Y7|7m?W&adBFe!`;vj4CJTBvlsUJBc@LvP+NE>^_! zHK7;E1U2SiD~C^uZ+0*1n!N%bRu<#?dgdPt=7 z#gI#3drjm?c52oM^3OZ$7=()C3W$fZ*0Rwg(bqITQfL$I={x^1hu}R_`GZozSSjo*J*)xa}h50#2Zcu09@q;MYzyLq<>T@;nQ_6fP$a#_!p!C$bOP zKnwi3!^9j# zKT002J;JV)DxIj<3Dw3*d;a=*a@Ys0((IkmikL}`C&*A)H9}^#-tEN4q7m65rZbUN zj?KrY!|l!2BX&EOgp(rmosfwO$^7M+PH(FD2K_HM??NO{e%0*qQ;{)Pa_cpbX92h8 zvZ4tUn=*3<+qhjF{sFo((#`C|V7svT(ofX=%!3S2{4CQ#O`F=2S)lFzfZ2+e;T4F> z$(%}&(yNnGsC2z>pf(Xx=81W1ckSKXJlz)D{ccg)6#UiE30cufy^I3Qu`n#@i690*(&hl~%03wS5lbNH7AZ>4 zl>c*BB@V~dNH+zu^5{pCFz7k2)6%n?!6Kqz+ye(U1mO3pKRlJE*cnmJuNOi6}N!dz1A>EW&vj1%r zezKW8@KlP>_d>dGVJF_n$LZkkYeTC;c$zdQdDG_7*FG=p6oXM`y_lF@S#6x9?O&bd>3xKwy z&Zd4g>3}3Yz4PCcrod2iY$NJurQr4 zLiXmSt&?}AncB#c3&{AgLjqqXgFOh`+h|~R+jn*(m#iQ2cHB9s+fpsp!+X2%{G#(- zw4uk+WA1#D!WGfxQjCo+yu(?#&ru_)JGGKMw`R4T@y3~kaaS}r2vtQ;kod=(I>nIeH)M8Ty(dN|=h*4p|X$o>hy-F=FG98`@Jd z4~#9O{T|4|@*S{ZvFsN|*_ACRFeOpj7{7o-kI`R1Vd;md*+H2+GJarb{OH>;U7lV~ zpg8M0tW0X7dGYrv0kf29>*QZX$mssxOmT%Pjl1}LB_)2;Xc^V4_tBtc$Ad}}UKXL5 z1&yub{ASfK3=$UJ2~^P*PnnAPbab8vQuJe|7YBBj@#mK_~%?oFpgA_F0tKx(fxA@NXL@8|?Zh>KFa zBy|F1;9a#|g*xr(7b8_~EU0VSk9kTE9hYolHRX^RJAlY*`hSFs%Ro(!8)%Mz3DmVm#wF^6rSB&+S` z(>%8EMgqNTVtNB^*~G$8KQMqtBy1}YC#}NeG(p*F zk)56?U%K>xuI$^Cd2C{1;q|tK&XNd}%+%>-g=W9OLS3J|?*|;a5BzjAW4*twye^Gf zWW)>_xFf9x{x*K!#~(D zikYfw`Zu0bEz^Df=d-I%|MhaEJNKeWKJg-^-Uk(TC|nDpVG@z#U=uMAXlYPd&RmVk zdO!l$gJ%d}h#*?eQ-fEwwNV?mBf-z~)ZthIn4;$@=#QddG?|KtH`jt!pixGdpxZEK z9TX10=1SV(^59-*SdRr#9J@VXC|Mo@rjt3lfVE<`5{sY#I+qrq_^dSqSj~Vh#01-v z1j`lB%US?J&pMjyP#tI@MUO;h#fDG@!L*m#av*{`%6Q&G*C(QHvb&u)4Z`R1<^X>L zb>9B%mwLztDQ0Kj=6|-Fw~DUIhXfoH53lcH;hbXjE{HFV22k6q2yO!>_Hff^hclFy z3-w^MkzxgiOo@Bi(rq6t%Jqv)+4{W-Kt{aL&j(~@43I!w%%6s^Fk5cYlu;KtKjh+ zD9|8$Pq05%n&jT8=(YO&6fCP&o1R1YW#G~vXyTj*vk#|ki*_E-x1{*v5%4&JYA1|M zDQ|)3=J{X{_dMBN_6EQDk-QL21XvWQin;8>&8z$`?U}~bs8Wq?DSqUZb>Gr)*|5(3 zCXEOaKy(yY(p~Kq2FrTVlw>MSNYI-=40yxmQ$w|)biMKler&6zRyB5 zRlYUd?z8k2>oM}ulY}M8d66xE`qcXBu)iM5XpPYgk8hS?W*rj9wYMHY8Vg69&AKSHlB=5R+QYsy#cWQwxTOAT3KN2r!pJyV;j=}tt zVz;o*IH93Ji3r%6eDXNlvl_HAbFr9$5xviRtfGuKoYE@aXKmhgJ};+(hd7D@KNmxQ z|K+||^3JRSz}Q$PC>VX$)a@vslyh3A#72JY`zZtNTv9~hR8EQye2qWoegb>R!ynFB z4sie`hM9;lcF|qFDp-}9kYk8 z-Fh!F^3=Y+HP$Z#Nz}&AC4_r|KIMf8U#$jTZLKzsLd&c#wu2>lA%2r#vS(P-1N+uo z8i=sliWs|T6|Bxw9VqL2Z2%<@D|oLq2qK!`j&HN zS9TUZMUkW$E2~Ws1Hehl@#toC7oEw?42RC?tBKhrfv58@(P>fQ?rV+O$WIXVuqej{ z5QlCw^GfoX@j>2(`=wpuA|->&QNVVnpoRks1gUmnUAzM)o~D_xFrbgo{S^K1RuaXN z;&+=F){uvkKCNc{oZ$m<_NWF6((zctsz69 zG!vTL9dJ2DFz=aUKrl1vyhHHWz1EEj+Q-+RJWz`J9UX|f%arDr#% zw)!${5q=_1O-?xcRyhIlin0NWV0>9>;3Gs*wfxFV;7WFWn|;GpQ|U__D<5iZ;v9b$ z`qJI_NbvN+#^8mFB6<8$4_!K#V=54v23gQanZNEg(t_h zL65%vfGm%~$iZ(|}UM zKx!`Qyr$X3i)Gj7xVsGFXVRtg>>}zrU7OFx6U>XR=^8r*p4YfqNBu}Oe;xZKvD4cd zbiW*I#e~N0>-NJ%E2@O^0F==(>u|V)*KX$;T_|lEZ~Bn`C2Ppg zeaT@5P|JX|X{wn2^jSYL=NH`ssEa)tzVx}x4Go|Ecq5PWUAkgwya>3X+UaH<~Le8)|m!Q4%o&WhH7+7oGpK1R(kPSC!@PP!iVIjmtLD4(k| z??^QWx5*Xq7zg@3x~exNp);XV>^#qQP7L1zgBgosWIQc&^1;hMG}oD884gx|V0Ra# z4y<^SAWkIDmFdg%pXfJKr;735^>c^64dg=|Ge}~fXqZPoElZOjUQlCaq=??|%AM1qLkZZ|Kvz7s?n$%HFOGsi^lxw|KJLD6SAq?2A7 zE6}YyX9=9gIME>vm`a!N0dSU_P?4{DG#)7%ofii>KL4y!b9~p_Xf_ z8h22+8&4EcHu+Pd34-XAjGqVVL|D$2&`0Mahl(yz0@F1U`m{fxiYuAN+(~zGi05l& zqcY^IlyMO+HvY`Hl9z`@zZsSvbNY1Y=PD3nu_+|KT(Bq^$%<7SsZY0&2d84zT3&N0 zbL!qmRfhasOTCUUY524~k+l7hs(oZvka#jOuB#c$IQAb5&_3T<5R45w`XUI+dmo>DLY$>)c*AXMLKFg$|x15eUOsgpI*KLZ6 z@o$G$$U72i4$?g2Ey{Bc7U#UgF8lgy`PRqX~vP8gg> z?iF~Pd;g60l_kN>W340{tgpu6sxzEy7M0cWC|k@h;~o=3C?lWuqwVD_6bitmELY}g zJzwH_zjXwLPJ$9dt?-6@Uh(4URz1o4SP|W+7`pLX;Gt?=%4-}$Hc5JAFu;UR;xaM? zVeT-y_F(8(k(effJe}sk3mVk4-;r@WtdeG@hbl z`p0MQ1+k~zIKL|tSc82f0_ZTS9x+23O!j2}5PVL4$Wh}hxtU~C@c8f8zqRD~Z}KG# z{V<38%FCGUJ(%Q=8=pxaNoD`62=(vjE3<#eTG=gE@BN+0!t?y=xBpd6%kt zgE0Uhg!KoEhGZV9>*a4P{N=pNKSAx54|CKz_d&;UR`JTIC@Jg!^Dux=_~^1n>WLa1 z#(&_H6uXf}JilqmABX{pKHXfV-m9~X4)^`%U_M$f?=HRdlYXrK?y3bqUiM`^3uFqw z0ojKbQG+05>b$)?rB+(|$Ryt4#jhuA(U`cl_1A#39s@b3^VnjAe${&fNNDdR0FGA1 zfEJh5B#~3>gkw55=2<3Yg*3+Qlyc}m3k_O%aAsRM)^Yv;cqNcHp)|Lp(mu8_r(tx} zyl!FwdySPq6@}O1r-}$`$p?F+>=7}AfmNi|ovn+#mnW)ry?zf$Jos0ySO^czX)ceG!&BD7xK!pH(2N;#X+91P?leaqMMeJ$VODZ z5V8)^6z7Hj|GCRapyq=a-M9TyU@%FqYU+L9C;xJ1%4nN%o8<3zGv|4z-VvQ7v8(UC zFQRCr308IK1Bi`Z?J;nfM>bjcE|u1u_ZlkPepGjs&wDIz9btS@mxjIcxo0&~1Dr#x z!{smcDBa{AJv9olTedkR+I@&0LD%vt1j2|_mwTgQoHRJQMOJ6>YsjsQ^}lI>#k6gT zaEkX6m!@;JS-`Ztr9sNIz3=k2d_Vo8-A#`tX;!Meq+IN*MH}Kba;E)2J|?TwI{R>J zw2p$koXpw9p~~Wogv%Bz+nfdV`zNLIXyd7&yQ_PYP6;Kg_ZtWrO)iI8(5vcj2Q?ho zs&cZ@f2j7&DE+}oP&R8kN0~4Eh}yCkrA4W_?4vH`1p-qjx0LrB z_#P&yb!w+7 zy`eungD)VIc)=>q72Cw8aZC55qA8_-Sm+H;xP1qO?xGb{_AG+Qzf3YHGdd1>jjBy` zTjVPy58w35?ie|sW^4exeue!+<4+@^2CE27vMdHlsCg?MiBAuGbadvxcezqHnTwLH znfC4O+E%4mH`J*M{~9OFH(R8e6*c{w&c7XSyi4wq)&8`xYh!CeGFPR3D5ny zSHb&)nRELmS}|gL#hbKizohaqNm=W77hRSFrY}{aqYs>4(|sF0-Igx;MB7(C>!<1% z`L$NMxUIPZV&x@h;lOzRh0`O5V3onht(BbGa2h>=soYCN34UZTMYgvgWKx0}-E)pb z5>JZ++t0i0f0X~{fYKZ+yf{JXYhRw3te^B*KL9Wq3VUWyT$cAsvp9$N0o$@3pM)rW zLC#3H4PcB8v~sN<6#h*7!=Z|6Sggq|(sRsC7Y*6%2kxa8j+t|H>YfvR#g`;I$&XOp zO16nlC;Z2DBLO`%%G&%^_xcifF{-8$!eGAB5&=W z&&m7gjf^w*=x$PjDwvYK~AF$u^Nf9HR+Tb_@{xt6C+|5^g^or(J=3D5_{P8bY eDWZ@5CJ_IdA3eLi9gwm-|2#s(nd?8__1^$hqZAPU literal 0 HcmV?d00001 From 5941bcb895e9f34dddf9aa57eec4d44feeea2e48 Mon Sep 17 00:00:00 2001 From: Carmen Forsmann Date: Tue, 8 Nov 2022 13:49:04 -0700 Subject: [PATCH 018/129] Add TOC and Key card info as well minor edits --- windows/deployment/do/TOC.yml | 4 ++- .../do/delivery-optimization-test.md | 34 +++++++++---------- windows/deployment/do/index.yml | 2 ++ 3 files changed, 22 insertions(+), 18 deletions(-) diff --git a/windows/deployment/do/TOC.yml b/windows/deployment/do/TOC.yml index 0a05966e61..4589ac5834 100644 --- a/windows/deployment/do/TOC.yml +++ b/windows/deployment/do/TOC.yml @@ -45,5 +45,7 @@ - name: Using a proxy with Delivery Optimization href: delivery-optimization-proxy.md - name: Content endpoints for Delivery Optimization and Microsoft Connected Cache - href: delivery-optimization-endpoints.md + href: delivery-optimization-endpoints.md + - name: Testing Delivery Optimization + href: delivery-optimization-test.md diff --git a/windows/deployment/do/delivery-optimization-test.md b/windows/deployment/do/delivery-optimization-test.md index 93716180ed..bf465adc64 100644 --- a/windows/deployment/do/delivery-optimization-test.md +++ b/windows/deployment/do/delivery-optimization-test.md @@ -16,13 +16,13 @@ manager: naengler ## Overview -Delivery Optimization is a powerful and useful tool to help enterprises manage bandwidth usage for downloading Microsoft content. It is a solution designed to be used in large-scale environments with large numbers of devices, various content sizes, etc. Delivery Optimization is native to Win10+ and provides default configuration to get the most out of the typical customer environment. It is used to deliver many different types of content, so Microsoft customers enjoy the best possible download experience for their environment. There are three components to Delivery Optimization, 1) HTTP downloader, 2) Peer-to-peer (P2P) cloud technology, and 3) Microsoft Connected Cache. One of the most powerful advantages of using Delivery Optimization is the ability to fine-tune settings that empower users to dial in Microsoft content delivery to meet the needs of specific environments. +Delivery Optimization is a powerful and useful tool to help enterprises manage bandwidth usage for downloading Microsoft content. It's a solution designed to be used in large-scale environments with large numbers of devices, various content sizes, etc. Delivery Optimization is native to Win10+ and provides default configuration to get the most out of the typical customer environment. It is used to deliver many different types of content, so Microsoft customers enjoy the best possible download experience for their environment. There are three components to Delivery Optimization, 1) HTTP downloader, 2) Peer-to-peer (P2P) cloud technology, and 3) Microsoft Connected Cache. One of the most powerful advantages of using Delivery Optimization is the ability to fine-tune settings that empower users to dial in Microsoft content delivery to meet the needs of specific environments. ## Monitoring Value -Since Delivery Optimization is on by default, you will be able to monitor the value either through the Windows Settings for ‘Delivery Optimization’, using Delivery Optimization PowerShell cmdlets, and/or via the Update Compliance experience in Azure. +Since Delivery Optimization is on by default, you'll be able to monitor the value either through the Windows Settings for ‘Delivery Optimization’, using Delivery Optimization PowerShell cmdlets, and/or via the Update Compliance experience in Azure. -In the case where Delivery Optimization is not working in your environment, it is important to investigate to get to the root of the problem. We recommend a test environment be created to easily evaluate typical devices to ensure Delivery Optimization is working properly. For starters, ‘Scenario 1: Basic Setup’ should be created to test the use of Delivery Optimization between two machines. This scenario is designed to eliminate any noise in the environment to ensure there is nothing preventing Delivery Optimization from working on the devices. Once you have a baseline, you can expand the test environment for more sophisticated tests. +In the case where Delivery Optimization isn't working in your environment, it's important to investigate to get to the root of the problem. We recommend a test environment be created to easily evaluate typical devices to ensure Delivery Optimization is working properly. For starters, ‘Scenario 1: Basic Setup’ should be created to test the use of Delivery Optimization between two machines. This scenario is designed to eliminate any noise in the environment to ensure there's nothing preventing Delivery Optimization from working on the devices. Once you have a baseline, you can expand the test environment for more sophisticated tests. ## Expectations and Goals @@ -34,9 +34,9 @@ The focus of the testing scenarios in this article is primarily centered on demo Several elements that influence overall peering, using Delivery Optimization. The most common, impactful environment factors should be considered. -* **The number of files in the cache and** **the** **number of devices have a big effect on overall peering.** There is a set number of files available for peering at a time, from each client, so the peering device may not be serving a particular file. -* **File size** **and** **internet connection** **reliability matter.** There is a Delivery Optimization setting to determine the minimum file size to use P2P. In addition, internet connection must be open and reliable enough to let the Delivery Optimization client make cloud service API calls and download metadata files prior to starting a content file download -* **Delivery Optimization Policies can play a role.** In general, it is important to familiarize yourself with the Delivery Optimization settings and defaults [Delivery Optimization reference - Windows Deployment | Microsoft Docs](https://docs.microsoft.com/en-us/windows/deployment/do/waas-delivery-optimization-reference). +* **The number of files in the cache and** **the** **number of devices have a big effect on overall peering.** There's a set number of files available for peering at a time, from each client, so the peering device may not be serving a particular file. +* **File size** **and** **internet connection** **reliability matter.** There's a Delivery Optimization setting to determine the minimum file size to use P2P. In addition, internet connection must be open and reliable enough to let the Delivery Optimization client make cloud service API calls and download metadata files prior to starting a content file download +* **Delivery Optimization Policies can play a role.** In general, it's important to familiarize yourself with the Delivery Optimization settings and defaults [Delivery Optimization reference - Windows Deployment | Microsoft Docs](https://docs.microsoft.com/en-us/windows/deployment/do/waas-delivery-optimization-reference). ### Delivery Optimization is a Hybrid P2P Platform @@ -44,7 +44,7 @@ Several elements that influence overall peering, using Delivery Optimization. Th * At the point a download is initiated, the DO client starts downloading from the HTTP and discovering peers simultaneously. With a smaller file, there might be nearly 100% bytes from HTTP before connecting to a peer, even though peers are available. With a larger file and quality LAN peers, it might reduce the HTTP request rate to near zero, but only after making those initial requests from HTTP. -* In the next section, you will see how the two testing scenarios produce differing results in the number of bytes coming from HTTP vs. peers, which shows Delivery Optimization continuously evaluating the optimal location from which to download the content. +* In the next section, you'll see how the two testing scenarios produce differing results in the number of bytes coming from HTTP vs. peers, which shows Delivery Optimization continuously evaluating the optimal location from which to download the content. ## Test Scenarios @@ -58,16 +58,16 @@ Number of machines used: 2 Hardware: -* 2 Virtual Machines or physical devices running Windows 10 (21H2) / Windows 11 (21H2) -* 2 vCPUs / 8 GB RAM / 127 GB Disk +* Two Virtual Machines or physical devices running Windows 10 (21H2) / Windows 11 (21H2) +* 8-GB RAM / 127-GB Disk * Network – ensure the test devices are connected to the same network, one that is representative of the corporate network Apply Policy settings/Windows configurations on each machine: -* Pause Windows Updates. This controls the test environment so no other content is made available during the test, and potentially altering the outcome of the test. By default, there are four pieces of content available for peering at a given time. The Delivery Optimization client cycles through the available content in the cache. Simply pausing Windows Updates might not be enough in some cases. If there are Microsoft Store Updates, for example, a download can be triggered causing the four caching slots to be filled. If this happens, the second machine may not see peers. Verify there is only one cached content before continuing the test on the second machine. +* Pause Windows Updates. This controls the test environment so no other content is made available during the test, and potentially altering the outcome of the test. By default, there are four pieces of content available for peering at a given time. The Delivery Optimization client cycles through the available content in the cache. Simply pausing Windows Updates might not be enough in some cases. If there are Microsoft Store Updates, for example, a download can be triggered causing the four caching slots to be filled. If this happens, the second machine may not see peers. Verify there's only one cached content before continuing the test on the second machine. * Ensure all Store apps are up to date * Set Delivery Optimization Download mode = '2' -* Set Delivery Optimization GroupID = 'GUID'. A GUID is a required value that can be generated using PowerShell, ‘[[guid]::NewGuid()](https://blogs.technet.microsoft.com/heyscriptingguy/2013/07/25/powertip-create-a-new-guid-by-using-powershell/)’ +* Set Delivery Optimization GroupID = 'GUID'. A GUID is a required value, which can be generated using PowerShell, ‘[[guid]::NewGuid()](https://blogs.technet.microsoft.com/heyscriptingguy/2013/07/25/powertip-create-a-new-guid-by-using-powershell/)’ * Run '`Enable-DeliveryOptimizationVerboseLogs’ to enable verbose logging. * **If Windows 11 devices** set 'Restrict Peer Selection' policy to '0-NAT'. The default behavior in Windows 11 is set to '2-Local Peer Discovery'. For testing purposes, this needs to be scoped to the NAT. @@ -120,7 +120,7 @@ The following set of instructions will be used for each machine: * A peer was found for the content and 87% of total bytes came from the peer. * One peer was found for the piece of content, which is expected as there are only two devices in the peering group. -* Download mode was set to 'Group', but since group mode includes both LAN and Group devices, Delivery Optimization prioritizes LAN peers, if found. Therefore, 'BytesFromLanPeers' shows bytes where 'BytesFromGroupPeers' does not. +* Download mode was set to 'Group', but since group mode includes both LAN and Group devices, Delivery Optimization prioritizes LAN peers, if found. Therefore, 'BytesFromLanPeers' shows bytes where 'BytesFromGroupPeers' doesn't. * 'DownloadDuration' is roughly the same between machines. **Output: Windows 11 21H2** @@ -142,8 +142,8 @@ Number of machines used: 3 Hardware: -* 5 Azure Virtual Machines running Windows 10 (21H2) -* 2 vCPUs / 8 GB RAM / 127 GB Disk +* Three Azure Virtual Machines running Windows 10 (21H2) +* 8-GB RAM / 127-GB Disk * Network – ensure the test devices are connected to the same network, one that is representative of the corporate network Apply Policy settings/Windows configurations on each machine: @@ -172,7 +172,7 @@ The following set of instructions will be used for each machine: **Observations** -* The first download in the group of devices show all bytes coming from HTTP, 'BytesFromHttp'. +* The first download in the group of devices shows all bytes coming from HTTP, 'BytesFromHttp'. * Download is in the ‘Foreground’ because the Store app is doing the download and in the foreground on the device. * No peers are found. @@ -203,13 +203,13 @@ The following set of instructions will be used for each machine: **Observations** -* Bytes from peers is roughly the same as machine #2, at 99.7%. +* 'PercentPeerCaching' is roughly the same as machine #2, at 99.7%. * Now, two peers are found. * Still downloading from HTTP source as seen with 'BytesFromHttp' value. ## Peer sourcing observations for all machines in the test group -As mentioned, the distributed nature of the Delivery Optimization technology is obvious when you re-run the ‘Get-DeliveryOptimizationStatus’ cmdlet on each of the test machines. For each, there is a new value populated for the ‘BytesToLanPeers’ field. This demonstrates that as more peers become available, the requests to download bytes are distributed across the peering group and act as the source for the peering content. Each peer plays a role in servicing the other. +As mentioned, the distributed nature of the Delivery Optimization technology is obvious when you re-run the ‘Get-DeliveryOptimizationStatus’ cmdlet on each of the test machines. For each, there's a new value populated for the ‘BytesToLanPeers’ field. This demonstrates that as more peers become available, the requests to download bytes are distributed across the peering group and act as the source for the peering content. Each peer plays a role in servicing the other. **Output:** Machine 1 diff --git a/windows/deployment/do/index.yml b/windows/deployment/do/index.yml index 668b0e4d0e..c9373755d6 100644 --- a/windows/deployment/do/index.yml +++ b/windows/deployment/do/index.yml @@ -99,4 +99,6 @@ landingContent: url: delivery-optimization-proxy.md - text: Content endpoints for Delivery Optimization and Microsoft Connected Cache url: delivery-optimization-endpoints.md + - text: Testing Delivery Optimization + url: delivery-optimization-test.md From 1d1bdbee1f0ed69b6c73844c809cea954a7376c9 Mon Sep 17 00:00:00 2001 From: Carmen Forsmann Date: Tue, 8 Nov 2022 13:53:27 -0700 Subject: [PATCH 019/129] Fix links --- windows/deployment/do/delivery-optimization-test.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/windows/deployment/do/delivery-optimization-test.md b/windows/deployment/do/delivery-optimization-test.md index bf465adc64..b3a48aa150 100644 --- a/windows/deployment/do/delivery-optimization-test.md +++ b/windows/deployment/do/delivery-optimization-test.md @@ -36,7 +36,7 @@ Several elements that influence overall peering, using Delivery Optimization. Th * **The number of files in the cache and** **the** **number of devices have a big effect on overall peering.** There's a set number of files available for peering at a time, from each client, so the peering device may not be serving a particular file. * **File size** **and** **internet connection** **reliability matter.** There's a Delivery Optimization setting to determine the minimum file size to use P2P. In addition, internet connection must be open and reliable enough to let the Delivery Optimization client make cloud service API calls and download metadata files prior to starting a content file download -* **Delivery Optimization Policies can play a role.** In general, it's important to familiarize yourself with the Delivery Optimization settings and defaults [Delivery Optimization reference - Windows Deployment | Microsoft Docs](https://docs.microsoft.com/en-us/windows/deployment/do/waas-delivery-optimization-reference). +* **Delivery Optimization Policies can play a role.** In general, it's important to familiarize yourself with the Delivery Optimization settings and defaults [Delivery Optimization reference - Windows Deployment | Microsoft Docs](waas-delivery-optimization-reference). ### Delivery Optimization is a Hybrid P2P Platform @@ -72,7 +72,7 @@ Hardware: * **If Windows 11 devices** set 'Restrict Peer Selection' policy to '0-NAT'. The default behavior in Windows 11 is set to '2-Local Peer Discovery'. For testing purposes, this needs to be scoped to the NAT. > [!NOTE] -> Delivery Optimization PowerShell available [cmdlets](https://learn.microsoft.com/en-us/windows/deployment/do/waas-delivery-optimization-setup#windows-powershell-cmdlets). +> Delivery Optimization PowerShell available [cmdlets](waas-delivery-optimization-setup#windows-powershell-cmdlets). ### Test Instructions From 2908d08bb71d74c5130cdc79ee355ee8281c99fb Mon Sep 17 00:00:00 2001 From: Carmen Forsmann Date: Tue, 8 Nov 2022 13:58:03 -0700 Subject: [PATCH 020/129] More link fixes --- windows/deployment/do/delivery-optimization-test.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/windows/deployment/do/delivery-optimization-test.md b/windows/deployment/do/delivery-optimization-test.md index b3a48aa150..2081500227 100644 --- a/windows/deployment/do/delivery-optimization-test.md +++ b/windows/deployment/do/delivery-optimization-test.md @@ -36,7 +36,7 @@ Several elements that influence overall peering, using Delivery Optimization. Th * **The number of files in the cache and** **the** **number of devices have a big effect on overall peering.** There's a set number of files available for peering at a time, from each client, so the peering device may not be serving a particular file. * **File size** **and** **internet connection** **reliability matter.** There's a Delivery Optimization setting to determine the minimum file size to use P2P. In addition, internet connection must be open and reliable enough to let the Delivery Optimization client make cloud service API calls and download metadata files prior to starting a content file download -* **Delivery Optimization Policies can play a role.** In general, it's important to familiarize yourself with the Delivery Optimization settings and defaults [Delivery Optimization reference - Windows Deployment | Microsoft Docs](waas-delivery-optimization-reference). +* **Delivery Optimization Policies can play a role.** In general, it's important to familiarize yourself with the Delivery Optimization settings and defaults [Delivery Optimization reference - Windows Deployment | Microsoft Docs](waas-delivery-optimization-reference.md). ### Delivery Optimization is a Hybrid P2P Platform @@ -72,7 +72,7 @@ Hardware: * **If Windows 11 devices** set 'Restrict Peer Selection' policy to '0-NAT'. The default behavior in Windows 11 is set to '2-Local Peer Discovery'. For testing purposes, this needs to be scoped to the NAT. > [!NOTE] -> Delivery Optimization PowerShell available [cmdlets](waas-delivery-optimization-setup#windows-powershell-cmdlets). +> Delivery Optimization PowerShell available [cmdlets](waas-delivery-optimization-setup#windows-powershell-cmdlets.md). ### Test Instructions From 6182df0b58f5572992397d0635c3b47f0d8fac2c Mon Sep 17 00:00:00 2001 From: Carmen Forsmann Date: Tue, 8 Nov 2022 14:06:39 -0700 Subject: [PATCH 021/129] Minor edits --- .../do/delivery-optimization-test.md | 22 +++++++++---------- 1 file changed, 11 insertions(+), 11 deletions(-) diff --git a/windows/deployment/do/delivery-optimization-test.md b/windows/deployment/do/delivery-optimization-test.md index 2081500227..5cff3bb970 100644 --- a/windows/deployment/do/delivery-optimization-test.md +++ b/windows/deployment/do/delivery-optimization-test.md @@ -16,7 +16,7 @@ manager: naengler ## Overview -Delivery Optimization is a powerful and useful tool to help enterprises manage bandwidth usage for downloading Microsoft content. It's a solution designed to be used in large-scale environments with large numbers of devices, various content sizes, etc. Delivery Optimization is native to Win10+ and provides default configuration to get the most out of the typical customer environment. It is used to deliver many different types of content, so Microsoft customers enjoy the best possible download experience for their environment. There are three components to Delivery Optimization, 1) HTTP downloader, 2) Peer-to-peer (P2P) cloud technology, and 3) Microsoft Connected Cache. One of the most powerful advantages of using Delivery Optimization is the ability to fine-tune settings that empower users to dial in Microsoft content delivery to meet the needs of specific environments. +Delivery Optimization is a powerful and useful tool to help enterprises manage bandwidth usage for downloading Microsoft content. It's a solution designed to be used in large-scale environments with large numbers of devices, various content sizes, etc. Delivery Optimization is native to Win10+ and provides default configuration to get the most out of the typical customer environment. It's used to deliver many different types of content, so Microsoft customers enjoy the best possible download experience for their environment. There are three components to Delivery Optimization, 1) HTTP downloader, 2) Peer-to-peer (P2P) cloud technology, and 3) Microsoft Connected Cache. One of the most powerful advantages of using Delivery Optimization is the ability to fine-tune settings that empower users to dial in Microsoft content delivery to meet the needs of specific environments. ## Monitoring Value @@ -35,7 +35,7 @@ The focus of the testing scenarios in this article is primarily centered on demo Several elements that influence overall peering, using Delivery Optimization. The most common, impactful environment factors should be considered. * **The number of files in the cache and** **the** **number of devices have a big effect on overall peering.** There's a set number of files available for peering at a time, from each client, so the peering device may not be serving a particular file. -* **File size** **and** **internet connection** **reliability matter.** There's a Delivery Optimization setting to determine the minimum file size to use P2P. In addition, internet connection must be open and reliable enough to let the Delivery Optimization client make cloud service API calls and download metadata files prior to starting a content file download +* **File size** **and** **internet connection** **reliability matter.** There's a Delivery Optimization setting to determine the minimum file size to use P2P. In addition, an internet connection must be open and reliable enough to let the Delivery Optimization client make cloud service API calls and download metadata files before starting a file download. * **Delivery Optimization Policies can play a role.** In general, it's important to familiarize yourself with the Delivery Optimization settings and defaults [Delivery Optimization reference - Windows Deployment | Microsoft Docs](waas-delivery-optimization-reference.md). ### Delivery Optimization is a Hybrid P2P Platform @@ -68,7 +68,7 @@ Hardware: * Ensure all Store apps are up to date * Set Delivery Optimization Download mode = '2' * Set Delivery Optimization GroupID = 'GUID'. A GUID is a required value, which can be generated using PowerShell, ‘[[guid]::NewGuid()](https://blogs.technet.microsoft.com/heyscriptingguy/2013/07/25/powertip-create-a-new-guid-by-using-powershell/)’ -* Run '`Enable-DeliveryOptimizationVerboseLogs’ to enable verbose logging. +* Run '`Enable-DeliveryOptimizationVerboseLogs’ to enable verbose logging * **If Windows 11 devices** set 'Restrict Peer Selection' policy to '0-NAT'. The default behavior in Windows 11 is set to '2-Local Peer Discovery'. For testing purposes, this needs to be scoped to the NAT. > [!NOTE] @@ -80,7 +80,7 @@ The following set of instructions will be used for each machine: 1. Clear the DO cache: ‘Delete-DeliveryOptimizationCache’ 2. Open MS Store and search for 'Asphalt Legends 9'. Select ‘Get’ to initiate the download of the content (Content size: 3.4 GB). -3. Open PowerShell console as Administrator. Run 'Get-DeliveryOptimizationStatus'. +3. Open PowerShell console as Administrator. Run 'Get-DeliveryOptimizationStatus' **On machine #1** @@ -144,7 +144,7 @@ Hardware: * Three Azure Virtual Machines running Windows 10 (21H2) * 8-GB RAM / 127-GB Disk -* Network – ensure the test devices are connected to the same network, one that is representative of the corporate network +* Network – ensure the test devices are connected to the same network, one that is representative of the corporate network. Apply Policy settings/Windows configurations on each machine: @@ -160,7 +160,7 @@ The following set of instructions will be used for each machine: 1. Clear the DO cache: ‘Delete-DeliveryOptimizationCache’ 2. Open MS Store and search for 'Asphalt Legends 9'. Select ‘Get’ to initiate the download of the content (Content size: 3.4 GB). -3. Open PowerShell console as Administrator. Run 'Get-DeliveryOptimizationStatus'. +3. Open PowerShell console as Administrator. Run 'Get-DeliveryOptimizationStatus' **On machine #1:** @@ -188,10 +188,10 @@ The following set of instructions will be used for each machine: **Observations** -* 'PercentPeerCaching' is 99.8%. -* There are still 'BytesFromHttp' source being used. -* One peer was found. -* All peering was done from device on the LAN, as shown with 'BytesFromLanPeers'. +* 'PercentPeerCaching' is 99.8% +* There are still 'BytesFromHttp' source being used +* One peer was found +* All peering was done from device on the LAN, as shown with 'BytesFromLanPeers' **On machine #3:** @@ -209,7 +209,7 @@ The following set of instructions will be used for each machine: ## Peer sourcing observations for all machines in the test group -As mentioned, the distributed nature of the Delivery Optimization technology is obvious when you re-run the ‘Get-DeliveryOptimizationStatus’ cmdlet on each of the test machines. For each, there's a new value populated for the ‘BytesToLanPeers’ field. This demonstrates that as more peers become available, the requests to download bytes are distributed across the peering group and act as the source for the peering content. Each peer plays a role in servicing the other. +As mentioned, the distributed nature of the Delivery Optimization technology is obvious when you rerun the ‘Get-DeliveryOptimizationStatus’ cmdlet on each of the test machines. For each, there's a new value populated for the ‘BytesToLanPeers’ field. This demonstrates that as more peers become available, the requests to download bytes are distributed across the peering group and act as the source for the peering content. Each peer plays a role in servicing the other. **Output:** Machine 1 From 998ca2d9f54342ab0f75ae1ccc55868c4bfa15b9 Mon Sep 17 00:00:00 2001 From: Carmen Forsmann Date: Tue, 8 Nov 2022 14:08:13 -0700 Subject: [PATCH 022/129] Link reference --- windows/deployment/do/delivery-optimization-test.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/deployment/do/delivery-optimization-test.md b/windows/deployment/do/delivery-optimization-test.md index 5cff3bb970..0a181839b6 100644 --- a/windows/deployment/do/delivery-optimization-test.md +++ b/windows/deployment/do/delivery-optimization-test.md @@ -72,7 +72,7 @@ Hardware: * **If Windows 11 devices** set 'Restrict Peer Selection' policy to '0-NAT'. The default behavior in Windows 11 is set to '2-Local Peer Discovery'. For testing purposes, this needs to be scoped to the NAT. > [!NOTE] -> Delivery Optimization PowerShell available [cmdlets](waas-delivery-optimization-setup#windows-powershell-cmdlets.md). +> Delivery Optimization PowerShell available [cmdlets](waas-delivery-optimization-setup.md#windows-powershell-cmdlets). ### Test Instructions From 95fe54f7675cf13a8b58ad647b864d4d2a7a8ac8 Mon Sep 17 00:00:00 2001 From: Carmen Forsmann Date: Tue, 8 Nov 2022 14:17:01 -0700 Subject: [PATCH 023/129] Add link to include --- windows/deployment/do/delivery-optimization-test.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/deployment/do/delivery-optimization-test.md b/windows/deployment/do/delivery-optimization-test.md index 0a181839b6..f9f26b7f87 100644 --- a/windows/deployment/do/delivery-optimization-test.md +++ b/windows/deployment/do/delivery-optimization-test.md @@ -72,7 +72,7 @@ Hardware: * **If Windows 11 devices** set 'Restrict Peer Selection' policy to '0-NAT'. The default behavior in Windows 11 is set to '2-Local Peer Discovery'. For testing purposes, this needs to be scoped to the NAT. > [!NOTE] -> Delivery Optimization PowerShell available [cmdlets](waas-delivery-optimization-setup.md#windows-powershell-cmdlets). +> Delivery Optimization PowerShell available [cmdlets](waas-delivery-optimization-monitor.md) ### Test Instructions From 1b9d6456c573c2dc0b5265d6d7cc00d97c20b32f Mon Sep 17 00:00:00 2001 From: Carmen Forsmann Date: Tue, 8 Nov 2022 14:21:58 -0700 Subject: [PATCH 024/129] fix link --- windows/deployment/do/delivery-optimization-test.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/deployment/do/delivery-optimization-test.md b/windows/deployment/do/delivery-optimization-test.md index f9f26b7f87..60b2f9b18d 100644 --- a/windows/deployment/do/delivery-optimization-test.md +++ b/windows/deployment/do/delivery-optimization-test.md @@ -72,7 +72,7 @@ Hardware: * **If Windows 11 devices** set 'Restrict Peer Selection' policy to '0-NAT'. The default behavior in Windows 11 is set to '2-Local Peer Discovery'. For testing purposes, this needs to be scoped to the NAT. > [!NOTE] -> Delivery Optimization PowerShell available [cmdlets](waas-delivery-optimization-monitor.md) +> Delivery Optimization PowerShell available [cmdlets](waas-delivery-optimization-setup.md) ### Test Instructions From e480b2557a3aa91e5ba8f9f787415096a4c6b5d4 Mon Sep 17 00:00:00 2001 From: Carmen Forsmann Date: Tue, 8 Nov 2022 14:26:38 -0700 Subject: [PATCH 025/129] Formatting --- windows/deployment/do/delivery-optimization-test.md | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/windows/deployment/do/delivery-optimization-test.md b/windows/deployment/do/delivery-optimization-test.md index 60b2f9b18d..5c521ab0c4 100644 --- a/windows/deployment/do/delivery-optimization-test.md +++ b/windows/deployment/do/delivery-optimization-test.md @@ -50,9 +50,9 @@ Several elements that influence overall peering, using Delivery Optimization. Th ### Scenario 1: Basic Setup -#### Goal: Demonstrate how Delivery Optimization peer-to-peer technology works using two machines, in a controlled test environment +**Goal:** Demonstrate how Delivery Optimization peer-to-peer technology works using two machines, in a controlled test environment -### Test Machine Setup +#### Test Machine Setup Number of machines used: 2 @@ -74,7 +74,7 @@ Hardware: > [!NOTE] > Delivery Optimization PowerShell available [cmdlets](waas-delivery-optimization-setup.md) -### Test Instructions +#### Test Instructions The following set of instructions will be used for each machine: @@ -134,9 +134,9 @@ The following set of instructions will be used for each machine: ### Scenario 2: Advance Setup -#### Goal: Demonstrate how Delivery Optimization peer-to-peer technology works in a non-controlled environment, expanding to three machines +**Goal:** Demonstrate how Delivery Optimization peer-to-peer technology works in a non-controlled environment, expanding to three machines -### Test Machine Setup +#### Test Machine Setup Number of machines used: 3 @@ -154,7 +154,7 @@ Apply Policy settings/Windows configurations on each machine: * Set Delivery Optimization policy 'Delay foreground download from http = 60 (secs) * Run '`Enable-DeliveryOptimizationVerboseLogs’ to enable logging -### Testing Instructions +#### Testing Instructions The following set of instructions will be used for each machine: From 046513adc707c82661b5d577997e760c82112842 Mon Sep 17 00:00:00 2001 From: Frank Rojas <45807133+frankroj@users.noreply.github.com> Date: Tue, 8 Nov 2022 17:59:06 -0500 Subject: [PATCH 026/129] Metadata/style update BitLocker 5 --- .../bitlocker/bitlocker-and-adds-faq.yml | 4 +- .../bitlocker/bitlocker-basic-deployment.md | 6 +- .../bitlocker/bitlocker-countermeasures.md | 6 +- ...cker-deployment-and-administration-faq.yml | 5 +- .../bitlocker-deployment-comparison.md | 6 +- ...r-device-encryption-overview-windows-10.md | 6 +- .../bitlocker-frequently-asked-questions.yml | 4 +- .../bitlocker-group-policy-settings.md | 528 +++++++++--------- ...tlocker-how-to-deploy-on-windows-server.md | 6 +- .../bitlocker-how-to-enable-network-unlock.md | 2 +- .../bitlocker-key-management-faq.yml | 4 +- .../bitlocker-network-unlock-faq.yml | 4 +- ...itlocker-overview-and-requirements-faq.yml | 3 +- .../bitlocker/bitlocker-overview.md | 2 +- .../bitlocker-recovery-guide-plan.md | 4 +- .../bitlocker/bitlocker-security-faq.yml | 4 +- .../bitlocker/bitlocker-to-go-faq.yml | 2 +- .../bitlocker/bitlocker-upgrading-faq.yml | 4 +- ...ve-encryption-tools-to-manage-bitlocker.md | 6 +- ...-use-bitlocker-recovery-password-viewer.md | 2 +- ...itlocker-using-with-other-programs-faq.yml | 4 +- ...ion-for-bitlocker-planning-and-policies.md | 2 +- ...nd-storage-area-networks-with-bitlocker.md | 5 +- 23 files changed, 328 insertions(+), 291 deletions(-) diff --git a/windows/security/information-protection/bitlocker/bitlocker-and-adds-faq.yml b/windows/security/information-protection/bitlocker/bitlocker-and-adds-faq.yml index 407bc85947..1330b0463a 100644 --- a/windows/security/information-protection/bitlocker/bitlocker-and-adds-faq.yml +++ b/windows/security/information-protection/bitlocker/bitlocker-and-adds-faq.yml @@ -21,8 +21,10 @@ metadata: ms.custom: bitlocker title: BitLocker and Active Directory Domain Services (AD DS) FAQ summary: | - **Applies to** + *Applies to:* - Windows 10 + - Windows 11 + - Windows Server 2016 and above diff --git a/windows/security/information-protection/bitlocker/bitlocker-basic-deployment.md b/windows/security/information-protection/bitlocker/bitlocker-basic-deployment.md index fff6797f8b..891e70f945 100644 --- a/windows/security/information-protection/bitlocker/bitlocker-basic-deployment.md +++ b/windows/security/information-protection/bitlocker/bitlocker-basic-deployment.md @@ -17,7 +17,11 @@ ms.technology: itpro-security # BitLocker basic deployment -(*Applies to: Windows 10, Windows 11, Windows Server 2016 and above*) +*Applies to:* + +- Windows 10 +- Windows 11 +- Windows Server 2016 and above This article for the IT professional explains how BitLocker features can be used to protect your data through drive encryption. diff --git a/windows/security/information-protection/bitlocker/bitlocker-countermeasures.md b/windows/security/information-protection/bitlocker/bitlocker-countermeasures.md index b8fad81142..77484cb8b0 100644 --- a/windows/security/information-protection/bitlocker/bitlocker-countermeasures.md +++ b/windows/security/information-protection/bitlocker/bitlocker-countermeasures.md @@ -17,7 +17,11 @@ ms.technology: itpro-security # BitLocker Countermeasures -(*Applies to: Windows 10, Windows 11, Windows Server 2016 and above*) +*Applies to:* + +- Windows 10 +- Windows 11 +- Windows Server 2016 and above Windows uses technologies including trusted platform module (TPM), secure boot, and measured boot to help protect BitLocker encryption keys against attacks. BitLocker is part of a strategic approach to securing data against offline attacks through encryption technology. Data on a lost or stolen computer is vulnerable. For example, there could be unauthorized access, either by running a software attack tool against the computer or by transferring the computer's hard disk to a different computer. diff --git a/windows/security/information-protection/bitlocker/bitlocker-deployment-and-administration-faq.yml b/windows/security/information-protection/bitlocker/bitlocker-deployment-and-administration-faq.yml index 7f0540cc73..ca332ab051 100644 --- a/windows/security/information-protection/bitlocker/bitlocker-deployment-and-administration-faq.yml +++ b/windows/security/information-protection/bitlocker/bitlocker-deployment-and-administration-faq.yml @@ -19,7 +19,10 @@ metadata: ms.custom: bitlocker title: BitLocker frequently asked questions (FAQ) summary: | - (*Applies to: Windows 10, Windows 11*) + *Applies to:* + - Windows 10 + - Windows 11 + - Windows Server 2016 and above sections: diff --git a/windows/security/information-protection/bitlocker/bitlocker-deployment-comparison.md b/windows/security/information-protection/bitlocker/bitlocker-deployment-comparison.md index 65cb18ef53..b2ab76413a 100644 --- a/windows/security/information-protection/bitlocker/bitlocker-deployment-comparison.md +++ b/windows/security/information-protection/bitlocker/bitlocker-deployment-comparison.md @@ -15,7 +15,11 @@ ms.technology: itpro-security # BitLocker deployment comparison -(*Applies to: Windows 10, Windows 11, Windows Server 2016 and above*) +*Applies to:* + +- Windows 10 +- Windows 11 +- Windows Server 2016 and above This article depicts the BitLocker deployment comparison chart. diff --git a/windows/security/information-protection/bitlocker/bitlocker-device-encryption-overview-windows-10.md b/windows/security/information-protection/bitlocker/bitlocker-device-encryption-overview-windows-10.md index 46e63a0345..f2e4db7323 100644 --- a/windows/security/information-protection/bitlocker/bitlocker-device-encryption-overview-windows-10.md +++ b/windows/security/information-protection/bitlocker/bitlocker-device-encryption-overview-windows-10.md @@ -17,7 +17,11 @@ ms.technology: itpro-security # Overview of BitLocker Device Encryption in Windows -(*Applies to: Windows 10, Windows 11, Windows Server 2016 and above*) +*Applies to:* + +- Windows 10 +- Windows 11 +- Windows Server 2016 and above This article explains how BitLocker Device Encryption can help protect data on devices running Windows. For a general overview and list of articles about BitLocker, see [BitLocker](bitlocker-overview.md). diff --git a/windows/security/information-protection/bitlocker/bitlocker-frequently-asked-questions.yml b/windows/security/information-protection/bitlocker/bitlocker-frequently-asked-questions.yml index f0f6584656..f372194183 100644 --- a/windows/security/information-protection/bitlocker/bitlocker-frequently-asked-questions.yml +++ b/windows/security/information-protection/bitlocker/bitlocker-frequently-asked-questions.yml @@ -21,8 +21,10 @@ metadata: ms.custom: bitlocker title: BitLocker frequently asked questions (FAQ) resources summary: | - **Applies to** + *Applies to:* - Windows 10 + - Windows 11 + - Windows Server 2016 and above This article links to frequently asked questions about BitLocker. BitLocker is a data protection feature that encrypts drives on your computer to help prevent data theft or exposure. BitLocker-protected computers can also delete data more securely when they're decommissioned because it's much more difficult to recover deleted data from an encrypted drive than from a non-encrypted drive. diff --git a/windows/security/information-protection/bitlocker/bitlocker-group-policy-settings.md b/windows/security/information-protection/bitlocker/bitlocker-group-policy-settings.md index 98854299ca..b1f0b075a8 100644 --- a/windows/security/information-protection/bitlocker/bitlocker-group-policy-settings.md +++ b/windows/security/information-protection/bitlocker/bitlocker-group-policy-settings.md @@ -18,9 +18,11 @@ ms.technology: itpro-security # BitLocker group policy settings -**Applies to:** +*Applies to:* -- Windows 10, Windows 11, Windows Server 2019, Windows Server 2016, Windows 8.1, and Windows Server 2012 R2 +- Windows 10 +- Windows 11 +- Windows Server 2016 and above This article for IT professionals describes the function, location, and effect of each Group Policy setting that is used to manage BitLocker Drive Encryption. @@ -29,13 +31,13 @@ To control the drive encryption tasks the user can perform from the Windows Cont > [!NOTE] > A separate set of Group Policy settings supports the use of the Trusted Platform Module (TPM). For details about those settings, see [Trusted Platform Module Group Policy settings](../tpm/trusted-platform-module-services-group-policy-settings.md). -BitLocker Group Policy settings can be accessed using the Local Group Policy Editor and the Group Policy Management Console (GPMC) under **Computer Configuration\\Administrative Templates\\Windows Components\\BitLocker Drive Encryption**. -Most of the BitLocker Group Policy settings are applied when BitLocker is initially turned on for a drive. If a computer isn't compliant with existing Group Policy settings, BitLocker may not be turned on or modified until the computer is in a compliant state. When a drive is out of compliance with Group Policy settings (for example, if a Group Policy setting was changed after the initial BitLocker deployment in your organization, and then the setting was applied to previously encrypted drives), no change can be made to the BitLocker configuration of that drive except a change that will bring it into compliance. +BitLocker Group Policy settings can be accessed using the Local Group Policy Editor and the Group Policy Management Console (GPMC) under *Computer Configuration* > *Administrative Templates* > *Windows Components* > *BitLocker Drive Encryption*. -If multiple changes are necessary to bring the drive into compliance, you must suspend BitLocker protection, make the necessary changes, and then resume protection. This situation could occur, for example, if a removable drive is initially configured to be unlocked with a password and then Group -Policy settings are changed to disallow passwords and require smart cards. In this situation, you need to suspend BitLocker protection by using the [Manage-bde](/windows-server/administration/windows-commands/manage-bde) command-line tool, delete the password unlock method, and add the smart card method. After this is complete, BitLocker is compliant with the Group Policy setting and BitLocker protection on the drive can be resumed. +Most of the BitLocker Group Policy settings are applied when BitLocker is initially turned on for a drive. If a computer isn't compliant with existing Group Policy settings, BitLocker may not be turned on, or modified until the computer is in a compliant state. When a drive is out of compliance with Group Policy settings (for example, if a Group Policy setting was changed after the initial BitLocker deployment in your organization, and then the setting was applied to previously encrypted drives), no change can be made to the BitLocker configuration of that drive except a change that will bring it into compliance. -## BitLocker group policy settings +If multiple changes are necessary to bring the drive into compliance, you must suspend BitLocker protection, make the necessary changes, and then resume protection. This situation could occur, for example, if a removable drive is initially configured for unlock with a password but then Group Policy settings are changed to disallow passwords and require smart cards. In this situation, you need to suspend BitLocker protection by using the [Manage-bde](/windows-server/administration/windows-commands/manage-bde) command-line tool, delete the password unlock method, and add the smart card method. After this process is complete, BitLocker is compliant with the Group Policy setting, and BitLocker protection on the drive can be resumed. + +## BitLocker group policy settings details > [!NOTE] > For more details about Active Directory configuration related to BitLocker enablement, please see [Set up MDT for BitLocker](/windows/deployment/deploy-windows-mdt/set-up-mdt-for-bitlocker). @@ -44,79 +46,79 @@ The following sections provide a comprehensive list of BitLocker group policy se The following policy settings can be used to determine how a BitLocker-protected drive can be unlocked. -- [Allow devices with Secure Boot and protected DMA ports to opt out of preboot PIN](#bkmk-hstioptout) -- [Allow network unlock at startup](#bkmk-netunlock) -- [Require additional authentication at startup](#bkmk-unlockpol1) -- [Allow enhanced PINs for startup](#bkmk-unlockpol2) -- [Configure minimum PIN length for startup](#bkmk-unlockpol3) +- [Allow devices with Secure Boot and protected DMA ports to opt out of preboot PIN](#allow-devices-with-secure-boot-and-protected-dma-ports-to-opt-out-of-preboot-pin) +- [Allow network unlock at startup](#allow-network-unlock-at-startup) +- [Require additional authentication at startup](#require-additional-authentication-at-startup) +- [Allow enhanced PINs for startup](#allow-enhanced-pins-for-startup) +- [Configure minimum PIN length for startup](#configure-minimum-pin-length-for-startup) - [Disable new DMA devices when this computer is locked](#disable-new-dma-devices-when-this-computer-is-locked) -- [Disallow standard users from changing the PIN or password](#bkmk-dpinchange) -- [Configure use of passwords for operating system drives](#bkmk-ospw) -- [Require additional authentication at startup (Windows Server 2008 and Windows Vista)](#bkmk-unlockpol4) -- [Configure use of smart cards on fixed data drives](#bkmk-unlockpol5) -- [Configure use of passwords on fixed data drives](#bkmk-unlockpol6) -- [Configure use of smart cards on removable data drives](#bkmk-unlockpol7) -- [Configure use of passwords on removable data drives](#bkmk-unlockpol8) -- [Validate smart card certificate usage rule compliance](#bkmk-unlockpol9) -- [Enable use of BitLocker authentication requiring preboot keyboard input on slates](#bkmk-slates) +- [Disallow standard users from changing the PIN or password](#disallow-standard-users-from-changing-the-pin-or-password) +- [Configure use of passwords for operating system drives](#configure-use-of-passwords-for-operating-system-drives) +- [Require additional authentication at startup (Windows Server 2008 and Windows Vista)](#require-additional-authentication-at-startup-windows-server-2008-and-windows-vista) +- [Configure use of smart cards on fixed data drives](#configure-use-of-smart-cards-on-fixed-data-drives) +- [Configure use of passwords on fixed data drives](#configure-use-of-passwords-on-fixed-data-drives) +- [Configure use of smart cards on removable data drives](#configure-use-of-smart-cards-on-removable-data-drives) +- [Configure use of passwords on removable data drives](#configure-use-of-passwords-on-removable-data-drives) +- [Validate smart card certificate usage rule compliance](#validate-smart-card-certificate-usage-rule-compliance) +- [Enable use of BitLocker authentication requiring preboot keyboard input on slates](#enable-use-of-bitlocker-authentication-requiring-preboot-keyboard-input-on-slates) The following policy settings are used to control how users can access drives and how they can use BitLocker on their computers. -- [Deny write access to fixed drives not protected by BitLocker](#bkmk-driveaccess1) -- [Deny write access to removable drives not protected by BitLocker](#bkmk-driveaccess2) -- [Control use of BitLocker on removable drives](#bkmk-driveaccess3) +- [Deny write access to fixed drives not protected by BitLocker](#deny-write-access-to-fixed-drives-not-protected-by-bitlocker) +- [Deny write access to removable drives not protected by BitLocker](#deny-write-access-to-removable-drives-not-protected-by-bitlocker) +- [Control use of BitLocker on removable drives](#control-use-of-bitlocker-on-removable-drives) The following policy settings determine the encryption methods and encryption types that are used with BitLocker. -- [Choose drive encryption method and cipher strength](#bkmk-encryptmeth) -- [Configure use of hardware-based encryption for fixed data drives](#bkmk-hdefxd) -- [Configure use of hardware-based encryption for operating system drives](#bkmk-hdeosd) -- [Configure use of hardware-based encryption for removable data drives](#bkmk-hderdd) -- [Enforce drive encryption type on fixed data drives](#bkmk-detypefdd) -- [Enforce drive encryption type on operating system drives](#bkmk-detypeosd) -- [Enforce drive encryption type on removable data drives](#bkmk-detyperdd) +- [Choose drive encryption method and cipher strength](#choose-drive-encryption-method-and-cipher-strength) +- [Configure use of hardware-based encryption for fixed data drives](#configure-use-of-hardware-based-encryption-for-fixed-data-drives) +- [Configure use of hardware-based encryption for operating system drives](#configure-use-of-hardware-based-encryption-for-operating-system-drives) +- [Configure use of hardware-based encryption for removable data drives](#configure-use-of-hardware-based-encryption-for-removable-data-drives) +- [Enforce drive encryption type on fixed data drives](#enforce-drive-encryption-type-on-fixed-data-drives) +- [Enforce drive encryption type on operating system drives](#enforce-drive-encryption-type-on-operating-system-drives) +- [Enforce drive encryption type on removable data drives](#enforce-drive-encryption-type-on-removable-data-drives) The following policy settings define the recovery methods that can be used to restore access to a BitLocker-protected drive if an authentication method fails or is unable to be used. -- [Choose how BitLocker-protected operating system drives can be recovered](#bkmk-rec1) -- [Choose how users can recover BitLocker-protected drives (Windows Server 2008 and Windows Vista)](#bkmk-rec2) -- [Store BitLocker recovery information in Active Directory Domain Services (Windows Server 2008 and Windows Vista)](#bkmk-rec3) -- [Choose default folder for recovery password](#bkmk-rec4) -- [Choose how BitLocker-protected fixed drives can be recovered](#bkmk-rec6) -- [Choose how BitLocker-protected removable drives can be recovered](#bkmk-rec7) -- [Configure the pre-boot recovery message and URL](#bkmk-configurepreboot) +- [Choose how BitLocker-protected operating system drives can be recovered](#choose-how-bitlocker-protected-operating-system-drives-can-be-recovered) +- [Choose how users can recover BitLocker-protected drives (Windows Server 2008 and Windows Vista)](#choose-how-users-can-recover-bitlocker-protected-drives-windows-server-2008-and-windows-vista) +- [Store BitLocker recovery information in Active Directory Domain Services (Windows Server 2008 and Windows Vista)](#store-bitlocker-recovery-information-in-active-directory-domain-services-windows-server-2008-and-windows-vista) +- [Choose default folder for recovery password](#choose-default-folder-for-recovery-password) +- [Choose how BitLocker-protected fixed drives can be recovered](#choose-how-bitlocker-protected-fixed-drives-can-be-recovered) +- [Choose how BitLocker-protected removable drives can be recovered](#choose-how-bitlocker-protected-removable-drives-can-be-recovered) +- [Configure the pre-boot recovery message and URL](#configure-the-pre-boot-recovery-message-and-url) The following policies are used to support customized deployment scenarios in your organization. -- [Allow Secure Boot for integrity validation](#bkmk-secboot) -- [Provide the unique identifiers for your organization](#bkmk-depopt1) -- [Prevent memory overwrite on restart](#bkmk-depopt2) -- [Configure TPM platform validation profile for BIOS-based firmware configurations](#bkmk-tpmbios) -- [Configure TPM platform validation profile (Windows Vista, Windows Server 2008, Windows 7, Windows Server 2008 R2)](#bkmk-depopt3) -- [Configure TPM platform validation profile for native UEFI firmware configurations](#bkmk-tpmvaluefi) -- [Reset platform validation data after BitLocker recovery](#bkmk-resetrec) -- [Use enhanced Boot Configuration Data validation profile](#bkmk-enbcd) -- [Allow access to BitLocker-protected fixed data drives from earlier versions of Windows](#bkmk-depopt4) -- [Allow access to BitLocker-protected removable data drives from earlier versions of Windows](#bkmk-depopt5) +- [Allow Secure Boot for integrity validation](#allow-secure-boot-for-integrity-validation) +- [Provide the unique identifiers for your organization](#provide-the-unique-identifiers-for-your-organization) +- [Prevent memory overwrite on restart](#prevent-memory-overwrite-on-restart) +- [Configure TPM platform validation profile for BIOS-based firmware configurations](#configure-tpm-platform-validation-profile-for-bios-based-firmware-configurations) +- [Configure TPM platform validation profile (Windows Vista, Windows Server 2008, Windows 7, Windows Server 2008 R2)](#configure-tpm-platform-validation-profile-windows-vista-windows-server-2008-windows-7-windows-server-2008-r2) +- [Configure TPM platform validation profile for native UEFI firmware configurations](#configure-tpm-platform-validation-profile-for-native-uefi-firmware-configurations) +- [Reset platform validation data after BitLocker recovery](#reset-platform-validation-data-after-bitlocker-recovery) +- [Use enhanced Boot Configuration Data validation profile](#use-enhanced-boot-configuration-data-validation-profile) +- [Allow access to BitLocker-protected fixed data drives from earlier versions of Windows](#allow-access-to-bitlocker-protected-fixed-data-drives-from-earlier-versions-of-windows) +- [Allow access to BitLocker-protected removable data drives from earlier versions of Windows](#allow-access-to-bitlocker-protected-removable-data-drives-from-earlier-versions-of-windows) -### Allow devices with secure boot and protected DMA ports to opt out of preboot PIN +### Allow devices with secure boot and protected DMA ports to opt out of preboot PIN | |   | |:---|:---| |**Policy description**|With this policy setting, you can allow TPM-only protection for newer, more secure devices, such as devices that support Modern Standby or HSTI, while requiring PIN on older devices.| |**Introduced**|Windows 10, version 1703, or Windows 11| |**Drive type**|Operating system drives| -|**Policy path**|Computer Configuration\Administrative Templates\Windows Components\BitLocker Drive Encryption\Operating System Drives| -|**Conflicts**|This setting overrides the **Require startup PIN with TPM** option of the [Require additional authentication at startup](#bkmk-unlockpol1) policy on compliant hardware.| +|**Policy path**|*Computer Configuration* > *Administrative Templates* > *Windows Components* > *BitLocker Drive Encryption* > *Operating System Drives*| +|**Conflicts**|This setting overrides the **Require startup PIN with TPM** option of the [Require additional authentication at startup](#require-additional-authentication-at-startup) policy on compliant hardware.| |**When enabled**|Users on Modern Standby and HSTI compliant devices will have the choice to turn on BitLocker without preboot authentication.| -|**When disabled or not configured**|The options of the [Require additional authentication at startup](#bkmk-unlockpol1) policy apply.| +|**When disabled or not configured**|The options of the [Require additional authentication at startup](#require-additional-authentication-at-startup) policy apply.| -**Reference** +#### Reference: Allow devices with secure boot and protected DMA ports to opt out of preboot PIN -The preboot authentication option **Require startup PIN with TPM** of the [Require additional authentication at startup](#bkmk-unlockpol1) policy is often enabled to help ensure security for older devices that don't support Modern Standby. But visually impaired users have no audible way to know when to enter a PIN. +The preboot authentication option **Require startup PIN with TPM** of the [Require additional authentication at startup](#require-additional-authentication-at-startup) policy is often enabled to help ensure security for older devices that don't support Modern Standby. But visually impaired users have no audible way to know when to enter a PIN. This setting enables an exception to the PIN-required policy on secure hardware. -### Allow network unlock at startup +### Allow network unlock at startup This policy controls a portion of the behavior of the Network Unlock feature in BitLocker. This policy is required to enable BitLocker Network Unlock on a network because it allows clients running BitLocker to create the necessary network key protector during encryption. @@ -127,37 +129,37 @@ This policy is used with the BitLocker Drive Encryption Network Unlock Certifica |**Policy description**|With this policy setting, you can control whether a BitLocker-protected computer that is connected to a trusted local area network and joined to a domain can create and use network key protectors on TPM-enabled computers to automatically unlock the operating system drive when the computer is started.| |**Introduced**|Windows Server 2012 and Windows 8| |**Drive type**|Operating system drives| -|**Policy path**|Computer Configuration\Administrative Templates\Windows Components\BitLocker Drive Encryption\Operating System Drives| +|**Policy path**|*Computer Configuration* > *Administrative Templates* > *Windows Components* > *BitLocker Drive Encryption* > *Operating System Drives*| |**Conflicts**|None| |**When enabled**|Clients configured with a BitLocker Network Unlock certificate can create and use Network Key Protectors.| |**When disabled or not configured**|Clients can't create and use Network Key Protectors| -**Reference** +#### Reference: Allow network unlock at startup -To use a network key protector to unlock the computer, the computer and the server that hosts BitLocker Drive Encryption Network Unlock must be provisioned with a Network Unlock certificate. The Network Unlock certificate is used to create a network key protector and to protect the information exchange with the server to unlock the computer. You can use the Group Policy setting **Computer Configuration\\Windows Settings\\Security Settings\\Public Key Policies\\BitLocker Drive Encryption Network Unlock Certificate** on the domain controller to distribute this certificate to computers in your organization. This unlock method uses the TPM on the computer, so computers that don't have a TPM can't create network key protectors to automatically unlock by using Network Unlock. +To use a network key protector to unlock the computer, the computer and the server that hosts BitLocker Drive Encryption Network Unlock must be provisioned with a Network Unlock certificate. The Network Unlock certificate is used to create a network key protector and to protect the information exchange with the server to unlock the computer. You can use the Group Policy setting *Computer Configuration* > *Windows Settings* > *Security Settings* > *Public Key Policies* > *BitLocker Drive Encryption Network Unlock Certificate* on the domain controller to distribute this certificate to computers in your organization. This unlock method uses the TPM on the computer, so computers that don't have a TPM can't create network key protectors to automatically unlock by using Network Unlock. > [!NOTE] > For reliability and security, computers should also have a TPM startup PIN that can be used when the computer is disconnected from the wired network or can't connect to the domain controller at startup. For more information about Network Unlock feature, see [BitLocker: How to enable Network Unlock](bitlocker-how-to-enable-network-unlock.md). -### Require additional authentication at startup +### Require additional authentication at startup This policy setting is used to control which unlock options are available for operating system drives. | |   | |:---|:---| -|**Policy description**|With this policy setting, you can configure whether BitLocker requires additional authentication each time the computer starts and whether you are using BitLocker with a Trusted Platform Module (TPM). This policy setting is applied when you turn on BitLocker.| +|**Policy description**|With this policy setting, you can configure whether BitLocker requires additional authentication each time the computer starts and whether you're using BitLocker with a Trusted Platform Module (TPM). This policy setting is applied when you turn on BitLocker.| |**Introduced**|Windows Server 2008 R2 and Windows 7| |**Drive type**|Operating system drives| -|**Policy path**|Computer Configuration\Administrative Templates\Windows Components\BitLocker Drive Encryption\Operating System Drives| +|**Policy path**|*Computer Configuration* > *Administrative Templates* > *Windows Components* > *BitLocker Drive Encryption* > *Operating System Drives*| |**Conflicts**|If one authentication method is required, the other methods can't be allowed. Use of BitLocker with a TPM startup key or with a TPM startup key and a PIN must be disallowed if the **Deny write access to removable drives not protected by BitLocker** policy setting is enabled.| |**When enabled**|Users can configure advanced startup options in the BitLocker Setup Wizard.| -|**When disabled or not configured**|Users can configure only basic options on computers with a TPM.

    Only one of the additional authentication options can be required at startup; otherwise, a policy error occurs.| +|**When disabled or not configured**|Users can configure only basic options on computers with a TPM.

    Only one of the additional authentication options can be required at startup; otherwise, a policy error occurs.| -**Reference** +#### Reference: Require additional authentication at startup -If you want to use BitLocker on a computer without a TPM, select **Allow BitLocker without a compatible TPM**. In this mode, a password or USB drive is required for startup. The USB drive stores the startup key that is used to encrypt the drive. When the USB drive is inserted, the startup key is authenticated and the operating system drive is accessible. If the USB drive is lost or unavailable, BitLocker recovery is required to access the drive. +If you want to use BitLocker on a computer without a TPM, select **Allow BitLocker without a compatible TPM**. In this mode, a password or USB drive is required for startup. The USB drive stores the startup key that is used to encrypt the drive. When the USB drive is inserted, the startup key is authenticated, and the operating system drive is accessible. If the USB drive is lost or unavailable, BitLocker recovery is required to access the drive. On a computer with a compatible TPM, additional authentication methods can be used at startup to improve protection for encrypted data. When the computer starts, it can use: @@ -169,27 +171,26 @@ On a computer with a compatible TPM, additional authentication methods can be us There are four options for TPM-enabled computers or devices: - Configure TPM startup - - - Allow TPM - - Require TPM - - Do not allow TPM + - Allow TPM + - Require TPM + - Don't allow TPM - Configure TPM startup PIN - - Allow startup PIN with TPM - - Require startup PIN with TPM - - Do not allow startup PIN with TPM + - Allow startup PIN with TPM + - Require startup PIN with TPM + - Don't allow startup PIN with TPM + - Configure TPM startup key + - Allow startup key with TPM + - Require startup key with TPM + - Don't allow startup key with TPM - - Allow startup key with TPM - - Require startup key with TPM - - Do not allow startup key with TPM - Configure TPM startup key and PIN + - Allow TPM startup key with PIN + - Require startup key and PIN with TPM + - Don't allow TPM startup key with PIN - - Allow TPM startup key with PIN - - Require startup key and PIN with TPM - - Do not allow TPM startup key with PIN - -### Allow enhanced PINs for startup +### Allow enhanced PINs for startup This policy setting permits the use of enhanced PINs when you use an unlock method that includes a PIN. @@ -198,19 +199,19 @@ This policy setting permits the use of enhanced PINs when you use an unlock meth |**Policy description**|With this policy setting, you can configure whether enhanced startup PINs are used with BitLocker.| |**Introduced**|Windows Server 2008 R2 and Windows 7| |**Drive type**|Operating system drives| -|**Policy path**|Computer Configuration\Administrative Templates\Windows Components\BitLocker Drive Encryption\Operating System Drives| +|**Policy path**|*Computer Configuration* > *Administrative Templates* > *Windows Components* > *BitLocker Drive Encryption* > *Operating System Drives*| |**Conflicts**|None| |**When enabled**|All new BitLocker startup PINs that are set will be enhanced PINs. Existing drives that were protected by using standard startup PINs aren't affected.| -|**When disabled or not configured**|Enhanced PINs will not be used.| +|**When disabled or not configured**|Enhanced PINs won't be used.| -**Reference** +#### Reference: Allow enhanced PINs for startup Enhanced startup PINs permit the use of characters (including uppercase and lowercase letters, symbols, numbers, and spaces). This policy setting is applied when you turn on BitLocker. > [!IMPORTANT] > Not all computers support enhanced PIN characters in the preboot environment. It's strongly recommended that users perform a system check during the BitLocker setup to verify that enhanced PIN characters can be used. -### Configure minimum PIN length for startup +### Configure minimum PIN length for startup This policy setting is used to set a minimum PIN length when you use an unlock method that includes a PIN. @@ -219,33 +220,24 @@ This policy setting is used to set a minimum PIN length when you use an unlock m |**Policy description**|With this policy setting, you can configure a minimum length for a TPM startup PIN. This policy setting is applied when you turn on BitLocker. The startup PIN must have a minimum length of four digits, and it can have a maximum length of 20 digits. By default, the minimum PIN length is 6.| |**Introduced**|Windows Server 2008 R2 and Windows 7| |**Drive type**|Operating system drives| -|**Policy path**|Computer Configuration\Administrative Templates\Windows Components\BitLocker Drive Encryption\Operating System Drives| +|**Policy path**|*Computer Configuration* > *Administrative Templates* > *Windows Components* > *BitLocker Drive Encryption* > *Operating System Drives*| |**Conflicts**|None| |**When enabled**|You can require that startup PINs set by users must have a minimum length you choose that is between 4 and 20 digits.| |**When disabled or not configured**|Users can configure a startup PIN of any length between 6 and 20 digits.| -**Reference** +#### Reference: Configure minimum PIN length for startup This policy setting is applied when you turn on BitLocker. The startup PIN must have a minimum length of four digits and can have a maximum length of 20 digits. -Originally, BitLocker allowed a length from 4 to 20 characters for a PIN. -Windows Hello has its own PIN for logon, length of which can be 4 to 127 characters. -Both BitLocker and Windows Hello use the TPM to prevent PIN brute-force attacks. +Originally, BitLocker allowed a length from 4 to 20 characters for a PIN. Windows Hello has its own PIN for sign in, length of which can be 4 to 127 characters. Both BitLocker and Windows Hello use the TPM to prevent PIN brute-force attacks. The TPM can be configured to use Dictionary Attack Prevention parameters ([lockout threshold and lockout duration](../tpm/trusted-platform-module-services-group-policy-settings.md)) to control how many failed authorizations attempts are allowed before the TPM is locked out, and how much time must elapse before another attempt can be made. -The Dictionary Attack Prevention Parameters provide a way to balance security needs with usability. -For example, when BitLocker is used with a TPM + PIN configuration, the number of PIN guesses is limited over time. -A TPM 2.0 in this example could be configured to allow only 32 PIN guesses immediately, and then only one more guess every two hours. -This totals a maximum of about 4415 guesses per year. -If the PIN is four digits, all 9999 possible PIN combinations could be attempted in a little over two years. +The Dictionary Attack Prevention Parameters provide a way to balance security needs with usability. For example, when BitLocker is used with a TPM + PIN configuration, the number of PIN guesses is limited over time. A TPM 2.0 in this example could be configured to allow only 32 PIN guesses immediately, and then only one more guess every two hours. This number of attempts totals to a maximum of about 4415 guesses per year. If the PIN is four digits, all 9999 possible PIN combinations could be attempted in a little over two years. -Increasing the PIN length requires a greater number of guesses for an attacker. -In that case, the lockout duration between each guess can be shortened to allow legitimate users to retry a failed attempt sooner, while maintaining a similar level of protection. +Increasing the PIN length requires a greater number of guesses for an attacker. In that case, the lockout duration between each guess can be shortened to allow legitimate users to retry a failed attempt sooner, while maintaining a similar level of protection. -Beginning with Windows 10, version 1703, or Windows 11, the minimum length for the BitLocker PIN was increased to six characters to better align with other Windows features that use TPM 2.0, including Windows Hello. -To help organizations with the transition, beginning with Windows 10, version 1709 and Windows 10, version 1703 with the October 2017, or Windows 11 [cumulative update](https://support.microsoft.com/help/4018124) installed, the BitLocker PIN length is six characters by default, but it can be reduced to four characters. -If the minimum PIN length is reduced from the default of six characters, then the TPM 2.0 lockout period will be extended. +Beginning with Windows 10, version 1703, or Windows 11, the minimum length for the BitLocker PIN was increased to six characters to better align with other Windows features that use TPM 2.0, including Windows Hello. To help organizations with the transition, beginning with Windows 10, version 1709 and Windows 10, version 1703 with the October 2017, or Windows 11 [cumulative update](https://support.microsoft.com/help/4018124) installed, the BitLocker PIN length is six characters by default, but it can be reduced to four characters. If the minimum PIN length is reduced from the default of six characters, then the TPM 2.0 lockout period will be extended. ### Disable new DMA devices when this computer is locked @@ -256,16 +248,16 @@ This policy setting allows you to block direct memory access (DMA) for all hot p |**Policy description**|This setting helps prevent attacks that use external PCI-based devices to access BitLocker keys.| |**Introduced**|Windows 10, version 1703, or Windows 11| |**Drive type**|Operating system drives| -|**Policy path**|Computer Configuration\Administrative Templates\Windows Components\BitLocker Drive Encryption| +|**Policy path**|*Computer Configuration* > *Administrative Templates* > *Windows Components* > *BitLocker Drive Encryption*| |**Conflicts**|None| |**When enabled**|Every time the user locks the scree, DMA will be blocked on hot pluggable PCI ports until the user signs in again.| |**When disabled or not configured**|DMA is available on hot pluggable PCI devices if the device is turned on, regardless of whether a user is signed in.| -**Reference** +#### Reference: Disable new DMA devices when this computer is locked This policy setting is only enforced when BitLocker or device encryption is enabled. As explained in the [Microsoft Security Guidance blog](/archive/blogs/secguide/issue-with-bitlockerdma-setting-in-windows-10-fall-creators-update-v1709), in some cases when this setting is enabled, internal, PCI-based peripherals can fail, including wireless network drivers and input and audio peripherals. This problem is fixed in the [April 2018 quality update](https://support.microsoft.com/help/4093105). -### Disallow standard users from changing the PIN or password +### Disallow standard users from changing the PIN or password This policy setting allows you to configure whether standard users are allowed to change the PIN or password that is used to protect the operating system drive. @@ -274,16 +266,16 @@ This policy setting allows you to configure whether standard users are allowed t |**Policy description**|With this policy setting, you can configure whether standard users are allowed to change the PIN or password used to protect the operating system drive.| |**Introduced**|Windows Server 2012 and Windows 8| |**Drive type**|Operating system drives| -|**Policy path**|Computer Configuration\Administrative Templates\Windows Components\BitLocker Drive Encryption\Operating System Drives| +|**Policy path**|*Computer Configuration* > *Administrative Templates* > *Windows Components* > *BitLocker Drive Encryption* > *Operating System Drives*| |**Conflicts**|None| |**When enabled**|Standard users aren't allowed to change BitLocker PINs or passwords.| |**When disabled or not configured**|Standard users are permitted to change BitLocker PINs or passwords.| -**Reference** +#### Reference: Disallow standard users from changing the PIN or password To change the PIN or password, the user must be able to provide the current PIN or password. This policy setting is applied when you turn on BitLocker. -### Configure use of passwords for operating system drives +### Configure use of passwords for operating system drives This policy controls how non-TPM based systems utilize the password protector. Used with the **Password must meet complexity requirements** policy, this policy allows administrators to require password length and complexity for using the password protector. By default, passwords must be eight characters in length. Complexity configuration options determine how important domain connectivity is for the client. For the strongest password security, administrators should choose **Require password complexity** because it requires domain connectivity, and it requires that the BitLocker password meets the same password complexity requirements as domain sign-in passwords. @@ -292,19 +284,20 @@ This policy controls how non-TPM based systems utilize the password protector. U |**Policy description**|With this policy setting, you can specify the constraints for passwords that are used to unlock operating system drives that are protected with BitLocker.| |**Introduced**|Windows Server 2012 and Windows 8| |**Drive type**|Operating system drives| -|**Policy path**|Computer Configuration\Administrative Templates\Windows Components\BitLocker Drive Encryption\Operating System Drives| -|**Conflicts**|Passwords can't be used if FIPS-compliance is enabled.


    **NOTE:** The **System cryptography: Use FIPS-compliant algorithms for encryption, hashing, and signing** policy setting, which is located at **Computer Configuration\Windows Settings\Security Settings\Local Policies\Security Options** specifies whether FIPS-compliance is enabled.| +|**Policy path**|*Computer Configuration* > *Administrative Templates* > *Windows Components* > *BitLocker Drive Encryption* > *Operating System Drives*| +|**Conflicts**|Passwords can't be used if FIPS-compliance is enabled.

    **NOTE:** The **System cryptography: Use FIPS-compliant algorithms for encryption, hashing, and signing** policy setting, which is located at *Computer Configuration* > *Windows Settings* > *Security Settings* > *Local Policies* > *Security Options* specifies whether FIPS-compliance is enabled.
    | |**When enabled**|Users can configure a password that meets the requirements you define. To enforce complexity requirements for the password, select **Require complexity**.| |**When disabled or not configured**|The default length constraint of eight characters will apply to operating system drive passwords and no complexity checks will occur.| -**Reference** +#### Reference: Configure use of passwords for operating system drives -If non-TPM protectors are allowed on operating system drives, you can provision a password, enforce complexity requirements on the password, and configure a minimum length for the password. For the complexity requirement setting to be effective, the group policy setting **Password must meet complexity requirements**, which is located at **Computer Configuration\\Windows Settings\\Security Settings\\Account Policies\\Password Policy\\**, must be also enabled. +If non-TPM protectors are allowed on operating system drives, you can provision a password, enforce complexity requirements on the password, and configure a minimum length for the password. For the complexity requirement setting to be effective, the group policy setting **Password must meet complexity requirements**, which is located at *Computer Configuration* > *Windows Settings* > *Security Settings* > *Account Policies* > *Password Policy*, must be also enabled. > [!NOTE] > These settings are enforced when turning on BitLocker, not when unlocking a volume. BitLocker allows unlocking a drive with any of the protectors that are available on the drive. -When set to **Require complexity**, a connection to a domain controller is necessary when BitLocker is enabled to validate the complexity the password. When set to **Allow complexity**, a connection to a domain controller is attempted to validate that the complexity adheres to the rules set by the policy. If no domain controllers are found, the password will be accepted regardless of actual password complexity, and the drive will be encrypted by using that password as a protector. When set to **Do not allow complexity**, there is no password complexity validation. +When set to **Require complexity**, a connection to a domain controller is necessary when BitLocker is enabled to validate the complexity the password. When set to **Allow complexity**, a connection to a domain controller is attempted to validate that the complexity adheres to the rules set by the policy. If no domain controllers are found, the password will be accepted regardless of actual password complexity, and the drive will be encrypted by using that password as a protector. When set to **Do not allow complexity**, there's no password complexity validation. + Passwords must be at least eight characters. To configure a greater minimum length for the password, enter the desired number of characters in the **Minimum password length** box. When this policy setting is enabled, you can set the option **Configure password complexity for operating system drives** to: @@ -313,7 +306,7 @@ When this policy setting is enabled, you can set the option **Configure password - Deny password complexity - Require password complexity -### Require additional authentication at startup (Windows Server 2008 and Windows Vista) +### Require additional authentication at startup (Windows Server 2008 and Windows Vista) This policy setting is used to control what unlock options are available for computers running Windows Server 2008 or Windows Vista. @@ -322,12 +315,12 @@ This policy setting is used to control what unlock options are available for com |**Policy description**|With this policy setting, you can control whether the BitLocker Setup Wizard on computers running Windows Vista or Windows Server 2008 can set up an additional authentication method that is required each time the computer starts.| |**Introduced**|Windows Server 2008 and Windows Vista| |**Drive type**|Operating system drives (Windows Server 2008 and Windows Vista)| -|**Policy path**|Computer Configuration\Administrative Templates\Windows Components\BitLocker Drive Encryption\Operating System Drives| +|**Policy path**|*Computer Configuration* > *Administrative Templates* > *Windows Components* > *BitLocker Drive Encryption* > *Operating System Drives*| |**Conflicts**|If you choose to require an additional authentication method, other authentication methods can't be allowed.| |**When enabled**|The BitLocker Setup Wizard displays the page that allows the user to configure advanced startup options for BitLocker. You can further configure setting options for computers with or without a TPM.| |**When disabled or not configured**|The BitLocker Setup Wizard displays basic steps that allow users to enable BitLocker on computers with a TPM. In this basic wizard, no additional startup key or startup PIN can be configured.| -**Reference** +#### Reference: Require additional authentication at startup (Windows Server 2008 and Windows Vista) On a computer with a compatible TPM, two authentication methods can be used at startup to provide added protection for encrypted data. When the computer starts, it can prompt users to insert a USB drive that contains a startup key. It can also prompt users to enter a startup PIN with a length between 6 and 20 digits. @@ -336,21 +329,20 @@ A USB drive that contains a startup key is needed on computers without a compati There are two options for TPM-enabled computers or devices: - Configure TPM startup PIN + - Allow startup PIN with TPM + - Require startup PIN with TPM + - Don't allow startup PIN with TPM - - Allow startup PIN with TPM - - Require startup PIN with TPM - - Do not allow startup PIN with TPM - Configure TPM startup key - - - Allow startup key with TPM - - Require startup key with TPM - - Do not allow startup key with TPM + - Allow startup key with TPM + - Require startup key with TPM + - Don't allow startup key with TPM These options are mutually exclusive. If you require the startup key, you must not allow the startup PIN. If you require the startup PIN, you must not allow the startup key. Otherwise, a policy error will occur. To hide the advanced page on a TPM-enabled computer or device, set these options to **Do not allow** for the startup key and for the startup PIN. -### Configure use of smart cards on fixed data drives +### Configure use of smart cards on fixed data drives This policy setting is used to require, allow, or deny the use of smart cards with fixed data drives. @@ -359,18 +351,18 @@ This policy setting is used to require, allow, or deny the use of smart cards wi |**Policy description**|With this policy setting, you can specify whether smart cards can be used to authenticate user access to the BitLocker-protected fixed data drives on a computer.| |**Introduced**|Windows Server 2008 R2 and Windows 7| |**Drive type**|Fixed data drives| -|**Policy path**|Computer Configuration\Administrative Templates\Windows Components\BitLocker Drive Encryption\Fixed Data Drives| +|**Policy path**|*Computer Configuration* > *Administrative Templates* > *Windows Components* > *BitLocker Drive Encryption* > *Fixed Data Drives*| |**Conflicts**|To use smart cards with BitLocker, you may also need to modify the object identifier setting in the **Computer Configuration\Administrative Templates\BitLocker Drive Encryption\Validate smart card certificate usage rule compliance** policy setting to match the object identifier of your smart card certificates.| |**When enabled**|Smart cards can be used to authenticate user access to the drive. You can require smart card authentication by selecting the **Require use of smart cards on fixed data drives** check box.| |**When disabled**|Users can't use smart cards to authenticate their access to BitLocker-protected fixed data drives.| |**When not configured**|Smart cards can be used to authenticate user access to a BitLocker-protected drive.| -**Reference** +#### Reference: Configure use of smart cards on fixed data drives > [!NOTE] > These settings are enforced when turning on BitLocker, not when unlocking a drive. BitLocker allows unlocking a drive by using any of the protectors that are available on the drive. -### Configure use of passwords on fixed data drives +### Configure use of passwords on fixed data drives This policy setting is used to require, allow, or deny the use of passwords with fixed data drives. @@ -379,13 +371,13 @@ This policy setting is used to require, allow, or deny the use of passwords with |**Policy description**|With this policy setting, you can specify whether a password is required to unlock BitLocker-protected fixed data drives.| |**Introduced**|Windows Server 2008 R2 and Windows 7| |**Drive type**|Fixed data drives| -|**Policy path**|Computer Configuration\Administrative Templates\Windows Components\BitLocker Drive Encryption\Fixed Data Drives| +|**Policy path**|*Computer Configuration* > *Administrative Templates* > *Windows Components* > *BitLocker Drive Encryption* > *Fixed Data Drives*| |**Conflicts**|To use password complexity, the **Computer Configuration\Windows Settings\Security Settings\Account Policies\Password Policy\Password must meet complexity requirements** policy setting must also be enabled.| |**When enabled**|Users can configure a password that meets the requirements you define. To require the use of a password, select **Require password for fixed data drive**. To enforce complexity requirements on the password, select **Require complexity**.| |**When disabled**|The user isn't allowed to use a password.| |**When not configured**|Passwords are supported with the default settings, which don't include password complexity requirements and require only eight characters.| -**Reference** +#### Reference: Configure use of passwords on fixed data drives When set to **Require complexity**, a connection to a domain controller is necessary to validate the complexity of the password when BitLocker is enabled. @@ -398,15 +390,14 @@ Passwords must be at least eight characters. To configure a greater minimum leng > [!NOTE] > These settings are enforced when turning on BitLocker, not when unlocking a drive. BitLocker allows unlocking a drive with any of the protectors that are available on the drive. -For the complexity requirement setting to be effective, the Group Policy setting **Computer Configuration\\Windows Settings\\Security Settings\\Account Policies\\Password Policy\\Password must meet complexity requirements** must also be enabled. -This policy setting is configured on a per-computer basis. This means that it applies to local user accounts and domain user accounts. Because the password filter that's used to validate password complexity is located on the domain controllers, local user accounts can't access the password filter because they're not authenticated for domain access. When this policy setting is enabled, if you sign in with a local user account, and you attempt to encrypt a drive or change a password on an existing BitLocker-protected drive, an "Access denied" error message is displayed. In this situation, the password key protector can't be added to the drive. +For the complexity requirement setting to be effective, the Group Policy setting *Computer Configuration* > *Windows Settings* > *Security Settings* > *Account Policies* > *Password Policy* > **Password must meet complexity requirements** must also be enabled. This policy setting is configured on a per-computer basis. The policy setting also applies to both local user accounts and domain user accounts. Because the password filter that's used to validate password complexity is located on the domain controllers, local user accounts can't access the password filter because they're not authenticated for domain access. When this policy setting is enabled, if you sign in with a local user account, and you attempt to encrypt a drive or change a password on an existing BitLocker-protected drive, an "Access denied" error message is displayed. In this situation, the password key protector can't be added to the drive. -Enabling this policy setting requires that connectivity to a domain be established before adding a password key protector to a BitLocker-protected drive. Users who work remotely and have periods of time in which they can't connect to the domain should be made aware of this requirement so that they can schedule a time when they will be connected to the domain to turn on BitLocker or to change a password on a BitLocker-protected data drive. +Enabling this policy setting requires that a device is connected to a domain before adding a password key protector to a BitLocker-protected drive. Users who work remotely and have periods of time in which they can't connect to the domain should be made aware of this requirement so that they can schedule a time when they'll be connected to the domain to turn on BitLocker or to change a password on a BitLocker-protected data drive. > [!IMPORTANT] -> Passwords can't be used if FIPS compliance is enabled. The **System cryptography: Use FIPS-compliant algorithms for encryption, hashing, and signing** policy setting in **Computer Configuration\\Windows Settings\\Security Settings\\Local Policies\\Security Options** specifies whether FIPS compliance is enabled. +> Passwords can't be used if FIPS compliance is enabled. The **System cryptography: Use FIPS-compliant algorithms for encryption, hashing, and signing** policy setting in *Computer Configuration* > *Windows Settings* > *Security Settings* > *Local Policies* > *Security Options* specifies whether FIPS compliance is enabled. -### Configure use of smart cards on removable data drives +### Configure use of smart cards on removable data drives This policy setting is used to require, allow, or deny the use of smart cards with removable data drives. @@ -415,18 +406,18 @@ This policy setting is used to require, allow, or deny the use of smart cards wi |**Policy description**|With this policy setting, you can specify whether smart cards can be used to authenticate user access to BitLocker-protected removable data drives on a computer.| |**Introduced**|Windows Server 2008 R2 and Windows 7| |**Drive type**|Removable data drives| -|**Policy path**|Computer Configuration\Administrative Templates\Windows Components\BitLocker Drive Encryption\Removable Data Drives| +|**Policy path**|*Computer Configuration* > *Administrative Templates* > *Windows Components* > *BitLocker Drive Encryption* > *Removable Data Drives*| |**Conflicts**|To use smart cards with BitLocker, you may also need to modify the object identifier setting in the **Computer Configuration\Administrative Templates\BitLocker Drive Encryption\Validate smart card certificate usage rule compliance** policy setting to match the object identifier of your smart card certificates.| |**When enabled**|Smart cards can be used to authenticate user access to the drive. You can require smart card authentication by selecting the **Require use of smart cards on removable data drives** check box.| |**When disabled or not configured**|Users aren't allowed to use smart cards to authenticate their access to BitLocker-protected removable data drives.| |**When not configured**|Smart cards are available to authenticate user access to a BitLocker-protected removable data drive.| -**Reference** +#### Reference: Configure use of smart cards on removable data drives > [!NOTE] > These settings are enforced when turning on BitLocker, not when unlocking a drive. BitLocker allows unlocking a drive with any of the protectors that are available on the drive. -### Configure use of passwords on removable data drives +### Configure use of passwords on removable data drives This policy setting is used to require, allow, or deny the use of passwords with removable data drives. @@ -435,16 +426,15 @@ This policy setting is used to require, allow, or deny the use of passwords with |**Policy description**|With this policy setting, you can specify whether a password is required to unlock BitLocker-protected removable data drives.| |**Introduced**|Windows Server 2008 R2 and Windows 7| |**Drive type**|Removable data drives| -|**Policy path**|Computer Configuration\Administrative Templates\Windows Components\BitLocker Drive Encryption\Removable Data Drives| +|**Policy path**|*Computer Configuration* > *Administrative Templates* > *Windows Components* > *BitLocker Drive Encryption* > *Removable Data Drives*| |**Conflicts**|To use password complexity, the **Password must meet complexity requirements** policy setting, which is located at **Computer Configuration\Windows Settings\Security Settings\Account Policies\Password Policy** must also be enabled.| |**When enabled**|Users can configure a password that meets the requirements you define. To require the use of a password, select **Require password for removable data drive**. To enforce complexity requirements on the password, select **Require complexity**.| |**When disabled**|The user isn't allowed to use a password.| |**When not configured**|Passwords are supported with the default settings, which don't include password complexity requirements and require only eight characters.| -**Reference** +#### Reference: Configure use of passwords on removable data drives -If you choose to allow the use of a password, you can require a password to be used, enforce complexity requirements, and configure a minimum length. For the complexity requirement setting to be effective, the group policy setting **Password must meet complexity requirements**, which is located at -**Computer Configuration\\Windows Settings\\Security Settings\\Account Policies\\Password Policy**, must also be enabled. +If you choose to allow the use of a password, you can require a password to be used, enforce complexity requirements, and configure a minimum length. For the complexity requirement setting to be effective, the group policy setting **Password must meet complexity requirements**, which is located at *Computer Configuration* > *Windows Settings* > *Security Settings* > *Account Policies* > *Password Policy*, must also be enabled. > [!NOTE] > These settings are enforced when turning on BitLocker, not when unlocking a drive. BitLocker allows unlocking a drive with any of the protectors that are available on the drive. @@ -453,7 +443,7 @@ Passwords must be at least eight characters. To configure a greater minimum leng When set to **Require complexity**, a connection to a domain controller is necessary when BitLocker is enabled to validate the complexity of the password. -When set to **Allow complexity**, a connection to a domain controller is be attempted to validate that the complexity adheres to the rules set by the policy. However, if no domain controllers are found, the password is still be accepted regardless of actual password complexity and the drive is encrypted by using that password as a protector. +When set to **Allow complexity**, a connection to a domain controller is attempted to validate that the complexity adheres to the rules set by the policy. However, if no domain controllers are found, the password is still be accepted regardless of actual password complexity and the drive is encrypted by using that password as a protector. When set to **Do not allow complexity**, no password complexity validation is done. @@ -462,7 +452,7 @@ When set to **Do not allow complexity**, no password complexity validation is do For information about this setting, see [System cryptography: Use FIPS-compliant algorithms for encryption, hashing, and signing](../../threat-protection/security-policy-settings/system-cryptography-use-fips-compliant-algorithms-for-encryption-hashing-and-signing.md). -### Validate smart card certificate usage rule compliance +### Validate smart card certificate usage rule compliance This policy setting is used to determine what certificate to use with BitLocker. @@ -471,12 +461,12 @@ This policy setting is used to determine what certificate to use with BitLocker. |**Policy description**|With this policy setting, you can associate an object identifier from a smart card certificate to a BitLocker-protected drive.| |**Introduced**|Windows Server 2008 R2 and Windows 7| |**Drive type**|Fixed and removable data drives| -|**Policy path**|Computer Configuration\Administrative Templates\Windows Components\BitLocker Drive Encryption| +|**Policy path**|*Computer Configuration* > *Administrative Templates* > *Windows Components* > *BitLocker Drive Encryption*| |**Conflicts**|None| |**When enabled**|The object identifier that is specified in the **Object identifier** setting must match the object identifier in the smart card certificate.| |**When disabled or not configured**|The default object identifier is used.| -**Reference** +#### Reference: Validate smart card certificate usage rule compliance This policy setting is applied when you turn on BitLocker. @@ -487,21 +477,19 @@ The default object identifier is 1.3.6.1.4.1.311.67.1.1. > [!NOTE] > BitLocker doesn't require that a certificate have an EKU attribute; however, if one is configured for the certificate, it must be set to an object identifier that matches the object identifier configured for BitLocker. -### Enable use of BitLocker authentication requiring preboot keyboard input on slates - -### Enable use of BitLocker authentication requiring pre-boot keyboard input on slates +### Enable use of BitLocker authentication requiring preboot keyboard input on slates | |   | |:---|:---| |**Policy description**|With this policy setting, you can allow users to enable authentication options that require user input from the preboot environment, even if the platform indicates a lack of preboot input capability.| |**Introduced**|Windows Server 2012 and Windows 8| |**Drive type**|Operating system drive| -|**Policy path**|Computer Configuration\Administrative Templates\Windows Components\BitLocker Drive Encryption\Operating System Drive| +|**Policy path**|*Computer Configuration* > *Administrative Templates* > *Windows Components* > *BitLocker Drive Encryption* > *Operating System Drives*| |**Conflicts**|None| |**When enabled**|Devices must have an alternative means of preboot input (such as an attached USB keyboard).| |**When disabled or not configured**|The Windows Recovery Environment must be enabled on tablets to support entering the BitLocker recovery password.| -**Reference** +#### Reference: Enable use of BitLocker authentication requiring preboot keyboard input on slates The Windows touch keyboard (such as used by tablets) isn't available in the preboot environment where BitLocker requires additional information, such as a PIN or password. @@ -515,7 +503,7 @@ If you don't enable this policy setting, the following options in the **Require - Configure TPM startup key and PIN: Required and Allowed - Configure use of passwords for operating system drives -### Deny write access to fixed drives not protected by BitLocker +### Deny write access to fixed drives not protected by BitLocker This policy setting is used to require encryption of fixed drives prior to granting Write access. @@ -524,27 +512,30 @@ This policy setting is used to require encryption of fixed drives prior to grant |**Policy description**|With this policy setting, you can set whether BitLocker protection is required for fixed data drives to be writable on a computer.| |**Introduced**|Windows Server 2008 R2 and Windows 7| |**Drive type**|Fixed data drives| -|**Policy path**|Computer Configuration\Administrative Templates\Windows Components\BitLocker Drive Encryption\Fixed Data Drives| +|**Policy path**|*Computer Configuration* > *Administrative Templates* > *Windows Components* > *BitLocker Drive Encryption* > *Fixed Data Drives*| |**Conflicts**|See the Reference section for a description of conflicts.| |**When enabled**|All fixed data drives that aren't BitLocker-protected are mounted as Read-only. If the drive is protected by BitLocker, it's mounted with Read and Write access.| |**When disabled or not configured**|All fixed data drives on the computer are mounted with Read and Write access.| -**Reference** +#### Reference: Deny write access to fixed drives not protected by BitLocker This policy setting is applied when you turn on BitLocker. Conflict considerations include: -1. When this policy setting is enabled, users receive "Access denied" error messages when they try to save data to unencrypted fixed data drives. See the Reference section for additional conflicts. -2. If BdeHdCfg.exe is run on a computer when this policy setting is enabled, you could encounter the following issues: +1. When this policy setting is enabled, users receive "Access denied" error messages when they try to save data to unencrypted fixed data drives. See the Reference section for additional conflicts. - - If you attempted to shrink the drive and create the system drive, the drive size is successfully reduced and a raw partition is created. However, the raw partition isn't formatted. The following error message is displayed: "The new active drive cannot be formatted. You may need to manually prepare your drive for BitLocker." - - If you attempt to use unallocated space to create the system drive, a raw partition will be created. However, the raw partition will not be formatted. The following error message is displayed: "The new active drive cannot be formatted. You may need to manually prepare your drive for BitLocker." - - If you attempt to merge an existing drive into the system drive, the tool fails to copy the required boot file onto the target drive to create the system drive. The following error message is displayed: "BitLocker setup failed to copy boot files. You may need to manually prepare your drive for BitLocker." +2. If `BdeHdCfg.exe` is run on a computer when this policy setting is enabled, you could encounter the following issues: -3. If this policy setting is enforced, a hard drive can't be repartitioned because the drive is protected. If you are upgrading computers in your organization from a previous version of Windows, and those computers were configured with a single partition, you should create the required BitLocker system partition before you apply this policy setting to the computers. + - If you attempted to shrink the drive and create the system drive, the drive size is successfully reduced, and a raw partition is created. However, the raw partition isn't formatted. The following error message is displayed: **The new active drive cannot be formatted. You may need to manually prepare your drive for BitLocker.** -### Deny write access to removable drives not protected by BitLocker + - If you attempt to use unallocated space to create the system drive, a raw partition will be created. However, the raw partition won't be formatted. The following error message is displayed: **The new active drive cannot be formatted. You may need to manually prepare your drive for BitLocker.** + + - If you attempt to merge an existing drive into the system drive, the tool fails to copy the required boot file onto the target drive to create the system drive. The following error message is displayed: **BitLocker setup failed to copy boot files. You may need to manually prepare your drive for BitLocker.** + +3. If this policy setting is enforced, a hard drive can't be repartitioned because the drive is protected. If you're upgrading computers in your organization from a previous version of Windows, and those computers were configured with a single partition, you should create the required BitLocker system partition before you apply this policy setting to the computers. + +### Deny write access to removable drives not protected by BitLocker This policy setting is used to require that removable drives are encrypted prior to granting Write access, and to control whether BitLocker-protected removable drives that were configured in another organization can be opened with Write access. @@ -553,12 +544,12 @@ This policy setting is used to require that removable drives are encrypted prior |**Policy description**|With this policy setting, you can configure whether BitLocker protection is required for a computer to be able to write data to a removable data drive.| |**Introduced**|Windows Server 2008 R2 and Windows 7| |**Drive type**|Removable data drives| -|**Policy path**|Computer Configuration\Administrative Templates\Windows Components\BitLocker Drive Encryption\Removable Data Drives| +|**Policy path**|*Computer Configuration* > *Administrative Templates* > *Windows Components* > *BitLocker Drive Encryption* > *Removable Data Drives*| |**Conflicts**|See the Reference section for a description of conflicts.| |**When enabled**|All removable data drives that aren't BitLocker-protected are mounted as Read-only. If the drive is protected by BitLocker, it's mounted with Read and Write access.| |**When disabled or not configured**|All removable data drives on the computer are mounted with Read and Write access.| -**Reference** +#### Reference: Deny write access to removable drives not protected by BitLocker If the **Deny write access to devices configured in another organization** option is selected, only drives with identification fields that match the computer's identification fields are given Write access. When a removable data drive is accessed, it's checked for a valid identification field and allowed identification fields. These fields are defined by the **Provide the unique identifiers for your organization** policy setting. @@ -567,11 +558,13 @@ If the **Deny write access to devices configured in another organization** optio Conflict considerations include: -1. Use of BitLocker with the TPM plus a startup key or with the TPM plus a PIN and startup key must be disallowed if the **Deny write access to removable drives not protected by BitLocker** policy setting is enabled. -2. Use of recovery keys must be disallowed if the **Deny write access to removable drives not protected by BitLocker** policy setting is enabled. -3. You must enable the **Provide the unique identifiers for your organization** policy setting if you want to deny Write access to drives that were configured in another organization. +1. Use of BitLocker with the TPM plus a startup key or with the TPM plus a PIN and startup key must be disallowed if the **Deny write access to removable drives not protected by BitLocker** policy setting is enabled. -### Control use of BitLocker on removable drives +2. Use of recovery keys must be disallowed if the **Deny write access to removable drives not protected by BitLocker** policy setting is enabled. + +3. You must enable the **Provide the unique identifiers for your organization** policy setting if you want to deny Write access to drives that were configured in another organization. + +### Control use of BitLocker on removable drives This policy setting is used to prevent users from turning BitLocker on or off on removable data drives. @@ -580,13 +573,13 @@ This policy setting is used to prevent users from turning BitLocker on or off on |**Policy description**|With this policy setting, you can control the use of BitLocker on removable data drives.| |**Introduced**|Windows Server 2008 R2 and Windows 7| |**Drive type**|Removable data drives| -|**Policy path**|Computer Configuration\Administrative Templates\Windows Components\BitLocker Drive Encryption\Removable Data Drives| +|**Policy path**|*Computer Configuration* > *Administrative Templates* > *Windows Components* > *BitLocker Drive Encryption* > *Removable Data Drives*| |**Conflicts**|None| |**When enabled**|You can select property settings that control how users can configure BitLocker.| |**When disabled**|Users can't use BitLocker on removable data drives.| |**When not configured**|Users can use BitLocker on removable data drives.| -**Reference** +#### Reference: Control use of BitLocker on removable drives This policy setting is applied when you turn on BitLocker. @@ -595,9 +588,10 @@ For information about suspending BitLocker protection, see [BitLocker Basic Depl The options for choosing property settings that control how users can configure BitLocker are: - **Allow users to apply BitLocker protection on removable data drives** Enables the user to run the BitLocker Setup Wizard on a removable data drive. + - **Allow users to suspend and decrypt BitLocker on removable data drives** Enables the user to remove BitLocker from the drive or to suspend the encryption while performing maintenance. -### Choose drive encryption method and cipher strength +### Choose drive encryption method and cipher strength This policy setting is used to control the encryption method and cipher strength. @@ -606,19 +600,20 @@ This policy setting is used to control the encryption method and cipher strength |**Policy description**|With this policy setting, you can control the encryption method and strength for drives.| |**Introduced**|Windows Server 2012 and Windows 8| |**Drive type**|All drives| -|**Policy path**|Computer Configuration\Administrative Templates\Windows Components\BitLocker Drive Encryption| +|**Policy path**|*Computer Configuration* > *Administrative Templates* > *Windows Components* > *BitLocker Drive Encryption*| |**Conflicts**|None| |**When enabled**|You can choose an encryption algorithm and key cipher strength for BitLocker to use to encrypt drives.| -|**When disabled or not configured**|Beginning with Windows 10, version 1511, or Windows 11, BitLocker uses the default encryption method of XTS-AES 128-bit or the encryption method that is specified by the setup script. +|**When disabled or not configured**|Beginning with Windows 10, version 1511, or Windows 11, BitLocker uses the default encryption method of XTS-AES 128-bit or the encryption method that is specified by the setup script. -**Reference** +#### Reference: Choose drive encryption method and cipher strength -The values of this policy determine the strength of the cipher that BitLocker uses for encryption. -Enterprises may want to control the encryption level for increased security (AES-256 is stronger than AES-128). +The values of this policy determine the strength of the cipher that BitLocker uses for encryption. Enterprises may want to control the encryption level for increased security (AES-256 is stronger than AES-128). If you enable this setting, you can configure an encryption algorithm and key cipher strength for fixed data drives, operating system drives, and removable data drives individually. -For fixed and operating system drives, we recommend that you use the XTS-AES algorithm. -For removable drives, you should use AES-CBC 128-bit or AES-CBC 256-bit if the drive will be used in other devices that aren't running Windows 10, version 1511 or later, or Windows 11. + +- For fixed and operating system drives, we recommend that you use the XTS-AES algorithm. + +- For removable drives, you should use AES-CBC 128-bit or AES-CBC 256-bit if the drive will be used in other devices that aren't running Windows 10, version 1511 or later, or Windows 11. Changing the encryption method has no effect if the drive is already encrypted or if encryption is in progress. In these cases, this policy setting is ignored. @@ -627,7 +622,7 @@ Changing the encryption method has no effect if the drive is already encrypted o When this policy setting is disabled or not configured, BitLocker will use the default encryption method of XTS-AES 128-bit or the encryption method that is specified in the setup script. -### Configure use of hardware-based encryption for fixed data drives +### Configure use of hardware-based encryption for fixed data drives This policy controls how BitLocker reacts to systems that are equipped with encrypted drives when they're used as fixed data volumes. Using hardware-based encryption can improve the performance of drive operations that involve frequent reading or writing of data to the drive. @@ -636,13 +631,13 @@ This policy controls how BitLocker reacts to systems that are equipped with encr |**Policy description**|With this policy setting, you can manage BitLocker's use of hardware-based encryption on fixed data drives and to specify which encryption algorithms BitLocker can use with hardware-based encryption.| |**Introduced**|Windows Server 2012 and Windows 8| |**Drive type**|Fixed data drives| -|**Policy path**|Computer Configuration\Administrative Templates\Windows Components\BitLocker Drive Encryption\Fixed Data Drives| +|**Policy path**|*Computer Configuration* > *Administrative Templates* > *Windows Components* > *BitLocker Drive Encryption* > *Fixed Data Drives*| |**Conflicts**|None| |**When enabled**|You can specify additional options that control whether BitLocker software-based encryption is used instead of hardware-based encryption on computers that don't support hardware-based encryption. You can also specify whether you want to restrict the encryption algorithms and cipher suites that are used with hardware-based encryption.| |**When disabled**|BitLocker can't use hardware-based encryption with fixed data drives, and BitLocker software-based encryption is used by default when the drive in encrypted.| |**When not configured**|BitLocker software-based encryption is used irrespective of hardware-based encryption ability.| -**Reference** +#### Reference: Configure use of hardware-based encryption for fixed data drives > [!NOTE] > The **Choose drive encryption method and cipher strength** policy setting doesn't apply to hardware-based encryption. @@ -652,7 +647,7 @@ The encryption algorithm that is used by hardware-based encryption is set when t - Advanced Encryption Standard (AES) 128 in Cipher Block Chaining (CBC) mode OID: 2.16.840.1.101.3.4.1.2 - AES 256 in CBC mode OID: 2.16.840.1.101.3.4.1.42 -### Configure use of hardware-based encryption for operating system drives +### Configure use of hardware-based encryption for operating system drives This policy controls how BitLocker reacts when encrypted drives are used as operating system drives. Using hardware-based encryption can improve the performance of drive operations that involve frequent reading or writing of data to the drive. @@ -661,13 +656,13 @@ This policy controls how BitLocker reacts when encrypted drives are used as oper |**Policy description**|With this policy setting, you can manage BitLocker's use of hardware-based encryption on operating system drives and specify which encryption algorithms it can use with hardware-based encryption.| |**Introduced**|Windows Server 2012 and Windows 8| |**Drive type**|Operating system drives| -|**Policy path**|Computer Configuration\Administrative Templates\Windows Components\BitLocker Drive Encryption\Operating System Drives| +|**Policy path**|*Computer Configuration* > *Administrative Templates* > *Windows Components* > *BitLocker Drive Encryption* > *Operating System Drives*| |**Conflicts**|None| |**When enabled**|You can specify additional options that control whether BitLocker software-based encryption is used instead of hardware-based encryption on computers that don't support hardware-based encryption. You can also specify whether you want to restrict the encryption algorithms and cipher suites that are used with hardware-based encryption.| |**When disabled**|BitLocker can't use hardware-based encryption with operating system drives, and BitLocker software-based encryption is used by default when the drive in encrypted.| |**When not configured**|BitLocker software-based encryption is used irrespective of hardware-based encryption ability.| -**Reference** +#### Reference: Configure use of hardware-based encryption for operating system drives If hardware-based encryption isn't available, BitLocker software-based encryption is used instead. @@ -679,7 +674,7 @@ The encryption algorithm that is used by hardware-based encryption is set when t - Advanced Encryption Standard (AES) 128 in Cipher Block Chaining (CBC) mode OID: 2.16.840.1.101.3.4.1.2 - AES 256 in CBC mode OID: 2.16.840.1.101.3.4.1.42 -### Configure use of hardware-based encryption for removable data drives +### Configure use of hardware-based encryption for removable data drives This policy controls how BitLocker reacts to encrypted drives when they're used as removable data drives. Using hardware-based encryption can improve the performance of drive operations that involve frequent reading or writing of data to the drive. @@ -688,13 +683,13 @@ This policy controls how BitLocker reacts to encrypted drives when they're used |**Policy description**|With this policy setting, you can manage BitLocker's use of hardware-based encryption on removable data drives and specify which encryption algorithms it can use with hardware-based encryption.| |**Introduced**|Windows Server 2012 and Windows 8| |**Drive type**|Removable data drive| -|**Policy path**|Computer Configuration\Administrative Templates\Windows Components\BitLocker Drive Encryption\Removable Data Drives| +|**Policy path**|*Computer Configuration* > *Administrative Templates* > *Windows Components* > *BitLocker Drive Encryption* > *Removable Data Drives*| |**Conflicts**|None| |**When enabled**|You can specify additional options that control whether BitLocker software-based encryption is used instead of hardware-based encryption on computers that don't support hardware-based encryption. You can also specify whether you want to restrict the encryption algorithms and cipher suites that are used with hardware-based encryption.| |**When disabled**|BitLocker can't use hardware-based encryption with removable data drives, and BitLocker software-based encryption is used by default when the drive in encrypted.| |**When not configured**|BitLocker software-based encryption is used irrespective of hardware-based encryption ability.| -**Reference** +#### Reference: Configure use of hardware-based encryption for removable data drives If hardware-based encryption isn't available, BitLocker software-based encryption is used instead. @@ -706,7 +701,7 @@ The encryption algorithm that is used by hardware-based encryption is set when t - Advanced Encryption Standard (AES) 128 in Cipher Block Chaining (CBC) mode OID: 2.16.840.1.101.3.4.1.2 - AES 256 in CBC mode OID: 2.16.840.1.101.3.4.1.42 -### Enforce drive encryption type on fixed data drives +### Enforce drive encryption type on fixed data drives This policy controls whether fixed data drives utilize Used Space Only encryption or Full encryption. Setting this policy also causes the BitLocker Setup Wizard to skip the encryption options page so no encryption selection displays to the user. @@ -715,12 +710,12 @@ This policy controls whether fixed data drives utilize Used Space Only encryptio |**Policy description**|With this policy setting, you can configure the encryption type that is used by BitLocker.| |**Introduced**|Windows Server 2012 and Windows 8| |**Drive type**|Fixed data drive| -|**Policy path**|Computer Configuration\Administrative Templates\Windows Components\BitLocker Drive Encryption\Fixed Data Drives| +|**Policy path**|*Computer Configuration* > *Administrative Templates* > *Windows Components* > *BitLocker Drive Encryption* > *Fixed Data Drives*| |**Conflicts**|None| |**When enabled**|This policy defines the encryption type that BitLocker uses to encrypt drives, and the encryption type option isn't presented in the BitLocker Setup Wizard.| |**When disabled or not configured**|The BitLocker Setup Wizard asks the user to select the encryption type before turning on BitLocker.| -**Reference** +#### Reference: Enforce drive encryption type on fixed data drives This policy setting is applied when you turn on BitLocker. Changing the encryption type has no effect if the drive is already encrypted or if encryption is in progress. Choose Full encryption to make it mandatory for the entire drive to be encrypted when BitLocker is turned on. Choose Used Space Only encryption to make it mandatory to encrypt only that portion of the drive that is used to store data when BitLocker is turned on. @@ -729,7 +724,7 @@ This policy setting is applied when you turn on BitLocker. Changing the encrypti For more information about the tool to manage BitLocker, see [Manage-bde](/windows-server/administration/windows-commands/manage-bde). -### Enforce drive encryption type on operating system drives +### Enforce drive encryption type on operating system drives This policy controls whether operating system drives utilize Full encryption or Used Space Only encryption. Setting this policy also causes the BitLocker Setup Wizard to skip the encryption options page, so no encryption selection displays to the user. @@ -738,12 +733,12 @@ This policy controls whether operating system drives utilize Full encryption or |**Policy description**|With this policy setting, you can configure the encryption type that is used by BitLocker.| |**Introduced**|Windows Server 2012 and Windows 8| |**Drive type**|Operating system drive| -|**Policy path**|Computer Configuration\Administrative Templates\Windows Components\BitLocker Drive Encryption\Operating System Drives| +|**Policy path**|*Computer Configuration* > *Administrative Templates* > *Windows Components* > *BitLocker Drive Encryption* > *Operating System Drives*| |**Conflicts**|None| |**When enabled**|The encryption type that BitLocker uses to encrypt drives is defined by this policy, and the encryption type option isn't presented in the BitLocker Setup Wizard.| |**When disabled or not configured**|The BitLocker Setup Wizard asks the user to select the encryption type before turning on BitLocker.| -**Reference** +#### Reference: Enforce drive encryption type on operating system drives This policy setting is applied when you turn on BitLocker. Changing the encryption type has no effect if the drive is already encrypted or if encryption is in progress. Choose Full encryption to make it mandatory for the entire drive to be encrypted when BitLocker is turned on. Choose Used Space Only encryption to make it mandatory to encrypt only that portion of the drive that is used to store data when BitLocker is turned on. @@ -752,7 +747,7 @@ This policy setting is applied when you turn on BitLocker. Changing the encrypti For more information about the tool to manage BitLocker, see [Manage-bde](/windows-server/administration/windows-commands/manage-bde). -### Enforce drive encryption type on removable data drives +### Enforce drive encryption type on removable data drives This policy controls whether fixed data drives utilize Full encryption or Used Space Only encryption. Setting this policy also causes the BitLocker Setup Wizard to skip the encryption options page, so no encryption selection displays to the user. @@ -761,12 +756,12 @@ This policy controls whether fixed data drives utilize Full encryption or Used S |**Policy description**|With this policy setting, you can configure the encryption type that is used by BitLocker.| |**Introduced**|Windows Server 2012 and Windows 8| |**Drive type**|Removable data drive| -|**Policy path**|Computer Configuration\Administrative Templates\Windows Components\BitLocker Drive Encryption\Removable Data Drives| +|**Policy path**|*Computer Configuration* > *Administrative Templates* > *Windows Components* > *BitLocker Drive Encryption* > *Removable Data Drives*| |**Conflicts**|None| |**When enabled**|The encryption type that BitLocker uses to encrypt drives is defined by this policy, and the encryption type option isn't presented in the BitLocker Setup Wizard.| |**When disabled or not configured**|The BitLocker Setup Wizard asks the user to select the encryption type before turning on BitLocker.| -**Reference** +#### Reference: Enforce drive encryption type on removable data drives This policy setting is applied when you turn on BitLocker. Changing the encryption type has no effect if the drive is already encrypted or if encryption is in progress. Choose Full encryption to make it mandatory for the entire drive to be encrypted when BitLocker is turned on. Choose Used Space Only encryption to make it mandatory to encrypt only that portion of the drive that is used to store data when BitLocker is turned on. @@ -775,7 +770,7 @@ This policy setting is applied when you turn on BitLocker. Changing the encrypti For more information about the tool to manage BitLocker, see [Manage-bde](/windows-server/administration/windows-commands/manage-bde). -### Choose how BitLocker-protected operating system drives can be recovered +### Choose how BitLocker-protected operating system drives can be recovered This policy setting is used to configure recovery methods for operating system drives. @@ -784,12 +779,12 @@ This policy setting is used to configure recovery methods for operating system d |**Policy description**|With this policy setting, you can control how BitLocker-protected operating system drives are recovered in the absence of the required startup key information.| |**Introduced**|Windows Server 2008 R2 and Windows 7| |**Drive type**|Operating system drives| -|**Policy path**|Computer Configuration\Administrative Templates\Windows Components\BitLocker Drive Encryption\Operating System Drives| +|**Policy path**|*Computer Configuration* > *Administrative Templates* > *Windows Components* > *BitLocker Drive Encryption* > *Operating System Drives*| |**Conflicts**|You must disallow the use of recovery keys if the **Deny write access to removable drives not protected by BitLocker** policy setting is enabled.

    When using data recovery agents, you must enable the **Provide the unique identifiers for your organization** policy setting.| |**When enabled**|You can control the methods that are available to users to recover data from BitLocker-protected operating system drives.| |**When disabled or not configured**|The default recovery options are supported for BitLocker recovery. By default, a data recovery agent is allowed, the recovery options can be specified by the user (including the recovery password and recovery key), and recovery information isn't backed up to AD DS.| -**Reference** +#### Reference: Choose how BitLocker-protected operating system drives can be recovered This policy setting is applied when you turn on BitLocker. @@ -799,8 +794,7 @@ For more information about adding data recovery agents, see [BitLocker basic dep In **Configure user storage of BitLocker recovery information**, select whether users are allowed, required, or not allowed to generate a 48-digit recovery password. -Select **Omit recovery options from the BitLocker setup wizard** to prevent users from specifying recovery options when they enable BitLocker on a drive. This means that you can't specify which recovery option to use when you enable BitLocker. Instead, BitLocker recovery options for -the drive are determined by the policy setting. +Select **Omit recovery options from the BitLocker setup wizard** to prevent users from specifying recovery options when they enable BitLocker on a drive. This policy setting means that you can't specify which recovery option to use when you enable BitLocker. Instead, BitLocker recovery options for the drive are determined by the policy setting. In **Save BitLocker recovery information to Active Directory Domain Services**, choose which BitLocker recovery information to store in Active Directory Domain Services (AD DS) for operating system drives. If you select **Store recovery password and key packages**, the BitLocker recovery password and the key package are stored in AD DS. Storing the key package supports the recovery of data from a drive that is physically corrupted. If you select **Store recovery password only**, only the recovery password is stored in AD DS. @@ -809,7 +803,7 @@ Select the **Do not enable BitLocker until recovery information is stored in AD > [!NOTE] > If the **Do not enable BitLocker until recovery information is stored in AD DS for operating system drives** check box is selected, a recovery password is automatically generated. -### Choose how users can recover BitLocker-protected drives (Windows Server 2008 and Windows Vista) +### Choose how users can recover BitLocker-protected drives (Windows Server 2008 and Windows Vista) This policy setting is used to configure recovery methods for BitLocker-protected drives on computers running Windows Server 2008 or Windows Vista. @@ -818,18 +812,22 @@ This policy setting is used to configure recovery methods for BitLocker-protecte |**Policy description**|With this policy setting, you can control whether the BitLocker Setup Wizard can display and specify BitLocker recovery options.| |**Introduced**|Windows Server 2008 and Windows Vista| |**Drive type**|Operating system drives and fixed data drives on computers running Windows Server 2008 and Windows Vista| -|**Policy path**|Computer Configuration\Administrative Templates\Windows Components\BitLocker Drive Encryption| +|**Policy path**|*Computer Configuration* > *Administrative Templates* > *Windows Components* > *BitLocker Drive Encryption*| |**Conflicts**|This policy setting provides an administrative method of recovering data that is encrypted by BitLocker to prevent data loss due to lack of key information. If you choose the **Do not allow** option for both user recovery options, you must enable the **Store BitLocker recovery information in Active Directory Domain Services (Windows Server 2008 and Windows Vista)** policy setting to prevent a policy error.| |**When enabled**|You can configure the options that the BitLocker Setup Wizard displays to users for recovering BitLocker encrypted data.| |**When disabled or not configured**|The BitLocker Setup Wizard presents users with ways to store recovery options.| -**Reference** +#### Reference: Choose how users can recover BitLocker-protected drives (Windows Server 2008 and Windows Vista) This policy is only applicable to computers running Windows Server 2008 or Windows Vista. This policy setting is applied when you turn on BitLocker. Two recovery options can be used to unlock BitLocker-encrypted data in the absence of the required startup key information. Users can type a 48-digit numerical recovery password, or they can insert a USB drive that contains a 256-bit recovery key. -Saving the recovery password to a USB drive stores the 48-digit recovery password as a text file and the 256-bit recovery key as a hidden file. Saving the recovery password to a folder stores the 48-digit recovery password as a text file. Printing the recovery password sends the 48-digit recovery password to the default printer. For example, not allowing the 48-digit recovery password prevents users from printing or saving recovery information to a folder. +- Saving the recovery password to a USB drive stores the 48-digit recovery password as a text file and the 256-bit recovery key as a hidden file. +- Saving the recovery password to a folder stores the 48-digit recovery password as a text file. +- Printing the recovery password sends the 48-digit recovery password to the default printer. + +For example, not allowing the 48-digit recovery password prevents users from printing or saving recovery information to a folder. > [!IMPORTANT] > If TPM initialization is performed during the BitLocker setup, TPM owner information is saved or printed with the BitLocker recovery information. @@ -838,21 +836,21 @@ Saving the recovery password to a USB drive stores the 48-digit recovery passwor > [!IMPORTANT] > To prevent data loss, you must have a way to recover BitLocker encryption keys. If you don't allow both recovery options, you must enable the backup of BitLocker recovery information to AD DS. Otherwise, a policy error occurs. -### Store BitLocker recovery information in Active Directory Domain Services (Windows Server 2008 and Windows Vista) +### Store BitLocker recovery information in Active Directory Domain Services (Windows Server 2008 and Windows Vista) -This policy setting is used to configure the storage of BitLocker recovery information in AD DS. This provides an administrative method of recovering data that is encrypted by BitLocker to prevent data loss due to lack of key information. +This policy setting is used to configure the storage of BitLocker recovery information in AD DS. This policy setting provides an administrative method of recovering data that is encrypted by BitLocker to prevent data loss due to lack of key information. | |   | |:---|:---| |**Policy description**|With this policy setting, you can manage the AD DS backup of BitLocker Drive Encryption recovery information.| |**Introduced**|Windows Server 2008 and Windows Vista| |**Drive type**|Operating system drives and fixed data drives on computers running Windows Server 2008 and Windows Vista.| -|**Policy path**|Computer Configuration\Administrative Templates\Windows Components\BitLocker Drive Encryption| +|**Policy path**|*Computer Configuration* > *Administrative Templates* > *Windows Components* > *BitLocker Drive Encryption*| |**Conflicts**|None| |**When enabled**|BitLocker recovery information is automatically and silently backed up to AD DS when BitLocker is turned on for a computer.| |**When disabled or not configured**|BitLocker recovery information isn't backed up to AD DS.| -**Reference** +#### Reference: Store BitLocker recovery information in Active Directory Domain Services (Windows Server 2008 and Windows Vista) This policy is only applicable to computers running Windows Server 2008 or Windows Vista. @@ -860,7 +858,7 @@ This policy setting is applied when you turn on BitLocker. BitLocker recovery information includes the recovery password and unique identifier data. You can also include a package that contains an encryption key for a BitLocker-protected drive. This key package is secured by one or more recovery passwords, and it can help perform specialized recovery when the disk is damaged or corrupted. -If you select **Require BitLocker backup to AD DS**, BitLocker can't be turned on unless the computer is connected to the domain and the backup of BitLocker recovery information to AD DS succeeds. This option is selected by default to help ensure that BitLocker recovery is possible. +If you select **Require BitLocker backup to AD DS**, BitLocker can't be turned on unless the computer is connected to the domain, and the backup of BitLocker recovery information to AD DS succeeds. This option is selected by default to help ensure that BitLocker recovery is possible. A recovery password is a 48-digit number that unlocks access to a BitLocker-protected drive. A key package contains a drive's BitLocker encryption key, which is secured by one or more recovery passwords. Key packages may help perform specialized recovery when the disk is damaged or corrupted. @@ -869,7 +867,7 @@ TPM initialization might be needed during the BitLocker setup. Enable the **Turn For more information about this setting, see [TPM Group Policy settings](/windows/device-security/tpm/trusted-platform-module-services-group-policy-settings). -### Choose default folder for recovery password +### Choose default folder for recovery password This policy setting is used to configure the default folder for recovery passwords. @@ -878,19 +876,19 @@ This policy setting is used to configure the default folder for recovery passwor |**Policy description**|With this policy setting, you can specify the default path that is displayed when the BitLocker Setup Wizard prompts the user to enter the location of a folder in which to save the recovery password.| |**Introduced**|Windows Vista| |**Drive type**|All drives| -|**Policy path**|Computer Configuration\Administrative Templates\Windows Components\BitLocker Drive Encryption| +|**Policy path**|*Computer Configuration* > *Administrative Templates* > *Windows Components* > *BitLocker Drive Encryption*| |**Conflicts**|None| |**When enabled**|You can specify the path that will be used as the default folder location when the user chooses the option to save the recovery password in a folder. You can specify a fully qualified path or include the target computer's environment variables in the path. If the path isn't valid, the BitLocker Setup Wizard displays the computer's top-level folder view.| |**When disabled or not configured**|The BitLocker Setup Wizard displays the computer's top-level folder view when the user chooses the option to save the recovery password in a folder.| -**Reference** +#### Reference: Choose default folder for recovery password This policy setting is applied when you turn on BitLocker. > [!NOTE] > This policy setting doesn't prevent the user from saving the recovery password in another folder. -### Choose how BitLocker-protected fixed drives can be recovered +### Choose how BitLocker-protected fixed drives can be recovered This policy setting is used to configure recovery methods for fixed data drives. @@ -899,12 +897,12 @@ This policy setting is used to configure recovery methods for fixed data drives. |**Policy description**|With this policy setting, you can control how BitLocker-protected fixed data drives are recovered in the absence of the required credentials.| |**Introduced**|Windows Server 2008 R2 and Windows 7| |**Drive type**|Fixed data drives| -|**Policy path**|Computer Configuration\Administrative Templates\Windows Components\BitLocker Drive Encryption\Fixed Data Drives| +|**Policy path**|*Computer Configuration* > *Administrative Templates* > *Windows Components* > *BitLocker Drive Encryption* > *Fixed Data Drives*| |**Conflicts**|You must disallow the use of recovery keys if the **Deny write access to removable drives not protected by BitLocker** policy setting is enabled.

    When using data recovery agents, you must enable and configure the **Provide the unique identifiers for your organization** policy setting.| |**When enabled**|You can control the methods that are available to users to recover data from BitLocker-protected fixed data drives.| |**When disabled or not configured**|The default recovery options are supported for BitLocker recovery. By default, a data recovery agent is allowed, the recovery options can be specified by the user (including the recovery password and recovery key), and recovery information isn't backed up to AD DS.| -**Reference** +#### Reference: Choose how BitLocker-protected fixed drives can be recovered This policy setting is applied when you turn on BitLocker. @@ -912,7 +910,7 @@ The **Allow data recovery agent** check box is used to specify whether a data re In **Configure user storage of BitLocker recovery information**, select whether users can be allowed, required, or not allowed to generate a 48-digit recovery password or a 256-bit recovery key. -Select **Omit recovery options from the BitLocker setup wizard** to prevent users from specifying recovery options when they enable BitLocker on a drive. This means that you can't specify which recovery option to use when you enable BitLocker. Instead, BitLocker recovery options for the drive are determined by the policy setting. +Select **Omit recovery options from the BitLocker setup wizard** to prevent users from specifying recovery options when they enable BitLocker on a drive. This policy setting means that you can't specify which recovery option to use when you enable BitLocker. Instead, BitLocker recovery options for the drive are determined by the policy setting. In **Save BitLocker recovery information to Active Directory Domain Services**, choose which BitLocker recovery information to store in AD DS for fixed data drives. If you select **Backup recovery password and key package**, the BitLocker recovery password and the key package are stored in AD DS. Storing the key package supports recovering data from a drive that has been physically corrupted. To recover this data, you can use the `Repair-bde` command-line tool. If you select **Backup recovery password only**, only the recovery password is stored in AD DS. @@ -924,7 +922,7 @@ Select the **Do not enable BitLocker until recovery information is stored in AD > [!NOTE] > If the **Do not enable BitLocker until recovery information is stored in AD DS for fixed data drives** check box is selected, a recovery password is automatically generated. -### Choose how BitLocker-protected removable drives can be recovered +### Choose how BitLocker-protected removable drives can be recovered This policy setting is used to configure recovery methods for removable data drives. @@ -933,12 +931,12 @@ This policy setting is used to configure recovery methods for removable data dri |**Policy description**|With this policy setting, you can control how BitLocker-protected removable data drives are recovered in the absence of the required credentials.| |**Introduced**|Windows Server 2008 R2 and Windows 7| |**Drive type**|Removable data drives| -|**Policy path**|Computer Configuration\Administrative Templates\Windows Components\BitLocker Drive Encryption\Removable Data Drives| +|**Policy path**|*Computer Configuration* > *Administrative Templates* > *Windows Components* > *BitLocker Drive Encryption* > *Removable Data Drives*| |**Conflicts**|You must disallow the use of recovery keys if the **Deny write access to removable drives not protected by BitLocker** policy setting is enabled.

    When using data recovery agents, you must enable and configure the **Provide the unique identifiers for your organization** policy setting.| |**When enabled**|You can control the methods that are available to users to recover data from BitLocker-protected removable data drives.| |**When disabled or not configured**|The default recovery options are supported for BitLocker recovery. By default, a data recovery agent is allowed, the recovery options can be specified by the user (including the recovery password and recovery key), and recovery information isn't backed up to AD DS.| -**Reference** +#### Reference: Choose how BitLocker-protected removable drives can be recovered This policy setting is applied when you turn on BitLocker. @@ -946,7 +944,7 @@ The **Allow data recovery agent** check box is used to specify whether a data re In **Configure user storage of BitLocker recovery information**, select whether users can be allowed, required, or not allowed to generate a 48-digit recovery password. -Select **Omit recovery options from the BitLocker setup wizard** to prevent users from specifying recovery options when they enable BitLocker on a drive. This means that you can't specify which recovery option to use when you enable BitLocker. Instead, BitLocker recovery options for the drive are determined by the policy setting. +Select **Omit recovery options from the BitLocker setup wizard** to prevent users from specifying recovery options when they enable BitLocker on a drive. This policy setting means that you can't specify which recovery option to use when you enable BitLocker. Instead, BitLocker recovery options for the drive are determined by the policy setting. In **Save BitLocker recovery information to Active Directory Domain Services**, choose which BitLocker recovery information is to be stored in AD DS for removable data drives. If you select **Backup recovery password and key package**, the BitLocker recovery password and the key package are stored in AD DS. If you select **Backup recovery password only**, only the recovery password is stored in AD DS. @@ -955,7 +953,7 @@ Select the **Do not enable BitLocker until recovery information is stored in AD > [!NOTE] > If the **Do not enable BitLocker until recovery information is stored in AD DS for fixed data drives** check box is selected, a recovery password is automatically generated. -### Configure the pre-boot recovery message and URL +### Configure the pre-boot recovery message and URL This policy setting is used to configure the entire recovery message and to replace the existing URL that is displayed on the pre-boot recovery screen when the operating system drive is locked. @@ -964,12 +962,12 @@ This policy setting is used to configure the entire recovery message and to repl |**Policy description**|With this policy setting, you can configure the BitLocker recovery screen to display a customized message and URL.| |**Introduced**|Windows| |**Drive type**|Operating system drives| -|**Policy path**|Computer Configuration \ Administrative Templates \ Windows Components \ BitLocker Drive Encryption \ Operating System Drives \ Configure pre-boot recovery message and URL| +|**Policy path**|*Computer Configuration* > *Administrative Templates* > *Windows Components* > *BitLocker Drive Encryption* > *Operating System Drives* > *Configure pre-boot recovery message and URL*| |**Conflicts**|None| -|**When enabled**|The customized message and URL are displayed on the pre-boot recovery screen. If you have previously enabled a custom recovery message and URL and want to revert to the default message and URL, you must keep the policy setting enabled and select the **Use default recovery message and URL** option.| +|**When enabled**|The customized message and URL are displayed on the pre-boot recovery screen. If you've previously enabled a custom recovery message and URL and want to revert to the default message and URL, you must keep the policy setting enabled and select the **Use default recovery message and URL** option.| |**When disabled or not configured**|If the setting hasn't been previously enabled, then the default pre-boot recovery screen is displayed for BitLocker recovery. If the setting previously was enabled and is later disabled, then the last message in Boot Configuration Data (BCD) is displayed whether it was the default recovery message or the custom message.| -**Reference** +#### Reference: Configure the pre-boot recovery message and URL Enabling the **Configure the pre-boot recovery message and URL** policy setting allows you to customize the default recovery screen message and URL to assist customers in recovering their key. @@ -985,7 +983,7 @@ Once you enable the setting, you have three options: > [!IMPORTANT] > Because you can alter the BCDEdit commands manually before you have set Group Policy settings, you can't return the policy setting to the default setting by selecting the **Not Configured** option after you have configured this policy setting. To return to the default pre-boot recovery screen leave the policy setting enabled and select the **Use default message** options from the **Choose an option for the pre-boot recovery message** drop-down list box. -### Allow Secure Boot for integrity validation +### Allow Secure Boot for integrity validation This policy controls how BitLocker-enabled system volumes are handled with the Secure Boot feature. Enabling this feature forces Secure Boot validation during the boot process and verifies Boot Configuration Data (BCD) settings according to the Secure Boot policy. @@ -994,20 +992,21 @@ This policy controls how BitLocker-enabled system volumes are handled with the S |**Policy description**|With this policy setting, you can configure whether Secure Boot will be allowed as the platform integrity provider for BitLocker operating system drives.| |**Introduced**|Windows Server 2012 and Windows 8| |**Drive type**|All drives| -|**Policy path**|Computer Configuration\Administrative Templates\Windows Components\BitLocker Drive Encryption\Operating System Drives| -|**Conflicts**|If you enable **Allow Secure Boot for integrity validation**, make sure the **Configure TPM platform validation profile for native UEFI firmware configurations** Group Policy setting isn't enabled or include PCR 7 to allow BitLocker to use Secure Boot for platform or BCD integrity validation.

    For more information about PCR 7, see [Platform Configuration Register (PCR)](#bkmk-pcr) in this article.| +|**Policy path**|*Computer Configuration* > *Administrative Templates* > *Windows Components* > *BitLocker Drive Encryption* > *Operating System Drives*| +|**Conflicts**|If you enable **Allow Secure Boot for integrity validation**, make sure the Configure TPM platform validation profile for native UEFI firmware configurations Group Policy setting isn't enabled, or include PCR 7 to allow BitLocker to use Secure Boot for platform or BCD integrity validation.

    For more information about PCR 7, see [About the Platform Configuration Register (PCR)](#about-the-platform-configuration-register-pcr) in this article.| |**When enabled or not configured**|BitLocker uses Secure Boot for platform integrity if the platform is capable of Secure Boot-based integrity validation.| |**When disabled**|BitLocker uses legacy platform integrity validation, even on systems that are capable of Secure Boot-based integrity validation.| -**Reference** +#### Reference: Allow Secure Boot for integrity validation Secure boot ensures that the computer's pre-boot environment loads only firmware that is digitally signed by authorized software publishers. Secure boot also started providing more flexibility for managing pre-boot configurations than BitLocker integrity checks prior to Windows Server 2012 and Windows 8. + When this policy is enabled and the hardware is capable of using secure boot for BitLocker scenarios, the **Use enhanced Boot Configuration Data validation profile** group policy setting is ignored, and secure boot verifies BCD settings according to the secure boot policy setting, which is configured separately from BitLocker. > [!WARNING] > Disabling this policy might result in BitLocker recovery when manufacturer-specific firmware is updated. If you disable this policy, suspend BitLocker prior to applying firmware updates. -### Provide the unique identifiers for your organization +### Provide the unique identifiers for your organization This policy setting is used to establish an identifier that is applied to all drives that are encrypted in your organization. @@ -1016,12 +1015,12 @@ This policy setting is used to establish an identifier that is applied to all dr |**Policy description**|With this policy setting, you can associate unique organizational identifiers to a new drive that is enabled with BitLocker.| |**Introduced**|Windows Server 2008 R2 and Windows 7| |**Drive type**|All drives| -|**Policy path**|Computer Configuration\Administrative Templates\Windows Components\BitLocker Drive Encryption| +|**Policy path**|*Computer Configuration* > *Administrative Templates* > *Windows Components* > *BitLocker Drive Encryption*| |**Conflicts**|Identification fields are required to manage certificate-based data recovery agents on BitLocker-protected drives. BitLocker manages and updates certificate-based data recovery agents only when the identification field is present on a drive and it's identical to the value that is configured on the computer.| |**When enabled**|You can configure the identification field on the BitLocker-protected drive and any allowed identification field that is used by your organization.| |**When disabled or not configured**|The identification field isn't required.| -**Reference** +#### Reference: Provide the unique identifiers for your organization These identifiers are stored as the identification field and the allowed identification field. The identification field allows you to associate a unique organizational identifier to BitLocker-protected drives. This identifier is automatically added to new BitLocker-protected drives, and it can be updated on existing BitLocker-protected drives by using the [Manage-bde](/windows-server/administration/windows-commands/manage-bde) command-line tool. @@ -1037,7 +1036,7 @@ When a BitLocker-protected drive is mounted on another BitLocker-enabled compute Multiple values separated by commas can be entered in the identification and allowed identification fields. The identification field can be any value upto 260 characters. -### Prevent memory overwrite on restart +### Prevent memory overwrite on restart This policy setting is used to control whether the computer's memory will be overwritten the next time the computer is restarted. @@ -1046,16 +1045,16 @@ This policy setting is used to control whether the computer's memory will be ove |**Policy description**|With this policy setting, you can control computer restart performance at the risk of exposing BitLocker secrets.| |**Introduced**|Windows Vista| |**Drive type**|All drives| -|**Policy path**|Computer Configuration\Administrative Templates\Windows Components\BitLocker Drive Encryption| +|**Policy path**|*Computer Configuration* > *Administrative Templates* > *Windows Components* > *BitLocker Drive Encryption*| |**Conflicts**|None| -|**When enabled**|The computer will not overwrite memory when it restarts. Preventing memory overwrite may improve restart performance, but it increases the risk of exposing BitLocker secrets.| +|**When enabled**|The computer won't overwrite memory when it restarts. Preventing memory overwrite may improve restart performance, but it increases the risk of exposing BitLocker secrets.| |**When disabled or not configured**|BitLocker secrets are removed from memory when the computer restarts.| -**Reference** +#### Reference: Prevent memory overwrite on restart This policy setting is applied when you turn on BitLocker. BitLocker secrets include key material that is used to encrypt data. This policy setting applies only when BitLocker protection is enabled. -### Configure TPM platform validation profile for BIOS-based firmware configurations +### Configure TPM platform validation profile for BIOS-based firmware configurations This policy setting determines what values the TPM measures when it validates early boot components before it unlocks an operating system drive on a computer with a BIOS configuration or with UEFI firmware that has the Compatibility Support Module (CSM) enabled. @@ -1064,19 +1063,19 @@ This policy setting determines what values the TPM measures when it validates ea |**Policy description**|With this policy setting, you can configure how the computer's TPM security hardware secures the BitLocker encryption key.| |**Introduced**|Windows Server 2012 and Windows 8| |**Drive type**|Operating system drives| -|**Policy path**|Computer Configuration\Administrative Templates\Windows Components\BitLocker Drive Encryption\Operating System Drives| +|**Policy path**|*Computer Configuration* > *Administrative Templates* > *Windows Components* > *BitLocker Drive Encryption* > *Operating System Drives*| |**Conflicts**|None| |**When enabled**|You can configure the boot components that the TPM validates before unlocking access to the BitLocker-encrypted operating system drive. If any of these components change while BitLocker protection is in effect, then the TPM doesn't release the encryption key to unlock the drive. Instead, the computer displays the BitLocker Recovery console and requires that the recovery password or the recovery key is provided to unlock the drive.| |**When disabled or not configured**|The TPM uses the default platform validation profile or the platform validation profile that is specified by the setup script.| -**Reference** +#### Reference: Configure TPM platform validation profile for BIOS-based firmware configurations This policy setting doesn't apply if the computer doesn't have a compatible TPM or if BitLocker has already been turned on with TPM protection. > [!IMPORTANT] > This Group Policy setting only applies to computers with BIOS configurations or to computers with UEFI firmware with the CSM enabled. Computers that use a native UEFI firmware configuration store different values in the Platform Configuration Registers (PCRs). Use the **Configure TPM platform validation profile for native UEFI firmware configurations** Group Policy setting to configure the TPM PCR profile for computers that use native UEFI firmware. -A platform validation profile consists of a set of PCR indices that range from 0 to 23. The default platform validation profile secures the encryption key against changes to the following: +A platform validation profile consists of a set of PCR indices that range from 0 to 23. The default platform validation profile secures the encryption key against changes to the following PCRs: - Core Root of Trust of Measurement (CRTM), BIOS, and Platform Extensions (PCR 0) - Option ROM Code (PCR 2) @@ -1105,7 +1104,7 @@ The following list identifies all of the available PCRs: - PCR 11: BitLocker access control - PCR 12-23: Reserved for future use -### Configure TPM platform validation profile (Windows Vista, Windows Server 2008, Windows 7, Windows Server 2008 R2) +### Configure TPM platform validation profile (Windows Vista, Windows Server 2008, Windows 7, Windows Server 2008 R2) This policy setting determines what values the TPM measures when it validates early boot components before unlocking a drive on a computer running Windows Vista, Windows Server 2008, or Windows 7. @@ -1114,16 +1113,16 @@ This policy setting determines what values the TPM measures when it validates ea |**Policy description**|With this policy setting, you can configure how the computer's TPM security hardware secures the BitLocker encryption key.| |**Introduced**|Windows Server 2008 and Windows Vista| |**Drive type**|Operating system drives| -|**Policy path**|Computer Configuration\Administrative Templates\Windows Components\BitLocker Drive Encryption\Operating System Drives| +|**Policy path**|*Computer Configuration* > *Administrative Templates* > *Windows Components* > *BitLocker Drive Encryption* > *Operating System Drives*| |**Conflicts**|None| |**When enabled**|You can configure the boot components that the TPM validates before unlocking access to the BitLocker-encrypted operating system drive. If any of these components change while BitLocker protection is in effect, the TPM doesn't release the encryption key to unlock the drive. Instead, the computer displays the BitLocker Recovery console and requires that the recovery password or the recovery key is provided to unlock the drive.| |**When disabled or not configured**|The TPM uses the default platform validation profile or the platform validation profile that is specified by the setup script.| -**Reference** +#### Reference: Configure TPM platform validation profile (Windows Vista, Windows Server 2008, Windows 7, Windows Server 2008 R2) This policy setting doesn't apply if the computer doesn't have a compatible TPM or if BitLocker is already turned on with TPM protection. -A platform validation profile consists of a set of PCR indices that range from 0 to 23. The default platform validation profile secures the encryption key against changes to the following: +A platform validation profile consists of a set of PCR indices that range from 0 to 23. The default platform validation profile secures the encryption key against changes to the following PCRs: - Core Root of Trust of Measurement (CRTM), BIOS, and Platform Extensions (PCR 0) - Option ROM Code (PCR 2) @@ -1155,7 +1154,7 @@ The following list identifies all of the available PCRs: > [!WARNING] > Changing from the default platform validation profile affects the security and manageability of your computer. BitLocker's sensitivity to platform modifications (malicious or authorized) is increased or decreased depending on inclusion or exclusion (respectively) of the PCRs. -### Configure TPM platform validation profile for native UEFI firmware configurations +### Configure TPM platform validation profile for native UEFI firmware configurations This policy setting determines what values the TPM measures when it validates early boot components before unlocking an operating system drive on a computer with native UEFI firmware configurations. @@ -1164,12 +1163,12 @@ This policy setting determines what values the TPM measures when it validates ea |**Policy description**|With this policy setting, you can configure how the computer's Trusted Platform Module (TPM) security hardware secures the BitLocker encryption key.| |**Introduced**|Windows Server 2012 and Windows 8| |**Drive type**|Operating system drives| -|**Policy path**|Computer Configuration\Administrative Templates\Windows Components\BitLocker Drive Encryption\Operating System Drives| -|**Conflicts**|Setting this policy with PCR 7 omitted, overrides the **Allow Secure Boot for integrity validation** Group Policy setting, and it prevents BitLocker from using Secure Boot for platform or Boot Configuration Data (BCD) integrity validation.

    If your environments use TPM and Secure Boot for platform integrity checks, this policy is configured.

    For more information about PCR 7, see [Platform Configuration Register (PCR)](#bkmk-pcr) in this article.| +|**Policy path**|*Computer Configuration* > *Administrative Templates* > *Windows Components* > *BitLocker Drive Encryption* > *Operating System Drives*| +|**Conflicts**|Setting this policy with PCR 7 omitted, overrides the **Allow Secure Boot for integrity validation** Group Policy setting, and it prevents BitLocker from using Secure Boot for platform or Boot Configuration Data (BCD) integrity validation.

    If your environments use TPM and Secure Boot for platform integrity checks, this policy is configured.

    For more information about PCR 7, see [About the Platform Configuration Register (PCR)](#about-the-platform-configuration-register-pcr) in this article.| |**When enabled**|Before you turn on BitLocker, you can configure the boot components that the TPM validates before it unlocks access to the BitLocker-encrypted operating system drive. If any of these components change while BitLocker protection is in effect, the TPM doesn't release the encryption key to unlock the drive. Instead, the computer displays the BitLocker Recovery console and requires that the recovery password or the recovery key is provided to unlock the drive.| |**When disabled or not configured**|BitLocker uses the default platform validation profile or the platform validation profile that is specified by the setup script.| -**Reference** +#### Reference: Configure TPM platform validation profile for native UEFI firmware configurations This policy setting doesn't apply if the computer doesn't have a compatible TPM or if BitLocker is already turned on with TPM protection. @@ -1189,7 +1188,7 @@ The following list identifies all of the available PCRs: - PCR 6: Resume from S4 and S5 Power State Events - PCR 7: Secure Boot State - For more information about this PCR, see [Platform Configuration Register (PCR)](#bkmk-pcr) in this article. + For more information about this PCR, see [About the Platform Configuration Register (PCR)](#about-the-platform-configuration-register-pcr) in this article. - PCR 8: Initialized to 0 with no Extends (reserved for future use) - PCR 9: Initialized to 0 with no Extends (reserved for future use) @@ -1203,7 +1202,7 @@ The following list identifies all of the available PCRs: > [!WARNING] > Changing from the default platform validation profile affects the security and manageability of your computer. BitLocker's sensitivity to platform modifications (malicious or authorized) is increased or decreased depending on inclusion or exclusion (respectively) of the PCRs. -### Reset platform validation data after BitLocker recovery +### Reset platform validation data after BitLocker recovery This policy setting determines if you want platform validation data to refresh when Windows is started following a BitLocker recovery. A platform validation data profile consists of the values in a set of Platform Configuration Register (PCR) indices that range from 0 to 23. @@ -1212,17 +1211,17 @@ This policy setting determines if you want platform validation data to refresh w |**Policy description**|With this policy setting, you can control whether platform validation data is refreshed when Windows is started following a BitLocker recovery.| |**Introduced**|Windows Server 2012 and Windows 8| |**Drive type**|Operating system drives| -|**Policy path**|Computer Configuration\Administrative Templates\Windows Components\BitLocker Drive Encryption\Operating System Drives| +|**Policy path**|*Computer Configuration* > *Administrative Templates* > *Windows Components* > *BitLocker Drive Encryption* > *Operating System Drives*| |**Conflicts**|None| |**When enabled**|Platform validation data is refreshed when Windows is started following a BitLocker recovery.| |**When disabled**|Platform validation data isn't refreshed when Windows is started following a BitLocker recovery.| |**When not configured**|Platform validation data is refreshed when Windows is started following a BitLocker recovery.| -**Reference** +#### Reference: Reset platform validation data after BitLocker recovery For more information about the recovery process, see the [BitLocker recovery guide](bitlocker-recovery-guide-plan.md). -### Use enhanced Boot Configuration Data validation profile +### Use enhanced Boot Configuration Data validation profile This policy setting determines specific Boot Configuration Data (BCD) settings to verify during platform validation. A platform validation uses the data in the platform validation profile, which consists of a set of Platform Configuration Register (PCR) indices that range from 0 to 23. @@ -1231,18 +1230,18 @@ This policy setting determines specific Boot Configuration Data (BCD) settings t |**Policy description**|With this policy setting, you can specify Boot Configuration Data (BCD) settings to verify during platform validation.| |**Introduced**|Windows Server 2012 and Windows 8| |**Drive type**|Operating system drives| -|**Policy path**|Computer Configuration\Administrative Templates\Windows Components\BitLocker Drive Encryption\Operating System Drives| +|**Policy path**|*Computer Configuration* > *Administrative Templates* > *Windows Components* > *BitLocker Drive Encryption* > *Operating System Drives*| |**Conflicts**|When BitLocker is using Secure Boot for platform and Boot Configuration Data integrity validation, the **Use enhanced Boot Configuration Data validation profile** Group Policy setting is ignored (as defined by the **Allow Secure Boot for integrity validation** Group Policy setting).| |**When enabled**|You can add additional BCD settings, exclude the BCD settings you specify, or combine inclusion and exclusion lists to create a customized BCD validation profile, which gives you the ability to verify those BCD settings.| |**When disabled**|The computer reverts to a BCD profile validation similar to the default BCD profile that is used by Windows 7.| |**When not configured**|The computer verifies the default BCD settings in Windows.| -**Reference** +#### Reference: Use enhanced Boot Configuration Data validation profile > [!NOTE] > The setting that controls boot debugging (0x16000010) is always validated, and it has no effect if it's included in the inclusion or the exclusion list. -### Allow access to BitLocker-protected fixed data drives from earlier versions of Windows +### Allow access to BitLocker-protected fixed data drives from earlier versions of Windows This policy setting is used to control whether access to drives is allowed by using the BitLocker To Go Reader, and whether BitLocker To Go Reader can be installed on the drive. @@ -1251,19 +1250,19 @@ This policy setting is used to control whether access to drives is allowed by us |**Policy description**|With this policy setting, you can configure whether fixed data drives that are formatted with the FAT file system can be unlocked and viewed on computers running Windows Vista, Windows XP with Service Pack 3 (SP3), or Windows XP with Service Pack 2 (SP2).| |**Introduced**|Windows Server 2008 R2 and Windows 7| |**Drive type**|Fixed data drives| -|**Policy path**|Computer Configuration\Administrative Templates\Windows Components\BitLocker Drive Encryption\Fixed Data Drives| +|**Policy path**|*Computer Configuration* > *Administrative Templates* > *Windows Components* > *BitLocker Drive Encryption* > *Fixed Data Drives*| |**Conflicts**|None| |**When enabled and When not configured**|Fixed data drives that are formatted with the FAT file system can be unlocked on computers running Windows Server 2008, Windows Vista, Windows XP with SP3, or Windows XP with SP2, and their content can be viewed. These operating systems have Read-only access to BitLocker-protected drives.| |**When disabled**|Fixed data drives that are formatted with the FAT file system and are BitLocker-protected can't be unlocked on computers running Windows Vista, Windows XP with SP3, or Windows XP with SP2. BitLocker To Go Reader (bitlockertogo.exe) isn't installed.| -**Reference** +#### Reference: Allow access to BitLocker-protected fixed data drives from earlier versions of Windows > [!NOTE] > This policy setting doesn't apply to drives that are formatted with the NTFS file system. When this policy setting is enabled, select the **Do not install BitLocker To Go Reader on FAT formatted fixed drives** check box to help prevent users from running BitLocker To Go Reader from their fixed drives. If BitLocker To Go Reader (bitlockertogo.exe) is present on a drive that doesn't have an identification field specified, or if the drive has the same identification field as specified in the **Provide unique identifiers for your organization** policy setting, the user is prompted to update BitLocker, and BitLocker To Go Reader is deleted from the drive. In this situation, for the fixed drive to be unlocked on computers running Windows Vista, Windows XP with SP3, or Windows XP with SP2, BitLocker To Go Reader must be installed on the computer. If this check box isn't selected, then BitLocker To Go Reader will be installed on the fixed drive to enable users to unlock the drive on computers running Windows Vista, Windows XP with SP3, or Windows XP with SP2. -### Allow access to BitLocker-protected removable data drives from earlier versions of Windows +### Allow access to BitLocker-protected removable data drives from earlier versions of Windows This policy setting controls access to removable data drives that are using the BitLocker To Go Reader and whether the BitLocker To Go Reader can be installed on the drive. @@ -1272,17 +1271,17 @@ This policy setting controls access to removable data drives that are using the |**Policy description**|With this policy setting, you can configure whether removable data drives that are formatted with the FAT file system can be unlocked and viewed on computers running Windows Vista, Windows XP with SP3, or Windows XP with SP2.| |**Introduced**|Windows Server 2008 R2 and Windows 7| |**Drive type**|Removable data drives| -|**Policy path**|Computer Configuration\Administrative Templates\Windows Components\BitLocker Drive Encryption\Removable Data Drives| +|**Policy path**|*Computer Configuration* > *Administrative Templates* > *Windows Components* > *BitLocker Drive Encryption* > *Removable Data Drives*| |**Conflicts**|None| |**When enabled and When not configured**|Removable data drives that are formatted with the FAT file system can be unlocked on computers running Windows Vista, Windows XP with SP3, or Windows XP with SP2, and their content can be viewed. These operating systems have Read-only access to BitLocker-protected drives.| |**When disabled**|Removable data drives that are formatted with the FAT file system that are BitLocker-protected can't be unlocked on computers running Windows Vista, Windows XP with SP3, or Windows XP with SP2. BitLocker To Go Reader (bitlockertogo.exe) isn't installed.| -**Reference** +#### Reference: Allow access to BitLocker-protected removable data drives from earlier versions of Windows > [!NOTE] > This policy setting doesn't apply to drives that are formatted with the NTFS file system. -When this policy setting is enabled, select the **Do not install BitLocker To Go Reader on FAT formatted removable drives** check box to help prevent users from running BitLocker To Go Reader from their removable drives. If BitLocker To Go Reader (bitlockertogo.exe) is present on a drive that doesn't have an identification field specified, or if the drive has the same identification field as specified in the **Provide unique identifiers for your organization** policy setting, the user will be prompted to update BitLocker, and BitLocker To Go Reader is deleted from the drive. In this situation, for the removable drive to be unlocked on computers running Windows Vista, Windows XP with SP3, or Windows XP with SP2, BitLocker To Go Reader must be installed on the computer. If this check box isn't selected, then BitLocker To Go Reader will be installed on the removable drive to enable users to unlock the drive on computers running Windows Vista, Windows XP with SP3, or Windows XP with SP2 that don't have BitLocker To Go Reader installed. +When this policy setting is enabled, select the **Do not install BitLocker To Go Reader on FAT formatted removable drives** check box to help prevent users from running BitLocker To Go Reader from their removable drives. If BitLocker To Go Reader (bitlockertogo.exe) is present on a drive that doesn't have an identification field specified, or if the drive has the same identification field as specified in the **Provide unique identifiers for your organization** policy setting, the user will be prompted to update BitLocker, and BitLocker To Go Reader is deleted from the drive. In this situation, for the removable drive to be unlocked on computers running Windows Vista, Windows XP with SP3, or Windows XP with SP2, BitLocker To Go Reader must be installed on the computer. If this check box isn't selected, then BitLocker To Go Reader will be installed on the removable drive to enable users to unlock the drive on computers running Windows Vista or Windows XP that don't have BitLocker To Go Reader installed. ## FIPS setting @@ -1293,12 +1292,12 @@ You can configure the Federal Information Processing Standard (FIPS) setting for |**Policy description**|Notes| |**Introduced**|Windows Server 2003 with SP1| |**Drive type**|System-wide| -|**Policy path**|Local Policies\Security Options\System cryptography: **Use FIPS compliant algorithms for encryption, hashing, and signing**| +|**Policy path**|*Local Policies* > *Security Options* > *System cryptography*: **Use FIPS compliant algorithms for encryption, hashing, and signing**| |**Conflicts**|Some applications, such as Terminal Services, don't support FIPS-140 on all operating systems.| -|**When enabled**|Users will be unable to save a recovery password to any location. This includes AD DS and network folders. Also, you can't use WMI or the BitLocker Drive Encryption Setup wizard to create a recovery password.| +|**When enabled**|Users will be unable to save a recovery password to any location. This policy setting includes AD DS and network folders. Also, you can't use WMI or the BitLocker Drive Encryption Setup wizard to create a recovery password.| |**When disabled or not configured**|No BitLocker encryption key is generated| -**Reference** +### Reference: FIPS setting This policy must be enabled before any encryption key is generated for BitLocker. When this policy is enabled, BitLocker prevents creating or using recovery passwords, so recovery keys should be used instead. @@ -1310,7 +1309,7 @@ For more information about setting this policy, see [System cryptography: Use FI ## Power management group policy settings: Sleep and Hibernate -PCs default power settings for a computer will cause the computer to enter Sleep mode frequently to conserve power when idle and to help extend the system's battery life. When a computer transitions to Sleep, open programs and documents are persisted in memory. When a computer resumes from Sleep, users aren't required to reauthenticate with a PIN or USB startup key to access encrypted data. This might lead to conditions where data security is compromised. +PCs default power settings for a computer will cause the computer to enter Sleep mode frequently to conserve power when idle and to help extend the system's battery life. When a computer transitions to Sleep, open programs and documents are persisted in memory. When a computer resumes from Sleep, users aren't required to reauthenticate with a PIN or USB startup key to access encrypted data. Not needing to reauthenticate when resuming from Sleep might lead to conditions where data security is compromised. However, when a computer hibernates the drive is locked, and when it resumes from hibernation the drive is unlocked, which means that users will need to provide a PIN or a startup key if using multifactor authentication with BitLocker. Therefore, organizations that use BitLocker may want to use Hibernate instead of Sleep for improved security. This setting doesn't have an impact on TPM-only mode, because it provides a transparent user experience at startup and when resuming from the Hibernate states. @@ -1319,22 +1318,21 @@ You can disable the following Group Policy settings, which are located in **Comp - Allow Standby States (S1-S3) When Sleeping (Plugged In) - Allow Standby States (S1-S3) When Sleeping (Battery) -## About the Platform Configuration Register (PCR) +## About the Platform Configuration Register (PCR) A platform validation profile consists of a set of PCR indices that range from 0 to 23. The scope of the values can be specific to the version of the operating system. Changing from the default platform validation profile affects the security and manageability of your computer. BitLocker's sensitivity to platform modifications (malicious or authorized) is increased or decreased depending on inclusion or exclusion (respectively) of the PCRs. -**About PCR 7** +### About PCR 7 -PCR 7 measures the state of Secure Boot. With PCR 7, BitLocker can use Secure Boot for integrity validation. Secure Boot ensures that the computer's preboot environment loads only firmware that is digitally signed by authorized software publishers. PCR 7 measurements indicate whether Secure Boot is on and which keys are trusted on the platform. If Secure Boot is on and the firmware measures PCR 7 correctly per the UEFI specification, BitLocker can bind to this information rather than to PCRs 0, 2, and 4, which have the measurements of the exact firmware and Bootmgr images loaded. This -reduces the likelihood of BitLocker starting in recovery mode as a result of firmware and image updates, and it provides you with greater flexibility to manage the preboot configuration. +PCR 7 measures the state of Secure Boot. With PCR 7, BitLocker can use Secure Boot for integrity validation. Secure Boot ensures that the computer's preboot environment loads only firmware that is digitally signed by authorized software publishers. PCR 7 measurements indicate whether Secure Boot is on and which keys are trusted on the platform. If Secure Boot is on and the firmware measures PCR 7 correctly per the UEFI specification, BitLocker can bind to this information rather than to PCRs 0, 2, and 4, which have the measurements of the exact firmware and Bootmgr images loaded. This process reduces the likelihood of BitLocker starting in recovery mode as a result of firmware and image updates, and it provides with greater flexibility to manage the preboot configuration. PCR 7 measurements must follow the guidance that is described in [Appendix A Trusted Execution Environment EFI Protocol](/windows-hardware/test/hlk/testref/trusted-execution-environment-efi-protocol). PCR 7 measurements are a mandatory logo requirement for systems that support Modern Standby (also known as Always On, Always Connected PCs), such as the Microsoft Surface RT. On such systems, if the TPM with PCR 7 measurement and secure boot are correctly configured, BitLocker binds to PCR 7 and PCR 11 by default. -## See also +## Related articles - [Trusted Platform Module](/windows/device-security/tpm/trusted-platform-module-overview) - [TPM Group Policy settings](/windows/device-security/tpm/trusted-platform-module-services-group-policy-settings) diff --git a/windows/security/information-protection/bitlocker/bitlocker-how-to-deploy-on-windows-server.md b/windows/security/information-protection/bitlocker/bitlocker-how-to-deploy-on-windows-server.md index 8718f6ba20..9440883c31 100644 --- a/windows/security/information-protection/bitlocker/bitlocker-how-to-deploy-on-windows-server.md +++ b/windows/security/information-protection/bitlocker/bitlocker-how-to-deploy-on-windows-server.md @@ -16,7 +16,11 @@ ms.technology: itpro-security # BitLocker: How to deploy on Windows Server 2012 and later -> Applies to: Windows Server 2012, Windows Server 2012 R2, Windows Server 2016, Windows Server 2019 +*Applies to:* + +- Windows Server 2012 +- Windows Server 2012 R2 +- Windows Server 2016 and above This article explains how to deploy BitLocker on Windows Server 2012 and later versions. For all Windows Server editions, BitLocker can be installed using Server Manager or Windows PowerShell cmdlets. BitLocker requires administrator privileges on the server on which it's to be installed. diff --git a/windows/security/information-protection/bitlocker/bitlocker-how-to-enable-network-unlock.md b/windows/security/information-protection/bitlocker/bitlocker-how-to-enable-network-unlock.md index fe7e7c5c6e..c4df7408fa 100644 --- a/windows/security/information-protection/bitlocker/bitlocker-how-to-enable-network-unlock.md +++ b/windows/security/information-protection/bitlocker/bitlocker-how-to-enable-network-unlock.md @@ -17,7 +17,7 @@ ms.technology: itpro-security # BitLocker: How to enable network unlock -**Applies to** +*Applies to:* - Windows 10 - Windows 11 diff --git a/windows/security/information-protection/bitlocker/bitlocker-key-management-faq.yml b/windows/security/information-protection/bitlocker/bitlocker-key-management-faq.yml index 77afbc0e4e..5aa5608a70 100644 --- a/windows/security/information-protection/bitlocker/bitlocker-key-management-faq.yml +++ b/windows/security/information-protection/bitlocker/bitlocker-key-management-faq.yml @@ -19,8 +19,10 @@ metadata: ms.custom: bitlocker title: BitLocker Key Management FAQ summary: | - **Applies to** + *Applies to:* - Windows 10 + - Windows 11 + - Windows Server 2016 and above sections: diff --git a/windows/security/information-protection/bitlocker/bitlocker-network-unlock-faq.yml b/windows/security/information-protection/bitlocker/bitlocker-network-unlock-faq.yml index e281569bf0..24ef8ce543 100644 --- a/windows/security/information-protection/bitlocker/bitlocker-network-unlock-faq.yml +++ b/windows/security/information-protection/bitlocker/bitlocker-network-unlock-faq.yml @@ -18,8 +18,10 @@ metadata: ms.custom: bitlocker title: BitLocker Network Unlock FAQ summary: | - **Applies to** + *Applies to:* - Windows 10 + - Windows 11 + - Windows Server 2016 and above sections: - name: Ignored diff --git a/windows/security/information-protection/bitlocker/bitlocker-overview-and-requirements-faq.yml b/windows/security/information-protection/bitlocker/bitlocker-overview-and-requirements-faq.yml index c197e5850f..39f304e7be 100644 --- a/windows/security/information-protection/bitlocker/bitlocker-overview-and-requirements-faq.yml +++ b/windows/security/information-protection/bitlocker/bitlocker-overview-and-requirements-faq.yml @@ -21,9 +21,10 @@ metadata: ms.custom: bitlocker title: BitLocker Overview and Requirements FAQ summary: | - **Applies to** + *Applies to:* - Windows 10 - Windows 11 + - Windows Server 2016 and above sections: diff --git a/windows/security/information-protection/bitlocker/bitlocker-overview.md b/windows/security/information-protection/bitlocker/bitlocker-overview.md index 05a9a96577..b9fc54487a 100644 --- a/windows/security/information-protection/bitlocker/bitlocker-overview.md +++ b/windows/security/information-protection/bitlocker/bitlocker-overview.md @@ -17,7 +17,7 @@ ms.technology: itpro-security # BitLocker -**Applies to** +*Applies to:* - Windows 10 - Windows 11 diff --git a/windows/security/information-protection/bitlocker/bitlocker-recovery-guide-plan.md b/windows/security/information-protection/bitlocker/bitlocker-recovery-guide-plan.md index c909d61880..8631b6811a 100644 --- a/windows/security/information-protection/bitlocker/bitlocker-recovery-guide-plan.md +++ b/windows/security/information-protection/bitlocker/bitlocker-recovery-guide-plan.md @@ -18,11 +18,11 @@ ms.custom: bitlocker # BitLocker recovery guide -**Applies to:** +*Applies to:* - Windows 10 - Windows 11 -- Windows Server 2016 and later +- Windows Server 2016 and above This article describes how to recover BitLocker keys from AD DS. diff --git a/windows/security/information-protection/bitlocker/bitlocker-security-faq.yml b/windows/security/information-protection/bitlocker/bitlocker-security-faq.yml index 2783b642c7..8e44cfb597 100644 --- a/windows/security/information-protection/bitlocker/bitlocker-security-faq.yml +++ b/windows/security/information-protection/bitlocker/bitlocker-security-faq.yml @@ -19,8 +19,10 @@ metadata: ms.custom: bitlocker title: BitLocker Security FAQ summary: | - **Applies to** + *Applies to:* - Windows 10 + - Windows 11 + - Windows Server 2016 and above diff --git a/windows/security/information-protection/bitlocker/bitlocker-to-go-faq.yml b/windows/security/information-protection/bitlocker/bitlocker-to-go-faq.yml index e63ce621a9..f4eef062e3 100644 --- a/windows/security/information-protection/bitlocker/bitlocker-to-go-faq.yml +++ b/windows/security/information-protection/bitlocker/bitlocker-to-go-faq.yml @@ -19,7 +19,7 @@ metadata: ms.custom: bitlocker title: BitLocker To Go FAQ summary: | - **Applies to** + *Applies to:* - Windows 10 diff --git a/windows/security/information-protection/bitlocker/bitlocker-upgrading-faq.yml b/windows/security/information-protection/bitlocker/bitlocker-upgrading-faq.yml index 5290befc41..2bf97935b0 100644 --- a/windows/security/information-protection/bitlocker/bitlocker-upgrading-faq.yml +++ b/windows/security/information-protection/bitlocker/bitlocker-upgrading-faq.yml @@ -18,8 +18,10 @@ metadata: ms.custom: bitlocker title: BitLocker Upgrading FAQ summary: | - **Applies to** + *Applies to:* - Windows 10 + - Windows 11 + - Windows Server 2016 and above sections: diff --git a/windows/security/information-protection/bitlocker/bitlocker-use-bitlocker-drive-encryption-tools-to-manage-bitlocker.md b/windows/security/information-protection/bitlocker/bitlocker-use-bitlocker-drive-encryption-tools-to-manage-bitlocker.md index d001d31b25..4a29257c15 100644 --- a/windows/security/information-protection/bitlocker/bitlocker-use-bitlocker-drive-encryption-tools-to-manage-bitlocker.md +++ b/windows/security/information-protection/bitlocker/bitlocker-use-bitlocker-drive-encryption-tools-to-manage-bitlocker.md @@ -18,7 +18,7 @@ ms.technology: itpro-security # BitLocker: Use BitLocker Drive Encryption Tools to manage BitLocker -**Applies to** +*Applies to:* - Windows 10 - Windows 11 @@ -87,7 +87,7 @@ This command encrypts the drive using the TPM as the default protector. If you a ``` ### Using manage-bde with data volumes -Data volumes use the same syntax for encryption as operating system volumes but they don't require protectors for the operation to complete. Encrypting data volumes can be done using the base command: `manage-bde -on ` or you can choose to add additional protectors to the volume first. We recommend that you add at least one primary protector and a recovery protector to a data volume. +Data volumes use the same syntax for encryption as operating system volumes but they don't require protectors for the operation to complete. Encrypting data volumes can be done using the base command: `manage-bde.exe -on ` or you can choose to add additional protectors to the volume first. We recommend that you add at least one primary protector and a recovery protector to a data volume. A common protector for a data volume is the password protector. In the example below, we add a password protector to the volume and turn on BitLocker. @@ -103,7 +103,7 @@ You may experience a problem that damages an area of a hard disk on which BitLoc The BitLocker Repair Tool (Repair-bde) can be used to access encrypted data on a severely damaged hard disk if the drive was encrypted by using BitLocker. Repair-bde can reconstruct critical parts of the drive and salvage recoverable data as long as a valid recovery password or recovery key is used to decrypt the data. If the BitLocker metadata data on the drive has become corrupt, you must be able to supply a backup key package in addition to the recovery password or recovery key. This key package is backed up in Active Directory Domain Services (AD DS) if you used the default setting for AD DS backup. With this key package and either the recovery password or recovery key, you can decrypt portions of a BitLocker-protected drive if the disk is corrupted. Each key package will work only for a drive that has the corresponding drive identifier. You can use the BitLocker Recovery Password Viewer to obtain this key package from AD DS. > [!TIP] -> If you aren't backing up recovery information to AD DS or if you want to save key packages alternatively, you can use the command `manage-bde -KeyPackage` to generate a key package for a volume. +> If you aren't backing up recovery information to AD DS or if you want to save key packages alternatively, you can use the command `manage-bde.exe -KeyPackage` to generate a key package for a volume. The Repair-bde command-line tool is intended for use when the operating system doesn't start or when you can't start the BitLocker Recovery Console. Use Repair-bde if the following conditions are true: diff --git a/windows/security/information-protection/bitlocker/bitlocker-use-bitlocker-recovery-password-viewer.md b/windows/security/information-protection/bitlocker/bitlocker-use-bitlocker-recovery-password-viewer.md index b4844997b4..e0978e67e1 100644 --- a/windows/security/information-protection/bitlocker/bitlocker-use-bitlocker-recovery-password-viewer.md +++ b/windows/security/information-protection/bitlocker/bitlocker-use-bitlocker-recovery-password-viewer.md @@ -18,7 +18,7 @@ ms.technology: itpro-security # BitLocker: Use BitLocker Recovery Password Viewer -**Applies to** +*Applies to:* - Windows 10 - Windows 11 diff --git a/windows/security/information-protection/bitlocker/bitlocker-using-with-other-programs-faq.yml b/windows/security/information-protection/bitlocker/bitlocker-using-with-other-programs-faq.yml index f846ad1758..a8ea1a7f7b 100644 --- a/windows/security/information-protection/bitlocker/bitlocker-using-with-other-programs-faq.yml +++ b/windows/security/information-protection/bitlocker/bitlocker-using-with-other-programs-faq.yml @@ -19,8 +19,10 @@ metadata: ms.custom: bitlocker title: Using BitLocker with other programs FAQ summary: | - **Applies to** + *Applies to:* - Windows 10 + - Windows 11 + - Windows Server 2016 and above sections: diff --git a/windows/security/information-protection/bitlocker/prepare-your-organization-for-bitlocker-planning-and-policies.md b/windows/security/information-protection/bitlocker/prepare-your-organization-for-bitlocker-planning-and-policies.md index bab5afc7fb..fa155fea15 100644 --- a/windows/security/information-protection/bitlocker/prepare-your-organization-for-bitlocker-planning-and-policies.md +++ b/windows/security/information-protection/bitlocker/prepare-your-organization-for-bitlocker-planning-and-policies.md @@ -17,7 +17,7 @@ ms.technology: itpro-security # Prepare your organization for BitLocker: Planning and policies -**Applies to** +*Applies to:* - Windows 10 - Windows 11 diff --git a/windows/security/information-protection/bitlocker/protecting-cluster-shared-volumes-and-storage-area-networks-with-bitlocker.md b/windows/security/information-protection/bitlocker/protecting-cluster-shared-volumes-and-storage-area-networks-with-bitlocker.md index 839d549c6c..ca971c88f0 100644 --- a/windows/security/information-protection/bitlocker/protecting-cluster-shared-volumes-and-storage-area-networks-with-bitlocker.md +++ b/windows/security/information-protection/bitlocker/protecting-cluster-shared-volumes-and-storage-area-networks-with-bitlocker.md @@ -16,8 +16,9 @@ ms.technology: itpro-security # Protecting cluster shared volumes and storage area networks with BitLocker -**Applies to** -- Windows Server 2016 +*Applies to:* + +- Windows Server 2016 and above This article describes the procedure to protect cluster shared volumes (CSVs) and storage area networks (SANs) by using BitLocker. From 0a7d73734460a6c91fe83ab0d77835e366525236 Mon Sep 17 00:00:00 2001 From: Frank Rojas <45807133+frankroj@users.noreply.github.com> Date: Tue, 8 Nov 2022 18:56:03 -0500 Subject: [PATCH 027/129] Metadata/style update BitLocker 6 --- .../bitlocker-key-management-faq.yml | 2 +- .../encrypted-hard-drive.md | 79 ++++++++++--------- 2 files changed, 41 insertions(+), 40 deletions(-) diff --git a/windows/security/information-protection/bitlocker/bitlocker-key-management-faq.yml b/windows/security/information-protection/bitlocker/bitlocker-key-management-faq.yml index 5aa5608a70..2d19e3ef2a 100644 --- a/windows/security/information-protection/bitlocker/bitlocker-key-management-faq.yml +++ b/windows/security/information-protection/bitlocker/bitlocker-key-management-faq.yml @@ -58,7 +58,7 @@ sections: - question: When should an additional method of authentication be considered? answer: | New hardware that meets [Windows Hardware Compatibility Program](/windows-hardware/design/compatibility/) requirements make a PIN less critical as a mitigation, and having a TPM-only protector is likely sufficient when combined with policies like device lockout. For example, Surface Pro and Surface Book do not have external DMA ports to attack. - For older hardware, where a PIN may be needed, it's recommended to enable [enhanced PINs](bitlocker-group-policy-settings.md#bkmk-unlockpol2) that allow non-numeric characters such as letters and punctuation marks, and to set the PIN length based on your risk tolerance and the hardware anti-hammering capabilities available to the TPMs in your computers. + For older hardware, where a PIN may be needed, it's recommended to enable [enhanced PINs](bitlocker-group-policy-settings.md#allow-enhanced-pins-for-startup) that allow non-numeric characters such as letters and punctuation marks, and to set the PIN length based on your risk tolerance and the hardware anti-hammering capabilities available to the TPMs in your computers. - question: If I lose my recovery information, will the BitLocker-protected data be unrecoverable? answer: | diff --git a/windows/security/information-protection/encrypted-hard-drive.md b/windows/security/information-protection/encrypted-hard-drive.md index 96c61886e5..765325f2f0 100644 --- a/windows/security/information-protection/encrypted-hard-drive.md +++ b/windows/security/information-protection/encrypted-hard-drive.md @@ -3,17 +3,18 @@ title: Encrypted Hard Drive (Windows) description: Encrypted Hard Drive uses the rapid encryption that is provided by BitLocker Drive Encryption to enhance data security and management. ms.reviewer: manager: aaroncz -ms.author: dansimp +ms.author: frankroj ms.prod: windows-client -author: dulcemontemayor -ms.date: 04/02/2019 +author: frankroj +ms.date: 11/08/2022 ms.technology: itpro-security --- # Encrypted Hard Drive -**Applies to** -- Windows 10 +*Applies to:* + +- Windows 10 - Windows 11 - Windows Server 2022 - Windows Server 2019 @@ -22,29 +23,29 @@ ms.technology: itpro-security Encrypted hard drive uses the rapid encryption that is provided by BitLocker drive encryption to enhance data security and management. -By offloading the cryptographic operations to a hardware, Encrypted hard drives increase BitLocker performance and reduce CPU usage and power consumption. Because Encrypted hard drives encrypt data quickly, enterprise devices can expand BitLocker deployment with minimal impact on productivity. +By offloading the cryptographic operations to hardware, Encrypted hard drives increase BitLocker performance and reduce CPU usage and power consumption. Because Encrypted hard drives encrypt data quickly, enterprise devices can expand BitLocker deployment with minimal impact on productivity. Encrypted hard drives are a new class of hard drives that are self-encrypting at a hardware level and allow for full disk hardware encryption. You can install Windows to encrypted hard drives without additional modification, beginning with Windows 8 and Windows Server 2012. Encrypted hard drives provide: -- **Better performance**: Encryption hardware, integrated into the drive controller, allows the drive to operate at full data rate with no performance degradation. -- **Strong security based in hardware**: Encryption is always "on" and the keys for encryption never leave the hard drive. User authentication is performed by the drive before it will unlock, independently of the operating system -- **Ease of use**: Encryption is transparent to the user, and the user doesn't need to enable it. Encrypted Hard Drives are easily erased using on-board encryption key; there's no need to re-encrypt data on the drive. -- **Lower cost of ownership**: There's no need for new infrastructure to manage encryption keys, since BitLocker leverages your existing infrastructure to store recovery information. Your device operates more efficiently because processor cycles don't need to be used for the encryption process. +- **Better performance**: Encryption hardware, integrated into the drive controller, allows the drive to operate at full data rate with no performance degradation. +- **Strong security based in hardware**: Encryption is always "on" and the keys for encryption never leave the hard drive. User authentication is performed by the drive before it will unlock, independently of the operating system +- **Ease of use**: Encryption is transparent to the user, and the user doesn't need to enable it. Encrypted Hard Drives are easily erased using on-board encryption key; there's no need to re-encrypt data on the drive. +- **Lower cost of ownership**: There's no need for new infrastructure to manage encryption keys, since BitLocker uses your existing infrastructure to store recovery information. Your device operates more efficiently because processor cycles don't need to be used for the encryption process. Encrypted hard drives are supported natively in the operating system through the following mechanisms: -- **Identification**: The operating system identifies that the drive is an Encrypted hard drive device type. -- **Activation**: The operating system disk management utility activates, creates and maps volumes to ranges/bands as appropriate. -- **Configuration**: The operating system creates and maps volumes to ranges/bands as appropriate. -- **API**: API support for applications to manage Encrypted hard drives independent of BitLocker drive encryption (BDE). -- **BitLocker support**: Integration with the BitLocker Control Panel provides a seamless BitLocker end-user experience. +- **Identification**: The operating system identifies that the drive is an Encrypted hard drive device type. +- **Activation**: The operating system disk management utility activates, creates and maps volumes to ranges/bands as appropriate. +- **Configuration**: The operating system creates and maps volumes to ranges/bands as appropriate. +- **API**: API support for applications to manage Encrypted hard drives independent of BitLocker drive encryption (BDE). +- **BitLocker support**: Integration with the BitLocker Control Panel provides a seamless BitLocker end-user experience. >[!WARNING] >Self-encrypting hard drives and encrypted hard drives for Windows are not the same type of devices. Encrypted hard drives for Windows require compliance for specific TCG protocols as well as IEEE 1667 compliance; Self-encrypting hard drives do not have these requirements. It is important to confirm that the device type is an encrypted hard drive for Windows when planning for deployment. - -If you are a storage device vendor who is looking for more info on how to implement Encrypted Hard Drive, see the [Encrypted Hard Drive Device Guide](/previous-versions/windows/hardware/design/dn653989(v=vs.85)). + +If you're a storage device vendor who is looking for more info on how to implement Encrypted Hard Drive, see the [Encrypted Hard Drive Device Guide](/previous-versions/windows/hardware/design/dn653989(v=vs.85)). ## System Requirements @@ -52,44 +53,44 @@ To use encrypted hard drives, the following system requirements apply: For an encrypted hard drive used as a **data drive**: -- The drive must be in an uninitialized state. -- The drive must be in a security inactive state. +- The drive must be in an uninitialized state. +- The drive must be in a security inactive state. For an encrypted hard drive used as a **startup drive**: -- The drive must be in an uninitialized state. -- The drive must be in a security inactive state. -- The computer must be UEFI 2.3.1 based and have the EFI\_STORAGE\_SECURITY\_COMMAND\_PROTOCOL defined. (This protocol is used to allow programs running in the EFI boot services environment to send security protocol commands to the drive). -- The computer must have the compatibility support module (CSM) disabled in UEFI. -- The computer must always boot natively from UEFI. +- The drive must be in an uninitialized state. +- The drive must be in a security inactive state. +- The computer must be UEFI 2.3.1 based and have the EFI\_STORAGE\_SECURITY\_COMMAND\_PROTOCOL defined. (This protocol is used to allow programs running in the EFI boot services environment to send security protocol commands to the drive). +- The computer must have the compatibility support module (CSM) disabled in UEFI. +- The computer must always boot natively from UEFI. >[!WARNING] >All encrypted hard drives must be attached to non-RAID controllers to function properly. - + ## Technical overview -Rapid encryption in BitLocker directly addresses the security needs of enterprises while offering significantly improved performance. In versions of Windows earlier than Windows Server 2012, BitLocker required a two-step process to complete read/write requests. In Windows Server 2012, Windows 8, or later versions, encrypted hard drives offload the cryptographic operations to the drive controller for much greater efficiency. When the operating system identifies an encrypted hard drive, it activates the security mode. This activation lets the drive controller generate a media key for every volume that the host computer creates. This media key, which is never exposed outside the disk, is used to rapidly encrypt or decrypt every byte of data that is sent or received from the disk. +Rapid encryption in BitLocker directly addresses the security needs of enterprises while offering improved performance. In versions of Windows earlier than Windows Server 2012, BitLocker required a two-step process to complete read/write requests. In Windows Server 2012, Windows 8, or later versions, encrypted hard drives offload the cryptographic operations to the drive controller for much greater efficiency. When the operating system identifies an encrypted hard drive, it activates the security mode. This activation lets the drive controller generate a media key for every volume that the host computer creates. This media key, which is never exposed outside the disk, is used to rapidly encrypt or decrypt every byte of data that is sent or received from the disk. ## Configuring encrypted hard drives as startup drives Configuration of encrypted hard drives as startup drives is done using the same methods as standard hard drives. These methods include: -- **Deploy from media**: Configuration of Encrypted Hard Drives happens automatically through the installation process. -- **Deploy from network**: This deployment method involves booting a Windows PE environment and using imaging tools to apply a Windows image from a network share. Using this method, the Enhanced Storage optional component needs to be included in the Windows PE image. You can enable this component using Server Manager, Windows PowerShell, or the DISM command line tool. If this component isn't present, configuration of Encrypted Hard Drives won't work. -- **Deploy from server**: This deployment method involves PXE booting a client with Encrypted Hard Drives present. Configuration of Encrypted Hard Drives happens automatically in this environment when the Enhanced Storage component is added to the PXE boot image. During deployment, the [TCGSecurityActivationDisabled](/windows-hardware/customize/desktop/unattend/microsoft-windows-enhancedstorage-adm-tcgsecurityactivationdisabled) setting in unattend.xml controls the encryption behavior of Encrypted Hard Drives. -- **Disk Duplication**: This deployment method involves use of a previously configured device and disk duplication tools to apply a Windows image to an Encrypted Hard Drive. Disks must be partitioned using at least Windows 8 or Windows Server 2012 for this configuration to work. Images made using disk duplicators won't work. +- **Deploy from media**: Configuration of Encrypted Hard Drives happens automatically through the installation process. +- **Deploy from network**: This deployment method involves booting a Windows PE environment and using imaging tools to apply a Windows image from a network share. Using this method, the Enhanced Storage optional component needs to be included in the Windows PE image. You can enable this component using Server Manager, Windows PowerShell, or the DISM command line tool. If this component isn't present, configuration of Encrypted Hard Drives won't work. +- **Deploy from server**: This deployment method involves PXE booting a client with Encrypted Hard Drives present. Configuration of Encrypted Hard Drives happens automatically in this environment when the Enhanced Storage component is added to the PXE boot image. During deployment, the [TCGSecurityActivationDisabled](/windows-hardware/customize/desktop/unattend/microsoft-windows-enhancedstorage-adm-tcgsecurityactivationdisabled) setting in unattend.xml controls the encryption behavior of Encrypted Hard Drives. +- **Disk Duplication**: This deployment method involves use of a previously configured device and disk duplication tools to apply a Windows image to an Encrypted Hard Drive. Disks must be partitioned using at least Windows 8 or Windows Server 2012 for this configuration to work. Images made using disk duplicators won't work. ## Configuring hardware-based encryption with group policy -There are three related Group Policy settings that help you manage how BitLocker uses hardware-based encryption and which encryption algorithms to use. If these settings aren't configured or disabled on systems that are equipped with encrypted drives, BitLocker uses software-based encryption: +There are three related Group Policy settings that help you manage how BitLocker uses hardware-based encryption and which encryption algorithms to use. If these settings aren't configured or disabled on systems that are equipped with encrypted drives, BitLocker uses software-based encryption: -- [Configure use of hardware-based encryption for fixed data drives](bitlocker/bitlocker-group-policy-settings.md#bkmk-hdefxd) +- [Configure use of hardware-based encryption for fixed data drives](bitlocker/bitlocker-group-policy-settings.md#configure-use-of-hardware-based-encryption-for-fixed-data-drives) - [Configure use of hardware-based encryption for removable data drives](bitlocker/bitlocker-group-policy-settings.md#configure-use-of-hardware-based-encryption-for-removable-data-drives) - [Configure use of hardware-based encryption for operating system drives](bitlocker/bitlocker-group-policy-settings.md#configure-use-of-hardware-based-encryption-for-operating-system-drives) ## Encrypted hard drive architecture -Encrypted hard drives utilize two encryption keys on the device to control the locking and unlocking of data on the drive. These are the data encryption key (DEK) and the authentication key (AK). +Encrypted hard drives utilize two encryption keys on the device to control the locking and unlocking of data on the drive. These encryption keys are the data encryption key (DEK) and the authentication key (AK). The Data Encryption Key is the key used to encrypt all of the data on the drive. The drive generates the DEK and it never leaves the device. It's stored in an encrypted format at a random location on the drive. If the DEK is changed or erased, data encrypted using the DEK is irrecoverable. @@ -97,13 +98,13 @@ The AK is the key used to unlock data on the drive. A hash of the key is stored When a computer with an encrypted hard drive is in a powered-off state, the drive locks automatically. As a computer powers on, the device remains in a locked state and is only unlocked after the AK decrypts the DEK. Once the AK decrypts the DEK, read-write operations can take place on the device. -When writing data to the drive, it passes through an encryption engine before the write operation completes. Likewise, reading data from the drive requires the encryption engine to decrypt the data before passing that data back to the user. In the event that the DEK needs to be changed or erased, the data on the drive doesn't need to be re-encrypted. A new Authentication Key needs to be created and it will re-encrypt the DEK. Once completed, the DEK can now be unlocked using the new AK and read-writes to the volume can continue. +When writing data to the drive, it passes through an encryption engine before the write operation completes. Likewise, reading data from the drive requires the encryption engine to decrypt the data before passing that data back to the user. If the DEK needs to be changed or erased, the data on the drive doesn't need to be re-encrypted. A new Authentication Key needs to be created and it will re-encrypt the DEK. Once completed, the DEK can now be unlocked using the new AK, and read-writes to the volume can continue. -## Re-configuring encrypted hard drives +## Reconfiguring encrypted hard drives Many encrypted hard drive devices come pre-configured for use. If reconfiguration of the drive is required, use the following procedure after removing all available volumes and reverting the drive to an uninitialized state: -1. Open Disk Management (diskmgmt.msc) -2. Initialize the disk and select the appropriate partition style (MBR or GPT) -3. Create one or more volumes on the disk. -4. Use the BitLocker setup wizard to enable BitLocker on the volume. +1. Open Disk Management (`diskmgmt.msc`) +2. Initialize the disk and select the appropriate partition style (MBR or GPT) +3. Create one or more volumes on the disk. +4. Use the BitLocker setup wizard to enable BitLocker on the volume. From daa7000a3e9fbaba02ab144e7808ded4bd8a6169 Mon Sep 17 00:00:00 2001 From: Frank Rojas <45807133+frankroj@users.noreply.github.com> Date: Tue, 8 Nov 2022 20:09:34 -0500 Subject: [PATCH 028/129] Metadata/style update BitLocker 7 --- ...tlocker-how-to-deploy-on-windows-server.md | 72 ++++++---- .../bitlocker-how-to-enable-network-unlock.md | 128 +++++++++--------- .../bitlocker-key-management-faq.yml | 32 +++-- .../bitlocker/bitlocker-overview.md | 2 +- .../bitlocker-recovery-guide-plan.md | 52 +++---- ...ve-encryption-tools-to-manage-bitlocker.md | 10 +- ...-use-bitlocker-recovery-password-viewer.md | 16 +-- ...itlocker-using-with-other-programs-faq.yml | 4 +- ...nd-storage-area-networks-with-bitlocker.md | 54 ++++---- 9 files changed, 196 insertions(+), 174 deletions(-) diff --git a/windows/security/information-protection/bitlocker/bitlocker-how-to-deploy-on-windows-server.md b/windows/security/information-protection/bitlocker/bitlocker-how-to-deploy-on-windows-server.md index 9440883c31..e7579cafbb 100644 --- a/windows/security/information-protection/bitlocker/bitlocker-how-to-deploy-on-windows-server.md +++ b/windows/security/information-protection/bitlocker/bitlocker-how-to-deploy-on-windows-server.md @@ -24,45 +24,57 @@ ms.technology: itpro-security This article explains how to deploy BitLocker on Windows Server 2012 and later versions. For all Windows Server editions, BitLocker can be installed using Server Manager or Windows PowerShell cmdlets. BitLocker requires administrator privileges on the server on which it's to be installed. -## Installing BitLocker +## Installing BitLocker -### To install BitLocker using server manager +### To install BitLocker using server manager -1. Open server manager by selecting the server manager icon or running servermanager.exe. -2. Select **Manage** from the **Server Manager Navigation** bar and select **Add Roles and Features** to start the **Add Roles and Features Wizard.** -3. With the **Add Roles and Features** wizard open, select **Next** at the **Before you begin** pane (if shown). -4. Select **Role-based or feature-based installation** on the **Installation type** pane of the **Add Roles and Features** wizard and select **Next** to continue. -5. Select the **Select a server from the server pool** option in the **Server Selection** pane and confirm the server on which the BitLocker feature is to be installed. -6. Select **Next** on the **Server Roles** pane of the **Add Roles and Features** wizard to proceed to the **Features** pane. - **Note**: Server roles and features are installed by using the same wizard in Server Manager. -7. Select the check box next to **BitLocker Drive Encryption** within the **Features** pane of the **Add Roles and Features** wizard. The wizard shows the extra management features available for BitLocker. If you don't want to install these features, deselect the **Include management tools +1. Open server manager by selecting the server manager icon or running servermanager.exe. + +2. Select **Manage** from the **Server Manager Navigation** bar and select **Add Roles and Features** to start the **Add Roles and Features Wizard.** + +3. With the **Add Roles and Features** wizard open, select **Next** at the **Before you begin** pane (if shown). + +4. Select **Role-based or feature-based installation** on the **Installation type** pane of the **Add Roles and Features** wizard and select **Next** to continue. + +5. Select the **Select a server from the server pool** option in the **Server Selection** pane and confirm the server on which the BitLocker feature is to be installed. + +6. Select **Next** on the **Server Roles** pane of the **Add Roles and Features** wizard to proceed to the **Features** pane. + + > [!NOTE] + > Server roles and features are installed by using the same wizard in Server Manager. + +7. Select the check box next to **BitLocker Drive Encryption** within the **Features** pane of the **Add Roles and Features** wizard. The wizard shows the extra management features available for BitLocker. If you don't want to install these features, deselect the **Include management tools ** and select **Add Features**. Once optional features selection is complete, select **Next** to proceed in the wizard. - > **Note:** The **Enhanced Storage** feature is a required feature for enabling BitLocker. This feature enables support for encrypted hard drives on capable systems. - -8. Select **Install** on the **Confirmation** pane of the **Add Roles and Features** wizard to begin BitLocker feature installation. The BitLocker feature requires a restart for its installation to be complete. Selecting the **Restart the destination server automatically if required** option in the **Confirmation** pane forces a restart of the computer after installation is complete. -9. If the **Restart the destination server automatically if required** check box isn't selected, the **Results** pane of the **Add Roles and Features** wizard displays the success or failure of the BitLocker feature installation. If necessary, a notification of other action necessary to complete the feature installation, such as the restart of the computer, will be displayed in the results text. + > [!NOTE] + > The **Enhanced Storage** feature is a required feature for enabling BitLocker. This feature enables support for encrypted hard drives on capable systems. -### To install BitLocker using Windows PowerShell +8. Select **Install** on the **Confirmation** pane of the **Add Roles and Features** wizard to begin BitLocker feature installation. The BitLocker feature requires a restart for its installation to be complete. Selecting the **Restart the destination server automatically if required** option in the **Confirmation** pane forces a restart of the computer after installation is complete. -Windows PowerShell offers administrators another option for BitLocker feature installation. Windows PowerShell installs features using the `servermanager` or `dism` module; however, the `servermanager` and `dism` modules don't always share feature name parity. Because of this, it's advisable to confirm the feature or role name prior to installation. +9. If the **Restart the destination server automatically if required** check box isn't selected, the **Results** pane of the **Add Roles and Features** wizard displays the success or failure of the BitLocker feature installation. If necessary, a notification of other action necessary to complete the feature installation, such as the restart of the computer, will be displayed in the results text. + +### To install BitLocker using Windows PowerShell + +Windows PowerShell offers administrators another option for BitLocker feature installation. Windows PowerShell installs features using the `servermanager` or `dism` module. However, the `servermanager` and `dism` modules don't always share feature name parity. Because of this mismatch of feature name parity, it's advisable to confirm the feature or role name prior to installation. + +> [!NOTE] +> You must restart the server to complete the installation of BitLocker. ->**Note:**You must restart the server to complete the installation of BitLocker. - ### Using the servermanager module to install BitLocker -The `servermanager` Windows PowerShell module can use either the `Install-WindowsFeature` or `Add-WindowsFeature` to install the BitLocker feature. The `Add-WindowsFeature` cmdlet is merely a stub to the `Install-WindowsFeature`. This example uses the `Install-WindowsFeature` cmdlet. The feature name for BitLocker in the `servermanager` module is `BitLocker`. +The `servermanager` Windows PowerShell module can use either the `Install-WindowsFeature` or `Add-WindowsFeature` to install the BitLocker feature. The `Add-WindowsFeature` cmdlet is merely a stub to the `Install-WindowsFeature`. This example uses the `Install-WindowsFeature` cmdlet. The feature name for BitLocker in the `servermanager` module is `BitLocker`. -By default, installation of features in Windows PowerShell doesn't include optional sub-features or management tools as part of the installation process. This can be seen using the `-WhatIf` option in Windows PowerShell. +By default, installation of features in Windows PowerShell doesn't include optional sub-features or management tools as part of the installation process. What is installed as part of the installation process can be seen using the `-WhatIf` option in Windows PowerShell. -```powershell +``` powershell Install-WindowsFeature BitLocker -WhatIf ``` + The results of this command show that only the BitLocker Drive Encryption feature is installed using this command. To see what would be installed with the BitLocker feature, including all available management tools and sub-features, use the following command: -```powershell +``` powershell Install-WindowsFeature BitLocker -IncludeAllSubFeature -IncludeManagementTools -WhatIf | fl ``` @@ -78,17 +90,18 @@ The result of this command displays the following list of all the administration The command to complete a full installation of the BitLocker feature with all available sub-features and then to reboot the server at completion is: -```powershell +``` powershell Install-WindowsFeature BitLocker -IncludeAllSubFeature -IncludeManagementTools -Restart ``` ->**Important:**Installing the BitLocker feature using Windows PowerShell does not install the Enhanced Storage feature. Administrators wishing to support Encrypted Hard Drives in their environment will need to install the Enhanced Storage feature separately. - +> [!IMPORTANT] +> Installing the BitLocker feature using Windows PowerShell does not install the Enhanced Storage feature. Administrators wishing to support Encrypted Hard Drives in their environment will need to install the Enhanced Storage feature separately. + ### Using the dism module to install BitLocker The `dism` Windows PowerShell module uses the `Enable-WindowsOptionalFeature` cmdlet to install features. The BitLocker feature name for BitLocker is `BitLocker`. The `dism` module doesn't support wildcards when searching for feature names. To list feature names for the `dism` module, use the `Get-WindowsOptionalFeatures` cmdlet. The following command will list all of the optional features in an online (running) operating system. -```powershell +``` powershell Get-WindowsOptionalFeature -Online | ft ``` @@ -96,16 +109,17 @@ From this output, we can see that there are three BitLocker-related optional fea To install BitLocker using the `dism` module, use the following command: -```powershell +``` powershell Enable-WindowsOptionalFeature -Online -FeatureName BitLocker -All ``` This command prompts the user for a reboot. The Enable-WindowsOptionalFeature cmdlet doesn't offer support for forcing a reboot of the computer. This command doesn't include installation of the management tools for BitLocker. For a complete installation of BitLocker and all available management tools, use the following command: -```powershell +``` powershell Enable-WindowsOptionalFeature -Online -FeatureName BitLocker, BitLocker-Utilities -All ``` -## More information + +## Related articles - [BitLocker overview](bitlocker-overview.md) - [BitLocker frequently asked questions (FAQ)](bitlocker-frequently-asked-questions.yml) diff --git a/windows/security/information-protection/bitlocker/bitlocker-how-to-enable-network-unlock.md b/windows/security/information-protection/bitlocker/bitlocker-how-to-enable-network-unlock.md index c4df7408fa..bfd8ef3474 100644 --- a/windows/security/information-protection/bitlocker/bitlocker-how-to-enable-network-unlock.md +++ b/windows/security/information-protection/bitlocker/bitlocker-how-to-enable-network-unlock.md @@ -72,17 +72,17 @@ Manage and deploy this certificate through the Group Policy editor directly on a The Network Unlock process follows these phases: -1. The Windows boot manager detects a Network Unlock protector in the BitLocker configuration. -2. The client computer uses its DHCP driver in the UEFI to get a valid IPv4 IP address. -3. The client computer broadcasts a vendor-specific DHCP request that contains: - 1. A network key (a 256-bit intermediate key) that is encrypted by using the 2048-bit RSA Public Key of the network unlock certificate from the WDS server. - 2. An AES-256 session key for the reply. -4. The Network Unlock provider on the WDS server recognizes the vendor-specific request. -5. The provider decrypts the request by using the WDS server's BitLocker Network Unlock certificate RSA private key. -6. The WDS provider returns the network key encrypted with the session key by using its own vendor-specific DHCP reply to the client computer. This key is an intermediate key. -7. The returned intermediate key is combined with another local 256-bit intermediate key. This key can be decrypted only by the TPM. -8. This combined key is used to create an AES-256 key that unlocks the volume. -9. Windows continues the boot sequence. +1. The Windows boot manager detects a Network Unlock protector in the BitLocker configuration. +2. The client computer uses its DHCP driver in the UEFI to get a valid IPv4 IP address. +3. The client computer broadcasts a vendor-specific DHCP request that contains: + 1. A network key (a 256-bit intermediate key) that is encrypted by using the 2048-bit RSA Public Key of the network unlock certificate from the WDS server. + 2. An AES-256 session key for the reply. +4. The Network Unlock provider on the WDS server recognizes the vendor-specific request. +5. The provider decrypts the request by using the WDS server's BitLocker Network Unlock certificate RSA private key. +6. The WDS provider returns the network key encrypted with the session key by using its own vendor-specific DHCP reply to the client computer. This key is an intermediate key. +7. The returned intermediate key is combined with another local 256-bit intermediate key. This key can be decrypted only by the TPM. +8. This combined key is used to create an AES-256 key that unlocks the volume. +9. Windows continues the boot sequence. ## Configure network unlock @@ -122,15 +122,15 @@ Install-WindowsFeature BitLocker-NetworkUnlock A properly configured Active Directory Services Certification Authority can use this certificate template to create and issue Network Unlock certificates. -1. Open the Certificates Template snap-in (certtmpl.msc). -2. Locate the User template, right-click the template name and select **Duplicate Template**. -3. On the **Compatibility** tab, change the **Certification Authority** and **Certificate recipient** fields to Windows Server 2012 and Windows 8, respectively. Ensure that the **Show resulting changes** dialog box is selected. -4. Select the **General** tab of the template. The **Template display name** and **Template name** should clearly identify that the template will be used for Network Unlock. Clear the check box for the **Publish certificate in Active Directory** option. -5. Select the **Request Handling** tab. Select **Encryption** from the **Purpose** drop-down menu. Ensure that the **Allow private key to be exported** option is selected. -6. Select the **Cryptography** tab. Set the **Minimum key size** to 2048. (Any Microsoft cryptographic provider that supports RSA can be used for this template, but for simplicity and forward compatibility, we recommend using **Microsoft Software Key Storage Provider**.) -7. Select the **Requests must use one of the following providers** option and clear all options except for the cryptography provider you selected, such as **Microsoft Software Key Storage Provider**. -8. Select the **Subject Name** tab. Select **Supply in the request**. Click **OK** if the certificate templates pop-up dialog appears. -9. Select the **Issuance Requirements** tab. Select both **CA certificate manager approval** and **Valid existing certificate** options. +1. Open the Certificates Template snap-in (certtmpl.msc). +2. Locate the User template, right-click the template name and select **Duplicate Template**. +3. On the **Compatibility** tab, change the **Certification Authority** and **Certificate recipient** fields to Windows Server 2012 and Windows 8, respectively. Ensure that the **Show resulting changes** dialog box is selected. +4. Select the **General** tab of the template. The **Template display name** and **Template name** should clearly identify that the template will be used for Network Unlock. Clear the check box for the **Publish certificate in Active Directory** option. +5. Select the **Request Handling** tab. Select **Encryption** from the **Purpose** drop-down menu. Ensure that the **Allow private key to be exported** option is selected. +6. Select the **Cryptography** tab. Set the **Minimum key size** to 2048. (Any Microsoft cryptographic provider that supports RSA can be used for this template, but for simplicity and forward compatibility, we recommend using **Microsoft Software Key Storage Provider**.) +7. Select the **Requests must use one of the following providers** option and clear all options except for the cryptography provider you selected, such as **Microsoft Software Key Storage Provider**. +8. Select the **Subject Name** tab. Select **Supply in the request**. Click **OK** if the certificate templates pop-up dialog appears. +9. Select the **Issuance Requirements** tab. Select both **CA certificate manager approval** and **Valid existing certificate** options. 10. Select the **Extensions** tab. Select **Application Policies** and choose **Edit…**. 11. In the **Edit Application Policies Extension** options dialog box, select **Client Authentication**, **Encrypting File System**, **and Secure Email** and choose **Remove**. 12. On the **Edit Application Policies Extension** dialog box, select **Add**. @@ -153,26 +153,26 @@ After you add the Network Unlock template to the certificate authority, you can Network Unlock can use imported certificates from an existing public key infrastructure (PKI). Or it can use a self-signed certificate. To enroll a certificate from an existing certificate authority: -1. On the WDS server, open Certificate Manager by using `certmgr.msc`. -2. Under **Certificates - Current User**, right-click **Personal**. -3. Select **All Tasks** > **Request New Certificate**. -4. When the Certificate Enrollment wizard opens, select **Next**. -5. Select **Active Directory Enrollment Policy**. -6. Choose the certificate template that was created for Network Unlock on the domain controller. Then select **Enroll**. +1. On the WDS server, open Certificate Manager by using `certmgr.msc`. +2. Under **Certificates - Current User**, right-click **Personal**. +3. Select **All Tasks** > **Request New Certificate**. +4. When the Certificate Enrollment wizard opens, select **Next**. +5. Select **Active Directory Enrollment Policy**. +6. Choose the certificate template that was created for Network Unlock on the domain controller. Then select **Enroll**. 1. When you're prompted for more information, select **Subject Name** and provide a friendly name value. Your friendly name should include information for the domain or organizational unit for the certificate. Here's an example: *BitLocker Network Unlock Certificate for Contoso domain*. -7. Create the certificate. Ensure the certificate appears in the **Personal** folder. -8. Export the public key certificate for Network Unlock: +7. Create the certificate. Ensure the certificate appears in the **Personal** folder. +8. Export the public key certificate for Network Unlock: - 1. Create a .cer file by right-clicking the previously created certificate, selecting **All Tasks**, and then selecting **Export**. - 2. Select **No, do not export the private key**. - 3. Select **DER encoded binary X.509** and complete exporting the certificate to a file. - 4. Give the file a name such as BitLocker-NetworkUnlock.cer. + 1. Create a .cer file by right-clicking the previously created certificate, selecting **All Tasks**, and then selecting **Export**. + 2. Select **No, do not export the private key**. + 3. Select **DER encoded binary X.509** and complete exporting the certificate to a file. + 4. Give the file a name such as BitLocker-NetworkUnlock.cer. -9. Export the public key with a private key for Network Unlock. +9. Export the public key with a private key for Network Unlock. - 1. Create a .pfx file by right-clicking the previously created certificate, selecting **All Tasks**, and then selecting **Export**. - 2. Select **Yes, export the private key**. - 3. Complete the steps to create the *.pfx* file. + 1. Create a .pfx file by right-clicking the previously created certificate, selecting **All Tasks**, and then selecting **Export**. + 2. Select **Yes, export the private key**. + 3. Complete the steps to create the *.pfx* file. To create a self-signed certificate, either use the `New-SelfSignedCertificate` cmdlet in Windows PowerShell or use `certreq`. @@ -184,8 +184,8 @@ New-SelfSignedCertificate -CertStoreLocation Cert:\LocalMachine\My -Subject "CN= Here's a `certreq` example: -1. Create a text file with an .inf extension, for example, notepad.exe BitLocker-NetworkUnlock.inf. -2. Add the following contents to the previously created file: +1. Create a text file with an .inf extension, for example, notepad.exe BitLocker-NetworkUnlock.inf. +2. Add the following contents to the previously created file: ```ini [NewRequest] @@ -206,23 +206,23 @@ Here's a `certreq` example: _continue_ = "1.3.6.1.4.1.311.67.1.1" ``` -3. Open an elevated command prompt and use the `certreq` tool to create a new certificate. Use the following command, specifying the full path to the file that you created previously. Also specify the file name. +3. Open an elevated command prompt and use the `certreq` tool to create a new certificate. Use the following command, specifying the full path to the file that you created previously. Also specify the file name. ```cmd certreq -new BitLocker-NetworkUnlock.inf BitLocker-NetworkUnlock.cer ``` -4. Verify that certificate was properly created by the previous command by confirming that the .cer file exists. -5. Launch Certificates - Local Machine by running **certlm.msc**. -6. Create a .pfx file by opening the **Certificates - Local Computer\\Personal\\Certificates** path in the navigation pane, right-clicking the previously imported certificate, selecting **All Tasks**, and then selecting **Export**. Follow through the wizard to create the .pfx file. +4. Verify that certificate was properly created by the previous command by confirming that the .cer file exists. +5. Launch Certificates - Local Machine by running **certlm.msc**. +6. Create a .pfx file by opening the **Certificates - Local Computer\\Personal\\Certificates** path in the navigation pane, right-clicking the previously imported certificate, selecting **All Tasks**, and then selecting **Export**. Follow through the wizard to create the .pfx file. ### Deploy the private key and certificate to the WDS server Now that you've created the certificate and key, deploy them to the infrastructure to properly unlock systems. To deploy the certificates: -1. On the WDS server, open a new MMC and add the certificates snap-in. Select the computer account and local computer when given the options. -2. Right-click the Certificates (Local Computer) - BitLocker Drive Encryption Network Unlock item -, select **All Tasks**, and then select **Import**. -3. In the **File to Import** dialog, choose the .pfx file created previously. -4. Enter the password used to create the .pfx and complete the wizard. +1. On the WDS server, open a new MMC and add the certificates snap-in. Select the computer account and local computer when given the options. +2. Right-click the Certificates (Local Computer) - BitLocker Drive Encryption Network Unlock item -, select **All Tasks**, and then select **Import**. +3. In the **File to Import** dialog, choose the .pfx file created previously. +4. Enter the password used to create the .pfx and complete the wizard. ### Configure group policy settings for network unlock @@ -230,22 +230,22 @@ With certificate and key deployed to the WDS server for Network Unlock, the fina The following steps describe how to enable the group policy setting that is a requirement for configuring network unlock. -1. Open Group Policy Management Console (`gpmc.msc`). -2. Enable the policy **Require additional authentication at startup**, and then select **Require startup PIN with TPM** or **Allow startup PIN with TPM**. -3. Turn on BitLocker with TPM+PIN protectors on all domain-joined computers. +1. Open Group Policy Management Console (`gpmc.msc`). +2. Enable the policy **Require additional authentication at startup**, and then select **Require startup PIN with TPM** or **Allow startup PIN with TPM**. +3. Turn on BitLocker with TPM+PIN protectors on all domain-joined computers. The following steps describe how to deploy the required group policy setting: > [!NOTE] > The group policy settings **Allow network unlock at startup** and **Add Network Unlock Certificate** were introduced in Windows Server 2012. -1. Copy the *.cer* file that you created for Network Unlock to the domain controller. -2. On the domain controller, open Group Policy Management Console (`gpmc.msc`). -3. Create a new Group Policy Object or modify an existing object to enable the **Allow network unlock at startup** setting. -4. Deploy the public certificate to clients: - 1. Within group policy management console, navigate to the following location: **Computer Configuration\\Policies\\Windows Settings\\Security Settings\\Public Key Policies\\BitLocker Drive Encryption Network Unlock Certificate**. - 2. Right-click the folder and select **Add Network Unlock Certificate**. - 3. Follow the wizard steps and import the .cer file that was copied earlier. +1. Copy the *.cer* file that you created for Network Unlock to the domain controller. +2. On the domain controller, open Group Policy Management Console (`gpmc.msc`). +3. Create a new Group Policy Object or modify an existing object to enable the **Allow network unlock at startup** setting. +4. Deploy the public certificate to clients: + 1. Within group policy management console, navigate to the following location: **Computer Configuration\\Policies\\Windows Settings\\Security Settings\\Public Key Policies\\BitLocker Drive Encryption Network Unlock Certificate**. + 2. Right-click the folder and select **Add Network Unlock Certificate**. + 3. Follow the wizard steps and import the .cer file that was copied earlier. > [!NOTE] > Only one network unlock certificate can be available at a time. If you need a new certificate, delete the current certificate before you deploy a new one. The Network Unlock certificate is located in the *HKEY\_LOCAL\_MACHINE\\Software\\Policies\\Microsoft\\SystemCertificates\\FVE\_NKP* key on the client computer. @@ -351,12 +351,12 @@ Your system must meet these requirements: Follow these steps to configure Network Unlock on these older systems. -1. [Install the WDS Server role](#bkmk-installwdsrole) -2. [Confirm the WDS Service is running](#bkmk-confirmwdsrunning) -3. [Install the Network Unlock feature](#bkmk-installnufeature) -4. [Create the Network Unlock certificate](#bkmk-createcert) -5. [Deploy the private key and certificate to the WDS server](#bkmk-deploycert) -6. Configure registry settings for network unlock: +1. [Install the WDS Server role](#bkmk-installwdsrole) +2. [Confirm the WDS Service is running](#bkmk-confirmwdsrunning) +3. [Install the Network Unlock feature](#bkmk-installnufeature) +4. [Create the Network Unlock certificate](#bkmk-createcert) +5. [Deploy the private key and certificate to the WDS server](#bkmk-deploycert) +6. Configure registry settings for network unlock: Apply the registry settings by running the following `certutil` script (assuming your Network Unlock certificate file is called *BitLocker-NetworkUnlock.cer*) on each computer that runs a client operating system that's designated in the "Applies to" list at the beginning of this article. @@ -371,8 +371,8 @@ Follow these steps to configure Network Unlock on these older systems. reg add "HKLM\SOFTWARE\Policies\Microsoft\FVE" /v UseTPMKeyPIN /t REG_DWORD /d 2 /f ``` -7. Set up a TPM protector on the clients. -8. Reboot the clients to add the Network (certificate based) protector. +7. Set up a TPM protector on the clients. +8. Reboot the clients to add the Network (certificate based) protector. ## See also diff --git a/windows/security/information-protection/bitlocker/bitlocker-key-management-faq.yml b/windows/security/information-protection/bitlocker/bitlocker-key-management-faq.yml index 2d19e3ef2a..1d4193f343 100644 --- a/windows/security/information-protection/bitlocker/bitlocker-key-management-faq.yml +++ b/windows/security/information-protection/bitlocker/bitlocker-key-management-faq.yml @@ -30,9 +30,11 @@ sections: questions: - question: How can I authenticate or unlock my removable data drive? answer: | - You can unlock removable data drives by using a password, a smart card, or you can configure a SID protector to unlock a drive by using your domain credentials. After you've started encryption, the drive can also be automatically unlocked on a specific computer for a specific user account. System administrators can configure which options are available for users, as well as password complexity and minimum length requirements. To unlock by using a SID protector, use Manage-bde: + You can unlock removable data drives by using a password, a smart card, or you can configure a SID protector to unlock a drive by using your domain credentials. After you've started encryption, the drive can also be automatically unlocked on a specific computer for a specific user account. System administrators can configure which options are available for users including password complexity and minimum length requirements. To unlock by using a SID protector, use Manage-bde: - Manage-bde -protectors -add e: -sid domain\username + ``` syntax + Manage-bde.exe -protectors -add e: -sid domain\username + ``` - question: What is the difference between a recovery password, recovery key, PIN, enhanced PIN, and startup key? answer: | @@ -42,22 +44,26 @@ sections: answer: | The recovery password and recovery key for an operating system drive or a fixed data drive can be saved to a folder, saved to one or more USB devices, saved to your Microsoft Account, or printed. - For removable data drives, the recovery password and recovery key can be saved to a folder, saved to your Microsoft Account, or printed. By default, you cannot store a recovery key for a removable drive on a removable drive. + For removable data drives, the recovery password and recovery key can be saved to a folder, saved to your Microsoft Account, or printed. By default, you can't store a recovery key for a removable drive on a removable drive. - A domain administrator can additionally configure Group Policy to automatically generate recovery passwords and store them in Active Directory Domain Services (AD DS) for any BitLocker-protected drive. + A domain administrator can also configure Group Policy to automatically generate recovery passwords and store them in Active Directory Domain Services (AD DS) for any BitLocker-protected drive. - question: Is it possible to add an additional method of authentication without decrypting the drive if I only have the TPM authentication method enabled? answer: | You can use the Manage-bde.exe command-line tool to replace your TPM-only authentication mode with a multifactor authentication mode. For example, if BitLocker is enabled with TPM authentication only and you want to add PIN authentication, use the following commands from an elevated command prompt, replacing *4-20 digit numeric PIN* with the numeric PIN you want to use: - manage-bde -protectors -delete %systemdrive% -type tpm + ``` syntax + manage-bde.exe -protectors -delete %systemdrive% -type tpm + ``` - manage-bde -protectors -add %systemdrive% -tpmandpin 4-20 digit numeric PIN + ``` syntax + manage-bde.exe -protectors -add %systemdrive% -tpmandpin <4-20 digit numeric PIN> + ``` - question: When should an additional method of authentication be considered? answer: | - New hardware that meets [Windows Hardware Compatibility Program](/windows-hardware/design/compatibility/) requirements make a PIN less critical as a mitigation, and having a TPM-only protector is likely sufficient when combined with policies like device lockout. For example, Surface Pro and Surface Book do not have external DMA ports to attack. + New hardware that meets [Windows Hardware Compatibility Program](/windows-hardware/design/compatibility/) requirements make a PIN less critical as a mitigation, and having a TPM-only protector is likely sufficient when combined with policies like device lockout. For example, Surface Pro and Surface Book don't have external DMA ports to attack. For older hardware, where a PIN may be needed, it's recommended to enable [enhanced PINs](bitlocker-group-policy-settings.md#allow-enhanced-pins-for-startup) that allow non-numeric characters such as letters and punctuation marks, and to set the PIN length based on your risk tolerance and the hardware anti-hammering capabilities available to the TPMs in your computers. - question: If I lose my recovery information, will the BitLocker-protected data be unrecoverable? @@ -68,7 +74,7 @@ sections: > Store the recovery information in AD DS, along with your Microsoft Account, or another safe location. - question: Can the USB flash drive that is used as the startup key also be used to store the recovery key? - answer: While this is technically possible, it is not a best practice to use one USB flash drive to store both keys. If the USB flash drive that contains your startup key is lost or stolen, you also lose access to your recovery key. In addition, inserting this key would cause your computer to automatically boot from the recovery key even if TPM-measured files have changed, which circumvents the TPM's system integrity check. + answer: While using a USB flash drive as both the startup key and for storage of the recovery key is technically possible, it isn't a best practice to use one USB flash drive to store both keys. If the USB flash drive that contains your startup key is lost or stolen, you also lose access to your recovery key. In addition, inserting this key would cause your computer to automatically boot from the recovery key even if TPM-measured files have changed, which circumvents the TPM's system integrity check. - question: Can I save the startup key on multiple USB flash drives? answer: Yes, you can save a computer's startup key on multiple USB flash drives. Right-clicking a BitLocker-protected drive and selecting **Manage BitLocker** will provide you the options to duplicate the recovery keys as needed. @@ -80,7 +86,7 @@ sections: answer: You can generate different startup keys for the same computer through scripting. However, for computers that have a TPM, creating different startup keys prevents BitLocker from using the TPM's system integrity check. - question: Can I generate multiple PIN combinations? - answer: You cannot generate multiple PIN combinations. + answer: You can't generate multiple PIN combinations. - question: What encryption keys are used in BitLocker? How do they work together? answer: Raw data is encrypted with the full volume encryption key, which is then encrypted with the volume master key. The volume master key is in turn encrypted by one of several possible methods depending on your authentication (that is, key protectors or TPM) and recovery scenarios. @@ -93,16 +99,16 @@ sections: - question: Why do I have to use the function keys to enter the PIN or the 48-character recovery password? answer: | - The F1 through F10 keys are universally mapped scan codes available in the pre-boot environment on all computers and in all languages. The numeric keys 0 through 9 are not usable in the pre-boot environment on all keyboards. + The F1 through F10 keys are universally mapped scan codes available in the pre-boot environment on all computers and in all languages. The numeric keys 0 through 9 aren't usable in the pre-boot environment on all keyboards. When using an enhanced PIN, users should run the optional system check during the BitLocker setup process to ensure that the PIN can be entered correctly in the pre-boot environment. - question: How does BitLocker help prevent an attacker from discovering the PIN that unlocks my operating system drive? answer: | - It is possible that a personal identification number (PIN) can be discovered by an attacker performing a brute force attack. A brute force attack occurs when an attacker uses an automated tool to try different PIN combinations until the correct one is discovered. For BitLocker-protected computers, this type of attack, also known as a dictionary attack, requires that the attacker have physical access to the computer. + It's possible that a personal identification number (PIN) can be discovered by an attacker performing a brute force attack. A brute force attack occurs when an attacker uses an automated tool to try different PIN combinations until the correct one is discovered. For BitLocker-protected computers, this type of attack, also known as a dictionary attack, requires that the attacker has physical access to the computer. The TPM has the built-in ability to detect and react to these types of attacks. Because different manufacturers' TPMs may support different PIN and attack mitigations, contact your TPM's manufacturer to determine how your computer's TPM mitigates PIN brute force attacks. - After you have determined your TPM's manufacturer, contact the manufacturer to gather the TPM's vendor-specific information. Most manufacturers use the PIN authentication failure count to exponentially increase lockout time to the PIN interface. However, each manufacturer has different policies regarding when and how the failure counter is decreased or reset. + After you've determined your TPM's manufacturer, contact the manufacturer to gather the TPM's vendor-specific information. Most manufacturers use the PIN authentication failure count to exponentially increase lockout time to the PIN interface. However, each manufacturer has different policies regarding when and how the failure counter is decreased or reset. - question: How can I determine the manufacturer of my TPM? answer: You can determine your TPM manufacturer in **Windows Defender Security Center** > **Device Security** > **Security processor details**. @@ -117,6 +123,6 @@ sections: - question: Can PIN length and complexity be managed with Group Policy? answer: | - Yes and No. You can configure the minimum personal identification number (PIN) length by using the **Configure minimum PIN length for startup** Group Policy setting and allow the use of alphanumeric PINs by enabling the **Allow enhanced PINs for startup** Group Policy setting. However, you cannot require PIN complexity by Group Policy. + Yes and No. You can configure the minimum personal identification number (PIN) length by using the **Configure minimum PIN length for startup** Group Policy setting and allow the use of alphanumeric PINs by enabling the **Allow enhanced PINs for startup** Group Policy setting. However, you can't require PIN complexity by Group Policy. For more info, see [BitLocker Group Policy settings](bitlocker-group-policy-settings.md). diff --git a/windows/security/information-protection/bitlocker/bitlocker-overview.md b/windows/security/information-protection/bitlocker/bitlocker-overview.md index b9fc54487a..22d71d965b 100644 --- a/windows/security/information-protection/bitlocker/bitlocker-overview.md +++ b/windows/security/information-protection/bitlocker/bitlocker-overview.md @@ -85,7 +85,7 @@ When installing the BitLocker optional component on a server, you will also need | Topic | Description | | - | - | -| [Overview of BitLocker Device Encryption in Windows 10](bitlocker-device-encryption-overview-windows-10.md) | This topic provides an overview of the ways in which BitLocker Device Encryption can help protect data on devices running Windows 10. | +| [Overview of BitLocker Device Encryption in Windows 10](bitlocker-device-encryption-overview-windows-10.md) | This topic provides an overview of the ways in which BitLocker Device Encryption can help protect data on devices running Windows 10. | | [BitLocker frequently asked questions (FAQ)](bitlocker-frequently-asked-questions.yml) | This topic answers frequently asked questions concerning the requirements to use, upgrade, deploy and administer, and key management policies for BitLocker.| | [Prepare your organization for BitLocker: Planning and policies](prepare-your-organization-for-bitlocker-planning-and-policies.md)| This topic explains the procedure you can use to plan your BitLocker deployment. | | [BitLocker basic deployment](bitlocker-basic-deployment.md) | This topic explains how BitLocker features can be used to protect your data through drive encryption. | diff --git a/windows/security/information-protection/bitlocker/bitlocker-recovery-guide-plan.md b/windows/security/information-protection/bitlocker/bitlocker-recovery-guide-plan.md index 8631b6811a..2dce6b6818 100644 --- a/windows/security/information-protection/bitlocker/bitlocker-recovery-guide-plan.md +++ b/windows/security/information-protection/bitlocker/bitlocker-recovery-guide-plan.md @@ -103,16 +103,16 @@ Before you create a thorough BitLocker recovery process, we recommend that you t **To force a recovery for the local computer:** -1. Select the **Start** button, type **cmd** in the **Start Search** box, and select and hold **cmd.exe**, and then select **Run as administrator**. -2. At the command prompt, type the following command and then press **ENTER**: +1. Select the **Start** button, type **cmd** in the **Start Search** box, and select and hold **cmd.exe**, and then select **Run as administrator**. +2. At the command prompt, type the following command and then press **ENTER**: `manage-bde.exe -forcerecovery ` **To force recovery for a remote computer:** -1. On the Start screen, type **cmd.exe**, and then select **Run as administrator**. +1. On the Start screen, type **cmd.exe**, and then select **Run as administrator**. -2. At the command prompt, type the following command and then press **ENTER**: +2. At the command prompt, type the following command and then press **ENTER**: `manage-bde.exe -ComputerName -forcerecovery ` @@ -220,12 +220,12 @@ While an administrator can remotely investigate the cause of recovery in some ca Review and answer the following questions for your organization: -1. Which BitLocker protection mode is in effect (TPM, TPM + PIN, TPM + startup key, startup key only)? Which PCR profile is in use on the PC? -2. Did the user merely forget the PIN or lose the startup key? If a token was lost, where might the token be? -3. If TPM mode was in effect, was recovery caused by a boot file change? -4. If recovery was caused by a boot file change, is the boot file change due to an intended user action (for example, BIOS upgrade), or a malicious software? -5. When was the user last able to start the computer successfully, and what might have happened to the computer since then? -6. Might the user have encountered malicious software or left the computer unattended since the last successful startup? +1. Which BitLocker protection mode is in effect (TPM, TPM + PIN, TPM + startup key, startup key only)? Which PCR profile is in use on the PC? +2. Did the user merely forget the PIN or lose the startup key? If a token was lost, where might the token be? +3. If TPM mode was in effect, was recovery caused by a boot file change? +4. If recovery was caused by a boot file change, is the boot file change due to an intended user action (for example, BIOS upgrade), or a malicious software? +5. When was the user last able to start the computer successfully, and what might have happened to the computer since then? +6. Might the user have encountered malicious software or left the computer unattended since the last successful startup? To help you answer these questions, use the BitLocker command-line tool to view the current configuration and protection mode (for example, **manage-bde -status**). Scan the event log to find events that help indicate why recovery was initiated (for example, if a boot file change occurred). Both of these capabilities can be performed remotely. @@ -249,11 +249,11 @@ If a user has forgotten the PIN, you must reset the PIN while you are logged on **To prevent continued recovery due to an unknown PIN** -1. Unlock the computer using the recovery password. -2. Reset the PIN: - 1. Select and hold the drive and then select **Change PIN** - 2. In the BitLocker Drive Encryption dialog, select **Reset a forgotten PIN**. If you are not logged in with an administrator account, you must provide administrative credentials at this time. - 3. In the PIN reset dialog, provide and confirm the new PIN to be used and then select **Finish**. +1. Unlock the computer using the recovery password. +2. Reset the PIN: + 1. Select and hold the drive and then select **Change PIN** + 2. In the BitLocker Drive Encryption dialog, select **Reset a forgotten PIN**. If you are not logged in with an administrator account, you must provide administrative credentials at this time. + 3. In the PIN reset dialog, provide and confirm the new PIN to be used and then select **Finish**. 3. You will use the new PIN the next time you unlock the drive. ### Lost startup key @@ -262,9 +262,9 @@ If you have lost the USB flash drive that contains the startup key, then you mus **To prevent continued recovery due to a lost startup key** -1. Log on as an administrator to the computer that has its startup key lost. -2. Open Manage BitLocker. -3. Select **Duplicate start up key**, insert the clean USB drive on which you are going to write the key, and then select **Save**. +1. Log on as an administrator to the computer that has its startup key lost. +2. Open Manage BitLocker. +3. Select **Duplicate start up key**, insert the clean USB drive on which you are going to write the key, and then select **Save**. ### Changes to boot files @@ -457,22 +457,22 @@ You can reset the recovery password in two ways: **To reset a recovery password using manage-bde:** -1. Remove the previous recovery password. +1. Remove the previous recovery password. ```powershell Manage-bde -protectors -delete C: -type RecoveryPassword ``` -2. Add the new recovery password. +2. Add the new recovery password. ```powershell Manage-bde -protectors -add C: -RecoveryPassword ``` -3. Get the ID of the new recovery password. From the screen, copy the ID of the recovery password. +3. Get the ID of the new recovery password. From the screen, copy the ID of the recovery password. ```powershell Manage-bde -protectors -get C: -Type RecoveryPassword ``` -4. Back up the new recovery password to AD DS. +4. Back up the new recovery password to AD DS. ```powershell Manage-bde -protectors -adbackup C: -id {EXAMPLE6-5507-4924-AA9E-AFB2EB003692} @@ -483,8 +483,8 @@ You can reset the recovery password in two ways: **To run the sample recovery password script:** -1. Save the following sample script in a VBScript file. For example: ResetPassword.vbs. -2. At the command prompt, type a command similar to the following: +1. Save the following sample script in a VBScript file. For example: ResetPassword.vbs. +2. At the command prompt, type a command similar to the following: **cscript ResetPassword.vbs** @@ -579,8 +579,8 @@ The following sample script exports all previously saved key packages from AD DS **To run the sample key package retrieval script:** -1. Save the following sample script in a VBScript file. For example: GetBitLockerKeyPackageADDS.vbs. -2. At the command prompt, type a command similar to the following sample script: +1. Save the following sample script in a VBScript file. For example: GetBitLockerKeyPackageADDS.vbs. +2. At the command prompt, type a command similar to the following sample script: **cscript GetBitLockerKeyPackageADDS.vbs -?** diff --git a/windows/security/information-protection/bitlocker/bitlocker-use-bitlocker-drive-encryption-tools-to-manage-bitlocker.md b/windows/security/information-protection/bitlocker/bitlocker-use-bitlocker-drive-encryption-tools-to-manage-bitlocker.md index 4a29257c15..e80b224dba 100644 --- a/windows/security/information-protection/bitlocker/bitlocker-use-bitlocker-drive-encryption-tools-to-manage-bitlocker.md +++ b/windows/security/information-protection/bitlocker/bitlocker-use-bitlocker-drive-encryption-tools-to-manage-bitlocker.md @@ -32,9 +32,9 @@ Both manage-bde and the BitLocker cmdlets can be used to perform any task that c Repair-bde is a special circumstance tool that is provided for disaster recovery scenarios in which a BitLocker protected drive can't be unlocked normally or using the recovery console. -1. [Manage-bde](#bkmk-managebde) -2. [Repair-bde](#bkmk-repairbde) -3. [BitLocker cmdlets for Windows PowerShell](#bkmk-blcmdlets) +1. [Manage-bde](#bkmk-managebde) +2. [Repair-bde](#bkmk-repairbde) +3. [BitLocker cmdlets for Windows PowerShell](#bkmk-blcmdlets) ## Manage-bde @@ -142,9 +142,9 @@ Windows PowerShell cmdlets provide a new way for administrators to use when work Similar to manage-bde, the Windows PowerShell cmdlets allow configuration beyond the options offered in the control panel. As with manage-bde, users need to consider the specific needs of the volume they're encrypting prior to running Windows PowerShell cmdlets. -A good initial step is to determine the current state of the volume(s) on the computer. You can do this using the Get-BitLockerVolume cmdlet. +A good initial step is to determine the current state of the volume(s) on the computer. You can do this using the `Get-BitLockerVolume` cmdlet. -The Get-BitLockerVolume cmdlet output gives information on the volume type, protectors, protection status, and other details. +The `Get-BitLockerVolume` cmdlet output gives information on the volume type, protectors, protection status, and other details. > [!TIP] > Occasionally, all protectors may not be shown when using `Get-BitLockerVolume` due to lack of space in the output display. If you don't see all of the protectors for a volume, you can use the Windows PowerShell pipe command (|) to format a full listing of the protectors. diff --git a/windows/security/information-protection/bitlocker/bitlocker-use-bitlocker-recovery-password-viewer.md b/windows/security/information-protection/bitlocker/bitlocker-use-bitlocker-recovery-password-viewer.md index e0978e67e1..4d74a53c11 100644 --- a/windows/security/information-protection/bitlocker/bitlocker-use-bitlocker-recovery-password-viewer.md +++ b/windows/security/information-protection/bitlocker/bitlocker-use-bitlocker-recovery-password-viewer.md @@ -40,20 +40,20 @@ The following procedures describe the most common tasks performed by using the B **To view the recovery passwords for a computer** -1. In **Active Directory Users and Computers**, locate and then click the container in which the computer is located. -2. Right-click the computer object, and then click **Properties**. -3. In the **Properties** dialog box, click the **BitLocker Recovery** tab to view the BitLocker recovery passwords that are associated with the computer. +1. In **Active Directory Users and Computers**, locate and then click the container in which the computer is located. +2. Right-click the computer object, and then click **Properties**. +3. In the **Properties** dialog box, click the **BitLocker Recovery** tab to view the BitLocker recovery passwords that are associated with the computer. **To copy the recovery passwords for a computer** -1. Follow the steps in the previous procedure to view the BitLocker recovery passwords. -2. On the **BitLocker Recovery** tab of the **Properties** dialog box, right-click the BitLocker recovery password that you want to copy, and then click **Copy Details**. -3. Press CTRL+V to paste the copied text to a destination location, such as a text file or spreadsheet. +1. Follow the steps in the previous procedure to view the BitLocker recovery passwords. +2. On the **BitLocker Recovery** tab of the **Properties** dialog box, right-click the BitLocker recovery password that you want to copy, and then click **Copy Details**. +3. Press CTRL+V to paste the copied text to a destination location, such as a text file or spreadsheet. **To locate a recovery password by using a password ID** -1. In Active Directory Users and Computers, right-click the domain container, and then click **Find BitLocker Recovery Password**. -2. In the **Find BitLocker Recovery Password** dialog box, type the first eight characters of the recovery password in the **Password ID (first 8 characters)** box, and then click **Search**. +1. In Active Directory Users and Computers, right-click the domain container, and then click **Find BitLocker Recovery Password**. +2. In the **Find BitLocker Recovery Password** dialog box, type the first eight characters of the recovery password in the **Password ID (first 8 characters)** box, and then click **Search**. By completing the procedures in this scenario, you have viewed and copied the recovery passwords for a computer and used a password ID to locate a recovery password. ## More information diff --git a/windows/security/information-protection/bitlocker/bitlocker-using-with-other-programs-faq.yml b/windows/security/information-protection/bitlocker/bitlocker-using-with-other-programs-faq.yml index a8ea1a7f7b..349f5fe72c 100644 --- a/windows/security/information-protection/bitlocker/bitlocker-using-with-other-programs-faq.yml +++ b/windows/security/information-protection/bitlocker/bitlocker-using-with-other-programs-faq.yml @@ -101,7 +101,9 @@ sections: The syntax of this command is: - manage-bde driveletter -lock + ``` syntax + manage-bde -lock + ```` Outside of using this command, data drives will be locked on shutdown and restart of the operating system. A removable data drive will also be locked automatically when the drive is removed from the computer. diff --git a/windows/security/information-protection/bitlocker/protecting-cluster-shared-volumes-and-storage-area-networks-with-bitlocker.md b/windows/security/information-protection/bitlocker/protecting-cluster-shared-volumes-and-storage-area-networks-with-bitlocker.md index ca971c88f0..4283cdaa53 100644 --- a/windows/security/information-protection/bitlocker/protecting-cluster-shared-volumes-and-storage-area-networks-with-bitlocker.md +++ b/windows/security/information-protection/bitlocker/protecting-cluster-shared-volumes-and-storage-area-networks-with-bitlocker.md @@ -52,15 +52,15 @@ You can also use an Active Directory Domain Services (AD DS) protector for prote - BitLocker service interrupts the request and uses the BitLocker protect/unprotect APIs to unlock or deny the request. - BitLocker will unlock protected volumes without user intervention by attempting protectors in the following order: - 1. Clear key - 2. Driver-based auto-unlock key - 3. **ADAccountOrGroup** protector + 1. Clear key + 2. Driver-based auto-unlock key + 3. **ADAccountOrGroup** protector a. Service context protector b. User protector - 4. Registry-based auto-unlock key + 4. Registry-based auto-unlock key > [!NOTE] > A Windows Server 2012 or later domain controller is required for this feature to work properly. @@ -73,14 +73,14 @@ BitLocker encryption is available for disks before these disks are added to a cl The advantage of encrypting volumes prior to adding them to a cluster is that the disk resource need not be suspended to complete the operation. To turn on BitLocker for a disk before adding it to a cluster: -1. Install the BitLocker Drive Encryption feature if it isn't already installed. -2. Ensure the disk is an NTFS-formatted one and has a drive letter assigned to it. -3. Identify the name of the cluster with Windows PowerShell. +1. Install the BitLocker Drive Encryption feature if it isn't already installed. +2. Ensure the disk is an NTFS-formatted one and has a drive letter assigned to it. +3. Identify the name of the cluster with Windows PowerShell. ```powershell Get-Cluster ``` -4. Enable BitLocker on the volume of your choice with an **ADAccountOrGroup** protector, using the cluster name. For example, use a command such as: +4. Enable BitLocker on the volume of your choice with an **ADAccountOrGroup** protector, using the cluster name. For example, use a command such as: ```powershell Enable-BitLocker E: -ADAccountOrGroupProtector -ADAccountOrGroup CLUSTER$ @@ -88,31 +88,31 @@ To turn on BitLocker for a disk before adding it to a cluster: > [!WARNING] > You must configure an **ADAccountOrGroup** protector using the cluster CNO for a BitLocker enabled volume to either be shared in a Cluster Shared Volume or to fail over properly in a traditional failover cluster. -5. Repeat the preceding steps for each disk in the cluster. +5. Repeat the preceding steps for each disk in the cluster. -6. Add the volume(s) to the cluster. +6. Add the volume(s) to the cluster. ### Turning on BitLocker for a clustered disk using Windows PowerShell When the cluster service owns a disk resource already, the disk resource needs to be set into maintenance mode before BitLocker can be enabled. To turn on the Bitlocker for a clustered disk using Windows PowerShell, perform the following steps: -1. Install the BitLocker drive encryption feature if it isn't already installed. -2. Check the status of the cluster disk using Windows PowerShell. +1. Install the BitLocker drive encryption feature if it isn't already installed. +2. Check the status of the cluster disk using Windows PowerShell. ```powershell Get-ClusterResource "Cluster Disk 1" ``` -3. Put the physical disk resource into maintenance mode using Windows PowerShell. +3. Put the physical disk resource into maintenance mode using Windows PowerShell. ```powershell Get-ClusterResource "Cluster Disk 1" | Suspend-ClusterResource ``` -4. Identify the name of the cluster with Windows PowerShell. +4. Identify the name of the cluster with Windows PowerShell. ```powershell Get-Cluster ``` -5. Enable BitLocker on the volume of your choice with an **ADAccountOrGroup** protector, using the cluster name. For example, use a command such as: +5. Enable BitLocker on the volume of your choice with an **ADAccountOrGroup** protector, using the cluster name. For example, use a command such as: ```powershell Enable-BitLocker E: -ADAccountOrGroupProtector -ADAccountOrGroup CLUSTER$ @@ -121,42 +121,42 @@ When the cluster service owns a disk resource already, the disk resource needs t > [!WARNING] > You must configure an **ADAccountOrGroup** protector using the cluster CNO for a BitLocker-enabled volume to either be shared in a cluster-shared Volume or to fail over properly in a traditional failover cluster. -6. Use **Resume-ClusterResource** to take back the physical disk resource out of maintenance mode: +6. Use **Resume-ClusterResource** to take back the physical disk resource out of maintenance mode: ```powershell Get-ClusterResource "Cluster Disk 1" | Resume-ClusterResource ``` -7. Repeat the preceding steps for each disk in the cluster. +7. Repeat the preceding steps for each disk in the cluster. ### Adding BitLocker-encrypted volumes to a cluster using manage-bde You can also use **manage-bde** to enable BitLocker on clustered volumes. The steps needed to add a physical disk resource or CSV2.0 volume to an existing cluster are: -1. Verify that the BitLocker drive encryption feature is installed on the computer. -2. Ensure new storage is formatted as NTFS. -3. Encrypt the volume, add a recovery key and add the cluster administrator as a protector key using the**manage-bde** command line interface (see example): +1. Verify that the BitLocker drive encryption feature is installed on the computer. +2. Ensure new storage is formatted as NTFS. +3. Encrypt the volume, add a recovery key and add the cluster administrator as a protector key using the**manage-bde** command line interface (see example): - `manage-bde.exe -on -used -RP -sid domain\CNO$ -sync` - 1. BitLocker will check to see if the disk is already part of a cluster. If it is, administrators will encounter a hard block. Otherwise, the encryption continues. - 2. Using the -sync parameter is optional. However, using -sync parameter has the following advantage: + 1. BitLocker will check to see if the disk is already part of a cluster. If it is, administrators will encounter a hard block. Otherwise, the encryption continues. + 2. Using the -sync parameter is optional. However, using -sync parameter has the following advantage: - The -sync parameter ensures the command waits until the encryption for the volume is completed. The volume is then released for use in the cluster storage pool. -4. Open the Failover Cluster Manager snap-in or cluster PowerShell cmdlets to enable the disk to be clustered. +4. Open the Failover Cluster Manager snap-in or cluster PowerShell cmdlets to enable the disk to be clustered. - Once the disk is clustered, it's enabled for CSV. -5. During the resource online operation, cluster checks whether the disk is BitLocker encrypted. +5. During the resource online operation, cluster checks whether the disk is BitLocker encrypted. - 1. If the volume isn't BitLocker enabled, traditional cluster online operations occur. - 2. If the volume is BitLocker enabled, the following check occurs: + 1. If the volume isn't BitLocker enabled, traditional cluster online operations occur. + 2. If the volume is BitLocker enabled, the following check occurs: - If volume is **locked**, BitLocker impersonates the CNO and unlocks the volume using the CNO protector. If these actions by BitLocker fail, an event is logged. The logged event will state that the volume couldn't be unlocked and the online operation has failed. -6. Once the disk is online in the storage pool, it can be added to a CSV by right-clicking the disk resource and choosing "**Add to cluster shared volumes**". +6. Once the disk is online in the storage pool, it can be added to a CSV by right-clicking the disk resource and choosing "**Add to cluster shared volumes**". CSVs include both encrypted and unencrypted volumes. To check the status of a particular volume for BitLocker encryption: administrators must do the following task: - Utilize the **manage-bde -status** command with a path to the volume. From b6afa82e9427d0ffa7559754c1035dd8d9925944 Mon Sep 17 00:00:00 2001 From: Sriraman M S <45987684+msbemba@users.noreply.github.com> Date: Wed, 9 Nov 2022 11:18:56 +0530 Subject: [PATCH 029/129] Update windows/deployment/update/servicing-stack-updates.md Co-authored-by: JohanFreelancer9 <48568725+JohanFreelancer9@users.noreply.github.com> --- windows/deployment/update/servicing-stack-updates.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/deployment/update/servicing-stack-updates.md b/windows/deployment/update/servicing-stack-updates.md index 1321e36c9b..69b46485fc 100644 --- a/windows/deployment/update/servicing-stack-updates.md +++ b/windows/deployment/update/servicing-stack-updates.md @@ -42,7 +42,7 @@ Both Windows client and Windows Server use the cumulative update mechanism, in w Servicing stack updates improve the reliability of the update process to mitigate potential issues while installing the latest quality updates and feature updates. If you don't install the latest servicing stack update, there's a risk that your device can't be updated with the latest Microsoft security fixes. -Beginning with the February 2021 LCU, microsoft will publish all future cumulative updates and SSUs for Windows 10, version 2004 and above together as one cumulative monthly update to the normal release category in WSUS. +Beginning with the February 2021 LCU, Microsoft will publish all future cumulative updates and SSUs for Windows 10, version 2004 and later together as one cumulative monthly update to the normal release category in WSUS. ## Is there any special guidance? From c487aab3203211cb2bae8c8eaaef9ecb0819609b Mon Sep 17 00:00:00 2001 From: Carmen Forsmann Date: Wed, 9 Nov 2022 14:10:00 -0700 Subject: [PATCH 030/129] Addressed PR comments --- .../do/delivery-optimization-test.md | 115 +++++++----------- 1 file changed, 42 insertions(+), 73 deletions(-) diff --git a/windows/deployment/do/delivery-optimization-test.md b/windows/deployment/do/delivery-optimization-test.md index 5c521ab0c4..a6dba5149f 100644 --- a/windows/deployment/do/delivery-optimization-test.md +++ b/windows/deployment/do/delivery-optimization-test.md @@ -18,9 +18,9 @@ manager: naengler Delivery Optimization is a powerful and useful tool to help enterprises manage bandwidth usage for downloading Microsoft content. It's a solution designed to be used in large-scale environments with large numbers of devices, various content sizes, etc. Delivery Optimization is native to Win10+ and provides default configuration to get the most out of the typical customer environment. It's used to deliver many different types of content, so Microsoft customers enjoy the best possible download experience for their environment. There are three components to Delivery Optimization, 1) HTTP downloader, 2) Peer-to-peer (P2P) cloud technology, and 3) Microsoft Connected Cache. One of the most powerful advantages of using Delivery Optimization is the ability to fine-tune settings that empower users to dial in Microsoft content delivery to meet the needs of specific environments. -## Monitoring Value +## Monitoring The Results -Since Delivery Optimization is on by default, you'll be able to monitor the value either through the Windows Settings for ‘Delivery Optimization’, using Delivery Optimization PowerShell cmdlets, and/or via the Update Compliance experience in Azure. +Since Delivery Optimization is on by default, you'll be able to monitor the value either through the Windows Settings for ‘Delivery Optimization’, using Delivery Optimization PowerShell [cmdlets](waas-delivery-optimization-setup.md), and/or via the [Windows Update for Business Report](https://learn.microsoft.com/windows/deployment/update/wufb-reports-workbook) experience in Azure. In the case where Delivery Optimization isn't working in your environment, it's important to investigate to get to the root of the problem. We recommend a test environment be created to easily evaluate typical devices to ensure Delivery Optimization is working properly. For starters, ‘Scenario 1: Basic Setup’ should be created to test the use of Delivery Optimization between two machines. This scenario is designed to eliminate any noise in the environment to ensure there's nothing preventing Delivery Optimization from working on the devices. Once you have a baseline, you can expand the test environment for more sophisticated tests. @@ -51,29 +51,22 @@ Several elements that influence overall peering, using Delivery Optimization. Th ### Scenario 1: Basic Setup **Goal:** Demonstrate how Delivery Optimization peer-to-peer technology works using two machines, in a controlled test environment +**Expected Results:** Machine 1 will download zero bytes from peers, Machine 2 will download 50 - 99% from peers. #### Test Machine Setup -Number of machines used: 2 - -Hardware: - -* Two Virtual Machines or physical devices running Windows 10 (21H2) / Windows 11 (21H2) -* 8-GB RAM / 127-GB Disk -* Network – ensure the test devices are connected to the same network, one that is representative of the corporate network - - Apply Policy settings/Windows configurations on each machine: - -* Pause Windows Updates. This controls the test environment so no other content is made available during the test, and potentially altering the outcome of the test. By default, there are four pieces of content available for peering at a given time. The Delivery Optimization client cycles through the available content in the cache. Simply pausing Windows Updates might not be enough in some cases. If there are Microsoft Store Updates, for example, a download can be triggered causing the four caching slots to be filled. If this happens, the second machine may not see peers. Verify there's only one cached content before continuing the test on the second machine. -* Ensure all Store apps are up to date -* Set Delivery Optimization Download mode = '2' -* Set Delivery Optimization GroupID = 'GUID'. A GUID is a required value, which can be generated using PowerShell, ‘[[guid]::NewGuid()](https://blogs.technet.microsoft.com/heyscriptingguy/2013/07/25/powertip-create-a-new-guid-by-using-powershell/)’ -* Run '`Enable-DeliveryOptimizationVerboseLogs’ to enable verbose logging +* Number of machines used: 2 +* Hardware: + * Two Virtual Machines or physical devices running Windows 10 (21H2) / Windows 11 (21H2) + * 8-GB RAM / 127-GB Disk + * Network – ensure the test devices are connected to the same network, one that is representative of the corporate network +* Apply Policy settings/Windows configurations on each machine: + * Pause Windows Updates. This controls the test environment so no other content is made available during the test, and potentially altering the outcome of the test. By default, there are four pieces of content available for peering at a given time. The Delivery Optimization client cycles through the available content in the cache. Simply pausing Windows Updates might not be enough in some cases. If there are Microsoft Store Updates, for example, a download can be triggered causing the four caching slots to be filled. If this happens, the second machine may not see peers. Verify there's only one cached content before continuing the test on the second machine. If there are problems and no peering happens, use 'Get-DeliveryOptimizationStatus' on the first machine to return a real-time list of the connected peers. + * Ensure all Store apps are up to date + * Set Delivery Optimization Download mode = '2' + * Set Delivery Optimization GroupID = 'GUID'. A GUID is a required value, which can be generated using PowerShell, ‘[[guid]::NewGuid()](https://blogs.technet.microsoft.com/heyscriptingguy/2013/07/25/powertip-create-a-new-guid-by-using-powershell/)’. * **If Windows 11 devices** set 'Restrict Peer Selection' policy to '0-NAT'. The default behavior in Windows 11 is set to '2-Local Peer Discovery'. For testing purposes, this needs to be scoped to the NAT. -> [!NOTE] -> Delivery Optimization PowerShell available [cmdlets](waas-delivery-optimization-setup.md) - #### Test Instructions The following set of instructions will be used for each machine: @@ -86,25 +79,11 @@ The following set of instructions will be used for each machine: * Run ‘Test Instructions’ -**Output: Windows 10 21H2** - -![Windows 10 21H2 - Machine 1 - Basic Test](images/test-scenarios/Win10/M1-Basic-Complete.png) - -**Observations** - -* No peers were found on the first machine downloading the content. -* 'TotalBytesDownloaded' is equal to the file size. -* Status is set to 'Caching' the content so future peers can use it. -* Download was happening in the foreground. -* DownloadMode is set to 'Group' and no peers were found. - -**Output: Windows 11 21H2** - -![Windows 11 21H2 - Machine 1 - Basic Test](images/test-scenarios/Win11/M1-Basic-Complete.png) - -**Observations** - -* No new observations seen between Window 10 and Windows 11 devices. +|Windows 10 | Windows 11 +|--------|--------| +|![Windows 10 21H2 - Machine 1 - Basic Test](images/test-scenarios/Win10/M1-Basic-Complete.png)|![Windows 11 21H2 - Machine 1 - Basic Test](images/test-scenarios/Win11/M1-Basic-Complete.png) +| **Observations** | | +| * No peers were found on the first machine downloading the content.
    * 'TotalBytesDownloaded' is equal to the file size.
    * Status is set to 'Caching' the content so future peers can use it.
    * Download was happening in the foreground.
    * DownloadMode is set to 'Group' and no peers were found.
    * No distinct observations seen between Window 10 and Windows 11 devices. *Wait 5 minutes* @@ -112,47 +91,29 @@ The following set of instructions will be used for each machine: * Run ‘Test Instructions’ -**Output: Windows 10 21H2** - -![Windows 10 21H2 - Machine 2 - Basic Test](images/test-scenarios/Win10/M2-Basic-Complete.png) - -**Observations** - -* A peer was found for the content and 87% of total bytes came from the peer. -* One peer was found for the piece of content, which is expected as there are only two devices in the peering group. -* Download mode was set to 'Group', but since group mode includes both LAN and Group devices, Delivery Optimization prioritizes LAN peers, if found. Therefore, 'BytesFromLanPeers' shows bytes where 'BytesFromGroupPeers' doesn't. -* 'DownloadDuration' is roughly the same between machines. - -**Output: Windows 11 21H2** - -![Windows 11 21H2 - Machine 2 - Basic Test](images/test-scenarios/Win11/M2-Basic-Complete.png) - -**Observations** - -* A peer was found for the content and 90% of total bytes came from the peer. -* All other points are the same as Windows 10 results. +|Windows 10 | Windows 11 +|--------|-----------| +|![Windows 10 21H2 - Machine 2 - Basic Test](images/test-scenarios/Win10/M2-Basic-Complete.png)|![Windows 11 21H2 - Machine 2 - Basic Test](images/test-scenarios/Win11/M2-Basic-Complete.png)| +| **Observations** | **Observations**| +| * A peer was found for the content and 87% of total bytes came from the peer.
    * One peer was found for the piece of content, which is expected as there are only two devices in the peering group.
    * Download mode was set to 'Group', but since group mode includes both LAN and Group devices, Delivery Optimization prioritizes LAN peers, if found. Therefore, 'BytesFromLanPeers' shows bytes where 'BytesFromGroupPeers' doesn't.
    * 'DownloadDuration' is roughly the same between machines.|* A peer was found for the content and 90% of total bytes came from the peer.
    * All other points are the same as Windows 10 results. ### Scenario 2: Advance Setup **Goal:** Demonstrate how Delivery Optimization peer-to-peer technology works in a non-controlled environment, expanding to three machines +**Expected Results:** Machine 1 will download zero bytes from peers, Machine 2 will find a peers and download 50 - 99% from peers. Machine 3 will find 2 peers and download 50 - 99% from peers. #### Test Machine Setup -Number of machines used: 3 - -Hardware: - -* Three Azure Virtual Machines running Windows 10 (21H2) -* 8-GB RAM / 127-GB Disk -* Network – ensure the test devices are connected to the same network, one that is representative of the corporate network. - -Apply Policy settings/Windows configurations on each machine: - -* Set Delivery Optimization Download mode = '2' -* Set Delivery Optimization GroupID = 'GUID'. A GUID is required value which can be generated using PowerShell, ‘[[guid]::NewGuid()](https://blogs.technet.microsoft.com/heyscriptingguy/2013/07/25/powertip-create-a-new-guid-by-using-powershell/)’ -* Set Delivery Optimization policy 'Delay background download from http' = 60 (secs) -* Set Delivery Optimization policy 'Delay foreground download from http = 60 (secs) -* Run '`Enable-DeliveryOptimizationVerboseLogs’ to enable logging +* Number of machines used: 3 +* Hardware: + * Three Azure Virtual Machines running Windows 10 (21H2) + * 8-GB RAM / 127-GB Disk + * Network – ensure the test devices are connected to the same network, one that is representative of the corporate network. +* Apply Policy settings/Windows configurations on each machine: + * Set Delivery Optimization Download mode = '2' + * Set Delivery Optimization GroupID = 'GUID'. A GUID is required value which can be generated using PowerShell, ‘[[guid]::NewGuid()](https://blogs.technet.microsoft.com/heyscriptingguy/2013/07/25/powertip-create-a-new-guid-by-using-powershell/)’ + * Set Delivery Optimization policy 'Delay background download from http' = 60 (secs) + * Set Delivery Optimization policy 'Delay foreground download from http = 60 (secs) #### Testing Instructions @@ -228,3 +189,11 @@ As mentioned, the distributed nature of the Delivery Optimization technology is 'BytesToPeers' sourced from Machine 3 are '0'. This means that no other peers are downloading bytes from this peer, which is expected since it was the last machine in the group. ![Windows 10 21H2 - Machine 3 - Advanced BytesToPeers Test](images/test-scenarios/Win10/M3-Adv-BytesToPeers.png) + +## Conclusion + +Using Delivery Optimization can help make a big impact in customer environments to optimize bandwidth. The peer-to-peer technology offers many configurations, designed to be flexible for any organization. Delivery Optimization uses a distributed cache, across different sources, to ensure the most optimal download experience. + +The testing scenarios found in this document help to show a controlled test environment, helping to prevent updates from interrupting the peering results. The other, a more real-world case, to demonstrate how content available across peers will both be used as the source of the content. + +If there are issues found while testing, the Delivery Optimization PowerShell [cmdlets](waas-delivery-optimization-setup.md) can be a helpful tool to help explain what is happening in the environment. \ No newline at end of file From 9663c8399dfbb8654b3f2805edf9b183acc56a80 Mon Sep 17 00:00:00 2001 From: Carmen Forsmann Date: Wed, 9 Nov 2022 15:13:44 -0700 Subject: [PATCH 031/129] Update link --- windows/deployment/do/delivery-optimization-test.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/windows/deployment/do/delivery-optimization-test.md b/windows/deployment/do/delivery-optimization-test.md index a6dba5149f..eef70d1fc7 100644 --- a/windows/deployment/do/delivery-optimization-test.md +++ b/windows/deployment/do/delivery-optimization-test.md @@ -20,7 +20,7 @@ Delivery Optimization is a powerful and useful tool to help enterprises manage b ## Monitoring The Results -Since Delivery Optimization is on by default, you'll be able to monitor the value either through the Windows Settings for ‘Delivery Optimization’, using Delivery Optimization PowerShell [cmdlets](waas-delivery-optimization-setup.md), and/or via the [Windows Update for Business Report](https://learn.microsoft.com/windows/deployment/update/wufb-reports-workbook) experience in Azure. +Since Delivery Optimization is on by default, you'll be able to monitor the value either through the Windows Settings for ‘Delivery Optimization’, using Delivery Optimization PowerShell [cmdlets](waas-delivery-optimization-setup.md), and/or via the [Windows Update for Business Report](../update/wufb-reports-workbook.md) experience in Azure. In the case where Delivery Optimization isn't working in your environment, it's important to investigate to get to the root of the problem. We recommend a test environment be created to easily evaluate typical devices to ensure Delivery Optimization is working properly. For starters, ‘Scenario 1: Basic Setup’ should be created to test the use of Delivery Optimization between two machines. This scenario is designed to eliminate any noise in the environment to ensure there's nothing preventing Delivery Optimization from working on the devices. Once you have a baseline, you can expand the test environment for more sophisticated tests. @@ -196,4 +196,4 @@ Using Delivery Optimization can help make a big impact in customer environments The testing scenarios found in this document help to show a controlled test environment, helping to prevent updates from interrupting the peering results. The other, a more real-world case, to demonstrate how content available across peers will both be used as the source of the content. -If there are issues found while testing, the Delivery Optimization PowerShell [cmdlets](waas-delivery-optimization-setup.md) can be a helpful tool to help explain what is happening in the environment. \ No newline at end of file +If there are issues found while testing, the Delivery Optimization PowerShell [cmdlets](waas-delivery-optimization-setup.md) can be a helpful tool to help explain what is happening in the environment. From 0679104e59e1609a142f622b762c3b5e27de4976 Mon Sep 17 00:00:00 2001 From: Carmen Forsmann Date: Wed, 9 Nov 2022 15:18:15 -0700 Subject: [PATCH 032/129] fix spacing --- windows/deployment/do/delivery-optimization-test.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/windows/deployment/do/delivery-optimization-test.md b/windows/deployment/do/delivery-optimization-test.md index eef70d1fc7..978eb7a4a0 100644 --- a/windows/deployment/do/delivery-optimization-test.md +++ b/windows/deployment/do/delivery-optimization-test.md @@ -80,7 +80,7 @@ The following set of instructions will be used for each machine: * Run ‘Test Instructions’ |Windows 10 | Windows 11 -|--------|--------| +|--------|-------------------------------| |![Windows 10 21H2 - Machine 1 - Basic Test](images/test-scenarios/Win10/M1-Basic-Complete.png)|![Windows 11 21H2 - Machine 1 - Basic Test](images/test-scenarios/Win11/M1-Basic-Complete.png) | **Observations** | | | * No peers were found on the first machine downloading the content.
    * 'TotalBytesDownloaded' is equal to the file size.
    * Status is set to 'Caching' the content so future peers can use it.
    * Download was happening in the foreground.
    * DownloadMode is set to 'Group' and no peers were found.
    * No distinct observations seen between Window 10 and Windows 11 devices. @@ -92,7 +92,7 @@ The following set of instructions will be used for each machine: * Run ‘Test Instructions’ |Windows 10 | Windows 11 -|--------|-----------| +|--------|--------------------------------| |![Windows 10 21H2 - Machine 2 - Basic Test](images/test-scenarios/Win10/M2-Basic-Complete.png)|![Windows 11 21H2 - Machine 2 - Basic Test](images/test-scenarios/Win11/M2-Basic-Complete.png)| | **Observations** | **Observations**| | * A peer was found for the content and 87% of total bytes came from the peer.
    * One peer was found for the piece of content, which is expected as there are only two devices in the peering group.
    * Download mode was set to 'Group', but since group mode includes both LAN and Group devices, Delivery Optimization prioritizes LAN peers, if found. Therefore, 'BytesFromLanPeers' shows bytes where 'BytesFromGroupPeers' doesn't.
    * 'DownloadDuration' is roughly the same between machines.|* A peer was found for the content and 90% of total bytes came from the peer.
    * All other points are the same as Windows 10 results. From 54db7d579b358487346bda0ecc913caaa33a958f Mon Sep 17 00:00:00 2001 From: Carmen Forsmann Date: Wed, 9 Nov 2022 15:31:12 -0700 Subject: [PATCH 033/129] fix image --- .../Win11/M1-Basic-Complete.png | Bin 110379 -> 118625 bytes 1 file changed, 0 insertions(+), 0 deletions(-) diff --git a/windows/deployment/do/images/test-scenarios/Win11/M1-Basic-Complete.png b/windows/deployment/do/images/test-scenarios/Win11/M1-Basic-Complete.png index 14f539ebd1c728d785c4fd8d06c19d72fc9079b8..afff2cc698b4be139b8ab9e11e72ebe653d5e821 100644 GIT binary patch literal 118625 zcmeFZbyQW|+BZxoE#2MSAq@i3EhQ}>Qqmn8q`OOjEg_u>o9+gsrKKCCB{%GE;eC#` z_jAtp#{1{{jqmxx!Dh=^YtFgmyyo?bYes6Q$z!6CqQSwzVJa%fYQe!h$b^GKyh1?$ zzPWLSyaIl}yK2cx!&Q!u?*hLdSwB&I0tZ(Uj}CqD0Qeo%N#VIG92`aX{Xh8l&0{M# zIM@e8*(cgwCf{#CXF599?~w~%PS-|FrQiqE(NnBpWpGh&R0p$Euj41Y)G6aR{W0>M zn2$r+3KvPMfCsPB3`ORt8ROU*+*9?5H}o&^xOcG~-W!V)KeOpglSS1vlu6|-%zwt6 zCL*r7`xdlSa=0+p>Uway*gV>Jak_4j^U285cw}4rFyP|Th49kF{RdA*^&Dutw}KP` zZbBduJvBV)?~g(7G)Iyo*rEc@{`3FfQK3PBH5l7L|Geba)xokI`hC=~X%MCVyr~&` zxA33O_}Ak)sByT{cogzKRQyLP;8BT(ogV#e)ZgvnRzQle!kBnvQ}$ol(8rsF_+M^? zfeUXz63lNf&-(X$em4i`&i@#J|G#zTD0?uO35zGxX0q@LSQ7jwN5tJWqFHgKGCSwd zh0wg{-*e-y;oDJK0bLi}O@a4V`5O@Qs!YDM`QMmcqJvgNm#;>UsrLw>E zneqQ)daW{YL+w9Y07sOc;v*8eyPu3rVh^$*_G&j#ZvXLY1+Z2^*sKUnFql%dwjztx)S5l;} zqFD()m~P?|nf0JDkBfp+*43?owwq++bjBbyF52mZdVeou-0mzMb{S8ysF=)ndnF0m zmaj@}dJBsrS%zVGK-n5D1{bzPt@rj&ulgxlFRFgrqQV54#f(G4#IB`O;L9LTQJ7Y| z?JyT?x$=6uNFBBmn_PKg3i|+pKub|+2brN2dV&w7#*S};ZVqhi4J&wlaMj=0?kky* z`_6wAG`F=;A(>8m9d2N}Gye)y=kB2PcVD^7k=|}t9Wna#MiIyoo>U_^hu7K7jJ$iy zm8fLyR}zi&1qtWXgV2T&=c~_|e249@J0erR8eO6Fp;R{Ok*w8|_Ddp|xiQ~E<-7S^ z8wpOTfXf%q)3x4cJj)g*XH(caGQGP^s&B{EcW%6qhgrfm^`PmF0nowd?fA#`GnqR( zCx>w52o|%i>NC&><+dwn>bFdHKQ9kwm%XaSs$qMMFjjilK|h$lg!f5L#3l4AY~7U6 zj`}-1#WHNY{Z4jWLF3=u6_Hw>og9Jic)$)OK`gN>UArCw>Mm`%MAzsAWr7cW$E*$k z<@fw)HJ2bE-6|9RlMO{Loag#=wmJwzBzK2xH=GCqVZ^97VE^;Eekzbr`XR(&ffm8# z`fOMAonS8Ztt^j**TJH2*0}+iqP`Sm=*6O|dIdVN+9l9`Qqs~U-nk5VQO^T=L6iOI ziiM9>%E1wa3tIyNvvs$cAF=K_zdB;w^*h2sLC(la5?~={miHD2RGyjW-?EqAese+l zFtNO86Z{tPW7#-t)8GC>MQOKuz>|E?6_X@vX6E+i`0KLx>tp-K%lAjOuxoP+X5)r4 z7_|G@4pTfArO<0UZ~VRq!M->gzZ)Vdz1I`!ux2je9f=Vt9mT)HY|O);34J-+cO6J- z79o6u90vH?&)ab3@WLNaL=8NRNYt-!Uhix2$mbweenVtf|Jr{$+w)Qly0+38`~}|} z;|XC(HDzukPcQ@M#~D8rkq|@U7A4A06ClacE)f#@cgko8K_t@mJUhuAH z75_N$Lc;Z2T|MjieHuiQ;89t1vM!1>G!?ugS^6c^g*00OTd4_pDE5;Gr`hjnUk7## z6MmS&39U-|@iIkmj9B(p&-w%jeYia^Hrv}z+Xoycd zAl|gvJ!bIAcKMg}NV=?VpKG|z7<;N_@`i4tSkgpOOjntj=7x;SeX_>eiHu2F?~mX1 zllC@}CThF8-j}EJrk~z5L(R=HYN#Hs6n`ol?Uv(rGT7+49rgkrv-c8$7%QkU)SS?z zQ&O}cz-|a(zq{Hk0w+bvgeFd_Iw_N4QoCgtR16@lW?JXW)!7kcjYGeG8ZE3D9%l$l zm78Q|D6u}>`U0Q!p7{1#v!~-numtXg`CShQ(h>;fFIW0R0w?|1LXv*pVEfNi*vqeX zm7j>h_e`(S4{!NgU#{q`5`%B6xbDJ{)tU6b?H?<1gK=?@ngkQkHMoL9SvRbpuXZ6& z=(5*t6?A7wn4a`A%=O*m)d(cDSd}-0W*~jR>8=WTcxSQHv8_}r1&_r090hK38-uU#314GBwwZW+2i(!{w0#qO5XhtFWc%l6Cu zBDI%2lbE=uvUQY?(3JnZY=VO5G(@@b9k84mExz^Rsf&#__Pj);7PIad0ZW?F#$c#9 z3gsa^l50Xj?-uwWE)e_^MRR}-%kuqI)BfF28W%+fWyGTbA1YZ)ZroA70(VY@u=%k- z<@OidVFeY{nj6jM_(rnG+>BZ_mm!7>x&%LP5vXN#cDoL~HM1F0SJBL&;_*)&E4j~} z$mM_IYP)B^tOF^6hx5+!*w*UF0(&OZ~R%OcFN1I(FEb77;V*K7`sByu#EBKcAq3{^S9J9sPa zjdk^KJ~8vZ51ws+qj}r6$JCU$+(PW#jS2g-zfjyJ+I4I>e#l!MU7{mWYmPYckuoTm-5^q$a@Xsi zaXX3I{7Il+xV9A1=?*D;G(90G>Vc@G_tDH)qvNu~NI|O}8kwrC=tW9|lg3Nj8Wxt6mQMnWGLYai^+#kLpQ7P!#=3CS8QAc!LU1S6e0N%| zw%)PrgJ(ZR}hs;T)ynED8g#EVFWO_c7^2LB1HdYz=D}$QRzSvy+5cnvhme_dVH@UwY0fk%W;QyVX_osAha;HyO4? z1({|+${LeJ^pyT=S z$K7;q12KHxIu#z+{pe%%K92h|@2!e<9>R9F5{xDI`qgy#bLSsGz-KG7IZ;4U9mD=o zvqw*WO~XRxf;pd-iNs>ZEX`E7MMx<4HvVaN&XV_bwgN7NS@u)QNsWjQDD0k6s^d2wl+zirLu13BkC*+PT|rNVxyZ0ch}uqu*lM65H9{^M z3T`jxLp!XeA`U~O7`_!&lB7ClIA=P;svr8$UlcU&Hi%^?X=s`4#7hV}(rC7k? zL7)?_xwNHZ$&(|n^10+S(=tsmp%VX!+z?#A%QNTEHc6FWH~ZTQ*lDqMA`^ZHJcg>( zs-kyhe0#vo7nGMZl_4MGLW(Z~W)?xE2MsC1^0aby-d97gBIrpXeI&!vOE^aoUAoBe z=e8=cE!0$POPB)!*meoJW@=V|;shCps;uk+Ac- zRpmdB5#s%1khic8{QT|)OHU|CPbV{Ln)Aou;GyY4ueF{KWF?k13lNDO4PEsQ=dI z`G%`ehh;zuwI6$)x+^t~>~%ws9h;rH5~+h2XEs-PPnZY_UrGv0O5($)-`&-A{)?|M z?~2~1DWNsG7%e-YJPVM2F`4QYJ0!{WmB+wc*JEv`$|2NPik&cNV_1dOV$BiQ5*3t4 zXCF>1)}afrI5WDC+(DB>weTbx*1;R1bC?9f!!vi#FUc^~00(<1QTIKnHCaTrF;iVJ z90}@#aR@mhLdf0(DEal}volUp+wtX*yGhU%mZEx(-O0F0X9>vTjw(m*N;A^1P9O{$ z&QpGfjb?UySSgd|VG^MtPUs6mtLb;x2PDD9?$@H_w#mOyY%FR@AFmdoQ2k|VOC6<6 zaFQ3Fx(3~%g$Dcd*X*d9?&v7W$Bzmt84Mw26^ zvpQ`EOL(O^#?%|QrW_tCnLk5E!4SJOGm6qbPv+-C9WhrknpIQ}zkt1aHWh$78FUexGnR*{2U#S+u8vYY9!6 z9b0QQz@||3{<_uG_;iPwLOKq<$cv-PO4xYkW8YQ6IW#(o(I2ab+ zFVHN&V9_0#ibaVb!WNu-frH1F)g1Pd5lLX=Hv0#Ls`p|A2~Snh?-9fc0%k28fh=`N z5Qd-8=E(FZFU(r<=J~*9uw=Wg9+y!=AQTI9*=?XlfYxsw^#Gj^e<&O;;Oa!ufLPt< z!5s&={xg|D)RSlCn<&Z(Nh8rjFpUB3BvJ#cb2b)x@yJwugYmh>qUGBIPi6b!smH46 z^wdbtcSLEhx(s^|)`(dUv}RvLzVJ_>iF$$(3};lH6-8l5Y&sFQ_u8uK-NaEAsHIl* zHgR#wOD~?A<)8vqm-ceU0%WKYTBnJYXwhP?Y^P|R-L)oJf~cfAHVbc=VxK>*Z-s5e zd;A&kX-+Mbg-E?sqQVA3tTmtd80gdaeJ*;c^S?1@;6Rwsc1m1?_R0GP@tjSk7&pIxgwiaIU zRG$SW;azr&O2Wi=WyO<5HumsVR=x#n?pQ6%KZ@18me5k~maIa`m=L5=9ApCf;bsrH zDrzatY;1(X)N#bz3>=XTZ50j0dgWNxp;eofrkcZeXShac4wkhx0pn^Ao8vciz-2 zEJaAD%Pi7Qa4?fd*V+@`9?X2d-CVvsw0VP~Ov$SBKomAICn;9tBR20rm~Gt5O)6EW zdP^1hP9AMdHr?C2dYyfa;axp6w*V*QTI(`jKF5UfH{6#?l>(WQAW_U71cj0f9&Vx^ zZg-z4r*nSYL(H*knPpm_VqlTNeivL@!8F8}UjtH_35%%iDI`w4<)Up1+^39u=(mkm z=hr#><<=Er;G1t-5qtd9q@Jn2K&j)$56t>newGDYVB;^GHnn+{1vz~$>wBn)>$ow{ z=axRW2$!JMeBT5BPu!h(cQ=;gXCnS0Czbs-)KhY;F;HgvTDI_UZ0aLf+K17(8Pe`} zJO)3mE{YC^GaL-bt(J~? zfQSR1Qrkh#8SjOrdwb8MfFztRgAL2I2C+PfQPp{I$<4oMnEVU|#Z6?Soz;I*LE?qu z)uIj_HpJ7(P|)Pc|GA^5PEz>l@i$#5liRAh)2xz>@f4{JGr44(QAg&3s)qA)Dj3b{ zq_|4s9j=7g+w`lj#21LB^NcrA)RLnYDLA^j(x`Y=e-jjDIF}4z(zEKV7mov1Ma_^F6`M}w;JCzc5Ykky*@ z)9H3S)aiudk!W+$u5WocYYJkn)HK18B#w>3%)HW_i9>b94rC?0ka=nEgdoI6^kC4| z=-oo9oU;#0{@6S^;qwAa39V*+?bXlM(O00?t`$5S8*pacVdj2C)wzJ9^7r!<56J{@dreWOqyGW-V*Xr zk9#GWZBWb!`ob{DP6T*kxcp_AG-H^v;A?8>!?ESGQ8^rIEs>ZSFkXKZkG>N(8e;Cj zmj8ZCGEB0jVD6n8l!&IIm4O{fF!=6usoc-PM$7~0gV{Klf`{K||%N6aA-g)4U!1eYWt1iP=(xZoW>=J|#G@xp*!FQyzxd zUU@W@%)|)sL_;6N@>qR0po=v6+KBFt+!Zodgsoe1Y)g!_q#Xv)%BSBu#MZWLK2+hN zJE;53*qb5X?j)u2z;hf#D;~R0Zf7~ktT$2m*I3r38i|TiI3(>+y+&YZrvG8BS>Nu! zhp@-0Y4Q(|f|+Iv+!B+N#+ZWflWTz5OrWP!N5I#o+jTcR0+Fo*)KqT z^pQD=c^$0)beij?W82lsyU}>bJFlO6UvC{+H5LF0v)*}KE`*57#K;9g$L8* z^OL~&!fr1{0bO;XK#|{hb0{^O(x%bVT%!zUghxlGl2yQlNl%6{}N|oPi;j z2Kf=WfPxaYxQ=3B&pQk}AchV{5iK5My{ zmB;N@Uvg!_cWinKa2+-wsTV|pscd?c`ZamoFsr6V{;Qu_H87Nw7`2we+X!oo8d^*p z-Z7J0H$mJfCS5{5?*WRV-@#&IPh+J?s}JzOxY?sOtIGXM!G_)qx`(oWO}tBlqUuS& z*4}8=Y}WZ^B)-AGQYoZ4PI~z`4UwhB^e?`Xm=WRD)Z%0{oa*6wfTo4q(Qm@m$e{z2 zj1lKgfh2(s!4P8qyxGG6&2o&hy}~(A7;N9Lo#PA03GMcCAH^CvJUKUJU>TWjABXho zuq9}|rq5;=jI9g2sujD=iFO(`@k=XV&7duOuIS-W!4Mak*_( zz@^!Ir~-*CDAgz*OQI0Sa&UJYj2L>NH05 z)LJ|UYT?&TJ^;8E8bXp=c1AGS#?v;M=XJ}5H^zHz&H;AeqXR@?b!^7Aw#?~DcJF4) zv#z2Yp)RbgdUwRapqRerXd#nwvG>?6WHh5gUF=wvLp+~GW#FNO7qfeS`ZH!iLXWma zVs>e!RHhe;0wL@+ulSpU+w#Yji@q=)YgYUU5ivaX;w{IgOVbhN)}V5$u&(>05QjSV zE#>Oy5g~s-!)ar{?ezd3Y+dqheTQolj7cU~{`^x|DAO_1NS1{ETdv28PTl&vG)cHs ziKf0k>NIU1YjMzO@lDjY@9VadlcQ8cECY6n4afG|b7(29L;h5vf0p=uG)h;Z^|X(`q#!j+LRK0#O$qN9KnOzV9-*d zDgBU6V92tLcc@`;Mb?X}WN6{L*U}FAYdx>Z{B~q=0**lmD;Sn9jTh3t8uyZ_7f^;% zc2|=O=c7BonDiw$l;v`rcI>_^jaUqE6WHF2#|MOP;|U>Xc$Ii zdbDw&^(wuttZKg#={b2PBL0xexG9B=B~y98Gn;-hUn8QvU>uk9FD?7tr{Gu?*)GJzdGZuuY1ZVg2;*AbF<5J}!z-VOy{PGrqlgBye($j0RT_BI7!vp;s<4H{ z+;SN`3)-8NgXY7L<(i_;+xH}D<3r10LPf7PMsA#|eW33({j80sGo~Q_2KdC1kxrr< zJ}(qSopo!J_9;5jo9q3m?J%4}g-zjCD9gd^x? z^FfB$4)n_5{;+7N9?5qx$&1_ z`O^KJnF-yChvbTF8(V7zO9$0XF#_gd%Wz#x%ffg!UyAZAISJH~PBbH?Mb|m(YmXFX zxi0q-f5FI3T7Y0(fyJdV(C5#L-aD^`rfM)GIFL3$3(y#J>wMiw`=JQ2rLLt`-|kqN zQ9i;bU%*&lp%^$5)?gVsY-`TyTXixRZw6sm#S}(HV~NGlOaiui#=}P!zN{#u?e7fJ z>l5_iiQ71Rgq$eWGrL8PY7g>{`8Fz>52Oho?kLL%e4~>B-%Xp`Y+i#R9V9P1vDT8B z7@~HJ#gymL1OyB!D|#Sz5`%V_;^ID=se0z(2m^l9Md? zQCjgNeZfS_#nqX{8;xFRL(}-90;@IJHZbiJrwQYvty?x@2@!UQKtF%^Njl(gm}9MC ztkP*s&u%Z4N6A#V+@B4WNhhz#uL25EnNgc-P^I*jdkVV_MLVr|rb#fwnaR8eE}-)i z0US(T21w4rtUh5cHDpx2A@b6(NR$$t|ZI+8Cy# z@fw~x&+w@OL06mUekPvZ+*3)kn5W%oH*I~%uWQelsxX5B3aupcLnl94;%k^loEcj? zUS)W+5wX_Gpyam*wCLdO!iSoeY4PXsRSSt%MuYr}Yz437 zQi*OgtsQ=g1%u#(>!i%XA{beE(X?f=%HA&gn06L$w^^R4#&0SKmDRb(EZl% zKDH~qHbiuwX!v=ds3wCM))tS4r4x!*!X-mxc;z94R%ErxjQ_|#{!{%#wu{4ZzzxTY zoDRNj)av5at}#yW8nd20FArb{Ea-j2n@T1r*vtTVs;jqQc}yZIg0rz!)mU2TTH=(1 zA1D1n9i5Cq(eQ!7i~PT&3t;p8HA(98(ed?>Ya3N9;{{z#b1u>vun8o%vUEIF%M3J5`^wc$e5?XvzVo#QIzAqH(o>O(KUae zoFZL3##zf@GJ^Mha0YHGl!?`Lm+OZM!D614SpdE*Tdf0s&c>Ip9EmV8Bk!PPk#6N4 z117Df>hUsE^ZHLTTo667(?at#gw8@g)%Unq4%I!?N!MN#*enW}OXo6;BOE4x)K&9d zi`%k=jD7EmSFqbJl-wQ#Z$rP&eR8cczF!tBJ4T4 z{8TStQx{oy++-+x*Iso7Y*+6|W0x+vp?o`$Lnx9#FPdYe zLSjVh)05y6FqBW{31^lvLo!lbX#N=Fu)+(Sj00(cxPj=GUAaRFj~J{k2bGLjR=4pL zzLQM$VKs#7{n+*T1Ak|B?Gagqk3QK3lsP@&k6xO>wWixEl>RNcy zw*-XZq*OdOVy=`ptBwhF3Gzr@x=!syA?O>8`=IMdFl}a$V*z*zNtQO9Mr^}tj;xpQ zow$tFoOI61)DgM13m~PN@K%ZSA-U2tCtI?g$6|otnsC}VO>9k`J(4YObjo?8o0cZq z{A;9M03-FnawfORtYAHbj)t9*qI^nTp^Gk(K&_xJ z9g?KUOm*EgXXq82ZWpY$@mL&4t(;9yks^$3XubIi*!40Dg(h|$PwLKIB=!J9hmv%1 zW)aqdMds5<$CG2+4&CIE0Rhn>lRme?5+Cibvr7&==q%#f@GtJ%ObXSH$>B&)3t7Q< zOC1VzxH;jjT+@4MMOJM@*3QQ&N_5n25}>cQ#QgCrJLb3{fr<@!ZSTK1u-|jW*5aDK zEAPktC?3{XgeZReNg@(+=h6m(^e`08)BJ?qxAE}uhgwkNlwE+~vzt$A`Eh4X9l~=E z2g96&-eitEn$+MZpWV#q6_PGUqL{0`Sr^)Q)Jtfr*JTgkyNKiW>)ym~bb~~v8&9E+YLHC4Sode>)Twj!)yA6_oN-|Vjkl2LbN7bnn zSX!HgQNAufudB$LSOGcI$~l47&7 z&7cW255;5gI=9 z-Xz`Q>b^kk_lFnsuWj53n;78vSIw-s{*!0ICH6(=e@F-$vg%(yk;W?=IKBmg!y8{~VbYnH5ZXIh*!hIvk7Y7H_4EfSsB~2=F|@ zr&G_=zky)4S@xJZF>>tdx#5&e0N~jE@{Z``*beY0l>AzTiB3o#QmY0)NGKyr7OEPy z`CVmuE-Aj^{q_?uP39Yt-k z@5KRq827TN-*N9qXS5NSbC42sF!RF-3*k~}tX=!vr2Brn;LzMcv2?fm9B8kF`0q`z=*AsAbipuLTg5QzXg+LHj@IvG z(!@2%3^<>&uHYg|Bv)SWAt9(r1sYBp*sX2^H=4BoZqAYaQUnf&I!a50H)CLzhQ0|~QygH@bKZ(%$|;_W%o)nZRkQ?rvS4L7^0evQ z;oZq1O$ATZ(a%Xad7osz_e@^K?rLACrE%g*W=woJY_{f}=0lT-(fsF{+}Y4hH(AH4l5z;6#*v<+Ws#k? z|C~1Dcf0vfzik}X6N`fNk9sMyF5DeM_F#dpDcu9{`flGYS5Cxz&$EP_5wiVGmT==~ zXU>1lnD$E+sbnUBs~V7?B|U;~%Vxo_PZQCV5P^d_A|-vxb12ssqiE|dI{Z;mt3nVj*^liFJV^SY}6jdbH8NCtDCfPZ`EP|#!HgaC zj3aH_G+(h}OHblZY(4d5xf%!{BwXs@m#G8ZCU1SSSS(08W`KOvDz3igWi;Oh<;Xd# zw2|-7^LFjwzIjk!MxQN4PD>HIqj_3kyfaoV9Ri(0?-5_JxcXM zA~?38Cq+QO;42~dt+cVzGlu%MXX;<<1lR4e9r6)L?YL4iSt>D z)B;3laCxa2`~zP4;G;p$5jXunL0l(6l2vuh&lyc!ujs7UQB6U&Kk1AW7WwjO0M^GR zDN+Tq{I(M-Kx$WYF9UaRb+*ml*RD@VQGHyOS-0kN+R$+m<7?=|mEUMO&AR{(`9EI3 z019B!bAn@4=9a_i3C5Bjw%P*<62Q|<>zNvHap3u@JvS&GD=bvyyH!VK+s3P-IDW{} z6^_?!-FA%*`Tg==aEUb#EaeiIpV-&P-*^ipMB~K2LE(bP!Ow;T`$hS|KM>$$v)+5# z`H5lr(}pioZ(a(Yvc29XK!Z5<&XIZ9+69QKXl zuDAG)N?qiHEIQvjAaKa`eH((_D^0nO_Y&Fa*{RU*y$y753D0^ck@X*O=OvPo1xbbP zM?t%)jnVxWTwPHxd{5zFqByPN zp+xAIS=tsf175$)#jeYZ#jZs24kmAt9&{AiqZtDSe;`^6jArlzs}p`Y${Kv8+y+>I zA@c*PQKww3XIh*`z?g$Ux`NtW)e%c^DVsc6>TIg%5l>hUM0%`dm+5D)M<1hurr%Qj zU8n$XU+4fu+^0`Uv_J7&vupHrn(l|jm@RIX$}d(z=|rYnVvu$(F8?P4vJsP}o)RM$M7evs?t zktoHcvtZUN68x#8zAJNq^}UcOlCa z@Vo#ROMC&Ncd*aoSmA<2c><`9ODj^S_O_KpW|cP?tM6~lk$Y@EJ0_ThQ}L-IgqEU0 z5L+j*S~`5&@P)cBK00E=GYt>R0utr#kr9g4B-YJ;w-m6$WOQ5t^@tA%`sw!E`hp~n z7MAY>Z}Gq(*V#~?IAg@M4%dO*BcD%NAyn{g2MhI8KMeZ=5;qi^>T66VCj) zklO=jN(_aa;orXJ-;H|j31BE6>*BvFZ~h*hzPP_o#`5&m=gdzI3lK6Oy9Y`M<>M*8 zq_+QejDaC*2<)@VeX(Rb?#FArh%c(;{wF%?5RiWF%bt%LSnOou?gsYRE4evrr>dFO z=zZ10OX;(d>wDPhxzytQf;ct@(0sX-7LNDL3_<;(4-n={9mpy48(lVm-A%yv{5w#W zn|n2>E_u6?A8+Ed8VX3ZXEOn{B*QzRS_J2z9RQX{<1!5ZsvvRSs(9W4?bnRVI$=6U z2aMcq1Qw;P$^cAw{JJdhwfdPD0GDVy0P)*(d*sJ_9b5a)N8~~Y^R^3cXz>4<2m z^$|cu_ya2#?Tvcn z`p%a}s}QxP$P3rzqdP2}#+~`^?c4;#I3M}pcF6&%87+vSweTx@P^8RCj_<)-I|%mC zYWRdK>rf2Yi*&=|V74as=7Ua5;7d+9q!4I+C^}K$LaBqbjpxO|H${vWZLa(7k4!d7 zBha-GNMw0lQ4DJm_$XK_r{ka38e!OZ8_7}!2ZulWF;SvKq=AARSMsb#Ez5c4A6?P@ zmE~Y)(bK{v(9Whxo|TiYVr~$(^mLPS1Of_fI$=$edLDfX?=4UpX<#ZyEBq2Nu91hI zW~MJPX-4?bp2;X~vPiv~Q0I(dn|=u^Ud}`gk*-x1!9ofy9E>`;u}!!lx8gzlB+?_D z{dtnX_RCJqDlzgkwI1-O1;}rkagAg`xI;-lQ6}LXm3wp(BdCw`247wNqTwk zigXj)qp^ejSOAR;XRzy^ux8fj{~gv4VE>=M8b?(v=9<_o*7I#x`B`3>Lujj7?1@j> zh+Om~F;Ff&EKqPwSK%(jn!VX&DTwY6C^*49Mmu;u5aMUp^#UUKvSN}z)?5JC4X zCUqMi$9q&!FgI4efuS2rS@b^A7$0P`bb$Q(8M9ng{e*6aBP-j~Yrw^#764TFxc5Kx z{&S(lFx<+IvR8LYravjBphk5lv-Gv<7dbX-ZPZ`24TWgz(tDvF^(j z6AXa?eYe$(z|%D2>=X>k%6haG?-rErssb4Eb-4+ndUcLJmlT-EzK!%I@y`U`GZg>c zMu^1`{G+XU4ljj#_|w7btD2|t+yq@64js#JJ>T70fCSaA-=^P!=_>Cl7SAy1cu8>WKCLIHsY1#$^g9v^4en8cCHZ2OrwtV5C(NI6#so zSwn>AkKr9+lg?M+dzSQOsS~1!Fi}^8hCvQb8_!d}ABJn-J5&x7(WBRkDXJ{8Eat|G zpX)R1297b6v1YUm$Ts0E3s1g)pI1{P zqet1QT5xxPKp}9onl&{s#u_6n$I;S%U-<`rDXVq|plmRtMmD2(agS0M~WW59CNj>5wv3+qr*%GX#><`i44tHb?$m z{2?w9Mcj2dEAcqyh>R+6#mLR8HJDTQd>c1Y*w@ZdphKd_0xD7nsY!UP`WYvYC`e9a zxDTkG(Xr5f#xX2*LGN#q^fUPjzuAy8Z=~6%a$N0|Rn2>Z=&qRz6J;EY4y;q>M1+c& z418EKW6%T6D`3~x7@uw|Qf$y*->BiR_0SL$Xy12i{voJ#o+C6lJmB+}QRZJMjMDvv zVsK%}F}|e2$P0E>W6h+dI7g2lM|wl5`6W(=Aod%9L8O$N_Ewo&Zji$l>J7c#oVZUf zzwDJqaVEQ~7y1;G_w(R}k3DyBTRL(#3QWnU_*^FyNCuXYDo3DuM)&1>b2!}B4L6>n^f5(0_ZrzKVK4<~2SbMf_TDStzz`Oq%e#yAQAsv3 z)))G+j`Bk%#3e$xzPZ^?NbM$;n?kqTOgH*CF-ey7O=Lr)HrMk)+(JyWF|{OSFuFdXoA2} z7-{SCIKEL91*8F%D;MTkO&&&pXT2_|7??q|+^pYz;^0IKW>RTNJ&xKS7z2=dO&riW~Q8GHWf zLXalyy>2-8m|Bw7Bxp;1J9IHS8AU`UW+oN-wjZ{w7htH!!B6+!jSlL@WWKuy8 zTBC@xDR^Y*B~B)9mk)T71eumf2}oAXbzglM95B5)SRox zazAH~1Tquub350|C-I0?XM%val99TPMF50w|iFb2N_zz??x#%RFTBXT8Xt5M0 z?g*Unp(B^IOHB#BM{4LbAI|MN@BalO89CGg!FOjx%o`)BFG3@zvAcUA}3K-R}1G1Ae7VLwr;g>D1PO4qmDzb zd!-JZQq;r#aH%zyTW7hPxcgqHBj*aO-G=xN_o6xMv!{8s_drJGlav#BT$ply45si+ z%rA!!>2dg_&KeWUpmaIK#o8aA0foIdgWGOF9Ln=)6R*q+QL!DRQMs43Vi)carzas^ z03cI%M0Svhl#*w`JcZ<)+wyozB2I2=%FmfrCQ5?f*cVEJ}Z&&7%50-|Amz zb4736OE!B%=m`0jiUwLsUI{wg7v{RqV9^`g|DuEwfOKEx-v)7{xOoccfdtg0o=L^z z1tT%;n5|(mJk3LbLvD@xLgAbT$YL}ZDIepQNPOd*#vYujQhRATcVAkEBb3p(+X8DW zyBbaY9UNb>5JCmFGFg2uEAC61Hla7(Bd&oN(pDA77s^&)t~8z+;l*~yWg3+6|D}+rvZN;RbtV5i7c*;Ru z@@WVEIkNw{hlM;)1u|O$VfcG0{chI(Re<={kyi1>cK!~#Umh=i{^<`r?l04;I-0Gi2IX-)LH;3w7voN4M5&)}P06GpO zl~XTw!j~HjENE;W55Kb|3qCLvRaJQ>=m1cOfG2qya5Cr3^zbYL*5!QpcwOppqed5i z*fj1Xw#%^q&}TNk4KAsiPhsx%aX%Fn&q3#3h;$z~x~XLRFPZF7f1&ET`!frM!1svx z|6C}0Qe}=SCFFYkeQwA2EE@S`y!v-L>!|r>f4}D-9%}AKb}A^AE1BCP-k$>2TzWd= zzZ;M`J*^J%ylfDu<5cOo-IM+_T|+fv4xBy(9H`X>V3xNmyE8hm^0}rDi?`p>c7!bd z3xgKJFV9pO8#ZQpexL0WpJ0`< z^@H|HaY-|Qo0qtVmXgqXboLJ~@V)qA3{QIS)K`)*G`RS65X5miR+%^htw(N$e8L}|8lRBK~DiXV>2MKnK8%g^7M+M+w(O;k4U&IYBYBHO5>9VBnLki0_z5Nwr?e3 zG&pj&nSeWXJ4x2$z61Wk{@46yyJ`%_xdlZy@VjUmf9YlBH|Ia1ITP%Y$Ov;W@21{X zjjwljH~zT{uNBP5Pk66i`Sa8#1pv-vuKeWANT-8|{HB213ySqcWq`Rf0JEc1W z1mQ>sNVg!32uLa|ARyf!C5?c9h@=9F`s{{S%q?AEW|K1o)Y#kfs2@+|__aJ+WaAI_fAc#_AB3@M0oo>t?#i zd$A$uE|#t1OYLsOj&gFheAMm4$OE7i8+#0En(f%* zp~M|&TC<+mff|o>IODneYt=wwRz(7ck(b-tFVORt7~gAL$-OI%FHAqbd$oZNMN`Yq ztHr#3xc~0uR(CYPl-6pBaNK!y(EWDrT!u=n=#UZy`#QI!7N6WS!qOO~#UdZe0D;+$ z=|ILFaXcsew!Q`Th=|rTBm5wem^Z86(WAuM{?N)JJn?)DCnQr1Nd8Q_RQ<{0D!xPL zex`~JJ-3NPTQ~?I&FU>0f7hU8B64EbQ=yzv`ND&?vBs8guwL-OWcBv59o>Zxd9~z;f84L4tQ$2b43NaRj;a?9}#ZJF~6?aWz`+b>8*#AOnEEc zmru`PgU&Aej|NzZ^f^%6aGs)zLa;^W7N;AU8f>?D!%p`C4iOM+UDbrrV`ZBgsu&6Z z)2y8j4_$WNEY=?%aIy78JLSGjpR*Mo?}J&$viAIVK>Y&-UI!>yfik!&f{ifQ7)=6@ zH3|H+nNMG6gc}!Ju!V#kKu}Ze|2)nk5NGmNA`ualVpsa;h~!^jXi9YI3;KQUn?Kn3 zb6@FAs(ZldRrxiE`|y1@fu^X-@c0w7w?uJ^KTxY|%}~uc$Yi&W&i6f9_VlHh+%cPpBOmCY*Qf6&xz>7C;%*LmwjA z|Kb;=^5Db$@sZc3r$5av1OsHul;|8EsTD$`TchK~^l9#Z&>n4u(D-f(5F+=v zuF`fJ?PgC?&AuGrElYtnj>8FE+N@JE`9tQ(1glWo<7c3=NW{RPhMQPHj~|g47yHvD zK|)_ebX90eTaFX|u`=6xF?;LvWn+}=SlW=o_X?5>A?%vjFK zeh;I$2zB7@>@1B?=WG&GHJrR%M--zM+X}kTH;>=h=RG|>&*iSiWxIyxc$vq6fX$fT zC!o1aT~AshAX+idi< zrTzixtB|v`hwtXn4$zgyQ|6>w#U??Od}fKZZSS08j`!bZgf5y?h% zg=kqFh2JB9sKonRPnOl5b%i^+Vu+C+v}YKM_}gtJJ&3VgV=dNWTnkIOnY?=ra(_6e z)YlCs50h-sT^|j-!VW%5dHrp=`sjnPvoKhm3L4B?_UmQxb-W5mI6cJ($mnpT7ZX|G z8Z~wL`B@sYZjotjNSOUDpxIvcuoL5(I^VkCi1n*SuMVFsVGzB(f8BD%iY|c`KS`u? zkZdhh)rr(z^i;sekTu=qQ5Mxk(WYm5lcpL%SzBz*>{XT>korGB(L=>>qgG>g0Ar*F zh4$W)*j?qe_@dhH6AjuI$E-^k?nB=u)wn&GH*YZ-Fs_8=*I*>I#=T4XR#It2wXD0Y z(T)7P)rq+j>gw~F@iCKYU!p zbXapp8V$>utK=F_lK*^UoyR|;@rz0bhE(%AHR1EXkH8iG)X0KG5x1~E-*APGGKx`E*`G#1XWJ86Hq0=J! z$e_vf)W@MsD6R|GRR}_QgxAx&OsSviiv0Y!^6R_Vf-C2^Z{!sDH<)%f=LQ=M(uvRX zOw+8n$UI~+ot~|Q1P_`CcaC>cKgnJ1zPv(ol$}R$T}0*>gT#t86m3T~O-ulEWZmSH z8@|?6Mq*owfA+7kzEYN>STP__B)$9JvK+P;v<|ayC2mm_r#@8e^_m@5bn%mRM82PN zoW&d8ek%1iLx~uO!?4I>NM+6xTuCy0_GIyC8S&gbkBeMA!c%lZRs~`E77dS>yPO)c z!rWv17vTM$Q!ErSdD_ikhs^3)%tv18SU3*5$z*AivzZhDXkj9^MbIPWzeyri%S3D- z#P)s|RIzW#U`V0=N;8l!m%e>j#Gk>+{v)FG+h~~$jr^KjnTa$(2Qmu{h03??FM9S- zUA*+xkayNxV0Y&r{vs35b>Kor63e2))c;^4sc7RGporGYm#W3|qAWyz185SeHO%|! zx8KEcR|a6Q)yXs{!~`EOZ9aThu1k`#?_xswg>RmE?L{G71j}UALk6=4wwX#M%^b2y z*58TPLwnmvFE2wE(9e?x0`pu#`BZ)Df&E-M`$3Nso-)PDrNT2Tjk0nfLrHI;Ub@!LJ?7keIFuZ2~;V9n`0O){!1`xj`FL7e^VdE9~GBqCCF8 z8@ieGp&^dGlkM^ILLNP~JNWuPeJ;*CM=go63%U^#HK`-5Omz36QnN6Sp9>FfqehbWh>9L6ay!GW#ppJ4jQ=2B#%=1MeAmQ za|>wg&77uRM7ak)Y6tbQ;VEQ|57>jJ$KJ(KoBgANN0cS56T znJmPRp55&l323S*_Ia+TMI;+8rmc_f+RQne%G=I^S<6UZS&N>o%e*6YLPwFXKeU7rg zVD4L24m-tNPM!i~C5||OF)?vU^n3F~hNL``w6q2J<+T)Ox zd)!05FN{hjDY-Hwb~5c$vaN`HvYc$jFjebAYp?TrX|4AZTRC-(wri5^=L2M0)R~%7 z86@`s*6>{-ne?V7pJJDHE&Qk=U}v1$VEB=yUcvgsCSKu_%X6m4F!6C9kKmUh&h=i` zsEr9nd%_*Rifw&jLL*4Hvq3$8h{bewMmdr<={?=;fcAPU+k>eXo(+cs;mNubz1~qZR|VjkTYpK!qwBG9z2v7d^!yZJ7D;>Y57U6SQRW z-2=#&;;>?dKa6A#++L-60gaU*2Tg@YMt!TL1AOv`{>>%#5{-E8NImKUyZjy7qd{k1hP)EZVHc1RryuetHycJC^KWfW6tQSL@!u|Z zI9RRozj|d{NXw^zm}e~@*%!S6__NPIo-+y#HKk08(#9 ze*3ad-v6sF9^8+g*z<^lggperUw;NDC;YK8U`n`JRe8}E5yIcVM7cnZ%l8H_9e*s$ zalI$$*UC~xAfyl&80r8)!J9{3fX;W zeO2Kb;9cIxnb$i_3qB~T&n6(~2jZ2kA~Dc613U;%vM*&*z~Se>2dzz#z8?u+q8=-% z-fzCcl19Z%CtVtUhV)KR%FEFbh<$SdHN2(@Oo#YZQ=~PTXp>i z3b-Hr3<>hV=ub?<4@@(W@HT>ByCh>M?YKVO)+?bbbtXA05G6c8N&VBry{-Q4{xWHE zgC5V3%&jGwGI4o++OjY09t$t+aoRZ8WNSfr4J6A7yR9p*Vu5v;EZ1riV7Qyh!0?>x z@=L$9fS=}v$Q#O10b@Qx&l`~wrsbK^@FZQr+7Iely_B3oB>2lAq@H(Blg4}5Zfd(k zd~ehd5sJ*U@7J0+B%7AezV>h+CrR(M#wLlXw5cp#JmbTvjrsxdkk=%f7Ss}BUtk{^ zSW|-Lw{o&+gvo=q_)yGvttQYxU3^$J&06K|gsn+xPyO2Aq_<)mboXrSQQYK{aK%D? z2F+?L0S-t7xhvG}Q%$j#)f#KJ9uNmdOCu}o`-|Zae=GZvX`pWS!gc@%JwZbR>dDwq z+JjkUlEB;;Fqq1AaSUwlr9R=f)b=I7&Kgfu=XmWsw;V}+Q+rur zD*Hmlf2SMa-Z1JAtdKn8cn3eBI@g;tXw{ujwLXD~YWA6-ku~CM*Wy>p^ZHgIO{(w# zpx+*1iq&OOcx_9lW6}uRZOZ;~%!;oQ?H_i^P9JR!G4%U>n&X8lOzEF}fQ0e;?44Az4askT50++SYo0nsf6pvJ`o9~H6IfOs^c5yuRObX9!)l8z9g6(0e zTTylEk!poQhY<0?@l)>afhP#XZX`9$h>dsnahMtH!c&?-;n`A@xbgi_#R{_MbF~nFcg@I4K;`(gLkt+Fb{qgB`m?D^Ma_Y35baLD!7HN>!)HFU@!i@)O!9$ znc}E*l@f*hr1>9!Xx)-fskU-&-b|mNelNaNZNKgt+)dtf6VzDh@Db-sz7&=6>Ve_Q zB(%P-a19mT>pxejprK>_9SJ&gT+b3wlt>=;0O^OQD2{%33$TG&Y>qswH2-cF7Whpg z)TGJPC>bv!v9YK^C##6(oYUrW|;az)jUa zB&}(0Xof^CAWHt`Ek+`;*>)(?PXX|xjxI4$M1&HiDUnwD#HJQb`hr_+)4b+fQF0D0 zv67AS^vxu+AfVF7?89f2goTgkh#zq#aKFCrqNk{Ky|z$EzlJqMb)JTyQ2U2QFs6+l zSf7jD=Vn8!MERa3z;hP_J>*oA$0-i&eZolm>9+<**12DAXnxjsbN3&!^mdE6BIqz) z^d+h0=~nHDqHlJ8<2qm3zu&koswdKkRtXBm_O1#xDYot!uZA*>Doqj(gFB>g%8a*#%&i&!;=?M4>r|zTKDp zoQf;jm_-+pj#i=YK4s+*ur@lFg!FWUYa~I)L@zA_Lx`^P+a9!-QI!yHW>2$a|elMJX zp`!NAHCPo2L5}LUJ4yV^HLh1Ps)f|-l&PnhmW^RK{zD(|Pc*tMk#i}TTQdyQU^$i3 zWoZ<~ftHyfu9sSiP*!8M#aw}f%i-L&$h=CcB62$#sJ#6vzXD?6s5LId_TbHqkw=4< zDIhOw(JZVJOv1?oXR^CLH;cpo5D_IP5B$Bv%DV$efq06{3+VOrd(0q@dbMSA8oov9 z;ef8txM0-3@CMi@<-cDdSMannzRYXU9 z2oxkw$ws$}W~3EY`qUz>z5<#3kd_TQb=$Y~w-9c^&rH;?M)S9|9+Q+^rGa42s(KJY z@X%1^nb~yL8nXuol9}vG60#-x+`jPdIVZD(0J6A!G~_(|Fd3n+Xp2uJCk(r)rDlNu z3<233maV*M+qWko`?q=0VUu_tkPC%z;TlwfT|+`Q*9qXtL~G>01!Ox zvVY15;xHEg*s~ABjNkM>uzYQ-odAi9?Eqb}KadpW9AlaM$16s+Te5UT^#m@IB0Wg> zN8ExcL*U~w}J9y{C=dvgfMTG-JxZ>k3v|W%DQ-;Btedl#cv-44_Hnw*J@Z;pU9@z%Y_q zqZrI1;CQFY^$0qJToZwKTDmyl3`w(~spy8L{P zF)#=i!V@n* zrUp&GMpEgn%(H&WvFwte3&F;{@dCMk6*&q63Ba3i60K>Di63LCedEO^ACvsH_V0qP%Y9C- zFWYs~I)D}t3hR@&J!%$5mveo>$X*MEHZX<~D10ihrocGkXrN1g$qr=@#L0h8WUzMP zD6N_yMqndU8}a?T!@9ONZ-f+?3@0N2B9kjKjBm={nCNiTlOgQv1S>fXlc?DBcKxLY z)_;!-1s*BLYdHh}aKW9Jre1*Ey!J#6@T~oRe3?CGWT7vY?M6V4SN#&>b3;^)#Z&vVdd|s1(x{d*aiGCx%lnT zYW~y1Ce|Cr{z}R(sL=SplYDW09Mq@Vz7ljik~8v%Ff9sKVK+irwHy7OYEf{v$z73D z8cBpjX5Ob9?@a0g1K-{frn~G=lqC!iID$+sl{WxITBv1T)h>aYqELKTf%JK;4z$11 z?5GABw=_3=mCoCOyiLam z#B!1XO?5Tw_TzFvbXe0V#tWYL9%64}<-fC0Sp~_^j9--mDo+&ye#(~$Y-%31Ij7c~ z`c4041pZpY)FH5p3-Mj}*&H3bG*=^r@3fjD(vkcd3{!jdj4?3f+1 zcxHym{I++t*DA$mQfbH$7JI0iW~M$e2O7T=Z~yl3xv?tY^_>Da6&60ePhEA7aBgU5 zzYRoXJW&ZC=q7w0yyINmrcW|b*|;7CWsYUT!I>XoZmDo&n0e z*$H&Kf^@Vq2@}MJikz2khY~w=x z1zmPW8O+$at+5q9J3zCs&Fe2 zdfGNlqCcbi)tVLDKYh0~|Fs*9S_95;9rk&_>DFXHDm&VqYC`Ss)q=5K4Xz$Ym`1)8 zCxe~sMp6W@HzQKk4%>ogub>7q%gN~#WrT3X_ifJi>#*WIynuRXgHQa|#c^FWiqSVQ zS)k!n*&a)g$B%1ClR1($`Dh?JQt4&w$vj@9r;l1vZRZ-k?*k$6D zogAiY2{aNAN+YD1Ie%)AMF-Q-(ec{USPC9h>}OLoy@N2X^qt2H zK@1x9@m!S?2NX{LOZVKXWlf>uz}UJ#G)g7i>qYOp0;b!Y0>| zhcS#flE(PLhK2=922Z5!Ux?%-sZ3a*5U9$oE^HAAcq$x~qRT*uIP~iVbw#zxI?0%X z*dzGAOMX1FN!<#SW^_1E*@j3t=^ig&KnY`r_{d0FBO2I*JRqoUUe7FrPJOw1`3IsY z8kR$m`2q_*{u4J0yJVaQW=DMFK47fP1Vo2jSz`Q^1Kjxa0`E5(+Lq3@GFL>2%NBNL zPVB@m1ieA=s{r{AG58HsApv9?)-|33AkYKU3Eg*Rt4@QT=w5C8|G`(%xZ84^MLHVE zdWS&lLOuN+4?Fii(A+F1w7rtoN&#*9tTeS2h&d3+WZSe;f;MoBh|ZU165<-C@jT;7ahR>tYkH``*Xt=OkRF zBEY*3>?K)7&`}Wl=(z_BI@yk;_olPm+uyAv0|IkaZ;t!?kMio**?Iy{X65XPd#u6$ zW9SnG_6>d3nQE?5B?KFF%lSG-02E#WfYq#2==eDw7LowyRwA{(;|Uh|#33KRcQ{Tm z3dEjBOOJtoZ)$6CorLs7Bfdc&SH3<2)99&0G9f<%O@|92PA2|F`wvl~4I35+Oo3EG80BLQmj| z=M#8%0Rr|nAVaApmilpWJO4l~sAhb1q1b%G0{J0fhM7kGokQTE+_?j0f)O`AdNR1f6Fn#r=8or9C1I z;Vj&m)*`3+Ox&88+FxQa26;*5f#N`9AS<3xMLk>u$q^L>g_Wa}^-yv0lq@PL*ZI@y z5|O8G3WlL7h_k~|7>n~1C|WUW^K@zphW_gwBKTt=t2-ya$Aom9KXiUEXz_zj=t`O(eA<$9XA~Dk>y9|C2ZX zFB#yjB3D^?97q5}QF@*wT%I%GELZ}!Oh6fYQ8wuV;CSWa>3F282xbA4q{fOdZ!=(L zb8+yHSw;PU(+PsuK-<`g!7Nf~E2IVAvYq!G`*ZOYb3Hs-c5Tn^mu8$~7{*_}$8`>B zqV54OWP)jckYLBMH{t$CkyaWB+WW4i;yrIR$45 zCUFxo>=a%4aqj+rX)*^u;9KkGrawWEf7Y5>MlG@QPMlMiz=UAkj1}ee#5xl-(m8uc zAH{2!?#V493gLhw?{4m)D!=|SspDaOqDH78TD35q+M|x&@~6LH{YeMLBxA>;8Bp{X zxY)c4c&--4_?h6{yn|&@NO6`8!1U%7u0eY#nv#!aeyxw;+RTH!&BoQ76*>wjlt$zW zu1E{hpl7JyTEmk^SL6$Qs8ei%D}iQ_qsc68p&U{AD$p7b$)=fC%sP*Z{+M-+>}hdg zcy_j=e%;iJ^xd7AK#CvbO-c$hwlZfWHt1ofN`8Qsq<_rUnsa46W)=Yqr{bUyZGNbx zhP9B&P?YvToTJnkDHXBuUx7O)`;FwQVH(#x&d-0~+}U#+)lpUH_*WW3V{ zHLOVNyIByURCR+XCF5;EWS5XB$vk>a1$#n6VS|)XD(Ob!ebWaoyB9PrYXcxnMJAIx zA9V_7w_#sdAF*H4?yuD1bSLEIApRvMrkF_QY&uzABNk)!64G?5ORkDS)q$z^hcab~ z56e+B@B+C}EB$fsun;x!uTAyGy-(SHQsy$O%SY+L_h1gJ%jdD5%Ega&VFjWJ+TGjo zHtS@hO14gxdpP$G5Uum4c;k%w<(2>K-?>a+lw3J}8XkMCB}2*$1MIdmQX^&VA)u?p zw2~{8?>M8k>La~q&rI0DZ0ut4Het13x)I2>uS~s{jGBrwmw-nT1kip=uj+Z)2 zqNT;~(yPSnt@sJOWOj1H*)pBLfHyuoy~sHM+kXWx^yfYIbobkHY&KlB_`gb;K$S2S z*x{Q83U)h_nSROs+x&@Z>Q4hhRP5>Pzr*qkBYx*HRJvM;!I`HY^53ZP4EDJNcwu&*mOC5=Ss5$u<%vBo{qL!0AubrJ`6|8wc@FWmnuHD89pU>yjMx4Nn$2uv)NSAO^q@{RzgSU^|ma2B}tsAb@J?YqQe#aP%YYz z>$aYC8NC0p^^EhRC-Lze^>+btG&C)Vfl5PR0g2g+>L;VL@}<>hVHK4HaAiYcb0Bgz z*YB8CEu=FT=)MZ1a3GB2MOi!JX(lIiT9^Z>z6t(J6xI0>j6CF!Bl4EusXY4f9Z$ly zBA1FFqaBzcsB#9@E!g1beKvX1HBVWb#u_>R8dBp8HwFWAM^`|z^U2N=f{FRJ4TB3Y z3c*^`$>QzG_Ui@4XfG_ib=kjM#gQG|EZ~ZFCis`nOb92_9<3ZQI(NrY>%zt5pe|e~ z&)B3crVT8xBtF^1l>10>Uy#|}K5sc=L2#@;2i%2Xm}GD)5i2l}`;aDJ$rKskt2QT@ zHAj@o@-mY39Ryg@^lgtSR~akN5$kFXdsrQqk33l|NBVH8EmxFonG*Z;UR6x^n ztB(ceP0bB-oSuPX5DS$Qk4GUjahVP=*D`lwroD$DqJ=TZb?YkfhDJ-Tioq=9mMBv1 z#9XZU6V_9QDOC?Bl@&hRm3lpOK8)eCQF*{1xq?djv-|V2vM6S3L>011ZnS`$%=-}x zZ@3~|9KtgG?YgQZnwao#<1(l+CpFO%oZ2eIhCJci|X)H(c#)KA*CgO^X)>h`j+b$z*j&*YFWE$KA}NEM{dlnRxKwKad{Z z5Z~%eHB{)5$OSSRI%(AWFUXASN?1AKWg*)3;1dyU2ZT?B%n`B%ME&y7DN;h!`AUF<0)NUt36DUQht{_mFn zy^wr|VPwjGrCrF-gS3l8MKzNv!0E5A=1E_pyt)+pb*cYfq&zi(3LPV1WPzOOR#Q#Nl;4C%iu52OSn$(qV6SnfRZdVGz%uUm+57#$$1GCvk1--o=Cc zAKTRp%X`|u!^MM#3Oq)89Z*E^2mbPZ)HmV*=0S%FKSl9kLBs^kn^-VZKm&5G?%L&+ zQv`7w3|__HqL?jn9T_K&ft3YlfW81dz(Ldw>w*mS*;_STD+$v63mjI0}c~)npN(#Vu^A5E`r%dJ6Jso7_4V{ z<~;Eyuf%UK(+o5PC7pvmhdtEEoSrPrASbl-jrwf5^CP02w9Rc-%|dbgSxqnx-1KCM zIAC>mwt8ReHW9elu4o`W#|HGt8T|xD_2+p zcwU?xo^-3>FyTvs>EJ3YxbUgKf$j{L#{f;E3mu~XrHtb(imv8{k!<0JYy8p3{IbLN}WZRiVD?6WEmU5rsRHd0@W6n)Xc7 z&1((p4j#O1bMAG3iA&yGjI(TanDou8oVNOIFwvn@n;_o0;HSFDz1&xF+*(_Vi4wvz zo@jn&W>TLIzX@^%r#z`&QKi`j?vcUe7+)Ypmse2fk=5k(_3Ntr^`$ywX*#zmA!}SZ zRpL!z2&1bS^Vd z)h7FqETSyX=P)s1e)~vMP<5tUA3;t%R2|ZKTDwx@Q>=tFRvSeEqmspE9*B3%H3PS6K70RNKK0cv z#$<&S8Y-ULSa!vqiduQgiCIR0C!MRu&M9y28z}mb-4QOUvBG6Vc~ayv{O&FKdWf2b zFS)}pcxf$LQ9VfB`lvRL55yXSdt~GlyBS$soAm+c!?}6Y$*z8jsWZf>n-2l2nj_@v z%eGrHvjJpbWYd0n zV7}!^MhD=nw9a4>m6!A28v*tAb+%v9>HFuquNRbD%dc)@9pkvAR73e&3~f(ZgU-F| zxoVN%c8875Zlxn*y{C7|{)+9nW8cg>roz{vz01KNUntpw{0JR=A)1Xa~8k6~xuM%t%`LS22Im2+(c*&GFF((qKW@mnlTaRGfk{!rj^@D-d^{k zGU0pbr#1ZcXM1q$W~A?v8l3S-?;^PHkuT5*HiYvy*m~8{u#Y_^B#ZW!|7O2d#LQhH zhm?1cx-IcxvMFq*>r#x8Q12gpLYO0Vu(2g3}u?umd7 z0PmyLVkutK`+Fp%cO^Lt3h?Tl=HVq9-Z4ke1lTM` zAIz`!$-h^Y)2FKd2oCVg)bzq5Z%7ouQ)pMeG0QTL3VsWddlOuU0 zb8WE31BF!e_4erHFD+frVof-0fHVZ8j!A&WRt`r(;Eow}hGJjE-AmnI{yqfs$|e0C z-lFLKYW5oaDq0*5mClebIwyJs#M3d$|A?nu#?4zc{y?vDmU$rISb9``4MXf0SC#xH(i?UFvaAERwQ0ciE)yu;<0b+M z{<*3kLbWs}qca)zJ&8PTjpIb2LYrY^IWM-YZ^e(Zd$$Cr+MB?C@9(5--~hbGRvxNf*h4&e_@5oy@aPP% z>pe8qEK#DYPZxGyro`C-T^g8Y63EF%P@YdBK@77<^iqcPkK3<2P?;jIR*R2dj>UlP z+o+X6%5D)M5O(;bJO)mxDVjVVk`XF(7>!YP@6_%7JCI|Uq4p^nq~a>=X`>Enc;8=&v>B7hMX%9szm0LLI}9eZH%@l=6pDUH1`)BSNb^kxXyQs{MIU zKWom>YziP6K-{%jg?q9!#jO@&i7=6JPPYfgW7@PPC)<=@5RSIlw)<_hd^+ODPbt}D zJYtzb?^*^3Im`^fn70N+p{AY4THHa7n{HuT#%-Vma*nE}&-S})AIWzq1DdUirnQ*r z`wzSC%YsCzmYJw0yJTL#?OY>YVz}GcaO-9r%nccAJ6Fv$#aH&)taQ5WaTaRxMa>UnB zH2?Oeq}-$pl$?z4dnqMb6j?%vKW#CCE4fbN>-rWRkfLrXg(SHvlp$sIeLCWf&~;sh zDyn+7Au>k`!xxaFn-}kaypS&risK-%y_1K8taM=#3OZ-W8GUasIb(zMO5w;Aewtb8 z@GYb^_oCIEueaO&<~K)!mf>D}02EHdt~$!Bu} z@xFElY>kB(x~a}&`N3Bj#<1OpK!DqZR?!(aYao37SkAOIw7qH!Ogvv9pW9B&$*CNj zr)wMgh_50G9!kjYP^obIhPBp4$V`P%>dCs;z(z$7Z@M;4;Uqq(AHrdNez6AO5ZEj* zzt&Rwm44N{s^R$+1>hI?%L1K7?&<001+vz`E=!4h60?_>frLPR1 zHJPmy%qjqL(SDjTTn|(L+0O;cxc4eN5^H-}l0mEW0<8BrrzT`h)P5RQzp+RGMEW=+ z=~e%8DD^+zYF%SzEDd@NT*YA*Fzx)5?@BF$x+SwcV#j9s4 zX&8zLs$V^o%Oe?2hhe+Jd%{3(Z1FF>ab}@6U`|b6f#94w|W_#d-~;0%lF z;jtJ0GRd`73X}wYIs+in2PnpSYrKN~5hkz185BThd4Np$&$Q1)Zt)}_9f9dYCYp?j zualo3(5e2I&x6{-2+d>lzVI%7#>y`irI$kwKb3>gq*NjvmOz$l30zEl;C`(g1Auij z8@*z2rwhnCZqqWD-U{?NJFse35Bgs3QG*Jjynu8F!K^*vo`dCxUmv`)c+AH$F?yAJOT+^7&M>2zEso0)A2sDXW;|Xf0~ki z4Q!eK$_aiwR+-2C8UiLsFgnC?o0|ZsX!t-BOnWSrrO8ZTpX>iVdTqBt;%ZeM3Yovu zhCW&W+b@Gs{J~hNJng$)h~Z~EDCPqalSa3Q8!OQkHKK?QD_^uc^W-QBq%(_p?6Eyw z5M_EW@UcLqHbi%=v~?e%JQ!sX`Amz`d;J)Qbb{#k`=?^t5y3_OYr_Bq4>L1#GLS65 zHA1x$=~CtVR>HjBVEK*vyBBsqe9|fd!MTrKAcc zyHnY28)hVp!r~@&(EXqqyu&<8^3;DGT|-SWi6gyDJ%B%`RK$!836_t@o>ab ziRtr-e4q#(NQrFmE2x=>4nV|7*IP6i7M}DYpB)SU_Dz3I-AGbY&jjy2qo;N?CE+uF z*CSwK$tQ!(2augr0gno6TrD$wR(Dw3Z^1OFCs;bXKL9rSxicjm`U`v=v}i+oO_9(U zZ@sfBZAW@A!p8$p*VC@N8A?{AaVhdl03#x0ip2N^7smn{=?2n=LcYYB!FUK)6;gVdJuZ6 zsVYJz5+ZnP&jczRx+#^6G%5`v=3}Msuf4 z+W|GLY&7!=|0J!gN7VLwCE*^*-Xm4cFvMUUN|W)3i6YiTf#`NB3#eZ z>WD;7_ZIrd)K%jH2_=|<2r>@J$?U1m#g{=udIk#6Tjzu#t?;Jp1EYsGYWK%ji(lVn z%_=t~{613Mh@^JVP5y|+Do>7a=b?C4=HPFJlWvlb2!)5UP#a_--(Av{{t0N-4=J_G zt+MfQ3$pAHHpU|8w%hWL0#2jX<;$ir-Fcmu2+C?Es%(m-?P1F8k-)M-FQD5lSOW%% zARW_m7W{!*WlP}EUH;F@(v4sc0F+&vyZshjDYI0Yr$-~V02ex_C&J@vmH~4E>Y4V7 zCh0z)vt~W38VJt$TeJN!vf;*i$7fOML1d1h0r!Ua635BZ4&OrEDdD5)G{Q-5i5&Zn zrcK2Hz9I7Xd<)D>eD}SgP~jWCo0W8Y7+&=11fUJ`h7~g-7`u&(z4tFk)TanlrO;&e zY#kAFXjGFXkG;>_+i?Cg$~Z6AGBGMeI;OCVrC)~$A;b0EuP3)p8z+`gG_ceay6nvi zbkjmrUrMYq;B#jt6DSdjw$Bz{0Cpm`7ksUMdDQu8| zfa|yA?bYQif^M%8>xWr_^|A7r&gp$XKB1=;eGLWw(bjJ)z41-RxHxxu06={-Kbt#( zyO8NFh~cW_$^sBRP0di(LZ!$dju2=fHgCui_bXYpsn|klh70O_kkCy|ZK(!oSY0O8 zP+7{ql)f^RB3DIYW~fJ17gZR+$Sk%gF1=;2ew!mlIOqmVL@^J(BC1m&Wv5Dd2O|T8 z!|q~|p>lHiWBGQ>j8>pjAINPNHonWuv2qsyHgHkY9+ZA8L=lf&0@9T%j&i@by}ZV< z&_de@9Po!aqWa}K?y0Mx_1})tjbL>l%T8Xsad&B|qXX#u2er60FxQ)rMg)=&(-tdLI(9J-xqRDU3{7ME^?t@lt)r!iTzn{E zya^LIXp}t2knn5mWGyB(;g<}Y5Ykb4uw1C{=v7W?D~59gI%jOn=xuJfYyk??<60=;Vc~lnJ_-g+ju~T zx2k5G(7^{Ceg`Uu7J=*x%J1$UzL4Pls+<> z)V&~cdWt5hU==^8^5i4TJJ^rCOx_-BO09mhFJk7HB$e-RFwbSIVx1}&w`6Z~S1+6n z@nWukcob%tgodJ-q}Sbeiue4!h>rc+$4MF>744*Ik98vq%)O-s`OUaD_)3!Mx+eT; z6pJPra=zFaAgB-dgl&0O??wYN%a~XH?Nimw6M8XK)FzIyBtpVg>UxQ zdSAlv?7>qYO^J4U`Hnr;-uw{WfH9#Qm#{1`al2<9MbD^yxwK8Z_*4MSaU36Ky{M z$)&TfNfVDFTMXKOy`GB8=(6F1#E@-a(fBs#J9N zMUFwV=SkZQSd0J4)h9@SIj)R;jf(A4!qnltYT5~Ov>gZpGvDP!Yyf8?H_q^irvg@q zTwvtN)(*#wfrQqhh;Z)P{E@zkdl^^n7CS_B*KPxeid~QTfUCiMCEnb8f1PLx3-s&% zDMjYf9s46V1Q`l6WdXAf)y=MeZXf(kJ>T>ZFm#sF$RRM^*>Ex;Y1|)F zZgNen=DmNk5E8O)fX7Pl8T*pTyz=9BtpVPont0GZvW4hg<+uh33lVg)9;g4q+E+$p zxpiyPjnduSB_-Y6Ac7#$AR!?jNOz~CB8`NAgd!p$-O`eZbfdHgir>0H-8_5m_q=C} z?~K6@6n(gJt!vJC#T+N8?w3XBb6sYh^&eek`umiI%DT>13uWK?PP`msgl;V4?%oM5hT=>6HX8tNMghMD*QpG?HUAHG4 zE0Xj!+-t!hHZ9;sX0GgS(~!^q1iStV;}6CrJ4*VK zzd}@j`pfm$MIePQz8QEZz+NWe zedu7dr94ffY^j8sal|*AzH^vvMU#6ab-oDkt+KX9<%v)OKCFChhLRP2?# z0q_^qUn6Cr_ZdI51Q=g6fjAX@2;nSuhQ03LB_!41e(8gBo`d?(oqQEaxjjZXGGkV1 z#(|!|E0-MGr2i#$_j{z)Z58Qx?_d_QFR8^aL?$Q@_JYb&;8LP*LXkC1E9oxo`XL)$ z`zMfV`n_de=PQ)9vUl6D7qnWuWP7KO5U_nGb&`3csjwp(72Tj#|9KrSPkCMk;D)GLEf+;kp~n6t{j|dsFE^xu z(xo{W|MlYEyL|mB#^%z}SCji|jQs@-=;jzZjr*XF|1^3T3KYa^*ia#pw=W17Z{TpE zt!^T}F~)>5+9W8pH#SVj;_&f-J40(;rF=L&XIpVs%&@Dk=`d@QTN4ANZ{$?SkNvbI zu`+TxiIn?#(Dl4p-0x{0d;4Qa;rASTNC&!x@U-}-AdiQY>KxXiP$nK;d_*8N4MQq? zn&;ktUG($e5V26DYY{D}+CG8fmF1%GZtY~zbM#+x4@|=o3*dhwZ<#*Bu`{9&^@w>M zWDwpGlw481Pp8Ey@K6s*A0U1~e>2)!vj{B*=MD`Wey7q-vMZua1vZ>vzwRVl9&`zN z%E_MbLdsBJ;B!gh`ETI9$nr5@VdB=K3$r|c52o;JNqUt?NxdxR0AngA*1(z%cm+uS zY_+!T!~idYw=*LkIfbGq++CYrK=_w3bo+10&}bDRy+)c3Qg$HKcwCSOG+|__P^@Dn z(*-NvsXoN*vR@S(*#;Nuu9>`Msrd+v>r@{WObZ_n*wUmP7@%aewqBNu`N$x>*pJvv zR+W!RCJWD^sj_U29p`mdZ`6|DKUkzMHGTL zd}A2#AR;n<>^TuRGI7YfG`jmM(3Qx)i5U{b0Op!yANs4PM_i|qHxrvGZoWnnt~M>L zqPn0OMaO3h*R?aSSb}jOhDXQ3_%&=OKSKAy4vk_^rDDUxFIH2QM$N=V!0}l|7TC3) zRN(#Od(IiQWi-K1Catni^3$TE-$IVYVq};i13rEqHYch>2D_EkumES6^M)>G-zd)G zJRZfun=RO&zo?o>*&ski>EgxH{dU2vo$hD9=K~Teb&DdMu@pHMoGv&?kK)k1NPK3J zhyqTcqqd>@)#V08F^u_5p*P!mc2eWlaz2<&WuR@VDG7N>$ZycuiGHf%o*?i_#>-#7 z0dz~hp%;V_d8UvaE?Sx57t;MhRa$xlQk7CWpQ%dWDGu~AfZ+aJ1WT26iP_}6pmS<) zf$F)Ybbogm{Zl|tIRYy$YH!APF0hm&@XY?IZIyIHm}9i*f?H zKSWb4lmA!9jIU1P5-^JRCK?6qZwl)(gbTtM$d;|#2J5``tPw~X0t6D~`d~Mvvr`2G zhvNrn(p)IyXun(f(xf6 z>j@xaU4W?2w)-C-U2jkz3h5*##4Ba${pPYGy`0^!A8GfBFeuTl08rJ zME|93UGq6bcpF6Dt(!dkE=S`GvXVDv-gtvDK`gp5T(c1h9FEzPU?uL5` z!nh$MuJHQiK|Bh)jCLEhCq_HvJLVG7Ot1M!W`+E#fAf^YPk?}U#_2^MUd7zRhOS_? zIZYWvB&~?Wa_++yM0L~tCNNLhg+7u`NFv`E3;os;Yh(Mp=F(jH1hRKt^eRYepB~} z+MK%gaED9`Bq{S(@Is#X z;y%Q1>}|@<@>(WM-M3)i&+j()$D?H5~7pXtzWZ&HWejdMUMY49B|HyfE^BOPYhLp z;MGQFJY6H{19QiX7hv#V$(OYap9?S6)UR%8mZNbX+@sEhgg|YqPBFx9puGl{{_0i_ z5ogJ52He#`VO2A3j1{9?1H0#Ya%6>*MiWa_#1?FP51&t~mQ&=V+RoONPEemYu*Cbm zb*)*Wx#0F?gVbAM$i(|uLb)91Had!@m()K@cUhNZ3Wq?V>tiFTA7tb-xJ|r<%WdI zkG1!cx7CeXo?6e~(Pwvx$|U{ZOPG7`1*8nFh(6i<0n)hdSexuuZM*>7

    >w=OkuN zfZN~ey=y>GD<6>PSShYfi_=3Y7lo~qPfrr*l?f%i^2L`W@F$}o@pin4??nwVONead z%yeQj555On z4ITC6U3XgE8g702;?!M zt2_X{cgzJO${6UpIf-M)G)={!h!i6wox$C*Q7V?GKKnz8x#iA{gi%XG9_dQ%Hcs)B z*)(ZaKC~5~ecivK`B0k`8T~PKUdS7xJlNb)(@jXOzFUTBd{0GQkMHM2o0n_<(dH$_ z_xpOI!}G|!OhwteFSwL-TeZ_i45dk!3@Z)suMpjHmv&Q*RBf(Fh>>Nb6P%QtH?HoNVFJ#x6sAt|#3X?aBzNB~~ODmDIZ0R_V z*fx>3IeqM1j`Bxf#YD(45;m6~gp!{f*VtCnqK9QVhsRzJ(Z;xd3B7m{j3QrOj%}8E z<6}Sl4y5a<;|B8WU;?1L(^VtZ!Sv;}!Q>S8#iPc;31q6mswZ|jHFQkWe>jU0&P)-? zna=?K%#3`K>aRkfjrd}rkhXO;0LT|XNzutKDF;>!@piBCa~te^atnrJXv#F!%do#@ z&C&D8)CErHQqUu-s9<4cBwuUOGn><~QdXVwVJBdJY1d%w^ePlzE6LZfk_`&GJ|?>2 zjN{aVj%Ij9)&0G-^X#AlqtAkv7_sW@4sxf#x&NtVXmBW^K-^lEPCbol25zZ%$9oKk za``SMvi`9gqeN5^pMBHS%O9YS;)F`gfL{MYrE7wU)jVv5V3O>N7>zd1vZ-NF1>O9y zrWoEwZ?GLUzA$=Wf3$u$BG{!oO;_};Z=3DnMN~5NLFbROn!O6~ktW`;|M=DC zZ(`2^69a_vPXG1KtaMFji%M^QRT6hmMS-GmblYY(9pRI1a~xP+Vo?l_Ng}Z>6cRnQ zB!<^*98M6nfjDLSO)ZX+3005`$?Z|Le#c66ciwM}fVBjO>xU6X2va)3kxTOK^n9Uv zy4xH?_^)> zf1cm`U{%nppN)H*da-qK{)rXxpvR{cg6I7Xz{0H1CK-C8VvEq0U{4shI;zI5DrXFwwz@1 zbIaYsLVldvEY8|KFV+A&K`8b5SLB#x!CyIJNwEHk6}abQrU*HlSrET%bw$D0?`Jl} zJ1*+#r%-qQ$H`Z2;4+BJw@UNr>Rpgk4Zp>4_{^XR;RJmI%a)kmy9IAHb@Gk(S8yU; zM8K59$A71tcu&-}h3pyNga6^70m8^FX!pBdx#%dlKPc;4W!jevSnu=)bU*p5QJxEi zJbi1{iX!3l(g*zQ`={3}NU{swI4=Vij&H(KAh9uoe{*FQ%s47;yeO@pT4Ef`fHUKp zCl(8xk6V85C=@be3|WOOf9yk`l4Q;kgoVdZTy2qDC@fawMshx&PpATMTl&eB{D_V| z)yK=A=MLx2-P5@-RVjI1qHtevxW|GHJixz!Utpd=o(-f5OPElVg0+-0&3f@!dydCa zo|Z_QqQr)jdD=cNo8+jKucUPS}v94&QfDDprJY+ zPc1pKK2!6@qtOsfc^bsU*7^N7-XADVYd)F2Bp?Chl~d3%ygfbMP^9u=Sie8W$~Uq1 zWR1`NoujDRs@BX`z+wtvh|u3I0%=lVj6X=wW5IYpFl49sXye?NcFN4-aJ&|{D`8ZU zGG)p@UxmE_*RkNXZPIpuD{Wa@O@8&NXyBt=KM?~E56?Htu)6aPP{Iq7w9}Bnn@f;f2`?BmscQDCNW!lUShPVUWeF5=stw=WFaK3yh##AE1()sC5$(ohJ=#$w)1i; zu`g5@445JPEcaE8n7HPyU2%#`99W>FRZc+2K)Y7Sjs9y;a3vd}lt;LK#I@#kU|*3{ zP#|D3)iTc^ovcW?Mc>O5WDH;FtftzA5jbc|ZKHIRmvI^z6MWMGV}j6)Cy(yPoc<;d z4FgeIQW#(mHKq!N!mLPv@QhGb;A89UY!P?1UXdiHf$Xl0xLxm8(XRnl|1<ir&vWVPS`JxmWU>A(>v>%dLdJosi9sw6i{gOR^W*Z{$i6yyDNKu(~?pCsqekr?m3HA8bzEv@A17+m! zY7FU>KVyQGhN7yMV=zo;8juYP<^+MPiIGiq(Tm{=J7FW_0Q(yw0POF;LFRM{4GENJ z0|p05Q4cY4YuiCTNeL;!orOb*l+h%&R>zM2g*(vp?t0MT`*{}jE4>Pf1YC| zbJrySJ-To~K9wn^BoGjk>PR5oeZag@`C=%_F;N8fS!Zv23oj=DyOWS|+$7d*)9Dv? zl}%({8a{*QKU`(2|0_Dr^PoR;9+pS9Xa+q3m0gbv_Y>(5ZU^gB+y^QH*~=&Cd2A_7 zU6}qT0@X5SKtHba_r$<5swmq}Ys5lQw#V@`3gf-4Dfy-ko!Z5;89as)FiSaKJ$_-#bS&B-iY)7Y;iZ{EVvw~oQ_%>~zAxFWF zbDE`AWMI?pVU+EB;p|N3e|MlPz5d66GU<;4W%_RiO3q#ClA^gsv}5%~QxbG!gBN{Go-!_pcWJl6d`YUurfYVl3DNQ@WKeSN zF{e8-o)FC=x^eXwGMf7j*UWa~Q6clz-V|i95lRf_z^wXOQa@T~u3R?GTQ|*Ee5$ zxt;bwyi`{xDFN3rt7~Y)&>hKzU*MC)aC|-1mVR4};r=^<^};WGIP+oULOFpkCdIHZ z=_t`sX$>(bkDE!E9!jYoUq!x8j18xepxT4a#T3!}@E>Rz#Hv8nBC8HF4H;4>+@{!; z#`Jf){!%plxfUHsQvT+oRpoGu42BC*v{*#kTJK#sUYi-g0JdKUnI7pFr%aHQWh3U^ht1wRo^smvP(M^62Aa3g;-;MFUbN6398jCLQbo`V; z4r2;-8$QF*O*uHg>#`%q%|H}p+d4l95?d&x=l;<}N5fyWfb%<`Idyr5{fZKH)qoaa zEPlZ0K@|5PyO@A}{)u(VK!;Jc9QNVTKjA*gLr_2jQc1-AO965BqSa-QE37-ZZ7z&j z;Q;gwJ?bpMq{5x>P_>cJsp3_JnMM4|Tl`5`6*p~rw}3^Z#NFk-=3vy5JMkFIWPt$d z{|6k8|4w5I7RoC`LadEUR61NFVc>!}*~i57_NQi?b(;4z8wA;amxjdKPJdB&t}2J6 zUx@12<;Z(l2^cML%QmgC^-&|x%~H_BCQWYK1mOoGnlhH z^8y9AVb20&&4AteU<+jOTm|X4KV#DJsGuC&2&5`Y)-zQ85RK_}t1Zrj$pO$0_YeLV?rt6AMf;g3yH=FaWLNLD^obeI;@ui#Wu982eKZgwoyy^ zWh$v4)2ZJ4T)$Dls{3SHM&idBm;)QX_47Tp8SS0@;TTRvje3bfDGnzIg!>%O$BW^) zi?0%pZhDQlWxQRkr4(^v`QmN6PznWlFkb$?2D}l>lqD5p7C`=Ic|cxD9g2)c zYZr-f=c$S!ov<))25{NT`J0WA1!OYUY(F53#xnb0@ANJ-3+Oq=>MzMrC1kM9W&tIF zavVr7NWJSoii1xg!XC%Gt6k}MHXEcGa9tB~bp(?%bqxRVdCzv$`cy@n;J`Y9r~*KxPK zh!ygP*GQzFR1UdT$3b_yD)b0ai$(HQ(oH@0xL28vo z5<7;_UPdF&Xma8YTKg`J&~P+VYF(rE#zzV_v!r`y9k_(+Z|KGR z>GU3gIM^9sm5JBlcCdII>_-0yub<#Y&O@=SerESeyn8ucwtahEYqd4?q9K>DDqBhx z@l)e_u^FnBp@da$B-}f%w*)03OBWGXXLzRyQP~4i>P=-Eahxg|ejjY=J{NKki#0Ag zahH!WvLXgKKzK-e_eZLcx{%W5xISyuJW1VIz5Q zn{so%{rW3o6-PJXYvHpuhc|BW1Nt3%+U!I9VU`>8$PLR@UYLobXRbC4|;c=%(x>DyGM}oPhGR&3J5JzGGEgjJ&nn)9FnP0xl7siRDjdoU3U)h zHALg6oqrJ3QsB90NF}~39tq281@7VM=A`?aCM`8E?(ST_+}(%%gS-2}W1livGijA^ z{rkAZfUjQ)%nCn5PgT9DrEsF&A}v(Vt;e|=K&YG|&T)3lig-;%sz0Hj~O$7V<|3T>M)rQY)o zHh(;D0h<5SgU95`0_I<~WaL2#H4Mp(8V4)FIn$T!?vtK6&$9?*UgopGg6u72vsXz{Sv<1=V9 zPxptkD7=nJL1fKN4c?7eO?xbcKa8CrvlV%W5dhp~vhi~*Xk;Xr#$%E8E`KM}y;VER9+UEH>aMke1{b{r3&GVe* zv*vl^gHJQu4L{_s3qKjM9p@sL0=ECT24?vSe4Ln$;x zE*c0>m!Lv``hMiUkX$Iy`1^WSb6n1K!~ctRIEcd-```4#d+5&l;rKg$;Z=KPM!RE@Tme z6=MC*vtZDYyFh!ts}4Nh-#E{;0LL&8M{;dcCK^Ws__lPe0pAwE5iP%KPk)q;bD1>M z1-9I{p0eS@K3PkAf%Km5%AMBKgqwcFrXPaRz-L7H0n?5gh;{e?Ucw6FSA5QtL#8li zcCM*}csOXzWyY_n4Ilh!fPXEe2@rj0-W~-+^O}zY)tT_>JT9npX$R=;zhnM%3z+bI zj<81!62D0AX%c`e9;C@+C>{wq9)oy@+`~cH%j!NJ4Dk%T-(V6C+d=OvRV5D;gcpf|2QOHw(RngzUGF~G9%O|*1@)xf~4Ca{v*DFG= zkyc~=ro*Sk$J`8W=`^?LqyZBy62L#{J3s}QqBG7oV}p;z34j7a4ncLK z9~Hyk$nXkOuvdE`DmQh{{?}Ond>}9#25WgqKnAmmqqf zU}nrzAFF|cpvEv3>{bW=n(W)CuI7%xELF*3sLNd!&XHjZzMG_M7iW6FT?>N4PCp?y zyaK`D(}j_ab2uFF7aUG%5qiRansv94;S|94+n~p?;~ez?&K69{ zeXXGzT9%7YYn=xk^?(~KXtst>Fgcpgm7PHKVHKxvC+T@$rvKI#7XH;2X;?_`OoI2| zpB(D2hZi%FH3Ax!N*etv1bqXgauZ=*QmOdAdel!xynem{4AN1LHUT0Ig9M}CPV)0M z^?+VIoxXzeqCER<0oETv`*&6d`_5_?G2#5C!szXsQ(>^{hJ!^B4YLVUu6-EXq;sc&GmFho7_wO)GH)pSntN_ z-x64|Q7;BGn8oulW04@QTsJ&Z5wY^=!qHW0QvfM{{ z{}Dt~&j1C(cp=VzLbFzdh&vG-%{-??Cyh(hEt9SAa?*h!fgf)n*wn3tjrpdfI-Kpb>ptrGvkg`ZrD8 zBJ}T+VH`+QJHtrvg{3kr?UVOfVVdxRU8V@uwv*vAX=>b=G;8jcZ~1*&dJ)_LlOR2Ng9+lNKkK45)mFH1yT$v& z)18`7DnA+VnVHc&s0wW zRjRNW3*2(+?rzK!jgyI=Tujmn%%#0(stup^pLr%sPZ(H#bJH=x*MYD!5_4}ee)L^E zvT$A!atb$^Py!aUVlHEBJ9G~Pc=Eq$+YT0|0lJMIUv1Sp0QLpP_4fhlDn z1dw19PW3CnsDwyACO(A#B9yGkdAZd{dngyH{9%po-dCi333~IQC&Cy@v20f(kUXG1 za^lkU*w~f8)*oF`vOJM zlEa%OY2ccnO!>E<^$s+l^O_Ea87ijpg<#f79=(YAo_E-!vP&x=uY89?@V33627wF4 zA*uQS-(GK3Y7{wPs2n5k%t@6Id>lBd-oEaOk=UV8SjHadO0|z{TvfzjsgWrRUthra zDXI3r(x|GIl6$TLkkA#@t=a2Q@_AUkhIt&Ooq1ZX;5Xi3ceLTYN9xTy{w}+8`uQ&G zJB>7XDY^vnMa~6jA)$gf9geom|fp4hv^L^Hh^*gEH-BOQP>plcTn%J^evCA zwtHH0&$W-8jQ$Ve&0@er#}33o{y$`*um7)@=Xbr+nCP~HwQ0XU7-k!<2mFmu#wW1af%AW{ zpbYpMp2II4VP2i{F7Y}Z0J&-Du($dg|Hd!_kh`G#srFym&c&)tzG~}uPdO$3!9?HM z_*vz@3D~96zyg{Wf~d_)_;X26PN+~Yr4Imk;<#8Nu%t$CEF{7RH_b`AqctdB1HL+N zOx4H|gFGFq-^gDG)=a+j-p+sH#R~)^>=q17@qiN;L&h!SehwXv`!(Y{xGMt>2%O1-#gd0U_olCDA|lnJ`S+bCaavdhV5=J- zAk{*u(5Wg5)V&bRU&2r|gGYZe6k6qmHafe5i~VFqq=?+6aygw04ERA@#Hcf*ym&YE zB1+E3!agITFO0N)zAz9l7Dck_iXmmwwPYEzs^|3pCB{Wr zFMi#eygT29j&!uR#g6@=wqJ+1&6e(Zdxo{F5`KyTxwj(d8yCAJP`xUl)qFfpVdmQP3)>SlW(C#g>4+)}CZBhno@Ylu@x*{5+2|W158{XG*1TkBpS6` z#-cs~4F8oYDHTfZsrT{-zgg2AiOsPs6zXyX0%yo)LG-cN84sl#fXmRi%#%$1Oy+6N zv#$LvxlWD0N7T~f=dkVPcd1XY8C~4oKrxF|N7+y5c-$bz#6~-iTZ6_!ge{oNy2*-+ zW}Y1ZWmzfm;Oz-RtsF}#dnp}FTvOpAeERpog@rE`nt8gMlLr!#A_?dTNARv^aCN%n zjSuM;WbFGkx<4kAWor6JKu_WlZruqqpKYPq3PQu7y9{MeS2*Lw-$ZI)N(c>1Ff^UO zvH=J**Bj#k0IGYN=5zNRMd873^hEeiw*RtR%Pkh<<%Sw?jxq8%)-H zM(NR*3KDQWklqg01LA75Gyx{5c+^()D3ykRpR4)tGDdS)AU+d7Y9=YQqR|bU)h|99 zxV-@;{fo3y^4rDtPDZ|~Df6#FsvYm~GT8OebRHi(svzij7#9AVui?P98Jzg7X6f1% zpuc7pzy(Si#3w!(=zN)1fnxBcPu1!V$fA*34SoI0qEXXbWUS(*YVFk*SY5)anf-&! zNl<{!+oa>f6}JMRJzrz4p|LO(3@ICPx4R&=ai75cGNp(fv6GqRg1ZnYQHlVEBfevo z5v?~JrO*dw#PMZ!{&lj9F@9~|D?RL$Zj6q0M#8c{F*?2KBmr+eg&KI;|FT{xOtw*{ zrY22;m!+ItABqb#af6-nLOnmgJM!{(Zm@`yHi6qMOf#8RyMY)~MA^R$#f7G|pT&iG zR;Kt$0W4lnrdx`bmh~QIv>%EKE%(+;CQo4F)8opZ5kN*n`xx_{Iz}e=J^#>)maLZA zE8-|*vwDbD4Z}mid81QAC|ZJ{#~f|_!?!SPlmI@rT{%7UZA=+ZV+?Krgz#SG1FIt+ zV6|mXk@U>q+iov6@Ry58eUzq_iKTSVM#rFp`r=i1=79M>H2Ys1%ARLXQ%J*7wRAZiAx*J%bLLHa=k; z4({c>ka|r@KA2t2bRX>^E8NtU<4T64zeM)G6GfhVX4O-E?UhiN@DXB#6E9CvmpqCc zp~f)cCcwN*{Z(Q!ci1i%E21T<5h&pK6FsmE%8)Sh_UVIFz~M1Ka7 zz8QFl5__qc@wRSyhp+Mo-!t*do=L%oOu^bVOc+oR=)wT;YgV>_M}P%CI>M_xscHoW z^Qd_7-#Mf%@FufG0LCX7oq~}>7(~Zh`Fy`IQkkYTyIc0Mk0!Dx*Ufr8O!f}N##Ugg zKq;b4_0b{qrq0uY`j)CSjtD`g8RM^0Em_M;v@9Ws!q-0x1*9Gx&7J`LQJ#syH2plL zt*Q&1o#SY1*V#(!8sMAhv=n>k0fV~<5TLS@xD=(Qeuy_d1@CglXBjLNhwNmXRxTENKp{z0d@$0vQ6qC`)C{V4mq`wP$?rS1N^gA%@rSLRCowm^uKX zL%5ql*kxW$LV2*`7CU|KG0m{u)Zv@0qcF#tHcF8bN`p6;m4m+tChd$bdxc4Soc$K^ zOf`RN@XFWpr}zy1rFY_!VW0L97 z?iNxg2KT=Iiji5qEPcn|UD+W@CN=KI=4uug*FNhalD^S8xN-6Az#3+d0^7; zAUEgU5M0i`;p@Rbsn&*=OJpUpO&ADJR?UBNeqn)oWjjRI_}b&mmxTh@N926b4uYa* zQr08OqCNrAa9bJgT=4~X^&8^ztRfxPc7zZz>Mi7dW_nMDZHaaKe9-UW37q{?h&>MC zQqiY{u>VC~YkGvX&&h3ZG&n*3kN*k$25F#XwzC$$GE7VLyqS%QPSWe_`ulJ$R2)1? zpy0q7w!Qst(%25ZOhlOC@w}qI!UMl4nE%EUEF0lJKMK73(15{5n%^)Y@stWs{Rtw6l&} z>m)s1gN^4T{cen42gTj;tK-M<;oZh}Uku&fczepL;FNzLc)C#RaX&j-0GutvNC%QX zVLqP7FW+5({j`M8vxo2#Z-Eqavr}DHJ-8n)aE7)C4p?=MgQjJAG)tmpBlT5R2CDcs z7Lh8r@VGb^zE;^0Om3kxV|qAzsM|UHagzQTOdlHgrfzXH(>J>|;`lbbLP}|qJbppj zt>X_S&px~SM?l&M1Wk&B*{h3bpH2^77Ct{HcMdQ;wCGFcwE#giV=whf+;F>?14gia zBG(LpT=?RVLi6+`h3^D+GoDfutc_Z3Ig}g+?-GYbMq1xV{Rb+A9EuhNX3$J3Z9l5qUOf!LMM#-@rtStgZ*VJMvqe4Nmqa&Y;Ea1pt$n^i5zQWVRl~;Do%pDVrhe zVm^WA4_5NBnt*aHVE?yVY1SISincUU=VI~hp}^#rIPj5wN=dZ!PRCs<4RR6T+TWgQ zbtyCunClhxKm86afb0EuLQ4cOA;05&Ry$5rw5f>jcy=9wRgeK8-5iN?Db(5@D+E2m z@a3JyR`@iLO@Ju`$!YK(Sqvo!{# z2W#W;GFOH*q|smNwXB7P9%Eu83G>Ma!ed!)DH13ni}&k0MLg*sCV92XvI@Q4o~nV6<-wb&=~Abfv`Jzu%YGHvi->ZAKWW+CRyQ}&rjyEi z8gc6g&4k35hv-lccnd-zS=#B7?8Q{z=YP2_9O`RPi&iw;C(me=dLU$;ND(mB9LEG1z zWjj4hoIseyQ>NDsKa*^tqo=`;L_U|%EL@)MHoJ$8=hPQkrqGnP-4SEz3yW4rF|2?3KPO4oW2*EZwwZ$znc7313Fr$L5r+6YQ))Yj!cqb3TyD<2QS4??=bcsg^7Fp4+qV3JFc%}a3+P{)Bf!_{erHyZxs>|Gf}e* zhDBlSr(p8Y{xytT4P%^K8ZIqF{9bH)SU;{GL?<^x2I&~NA11oz9a=z(eoP~V5d&eGv-_p z-xl#lB3++aQ`~d~Ce-+?12T<$TK8WNvj}5aAx4yc0)Z)xDf6nCyF4YV*p@qdnRqb` zen0NB(wtq?=!z=!AE7GM_s}*!yuuH+XeD^1ftc=05|6fLZM!!)WX7@NjD~%;G%5YU zvJB2h>MNe7+4gMn)v+3lh`THdNtOmmf=rdJOasW#*!n|09q0n{cfDfGJy`osR9fvN z3<_sCDv6`pP$zj?UYjOPf>3AKg-M6uK?fpjPwFm5Tt4HDA`4DZA-qseuKV}zo2RK? znRXD6M^nCHi{0x^q~bba$&TUvTqwTD3*a0BlAc1E-X+pYI<5)EO{ZAqJKoOZ=KIeP zn2Dmk1?t(3e5Uk9eCN6x!qbF#Vsa@n>_@Ci&+7-h)={Lk>N&?SE4I{IS}jJd;2wNd zDLwi5uGz1kQrW$oNO0AOhgKAEV@r62Q8jVmX-kg}XeSwFgm@LgTWVr zl4t~NR(iz@s`d@&A$mBuIq&6>15z}1P>uDtWSC)2?flV`%Em7yNlUc&3d9Fd^uef= zu9o{=8$EEaOXArYwCazvzGF3EkF2EB9fyu*R!JB{k@4elsvQIDD|QZe23L^mwykE{ zn?j{4-XUWW8T4p+)UdPU4?NOG`D+vZ^ZZM_WzY)dZmpYbpdqKu-~){242Is#v{^mY ze>oDIKnYqc|IY&wC1DtZuua! zb){*?r4`6uT*-caf1DcNL+aamt1$Y{v0wNmnI3%bRg)y5e>BA z@R>l|7#Rcm;x@t2LXfH*F$;}?0tnE{J0eC_K(}LS|MZ@|B%Dq;MwwC?ham*Rap@KI z-&$Xbosu(M?#loklMi__Y}&p9n-z!8;#3f1di5Rsry> z@l;Qi+BvoEd=HK#V}1&abzDfwb*E z_tumM3MTp(sVQ^i3}_QRUn79M(}8ywz%CwA4@}Fxfl=}I+n43tBcucnJcA}IEkDN? z)>vQD&8tBn1N0e=(;&mH+E+VXpr~)ep(q%P2^^!=yLI970^wDg9&yw6BjLJIPsEpT zfoWt1an^IAVi{r3auKuXr^w2IhCn>-@<|Q|UWd7AnZmpdk&<4!3|YwqB@^qrfbDXL zTrj5dWbPISIsgMQ^;+%A6v9n*;RknX^e9J{f-g%%V2b-3IqQ_<2r3#Ca}2SA#LnIUGaUlQ}VQmgOwB9pl9%-FTXKK0=Kfsh$}uTl>}j@-3^;iR5A?h zsC9U9WL2h>MZ0&DCR1Yq_jVURpXmxew}+iJASuk_{+3jqLu+r+GOUHb&xW zOI?|;-VH6EeI|3oeC)GAhhg!pKJGIf7#oTr(Z@yo(b(YNmG0{10nqTc{J zKMH@6*?eX9wgkaB%Jp zmNL~hf2=+iqbHo1oI}Fh8<8+>pzda=ihz^q2r z{O+gEtzQw*ty>E?4&@qUatl@3WDaqv47*+Zr{*|DS&60}Tn5jA9!6-$52P$f|2UrM z{3C{Z9$G4woQWL-m?m%ing) za-8DTUNl_NDw{blNNOXPw%!GfmphZr!OC;@>CtABDpx9Yh6b;;#5ZgtGk^b$rwjIg zBy}p%WnZz_Iuwbb-&Gv55<}{Hq0j@4Yqn;OM7GY>03x#J7c+@$1R~BF-Ap;0Mqk06 zmsw?}G#zm;C-r-iocj=184iG!xE36%?=KgZrqyx>UQ0!9PoBHDM} zml53rR^AFUr!ts~Kgt72Ti6JQY!ILat6yegOX*YwHD?hhOkISlG0R*(W&nho+5afl zk)3p5ROeFoU}aB_d*0txs+TzD5V^KmBVvSo*(OtqULtLr zrNfE3(tl@tFd;VS8iq9Kp?TsFji`brF$W)TXtcK#d!$bG@Esk7B(f7Hb~n?)NL6YK zd87;lg}AtQv(U|HcpKz1P|WDBN8bV8sdWOy~Wo`)dym=5;kIfr%$vN`6)3UM8P07amPa@lmL zOKae7_4WCpRs2{=+=aBwe0x3#9iIsh4x_(Jy*BX{RnCRIjlXtI+~Vf6L)!$I z_&#lC$U`mIwfh`An!@1~JI14ns&sWIK8XQ7fjx=5aNbF!e`}?j9qSv}oUpo>8D71@ ze*w$j*TO*n7w2EmEx0Dg5YR-hB>Y?PdwvzP$l<^7*~zlX|Ls*i|Kl4esm2(SfHFFm zI{r8MwS(}jBTJ#uznxzWF`C?edGitq>eHH0T`3nT|cVe%o?qtq%n-flH z6kWV=&mT!$y`@lz65j#MaKM#$IV}-scXM56`F#=EYE(y9g z`}dV!)uaTP(ZmnEhm8l6CgyMFJU)N8`p^&Td9Idjo@wN0%bbSQNQx+*^~ScxaQzFrLc@Jgs69zoh>~z#I!2ER+M=eE;PfRuC3>-w; zGgF0M;MO*^_<=EpLvsx_H;D&O;Wa{tw!bkIx23^@&kpUuJ%(LBuYv39~J}0qL&XtsEBWy$iyP z4Pbs;RsJCf6musaAKlU-?d^>XMTw?6XI z>(44;m_7;WM*FcxFMtfKiFn3Iys9YwP`ew1Vv4EcD>_6h^CLBqWbC3m-RtK5yWFQ( zMa25FmDsnnf|l#h)y$0V{6FTtIxecUjaHEEZV;qP8tHD7W=QF75R{T08l*c_KuYOQ zx*McR8bJjGK?JG$j(WcDz~{Yx-+#{U0M6{$v-f`A^{i*D^)NM?-bdfBdwySZh<-vH zfkeP`Qio@Uxb+y3v8sk&K9rK?i7E-YO66=Q#lqRV%XbD_VTa;nHnH2c!sQo0ym~p2 zYa@sqdVYQkh7=^PiP%jtZ8!syKo%iE&rmh0QbKjsqL5x0fhg*~E8#;17=^V13PQ5n zl;sgDvyysHD?L|V=pA8<9|gZgD~*(dyNu&wp>7^`CFPb_YTV#3NXR2$Rc%`NQTpGLqT(!0KH&q0Rk~F zWF{|>5wft?hf{!%Q)!e6JK-Lr0nT?FoodTYP(G7y0DSezwW)~)j8VxYuS5R5M0qDl z$Qt*wUY@pQCbw&w+WR@pIgaw*offGzZ@=}rW?j>v_pK;W&FIdqSp7&HJyrJ6GMJ>G zowr^SQW;c#Hxvw$k1gP-mhq*ZWkW0*y;OK#)Ny2=`i;fE>3Foh zFizj~lmG(vG(nql#|>M%j-yf(;&k+*%ZkxRxbzkOcbCL_^0+2a73zxv@IIiNuxWVw zl`0oO6?aoITH|HmiJV}T*=m>X!hl^=o(71sS>jKN5-zBoVIl_WU%vZp8$MzGT&Jr>}`pm#H!Lj}$&k0CM z>_nXm`(_m$XE3a{xwm|G$uszCgCH2GW=}KSRlktpIU4VBkd@H4XF=Xq$at9@HC&>W zKbECAuvT7h|8sdz&37`mHN-u-nGZMzETJUyEtxvJVp(QcYn8*VhaDuAMDm+b zYE6?xp`rMhw&q0L-K3*2UDoui0)Yo#wCU7q0R#+M5wPJnd&iG|0n9rpqEq_q5%sEF zCEA8p2-=#b;F8O&X_AQhi7-?t()q2CLFQ>*(d^u=q(>I+Hx~urPAZ?$TOp67T<5Lk zUEa=8Hc`Snw&Dz6joSqMiCE>)e!o-_y>{Y68xwV0>AJiK&r20k!mPzCvx2>6)hYZQ z^9+?Lv~e4aHr*mWefbAyKVy4Dnnv{UxAGHk&w|I%yk(Dn!YZFBM=C~x$8qSD!)9l9 zMDSEc?QxUOk2|duSU<>Epde zU~mqRpBZ7X3-1O*NtM4;LEya}RHIuEioP%OUEvp#R|`TvtQkT6>u7Y zwmM^05gx}DHhXe-){?_rZZ(ykV-zDkCJAt(&#X->iD>L?fm{O^Kz(V1F z{@Hjz=R|4&<>&({BRcjsV;qR1d^P>g($_8e!;_(lCB*|d+9hZngm&I&`_l$lHJG~a zDW13K@-g6e6Bu81$$?yHAcm6u?k+dvzD6#P;d^ zGOP`FJmbQn%L5y6>xmz3IAk+fm=3zRBYj0R3a$|CvdtvrH0=mcqu{H3u(ofiD!fm& zXUrN@?+LT|EcaP0vb{s{9`tvB-^unwCs&8R8F*vi zj_y`GyzIsxD&9ypP46)-U@npss@{D0_z~4?(V{wfRol$WW_5y~We95F`b+%-PbYtXPaNVf z+wr3tDI49V}(tR%>TL{g7CjD(1wC_Cq#m;a&rnriWuV;g)9oQ8=W#Rps>fYvq z-(2J7jGBUX3Ig>FgHKW8T(_uXUZ5=UUVk=kX_W2|gscvwayeqehAXqM{A53^ivvGD z56I4GB*2+VYY~yBaE{_xyU0_y`BvSiz$iqifXgWX`+nb^NPuGx`*f(AAu3Hf6*Sc1 zb`I8RnUtDrkVFZ^7DB!Thzt$2^4#;@NxgT;Ao0U$MNQsEQ*JZ3xUX`Z0YFZvkJ^7c~I#5pwgIxITz(>vBTzjY1rld;D8wM?+)D| zcVJLMv{9X0_rHJpUzjf;7C7!o3eWPd_4Rkf_3OV+6hL7m7V`SpzhT6GiYz7kIF9GM z+}Zzn!GD*!u`q;QWoK>hCv{`D^ZA0M{rm4NB^3q{a5 zhS_03q~zNU6Vhv}*RL~Cf#<-W5)qJh|6L2h#sPzLO!LZ{$XFHnVxTSrgki^5@Y`&V zZRg)3Zj}t+KB0sI5Ng9TEkMD8j7ip&`{V0!E2x%0-p(yi?+u;tlZ1i>y-xLFhlSeW zLdpfSf`(eu*vV<-0DcgeeFP>tIrJSg8=a3cT)m)Us|cT>2ixM?f6k?h35ID7-E`^- z$Mw`sVbcpzF_>}zG9)B&SoEa7sL~tRLV|h_|Eb#yqOE4WpgrKeu@isbfxx%Cos}4J;KBrPd;*Ay_q+{?1hNC~sxy|*jq7QI6fqrs%QBO#_ z(lcpqZgm3%4+wx5dVEF<#!=nY2xhE5FDo8^guSQlc~KswpI`1-Afguo$bgZjSVs9=Ce<6sXN3GHYI-lLhUPV_BjwFEI1I~L+Y-I?U3tVELA8K>6 z)1B;D?FUXtUZF%Q|FDlSIUJ1?t5%hegoAih|F*resspFS_DRB|P^>1=uZN!i)LSs}r? zsER8;BAMekxAZlV_kmI#$PsX{2zjv2cD#>XkxdiOBj5G|$W92K^@@U&(7HIyn~#y~ zK#W?qx0ufzXa;R?uoN+yZkzs_Ad*H-*L^yu(|ipxbCS5%$i1nd_;%9|rY@&Ok{Yye z{Iyc1nHd4qm09z2(-8P*1|fb~g2GALQc{g;UB5AGl*yIBl}hnZS;3AYk5e9s(0*nj z9{StC$c-t8!O(Uv6IKeHZ+9AP|w0Eq#0F{ z#%0ZfXbY1FZe*ndcdcFV?4dV;N078Au%{xWvRSX*^qeNB4ZftFICsu2pIXpLXYTEH zz%SftX90>j|l1F0mx5ye(ok5aMN7pMuXA|2}~oT---s;u(E^>Z{k=FPyru~RE8Lhcf?*3F`{)gnE>u#0%F1m3SaWu{ zI4q{`h1?SJ-4<*vi-yMOaw;5o0@}LF1tjxYey_h{OdO};1f6D948Hnp0De#c8Smvp z>gpl7KzBegXoi@Cfr$p>y}+b@(4XN89!)_DFx$=GLis3imIu!Wcf9aMqME#$MI0ry zV8>EAAlgk06bLew#m^SMeV;^sL0KLr@K|AQZlJF?%7B%B+mKd5hfzM-=D)k&Z!T0K z3gOeCB|__skLN+_0UU~7?iG;`cCMSS-s0Ue)0(i2vc}RdpO-^5%2bLljj?zYxW~v$ z=y0nGMzxb2&%i=8I=-CK(aT5ic76m#{W_fjU}nut4Ml)=T~iHVeqT}n^2OBJt(3*Y z>(BJTCtHH7)N(-1S8~^sJ!PG0r@`l|9ru9TGXdK{)63(wz?&WaLk5@Qc(xmz&Fz>3 z-XBMX1oxLB>&8^DZPAy38SCMr@0)!dKiceHkV~Y9IWapX)7{G>I!~hdY`xhE1i5?Y zQAQAX%zEW6{`L7by|_tSWO-Fp)ji7)srCAFD}VP$bs|Z61j|`gt+n9P!EY)ld+26O zRWDXcHLAX9d$`%pW;nu2>G9RU&&N`UX7FxJl_ zl*wvW#LDt~b&t+JpnVkso9ZqiZZTHFMhIGNXbEL`pcPMIfg{0A6~d2bsoTh8TxFq{ zA~$Y}W6QsQD1JLHcm8#d^Vw#$M=iy&4WgZqh;#Uix{r&>t+n8)%QV{|j zmEQ3JWiZ8W7+hN{z=iVwNaPP(eZk1sV%~=@v!0ElAbkTelS)@0Gl8an(#Q`ehr{1D zKC}kOuF!Ag=yRR#~7%`98FOA*E2uGtkRFc1C_y=78t%!stUjlZew|gDE!S&~O3>@!;*F;WVyJD$EimP$ACE&BS2Ti^P2y(j^fhdzr07HFy{av@mXi~W9wk)Y{?cCvFa1@}Gq6Q`Fdp&6DRTrf%5M%9o2rw8ZpDYiDyWbn zPc2F{J>8u{V8z$Fg!kbE_>SM}o5iDEmy~p3I_ZdEq5E0SLn!a|3&r%lLp7SvB#!eo zXdm~bbIdq@HvvGf$NPYtWuyt)Iczs@(+sG~PFtt(CM?zu@#l4(M)X$u^Jwi}`TPc0Jb@yeNO7^qP9;bIElCo=KyF!??&EaY;Lf4Wm80gM7jo2&cF+!fzQ7KM z%cpqVEgX{<6PJ~}>12iZo4`c6{sX29IeFd4AsaSjgx5fdOzsJYlAJ$!llU``8jG&zekKu%E%P}j7&1HTGG8NLZdbZ_nGAmXg|sq_ zZQ@3W%|)$pP~2Sf^L?vgpQ*8s6AyfOf=)PB?`+%_RD8zmxo1KbQBtw&bU$sQgqEY5bgXyghs5$Ub_VOQOdWDd$Sleon z_+|!dJpK%BBjkwR2#5w@`%-|y-YeCG#EhmRN+_0$uSD98h3DE0Fs}rv6{IgW>moze zfvmRY(DSR}OGVwKdX0K8nd_mDO2{#n^H^34vMW&rhn3_GFv!QSV`FE5RmQ$`;U}82 z3JifksFb$W?eOEg(LL%K{(F4P#3n6HY|%NUr(k%3mRf=4wS&Kjl@M*gSff@@QDi`Q z)DiYv>LqlwQ?z{xNMA&F9YqsG=W8DNEjG9&$x@;^J$)K#U|V*(*>@80MWR7|YJ5q< z2+iKv$-`(uewNWD|E2NZf=o*h|n^ zAO86Azyi#V*_Bd6kg^(p$*Hc&%l=%QSaJ7yBf_^ zXIO7}xRyEusIVyq;7aC1Ratj`Gqvc35rjKF@dnJwTh}zA?reeHzNB;KC=E1h#&Xb` zVd35Gd#@mC!X3}L4R5ZhYOv@wf>E3ijXZzATiqFdxgD4y?D$$~uGL?h0~7VsX00oi zMB*a^3KFm4CFnd2$X;y*EkFm56kC$sztH3W>rdcJi$pLP;w6FcT3HO?PsIm|ECl76 zCAhO-khNam+*8P|JGmZ)L)^B8ULfJAjb7G0AS5e?I50 zCpc^M9nhVl={#W^Mw4+1LBy@Koget%rD%BvEal5LvO~Z zkGdpsbUszTLTuk2n?m>$F=&G651PS{7i zaG_-}Afh4EBjYw;qmx8}OX+2^ohL{#-F!xI3-fynevrk4@9jD;auAH;Wo6?W^~R#A95h@WJg@1AY2`gF=CRs(CpL(SA=A39oIae}EJY3`i+R z_hJ0))o{cBycwp^{at2E1Ea>`LgPrU;EjI>ush(58#opJE?1BSI^TCRm^9ZHv)|9W zA$VgK(}cLcBE~QrK-Wo=Nm>0BH8y}ZUhSZx`P<$~QEDe|$algeUOP7oSz#j&YK+7J5tLu&xM)J`3$KvZNRD8Zz=;rc|rSuh|SFlXFgCJu!J zg9xaEybeB43c9_>EgySH3l3NF!1>V&EN7_3qKLy=eXIYdjYDBa95HEce>e3#VgK6I z_k;g_$_>7hUcX3i;4ib4ozA@h$rj?VBD;3RF@5~j||kn%=Xv@Z;XM1@9R>tUM1ZRM)Gy9p98NjqmK6$ zLOGT50KaCk))iq>5f=trSk+o8vz0R@e+aZxltW7Q=bi#X@14+)Lfe25;(_qo_r+D9niV==ly zbNN_BceS`TppNPxR)I#sse*y$)TSspOfw4Hwqri)6YNFUVv=V8gp;4HE3?1c9!qJ6 zmO=nA&OGv=?7^;>1RsLC)Xf&wrOBWj8bLP(a{vbi4I!v&&td<;7HUp^)~_F)oB+V& zy@ZGBQ2f_6sMa(QH{b|f#2hZ*{|8xa36+|7XL+J`za-FBZUCm)VzT-Up%lEAxC)v2 z?RwcT@c7Y}OHL>lQ8*h_lWf{%w!-x60_5f}T=KPU0A@%yH<<0(3T2Zm;n;%VW&yI! zp;j@!@Zv+Fe9S%&63Kp924EO696Wu7ti(o^Q!El1H!X9<)|+EykUT-2+wJEQH9uSL zoI8c6II@;{JX|XS4avCe0(3A*74$EpeBXLm!_cOb*$7J-72}dG7bNFHd%Ks#;;}_{ z_^?(T!QBkD{t&Vo^QpR-)wEM6FYcGC%@#sqv?DXC8^j3A$L35%d!$dw$$(3*BSj}| z<{T$hQun^VIf#__R+{kQ+70^y@8xi+I$C?NX3-FRdr9b%ufF~MrpTAseD*|UJI74g zI2~+#j+G!R0Ae7ceh5x7-c95Bvx=Sy^64zYvJ^;U%7W$w(P4L7mx3S?=c z$O`X&h#JlnzvWaWK2xS=zIY5U<|q~nV;1+6%PKj-Cpc@*No9Mu^QUMUghg>>xLmHj zvU@)=wl5VzEcAbs3qM&OL>Ym{rk;)iMQqpCHkJ%J;v7x0bbu%i7`J*n*H zZo*SsM2afJE+IzzZNu1 zK@09nd~!szw#<&%oSa@YJIqCM)y8Cn<~Stvf(Jz?D`4oFIPfJ@V)>Xms}Nseq|$DR zB`S?t;F+8I8+M;6`KorRR3MdZ&;lS73G?VIj8^<5oqRswT|fz9<5&}ll!$PH4O%){ zNS`(2`6?ts$|(nLaNsuvWlQwqxC99FQ{NGj7+}Khh09ZH?t=>7PgUajju{{!f6843 zwbNq^bI(yM756>nys!j(;K}RLvS`760kEoAo|s9fKBH0n8>TW7O)pK&zr5o# zrSy8At%um_j=nm{PlGbX7u*rc*^5fdLONG@le|t;_Zkk`ic^qJeH<&k29hz@(UW`; zi01Y|DrcH-u=dy=Ua{hMH43UzQ2>=8Y2S}8YpFWLb&=L>i4F}bmwHFk#JDk!LPbh( z8^YvVK;J^kHab**ci|4nXG`}z0g9-F1*4;{%eQ>u0iLySajUKh+6o^)>hNX${H%l+ ztcWIGF$(3{#k*4l#4Vv#B`{L#vnaId?#6&+D#Wt(@a`M>BABZpr6JYSjH9-4JOA$h zmd0;{GVQL774cCM!i&Y(-lPT(t@>HH%t}x&xA#M6*nRJ`k^vXuJ zZ3O=wHx+J~QuxvA!R%AHAa%|z)KfoBFur&(k(KQz3)SVfeDb0P*)57|IC|wtK!Kvxpna82gVA4u+(h`v35Cp)DTue$mE0kPRqpmVHZi#qpLIqwR{MIh=D<(3}xcO@$DL`pzSU4#u_@rs0>n9cb)wg2$L~l zqX8G>yx0)WQctn-`GA1~Q{Nv|WE8-ozXKJ>W7;Gf?|_3fKx(-X?!7w{mzT5dA$Ip; zb!Vt|qHuMrP0x!4*iIec4u*&;gor%V#bpn%H%p3Ve!zI(3W=R3jY4qDt$@)Vl#Jm&QMu73ZOJJ3Y;zB?q7*J=VE*M zyBY16(|h;7&FIRmbnItibq!;{1TgtY0oHhqt_~CE#$fK4yo=-p%fi?S57h-3*nmLo zjVA5X3%#QdikHc!*|bUL#F6+^C$uv3O~B*=8lksBbq`B-xipgFj||DXnOx>_tmGMG zA4y#m>*hgu5kUX>^^Osw%JAx=2UP7#RQQYdDGcjCh4xL_!fTXA!(iiKUdRKMRd)!r z2xPOh?tQlEG(T8U&4zb4ZpU}U2jXdlx3hVK-$vy=Mmbg~9G5yTaCknZCXe=@!UV3g z%mEi_CZfS$E(;&xeghTf!XjG^^rdmf;HsazrY?rz-~5XE_wy*?FW~ecnNB-*;dc4J=tK_-2inQ^VhE_8JJ`h{ziV z+1R^bZZ{|&hHC4sVagZZs+spHtAgxLb>p9&Q(B_p#hVIm>G|MGb$k?1E2G9ba0Q)* zyHGpjIeu8f6yWCzF&X0VD>ntyPXf>R0ceyeO2U14~bqp64^ijisVz^_G_aE1p>7Q=x}+ zdv!i8^j5m3p*+iD;N$mMd|*DM!8U_1iNlI!pYAwZ75nLHX~XF9=^L2{ebjRUv|oG$ z9N{&b^GA+606Nd?V!_YrB|`ENOn(0V%AoLS!O-y3f8T+HyR?|@V9^Jm(vcOzH3+nL zI^gsEVCKMT6vn;oYQ1$lfyR>G#ey40?s|8}*Li!I8R2uWiC+4zZg`UA?GrIN8274V zJ%MwDd%ZPZcwHz31cx~s!JfzlL4aOtmJ60T8j#rnb#7^L!mTk^z`#zzvf8LNYZp?C zUxIFVp3)IY3!Nr6@YJdjeo6*KD`UM>bJvUVas*(r$MGfgMfJP)`DOA}T-`j|=9QJ3 z8om~vY1X{MK%ChP#O5R?>U9zM1E_nZ7#co%ieuCnAEHC2{MZL?VNb!K+639hZ_xGp zr-zu{r!u2vA!K9bg->>&6^FOwLq$zvpH@8n0J?5TBzVvdsYWwyfOOlnLG;JouhDt1 zC}N4Jn=XLq!iQqY7GlD67{bdscb8O$RrZSX7;Mn)0)gxbj$aQWzW;vxRm+!xlLm~k1CWF-f{%3Dkf4dn$zx%JaauSASVH&lo+svN> zbKq{TE#@}MDE$4!?s#zBmhKw%eMDET#~)+~rjmTKB)}cNyn-bD`P4$NkCi=1RwaA& zru_Z)ym0VW*^op3zrL{wto6=V8|v^^yvqdpD=y7>s}p=8!+jyYvtux_n&^%pkivbu zMj?Ptx_ya&w$u-sQUZuv-cC-?IY$c_69nK>Wf3^npcBHY1pb7;a`qF11^~e7I+iD? z>vwr^zEJNBoEv+0M$4%)d+s>K6m-#Wm}2*$JRn(k=AV4A~mL3h>ZkB`8)TGt@-TkROwlY#~@JRf#R8)5ihpO^}^Egy>LF>sKuQz9w<0F6YLy)fs1V- zq?a3<%)fn>9ChY2}xH!LqZ|Os<@DLam!)>SZ_q zb~poqdqH=QotybEWvk`Q|D%W$XTV%V?r3!NfkLV`ZQKBtv;?W(y``9G<$risud(Ru zuVG^x5v_R?%$p^h1toL&kV5CW15(Gw+FtfP*w&)It_%G_5A-)Zfd3oHY-{KCY!5;# z6J;5r(W7lgr>6BL(dvG1;*6gn*8+lMFt1;Rjj*Szt{uOnf+prXqSS7mXS?BJH8y zpUeaBDDTV6&LD}Xca5VNBMm(HJhLYdKSF#Jn%gz? zPU$z^S8%i|O^eiNF(}e`-y^ptBpMfB3rag5tf}l+ZB0or`;~@<2bd?m(aPZsboB2! z?NxZN2_MjG?0R_aimFc%Pl2>1=X*DGiZN6T@|llMn~u67k0ef?+?1;D+u%xjuyQSP z2c-Q)d9|+{!gwKs$w3qUr6rrd;3qULp}JvI*CBPiLC~}rU{2vX0u^S6InEROq$Yqt zEeVy3t}Z`$!~1-ahN1mEZY$4DRRuIN8c2uXnHs#dl`s>&CZOB>`&-ssh*3 zJnSJ1;UTg<>_~LyPAkzt~bZ2|veWsu3x83E4CV)o(8ak%lIKJAP-U3s*fo-uB(BRlppD8LKE+E60R1&m{T3FtzMBaUL9_#zRwU{hMW#sxL zt8O(o;ngvpU=qPS2<5{s2(VUuSK^3Jj~NggsJZ86RXyBNS*nE<@dE`D?4)E_7pq~n z^xX_Yqnl5A%o?_?;U-7jG8xG{Q^+c6O=(YZ7jm;ZVob+wmC@#=NAgMWgP3ddno7db(r zvfrmccT`frUAo_&8+gFga3PO@Z2*HCr9#9? zd%7?WgLOtvvkSyxd4UF>MMPijoJbi|BFjeSqiRQ;NL$w!q8J@o6_G8YyfN06P0QF z)m8KV>0y6Sl1@=;N33AFos?l8KwT*u#!DAwnRn)YpfdV zTLZ#Vz^nnicCRH)EI?H-Fb4Ya@ENK%l#q78o+63oeMGB;2$Cl9xB~%NgH@i<+&u)# zCk20rwRwOru**dXdi_9E0NU*xcuznh{fU8g5cQ4#0AI`c37S7ao~`a>W`&eh zXupZILb%c0>agAq%UCQre+EeCJTkZsS%6{x)~_byx`x1`A;NJE?5X92kpC%oiQ!T? zXthv_dcdO$gb>Gwk9$tPwk|)Y-LaI|f0wp_+THMSFD2U9x6 zn{V0Iw8)}S$j$iQoak`hMnldkz+CHUpsW_}!PiNjAGi(Ruly$?L$)$k^@clBi1ijg3~2 z@b9qh<#0e8Sqo041Iz~B71%f-rXDti;>%cC2NHFSZ;jBJVazx?5U7ro>5-1ON_eg)-@NDA;eq91$C z;pBF-;!yF~5s1%QKf3G&cm6x`)79P9Bdxlf)tVU2?{TV0ZtO=P+G-RJI_k&{Ix2K- z-9`8Yl%VO{mP$N{pe5PWda-}&GJZ5vH9@pa5S_0G74bbN(l>CaIT0o&pRw`wM@cjz zbWpJ_kZ7!u2tO*zP8N`>E-AY-fUJNpJ}v|xlkejIGU;_|0`4 z96*`BaRB5Q5&5tvE?IOT5D#rNKfqt~%OQ`qVuI9qFe1F#>fE%CwCwt@LMOMDbQz4R zu<+s{qY9|fDtH&Qezk-o&ViIg0X@>$?#+-D!QL%801;2FpPr@@Ozq+gnfcf5Ly{fajWa zpE>%Lcn-WSPw(LO3I~+Z?TV-_crKJ%;on94&IBsC^*pugWkK`?MLl}ybC)JSjGU$I zh_0qu)T0pgSMCB_byja$g;C^4gsP$YvM~fip_7s0Q-y|E&rflFV#Bq`zR_IC`Qq7k z4Lr;U@^@yhhcLEou-R+i1$N8v@M2I3)s#_P7s&F`s=Z4!btc&i*I^ho8aK6fhz0$i z998~T2k1uF%5MTsO@IW{7l!8+W>lbctJUd?@o+1nP zTE_UT^FwjhrI9pGpM_&sD=U_DqKZ8EImw10EYs1#xu7z>$K;Fawt9mts^A+#Mirvs zRaB3}2D_&LvlcwWuNOkAf=G6Gv9~IHdH`ZJt2pR7Oync7o!)8*T>PAAt$R(1=1BW9 zn@_xy3>egroaL)!M_>l^=f%)EJw4z|T{n)3?WZ!O)P26GK@Z=o*!IXl{n@a%2jvLd zHiycRv^cBcl{Fc}9D>wc8I4)}+YZ(hacCXLYnh&d(*3wO8X20wk5ik#c%8cEA^y09 zruGs1h`GX!)pyzAl7r8Pb;)Wxa;h-Ci|DB75X=b(5j=Cbm_5j?w%t=aKr}9S$&l1WE$WD-&)bJ{ zoq{*mX|QfasyoZ>(f0=T%UHZM5uhjW0`AkQ57#cV4A@18k+7+hgRA zORwML=_81s==cahj`0%uVqFTSK{=dImV zHj-HqGe!E2c41AgsqpiUm5zX~5!sPVdqRKo0hi#}^pcg*lhG_e={_XON-E``aj)HH z+2k078Cof#XFFR@%LgvLR1WJgA+C0DscMen=%yuBNOwvjcn98iFJN&H6ZUBCS*C~E z;VduShe(-+k3@tRk-K0Hq-bv=D~onRQ*Mk+4K;2@?ou|8Wa)4pT<0rrZ7f=%u>r$? zeT4xwG_1-xP#f(FDwWB+rlwfq44^h0*{po%9SR&<@v~R&Iiyd7l+o|~*WC@`IARLK zSaGx}%__S{HwIAz#q>h;kTenc$|R?x_zc|fJ;Bz3rk%y1MK^NzPH8AgE*51{Ho$49 zP0~OmM@3aHKe3mYUws4v7TfI2+r^y&7w#+aiP;{M^C@rAg8OOc&MS>kbkQ{tIwn&m z2FVz_uHbN-KnfV3GW+emTcL@=7ycml;CjQ|50-s-Rzm+b7c%%ZYGE$zM=vz~j)CQ1 z7#R1J*0rYWZwx%C0%*_qc%{E4h)Iy6GX1b7UsbC8EBM|;AV^gQX^YobwBM|!4J~M= z&!gy+Tp{%SAwBIF0l3~(DEMn2SzZi6636oxmx5ou@+<_P1_dD)&NRMYu4I;G7D%_F z|K)vtuOPu=dbcja;fpl>S1 z2U^Tiy=HKS^Vp2#fejIagE1A^sZ`2z0(7%x4E|L$=*Ek|r8%}6Rg}Bc7n>~nMbMBqq-9@VzmqzLB+ilUNW!drxf@eEkD&fC773+qp9wkU;&B2Ah_Dtz)t$fBH$H2Xs#4|%UIj>^A53~@|S>Vr~-l!%TWfA;V`hmcnH5WFK;v6)}hd2t-bxjFT%q!Qy#d0iH zK-@eZssnW@NeJk+YUkx^e!9&mK^A17@ix2J|5B_SV#?c1g1!~@ChbQ?P8RCK&90rH zk2FsNn7?QCkWt?pTi*I}KKKG(3p?~gq=DX|s+BT+vB~RUrw3OnvgolqO7-SNBH^?1 zzDZu-l?VPWZ3E$TWYdq7xr2{~n0yUW%k_8byaJML8$udpQ%zI*fxTzeGC}oAD9{QW zt+d~SPaaH}5#K2GY?y5CO+h{^xgdTuEZA8>{&JaqH=W*ld+bl~*4n zDq<$f4e3EjFRZ5rlIawA)&`}qkeMI z_(}2NK8HmkapL$X@Z31w3b**1_Zaq0(fZm*xi1#z&d}?cVB-UnV&Va6Sx6dW5h#m- zi8*;Vg(L1Q02A3>4j7o85Yu_Yag?UJvkRM4Rw5GuGw>AcEH?5G{G7ASoqKwOCUU9% z+EInt?|?<&qUh`)kQ&;-15Ha5J-HEIg#HQOyV*_&Mv8#!8VNf*TbT|6>jmAe;gLMQ zJ;ErFB;Ra+{=!B_V?)E*g3O}2MOn6pR~2+$w-H!>?m5w~%cu=ou&kgL;iyCp16jPI zY{Up*;Klub)oANCuR^?gK&P*R(2UQyj7TFZ>ca^0_li+g<6RbI$D-9_9L@(ce zgJWDbWb#wuoA(1{g-3vf8PmC+aC|Rki|&LB-SNPX=_5ZV!JeZ?$tHvyL747ZfEK_J zew|b!8h$UjwL3@*hM z+Jmvgv*nR^ZIrHv8S!+VfFv?KD9Dj^Tosi|#Y*4VV=J@ujV!Ny8 zBEjf+MPHdCxzyqoQxaLz%+PL6-%iB{t4`QD5$(EkdF;rVg>)`~rmal`Y$16un2R8X zz$9A}qn>S%2fCxVSUJ~{hsLbErlF>Qq0l$o&gTHE&yv({w|WP<69j0K5>NgAOZ ztD7Bx&6wB%a$J`B5ETM&rQ43sGg9}{m;yyVr`qrZ<(?*4dX$Ah;#fKwvp-rfw1Ta zB>zSzTJ~LRN!5$;@PiBF%lP-BU9lLEu>5QD;Ou#{&$C!?jCcJB2kLB#hC@d3KRNuY zx}UPlo?W*;UZ8eIG?6qDc?9$Ey;R4tj!&H8Aq%HF9wNf&>wYnscnIezO)Atm>R)q* z&}q^F9$F-q!)G9m#MweL2jk+(mb|(Wn&BaBnKiH3kuoW#7j~afV5#OC4(t-eTho2u z;>txdUVAHld9FI$5n3nc;~c9i7B~GpGjz?D6c*9ucF$$VNl;PKaSeU0s4WIRBy(o= z`wH*;n{4|0m3>5|Ssw?Vn6mRA9YpLX(J$-9b>|Uom4U_p={j^nWz>#4r3SEnA~3q? ztnxC;W1M@|mg5_~eN^rN9jAsrPq={}G`v#l@X3n4$D|%Ztnd-&(DcM0D=Fp-S|nO9 zS2nOW9P8yTj)Q77$DeN~Vg0r3?9KFBN$>6r=}okJQYmwA9G0UC+9lrfYI!eF1JbSa zPd)PW=DQmTrw2GACLX(@+t)L+UY>tdeo&o7tn~RM5h58DMnxeiG{p`#Csso!H>=yq zyyc;A_hTP1P18OBi5(#oS4_qO3l{02;F+!+QtJ!-wul+Q^wZN!YYV|roX792 z?qZ*t^wH5ydfg@bpzFg#XbhL_3B-#&DjT6Zu^lKhH2x=p#%_hNKoYfYER`D+U9Gm^ zbz}5Rnt}0A$*h6;@d$@&2lCdrsx*3a-Dc|F>7*j#5iv-itJCxWy zaBM+BY9Ji&m3m>Xl0sp9f0s*Yl}f)z_id>$q!mie$yHU*v38o4g1$VZQI{mMq-P`i z3LTmPRxg;B6(tcG^>xt*`Ia%_g4>-W&U#<-{a^@BfL!qh-LsEHxdNgWzQB^%`RO$5 z9!>KL8P;aK#*_K1yV#Wp6dfa{xge%DO)AHWPJP&wRiM_(W$MoQ2BZY-qD96-$dSPv zOWS%v$L4jG)5jWi<|K3qWm+E*992yQNJ*v0RDWx%FylkUB{T`QJt4-2*a#L`w53vn zNF#B~+M4`71GD|8Mw?ZdK6Gt`CZ@^w%<$FMmI*md&XU-Ajt$gp(49-+xDZ92fw@>- zZ*DDb$B>+s(8NEgt}pBXsB0`xEXg z=+TG=&ETA&;66XT&yXjmXQ>U_>$1@4?RFuwemRQztbWXyt<6&P``GDd1FX4g!217v z3+K_&Wyrah2+msakxaM2!1)UzD#uk)v3lu86Ui^OU)yKgcX;S_pp`GRusIa+1hGp{ zEBn52prT5>`@9wOTh}{?<)dE|5Xo23Vw23Rq_Zvmk$#ZjLx960=5O@<-Ulj_J^^{i z919GIf8s|qy_w@s>Aq%JSNY`THVt)bu#G0w(!$G=h2@Lsig&mdVE;KGj!)QEn$u(Y zY?HvhVz|Egf7pBLs4BNM>{pPGlI{?Ykd_8XLFrOLO1fc@N=wP2yBiVdUbOTgq*IWR zZb2ytS->}O@BQv~zh|Fu{yt-T|1cN>2CVh0`OJAg_kCTzD+c=WzyoN&e2keL8lr@P zl}wCz=i)*()<*U!-E z<>?vq&d z7*~KOmpP}G`=7_?bvwaj4H(kg1);^u$C!2NhUj}Q+vx6c&-Wz`Eq*UDqF4VBQ)DE` zCWw2`2z8^#y0{0gZHRqJOzn5cM6#~%!Ct_1GPlft!UqC5wq__7BMVTI_4!09fOpL(g-k( z2lx85m-`3m*!3~o`Gnl#l+}9LF6Y{23awLY{CrbC`Rl~SEMP))Q5&;h*!9dP-m?Sh zD@vMIbcA-jRYQwj1IP!qt_n%}<|#62R~v$DRX_S{jp6`)F91wJAC(o+%6wM7(mC1v zY$5}b?Zuf>3jG<8!5T9}hLly|+PiD$pK~+J-N&|!rj1hNX`K0qR+xwv?;0s7v1 zm(EyNkb{qEjWYUgca8nJ9p?BG_?)X8%3bGn;j)jD(kI3%o||wr3)L;qsgrwk5@I>f zC=hQpURSkPHzNmK7=8EifLnOIoHE4|&f8Q-p$`XM{_1^k3QR`Pz%5@LW7!FhFGcQ@#Z=4G~%e1Erz?c zAXSP1KU~FzJ!;5Y?;qJ{GrtNAZEt62_v`ni2JqVq1C0W*I>u<#J-R-i->$YGol00k z?X8T%NPR;w^_2ybt-+2(ERPEE1&)|Gf5g--n9B2}PGP+^Al2oD%{10!c71PQC$xbX z7gN{Gh%?Pum~g~ZcYLTk{Z;i@$P57`QF!D)gZVQ>vgqQT2$T}{=E};{ab2w~uqZ_k z*AUO@*!c8XzhSO-)#wl=Bza%>;vHOV$l9~IOv7|tCHok!HlMB;sms)sp72Mk>086fhm8b; zO|}jibjsmB-6!H1uJ{VjOg8cakOBhEq$UrU-RAfUMk6pI3)RtxkkArZ?iRV(P&XGU z=^S7u1*!>mSCU_satM#&ZDi~cu<9kjQ*;mKR>RVJiDsvevU%D{;6UMc)&Y=6>$Ac`TB3oQ=uA%WP_LTNI z(}+|#9>tU6<1YWw56uenxER$nKJA$#Man_guV7PJ&ODwid zDK$yQaNA_5x_mD5^wW`tk22(*1#O^ecnPU%TWJVD~u(gEm%=+PdeYO5yvv|tY6Rl zNG+^#^D3C2PhoWQ;rDP$Iy6>BKz&C$n_ZIUi|^~c&utF7i#i@v)Ispmof9VfQ%;eiwCuXJ8H+W{g-1$ z)Pq$Hl;@Zg{90FL-%$c+HhWo119bR*p9oSt-yOG}GNkvaq^LCa*~A)4eIMB^5pYTJ zKS-R_u{v28+>PeCH=JIMuupX%9or>XMT&Fru(>n@ZPR8c;l9RxGg)RM?iiue-N`b< zKy$M4cM+i>!M5HxD$BV03rT2Z& zEIj&%hdH#VRV?u-U7?}ZVuZsyz1oVcSO5Bto2y!gu*9}Ef%WtK-DZ#dLa82)>-Z0J zm3%B*VnJc^Q0_h`s`p9@`XT2c&| zNaHq6Q*kP%uKa?bm2sV~+Ev11o=`(TW_si!H*x%3JwCg;G9*Uc^KRJAMl0PsbjMWYFG}`)F?`S!517!Y) zw73kFRGF8B+BgGLu0WS7qsp{)x_W5<(j)VBf;+gWM;8X)ymzR1%I5Cld{qQp+ta$2 zBJ8+y5{bDYbHZhZTB2)7Gu@~UBwyg20bf&Pd~XPqEE=*( zRe2#SViynj#&wRgCaTc?!;9La3@{6Z0(Wj>_-9`uHWA~`9CWv91So_Aac>voXHI>3 zG(-c`xw_%KG@unaO#d!;FmsXymXD2O!tL&a(Rj%&!hb|URKG&P({KIyP2b`vUZnrcIf9vGl`4Y4jw2K>zbF%}_`g5PSpSfS7BCbN8 z*Af6J?MvicT3SjdwLmnW1@*$qR>`xrD` z<06~N))g9Wx@Q_pcwR3#o^j6P$}6WGd4}|xZ-Y2c|L=_N#F)O$x&E(t=XYBjjUI@Q zvAeWhWd2Lb{hb#E5UjL7mV673~AtE~eLyG(@vAG=! zG&HxXCN(YpIo9~?AOu#*%WE+vKtQb}6&eC?P&<)YXZsmgf4>OCB`lGng>wBdx5Gm7 zAJnfq7l40S1H#wrOGE7b!1or0`*Gq-%0-cJn*d3_@2Q)w8vx0J$CMW!B<)ZA%B5 z;OGFD(Ljs1OpWlnl+ZU2WT7<*xDTVQ!1M-`gei4eBu6+S0Bs|txKax2AwbFuWfeML zO3VD&A4dM3N(6Lc-GPb&lbA&`ud+%ie%T!s)x|ZGp_ccHG6qD_#c7k-y4tu1knsQ1 z=*W${=>9v+V_H?>`Y8L_8+fG8CcnwIILjodQ=0r~6*PVcUG@f#4MCH@04JrBW80l) z3To3g-DQxvCQm;i*PQ2K3|1~G{6k#|IOM9#s`~=z8f;4Z=lri-otf*kDGR_%IoBE2 z$yL$vw9;DQ`lC^Ch9s+%Ew!BJt@NLG%y<$D6my>!F^6?;KpnC$cs1rkl8f~Nk$v#^ z90qs%5nDU8h^N9de0Q*BAH2-@!Rpq}j!6O(fca^$e+KAm*Pv634%#m6_v<}>?tm_R z3fx9eV%SFEFK8O#DVIEzYiiv?>vJH**ch%!9t@!O!N&!sEi`ntuC1axGQ z*Xz&!oW)N7J1~->X_+McF7UIj$-y! zDVmqg_&ToIGl6O4g6w2dLMq2|OK+RbrEoa6*n|~@DzpU%>Im8zA1cl>7#UH16ucy$HO0|ZP#M< z_E*hrKe8q){$e}>2?(Y)x&Dr}(6cpQI<~{_EfB-oz$7(XXh3nkG%f4J#Nifi>^&F& z%}j#uz5f2jc}(Dtrjh@i?m}a}rXeKCH|!zvlB?ofBtd7~G?4LfE`QSV;&2a0n|2Un z1jNPS7IyV5JN8FtNu!IE4?hw3`buM{3UO#zfp9#WrZCy`wklCgN1F>UCV;L-5PfGN zXX2Xy4m&$D{M(wYX2P|`={O^54{{!z=$9{NdTz;KBiZtQ_X}mj*zoW>^U5?#cPVxX z^9YKlj$i$#ywBqzWdw%vI(M^*del)>nd`^JX5lF?jO_e+8YvXRI?Qvit{IL?@C8$a zRt3V3oRgpDDJM=YvEW&3eBnI=`3LAWJKq1bi?ryzAG}36WF!b$`R1MH%gOI({OJEkhfFB_>VbX}W4!$2fuTg$5FW=SbOB1JEDDh$nd?H{& zL+#6W^WZ$v61N0GJ{lQJ=)k2B*+k++bkt31SW_fqY3g+J1b5k=hVI)C`@yN;#C~=5 z<=`**&a92k8xHKM#DM=!JMYHxe7e@Shqn|&HuffeG4SHpSS8m{fh0gbF>ofRWrFyX z=kwuQttk^?DO3$b{J&$^13sXKw0#k-_3%>zlLT9XPP*0YwRSV4m?iT|Nqi9V0Lzw+ zIo1Hn_)=0Pk^=fLoGN|a+ViM(>{I^y8f^BNDUGi*HUd-<)@I`55yYxc;iN%nG-^bqOqtZ)pY1MpfxUAveHT+-+Q^{TR13!C)6B;jsbs4RVw-C4n*bum^0bUE#U~5S6OZ z%#9?ITEo58K<5rr%}y*axt_f!XG>G)Q?I*9zP`MSYi7&UI#i|VznAd7?P@D8Im^bn zyk~_AShmaD@|c+d5DKU`$lR-pPxqixNc}-WJLQr_jUo~3EH;bhitH3791PZN^)0#m zS$MS41E_m7au%zQNMm+->dkBy6V1{qq(JW%_(F`36rDv5{OITI8FDWK-C<92-*KP< z`8pEa2b!hju5gu?v%K9`OJM0gN#9k8DmP7%OX^ip~?SW;g}88RKTvD>~Z1-u58 z({W~3+^gHKXEbC(%?cg#hYT8YSnU-4Oq$150t*#etBxe9WBl`!iZ?;w2q`j~l;8W8 zOmCy_zvJ@^!OzLH+k7g0R|nk(MKAS2$# zJdaFt2&!%q{D?~u zCgCMgFTQ?CO`p@IMPr6*o3mk+lDi5k=&SRw%|M(;XEmXNdhEXc2vj`gdZIO`Ma^*E zOU)&wKG?HB(rTxXW1u%bEUp7vRXQ9NnYhRycFA#(6v@Dy{u<5q$7=ztWj{>htbB(; z2sqOb!}go|hMVA23-8vRHz`=(rTvm?S(=JIx^0YYuIYpGxKrWgdS^)IYcN}$7^P#3 zlnW0yTbgBuc;V@mkQX8K;nm8$bQ&eF6-Na&zy6ib<&td-DlF9pbybP@>mgq8b zfXt&3#AEN!AaVY)!uRVw<11I*lOe%HB7-)mH_EVmO)e-V;~&CoTI4dk2R_jls;C~w zcolQzj_WpX0o$Mt0!DTi*Cj4gtcimt$DnT;UMa|N%;Fk_Bh zCG(N_DOE!6g`r1RhnsrCiTnIaav8Fv z#~+`8tr>X6J1o_RpO6m!F;mU#-n67dgdH6RKPYe@3hc0wAV$sFYaA2w^kMQ-D@ zp|xo=ykHqnIQ&x-HHw82wrFa?wO|_SP*isQJADW5ZszXvCw-DC*SC}vVVyKyUV|ak zw=?Hs_uD(Ngc&gQDJ@u{d6y}Z0l|nFb^QpF4MJEQIYgJ7(`eKRmaw*b=W)E~wDGe4 zKqrmbJAw4hMIBUoc2W1tI)DgO;CnBe6^Fw#%o+%S?KLrHttJ|96CmuCUq-ea5NsM9 z?DFGd%xI)129~D692NPIJ+QSqAHpII9?5FeZBv4UT&m9B6e-YGS!0B6dr_Xs*)Lw= z=Iru&-vH~_j=BCSR3afOwDZm@P{T(J9R9wr14NLyez;da-(9N<6o`QP6~aTRR0G#~ zstxd6;mNUl9a^?x`PFpUk$5gQ=-W`!(Y_&5lc;od&8>;x0cy?D;r;OzMGUEbs z0Nsw4)mOlUansGHI?|;`L_Jaro?~U-UJQvS)6)5mTo6L9wlq*FnB=6|o;bpp=MD1+ zOk@>=A-)X4(q9NT{dV(|ryXD^NI$B%{$+U0hAh8gt1-hyAaxd0T}+a(t%T4ioG@W$ zvn|m={k_jtp>zXR)gGzq6wz}VCZiuNL&7`Y>iN28eJUE7(H@p!v#R!fKw_8C%<&%H z+doF~!hg&rxWM4m?Rno)=T+?UEW+3WW}f2*uYMm^O0_D(&r#ZNM;}1ZD|OJFo_q34 z0?5+t8Vy9-YA#Bfba|40lfSK!tWFGZ@V%hx3{Dd_!IAk#wM7Ggpdz61o|B+QHS>H^`~M4M9h`vIHWFEjCuXvvI=kWhAWBSGmZk5 zxCd?n8FyFhP?_rRkDOH%jf%w?7DF3grJEo)6(i6>XA>&kOvTxNV_Jn=@3mKF$t z&-ho5HUuDU<`j#acG8s`zBf34H+OaZikp{YxjD^`E}0#UR&J`k$dMZbmew>NrS67N zI>50jj8#qUSASaoI&2ruqLe%K$E(TWNyWTyq5JGqzraJQYx%h$JnySdM77T}*N>J{ z8n^u<4N-Ac4gZPE-}k6Vb%)jKW}iz>ogn!M!NGVN9u5JmsmkY8o>kLFQMYrm46n2dcjdv`U0fu7d{jIfu7?j@g4`Y? zrP*NG?trCbf3lxcBg;h9#5?#Y_G^pgv`v=%_BP#>*8VLg8(Z`k_9{EvgInBUP$J5XZ{f*+Y55SQXvgLjI%?`t{b5 z|H_^-r2D~NGz2v+038T=x!fDoaUU5=b}ekUzd!3E0t6)S*uuTq+`XVLof-+|;sb>w zF99ya)v#MpiNh~IRZ2#A4m?G#S5VqeE}(VmnNiwQuepdy@y$sQ;Dqz#Nt{iJHO0s(h|sK@*GHrp0`Q*mlZH`OL;?Yv|>@_mo`^6G#$Y#S&mL`T@< zzRU&0DQ58gE}D;56B3t%d6hkPvJAn~XlX!oyjM-?b+WvOK9M#?aAe?_5N3TJ!<$^Y z`oV48zpgBvDz4LAZrnefjB46oWNt)4$P`R1#qX;3b;;q+I$MzPZb@LHt4gOBXP6KM zv@Avr>APddcTz>OtD?)?rtVuHzsEV`I$@6b=Jc!E3AFHDQ`C`<;1wm6WkRo}WT+I| zE3!XRYe5`@!5xPoJFTo1Q~nFX@`{70%U+eL979xjpl03B&HMS|s z3pQ)YE68Tx!Lhu>9AoFC18KR zOU!Br6)k6v!>h6BdmX2Co)Y#Qjrg17A&jvr@!#xMdY9a&NHQpGSBW@JYK3?xw9-@d zgx<&f&@v$?afltCrrLGbFzDcgZy!w16nAnFA5xoCqE}1^6llK-ocQD|c+LBL}W-*x3@JSLbzJb;12S^a*sg4 zSo*vco7{pSNJf;U>ddmvxK62VRrt>$Jr}3bk$d{B{@oq;U|&Q(qu&C&G){SYoUVml zpcA9Z)T2cbA=YJ@uAaZZDulI1!oAtftfwZ*xhqq+@AM4015PP?P(31!wHkh!d5{_W zz-a|r72V>ls)48Zxm&g1%Lo%r$N4O1lTdYbU%!<2>pzsqH(4PM01`qn*ZjX-v6A-) zXx9S$qI3faepQnE89fEMn?#??Upag=``tbL>ksUqO!J$1DRMMM|3&=TdING3w%%;8 z{ujIEWAv?13o!8ExsQf2-3`QQXt9F&;Y^gH-o5khHjAUM}@lY}5Z&0+!nM zk@4PF0spGJz6biXxwy+ER{zp;#q%Ertg;7@O3Z&=hJRYLj_Hur{~6k4v_t^bGTB7BT$Z*?j=(MWPUdod2H+V0ibClc6r8pioSJ2X;Q6f}Wg?5D7CeWA z2ekg$VPh+Q3QS zo5W?%ErxzmEhiUcdg=pOzr;$*kAB_sW`S=lM@@_6#xc)H17ajBO>PpdK*PB0>RX#Z ztG957@X#HTnebHAcCI!+<0ClOHpr-yUN#nz=%T(8!r7Vz(UcCFh@d;bJ!j%xCH* zKFso-cZiMUX6@c?n7IeBFp9+60ogj}*yYfPN@m-AHhiYGCxT78zS%Q35K_EZ{}5wT?7a&VljiL{1}a)NI5nm{~iYfVf8H7E_;& zs~d7KEDBp=Y?KPv@kgqtE;X2Uh)9$cq7s!CP zC#C$jU#O;4tFBAVkBykFpBwaR2wuW7V-K8R^1^&HWG%;zU5AR~xZJxm;(MO#d+_D6 z@cT=bwgy!`G)yeqh=D>}E-CQUh7 z{CW&iU@d!voPRn)Nukc?hFjn2{Efj0mpkQF-+}208R}irRDY`D>m!M4-o?}yMPb6s z`yWR(%e^B&IUpe~3%ly995RUBfv7iennlB2j`0#EP3j~=w93^f*9a-f^fNE3YtZjL zD-TH(bOZwJAr&W*ozENGgJxvSl`B`wlmT5_Gvcn`33k|oh;VYcl4#Zh2#;}yf0Z4| zkt{HIB$%1A>U)$Bf5x!vOCG~0qooA1uN{W=+hUwjz*ev}JZbXdyqohSX!km2GCuvd zD}4K#W){wD3vD*2Ww~!Jc>NHIH}8bLeC&IazL-K*=VS^A_x?_#$A=36N_pu}sMPUt z#{^nacNdKw!@jkflqeSFFtu$i17BwV&yp!KlMg1}s&Lp>>E7w15dmt6iil#6#C_B{I_0;w*BeU>yPr!W6JoQy9;)dy7 z%J?8xs^IMr0#RBo$s?Gqc+pDA1wp zMg+1cuJpj{34ie1NgY{13O6jBag;2D7gl-DDj}a()*V%wml|(;c@7QIn+B400kcF2 zG-(G_0R#SKF6L=6ia{EusYgD2NqX9-BZ1_fH=@&mYU{drzc(WI<+m8BwDgZI-G}E&K!jYQ7tZ21y8nwQ7#}h`27UAx8#sus$y2 ze!@FjSU@k2TpJWfxj^zr*s?oLxXU-)tXTBaf@UsmAw5$Xo-kfn-F><|gtB|;c~l`- zlIBgGC6gQhCi|p>MpGL$fs|Q#W?ACUw0#lZo*Al!BinV%%uXv%IV?XX`i^Ge;q@`= z>y}EdjP@mLs~g^cIYXdx{|%rdBkY|XOx~5!W#6AJ&orZv=iH>Lm&&+fI+3qjMcS^V z6Ur8BxVyaw=9+II@>Vh+OfcoEW3U{d9-O^3?Zb*OVyuw^Jd2%HOQ}F( z=HTdHC<#CJC*^mn-ufX=MIZejk5-s!aXi@0Y}I|SY;ugf!W))(abGw;q=Nf(TLeji za5w3y=ea$P;$By_hl$oAZY;#izlN4ml%1d16zaYsp`=gSL+`uy_Lx!6du42(&25uu z@}rw0s_tvMGqZyY#}YSq4YjMhq>!};_x6pYVE9&qhz3l>XK8{F<^P6 zv}L&xTk6IhNYLl~B-`x#Q%Ca0ID=ZB7e>p0b<~}8(iWz!1opyEtPbUOvBie__znxWy%;pv!dt2p8<(ZtZ}`Z`Se*F`k$C_8lxvW!3p=0f-~}r5c$z( z7+GS3QTI^W0JOkqEYR~101jr}Vf*0vV45mECW4$+(8+w%h@TOw7t30=K!)0duO|ao z!vR*_=<|d76l~#%F4zxi@@3OgEeA~JqRc*l$AMu>D$cdfB=ZKsefXeYV<90N{^7u# z$Ntd**M^M!*g&x|z>DqTd(g7c!lPr$;I}THyZB+UP$x94@D!tlZW@`08WlN< zh7SYhSUB>SX{hG!gnhB;jik|zLY^U8cM9U0*vPGziiuJg-+Qbdj$n0XQo1heyQ@7r zHZQMJ_gH9~Ay4KF-Uh2tsQaK(r``5g{2pBv{!8QU#iN)92?3gca2@I3&vf#wehsbI zkGi%T^dE36h5SGe2(Z;QDW`+xyOk)fF$-`{~=9y@9%c zQ#Dvx)#4evipj_(TF=5zuTo??rOsip%Vlyb5GeLQ{)z>1l~G=hu|CG~EFrG>X3X{)g+Y&X$h23ya3G9g1BM|Hq{OLG1<$v83e+fCTig0KS{}xB99y}M)^1Pb9sR`& z*S86A*9Sj!te4G-pbC8v2vx(YP|Kmc%PB0nENJLw?uQjD5wdg>P9=LAtBTO}{0dl_ zKuC#+pQXqhcY2O=77VB}NBu5k)msZ-Iyec!hxrF`Ol?S4rB^=TNJ<%buwY<(aUb4+ z!&kiPgw$VT(JAUJiUsr38E!MuWILr2-CP7Fs#>{aHZQCuuhu#sai_pJc=_&pxb(;@ znhJ8gk9%!&nAN%#>r|`|Vb{`@+1@ipKLxIiAj6TS5h1g?)&n(UXj(bhIzpUjYbbt2z}&bEZXA@d!i0np>WVh?_7DV<{JA&sIfCapNIzosf1YU0-Z6e zTv;r2?CteAlX1k_a$p?8<0PdN<4<+e$f%i`$a#C_N=I#G5je?Q)_UsIO^Q3?*|`NX zR3-)P_VIXZ&7AJ6&+AS-U!9aic$2>wFw6t)Q=lIvj>6ChuX15vPFggQqF^@xrXZADPrO$e;QV@a}7ogF6$Te3q zd`Me5#p;%8wr3VnDeUvaG>`d*zSS1QI)7-e`c&w-te)^F&hF0#Lk90+av=Z#ZsqvM z>E^bTX*|E=xN;zQ8JBvGLevM_D@|K=ozEP$TZ7FsLpm=c8%Z3POo*HIl$x1(L^S=z z<={T~@L5UqsH5x!u#Ing=JUm#4IRD3bd=sGG?o$JiDIX*vP~-xHp6voE`P4Muaq(= z6G`sSIvhl)r0|+xL<3Lju2Q1TsqK5Zf?#)8#z&wxeGn zr6lUDDN@FYd}UyzFcb)dK0*~W?I`N+BI|v{OY>qnFIc>tYeR8J{Nd&&ymwDJ`4vyU zHM2danW&5JYHVkZ8Fdz8kTuT9143&p1wUpbKK<-nPB7#u#T=gdfcO@0)UW6DgJTkN z4=;%;ms%rF9Xye}z2g{b^r8-xfUpRkMp8%ACGtnxJ0g1&odf56Kj^y%--~+R>J@f& zUUr>eZ1T8UFh)-f^!mpq3Hip;jRheHKKB!WF0)S5UBQph&oAB@Y5aoetcD-M9;~`0%@5}ES>g}KH_r?eYd zS%lbZJMcY@7UXPHselJ;v$NsZ&}Bo9tJK zw@8}qbYzu6t(KKTHJOu?8lR|CsCjLASS-ahuw?d?3SkA+-LEc^N+sF&RArFr0M@-6 zLAzgwXYs2K;R0BnVGt&P*Oj>4F48llqcQU}3kG3D%VqBmh=Pmkdguso?6s&$8*bZi zk=f=*-KNmG+2*E!)A-%j7)Z6sb8To4@`*c1X3}E}igWu#Z*=qJ5PPTZHnwcjkAyFR z@&O7Gicw5qHr($pAyqq!73spn&R!lM`O?&%#;RiCaN4in5NP$Qnx*m#81x}YcgX`_ zb z*CHswd(AT))REFhRzuL#t+JRXE0gBCsxNYNa6Z2U{fukngQ5i72u_3H=A| z(Y>H4uqk}jsq+yp1j5kKmtv<@yU9s+oKIf=VU(m+SdW>lr=)h9RjC=rh319UH(_qy zyVjo|&vP_^4MS;Xn~1HZm>8fZbaM)BP;#D$eq#66ore?qFgFyZF4~`lFLuJvJ?u5F zx3jM>&V`=9X~gh3LMzLR@f4e}U5QVLY)+=fGv92R-KrH*I;rcL!Ly?aB;)#789eB% z3s>Z<8CofcUDkOorm+4f;a=wO*G>@P67$3u`r6qzoWKZI20K6MfP&T|iN=6ZUZ}nn z)r|c`>QfgY5+baWdgKw*dZ&}-sHXiG!L6EIEBO6LkvNI#8d(v78#~(fX!iD8}Hj#a$k;A{20E47)^t$96j0EPl0sdlZ zo^FnsrS@o$1OshSFfi)E{$5`w zhoI5g>i!YH&wb}8EUbZ;Rg{w30kxRD^zGXvB`dux3s=paHZ2Ds(+r!5>S% zuZZ;=Q+2}Q(uW?OzaF`&4-g2T-KsiiXASKtddIP7bn`JoVHuY==P;x@y>lfV!pR)E zc3-2}LP-7U!qZ0#mUJPX1FOl9Ys9~XK9eWxTEO&ds!hh(V_1ji+b^r(*h2xlJ891% zR5ZQp;pD<>3L>1FEFT}?HdF_Oz6$Y%sGEU0IW|czYiH2nOW~vPQn>PHQJDnAov_i_ zgvXZAmO6xJwMw!|-6!x6i>TrZnt-ef{2||g;g`g^NUw12V>VLEwhaoC6)V|OG(D1x z`$m0Kyj~LZY(iSsqe6W~V5kmuEw%c?82})Qcc`(n&Fi`4d5x723KcPxN!#3Wd^z#S zX?aKfYBA^PunKvLBBhZkNSyG*yUT&nGDW=xQ){7}PE`63{1cOU92^I%l9#7rNiNZ2 zm8AUX(l*V?VFN>rhXT7TLmPOTAzOOf-R8#}zKKAUt`>DG`o7(OV1ZLbrG&$=9YoG?!u?^{V*!iaE_JTRY58)!+5CFMq4Yy_PK=$kg|-BB%O zNd}KKhF*nIb`p!Rk1cy4S*jc*l~n8W)(>GJD@?R1`>|i~!?aaZaeJoQ&H}N^)Rt#L zJlJ-lx<<(%7mOu%CR(owF?l2q`_j*bJXfzzcBrbGXXdnRYdR+u9}KfhjaGVIq>H`Y zd^jSdPjBGoel~G?_0x7)1jW3zz=}99keU_9H`jq#k(pGxVPQ)I-i4x=8srWYuSqr( zhclht#FD;^nZ=!b2&coOD!Nk#^*T_e_;f|T^5^)yt9|tA&?$KsDA}a%1i|l<2qH=P zSu1C|c&gy`-5VQjEJ@U=d||~ex{qeTyaUu`=*DqDOKXt@fSP?!A1<$DJ7LEHYJQd@ zOn>*9NpTXgXzYcxfNrkg&sj9-=|khfl6F`ai9-g)L*HIBXmW7YyoO}ioTMp1y&{5K zC(Wr9@c>kgZqAq^Y2GKy7?Vbun{vLt00Sp!;y5|yIhG;WPC9i+N|nX&--J!W71lZcWy>F8F83~ZzmO}3d!)d ze2|4kIV4A5smB+&C7UtV-`Wt#*W*9*j3jmjEd4avY2R7{(b#U$>ZOg7wjE0OfrQ1xl;(Il6ZQaM?&Z}5U zDvFDuRh)ar{Z5SOR;1v<*}dykU&QJ4)#CLL__coK_Sx-$OqJ8DXB#m*RoCe%b#rDEnPyq$$z@xTmL)j z=^oPhmEAo(>;HV*e=wl__*$3^=Au7&6J`E&Sb2gEMwxHy@^t=*pZ=46?*nFvpGPz( z{>8K+i83n-S^+0ji5CC*hkpUX%QFe}|JPRx=v1GyKtkfb{NJ4$I@P68-hT~=|Au|P zdjrO+R{!_Sf)DrqezJe9JpcbcF5^dI$=rbZi*@Z(Q!zXKZ`LpR(L9vq)(9X)`@Ya} z0aE%l%!U3)-j$6Y8#|xuQNb2>T#__lZQB>Qh8Pk%_P=W@ds;K%{%<>h|1g8v?m)Y7 z2h10YvH?|$n$Idm^CrRp5Cuh?*W_L_@czOS>w4EU_5!UC^!NTFx%lgwEngHstN`Fb z5NGjzV{;^X5zyBG@{5#HKZJA@po;8@7tJT>(#q zL8Xy@-#joxfiu-C7X%^epRm{Ev4gHM2<@`dSZ*U(bUIvZ{7?0^CD)J0#r4yRq5O_mwyVLlu!07$xEv|S-Ew#9J zic7pyAI%|XT;8P=7%Vmd<4wV-QXRs%#R#%0j!PJC(R2D3RU-g}#oja<#Yp>K`A7nz z8eVcoF-;`!{jh$%=x3`yA=f%9)!vt_+)!2N(vb{7ABHZWwxj#+gSdo!eFiufF!BLA z6%C#@qdblBvATlXnsG5me0#zIMYBYGc#D?+0^)BJY9I^EGq7L)8meglgAQWMNfrQI zyYny*BE)Vr!`^4LBl4h|&>}luQ?`E|cG&)1owU6dV5*~OyL8Jp14N|=E24|o&5;vD_WXAdn98~8zmSk*;v-k= z-l&E5%OOQP;c&}d!RF?1M8 z-i`WD3YPN>Cozcx7^ki(B4!iLk2Y7WjQqQX@9I$>$g82*<5N8d#f3`jL14>rD30MN zs}^7#w9pjtU4TM0-{{bHlSD;+y${Y>8X|AVCp zETXh(1zc}YCA=iz2ZsY(rfSWnfp5qW0nzvSa{VRV=iI;5Casbv6GheMTLCz>1A&%p z0362wH3gl^-c|Ha4vf3WOK0uA#^Px}H$g4tnQ+M@^!V6h_IV+rs1e3PQOb=`@=8e! zr+?mv{x&yq-qO7>$^iVd#14}zjWmXIBW7=*w6cBWg3Vsvn1K3Cpdn&GJ^$Rp`Wsa!-UK;y(MHsp{G4t{I)-wWeE-y`27OMPu}!+!%9 z*hjHd&CJe7vbQ|MLh0&rQw@zk8CJ{J4wOWrrm;jbs{jv2tRO$`frbM_#n_7nmHVEv zKd4Wp#-nP{`Zc!QAz#Q;6?zdd2ST3c!mDZm~90!Z62yHR|sAG zeKubZbl`(6ETTxBMtt`QHRH~1yJ{3e>QiH#MV|`}o)3c|M^=F^O8Br>-rZTiSG2$z z_nmHJKncYP6QhNq$w{L80&pB39+_Wn5;Y(H&((Cr12Da%^vZqAgOThy#P z<1Clfq_G=lfY&PP&=`R-KI8oV5-s2v;?~<4CncBuT&(#5hb#uncrO z_1CZU>^z&s-n_2$O@CW&&GQO;A$2sP#7rL6X&IJ+0} zhkj(3XJ*voTbpmHbdE4DWwSmi%AkA%B>^LgS&HeEE;v@Xtm6ZsI0Zz?y^J>pyqFe}8ibewuUjKb-PEHmyc>7=f;MXUh_O`d-nEBTL z1Q7lD>z}g2KmWO;;7z%ouB%x0KfBoA5{J&oH-~SoBz2E0=R13ICvjrV!kYAMR z&r}*q$22=GBQMrFEcyU(-E0XsnCBbVCwzfh9Iym;fXBO*lo<;C&ex|#;~(Vz^n;_} zP#lA@;crFWS4}J(wtsSk)l&TgIRV*|{Ju;?p}x{LW-#W1ne_qr-o;eJ6x(lEZy8<+ zIA8$nJ|))C>|L;G>pfxTK$iE!wf~dC`vgQIy1yaU*ao`8AM0U5SH96eB?vg6N#h{O zv)XP3W*{Kl4Jwvbcagl)&bWZ0O;w+a7bQE;;Q7zzlN9&j?C0PK` zEOlvdxfwW2BCfj+f4f3|^yVgSe z@oy?hRs^XIKqfqAm5R6AtQS@7}l_bE#E*lsd48Bcj z1H1Y#KC+mj!A(L8*H+iF=f=2L;;68|Ls5YR;WhxxEdADTpQJcQYGwMo#<0=_D5;j) zz(-woZQ`P|3Jke+)KPpPlD>?7t8rZ(e`Zz+8+!6=|)Kr0Brqp zA%1<@{%xSa`)JEV+I065io~Eakg+HoC_WhqS0zpjS;vCG}5+z zzP5H0leb?GcPFEAq=TJTz#(^5(_Sb>%^;JHgl zBhG~z%%Q8>=KcK}nq(z+}= z7j`cSQ0t~ofk8S|Qb<=Pr#3{RARK@=Kx`cKoYFpJojphEQ>+Ng19fk%@wTt@-4rBqgjts$LZdE0yEL%i zQK!JgDjsFuC)VqAC&O`{jm?kng6G+ z>j0ixs}MpR>yW*YoiehrM^;9Ntp9WB z+xq^#*T2iv#o?UyectzZpXc+rKlkUp|K|}i#EajwLK2&aD>H2OJ0w5{1D-x+kW?6p z(E0?nhW)6=tQt+7U!ftOP5MPd-lnblrsDyiVs>omC4<06H1uP~;@Ndk3GQpyxWxV- zx6m0yYkdB4XKKNF>5ru<`qy#~bU(9$1h7ca)cgHnHmriP4%e=1fnB#O23l9r)K_`w z%l^60CmoDnJLY3sEPZ3SxeOk5oVbo8;Bk(xaK-U9;kev+;Zbh$b4%(+ zIz3Lz#1S6!gj0&dF@V_B_fk2QMX>)@u)%$M!nmMq87SjCsrO3Rvc(VMlPD^){-5Xl z3byK@FfW#^Ymkf&FnB?(QTmjMmy`{1q_*mw-(}>r15y3!6Jp@95|p4_Y^$pZ1T%a& zyII>^JNhb#az-5ewzuQkthvo2N+ksBJk*L3wRgozD|R_BAL)$a$68i!87kB77L1`_ z^sUibp^9-PJKFPQ(0_@_e^kq^5C~kTsh4Gv>VckFfwHeT|Jsb)1W(zqPzeSX)4jdCLUGDt`Z(-A zyfEU?H0QbL_TsP0eUJLPSpS3(Rky+45!sK-*Wdqo_C4Si7@Sx0*P{J%0pF1XoA|dn ze9NCN{PjS};{y;a{vq3q|NLlKG}e_R?oaf;={9(U^D@}x$&t|i+~xb1&@sms_UJSJ zS}TA2$OfX78<>eo{|T{uO9!#VgGp@RKT^Wqp-wh77?5gHY{6fb>7P-_XQAcp-=@j` z?4bL5)bUK4EkLD7E%a-~Ct&3$?l>ZUP;T?~?rVab9A?e0bhM?SN>GsPBrQ2DzKda4&rYKq+fI2L=I>aY7I23Gaq0` zkD@djzIm-L+ng^nmZ*PLqQFzpiE@8C4-+=D|2^bvL$raFvv_-nnd?7ZNguUaM>Klc znT3J1Cfw5b5seUwVGIyoe>@d)upr0AqEJ(-`%ce+nFbKsImrF@iKWXR z@VR!#;TBM>KL6g4=B@piwNh4~%P!QG4D4ZZZz=|bgFr?s-(90rY%4|ffmAB^v3*H; zqi*1t_H`H{b-5PIb!f^wM*%;|^=hfcWg-7&L*nQBtpN5jFV^#~jhP z90o_U0I2Dh1Ep97E@~^$@}Hoyt@xRj0<05Evp7gmLBeGqs8c!KK(`B2Y7Zyi9|Cp-4wr_gZ3Y%)8v8+Y>dq7qb`tGgo-bKKCZY|%=PX)Ns=jbsq z+PhIi>C^xz5^62LS(XVMM2fH+FK3tWh7<=3Mic}Q-#PDglSIX!F%IUCmjg)H3K%W@ z@+FaE5g!Y_+OA@(osG1j#+kTe`XK05qHmi zJuViywrc9P{SvxD;~%}_A340{^fs8S+dRBimZI#1NEit!GkojGtrnU3hW%Vq$aK~qYCHW`klZ( z*>&n>S5qp;J)w+UW7ZIoyP!!T1QX$D@5dfyfE;?7S>PPDevXC0)g50=iP2}8IiC^i zyr%s;?r@pej*BlnOs*`oSF_oE^u#Jk2J?)0C(sc|6z*hQyYLX`yX?~!Ia_+t72Q;J z)n(=he!L58vW`vw2jb0X?}k&em^7P)ZA;kj%(_WtYNBX^GjBH1Io;q%W=dVL=U=u# z9n8R)CnhH*|5M^{v!xz;iBYXs2gj)RRxp^|-}$`KfoUzkByGF)Ky}}e@10;NLfJ4a zH7k<)Nfb?;X>))jVi8!I=!{#s04%4aX7h6bQ)?_qFz?=2M!}HIz{vIyV?gfESJ0yC z10J8Gw^g7|)9j-iqF?i&id<<(Yv;^4p0?F<*%v7;2MU=D!H#`^Qu~$~{9A4*z||Cn zDK9#L9Ro7Ja1N+Cky7ONb4CdCwO!C(Sj@-czu9^Sgz?8@EVkG2^0!HvwB-p9YLUfW z^hN!sU`#P<#i}K5Ge3(Y_2RC+2g`X$`wYUCcv*=e9I`9V?ViAN3vAM*Y_{!hx+VTG zbLAB=DId@->YFwOb5-6$zj?7ru%U09#lyVbMtyJ3-0ql9e>>@R!M;B*K5JW9ZbEOb7 z8+F*$cWnrFbC!BVYl@!oH@QgIRFQnTsM{XtDs&NAwp5Ce@>;L_KsTIWY*r#K#~gk>{m3;u=$hxa1k@l+}n>oW9+yb<#ivQ%$zbeUPr!S>D}IsIBi?{v^k70p#! zlHqpZH`!v1an!S_*qj|#Ree#Z43*8AX5LYPX(?^r_C`uAy2s{{zLLo2Yk)3EqzgYjY&@+!X1rr@a$=qTFjYes5d9m*ZK}IG>Bn zn&|K$0qYFjp3g1-F!k4u9KZxYtso~NXOe*vR@HM}I{?~RtkTNjcbP_pj3Fmcb&rc% zf#{8cH|L0<3s8j2<;_Ql?LI`~iWFC#JFkrhHMB{d2VPnZ1|i2W zd$AR^n$j8q(q;Be#RLfiee8sV&U@l%ITEkO;=8**r_O;e!0~0XWISW_wAIuzP;6Jk z>GNS3odDtd!$H;GUmhe=c%?*ZHYidT9|*+cOLL@M-BaY*4%Bpo_W(fE+bvrM#x^a7 z5(7;9j@@{vCPip{cWenspry^lvt;*=oTbCSkv(Uhsc7tsv~%^Pek)OkrR3^+_QTeT zCPXFay)Nfkv0X7oeh8EGxQe-W3R@p&wD64)Wgpct?bIsUc;yTPzJ^&%FS88_EgS57 zSyQb|qIUrB=t%IYAPTxO@3^Vq%kj1Un&m?+&$g83rU$_Osw*pr->6LXqFGB2!QQ=X zE-Pi-^~hUiG-841z*GxAIboaW^T)fECS```@zVyixQs=m)M5Jl8OdXXKm3qHmhC*% zSRmy^3LBIef1Gn5sGI&ykJ#MKjpBXN7OV3~4`O zv2LzcP3a=rJXN2-`dn7hJ2P}ueyY2nW3?v5A9oSm$RVwiis)LRwtL*WUh2Ge%~;;_ ztr0v*drXGcKAy|U&`h20)N0%PVR0q)<{ahhX9i7*m?L+QTK$(rWqI}ndYpvG)_v5O zKGvrTJy^5nctqX`m|otNRL&Af9Hq#&e#Ccu(qrYNqm!zEUn~5wF(dqjP!Z~VI!hSENs9HXMaJW)c4;6GIaM`&adTu!p(rK`ah}b+W?g$`f7Rr4Om+@< zLyKw<+HCLLQu?C+Y>Gj?`AyjVGDRZke23{JGSrnh#S2yo8KQ2_D*=ELh zS-+FI)Z~EFGgtf7I9&I!#bT}oe8ZkEi?`Ty4SX-?kEwal}7! zgiM9eP{jx=78jONIK?uf_jE(%Fpjxroi0X za&wJLyKe@Dj2TbCfe$hTSTNvx@16nDRi66#13iRyrK^;-FOLKa9;LH%-T2k`>QB8W zbS~u2>rXwKq-1^CtNmu%94hee5nJGOS1En5^3KcpeB*phEIovxo+OCl4uZ&A%H+op zP3e+way6MTh0Dd+)wl23QVRFlo8_0|B9jC}u-|VgKZc#8ip5`d9Ix{%XD<8The_H8 z;PkH_%k(b67q8bz;$<9(+YwF%cCT8@4s)I30hcsHE81$eTzuF1kS4)ALT7@Y;+fS` z$XPd&I*-z0+OA$|!llIzgQJT5xTMDV@B818w%-_SAFKDiFD4RpzkyDu5mxQyTn5b{ zL4u-bbJEPld|2j@oZ=ySPIWwaIV5noN-WWZ=H1z~r0S)S4gH0k0|LW&87$=a^M%eR z-f_Ky^PQtqy(7Y%Xx~ovaL;e_1Hy6Tl}rL(7VquM)h)gi+)7OKE}=qDB)t(^lGuGa zuhH^TPVal_$_ec+a-r30eZZ~eK*j9B7&1RYFWx4jzHo_aPdckKpY=tovLSPT7(TFB z`*2Pr@e^AL#<}e6Iw9cfxN3Pfe~0K>Ym#&TE^R1Bc-j)pT4|#?=Y9u^IKYFOl4t) z#=WbnqauWc%@%3!^lvuXW$SEzdcXNwV-w5@V{2ebML*=YgIAtmeqQf#3iNN77XUxe zirH0j!h{61F!z`wCdHtCr`4!*#6&B0a*dZ5;yPM%YWsspoR;WfPq(UQi9K3fg%CI2B8-_0v47puGrO&*$b(t z{&gDJk}-3S%!zk&CU z8ri0gI{~iXDLYym3#tuhQCLH=V$k{un&i*DBec3fu$xy6Q1Z4qq&OV7<2c4TmbNU0=~zj9NYCX%NnKg698W4*Dsp~m}BXw$aSSK=b5@eE&5sw zyy0X3c!GpP>zY2=xEC#%gi@00n*iDZ9rj(1?g8=y$Wd4>L`YUjzD|eSs6_#BgHymb z%Wkm7;A}YBR$~|~y_8`1#4Jx{4EV;8UbinmBhV*=O0BD0qOTp?0q&74cg_p!2B45O zz9F$wQU!8&caS;vS;r>--aB?IFf$mFfcFa|#}D`syNhEL5i^J{c1%yV$83PiW$vpx zHQzCq5E_`pPPF+Kt$UDpM&+$siIXfB5-(^w@WaiAfur9tocY1 z`2=NhymGr(O&@nIK^_AESQa@-zEEsd{&?E33n>TyzeLewv7^jihcf|X&vS71K(ERh zp8&Q*j)f230Q-Z16XHnKb1XhHu|gW+KL*+nB*WOuFVi2tsS&zMsNiNU#M5FP#Y<80 z-Ie<1W31GK9?gS}2=CtEtOt~1PDOa1^UNhnn$W&ZpH+9w+%Q$mA9z! z(P@Tv20<2TDZrzYv}GDS2HkRFSWgA021NRAcB285MbNV3o;sLj?vc%_3R2Jp+tNEP zM5~v3Gt4}1wU`;Te0RXkElPGW3i&;GLLZV9yh& z$da*8%G{X9fP0beHwBx;5uIIPhf#HJn%q4G4-jnoC_>J{6MO$PAJt4Ro)^&xOl|96i7XeD{qe!jFMgK>1Ky znk!@F7D8)NqA2A!$s+`b&!B>e`nt1Iff;%>LFPH6kl(pbZ`nOaiN?L$cDzpSN#YF?PZukan*FLu>uuVXCn_nL=E3K`RkoX9b)ouJo_Z4u^}BaSeD z3w%ef+~guFK*;08IxTV)Rw(Z?_PCkuS$u51sQPg)IzeHP@3!V9yP@J~g(Q_t(eAZ!4v&y^gLQ70MiO%tDkvh+m0isw_P zYhlG7<{TnGAQInGF*#=lXYFtJoqBVmC{UUkGT>GA{sTuzB_B{I&*R+>glcx|O)QoG4REhY zs%v)wZKjEKPC)cVmo%&SODy)C{S9hOplx|eo}PZ};OS9zLYgKAF)60f#nSx^M0zu& zhXKu%@--P?duL8837qQp;M0PYok1xawa1ZDUnurk{=lN08#R-(R!S zed7b0;muEuvwVVTd3ILdHe}9}_>*I<;izthKt-{bB065*4x4&Hm6Yyz+8gE$*0mt9 z53Kw-6~0EVB@K1{Tv#d5gupem>t#c&VWyXU>`iX!sFWHu?m2(xq2khD#_Mt`W8lFpKyQFJMGWl% zh%Dt6?^%w<r zXy=tywkirnUy~7`y!v zcw0v)e|X5Ew+z8-^zy2~iLF24J*SX-wUxrb^C_i6pQnDt6N{p8pwmQ)$li;vP4XBFXV`j*oi5%yo{_A;$n7`W{k7Bz5!OsqfTQn*-=dJY_I#UaE=0P|esI ziV-i@ATCj81Yk1U(QB;?!u&^!OY;zWWyi|-B5bBC@o`-An)UtD&J8Llv$xC+axLm| zlEQ1F);>WW`2lS+*VZs72r%OGL z?4jj;fLH0mzU)s3L@pLyDRE?)pb~@DxrL~@50gpDZyRiS*QvkF>D4c2G)hOb!|htz zSb9}^7A^RP2%d@MH{R;E#y7d)4RUxn&cFQ0E5hVq4Md;mzITT4xLA@h_k1?_{OWeG z-aA2sWa;hASTY4k-s?H);-LVLUZkaK2NZ;tAO{BgeVdzMLJ!Cg5%3Zz|& z^6-V*cUSRcHq&X`sn!i61=KI#XOdiQk}#AwwbNU1V<0m#Qv&n#D1mN7%ZaWkJ%Q&% z{z)FOWF$`;J~tWMm}|{EwLVewus&4?tRlb0SCb)s$%U56u(@Q(ChLK zG0MU&5;Mwl&@ox!FFfO`HLAN>HUXK-&5oB?zanPDNlf_p?yFmsPx*N08*MMbBVo+9 zuo5xgm^qm%= znZbc2^8Yw5oW%IqMk^om1ufq?3N z>%z7P@-IIN*$wGs{L72|$EOQUqpeb!?w>jHzi%b=f58HhzuTfokN#p({5XvN8BLHk zo|(eI{uTND@l8!QNM?gB0Y3uRH(vMoYR9}pVyZa+=2wgf|S2mU1Xh`knlpnHhZ z!L5M(=pl}d<5a^j$YI@tO7~xC5T86RdiI|6uUT>&D1YIN71E>WqB+SGo8Hu+XfEN5 zwT@30j^!)=>#p8q24rN5<@b4j!D(HEN21Z%EP&v3WbMqp92fu8$Yb=*FEKZ|`>$6zwde`Qj%^(wp2G+~5pQ342QW@zIw3g4B}uTL$f3j9<#o|I8Co3Un60Z3RgCpXyx~ zy4oY@6|Y`u@Yx%+LA3Q!JA*8nsWXi%Ft%kt`7vX!;_Z3K?)d9zVtn4Z4K%mV^fntZ zsCnL(&OIt0s(sr4bT$u!WdVs(L!Qr2T)FQn*|N+u$)uf7VfFJQN{fY z>OMx@LDJnX2>!I+ke2qwlUXW~`ph%h^|W4YmFe^x5BJuO!mQ}YSj$?&>AJds;S?bc~COQ zpgoMy`LDIT4cq>U6?R^mMI1Oz1aP6>Wc4TFYal4SPq#MH8lp?uN4@ujL-`t}d7%iv z+)75CZ&D>p3f;;Jl}{pP5`KE$8cVHNagX6Bcg?;uhssv+OB$TG@HG+FUsPw%MVT#T zf~ywqA&ol)0;RjojfbCW`|^Q!nH^*OtmkN>pPYa$(aa~8SxtLTIOmhq=PEI-AG0LQ z6m`&Dx~)YO4uaI_2kjn`qsQ;=s^KA@hDMjiZ4l{oC%xMg6vqzyXl&iqyjbm_8E)eX z?_*wnQM>ckNCExgI|T^7(s|xTgPqVj>G{X6<)ZaZ7{$`CA(ss$N@utZ5ahIG8<%Yh z_zrV)dh9Q21zWX+l59UjK4|wf^KA9%5q=nqb;g?w=39@e;HQ25N;d78c8!k4@vdvk zIgl$z8z{$Mz)q_ebo92liVw{PG?LFVS1E%=@+%?Z`%c1pqddx?DSqfPTw(s#CQ?FC zz{k%z8gVy_LyEaDKa1?$9Isnn<|XCM$!*hmOC4FMXruc)+ljG4 z3@)~f8Qo8R9Ip`OA;jx~+weHLjQTC29u8&v0090i!m#89U!YOOH2r;ntX<_tqjA5# z1WD0kBqD5V(3kobMeIjlB2P^QPAey3h4*JG>L0r=Sc_|tzy|#PxQ~Gi*u1Ey@AvV3 z9lO6C%@mtN#r=B+L;tNHDd^M`A~iH}`;YcfV0pIbhefl(3@i_umNCFTl`9%bFBD7z F{tu-H>j(e< literal 110379 zcmd?RcR1Vs-#^-+rOT+csM)H~)~ZsoNvTp*yESUWtWE71Y0=tLsZCmY?_H!QN|c&G z5Jd#BS4bo|Z~cD0_qp%ib)WOQ&L6)su5(@KB_iehevRkrv7QOn(onf{{`&b7Cr(^a zeX68$;>4M*6DMe{(47Td(e>;V1iqYf*HKYCQP$6~417alqoA&E;zVWag(LGb!1w3g zJT-Jbae_1S_}|G`?3VS36VzN)C50D0rmJLz5f0B*jQ2G{x(TJ9J}RjHo%DH_XQerf zX&lqk^G6GAUEldqr1ifWgfodvu-@_wdospz>PA%;o%2n$%1_EtJ!fvnN%J^4U#SR@ zVLX|_8lrtFA{kjC@l?&R@-*`8m_M7ezx1ma@F?LAA)$!0Tt?a1&Bl>s^Y`%U`NhR6 zsL|0CO)}9)fa7qo%;a0dM70e|_3K}EZmE9y`$&C8&n0iLia{WfrCdyXHT@B~b^rRw zr(5b5&d&eyJjbrn%=n+@5~ZwBYX3aXyBh5J&u<#4u@Dpa_ixp^*v0qH^WliLhJXH= z-K%@7N&h@ozx)5%Urt)>yFVaQ_HDh%LmRg$_0N5DScuKoaKnyVx8}L24GkNuqzJSN zqNQ1%xf1iwJza`yJ2=ryTq!PW`SXEYr?`Lj8-^81>AhQ?gDhZMs50>weA1aHY!tDE zu4j>&_R#e$kMV{d?SMgx+mmVxiLkXkEEVS-2_`|P1qWuB`OayzqrI*IwlTbWvlFc| z>Uh+1WT6aQJKxLwCK_BV(SzSZd>l|^Yxb#mJ{pTpd{}oTn|<9~H(CgJRa`ATizzk{ z17K=EiTqQ6WS0^b&UM^|{JPI*4#uN|o3a^N$e<~MO_(FVs05^cekSa2b>j-Plb33G z-n-ablt4h1UO+&Owwk!}kvyBthuiKqzF0owB5G2mx3#nXP~Ex_hJERWYjY#I8bXxK za*6}CW%x9@4IH@M>RQfJ@6xbdwar8xMD9N*LD^iX4=()eGR^a4pk7LZd5!sOOZoYZ z)Y#*}Q?L6P!)kL2pYm{$E7Oor^RW`c z&OH~2tjP|V7qooc5GfClKSjbY+y+FeF_$F z&ufC1?~+LH!oes42%++;o$wa#f@ZHH-l!vg>LEmvH}W)aqf`ofY7}*vwZ+k;!w;(L zDwlkoJa)S-pSnvy$U6H!Zq+QHTO#>*LS}!i>M@!#tL|`ehs!#=Y04422-A^1mVvnZxdv zKlISh}pKK2+SidROmCIfCNXq|QiLh}YbAG8K}$0Ty)n+CT0>RseU^O^fDd z`q{hwl0@Y|j4u}bU}9Be`+AT8+Xl)5mJjnFt;%I@gogv}#3&|^!%F#opH8cuP)fTk8uH`+_=4*qe< zqC&-S=-?N*EZ)d{;>-sN;~UW3=Syk1UY z*w~uwM~gf%w9Cl!yQd^OZ^IRBe}+x+bNMdB%|+ZTdwP?NNQ2l4TP_jqY{gIv480^7=});&-vXe7a8w2t&O*Ev`swxplgcmxfmw|vnM zF47;dl|OJ)I#;v-Nl+FTAh*!=`p2$#K#TZOZDN|bM%^S2jHoCCTzOJY z+ds|P{1%v2xQNom92tqH_U7KU1$O?SOA>)=^cV3(QY7{eMqQ+)+22=5IXAWuN1bbw z5XRaH`kzw9D9DhBF;sVIYd>uEZ(bC1yGP02Pq2_|)phQ9a$e&h#dVl*n`d$RQa>OCr7 z80g7=MTB6y;R|x-DY~WqKDdtMM+A&Xx^F2CFT66FSQ{~mr>dDqYr6B@5c0Vkl2D}~*g4_r|yJU5>IX$d|5VueH7~kFb(~%e^CdU#RE-oEKS#-UJ*u$gpNxtiJ%4tGIWy68IJTbqa zz|ORr_HkA=zW?moXSyoihn8eklV1*fO)nn@is^tMfn40ykfrLCur*-H0z2E>I(weV zBzLSOV+?IFK2I{@8IzpTq5BhdCdo0la3|o(L^YkRqR&Cwh?|quobTRb5JXP;>cW<@ zV2#aQH6m~F3#c5P{+2m6vaj2*l|F5FQgGeJnbOY(*0!EXg18+6pY^47+fj`tn-O#~ zO(t+tu}{^b#4&RZDZ1)y9!4P;%`fU&HT71lZ561}c#GI4ze7#n>J~Iww^8zHqT&yq zG#r4BvZ;Kv`egQQir-C!S&NBntxtnXp7b0C1PXDAJ`K^J-*o>cl1)-8LJzg(ZKz9@77 zsl*n4ASayNX&K@sx$tZ2x=t_eVz;cGq+y+LKG~~>FDWPSd-4$X^V2Jxy7W2p??eV7 zn{S=tQ<*z)$^1x(7w0Rl@P?)bW$N!_|2W?I0wiGTi4$o#AD&kS&-7n!taQ7(+c~TW z&M2#w<6-j27>}VNJuZfv+6~f9T5HEqXZH_pH{ASwGa=#=ZB4?*FzxD59`7p)xmPH; z8|jIY+NSV;ANW{jO3TQH_gJUI`-yC118(J}%ezltr6w@P@Gn>ba4Z`Vt zDH-5V`55~Q0+Gd~K|XFprZf>ur~O|XBQ&DZmp19zr1^HbO+m1tmVrJzZ8PD!40pJi zG^*%DrxnkX<4et^&j6CoPfQ&oE5V)!A{9b@rAg&)^U)wm6@R7Nx5-Ov`u(!RNFF1D z;}8zj3hjRJc#XA?13GLqQ6#%u&l*QYLb#01-cT0T&+wk{EyVIX@_e}c5wSjd!d!;d zXB*ig08gjr>D!-~7D8JU$W;uUGgVnByAP$@4F*o(islFMHgHd6`@%KjCkAW^TA-UP z;VT7QdMwJtUJ--wFFRhr^Rk{lt4)6vH9`?^IRfjj6DvXTdDj!4z*Km`S#OX@DC6|W z&FM($=MizYCXH|6Y->l^oKy$jHFntk%-50rWY^tC-5!sq+LuG$q-ZrypS$HNMEh+U zd0T+WJ&Y;Bf&u9!*`ltMnQpYYfLo&`#^a1B-OVPhubAa%ra5empf++@@nZHzRxLg;DtR zUx&7f=4K&cJFgE(oSXN9pt$~w<->Cpw;`8#*JN0=IrjqA8&y=S+&4r1a(?nAD;>&YLir_H;WqHkoN>3Fv5SI7%IrJQH*f2avUMqHx_|hhQ5H#gwg&!1` zWQrK(E>(0jr43wG;B={bf21Q-pS-8r$ z;jqt}pm*aIW=B&$7whcz<=OE9ZMyf{OkSDE-F!rpkA+T7uG4k~PT9=|P+YQ{x3h0) z3Y4^;yYG)7nc9cm2H=#R-bfLhA(&_z&|;+Q%d9knNXYt{D4D%>?#{W!+p(YI-pnqs zxKK2xbxjB>{hJc9v2%^+1o6LgVBzB3%TrixtK%8bv+PW0=W#UC1KhO8!(*^nIB z9WvjU(9fi3zsV|8oL6S_lC>9OC@wHm4-aZmGZ98BoH5BTBWE2wHGQ3vw8xexn6yoc zRo#_7$4Bu%gVmj!$MHKb>Toua5h{0W5|yAGz9u}ztFpvC!1O0@l-rn^gml1!F>NEr zYgEzN#-6DeVl?HDyG}&ST-^L__S<6GCvGF*w0rf1;C|cXhUZql$@_r%fGgyiE$3SO zsTp;s>CH_(Vh!`DM9pd1c$o7B-j^iJR@(gn+ zb;JO5&u@;N{44b>{)D{5+0-?`vG;pTfc!EH9N!OzlNzWLQg>n;w&id!ZP;@$jhiE^ zTOYY8Hc)WSbo6)vXkW5&Y8dj)oNkGscfoFeh?v;uIqMOgZ0(&d5#MtnhB%|nF1m=4 zvq?J9GtE~{4%c6wNTW4@5&JOL3DRY_fnibk4cOLCgp^)j&>mTifogY%ni->Ia=f=K z&ag)}N2&!0@gmg?Kd|2G6GxqKX(`jJFCcL2Sei0T;;dgN(j1m_A8RF**e`s$(I|mu zH802qb%&NGx$sJm-x~#Euez-qU4k!vm4-gl7L4(M=&Rs%Ov9Q`r5BqpAIeJA;iQOL>c)av{B2el&TOHPU~4 zGMdYGP}TIFxp2F8y1rjb{2A2fd%~cAuF~mzKzk48AM> z!FMQ>>00okjQ9`RvXX`m#^U#)1EZa?{Nymo0)Eko#dbx|;f04&E;J2H*XtDWxDIkK9q3WBa^2wb%rN?TJBgJ<<<{39y(VNx&I!;GeZbv=Zs`t|dgW zr1h-8KnXjihF!uqc!4Cde`W;aVw1((a9sLzIM2?m1B&gu&KU1KivWQ9-xe%6+Zhs@ z9^g(U?m^FWD!lQ%YMUcmw zwe`)kMkYpI=xlQzg!ILJN!v`_oA>NNq8UGQtIDN`q{UEbD80qh>MM&(rdT?If^K%K zxFSfs_Jea&rsI2NOl|7=?l7K#XD?#!W=`uq1D6c{6%|o@$4?W*=7Q5)$v7$n0SHVh zCbf>eu)QBt15-IYQT(uykXpKJMOoA{o-4P${~|?N&pjaMKkneTVLqaK7A=7PNw=cM zZ|To|CZwfA3aa$+x@5)j{At?O+dG{OdfuOq3Iuj@(Y-R?>G{1J>>k)dv% zM39B?TBoh?DV=t^c3nVtiytWsSddqM>^)M@T~j{)S0vBrxyPpxr718%XOnY}PkOy! zK4#lg{m1cp1t4M|rc{`KDZj&mw8t8&|$+#-UMC2Vk~J_P!5Mp$)dq@8XH z1E(epouj4BmK&$`N@-=j6K5q~?BcxlS9Bj*a{bY8%Wm>U$;>fI_)gqM1in1qS?Fo3 z?_hEa7jE6Y(1lAZy``$lEU>{#hocEB)o{E6ysr8w;j>PPcEH|f8g}~cJAoI~FD2^4 z9se)jQF!V935~zXEWmr>FVF$5!Q;pcxVwK{j@_%njI4$)2V?}fyYt;?+TOo>>iB1} zfif2VzcDHPziY4j-*e@?PtVS?n0RPc0(HuQw7=G=E;apPMsDVAd9z!e^?X+}7NUak zM43p{HGj$(#8QX{Z4QmV8MsT0@KHa6DT}5$ay#p;af*`f15h-1N+TBBng=YhJq>9$ zD@^X*8av%o%?xMU z@Bk`bw;mJdUuip-wLRuDI`GH2Zjc|2Q>QZgUh_9kM%#iV*Wg}F)5`v%zxKzjAOq1( z^;g{&`)+F-n@BqYU{OH#)-5q@@pI(#zZZu3%DLDbU;z~y4EUCjx7-?va-V7T_?k!}g|hU!cj6Wy>|8o_ni-!p+pWQVwbzaPgxEV1>IH#Ub5SWMtNxoIUcQ+FBw zQ$3%~%)2A&UB%q=f-Pt*xv^Zv~do;D|1${~M-JI;ER@7!7MHiCmce0^!@^&la`2u_7D_whsW6fi|1!VlfvgZYP&BF? z_}Vd}EH^!qYLW0JgscfBdt7fmIVp&56XoK^pU`0DSiP};g(gugYBKnTJ@D!7{kO}n z7D}kLYWf@tsh)iqXzIHs%rac{f9FqJyiIzKYd%Np@V&M%xyyY~;7OKs!Wrt|DvR>R z&GbWg{vCm&PZCV~hO6bomU3BqNwp4X{o6)f-3lOc-!6|jr@)U@?JFJT? z5;C%FiatvW#Udd_bzi-*RllX=!8hJ3IA#moNA}NKPI{Fy#ky=~;=SZ-tD^U}L2DlV zkK+%GJx5;_S{sFlNi0Zi76aC+tY>w`gA~ocihN!5yydY!9id1E6_Q-i219|l;piIa z6%>WxK{H0CLt5VPtaQHm6K-nW7AI!=(9;;oY?ecBC(Jw_)3V%OpU`?ZT zQu%fo6ZDMf@c^K0MR+!2Mi(VEF3GV&gr9M@!3+6}LiUMd( zB4vQhCOvM_in(p=C}AnM1sG=UeANGqk%cn3xHSF1SlR)r9=y?L%Ytjyzoz{YD znx_9K>L3M_KIm^?Jqhd-?t6PG`9(eDf791V5|Z#Wc`Svt6Ww8}aV9+EImqq1lAGf* zFo>#|S`0ijU*wEoQ2*CR?n*jUIob{#M;79(0V$Pg9wkb1Xk9hsGatPSb`5x!^V&8* zI|~a&9N9=xcE%#rL>h0^2Cx~_J5P_Z=mpNO?!Dr(8xf0$5-kZ>UduQ6=9QZ$+Qa_9 z@hPuKqnN0@fC>+_lLeCVpqp|ZylftzZ9|kz&@j8+y0mj-OebIg8xX9Q|FVLk5CQvC zO&HI-;}8n}z9YkihppA3@*bephyjFe7-2xs+Zw-+DMf@1=c)fQo)_`%-;$iJ03~zE zK=pLuXQ$hz+QvnSfbr}0*fA{_-f&7l-BDcc=7t57wBAbwMv$D8+JulX|vlZVCtdhI6GL+LSRM!E`hGC^6+Px&ik+r>hRKv#{?H_?+ ztwIFmfu1E<##>^kpDtuSh64soB{MDM5Ki^AFWzSImS=#Bq+||OzYHOUybl<(X$8in z0lxP*-Ij?w38^+^dN%U8fG!FY^IKA+k}@hzv*ZQs2SCe+@`=GK_#GhYB5i`Bi5T_n~OppIpdq%Xa zJa_ry8TdO?K~uDZ?||eX)kt*Xy$0#a^8PjcRLyD7jm?0{nNiQ9)#`y>2h5TehPi24 zBdy=&chfY1alg#4n*V)6NEb3mRI{9StrbcdA}4VDfnH5*=Jq2y53PB<)qo7=A;+8` z0D)4^dv|s|z_mE=-mJLcoWP%e@Dlc(8G8xk`h%2?`tD>CjhkwY1viz79HuP!Z)CBJagl5K9+tP{&gTjuD;pJBZM0~@cM^Ez27vXdtiWV>pJh8+fhg+ zme-cQFAARI9XS~`m$I% z&9f;ZZ`A*5KTqA@qn>bQ&z>)L@Jc%PJ79g zv^oS~SAa=wb8_^533yoQYXCY*o-~%)2<1n6#jly&^enfFw|4kf-LQLgX8sVySQyQc zeYYsdx%FV|4>-Jl^yyV8RX{a6NE;gPmGkW46SK>tAK=4yu&R^5wsjxkBXu(r{G6A> ziZ#N`MT%-Tfr4tdNe)48eO7_MR>tI=K(E+*c%bb2l&u{%ky4LuAR(2guC;6Bv{>n6 z?g53vDXo*fF55FIs$w(M7C^%?hR zXIl08L4N3OrQyQ`vdOgmFtxJ(kn|OUAF-F?)Wb*)T49*8s|xu{Lz&;)1mAFpCp?aa z8pp4F$T>0LpsAr0hErPJ+;z1eiZLK+)y#=llG(# z08PaF3O+OeqBF})x1z82+HAg0gm*9~280W|wdUqfIG=r?_|G|##Xfws`}A-%H@QbM z@RPH?%I2c^$#<_;2j;z^vLcyi$hB-Gou+Sx{YZ+^(X2S#plD#JP3)8Lx@9p;U~@<*>kDoH ze-?jy@ND~|L^4%O{(M)Ti}~z!BeVHyPK~TYunTw}l_uq)F|3;vG+FIQr!&_`r(qD7 z_oq5+p!`YXwOquY0J`2qlUHPLjabuhl0or&`=e*?Lo~p+qT$*hdl2AqPX{{VCWX~r zBI>m%1MO}qZ{I6CA6{ws$PN?|e8-a3j9TgLJoRadBkjx5y2v~zqwMsIYzD&$@!L!A zrhM}?U!F;;j8w<`;AG982u+EUv+DZ~w_5FTM=3>Vgwv^x=;Nhosw-hw7Z~UaXeOTc z*|y+L3YjDanjpB|vq-1@*vkDV8X!Z7C*UE}re@D85RStE8OW=HSpOL6)BV%P$E8mw z^DG0Z=wC?>RIl^z8?9D-xheDBIEwrx0tlY z<_T0CRyZ0!xO(-P&ehJ(k?)RHFlidY3oVRiTcX7`IwM)~-_Z%#TqSH7zrz7|n7zyE zcMU_+=yHG-3bO^9X{Ig>*t16P<43Ii?!{3nOoys4zRtm!dB1)V;<*#}DBkHCdhJV( zLj*r^ET($8Bj$qU2-JOU7Fv1^!3_ZC z{CzARV8i|wMq)q5UF;HVTFSCOCJJ}%uc0H;oSO=py_@w-eX+^Nu4r~7A|_E|Oy!@; zk>L0rgTEW=mu`3pEDpdSrtBLt{u{z&2nx}I+(MYSdmKgdc&INGs~5XQdunY1MkRIT zCYipParX$^od&p#;f!v1{2riLOr+Rk8cw+(g**9@j6cy|JG&n)ia2tU^)bNhqg_M+ zj)NMN0K!Hl!~nns*KqBRN?GY7!UBBG;9s< z-6G=4lj^(X-L2QB8asg)LT0855MJqQ^2GNdxPa_xs)l;Ny0)U(ZRK(o(cc-zn zTXZsW?MWL7HqP||MsBNDDKqoAjK`*y$|JS!+)dx+sY}Nt+M4o%WH>hnE#}+r5L{B=Ujk zZGE}c5%{uiy(%%?J3Hem@0Tl%qhgD5kM1H>VXIS(_kTr#3P}M=b(r6465xY2h9N(_ zd_zPakmwLgZN1a(#x=ZtU+Z}J4#`2rpg)_alDC#bZIJF!EIt1pu>fc5AOXk`OSJcZv2O>gvxF%HI%~bPaJK|t4TW$ zd`)`+j?M=jNL=>dVXo133xQl1jZQ9mT)+Wm6Ky@Pus;nK5MrlWUycQ$qdC4$;0vj{ zM)7tAXB8DN8YmmFu4J-zBQ_r;SAi!D|18}D5p$GwVbX7zn{cZrh}AC z+VC$PhHm!=U~9AYI^29K(BZ{pO?PUaGk^7&ZB)!B4b!chi#(U@4yJ6y>Z+M(zQOdk zd7)iw#V^tN;q$_SFO0?=O8-?Cj+FwvzhhcxWu+3ua2{+a@X?IMENUeiD?nlZ9n9YQ zL))eta^@&KkWm2&IQQJDMa+9SOad3UZY`>u&@^OFv{HVL8z*!Lx}GA@y|&u`(x5;Z z6}6R|H}}?ts}47JXw#pb@=D1tscA?cy_wmi_3*X*Y0{iQD4e`%V@E?A%2m_lezWWW zd8myTwG&qlb9WetJ|C;S>j{fLu6=eR(a*)W6doI&efQ=qyfIk&&1h;ZP4Cuy!oL!3 z%4jCV``6_&^FKSILgOM1=jRopQIEpk8V>^%> zlk&-vrS&tfFIGGgjoj>~0jR2J{Y#zH# zduRRxR!y`eVUm%z$8caHknn9eBr%;QKA6#1uk_XDcD(HLK6~nOUEGxWfVwbl=qEPU z`fP2>)8p}#czXI$*EwN2)}o{yxA|zPyx&1uvw*h4MH1IkJJE6O$3YdOluxbTdpL4# z>nI~W-<1j^i0%h{{BkBLst-06n+KE%PuB2XOOEtqmrjxHC<}LkZqu*Vo)59J$Q0f{0jU@6o+WiKuMl(vY z;0eF|uWRnC`mvjC$*a=9UBqYk_rys(pZD_i=Y!ivMlLO%Cpm5?MkV%X60aT1X&NZm zDm}dvbhe#JS56AoN`I3!n|3%F9kpr=y;T@NR<7;$LUfj!k0)I|UmeTK_}arg=24>d zXo9yn_s=%fyzJ?E7f2KQ6A$@fw;@31?k&CT7|xm&P_ zMnj;Fv!9`6QP1+QEaEghA${^?EReuMYx@BZX>~-$K7{P=IdTNx`&XvL-J(A2_Xp&4 zO-WtetveYbRiII(u@W_o*>qbgq7qpzA8mJF#NjdfsO?__ju!-z-^%;Dn2Y{0tPetb z%5(y+Oz62m>0BuKSkkg4?9~i0FVL}^?&dmzO1VPE^mJjTU_U zzxKFj9@pwZr#tpGDq{5eX*Zq~2kZ{26gu(s7Q7L=uMEQ#NjCY97GWlrt*-axGk&R_ z*?pY8RC9;;{$tCi!i2Q#zpB4rs$QE9m!sHCIps5Yq8Vdqr5C_{Oxe419CV%MZcYBm z#^8DF{4BX8e(vy(^x%@Xe?-Pjja)A8I48aJS9elx*`IVMEH(1BcXR)Ed2K(NrcGNJ zyH=0UaJoC9UhWP^ulaSuOyi}*(hRTR3QB^3xd#aU9H2qq6;QANW{KtR0h(7df0H%# zZL%nyhV32TK1?tiH#~CU`t>GNw`jrF3zYL{X6xo5JOD^Q=KgVl{ z>2hb9?Fz#}j^UqjE_@On=pcJ3`v)8OQeu8tz_Tx+E4?|Le8h;R#i`?{^eww98E+OG0+`^y zW*cYOG40gMKXg-f8V+ZCR8y3lF^_z}J6?1!G>}AWVsbR9cNPW&KmD2OFrd62lZKP0 z*aGQiG(1!J@x#j!qo6e}U~AEn28E6466#|z8!93ElL&2kdu;FL?xu?MWN*qo^Idjm!{e#dS$YShE|JjoBj>`p02)%FUszq{JLufZ*PJpMXh zu{XX{3c0h{cc<5XQcgrU>OL`Al;|qn_vqu+KUm%TgaC5kf*kgl8_n65QQN#F1s`t8 zCmxnU5P>?uIA@f~rrYt{;tF7QlAMi1fcth!~M8d>JT+J)I+rO zId1H#bW;9Xl2nIw-GPpcwaMDz-`VdTAKqW?yV z{uEHnmi@|{xk|av3^bD%DuoaUoHRAfxTT||Z+|_zd{Y7ZeW8$c!n8NUx42fXT%GyY zQgfZKPP)os>SO*dC=49f!E@8z7~xExx$wF9Sg;1+lG+R{*;rGxG{bi>rBk?mO2^o( zhi}=;+zfsIB(3vYA7X%29O;Q4`wV+nq>7NtSd5Wd z7Zhndn5(2-sF*u>{I_Yx@s*iZ z#^MObuL7pZUq9Yqp2_XUdr?fVl32A>&nMTf(g$-0z*4jTPKf#T&?1d7oR89P#Yc+V zgWgP9?`GczpV54{_rfndXCC#R9ld*`XU^3yYp~JYvCBqQDYlbdGI+9td{+)YY>O#S zK4+rKuT;tTysy{?qyjGz!HX^eujqQpH8I}PjBD%YxG4yTGapv~d=E$l{HVV*1)J?s zG;k&_yS%Y4`CfLj{_)M^6q*D2^jBprGkww0=FRpCb}uA(*Obj`3=_b<00tOxt6Z(2 z*^as+@3EwX9Q0t#-7`1bM)4%3dG>5c?+s-MH0Yd1_hn99QX zHc){TdWT!a)DywRlK0o>ON%^RDkMN|YmM_A6!3&I0AQdgW04kopzvy7MFNj1=ft$P=_MoiLK)A zDvQpD$~}RAuSd`Gp#paH^DX~&>XusuKs@ULtX;<`omqQDTS!p;jVg zu0=~fD@T9z!ph9f{}jmoB$#BhcJmep2=PbtlMlMV8p7`$wm}7u6HbV)JrW#CrD^>1 zA{FH&|FQ}HTOj|_!E|^#o(yhmuIO|I++=J7x=M7}Z%QvdubAes?M1Hn3~nq&Z}BZNAIJy3eQ@xS_P>&cd3}K+@mtr-nw1rXXOV{6l%j`Sb=Mt^tgU?{xx$8;uMvon?Z=pErP{ zKfJfx=|1pKO3(T2p;kOgh*f7e^`?=`A$MJSW28qd;?v4v| zgvYg3QO7k!Rky9?PVQy!dl)dRI%&L0VVjcRWuw_hu(>uUDCNt$-*qp;V@(+&m>Vv4 zi6ffg;#x{Hb$vJG1xw`qs0W6}cfM3B1#dpQUGM;gzyfn5ol2fC*2mXBJ>SioKg zX9uymYHarVRchi`#Ek`)l`xh7)+#Jrslm7b>$F63LVNwhk;ZA^d7bx6;kN$VOzSMMXJ;&W1b+{wS~UO!-`N;D`G{Dj{=y*&hQ%Grlk!PJsE&7~~&`Yg4<9ny#9UC@D9V=N5+j2VtRr5dW31=(9I_pG)yI z7Cmn38qwiDpK#rrYRV}|1vIWi)XG-zr%j;qJOS0Zm9Y^ZP+Owu86t_lOgqhgJp}}i z?q#p*lxwt{(pnWj&E6Kpgh8_eX8sm?^_K|UE2PLI>XJ(owC7>wlS_t*FWSTPk~%^e z^1Ew0<^zet@WlGoLT>ckpfJ(~0(?f1=JKI@5wQ_O?h4Zg*zm`wISB~PKlk9h@%KBadka3~PbjlST3B;2+@{K;)Qi!iZBa>U8*D{1BaG_wpGZ!voeh z&g@ggNgDWEFWJck-FweszrW*2ev~yWPiz5l5P+DNpXh1WceLGLMLW#@nzjn6n%WF{tn;$z?VZT3#;(eu`mD;zi zhT`Bb5VQw(f&AeTyN=W5(Z+Lb-sw|c*C%TohAnpxt{HKCe*nc1Tf2DkiVd3p5Gu8T zet2&tr|c_gP{FhJlB>5Oy;<)NTH0H_d0i=b>rQ)7GJ}9pE|+g>e_#G}FUfnoP~p7` zB%UDcXV>?bH!jU|ug0I=;GR(dANFVtIn6+P4>(TVr|t8Bbd#cSH@`4Bye!xfq)e0ONJc%Rw-tAT*xH?g-14la zeV~O{dc_Q&#VYpmnJ)|gUrJm=Jp+&Bqgxa6F3$kt;8~1@iSkcwY??wE-LMT6*8u;; z`5Uz$GubEWFvNL3TZo;MMCXtH;ijYfo`@@5AT`KNub1PAPK?7eLC*G{HA7C{4OzArLfOQ zEIi-Sj?E3cEw_+qvot47;f3;sSlr4eu+c{D&Un-OGGpHm==ItJS#inCsH{THW$t`= zP(dy5hq$Map9z>d3nY67eE8v?l1NDwykdj7{2$B=6oV}TL5c@H@sr1Dj%|!vs;SOr z#s4D{n`54m2msUL*MY}M!vD(8<#={2YD2{6pFi~}1|q;AQ?>E40|o?lvy&LE0WJS8 zee2r+NnHmJXa3Etu)^xJx}I_k>rMCwAW+P>EXd$Sp>vQ3fDJ=3D84X+8e5g-)P# zUTX&ZO@W}m4CFOkT*-T=r1}^OG8kZHL2GLOSSw|0zp8nY;n1D3P>s5 z_KEX2;@#yF5oH6ak!K)Omlx?08oU1OaM0zR%Qw^@S^^D*cBZ?k(@QJPq)XEpJHgyXJf$|C zsX$A0?B2=j<>H${xO=6_3IF0LMR`YITZJKU!N=sMN#nQJG$3Xkl^8dQPxEu&aFkCm zE~_Mi~*E}?U^yw zJ&u#2B%Gl86Lvn8gO?i9Vau{1y_GQ7aa@vJP_Dh|-E1bspwi+=s{XEO8NlUJK3MZC zlxuVl5kM|^nFxpi@JZt+k=XAhe=A&}RZfuWsfbz!)U{(PS~A0qO;!KWEjpG1xuoWR zr$AeF5%6Ilvg;cOyJlS40-oX(GnMkC?MZ+pZ|mqgsK)(v8Ba{LwtF8J^Snd+1+I;p zar4WKEA50dVRjj@CBW%AahL!#k|h@JVj# z2Q$(kdz}VaG*}4I6(hhF3H7vnPz? z^9t|xOY_$Hj%P;V;J`6r&tz?~@(liFTjK>`v>9%}8Mt2!|KB)!^LQxx_W!@4P}wV6 zc7?LozW9B^H=W!gb*Xwy?;F({=Pa~~BuUuGCMmxFzKbF}sHAv6t%sR}zQ$0iB(j2chN3~AkD^e&Jgznzg(1icNhsO8TxyfI(WXS_ zI)wr(866`!8H$gID@;_~_2%&+Fag-ejS6ufDD-UzGR{#&e1iJEkvuR)T@mT1j~S9K za~Mr9GR`!=75XYax842QW9bBmq3h=RtHO2;&sV~q*&P%=!?t+)m0JS_whA{tc0WFD z36N#z_KS%f`OzJaY?KTH!W=1p0J52;;_o-EZ>leI_pI9(ll_@@2gznBRkuI7nhD-2 z#55B=70Fw2qrpWWYCcYom{0L>upy85Gy&7vhZ&F@86B25%Biw2cW67 z>~pJ~@sN0zPxs~7lWS*EZ3}8dN}qj}=mNu~il4=u;hdrMYTMInmgJd1de<9}MtH$= zj@A5MpUqc+=UZz^gh-&znFz^ET&iC|!CSWz@9oHJ2Z|NuCiRVAP;`YoH?q^xV5~TK&-8&56+lh$ z>f)J^iv-`zKAG*$!+UR#&B4C}|61CQG}cCsj^Es7cKXeJe2r*|$>7${k$NBDF)e04 zqV@kNL{-NTwk<1OcY_p4mCKzJeU8H=oTULzWYF;IIPq)=#zHLv^;k;Oy2O;!i&xfP zV`(JYEP+!vyJKJsq45Ug z_-uwzEZ4&**aHEI$X6NGeA=RqqF0`_1`*~{pMC^C0taqMwTRJC_2EFL`{-8@TG=sP z|GiH1+&k$f+Q3@X?kiLZT2;gU~Te|_m^XZd&|-Sr!=qz!4an%#>NgUp6vi`U>0RmQ}reSV$7Z>|?g zYfvT|3u*7OZaek^BR^DW-GD94B$D4Ni5m2@59GxhyiY>CrzDw)^9#DULKfUYG)frj z(k;26Y(s=#;riMbiye&B1f!Zic6q&tt3W?5F=6AJBxL5TCt)QgYJbRxDH-WG(9k*6 z&y){t990aA(Mg6`1kni}G$go%JbOSHri{uSUvj-g>>v7!~lujBniPS#qcf4S~$h%s8|a_L7_YJw5J z;GI=@l#B-Kxv?60W$+)en{@QhPT@agw}4Wy-?(8G2W<$5*Kbf<(pAWvOUvCTWO1d8 z-RSdCS4epJRKwMYCet@Lw|*K}Ig^G7!&$4XbYU5Z(rt`N@${^$d2#N{lKyEeLTO@v z7`NtXEIi}*BJxL(pBHBYFmk>pwK%UTxz<#qkt`XcF+)CfabFk~y=7e-*0Sj)t6Qq- zYz3^8Zz3|Uzz97s(!b(-{q~OdV9r`f)g|4m|492AzvAT*C?{M9i3$Rk+O`~Exk|fD?|ICv4`&O)sk$_0Fi4^ z2uWeNDXN!Jwayt(8;qHCi(9z4l;C23y$v*g{jgx|t}m$W&5gh8hdh1GJL)T&*ExbED>rf59S| zk}$ZUu5-N+5@t&DgT6dA$n56?|i`Be8@ zwHy!lURBC8Vqe_;`0KFKmZn?x5$aD>ww$=ij@gq?Em3>#!~2x-ux#Hj_m_vn=nlof zTwR0Jj*-d#5HH)u$K7&QE3ZS+WrI9wI<>DGj_v(0A+n$LcUBoiUzI0E=J2aB-O0XR z_?gP%8-*{K;sdd=759Yp%ltZ+VII45VsRx11)5-rowaXHPxvDLDzk zMxnOGec+EG%wzfXvQE%h^4IcC`()L35-@?jKEe@^LBiMlraO(cSljIry-;#Q<~bu{ zBZESfO-hSfp8k9hS4Zea)bikx>_OX(_K@kHs&qo$>3|L(r` z5up2K+?YM}*A^TNTwU8>stc}=zOSDZka;wL-PEtYSk1fF;|8g~3}LC|-c-@z1ITHb z99_Y8@BA?hE-^k^Bd;fPTB>&L73y$Q=S@PbgC}i{F9Q4fKpvOzVvEA505MasEoUk& zy;pM1OO2Wv13gpF^$7k$8=sqIMUW*$7it((_qTKYY4~f_W)e@nC7ttYwBw&}Ejs9b zJqV!3w&=ifc73%2*kY4W%_A|CB85bBS z6ily-=mxCc8ROk+r6X}CM{IOPC@^@j)f8BJskt0K@)*^Y*2I3e*1sW~PA@qkfP4r# zD|57uRr+f)4eukS5ED0b-g6iMIomanDXEwbVf&$@RrzeSNReu>pmMbO+t=dR<+gkC1Pq=gc5ethA>Jc299$GxZ&hPk z{pb!4ara;S3oa+xC*%bm0KU7Umcvo>xDlB9LT1bLfgb&t7bNtG>>bEc`KqAJ8jGvW zg!-x*rvs`6g&yoPe`9p()Jg7^A5k@Vq?cLkF1Tt-!qY@_XSs}=v(>%b{i|%L-%&2} z((*^*!DLU7GL3D5lxK3-H%yqnSGZ+l@^L7BAmS;$&)aM15bUroxY0eHXGxRbOgjh= zzb+4-@**@Qv|h(M&0nCMr$bNqW3$)}@p?~y+=OC^;*v`2br4w_eDRqc3N_egsY-33 z*M~K#^SP)xJDmrui|G-N$FUV5Ta%gWaO+2R`-O*@2c?xj5`GE!-9}@tH@IIK5nc`T zlK`5g<~|rerI)>YW*QGQdAK|Hoc%(*CsN;7BdYzh~^Lbw{eh9g<*kCTLB3ESH>XM))EG)XqSA_i5j!o}ETSBVEJDL$C}qC&+R4D#~OIa@<|8u%Zc5zSq9#cG_~ni_vd)vS^)3 zqg+Jc6y0gaG9mqoAJK>WW`XZ=q;+Hzw*q8Fx|?t6h0ud%1Af2V{8aE_3$uCQ@T=7t z;a)zlK%s*`<>jDPV4by5ITNL%*;#+805%O82iDQ(I ziWMC34w#D$270 zVD<5z6sdfJSPeOz#e3wcHW=s=awSGy%Blc|+IpPD)3sOeah~<7H z4Upd{>9&i7h1+TwbQph*l=GI3?~mQH2Mnkt|x;j3pd^L!BcP6B&~k93*uQnAn1Z+r;o zUh;m$Q-1B^F8%ZKQq*KML6lX2Ja zcBDS&EFgQY5Vn?keWada?Jb?7*j!+`+4nl8y50zDxA( z`30&>morayXht}v;@EMYdE=9RJwUgIy1)C#ej|7Lz`5MR8At(RZEdU1O}^!E1sv-4 z1~Tn;Yp1!7$G( zgDBVv2C2VM#I21|>nNh1W%pg#+3s~&nli!ZHm`6%jD9+EADw67O z^uus|D}=n432FHzKHMaJFnrd$#LG`WQLYXo3}VX@>Io|IKuuQMK` zTW5OrHi+HlOluM+%1J#Tm%>C#k)&+{_10+(C}RM2Z-kbjIb{_%bP*2@+JK( z_e;FhzvTcfI({6aJ`(a}KzJgD{%k?@x}w*I8Z6ubrkgi-398(RfWvbNE0RQ}dqbEF zr+=a#HY*EHN-d~PGnB@?B{@C>qzqi!tK-IyjjcMXCN+$j9iRF0b(0#O_7)&>2O^u-iJVqblozLsCT-eCsZUd@+v4I`yVZ(~ChH&&EzC2!ER3oXZ{-?vHA zQm2a{&l?nY*co^2Q^`ptfe_11hw3%T!h6NgTz!%1RJ^dQjuVKGq%TK3Xg)0z_(Yn( ztnOZCw$n-W0r!H5$G*XkARV)eV_&vf$*S1LXr%h8Af|z7$<5{(XRFm3HF?+k?U=rI zqs10VRb2)CSB0@Wo~R&;x56!XtnZeOU?#;_^fP%I;)6D+)TTO?R2>-vCBR1#2DSSw zPW5Sd&o*4(Rc3~xD@TD!d;a&b`qAtk?6Z)B#12TST!MfKfW4c|-xb`ZYLn~uqr%CM zqsbMV#XNqSX^dh0>RFB);_8oJm{+aZgO(u9+`4J`<;6Vq{NAHv*Z_3rOo_VpbccY- zKpLSk@=Lf`zQC&-KKfOtX49a&Ajh?O`tXi5C5ijiMiMcki+QVQDOCTWx>Hm)17F%Z zkA1f_DOnB7lYT=^+(k@R@-3|k4ILasAPiKVUbb|w(XF7A77fJ2%J*ZB35^r3So~O#Juoomc%>#8yr?01`6Z?P9~`i@a%bma%qz)HR(OJ z=UtMk;5_biD-8c&6zU+fxO}~DMq;JB-BTq)qeWI=%yMBzoK9>Pe_Pybis{FfH-cJN z!*rC86|kApoTa9cQwh|C;pgiWz4L9-AdeZ$*h3_c8`c70FvkL4gf+TSo`$puzIRRG zH)Yyo8uBlMZVZ&H{X`~2N-oNcR&G$XCP&BHjUhs6TMy&IYxd9#P8g+^5?3@IWyls~JR)`s@eDEtB1JY;M&{k`su1D=GMte4U|B zrH*)6_;n`5Hq9DC_}eODY>0tD>q9GOgyR=rVxJ9>x*z%@vz0|v^h zuk+iUJ^J0}CFjCGDeG7P8H1Fp`fT-FpsLC1w_!|s@O)a>L<&=i(myD%!|RMIv7tTP zd#3{{lo64MF@hm`cj?EjG7Bs}tKK9cAc4$TuE}H-4l!F`B&jh13bw4A75qc_5CpXa z2I5*=QNdKT3uz~B8Wcd6NEN6(dIN+>#E8%DABzpWIWEQ zjPi;u-f!wkLukTVA3SH&+`S3mz|nK-JyG*XE~++>ao!+qb)R_X#vYAw#e$yvFn6J(M*EG+I@RzmiSi!uuD*9lC#nbD#k?p zh98m>VM=+Y-e|uo=h@De7a5Hr7m7qoUxyHsfH>PvCFZC26jx>{JH8ak$UfqhM)gF z0OGToHDVLg*(tyBf({zjkM>uyV)t|vwB`?!2-F*U(+l?3Fhcx_1vx@*c3*=O_&&e~ zbC@Z7j0u#ZI>Y2`wpKP@tSPkS`%AvKqmLW z8Fu#>$XuifXb!>g5g~O9-S(2}bsM`jpDzX`Egk;oT25sIOmo1y-K08%{7e3JG!MrX z=KaFTR&}Cl9WdaP@Q#_t&KDFelGT&xY5#eB=_7cKB5xI0gx98uxYNsRKy}B3 z7NTmxr_1jSat?ee|a;=~$ zr&jCyrfa?iRO#&B_){e*gDPo^6pRj{kz9|_#Q`C>_mC~;btL#g2br+OjU>x5+Jy3A)?`c1Hz@aknf!GGM4E*D%aOS*Ma@peelaU^Bk=5n7S)RT z-1-WkxB&^oU4E>XLl)?wDPj}KYgFy2sYc6*`$52W3!7;d{ZkArp`D!8RZhMXb?*Ot zKTQXbLTwqSXP~7G5E!fDQzA$RU>zt0)mvd8g`j0(_>_8zem8he4nTPTzr*+F{juarYmsbw45ZRVc_V6Lu}Y8<~i|{bmHD|8oE$WF}JKC5XS5CIvln z*GAO(b{RS~Up7zOmDj5kwjDqw2E~p5|38|4WA&1((<2U5rY`4Vk}s?&$7n4z6?>~* zN0ls7sqgc11Z_l}52Z1g7(){YOhPBrd-`B6h6Gw@swT(FgG|_m7FZl2&h(wFR~;km z4`ov!K-A(l;}`m#D?IL$p~?pn7xcM6J-LU_(|vL9hVmV{v^XMXB1e}Wf0c;#@tIXp zB3AJyxs-l>wEkxlwzXEWj*ou(*J$GK)l{KLp?`#7=^l*&ulI09qrKSEuW zw22U08!;=H*&pnTy+&dE;6W~E^9xu#RR{N?xbG)03?1_tl)cxh_H3&iJ43N0DZJ^T{3^J_hD!7yN2p*xejn$Zubuw**rjgbeo;SY0uo znDu|3fW3Y=lZc=|PtWz<@brXS)Z?O#V@VE_JWWDgm0=aUb!bz}ALmF!sznn+XYcv6 zgZLne?5=0~K6h0H4#XeAVqeUM?|Ukb3bah;E^7^<_!$RYd}B?C>j^D#C`k^w?FOzE z72`f%iGhHva6gknj#71cjT<=(z}a}q?V6(Z-M5dZj$jpv+{-_3s4AtX889=6ULWqk zm{v*-tu$%tK66Td{SKxXvtmD|Ow>lt{)B{lT3Fto3MB#6 z(smlQ5CdyV8qwIwUg-5jZff=iAh>8+#gH~|`w3avSFwkB$<#U9bBT_bWmLd4MS(np z)PR>9JU*@`V0=$3LpVn>+bZOB*#G1o)vKv6>uDFHs$r>(_6kOws!Th+(G{U|fS)p- zaozsl0Oe-4rH?EIf<5~Ok4-#T66Sq?y6v;S|6$E9r1#oheU7ZDAO7!{tqH-W8k6GE zbY?MP0dV|}CDnuV*~^~FT9!#pFq@4+DXMN62xP_5QH6djJvoz{?PpZP8}7FIz1uH# z`xDURRN$X8`X=D-{POx9Cy=3J*Tj=U@v{F;<`N50M?_W|5+)NF?Y+4rGtzZe-N>Uw zz1CBK`mk4tHzQU9j-W7Hr!96e_G>36AtO9V@8*K^?q?y5h}UF65+C}#W@MHfZ^T|3 zcu^QM8?vXde3^?hE&WcCe3%JK$}_T%NPlHx;@(Ce>-SDu%W@k!d<+kce5wLwx(T(J z;%7Jql3RaEw7NHoTsmaSVc16!iun*H8kin82f+L?8h9mm>JHX7-#j_7?7KWWJWZf5 zO~nJDrAVB&m%wC7Z3O^7HRAyMG$rxc}4! z&{kErjc0rg*WoACHE6zehBkU&PrBm{4=x;^r7~1Ey7>|q?-)1wJWC9C0uv8T$r@g7 zX#4tt(a+P)51&rki`#&Ku2Z%Rf*WNnBUs&7$?HJnIlK)*SSt4Pm<)$U>qiO7n;J24 z6T)++lsDT~kAAIY>S)>`o8~4c2-?pD>|7(DHAmGSg&gYT-Hz|RNJ6pxCqV2g(i|`Z zvNsDeCd??uiBosBTmmdwAluOtxQKbc!z{W1&O`oy@|CU(V-GfsqRpkGTxZ>vi9XkG zsJ>Il0Ub;rwPD3)M8Bw{=QH`7DzmVH_GxR|>{7N911U^s=Z4?;;{gN53=xH3vb1X( z(Y1d}8I%I&Bc7&?rz+?3=!N(pfA0Wxgc5gv-&T>=E9o2cTW|ZH3-X^Af<0HX2|G0T zX?*V5wmJT9M8nk|AZc8eU|!dpZ9_saS2vLQcg*+)>BnCmU|;=#t!B2=8@TQl-7M|psw6uTu z+ih`Yo!o(3s2W@H-^JSe6C=Bk@7SoBo?b_rTw-7rUvBJ1kMswH^)mE#%E#+wv9wuV zD+n98aOPE&8_jEzrl+t33BpvO=bWpjxAVN(zIu@mIs+0uOKSkHzTeuNS3e>)n0>*c zJ4Xr(Y_*hf$YEb}6~3153ls0&)eP?b_~TFb_?agN9~UP7d-!-GL;vXFn%7bYuCmeU zSAXWzbnmY-5eMwkh_mE&uy3*p=jEPN^?V+E+0)41Q1vhG#6_%kqGSpT(fSBmIBMi* zV%smt96HVd-Y3{pFs@HO^h&5|%7pVBi6{$G_@TS@!AlN5ZS(_lSGdVlUlPPnooWeV zn81ysI+lOWBTL5-eS7GLVODk3zkDdyHnzm%ausosm?f5??uJ^31#AnkrnSC1H3o>x zqN$EYdJR9RFYDEmT$tP&0kn=@!WJ<9ksQ?}-g_~7xHGQCy-^U<;3YH9++8S4G@E#C z&y97*{DC?0{A)BVE8;~BZ|8iR|Me!HSp6wCvD56p=P;gLmV;|7mb?674sQ;_c?yri zj76c5QI7rdszo;_w}^I^IP*!nuC&jAb^t|j)3>as>p<~kcVpEn6kvyAWi0DlS{pvq zw$JxlKU*!^eEV$WT#MLvo=7_b4%YiS7|R!Zy~^KbczhZl(kLMKWbbF2_y5<&lVxNOD7_VNsn+Qg&pm+l#E!h)mhK+4MY42ezQHQ zy4|}riDoI}M?8iVPwZ&E$2C>*4Y8Nr`b^Cpat*Y&quilm)t ziG>!+GyC`ylX}KYyp}q$@GTHS-mG0yTyZS|FQD{eu!?jT$GFoWZ*}*qwZFQNK@j@a{O~VtK)V4KTPJ_ zgNziPPdrtB2O>Mtxg;wc+4zBkwNG``# zl3i^DYf%`7YZVS6q1FN+eA3IiTvRmtC< z@i;G8mZbcdBeUh8fZxs%A;#)2Zc3dYo6Y^Tdq~uN_<=M|*aWlWqj)e~xShn8>_H*=C1WzGgBkMTA#oLLmM0^xrYTIK(8=af=9LX zPZQSr_J6uFEK`bFgC$2Lufx0jH=$ti_ z0|;xiJcS}gw5@$F1Tl>g8EHtRS5V=WIhZ8vD@K7Hsd@GIXfPvu7NxVdeeCwSSZMp}PtD zOC|jjk6P#)FM+RG@`Kh7{R7 zO;iCM-bJU9Vn09a34{{nRcZi@KJCIR=ky@xQ&q+_4C1bCl-i2F}ZIN&VhNH%_ z&5Sj^g+K`?fcjjpGBOm%*%`~oltc~=CcZ_Xi>9uo4vW1R&7e2$Fu1!0s^9dU1@wCh zeB=B@-)x^wwF4q4YVvs79Z_}7xj!T72RE2n)mDLs`)fUxO{ErC6Vf63LvMi(MtuEE z!c>f!b!mZJMk3rd+?mVchm(R6@TWzr_?XLMz=75R=b1$jBaQ07WKomx>9->Q-hxOA zaSrnw7qoOKkkaoB%9eZ?z?#7#XY-XgkbG5!j%|YEhY{d%$#`~Q6E7DPhCS(26#j?G zP#dSo{3ICF0D+A;FH*;VPqnn#{Sr8(&Q0F=6zxmW2*A=pI!fiVFQ=O*)wl}o_s+0B z4ZB@2K5twBJ{m0m(+0cpa@(a-o_$0rTGFq>c~b@YoF_y&;M&|^Lh+vTHj3=a&c6It z{893kY5l$x{=j5n{bnjouLRQ6Fi4z_;;Tjd?vLV?QQW>aqB9p^1EuF#s2{dkiSi&d zFM`rL$4uV*$OE>dF?bcxyJuBvG}p)7a53;gp`?bAXq_aKx?YVEIxqINJ=l(~_!Ei+ zJ)3PWTJ^n^fTXRZ4HEt%5@Waij>m$CnxFU82+PMlo2`IGn=*XWKVp8aHw?UhPicD) zzRP^_2&x_CIr_*BJiIq?8dN`BTf1nv-S?=52|`^$UdV&{i*bg~xxq1TmyiZ4rIU>O ztNtB~jb8Nl&33=Wj7>1WUUXJ9$od^z62(i-CIcd?i-PQY+{@s%6+h^!?gC|a90S32 z4>l~(Ro~^eZSgX;T}J=79q2@Mjxv9S^U}yo|kAaw-GPP6s>*)s|3<@i96Huun>f#H4v$q*^avG7-U@9(XxAoI7j5 zkxA@@rj<~>U_CO*)fc#_jBV<6YF0DKC~JOB1A35#(Jg7;WrOh(X&~K?MxQS{1U3x^ z=f-Sl$RjXS$;lA8xurw%h9NG*RS>04Rr2Iasj9mEbLh8c{oQR^%J48qB!<7J($EhTCmRU^uI6+NJ?*THjDI=Tb3A4 zNU$D4*mkg8sLi%+eQ0TOuY2C$PzbfBaQI!P>Wx~A|75M?w@L3$CV@{l{f(aZfIRN( z2aNQq^!8%!ttHn}5fs-C2#?f%!tpgG?Yxhp$7t0&;uYUY3 zoLf?&3Lw#~3it3z5dY_SCYc7#GttgZiLAkI&)MBVk7a(jM=!Uf6R-hIZdLVL+PQK@ zhy%&wF2Ps@C=yYlTCG=+n&SWxa{e#p()^5_D!=)IC>->GPK~JcKR$B8iym3r4_<@(rW3aqUlYp_*S1kg zl%H>Q0%tnaE%%>dnL%8ASS0fY7Ab-V)=SJnCJ&hU_$c^gG-&D@fYjA#Fuvd_{dT|} zO+c{mSjv5MEZO1Np6~w1ILIgxJLkry_%Wjw*&aluo0`_O_>ugi0~t}sw9Hs@U(nPYHx_HtX|m?JjP$ZMZyE*SU-R|8Cu2n4L~8 z&%Ft10E?du?Hb}TcM(%)hJqA5fI9|vyju(QJ05sY*#0t)5o2fGV(Y?wLD=J89ta$t z#Q}RjfFH^{r}lSQqDl9^TPN=P1OLCRhoFUdeFue679il|d(OVr?Zv+SbPZ^&@4rK0 z=62zd*9Q)gt77U#bi|`vbg5#@-uR2ScOMjd zva z_+q(NqeJ9TMI?DT9~1|39vVGzfOb_k3lADikU6UG1a2G%g_AK-StUJD6hrEQ^MY6p!Kzw3vv%cFxz~5iNX|UR zx&RZVm1F`0y1!C+eWN%BQjgcqlC4~H{$3^fL~bGsjPkFQYC{iQn{nTbuV_Whn~0>J z1mv?x*GCGs2O$j5dFSOhNQGw*WW?BjB4KfLZ(5wJ{dBvkYn5Hiwrn|J)rN)HBdn`; z%P>#cWQ6}BR#{Owdxx}T`hp9h%4CLiN8!z78>fx4K6~r4i$_?y-yTa>TNznja|R_o zlgSak6zdN4TWYf$9!OT$#CromgH^qlEH`Tx^`js#G7~Lz^Ze3CDkHh=vJQle^fFyvC-!@% zx)~=)>o=i7D4$ZXgf2id+rk#IlPJqPvP@=?B*JbYB~pW3n~4${rsh`WP-K$eKz_+Y z-`mm@et)-t{vHHes$0}bpnL&!7F?mt!xaRod1mK7LX zm$B|Zx5k4MAaA=S@6BL(uqhTCGu&%I7T&+>C2gEO(qCYK(8oU&5NTyNb-{-c%-W4? zh$M2mQ7Is($y9>Bnp#;k+_50Jb#>Ai(-Wm2Q(&_Jo$AP$n(u5}g<*xby)-IasBJdcRCYaBL) z41VVO-4Le^ZdHr2sNM6UcKQ}cX~pxX%Jt`(vJcjicla%x^j)oJXH)Un{2jqU;Ah0W zeH?(HOUwQw2{7UiGK0VHjfc{LJU>+xG5h-_1GyKSlI`+t@rIl(p`tl6%i$9`JqjuW$cgm!;?TL~>cNg!&rGcM~l z3v8-~f||>q>}UK_QvvnR7r7p#&bL@z zSX{<~%Gq1+Jw%E{f$%*%J|pHv2>A(f5R2}UY__M0b)>}AF7nF4^EYv z|6ZkN4MSEuU~Rj(h72Xl{<#&ghi*;n`I-{lwy$=00LT} z4n!}+AH})8hj;{FQ&}*dHpt#Pb5#t3N1eCSLq8)WxewHPUXl?Qyo3AgY$t~GJxksE5);@ zcU6*waNdP!JG7+Qo^JB4qvM3i z5S2Dx5L4#Rv;yt8G6Wn0>-0%b_DKBlx~}=?9G_H%%sW+gr280{mFP_vTrMr`2IZVN zW)Y(9L6E8S0SyiFB=X2)^n)zr`wZv#N5P>T%6Pb-V4iVnfi7@yNuc+IWPX*j*Hbz( zX~}NrNuY@O9S@LWeEoYCqYLv`(F(9@1~V-tL<%&r00lrF==g7|-Ab;Ar{yjty2Bd; zMuBIt8SGq<92opyl;&$-BEJJRq(mzU{&Qrb>jqrrBb;fo2KMZ3pcMp59YC;c(F^Q# z(f^dcc9bfUTQ@+xS!``HDLi}FSipqw>I#AeeD;=ZBTQ!g?Pca4{BS2$Q`-PFyB?T> zn^viEhTndA<(iH|jB}SaE+V1;E&V2dx3tNd0DmER3-;v-VpX$y6U>LhxRiptRUY8onlp3zp*Q z>1QGU9;WfsiP?(P^V(+mB?X?q^(rCMTkbQxAQ;72iWK>aO^gaA5(Gr}8A3mn2Np3N zM(hbDLF%vG^0o>g%g&Z&q?Nh*c|rTE#(l^;DVFcNYFclCxHPC=mR{@XB4_>rffyIQ zrD(FaMT6%t2Z~Qy`vSiuj=X2>0%$rki=0+?h3hl&tR96T!?lA=!20vEv$g?uJ!e+F)R*VCZOs1&g#c0Zb|NSS zZYXFHf8AY_3}BDQ31_SQPs5{h2-fgu!cR)Y3oMU-&kf-3pUULrKh3h-{z^*LWWj>` zk)Cw_3-8kJIYN<#j58T(Vo%7Jd6+Fm+s2`AaTy3ascGFJE#3^l4DLa2&KeLW)9!6tFy*!oCsfEg z?TIwZ52tn1Z%I=+@j6Iu-X?vQUUTq z>d95$W{%UB`?6%d@v8Vyg}4=BJw~9N7hKrR7=u!@BI5CTpZDhBVEIl;r78&+8@iJX zF%S}O^sL$uxQ)2-ZV)Bg5d;fx_B-EL^YaFdBQ3h1O1lIJ&lQ5h;kAPzxOO=TV3ps4 zwKC9kDx?QaLz0GJ>JER9es zG#@PCvMd+ApsE%`e>}N!BclkkgF^c8^USx?H=7>6EXD_@L1@DE7g)CtH>|_%@xHMh z9~1NqWG)Ns;RU`}}(b zA?mr}`&bhK{fc8S(em>}E?^}Vq1ne62y z-t!p1f0NDczqjSrZOO7G0WFWoNd`7d8=BKb!auKXv1=K?vTNvDFrB^)C@3^V9v}z3ngjHZ zR$aWm$Y!vzDe2)K*>pkS2S68?cebs=WIoo`1gYSU@OSvs2cFGAZ9KUd`17DvFW+YG za^M!&(cSFa;>)3ZM{2!#eE;$=*r25M3wl7c&iPME9FngCY6@6Fxsf*hh5+8``^JB? zKG>8uF*B$?PdDqCUySS$``Cz`BQW_)>g{okb=&y_8*^d{dN$%lB4gul!>Y|X9`~bU ze~*T!tI13YOnPq!XNBL5d4}JPsA@%U;JcMjhA~_(MC#9ILx|Oz<7dv$z}hGX2U26j zEVRxY9!`JjB{1feR0}h}?*tpZc;yQEfN8+o;XTvs z*|o5`WPj!c>>`2D1-XyzBlo0<**P+<+#>w+@JeRJxYtTfE3wfy#5=RUu(<=Jc%GMN zdxdRRujZDHj2wOd**i=|@{$n19e@om0V~|F<+M?uMkA3hkueuwAB}clc1;`IZaE6r zsri$`d3iby8^DgQOdj8pIyyv+@q}}i@lm5?uUF??XfA@vdl=s^xY#NHl0=ISm|j(e zoKIv@w(BwWTe}kdtpTkRQ)KI97cLTnF@;vmV|}EiQnFeFY0Y@2McBWX!#BK`F)aQc z2p=q(XR?y9BeNL2Rv^dKx`u-B{K3pyu2m4n)}r63dWGD_@JCgStUO(bdRtMYEE#(= zaY|Vjputx@Q1uscuKDE(f@{%gx~9Vq&yMo2WxEBkq~=!b;1>P%zD@c)w0c<~UYrdPJ6t(aP&6bM~Ftv<04%E zNMXBG;ZoQ(qne@rN@1t_0SOOUQ%rXhwmvt*j6a`lhrTjD6PlC_mMmg_UAiAo<-p!` zOte{_ab?yn0dCnd?yJ4%Z(Hr65h8JyWOi*8PSOBi6SCyZXKU}`9R>b~xC!T40@uur zNIOo<=22|)b+tq-p?em%Gz4(?tlhlucVi-PMDsVBJM%R#1=s^ldh^fkA47rW`PxI& zW7KW%^8anOQIF-f**YE_^zfQS*JY-aRevZGtp*O*vm@KseKD-o0+0UDKx9D^z~1== zux9=xxJ{`59K&f3YeR}k|3wcR-a~c%{``(()$1wSP>h)jaVn8)1CoJ(>9*SoK-#iG zV^|Re|DFyKqWSOXpqi7@6-05s(>C<~oD9nLU-zqlhP4HhpLv-f&YJ6^-kAxe%d%o9 zydvXt3$)nDUR2z1ea;ai3yeWlX$tG+G%tB8!~udqC8~ddLBxz{&F1pphc#3~-9hcS zC{cIhgvRB+Xk$T~x*$9_f1fU(9YXfH!S*PubfivZp3yMcF_4n5UslxBjytWaw)h%M zPWhg1YRtPsi{3vM+}Vo*`y$>$=;QFkEJ&P&Zrn}-g}Y%+FnM=PEhvpPEytXB%Xjz5 zS{mb_)%zd`_?`BEKRrOAh`mInjQO870QsM7fO~=UEnq6-zQU!aK6ayb11y%|*iw0f zngM$@&XNKn!cdi#|L)%+?Te7u52NFWb_Ao!eVw+$E8Ew%@J2W?RK(t*yIn+nfZBc$ z-nd_ZixJgKh@Zw@{{I;xI#d5&V?<&UF%-)G5hL>WJ%Lqgw@5c$dYzLSz@@ZV9#4Ii z8^x%1mpi~eyMhI?_s_d~jX`stWfOXXnk%DXpyLGlPuHqJ#V4bYya!4a%O6#g6O_f2 zg4*9lfG7EXuGq!cJT2rWpb3q_)yuM8j}p|LP)|-k z`$zO)bb^>TrI?P}0ITMVFT<}NsZowppXcY-Onw!8TL9GUI;|kC7-^HCJHIw$9+6SE z!veW0nL>cO5-|IvN4wVn(pUcTm-^?PBrv#uK=fi>s_lgC8Of9@P|m#kp#qdt&RIFj zs+tyIRynn|I1gxr{U8LB%+T%1rF&Hp3sfHA%v4a0$Q+R^?`txz@=|$GT616fr{ENv z;!i>wi^&pa=0RP6RyUM4{(DLr6y#({P(e-_N$_bRYXdPSnJE#qi#186suY-h#m-~v zT{K>@V3Af0!;*zH6M+{xZ0{C<*Evi<2O>!1E&nruB+LD85u~@J4s09$iXhSB$A%sS z|K>Itk-+ZZth_vMbE)s6bn=AoV^=TaQ$WS?&mTvT0iJ0V`le(q) z&~a;h*TEp=LhEU9+*zx7Q3%|1uGijYh`2oB4Ew*!CFNX@TU5O>3~+D4r^5V@pLek? z$5cDua$FeZc~37S=XGZ3z!}2%)j??ECAsO483KmvRr*;bYOmx$B?pM(lbIVm=vrJR zN@Ukr#7%O(n{mW*>+tt~B$b9}KvJpr(n(TjDVB-v-;+vb`XuH5J*kwzL&*J*@yw7r z=>D$W+Y%t3>(3#4qyGk3Ra5Q0Nxap)xOyOfd>VI@Hba!*BSsbtZD<^IcTTR&tg&ASimxL6*5WJ|3sE5Q_oEYM}CgUXj97NbLNAQwuCUU-u~;7`J?+G4tL=O zXIkTpNB=OKw5Se)=p60|qd<$F0At>e#D5pl8?WrfZuJGHO;0la$Z#ZFA<7cJO%@jt zc#ye{M_R1|LQ8o3mEZ&Hv(F0A7#~Y_paKR1OoO(YpPjflx1 zSOFR){<_j-KC=uYha3W94vG+={ANYo)>I7}<&ch}(FSB4&#HodR>(z3P=!pagx<~+ z5t|g6rJNG@4p@bUL+%OG87nHSGJaqAgYB0~2aS~MM>jqem?gsM#$|BN;Sc{Te(SKs zub_VHE5yGU2a&KYU>uycxRnA16GijmU`tqn!jT7qF>$=?E3F#Th?mqRb`MI>i=%gp zPREBk5!|eubca6*dbUSj&UUC>4*{V1@P29(7uau@IigCLR#gMcLy%NX78E6Q*d!gi zLwbeBP)vs;*j}njl)SDAm#3i(f{cBX#$Di%iYsHY2VC>-c!gC7P$eZrN_2rbHln28 zdqx}F*z|dKjY^?(!a6t8E7K-Nr26}JWr7x5C#7s9NHV!)K}jZ##Sn}gkPfF+8Qy^2 zOy<#xC*FVRSh<0}>)6|AeS<=%AWE1f9bJs7>BFJg1rMWr?5e{xjKg@Xl>LQ0-(0sL zgToJ_LMyJH=-(z<11q>nxoD2=Psa_oh3IOQYKhNrp}$_4-J3rZD>5J*Td`J@B&Wt{ zP9lO4&4Bg;`5uRpTlU z4r;`+ZtZCD_M<%b>ys*xHnTQ@dX=C-^UQ776@fF~Kg*w#aOjRU@P($6K{W*}ZbA&M zTZ}aupiKsAMZcjG)TBjtPaZV+fk5soE3Whd8gs;b(iWm7qQ;!WYQQ+T6s5Hst6vg+ z<iYora}hjCS-akb}Kda@7>@B(T;U%K{x;CphWr~U@}uo3^?4W3V4zR(A1q%8-O zO#1hIg5@62^1d|?=t=K%y}XPv7IFBYcchK`Db4=>3{0_RR|E4`hru}30SAx)mw}Ce z1Co{3$Hw^Uz~fNpkw567wQij!WWNRZ)b16th+s)L;?fPV|GIs)4WFGF^^s0a-@m zMm+i@*+XDokJH>6%h(;ono7ti2jWVXbPb*EVkA#-m!rIwa!N*VeF1SNh`mY{8bHen zA;aAM{zFA`wA6YV>of)|1mM|yeTp?6Kq;&r*R|BCd4;hU&Qq~LHn=LDt(VWZ@h5#r zn*1VTHKu>~gE#(l1lAC6pSBw06F`+Y7z(YceH76Xm|(=wQ}6z^r`fhCAe68bfCHA$ ziqM!D3C*uNtb3e)o&LSds1Sxt(*fS|CUC>YHxc0(JZFKD=a^d=^ta(N@z;4%DFEz6 zLb=X;W!RPF9>bl^w!5(zmpkhCh&$Dj33hf~MqiujZWkz)l=S$~YQ7Z9&j9#fRY%CZ zLTP->wd$BJ!ER|Q3b(Z%WmOb9xUCPqo^2mYwg76H^OIJE$?(-`%Z?Tg|dqb*~Zc)OUhbgUk5{BEHl>1o~$#< zlCp%EkYy}md(Ii^?*4o~-{0?f{(JhvtHR7V*L7a!d7Q^_ypK2Ih8^lIwG@o7=j`r< z82W1o*uyc@Ry*UE&FfZYIuuv1z_kNN^O!92?b4l&a+A*YG`uK!vu?rV(`!NaUeYHb zhAVCdAc}+3_SF2kr)1E+#PO93KC`GYlG1XduBANb#nXxWI1bruV0q?f5Q%0+^3c3tY2o-(AT_V%cr7sTIH(x>$sah z>#G!k2T;ZDh#y2bKHnd27MHEw7r&>l{{2SoOfAhOV4mzZc4v3i5zCN?YrVq9&%UhT z;d?}NP&W14nEg^cb&eEL@=;a{Qynt?L`&u)2%stD({5ULUmp!}4&^XOw4(DiPqU+0 z{gok_2i4c+=5Mek1SJ1MFl%j9d$;_e3kbRIkRR!2F} z>Rkdg=Hp*6s>)4r_p1KDoIIZa=6qiK3v;pnF5=UA`a##HbgS@dRIXg`Vv;8*S=Z$$$q& zsag?jfsfff^Y{r~M$L-{>=Umg;{_xrXBbAo*;NAbAPnF1{o8e1r<*bUVM@{n#=P1G z;p0DU)@eI zdj3y}5r3?8!M1U6beLLBGYM-I8#`gbC~>?l{IG%=7)&F!n{gzM{3GZlMxYmC*C=fF8NNvE-|;4 zA~CMu3cfq1+Y*hP7uWfspfh||C!Dh8A$t*Mj1C}#w8%GP8SgQ$U5B69a&`yOzO(wT zkk;m3khZI|H$qK%j6ZI97gfHbxH&(;CmfGddb`x)X zrSvaMH43GBUgz_Z3hgp*Gm%vj0O&4H8NV%)4UumhW(Fxp)%A||k*?b|3ypt)T(@nI zON@T@K=JO!R~M!>sU)vJlmW)uu7xbe=Knj`v*|&$Tn&#;ut1KFLivKvB-MFcbbw`p zJtG5{LN?#n+IVNAtV#DH^QgjyX+C1ngL6!IB0u}*ecD+XBhc{^&wq^XL=X4 z-uvHZcuZ6Ye$;`@=&9h(d&EoSDwU6jvPKHr56FijmXdNiKsVttGk=F%0K7lupdbm9 zaW*}~?6!LFa1IpR;0JaahmWb|6xl1}Tp#l)#1HrD93};?BkYQuCd-QImrAH*ENLD! zgRf3U^?wpDp78dzF0P(WHU~r&g?Ba#P`>;Nd_b8kbXm(TWz5L!Dje>gTH3hplKpZL zV^6lSqsZfBK6%aq$ULAb-0!^CX`)JR$8KO~v_E99HejnlDQbFubqtg6((%lKU(D{a zPgKAxBpGCm*>mPZ53 zY_R;^+z6Xy-$UeJe5AXOz^wtB%6;!wd4VVKC0Jcw`}KA$s}DVqfB7^p+4jSk6zeTY z-#Gd^Z6oY?FH)43wP~=E}5$kl(I8+1T-Y>|h1{Xy8>2IsC|I%M0iVC;yI=ZTau8 zdcx)*LRfMeYk^z>v*X_XgMGAe;S%L(>Y3Q zKsW+adofr4QCcJH=>aoZe?3ru*$QHi*2SwAyFE6#)cJL$MW`;+R>$dfT0cU{N4bR$ zBXJfkC#ll%NP3vK=qxl8@U2CkfK&R7%Mf-xc~mcdnx{ZvHjUPgP~Gt85-;dLVR7bH zQ;HPkf2Rg)Uo|Y?)9P>h(_fOeKg3O$mBHz41IRCBS2HlXCX^y9L%;hwm-?r-uU;EXG$3lJ7u^D0Yw*vER{u z1{iu4VeSe8dSGFipMGpD0XF7KH>D#{ch^B}FS{P7Z>vaXnl5uJUGoJZ3;^X*B$sl> zqr;y(MV#LTB_oqd1iyq;?YZ#|t5~vc~h*CqT$b4}yW9sLy%A^!%Hf zNnlDVU}){5eU(_R1ZrHn@|E%55m5i;Zr|!@CX6w@JpWq%U)Br;v*dWnH_N>wt|Cal zakjmC^%Hm&DN?E;AMZ9*T?HJdTH`VxY|$-JAcV(9vdl3;yv)Ds%ul{a;e%Cy{<=x$ zze-aLnLAlt{fhV9)aV-@Dn@>dJrsmDXrcu|?e;m;4<0sJAXJ8X<>h_M{{%uEXcM_X z3xwj|$MpX$5Gv!zEh1EKaGcrYj@|8@p6(aiqkwAjXS!pDc-z3$67sTR7h{^7Cn z@iNsi+|@YU)0ajBSQ1=Zhjb4|PGuKW%7;(GjP}mH`Gh>4I}=ZB-iZM*vsa+PdE+KL#f5`%~~m}*QhO^ zr)25vh8Rcxa8H2FT*iG*qWIAJef$${TsZdgHtuVx&WB~MfMqYEfrA4~{)dh`@1Wu( zf=xo6E(O~+4QmocD%A%aJ6N`VCr2ue-c514j(~O^GE-0e%f;~Q%l}c5o~?IaN;J5c z3;HrLO6YX>T0FH&fUIF~Fl+oXPkq4Ez6eK#3v5@UU$+NbEmyzz<)d*1-~g+5UJcVI z(w9f94-~mr-%P3!ze}4!Al!;<~!-@#C|G8YlXPD@t^UV0)yd)^HnQDs9oBC z_u+t+BIj|YKf$ijEj||jcE7fYXlgpKega_kFSZ9y3RvpxaECq^WM}yNijrD1ERT;q z|Hv;>f&NZ`met4XSOfEvJcrYLP(oOga17%}pk86i62XJF9ns%c?bK%|^Irm{7Jsp| z)u6QbDc7o2Wr&>JiPZ3ClDg|$z<rx?zzwrf_ zx_OR%SYS0a9JwKhPda~Q8EiMPeOUEc_0Ik&Zn&>>GZ{tv+paKl7lY*|ArbGt_WHT& zl$B=>*d5NOfs&7RwM8Ms`q90pN?H`d2pqd;kme;GwKNC7~|OYF}K%&@vWV^+8bb8xbOEH);^0VKH;6(O0Ke+r>%8Zjt}HZfeH_gX zI>qRow|w^^zmh-L8|V9fc3PiFSOYm&{1$3)GL%aGjA>A9D|L?lEll^^%jG7TWcqHD!XIA4Ur!8AeLB(HH%;rgZS?CZV&RVS1yW{-%BCFG*sJ*`h(>CivxHSatW|P6`k+c`NO-Td(DI{3$kXmt26hR z<2;?)SUol<#)KjNvHl5G}D5z<`uNFSI!0Cd38qC}TIS>&7A_T|_ir->xHa`?g* zt3O#@`eeZJ&Q=^*1ff=^-^RbL5NB%wJES3Rh7Fi6`+DyQ(G?_@K7Tz<^C2HqJ&gsW zFmaJZMqZLv__RWdyt*5%A8SsRm)hWI)6>e;=rlg?Jh62R&0}>)_Ux9(!=5l9(mRd6 zSAFHcIVrGtW(e2g{Q8nVtwhRy6u1M=-+~dIPy7IeE{kaU1g`OE*t@2(4qtjF-;GAk z_8_$Btn+`wV7=IVcgJ8rK}}7%ZgYPc8TM45Is$4+uB4qmzVAT8_M`B(#zqWeRNe80 z-X67(v!U^ag$yolI(tE!5h|YeB7LG zwK@Kq2X>p*;Q00WMEt(Br$;W#YsjvCPrE@VuxP{m`c?uDR(|z6WPH1r5=;A@jW1bjGw-CzXzd(-4!Oif#nWNdw> zW`A>Ma@>VigH?o_FBjX29cJ@PFpjew6AONIxA0$Z4t+rUb}*}U#Ea6=?O|gWrQ7}! zNdK_z{LbI6DGHuGxbt@|{p6K7VNP+&5Fy>FqY-@70-NUtL0nfl@B}r^BB{X)lc3zM zt0h`E!zf3$Atf$nRp+H-!vS!Z$7cNNR?V>CFMOoW(S`AnSgKLz}E$4XFAv=8*kFnhQ#It^0{(z za)c9P5f1AbcQF_)GuF#N@{pgPz?>}rmW;d$LRe-VZU!M>aBdOS$~)iQPJ&T(g&aCQ zq8CKbNs+(Q4{8vlz#_67AfQR!1fIykLI&E4_ckzxn+?00Lqn!90M<_u&=xZbK=;CW z2z&y@pyT7u{Kyc8Z?hBT=x3_vt&NT@?@h|pVw)!x>XJT-lXk$s?!q;>8=h()V7axc z%-T55bd=%;>bmD%Y+ui5GmEe}fD=`LA%q+377FD+Te?fXE=AlN2T`-3An$MK>IHa> z-vwBuyX|^mJo!u^$8&Fr@i54%IIbk9;{^^TlVJ7qq(5%(IkzpyhR@^?k3^*$SU~~` zsJRtM0N1=j6s5U={IRc;ReUk(6}6LJFG6sMm#N|wIbgcz_>kahpnWyE=SqA7;N=)_ zi0Al9APRe)6^mo#YO1`Mp}PXG1;s5CdDky~s@W%vio#s(is+Hl;fYcMWh!8*HR8FQ z#q7QIf8I1C2X6kPO#{V{!s(lq^#h=u5BIGnM-OMrw!cK&6nHqG@j{nC-HG@Hu=K%U zkAj_<{t^|*Nlg|pIen%6`uJImAaBI3RQqmmJ~`mEpVLQ3NhIa~6EMgXoWof$Nlv|0 z?w`+97%m+@q_YezDK0e|>9ssF3y!k7+v{76ea08-QAT$d_%|(34x!053)|*?f#@%@%*?tmW?(EQiu9^xXi>9eNWnD z*X6@@y9`#G;me4JwDzR0G9{Q_1NcY&E^2rJgE%a>^m1$dvNWcSh`ddF5Z-`S5`g^?Td%0tu_;TfZ1_w?pNVBT}vUUJN zF>ce=Nnszv!x?z2QI^#{`075%R`5ooZqaZa>DF-#?;g1y%FW=IIbw*qo78_^wXJ{5 zobO~pd8edZLu0w0=9Nmk34y2ZX5zby(vH`%>16XP5GRgZ1ht6b_;=UHwXbhB9bEph zpGQiBZ~JMoE9!@Zi*cO;j+j1aWyw#u78C4JedjqQrHg7ev0ChU>syUY98lxCs;cLM<{!O##qv3CjXewwYZ?;q!L>?P9LB4-0xSy{( zOqyngKDDQN3*8SeeaaDYRL13%7W*^pr=-0{5+S0bPSH+FwPsnJRwF`9RhyCOm(Y2M zn%n?a(qAgjq7C^Bm3dP$b1#QPm02I{`~{Ql*#U|U;US3S7yR=YhcSdMU6Uq7)l(A* z#mN@0L>X^EnLt|!qxiTpo zT%vV93G{n)k;_=kw_c;`U{Z5p zz?>@C1fKk9dl;6-I4$gWM+floR*Y5v#!S2G3g+wjfc) zf9y@A1Y`T`aWO3x&m|cTMV0HuB4nKJZY0fg+pAXs;h&IYUt8oKOUUuKaS=j$>s?0Z zAUB92$VQlWgr7glz1zUi9m8hw?6Utey=1x1{$C1s*%c=9U9{He-aOine-g>B@MUEK zq?zHoSB4$eZ34~Nnl+Gx%gBI9kO3I}n3yqdc%c<&wSCPQ^N!<|CXQ>e_&2&FeIZxX zR)Nd3`{6S5oq_{)(n@AlVqvys|6bHgGpI%4g@3cVl+X8s=x2=!*-IN8rBE2T{)Er( zg4@XZIJo;*nxcBK!l)E+`8+!8F%VfR2Q`2CrgX1X-Zpq>aG08pE05((ZYK2^ItEgw5s__Jgg8%J)jIK(XtcQ0fLB{%vWV2DS zz4E-Ny7^~Oz z18Erl^ya2GCN8%fYjB3BZmv`|rXs@b#4Txa1?+9X??H>n4@VSq`rkpN3xm(wvz#l4 zW-uq-Hy?LcHOs3@W6<$OV=C;IWzkwMtJqK8XBG6$&o79sg;F+LK7FT%!5{P@RZ5Zh z+1Lzbg!!6i@Ca=zsk*V{Tt&gbBTPt?Z5j-E`1CeRp`){zqHv6Q7g*PRfi&Qwo~8am zSE-utLtJLeZe;bU8x2f-(jgQR0(1%NsgX^zR|H>Dd5*G#iwP87tDx*p28#P=P$Drb zj1?G<3;$+uc(>KuhmmNg) zoHu;>JJDZpEtg%zk=vT-I&m0k1j=CN3&r-n$W&ZNL|`&^cjZ zz}G!*YFlRqD9Ok%>$XhqT+8m2ade?xjDl}bY8=f3`1#_@dx=7$3eBdE%PxQW6@%WdtI4j#L*?NQPhqsr#{q$2&yy7wuGGV&P{+jQc`2VyJAFDGj|7%4ah>9sY_+FHrVMHG zJU6opxerryU+4;Oh|g@WY3%tc*W z6rDv7wj&eP3!TMJ;%d!Fiv}5Lm2=Wb^LCulR^H?6@!zwi8nWX%$wnSLyiLTX!Ja%F zglQ1tIXFRac2u>#eThz1X^ne;52_E3{f)FR7saEz%>M_-`gz`O<>w?o^$xpvBV4k| z_r5-1af;eRLENM>+v)XpVASwf=yXL}Ru<3sYC`W6rM~9p;!{BS$+4*d&cq!$7@fy> z>|{lLRST$2>|D`-?*^~ z<50kqjnO(`v++PXIAYiFLTy-%;oN&Dmc$PK(~!5+e^>%$=au=G#WW_gs{ol=W*%712>HaGx?~NKjbqltKjT9spmu|y0TY3gnKBoi z-gy|hPp6r(@1>B&=-+LF!~*#4+7J?mw*&yYHDiBFjo7Cfz z_nS0CH2e)%i96`-XlT#u5RQ{&dqpla1K{EfM-y@L?X00HbT68mdg*}?)KeAB)q^b* zX{D57Oh20!fsF(=7yi8n*)@D`^gv(vVpoPb-0}9tQ-&g9afYZp3u1Ao@~$u+Q^wcA z`2xDC;2z?+dMkABd|Ck+V!$#Sc7Q9!ZaKOZezET6R!Ym#4i`t(oW69@?dO zW;PwGfF{?hMX#jGHw)_}|B!bjM1=B- znC9PB$St^D>-%i9DN+U*Kt09rZ7%aDaK~^!+@n%R)x-Q0u%(QqorZbFKA~1nM6B9> zF}-C{`l{S}g(W(MUCdO9!ZjQ7jC>fR$MhPo1nTyeIVa*iWfTVGWp2ck8NE~pKxPaG zIvXuj?Ze?{3pZWrLA~{r!At+VWzCA^txFs zo6XTc;qICYld}g@NW_fAWqNMRsWOgG4WbHc$d)UjXtN^Gz>B9n&Rj_dq7N|SYV$jx z=+alj64?lbeo#{2^Y`iG@&a}z!+iU$UB~e9*}1f3r3F7k2JYnstbMKCX&lC}iS^b%u&Fu{wTcUolm*r1yoU5L!TD31=kU zV$+s?k^2~R6*-(vz5l^W`}+Gr%Chq8FX9`j3pRL_w&9!QK6?^!H&B=l4+u7g|2aPNGzaWl&RxKrEYau`_0HjrCfLQqV{CGX+d;Bt(->8|( zz19^jZ$OG=fZX=n22%__c`wWj@}7Oa+13YuT-=o0$%yKLPgz@7FMIOR)vL z9Ov}iHmj5aZiBFkE>N~K^qN>7bwX?KjyXWdH@vY=7`|zsTPw^rx=N{3A;4Lj0St>! zEGxBx&Sh{cc)Ev$@5d%*p=IS?;H(10`YyZ3anP=Uq8s(7N&m}NS)R^fR<=Ev3knVY|5u<# z=B2$^s<`uk@U@_Npl_=J+q`><*=Jkzas$VE0hMG!Eo*~2QmgQsleG@@1>~Ls(3!cj zwaIoz&F}aF#M=c5>4r{snoXuZWdMK;(1Bt3eVTX&%M=NaY+`}H>*9M2%Z$rZ>n zDlVU3%;^_J?i7*l&txGonK?O*6r~RwPZf87xETZ zY+U!APx}Qsn>PS2L(4>E;?2X-i*SBlTu$Ic^YPLPg@{BF6 zS<*-TL&o(Qe#Tz)29e^H35y_{6SoLX;2!qeOr5BdyBOWlujz*5yEu^Z+glgTut40S z*ptf}mI<5_l6<1-@DJ213TanjVmWWH8gLkUuAXHQ?|6AOM_)jv-oZk?HgZ8)xQgeKgG~L3h-2$Q2p#%;%_NgkH~Q&+DZwK!ahgC7JXs-FFA@ za7YW^;ly>$>4g?BOZmnNnR^)>SAXhpa(g!7Fw&=I%9%`3b^KdIxhg>(>b-C)4iP=y z8@UY59NN_0fR@DN(P@R=PWc6Ec?j~H}eTF=k^kTQDodF?-khlXkV>AbSq*u>FP> z&d^47MP7Nodq9`>V<{dp061URAuvach4G@putg*=WQ)gA z@2XDJe7a=0^IHjZBXCC@a%V`vk>bInVYM5pUcAkK(&YX9shZY)pKMcg!ILkH)7EGH zvhT1^=2DB_x3`dZA)HayFR;1M2U10;V3RlK%+1CM<8}GYcnRwnES-Kziv#Lad8`K? zDDk_Cf)Rx*Iw?@MM9f#T3M~I?mGLcbPQ5#xJr3+(0qZ&y&)iE)^I$~;%23~rncWyU zvo_}~U{ltsoQ?8-7C-K#n)w(8tL-30T^_=|*#1O~8gbFiB-28KvqJ78f`9)xgA*Gy z_$M|StDt0JM36Q$1DEnJ4HXQrgi8+@Zq|Tun@?HDS7 z&Mqr+rP~OJRAeW+p9v=&@vOO$JT#Ia&cxI827SgU|G94-rZu8xNy? zKUZ$@m?G_wDVQJexTF2@Zqa_m$BFtI|!_h%x5$GO^4 zYHyvPduj`PyHuz!b@^vqhI%B{6h}DL=ppkB%oMQyBC}%W|1kk6oArX@dkcFw=(2;bFx1H`C=3v%}j@ z_OPKZ|0q&x&Zcu3XwF_JM9w^r2ymt5GNP&sCpRmY8qLER#`4WsK`r=TWe=twf1mdR z_ZZ6@P(ZN8wXsfUQv6GPZKBxv*TQjY_>^&1w`}I%$K>hiBblqhvzE;_SgL#9sR1DC z#YzRTKJbPz)^xCX=A}8OA0@pV{vK6Z73jUkv6(CY}*ut+U0uFh{_#N^md1Y=iVt5$v+c)dYBU1JkhB91e=^%fZW!V6P zLic|{KK01fHBS@A7T}i-_BBG8k9th9XHP#`wmj#thOF3WMKHu8K zQ;~GND?C50ez*4aq@<%W4~B(rO;IZC*0vV5zR6GSA^O6U+%SLtE%F=uc3Tgf|LM8- zZEM2DL(b>yW-ih}uuwjnETDo2OWS;l2-^Sz|LAYfo7;HUU@>6JZMtU5Ov=msHr7zX zH#dcX9RfP6!*J)XH(p`#%9nq%yX zKXrcn`W~kL7iuSc}doL-o^vak1IX%Qne?IvMau!Ey}T_(Zz8JZ9wZDO}lekEj)x;OFjuAo5HEY zW&n?B9}-q%R%8_cj>6ml-CI&(uFx&edNzHV|D61LI^_!pm9d*2Yv}?~_0ZN^(7-Gm z0A*DWf*sMcEv<;mfXCcGPft$@LF`?L{=P}_vljZmKOaFAv|)rcKdSnqtI|v zu5@WNI0kTnFv>Q6d9NAE_$76R1G5t4Rt}Y?9H1%dh5I4C09}C)^}$rnKE43K)+ zj*+r_eN8D1SrzTgs#8>GCZzr1Yw#kWV;VfnlJ}ec5zN2C1lGi@YmNXSO%l0W0czkX z0waS<(G(>!Z)#`c$Z=;Nnn%V)FlaJ`r^x%u_E)&wT(`d)$C<&AxI8=TwNP5qFU^l| zes(JCn72jAtq8H3{)J>>8|9;Q5jOuC$WM%@3Bhmu1bxdhz)~;Y&FNM`5o)htLG7iA z;{;nGFRLcP7@j!x*^K@AKvmgL>BUFDS2b$r%q+Kk2%&o*GT3zQRasJS9*vb{8smZN zMu)LqQj}~5JKts!`3FLW1+zRr%DGhsyS73^7= zk3+!82Y%Y~8o@c79Zk9+e5=5}1y8WyB>V>vYl)_t&ZW3G4knMH1>wr73 zZ?^dtj+>I~jHtuca@(l+o`JZ9xJ<5}k9wTViCa0AMotAtTK9QzVMz_WymMPw($!R~ zC}=Q%m;zCHmU(+ehymBB=dfySDLegtxI*AWQM|MA^IM@Wqrz8FEW%3ZZbbBcpPK(c z!=l8P)-GjnRG57=kvNN7U%4j|3L-IM`Ww{PmHvjnV`WxB6&+74Ds>qI$_>2^&PKyd z87a3E4JiN_Pwj6>vi9pvm@z^EUz!d(-0jkO3`%WC5E5pvuF|{C9Qdid(>) zI059H8(RW_?h5aJF~lZ-4KQHE^A+40GJLU(dGjqG3~1GFpp1>!E!p_=D9I3_y&;fS zUCe-UP(>BWv2mGdsUr|+sabLA^q)j6G%e~x!XS2JR`t>HIy1UY!Dyt+S@TkD@9}mE z_9*(2^ioSI8@v4Jos7wLo49gO>$R5UdN&ME` zVY^0eK*RCShy0x;0=>a$ORTyOFDe-eW977kJ_RiCYF71nYKh$@u@%$@e!1f>&wt6M z7o$v=6%oiQl*)@*daXJPoSK$-^RE>hzX+q_Vr5)Snh)FQ7Be&W*uzn6hjFZ<%&5I- z2;s{~AwJZ?toU;zwX7=w4g6;Hs*Z17 z_(?OrCE>uEVNIL){TH9Fo%#dW0w=KT_r1}8oEb61h`8Jq8+lg6O%_WT+uKx}35~?` zml1N(l!;30U>rCi?=v;8snQIWq+ben2(i?-dSiPQ*`R=sM%P^By)gJ1Rx5O0z(J>w zP|OsS%Q6ofVz`b(M8?S8o8->(3U~6a*IIx7Phxh3eTSGeT>A}b=>mR(+9>D*SVV_k zsMW(RIdykTq$=GXNpn}8&vwziJdOi$s>~@KUHLl_5yVhP=OXWBG05676F_O_=e=zTuRi2Ah39r2 zA{*r|n`1ECVLxOkLYIep1?2Lt2B=}t3+*6)O7cD$^dWZe7(T|-EE3`bWsB}DFTuV! z%@Y7<>N%VT@q7AbNwMb4x@^k&55wM$yx%;&P3i5ZqzIqelp>II`BX_kY%hgM3-WVa z6&ZJ!+>?OGja(A^7n3V!50Jx*OOE5LrYiIazW5?kM4V~|Ltz@70aHz1D2!^ERpwX z&$(=8UE`+w>}hq*&f+D(-3>GtpqM1;dd3O@(PF1FZd1m12wjsr{h(}fhnqe98u7o8 zyoHS6`41~#%%u8oVzJ7`LlTGYCCk6ICnjB>C_?UZVPHk@H=^=QuwjZ{DXek9b3)PE zZwh|OWGx?@2h_I6wVQo*pfYGqJt^%Uf;WzGT7BoG=vsY7no>YOrl4UUFs=YG{MR=Y z5B&d3aIdIZ5IxIcT^@@NW;=QR7HI+)I-Zx|wsGgiaHd9dIw-{#PLT6{RwOAmC$z7#;wp zMfgEJIj#tjRz3(t$s{ zvIArNF#HUR(X;-D6T zWvRyKM)H3kN{&(Rf?)@b%8orkV+2mKPW|b(Tr~TGjJ@PO7Q#yy;wt6Y_Cp}-9r;IF z2(9+RC$ANQOCVDaS4tp$UIt)By{LLA!O^|~WJqND%Lt!X5J<3sU)O$dx*jrxP8k4H zOeGzX2eCB|=rmOzcKa5*`X8{7Aq`E*GW`QKqHIUo&hpp(=yeYOUUG4P6U5PFkntEo z70|wDCD}T!$~frwY;F3R@x`gf24Uf^?Zd<)C0xHKx7DSH=Q|bGbR^1HKetzI?T`7) z(K%$y(u>hZ_BS~MnrpZrj0SA_kE#Im+zmzK-I$>rg92IM15FhSHUFshB9ph^1=Lb1 zaUCB}aSEq^7B<+@{SY!+xbaWDdKH7bYn{M2YAGMh_QFhtEDuTN7^A~&A(lJp@f;OsA@h`E9+x%nVXY5Q?|XF*aA>ZDm%yn4o8z>ZhL3i zfh(WN&O1DRG7VAsw3u)QKEOcC*$Bt0;uA#=9F^_O0&2w_6rXJV)$;0 zR%6%=2^tR7dBv|K%WFbP#^A}K^QMoGX6R37#0_mu^H?1FP*D>9jd zr_(oT;Xf8<^`C*5&vUk2FITsh^|sLY{>EfNAXFnrUPdVg_U=hy2E{WgMgF zby=6Lwquc}LCoD7t&KP|Q<-_#TaYB(n`Ik*^dcdPNs|(!>1zu~!iO3TRg2i6+3HJdw#F)}Z&@!3}Qt8rvaY5$O zT#((s1(}+G&Ck{B-*v#>Yi97tW2}Xpd0*OL?-D|v4~mb93$KhZw^$^#8BLT0ZjJ)E zO&n8Kk*muyFiVcz*p|8`*LG}>LD>IpgABa=FB@d{ZyTgw&Bl^NJh40q>bD`ea9;zF zk1H6+(*6<}qZIP23XxYZfPtpo^@!KKNEilwD|o`vT7NC-%N60J?Pc@YwY)z-;EQb# z$btF~5Ex1YfmC&VcJx0%;QvjX$Gl=OQ3n^~*O2h$1cVdw=-|mAl#wD{Nk7sd;tY?M9o6+`NA3@z1XAJmjKRgxL29(vFtaEllYm z6**F$`MtXVtmE;2E==t~)8!u~B9LJUdWU5jY_$+Y-`cGM>p;_NH%jcut+oPz=-|h| zdf+#v6s7^wCHK8jQ(BNA-N>(BmW zdE_XfSsshb>#N4@i~Y7dGPM1&JnlNPZF$t+pOqRzaW>^Pw~7({l$&ZGY!Q~|8IORs zj-jt`KVYOT0ZHr5U9)D@&{QOr5#=9|%V(m4Fy>q?UUK~pc-FvfW7MWhj?k{#K8MiJ zJ>Nn!v-CPftTiwH1o}oQ@ckm=0v$Yl zp|iw$0G&nbb;*-}!NPuhKaU^{M~N^NQu)9+5IR`77qh)D(9!8*3jO|3)V;}Jk6pJ3 zGhhW4|6lBk|GVsNaURJ1H;VwV^M2T~2$WMx&xd`dvUo=?xc?1|c9*5V6S-ov1Nb)Z zU^0yX+fo-0<1>KMriuSCAa!)4K(Y4oT)eDNwmTspC ztv$KYz}B!}pk>1xnxYW!WqLp=!jQR)cB>SN|y_# zxC$4kro(qs39Cuv`VS&57>6BgOz8j>Q@q|A)2;y|!wkAwhIa{#43q7>|6DxZUdm4$ z2p?Wk+sdD85>N4XTR|<`V7&}nSjOnwDB%zXRGi=IOui7*GSN_F(W1p|eX7?%XQ6mm zRuKN?hN>KRBE%!R)}abMz+c-LQRH{K%iZos0H5g|Ra-RwMl$l^bXtb_@Mp^F__+Gk zck(^wDId%-_pg(uyjVu{T#GVoHht&?&{n2OUmK##aWn5Vi1TrTd9&#kx8;60d$7F_Ty<<$F*m1ehKw zrNpi}pd&za*OcMDmyPjW-mM>nTgvWYGCvxsn%{0$=R6PXV5)JnN;h5;?1Jd?<_rOw z06WV=RQ`;|f)sU*1uo@YI=$(-wd6Y2nE_2dHHnJ$BjpJ)biBJ5FIINawarNBE&a~PNlwq?Wx@pM@648!h-<-T%?Ett_g6-f2CsBM*CP5glh zF|&|fOwcnZ`#^YH5KIqqA&;Uv@alykS4Ydc#SQmh6>p5L`r|1*17a=n@nrvmPFd0E zLRUreye3l#=y|h$?5g-A0S71=C*tRM-AFlmZXBLmyr98Dbxnc`Kiw^55`!pNoveS_ zFPxXiK9rO`4vg89LB4aAjldK(VL1Kn)QZdE@bxvK!p4-I_yLoDmZoU~-)n=jO`l;1 zF^~|JPVHG1p%}!FLIc3Eb4$B09LAllSFf3rd$91!4+1qIAE=@ASsK)M+Klna?>RN{ zC%l9CkJ)&4+xbCGJDCF)D>|y-!9u)YkA;)XwV8~PUt1#E%l8DJ93@42P&;8di+H9W)qC6JMqGw5YM z6y6MM8>5ES$&VAVP{*!CsVPMPfbHna%$0b|RzF^nWZZ8)9GEvb0(18*NI(t;XSXZGO1GxEK*4$hOn)UC(l?-~4} zVfJp1%c!ZCn15lkCW+r7$OPBE4w6q0_QGuDd=QRB#Vh3N&h&c#SU+6=DT!5OPe7+g z7E^qdAI2yRg%%jmRnrU!Bv&6$@mQGUQH&`K5IhUkc9Re4Yr@Ru9QogXv&KrI!}!Zc z?5FO4`+}=9K)CoN(;F0xB3D$`Wod2Hse+Bf3BK* zTq&}MJT3G9OA03NqdTA!?oDGpDY7AfYECe{|6*b z4_^#ZPPNTIvea#u+zXp7P9IIVLF*`>u0SbJSjT zx~X4q*6+tbQPMlvDe9>z2^4T@wHemI>D{Y)v*PE=z}as(X;XcDrc(Kjx#HUk>I$`7 zn5$?;mK$g+z7_hJ{UOEk+-6Hgk`$5N1eC?uWFTT24aD3pRu&ZF?^=PyU|>MiUoSuM z&iH_pxsy+AY`MmgS%Nx&a)uCq>rkka5X;=Jjl0h%NMf6G>}@rp|CF~w{mw2A&rAE_|>G*@n|TcNjy+$#8>`fii5?@+OBP>tG|zBIo5+0iN~4DA4WL=Iolq;H`fFC-&$=Mmk7vuqzs6mlq5 z3ugLPQ>NZ`&z2hrC(C~3ycGVS@5jXqx!le9pVtQLfYA{5h*EyuIi_%#o z)d7TP?5r_TSohT(XkIKoyV`abiv&F03t9e4gY680=g`>VH^tf+HFk&r zf5R)>E5N(_oI7_Il!%Sezu3gO2$=_j7WNbar6PJscvIy@eqlTlU4KLQ-_8oeL|N|r z`(HM)nJ1?&wBT4;`ul+VGU->m)Tg#KT`&wabg|zO?pGjvOWbsQQPq~gOo!C3F2we< zZ!aCN9SX8%@=!)>Ki05IBRRMUM7;Z+niQ3NVtU5{9gVmlqKRNA0(-fXXSbbj+)_2{ z>A-Ch`4~fww?$ubFsbKS+xWLungA{bm%ucT$;FP3$xh^F(bv}uyEolM?5?xi>#ZQ( zHm#lNP*IvoM{`=BQ^x$HTp@`Yd-G4aBDZE#AI1dfvBdQ(0_S$@grLf!_p@)=;W>)d z>C?Ih^U|XxIs=cV6?)22N)@j)OJz6D$Gp@F@r=jtP3CTROAh-Kg@v~V_o&VM`K4Zx; zmSJYT_cPS#e7@h$_4{1c@BDGDuCmO`^E~(czF#W~wK$c1*o8hc_wx%_Xx0ah2ak0z zyf={uFfB9qI2&fQ73nUs8@LnrTG~FIp`T~A?GiT}1DzE7uKf1THktJ+U$%j{^5@T8 zbclSn!tm?}-&A^m0fgQ{z8ZM#)vuElYVL=T4+gUEgSqCh@vAetTa%R)=^Kt`7M5n@ zCSsllj@=5tD!(#(9iWnrueGHJ158Z@4oZF2C)i=k612F+!Dk}M(sJ{!5m2%Yyca_RTHGGyE0kjUe%T!CJH$FEXHaqmlYed(P z-ex=FR5f8B6#0z3X}K)Ibx-Z~4>8=$Q7)MVX+Ki8WUs-cQQ{6v0-96fjNS3h(>Lks zNdLx7obc%Gz22G?blc;Wb!~ut)&*P7tyw-6Vug3AyJlfrbY2S1v}Atf5Q)|FX}QpV z?s}Ex#_v~39}apV{q3dVOV^-|2Nw>~ecVQ?K(@86Lj{)?*dpdi)H3|1zWj|#+B!KL z0LiAo)=Qj-=!f%yv-uD$MJ}NN!Rw+*P2|nU2Xb9&2IIF~Vm#XmU^Vq)HAs4B-g*lZ zn#o>F)Iq*^mm}c~sq#ZRj_Krdd^pJW!k}dUpwi|GKo$Jm!g<6&qhzwI5I$y{mszN6 z#-nwwTUf)=+EPwuV8ha_fg;SktAw)_)Th}8nT+eMkhg^>fF#MIW zH8zAL;QCGP(Hg*|yF|7Jps)qEJ#7pmXnb8pfSJ6fDJiGNn`xTwR6ypM{b*tPLi+q} zKF3n#S*)V3e{>mhqlPQb0?~odRbauJTmY*^<&Bm?(H0ZJGJ+&QHtxQ=3mKOi4$7aR zNLfAcBgxx0E+5TkfNhxTcq{u{5 znTlKM1yDT!99tnu1=t@zOWg@x9CXGMA}H9*8!wC{dE=@P2|#z-*OX+A<+l#8B{w;k zke1%TA4A@pqNyiiXsc$fANi@%INyxI1*xQpUDKCD7E%3izL#|bU>mQB`i6BN)&Q>F z4>H==QbphAb?)FD$)*N6N+S(2vHC(z6PXrW#GPFqyY~0#q0c*;njtO(=8Y zs0wyB&yqVImwqnr7}P4eg=}XaY>fvtU8mHfa*hVRtry6N=@zWrS=FnirWOrRqO+X` zjy1ii59{`29vylfUhm+iS@9F|h|a_z(k2jeJbK3$V7RrNgoe^=5Yn7)81X~YJYkHf zBMmBqRb#Jw4j|%DLy_Z<(pjZDsNar2!-#CWF&1_kYmSCVN>&t?ZF{dby$z94J zh!Sha_w`cAmHR?oqtI-Mrp6m@`8Hh_pTXioT%R{j{Z2AGGd=2m3gnL1#OJ5FsWXse z$`iKMHobN{ow8aJb&0Tp5})CRFi(mj|-m9FDNAEa{^JbA3C^= z=bif(YCy4hRWA=U4w9MyU@8)fEr2?4`2q`hDbIHGk(R|VOx?{e)u z1r!DIQs?ufes)nke~6CzoG&Ln z?=^rs^WlR!^XAZa1XdAURaMoFZnVX)Ng^4i)&L%a$uPo4PJXFJXPla%SBL;f>#OoF z=2mdqZ74!@cX#1HSDw;BVLU?lfDD2&u0!=>!lU{f3{P?B`o#!Ch zdg|831(*D{sYvk~{7DpGqx(SvdKrWVYL_|YO}q~YtALQd;lItKZDkCa?^B6I= zcCcx=R!nx~>J3zQM}fdo!k57pq?+NWkQQ7i@py4qgSLtJfWid{3i)yN9+|I$p9fy7>Rt>bVCm zS|87g`?b|W#&ORXu>Q_yB}nwV;nen5`La1RP7_WAJt@9easa45jn|7RQpdrI*8?as z;t#VxdSG|6Kg2G-KEUM_4A8|6usjm)ya6DfqVajrUal!f#u!8eZb;s@6Qe zd}K!%N$p@l1>m)vw`BC_GyyYICP>&!FB$C0Sy<>XxEWMX@VrbT9{xB7W6?DO^kyO# z@g&5;M{3c;{0kd(jpyY?zMeM$v}7v@k#RbxUB6(ZJ2nt z2vQoEX{jR7Up|53uMl9J+pRVIIIjLS7o3IWf(6s#mM^4Gq?6WloyWkEC@mk^tn2(D zt^%qa8Z%0jWXaZuMViuFqnKo>XXBqCa&IeISwo^nuE)8fHr)Vl^S35J!t-qB zp{hIuaCgUVJauKZy?-?HD4EH?r?cZC#@kZ;htReW*DAh537*RDaKXTb^09BB3Srq( z{GYmG?;bdIym+W*)|TE)HN(Gk>ycUxN(2Yh(PZ7wW89A9zvJQ*v$+%`y``!SQAP`9 zyZey<`}Y#GJ<@8J%Ck@YugHQpA~>-;6I}a*I&2eMT5Dpl@oJmis5ldNzFDZ2E5%i> zr58d@@NSW6=%xo_qrdmczkEEsODBp#QsG**X=7k0_D3W#gK$ngWK$x2u;M)({ogZxn5rcsXM)8UqWmdn92m-w85nQBz4;wQ=Bt1xH!BX0p zZ)=t;8-uk_Ej}QVV(UGCu;sB2I_(g`=@$I!XH6v=T6z8S{ zGzY~`xz&$Txa)ywq?kuvTho%$zW})K&%{eLdDNK>w<#9r+&MouZ+w-w^U{VPhceD| zfAc@;^yl}XAaEl$3E6v`ldb!z@4JrAvmnZ7xzhsqSwn4Z3H0B^gFPTH1RK(GSFi{5 zhFVT>fR#Um{hBADW3u-I4FiIYkS%r8*Dx9=Gsqb8lWJ?{L-UeQd!t!N&iNP5W}k0}P>V)a*bIv`>; zKW-(MzToQLo?ld2R3(ySckc)LJ(zgjqtY@5Q_*j*g=OWBL(6Nk%gdX?-E=o!=v-lu z3~yPPT0=ovS`}6!6^tP6&t^Cg$1YBxa)MK2ATgf(L5chuK%WOvZsfd=vMDu2iTW>C znIeF}8hAD%L?#1tkw#l?#F|Lo1!==o!Cz@N5;+>y(~6rvry75tSD)*K5qx{@LM)0U zew_2$saJs$j(q(!!R-t%iL|ONUbM4?=?~m5=YiZN!{XTf;Ig4VdxlB{YBsi<`JVzT z=s4NpbpWuq=R#wxcv;NcuR*>^rl@;|v?H1&Yd#~S7-wZuc|Cp2I5c+8QRB*YIqIpP z1OnHsux4DR$$?6gDM(c`i?-ApQD`QEHC|-fqX#20K1g0ibN3tWHxhin(a058zd$@# z;x)iy8L?-7Tzv`j98Oz&{egSswqsW6_%$Ung1Me*H0T@3`8*7$=Sbzlmc`)m&gAT{ z6N&MsvFP_7S*JdOHENw2utuzPs6F1y+uQn|C(({8mqG`CXBNkj9`?wMn9uSSUK0#z zx8^R^geH~pD0ZtXepBT5+LK|;x-auG$F(B+8bMU2VO<6o##H5N%{dhLKIv~cN6tc$ z--kB0!8L_YeSyE`5({=S>L+i{DO-^FHdf7aZF5^Q=aX(!ZEeNeDF==`;AkBgj380| z8Bu8Qq#ROy-cAVNkQH(ERR5g}{%H%*NTxbP+}IonSV;e!WZj%dSpF3;^Z(<^eViQw zJG1mVK*m}IxWd}t8Hfapun>3vF7#LTw9?UK2SCX_#_LodddoLo;dZB3&W3`mYK)}{ ze5CG^y}JRwdWKqsU#nW_`YiU6o(F=pbwHuc^-#EUJh-m9kc^7FJ<3AZe02h5sp!dF zOSj|!U;}R^w<<6+Ai9OJ1KMgg@P%%SwCxiIkgW%T%pk-0xxDwl9wJl>u4_YTdCt37 zc%0m&%HxUh&f(nMiC|vT1EG6QckVx<5h8uR*>E(|+KgB(v)CA5dW|NA|9t|QSKQU5MqjZnW3=)9dM;@^ay3=pZs@TVK0_vsM>ED?gIwC6=5a)f2Nbu zgh;kDa3sH_Sq#E_aBZd-uRi`f&aK&m?^gbh+)j4o5m>?G+}?U`B3NYuzhRqp)?1w= zZ(j>Nf!+Gaka#kSL#I2VJxoFkrRIjgK@x(CyE!InSH4HM0>ERY1`(@B@h^yrAYJ(j zKK?*9N@DLK2h;EMhUz3TN2M&xYs{CRQYpDRnpB1|i_|?JM zpaIHIl9iVl1zk9E@Pz=@;B!W87OWi8U}%xGy}78Xx@)gd!KlfY4Ca;5AZ2*GAl9iy z3Mcat(n(O#Y-&Djjx@9c(o5Xwx#dvUYf6r9IwdBH7CR9ZA^Upc_Tv4|$9mvO^&_S# z&N1U#c38cRNKURs7MtJqW%7Q5x>TSgsS50ym4dbF)25_MUuL!O?loumh(CY1YjXLy zX7(ocIH^z+795~)g^%~s3t)}LDHKP`9~UQ=H7Q65#hSqffsezq4{Qy_GbaURqEFd?F|9F-nfl%YoHBMBSsLwLc6;_(lTEOn%B**1>PEUP+7t|# z6(Eox0{>ECBe@tqV~%z5?CDhE;Wm(#EB9#5gkO-7sDx&m8k3+YlJe+fFv~=iw);?p zgVexT>h_eqTMuHmukz>EB!xTj+A*i7l6SZHmLpEd&Q^A_W9v2Pv`jS*9oBXgg+Y+4`Smrkz<#w@5!_qJ%9GIUE=>yYzv@nEdt`#fW-DYhQb_>V3<_D z32mEk*lBO^{dK1e;!Jzrbon zL0%#--4jD^G}7i4NSyXE8d)Lb9F#z=??+HA5_x%E2iAKnOjJi}4gIj@@zL@>K%ilD z*G2yw0&?~~=r-?D%GW;ajWw_I zxKzMNFR+O&Z=#}Yt6FgQ9`^2WAY+t;DJqsa*0J?UsrJd!AX@UL(s9R^ca;d2v@Vp! z)s3M@eFK0=#HpI@vewj7S?;vjFUe8}P$=RmMik=S7GH zTBLp_+&r}kDPB~pzEDq0?_2^gn7+Mt%OZ9KJ7T5&xQfc5V$|LhjCren9I{q@9Xvtv z+}IG)lD7m#+*k#E7Q6g!pFl`1@%lc}@E3Rn9txTXNn_Ju=GTx~dU@CoU*O1sI|7tF zGn{{Ru^HId*-E$~f}SW|Wz}qLi>%;2lF5-a01=_hPq#&5w00m6mWfY-Z`GMyv|bnAcn`iP^+rf#35r` zX5#M}QU=-pj)%9&gL1fr4^}XqGTLLpxxNU+jSm$0FA&I|6DiT2{?0&}D(Y3Y3g|+VdH|G-@R}`-YKJ+; z5!i!m2I48AKiB!>GdJFIoDKq3+&6^8T7V(wg6a9m5anq>n#~&}^YZQa_PMRK7B&Ug z+x?|2U_Z?a|`3Zx41i- zYf6&k#r8kK)xgf5z-^Gr@n|t&C=s?Xxdlo;%A4gCvvy>FZ;faq?YNz-`qi{cQUW34 z6FIifs7^l-+-o>Y3Po~dt+gByBq%`cQ1wYZ^DVv|)xLjgjJjabBJm!z8RW(a5V`OP zxnrOFpqo<_tG@TRC38fD)-1T^jfgZ@c+77A*l{{N7J6n+4EHqQL zF~x27pvv6_#UL4wQE3{WjGP^tF5D8i4Yn-%>xLTcF_6-MiTjc*{D}#aCS7yKADS=p z!oFuLQ`fmr`V^ZgNaA}6Aj zO*wmZ|Cax-;?5UY7D{t-DD(2FKytsmJtCbv29~6Cuw;Zc4$kHy}fsN_@*q#U!X@g z^>l90k@bNIzB6x8j9_S}Q>4mUz1FU)cS^Hk6^L{RQncm%3RE=e{Ej6d_VA%Do1xV@ zBka5#=vm7IL1PMX_SGvFMLVELebqS0L|P~AD3iESY&Kk7{T?AFLT*uY63j%vbU#*u zrQ+BE+auEZpJSpKzLN=H$?r`nR6nvW#L&$j!fNyLdNFaipQxHc>7KfFNfVz_q-HB$ z2jt~k~;#GAjdnDhIS-m=%U5%FW=g2DMP0+6Y003Nk;Rl+JwdI**3L?A8s5>@h!y~f_QvScdEmuiz0$-R(&=#^X z){mgntx$d;FZ zB`BWhVwclLWv0bqKF8S}9ET5j8}z_0v3l9<|50_agJZkg}6;iQ> zc*F+~Vm!PqA7}`A1rObc*@Fsds5lfMa?Mw(r4Vi ze`7*w=wMU-zFWW=syGoIlAQaSOahD>u#~SgtlbPvpIqug^=+d_S>d;Fq3}70u zgKH(Fh+(!apTXDDU~G?HqfZ86v*(JKOkcB+A-8UHpL?$`1f!ZsU1%W zbg&%k3u?4C#~A5P5zK(**!YUr8Nd?T0obb;SN2FL{-~TgU$JjN1iOtKQmhNn@)IjFbPGH5ybOuMqY~Wk!V@~h-MR+BHf7EAjxYI(6;>t!# z2;GDO<^W@pj+grK1~PnpHAommD5_t~R;$NkyUhP54|fLSX9FHii|lLmhuoT+XEB|q z2Af;v1hZOAc`&65SFrgQKWt_n2HA<;WrEhbU_671?16W;>PVjKp zZD3vwMWU`i1W;^YP{a{L`N_-BpU1jK;P93nD9};PU*6MSVVl!va*f za60JB&8>_8?7yL2=o0Jd~xbC{cT877sXccRvwcH81a7-5n;Mao;Swoag1>ib$6O=Ie z+z9jm2T$fz0rIAS{UA+6vFmYZoDwPY1-e%!u5rXpeL~sNnnsDk&YU|n@G#Hb-9dBH z>u?XZVKAt2>LmP6L5r!zS+~AHDG+DlOmPDtu(l!OrKT zzlFycq$kYW5pq~H6PpF85;HXt8jGMa=&#w}a-bt?%;}LQDaI@&hm8W#=k_5~#^u-+ za3CKx34kuox^H6O@hrTDnh{hRI5E+YiDs1x8ml*Jy`6dr>r0!>gbG!Qg5Y_zOakS9H|4QKjY3Y9tc#enUGjpbAe+vdwYQGm( z2Wjcz?E@qek6+eex<~r}jFbTa%#`{;FP_ixjNS6SV5^+kUlUg?0Ft1L5XG+u8d~JF z`h*wm%;IK3pr7yb?;{s}f2tr?WiW>bumemuu?OdUK85hcUjm9BXTCLT)Mci7F86T-7ve!JBb6f^|;M8&C5) z7{%o$Rq5KrZztj~SbaaP4$vW&?6s(sR@V(%l0OXq0#L|*%S&()&iookI^Z<-y}pB6 zuDU&M4bgQ!4tt0kWu{vC%`uS)jlHA7Op;6p{yOnsZmP?)l zK)!)q%EU=*9JWj?Q)jORLUAWzFC}iDb@{ws;37IqL?KTsaV(wL*5L}MIoXNcCpmA_ z5+d1B!MYMYq?!*jb*;7{zw|+2Hh>2-ZcU=@@QSO5_U)g!+2z9ZUh?9&!>&@G079@< zD|MR@lJhvl`)kzSwON+KqcWy5{>A#G$^VP><7m(W!k!6~73O@8D2B=K@!>^pVLcQ! zyEy8MRkxbqi*LM;I-bdr8aAjV)Hs&O0?w`Umw*izRqORG7_<3h9P$eXr>^HVmNzSuPb@F<6Tic%{ra${kq>=YCk&v&OmE(!$oJ@d^&=Es(@RVPn$rvJmjeY=srhTD}Mv1|IfH;PVV`FGBvEEdgXRdGuP{ znV|Uc&;KbL`f;X*R_2*uKn)s@jiF5ZYaSxA4NogT#TWUEOT>oMz|n0Jk`iBb!bW6x zHb-M+rr~HupDJzX>m374Sjh8lG`*^H*9;evF$0lvcz~cd0v2RbWuI z?sJJ09EwpZRBY@!It_3gSqM0?gWqFBH$(2Q#}7#sIbR>}h>Gy|rvCiFKZ(A9>=Gp% z;>P0UJGl@#$4pD6sCxo4rW{$l+SqyCDr@`3fU^tac7g$?nHiW&kxTXn_2jALRd0vI zN8eP2Vv&1Hu&E4{@E5)i$}oO4QHN% z`=G>hzhbRuUS}nj;m-Zh3lsyxGLRA2+50Z#neVA zvw^A!JVC!S$f9T;m3&^2b-+38TN;~VE1`nT(hcFsdkD7cY-CtA&~gME5)%YCOk7e9 zR8!xjfw-x5#M@>K>6Np`S;n`U{VX&qsQ@FnD43mEcSyV9g4X;LJtyX09vEN?&Y^yb zH?mrN;8vcTKjV7m&}Nph)~1v0Cw73JxEcs~5Y8tDN~DF!FsBQO`8Q7x+MF=#Zw^&Z zuycr0epEr20e=nM+x=o48X*1+sf*_CJU}2<)RSV%IwOv<=RkdQ{{?uhpt{uuczC)U zU#TtF3axG46-5EBAt6&uWbvw$M$lyE;bnW?7eQkQF5mq}%kIz?t>JQTlZ^R-MA8G< zS57^`zt>u9*m;4Y&6vIPmvo2)x%*eB=6|h=`0q2w#+}ddzfyny4?E_7C+_TKfFcVO z54LPT%OUM507Fo&E9=bS6kYu@V1kB zR{S9OCwF z>jGNd1!S=yEBChTfqKz&p&a8`)-)-wvU>ed52`3Ysm(H8Y>Dv$M5Sp%YT?w4553G5 z1JZ@tA#&Pl1%lYoCKdglKO(cE7uyNEm@0k)LH!?uFl}(MkS#uTe`Bh#reJH!peRUT zm{;>!*mV7&ZCU>@{UO<u;uHKk)sOukW!evcd2g|Av3mxmMWl`lPJ#WF( zuYQBPXOrLqzR8J?p+&pn9oNLxE(~W)3xrPe~z*W*Dy1UeOH|lGQeDJz@cf zd54l@vfWP2B!N!LG9dDC1;rwfwMDVUNvCB%e%;!^x+ti4?wtCYAwUI18>S-106gQn zqZHitigKA^52%$GDKSeY)Hk@8&(tb;7 zomL)fYge|SwN&Fgf&U961lhoX{T^-{$|j7loDGcWA-aqR$+O4h*pGrDmBLvY?0XBK z6FYP0u4qH>xnb9S5VAn1sZc0zkA{jOhAPy&JXPHLE?PCs=P9#By2wR(%S`d@GAQ@6 z^jGlH)CgLV63dzdgz+vTW?1MaNbx~M(Ht1@hDq3wV>lIYvu(iPhFL>7EI%?ekA``hvhcwiZ%x8B(4P2xy zwl*eG!}0xnYcMN;{41ZXgj%f5RLx$>4|bxw4HF}v-iEaRV%zt_ zQ1BYYP&vJ6ULviS@SG%MP3xi-mql#5B6ARPOe@d1oXyZ}^ozl>(QO}-Fehbhl^#ah zm+^8^p$5>#b2U5|h2UN@f}O!hdVRYUcnX^hwtQn=UyUKtJC1=M@wzpebYEV=QGtk%l~ z@8-c;KN~%vGk*hlB*C`%*PvGw z3gh>xn)yj&!t_Tc0t(G)VW3VG?$|* z1EsRpt;C%ioZD2|YjxM8GXGW)*h_J66xj1C^K64NAdWv4Mco85g)3A=;jIpgO{|pN z$vT>kL6n?2fn;5GA8^2pvm)6VjgaywK{u3>!+SBA4Gj@pL+*60YSKw8mnHYr%y0L@ z)G~rSgIa4(as}ii?Vm?RLasY=u3Gt#JqPy{5G9p zF;&vNz$j++?p)n42#iqWf3b_hiTA4&S(QUh8_l){oF@Z31grQ4!;Wn@#hgV9z}w%= z0V}+pZe~wkX;f#@iy|C%_#8V_c+F%Iw zdai;fU0}c3a=926pWCc7EBCM_T(%9G#DIH58yFHF0rQ3sDm?TNZkO=@1wtqK`pWZ4 zwS$q2itsq!lmJisFrNAzMbxOT%~uOT7xq28hbFyZZG|D%qXMup$BTr+{d7MHHv*{Y z`-yK*G)Lx>&WT$=!1ZYqv!nzj`7&lVLTX6~+k|0RTW9U(p=Io!@4M{GpGnY0C9}5$!0c3N*G4*%lM-6 zHc52zVzjdQRR>sVtvO-p+zYA6uRgs;do(3E^`O{*U35olKp6-rb^n;jk% zw-E_&7`>mN6#wv|#|_VIPYT{aIrM(IYM39;fZA+IX>QDfGId)MPBwailoRVoloN1n z%*0wZDI_mK0lAAHHtae=1d}6az6DT(9@WtC2i5Oiq7qg0o5cP2E;E7fu8)Pu`-gD8 z(!hiF@!){7xx*SyzF`Ujm*MO=-|f!u$5HU1xP_BTFv_H~bF12+3r)xeCae@lXgd2I zY7jRXzDpg<)mRT@=loi0dP63Yq72k$5Xu%?zlZOomB@2^?sD@jJ^?B6rIZZkNPF<6 z20l+fk8$!d^Jxu8mj>AP<5v5)qNx`0I{b(-S#jA482Z+-Z&4wJvGKI~HAdl~06SU4l`5+i>svuJdir2Aq%NUe!Y=aYt3XG@9f{*Mz<_q{wd z*Ie&f*x2?lHs*`8sxQ-tZuRLw{vzUCEJ{Zt2EKFB*nQJqf^5mp*=|8iYKj*I85ntI zqna7i#azndQt36(KaVWF(hRkYm<$4%c-bANKsQUgTe8H?yqo;lpc~I)#E{tc5)i1k z5E>K@zASh8DNdxLw27JUD-Sl7Jv=&4ce2RG0RW9mJQ!sf@85T0Rm8y+05riK-}maE z%}+0p^03pB4U*G;zFjAouWxqk4D#ol(GB}&LAsywH6AXxmmgn5v{&weV=Kpo|iT0UuligJ2u;& zHYIhf0MS`%oig?QUXciENQau4bt{c_fp4AmbZ1$2*oUIeWF9!@A55!Zy(pe=T1d_S_fo;AE#(swzkfKwBN@ z=P$#ofF|FLt0gJ}k4KG;vO)Wby3FVK93+`=730wA4Nd_w_w*Z4iH%TAT9Y2%T6DG6 z{81fpnB>hVTb~+g_2>IkahyEvCUBH@sy@{Yb)UP*GauOM|u7)QG|<*!vPD!LZEPHFAU|C$&Z z+pIBuy5G3#X@M5Wm!KqB`uVS+nHG_&YtAp$WqN!$ih$_=0p85`5q&^>Kgw^x$^Eok zS6*y406P+_Z|WNgR9SoJjHe4@rLz5~`Ij;*g|et$&9X6xW7+&uOL_F)_`7ao8-LQSIG+@kU2;l1f|@YtlV8YO!p?r5oR(uhVFtguUgzsjw?oKyMq zB42CL(-RmEpA#BuoM!n!;fGq}+(kP{E9!=CMiKGV&Z^O6*->*))rzH1iBwL}g+u<& z_4EJA;JPe?mdXvA%6I*!PT93oh0{8Kqvi}*wfF@UsRe7t5_u-1-xbd->J{BkC>k|c z?Sa7O$Bi?|gK^f@ksh^v+4}fwV9j==<4V1S`k?e2E*6`zVyyazpNNlCNOn-}^d8R? zW+;rnq(!4{mB8T{LkWr;cA@)M_( z5aoN=un#%|%;>&Xu5nH$gCb_7D4wZ`>7MW&NtqZ@qRG)eo2vqs`dmQk%V^1s@cj{e z}bpBDs>KpkAYZ0BOAW!hWk_Zuo zdjQ94?G|_ZEPj0;)#%x(1j_A{o7{kiPbV2w6fa{)TpP+D>uI%NwJJCf6g2C~ zpWam(B@Nd*M}9h*-E>-@R3+nG!lcDqQ`PRQHxv&otH_bW-^<~6>pG`4*b8qHcI9IEKy?A4-K9bNWS@E%mmzJy{-+YK`>j^gwD^+7Q@{Y}tl0c9?3iVg7&# zc5rp3y3S`^W16I$jl2Ts#)>wNTMP!iOiR6@l~5~Ae{oUs-1>27FBEp#Q|$D-p@M7D ze`#nZE-beCJqLK`PzD2SFnxhp9IQWd7;O2Mlpvu@jwIZRD);Kd)dxa!K#AM+8#F1< zLX+Gn0Vf0cZP}Z^bC3Ix%CxjDD;*pijZ=>=>%Z`dJVP zrbRG0`WZXF?(KWW=Hb+^7Ri-w-s6_@QXkIsiYCZi28Bm6RZiB@$=`a1uW2zq?qo)k z4x{Rv&w(TF)ed=xKF|GH>I%2*MG*7AXWeW^KDW5$)><47wTHMC1ek z=L_-mOjAKd?WDSi-DBXOyb?!Ha+n076XH1ObiLei{%0e&j7cf|TFv?c8(1twqr3cF zWk<8wbt~ylQsG{ge@MrdG$+f#Kd}xIc>} zq;1KBD1iie9vnv-Twz4@8FxaCdb@lCQSgfqD5YMW(=_vIDcnhwkt1|kHflnqr_=(fiotr zqmEIB>~sfJ^!wz&A*-AR?22x_o>P@A0yq`YQ~kPY9G(<&c4Mp~of%>joMp3&7i?tf zriyk6BlQ6sSlT(41U|fXnrL`(!FCv3unjy`fgoeevaeJmuU}-ZV!j7s(S*T^2gJTZ z@L3URf|T9K4N5E5_Sk$WL9_oE;_VyzfMy^2a@H|PcGYCKPjyBwp^s@>Bw+71(M^#?~K z50({jmiDs^KgU|ofk+WZx{FWyq!#%JV%oFHl5fSD*Z?5{D1&ueTIhU&GDRoH!CP`` z*0~T}uI&0--cSa2IxSpE=&zU^uRR0C*!?IjmR5vAraIZ{&zsLh0{{v9b9YDvX(X^Miiwg7qOWqlPNCGNui&t}UJw07Wky!gy!=|Q$rtW(N%TRJp!;Bm!7#K6KIT!BY0(P zyA!)VsExQFNlD=Tqk6yg6f0Ou&L?5#^CH|&<5Bc+lpoq;IFEauOhufv%mih?=0tsT zbzeyW^-q&b&g&1Cr4_->x$4R_WznhH|6dM9@DbKlidW4~G5S zGg&j8_9SN+bIxA zj*d}1Tkg`Wr$>qts#{{Zi>mMM7hTbc&)qs|)+j_(^<-}@n1AKBZsvy!@0`nMHCZU# z!vI&Ny98BmRn+`p^wptVV9LyxjiDIK(&*zYDK0N|;~23jzT!@_Zo4hw3|rskD!CoR zMm|ht&IRJfgHFi8!4;lAcxkgXC~T1a#0{MeU-&ZP>NCd7E--n>JHLb0Rr8#$>kliW zh7iq#76k{ncDlo>CUOW}9|Q7-+Q&&+x@GDfJ;d|p2dBPVK$<0&&z(w{M?_jM!>KHx zA-Kgt_gSfKF|hPM7IB68-W$T@&hZ)0s0x_{2S0|V0Ys$~Q5G`<)fRBN2kg>>r}!p4 z#sqrqCz&!5TvBduCfal}o_d`+pDFx`Iy$FVc&IA5*HzFC-T5Hl2xdDxHd(3^HQLtD ztNEhn^y&+1KuxZ-Y(jPY%R;Xin@ z>oyl}cB>vE(=VjYgIe8kwLiHcdYC=NAGsdTb%B7Y+4;p&*r4EQR&`64ltb&-)u}If zzJ{ae-RhD?G5*O?d(klhEe~6zR|n-Pl$OPv7kV$0%JQCFl6hkfCQNAu61j5U^xfyH z+s?Kf|9G?QpbsOdLYCJ?J;!z5y>7)h^0^KMrW%~#iX)q4W>M!lg8W>CPa#Rh37)_m zFY)>c!=*nST{M9*=_=SxnL6GPVAZ=r$r|JCFlrJ5n4%#B(S_zu&cMgks2fcv$(R$I z3Fwb&L&D~Sj8XK#Bj3lPg3ja0s8%^&|9VQs3g@AwkBO7J%aN(`xtt(tO?1po{Uc@n z^NPZSeKE(#*VcB?g8S!C0C|;w6KJur`zfHt?B)q{0#MtDD*JtcZJpK*r0(g_%~4-; za^}SxqNHYlQ-TCcr+ep_X-Ak$0R`~Md__ac$}!gUFw^Sot#?4`h1b#eOR^m<{j6&W zkvn-U-%gYAOV*Dd4w}+w$ct|$ql%iQk4te^nV&DX!Gdv3O{bw<@jXU9*W<8q!tze% z*JsScyQYX$%Own6n(mw0A#h!V#Sno;@n8u&lC@odheK}>KitLW+)VM3XVf8EjD`=7 zXDUp;J8cA*hUw3?O>?2!Y*Kc8v@Q1ah|m5sfA4kmmm5YYUY7G9nXJEt2Wny zrPN7|Fw0_vHw+4DFN{(BypOR)4?^`CMhiV2}KcIjxz z@2hA23<_`{-e;ziO$hMbw!%N+QUh(RjT|Qmy-nactSsTC@q0)S1NKXdE1EZmkF`N9 z^A>(46g}a_6-MU2j2-FvfL{zb%)%0W-rlr_s7JlP^SO&%XL_d?%e!}))>50ucZgbK zk>%!}SzN<5{nIQg|6`iTZJ|$zr=*o2JQ|ix8X}iPk4}0!w?|qw0PDab5LwnCK?b<< zUqfsxA)(<{@6DWs+$X@!;YIuOGs_I4@=qwv2|?8WpY*=@)Am-$>)D%d9A6-d=RDo zc<2hEcD?$o<^h~EmWlXTYv%#xbt(`(6%D=uNy|ak);$mDUrg6 zoNLX_-C)?2VBcn=E==Lu4FYzE zs;SU@9Jkrz619)+N!}X%uv@stIdayU8}p(s*e49_dESRDCq^=PqQ6BzJ~bM*$9#*< zc&4*i3ZGBe9(OaOYc2e9+2{%6vahXRmv_#J&q_m|>Mb}jHYwl(Hq@Hyv9f>UC# zTvp*Z5GdHBR!d^sA5qgLpKr;uPVrQBPYxfHPUQ->M4#U$f%0AFBv*|DW;F*0m$u%Q zg7X{#-!^6eRPbiS=Xw#s&SD@-$)Zec5%to)4_nyZklk}aO9at)6)p;|2*Cac7tnIG z*QtQT7L#h?K92XMj`%cJ$sU`yV>I3ilgW&OEf^A%hk#gNENtl}&`UshDQQ?B!%_Ou z#hS_V+p%D};nycvVrnHou>alqx}k5_lcM&v-XJXf77L585N zaHpE(KvYhbH)7wZWH{Qk#wc^>5|9feohG9owQ^K}%7(c|;%3FZ{<_po9`*J19T8p? zr`?`i=DhcCr?A`C{(MVJyEf;K(@)LZ1%%7OcWQv1dVbHZl^sUCQ{PG?lK*&|JhDRp zXe@;$?r9yBouAB2#g%!9`|2Il%ZX*VNy49vSZa!Ml=eI{bwH;?swjC@5 zLHCU5uuNHc=C|?*+_Vw9msFlp}sm2BkQT-oEGE6 zP5Sim#E0x0SDS}i%p19xasS#{bjCnAAvug6LADItg#^*Xm*7?%@_7sDE1;eZu;nVJ zMSIM+y%1E;ir`MuZ7LVea8=zZLyl%VSAxu~!p!AjvaRtkGHQ1sdj57{(X_IYZI4<< zT-R)8Jt>ODNmYoXJ)j@O2KEPQx8yiqNRo{lyV?crT(MMe=YsHnsD}YO6PtPB1LF}J zQRI={oGH4T_jEbYwE(f}&E_hd2syDBQp2ZQLWL9=@O$u%$;&!RX$Oc}Xxobvi>SF$D2G9`v$0q$i~MttM{VeY-c znoQewZZ#>&ndgBtQYxu3gS*LnWVN^XK!!FE^?2}3xuybq(M z*M8bpQ`O8UGoHt*58nqi5?_LSe`G6lNLM!e=-mNW2MjmN7E+GNx}(=H4t27l*1npD z%?BXc@`~i>C=W6ptZ(4ObTxu5#vG^x`b?bFm<6Y}+qi7y6t zLOzpeygjoPMP1d*zPDoq$FYyhBUW@uF zUN|3B8mNiyxHxD_VrG|b6!tV=J>9qKFfdHdW=%r%!SsvZPJYH?8l)U)Zr6xOTaLdb zC@s;+I@#>^emX63zxpv>l+teY1Rkm*9xU_DmZG0!)bVwI8YA5F^LB0}dijZrp_RSq zYpmzYlQ}W=q8Lyn(oyqI4vCyw51;A2FUo%pohisuY17Ms8nEkTrKfJc7xo{gInR8A)+m=vT4L~fz-DtdaND-S+QLrZV$3waO`B8@%`aA2fxF`k?ZQba~;!B z)Y1#L%s4*9aiQB2?m)j;0eR5?T+VVSJ81e%V;V7@QIepImhc`BqBn8F9Z4KOjgDk`bvI$gg(!v>OdL6Rd zQw=?RdRVHyjb&W3aei3uIOSr+k&UyA)(EZ<;V+zcs9rB&FvnEnfZ1Asj9+*^fupOO$jBESCXD<20Mf}fJZWp47 zy?b6BH>ATvd~Y4ZT%IRxmdo0Ns@$3?2$d%yIyuaZ6M>f&cuiv&h#4*Qu7kD2jmeW~ zo8?`f6x-0on&93J&lCmFmQih|owA?Fn7AB2FDd5tBhioSkyjbkGd`WCcSStIigKN7~z~njj8gBsPidcv@>mvRAqgFWo@Is;Mm7Mcr zC0KUDNv&J?x$zNP`PF6)%!q{Q3Lh4j#*+aXglV2&OU{-HbP*~0>}lQ;5rH>nQo$cI@U07Jfgp@Q1+vaSRlXzkq$f%x$GIgA6Y13azrL02a zBMzfC+dANm9p&z{(=FaORW59#5l4XFE8ecE-}9u|*r0#zujv6>5z`T!x<#?qD~{Xk z$VX+9N$R;Ib&de?S(2>Ei)ylhuILj;6vY5K5sZ?G1bymibx6v4(1AJ*bPAw;eo6qM zD;onCrSnl9T4%0Jfc#`3}UyNm^lfLxf8S71E!om5Q7p9fI#+uU9tPy{*-XM1<#A4vjpuV zP3t%2{(iU66;BIqHFnl?6p_AT(;O>xX*#!{!r3O`?JyXLj`cAL0_H?4tOSv&b4%lv z?O3_Bm5Ri4#(qmW$!H`%-5ExDdOpOv#b?BN!+&!Fbrs)>&)v*-Ef0^D>y)T$UQ!6% zda|=ab^rr*?)=c^Ps8fy_Mwl?pNtJ=zgcW?CE!-yKAws*ywLUhwxGwDYL(&Z^3oJk zDe3vx6udospzWVRdd6fWSpmba08K6n3#WkFUlcX#J*~yhsLqrn*3rM9MG)dfUsjKt zb}%+d zTO=}`=vBVpwQsm3O_JcZ4Q|%aLdyUt(?UyzW4KI6#hoGz!w4Qvp-^})NJ2Pv~ zhA*l-shWm>1`N1n!w;DY?0MlQ8n6Fl6(eV9$$Nbltz2mI4B1V{Xw3w46&CAn5_l=3 zi#udqu)LX8g00uUhYzqH=Vx@DER|@nT8n%*2wfT%g!io`ZmEiU$O#Q*7)y?(L{7FZ z-$YzdX#pki?k*w4fg=jP$4hnxq^+qyn{XaY~={G^;?*|(%@Th|97}x`)c@BoZ zS85$$iKtHT>(7>f<8#jb9$QhJH{0{cTR0I(cHL*#u4yarUwUh5dCPyIOy-)nQq#m_ z+*YLyfAPNPB<47Y%p++Qih!G>0r#WyzBMm3Ix4h#Pr3%1jHeCS(#8yq=2Qb zsVnbGj&tTzE={{122l2H;T9@>v#$&p%)o06p^nM4Rr5>^=ilzcwPiy!{i?KymQ8z) z8yn^Ur74LnFe3Yrdk@N|FT5%xGZo1ZrCx2-av4;xJwC*gYSRXltuISax06 z0Avq1;`U*Uq_m*26KM0FPrkP4W4%0)XHTpSnoX}_sBcuuCanFnXwElxd1-u8g$i6- zjRE2xt^T!ExT$6bU~z%YvYPblx(|pV^HT5lDB-xdu%-o^i`oc|6-o8hYrq{Gzm6{l zT~Z~MtjJ%elxP#)EWQ&ZxCS$JklUYAV!ZDrFnc+(xxcVUhSQd>JuZm z9Fz7uIF8$^C%kg=)@^BJ*=X4ZOP>sQyZQDw>r2xQ=?!vjcWQXoQrQtr%BtN3k{RhE zfY-|}Jok2?{0UnKl_n(2wKz>&F!~Y zZ&|}~OJ^a>2ZHO0%4=u{GjK$#P;e>!!ghBUxM1jm9G1&#H}!Qyh4~Cn!a1SGiWm1$ znmkpoo>1vvk*>M1MskrWvp1iNVk5IJc(Tc}>x1hXoxO3JU?_JFmi}=Kgb^zuX#ML+ zlOXF?E>ODzXoUxf(K=z^EqxH-7>Ff5(WkJM()VCu_mYq4Fo32|k?+$Uw>?Ue!XEq&8 zUnep{c_y&&eXB`A>idT|8-Ee@`!@7$r2$oQOVNzzZQ(1(4hyBJ@WcX4#(42|1<*CUOE_o6Z=FKbm&$RA(~J6``?QtjrIINbysHS3hFey#e=c9Yc& zV7TkHW-YK;MElJg_A=7XRn)g=$2rJK!0jdQKBnEx4SZN4`b{5Hak*B6*;DMToN2Ip z`^q06@c%1Pw%5UY7Cf3p+(Z*!Z1*8IO}uIaVK0AMf4R6e&-1^C(XzYpuO7KV_aE~= zxX>5BP43-Oocv(mB}@(CNS`tP^HW)nHvp^m^IYMW4;ID2A89LrHwp_i!SHrvsf;^> z=qXRVl}~*@^4MSva=eA!WWxy}uuMz?F?wtOurriKHw~UBOBM8&&0eal&gTKB4#dJQ%-)rdJmvS(; z|AnbDi2m!X_WiYnc4SEb7No(JzW3NlP8|rxT2HzuDF&F3UbmM)33?iAZ+npJ1-1sq zH_rST^>a9<`N6UZV6giFqsDrl1GMkF>u{#jT3oM09)H$&2)3B_Pd3h0C9#^?oPnrz(I%c;4L1aQbu34u z>oweWFrTI1md4>>{!=#gwIA|E*-@X2gJ8>>WupM31wBtUGehb60EJ+)YX5Wd8bqG! zl9yKT7ey%fTFsnz6sfO#^B&c3SXHnZ^X&GKeAsPPU#bGVzdYoJ~?EKf6jn!rv%(RHLV za!51I8!Kh%v+Q0MjY$LhQc24D(oI|%J073vaSO??Y6<2vrUCe1{8`_mpihHc@qR3L;|B>+ zZ71d!oD=+_DL@_2iE+^x|0pHLw+TzR;2F)O-~Nq-BB*s6yq1_@Elspjo?Den7up8= zioB5DF!R%dDlSP>U0*8c*_Am40_omj+V2CuoEp^YjHNIhP-7$Z3dw*hG`_fX#(h9x zndh>3|Dt@t(waZRfwzUvgQJR>U)~9mYv+V81TKtefQ{3LgX(cqWNLeaI>!|#E*PqL zjgt;gBqf~Ue}Wm3;ywKB&17C(=^zI~Y?8?jsvpJr_xpYhhpsdlD$_TyA>@DZFfF?3v;Sf*9?NH5_$p_&!lry;#i>}!c z5_0UVF7|9MXhwhTW+&B^8B3o|6_>ck_p+>0oL)cXezHeX-cY%pAQiRct>069qfVXu zF%Rw;e%Z5SiR1lJtZZo63!k$11nTgdh-2X0Rqq$g30Z~SPw$h-?!j%|;{OGkZ8(OdMNb^&In$cG_KzB9c~zTV`%=qkHq z*)%|k;JM9liq-b-7Q~FceJn1D%9+pYR&XB%W$EmZUWur-4q8jQJaM+Skhqaad{hS0 zOM#Q0rJn0j0B0FEK?S|$+NW4>#4$UWeqN;?0C+eT2Ta52QO+LrDC3Z=#g@gAiJ>~< z`6bsTHI;?l-XNH%M=lFYHX9*Btop}(^@!X@EoNI z+Vzwzs@#&6UGn^GLAB5ayL$?`hGd!t{L(a7CO{g zy5y~Mu*mOT9=F-ao8?W@=QW0XT3|8gtvN#P?jsqMa$)O4_m2Z--yC@zG_R6|nultj z+jeRd(wadHqTEZ~BXOR3Q(MTLYgXjY$NQAd7kpH^R^=_cUW( zBpJ~~4O>#6!hyX%TWx_7$ADbAWR*t`1UL!xAzn6Mk1{; zLP{dbv5|kOsceAG+&A-_gO^AO??mSdvBR=WX99wNQr6y0{Hy*>Cg#dzwScB4i$6f* z%-U-1Rd=Jr!iip8bh22ZFF$cVY5SXNAU_iSO1xQ#P} z-0%x?pZ#<#v5%(w+51XGFwA|Cy{NSvZTNZjk?qG;GTKQ4)jt6oWYP2y%FxOz0N4<&5a+n;DdBA@;lz}z??Ake8w16KG{-S1 zN9nB6XBm&8Q7l8_{Noh)U)tA?RO_C`W?kOep2EU@9UWI>|5TWyH%H+)lB4iofh{; zIpQrvWC>L4>ntbCR@QoHh#uBGLAE%Y9*&rB?mLNOfA_y~H)lgWC#S_JeX~W4)^)|G zgk~!(C6H3%=m%{%YyJ}{4UTgu!(!MZ$AcXX@MKwcdgrH3$=MHCuoKp0aU193TW570j&iS}V%XzcpiW3%(85X;@=p$22D6g)5gZmHaKspew0=_SkSF@5#+X`fJB2+UfB_IwLy6}SrDGW?Xe#_Z=blC;Al|5}l zY`wpw4zJ8JxYGM@>0l!YM@J6L@2Q%MVN+ zad>hEhrDu`vMuR$r6QmNCnT(O=`P(Oz)aNBev^=xcDLOFa|&^&GN8=yMo1HIIIX>1 z$_p$=BZ|ssseWf@4YpT4(3`q1Q|n6MNp}S6o}AHG5jf4;?rA-8YjHWvp9v)Xt@31N za=g}S2PnN1LO(U9rYM$@gFjWy|6LXNbl3pt#Ka*b2*O!q(Xfitr9CpOtx4?js?Eb};;V=edUTM>;v^ zwHGZgszdNYfF}*W#(gf#o~l>B_4Ff}w@c`@(lB|v$drcA;+ku~HlZyUVTKT4z7TOQ z+mCB3vs>wX({`INFqIa`uD;Lhif`ORT%aRsZ$rsGe@&hds>RoLR{w0xl)RjCwp{Lk zthe-twY!?2`<=v#o{f{ka;QWcQSNc)>412FEkvdDfM%!GymTE=h!~vNm~5T28Zy$J zv!`)q?Myw`cGTrf!zD?6EKtz5I*~zW`>OSqv3a|Qv{=y9 zEaEAM*t&G?8ix@?d%84wFklJ@%c-@B0r}42gH~%bKhwLY+jG=r-Oq&RggJ4ij6y$8 ztxbEL5bVNGL%`$v%r{oAI!ZlQArZ#Sm{8a|xw6^N>*NUgJJomc%v9*gpN(N1-l5AU z)1>yM;0`>U?1074{g=z>4NPgX?0VFFJ;H`F19ojKCXX#nu@S(s`<{0F^vjPfED3QaQfC+) z&032zUp3%U5t3Xc3Q8?3amwXW=TrxJ7o^{mc-qSIyv6KC?C+*&nZLKLe^;O`ofF`a z4Pj}ObLEwKLEjD|(`neHjGO2N$dw$wn)%mQu?|(^S;Z9V8Wyf6P{OD4v|gOR3)%`> z3AQsixcMP$dB3?G$mce-Pcaz_bmrCeJ52A>ae(-CJ7LUy-xM}X7bQ92E@7i1wl}(f zZdM*7JIrx006SZ*qwWf|t;3-$(`%w%KY>d7nwHh<(BYJ=ePI|ALt9qS=lx4)=!=`t z6t7mIc#9U;kEpLmxQlopbOm}0$Jt}@p^N-!FlsfQ*ZQtXsiN#@TQGkxmIfnZ(VJ7i z`6BYQ#Py2U)Hq_vRyUYI75B;xUyH4Vbb`-AD}$q^*Gf#2=1xXx>!A6 z2BV)!seuhcV;-30O2%Wqy~HI}TUqFzVg6CTpIG;{z|z2w*uRC&dOTj&>TOmL*h*dq9l!m)+A^RWUY*Z5?&Kf7r8-}uYV>zQO1g=C|GS$AeJ0jx?%IW}?U7Qi5q#FDS54>fB~h{S zgCRSQGy1Wb-Z4($K~slUg%;H7Rc~qNqxQ!U5f{VPyysGif~N~jd36HI7%yQlY&vn< z{hWzkW+C#&8V5ZJ1B>~C$5Wm$$_i4+8&ro5&8<~^m!nK{B0?} zh=|K3Z{|In$n)%XpuvhUb`yN_=Exm>brk$Lk1wjiR`pG#?%2k<&MqA4h+1CF_NC0$ z%VKEI2vTrjy0$2RCHf}90yA$JIuc)&({4rM>mFJy)2_@ODm&FX=}kH1qE3Ddu@ch8 za@~jcx>twV!e0s9zMbTcOes_?3X5LV@H>otSIHJT@Ae1A%M;rm#mh2*NK@m_Aak<$<8D1eTkvP{%mC=%ZJ6MI=X9>UUlMZ%N@K;5lUp0-KRC)W0P5^~7ZFPi`K3k#m=6iF+ts_s%f zB-EZs5%OB@#=6-%v;HVX#P?BcVlL9-bY*i3q3+bP9@&z2Ua6ZB!lJU(Gr)O7gltD5 z$J5e{a|KU#dy{qdVVI>@u2|Pq`#%EK&RKyfPJoPy2c>LC6Gl)M)|l}~QFfPgnD}_g zwnt$TGn2^Hf!zRn@&_lUf0W5(NL?*o>QlA2Q~H-PXM)V`s>5{$df_!~NpmP0>6;zE zZ=X-?I;q%hQCajQv`U06o?Xr>G>x4ws0(C(Wb50gWI~hRA3idNmxvI8-ypYa$@bbc zx%rvhKS1c<)V3NU$F^9{2g3dci~ISs<2+`~YJ9zSX&`RHvP147YK%E$Ln$V0*S&cB z%#Z$wt+aFoY>-NyZc+`G1RR!@1fp0+gw@vd`BTN2X@*jn$|Bt;QfxxvjkU`BB5T_F({azi;hP&D+-X?kAN+z+w8q^>$)t|rQ}BO)lF6$%Egxm=;XOJ}wf z;SzVg`|IW%xk}>Z-yh7JBgoBlm4C%NO(NAu0X4z^zVpT2;ZW4rWFdtdPhI%Q(ZV`F zdn1kvpn70NxWorq_b|MI)3}gwuOrsSi>tKrQtBBW?G*3yOL?dAW=jl)oXt_zF7doU zw|xH{!0*01T#bU+g`o`W3s>0mC4`d+*K*S1YQ1v2 zBm$Y2TZrF9fmlqQy;;NleiqK6*D?>=`&O~S+0`+V+xGmJ!U>GXa#=43%C-|3M7q{Q z>-s0AK+r4%Woo}(lt)RZhU;qYc3WXc&gxQ$jyz|M!dDALshalede!rA;C1}x-hu7+u{c;S=6S}z!B>h#u!pw+z-IQHVaONSnJhoU!n(l4dY?o5 ze6A-nMC{we4G@g5 zwBK#G-0tO)i@0f>{TMB>&AuP0%!=Z{~Tr?>FW&qHf75gb`(2-ryeHfxM;S;hm74CB7@0{up}#;%J;Z{Ef{@O8%=eCT_rxXH2)Chw*>pj@|mo<=rWHggj{ve{T3 zd8IwAd2p^yiaXX_{Hv?SiJ&rXO|?UP4ZY_}79HWt0*eioZ0JKB`sabaS)nkoBBj{2 zRxk`GG#x=%I~nb~fNB3&ulD{;0wP(kyZTOUX_jYtvZL)qkyqrYfwY29vZh5g>YCtk z)xdyXZ{h%|u43YEFn^*vJAwIHtY@`yK1GpzC}T|El+D_0eZIZ!YNlh!Vz#^^IdEJq z9&UCV6b9B6D~z|V!%?aUg$=f>D)l0bpK@il#uOb%S2(eshUj9iOW2nqCQwS%*32iX z{2j&#gVYwKRmVKR(B zZD-e(Ue8Yj=Sw#lJmPHQ;^7IEf=MMv1h0)^Y5-m^A3^2ieuo;yql_9=-C z)Y22Vu0@~AnAO3528whI@rDNH7&2mvx$gVU1B`<|%?=F{Wo>v9RslLGqBJt+XKTVi zsiQBuF1! zymbT?5NglU6I#>KXW+SOXV?h%`YsA`BMte;buXISvAY{n+6kp=*`GE@jc{aj6eRJNl~P4Io-q)`CmB&2dt z%SNs4K&ud}s;8yEN&ty*I(CvWi@a(AwIy7Ts&~p(68hP{n&I!5^3}F}67UUV+C=4* z$&Q1MIuGR!`(->p#;yi&x=ZmPpt}^SbsBWNa!;0hPTDQ5n%=$79B@T^Pi8CHe#`Ta z{@7$d?}jx<+6%I&=VxXD3Z?6vcRq+VQR8+`&CurHOJQ zwrEd!jOa!casJ>Alc@W_(DO8y0DaeURY`XQzt0!NX-&63D}^9+_M-2)j=t*EG-4_v zAm;{(_H$Y4clCE~-w^o5+F63q<*dZ(-(FW;9i&9>m^`{mrk%cuZgIo|Clrj7d-VIY z7Yul`<%za=inMlooMsN2Jx6gYKl&hWYLUPUt9ma=ra%2;{OQLoMUPn?{v+J=u*fS` zQGcAf2|Jb#Z9O*CJS1^_efP0_(7&D^XpMNcyV=~2_ao2AlX3$JyOrAZ{_5mAw#)s{ zo2%QAX;%}%54}8oDf**IBP*!>^<+`$e4jmQDoc~avY8;%)uHHJWfjG*18I_6bGo3v z+OJ?d+= zm3c}4M07!HzncJqJ1nsGQA?aMHF!A|dFfGsn1SY@hYiNj|Mj@!Vt)Pljd22Rdm`+A z`}w~}aI7GB@87R5{J#j!ZmWM2UPgX@F3w-lwr$PQ2vYK2`l+uB2*}C-OFvyM{qxVc zI!GjvAVY9JNW`N_FK{}9AP3CPM1AqPVqwEqQ2KogO6UlHo$v=O%D6rM)7b5{bLAcf zIKc3F-?VZxk&#@%JTd-pXUGBH+Mz9Tjykz0UJ&54j2zyhKtF8124OB zw5S+h+yZD(^s$67;04-At^v^siUaQoK!`yTnDKfN)Ld)F2A_oJ3GY*6H`#HNdz{xa z|ABokrKd697C;{DD4>Rpf`(y%f7VIB8wmRTRCqL1)^?BY!vRS(IF`2CN#x{Xg9 zKIZt=rwAzTvKFXdh2-QMWom}haU!S${&EB%>zvjiN8%s2~j%(f~Hn0x-Y`0HPA*e8WvQ2zLM&(z^4 zmJrrZJqX&;2bAG$N7*nPCJ2tH2g!HqgO4(-;5VD&MCgVelQW`Ay$H>+xC55XH^_ki z=IRAN2%tv&D+v?4|UNh}yyyWME^ zOe<`)8ie2>Z{Jo``aP-@b*-(f`>iiM`Sq=|vf=+bxY0q)wY%$l0Hl^`Lk=l=8}=Q&n6wLArubRu@oFLdz#a1zxl#oYBqK-H2eEgUFs%jT=LpQ z0m6e(LW;Rxeswa&V)6&j1+aqnwl2bJK+XDHmkE>vzUqeiFnE^xI%u?u#fFH(zqqT% zR+f9k$|qekTEdvU`4T~IYZ|CkidCq+f|PaC7~??wFMUnP?s(qCQ&d&1IlY$SY6ny6)PC~`@8r6C`KV0S(XoTOg2-aP zkzK=>K@YVjgn}TZQ6P>9A-cd)^vzB~uXH2@uk_sfd{~xmHzy-@O?v1QM;jtwAnj6^ zcwXp|Iojh94^!Wj*r&RjSd!P1FMM2mMA@9;hpZ-#_CL=nN%5L%&bcvVuKei$eN#lzmZ#g1a2m-p#mi{53#RGRQi|SEMlcr{6}*j1)6a zJN6*Xg>dUpxW_^7Jl&f^#HCtYdvDM4O7Q5wM@57*5z)x=LM-6t-=&p*uAH~1x;<}B z0sYynCpd$^Fz0EI$;KI;TR;Kv5KPZ2SDO8SL7yJ$9)L4~%>VxCxVRqLa(+SZ(sOUY zZ}uSPYGI)Rq_+p7RjH_b6}B4~=?PF3TE!@|&3%6rduUI-pp(@crBDu-X|6PFEg4c# zoln&HHSDx_z8m%^cnrOHKj>^tLG(fZC&1mt;QKW@`nK-@T>4#uYu`m>5NfB^R`2q9 zQQPl?RLDK@cc3zLUA&AtsI|QqA3{t$CmJ@$T-=~DI6@igP7cT2jOuwe%pO_r>vF$X z#ksK6H$W@VCh2z>sSzl?H_6ic`R~dVFnR(nEj>NV-jHc<>0_8) zDR3HIUXZ-h0QxLq!NR02hlVGQhEG?x1)k*jTX5y?hqcK;Cd+2{+Enr9Zo%lR=Vl2G zS6V+J_DfC|dII3A7a@>Ab8$Iy*-mHs{K!QhyKXplsba$1e$~g)>hplK7r=pij(*h) zOkIm{(V@GK4f&orKwMrNKfUv5wJ-Z35PBgzK&lkC*`|h|CCkTX0DY3ntpG&VF=3uJ zj)5~5#QHS>DgVzSu>Q)hMX(U(pXuaH5j;QO%lDVGOF7qDg>iFG^v%NqYb+y)SnTAlKn zHaTbD->+%m4|lHaY|1$Q|1K=8W9%UG$iFD_C*YYsT_LwWaq#4S|CToKPnYh~)GLSo z{fTX>U1Q)C|CMPo<-ipeWsv0I@-Ps1Zy(7w{EAr6dh#pR7C3holmYy3c@70Zj{*T& zFtP@S%*HDw{^W3!fj7?wEQoQ>xVUKg#6RVUTh%AELK{v31aN&Qt4=L+s}>l0W9y$R z-cuCX`Rv*ZAkLZqQq=K_##zS>NLJ<@AGavJ{RnKo;vE>?d_!L|mAe4k9tTf7&IS7n z!hk8jC(K%i0D*K?l?0Dr^ECdN-*+L!?TKUx5S-r#VYLI!c?<{jlV7>Q z8^NQJHxaFnpe>3&HTK!46-}dY;Md0T6!YDS*a8I!sp$McH}pR2DL^G4_+=t*F9z zn0{E~{S`vZ*YzlR)}f`&xu6+!G=Y1dnzH8|RGfTZ@0=gzml@mS?x6+!z_ z_oMbhHTAY1)b15#@TdR&uR{ye5R`YXSoGkyS+ltg7uN-iOtz^pFPO&n>*HyRf$~~c~`Pn^eFjJFg z>AVS!R7V*9Y|pGda*y+2OS5iyAMXv(KRya;2H5-cx^H`;7U zCElpq_G=Vud&L}~uXdJKg|CJh?4XHJS}*X_zlW3inp34tkk}8AAU!nnjs{EtIw zqX+a?znqJ|9zu8;p4@b3kK0ivyiCgz;ej>d%SIa0%ODT>Tg@0XU`j;mHm-B-ZZ?;x z@%lq*;O6>xd`RZXh7_xCJh`9wYVXcln;KZ`9tT_0=ZT0)Nb~iTZLkptA(m=wKg2te z-##u8ph-Wh0qZLJP|rh+M1xO-=@(^r(tqR>4c;|c1HKL^&fo{B>*Mm}W&15OB)?(q z=WqQK*OE+q(!1C$`qjg~_xBgBsN1)DeDzT0`R^ZxoV#Azmw(2Drttj16O|qe_YKE$K92e9E!NFdDdyngrxazbptgDS{Qt|*H3!yey_@_Ko9(IU8 z3~W4q?&h0)+TOn9)rl7wbq|HB@8?f00$LOEeoCBUU0CUN4l=g+H&ofBp_r#xFbnt1 z|FFjOUbp)(5$#|D?0Ylr)MBMxcqZU`UJ4|sxA|E<1iLJXKPFPv+b+Yk_tr@9X0Yc% zVf6Fe+J{9R&s{5wvt<18&fh8i81F z`F4u6ERG;r*1oQP4fyjZ1V&*Ol5LExc zZc+Pg^gME8dV7=oL6~Z&Ixc^a0qYYlTX~G``FfwE&6KnJuw8t&#FJ9NR@(VSRxrh> z=4N+*P&YucyIXFT8KwmOG)E(7;6b9KZhM_MAX5u5RFFjlg02+7U)@yoP_sKfzx=Hk z8QPvIdu5LQJARZC5{qq6>|1#XCQ{}q&~rC&C?O$aYg!d$b37CiV!_O>b2|{V;98Ka zg&ZS*h3SpA;m(X51mc^iN*1^lsV06#fv3ne`3?|$_o%TPHCA^PRc)%P%N=!fS4-_7 z<5PkzPe62gFk4$0D}<%yQbn3*o$l_ah3~Pke#ZC#g*O;gR1~{_+Vws zDv!N{X@WlaC%`H;74Dy31=Q2c0Rx%R{U+#>dzlEAT#U&%z%cws5L%z_09K;>rpcL@ z`w+DSwM~(iY_c}lhOK1t=8le$@b4glQp-MtX2jX@BqaaueE~ORfxW%Jv>N_F+5^FM zaFQz;-DK-7Pg$zW`%@@wTr4x#{mM+g1*g_3(C!vH#VzAG?2;*wts&5eJ@(5$2fRC%P1 zUNys5pDccq=v6gPd)LSYhcdIJ`FZdNF+#6~USL?Fv*W8|S`EBX;=Ot4iVNpYc#XR> zewZtg83&hn+>or#i z@e68q9}azDYm$Nq?s*eE>QX8ft=e`|_@12LSCm$}IuB+RGsnk;8dgPr`%!zCDWd); zivNd2G)t~ON$$`o^(WnHT3{pAbO5r++BeuTOUH(0_tUT~DCe?? z+P?CT5{KC*!l6?|84K|S{hx-XD4=QG6!PmmZ-{%B_h0TSeuj_LOIO#6;l|4gJ8?ZO z;zqzyw=dlw<{0T1>7jH@el&LGKb^D&u=nW^7<~R3ezT0a`+i$7uFDktRm-UIw9_rZ z1MGS2r*%}PG`F^~{MLF_dhSa}Hzxy!DnYvZZ;lNUqs3F{bShsmzL=UJvDyB^fN(%1DI5h{>njH$X*f z)l+gaXecyy0@CQz<0mb63asZ>Jk)Hg_rVXl+e$txnse%NQ^9%vQ>(Ez?Px0amLB^6 zDYmbKASc(cIpnur>>YZ-;$ro{<(VIUm95m{Id+btgAYFWQfs4^cVHSF)UA=gg^VrmhFpj=!!mMX^FA6wum7P4Z-9)XcXAH{BW z7D02|kSF`Leox``uCP0H;+}1I^VLKEEb1lbD|P}PJ7j<9w9;fPw8nYk$SuGZf?-RK zeKAAJsPc3wcKved5p^z2YUR}DT=fWD3sfR?t)(d4#BqJPApS+V4-D|j@f)H1*VCOn z34uMTlIJ>iAF;YuI83V&v#fTEi4e|5;5{*}{guQAZ}*#p6wmRVaAYKULXp2B#nzSN zIuv6IWBw!59RR9H^FzikWB6mKhnA?>r!(@*xZUO>{@0O6G9K2nQyWTS)>~~-DtJ9@ zc}9ctdfL=AYL z;~6-LTV7b0Tz(V!G7%|J;LHeCj0|+b(wZhre%PULdzYNwT0xjdR^T>ZOzG1G7{RO8{!u zdPeQX2K94|n|)7KR%f;CGjTHv0A7cXOw0W1_PzQ=aM$6F-=zL_)?`6z@R_Uw=zUKl zUGn%PP>rYw{`x>C8Yy3tsq@b@HOzX&h`)aFfuL`|^RgWr0xnzDH5O_us5M8tDzZ7` zd%AD&-R?*~og3kX{4~hpmt|>+U~)L_Ley&9my>shsBO`)*0Ore-l^}Q$awjwl!$h` zJ&{v~T7Bv^Al|Vk+p(~-*kd!F?P>lvI}NsGo3`(Rq>-kQ?Jf{gUGc^u)u3OtUlfF- z&Dw)E3!FWbgKU0Y?ouBo8kq*8WXqf>UCnzPnEq<9P>hcccpTtm*I44wCo*@V>#e`}ns=b(G#y z=nQx+YkS3c>1S&bL@C(r3N`1UmU-jDl-pHZ*u%2G7D6hm+(1EdU~%50|2~MDprU#K z>;*6o(kCO@2ZcZQPTzW!;#?lAYnQRH@}OhHYo}<3SR#T7JC%B}{VyvGYkO_8=3GPw z2FeUi(eI%Met&v_F0(g(g1!3f{aAnXLKKpG<4w6G zkI%U9nGcMb1*l`MQoPpD+Sf<91lpHfkXGM%+w7x`H>~>W*BvSx6tXG5a!#qE3I)wz zG5e+$uBoUVgx*n?5lNb4-lylWJijEI`J5+uBR){BOJFu}#UqN2{;UB{{-7iAe!%q{F@doGa2s|>%$0m^=y#-V zmU_LBrJ5i&`+iKhi-c~Ci!npzY+2ubjDT8oaG7+9XQ?><9x1Mh+(P&@`iGd^X&1kK z!_DO_WWm3_fXSA))DN5(z5TeH@5)kr_bfH%22wb2`Y}TT^39Q6Mw|hf&X{S6FIBAG zCZAc5L5jFwimQThA2l zgVa$1$pFN=7Q^fW`({IDGq6Ngt^4cOYw{&ae#yDsUgtB>rndX; z_h8h9*WlSvcH!$B&-QWziTY_3X}{9l^x)$-v$4_f#WsGC2tNT^bBlxIIR^`)R2&BD z7A!aIZxs-TB~3Y?o6<->YlfqWu_kGR!BsQ}4%%3|g5-I6MW!j+o#K@;&uc!nS*X&K zLM~}%{a*Q`IdxT&=1kxS2ffkMj$^{vS7}kEIzrhp&wPIzD@nQm7X=9?Z`PYep4>T8 zF|x7Z4<5k`<8VlJEn4x``Y_G<&WGxe>p4a6USHL8>xa7SC0{?kv5PQXPZG5(ojGdS z-Eb|V3rM9ir%Bl;uxkR3=*=Dl*KK_nHLG2J@VNg-c0CUERZy4%i)8>N#tcvU1D3tO6A6l%-3<{GUnVz{J;(iUs?i= zYi$G}MeP4-?7E|x%)V{FK^+irlp-LYqtc`(MU;+W0i+{HAfSVx3IQa9fdGn#B2B5% zL8{V51QJ@J(#b&R2q8pz2}QaPLf#GhbmsTgdTYJ>o8-%PZ|-;RIs5FhH+>Qyh`92R zC470%6nkSxT{&5ycBf+P;ES-n+9bQ%`TUfp_B%TYTh%YMNxBrI|5OZ)qc#)Tnma|~vszkv6*E?9cLX%QN@+3--c_a+#fZUEn!Q$*dxQA2j9xMadDyV4v3B+bV z{~twLVceco5;$X=RMC5|Ba%Z2*!JCKQCR-(vYO%DOj$2XZk9nx{I%n7IFHT@DH zm}9xJH;fthzjJ9W?tWcNe=Y#~B^2x+XCOzk z*$U0bOxgqo*-I0n1j#Z696c1Sr@7Gww!1kpz2n zr-UMCTM7|0G?GCl!Jkcd*VRq@_Jl0`+7i}x;lPBMN;)WiVMYVf0Z1kVoDo{-G<`xg zhuSW9%^ghe24Wo>!02Q%z_{zNzXPyXp9e7TJZ(4NG5%kWb&-5y)NYcD@7zjal~k4h z#NO#_lM)d2yE4=vWxuoijzlMe4(JPa`jQp8W90yBMp*y>Atu7aSsj#8ksxnfVln18 z7{-c);z1*|=za~w)L{u&KFEN&w$#TEGGG zBIrb(u}ilU6KDT$vJKrOV^yA{C<0{FzQ9&~4Kz##O^y`Nw@8hAv+|Wr6cEOBRbj%# z2Glf@PSilV!Qmxi|@y^kPy}2osLjpn#Q! zb49XmQ7QYEF+kZ2SENMu({9$ux4i z?9k%yb{7gCvv_^n)=K5g%KBe(6t11Cs7$+9TA&byfKo`FbzLA~i2YfI48L7_%u<^t zQ?q7Se%=);w;HRJH?sy68`!$V8D**llmh2g|I`^Bb5WJ<24_!LokC11w(qcry0vPklCLY5hiR?ZG0OfCIVV9WYwUSYF7eG9i-{Cb4(PKwo>6E9Q1Z`T zmzi!%r0e6rCZ_n%UH~Tb{y?N(X zzFvhA%=Lgk-S?VhtQ`@!W<=m=j`}92WD*|EeH>ALk;(RW zeh`d$X2s05JW*^K0!@hIS5^;=OyAeQ)IG4GhkQxBl%u-be0qm9OUC=1X<$xyenFyP zics~~K>04tB@3$>CtXS=KL71Bnv`s^A|VE%Ei<`v=(@3f0p)6(QK#za*DjN;xdTq| zMO~YBoD}I+5(ZrN<7^pQ{kVBOU-PhvC-C=yz$>ehDG&zfI3bi6&gG37XY{`!e7{I# zpU>E)YE`BP#Sz!eyJP&#?0rSU+dQ^ZwoI+M(PsJAcMpETpxkD>TcX zdCuI)-+cQ_x54=$YD5GAbL5;+<}vkN$zJ!~>paqV@KjQ0rg(>IdS;&t)=6*m{MaT}@PGPS^a|f=52MH5PYD`okwY2ZG}yg6+}ewLUM5cb zBdrysf6K5D0(Vx@#nS2pQojwlP6`+zZ_U@Q9?}Tj29K@6V>TBt=4c zp|d5gG}O$Rw|s;Rg7k1QJOiZYvPLg3j>-j4M^Fhot?W@JapOahyv73sAG=J~wJmVP0v1^cP>5D_Dp-1VFH=0==O z+S;pc*R|_hvL7JeCqfO5==Jh&Db5C~g-Tmp_SVB1oT-b^qe}U;1&eh7#N=)dD(`@> z&&k<+kX8GIp~?molyjxKBi|)GI6N;kiZxmCw_I};1bw{$>FvE`o>QuQR+C%xHeVIc zeeOYFbSIA`fHe$`xX#5w)+))I-&@c0qtEq{0*qwi+Hat86M;vU#;nUBdi4$XNZI`A zT&$;8LW+#G!ZKnv_{$MLH{=jh(8j|`;r)d;Ud6#bs#b}{ucSu3n(~9m#2~g<$i*&- z^2jb|%M;@0<4K(Tz^rnjSqILHukRS<5e;}CqXjn(1b#b!D-YL#Xgb9=)B>IcCH@VC zE3W9K9|k;$zd8l5%e@;94&X2gIvv_e0>(0qXuF)-GS=9yB&_b#F{RRjzuNST84D$9K%;S_b=r0v{ zts7q?ykhK5Zp}w8w}|0(#~^N1bL6YJy^m;2AdeS&FwJ`TR_5&lMoHlPFlz8Jac7Q* z#s`g7O<0yoAxCTOeqv<=NU$FPk`9fgeU%0$a%2qzfT_%k;d1#LAb?BmHw=$&iznvS zzi_Mpu0DJeivp{*HA{A!!dAQ!WL~dHfNkE)6dO12v>wp;XcZ~vzZWX^c+Zvh$H)0k zcbuYxfX71Jg1<|0ZBI`=R=6tgDdytGq-*P`}G>LQ4+Z zP)rBd{;)@9c%w~1$PVc0;bAZg77rLNML%8-33MTJfW!^A>rJ40(q>%$Gs zAcKw{?hk##N^s^m!=<5=62&?b?<8z8@LTVF#acwRRTv-d+g`P9 z`KqRNxqp7&xY}mFWddQsI;tw|idLMu1OKqHB@8IfE0n$LEcc#=Qc7ZO5?+SUfFJaT z;TgqRN9ELD#R7Y$qp9xanu{i$_p@Op!c9A@0Ej-IC}2^dn6i}y5xCZ*FLdKtQ;|8G zMXgBhtd@uId3RvVjXL3Xjm3e}kliFV(NJJZ+W3eC!5%Nii0Amyr=<8ehsI}_$Er)O=y`;ZIfek@UMrPdm4wyy+yMWSv(#H(X7|K>FXZ21c zt?7U$E!^E!Ij5RLu0j$p>Mq;n?G6!BRenL?OAj=}6%Io*b(vHjL|iDT`7ZKDhAFv0 z61#C(mv5}|W#d_(1t#cYSBh7cu}`~U2&Tu6C1aJawoLNjNpvaL;n2D%#=bKwVj z%h8o`LT%17fzePI#+b8q$RpUx7muYKRuWHsNQU)WPpu)yZN-Ac)l>EXb0_|xYlRVz z)ele@LC*pLXDh0**r1<`tRuIQz1-XzD>I+K)*t)9+@{rv9gO1tq12Zn$K9}p;X$Zz znu;8baH#cC!tKj(=me4Bhhs?u@~oHIz;?zhQHJQ=a3B!rcVaOQG0L9BAL=UGA7HBE z7Cn8hE+N*uHZCbS-rQNs*lvytXZ8ayUz#q2%5VZag*wxWH|nw4{5s3cZP6ctOibI( zNc$}4Ds)@~P_9Wh|7udXO9Eh98z^|)1!q+V34=&qgk%VPxga|?3}F9h*zWbtXGk1V zjgj_xmlxfFsw^aoS8Em5akgTF)DqF85oLw#_vvfnjYF#A?OX!XcE&{hv}u>ArZ>>( z>MZDDIuWnsn7XO|7c=b)lU~l`hNJPhe*#XVKSLAHY@irLNRO`8tZt8IjcyWP7+35O zy6y`_Nk7aASd3R$pHNdjSuC{_zC*xR=0s1y<%HVB!lx)AFZst>e*t@18VPXM1)03{ zRkx-{p|GtK6_Drm8~}I+`#UQPAX+$z?+(iGfRI6siCjC9ue6?{!Nknw?3iz<5RTev z4?~GkeU$}_bm1U1NBtreTO`JA5?n`>*tUl6hicvjWp`kNY_mkyDJv8RWZKd&x!p#f zE?fvLpN+KhuGzzOZtAssZDq5F#|EZ`vW{&k`EvhCob+2xJ=%Q08Zfn&*gdV>(M*^} z`r4StCHIrQKWMLxifRMGBHwt~>U%e%CD~&OY*SYZDXU|vfV~gmelo}s{eO-9HsUm^ zP$OV23ZL%C#3}k7vD*I7`&JYc{q0n|B;n1(U;V!BQ=kZtbpfF#AJJJRV9WJO?|0|8 zdzXPMqGPzq%nGPZ$cpY?=jRYt|(ujFW-lhLmi53$2~$@JJ0Ze0}~?f@Y{7aM|hUM-2mdJRW^rYX+d= z37o&*mXBbS_r06jh^ zWKz=@fO+oUw&+71*rkV`gFhYtO(a`=`MEydD|>zB-Z!ByX5@BHeQ_{krcFAMsnO;MjcDWQQ)p7C7eDtaKv99 z{@&}>2ZJUP`t|3L&wM*Pi@LUVvM>L*)#b#IhS+Z;sY}BBph?!QF+3EkN6-rMN86(A zK1KFeaY2%th#}a2mZSEB;B0Jjagr$EYesqOseXxeR5#)5xi#Ew`6j5Rx;BL$Sy&4 zK)kU?f@W{hbspC2wQX=tQbYMzM;h+>RMbt#VXl6~$T!K$BuAum3?y(r|4Xw8wBsze z)XesI!^h(|l#|b6-w2GF@7H9pgP-UNn|)$Y(B*VJ{P+k7fS$CA-1eT40*bAeKL$pD zxaC{KRdYKbh-8jk1gx1VYZk4|r&6~7&VrT22EC$eu&_WiOkj6mDVWO${!+g(nmD@D zuWp@|a%9D6=hC~%&R&r6T#m!40hA0Etk~A-H1SBC z#AmH{VgZ4N#tYd}IVa7tILaN{_ntA2p{zGG{8ca>7Sp;3I4>RUt&eNZIB%Y(Ah=| z)Rr7+yT`AST?HjfZGXu5^Wt}k?C_-}$V^ifBvtBkwGH^uw-Y|QbO?yRndBu81U$q_ z%vaPQU(7k|@lwFCQ^f9~`FDv$;ftu@KbyEry;nhJ4&c;yjeLHZPux5i?z}CEyhpcU zvl$0*|GF#FFWXoIVs<_83w`2}3o*3gA-`9q=~F*B#EMTJ!PBiv#0=9;)Os!eUha#n{b@koXshrV+g+v&@+2`m z@J1!XHSGKPF7U^r3B|hK^FZqZw{-;y7bFe}Xv16w3(z-hO)pjib2V`bQ41S=F7wv( zd6=$!j%a;TulL@JMvIyJ&%l!mEyvg+t>Ur7-!1GbXJ0XfThoSKCqEmi{A5So#23=F z?y;XYGa;!IN)%{5oo$ZKA`R9NIj3UG(l6@d5OQxlfYWp;H)DNe+Z5i+XUttK5E9N4 zz*dnd;zzPHfq$BVAHi^mSYmjBLg;=?4NsG;is&C$(^>vVXr2ls?nj~bMo7f z(UO&<5}H0+Tz1lXb9{NPaCTz6TeZbs4ov2rD;FW{ki^Ms1{wjthFu>IFQ zxBS%Dvt`1#u-)hQ8Cm=AbP-yC*1&%&F z=?U}VWt;ctxj$RoAWq_c!+gHj%PxrLTyg(F0ql79LdydliqeKDNX3XuerQ-JD#?nT z*HHX<`J1P+zG4>HKe_iF!^o)L`ls>%O}jFD@0&`({I^uD@F|tEVYJ{SH2%u;Q>Evx z_KrRX1Zr%4VIk;>yQ*)8eOjPUSfGQSZwg@|g__y^vjvZ5B6eTe8c3=)E1GzMMrJ)X z8B@yu6tPGkaIKte;?X1iD;~`MBe%0QRwB1_EKfJU%=_K)}J z5$WUJsC#2TABY?R0V+zU(oI9|KeGiX(w;CiQ$1^T=($+4_v(;mVwy0BVSl_^mh=b2 znrp<2#lu#+#>hgIffqMbeRm;EWXjuv$N6W&05mRW^fv-;)U#SYses`z?hAMr>c_eL zD1P+x*B2fR{@z%dNwkg6DHm0653R>hPi07{{IMb#zx`_tUlMuo)wx(3@NjhQyZk}u zYH4xPgo^IlANK<_Ikib^ms%1RPwReiIjd@H(_j%^U7aeZdS}d;_2;MbUT+8yk8YGV z+F6bb_{pgi)6Ao)9nSv~pHi3jM-mH5P8YLFG)Q^CBWWh1PrqYW$9+?g{friPwF>!U z|2*Z#^)lkVKSK4C99lZBSMwc;Y+fn4FOR3+P|BZDnNlv<`mypLWxVj`1rop1_r8tC zmM99>%B+t!wL}UBlu&Wr14vXrLCcRTI$l=)p6b9qdTll;WZ>J}YN#CRj{b)8D-B{lOLllt00xvBMvk) zuuiFMegd3`1z+o88gyhYN(Mg)jb-~7vB+hkSJ8yT9u_&Z7{33`i3}oK zZu27hb3WaC?$&&9tD%WfndFC0mi;BK4v+ooZ@3fUV^V=ds*4M^*bk|-Pbd$4jXc$P za&NxCFFhl&6Z31yn}r@Z!Bfu)2-w3E2}uB`mdYe7R{62N9slvkGC6_(*N6Jr!qO)B a1;#$-c%5qo+QnDy2K^5^*CkZ| From 24a8dc5692e9e445b0ec9eb3755c2e73f39af985 Mon Sep 17 00:00:00 2001 From: Carmen Forsmann Date: Thu, 10 Nov 2022 09:41:32 -0700 Subject: [PATCH 034/129] image re-sizing --- .../Win10/M2-Basic-Complete.png | Bin 549070 -> 393709 bytes .../Win11/M1-Basic-Complete.png | Bin 118625 -> 103390 bytes 2 files changed, 0 insertions(+), 0 deletions(-) diff --git a/windows/deployment/do/images/test-scenarios/Win10/M2-Basic-Complete.png b/windows/deployment/do/images/test-scenarios/Win10/M2-Basic-Complete.png index 368ef195b4df08e371e1cdcc92bd736a014c453a..ebaaeda11211c920d4c6f4a0aa96db91c3f5e9f5 100644 GIT binary patch literal 393709 zcmdqIWl&u~_Ad${K(K=acL*Nb4sJn%ySux)LvRid+#$HTySux)>%pCuxpk}F%)C2y z{-586UAwxg_gdX+{q~aX)nRfnVo30~@DLCXND|^d6d)jA01yyRZC_yi_QYbz+W&n) zIx2_>K~zlOAOCH9HWic>gn+1yMtIeS{@aGL6IXYHfFKC@#{(I?4>pE?_{f*|A*kf0 zbCv%R>D2cfR7z!>5GNbsLo!9&8~ zhZ6iJ*8e;*@bfo2;(`A@U4bv+TLM=9{N;aI8!*mK2|rZ%|3}Q#J_D3!x=H@4O8+4p zbjV^Litztc^Z#3jFmQh*8Y%cc&?h!LeyCimTHya3Q2&c8qd*tDWHgjw78D#wsQQ1` zLDLMJn#9nSBnM=(&;J>x|EzN1&);bPpCkSU^RUZDk2x4pZGj%TL--Fr!2e6QikR3R ziV60=^B2;Kfq;S)eMjCW5BZ->LT;UvY{txK%22i*c4U=Rl`9&q*~bxE6hW4VvI$uA z=H!WI@iT3Dtn)l0#x^D{GRY5B^2K(%s<~)et4``l3tJ!B6BhP}H+{=$Ht?XtgSF13 z`-(i(u6BJz=<*z1H3O+^MRQthHE5;cCzgg%v67vWYhY_2jD;b`isq`EvY`N_*bK*p zMB)RSf5f+~B95;0W;~gbSjrkv(^7(x2sSgWXkOvnDQFIFSe`oXBOBG+h5GEJ5pP0daCz#;7audUf7(IYsl z^hI;g_}aLVo4@M9lNI}r9_Poli5eK<9KoYV^dpev zFkjM|bD)=`^rBB^bYIZ&Ivs8WkFHXXRei^Do{yq3%UUXJt}|6!=)|&lo6vUK*%oP{ zpMyCmlfus(tUE-*AYZm%Rr9)p;dz>xe;k;hl5##5K6n>WjFC<+OLA%0KNJ3Zu<8DV z|LFqmb$i>3$E|k16!+&JWiyXKf+w#Rw)pS<_5C{t zED}>n;B-O%1q9cZ4$<`#Id(a!*QGm6f<2AIG3lY@s7dh-UbE+E?f^Khb^O74;nYf; zuEmUvE2*ODfuKF*a}(ttCMhA!#N2)1=lsS0L52JP z^9jU`<#_=1egBJ*M={#Vum9$LvO9OWGBIGeSXZA(h-m;1>s)xWCIbf4x)CAmLX3vt zM4z;s<=C9F8*(kjF20DClihafs{uK1MlogkM>y@(3esua(J%*LNM>d+UCuMiY>#&) zlYhEmTOa$+z35+*eg3Y^ibQ)bXt>|S*8fYdrV`+hrh{#>z9fEdFW9PrC?pB>it1DL<-ssz{n9IZCdAx})xkxpg_14zN*Nv<#TbV*x~-WP4N zufuh2ajo6od6i|Zz$rK2)zsj}nqz0}>mIev-DilaWq{I>l6IfTp%%Gs4`1WCzKJ%H z4n*Osur(YV)i6t_X@}<)j>7D_+W?)W@X{XKw&M`ltTI}*iyMW0rqJHk?hps+@>GOF zmGV8pG>}jTf1mX>cyrv zK-2=g)RVm{-J4@(WRJDy=)O^)lM#~2hvC!Sqv1|65BpsZXAOO*?b`y>Pd6o zXPN?8D+s@Y{Y8^wp~2hlZ)M4N5zrE-$-H*b_+m1+L#axS&^sjDBcR59(27LP`wSQuG(XZV=^(`B#?@zB$u94J z{H6Z1J(Bgbctg(avaxobM^M*E>&D(^CdE;hs9y(KV>o8|g~y4KkS zb83RDbvcy<#}pN6y5N)Ui**a&ow}WoL7WTj{5kI+Nom6b(hGZC_Q81p2^~ z0vrp!xWfRHv|Wx)s)ZCwkr4MmOP!NgS%h|?8ujI$od)$AL@OzzBr68kw2(O%82TkE z!bHN#0=7NGGo{i(ZN!Q+vFdmm&cX~r!V`aD@Ei#o3FAo`HK417)&G{{cYk!MUt`x`XDX3y?#QY?l`6Z1aZFbN^WXF9$m~ePU-1 zj0$xX5T0s0GhDE;^xLVyz#dHA4_p+&B{*3*+}dG4b5yQ!699NV%E;XTb;4|#cX{8_ z@ytMKcO~){J*I+ul>ZvpRq%XLIXIg~T@()~AkJj#K23F(a#6ZFU4YgsZCTHG3!g2D>Vi!O3pX%f zbf?M$v`C&~lRMwd&rYbS>&y1;@xfCTW}Mx#6rM;EaeABwJ3{#dJZ#_O0b+4V4RaPK z!o7)Al?z($|D0z!^{o$bLk9hYAnEgl>Q!E%qyFy1R>D}nG1F-K`Z}=M9q;|>Q1xoP z(<`*oYC?cS%%#}VpK82}?Ovm)r8iIt(d;@nnZcyRIwZtz^-1w`ITP>6jlzzC?hywbQFQT^&;UXCB|x(W1797sEKK)A!rp5XXL%mxqk?yU)Iqcy~b$k7Dj{ zZ+7DHXTUvjdA%=k+&oLM?~D&vPtzTp){8!c0bidOZmOOyjFTH&w%D*-UmehN*3ZKo zY{?NKj6AI9J1?Mp~Frc>@MG+n=*JA=g@rH z-HwvhalYH&c`q(c)D_bwv{T%Bandf}; zfzN)!XIo+5wqnk%WQS~}C(iro%23|la|Eb!)J|XdZB$L)#BQS%8Gkw6$i!Ns6*cvh|7||$I&d8t$c!hs$-(x z@}rUN$Q*fNQUfDwqt*2BDcvEPy^6MkUAhl*z2R@4KP7Gk6O~8zq{hg^r*j3HX03wC zo5zc?(@}ljyUhC61j=zUD?A>LJ*L+;0_t`a;9AXc!}pgnrZ>>zei!TxZfXXqmyo%EqcyKi7Csqe?uHkB*9^SlDC>qowFW+(O@c$T zotM--4niW|<-a61qO}r+1~|^5zFzuzf|EE{Vokv+WUO}J`@uSl;bg3nFTPQ1AHibC z!sJMFL)<>tc(RE*YIjGAhOGOJT!u60)X6Dm0n{5Bh__Fy*e9_GiJ(AFnQigABaKJ< z2o*Vxeymttk)@jhcB^9NfQQ>+aY=)N&dT;Dt*C?{9=k}S{D`Uu;~TQ*+9*L(AKM{@ zuIb!jH{Mp9j50HvbL`}ZEFW8P1trADC`Wpj2{vHxqup3KYH;zH3l}yF^KF;NW$;$9 z|CP$(Zm#Yd!pEv&s5Kd>p=bs|n~+eog9ocZ0RGlcGo!SKEY=C$NR_W81;9l0Pu<;E zGowO4*T@QvzZEf$cQ`Vd(E9P!0zjvP8H@bM9ca%At2vb8`5iFT(?5L|g}-KY zu+U&f>f1Nn1vfXj`k?SgI#&C>xbO@@yX4)@3>B#Bgv*ah77mj?_P%j8apuFdV8W)q zQo+k!-u8e==|)b=Lhh+XaGIN4dp7H_WY#V4zc=7fDCg~&1&(|us>U0dIPm`V;(}Q; zQLJTQmUTBcG@Yxez{mBUo`;z1V}9K(;W|3|YHE#~uEmX#G&gotKzDMTE+Eyc2&Or0?yZi4=Af&tstT*ifKbX3MvmLKxPOa_6;ydA{^}7uDjaKey!JH;u!0X7> zvr0$#)y?c}Thp;c2M+Z3?##P9i|A4cdsSCU~bO0(@$FxP2kQTf~nY zz;6}Wv-;X7-#{^I&a*^jaIu0o`_?@@aXmJItzCUCGBS&AC$tdCz;?2t7O4_Jw4n{J zTMyG89ywm9^Jo=${W;easX|vhY<^h#i2kk%*7vq|!{t;^EQdVAefE^Gztl0AH=XMw z%Da^}csX!CrhqZd_s$9GHI1k0vYfb0b2?1#9y6J{&}FFMpR;_t)s(k5)$cQNHm{sdxD6+Z^8DVHd1D&IZGQyO66mBxms& z$L=s~l1DHt-_V#sZiVJC?wnZKQIKmBA#=*Q=2jT1~Qx z4|%>F+D}*80MERJx~&6ENye~1Te`aee_p~R=Wx*hnmo;>;NJD7-F^3+sY1xd!{VIf zwkf9M#jKi4uIdwz)rd+1u>!|}109Tdo3oGy0067Gj#{&>iXkzBl}aLxS1*MkB(%ider zL7QsCT9n7k>-6$9h87gId>qJ3Z@GC( z`NZ=et@l~+l!-{>!kxR`Hja5j?WkDxZJZxZP1JO1$#bFNi|i{8C?O}fyfpxKJ;xGW z2g_ifR3CPH34+`Fb~Tc*xKq8@G!sMHRSRA?XB(utaR0{HoVA*>DF9QfI{%)U=xk*# z;(_kMH}O8BuHkEK0h$ac;b+g!$ zT&R5w_$JE^KfxQ-sJj8;kew=CnG!ZVnNlh_0$wuK&FEVSC_6HE3=SQzaXk{-tDv!$ zW%(=HTM?gc{5sg7h{t3_uECiVpz1dmXTlLSi216AJlFz1x45wLZP1~im-{<>oI!3( z-lgdBwDyuNtLWdH!xacCvQ_cT)r@P@{@Mr*pneNvoKZ$Y#Sm9 zO2OX?8pU9dLh+z(8AoImz|5&~WNU<7sNsj#t}ILt(N?4d){hqI&)4be+y3Z*t!@X5a(ZV_)ayKOkbU-5M0NEMV_67$i%++Oa!pw#}ANJ7mU@E>k?Pem} zV6*ORnI2Rb(Ws2)<$5?U?mTn;puum$-_ENKNGKstZ=JLPS>3`7?j6tC-IV+&OXCb{ zXa9sU+AIeQcBKEB`0l~$wamJ(v>fyYmHp4{*;N)ho@*s&uw*$lnU^!D8^L$>5cYty zPc<5XgJ8|mQhsF!W?j2Ckm~Oy(zmLQp_XGceh$D5y0AN-)5r5FkGH9NcAOCRUA&UE z!3uO1h!cUfB**lL1^-3v6gzMqfzojKR!$0VCs34y*Rs?}#%vCcSp)Y}lSkYK<4HP| zA9pj{MG_bo^>$Od)SLRNjvR&`X29k>ZucPiz0P%33KS>b8-|GACzTcsTNypbYDiE* z5QxghMz~0y?JbSKHZI26$q|VkKqb6qI2(Dp!af&$)Z2p)ltG8bY4J=FO+V zwVpD?M>Cf9__nl+V>ciCY0b%*y22oEtl8cvJ-D7Ywel*PJ?Pn`Td`2c)F1t%xk1`8 z4n*}}1Ve8_KR8!p($Sc3T8JKQI~86kbGQKbAim-JuA8X^bx0YIEqykkCRXgY}CI^M7l?GZhttTcK`JLvEXf5YFg>j5? z4ejb-m~*)@}uZXUUw%zJ3se0Zq_zYAqdIxh*9Rm&oTmUV|gcXh6z}f zq8zboHDzUv+|9SX<-)s0_#N2CFy8ZQ?3~>F)&_0@5IQbnKb9zH@lN(Md^%3QJ^9s+ z0fm{*b)#dw8dzLAQWc8Sffb@CQ_=$!^3z)00$9u1$CM4Ji1l@MSaX!Ie*@LLxMC?z zVznU9xwo;Vs%sNBqwp0Be(`sE&&Gtgzm*%4?*F)TQJg7}3_(-Id!fT=vUL_7e-R!Q zzc=tmu2=6ZQ<3!Q(|t$TsU zXpObC9@o2(YV0jcaZDPg}oc#&*T~tN9kRQ>iB1kZg=33OU zqQS=P>$gAhg@G&Uce>AM&UiU zPlq^@w7Y#u6EkxdDY>XoD@|WvFj@ZWlV-KgB1apb<*{XJ$Zr()>cQsO{dpqWYtd*W z3nMVPnD6mYvw~``1=~$ak^146j3qYia&Ex@h}jnNMa&7>#8;+x@;DP;g;M(j=L2>igd7ae?Ru$sp}f+1ZRv#pxEzwudr9CI;b_4dIe!0yY9 zwf+Y)cU`@jU2-VX5;!HrKTzy~s^n?kj z|K|VpCA0bMvPC5DSb&qLKbn;^Td=&-dpc&Vfo7L6^F3bbi%?o1}mLdk^cbJ{HQx5*jl6<})>E;`&NrszLe|EF@(yV5#|#;(+)K;bVJuEvj4pBD@u^(kG-MwC zJT=)!!(WJlgT!1h9GFL9Oj08>;*}b6C;OqMQ6ZCeETLQPVT=yv({Q^1P45KWI7Vu1 z5W2E1L55gB=_$5T4OLtzb6u5h1f+;Fuic&f9RUvof> zNYRBvj1tPGg*NU@H(5}3Cq$UL_i9hYbLHhRVI|=P*vxdrnEPe(#fDJDO;b>NJ2b9% z0+=#6Fz|G5rgGQC+vR7zeST#W>}-`b(&pn( z$_)ac0p;$Nx`rSmYIUJYE4fe$jBP`3O-*hrp94uv&<+r<2*)&%A`)g(Q5OadTE>Px zZkX6KJmU36Qt*|?K|pVZCf>)-jd~+rJgfFl61AjEvmv`(#*9qNH(t|lmcYzC4Zk;C zN5UG6qY1g3y~#9Dj`9MWi}7f;%bs*Vi}^U9jVLLqBY(qaJeRD3*;w_#M9pgEiR>oa z?`i{jKfaWvx&&|4^HwZ%^L8y40+81ow9xNf zPSn$kZ8Z?-5}LB%M64b*m@wPX!WgCO6Gu+{Hzq$!w5ceZ zFoGhU;{49!EPcPJl!Ukhy!MzuIO~JwwkxJ&IvMxo7Z-u~3Q;8MVF!kxF;@YJ47xJ4 zVk2AYh-a^r2R>IT?i0rEzyt9@ryh$7d6rfEa@MnPM*$j^wedrR`yznbW9_!H87$g5 zf&Eq}Cfhh7{Kmc!hz6Wvs|DT?X+qidje8|Vd6!MG#sEDJZbQK6(5D06REK}PQmldCBnMh^VLEO?R_^dcUX2+NCu>KJ{I;)kD*i?K29}}qD!o)X zMCEw&?KoEi-#zS?G5VOFj*Jge69}rCtgyrHTxv;&q<38;uMD+sJ%KPI0@NH|S*TH1 zc6qiWi}U%oyk`M>yJ{Y6BLns%>!Nsbcy($(N{Adn@4e|z#gI|yapuA6PHCkrVz=#2 z-_v;EemY4Xae|pLU*Al4ZZ3S4PKEArU`{Nah&?Bt$N}>gF;L^qz?C;VC z;D0728N$gK`(bLpx1S5xoo#H`a-Fmt&WO|taZ-1-* zMzdL@=K}?7fCIPeUrWT zyTo~)Xh-)&sP$;?gfuMp%#s`Y@bHj|oqX5>Eon!RiPH-3*HE&V6gGyY^^{r^U53D8 zDC=~EuE-z?H{*Icb-dr{{CGlkO<-2hBh%vTj zCJ8XLnT0>p%fUqOEctWep; z+B2eDdK(~D@|ACQ1;$w+W8u?z`@#Ngm5WC-@b)-c#^(K2#BXo}GZ-Igj2DlTSGQrgfaj zP_R+rdBS`KCIoHg%0>KW0j}@7VJ|*Z)}v7DiX|wbt>IOT{sn_Ll~pv^8Ql>YY}Tu} zP#hF>Gd}0`4*V=bKj*5%)eeB%jO4{=ma3{`6C2P(o!F7G$4v|kmLZNxyo74kfd=0-QHXk!3-)n{WUwp>`h1) z6=O~G;a$kSTY~23AyAvj{`(fYgA|I|`xXKy45D!iO7zDS?lx@|{qgUPn)t4N6 z;GP^I&BuufftYd@Ks&zwBLCF@=I9~pM8-fq!bVO;s5Q7pR8sftxHHG?d0g&-b7bXq zi?IKM5(aB$nR1kKEOh7L7O{s#e6~c?5HwiDE144USbDO}3u>-nO`8UOeQ+_{UMp}M zgXSz!W3o^k+_K`U$dqiYFxk4T1->36#kxJ8>%AV55n1sb`z;7mP)m-uLpurd3jEY< zAoM(ahU$j$hf-nW^kkREjp?3b_OggEA?Qs|o>yZ_K51X)oHMV9bMRn4I0^pZOxiTaM6VT(aL54GRK0LEaT#C`;wEu5qk*ePz3xv{?YX*IRJ(`#P>h={?Ilaw% zo!CzpYzJd6d>)pg_xigX_+F_KUi$ScTP%2u{Lk3$*QYO65uOKznU#1}34E|wz53Z_ z;z+cF^v^}30xk;@RwEXy86_SMsQ7u`WKP^<*SaS$Yz8SQi=Q@jp@>Y5C|_oxUpQGG zZ(R)8>sj^@G&Jn5uBg*3PO;-7kB?3SJhrLZUUx#=Of1>?8m4kMv{MmkhoFRFb_7jL zcwboBMl&&1)yCgB5itAFJ z{bR1oj%%PHlkJT}K2GZlAo6gq58 zu)Q5FV?pep!M>=N3eEd%TGG|SWKGPonwc4WKrc)#E!Pth`|apU<|g_8 zs4vQto@*TROn6*8h;xG-l*WSZzUVFRd6FYqK8}XN1TB(ucf$Jc>I}&|baRJL+?{N|@QPw>{lKdXv%kED#J$%c66I%t^qvSe=$ zIu={bOR-k54JSl-o5}S?o;j{>SR((}C7P5O;K;h^F&|m1bL6LyFlFntv3+Hc2E(vB zWbHpZ>l9G;@6!)S-}Pi&D*?OSDW$E$ZFrvI|DFCYCv1Fhj> zs~o!m?f)E?`=2ths;JM1Ear@9(M&|ItLjZ4cc zfS!nx**%rD>GjRx49{9unK(Rgd{|BWQsAETd3VtlzL)IdzQ8DB;XAD{*O{E=9>~>) z1Dd;JiA>;lUNA+dbM(q*cW7jQ_|inpv69n!1v=#CS;#rtFASNbM|)zQ2Q5aQq|w8- zpKpjPsOV&e|7O^dVjzez27R&DsU%n^aZWJ@^m91&5z3b2l2UF`mSN&vRG;8-PL2h( zW1-x@^U+s(X~j#Kn@F^tra`bF2H+m`#{rIo-AP%kz{@IF!L}DUmNszoj@4zIVQ@0S zZAJX~mTfto3F1TKeA5oee~PS` zt6+bjX4-?3`6(eeesGZ_e-t#4c)WN_FKmDY3fSZ7Cb8ejr4JPj{uIvI{WXKu0Bvn5 zec@#S0!~&cd`T*nxizGp%ddpw+!+n*GjDy$J%|n*-}*dj?Q>wp=h=ovh6Kr9kn5O4 z=F8T{`BNa5SEfSOaS+3m@QPS2dnkswzfd5EEUI%pdw5I@i>4?ewN2dHoLm6Pb#Aog zaw|FrF``~|<1gg`04i@N*4AYy$84u+{=EgP2KV5OT1MB;mpO#I{q1Fge(1=%5~4~B|jbQCZ=P;9@w+`LRux| zR)q*D(hgo-S*I{@LmaWSnKSRZEYD3G&z}{%8o=nUw!1!7`FjDbPWU!$-WWC+c)@*P zPDa%IpV;FS<=*q4s)}RPGZLfl<_|>syWg#Qb)68Qn-p~dvJ?yE#v3v8QOB=T)pMBQ z#w|wchH{)Hr&f$?gH$B@YWsaBMjVJS!2fhqU(adqVknt3!`j-(F(GbYV z9fcx3!^1Y5O#}C8)vMfn33g%>dH6h!^q^jTXV|-Wl)}0k$h+hVb0$6UjQ0cL<8odz z4I=7{_vvj`Oj?$)8^$n*2n})<384yV-7TE@>_Q5#@_&B~BmRpSZ(y;QD0+T%{HRjq zkEKmf^FxdIQSML1trI521%%imF9Rc=FZKf}4QKbQGnZVFQzqj{PZW$cAK7@d8;0_3 zCsao4sr7Yq*}uBBd|&*9>8@U3g+KQG4c`;iQ$4xCOC>M9&~s;5vB7F?%$=kZ&TWiy z5gz~5)ldz?WP+jBdlvg_7;!L*-)<1VenRl{s@Gwvp4%Q4wLtwb(?zkN{pMgL%x)f? zs-c3yMsry}MZCy{!N3sFJIDQNeAJYJqiePp@6I^>Ny2r%J#Eow*)`C?5NTe+Du)+q zUSVV=?u}*1l{8Y7=}bbrdRW7^?a7~kZ)JbT6Vv@x*Ic$0=1!^uJ1TIdQ=or?5GSj8 z=kS+=+s+-t8LdfuG&-KEn9}x%GpE}tIPURqk_G&@L(wM}aI8SEULK!su)BX^f>&W* z>I2vJ{!Yf*U{`_~HdLqWaBbl3O#2`o5A1-sLz2(ZA%X*V9`4k7y& zopGlp2xTbd#`A##L*t<$f{F#(BC3Jvw~(vrm)5Hu&DE>3(--hWriDc`x1k1eMn`E; zwa@scwU%@wX+y0E!=^)zQnn0SbT4AKk;@WDPzm&au4c1)Gt=MBg zJ!N{ZKy%TL{0djs0If&-N*7r>9}HJqmL9>TA!ZdU{DR+!izplL@4=$og=Zq^%& zC^r|9G?mPH^xLocxp9JRa4}6biw9ArrzO#QWBZqUCp~1=Ih#UspyMX}8C{83i07Ar z$*d6W3e6zTgz7Shu9YABL0MubB}s>ThV;O#>I0!mGi2TNTxt~MVad1>lU{e$$$Zk< za@aJtm0k(4Lt)-D!rJP4H8FR4Hd-pgBa{7Kx!j(gW7^53F~}f2KFq!+X9RICj1y?3 z9W*C{*jQe>G2sFQll(8M^&v?6Mlk@m-0w}cKREH!X_<)+b^Rw}1Y`+7g$q;LER4c$ zn+m%9Xdfz7(GQ1qQ>#lVVRK_NMhTH;!Cmjzl4PzRLmqns#jdz|c#)Kpr5bZAoprBB zoP5MoX^EZ{<=QGA8Emw4?8%nTzZ7V=RABQ}(CoOXZpCb59(IE{0Rvk0a$D#zXh*?_Ag)lXNO)-qHE3)MRi%HNhtN(idGlW0qp zeEU3U@Ct)#zzycMwiUj`Zs47_3RpNZaOW|_~tm4bYf=^ z9rqXnzvgVs)Zya^>i0U>wrq?yOzlW}$p3kFj^(>Sac{|4Px*N@!l??*An;^Ao^B;3 zP%PfEx#5!~+7f<>paPXoVGt;6S=1N% zR_u27%iHU*LhOl(Rr!1ld2+mK@Y1&Do&H=AUCIf_5krv&W zBu2XSYd9GFx>x=Qycq_fZ_zkHt=CViU$NOku4Aw}xnZ&6X@no-cCrJ&^;-DStt|&# zD-hNn4;Epy<9)0q1oGmPGm26eYzNmr4lGu7f3%vyU1+jFkD>*j?3V|Qe)-4?R2fG! zCa9IP-p1u8YTWP`kD*gr>W{X`2t)z{=Jfbq>TjJMrtCL(EHFY#Vv%AwtotiJTHrc; zXc64Cy#oRH69pc7mn%|Xk-LvE8R|dFi>y1%s4w=geXgfyyj}*>n|yRwfA{b%>H3X~ z9oCSOYkK!-mE9;tb7H~6V!?Wvl;TcznRI1jm|9x$I z{3zHxF0yAmzvjxFsy(4F!Tn64?-s^e*cujFh)#~KcXJyzlFE0@hOc0c&jg6Vk+vq55E3%m_?J{R+KX|AKz1 zBg0yPK!h|_+D?O>JrCPLYlc17AZjsm@1^DL{?+X2@|qL={nWg%$bg07!N-uW@@Po_ z$DgaXO|k8d4JYGS9Tn%>&f;?Us88&g<2EJ>)v9Eq%jup43e~x{QF=Ff#bv+4oDC^# zo3V5@L{lmtLu$>n8AG$n5ES{59jA=Sgy9O7sPDUGGCKHtKosxpChNMdR?&xuE{xb# zQ;(dZC{gUpI%ZN(Jsa^QxraM_WU1TxZDclj~d6KJmk^78ke4k>2&j{aqIrm-xezFut`{JVrwu z)Qc8!gw9tL+)NKIv&oNHbV_jRrHP@n5~U}e^eu<%+7n_tspKXusMC8d8aa9;S7u7)O5j|;4PY+XRDh^cP zy`}Q;G3818_SiKX+i9_%EcdBmn@L>5n~gAK%*w?YUB-4fj6-KLaFO#(`W$02_ zw69P+@~jbPWbJsxX>T^pfBMwAebbP|7bkOmsu z=rmHSfqN0lLeB*keTdp#goxR1P6n>?X|XN{bRtfPRwMZN
    }S*eZd72;#b>Saq7 zf8#}&K<018=fiBeK|v_q!5F4Cbn;_O90c@=pkB zqLz6DPC5_Vo3OEeIK$g~9DnutND#0ZHHGk>_ifLdKU=ql=l}4b(eWz#tXi!#ay-NT zC(E+w`tsi{m?4ledTa@pJ7{_0GrS*XHQD!0GWu@a9c9@MW^wE`L*)-`S54|31o1!M zS;XGmcV1n#8v{p7JZvgtlG(|_JtolQai)f?j&S1_qMxCOCYB!lKLdkHaeMBRJZZ!w4bKMIXFb=}m!Q zo7EA-=~|x;tafJcxryl9!t}X>+VsTuc>k7!0WWivP5-udsq5G5Lw|)0`(w2EN;;JH zP)ki-X?<`tV+J$#&dx4KW^`a1u>(cjnQ2&O>wwDOpmF1!r@jJ>Jb03L(YfAzrj|G{$ zeHkiq>`TXQ12jqO;UVRw$6&mx55jg_{`79G!|?B~53(PnXtQz1@@i4`~!86 zBx#h+MyJCCM$V)%c?f&4-=Xiu$9T$Tb1Fx1_p`q3bc*mL6ExNQi*+b>*)!LZT!0u$rv>W5Pu+`G)VI zF|W%QVvpCQzELEqLtP42bFOE-9vUC7;^uzW)!T?v4MviCjx5Nq6LIfPd70er^}nAw z2{q-v7nEs+@rNu=#$WxyZApeHTP%ulr^#HqR&^YQ`htA7;koqM7>|rWaDi07_eHUN zG9Vl&j|_?%b(mr_1M$aKOgXDF9;?y7)H`{;L$H5X@&*H#(~IoX{+uIv>!1iwXBE|@ zY1Q`bvAoPMge@O7^hEAv1YiH&d~ReFIS@^#&1evv8twV!B91I2@n&{`uCvKLde36Aj>ztf&=Z9^-FJMxD

    mG7wDig(Uue)IY3hEwT6MdX*2u_fC#A1%dcFT z{jFJa{0ZlgA9>loKu7)QwtQH1wn2xt-3+JUWM%OxySyHH>1n-vP@>?&$S4fca?C z`n#aY^p}q|e_dY+Ycu$`#{i3+OkABDI+seIB;Uu~;-7;pJ} zV;XRYFttZ8_`$Q=mX$5v%oH!2(=utZuwRK~BFo~++5GO&Q42g@34McSCOQ*1Ok789 zk|YrQ^{}}^#SW=T;^`Ezyzt9n7Tnb`u2%fKx%8O@v9imkvTGm0@M`*5!niI1id8aS zY{;+YcB^m=mD5OME(hZ0$Bfv-Dp8&t3R5JrC@!Wvl!BTz%W7|3m_k^W>?B3t9?v*% zs?gtWW%LbPfm9dXPlNZ#bQ*mL8sk9sA)FSjHE_ymB)S*N4oUhHG7)R zu6>K0{Ao^6z)iJY%qk&gs@L+SOwpC}iOFcztOx>@Sknf=qoerSYLBx?W4oS9ejLqK zEp(iv!1xktBg3dHh3G|L82*x5Tm7J3l4a2ype>(d)jLuzqQc;`_O$zVyh^=lJmS>) zzb!s~cAz}}eDq0P=MC4{oY9Usrv)7EV>HzGSjMviwC3griKHru;G*j!(ux^gBIuJv zu)r{lj{CgqqTXVk`qfgrUw|ZRLF+OG_N@P6GQ0Kkhn=r8enGSi@Wy#(=c-&A6;sI% zWKlC8m>&=yTdnnr=X3mV;40emXrp?6EJ}lNQTd$FphY!AcIROvh6@r7?zg?TWQ9B} z%qHZFDQ8OwE(CQ^V22%nv{7WAV{w=Bk8u`fGFMuD;!hs z!rMbJ+2z74{9;+w>>cmLAxF4O#yxz){K!;~ulX%aZIILq>q<)0+%paI#KA_eS8d1A6%s^J}aqgH4CYcezvkR`~EZ$Hz+Dj-^MKdnF=>{ocX%1rJ1&luj|mW# zc^WnO8YFI(eTzI$-b|y-x0FDTkzv)UH5lArVj8L_Tv_}nB=~B%Fpz?FmcXN++wwKC zN$H`et?`|P7$b|*P0x^(2aaAMtU7N)4@s(eV9hKE! z&HPzRZLkfs>#ar-%{0Tw3LyMX`h*Xi_~bG}Px-=Mvz|-m0(-Cdk%F8h5!N zuQ)Jmeo8bNdsoI3E@e3-iOTDc4A>1|G1bDaxOZ@naFS%3*G}-op?%3t9jd-4)WXrp z7z4VO0&t?lfv|5W+`ZqcN*i%TCJF$hufD=G7#e*EQ_lkUsxwm@)FgKM@$$YIReUqd zsc~hTx+EB2zJ|Ztde<568z7J_AQ~IbMu3DFfG+7sc%-TPAceiFl083(nvjO}^f8ZR zMGcAAdcD}$*VOHU33JNNfhGIUq70qH?=uHK7RN8W^HMF}lYReg;AnT?%+4~>gcn@C zb7!`r%l~@$1weZu-20Z^k|uF!sj|CUuKk-%fk=`m)_WyM>9GK{Pflct3xh1PlR3M_ zF@@LbiX~$1zWbcCU(Z_1udi$+oQV`9z-Vvc^DFkI3szc*D-m%Rdv7JzE}n!o&pw%W-91>q zjCjxp4UffcB<8o>E$uW#MLbGq#o=m9X%~tVT{SS5Xxu71U2oTS7Gt4noCCT1xOy*? zqU^KB7M5=Bb1}g3`^wUX)`{7#st7q28O!LbbsV900aYV2^+a$%=>m$!q7pT^s2r|3vpm^^~##e@Uhb<`_s zB0e}T`K%sJhJOjO!vFD2fV+InUSA2Gi^RU`$X?k%gEneICPq1&Vkz?(io@!~a?E|V zF0&NLrsFzUpb8oZiwMJ^F&KBBFWa3-a||?lz>3$lliMH@&?}*%ur#X6_RQ5nXV5IO zJVRwfcvRW)o5**?ZX3D&~YAmyJj$(Z{;A~c-5@83qIievg%XX6M>bsax`BRb9cEf)1gGzJ33J4dcauzPm8IqTsF6cF`3@dqf^4pd5jKH_2v6@ z>iXM+Ey{?*@`J_9^E}v_C7wW@pyL7t|LRF^|pF%z92;%j%tl6ZX#)<@!afVFDW;x+s1BN@kgO!fnr?hJ16 zk6vx?&U1{#wfgA%oCKFvEJWp{qEna8iyFfuT{|vAwd8jCZ_k@;iRS}rN*b|rs$5*E zn@I1x9X_W=8vl&XHw;z>t<$zO)WIJ)6BkByIugS;+B<(|<}W7_&x)|oI!sT;$ijzq zb@g#0;4@fT3lfi_=g%{;KOvT?;rHLEKNeQXVyx#n8(Mb+P)86c2y;e~n7k$|T$3|Q zV|j~s!yC?ttpSqf?%u7kY-HA`h$rIw~z0=!Cz65B6ey5r98cwukxe1Tu9t3cdQGAu+~n<_!SysU9ZXSyg9?SVl+DtsS3emwA7I^Q^c`)h<@ zoThFF$%|m+=tBW<>yNIu4I$?4m}&A+eq-SeLJhFQPuvn6tHfuU`g1}1303+1FOoHTKTU~)dk^$Q6(5Y|1C?TDc(Yk|M>)_SJJHSF}2)<=)!>9o?A?neG^yRC(MJqIaDh9PUyD(z^`U zHcUH-9CV*rbtoEIRI|+c+HrHOmAmwUNO|%iQ}Q!ryCzwYW;tu1$f2B*w>JXd@#^9| ziw2%FY|&ue=bq4tss@Femxr7|;l-yqClsqCw5ox=s9nGSp zRlobV6(=+Md;Kt!Fs?UTLI`f+=oRhzI3Uu-@_ z>XCX7(gZmwMsdBQA?anxdX;zOen30>$>2DLlp#tTun&88wc!=-c-N>uoe#?(XKq6F zIiQvUqUrj#1uGTEK9my@eB5uQ>{w}HqIe(Z;HA>sXkOyfQ^)x?hd+9VOe z-%DdKr2u@(SDal~w>nLdYiL=cZ+@M81F3_LjQ_$2K5_XpRU>S*{n1PyOBYCj6+n&sm6jVl&=77GV*qUnIH~X7+T6g9oUpCb{-DxLB7(Xd|3yh2IjG^%J=w zIX@DW9y{rY#=)w1KIxezfqpnxS*aq3%O#Sz*&Gt6=8)lAB}rD!S*2bEdAL=X_m`&8 zqvy`&>}C_85*z9VKz$6H-K09lnzBGatP=olJm0i!+DK=rgq6fC4mFHm6mdPK+?+g| zlc(`-u+ngu>*9IY#V~hgEW~g6@nk?c#k-L%>@sRClr`Y?1xyY(tC4NwOP9Na1#`I>yZ&y6hJks__TY$pb#+$^sS_48}}Phv}Ke z9_KA)M^(Z2mQ2|9iHcBlsGvT?a}qe_-5}lf0EHl^7oN=mVl2 zY>t-ZQ7&Y4ozbp^W-F1n=uDdZ2w4mvMCZ&STv$yGSSgxBEl-y@G2Ah6O~=39(&^tn z;Y{wc_~v$D^EL#$^kXS_;v{1dh%#105#TO4=dVaPZ?qNx+W>W9*4f<=I1+s5Ri0XL z&_0k5wPLhQU*jOd+VN`l?!AusoS9KbDS$g&uzavX0VhtJRJ2Kk+UfL&O{rcop8#6jm)MaT696g(UPu1Z_`MrM$0fjF=~wi3+jCV?Prx zjz=l&j6C_v`$U+QYLBm-AJPk{%cJ_iKI2GzEPgNM)yn0gYTWfZHI0~q6ybG>zs}@g zGKDTZi4!fU-;VZj)}@(|72Qr>a(jV809W#ccFHq9LuP^OxJ0j5)T>`DVm0$Ey_@;% zb$DKor~74x02p8HQrNb#$Rf2S9#l9x0iG(%xO*9(n~8}FvlCC5$T95dA#zk5>s@nY z9-vEv{jIQF7%>OGCNSzsboainS7Swfu<<>fIcaBj$a;y0*htFx$2?bPn+|Uh?`CpX z@4~B@?w1fox2@~AMOUagOJ$xeZU$Vm=UvruH2tpai?qv5Zds$4{+7s5o7*V(eiXe< z7`?3W5caf5XLifBvJmOVDg}Zc85JlGnkV+VLY@6_S_FZ`Ie8Haro$Z}cwC+bCfc23 z(6m+z%VQG`k`HJFJza>6E{)Z7IRT)R5VzZa=ex7+^=>-HJ-|F_=HwuAk56W@pE_5r z@=VQ?Of>)8qXJDUnqI?nITBhkoMy7lk2aL*=86W~M7qm92pMj$eBGH4O;_u_gGf&Pqe=!7 zH(rol^OQhZI-NRNOJpu%QO%CV&>6b3g%?LA=%J4NND9ERp~=L9n!LvQSZ<-7*Y(wy zrtqJwuh5aIP@gqeh~%Cu$iLqqoX8p@e>G_Rtg4ZWFJD+XGc;-sdV#MT4CxefL>@W! zesf!%?BDMcdgH#(hI#Jw3w0HLI@rHy zz4yd+hFq^Q|Bd+8iI7h4bsY>kKMT*-JcSkcb3dP{kxg~2rlZybDR%5k@nuue&GjbB z!(S(B+7p^&lvO9`Zg%e7@}iLvj#YM+>55`*BSQ;H9O^E*Yj5 z$cf-unH5kq7V`-`;KSUCUhl;Em%O)dFmA&n_DsDkp+4MNRF=W-kL^Yvbs%Ocw3tWu z=V$qm7{n^W%Y=8{mT9`h1mJp0SJD0>meqTCGSo)Rye}n6_SSxnvzTr7BUaM(JCE4Z za<2zty?Mq{gH}ehD0)x#H#BXZsdtYsjMN5<_P!jfl{x|3ngJr?t3OgW*Zau|jLFsA zEy!HjzK33%(j?*zI&FXX0A#8l94tmo7V#BsP~i z;kIorTHm+F$(H#!Pfd`2RVCNGQ&@L*WI^(q+xj7AygBgh8lI^B3+$J8X;;{-$WfDv zuSzFSX;wMXgX_0cJ1~-N2sUFh(e0`lI=e&CC$g$v zkXLnvg=G4e^==2sN=ys;OAoCUm`%FQVlTK?@9P`J7w_uK?^J>j3!bAjM$DD> z*=*%C+D~uB3DW zywrH7cXpV#&mt2S7X6GHU;2qpELq1k1JpVa{7nyQ#;x1I{|LM5P%CyD%%}#vxxAzH z)ET;#^-9O1PoDPstkq05?qUdLU;))pcsEN@~ zE3fv9%U?!6?+&~rPPe@r^S$UDF*>MV(k?1@Nt|z5?p~O#iUw1Wh)hZ>IrFN<{90HX z~6;nI@o7S*rD3IL^U7R5Z|pw>IMQGn762M zzdoRm)HCATN>Z|lj|o}c_HSQQ1#d2Box&~jcY)wC!%z2jH>sO&HYJeUsgIN@Lv~cg zEm>>eUOLb_@B8}W54$I!7fcwvZ#Uwa{kman6nPKUAD)j+i)i?r~Nvv}#1V0|SiqN2cBQt|v9U^G~f z4Y@rp*?Q#ElDBf1#-P5)>ClSq<@=G9wWz%+l*0+&h$hFolb-VHkdv>egoJ=Bi9qOr z-ou-Ti?WX{UK^pL;X1_@7wkMu>DuXAyL(-_XpPm}V{iw#O(fSm1dG34RG)5Vq^-tH z2HJvbYI+n9nw>aQ-#5&5(Lq_7r4w&uFLYb$%g*T>T337&^B`Pzx29hgP>4!*fi+_& z*4FM9LCaXtp)u3P{V|SVfj7*_V=1#>us<0bor;;h3PP`HYk*+}mfhUHRC%o-Nn`PPKJFywQy2bz#WcSI<_His@}du#7*p za*qB+%N1a?`#K>$ieg?=bGtJE?vrpoM3m0`;12^Jq-xz3{>gUJ)271uIr6vfL>FLL zLkYG!y{O!lH*zPZ}GEDvT+1^a+TPbO-VcO2Y5Z{6)? zQ%CJ`u*?>qX>T}5E2(pW%Jo@LQ}TeQ-JVNU$Ihkbljy4{r-f=^eRJ++v5>AiIkGLu z!uulYp&ZWYPYIX!CD*GuN7B@+lt#(VC&T3mXeJ$Kk)ro?bpr&H)G4gGpC1Ws9|%F9 z`f?!HnS;*?wlik=dQHWK26z^e^okR{(Y6(W7R{So9JEspEMRj95~b$>Fiq>cf!q72 zS>vXIQ^to3Cek0&4?-DJ(fAR*8~#&c?NzY>n9V;zbdhNy&Xgf5X)dns2BWH@6~xjp zSo7*-0ZR<~m8sm_+9JZy3Fpr6!2G5Fzd+9~R`!cL9fgzlJ7|91Eh8D?J7n9ZD^BjO zw3rlm_=jeI+0jv#S+u5*OmS{(k}IMa5~|#7eSMDyd^<3L4dlV@jAGVl+8Azo15yd! zA}nz1HB--|PB5pu6&fxHH_L)v=zJ1@won|+yCZ3*Fn8qdQ5n*t8`f7xdQ`(R;?kVH zDBRzztqMTT!@R56t<1@5ZI~t1T1V~8dL{Jbu5F;9nDG{CHW;ul94-wyN4#o1H2yRc z2IV%PFfZm^N-9WCqK+4Tk7&!WB>Le%n;R8$IE2u3E={aBa{q!*0&Iq~C0i?M;4wCP zi1K{z(J;;{e^&{^heXu4N)-PpSk0tM1RqRbJvo~rV$zU0M`%SjT8d^md}=l;eVQHD z&Pt76WsBSocck5EgOa?>-~sjbYD)7F2U?wF%IoE$U7v&f2JRNlbD0x5@zlOYUQ z$;YBMZA(tEHIKtt#oO>=gnoTdo;UzfVXCkHV6NTHPLqAEWsqrcxO3 z`R0Rn5$8N!Jal=0pL@A*+jhA{%Xln-z=FC8@*vW9p2`;yfN>;T5X^Mk^a#Fb8K%ft z%*Ye-`=Tlxn>I~WB{KE_2FG(%<8qUq1y=HWuIBha9zN592cDpjQ$L3}(l}2IpnZrB zE4ZNj)0-yJ;djmONF2&^h8gIlyr+Z~JdhdVe|hV}iV%*Y73+sAn-Bwlp=Tz@W-2x% zWvDa)-O2*_Zouvio2|}f2Ev!%M)ar0IkG3Os^A47^wU;f39tLmf9ohlM3-O7Rt5k) z^ldAsha;il=@9Yb>3H2T6~#<^f??8%@846+5*v`*Fq}1^R~Z}4>jpr+S)ICc`-L=fNAPII!q=?uQRp0V~ttCSkJ!>Z?QQuCq!cX!G>q?duzf5q$Hnp7; z=(D0ve_LhlFgWJ?7J5TzZV0T3^IzNAD{VBxT?nh3r{Yka-B#uu?A{ETPM`P%Z{p(W znfzWw+44Kxvc0aN*lu^ND-k!dbPU4B>=+n+nn1p)H?(E_jq7eP&WWbbnqrToUwvA=j)!lI@Q4}VM23#{m`IBj6T`eJ~L&WVjC ziQ`PPHmWFwP_HG4b7t()QJ_3Eri5LRiyWssMH{D#@u(A55NVEFB_YJl%4`k4@x~_XV$m*~%E4FOCv%bczo? zeQ)2hg?1;M&R#YCyj+}fTQ@ou)!*pO#FA0R?=^{Wx+zV;5U}HDFq_ntSxUx)g#^T6 z$mnEaQg^W?VjJtv*^XRn#W)=gHW4q_v$xvTwm7;4!ixti2IV;R!o zV2Le}pbZ##m5@%eCFMw`e2uR1|e*_k@v|g5AeB8z~cCn#|89tmOZg)JdSmT-Ks6+xMNF-;M@^Xb^Vw!*{A2!De0bhR_U{dZM) z%n9&72Eog;x|QU1gV1gZaGH!aGanu7qtZ}@lT}_9r7{bBM_N#+x#m&A%m#Ktxo(yZ zeHk<6!?{4*^emcm@t1X5E(IvZ68u8QssPU_d~aCp)75>pkGSG6qET4Way;AWgbOn* zusuGc>Uc_21dB!?(_(q$5z??mjkqZbLEq<2C$7sEMSW{Kqj&gH*`TWh+J)>k&45a! zpKC4*6vfV|O5Rgqc?y>ffrLv#Pue;jdj_)?cOk>NYdbLGo_HrLb&z3E-PXj1e;&5E z3)B%}e4-VB(=xU->X*;L9W!PErdNnE5}Cq@sTd{3z*2KRZma)1R1`xLxAb18s3tf_ zjqvO0hKyexYT(h2Q^KKT9pSLt3kV(GwTH;$@-qy&t)~z1VHi zr5V?ZLcoJUwgc3Wx{;dK;Cqy_@JFgE?Y9n0Ht{XZ+a`KU>hSP>QX;|!N&!SRW8DG^ zs`5QQ-`NTzL>9U7ZdGFvcYYew-`wOg2A3fZ#$>?@isJ5LdNri0{xvoKCz?l>T6EVU zZMt5IRC^m!s6Q6N%ebh8EYff>^%*IqU&9xdQ*Jx=s4GeQD0iksQjz^_$z+=raY&U8 z69!b=I?v+jOxe}6og3>34J+Zj|# zGE#XfFIsWsnpN~xrh=GIs7PUG;lJRL;K>O)8+9sAk;Kxqx~1aT!RD258$Rh^iajuIg7zp(F~7B-m;JA{yL2Hx-xl{~0~cbGI*pPjMxvqzBJ{15uz4$? z(>ow?r{@gPJFCQ1Rw$W<2`=7PI^NfoIJy5w0e*yUf~2`;S=;X2NBH8!C(a%0v|*AV z6N*+U1VT^pI{g>Lln7?@4$lTiaMja1w?+8!q$Eyd^ddLMFY4DF8>W32q*_#nr89| ze=B=1(*lj_XfE?$aPRD|wUPf19Lv8nGj^$k`Ep3S(2W&pNBlLR_?Jch8@UJqa01bi zh_^JPcz^8+`VTh(tGw4o1mJf{s(n~^|DROu-^kHs@#_wUK_Jm)5xvj;drGR1phiW`dD zj`gj&y*?B0TW&x^H%%7K-|OETnZ7XxVfSm?zm*337qPOuLmiEU2_p#=_%93oWm^zT zrRqUHz`y+GFKY3Z4=h;Kgyo#y{9$Sk{$5Gc_@Ny8{Wy47=@Q`sKbP1Dx zx#55N@TNTen;)$eSCP9Hs{G|I?fM<#hQ;>i@~zKW1n7;wU2%(=h)Z%~1bA zW`6XUzMpY)E~&`g{55C!-_H179Tzgjw=TawgAe=c>jxuNXtqiD_3tkW??<2FtCFSg zjzZ7jk9G*Tw(l$TpCEUUz1251wzgEH`@Z>SgzFbfS>(){8CV-La{LkH>Aos*ddwd8 zY=i~-n}|*CT0H+=?$yUfXQIq{;u!Rpj{iX>|H^U*KkWLk^kZO%)HSr~#-NCZhyDaV zPJ8NYxyNJVVV-m>JdVzk3mG2s+rQgR*C)uJ{CQkDC8Mtp=()5%AglnZS~8Uf3Cd4o z(u`A$7wJ!+-yjxW)?cPd&PD}$!@GuqCi(}4{||6EG3ju>rYzD~LdfCIbd*S?-v6XH z|CP{$;bFviE-v|!{6W9uzX!eZqtEcgp@2P&D1VFc!OpILC_uaO??VQ??`sicy$#ts z+23+_Gn~3B90nHkQ{iDa_gkpH|A8<$i?Tf#C7dC~|LKkXUCk=pp!Z4OFggC%snejK zLdb6X11jK?;j6cW-@_Rq{XH3hzA3)b1R8XxeT09faFEo@&#%i5gXPzsq44!%Rr}Y( zphINSujT*dzl!~TWF`!a44}b*LqtL#2^IT$$MVl`i^=jWyF0-K-r@Q0_lga@zdsbf z?Dt2B=g+t0(yTCl;*+7sg`uBu;Cep(y^2Hj+M6H#_D@_P1W8f9|BthYZzOPr2!GFk zz%DWyU6~#i`QclU!C1wp`bg&2HLpY>N=y;7qB!!x!<#`}A2e3+5cr9{-Y1w8@V; zdeJkFvODq=lN7%cvL-$ZHT{!)T}i>d81sdXCd1R8`W_eGBv1mKS+E9E_d4ziQu;>p zvk5a`_@SX$IVI72Oo_ADtr^AVg1^UUe3oGr3*Op>v#h`U^i`P!SI#jYF9)CR7Mmh( z)i=>TbJ?r{HXR0nz(@9xcts&jEpXx{AtyTPg7|=E*LsIqKM)rRqx-WoqDXut@zDzE z&gT@Ugp3`b!KCYq;Z`sL>PPKnB4`~zcHJI{C2u?_(6P!4VrQ=U! zJP3?};mOU%-TC?`khL!A0+~_s6Fh!K04qKDn=mNV!!pKx2`xnVDS^g`onJqo31a_m zcjd>9pf2=shnB@a$Iv&PcTZDAd?A-|nZu!ZIhZ_va&oR70jiYjJ}&8ipLEJ$NZ_6t z7p#xjB6Gb$>VgbC>sd$?GuRuY8U0f4$Q>E2#p(x|JP!{;zh|kptqTcGj9m|=#SAm98OC-?ln_K2-B?Iyz zO5qi5KByq5vvZS-6b`EMn|k!NbU^R5U||7$rD#l;lA|s*;{0($h==$zg4(X&0bS!z z;LKp#jm|gR6PLbnt}v)sM9`*IxTDr~$zW_hy z8i$`w<$A0rC(TTW$dwWBm1v}g!x8c-zvmz$70bs+R}(__x^+JDDFjqePq8(f56MB1Ve};6 zot$1bdWik){$YnmMYX!ICZLz6%EvdRM}(6rq$+!Bh!O$nA5pn$Poishn2-?VLXS79 zUqBm10;FYTHSV3orr0z&yd0dR*4w?l{Zf@al6f$z-kUfbY*a#2dbd`15aPJTmvD8d z?dh33*}ELPFmxewTNkm{K&w6e3*ZPv0ob$~xBu-}O<1IzAM0o|*h0WtMW`9AQ__on zCZCxUnT~Z`eA8vh#z#N-Vf+M`#i~t*dcdh4!A+l#scRpm?sav2w>S1BdFKQXPSCcI zW+Ek^3bo$lI=9UBuBo{A#C!zVD&raKyqC{++uA&NDZ6_xIx((V-B1_Mp7`ju$1Yg) zQ-Sa1MZeW0DiJj7Ud~8-iyk$W+{hEVaH9fD`t>6q&Zt`*2Cf1nUNiYhJNF=}*Fop0 z^8`!!ZF@`~k$w%g(e;u*YWcZ!9ygea7H z?V|m5U6_ni&?^wdKz~DR{$bO*pnCUWw&omXm@{jESIsK!fapwq+{nlh2?V-M>3BO{ z6aDD_AO%j-NP)9d%`=aGc1YGqt?G91&(fn>K94^juh?^3Ri7~SY@E5&5Jvrntp4$s zV@i>2VZ(**N~aC-T4+`fr zcxf+S1YNi14>vlwEu5{v^}o$hXQooGN&$duRHRGzlGKI*$b74$rNeCuTKnF%Pg z)yLh8MV2(mQyz)SOqpq6PegXdkG=Hqi)Z-ANZ zf=D4{%Tp}Fw4U$pm$bMyT?B=i)6WK$*5UKL!a=V|5qbSP3jwSje*(c>6rJs)O;o?2 z_U;7RekHkH@;f6XJeoXB&#AXtaoNBN#eAvY@lVp*dv*n3NKWh+nSxH zZTL(dTGv@;gWt)KW%J{M%onI3w*9(KPuw8zje#mhDUjU}B%LBUS0By}tSKO=$b= zxUOJw)0W^WyI26(9{Uat&9h><3jk7v*m>kxv2#Ca3?`xYo!npnb?#$FKJPKNGe-Rq zY>KA34J=D#+B0yv4KbQFZ1a|)@gz>zfV-yQ^@3)8aYGW^c{ODHMadTlf6$t2tBLm$ zQbn^~NBsH>=5R^kK+(b@My_mVbcOtZ$48S#Tvp|^%3`~u$dEzkpV9%r!VogI_Ckn0 z=ZlOH6!c%i!F!Z3_4d}cemNf3cT*$oL-VdB&dOhi23gBKg^rqXI8-5I0YXqBiVV%` zkuq9g)1RE+1idfb=#s+08NGINMk_X-DEXsbSO!!^TX;S_CV^E|*{27Z_o6`=x4&GO zZ%?wou6F}*l4mpE-nkXLxbK*DXWv<*FCBt1{VcD7Qf^ZtN0m=k)BG4iCRQz(aAuHr zs$yLTgg~&ka;7Sp%~ncp|mZC(EF3&(F+b>I8hhzM{ zA)P;n2bWugToD-d+z%l`hHAL(0BU*(Q52w?O~G|Y)f4nTZHWcfk3E$_i(RU#dyLpy z_Z3s_kE?&#fQ$5C>+m9+3fjo;^;hgp?_)~OlM>g<*+=Tw;U88f8j^63xo`T# zRif@H#FBK!^4fEO;RC2NxBC-$+i&946<7Frk`_qqRACWG+2Qa^`qKrv$i!*>>3=?M zPNP@ff<;z`%PtR}N2=M zMh@|O{?89tQ2t)%m_$)`M^fM+Zajl$Y+f$$`!*DIK*sNL@U7tB6-)+#pN)lC{I4Jc z{?k)uJ7=MVx{*+yTPI(nI%>GtHflp43;^15V6fXJa&*kEhK8V9{H@_$`WJOp?nOi0 zjI9C5?^B4tvy4?%9%BseyDrS}gU=xNd;#h1T24p%$BKG5TbF1c+#3pn3?A6Md(%_a z$h3f_h@T|m{ad*Q13^a4j)5@=P&#wemjl$);GZRi>D!Klzsk+MIdfZ$-6p&E>`~{} zn+ef$g&<>r7cKSmb?zK=0zXmMk59J3w;YP-ree7TzctuGv9!AlcN>)hi+&9avi_Bt zTaLlM073QyKT;=fmcEnc7AG^7&1SId*R#E-FOB${@LXzBH;&(x%BCaMv6TtBJJ6@)*@bJ_ z%;0yrKcB67(BORjW~-Y}-xO28gEc$b2Yg2ps+|tF${tbLn^1@6Tt>6s7iyUys{>d3 zyGL*3l&Tf~CjuH_RliK3`P_Xqn39iyfopmh=tHhpncd&IyX3H1%?h9>x{`3;GkA@~ z+~umz;{3j@trYU)&z6s;oKroZk4TuVrYJzlblu_CY@o$D^}up-#3RF?60&4;=oEn+q+@^*}L9LNn>`-9}@}f7$>3RxGP-1;}FCl zk(faDPvba{={npF3hn!}`okNwQqn0%M}{Dpcx0eR!tFwqzGo{}wSF1Y#oUL+>V0F! z$lU$2kZIN#RqacR76)2g?&{{edZ1{?bPY2jX-LAOo(2VBg)_MDij|`erL~oAR&8$E z=?Xl-2l8N_VIiRP^k&)3>hkL?;t5vBB$lQ1NeanW8Z)yJA}w&~cbwh;EF}p!CF~D{ z1gBEahoP+nQz_#{-?Xv)cD+XtIGjA*lDa4+e+4#@(hlUjhq)T0-pAi$SqW(%X*t-h zrucyXd*elTQr*}nraq0i+Twz#*k)~DWg|vSNouw9p4-}#OZH%L%lgtFZyv)tF1O}< zIcQN>#}iJJ*g?s$CMhcawh%Ap+unPZ%1SU&uFNFQ(eUWHXaTXA;0XTd><#=Eb)Xfp zPJC|l7W!L640L)#uh@jFF!nxW2&-c!o>$P|Wm*%PeXE~{KdY=&eO}Rb z93t)ttMeYRREmXtJ$1*gSzvT7oUEXwV@d4%JwqQ0t{X>d(y?p-7MP`IsLn2V zG1d5K)q5V`{A@rXiDPMW_(Wg$Q>Y)|?U9C2RfQ2je{sW{lA#33N+KJ!Y5q=vmx}!N z>j~2Yz2E$Lvk0dlsT6$4X%wXGePgi#(9{Mmxf;!;CCv5CQHO@v17;%|SUASOCycUK zHvwWiXPJXLJ3HikO4zh{G0Sm`r^{zRKDV>%qBn54iGJK+V)HYDb~`#6V}y9R7m{Z9 zFFUX>VIwi~u2&JJv+9lA)n(tVzUiG=s{FSle@#&|s&YB!*JTcF38u$w2p!G6j*8Id zis`dgOSY8DIGO2}xsXx?cRms8m8jHF?feWnz>i=3e1sAElsh*#2s8)0gur3udZK4r zipzvS87IUy69L<$LR)wo$Y5Ry_lJV?K0AKhI8>L8Lg@c+ZnRedxc^+>uNjB@;3>ZDXXFwJL2yGub|ji;gJ&{<$13nKh;~{e_DkL6G4p;`+Iys|NTt%y z7^zv9{eYq@l1$Xb$?Fro8(IPE))fUMg@9!flgUULc7QcUrjm(%_nhVB?c6!d~;UQ|x~v z1D-E$Pcu@w_s(GT7_VoD)H&5=q6-_Z5R-bU0fKN#Wo zq*nC5BSS{Jw^7EoXb=ukee<##UWc{APFzF_E z&0P3q1#i5&uSXRos)(7y`?ts{rX@<*F`=q~%X|H;4|j^y`)65RLoGvuRBOd=zi*q! z_4eK}cJ(m9BD)kB%_Ld@#>>SBGQM|TBE(Om1eKWv8kHv6T&>F0ycEINC!>CwN7LBZ~)BH5h2>7PP9zE;`-TdliPZEi~Vg)JQKZx8=O?@lx1z>AIK3hV_A1H<7S%j4Q=Hk!?JttV8B99L6wYkrN1xU+M0 z1T{gT4)x9zzn810c)OB7fe{psT;QeU(QY%34qNkV(W)Gr>qHMF7-<=wWqTj{;2%T; zyo)F%0z^N~Ft{BFD>bu1mnw~fm`?X;Z~aUM~wLw#^>@ALw!Le6J&9a-lzr}-iC)A6i-v$1K7s1 z{+dR2LoITrK~l2~sjwnBz*0@RA0-S~+*yh6cF=Y!Xa@&qY|kvPg6{#kPm2Rxs{_R2 z=$2I{%{9|rw9_Q1+V++iww9G|2B*$F8F7PIO=vTl zIWd|jd2=cnp^Wd{@4z#f&DGu4zlaRc*EIc_yq{d39+h{JyW!OId>DN0_}n5jez(Kv z4)R_21aHI?`f)G&E1%MMl6UyrTJf_iV5sgbx$Rw~fw#jnzg}O|NWSK8-UT%ujJG_k zNg)(&&n!NL9DqT`l?gGJ4cyD6IgWO|Xba60w_Z_u9deI0C8poI@Ne~vt7=Rp=Q41J zGObFBjo7ogpZy#aM*2cpscz%|TcIqa8Yn->#?id1QKg=m2M>q`{W9P#tK`_KJ24Nr zcv(Y*a7NUMHZ3E1HglM|6HNsNe7G`u=Bchw%pgjROhmo-gRdumFd7C2SEmA{xXfBy zY;945x4$FfH`C-*-T7A*vp4}AGtT<#R27GYNV=OSOt&ws53sBDYna+Q8W8~#F94zS zZsEg}VMU|S!l!?fI{o7*%Wvy#IjL#C$P_*f+`NiLA+q0d|3T75Z1X-Z|F5p7yCv&7 zyDOE%Dtw0UxomSs)bJ%wo7I{#q)Omqw?JsYGulR=?OF{yT18d_A5W%b61BcUEnaz9 zxV%O$sm9Ldy(#xc3dn(_n%Ht)&@=oE%gnaZoSV0@J@WdNdW|%w5vIwPrym0}mkfCR?p)?72!g#xCF&GkC#;Pqx<}P0b4^LzX zkIt5;b1`FF^1_t5wngaK8ct>pJxOVcakrH=V2Bl^P8H3Qf7L~QYX8lWDJx-a3~7Ns z_ep4Z2lQqm9pus7yWR5*$QQl$TV9L?ICJ2_ns2VCMXefIP-T&vkJpw1&Bl2ndzTXM z?nDzD*!&dKozK`jZ%@iD-(0M@(%g;}AT(1_qR)KP-YP#5*SQ3T2iV76h4!|!DA^Bw zq#own+bk$THT1Dzw+Qh{UfLnYP;a)NB547!lKik|wbA1n{LSw;HeI5gyp6DtDUPic zbG}(WT3_#Id$|fhF`EPEN1G#otDN$ z$O&G&LVUR~Cl{p8rBJZ9m<*ef*NBEe;Wg9YuLh>(UYDcOzK~%hTssvCJCOFTauoglj*U`f#RBY%e(%298W~metVAl5hnLRy)tQJbAhb@TS}uYHEeE zS4ZN&hAgAElA*ukoZFdM`La^ug~0x@7B2x7HzD<}UY~%kE~*CF+oDlCbrN=?Syp&= z0VSLj?cHwcke7u&VmNyk-El~sA5`vcG9v7_g?x4pB?AH*^4gQ4 zlom4}b2}x+k?)RRPjg0x(-4>hlSR0qt@qq6^%*JC#*HSXn?OkVf5xakF&)O0pV)%5o0X@*gXC+nmiyx^Xf3hK*9n}`;1yzn+!brOtSYX-!w z)S}(pys0&tnsF!hD(Us9IIG5 z=u6;EOeHU(=Cn3Go&MCs`@}n{<(LyDFUGOUoE;!}rWT<01!ond&j_-4LUPvm~9I z!=mgRLrvwsa`CVvj4a2A@LASyo8g{`NeL6o);}PDP}eA$+PPRi8w{`tppIKCWptnP?--$!bIiT%bHnT-VMYn459#bWbDS-*4T>mb zJ;W0~zvbJ$ppCUxBl$m-1$tLwnpH-B|7%R1Hmd5V0G9ai`J|;4i*NN2e(hxq8$eqZ zByU6e8&_c6FY6N$bdtlw>h`9)5uZf%96kqH$Vlj* zkD8)b&k+5GjRwZD^|e@A8>U{^KkS(8bl?58f9u7jwB>vs zzwnOdkG?n?Ur#tIA{Ez6LG*ZDf<;pvsU!L@AFB7?YQCQlir!cb#Z8POp0`exxN)qs z74uU|pbO`F%$0nuL1@}ot-oK@jgrl7PpVYCqQu&>A417x*mkZxBcn>=)NstP7XANr zv-RfTcB}qhyktEPnYOz*TY2jjD)AbE|Bs2y%vv8JzX$)Li_BuLUZoxlOWa~W1JLT; zBV_9q$sP(W-Kv&4_~r8v1YzZOrR=EvhEgqe2x0w&p0lw7%`b{jQR{#w_)_$r3pR3q zBd$UXAtiXTnp&ar7P$j>ftpxQ&4Zcij z%ait@cG}CyMs{7(cAuQZLZp{f+YV) z7_!P5uPX?;&y>GYL*HHq`5yK8$n}HyQrpqY$+?G{@GIYLkb>TT=UJpeX)#AQgc@)K zIkc^~>ji<(ijP!OGyjII0H(d=`zNyf)x#JnGdx}K))P?zlu+KyRD{QWlt&jMrX4P* zlZj7j`|CuZsi=Rp?AIcLI{W91PER*v3_Opu?^l98Y7h>e9lf=E+9~7D!{3Bxn{Bip z45l(4?;jtFXnJzCwDv1TT3>uREi2KjH$&{!b=l{SkJvhBp64_|W=iBu_Z;GVKImv} z^0Q)j288~hYHfa`u$(pGcNz0)^TEyBV**z?8}F-p)%7NQz3EA6GHxKJ=37E{Gzduw z^Tyh(l!0)f!48wKA{M~3m3rfpmYqSi+^ZEis0#1D3c57?{tGq@3uEU=OS4&%VtnvR zM>FHR`jPIl@9myy<1|Y6xVPIuMb>1dMyQlmM@#>&pKt7}`y#nkx)UQ>VgXFn=A8OI zq;PnEk{;j`^eXU;^#DgbIXvtN%tKI^3O4Slf?%YxKiKy=1tvx^V`6g6E9Z?| zaxW3q5hF$S8P?6Po`fzT%@s}}yKgW099kzpb<$U-3fEhf)Hd8nlvudBaP8pG13by- z7xVv^)7m;Q`gMJt!;O+47Ki&b7`y)VvTghPy21eXCg{%jl)7a;vy7yDQCsA`(HUm_ zzEH^SX4u+=;8)V}QPzfGZG9KkmLGRlq-?{qx_1Of9+IL!a~ol4t}25Y8Fg??MujxS z?FnPodZxvHbFNdi(?QN_w1$ZmzANAXoE6V{urb{pP2+aQ_IsH_zduDA#Hi-!T^C#s zBH&u_B_(UM1Xd_gFK!|me42c2`aFN0rC%%b2?)ht12Og|OFQ&iu3k$|B$v6urGAxQD z-bd@dfgC{s*oMT}iN)FtrUFWt8UV;aaR~z*C=s=iVDQ!hzG4Cq|)IAnyNI`K=3VEo*qaR04rw=q5(A0 zq|BgjUq+v^_Ul#E(aYV%wEoE5NcKCC{`D2A2w=1%5fHs#pj7&r9$kU`!@%rh`n!|{ z#~-7kr#@P1UgcTwEg8umUHZjK_KSg|?2SG7&Y3sA<;oNOAY`YNZ(?=n(&h4L62 z2qDym50Fco47ebyY(Q*1%yCQaV2Hf3CXCi9D^twbY6TPFA+f@;jo8zIPnSTVx`hGM z*naJ=Y7U&ShJ^Y318Bntt@qfZrV8ot$@Ky0{MPww{ZFAek0}#|p|vUb^y7!&bn>W& zh*#>p$cG%U{34`oN;nqJ^-t@t;%bOMw<!VUt}4K30`&{| zTc@gOqt6>Mj9))pDLg%DDe5c)?#}8-SzBxzuu6%6ykT_m;;_iOCDMKW7QjQV-n>cQ z&c-UY?kdT90@~!bS%2UGX^5m@kFkA1r;D6^lAWVO_fnW)d6UprTQ3!P9BNiXnF~QW z8&#FuqS@$JCw_oTRr|O}+)B#IHgL0o5tM^iM!@K*RLvfi*64SU7f2YQS^QuL?_3(k>LR`rRqM?v?1eamLZabetinNq~(u3a@|@ zS)-BM{{Z?@^423UOXu055E%N*yGR@dC38$lR3W~nGbx|#rtuU!1((e;*1~o*Ftz^U`1=ivPPtA0v54rznhJM{cBZ&i_bmjG)Qx1y=CxI zi`V2-73O;eBdcV(Rps=(@6#&lvHt#*{(`Fz`K*Od_nK&nx(P}jCqlFQV9E$MLXFLD zZXXU#*>ZwsM0Re#Lu;AV%&Ke~BpQawO2Rx}%^v)}Fv68+8mef-)FDctddhZ(E+ub_ zCY7C|x=4I@q6wDE3M8@5iWQG1JGWsFeH}>f_%nkTgC8O*p{7B!V(ic}N!J9VLY|OQ zvtX9$xpiM9@xi$7TNCV!I?IBx-hSHO0CL9R{bf=019F&|oW^5FU(zmg6CAd@%eS-ikQR(S`Z7yL~r8s58bKxSLxy zfcS`|WF-09-*x6Vi!3LH1(Rrwm;^EO@J9a<0YLA|wV7M{3DRkDZE}HfR zI6d<@`!|y0!m*quX|W*(f9TGDaKnCiX;*G6TfFN)ek38PBXZwO{OZE2_pr~hy7nhVw;17vDP`XAGq6b(Mf6uAvDzfyVN$a>L-Rk6c~9&r zwI1d!^oe-E^DWGwh8i@RrOY10J{x$SpHKsIU#y{5${_4B33MM`Jn5m7mtn*%MBX6T zMvhFxtd8N~sF?0L4gaqfSySS4fxenH4*Vic@)Ig|g*{#q$3J9_+zYAY)1x1rn`Y(&9i7yJ^)f z-^Q_AUs8T^ zf1Fx4pK329p6NsI*mLP5-20`X_!|?@+)x*)WRk@V;t~`HZfqd!0repKFjsz`XB@3( zkrMH2>Eb=(xTFK8t_@#kNqwrej}#@(4E$7dap86du@?xAy)#??OyY(QB-|i5mba8q z=XT-9smvHD917!miy5pf29y8B-EYh2W_9-MmqaogJzmh@AAo6r`W(-D5xy;HMi5s- zT>v@UP$R@IZEnA(Zon@^Zh4&bD9=j})y6+%)-&GGAhNVZIaj&PS^6}oTLzbMIP9GT zbMPK$ks6$B2LJm(YMQ`7yOJE*)&iW?`sZ*jr~M0^zR*AyZ_Yv!WA*L&v*5f__}-?V zciV^lNt6d0-KgJQQV|o_+G-2YB>@N<$FadYKRwPvJ$g$@9G&i9Y@WBVR_DEN(qq&7 zD@}Gd!P-Y6H)Q_sF*YC@%LGNVNqo~Zn@jR%-|83~`=@tD%9f2|9`p5B*iiJTbd>(I z@#od|=muVHk1&Im(48jUe3DS*{)^XL6(0qeRwoQdjiyUVmT1YpI!R6yia#SQLMpek zzzB8X1#;FH$oEtd%wG9T!7am}(Mv6r0{qQ7OR(~62+9gTeWI(yLZL0Yq43?cALHUw z6foA!SALZ{h@a$6B=hSqrZt_~l9?iGi)W!nti@f~F#6lI5sRrP)IowSa4f#J3EJNt z&}g^9K213b!;)n_T!`&S7T7FnMy$oCPIVVdkGmT?Sb)aKk#-#FH5vj!p*hP0BQZmN zzA8J(YNn5b{NwfPt^=-ZFD`rLe;_hF*`MN0o1^Z}8TRDOyrK%-5W=_RI1U1HNRACa z!|IA;Ghzj3=JB}8k^9+86ehMX^z}($gQlxa55J#`a+oBDFQt(AF}i>RHLAQal*GYy zk7W(=O)SL}G>D?!&36|3PySCxzmqU`nlqZh6j0<3(B~`Xf%hXN75FYhra zNiEy?qU4h&xuDTv<;WNe)jvk7?;lM!P@GE@<%s$q?Ggmh1?mL`FR()Jb$G^OPudsV zNc|TZxqxG$4AjMzMjF@`o!lbdnL^XR=3t96<80#FK+QG|c*8WajCmQNo(wNMWr@Mr z(TKZYS_VxZCJBD+Z`yIhokWHPLw{^*Z9&}aWXe4Ygh4!FI3@A;EC&Mxsku0a6ok?v zeeV2qG-2Mi4w+|0z~SyLpcQlO1Kgw>mF4_cr}2_FlcM=;dNhPGmPsV9;iIY~#uhl{ z>AX_5s4B>NdZUhQ`*hv#XYS2p2PSJ+<^E(e_uuG*CMqso98Rhlu zI1|BxbgsTZh?Sk4J%~!WVc4eM4X~SUxkxR`bJEWBvb3B0fInF%o5nHhX2i$Jp3r4v zW@dKqyaxDri!B|>QB^qRIVtA6d+d3a)qcltkN-549`L#BWxvM-i&8b4x77x^9++NZ zpA>}x^Pga-dCafTDRyoQn|Hq#i#Rey8cgkv^ISbqfo+bW-TYw`hiy#UMY9d5TM(u{ z06&VE=&^q*D~Z9(eD+s2s`*8azuA}cQFQS|`H18Fy~3hzMfiw*ujdZ#Vd;88E{DpF zHCBWxQ$Jcp`yF!%`twXbmTG*CPc+BuaBQXaUd1F5v(I!SxxGj8WvLpX!9wCkn7IjC4QvnxD(#i)C32oRt+9FrY7ehci)C zXGZ@DPP<(ex^}zCp{PX{F7@3o>lvR~)WS1WN(;drG(N;i1HozIeTg@SWAX514nnvmJxsfXb=w5nC70&Y<-SOf@f1I8pFNBvZ>L9^+W>`Nl#^94k zP6J}(jg0>asih+oZvM0u{@q3^D|iXNxw{|wp(iHkFT-&5F?V=F5Roes6?EDoO`g?v zw0GEy1fa88Sdlw%(Z#jkL;5n1B+=+LOHgVdDuI5cGUfQa-$4E+lbl}_oX}IauQ1Y= zYQs435bbo0>3P;fsDSppl2&nLInG&uJaYP+X>{$82!6h9jQwg)cdgGmHE}@)V1yc# z#hX77_jWNsG5eh`;x$Wpx+aoHO);XnDWtv!KgBJ_f|*q3&$oECKA*X@0b&O60*>{W z&y86`#4nW2c}l<3B2w%a&UWTGLe^lpnhyRdcrg+EIpSuD5FYrU1kfuz(}{Ielyf*@ zlH8bRzlZQ?G8~SiVSsOKTBs%_rUH~C1PQEo(eG`2-y9g^BD=xDXhz@oV%7xR$;kDL zsvTq0Q%3c4HJVx}zRse;-~y1+jM)^5(Eg0+D8vqkxaD15X$^lOBuS9iFm!Nt_!U(` zR8pvOlLGK;pshFE``Fp^^|_O8*-&rf!u=QYa0-AKX&iQSrUO741SDmu7iWR3xc`7| zW`2-p%>8oK9@oNW=GtmkQ_Ewp&p!>t=bawwqZ?se>vru~)q2sH*5m(G`Mh&}zqe_^ zdwbqI?m|p^$F>H<+r|Uo@4AXE;|P5ftNqSIT1OPdOxc{UF>3}wj*WrX-c_54rO=^i z{C(P7Fw*&99pIZmGK|)$;M9T~f>5@_+VW#`I+Scsa0cHsX3L=-y{#){>vLrNPsElu zZv(EVWjzI<^popI`Y|(g>z5hxsZ@#e3W^LSyHpkKwlGeyNYp_`-bM`5lQK?`qL+X3 zYHYu~6f@UkJDcFzd=8$C(PIzmICM6*7I@0tPlb-S9roDQ$#XAG$xmWUzsMmw7AR*g zVEb|a-EXVahJ$Y#XVr4ss)=TxZpar-rUn`86x@>3OlaLA{=D+TdJ2sxMw;HBJTsp#=lnUhCX`_rfqzS`QdPkJ>>DUMrKUf!#j5cbu7s+vR0M zB>2jC!^OC^3w!791`t_by+mTFLq2oM0>RDr&3T}}+M91PQH@ncxN%aC#fdQ~3gT6{ z-Vusyj(HYpxz+Z#!FRtiYGWom@i5#hQG7E#>Y6t*OQ3d}s8j<8Hr4+qIBaHUgRe4I z?-b~5!jP4pk!d+X)pjM!_D;V=pf>-T?QA+Wr?wWkn+%g8CRW81EpX=}{ny z*9ft(V@AsU#Kt>Kb-fX|FOjL53B^}oo0Oaw0aV_XwUu#{uw#~J5-o%?2MiW!#(Otm zhhgXs`x0`RNyH3QSS~qG`u(i)~c={$^Qu{-*KF=uW;PSf35fPWKn1#am~g=-M)_>->Tm&)VKgyQ^Q6kIOi^6UtdAySGF2gc zd*UCgm0SBPin`xSV<28d$6t1+prI1bBMBvN%X(U&Wi;BD-xYQlYt;UP(U6?L-2|F) zQosGuF#qpSS~{=npp33hvNBWL42g30OWfik^9%R2#NrssQK#M_N@Bin)#ZKHR*)MvLf5GxAcLOnhmkSJX z6^N!YHZtdvjLG7uI<`KNfSgACu(pvzM^FO1Y&opOl0nk_Uq=7c-YivaCDAl)(hs#` zTNEnxSd~~~Iua~8d~5~%*|Zt800u%mO*!CoX%+fQl_Z8ysG-UhpIEhXX=!lZ7UyI% z^Dkytkmz_^ljECIM@XM5avzDWco=l(Hfn7Vviv+)XD_3a>D}ZV#RntdADWFLxH26Q z@%dy1@@uTK&K4&YRuJsci@5Q82@kx|s*?Q}frIW;UP^aJmh{G?-&* zex;xI!`0(v(VhvaGWFFHh0g-9&sAqffY2K5FZftXtLpK1PK~L^G~U}Im7Qd~a=NHu zyAd2{=sSsJHk2nbE_E2I={wD~55^dly9c)h8)0nfFP>p|09jfbQ88hEdc5*tu#uVs zaC|PTHi6W1pTo2X4^tfV@TmB2&QbWUzKHvYyR)u@35;_!&W-Ml9*@&zU5^JNc9a92 z)P`tpd&dyX@t42799-&5NhEBr@Edl|QQge-Fi55A3=_w( z***RCH;KppF%;qR#)e5AGE~Lxx)3Uqj19otMjlU6Vs6pI+IQXkX4tz{<@w)SVn-9a zgcTrKVoJ7mJk1lOQs@rT#_#zqL1^uf4=5yk(*K*J)Y+$9H@CbT9g{{v$H~}ylQ=xT zl?(#v^vC4m6l}eJbANehy}#0p4s_T-j616uytA9m9T_PIgVTTB=iWcw-`oXzj?%4h zm7qJ3{FPJauRL`$Fs6VXpa@Qb# zumc>Mj7!PiJ8dILwH^6bXKxR8O=sF$cWBz#&$t~IwV2ggI*f;p=mvK33wg5Xj!094 zA`)w^Nk+kXiAJnO0^x4>40ic94i!ptwT|@-)m?|^sMr>!fskV#DTEq_BbSz7FhQ+j z!Rh%f-}&>K-$yfHN8 z%6Q8%UTN6RLZ@kefFW;*0 zx|57cfNg4QZ@}TCpn|9;*HT0a4s+vqP?=v1k^EjJJ&#R-{aYijqm%Ze9?l!o(>#Rn$1XzF-DE*W2R;(U|VkVuw`vO@P(V{?+vP5~A@{LvF%9(r_$< zlZ${scUH!y z(7q=jg(PgkT)CK;wWqdtn1OO^X4*NLCyIwz!;k*;xhL%6^vzckEYvZ?xn=0%UXLjv z*e7noM@-_d-DiGrubi;jw+>TzPg8rh=J7%?fDHI%%SjO@;kabC6<(#KkRrpE8A zO}m+?SxdRcp!YE3eLrA-w-r*RW`>vwp|N7jYI0`utM2oCX36hSjtya6)<9l}tCzl{ z<4o3L@1*HTI$KS40g~`MeD;_M^4JlVWUoS-unQAS;j zzibUSI(m80g}i99E-P2Bk@C;@fxy6DL3>hZo zPR2E8)T@gcB#E?Df)ZQ<{}-dNZic0xG{?7S<@n(9&CTBdd93r2_4U5n?pflY>cfG( z-b$ExV>Wa(@tYNUY#WiAiwisPd5PYQMr$3R?}D0skV(apxy0Nnc#r*E9+CEVt;f?b ztEzMS{y8ttH~!z9-)wZd)3vK>UL^4t!6fvINRCPw_1Ohw)nM>NPy$O$*?jdMggk&r zf?<&7(sid`E@jkh2SH1d>q*j7rsB_^!GHKbyXZoYsiACw8eUD8gO?d@npsnoybUbS zRx1>VOTx%hgciTw>h#NVQ+AG9ZGm8P(Sl&KBX>G)YR@Zs0#9%Y%TYWa@ezl5G@!{g zMksJ3O;MPpKi6567CgF{f;L%y$>MB?9-U8hKe&tB>#6XK^@$DRv}l*@h?o>nQz2u^FgnO7HZs7@hJRo2ZZTp~UHN1SUlEpmFh=WCg3FJ&=!Z7# zZ^;6{6b(iugv9>1FZ)5}#qM~)D`IRxTk`x&p!i3rk&9Jl!(*zIeRhVTL-~svWoMDN zXtG)?MX^%k6?m-S(ngOcq4>t4x*-wh!uyMKI`PUeU9kt1>y@ zYno_z(5bZTX0%kEp^M$=2G`+a&CpO5-Zj~@{?T_(BsXieDzn6_)kuSVGEA^PH2kfZVBuosk-=%AYy{rz?_*o`|e0i!`? z1V1$kd%Tz)c3omuuk6qf#wKaoZW`eQ(yC@jyn%&|DMk#VT(L}Lx`EQp&SYI*>l*`z z9|T_Z4}rgm3vh9``fAr3;WFy>uRA=5{omq_2=@+r%!1wb_l4&&I3?!IdC__g*IROk zD%?(No3P<4^m=$c2ag^kdDuvE%ranz;#kARWLMJq_7Mx=XB+h#8~BssncGV}Zo9t* znNOXMp5nE+e9Oe3-BCX}|{kHhVv2^Rt~qMDOx?L^8HfK&haZ+B5!B6?N5 zhQKxE-(nx?M@8k%w|);TNXS_KJvi(ML{{g%?*OV25mSOsX1)}wGUeL&D8EU*#Ju_9 zEZ(HE60rM4*FrPB<~9b1mNGjv)w4P6Y`e{{M<hBB&Jmp9Xk1C*->ciCM%RpuA8$I@$#{%=A+ zhZ5$7{w=)d1uAZ-YpiWIKgZkrMU^5FkvC=aPj*afY|-fb!kCD`9<5V}80PZ6=udx+ zd{&do+;g)HIyl?tp}4jQ^thw{wYc}Pe&yK;bWPu9B$%HIqG$L&%-KDwJ+$3p`#s$n zwz&i&JXm~bQ0y$IWicZneH%$2MN$qpJUkJTGlW_7K4YPLFFaL@aJV13PXRec9a%_C z`V{8I)nd1bCLP233{W*};*#tQ?F!+7=<;rpT&I2=Tqj_f4jKIjVv7mGU3(~ca6~o7 zgb$Xa7zkN}jCgXVD~1g1C`*Qx)>*35U3Hb*&^x>p5;9z{ipjfDfwF$i&5P2$2@&u_ zDq3eD3WbOYpr*-fc2RVoAo-&5anoJGY~WXMz0cY*8WZxdUK#$}o{K-P*J_ko&J@M(ffEFvMB@vmvt5tCa#Vqn)hG2rO9vK#Z;FY^mUno8g3!&CWU{+d9(z434G(T z0a# zb2i3Mm)De#P$L~O+k-KB?B8CfHqDwK@95(98(`)QR8<3o|CH)|(Z;RjoF!hAt#3*! zdpJ#nb_@txd6H-p?y`Hr@hkaq8b zkxub>^5gEe*;;N_V*3;RXoA~6wV@y8e6xzJjXsoqFz0q&1==00dz^|r@O#e&-&u%R zLL>S=oDi&liRIgGcA7Gvn|rlozF}+{wC$F5!jbI^qq;h(kt=0;jt%)loG*hJ=J50- zOVu*@{|}*8_|<{Y`&6ED@QWSO(4p42_@1ymr+%b+M+lPt`Eqo2zh5hAC;wt(a@NE9 z`xRa!lTD5?ptzXzn8xDtoA|0r(+}couwk@mGpjGDa^|1;v3cH8?LR$WlPL1q*qK% zNPdq)q9pM(WFHSA#)ofLfY7#Cc9e({eR@H#uBIDCoB+aEd}D;>66p8i3O(;73G~7V zdB9*k8}O|TS*0&_@p#wXy9s8&&6rOEhKV5iU<;C|oMQU{qeSh-b@xPPPuZ=jNBM>g zfBU;IIDg4l>Ln_7TL|XE-5)<6=GUtD5Jy{%=&`cKeEA-o^O_kCgDu!)`ICM8(mDCD$eXnwfc0DR%R%6UZiis1Vvm267vwuF6r67czIT|EA+Rrnvi;`Ne|3t%l`1Q7+{H zJ^H7)zCB6GS#YQte!E#F;oo~Ao34Sz+s!_8roWl;#$k`mIoCD@RrJUEKL8cB-#Jl* z=!a&P7tc3coyUEEpH%gC768OacqGSiptgW;Q zrdQ9z(Wi$eyvo`}yY;zx9_Cym+w#Qy4FG%Zjka@Im-d!Q$kf1Cm3K+Pl%xfW(JPuF&4NIom20ko{{%u4MkF-n||ieW`J1lb?&9PhMzpC3NuaKIPbR zG%2Ls$@1ujF`oz2<~fWnM?%%4>PD(_jh$m?1ZqbU+Xr3sY*^DS4(gA$DA~e)Hfu-@kXxgIgY3TQqw=#N}}R+gy?73wS91 zmwnr6_>>sZ7%slcOXzAK!l-3^L`ToEGR>!mMy|Tt<|4m@C_4YHFhkz-q6%b&)X+Zs zk80Sp7xc^9gN5ut@aX7y2j+SAi@wC}7-Z0Q%1+l&OT+MBmfJ>?98G9YV493SW{T1F zDmqSi(>n&!kEpz`=>F_R^ux-yrgAW2(fcY{TsaQu8gB~pd;LN9u-`R0_q@VPQ z6ow3188y|$YY}f(n*$B1!8|s*mtb&+c7jGzeRha8CaKwmni+wd`#!6dcm8+wn6pgP zzYGJtpeR{1msyU@Z=s&rv=Ud=w-55`3Y8E;rbf;==j&+M4eude4<`Xr4xe9zmp(rC zPh96`8Kd%HFxH8pIY~y_cA?Z^9RXkPrWacWSf}htzq$Du#dJxmPm!oPT#m7J?BS5;eWx#4d77mbRv!SP4*4>QRd+KT z`&pwHroD@}S*TS^!SB<1_5TKnyCM?G*^$@|V0r3`s0cyPvf`gGciSC^B~&x@nknL%d^z$toV zCr0w#wk9&IBb$nk4mFYj-u!}jz{Ma|lgvi#Qz+*rkmZ>C*1x=H-~h)hvldznZCOg` zNvjX;item9#5->4GHTkYc}P^ZwXWz!RGx$HXvjSu@E_{N-(@-tZ%~G4G@>(>9du7p zbDi&-HhiZqAyG+0a}xGwqQ_^-kS<6nm8G>+_?qZFGm6Z|`=NfHKYL7ZWb@M8X^1t4 zJ51}F=J)1L3kl!;rdPQolH!QWgUk9Aw4l+YQUyMDI-a+L9rpfz&-WfOcBAy*dXvw3;1At?cx~5TYvjAFgXJ zsOwp6daO&JG?8O>8V9eDWipgF`Zc2T{3&d!nx~5p1h#*WQi+d@YN+++Zdh#x=&usT zgtRr1m@X0-H3-A#M}8wxoazI5NHBCOvjVHYtHqJU{i{*94r}UM8(9wYO~gkcY;Zzw zaMEf2fo7z@!6elSJr}RF3NE5%*-e}36GeTpb34!Makt;5`-YEPcYfEKrVU*0Uu!~@ zulNXsy#l%<>Ol3^%D)@>lJ7o(EQHaQLlm(+4xdP>2WJ4cu6?u&v{0rFixT!{b8Z!# zjXGNCb>ces*p*H^%(Cm?tIz163wza-`J@Xcl=`P)i9%N+u&Y0_6TK;R=GK`5MG{3)&=X-LaR9Er z<+@M*0M^$0>YTy4Zc)#_`NN;YJ4&pMZV(UFuG1;#UL}Jr*@oIT`u1p zSNvK0{@vNCE+Wc(eCd>bXnyl|U#B_SE8XEmR0zR6JMLxnIQ`@INZoPgxb>+SR@t*Ene56^RG=2#%&JF4h~*Pfzn%n(B zLI;=3*3Y*-5j+Qe4hQ~Vn(|)xvqF=E*w;^|lyfy(^O3!oca>c|M?F}4cTCNN?5e|v ziaZ(=E)yd7qbAr2pn;`l^o?=Rfhb%A?u^;)l;vWKzAoF3+SVXT!Suo0JVojF%%4rR z=%MH-btQ?BvryR;eC_V#CL`U#3s71hRd%gpfN?XU zbJ#cnI?S;e1ReQKbvL3AFc3K| zT4=&_8b!m3YH}NgJcsH++5rWEQuxE1=vPFYE|iPo>Pk^*fyCQKghv0^kgeyCj69n- z0ZFW~?RY!Q8eU_e^kd@wE2cNjib`BH>%#@;rCgQilwtAaQ=@8I3mKv$(9bgyUkcz$ zh1Zb1)ZES+&E)s#jnhM>8GW&990dF>6Y86cdD!Iy`}*RGvMPBb<72>MBFnx@PCk2C z22IxJ!r2(5%HlCiIU8$bdwlj`M$c*hGzj*+1lpZI83Ko!MMAOUyb=St@%abJUA&+N z(^+MOyc0=~9^&%MmW~=~Euw}8p9zfGS_6zw^9pKwVWK#(z))NU9RG9mO@oHbxoL8y zL=O_%pn`Cib3p;>v61@L9wt+-ZLZll;9}rXuTJ8O2G6>IsZae3)Wi0AH=!gw>|r5} zYm1yZ?03v@(;X-tFkd(Qk&It5)iJ64$9;=w)82;a{I(d9ls5jTGBs_1Ny)?Fud6yv z9gXt^1C`%DoGY4*bNRZ_i51neq8jCHzy;POiey$6lGKzMS}0ijzGU4)iC4ix8Mi6M#%xv-TF=`g5gOPA2uHJ8)4MzCvV}6kitU$B z`EO3*|MN(uamPI$4~nws7#aI65{>MjdOe3d-}2@0tDGwykR=%%H9CD-U4ACU%! zbrNLg0yfMBD4fj_)f{&3dWuCeumX3MxtoDzIXV4!JGuFz77ftlqI`+N z!VOkM6{%+EhVx4n_&YSzmGx5Wai=4YMwrWcTT;qBl~m6cdUUH)5fufUJ)Q8U7DF`9 z^g&i*xCkneBdw9s>ptCj;MSS|C*Lc8=$3L`1wDfi9NN))9^u{LH88;Kf04u7Gkc$i zd?054%aFYK)qbOJLH@Occo3p9r35=k_jE{nSiEo|2?_+KW1DxbkfL-fGVQWwzqI%} zG(;zVe7}Oop>+D&uT&CL0CR5%vNIuxKi#CJ)j}s#`dY}=E zhO@-e!lMTz#XR{(7qPM**ZnQx$tkTyAz$ap=TMus$k~otdijI59H?_a(qsM)KCF z6ko~6EL@!7p=?L~E`z7`pUGbm{3YeVqCza@>~cxI`spG*yi}azD6#$S9}Gs-Qw7+A zeu+<#_<6e3pV5XiKl6|F!>YlVa{HbGZrY;a2aOuHoU~*B>*VVZNfQ_xN0&TP#$xTb zZ|OpJv4_?n2DUg+OHMZ0uIiL`|FGMnV(vsvBW9fTTk4**nzoXuPR|=yLj!=QQQBIN zp0FBYh+cRMS}%oQ`Vj$=LW>y|W9k660|(qwiYgoaSS4YiZYoi=4I?T}?5U+B^lLxO zQd}>vOa?_Hk?*ci^@00*bAM=v*y0fc-kkv3aHR=#|LM>x4a^npl^s>zI#2 z(tj5RWS~1RJ+nY{H_gg1UG7fAz{TVW2Ca^5?qe~?x&*I$Cm?2?;ucth!1)ZY6y>fk zjuVh2iqy``ZMOaFPhjThg*Tq6QGiEN%}Yqz`P5^E1|(j4f7uqB$UQVImh|V7f&*9D z1^QzKs6Ik8i0qL_tjg7C)c-DxuT4ZQraf9_pFCem;IX7r2reS{jb_kDYrt)u^;iFK z7IyO`NZZdKQahNiGzi-9`RTmT8pHN}2!m?20G~)VV|x*NIyLsAW>8akIP;6Lz{Jv0 zaS6Q5Sp!LqXT;%s!lQ?KdF6Q@>~(EYE}ENWf%!#v6t2^XWgZ#z(b2i$NJX7+q=>_b z)w@mac8vtf+Jn&o`B8E(1!PR=MaKld8`wBH4X(;Oi#$9qbi<&>e=su5*x|<5T4Z^& zso1QwEa~G68Y^t4@6UN$$Y@75etuMK2uF4jt0GT5BJ4^DX|rwT$0pnl3z-o9p+y)S zBW<((kHJHrqNTmub$X=8hHULFaYvqYH%+_6s933%Vp;NKwYaSa8shy$a1vXtOdCAn zDxEF9NxCq0Xg-%T%J^wbS6d>Inik>!VSsP*u?&A)@w6HF8SW_gIjW!D?F!<@n9|zp zD7d-yLW(t{1z#Y`a6Ggp;@F**vP5BJ$&f5Lu>b(Nq3`&nB7|=BR8d1vS%TX z)OruJ2$naA)D%d4`9fvHA_Q-J3wxS`&rNuk)T-q+ z36Z6Fzk*k=Lcjn>RoVX?^5TKkdQ1I6iyFw))I6vLq^pOm3EX%b3b|A|M$k z8gZ*R$a4eN=+~5?+e)B;8%I#pslE75De7CYmgtp4pz(3=|4&%VnOT@9=JmQJ^n2|7 za#*9*1L-H%?zq6qLfe80_|jypIimRU^EB%8VsD8OX5CMG0QiQINqvNDpNV)c}Lb4n5d#?zfZu!e%3zKwJ6ezK_=)$y| z1S3S{2LF)D<7vfBEq76o!K7MgQH~cTD0-Unian9SHjIp2$jjzdgZRh`oxVMap zb6K{B2@oLI;5Gv!Ap{8SZb5^)`{3>n+)2=o;O_438W`N&VQ_bsKWFc=@9*Ao_IvLA z_I{qHd!Fv8sjgnNYSn$0>$y0UYDkhp`6n1ZJeqdwX9s+?iCvpq8pp7BMbt4*&m~jS zOkpu;baax;2|Zm#YTPh>9B^HwGk>@ET~nM}yZd6Ax~c7tv$vCI*2VfAf)b3)r`E`1 zMf+w)#((b|%+g-3u@Qx_ z1u$i<{0yQuTFMq|s;h#V3jDg~#7ukk#WI2^NaTsI`E~|yLND4MUXm12p*quxC1Y1~ zI!Gq3wly76>9BngN=l+wcB+b7O>rFo zemO;<`fTXi!?~+1DTI3~DZPS5_(7V}V$cpWU!;nRSA$A`Ak;Dv%zQ$9E~eTuyE_3U zom2@EmVCDcu4F6(s(Bq~Pv37a1CqU442}444$M)<4P&v=%mC1pqsofJi?ChVa5qF4ta!sH{TTqS!-VsSyArY0# zYs$-Ohk_RX;Om6X$rdecVxQ{4yFKJL%aL(!Q=e}O1x9w_mAJ#WM&-1_2B@g^+!HG4 zZ={pjU#nHoVe+?5pydwr-7JitLm$tTDHE**6b*+bMo?ePL5-?!&1`tZSg{_kw9gB&9;S?f|MefQ`stqX51M5O_mVMsix(H$&UFaraq8*e-w~UY>@F2dE zb2&n)ZL7y0kx9ORls4F+JXvUl-8E41KQgjC^SZ}wug}k)+@TD*j$`<#&NXz zC3F~}zIQP2L?@e0t3T5!PZb1OAZ%#KKq9;kyCKm%O=ntzzCsq7*oBEn5W7*!uGy;F z7Q{|d0b^&F%e_mp3({*#XQ%Xn3i-zus@VJuTNv8c&07ukV}r#y+LywJK_%#U!O&^C z7n{0fUR@QM5!&RV>Q}j~5qMGQ-Py|`Z)llEFHT;3$hsDZ7s|fm$&XzKe5(cgp%zeUm_c$4<8k1J?q6w<3U#wNAeqaD& zSd~dxber-@gnFiAuh7jmL*47Pg%!iiv7KA;S%u9k5#0Ypx#8Bu=Dh>Fswu(Tf06W&dXEd(IeszO{tj7 zZ?*eonT-pZaATW!mvCQ1m3zDB6Q0l0f{cfj@Gd`^I(v)|4@o^40-*GC%SCK^-|oC? z#{+VEH(n8Xvy+7~JHe3Z6Cy*yA-d+S8`3?GgpVi19+c4cjaWY#cH8sln9EewR2<^| z%o7TbRo0pV7gFZdpRP&YjHjSfcqEr*F@3xr%_`Pj#K+q*T;Dl$JmA#k*?!5S5bD@R z{L_CwAxZUfFzEjdb`i$;OndWFYbeZrQ9`RYd7rxE3`;Nc#8s4qp|c}^o-9P?R4Q%w zqbSOTk-m)%pmDO{Jh!~IPOOv3MeVeykW(wG;RA5n-om!Q_`}&}&g#a5pIYj{p_9zh ztW5rN#E5QTh6D{HC={3M=}g=x_k29QE`Z8>;KchFVbe=}LlI(QiekgW9Fh^z;z21=og(Dtj9-JW)>r^LL_jE^HvYpBcRXAvK^2)G@SPMJ-Ourt6c^c6JHfDLAd6* z#^|Jm5ZD_}=j#>tAqZhPRGC;2N02ps5#iFQacn|6xPMUU!0q`%IPv!BRt{5Pj74z+ zk#u2yk*L)K#+`Jr9#r7VdmXS(;-S$t-C7p_ecd~Pr85W%Awy<U9{V^YCQ zK3w>7>(#f)9U*rk%;ow~f$vcXJJjwPWX2%)j)e#(_Uhj6SQ4I7;rVp^9pAe^s%5Fa zkFW63tABYXnR{HKkN#NjAKxM|zF?BjV2ou>`YgHRMf9V$toG!+bE^Y^_niw9x&wfN zZd8}*{dh;`vK5O;#gF1vPH-&e$C$?rpF1LtVM3T+-cJlqH}_<&>@k>!zxrJn)~5#u zD?^@-|b3T-O@1iY&U0agvnu~&S-Nk}4 zjwfbZ$mo6uo{u%o#;LWlOq^)wbAOBI1Z=dp)dF=n7?#(4lR9X|Fc|X+LDaz*DDrwr|kAilXwh0VU0>*Tk+dpTs7ii$CJV|e!%&Ga%*tooD8BKo4XlaKK| z_~?ggj0-X$!%_w0V-bU+Btf>ca0DOlhcp-&095^Wo3T2RTZN|Wl0Nds9xJy>$-W= z%!Akw%mj^@R260cL=U=NO-IUYSc|0&Rj?&@m0m{_rVW8D?{U6x97M9=Ojl>NdivC` z-=G&kET{wxJlHh%&*gu3;Iw(%Vko#B=>10hl%zBLno~%Oj6%aHv-zi;p3z8{ARy5l z;^iHCy?v*kHE3)VV@k-71&J0};8X=fYDs=&qb@|Y zHDA$hK3fxM_R=^H|N78dJWMUj#{8!L_8?wydN3L6@vQ@+-)WwEL0%!zAKEms_Bd&7 z=n|IZUG1hhDKnYXU^SYDEf5!l!=(Y%65Cpgs&GQEIgsdhcU827lO@vCsN(d>f|w=K zyWgZ3!;E5NZH4~0yD7O0XM3bRt0*mS%YC$yv!h)L{}BY>0s(~fyvE{>pWFz_NDML7 zaL)bl63lAipi=tGdySlJjP6~dVcn}!GW!)@)9#x>say{?{by4q0y^!^vl*Gun=v-5 z5D|%oDzd}+m^M-+dy>kCyH>8U*Gw^)!;F*KH;?}Tw7ux$1yV3jK?PLPx|0qLCL7~5 zcn?i8NA-ke7C*0wF)hYVkKlM)oENZurobXq;aRcL+PGcsxONofwI#Fp?dLEluOfjp zn1j@%XF^Rh-#BH~oEV(>%dFi(z3N-ScZ1%w?oyq|-O|P1jwgW`DZ3{g+fDZQ(MpQg z*!5#RnZlG|638;lYSB$w#!Z#DCA|Jng~=FHR3RZzk;=EpIhCu_GYaMm7Z>R*EpRp3 z{^ot;KvC*l0Mos%ND8pwL^5|3|EU27=4B}!L2n4+M|*oOoHgmVUXJ>FvqKU0m7%1$ z7)o~`FnD%e)9(sUv&`Cc#xRIK^W>|8$6y%1${K%s{B3X z7gYxHU`_bGAvH6?{OvebjDveWTfTQ_+ZX@5%H`U+>&%#$U3t8FGgYO2Zo;JY@y>t* zzpVX_Xb6v5>AMp$s72X7!0=(N-5p$eU z17c!n_t+C-k6%bN)ax>04#%qFicota?nwY>p1bO#6w@iDhVW(%+>kyRilVJ?gmA{M zEg&VXMSO*b?jTQt!4{Cen%K2{B3N>60L^Eia2JB-FAkz4Hj}k_d`Co!0(4V{cevZO z-=J>4;uyeFQX-1L>{L4f7kh`nEIIce5KI5ColiM6 z^ofqhh%>_2jjlAT=xc38pcTOYLA^a1d5G2sMg*JVIFa@cNS+^GtE$nJzT^NBu{+Nv z1jIpm{CJi35pjquziQ&fl8AYtBLpg*1{FV+Fud8Rnp+sUtTO30QLGY+KGidq2#Oul zTAgjZv#eA>xvz+DhoJ>i_nQ-Ts&%tAl&U|r=7}Fr9f#Z@6n8;iBL&6X7>Gvn+wE?~!jxyumKCY3YrR^KH!6f9s*zExJ94Rc zrE}ZdaBxDGcVIKA+j0xU-7$)cVqu7@J9%2_fvJxhM~Xr0Y|w z7&DCA*Pf)gHeSVEz$b_Bh*vLM(XjlLXQv(}zn;5Gw;mOKH+7$e9O*egct466i%yj1 zxQS>?LBjj2TmY}p@b-#W(RkQFup7q;Db_)3*;^lnGtQPxMdu ztp8=iOFPm&%KtxKv>HDApMqom`Pa(s@eTXWPyBPG{_PYBP=Of%(vKfS8Q2+pDtzf2 zjdx*bt*mx{gdI}15xc)5Uxi&%o3!-gRm5!%tWCHA#y|dPLI2+yapQqKx_7XnM9k}k z%I~>`LAR;265XVIx_N)P`q}0t6IXqkZe6!bTiAK!ZDZ~&tELNm@z)zh9tG+uN~X(TCO2c2Kc#46aG9*K%CO?Y2I;_(_B+XGxc= zZLh(TvQy8FFX(e!C3!yXm|F=-YZF(V6OC~cce2#^TWs3?vXQ0xX9v|ZY}il8H@mwD z9bGeouVkjnx7WYK2#|bAZ^Gx*zNDnvbW>jR-6A}i`#p|KXDxH$Q0GIo3F{Q&B*z(4 zzje-4b2-&ZZ!VxL2~fS*1;l(OU(_PT+%Sf-0UEtK7BPC!zX<`#%`-DQ#$@mf5^${U z?)t)Tld0{Q3eH8KqM@Z1HQ|1ZJC~mv4Xu4Tov}N)@=uH8{#?90RvPeTC{&^Gk@9E}JE@(Bg+-9-q=YP7q6#pwththZGw9j52m6 zlAG|G4}i{*8{x?f8(A`2;VaF z*{!ZZBWYJ$k!6Ek(Ww@1C@y_J>q!m9Z+pgE=8*RrU|u}Gcg9@4yEWh#w<|x!wgs8)?{@XhqYry|&Hljg#kFi}D|&MPnO|HE z3_4TL8kT|_0e)7rHDaSZb}=uHUE0T!(Q!)uX^^dYFHBzAwH*?_As|@=V<%9s)R=*t zEI_|ha_G?1Y_O+dVt2N+j9|N8Gh;Rck%D2Iy-wIx4M~MI^!J{tYQUUYr+`cKCwWqB z=#W)!@0Si=p*Xt>dvXOL_fd8?G+Z@z@fnzpxw+-cV3qVD3M{+;eQ+`$_Ld6GtY>U{ zrCYLTygX0;Zde|4$fk3JB#G2L-u+#TQ~)u+7ky|)Kv$QYD2clKI)!)Er4?s)iq~|! zJP~5ufbC+f9Vq6%J$B2Qcd~e%cUs0PLOFGlC?N*u$^B?sTP19&1)8Qm6)BG-J{XeL zV|UhhdeeM)O2~8Td|FQm+7IQf?KV(OzrSfUwG@$bII3@z12ITY25sq^Ln8y<=+8DL zgC4Z>Y~Xf2E&rlpvMK%;?AUyw@iD@1GON19=I2FLL@8ewt(870UI>IOSl=@q_<|wD zyy^ff$f*QQo||#leuO*DtIkZ(Y<$-ZU>M5qTd!dVcBQ zM*qsr8xJOF`IPskV9H-7$RBRD9qn!U`Nf1RzoLdp2(+&|-}*q$rv(ibijBGLL%10r zszZ?U!;OKI(5NIoDTC2ycW$=o7~jym9mK8Frs=A84R|wh$dT1u(BoZm%IIm)4CO?eI2hD+#HXhHWYn`nBGY7t7jb{f zH;yAsYA9G>%2F}>fu3tw^BmuD2&l)+;8-GJS=#u(U^k?{W(eGcH28lNh zrsglL_Uy?qFDucWQxE(2#URenIK{sSB32cp^gcjW2|~&E`4vFw%+U7w9fDd?;~;^4 zrLPAe1?hmHsYBDFy)-uEC(#$}xfHwf$`d6qf~PxoNlfe9P~Sov5O;KlwpbA(o@#z2 zn}1RyJKpVtonB%{8E>4gq{w;ibsMJM2GL)hOuU_zg#bv}NKDVNJ1Y9T2*INnK4H;ft8Sx6MvuMCxbr#qp_Ro>TKJi|7AdD#kbd?e% z^J@DYAmC<_Xbb;xV5S@VVV7=51H)E-3A|oSHS$t3U-+IekJ@}UECQn26SS&hEM97k za^1$_!O=rL_k~S<*a1B~#f9#PyO6tgej~(I!OJaI@xWyU>5QGKwd&K7Aj9uPHv6qu zk8}d#G#Iz;R69_Lj>X%%0Keb%jT7{gfywey>}ig9IpJP|?;$4XR@2kD%;7mOOC zjROy`h}AQQ*w25s(rx;Tas$0B>XiRPO%XsJ(NWjdh*f0iDkFgxLE7JuAcdf1%VS#G zQD1_GCg!plfsYcU%Ac|`hO`jC-R5UgVuBFpMd7x%V&y zzPNwHrV@F>9HWKJVc7VU<;*p&E~B{!o_ANbRh2-~CF%k0Dgk;%ep?Wf z3cenKVH*LU!@5bt$jqu|I3eOEIf}WS*J~D7b^{Xq>@?`zM71Wnu-?A|W;?R$aJ99i zPSet7^wxGG^KU45s@su!v~xHbpJ8iBdwX^>MWfALlMpI2tEhD-c|0-*hDY{!YXC%=;tRDnoZJ#99JR%29Xl_dBlHAkcj7 z#z_O{)L!u)ChD6c)!wlH_eINvL~HFef00hL^F?Nkg)vprzSa22=vywLq#tPsktpgh zy(MOXQ#)=`?cP_3vt2=F?yb3>;$85;sw&)t^P<$}JIuTtHm^v;?S-oCn9qJGp2Vf> za;T2?O8qXf@YWVWq49WJH3p++MYt(#o2-Lcu>B=KzOk%4pyF~C1>k0Z+0CjgG9Qn; z|G2eKK*<$2Jc~qWB-$>WeLSda>}~4K8^_o!{pTWz)8QPZ>=!klOy7tfTXfTEJAuC< zfyoEOdW^Hd%ZUoL8M;eB9j!W!)v}94Vb9l%uN>-c@4-gR*v(Srb~l%b96#p*){lxF zvFlCA*-DThOn~$@8nh8B{>Vs~?KKZ;w8|n4IlfweDfCzxGnaoF|104wN18TkDg9m& z_bAwsyOe(Ui-iz0AiP(=o4zoV5-vgAZ*tu&`h1jl zmO&Q0X%hP#lbF((j;(xzGlV#}>hv_w-Y`1yP@hYV(-IcjfjWSbpmVVju}`djY?e#? zOq?+86SIX{VD}nO^L<5oC1y^8GRLn4KqP~^6P{^=AxP^OO1**)`Ii!14|N{SsvS__|*8;T@uF1~vageC2M6#8X|mD_U1%7Jc5 z%ikO45e#EoWb9w`gs@uOuxm>-9m7FV`KpJZ3vG>P z*Yt+QLN~&(iO)we!*2PUDgkGS5q5{oB-&mj2 z9tv5>qkJlAGUICdD&{RqzegR9tGW>Jk*lJN#_SWW8`u08c=r{+1^@T#=$vlC_d~Oi zd`n{9(3&@^pl`H{5l9SHV)B9{%Y4cacyy28Eyp|Z(e87&Uj~@#mazU?5*s(&;My?L!Qh_2vlQ$j(d?l=zTS`m0v5cf ze*OVXsy8z}6)W$K66(fYF``AWyB@0wWVSsw10#=*BaGj6GWm1iek)JWW2?)%Jm?e@_h2nf?oPj93&OrCpE%By`(r92z3%^RSZjcRs>^Jum#0*u%P%J0+ z!XLV0K{~vM#k0+Lk;NzwH+pdFgCZ(683ZO&;L7ouk<2d_8PB}BuFfZvIP0wEgWvXS z?y#}>lMZw6yNhe*jKr0Z+@LeuSg_PNq0#JYAUcsk5P{R2(pbQjPOW>jmBZ$!%__@F zw#Y{IuTq`w@HC#QM@Rl@>?r;4>RlA?;ZY7ssJzb8xT^K^4Bl`{9H|kZX5>|&6>whe z>`eFG0yp-w)H}F%Y4`?-VCmkq&epcSdXmX4S3t(z-|rfq$0SKb!Pw55B-X<-@Ptz< zg`rW;=Brja&#(S~J<{fie5{=>B;6Fm?)B1g3;CF64`}cupSoDeX-q-MH+d2^dHcGj z6VDOtw#oVkDLhgjnwjjd!4ybzn&v#sFg>l1^kBj@X_1*qm6>G<52y{6*F>>*)^7ib zfIb=KDId!9WGsku&f?poPF5IlcG?l4V7#%Ezl3r;F=?)#>v%opLq9@?Xy$xKj*$7l8CM^uPj*3=>N zh4q{UBHGNCP;Gfz6t^a+BkcRHt<1q29(1I6UC@xo)orUUUS|PLDO8k-_gFsfbm|qW z;iB4jSq##Tstv&oHpJvljd!Fw5gavhW3JS90pCQNTR6_Q0?Pd1$O$EwPZlG+Bb(AD z^*DPjPVrAAMUisl6Z4x&h}@rVFt6l;(oZC?w|my+!nVGE)L<3=+1v64gfXfws6TRI zRPUgU5!)nxl*fVVz1U%Tg@D%egi&)?G`y~5ja|84ymm+$N%6cd_^?wdUVL6I?30D^ zlZ~c}dBn2aUd&;~IA?ABbwB2q-Ke)vEqc)CScPv<3LEMLx19FUH^0u)X>0107nR#* zx`U@Q*WaA+?P|L~E_Bpl+BGpVlFPOcN7H@S2>EYsYz68SspscIDpEii3oL`12s{+i z_)l9swuKg-J=IwwP7>KaDGKkR9OqB{y2})-LaSN~iXjVCq}K>KF0BoE6hObKiunDs zv7cX-%@OWeHZ_=;+~1}L+=!gbK`CDhP$x72K(h`sk}XouY9F-!25aF1z&k$Ow>@ts zR8}%2i&N#s+EGZASYZ&P_2N4uu2@;E5n~0RQRA+4~7K9Z&BfL%V&>Sd<~lLRH2+pa;iHkN1#-qW_;a0gal7$V_uUT1QizxTR4-~`dw zh&heGG~Sz;9v=vcc#%o9EUxVwzyl8jQC0Jx_9*GSxJ7qO3>=e@Y?8VG^Mvh*W1h8A zQ-DZxq0eF1VH$2@eSV`>&2G6-s67cB=5XRJgeq#Kxo~`azYNm3L{fdaE zp>WES8QER!@t7tNpnm(ljtM7FFbX(vDlHh3?)neV^X9{wi<++Z`SaJw9NK?7p#A`sbo!mD}%?>%h^{4OyW`boZ1wC8-~52xURHN&y) z%--9b$uVEw6uO|s1kUm{jGRS9%Ab4_#BPI$YV}cPzII2p$CQFc1rs-24IiBZx@NU^ z2#GpO^s#CKHM*KxNR(@qcFsPGlvteZ)OOc_X)2xnxf#c{g+62?3VI4wW zwipVGN`m7QZ7Z{}X&Y5+uTFj&M}2DSp-^u9_~%9XzlA+FmKb_|&+)<|@p2w`BF_p{it`5uq?SZC3n-}^_n18&N%kZIkn9Fu3{strBE z*QDO`zavW*LNgyRHZ4RNcqQuR({YREB`c2oA6+d-_vw{gGGm6}tUP%MP7#g!qZN0Fgl6bqB(o0Gff@Kt-7y^A z%@W!G@pHQBga$qHe8>T!)y_Oe2Rj!Lpg6Q=zS|eoi(moqwLQPENk0}B7Mqy<1T4j@ z_MDj6VnHLl<;P2r?7GeD)^vgK$zYProP!k1fmSKd;Yd9O{!LSS$9N}^@6!RkB%WX@ z@ktDGb>HB-_Xq=>ix_77--aVJKqjk#+K~2`MuHFr!Pm^f6ai#ZiPtl#k)gqKYp!1q ziCEc*&Tq6i{|-y$bB8a*6H9#$ZBMU45D_urNK*`asb@G%8#l+HgyqCky9$RO=kQg$tF^ct;oGlv&_j+xq~VG$(2m1XqQ|;N8t@%Jn-nl^3Je zplOdXRTzZBiUrhQ zM~o=oqDwK)-Js$;4kHUbAB1Qzqlf7mY<-(rfL+sXKWHy@i)P#D((i-y*sK*1cQl|b zlC)hv5ox~aFay!E`7XfPz~5Byje#l&&7?Nko~_xcaHy zNo^O!Q?XvHu;)^QxQd11N`AZ3wXO2b*bdVVr~5$#T{~+m;)0Xv` z>qaX4hX(YFTYDxQPkO>WD;lMe>;eLH$({~0H^WV)|K^hZjEa0^nO~*kJ#X)tgh+DX`F95IwYa|V)-`7^9)TB0uA^3Eb-Lz1#H7d^`3#;QXO}2 zCMZ#f%E2L2y?di}7)|zQch8FX;iF2b6kofvou!NLmpx~uw)&&IUFwT~BrAMLsYW)r z$trY=)qQ&nM@yYA_B^@`tSsm4yLD}uX>p@GSzA#;;&1>^hJlFvVb-_g`)?jjf5C&R!zUwjc3 zR4VH2$>4>YMgq`Ry8*+{L*BUZV=WSeJ%qLOZB%!l7zZJGS7jTH`&ke7;*{r@I&T5J z!g$hXjs;&Sy*+(Q0USnKn3K}^uudyt;)O9$yRv0=Q7YG;hbD{EWZ+RXESgm;ZC zy^dO9U77v0bg62M24r52p(x3hnv`*lcniAx-&2q$#z<8d6+1`!@lIVTG&G4`aAJ+3P5|^Wll;~9UHf{SX8#| zvM^Cz)(ne3LBD$Febf%np%QjtmL4p{{PqnQqT01_G8wjqAlh=B^zQ9A z{+9t>eQvqnWX0n()w1Lce%Yx^kAq+kt-g@~%z%#Q9D7ZMhuZ5{m(;s*+u#ya0ye~n zb{n;bjSX`xnY6-BuZ%*2f)cbxJLjd~c4+z`b1h=0McR%yI9L8(@brcZWdtsV&!nJ}0+CN2YA& zeoFFqY@t*A_xll&uPpnk!$Vi_km~9d=ive(L(pX{9 z5)8#RfZheF883xCxaf54^k>UTzGVqoC*4{n}qp_fd zlGlt?K+a-2@m0?tf2fg<42>ZZRbD}g@*%lcZ(gNy=hE=uN(~qSR1^NHhtcB6n@>&O zz1zioD(VJAj>lX*FpRvBbJe@Lp83T)+x{S|NJeS$5)!7(9Ep@0h z+=5Cc$!x(xFEu<4YL^$8bp@|)X%2X_^$qFyT|Uqu`{&VJJ}8dc=2jylcq*3JNr1ZB zF;L*o(_TtJqbUy*1~9G^qQ2bP^k)!}Z1JT7cQoh!}aAZ>I{92;$y`uRXI>9Qk4^d62U*88`eN7eNZ^?zu)nt7p>&X;Hy1w8^h{EoC zCaoK)F(?rQ<)s)megM_01)Sqf+NK6~H0KqNDC170^9otXjZRGDyfQlK@oyNHGka0R zB>EN**rB#ofRfcu(_Bf9A7_5Arm25dqy<1k(C+`IY~hS}d;c6JiYo1Iu*+|K$!1y$ zbPpob0=Lnr9MteurVf`1(GH9|G2Rg_EfX!XZ|qEZW2vcZ)hv_#5&=6iYA6VZYS(!Y zGJ!o_)hF&jL6ggMOeWd9MiHgwqnVA~D|+k-Aw*-toxL>30^d`yKzu(VQNC(H#4LpK z)nL^{IyzSc5IHn~`spRu%0^SBxs2Y03PYc;#cuAK-cbcO5hLtH*<}(m;1-*)NV^BW zpoelV{XTVSI|kuZ*kboOyA(IEcJ|Gyew^1VzvLZvcG8&*8Yz9K77D9-VG!;@Cj8X# zAM7DG6{PcS2<0f+FU?HwR%6vDxMUN5)IM`8b4Ld%lGFI`ipaxzO8i6Kxhvp07u>5M z=hdp#$bt-H<^TSqwqb(?M&>fF`c_$_fbZ|E8;22KG^kd=(s=5gu@5phbNajA5&?F; zpf65NUMFICd5q`5qP{n8m%5APty0`%hHoHH8BfLb^h_`;QenUc;n$dpx(Z$TsUWH7 zR;=y0qfc29t0ij~+(+YBTPHig^eV#QAyf(xr9x9JMu%$uq9S6RAvI5dBGMS;Ayezt zieY?_B=z9eWJ0PmkUcp`j+)KY#R>;ka-ezFkQ8K*lR#?Swj}q5>;%V;+CMlyPuTEE zcg82-ND%)>>+X@Znm4jb*dg$;%!#Vc4#5?^Z+I5rFgK6Ci&M~%SmpGV9Es4@9L5Os z$?fM>c!-}80SP)5`(alWl7pHl&{ylP-;X>o_Rs<5b0QepXQt?u;j=TxKlqm#_pRC${hRJ z7NA!UdUQl0`aF{2|Hk5r)In%*;S;qdBT$0Zz8t*Z=MSy;A(DLPL^L)#`>i+Uvy!-L>FkV(^{M+62BI`4{d&gQ_NjZ& zBydrw(B#Grw2R=5IaE0iTsueR(5PF`(r4zZKolYo8Tgv=hToxmDM@ zaeTKRoB-?PmxWbsHYBkKl=_Y!dg;V?pwRb8?nuOwUkCl0P7CU_wc59)N5>3awNNl= zYDd9=X!O`KQ;*>HUY2zeK2T2xHTBFWTWz3Iul>X0ck$ne%8DP~zkYs5hbPWDB(NBn z<-e?nalRu{jj)I6^|o6~I`f*rJ#TUnCoRfr>0%cv@qqYu zoq1&lx1^o{Z6>zQ?Vjz`!Rzq5JHBAow^~|@lO1r-`E;9C7VO>u)|xMpotK|~I04S+ zP1gOdhskoBHu#M9Lov$q79B>;>^x7q9;bS(N%|7%E4}p&;mJgwBM(V??j{03u^(vK zf30XlcB7+yqm<}aQ{257$eE_D%P~l6c#XJPTDIh$hdzW_+!pGB<73EAQxpf#QPS;`)R`ZVNH&R zum4bV!ZfH?n&`-0{cqgjO#qTNCUh@XzoIk)3~lc)w(FCnpYt+&#GyH49pJ+#a_i?@#a6 zXbyS}C)4iQ2s`);Fprk8LMf)lT!nbor)$xxFVVAPOSX%CPwt;3B9t@ay?ZHJ(Q$Pn zy*h9EG!v%Q@Jh3`w7ZM%L1*M`<2}NZ2zD6=Cy0%W)yP*69FOLb@wCD1x>sYFOqcrr zSH|D7mSIER(@(Jd)$S(Eb7+S|kN0(adpA4MwZ}Gz$BWcETQu2@>7lR?GiyrTZg`JF z)9Kc!-~Lv4(oCA*YcmH6}>_GN_DeI4_Gq=(-Vo-e5;OMGSa5Z;sEu==F z?*TNuVPgvVl|-m&WPZ+Gli5&$cnEI%{F>tQK#b6pKj({;Z5|93Xl8=5f(itva;;LA z1UACnG!z<@)(XaJOFghk|7Q!A{je0SlO=m37@{bl}`?}+*eLiupRU1TTL{0_l^ z9@_o99O0sgIL072p<5*>dIe}K|E?A&cKoe7Yk(M1=j#pph}y?=yWl-%$#vFU2Ulmfn<{Hq}+<&`&A^AR|z9Kf^UNE^p zLmeHp7>qmLAK)O6hjs24N7GkJT@BX*cK5bN=3q))+@AG6@9q%E9kqj;v%IS&wUdn^f|-=p_1} zdRZV1&~W_X=v1AR8WgEv3`3Bp*45cZG<+3nEAKrLKw3y%H$`@>@CiMow{vYBz2>N5 zokXrW$h{Fk|96}_1qxX`x7=B8hueluG+<=x*izVR+UQ`(9aKg#+|_VqU0twH1|kEg z*o5}16I_3_lS?LjH19$nV_ovFy?=~CVi+|r{D{V2p4B&X-#VT;_H3+{79O@9w7->J z|J^$5=C`-8+(6kMJgp}%e9)bqpjgANJd_8i>d{0ybkbCs-wEdZD~r{l>YWoK0L`QC z3NP|P`-{CACIbgB#3dw#$s?V??!(X$@Ek|NjGqb-6tcJ`G5M?~i%68@Hag9Sqz$Jy ztI6FyH3l2u{GvC-07d4R^;vYlKRH^KygAV#L>6Pl6SW>lv^q%{MJQduL%=~$sy?aN zEoRS!69S{{gGIq?Ge>8`)D|u#n!r8vy!;ddYkYiQJvS3{bol2zjA#75V`dx^7X%&D z)fDXT0!qV4V}}4KgIvH46vd5T+*;c7Y6UUI%DJsJ(!79o__c%&2w7I?H|W;@w8Ior z(rJIF30U#$`3FA(YdhcbiMR| zHTWy+YplkDg+X&Iy4Bfut7IZO{>`=TLtlnpnnQ>VpL!TFW#t;w9`~*M4S#o)Swz4> zP%gcHvY#lys@C*?IiR71EK{|lOCqRYS0#I0&7SXSdt_*l5zFj21UE^joU+q5%Cw5q zbBL8vmOD7^mlzYQQb6g&Sa605KHwyO$^5%`gj-KvC|?ZZoOl4PE% z`_{q)8%F;Q2WduQ&;Z?Gt}Y6(Ub>ZjM{RQpj; z)q*LKLoVL;Nl1gNEMMP@6k7f?Z2KEwbcb=Dcodzne~ol|VM-*CmDBb7o~VuQa7v>} z2CApg&BIxKVraA!4cZ#DP0Mvh06V^tGYdMQ>Of}EYC9R^zTN~>&GyI;^;89pYiCcY?xOhI+3jXp3c%PW}bcpL#+du#C@~wf%-9?Gv67Iy+Bn=Y|2qt&M&)cB`pO3WuCja<9$G79B`qZ-VBFt-KX~65cf?)re>%X(K z{&h%_Pc7Z+uw7m`{MUb_TmI)G|1$W-06QHjfXFq-HHuY|Nq;5&qv_uXHvhUF0oZxB z#>UYxyn^?HX#a)*zxuZ@35NLP3phqIp#n_kh8+Jo+uMIjZ(+dBUw}r<-o6miaQ@@l z{}XC*>hZ1BC=~y{PQJI^+c-}XK|}L@nA?}0=arSVHnHgoOYT2>cZ)y?}qG z2mX(}+Y%L^_}KfLpifI2UAv#&a@>=H>~%lTT0ynQzr^ z#LVR@)?TXE%P3oIO8RWKKQ31+HTt0Txvm;LN8Kqueu4K1GSaAm{(KrF31|HhUkC-bVjK=eQ%)zbHWV?6(5k?m+788YP^!H=(1lT1xtyOy>$GN`)F z5p@3UfnC;5Rolyfqn=l2V+gjr>2$1F%>U2(zFH+CurFD+oVjOWw*e(@%(t8g3NJ#8 zT{?ezbOv`2ZrsQ#Vw#Ub`m_sw^+A=)J4A6R>gq1n^#n0;Rr1a9i6C|5aBBC;lN(ar zJi=&U;@w^29YT3|l|O9?irYL7WD)J?UDVCxOqO2g=Yv})U-N|w*YKj@-6z_o`Yd)8 z@*uECF~x(Hv>yLe(xJ9#KBb783ZC;ZwZKz5Lt~!VNR54cUmg4YrZQeC(*I-ZEu-RW zqIA*V5TJ4Q5Q4ikZUGY9-QDTN-7RPc?iSpGyGw9)cX!v@bMBcnch>jabLMBSuGOo$ z-gKa^FP`~9AcUfzm7+gu)t>>gr0oUs@FEaZ5O zv+#Qffh<>+Co~;?=U^|?5Bg8lTq{If5MluPt}PlG%zqLC78ktB;QQDosvPgXI(Y%r z23kIi%wfXw=CS(~3Xw(js+t*(G_T*@iiTNm zXFw~&&Ztjmw>E?xFcA98B-iUPc7685t6+rs^wcuBpyKa+PTV=UqNd^!)$#4(52r>A zKdE-x{^V*@v74_ap-Xy6`jtFn0}MFw#13PNQ%#NqkvOjY|aB`vw72;Nb%7B+GN9eVU% zrNo$*3Yv5i0P2$F`uw%DDAwJp8&*Sgh{R|w64IJfO3Wsk3w_Y($)RU?bQTzP`ncit zpXo}^(S>jpo?pH@(Dd!P8zd?JTXHfjFHFt$`67jaaBx_wZdOTr&jk>sRYyt$&A4%F z0)=3PB=gF;>3c4+S#7ivUzcka?l~LqQA^DG;NV2U(g$fwe{0x*P2XvFd6KtGsiR%a z83heBr!bF1mhrTxuq&@({)5(DbfYt*?>6zj@cwOomBit3=PqP4qC@A!jiik}Y(Zyi zo*SVyu#(R0Rn^o4#RbB7p=iY_&PNrH?oxSNfy;^CwtEIM4f2LR@CH`hNF!abhGeL&6b@zh6Qg z^45I$01W*rk5F^x{3s!l4nzXpzCs<4m`?WiUhX`Zsu%(A>G195v|6x@AX_Q2WF%#rDr$OAQqU5j*+u79FC(y$a$Ts*Y1Mb>t-?zKmkD}8 z`pzODaXVJ zKT+I+ymuOE4KN2H(MAqEQq)rn6iC??pfL8n9JKOf*jY1l(AS7Mjwn7_g=Nz6k190= zSqI>Cx1MhHza~>Y(tBIVlLF*iKn^*S+0|GXsJh!r6)VB9DV$#2TabG;xRGiNjdd*= zWWHP(iC}FFE@2A)QI_^7H5D&ga@c^`HXQE-0t%+d!sXvYR|Aj8!9UNoojGa+3*;AK! zh`(N!2H%PDd`xX7kOsa^4t={=X=VGpr%KULKtfV-m;tY>*EdM`AKl=LXqajFPH;Bc z#&DB7`dPEDKzsZFz;~L7BPrq2tr06zl*3?=8F&wh5kFOvVyFPalZ{ZZxYd1K27;-b zCUV8i!$H-UpU2Oj+445OR9;w+h6zSmVQ`vMjSY=2GfHpO>91ztB^^u1DJpmEzhqg5 zKO#))rl28iu+@!vPI@rRLDpqGP5AbmS=h=2Zt9xur=ntLF4Glvb?7UIKv)Kp^M zF68VuhBwePx=E)Fxf*YLgyNHTWms#)lxAF>)KChkC9cpMYSmSVy0S~XwLRTDJchNG z6tghhAuseqEQg`A^gSvAvg0wV*FxV{07L^;S$L79!3=HKmQ9q_zIx)wbkDMz2fK*A z%*ObrPB}E?CG@>Oh zfje1X^m-9}en^A%pMWbZofvBtU%?WBOr{AGJV_~-&TR(`wPIme>|P8!9j^71%vm9h zyQB}SEL{F`!pyu@U(VF~-#x{b$)9K_EaY1})irsesgt%vEki@FdZ9COL^L|wF-SFQ zK1Ap^=UA0XCUnQi{2I6uTOrFBE*JNhb(0^|&@ZdC5V8IK*w|ilG8^C@wc6O;xWXDX zhU9aWENdN$Z32_Dre$KrvXSd|oc;%X-Z@(=CfY-u`2j(r=eK|KRjP!EwT`f<1vIs< zugy|DW=w^H|EVwn-Stpxx>{s>x0PAaAJjxO&~0rfA4T%ab!G{{&Lp=iA!3qJ=f9m1!#8Sf%jAY9zMH_yIwrlG9fn;ZCcKkU7v{mPjd~|<8iEFf& zIO=AX$5bq{du1pl*glb@GhiFVvU)q3nOVSfR&EkiI3V@%b1z3-f8r18RuI-4UE)NpwZe3*5h*Eqh(DfmpX&y?O@^L(YCfOIpZpUuV@ z5S&Dx7&1UEch5HVTTxIXPnYiPS9Apv3hM2{vQyXr&8~n%c63yz;1G%P?Nl}guq0FYz&i93alYgW>4y1AN0xN*)h3n4Av!`*trb{187U{gqm7oO2+>ep7cnEgR7J>38?1nHmCB{7^rdNKHf z$;<-pOnOTRAp*(=gT=K6`CJ#B+`dj|^?gm`pdw7vMf1yj^>G7vALf#lD8u8k(0sJA zu6x{;Y4AkYNZ|fOw>@AhuwwK3BGxom_3(hwVNq(uXC0RxgDvdERloE69^1fkOm({> zN0Z~s%Z;_&OP>72gKttHK7w+9Y3s(FZ~>XmEZ#%O$F+5)`Rnku)lKU`~A8mvXJ30kUtRRk2(iOx{5aLcD=w zWC{)o5&-cjW(P}#Ob;Uh+&JT*AHxf;ieKb(D#U3A0;fVe?W8*kG|=3N@$X`9S?6Bq z;4D>jgx+A=iH)I4>)~fuhP&w2)Z3_+-=0FcwvX98iTQjwmA~7y#>M3;f^pqH0tS6ajjElJ}JFWsdCEE$v1p zv4Nw0)6L2ntH6!NH7~8aK4-6^AsQ7<83JFt>g#o0FcN|8pAgGFBOEINEG6%^d3cQh zW^$_`u|+z3z4qE6j70de$CeU3ql1$xT7lAq|SOM+oXY z2(IxoQ`N1vl5B|mbssGP#QVOd#xZI1!7sC&)JesuoerQe1Qp#RjFaKh!Krt%`lVbR^s2ZJz400WOKvao$G=%@$pV(+_Ij;i7n3;)OQ7h6Cyj9A4O z(sI>nHR!YZJ^A~Md+S4<_rff981C5akV<8_Ei8#Qwbyl0%*NO^z6JIC&EC-E%bha` zr@Qf!3zB2i1aH{0R&Uz3V?i>vL)@)#eGei&2g0Al)jpMOH)(D^9r%aKlFPx5EbTAz zGAdk7#vp}FUeAdh4gG_u6uwU8$YbO_P=|+?e%V8ZjEPzd8Cmnw)5PqSfMT;^Q~!cP zfzI;ODpAfdY4>}1b%^9EL96&c7x#KwvqQ;(I#;`3n0^O7n#y^nBVIGOJ=~UzaIuGG z?DK08&cjgokB7e>rQamDd~PRPPUv=c1^O=37u`FZA0=Af70|s@corO6Go7m$E~Cx| z!nQY_3Xz)v{&A1qP?i?fj;RWX&sP#6J{z>p_$;_9k4iKRK73 z<;T&%=$2n!``A(1ab?JuEE07zE+9>sGc(Ix3G zs>$%WJU=Jr zNS9|Y;3q;5s{ComGg7l$2-Ll-VBuX~K-~Lcaz++3;B)h#-FX1I>>}T+=BZug5$wOe zW$N|-MOZi26x|YC9zg;fAh1!)hq78QyfDz6`pnG5uDnw+E&Le3yQL4ty}6(M!MMO~An8VV(NRAOCMy=>T z*!>83twv(}hPV*l{23&Md12HN?KG+w0Q9;f=qw$>BhNNe+r?P~k^&sHXcj=!cw|&G zS^_kkN(&$wk;)Nx3SumKy8e8hdB8tV454vQqZihYn ze~<-6ep}e=)D4{6_HdTrfN;lOu8d!t?J54y(Y}g>KFKscrgB@FWQXFgLV*kncQUuw zOsLI`&;&5cZBnnWhKPmA%>AJFm>(98dWICzG)ekF4u8}t7aave^Ip;M&fr=ynP!Oj z{l#QQ$Q!r(=CQvn&bEpK3+_xgk6u1VRYd*9#ua50`%Sn)^ou-VzfX9Ix;wJoGn;4NQ3= z*9r)A9)Ni6UOAaO724Yc`-mx zwoG>8)CR`9M-Rodjw0|1rfo>N>58>J7&YQ+Wmv7*4ezc~hzD);SCZXmCXP`oacf2@ z#ERHJ+`I|TmSx5Cgc!%-JO-T1BYB*o&|3owQ`qe{GZSLqk5zN}pVM=dd%Ws^j5(JJ zhg!k`!;t0#mK^XBJIjZ(m#9g_pOMP$vV&!51@(ai^&N2pBeI$cQ^N#yVjLechI@0i zHGv|lN22`UnhcZwoIU7WN$yQ6GD#+OEFdlGkjyv{`ZHb!*b$_LBO z+hcrjAkS6=(NUn!FfzfWFNWv%?zPrqW4dmXmZ_gcv4V4MGDe9mrFbqU4=}BJWCBG^ z&dw<$p7P%73&08lGTxMTB_b@+(tzbJzmy`f=nl-N!TZI<)CWWK>P{wG)RF!p1`VVW z6CL_Tk8tY57URI=qi4C>@DOAO=5keb(XaPVj?wT@7`zgg*u#1+gqlsz7@EtIzXJ37F^@4=V#B!g_$3? zgfBROJe|2Ca$_3Re`8FYJrx9GqhN4u3~a0-60{SIa<0*N9cW7(`AI@8E=bb?AqJNi zgdON;6{wImPJ4lX-O8s5<}`{E=uiMpf`xK|rC7RvS9Q_3R0r{%>c`w8*#*8#fxT2F z1NT@d8!IR_Z~`Ugp2?>g38-if-8Q!|XT~NCS+wuzybaI0IBi*L`Z%7pI4E4kCebUu zNx%h(ZzZbwhp`rm4gKY)Fi#k?Rs3^bK^pFuo#dG)@r8{B5c54W5YOl^UjMr!I`7a0 zL=AGM_U6yd%|p*f9}zfW>%t%xMrN3KvrWJfsM2pbx~MFG8{e$VqqJ>MUy;;-{Ew!D zU>vMdqQ|4qwETcb^%n4eOrLnsB0CBrObef@-ajjJ`ynQc@r5B|VvYSq4d#X;|?Lwz?c|$cMgxj^qhkK`HboWm=Q%u+s9z@ z4Q8wgY9*t1@x%&VIRi??1Un}H9({MUEk-=1&iQteKvclOk^Z5nn*4WNu6QLHqcYY3 zoij$fO(1g$&5adPC8Mj zmaTCk??Uvpf{a*?iVOTMQ{^If!xUNC>PovIY4hO+mYeZ2&j~QzpOPn1>C{D{v4e*= z!)bDTCFDq%!+-_f1rZl93effItNsH4O7_c*h*$iiU)kQ@$&?xaZ}`1_mIF%(Zx?{z zLRtWtocYEMl5eq(~5uj;T2Hnm*Qw1eP*-9M(k+v`HfrPFlgPjS^z zUYL;{eH!R@K}2;B`|3wOuOkWT)}o+g%Q`2%*xg=;k|d|o>*z_RAXeCwT&yY0iNZJ* z*mRicL+{+Ga_Ji;{{SLL-zK7 z8$-}o?A$hul$aEWIs;QR;3p@jsaYv0r_|;a^6>s+J}$=YxZ(0i<>eoS;=F%<#$J;| zeJhMNV60oj-hX!rtz8uh;uEH6!x99drPqxiD2~4)!>+0@KT%o2>d>#R&TZOCM2mg45;J*itD@_#w%=Blf zQI*TB!h4nyqmv%K$vf*mU1MR8hU6pnR8#l?j-<^m&)Rj;2d%Rl$@{}7`#+3zb!lLp z1_Oz3nh9Vpma3(&>+fS6hf48lF@|i~%B@9XO;lp8TL4?P(zk<0b$&IWK!Dv|4a59D zmEODv5iQa#qSP7HImE3Qptr#TlxW*^5R?1I>j=q5JU>h^jr|AP;s%BN<=**Ti*xZpvuDyw@#UhAFsi`x#&z1Y@VW*qQl6Yy}N7W|U zhv!T-6G(+TmhP?{d4BtN-5bUCEsN3ZC&mS`S30EQ4s9)#K}2`WLG+!S}@w`VOev8$gQv6vmo;vxoD`1X+Qsg^44k4k|gcxnKHIG%?A%ojH zO$1Njwu&r!9-rh02jzASw50x8D6*;(gN#++FX!wYu0^BMX2eF;A)LO*#ue9~c_Vma zu`oW#atV?V!1wXtF1||r&bK8%yxi;rEl}aq7!v`@SQZffv+7S^MkrrySxB~WQo#M4 z`9>5ns`{toI(%v^Hww7t`@+p{SiAgXpQ;$TF}o_bm4Z&R28UgPI`Ja>)Eot`9H*+2 z##;Y`dzcW*bsdJoo2hw2hXU|e2fp#Y)IDFsOgcX&=zGI;czuSREFc-=Pl;-9!O2OK zO`(%#xE>U2{bMYoXI8IFLO<~^Fdg<*{(L#2ynL~vW&d@dE_drekH3K)=KOa|(m+#t z3;PDYJrV*DBW`-(4VmeFNC?mSF+tZ-KbADNeXqKme%Ld#=5X-s55cwAZkcL{T6{v` z_3%Y2r%xllM+(Xy9vR$8jL0HIX>cLo^gl-fx&{_3Mq4I~(SsY>;375Xa|`v!%U(QXi^2zV^hsQvQxF;j83cvok zkz~`@T3lZf{dWGPtZ~6QC^Y6;KRYm>z9TCNSqgrae`9(TN&ri}Ec~iF_k;9}vupN+ z4%5e$3NxZ2cIKwD6b}jG?>ZmmJY4d=q;XOMX0qLyQF`2KMdbbsOEnG;Ws9|B2%$9P zF21`1Yn|&hvCfcOrOn_uxbkv~h}~POFZcFh16m2hWs9s%f+?cV0C#go&G5#OuEva0 zYrX{f&)ae@hW4av*3CHs46u?2`YZ3V%a`-(f|0(y_MGiFrl?}##1C=2G7Nsf+83t@ zXBuVdk?e)c8;9OAFInV{EUp05I3P{`6OoV8d@c<=fshX?+N_Dst-@0-25LEsRQ7vN z53yNUf}yo@k2d>e0DGMX&n!S~Z-x%7z~HA3{nV6HY)XFeTE%AL7l2=R1gDo*hJife z)!xddcoueJ2Qb(SkAs^cc(y&X$lTW07>b=e&f4O)7X+r_e@vk;7WU}-e&%lTx~G46 zK<^&^oJNcL=HX*`wqECS+uv_Xf3aQ3IH2V->d{>3a>J6_0aJ&1)Z7|}mjC7F<%+NC zo4HGNc{u{=su{}#YF|TEGxEA2V{TvKYmt<6e@({|cczd=Br>WuC4sIZ4+;am!cV`1 zt}ho=C1Qq(Z~!vPl*_aNK_3Vj7*=1iYXq5l2pXd8PGbjcz3}vhX`GV&VnNN5L){nggGUbH9IMXse2BzA()4Q;B6V zHTa}n(e=@Hh*5)}=NE4)7)i0w`8I$)%l74cS#7|;Hj-O3BhqkTKH#aF!7F|`YK%U0 zoI!X&dUbP7Z6;owoT?6Al6hvsArGVOqMSzeYnzWmPK#S}_jo%p-0Y0=Svr>;2=?!P z5IHgLqW#@oT869p+fdy@$Zh}uSX9MRX>=)78V{8Y)RWq3J1N};Nuz=cgfq(9-Jr5X8 z1c11S8`=#6TW3*7jkdPw9x^uCB*SRVg<_h%T{idv&Z)K=_9==_)C}ki%-{f9X;J{m z?;TYSEW*8#L$uyisV9fD~7t zNTwwy#^v|cHzw2(HHJ^)xmW#((TIPh0xm(^N<-$QDje#?pNyq&c#LlAh28K`a>~uZ zuG1;)n(SF4Wca$uC=rsPGrBs~W&7V+B~+Xj$i1r3L^Z4jK!B@IH9+*Yr9TAA-6Mud zU1eq4mTuHFw!d0qAiTitq>63_X5)o4KyFJLK>Y7tx8qKX*0)Lb)|&lKchv>54yWkE zD=Bbh)-d!Lh6k=H8(z-u4?b%5;`GnC20Hqm3%Ro;$Gvp)ckt@7^Q{dWPD$s~k9J=3 zb%#17PlnMRc^v9LP}RY(xZL{1We}`r_G(F%BEYrw+eqi-6mvowC2n_|NA`-!+t!-Y zNQ|{eURt^Er8Y9f{FOUoy&iY$gZFZd5(VdD?{dhI{^#5IwS|+;7>p^xPF039KUxuiI&tWF=|+q$e&9vpLWu zT7Q4OqOwoo!}V?w{M;dc@yoGwwSt|jCBc}k)WCow^G1(1^~F^*rQ5X=!Jp=l4Z`l@ zO1+?{F5HW{R`<{GTa9uvDSFLxgbi>I?LN+5 z0&w$bMn)nb>X6>PqfVUj8=x|Sn*$gkJcH{Y$Y!Gmcqa`*M=;iq$>+(DH*U)zRc+)U z_28QrGRmoK@Xif|I$s|2*N&AKoAxp#Ub+L*KO@(9T#7`e(YM+leC@tq}0;n~vO z0=>uSYb|TKH)sOI4$4QP{tNMO4`a^i&*)dl@$INU0${I9<;P5R1Eb!@pKu8X@GJ|n zfw)qOvJF^@5Cg>iK4hXT+f4&eq^4T7-{zc=*cDlzqWI&9!@QT8h8)7CB&Mx|7$$>( zE)_2)Clj)p$w`wlm@xzHi~*e0@ZaeIxiDpo`}kSKg=Y~J&9qNj-H@D?u(KII&pT)F zbNQPbhic*$zOU=Lh40zkc}K@Nrk;-w)?!DoyKss-usV;Ks}e~fnJPoN=@IBqffB3}x({i6w)d!w{R>jg zU!E4qR;-=zh-K>JOW5=aM251^UbsA#e_=K{rYAo&2Fr)|-&I?HS7FeT=o$u^k#m0KV!%!>`4dBzB`;Dw+GRs>)Sz>k5CRX%X!%{}6a_ zr%60mCh-@g!?m2)tP>P>X4gDiKlyVexcN)|o4@Qtcy4ZKL>ugEF}GGwSVxAbK*Gf>u-d<~37x{@lvRbK zg8o@u3GK?)4tOasp6@J91AYT4*abnm;w+3 z!`5Tqn$WL6Wi0Hp8-|k&^xm>oe0tzPLtZQ(P!B?E3%~1lLUNUCo(i|1WimpiW;1EL0E~{ivu`kUKiiu>B!vwl2H0fov6r2Y7iW zy>Qh_X7;l37PATvQ19|CM-U!H?ccbL8+~^AWW3_}yd{QKe09gL zp+yY@VdEc%CI->>3gB5-HwgJ+c&r6G*gG7LHDL0g7O93x*hUb2D;V?I9rE!nh7j!+ zl*18k;Ra=8`|X*bYzgVi1x{rL`5Le)_3Xr$qDJe>axk$E`f~f{g$U@xk3vII6_msf zY{`i7k3^lBqOLnUNIJYiox`mp%I+w|J?l0GcqKAj_E^r(L|nzNJ~p1o?*bJp56Q^~ zNrrI|y6m#aP^pzb6@TP(?=6nRf+>!qXpgA{pmbapT&L4D*Jk|hSna!CcmvGk*YO-% z;@K+qDGM9XWXtKCLxQGu{)XZ@-Jou?IH8g*rH55Y9Ol&I6Suryaq01Bg*leTbr>2N z1KvT*K=y=QKR^Me>*|mFOwW%k9D*&ro@j3%Ul!u;l4xfdw-Xr;RPXJt4f@?e4T}_= zXK^m&<58*UkTm5VN8~kS=YpjcN39@^TGV5mS87dY5xtJedN_a=AVXtrU_5Hnoz*$n zYgCsJSNg2?&U~!EM{R|wCQ*(5#|O!ZIji?Q6UNFsHt|g!-1tUB>KojhYNkU|w1uDl zHP-g?mY6NZF3-LGWZve$a;A6ys^y@8;nve1r<2B+ZvvL1-@L@%1{2?>VMfiAiB~zy z6uDbP(iE#R!=k_GmHO&BhCJFXq z(d@YBmsG;^a+4H4@OS0##B`Ee8ukMN+YhFzqhqu=(}t-5?DbuUSB?Xi=cFho*wy3? zj6*{O%qjw%Wc1%?Md9|fy93e+k-Z)xlxY{-C&7k>Ugg&p5A8*jWU1!*G~(xh=zHdf ze5G^P z*xD`|n1o+OLZKYb?mG8EE+yfU0c}aric3?$@I>4X{fvF`XVLvy`UTTOQ5+HZu#eS2 zdGaiC_PRly^PvI@tk!)?v>Sl;WDE?45LNf&^`|?%%fg5tOp>>c~Z=I_9_&9 zlc$lmUxU)h!gse6E~doG6B$CK-S&gyDc4{ow}i`loRlg9)C8;^;1l>F=vr9X_lo2G zJRzD0b(|5kX|knlZ|+9QMbW70)=Ti? zaFrOW2jcK|kj#Pv+h`c;$N>o{&hbH`& zj0h>{%wFvD@fxVI81j)S&oI?ESrbV>ylJpJk3w%9$0t_t;fhNhHmc6Q1r}zkIKbhLUHUE1XoqU zw{kI0%1Pg4t?{VKS{G=PnHqh zw_DyYw;HMYxmX^Y2*sGJwM@<;hyezac`GD^?xZ`UGtN)YC;R7qq7W{Hfu?mwCp(V7 z_vH?{!oocX{SA_ITRIR6^|)-)<*mAK@h5x7-7x}4X2{LB07Tr+)gqe`=gRP^KEYPM zcs5>n4^ezowj*a<2q~C^x~W4G8(1J7%bUOFB zP{n3?=buN}+Uh3Yi{|4Mi%u3f`<(-jd@+0fHK$q6@2dG22Q&CL)sF>CGiYl*ght-w zp7r7H-pohOKW@a8jIhp#-{|&g)x>LT0?stJlH?|jg%D#G&=iJ z*kHdyMP8^hHc_z6peaIC96`5=2}C;0u!rUccJ~L9u^(_b=Tw@bA0^A#_FHQGe^IpW z<7=9oe^vEtUo>4aoLw7E%xb`{czE)gF;X8lr*k8LJi`_pFOh%|@$gat8r7`^I_;oz`x7i=0 z$dd3_HwKJCs|V7)j-I{2o4LHj1?Vw3uBsYWzZR@CkEtGe3p+S@?j>{>_)Uu1*kpr| z41x$?k5_z>%C?dr{kRw!Bkx`E_u^0T>d5%Y&E3iGv*}sa_r??CpI~dugN#;1sf$n| z4a%0IpQijBClpNtES6+5JT7ikzyKGJV^vUT9jgpV8Rs#^h`LM|SwSDH!JQ1BQ|74T zcerPE9V&#^DX-t@?PY!bn@m?Hxv~gV^MQpVM2^b}+spl!fHMIX0%7e4#NLtOHw}(e zfb0OfqK2A~4VFR^0fgBH%0OIzH&BuxSL<);R8l81Q#&0LitX8OpxPa)7+1KH<&#vG zNg-Kju)jN1hayeJ#0e00>|y;oj`GEcgKWtGpG>F71ig7*ZsgghFq0FyjRtPt29-z| ztC1y5Pu&#FS0A3n-8T(g0`>WCT$MopqYdA1tOG4l)`@Z8+DCW`PS3=}pFBYbZWO#D zSaG>-zN+aXx2;)eTAi7x52=rfHJ<2!I0;g4$qpTr<_h!cIQ0OR3&$$I&_D{9>p9T1 zgNQ*g+16HfwUG#RuIk7{hZi6epx?B)qON6u^W#%8pYh*6mKuYPT51p>t~{}a zNWjxoeJl(@s#tBE==>V0T>6-uds$gWi%_;cH^YTk3iQaXu*}?eT05v zj^_g0(C-4z1$SC9Q6Kxdn+##*wlW-5X{=5vQWfY`v%R9jQ;EYCzMWYI-aY@=VWDS2 ziNFi$Ua!JTp~kFw{YL0wd3aJ>PP`#RfqB2m4-?_dU|=~D@MlX3JL#IB%l|pS7tQz7 zxP_?859%)UN=qd^ft)Ar!;izB4kjE$rJ)5VX|u))n+ULtF@L>{Im~_;=I`oXyArW{ zt%B-l#Q#)DyEvuDzP6muatl742SK;@tN}>4# znR93K(-(S7Q74eC-)(BN(!dMp-~|XvvnQt<^eDu5bO;EI;>@IzgSqa0VtIk&MDW&4A~AIc~)q19%V8Qd1Sad;3Ltr(Ha+QhlR6 z9{Y2=d-1TIWVp&O4hAZ8JW=hC=WwJu%eQ*%)-kw1YsIS+G97W2PFJfs`k2V-gG+FcJnMDIm{MW!|_6P1f z@;4Sz&#NK{{buzTEu^0xq8rcuwp?ad)>nNK3Pj6V^xJn__*qR&spKA$Q;lW!e#y%K za1n0Iqb(ajG3<9fB#~l2apCn^IzIZ@?#iyWoD~v-NyG_---&Sl;v_gXa@X~h9xM6I zJ6bk|0AyuXB5o;*bj16zQI@ObvNyp)vz}*f5|-k+8nA5a&6)z>vL4HM*Ko>oc9}p@ z3oK|JcH2~Msba5=q?=J6=sFPP=X$@N_9vD(F*qWK>UeQu`_jZtne=q{u^-!9B2ddrId0Jc3*c=4JMhX2EQoubUn;)sY zE%|(I@4mNs{r>$9+^iuOjOs))YoZM5QrsmiElq)iY0NlH^=>Js|KJIsp^u{#7-eDp zm?M#;US2Me(Wn1ezcQMvwwH zZHCevjmY*vP|R5~9(NO4=mV7p9YQg!xG7%x_8uWx%00Nz>#wdXZZB0l3Zhi8Sb^c;R*KvC9C)S)o2)OQvUj_VB!zIfaY}(c!GqoW zdePw1GqH)mwDNM5p(kCmF7)DPZL+)-`{<{AQTP#@iD?&qIjx`BC2^W3hN(d?PPOu-ma^>Sw%a_!nL}_{fjE zX4AjGJ2mnb`-Pc(y65bCt<)BvQ@MT=iI9<6likoa`~Y}L@ACsm>8bQggwsYtK0F59@4!c+R2kqrHdR>%G3~+e<7K*(kd;yeO)zuWzKS zSC_QERV-VgG$3g1pc({0v#Mk9R<{DgVs(YIBZJ$XxB0c6EWL%2l%7uGNu+t5(At^L zUQc_5Hnh23v%qo3+J<8e^=w*OGSbIoT>fiK%q?UhTAUmKLU+NGZ@i!n;{vxxTxQY} z1{?*D91B#AM03AVI|EUfQw(L|JsFPqvY`RR-dK5y7j@_+1*gq3M9)_J_{ym9J{)sF z0*@NsWYHk2UQ*(u5KUrl-`AnH5Qw%Np)lf53@D$2Dz_b_q5Ix97PB_M{MP0xJYgWC zOt78i#6;3t(7?6%gFBi$r}kqx%1752vs$j5oCE%hoY)K?g`vY8I-mK9_IBP!2@?RXF4%WgN5eRb z{|DE&^iU;QFD9fPI-SoEbDaP3quQGnUVbP%JZgWK=Gs3cQ6a!z0~KiAG?@94@f$T_ zg^Iz>1z4AOFxd25U^V0;w(3l7wo6cdU?5DI39sSGR-pHqhp!_B%8F&@q+Pv~= z0@Z}NqB3ids9!AW?D64HVq(S%)x{MVDNrMksPK?^Xyvq(!#Ur^e<`sOrgCg1u#8x2PPX!zF`2{CX?PfA?zLLeKkH?0J zW+Me#Iw^6o&?meXsHNJmUr*0x5X&~xu&PFkq-#a>l+5GIFdmyAnlnoRwFrefnn+C_ zO=&()Z+=dWT0EKTpM!Q$>#yRN8LBIEEUrt5&M%RQpRN7lA&gp16}+Ti8E*^VmU_{+ z;gT@W6{pS+zAaN4q_+=>9YT#(i>J3DS|&cxY@6^cI|~mq8{(d22P*dR)LPUgRzwHd zQSN^FNFM@;9+L~{sI0X2hPFd*M76W+;)Z=tr+=!Wq2QLB#cMof^zic*+5ZxY zW!HP!f7Dr5#wlkdsb*L+V~#$b`>iMH3CVQ5wl>!(tuhJ{OV^n-+6wmc2BdyV4JE2p z-OCH?LQ4`_9rUaO+~b|4(6JlCS0bnp*IxQ)YHJ4mO2y@<1+KX?f2MWXQm2&PcU@he5=&|7;+Az@0nGkPK~Ea*-BR01h!cNjNwB99e}v=>W87GU z6dhPBcpp!wqONNF*{PpBBumV-&%ZmTwh9FYHGY?f1Hl$Bw6@w|e^(a#X|#7gA$Bg; zQ=TI*se?oX*DHj8#WH^>R<@joMpr{;z&wUa>IpSLPf2-5(bPK1AQa58Yep9K3BEO= zRI523zLI6;so#q$yEdT^jw!dCl7LF^+GJRsf*=0A@5|NHQtqzFbZ|C5opkOiFD5VivJ z()>@B1aku7@Au#M3;(|#M1|E$PJ zjtNkIQZ@X@#l(bn_kJuktVe0TLLtO;DL8;O+OQsMTzQ!gnJF%CFhDn`y*G6Y8=2&t zQy0F|UuGxve=Hh}2GUnC41I(z-mmuE_VLnyt@Rd%8e8L8xjWz;L1TN=+PlC>iTCg);3uZ&g@W04^^EOVJ27&M07(>PrW!^?a$dW45?B>dE53mdkD^ECT7%Dm~# zER-AvhoG!VWN4l84TG<;oV!B4rg@$K7p5`&ZQ}MnaS6=-q>BC5CJ{qCXzdFR{F=X& z-3JFhHimdt)%g?lnLfZ;SWydOYKmUb0Trq=;SL$pbG2-~QLoy5G0!;APOaB#?Jn$c z&H0jx0Wdw>2s(I-U>!%T%Gp-3HG!f}fH9Nc>&7l#xEg1^=$FI;+a!;diVWm6u^aUe zZ&t9u3kjMyIXmYzH34>m^9LC!B;CaZocU-u%QiQO!dpl)19xMe20h-{y_#S7xpar& zTI6aPz+i|f77UQ9$5%wzkv`SBR6$F{e`O1P=F(PQ(dfyUcRLo%`uNB{Ow+M?A#ktn zL#k06og}qPR2A9mmyWBydb@ZfIbY#P!0U0Y+kDeDhE5cuY46Xpnd4Ae%@tSK+bJwJXqaZ}nq*KXtGwh$ND=sd2vpqe}quMFD_ zyF8iSI8>HAFK=|%wL0!yGZOGD%8Q+|qd0=~5>+$Pn~P8x86*~V#bRnwfU8n1#dX08 zAe}3-n#IZWX%b_%5Cq&g|MoX!pKZ8Vh1R=DHyq|1*~`7tT}G z3J(+gLF!Q6_^4NwE4hD(iVyJU6YkT##k_xK(bHrLjNh6y-Atl{(g!#%ZB9I#nf1I+ zIRMeej_N)&S3N|C{ZG`m+ZDSN3cCfHag{6}7B?3wB7Iny^bl0vbO0Vaz(t1^lr6nq zI8V%f{eV&y4i2(PR<^aa7ts_4jFAC@Wf7FYpUW|4N9PCFOG2#nHNSt)4x zAn6nH$3*e{iB*_{rFs)|8<^x~4b-&ub@G z0fIH_)(!4#1dU_}AeV~TZdm>v*eJqmu=wgO&Lrq-j_mRoo4l#kR`|kTt3(?#eDwI> zGYG_OexT9wq9Uz49sC-7_o}KMvoE^emH^jXAk!D#1XU*J6jYPIL+r7h zIOoTFq8m}i-Dmi{=)SX#rc%OGe5=UX&}K7u;qRt~fY8TlnAOeRaB1(p^Yw|K#4BhA zVCcTSbg%!66gGz|3KHqT(NWJtH=$Zrjz)(Iw3^&SP-wmqb#WQ*{?Ckq6+ipVz{S#JTZ{t@%k{yeS)jPsW?g+Ltq{$`=bL$JQ^X>(M>QdkQ#;881%~yb;L!UcHm}@@l6oU zL&rl#iGqx-6ZPBk40F}`709qlYPA zY9+9LvqL>gCPY+6rn<>R5f6`Yyg-C}i?<1}J3-Uyxg90&QpmUZjDF96(j8vxofCJd zlyLt~e0oqPcbMPW$AtGd99)k^o#n8dS{Y&>h>$2nq|juNwobqC>-IsX$%MiBxmsbVC5q9-US#$-@QR*_Y zr~A9^^kfAmDx@F#lwTWuk955WhjYBfVG_b3gaXJG^5DOvxA^Z0@%w?fKD)SvgOu&b z{sNsF^C~JcOM+YA`8${N)s=!84*+qIIjeTV;Cl|DpPc&}`@z_3OA>Yc<>uj=ubSO_ zrqO%zzrxO#{e8>@mE`n#3JJV|RVkJo6Kg&JNJjvAlb{}XIl=Q|D*a>QP`|Gvb6crB z3FtR(m=fRy+6foQF>ln}5*1z{jmTC;KyEb5k>-S5RThzn>@v@eRDzJUq5Wwi9(_!0 zfFjRroh;uO#1*(PJi5u@`MfJRVPEx@&R$8V$n{bHJEKX(ve`8h@|}Xx+7r2{fxeBD zA4G_EDo%>pg72_E{Hln~L3H#Qn+km`yV@2=6Zc8&*;;91ID;qZVbg407$)QIQzsnf z&Teq{U&jraAMn#T-h>Ile*3@FCfM1t1bo+?MYH{)vb@H`j z;&nB8yDlr*(+O`7W^k0)^!f{NG&X1U?f4fo^dU`l?Av7yq-yOU{b`jj$Mf^K+WmJc zKChp2PrP5|(<7hzu?s9fcM20tIJNWCXZs=EZ`oNf142|QdO%5c=7!o-4Uj(e5)2KA zu)#)-A?_$HKbqhdYA)xGP3;%eg$OtcPd|RNi=0=3aRPpcnVOMQ@FP`TvfR*75gO35yQ`8s`0NBBFd3bO(wm zLnOYMTVB4?tZiuu^Z>}>sUwJdL`FsnkuN6>!XW)>Eb%95|>s?chZJoz78$8U*y0p5&9>`j0zwsSD{v#AkE{d)v5 zs?Q3JB`bf@6^Rxg1PW!-kHW(saYswfJHVsmqNR;-WA8@;C#&iA&2`*F6$S0!) zTjz34JK<1Qam|k_i*`V8KSxA)vmr0s06`&!HR`KA-+?e;R&gVaJ2eyeuaOfV%J(iA zD{^5>?D?oj#B!XF zJFL=LbjN?RGWY^Zl4kg4ex)LBSy8c~%0!5qfO0*;V&{*>xmxGozTBLi?kXS2a0fsO zCy$W>MS=rxffN747B04Sgp_k1yZe45tX&&WuDuZPQ&0ZKKHVNqK@^SHF?RIg?l~V# z<+}b{KpZP?e4Ow^GY!2_3@S;ioRrmGr_dA$8(2)gy+&aunkv+cOH5N)H|xg*VU!VK zmyXGru(e@k17~k%<|rw=_rNdpw)ROl7M7R9(FUeOtO-{JIYgHL^d@|WOKnCR?AC%y zj(5JwRnsuT(FbD8@P_IR7A8h@BlJmg^vP!(7VqCoUdPvCO59#+8M9O^*Vp~MPWU&0@enPLCmF=VFfKi3ql#YZfWvQSt{*F*jufC98Uqvr^ zV@eG0$s@ocUJ)0Q6KKAfC!{na0?0vUY;)9$s1 zM&@=}($a?)=;QRBaD&Z`za>Qg(XE^bES#7GXR}ha#AU5NKOV621WGBhnthM6m<&@;cd%GRM?e2P;OClMuJJirx5_9j)qnQ;&39z$>bM=%atkqG)bn zfLV;8B7ae095Jb){&LEuB)<7GL*(}1rlgzFXNR8>2|ANiUxZ=3Qv_pqehx1vY3}WN z%fhRe5E~(lJ7Gsw_>T5zM7tGv&{A=^C{PZ;_D+L9bXqNP>9^96?DW9<44Gf>#WMU} z$LlE=F{O`~mB;FUj}zg)q&yXN6!I*Aj&xc&OlLkkj^VNv$iHs%kG2oZ|aR&@mTxAW}Du%D?9)&%j*O7 z79t-nQe;!|_=?2v#tO-hf2`f(K+@g)0$yt!mzh26Ju$BDVY>Q z8-5*I6VVLLh~8=QQtP0Osj38Y8TE7bQUw#4jwA|#Sx=hHd1u~ukY_NuC&>wC`rQ(ffum+fO&vyiy*4*G;W}*Dcxeu zapwycl3WHa`CVQnQ=mkLi|}wK$bjY8pw=OhhBq8eU~Z@i1#L*5!St+1j?TTB%Z^!b zdcJ&vP8EAll^GDK%|TI!aK=ve5Et+e^Zjw5gINzw?t zwFW_wQw8eRp!lYZ6Y`eJ5=3m_Y%tz-D$!-fu&nvl`t-4x*&JMbbkT@m?NGzx#y4Ks z10}El>TL>WwLSo-GdOESy5fG^o#;$0qz`-k4hLRZab_^swDzdF!->>za%OVVp%=n) z&{*yZuQHaZT?%Rh0#MNFn;JgNlwlrhV0k%2I~MIXB+<%w-YS%s%BOwWw8+WLS&I^N zFPKJdc6M^gOap>#)3gdAcx2pc2kYIC&Sh?AwKrs&Sr;K=naci{k8&HGflh8<=P#o( z@Q!~TtI-GJ;Si*J;ddJb?Ou%m-><{%&hN~d&mP1nrd&nb#WIRP)>f$6npqNES0C=^flSKM4gAZU`Nxs1sjMLUd(C?!a!tci%^a*MgR=~%SxF&r70&6KsgQeTTT!ru zAm-Lq)xCpib)LE7={&Tq#;<{(pbD+q%NA3eYloC48_|=I4m>8{w4gOUvk-oH&iX?F*YrJx^*7Oo01DwN?SgLGJ!L{M(#4K4~2xlfy>=>~627A3EYkKS<+ltba2d z>lX}M?!Bj>L)-&e{!y<6qF?`FT{x3vdy~W#+ZD3UKwtQ zTY$+63ZC8Asj-@`H>SlQWPGT^$&t>rq~03I$NN_7Nxup$@=i-faao+2?p-qEUU0i* zpcs4jIMoTaV1D%%@GGyx!8~5Y>*?}qlfMIeV0Bxn5m}|zwhBLYFFK49RUH@Grehn3 zpV?$xiT{gv$m2%Ie)!WtNZyZ}G{Hz2G=q#@wo@}huBF0D;b4gvo$7m^yF-qF(w@j9`tu5WiM&&B60!pb+e zYy5y=PSk7 zI9)c5g}hqfSRq#XkE?|o#jzYgNJ=LUYV9{^!ckJr!l9hV-;x|PTI5CmDmNJc>)}&_ zydw6G*RECmwAXEfZqd`z&m*AWMcU%6BW%A@p;q86BeHNJWs}ZldiC?kF;nJ)#++j!ZDk7!|a-Ma$Du@X2n1!KSwhaUcBrpz$rS~hSQoE zYj-(3cvi<@gIL8jRlgB8E`UIUN8oNaGQs2av}@%h*bRT;q0{`{qwJ8_)6B$ZV!a4E z&S-D{mvW43nO+;9q~;qO17wOVV^giN-}4W!vj2Q2Gm4F*(9rNn?Q{Cw%!djzzdF}< zd2S2B@_NC3KYk@j;gkL?$M7p7hTss|+0Lk1f(Cf*v8~ukuwjmKz^(Nu{(@?f1uAx^ z4!vLW0Mf&F7BkcSX^iD8qI8MLA*2&A8Yeq(Va3Hp+uFX)$qpnVL)X_;o?BEvqOfmwZW!4J)@56Ilh{Q)H0%=`*pZsj6gh^ATwY^=tu81R9&Z>ud+bf?DQbH0({L4t!j5^fNl3|OLNib(+d1J_U zn(7#Q`2Bw&d2OI0RoYdM1h^L&lu zMSI0Xyg8Hl-{Q1Ce^hbB@Tcr&xl4XtlY#v>;zMTkjGLNRhR7&XJbI%ZACuv>n1!Y` zL3R+`@xpk5`#YxRYxgCov$HE$fk;MrRBTBvj=kZKa zjGu#VMdyU4sR09_6`*c9ljHW&iu;Y;-ALf_&738AI<-nhVtb3g7hG#EOdyt-FT`j{hnGSyFtSEz*`Lc1ix zmlUQqhH_1mbKATrz-e)AbR`HzgwKupplz-Kcn`l_pTc{#Vor$XKfU^wF!YrfO*wVA z@zxRmjHH#v?OF?&H`9~2C(ex#)eghV(kaHD8g4__Qcy14uHo7ta+Uh@rQWxm^{3Kr z9lvG%lQ~yEI{7aeD6ezdqBB`4p1|ysP=;J2@UU*!Dt&dJ(ITalK;K$VzX;61xVqVE zOW>}awm&R@DTFWFTb-GTDKS8NC#pcG856>Yy&k6KyzAB~wL1*T_DW_g)^vJ-PnsP!*$Mvn0z3Dn6I&5BipiMpTiH4S&8 zyIdl!+jBUsGM+m}Kl12%VdK^PtE8v zDduL5-8QD5-Rw`{yYja!bz*q9Yo6b?&ZP%AnQ|X0I1C0p^I3Tac!b1>BE|GX+Tn^N zoolwbA^W;LFs}$H`8m!n-~4PpyxI%a&Y6K`*l>qZSWm1BR*zB%txQJnC7ffY zRA`QVu;``ny7lKfGaU7~ywN-9WkZ)UIIDyClW6c-{#}04*qi#!*IShQSz^9bnXhhr zTmHsClsB+m?x?9sALiwh+I4gEZ#}+{4sOUjDNzA$4Iz^?e-xLzidnS1bsBM`yR9mV zY0)4UM(tDOts)`$N2%bCe5{|WPWYD`7eV~|gBZj&rQA(S_=U~jDONlEuMEDnL^>`U zjTg*oEnF@=@5Ma$I!fY3sq;q+P~Y=v6UM>69L}41s@js&Pi*N(kQg^sgdEKcRSq&%w#h(OZ6r$XB9^56)$CwaDZL)syzDCQK)m(zLkY?@PsGicn|P zqDU->NvVqyWK`erugw1rmbR){=D#U_L@v>7{iplxGF%whZvPREFd~|d;vR9ONag)P8NktKr=CI^k%&8K2mu$y z?dMMxy0d13?$H?HSPxum&76K~S@48n87FXM=0!zoo5CcIH}C+Uf#;)RZCGm2Rv!f{ zVR0^@GVYb9ZOsa}cS(e81HXU6h48yxf09k?K~}-t(YNJ=2p!Cm(~lvE=;FY&u6FdN zCG9)q>_M|x=-~d~gY?taEIEgc_xsN6L+cc&H7}Ix$Qs@uQN{@z+yioZg`K|%{{HP~ z$6k(2ByodyRTB^))o*i3LX@hrN8zjUrdN6o&<}_~^BTU^z!i2bDwCUHS5e*w(7X|M zrrDd$#XHp)8=smML!tt7G^(5Ef6eRZiK}I9 z!ED$q;!R}YgvZV7sL-B<{Yjzd!ptR@C?-+Jdj z94>oP3xAvj2WL~$9}7?9&AD$jsnf*L%2T1&>vpWL@>)urF{u=lvPEIF;Pj5k*X>=o z^|zjWFI_r4czmhzGl}4_KK+9`*HbQOu!NyRBHXFJse*=j$9NAw%F1<3r_s{^+kO74 zlvMA1iDn#Ua@#XBwTM@73L)H4UF~^ei#CgQ zzKqqdn5@)8u|_O8`_v$4yUY~=D1 z-gY~{*)@3dS5m1l1_RszN8?`8d^GZ-FK4B4(ougX^Y zTb|BlHRaUHdC(D#zn3Y1`l#X2wmJ>sjgrEZr%0^)#4nOdA-1ydyOhlGO&$Q<4r?FJL2Fp?@SzYvz|zuCZ>W; zU6^hQ=aykyfmF|OMf<}u;g}@(WUjtvHsqoaw+jxHylI(3#@5RNn#k(fuZ!1r3o_X4 zYE&|5sIhI2`Xt3uYd2-Ty_TB19es%}2^h0>6ySK`Dn6Rf&*nu3C;cnn#?n5fTAI#8 zpBa77R|>LSb)L4y96@wo3x*jL!TdQz06=ZLQ|jptm~Xx|QKjjl9osXG>3uGk%Ry%g z@wA?piN$XawVG&Iq?)hJo~4rA(^lz$CU!z~iFj6CiTx)^w2vOl2z@TohwmP30N)3D zjJEXxLX&TQnVz(m&vVaLuXd%&b~fa|PVH${7utb*>}F+_a10TclmkhX%zA2ps7Lc1 zlRy3c=HW~w{2?Q!B?aHbX%&x>LNJ9_z+mIu%C+&NyK6LTmRg89I zXqe3es5%GEY_ZfGZp8+H!_me-`_OUdjdVt zD>bgwb8xP&G+=i2qVEUu4S;ZXHw-dsUz`16V(k7}95InAco-(~As9}3se#<~GU$_r zYg}{4S}MI|hBGC#(C?f6A(*__5Y2MJ43x#=8LJ}+$J-=&wz0o+Tfh@l zMKKh-T7t4E-Kwd9tYMbxeMh_LOyw985m`9LWjqah(COdN~ z0Yl23XVurQZNpxr8ERI89l+ft(}mXk_#{zS`a4Jz~?zeyvN49l*WSt9AciE|?h#SN6o{qetwe9SJ?ag~u`o?oZ1X&qT6*0=KcDzZ+~z5y z6>wd>Jf|?15|3;3;5K~@$7zyRo$m>_F35LMRL%X(V^LiB&1f^ExaON0Xe@zFYi?_H z1*go(2eRMT-rbG_Q+5=qs1Twij~-NE??4fV0(h9QtDW`7farX$T(|9qYX2-2oDl{h zLn^f)fkwmwvvg=uvO^jg>?TOWdcL?Tz8=r-Aaf5JaCZnM^`>kc9CM&JdR;D0PIXmS z1Y>1Io+U2rdkSnwOT3Y{5y7C zj~le5w}>dYU;lg7x#}Hxdt<5`-2>tzC3U+iMYw$D5d4iQJ#0*`Lg7=i~MBf z&lezbVgJ%*!~eL8ezy1uY76b>Ff*(CqQ7MEw0^>K*Z&25Y}Gpo09h!W&-l}730*+0 z)g@K0auL+M>-UmzofS74`Q}w+kMeToz<*OAlhOL7*X(pbH_CL7*3(KZ&|N@lWZe6B zS!Kc!_sAykb}CDk9_TnXFfCgm(RPnvHFQ?_4i@-~tXyF`2)-L$P46U%aXwwGdpW}9 zzj;th`MjQHcoJ9cQF7zd%v^%1V~IM*J@N=Kf)#vU?oLZY*{Z2;l^3=@FT#0I?xuUP zAlbg`3M^e+*)%)Xy!%tMf5n`a@K=vQZN(8?_oZ9*Zr)H&tdgl+6^)JeICZZE?D7PS zYbJ1E^pUeWs|s>drIkA!5Y|nFbH1Gq?2tcPo`x0}w~6!@yy_7ESA5iO#>m|cnlKWD z+L01=X8A5|{))+uh$DJkzsKUKPx)>2##u0Eu4coheP}i%+GOS$_^8r$NG$PWTPbZn z3i72t;}DVcA(m^t1g5Px5jQ!|D!QIi2zt4*`8>D)!i#9kHgSIRAz`@rJ&r?>h-;Mc zN(jWaj}#|O{o81Sh7vd7o1&E{NS^V0-FNYHcXSKCqL_zZ7WcW0)@2I%YN;|@+f4J}uF^E46jF-Oy+X`lJoFNn=|yUCQEzhNc8M}Q^E z6P?$nnUlsHK6`^pT3CQhb(C$?OLf+`-$J~G5owEOK{K+C*+Mc#Nd7*)ZT)=+`uj_pc_pjv@;pK7` zGGWhbNi(I!J03y1YX5Tgt@-u^e0Rxqx_zSRME4xuQ9ly*f z$htmcD)Y$2DRc*7=lKf~-3-|8m+|Z&d;${IB-QfM8!K%jW0@ z5`*=y=uAh#?qU;8cICm|k+7^ckAtJ!riw>w9&T{u4324-ht$&NcMc>{ z)K%%|Da`KMhWrD6g&yY!o@`pt_^o?JjA}09|53K;~2Q0U@Vg77OyQ%{vsh%D#tjs4H`GH9l zT+@vR>)taKJrWzCGI#4apYU=O3S7>>-z{86V+N4bk!S!#TAu_J8www7{3gyCy55|D z#kUHVY+l}S@9wW0%Je97wE7ul9N(4L9=GNN{}mIjmzRzvUkOE6zvagQ zlMYz5TjPSBALZ94k9#W&z_6SkT4CTL1~-BS+2<~_H0@vK^;uIroJY57{ygKricHMn zQf`ul?)bi}9&a!>zK05;Re0QQP5U}#!b`alWTvU1;~wr}B=@eNu|*gP~}@Y_F-lM*vQq>|7Gbt@yQ(|XIYIz3QV`W9Mfr%?7L zOhE0%TFueZiXu@;`IXlZL#sYyfwRKkkrKqM9PZE)4bXZELglUgh55dPfM-mVTDVhm zDMxcmN5VJG_7}w5Vvh%Wbm4+I<8Rp2!JbwZU%fgKtyr5H`ARs`c-}8UQ29a$jbu%5 zxL9H6ByZG`2!gf#RIpM{0HW1qWhQqCQffC~c2|0->W&2Q91kR-?aC{tEto4QLg2baf?1DG~mg9XAN8g{{P4%P+TANvc9)`n* zGOUHUcZLntK8+A%<~e^AbO1qIQo7rnZj$h+`a8o8iyUhF;d5WFWRKPfal*F;^EX^d zXNgccG}iUe9e$rV4_C#rpBV5X*#`mU{Gk7)JnY zJ-wL7A!J^(5X{lz4AB%I%mMye&bpU=8_6n((%dO{H76Xsb0h%YO$wl|g=RtLU`HRn z@NnfG{cP9V|k9I(zo0ww{p>MzxG5?^xcCtR2h8%tvy+$98f;*F=&c z{6tBV)D7)pf%?b$BC5H|wpsZqa~CCP=qW@_ZXdOKb;BQREjXD~oisIG8Q53@w6u7| zLymjqY(djbV>no9Sw9HIIm^<{jAP(kwKieWl|einfFAxlY<_-~3a%Nj(b`Go_;4QE zTu(v^3=QtKp;1nM(a|;AG#3{cEgw2zYoD--D%-+b+=QPTilvVY`**BI4pD34chZD} z^#~ybJ6m=oXk5Vt-{B^hc0N)5{b*9te*-klo}elwoRiM#rFu@037N}@ig^71dBaR;s=)z(pxWrsv;f)fRs1vGjsf7Fo%efQ0HFN-*6V0BbCGrO9Zf* z1k}!`w9wk1dwVV|D-vy<&umOH2OD}_+HGc*{`A74!6tdudfACqL+6xe)YVA#80xM1~X{UB{6W_h5o%b zRgFu^%#jxmvfT}VkfcS#vv8hOg52{`~hxrX;J(<6Rp6Kjuw6}k@`71eR1ghjHPS6yO z;mj~*)^G0PC$1X;Vgo)J@8T#0C&KvCrHQiz0yz5ejWSz02`Vq&;Lx9W^|U2;uA3dE zbOyv>QyWV&BhJ={BF+}$UjhYt1>vLp6Kl+1Ue5kN?DJ#bU>||S^_oW&PTLkw7wxKd z=Sn2+JrppTB#A|h&`lZDc_~0QPOEWvRn{vX0B9Ly;=XLy|s^pq^R(A!+nsL>D^{TV`P| zPFm>C4-oHbJkOn6O2n$Xy-vwW^~Q!ueljs$j1|AFyA-0j?!kt@^G z+*X`!smpLU&8+*UJf_pSZ|TGk&?u-x5~;)+jSF}`U<(WLX!rg->)_&QG>k1E6fD!@ z#YG+DBkMS8B|XDy`o06dqWeDkjy)R(*8>(o%1}5P?FNz04Vp_%&OoF!$|9*Bl-E+Zq(v3t)|M6iThw!-vOK!| zj7~OE)xPiV&~w(WQ$kZ&P-J3dB?OSrQjX9|}wEAF0xv zZ?N+He?k{m=kQkb%w9$!l$UrtGl^9W_^oyPfMW0K!g0Oer6-9g*3G}EJf05{Qyb2T z?aNizNeDpw!vsvXLoBu(ZrbDY{n?rXdk1lwC_hg*Awmk5Fj#$wUtU`5-0*9&OB(^$ z98sF-%86AQZ3FM*T)N$E$K@-xy)YQ-4X&T;CtgDq=SNsCr{x@budN zUE;3opym?d9k_E+w1t09N+rt&1sv9qOIl3eXF^@FT4`|aIgSeygUV>LGsHfrB+OJ) z?<610Wbt2vbUi4Eo0L8)jCD19cGQQypIl^#l_fpZ{E%1KpU^0^h0B3f@r}=Qq`k!5 zPxi9|PI3`azQT|WJHn_C77#^^1P{8s7EyYBcMCz{?rtbBw?!{a_iy^+(U~-#yt6|z zcRBj~Y-FAO$h1PDl%4!Kam5<_Wtb*RD6%(=f57f18Qz3IT%>pRz0ZF!BMqn+HE22U zvG7Cqh{Hq>R||i%{7emw=YZvBkgWU00K8QeH2IZ(QUDTM5yQ`NJkpvNZ0{me-W_Qp z@#RBnZ%&4U4=5`29~R3NGBEq$?{0iSXk}qDTufFcHC7I`_Vp$zCpMi%H==K`w4Z#w zU2D4B|4?HgVr`G)aIi3zHF!XxrG~E%s=d3U2CCHw`XsN6myf!mkBCA|@_snEu=1O& zlmv9f?$|t5)w_1dIyQmR!>)p1dTxulrXP#J6K@c7Q>gZ7DG-}IaEE!qnd(&s(X7nm z5BE~54YJQ=>IZJilRNyowL)t*$b}oyERy2s^SaFn39QE{y1;7gSEM9|)oSqcpHi6O za#p6bdGL+CqyeUsW}__}v8yBori$6nl?r1t0n&E-klZRnU!(lc-1T5mNxtQ4CV)78`{RvxM}lPoDEOQZ2M8C zCVxkTqNF=iBMaN$cWTGbJmT)!<=(T~(Q3t^7UB7s8lLx;tI!C7cqlVlUR+Gzupjg; za`daJ^)jFDt?pWsrw>22^0R79rhn&8P)T3AKZu@y(O|L(q0+#YH#+XxcE@6rc_^6; z|Fw}VJf0j-0y41015`^796(QE1A*G{VGN6m29H0;P*48wC&n-I;IgoRH=%m6#-V|z zR$1P37csqMvEG9Q|G<`CJ0#7(J>GdXuKpod1wp&p^eXsWo`mVV7zkU*--d;zfon(6 zfc0a_iNuCR=+T*1lRat18I57@4K>Kv$kD7#w6<-Ej*jcdt>G+EUWEwWkbhIb->u|& z+ttX(5o&Lh^WgY~(0vq4oeDqAGV1J``55iu!XFK%Hz3rc$9s?aGetGPnDQY5^g|Zy zkd`51X4Z%V-m<=dw{u#DH|r{YZskt%8`k^T*`Snj@hJI`&ny!xwp|b)Ux45>e3hZ> z2BQVk?zxek3L@@y!6HqH1`g21eQyu?DA#zzTg+|VqLT`+tI2C>y>WoOVe!kNkaszh zo6OW3(1$7hw&1+ClpDL+J^ACKO3Ty!PgVopi105dyiOna92%%}G z(0tS=QlhTm?Y`#3=;g6hPlyz%obJWL7_ zw+ZoroNr}1jH@n>E5A`&X0y!aaE1bI@Xd_;tW|*DP}|I?qpQ{(wZMc@dzMbsER%bX zriO~TKopZAZ5pGAxTyD12B2N{?}Sb5y|wuG=eu^Cf2JAVPxFN~dW2I$FFi~@jm(e2 zq{)5031JR0&>)?VPigb5qs&miMzT$SOZtw!l`&^b7s!TP@>$91BVdQQuFfb1CI945 zKsc+U#2cFquipEoPuFIEQhBf za3Oc7pNL~c2%9Gc-sOPu)S2wwS*`2QYLftOgRM4Wdr~t%cFu3vfaXz@+QV6(X>jii zEDjWm>$`N?z6>Nk<>~P%qZ#Qw7wxUsj}QY%6^ra=Y`MsmW1&zFX$znqZqS6z{0^u&o~{s)%`XZHoU~7R2L&lpn#T$VO9^QzEXA!DK4w z$;Ow)`|zZ4i|n!}iY?^HPwKAjc@~}=MjL0Mp5-JnLu^%n!uzMF2*sYX@I$Y%lzqd_ z0BM{qB!%cWs}ji?(mVme@;pO9>yf<`GpllkFr{~-Vbae1ULqkrhp?kL=1C}gk>a^G zJo4IqA6-2T2ENJ;XW$-vX*_Pv#g3=#ciZg5!m>bgia9wzwWP1N2AaZGo4dIn%N_Cm zI5t7uczY+ph`}3?<83XA8tIwGhRJ-+HMFY%+ILP&tzQjAtr#BFl-;@ph43(q;8-|{dWqHh6@R5g zU*eig(n7;Dn~@{3+@5~>gFHsxa0_5r)GtmM1k)753T2m4SUD5zUz-SKsCt=0 zf6&>sH-DJK*k$e`+tv#fCV{E@DLjLpDQkYcLSnNmAT?k8 zaEeZ3^-XECB`-~c9l*r6O&+KuOdfS&ISKI$5;7D3sdIGIgXIUjJo%tU4Zga9-8(lw zrfSMTZh{tSf9`_;`g@=kz5)685M^o{$23hMxMq?@-6}#r|nKzkc%3# z+Ahu}^KG*7eMutTjtYCcLxNng=RT^daw0bM`o{dF+xdHG@*b9u^uUS5Oi1TC(K&ZF zII-PvY$xLg_jw<0*;284g#{dK8eNYgwFYB&T% z*$hDIyb4unLLfE$LPMN-!hFM4)*89&sdNS(c)H|L#yw@~MTLUaiEewb?Opf2S4gVu z7h7;W|BY>|>pv;Jarya;xaJM3x+dbUn-wA<6NUnStuVW1rHNT-m29R=>4B#!0+`aO z40DeilWyB~q>>757^H5^_rakazvJb)$?FW?8KVnOD7E@VD3q#}gyZ)Spjl1Y8(w zd6N3A9LjYOo0Zop&Hz^Yf6(~&w>#*&Jd807Hs4mw**?Tx zlqkieF>=!a5CsXw)1`fkjIUJM2+Dt^+v(VGo*K#SxZPVK_M z%~w239-{x}XDr@sxqrxve;4%ttr{MZM0eBSuI~z|hxeYQh6H2ujG5E77v7=FweG^+ ze3u&22XSwg{@;%O+o=Ap0y7Y{QOXt$n%C*?#Dj-Wcla<<7R|}d#gSdxip1fJ);A#A z*-PRT_P3=Pu3WpQwQQ9E;UDsEF#o&l{B_(bVHLRkO-F4iz%uxVE?Vwe-@r>Kk7?0v5MvG`8v99m;A4h_@^wzTkXgg zVfi(EFOuJ`|IKLs@7k}B_fF1EPHv_H(*J~0_|FM>W=)+j*at)5c4o~5$K(6I2l3xV z^#3m`|LgV6p0Ef3V*jtud28HVE#?@?)wR2lq&#}C^MjdLYy!fnOW@DTzbr@vQ6+0z z>pvQlpIO?6-!(EEo0*wOKK@B8V=VWaU3({keB1q=NsBw_Agi@m#Br#M$zJ=u;2)qD z|I?*aD_9R0U0qbrUUr7=8~<%XsfZ(XBCxWOg`Ppyz{CbIu$HrCvU>5E3x5?Ec4j4! z+miF;p*pypQY`9V2-*0J(0B4#Ubi$GMU;(>zS$FvxWO7|6XO_~u7NNiZ=4k#GVKxH z8z1uz2Ce_I)i@ib&RCqEhKFiuk8zzSeU2(t4U2^Q==F6+*L{9uaGOJ^U~9Gq)3ZGS zJ}}pY_}|jgN85$Qlwu4WTd!lTNAc7!SZ><3J(-06=gj$^j=nw7=7Qyw29GKcCMK?_ zRMLh!dw=*q9Fo3*FY}!vLukwLP;pivA`Zo!yGjVVSGs7NR3!AUmV3Z|x`gu`to%JrKvZ0n0eJeg>(>_9 z76-fDtYZTPu#A&6II|c%K^95m|FHE|U2%n5v~3dH3irZ7aCf(03GVJvxO)l-S~wxN zLkJe!AvlG*Q%G=kce(7-+Icv8-^cX}zPaWcqj&poxMhcElUbqagKv0Sg_}pc?m&Lk zcOTnLKY`!qup>tNXs-{d@CK2a=gS>&8*RZp108b3wuW#-`a)}C6#pW@v|wmU?S~X) zy0x5urC9a4QpQQfzj8Gf98_o5*b{u5L9$=qch1sdud9P=)4sl19FV9c=LE|$l)&1= zNPV8503wL~u=dPAy-o+xZ>9@sW4S$_S0$*n2@sUbb5hF1D=6`Vme)@w`ZTZ$f5mOCG&#rG`7(lK7nG4H|>j^(jHMe_c zLa}HI0jYv~I9yNvu-D8G-L}1lxJYlG7Z2Qfauj+i?$ox7*6lQsJ;S4sJ6ol@kgFO( z^0GhLECe<5;oupzhs22u_x29Wsg|zJcshp1qW5)MJ1JcA?sC|=_%Bf%2`2~Q@<`H| zuntrjvDZ2in>oK1qv^4b3{9+-|?_dZ_OnLEFv zIbv)U^;6EcMECaF4+E4U%aX;|lluADPK?1T;Ll-)BXB-oscwChfN6P!Sm}A8-;A_ zZf;P3T?^Hi9xc_IuuBJpXbINE#EIBAjw)r4iu(j)HZ?EPOrM(xS{!oS+6HYtMZnve ztZ`JgqQpFX;3CD>dfGw}CUS^8%gg9JQ@5rU-$|ps+fR^nX(;gv&vz@kY@d3ZQDHm* za$KL#G})=rJ6<2g*#6!KE^07^-e>?x-M^o^dLKsF|DLb2<-Y>d7a*B!_*PpxvVVMj z#yYV_)%P1}Imb9AbFj89>n>0)a@kt50k&%d!Lv}5Z>+UhUieKF_4Uv3p<=Tbqi(-wlib5U9WAiHa1vog7?CB>chC11i+MX#Rh z4VJ5{pEvJnfXmQdRX1JNcl+?27S_B9uY~gia4DW9b7HJi)pR7k!(1ysRc@E!{JUfa zc1TH(gq?e;k=YNth2`{e&Eat`ceF<4c&~DUz(uR#Fa(3o)a2i;baA_2EsMhK{2-g+SGx^OP;5nbsxWb5d3q=W z)C3*OCBW~M{xVE2t_F(po1e)a>;w|nx+H*vJXg!Z{6 z;@>V~f^VNCUd!eigCg?Yqo*@*6Hnz(uu1635(-v$UTEKCvcj#6y>OkiWl*zE_oE}C z``2+1{ZcM++sNbo1n|@%)%z*A*Tip;JtCv3SQ{qkmD^49Hr6{IUJN#+fTe%#+?fPB$JKBfk=t&=5gov0dzi~WU!*8(Tp=c+?Ii&lp`7<+6Gp;LD&T@t`mSV{OrLvV{Dh8(Aw zGh=y(9mj~zZ_5oSISy8Q0Nk~pLB8vk{~jJ+8d3Jj^s2%K7i4xijUI zH^j!tfs~M6o*13oy46i!*5SI~V^gVB_o>2^v+iU!SgPQ}Y}r#rMFsiQz6txx^!wLJ zr~eQv+ses~vuxclHuL68WisB=5JtPt?%6vPaf{PsrTu-I6=s0)Dg9HbH9Ov!4O%Z* zVt2A?T9d%+OLoo)$a^kCo}A;f2)%!yW3d1bmZ!}Qr?>knA=%6KZ7YncRGT8My;|Wo zPk;Z36t93HQHAI`fh<;ck253zI-AZ-q6_|Se*LPFqo+>!UVpPFzhUNsYHiKi=f4=I zm5^r#cHQ1@bb5m*Oucu3^mgOu#O|)UO{+06n*2V#OXcM zj2C#eX!yWjsLSgRgAVaFymAtX?bNvWYYW>Z9g^VW?`?#?dVob?@NrjXIDjtuRdWF@ zizBNpBmPLD95zb{-ZPAvz;E1Wk^gnx_Jzy6j+^qa+p)Fzkl8b<9R8U;JrAS>a+ksb zHDz>`zu@^dmH@kYn)Z3Sos#hZ|Zm~CTr-lL?rq1Me z2cn8G`;I>ZI8xlIY}!Bd+$(F;CD9>CtB$tnGGk#X+1%3zd!&2Fv*K8 z7bS%aJ-FMZopsM2+tZO6iP@475#1Q*xBVviv9|`)^8rvJP|a8r74;XcK9#k*sv6mx z2|C#2Ib53j%5}HYxR@sm{?6*Kq*8n9acaskRPRg{qwPQ#y$}UjUwtKfUo^&<@@QvTEw=*bxQ< zG@xKQm9M>c9!ri6J@*YPf8Z0jK@-NaLg+_C1>$1HAUMy`3 zU3pk7bIAk9_H0AZaG5PMC&wZ!$L>2PT-N4BMjo;E`KG9H?R06XibJ*K#MDBc+=iun zSftde2@%Ppt9+Qfev8QSR6*L8m27MX7vXe0P#v_fqF-dP5043(!@TE zXbAo3_1}M0&i|0DKOp^er_E;O2CY%n>Ho3*-5E&E)u|ATCCC66cI?2vt;I9uv!Tm= zIpcq6HopJ5C^o|$ngyW%{o}!8l5|+>CvlO+DJ*Y8*iLGOov*VViE2kGfNU_xJ;_HB zUr+p+n2He>a-916!D&>5rxEwJEPWf|cJR7Hok7G&F^R_u=VQF~BM!2C$b*`;=C=EP z@7A+>t5dO$(J2aV7jAq_iFf0D4}btNWvEq(ZP-Y@(BnjM2dS0GU=Wsq8{hmFeun(Q zSU_+>Q5BfUBN>gsICmRw%HptDskibpCmi8MbAbOF>TR2Ls1MUdm9Ib6N0Bmbjb0J` zsG5AMDj!)K&w|9;ee_bO)q0oZ?ocU!1t_hsXMtfjEbvZ%6{7n?!Lytt{AMj|vbg_va-3k+} zz2#k0a2X;@(#D6t)8WZX1AHf8&7;P9N@Ri=>2N>MfCnyCQtVlY0iQW~3SEGwu8W}v z{L0;@QU(Vs4djoD8`I3IH@A>|BM8f6OEfvGz{e;)OwyJk zEo_}o&txl=91FcTt4X)WDXzD>zlB{+2Gj8l`10Rd`V8_{-6Cf%X@>5Y1|cOlJpddt zaD#MNgGbv?X%-l~ud9#wN5mLhrGp`F7taK%p7n?pxb@UJQe_858P^sO0+y`ry?$=R zvgSsBpEudPcJ4SdTt7H7nG`0yZsL%;l^vtvH42Z3t!iV3NA&$+nKk z-c>zWQJvLeoyBB*PdWrmbHHMI@*mHpZh)C1t^P)$^=v%XDdW(k!_3^2znGXEz9jl% zDO~TC11P5W*kyV$n@9SLL$C7;`S1J0&X>pBkI3_XMJ&R?z&6ZA&(FRi=MGXQE4bd* zPR47~GKe=7aF)`zs~DBIAFg!Cfwo0FSPCt+`roygj6=g}@M;Q{N)-s>iT zVZl2-RGu`Vz9t_)_YG8!TQ;q?{r~RjV#irpb3EBq{uDVOnxpYO?G2uqIE1j+UyQAH z(q){Rueg!QBEta9DT@$}aIUE5-yg6|5<_1_tKR2)N?PyM5fkgy^X;kMBl|W29_X;5li9b_>%+9 zPe8fuom!sa(%YT~F_zvxY1-KQYnT7x9MfZS6nKIidug67>ODvFh$9ygFld~e$xf*M zcZ6vNzTdgJZIO``N{sz!IZ|^F#F@N9ILjGagBHd}%0Cgfc&IY}Wb&Jo3-o~gw6!~Y zo^P{~db0m6fKbT$YkRon-AJCCXw0t#C-b6iyzfK@&Rq1&aa{5Fwb8j4W%7Wg<9AE{1J0h7T zpBg|(z>*z4>lVzOMxnhG0EUpzvU39ZMB*yC@*5Sq|FZi-=B$E!eXGJpZ7KY%Y1%g} z-yyLu*u>Q4D3OrXxOg~=dt0-&Urr01K{Gb0=$G590D!lBT-8GDxgq(hkejaTst~%O ziKSis`u6&-jVQg@!jTy(qvq^(Z04imwS(nR^~dd=?~%m%q|ugp^s@xzEX5@iUE9A% z66YJm<30@RjNP1>B6?Sz1h7FK16-yxo%gaMND}+@sv+0v!Vs9G#+R+sqpne#ViEd= zSvyRL1Uio;C_LwBH4+@+ht`j9SX=g^3I@`8n;(r<5@Qlu5oh>rkuVZ{4%lg$%9}%# z0%*@5V3ADRFrl`v>o8rON-X<6rLvQXE&r?;$krQ*wR zf7GKrr!{{@=1EcYVEpoa`}FR{&63t;e=Qt#fq{0qdDBN`U!1uzoxqN0b|iDq*`g47 zJsBq9;vbO=s|z97BZ?Ak4UlJ1R4wWWqt%G92-5ApMr1F{)L_ylXg)i5)b}ZS;m?Ya z-l#4ZUHzCeCiHONVr8Ms;3A}>#gzq}ugLMyOTBI}MrVQjx11SsGV3Y!2V<7^^$zbo z1TDyiDw?z{`?342NR4nn6SdkqH3o%7&Sm_x$3npYBRME>|%Wy4Yb1{0L2gg@|T%JAUi$erv# zsn9~Kvgl1LK*(A@X(-DjDR7muyAGy)#wJ~d+r2?dBo~hKEASWqnoo!ejC^^U>P+Mc z?Cv~f${{j%+ewrR z)p(i;w0kT;)21GJvTpc)w%84yw=BgSR!s2d%O*6`-CeRMVWg+O%OlJqptXQVZIE4mUFUM#U(7^4y-Y?2QY|k4wK%* zq=nHVktpH@;rQutu2s9i)ci(^zft7=f0PQ#;qZ6zGWT7a?G!A>Pk9Tl<+*2umkBKk z4?J17+j!Un+ebV!f<6f+s@66UY`P(LlT+Lf1TIPTI8FgM zw!S=3iEUYa8uM;RcDMJn3~6b{s>y*-EwN@$h-}rqlql!*(Ha5Id$i3~?47xs=kohD ztDTU}D)!~S^pT^1BI^~}kY8vhur}#5+1ta*Hk&Wy_K?^J6fUAivO?P(NBsps(}yV= z9RWJLX$^OoPg&5p?D4j{bq;$m<1i9)Bq^@is~v&^XFdpUdQHexuc>XDl`v)UCSfTg{#U&sYg`sq>}p;+s8^MzUa!5j6@nqyjaG zYDjKsxG4CnQklXG6J_>6^2oFp4de~}0`vbpPJR&$uf{BJf%XmjW-sb1aJl>MwXq8@Ci0fLC*;rpRZWDQzR#n*-DEZ*Cu}i1X3Max z+Vu}LaP%PFO_Y#uEame)ig0@oq}n$Fr`SWQ;y4xPDmXH&7Mc5L;uds}0TZBdANnNR#EOawR5U4}CuMl= zmBa(o>E+W~Hi|b^)BjJuDdyYtx4kkJ>8A#FEu)55f5*1lNv5)1YwyGkCbb`ojg(T4 zLR6h$??Wzp?M1X=7yFF-K8x(_5p|7(aK`vLA;F=N*&~a1?^W5>)RvOyN*^V3y$}}` z(xS`VB1L*MmCnql@E#hF|BT9*nE2*U|M#1Nt4-!VtPCI;q`FlW!c+;Zz%EI-bfGH$ zfWV{OfwE6b)FsMHa@lRTUZfsT7Zm~X{(~pYlITJ*Y_TQsKev{^%E0eN-{Zy;1ZNC1 z)2ZLwpR%4|KIT+PSp&pV-!)zO7Mr{&KhdIJwncv*vd3+iQn$hp=!}WF4V$48LeCPMvVp-Q| z$K!}mn9ttiv>DTbz9;aaOYZMp|9PWk+&BBtxyEbFqrj2ke@JCH9tZg#d~K!&L0eI` z-z~;Ov>lsD7RAfT3dB+@#Ch=nyO5T~%yxS}eBu?LX8fLZHuhj$ULtwE&TX)>+j7A8 zBP%&CZL=Mh;mL}rEI4aTmM&7XcE(femiMKZ4n;rKGe`E6iK+ud!RU~D(M`o8msO0= z7&sFA>-+K{`Cc+5XONRUde%hj8HcTurX!w${>!bDV6T`c4a6b}EvLpgu7^nevMAcYtJl;M}UMN7?9W(mA{&>AU=KSuCGHbOC ziP~69As4zb8!k44R%(sO!d~ax_e;|y+=VAtNmX!+Tr4zZzkG9UXx>Uv30EFblc-g& z>6DrGNH``2X#w}wIC-?Gy;U5$v0y@GjOsW3V9#Ej*^4CWrQgz;9I?GQbFi(jtjy`I zKwjMunFN{z&4FE18^Gie&?l0KIoiRray96nH44^kw=vroyRJUAX@T-+r6XjfMo)G@ zJ(Bn52gdlgSHOIGLJ2I#p%XDJ7P(N#L)MZZ)-OFo!T(>C+)|rc>X1N{O+g#$?hgTH zKoL`Po}}SkL>B>j6=Ec2Ar%BTl$bEFUk%}L(ZMMRGBgyO@;vH%%RJpCJwknWkt`+q zJ$bjUs(HREsuOJ7Qb3K3lsoSqDmeJEpGZ#fFOojz=DZ6|T3G>vqq~L#i+Y@v)?f$l zlUdc+6(9Kfg(-olYrBLd?KjYc(B$Fao2h#eW^K{EN!&@OOfIC#a(~0zd5L&ujtYd% z0l`^m9_DU4>4LQ=Cy6CG9i8Nb^@P>O(`a`e^FD|in^x?9WdN*qHtCcZ;6)U8dhp9P zcQ+~}uYFFyHxO>CGDD<^{=#XQx-%f?fU&uA_Ry@i#Y4Z2$(5=WWId>eiv@zVU47<^ zC0Fd1R?I+_gz=xhjQN!7^AL9E93gw~K+BJ2f7!vpb{}*@P z8#1Ao0H-ktj@=0|%E{2Y2;wI?W${m?^303Fs+zjd!#-rzW>^x{L_CjML~4kGlanYb zrd{Ee4MDYkNw%BQV7|Sg7|B&$o?Xk^FV5yBd26Vn@v>Zhi~yKp^?_dvr^0zl{sEf{ zYOwHG1ot>M>(_fyhH%Ds6&~14;us1D2frx#AS%d|4A%C~AiPID=M0@BN~bQpCJL|i z>IxFlTHC>*CIV$bWB(PMIetSDEYtZ)dKiX$(#2wK9eZTc83`Fe)!0*Ij2u@aznOEc z<$$yyJR*41SC7x$l~T!=v;0rPX>CbODPqKMYlLy5{&o=NrhecK>~ z2CL|qOChyRBYfIdl)Hr}27avtIa7EVa60kL5mVLcbrvjHBZApbx#`=Z`91uLg%!Hl zZ`I_?XpvL@Xe3d^uJ%aUodBMXZBySV3WSDHn zofNAAA=+^%RH~)e7XCiuo+omhNG)p4AvwqKy+~z8Ci^>q)-6h@bB5irLT{1myQy|^ zc)^k94q(oAGNCbZr+RF%ti)g8H5SQ_$W{}45VSk)dadc)s)7cT{UxPMUxBPYBSU-~ z91t}1k+ij2e1J4EM3bsLF|>wDMxHE~o+0f^zMFW$LP>8|Rr=!d=5}W`QKZP7fd172 zw9;6a)C{x5c$v3{947fq;l{bHp?;j4w}01bDHx;H9BCogwW==+q@i(hi$R3B7q)?8 zuv~{A29~aV6BNx|wam2~ucHH|?z2WZ_2}G=$beUA9>Qm&bq+Q6Ph+AP3g!C&#+8cx zO=5=T33?)bkjTr{KHeOQMvD1o_w(jW@Rts;Zd0Bs?BMURXSeoB}A7ZT_ecy&l%?F5gQta6zsgslW2Z2+H~dW4*br z_B4J|a#0gQY7ZxS4_YH}cU}G#E4XDDjjJYS1&$m0VR!uV!IoY4KG)5MBY)CFtSt6Q zpKTqp%z_|Jgbv&aM70IC^(O93)`r%K1WyDPATe;@)_XIYw3ri+rx#nyYOlXl zHI0T$3PqU!=nm!UW0XM+%j?d&70QsuG9OjsJoh9cBkY<1SIkw|YWFvHvrRoTk+A^} z)C9`*xLadip#I&%(Y@^1(KB|cbx#PYme2Ebftw#V{Ni}XP0vmrAwigtM-!PjX&r9X6Qv(v1W4jP99>ynMlM#FCLCdlsfsM?~>%Vpgl%6LTd%3|b zR{N{AF>lwi`jgj-qS8V(oHeJ3mLNL1w(DHPVwrZB#!w(o`3rQHF3jePCoEqVd}qG$ z9JiTe1s>Z>quAIqUJcs~U`J>SNedRh;r!o>&wTW|*(08>ZssJmvQ8s90)(r^BG~f4 zMbli#w0LTSrbHMEWp2NC&?~&L_maLuWf_i-js4G|*OlEL^R4o#QmjycWWU`Mo@rA@ zcq@=ULk^jvhB1HmG5B^}mp7A)okV|9*C6!cjqXIU?*3dnhE#YQjjusTo4!#<9G{`t z;1jG@2e^EMMRf39_Jy)Mk6NUyMrQMfg8x8OO*hOuTFQMw*TKmNPJYbM(4 z_$p5R2qRAfsh7qemh+%;1~X$tq>!fhfUjh<%#=_78&j--z)NNkx>|;gfS?PjDF~{O z{W?i=m;!KoD~;=Pdm#wytmCbh-1=N1_tcjrkKa5oqvU(^-&1(OWuE80L- zo5cPtU%pc+!_$Y!tI}QypgCe3VL&IcMb&xZypA_~iW{bV1i++Q800&Ja-Gz!O}(9 zvvT;-=yRC6F?WiRBkWiKUWWmB{=lMuOXDZ7tl);c zKGA2QB^6R#XeXFfONI!#l+5{tZC>mR8`>nceLS;kAmDWuuWWX}etFpYz`Xm3xt?}v z%m_P$k4*Nn4F(g3rZY-**y-~&mA&7gHvioTF8@`xa@BoN<3@a_Ke8oF_P)2$21%=S zh9p>jadzSN#oD0>Tt+ARNZUQ{(@P3^#q!QO(ZWk+tV|m*$=rfiQ=sX%Yi(>nmd++8g)_^oXZeG#Vd1>C zD<4Kss{&Ja0u=saVgZTgo)@y`IbYls%8*CWJKN#M5*cl+e83>i2E#%`$G8*UM($A! zIeZRWwrwInrd%IY@*pOW{miniam4b70#GhXFgpgxT_+vFCE3!-bO*%z-xlf9-U>nd1 zb-!UQ8KuTXS`#G5>o__yFn5&`ibKyKF*8CR(sB-=D6qqcquJ2FSmiRw9(tr_VIM|{ zf1jKfQ7m;42tWErQlX($DT2gjr<1nO9W|DtyVW68OOP07g1Em-@8zvNRLs84ePb^a zs{C`GeVva{{VjQGXN?HffW4)+DTX&!n26G(Pr zjAru9G^RC7+s)zh6SLcZ*~EMz`YM0dnWGYsj;v)S|+N&?Ic+De?Z=tgwni%(j8(P@7ZqGEy5$E@kzD?sD| zaD>}&=50j0AHw*|@yF8-Ub>nwV)RFrdyC1E>X5w|Z+@YSRA~u*ncq{D{ir)Lpissa z&XRkqaP66^K;=NH&->n}cW6j9q_dtT*G55qzO&O=gfXrDpCBztA{!r)I`~E>t^OS* zGjjJQ3fw)dUF!2Y1pCFrAnuh8mNXhiD;orTQhkLgYjHui1x>%dH`D=*VwP}8&t~Z? zq(eC(-w8dpKQmf>W4C}XkVVSP74?;T9=ZbfK;$B&GM-*ZuplVqp zFrD_rCNV)Zm%Gng^d~M^u9F#pt8#Vj*|KDE2G`*$ps{VN<)Pi}`OfBo?~)uSy&r(g z*<ODyh-Ff-y1GFMp=K`3+<1Z zzen>nuHLtP79t*`63?)#`YV_*z9!qe&} zKNUmT7LKijNI6Q=F)xcW^Cmmj6d9P{Zb#Qdwd9Cd{67)M|MSrfAGkjKgl}k|E*qj4 z-7~bU?gAb^j2-k3uR8c$;lt?ZBou+!XejgfD_p4FU&v2tN1MJHKR-Vry(K7<@ZZzg zw*I~6-I}v%OV9c`cA^QvE5giQ`^yH&G5=bW*EaoZ_>b&z+ja2)1+zfH%@kI{K^uDHVjSBT_!+j~CymBf*x zLgz*a(VAl$uPU}PzcA-ZuKo%XD~`+VwOYE96wJf&dHQ9f0mtth7M&5yI{*1?1ul(w z&r}8Z`)kAzoI4U{hUtNaad2QOBgw@RuJ=9fz z`$n{RbZJivAcxLvhSFQteHI^p9~H5e$i+9P{E=E_19ChGDpujWxaOFHC*T=#;k_X9 zLg=KAo;dHvwEX?)@`xhI;Lm<3ck*Nl0WNi4BY|M+?!gQp<$8~ReIbi4>{9J$BiJFu znZJ!(F_ty8r_CNjfwZk#5mhN?kefKg+w0#zws~oEE5=hvp7CHk{}niDW3l?Kk8U8Z z#KuHqU1!We_*8XzvI6$jTbpi~uCz{w;nDme-~*&MJraAR0{$FUm2Cckwo0$y$``oA zBL~yY5Ttbfj0LJLigR;g1su13$6ZJ)ZB?U=#{Q01@K&+wS|5Ll1H#)cE2e!l$}j|+ zoL#&2_PA&f#8{DSwf)bN3Pwh!;8(dMbQY?miIUS%%88S2t3;bIw5px*T3HP15N;tQ zy0oEIIjcj<&H>@j!TZ3*Uf5C@-;foTs9euP>d@YOX%&-!a#Hxd~=#q3CjuJ7U--t zk0Rt@)s}?W&-1$@u;HHb^gtwv&b&h3W#EiKRB1iL&K!_fYi6mSN}Lfkm1AmZGbS^0 zQ+BxraEIE(+!2jdWE}dsSv^=i zcHQTn;~LXg-JOdlopim&&M67Gbzi=RE}hS>u0#>~*N_Al5Jr~RJO0zjjy{H@runGZ z?6SPsuLGH|*MYX)$%}9l_sj3B8Y>p)lXp?=eIB z_!y}XOS)5hla>~`1co9vHYlmlFiJXjU9DVtHVo2Rt^A$H0!QserH5odl@-stNWy}- zcn;XnhZ;4#9DC<&Xc?S`6A16@|o&Yu*eJkboDVD^qw4%LaN(f8u+Y zpW|^_lXAngzu*x(xJz_!;M0xat7SVK?XR`janKB$$X7}e?&@~FDCzG#y>5x4vNpKL zYDk;tRdKW)Ay(u7B&F^ncFz_LDK;AeywT#$uB$G-eS`DA*%57ZDF%*`$+^BOl{_T< zkrLqX_u0IjL`2d&M$y*o?h1>ErlOnnQ6RIs$i6OX%$7fSt!plMDs27>cyK@j$o0#Y zV>kidqh6Xn-U;2!j&}PB=F!x_)Gf?FY6I##`Jzz8ULS(?N-(1RgNaFKq;le@1W8X( zl4s07uA8Zntb5W-i{B%iQz8f-+F)M5c#8W!rHW_;laS8$mphDOn_0U?&~mTm_qAZ- zxF^!vCorFph;BGKxtlXi0HH{sPr+=lldZJm4b73?<^9XJErsl10Ncxci?@Xx4I@dv zDvomjzGh}!=#00ctz=9Z$}C3N+VCyro(F%Vw8lJNep5|s49k*=zdNq~<5H2VNL+>y zznEOa%e-}%Tu$hngO2h^)VGDzSMKDO6SAi#sMHag9Z;)CH$!qi5VLPIFTYma98;0S zVY2~Jm@SHC9F{({Rh?h^A#^({_iOjE1VY?9HqTBI%|UO#5jJ86!}NIowmTC$YLd?x z<;!_X07g}WuGcdfrl=Q|aaDiUj}oSDOTqS2cA2~a+50O^r;+LD{{=4yWcY`JuWf>4Hyd%+vzzWas0$d!2nJxLnV6Rw0 z^GY?*LY~MeC37UMfz^}!DIm@f23@~Iwpsb@;WVjm4!$^ccI?D3tN1|#8mzCw7<0ag z=kX(g>|?j0F`>*KXXcJa*4En^VC%~ zJecaU2(WLIN_a#WDggafWBJXYy^S9$3oTSr~C@O_Ee8_|EL!)e=YxN>K+Yj81( zuHq``xGb5$Dvn0WFIt40r_k*O-+w2W&W>rF6%(?B_Up!(OQl)b>Ok&`OH($lvzRoc z&8V73UMl)d2tr`CGDCAryV6On#&5fNU7Zp}(qwogWI{<8r2KKiqffIr7ak8X4uG4R zhRvOcvCcp<%5pKDV&o!9ltlC`9G;M$P+AYL6vlQHca=goVp3( zj1nzq-CoH{^6bS_Db(JL|4akE|AXk>l@7OloVIh%~%OCh~u^EVPNx!WXYun}HRhs1J!q* z;X`a&OyKXqCWU-(`NwJYTf;9xKISP`lSXKS!yBb~QR}It>*#bsvQl>pflG{u)tr?s zzY#Hl0lA=m*|jNb?YB_~sV5d+k6+wB(G_goc^DXk2A5cs_0d++Ai)Hole6ywc_TmV z-0>UqPm`_Y>Ef64|H)^kqb^n;nV1;pTTv_H6Aim?{O{Cj7>%}@0ef-!3qdt}EyOmk@Qbqs*c>LXnAux)^Ex1$a#6=U{z=s8&&H-WS!tRIu z6oOll&_}KEPE4(8ioh0Px4#b%5&1qkMN|uQ{kKbMx}+Tk6TwvEkFO<&^~&7IqcL6O z37Obt)33TbZgYy|25S`f5kl=;__cSN3)_E*(r}PXWen7XNHSpGC#C@EDPiU~X@ZRD zLh~-xZWEVrqt(EMh3f?>ku7uM+0NtEc8Pwc)LHRu>z7^bqP_O!(yn1Z3QLj*@-`|k;;lY zY@@vXKrTxs3nV_mt@E|v2Kf}P`IC+R&TCF`Wf}3Bw{jkXQn-D{!m<%#*D*cZh?@|1 z>Y-)M11e+O1x(;^@uDN`hxyZ8VTGjIVuCSQZm;z61hn4Gcqk{BM@vZ(XJ<0 zMEec(8`0g4l)l`oa+RU{h)(=zP!Q7AJo=^Mvp|GiiU^wq!C3}Y?CkLF`m1ABjQ-}) z`a)XV^!Yx_>#ssB@4Ov7khW$u(Ja9@Ihf>OVzPkwO(R;S&qHii2<|RV7<^~G#-4r2 z)G}aXLg6b|qbT->;(tAc030hbRd>)5*`nK2U%aBYf0(8ttYY%`O_F?~Tbx#5Vsjdo z$}oL4Ai@#u0>Zr-68>#PXy!EO4PrdS|DWd_U0IxMVt)6lA@6(EvU%CI|J%Lb8X-k< zIe;gL`b+PtcwoR?(URs$(cz>c4?#vq+8c)t_4+D<%qP#qvzGRDr$Dnm>2pAz( zBMxC&QD#sad&s9Q{lUWH!%sAkk-zcDY%%zbW!0wt zqBNp9nIJQZ{n|#!2o$9{uPapq3Kuw2=fIydF9so?Df*#^>1VjMegrRugw~`_+#RWj z2lD)vbA5XyE~P_RsDRR)j-X^Mloqp5^Q~%^iB800W?A2^Tu=DQ6O@!jR5_Z>QvH`Tt?uBUi>X=s4_HO+?;X!}iOKZ_|~YD+{&67BI( zAMXhmjFd|7`f)-Ren(}H`W|__$q1A(+{r8w+6xV>e*ruxkko~|?`wSMNj(@b%9XQ6 zNOu;wK?KD}v`RO!xjtN+^*g!nN3d9;m%MCbOix+*4z|u=;+L29RP6l^#$dR;2^%fV z<*_m)I!@PL=n#~nt8~@R&(_lK(aqC?e?}aLngFca?0$^H>x;l0`~<_BE2Wb80?`Mi z!spWjg#GN-j<%4MN1yXdyf##y5K5lb- z$w5oJEsTHTLVD>c>WSm;%y`E>VZ6!>I7pNSk`dJS{1sS2rMO?i;`RGRl5=^#hLgd< z!$|Vxg7dAeCMSf9He}P@=HBU;+!5^z=wi zxrm}9kj+@{`nzB4(bx+b#_0LC-OQD9UxcQ?5wK*$hECq7%@{k(8BFY^4*)V zn4jrwoy7HLErHSi{jUdw(LR9@&{-l&1TBI^qw} z#$k+Kon{iZ=_^Bi@Iknz{Pca0aHW;)@oa%*gtT_^*TR+n@bY8k`XBYk;UcB=e36py z@#3P(mH>1yB+StlE}vgqcDyifam{;{A@YG|O}Ep=6SK}HIG$0seD*e=qY)PZ?lB36 zC%|{EN{fp9q&^s#10|nLvwr5XkLX>M7ZLvY2<5Q)#_yPQ{NXTJZ!1eMxV+WK z3uG*?=iKHf?P~Dflfp|Q@?Mz%yK%X!)!yJ|b3EcuD$oOW>rIq3e^Pc&K(%S+7U93*^rctfb`?mk7e z@H6TXf^+tCdi$1TT!bNl+SSi@DSFKcD^YLy5ZSrce6FhZK5Nruus8DNHTp2S5e?VexO$)L zs$*?-4}EuW-V5UyGzqy3AIsP#MzqJN)y>Dk1g40pEIoxPBV_SAiN=UO_ z(2daRAxga0juMJ*T#(Z{yu(Hf>r7Q!b`vfE0x@4Rz>XeC*Prp&Z}!dg2r(?0#f~$Q z`Y9s5S*2CaPL-Sg@&#aG^a!={v>g=N+}*&x4j25S+U+lK`Fq>BgqB#p9vS zTCHt(q(`M!xOarpFF&6#mgO@43@*t7b!_lX@(DH@*VotoYOg`xxANN1J_S*7IOT4o zfD|o8!jiTjG%;jX(S8k#EiHa#$-LaSI|1Fa4O2p(L7)6mw4wMR?x^<&C1C zA4x!fJ>iXw$e{sBm$TjZBCb$1L$<`GDy(EZ5SHfRy|IrFz6nk$iaF_eY)Zc@iZ*eh z4rWPO7-;fF?6@CxQT*{&Tl{NDAsmoroUT#fx?4)xR4#)2(k;u^(bn`wb4kO8Bmuhf zT`T2UD@hUWC<=C&Y$!f$K$AnO02F!FN@+dxI>($zY++daQMcNO<)PBnopWMpWyqFP+Kg)-edYCx|Hgp% z^Lg4ojgF&yVj!MP(N#dBu*${nT7f7SIKrfer2T zaBOW9l`gSHam&R=wS?z4Zl@;C!{@Lxy>Qea0qeNPA>W=;#m=37_E^H+02Ur=xurL& ziXGa^xi04h8Yx3;t_aDbMp|zn6moW2B-+<^#QB%AV)Khg%yZ6Zr<15c=imk^x1XjU zs|b+%eko;5#j|9bT(nI?AX-ENy&7`9-4GiJW?=;`KssJ;#JsO!HmPBfWZRrK=1Zjd z=fc5=EPjTu^6`nTA39#3T1U#$4b+y&`1JD6ADr5+0olF*VxBbuoPI~tu|^p{AHYA} z`~9wAKZ)S#%zu0vB4qCJ_~g*|-^?InCT(9KKh-VmuV8X_2gX_KY^v&}%UGYgO}{{P z%h{jkRA(`iosWik2Q)|dCsFCQ`!&=k>7XXLwY!HHL<_pC{*D}Pq;dPd-xE>}_rCz| z9A@i#zl5*G%^Ue*dOdC8sG%a>+NiELDc-l6EZ1=(D`kRv0~54GZdHp=3wG6SwFgVX9&jGn9x1dp#$3+L%8z8+5`nS5_5)w$8g;`}KI;_txv~pJ$AH&R%ElwKdmVbK_mt^IP{buxH`p1)sW>?eVcy-|i}Btkpw# zyYH%aWG}$t#f8lfI^jHm{094192(je1RPQo(4f)x3EZK9R_Lv3MvjleqARmJ8jnN= zXQtJW{Zw7Na;WpABNrb}sa?vftbY4qGKl-zaCEdxUQv{8NAUAXzwz;%vpp!AlYyq> zL*is!sGI6Kg|bdxV)RlxXG;6XU#*PBscz!Z7GUOI%M~;gqW#ix4XDykZPDzdR+f7Q zCILy~cb7I_rzg$*f3hsH<>ZtA$RkfWA;Z$9QdddGqwT&PjGvY7M!%1#IGBCYuRa`W z8=H!xg4hOO{{c(NI-m0`A6etBII6(Q(n#u=oXtXYa$s>8`6a=7nt=5gXPDYT0OcNZ zkSVyf%H*+jxv!_kO$*Qvy=8%mq4Y{}6O{C4n2jq1 z!4SzRL9RqV7GlZoA*Vvk240|Yh?S{cpd=dB>1T&iK?OR$(vMKT8?Jc=TTcMBpphh{ z2A8|1GHb2@b|n4)g?N^5lPqT9LT+;vzek<~>oVsu@%j+zV1@PY_^vZzD;vhfPYZ4g z@<_mrWk2m`!w2W*SkRC!8%C+3Q3^APD$t2TcU-Q?iM)WB+Ugi zX2POjqLz0kKr{7PS69jZ=0?*<4G})?aZ<8Wrp`H+EIJq;0M9j}80T*U`CRpRwbziH zbCZ9(KGx+mxkQnr#_>1zbM=%GjAy|_{5(+0W~8Njsz!8(LIg__ZlD$%;wZ{OLVmr1 zhLXV)B%4^!nRfo!3jX+&^~{-CnrBzkyG_vXK;C#y_cT18z7CLW#$V77VpMtznCo(u zXVF(VAWHE~IVzW5s7WRU0aO@2r{U*`x8l)m*5LcELWIJ=b(7KKI}@br9^u#L{((hw zwlI8Z45)b~ve~!Z8zQ?EK;}zG4g+l+Zbrl+z9=Je=TI z-SHJexZbwN6^8%Pd@yL0&$E4dy!hy=65aA$n_e70ZB2VnAKw&!?{4~f6Y)3BP{^l> zP`3oBit;*5CV?ig`OZ)jP7W3j-%a#(Cc1@z=Ey8-P^%i z0;35zdW#XlS?-spnkyoo*RE)L?51DBPFz7?!~dwpvy|{9alrVWLE0*I5YL~&O5W=W z0L-EnQ|p{XH(BOZnPqpuaHOA)ks%T!A48r_5YtQvss z|DZGEVF6QPoXeE(hvE0cmgd(OG%QeE5RgI?J85n_dqt_90S0WPL)va8Z}w(I)q&Y{ zk=wc^WBcDZR6KU}w3xx1y?ME~j;_ZXXkeb3T(du79RBUAr4y zGp+v2ilKrA^rO08nqBp}4_%J}A1v$FD725)iuPpZ?i(f78f?~BtY&}On7G&s4X!Qw zthn2RMhZYrJM)8DcIz1q$pK#Z-gz4hvur2-02~N5_FA!43Sc3kmZ&AmOcRKh`t(6% zd|g(E)qjHyiL&qLI*aLR#NaM=@;NwYPS5fC2nzD2r-d*f8Yy22R4NEjUyA+? z&0l`Wj(oCrV&J0Q)2n+SOfF6Lz@z8}Px*qT_m3}r1Nqm75FawyZ`&HN%3-T=IIS;( zm}|yD|0w7?CMXaiQjhS^Cp18a_oFnYR8%GkT->xHBWFqeT9zv#(7zxY@Jd_4FgCP_ z{}~cqGdrVa%9W$a@!;g@efmi3o16m#dr+dA$A) z<$a(-prD`_P4SGDKp3F@4=;S#_4Nf=hNRx>9@KzpC-{pA|Kd1Wm*8hn{(^S6HEY{$ zy0HHjtNIj0+2UwgSJSqKYXlLta=y{(a^gK!e;*{l-zMo;bsK&Er^o-hfBqM1fal1_ z8{fREWQ&w{L^@#aRq3>}93|lAdVL3}vh*@M7YQ7GHTBHT2QkG5)?rk^!>7L=Z>qbl z0oH%9VWTjiJ$$^8w<|&+_bO53@q=d31a(tX&9mU%7Eqhp2_;f2iR3_(wUy^1mx{O-&xCAYY;#an^4 zF1Aexydp-V-{XLP(EPl5hlx74^ge9L;NORyZ+W86Q4qxKQCorCu+F6Mi+bG;Uk7 z?K@;UbtAHl?vQ(2E&A|b_;ecm%W#fNcay;(xcvH%joMY_?O;2QaB^VPj36f<*0vJL z)056<+`MP7DN6tL+F&1hZD!3G0&{)=I^?zgAEUTg23*8|>FmTG*tdGzOim6812PFD z?rYqb-dKk3c}8i9fYCqu`lq2lk})x&JLGF zHLsQvpW%%c?{$oOdYV7v`ru(~4hrm^_#*C=XuBa=`ct{eRqm~qBqlB`;9lB)=eQ_P zklsK4>XsfY=9&874J(6jbSzoKPfS19a-Hg7nGA zo`P@6N<@K>vqyX)-v*x1;|zu;Q=;?s)>tyD8VQx!h@dltksXG=nb%gC(3E}^Z#qRS zESk+T>N~S6m1S;Avp~Nu0*S;OAMl40vl9<8tgcB<;#S0J9&J1D66(P@dePRxmL>QH z79^?fQ{=())^x;p23ovbvy61QP2XQ8K3x$qoIh+rG3Gz6XXy zG|#QXF{-?oIV=T*+>}Fk-`ygec_*zzW=qNcHr$3fCtu5BFSlk`5JlYEj`8P@(*Jkic>f z;@Zv>%yPlkC<7*(y$p$G9QF-ADC`$ zVZUHU^|0B&lJk-5FWTWAtI}OZJZqdKrNnH7u{&-5(7BvMxi)jIK!MPsbABK6hCmpO zDvVad!h^k9jiq35jEZbT(sE-aXf_5R&_&kklA}jK3)WA$b1q4oetscMRd40I%iVTB z3(&Ucce*^g2p!%>FK|O?4OL_pZ_cbnf(f^Mv>{NwA}2XQ z&~usjvHrL+5H|Wvh<&Ro$;ct+EXFet)o<-0%rYP=m~Q{Cn8y=$Cj*_=x%iK4u^WTwV;e1ThFgBFDpx_w`u* z`LG4fX`t>^x2HNwgBY0xYbb&e9K)Tt{Qf)iQYRCnBP1d)v`PGpN};}4+qhge{ce6n%A@!9QpB*bQ z_;GiG?)b^O4R5Lq9t`!sU}d!MX_JP1d9;MtnqI!;F3->}!atP5=$tq7F`R1<2p#b$ z%K^tb1a#58lCb?}6aM$L)Yrn#hm418TccJas8tS!OPmSuz@;Y^0JX-R*+2Lm$f2>~ zWALgk;t5swhdchjy5MVr9Lan(m8hg6oVf^kWD#6I_dTGE;6n zC+;^oYEWrK|KXHezmg(+ZB5;N3NeF;3Lx1K_za5Q%19@)Q}L1H%cM14f)E~hK#9bT ziAnSqQLGBypA8Xk$@PMeiS>9w#X|;iQdB>OAPl**ld*pXhX`PC+&RW}c4D9nFT z4@2e@bPpht$wv2Qm^nnp9tOP-DHi*cPei2Ap9VA%h%q7h4NUBFEQj-3G4##6wdyC4 z$^`PumY7p`{;`#o63rm}IXQ?xt#gHP-zznBtk6ti`7^_lr{0u@nFKzBy<}&3#gDB{ z6Ml_taDAjmzGr0&Z*G^gCZsA|atY=Q9C3%tB$q5TkoYsSgl`EHG zuIW+Yuu=gXm{=~F%EM{iGfe5AXg z#l%>M1uu_~caot6;7|?7hhQD9yJ1I zut4;xOz=>gOzdC9keBaAvijqdYIb8T`@sprLDi0ih0VZuW?B2R?oN=zzw7{yFFzhn)21 z4pX0K4ezq}-yTC>h>Sp|v+%P}L3LB6lUzYB&qw>RNCzG|vF5Z`6zfF7SHVy;5#ZDK z8q!x|QaAOc+)_$bhEW*3cO2H)mI!;mSeJh_f%s1PP#LSvu@5c3dq zQCxHxqGYwQ!j=Z{?O#?4Bwn(tdyJ91U1l=Zx~Q_?e?aH^d6<_u6RC0aFwjHR7Y|K$ zMf1M3!YOFa3CzTs6io^U7aX5q!vSnB{(ryJoE!G{8%8h+8w!d?iu z2SaS^<*fxqK!x_>`0nVdx4RKow^3s_(@K*S4_?)y3B~LRi;@{{4AZga&6#r>vS1$% zgzOQCYz9@;(OM242aWJJ?!}fz6DFf5co=)^D?v=>%HJ_s<+ z&F@V{sQlS*e`na>IeKse`xv7)o|^3EZVGrr3&soe@1C9{Ud<$tFh>3{Q6qmnwwM+B z@oaFt`s{MnW3-;fycZCfA>{Bbd}@N`k4*MjIxVD#L6BRk-s;3i(83E*ZUR9fG!r0a zNGWylGR?hen{z5I?nv(Bp(9!plS`$l(1qcttXJ1u1FoG_3w^Ul+&cnlR*iy($et5i z@lD7^?0|$U3_w_Zkj0Eu4=$dV4zI|x+!V*0@9x)v-9cd8YL9cF70cnoyUgkEy_JB+ zudn9n;&o^|kRoVtQQKrG=^GX^7z^-{^8GUOz+gTNuoXN&9jgw&4*^oX;9FP;C)VPj zV~<6C9>1$`K=4L}`zNIa!H_n6Y#89gnyc^{6DySyQX=NnfV3Uj8zuBKlqQ03xTb_P z5jlEhS_Bv818MI! zuQ3&CtZ+Ikh>Y@=r*UK>pE*G?J-MnbS(K8_1RdEch9 z{ucT{Ue$yjspn=hT~eJekELlPYu>Ivi?+3?1KvqJfS?|8cTrTKd8Qss<=E_L?n2Pz zGYxrMmn(E{TMO~evYPBAry-|9qhk**pFVuBCz`RUR*&OU(_cUX->>2VG6*Ds(5@nI zuA@_^oy1K&rVV-iJaBngnCf4n_1vu)Xnx=ykI~}z_Gwder0a5+A-cyz*+GfAVkPYf zWMd?=%TGWtW7741_wIzQlSFOEGNg>cF*xbH}Si`5oqHE7QTeGmih_dgb#VO z67Z`NMq{8aT(Z5eMB=)QrlfeT8Sr3}`7eni78H-$(NN-kv!{qWbZ5`RiPmh60ML|e zV^_TGcsBE=!v26A_$JT3pN5c*M1Ev=I=H zQ%7B&>WB0_FZLaQAWRK3O;%OLwg97~QatFtxe^kQy22u<1;pF`MBvmrXwxAR_y-o_ zTkh|}2irrekb<=jTRM)QP+z3q*@M5MCVr_$-sddr9}7E|y%gZJx%mqY@zJSmdy2gA z>k59k4i}Q*^Uo0&z){U?tjz zsy~pcTUHuT$DTdy=(lKzpeN@K$5mpF_VSp0-_Bv}z^Kz&mKnl1p@eS>YKFHz#A7xV z!fWZXZKqOv`grUSr0d|0nD9A{wkox)1O{Fa9;zS3V^~lbfSpn+y z3~9~)5zTy*z&@e&6Be`i4A_8_B|J z5N>XdBUz+}Bo-Zmd+@$b!G@eeIhFup))GkWV_k8rdg*(0L`1J}D~QJp93 z{DU~=QG-o}Y+d;JBmfn_s4(H1c8%uf2(p_QIkFa1#VI{9`2vH1Ur1NQUEV=k@|BRe z1Cx?DrmH&WmaCD)T}@z6t*=zv12FXT$^z~Y$-j5ScwQ_8t5>D@D25((IBEY3-nzV*WN&YAOH;2pdxVZk9}cN8flvTF(U1$E z{ZW&5Hwzin54NHP;7u)*6q9)h9v#*SJfYIy7smWLVTdflww`pJf6s=MG0!D2t$mPo`o@52DGVnd>t_l^a>x7eies-}@iha-UvLI}2JKCapX|EN1QVJYS z^$kHJ#VJS<%Xo8Oa7uK}DXH!AnjD^yf&iOBpT$rJ$ozr6SS{V{M|6UO@$vfTjkr@k zS70II_TucSu^I6M z$W7($Yh{(k6w$pSDGfYk#n=<_pzwImpJABes~v>i>lwaa5cgE(=Asim0J^9wb(}MB z%32gr@`+)3OVMg&$ZU;p+pSsTapm~>oqfi)n{zY{0YKO!FlQB=wXwkQ433?hm!}YO z88^JPyl%?+EsBElvBAhDu7JcuXhO2Ri5HD92|j0H13XCrMza+r#F%2)13|-va2@n&a$3?ku(@F*d)nORyl%JJ~q;*yJAR>R| zD|S<(x0ySJwSM{X=T1^YP zvzL?>j!r|uk2*Swajm;%?3#f6FtMqD;fkQCEPqZIGI25{66dL(?M}@EIF0A?YMPf6 zFY)^fQst*HYKuOKG^mVnUT+rHzP*`7pi8{IAaEJ?35gink@AhuRx9GyW|}Y`>RF!KndZaoIWCY%k-H5>kWC z1X@1nM=vT4>jLh7v|c_aMO=fQ*WD-523zTF8d>Vb7K$a1F_bg z@62C*uzNn}?&l%zr>vJO_9L)Q^xS;G=x1%=5DU!apSa}s`knl&64rzRiej7laZ0GH z9A!XUZs*+!f@8+qe}X)w0M-+kJydx{1kfwoPAxre4I$>Tk%Io1(*0byQ_$^{9aHd50 zwxZ0iYZ%k5cr~=5NRcO&SzYsjAWK)s;7a=Xj^b#z<|i@2_ZY#RNV+cV2BF}ZG@95Y z&H>WjnQ35eujwT*l<(k|yOfolCDh$C6|!t`%>tDZn#HM*kD?0n$kFR0@6s}~av$x4 z!7(})W_SZ;Qrz1VM8zH>WN3(1xI(IKk7lG3qo%Ben$QUQ6a>|;oX9>GLwGe z@Rk&aD)}6DD8aLLGM1AS;=~JiKnEu=i3Sk2&=BQV@zpPoFKr5LB*`b*^1OagUJa?i z3-z)p9FDDkS2$e#y89e|+HYW3xnnk@rDTQj!6ck0aDCLm11o;2hGEmI-GNHnY>NMS;K{wWJt2JvncCkAOU)eU^z^nShKwbn!q z#p%Iq^T-Ie$jkdf82iC}NUy6;I1jt}C!xU|=HAf(Bqcp9g4?FR8G8r&p58wAYKy&K zdlJG68km3*TU!|whF`4Ydz4RZWqPI}d?Qmwa$ca(oVrlz#;v2+OGfO=f3kx~Y{71?-gZ=3*4`&nM+aqblE&|6SB$bF;JK}q_7&0R_fDwLUaZde!HJXu4!&)mMGic-O z65k)AMTIW2b&N0Ui7X~QeuaW}61XhSS$e>l+AO{b0V;<;~(qG3@Rqvl5sc&W`prA3Kk(A#OC)gR5$3C^B z2`5K%KFsK$<(P$HYRbqQar76)6+eTWxhp4h4f#M7|H7i;GqzN5aD1l-FF~HM@40 zFrU}jf?y!dx;`R7NJL2MNzQEG^QUVBm1-Vi~e%~r@m$A5kHVfX8H#+Vq2af@>GUc(!wuB zM;YxIR}1C^qKaT?cCA#~NW3QKTs%Zkt&1z7R(j9}j`IVHR)L>L==P~>PG<>v z_S>T{&+}T-^=%{u77M-Zuh08H-K8l{%uizZ+lTh2vj_IaFI8F%2X|LoZh9cp2?Zuq zR=X%12=0{R1~5Z< zs00Mrt#B3hs0=4sg6q(xI)~6zm3B-*kwD`QcY?RHeSYU^jy~ail_>@~1-7Lb!H(pv z&8>*L!x=xSu;k_aLYUb1z*?t2`N9kOmU*nbSCQ@s9xUJ8+!FLO)9G>W9;$wjFrQP< zfz(0YfHe8T52~w{psRxpz4l^1BDME4K&w;`sD+NnAlWOFi2*k8EWxc4x#udh*}p=e z)<#TA19)7=2JL9U6@QS=0XJSzcs~d?H{@_opWGqJ^L+OJ(4XjgF#T;{ID(6uCehV~ z?%M&%Z3Qw(AmkGl6gP5%+NXy*sod>5obn-C8(koHQZiKjs97HAE-LSo|`wfB8Fpt1oh{R?436IyAX0}(DH>a zg42FhKtB_wF^)Wojy5q9dxyU`zqOd>A#j+-Seq)7rTKcs{d#yEnXGkGLaKDjdYXWU zGuu#{`D${L$8yvv-9ZtH=ZfP(BP#?CP(Iy!sm;@ni$h)n1FINko0qM~KJIB4Ncs<4 z=YgBQe=am(xb~K{{pDD{J&F6l){j|?Hn(>QQHYE>vMD-)T$Pf8Lu~I)hb{9l5>k%s z5?}lKrInM_UTE5c4ZYXXl@M3(xf(pHUiE&0X$*%f5bD`gCeA|HdCawneAB z6nJsQ@TA@DeC3mPa|)hYC&-V~MG&ke0guCHaa;Es9LF`M?MU{Aol1%@$@_GFEH4f$ zi}>|zA;YudbAD1d5T@~PDq#`9KwslHwu~nr9N*g$^d`+^u~t|vW}5?swN4l8R%rez z#=g&St)gnrcFQd_iAium9bJMV3a(R^ZU{{p0fUF{#G{Nf!d1Y{$1XQ~P2gV?K z&^{M|+peEIajaCXaz-W`+`Y4r>Hrxb2D3NjMXNhGL6}|77fzZA<$$`be4L5jflroe z#OR-r&!2j$mUel2iNYfaxret~Ym zh!D)XheO_q+DfpQ#bP||h5-+N?k*356Y9IcSdYxvNV%}>`Lz1malOYz+DfyP0yg|F zuLQ3L*sLwB03`cKDTttoRy-tz=pJntL}a92#D9oKn{)jK2{W}+wXz$Fe@SMUHsYhW>Yq>3B~Cx zPm&!TgjNqR$xaDvJEWPGwu@p|e+6M%35~SM=Y-dkfVAb8WRBd`+ZuYIJiJPLC%N+f zclcRmyABySyx)L{KE_qw!{MH20paLe)C5a%8lLbR1A(K_mVNX28-fky=r)4*kU$C5!6d5VqW>=!(6ex2c zXJTe$bOKS}CXwd7!oq_OlBDg_=5>TQk-` z%C~mwY{4cY9bInWaL>J}M~w@5ISjYiS;TURjn9E0_f&3QnLz8brEY#tN7~-vZ^8Ip z4J{OLiuF#nefrr4&6}U@ePeccan9N1+~njyT-@;GkK4KZTQbW993UeHp3L)&%tXW` zOIkwYb>R!AS)17Tdm@74vgR%J5*DV`HZ$&L}ZsI z#vi^#AFWYvoV{k-@PRxWlxFhDpsW*zw{uclZ^!Blvu_J*D8ZyQ9gc{>y6tMVh{2_N z{!@PoT$X41kkODmY4mjK%n=vfc{*diz194T!UD8e*uGI=G*_Aqg>XcLR1A4)|5X2t zOXWdYGrR?YE9E~$WzkzZs!)1kG<>1LDR^=q8)(p|JeC74PP3|~_)6q>4OmCD7GAkv zvEciR*nF;Rm~8SQ`6E0EoTH&wqw==G>6 zVuA>DgTcXaE~V&-sj$@2yT~UZh9xwlv}<^!MTYab_SXvatmRH=ylxU6@5) zbiIMQ!*dS6Q;Wf!?{*6F3&EISJdQ~4gZ?9KQvOukS!a+1@z!;v z@;RZduP@-+n_lmp51Bi#DQQYvoF2cB!Oq?yhIcjGPh0Zt0dZ)eGVEaN8J+wpFw6D? z0@*E2eoV_tL!`k;9hZoA%s_gobNF>=ZJ!D`lDBdzsIL0f{;sS3KtjJD{@jMB5rTX@ zAF(>uj%hXDkqdM))K)p7;t5hBvk_R3uA9mptrt)asnI=UMn5lW4wd4$b@@z-h= z0xTngWJ*>bX1b(u`}6sAUKRA0zkOIFJj=|ji+2Z9m$@QKCMAc)E-yJRuTPScmQ!rR z9?9awNbI>!q{FVBH~U4w+@4~E5ziQoO#w`E!J_A$elSbyb&lE^Vs1?-}8Z7hKpit@1` zcd3aT81{L+nJiITj+qOT#?UeLSZPv8)&B|<;vNCA3Jg#^Uhul~JbRo%W2{>P;$Dv_ zO_mC)f=jXcioV_0%b~>Xn06}%SD+QwnC*GBKZD@-vc-b;*NQ14l}JdDLQ^YjUKM{W zCUWdP$g7?4s~%<@8P#65&?OmcC3A*kr?tn9VXh6> zgL8^~<`YxgBpjurSR>d1-I1k`up@?3Y(HV5G}l~3$A)PchwM#MhiQQtw)m*uEtxoM zp^c6Utk@)xiEn@+tI-4BwAS4+MFt#HWmX0pS!IJAy>*z1@T_uB{;S-!Qk*1@OsmiV z3;?5wfPUI6A;GuUZQdcrNGxg%Yv(#KSK`iz>{zW;He+nZo<@u{OIX`=k`qvb=sRWfH!5J}7tcA2o2BBUJ~?a9VGJ6VV{K$JAj!EA zo+!~Tg}Zfd+ZkE9BdU__8J!$%BIMA{TJ?+5aBxBBSY!-!{z<&4()WF*2H?=ATk zhucY=?$|}z7DwZ^A2^UzWTGD1nG(qMyNzm z6&gU^vp~_KpoB0UZL@2EyB*o5>|aZCPDe+a!X(g9DVrQo6gMt#8Te8LgP!9EeF4>Y z$jzBDz}L1(e#f&GdI!ywsD0NCcp&cKw5ruw24ik0S3HM-T7?4jN5&QEL7x=1S5UR# zHK7NvL_y1CMLAkv?TOb*!p&%fcU;;Gai`1aH`(53G^Mra6@2k2&Nbr_r z-GFBzceek^E9}6k%#>*INpl!Sh@# zz;}Wl;g{9$BF%&o-8j-DoWJHFD^f+f2n!m|msbKOALO7LD~jnY?+4sRoIl%tn+X{h zEv)VWzzjYaemIL-ZegyO9|D_6-dRkxgUcndi6I7$_V5pbtd115L~=c2p1qPZ!>cPg z;+QsbQ0L)>@OJUSPr}LAQPl|WYbR+}6X%3hdWw0OeVLy1Nh+hsuvF;YO^dj1qTESZ zA-gw(qE!Fm_-#BTxXn5%(BuG?0bJ~CRmo>}msq-8zM?ZPH;^pUbnEIy*ujp(i*qc} z96R$~xjb_Nne~xvUF4EP@J>gMjGpzQAJNQp>7zZDIt(BEBsNq zZ7MZeOh{=vHo z(&mV%5O+r-iwZ&Ct-}TG&eI0L+pYRg0Kh9Fk2_d+J;U)3*qp#Ry7b?PdjHJO=w6T% zaJWSnvm&8scP`M3;&Npvnvfj$$}j0#{Ha(~h#vTpWv?P922?YXzzdRf9fOW)^%_TK zRWWEo6n%%S0G_#sxy2nxyM z!Y`wHlP%>$Li$Z~MoGj&wj3feAM}j|(R%0s?Kg)OKe{9m2eHwG)_N@$%Hza?PhEau z-f^13cUI`u^Efb}@eWYj${;exk`Mz`Hl07uPG>pZ7;!|F4xV}Gm57(LS&Qh*5Y-#`VQ}X(eJjnSmnR_%C(1X9KYvwF zG9*9=SB6xqe_E9PWP>}xJWUFT5_XS7H%N*UOkBpC3=c=BXYWZV1-gq|Z%U2GBUSYL z88shY!+A2%gwk3Ez0Ukhfj{^CId8S*%f7iB+>|zqvBwU@@CKw`40^~pmQUYh%I>{!?~ml2#^c+gZM6K^D=*8Ey0ZgK{}R zR8ioe1^qyi`6n;cs!WMRj=Po~uVvm>@t$8cm3p(fqD*heZ1c*hthC1MScY? z0x3(PiaU-PkOOIw=d_-twVE}iz1#>t(H!KDy6Q|X!=f}KmQT8i3FGG~VGOej&kQ`I ztG}vu&)YU;`0>NfIcqIqsR^Cr9hP@hOvsgZCbs$gg9ChyS&W-kv;oVMifLV75)LU5 zM;l}1=}^~sckf1S9?>e~j+2^W?!ETnLu5SE$$zNXi)$FLUAEA>wuM&3`@H=2ap>ag zOzgCj<;h($W1=PDu#9!lcOG3tM6T{0>X|bxQcXlg_rv$_0yZ!^;Nc<-bDr&f+NAW# zT0q0uS`%EJ4u=p&bhX%~7wIE0)KCR|Sb*?>gt`OEg>v_GOFI;A_x=jMU{#b=c9`|P zmnkEZGXAUN<`A4dNEC7-y53e+-_uwdrMv{B=MFkvAkkA$fZjl5Y09}!_Jv6u26+Lj zB%*sJ;s+nD>C2jYdVJ)kE_kT3nJ(J{A}4{RgSSZGE(6k3PaTzW8gpFG$)$*`7yijw zCE6$&%%xalq3hG(=}Jx{iyt|E1)KG5o%;$C)0J z8d`Z_e!NIhkGerlVjEN9HeO-qiijmo65L40lVxk=5=|Ij&7M4pgmmp#W|!E6y;y!G z>{FQ1Q1>&^M7_Cs!F{q% zNvq&d%tr3G+q!e|NrroG{o1L=^a28LxoAR6%cy#L8up%m&LDCz^8!Q7c@w(Yw)^^s zs=mGu8~fKWsQisO!P{SO;cTJdfPr0Y;E0t7!@QEL1i!L-CnMYvvTVO7s1E$5jjH%h zHXcMz6)@{%(J;wBWU@hCaP-BE23@9+1CpG@MknhE?m_S@^%)ox4c7u4P+MT4cUX&y z-uSqZDIkOqe0|z8GJs(Hq4WcZv;`}YQz-NCI33N});rRAIKE)$6*OQ^G%}SL}AR42}?yO34 z4`B4fDm0(&D32FTC6q8{M_xcbEX4q_u^mM*B&73OX`t$_S7sowOGCz1u%C&Cddk{N z3>My?$FVyu=MLk0w0(Ov<%|e4{Fg!exOPUTjH|L=OCp?lwl zUFthuC+M;sfmi;8fn%Z;Vl1^$*qnE6lKx;m6W(+8t~NL1qB7KibKbD;P9_G3MA}=MQHZdp$e<9)G;!Q_ccLyKl)YfV58nI?lpJ4&kK>Yq@!d-|yJHn;EZ4cE zt`s0_XfoQv%pog6uZ8xn9Q8r^htxolKU9?ull3osWh`aJ1|O6VzTL-@?G5)MaU*7> z?1fW}BBRr6gp~T!Zua5(dgX5piA}{81LWSt&Nfu^*+0G`57|0tgbv4^qlQ3G^M%|N zKLV6U5xwKWNw^G+_$YU`t%wkN3^_~4txCqG2>W(s7a4R1{*rZ~MhYUStbSB~SLrZp z`|SuiQY=uQ1DayCrxK+BC{9SuN=3^N$tylby;}1nm-)NAsV?CrL6#6m8 zy-79y>4~vDVI{1J`s66Qb!~cP(RY*$4pIcuL7~7&nABJ};zW(l7(Ro>M$mYu}O^j8paF$J(^ZLFxh(S!$4QL0^N}quCh|qBa^CYO{-*lC2n?C0!%cSE}ADMP?kb zB6=_~HJY819T==~7-QF#VJa&zv)2K-{LLhaGGRd+tb{y${IkGR^UvGw;y!FW!Dz~8 zhRtHa>A0f}O{|&2hN$FX_lCz%CZpbu%1V27JdLS}M?*3b3W-eb#VsmIXz2St-hQI9 z#Tg38tq>bw$9}G>S!!W(q6qtdJbCFrX1@-JyxgIHn>-r8DEdAMxbbl*`%Df7n8Q|v zITNJg4@u7wB&$sHT-Tp`C-Ry?gX#Gz%MIt~##wj092X#Y3a7r7!lsuvT?A#5pE#+> zsGuzE-HUWuII)Q;A@16^>E%%^7Ut#Ial@nck+bEQmgR`0*vCSFJL`SvE^}(P<9C6l z3LG--H=hXe!|9Ji=c{jQnbrbcuLB+@+O%R23#YaL$%0V?FEXXPw=2scT#qWlUrW0u z&nav5)exNySl95e4c$ot29ydsVn_j|*{1mQk4w4Dd8k9*G4=L_#IJX1VG|neWRMr= z=i&2kC3I_$K=g4X=niZ>OA7gvWpk14G`Odsq>EuVRq&BRU-e1Fg}xe>M7A@dCnf6t z@ijz$0s^uzG^UxQ(rotYTRVG0#0;@oUrHdqaBf9b-f75cnD_FITAajEo_V%KZL(B4xn`z^^nGzv zO#3ltH%w71xVmW=4{Tm$9Y19Lx76O0?gcS{2J2_VIGVT}^+>Rjwt$kpv1KYcU0UYt z(kRp|gLbIR*%zTl#HSV_K8Dnl>vL3uF?OaX zDh^SaCpWv;(O(3d6(U6S6$L3crB&+dTO*W&=}Ez>67zge_|!1fu_UwFpHr*i+9!X= zVE79d{V!&BgNs3jSZlPbLx#eOo1^P~W>N||bPMpixs_m7l;T5e zy+cP-_S#~K%h+MJTePn!b+oh^!VK-el|2Z z01=u%e?^c+DMYA~bNS#FZ5wckPgE3#3}f3nuvbFDGvm}7h)Oq(X`#>(BYnSTrX%Ovps+_QxVPCD?-J1=F#r0guU zXic_3LgOnsLtBk>CMWu%P~E339ekv%*SWG&Fy80dOnE1%E)MWM&*?eObXGF~40njb zfO0ocs2nL4^=kdtQX+-H&z3OL%h71Js6ooj~qgomz>wexn7ciGik9go^?6N!138M_7=1m-dW98+H-Jzus&uYA5@J^rs|4Oh4^o*ZnNGN0B@;>`lMF_QMnoIuP}i zx-5{Ab|LeUW+rlJjeot9DraMnzIyMC_0M;*eJ0)mqO7Qm%e}f3V81pwoqED( zozh*OM1{r6d@OMBh)F8F{!L7a)-+iJY>Fbf=NWWXly26Cv^4h`idK&dQF0 zN`^iuefHtre{~8RRi;Bib)(MThOd{1ZHK9N7d#8*x~YUTtX(zV2avB#Du^Zr+iynO ziMLye(A_t=oEd$ck6iePxWhyL1-HnkHvg8fFG+qxmMB?}awI-kMt2?`Kk2m7QJcS~tKpZMTngUsf!Om{-OgnE#kYln95 z;qw+M{jQz)Q;S8b>>?FTDnw33Ir!hsMY0R0POqDP?)-55ay?N-tH+$Z2>i_acI({H z(2RlEpSD7P7@mU_9)eKF!bk@$vuV`=Qm#1eT(A<6N<%H3jorS5zy)M)Mb8a2PJQW0 z7Mv#@`0~NaQG&d>O*1YN(N{6AND++67vovAm;Wm|@|4XaccgE#XmHuB4X%1VCV>S$ zOAfI)jMz>SGj@NOh62WmRJ_uE&OxKSO|{vY{m2@OojmIN)SbPwiHs;6I8-BRS@>ui+Wf1Y@hpQjR{nM7)) z7uK*R-)xUKZ8zSN1WhwP`ut5HfS_fx#!T z@dUvZKCJ}pO)s;&X&qT&yx)$;CJTzhWza~;TE#WGG3^=yd!YuD;zL;b8k|KPZWdQH z)~x-Iocs`-sOTl3LyIwmDhp+$KGMtWP}DzVuY#8Ue7VkoF*B@5`)tKFxunLGU#Dd- z7eQ2yruVKV9qk|%UX4~7};9ua#h2QC{`2nUz2_j9jg*>wyOx$TbtL@bPdo7dRLjfsH zk2U#o6az`RR-?d|VsCp`=DJwA=fms9x#Qj=Wh0%DBg@M%FT5)ho?B-?`=+gU!j0A_b<1_I^H6UH?hWogJ8=NL2#N2C)w=hZ z6+aP=f9N^d9q#(}KCAyG92*kT;h)N`4`*-d0A{jwHb;v+Dd63nnallG-3At?OQWjJ z7dQSK*!e3@!tOsT2v=sVD~OkY&QAsA#67l+5b+Gw;tKal{2z}#Pk^Q93MMHaq?FMh zdgV<&Bw+{PnWOiu;p>}**To7tc4K4grPxJk+D-cueAqLI8WT1-9eo5DuO0b>A#huc)VDgzpWLL|uo5>HKK#gOG@-%)JE&w?jC9cBjzT5h# zL`GIg(sGxnklvPDqVz)G;}Ar-JHrt7BK%4?+l$xy?PEvWROHu@?(~R!XAnPT<0=Q! zyCH!kF-rp^OnJyVK1;K`x#{25N8sIbLh>*Jbh6}6w(bFu75}YZN$)9!6#sHGQBNC; z2czOdph%IUf|FV!KbWLImEa&p{zKq{=)JKL<>lp0@ek#$`<5(;fC0S~a$e739P&;Q zDr2ytZk-3k?q*h!!>tWs@x&nT>gP+{Fe55`>hMmlVg92-;NmxEOMT{58s16q z#egnH(mxV>f;})W@by`z#L;$KGzGVCedlY3h7!RDfyv78-+F42Y;4MhYT_OZ^tmL^ zV)yUku8IW2Ric6q*y~M1AkCi2b_AW|rMNQ@;2nM+vvvS0pgPg#J#iA~+Ej-FCWna; zE;~Rm-c;mp%j7L7pUqIte7M!VESUQVFV0wjZ+zkV^8LHKx1!8Cbv(_F1l0g{Af#O` zb{M5g4uUQdugEdFcVUCBv{X$HQx^X&BmcYp_dVx3i&(B}p_ z4os8n6mErlCG^0SkkJ;)0KV3gRmGMQ6&rw-d0rIrDPZI-FV@v~5#mJ8E1v7N?B1YQ zSnCXsrS@LJU51>pykP5pbQkjU%Ss<;1ql&@fh5b>;mz5^25rElByP?p;TikOz_OZV zpgx9px+9S^9Gt~=(qterC7O5>75p)<^Qm7llHg*=cxG0UA@{^wAH8p5f-!|gS}2-Z zh(@fy6ouirC$B?p`tEsG67dK;#Wg#K{mI-t|iHrE*!R2 z=-B5^{P*Lwn&=mwT|J=PxBfTlgo!SF3H z(r*(R3EL8itE&#;>Vke?1}X7dgBN$PVmnafaE*W6*_Ul6{DuWg7W=KM?SU%g+za6s7vbEEXs8?*hEga(b-3jyVy$co@_s`0Tkl1>P1FlAVucVTX z7fj5@9)zH;NxknGMMnk(t>1(`?27;8cF-KYRc{?|9 z=+Eewk;N->jxT%Gj@H>k2_}y?8#Z9|>8(z*zIWT;>k>=fQNmEWz{BP(Wd;l}eOcN?K1p@ma;^T3G?7f|7?X*RPk~Q@Qq@YM$dv&V5WkQ8RzAC| z2-=qVEjST|Y^<+_AREHsV}%6IV*PEjj)V;O}N7Ku3UiPV2<}# zJW(2r#?+~$1wcwOjfplo5_TUV1?WO={Y`3-SpCm86?rE=4AiqtfReW5oC%S0jL|8*@SFGk?U(U1H><73i3&EOZ9 zL2=`o28?x%UodkrHsutIgjvUJ?p(yfr7uwlb4)?{E(Ge6QGL5O0tcA!1wd6HQ#vW2 zB(>2(B9P&sApG}l?{nh&^%%=PBQ_2BQ*#K8lSUSj$iEwEXnW`L{i$&ej+jbrilGz4 z#W^D%N{xRVx}1+#iKhg?1e#6soZ|Y1bAHAp4h6K6QDqFZaG=uftxGR;<55TS4;KOU z-RUF5XmXPL7aGA)ze3-#iY3sKat9ktDC+|e7Yk^9;tb@c$t!Qsw@^mTpN^+sW`mon9366Dtm`duR^7az@aAhkj>t8aeYf7&W|t@@bH+X(*c z+dYcxqTC>%;a1#yu5|c=h$sq=8egV^_ZKkuGQCeJj19jqM$0cnyyNK!Qi52N1pEs- zw36qhB+>c^M&JlC)BXAEqp2fEC~0n@IbO@R>n5RiE55QMOL2Q-RUwBY!;#$eZbFZ= z>1#*7LbF?04te*HJHCto7$Wb*^NR?0r4V1m#8~|T6x+j2@mT~$>`7eDY95G?E<0EV4Se-3_E`Sp~-5B4r5vtgC z=fHM{UOk7RQ4Sc~Nt?bnw2v<2=1^Lc2J3jGpSFU94Oi3{vDi z1ym9lJNA<%UsJq{FDB+#`84H1H$-iKk2Gwn&@)S`!HMhOHUjYxj4%x+Q%HbNFEY@F zVCjSVqf7YYRh#W*GFR?}hkUqT)@?pU)dOSv!-;tPIfhb`ZwWboP_2x&jbXoPEHS1k8hxaK5+Qg4ZZr-pfdGFza4x1LsDY|UZMe?1AL;d7 z2&O!@f7&_DY(BrK9-j(f6d6PL&h&*OlrC2x4}xac=C!Z>IF1SP+!lsb2@aBqCtm* z6Ue5}&{YYGe5~w_;ITDub1I7ry*nBc@1WoXgeVb(yAkqh6STGx@fa@#Wh@50fVxuc z6B$niS0GAzOUJJ+B5{zCptbDHpM<%7>+jG|UzG={$wo=pFmpERaP2#r3H{c2AD#tD z#~fFsxr$NaGG*iZw?9>-Um(V)BjHH;`Hjdr@?Dlh zm6iR6O1P3;p0;7o(+3H`>m#Z->(w-3HTk-cCalU5@|j@l*A1bp38}< z#%HU))kKfLl&_AUWV0YU+?g~*O+Qd)DTHr(H9U&Xz(<8G@m=BZU*!V8?54 za@-b1m0vT3qy?4UPzAKKEeD4OPYb*dmA(*-p`IHR}g))av3ShqrXvwb%f*_S1qYUfaf~X0*O!GuC{f7{xH-`15 z%K^Kg1K(JaZ$wrc7opETND!sYUZ&TnM;PE{BlM(o-RX062m>VcIqMSVMCG8q531Vc zKe-S_MrlnuffcJ{Ab4nEpqUM9_mX%b^Z9(fI&jbTRD=uKgwnGk_hPv?YdYZ@vv@78 zA83$J(f;+f{m+xkK{Cd4JU?W_YDshb;kXlc@SWIb@4EgZ?dNWW#O1a1WZyft(11JF zJgJH_H;yI5-2!{jXUqx0GNsm@l{pw^?@8Cm?4^l@U%I^1oykfBLARYWWq2G?n%TWcz!Fn!u^mRuIw#&)Jq8S6kn*jxyUqkQ~ zipT~C_mdNZp$%H)0zrM6>>5kq!7@XRW=@ieYo(6gtMVPnX3gfha*O*~3P2_hbN*vP z#auI%rTOE}Z3@r~>N}@SKIg%a@sT#MGV7Q(fz8!-njt2PrN!OOH_T)7CW5BP>2kH} zk{9W+tzLSx1OtZ<=9r(?+j{)61W2*F)20l)v3{@EA3V$c3`Ou-*o3>gRPjD2hbdNg z1T?lo>U4!9<5!B-Qj5xph$Qv;dO zX$Yh(biSLZUz+&@UopDhw>jX;NlHR&G{0i5ET{RxU!_S~Fj}Lc)`ay6XKwt{`Dy8b z#kp0~N(_TA&8fS8><4lrJ+x5K1$c#IDZ`ZJ;{q)LU;+;?0f~Abd)-y0Ut(_%0tvi) zXt{l*@7F*lrrk;942;I3L9($W#Ka2EH<}Hzz97mr%Oovp;n#BiY>MPpaWXV)em~I0gq{N6y;*?)o^(zCdFCLC<_VRY zvG&UIgd&gp9I11uhHp8L$DGz5Xy2bip!N88o{=UU76JZk95v;%5G3H-f^NvU+9yFK zVnSoTf7N+8BboLn^?>VcSCE|)(z4`?>9p|8dHGk8kJ5o5?r%g$rw3dKzLUJatj&P5 z&Vi2_+}le(p~$jxy-0mkj`8yP{xSzz!T}Za%148D-@W9}-?Iv_36qhgEmT1Wg(pQm zVMh00ZIlI;77xK(xd-9!+hhAbcZ|*5uu=`y@p>jfSy^B|Yhr>C7HDxSkzC@YEe&Dw znScCPg;q^XIG;R@4rYecBugNnVGXtd2Z-8n6gHG4M-n0BM}c>TEZZ9vb7>P-bz<=7 z&qvc0VbZbvcu5S<<&_;-Hu}CBJ>;hO0<+CWkIB6OAl`~ySnW1IC_<&ktunzlrHr5y zDg5K@gh=LOCcQr}>xl7-Rp&r)R0@GI2cdxRh(x00YVae+LRe$VUspp5XG&NDxvlc6 zMLsVkRwlP0(_nnkVI#iTkXKL8z}g-|R|d=mMk?Iy z9#IJ)Vn&KLsHI-aR`2-VO3@k1?;fOX*(|+sn@n`5M)p5?!BjbZ7}?u#Rt=2gWXn&= zp95ORZhN>*!8KUHNUb^<_Bh_}U()Iy`1}TgY7fb(*S#gk+iVqkg-GHfFQ`bz76R7= zO6xwvc_NuhKJ`+_+14~s2ZtFrrl&xL$kutmn6Bv#0BzvMQ(TY+Ooiu#({yA4*(%Q?-c6}Z*5vjj1x;bFqX@~Q-Oq*)YDIiwm3e*lGx=^ zEG`{h>@jYV4qfHL61k+R={>-0eo>Kkbt!8xqe3obGtbnuE>m1XlIt&?jNDfICII^ z54&C=FH#(shXI2(xX-;0kW2s%%Cn^IBk6BO+T_ zvevltT_C7)XA&{eE3BUll~VAF@|diIAX3i`&m&VgOsz+9?qtquPd*zf0kctPZ3z{9& znO9|%qNw%{einT9x^<)=zcN*^1+B!h^jDYo2Uxhi;z zi~OW77)3%-aI+y&JVtJhTLr#L@en@)gv-ezNE$jCUP{@91(V}4-{+jhO{w6ZA_^xC z-L&ufcwP*US!%@Uiz9D0#!KeV1*LHtP1yRNfBFgS(=N-!X+aXwo zdpHWnXY)Zy3Rua3OHQEerOj40yHdKi0eH#|#MQBTqZUg_*0 z`>ODM#t3w^+Wbela`O52nHJLve(yahy7;fZeJetffR7WpKx1R9hl4~H;)|nB?3;IV zJZ#SItrY|738sJ1vs zm#h+Pf0@L9D!59>fkeaM-es`Fgrat&QY50`wX3V%U;V>ELaSjP$}_vw)YghdZlM~= zWLN_&nug0)q&oHASw;lMnr?8v(1)rT4R z1~!&S9iK+t#FviCsk%Fgt6N9+OpUL0)z znxWnmXT}Ni`6N7oP^OSbcUtGTAxY(g@}0;SJ;E8OT-<)+x-1CXjIup8`eU1wf)Rx6 zNIMg8NZa=c$cFs^-~>#^VM!XF)fqDbv{iyoB)T9X1RnZCUnoq;v}l6lPXby7+3S2g zILv^^g+;vhd6$6jrE;ptfI@YS2bCYxxKAN12&^%^WF{=~eaZoXtPy&K=J)D*{goadX!M%!5N)dc8VQy|e|aD$WvSNB|h%3F*>M0Rm+J z5=?>zX_+1)2H;ODV!>u3+?&%HrnLyW}TO!V{gchf~^nC2U zvwb5;6t-Fjr{1MAdesvnU^AS_D_A^&<5zpv<(>= zW$-76!>e7($;I6j7T#0MFJbMyRZ}&&%5{QU&7LnW(XFApM zGSjx*Bk_FUfQ^6?c8cUPL8Jt9SVQFcy#O}zt2)|tPLlte=9h+hGV;v7NGq3RbG41G zPpVu&;9e8b2pcTQdK(i#0iMEVbY%JUKR)?wBnJh>+>ea^>KXpn2shXJB?`vV#z-_1 zt`I&*4#x&q-lLY@EK4#;)jCkDxYu-YCh*SjR7%MRMHbu)&g)W%9Ix?(RYRqiv?{YC zP=$tP!wZ^Ok1CN#JsZ&(k9EnK)oDryE~xL!%BB;rD0!B=x*8csRbk9uN@K4sFZ|q& zgt?t#eDUBnr<4PQDTDtv&0;Vr7Eyl!m?IVFTpU%6xDfcAA4{vZ3Z7y`_LoNafwX+=}XcKiL8%U*5mz`$oGzsOJX~z-Ib8@O%5w znRzN1?*8HoXZ9vWn23Rk83LPD)onS+q2UXNmPyVq0I?I(ar7<9+S|Az;T1^XlcR4HzuZ-Qsk=|9||?tbCg{4u z5XjyJ@0{ZB&hmZ0BeeH%Cn8EO$v_E;Zg@Cklow8pBT}Zb&`HcSX13s0V%-@9ga&(& zyQ)*Hmzyc#V~PtZEd>X{DNqgf8X$CPEDNupG!t=P9PB1-bw_M<>W2hA*Pqyd&G=py z`TPpuYS~QXddcO?z}cFA`9yP|%n*qXOmE6qSdRmhL4EUrzK?{{9GA%#O~e0;yE$Sd z1!gLA?7|ct4NEpEM(UD}XdAfKV;66KGE3$41|1Yi`HJ6w5jItFy*70r*kv2p=5FcTs3=b1AQz&Pn-MB_i`2 ztQl;xFNhK}X6j^Lo}LL%qj7WrSjV5!vDjcOwQ=QB-SR73PZOe4a`*}y>>b7EdA**u zNzg?|iG*D{PdcQ&vYQgPs0{T|gkXt7sD7HUk&G%wymzU+Tes=>aZj-+q!XhKLzx|f zc&$OV&ATA4cXP`?!8|W6iPP(tAKIOVT|)hmeXELpAiX@YQO`m7Y37|tm1ZUIkP6*2 z(P5}}P(DF1dtSFvOc{p){mc2|EQ}|5MF(vkIbIP1zMq zX%G)$;-^HPmcxdc!kHq=Vpz3!wDb+_|^+ky8o_v-zm2H`w>Ie}l4UPJ} zzVs;z0=LX3v7R>q9`8(BNl!K4?IrX4KD;C|#>^Q}%tibYmQ?(DPBTH?Rh6it2e)Zc z&YCnv!~-3|LvD>Yg2b<)cBqL3wdJg@P@&~N^zV5(0h)Y+ zH2b4m-($EI6SI$Jqq?qmgdV5B21|D0OTK_)qpGtUQls19LS&bT8T|AKGh32U z&E@X%YIC~no2r=bF|{S0HtnusA@iI5U;}zI_S>5o9lvfYoeHtZrie7z#GzEG2e~MD z5Q!uSMuoZ+KT5X^lASykiL!mb%(6eZl$^_j>Q^!S!{gxlY1d0nlAv{v*6K3R!%Az@ zk0|LOnGk;(Aqq-GFx#W@Sg|KU(otk7M9dsPYuF~9c5)Xp_*4~_OK*tkqDwY{vBHs6 zW;!;(1-l!Mf4X^`kT!Vs!Q#WahX=Hptt3!q8q`L)dGyCcJCPj5zR*AH*8{dbyygam z>9wz4kQ*JV8iERcx6c^T^}F#tUb(z(rSg00xz&usHR^>0^E4)i4@M+Un2u2OyREjA zeIOuGk?_JtB)r2Wx)k!fP`ITu6(&-EQCq)Z(Obn~7Ze5w7Ew|Z>|X{9;Obp}2N&&2 zwRa}jbC(8S)#?Y}8{b{0BtjaRaz2>4_VGq6eHgv4000(gPxbJ;ev=dj7{_7Fy?ABC z=38<5vWaw`zlxA`M#Y0;@V1YamD?6FbQkzEHW#9%Kyj9#$*_>jkpspMcDnAmNTUM? z(7CFq3lGP8BLA>Hyn$Z~F1wF~&pt=YK}b!7RMh}wooD8z{o8(9VcaV-hWm>%$RiFB z;DvP}KlGzAi5RAHlYe#};8}TGT<`GoOxx4xN2s=b=lOTslP4Jo95S4*x_CllGoiAJ z3~l7p6teXp&bGxx@v$deCcTsYWK9yoG3ATl;rPk^r|_QFPxNh8xAk5cShK&ir&%uf zYQuNoC5p?}uh2p=x|ptSoCD)(;bR4=N7fQT5j`+u0CeE?Y{!!UV6YGOqS1PAL2(dJ zHwi2HA~Q*C1%hy4mBGaxRX!{Tsa`wUj`$-z+hCn})S^Be@yFG{TJy-|t8iLu;ZGi| zbDFOS$)ZT{-+QH}zf5PU2g0`{8$p(r?;PMquU%BwA#{c!jV?H#{kABWu3`R9Gq-#=hdsVW!OU)xRKMBpJnrbT%t$ z0h075x^a9yuby=e4`MZB<=>UgMCjR6l%(k%_yee=aFaOULI|+GeChWRX%14!wzL2zB0>*z4^Tj;DJ9z@IG$_o*_o&%u=! zV}eb$ieLtvX)u83C9q#CQbZmh4By7dG6$(Kf~0yf8*D z`CSZ5nz|R}aWWcO^chN06jD!jU@KBzKzg{%o&DzBB`R(RCcU|lX(V&sAfv_j6T!!( zP6&U|efFE(tIqs|PHv$TIvUrI`(1QmcCK;rCm*cklVYXqo60F3Q259#cd3-ML|{AbX)7N`^aqNx+-6 zth$is=_E{Wg0E9p0?1n(w3t&&w;?)`A%wI>3h~l-8x5NuFz@xW=){oUHAvk>M+Sq-$fXuClcJx?dwM3PB%LJ1_Ug2<9IrbWpN<>RpXz*% zdGST--~SOW+hGxRJ>2~R!o(gv%O^t)kebaX6972~MxG$2I&uR1N?dye8Bw-8-j&vg zEF?F65CZpNe4d)5!VVN(KPi-)?&x&j=XJb*>p7Gu}~=GvA%xqG?dOS+zcEKHqpt6D+&C3 z?t4M`s(`oRKT={gCt=Xr@aO5)y>z80REkYyQc!7Ix*L1ZZaxju=r(VwuW}GeRbIXN zcDE#c3ZxakZ7nXm>}A((iIv+*jn`$AIDNuApxwO^$^8S9e2*Rn#`fC(ih%zmr?th4 z2{$6D;Tqg07vUaWTG9Oci2fp8IgW-wifIsyEwp-yS< z1VPx}KK}TZFE;`$rs|(c&L}|R%9&WG8v<)H%WXN{t))v2hy$^SYm3S+GBR%-99xDzj&K z8_ET?aoMqJU&%00Cy|PtS?1M9#R~Nu>bRE*tX`~v7GmhKUp2mL?rU5}^~L>72*epS zy!!6I-M>qC_4wB{l=c^xRRjftHS?=&?QS0gq17d+M6sjRinQ@-OpvtHQj}S5`08w| zTO$9myrlXb6fu{#=#1m}n+t;PgC1|Jl25>77cJgqmb~%W;l3 zjD0j3wvHzZuC6Yq5APS0hw1KY#+v1j)m5X{i-WJgM-(5KQn|qT1BkV0y{xdHyaWzN z$0t@tns(VU1ocweVLp5BaD6*~>CqCSG|O@p)MBpIyeUB+zMlt#--*c)<@C6d{*seQWIWI{-OcVLe>*j&)={-)cM<3x?kxx*~ zC~{+O4m2%#%0$oaEG@g{c))Ov|KTT;IXmmvQi9s5A7#j6{Cp?9-oTca4gCh%@7)r7 zG=%r|V_vSZVv|YW3G!EALy||S0JOX%yzl2e%h#*WujfKA@tez{u8@)qcb*0(RX?u2 z)$)JnznW^0KFB@2-$*=@oX1T(J>}tFA9Y{lzjY(IinazS!GB2=bc$WVHahdN-=p^1 z2=cp3CyALvCU-w% zw@O>H$omjx#8^zO1cl|kxabgvdd{xu#rg1Y?X>ED^b^gq2;Q1h%ncs>Ex9&-5pFWE ztN1E!d0&dhX@N5>c61p#59ri|`N&R;P<2?I6>~zMB9A<6o0fEHIdbNPZ3YiM?zI2d zL0uP^KqqpguK(D3yxC860|9S)l~~6&0yqvpMRD*GkJwSZzYdKKprSbyyD+~5ieiVq zWMyC0LPuAoW(4t)7sf)mRMYeD7vJbe(~qK>AGiw>ITnC3P8{AK3Iqyyt>BqvXf!rA zby-PM1I-ct87Oj}h}tS^5k$vyY5$R=yY!&XHP@+b1*J6@Fk@cRj)LW(j%VW{dyw5D z76Xb4rp~r-k(HUF(>^y*O4~=52cg3D)Gf4xB+XLG$nn_<$m1n$s)Ax`Vmeps(~{1!=lmBg)%Gemi59>*^lObWdE*M)SF=B+gavXJvdz#XdwzLZ z!4iUR7W|GlA3m<^o0a*@)hcPv-BmujS*!t3ln#rIC@^Agq^}3HFgJ@wYGqx^_&0z4 z0iyr=bm@P~+XU2tfz^|!P*`lpgWO^xA<)R)F)&<@zeqr0SLKAM(pgn;V37;eVpy80 z`lshWt5A%V{v{6o_tpM&pC>1{aN9Hx{BGWd8ZxwW_kC?~?>j#2!d5H7iC5Y7d9HW- zmVxNEJZAUhSB`%heEpA$f!I(6WZ*`LUSSU2GbJ}j15I9eJ)voNz3<$4ebz$y!E5G; zNP^AhaSz)Y{VB@=2azNCP2AoB|8{!%_jPcfg*-oahwSdfz9*E%fCsdBkdh5x*Be4V zwaCoOXa*~6dJ;2VjStP7$~Qgg%VPh*`~UH<+rP+2ZXO@J)#;Lo>ZKwseNQNbG#FAu z$WlaS7J_#h@J#kowzuo$Y*yTGVCdQnPY?Q_(>|v$zgodbn>ggR?fedqPsU2#y*}|w z#`T)MU3iGhoBYcJ{J*`|7BWb2=OlC+q*y$Y44s+vq82jboh*>i#Q&Tr{@c>(BZC{^ zhrYwS^!^no{6GG_B^N}tgn>3}te@NV)Pv-A`+whn90WBEO139SCN|gttA+o6|HG01 zSbe;Wfl!SX#^-;3WB>kxNQQgsj{LvZJAFIZD0|;QO?sO!F13=^2`5M?5 z_}=Vq@7F1JBI~x2QTM;dy*Tf7e&I6;Mf~ewdX|#?#lc#Jw+q%v4K17Ck!-&Lyj!p& z@g{pHkw!}%2BQDaw%Dq{tBb#o^yr3Oj^U{;Wlm4~MQ|Vd`YWGOhZ;o2ehaEYjAe{r zcuo6S5W4vbAt9kxS{`2PbOcrEgK#&51z8FZ@#&;EU)8}CdFb~&{dK4PmcN&|C;8^d zuM*FH9+8M$DDFQWvBn&ns}+suk_Z+NxsPMD-8^Qs+dTAzWK0{PQ%Cgj&ANlOd79VS z&>>Nb0!!rN9JaHOKz_ey`>$jg39`jhqd9rdHE5#q9YzI4ALU~PQxReju3b!2JBh1N<;wI==7MgMzD zcWHs|`c`5>KtPC1LP#;=h@xL##~7yLUV>p;bF#VF4I)gvVQ=B_yg#7&wjWSDsND&l z6a=gCv}(?1@NxL^{wv1@oCW!hO(3v-(b##ZG_GfuM7T6Uw`zFY9!&d)B7SuPBKzI= zyzU1rSVP&D^s^j1&g4gpfa9i;LqjH82l_bM42l!J}O7L=3;Z9g<7q^>!&k z3TZZ5CLkbvyzY%;F)uqX;$6dq{xGO&7b5CC7XNcZ?Z8oqb^_9>dHC@&zpEG}W5VCG z1-uZEB8Nh`Z)F1aU2yVxrhJD&sB*~WguQ6PMASG34k|_f2Zw3Kq4n871@Iq5rzT-? z=fudAwXmfa_jpko6NcWRhbIX|B0LivW7!0gq$N5o4TJHpc@Z6oYz#t&j0Ugb(I@P3 zi!!EQMUBE?a1~q5-=}MeYlA6xwFmkfMEIb^T|x#`Mck0kUgYZ@C?#!HCK@jJ^>4~w zUiH$m>dc`AsdsZ>)OP|bq-a(xYC!~+wOCW*HQLBJd$4DVsQPjY#rCs!6f}_+C)Nh| zEQhw|^Ab~tQFva1n`PDHi|qm_ z|1>N+EuP?Y=$(lks|yJYbH2<9e8qJ+zn_Y$gOBscxY9cqv&7z`cY+gLGbSWzFC^-pPzWOgv6(Z31 z8@YAxbrgdnDJ}a7*yz0>1W=F9z?YPKSe7^n%L<`5FR)y`0-5oui?CRGJt5n8dX;>; zNDvS*$10SxW}?S(5vI8FdjGabZvP@7f&YD1e=;(nWW_3+(F9Mw$S`~xCF5ImgQExh z52hbxMd>s;$ZsoKS!1WCXy@8FL18DdKqV8Nt?s2c?Rs4)-{T3PQL`jei#T?Er5DuL zhAl_Ug>_KQYc&D=N2F8% z7%xWnT3|j_6Cx%&B%7RY_LG+o^G5#poh^89%O-Sk+5m*dt)DpVkawgX$4sw(CJ4^Q zt%g$?;JzT%YjzlszTZh>+`XA$*sb_?+m8*r@N8g*NMB<3k1Vq==%Pe^XZJ>_bPf>Z zHSzhWInMG!mE78oSMZ&mI4o+^W6QPXwnvgPDZivAAl!i=C&wRiE(qi)@mXL)49I?b zYA2%mm9{}pDA>=wT39|PLkH}L7b$X1eml-yz4xHRv?T{*$x|K>C7_W{xMJybJyyE1 zoZ?|e>}`zZaBHlvy;kpE*?+u);KSIhGd$;U#LFC>mTr_cNwCt!1t`_PW7oPZ5m;MLgp`Z`l{9pwyxc;XM80IuV4bqw&W zzi7FKR~Eb3?2pM`Qge$FIH+xya|VWcif!j z$+;Z4?7APhUN6j;DS)(0zv1*3PXyEJEx>aBti+fMI7mQ_ie}?R7(_eHk=ZQpS7i_e zQwFMq{1dmJWb54tcU*)*fEMB*QWGz|fx_dAcZk1^>IfzEox5e0T_)F}2Rwom9sf~d zTl#&F2Qm24V@hsF*PWqHg}yLB_$5h)Y#;VBXR8jJLL3T1>xug7`GYt=i*4ewB>d_D z$T}<{Ok*eP=a8WxiYd$VJvmR1RSLpAC%E;c!XUiD7+rR76cY<%6pD4^vy30%n2lzH25(@w`cpfg(^aiF@@kX)pfMH2l|Z8R5mSy?qmT##0GK1SF%u zGu2b;A&a5Bs&0xX@9{=p9GimD9rswTfPv_eJ}m;0^8CIZq^zIt2MHvLCx?FjQPMOy z7Rfuod4IM}ROMBVO8hk+_AABFAiWj-u}Z!do&8`snRqZyh-O#@H194`RMhv`cuR=4 z@;|VulS#K@SlG_??L}c zfguhDp%p_9{?-xCp&uK4^k}3(Itm8w^-qt~Xa;66BkSwyGb<#pUr+ zVpAV@A(51|hoH0so(7Sb94;0Xv_cF;c&;e02=@g>!_{CDRAIPsvjx(q(0t>wT|PxOk@7uI}- z!ErT1mUwW7l_RP84@D-o_>O?<+k~RY}`IKEv5zgP0 zS)o^7*kB|h`BZtxDCECn_8W2JGDtciS|VyQsSvAr{&yvK3n+PwrZvQO^DKxC@Yi?% z`DZ0Oc3EVzZ5K8CF)2%>;O~>Y9U$+nh!~o+ZrqP$m53tK2^#F7E#VOQGwtK6uQYVl z!WjuBB$^e+iCC=q1OJh-tzf6$4^C?W?Bl^iWKmad=jv&zA*HO_9dCF(soHo)4yWs5=emdo%6iF9a@T;+fOjnZ{-*wYc(vKZ+qc4 z`jrs)l-Ajz%uwvD{k9{7X#rNLG($u8qcqv^;w6eWJSGEu2QB8e-8;(uE~4~Sd-;!C zXB%N*)%)swVW<&<28l?A?Yu-PZSkssJ!RS~Ttk?U&v7FJ~hx8wM|*LoWfIQQQk z2S3U5=iS61KV9ZOtjYN96^m+V07X+9Fzme;S*}LR1^6}XB6U&Hb@8I0WT+>_M1nEu zt<2>lL{N^s{Yeg*7*pHRc1GSIgmnmh@}fueoFTJmb+%+L`W|;n`iFzu1jZZ*Y>6_t zk<3Ve{Z?XQMTh$x?#8BFan+qJBWF5|`n|OI{-BJ<-mGVXOONZTaC?{xvM6}!?L;>u zJv^o5eN&T0N?PGP*xS6UKZ!^ z_+90B!}w`ACtPLG#j)%MI)VJc1B`r#hye;B6UA!<8a%4Xg-6lKjq2(RFHj##V8XnA zO;G3l7Jn`7LPEL@ez?|nySR{g%tF??4F&~%=8W=*V&cp@ATBv~u95O{DBrOQtPNwo z#DWCz%U8jl1T*r4Cz=>DiX|15UF)@)7WFrIpY!7Nn@ma>yE?MM&esD!ZfTNHQ|?w( zE=Kj1`QX-FtImh9L7gutvDINHqHDc*bLK=EtZN}@Z%_TZl%Ym*O@1;iFUBfqOFO@+ z8Gf15`HP1)McmHV)pxgShd;(?YmqpZ-!e1Tb9E%Bh?oNA7bk-=RZiFUUlxN2LmpZb!yWJ6E&yVopcV#RD=DXxv9XQuv>rM74mTY7-0%Gxxpg@LP?3 za)kkBxE(crnH1qd-IM#x{6H9_D}j^@OEATe`aiUIID3-XM;D}{ag#e_5$iD}v9vhf zR_MK1;`qyQ+Ut~a=_)Z#pPy8gUWS=(PY?^`E3pP&jK1!`MJpngUu-wF1*1F&e#~6k z-hnYzo6~rxzfj_DWD^XFnT{(tnmWO)GJDIehDzN54&=7g;I@Pkh z(GUG^vHUK*kYjdlau>^j-q4Vvk~fg~`wAl<2PWdmHy4~_w#c(2cZk_jX8UZtX}${U zt3C&c5q=hq5ED&^pcR~CZ5h;zuXjGI~v;af%@x4G_Bd4VlaB)uovbI&%@lAr~i` zG3(orRihrY6_J<`OW5&-S0RKQ=OwXa*qW9%r|gEp=(_jq)VBk$HLo(|gj7Mz>(=A3 zf(GmRir6yK+gNGALyMpxm-^>yd)!R^kd&8m=o3#THqp^T>3jq9x;8c{O{=w8@6-0k zRl{fp*57hyhqwmhdp-pJFt^V#xv*I~oR>G)QcPJuG^G4x$Yxt9k?> zxAOjQ9*G?f!zZA108>L9~?Jr)=0eCNd**Wr1L_|ee`v#9YZcUd>$-Afus?=4%n#GgTse`ySR z6E&~reGbtYU&zW0FF9H_@uy!P9&+LoLezI7Z?}G^iJzqi8ScTjF!#ke_P+ZL_*8-5 z(L=jQ!n{$hSh;O#r&JO=fLm}0^@~4xG*lqDs zl>3ZfiV<>uG#IX6>EE3X!l`!k!=4?XB9g?DX$J~K_%~NuPPaBCKeqxOn0}gM%D*dq z?Qj?+uZ@Q_jmth&_Qg85Gw_d|f2)$u4oslRGn+wg!QC=J>TJFXZ*cMxwpTtEPi=-y zejj!|JKNklA@Eiac@3E{U=p#w#0z>0R^d$kYwwRqy~HIWZJa-B3ZFdpDk*O zZ6x2Z?lTLOvbp|B@~=2M1G#IVeYr*J9GH#i+$=s@5n4P8d&iq4;P)~p+T7BFE0a}F z>RL#K=uEU_fkXss`oUM{(*vXW}~}<+T(Qj*yFBk@q94UeBPs! z=!zFz5=WAQFFcCJH3xOsc97yu`tK|8RuQQrGYb=wJm43yANY!%`scx*@ApWPS4Kzr z(sZwWCyFo^b-28i%(e2&`|%!UM1I*ZX~imL$!RM>W~FNPEmqa_?~pd9bQ%1(zYD9mZU^`xMnAapNiXrI*#HQ#TX_vObxRKo`V z1#TbLG<<5)f{=ggP(`j8>^q~+;rWxZ{4+!JuN>^_y=cG-vyq)metGqtU0&wC8=Dc= znQ4i>SkjM1fL-){S@x$mHfI4dE+@Y{T;vl)R4;F>yQ|tbB?;b}AEp7BsJt0qPU3<% z)SDJ@`4(n8^h>wT1(6Iem8=;1cia4iGa_1Aab7fE`uiu=QCdK#KK=MEelEj>R}v)+ zpQvNIDFo1Rso&E?WM9UO*MvP#&=P?Il01eD;{po3N^96FaHxHgv6N`D4#nv)N4d(E zmtxFcg@>Py6Z=2y1*b*4WzHg{WDqqJxR|um=klTcdkIp515{`v)XhlA?{XYA5?`8t zY(88tjDbuB3OHU0c3i6XGr4L70V*j0@KeHZ*pl9jW=AVh`W(`=M6WOt8;86n509?+ zi8lB~p)QR${(}lRLrZdjA1dtn2*(c<;M%)wXE~KF3_4U^v2h6n2_Vo~5^&*NWg#8FHOw{`BX4hcFzK~RyZP!(>(i2$ z<5c}KxK8acJm#I#ssqN__VKIobn_S4QFGJ(BoGX=jSgsNZiZ1&8QBuvlajZ9v2VH4 zd9<*DvkLX@R1m3v$!kLGe8iVRXIp=9Y^A*H|Q-}@j&s;kQV|Sp3Yebq4Ax5)5i`E0nwbh`Ad2o|+Sk%&c zKYK0|UO^vQUGmiBXDbuy+){b!@$d9`YRa~&1Fe?bm|JT^;p^oRLFS!wu7h|=@0J3J z$#nz!Qtqjj2q^rA99;rr_rrU_DUoIvAarTSF5dJX_lxK9X)f!om3lT`=es6Imm4eT zD37}X-zZ5nL+!l7J$&OVcbhD&`8N7~3Vz-WZg|TD!>9oeD_n~p)-(d7T*<#Cm!l;$ zm#lgWM?7y4vdO_9QdFt}pyf6|@UmKx6xa4pvQnUHf)9`I{n2Z)UwbX>(Vwp-6$hONym9t;xI0qXvpK@$xnF$7=g|E%Xd^DdMfvLYI-_OzbJu-2z z8I_W^cP7XRJRXgL9X(wnkoEOcuE-Oq8|)JS`XxLgk!^ao^_B~P?W9$oHxDRyK^YSdI3Y*zNot(re;0DeB zCZ3QW*m6o3LW$V01R?1OQ;dK235M~}FpXEd2Rs06xcVt@VGK3f%i1G8DLb~FFOQ14 z+VOIQE297kr~iZ98(F^(T)#;k7`kG{_S~Qdn0Fl z?g~^!Eu8GLg17v21!<`u{?&)-__1L&4(yC`&*)wKt%c0lIq6nC-pWDbct&(O%;o_0 z_=XP+sALtE5S0is62_#yAkBjV$7J@q45w-4;t{i8Kd`zC`vEYQm*(gC3d?j{`NrY9 z&)rS5_ZV93TO|?Jenz--)6Kc0I;O|kTt6J%n?M5$_Acr7qzvo*MTQkF^@Oz|VbxgM zq1;nwE40U$l8*uK^6+XfR}CVWX0mSZyrX<03iB6dWa^6VXtUZ#Y8AZ@0@{U2ZQe;3*u72s$T>!x0%>`>XSna1g7Iwe#VhM!N6u0Bio1Ou_Dp0G%E zgj_vrOyjQO6C`L=NyoZ>81_}y<)Y7I?e-2tGPtcs_D0>~bK!l|5{EbiN0RuOVxUV8 z_do5ai6!It((dz10tEAYoUEUIG7SKcookY5ZDN9RI9w zedvlbIkmH-5#F``zND6TOqX6J`ctiXju<-J;P|!-cAvQZ>g&YPbR^xRqJ52qFRT(h zOG}H*F?;^NG>5C!bbfOKVHgImFO)Ux%;*OZ-Nn|1AQh(xIQ^T(G6xcu%=se1gUNA` zb<|SqbJ^E2SwFWos@&><;@^$I3_BIyieVe^vK)01c{v4uKaYHE3iI)Mil@%cN6qKc zRss1S`etd_tzv@t{3ly_q`9UfQKZBrhw8liUT};A(_Rd=f zGgT7z_{tPp_r5+O*Qm4ASb4!y3wtGQalL(?wH!&DUF|~6Qt&5etVW(ek|udGN2nM8 z6S3A9 zFg~qUxNcwEbF&W^=1FEk0~BMsG36LoSQ(hhI^)aeYA0hyTP>0Bu(psQu0y^ht%wcw z-blcguON3oRI4V8Y>BTbIPP1_FISl_zB?8a;L*~h=M0S_HY&rtJH=2v7&~TZMOxJwkOfV}Lj^V$t*W&p>RsWrgn!jR6ab4&SaUB#+Dlv3?WLU?} zc9C4x3?dn9;)iRsW2=ATv8Z?l)9T{T{!<(E?1)s6@2gm_wZA_miK=?XzLWUU=4O@2 zv1YStzWP%qSjxe!`w&RpgMgCv=aTZ;M+yozbtcMq^@5zeX6?|*&{k*Q|0s<+YGYSP zL}CK@y5Vh2IBuwX7ojulDfWwyy=+TQB|1JN7!~Ab7*YMR$@71K2;PxFS2tylkY;64 zB%{b6HvSuS#y}XFF$slH3!o`);p~ARLmBl^xZxYagNc^Q%pSXlFeWqh6UCONqF}nZ z^#RrUzDR#6<3AU<6tUuzbF%Ks^!5Wn-!T4U&HU_GD1PDlH@;}?rN*6n%}LvOwx^)}mxxi>FyL|RvE^y0)Ft{aGO~ip z!t4l1zjuDx?+9!2hCfYuCCuUiRHX9d{0aH-E;hhoIaDQ9Xix5w?+p|hz8k55$h42; z-|qeEqOK{aw2y;gimX0;Wi80B^a@yl}mTS%A1^t${NrXbqm zRPyd$0J~Qw=zm|`|23-De*!Bxp`Fy!_*?}=K503m{MnfQ{Sj;5RK%C2mSOWJ!0}kK ze77If;7|U4fUd-smY1Ug1EHg0oYSbXG5`IUe;Q-!!C!zBSvO*z8Efd9od4G>{t;!i z^Fvo>7yty0&8kx&|BosEDt=%h!>&7@kA`YyDzrDx%|=evv}yFdW8}a6v(`a42K^Zk z(woOyiN_02WEF=&RQ%w_OkTg_G{@EdgdG~cfiX+VAd#MPOrr|(N5M|ytfn03QxK&P z#THO#l|OIuL+GTu38el=J8K z-;EsK+T%LK8Hzpae)+#pXzf>0uMpl5*{~+9poBL>URW`E!EnM2jQBxm&z+qz_^IV| z+*o~J4y(sy3~IcNvFE`k)ZmLA)2j(X^?ydFBn#9<`g?4ZgV!;mkn>-A`;rL=BFUA8?Ff3 zQ5^8fdr0p0=(m)32*?zQnalP7`rDgo{>vi%8*+1INl9^z0q{4V!iS_>qL)R;cUxL) z(qpi8c6K9KOl5OezN2Q;i)QyXz8%0jQ`d#m&zlf6duiXxP{R^B%}r52;eXfTbai=idYcbr>{OgeXukG8;qbPo~zK+~zpi1SQ zaG`?x9Vv8V@Ayboh4qOrb3UVN9NF`w??UZ&bp}%=e;#9hpip9_Go>+^-(xQWrlmCHt$24XV+Vw4$!6c zVKsyTz}OYde|@0Zym}lNSJOdDgkt)>4%{rF{gU>~R{7$CHVWqF!YMgNn2luf6A% z(5*c}`4Ii;D-9WIH&^jPWokl~5R`_(YmV6TyUVg`3i9@En-(JSfSB2lmQ#XFT|+*> za)N7m20C&jzSZFJT6-P;TEs=v{U%AG@Sb{>-tW2&(i1=T?Rj$B3Ik_HK=Z1R!^(Oh z01pZVI($^#H;xtc>(dC7)#pAW0Ckf4ujmBtr)abU=^0SmE7ZD5r`dx&G|`_U?PZfr zMPil_zoO;YALZWhtp;8RK!e$*$8UQ5n&np6k!|tKoQ$}COA1qz4UgABJYJBGnC&x! z$FA@J5cCcX-5Lsb+nUZeT-R3g-e;qv?61Am)K~lyTvw>=U&C=TLBQpdKm&gqz0ogg zrw&?>_qT3DZGo^s;1G--qOY<+IQzFhosYav8CFh-gxc3}B9E51eH>iiU=Cu|+UgI- z>ED@aNKk#*4W$f-iEoEdvgIOHom)$OQW-rQG``Rc+VPLyai z#V+ZLoqJ6tyXZ8_->?xD{Rcg1gH1RZRD3pnpYe|pQYpza-o9AGMByVA`#O4pj`tQ^ ziW$+V>>}W!E<*MUj=ddtPibr&nSoqa8x6xn&?NCw!H)Q2C#`M`Hy*0b@t(*`znGWn}W;lMtV_I{S{pd{lWFw0tZ;oQBNb zuRgyri5tM=MMp-=#o;DRW4@Ab=W$l#IiE@ryVQ-@9fBxWiG#Hv_T$?O`1-qqDPL}p zgU6s{??P4hLT*68dyH^lBqG}{Yu6;2RjC!pl5-L0=lO@Xlq_1v`jrSzPZqjPjmp0h zv~}wk$POoqZX}@DoWx4qrgK-UigQku6W z-sd6X{Gb)z6+KomZhY&Xp0<@*J0wDKW#jJlexy+sn;^IpGaJ)OpQo)XyK@>%$CvcXNC0KZI+`n z^eBl=3tF%9??cfAv@5BBuzOxOSvG{3zFMszd`Q3l1ufp z81Ccl{drqRG_tSC0&)!%InHQ2eEAhcWZF9%E0V7it|1fsj=<20X)u^X#{{Q5{+ml) z91hntIu6kh2(yj=StGV{dLmL)Qe=H7$EJ(VK_AQ-nOM!j3iH)dFAwFeXsjv4WYV-q>sT-0$j<@X8Za_bM<}9jBW}}a2zF> zUWCCVd~;`fW_&~#FD>OvQ6Mh^GLdImgQo_}Z_Unl3Lj9&q(|vjVBiY)%b`WR3X(!IvsQR&}rQWcFeYZk^pSqWj;eZKahEvVaL1yoUUOLE_o)GLuzp)eC-? z!A&~8axf#x4D74B_?L7?4`pB$}_L3qJU!K7io~h5|?ytgYm018Erpgi9i*#bVtzy~$iLicWvk z4FqcbeNb!}X_f;|*WLzh>SmMrnlx&J8h2zCR z=&IomTSA;b;kv&voHzayuqH^zr#9{nuY+Q-T!m{}GXo~fvn3Y}FIGaQX%=>xzT${) zO#aKY3$zUi@aM!IRin&zCv5KF^oWOTxzIvAIIP`kjzE88iGf8FDD0aZp>41=e`7y# z7Fb!1m~44m@`+TRPso)w%Hx5WRupaEnYvbV!s}h7lo+cg&bJ=j*KFzBh-nL<>A<Ix?T^}7*W6MK(26PJQV=LUjufS`RR=|nJ$J<>#~?N@!NqB61l4i36sbUi_GgZ9eG;oN)RrpzpNq&XRrIXsa;kc^S!LbOh;Eii3CY#XI#f{OWqx_@?Mw0q zSPbf4Ry`nSYJ!LNE!&+`e*Zvek#@_YI+*hc;XID9LK zBp=k72Lx85=S{5zyvO!<-xqiWn$#zYnIGmZi~Stdy%dw@GQ$79JU=R=+HTkh6XdC3 z0q&0lwPm0$TdSJ&Eqb3XwgI~@ybnxbqGT-ODX^0Pw+eN)XPNlD&>bF7Xz408{O$-% zfXt2u@6olEDG~nS&wZiV@t27PVfRY>fc_+mG;4hFJ6ZA{!xy0MmFR`VZtFMxOCW1e z{=m8GBvUmFjGxVnlWgs%l%~*U&Nvd9hJn~-?EEJJgf67GanRB+9uW%|k-40rg7@cb zzKDJ=!{oyC<+#P%fCdePFcu&NQ%A0pT|G4Y;RAgZMvKZ7gD}S|qO}-Pe;l@wZ;>+k z11%{c73c4FDM_(eHO1g(C96=lh~G*yeG1mFKb~&h-rn4du5BCcRV3bXrJmmN9 z)Supi5NDE}@qUJ*&BH8tny?H`l2t!;0zT`9_VRDYGIH*l?k_jU&(G(KdVE7pxdtF| zV`CbGICCN4fbZyX?0WjqR4wL;KTHN6Lu&1rFf;HYFqsai4?c7>+6kR^uU>EL+gURF z=+6b`e?kyr>ewxkQi#Og)f=w0Pv9^hj__`4i>KP`!ZNp!eTX;o$Xqz%u3P_XO;S4@ zDqc|f#26_K80e??I9it<#&R%P0siVcFmSsgf*QYT7uIrwwBl(=;P+Gyx?L32Q;PJS zC_bY$q&JpsOrxw=j&yh#6K!_?fy%n63cJo}9s@EdzMydP!+oTIwGnf|1-3R4yxeSH zJ^HGN94RP(0l%sH0?1Ip0H-;}T~P31@>^RC{aIl-zRY9_)UV($p$IJ`HqML7!@k>l^(t?xp zCiD#ykMo|8DzW@3s!-{8VZJ7~Q!W+UD~T2O(B@8UKZ+q&TZf~v3)plRbLh%h5eQFl zAHVsvj*>K|2Z;)otOEL)yVh*3l?u=MX#8iqNFXmREcy9k-@)FP+gmDd)B$ROFGV~! z*TG)S1w)3~XybCwZt<*%FLq7MT1X)(J_>!@>|viSVu33_D~%HMOsY&5ZTnM(WB6t_ zC-TPZE`>e=b%CAi@x;^Zbz(AqDG{mrC$!G8uYJ#LEm3X2LI&S*L?55W__Te*MjvHZ z)1va?@7Oubzj<4q$PI`1<$vK>O>5$=lZ5G&oN%VG$Ujg995959NC0=Xu&KE#c8Mo) z`SM4)5KGtCS;FCx-Vo2@x*2@TjuMjB(x&7BIxFz#|IK#!eV)RuNZ%AiadJ75Y@`SG>W%QFdbSm z9m?U~Fdm9<xI`=88U|4mlyUW8rJ#h8e$>ThqdNK zhVt;`X#Uz7ByY7k$^6_aHfpTMiryFgnf~vnfmbIufzyqgU-hJun za}r^r;L-#jhAljsinWvPcFcc?QDFDGkKTA00AmG&2v8!Ozil61jvV~` z(RJUhN)xHY1cP7#<3?lhV-;Z(Zp(b=PkS6;A1&}GSc-HXCX=r)(;=+-9`~AzAKaE{ zlb@jATCTCK2bjNS9p|}$SSMXVfpda0fjHNZYO9frf{9*2x{=hhSqvX>DJdAx>OUz5 z3@$R-?k#PRqjc}mQm1p$NiSIT++TyH?&(yM6D5L6y3Hu{P~G-P-HSTYWX_{s0~zLzx^8u`2k|S!Jk5XJQ?>>6%`)BcWTyJO7~tK>%ZE|GDDX zbuI?&U7BzyiA18Nm-mMQ8IS0D0R5(rb0Q<@;MT?+!Cv< zfIf?_rH%HY#{X=c{I?21t1iqI|5;#@B=mVVn=C{`YX@Oap2esIEmqhE$4{{J<>;Bm z(jhwtyH;EvIf(3s zdET=C4e=w|9z^dfXV=R9P2UQc)|Z`Mb_6GECq0$!_4(R-)!B?|boqJ@6DYeszs_9e z=TA9L?6@WBh#R-zNhPtC&~&w65RF>v@zt?@E`Xm7B6eO<`=#u=$1D~troI^b*~LE# zfFLMNXMx%q)*1U9h`T}~o|zcyFje0dYuF}1z5>n>X-44F=rso;3LFfyAFE=$Bxdv= z)x-n`J zB39$pLM%j$&Zy`^q^Cd9A3#dRgUy`%zc}& zIn4=1vzfY@Dswuj-8dr*3NolK^R+5Z!+i7Nz8|vQ>pN|pcYSYcED( zVTNyDCgukF5Bu3C7goYlInrpTaH=W9V=y~Lsor%mGr;iCFs;8TT6r4ssm?{uQ8eff zj~)MA&kAIwGx<=_-kO!O#y4iyOy9AL}F0%6H5ozG_UFMl5w%SAfP)58Z-BI!FQ=GG<7*@>z;#)Rq~2e z%FA5`78HrhRkRZnW=m*SH}y1zgT5-U9lSXFsRQLQh;k@x;{XFgY8b2SWEG7JeB=Ar z`zIa-E_6v3tj-_nri5s8Q7G$IQ@rujX+c21`WV|^VxP6@1Ck_Z&mv39YugI6M928| z&scfC*_@rsZ0Ns8u8JAgPi_|{9_pe20Pz=~HuN`Y(Xszo!t=R90v~HxStp@AB-#1- z;XGTr!hvujtf)4BI+;0~%FKkn_1La-*tCB6&71wT9 zp<*|02PhA#4u9IoG!+p5vp#`Bf?$r;FC4pIjr)wV?>R*8hcK#+SAVSK;D3!@n~nT( zjq>>XmFZGtjOI~Uyl+t~W87zb6Qsz3OiL^y*$9NJ=IpP$+kK@&o|I-RLA9r(3yU2O z{O01&%JhevyHE8i69KLQTfsL}F+F-d$`-?Sq4n8*L>OZC`k%7r{h!gE*VCRn!lh$K z_SbA#6=TdE`kyOhVtZqVu;Jd&knO1y5|y})#i4g;>E*?fGMH0E85czl;_~d9rx;(zhU0yL`qzlo^yt~)9!kiwd}DrWWUR{t6jlLctH?D|&`4vcgmxwUJMG9N{vJwbumoWqrcNgkujtfd5a%Xe) z&Quks3b!Az96b=IMMZGx?cTI6lMrmK zyrxiz_ajkN&gT#aOqWTCIoF5N@LzB5D24VQybGs?JPPRn+ReivG;$^$%`b1dk1wP! zPx*qgvqdw7io1}A9(T=Z665vWO@sna_i^sRC`GwQ+*x8IbmDLaodiG}#ckMr5Di`R zxQN2Ebuc7D&8Ni!K9S!^nj)y=GGW*%s5&3dl9qPfcMoo5{>_n$$BR7b=&Zg;b7sRt z@m>;mD_&pztRYV)QX&LnBjrs;^bmF&P=OeG^c2JNM%=~>TW5#f)a5(Y__uB-x1D^2L+R5;K3ebN!Eq`4uHa z0%Mk}C=>5=G8eVk4o$RmvT`ZKL;AJ0cq$uxY>GR3V(?t!ZPt!xD<@~d}CN-Spwe7Tw46YsuN3`yvl z;$8nJSbLMs0E2m^1rIS%g656CFj2TC%n28nH3rO}jlyB!neXv^-mozhyVUWgVN>hO z+lHv?E0+k&1XxYAr&LK#ZTE%$ed!GgKx^Z6cIL(59iWF#BTjr!=tnt|=+0cVIeEh` zUH23bgDW^ULN0@Z?Q(IJ*z~>n4fRLo<>8@`_AlOFOg#%=PImCMbY?f#1h{MlvNEEB z!HhjvA<@LsU>K~7CM2;IZ!CL#T+rk6xkF$ugWhRERWK>x&5Cw_&^sEc=o3+_vlB)v zDTR$ew=^_Sr=<5OSwUA9<{EKapUaiikYql7qR3+)X;-4kCGUrdrccp&o)iQRy+$QQY6Wcn(4i58Hnv9@~(HOP?gb z2;YodU@p0!s6DPz7zxZr{9tZA+Grwg=d(A8!rLIu^xb#A-N(u;^mik03iuASGt%cT zT!+=@ilR;0a5U?3rt-MHEGg`A|ERKI-%NsGKirdlVO=^R(0e+>#%xpyNF1CX0~mau^}uDj)3Dl+g$zBT|Sf_#~nGvVmHIEa!uTN zE%=04Z@Aa)Xi?EgUC-L%UyjlluF6j zVflHl>W>PJiPYFo1OJJYN}*drG6Xj{7zV$%J1`}uVwD|Sc^szzH+znG_+9YUWeTh} zzsR+28q|cU88y(2?#y=nylW}SY|;p@$@lBJWhT8C~26b+}Z#~W)P zH!Nk10n^^jibS4ul_RGNOxpD9$Hs25wJn?)bipmwQM1D`>#+3#{o@X&0SzAPt?+b) zLaN975d=nTUGLG837kJnFUa`^KfI$g&AuX4ZNA6#lU-%^#nD8rf!fE(hzb%q=}IJd zg19#6@)n0=BGej*UE^lkAp8s~GUESm2=ch>jY{h?i_1guQrkSPfU%IBx{*9~YQFA% zxOEwt=b;nu;e&@5_MLq*2KF?C7&<-;V-2dZwmRXRyv#B!k>~X+zMLvFyS`SnLhe;I z7vaLL;tAZma*K&rA6B}XI&REWh%H5xZM#_5&nf@DiT?+B>{U4>8V9q!u3qxnl&LQG z`T^UHjQ(c5g-^8m#h$t67kO!yvL$9OFE)sLPtsk6a>eIfMYyFH+nak%qK_oP(PEeU zardET>Yi)p2Zjbw@a#t|R}4*D>a2Xeyc{ZOco6Ck)mQ>0@E=}D11Yo$E%5=fQ$sZ{ zzxL!Zi$T`Zn(gBo_Z6PA)7Ry?KYZ=DGTdf3nK1{u`oF$ZlD9tp+YzqO-Nm8Dy@?3G zuskHc9u4T)%w$UbA(7A8CuQ2oX*cah49y4A6j8Chfm^2%@nVW}OzK=x zt|^1CO|xBNpmpYHbBx+_{YpBmbDQ2UFvJ-2E?Vhc)(;s+Vrs&a;qeq%rgS;rk7^f{ zOot|hJs@7tSmi@{s+AWrEfLWY1rLqN(7_)p>M0=RLQu79xRdxZ&8DD}TCk#T*&VFy zHizt}twipLzg5@tMyy9BMd9D)1JGp^%PN)pM~xfn4_F5E&`bCXJov)i2614nK8@5n zs@by#HI1(KBRZ@XQBZGXOI9YJ54UZ(u^18@-Re47Qw9X|tKuD1)_q955o6`rV^>oo{M&0I5 z(5>Dsg5S49_&sv5iw_5!Oj6ntgG1?gE34EeA@ZHaA0%)ajf379i3GISRZ4&Ta0Koj z_LN7zkr|f<{w!6>T4jfQ$M0kI755o}1&;k)m>{o(KcRA)j`bZGk;8;Nucn*?-A<1? zdeub`$GTC9XJ0}6ec?R202~h-2fS$NrC=?OYkrXg;!HEVJgPe=qZO5>2c3ba?Mv4( za6KNP8^4XHrbMrrvoCFk5uG!n66_E(zK2v`Ax+U?4)vK{QDeqjCS~X*&X#1O1U+cD zCUsCR&C7dyd?}{0)l}MYL~0hzu3?GrqU{e*?e;n~ao5v&zr8AqG^c{WAiy%-GiU4d zLmw+CJ;l{op!=4v@OA!YU7YQJ);&0*`-d=(A78Nk3j*EHii{L`Rz||N@gpN;V^JZ0 zJo^Eu&F2SU6H_$qrr76;7`2{PWW)Iq=)DEn+}aj1aJ{Eq%}CvA|DLY1-1<*|*0Wzo z;I2-|wcTA*qHyHj*W1)d z7J`ZSbaR^HcKO+Tt;^ib=BPED)7x17r8R+1J5-v=e*fbmyD_{m{0yy*mju}!h+T|` zslFwwSX2&p2(*Z5anwnzaydkX5msZfS< z%!TfB{%h(xK>ck-tz5t6;k{)k=b%FtNx38pffdV@@GP&fs#v+F7m5L__Q9 zV-vj5&-xwMYAzfoKInh&q;EN~Fqfa&-AVJQLHv4L0jeTGfL1in;a7mvW#_hsMJs_8 z3ddg*Sxf3+INoZT%0Pzu-$Ua{C$RsVXW&;jQWQ0h&>j;NBPvepN6Z~sQ1Kxp9WytX zT}f$q-*bMsO}_u;mQc3Lf6d_EPVYA~Yp$gHM^gNHb~1=U0FRje8?}6^h=Yj;58tWu zHCT)3P7$;=`iK4bzrsQjn1Fc|I#5(50#$sf=l}hV*NEQ<#>~ZEEEFM(U2yOo!T7wf zeff_Y@85g@C?{`yl1neL&@eed#6OwBzmV5|e~mLddJ6jwc7ZzIX!`<>nPY;QUZqa{ zW9B^i5SwGoG3t13oUXPP8XiWf zGrpc3{qPGtWgm&UVg*Fj`E4sP+!hmDAC2inug_8=Cw^LoqK6-k*J#Th{PO=E{2H^o zcv5D<`q`O!?nG&*=`;a(b~aeuTfAQca|FtwTQmw12%V~;V>3)`vD7A*0lPIW&aUHN z6t!4SL!t7aef<^9>{2d1^%?u1{PH5KGDS$sKE<3nN}>kO*O2Z~h>Xs7bc7OHip4#w ztsb#ic$p$4f+A~=DS42Xm^5I36H4j@6QPn44)9`8rrSi?_Ton;*%Y%L>n|Ab4)7!I z7}X}<#lE4jt8WOFsgU%<-fXw#VCg8IkeoQ^mswy3KNwoj;}X?|dNtuSm(Ld3KK~$r z!sg)MCB~4Ol;tmmWLw{35jtTa@p48mCECjTXB%;R!o-x3=@WW<^qCOO4P9YI{dISD zJ0-R)$vO|T+6x;U4_TNr%j9^7c#t)#YfY>Z zJWdyN|Fk0cTKbK;M_>dUoyBVCQXFYPB^e1MF9I-?!Hjus;Mt6^d zncH<@Hg?q677Cy8zP#EknE~&wa`MKx4OX+17AJjXt&I+%?oKOmt&(s`DpjN)jE4ul z139&u6Us1z773x12*6JOVV9PuH!LOpXW~YYth<`==<8C6GDPaf|7#WS&w}XkI+?Y9S_E`UJCZh7kpOxPE9LKrksaM2? zo&0H%*x$i~`cG)(K-TXkF}dZi?QJpH_&W*3AhfJwI7`yD+o!=#|77KK5keQOUfgF% zFyrr9zp$;)$&DDO2Oqxr2!~F5;`OW`w>rIL%q=mj&zR@XbH5GNtL$8PZT~9yI^5!in#RqAg_jws! zh75Xo)az8ce>X%SLO_qFEcv7#>=bCm)g=9ql7q9bqXdfK_svo65oYQjGNKlZ#CfdZ zs*NDToJpA{qq?EpU+{feEfPT??5Pfy8lSIcUje@MB6_(OcGW|L;|WzPphzL4MrNi* zh7;M+etZNQG!b+M6ruW^K7rkG|E6aD{>O3EUl>-h`@Y$TPf;31`16^>uIx?At}%J2 zpYnE;2x*S`?{z4r0aoo`fu@69F%D(b5Soswn#_A2Eg_1V)bpH!%zYa(Q1* zKA(X5ldbo=}=Hi2@?Tdh^&{9<(M zwH7Uz8+u}UgBEvG)HAuc+Oxc~Ns|AJ z*#GEs!3(?=rG7^6U=;QxybN^5Usb+S;y)*4#(&Yh?=7o z&E-LwW`AkS%AXfl(VDNg37dze4gG2?r{FB0l^X79HY5hiV5heLRh()YIG-eHwb?-s30{8t;S zn?sv%oZIGa^CN^gT+G4={{S-berRctMvBY}c;J%pQ^46+T8+#Ksa4=d4-@9ajM^tj z-cN=UNBu9cG{3=VZ=t7;b zOAiY~XZ&9QGmf8b=HlyIlzYxGHiMnkv7*D={A%}gh!z|SB3Bm&DD~-YUQh$?%3+Rf zRirkC=vw@g*y_N=JL~W6&bc1mRpSw2nFu9URghH*mcBAYBiU6Zz<%d9NU{Mx=ZTe( zlRWJeWw9G7{wI~82n%-26Gq%R=KVe6)7bTj@;cu78pIkhCn+Epp7}DU_aI@6@{VrT zSr?vg|dqoKMZ?5%rdov0nk$ZcO&}bQ}jLf7JpN(;Jo88^!_CrQ=US zFq6}eN$>YCUoT;>l^2Yb;1~IPc44aOsFtn9a!5&H3?}(>6y0X#k#O6L=^Q&fgvgDg zU+6;)HUs5DEDO={#zY57O1I=!DYqhJr-mYc6qy_hRe&R+_RW2wV!q0%Ps1BLUVMk< zscZ~*Vu;GDJ(odEs1H;$)+==+mt9?N@5=_L)z%NziZ&9y5x&iKIC7m-!d|AANm3D| z)mm>vwo9ioCKAdP+ubdl_bOMBz$cyAB8#twt+tt|eukIe8ixL_=ilqJgP6KE@-t!(84e<8)+Q->pxQtUhX2z9VTI#>$tr|2T`^Mh^*i4EgBi)yI;sfs z6lLZ(euCUOCMjWz07VPjreSt8S2A*E_0PXyYeKmLnNGv;j=%dJG2^eryZTJzG42m( z&A?4^upxaYb{^ExXf~JjF&@C3z{V>JP!8D8QNXqs`MX|(l zB9vMiGpH_)Z}?5P6{FS)I#4Nqq!vfGG)p>~>}pz?08q=gwdA9!d2=I)gGcH8Z|+Zz zpkH3Zh-iNhAu1B9v>o1djHtl>t}|Ria)V(q(xON?7r4G4Bj0A`N-tVhQa=b z6MZWldXVy;1a|!od=Ec0H&G5t+*pPV_Bgt$xDu&Hu9{aK^!;zSK@+3-Z~YBcpo0=- zIy+b8G9+PgUlHwWl-x_;WFTFixYb=C1bip3iScxPdrgo(^}iaOw0cg^KceT_)m^vW!X|2@tt z;2_FM>H9OM4LyocqlnrDe%1y)!^yItdN+O zB?;1ge%6FQGR6zrqkrxy{F5v6A`O(B^km=gUtKiYRV6mwiWDVtT5eXPkeQi~S%&QL z$R2*^zC=F>;il@T0aN5za^6;g8ghrh;|;Os68D5_6WmVWx(teKDLN}@V0CQBV(rJ zldj9w^5WIpaJaXH71hhrLx7bD&KRS(-gF2a2b}1^*1n$BcAC<%b}4zd)3uA>T{FP@ zwK&;3K!xcx=Ugm(jG|7gEAqDRejf~#l5UrKo`bmHb%!FlbJFN-O&2x2Laf$y$M*X8 zOx3{_xJeUUA|px{&4Sw@qNyJ3#{UFYGyz`r83AF4b&y!Vai(ppyE1<>$?e>!dB*`( zp%4^PN=A#i4oD{dqMI>-_5)*eJdcTWJi9O{dtv}^tFa_<#HIbFOOA(^IrMis#AsqPN;+@FbvDGJrBfHP}T*-o!>Yx@W*Id+wgobPDRL=X{;8Qn}OA*KB z6@5T|D1Ud=zvNYhR~{kPkVV}Q0PSCK1OBj5vG7Xb)F3Jr;Vz=WKK^dqTyZWPLknxy zglnvm!;{ixnUcdFd#HSBOhqxD+ER%tyn#3+*M~+PP{FSju_z)K*X_%LoV_rdavMd#LO3MmA?l3cC-c{E3Wl{r~cTN zd~iC)4T=r79m{dA5qd8N@p1|?{I*v1G_z;XoaE!*MnPL@W(C%tN?~jX$7;I6%zOq&M(n8Ekz49C< zVXhs;zoSV0GmY~fX)tFx%BZ+0Z~q?CvbGzEBZ7xmKJ>JR#1!gdsFq4hERyht>m*gt zr=)Nq?PgAVB4P6qR+c`6)hW{;8l=~_#UU(EGJO^DvQ3CANJE^%SnQh#T2`fS|5jM3 zwm4Q?7gEdh0SgNvQE*cmu~VRG2yqomzk5fu3V{E6tf9gqqQ@uofjwzzIyI!$2u^gv zC&J5gkK)=8Tj^PL9KY(*Jwr^+=ILwJa&KhtuvSg8>L}K4Z7EnSG!k%s7z&!BK^qhV+b?dGk{bzej2JV`*4E+{QV1txV%kk6!u0^5 zt)mJlaOIb!1zvwCWk8)6odiG84cFg2P39ki+e!4e^Io9%Zg>Y>EOU7$+R~?UU3l5 zzn*MR;zh>~Pu%T+F-%iV!Nc2eqQKut#);*XIpn@c(h6;+;BbTfY!Ap7cNf0WIM@@Y zp%}=PA<;i5At#GagN=X_I4qfQlnT-iVwM%ut^FFmBuzT}X_X`{?B$!Eqejp!qNByx^VZ!;RjrkoHn0uT~L=#Dvh1NVyK;f6WYS)6$uYN?b`J8^x)cqZ{{Wh;}m6HK|CWo=?^c_WyiBloomQRM=j^2*$ zrQS;Ingk*4gZ(T)$)+8i(V{xd39RfQ6c}}JuAew_hn;-E2aR{ovKZi^HYx#jR3^7* z`Qo4KT^R%BM|9=d;7{M3%{xTzW3|D$RR9tp0`({?r9p>^pY)#+TAgr>693T=^8H>m zi4>{yqJ@fvX68Oehi%B#rC|=);rb03;c@DlqQ4awxld4@gli}7oQUNGvwg^2-tSQ3 zs042=Ca87x9zbmtsIDb!!<9Zg5L00D5q&Y;#iH0kcT%A672sF(O zp-!7?=O+ZcUkuFWQ)@!miS^=>c)Ohrz^n0NbWJ@Vle{~kK_@Zkr;~SYBx~O!HN6XI z3%!Aagl$d>8*FR<u-BA(VKgjfXMle~4ms+4OXQ8V zLIr4koRe&N*@_f1O(pYIPp_DD)>S9Rg?{X zsI52oU}S*4gQ5dFX=oGU+}hE$ciWQR!=G*M^;K0Sf=bF}*!mk^6NS^j1u;#-E&=9& zgq{zca)RaXl_9%yN?k_!QEX)JHC>zjlSy+TudfUZdZ24Y*p^&+;k+z*v04__3$MXS z$k1mTd(J>?R&2WRqpK>zMEir`{I^?vYDx}pM`h(e91R|?X9Q`T-`KlYwb$2rw4qw> z9s_Sj!SEzNLzh}vNG|D3NFi26x3REI@mg?=1(@I7X86i%f2pp!w-V2^ILS%gmphy* z_Ma*ODKb!|$?usjr6wjWmIgN$c(KWcmcam&&1zgsn^pM=sd&7HRo!=mPOoaJiW1~3 zj7oMrMG|MXwBm6}&v`ZYpu2-H?KhG_KBV^9*b_iU;N@M&PQ=KRG($_6+dKSllA(Ed zN&VW{eJ?6ci%n}jte%Oh@*W(Ij*p5FeY{3&?#MU4%DX}{{tJw1QLB~-ENwA6wSD#$Lp%U;K@07hpQVU$uk-sQTJnuB(GW5!SrVja zw5TtqMQH+K^!rr>SSrr4@-eScEL5^x+Zo-IOw}ZlP`0sB-R1YqRK72&-{x-FJz=WYpRitlU_uauo)Goe{!j(&b?Y1X=o4fxFLvrxWef!!QVl}R}a zjBq#Q=n-w9y3BT6wdYBcmbXQUt!@!YGxJV#05^MwEbn7A&}lF~@P*Rw`54}xm6Z@m zp2M?UaHiS;^Dj}()L^*{z^U*N)*! zy*?Zqs__x1RQ~E&8hE0j5lP&@xTtOPD6VXseF)5O-hqvHprK;N6}weCI$j4W<$b40 zxALg3%>F2=p+Y@S&{~MCvjru3$hQR2%2|OI4vIk{5LkgjLs53*&N3(%{LpNnx|;QHf*xm3^d!y z>y%(V5nYLv`rs$-^Uf^?a2PW}*GAUkYmSkps7qc(CC`H5^0AT=s4$iHrPfA?wumxA z_q{|w@p+F|pr`yx<-w$PM%0Ry5)ZSmHymr8jd)|;*lWr7@QDmX-`h;%#%sI)#E2HT zgC)?jE{i*Wr|qsIGUz^CM7ci4_~iMr#&fINv(c#j&=(LTSz*w(%MjOeBdXU$AacJ= z;k-K4ygP-U$CRZvl2R~Y-)qgv({Epw1a*U*&R`H0_?uGBV5%Wjl{=c;AlFm7t4Dmv zGzztj&+h8QX#?;r@H*FK_W?2R?i~6@L9OR%_K=M77dSc@<$6+LKrPKi7 zW+i!tj2OOS``U#0St+{grT|d>+X>v--(MJzWP(#QT@_yvEo|#JhL8gUr(v9UOG@@R zru_3Y{nY}{@7KAh@Q)1&6Qj3Z+8GY_+!zF`mGd?y@fHeO((26_clbDkpssEL3H`!b z-g5~G^`GE7OrcyPTy{*$?qkoq7f=_=MK5;?xhvCRk%yR6*J^+A(j37jwrJ`042U zL<}v}h$(+*YQgjp_;htJtXb9d6{v8v{cxkW$9or=IFAZ=7@Yik*cmSRnQSsp>~`n*!o9ukpSPZoScG_h=TbY! zUwx7BZ}DJv2SCaIlkmCQHa~ZIRB%U;eI{Z=)2;-HD%R^S**mG8^lh~zj*s>CN+ zSnvD3FPvF9J{%RCjl2e{;l)B4n;7b@&SNDhg`&I12RM-#M-Za?^OTAYlB!LydmK7q z=<*nKiGg7W<{rJjxa_5kyjZ`J_^K-HT;cmZA5;{r>{Cz(ha!z<1tVFGp>t+btmP$b zr0NlvK6Fr4uz2u#I1{}79sG5lAenG#<51hCMz8%L^$JG|(N&U!>DMIN=@TU6pMx6A+WH&TQuiUn4}){Q;&X)5iS;*iI?XE+FX8EF9Wi(r8=M7JHEEWk5CDMph2 zD{Tka4yU$UO@SFY1y|^-8>C0+K|8;y>_>=Uj-b2kiZ^+0J1wWa%Hqw?8vCXT&E>=E{aysLF4=2Xqgj=L*-X z!8aO7rgGgM*cKNHzBeL#+I1zyxvNVekY`KcA3-wzE&`1ABJDW4e))5yJa^+_lBU9? zc>ubXr91scxZ)|W3!pRuXgko3yd6l7gHYWA;t z;3T5D;2aZ>3eBPyPRmNFql!PnU|n9ughzEH#MwH3uRxn{(D?Px*EnTmZpAJ* z6*eCzhug9PaeUsnb24y!yCXo~X%)wL1X>~rl=(#~YF-rXk#6|;3B1Nv{|%Z73|+iS zrmT@h)p4ffb{v!DCNj@~u3a3kEUp6==$Q>~B@9%e6#VH@UHE$R6TpG<-2Z}gv_*{ls-Z{Tb>?hSm@!GQ{14(9j;{684;*_$%(f%3?^OEb`&n3t z#Ihf_Hv|@IBeh8NMV0NqN-rv_*EK{$`XePT&-QF{%Qfeo$UPi>iO>r*`;$k23?c0V z$9p>!6CNvRWg~-R&mAM@;cxr-d(ntyucJVeF zTu8MTtZM134WP!>4SE8&o_!WDGMa=!g3g)JW)w1WCq$~h$zsV+E3&L68D0Eu(x?A9 z8>$7McfOxsyKAi96;dIi`r*7)BAS*`=4cQV=G-F%@8b8iLz z2dX{6RxMJ5P*up0b^e!?P5!;uuzOh+BYXiE_}=Z}p@mRh^WjG|%bo-cS)EAb{1_$Y zjkAw7?!>;8@MxiCvo3ekV`6+Y9sbL!us(j25u6`Ib=Z%D0A_T58SQhb{}#}ehw_9T z+Y;dCVY6K7THk0U_3r^GJxCqfxe&X$G;$5n9Y(Bpd!*w4RYD9_wt3Qa8UEY`t6S&$ zK40@3v<7eI#FLwS_hU{^N|peG(R?U4sE_-l~d)g=Mw#<%$u4rtFw@ z$f_3W;9~NbbMleew;C~-L&fi{{A2Rgy-^(4MP!jZ&!3jH+rv@AG%Y1H)PTOsQD1%$ zUJj6jPrJa}yhvz9h(V;GEz@GlnjO<9+)|rOlT?~Wg&}xPoptKp~7koLwUdua( zQccpw_^qWT`Rap> z&g_{?N)!dhZVRihE4Nx^fqHe$DJ8x7grtBvL@F^=k9W0E`#CN+Fj z)4n^Rx0k<``5{9=WUE(emmW7pGLhrsGU#UHES)P5(?|bljLBP{h%`j%E{Njo?|JxA zn{2o-fl3S@2S)Dn+g7!ceb3$ELn3`o##r5uBy}t8hN9Ft)XbbL>R)M=*uf=2cxq-d zuCABPY)G+_g?cNaD2D+lQRuEHaLjTB_NcaJf`^d(^rE+0Bqipj+#GzmvJ|YeX}>SC zNTcu|A4PRZ$qe0c0*u9Dj{nZ~Gtq(h)?SXkyTW7&_W+&MZuL)|T_bLW#A_uqr}#>E zH{i`HtTzOylrKF+1*CMN;UMlwPl7||LWf8PnhuGQ(>(%oK?lrkt@8x( z^KVw}-6rcG$w`OZ2V2FhB3M!=rpOqT!Fod1Y6Y0Yto)e$LNVF4tns1z7>+1X38>{3 z9|d^siFc)*Z3C4{WgtKN?~CO~KgZF2S0~*XKV_337ZKaTHm$AsGa94pe=;fckz}9e zgya1fai`IIRnhJ-ze`X=O(^si;{M(`CJQcUfMwB1i6F5yYGi~tO)D{zv&1YCM6)jA z5OpH2=&!T<_*nixCTU(vh9w8)A&m^h6_E@}qNJIZsXbk-z1+vSFByfNphKGrz49dl z1ok3oAW*Z8XQQqMLcRg1=(vz#u7_4=&zO*5?D27YbD}WZH?}?~VyldN6_!;%6!S+U zLZ|6Z$V&u;!u9bTPj>w}O!;C;;*MS%nRO)li;Ol?`*WuqzVrNK5X(sn? zW=1+ZlMU!%+j15a3zIT!mu&NSPNH&hU*w;{>uM8rtq8d}tl^}>DYJ?OBu3;g$(2Lr znLaBL%&rx=jAAg{KI+;tX!V<4QxIJRkM$$KeWc!|qq72*6BO;3B?uT1_PY~H5aZMn z4{PvY4kr-0Hbc#k3jt@ehzY(o@8RN|{A z1~awmWMdIq(Hvy5)f5i-Wq#9q0K0&-yH(Lx-AI&ki>!T+59z!jewT^Ly3-yUCaW3B zm3r#0Y-w(gl_V)uyCrqdtEp|z9+XVy*YOdtnM)Q#F}Czo>E;n6LSCC#$6_|BP(xZ*5vs1&O2SEj-tP@ut@&kGv3B8R;D z3&n5zVtcQ+YYoitt9Q&I{bk+o~P)$atu+D^+7~9L_fi~rI!`7@mClT zrQj@dT2=QWjwPt{)_2 zs6KK9)+>pxKD(z{+n-C*;n|T3#E<3Np!F%j?d&tFRQQh)<`4pM+@r-kZ|RVIj-evI zg2_04RX16p6hCrO?Xb?cP*Tr!M}nsKIm$3rr650LqsvRI$byBYX}(npa* zO%eRKxj%=&w^SfRt*2hK$jawA>qwryu(oZJPox^R#w5KjriC0Ob%^mtTJNJ zm%8gXKok?V`E;K(6~j;kEICJW9XG8iN&Vzh=@Oy}qqMtqrA=?wm)xVG$j%FduLHNWE>Zdv~h;|+uqbI`bedzG!`o^J?Q+->{}c_-w?Du@bEi`=Y! zI~#8zxoQ$k+mgF!wl;;(GEf$B7=BxU-{yDQ=f$kHaFYd#{3x*EfL2S9!#=alNcH%@g|iaay%C4bx5UALH*ss#HX= z$#MR)UOn(BVz-ITSK&d@WLb&DK&s|8; zNYU!?tRvE<3E09z=$v@?J9k!%DTQq9uDnHoXg4Lr)8@qCz-B^q=H4&ncw+>)PI_(+ zd^weu5}n)r8j=9oKdZ$OQj3(dju*}&GA0zH1HspVIOm<#)fEGIx#bXWqAqhR$2KRS zo3?fYqibhBY}5c6HFlHxk^^B@hZTlP#qiZjIb;FI0O59Fn=E**i{yhwL^+Jn{}#4a zL$6l-WJ{p(Z^~{@=Rr~^r|j*I-pJy}sX7;*$79yf_2r+I^Y|ga__z@(FF4Ais~6eD zlZ85My9)NMMx_XJ#(WoDlRQqzT4I)DsKCN04c6QY-xaV^b9%4y9itdE65AE;vo$Sj ziTYrS$$Bp+6-vrGl7`Y*-ptJvH`J5O@1oQ7R+OF=Hhtq%537pwjuWTyG&WCwjTz45 zo?ZJc>`N+hn=|BR1v;Wr>_f#eNf=0tWwha>(mY3RwcZglL2UFHUe+lk4E^YOT`5xCTC1xK0kvTI2lN6l(GB2iSUBb6=ZMRxB6P?8wxWyMVYO| z^=(LCN%MqL8nFr9G7t9lp376P6DLup?h#>qMhj|H->Rx0Gu58%D8w}cKB|(QuFT-2 z{1QHPUgmHBha6?u$nof*hQtrX-TeW+j_X_YGl$|sD_!kIi2V?}PhY=yrud)~ub3e< z&MCvx?fk&7L1-`pBt{iJ9xq=h7cuR>N4X)q8shd?MY76DTyI)ig~xD;>ikW<5F2-^ zGHhc>pedbnfQz?2eIs39(imalE)(0=+xQ<+z21|=Y+|A*jlBJZDSm~zI3GTxeoT@t zab^JYhg1J@M@|)R0lgO|zn_XoZf~W}PUD>%0g8IMpR%2{^VWz3nTN9FHnKQyXO9l_su=Z=g%9K}ypgdRVzu}MUigA%x zC%@fAB4(|XGSMA5I6lY?7Ob|decKX^L*)O)8}t~!kj3EPR_sQX5EY5n2$nC+Wb_VP z$ewn}e0N4z4kC4bokk7FnHUT^l@0ft{*1@ZQO8$duqR7c#zD}3Tj}67jq2={JfnPe z+#*&rF*@=Y6s{>v#Kb8f8|gMJ?G`eLheXFGTd@#J3SHc<$=xr#n6vTCM9`XLEwVhN znueBAkvsfgfw57-*cNAHXQnQy&N*G7JeL7PwH`BBCs1LKB1c(ny=uZyfuYfDd81@d zkJgu=-fkm|C`i959gwWvzHUP~P@KXf5%3E3uo6u`R)2w(7UwHG$R>fz7!(Z3SC2rQrC{ul<&#w7RXwVqjnF*tCllczH$cw~o zs9-@2Rd~d|a*D;m^5+zUB|grXQRn8Yg87p^N@gPaouY5@ZVR75G!s(W4>`hk;Z_>F z=_M2FrX`VNLL54#;Y z_S-;0tPQ6d(eW9lx60LChJWINuqXnhChl3(KedYC(Iz@Z?wmhM&IB6}`b=_l`t*g( zXdW0XF?>~Sg>EV$H8GX?dXdAO@ed@O{xcu&Z;^ZJqq3+VzdTkHI#qO#FX>x3!)`D% z)QLBXQ5)>$YE~ReBTQDb>w5_kK&`&9Z#}Fsl{WQHh!y{3D{$sQigZQ(L&mJas(Hg$ zST`d4x6_OVOCO}t>7Rap|8_?D zmKl6hCUEJAcoCY6R(!;vF9!8$gLWOIB)yR42iY6?0Q-@S7Whte3h=fjWO#jrey#0> zALf@U{J%MtWYJM7N2-V$tFj^SwN2R2OyCPm=JJKU1)P1mAB>aFIVQ@PJ-r_MFFpR> zK%sy8(jl!3l#lr$Lg&+-Ug|`JTAc1W!hgy174Vp7sZrxm3pXodtQ2_Ke$qw=K31|$ z{Ik*jZ=KJ_fdc2}2la#JS0bBlc?!DvZ}`^Joc`UA{=Yr?KY!@Qzz&e-ktd9pV@63X znm)BC{m&=<1LyQ#CQ8qttSC$RM@pLE5bg0ez*M5ZX7oS4HvZQ?y%)vSHa3)XVWmN! zrJ7NA*W&-n=bDNSZfR(MB_ksvBqe=*z8LfR|Iq9HwY}AH&^u*ime!5Bs2CVV$!L4h z|3M!9FD?3COu>8#sH?554-qobTh6?~-R*yJ|1T}HOA6+trG@Ph7FG^1|3~cl|1h`s zkN1Vta6`Fhx^qH9Ls#<+hrm$tZpAdLN!?G1Y(#Cotxk9|LL;UHH6nog{{M8wEn95N z7f9WkE2<7?$>%$X5I4ludH7kfP;J!_` z_6k8>>*ON_19F%CE@^mI<5?58@ZaT}Rt>Q-_B`*gnco{-j7huCH*Z0jY&E9~Z-0{o z=DxJkP!qu&t1S`I^@-ZSlX!LJmh28IY+v|{{_iRGP%txn180HA9 zh7tpaJgc8QawpUsKjXYpw|T7x(|!je<`4mLj*KPmKW<$p2Vjq3X8mBhYcA~gj#mEr z?@_DlH!_H*wmBh(MsWiE4nitH=VchdMgdy?3;#`acHN;U0rAm`L+&=Q+bq0_t;A8e zWB-k%4+1R zWzMyC+0z?fe>L=9c6bzn|A0%i$P5MMdA+hiM|kmGH!70(ZO!7Ej=R;G&nn5*=v}rI zn5+|XI|QGS|8vL>A=;&B0{N%MMJED!xeqtorjNbQ#VRiRTbgc%TP`2EmLP=j!XO>+ zvo4+F6+MNFKV0O+ouCQHGwR=m&`XHC)rac!qY>)vaeVE=D07O}q`7Asx4;2JWhlDw z_tg`{9(78Vw~1O!V8*!RoMyxBNCnBFSFB}$ghd-c>`J!9#$n$!xG}x zuH878Q%d^?!y_~<@27rwf7c?ouR;eXs0VJ~h@K1|?Iy+-jb^ct$?5TvA$BQC95Q`0RwmIyz=a^kOI!%)LH62IVf~Ol>QM08 zDnM4BHe3V!j>>a)$4qpz5O*T;KO(eGMn)WDF_9`7wK2p94E(RrzdylFfDIoO6gDN1 z%(jH3uM-icp{etcBTTua(q?qkE$5L?0Y^(83Wuph2|!EGBqovq2J?Pa*m4z1@qk*r z$PmE+AtQR^@joP;yb1r+s7Fe=$2oV&toYY;0ue` zENqCUO%|A1QK-?uY_yh=lmeqTWkRXeg$<0e4dWHzdd*waf0woK=|de7a?sN1JjMif zdMaiRgiWGGjEE8MnuM*hIIWAiz19zk&=fAZP?~F$pXMAe>+$GZ>HKFoAU~hDcUQAr z>o_(@@;n7d%b>;TxwxDx(De$ z@A&CNIxkTbRf{VMHVFMow$JuBhyk0xa%YR(9^gofkll_gHp}bo(nQu>_`mlYBVy>H z)a*-V?>0H-CL3IXnUXpXAZSvmwv3SV^#xX#cR6bE>Vkg@_=D@Ai# z5MTUha_iv`rCgZ6MDE>a1jh?^fJS5t$8+@qdKZMC!?^%TAX~(1&0pdjx6l;|OFg4e zdv)4u+ImGAcTw3_$<6#xmXsFPgd#f`=-2$YhvOY$FzsG&`|}XeZ@`~&vs9L#d(|VP zO>l}He`0zjI333S_-#8f7{ZAAV|=*3*-}D@&t?5dc;IwZWt(SsB>A#_LW*QT_z_bp zB2w6cgj7>?l9iE6&4le$h^L7Co-d6V0`=d{|*gF*a<9*+OI8|EaL48=*ia9yOgl<8Ypq3KYHu_I5uP= zR5V?EusF;HFMdI;%O)^&17L}EJGD>E7nA|04+guO<1>Kyf$2qi+!m%{!LUgepE(Un zsAFj;;dnMXNH<>|q1RGQVbr8p8%#2_gJzMRpYuvvEGGO{X6snKgq@tI|Fop)WBp8y zlD=;;dm?CW;1)RLvS?bdDSDp6FE4J}rQ*zqzutsy)NR3jv0VG1dDe&L=Xg;)9IlY# ze4iv%B*Dk#OHdmPjpSI8|C;-%ykM;dRu{L65p(G~azrZ8Pg>I&X!*lNB+&(vwRmNE zzWi!OE_(WmOF&0?ohdpXAqQcWK2yb+F>T!kBhXzBduG5ARh?=#aLO5Xt+jVKzeX+S zLOUxIjj0QAdMZkg3aTHcOxS|lgzz)r={f3$$Q*UF9|?x!_m~_Da&^Ent`0~pk_%tX zIa9*MEaGkzKK*g_TEbN3d@y@J`wf9CYVFwZl$hD1

    rJ#T_IDO4)te5x`)fr(v8x_I)eAg!hr8D_;oh0 z$DQdS`r|R%`CfH>?oixGR7FpqZK4qbMxFf#X4Deu2{4mFV+CmwbbO&aj*3K8K(45Qk${8^4yXLm4z9zIuVfb_6h*X`* z_p0F`mmmap`GfS0biTp>=E%V2JZeA*OJkKo%TP!K66Rnm=- zl4j^WpSsQKV?&S4rvC-qS0QfO*#$?rNzv$zbp~E6+0+~H!lV##R4H+qDB-=6Y>C@^ zGA-w@IIZ1q0`Kfg`5~q+MHNAnTRa~smSL3vAXuiNEVCwPUvgQ7aOl_jTQ#m+WLliG zK-@Z#kmldkzlg|>B0iI>KC$9s04KEzG7zvQy8Z9wO8+hPcag%<#-wdRTKXL&6ey%R zG^BgAE2&*cwg1D^>gLWYJJQ?_Vchi|4uK{+%(UOQ;Exy{qwREIfF?3g>Cc+A2ISu} zGzn*x5v9dQKz_^5aySWU!2<7YJ54_BDtZW>q>d6*S+>YESwMtz2Fk<%GMwTU%nEk^ zNh*2542JLKG^V6X#Pp`h`o4ihh2w>EX^ePb0$E~0T6DIP5$NYfjyiQlFeX7XEJOA^ymytCjI zuehcfE&!&OFvqeo*PXP5$k>skw|zhD;|xHxQX(N}R%@+U70Cw0BTin9?z2(YDz~}H zEdy5)ENQ<#mi$moh%gyZ6nuG#t83T*jhPAhMVatg2P2$9qy(`GCLuqcBrN6HJCA`} z!kOe)rr%r|c0GH@^t6nYMJrBpSIX=c2aFv-(l#SEVqKwdZQ>O*6$9GG(a~S;h8Z)( zFj&W5!k}W|e$wVRWOz%zr}jlJ_G2Q~O7Dk;6xXy9B11uh=EFdhNti+m_QKal$hBm! zfy59S$#|2?Wk^^GKeUGPj&0lOBputfZQH6i z9ou%&9oy>Ib|%kSbJm¬|^%TYcDTud2QOs{6jK-vyo}#babBUlKPZ6(C|TE#wQ5&$kxV+v#0NVfH&FO6S0>RiOWv1U8b5-OXxRtf_&r zq*)1A+z<4pvlfy8Z84+&)1SrcFAg`~glEpJrHc zmteOzljU+h#+{%hL>1NUQ3TTcbvIM8BU~lTxxg+qm9BfI8OW%UI(lP zB_>EZ*!`*rG1FGO-A%P*%+x*Ot>3X=Hb01AtxA3Kv`KhGz}Ud=VF?E0j%p@yJNEmA<7;pI|ENO*oW}aQ`xl_u z7=OvnK_k;v@Ej4JlKS{~Wg+Zdp{?(N+REcdsKNA*T)r0u{iZ`B+Um@OzcpHMe z8!`h!BlGE4D{w; zT6l7HsMW@VMs37PXgVIv*HFP)nFB>Bdb0oA4P$$emN59Rf+tEU zgw(bd(D34~y>4I6#5O8U7^ox8x}ORlbwZBu2M6%Z8cce%EVjvxte(AUm=3N#p}Yk8 zRSF<2YJ8~w9)kw_YP-`Qg{ke@kB0=M;?Z)+9HN$bw2}(IBcs_LbL-mQ`fF)`UUbtT zSbPLA!u}+qVDctKtu?$Cw*HA7ph}3lI>9y_=T5}P1BZQ`Ac5%NSjJOoLZBT7+d%N+JvF!Vm8a7+fL%HH$nqj(JEW`}uP*YRhw$hDvQvbktv zQ`r0+{b5YPZlfLQh4Bk{kFJo?phQl1 z;6w%+&!hErv3NOK7Mq&ez!z>xn*}G7cRP&*kz-vjwvde6crP=*KcxsZZ3s_hdhPZAoF&*0>C_sH)ia-4y)yHZJP?V7I%WL9D z@iX>F{S=6tDNd{-p|Ljkc{eSleTtxLS21H0wXJSEw`w_|;rwrMJS{uV1-i*tBZj!= zButvdeN^G3h2Fu*<4{?Ou4NFK#J9dEU_Y0K`j(wfNoa{rZ}goIHocyqVOwUoVc;ABOzFY<0rbqa26yr3?s>u@F3g~<` zOR#UV)8r&EEkm4UoV%a-HSayz5e#p&U>dw0+d4yl6Gvp@QX@N36_J^G)gx%8nTwj# z;;gi61ivbGAPVG zW;FwKKCzOuA^B7lSLz6^NW3JMR7(2%yIYByeozz*RU&pa_?heOtJ*uD!7KaQOT@YR zZVm|^shBuK%8=x(t3+i7povc$&kjjnv7G8BB*C*OzwHF2QDk)z{J`3^)$SD~CLpsG zY4Ev~G#F1fm)TOngbNlyc)v(s_F#y_O^B>NL|FnB0d~uikb%&=&p>pC0%aLK8amjr z2$ixWXZSMLGFZTb5`1C^%iLB-M~7vc;*9Or84gA-H2BLS2-9iEJL8p)%%?-)%tJ@Xx}}<+Av2t}?@m)A zwt`-#4A(yXxZBnALu2wh;hh}T?I)Siu0`Jwr%R4&!6&T~9_9`6e~`Enk6{U1t4JzQojfi6r1>zV;YXZU^*&;;2G ziVs*)-D1U6;57~&e{w={n+X^}!C`;Tee!MF69gZoFmCYS_0^c#{0z^)8PSNL+(z`& z5Zk->{xDO(l(Zmr;CvC|cr- zbXtvO+jt;7gx06fG_T#{Ef#2ATaFJcC*p4h?Pw_SmGX!kku1bEYZcJXfyVWv0PH}d z6X_=OVafSQ6@H!CZj0=r&Va8jj)cD_rz(x^qnLPlmvRzr?FqhM2)@)S?-4SuSyqAY zu%_wG-3#;YlUGe$Fj~v7HP<-^Lnb zhz`o&q#cbDsps&)ZMA=z1cT7n=1Cd&k-O{d@ec#X6CR9Y!LAB{TascMegnAL@fR1% z0zBDKZ?Kfi=zP_Cz0QK^0^5=8_iH8$%qbuFIUANkIv@`uqVHfU&{ z6J)(yYXcpf^XbC%&08J+R~evZObGcx+3ju=)Io~|8>Ng_UXD#nAhB+h)=A{-<^E~4 zK+<@*eDkAD#Qm<#Q56|#jx5Z#F==k#B+EY^gl2=RPG3VSF7A{H&Sc*1w}YT263`VV zJJZPB*AJinNLdgKE%tR({~I%I$^}n^jVkQ!yg$5@j8nWI4rmGYcraB4&q&`WQjCrf zTx?#Ub;K}#V-lcm)Y!lhH=68<+98S5z~D=}9lSP~3~XKs#{e#dR_qa}!XP$4rp|Uf z9i~awwrC>KVGr7{Gv{(d#n*?w{3=O~;*Tt$D?!mlQ{>Sa`PPPjl$0KfTOO^7ky68) zOfZt$5W^{m1LX?TR+b!2=6bH^$sU6F<>%lluQ{W(0#(ymR>#F<7+O{XN=bQQT2aQT zqQ-rpg$~;U#Io!5!KuL`Bjqc1i2cJ8AR+*HZhNI5Cm3u;G?-I-G=Hpg$y_yz2c=pf zE#^}wTlniM|1QlY#JwZGH3LRF(&2RSfVQO_76wqLq4_QI}s7RyLnT)=U9pY~@U z`VNY7S~MRflum9`05Q!aF)wCH6%`3ozwFe|;gj#4*4N6B*Bk#07CmK=lu|3S1w1q9 z^?J1q67L*4vw2u2q(tiI9X&DXQoxba_pR6RD`=VpS8BkRi3{v}gR||FEZ3_L%S?{l z42Dg;@Y&c(RVls2n*8HX&vsbE`Gc=g} z=8tOg*wJ5!;-x^OlGxtPke?b&yr?pB<*Io-5ORcxcIalP^@gmmihtxT>SZo#1=JGnJAz4eS-X9z=_4kfUJ z^FK=-zDV-E5zp>t0q{i=nGW85$hyUL&1#yL+fEiEeS_}pj^R`ZjQ@LB=duJO@bYY!viLl? zTtA>R4z@0%E}S@2mBP=Pbmjn=PyUQS!X+uz5>I904MssphCDV+CFfKPu5y1c-%>@j z~C7V|i2lnugOsruxd){qPZc>VHtB#90HJYuTgB7F>W+xnF zZAMQkq@cuBHU3x2HZF2A6M(PG%5oqA^1Jxp{wQ?m4UVs|WVS&AHro;B2UG5vRx}^m zmtd~Og1%s#$fg3aOE|~54vPd^jA3qp@)tV7+%iud9L`b1p`lFn(!P@cX&2O?(~MQ? znG+Lkvo}0y>n1exiZB9svHQmu$5q#-H@1LR8=gd_l+5An5wr=M;DuPIiQ`914a4!> zrX+M>PoZ^Dz~c>+!T-Mw4&yT#s;B=LJ@nLawGaA94l23pPcli?dp&%th)(q??Drs{i!r8Nxm}Q;nJr2{-l<_%c=Ta-R19rP7pUmqW9!K zMdu=BDwLU$d*yS28JI;4s08?toU;QF@cGQnw)=+U5nwZmGQrS2>qMxn+11M20(7b36`q3@pVki$twDG)oG!VL+Gi zWKV`rt#`WcI|f;s^ZW=DDV0j=cQ*musK)brq2_VIfl|Qc$~PU`xlRA@M*PP%pRNU( zD5rJlo$YH@*gXK6lXJqzGn60#Y;*sE8gQN3ntc$?~)F%0wl5kzxrh1mhgSN${jtQ{j)IIOqo2IeDDT zzM7Z%2!Ka~DWvD8V`c!Esv)t_y=J8X@r=oi#5rRdET|L`Gatq+_-r2iw|K{FRBO-iFhPO)qKK&w{l~JFZ_y;5Aqo~MS?J{^J3H| zQXcJ({Y6BT0WNR%Y|Bwh4$hzQD>A2FN$zka_$n2E4pTg=34qaKf}ywQ3Wy4OSoj_J zs5h^*;13f%`4l%`Nme%Ojs3dgl(%uYSn@YPBllKtN=Z2Vl0RgKKq_Z8N0Rc&xMEDG zhxp~&TEyLKY$&5*B-d{HXmFgWqaVMJ(NM#n4wGO7=de5d+RSFI zt~@HIADOe8&riamIz&|uZljPGPLwSQX%neF6@I>U%w~^{(veT4fhGPEs|3%(i-d#{ z*ckE5nirg!7BA@>iUTy{JBh^~wo<)0v_AA#fnWGDfNJqwO+F*3^>_ANi%LY{qGzOO zQ?IxREiHLWw)#&E3~BOSS=ATmow)cTDon`!w-U|u@)^lk667loY;kTH`)1v!27J^D z2>q{)j&tzASoh;~O9LdcuiW=k1Im%89C$;W9IA42;Fp-8@3;(QJU!mZU@&&H3?w+7 zMZ}$+WONJ}h2X-Q9^Akbife)XUiSdyX$VvglD^fTLl$vTY1{uI$NjYthjqFiq8~+M_jW1#~E*&W(nnkeX-)C(~ z3{|!wl~*y{n<=PsX-Um)CUqoySp+^BM{|U(u8wl)i>2jf^L9TE7n2B3LRc|NlC7u* z_Qg_U^DIPLju+H>wv#RgiH00&U~}b!Nm2gF$eygu+V*yh2PEfS_*CD#dHOZiL;Ohw znyV)^_=B>ej1nhdF-9NY(6EU9Bucv$5=2J}c^kTQIP`=yg~k_}8zXhMGb4|ke+){k z82b}74t9{>vl+IASH)sJ(J-7r06%oB+#o{Ktl9dl(HOE|g73gPj`LFL zj?u4j)*a4T!~|a<2^Lv2gF|Xc1IbUKV8!E-kO}5G8a5Cne&$kxd_Q|Mz%C{DjzY~3 z-W|?xG0d0P?y$U0NpgdSG_L>5b#8il9B9d}!%+J#;cOZ!aj7j;4U%!3TI_a34ULE( zF?{3Y{3E}_1(&2Gu%in!vUvMCV9B?Tky8g-Whg@&dq=!|lMqtANIWQ?s^#ud><#+Z zpkAQsnNJgF3Z!H5Q!6K+y`nBoS}oh6t34KsI)(VA)DbZ%ZQb9CV}E-S*QwS)EOsKD zf|x-{?gh3GDGE~2X`dt(j7Dx|YcX&`byuPc!e>*TLez_f$xaM|nUrCNQv*$WH=XPy zM^t#B+KGk^KH`HpJnXKF9Bg4^>T*clvEDiMHF`jS*bIns-fpNP#%!Us=8~mpS)r!=0lCWF@|;C{@{~f z6D~Ps&kb+{J8P_-;}}j5?reC)+FW+Rxje_$a+6t=!+Ib)CvmI|o%X~qtq?Iu`(~me zBJTq=otfviC%)d`O2AG&>$Ra6733x5bX;YKXF~$UXF?@T^Nxgp9Mp+K%`5(rbNN%f z>R6}&hVF-|=GFXslP*@&FK$v=Lx!@WS29UC&UHe4 zFK*v)E43J?j|3S1)0*vzE%1^7Gsg-lB}kTDBiQ9TOI_boI5UmJqoD!exbq$uAKXZv zEZ&*V0;l8l9U7pH1{MV-Z@iD!>(BX$f;ImaCjS40-~UgYT{qHyw0{`ptlaR3dLK)< zWfF1YaSz)IOAmV)urQ%#szCzO(8xP;kp$*ERI3TnR5&GWabbpe-kS$?l%g65cn;X}xg!{c;2R$9> zaqKRVVMmNkUSxXDr=VVy&cbVb9_L+mNF3}8Ll|6LQ{+TjSiB&@?+Y4TGI(&Itgbn^n>%`1}HgF zu(~enW%OJQun?vKqsNg*jA0h1D2X4YS9G+@W(_~D=bnxg1bQiR#P6QTNcfq)aVY&E zoyF-sd+=xyTC)>snG^-ckJIziqAK)=^j}MO%?N8Up=wd4c)ptJQRnhm+JF2&GLfU^ z8;QE5Hn;iNh%TU=CMXYvc$ArCf45?GeOZ&!cL8uLLBk)A@pH%D@+g5k7fuyYrFXn_ zyawAPIzrO1Mdh4#o6jbM8}A1PMZ%*ExG88V1c``d^=99S%JVjYvDG^Z=`Nw^yj@m# zvP!^MNVRZ7nC#1ZGhWZ-hZmWnetS5lpVvJOWCaU*pZa(Q1qgToKR^L#M!lbt|C>tU zi)@bgt&U-VIkh9gq+>1&!4VryY-BiJdR+>!-dg@+D0kF`1sdB&)hp8`-)0DrUs?Mjr1s3K%o3Hc&> z-lp_QqYvfcKF|d`U#I}eINvOubh~Vl9no0HWZ&*4+?QSC-+Roi5vR^ZWXyPGWZm*~ zJ1qzKJ%^lbs`Y%fvy;FEj52s3Su9AfWU-2GG`b`*h@%=e-7IUyOa`R@CpAK$pV=pmlb_s1{&*h*~mA@^d zL)j?VY`@ZLulfaCPto6}zn7oLHT=({-kjZjcWHiu5^;1Rbl3q!=Ys9%J8e%;FC07R zX`c?*7gP8BvUnfv7s3Ga(q_Hh9mn?_zkfuJ1e}KXYv31!LZv7tNSZQCQj%V4E4bC~ zCN>y^NB@~?KnDk^8EG-#L~1IE(5@>RChQZ24Sn=!#8ZXL&j-#eXg1#cNg=!O*e)!R znVzl+iok=KRhs?5c(<#e^fg|RRO^AABL|h_0&^7g2nBj`VK1u`D8!ZIRRO}CwT0k> zIj2D@G9gEmScBiuuR2VJbEN5`AAp5RfK#LhvQTgmJ~_$f^mZ;H3L6;oV+h466O{Jh zZ6s&ou_MY*%=xa5z?YJnQtp?Tgz)=%5z}8I87zO7UCO*y-CYaXXJG5gr}9&n(hw*~ zKaeayS(~?`PqS%CUzTD5ryq#WFI(+VgPUvIwJau-*&?L`y!LY_xKpj~)Szs_s5*uPJ3`e+*8L2ReJs8$*Ut3zPmTI^ zgm5?6Me-b4u?EQ(QSatDjU(PKx2YOQH9xQix?^O3wa*OG8EltskrjM$U*S_WPx#Ig z`uk|#uXBTe`)f4F5#`gJM2-47#2G;19z<`Fk z#4zb+Xv))02`g>1bN=nTl=bTo)+Y6dtL0O)471#ENLU(Aih6RNoG>?{ZsUU)C5gb7 zn~TB~#Y{I5C)}Qp>xgQUuj~%(eNEUv0baDR293qx3k04!*;jVn?mvLZ|EKNSKUDLK zX5fSByNpCGU{6qDq+ynw3~_3L6a=DP9RQz9?1Ic!mm@oyVFwyy{cCcjU5}MzMg|=0 zUqbNgOZlB?gQTSkYI&>Q`*4`T1BiLJD2w7dyojkOQLg(O%jn;_1Uyct#N4b-+NU=Z zLJ{%=MJY;+=H4WWAjh}aY&(#HnKjt#<#zRRlO*iTPc6sv#bFHQ|6 zHX;qq@bPI&BU{K}pm35E(niQ|gRPG(6H!o(rwrmwu0T)P6C)3GuARSA(VdE>^?j>> zMnTlgmB9l=I;ICIp~0Ws>A9h_<>p0c-AGbtp8Lz!^tBn%<#>su=2xtsQ>w!(oVtCb zD*RzoIyY}v5dZvg@GOJ@NR+lAur(5JLo{Gfa=Knmf3bUw51ltBz#Z&|dhD?LmST2{ znHqZ@>-$1(FqQsB!(ZE23?o3p4p3m@%{nLDJjcGPm1cc(G457-UN!c zl^GF8mB&C!DknNsFg^$MbH1dwans~^wtr0}$jL?xMLch#jB0%y866|!@Ap(7ky=Fl zj;*tsYhi7avw~^D-+PayzWEiA*bP@!zyxvJWG~8#X}Sc1lw%Z6&NzT7A0EaHcFay% zZDtETzfBCP%lEe>gE1`*b%#}Ob{7$Tus;%81X9vP%>J8}EDhx$oJl`9^cG3r$4xJi z57_Zofa9@?iv7HZX#afQwT4D~gvl)l(j_}PM(J88Jyz6ok$a^^7qnZA)WC}d+)32b zc2`{N-awM-!8HnX!0;kB9*?vpI3Z!4$CfWj4Zfu~IgFNyIRx#ne0GV^R`GjR(jTe| zG-eEj{aVH+VL-qR45oehM)dB#Tp8P*L_|_!npdsGdU2uhD178BM&@J@C-g8Oj*3Ai zmXVsJWukSM*ya|G53s{;ArP%5E&yBUl1@-3+}JbzDAK<^=2>beVUEZ|*YU!YlYN0m zgrb9GNa%+MepxVopa47f%zT=3X;GmV#AIB62sEzr-BLl>Ml>~2v2TC`3vKpA3IjLH zHL0@nK_m#U&>-J!E3)uWKoB=Q-Ze2$15L=V4vb9FJgt`)bMm^NJD7xx1B_!UIdlm5 z0*hDkl9q*~0dn3o26y zSWLJ>U&v1!i+5>i54!*>+@g6(TS@zw*LCY}chmmzsZdYHu#!l3*~I~g$f*B7K^6}_ zDxcYiEw}Y>zD6PUdMWFcb-^yB&JKf(1Z@yz1JADC>vd@}AyaR?l4$)tMXDuE;Qx*1 zo8!e{q44$X`r+m!-(iB&WLFQ%dYFlWv78t?J;qYp_gHT(Qrx0zcGs2oV9mrCHrImYi zN(YZ~AgC7B^&O1;td7b*hGt;t?pPsjUw(cZTib#0Bz)@{K;hHmfgp$KtYuokH(VuN z-I@-LttN0*1lpKU>izx#vxHsB^bVW&UeyDg!!@F2?<{Cyvv*-A>z`T7EEBY<3ivvb ztb+pOBE?tstr?iC$1ug$iWpXmv&Se76_p$|R%oDqkx)b(BfE}r_kAZv`pEqjeih%p zl`8)lpX!ztFUa%^dQO4>JMdP_a=q-6P}`vq1Tf*C-R~k^HdYSic#|Cebzlf7KX0V% zus<;+9l3pl#e0|HqJb-Ef$KHE*^{2di#mY{hEzk8S5Aj_9c8t;%qvytjg8t$4b!U9 z>q$Tkz<3$>DN8xiSviyNBP_GtRfR78*t|rv7HRsyK6K*hvEaGugd~ZCof8F@gT5F4 z78Gf^CYX5->mz$H`mGtL;wM6E2V+dH+&XJ!O&D;;*Um_e9Ovf(lZYO~n5sLNFbCmI zr^Tj>xE|Y&^31qwqk_@T@ zle_^xx8z*Tm?u50`rIu>-Qb+#gdPCTIv0(- zsD=F*=;p_b=~V7tPs%+b`|axU?UHg?zMfuAeL0`wj`St&e(@^+j1)n=Q!ffMI?NKs(!0rLqzH@RTuAUiu9 zmApWhy01M5RJjE4m0i($L?08&l>h^Oq>C*i><9cbKy<=P)3Hos5%+UA4)IYDX_!-* z#%yeFYBym4Mq^JS=0N0f8~CWDxaxXOGJg=^@r5NBXvrOUEW0wC>*Kh7p~QCYuy@3; z=_hR#Kht^KyKahjI-!+-2OLEZR-yNy2I7)%QyUm1vK|R9Hg_#IlY(8UAyc9T*<1TM za^?EcfHG}BJPi~Q8Yrl6j0f!^e>K=P;OR7EZbqV3*yu-6IKqlVw1 zt|xg$t~TvK`qCRA^|s;zw<>Q+$mc~0Nwey;1*53%*^`Mcd)axP>rnWL2K3S9EW(Rc zp3WyK5@@rNj+R79OYgBViR6@OM|5E;v5r{-!8+G@Y7gCNjAT67ViSEEXEK}jp=f&v z^Yp?Ib~NYnqzByeWI3eFGlEw7Lcc0vabiJ_%d zYDV|G+3|X3%J10uDU5WCSSfL|6=O9=FtJ+@WwB~+QZNv3hH&`0pmiK$i<}CvQ{D!V zxPIGwxz-*WmogM?&3kEU+;cORtEzNSt!;$;e96OK_NYVV!q`KzzA1Nsk;JAIT0Qma zpJEBflrj|r?+KTeA70XJMSN_08j*YZ<8cynT7~iik&^<5|K5z$IST^iBMp+c#^kM z!)Jba;H*8GZL43V71+5G24Cey%gXku_c$S5P=pA!|1N;JH1p(tFKliifWS7p9{I`~ z#>lBW!~Vz_mXrbm3f?wT9;*t6v*eti?dKouo8Yl}WOX%JTxy+O){yyx)cyz}q@gh$^P}I>4I2 z?e?z#vOLmn4sLE75Qg`KaVu~i!wQ0QdJQjP_xL)e`O-z8jChyjG$v3j;#Q6j}StaAXj(}Y)Zvtkv(yK%?t zO(&GK2VFtP4Y%WIQ3g#-tE-= zPTB)7geJR!L*7=*aYlzDuh-*dL!*~xA>p6`lO=5E1Gy-WmaAOtUK5n=dy4!3HUx5n zk}9QqA!8#rN{Lq(1>AJ`CeGE_NvZZpUg%#7idsoA0-c_C*bCCmNgJG*i^3Wrbk1^S zwQi4;?$2|w+36R%qf0QRBw4(gD=YzWvr^FpS#MAF)ngQYnkc~au%;Ue3aRjWo*t1q zJt|>6a*PjSQ@aJJk$m8A%JUCjKe@xf5b(>|Cz%wyaTk7?m$5z%_4QA}yc^~>%;>;Nf39hJ@MG_3A@6a!ZHa*>tYDpQ56}a1<6_i(E9Zl4K&J+5FF?9{dl&KELrg~N zo(^tzNI9ZzV}vlmdh`mjfDcN-3A(DrKe7-}(Z%t-&LdsU(u$LpR@Qsr8_r!Ug2QBy z-%j!C4!iW84Ih_(m!!k?oKP;v$M)Ld@n72F33=x_SCw3ewdB?@w4`JzD9y6`eYO=O z(B%WG6}u2ehVZ*5B>eah4a$=vP75xK;BEnP_h|&`I!ygxJ8dm&v0&=vk$C5k0aqGc zB?l5WNtTd2Sgilj=wZ+I5&M}h+>(}SMaj_o$t@qZsUd>1%&XkB9}7U^xuuso5EC1C z`L99+L#98K%U>UHGl}oomH46!xaM~oE`R&O zh2_9|@wdE>EqJr{A@VS!LC;oWYc7il`cZ$}cfcb^w83?Py)k~DMc_wsZZ7=HZ?>j` zIJB=W!VbYN41%;X4(57i*!NQ%RyL1svn2DvJ@jlZ+wclg%cqn;Iv)CFBI*QCB2dQ1YTj(=tfN z%d_2tX5e%U#N+*q`b+j{-&CUB0&F9j8XVWI)YO2(4WU$Q$wKrf}2LeFqj9|x_q^aUxxQDG2J!0reX%o z{h`Ju^$tb(=b7?ZI;Z>8tn#x?9~zC!X#CC%ZMtz+xvV%|K;Y%Y>>DJS67u8l=Jikr zcm{DV*sXdfaqJ0Gbal+E1myx%#^!oR0oN-xDZxs6mH4|TG_?|)Bb7ODK366w{5E$lgT)Q2T3$)mxJ_8q!9(490?EYQ*$2t7JkqTtLxDvMluMKrQrKnykr%DU!P8)F!_K%@{yS%*YDzIi+ zJfk`r$awo9=7d_Rcmn<${QNQR9)HSabRS8d#Q&j}`0uU<{Y;o}8#0tR3ozipNepX5 z61;95Osm&DFR!y1b1G%WfJZGdC4gW!Rp-#YtSBc5k^?mT(&Ya;U-_#ebj5{)G$1)E z6#5MwFso;qkKNeyAN*BYwsKJ(L*F%v$J1Q{>)UA$;ZBv4OPQja&CXw3ESjzHf3z0< zdtpyI)c+`J>ocdWqYzudX-#pf+DP%gU-Q5Bq|$rS(*0YTiXmuzV8TNVq+x+6bt#? zs4V>$)fc(pQHUZZXZoTt-@>x2(mBHO?EbOg{;$*O>%R6*$Vl&Ir{9chOpy7xwZmtJ zb(fWa#v$t%!rr>9eHu_u2-Alufw#_L6g8nRcQj`p;Y?O;#F3@*{_}QXG5Y?ylj`gL&I%*9JO9#u4 zw?Q$LT}lwHq-x6W!na(BmKq$1*CCvpQ70T&!=1vs5;Bg(+&>=A6ds4U`WKIs7+|-` zP<$<1j6Q^O6d+z+UYyHc!f#FM7kbRqZU2Dome=Vu(oRC#6N{_ue~*iREPsFV(^AS9 z^dTACX(GiVp#y-5s} z{iJR$0}XAUJa%=1ed}^@+ZSR?8s~mZDYimm8P=W89jKhrX(u(V&vY+Ng*j-=0ZQ)r z9-tT$o}{7%P)iAIWz#>@{aFs-t`25slGzmVql~sloulc2=^cy^0v;rQTw!bbYy{^5 znT?PrGnzUxb#{4n7eN6|zHX1GOhUvgnDqzn=>9PwJN4gM&ERgoBSa(Pz<5K=Hf9#W zosKh}&IB=HXJ1or{~a3M3tlbSYdMtJp=YhmPTEtCfd6$G2n*fW;UU>R-3Nj2F*f3- zpOn9PxDj=aXE3b7QCcbwsyE|qW`OmY;bV0BNrqx%Y_Hl>c%^|sU*=z}Wz6BZoUQsh zrqtiA*FCnd?PO+cH83h{TuHj2dt>*nIANmm3~_;1qo)^FS&nbAY^7a`y~lKAn?{=>KY=DjNC>gx^1UiCB?F>_ zJm$7!Nrnij<$~dIynBLK915Yfc}OfOR9feFK%hTRNF!+%ru0HHTWSLTJS%0x{IVq= z3l{=XWF7hJJbLrR(%IEj#3M@5OYZr5Fpn{)9tx;1ACX%R5^awcM0YzGS{=Z$F%6xB zjt;j&0q$}ck`-QZdv`BlnMfVH)lx}oJ_bYjZENzzT`%$Pp~XM3TLwvA0p zBn<_GF>1(?n(>iKzVXmCsVq+;dU1Ojdrf7yzKzJtqQ#R#?~jv1dvNO(gdXJ0AMTi& zTxtQdh2Uxr%!A+)L`~Si&4qAuWNEYO0@tlE&CE|;6Oupra0)&MSd*K8awI`vVJx8g zfs%>n5Yu1|k48?lmbtjuS||3q_d3gKu&go1Ds!vh!>)f?LCT5T$m$9=R=Q!`C2h7P zGhYHh67wNy=B$9$$^|ja+7G&>Di4YvTae6%n62Nlw+-#Yb~1KMu>}3xING^86w7A~ zNPeV~#|cD9s8Q<27_ns{b_IoP+6h^#?T3V0pPlU-93uKrA1`uzpP8=?(KLn%>G@)^ z0ayvGW~&IMAM%@k=rNk4FBF{B`bF)a56aY?=#%!PufeOJ!YmHc_rfccB!D6xIVWZg z(zBhNb5J|C_LdI(6=QH%L@wTqGXqK-fB8aTIUUNED*T-@@ufB?$yI4YIVYA(?pIkW z12j|{GY;On!GTskCA5R~2Vg@t0JC1f(908# z6Jc+g1hGMUii`1GcL^9BuULe07C_6wM+phURf=VFzIg@+;Vx~Uy#pQ_Bv4SiM?5Gt zR$jH@9`)s*u~V*1g@RGGSLgs9v0jewRmj<`xiD2X{MY6&kBn*Kqp0BtulFa9Rs4zY z)c9oY1z5%tXCcO6a{sGtY^#aWb??i{a70xZO3400rx-hJd6N>btM*4zTGzusL%j3HU{+^>&5yq* zWS&P#Zu?lx-OYrb)w%AUomA#bxn7Rnx|_8jD?+25PC4B6P`4o5_dlMWJ`8KDb~A5x zD%@S%*qhUI+W$!MEZJBaUqwas{i>IEk~nWD){*`Lg&&uQm51^p$5<2 z_cvq6=l25p>Z%}23~Sv`uZ!@JT_Vb-bi$d1n1glg>>`hkD-FK(m-5!jbfqox-Ch<} zP~7f&9d8C8KG&spG~H`Oya{2b%a*2HrUK`mk+xFQjUQsm_gnZ+>Oe@7ji6du9)rgE z(7_ETWSEAlr<0Xs!AI&Nejp59rsnwdafey$p)9q7BGB&1l(fI@dF-$I3qN7734U*; z`k+P!7dm1Uf|$P?N2Vjobw>|@NTCd^@*+dOk=qkemg|1^C%Z0>Mud$R7~?WepJ!i} z`{@j4B|=(3RXs|W?polMSyO`S@IJXS#RRa63hK4xtc@nDbm>puDps151LMlukH7~J zUt*EnLBqDFEKv#_4jRZcO31NCXu4|19O|+E8(2#)fU4_GR8vx4PNDCkE+= zTk^4DdWRx5o9-5(#!z9)XUn?6_qz~}-PRsg==HUjMs6#168b$+!7<=h64uEj=}BsD zV`7JNyVZdksaVZy7N z783EOk9gZHci9QQ92=47*$kws(uLj-c=|u!ZxO6OZ!8RM*e|*41 z>*I{RI3tBI!IU3_qWt{K>AubAo3hCYw9}n~3uQ0`T@vi2s_%~;y1kk{l$FGk& zA0XtX?W+StC=r=gz{=!w1T0qRMR0I<_LVUV`}ws(X(=ocZ5ghMCxF6TXh%}!YKC}~ zDN5h&xLuvvtSo0%wS}%+7yln7L0X8v#@brU2R|JoWVH)Nk-ZP)syPp%4I^aZ`SgN(^K6O}>CYX&By8JA?0kyt15AX>WL2NQ4VS%~N%(^Q;fU%i~$ zPKyFVujeiiDd6CXVT3J?cQIVk!;U*OiSNatLk&cQ{7`y&aH=SqZXkT4x;2z5o3Fw*(OGjE zfny_(BdauLfgRGq2S`+kI$5>)uC<$wb1A;ZPA3dznYImb5C!xXTQ)y4|^ssJfg=N zfufW=$uCCq85Y8VLQrfECLP=Q@=%b~6xxa$WT+*D)_ar|6D5JJ=5*O_fYN3OiN&p1 z#XpQmot2*nxhXKrBQ%Y2=f(L@Ivy8_=0zJzc3SIO+w~s1x$T~dtSq~-X8F1vJ8@Q^ zw8@c8=_iUKlSDKB*6P4|+{_67fj0kW$r*>ZDG-B*Xlig6K~nUWX6B?)kP1R8&=?Hq z)GJ`_+D?B5dGN;h8Z-v$uQZ0ngn!3l~BeDOZLsjKk=dnCoG0 zYr!8MEj4c#K99W7D^OTl z5l0^%%U_?HZMWD?NG=NpGwUThNRhNZPacN0*XKJ){4R6&x7}JB_%L}61@I(Z)%-NR zvmvk}s%jyGF?a+;Dt2}zaH%ohtKuXuf<{Q46*C9!QUXi_STYFCfe=uI58LD`>Z+mA zym=Akxvv07`s%y=O8{n*^RYKk#E(cQpx-2OabqRRG0=}O6SUSsXn@`R z>GJNQ|0z)tEkHU1XkWnkB~Cd4H6e~mS+4p%=AQ11A#T=+pl=*Q5vzvsQ(t$7~HSL?@8{+NA^Ej{%!m45FM&j76 z@eP)!9bpaS8&>kmohgB+76sOj>hJ}a74Sd7%527lX>DyuL4}`Ib3YE~?c$N9zvN-! z2z<1~F$W2cU%DSlIeFsg!im&+2qF0;U~dJ|u_O8u{k zVt`(z|F`S^k`f`3$~GYB^G|>rk#g9UT}%c!B0yNx-l?PlM!^GDlfmk?>Y9=^iLTL0J$_cj9z?mie&hBQ%YCqO_1Ef)nW1 zz|SGafl>5Enii&U)j-tMiJyJO7y1)`yDjU7%96~T(_93Dsy?=~GJ!1C$>NB6lFP&* z1@{Ty()S&P7HvAZ(~SE(??XkiAl5Tl(axR3CqB-X)jDhHvLA919fdHB-(pH~uF%Zz zYd<<~lgTS*MoQwxL*lt8EW-=;X#JHr7pgZ<>h}kpFg83wHg|jW_ceDuw>zOx%-f5>BI-Ffff(vd%068 z0If71;@yV^$7D~iX*aR`ybESd6aEm<-6WbW6@c!N>WpD9OX%owspvo44;x;j zv(?4tPM1o?Gi|S!G*k&NUFK$`%Aon(bBGoGD4frKXjeibxw{Gh8g6`xH3*BM83}-A z`xX%-s>Mf$U|iAeZy>{B{9J1b6xItxmKrOuJqyzFC!I?Hi}K_IXqY`->MGi!NFyP5 z!K+pV!Cj>tFb7nzpdI0rB^c&PSI4(IBC$UX9P=$785srouEcE_Y_sj+#n5zF&Z;_D zFB3CAg!GBB3NSK&6~Du%Wm<#W6Wh}xs)bX6Js_Ns)8m`@DifwFr5qXDkG9Bgr>OW1 zu9C9htl}>jQ#zVrPv_PRy5@jTOoYzxKL!0zI8O7LshbbAit@n*{eGqia<2{aFBsy$ zZMv;boQn}1v_w;8IlFkM66XhDI^`)l>ujLI>lw#QM;b%Q4eUX(cC26JD`2TR4QpLl zz0Ow8_k}oTv?}=aBke~v=2Z4xrwWPQSEWh1yO19=%$an!A6 zowk9fm7tB%){P#lYTR#=1E(R?@^HhlOs*`Y8iEB!!LYefZa)~}d&H+d8(Rj2l>V%` zDU?zWJ&I#^Bw)kHZmtT_hI}>f^>R@|Us-mNJ(o>WN-e@_fsQiI9$xZd zuvO&7%>c>;4y90iD?#Lf8>LL`CyP|Z8eXB}bK&XhC!Yum(p(F#FnGS&TB5;j(CO1T z4@@IaFAv;j$v`Hsp1lwy6|n4>&}`a@PJ~u5fR?lFs2t`uio`l#gz%Px)C=>Jwec=NDN{LoV*8!T5LT~Nr>qaPu$JW%8Wqyoh5 z@V%HBt+_fjW0W^EyZgKR)w6MW>lS`Fn7K)QIik|blLX=*Rx=g^gAL2An1iw2vtX!P z#ckNXTNK>66=8`%0y@)(ZB_oPgz3uHXe6>WK@fVY%<7Grj}9dfA49sg5{kBdir+F+GEGsON8;;jTQQvx#B8vK{@-Ifa6B|(*BWOze4^1G_cNf*Xb}`hTet1m|dLQ~L3tWxb zT&Rzo^hIA!W&w{yF@5nJh@DGf1MNzko@vTr`UAYQeJRx@&t$}h#&vOhu_KJAbrTFS7?5g))UBT~p{s+d4b>q0E ze{)s2res}ieYeaNq{fS_)K{7RbqKwK(l%H*i$4%ekz$eeq-hs`TOgXY*-fpkhW2ik{f>QfaUy0ox()7FCGd0F3a0@mQ)&_A6dP1LqhaT^ z7TLIvQsX(+6<~zXUpendgY4S8Cs)5To>aZvFgi`n00+O+d{e{;E042N)w<=%D|&!_ zd#J@^ZUB9?<*W|L4%aCtZA}=6c%yEtd<*Gw^^z@EPrKXHwN<_q?@dc@Rnlmf>C%jF z%e~x=MjXvIxD=jk!Dw=9aPMo^PBeA06|=V&;@}AR^-FD`p9@XIogZjPTWBVVf-7>% zed=}B@==6U1Um>03ac2(>)ROJVk4ZxXN}yFq=G=x#G03->MiPHo0aPGzUqs(p}a|j ztvklCoUVKVrLgruUcbu)j1-HaB9X7PXkGkd!CzQ51ln3l5gT)OM2hYjawsp@-Y!62 z2lh$N2YwIPOo?U;m@bs>t$)A0wh|?Q9p9j@16#JYi=EJZy_c&_{^N#HT;+r$F+V?oe~vsu}(z!MK2-k z$NB49$7DLv)^e}1c%qah{EY8wiVVx3a42*$e4;@5!z{v5AOwLKrxYLm@567jv?rkL zg*0tu@MOTQy={ewO+r4#9e8SWIbA{USE(c22%SNtK}1kfQlxL}78#~oQFz~+^dJ7$ zjL6DfO~BttQ7XMD2dOY4icIHp(= z4^OgrL2z;#Xyv((}}!&A)(W7}PjC!WX#FAtNH`+Ois-4_K-?ZnRZXt{=3KgLzLX6)j;EkjV4nt66q{w7{|C4;s?^xdMy-hJ zbodM=tX+atcIP6{s*vs0?pEk!Fx}{TMscbSb>xYFV&X@&rC{`e*5bH^KL|M|dC-HN zc$aTkGg>dUAWeVDJ>A=583Z;2dQ}!#WuLkOD#Mk8P?w(Nb*l2=oHMf)5|tr1zC-&w~X{U(SK=B+B!RRz$; z+G?R~gvY&btMZKY>bz6GfDs|5N!y#8&*2a97VN0`i>bHn`*r!Y53UdHu_~+64}V12 z%esW`exzROu2O}iA@5oqPP8f^?(s_xFXOmD{~wi^P~V%|a0fTg1KQ($$Bm57O;kKy z+j!}fo#H0pM;9?ExewHt(MgN)7~eJndiEJI1kys??=yOM%4Ch+tMo`df1$ZdC$zgj z($}@7pv0dp)3!+1yH!r@KK%bf)xe03{`~MH#^RhyyrrcAOrxcOMPHc{D$48?7hN15 z&nsgypvvRu-{X$qOPLdG+X&b!G4_C%%%N-X?@PDNyxjoIv&w1s^Gi2Q=uST~`uJF+1|AM~XkA@2d$6Z* zRD!iV^d-}p93f*R5H#m;Q9bZlM@sT8Ky;~#!bDIK4^)rynt=;^T22ucaL*1 zEl9FNQo)lPd{7n0X3=m{-S#&>rMbuN{2$U+{*xpd796JLAEXS_RuOjEl!Ti8fQC0c zg_qkQ5n_*|8*LLq3_h6OM0w5O<$&chFsuDFhxakpx5l2aZ$NWjkfXij0=O=q8fuX!$>GJY$z0nrhLv$zocTw7cBabNE*q=2 z54zR^atRBB^<+?41&LsDO6X4(pUEiL5Uqinp!b$V|KuAj1kOC#f!*#T2!WyB6>zso zKO`QKW`1sMvadd}CU+8rt0|5Q0#hxn;hg_*+ewr(jNoMdD#xMO3?bh>iNpX@N{I&( zy$GF_(n!(PIm^=|7q`;D_Tin#MgBU)Q&x^$*u#@|Wwn;`lP?L|-ploe=|He=qIuZ= z>XymFGBxs^~J=#%P zd(@}GNDvQA5?pFli-dz?XK9;m{PoEgp>>XXmHcn9)rAjCzCNhu(atg@X0&h#)=m$O2x}k$o93rU7b~wieJr42i<*nV$r>EOUGNVYWX| zjZ)bC#dl|TPztb;C#S0JN-}p!thEZ|q*4zQ9cI<<{8$IBx};u7SVYOxV-xtbg$Y8A z^SOXp<@}A@Gw7wRrD?J;0CiYhSk;e{WnGYtWzl8niuR6PI*`g`b+ckq`dvLN6VPrZdcz&ElXKR%v;}V2d$Zy}G zC^q-BhQ@vO%d{o@h%);#zoP(3%JielHGYLQaR?6Q5lGpi3v7U$@BLxlPCsJIoyIgF zLozD)z)7$;DltOsrYd`|)M?@0r*$`;WH$qc@R5{V9Q+JI}WD8TdKr{+->)CAn$hf!^iVoGFDt6r`3KV01Bo=q@p{Zd3 zBeYNE){z)wt_nWG<1ZIL-7R0ky)Y-_lJmH448d=mMD~wUU{o>iy%Q50970C!XQ|jr zJF1E5TMaL-=4;Ygo$A&G;_KhRu(DEQD6}V0_nkhPKWz-+hZZuTS@Yx>>WH8&Qi0sejIRbmuW!ui^Lig z?VhNZIXrk^kcO0>*91gyd#?ct~w zG!ybOP(E3qbhv5O)VT(CwIM)5({HlSwjo{0sN3QvhAuejn8I3w&D5W|PSV-b-h;Vy zW%Z3F_c}2Ey&se9zgb|189UTTF`R?=0f7X7-W0bZ5Nw!n$|?rZX9T+TRdjrLs4sQ- zbBvfZd|;ICwWJ!>-pvBmkQBd!$gl3X@-=cu4HCHi8aFT)Qf^F*PX427#0j-Mvfpt6 z;G9isJ?xq0nIok$%ApJ%51bCsN20N_)a5~mmHGjH^Q$wkjiisT#$ex!&uR|)LU z$G|@fOVh4*kTioJbGO z*sNygCRm;jQ4HaRb{=iY5L;%BXVX*+3UI*}trEqZ)7}%TRE(E&J4UuYiY#6ehP5k= zlg{|%s@fe1QbE8l@6keIyNnBwl_$xvsY0v}8V96gPVJ|^s(q9inN z@QE}g0>$(T$#1dqv#ke^>|?oM19S|m;AGhMzt4lCGT;M4OuoRATi1+|eI^n&F|L{4KP_g@ z=44zKX3{m8AS7#02yXVK47Yv$;s?o43yof#Pe}g=9d^EMn5<#5wY?<@1tIW(hQY{2 zkD;dQ#PBa*lNXhL%C)BJ8);xbQnr?%=CfyV61{+VPj&5k!N8N1tI-yalDL3T*oe-7 zElfj_#oOK8-VCUx*|2TfvflXlCn`(kFF$6DQvqx#(KbbgY%k!@hF(Hfm!OVrO2!B> zGp*PuSNzBT8gTrA4hc+49DpQ~Wf3dMT{|*`7hWiXgr4;1x6(4h-iZ|y^-6J7^a4{{ z%t_nI|K@N9uqOL|(=y(TGDWK5aYYrUbbEJ5U|ZT? zRp0#um!a(WtGt$TGd1QT6UP4~KK5?B;ZKZ?5WLeztM=I5cB#xZ4OtEB{c1Nqc7$Zm$MY+vb6^};0% zU_nK%rWO>vapqQ*pIv37NY2PE#ERXnX#qg`ZXgFIRJ|qM*UvgEEQ#1se$S0dQAMS= zcQFMw8xC-^A*eXCG@itLAI7rX>dOfsKazroR{&f2oOjKWpO$_i_wHEIdNyzt5SD4w zv?1;#M;y7h1@%s#{V>g#GBS!bdmL-l-ayksAh2KwmkJNUB`(|>9;t@2OXKBE&PFoM$V)_^!rU^XY>L-whRe|Sx{Y9w;E zjAp>Z63|MLxL9TzBE9_)ghzxl{_)SG!j9H<@0E*B12Z!1FN95etO)$?@Son@ioIlcMQ*c#!-!9zPgYI1q{AJDIeW!IaNV zRAF*pu42Q=)4>`#Ux%E@%so8upN2gs_O(&H!FAM%s)yASMn9L#?Hk?%MP`#pIW55= zo{w7LTwXj5>zUMQH4I{&|_12FuoI*ZlCYTFbk&sF$tmpkkPYk0mSQ-`4OZM6z z*gxx?;Z8tFiDe91A+0FqGc%ycwSn@nJj4jC0ab%fXH{z2ujw**r7z26=E+sy$pt)} zrHtU05{u^c$@nvj9O9R0V^#e}ihly0Mw-xh-q{aLQ@?TstOWQcb1)$}t0``hE2=pD zxogk)gm9+_2y~lEDs4p1D1l!_aDL?EtIU~SjiqJ{_Q@H>Ykk_TzyG-@W94>nt4*PI*|>HbRwvZ66EHZ*q!bJURy&z zB{;k5e|tw#7n}O`ul=SJb}q6vp^AI}kDX>rSQy492R?%mg6o&|Za+{)HA<)(Wq{)pX9D|F%2+ z@AL7$Dm)aSpb}I|xr&O5cNVHi`yRLVPtK?3m*DJ8AlkU*Xb40YE?&&bx<4R>;0Sr{ zNfF02gPRz|_r8iTwjPYC5tID2Sa=jv`XGG4C!V|{i%-pkp9h2fx2lp&H!8MI5kV^$ zfQg9zi(!fBZji(AT@tab5`u_t zg3wZqx6c$l*sh~|DCi5&(a{(_Yz?7t!a{K!=KZw$!-Qr7rQt++=?~>%F|5EHZ_fu$ z#Q$ZA|M!Pg^Z-aiPz5235A;i|UoL6EY~>uRfz9(Qn1?&JDG%eb4L2Lg`s59(cRfb0 zNx10h^Mk2iGdV2z6AkcXMC3}B8C;l|^;y}qTC6@1gY-CtF17rwLfS?NW*o>M^U**+ zNw%6Noc?bM#8%>J??Xj8sXv_q{b}`6@X?-eFk>L4#pcol>rfpy$K^NRbn!<_oI{q+ zlE%k16g-qi3&h8L=p=`y(lW=>pAOrkbE3|F_hc-s(5B4M+;&*zOpHaN>|=04@N6LZ z8xc*y)*p zK0CBFmxr01;Mru;XXX?>?dykn4|7-O^N%gd(7a?9{RA(sAux+dsp~91nquYwqTSFh zSC1i!@w*=f=GctA`0+=|%rMn1%fD7hVG6|GWyf6#(*mkm8O&Jmug3^>e=sU`9;qis zsn90z)zpM}50eZY%sk~Rluym)N-uZ%0NcR9^>a!kR%dPd?ANG@o4=*IEvW-46$38K zzcT4_k^bHZVxO7u+wE8>v=&=`yy0`&WdaylN;ak^ehg(LqRwLdHyY2T1C6!7$3|$i z(gx+bEbQWbFV1~EC2mV8vpeePv03|kc?<)Uc4qT=`RnM}HEeWH5dI{FLJYOS@2-2X zeC}1Ak3kAl!?Ezgv0jZ}y+w#S>6mLb;!gL6TVGw|=T-y$8uw^QV_>(xAwtaFvy@rz zJXu&d1?&&f4gU?npU^6mNd6t%H}9zBrabJS5;CKV`@^ViL~7?Nn_q(z)I{jTPB_ zG9@Di_eqV{5{oXFZ1QYUQTG9p-bVfz;tz6}Y=zzT~{c)oNg zPKC+lOCu~#PsBpNcm?n8Zmaxl^|vNWIZ_O$Ct3~cyX=mXWCA4hXyi#8wWuvV_qe^> zK^t(gaqk=$zN>PjyAfrAN7F*WI$JQ}BthMkKVb=I>uW$U*3Dc|N1y??`uWj;H3f>A z#TozgKQ|96aj{!TKGbFQy!e8o|33YUk-j`m|mjQ5FRvv=<~Yn_y8iv8D$k8j1VkvRTNatx8a*-itW$iL(q1e+ZqPpCG26w zwmA3Ju&7G&M$j#i%gibo1wVnhH6@-#@f5(zFqVVEjI&unk@-uF!`1|^OeXCdXr%qj zKSEldR38>~zq`z#!U(vO>N%ZD;gGvnE3h{M>Jaks zU}ebnns5DpgnQwD?25Qv!Lmcg&cH4&W_Ra&)@_(FPkuiZ|9d7$gLnI$G~xoO9U>nQ5&< z89giRvSYgMoJAI)tu44AM>19hVkcf!mivKgTlDNS-rk0I=q@aOn@KUj8u2-9pd936`q z81hGQ`MW7Pc0J8P`J}8w>oZu}(;K*|q!Bj06N2AMOeI&LU}`q`(=9T}Y_!{cVj|wn zSXd+2l54Ps2Odv{THN`YLKM5Ips$#q#Xv%wUWL@pBI0j_ds_O)0V8vK=7|Lg_L&yF z_d(?jAGYyW-}@(XS2M$OhoX(IY3`_x7VZ+%7eK6d^t{ebR#J&jHFiISN6M zr%XV4J8C~IIudqjBe>NOb#(|N}%Dj4&(EY!n z)fG40$c^uMky+cd_4E|Pj;y)&V6!W?R>h@PKE ze2;qFLdJ!gHLougBaLAoEqCWpuMjsJnK z3*oFIsTzU&{#xv~<9=%-k0o2XD@s2^g(#>~;8#%-~@rEwO7??x*lR)_y zv_`lu`7&e_SUXM^$5gBJY$WA}osz98#&nM1WB}puFU?E05)~KHcBzjRUVnZqHD8d( zlklB@9f%{iu`La|=#ZTALig9pPsJR4m{KaU6yO^B5`bbhN2@_uO(e7G_tA?nh4tZ; z6ui&ahFWK?$M>*4j}!pv0R%h~d(A@FFI#&mD%ti&LPIMqC^-##{0E{YErkxFL^b?a z%-H1f0QoPY081UxXy435?>Y>jWOU4H%oH2)cVcEKd;UCysy1>pWA%VJpNE`O%~T?> z-WPm}BV5^t^0ssK$0Ba(HAzhtM7cuuF@dQ6tls2o6k!g=B!?#VdkM1yZ2}N{PqA7a zjN(NJfr($*JJ$ap1W}+7iJ7_V9e--`d0s8LVH5BoH}T^jX=BA9qI<;It&*_uL?9$Q zT;o%6c8iPb>m6{eq1T4ByW?-KXC^|R3tEzWV=U;B+BFdp@b*Z`rlEnS=$a z_(@)zU=yx5Q|I{epS6X(74(97R=1@Y@@Mzuj`Mv)1hMSSdJI=PU8GPoWAWn9&cYAb zIFriT0HS73aKa!W+}RZgl789`bXacHNuJ=q4k#)U%A;d(1$*i`S1*@4xBSA|kDi6D zeWcXs>aPvnKIrfUtjpHNU{(9Kr9zS4dRF&;FN@@y|FV#nXg3Jrs0d|5dkfy8tFhHh z&pN=!Tj5z$eV8objPbvc=nfPv(JkY})JuK8HNU{##+(#?{HMuh+oe2-W zC?nF&SOX2`VvB@r=)_HHOy~4he+s~kbW)U*sUMO!2H$6xQ%S>xsl( z{mFuR<0E;P=b4O{4bL!Xr$Vcy`gz9&t)Fb#*;2^lkd{azuOQEFF)JOcSzP3dA&n$T zG`Y4O+WPD2kGlR!Ec~*NgRrD&LI1bRAn3O(xrbv;M(NXB&wdiw@$wa<^{v{)W+ws? zC3Uh%h^&(0EZs*788@u-U>Oqa&}Xc6^kv$`6t+PNF2YZj=^#8CI{sSrQIbR_5`lDy z#I~zrp!8`EVW1I{UR(Dro;w|#4%Z-S=&8vtEAHb8niKXi--a#Gm6ESf+z4;f@4@PM8H6;L^N4tdT}g{~8Qc!D>jq1LLbpbsD>iui8-MLt|Gm{2l7jEjs$8o0&t9;_;O4s3$(Ox~!%;o;L+AXby7UCBf<6xowyTZk{ zB$2Hlz3Iz^xM{_Al}VekT)MgBycFVJZ{r!>^L}3&vxEX#f{fL*hn^_V)eraB&AH5j znj06+^bV`k);2~{Xj@~ON{K&5@H2d4M1h6thG{LHLL_nDda93rf4Y8Ri9DRyznDC< zWEX1WWHbfcFNU*egZ+_-VepqKL~OBny|zV<%S6@X8B{yYFmNy8*u)a07a|6Ivo}*& z&-zI>Kv4}TVzN7V7}Tz!X%YzXdK!EhQ%aQRyWysnr}Z~Z8{$SDE=kxJP7l;h4;^q} zf8xm`TNiu7+)hD@;2Mw!DPDMCPl>3lDPrP2Z1==Si1O!>_}49-cIRejnV5iP&R(dj zfOSVK?yb@D`iC{6-GXiyhA7~RZuiX=R zYwKZ`hAfqg7Gp(byiRSX2q?6SM$u~F1P3ey)a}dgrt;3DRXj22Z+5}C~$5#V26#qW^WFOygd8@D%y}O2DOc_ zk`!PGak^F>3f+A4dnz~R^K;62$@?hrXVdl?`Oq8U5&IT%&earir!-B1lxIx!Sd`0z z2l{%&D|oL=Xt>UkzPApIV?Bmm^<}$zT0K~ez7&#GgoTja(n%@n zJQo_jB`f!#vVWY?=35{VhKb?pJi}I=j$o~~%_Kv^^IM>N*uyII5F7|9BS-n!rTO2A6KleBL zQ{pZwiIs-!8y1xXMO#_$%E3x)#3#Vrc+W=@D7*S(-E-k$HRMZFnPfb;EQD{C4%WT= zNYhBaIMk+tYrVrLMpr&UnJzc}$PT&a&<&rlYhYZv{XmYc6GK^jF?9aIqaJSMZs`bn zF8=}eevh$G0A<1m8d&z#DAS{cD7E? zTP!mn7$uT*Q!)hendnLB1T?EYJi*j|mDEBZ z;7DijCoj>^9AL7II>99t%e1wt9T-Tt8v@=Jd9Y-0)o9jS^@)U> z9l5Z_#Ro$WBmgV56z8Ue8AZhM8g>~80x=A4kmrWKQ@^04{L#6itK=sjqy$gvb-@@s zEs8sa=vDkIX|lFJ+M{worNd1s^dByPr8`M_usba^qQMBwTG40lD&xPAEypOVX2os) zwRhZ5 z{4lPZ%7K9C4SE=mA)B3p!u*7MTz(R-g87^3qX@N4Gzvev%LiBoNatdGa1j~N6Zris2eExKo_;zO{nQ|C!~)y#F+tS$(GCDZQ_-#O;&>JRe@=%y_`GwOR= zvm-9;ZWV|JM6IPXFk?aEGA{0Aa&;wecIq)&DkFdhZX89L1R&$IzDm&yG?YEy(1F}D z?^G~@7GQ@9L}?{yP**qm>Lw(w`?PsTA+Z=u28-UOkWaqm*@2{^e%P8*7KAha$SMB% z@FMH`k%P|iYjdD^WVC=KeWVEABPL*>X+6kXuj~s@$PEgF_ANIj3u!_Xt#{{1PPnvD zDnggL@;nFDt*JmsBt%t?!@(UkVc(~Q8?Kt3%%iCSW9jU*D6mtU5{foa$XXPlgQ~2R zAeh*Q+zWk}9NJ5P^@&~2*Bv2!!tb4Aoo_B7JTemx)M5?!EtL#!RhDOPazSf#x;i!{!ELS~n9S*c|^p#rs1%M$^ToEp-PgeHu_OG|Z~Y5GnoAJ2yACi^r8b zQAlu>xe3G;8(2s+_RSy?&up8LbwyVOT1nC_wHdpbEo{5cQ?m|LghVQ{#26sEr;>}M z*laoGm8{+RH4}!NUq{hw_;6O5_w$a}D0b@TRROP*^cZ`1S-I`Hveqf#7x{k6ZrhN| z542EEF}e-bGDGd;6HPSoiZf8o{SNV&X%9|}?=NzoO?^hQEat9%l zP#*J7jXB?}<=(^J;MM8p=!yyPW;TY!x$c_5qD>n7nlPo=Zmvlw!d6p?kT>-&AzpH^1r>`8-aiSfa>VdyIt6;Ku%?nnb)J=AOOYLEz3CrU`k+Cdv@1@9{ zMjHR9e~k<$UL`9v7~x#0kdT->oI7z;dzrwec?a8V+I{R1zVgWYw>t6lk9B^hi+^6I z)4K7bHaQ|-Ox)cG0JbYJ*>Bg(J~J4tLM@wHdi;A{;Ny4?;VBN=WCEI;m92ImF zrWsx38qGb-@f$F!qz5fV*{t86=O?*$^Nl(w)CLBxardlJLcAHfF zw0+;T5qR;&jH)M>)EV+8K2q`v-EQ)ScyNLa^9bQbI3UY{0Qce4F`Lt|=?Ce2!pdJ_ zmO~x80`7_m^*RoX^ZmRsq_ zIfY$lkLmh)GQBVV8ZL*B+KtFW*!wF}u6oqxna3}&0$=m1R#@$QsQQHX;&*j?7!1k2 zK1D5wbUE|-HPS;l`}V)PE0f*S-zeUxmRn1O!H0+)3c2nqlO z?o9NSXon{348nH-fwP_%j+V5p%{c*3>38=~vY?&%QZJ<|!TIAL%)`?CMW2ES>i||% zpc0$|&TU}rD{wEb$Tp@We^%BtmP$%K6M1Ug`E_>+XWvjp6l_ykpXQkOUkB$AP-06?LY76-qgs7T4Afy5$9pv z-pte&R|qH7H-ZD*5WGyOFfnbnj^w@;{!N&W8(iz0cdV`y3#fz9;k_z5e11-lZUlB- z{jPl2_&IKBB$ry+T)57RSg%>pr;_y*nEhr>%p)bgY2l8g5*#)NYYzu43N~{8n5kYuoOP&H1XFI-1RV(t=B$*?cX_xhovXP zQPtIPY!7>0=^SKh)Daz5`OU-K7!XN%5P=wGiGs@Z&Kc=uc{TPnekSe-CdsxrT0|Uj z@HJ!88AHRpYg1xCiDmq`6UoVFRS{iH}3( zP#3@Eet(-nVxI~C(`Crr7=-dqbvo9ZOV58tQrC1(bNO9dM_?5lcp95hcKc^Ob^A8f z{p#@Euw(mRWaFZ@I?gRm0%XWGBKmsEHM`k+wc~NO$NT`eyPFX?8!B$_t{+=Q6;5D( zSPpWIKRtp?EzKB4y(`RDgC+*M#n0d2MDoN51}a(y%-Jy204nQ&-Bz$j1GfZ1$AxIiyJ7tE%7CZT9_-_j)!B z9;zfuT0L7NG&@nmckDD<#1~cN)fK_-Sxz{1&MhxOS?_R2(Cbw9uD)F z@%dg6?IfIr3TsFHAy+_nL8GmALfZx6y59-*I)83(k;8BttX87;FAU5xG>50Q0)>!y zL*`%ytN(fSDr~lHg9BH?nCIYf=-@^w!D7;hf;G0{wTrQ>n#mc}V$`qQ>;l*rk;bDC z4>D?T=#zDU4Eq0vx^If^tlRdiif!Ah*tTukwo$QBv27<6+pO45{z)pfoz8dq_POWu zsBfJ6*!{R)*4PVs?ltH9K{>z8gi+zlN{cx!)!~zsbx3xETPF+bVg!3%WTJO zBypNE1DAtW6BccW2DT`qFGN&!G7P~N^vNVVKM^yt;^GX?dta^HT2yOxv6`6{a6zTW zGn^A@&*6^KSftn?r>4`jZ-nXh92XP_F=l^r!e%6cs`HhfZG3ZOr`8^ykCo@O; z{R=c6x3@Jq+L~dKI3czBy%CX*g9+O1+jN(ex;@u-RUleG9}PyIKaHcqgWb&;7Wy4B z`Yg|kvT5?EC|t&9Q5NFxHVBG#7L=j)wJBwdSqch|6oXNS#TlpPVCxNew#9uKl$Bsn zB~iAxk7QV>|J+2~HYKu`aiCcJ1<~3E{>j8oMc@8n<-mu9%{8;g+xvc7?OIx1?vPG} z|Ih+XOleEDI0Q<#nFO`6m`GI9ni3GGCP;W1Td2=_#<_S@Nl@n`EZ@Kev`$i-4wPaQ z=nRuzln+^z&WmAedkGyou)}T_)TY_5fZ$q8mS~R_K%t2479{dyB$^s(0bZ;jx-Jei z4Hx4$Fd$0AFpv9wEB%tUT3)B_xpuIPbo^D{_Vd1D~g$ zuoQ{Z1WEDJFZ`A*f}_1{Blb-O2Bg^Wad@Jq)9DrQgho_NjU04vjRKJwmTSD*o~rLl z5D9t~LEgkcU?2(I?}FU?VMcdF${6ZKTdFS`%3CpTb*P13$~7{76L!k|*bq99`$0$i>IFiWESHPtf}ob=8rtHvrn6_G;+;1lP;^Eb2WsDZsgx zL7U=j-Db+`N`sUy!D_v(xg4bhU7xzzXm6h{Typ8#!X0{&QS|h-i;m!z7UvswS75k+ zGRm?fF>`C7Ft;8v&P}SUd2K>XP33B9LZv=g6kikjbl{OPGYOh^b>;pT$KnncU3gsd zVJcm2X4;!$58H2JMM+`K&C+)Ai$Px=DJ0Pn-g4N#;PN7W3=$(WF{MxhK7wv&20ggO zlAmL4WC5eJ2n@?VXkU=FSvTpMDD*@X6djOCD$`NXH zibU3-9KP_RR~#6505;Wq?ILOgkx zLx$x-5)IUiA0f9gv$xJjB)jgcP}rQ)gg0W#>mmb$a8hr-FIgCV^sn)uxN*0FS>=o0 zthRx=G^((>S3*Bi#up>1PK&!5oAIs26gKECHs}&T4XiCI`uPkDSrdMmZoW1!%;(E3 ziS#lOKi|owGVsA!Ee_~AT$+11I_3(;nV^-H!QztMu}f)fH|CYO>%SSkZlyzv!`C)I zvOR(c8vx1&-QS;B)bY0?wk~pT7&!>Y zs>y}5AwF{pb4z;}Za)yZSBA%}jwui`7CpySQyU+TJ0r=|p&uNq0CspiEcRitnMR&` z+S&bglagO{A_l2dcd+5Bd*&+o=!xg?svU1$Mo~9yeOruVDFSdx>3^1Em(#KwA5|Z* zzdCf*Z@%*}GTCvj#`>MS&{pE)z0UUMLuUUeB}SPfY2@k2>HGG~ zU`+Y@AEK`BTR85pw*_(=p?L8yt;(VN%SE#77`W!&8>EW>C#p^JGd$;qU*LHE1qeInQfbG-ADyg+o zgV0>->CJ=vjd^fY^WpXd{75gj9y!2U&ffX+rd2OiJ5+>!FNzDA39gUfQ4AXDOJ)9i zZuNNOi|UvZSerQ;Kb$j2T!CCWREISYy4fpq(VW|0b4|pbork!5S#@yL36guXo#FnL z0Mntv&VkM3P}?NbxA6d=t}p|{v2&HnAe zQZA+!Qb$1y?~|wO9+eOw%<1^?aX%y8GrJUUQ{XxLQYAV|`xM-jeZB0Ad|Z-X*>f)6 z)B5fX_5eQDcFq^(w#gCVrbUUm%LC5m$%#q5yB^}YK06A7y_!dh4wP@K@z%*Bf1g^` zn7b#uX9;iCppOu@%^BFXxnAf}S0iwawzY7~;Ft0HT4C*ghNX|7 z95W!6V~J{V2X#S-@K1ZAR~Luc+sG2U^jLDW=l-PqP2%xgM&G#a6u@?G&lIlkHNhT* zLOvRCc2E**y=)t!Y-Oc2mt7b~R)@zOxF3Vq!{zpw`J19v<-tg`U%q?$5}rdU72G?6 zb-fsJN*=adl?{itM(ISFQy#S?3@k1z?htE65+&$B+Z?{xtH8P5`qtX@3*)@*ni`xX zY|%fNZd9vX-TR+fUCIEg6UgzN&VAhNB_MWAEpVUj5^D>t(!j)RiOYba^X`AnQh3f1!IO&5(n_+h&I1^C1b5y9T*waWuUf!f$SB1yovKrH#_P_96Hl zc)nT~5#%57FfS87Hh=Z>Jm`zCPK$?7)Z+2XpsM{STDqF*<4tsi-U40!J9sL6cF%y9 ze=t8VXqHK}C7O_ z&5K!`bKs6OXQe()N!}ZHu#Xx&ow-J~CEIyJ&lBdvKwfmqwd_y7-Q$ijfjZM#lq)f; z-+P`edx2T}-Y`d2`eHZFR7J?bT=2P!9WRTzucR{3l6QxNz34X9WN;z8%Es9P)jFY9 zs+y#dUSNbphKs&rV2V4U&v%WW>>WP%P2Qp%mZ9-rN=qXh)~DO~_Wm_1Aswif$t!)? zF=1gg=4RdFgN8J}FCB}JNtD?96nG$kRKOaMs*Z916P*WF8sSJbfvWZo7&dZUwzBp` znV}kJqQbr1zAn&Mw8gtcZnKvHqQF$o;&5j3KKJ(ZXQFN%g!k4QF}pHZrCG%u+H%dw zzI9$7KlCzfTYl=D@@be~N7hwy&Z93(Vcbu!$ttIM&n;?z8 zxn?`1@TE`I=QU%l8C94K}Rd+%=EGcQid`E6`Ke;x+~9D_OUqY!sD0;|li!zAc6 zu;gBk2z1=;L*f*>Y2jz>U!!fdZ&pKGBJ`^2LKBUZ7H_AwpwJ=tSeQe`6eM319*W%(%L^gcD5FA zj89km$(z}P=J-5teab2VhET&e9I`JHID2}Bw4?P8TcgqC2s?AXa*WOF(#KcV_btIY z83l@4jvzv5Q5{>i2}7*k$@{C5MnqP~%WuS7Gqg#FVrwn8Jf)sT!^HO|0Oh6tttKK^ zliX#d75 zm42|mzT|kuN`46q2QO;azy*|rV_-EKGt)m^6H=as+6tO9Vs$7GIoM=JT(wr&3P@#} z!qxSeV1L$Sg_?gece?X;a|h{S$&vM&KQOp>^2{th4eV6*7dbgFN~R{YiHLBZjf_}# zRbm|`1;I|9t+xDLB0&P8Y)(}puzGHYG7S;z*ErK_G(x8KC{$c6tf`6mbBs%DR1orx z>a|ah{<{OrPNt{4_ahAI@)`e%$xi|zs`E2Ml!&y#U-(B-qfo3OZJ^NFQu_7Ik%JHp49f80%PWE7C;})d-Ay`2>NN!smb{vIvZg92xA`od z5M&Wac^||0sy1WzD_iBT_BN~>oYJ7&WX2~ab|Ifn4G9i1h#BQbgIi7cx8UgwRK z*b003g*nL7SuE)Rf%D&yhaP2QTc=}u!Sy1rOQ#v4X|*@~K~NaV}y zVt^OEHgva;wS2w{W?pY6E(sEOi-n3z_S9K_d$T{64gbx5qo)u;+GJ(c0p8hOjo^5* zy_Rzs^Xs#ua+2DPKHeGaeqnDRS}2|2pB)DNC9+?7Ag3k|_{(dvQxKuX+H3}?UC8%L zX#_fn(e6yg5h+i@aM)dX&@u7F{%2yt9)z^UPLD3Yf11?lD$vfl&#udft?MI6**X*7 zPhJh1IjhspCv8EzVono0e1Gsk2$a#QCP2|H?RM$=7{!o$xP{>-kf#`OA5Q8Zq_fKrjDyKISnpl$0gH zng+Oo8!3lNbu8VdVJ-JNWfnH!R+jq4*wS`h6MG`i} z_4I0j#6i$wMPuO5^OrF7(2IY3w0Z4g{~4hFue1+(|Eb8H#4L7tI5@-HZukuz%~BT4 z=X!V^AFx9Xi%X9xQohjtydAK}e@zlLHi+xrtX=-*q01g9ll`$T#Si@NR_(vvaC@Jy zCp<92jK-bhKQGb$D+Allk-ZgEGB5gYu+PsP3y zS08&{!^4M3trHaxLhQU3nG$55Wn4N&wC15yP5R!Y4M%5sW9$XxPa_!RxyPdv; z*S9a{%(-2!{tzq>_eRYiu@xl-8^Lqo{3-R!^^dw}PfDEM(HS{f@6c)p@9lYEcSd(e z(1mSa@0ZRao+p#Sey6`N8L1Bbq=N_~;N~Nn0?hO>zOo$;ng(PmAFC>(q5}j?zw)+B zf8FT06()$P%`XYv4Zo-!Aa;A|m(mEA%`klSvhX-@K1XIP-o0yfP>OPQ5H;-E~2}o z(Kl0&mfj0Sm|>?Re#@%9K{+S|5iY?6C6??S^>30feL`2Vm-CC;8%&Z7uFz&!wsB;4 zSaqZFhDSVva-gprorrjQ{uuZ)R9c?7$E|76duRqz{l=ekkYqyrh9m*JOurhwHiQhc z0Rw{;Hlj`)Q6KQ9mllG7;jicARLqusT1OSz$r=!N6o1N^{nvv2+SnRgZy=yrUw`<* zPMHx7tuUjKNC(btB#m2+l&v7LESAFT>@YZIu@*s*5_nF9t$dM-L|{ZD@blD8b{Hn& zOn`j_37q(zgs`BHYamr(%HsA8J(s^;kt|eMCk@W?s)AZ-VCZCDS zzQ3%4^h(;79C{M5CxcdeNY#d9KvmSD7PZ6nHmhNRED!7muNLzvnU&{EQFCy6JGNmz z4<-1$xJK7+vG{*}AU6>rl9j6wxCLmN z!jnVZnRPkpBY0M!VWpcD4AGaRgD}8zNB)Cyk+?lyvUW8NN6OqrEya`OOH~)TKKiv< zQH%Yvdp^O>0`1Add{M1i>Vh2mPpjeaqL=G?gR7kDA6x8C%&}#rzznqss{;GR&}Lqc z)}S0w0J5mOt${pr8zc7AV`cHe%RBp^dKQQCa{-m%FPSDW19Nb2NYuv~=7sGtd?%-~ z`4v-NvIZ?NP!)(-kLH}AzQ1@qn`hj@_4lnXwAhWpR7yhxVWUpdZr(G#d*niBL5pJN ztl(vCWD%BNp%k3u#h&_GUvi!qnA3Ppi$FpfpkD}AP`Rk|1Y>Yw9BEA8nlEVy5n&r? zf#G^8TRNA%Zj#GdJ<&!=X}wzv*iwLBBhSo0U8xbSC`Mm)|p2@t*}|V zFTKO=Tm@+8&&9g~+Y_C<+?;>DtZW~HR8u+-IGYK7L95XUI`B=8KxqJs=xz0%&({7<+m2$tm(dB z|7O8qS4)R6;m})I80~vS88a4qQ#eY`>6eO>>1?CM+efBP5i6 zpN6s4X26c6ix#Ge?p*W#tZzDV{+ zJZo}`5kZ?hJUaFBlF{L?ep|o6^~-;;&cWzNBjAb*c29KFo$RR2wfKOY1a-oz5!UU* z=JH@V>d%OHCoPJd=Zjn$2mGJLruRISU-yt7_hEXv%;|hT6wq{^D-GuR($5Uuniq|B zVU`r`rwFW)=(B#aU}|2+*4MuFS4Rjv)$f z4|e+XI)j&v*AX43FxH6Lxf^%CZ1VnyjHQ%dZAyy_kz)pfS=;OC486RO{#|H&osJXz zX+R>auLzQlJ~;@i*9tr(e82me$K!rfz?eyq?cL|92w&$d7cw=3>sHm%{s6rt|J(h| ztNl_}6V>rsP2OJbD_1grTCQfu)YE|l*Au&YGdb|VNxVMnZ~e}O5Ly~sUejkF)^0yr zDaD}?$8h{>a6&R*a45G0#dC<+*-*kFW3+2l{Dt^HJiqM~EOKee`XsXOs+PDzer@Ro z;VUN7_Qv{lz`-`7Pn$X`)z>BW%<*76@cGhZYhVVV?jOe$1bq8+(a7;P^KHSL zvPlnLKocR8Ns++K70;amexMmfCS<+*nbp?|?`Gnx+T+^`_PWo-9Lhz6C}vb^J*mhx zu0xN%<>AZp-Z~17Xp5Xw-&NQ0lwi>CmkkRx6!WV5{vG^{r=trxD7PF#)fm0gNrSwL-zCK53 zPD$NgI!FCt_qx1>Xpi6#m$|<@)8nN#gs(<>gRc^y>bkmvb*EBxMD-$A`$@d^%(=3d zWn}$p5Z&QK4bb(1zU>QjE)lezw1P*0=vu^(YU9{DBr<23u++%zjg0(=gh<~eLd^UP zEK(e4WNa0e!6~73c^EiuZiHZb4Hc45m)`tk+LIAFZOl~?Kgyzd^YZqN|MW8Q*MbU| znAlD84l`U#``=upY$bqF${hGhz{Ta>txZ`RD^!SsJ)<4v1`0{^&wi?pKh*W|Z%SBm z=|(%rXqra@)5F~s=pcrJ=#dZn&=#yIhb@_+%p+yqhg}ZPhB4pze!L2*j&=d0VMZf+ zAv-+jNM*iOBJ^F0DFRB;futae_w3Ng)o(ozXa`q@{o%^jT8g?S+j-VzvgMY;ArFTG zwv$Zeg^&S)oPIy~znp7&Wl+W!e{>4~dHQ+#(!ctTTeiW5Mz4u2#q;~vvtLBX9 zL(7Uf&Jo!6RRcXW#V{U`&RotBWLDzfh0a%EhmQoQEBy{~Zs%xR0ZnY2BHy7`Pq%vT3J47PwQLJ&1gk?%@jbiNU1DQ(;=y%n`hOx~N{f`*Yr~ z`=q|90(jJej6CZTp=Nq&hN_HjUn=&&iN@5x(xRYTz&v`z)MB8A>GU7`BOkxj;E9Oh zKYFqE=fI^OHd>+-F3o8q0~#^P9JXP}WpF1m%WzE+Ox<0fy+_?|nRd6M0HEN|)I{x4xa_nYB0(TLUl=LQt{Qw(AxQ!i4Ha@tS5d zy)A!+N?9R_-P|@R6|^YITx*c*8rQY`C5gs6j?G|8@+3T!5r+ho^RB9#)9NSpphL1& zE)?4be2!v#+e|J&ZUcRvY?X`Oga{6b8j;-&@zKrz#WYA`G$j9}UIvS#hhL!gGfE|U zTV3U*^-M^AIztv}7^r8Qf||u)G{Gs?zB!XdjQwT0vCA57u0KDn{w)nZ0-=J{_<|#b zCm6T%2=|#4Swo}WX_4Dnn+H2XDG*^-6Ylp<%EFQ5sxD3>$zL zdSjfS1On5?8RwMYdf#t;v+MBtA4I@0e^Sq;mY@ZE8QC?CW|ZYaEF-cHLz%#3v+=~+oM6x4ocszI zkzXE)0eW6g_TG=J!6r1Nmgj;z3lip)pEen$2%RYsK&fJ`G@smpW`qH9^4-=6LJ0W< zqTO4}j*lZuZ%21?7!AydQZ!GHANB+}A%z1It7O|h!1tX#G5t6; zg7z^YWTaKzRc?jiA;Jn|Hc#ZiS@Qs~I~~O}ftLYBdUW@Q`WebNhLbA3+D6D|K-P7? zfI_0#oJU2Byv8@$)BgE86KB4oc&Lwd*$$M^hf6?( z{d4qtybP2Pf_JZV0_<6qd8K7$qRjQlkIyO$C7HenwBC2l-)I0>y@=@tRusVDC}U=Y zLV;BTKFfR-`A&R6?WcD|hjZ1)sv8>Soidxa8L$_*S`g{bc1+_ZMlAkI5Eo2tl`bqc z8)fByPU%RskcI?T;v6IGdE%c7BrQph(%)1_4v&8k*WP#CJr2s{^ic0lv8nAIp}0L- zl*fJFL3wv72Ua;lL)8XNOU;*5W_HQblorwB@u?%x1}Zxv?L=ijrA`J3A?^z-^nFhH zq%;D6L}+N$avwDT5$30??|Be+jseYa0WZNTj}zcYEz3oLxqIL8XWMynVA<<;G2l>| z3RVw6?YapnQw>B0J?VI43~fN!(ohzaAzB)x0{3-ko~;Lqv(o#lIosA8cr%<2Dg8bh zuU~DFQGIG$rj4r6Wlh|LABkLbL5RR%FuutS55G9op6wLjRuFN5EBajFp!RTwK17z~ zUivZh5p!=J2pM(t9%yZDF0BO53JqVD*k~-v3KW;0OL-{;Gbrnf53fWSqF@eS&?_>? zt67N`A;akZ7+PM5T8%1j_Yh-%Q?rmRfqG`?Eamk63Tkuv0e&Xl7aDMkm*|vQ7?wN} z5nx1ujIwhQy@w#CNymc~X^|O?OLjyZ*EqrM_1GVC>~L>?97w!-+AAurkZ(%r_9^&< z&P0()r#gF-WF+#Ky4a^3pdThg8-x36coYuu_8Mb6)tT-PLP=Gp@$ zX~EChDrNPhuRkkf3w0`mB(k7@n~>ChWg!wE^?rjRt*c{QDNIslHcWU!UfIibQnF1@ zGFMzjMQ*8r3~M{&s%`jzw0>7wW+x(`Nju5fP++-gdInO~iMuB&%E=&BvQ6>AL(vpc zkbo^%uu}(^fqmR3k^@IgbXvgF*Bcd zo!F@EG~DI!&JfC$`rF`Ju+I!Bdy-P9Q!ubSIb?EAsJK^BHkCR{c6&^8#{^xH25> z6nVd8r3Gnx&*Q}Q!q)1qp$)}!}bNhi@{l`?Be5=Pl|lKduJF7%frNVU0cXVT^+&*(@N0a&H= zq-5|f1Z%(E9DMJet?3GSdDjVRD4!C75f{4%k!5C{K4Kf@uUzgx>-K!d^QM-Ci_P}L zaknFXzupr1Y~TRjHE<_0TI!uI?5zBa^BXc^OU%I6z|TU>ztyMz^kAz7giH=6t_qeV z^0;?q^EmmSJ6O=4Bj)=->+4GZeng`jqX3BIc&HiRVUoz%w19}M<?42qTZ0Ciujhzy; zAjcb}H``hB)(!gz*ib$pG~dDf&BhCFHWHQ%-z z^$+R9-mwT{>w)6yIi-~WWo;(=Aw%xF5z&t4x#8hjZx}jWR&40s%GOSXCfRv;7!oDl z`D3$r)8|^sel&o+WjO3m!eOIlfjLC?hYYjs(j{9xz1=--KC_d6ujJKq;)%Vxd;zam zmFLyA>q}2vFXb7@!r4AL2BD7Uag@=G{CL{`?2&`8-Z4se@Nh^$aRCu#sv;zePYYLd zcjL>z%E(*2NNie+qmBW2UvIj4@0Q^2XnjnI`gVWa55!2{=S-04N)aPR3$bzBV2bsX zW#vdh8}woDU(4tr$dWytyBClt32l=IjfI2sftvtRMPh3iCIg(r(hM&xiV}{sf{*nP zyWi=(TuuV0_8Jdo%n(4LTmDEv_$*^>kAcu48x@T!)hOWA*;!G0Of=`VEZzF}{| zrxf<2J|YekC3XoxC+ht6JE9cB*ogSpQcHeC?)Wr@A-BD zXm~3Y3X~8*%*-!E{H9#)Fu=@iwS(+(QR9y1E(^O=MnlUr><-B8?8LQD#eT^J0oV60X);jPoPeVETbd(3q;UkvL0ILXmsr7??<>>wU}7t+nM0Mw$m zv)z_$>yQv8ofIz%sEbp#Y|U2KgeZ(JKsB4($!d-TL<6IaZIpcng*#8NV@2}ULF?(Y>8&Ap3-3(xpP94KSt{SOOT ztISKr12l%DwkjA__F`h;qnC}F%`Vw9yj^WhnV0vXX$iKbKvH{d5e|csQgxVIOfIpPGCwt6Lu7!w+46v*kq{LUc@$@4ocsEF#jj}KsLl`6- z*l85i{4gj{RXJe(=;VfMi{X;4_D@&1LdT2nNVQiSZmpQ{Ro*#S>0hko^tsH$&=V;8R764b_ehmj#f`#|1sKY}}~f zzwOoJB12C%a=0?VGKf=`6N3&|$;YS4}?PY@M!le6O(%K)-(-xim${Jr_i zwFg{M&L8DP{2Mz-s&fEq-thA#S$e;t%`WNkeSML;dY_R@eBkV1Ab^SGrbl<;&dN*uxl)>Uek79N z7wWpYw)_KR24w9im^n0Q9xkRUF_kc!=tLHE^{DGA*sI1)-*C(Rkz``908x}(16$sM z6ZqrlM5{oZ_qmVD{VL0eeMNw@q=tmW*+;0wIVEmV$$8IciHju1q&2(S2c2&@J|@;t zOI}PZR!0E%?7Umoi=I5bP29GyQ3|*~AU4M7p!M4c9pQtDHfEmNEa?kz01wA< zc;zQFW}nOK%Aok^G>HI}BA}uK2a&<|vJenfHsVE13a43OXTHw#r%uGDSr#;MOSOGS zLLd!LX^da)?&ha6T)Rc{Zp-5GR~KE_$!T~`qCkeo+atC1XF`Ss{6!m+7WuWvXNzfZ z41%hU*?rjr-wtKTcyXwwL^?SWBaY2gH#j>yN+BkZpr~vpcPVS>Yj~x(w%l3s>2+Fh zwAS62#u?|IM){jr2xk|uHI)$lRnZtWC=luPG}TV>=aX;{uEf!lgcwERePx-Si3U!) zxvYHtGD~Xc@ieI0<#6YC+#ycN6m+ z?>rUxb6M4uwZr$5?=5gp{|torJkw*JXL?cUWfBpE0o!Vy+{h>u0;vuwN#)Gk@*H=n zXFB{`RuU&saRS)r3zFKzK)DKG7{SDQbv$FD0)5k41S(eW*-68VZb4x2Fq&d3c=BdO z7-*cLyV6n6FBal6`X!~l{Nf7qs>D)=tWF3%F9O7h{!;)0PCG+igsa{d02M2+(XC`B zuaW78Fm5_E3x zm8qyf1l}LRRg(}dXGbQq>QLBa$BePhu`8UX|2Y|bT!&Eay!@0%T3lS**&F;zA*q*~;L8d6 zqo8E3Rp1Ps?dE1!G_=6aBjj)sXrx+i*Dt0mGck{uN{@T?h_k=iXBb2$bwGf@s;csS zLiKdmt3AGO^{@THQvFm(-gJfX8e1?w>W*)UzO4Tm*73T1aTYF2M;Sec8KcPI{rZZ4 zYJsN&5n#}V^&FaI!er)Ey;Acq z(jJ@#OD?e>;v6qM1en_=unquFQO6?`E9C?A33x@ow)HhdNuG%Q)Rbm>T(z2Zz9-=w zGZ&Od!Fy9v=ltJAL(#9lUFVZf4CNH)oKwQr%o~*t{CxMZ&;sb?+J-j}d8--STfK4+HJfzgw&_SZ`>B+(fU=4AT1a{lNJh`kPQu35cIqfq?Owy*m#b1InVC z>JRAGDwWd0L6qbBV@d@QCq;cq2FKdEz^V}_T0C0_81zRGgR1}yWs=l*LBM1!Q8o5d!)V_MH1Sy@W(G+vm3U8 z??>L5XIRO+j`rA15_aqs#}pijk?WQV;#a#Bo=~F}3ZT;p_XxW*fwAr0Q9Q!Y^`VT% z>xpZ}=p_6DhjEk$sK=oM@Eid=W$<)vAi?RFqWZduFv+xGJ;%yw=8RO+)1UhMeB9=X z)&rp)#NzWY>5-W13h<@X#`Fbb2Vc6UAu8MLI8?<(5OB7AH8O6Sjs%?+k0e(1RGzLt zKVy?N_SYqdafyh5XB7OuWcd|}#dJ(rB!8_6m;n`+KweN-VPgQj9=!+(Y@xf_yX9R- z(%}nFRR@%=dYic!+m&{|sF5*UI!0FH^>vo142j zS&Ai;q7<7AQ0}rdDXTVba03QHGd!VFio-gT zHZadqzXI)eJtbcj>0KX1G5Hjk>0e@_8L(4*(M5ClKRqy7Vb9Qv|Ax2%Ur^I30$2TI}iI(EPZ7v6j?Lc8gye;j?L7#D(+ z^=ZSMI+a(Hez_h+Cf_0;+5BMXXq$x9RlIqBsFTYT_Wy~s=6fyIp}Ee6Qrm1kRLJu9 z9Fj;L=LR0L335ZM`Fn&GGIr$-oF7vG^PqcX`j5Y~{chhG1rG2T6 zv=d8=l1sm#xPb60^yTmYx}nfNWrr>9l@FFXWOMg`C~f(kc8uJEfX-!24z7Cfw}yW$ z@Z*b|MMsnpX1odzd8f+)?7qtlw>Qjdt{c%!mY(9Yez3Tjhay}T`lLKpDMk7%865ZY{a(H3nOgXS8js- zCm1aS5VB9v!$YwhhC*+8G}U$}9hX-2bYGC~-WMR7TyxQ5wDF0p+EoExS7o*~LTg(c zAe7nrR5pU1BM+`Z=VZ+DGT!;T4!$n!dz^jbO!J!)ARu{Nm_$W4U*XkdEo)5b%A_w8 zTR3uEU$odbam{WPKQwj9tTo7_GkdW+;E->wxf=!cnqKgL0tJyIzaJ!F00DzxBeio( z9URYT-^ASb<~Zs0a!lQD?KZJvv^3Wt+JvAbHm&8}#`k8WBeY9~)O6K!yMviQ9f#CB zHaGlGmL_Jbm_TSPCnWXpnjt7ibpu?0TBSnD?nD4<*VTzmhaAeN$wA9~?ry}WDB?;@L(;7rADX|9 zmwFhtu~2yb`@7wZRAL?PL53g(85OeyuqkQlo38a}uwkhv^K%q|e8s+r4G)zX$l`rTluXItcDvKwI=OD&~3Ft(L*E` zOSPP{o51dsk2`f0gxE<{|EHOI$MJ9YX4gJVod_e3XnPe2z;2#jdqr)5)MGJAeo+Sk z`902%7XD{3q}7!9hcuQOdkeQJZ@`~^z&&b7J@#e!jMN=(Z*`{CbY-tf^=om;<7n#A z(G)c`Vy?l6A+GW9nB*F^^^v$oS5;fQF)xbV0IdxFf*fzZ5?+=l>KUf%CfjqY$Hx~U z+I3`JsM%F?_~yzodgucwEQNW_SLuujAgoR{q<(LJSXLYhk|mKfpRjnLI>pRdK*UeY z#Ca?Qmi+oU8KOYp0wKc|x`4O&={62@xbfPC#=PpEUqw)1mFIJ*b&Jgj)>W{xf}U<+ ze3ctYDJciuiJ02xlz0$ZTli1#gTfHxf{qt1alYY5kAr2nLBt$3ic4U*y%pktvqoU;r1;T709W^}Txemz|Gwg#NnR{SI7Iev z`XFIPA;U5FDc;@c2qn4CwqLt36@JeDVB7s5*^v=gSXozRXJ;=f z)ZmFaYeAukkOX+4#E&RuC@MWY+YMMUW@a|Si(~L4&*i3S1xhU*4eyFYT6U8uNJ=#w z_Q<~vQls*hd3c_4psF>tiW9i15Dut8vW1Vlqab7Z9G+5ofbmkn;^%L zGIHEvk!S_j|kjo7l%L~7{g`lRg_kdO+ zt0$5_pVe(mGWrht=|lg-`9b&JVmFi~@GUWh9!^p$j!cs~huO{@&JB3U*+-PP%LK*k z!+;DvjZkn~C_goiuT9$U!N5uQ$_i!f59pC`m1_JPfEBhrc_%zN-pjA9uFiRmeFrk9 z{23Wo5HZ8ewo-$u!M$Nu4uQUx%E0MTjP`qv9Isb5f_sTyJAIJb&(#1F8EW5>Yji@k z_%eXLdv5y+uTR&r<+Tp_C4}Bw_Hvcfwf{uiP<{pcBPcu)K`xWrc4AfzNBkvvTokU3 zRvDnz{WW?5mA&nOpvlJ@CMW58oa$BQKRm5JCviOk=mQUYS?!XcnDuCYYVh+O zspc1>;+#`Y@AI0d3Dy>3b_+bbr~9|Z+feLFdrJgU_pw||QGQsr?iKN@W*k0kR7j30 z#or8=Kv*pmKy?Hzh+PjK=RJBk>Hg;52aRcahW{b?SRLUvAp>30g6a-fd)N`P+Nqme zgVijdwp{P5GycuUeRDhUcmzZ+@K$a+O#U}LqK|zL(JhC|K#t2Zis8C`5q7C-5t={* zWr%FV@K&ZkhF=BnxF+D2Yg;*eO-`_-X@>GkXEDHKNR05`EA{r^JGFO6z=ivy>d}pC z^4a>P!{VV2t^`!UD+9S$#fe7dgPhu-LKV;0N5WsaBi z1VbUi*Z{NTc|=19cc{^EOUfF~QLmUc-^<2gA% zJt^=)l3&R2$$ioQdKzVVL|=e?h<0l4vt`^}i|BxC8Y#vo zhteYNMywEp!BrqKaHF4?yb-AFgmmtCKUF7ImeuA%o~>SHmj4bfDMdst3eacuK9K{+ zeP<79hEstV+h5KVU9Ln~_dOBxehcA`Z=>vg;d{Zb!}&H;raSxH?V)#8V{>}!Wm;D! zGCsf(#Wm*Lm^GLUDc=VHcN;227T8fvHCJ08d`X@M$!Ft`#9*PFPt`Wve{eKgo^^@v ztpJ$a`U{qr`DJtBK5@;M-*vBW%WgKSa_p{5}%d@8eYja*@Ee>k5 zDaP>hty|c{2mp6KcA9|ZbzTvsn)u>4q;lXVIg?d|L4}Lo*7Jh-{@UFDZ~&nCr8yWZ*D_gYJ;s+)W(4M)TaTq#9#ODf%ZfQWu!^%m z*le^Ep2!JaW1Ae#iVQ?7FYUkA`|kH0hqkva8E~;~5!i?RH@LuRYM`BiY_IdD2&h@! zNeUsE5}fzm-sMC|&bMOAOkRzUN=9O^>nkGXyrSyQq>9`y8B|HL8(ZbT(LV2Ink0lK zMSvOL>3|i`3k#WARhyrHv|y$wDiqw8)C zX{((qodYrOQf^*V2vQ9NAM{!5zMj{(z3AtQTLhX{ULp*QfCBE%&Q)-b-3Obxy!&O0q@~OteL)MK!2C-6_h5}w<)p*2CqYaw$*^+wp9-mYn>k3 z4tAb}6bR}I^>~YA-_{4gbcWNSt@XucNBdjk3?als>G)KyS!>oI7I})X6Jo!}5gZTc zIa{Sp)Ucgi#PCRn|AAh-AS402q!)H+nS&YE_(o@7xMrL(*kHblyQvFB@?+$*wrWJ6 zoln@-Ipy#Z6f`Gg883a1hmDObzpezTtO{0HcP|1=O)f&E*Ddzr3a$Z!g$=(IFw5|L z*AZB zgW4&Pd^p>A^Y()1bXQH9{ufjCAVS}Fq}TW16MM4`SenFTI>&2?VWv_|rBtFAJveUA8{R!B}%W0lp_8$|_b*~RLF_O$5?rBV?Q*QK#|gB136Ac^fpv#NCayWJoKO8(Z}(iUy&=^h zn)3~_+;Mi%x1$^x=L5SBH2pkGD2EdxLeb0!5+@_w7cSQq##Gzk()28>1p~{lW+;Ml z*H_jp4z4I@kJNc}%!CDPHi8ZgI-LwF>SXqqK&*8zbvLHF{xx=e@T?-lt634{x3~&3 z`h(6%aK?bE)Ou&UE)FHQI8ywJ?#vJxvGO>f3;sN7f&kPBmn{1{qK5B=D29nx?ye~W z6>X3!E=J0e9>ssYFplK45cF>_2@>OluWXzU92pqSuJpQh+8+`M+p; ztKhhrC`;F3W+*|487#7xnVBpm%VK6`W@cu_k|kNpk}U>{naN_Nsg8-;-4pZwx9`h+ zsK<)RbMl<5%(d6Iw&ksIO&iw7L$U7FdiHLjJSR6=>9=y|w%@`qpW=Jj?%WV;7R+cm8ZGf1wBjEjVUew2YY&5xkZAEU%MeGyR zQuo`b)a81IY65*tr#r8-ltOKfn>l^n61I~BmuaGb44oBH%raB9^M@s5T7>r9rQ5WPPhZMk| zs{ObY8;LcfZvsnfYdpeb|C+S_ZPw=sJ`Y5x(<}?a)d&&3;#bHw>88o63tlfNy41Dk z?*!$c%>Rsp|D9T&rGHdmk>`J_p8OJ$*tO4^P@wt{9JR{M15-s?^aSJ%9{Gy-X>kmt+cx@ z4dSaPu4AmPZwq1`=X1#(?)JF%c~o=&_s^mrE9fdq6pMO%02BM_IZ&(cyljEY>&}Wl zgCO8&lHBx6Af~6=4X^%T^WiAdDJ5ZCg-;-pjsocrxyzzUUeS+@4=e)&Q_!*#EBQE+ zX~I>I+Ws0qXxd)zBNW`w4L~{vh2mnmaL^Mx-@3bkk2Xk1&E!BWEvJNd&@k%^DCs^`RFvI;Z!OyYTDtMzHV)-z}v?7v}zi5&!k9qIEBuzjY zVH#%l^sKYSsTN=G$EQQ7Tm1bJ_GvFcXxfgH8RoS`bMK(Fps@uBw_FBIAul@R=+oeA z^E24f%s)(6#{t9LmF#nx%YJ=f0y_06pz1+P&?-E!9j4*21$`NAM3UIw4Ijn%eYG_E zDdYzZaT)p`7$S&eM7Iqz$Ac6L5*9SZ5l|0J&QwARH{XJsTp7VZl%^>A)~xEh(>vKkb9JDS^mN=~Z;5kmh$NQh3PPh`~Wd6>nv+%@=9m3jJh-x@9jFaQ1 zY*4D~9*Q7riKfg&J>;P7>=Q+Yb4rn^&P5;i(DMSvhR5C|yEyY%#xrt5>T4C6rcSra zVJ+|AB4&hDg*A0JnCC@+p}|A<{eg<*K@;NF9Oa6;EmKO{H)@m;8sedl)zCyM!ZnC0 zVhnbYBHCZr=q%S2FeRP`B|IL>xEU98XPj7}n0;N4`R1Y=y&RZmGyhnH$nPTA&%!Lq zS&~;@I~G(S%~Np(Mj?9)1WZe$-g7eScldBcB`j$rPzd_oV>s zvgM_usujz&RH99q*Z4lCi|`IAGc`o&Z*JscH@)eZQ0RjoU-Sp?-D;1Q%ABYe(eghPi_J;NEx446 zegI68c2-lzMFhe8L!cvCb8l{MuARTWTr>Hbh-0$yd! zAV2J&Z@URj9Jk`ppMP32{~DYumf+T2X037mH80T2oOCd3G$v~J=)ytfti-FRI?d(Q zuIddW8P{V)bFa~jSUor?JUiOxTS@Q-#)tiuGYu69W*54&KAO%+l{CX9;beghOhTQQ&=VZ0!RgCaYY8ZFlS>}A1f!vV-0NQrTyO35x(zL;jeuV>zB?e?b zB77Yig7|F@?(A6lPloMNi3yuy^Zq%ID>xorIRYxY$)RBTx&wvU0^B=}(DX7MQTY1R z0s7&#;Jn}Qj5jCP_et{h@co!azM@bN;RVfndmV}B=tPB_e-e!hf`AsLqf1>Ky>NIa zrOK*&1LAHnlZ+ln$)wH8UJrHi(vs?NG7KLgI|K^*m^J2@-|0V|^DsXpdwp}^xaRE` zLu9ZzB}_~+2<4PzdPuqrUD1$yq0%E&t6=>m0j#xi4-a}K*~{S#TtuBGpR#0PWCt8R z00&>ns~iJuTpn)4eVT+on1Gk6B|4(@T#H(!;dfi_t9pHHZha$h2ApWG8nb!q*{Zi2 zS5(3^j)+*QOpGM&tkH({%55xpK3mNG2JRTmo1dUU(qhP`QrHCRfzW4#nA@@R$bkeU zw`Je!*F2C&{w+A<@`X|%)OYmG>oFXLOhm?)k)CeZzX-i!lqBl~#pO|qI4*Z|Xq%uw z7e9`tkr@5~$IVxd*XwgGOWJ|a;UV1Bb0E@^6v0_6XhclB(U&PZOMDU3N1rMxpQP7~ z4F&a1O8l9L|9i0G%*xD8L^LQ`jTnHHi6j_?;Ij-Ze!f8aGb1*>lIJQ;3=B>PU|HgX zSuWddd1%6{=~bdvoQdVvB2m+uJV>WpmWv+Devfw8%&m6xPr|GVGXZi7cRbx=7iLYK zkkfIb%1aWNc>FgF{J*RJ@>{BqOfAPGTaS4}7FG2m&y}%h+z)rXqF!U?=P5?O$Bgl# z2H8TyxWS;+uRGpyw276;Vzc@7fMu-sQt7Em5i=1qevqJ6D;cVe`_~Sw=mrO!x&#Vp zo|ru?iyKm zDr<_VL6rMD^ywn?55P3qA6gyC2Kw=Ca)8%ErrwG9nET3QkXLeDq1sQ;WBM}aE9F9C ztK8p2A{!-vBxR!Z_GnB8Dg8!x7AgX-iY;Ma7_5?%F4Mpx43=EFK6JA|jMw-C)XS1! zjO!=4c-E8voa*gVh3J))`S^|U?JpgW-wkNLM-WaTyLeG)D{iSvlO>-5T~0mW3xeF# zsFIS6p_%A`j*W%I#?grNjE*THP-mZ=gla+TRw;}qfSkUJLrrhCgB0T8Dk$3{e{UZN zDElF|nqrnRU({5I;zaLr)X9G?Q7jjR#Box#lfJT?-(S?|vTm~0%!z@-VRoyH==g|- zBaKKT_g1PtihrCuQT%LrSfKQ?y?w>ksTVdkpQfL}r||St%v$?%Ep=JhkRm61cdd%b zw>>7TCKii&h8R?vA5X89zDzaoJ^f2>Kuc%@}g=Q(#q&Pv^@a*VS~qL0>ZoHbs|} zc#J}H?E0lI1cX`rEz_J{fLgF!!+5PxJY&U(rg zN^eg6dd$nA{t9yI&k9_L?!?UJD{PQi`?sbq-@jn#l z2mrDNaNgdcB9UJ;j*x5o9(B2250oU|UQf62wJ>xBFms*T^Zl6MLtiBumN!W%|$aoXB<8e-owm>OR* z27@)VFj;zF#E`+|T(l(zy#vYeb|lH)9SXntDfy2fH;cWC^)F*4Fi3v_-LX0 zI=qzP878-!J8?Om)VaMspdx>59Uzk!xrW&T3crN}D0(oI~XOEeJ#9tvfvi zkLb)7W#ro&Z$WRf5KR#OTqz8|f&hpSaR`>~ZBJ*JY?p(&+ZKa<;8IZ4W~=aAj#c-L zEbJ=oeI_?g#dTqBPJ4(yGjsHgRYs>-^)NWTw+&823U?n*d~k z*oDzjVu-`>bi-r8Wqd5mmZ15B=omLx3x15VdcwQi^2FqtsUs(LPMuVHE4%)}+K$Wq zYVWJ^xA}l}eMnaQ-^@|ZkTp7i<-|V`dY)E98PSq@^*OZ}M))>hOaLdWWTW%S7~%4T zID6lKN({ekgWmZSmV2ulsv!F`mDo7DeAVSiaY0C8XC+z`CqH^k*-_qe&Jx2YGU&Mf(Hv7NqgF`qI1o?x|?-K~1;$SzpA3uI?mEHCw z#nNQ}E+Dk!h~r4WtzW%fAn&nNlz?hzHBMipT_|^@#7l-z@jh#U-m~YnNB$+!sxBr# z&cq5&9kEhh_Q*+W-crI@1)psau4eY zg0+u*8ozzBKv32UDGAHFlJ#0QA2=)|#2?Tz*CNQT73EY7XJR(h*F{+Qbn#3(Xk7`< z`W?+AkTi9Ed*01tTrL?oF1mwoUR1Pw4jC(Vapjvtej@_Mxi2N*-pP{VmY75iv&*eA zSpdOn(uUiEGOVu+lDbn8e3Gz;0MWC2t_9E;Zs=AZq&(>$!3NKHiPm>RCA8VH{PIV$ zlCQ8|<35YQsvD**>fvroA%I8`CqYoez#>WTX(|`Il|K97E=e6p+DAgmLyHYsiDql? ze%Su~e3w09ouJQkhe;=@r*68BJUmpb=%`{o$Fs9j1{3UfCE>ks>j`g|iJ%t^tt0JL z2NnC75{p`mG$;zTEQueuV8mZf6+x8*`wO?jr5>(^#C)bzr1l;rbd#>vH& zbt3xezl5R4=LP&miC>Rud$gd%DYh<*cN??Q*|uX#7G zJ*q_Xc3$dzgoi$UMK8bU-{Dr0_9k>-?1H4iDIVRBf5#8Yosr^9{nOGb-i6?mRh{7N z!VGrGqYb~kE}n*8{>pR%A;?ur;TPSTfxE8uj*$4peUw^vJ+|h0_iwUGVpo;>7<1UH%lW#unFMRBMprSkxH7&-x{6ZMD zEXLg(M?u>!(IGgV+j$EvM@{&C+Thdq56@pUL~o*+E5^b@(ZdEAwV1T2^Mw7UswB-b zlhD`XkD;Ce@dUgK7BDrHfo@FG{Jgx-+$dk^OhMOvdk3grV_|ie(TExf6W++ zfrRwMb|ods?eHu)>XbtWIH3`kzhR)-ZAJrfeNPsqu12QV8p;dsMavTs4dxa2gs4xG zh5Wxv{7wGz4jEFIOTf+5x{3sM5R~lk@utLly7pJr`GWz*` ztpv<<#BIOT0vh|WwP+l z@ID#71vokqWl1b_N+uJ&5RtJ3fIy(aZ=ljE*IJ9I%0ca)1({jv)Lz3Tr8F{xp*m!C zOp?W=on$5idvNw7b;#_niw?B+=|zqBLCZyjAft9Ev9L0u5ji4<$a2wIt* zQ6%?&gFIB+L&sRLDD|VE3NBGkx$4i-n1M$Gp7W?jAj0>q{}v@nj;ai7nh^w$TX`?b z$-I1NpRfS8M`fc#j*JHE%oweFu$CsteiMovfIaD&ro={_kAO!SED9wn&LOS2T-+V@ z+@l~PzR$%)nU~hqDiyLxs24dzAiAqVSFg_rS5k#MD5d_!^L?P?Yf8TJ5(`B?62$zO z?$K_7Z)3z+J^}vcLI;Ny!DaE#;FC1eC?1USjTupkJfB(=GNz3s&q-o{g6f!&p8Qvu z1ncvsWnyX;VNyyuVl@8`44>C>xXbKt@PBI>@(^X#8=4sXZ7=+N z!2&0MT8G0hsu;iI?<{^0jQd2Ng1ZF8kGY`X8_&^l9Pr;JV~Fc2EIXl0M|-SkoJ-)+ z>pY^3?3HkaSI$_;Iy$#n2&7J~{sB?oBM#x!y}RaCU?x5Ey)^;?1G8-kEovq!37SAV z#*_dEkKs58Dv6#Gljs^vzISd)FwBs@;S=GZSMLa&t}Vq=X~?uPW87^p+VNn=JXhh5 zYH!)Eb_a)=ThrS%^AV*-GFs6z7y2RQX)k1*A2a8ijD``qcA3F<8|w*Ch>iaK98JvJ z2Sw>6S%`uH!MF4)pGB0)(4q$p41J)c>?4LH?Rj2v(Zgo_krh=iq(btzV_(q`azVx0ES}A1=>k_5z_uC{DpIPr|njYsvy$&T*L>dkDqEJM~ z<2^LZ4xzPxe7mTA(fq=f<$|DLK7vZFx;|!urI?rgyNGV`U@0M)i0Fn0Q*XW3lWv~k zVF@SkHUXyFJ%1=i;~Y`KM^*VP9U7y#DPeE`xTb`c2>I1;%>0uU(NXl{F?;97TLM|y zz=;5y`x*~Y>*tb($jdma_TB?P#{l8Zq9%9AUOzN zp$k2%IZu66S62?|LFS;e-X#IXD9Aw;Iwgu8D|+oCs7UK)1Zdo9x3gea;|>{%K-P}C zSxYP@3V<~rjJWjd8A%kMTsVZog0GaNuw7mq{3-#hm^vuO>#dq5AFDKt_2VH2fqRz~ z(4m8@cXZRwWYbdd?GTiU#a9J_2=5WG@qI<@sM#S(Ih{EAWp4AU-jLIt`jqYzDt#0B z!H@9v&~vh`AHx2W;}JtUo|99U(WT86INtVzQAa$oM>gR=p|O)k7?Xwb-woWN(Mu7e zwJb_S)b zBU+d{J$vc&C-OiV8B`s%}BQmTF|9iHPOF3qi*uJ08We}hBo zif6sZ+}_CUDmK57(7R8QY3(WKEc4i4@*f2 z)G9F7#*W8vu2cpvi=A&nru845ku#q^tajUa5UTOUdoX(m7-s(qgH z=|m#QvlTB){C4x~%@XoqqqEgRWm9*^!ulWNdQ z@6de0@Y{$ebT(Hj^6L8(E-v6$&?G5GHEEtRa-VDNSkizG4%#gz5_(g1Xy_`F)FsnypflSyum~-Bx(GL4+L0lP~Y@gXdM$i zhkx1t*C^r4m9cal&mha1lt|=*rg}>H)_kZBuplHUFzXsI-kBp53WMrRLX%>m5Q*an zXF2(uK-O$%B$R@RE+{Yfl_4jJ{EwzO?t#f-+}x694Ysy=Bi<1fsWkE3(kL45I!4`G z@A_9cXPMBPcb<6{0%d11Li6ZVWjZ9upjP~$Z#bwy72KjjB@LtCo`@klKD2SqLXUEV zR`tC@F+OK2uBb0lnnl7DS;#Tfj6irIY{}=6KfeKiyN{-tk`Qr*CAo~I!M&ne(=*GF zvxr!G1Yf0btR9uO$?RaydGTUYgeaj^0w@2(t$>}VyqaOJxW5}9M;35U#S-^bwUg<0fkuxw;*tnja&J%rDWsy=(I@ok#~~~cOL*X%Nz7yojP_&&=;H|NNIw) zW?leX9PW<1C!tRH@!$IgC>$Dw3f2yBo8a_xK#?@L!@d0W3puuPais@SnLEV!k*tt2 z@rADo>Twt`C|0E{kNV3~(?6fzdtJqaff_9jPg6}*DrPBtvR==`c?7dr=>zj?Vbss; z-2T6;l#}u!*QMqzTa`l18hkDAnO~SGsd#^)w{zpqY)}@@s)p{Um0yk^L!B$*bzxjd zyA^TLTd?CRi!&VSn}VulO#>TSzGdi#Y9BiOD8Z*v%%UZiL#jH-O3+^xi8N;&=UfS$ z{u7A%as!$!CkQ=cHhG9sTguZ6X$E!rkcN|EGs>rcrph%=yL?4u%LsE*Kpdz|q^O=S z++JJQf{(Y9KhWVQ?xMQal;J|iX6Im-hIRH1akd>QLp2lQeKpaRjc7j$8>n%u{6ugu zYdy+R zoI3XK&-Xkf2V*V!qjEy=wX1PPtL-|b@l7#3*#!EnX$u3><&v#!gaYgRdhpI#p;&NA zTgA4S+&ZR#qnqi2(OC{x^Abr?R#Gin*^_*zKBnldcq#^p2%cW|UN1LDoGA$?Qdhr( zly>Iib;vIC*wORU%7WtDWCxW43!BT3X(lx&>dS(4k`(Q@UrHtLuD{dg__XaqqpG_W*@Y+_ z1r2OpFojm6=8-WVl~?NgVeK32MhBdmVO{?ogAm7bNfMygE#jsDSi((hb)B1EI&Kf{ zm^fiSSx`IJVxjMJD#?2P1-l(iSqrx=jeSy7f^TZ)IxZwl&qGSffHX+Rw=2zwK1AmP z#T&FJ6ScRMq3GG+_ql^o>PH(Aj+Bc7j?QX*&q zzejn)d{ep3T@n&;yVXU<{CM4uTmqqFSZCV%pLVG}axad^Q$-Y~NDDC~l(=vxhEuHw zc;`aT05%CxFnq8z8Eq){=44~YtP`~iR3J*xVq+Ry&a6d2lNq^uCab+u{(4C7%4&wY z<^oDi#~*S1p5%gzdQ#*VbI#K@NGx!$=dwq|-e8e}JjabEfnbVipm8VfECF$%=$Hp~ zqIKDu$0b?8xBq6$)Rg8tr9d=zIzcN#En6G{x_rldQ#UBPxVA#T6DS1Mgs^8hV5lfw z8din*jHJ0_EfQI0p+zY4M4h)J(e<7~cD*V-0!d*xo>-5P_r3-($L}Yvo5FA7rNTh> zfSR$jxJQC7dxH!yl>&d$PLY#I_P5W^5(-cre=p?D8Fz;FrU_|xNtHR$2lHs~SKNIo zTYF^J`0`r>G+X387o#N!Dgj6r3eD(XfZN)4jiz;kt&3z2T)m6A_MM^VG(R5dZS;)g zL(d-hCxiVK0Vx>9m{xo~R^wT7d570&Lg?vW#%)$_8Rd3>^nYB%0G4X(V~uAjmGb!1 z){_PrhX&Jrsgid8;F~HZ%hy82MePpKdrbUi|IvRskiTKzxqj6d`scOwzf%=u;k_w1s3nLvonSky)0Mo97B5_D zoo>_%7vmt541Ga2G#u)_k)h;gf@2@9!H8XLtQU&UZs; z@O<~N_0{_(aoM6hjiav+-uKxG4CUtHlAqyIGP|5fm6J3s*AA6r@e zs+`~;vHzT}e;ZpHW1wX+{m--9r~eNijr>*?MQ>=ZwVmt|=|7i_|7#pZkcPxy2E)hm z>}m4fe*C{~c^wa=9(UV8SqRGi44GW+V{G;JrH|xY{7cHzf4l1cKL@ZU@oNwB(j8z5ynTXALq>( zNF6V_uyPT;nn%ShBp~mM%+P`_=XhJ`bUBt#;%^YSv zR{U)WyMj=J20CJhI5y4`10cdM&pz&~AJy=cr6gJ!!zLtTUE3TwgeVh*+Vq`_0N|ch z#x`7Jr>1mGzq6I?|C-!`pC3IbXd5PVty^_6dO_kZ6h0Wo$5tOq0Lk#m(C*gggj|iN zoV3%U!X@>8elEA<$VgYNi(hOy=wBKbS^*k6S|ue+!wf=MXohU&pf@%y{5|y=?(GgNJP|G+ z3MMmUy_z2*p}bs3`HCeDq$;2KD&73sQeXRSlK6Bh9gIYy8=;P+5FK}3B}(>Fw|y)} zN^JMAz$@S54j3u1Q$BiYbnxWHoyv|4Wrc{iN*XBMOu3IU!`ABzP_sNj16$i zG1&!tK>JAj%MH^Z-)cG&dJiD9@4)Kr7OgDsU$PO7hmjOxu(HZhW_`32k!l6Lt9)tn zo8x^wOG6*OPYza{=ZA&Az3VsQC@ky?s4_mwQkK&uaCRqo{@G!~`J*4ePac3X+uKIFNSwQOc51+1e}$*<;cC!@^ta6ZM|Sa-H{ z2@FsT2M4K-@lt79-QWABe;EU$cEBV}Z;PC80!wn$9lWAJ*dg&!#K<8W`Pf3#->|@o z3|yCcdJH~qRAQe?SReCBf*Ar7g#Jso`@Br=_3FJ0wCYk?wJ6yZzWgzg#|K&~y|Midv?kh)bFpbh!T<|EWdcI&V2^gtC zJpSdj&x}U$I5@a_6^qm;xPc`|4^TG)j&wh4^iL^Hv#P00WD&so;DDz&45L9LHe;F2 zW{QmrR2Y7p;D!i15#zd2za(m!8r&dgPcV2|WywQujV6XKHq626Z%g)d7 zanjcj-t|JnSCSL;LLl5%q1d_gc*o%;%cCZ~jlOAV)0v7PH)HsJ^+ZW2f6=mkntq?56Oz4i`XfU;#cQ`qm&`?g%{cM>vkBBVH>(RLe*RFHA0Ur=|Iop{mm^Gb+G-++?+M3-Zp zT$2O+=nE|Q>>%~s!S1>A$CA%rGLaA$@E04fao>jC+FDo_(B=-AhVdpDg=ROfF;3vE zx0F*FMZT)+_zK;9<3r$CRP11sJZlHl!q@-S1+J#>Io#xsio59v|Lr?(yUX9VXhqfc z+0&y;Rzj5~X=&jqWTCNNYe&z3pJ)>Bfnvc&g<^E=GtTHbfL+7fi0ju6cc84sm$0MQ zS(^>KkHXB^a7W~`_L^pq?FehM`Gf-w2#E`tqiLXMMLi^djz8#wrdA|n5rmb~93Mu3 zSf~9ZKcb1)AFVN0j%0chJ#^jj`)VZIymzq$HQaDH812DuF!34nM1y?k9MM)7&#ui9 z;cu5KC$6{K)>+R+ABo$Zi4^|J!=QOu{6D@GmkVU1et+8!^Xe-KBuDVSR~%E~7i}5Y z$WrC{sc|UgGm2?uV%Wa%i_fzyu8APPCvnIc;6{A1+Rk>qB%j1lyY7nD{LxX_uv3<* zm4z3gr40wR=m_cw{M6~T8#Y;M5roM$x8B~=h$WJuSJ}pjC)AuA9{62^PIMwi^7)n? zKb1j`H1XH=@kRKwkIGiegp8ugyJytN(T3^2$Zz zn=uc;L<&ofe6hv<4YrgcHBKm?XwNgQwL22q>1PGBIFqxc+u(V;Uy>40#do2f?L!Eq zd#Sg&>Hk0nul@1NF%*j82sf7@_#OuvrsGW<#R~#>WHK^sw%Wk7QgPBmt-&xailC$k zV_x^i2(Uek*SKL?%(8PkwG&-v1#i>7nV77bp0?tXa5F+_IL#|0bFLgoB}`e6%UL<~ zQpt%a36yiAoijb>I?HKNyMu#ru#Rj&YZ-(BI|juex!*FuS_3<=T&Jyt;41vv8jMyK zC(J28@|%iY!Z!mbu+tHsBKKlcV<-H1|LKexJ^WF7%;P$)#29F2sJNIdF;Sk&9b%zz znG8a4bnr@tM=65yx#qkc`;JXB;FFX`(XdIgn!P&Bo^XbmAE_{~)9=i}R8p4$DsO{F zYfmXH;U|L8n22jb_cHk3%JU9L6OW;~Av-E);+DerOJIas$88qhjQA{dS72lW+8^>i z13`k(5FK&zz2c$h+uVhhWT`MldwTH5&^_2Y^m}a1WDXJexgpth`T;VIN9M;k*ir4L z_We*d8Vxw?qGuZ2U#+wwA4Y}MzfFvS0M zJiwDQQVoS7#DVn@?Ps-TqSD1$E3BF5pVXJ&R@;F1#{8Y9Rx;x?8RMc@1Qd1qY^m`P zIR3|YmM?DMmlI{Zb`+tRit3Q6RCQMT?t+c%WaRO)6XrM8)}n^aJVEN)(eDlv%h1w0J+m6bFuuI@#s-nYnc7-&s2VT7}zoh2MS16E!i>zqkkf1bLjVQ7fD-l zT-FK4k5s(L;kl;~I-)K-ampjCN^7BE3D-+OZX? zN&fJx-b%`hjIIT94KX>tO%dTlgEY?x!#uOOwm#OegS8C=SdvkegE>Ly&iF2Y@6s~x z!b#y65-HGD1%imVyVw-e8r;f9&qy-!A?YBi6cyHp_(;cD8G<8{>Aip(T#5WWyo&A1k3$MMmLVMVXHA(U%CS$;*b|Nz1J=s zbt_rY4{IGxa5Khr@D#cIM=#vxIu^;)ur+KF?MA9W6VX!v0ae4DCkik~#!ilXdhmj> zi$1>?0=bgAHBQDqj}#erK!$p6+Oc&r;OnI6F7V5_I{e8rKb*Kx<=rixor|3`o*p22 z-dk2sG~Up5RMM8PvRl;Jg`)wuJ_9;edK>@&hn9;|Pf>2(dU|yZTd$hR5|kzeCB%+- z`bReQ1-WA1EvV7WvXENBg?7|%(Xyj~H2F4w_P*bn?n`>?b9(Sh$K%_7CZc6HsUVZL zS&WK@R{<&|3*Afgfc4KN(Be|YS4p&#_Z&s!`8zo~1(W1K{0VO3gK#2MS9evPK7HKE zh>NJN>IGu1tgD&=5s^!k$T>H%qNI-ASk}N^Zso?(!Y;H~VYD{(`K0<;?_h87o3DrB z2uC}XU)3S)46#4C1Mt_nY%2H^I)XxW`o!y5BX>jkt@NBQHOq(9`nq9YI_|f-ZemC6 z-5)zfhhVHel*cn9x*~BU$T@VxVD!8wGOZn+O^80DTIAz;{*>W|B>9)j1-;<^*r#Qj zItmuUO1S1W{3>xMjpwH&V6fK@ny5BOFtU|c&YQZbkC8MbB%)g}NLr|Lx|6ahflGoK zN-5yjdEItmNAUH6BgxYg?07VSs^v5QehzNw{It3uGk`BfQZvyq%I6QE3l7Kpmc+C2 zvlZr=mLx=ifwYcp_}=gXr)N1UZqY627K-T0B~Qi$Ede(ymF4kstDvkZH3MCyMWw`H zyZ+zX05XkA%*^1{0wpU#oN`w-)w}n6UQwfpWfp~QiYVoc0RJH@M_Nux% zx1~CS^aySe{5-h)?)nuwCEb8_DIz;K0WjNk=*Q2>UG?a$E$0=j8AfI8>%LkUQhf$1 zU8=i5gW2ST;TV}DHUrilugJ{PKD<-=acUBjD7)ZWP^K1JaHPfmKA@nrFEh5aGq)rG z^y7#L#-{ft8ArSnHf_UeH@8-vTZ-hQ86%h4CWUVnV~5Yjf+XRnoH5Po%lqtowZi~+ z72j2Qgn}m3&_k>eCFl{AeR)3yt0nU=%Bjq)h0Pr!wvw0oc(M7Hcrwt-Kf(oXPubib zp7p8ZfhFHYuo0@~y{GF<&@<7e31gUaMWJY6$#+&#m9PEKN?A$J(i$HhaE=Y|^47ae z-7^}wcn|z|<|eZLOE7uupyEFx%(4x}vqHpxZQ_?Qlyu2jB!d-vGaJf*=P$pMl|rGA zCM4#^DfwT!PzDZm0PKMJ`xjG;Qc9eSd88prCVC4d-ZKEnj>Ain!(i4a3mxhk(>5(| zytqFw$8Au#kZK-kHjNN!Svul}DK|ta z$xbD0mq!@!Uve-1TXymrX$ZDxWQR_)GOua(-WshERpYsyR$NQnc#7Dlzp?7BE{}f`e`K{aEbW*ixQNY`8~@7o9T60}tN`lXoI>6*KG5-74c z#Kn`!!EfPnm$Sd~cT4-3ro%$%h@J=0DQj~AdAimU_Rso$UjRo)(0Es;W1`_6w$9yA zw=Q^?=FxhQ5D+NqF-x*k`NH&Tb{O4kg(5yYn&IbzdN+O-{MAF4%paG6ML@qxf{v|^ z$0jCLvw*ylora#7L`r&b;3!Fk9^rXC$3&&MM8F}vZ=s*5H4JcdW|u}KUJcu*V>0!> z#qfI?_IrJxJCQQl%vO$%j|a@f;mQ_{$@I%!glYjWT$k~_-#R~T!sHKRBzvYGBSGyN;*HKsTC@<6gRNEX3c4&TUw1GH*xzM84N*xqn&c5E0D z{a(qrr>VKqHSqliGpR%e+yd6}AsS1{u$Cat3T6d-R%PQE{R{LEN-%WSPEbpWT{L{d zW>)z~dkf0LLZfC;fke@!9i8fb@8?|lS=lo@;{vR&8X1br6FT1I->Op;<(jrIz4XBW z1tPTFEstDown~{88*w2vBQ@?8%fC#*Rj0!m$a2x|UH_M=`hSSw8NH>@!?eKZD&I&T zfo$8;OS0c0;Q^TBEe(Pp=f54C2Rr@Wr*|pj<3dQod8h{ zN%a}47qJ&YeRCZQW;Sg;X zNU7Vu?(*BfT^Z>N2ul$ZIJmRj5bb+f(U>3n-=CLRZ6>NDLPwML49s@(bPtUcKr}(m z&LB}$1868GnT|Kev67_<2)pqp=)qZ4zgPh>DX%+3w32aD%1XR1Ro7LHg2|XWx6QwA zaq=$b+m#`y82iz9QwjC<2|U7SOm6h6FKK=Ajz0K37iGa8az?a=fYuz$C`{HA(Dkf@ zG~NT+7pj4qIFi1rSxGGyy0VqoK0+zyx z3Ixd$eU=pqt}JC8_2@s{f}{L&Pt`>S-D-B|6N)rPBUBetTyBPT&dh z(Udqq$f30seH%4HzboZ-eB^%b-sj%n*NUU3Cq^k3gg~7)ccFwsIM)F)HtsPe$w+X% zsr8HplC6xHf-0Y` z9-T$NOW=VhHI*kD!2oxgN?^3fjTH}j`reL-9mFJ8Tm+gL19Ch5<6;`rBcTj{sGOKq zlBT|9Y+`sh8fLV)jojmp$y$>m4{^IQ4snky2C)u)uteefs4izHP6J&ueE0O7aIcoq zwfM-?PFF4^t9u^eyy6>2*_0o~-4{|Go_KUdeL<2373Tw8Tv*b1y^!6G_}$#v@~fvY zC%uZ+C3p1LIYjek`8|ezNgY~531mftOHs98=<7Q#`FMXpyW9<&`klWu6d$)e7sIRW z?oDR1kGaMjoiz&%qtv#ktB|1M;Htx92)yKG{4+=IKsNHXDr|)Yx_Z|_g1gppyaaNf zF~<@5ss2-OMAC;B8qVH)a^D0E_E@$3Akt>L_54(GwOHcb7s;Sy3*oWEbr17RZJ#uQ zaQfK_G`)6M!(!{VTSCH1eR}@2Mt0nrBHyiYY!Tj49!Z!KCm#O!u7Glm zCYR#+QmD_MCa)?tTRn(-OFjt+K6U=}REI?A?Mx8z!@B!vh4a(yi>jkk5M~`{*SK>= zY?cgGEZdi6Y?REZG;EabVVlc;BXZMbOv*8R8vXGkyn(=j-sk${^Knm5HZg>w^OeH& z{vn)6uvd_ey)FArD)l@Lz+~~q+>&1#y0#*Mq%l)S|9t9X=oh$9|2>?MvM=HH_lop7 z`UF67q;t+upGa zef{t^LNgPbWBnoJFZK^Jh8Sv`L_TEH4zAEYD?L`D>zJ&h>kHlyL33L(e22!qorE?h z?Mv<9&+eVR(5qhvl#Lw&kvKE~R&PxDpl?xbAcalEh-z%C8B;dYBqP1@G%;tS;dmlE`k6PH?;4;x4Nkt9Gj?W zQEq+H$1xtR@WMqdJm&7qGv85{m|Q_SwGREovp*hmsgF`?QF23H zPH>X$ApliNTW`x&RKFVa6Y64%M#%H3>BjR#F7xq7bR^y4?o#(*x@u$Wc`uB_&*))n z@~k z3kKz%uOY+Fp!bdC zZka`x3&#PiG=%$zLl3O^4%eY{X2e0$Li%?%+8U8zEi88onMmr(9QLK%hJrR?e;jak zE%vEfND0|Q7&{2xoGMy_!!GLZbwnyRsA4#63YZ+5UZ^^577~ORC(i*`Ni4=hk#V~O z`>Ms~f6J8dD)IkXC(%zzAy1eoc`)mJj_+_fAj4E*%<@hT3t@2aAE# zmodlNKbQVJvadzWT4|6OH-~Jr3ChIA47LQh%-yvWR{aPXElWang}2Iqu*bIKHBw>p z6dGccNuacIWU_o}pP7m3oPBw_pAJi8qkh6-?u-##gmo~$vEeC`zIh(GWm zrMAgI_@=h>HGD)OVS8C}os$;t+J}DOt%DF0)|@EmyabM}lZD;AEF4~oFFG&O}z7%k+WL{cXe;F`qY zs+%T%#Z=N!XPR2LBcCAD_#`D-tRNTjR6x2(FB0*_#Gt)$o!D9IUC78l5eCJS`J|$q z)rI*rkDF+P?4Rwf-(r?T+u}4yj?S;0ANkf~_d}GFjb!vhu7j0Z2=17;53r8qt%zJo z=i@An5gjo;v8o1$FmsjB=ZwwS)1CQn%UJx9ld^*wo;AZMo-AX57E&sT5z3ovkA3ZIeUX&* zDF2rJds0*|OJ>j`xZ~s7TT}!o!|_9Po<1VbiIuzbS>pHakS6sx(eIt2JAY6dUue+~ zaY}c;|K?~UuR={Pqaa$&3#P=)Ruw9OBMV8(W{sXb%?kAn&WDS?lGF_)Ao)s(a8ESo zi>t3{)A?HEWN5)l5%QK;=qjPxP9)TlQkavR!Y-f5Z|4%Br-&S4Q%e0CFO&%$diLuj zukq0!BswuxfhJ1FDzUJUk(&|P*Ix>QwS;?(tg7+9S}0OyE8}}G8K9wM zc0gke1L3j^>8fV4Qqs?}(ZRj|Q?VaNHF<>5lJz8RIF@EVcU<;4^;wMwqzia)f0|jt zaAd1x6#%DQY&`q%PGm=w(L0~1GLtaGyO2ZB&Kbjv6s1zRZHMgw9hyw11nu;|lKM^( zyl?DRn}mnX-Gy;=7yX~I2p|IVpdY>Z+X}RXCoPzYI%MFJ1^z};x%QR-NhVb zmSzw%<%9TM2T)Jq<#YM9f@|1Uf3r@?{kcL!9<6y=(AC+9+HFCy&}u1iORXDpi6hv& zzLs5>F?d!lS~HBzSJr!DCd^i-jgJ1*^EDAaUMvj2H`TV3s~QRjrC6LM-eCZR{@!!T zCmk%NBmeF~L$XYSycFxg$bX9cHb3#dk!^$Y zpo z5UjrfkaG|lYhexRpj?ksT+zAgm`|*k&x$ORiTo%f(D3mh8Fvb=@1+*bI&{xu?&NHP z{CX=;4hdMbq3tf-n>ftayDv@3q_+>=*(L9Ow!xpPuHX&KGqL3OpNc6x zsG_lPHa$H(+_=XF?KqA^R?aY1Cx92Vms`*N+qoFe@dFYyvlN;FRiYfdnq!st^XW&w zBWl~8CbC>kY_b|A{T*5a%b321VGv9(1Kn&$=dR-G+ggE%LJUmnp2ZH4NDe? zz2>VQwk15hm<@GKr;q&*l>xJzKX(1akJ0bD!NVlf3WGS?`D-}a9Rd}7kT#Q^p7YH} z0tp`QGwkM-EhOGHR#%6lXM+x%#SKPV()1e*kN93EPq0pu)PFV%edG!@p7MVYF(kcD z_w9&0WH|*V5A9Lo>|MSC0-ES?5as%h|8G~!R5H>xq?~aW60sd!ugj&YmsX>h3Hy7i zBMN-{F~3A)^)Uloea6P~jE{cfrd73NF%N|4ZSfb{ko4UQ6_);I3rG1h{_q%0Ku0Q7 z;!#DuL$V3M!c4u?ug2!bwds3PTw+=*RXd|bl)%RUyT>JxA<_>PWJk58m5zvzxO>q_ zqx|TIK7UN^7cSEWN28G(8%ti+A`#$KDs!jkk@i;n=ZA1gH5SS;&H_z7=k!QhhRIQo zr_l(QT+-?D!y2*La)iOri@J9B^rPbwJV{GYkIa?A;f=Kx@A)&DLMK^D>h7O%;nBrd zf?Ut&(m%#8fQvp;ob;~!z47V~;0Hf^Dr$XDEWS5n#Gh{&I}cmRolFt5`5Qq>!r`Vw zL>z*Hv=i?RJA7a_^H{^Nt7&7B{`>b1Jl2c3_A6@Ho(8x^ehOyxEr0kAe$D+zM0k5d zIOUPc-Ztnq>F=Q3M|i)(C(f?aWl7A4`;HmtK}K?Sb=Pa*DXBW4x^P}Wk3fcAZ*#m` zoqlqG-brHlL56-~H-5Qz3s1UrfmOx56#I9`5C@;qHoDCPWnU9EzfEK0R4I zE*(C}7SLebFW<(99(5``&I{cJXw7=k_ULy3di!j~(lw>GaLpJ9v~kVWSl;9NaPJDo zIo~}OIkSFd{11%RIw;8EOI}?9IBe?a{nShk_cU?gE0A<_`m-RBh(9!ozZcdeiKBD? z$GIS$`ES8L9J5P{VVN+_aI=+#T)#mK98i4%263wc(2qx{(8TUL^9so_G?WvNUnEt1 zItCl_I)R#=ZuouZA(xC-@HP6c5YbO)2k=26`F?f*oL+qfqFtpdEi?z<` zXxuc@w;wn6mOBpx@3nJgl@IxobA)ac4NKUzl*VQqU}_Nv^r-9cyRB%M;?lbN`{%g_98eJ4GN~nk zClTC@*=bW@7l=SJVXW->K5S5Y?zUT5CePj)kFkrMx$DniA&LBxpEO&I1lll}Lx5zRARr%4#OxVTJ2 z&+Hh8kK`^r8)gD9BhvZ9fY-IcmP*OPrv-W*^qSm~=g*2{aZU{3VHB^o!i!`v5aDO3p#e2b6 z5XkWqKNx(|kmLp|uV?ux14}-h;dW_hhS7r_u6j(ymmB^S3s;+>FWMq2v?_SMLCzx4 z+W%->R1(^zP)EL!aj^d=v?DBAAmcY#eF@IfF!;1-cNgW_&|+LwG03cCL7-7(y{#-B zVoXXDz6?iP^vZdajHnpK){8tC591Y@#HqwO@lug%NBYxqZAR57PD7IyO&hf4`MDil zU1}foO^B*fdQ!cF^E|4A+ZR++YNeYXVjx0# zRh-F=h(O&PdPB#p0w&O62Ln_}02?%v1dOL(@2X%w2~tJMTTk(nLo#~tL9Lzua$%fbTpg#nz* zN`+Nac>-!(DA2c0bCzP&j$9VoQdz!g+_Y4wR?3Tx+GD62UG|3cwzrraEu4Sz_inSF4rwsDY>alC|i! zZ^$(4fFVFyO@6hYKdAF>&w>BY`2R&MKqFzIhX6~4p0z#h-R?V2^Xd_Y^KOgDo?z4u zqJ*KNJ!PIpFk!#HY5bpPF8}gu{a6^8?3EOyDxbs;S%y+v7iPx)sD2YfKdP5#Z$pCV zYTLUk$Q`VUL9S?32HpA5|9g1nUrG3iCi3u#D_|pab!0;eB5h{n(YT)&tRkCGb%wur zyM0MFSJI*=M?M>HX3kaa#r)ga{+H+bgqi6BsiDn##O7JlT7_lx3zzKNP8cQc$7s24 z{Pv$fzo4aQ&7$RHp}WN!?0>(%`%j95V0vm+OLZv?TkQW&FYZwt4*Xw$EF(U>^#Ae( z{?qIDmkZWX=yoU8Qr;)C|MSq-IsPL+=sirRwfaBmK>mMn-=fh`X?;CCf`GddF>t%C ztGD1QLamPPaZ$PJjOBdWv_>3MymNGNSqT5aH@j{Bl7wGb-b7GAU2&@ zM?>iZ1=-A3Y}W%{Yz4g^##IosWllx8!cP4n&%=PjFgFcP->KWJERobXgCyPZM8Mk` zmIZY?r!ehH;Bbj7Q#NrdFZMS71YJ{eJ!jL$^qBC7S6XSnu zB>k^>8qAW^-#`re#ZsCs4WYuaSbt${En*X#F@C`8rsp&BMol2R(Y6Q^VR{bU2}3mo z)e~+gF@^NZ;PF=6nO6m*m#fCr}M!;(2MTJoN!U`l%H!wp#@2R_fxf4-CP+}7U7 zDN(H0C2UR$GU}(OdmFC*1|%#a|J25wOFIEAx`L%@#qXJ!OZ8C4vsoF;+22u}-yPf@ zi~@2Blnwx`;s6yMxeu-`Q`_^0v1q z)Rmb{J_iE>L~esPm79+LT9$rX@JNhAx^F3s*XizFOaX3q?s1}-DRWwT~*&v)P5kW zK2!wmmtAxDHpbO(g7#i8A=I{!7es-f+)mJ(Q=L4ugWn0cUg^mU+ zzs!qRI|!#-FtkzOgsQb>U>=zmvbuhn&2{E8n3{(fp6VZ!>5VV9`UK>ApJleDFzi2@ zcHUFq8?WUszEA(Y|J%#UA0eRA)}+sz{QIj1s_?2tq(+92uPq9m1MrHF>}i;n8%_$C zxeccM>L6&NK1o)&sozrn`F=FL_EcmYhMT`1B4v+`0)3L*?Vd~W=o z2aBPSIEP?={J`LxoxA;hogQsi&uPzndw*LPqfM*VWgS+uOl*58y57s4IqaXU=2ZlZ zk9*3d{QigE%Vj6Q5&J7kK~#wePdkCF^Ufnou7mq6?^R4R;Sy;oc-IWNAvi$g%JXM^ z>(Wj+6C(Fx3-pFgHs?y@`AsSEdHz?mImWb|F{2!#Cvs~XZ$SV=SHf4*%N6x~LhC;j zSIwvWuFI0(2~qbMa!{FOdc5QDf|9Yp+X(C6(YwDu+q?R??`K+z`s$cWOofRjbPF~p z8RNs=aHwFQEN*nQwbJYP-dh**7$}PhBWP3F7E-q(9p>hl1^}7zLq~;W7%@g41(x|N zyE*H2eVt_`6r?c)&J7X5yXtI5y&UX}egQ?!%zC!veEYcMbfMECxq|;IDw@ccjlg*9 ziKllfGQwhrY8*JJ+YZMlQKH%r_x_Ul=E=0$M(@bn->1x72=YG@%8d_@1hxOE3u||` zq1$bZem`WRV5vpJMa(IG^F${+Z-o|@UM3?KSRHK zG5gI{;+sa7zi{4|sKM)DO10C^Gg)7Q$2bgJ^Z*Aq?zEyrzfRZT%NDSWKmQ;sI*EhR zy&8%VSaQT_*`jS9Yu z@I0C3>!&D4A^{!A0zEAJ$p(6%9n$@XOjef14zTEQ6#!+g;Rqfe65f}f92}$ff#p|h z2BJslVI(kWdkkE5Kig#uq_b%)QW2Y=rwwG~AuzFPd(C+UCU##BtXuA6;-8}|F)|S? zZ$u+#l%;EHYVj17bmIU1+~Sk`?j3!jV;t9pCqj++7>$YMQ-1_C)OeEq+ba|y2R@pc z6Zc?yJW0_`gxN0wtdq~6a(MMmM5~f&Sd5Kc_gH94)Qr92Z;C;$Olo1m_N*(2%Q5?X z)u_2WIorG(NP+vJoU!BQEx<2$7m0c;T@nB5=uC2AM7w2qy6>6IWa#Yo&qnX_NmK4K zzWkUsD`rQa5=cx{oXDZimEIw5558^D$AH%z{RP$1Jn$>}UqWB9CEH^G1=K+Kcb_&e zp{xT&S}eyAAp*>Xb#^^4W3xxH{>29b+8kcVWwWAEiahap^g@qCubC2*`;e#0qIY=_ zldPfvzv$uKe)s4va-nP-_-Y_%5QJzfx+6-XL*cV?V#=+n72;NGs!3?~Og2231$5l# z{8XKidPHA-DCiu_yT7d~O&*_?X_7jBnM58CIsbEeO*;k?nG^So$c_pXUWK%##}dZD z5IqXZkcGe%(fP68`|p@wNe1W845N%msED7xAn266sAnXySxX`f>ag9*&l1|qAnv}M z*Nd+C!!s*;pj{SemP~RftY{JkkKgBcPyF#$`3SbMaHT!V(2Dut_F0NH3+XUGV7KV! zO!yDT=)QnJ47)4Dgn{TdMphy2R1LfDrhrscNAD!1>@p1B2588BnVb3yw@E*@dGPE)s8nQ;#GkC#+fA z{Q2;$eQc$ak~=-o4Ea1wn_Y(97IZlZL}6xm;F zEgXp4d7m)|&Xz9TAhn}doh_UZIG_+m6e&fvSNhtOejQXBZ;?a zU8Op(HcfcV1~Ht37mD&^5tM*Ik}T{tkAm4eKf$fnLx7DQ3ga9cSq3emDNBdL3@6>v zhvBfuEdQP}d-^A)kZdd$$?uk#`2HRBSBxyoM|?cO$l3VLm~@yIg(|ItqkWfQxli{L zqK8o`(G6{&awO8Q;$JJPz$-GtSmE9I6^>Vip#utCn4W56E_<^_RSLDp80b#r8X;yu z*u6par1rK0fjnjoe4NKsN~fUnr^wYd9Sc8hr&4%3KL>!A(( zh=z*oDCeWLozn-F!4v2yRzhLk)EJ?1S`*+Paj%+~Y^l~0`BVq52QM+$9|Wj!pEu^f zK(xQ89tbD}7~OWsK~LaH*$Oyqdl3^@pN@>DT|iA!j^jK_g;DbTfZf@=6%uzmKKN)-1kCzsLvKf znx%<#oW(sIBptYVGx8I_87UB)3+T5|OGtHL89r^yDnLg85#B#*6E%t6_3A3`^lHNw ztdk|g-TvO{+UV?!p>E|X@wK6UW)1?1i=K!MWwPUsgWu^l!s~rAJ!IWLjAQo_SwZFb zFX**Fm@Mm|9|3k;y?wFCKQ`i)vz49^gAuRS+Z+cym%v8htHB8@;|(5rE`rZ91cLI6 z=$FOd4flIjgE`%fX{RxoEmW27{FpiQG~SSu-2Z)F?$^CS*QmhY2|7htgi^ zh0E}iuJR!iXd#Lx9jPFbb*)xb%tJ6*I!YfnhVBA2t3cu^NQ?G*QRThL1QR(pI}SSp zRBCSeE}xQzTCSXmcO}k`!k`97tENdnX;}xR?=y>3yuT?DGCOD9*b@a}0SnTMG% zYsG9b^HK8=46>Gb*5$mcp@6B)<=0x@t21Cs1Dip3ehnh80!&n}MJh8d7LV|geYcY_ z7RB1BNd?=GY%&31uQO~u#nv;y)1pu%n=bwdK*=6II(Eallq%14YC@_AC_*iqUYnQT zCdV~%w#p+4>JS`dd&r=n35)R31GGU-w?4VXXJ_kRd}56PTvd{Ij7Be-b!H8+)q zV2*fT_Qo*g#~Wy-xMFQ>CygSfiyG_Qwh5FWT@EGP;QIS0%M|Y-b-oybMwJemLPEJI z%#DtnY#_HuPC-KGpc`I(`6aCUlIQ}}bRlluz+AF+B9!^>u~?u}cFbk{omBT^>^TfV zjb0zv2rNOvV4a78xr%^)=1g<>#WN89?+sgUB^epkvDv}Y=v%^8bio$BOq3s#d{r!+ z<5_lc+Eeig9ZG`4k2!BI8Yu{86?9>*W7bU()hMP_WwO+-QmJPSRh&gS7buRaT6pCY zUy3ix3<`?^Jq&RrU0_OL9Q%1Rpjel3_8sS@cmCkcHI#SYe%2huo+VtHn+5)AbWFvBVz#E3kpYgn~P=CQtMA zT zGItikt2XqnUf!@}Pq&awKJw-kqUBfb%qTlR;|r|N$+6mw(lk{${Gu8FbS_~W_m;xE zfQJ*tU((k}#g8`=+MF{P&15GQT<)rh?%SDsp9tmnXU0^Z&1)fk%gC$Epz0C{VbaHF zoH>)9Oq93tg8i%!2k*f9Wc=8epkZCf`FOqhIzNLFZ1nqfvM-GE=S@!c6MgRoy!T)O zxfcsdF~;t%qpN!qvg;^vD%8S1%H;D{11%&@l2^Q3%GNTz4oSYnCH!|^<5()Pv!VR` z3NbY;w(mrCuJ8|@T~2)f()Fxqi&4x+jQRJdmNjrn`bLe zmYX8L`Dz}bq}A__d8mkFn869EPQbO=FQgKY!KK|W(v7go6i4c0NBB4a`WVy%eERk$ z+Jv2JnD@*>w%3JiYDDKt;OTYqnw4ohYAu4>-_Knt&m$)1=bpQVn%&@$r{{XJWjXkR zIub2#HAcD>eYuH|kOh(PEO8QT`8bhqIhgYh_Xjlu9YMz6^*L#v-ANLJhTA#N?&V~- z{abJHkR!OB1mY4uGCnI0utGpJfJB&M2Pr$Sq%$fp`lbjtX=y`M5Z(l=g)<=LR1|X8I7>rGY?%J2<6&#lYl8 zPT*I0Dg=$!Mt}a8P3U zv%#i}6q1YoQ5{0qU5uT3?ry#QHamr1C5&}TRIpb#`I)n2?=ilaS5!du2aS7Nwa~KZ zkVLfvttk|C**f;s{ZSEdo)WKrS$=>Bp*=R(G>*VFNsI0kMcmK-=w>W2<+*vEUFs4hHEY#o2`hvl|*CB$=cm+hDQo2gPX5P4H%ue$5j;AMvi^oIjrg)Z=Y82y;2i5tS$>oKcXw8)%^p zhqLFd`C{=*ix6_^wg;ea;V2Fg zso+}Idh=e*Mm&zh#D9AotKS;Ae3uJUJWRP@sqODdW}74Jv>*Y#J5etYz7RzKJkS1q z(d{LNr|&Jf@w>p=eBbMOyq?|~b8O2U<7-a7tp+ywney%qM!Y-W*3ml`FUI?q80O}L zp&D((lfFLJ2E>P`kPJjnv%9H6oy}w=WeUaIrXCZ4+&OUB;ffddC;QH%a<8Ns4@1B3U!4WTKmV4ycWj;9^)?AjHfqT?N?N z?R(za^&FG?1rlK{8uX9gHTWg^&Ig9HQ6SA$>1ik{g|jkyhp4EM4gg`2ie@(R9Co)x zw>FYp>2Df=Y_w5v)rdO$<%54rXW*yr>4>fe=ffK&dfIkw* z$fcPN2P-D;&=25Q`US4J`Unr18S#*>9LG}$OP!*LuHPI=H^O_&`+$Z=`l3~ZfO(9j zgc4*MHDE}-zE`dCb4EF1X2A3nD;104s8UPzX0|(|KywAHg#Xf?QtbL|BlA3VlOclo zO}S;V@XUY&%=tQnq!>tBcT##(!zwH4GYXq?R#2JT6*t?h4>C4N_y^76yqtivqG1N- z-`?R(lw^(~74r|&(DoUd@LdXlp6BFtxDrEdDCZsfkHPXS?D2BgU2z)s;jm^EexDHD zQ83OkT|5{9u2iR#wLOZ|fQwZ}V4D@VCd-Ea30JzlcJY=&6^(ph?*keC)$eJ0E2kg( z?fjb!7pSoipry&nI!`K15Et^kT`W>^oM2~YfT2BwG(v&QH9j>pywyfDK)6Of@bU!T z{qn@t-TX$k`FQl{e*b%+8cF0;1>HJYaUu3LMN5jEs)9ak%`I$aHU>GfS%f!ta_F^u zW*qH>UYLH$5o*(WX#jI-!weiUWM!L}eh$2n5~X%aQdv)kHp?g;%l6I2*fsz0-0Jyq z0D+@_E|BTjyjAHO0+n4js*b*kf*^x`{8I#BGLU9UZ1rQT+Ua*4%Ia?5MTsHlQ>#k+ z?&sY{k`)#|=yXSa7nH7PO^~+y>O0jC=4EXVnAHg zZ+N>o_*?F9PQll0H*7g+c;AnDC*Bue+M+4S;}EuyL+m_J587)H6dnGI1i>cl^+N)2 z?_GSqSs=GCNIK83rw*=6T(zMOHccr!ypf5N7KL<(k#v@?ploFtfBW&*JtkPTfjDl< zIZ$;IZme3kK|1WFpytZOoI7#6~GB+JCM&IpQfz@%he~J02^zZdpY}R!d#~Fc7 zU=kJ)HBV2P!@`9j3Y%O9%u}TGA;g^}Xt$?<-#|8g)!H-J*o{fM)-W`}F+0pR!>g#d zCD>w_e?|^oU1zlwO$^>_HOT3h48fP6)YYb2yl`yls)T=e>@GFDj*b zVl)4(buiO78bcwYXW*uy_-ClF1iVYdM{JVMn68bExw#Z_=*XqSXRomWT|>?{t#vlOVN%STMk8XMZ({E52It_S zj!J1M=Ls?UO#DYRmm29};STw$>!yN&npHNrm;70oC$Tid4J7AV*S8x66!s#gjvIEu z35go{z9VCTCdU4^E!qF`!Ih?UvaED@mguVQAO_4KT@;BFrpnto9bSkxAt6xJ$%~37 z;#?sA85c?l|JcwDKKt&_wI3Y0IFYqxo7ia1vdOO&cLu<NZ2L_(km7EQXok96t*Xz-pL<;*>`j9wqn`szUYWevU6q zyYDgMIeG)KIS%-(D+uY4P@Z$ExMIhX@Fl2t9IW|P>K+SKdX$pzX_}yQRqXr`^LcL~ z@lE*jtsdH}6t<`c(`hKK`fBDGU-#5p9Q}Ox+3Oq4uXMZ_@k9BI${j)ME15MVa;Nc$ zY&uw4!jg@QNLKjQfMlVPwk@Rc-}1Otcv;x<8m-E?HOveQAvzM?XKVP=33v)j!zPKG8_U z5M^A=`%b`*K*atyGCkVVk)&JrO#OxM+ClDz{rOp!jkJwPwtshJR#qtrM1m~0>^9GSQkxRm$~I*AK=ap*y%c9B zY1YdcMB1GyRPm!;+DNQNBRGCnoSZN^<`<}4w>`52k)D~Ppq3~$X8Im?Wv?j5&xe(H zm_f#X_o+m)wsj2r@jWoai$ zD*qcthLt~T!|wzqT41!ss-*1aVK5qmAR5`^)GT164@H_>p?ba}X} zf1}H6!6^f`zeCh^cl8cfv6-F-6iuGt!SOTOt+*fY`n_+oes6J*xfPETo822NRUOz| zt^P-v0JEp5>g&C7he2~^f+K-%je$Q8y`Ge8vvZ}!&_ZUnQr@;oX}An1t+ul+H{vcg zIWZMDH!6e!aRT4L28b`c7`YB5#9^5Iy1Dt@FhoR%5ZSqQj|qgk^~>Q993w5sLUw=D znF`QDC0mm&)a0cSrCSJOj?d0+?Su>sd7l>}yzXHG2YdQf#9&U7dQxdVnQfz)(iX;h z@JWxDPE57!_-=Va2X-kXkj1%*(3-A+POX=bkm&a?Q zkmk4Oo8DJREpKnY#Xi#)yx2V_nn5Nv|8<1nFAglk-^a|j@964o8TII-;U>h z^CwZoXP9#AJacaSMjf9gJ$M<%`hrC?}a@eO~4lPIzslpL;}l#NQDqsV0B zk(j$ZW=+XfzUb6xa-|a)`aD}p-1?LvhK$?ht(=(Rs9HELIA#rY1lt*}vmiz{dc1>Y z_e1Cn?)%%50PpRA3P2=c>lL;8b<(Bgfd>Boy?W2kI?Jmep}glq0#-|gAUm`N$9NbG zgFQq^XgFg)AFGeTjo7`dyVfBlL`y8Xv6b(~lu#cCUW;R-H( zEPQQg_pV?)l4}-0mSEcK)R%NeBrp(d?WdD>?NjxrSlorovPm_cw-z@Yr_ZFG4`G0^ z01hs+NAZ;x7%{&gv7^Km5AI0`-Td9OyL|+>JR|3Cpd^?;`yB#ZYh$Pp2`{Pca5+`%GA6VGBxcbjD^PGKciR&^Oa9_3a zdWidczueu8tg*Z5hyGvrbG>HJbu~_+6V|vaTrD0^kaG^Dzo)>ii0%n6k(x6^-_bjqD3<$J;6&fvJ6DT2$)^ zC7P?NGm3vD25lQz0+F1ZoR0(Z;V*9|7_IAD}V96HgXx>Y8`xjKMUaWjDxOwM3w7MCx3pV~r zB~Vq8Lpbc)qdfdP`nj!kV98N_IAq^?G8Wl+7f<%%95HZ}eD`3%e3xM|cUPm5p7vZa zNxj)Fab1i@2v4p&K{zrl&a65Ig}9#O2#at$1B?W2D^Sirq>O}cGqnFq+th6#hl#N| z*)gS;8jS*aUB4-wwd=;1`OtdE(??ZNKVdg%i6e)u)f$$ZDp!MERx4Fl&lgYB$(hIz zerk`I#gm#a2}YxO=Jub$A|@Fr!1z>2-}_V)7J2qY|2lU#6$KhLUD-yYAa7h`EMMJQ z(bg{m9!zY#RMh!Ywz7l13@}%SWW-N<<~BYIqo2^tUr#ODgNQMI-x_Lah9QQ5-Mc~% zk{5ms>XYUT++$i+B&tH$*y9zwTFlI9OXRF${^*xnZ>Aw)LpVWAG7Q?FJrR9NEFbwb z`_-O_kbu?(Xb6~D2n{(yTz=m?^g3oC-RXOO@PCzkeBFV1J#sAA9eJ2*;3!5>!jX}% zFjWg$VfUEOS8PfSaLw4MQ@U~HxC>BqU)(CZLQ2}qf9U~~2bNyV(ddEm`hy0rKIq`7in~Wo4_&c?6 zqfFqrTXGD}8~KR2yWLBM(R0jKomv|w4*#p<{Ys0*Nh%DA?=85r9MBS6GIsgZM&_F@ zErCEKesNsOyqvMOxSTo6+W=FFs51UcuQH;ZHH;o^ZPNEdrl1M&uTlG|l?G_C{O6{@ z2o)!c&K6+rE+m(uLAS{0n^0M)F;!S?qaXv!JenX9Bzs=VDCD?JoI*M8wJ_+3Cd6;=)fbSP| zTWyCS)S50}9Or}MriSsALW!-i>pLP>rY3?Ek35aXoOf{)k77ZspXEQ~EnUc3R(15k zMk&awYJ|q-?pYn3X!EXw?b>POogqwQI_|sWoTpB;0b|mg7|~}(9SKH)iftnmk>hh4 zaZ4e&4&6VR6%U~aI;0ETq$%sx*HDQR8? z+A<>vl1>?&SH0=~w{yS&} zyiUFI1@+BdvXiQ+l{AgO_?%2bpNMK{D#9??RtT;pR#q5ms3SORwG-uJz>=%3#&WzQ z>`Wz0Z=1lp{c@JOi$;*JzrB2OPGTLSXBJjz8qhQDnneP%LXU;m7iA;;3#b90L z*<(92|h_$Mz(^Q71 zUXCSR?x5BxB;U4HMN*mJsD~3$6pPzb%UAs17ML6Ic?>@;;MA& z+Vk1O(rmbal9Cy1zu3M7aKfb$xil``;;*DVT1O=L1C@6XcD2(MaW`U1@BA&4Ea-BuAhaQ9CbI41c8tf+lC0CCKNy zon&&gL~Ba}$i*#b3s8jcN|v)a-w7OvqP(7BPZ+Wd+H z${8K^(9z148eA=i-`c>7zW?9i4A1}Aq>Pv?4YVh!p{qp3uH%2t|F7iz6h(YNKl3rRy5`RhGhVmbazxsIy|NLajLI)%z`&QgIZP+L^Db-s7M<MmNiW~!97$ld zB~Pl=&K`%7bt!hc#Lz69x{O?76i->ckN#M%8R2S0rC5rZw2KsfjS)7mkSswBMTeZ9 z>{A;vLP%`1k2utyZ?w$4vPOO^G*^Ex;N;}{hqeOo^grB00&Y~Pk|jcuk8k6O^q|<~ zWr<349((EjBb_iK@}YXCe#un3rE4ScpLD{MU)`*eiwHsVR=N-TE-q@y`&VKko^2csac9c8kNkUAY{NZ@wTmfqIwaZ-v;sH;LG^f{(q8dGt2zwvncmK6Rz!_B@a5ZSO7bjOzm=n5bj5?re z8Hw!d8FLCvzW7sYpn;na+nTeu7g1@eXE75$ukW$@R$G4cWLdTAtr-T+Nghph-lL!& zoVB3fX|rHuUgfU^ALs5T=36sH!*m6)aFPFk1d)&i!p~ez`l*KxGAxF$RWJ+wYe+@E zPJVwV0xWm3NF&TKo7J6*-$%~3tJ|qrI2_M;2VnE#z9@XW;aS6J<-@Jp-u9-VL5+3D z1TAC~zsr4vDziBW z6N!N3-T&RHoGsBtrmQkFV=C4foXks+O<_+~tEWYgNrq6pXP4RypVdg9BG?1J|{gr<@CCFC#8T;pN{rQIU?t6MOMFam!;GL9N!#%_}1R&1AS=h$?d2b5yS zSda))x9J`A`_=pAU$MXj7Ep~%@PHz_ItA)cPqFiw(t@!lY9M;{i_Ar40xizV zG9uex!vJPu%%R!d=!)*?JXDqfJql^vz)0>lO6D>%W-uPI?L%fVKSIv$0a&Dgp83BB zd&{u6mTp@(xHs;0a4?|06Yv;TEJ zUA?SURm~c6%rQ=L$VPPqQGY^uqkV`TxYOXsqc6f(Fv2feq*`vGM<-M%K7ZdvxX;(O ziy2aQw-N+rn;om3m6%c~6x?2?&RjWg;ccAXBXSq+g*EA_5Iq^YZTDq^5Ou0moB6Ak z>(9FLbgpc~-}=3}R0)`qssWolM#n>F9vIQD29Tja+}~zW$wDCrFQYTR&y%(3(OL$& zYO&h-Jlj4W?!u2Euu@#z`#e98W^W{kGFqAkznORt%rDo)g)j{aB%+Bw!I4pX1pLCC zT>d8T(jG<2|Fg#yC4L@vqjq*9wX(7=pDUIKWgOp=z=X;v%wz(y_tzWtj=m+CeZEZ*aW}4@R z!VMErS9S+p1={!0S@F>rixE#`6r;EZIcau%5QOBi>A>!Mn-Ftz0Wzs<*PTR1IIdguw_j1kYb?_B-%*xj^$Axjd4 z^yc4m9tnn83Qw<}aQgfA%oam8drYeTzy<|f>=PEZdID+c2Pq2jOKNwk581eI?XlXxVt- z54FbCK^3(OoUrshMtD~>=Wh#qs7*~3jBjs0P*weN?^aut&T6cGNjS!D;qb*wakam3 zEdW2ZE?B#$x+DNEesKSe@l0a=)L{M7m5K@??`{?DN7v}PE1@%#9DHF6=^PJRcGBTA z&C{2xHE-0h=DQ5Zrr=@I39GFXF%5Ui@erFg!gB)niRv~s;1LnBFyRa#GS6Gjhf)9#kMGJpVWKee zM805I27z8CYfD&Q4zxN0E(ut2*X4ppsQ~zD41A>ktS$Kj{F`lD3`{bRZD8@XTTlYC z5goG{GVR^U&RZ>_#qJe z<6>kD>g{?k>R~wM%o`f4Fnx?c6#AZo2N{fD+UN84zav*Iu0*A-C^R#09ZMNieAhlYg}UY23Pq?_Sie?8Xp6`?Shjkmb#+`+4<2%3+fEK&N5KbpHt>stUyGkNV6 z>nfa-ICMK$+UYS)##`%Sq+nBEe!N~2eD<137&W>Yp^OYYTCfCyBY~nULvplGHf`3_ zW;Xrxhj%c^PfsC5MLH@|VUzU+Z&AgBh0aXG#Lw|95apc+6 zW`a8=xqiz{mSwY~d#Aqp)>bmeY64o1lGU-#l|+4n*idR@DLxgBJZu~Wl1PQ|mbTds zQyg@Gqe76bWib?cU*RGeur~s|)w!2V!JxVQ7#cpp@TY(qmj&=If1$8T9J}wYezolEstM7Aj_+Oqm zHymA6(?t3vPG>ze*T;0U`9;2>4Vbe9L_?cJg-Ou7Fl`%4btiw?7=n+_$sd#VG&rzf zF0d+qROo3Nipa}mj<$5r>zioP;$UM*o*IYbU~x{yNj!djH?DFL$h+xgtEcokfIbZw zAv~y&h6`tavVR|IufMfbt~#=zUjEb{`!PqOmjtWB-W$zVuv3^6XTQ4lFB%W)1GKEh z>jwBdH^Dg~8p-F8@4X!psu*H4$RFi~tCvC-FByn|DC^l4^4rq~m~Gv-q#Y80=@ zAOscEG5R6WSq4(Zr>6((1Y0=AfeIom!hesslCd=`ymX5_XE=`5t>(;iXnSDXVAr<^Yq&qwj z`~lvkisSjt*;@3I#WNu^?3M^rE|y;+1~iP6DoFVL?n1GpRpeRXP5h_WC^WPE{#W{8 zQp$A9&|w&7G2^&cnVcw8@gVRtJ25ddhK=`)8D|3Vg^Ynp02I;UGNLSCBpNgklNPuK z35V%zPbZ(aDk&A?N!jxOvpUhbnwOKPMBA}=I;-E)?yQT=9af$OB}zj-^g(=G7!-)c zky0AUJ>s){n7^5#=Rrs6tnk{ybn8EDi2p%Y%sVU+UR+6qz z3b4^60Lv=?BmLuAg!KXJ`6x`EZb0Hsv-pmACpLyHH7+B;pZX!-#Hfl+CJ;@6lz|>w z<0rEpBx@b-9KX}L@ccCS_U5UJ3Nu77M)kH}n_U9sD4If1o_W05>`ZND1Wk>OFkViP&QTUp=!K&7Qsw|1D~s?HErq zQda`N#AB0nE@e%D{Yn+;zt@2-jrvW@^0ez9q3Hau7VcbR39WcLtjJ+~eZV*E3ceBr z647G}ED^w%6alXqQnxW?dAy_9=0bZi2x;D>Tm7E!&C z-#5qz2TNQc-NdywH3U7kQ}~$cCIb>*L3#e4>E$Zi2kpj))07Mhun!LwS~N^VL*bG> ziKLJrj}t1I{+Ua$8|_=ai`$eSzi!3}2dAiF1eo<3=Aoj1MNcK<+MlYt8obG*oL0Yq zsebP8SSlOgz(`a&P&zr2-?@k2)3ZPf(LIVX4*POX+8NI11x8H+O! zRSD|VA30V?#JuGsm2NG7YKv62Yp1&{RV&qMjr~?PJH&$Ri7`xVH?~Qs?iJOYdjns# z*S37vldvSh_ame!rBaCbQs2>acG9%#qi9>i7|$h zrTeuu(>x`4(h`S&_^cNPk!W9f=EI#KEa0G83rnWIaYn(p-X$mR8F_V4JxbGsD_n## zyFgR>5rWc8pre_b#NDt*QO~jT*LG}E0TtG6=3o}Sf7l&iUxzMA9&@H>lK+J}x_R6b zfK0nf_{wOZuWblEEd!S}HhbU~3-Mt5tMbO6e6>umRL?l;YFbouxERTABs<`tO`T^$ zhe`(SS(dp(G+I5L9mZkc!hxu6B_YyOD4m0?UNLHI6&-2M|CA^IC(u&j{S?;?wD5(; z0$BSd4sReL=Ry%jQ8*?`&kxy;z4lmN&qo~i+dI)$u79-`ndI8ler?DrDMUiiaP+aF zFA~@hCaFQ4;{3gTU?EA&^Ip&00#{FPHbAw<&UN*7NrBh3HWf15LiWjDH7)W|!IF#P+{<^9x!8rZ1Re8~U zEXlyeuEhj^!GJAba3-Z(h;OLYrX|za6$1hUKt!_cx=d#Z`r$U54HB9?PL#)r>1XtB1i2cZRA3U;zBp{ z{B90)<0P3)t1ViDFDwV)W)!Iz=H!NX9(WaSXz6*GEt!&i)v7K}?I1h)xNN8&6VskG21pS*KVTkt8F#a+Ubz#AW zVvDha-pQ-7BXK8FnAgcw*27HYla*s>OpV$1;vd9;0azY}ql0Gg9a2Xs( zDVkwgMk;Ov@2&MR_Gi+yhV_2hUYCl;T;$=x1$4W+`z59yml&@{*D2`@^>=ncIi>Cd(d9mC{6D=Q50MLS6u3KK0(U;V1) zJ8T>%k^;A=r0E5_)JQy#y~gXWsmK{QzTRA*7%=$`6WdBJ?Mqj2Arv*7r9(rmzPzq; z2Tfbxp!rNI1qYgcg~(y=`{&aa-s6fN>V)4X2cD{;9$7^f)0$B~*zX_bV-Nw0>6izc z#!m*%8oqD7jF2#p^NZ!{CfAi?HuhQN6lVGf3MFKXXMHKHoSqNTh12dM%RIk2=xe*L zDkGH@8cuYdVB=xQ@_gc6r3ve)n6fzYVgZK0Jc+QG>ZuVi{>bTl+H5OMF=YKl9?8vx z`vbKvad)@>(VqUxuG3#r=-*CHZSVY{;Lh`lTq8TVt?Jcm=UP3=yQHPbg*)k@V_J&m zE0A1d(>HV8I+PMd=*uItVal^18B*1jNm!_C9AcGaVQ_T=ArV}(O}RF(GMkd)W+i0k zai1+<+GM$n=K)B>eEZzrM>P(l=;7;pK;O31?q@)<{fS^j@{RA}7j!(>ubfKS5RX26 zZ1VjH#Csj-+##p=cXJ|gjH88#Bwdo67-idY=#rfEsH!7yquj?6n9G ze#G6LhC4y_M&pJ@=7gn;jyI9cU{XV zC^sUUnZ5E{X$uv5G0xg>2KWU2-Wi4KV0h;dEjsO(Gcv1HCSi=6uVuKEi!-`5fJm62 z9@2-QCE3}CDN!_Bg@T)|$s|7wLrj%lxn~u1M3GI9g$`cAxMRL8PU(=DkH?(mnl;k) ziX2>g3O}xZ-Tvf!{l1WZzvsixHHEXWi$_i*grTd~e6#47Q^j$(hs3?!bJpJ$9(MBH zf^K)iKoLo7>;x`Lb-goN4-LdKTST?RW3lVgAFf9dm%otau(H&(Jv7IYdJAv6ncI$@ zr{O0jD+U)DCJeQhu1WItZlZFDJy5NX)lfs-Mg}tQ8kQ!kgxD^EB$fz_w~oLc>p3tx6`9G(+{yIu)|7g3Qv}yd;pZ;8Tyi5hnZEv4| zmlitwuh(Gk5!{xQP}U3ie^qk%;}rhsLGR!IwiseptbeXe{PUgpA&iEA+kO!XkNxu# z{U0hs|M_B{fVSS%4Ky+*q51b~Soou@HQfcN(gS7 zfC|M)+@D3BcfYUo#OV9ryj|TJnV`X(0Hp%p{>8#LMM3!X#Lo8#4hRI!>o5D=k{q?M zIf|jYb0(8Uj#IDK7TxTpmCTRp$9I;93Q-N!xX(iq%#FvXYmJmOeP1{b9$y| zUJM}!n6QlW>ZXJ1oJOR@Kh8yte{bI3U;y~r{r+EGxQb7Zg8qSQ#?UyGdj4?9v}6jC z!6L0tP}}mEi_5T>QS{CC%bCqu>4ttj)4{8@d|t+out8Eq21m4Wn-x81_nhBUD?6Ze zYGZ)#>Eu1tyD`*FXQ#+a2nojL2I#WPe(u{Nm(E9!XqhQtNxvMc41qYa*ab$M-Wp%1 z4J<_Q@?KW(i19*tc@X!KP8NaATq3CP1)-v(0vUMk%A6c-<+kH~)(NW7n|9J`*_-fS}HgO;|n2YP^UFz;Vg54URDa4m*> zE{IOEy)zsXYv~9~Xb_EpXb2_4TCGfkcV%N;BLU{(Eurf~b$R3U!dyGQ*#C#*)&Kj# zg$0q_PSl-24qB6hKqU_iJ_aYcd zfR3In?jHzQKo>IcH4nLP#tDT;+~8%Gs7wzF`psW2V?{S8VVkbQ$R8>kD=p5R%B;Y6 zi@;H9tpPgS?ss>2q)K&&;LjR*`#7wac`_K#RHWc9w3duhLRqr8F#~8R2aW^sUs9-p zqfSUf(gQv9$xXKBKX_p4ctSS~bU#>&0<@D9 zVxxd}TWcM4*l!nT<;O9qVs^E?w$;YM_fav1^H^bt>W%Bh>08wtnYG*co*3Dy`RGNM zq53|UZ)e#)(V=e#cK55l`il#CLn~HyNcIEzdT4<7iw_ji9519=S zCwtpa+*_|{HpG)3zhRv$aH=OolmEc8t1(^ig5>lw;AwHuW# zF2z5}C@f5h&tiEgbQY63y`8J;oBd<>x6mt})g|J5pj|g~1wJI3!%({uzR$B3Bs&I{ z5^DVhr~&G}cM48PJhM*s1MyDGU+2#MEHZOQ5HhZ=jZaMYUgQxAfNk`m{;?ePVW>|_=Xod`3s-aVWyYC@zk?^T%)|7#EbeDIbh zqeD#t(uta4Pb-3Vn4H2ug6jZT&IMH#-+bf`bV|p|t!gGNA_(WIjM*VnSJ#~O0uno7 zo7^)CxW0RdFM}d<0E6J>GMvyDuDs%f@4e!_{K4iZ(t2tBJby*nW9 zkwO*y9hFPZ2_OKR_GQ%oluPe)-&o(_K&TbKAF|5B`$OMGWs1dOij) z<$cn=e)@i1WHbH!)SZY7ftZS^uph~=um$;ZpLMbj@_9vWXSK+J+WW^AQPt*pXz+_G2(d7 zZ53f(6|EsLfV1vXN_pPAG&vZHB-x}4!&wl=$O#`2EonJw-Nmxc^Z$lT;z2o^}1qf;zHa9ylb1j*#Lq9c(h56Jp*HO$^$ z`I+^Gn5P}42!b`vhZhiGAe8*g8+MLKf$>K6xpFpP{O>WXwk&<^R!-IK61*Cip$Gz= z+|U%_KSkr}aESxo&+BY;L!~0Z4_{B1WU`@r=Gu)&(*dS2Nng|l&wLSaKWjGlmNQ() zh`aUSXJBsrOrMl1F&bxcB!z`4Cy(r#Jvs0T%W$tiGpLeTJ|CL5GQ(S0W-XmBD+x57$bw^N|EsC{ILt{<>n&%Zserm2`cBBs$@q zmz3zZ$KskmQti(+NR5~JZl|c9i^mk;VvdExI6o68&(Z|*(m@iQDo8@Zq%IYYDLGKj zaW{n&^yvO=C~ptMOzG?rsmBiVpmdDR-#`&)4gV4#|fD zjEu6P733aA2g5=C|C3ftK;#u77S&)GWLCaD(`fnP1ZJ|rPVi9$h9i;|1t-*MTlQ~E zom3^9nI;AhRWGQ?JAQp{8<}WSa6p%}q7jj4Hkx7sl!V>n&9vC`Y06QzH#yPP$^sQ|kwD0D8HgQt?3C5d zp_aVvYC`I$y;Ijp3VU;n4~HAp7xWpHmna?&p%OjCR5duf4S@q|T#zN-R6L4xtL_@M z&|m!kOARS`dQaq;}=7V6fE0KC4p!$s$>%h17$z_q=G?(nu{tlFirfz z+BhnfMog2b`;qSPlD`2D|FAb#btR8^c`Hq)G33x1)Sig~cX8MFYp+-NK@=pj?jIt3BnqJ3+?m?= zU_wkSEy(Uvt!fS=)QYG85!vxkH2RiUuH23mTr5)kI2wPbK&W*0hmM7GS;?s`k+(o-vVR7)}`TY;Fma30I&f*96qh`s*M!XNTr$aI8rhUZ2h~%LGvjf7USRvBB z%+HTM?Z2!6yxy|c`s~6so^%<8=)R62I_^{UMbF+@f@H?L*u=)&dD=pS1a3b1yoREl z@AYzWmk*1Q7aAiXeee20B0g9_pfpS8_7PQ`@4_y-2{c^*NZ?WZsEOAfUT(Due0q@P(mqJuh3iR0lV`&&iF`n6n zw<6S-wsqpb(ZIkDQlV(*f%@7ojpR`VRYcI^{uC+nV$i0;V_u!dyGULNNDVl-BD#C# z8@%wkpcA$DF6LMUnU9M=^v-bT_wb-=hhCUYA+p%b;5m-NJ-WkvJ!&Z0w#0r;WNc7f z8{~@amuax6*;!Y26Ak9H0wEh)yJ-u~JSXU@~}2 zto7W|VUUPZ=GRmF;ly^0eTsC#jfCCCp3nkY#qd9FD|Bh6~vkDg z+}qCwcM3^C_#yIyNI}M@;s=9T{bND2C|^x*wE?d)E@${QCX2^P zr9@rPlD(!~XL_5~$9q;T0qd9?*l}~UreMj=J^z7a?C0>W`iSCCxh?zV#@(ybt^oA? z_af@l0)wS+th)pvbFUOcmIr9rOUwU+2HLlyrA%D0#LMOus-Iq5OkE8|@~qHjduoG; z$}*@|oV?41vba-9F=lIJeIvZ6g2#o4LiHuoq2j; zfO9>fB*Pe48TQu}9lU&P*jgJ=ZT!?x(g%071Tv-Q+*4aMW&hpMk9@G^jQ(*wQgl!J zyrMVoyu8(|WxuE3@*y15-pC|r3Tr0yq8}st3A~!_kXKii{9sG_*Jbp@ylYb@q)Kel z;ONwUr4Y#m2Mw@_DTa$#+2ChAda@~~-R6dt4kDWJ4w{3t^A$0*pXh)0S0SsEL8vWj~V}YPTzb9IuZq=hiVB3{wl8hi8BVGR_9m z6!1E#ie_A!V16?$sJe6AI1epy(4d25o_=>80pK=o6d}dNK0TyV*xE{Gz6$0a1A2r- zA&Y#82tQyuSVu zcs$DJj}HZBoT%`l^^!wy*&BYmQ{d%l`INoQeHM9dA6eaguio>!JKG-FW2^SXh6N*& zQH}fB?7WR+rD<5io65zP%w(dyfI%IUdRc_bU6nK7L7>UDxdN!W81qm-sU=OalA&Go z2{a$xuqqN&Ji{8I3}J}4=(c={8U1Ku(>+|HkvRQ8^)3&J2y5QHOSE~31#giIAaDY7 zGxmjpZEL?V5~Uz4Q(NvP7svR)fr$-_iOu)A#rPJ^j%V?((DYQX<2HYEHKZG9ZzTwW zn`peL0FyZudmkMuEZY3?bt0_LSstB0R%Ci1z%^Ehmnd6MhhdNLYnD(?03;fz41IL* zt)#j-?kLoU)_1?5K29s08^pQ56bBT$1o?BY)~9bZxINj=5m|#f=a!wLL=9TevZl4w zS0jyR>OK=Z5qGUx;BfMA0j})zJHTb`kkCQzmgDbGH}6=^`qyGzay#C%7sbB9ygO(9 z`%&nBl+_jGAE-R?px?R&e14qs?Z)-x?%kW?yLi#H!E^lWL;ZRqW{E{vSFl@5ip|eN>`G~8~(l7n)Eo1^tc}d~|M;Q4? z+x{Y<7doG-7uq84*Q+VQ^Hd4g;vLmVrioL8AUp###vH<$uF0uzRW;}(AKeE~otnXC z6yNqpmr^C=lT|k4OuGZt1&1IP;PoURsadVBsYym4t)PsS1jw-CG+QA5C1bka_ijoO zO;Je6`&C83fWM21{;%3FIEU z8^?m#tvNeKUtgMu`#&I0{{`+>89>_}c8Np{`w3^-8IdVH7}d_emWCtKm#3i0L`qTY zc%Ww0BM{*^-Q^`{{6Iy*j$)Y&Ku&Dci+(qP%^^AwL2!phcLm~{7@Z~GWR->y%v4*y zQh&Z5>>Nn;y z8Yqe6ibjk;qZFk#OQ`XE*Y2!$)IXlqk4^$~QD&6`nV5f>%;4lgA7pU!T-9+GGYxgU>%=?8kpY2851!RcyXVv?xR9hFmP_RbXOUDuM1 zI2}?*$u$vl{YeUt0T#l9I}uRxTgd$}v*9ldOx2+HetLEwCh~;}qo)L;HgIxKY26@h za#@El)ysq49yG~FRhFCal9W(f5c2R58&K@ir^Ld%T0v;QNBf*D_C( z1u`+U>MWM|Dn1K-0HrG)u;|>Gd7mu)6I?sd7ic)_lR^(D1^h%y=FQ1obWHK!NVAi`c#-$2 zsvE|fCPo{^m!`jxl+t_Rw5#BcK8T?eIpzG!hkA&SB8VVw~#gcNf|t2j847uIF!)c3z(OXRGf^_iD;`!qc%9>y0 z6aa#c^E6&hs*PK6s9%gF${=2yn&C-*{X<&G|EK)_OoXu+Q%!zQRW^6beYqwlDkB!( zl2`Xc5n&ym*&6O4E6yb5b^=3wW48vDCx!+K>2CH9$Fd&ue3gmN@t`9f=&$GI>12 z>qV1|1k+@Ix;-lQkc9y92Od84#P@@E1TjrLqF%=zTn*)Fa71<;Gk7(k*6hxNac@ML zpv!vWRJ%muzXeIRL&iIVODh6IG>S2au@D?o-#7_cTGQqKE#mN^rV7;C5glt_}EC1*GVjs{gYw=rKk@;@CK*fvz;eJ zl68JLOxH6F1k}%5nh-7svCiMWX8&89t0|T2vlXensGalVg zIA8##Bv9q9iS|Aegr{0%Vk0Q{X<*i}E7o zNs)2#v6|p&RCrb-;Ae+KH%@-ttXIk~7eUEnaXh!c2r8t$-|t@K^V?uctt6omCEsFG zMkN8#8zO_qh410-KA0QANB1sDOh`wnbqUOe*1~-TDXtA47@w;OGvoVvx81vTW^&U% z$El*Bs7f=b(1VN#@@MXKv8XU&=A;ZRY~&o)G8g92j(g&oky-e4qXKunAf_uNs1*Fd z+nU&JVqT^Ge681ob2;`Uk+kx>2F7BNIhaEbaDnBF5P4(HzQ7Sg@>CT|LwTj*@C5bQ zi-W$({2)FoElM#;gv!FvB8YhQ<6ILBlmu|~CYA3(I8AwadpNM)Z6i3%Db1My-JG4= zR2{>JJ`97&No11>fJH_)Bei);+pu1Hv{l6}8oYsyfK@}T7Eh!2F>Qj$y8V1Jjzqdu zDeW_>89?RN@0oV<&p8lC-R4Onu~~|+;~x~Bp~-39BU*jzBTo!C_g0TK z->=D4{P-$hdO(;@Y&&K}r`0a(c3<=N3tJa8TAZ`1Ybz=dw;!oMJ0T@oq{CZa`o)3? zpThHv+5NC5^ZXL~OX+E`ns{Y1)RSO3V*U=*R=7O8m{HuW$JVulhg2&O=<~rl}=J$T#Y)w7f@wx3LJx4}C&o@~wJ6-slQPP2& zeh5OI8{Mr1`=I=hMxjWvRiQ{%g8h~NCw5x_pWELvO|(Mrutk_Syn_lBVFN+wlZWo9 z-&~mEj3pRJyGrI7w`S&0x5m{Kng*U&Zgq3Tl-$?_FQUtvSVA+(WogT;f4mEdj-ecH zo%dx>V^kiZ3(M(W?=ZWVUMh5ZoX;8j#H>mAwhDLAcjE5GBp0o`hXxC)yRAe_8OqJ$ zx8rz^pkS5+Q`C6UcT`E*y~YqCOvur<`?1h)qBQA#O9+Q7?}g0gp%d<$i6=eX8;@}K zpc7Hi=fRdAZ8gyK?aG4RDF=e|o77^c7<(ZRZxia;D>$;6co5YQX@d(YC(ON{MimSh z)PNP$_l9J7K6Zaj;|4@3xZ-2g)$ltGGvBXpA;y<}7nMA)I__0K21=6h8!Laqlr6I8 zBJI2;Sf#V=wW#zNd8r%v+=@)Bqov}^gQM1 z7CDw(6HWM- zZ(aHqleXBpz@PvXUS^(+mc#Q`yX;=O*qeN#IA?}yT?J1@BMo;B9^1&u1ZD;n10=9b zgWE}CrRPEb(SC+e&dr1Qi_`~Ch#WwJNHkAxZdizLLa}s@ zFEcL2X@2lMZ!$G3y2N|_A))9Z)Efny-H@;Y+)<7Xs&Z~-EjqLo8z)j z6XmQE1JDcL(xk9#0Zg%M{!r2%`zCRJ>8e2y*`W~`s-&b>Sb*i=bB#rmpVJzh_38RJ%gt5e zbU;yGAb2kZX~V?!?}zI<%ya50gOZ4#nO(}=_bGR6;cFc(&~`~*bDY#73`U?xi4_>h zDfzR9$OIsVf3b0rw#1c!8Q}oWeuQJ6J+bF;u#oG@nV;HEF}MBZt6-}j{6x@LVnOa=_EwZ~zSTY}ySYu1`oVsNTW=G*nJ1wxIhKm49AYr z!y%Zrk>NSm^|BwVInB;T&er-{%e{-U+5O_l2^nIt`_^9X30}AARk^3X^rvV9hB=_X z&#BO#6tk2Myyk!9mfuq>zgnN@-RBUXLkT(X$kChu*%kFQMgeqO6Zu?Dq95lZ3I!%!T3&jfvzv#0R<3qM z&GLC$1LwP> z5#v!r3ty{bBZ}HkL%DgiF?XgOF%Bn!if*Wyg<1e7q@Z7?^ke-ZIDHTRd_p^`0;#VK4KA9cE76XX4Nr$ zr~?I=Y^%IpOiTL)SqNB>)27weVyh1VjLay_zut}R9YF%a6vFzyl_`lUM^K`aU*6f; z^usyilwlWHY!r;kK3NMz)z@!!#cP1;8{TVM*bEqWLb;q-iK$mY%|@D2vQi*gluQiC z!izJN4`rDHLXiSrzNE;FuZx%CN8e7+mjsz(3*HC_@{qu&>GC8aj+7SLS5zhY^odBg zE_vFw6u?rKe{@!`hQjM?`YcB8hp~A98ZgI$JF2qN7l^QYG`v0h8K)`8Ko21|XF@h7 zJoa!Gn^#m|pqK z-TXv#dly~AkjAZWo&zUI#zhUwlSo3_QxI@L1fxB?7`vLRkio4RU6aKoi~Zq)686bx zn6$j8j|bYf0A$wEF$qstW&!hZ8)0`KoC1epnL}q2$rzh}tMyg&3b)S8$pjS7DBW@( zO8SRlfW$lVwGoN*TCnJZDed{FOk|3vRi2D_s0^M34<9GifwD6*icKwAI!eQ;AcqE5 zep4Pyk_pw>F=-wR6o!}e1?)oJ5oAMLJ{pG)~3#t{f*ispbJRa2_6P zN_sAOK!N}_=2nb0H{R?0fd5fIqAuAj&?LYI^tHk64fPN4ex`JJ3H#1zo5q3q1Nb{x?jIj)GVW_njI zZ4(nJn%VprMaU9YH6J2ts~N<@yGys`6*!$oT6RAq?(-pX3B(&?&`Yc(V~I~`)-pg% zyWlLva&0PQ?#PmDc>co%ehwc@)9MaK>@N56Zd@qXZ|;y9YX7Sk!=L|MWe;6oD?7{L z)%3S?pg(VUg)M6riuWrqjg8e%zW?Kn_`jh~_Nth1h!9Y#4)&^6esKRzK{fd1r&g{Z zma8O8fz`D$@DJOp|3^*(FC@#;&;^qD=%VMs3`r|^WI-M%0Hj6jMP{L!}Iq__RATK9kMNqY$dFmo$nb2t6pd$OtFkG6{qsCO~{ z3n27gXXwJF1`~Z5Bhu~uy*JhuX~1o*mIRku@!_HS#SLdx8rPSy7o&We_;4AGA=k$X z{@c6pXCmu=Ks#{6VZUym$9gI8Ua|`XA4?W&wnh<`NgO%NN*s`g%V+g?XIlukNX4Ij zJg0f?RJ0q=B+-lE`yhtyjWCz?wDJ)3K*5?o0*QU~^=k*&MT*Y^=BkFn=bG#pa z8_43t07RFQJmsrD_#5c$3icl?RRc|?T=Npl^-28?pje?$BRK@@TebL=B+Fp%SF-shEee~NdcWBJkng{Yp<0G9}x9d z1tp;#^})GKYF8P26Sc|^Hsbw5$>5r+rFkN|&R*r!r|3-7KMPI&AINSu)UVI7zUA(C zA<*|_<%y2LE^tW*>(Mm*e6YNZVc7%Lcg=xFXlaI5$h8$w)8Xe=VR4MC`8vFxNImfe zD#nxgD|~(}hwMbW8X=9YbNMlkdo76GZTPkalJJv`xLclYPJGFwV0QeYXlk6?j?!to!{9mL&y4sXNHkM3&#sU?%h_$gNB(E%HgT zz{t4NU(#k^1Giyo=Wg7{^$ZB<|4&459UT7yq!SD3I&ouRtuO>O5ngC>lkZ;xf4bL@ z^P*cdSa(+nb)u7g&JIYDF_eyk7ai@RrAK`Dg}ZgSgm^I|OL=X%>RM%go2N_6&huO+ zOK0*;Zgqnk|7%|EHIv?BuN>Iw`2~ONp_imhV=<=Th{~KbcUa%c1q>dlnt`^Hmo6oM zrMC0bJy-dm!BdR-sR%kk(924_<7lB})Qua2*d9D*i1|UB?uXtBkN4?|X!)mFD_zEAH0B48635YyRt~a$CcR_wyQ3*0?Gu z)<*9aLM9(cD%uB;+@_8xc3o3u-RdP&XP5l#bD6fP7uE*i3JHrMm{~@bJGsvIMjBEb z5}}e|&DD&GVZ%(3>4NK!%-ru|@#A3rxd9@?B0XNZzMtZ1Ct|G4Cx5B$Qj{cO=9RW$ zNW_OG2LCiUrBM1Glte&M8fZ0Q+X=)69d~ctcWT~lWUpGMO_>S=D<**s>0l!LEs=(H z;$oh*S8Ta-C;{_u<@>d~hOUn^Mh?H!K<4#f0CK6K0znZaW8h)qo1+&Pa~t|go-ok z02JXb+PpZSKhbUZqSw6VV||vIU&H29;Ei*;TadgZ+*9CQLk4#p_0S??FIrG!d(W$+0Sg}{Oq_bxZcrsI?3 zH(15FvgpgB)5GW!E%yVF;m;Gq=C#P9`ivtDQ|JZ8{4yWi`wcnc{K!iZYKK3FQ5l4Upz(*_Tk;e~ z`OS|xRH4JsI;2#{Wa@fT!=-@@swDSitlclJ`cML-40 zJg`M8Aq@b+kl+i?qhv`il|tArdG|ODWj71rI&Mz63|rLcN`*&$PK@q=yjKdYfd1iXPJX=wSQtv4fh&Xw>N+cLFTeMRnXOaTd2oB90cdsc z6g$w(X)dPkBp|rF5~ZC^diwmGuL|Cq?(s$L9p|4u*2U(5&YCc*C zt+Gu#TMT7ZyfL`ywYpeOwq}w+7O&C*=Axdo0ygYeaJOcrh>LG9(zrsyHo4AcIys)~ z!*Yz(Rk<@L0Ll1$harI6@Pm2r14feJ59GQN%%PH?xv9TGH2L2wW5uEE_c zcyMd*g2WK!%&sWY-Q~c=aTF zx!NWMwGO{qg*6SE7#kuydFRi%`|i;eF2Fsx}+em;Ffnv&I2$3jL7E zCi-ZnGst)M71O8N&wFQ$!G=|^W;*wf?+?dan|0ML#_9As-)miVwlA$NiuPl+)_&O< zgFUXdItwLu$b_P*UpHZxQM)JmSFxoi|5IXed7ym%c>Md$1)f8>7EdC9aGygQ^sU&T zSxcloODIT${b@iBvyK3lVi=(c$Ny?>^z01RZM&`vn7Igb2VH3J-smh6R`ABKHH)s!DZsNBR_(fyd^y+pwGKe-XyH2ZPK=Q(WNDp?n z?f7=4N3KfuV4PTTrQwa-hliof_CP*Mncph_*qo;$P6UxKqIxDPe4(g4-&-hf=OZ<{ z#_t)`0#Ty!h3Wyfu2-V$dkEgNl(5Rd;TUH8ZvE@Fs%Rjz?H5XU0c5VrJ+3<_b76FT zXGgWFcfYaU$WLmM2bkS>@M9Qh>@@R86ZZcamVI$LUA&LnWGo*R^wU5P&rC(=aaakB+`keBSxb%QM_Yz zywRAiYe{u~ajfmYtIr3KlM&P)F^5#hzJPF$vDcPay6~sSSk}m!?af-5o@cj+^sB~T zjiS`zk(`cYUN>+$wKVwUqV4vbTEfQTekglB)P@qo!9Ou1;r1Sw;;Ac|gKC6{u-daE zuQ1lbsz5)yM>YJu0gtqxH?B4}>r_&I$<%|wrjLEyCZEhU2C;+GIP>ohyv^sR!<~<7 zr!TpAd9a?Uvw4-F^W~3+c@d-C1z-G8TnjQc^0({(`qy8ktA6Ia-rSNnw9$ z>|4?b(9ISL$O;{`uNcKB84OB9VTDtcDixUW|D}Ug*_EQHm@Qt><;FVCKxzuImeg0r z_UY;(4cu4Q;hyPU<)D5egox>5hH(PMl&mR0+#6EaY~YVPqhEUs>;soJDCGhHg=V9& zL8*lYRhCl5Ib@0IVHdZPDu}P{tBuqImhrMg=r1U-K&h|}xFNTk?#8SE_v#>>pw<9J zx&+uQi2@>M)ZvdfTF_6C?R7+Upoe0L1q#~bR!!i8gBKw5Yv9CNkU+F8O!OdKL%TNgLmT0w6;)-v6tGl+2 zy6!sxp>mo8UUN;s%Nb|;>xrpwlicQ)le$Me#278te4jXt=P0{vdrf9q(xUP*HrBrN z0_Q)6Dw&4}8X9o9((K=W3wg~IxMSQzn(`Tlj;GZn?~n}3#BVMrf84Hl0alvg$%-8& zX_&(_SfT|d^_QXue(ccDvr-%O(+!%=d`EF#={0ZyRCl@KtvAX?U(tYtI84zb5`0>* zDq21l#nQjpo1COaDg5Z3AJR4ZEQM{TE@lbeiY(To5T@vv+E4SsVhFPg_Pt2mTk zI&ek~^Yo8!6rsGPsE5G&@B(eEoPH%tCl8|Y9_39%+}uyTJ}PjwhImLF(tx7nkfXo` z0Yfm;B0(v;%^3NC!0R1Gk;H^FAiZ}SYry7_HdwqJeQA8FzUmbYph_M{X95N9v_ zzujGxH?6Sr;=28fD*Y0t7wR)ByKgX+Y63HRLY1u4wdRAk8xpHGu)`9i$$DwD>@{Ov z8v~O{=|kJ}x*d8=JLyTFL=68bQJ!Riogy;i^WKb-+NO%^%)vzC4XmKdH@=W7Xsd@x z32!Gc139LRcCIj2?l*E00+r=<<$k9*w)t zihBFG5An_9bL5X@wFSGru=I<)P+3Z@X@n0-_y(;%OL=Cp+ToEM=T8LeOAXF=)& zIS(AWmsb40Mj&NkrKL^rR>*9vDI}r~1w^=s_BS?R?xYo5Z{OnP%rrm=AltOAf+16L zda*N~M27Hrfd%GoU^4jo<1*R^=Lk_i!+2Vlls>4UExe>ng9;o*P6QJj9mv(~-bkll z#{(*00S8GS772Nf_&p<9XsjRReerMi6>9bs{VaVI~J6CNz!bx>M5vY?RAn|U^Gq32H9TVmxX3Xe>hj0mz<5%UchxtJ>zbbqRi0& ziYyCoD~W8t9U2_9Qb#?ufiQ~3G`WKMHWY)+T9FD1L#gN$RarJm>eZP~R%Zg1Mc$r| z>i#(Q>Cj%)-mF=kYHlK;(^_1}2%NObaU};z#(iK$*39+F48&@SlOW59O0%se>^6xr;z~Y z9$R{yt&2Y0uIyRp#=R2}X#ljzl31PnVi{PR`H4(1WQA2P;l+;&cZdx53j-JP;BRrK7W8D(m`TMIqTr|+;)-})L3 z-O$mPXfKOKio)~hvx+r!yUr^UYwW7K4qXjP36+l)e63<{MKV&G#<6mB`e-r&s5C~}P?M*oXnpy}&w4D6B z_V?{*1QIw~n4?-H*WY9Y9DEug`%y|4U zw-vRZ9?;R=4ixF&F0ryYCM%p<#~{jU$13h8>Yw@&uX$=&l0Q_$a8|jItjWws^@nrn zS9jk2EJ)DZN`&^8n!lMZtA)rjq|62fZR_DxnSd!>NZ~sgE1IGy zMOASCC*F=aE_iZR##*8&wOAo7F(P;(ke++nIiFr>)QYWiL~3u0aDI1hx{DGSiq$A_ zYF^E_xL4kMpqg}VMfZI??rNK(|M4Bd+#(7{#lV!6UhnpNQ-ciVVWa*@Dxl9$ zF~;t}y!Te*(`OPAW?WlLv_A5NkaQ2ZGPn|Eni(WBLm{`lA% zI;~zuLsH^_q{>O4sa}3HG`Ate87R-#3b-&n+ ztXM-G3v+E#W*ye_yTZwhoj8bw=K0P&J#?dQM}#ME+|?XINHRd}$hIQ;S%zBXVNu_k z4To#1D79;EzH4-?x4{z6KP;kbY5Gge{fo-GmY;#oS^$TAerI(mI&LbI0?mtvjUhulAIDb;YkL(}y{yP;qjaQ(4=dY@UWiugn5m?+g4lNC0fdicb)-Zj?$2dVg}T`qNP z-dTy=NBhVedkMonwyU* zQZVSPw;uP~hOF!hE$>#3^p=k~6&J7ucZ(^b(sj0s9g#}QC1nco$z=ZEneXOzJsh{g&jJ`*H-6q+4RI|wuH~x34|0d6#rv|pnHyF(&(H#FA!k?H*MuE|$5C*}Olh%FE1*y&ktK-WpF z=q!{I)3eSA2?)SS$n=9#45t;)__XkosAjnzbc_=YG60}6;>~b|2fJYyAPgeXXvwS3 zev-w^a;wyWAu7rgjLynFj!+$P85PFa)-Q}pJd;K!0?dYqR6V?<>nKsv4q z35g0t8m_cJSR;iL1&2qFi|buN%Tdec?>F@1+ws{R!s_Q0xdto?GftQ3eIsQ5AZAy=`G0Z2 zRAh?xGz$}p@=^4QfOF%`?m?4lHEsN||A2jgn}(%qtCZ7Qcgf>Uh|j#PyBt;p%aV&K zC2uW6{vIiA!ZXz~|NdfhnyT9H*od?U+OXR2h zjEG;CJq9^;C#k5Y04%!wsExCT}3sG^=^V*tsA_2q)CjoP6Ji06$O7dCd zUE-!hKv!OLSNeg-`(+~{745UeKGgX+7@ns-qnu^UTmWl%Yd2UqLQngXw{O83+&jeS zpW!F2tb&yNL@<|hzcF-ftV&D89zq@b&oK%z?9_#Bf3<_A$_)U^o?fUTJXoA^8eTS! zzN;dm7ePpqIeE~xgNT(qj^if9ADwad&5Fv1p54W% z+VM3=mfxbu{52a#%gtaD1uQ+^dVM!l5Uxj38j!7GuX#cD&IEnl_esTi3{57YCo1NK zzP+hD^vL3;D%C-)sbUI`OhS{_(@a7-`bET{GQ{zB-)E@ezbongF_u0yvlN&2Fs02@ zBLSNm;;6a1=nMw5qzfUL6q7OPSW*T^eXZH!+cwQTpLwO`zNprK20!8OZX?_cybR39Ghk{ozk#a^nbIC15Sfu%Z@%?fC+L-@aiH{6B z&il4)<5@yV3jXG+=J(1W$$QN!wSf^xntCxUfvy5B(5F7}nm+bncm+iSAE!Vmq<7bQ;tz}cE zRwyuX0Hx(KSm7KRp1@V77Xt{WP5KKIhNB;}^Xls*kcJ>6;cGwMYz}1cGM*5@VHZBJ zYpM5$kvB~p-TXVz*pofz8`^&mjnOM%PA}~RJ{FrJ_%;wCcQg>o#qzyNlsfh|%e3V3 zbjWQ(ypy5;1=TlW6$Tw)F1&Jn^uSyrLRvSE|c>sz-6sBl}3?9g=NsR$K$hR>n3Sk!14EW#Ywgp zG*M85!M7#vE0t1_C^Mmr`OUqy*_}E{1(glHnAW1xP)4}s1O-zv%~I6%_;4IZ#>L@9 zu2#^#VUh0}j9${iVH>c2)(5S6<5YwGNQb)n#Y&?W34c%NeC$ohT-BzZ=WM(Za7l&l0EOenKxsx~O@@$!kF8ZtnCj>dzmGEodBG_^>g^llZbtwK3MoUO z#oDAmYfOslrA0L4_a9tdCaRJSi&DZhbAunhtEs_IG^UC<+s|Ce3H#uiDeK>Ur}U>yb_uFe5<-V4%8RRhkAH z9TH>iHGg=zkw_r@=tSaXgV^cKRAJ4dTvVoYTcebshs9z_*cvcO z?%E1G9y!<>^Qz2dOufyxWIs$bvDjrFTzL6_MxN!a!lv4*0U$w`{+TlK!lCJm?nv;Z zV^j)BZEiLY7mQc*kM0$JCWK;S;H*JuK4Y{3vtUA*$G5)2*3FVw9SB7kWa!Y9p@jiq z--3eKptPIAh9V5GFf|T$e|P_Ua9Y|O4u85c?9o#tTXRXott>_ zn-AW^xV4tW)uKbmdqG7|pg^jDkcWE1CyJZS28s#tKT>ZIG3dQsXG2Tvgl||1i7e;AyFvem2}z1*UPRNdDa?YVJZuUO1UpN1 zABgMNb4T@AU+Ak8lb~8jXdmjb0VgwpNxJ~!BdNo#`=yMa7MW1=*JM~@;0^g~gY&lg z499MLhICZ{+`R2F8Fh?#s%U-d>mU6;Ugi|?lTO>_nB19`XZW=oNmsG0e2%In~V(|k+~Eq)DB%c``gef%Dr zLa%zONI9c8Q9g3JA?&x0d0UV`q)e;qXn-sYPQIF~BKrFCp65O#EVZ-^>C2FE zn1Kmu-k#;t#_ZfVKgg@DM0NQ<_ugaklK?K%_#=Oih9)Mcm4`h%8I$*6f=yWIw6>sQ zojv@XJg{bm5~QRfOKp-op&)0->zZRZP?r3eVPM@$bL;m%*osnA{;O@OhZPE%y_AF7 z^V8MzxsGhWE+<}tcfDGkXvtV}q(e^x&@CPyM;pnH(C{dFa&P-(0WjS#zv3FI9^wXR zkI~c%WkuZG#K-E|^S4=QH_MjGIF}+tU<);_MEI1Wt&iXZCCZbK2_}}w`gfTj%%AvN z8GvfWH>;Ds2I>_RnFkx4Ff+R=BW5zBM}mgf%JE&9t*ptZ8NS=UGQks!U-Oriz4+rW zJ34xj6mdBU4O}9PW^vq#+c~>T95tgjMt6m99;$#?#A=#K5z9a1W6<#!InonI# z^4FRD0dZF{CNd!+C*$+PfB^b5^P>;xUQJG~L`_-5G#?^K{cc4`*9^yaQ4NKE7S@>lKu-RFXv5T=Q)XHPQAx}LDHIy&nATy=o3q3gH<(ltAEiO$ zUo|hRrb7NX`wA<8JaZTCdZmTzrvYMOGeg5Ia^(8KBr^BKnrc;jvXJ6%!PwUay!@t+ z70|6bdM34B?&3joxO!%(xT@2DWnjyvZaHX`m9n6vtmsN(U*PI1{W15@S84Nc;UQsHSBxd58Y#r8A!zpN z_a(OS<`J%%B@;doej#RlXyvG+gk`#JV9b448rRH0(0<|BI(p=!y1??|y$>uwUm)bP zz^%!K3Z6uFgJ2c@?{$dHX%uBNkkRsoyElLTgMZ69Zpu>H+iu-QbC8h3|Bt4y|Ijz= z_5UJP>fha2{O{N1Cx8WlR`qUnr~d1C{l6RBn&13o=zHVk#r3}q!k;wqFS_L$&kM*u z{U7+x>l^(w1|tGd(X_uWZ~nh##b}woaFNL(UwHnd<^1#Y+5Q>>8yZE<|H6NSUVn3t z8tVNc9nBUd`QPU(<*zZM1jnj={4addf4gb_=YzdDHk7a#{Xvx+HVjcQ+|s_E;7l zf8L%=i`fkhq2*&c1fPsG{VjIrKkvmGTIjuaL;J4thF7K=10NlBO3(9=_3mMzX*1!o zS)j6t$BnP zS-{1RYGV|%HK!&c)C2hV6g>Y_dl9&&-Ls75!%2<@&$g-6<=}5f+z$sEYiMhE8CMUs z2$Xz+XgT+TNUQ10GGlesI}OlWgVoTgU-Py4qWc1~*Wo$79$8^XLpjOm)3b|>?xg9KCVu}2|(ZZ&d$7WV1j}w zWh5(fVw^x@#g)x-C?=EectbYyw(WzP=Ml&LVvn>MwI}=)Eh7y>9&LR8>g1m+0o|dXMtcF+UxZb)zfar{Ab^K-Mmn$mQnj#xsw4^JB;?tHJdSf zf$MoE_p5sqy)2NR9*XAJr%e;82e+as;#vz4KAV>3{PgN-XS>3XiOLFI&AF zRM~{TjmtvK_#r4$r`R`a;U>k@PG4-7>ZLnFDXj$NZp7kkZQ0O+id(Fe?l<-3aF(plW9lx@e(K_At***IdvaA6+;;lu)w-Y6J$UNoWXZm>o(y zrvdPE8@Kwqoz-kn_pEL(3-A;i^uB^5%d~_Qz6O1)!_2L1M5G%4GybkKnf>hFX()M} z4WHmJ@ql1~*v6q|9BT9SH)UaMj(qWMh#Iaz=!cBtT#ol>E^gc^C!*mr&xyz$QG+F@ z63&vs!(!(KmTd(^*nP^`1aiP0^!CtX2v{f~#>?P-(q+&;!SmG|(S= z7#!Z>3`8OoV)=YN6sW_zn-TO>Vc(Bn8RlnCLwa2aJEYpMshokhbB?aM(Jnw_II($c z{)<>ZVDsQGKUW^N=!gnv5rqm|*Kv_T?O;OJ|I8InS|wAe$Xwh(LQF-f-)jF$9#xS9 zSpvegxaxtsjXMlv!VZg^&aMmYi&@Whu}~p+nr(~0 zUq$L8no_Mjw@&(wOG25r0Oj9z;$%Se{Sr{e)GTf&`S#{j%U6@g!g|`(HfGRz#D|)vp5_AShSN5b;*jQRS~!|(WWE=o_9s>5gPZAOsMr> zsvjR0w4Ap3EvNa8G(wdpf7<#wD`UqS>(@t>IQVA_4EMla9~bId%1T;V^fEIp=7ll^ z^#Y#pW^R!B$RMd1BZZ_}3<@i2OPE5u=t9JMqcj<=Tu6X6}^0yqi-~Gc=BmleQ*7dkX z!4n5>cN#8)j!bWMxSVw7)k%>EKjwZ5wSIowC-zbkWIW*^B6Z7G9NrS<*-u`wC<2@rO;=%aeqFIP2i8egt=*R)+*p z0Ts!}m*Bho3AP~vR>7Gf2^58~-sh&ho$TlqJ+QZ)WR5V2lwug%(Tk5(1{smP2aLiV z;BLR7kHJoLFoMyfrW3C1{j&eY@u{>+3NDcSHNIcL`;iF?Rt8oVM=j4*>>0`TCTw1G*$JL+hd zsf6qsu5fddN*_1FiW=bJlvtoI7=18kfW}S%*ceBDVwe(Ys9Tg%Cu2Z6y&V;X29o)# zP4R#XA_AaDoo&0^o%coBE17ad^OB^U!_JbT;@|6Z6OqXFu*Vj+iz&R=M$Hj!_5E`4 z4>b99TYK>mdKPSmQzK+|B&aA*E~KV8k1Dj+K4udk?d6JeQurd~HA=lI1Jc1k-df)m zPv`BEal?=;7Uo~V@@77!`9DW00K4oWXF z4O5&5U=L;7#uCoz;}MYt&q!%3JB!dl4z?DQCB)c8&Pan$Gh_V>af4R(g59^{UED3c z@Zd1Y&#SM*CiA^z!y$yKa{gsYdM&P~dH2`CFx*UrtFWmoQ1Vl9Xz-k zo_wV7^x|zme0+@3DbLU$==C_#P`4dN_ANUt&?vMfNK5#B&l7?y&13d~O)u<&(>|q8 zg%D&K&3-`yDzlLhq!T~Nz-tD_I5GBDDi}mf-v@w~9|ku$`l)>|9NdNBnM_F>M^qQ5 z%~dO@$XV?4quISb(vgQH_6i92kxwOiCz5|6;y!e4yOnx^!YU@7xP%gQ(^qp3jboc$#i6Co{p*5_%-TaSHlgzLV) z;M>bU{>nKIbz0x;_3&w})Q5$I^=D;hs7w(>B;=J{k-dvMpWWl1+&W&XIn|Kr!F9d9)WHnf3@3QB}~7SrP+8FOv;@o9`-ja8SR zQ0ES4=fhxK2TTlQ7WMx z_^RX|?x}$h=cWmG^L;>dgurl^Ab{=UIn;P-MQkN_Kh`Cze05-cB_xK-cS!2>EN5r= z3qbYd048EM+Afq>rn)1F!pBBZcmJjR)RTQnELL-wxmx>E_aRaQ{Us zfUk9I05=Y0S!DpXsc0)6pK1~}RA~FGIsxQ!GSGu)E(=Vq&cz>1Bv26KrQ{nR2yJ}! zZe@K!0DG)RA~sxP(zDvU%co~ymq;LX$Zk2T9ATi}|7CZU)Rlv^U);ONJ`R>hXnFXO zm6RPB?WBh-7o#u7+Ab*k@H>zk?BRfw)i`r?)@JE(w_mNi&<8KJ$_K_oDaMgqS&deRg7vUllz*|c%?{N&Ev+06D4 zX+N;$;yqH5PVkXiNz}xfH(Z_S;B6K!r#;-VplF#v1!$rym z(Y#JSBcS0um9^&~@6(QP%(le6>em0i@o$9_J zE1$E=HMrO`-Nv_F@J{&^Pp+|1q1i)&&k1_~P5 z!1j|kKoZP3h-dgTI;uTm?Vv-QV~ZwaCz%i!sI{?)!<*Lj^`dcR^=f{1X{2Q-rr@-l zW_*nB^WOF<9uG0`3BTde#7i?Okd;9O?BP@@q{jq3#|Orfv(-%nt|=iWc;tHEu1gdy zxqXdoXF|Qol(8Ap|5HxdPlS(nBn$K zF0Ja>CofqOE7MD0l<)+@i@KL1;9Z2!Orqc(3#6jczER%4`}Pl~br;1=qfK$T(9HG* zX2)`Xf8hAIIsgT06-`gG9F(74$`k3k}DnrYroup}8= zs5e#;*e1a{EG+ji!Q4>(o;Lnqt2!kt@=Q)vcFX>~7r51JVog(^K3jyF1&BQo&+TNN zIyI%{|LHw*Z{De#N@EanP zz-h1nF&o3)MRg^#Wuhp6UTqEb6{c|LNZf(2wk0og3d5S{AKlKz+GMN%GrsO7u_u*NFvLTtIla7VPjlyy#MK45PKIQfAgZrtL}Y5mP)G z6=sunD}L{a>Tyd}B!UZ{4eAk;faD8W~I44>fJ3%+jpT1kY#3BI&uO0|x$j zr-oa6>|F&FwlegtKIMK_&CJNB55z#@=2uAYyvZcsJsdM_?t+%roPi4=^v#6)e6Xk@ zGe@K2+eQ0s+YG9w-R#C!`;D= z^BZ2lDUS%((++Qt9mtZEX`cn%INk*f(a0}iUODyNR?I{iu=Aw4|fwf7)YO+m zS%B%2(5+r=Gq8dFlG8!Td2gLEFlEnFHUm zxEubj5Rf45)7E7<%Q3}=R+Ws!bTp!UPG za1ZL^J_zQ*YK37wAm&9XDu*xmVW4jCwgJ_Cb)Ex-KXt6ZwJF&P=X42L7I`D%7rRV- zdn^M_YsT12bVaaxp9*>%-j>*##c9x}f2S7NGvd2PYa{=;Ye5$L?A4IQq<+145V51wV_A(HF9v&lm1~3hhh#1iz z$TGQunIdG%YTAtjaCEEsb;TrtcXfklOq#KWZcn;ZeUzB`f%W+zt~3e|w*WOPeMuI0 zS*GQ;&&OWT=#g#z;FdMghJ$uN7TK)7mX z&Ea%o{Q@&1yc5!AHAS80cjxMmHquakvirm8S-W1PGl`d@4GdNy4u`3CYj`5q*?5u} z`?TU9dq8wk?KQI~@JzLuGhe>_p^&CP zj^d;_X)!T*#tU^@k^04&z%7va`=lPOt=S|`0{Ky$kr;ls`h;}}cOd(&&IJIuMSPhm zb8EyVa{`dU(>TKlyUHIJgURqi2?2CY|1gKC-CA%Okplr+Tc)ZK78i>PjY3pOpRwM> z1qTFC_K#^@yY~nHP1NlDu9TSE^Q0U#IPgK)>#+PSn^FPFdYPm^k)l3_bY!Lj)0`8N zBCmTuw8776w!)985I_S-k3O+H+7vb9X5A}C9nG7AIC?nzwxqWX$JzDT)DMnGvS(we zmMXKDy5m^~882}`Ojs0^bcgZxc*W`7C>1ZSg$^iWWJ;JO6tQk0nEg+_7E$!Ok9uW# zwf&~SEe+&vZ?al9_d9kP1eTR!PQu^lsk{Xx!`2%X5orh0(Deibh3N;jE7II{R(@*m z^{mE{*PxPT^Z$^%M|LO0aEqbNdnlm~U!v>k=G|QPSoEB4_ z-Ca(F8m2#qGv-(J-Sd{=?0=M?#}_DRVY2!fpg$8pp_QtgnjtB1S?0ve!~gsHuV1_- z&L_Q4S(K6*eUy)_uSD!S!tEOjNejQGANzzcK{x>o*TCG?qA!qUo7#_TBWt^VPJbuA~pys?4Vwx%);MoT9x zyZdwKivDA7@&mzkW0HO|3pbI1EaDXp-_qS3-c^Y$>>x80p{%Z(*f-KYMCx}mpFWT$ z@5<5i6!yBeAUalQ7%Rs!{#5DhQU*<0~^e#a%c%6zcbN7pDS(%O>6J8|s zHHwB>CG10v!D;N>AG}qE4XX;e65oDw%WLn@Vm}Qgyyh$-kvTRs^=~Pq?zh=`Q7vBe^FQ%w7Wl?{nw#h8lsw-F&GDNuw6Gc!Pzg)9m&o_Gtq49?pl%->xFpBHkuP`hj`Tc@fqy$gsaIXR zCBE;#JXe*cNMl6jOJ?@vniX?K&8avliR=e^`l{Xp3jG-NHJr$bb5BwiQ$6QVuGKa{ zOj7u=>~4F+8;z-<>4v@(Th6YSAdn%}Dr!Js7gRoay);Fik72QP$rI`h874 zkBo|e85nY?$%mKefCjD7S`WhQwug-Mg5?%MsRfsv$j%M$I2aedW2<^SuzA^NQqBTm zM^`iYUNf@YXLnTdHQN zg6^P?Pw(^B>X{)-4^#+jj1nk#Ru6X7r`K0mj=}<5(gQKK9lAl>VmBW&n3R+u%b{#8n5~25~ps+7r2YJ7=+DXsuMlf^= zm5ub59;QF_GuUMmj|9q%M>x$GCJ-k$af6gj^`NIeURWM>h%F$!qJj()Gzm-$Z&?x} zfv(<4!#aljkAu@m+pAB9tPlD>$CR*lXPvBPuIwkW4ri{#%Tn5}IVjwIeO~QG2;hoK zP4wqQ^^enxV>7>}u87Wcn~(&y6p@PTfdz!9hvJwBZ`Y0eD$5I~eu4`m7&`0tyuG-y z7h8!wJL?FLV1}K(@sM%&$DJ+;fmT~v`($S*cIVRsxvYbW*eq;Mn6Z9X^;#R?GwwA< zD-&W|nia~TEM*~tVSz$W3WDr6?#F15&hlF%{L@P-VV6e>T*FS2-uc zNv>59o}cf(HFas-8rw3~dF(S5a#ja+iA;unf5FB?W@4p^HH^*icH%uzAeS8N@xHsk z1m;F{lDh3gwDJ3?c^x5B^qI53=T+a>Lzx|{@QK zEs=Un44klWCn;vo?dIC67s&(&(jBVx!O*@L-YRIfs=x0RZ~HRC%%oj zQ$QAok5~|e#7z=QxP!T|7T$DV%%E{4kFQ81*>`?GNZupWf-TSA%xTe(U+1X@Dvz6! zXG`c&W%Zw*4EfYmi(xl4o;IUN%TNff5i&@5auU1Aek()6+KrJh7Lxr!g`Pcn;Qtb$ z2wJbh0Cj@6~T+EI=5Z+Q2od5~~oF)b^4Zut;w#^)#=sj?PG)S!tk!u^t3=cRZ1*%4K{ z*2iEDn|}Ph!V#CI%7Ire!TtQkyFa?8{mGM^OpRDVzovGJ9~X9L3<0%#ajtvl>hGd1 zAsX}A!4D#K4-hVD5z^ljs{lLj&GhP3qFtQS?`keaGV zpQ>NgsdILnv-jo`ya1f@6*1@j_L@6%Mqr=OSMI5m1RD>4cuIVv?yEk z>m6tLG7iW>k6`;Y$2OmEN=WH=x{dKolqWo3$+{+h?XcUrI?wIv$zdVrY-E-jeAXZ% zAQy-EN`-zwx)H4vF4e#|C?u5R4+KYP|0k0yR%qe{{bFAM$#F+3m^htA`g@KAd3)m{ z!?tt$n)V9>43xFigxkEyBGXIcdPa>xM=e%~&L0U1cqvJqE|WW-0~Z!F2zX}$CIk^A zb$glJZt@GeBU>t!BfpUgrOh;pi>r8|$D`(6Pe0Kxiy{vu)u=9c+*7z_SW22D2eLAF zeg2|BbUB-cN_8mlblAHjf$VXKG*KqAk`F{u9m%`3M?{Wu%e>5i1-;crtx&A-&51*6 zo(foUzjf80ti*JlTlHyQ-u@bJ-a@dqBo&A>`}$U6G`fi`ERkjM8&y;xUI~5Iq8I~7 zT}pAQUNa_7HdC(D`Z*^*W2z7&D}ul*0pel*-~Bfn%2UJCcIZ6pkdV}gWB2!BzXwSg z*=KkLFYfkZwvh1r>di2EwD1~dyQx`CN#RcD zJl5ZpTyo&}kl8oCWFx2zqOB3oV@Tt?K{_1-L)Zerfq$X{9&m0yx$jAWkXs@;;V$t+hs)s76kfZj?lcGg|dniM1=+j)LVicxCfE)6r8b@ zkQE+oEfoSqmJtA*i}4lV!ntc+B_^;HWg}7V=MJWY6IAcjTXj%b6v9^18HEKEBGlSlyuaxLgWFmH4f|?y)X9H;|F09ClXDL*`f;+)&rg2vRL%%JZ_)|jdg^K0zwHbjU^qdK)@#4Q(VK0`08){)|B`GME5A1LYbcK>eg3OXn0f6 ztYur5XZj>aPdnwJQdvPiGd}|8Fm>Dvw)$9&?RMee!#Y6R1#%|7ii``<5yn`7 z@1yWBSc)Lg5C5j1oF-;ByZ}%Cg_%(tx&sGAe<3sJ8d>JGwR@^m$e+cyM@v9q7zLtY^=T>wB z!}DP&Z-Blomt1mPVkG<@QAahf41Jo=APZr^BVf*qTUxa?rHmDf14%=uGp)p+k71;6 zVDzk-9)uYfBYTa^ir!(T4=^*)%zsRIng9?o9v;oDB_(jLzgOahySm4t$M_@^wf2>t zkFdRp3J;op;)3u0euw-guf@gy1&NC)i_zr%00BwNAH;tDQp)`fJw*V51=tn!_t^G- z`K96e_YgED|LvncAO=tnrQ&2pcz^%xf1~37z`rS9PJ+VZ&~Ti)jT&<*+Ofy=G!PME z41>V`1%UnAH%;(x(j%jzs}d3t_vic38)`0h^2|FCDANpaqKxsqiVT5s0`Ea4P!p)M zBtBr(2e^M2sT?%*N6oM~7jGS|H>v13I5^g~{&|dPe_!U2AKMVC zeR|ovOlZdM`#ngrx7&c9Ok65?&L^msi&!u6xGQU-vuUx-GNdi%%WpS84p7(KpL-aZ_WsNA&T0A-asABy zJW5qNjOkLH@R5->55nQunD{N^6r1Nq8Arm^W5HGQ{jI^@z=LPBdgFfOrMMX*FZ_Fo zfBgieGXuX{dYG}V(YFTP1`#XcWtPs}>WQXpnWfRcRX%QLe6;6(m%0ljFPK~6L|5u3 zBxLtR>&;Ui*5rEGC-3E3$aJwW%~APE;0q1z8R3GJpQR6eI%C z-)HC@)N3hoG4r-YTq!$Kkc>qD)39l_+AfX{#drNxxy@n9orM{5#SQHjnPFhAtv;&B>58!xv~ z%moQyo~75fS3@>l+pqGWuYZQ|5uv{2ywG*#(YxB)MrQSwd2df^bw*4Ow%b_VJ?Nkl(z=y6 z<)WT%d3VqDcpCqvo(Uo&gKu1|#>;Nw!VDHsI}XA9lmFe|hw@gz%q+{wGNhz%!(CXd zg;rd}47%0x>yObFjM`V6Y*W)4vnSK+HTV&rAPBQq1({hlqM5HQc3d1JOIpa<-lJ@S zL+I3H?c8&Q*WU;8zVRCY?q|$MYf{2DoKUW3+dx0!i7Tk5v!3Yu`B}Sd3MO)pg%Y$= zr)^k0TVHe{{&r&pm8uIN)DH8x5JR?9ygXyWwUveUC}7nZw94{f5pnc;p%d+x9JCbD zhsQN@(EM3|7#S#AgiimH$l|x?sBVF+pePMHor5*g*?5n0PZY_JbPMvEYtaF zBx|$1@F0Rt7!n2jsao6@52V1cok@e|_(qmaoj7HqHU-BEc-pl?zzZ}9vfWH4mpTZP zEeseg30kp|%65TLXhih=LRcY5S`!MkiRC_S z!aRStdAY}&a9~OTtD*H{fmkyrI9nDuII@o2ms})Sp}R<|VA9b@Asf4tok=6?N>oSH z|IY7;^+mSf01f7BK4SqwD@4+}E_dND7yS!+1@|pA)Dz0}5~=C?)~RU7n2yA$vSFT5 z%BNTXs^ukWs~HjJo+A?E4$V{)9XL-o`SCaLbs~br9cHT+SNsHH1azUOe=cPsLS zIuQiEqE?%?s+C5`3a zM=(Uo73UV+9m9a8W=QmF1fpy`fvi)3%)k(Y&<;g03lB%}y@9NOAD-eleRq0&N5RSz z8HFHbqxYq&?Kmf?Ivpq)*|8;LN`?b{?f#h4mgz_svrs5)S#&ENxNjjCqiB($d^K|H zew)cl5I?vb&18@DBT;UVb?MQlf@u)n&l^&4k$0L~-%A9zfQM42(`-?~R9_L%#93S?Z*MqMBpnMIxhnKIC z@UlQ^5O7YgRaR`sdB)Y3Kk2P8yI*IrAa66}djU6NCA5e-9%nwdZ#0<31*2hU;adau zGEMHsb=0Xzsm{bLM;Y$&!WY{AtQFu>8hLRI#kpVH{liiQz>8Vmd+vkiaCH_eCz zZ3QeMQuiuxc2n1p-!dp?K6)PBF#jkX*;NXGCr zcY>LY)48k80fW1_`>_c17+*BSm82-0yrSE3*wgyL`+1A?F3@#i)zyZ#Jg|wJ7gA^8 z)$exVyf;X zMVr8mA%5#08yn+acRsV+LH%6wQOrrfZN z#&5T8!?});q(fimT@S2dy;$LkOsZ3k10!k#b@3wZngy%Mhb_@BtIV%HKcBOG!br6h z_${dac(7H#YBk|~o|NE48V?zm@Z`7vXpf+J&NnVf7|ykBJ6?w{Rl>Z+IA+!(ysw1H>dtvaoo zUuveoC?c>H6o_a(DWQWKhRC&qeKrj5T;+mz&;z9X+&zi*b(dVX#|;8&W5^>RvOs;(z)JZj2T%q%`e)uFKj1~(;0r4*{_w=YZI@>uO z$^`Y6^4o^KEIEm+->!k z(Vp3Xm~pV28dddn$N3PCw*#tZAR43qPA?2V%RnI2c z%fHDx71rGX!yM6@QZ#b}Xt!oqxJS+*Z$-LYCb8{!i!eVi>yAq3jz(wQGJd{ix(IgB z<5VnC>NNaE-fv>^vV3!|$zL9>mS+QT5&VseX%map@{y zn!v{)Oxy!o;90(IPWI&8t8hUFF2R=2pjFk4(Wh#wL0<3I zHSThh>F)UFlVQc{Pq+wDNIg9PT0_nN#@=!1GWOC-n{$}+F5#8hY2uav&uiF0GG9CX zv(T%c>{@}j5e|0&DeNY%R-;l2>m75>B$)Ru#DP@TFQ53v?6sFu8Bn8el_6=d3i%ONO+O0s6$tT_Tb>E)(7IP3AzFg z&PAM6FmVh6HxKuqkvK=%aJZ)vZs{pWVC-m+QFQgZ2hi?uDB=EuP|Eobq8S z(8O<|l4_lBK>g~VESOIz_edDdsWLp#KZevZ;F!o@6w`MpR>9v=sSR{fdZ$qy)$=|X zA|YE|!rJ3I>1WwZK%~whOiw~@^1?-@PiCTvQ$k>Ca*aat<_31~4Z`z4c|2K-v^EtJ zISTfh!sgPW_HvJXo5l1oS+$e;d!nBN$bR*Bl|)IFqqf3!GIa9BSF@tV*oLFaP~}s% z`G+e;&zbe038yofU(-VtOFxMtu%wI^S)dsEwBC^Y3(?)Hn5FU!7tr67Tq ze*Z5oKsMAAuU>y=k_9Gk_j@4=?lOW+)DzgwZZy;E(Z1YmZSFXoz-JMLw$&7bbr(1v zJv(VWRp`xYrY~#end8(G8}V>pa|s2N@L+$y4Vk7{lXJ6z`UE0FCQd}^GMlnA(d8->mU z6^c~MtA8mZV~Nb^JY*HCNw=P{J>8Q6#F0wZnA zb`|yWL&IBd{S}TaB`6wlrCVG4L2E_48L0!n91xyK6MaV5|dRoajhD^B0K#Hx*rFd~rrIPg&G3wxZIag>TwFnke4 z>WZ-0v$4L;&<-8w6Y!1Khc0f|i%ZHV3Og#@#Iz>i7?M1UI^Jjv@BWD1a6wE=P5F(u z01*z^(3-@pgpUq*sYc^O#X{f?b8ig3R0{g;sq}>wdYGQfftf&wvj4FvKw?0i=Ng;* zN|#fP2g)6Y^hQpW5U52wwwx}vFwA*SFPFP#>#OY{{k=$JM5#uy;el*JPRv6Wu7T>2{=dA#>plW1B0A)Xbdr=-Ir5Ag^a5Wqdq{T^kmA}0tWn+Yk)Rq?}x>Y$1Uh2q# zS;T}0-Q}ezo6@>nAmORS)9ybVS))q-`_1`}9a{voHwgsn!C366+#QwnZ01XWk6QOH z)^ZUEhD${his`TjXUG<*ur;H!;5bOaOl`MU zMmDb)^j{5LRloLd=Zh3}TN+x9HQJxYv=VDa5Pn+S(3t#!L`>LozAoG2Ra{$Y$vDvO zO$!XM+t}ZYCL!MQZp0Cmkc`WlV=Fpm!9muT1{y+lzQZm#g_$1kzRdP@$6)e_4f3&w zh+R{V$aHv@)cQRQ@Ja67yVq+OaS^o*tMLSJ%owwzmm`&R1lx+M+5x4=JpbDisI)AF5G0WEM;pXx}TdIR0>eD;EbSdvV(LZ`a`EE_>7_m<^)xB*J|o^siOp(t#4 zvGd-kP%o4-W)u8p*6021&mG(=XvV?0GyEqH2XOjccVvP%gb1EnGoL;m)9;ADM$I#i zg*yYwlBN;zh$VZwKO5{txP@q}`!BDkojlw_y}Wql^^i4Byibw~uA^Q?>b2RBW^yrWg!&w;eN!^~LP&`~9p_7dtYY}O+> z7!vte19jC`#<5ocsC*gNhAdb4lbvBg1fzpg+lbbOYG{hq>_eO@$7^+ci zFLDRYxV`=rlz>mkY>7+lq;MzYA|nr1?#`1|ZRS0>1wz8(K z;8{j@&pbP_YWLja>c`0_YHA*=Skf10_vGanM#@d3ZgvIrQh{Q&q6EU;LRa>X!*oj} zwq0hq{BC!T3+*G&*LS~0M*`XLbORy3CPF?xyM)5uZFF?;GP^)?I|c-YfBJ<1xwOK? z)kh(2c(v2J7o3z#A_#Q0p+Inspc|zINSlYmecV7I{73 z%0BgdbzuU6NDjlnsQlh5@i(){iwnZJVUT;trin(x)(OV*0Wq|+?U@OscU*(NL~8n| z<7IsyckF5?8XK{D^}9Fy8FM)l)`xKrEUZ#yVsOmbQp7nCb=SkKVA=Wu0SAZss~XSM zZxoU99XM<+ED9pOFm0!t4i&3C1zzrld*x|1sP9GWZFg2!`kh^BqU4KQCMX}63N}dE z*HE~$jg)EuHn@7Ihdzn#r2H6X#Nx1pdga9Crltajuue0r(0ToAymW$WwL`TOi?poi z#a>dk?>B8ExE)xr^u`OhZ(|n0GpV0Ppb%{MYKJV!kr&7eS`Wv??J2MV&luzfa}_5y z{RF8sRgU0dUItE_OpB99+?E33&=i34+B4}s-?E}3B~-V%;aRoaNgM;-R(^0q%w145 zvnNV=bbpw}FL)E9P?Bn4T~X$(eD95wpFy`fir|&>Vz8_+`3HGxTQx3?t&2GJ5p|Xc zup5^wp^mamFUJc0^d~XE`1^^y=C`)T4%0UARQBCiuOsf;GrovM1n$|83;@>I8>`pT z^wwm4ex3!3Q6)-|328#Iu@5sL0&LMX+Hs%}Jt8a3ku|%IG#qz*t0iBJFT*9zE zj@jk;emX|#oHf(%j@&uN_IWDse)#*(5ni4UF*?jHU8+H+6!82m_76yiT64V74>;P1 zzrHRkASYxh^adZnU`*&35NKPjBI8k2PaGsJvw2GLYH9Oz$JeX5`aI}+JJh1&Wwgeo zcjI9{)hd%OC|GbrEz7lXIsE>Ho%DAJ(_0qhpPt(FjEmfoLPT}S-*Kx8LyIqmP70?^ z-5#2*&1Xnt&6>vM=4|QB{9aeBs@y?TTX2>F9Brb?5-P|}@-cgD^+uqow%)%O6y5wv z)u>-rK-l{d2m+_?IO3KCTlgUf^p?(LsTBGK6X^PAkEJ#r2xxKTu&@ya%hOW}h|C=L ztj~RAOJ$I?gV4-`iH^>DzS3o-+K9Ai9A|f~BlsUnzBEKv-O;+3=x}Ep2u}lDuEBmB=oOS=m5(-UL z`K&aIJh_5MKdAZlxo|9$V9Y;Gc;WMlmyS2i!E052?#j=M@zIE3WG&RCFRiz6M= z%guXQezhuU^k{9OLfCOq8}KMq4T15RUi%plodqtn60hDfqCH`nt%$2GamdV+3$MO# za!H%k@@7eT=pBp+hAVb-3+6jUvxNOTt)l900{#2o0AGm7{Oe7NPd_f66bFBuSVrU6 zyur_iiRfXf3t?CrJT;E|EOhUb;Pi_7=W-R+hC|qd8zWZ}qu61(7zI4Kcm{fN!3sGI z4jR^<-S1E1M|TJiL*QXIX#^XhFz~ZME>6gvj7%&@{{9_;bu&vk%D*Cy8ho#DoHxel zIOw#P`!hLNAr$#rpcU69L@&?Sr}hcEvtO@C^_Q|E`fBX!Zd59lV$!W{QZ;QaxBexk z`j145na00)hIL)ZU41OmUgk6}aT$8eNO`H+e!3vL-iYx+MN!F0!9A(t#rOJ7Q4Y_9 zb1AT6Pd3Bc@t5L6GHD>R%06vq&%g-UZ9`9q5rh{L)-Sox%xhduDk!qQ@=lpV*pn zVj&1n;v&Qu4EnE~)%9qh+~)siMX$$5@K2W|l`}!+Sz3l8mnZgYx!H(SShMWLJ==6E zNo~tuu-Ln#=&*_%W<*b|t4WiOt_8F5u(!)y;s(i0@Z-*$WJ&t!przoy7a+gt2@g(L zMeX!pX{flAs?tLkshQYz@InVq9C{b1x#R^y?=cXZYB2;ILbQ6lsRA-vcrC2(N3@0i z@hql>5{wTC%<6!UWS@d;k8r^liEunJUaQM?*2WwvDctfDHSN2>FY=`|@OpyHDPDAS z5c}xl^nvM#AnYSO`>LR(Hu%@n!p~q{a|_mD<(}Df1V(Gm*-4x*CFZ*;+!SXo%4HKt zTrJk|1k7yB$^Ekep%Yz!;mB70e(Zj&Yvpd&eiPE8Hzd0^i-6%jCI=2os;wnQoXnnUHdksLVVq3#uPDlR&0yu1 zdp5}&GgE!7YV%k&tRDzpw}r`B6>E`)*U0ZzAxtTNrBFXj20JTy}h0ZEKF}`&{8X%6L2f4bF<-x0N3gMnx7xO&~pK< z{3=&8g8L^at}^^zImIB)?bJJP=j#(_RB+IQ$#kn%Hku6^ z?jBu^i?r%K=Ji`8bn7F~^z2{>WKl|WP1?PQ*rp+ymY3zmmL&=j0`pxprv$`c_0^ zPm$fz_b4oT;}s?OPEOwH;dCDM`Em=Kdf$eD72AoU6siDux_EuYa5-KUwE^mQbVL&N zvM|GJFvS=HgV8Wtl#KX`ERo*J9wj-+f}9Q(k*nHI<|XNZrL<01K>yGF&kTFe;tVO9 z<{3W6?_RExXWhX&g(Jtt_SOP=faWgZtdnSHn}j*m0$bzLjECdzZ8d*fko-`4%9)Nn zB#11FKFU6Hyq0f-X;py>5)@`l51+}e`jWX^sI3B4N~#)b)0+)$bOr24kCAn$OY$@l zXu`iZY7K}EM!Yxoyb+YdW6w<+DbEtb3<&V9vJQTw5W+f)(XBSIdT0DTBQXL025CG} zqsfsK7*SnfebyFU4S=D+D@r+TtC&rdD2J@FNk*PfsFnH6u6lNL)6QAv=8{`IpElyk z!0GTI@W-U7^QR~!2ZxpBk>t{-vFW*$fjLoUbO(|wxgk?o7WGVW)@Di#=YCdPqCKt( zxwU3m>9}EgJY>p5nYaMi!Jb+> z6ZhA~m<>N7B$15H)3*0Gnb=~Hv)1$yuIkt$Og|AN&niM16+rjQy=~)6)T%q5IsXL@ z{=XnGB{>ihA312NDYGA#YSB3gL;H3w-o!@qy;uDL!$ZHw@=>JdR)$W(3PCl^(g(HX z3*pP}7x%aP4VH_qH|Dx(V-T09TY1U%iI%@f01N*4%H~H}_9G8WnKnIl;|C8cHAYZH zPv$R;jp}(pt&;X@e1VgV9I(XBO#l4|I)2ssC~il*eob=oGGAhySYRNnI6ZRjGRKQa zCCAT6Pg+`~xNpJn4CV(cnxsxQF#OL`Sp2oK_-~=V7fasVLTyoy%U7zT)pmp!Ta>;n z5}n6}qv>C>QEXJsmP3a%IM}7iy-l+@0;Huk3`kkbS zbB=Z7%+KC_^zWKdCQqz>5|mWt7uZ(;vd?iInn zEgKA@ukUY~92Ut|YNZjvdxqMa#1CpDn#@K;ZSOch^&TH5GQW#h4ZrC?hNi=%(#ua0 zCJv`WHBz%a^l?tYvsw{v@zKU3c-v796|7O&qNNsq?nC9)+J%dUOwG*ZwNg#}&jhPG zm@kcΜP}1FFg7fK>%@HdPl%4DQbp{Y_lmm=hXu-`RhJKnC*Hx!^3wsCqD0x@q#= zUf$J`=eQw@TAI?kRz`LOgu>bWO#6z|!3#BU##;O6swhEj?L-&nU?1kI{w}HF!@#9< z6f4(Ff@=E$euSHCS7sw)4~!;Ose|lbbpqv%<~lX}ruj|N<>;S|X&@4u7XR<-*;i#f zy{KB;#FE3BfQ3<%^u-`@#xd;b=f3_RV`Xm4O!`OOx!$c#EL!eXFEYxpbYc$MUtZI* z{kpe#wdQKhys*Z<(TM3Ua3sAXaFL1Vq#$39zIlq4h!O%i1(6Y+Q?lEdVNxwv}PQZa1%k6~dI4z(ZTz)eYi}(IKglfK>4cP#?Dzd z(9ccWqa?@Z5u*YG`yR62`QZvZ0CP02$}9>+ln_SQIS=sh1XrC_R<+p@wc7S$QcJDD z$5QEB6-s&jA-QEZPzBv@)Lg<0Ob|ka>BlerKAwAB7M1P}C_&X7Upp0$h>>ucxJ9KX zx0+3Q17fR42)-wSwioJozhpCrstY8Zqd!Wkh6M^-3woPdqqn=T_i^)fb?XawGB~ya zE?tfsR6g9%zPwz&SUCAzFO_W$tBLYD-Q55KvcD6St1Dbs2$7X$L`8iNU&#a7>UScJ zmeWls{R)Vrl_a#^5)oSC%*eoN$$dncF z^q`Xs%5UZ2XjJfJCX7&|j<3s&jF-VQbK1m7WhX>H(6>mrH08y@iy~j~9*pi^PRwmG zyIHCRc$%=SRjfzCppWEs5<5qFd2}mUK-VJ;e$@?>GWF>1p)S|ih4f2@s52-Rhw$T@ z4r1l!Wy11MqNH9=QrkPGUN5@pnQbE!gY+3`1I$3t)|;S-R?`cH>JNrI5aMG7a3Jsl za_U2%qc~Ox_kf$(piA^OpcZ6?O}h-!J*FH^<{eH^oIP*06BO z3*xq|F;PV6-j^3IrVVOgs9FtCb#4oY) zQW8#;W3-V7)}n@nt&G>vyzhDgQ}r1WAyJPDK74AVAQ_3T#~N_PA%E?y0wa878thXe zVz&>unP^h@;Bjz#3~7g0GfoAO%uFv2H+W{I4=f;C@3wk}xi5RTISE(((86?wfPk-~ z6?{)BJ$N(UkEU?DLYL{1AS2W_AhDSgm61Mee?ep|J`L`5zj5cN!P6@D>3F30LHBo8 zAO8r`xi}yqEV4Yz=YUFlJ0T@zHW%OhR>N8s8G7t}Is2#CG9@9WZC9VGm>IG7?)Ui? z`Y*PFUUp~`R7s1dzwb{04V4;hb3J1{@(2k4+q+N*QYb-^5+=XP?&AbQed$G|4Ft=+ zTgQ!;BlOJb?RYbm7>nq%W4;fln>uU*bo)AJwZrixb}(&#WUrO5o3tBpE1M9DC#PDo z?%46TD;qbvB8yU@&lC!IzJuVHYfX4 zRzv3#8+U05eKCab?-?jt9g~B>hTZ8Uz#)kF%Kpo)IT=kSs`d>evq^_t?U^V0L1u|V zgH&ib9^MZU+Iwu{V^8oeOWV&Ufk3`!bsfxTKOmZy&`1|NZ%GU#Z3_e;G ze+;ggIS*bEAvdT>3LzQzwN$zSpxb*MVym#g5Ze%jzcqKOu43EG?TjA?6ih&ACK;H= zvyP$*AS17Gta~-mI_cf|E@nqPGTigz_ku&5mNHDy}&s_5uCtU+Q11K z@pnOf7Ol3=kgG(v5>1haA&a+g#*bZR=a!^YN2bNwu~f?trEL973)~7+b$^|u&nQA2 zp^g_NdgK8_i4kd?6b39TqKhDqSLth`ive=?cvTXE%WF7IZ=6mY^I49spK*{QFO^t? zA(5Sr(nkWd&JmCMK6+4>T8kPT%ePys-e)$th)7q#qUEjRz&|# z=CAnN>T$W9<_}@qHFxiP@6FLB7CEPNT+K@{$M9G$z%Mc2sC9yVzEZj2DYnp0@Tz?r z;*Y5qCtl!pFV9C-1e@7odX%@#ah$as8ejH_2e@AEAo*KCBcJvvh`zfYiMlzXUMdm~ zI`}>#uhHf@eF@h|ujlAGnbWyH$Bx;W?<2#gA1}YI!Zl%r@ua($ne>f%y*uH%|D9`V z%H9y&{K*X^akzh1`uS-cJg8aY$QnLE+Vq|F_fo&g~pqEdl%?W<-8UoGEE)7{<=#fLFt?}IFR!eQjOE$B@QDzm{>H%4*Rv; zuTil6WTTDu^SM0_mm?x_2-`-l*HkCJiE6*^1*vl@LYI?fw&7Gznr85Z?q@wg`FXQR zftfq8WE#hunnD~i+ZHaF_XD4Bn{t-CF0ZJ$f=_YwJ}&}k;Vo#bma_IO*lfxqw~HM% z(_i1}Q263OWeWLY2=U2A_Cy|DF|1sEiV-{BW8)sa;vODF0W-|!tQr% zEaFsVpzGtwXP>xdAX9NUicUk7B){YrmB72$wF8dCHjhzsETG)^dR9eZI&L{J*eW9L z`SLI29+2C!1yU*2SL0~7J$aQ3lw8Poc1x*Wjj||Q5<0BnLnR)EZszHxp@or3gb|$BZ#m5Q zpW|f76_zK{baC%zIlQQ__FWtek0|$?8u4^88naQ68S3Y$i?GxRig4F$4|6LVjjRc& zB>jN|k#?4$lS{uq9Yrv6jkmd(kUWC;;W%Pc7F12Mt$KE5&RpG* zM^%k?;p8GKUW?tbsH>)~g4~rJoYQ8s)>+cQqhpyG>JuG0WtZisO8HXzjqFf`jSxXo zGWEKlaofqnXiXwXJ?gEtV&MC78BTxR<})x)7dOH_v;!gatl$* zHH%L|elg!7AW&{WiSkzz>#z&!66i2mjvHq|>1`sCIobmGH_K|ecDX~>$Ha+f)0_8b zJa$df72n_L)~@iUm`7QaKQ{X%gi2SPJ#dj8N_5-fPdKBjtxqGnZtt1f*ubV~W#?NF zA$nd7tLp3g39PLY@Mj4LoD0C8TYXw~j&n=+10M5Vik<|Mq3rL~B(g`9<4_p>6p8#b zJ<+9lKLZ42c8&g${iApO4=4T4AchRWin|F_O5#@LPj>&c3ad#0s$g@2*FU*2@qc2y zz4$+jA&(9}iT@KC^4Gc&U?!Y&Z@0^PCWk);U4I?wO6Wg~ktD$UN%bec^MB!iw?S<1 zqQ-^<9z*G`Y5b3diVFW`OcXb5jpASb^sn~*WgfqExsZ_{!7jqLwN?C&hDwh1W(>Zg znrZf5=l8Gn{u?T1GPS~z}Jl(nc_{5#}ENdk& zk2lWFF*c5v0&1bUZE$V^b$G{m%fP*JuPUKJJnZGl{?%Q9e>;kMTU5ioZutVzj*t@u zJKLO_TM6+hCga`#zm<(+TUe0IQuaf0A}*5+QU!=lG@u=@m+zmBWXSk(Uu2C{rOMO8 zH3d6uly%`;6C%4LZW{mZ*I&w8fL@&a^600gskv<{`SHDqpKE-}C`j2Z9N&IVRxKm0Qby#Wm zga~mHf!kUug5sdUTJPh4#vF#}_ExEyw|5?nRRy6Xe$M+XXFy%fA{4nTn6~XDe*Qv~ z2>JPvD0^{ymZY?t7PRi8k=b@x2et6kB%~c zd&34|=H0h+8jTyh*aRQ4u`e!5RS2wFdJsmk{~2ro<58!25%>0zs#Jf8oDzrM&|z&Z zBpQWA07LMz`#*bR*fCmP@)D@V2TlYgXfa1ww|VPWm&z=`WnfOElJj3aSt3h|(kghcHm`H#w* zt{W0VNWMW~TkmJ(whM>5ZETc&6Pprpq*W!kz7TU*IzB&lh8Dv0^=c@5vAV_l{L8FA zITRo|AY~57ytE#1;={Bl^?FP1D)dpXbD*+VzmLt2JGxONO=>(n{SDRsPg|r z?Yj8y?fre19(JEDu8$1+JWE(sK1a@>pKrAay)laU_EsgIdmhEO9~i6+W=FF^8$7&w zd@|qV1KJUZuSxvLf!f2pk1wM2B&);6Ht@z0daXknq?33s&DB*B+0U17mu7EZrFyaZ z<+C|n2mA5qcFWBx9xN+4m;yWVt1Jh6A-d^8L>|+_~aoL&{m#7=EGJ?f^ zt3MJ%3~0mw=Vo0@bLG+R(no{W>}D}krgT^z0{qy|BIilx%Ald4``wu;FoDQ@3yHp= zN-p`iC5S($T*&zch^IHtE*7eo0HwH|Q^U*9R@(JLmB-?vW+B_Ms+fB4uqK+<*PC2i zn%(o0Q4(o-fTKgG3Wo34F?CsMuIzJjIc+6)*du%_mfu8&t{t!CRB}~p0BDDx6eR}T zQ>{)BTtr{qanw!|9xN#BT)tU$^*9t)!5Zk8Rn(Bg!eRGOXUseu^tkJ3ndi$uC-#eC z&oo&3-&+d&b&T)86}v;1;Zhk=G>mQD7?ZCYsDpC6Mmtp$J=mM}CcC-$weUY_cF}i? zPS`?URl1pm5R_4~;4YnlmhXf0+1wwW$c)4=YzWx5yCx|W)eC@A2Y?QGg1D1FIx`g@ zfYs_ijPYqoB(;rnujnM`?Q~ixfcoNFj)0CG-oGrOhP}W2MT2bwPyT!F*lFOQUR#y> zxa{-AbcNQ@gby1RIu$z8mf>e2g?)~^xEl{~2FPld<)3_xLWsf?cyZbbU**pH2F#ZN z>!(~aN$+eaCmPE(urNbQfQnEy;y&cn7VLTKY{a;Q@>@s-k(3X=z#< zCPCqqGx&dAAm+`E*l`skR;4^TT?GJkB2FXfmFBSx6;<$g%W-J1&w>v~unS+eKKKyc zlrS)L57*w5?E9fioC1fw{~>YBhJTMW$$vFw>1b-{4ZtN-FdKYlJu|WKMVW8pUesRF zB@p)$>0Mo|FwhENxzu|~Top{hKT61}tT7#Q-G-HhiYR|x5~yej#c8J%`Q)G-{lwXC zJX<4Ot^hZ9*+jCZ>k68ffobR!z&SV<6-yRj0Ca#g_}zbfUg?ZoJ9Qc6R^01KG`1H}sUw7$bTs9&j23=YZAyrApkviw&<8W}2#wic%hf$@T7bFq|Wz z%Io-z%ZeQ0mxj1edy}Ltv&L)++DU21h&iBwT@)vR9OY=W8fZnW!B_+OB#-yP$^leOeDw6U*`jT_7lJ+ zNrV;BszPK-H53SDxu%!0GujMT`dGbGLki)x+Je#O5Z0T7iu^s_r;51?+TI%P^O$F> zo0GBQjxut>FyHy-nARoGTh`DmGE|U@;)7#*F6^blv|LDe$X4Ao42p%S*7_fLw<9xUVW5OsH_T!wPqGB6kx1fG#Pyk{>a%%n#X z;;&&yQHB=co{DNIvo_VJ&+D+Ug@0TLlOyKY}y`f1s~kP_3>Tj z@d#j-l7~QYUwKy>F}s9lU!5$d(Ym43O~lH=#TsRb;NoExbX$yQ43T1{5V*c3!9#qjT$9LD(8PO z_RhhPeck@>#I|kQ9cz*d;$&jm>Daa>6Wf^BHaeKt6Wi+8dGmely;Z;a*7H=|e^2$P z+UM+bcCYopS}uo_HeF6czBj|lHVE}$G{S8wf^E|a(?O)t=%tz7wI^?94_kP+J4}Cg zY7E&PoaUOH^OH7eo0%YDE zxSuAo4*<0KbZ!a~l+b)s^_Vq61uyg@_Cl+_q8^r$(Ne)>gcsHC8+f{TRU+lP+VnMF zME5VSyCr|(rIPHO?wJ{zLFk=UJzQ-kdiM%LqjX;QW)p4^Dw5i}94Z|YV+~%ru9s{-4GZuxYbMku;;upqCu=e@6_)idvu|N@mkY6dJSe6o{;?+?N*|p* zbbS0!oHs%Z4J(W$cM3JnLv&6B=FguEYD$o{HSDD~Cg&VKG;O|)7!y;94n^aueF(9H zRjvB%Pztt)LyUAzgwzA+D^aA4bos8fy(Df`183{|HKdx%gTBVS!*CZdf|vFRw!Qt< zEgPj{Q-*csni`hq-H!ZSZ*!>_+g7gw3BBT|Vo|_Z6E2+{0#>5T^XN&nwE4@7W z`NqNhjkDc&z{*}yiFu)wCU9@>ry7PMdi>K`er>aPdB}oMzfT@bpR)WZG%Qt_;skQt z=Z(etETfxNvKQQ4a~ChVZOvw~S>UMLTpzNy@I#~8WnVW&&cfKa<#yVo<-Q3f{Io== zXrEi}>9+dvG9lF3=J|^4vXShpcfC-0E_$4hBe`H|SfBp0(kuFtuud&7AWz~-OF9c0 z<*p#Vf-vlH1Iw5<*zHgQRq9|piyW=nU@aPa1&jznT<^_$SdMcussxd?H9_jU?4rD^ zh!SOsd!Ik=>w{Oz@#3eyOwKuc@T0Qnz+73^dbD?8d0G^onxVe=+9g+OW{JmgrgUO1 z9KA>3f0dK_!D8qyLaV*e5{D-jGKjNSjSaC}`IE;YcbAdKL%O2N5lMZQ`aq0}_p566 zoA~#=u4}xPMjg%r?#*k#~8@92{uOBAO6zKERMxfOj2>Bc&_ zQAiX%$l;JfW&-jNwZWjp-!0A#_2rOB9 z@QO$JQmt@#M?gzoXWW@BWewD?>3_K~L?x5a`}Q9~iWK?-N33^xB*Kh`8jI19;=9!& zM9s`BotjsYvbGHPRQyYmbU$SH+$u3sIMn`)pWxZa`sbg-PkXW<2`L$|oopSkDH97E zqIF!W!ksmad0aL}O@O7PfTkupXHCuCA0+`a)pY6WG1+GscKzQ){Se=~){wvjNp9o# zN#rxL&J5kwHpD5rIT%RELAr_uWCKps)Z6pdreAP=BOsPJ?5|N%^Ev1CMp}B#P2|?o zRzyF=l@lXSg(YAL+qL|oy z^5F?ymM%|ug@Ym3LX!PtTvFVFsNTpL105&8plm^1y6oZLmY(%@V2vQY^BrU9e3L;9 zbcMwf#>aWK<;7Mg|1<3V?d1yE1AlMx2&!2M38y(8mu=#vw(}0MP(QA6m zR0H9b5pRj58%Ojpg^lU?Aa(M6B{~dKh?c=*@(_~9dPz{L;B*%1;d*5V95&0nv@qwe zLBCC^9Nl5X_&$$1<$i*0Vh2l05Xj2t&yb#9v+N3AmOuNjB6x85QcL+JfBG6Tn(bor zPUr5Uk9n7@+52rT>cN8V!82Tc(t&Gd8U(`i@i4Ew=tKk0F0yXgcw$ASs&VifF^dT0 zL@reJ}<+=5LWY|XL%X3sR@^x z7(nUzTNHBj2fm#Nxc>&3c+y5(j_qR*?uYu$!ym?{-0=$R;K_ri!K}Qu8%(}mdf!kR zj6#Jfu$<-?{yXwxrfY6|q+gyg(BWQewT|XPI*4(uu^)!+=Ee9s%{BaYcxD=6@8~a& zky63=RlZj6w{X4ws(k?)*t4Zaes|z)C;Z!Zc6w4Y@SMN@`MWL6w{PW&GhgdG ziKO*D+5mnb`R26$a{=b5SN-JE55C#&d%Fe-lqh_1K?V%aMJUskv&$dC&%CXOX-L_3 zlR*xSQs>~W{z|l}ZHcZ^rC7M3?SBgV8PL##>xar zv|?g;C4NyoQbtavkIXSXC=wT5!H@0XFLGY95Zrk%GYT72F9e7F_7%AW4eaL`zh5hO_(LQEUPP;N=n6c!uc+dTVq4LStC)x4CZ2lG?EfOR^JHO*^qp;? zPP0qwujr6>@-x-Un&Hfs_5jp{u@RBDW;B|u{zOg_r|Q!}&4uVH$U&IfQcJUCGNf}C zZuW3&&*YjQ`=50A1*yu_-Dr*czrT!?irM+F`I&!_qQ9%yFZ-4`Nk3TP5g5wiEg`&h zatuGDDRds)B`_veRgW2AJ_{cCEu_P26IwbrR*AZH7W0Lviuf$3x*91n>(tCy^O5G? zgNmEipEpO5;f&!q)L(kgRj8MGR{KyK^5lUoyfVg;NRg4p#U^RmszIZ$#VSC9hQJ&= zZwu-gYio1EWji&cn!u2D+yK=l0i{;-&8q&$FC?Cx&s#Xh3X`5J@2jyePA-=&d_kT3 zNt`bvT=X%vo#Umf8DEA<*)7I_ zKvx;~m`~sFppAccr;ZFEVTjz-Y;&c?e4jR!XPYu8c2Hi?Do9|+Wc<#g)GN~|i*RUZ zn27y@Jj0R}Rw&3}u^?WWwxt^rbsax3sU>A+t?EE)-*Z(*xj-M91@?U1uaJ~ zWP~bZ=tq7l-b80CN#kWA%nK}d**x0)bmCi9%}jzW7W!QdP!(%ld+N^EfnR92AX+%L zG-W|-`6V6d`;4q0WA{IwehvYo%b@AQ!#Enay4wp)^t}*L^H#n7Y62Sx<>|@SSxH=e zr7I8R&aku=^LH8yz=Z>?q^|6zvd^Qlzpz{*y`ax0d$YOxQd^x3YsUB_UH<~hq7S|{ za$(D`4ccOJ(o-_8tLc#JP+VS~=KgBLnt6_=fubPy8^?`+JI9aQ1W)QZ+u}+7pbM1Q zA9L5GCF%YN{ZSQ#%JSf$qx{Rl~g`p^zyWlC+Ina#8eCr;)2EBPl; z6hgAJ(q6hdj*hZ{aA1mUV!tHA=P z>v2Bp5>Z9Y`?BOB*7xr9=&R8EfR&A5I(@kVm8E=9GaAnM9XGMFOQc0KSS^W3?1!rV z_9>yxp{t~X4g4vSb^OXwQ+zTCH1+;oO;b2GJQ-a3g@URog0=j%JLYtne%NSY z;+KM&^WLE$cJ95$Ft~zRkRR!c*;sz}Rr$YwIvoNC>#A1y%d32_$H0@#!g}yI*2Rvt z=!>x32a&V%x^oX6_vs53@;Ny>la#Z?3Js2WYcW$x3B-H9!R)#`OSzoOQTYivth7tN z%1T|9KUs~VkQSbsM^Ug%Jm?Y?WAbCEW}?I}{ZEi~08v6u5&~ZAK>ucpv>%U&{f00+=bs5_$O%go=z(++_`OCI8qg4xr@#Dzg_TU$Ne5b zMzN@4}htG(~xDIkx4q6vpQM0CqQK*#k!dDxmkG*4JL`hEmd{O z4fOK1y>B;M??1EOv3VE?BOM(cV)zn8UUqjFsekB~wHveqmJ;-CXiZ-`m&(P5m2VlG zCWYrtS*5i^Vqjxs2;116Zf$ed$`7LNl~uJubtcxIA5&7FlTA(~mTYZwUq8ozPgHCV zNr+S4kFE+Bx+(s7zdemK>{F3VsM5!^Z_!DOTrtOlfHKX8`}B`XNOyUS#;|;i#@y*q zgndmm^Xn02(tJAB1z`!DJRPm~qyN1_|1SykUq)>etklLWG5hj>xNfp0X0ShKh8XID zf-W}5Wavb8x^IhPI^0O!v^j=e~IX;nuJE7o4s|9jK z(KWfa7F3z0hQ#pz&Exk<#pqg85Y{x5!*@p=O&0D96?ag(4alH5c>=L;MuSv^Zd5qD zjT^obdp=c|kLP{0XZK$^5z+u~LL*f5*Bq5gEetw)*SsUIFZsFNTtB@z6L)Ha31|_5 z%3B8gqEr>3WL?ibCMRP`l-tdG#xNI5f(4)Kpzq}cnuU56uP4JM7Sk~K092P^7?mC! zXK0b(#v_GvvV&fsJ=h)55#QyD={SwYVfpy*2mzpC%$X?242m}m^qsIzUOh%Snt|ek ziKB#C(<4v#hn7-4hIja(#X>RfZ+Epe#0U39pJ_t z%u>fsue1dAnF)1kNl7Q7QENC&>c1G`-;HW|77<7nxo!Q3V(_@1nh^_Xp#mWr6@Swb zdfe8iEr1W<`QTMt{k{`vwM%X7IgCe2qc4!4w%3@T5c zqI^ZBNh2cE*1$8m@4}Z&C5(d(tP{K*IoBWXU+i1ifFsI0 zVwj|}$eStb48ozX_c!~neiqGoE)a)?BGZ0KVu@jsMSvm1oYIU8ydq4TyQhbR6poTv z0a$GAokb}s@I9y;iTaXDacs>*!ZMnA8desA2Up$l*0A)KkHoP`}J!@`&_v`;iC z@q%%z!((>G1#>kVO(fS}4c8WOmcSqvC=cj>G=&A8r{`MPU{(@?&Z8-053M-dq z?R}dZb4b^1PVUc&9P(y_iFXoTy&iU`O%mq|##x}_iJG?>F9wW)GDxtt!_D9twb7eI zeTdGr4kH!AU{yI`rs1B`55eZZiz@pIaZ5?TF=m!6(t7-pz~5tMR$`u>^;h@ij!cR= z)-Z1GpDLElA@!~L+BF`UJ6}QU#Ho(MWp>#-VQ&yYTRp=8xY#``_)0hADD&an7joxaDmHo25 z)-sfkk^?oVy7gCo)F@q;n-m~WmOCp@kTL2>@liay-8s)edn~)|{R|1Rb+$r3?U_l$Uj(+;mODJhhAib{Nu6H`u@PlcQwKax{cGyMB>adj1%IotOs?Y*?Bs_$>~H!;Z&M`u8? zM|%H=AUgQZ2PAIG1n#N)1MUfRw~0dfTnN`$n-*AHNe%PSgBF2!)LO#j9ld^|9wDwb z+wA7IPF`NKK|?##sr&e0uvCl7isNdtG5`5r2}y|-Chxhd@>?TT5x|caM27@dxL_F%N=JyKg9+3zkByj2tPw!Unm=Xy zMNjl7#DSQN?ok~48Tm5PDDYB)pYTCFr4Ec#6d3fY*gPPI#3tSPrw1+8h_k?H(W`_) zk(AgWrS~)4{q_h66Bu3;%|<(TCFPky(fH42xI5r2LQmaoltb8qpsyYHut!mW?usal z(=u4Hx_~Y-le>PK-RkYIHqX41YP$(qLee;3VHPh+jTLmZ`_L2XzS<=42@HW-L$c4+ zq}dxwe5FuC-r0deBZ0;>11Iy&-g2aav2BH<3uITT)(-UIW$CMO7yZ0cQ#Nqa49uN} zlH^AH+du%&u_z)G_Qc?2Hc<^XW=p?T0kg(PX1%H$yfoL;hFG6su43-PmsEY*-N)UY z^+ts+kdoyuZRiTuN)v#HuA$GIJ+c7ur zd`@R)MrsT-{Z67BJGIoKKWZbzcMnPD#fG5c1ZhP!ApK}`2C2^2F_`{0I(p~v3)7|^ zzkQbBXm=MYHV<--vOuq^nle$tf4gZ6F`uO;YPK~SEEIMRIr&1 zRK=60acT!Ubcak_KGl<{WE*sgGu-m?gP}aXfNTsBgbehq^$Foq>>sy{wdnz+!?%%(Lc=^$jSgl?C0aXdiP26Ra2I@|2kiF%#gGs?ASHnB>S_iIIijlU zK=X7WLX=?pHiGw!0RCTVgE?{D#2HTUy365FKgNbc`|>I~Gnm`V2Mtw!YFv5%b5j^{ znKug@{L5n-X*x7kdZUcDOcC18F{KR)w^YT6jw{pZzO2MZV1+y$YB;CnH4gS6Z_C5}!5 z&7#y+T$g6H zorjAhH;d#1+495KgRl|rGdehpYvyxSIy&Byhh+J{U4#jP;uEdR-cZg#9NyU0T@u9u zwLC4@2~9yA`Z>bq`=7YRI*^))>Go9KwfmVOMcs1P6u(i{k2~h7`LnZqb}};* zs1K6(jrDRrd+)#$N*gzT)vz+h$7`aXhXPT=F1aTE%I{l0M8RBU=KLiP&kJ?YL*Xr< zyY{R??C#N|qy2#LE|W=IuY}acF|S)bLF(U2>o%on*+IZ5-X8B^+1CR5N-6QQk&;3} zn7>6|{!9#RB@jGZs*1$!^5#nJQfBWSJuPcbEzL!i-HABgJLk4m5zyecbkNRXV&hV= z@WYXj$b)J-%&_AY3z0eRg_u^$bjGI!M0ORGfRqK0zi$e$$D{Y5xI8hBkMx!n$9$7; zwsygoCi996LRTmn<(riplKR#pSB`%iSnHJ@+rRtp?20aU0{S{qUYVICt)%%&4?-za ze&X1iRpgnHX)T3es^F@;c)3dRVn(Ga&3TUq*HdwS;IFEFFh2*1!s9iwLKrrRLpV^l#%xd$Gt2pa}nRkX|=cq5*2w{`xJ<$xvee!zIv+!nc&C+;P4AJit7=uF<`BLIWs>y z6A&v;=+!Fk#%WX;>7{0<$*-(zIVGGN+bQ#B>i7`x`VChVFNvI|9Wi9JJ?T3E6{?1$ z`23%P306r@J({{CpOvLBXKzn>l;>FR>Xh~B^?{SgZX?bA(%$}$q%j~P!C%wPu1kai z4C(v0tXYT~9xU>|&=8;###DXRz|%MrIHQDWOUVsF^!2Y&M}`Jh97Dbxt4Lk*zgK+q z*ualf0IqDR=)3<L9ZsDOay)cSl} zSDqpAMgtm^AnU(R7j^U@%{)9{o(2Yx+|TDf+V_=qcXh_QrTjlnxQPgVI9_RBZ4Onr zOo%J#V_|zD<@SyqTD7TlMfV?G??IM-g~O#s%BRPd|M^9axxfF%G5^#iprpGJ9U02% z{H37R+(31Y>fhj6t;>nU2`b z5RzOS8KeuqYw+hUsdO)Ao=VBT!X#qVCEt|unL6j-RhBkaqa0NoaAs#)8RrY$j;*~BT3SWjZM}mqP zc{(U1(D#Z1Uk&&Ot&ii=)Z=&qbB=^sl=i;eo$OPSo6PVD5N~M-O3_+>V8Yr<;c6li zm*bCLaw7Cr_^-UTj}ZM7cy!KeTFBC3gi`Qv`aM$?r-JqaCI@!bvC;Cv@S(J!hoC8Y zW+9HVakCK+lbmEHxf2Fg`yeOIg__;@d$o-l_9eh^qM#d37`68bpo~!RLatic?qPQTgRR=r8`LX*E;EQ ziV>aUX*#sG{;X*!99gz9#j(iuYq6acdf*BDyeMFzuSTTMd_LFoi|F1HP)@)liEp|e zaYBHk&-iuAd?oB@)o52m+WNV;yQVV%Hd{~N!K<{zez|X~#r7&#SZFCo8N9wUBYM=u zurDR1@rg3iHqk>#RW+)vE!OfNM4NokOke%s_t1Sg+3On1u#jftRj=Vk9Q{BH{=h;0 zJHmj%2#1Xr8r?1=zSqvwLdUF|C8C0nZdlfeJ}_CBY>COqYBlxE0YO>(u0w+KOJGKU(bDBx=xkR z>|s$oEo!b7VjhkYh-y|k3GClb$iT|VEE5f5BuATrOf}b0apMs}hvUqfhsU9U*}nMt zy2o(U=Zrc+4y4^ruS$gu*%?c=`{xk5Nz?(B@E={E-Y$e=WsKLb(}ZqEzP>z$%(i?< z>lhPkGZ9pPWgB@c+sz>KS*t3Xn5Ec!YgYO zVAgIY6kLEYv~7WVAtsUaoC&>Ah}~Sn6CtdJi(;b>Mf|RPP7t@b)flf~wh{A!WDaiM zAnP3owd0oKs3K$|JAIny-a4rj3!i-mW9=Q9B)h3)+xWk>g zzs+l}$J3pe@s)bG-B%0O$@Xt2ZAVd%vYb*%4HUM|>H9-wN}IvAny!wR&AADAn{kIEHLB)HYp!_-*av;W^JcGjreD z-m+R^w@<@ny#~IS`F@b{JR^Bu8m&g}#$|ppi|iG_Z_Ma$gN80+|c zmGP@58e!?gfUJSA9nZ6GXoS#8fkeXiwI=jh=T zyBs2$>-Su4$R0uLt@T*=8Vhl27Z`cfPb9OSh08t^h^M_n;FIdALE$LK&C2XSe~sCg zd3zS#=@Z_CSyESdMrdYaP&zr&p_xP4BOF(bTTO@-Rzzt@@>C91Ez@?%Jb! z@}W^z0s|j6Y{i1Rrind>bq)=Q(m8icqbVcCUxN&im;OYurF`x1sfKmxWnZ5xQ+I3o zAPhPMVu>4%qM!qdrg9cdu?MtrIe=$BOblJ`Eq4HeQ(QyC;*@kU2qH;nVS z5Olv-RM;uWAgP^lxoSVu_1S8BwClJ#@#|a9S&uAPoPCbc$5|)z4BlL)BL#glDzv}Z z$N{x?d!ze#Sn-fXIt6ZEL;ZG}>+?M$aeq757+8OAhSAsC6CsOZ`X3YwD2WdAp9n%s zv5gN0{t&meh4?d#K9c6Fh>z+Vu03Bjn% zZMI9v!-5xblbjI~lwe*%7YMbwxilRSMMfeCOT|fh-$EpaOPJkiCV+cO6XJfrH@Tf% zk~4T-l08^;(H(Np@vAcUW)|Y!X_j{9vcT<1)Q!08s_p~E#Bn;b6<64kA|A07vmN@> zMyRC-O2qhjqjr{jBrU?{bQ0=0g^~6`9cKAm+N7>9S3dsh2Zne?h=qPca0B1JJoxq{ z+%eR{nu<|$IWEWhzS;ffbNo_*tLQC}?^~!oEe{ieBZwCzumGyo+2d0n@nPP0OkA7z z-~Dj^q!^q)+z|39sgQuWZ`3*8rBJiT4oBH7XZuM+NGV#369h9YNzO-Qd)GHQgRA3W zi|{8!x3v8PGH5OMcFRDB)bkJl;Cq-XR?4satZFL#g!uS_9yeXUZj2Aw|7_+?Tp+obC$2O|MkT> zo|8>J**SV5D)U#qhr7EVYE!j^{Z3-g{|wL;I?iu(3Qr7yg*@luzKlf2kozT~HCtm<75=?>^cgI8s> z4@AmqC!*0sk6dn?#`QNT*?X_th)=nfZ;34GUvW%T>p3D}v)lrCztM@>O!GkQDxt@u z*Z1p@-bF;CgB`n^Y7L_>qm0TaR!mRvzv_z3bgUZx#uyfzRbm5$iykJYg+jc#dMM(@ zz(>txj+<2#-OSEf+fF*?GTuav5-&Ypx;ArwG$pY*8rndx7X|GAq@=D3z%L&ICHhB> z&W3<1b2I{}nPYobmAop>?vBkj5qY}n1f__ZD^wcOp#z4MeiPz4Mo~XvPr+rn;r=8? zb|RzWI*=9d>m~i$%eL>!)n0-75sG0hu$fIv2 zCYr_u(9%c^QDqbr@?D$OHJZnuMA}HX)oMlLJc$H6;uxUl&azUo<-@+Ppa4h)0baBy zWW?WxdZ%l#cQm6LX3SLOe&LPDibB_Cn`M3g(SCl9pRzv&e!Xmj9kom?#obvVdj-Av zlroLVIJSwK$rmM2)|Mt6`P|eyE~H9&t2;0#C5!-@TyrH+jYUk_5h2Y~dDZt13@0>#p;{8-6#2%v#)ssYAy1*Pedl7)A6+c^A(<9z(ZT#aSaa-QVfPN2yon@2zLRigH! zO8atLFl95Dok(Loh4RcD@s3E;5~gKI0G=z3{B(5}N`WsZU8{*GO^i%H+d96NL&$=7 zX!ZliSPFuOz29az0d6e7EKLB}WJE%_{Wpe<8J_=}(FW?mFInf^qJYkjRBP;*#5^6i z>Q2n2vGzm5Sdqbo=i#c&1$oS9VMzY+Y5rcg=zHq+(2!7_H`xLnsPFE#R4;dDT<(0o zU!3p;9jKy%PWx#fC1|u@b@plx(P@Q&A*6=J7utMR`Ga3$v@0kKx06i1)2-)0(8H?sS8qx^zKU@r& zCf20B{&v4OQ@AWwkK0a4kcuY8|9N%EkKNnqxtn~fl_?5@{zx0b9(Ldu0BUpL{LCmk z>T8LMX%rB(A{~$WMYrPEJDtDpk>tqxf_#2%u7@RG*<>=FmJ}>;vwyDj@FUS7h$*zI zHdNa2?nsb^5kV=c-y+{1{EdbdHxV_v$Ku4x2Es=j%X--)A{}z(mj5RI8#Lp5>bJw< z{hsq4%ogoU`dIC^Dd_i(%|^;5!5T#kUw&aCH`xKbpPXFNXe!SKC+JD4_f(qN*7Kni z*iW!1l}e{Z`fgo1a8FY4AY6|SY2zS+q_;Amr!$Ltmk@lRt)+c^;bCu_4y}|38jTFO zc`yfcgHN5vAInTObp)m+Lh+Bc z7k7~~O5uU|Vz*R44lnm9;L4PVO&hjKkACL9S^%;2VhGjG*Q5|OvzES*>VG+Q*byL{ zkdT%fyMd|>akX1-4kWlgxbAvK7eFSH+rFlg!obx~x;s8Dri^Ky=?Jf~psXZJOLABJ z??kx#yleN;Z@MgZT^M-ooiO*Fdmd+-g>~wbC^oHbQA4~t8-MA&ZU^F){5-G~)0dcT zzik2fyKE=BvD)L4lIVY0)Y)GPSgAeZv=W&I{@@QA>(!tSi4^7m8m^y)-26EKuWov5$^OWW)ONIG$Dt- z!lOxv|B@@t@E+up$YVNvLrh~buapT6t{8vjKRzC2l#K})Vu&j^P~Q8vPF~30d^B;=%nZ?l*VW{r8|r`p zzBcSYa)`|ATLHow|1M8lo|9Lxq(*VIH8QBghNVY28vnwIWq%s_&jWT*9#!=yoLwYhJ5{xT~{lFql zR$QYC{Idji{fyKqGp)2;{0UIG`f&E%aC`RAi)xgJgF@!1&)h=?ZX(KFma}S?%zA*_ z29eCd%+X8&{FeFD}~n*~=uCr(1ns zuD6aQSz=U_WL!H}rVanZn((2`i5SAWdl|Qf(M9w2lbyF79mjnoea0wne=98@)+-Em z1Lw-A^&l-mR{l0iNf-2R?>9kGyB~S~{#%)z0Y)^2Q>f~~3U{~>XOhp3eQ*`MZnp>Q zx?9+YJ~>g#e(uFMn#W_>b9n%|CVA$RM2&nKkU|*>7W?eri(Jg1%-oIqJ0)m$_!O29 z$62zU-QGsZ_Pr+>TdCmMsPA#IhBdMk$kJqII*Ff#7r2-DSQ$Myw`1|S0Gn@rDSDcU z!7F`#x$C*#t0iPN272c8_L#_Jr?ckh2P zO9r%Tmxe%&sSj0D3wGy=So>`b%*ao@VCzQCi4^VflAm8WaPN%XGxqPdqjRHs!?P3Z z17RO|g>x7^m9yhypI9fHjLtZ2)H4f;<*7aU4-%vmM<33i8gq( zQcHuoc$>|SKU5tJFE95%8NV}ocYxMxD9o{D6Vz+9=mUjC_VwZraii2?wc8TIE@nZD z%1l)IU5t$|{lhaAgY-aMge-Mt9Q1OVZZNB!rmTu^(yB2E|Pg<$FU+%Agscd z8TLV6LrVSmF3I1?Y@p$@}`FO{ed8GQNT+>r^8>=+m`JPtN=s12Q0hw zH#_NcKVtP`zP2$l8S!{I))yHZdhs&0h+H2;iaohduDVe7L-q4Lfc9-^_72^q>Hb$D z&~p$ccKJ(c$!F112%p=3OeG9_@LB}WAILG?aD+)ZFs zHNxub%EdDRXdZvcG$HnRCwZX_@fbI5-t=PjeNfCS&1aTRRRcQL9vG&{O#2GpH@M^{ z5C(yLVF@mTLI%Yc;HDd!CK3E$J1r(NDBp?Oqqvy zGrvf_b=je<8#A2=C056AN1K(}?Xn?>$#yy$%_ugJE(|mn=dGakC#pC1Ho^!Nu0KI} zbaF(3Y(h^vL*PwFYYp10o@_j{&DNLi2PJ=Er3Cr!kY)LC-xC0h{s;tLH98UfUj3pp z;TX{D-~Su=N_a6D(`aeTznp`4*?w16vhn0q%pStJ_d8)-#r+eknl`fZyiMo++v+?- zr!f5L3S}TU>w8Vi6*0M<$e`^L!Rzu2%#Uz1{dG?z?B*7gXRZ=R%sS6hEP;RsF<7< zf#>UtPUn8m zm~$3*SQ+H)_KDEFVX?de9lx1a^x2ab(zg9)>%EHigVJc>1*!xB<3gRiFlN|Fibg>* zHQc11mnf=2-+mnw&wi`!CRWWS(T91pfqjy}_s$jnXc2qw9qaO*^d4E;jEGmV%pt@5 zu14K16a`WIU;`JnW#!4u-GCkTDl|`90I#iH=*9XG(tU*jc;0U=@B2=W?aD{5G|mM% z6<3ITyy`zPqrX)i{xF4%uI9uHtvF8>$pFruFlP&^c2S+qAxZrR9%fXSqwy~g7xSdC zscE)C)LC-}?FrQEV*9hKbvI|!!^ZB{K{*QCn;lR|wsaE_LF0+Kz~#CCHvHO0d2njaW%oJ0VWW}|tld=hws z)uFxU*lc{g1??iHDL{V-^#uL)qn`?|mDKLq7tF(ewl410f$P!on za@?P#dx5VcF_sMVgI}M~c97l;+}E(>$XX%W`KULCv_B__OjqPOVn!+pa3G`PW|)V^ zz8UV@ka`6K27RbF6cQeV>eIe*y;o&hQc2`ffqRMp15Q4dxt!B2`)Z5Wl#l36PfnE+ zWm)cBv*kLQAAU#Vy{`inLX>~Xfxm6|#yYE(~0e*UTY}oa8XoRdm?4-Hn zHj3b}y)wC=I`?K73CQBpcaCCZBk^tCzH5aTgni5OenZcGx6a@8=g`Hv?i&&QbV9lw ztjkPD0IEg*81+#%KcxYxeMmI!b&j14Ry^Dagwakmey&8S&Gw|`D8cDuKH=fs+oO04 z)-cYPk`0qJMFm_FMKx{8RrPNP!~>(gsW4h+HFEc*q8Zmj!8TUuImcv-+Ww$vx!k`V z{o7_`!sh09KTtfB(~H-)GUdLjQv7Ok{Oir(x}zEDl}8HDqsn%H?Mh+&%c;j56=RpY zPBp{vfw~rxKLNQ??=OyXMGQuC3Kdt!%D0~<{rQ#dhv)FjXxkpY8RLl8vlIK( z^C9985EMp%FERC_?Y*tP7YHtJ9u^9|*9eBU4LgX48HZjH! zgaP+8gLqaW}1qe&G9ZW_bL(*1-(CU#>9?O#?**R_~6qJkPw z8$MjN7mU5CisATuk=&SAor}pNr+t;!Q~WFdNbS>b;i-Ne|KTjRZiZn8TSZ;1xXlv% z6q1koJqF>$*CItYA*YlMTX^w(pxp0!-w4K+P>}(JRuQ3h1+r~=B=d0-A9QOMSsmu{ zzxYuwyGMhKT7{!$TOFkpCczKjDEFYJ-9AtR#kz$0$?o~2kJG6}xQEiBVzlH18A$co zNcpegek9WQ^IL&CFh=mDTp4^`tv^JD7&gTzN5Zb8j%$7152p{`d%Pvv(RGiX?Q6`4 z(BW*JMRtNIdW9p)!zSXf1-SE072NAcy&>>c-x1W;jH+JWhL1Xyec6t0u1SG_`ls!} z%|Cs5wwSLs?f~xOLITJuffa@eN}$EXkfsmRH;(VVm75Qbi2_~zE##Ju}UvPA`|i)1d7 zAC>Q)IFJ$yUnN#xVC8hCa!@kpoI{HG=5jacNm=M^*K@VA2ajWS^DAmP2eGpdx|?Bc z7lJA6>peWGjEOS<*BVaI1q?lL#rB6bEfF}^J0gl5$Fk7dR84qvgwygd1;)%&&}nFt z#V{PPCeT9;2lF@e@Ig*wfA?^MP(`y?a~fO|t7}koIgaPwuwT12g&*`^8P)dIBrW;3 z)-DxwnqPH)fYkOc)?3aijW2@#;_gL6p>J3XHM*=gNDUzxzJ$8Aw`LUZWJrB(jpLcb zgY{Y%KtS!eE2>g-`H{Cyi&={RZZS?H%NNSrDm&Gbl{(x;B;!;6jLad_84>zUN~)N( zwnb| z{$eWVI~beSo$jwP!!h9eep`!#{~%s<4w{tf0an_ngBSbW4oM~x_J(*{TfEOos7(Yv zD(J7h=SXX`PXC}(6#6asO^_}?U&Lj#1V8GQD0%xWW>ulum03rk##s~lTuVCptkwPY zjG6k!J-d;8XpmK9Xypc^kb^pPe#ObpoPiXVJ|-^VDScPw;F8BVV+RX?3=z|TKa+9a zIM}-Ac`2UVDP|DU6@@kL<%arH;jpGbvH#EW0iN6`mqsj8k*QIWK=w0I8!CPmPMk+l5GD7 ze^h3nl3uOVM`_SAN?5VgZ+}o%+p}+r`h+$o>kAhEbPqy|6M_O=5sSnoWM4mPxs*84 z@-!)->TAWU7DX8(6gCiok-j6-GN;j5`^*&fz67?>J z1vCt0^pROj@O`RfQaA8AWVd4D?)}RKNo1!TBZ%uoH9DMV?uF-u z2mM(kLQ^T?=}xcV2Bj}K`!X9T#W+5WYxUV`daTcdj*(UX8KIi*{Rff5Vi|dbK^o+L0qit1S4ncb?2mDBT}k!0xy33q~tFW(ICcpNcUWUL{xOyUpg_Rv=0< z+hC*^p1VqI!R!o`vTbZ+0ZwGIwrC9bbnRA)PZFBS6m%aRu_1!i5c-o92<-pFj(4*Fd!ndk^irqzox4>qh*}yW)fqyZuu+QH|1$ds+2*Z6(K{ia`~$ zih+J24QsT`Dw?e7q8QjDcWo2QJ9VH0icrnfzbSfA(L4`RWa053)yy9NaXO*Ad4;P zZ6o-AA)TQEfg4!b;JxRC%{-Rxz=M70)mG+D2qKKq!eyI>M`3&4@wQRl)(*{SqRwFN zwkYo}dF9Zz@q)K|X|ky%Wfjy0ku?850IEP$zeL#>qJ-3w?0r3D8OSQAL|VfY3*(eO z)Q2s_ZMUt#lRFn+Lxcx{UFmd49ftA_FV&wTU@ASSASh9I7zI*>- zY>V|l2xVBux=+UObm80z3h+a$mla%x>sch&xM1^a6CI3Ow$oXHbKE>Imd31LED530 zBKJBS>kL>9n&6he+kSd1tB=~g^GGG2GCiBisYUQSeitF-VBi^P_7JY$-UXEf_#4R<4h zYlX2H=0yxv2aMk{c(xp-!{SHz$fGi9GWEu!kHK@4+9MEmZ}fwUbvw#gS0Oo>dF`ip zX5+m0>NA^gH_s4pUQ{Y_EDZC)0a}e13mrVHhS6WiNYL@~VpP62u8~e!8kec7vh8k1 z+qiRpVO-;JIS$(4UJTdPPvBtVNO|A13(xG1!OkWA2>0e%#x=!sjq-5kddGK>NQ+vO zHT5XQ4FXBF;Ov9Z{mAkIOQX&2Vda9|V+-!<0VwhXJIJrSsLq^{5b zZl0E?z1V>IHtHNrIBW~Chc68EyvBlr_q@#{1bpGc<(mxYf9i*)~>( zyTgz7G@Qw}2f4Zjp>tCU zkuq{A)3LZWj_ZI2_u5gJ6z5tMT>Ttj-PeKMDjF}QkjY2CwG9t!i=7~o%6{R&wZvZo z`>IORb_{?i@yE2l_@!7H7lcKQ{U|x!gos-=W9Qa5>TTT+Ji2FbPiD$Fch*lGDlSp< zl>GyJ(0F>%IeZ~jvyV130A|;9Ag^hnbwcIlf#|jC@aPI}1ooCuM_GjTGn-(1YcuqL z{HItSlJ;aP>FqAJKIkJ?;kI3@y}Kh8Ynci*$aJkX>T0Rm?#Ql3b4}-%cX2Tm39FaU zd0{;!j>U-1I=~fTUi4PikI~gmx$IamZI632zOXwQOI*9rke!V;4iuw=$3-J0VK}m} z4Z}lEZ^M`FT!jb4zDXm>olE?%$jhE<1Le@mA1jxS+c%d7;1-`goMZ9hZW_}?Q|ov( zSi2ch&5QDjCCCEXt~T+ccHI&cL=pD>6ztM?HGx+i;+CQ7C3S!f`iWpaZo- zXsfKk#iKb$QA4<=bAa5!q?OcE} z8V;6m-{cNttqp{~iy7=&OK{?F7S3iCBe#vl05$g_Pe%l3+K@wU{hH=J^stW>`axLH z5RjHrf}~7F&$SFg?eEB4tOr#Y**JGD6NgfZ`FEE-7g+BoIj@R^4Y^;KQyJLbj`~U( zmov+dn8{8d~Q8TTW#R$sbf(;3k>vhpdh;njXXb0>MzH!SiOv%$#L#i zJr+K3%dl}p1Xj8AqABSJUOXWp1qY{9NSO|;gNB6#*KWka%XP4-NXMzu8TdH2bMyeM zeD^YAQJ#{4^B1zF9g8W&X;y{*kLe@pf z262vxSx!&X9r4(;l!lLi8f0C}!pVz;IFnwC^!zGR&>dXQmrh%oA#_yEpbuA|FrP)Y zCpi~e!_6m%p3|%GrMsiC(6JYt6-As=SvbNuA?8DVSu0=a7(&mNRu#{KriOzF9O9hd z-oWQSk%QA|ML3^XiQFnWpU@~6%5$~5SqBvc%_ykq8CAAV+W#xyAkvogHrJuJkp0fC zKw{Yd>>Wi2dLPJF5)^nm(0wCN(S#$N?r8!8H$n{Yb4 zWz6%6$Pz1SC#>AH9vi}F5UMRg(y?T`lGk~aMgzlpg)_bCw%!>DFDg@A-Ixl7^3s@| zj>KN(D|e!DoeBppcLxNz^&{zUExI{oYA+RkIf$wwX~^MP*=^^JuIr$}6T9G2Mc#HN&Vm zR)i9A81Inl6%mcNs6fQHnA5q=0g=li5$dAHKv4lso#I^OJ7CQG z(K6WDH%!^)9MT0~?L8at#nl0bW|T;4X#tKL&F1flxu4dcqKnb~S{)VyF`D0L0L@j6 zsH&ycwu!Dr?G=tSo0j3R?aZs(S%R#@e4OA%?Ee?(^i^8j&9S$_U|Ta<@=HdQSVFSK z_aV}ulYJbc7##huX~!Bouz`ENk1Z^kDv_0xhSRCcZoocd=2xS(f#)VyJ)IZn08rX8s<0Pc zz)^G_xnpMn?qHSzHOC_HOfF8b|7SDHk&@epPPGR9)IS7!Fx`;86JZKWMk1ZSyC=($R@XOf&1Maz_!!*(=yGf{ju#c*UXJ9#lo+t%zk70g z$B(B?E6OUW$2b>?bUXu{ZKx_Sj9Vfj&H8xO)A4*d*inZI+%t0K(QqK-Ixvb#>YdAR z&sr~pb(JBRV{v+9EYb^G(Ba^ujD@cQPmwgFrZO5wAT%0zt!!zSiC%-p?^}TN9s}qv z%*XNLIXE?P9?mIgL}MR+%P8CalvL#NTwN;^{xlGXnWgS-;Q7Cd&tHSQ%6>TbiO51a zIuvqmIGu`*N6rC8xlT+k#Ko*qWYJS&#AzRPYDa{xT!*FZ!*HTwhpVp-7R39(yM+qD zi!5Zy$Q7ZuHRm4d=fems7MiW8ZA5aNK^O#w5JubGa_f>Y98ONc!N-;ct4=!gj^kiW z1C`&}Rk${3=r!i(OiMyqrwuGsj_{%(##QHlFn>LYQyNjv`E2Vg6!{jY=6K~d@jZcik4QIV z#>^)jm7IgQl&Sm%d zBHyj3AEcp^`5eqraPqcL6s?LY&H zDmzfuM%gu43w>ka5F6%$7>SJnritS+3!aG*p-JNaYVZEJDg+EA?U;u=+7f$ZdToS=N3 zY0mpC&l0df9ZF^a1exhzp@fr6M~SS?3;{+ zVsw&7!7p^Qj&zcnu+C~N;WJo?SI#$#M)jC;UDh+I&~#oDwwS}+!$FxB`DY7}K1YTF zOOZFt*xG7pQIJ)D#718%(F9=QE!_V20B-b5J6=wUNi9R9=y}u4h=a+R8DDzs-J+>5 z3C6ZSD-2Z>;>f8Zc=;{9;5GFze3=JWtq+#o&hWa83$cVn2BYFSaL1V}lxFv%?{Xee zv)ueeat0CJwd!F{w9`0}agxf5J?fG^z^HeO( zVb&^V_%2$5r#5jgo$2+TlZWG{lW~|KSZ5g~OXD4L$vGjw#|MknI-{ADr!RS+aKLT7 zu%5<~Ez6h=sIC}kM-Jl8S5N8Ji{MY z+AwU-(+mFevhr4Q;ifgIv91oe+^FW{y}$6 zx3r?Ur;mw(u0azoyiOsAv}DoVj5K_Bo=N1s_4!`8(|ITVRReo^?Y zr!%yC>9wsZ#qpQl!e7}5-8W7qBe9?vox?o9MXiRT^BOD( z@iP^mRBeUEY*jzxP%$5oAm;gF|7JZlpyiexILrfi)3CbR4Jhp`OMjI~$=~jKV`-bHy#H*<>@nh6Jdf4~vh+BM&Y>w4MqSM(OPT z^a9>HQ;yUTw`mU-Dyg=w$NlbFxO2@ID-?V#TW@T+eGxV+a)GKkpTz(_#qai(A%h3e z4yuG*=#{kgo{e~FBfV4?(L=SW37L6K%6W1wTi)qo$UAMgqTZ4n^;?Z+>1pXTA$8Hj zyOx*MBe$p)o%E)14v#>Dj$Xo+Z74K#QnRLqvj>&RejNMWCY(>JK#j4IoY^G~Ya<=W zq2MYw2qOejo^Dxyp4L`WWYHMKaQs(}Pzlp*hk*5T7;7M=C=$h&Y62M;DP-EI{<{WMtd&~AK*Mz7seqOaNz3b%7iq0q+2 zIeQoQ2gl;;TYM0u??469WPR|_S-kskCEry=w1gvq7sq1D_Qg=IiG+8=Vr+;hMKR}7 zY1ySWHurFEW)1Lze}4};(vIS-R}1lBey0*CW=@4$0MimiEoNjP6-hPYtb11D`cT9) z7at$GIHNw4D1B&0X#pJ%_)jJ9jrBL+yRP(8&6NNId#aTewzGMmpL0bok)haqLa+M$1}ynfuzp zn@*7(r5QL&L*TDo9m1Cqys@77twk*;7m+P;io>Qz#}N|hjb-tku32wk|?AqoHgn(s1FxQT%*gjpDs4Rzoc_KZJ#|W&~3p ziBJP$CNnd7{UiG{exGfWX&wASm*78E`7&Cf8xCPAbFeWZi6srqI$u1p#v1_+-RMlo#F6(;;g3fQ@-W2I z=J9-gdXNU12P17@-I9;}@0`WH)P^zB(kq4$8(gb>x;xO4d=Rg^Oy`_3&T(GDk~IMW z7*!Lq)EC-z8ehhHVu(I?2jP(?mm^NqhVJw zl~~E#Q`L=K$e8fbLIb3W8}+1a=%}ql_Sr-nJ;wRUls+Zgvo?L@9z4E123wr9SiUA0 z+Ea9xpq{jj>GIMtO3|{N=Z&Bsgm{$0-@1OR(bAHJADsu5h1kJXPXkOY9nEN9HEks+ z7a%^S>%(`xLc=JX31%{!LRYIyHI1 zofwVVWik#t2ae1Op{sSLaX9VZLHw0xYs0)??G3dDR@}Rpy5evs^I~li5>pJi+U_Zi zLc+MDrmwhKFci%b{+VYbuizaq#)n+&5#Hhs#M%XLQz+ zDG)C^rj1U1U5qy98@yzK=%68Q{JaQTwq9A2W;HKnFol%#Y{q8RUe1(a$@s(37Bq+u zVy9q6NE)AK}Td_6U{~Ih|RYwMi9di?JJo}`ICeA{;MhYl*$ibG!U)5yNw=iS$OfU zr?Ib^2TtPy&=Uw=oJh>c>}Os}t7{VenH7mJXQUWRNX*SZUpNS2@j(GA;r z8_H4g$t(E&^G9(Yk$I(C#Y;mI^3LtWOKEM$ZDFB4ofgr|J8UsUbwV)~xdnMwITnH! z_ep;>{JrQg(q2VxafTkx)M}s*c4dgVKbAxf^SHsov@b@vU>gRcqY%=bO3;kcI15fBL9m{4rd^uem}BL4B> zY5e(vOGX3Hl^VW$7qeEwq(#%LMeUDJM9>Q9EjXlH#E+SC{vr>eLWgF?CvUE1Er91g z#=g9ER9G=3P^dp{iM^H&IfHwZ)uV}u&J4a354ll+>FoeIUXE=#Z@7E8A;N)g4E3T8 zS~uuiZfGVP+=t8Nj6+RY8s2^N1AOztd?YfLZWrHHGE1xYelSw3gXu^->};6JR}nZc ze=G9adr(isy_VtnOPI~bSm0ghrwwb0`7(WhJH2WL>QK!B>MUb6KdpvdlVhoVnRa*k96)PZ=ds)gn48-pH9A=};<8GBT&2zl{bYD$wWQ z<;2@ZhqY^C>D|qUpOSOjHxJ=I$wB0WHhTNEbT;EcYC8V@!a3}3Vv3*{ASgP@8We9F z#xKrQau3$?y{Z`}GRmnu;Vfs3K)6$h$a^v?ADrlA7`15u;`!fdr4MKD3mOeX+As0Q zW|Ya|q|?~*+DCXk+nf=4PE3)bgP))Ajn&X04GY-n7Eu zvdzXT|2Tv9^TwX<0yi#TjSNo&v{W)W@l$;3|FUqHiYPG_X4HNT_1EC!D{tZ-$I5W3 zhJ{$EWLmn!m5TpK%2$>!;sIHCUD3nE=$YZ3%p##at8*V~n<1ko%dIpVA z3`|uS?oZF)K6+-S45DR{T=r&EaiyI*h##1Y*Y5xQ1V24WuSpuEkbMyU{fqybIG+D~ z5HFmbuf=W#k2l#@JObz~?1Dh622|%I;@_Un#&MIe=;^4$iC0*!hRVRqVGp?ZM>16i zgI`54%8_PG#Y_Oxzu9u$R#Y)Ew~XnGMph~Dl_n~8&$3qN3x7R;7xH^ha19P4O@%ZX zy!-~9c{c+Gn0lp&=YX>M8oYR@gmtjEYA|9;!!%5O#)lw>AV!Uh=OBh($fPNUJf;Jj zj6+{rJM!M&i=Vu36n{LCKWa1(w-9SoQBo?7esqzAw#5~hLW@QwXXi-J*0}f|y!P#WU>KCepWywYrB+WfxO&kj*+7#>W+T^$S_EY7g`3zi>EjqN9*$AKEkU z!KZ0>-n0+gJH=QW*pq}qE%fx)#9_?>4dMf)$CdxdC-~hP$CN#*n0v6$lO7Zi9ED7> zOW8Mfby4)B%CW7M5n+6v6#iyCT1JU8{TJ;lW1ADB1PN~;&%V|z+{+oA$wPJk`x>~V580G~d z^0_`Jx>~LeVqOSctymveGkTiFh$7oSEQvCQld6jK6?jjPFL7KGXZOCI4E*1JKaVdN z_s#DZ_6T>Ywq@ zPv6Fm_hccpvI|y9&dhLp;mP~(_dh(z!fm(W2TSNlX!5cyavWM%xM2m0F?nij7@pLG z9EK51)z0Krpt!D?5pRxssR}~`g>pW07=2CEsM`M*JbRqsR1BFK)9TxJpynZaTqpG` zo$RDyX!!zKaP3-=$QOmww3&MhSy-4Ol*MBLXq~oT-GK6ZhMe&pV~vJl!0VBc--rsH zMC|xt;>mnu=Cdi=J!83G*jVHmeD~!a;RAk-@w4~YNAT|~iY&@dbrhV$`=6xZ?NhBY zzM}l1Bp?Y$0+PVw1d16Z`KSN<4K_aZzqscw!iX@Vx4NsxImlh6K8ew7JUE@DyX2VG z&KhnVVD$2h-#W^XpOK1Z->pZRk|T9&JI-_!6^(6*hn*V_vm#7$s+LC&nyVTM;W@d4 zh69n)wxp7Vi&X66%`TU7b4-7z7;=pDM?5uOEl1AbOeKpc-uR<%U3+LtC0Ybu_#K#6 zzMY1*(xM88(wf)jsC?xpJotj>&Ga#YG;&m@<)WaKDZOTKIa}s{k6020e=4&uB?l^_ zhU$?>rDRQ0FLR39!<{+$Z>(0s)Si_{%reK|pbH{cZ_L-nL_5RI`i3(XcmUJqupoQY z#Z2UNGiA%jLzr?Hs-UO!r1CI34h?7b;oU>W@nZJ4voGHZ`s!P0rcs<6O`2H8nRbBQ zc-bZ9@bdCz9{X_Crnt2JIB=YzmV`2ukrn!AfGB2PN1cl1bU@npUcywcXBGeMOO3{a z%FJ{;&p+gob#9Zo=wZy_|WHG$QM&$r6Mx}+@+4Anj zCMIvAB9jG$AE34C2kRh%XO;B}dQWQ_9h7FEOM0+(2InUJyuy zxdt{(OpTXY#B@(XW79(_ITjj`!89@jOtoS|M^bMuSL#VG8FBgthEP=9NMq3e{8y~P zz4zUUA5jMu$N4%RdaKLfYt1@?LkB-*A!hc;#Os(Hgq|tPYH9f$pSeqL2xOhFnQ$nf z;&d_&m+KeZX=qz-0|QUE$4~Wbru}0Ixr2ubF+i@Pt(C=;(-ZMxaW6`)f#C(+b*RWW zi|_m{9r+yhOHCN98)&p(mXvu66K@dv0M}}JEhE&v`V_vmEgE-u*~|gp4whLZrhd8=x201l#MAQ9pZzq znAWDgv#CfbC>@QEnPJy%=&wz9^5Fp%AgQZHKJ&EgdG{my^f&L~JI@`$?>=fkU5|>u z0$BKQIqrCPH~#g3P!>lq##OU;g1IY0_iR|?gdQ%OaaGk*dl7V0H=(Jm8yy5|&BLfY zU;O98*}kv48LuJ+9E!ymUogR1%N` zB!SO3fj)Z6)K)Nzx3CI%G+4Kb{HNEX@zBe{YPAeWZJFSWFvJ(wVIJ16Nk^{kCd2gf zV2!0J=4>6DBpkGzUO|0)>9F9wX=U<)H`z^lJILb-$3ldhT3NYZJJU)8v&eNDz0I=H zYZY&lnWps9GmbGT)CU`vd%qCh zy>Py`Rx@d?AiC0UAo9)+@nycctQxIU)?7}XYkF@RK7SCScpX^)+TNW-GH=<1XD6H| zAH{F}iK4R9W$DIDyc+2d?XKbgXYjM^-G{A6swG>89z>l zV)}|uKh{y`XvW3!RSb!zAz#eJ>&V8LAB zNd+xb!d%@3Im8XNx-gI4zpX56I&Sk~#Qm9%Kf?Ea_BOu$hl{w-*iGM176nx~!Ow#Q zQ_Y!snMKiCl*+0T+dywWnoH`?$Z;98Wm+UEIZaJDb=j#neUcII%tLLh3&FBmw&L+; z9>h<+e=mOh#5!gTaEHG}q!Jw8nD2XBAKFZdCzyQwa($T7@wpxsv$Kaaz48N9%n{yM zjXZ`trH-FtQ}#tOi$U-jxwe=8=fMiMQ3dbnuKDG>$MGyy>|TPB|V7P zC7MuD${gzBi;ng(MGBR~q9(#jny3#W3?gfn)B8D0g+8XWNK0hVcNTn~;U#8rn;Y^w zzAWIYr8lyj3+o%Kz7;?ImoMPAljvf;b4xImvsRPHpD%PVrfIx;nI0#1|6ACXR>J)E z&IpO84(zde@&EqyQ9Spp9r(`9NUR8$Tq!#rP}-RHzP!8=Rm_Pr<~-ERdOHPY@rz%+ zif{k&5HovJj;2Qu95l=rG7}E*jFy{>gYj8Bf*0YQ+i%6s{^{OPot8njbr1gK!2~QL z3fn35s$Acg9hsr=nMGouWZEq5%y49vp$X`&xNC56Jt9wz&!Dap0t6^Wn)`zB|`vB{9xHAgQLosG39JsIfQNbP^!m4}yEyzl( zMjcbS&*^$&uTpfiyoI8x6>D{7)iecO#*Kl{)f(r8(AA3dLFj6yS|7x`FzRYe*9X(f zidrK6KAzaR+7}wjP86|za4~C`U4smJ^EzEjFFxtiRu0EqEOL{d&zydVc>TjOqn~|A z49TIlP+$TV4i>!F7R}s@ijm2J3oQ$~*-=2PI3XD-NuB-FO}zN?@H0Mj*IYlju=ICy zc5?xk__}GYcVu5y`~Zl0UXdZsTu7( zRNzNNvWPl)aD5$JW4A7gcXv%P6Q8(y2np^`pg_H)w55fX z%2#hGrBIxNgaqR5KFQ1^8FzQP<8JqR_nEoL9iK@i5Yn^%XP$mPx%b?C-o4h^doOuc zCo5S_X0f*mgMR~ltf{Q9*H#~j#b@V=kgsI}$ElNV*lHnHi$XBR&uW0J7A{I{8245G z8M*jj`pl_Ao(VV14MLQgJ`9Fm3~5$9jBHAN(jg)x8ZFhV{!W(mtS=ad5`I$E7THdI zw4B%kHsz+BVzXu^CwtON3U4rnp)H(wzVox_KuZ~$D)Zh`E-3IPa#q5JcO@Sr5D0iE9}E?zFJ`)hSQ6FKd8?{1Sdz#^`sBDCJ)g}M#!w5&~V9^-|u#P zaD-Zm-k%g4Pn~V-GM;!6?`+wI*SDO;wpcdg>SPlhuUWXC&2?wF2qPmxa|{@8BO0bE zum3xU&6&|2Z3?WC<@>GNStnSeZXPopjCwdHp&UxF;V`RlyjQVye!rXV*4@^Ox{5L+ zWfqP2m&!<4UQH)2mp4CcQ5)7t#UH$#Fk3G_0b76b5nkrs&)z~O zHiThWARCO_=FRRF-c0_gjDU=QjDU=QjDUoIK6@ewT8G;`bWPb1FfbTlwz|+`Q@E52 zQhJc?b3DV?g{ATg9C𝔽ZL8zt>v5~4iDfq-;Y95P#qGQg&}x;i3TcN`D=8a^sA zltd=u&~%hqy;TB395jW~No0PD%Uu__S{3D`qn{@WYfw--p1Ovw2oQ1#x3eF^B?jLV zT6S<}DSNO3la3f1(kFMUuY)PusP$`iUTQ^GT5^rzKrwM zbH?=PY~X061p^lsxJ(MfEM^?sMyl?jK?k0Q-quu{FKMl@Phx66sygPZ>9+=ZsnOBITTXy67 zZymzF_Flz-E4jE*$OhmY<_MU(1mAmd6<*mm2@C1n6CDeCcTwUnfpZw=D%@Eg=N(!} zdn@kIO71y2)PbSh$wN(BEMUht{2;XZ{0(hk+~`bgyG?!&EnQuh2LvO~!5CI`%z#Zz z$6<1hu*d0LKZGx)OZZ~w{BK|nfRwC}eK9Gy706~OhkD~t6-db^&*RPa_Or*(d2BzI ziSrqSNU3Iyv0Di4*|-{ie{m@uonc3=cLoFRFl4X$q;3)iC3_5+yLw^c(@)^Vd&AgB zTA#FQbpy^KCCDmf6^*EN8_ky8Vfc)FI^CpWYGHL+75}##ZDy|UX1~y%{_+XD$-lQ= zT!?3(Li6VI75$pA*D~M`)Y-K7!60^s}=U4a~Nl> zp}iAaJze0d+lK-%3@Za~a<)f(UByE5@IP8~moPtplEWzfsh8IBIt(q`Gi zCOs7jHt88lc0QX9iL87JMov2wwaDdWeaB!+9?1^&KPczntkaT?1ARTI40)`hhXPex zRnHRK4m20C(Z<&Iu;%$ckNCIgSKINk!!>BRl?;GdR!6WTs;{Nnu+uHizJ?R$$ZL9u zjiEWLB4%P?s3#VQWt4}EfQ*2QfQ*2Qz#WW$yR{k2$TfMphb_587cZRxSN>K>ZZV43 zn_#?S68X-;yMu=o zo#PJn)-d3Ca_}%=1{s@ui%zKnhPWUWRg!{$&a9@KcpUzi&C^CXPd@O6gLvcQZ6t@k zX`Gqi-&uud^6n}c1edfme7w!1po!p`bzw)!)=D;#%NpE4PaTH_HnID9aj3(kH1afG zEti5p;i10d4>p0fgC(Z=*wG2B!0{8Av=_Z+>~HF@hGyb zX7<{Q`O&?72`X!7tH)BMK;1GT?TD2q?_f`f0^0i9VKD?R_d;gG`|$S~%d3#Xv&{d> zC{xsciDI14###?W)}#iI|-#5`X+iGuG=8UhDFZ*|i+*n7cx+C01%0yvQxrdTwC{`0#7 zuzVXY{o@qKY^FykT$IhT^gs zPA46vMQJ#={R{l^)qhF0`n5Mt;ZkuI>h$d~l?496R(n&JR8H{*%5y1uyophLX+Qq) zmw%6XCVcFjtJt16(Oyj!^xZc4a?Pk_M7R#6$7&tIwDXa;b+ci+YNBm>SqIwU8 zI)1*Qra`(;g#>%UYRF474Y;K#<_5bl!ly|d#5y!^J%*uEygp@-SyGi#imOKwq>kv# zw zukjK7);zT9p_-SWwDi1Tn-7X#^oj_-skKn@2x?{Sikab>q?#!}T51DwbH|=W)jL;T z1bMM>m}5N~j1?m~nq|Hdopp2Tu#Wr$BLf(kn@Ak4>Iw0N)>a5yvkXf;P2n;Ir@d&v zIceS^y!_iAV)vWh!F%7Gj2V7I1p|7gBN`GGvN>xT&zmOXC?0qQ5?rDV?p}EEr%N%% z(G=FV<19D;86|U1jm+I~-}j!yJAeBjKKsoE{9x_ibFTW=YMF>qUEd^~t|UndS?)jD&^QJKOXXmsWx z)E|@01F*os7NPF!VNsrq3vBXOMhc$MhUo1e^x_x4zo8dl9$y___HgqP`s!qBjc^8b zx|rCNN;|8l8QQI>(u+ra`jVsw!{lIrh2Gnqse;Om7(r?(v6<MC4HNx<(uWdlbMW*SoGv$>IefJk4*hGr-2PTr z@%TgdO979~|mW}UkrER?>C>0`Yc3rAWd%Bso#-D1e* z?~Yis(7RvrbTLzv-CsP#12Y0`B%exIStZ&SI2hexj1O61U-a~Rc#hE}$33gL3KU39 z9nDKHzTdc$Kb=#-gi88T1ZAKZIsTid4-CgD2EN=X^5(jF8aXe7;NHmGYYb? z<;WGhe=G|Xqyo}*BIOLvOjdUoC<2E%zT3^>U}0he51wBPcnH+0OGR8_I?g0j_QSHi zNt0EPe0Pf1S6{jH6#>q^TgG9Yn4_-q zWlV4+omScE4kl5nZ1uT>c)b4MWn3s^KLraD$yR%)oxf|E+K|g0I$~Iv88Uf>7JL*R zVg8X_a0@dm+Z?<%J3}J&0aTF65X+u*7OkObu_e^#`fF&bwRb@DLj-BCE z&B;WxpIIOZ4NY|GIUyv#9aB9mNU9?a0A}!;Mc%JW9ba9 zDKm*f2XM_M9aA?MMlVYkFYq=Y{}A$<*gCmgmTy zkr9v)kP(m(xPgGu%nd$)p;$XF6j2djShZp@=DM+OqE3Sjc_Vo9kUTxY z0eEVJ1qi(b&U&H01TBMI9i%>NcX0O7} zAAa_xup+fdL2@ciFbTYMTzB^VYvDh|dz@=AI?_XaLUePiYD7JOZPB)Xt-S{pMmoVu zkJKzY&DnbTWAWN~_})q%1ljPvjNz7OP0FXJ*;BA#rXOZU1kjVtB8ui zy|V+cIMNUEW=3GuoJc&t)Ln~VCQwnTKz?Br>UGF5>^BRG0$mYiLr0}9`)BZ+ykOHZ zY+4?ISsteBt2KCZGfS{3o=q7WTTxFO0wQPNg=NH$6rtvQ92z1aM?;h6Lr*^}SveJ} zrg|Xoc7t(~&+qBxWx6Z@$@$C_Q`*4Z+Yhq>y)fIu0G5rVC}6YV7!@(I+Ha`i(8TP= zuN{Y$GSpNQBCc2m-NrtcwPXsGPIG1!Hv>iK=}2O8dc_zn>b4=1B)wQa{f1uLH`#Vr zy|_u(hxwX_RGGlS!b}QENp@C~$z4`Xn6hjxRxb+0ENfPUSEu8|6$Kmq4qYv!(u@0N z(JlzRm_-@v(+jHR9XuKt)KegtL7pz|bzZZgu#Wf3`={E#fwNYbHDm5Q{@$Kgz9JCQ zO?i)-z&GM9i;D7UT#n60RhJgbLZ)KLlF9w%ARP9N+)L(C#y0sH!a|>OPANxv#*NN& zN^BD(O6jsd+!K!I~Yz`cbr3>fd z;Shbe4C`Ma_kUXz;?jABY1V-w^>g9cxp;1|6FjwvY2Od(>FB}T!3~R-kw@Hxyw(zq zA|%j`xY!(I7B!&9&J{jU^YGFd4@|bwleoB*48Ln>TOpJ@@#`X-5nTRHxGc$*tpAV*5P?~d6k(5)6YZIM#Jh2Nup-*dJWmpNblB><_;1WIyFRl*7B5(R@ z`r?DVK^&efUA!@K{uJE1EEtnG1JycL@(AAqXMnxBq=6R7l40FcS-7 zIJwzK3C+el_!{-Jqf5cwuLYU7cr6nbNH=sjwE`I>t+csA_cu|(7@?D02&22St1Yf!-^-e>B@d+!xR}#FMa2=($W${v-7i| zqaT9;v#>r`A4V2dEIVQ2V`c>Tke^rj3-Z9MC?1Y^Fq}a_Z!b^5p`(d7n_h!T+7nS` zS<}!1TW2e{x;etb&VrnJw1ypqu(Y+|e{(@_pdXumL}DR3qG?xWBkn>xwjVA;F;6cN zzFo}jV_CXOgfG14n77g6;!~sa49#KZ#!D6(kgN`4ri8H)l`Xn3)@woTFjG2DoAlE}*MY|@QCeA#lIM~D0&J^w}hwo`K;5_Ul z&f*Xs4@?jD!{Wtu(1zB?CtggUUZIWOHN#MOb6y<>D_ zQM4}FvDI->K_}g@?R3lvJGO1xwrzE6+qRvG)v@_<&UyEqd*2vuy!*!dQ8lW5)LMJj znrrPjKk(@C4Gf1|qI1%sjvuxM&_c^OvEi$E!L%aN^5QV{;o}~EW0qng0G+Ida~$Kx zLny1GR1G>-LD7Tev)tuUTrgjef01xC3w#yUx(=OFTUW6CE@+PEsRhpc5Djm-!(UMC z0d*DQnqitH0dZT#fgH#VN2 zxKZq2mir+nB`N3c_C(3`Jcz4fnMf*av-Of>3J z8o@DeppQHGYhZ{>#I?;9oYtRNG?Fr{J$Ur|uRs|RIT7W)(YE1G9p?n89ZSi}gg7qB zrq>s!T8J$eT5me_1#^i6_+U>UHWWsbLfjwxJ6_Tw^V#0|S0M|-8`gxs{@P=?9HfM^ef?pBe!*hzI9Kuplv!{NjqFMid} zuBYRdy>K+3K29ttNX3qTOm0E}Y)T>->r$d&9D<2urvXw2O-e+p<=HqL?{9?`0Aw=K zMzK|#M1xtP6UQcfL%y7dA^ktOE=!ocvr!>KkQtrt1m->?TU$CHXUeTc0)c+re1>8Pct9b}U$CSSH)dt+d`n__r$RQgv3a_&k;?({xF>ZQ9qGh#BXj5MBxt16PqnrOvuYFZ zO^Y^u%A-?E0YY{C8o)JJpTiRwEJR%naIY^9L|8=p(7S-ugLBV~#YM^1JCV*BF1D*m zc4V6`l~Y+nBK^p~|J(p0RT+^Xmn!gdY8DS#_{K;<265;pf!{C~UH_*p=l4WS&Z{cfLtJ3++BYQ@^1=jcGJ8^H{{sHKp9>*^h z0G?Y7en4Q5b-1!N*M0`$qNj-$9qf$`&G#bC(8Ub+qjIgcQN^NrVdZ2~h(N#AAT5?C z6=BN;;`RPffmm}FUB2H%RFhYS*2=ar6FQbgGKP@g($YsRBrPbw2YRyW9bKZSeI}`` zV5$UHj1j8ZZl`haM@DIB$m8bt?^oCtvcaXX5DAj0aiUt2j~dFNXYD!8;VKaFz8KC0 zBAHOXv}6xzRcAyyBJmoywx{2|pA3Mqk8~@LCJ8UR^4XC-1vyL9(D+ih$Kl6XNHEwN z^oY??3w%)fAb8Pqh1*uBP3*e4Eke|}(O0t+Bc+Dy|7PBYC^8yO($HxYAfjK6tkJfOv$2Qa^#ET{r7{ZAaj zQ(3S{|4EWK%ZUy=2ALye2DCR40;HW5ZE?l{3;UkF(#A#ydMa;E7?VA#aL&lcspdAY z7SMkiSN4~Cge&Hw9740SVLZOqB&qAQLG$2LrK zl^wF&6N-;V1-ia&IE^oN3V9*fMKB}@DAQLhSd!i8%xs=2PUWw)3ote{6wv^Y{^R`E z#ob3ixx4Rqv&By}ujlOWAI02kV>t8ZDuXd{o z#ZG`=u=yS^q>Kn&Gyu9P64a!$%0omVR4R7tx91 zz;0iyA^BSmeV=GH*YY^kH-O>Ie56l>PMbJLDK0%Jl(}z$a5L2F+DH#ZarnP!0Ja_j}LyJqOF%BcblH&s= zCQD%P zD7r(tkaD2IS`~vQel;~8*5(e@-OWf>8y4fb|_ey6RVTyS0yV){c6eAU6 zmhStxM7qsyp!U6YXCZ~h)Jk}%mAKo;fw&6{e6Tz++!)geYQIyO>=k(_wlpHroS+yM zoiSyfA>9vD_M;jXJBqd^^o71AHkV7%eMwW93v?4?g;`}C@7iq4a5+q9PuyN@{GPDQ z1Ljvcqn=%ESd>F}b(ob0Fis|brN4j|>PYosH!NlfUcUPsNn5>0I(6a_JKOt)L{Vy{ ziRceGv@ss-{F>~=?49_?VWmd3z~cHHz_)d?i_a#>GZf@^h`NTy-wACt{oSMS6q!-9 zG@h@xmshEO4O6DddVz@4(Z!TmFT%NuDTi+h(leX2g-Iq8Tx8Bagy;x&fS>i1fjaR> z4JNzNlnA4UVCINdVFd=oj%X2to16B^<`-+pN;JPv8S{;uEPZvYFX*n$8Y}%A%uraT zA*SY`E1I-cOIYY^2Q2Qc46gd zM&t@u2;dL4=cyv_Rt1TQiY7C$u|fN+evfi~WvI}s$C#Ee-th&=5?J|HZ`no9rdcas zHbxw)AZ0ugZied+QJRoxf3C;hRus9K9ys!hLjMr$*f_2g)=-o~v5QOUFmy^NZ)`0B z961AqsvwqYJbbU2>l_3|(qXR8epN{3ULDtxwh(iC-?lMvQv=4rYJFO-jBaMkSCJ@|M^L_+g7OIhFw}A24c51--VX4)suTbjCWqn z|1!-{N3i{83E1-9LzF3lD`+fdPUf*A(oQ``G+}lYH4zfewyTcWYTSWVQx5-v&WG{q zmV$cH(orIzK*l5{==Y-M_a{GcC;7{Z{iUna zgHD8zTb4B$IN(4-pvPqcF~xUAj$1q{x>_4^J>4nc>hd?ScD9S=v;9BYPCe`ZFuh0i ziVVLLBIKYHhE;sA>cFGgtoMuD1k8AyJ=hXUF>)Sc`LY);lxq_nz zCli!~=7z%@4ETI+hgk8QD!RF_7mu8yX8k_W102gk4`t z(PNG(lD9$+HL2|)#(j!UWov%xea@Fg#rlkI9op!6-plFg7u|GS5u`8yedbzva{!{8&pgASmE}*+W+~Q;G2p5UX)ock|R{^9DO^#&WhamGC|T zE$trMmc4Id#yOI7zLX564t=sD7jDNxT<$!2Fx9YvM7i>h=3cLUGRqRB>-WO{$>x8e z0a>CSB`>wXFJO}GIKBdeU2ioL+|Y75TM<6-q-E)WV^$wrJni0igkd%Qeq{Ig1yGFb zeEnjt`qxDqK`6}mgx**v69_%_MA~>t4m)ZM5nv^2eU^opTOsq=vbrJ^^tKR(xdQ_` zx#{VY_0c3>B0iVOvp)<)$rDJy9tdt@1t@z80hH31RJcWTb*|jbqUw-4_yC4EwS34=*L`8>?`S zqr6f2_0OYB_K-&K3`YgHCaVk}R=B^xy``ENlxloLy2KdmBE;1?pbMFq!gwe{`aG>a z!!i`#mV~JJ+Sxt5yP)hs=CETq{BS%!Ndmbhy60_|U}HCZsi_Rd!<+==$~xSJ4dk#@ z4`XO+$$s85u=!+%DoS4oERcD=#PTcS9qzo1GOOOQ;m7D?kx8_dfr=g zq@g6HF+q4tYQ8;aJcXa?z;$vIDRFr6fBi zz;i>y_6WQP6w}4ge!3@BHBbpCjA=4B^KanHqlCa04W*zE0z`V(}%Bo9$od| z2^P7==o(m;c2;~o{JV3?Me;){qZslj&|_#}2LW6~kt03Cp1Ap=ojAObr{dUIOSGj= z=d$Fr_o|<_Swj1oma2pG!-y8fWVh}57jrI3O>GG;N?{hmZgea5hcBzY;h@n}rUu5l zBL^H0F%ULaoEtGpozKDQZ7UtI*~fXqKG)sRK3y8pM+2u^Ph_X(@}|{85XiqY7%js$ zn_;L~D^Xi@*|Oct;FeO8bca8!hS<0oL%43Ej6V|n>TC2@GqpE6n($*fQh1<4k|n1D z&{)<`uC_I(Z{iw1NqO4q;nNngge5n(YRha8r~kIKz+7JN#B^u3$Mxnm==Yt*r#+n% z@FdLJ+4TIB0Y#iNdQf?Y=}3Q7(Cunn&yox{#(mIaQ9W`h>)8ok4-8ag$*VIctsuM% z*e#8#wH+H+^YW@-vH3S6Kef$!4)oUaC~?2_6%IZ<&7umsAsjjQXpkEJ$;k1mzx)*8 z(kOpZ#)_U&eec)Vg?hj_?z-dTd*6lJB0LHbG((RJiXeFfFVcD{SPc$<*1iE! z3wO{WRkk#PDA1uX-N-vZblA`Y9>7ucxNJa=Jr$f0Dq?kStTEYJO@VVZW&)rf2-VxmKNw5tx}YH=*ZnwLRdY@M&hAgt zOVpWiB*d~O>G%hJyD9<%O5oth^!3(9%h^q?V@Axfc6k0}>~p8e6ll0QYj_chtm|%6 zx%zSf8RhfIo2M<6S5qqC>KUJCSLfLgXa2UD#pwQQ|H~NY9?H_UoHEM@N~Mcp4%0D_ z>Xo?TRf_;#lN(b?!vnKqjyi5_xPs((KAFD@`jHOhvT-p{?7IAY%3gZS)T~nYr4^mS z@oJ7(qjKS3oqM{6UpqT&H5*aA22xn%CaEm+$W7<_(f)(6vbV|3o(@rOw$$MJMK1HD z4*+Fmse+BR@4&?;V7b7J3{S`Mu}ze!vt(C0oARS&Nyt3i%4#XN{8bjTH+gh5hzeGv zoe6REPbCH9r&Q=j5Ma%YT||0x%*NBws4pit=3hcYrh%NWy_t$S(39I@qusoynORk3 z?1&oj=;MUbUV!ilBEHj~JjHbl>r&TwF&|uY=jd#4KV;e}saAgXEGZNsRF9tXveAlV zYulaL>-QmwwdB$&-NTdo5+)Vi4C#zh4Jr|sc!&~mqX zsWT+mrGDS&8ffvuohXXs#SNS(fA8wqr)e)oj7hCcO(2gTmamAoMBkWd>hc4;+w1+( z)ldp;cZJephoaN-dyZEfM77W8%}1TNeP!9MW#JEVS^+Z!7QW{r@~77iVF1pq%&ewb z(32I*$1A*TSE>y735JJ3FbN!xD^II_5KVEd+uK3|NFr?0H{uD{dmYV#$dn@gK>fY`O%gH7=T5V}< z7ywY!oCzZDI#}rSSdzv(&(~;*W$06&{3j^j3l?BU`nx?REiMpUZR5+ZKq)(-UxaND zi2E4OHAGJ#IqU8Y<9!XnwG5jS>78V8mF)C|;6{-;^5uA7Y_mgdS$!mVv^7AMbTjjM zhq(kbw=>!5Cr0qMV2z#>!s1=3$EFVtrr}Pe!#6PhzF}k*Oa0CB<-YXWOGQVze%as1 zj7onFp~m9PE6Kx0){53ybG*B?5$AQ{)r;wJU+sJgH^j;=3U&U{NE`H-l@rRV@lemW zqc*_6>`gNP6Lges$Hj$Ia)O~;M^(#n0L$0*=QsJrNJ4vy7ZKmvljbMqf;}=e-K<0% zx~z{{kpEi7NNxw5G@hg+TK5^l!+vvaqS$tE8DL-_tH0V6M1t5Kou4Ru?&-k%(N>L^ zLj48mEalO0#!mX-eQW%7n4s$E?$iTjvok+dy*r*2a@F5Ft!E=iYwt$d3W_O8C~E(n zglqS7)BSq=(Q6UEw--%VIw}qv9afr4<6KK+R{Zjn4FXp96BsQGfaa}WE)fAEG21fX z{;74=3!&wxm)!7d&U_P}4i$%j$Ehi;?b`M#g1xICKGMMELNMo^!GiV`Mh60Y{519ChKR6YHwR{dyGd+r_H71XLZ6Y)xfq)Q%}(xZCWq)isgdpL>5p3iX`hR z@rY%E<2j?*hyB}~#=PC7CuUk}suNOlP7CqsX#j4g(l_=dm28Cdv^x?0(i)U%9~}0= z%0naA5&l8w36JYnf-nxn84uBJy*zc(%bPei5aQOyd&)|>vb)D+ZtLoZ3G>dplX^{E zZJ@RyZiXmz4;zloDC&PShd%8oByJYV)=!%rL`PMqE$_46PJ21z{vVwp8Q=ft6cIRf zk#Zw%1fZUdNcOG)3QLUj@v)sc1Olod|H3`RePI)pUGuEEn9iGp^QorYcJ|R}!nx7r27^5!w zt4k28%PSY3qB6XOR=*iF+RDZSr=y|t!+s3Et1jXVNK^8L`CnMA^>E+XB&bZahhx3` zpr$dB!ekch60sHn{)&ZPPVnQMLcHR%%i0kW6I6*yjpdxk?q6i%RkixUD+3Ie7pXz=QNri)7S3Ve z+8Hm*29CbXRH><8&`S3LHL_+}?Uw~jmsVQtbXoO4%9jNEm4(I5s}cL}*(KheRztr% zfngB^1^-%>NIc&YT=hj5l2b8=EvAQEjcp*P(ucE)b%Bz8ZW)Aw_|&xWKD&x<9?O`X znYLd_NQ>$ms~J5*!aggF;{P0i?-cG-d+0}$$L8?8jxHu2#((}2l;}s&cNW0ZHP(}O zqXG5Qxy##5DT3qsu;!IjKo?@L3IwMIn7*i~gw(;487{c=Cp%mL^pVkn0#12gw6^PqsK*1JCKu6dJN zr_qTkvG0aLYJ^d)Gd#!FlyD=bC@&E1m&YlnbhC44j>J6%v1T4C)2=l1sBAz$FsB** zfl790yf-AkGcl66>Q+^_sjG7_q_6Gl=7K|AG|@9kv3lLVF(ftiq;)h@wv%YUQFn>z zZEHxA*RWMmx~E${UydE-<|KD@!}atC=@i20U(BGGYH(1*cy- zf_Jy9+)g51;^re>VQg^=c4(r7x=1tZn`wrU&S0;iw`~QmzeFR!uCXSs8cz-97TMT% zIlrTVFz8_4oX}`q;UvhUh8sY!&PCw#cNg%*G0=ub$8X`h_MX)Y>3FhFyq=mJa;dLx z76^o(MJgYwLJhGO_@%249rF!)r0ivXwF)bNli@@{%>8LRWzej z7Ofc(fJUve&||M^d37*2GzzJZLpLWxT|o~~K)}fQ5>jQ(g!8!WdpK@?8tY~*MT`d` zFU(e_#^{mey08A)rXN2p@CY;mkkEZ2h(Q7f^T|L};#w#jo?2P`r1bUYQ){q& zwn3=GEUMk|mIs3e+Ke{0JrL-wKBK7<#*t0576NV?y7(P~F}W}uz1v1W2l`gk1I_5( zz`~-y@splJONMuv6e6Um3(SKj&ffosNXoeFOcHmEeJMY3o3>Xc}1bfm{$}{gRU2 zl6`Gd23>giV2z`F4TfT6!o2jx1Z9u$zO6V)2>Eh%&{Er4*~nRrt;RZ24*Gfk4FAam zkScE}L0Rz?-o|D-PJF=U{vkGD+BG}(wVR$|Hb`JLq%~CcXN4@5aAj7a<(%Z|Nc0wu zpX8G(Z(AJ8B@6QtHwor%w?c{(8NTC?M+DzBLD({oAa|0#;&c2_xwf4Cc4Eu%)UGyj zSVt8;nQP-2)74tW^#T%4F*riDc{wz{l{g!EZ_Hd^-F-tHFc*OwY=W}AC5#2|?|lN9AlZGF|d*`Rnk z?UHkS+~1jyP-xPj6NM{Px;G!jT%sTEB0>X_h;uzT52>v$i90$fTtD=6el zu4;@VC0@i=9$MTf*IsFkg!Af^j}NLvKj=~5u`OyujL~`EBarE&_GBg=?s9fwl|^8p zRGL5z5d@mb+cx*(Nc&*o!^!%7UUW&yh0San_x) zdx&r|yV8E#DP|rNx7&6bJk_Ok-3-LXolAOAZ?UJ16iaIn zH8yTyA`_Lv)DrewQo+D$!(}Fh7=nn$iQKjr8eJWsSGQ?eh_J z3p-8jro{pkHL40KX;-nDKN$E>0lCqIO=Qy@n6-Dpe}g1sKoe%VU853TLj48w`0rrg zgJfxR)H_Fw)HU{4F;l8buST6c-&tZC`g&?)i+FRqs9~#MX=f()$r@ObTG8DKLFZ=q2gx25YiBm3>HjCgUFS; zUd&gI76FpUjQc)u&kI#W3iO!HAhplEfM}HTNQcKmQEEf*EBQ>&# zl>naq7;;xHtZ8hOpqMOC@lc@+W7F`yS;W;oFZI=!CHiqJ|HlTXoWr3=E?+s}zep`T z%VEA2iTs{`$-Eq`$cBVkjv;Ri!>+jh__hZ~`dhLf+j=hZel8wrN;@=Yo`hj?P?-z+ z?*|V+tH%7$u;b+z<0)=VAp&FTIq2X#!G4~f#^)MYq-UcanlCQ<%Gy$3@PxWBlt$!+ zfNMD{Jy}|bMP7Vt`hQ?l{{yMoLJ4^RSw>O=6HpZgN3)_L(cYfbky>f#%l5DZy*t== zhp1~Re&L{?1TQm{j-|~Kyfe^68M{wE`n6&_X<=1eq4W>OlAcyA9Uflif~>B3EE! zN($hvbF7ARWDa-q<j2W4Xbii7h#$$)^Sx~#@Hn+yek}VO3MBR*#w7&jtkza-s31}?| zXfq3X{X7nAoh~*0?p*fK1l>Zzcc$E;V0!P~<0cX9$ndf6_BhzLpjFlMMVYo{rG5nFYgq z4dE{+s1~e@Xp9GjlMm=$X_Qd}s2Jx#Ns3mwOQ|7VA$76JTam%-Hmm#W|B;RUD^eLC z6W2P*RXK>MCJ^|ljBD5pY*_9~>T?7V^6{VsgF-vi!*?I7NB)VBA$mUx=rDuZ@9bD; ze|tVM`dTUfXL0cp(y%O_+l+O;^}qA;|JOUuN!Ss;fND3e{hXBlIokg*>i@UbmIPGY zo!_Vq-T@<=mp||R|NP#D5$qil@3OWNUcdXDKG||I={6 z1-Fk0XtxwNSpHwv@&DVz{_FD=Oh^_cX67VDM#iV{WYYl?rOmPW{mZfcW!w9Y%Zm8B zr)L3CI}fDFH4Y`wigpla-$hX2R$JST~hvA zaSnygbw;Fb8;|Pp&%K?GpK63%qX;iZ8SP(i)6P3}Gc!s$GOU7*;%9s|FSoY;{U*53 zfs@Hxz-F@{$yTNYx+UH0?Ao4S7SRZh+|C^ zwUjeb=2jf^;#48<>) zbwrl-ODQg+#@b~Rz*<*VR~R0^Z-a#iljJgLFen!sEVHL^L5rB~f-Yz{%EkA6jUw!+%=Sh& zr?MPtd)|z6hIDP5W4xZZF~q3_1OzWFQ^6wax5+g;LxtosE{~SB0u)SSnFWM*F!xzC zjc6&i1~j4L!LJ!hv`dNvRtE3_Xd?BjYz>gsxzgnoi+-D#P3E54)?z(ud0#OMwk+j$ z72{E!u+FJF%HK|Ey)!zj>c74GAmV7QhyUAv+?qsSy3Fd|-c6k;y)KXGfY#mw7{ad= z5_3v|PQEG@THIVhJ#{kd{Ock#>Qz!%34!^mk)qOESZnwyBY3U{N2WsjwuU_@tx9s8 zduDdce`pOFBjsMd*XUg`*wBaOALHO6;)B9kS514=2#`X^jQO$qhjHG*l7AE9^6)HL z^c_vciMfQc)ad8((o$euK2svKdT9TOwjPgzoITXJV6k3*+v?Mny@~2l3JGg77|-GF z;SGRwS7w4XX?)Ya9`cZcD>G4_*W3j*-`XJ7J}+9`iXym50mXfFN2lD{F3iE_4Hr|F z_M`ybL&>q^xLUaLb6Sw4HKLFg(v=+s%$Se|%rq+e{^4>#UF~fXbVSlx+YB?KNNfmZ z1>${fIVBLBm-kofX9NeGM6po1Fs*@D9CMi&Lb78}ZR(FKHiquBl4F*rrd z$XCO<1g6!%3hG~ox>o=Ow%WE*SxPg9N!rQhi^H1z)~lCifn(0?l1gnqf644ibFLXK z(Pu&{5=jL5C(((%C3fTfu3aX+mua&O7Y3N;0x$W0+y6S=cFe541vu+#{Ru@R%xn*V zy$h{xib?q8Ny{?3n4equC%3Gqe48+zWhN*HX*!7wtA=?l?m@Hm*6|8aNk=hYE?@F= zaAq1?@%w|o@&atr!@~lSSE{*%pehyxB|ndbirf@@*_S?!Kvtye9t)SlIN=lupwNLH1=r0Yvvtw>k#rLAY4$@7%Rlw=Zj;b>uQHO`##0~Lx z)rrgvRLgRRf1-9FWdfp$BeRM{Xw-#Pm5h_C->eRvDUR6!vTJcSBHL!w<6=0JC)ivN ziCF(MZ!2%OQIC(s$*~EHF(MNjn+TcaG&WA`U|Yj@kZw_?n^Q1jwkR+;I{PYYgI~}o zU)eMGTDx#d&fUnZ%!IjHA4n3I`xZguZ$#;>X-)HfIkNvM*e**_Z`&aEc*LWIs2Wb) zJ_zolwpk9UMgLck@@wMRtCp~|V_Jy?$u2~XSao|s^o5ss)0*XB)J3m7*|7@qL7=(_ zKB?%JxDp~SZcz~Leot>Iw&X|df1fS0LVmBrFS;K4ExJL3Jr`rCT``Evk@cy!j^ z##B(HXq#p9M;9vvMF3^#2b#0tg;YJL?H|sE#9k9>`4#=*(NNnKIZbB-h>zpQCetDs z5j<-cX233thuFPqgJCu-p{aJO^v|MyYFeBLlWq&?u0(JX5U8)s9Q=|Ujzsq8*5zqq z`HnBHvSYj&HP;~Q`7spYS`FK8yc_L=TtYvff3&sW?H~vIli)B@>(JZqchvRSj}rFC zNIu5_yr0hM{(vGfh+AE7t#Lye)#+uO_g~$01VUk?N;qO zRiXCpIf03HsqgVHSJ1!#z(UH`i3GglikRkm9qTF~nB$g)a`E17*xt&MavesfyjH)k zD2t}?UY5?pQ2sY+RmAu-vN1zi_=xhF%lYvYAKDbARbS`EJK1X*;8;VlZN=G4=lMc8 zb_@;d013alc3!UbIgS#&wMgDDQ%JwhCx%9JNzC62ePl_rb5MI~dU~JDDdI*w%Qr=e z?T17gkHw$N)4TjSnS;}h7|7{Oft5c|xDsKyy>E8J-B8{6zHEj$xC~C3eF86KSp%EH z>kL@r@NVK9Xz{i`Mkx!g>ib~wdbinjHiE3J)kWRzn*LR1EIJ`d&;4MJ*FHYJ`F<9> z$}DI{e^1gk^?fZ~G4@7IC-AL2<;rACL0XM@to<*x(1Zg8U}^I4iv#!bRY7^UzB}InQPU7;Fy%ww7 z=Sivq)!(jCq%WxcY1HDVsL>RpUsfFUON^n>2m*#&BqPOCZ{5(Zw(^mV^^N% zdtdHvAu2imfAGCc5popi{cXtfL~nC)TfZ^tl$GP$QeK0g-(LG}ZHl8KqY*q8CX6-S zfM7rO!^4t^v zT}MRFjXBA$r>dl$1~2@*IjDeIAZ{zdEiWTH&*RuXMN}KEz$z#RKQoD-r<*-fz!zHs?TZ<*GKUTQ=pdi z<5Oz|mw+02-yi&Xh?$vjeiixLiTpTiAvOwqya>dFn!q7W(dD>ESdQuZegN6q)6 zcApO{rvm&Xs1#ejoc9BhXYrCmo2QR=SIaPdV^gJEK4*TcH%>ID#(&HAigokWx7Yn8 z#)#$ET3U|!DvJt)`gTtWOAPL_pNoHPa=UHOx7w#mWXaAb6HcDyN!M$;E9_#Ww=i7I zbriBf99wjb=MH6}Gb3NIg7wTP&{18d5+4xs*X9SEfE}Te!|}DuZ2(RqbVYwgG`|2P zepgKT35Ty^n+V|Tj$Pf z#}};xm4P^{N5pG$B5A#Q;0{CpPdfAR z-rle{)Jj%xfycwn^Jc$maW_eB63;z8UdWEgr)JRN$I=GMuI=-&08dwuaNBgLuxQb1 z+XeIWM1TGDoFq&t3kIlOr!!=d@?P8!+J7z{kHLUo$}^&FCEmBvLuPN#s=w z*sju1eTw|*F(JuUf`+^k6RA#cDZhDM-sYdysZsWlSoJ~;XL_Qh@qEW(QE;XK{?@)6 zJkm~xd|DmBSw64y+0U}zQ^qV`gdYy5kX;d%9(P-{Uf5WCL6vDRLTiD<(U7Y{YJ{s1 zPbFXAJu7FOw-&vzTjYBg(-JGuhXXnXjP?Tf5q)ot_oqR}eV?F27X-z2 zKka8O=ly7Z{kDg9ERSZjYRf$~;RD8k#+dhm?-n^hTqL5jp3UM^k2)6LcD6q+Hnn`9GfPwA z-rkREq}R3W?*t9iw-f-1E-q)`ir zF*VW2KJ_)*p#QVIpextAHH7}i--=ev$BZx?9BqU-%nhTwJ%gp1&YGL|gTRK#)w${~ z?joY=elqsnrjVMZ23M;p(9~$Gi`gJeuzT8;w&hYfJT*AQ=N5zS%?|Pq5()VTdOF81 zBu6{o2-~f%Um}66?ed3vB8-@EYcS2Qi_Usz4i5_)#=mu@b6#?g-|NL7H@{jmr?oS~ zY{E?&=Uwg~Z$F6Nea`vw*9gs6ijZ)2j!S0;aVdN-6S3_WI zxfa^}v8&h7PdtHF)tZqUoX)$`W^Shyki6IWi@BE3a);1!JmKkuC|3&ToD-v>;|l4s z!9jqpx=S-4+IX9q%0TUPX!-V}A`5bnl144Go=~c9Mvgu2hv9FNtwTvjWwF~#tgXXr zK&fA{>?x-vcm6J)arK&V*-MQt#OM;r87QqUx06PGy%lf~YK!;kc7F!*^e~;9 zhRJtQ1mED~99K7qfz=RDfP}9oAkb<_) zbNFRW<=x1Lsz5DDsZ6x{%)UU!zWFc6*}YiY+=;b}ap|=| zWJyP(;l1i%1i6v#=O89T8zbZ*FPlOZ2ceyPN>?*EV(-A z9p{+n()>lxX8UO8OPS>(!wWPuGwpfa_z;F7ahO}!AliPJRj7#2t%g%n0AiYe`obJm z8sEX22*P{W@|el@YR~NR{^)ParntK?JIFC;@D$tbGZ`TngHuY7FKo?8rd9cNB|%gW zWbPQ{2evE!LN;a^3|ZXoj^v&K~%5KUElwehS>pUjyi`kXU_An{W6&%-4E zKkD|qEaSx@J-#)n_^>OUry^%J_?yAp$luX^lf;nekhqYGDH)1zcvP2Xc;rl+t*Hy{ z1mExIUnR>pqVD8QsVc307&}&lMgbHjhnqWb9v2iV45#|LHz?2E*77ssFFQF}cQU!< zh>dit&_X_eS>GC{r_q;DRWx((_o45an;wWZp59>G(RZUlYUGYuJUc)EP?HF3XA@EwM{`pB#Ud4Woz9!g@l%HLEue35uo~0Emm31F09ZehU^CPZSB+EgDX^%!c4nvrYl{qGGyvLQo#a zb+^+z6Vt-B&>Y*=5~yTK@DGlpju)^E&4gmEr@$PIWYSN4dXo$Q1;eTeffJeo2S!+r~EAKkR>+8pf$PKnGF>h`w!)3_bCjE|Xo?RB^2xc05q z(1ky4?0#xRH6lfdhb)M5XK$ai#|2A;5_u9JOcLevB$I9gJVzGTaf(;T_l?dY zD;LTz6;xVRQ}^L=Rg>9MSZOkvKv6@cxRXvaU_#ZZTn#SGuXK>(dFVUDuI55{%vq?_ zP|eEJ<8w{I17uV@z%DWlm8VplZN6px#aA<7M)iogqys91A#0G4L2?*05uB9VC>EVx z+$>#uU~(Q3rgE-|%tZ`EQa>$cgj~bj3+{ZWYMEly>o-PR*%V-o*Q8Q6(BXxHJ^A%=!L^Z@ug|uce^V>rXLGGIW~*=NM{>l=Kxp#a%<<5 z$&2i1GBNn)BBdB8G9npS(t#x8a(EoIifBCTyd)^5^&>iqPMEN?LLG;sHdlJ{^^U3n zp+2bD88aMRqWbAszN3>IO9ucH^Up^}XJdnPZV1duKrU0jkgM4RCQbie0VfgI?yiI@ zmT#Da`_}|v2KzdhHm2d&-V^w6=Xrc|AOQ!XOHjnXfD@h6&enVe9o8=Gq*baSHCVeK zIx{D|kw2dQ!F;Uppzbv0A^yx+y#L;5Y2W|yScWtQ4Qnd|*t3_3odXOSi_ubF+fO$I zjbCS{3&>v^lsP?HCfrb1l1QZ#0H z5a$PN*8n^a#`{r68B(%~aWHvgjWKifgkJ!wmff^b6nh%yTW!e{=88qG3>sEu;-hHZ ze@MAD+|brDfL#!)Q+V+-X(&KyVzMNEU*{0Pt{!C<>MPq|;ba4Q7ds|!=)ujZ6&a*> ztRRn`u*f>37U%Hpp-Z6^r6U9mATn^BL-F*6DVXD<2W43fqIaLi zXQxweDyfuC%}V5#Gh3W~VOKXNI5?08nN4k*^YU?}mcf9bD$`y4FgMH%^TY+aAO-JS ztU&D$T;bQ>{TAjB%}bLs?7R^?DHzYqwuE72Ds~@;#Wqr8oKGvcE+d6it>`f_g|(|Q zJjgSvNQgmNMI-Ws-<{>?VAk>j^U15PMOuc06dX8{ii2krFbyN`w==oCM+qE^XATbT z&TumuI0puC7{Kt0^o9%9yDmN!pB?2oT+T)uWg)A)78UgVHJjPPht(5~CLL@pT*pgw zdB3KCCUnY&M=ii}8~otX&0xp1BLR8dI528JQ9>d<+UbG5!n8Tz z3@*~)ks+L?i8xZ;(M$C}-Hap!+7r{vCEeUcx|A=@XY|v}qUu&UIZa3vazif?N*f`3 z|N5j2^I5bGPfxXmOBWsbadG%~&sFTBENA5R$wL)wQkyZneAsx~QiIe*bev?dfvK8z zc32#u({M4NP|^z(4!PC+_2Opdkeyi$`ha?eCFOnkBs{s)3$FULNI7~D2aa9Cp39`L z;pegn6tuHS2E;@F#gWb=WAx31Ksq)<3k&j?d%?Lf z1xc3@@WshgoQ}&yJfBfmO}=jp%DXXpov<&7l~FU&lgp7?&~V%M+y(uD-{f#S!|JRM zy>i6Gl%c9i8xnQFP-Fo99i|jgklcKmQNZ=Vqa8a8Od;f^3*brb0 zt&$WbOy=Ww&VaO0^}s=E9!?*olje9DVy@ejI#iMhu9@^gMh>jxW7e*9TQQ1DD{#5! zhJtD7XrWnAiOhsloQUQ-Qa6RY&SSrh(%M$&kTS%D`<5+jb%UZ1yAmhZJITsO*8msx zW9f!o2KP?(b2xf26ET@3%sA#8Na0dzXajc(1{cXd)kC_wOJ|FFgL0B!>%zps3ey&c z!d0sq&DpugXMd=azPP+|=oBmncSopkE2>lD@Ih=1>IODDx*j;_K~qjLKKdjU=cyMd zeR`2s(SZ8eI%u2Pz|_)O(hIBlOq|SZ@70R|qn|wJlpy9Z?FnVliYdZ+w<&O-G^PFr zhT=O9&cjRw!?Y_35f>eYooB9M|HUj^O{Ja874}NVw}N|46UvLrkjB0ZjQ26@4ZfD-F=tOHDF8ggxmsytkB~4wEQ#_#q#tFJv`fw8XKNcGaKM;2jDiEOWL6+% zgm_{qo&7=XOdQZ_L76y<4uJ2L0|%ydq^AkRj~|!>9~1VKy2^c*L6a{jQy0={9}B8c zLT76adl$KQxWK`d&eWn}Qc;mZzweG=0_X5+*`?tLeda3a14*K#V5 z%d<=+d$}00&w?!ja!w{%Jj;|KI;jp-OaL%-^um-`v+(WJZg8&2#ii&g*m~$1jx%}U z8f7Yzb0}psXOoh2jK-90M;q8`@GQoJqm=wsDd;OkYa@F(k!OGK9?r9Uy)jv5{NSKR z{`z482ffKXMhxaSATY=sv#0nViquOHyx)kw5MMjE*|4_@Lz1FT!$7JeF$d9$#lV=& z+C5z`W2z5khk0XKh?n&J$w6-L7YRN3Og3U*tYP4NVTiy%8l&At9+ZdqthlB;h`Uy} zw>8{M>ELFshc;5FNqS8ux1M_-du=f=(_YHttD;ez+@f;W+s|7H9F$x+i|BTqGo6{$ z?#fDo^7K&y2U>diunw4ng?_9$Xykn?IR)p+wBbG}0`nsMF*n>1{?7X7%Bhk1z6}gP zn7Ok;b4n1FO?6?fFB2#W82D$CAN5eHlB9BWo*oFF8i+X&KA6$B77@PG3ntW9^ssjZ zqx9-}p=58Gjz&^DvVVakdpHC*v*#Csn5`vrs8>_QyNqDMK-&Ee%)=rdedus+KYctF zTVr@1QKJ(TnBGj_Ktn0|-87=CvR^zQ?X{A4<=K0bI+Z@XD9P; zwX{{jaJ+#7nW|_A<1POu837pq837pq8G*YA0W&s%3=Z_hbh}nIP)fi_I#@GHC%!?I zlDxV~b31rV3d5>33-Q8J>+$m++=n;#_dEW*{?aNsGqiSs z_q+vI=}TVr@?>0OS>?f$Q5sHFl%tG})tzT9;j`@r@P|*BDR_Yg)w;2*q!wueY^OzF zvJ;yr)5)Bfn27hb(BWRtDK!t&;6uT~cU1c*`dLu=-Gx79l6U3_0~8_eLKE1{!>azE3cl7tDe=$IR;O2T$Sc&1?+1Jr-vQ z+A-iU!vi~xIpj5nqiFv*XmoY5s-XxMPQ_#Q7pJjf*9B~kW#EGj8{rObs!`y|)inI; z1RYw!$<9n(Yc@Srr)7~EWx6>CCnzCuO!L0QIf%=;;H90qGz5_WmM~^kcJ$%n_}!=HsN+S5t6~$|Q6?hf z!O4r6a((hp#_ElM@^Gtt5OtX`=@>Q}^Stz7(^G`hj658>rskZaUTE`ArJFGfSPj(8 zDpoZJ-R!3qyrT;YjOmz}8{))I z(WsD4EB|00+%v_Q4K%wXdWO{8o6BR?=-~U6<>A!f6WDRN09VSpU`XmCzYrf->a)6l zlhNe`}fjAsYB^?C+O*nh1DG!IEvuXe6EfiF3&i3#yp@VKriZ}ib zFGEqrMs5|?U3hlKH#F+2SgjR@Jx4ELM+U23s4Mnd4`&CPerK7YJ_U!zTAESAD_uXQhhta6vA=Z zfb_%^{O3d=vKcG~0~jU_wwTO+yKx?)Q>lXq8u@I1-DU+3A3G)^Sn{K6FzxS+WlTT` zVRPh$S_NWLs?gp!z62DZ7i~q^l3oamRC?hP=q2gJK#3SA4~nFVW0J{R#nsT!jdX}J zv7YQ=Hmo#AycB~^cbvz64woR8Jq%P0kcE8rbW^@#W3c5M9gMx$F}sImH7S( z_uwZRBe2q)eG-Q8ycsz8W6`Q*_~mz2;aBV_GRcw@X+yk#v9&D%rcS~7`GardxnnoaGer@S*%vpZ_L5jQ;GQEcrg;mRwdedXz(Oe znj^B`3z6BXNq%*EgooS1UpRVs3Q_Vj61F%Hq3*1>s;fZGm5cbt<^&u|r$d)VN(2x9 z00GfSL_t)Wjli#?wGxTPPGQ?ARtXoiFtLU7gZ{j?FtNo_OCRom?pUxon3QpJipED{ z{}G;PuCe-q7>PiP2E(YO8Ob=b{{sGTia{kh-0cJX5#;9q<^fIE&|))O6Q=;on?DPW zKeP-#<=Tq7jq2~U7uVrOkIiFHJOnd5jA5ofcrEmK7w`_AjChf?Oe*MB~{Nz6Nfgop;ol&1gk#2~G zP4?01K^G~8bl59uG`db5_B+yNgL{bP-)#&)w9*+(s-t#I-W~LGVMLn5k!GmDe>dRg zv^4pfthDW*G1Syz#gkVE)=)Qo{L*^7O3KCiy%>>tL4B2?T??Wot^7IeD;+4EtK64LV_0hk?RONu#X_)jD4RfGjxb*bA|Gq?{INWJOCXYD3T^oD$p zxR)xbN^pQZz0T9_RB7`59TdRcUtUbAVgdx^Y#|e{=D8`+RGy1n?6DVL%7FDvPV4^x XyMAiGL!-ew00000NkvXXu0mjf-URNW literal 549070 zcmdSAWl&sQvnU)0t^pDVHaG;g;1+_rySuv$?h;%E5AN>nu0evk46cI>5bVpjU)8C5 ztDf`T=kNWoYwxvcSFc{(z1mjy4@G$ibQA)VckkYzOG%0a4c+>vh@%an0m##N}3la9;U=M>LD+zqO%72!u|9^qjdiZ$;OFuKrci95} zhNFQ$=w^DtTii$-!n$d!Y3eur6xmu`OkD=Cw;g~>#_{NYP(`>)V~ zLDAKMJ)u8!^=$rE2z_yELt@$XZM&tM4*oZ6=>0@Z3gZyT(GY8@x%J(t)RuDgjwRdq?(F;f>A6;Z^E+cfC$3R=Q*q zdB6q4abCpYSlru&u-tm`2$XWG7yCZ(&{YbBJAD%3cpTPnF@In+vr;bRRtJzfbo@2L z=iaw552GML(!SsG08tkm=nDKk9NqPl1V8M3N7vOX z^@#enw?zr~a5}1PE>@#Rd{2@5?j;2Q?JH2Fm?2iWuU*H1K0HHp@`q_F`@kdbaL9Cx zsgc}Ic)cNU5a?uvyDokC&&@|kP354c9?wBuKy{>gLC5@#3khcGcfzS82VH|=Zl8U= zaL8G~ih-s<^eOVyum4fESM+|9aVdv-$4zVG zJ~ei0`X>MIy?S)-kH|5fZR-^TQsWN&AzPM1EeNOoZXC?Q_rZ~eaSn=Y2{BuRLv7!= zP>Zv1m>%5976_qPTr_HaGV`j>8L-mow8r8nLqVnZrD*eK`_o)N;gP%O%&p4|Nl%>O zL1>Hr#+c{T!}#z`2HrR@B1hHNng3yM!S@2Zqii`4dOK-oP}xB<;1$z8)18L1Xr7g6 zAZnl+F%a6lNbaV>U@3C_)7a-wVgxcmvbWPs+By7kZ7cqj(ZvP$Q7MgOm%LY!v7isRf%Y~^N<8q+o1AuQtG2jK*xfde z_{}<{H34BRG(UvaZW@1WaVromyYU$}a=HrA@j>bK)T2wG;_fS|A#6&n!dtjKtLkyh zW>q$5wXv>ya(qd9GPboS2zQYDpj<3LzFJ4@xrVu8c_lglQO7mqCbxS1NC}5;sG$}V z?VG;5225b-pz_T@LKH)64_) zMP`}}g+vvH>c;7Jvmq-?z9W)^#P1 zf123){$V@meDi@@1kwA@9+*CFN$WDeGzOW9#{{T^wX|dU3EM@)*nBTEA(>pTU+!AK z@opee6ikVF8{+OmhGyfAU_6K~nylor={D7Wv^mf)ESd}tWj~4MYc z17%vB{V^lO(fXJNd)j#A)JFqtGRlnIx|XsUes&XgIsJUbdNJC$ zO1WG0m!_KxR<({++-E*UYY%S|k6=}jKkMBN%%PmR-)JC3|17Sll>yY7TYAzNGQAzY zB5;G@vawYl4+Ac&%z|ih`w47kJ8>aj{6m20rf(weiEix{eIs@F!W>l3jtD~@%8*;F zUsZKGSny@chYanFMcaSWV`qd zAVYnke&*5U!e5nfXbScaaY-3E>_1C0r0Yj{{Z|MB5$&hcA`P1QX`12 zeS6FAeQTm|8qR!uu!4r=)Z|B}K;QPTaNJ4U2C_5sku_Tkoh?aLr&+hFPJZWCNW>JY z^QBE>)!LMh2yUDQ;VeLPBff?i*<9K87tUMj(%aHF>0J9g5AmlMqeu+y}I{@!yuu&M=^=gRW{fNKWs$ z{j2|%IDT$_MN>Gwj5@t!kQn5?6>ESC&6Ms*>*h8TzT#g0c!%Kb(=s|23-1-VUs)C%cxxw3l?%x zCK!z^M~>I$Ufs&rq<0-fpBU9R59eqTaJCF73x~lcD@-gWBlp8?<*X#0@M6pA4Bx1c zq2av!Bc47&;QVd9FbC^3Ja<6-QIM~b)UC6F2Uo05Jyy>XSmt3dXLBS+aO_)Nvmsu?Qfzx^FC+)+NgEZQvMqu=5uIyYQAFfZQjHFCYQGClcJW zb8A+rW;9GWhrlWO=bMg^nfa(!(1knCrS{qlXRbVKI&_LLA}u|J*;k0zphKy?N2Ft$ zA$5*9w_|E7mti18m3iwyU+pRw(ujl z1=>yzmvhLAZI5DiLv7res%*?>9jsPLg58u<8~)@s#_a}MwVq0v6(T>{QL9;tT6a$9 z7^DeR7$aS*5OQSx+x7oHSRW{(-%H>tz!+kjus+^C0DO&`-Wgu=kMs#A5aR84PyrEa)`^0(s2exg! z5q3Xa18f;Azio(-qx@_jYN^zV9x3M25z6DW!Fh$=3+<$g*iIi>@n6Tq06qQj>GpUA zZstcyjNp^em($BSJCLLBMo1}_?R+-VE}f@fgME!0F2}mLExIPo;j1O}+TU$GPc1xL zq4iE*-3ayIbD8dvA)jpk=7PHQ(Z}Nk!Eyc>QEK-LL-QQLaXhUzhe?oYPA<@dS)l{k z0-4|&dmBW7VUsx4U&zRN^QLZ3X6#|ON2IQR$nxA?_?m;K^)e84oy@!QwAKEof0nt; zLlMD)xZ62Pl`m}()+89UzJ&^0w}xlb?Iy_3o5-v%G!1RbFPD3NzeiN5nH+ps2opB# zgt;pd8-w273E!yq&64&)OF0UjmDn=X)5+F1@>gekn-iG4(AS%~`|jw|O6eXEw080Vs6b-}=c6}jd3wP+Mt zZ>E-WLnRre6k$YWE}Z9>t|NPgz8|}bPN$?%(&OA-a>E6fOhb3>-v)N%9v+|Y zmy=bZ#t~N7eR6}^hjK$Rqv-jGzB(RNOPGtLg7S%Zg4swp3FZ!{cdU61&t5tpJDbw9 z%sx=R>LS?z%$_a+cD1Lg=gTGVK05p;{{+5*Ry%>sQq^#9g5C1Xq{3B4mD{qi z*Pkc`m|3Ks9k4ni(P1)ke$V$ke2|hQwgihCRn%L@JLKN^{jxN|gOGP!;;&Ie0@%9_ zmcpBPzQ9XMS`76#A33(=TH!snny4*0f#-q z5^+0zt}*2*P@zMLc142@#r1T-TG46Eunu>B_Nhs-lZ@z%KHiaxb{rYoM?CRClq>KRAr5r!`)ry#2cCD6zFzYoQ-0U`@n7btTU6~VjX2@&8(7E;B!|x(8GiF z+WU|E#OIcf5%8j$i{n<({N^4==EsSVyU+C>a{tLnYM@9xd=y85yBWp|QS z=iEG8nHhTVo|C9Lf=L3}^x@iuPV58pZD>6mvR8Ka~`# zlWd?6jM9ml;e?okhbN`SK_^Y(JxlAM)e)hgrDC@MAUB3XH&OVd-RYYw)trXISqdZB z>W4Ffu*(-plDXibO3!AJ=5E|@9Rqh!nM1|-HQ0Ur_Ng(W!Kjey6>FZh2;=8#LeEwU zBg~WgkX?@!F);dL0~V9qV#^gsVCJxLtkzG6+sbZB%c_8oQ;^xL(u0rU6olFId9Cn4 zg0b6Qf%e(e>m&Vswb0$LML}V(j*qqDK%{h~^!ay>GMdeoE+O|u8+n9QTjB%xih+-p zQ%2yOWf+pP^#dMT{$)<9NK^Tm40G{sNi^==fan%FUMzBNi|KSdzOT(Ea@?J>B$*g| zCTs5^hAMEmD$9E#=Q)oub!%^mSUOWH#IBHj6yuiJe)zEAKSgb|(Y^ExxuVwC<7qPa zgYJD*uyzuk?>3ZBmG`hC(>*%*JFi-Ys%wqLBp*i*%bcM@kobPON}_Tc9Z@J|U@7}6 zS(jc6XA8BgRCymo#i`La=CH#iN51-2q*cQS3s>8wwGngNqBhQT+#|SX>1Wj^Dv*}L zm2KD(DAMSrf1`nzwZ1BVjoG?hPf?YMYF;7@&s!*F@a94xOViV$+16n$=nL4g!3@&VL2A>2x9O>0&B3Xlc2L(< z{hll-la;0knbwFAk}OEX53*4;Dn7I5ULqzbI+cI*C}RGuG69(@LZ_)wk~SEWHfW8> zV;-L9gH|#!og>9s_nzP{q~R|j1mCUFY7o;+F zMr@;t+%X_UH8IByU_blRL_N zkLGLN+0Y}}Ur4tn!R4C)^|ls!<0M(_Sqj5XKY(UAK3ofESutY6AsV%|?5subsLBLb z`-{|I@6o*W;gHI%?1#PD_s%w9M8gH>(kXnMr;uekGf8)sZ?nP<&o`euKFZu6v6GpVQo=0uC)?dGPrI<`%cK!Bblll^xq;Tx$;r4D6jPMboxlo`!JINsi} zYS_D`CT==Ap1BgwGe@Qe@o`C{S_LTs+vW^VzxifIlY)s`M4uwir~S)-~w8 z*QXXHzv|00c^FaHjbT}|JiGY&VFfWsxdn#-e{`PaO|f#n|>>Bf{ZTZre5x=ZnX`!&YiBFq!6C`8jr_%x%a z7?}Z`TQl@62<)B_A2f>Wahmj<-9qT%ez@mjkRKe!$2QC&3VMJE|1#9KhCGG9F<Aa1YMH;k$RfFN^%u0@7RBhXc%Wmx(u2u3X<;<< z*wJkc2Tk;y(>lZ7dV!F{t8ENs55%MW17|%aWHzXou|q+9d>`H%9`#Opazfh0e7JUr zCWFr37`!CZ$T^Ls|9NAU>S<1*NVYHNZ=UEY)n_L%eI(~|&?^X@xxQ3vbJ*((*ys)x zUk1C8#Mb*wsA$8v;m@EBO(oZ}gf0RF%;j>~58zQ4oNUv4-YP8|)(_-X`|jwPGNZ-U zh=gf$yl_KWjSHKl=-XA!`H7%Rqwr0Dwl~dZbZS|-NYT;haxTAJUwV;qHE)_twNq>5y>0~u zxO@%8ac-fg)mj|=U{I!)xf7oCIs(aFB+US?Gn&p7m%Bj!pxMn{`rQzP8tesEDg|r1 zR`wd*O$m;)tPEqr)X`>a!1n8XtuJtl$a4B>gyuKT1~}fT+AW@~%jJee;M@3(x)&L^ z6;DtlAJ4h8kg99L-7=xeQbs14WpIIPbUsj$D|u23k!X3FL0Hl4jhxPjg_px<|5xbY z0gI0)+6(i(%y<`alm(~Z$>)0r6wSW(`SiEb$RsYM*jjt~&WF(;= z;JZ%;S?cKyxNn%uND6n6scOKrEt?C#*6$(@qpqhGS#h`;T}6sq?s?xY%oqq&HhF7W z?MD2;K2huFhmR{Jx$=mja7N!GQTBMN>QmB-Ksm)cjMI{06d8;oPvkxTmBnAf{@i(f zs+C5PD|}e@&gVh?L-v|UfEKh;BP>(;)xe8J}pZI$_~4ikK?N`xkY5^$GV}K^?<)>y(2Z@RR<_JW8`HEKu+0={fme*l80~r zj1bAhP*Tnt^5v4#y-vrkO)d5jZgs@$lSq5SaGOkQg>$Ie{yH|@RowFV>5V#j@{UVuYho`E;_}~U$B(C zLx(ToVnzZjJStAQEYdCLe_8vmw}?IsXv1Bc$cIPXrSrw&ulo4rAu=>(1Nx1J@qVea z;ciF*UL>ZKCH(ci4sOAC_1SryY-#26P}S%HgfNJCYol6vmPNcCOFE7FFhM?E&8gM; z+mii4Psh|riwDrw4Qu7gRO(uBPLdQ=&LULgXDHh|?vSev*8wH%oiehN9k)3B$%pk- zZ~R#y<*Fn_j6K}ETh?4@EHrLWuPJxWFxL)Y#^ow*pky^elh(VR^JXBmtW z)=LesE7HA9V5)djGcIBHm1VHHAG=KN(=1<9E!`%pUI7lLgVHO4u}+rMl+0G_ClAw| z)fIENX1@IAT4X-LuqomG?Y~w!+U8<>L{1~wX#bXXvbjxuSn`_?|F`jh({sgCaFBId zcUJpn!^RqnSC4;=F`3m3Nw@93NoAT&W>IYmEUQ*!;>qSIX@0T_Xs*FcACYmAMXn!5 zckD7iD;8@f>!%FNRA)c2CYYIDA)~T-8m5wTre-oT(C4e7_+70Xl3Yjq;GRP2yQTm9 zCx%?rjlPZK(6d!0-ec8NS7?G{$~kjpg%YNRVt-Uf$&KyFx6va-=k_Q$z$1z2LlliC z#o%&8@d5AIxNV*JL9~0cM(^4YaoiBS#dh9lL4tXiu&@^`+x2*YlIo9VW#rGzx58jB znwuQFcI3E|Y@3dtqb8-sV&53yRhbJUS;E37AqRzb?B_3Tr6BP2pP%H%Yx<1*us*C* zzY&Z7kejMWI@VR)n-0fZtCRgGlZ=3T4+&=QVc|1c&A^wuN&Z>fE^R919gD}2zcvI{ zqbLN|wkBeb9rw#Dv5)(MYQvn2y6c{-&mo~p?eg0^r)qv>^CvrPMl^fv_Dn%LAx+HIO3E9tf*J~gq6o&3IRvXv z1k=NX0wsho!_n0-g&=U$0eGTJ-tojz%*g0d>_M`YP)`pt5oMA=(2)@}W$OZX`3Hik z)NnJ0_iRQH^QX_`#k;Gg7CX%xvy#rXB5rw;2}D*BeKWwLxrxr^OEH%+yWX{s)Zd-1%YcB^55T*{g0eh(w?sF<*&#e$0ZbBDZ^zz2*i)YVtG+#p6oP-|XEk#*a*tdE zq74DVTG!knaVrlFXKSzAgm;bDgH{z4{qo2_`cEk0Xh1$7DJ4JLM9E`+Sr=j~YaKSw zQ6yJ4yuOGxfUR1F>RY916%r~dnP4ulH^#Vs#VI#Fks_~#nZ2-Q8@`yEfa8r@qI;N$ zaxTU5oxqWem4uU=j{m{Br#_pwce?W@XJ<}uaR)mqpCns~%yXTG40rbOHYwQmj1PGXt^(CSEN2_^t^XT}p3l zp%0UnsYlbT=Y5kl&UMDt?EPy$oxZc>z5x}(QvhaIy~h~k*fc~!ygvL7VU334wBWu) zGX5sbAWicSODY#t>AcAfEnG^Vj-dfn|daLRix%FoAm3qhn7pS~7dD0_-hOeaIz zIS0l{lyLj+ddo(L*J5RAW$XFvn1`hKg26T{{$+5pB1MsdDT>by9fX_{9KAy=7?_(H zKagTfJshqFbV#I{E!Rfb$JRHaT0_J`BpUmR6oMDQugfY`!ddFLo}!$_zbdJ@JtBNM z;bbYOMAX?V=h)XBzYn`QRUx>CxrfLY($h+YXCY=OZcu9d&HxH_(|F`wmkRIxye80E-X%}ArrWv^ z&vvzJn4G?G5P6GG0Ra4n6`M{KDNM$o+VSa^5sAFsrA2HZ!NY*NN49PcFGDcQh*1>p zPs+56M(JuL_SL+EA^JAYSZ)UVp_l)%fxO%JGZ7)R7?j@JM)!X2tuxH}g5kJ`_Xs}a zHVb*iDF5mI;+sb(Vz8|K5r0g0@oS$cuZ{tlS^G%!*g%#|l#@g`zWq5HUhHV+c!ED2 zMw7c@rm6nW1T4M~I>Rq<(+Q3yKL}#B&$N7`O>cdpd28cZAFD7ffmrjzr3wWbM(b{x z=EoLj|I`9Q;GsKZ=;vCaOp0>Tz@+OAQAS*C1J4(bdf8F_ckhPiBI)4g>gHfATtrEj zBzBV6EbNF>n~+ZV?b6bAk=!p#vx=(vYUf_k-yhyzJ| z>4%o7)FFXQ-%6u#JpxOgR`z(^PUMN{HumE@7JpE zZSWSz#--4lHy}UYI+NjU^K3M87-Y{xSAVlnB8>VoyN+D>4!qywEn~q-R1C{`?jd4u zPhxmbZWGMul;_QB+yoF~NOK^6x|Q&)?ZI-6AwDF5_4yyNu2JNe zgN;j=IpeY?!hf}<0J+uafc*aR@?d$x+D5h#;uV8pw{KR;R3Y4ccd^%-=ltDJ6%FvP zNx+aeDeb$d@AJGm^6+RNIN);qhimDOtU(1f*>6+%VEq$T9$j0YPOLLBE*;l8V%%$h z2WeuE-UsURoS;CBh*sZ)&~1Qmr5ljXWwoyvNY`FXo1cz*FvRX06@XK5QaFn_h48cRywIk>anbPBIv5-)^%ah}I*^MciEuB-l||#-lep zu}6&D#3v3FYp=g0qlk8Bn(joCG}~d+nupVci&6Ahj(zp`DkzScG=rINs5V ziIa@yiM}*263gY=7s(zVs1F|hNm+m5PQ*jxI_wz`Mwe1&_6GEz#D_4y>=36lL;JmmGTcvV7lLZ7=HkG zos?S3=h&__3uDXBv)&k~DmFi2N7q!-vy>ylBvQKbvtAHLx>8Fm28gKP^WcLdm>l3z z*G$Ybdk1v%B<>_EM7uJ_?Cg@L-;l`kO60j<4!qf}6%QHZq?SvJX|I!{SR+J(>pWZ< zSSi4Nz4raBLv8j_^zjX6dU%3^9VxTnoU)=DeXOpk_9oeyK>47nP&+E0;Kk~Oyde*> zPMK3T9d9isE2!j+(`wK&4^Gn#FAyy@d`XDlGp6#C;KsTQF{Uyi+{iFCB!$y!;$Tk> zzYn<2_2VI2^(7(+?XoqV6WA&hW}`&e{ibIy4{YjVFGjb&CM*EP31N(T0E6LlrhCv| zR&ME#84dwgePMS4HSfnC{O(K~&KMiRw<=NK);bI?qY{AodL)%CFE6CNB_8KN3Ys*# z+MQR~pwYJh|9;54jgj*&rGw%U-Gai^5V#?nAhS7;BWmOp=h!Z*mhMcsh)L{W?SI9K z$Qla+7HGake754wUoOsvgLvdDj!~Tyr9uIASqyaJBMU#+sw>R;rY)`>7N!dz^Mqs% z_lVugj`LVm!fYj`r^uJR7)NG--wc|O`A!gUS9AA9q3bush3rCC-#6o=21iD}XUw#R(YP3ww^$69X z>ap1SPKLkPydY#dZJ-8@9`N=>tiF4_R*-0&fPOOC-SGPQ!Qt6}uKUsW!|Tl^#BVc= zoqxHivqY*~L)0q9QgAn}M*uI@po=IBZxc1;73Acs8n?KOLOBYHfB6l0G8JE`YXkmR zTCL>Da)2AYQ_eX{D)|HnbJ)E%9xG<)l{k3h?L%M>hR@RZ>SbiV*JCUwR8l~T`Yhqh zF}m>V4yUYbG%NYG+dtrbg;k> zluLb<%|hMgL-p{vV|_kOy$4&|PYvh_c`VaE0sS$;wZ?IlB*PxzN!;*9r+6dd>IteG z)Vl11ppwUD117#;3{SlsY9Aj}=+}#@&>BfH-%_SEtB zmGoxy)b1muWp{0ZpIEA}d9Ny9rzY;tpThke`f3bD`{Xly$>>jijh5M@u;bGW2|i>) z#RbTh3dx5I#%-7O$V}#FS`Vj>msQ!9@s!1Nf|@S{9yOk|d@$!f@9gjYD5S*XIm~PO ztxSFRx_b)Tiz77cIb`@*+9EZQ+Mi9sdEWO&0b@ID5A;`AI+M_qr+dZ6sb*_HD;)2lNXn84vA)-bcD7@`eW=;~9qQ?!lz7Gr?1P&9_U7;Mo znSig-EZZ!L{_aTW8+Tt)BJ>W^l@CYwBc~yQ&jJq*U2+eb74Y$lu2tS{spn(E2^(4i zL_ZM`=gJ(Y(yxiN!mq*&x&nIqQbGs1>J@2>U|z2?-IO_3Kjjs4UHGgq^swZ775by|y6cyjBv;Q3V{9`ZR-xxk5Qj!c5&yZ3eDD zXIL-uC9#W>53eF|?=KO+O>d9j0t6|G+lhX* z=+idwwboh~@-Or9H!SQlUO`SW1x)~$UCQL1Z#~M8V2gpPiLO}ZD)n(n!mAu~L2mso z@DQr^8kY-!+)YLPveHo3EK})=R58M=`X!)osc9vBruiBGd;SL1N-Qz+r*506!huX~ zo06x_Sab5X&YsTHYIPday|bz{f@r@ZB?|mnizly|4dUP)0d{-???u9qqDi+7-8kvr zRNg+Bn6G}{e;9L&yQvELq zxr%1pCLRhdPQmk$uMxwhP%Dy*oJj^L95407S zeXFARE7%I1&8|(_GvhGg%n7773`T)w-zk^%(DAsc#?!~r}`s} z6uez0R57Bx>>pNz<2H!_fHzz!wQbVSUUg`G>bdMQbKfN)O&KN5*&JGou1ze7$51zR zxY1HZKZ-@?z0n818(Sp5B>J9vW~f8j)hVDG=buX0TX*62Ql^(NqdGv<*;$b`xPvBv zaUdSG)ZJWDIt%m6DkGWw#nkeW_n}W7;Kx*U9TTr&bv9>RBj=>+Zs)jK1-7r=;%jN%vX@J5lxhxmC~+m=g`S>B z=9fK#hs`&(I-Y4CXM^j8u4HL8Ml}Ju-vro%e6eiz_!h7OS*Y%Pm=Z_^cRH`b&fh2F68L`Bn^%lVJvod>P zt}d2TuH5P}VmUf|F#_6SyN#iix1+?aMVrjY`jK{c{VU`&EAHpm*=Nq zI^KK)nX8ply@=QY61Ks=@dUCC=Kk!;`W_w76;&7Uw)D(YX`gIbq@)esHXE-M#<*?lEC-v>kPkF6%}C5N z;Qkg#iZXzFWs(bON)WRc8I_B5ry9C+pvgoTT`#^$aqWM+RKJeDC9?HM*XjxcSUQv> zoUtgR5#1e?Rf$W<1E34d1}7+F zsz~N%9nBJ{Q#upexOXd$L4IIYLk#v9X$q}5dQ=%D#j5F^B0S8g{7@*-_q!`p9a#}Pr_X-p-fZ6JvPi6Va9 zZ@^l&QCh$n@Tk;Hd@KdX-_(brb6v>q5`L}!lKpEaR@q&<`B-r{KiX_xXWc9P*!`Pl zI^pJ)%{QAk{5fR;v#7A0KyC-xvT6|a{aK>#uegl(SxTzga!@9h)s`l&nOl#avsSN1efl9o0(oLYHihsl^hj%QdR?N4@gjzy0jD|be z)`iq?X-&nq<1W1nU8+rq;%4xC1qd3sjupww@(EWtuCo?MNQnuOFiOjkBhh2V{gZ!* znCeeVai`y$mZr zudiq4brLRFx?I*p(qiGZd*m+K?!Q|1VlmpF^Bl)jE@S@Y$SJ>S`tNr1;)!uVyxi9w z2rJ~mQw_q^a?(X1SIgbtL=nT_fASK0&FEO9W9yzR3P=*oOLi6s@pk$GM?_9>w>SUZ zcuW6Idas5)y55SOL&P8=eh%3v{q<>xyVZtS-^YUf_3@85|IIj4XIqyxbkVJEUKLrr z8YB=>lNG0vI%F(gdCL9Uni7fJGYR{Xvi;B4!&yqRmAG@>FGYkNI~x>kUo5%rGb5=a zekbU!N1KoRjFn0d2>yGU@p+PHx_Px*!*iIGh&Lm45`*{|+hQkU;l^pYU99!3U8~i_ z=&N}ccfXdj}&R*!W@);GUck0chm zJAxn$HF~-@9p0fj<@`=rkkU*#i;Hm43R71;Lof7TF-cB{QF(v}-#r4*aOBSt_ zgJDe*qKEg;XFuFqKf8>w(i9MQR}cR%HUt~&U{4cxqv*iJebVHt(vG!HmAvTOcc@>c z@_j|XjoY0_{AVOw7UqMeV>2JEwdpG5vo@$P?j>>oUo9Qt%tNh*W7J~L#n!((( zS=B`1WBCiKa7rTu%%CDH-f+%B#)*-v7L2#&yym@~KpT2i4e8hpU5J}jIo_>wn~Byu z*{P7J!k!T_}S<1^3h|qC6moIkzB-hD7#5MyYxTv+)LuaBn=4CfhneGN* zTg_{p!Q$aT_#)L64EClBf0Fo&$u(6)I0v+Jh_4)ZAzLQ*#?lz=z8r{U^RRv3{_O8X z`{8ZnD4KliS{2q~d=Xu3L4LV$0bT7}03u}@FR-Lj6-a63l*|w#EGo*LFVbNqWMpCM zwS*t~cmHB-x}&g2jZ#{kR{nKo=e{SihAETRC$IF~N^A>F*tR{l7>FMyc7vj$Rd5lS z$GXqeVi(VuFfi*^(6tf0^`CD0*VpQC`+ zK5qpGdY_0x;J&XuY+6Bx@iYEWr<~!uR$#uKR0OulA`LADUYXigh4l4N`t$3bAcn6G z3SacscE6x1XtUUOr_%;WO&EW-2kG|5hCjRjdv#ic1}VM7_yYn8RWA6`GfFa_-}WJ3UoRpOJbTc1$4Hp@@JR8f1}hl zkGqwZSJFKf9v%JH(HT*9FL;t-TpxQeYfuSxsb0a(TY@G-JkI02T$SZ%yx}>LLpi&2 zvF9EogI4`#%&leu1^#v@=v6aVLR~>TAI?I75s;fuT3%vWerhJzC^PJzWO|pgHA{iP zSX$MP3%)7K_wxJ2KdrH#!9fbPgoz!q4uAp}*Ub#>B9IJ3rQr{qr1(LVs!^uA%{uoM z7eNIeZjaP&knKD=4x>{(rH4P$CE6r$T_?ee@Fg0uj;=>xnJOh51B(K*n3zJqk3Ig+ z5UaSH&CEC*942W=r`)kFM@Q?vdL4!BD~GJt#}_-^*c?IKXdB-^7tK_*PQ<&!7aNC! zcZp{et0v#CTsz0B)S4>lX~FXOsAcw{XK6j2 zahkaEVQB7^(+cNfm&R^WP?;VkPy1Z{22h# zK#nr#WD_ncWiI2zzOvo(uT!b4=$GR*TJL+ifYj-P1d4RMqihu%$2kwcUfOgGfMl9Z z$hC~p!)6T_QqUv5-PZD4=NG4oce1*}&W?G%o*l<$Djam(;nj(GAAlg6qZ88MFxEfa z;|HtY=Wvwq7CsWU%e6H=oN*-o5bbeQ?8J}N0Af(s`kRsR`4DiA$({RsD?)0?bT^NL zXt<_3JM?m0IVcnNOBBND-u>QT!`%#bHef6ApZaWdXJIW+(J@A>;$QqQNd`~ffbX~7 zHf?~MEjF?%Kk3HADkj%LTQ(n<0k6M$Aiv`16KL>%Px;lQWv4~g$R~U6fSrRYRqXwi z@}#W`rFE6q2&i&x+mSq8rd&q9V60HNUC&4k>wj6)-KWBjq_7alIh2Tgs5c&iydJ7B z8~$Pz9PDXM-PRPr%RrlQ{E-&K;j#I{qT5@byNRFZhjiAB%5HkxZ(bQ z!H~kGbnh;u0XN^+h9&?^w~dPx1ya)h&yFPu*jn~q-RVG1=+~~KL*X<>5}Ev(7aOf+ zD4vv3WdiotbeSES8-(73?k@u>Kw0XMiU!T$rV^jz3bZ=_*I}HqfN+~Q{>GyVcTuf$XMDkRr z0IVrai58I14hoXC(6ac)kmMhB2wGQ)ZP|Vo#VUml&<5rosun{=tC0vJ~id+ z{>R-nQ6U|d$HRYa<}>;DnP+>0X8+k5bLUa$nV4%6iZe;*<8v3+dJ~tky|Pg>nt;iD z?>vgVXH_b;Nch&<;||*S)^yf)au8jnl5f`Y`)YLX0(3S<09qW)o^m!=n4Jj8E&VVk ztusQEEhs+EE>OkL0?Tu43HrUYsX|RA%@)2fvg2FjptKc1;6g7g?$v`acErdZrtx~k z-wjacwOx0L)h-_C@-Y z8jI4I3b^sELft>d;feAm$joECor%WB3(kFw{BL7uTE?LFITeS zYAxsCk@~HNoedm3U6p4Lds7nj;{_0U)u!nJw#*SCK_!VCaBvPxypiRMlP(u2^e6ml zx~@~OaX9zO%oGgU_RzU+8&A3o!&xx{*!h*hJC(;arxw2#Scz(D(|2}xZyzs(wT2+T zjngX-If-}<9WUj`j0g{lRN!Pk&fxLvd%?js8$0V#G!mfV%9V-N&U;QxI*&+@-)Dy)!2L4oO7);<#~uO2ndm8J=@Ve$M`X*7PbU_|Fo-#<8Ocn zd|yr7#Su;~vk=Fzc#9ACLb$@^yVk>4OgQIh$!8UL%0C<=*7{=g1whSp39m*%i^@^~ z9VH#pR=QIicMd@G0?pim<0-ov?R)`xLZf*?}4&5cdRI)pDGO?jIjGGAmYOo;9*o$=b z=D-V^qpv?07fxnaDt_{6K)v77;NQI@gfV28zjq>QzeQR&-TT$oxHU}eVjG5V;XVqN zuI@L`As4`ru9b8vSTeqpmLd8-L5P32bTVXjQsJ!HU6!|C%wSaWSxFbg%M!SJ605Aw zMpfD^zZ{dUy}HS4D_6e}IQ3JLn7X+Jj-{_u7Zk*YwND7aYg}JB>1jKWAO2d(vb_kB z5&NVp-n+B|NxHhK+okHz^Wo{K3d2Pwg^1$*xAvl_iX(66#bu@F4T{nug`QC@x}fM! zmsIlM3V|VM+Pp#`q2~>{ygpG*?lgignoA5%|`IB5=L3Y=t|X5_rNM0E(VJi zo|0+|M@uYgKE;IN(PavEx1T$*+)}XWNW$K-4@^yM8*hTU$TYE<# zckE629z(=j9K-vLT~|PepCD(Eim6vLkX77$79E|ft-Y{M2HO*&yipyw%FV=BZ=$Db z!IdbK1a0oEXkp_j?PJv3w_kb7-fZ}WGIq{!^2RRvvZ2CUEsr`gTK3Vn>mU9!PJ_#f zC_TDlss`n;%UBUh=IHvR!t!;je2()qoguwFop=Ci>YpEt8?sC_8!o3aONJpHnZubn zlx(63MY~Hsl*STo*dXuL(ce&&{TW_X?2^k%7}24`kFlFKcFP4j?vYORl&7~WR&qSN ztfP2}L$#t~SQhtM*1xx-?x4-_{Sge0;T_haB){@Bt8}u0Li6XGpe3&vw%4@Dm3m*J zX#_(MuT|M07F@#-u``}fIyyv$g}-tXq}gJ1Cv7ECScGxDS|%3FpMy++&qKGzxbUZd zFe%g@Y(_W@xR05L8$^PQ)>!YvDjkCIaV{ww#ftO|watu=hd2y3gex$$jEwPz6tePK z-cQO&iAh@ECD7}-acugHfMTCZM`PvMwfcp&u)%voTd${-rC9iW)X)wVw%nSH*V>-` z!Cc4-ewZ`5paQL}u{x#S5#;$KGWsf4xzLFi-!}{C*_9k5VqbdDAM;ErP~RBO>O9p} z_YJNidk=(RbstjyH7*xm6ZhVd2I5RY?Z@OyD%W7Jw5pyWtEHd)ca=FB(FqC_@* zFW8yYMQ^Pt%lt*Rh})JAL(kT&i~H!OIGWu*cd< zDTzS+5Q&P$p+Cfd&0_h)-+1kMAXxPG#Kxj;Cr}D5X-!i)LxJx?{~xseA08Qg=scbN z6z7_*zIB#ujE9bd7xBoXO(O@HxT_wsOt>`@f1`#_@WwY}U&8$?+&GsX-FO1y=Z3|B2!Np~`fqi-N(KC?@Lhp>E&l6K~3(l0)DHmqQ z>%brx$Lo9?7&V)u(Z}TO-Y6cK@7GDS%boZnc`Yd~!xWM;a$vl*}Rpmjpqd{`3Ym-1IaccNv^doEs?nl!2r+|6Hg7l2X?{5 zZ8(^T{aD~@`&_Rrk-a^)($TJ6Y zO5D?MV4{S~0Ut{j8jl_hk`Lw(>}QERK&!~yw;OWDj7R)E>?-R@B1Xn7gzmi8B2Ec} zS^%k^60}`VbIN+I2C&)Tp4A?D`?420qKm_gc~d?Yg77vb59=S5LpXrf$+QBK?^3ab zFNpTTPvm#9;lmQA^{O>)sSpIFt7XNko>J*6uN=D>r^B&LB`2_4lGZjSpyu8&qsbRn z-UM-LW-Nz`Q4&a8kWp1>Nq9R;@{3x)5EP%d_jl>0!Opw3YDqRR+eM~UmWU)~2Fwz( zwnEsGj3gIps?y}9xwi9sNR{^9iorJ$c1UL>M3mOYLD`$MSxUMZoGBO#K+jYER76fi zpylfrMq5c$jmI!L2F^_F-B1`4AfLOxktUrzbB-;22Hc5E4_+7ImnbZuW*)`uun#3v zV8QIMejh9Bq?as-*=NkF8%~REUqTvipTl&dMK}j6c3FBfNHr`E$P}CLK6&{~xg$qBv&$do#H_yWr?6U_ zy~2P!m$NVC(|eOx7ZG8ztUNaaHbRE>8FbQzL~*onK~dtcIB`|Xv^GoOFyGya3Bd4- zYL@DxZEWnjvVpu`T%bw1<)CCF897_XzUf>e_FkpbR65y`D2qtI$Xl}Vx?1x&8L?!J z;N~h=O{P?uoiJ%~@!^`j&|I0i@9cIkFKgv7{+PlN*idbv!m%g4vaw(g?2n;qt?O89 zt|(?1SuBpNndy#4^ZWSvvGTGPVpFC{E(!=wL z>uh z+}K?DdN*ddl62H^YZX>}^LgE|j~8Rwo54Fk8oX(jUKt=NnEw0$iDi?$PjM6a8wmH79G+Jtrl&9~ZFuKEMnFlpwHOTar9#`No;%sN>3V`hFgvC^N zit~bzAas-K94KbRC%huHkQTRt>V;SQ6Q{t{)5E>1A{?+`@V4T*Vp2}QMJ1SAYn;9o zMOU(ChY^{BaLch&h978{&o{d4@EOk%@eb0(er5c0fv;xGH{Sd%LLFI8r9bs~Pgl^V zBGo``i2ceYFv;U(narE|EBJzjHaO0w>5qKROzG;vZn{x;Drj%4{hI6m;umv)OO&|` zife*is>dR!S@sxW8G5%C&7b=t>U*s|*F`QPGA2uQZ@yh)-}*ZR6T01@r&nN7?8kCT z0r3Z`*7Gr|RuC9 zD?B|Gi8iWs9+&PXGikRLDUQdf%Oez4y!bAlV0wr}V)nO&9h4x{(HHVe*qHKX4RYs0 zuwC0S6*2hHW}zY*7<^V7{A{HXuX30>F2jddt_4cb3{hO*Q=7H#oD_JF*fmLY0=04G zYFZOrd8&&w+}`%RCsYScrG8^W`LnZlOlDYFVovs_+<5&mdqgZIbK8+N^gJPT7}d%; zD$&E+<0e$&z{*Q6dD4dCH#)N;nU@95M#4A>`;6(A_YR^1m#rxT17m{`fWRV`w^B z?IRFXjgBmjBb?4NQ9yp*?bk_h!Gg9^d_TtRA&lM*wKO;-}p2%l%B7;HGdbv_&zTOS!p~x^Bq$zM^q>AC} z3Ujn-s~5n^+cM!sZz!~Gb=25-U$Jq(^zr$Cs0L3}`|%asHKD0_h$2Y}{iDa@BOB1Q zLDwzXpgeK7F|jRUgC@f@u62AGfwwK?hl<|BhUeP3?Qt^0G6MUGr-V$F39;Cn#lpTi&$ z&O&a|3Gd5I`-W0!KNd4*8$@y4oF@3R(pdb8)1GEVYOvtgqcFa5rm z%X;U;u`y5iGJE9cc{`EJJ;zF=U+oRJ>LSg8cGlAHgEe-}Zkfh<^-$O?Qaq5`6?kPa z+W*SVh`aPS;E)Pv-Fc{|D0_c{+_qnCQwiW|-uZP5&M7y&3c*7S{H2-d6REMb^7d=AA8+q|7qBlN9=*yBMB%e|5l`>5{I~554 zCZ`>i35(Ww45Z`7u{7SSLTVDNkawiERbFqsdpeU+IdcAa9sQMqTDtsw5xBg-MQ4iw z3!io}9ULR~j~2fcOO=aKE!aS2kl)cgM-sIWRc9k1Pe!!Fx(Yfae*D6mU7)hHh-Ysz z@CgUj4C|=XZsF&dmFmjUe=34tT2^CVxxRQ zj_98-nBO>agLg>h=*tW&54jR@Z60%tDe50nWkWDZ!p?t-(tO;ZQ8GBLEgZ51*9uS^ z<5yKb3|j8j9|cSrZnLU-!-=a!HNLO=2{ISStQYlryznHOQ;Gvp*Yj+PvwMMgr`S^UP?IcggV$tyaS$n@ACqd!zL z?G9wf{bYnhqb`kNujUbJbBSbs{=B5OVeRP+kN9fE^Kw5VcgziY+*P2i7zsj%>gnNY z#xRE>pLm&*0j;S->9>r!tC6M7Gcq9_wR=#ub1y(+aphgL7}Q?>Jm}=0v7B36%BrX% ze0+U2=dKd)+hak?jJd2a;_AU`@Vqoy{=$c5I>uvn>KV-d4zh(?u^iXkOe~7)IBh+; z9Ia^GU8k?c%}^!WPO!Um#aDiO_444{)U2BTBHdfr#y8-)5dn*52a)8;JQ-eY^4QL2 zv+Ryu68s0AS_u0shx7H?IT18o&&j-6HPGG-G=_GQNFoaAQ*KGhEJvF2xM!*WjU^5A zO;oRMvu4}zv>Z9upQgM)cR|WP{-X{H;m?zSP;|!*@oMBA-KCjohG_;UBD$NTLS$tL?Y^sU{@d&@%3mM}!um zL$$2v(rIMq)<)ye#^+z4jbY|J( zKRd5jQGTu68#(-JPl%dMXVa-Bkz)Arc6nKH)B*Uvo}(=_NtwbTLH8N%wC_5 z(EfJ(nsyW@P9KaCDq&PbM_46xV`H2e&qjzHM=w9-Jg^jZ z-gyKAzfRpHz%0LqwIwQJM68ysFQuHYUM8YU#Eu=mKpq*put=?T;J?POlR>eyS8=z# z(^F7DTudfrp-zS%MOYS~%tSq72GlNf>~iNz3Dq_zl;!*=TYDmshmvq^;{@xP?(rJQ zN|?yqN)QFmh^%Ghv+%THZEuyUCLE}?GYPoQgs1IGIveg|tEfm67L=b=--*B?it4Yi zcGG#J_I-Joq`4IAcONPXK2Mm5{YvY;bbDPqxtdiEQUBQJSxa)8zLo0(}fvIoKX zeiOyL*GY$;YUd2Ag06S1L*t!y7~Mr|RrW{-;NJO&cxwoN>2+}IU_y7(ZN4ViS0Pg< zN0(pVrA>7*DW>hh0K`qkx*#YGe}8b9b;ie^f<^R1iNlvj1U1xJDMrPtG(&|t*{y)l@&1joiieF+y{2@eG#^Jv zm?HV}?VbcUx~P5>uTMXdoHzw%pMP`HnGCd=+n?|2H#M$0H~PEtla{+#Ft_uxVP#3% z(Z_`Sj8*fzh_1?uHP5TgRG@qjh&8wA4yRiWPn2qG_ zPFhTpy0K}&f0_^1`m{&&#CmqsuJ|(C1jZL|w?8}y2KgTiSF(!KhaJS$)6OZW?H4EV z)+I?m79Z-gYNP}Mv#OIG+BYmK#pXFJZHWn=#=e$bCeqeuV#Nni2yxK>ujPQ)4N3fN zAwdVL1yY-K&9E(1`Y?m+9nve>)-Q2lkwY7XpM?COL4t@L8 zm}m^o^w@GX4BXWGe zxr{j9sMQ6ZSC3yIGS%cl3r5<~eR6746O*bTJ$XjJp;`X3O=!_L)Kh=Y;v+$8a}1g( znf1|E%T5i^;+Q`S2nZI640Js$qJGs{R3_1-x;f|$BgQK9YqI9qi-F$>ac0HcG?a>;)!RS@-1}Zs1^gCNC5Cjx?XGlJnM7%kdg2)7&lNE+ui zlWyOdgg^I_rHqo+W|g0(MZ=<*k8i9hAF#pmLELX7f`4ld99ME&~^ zZXoD<45VDm+4j}hkS;cddxL8}SUnGt%0@T*v)bew!wl)|2jS4G4ZbBwU#4J~7ckk_|X@ z8UJIe%ZcjsxYSkvC`c zq7+6tRO11fwFUab>x9I9Ao?`vlQ5@5teL*`4aEH$dKh+i!)$xmf%R-sX+4;Jz;Nvv z^=7MH>34eAnda! z0m@d)2G2Z?CmPi)lBr0v0juaCSz|mwfOpw#C*}KQ)DE_?OFXOJZ<40G$ASWv?k8U##>m1{H|OM0Zv z2e$6>0Y2Ex84IYPUI(4MpSu1tW;AM>D;Uq0*(%CR?8Dt(D^PcZUv#}al)2d%4Y+)M zf^UsKV|m#kb-5k3q4hNKQG3wU>?zQN5W(+G1<6g9GWM`T(NhtXj zKl<}^ocP~H;mGoJcPDq9rLT$r>#e790GRRnD-YW|u;a%2oGMLxh)Z^eRFzhInelmZ zq!j{`VOxrz>u5y#q%PLMS$s!%LtSgCbdRstI5#ZO-4d1Y5osHq?UvXcTK0Lf&GQv9 z#bz$=9lO=~)BP2B3aLR|Hzgb+wZqtA<8A=n^;Xz%KwgE-sG7L3P=-*6Fb3HU9_sDF(5$tO9$WaP@0 zUvkW=iG$v7u*4#}XK&txYvFeBn<>24x$1|h>6H1~16Gf{HIBlV+o}j-DhU4ZOm?zh zcVfYt2iAFu;rZ3c@TqP+gLEo>+A=EkdKh&~wRKIBfP@S3=^35pB)PkQ zsjpLcsae$^hnZB*C{Nce>gA1f67xknAceL;e=(RexyGm z&a=1lAFa3i(%ek^<=aR27>YaK@`PFZx*r|xeyq-s+Cz8tOb;0DT5`${b(57nF@fvo z$Iy4lWq#c0NS5}>LhnO2M z+#M9O8Am?aLVx;9J{o7REFpeL5Q}7~G4-@d4Sq&67r)e>joqz2YmWaG71voLKlRjD zm)m4lo*sLR6>_ID_x0p@bw)O%cp0(PcG&{SMFSE1+B*1?4OX=5Ww}k&9nV1U`@xQ< zV&tO<&nNo+A2H~{V5(6vE|c+x8*zv2OCK$`90t=5rBpvIy=R1%KO}>41eusk<}|4f zNhXQOwrWPvELiJM;gxx7>oqnIi~EJjb(Mjb9hZ(f7~IQ#AyvbP-^BBrh91KJllg>P z&B)znxoY8U<>fimhuqyI7BrV~nwFJ@Mjy9?;3*;`JC`OLt8<$)m4k^aru)@9W6=ujNBD$U5dwP>;WvOi8zBSe4r;|bcWdhuzXlM>`t zCB>{Lu2X);v2{}iWxbZR6%`>W3JP?{u zU*h}`E5EtQ^qMAy82w1{il=F(y8QZ_u>umZYR7s)Q3`JpE`74q%e_5cyjtg(95jw9*u zv}CA>%7UBvaSjI3Y(N1c1vM<+Up#C8KT-@t8l&RbiF5%5LnMAk!q1n2KoX?r`_k}W z{+$QTpmCESxZeCLU!R7!`>WX9p*uq5spTH^DNSH20iEe7v+9)QuB+$meS-k}6&Ovc z51fMz?6^$Z?F0HWfFqtm(s-WR9!9Jrs`dD`wJPP7@>yBqKD$gR$HT1I%74Pw_svGG zX14Yzz1UTm?8NN@my>i#PLeIC5^*;LQFLj5cBSAd97@$Cw8?%k2U0T?})RU$Zng&=@XW&rjJIp ziu(|QwhYTfKHutG8@u~_<_xg>7}hxf)7v}btfV^EX{}CwNRuWPeGrh7G6hp~7lX!Y zheuaU+1!-_{xBsuNbOLsXOw-L); z^3o0$+uj)SH(YQyJg{&7hXX{8HPS3N4conU;;$+ zq(YT%{)35tFA6!pzoSei>)iR|E}c* zy}D8$v?`3~Btu2Tn)p|#tp9r->IdhRpV{tk-?A+wDFkI7iZl)Z_Rh~yrlo zyI}*5P^d(MkqdJ`zT7+9Vp<#|VSqo}8QfA+#nBSdb;?-TvVf)inU@dDc9dKRDGebd zmZBVDo~Wp^v&{M3b&2%W<}<*X5$<(qGYIjr55-AFm76u~Kg=(KDnB}ri5ny*?576Y z$tg?kF6%+I|E8f?A42`&R@XUBWxl8GILK(*9fPRddaX_dSUC<^!N}NRC0Mj-Y;qzU zL@K2JqI=0;ygfZH6g%wt*Jp^o|JrFtm)UIUmizv{XnfRCH<);p(sBQ)(Dc81@qc)i zG^HUAhYt)~82;LS{LjDI?EH3jhY|e4+I1#; zwqfc?6*!~KYH^MH=jQ*C{fmJJBJo>?$3v{K;9n*6{ZD89cPs0mXgZybp@&xKbZ?m= z-(gX(x(pXEx>CHUH|11dI`B zT3r8txjzotrC3z~eOxbk6Tw3ZkdcL&E{AB^nWgAxgtrhbE zo#=1leM5aeJ#w1ficX(f=%X*JNpBO92QUfUuGqgC z#J^HiUwCTp#{-U8-^z#w{xtUgN1vXi!TqZ){*`P{WcuLJz`N3-ynPbMI%9Xy3v1>T z-=s62u)(G@HRp|LNs;RV23fP)^^bygMYj0%HZ{}qg*@a9`+(^RdfR-04{Br(@Gejn z-v0)3=AX9%A4qfw{<7J54ccGK`#f0>5fOR+upRx|N1Hx`!fO~P2REp1W}_HU0`J~7 zVae=}hw1HrtDzn}-N@VC1J?RC?W6DBPxG{S?k5BX3XgK&{_7C_MIHWTpCI7}30IwD z&A(MgG+1np{<EzwS|A1fZweJTb4tIqWgNWqju8H+s`Xmg%F!Uslx+EKwHYZ5YHh z0R6W0{echRI24`&hxj3AH8X>~%t-Q$8$&3TETei8np{u*s;sDV zXkb(apM#r`i%go8{u^85FOx6Hs;cpq=;LYSz<=W!Y{C_iPaz#af$2;CA6h~he5LNP z>TmgfSZc7-5V}=u%mdO9CspFFjKRNlIJ8qXh)toDgXCZT`Zw})b+$38a|?aQ#G3Fn zBl`)$5Xu@n4$L<;(G4#a#74S`UOqRk^EQQ&Wojkgv_x{de6xAL2b%|t?bq$DH!FlM z^mOHwxIGRio!_%R|Bc!JC)TL}1S!*DU+w;UTi<*`NGG(X(z;GV{^(m!zfFBq-;=GE z#d;(17QX513)c2zY)CWn(zhQ${NND{Tx2ShYnuK_DE`%afDPk({I`xxdboc)G5iOK zL>J?STz$K-mho|Sk!j`C4||)P;0Lc=A>5l8QEec>o;oE&H<`wCeg8MLpt%8w22%E0 zL3GjH*zzfm`41!gp9$3IhQBg)dArDd0W+y_*c-XZRC?*#zpYp2kRzb>&ER(sZ_>OU zKOpM*n7-nTDZlMx)|o)xiFiia^6Gl?KZE*LQTRUsKvC+0I|AnX{ry(X-`Mxlm@^3; z58QtZFa9r+oLmTLmVgE_nsCp)AzG69m;e7l1J^?_Wb0~^={4#t`lB)ye4cT3u-=oH ziF}Y3;$9DNQv8IeJJ+tKcmoE7jhA6=PWi}eNio&>j`E~PrdV{hToa#DE-*H1YH@r| zie9!}hKuzjoehKcXa^z|65B$@ozgx28FOZlfrE96ClCd%C=CF#1 z>+|V9@GW+4cLNT3B{Q?!a!9$M{G+ig1%1Ngyo?u@YKxJ`MQd!>+dkp!B3PI9bs@-2 z603fjA&}nHvseIxhubl$_utK8Mj+e3cONzhz}cILN&!%Lm(+qdT|LjR*ZgJhT72Ha zK#K%@<{jk#My1aIH!7)^^}(j4sA)V zt4i-Qj)3WNO>C?fq#eLiC)BJKG~cbHmXh~&^K6hUdh#fBY~i~`a{0+%izihyLQ!V1 zGPB*U+zFFbaVmxXNhT=jeRkc~9$(Of0|V#nJ`?TK>9@UStBRMeoHhj-~=L1YGJNjaZN z^<1nYZxfUWu5v)PW;sH8JX&7I9Zr58?t6Xqr88Sl64FGh!9E>D}UU%K9fPmucVajzLcD4?8XQsqJ zhmGD;+)}$v7>^UKQ$~~$K@0&G-`n~+dv<>GG*IJv2jnWfr8`&sZ4VakXtfAsC;# zesxmr0h9##3zWmwcbxB}r6J~M6P50jvkkKB;O{2Nl@q(Q$PMheq%ZA&07GkBx%L*} z*EZkg1&VlVA{DOEI4t)1UR#KPoQw`_ZTi2k_MUVLS~Fj9^Zb5Gmx~Uu*WRDn#C|oH zFde(cb*K@u&v_b_XS4#S6EAM3C);V`?Rg7a z%fqEyJHTW2JU%|z0He)31N^S49EteLy~D`#i~(HLq3}EH_t!nr_em-m8d0svZ7v_{6EKu zd?N!T9e0SCt!b^i1&xi}X-k4;5F?tMcgj zL>Gx1(BJ{FNbNkRu{5cs5PG;M03fk$4^cFnp>+(D!{e$}_I3YT{G z>Gqio3pR8Bz_ti!n3qOL_NIGUQ%gxKvx>Z9xPq9 z5QU|kc(x`bOvMwN^!uR59~q@rJSLS{7#jxP>eC;KuRKe-DcmRx4AQ*~yKX4lEJSC# zb*N`nLj%4sUj9HAAMbC3s;NIqf+B)pa8UZ@8@AwhR}umv42>VRv-pTsVRi;2HVQ4V zYlI|`qU+%G9kJcbgZcjW$(FY36B9PGz5g@aR=9jc4S4`2e}S%{BzAM(?c z%F=m1FYq(bmbj_|1OK`O_vM`h-A##T|3lf`i}lTCNdVtsJwIt%oqX|9*S>$BdA_ci zCe@~Y+B%83d>JjE#E^TMVBleN0933=bRpvkg=MWh(stst%q1M9v%{j#k^9}@JVeOl z39F^_Y>qQ=P7`vxsxu&kc5ll!7*i+0nFrwh#OPuqLyjzt5fbLA3NCYruZF8wMuXv_ z+&P22rsDL19)Gpr;f;GG@5^9V)D;LA33HuwjagjsJv>PTW!y&TYl#1;be$v)6I5Sn z2^tMUu#6X`ohkQN`RaUtMkkKghsX!(g4k+m=?RZ~yc~?eyBuYSf%PC>(BWlc^|D$1 z@lNri%h|gYo~U3h($y-`JM3X?l4S1JPvCi@r5s6OZ==MQsqmZ(tNvi?vwm8An@U8@ z+lmr$gM>>XO?k;_(5h&l*?p^e=3$#``;6 zc?q;~4g5&zRjV&Rzmga9qmEev1H%490vy$jvn%t_J|>=w+q%KVAIU5PVfo@1(Qw98 zYt2JS9pdd3)qkS4+L8>dhMbKx#zEkW3dT;h)8D?ZMhjVN_H2arvlRFiM=#5gJG33a zLzu{$8Kblic}fVnz2T2uOChAVw>NG) zI1xpHE1~n0y%yuBaOUk}%*5n%$|wS6vE<_J|zq07-k8`n;;a=R86{66DqUVMX6pwG?(R}#&4?1bvDq|4l6 zH%mM5e7AN1B?cu(r^;M}qc{$5R|Kj4PVqmQy6UNLk};um`;Ns`c`1AIwYAn6QXWY$ zMr>_vI=5>B?_T`F^7v#3Pz0C=^K}jmIU2W=aZq@xnIF{N(UCZ~;l;1<Xd?-pVk z=`1x_kaV{J+yPtRA_Ojuvs_W#x*}THt=BPd!`~k%Z>8_RCns%370RYoQSW_Xu6um| z4H77n&B5kKF;C+ngIZ9M4F?#BL(yuf;#8JKOl7-;}kW%c9no^enDlgwC|&SyVwJ(#qz*~ z``|DRU{;v*pYNlZgpj|8JYFAVK4BuAY@F;{369jJh{ffNIMunbJM2TRE+zOs4_u16 zZ0pXwpl!3(X4vl7*-H^zAPhwVWCOc#YgpzzrNu|=6neL@0*s3S$Li&*X+c5p0b1o2`7aL9K_S3gu8zF^R}PSGmb|Iz5sh7J;|v|PPv0ImL(RG zP{peu`G^PK{XWKV_1LpLw%jIMO&XZqRQsD7?9Kz4u6*_959xkSaE^Pi0h@{WkPS$O zm3M`4ZG|$lvZ4^93^^TyaxGfg0ku3NX;WK-;P|`886r}f9g8_U<_>9!R?+Ml%I*{CeA`)Lt!}^?@<9A+ zVle%}sEGw%((j)MTrVQI^x}!7EKLF$YJU3e%(gZMm<}@4LH2~YkBX>Es3CH>(c~a(M00DyH z<8#eTU3{wj0njtcWN~)Zrm(-pCt%9PAhN^}g6gs)C1w|a*3~hKncs|$kzJXj5&o{P zzdKDvq>z$+900B`2)io)eF9PGLq3hKTxe@{uAQ0A%g zsWBQV;N;%aEW+s?f*Ta(L~Z~Rzp=|u@@7I6SVLWQ+G zd1hxLKJrE%qS)~gU^z$|yV{D;?NS7*?g^WZc|E=S#?NJQj9j|5$(2#@YXuO?saBdn z5CU-hU4k)dKkev_pQ6vZ6w0E}wj^r@<;D^_8 z5B_qLKqJ`3J6962UK|QbSczMs9M#qAEqk?5uN&VSx?`s12ff27VHXp_*7)0`6MVC< zO7A^64=34s9!1|NWekV(bg|GI;mj%=7ILF_r6FZ(f9o^c&=hfBG33}lv%0)H9ZzDK zb|0SBXT8m6Y`h?GI|5q1Rw$xjo-oT`(L#|Xu?gYWBp;-I+hS?i~5&x5d1U5!>MgwLDCQhlVi;{$#S@DA3J z1ENPYRg5*5hG;(!#KmHnmY8j?ui(gV$(B875_rpg-8Q%W&Pe7$ zAU~?3zuUlC&sO}>tuB-Jz$gkA37TesnE1lB(Q1@rnQ1g&B0tAv>!j>%#~gW`2+Kp3Va(TjM z%8nYZENzKjLxjfk>ar?~5Jsu| zi(;4R3zDm2>u`Kc;2r_nw=b5O*ShqcJ=dl_`xXW%PcO}aFYI+M3bb=rST2oWSvfZb ziA8x!5a-PKo5gj&pO2lU<@6XKMMk-*|=+#}-*#~+-jl{$S)K&Rg!iwX_VvgLAa3mJ2LGY|l)>hT)Q92f>UaF%!t(r8^o zVQgTdvHB1Fw*DU-xN9+&O1r}6ktmhBj0eVPSpLtp#Fmxpce*#59Cr^wmwinHGmrJ) z+67q9(3l>6vC>qu)>p@S3(W>@)T3BKRN)4Ttm~e+^Kl^zcB4xzw|v&Co1rz19d({x zJ>XnaHcSWgJtLnHDe}vCC#%H4WySI+QqMRreKvsdv7C#mbD#%8dWuN>s2&zdUw(0N ziv1$F7R*H_U;MrGN(b8Eq^yvZcAyKYZ{95zme#u!t)|sY_Gxy&<+@MmF8E}KA~i%e zM9Xi$TB`p9IA&5}$*<-`xcXX)S^h__%0i1yPn{O@fbtsZO<<1CVsg5R2ajEM#PP1k4y=x)X$hF|rakPRZsx+fE#{`<*4*=&bN|xKx{F zO$@4{gAE4VIe?Gz!1hg6PdQqIo5Nq6pOc1kgM}$)j1A7aoIBi+Fdv6mc+WmMSugl| zd!+elCGa=&sbOZ2>n#+2^DxzA=XNAleZ304yLBI^%qn_CFv*SG#c>+50onK!9A7gf zPp-}^`ZO;ZDNaYUH-5)i8>3K3-mW9mv$6Ye}OUaAx~SP`yitFCED(qbJ_J- zPxDAAjA#7m6W=l&f{SzoKc9s41>Zk8{*xOa{})+r85CF8Y>g(6;7)K4?k1_;4DxVyUy5(am7_dy1i%X_|a@2zvbpIx=9cI{pDJl$*c>ecBNQeo~>?}ljU zWlSegr@sacnzDsGp-_*TUZTr{74z-=avQQ*P5ffX8Cn3{`5)P!+O{nBux3osUS*h@ z_zVbC0B?J%(fQpx_MpvFN;CBsRZb0)!FqRp6JMDYDE#q1?5mm*nnnCeQ}YP;c1O*) zm4MC`64`UrD02ywRNvkr+SgifxUT!M`iBsh=zzV7Dr8Y%5O${-4*OpQZkx)u5kE7c zR>-u%H&#i*`HHo7lX&t=+$v-`#$QH_u(4}hs!W84#!A+oas3|RKeb0cUXYhl`BYfh zicQs;-5dcCvWS2m?6H}KW|Xv-BCy_b1b7wZ-P1cxbXsq(>u@vX1#NH8%2>e3gw6Bp~I{Ir-(P2m51>IBgQ0!{IQ0?MPq1sAr zAeTjT4UX<2avcD1b_`J+5X7}QV>uqcnA4wR2jgY02LEauDSJ4||Vy2xY7;z!*|39-Hsatzrr~;Mq;9jfz95@TNXFE9Y?ksp?qI-Q9 z<00!eBIGen#|l%w1IxZ5b9+?vZ=l;)y9L8;9GFj(?scUy=Pvr_1}cyMdiNiXhg}%+z9O_1k*V!t)OH!ptSm+2!kbi{t0>ZfkbZ7Q=UjQ`&Um zmq>_!OP&^t5rCT#6^WYbEVOlG_wN4J2xPHS#__FZL(MJ?GjPCBIc!M|F)oW9wDPc< z`aIql?XZ!q1sXI_FytvKj2hG$+MO+Iaa4jie>Y+DUi$ca>R$Z8TcQ_&ydj*jYm z;I&bS2VQkzow(&x{E_*d+DC%Yp?QHmo1$QbKYv6Jl@60(4qJL0j&rx@S3TXW=-wq=l2}+0Kn3vGdcHFlGrdjA-GkSnFCnhZ@_J;6 zU6Z_txm`t=PNl?t_i&UBx4O?3P4KI(1NS%GE0AYo+8VX_=67O2wJx!wtK(y19sWPt zWmPePU#7ar`3+r8hkC;Z1nX#*(KY9{Y96}MW9WL;$zpfIjZK&jT5|IPl9XgLR7_cM zu6LEa%@=wmzGszJngCX;%a6Cp@f64pPPHkYu4ZBr2-XLA5=j=LUhw+{G;n zc<^`5%-~{9bz$AY?y0HF<@K9Rv^`Ba2CcUXKMGgxx;(u81;Xm(Ja# z{KVq7Y$M$8-wyon&$*gTXGqUCc-EJ5g_se4F3uAMj1n(o$P!MQonALGBI)B(d8kpU zF8d?Hj%a96t7AUkd)+HQ14>D0rsJTL&4lPftrXHcxg^Bs()uBvhPJw@*8;0qA_u<`5C(@|wUyg- z5=^|_g)a(17Oy%(TV(3Qx3-aojuy6(MEvh|-xoNUU!$9CJyL05z|a%0?zO^ps!dvF zC@L$*j8+U{YOhAEue%VBo_CtFjw#L>r6sZ?;S6oRSb)LU8d_PWan+NG5`U~z z96KD|?c3}sJ5FlquTKp-2cw`Xz)5U51(%4kyEAssw5>Rj)*L}-6XO))by!t6Z>^e_ zLUal@(+*#y^gYl~(|ILp-g@>-C7k63S4{I@K*aW7pxJ~S($fJ+Yd*j6ytGfFBv?a!X=PsC_o={(!!m&HcHUkNQJ-%snNFF7y`eQTE39hL>uUiyf{i$DOB&JR zfoBNg7Yq*B)n#@+60~qhTig47lOuPEazmQZwqJ~e32P0<5w7i17(U6-u_V8n=vxml zCmihDK2?Jf;zoN3ThGI@oYv5hfbkcbS}iokHyi4>t#vdLS`qrM4?I5BZHcrgV-pH` zwD6DHMc!3I#=K*Fjna}U#DU6CLp>k1(_MjXvjxLbdZvL_6@aeb7V#IOwKj2DYm`;p ztj%q~dqhx)A2TSHY1pia#6gZ-20J)Ig@v{2-K9u7> z(H(U0X195H5xkhb5OMv$_}t1wxtvKuRZn%|<5dG4+)*?faDJKHnh>c({Rnqoj#P61x`PaL-)0D29yDL3Xxthq zbP=E$|6}W}!M&XOuLcC96=6{Z(JmNP7ggD4Ub|}nv5NmGcR+q;9fAIg(KPa`kgG+gx~?+g8ame>%JiRl)G zOJBIgY#0CYkL+MSIlb$OZWQXpm;8#Oo2v;gyw>kkw&FT|G{Sy+oXv%SolyjFjasR?fMUF#rMEh(WXC_S7KtSin9@ESl+9>e73{cN-dzx7T|lzbEkb)A5s#dL}!BoUEvUKr{q^tql2IqTm+E zm(b8ZwMWLK{qr$7+r#f(5Q5k2uZ^|JO|-wAz_si@V-lEdm0&81ZzH8E1MS6-_G#ga z%gl+&q@6DN!U$W{fkK?UkrCZBNfj5=j zm#fYf=%eKtdpTrV-QI*slV?#q5b{w?VVu%&IIVPN@P+jP8&fI;!Blkq?_JxFs@hNR z!Y`jDB7&V_?zhPFhc@(98K00x4rGGb&YZqbM|{D+j7{R5=v8h-69dfVUoE0_Kqhj# ztDnywDn0xa5TzwrI+kLGajtjRj16SFZf;Isjjys2jHj0bX8CE%Y44YT!@17230Dgr zIn4|$EAW0SkHq_Jvgrx4B+;}zhSfbyumx5u(8)zZ38AkeCztsmT|5S*4O<_0RQbNq zQa@BKlt_K#L9UWW#rrr;dk{Kr8sdpbAB_Z4=+com(JVCHh&lz!+Vt}m0;>kS8nYjX zEh=AawOHL`Vd8yHj6iK*!O2>;c_jfVXy;;XJ)?s{)&p9xy`V&)zv-%#3~(E)DyYlAuw-G zW=I=CRi64=@B>^VqYlNZqjqalb)l;mjD(~AelCRAyw>%_z4CVy!*>>h#Ft(WjY4k> z?*yoiPQimand0qGse^iHErutQib;8@ZyPh(Ria8_SDRpbX+CEG(?)pS9R2Eq8WH4C)u13rZL1cUkc!ab?s)Xdx9Z>(4B; z`b;~&$PeKOabQCQF0f?kG0`BKzkZ@z+` zp=DcpM{pvn0;Gh{e46qPg^7>HIopW_>VNhn1Rvd^dq8(8MSncO6+}@EkCR#*&?)Lu z{**WsOX{B^RbqaQc*K3MTW4l)J7)1*DHQbo`HcHnY{j(RnU#-*6z7oLKno2uwAd_` zp29kwPU7P+RtCODWm2wwbau4SOIcA(Q=EJ`9k|Kwltq40^&H{R@RYer|)0 z`VpKO(hk(kgb&oe9AXfIo9mHa8#zh|G^X(LZpv_ z&8UKJd7}6yKH7JP12R>pt2;_JXnIao2j*9rI|%rPVJ&f$Zt%AhM@>rn-;SKbSZlt97Zd8J!972o3XqR04k}=1aCYlf>;2&&!y0oV7B&2O5zVKa z+zDpTG6G|2%HAd2N~*&(ioy*Ct% zsZ4!e)>cBxl1%#v9%@^eza0=7O!EBl!cHqpjQnh~HLDT#c!hO3N-VX^$zYkiiAEI5 z933mYt0y(k9{vaNTKgrlMK$O&O8$_^;tNuNOGh+ZS)S|{&NX>Qq7!R6%k%vYClrMB zRvfh#eAgsoQhi%p-PjPbLcUnuNOdB%u#!1gBx3j>!5q-{sT8gCTqTCcJaN@6?JvIUm}hv4pkN zL1+s#;{CJ`djwaRXQjwRy5cN z>U%Zu?CS_DB_B6e(>+W0=$8#Kigo3F()U$*_?bgo6*1nAG;jC1_&Vuj1HF)xlwfcp zkp-PQ-7*UJSLld|Zn#p7L7i1)n2}~IA?o`j1-iOm)qT1`G?GM+n}jUi0f9NUS2>YV zih7jni&!xbnewJy&oqB0PrPmX_+zod!e+ezDURhXr2Bz9J7??ejjVl-}8c?hH? zD6X17)mO+uFfG)l?l66t!}cR1k$c6Wps3Wf6s>Pr#=u%?K`V2X2OQuowH^3;dq=_O z4!&P;LNf#dS>%~1(@3g>mrANheED%6Rn>`y&>~_lgGG|aR&8y!_RhwjOt>rR@IB@2 zq~cP;_nY@Pr_B3420cBa+ORpFPax2hpqid4WT+?Len|456-|GBVgd9Nfb=D~@o&%( zr8M%1(wGaQ#sMLtNW~fl*@}ioUwbF9xf@9@W4lT%Z|Mi~s;19RZ5hZuf@fR*UguJi zkRN;Uz5ijp=6=`goF@z1w{3CyeI$>Rt|Z^;iLIhjm6oen|1O!)mfM3P<1R~EmbJD2 zn1p!uDRhqRXVv$lAI7TFg8iT8U5aX~hI2VaOiwojPWjVfXNFDbO2`5dQUo$r0dR*u zO?Bc!ub-QFOg+*Td%4+Q6#Q**wwbk++#j%nmz~jAFD7~r$CXm*$`ng>U(|KJroM3W zB$UpVSt%;bMOeW)<|s*B(|Pl&y0{zkjKg;M*-U)kXY=C!`g`jRw@t4zeW*d+amJQz z*Z%*{djFjQ1O30ll$jT^dkD0)QgSgMWuy$rKU0Mn)H_p-<5)d_&iE<7&zH?cfvkBV zAA_6YrBSbce{S)2B{#AqR7`at-FTA0t+PzjP}ZQ&zVUso)k{)AuHVGCf4uKmDL^lK zRL!g+{IT$b9@*R&!o$HH=($bk<4Eu9lCkjhq)*G|qItMwwx6t?@*oaYRKns+mBPdl zrO%hifClcuzjup54eLLNdNej5-pIyC_3-!S7=75Re4*;Lx`JkwT(MEs z!G^YdS2*_r{&syrx=;2y=FpB0Ap##eO&=C(IZ09ux#oWsH(rhu=Ju|Pv3_vImbgV5 z**9=za?WR%0sqf33&avJT!n`={8wto_AQxi1YfH=m&{49=c5$B}sd zlOetHCnBfALy|TtL3}?f%I>dp&22nLI-*Zg>5g#SK9pntuD)AsJ|CvwW=zVpv9sVB zTW1)a3Fq)%8nAUD{6Jpk)VL1w7IvC)(O*{t&$n59?5?RXz25w2gD<}h4-LiIKEfM= zF*D#NhK#v{#ZuKNUQRzh??MH?uxXV#6;+?^dGW6(C2b(Q%XL0^c=oNON~E`;5Hk^M zZxFC+sRHYZr)%tQX8!(*X=i&(Q}RBNgdA4KZIZzg)Y{)?F+#cA?v5`+#7d9RRP3qX zRw&3PamRtX^>)PH%3BGz61&_AnVcsx*=)30zqqs9{`i|u5Jt$Tq?IZ%wMlY-LbN}{ z%;)!^+Q);`Ubp0c^tY!WVtaW^Yv7zZ+bzP7GAm*9@>Pk^WE7CFt2DPa1C4o&x|Q#x zSN_?9btNd4xj!uMmDD1mZ0ZzOJUoIvHc5o69M zQxHej(BdkBwjy2M_xwgi{gCy7A?Q#4y0Io)Q)%`lAVztjbqha05qNze`+jnWld?2Q zbMmeDQevCt97s}|Gn{qqA2C{%Aio$Hm6CZgHP#W%9vvMAYbKf<)*Kusk!Xcp> zWF!JC^2NqvL!r5~-Y(ghawJGjNCZh`x<@e&BSG=_#kmRMBpk7N-<{w=I<~7A2^et# zWG3=A7S^dy)t%`FBdWs29@8#fn^6HJrzV8Z&!Z|L(Hhed)uwn_*1XbZoiHco{NMrmltbH0ZC`@<{OzxL!%m$}` z7imr|w|W|IdaWg*3PFqeU+yQEt|!TJ3hk%G6UmjlXj>)p#%dAW`zMiz42q|H89pVz zCtKF*iWx-TGcQ&Td{^=(O+x2E_uK(s{6jBh%S$b@2UG9ok7nAtCOF1-;nWU5^X`Td zNoV1#MOIaE{akh{$Zc~-ThjG$_{FAqdtE92_hR~SZfTZlo+@nZV)DgyMWBd?5!JkkrHRrf>Up_GL$03HE8U;VUgjJ-aklmk ztp68w>*@ab(RdH#Xyb@BHp;UZ=0S8k!}F6`40DNzN$4LuI~xg=z2B8eWJkZ&7GaS| z^%%m1qL@y{=om=p;5np+!T_uM#TB42k3XxT{|61e&LJfJ8t&V8y%V>2iWAw4T)1+q zI-TFIv=}WdFjf=hu%tVKb(UFg{5rQ@i`#MxLnjFGfT-7SGpSEU+iO{BbI5h8{*t}CVs73BcPCv`hDoYzV%2ndZ;QR zG3GYQ@uNObN%r}U-e=P6(!ph3QAO>RDFgrRXFJUp93|jQ z-F#kSW2!s~>SPlkzlm%G=+&Kdt$|_*Pm_Iz|JzvK;oDM>D^+ynI z*w8#{chExidKha3%D2>*r5j6RxK?D_7T_AKjH9qQ)#J)vG*d1EDxAX|*fhHyQuX8n zi*!!@4mw(Ff1yd)2bbU)b3M*)mXFuK_rAH^LF4|T_h`|gr_!B38vgXo7h` z)^2Pf85;U+Z`}v}IJVEdO48*iYY?A>u-GbjhZR97C6|Jx-TXEqwDeBf@lwZoJ@Hu@Pv5ru9-&o>_I8=0KX7r5E}nNmwR|oe za}>a?m@h6zvf_Fg_pVA-;yOB`@#aQl8ar~pGepthpD^M0DiAr&Sx@g5FAQ;=n~cl^ zGXhlg2ndOb#qu*fxG0Mo5C`Udv2k*ThPQLhsNsX5jLA^k*#(te`LnP|>S)M|{YFgj zjxOe3>mSpB`5s%LYaUQ#P9)1qvT7IS#x9{43r2-rGItf%V#95Dn#R;vk)#+|QDYch zUfOxXdz8NMVccF!;o0whML$ijNgsY=bM!mhC7k@J7KzI*go=8AY5uO3NM$b!Z)eo~ z;(0qn213tS4zXvR8$DEh`13y)oBsrxGv5sO!tZ|GOy46}b53l=;JpG@avtaUCl+2q zR&vbk>i=Y93|;U1;N;;6s}`VK^&mIg!wDkdd(4KOE>tZ{CQ(dwX(Tl!84tBsIFrc@2IF z55J_N-0LjnyCBk=U_MbDrW6OXO?Uo|sq`!Emd{my$>mLz^RfI7U zsdCQyoWGin-Mrb&`}lRr9KkeYruL~?vbIZas{L+E(yY&kb1$8$=0PjZMrM$@Vb8@AJ4*?ck43+)>v^zE2Albl6d^G@15yRPm#`$n1f^k(!CbcYkdWAE;m2EZOhDBdt33nOJ~06euV8>+)ehBva}ok zogsGD%WSa6wSTvuo&Brl^J)AiDk~b#bfe!_CTPymo+~c%`MG6C<|BL)<3IR7Q}fa} z0$u^v&aS3HZ2;DBGg*RLsg=zT%ctGyCPiW2Kf*^pBA@$BFBcCd;m?L&JXrJ5@GMia z;g%A!mX=alqX3dG&>@9QQGOnRaixp5jn0<1u$|KVk_^rt0dX4eDyf=nAR#}@?3XJV z!A@?h-qCVBH%l_VM-j5kr2ItK;#p7D#`@wNPFIrb!BIXSP>$OFk;_3T)Xv1?vbi}-UK#g1FkboH?{HR?-5bP+3Uh!q{0w;mFb9joQI!%w)q7&e1aYQ;g0NA4;P#0A(LQGir#9d zNJmPbim7U^;=jJh6^1NliFH~ufa`Th1XI3vt3>L+C-CxqtwMr?Y~VM^QN~L zwLh+v$@8mQn0Jo|9N2mVt8OcfC=HHedEdQUDJASE?B>wa22fhtVHDPer#>!9nW9qu zf8Vf*1QXS7>TS(jr7Js-jUKx>upr!LueTihrX=jY7X9|{^ii;Thv~LhmHqAz5^3h` zjhA0N2(Dvzv+K8Lo_{2ya$XbRt-B@bPK`v5(;bYiF5W~6R$&$eVG!YkhznM$6KQsM z3kWC<5En^V8sDLq|4BQ!wLw}h;5zsyVWY+wR~KrH&?m^e$!`QvN3&)=qADVOW;ik1 zh*-TG+AFMg2+HTp*TCk|y=bJ9Wt8+X!%i=1bu{?#waG>+P?Be2;JBZTNs4V%^pmql z?`i>|il%(6FaDl`u_KJXz+m&uS{{!hbiCb zh!+eROaQE>uz>LFa)KYaWJ~|}ehx?HD5kp(Vg$rWx;v@N1s*w={|ZlYD&cILy$e@D z0}C*O6;8bx^mSC7C;rQ^A!|-meyCj^RkLxtzH^EquKgOL2Nw1{{s-uI*!O#mH9q#2 z9GYh&Hn%4OZQK@qt&Exq@Ev?)pPT1l4|VHGl2Yjf$o;)*;BycrvjP z($1tiX{W8BE-G z)@1q!u$t?m+Xs;fNHXUkg;&RTfdN)c6B(yZyn68a0q5tU<|zaf??dkmrXSS@+WXcb z#B~R9jsk)Hc9kdx7n)&Xywh(-(S_4sX{gGEIzucYY ztI)xUDZDN*<0z7&i@z{KZTB|}-u|Y~`h~VI@g}nS0X;_nB;c(KShLU$sqa7zdC!FxWE^5wmDZ9o*%5?byLu?^X<9oIA51RR#U)B_zz|PF0e~ zZEsIu-{LK%8~5KA98!!*3nmIm)9|Tlv^Pv-&C}(h<$w;F6m~{ht~t>*?G4LlEqZTr z==lkJ#$#xh)VAC_JP&OpU0r!WzMIGp)j0q9znW7$=79mPC0>j55BuT+&-J~o5OVRz z%|rWQ6iq)KVg5A!vjYQV3Kq7=ob5{A`sl9-X5*sIk>Xpn<7AD4`1u8H^^D|q*#Fh+ z3iS7ekv^aIleXB;6b`?$OnrLMzuQa!AMADB?}@~2CmEa4{WYCY@^4#}UNYpb;8x)B zP=G6|FNOt#e)hQN%m>;Sk?I+P4LL-ZZ5fPF)>Xc%qsXFGLis#tNF-U3{{EF@m)8c( zOMI@E$}326odMQmU`N-PvKLb%N>pE(Hmj)U-W*_~@=6I$6bt{sH)ku<=xas6`y zGx+ecvCdjDR*8 z1&#!t7Z#Qy>U8&0y2ka+C-<;)t1?-@kAp=YDWm4+arUh^Qrco}m zz@0Id*PXhSq>UO0_dmIDl>K?h&8d5~8b_C|IgPR4Jj$}h7q^rJP51Ye7|XMa zx^U$Jj}n+i=LCa=J^2bxt#TR=BLa;I(l1JlYW&f)M}0BLhf2}5o8y*}Yiz zOy9-~9*Z-YaC&Hk9pw#*mU5N;*bU-B*%lT-9L}Xnh%@Oob5l&WbHT_v`Q0reHA?9d z#@{{=K0U8D;@AU@tW@yl?B1>WtFPXCFQFh0KGnUB*61xBJ!A1S^cU0OMpqtWb1j&9J~HgTD^z& zf>MV|O(vkO_53=+iji|M+^Z+}y2;d9;K>;tY`*kW-A59+$bmrr(bI2=JMZ&`iheAk zCBee4r&yEOyc$chaj1~55M33+0O@|Yi2gJ%UD$NIK0v76pv0`DI(@Gkyb$_7d)e=` zMGjpc5rFYgjFE389Q8`EprYz?7MItZ>NT7D!ivYP0ITei=T%DkW&MtJgUf_GzinIF zQ6aTwi><9KVu~Yxn%-cLEGaR=^(ri`9)RCLF8<%lh#W#{YTEamlE7vn)D)B>4$g-I zKq9@JE`NF`lkGF+A&8E2gY?GTh&tP0H%R~kh(r7J7=Vjo`DCCBo{e}<|ibZF{g z)~+X#p?ndgdNyaOAt_}>>fyZBP6RZk}PGSw5nB8L%^;_#Z3Xl5zRC&nh*fj8yb2iM>UB9YbDw=Tv{ zRX(wZaxo+4Yf%@M7uC<3AD_MIv4e=%~_|jPu)DW7iN2=lmuI{f3hXfy?(95JGrt?A9wA_t z7D_jtT9i?vJyqY%{^t5$ic}>A;ip5y=Uab$f|(+8{{!ad=PZ{3+4+!D^b$)kSZ6nP z&E=lKUQ!BGi}bPCvS(pMVJpIEK|$Rr2_=RLUO|O2x`k61UULb1Yno}!(}XPQBhKRl z{pXjda^Gp%S?u+3Hy3Hg5E={2*OMXr{^+osC;zSp-mXT3a#-%sTs!!?o=<|k-Q7JC zWH~>3e4Q%{Z7h*zLUnGORTGO8L?q9=k5C0K*Q~pp69LE08yhjd#ItyXCFN#3h3!a6 zSOei~;jJ=~1W}(+xHfNAo-VJfrM!wGr}D_~WR-Amw?3Qm_n^%2{B5fz0@rcZ^LISg z0`OzysGr`+UwBDnbm069)mO~u{d?myq8U^RBFFQwJID)Jw@HmzM-TVTujf6!tZ}mo zWX^U&AI5ImQBTA*i#cU*hVv--f<4HRfv1OLT|N_}T|SlUi|hZB^jq$&c4!!1Z;EMV zKa2Qajvg}jVh6xZQG-7gIsWtLm7frlW|TiPPHJ~M56RWNvym1LPWGH`?V3-?g+SWx zx9^JHUf%jA)`vKs(iPWuN;Ix5PHaR8OmCpa=)ufCMZmLm{<*ao=ASw#NhaB-Xcwxsxhi zh3+3i<)`%ZkqXM3^FP+alRh`mO$gsS0ZjSUeY)QWl;f)rKmKoa)s8f9>E%y{=R~Ke zyRsh}?ws|MJgYt9zP5`4zPE+n2&s*O@m^0?lt^29QAIF-c+KbXpMT|$6PT9)e&N3% z$>v6IfP(BN(zn~4#fPWxOOZG@b}TQr`6Zp(RVK@2MJ6A}9dy7-Pg7j+fo z06O@s+uI$G4D$_EpMr2RqRgtz7GLmCFFnjwudpWJx6#-XFn&f$ewzKboo$*fX zf!|a-g@vEzGVXQchq}YIOhZIdJB>1J!zjYnU%!8uZTf2seq~cZYQFM*=MJ6U8s#@= z)wDwYjWYH=Xo*b2k;=zLAT~_tr)BB%)y@e5ySxxr>SaEl#O4;DO!xg*O4%0G|IRH0hZGsz zhQ@J9%BeJGD21x_eTi+i3o-uETZlC^oB4`nnt3mg_P{KVP)n8|X?+Di_cEIcK9NufRYWW@pd-G4eeXes$isDrL z=qGk7A!I&KJ;6>Em}?uIDLtomSyeMkD6}*6XsL+AS&#*o6>Q$sNnqV!v!$#7>3usnIYmv(-q3xTL5om27v#Y2Ktj6552hUHgfiLmoW$&+Qp zDG^tM1T06rVb}{&>e)!ZH`~)Q3?mT)?DIqy>Cr-&Psz5c5&ADqu=8Te9C_|=N%#+7 zI{1x4HEh09mh)+6i|PWZyI5YxZaom;`8J2-7?Wk#~(2^z3|89I3fA_#waDGRhHzPas?mKFxQug3gy=omxD~u zQ-Q%c==uChWD)?n1=P#Q?h9oKq(w5qMKYu0s=>JP{08s8M{4JwJ14V^^k{EV?a(0} z2};9#IVaJLS@uW0gR<|l+oAWXAooqc?XZC8=+?5F<*LeOzV!J%{C~qyMyYc>!-2l( z#wzsugvMVykNX7{w$@j$YZ68#W6068EQc)7@$zPYXA}7@jKW2^{I3zj z?wbTA}OD!SKO@czF7YowL(m*OPst6Q2$Cm)xd2%mHdw3y#_V z$9{&@A%ItW`)8MZbv7vSP!sD$D7^Y-!|ZYbxdiNJ!yFqo^!8=ig~u|Q8>x*$58oUg z54FWPe$`CjfCK-xt3>0ct+!`n(nlzOm^p8TCI7E=RH}K3@e{pY*VUEj^Nuw9o1BYjAO#&q!vbsIO?v z+4v_Lq`b1oj}xyz4%JDeGUXk_gOJAiVM=62^F-9=FyF{~775A=>`>R05=OwPP7uTKeRj1w|-f5ej zI$>&9e6STe zHgY+-kHJL6360SFJ>5K7*@@9)K+*L)=jtOlL2$+{`DAjs4ZYvez%x`U5h8AAEEyZ= z)j?6pF-*=-P(n{GL;7FE2t1Tt%?iHK3`{5R^wpBSo z9Y^$fOW@~x!J)qhe8gFuHOEbSOnVy#j0=+RhJFR;`<(WLp`-5Esq9)jbse$^CH{jJCDd)CF+1`|5~aj$Qn-^EIli@*8(sNrHKF2`QmG?#v; zNeETkHcX`ak<}`s>jP73`wImZLU5hvHH!G%CxZ6tFIo24jc^Lwe*La=(YXk7&M_z7eaZ?%#jaoQY}cKsgmijdEw5&5uMLJH)Kq{!~=4 zcB$K(;`~cju+1&*d85BISF@HJt33HLNI@;UVkV{bz(hD!!{wwfAc@10m<6g5xU&|M=0SV!gIx2y{0^Nd1O`DeY1(7X=J2A{UxJF~dI+{Grao6+or_2`; zJ6v$~p`sUmvDH~j?Bq49HSsgp_7Gwu0zal=V+M&4PHHeC^@a@)YM!K;YlwT^fooma zc58UtJl_6pz{fafCgTUAB6kit+`|KAmDF8os`0YMV(1vEMZasE?dC`{Wi%4;FhRHN zO5yO_^?Cv+wfM#(hU=0)cAl1v_rm5n*4}TEL~2SPN5@!-G>pBArj$T~v>$5Y^IbXa zyGP$_2Q7}xq)T}wYS1#0y&QNo1UyMl9(SR9Tzj>wzAk9_#5W{A;uB4UHTXC<{&=@4 zlAS+f+TPF`bv*lE67YasJXo8}C<;s9+ZB6jlSStEt`WBNW{G5U=^lQmL}*Mbh?FQV>Zw?; zM(|pDTf4DiG%Qp}EP;Nn|7r>Y7X_FQx@6NfO|1Go6VR}~?_!VzGBf63@M}h*?eA9N z*X1UhF8-%-7BBreIU=<|n?(?MguTgIq`)Er>^c5C?qI^Qb-at@OY*qfSW;P<<79J? z!kZT`b%MMthf&Mt4zqD9X()FyQ5EhZ(@oI

    pIf<>RBzR+hj`X3H~{k6=Vy`+q2V%dj}QZCf}2f&>c$hlT(lxVr~y5-gD5?lkW1 z?oCK=cXxM};BJjJ1c#;x?jP^o=bZ03``q*1yMNZxU0t3_I6;PCg15DPtynCRuIItdZyAQo3Q)R~LIk-t-CmWbGFt)0IF4pmE zrgT^DZ}y86QKT+Z_U;j#%>NA$4+2njvY~+Kx-#dxkOM zCRw)D6{D<@5k{PSk1u~~m`JN{!jztuBYl#6uZz|HInrqsG@F5b75$MRyD z!Zf2pV(e1b`^Zy6PjGl$Xlp8`kPhFvAbWgxG&%x*%sAAWU>t1#7iOKn>=4w_L>_O# zyl|bAT-XL{b++~x2X-)M`tZ?L_;I?rrq{#DpcR_XA7ldSo^&{leV{OEl@^k zZ*y?@N7AoU*ei|6O?XE2*^?z|0&Lc)T`#%x&HdeE9Uzz%4DFrSZc?6ev|d}7jQuc9 zdMYQcZ!UR(S)dPxUr9POQQ*2Iun8>mwM->vabWL)KS0Z6nL$wEu(foFV#FBs7C;*G z5Ek^JVBplbAeWMQ-urw@+dW2~N#B!I7Gqnzu~%OKUna8hm_1%(n*t}IKhm%&!n0@U zMz>jE|L4dOE$_H%phPAC4Sn*W@9)=_Y_AZ!AO8<38<7j7C;^C|(_l09gd#?2my7FWd zcz+jl6~@6y^vi6kB0g>N>7)0A2+pOup>(d=qp^O7&d7UKSH6v2Dm6U)-SA10y)cQn zy?2Zlhx5p&{66n@H*x!jR!XG(zSC>nM{it~==+U1{*coRU-rk_BLwfdZsS<;1%^B_ zp5M@$LKl5Anff(q&$`i7JHm#FsD1#uj579F(;w`CQHjOnDgTxlsywpg$l1xz8>2WB z*ZQIB!OFFPv;6xh@3XJr6Iri*GyXGCw5vs>vz)MQq}kNM?x#*Eq4H*?ciUH!KAo@r zT7lPCz;?*pvpd$C*y+h?Q&^i4T{Fop{+T`N^3o+cJN#=0H$R_O&;Sgvf3#1yfexr? za_kclJ95Q*CDoNAip|zYZ4#7BSX*6yFCS;+eYT1RteKygbuZtenR!Ru(Wx4fbfGp?$ZlcIEcG+iTEbP&xLd0*L^R6nlWCL|}A{&Geh)nJMr=kI+L) zGS8Ly3b`d(>%F7fAvVQEWt1F=4lh1+K13Yx>c;YPWvf~pS}wH|jDEd;rLebfZAolM z+Yk)iLG7Z5d0f!6lK)NF9*AF7IZS@_&ASoZx_qn%R3cSqkAaX}tCA|xfE7XpbJ%@^ zmVmLMU;mz5UJKqys9+~+Ix^xKIQ9^hG@}T+HerNQUD1*sDGB=25!(9pNjUa4gsDf# zlO{l;Js&DvTP=Mn`2z`cg(5p)i~(OW_lH4%$6G6et53l{7rL`VwPSjN&*@%di4&^uL;adMdfOJDi)uV1wZJ6}GzpHSVK z;pMx1!_vR0;9H5PiN<>;_R2n^hrcZ7W$C@YKmz_r^jC@l!H?uJFh>$CNL^7;MSnOzx_Vcek_A-R z9*ZTS-r-K%aS>>u-sRiz;kWQK?FAU?7*xbE5Fdy4&?*NZXq#rYBA>Tb529Gv!aUqD zzCRt5K7H(Gz|*OmP}KJv#|7s2(&K0e?Z4MIE!kyT3GpT)R3_hOvVheGCdZ=~wxyn~ zJ>9*1bf~^eiFNu-oE^DqbX@YP$qY;wt)yJTM$x`dwG}nZa|}TsTe2sxZA;)O5OoUz z8V&7OUk@9SwCs0TNWDUP3zWycxX5m=epyU=MeY6T?Lf8VjUecc0G;=rjN>!n>XAL2 z%gqdGbhuM3_%G^^DAI8&CvjjuSHg?S)KjDL{Cq3jHt|Px% z56?T_Bk)O=_pC-f>^bT4n}QEc_9Z>F&~v-!E6XE*-z`}WSjc+8iC0@Ur*EJ3gb8h) z8UHa0F_C|2DWI34CVFPtE9!tXxA50*k;B2x<7@DYPNMaebcHD=9~ZMnck~^#P63vr z%GP-PYR8H^qg}nLE$V{FCIJ@HF0o}uP|3~?I~m3yn*dMevn@AfX4HVGi0L) zaThLbo`b<1>B^Y$UQnXiz``v`!bbNoyZV8+$s6z&qf3;B#iNrQ$XrAX@=pEy4F@0$ zpDAU!`fk^^mxAvXo*5QE>fSqW7urn7V~`xZq*5PX9;*CEe}D7v?Rt&H1YZS)1D5Wr zCdlk$eI2_%9C<6+IRAq9?%Yw|)S0l-Z1`mfnb%{pw0&hKzfc7OV$`UT6*}`m`9XPx%ZJmpPkC*r54=0oNGlZ%sglT-lcJPSPI(;KQG|0bNm>a&fmJJgnYb*c({;0ApF+QU_vMtrY_IV^VY{#A0mLU&ba@P#ony1>zu@~1 zZ=tchn!L2;P!fi1-HRxYtU_-``rTuo&^^268WC$*8!`6Co$pd!BRB+AjrdHVi>Qi@v=~OA;*JKJlB-H}Ayx9Mb# z42k0TGyoO$a9(K2L|#(w0=8q(C$snX05nW~ISNw2ifL1lCXNGd{43f5?~AAgR!IVr zj8crw0aRO2J=Zeysumde(ZOR`K1SkK^A}lZf1Gv5qz|f6iZ$h$o|5aZgi=*HIFxk(38&zp-41 zY#63$OP>8mzq!B1=&6YgbPJ{KN_O9lUIfQ!o|M~2IxAr*08Bb>@67K{9ueYP;I=<6 zDl>dY-nA-0R^(sN0P`7uy1+`({lhQ4C^vHix;+)H;LS!~*#RZk%RwYn>?y>Wc2e$g zu9`h$eTxwyrOVGIqDz&XD1-a}-ZNJ6ep?@BjFSS605|az4n z8yQqJWflDi&q8=;XJ&WlZh;ND46VU_%T1HDJQ2bz2+r?AKD}!akxzf+palB3AnMGA|OABdptVTlsL{9lGJ`%Fo4@EZ1Nlp`?_ZB+ihwga?U7Be zs_p9Y**i;+mee9HWQcwe@B&Yf`3?r9j5H|MzL=-DXs>_()5$edt6f{ao?rGcr$^!M zQ%Ih`X^2*GPe4ewZog7#j1g1fGq;8Q{vq&eu^(;RPJ1*DYcPhqzj94PFr+t0AS!CC zwna$fbr1L>nU(-_g zdFn52=srE)X}bp!{pxsCmSM0F_Ssry?lV3=j zx_v=+QYE@q8#KzuPWqp6F z@Gg8otjA`B zM%RXPCJkPW9<+%Yb2_x984V`vV_Pi^qU`q-t`wH%V$$UE^EK}xtbHj5y4)?^3>Fni zo!mPLHR2a=>6Y%lEaD*977*ISx+-^cb98+TuF}CQB%&q>iY`G<8fnGx{t2!Y&r9#{ z>uhhKIC1Fsnno}XH!i}}=#m@k7?4~};(dh8a2YD*-AXj->dP0=Nl|ci_x>ypCz-fD zeoNbc^Pq*VlU;Ld1(+}TbFWq4#L?H4{#9kC2a%^kiXxwBMxAj`qi7Fe8nlGtNLD73 zNdgvZ+;(w`c5kmo0wz?Nf_l7dy4U$n(}DlmQ{ePeY?M7())vTuW@g@NytyzQF7{Ye ziQQ3gaA?s$Bk$+&OA4g#y^Af*rRS8a;(p^77g{Tba(OixMj}I93qq1 zQWBPly0D2VI`@rHH&zraMs<2*)U_kX16|}G#rm<(o<*+JhY5yCf^@3SW+ty}$?qA- zq15!X1t8V!a`#Wl#la1p`cZNDxTiKY<8)ln+}n%S5-QD!KaAR1Nv*Aqi;l@AWordF z1p1u(rgkngx&EM((nWYbhgixge~pU`?3aumZ4}q-w3#!rz7|DdjScazT^+5E=}|m%ve4=Yv#asEg@uge0U;e$w;l4Y*hCpHasH_qmY_CG_sZXh*->%`LN)RiHtS2 zz4ewru}P2%DYh1^<8VqH)~(rTGS@8qp|zG4c3s<-#+t=1%{gC@*QQ^S2r@F%MwO)s z?ZLKMmWG{cD=fcz#Jit&vYX>!K!db4n!y;bYzIe8fm z>6*)`X}$nwu%yWtO!zoTN^5_HMC+0~%fIxwtDkceqAZ&#Um|FiSHAV}!Y&&PMLhi# z?L76}PhC)QqV~uw5yaiu)OgT4rc&&2_7Lmqj*6{upROb6-H>xfS?cG%5Wd0ftZ(*u zpO#Fe8^UR>956`8mPUv#nN3(1ux&~UU|LQ-P9_n=ggapJyz26*Y?Ox?HzKSndhWX) zh+GN3MM%7c?YY?|Llt)N=cm=@*F@WyS|C9oLX3_N9gA@T*gs2g4u&7xD|Klg-*LLR zlH|keD2fA{^ZBia9?W|^l4`y%P+|3YK7-_94H{~+BqW~Cwt^-4ctJIl4F!Ew=m5Sr z?~8ij@;@P?y$VKhq|bJ35xo}!1?5yHmV-rxBsIv8{jOq@^;8DR`=*3RcHc%wTJh_& zCR$pQdY>E;0AZOZ0P!}O8RWLLVlIMeZB3oBnDvvGSjB>SMvBhUk`w3)UbDRRe~9ur zvN(}s9MsS{XF z6Dhv$U?X0qz1V8|c?Q7rUbsS;T+muym$RnZ8a*B1Itg4=ewNuw1a`y^5SV}+^z~e- z3i=+B_#@oE3lg_4t)YCwq={sXy4C^{cbo6orcsr*;!Yh5^Qa6+>Cr}qA4$(dN0vTV zBshZ%06^-x$~B4bXDUr-Ds_4!Q-##Q;oz%ori(Kci*SOE4i zis_iX(-un>u<*OZ^x;I920!$V*3|4MuFd_brLd_@k^{rmgu?j3XtK@-zfsdkm8hcb zdMr*qr_8d*FNJ4!^{Nb=`Nh6jFSm*w1$EtmXf!qjSAaV<`udnDa~pCy<8lB zrZ2^SKHECCQg{HC+Bc_TsBNw9GUR(c{shfv=#>OD9^dnNIheMuY2E7MJH+%-E%Gah zmQ1rC!_- z_Y4msG^mJ!5?P8}a5W)9p?PRIjoD1eB zoBIt^tlk+0uDrqf9o$^~`01Q0q=DZ5X6DSk`&x<3C*%HBtoYn}jp_Szq2Q&s8VY$FI`y*SJ}s+lqrS@ck=tG zt$iMB){2rfGnPcfLcMgB&T14+1LZf8dz;!)2-Gtd6_-l5=u(q}Iwfs7+vSqkoE{Dx z|C4FEu^!|H4i}M=v)Um2?XT#H(qwmP%!5M!n4AlQjeFoFI57~e^*)Y zn}+RYACAf!NQCl=is}UkXnoA(2&e%NlO0K$B@(!+{ZX2o44m(%zOu(e1=?j{Qvpn; zigf0F{VD>Qnjhw!a^eHO`xZ;CF;$ ziw%3mT24Bh%uZE)oWw{stv@mWGd(W`WWJqW8CBIrlUc;ZO^20?zxahZHJ-F!{;p$jw8D}MF618c)zKkn~%2T`uG zvRwuYk&Nx)6ug&9i>!oa*~(pnABSvi?feL?>~eR6GSiHI%2MP zQQ6<^G%pI#zJTiTRMk@kQC7%~S%b_+2f}Oj7wxl%2#4zxt{@|Z*TzN+>ASh z#|W&Ff)@G(1yjoO?N0j^Hc~)^*I0n&fGstK*y+XSwOG$ReT;YrhU)yhT|@Tk$V3X< zT`8lp`;TR)stnUnTdWj1QmZb=S8A;>Gs2RjwieR5(OEP4^{()$b_90cI#|D zEIO8;kbVd|68hWRYHJ#PB+s6H97RUeCj}1MvJat7ZRZ{zz$UY~b>*(&5k&D2yaW>3 zCP``N&~k1yJA_o1CqX83Bh;C$RQ#Zyi%cNV|LR*EXe+@+v0Cqol9OWD@s6EFJ5J_0 zZm1aneJf@De6ZW0wC51zNrE8dc#g_;>3@4p{`J6X0JSK?`*LYlW<Z zF4ANfk4;^cs^r%3rdY$dsOh=u-7zfs`mWPYR5Za)&~SC5cMn#oq%-UoPsd6~h=g=w zkef*m>X525#lf;-rTrkn6RLIH;b8gC{q*`A7mk76ds!(I{-h2I(RT&9#_T*OQq?h! z89;wW!};`>k}RVOuxk{@)Q-unT6{`Rx(HA70xOx${6p($W}|F6H1T?QF$*dl{nfb^ zkQF`%|7udsjUk|D_zCG5=f?=QY}hFLV$;tHi+b)2>3Yqd662Linm?rRX{=PL+iA@v z;~6h)KRo>@jav+YhPQ){Jx(m`qSO1C3+A(ugf6&!1HQUMBG>(@Z@Qf{m&XY9d<3mZ1Z za%l;%nV^U7>9yFn3v1zeqP0k}59v^29vLNe?OH4nwQFgQcS30ol-%eh=YD&{w$2o1 zsu9{B`7%5#a2l8|kfi*8ka}Wb+Or`8LxAZ=y^eoXPW_86qKO_Ugu3lZ+H>_$C}4zt zjx7q_z$D-gkS2~z=SW`5cj#M<+&SRka=nzNFLvj&xcMyYc6fAuj-%6gJ@3%BSTv;< zAMjTCYxSKQH*l-T35y4gh0(S7hNP|h+i5-_hg~y>pe2hJG3q~^B!XU`xk*dupXIt5 zsF)%DP}retuECUfS07=}-NA0(G>*MX~H`-s2JKOYcv3zZ}jz>l6LKZCDU zGW80h0}Q^YML7Xko_Olfn5k7283hT~%xE&&esXN3xZq{-g?0)*;XEphq`zoHZ1Hnr z(#r^YS|;zI1AR+!o!_`$!ZqgIdvn)km?D!J%OxMwh)apZw+XIXi@8%nGHU*Yf^5kN zzj9@Pf|PhITA83506(cKrrzA_`Kn{quKjjGc;UL)YFdU2Hz{l z5GarjbvMfiysi-?n(wZuC%_zZ-Gn8g$Eu0O^WCy7_jz{sRazVOwV0!LXbS50{c@xQ zx^=SRtZ|_HZA1qD@_~&Esw3bY)Tp$LpC&WhQ!$G?`wiFms4)F$HTd$e8?C13vHGmq zVAXJ?lL5E%EvD$>C)Bz=MIS`X;&gs*p}LpJq*3sBfA^07VVqhU92+h9DpsA(L^po~26)rxMVLERjrFWNlYijWZu|F6LW?Q8(TSz9q3>`qGK`{mV ziLkWGuLGpF8};S}?63~B%!TvziJ@@vwcNlby#X*Cf^g@^fm*Kn6E+8z0P}nToj4wV ztxG0YLOY0>zfNHonz_Qeefrmm`d8wy@IsGiyXEW`gD=wZ)yL(vz=ZMrZ@OM9ga8t< zkDf+v|8Sng#;Js_q!1`am#JaicM7Yr*cqpQ-&q2zS|h3jOEFc-pHqq?4l*G(a&p~+ zXuc8C-?W7rSFO|b*?FoPZ1CtUlff`^u5xYL&1CErAE1Kff(Ir z8^skCKm&8>ui?s=GOeRH?L0)VJ>Z2C&f14w=WATd=E!?L@U#%w{hfK6V>3o^oPH%J z>t$#2PyRm74e~uqS2NE=%=4VWf;i{BnFWKaMwDagtt$qjr`C#ff;CD?_4Y2nqiQ|h z?Eo>^h?ThgLj5J0RvU@de4l!eyj2%(F1-&(DEQ<7HTQ3*j@3=C28rtNc2j`T7W zD>VgSZRtRrl((Z`3v>EFUB94tIf$$gXaD3-%o%5<-#Fo2eG@s2mudQA^RbioWcElm zg#n2p-{o9ZSpin)8HTD4@Iq@6esZ*rnwYk==*~q-K@(4%>*a(!10JSiR9}KnL*~dD zQf%H+FiPjT(RmEh)RNACRx~Bl+c2uF-HWXgDI_D*V{J78u`_Sj+yMLD| zb`8E~EAQ4)8KkRDb4X*Q7@Ov=EtD!#j}&ZV+J(Bmz|FxB9fvobNGv^i;ay=WeE*jI z2ga)p--#7zyGN)p?Deu*P77Nm3^mwZdB;&i&qroD5BbCV&+U|mCM%cSQNa*_ zyxsQ|?8`aO?;EQ{q^6?As?^Vuaz^h};iAf{*PpFPQ}(=^oj=d)Pp+c?;p3 ze4?!%mOJ`1lk-*Z5A)7ih%`~dKr7{J3#Qa7_v^uAhdR4`3U0)i46uTasFgVam2jE< zymoloEJoT^PZ6)1D|UAh&IG{wqREbfm?Di?oZ$?dB;cVxm!R*aJ-A_QX#Q%QJN2|r zi12!kA=ZTjjkPT{x(-aaJwN(xOqmW*VpPXE;%0>U&8NV|QYG3Df#E8~Qh@giO%_iV z43{1IFk$8;%PeZ3$?oZnxAL1s>$Ah;yiXwe#3DcNnT%MW~ z=A-6Loob*fvCdp1ur7ZK*(@I!1MLwVx-V!h_zjl;87I=s3kwBRLls$9 z8&H;79YDXHNtI13CAnE`1B@@u8q2zWR`2Xhv<4yWGT3(v5tJr)gmvG|W12Vrea>9_ zjx8+tU-)j~Y z7r2ut-Yn?#C~=3hG^eBH8e6E?`Gr$X%7PiE^qxvWuG|^%+}vWg3&{&);_dn8++~M+ z-ZRgJb9>TkN5sDuL+?w+hkw3QTWBBz=+@gXBwNAZaKU$W3h#HC`4r#ZWvWE!o96p- z<~MVj2JXQ?QWgrrkX8&XRpcfCHPx(~eDvti*kfYipyM-boJ|`{PfmO$Ir(gRyTHnI zp;2trKNjCE@;hG24Mun4L^k21C~E!)C)5)Oy!vsVIAgjY<&v(pU|-J7%RN{_$GWIh zI`viAKW!F4`?qs0%*Db{WMLUa34Q0?d|>RDcHJ2BwQo8=-`pyXS4Gd&R^KqXNu9)& zT3de#5|Fm~x#?4AW6BhIbW$PY1KE_1D!kfUQbkEbWKl!rRa|PlC)87O`3oqrA|rWS zPhO$Hg~V;C)F9_jT*Krobz3EItF&HzX*Lf3;KWvb-OD(+`!jB3i52Gai`hHx z;lAJZu8%@hU9Wc9=lJZo0E0gnE7|YNoGsle{yydJ^7E?(?--$Yh z8CM=>f9-b07)U>Zu$ibH{Z_|*^;hgAo<>OG0x5n`-q*)hnS;Hzw?co}Oi}uHHe;y( z2*Nap{8cQe-gK1$kC&q7#^^@NCCg)9BVtW8?RH3AAFRIoZE%a4?*%_XSAD$uq!(+U~;o(@TvVd)r*OYyf3z6Qy~z8-YoyC!tvwBUkE}EnK2u8 zSL6N2dYIy?Le)+)uZ6BwK9o7t1`9A^CjOw)QV4WimtPV{lE`-mN~~ocm0MQQSq%&5 zsaDmz%lc&Hv8Q`<149^ftq;iWNkz8hM8OQ8hn7E`>_=3S*hNZt6)_sF)Pt;<2e2HT z&AgJ_$F9?Z-UTgc_Ow@^U6{=A4S24V{qo9ZMlf7Z07WAA3TW?gAFU!(gHB(2IhG@8 z-#XfTcb~@o5c9>@L6`{HS1k>2T`{Lzo;=C|!y^v}+CHnAj!=T{#u(bVFtd1Zq&91` z1$q6W*z><(Mg9{4FXwz87F;tK85w(v;|zBWj{NEase1^RHvKuq1{4%f!=eTX=Fsh* zcBG6%4-M^o6|rSVS`_mEsnJ@zl0&nPFV8PAeLa}GtDMNGYrW*z7L^0@VjN;!OW%)0 zyXha32e$G`8&*qWr*N`DcPI3^pnrIjU9WOWV~{t&SjxY7dm!s5HsmlnF7hr#XMu{k z7cv40I(oFo$aj+^XyS3T#AHPB+mfFrlA1v82U>e`@=*Zk_k!!zEgW2KTV!~S^$Oul z92Wal?8X|mNpsxiZyp{FwvDs)d-ul&?Jk~!^``jYd-i>LF?l48oMW>n@j=$2Y~ zR^IPkQ_g#XhL|NaHPNP*LjjG3yo%&LhvGsq&5o|E3TbPpF<9}hO~)-TT-d+f=~K!y z7b@m;7BYN@`l{EIY!2MH>ndzVYBn3+Tp&z22fO9k8W`I6cLmE<3lG0+u)ZiNITkOZ zaJSKlp>1I8me7j#p7ipes^U?8rQ%3fC*S^TY;r2KPVk)G%)UK*4xr}qyHS;S!RF`^ zLk_)ndsg0Tu0tI6*UODi`-W}A`;~fAmINfN-Wnd#%KPp2E`@f-CnQPL0bpGDN;aJa zQxO|2+@KfEvtFGu63Ox*6 zmYTkw#{xC~JqXSD;Undw68(vi*mLuQ6bOHJ;@1S(O$l0`oj>b=Ty}LS`Quknr7lK# zT&l#q+_MxuVAU!ZNK!-WB^F+NZiDS7-*;sbh>!*FE$(nWfucuyFOmz1XV9Hyud?uH z7sxMkQH6%D=I+fSyqo4|93+(*&e@aOQ|+N7MBe1d-En(uAyiL8Li$i<;2_LAN9q~> zxpF#L<0GLE_Ep*I!LNl_v&Q*bm7$Tb>jNt}$PIrP*)R^LcKM^`|Fcrkh53eU^Y-hH z_-NPlg6W}=J9sO0jeT|wA_XrQBzTX!x^$BNX#!>~3;NCHmfjd05kwrPup` zkSzpfyN?+}txD{g8|iRp-M+(Sf6-mAth$+vc~-?fN`7gb&j;@oYx91GJv0ZHoZhpx zvOqu=(HAhmO^4uG>?$(FI2*uD$Y=4@HaCYD*dDHlB&yk|`^(4ViL7lf>T?AHHaFq$ z5WX@!Twr1Ql(!<$m4p+5IuP;txO$Oe0x+(2rG#u-Vv9bAX3fs~ku#f_E>FarJsYDv z5(RfLArc62^vR?)xYg$)4Oi9zGZWvK@6M{wVFqtT1g*QPKWn zvF6%OR}qN0iEC8F1wL8OijkFO*)sktNP@{r!s%V)_2uu8bGt~i|3IZ=W$hh)pxV}g zN$~LFp@s_huZJxLePl|NzN`6B^N$sow<}aAM2o62!KKb=-$2WG*u{QBoELHTQLzEo zW~B8+%2O{k4nsC#zl5BEbcUB-V6QGUl3bqVS z&!4X<_#~pM<8L}>pro`^ z5Tbb_VkaNrl30mR7ZJP41Hx_5GLqF#%xelE@dtzJe=w|WoarC$U8Z=?B9S@5f9)ZoB1T*oopV|NKE9*Ak*NU1h1H?q_ZX z*ln5R+hfY;$aW{87kVa(vH#N9EJ3WerdDP@AFw9=+s?uWA1NY z2jH$f{r9&{)PX?%mK}0A%dV=^i`{KK zZHmSf=dWU)R{&C!Qy|+xnUtmjvIvPrtt&vjJHO7uDH)Vy@EV&!z+xU9PoYA}QBog}M5z{VYv>M#itJRKB; zU9K!w&E2A8k~U_2^W!L$M(M5v?ci<&$0j9?yKap zHL|StST_6o^gu>5^_{}z1O-{o2!(c^=%vnpKf3#;Vp2b|Dim$9)eRdFBzZmh%k5}q zyqQKR>5HI-PoHhY3n4CYTEBH!W(4Qytqs)i>it6gP>~sG`S49=42~0K*SWl~Ahd1r zSe)6L_~hk`{pTyA61Tiok(~L_<$3QPmDJORWg(~mL|o(IZ1Hr!{OD^ESV(>Fmy@F> zEmPBpjTZ~}f=RYNJJ9SjQ4VGc1ROq>YSF+J?s0$nym3VSFRK468_vd4r%DOD}0RY+JVx7mS%h0EBk4(okgppYjr8^!2{t zaM*5BZ?F9m*M}E>VB_KntAQBaKa735zI(JX{jE88)6*)K1lU1L>23spB`33 z$SSQRep$HDzy#NY5Wo?!~zAB)Q0-P}JN^?Zq`&uaFxSkj<@XcZnx>+w=oq@={U!?-RfL}Fag zquD`*(LtZ|klgrJavBkO5}EpTqS32+vQchM+Q7U&80?#?DcZjYoo?CfkrNfh_>8Q{ z*f9MwuWn5F_@pmdSKj}NwNlao4YQWZLo1oI*Qrn4TCDj`{;3kGOJk_BC0cIq&(o2& z<#aZCVrEY-JUm*J)N~_irCp(8=c;&Y2+O^zuh4V6vP?S;WAyL>U8xxkLMCSl1Bi1A z1VMSC*P)H4BaOB8B3~jCVBMuR4eiO_RtAR%E?0&3%q_$^Y*2N+DffsjqC^r%_kJ1k znxi-8Q_~C_T^m~9>wkLQRo>KP8WnZM6w3)*?8|r*tyJ8nesz+NSV3{3Y;SvoDd(K? z+>C*p^-@mu=|%qU!TR9(=Bc@crZsQ8Tz55BP7)HL=FIizTbFN1Nhv)kHxq>nHm9=o zR|)yoe>ez-r!DPwo|Q{m`p94vCrn1F6ZP48E3=@N2jhD{(>1f%+%)cjxf>EGg;8;+sjpi7^&T?EJa2Z*kMO+mxS`fhmGh zV@`fH`KWq;NMOBwRwoMN*+qx+ZnEcabSzm5vX&4#7ANtP)E~A~>WR|w{p)O40}Jr` zRfE!SE0T1~HZ^_B;q@mhCxEh(a4k?WiBX7*X>uLnUs7YiHG?Y5_8H)$YJ-Y)Ixzid zhxw#ZdZ5_ww`!gL$Yq|1o&Fn4{OHNcDl8t=D%aV`BJ>nzT7qx&?8*bYx3K4`XnQ*F zytr-QLwWI6YR;r&h5;8~^V#O*XD@+&YB7bhFffAeXrUQFx$HgS~wiBOyBaY z?BP5XwjF-D_(!>)BGqqv7Fo>E5dQ1!GW=(ybvNggH09Jph-tU4ZZ%hJK;;)ALy3E~ zh4e^iOL~V=PsNdyF&QO1u@=y8fO1>z)p4MTG~J%iDENdU`jVVJn%CnU3n(to0Z>*a&ksYj_G`NH|9%&Zgr?F zChf&10LV@)S+jd!29Z&`8D+9)YHn@}beQZ|Wms{3Y8|UG=UUHP5jq`2mZs4d7WPV= z$oLhZ3N;BSX{-w8r3@#d?6qW&elI`^zQ=)$lrl@X-DA>rbAWS1e+=BlBY{8Y06+|^ z1HrRiX`jba?|c$XJzQ}8Y2VlQba;;8=gR8}I> z$$YiQXsfm9K}c0lbJHD6y$r3PcXCO5KHQ<;Ub63l;YiDz+q;0T6;U|{#!0ET{pD?u zkKXq>IE^l^$QSG0T)iqa5K@eMOOer=d<2Y}vel0Z#C>VjJz>RnuD9J)#34(|Ct1;# z*&#%T#xoc9Q@&eIgih@4lQ8g*^VU~BI^OH3MZ>`^vn%^M#_y)v9W1Wq)aO7a69=K9 zTD{>t7B=gZfBG=O_}UKWOR>0#*xM3Y90Ze9k26btG@KxuPL|epi%C0OK@%^Eft}4 z{}!px8$;WmkRGozK8M$ZjLx?go;3nVsgT~@k++QVC|&8L=H8~14#TNR{A_IrDN|_j z>`8|UFtLi&xdBw&9c(o{>}!6uAIqh0LR&bJj72Q;>h6~;&^R_ahf8MRw zh<|VfDJO^^Hrzg0mkrb`&l{cfyhFO2f9HFmdr$xD^=Rgb3}*z~M0~Y7mlN>u)$ok>16%I^a3VZAokTNq zjxfHY3Zx19ytZv~Bu62U(>LbmS+`>~FhrsjX=}|#!zV6w^L=u^-^v{lwaqLRH%;YM zWpy@-bEOx#eL%ThwY}O{ke;sMZA6!+#<^)MY8|ouzi^D+q7se8faf(J5X#cIm(jvI z|GxnF<;=N`oBb~F{f^UN)Fk_S@;dr}u%5afv#d8%&?CN>dnJty+rm1E68M8xwIL^- zzt`IGVk>$luqiO9)hv+F)GQia>o_{n{KljAxny0hhSkJf|P-FjT41vXwV5_4X?fMTg2_VV#+cE?^pFw$kaHhh*K5DTx zgW=L3^rAB^A~8eQFYsP%JHt`cwrAe@@KpU>nr~chuAW}N+$nkOCVUm~xoU3KVW-~BNk?|&yXE600(lLNW42y! z$;wXVmn{TE51@O(=Z6Af#tg7eM58rtqizGdKK})F{AIv$rtWulBG>oiNf!XrHR-1B z(-MV5E{F{GZfhY)YVcBT?QWp!>4n*e^s=Sb)`8M!aQ)8TFcTFF*oqbg z5lu1i=A?urd(&mOd7#6#Apnb>i~4-PT>67r`jj$PQL4sL_uLeQ@Lcht>mJ#erCC-& zWWm}(lr8Cy(1y|B$H4Mnnw56zCI-$cr=J94<*OjlISN+3=-ub0au0DI+Ow0y_wANH z<=!R`3GpOe9NS1(dt|!Pm zy&lk9Y40LKY*vH+@jdQpg}mg78qu(J+lD`iVGiE#{ z&12|j44y(C9k2V>UQhDsBcRyi?jg99@2!8wa&@_ky5<2Q^?AGb!U(p>W7(%!1K}`B4!xCzbqVbTZnxY0f z@|)Cwq|iD1rNzObEU?ISQ}Xnx$jhd)DWp-TYg_yY`}D}vfHJFP32J1D7JXhXLk~QjZJi9Uxb}YeQpp2Fhi9R1;65gI{_pqL4Nhd{)n_AG_ASVV?TRfdQO0 z+%vW5;;s9Irbc5Ze`%Hf1v#|1IVEpu61y=7#j@LC{1`Lcd)#-kGpgq0Hb#GE! z3s&`hi02qJIKJd#3cpImN9hNx7m9v2Gfs1T2lD{2h>t}Pp-K1pKUO_KJoU;aesv}< zm{I38L5&<0S4eHZpN=nDGXJU0f!hN0s|a13;0{-3l2!3Ib;N{l=)QPbX@T4&v!@E? zeL!IK#iRN|3xC@m%bKjPQ?$4y^B?s}G5%&|nTcuw)o^X9D8k8?Fj0?bhSb zq>qwA7gln#oU$ZqnDbS-48M#Wk6BKdT3lS~8ge>xBY8+ng@pmoEnqOA8Rpf?f+`i~ ztWbw#TCDW0R%u7OmOOy`)(=-kWFuKE*Rp0$%!Y|vBu`KF8jW4ibmNk@ELJm%tftcdD#u;-q2*O0d~eB2-JNVZb?b177((msra_sZTnyJ^k@Y#GVp z9dr*;auLv7bnq1-km9T#PU6lSu!(%hwJ^8QS8?Wc1~)ls*A7PzV2%1bcuXD!|D`B| zd&u|0C>_gZXKOKLUAAbcA$hLpYgdPTyN^ZpLtG_=joyLST)OG+v{C5~_!tZouIc{= zwbXyBI@v`&FX`ymGaAc+?`r4JqT6?>ob4r6QZUuWs;Hc$7!=;`Zs|Xcg7-tIQ=h$^ zEJZM0Z=olJWD2h0S{jj~QQ~>{)9~{4OCmt0iP=fiqB~{SRYO2% zF83(?j8A=?OIB_rDHO>Ny2)4O#4BaFqtWIY9@3Y> z{$VI}SWbiWULw%$PB`|~`3&O0-sMCF09haQ#Ygsk8m|DN(X-}`^ zuG(e0YOPmDvHhF$$A8)pmBjO}`@9IWDhMFYI6F~>9r9`Sx5uH!mWg$Ka!uJ&qpJkJ z)UX@w$En3{7QnuaaK)njLu%iq+O+`&cj6J%buzP?8*U zqTzr^Rb?aMZW4I<+dvaevn$@okM_YmA$eb<@^gH>NlISkry$~_bz%0 zQ+T{>Hre>~0<8Eh-W<_uT=ba-XNRA~wa6K>X*(19IlrRIvTq*q2V!B91Tu}gXFbq0 z;DPTWpfi3!W$UC_MU79x`Q{i!_ul128Iv%cw+EtVSQ8#I{9onb{|#1uG4aumorzu5 zV*9{9THT_pOXt5!JN^~V0D_x>fie+?)}@iid)uB-v?vi|P{F(P25&>Xl+Rm0e zSL-o#;N!dht)l-l=>PKqJR{nvIR=|q>nR4^D#Rd1d4uz}u<3u2W&Shn^PfNeZ{LKx zLtCdUBG|S2l(sib{_hp7^0{;Ib9v~n=BF_saXU&i+<&X&_sr@n-7Den4iOhgum5ZP zKK@VNWK%--*Mepi8L-x~3nYFt|5u&3|LLB;H;Q2QiYAj4Bi8yf$-no!GoK+%jp$HU zjTJ2@SC{nf729c%f9y8O ze3mBOdBD3TsIRITo3kO-wN>yi*_sSHB7g6xzn(|njW~Z=LH?blkL0-0E2@^qZB0h& zyzBVp^^K>Or=X+QzQrssj8K%IYC&Rdy?glH`A}3)GR8drBb>L349=M*Fk~(wloV|? z-<5i-M69pymw>qF3Q5hIZMk03x{;0_YLpy~!r=GuW> znS_Z8@9U%IM`a?%g|(w1+pp#KPTz8^e;-Y&E9so^EI;4dR@igzO?~Ds3PN43dGkw)v*SmO9Zu9o*#%>`64mu?|pP& z#jqS%`AIT;7^g=?Cl(ZRVDBKNA_F+`P&8ODfhX7DTCE;NP`8xWd=UM$Zv4fCjSu0T zqN3LX08yIFRUE~*77j0jX_fTgUhH1df^pa2gH5xFS6T=uu;0CKH*Qiw=c>tZIMAQB zzd%Fk+pib@@a_Cm(9A&banR9kP%t5^JM9)S0MX`*cF4$yNLI0vjGxj#s|{q(QRHoy zXWNLR^FwyO^cm%!H-Pe0=cSS=UI>voR1R@*Dsh13`4kBRKGHIsohar3s9Lpz%?}h~ z=^(bDO&_t(yJV0#+>ce|e%%|02DrR9!W@swLcDVGr&=i7yh%S!EDgOTe`^RLT8`GP zy?$(Wx^s*S?+Kklxdab8j-u=etdeZX=QX?nb+2`K26&s6dls}S?3&-exA*yp};Vmbrq9K8Ju4&1JD2v7_!PI zYm4#(p$h2=_%a~sv?8Z3^l!(0_WO*`*qQ#s!gZywJRQQXyOz0m_65ex1c8@`cVJe} z0|foiJY(H-GH)8e5wJ7{7B`!tT(ccJdwoLX>ymE;z#R%d;mZlHDk?Fvd9!7TJH6>%bbd zJHa|$4EG_7DN>b>cAyATXntei9hF7X%!Lv6KBxCZ26%z0?BN{vIC$x?U&7X*@Wo#Nl2f*WYHkXsX4e9^$bvCEy z$8)(Zm{m3O`y-xi@lob!p8eQeAK1sHaaa!$7i*O6T$(_Tu{Vg>P2*%wO8CeSW|PF~ zfUlO<8ntIhg?|s%MBX_@EJ4UKct{jn@26=lUMXt49g(P`z8O%rDfJa7DrrO`|0|h{ z!5wruQEDk-md&yHyoR~ufE4vAkCUI6^F3h0ldm`vAG)ab>cB3d(ZY;fJ#?kZ&Hq@O zt$d||Gg|0e!owNw4(bP>^$<9auK58p#kvZ~&H+>QL*KFIa+8xL*9?El7#aN24E$r2 zfkk){AdI$u7t6V`I|D9lg%L7OQfEFo7x5aqe;HnUtFR;yW>Sf1oYY^{N{an4v@1nx z$Hlz9(#1qe3~(@r9#|ObF=pcUy6mY+!$0)NOzJ`~6JNd2onU@pZkjnNSwPTg#`zzX=l|PI01UCs zIJo3%P@Y~TD2!AqvgIhq;eyractp*LE$HI&!Pj5)fbZZDNHpBr;oz$I9ayZ9O&g7SC7`6m<4fIJhYitSLOW}oCf`WdDM{-vZw6ma~ zmxHYUJB{-XMG}Gq1T7NAuU8cJBV60yZp53CKPvZz`yQ<>jgbnZjJy(@523Io;vi;w zcZNg^puot2@^EBWwHd-V-@_}Z_T8qJIhN0cZ7F+ zfL-RLYu!Ei-pKNX?T|6~qQ?WK`-cktRv)tyuQ>feF2kZRu%QjQ4DRvVOw{A;$KkWI zu1JJk^Vw3a`E;5^re?1xksw!%H*ks+7fDPXdV7H8^n>AL08Z?K;VL7q4Vfw?l z?zfYetjsq#9j{N(oLpRNyFR0a{l59VZHG^|`9V(zkCOxLR{K5@dApQ9*x&Fd#-hsU zbG8KNQMv!P&UpN)AzdR6EkZI8dBcdVs3lWjRjnXNOd};SUK?tx$wN>HN0VKM*l~a? zW2>K_Da|vsxv7>?4kkxf)|UIKdHPb?zr_6tV8f(4*9=<>Rn6ed2#UfjFWMiA;W>xv z9q%#0pofqEg&JKsex891E+6i!otm5%X{0PfA+|U~&l?MSCOXkb%WRckFhKGmN=DA| zjIh2}+lpX~xCL+HL75oO6C)@7@XPCEA<4ZA(!OCuPV>(Y%?^7k{q_w9kYFWaS9}k} z;8dFN8U`m>R_N5o|D~yJe0re#D)Fa+^}5f``_0!j`#hqmOPbv@d*J-l7yaqVOL5H% zi7MNW-Va35Ue_B2e=cDPZ1+!o-Deg&AWp+97sS=b9L90cDC^h5u~zvgkPno%Z zA#k6eyXTIcXa?`DT`8tDw3_a2I_#|9+v^puV*Gab9_K*A<6vf-Uay8gL7)`}3$Op6 zy%qm$(FwEtT6fA20s|Lz?8QgAGgPz4vBi zUW@U(qT60a9Z%PIB|uXFW)+YFyzK#nuswwC~mGB^%#jf-in zJ0sGV^kJiC+2I&KYpTnN5Kd{fW*lE036^!fc`&z`?o*4>f?^^i@CpfQoCBt&CJn_Eq`sCaK+HvIhwJ3B@!TLzN{7-_X8 zl1J9TKM0+@C`=rDJ+U5VC!1&`r_(tr9zoC4E3>g2Bfvj7PJAa$LjJpOOHoB5e67-t zohEE3i;FI(A?*uT0Q>SsC1bC|0_6^btthGQ(08gGVq2Oj_TDS`aMp3hD}in0Z;q3HXqabx;IC_eW0xrP zn1Ff>sK2(k3xLV+X{~nDf+%w02RDu1R&f%Bmi$2o5gU$=0`03JeIFj62ql@A>BB(5 z>)%}Gm9%`o(r=9WIv0>4{MIu+8bR@~+*Q{mZVWLdR$tvjINmQPZ*^ zcStwi-@}T&-`^a6S^!^y1*uIQ-AVB_ZGGZbrTdQ$02 z9d-B7&igomF!H!XQu-^p@y{Sqrxnu|giH4id3;qZ-;V!$@{!#?L8(kkzkJQxM4a6< z+!*rApq~PlZp7jT-7%2NIlKJjDcoGTb1}HEsGnaYlhYqm;0}1mibSYOiq@|)F}+#D zAYZ4Kv-;59G?8BB$qO>-8cw|T6KW*cFs#)KWHYOlJlZar`Y_0a8Yk$1-`*++ZIjWz z-j#wdOj{Sp(p5%?$@6Kl3$gLC-+niCIN&D6g?VeUod_=} zsVcM6iM8IGxvx|H4^T zn3~Awml8iF8(;p-22(hoS4w{hn!d@|_ReASB%;B6aoA7$=0F&#E5{3EHu7r-;U^L0 z57vBSd`o5AID$#c+VF+|{&>$CM%h4(d%sC_C7&)KkI*t#;_FYx#jpFB_kI|o11czX zR6ed0zjX!>2L`elN#4#k;TCZY0}b1QwxymLd0PzSWl_&OZCN;3Hmt!o?@sw!tB+(1 zdN9tVdhK?=W}P4Hk)Dp{A3*F`@I_AIlJ00OQI_7P0~lZ-QmM}R4}0|-2LOG0ea$*^ zp7z__auDkzj=ec)2iz_?pxCI{LyGibAW&OmdIgLhlRAXO&5!|Wo7hnC9?Z7 zDK4cbfqgn-CJM5IbK+N3`P=3!>`e|)6;a|ig0GgB1F%TU|)a`21on^+aydp%dx z?nZUA%<;elc(U0IoY*w^uWZh3)$w=0IyQ_sX8cdW{mq8n>STN6v(0mJ6mS!bQH zR=I_G?p7d+P(SJTT4oWCH?m|JLAB4E({S(vvIwe+|C3jJPCYjU=`#h4t1HQ)`{pz& zxmns&y<$b`B;JltHADYl>a`ktW718PfG2A7+Ax6j4tPL1S?W)HvI5EK%nPcU^@Y=N z+TkX0zrFfCAAtC#tsCPAS=^4FV2*$O!EQ^7$o(n`)2OXgK_yaTqKs{@7uMnD`XR%X zH{Sab+`#xw9vF`fZ?ueKSLZKJS%?8f&?UV;zwN_YQZrbo$qjCn|3AEmAilGX55v{( zYbVZ->@C3*#q~LTw&1J+qE9{vQT#wy1yV_y$hW zVHgG57Z1c4QZz>BG7Q?OUVNQBSin62f+JgTcr$4)P`-29_%u@Nc!eg%Lcmma!W!@- z2Z!%ExZXY2Dv7$bE`hd91YIKf@$}GI%t>94@mFk>D(FZ^t%#I0ps5Xx{wXcq>45z< zqf%JjCOZpa4gHmyyJus}7d5PUNooKcmySs7rCYR`qWAqN+z|JVh2YU<8s}udUWHpj zKzSX5?u!6eK+2>)M3$H*HAH1}M0=2c1%pZl#EX%eZ0EGAi`(ab+XH>wG#=CcJ3n6P zmx`#@En%zsZ&(XyUX~Gae-yMSl$3LJ?YY36YY*;(gc$7P>p`VM47&rziy*FJ@adpp z->2b&Wpi(i^A?+E#EYrjn4S)#$It*QIXf#8lX?=jC$cK$)24}b(n<772p?? zx}vS_;>D;Kf}qufg`oZd^x8?qasp2%9qtyd{~+Tshq>S2@U*%z2jtgbt2^k$h5&;s zC-R?fhrSZ$#BC)uq3r008V@vsQ1rg zny<_bL%SqetWVxPprfj8$OVk$_3PB}fJx&9xZsT|%-E!rr!S`^DT*?4a-KZx@@hk( zm= zd7#f)zi(?MrY%=^{TWnNSe$^|9H7Oeg3xk8RqG@7D4J0_B|&Q+yaTWYI;p+!c++f= ze*=#3MqFyi4|bx%i;!=^d|OkR<@>c2h=4UH4#DNS=TfKkTwG){nd${tpU36w)Z%O1 zGLCQjsJpdIoS}nFBM)^`lAMvL9bDb_JDrHLcA{lY54yvcHLgJs7ND%%Nr6+HJX#Dy zJ86yJhgy7W@|!oYBz1(gABUo?Ik9yN!{+W0d#D%-#vm0RsmA(MDBAj~{3P>!t(Xp> zd=_sAm%DD~I5{DAQcqDQBSvrVV)vL{O#7a?YW8LqUl0a@QCLx<6uk~kuwjjFLbgD3 z8zI`Dbru1ddz+K7xeZdynfa{6J~-%w<{oSdA8Rn)N9f}>nLEFTEh4z*c(=1DXOs+p7(X=<4B6Jd{`YNH?$h8;j=``jlX6a9*!c5;4s!7%O zHF@)@SO#Qd0B3D^0_2D%It(@JeW+gOg{O7l19>(Z%iF%YHr45zT1C$CebubuM|ZbF z4fWDN`z@c{b5_&Dtt#*F$I8Ic9NwXVzUud7e?iMWnR1USL~_Ss0`G%fWuv?WDXBv5 z^nvGHQXj}OAEw!ckNKBWSvs3?QybQyERXUCF?!_8vTC2E9rQvIozwXdCS=5j=*iP& z720|s;lC&)GnlxP#M5hsPEa&}eQTIyK<>Jyz|Cs13_ zw#srsP8;3BW}-UuJ1+|}spC})N19KuJj!x88(D0`2GE3CoUJSK|_f_BP2l!W@y*v` zYrimV`-X}P^Ssow?{$Gj8a6S)0a29Sb~E4Pk7K_X|C2S;_cX7Zj7-2KcSBwiap4AU z_!@f_-XZ_yAs}3?npQJbN*GY5kweP`=eMj88qLZ;l$y_Dxhdhjo360szOfc5N#MlK zG)V%CRd;08SX1S>KaN+;olWpAtp+3+xz_UW1CX5#!AQ?}t)w^b0rPCTj?Z&G*xV_y z1vZ{-k$UInk?h`V*Ev~&{s!%G#o7{TbUdqGE6s|H=VTSL*BxQ>)Jt}7T$K4h^&+#c zZPgIKT>RKvPEHQoTEa1OC(pt z+*Y-+AK3E_DKHKaxVb4<_6V_;`l_gggXRO_b$OXn_lF)lp#7Ln#ASApho-oh!7yq8 zRE|}@*>{9#;JqxkpB_KV`(l76SfexdvJ z-zNCZC8Ms0yNQ(PWW1B_(8R1(XniHsDQlr~ZVJ)7Ko+a}4^EI+#+w{H7<>@6+u+cT zf2JLd(Br=s`rf;iEo7KD#*&3As90c5#PT_dF(~M_eVXH%ZZ+9^rFAy~`U>IOVmj_F zX+V1jQsx`9?ulWS?!lT*L6y_hfWVzy&l~?WTlpf4@0kbtF{jRAynD%XUOVa{2nff^)Mv#7z-@-*Dh*NlF>V z#vCf!+%rYf!$_`72rtZfa%C>I8>NZ*q!n+iT%&oj+2RyG%Rg{lc7s>#SB`nI(-)1){Ed_D%DerKH3cY?(T{E}Xx(B4ttfu? zyCx7~@%)xeH9E7#cLQJLzF~CDMqC4f(;y1UK5lnTqzRy*{IQdB5!?PGb3l->Y5QS* zDW162(0$j4M-k<9;!X>#I_S_z1iQW|!gZr>-wgD;@exTzoJ& zq9E?=vY3rV9O|FF$cNKBR_Z7gt7`&A(Zk0PDHB#cjy$RekP|^?j`=0f%_=H{?dZ{S&h_wR}+O_Ps0>seAW?%2ccK>a?ofCMx z4THIBk956`H;Zp>1{BsgjJNC{FRkgz*Cq4cP1=tj5-mJjl!MU!|DY|gQ>sGn~;F2*k* z6=-JHu2%hO5+l`?j;y*CMmjpwb&5%FuCk9<+;zb`g`|!5h)lCaK7UWzm{P*y7R0=M zzq-jg8CSBS!fh}g^Sd4Z0J<@@pP-Cf)U~{K+}QiP+T`2bu3&4B-idKtBEizpIELAL zjC$N@v7|`G&x`8L;1Z@H1B@juVE6UJCNeK6v!}Ka6hlAa-81P(;OmCEK#%IpeV7_` zC=Fd+#`4`%(yZb4)$Ne)w38vL<{rd4&<d+SuJ`X6s6ks(zv*BCg;SK$mk73e9fjf=6Yl zbeaw%>w#v|5Z1L|i&@SQl(E0+xDq5&#W+pEdCJr1y+!uTp zevrvlWaQ1_oF2U0SW*9Wf~-C|I%+ypFZ+8GHG)L`2fN+m*upQnVTa{}k0ChIzl_ZJ zB9>wa&2-EI`bI~~Ub3{l+(yz5Rg)C*+?}?@w!!Sbo~Jflr@KtJXg7z_kCHC~+k>k7 zEWS^eunk zg-r;pMsdv$DfM`GbjrmP)o!sl5CZjaf+s8ZGXy{cZ|erJ&hiw^R&mPvWLCaD_Et@Q z4TRe!|H+w0T(e0{xSmJUaPZ5Jt(l=?Z9#5PVM#fX*#n%Ev|t#6SKRi@DZ<5Lr~v5B5lUHyeiLi_nkge< z*JvKGijedV-BMIjpQ9PcTrXU;Ccrp+Sf#Lgw)<3$}e2$Dd*(BG8Ybf4L;0dxFTs zUF2gbT6z7nHjCMH!LKUyTVMbE#xA(#1AT7KAGB6nSLE&}vGaVGLSl`^R4T|;SLRTD zgFNsYtXY-;3>S`KWY1a(i)*0R?9rpD@*TkPuHF44_{BPKc^c(XrOY5$W1Xy@f3nwIBiBnM{vnRG~;9`7#zdCA|NPM+$WHn(zj6B8F zHK!#X&6VDRWjQ^3z8CNItQ~^3dS~I1l*X;%?^3LmU`x7QJM7V@De_R$R)T~7T>%_3 zHc-8JJ+s)_a4ukZz5c@+gF8@8_mApqNkW#RsBIO)1`j-4-a&tEzHx9hx1cTk`yj2m zHb445<;t#{c?I00PoTBam+hvAg*T8FtNt4|oYiS)RRn5JLNQdzaCM_DoBOTsVy#u9 zg9ows6CgL}`+=8xR=34~v{Ek&!o5`tgVEl5f3>J?OsgJoEPU2#s^WJ`8DU|FL*6uk zjQIZoT^RjY*si-W1Ag?R37%};fatP5mQfFF@+?V06?boIawvMl{!6hqx54^Q+1`}v znpzoXc}^)Hx3&j#)1z>ajB&deWFk&&J=3}Dg?yHB5_p)^zfd+YFR!1%!iC;YjvTD= z%5&oVM(tLRKz7cm(W;D|+~qj-$aNI~Ab4jbA|9hWqXVbmz_qB9`{Z1w9hN0I@~(Qm zpAabuAKb3=GgyA$2o}RZUzCL7?Q28+?Md-TwScxN$vFGT6MBTL#+01&f=!y!! zFbC_VBN+lh7vHgg{v4+PEM+%wgh)#ZJx!3+sE1jZ411pVF82f(OG?T_CC=cyUx)TV zdu`j?TCuVg^aC`BjhMRvMIglnd5an&XW3V`{F60~vV#YMZYN}Q**2B}aye!&4ZBted zEv_XuR8^hwzNm>C&m=Q1HR@tquhE}N|BcuSC0)^M2VR4VOZEovB8AOI^_h9GZEvsX zevcSXn`ml$*Z*=4Qs6~LQ*z__?H24pt){qTyJ@=`ZVlhOBF7IgDLt6R+YO;+k{-YQ zZawMVDu6Y#Q78%VoY#Xv*{;@#o>O@E?+zUw{t+6*j0J7ItJPO?=_UBjMQt%R6+$EEd!RYw&yn4*_OW*$hSdW;#mI;U%r_U9&p)39q!B*J z8+9Q%*M_XXvLdSyu@Uq#^#A@+A?0`~Zt{iY_W4eY|31iq>9M!O^{unS)nPM#dv_2( zW7J*^XE%omyq@umYZK6=m)iuX1@dp-B{mnRCoFJ^tgJ;Gk!OPy{5+irIY1YMKD^+3Mrus5!Ax^m#@MZxU z>Lp=Wj@n(tXrGv-6)u=UydQf|6n{tDVTQd@(_D;3Q8(61FG>afA}2@neP6KJX6SE1 z4c;u!>rAUM4!bhf8v`z z)#a4ZA++2jsBMC>?9FC1THwIUsq3AjS29iQea)cE1QX(c^uQ>HvCZo#$mM4{Y z=|lN{os=h~_z7RrQWuG{&%MLlfs9%^I&LkL9{1dgr@G`tW@t_3>mf;xhoI;-Q(K9k zZBAij1cU#^Oy6cjd8SPi!TkzR&9YJGz@*o%!o(QA5l@JNNzh(=lp8^%&el??3MX7B z_3<+LWiM>5jw?MwaixrpI5Uvn&P!q$k5!GnVjKbJJx0DX|?b9F_So^c0 znuuzeh=$G{wc*Q5m8TsUFl!%~^o$!!f>%(>^Z~QfAvKss9`B;nlVDP9_??;?AuH+s@$UEqEN%KZHnvVunl#bL;39^Vzt>$h`eQM1As8h?<}vF>Tf(ya zuMBRRj76RvE_TEX^oD@^sr)`i%014Dh_tY!E<8t*w!_Cz%AGx2Hh|~zFmDXLzf`hn=lk?|1h1AT&ES>2Gn~ zdy`)h>@jXabu3_p<4Afcw%~DS2zT;o_00nsc6B>Lkm0|@2w)PhAz_qViX8Z(dCN>* z5FXbU0)gqr5tjJQbd|jkJI3=s()1u!JYcMTPd`Mw<+!h!U_`EL@FOED^zl4H7rz1> z_xuhy7Zt{eGyPaS?H>h5lp%nb|NA4=8XiMVe`2N+q&Cv`N z^~@2`t9ev9Btaebs9CkDszy@k8CBNR-0nOQHA9xEcS=-1Z)QYSGM;F6!8urwh{M0J;1DDnr882>j9|BvO;0!&z3GgT{^6GhnmVkrvb3N*UGmoJPqTMHinj}`}e3BNR zMxKv@3u+7adVa>x->@)m>EpM`E`&xjR{$if?fm zBF@%|WxNs7p9_7msDYTYvnP2KP!PPpfXPRd#vvk?Q_KKCu;36^?h8um<^~B9B3iLk z2bV@M5EEyD4~@~7Bnn~}$~I3$NR5B;u|^BN$B*==Dg3bBh^V&f%55;+{AsC6mUhcjUkDrm*zw4}sdGrh7z_K`F71wm<=e3Z6$S%$zoCkwuH=8)9=eAR; zAQ=9PGO)b~v9f>k!fZ%2zK z|2s%e0e5<$aBF*wMyk}jQmWik)_Mw2&wlB9V!N&D)zSB{We;UF6G|cS z@Jlv0eQ3KL8@+u}0cTY%&cgmbC|Wb3n|_YM0|o67V-bbDy&*};Xpu4jwp^x+{#Tg& z%fnQ7cAD!%ptkrhF747V`Wvu0;+y+l9c2;CR6tzw#DTuW4n+eNr3(O>^5_q-})?R6d}u|COebyq-Lu} zGhRM}kJgd4xNF$C63a{=3q{)X^0xUwj<7@vAE;;ubYA zsl>Mfbg-*>C*G^4xv3^WRH-A+5#=)~p`RX(vsYAL$Qe;fE3JiH&3LANN5y~VxN>Vx zn7*cz*GvQVuP1E|hJ{r-jS$*SFi27+!q_MLre4^y|55Xo1T07L_liF6e@mpFRCFWE zS?|;qflo+-=ibi0@Z$}Q&bef7_MwGcGz6h-|JEDIfG4XyD~7lVi(>{3IH}4^!DTG{ zVFa!#hWsu7`kuH-YMz)r-#+X%m)VRsW#k!eAb{LnkXk{lLV9u!mL~)e6j9q3nRP~p z^{in{#UG>5G$($){rLUf`PBMYSj7Y=59ANQ&*q8FdzLGPA!7Go#ADJ44=YINSx$gb zCKsEhnfu|hFS%(CpQNLsqa;Q$b+UGRSxT}iRe3UEO$5H!$xb%0%e@QcUcJ$WOM4K} z9}>Qc3-90V=m3NY_7o|K8|#9nB~sa3KiDm|$sRCoJy6L(~ETww}RYNaQHS3x?0tBjFjj2)hf;y0wFcsbF_gZqT!JQY1n+ix%!Hrw z8#H(nsI-aF;?v!50B+g+e(qJPpZ#W7_dSPC?y+neWeX=9x+d1SL*Ib(9bdBsd3618 zLJ+V8u=>RXhS}81*#c4GJe$8>yZMN*xV6=wWuK08+MB^8>Z{;o5K>3g8Sia#VJP%N zcTnPx^2G{0gOcrIJN_gwH|uHdf6;8AMaQT>1scPYAM7g{=!HH1TC3fpfAx|*UlWTH z<7aX@eBgi7+;Qv(FbmPnG?)71`;e`sNw`0}B-7z~ytA^R$=4bXH9{n<0Iq9LF!XYM z_}PcET$QR>Z_2se?gQNnZ5DR%92ItXHBX%Bpj%;uYnHI&a&OO^>e^aU{kj0L>`p=@ zZjyLqDEwF96LH~kweOkm_0_kp$S)Noym6;G_1i6Pi&1eCvmbtF4J6ar(rxOBlRdI? zwpHUYwYm^^-7~?6EJo*1U3Q_6f=O4{;?r~j)O`&}XG;hbM`e4u6omTE{a)zLJi?Y5 zU%Jjp!v=|oOw8+9X4V~vyUwO6_&CGTjEE(a!rDCb(!r^!qb=vwOx@{zAUvU`k%9ZW z3igbBf&(tI=qom7$E~`Bi|hs-PEiKJ(_Z(|VQQC%^2-5ojO zGzd76O)uVWrh3?tYS+HM+i=;k&v|G|;LQjhw@ehD8Xu{k&*vYLpU{+TC^WFFH>Vym zKe`5bRsdWkE2ua%{tEg2`>{OaWk}>`z3qOWQm8-7`EGS@!YI9^B{s+v>6ivU<(3U?KHdADI$rBl5-?OnuA<<+ESbPPzp zxZ8Kzdg;lh&SU@Fpl@{&JIgal})BRRshtSSp~Kf>h>L2YYeQ6TIBG3dvkuIHXGf zimN~G=AKyB&asi}{976rGEP&!@S&>;kd#|im{Zc%b@F)-QnU=McE4{IxotiqcMi|#_ZfZ>F>+*GEXgSbAvtf*sO~-1f=BavV#hslahYbJy%F*7K%r)GcXl=%E(X(RD75tnlgQc-n{8SoVXjRqDb%;wr zTN4t#9@_ZD+0OOvoC4tP&8g)X!E^Aub5fOYN7#xZ;kAzSH=XgO7Lhlr@*?9ZA}wywb$Y#SR2Q@LilP!R4vNkd$%Dx6<@T1Q&|IYW+^K}l^2L&RcA4_lUSxKr zfJfF=Ty$KD#3Fn1huDvt2QG?xXEN93Z<^Ha&%6x??dTu(KD*q*@^-F&KW7e#R-ZL% zo}3M8^7wX$$;?o&W4px5+gM@-4#{Ovz zwIjpM`VJB$qePnbSxz8d#3?{?fd#) z>-0|*{O60#g#`acn`MW?`oCsj|DEsrAB=YIKBOYA)Qz!E4!duDeJx~rf2mvdUz#Ym zb0NZC8|kY|)zdNi&a}qAQ{6XsDEQXI6Z?O=TeM++h2Ck{wDxNM8^!r!9#H+9r-f^! z7|RA3?+8X`6p#Nl?-6LZuwh>n8dad_h0<2@ctqcb{Sn)#N0@qVq_S+f-FdbP*kSR#L zHsret`F=a9gOCD_KX)z(5!B4DhCYeDquYLy%bxB2MpDx=7FX7LMPNf&;2Yt z!Ymdwgiw!^4vm9ovBit5cLO_KM2w3Hw4BoY{FrhTQkfgVLSMGV%wt3e^aWv^W$eXL zk1%;_^K`jF04LTZ*F%&3mF)_#vGRS{(MIQ6(eM1YV4HM$zKGEv?`Bu(9M^Ppjorx9 zZZ^BBGyZp9+W$e&A)t~SYVLUSLSBirb!E+P=O|K;r52$Kq+ZPPdrxaLLd|yiiT{2V`yO;66n5aeq|-7zFtB#QT0P%8Is!A+CrI% z_G0IV5b+&9Cq7*+TKv;^;l1eyVOd8Sj9W}ugX^__0|q{DG1fa^z8<}nV>UOpmI%&l z%yP$mfd=cI=mzv>X1U4hBdrrK2{hH#cp-NA#mfSJG~AhZhN`lqS_34)kbuiD4gw!S zz$U3~lNkchXm1a&Z{rBdUX>TWu=#B}LkC`;G3`@LZ}S(KMShsMf9%}Pf{KnF-Q3%S zHIM`>>JW8lDg`P6!%s;LEK5aKCZbJ36@rH5Df6Q(|Be85B^{6#hcXW00?VyRn}tEv{{b z-sZLu3WAPG3L!wxQ_}iV)Rr{y2td}@ke=TsbJNU107SpMJT;}yx2I|OuxGe$h~R*M zz*tq|PiQczI&7n)!R5J}_VB70;!^BdWO@8?DL!4Dr?VRm>lOVE5}hUi9Ws%09$L&; z5p}7Akrqj$PXC0A&3UY$0zz+d`VF53_SHCEycjv{fFIG4%3m)wj%r9n`Y5^ua;{wc z@H1MPRh(FH8^nkUNP1)#D+bFU$@+o;KG?ixSA2A&(E*BOUe-uwTAS!kfwJD-Brxk@ zmt#>P0jwYR6$Ggz$*6^p^ds|Ejl!mSuY$uWj))pFkw58Wh=I2gj8_5Ad zsT@T%Eu2^a47!+jfVjeJgIJI%`9mMZ<+{cvFiD#w#r$gh`#AB~6QG1)YMyF&GY_*yXxHM?7j9{*Pd@LEc)Yn z$38$${YLgpPtOPmVL`84jUZ&M#xE3F>)(LGyE^J#&`Qewd;j906L@cDN&2TuGq;?G zh-Vu=Esc_#59Mlq&|pd0wx4Ucw_iRrVu^>xJqwT_%N@HAd_da%uT9=8UP{ZaaBt2Up+RGOR4zlQHRrmIr)HM>g+)Kb&FBUXmLF>KzFm z?r-Pf5?KOA25AN_W@C-7HX0ZKAA7Rwa(kn4KUdkB{y%A_=jZoY9dz z%I1QZ8|(d?&A8?(QUia-w{IF398A;X$r4?L$9mplHdH}hNBAY+h!BSGR{a1a59KJHew^g;k7rs-} z%&6Ee-H{x(qJyNX)0L+)Tkk5d`biu(J=_D>j4#?a8#?P7v zRd3(jZKbvuvQWz-xya?TNcS$M+YVgCRQ7KxxFE8s=#CZ7H6wJj^5Zvs zl-X#BN zcWNkrVPdN%X9OaE?y|Z=#?%yRlM<{!;&7M0WmC?~{nK_x+zvZP?q4*$)MdO@%ul#} zN1p7-h8yXO7kZkx_9wif01?!C%5wqcpm_Umjq;lX*%#0?+B+f?GLGCdcC}^tLTE%X zK5#hu2|LOuFkH9L+Ox(im{Zs)O~K^|@fF%82mS2cF@CznSXBL>MjKvnx@l+%Fg1m{ zcB#+1*Ta-_?<~vSw}z2WMITeg6pg!ANyw5GlT_iJ{$3;jVh_1Q&KMmK#LwOA32m^J zI4Y{zT0cJ@s3W8EcFiCL#wyQ-iZ>8gS=0I)n<1SeqT?qg|E;Mc*v&g^_l5!46pI|j z+du@=Qa4x{x6QPW|^KB%kAnf^Mq-1VB6!StvASO$btZGdHS&+Z%UA%agyClgFlJ!An52w zAucHjxx&l66N)yl({gdYX5E8$QR^#X%MK=$9qQbsniOy83+LXY$^gllCQwEUp;&tv zOP^FfSBf>$_K>k8RmlI&7zEi`^>+z!`6dhOwhbOiCe+sd%*n)AJT(`>*?*jXG(4Z;O?hzf~E@N4-jPU4n{MEDxrvqk3kETagBoU=h*C&UFd7%cOfYh|Fa$Y zpY?b58wX4Pjth+3!aECpZ8hlc(YJ)8i@XAeime%()cN~XW>yiABYjT~auUsngu~Mr z-y=-_H4QA}MGrUq!C5ngY=U5JCE<5#3I5EzkO193v_g_KGwV}f%ew;fa*c%#V`-#O zy!&DXDpvCAxce}=p!sp-qxdwnUPd;2dzPM7M^r1AG;yZ}jy%b##-=20eO!)cDEdub zMj$goIC|g7aDcTP%b7R`gh#j{@%9g7e_zG6G5*8a*@O<_ea< zj0GReQw=U*@i-=wcRPVq#Lqu%bdp$|{khss^SO>PQ(s9l%;eI7v`4z)-C$`W)O@u! zoFX_7=5Sq(3NiDY_od;h{z`aN6dY^F%t!E;|b&K#X|8{pH!PPixbrAh@)Il%a&j;>C)wK%UVm6O-GNb#FY! zi0MVY(INWa!x+l7Z+0P8MLD`AuMqTd{4_Quu@B-vfw3TtVR z<4)cNDfKZyBI1R$H}>=W)a7{T)bv!>W3I^xB)v3{r4U31gA8>HzU~c$96jsfzUZsu z@S4cngmmS>EK7-_xuM_Z+e&k7nTqSPcsbZ~$$rl~BJFn0!8y}WGd+ak#*;f$~<;&YwrMjD(T3c5-#q#8ulUMrt)*#WXo zzYEEBzzE|4YOBT5ZEEJsU~J`Y;5*}?lSlYtmz<&!3b?mkb{OX*;K8YKy7|Suy3TOq z)aI@6zJ<)ILdNoUII2oQ3>Ld~>qnMM>x$wsf@ie6H-WroSN(Vv;&v|<$68)khB7YP?ucoPS;;b<-!v4F1c40rhhKQvl-jg?_>jZ^%^ z&^~J@L;vt|M-5GxwNO#eOHR%G0mFLUb>+HiG^z3)-us4R>8}O2l$i?*8!C!(zO86D z9vPmPdd9F%U{>q|RXx>U$S01GR87{h_0e_A%B7GRbGc6(WW(YPCIqYp=;5e|7RYL9 zD->f>*e)CuT#YfThc_fzpE=vj$4f9UIFMqX{Dx^>aFTVB_Fw8yZS-ZCO}lxuVId1= zjY+`&DvvNT!2;+{-X*8^_7Nq8yMkJG*{8WB0>M*Q4KD%ad~damD@DZ*dw#rKYes{+ zo02Wi`3LoO^uUbW({rcqd^s1O-S8O$YYPRzdzItRT11uF(gDr$05vO|S9N?aW})AH z-A}J+samhef%Ij(fP&;fZ1-nbhfyN;Zf~AJp54`!+G?%SXBBXyk*{Mls=z!UzH?J< zf!IXw6pu>*jO~*R8!k?@jwwY#ZGj|dN_dNzcIH~~81TmqA7E}Za#B+xI)T!hYpvI7 zOq<2>jBV9xlwp-GRbA_W_Ftuqh{7mzGP8ysj!xm#>kAvWDHJrJLu49Rg&o1ieZHfjrXYi@2}^=vQ)*c;lv zH@4#AvE-R?si-GjdDRY^UsvlxZ`}9A3=gkEBkuBQKYW?(Ba9}*Y1KF)=-0PiqWCz6 zg+2Nx-f(H-xYrkB$l@!};EhvaW@i$7{kO)@Gy#J3_K=4BeQ2uD z#1C5?lJL>x%GysOdhH~P6*QxaqT=@abSrK4_DS;=4;keWbp?2Q{Hx3Zxd_X(PM)4= z9CLSqh6#Fgrd&4Rj^d%eNLXiPE{*$x=-56{lTu;2Y>Edj2-eKD|a52rjqbZEkMW^RE8bwi*^W zF|E*VY5&q2`;gw_=-Mg5pcyz+m?o0w`k6NxdsDCFzJop8hZLWm zA;WHVX^d>ogXPMJqUgZNmF4E_+NxUToQkrL?3RXuQ{#Tw;Qo(%^;Nd3BY3k-3ZVbGcaG z)82DAhqYdKcBkZiUW9W~v&W=7TZT7yv4rDV_&Ecf@1f&k^UwtL*>y;zpJTmq?$Q_v zspBDiJT0Xq=Y_qzJ*|)s0Ui#qlPTfr9G zyYFbifr%8(Zil1FYG!Bk!OqxlyG_zPX`)SKNAZuuDyz$`w$THdMD`r5Af+z#=IYAR z%ZK|{LX$@XZXjF!berzVyU2p@1}$m6ncuyi87D=wXPys=O_(bk)=kLb@#8J5D1l-?h^#!;w ziFnK(%m|LK?i9JVEJeDR5IZ}CQqHWA;Y2|2GSP!5BT)#RVIO7z;*f_}MO(_lk(E=TY;4i@G2|F7_rH)iGQ}yD>E-P4n^>U&>kvf|n9COZ3%(K( zl_)#>LKSsK+c(PYS$}Iluq9(SSfq!}?R}^P#@^oSY zrv5dFsO7LCn1{kdDG4?fBZ4GW`o*)fWO;{YUWpWci&?So_RvNPzhR&91^3A?(sa5p ztiz)OU>q5O8E!Qac8&FC+PE{mSLu-8G;Bg^>682yc6sM()3bMh9wuHGPKZ4z%`BA1+)n9N1t+s1WN2TYZrwP3q{w|>{{t3O^ zJHc+UKQv+Bli$bHX40}L(V#ULslk_67yK&0C%!wS+ZTS5^()dWUbRrzJ*v56S4^3 zp}z6T&p|A5hWf}M!}e|mO=Z=S>o6we0cmL&{%d@82c$`!D71I z&NVm$ukMTc&YWhbeOTY}Fj_0fkvXL6;7rB~4QL`ezm^^l0LeT!EfIA;vM={J6e$Ni zFTKC#Tj()e@j^a1Ybv;Qnrv8(2Th%LNHh}&2n=oCF)eX}$m{DcNj^S7_v(CxI7tt$ zhG2Z|8CnR9r6I%+h7BT8k11+v$CyLUO9B3D&*#i|p6q&iX!AjQ^1MRidayMuYThEV zj&1BqV0W_I52WhH0j6GlhPax^5cQEIYG~UXoqUe&rQh@h4WDm7!mWVr;D+Y`!!uMB zee+H$p>bpZSKlTp#b-wN`5`sEdU2dE*fie$`X?*odqL#Au_Rw)*Il93zpW47O>v|n zi4>Hzf{+OUvNK(J6q*lL?zXyZO$>s|+}AzFeVdR*)dHDmYz5{AXs#+|X=BhGg~~xB zc$CK5+7884Gsqn2&@f(peEkf;)s_!Ad{y|oZjg(K56PUu1QFe|^ubYLL7k|E*L~4c z(x3MkdfymbeI57Rt(J#!o@*$O%LWZ{-$0yCx++lyfHeu82t!etLdJ~f0bE8io@&(N ziR7)EtTeDF6V=oIribFdG)N||c{#JTqo%AK0XflT{8urSHNxBTo}l;0Mb*2)1WX4O zs&(EwL5}w)iFeSwsZaTwE8RAKh-U@Gi9`+#>8ijS>scaSI1ii z=gRqqALB(V9aPwAU$0`}OD^Mw)!tswo-fz(7VS6?@WSbyCdw9Lqvdp$0`jLdW@`bB z4N)Y|83g%C2KuUPsfxlpE@<8l`w|zdO`I(qH^-oh)xJ7AIX1DDnA4szGSVR*^aYg1 zVu-q05Zyeoj4_956@9<}%GW1NbQbV3f$UlN-RUZ_h-6jPn7OE|47&1I@IoU;Zu#HF zu8A9(D)Twx5n2Ms>6len2{E`P!C|Xm_3$re^0K2y2P z3Rl4)%aF_Jw@-rkcg)Cb1)(=Gsee{_+6^r&0S6>pg@uHfa^Q^*==VG5y4=7qYR-1( zJaaai(Yz;TDjQpD=3t8Y?bzbU1azLqozm!Vy!GO_>)|$Z?&Csg=7gvSB?Q6Zcima@ z(GkTIxrhk9OH((wHRtQ&EmFH<`G@^~6zS{==w5CpMWt!-#zw!MDx3s{xxl~8ABkbp zE}if8^w0|4AKC1Hwzje}h%y&SeUd{G+G71jxsG~-iF2NazEm-fJ41n6+h4u=AjP*`*9!w6x?Hw0Y1J8v4RwZfN{z5YDl6e zKTaRSM+-pkye{*iyae18C#dgixy!GH^Hs_s1PEpY1*E@|HKC@?qLNMpm$80v`17U? zt9=xApe2q4WGo-Lw^ANm)%^ zPSo(^x)Fr_Zd%K?SmUk)uLK}vSKMkH=k2w9z#(g;)dl}-{fpQWz8#vvNp`o!f)_)@ z(>GcJSL9Me5ik)60JKM`mo2Ln1RvsiM%|xe{$WO%>I5@aZ9ENM%q;#xV>{qCO)zcB zZlWwNIhdOI*OIWyXHu>etjm8vuJb6f{`|6+O}67go#pkFa1^$j8EQu0;l8HUthns` zPwn}khxXn6RDXG|rK%`m9zzP9i*boG$E8Yr>P)7J?_(ed6S=O8xCyt%!o;=$MB z;U9yu_j6J1I{Y!vg8a|oJcsLHqtF>q?Ab_iO@b)5=mZ6_ni6sKvBHe#ZMQODVU+5B zs*C@}bU(6)R=4c8D#c#K&r~9L2#-T4r)LJ^q^5SX^!(jwwqi)Fi+B4s>jJ?0q|I1< z23Yf=MO$0iMq_J(+GU5{Y(aD3g(D#vcQt0fe5U4t6P~t0>khe7*HJ~N@9^Wurz|SP zxyeNN!FoKBA=F}D{8x5Wm=dVQ3(^?TUFlrO0B8`3U6~fbSsI&JII=#Fo`xm{0hb#dgf9BgP zI}`%x^Zc0(kJEZ5zr0c=5-vOMiv5%s9m?%RbNWvX${LjuM3sK8czkv!hW=0{Gp=_= z7Wm7%5!%FTM9T5|1O$>_*OH*snzvxG7QOKGK24cNUGjtZ15uG|aD>bkVDPj%44L8B7^^;qciE$xs)H#%cc=3et4h?}4dSK2_Zd<$Pe@f_{5wMD@?Ge|tYhGCc4tvW3SDH$A zy#v!vea1(>!g~?xUlf;@Qu33%yfS5eskBtkr?np6rE|2-a!M;(v>9=eluOc8r&3q~ z_BFi{TWzK1{H!}mEH9J%PkZm5XaAqCGYi>@myBBJeA2A(Ll!%T9|~{#{+M59ty}rr zZ>7io81|TZ^436|V^JmItwA?mwI1=-*@gGr_8n{T1wy|NfI`*wkR$BoM02csH_ka~ zB0)*f8#eL7aZyvFXK5aHBrU&3?oeR66!|JPEiDMxf?90G64da%lWx10+3-{LiU5Zl zYu=8#H7OWdnKJLl0z#toHJ`(eJ8vEU$hcDT&u@A6i6d~1WeQ?7F@_C|n9=DvB^kU$ zd)=Eoeav7m7v_hX1$-lf#*G%O9=toQU_}rFzYe~`!%L9o5~Ky~b1=mCM7!`TI^osQ z&F`O8M6AaLEHI~kFiiVuhyG2(?~|2)7N9S z-9lZ2tGgJ-cnM=&z9P7zj>UGd(o67-_%#&2z-j518ROT8p<0?e2j2nP`=^op&T!=$ zn5V&d?+(R}$L(|!n^G0!IUm#?#EOB9LibyV_w&=V%@IOxLFENJi6u>)E`%xg-uCG2 zPGY67)wdu7xNn2v(eG8`u7+ROV?K4=u?&$~SyJjUy9Fvr#_8t7k5G0IhyWNZh1e{n z@mAI?=#eFUDeE1*`lErL4@X@mT9-d2Z~Ad#UMFJu8Ku3o0dX$sF&CF=t=6xhz0Dn5 z#ueJCgt{jW9(%i3O{bG`TJeMd2HGTxVS(e=+1G}_d%kkZ?m#$)6giLEhp(2??-D$1fPrKi zA&1uKRNU3eIcD)c#_n5mj_tSC1{fbmkC;#**2U%bZjsUbpG5nRF+SqsY+JPKk^aM3 zgV{1`40d`_bO?~hHITb|Xv|D)82&w!%=EJ+pos;qyuL9nw-k2iQ0(VuiSVzw%ShJX z#B8G80Ah>-wtMckkL9EeX4J;h+|-L6hDWQ1Zr3Zw_LliL#K*|?cKiD6&}j}&hrif( z&1zUcg2HowyXq(X2J;0=}k8)clASESq(@oC{zvx{pr4m3~otlya%oA_P5G0M^&Bd z6?CZZZlJ9ak3&~nQm#8mO(Lhb!J6k8A)tMLVG_~)S`9hW6;6cCh6`lS6P}tf+TCWz zi$_|RF(84!t=pg_xuRmxso4xLyn!`w1C_|9CPl|InUI$iNHzVC`cLTRf4bBDhkbBE zoH8e#P1V7@)6KA3(-_?p#9qgv`M&fny!2=^qan?&Kgng*>jF8(4IomO*!mExzdPQv zS)l7fMD%(C&mr(;^mYr+!T%=1_xT+5?ZT7l^$SO166OBA?6cXLu04Iz+^WjUhHmpQ z+403#9PG|4L7(%b(U`6Pjw`72hw)uRMPfr9@DEU7auCG^UG?6Bi&CFFDoTA_C`%Uc z%E-ma5O?0TRFn$1S7lOH!yHtXi8CucXeX%_k^Oqj!XFIBklnu`s2!C}wb(st_A|+& zi>2UKTaDp9X?wE9khG5GJ(GG+NY*Qw&izxL+mnP;jZHKHtTsc+VI?Uk8@_9ZvOLSr zDN`Y=G#Yyy%{-%{r9;o@{``keUVjK6*Sl#hhQ%bO8{nLZmSs2_StdjWQ>~6iPS|!E*PU!bcfLIE#0ex}eQd)oyeEH;vVxqb*w096fGn3W=G85LL*b)WuFK z2nq%s10MPd_sIrzX%_@T=z+nl0e{#JH_cFiR2woJbL^Dbo0r7c*-rH}?FaE)uLEyH zbJSg&nNk?R`1b5p%}JD0`?#?01F6y?xYAlIx6LJ0d)GHl$1B&@==0}G%J(2gOzj+Q zH7atSVOQ4ZMinaYBiRy993DXA#q@ixmupqOE1t)f{(3~y+q3SvE+4$E`vsl$Y?YWj z7fbk|^}zL2UOYjyosWa&Rf;nX){@^n2ps1uD)jfUf(tBhH(JOTx*6oyH7;W|x6wJb zn%?*$Go?puj!clS0Y!;-c#PH8(wo z_C>R^HI4ruK60WTMLEeDi}e{DU&ka4%WcI^L8nj0y2~M%t?G4Ew6=kR%CMmtb=VOB zDRa8gLH+^MP$7aG&8z=JW?=q{7-R?cS^kcWEYevwyh?oXY4A{g>`ywhJAiYujox!( z%SvMDQbA0ls%r}6nzP8ra6-y_L7 zcxo!yEXxrNPPG?&2>~OCD0^=OdpktFyD&lQhQ;-E@b;E za(wCHL$_^r{9tP%CDKZ9uDz?o&n!uH{x=(9eBTSHI7{PD+zLAIm>@PK}<;e{#5h;w? z{*L?NVAS)oLm>q*{$=&jT<#F(#ir99GJ(NXC~^Dw5F6}QFsKlu#%@}+_r{64XxG)w!~o1tuP5Bl5Ma?z+nGS8QnYPXFw zy@YKNVMFHqdG`AolFsS|v%%EyHs~w$5OjF*w|atp(`9<_`IzZ2wn~=Zh?px;{I^c7 z!$(l7mcoBKNq$v8n1(;qeX)1H5nWwb?Q~+&9(C$tB>pVT``_@;#w;%dojrcG}q z*n-5Hf4Mu>a_Ddq*Tc~lvm9jag*Zk*;_J-nd~oYG5ff~Uo?(TkVmnoMUZT7@a`dO$ zq%TEFA8sLFsA-3#$ns|Qm`L84jgviQuNxCDL_p`kTXnGK&tw9qE(R_e3)~6KWW_+kp zyP`*?m)=WA^bwDdy)4P;OAo#8^uf$ujC}nT#1U6AWA4N&kIS{kM%swC<+j!w2KWj-$7z7I->P@BXxuS6K^4a-js&m2d3o^N$4!z&I1 zc1OU#KhqBD1wGsTK=Wos^)o>%) zJX1%xTpH@tFrnlL9Yqpg#8!1~=G!{~TWcJ1&l1%%PgZ%)cw5kTv_kVM6#+XVwxl z7G?KF?u>Q7C$Gzm%^mv(BOUE^huE-1j3YCizo?vpDd9MrtT2|Q68&SLJ*QG7ff&}v zrpIN4FJ3sU6{0rWcMX>h^MZ$TiV$z6MrP9%nEKfq4fUVDKRF%zQgd~!&n@JFGacoX zAHShA8MAURvQv)3eft}Q(>Jv==U>;-przNpZ(>SW`pMzqL4|5@TukakV_5@?qM=fT zhGg&8)C2UgTG_|7Qbmc%VqX z;X#eM$4p`^bQzPJ(c052y*yp(`9mNlIr!U@pRn}G{%b%(-ovhr6g^6$SxhDtEbKF; z-tfjwGE`e-Q%_G1mI!1j>cJXnVg7GJg#J@RDM1bi>*s_YVjj2-BZRTGCdkL#%;mT5 zloCG^yLs05mSz;{Qs1*tG(Gg8Le1pe)fG!bWFp7Kr3=GXL>MtIyh=m8n&x~!MY*5F z@foV^JjPu;kiaS9voA9<>n3-_=B_ci1eQq3b+)J~UXqZsChvS_VR?Icg?RD+2L_qB zg{6>%4h7_ikI22j`d}8nFO+P>+HF;h0{gvFBcxPYTJ8mM!PXUt8OY=lM1s=eoSDcD z#n_AU_)c{l81JXS``d*Wsz9VHVzz)3k*TeQ7yP~=^qK!}Hl zEB)Qx2Lxm+O0{$a<}4UHwtdR7Y83ZG>((a?WJ1J$tUJZzNa0Vmy*r{mpZlAES+4qk<_{sOKNlD*T>)&ob3-677xvz<3U*Bvr9KucM%?ab#Ok>h($qEH2V*avh%DxP zIT{QAT>E+gdjv+OLiFdm-(PPhhYB)<_6(`(Qij*UqtQ%kfS@)F>raNpoywKH$3&XT zJ#*C9b$!GeCQAXAwUS@6zi;yP{&V<@n-v%O=|ZSo3R$C6sb<@b>T*O}S7Skp=o8rJ zOH(w5onMTu-3Jr9&T5L#PFH;PStIi!y_mySG`oV&V!YJzkHIco2S5!N{M$LWEd?hE#p{3(^mh9!r|$Xjj7iG(7{*YfyN|?a+$rL z?^c6D+!ZwVVr$~+i<4>!!S&@|GA4+PM@xRVh#`xdYA}sjN@%-NIkebX*buOm@=SSf zyT{b<(EKOv`F{qv{=bg9($}|jO&)nLJ{KON%S=hY_Z*THdG#^T%0xv!GR>%lsc1yDDuW;Fcto6Y%)I6Y2$s9&4GDRL*REJGuF&p^nDM?+ zF3o%OD4TZ|rA!?@hNacEgf(EpYOS4l0-<{HSCdB1GB@FsO)F|uhXZgP>;RAD(iJF< z*4U#~dka&Zei+SFgzH^hIao5o-UkbjOltZ>@Gt+`-6o90YPHvX0f_X|4j5u?&wcqx zQq4Ht?_~7$Z&c5j2lhpPn`#qk;aGMcdl>a$vK}XbXMyL~C)M;Ks|Yor~O6X;RS?u=;`qIgVA6ul;+Nz*`%U*C*J$z zKgJEKK{bp^Dn72AKe``bqvH@inW$Ljz~NcgD=77{F+lBv?vst${FXnw+Q7KouUuVB z9?^(8(AZAjSy^I#99Rf&Qj-7;ctqLA=yP;`20N>J}C>nJ&Ir zkdaIA9S%YFi8IOj*fqs*!d86sbJrCQsTb8pW6!IN&oEY?3r0S$7oPXN`|67~)ik{= zwsU-q*~ov;{r~?x{&N+E{0ogkR%3Jnq3e9g-)d{OH8EbB7-2)|o1t!!{u ziCowJ_?|P}1yTVo*anRk-yWITZ#REg9VT0nj?*Sas$${UHZyg7Jg>YEt#-yEBqCH$ zoC+l5|26aY*D7Q6mEaXrDL0}r`lGO=gSr=YY$&@62Z?N($!UHrueDR`oGXYH*j^E} zu_YhelywhJG?B2y5T#Iw%(X=%w;G&Y2>LQx9mg)GN&8(EtyT8c-Y)04s?D0HG+uD% znru1C6L-AjtLz(2xDr5wJ#zCy)3|Go3yB&mw zZV2*V57#s=Gk~j`NtKOUYO3tvN2YWVSc0ep{GFZ`5;)xWMKrboc*y?(DjQXFMH*@! zaJ)E|pwu6>vXwCv5LkD@fAeG{7&4DYdc8epgb&NuB$#61b20Wa-#1TAm9<0 zp^ks3QulhrSPb6kLx8>%q1zJ#d|_B!NI)^CGJEcxx!WQFp5}0a@QGfpkX|z<#w2PL zJz2lI`H}ds5)~gm zLX)%=eO;^jN0Kuy;mAnb`eK+1`yB2`%G@|lTj@-?UAGO3aQnF4AAy7b76$ESj6YnO z`|+I#N$17;i!;=g-ya>aE5KhVxlt_YqQQacPNgMO;R{h^i%%e@XEvT6&-|of-!$-nt z11cakg$E@+d%)Tf(55@ttJmL>A895KO$G9VSr!4PV~mWOqo0X!u}N&{Do%V%u8ES9 z1Cw3z4Y5WY4j^QDXxVdR_UpAjS4nIDGv7J|v1f1r@olsd)&}MuIaTSx@HxqMfhKge z++my(j=8fKl^SrBDfZ#L6Ip7Jnnen3yidfC`>vP^v{7s2+wVq%<}{BUlI*c15zq?u znr7RiK0PAr8^q4O6mAX5P&!%?f{<$WAPb+&uw>Bye;>vtx4;yL_YW_G}D2$l|ZUl2z3uGHS<1=^dakrC*>%j{{K zBYp*E26wHK^htYBnjAIdB}G(^(5GK##f!*lrTa&vPZ&xm(guHxKo==!xRF>r;dXm4 zjaTpCB|1J_mrPBeT=>_uTmN70O+>#MMErh_dx13*i_mrsN^fOS9qy&oAm=a<|C%rV zP{vzK?U^fJY0K656qN*2%UV~QQ!ApzPY+m_4c2st?wfgghWapdY;f&r&VqzwXk|%d zd#QQBda9B*pHflSlu?vjnY;y5@;gCl$SuiaJM1nhb}n`s?itOrKDXATf9rmZGD@U< zW>*EzLV~|Z##*4Fs!^{3NY5(mTz}uP2j$TQlo*>Ywx4scwrQzLrLZoe8vo?}iMN`^=)s{jr}IO@n_V^uTGkYv-TeRL z?r6rX3W@x&NuwVOd6qYcweiB1ig&}}rr8L%&37PjD;w16p_B`wWAWay+@sc@g+log;spoW1@|+$SmfaV56euap zL6wL`y&R5EYcnsZ0~U^51S1tGUxLjQZsG1z4&VJ*U<%t zRNr=%q=>t`z6cx|btlgg7;@i*OjRax3 zE%&lP*&g|9L`AhJm>#cSK!&P2@?C8fbuZ`M2mudAS!qD%;upSpckh%R`>OWinbKO} z>OM+fGR~KWjj#xTlE^txD;n2SSlz-j^alO%kkaQ@cIs|cY?t@rbL|+AUGfR_aCotQ zdFmHc!d$0`*<%)Z)8#|Xn0o7efX(*v{+M2)IeP7ciT?hXQMq8OKZ$9X!YB_uTtrzt zgVN;E*i%x3+`XG`O$k*7$=b&8FleUZTnmf>wU|{V@ zgBSJSROgpDHZzNqK^(?8^HUGgtEY2)?%TreG*OP@-ZeTVrBYixXj3H;314sKIhr>^ z!R9IW4#8BwQTkp-LB%)kDMs&QpLQ`@JtmxDxL=Y0RY?kOtkYazez49;7$m?%%JnY}4+yZf2@Ame3QUnSzCo;72%6s{<9 zlv62*Cim}fDLf}wqv7Xzc31)f(^sNnuK$(N8HHF(8k${X-88G`Q$Sm15Mt`4`2grxAfWB^mc2TG9d!IAcagiz-&o9za8~SsQ0TX{E|lPUeV{tV^LQS|IsH&`yI7U z(Yx$^!W~oq|pbzJSKBqJIJaRrzTx%pm{6I7EcezhA%qCVeCZ}C^xroy;$I2tq^y&VL>D1kHIqLFD9!cefNaM>iLX?-57JQ9*bTr zc4D4fg=mn1*to4leV}2fk%tMk+DH8P>1%AULUGHjpEG0_d#0{GX%%;Q9{6-q@AtPJ zdJ3;oe>V--LWkMRZQkvq(Y`fW3EEyvO^A*%Pwst$Q8G0+i=>epr_cP}*NFGWj;$$) zy)$vSZfwW}@%Rd%32ipNXmjpvM&U2zSa-jznnFj~Lwxjf6NNcr-c)ENen-q1B$^M-YyPmxMBTI76@hWI~!g z_z}T90oFxKPwUH2If1F*QqY7Fy}i&xR|7W9EfUJW4sA~g=FBn#cJ<>Xb_OODV052Qg)o?kiC$@72wD6I2S6wjYjmXsulIBZ%n*F zKU88wH>g_-mQ=szX9_Ql)GB+c`_(Dsz)vPp>_6?L_3!mk(-lF%n0j&+`r70zhkd2_ z))qQoZ32%X{m*7zLnmk^*-@0d(2ZN6!0*`kQ7NIVRjn-bYCmYZWHG)sZJa&eDX$<+ z;)feX@QPh(C2mGPF9=veS>Zh?t1*9shIlo^80Ob{hd>Eu%%X$PT8yuxDjy7&VHu6b zBH|TTd64j{T+3-<8eR^Vl3cL0S^{(v2rD_jGNW9{nPqxk#-ewuPrT1NCQo$DO>;F+ zU>xXWsGzwX8Xw{yPJ&FOhwiq08&aef-o<#eccY2Cyqp#{LAWg8s{O;^H-B1Ukf2D~ zJP_VKzW1V^q3GhS`3%{<&&^xVhw5pW%~zy7}{d&{7@o^IWj z;O=e<3BlbKx^N5b?(PJ4cMlRQxCRLB?!hIvySpy@^48wB?%wCV=YRI8>Tj!N_pG@_ zb#;&NjNcP%O3bengtXI@@qgk?HUENE-ALn6Sh4%vlZU91T#tbln;OBym))hQhAx% z2d(o9Z0nGML~jKRL$%Q_+a)7g-u0mRnJVdnqRjvD-2azV`uA%EV*IORNPEHBUM5}A ziW~cr`0{M`6v5y9^$^#u#?=)4n$*LcuV)^4ui_vFnzjM_f6QL}_jS7O$Z}gf zdmt;d3wow8v649-@J`xEHBxP2WV*RnAg{>JBffE&y{ghfONLQQY#`!R4gmdkY2L1$ z1c|FG=61J=_(FgEvl`{UUB)+UM1|JqzwL9c8m_=d7!Us%0AB@%lmbZTqer#eeHrKbNm>Xw1ti!?}wc z|HJsFU-F_e9@No-^MU+sQyRnO`|n@l|0gj0Z~v45-KV(`n41RJWDd~pBo6Ku<=DjN z2MiVt&hV6U*0I<*-SAv-1qE(x9i8dr`B?d~6-N6H8>)Yv^uMeyg`sFepqR3IPBco? zx}vS9qY|E9ONgDakYE1`LD3!+0BkU&~Xw37>8R80g#7X7dD z{_hhyAHPgV3RNnXKSQktiTy+7=if}xtq~p|T-~+tmktUlnS(IDMMcKT-!)90;guI- z%DQ4}doR|L9g=mp5B~U`iG$lc?*vIm@ut%q4W)Nh%3t=nCOA5sP)=>U)%o5p@Ma|M zfBM#&UKlL!*H=c}E9e7qn3tXUQ`Fx`D(x+x(mwb(BO}Q3xPvUmr($@N-+jBJpS97e zuLgGedB8jIxLb`ZjK|-8CH~w97^FXKS1$^yY2n0O^JXXQGGRK8c@PWmjW8#Lm8)F=e`xZ1d4D#CUFx+?OCdQtw-~H>*=Xi#^!3$``ft+PrYD0 zW_WrYzW29}g=!2TyOB^64PSjBWIKoebh^6{igj1Mt1-PH&{?%b9|XW0s#9ea60qlsYOFqygzC z(O6i0Bc-%aZ?C8vDBW>6W`e(qK_mG-SqhWgaRQz+yUb7uK3HGr$C}UdD-dV9-NB}; z-@=#66*D|ZncMwP)6WF(CS4i5s!%eb)YwI@y0OFG{^A)uWJ-RR`oPmt>N-*oCm*~> zsg$Kg(aHDtr4fQ~ZlEf+j0(fTp55FU@*00bw+Svq_i4q_*pb)@U5@dj@zJAx?VuLQ z=Yk>P&KXKARGxi^A7CUWY|f0oA$~QvIz=jBjw}C&KThY~7|&@b_*=1rOdf{h8`=xo ztOugwT1T)ZY$M>eP>>iNjvNVJX>|0dW)=5j{Q;O_9U$^pbMi4AQ~XbO{Vl<1cIR za>RTORLyjrCiY1*K_@Q1B-DiMdc2)vZK5h@72>P6q-@KPn~xHzeCH=A&5x8UbU>p) zaRDQz&^asrl@ZhRVoqYl{46AH_NNb91LPZ#(=Fq<=!{<7Q(qgRMpeucXzLhDJ3T{E z9+G#>Ef{K~J-aqiDlNRrqYbnjn)i8*{(#|fhraL9*=gGxVG7teeS@zDmxx1Z|D>S= z^I|A6=I}|{Smr~w%PAE{3awV8e`HLq9LZt!cFs5F!{!^+VPVP>-M#>Z@xIsGeFmkf zH~Rlf(_84ghiRw$5A=2@-zgH?)s+Y2Is78RTLxusg2_W-nA6=)nP)d#St$J8Z!Jz_oOHAfzqw zc2o1Bx_^PC6zqlhB(Gl0Ih_P)WhW^rhl7Z8?f8Y3;KHd#Rz{6p+vAh7j(5dNkBZ0V zdE~@C>gYr{OD2hl;b8FA-*CrY4K|tq_U_8>;=P%MkFW_Q|iE#kNpDA@cf0*{CP zL?sh^3yS>a@p{8=I_G`}MCPbW!Q0+`t?|&O$%leMKeC496HN`=MAcjSX=z_J@VGENi2v*H{GcO%m}EFikPW)P_Hu37Ost#9h6 zL8WQEw;Onve&h5G2@q>t>6@E}E{^gF$Go)PZf;5@r{qI|L$lbfQ&4stLh((iLyPQb zKZK~*%_1N;L)Ac1!7ob*;2!-|zfkbI5JFPH)NpiPm3ZoG(ztp*(G|S)x!VOy zH}MtEo(5{dL44a_lCsDjCm2`8V0>$HD^zNkDi;X z%^AjQO4^MC0CZ1+R8s4uu>N5WHUL1vlE1wvl;eZxl&n37czec2k;=_mdh!c!Jqg5t zKlDTDgT9&4>X^YTH<*9W0)=HmsPp+}OPMN#w9K$Fz9cMN-}QKNdj0ZobRA3<1N|4K zRXeF=r!I^7@TK|M!N2?%wo4^6TnXfVj)~I^v5FFme*ZW*{W7w)4;M1`7iZlW87zh3 zNf$3QU*34n_|wr+$CqC$*GE#0b!8buts6tAsHYw^c4}O>fBWq2i=`dQU}#kwCg;w? zRnnMy1B>9%7t_Pw4`7IN4>NPdh$ErzZ(&yK)47sm93_~={;};N!xdMAOVQA*k4Mv@ z)at`|PRbLG4(3IlBGl;?_zcOtQG@-U;2vV419k2E)rqaV(BXVveYqlNdGJ%G@b3sD zE|KXL3MO?M34u9cWH73s(E|CQXIi$J??b`f5}ZmuPNFC{1h`8)Dr)7M87FEG zum-)Zg6a4iW!0SHEFNJ5#lD1;kg66{&wt<2h$S$O8i9Nz6o5lLTI^MLP;X2&y)w28 z`vq3pWkE07gopZ4e%WS{%tgnE4mF#hKeAn-{vkdTVJN@C#n|L(OV~W34sJvf_~>Oa zkx`_1J`)5RXJzged9KIQR*i|H2RpUM*Teh=MVR!GmfM z`-U?KUgoetv38v%(dvH@}~@*`0KcSd=8sNS4#}70JVX$I2&- z6)5)WMXr)7fE*M*-{~-K$8avIkq=bZ!QWT$6^sBpV7nQahvsY_ddd*yUotfpy zGae48{aTX}%ABh#jCj<~jvdzz)Ky{(>RT5l1 zvGDj0qlK44ueA3wt>T}4J80EA~=enJhii_-7MO25z zZz@&5e7)#qZcQf&nwi$dxe$gmk@egu_ip_Y_7JZQL%H+jZ4-bEb+lHW7wn7A=<%D1 z4+;t@?NU>8uee=z$9H*2eq(=F%Jba#O$I3T0bt|IgKX}{WSPro^AqTCgJAZs8J zeDEF}^i_dMzOxJJ-K;EX@*5KZrFZD$;4&vdvv(ws4~k9AQGAx<{lU&9P+Y*J$8f^N zCi{h!RN7J0@RfiV>>@zAqB{O~cFdfpoXt&$^mX<6HD`0$!v@IBj&JZ6I%$!tnHAvq z3Qw@EeLyp&#bP2tJpaDU)9#e7J0x6={f*V7ub`_Lu1R)BgvFJBur}$k=?9vj3Gcx) zt~2cSVAl7QuUElkzb_kqbswEcUiDtMnIPq~?5GVY%EXC%nHb7wTiCuT)!+5Krg&@T z!2%Q?9;C;gj~2uZaPwH8a6C+rF|_;gm?r~z;_L{3ALYifYl$8UkIUPo=J)#}O|D@i zH#yz<<}<3*E7aiaxmS8TIYuMkgS;)+9KP7wrGWp8zpdYB`VU{rh)Y0u7uxluPxeb3(-mn(*Lzi?(R9)OGb?$*uO5>TgTaP?g$%7aN; zs#P}Z!Q1$vU-_pmz6400DO~VTeNP&^4dK zkZAI$YKeUx`vqWN}Tn zM#Uwe^2d5scd;*1zNbJpTVs-G%#o~P7rE~VnoA56tc_xgtXe2{W4hzO_BOVo+ z=s}juHrZ+j^jx{uQ_{AJ8Bu3PYIrA>)|6ORf37t@dW}kvF}Uv+2C;F?kvZJl^HLg$ zi9Eqm&Bu=@%v&A7o{OoVxPT_i_T6TkjC8}{Cep!<$hWkL5%Gz)Sk0FUWR7Di&j%+* zvhZ}QZI z({-!jY!0b-hhMiVo!_Geg?;uhYRRDT?%5+eXk9bLnToMBmvMpeFe6pi79~B6h0u0! zC6L#=9VNsG+fyA%6b@Q`D?c6@FosaVtVQc8#r!DhMrV_EArOovzmQ+xeG8GWokVzn zzRK$VeS#Y5Fo{dl=i89*yts1MSwD|Gu@@=FPm{d85*6wte*Eo9X@SM zX7>|=^}+B*l7jVv0%C@D2Ix*~$TyWQMsv$N$d<0;dsFu9)l`6?Z@=|iWKJeCrs?;0 zVjGxP{w&50y?H|tO{zL=%@iFZe2!a#vW%c56wbPgcZtb}@SP$d$+;Jtf-1$?r!BkOhq z{E}N=Wg{4PSY@WeJBh9_gQz#8&j@~8e`T7$PAjQ;9@bcOLwsH?(bx?m#uBjtSy?7mb)c~UpGkYwQ&7;t zTOEwUwXYO+4&fuYpEl6%rJ6{_oun@eOBIW@K0xEcz~=3u9Q*PMTy#J>_&MGJ?ONIw z)qrNRa$BeT3u2cy9dh=v%;yV*fiRUjOWW(g)(ytK<0TFB%l+pycZc*)z!*z->l44< z(>FX!jZl*b4if|qgW!XREam@ger)qZG=OLJhlrPnt4@)rtFm8B^LNbbB9t-BlhB$D z#w>g=5j^yXpbOgzE;s!r5cmqw$Gw=@+>?)dYW$P_>I=Uf1_@!H_k}?yoMyb^z0j@J z#r8|k`Qelgb#eAYZeR2FHr!Lz@rqIIhZm6-D)Z#cWP>}u<&gnP&?8_3l(WJrNFbD zBL$j+*jRe7!}ZHXnqFOlq_3U;Q}TSluQC!?hD)ohV|bAHD(Y+l>E`8>f_)1ls&A^LFv6Oj zzb5yZcN(ZaL_B^Jz^@zj9K5Xq^@h%7XPpC*rMU6)XEBCYq2`4r|IIb#qx#una;xj) zCP9BOrnvEIkNto=jtUFk%JL&?8%~2)kNqAul7&S`rDjyl8avU$80wHI=t1}t$6qQ- zfN0}sQ0B!d6zSzm0(BD=yqnY6^ug5$i`h-8gLDz((Z*l&pXXoo9FhaCXBqa>Jfxfx zpGQPwMP+LI?gvQJ^n?&3#mV>i4vofk9$TVPg;c3xk<=)0c84sv*#G{JxVaAmW$teW z!r|_$3v+ppv9Q59+v^7yu<}hU47e2@QF(Wdh`R|Z5vG)x{9-aBF%Z{zR;QQ# zr}QXjWHy<=SS|~FRJKzG z50+waV%IpqV=6&&v4@rnx@i(kxYSkPIzFe{EBjz?GS0|X1}A6N4FSaE3T!-bh@;%qUrNw9S`KJd*Js1siC6v-#1<6R;jm1%IA z$2HxZk#m>Q+#(pBnTEr!geqg+yp2Zgq=ffMUQKJ02Ku}}fO-?Yl^2}&O71z@6aA)G z>NNA%SL?y_ITvI}(8@Wl>C_X5q+21EYga1bUyjD|&S$qmvP9sLnPp2{gh5{4YwslXI}|AC*<5hOZKvNqqO739f+D(J)| zjY#Xif^P^@bN%8rqoBWcKM@F7_@OYRPT*ourhYlbV^ z!;Za-uZM+yKRXKt-y*Vv7gxJ?GqeR!={fplFc_vMqLvftM#S|jA0!rLyfx-Hc31G4 zq6O?`_0g+2NGkBSA-ixY!u=%=k%vrBBEK^?DZgcC#;wV#k%8WPg}`z$yS$8R@3UVz zS6uDv6qMO=B#skqGZPplGmDG2ZQ4M-%;=kth9BMFESj)6`4~oD8yUN&`X;=3cbPA$x&imMU;~ zAqqKBlJkRx-|J{Auwh)x^3pm`vPv`9=Dpa(i}h^wV$)dA=1sVS6hvWA9VYT;s~75|o-4L!`(+Ijf{PZ*{IAhq$|= z`GbFzD*yef6TYfEA86t0!OpJ2RNPwMEj^%B)R}$#RDzVKJ|DFoS6+Su+DsbVCi#%b zdjMlB063ER1HTRl@S+^K>Iet!Gz1X{@U1rSF`^$6&*2s4$Zm8I1^M*@XWT|Q;)n1* zHsgO&5c_|Nm4Ty}9|fu#Z|#AMAS$^qOSau`PiE$dj6KBYR7_%pk)f6s*!>_qYZ>(E z`Eev8Ck)Naf=|}hjxX3C35)pxX#|~252FE+y6P{}NaqcYQX3su{{A~G>ub)aI!SC! z91Vy?68o1%Uz{MQddE>(!B_lvMK9aj3A_2G?&1BD{i^0=k6^y;d5PG@USi_aS|SHq zsa|hyrcD*3Ri9ogIN@H@b#2WvX#Np5Bae^cNQ^#YPdC%tI(Py7lKjyca zEhpPer?w=-gr!9&N*!-#RzA+DA?SfJ7@Bf>iH2{GRAiQ-TK5F&@K>%OjKL)OYid9* zN3?aX3$pb!AH&dCNIKDMz&h_Dy9Q zpWihsrx>OIh5(#){abAe{^Y~Zw67lK4r{-A^8HJ8^IoQN&9|`33BbhpVw``6uS)_* zHBGy3bl5KegzcjHYk_|gja@HxYm09Yp#OHsBKQGqV|*3f0R%`RbF|rjSz8KI-=a+*`^5-RagaQaP1;DZizJ@s8)FM^2}mNa0xAS z%I+qK7R?~2b%9oi8T zo2D?#Q4Xpflj^|yErclxxqLEY>_9(6b;h_sws46oW38lx_>>*na?aIu-)go%<%7@Z zogge)EzVYpT_F`$E`_u{`Vu0=#fp%#aU+Sc>!K!Ekr2j%nK~<=3k}kNi`i7H(Mj(C z-+hsvQ)hv6! znYozU8}hD;nhjSbfTXzb@?o!+7eL+VzQo?QL7-wjF*H&(aXDXGKa_|CJ_z$ko(}7j ztRNgL-iOcPLYN-gZ#w-YVkbwygzZ+4(&I2-QXi%(E79U&VSxvh2%%VCApE_|tBUiX zU^P2Q(CL|;L%C6h?hXEQwVh-I{HYXIp(Hb-JJA6PxC@{`IAu*Lw} zL56Aj$$}3~7NsVT+=g^v??-NKK5S9zMd1tj;XWKl1D0iO?~k1Jmg9qJdYrWc`3}(V%z+q!G{zsfTMW{cCrMOz?Vxs`Tg}uU% z@GDx(JZkmzrAUP++8E*FPH^SH<=|FSG-spQSVN~HkU*y?yXQAA3Y1H7MQn|+`W1~p zvt^%_&-ZDFqGeBSQTkf0obGfwSg3RuJ8SDt+{L$SdB?n5;w+h3;J4&>cNSr9%Ha1S zoGOA(?k!bkF7or!+gFwG5Q!yoR~e#_G7!T@i41P;}r`%x?p^WPcK^9Hr>{`h} zt=dO(cioTdA?C)PeR*`846g+>x4(6+#=3I4*-!R&QZ-=@qU66Zy@ohj;jontF-x59 zoCKw__iAPZ^&-8#O1G&0bc*V~T{NsfJ(7?-LTImTK;|*qnGF0%6TTf5NJCZBj&izr z{AWN#^lP$W6tDR(8^5Cl1?kTUQ`QCJ_hNQn&iI(6xd+k8Qg>31!)q-KUG|LCl?KbMue4ZMz@=%fpwK%>!RzuD65dMQ|qE<^IEuo$#;C9y3y{Y6?NNY=LV*~Y3bknU0i20Pu`P$HQ+|CB;O71A;M&cMr4r$B9 zX-^_fMp+-`q>&}ka&TT&wRCEKVFM~b3RdG+(Oi6@t@!@ZXa1*!n+o6G4#Ais6(Urw8JQBYB_s<8x>xer z&O|^lg+Y@IgW$FT5)4cI$n9-i+f_|D&l|x+ZC}(m+H|aaL)jMZ0f5gb1JhG5<}JZF z8cyGfaOKU|*4ekWsSk_X0RWTPBJC$+Z&;Su3URN2(m_u{cC$AkCH?W3Q*!AfZNxRy zyI}?HV!1!m%!JclyUJt-Gjp=~CA~+(7P(qcc24`jZfzAP$g1(ZMn2R(IzqZNa)i#y zoITz&-n-kM-$QiX%b~l5K<_?z>-4T^WvEJeBjV58cv|CXN}T0bi=k=JWLZ*^WT# z1)=uPpK>nTM&zt@pCRLytH@Bz9%r2+*MjJVDdq}L)NYg)-Ns@cqsy1hyKu>xqq`iV z4IKrecV|#{7+^ha2oHuVYlPZ-N7Qlde&%3mF5S~iu&f=-yVT1CguJoufa-dp#e-Sh zf_BI(Z)=x9LJA3i-duT*4~j4TRMME;|F+{9oQ%+kj*p~bSvt1M?utt4agFeDG7Y`T zZsi!6!|dY6qxlcVbsuqfeCX$AP^J0&1evt6Oqezc`=5zn5>}^*p`ZA{W+Pmg1STp_ z=qDBkquGSS-u~=@K-CD9Ig(bg;=meK<9%i^;{-+@TQJ6Kw(|FB4Bw%9htbD_>wcQg z^2Td+8ZsH~O0ewID4ERFgC_oZdx8ij1j!s0`zlWurvlkwugQOjXT4gd{;CECWf7n9 zeUB5R-J>bBF#k@mcZMIO79E6suo@XQ#xdU}52X+v=Y&gihm6vfTsAG`!W}fSh#V*Q zDGdX_SqPZc#0La<_)D(A&BXQI029?hlc;+~Q-W z_+nm{!BkYgRpJUaJp>*IOiOA3R8m;4=p?4%JWGUyXL9pr?pl!+zC`@ChIaOF09Z!M zVgE9F1{%E4m<~_Y?8~BEPw8uf(^Vg0K*^OTsH!wAcT(8S7FE)GM0A@= zwrOw1Pwua&pfx-3*5CHYU-7f_iL&HFxc!r;y*k%DX-j};+1Q^djlKlTh8qo-o*ckl z8^Kgp!uP1xD7RM}j)rCQbMh-q9%@2&=GXx_q~gOzvCsPoccLMgRJO6p39g466FBpt zczA4vt+}F?hB+@l60H}zc0o_28UE~aV-%jnI%c>bwqw{7B1Kboy>|DIoqBS~ zjj+V0a&SZg-hTCd3q=X9z4XoKa&8_9X|OF&O);Kg?^7O7?FYGtaVg~1J_MdC^Jy!6 zTE|k9w)L=EnpWQ+GsLJvb|_U|Mc}Gz%bLoO$AKwKa{G(ZdZz|U?Y9W@=2mDgn)ub# z#W5H;xl*H4+o9&d?_Fsq=5fE_<#Z#$@xly$<d z_JpQQT1r-5=c~n4Px>$Hk$9mNPdJc(I8*>HG6t<*nMD*62=ai({FxQm&PX=-DQOy8@rbqE26ECOaNo zMuRfO7jBYaM#8kqwaNAdL~#PE1@Rf(9MQYT4v$1XwhV=P7q|S3B7XTCV6a^>>4psK zNaHIRk8Y`G8v>4zZr0Yh=_d_t=UIIkF*_(cwivnq7FKEJ=Ul0=Oc2RNL=m0xh<&@X zc-|V1+!O-RZC6RGFrF3SVp|W)2Uq4>X(L3)Dr}7QPYJtJST_=2`QtzH<1&8 z$847~G-a8u?a!io?5hvwZ^NFc>wg`C+)DF6&CPk2>0J@`}Zk!JZ0&(DWNm(>~EB8L;yGGyGMyY593H>bLGpoAH^s2Y`O7pC_VM+5 z3(JWF?9MEAqq3%D6lq+C&(_+jU0RWdy`{}7l4R(z@FZ8M@fs9nP2p}F|hv1;v@`u!vm=Y7d1dv9v+lqip-A6g6FOo#-$K7!1lXfA1FDkxK@A#bs z)k>|@LW|(*JHG54N9d56Ou~Ey54n#rJZ3=|$6xh;SH1}f+ITZNCXGX1Z2TgEGGMjC z?nlQg6#?MfkcV(RvqL`n^1*3n7lDo^#vR%8p9~@#3o!9{HY@jjtT36Eq@=32)xjUY zHP%(ow;#Z-`}nfIU7n))XfB4XgJ6`9;k7CdZNd8+*}p_9|N zP#f7$wf)#Zxa|&$Wm_|P+^PC`5@#0Il10xYd7ak1#P!6{^mpOqJE+MW zC78liW@z~F0Yxb=y1FFk8XHYOlXkgs)}lfi;5m3+z+?O4Aoz`2LR4-IJ%>izjka#5 zh07%Ej1pX!UoD7{LtItKeeX9Sus$4f?v*^xk*8x4XTPD<{LJUR9pBXqn0(#*^5SL( zG`F;#QcekDd`?GjuQ(n&|E@_5Z4UuioGl!Y&PswN#}@AD040Ae7~u{Qh(eRcrD!Tg zq;~U(`?0|jfFc>Kv@~j|KV`crjgT^IUogsDj)H7N!hxb9qKj^<7CX}`>(gA0diNs* zw}lNqOkLiw&}-25ucqiqg0sCEQq+nqI>w=sQ}nHKP*)v+D?{=@6Kvyz{N>KYmfr`| zlVhKP8)xjL_siJUn@6}G>RIb!e)D%TR$j(UqV2#xQbaBXMMf9*vEU)elB?;XjOaZ% z*>;jGOEXwLc_xxM*FR?Jx0VPEGAtX^46xBJUPg=G0}KCBG3>Cu-L3@Iq>*l4h7RTb zaKqKWF{TWj2VBSvwa8CI+$*IKSVIEBdv;2;XTtK6|AKE*;xD5&+T(^=1d44Z+rt4J zjYL)FAIhbs+R|8Sez|cPhSu8F*_}H=C=;xoA8oH-QxN;#s%~m#Ct#eyeVr-NoFt7W zBp+X@P>T%V8R4YV=YBBdbSB~#lp-lQw!lynyrlbQSJPZRigqpi!Bu$J7mx`%ee+e5 zqCNTfSYgv)Rk|O6(A~Hz&{GhHxw9P*K2l0EZ88|@t7=(G#H_ZY@DFFp7YB5Fs?Bl! zqGNWC8vygpy|-U557f%ed%y4dYT%E!6tc`$KnBO!sFZ<`I7x;!-&B@6X`BA@!+!?< zS3fW=>4s|XaVkQgp+Q^+rY?gK%HMhU+00C3m^s3?Rf9(KvVr7F^pv7fRzq6}A(fgy?$_SlVN!iz!HUZXhPTM9MS93j ze=WA&#jl)!8Vb9oE8$&l*B8M)6j#|@JBj|MeFqg=0%I;k*{A3^x9PbG^8Kqs?go?@ zxG~;%;l|UZ>>Qj6WRJRx+AFZv6f08$49zp_Iok^FVEA|5jLqV&csKWM zY}m=E;boFCzN`Idwo~O@-dk;}eFR&x!E+)4-*+c8V3vf zT^vfvBL=RU2OEr;dZ&5`%L))b^4!#-r13zh;ShgDtaOZ5Us1qK7S_V*yuw6y)aIDsh4$H(KUYe@N2%)95UVcU_)iSner@hz_OCNHrW z3>8oIOi$bQ61U=Cs=wq#P6soO0+xB(szD79DR<+^NA7`1?lklAupps$e=!ox=lQi% zt;7yrB;mNC-ECFDN$yguYRC$hEU-hL1DzS`kYSE)ORt}ZAdjDo!=?ZyvWLQTC`e1Y zmZ5iel4}$1-4Djy=UuD9>y~--Ew*9f9Rls08l`QbKL6bMTZ%lk}VL;#xY_fx?t&4WtG<*#io9;zS+GpsF_kV!$ zd8)eDPPrH|;We9e*exEzYn$B9PrZQH49d!=Wm81(Q$%rNjL8k9`~tJow=|DG$B81< zl`wRAnTVrbkD3RMaNBEZz;t*t($jc`LqkK{b=&l&*{qeKH?0}duZyJ730(zmqX>1wp3y2>iX(U0N>TaE$ zhZyPZb~s`aAo%Bi{9{<$&kFC9k|K{He-dl?lAW&<*+Thhrs@?tDN~s6E)tLM=CH z1gELlgObLG$*-P?F#6>zmn4orhlZGD72f?0Y2dq>bhDK-kjCjgpRIZ_o(UQ+Q%Q3! zEb2)ZXz7bycMi*6ANOSUTuKve?&4fD^S#bI)aZzz%gKagPASa8h*74ru$+p8bb(pA z+pdluqm00}GW1(Wio91y|3v>!_sIc~)}!(+iaKHVO%+(>c!D*7Z>7YpX>GiOb$@2{ zO2>U+nrcwLC+tSM;TLWOvH<8-ye7uOhpOVUj0J&m8EB2n3P4bIz;MWZy^E=8V}8XX zD&d7;MYD+jX&Wu%jm4CYVmwdD1RZ!RYT*0H_ZmTIxsIi9Kl9TQ$)+hu{X;Yd$pbz4 zrsn}Dj`*@1niL^dG}-Ru%!8c?qF!_v1g#{UR;0j$D`z&pwY!7;!W(SoZ_-&!uJZa! z;q*W`+x3QIua*<2)vaSgxCUKh9G>NdrrbcUs*(fT?LP!`+$v24_bO!BI51vM_ETD{~{=hLsFi|R}JxuK)`_*wqC`XsE0 z1A+*QK1rb~7h0A7vKO*hnSER))EL1x0RFfa-uq=EGt0!%ZJLWyz+W74N63}U=kq6LP5 z2M3*ymG636+=`(pl2O$css(qex@B^XQdyu;Uh1yWU>N0yepNw`2kv}TW^CsEV~=+L zZq3rBBkRzD$367Azx&Ot^OFN$tBjl7sk9JfEtlcum#%Fw&#R8t%Xxw9DMQ+C^X@4c zhWfFIX-;SaXXVR&Uj(U3)t+g^$dBID)5?yt#A|1*02s}GJ2sc`5<*~L1SwOc6#vqS zm&~Gg85mUjJU|FPC(Pp4kE`1|Yy82|Flf%GsDvP?0TK}LyF z7REvnC#ZC?xTFaHS^BM9SuBvN0oDs-L`*7`fe|QvA7!z5tecpubP%(dKvQSxIh5!ntgHB$Zg7JeHy z$oWe6!FEf=5O9m^a&&Ls5m09-j4g^vmXrE!eI4EfN9UjrYFxSs!I@2pCxZ0&#%n^j zEZ9E*q)yc)x~3M2MNL-%UaK#t;4}Cfn znUFv>mQyB~P>xK2cwax8P8&TD9K&C#TP5J~U4K@^Uo}q!!j>>N;qido9@&C!Sy3Dz z7L(v^?Jl-^n}!5(&D69kcY_@c3}d}{w1o;fIq3Tn9E5SpXTdEM=%9USRLL?%grtiE zx$O8^CE#IjN#7BB^svqzqJf%DQP;E^Ct8@6IB(7x1M3)(%6Gzw7P~mNLV*u&t!1MO z9P+Udp^AP7-O<@s4qCLuZQiV!&&vHdZump82_TKrv6mOFwc)mo%j%!#g8|OEIDK;P zo#C&@Ac+!RzfGsb6#boFarNY*sv+N*{XpbBrLH56WH92$YjG^89g191V+g*9e%_Y+dxpV$x@>EP=BoQD~m4_s;MJTnPabnSR zL&oTGEU9w=o`a%9C9=;57SrRlbw%X6QM0Nn*& zG5FXCqYuP)8pXYUL@P?3*Bp&A7bkJGH*lj>q4CP3lt|SO|9(s#vv^jU>hNZ4ugY}JWgA5nw#hH zZ7cPX?1}byLF(1(FIv%7=mx16-RsGpGoFWB#fs-Qh06}hT)Pb$kG&)lj~!z|ebjhv z8d_9td(BXXahLF5WmvuumXs*Tq~&KgngsI-p}`)GmzxjouGk*ql0Z63Cck$NOk8NI zEo$Fw-`-?Z&f(PcYMCz?pY^eN81Io<_!c6yKJok`mSb-QPJOw?y_d+7W-LYd`?krb?l;^szcepC417 zARSF%@RMsBlbxVusi=AH_EPgr_JHP@T#q$kt3oy!6g~^#w0df|N{-#2iB3kPFgB89 zUeD=gpNFFX&F#{Fzb&2|{6FL*T!?h0mKlXNa_NKkb*f+Et2Qh9_7*|pdv>Pseth#L z8LY_T!zL^7+bJNxU_@|ekY%(wL%#taKCtr~{_QQkFUgNP)b<7}eslQ;P2Hr@8_DhU z;t-!1;=nUx<-Lh}^qR?<+Ne{3y@jy5=CyB}xD=cb~#%GVrOhPv_t)7vj zOn0-%gVgmnEmD!Q2ZKgyhO7-+hRu=^h$jdbe6gQ#5R{qR-@cigxm=*)p^Jyzlwmt#iM3_O4r{A1!IEl2&(h z_v|sp9Al_|d*h;_4@pgMU7n^%uj-K1!ImKBL|s1{E;CdTGjlnhXoFVLb?;#Tv9}kO zuZsFOp&ho%kD0JFORoKT$R~x}wQGQDJ3jrFgJNznt39Qd!YU?C~7O*&4(rQCPKIJ*a2gN zcGTS*|ChDfk{E&y&2UoA3NKDAup#Ir`|w*GHIIRGC=J2fK4IvICWr0F`o;( z-_x|hDZ#bwfj7KrW>iY{Mu5DOdCe@;13gG$Ch!OU>zd=|S*H*?0x<%gSZ(u{IotfE zbZj`>Q6=v?cHhS^;pBDA`wZuET6@8A8T{@hr3!nEkrV zpmSd)wxqi%GnP=f%Xyr0!l8Ari{r*TonbBRGa+N`X+h!pv>Nm9ILOw>qcbAbap*I9 z;h_sQ<90DflI;t(S$GP%cRXfp)!E8*8)h;9!~V~&04ogx?@+gFwv3Vtcb#I4Q@ILi z8VgAmr;C>I-6$Segd`>n9-h8QF$f%5`SM)E62PfBaFE3WRyp-(a1eX0NvUca&P@x8 z7RDVKn!^8yEIpl8Swx_r?8{nvlMB5{Dxs*1H3RC=mKXh@7D7yc*-P;Ma%M`Z6m6% z#L@oP^_9{{<&C8ftx~$bwlWUF6`WgYH>XbOu$pI*RFt|OAiAFL3s)=OkDGr*MKcqJ1*C4J_#h#HXE0Zdd%#nmaw-A|j!+O(WxYRykAl~;JGn3eV6vQccR{Hw z3g|ff?YJXk)1hRJ*fvY6wXnDZ3Pzn0k3j|;!$i}qu>nw0LSzzp8Pz2@_*pH`eqQy+ zR-b6?2L$s%3PlQbkHz* z+5#V-{06E|5nfo2E)13Yv9P?6VOZ+qkc_>7XMOlCpr)V`RE=jlHB~IxMT0oQ5mVVT zD9AoHx1rX#YJMvDmB44xJom!BW0qv{#+Z9@*|ti; z)`f3$Xne8;xe}dC?uMw_6$X&s0u2Vx1LcBK9yRzW>h-UMAPRr#ix73H*ZD5lT! zs@F8*U4D{(Z5a67e5aS-KS!z`5v(@^R4Bv-yp_y#E8|4&3-kn-;1BHPZE#WM4UxQ| zE2)bi44S! z=ja4IeIfp4iTL-WBcM#(pZDNu@Gmg#o0hQba?zar;ux4^0cMBp+}Gv`oS?foZEray zPZo6srBzkeQfaUn32?R~QDWvhB@K!_%GgAy<{7cQ*Sfz6#Q!}&*I@(S25g7*zB}Rd zTkV%$3V+|i$E?;YF0b+MAI;OwL5b~N8yIu&3Fm4reyPn1>bM0S=Zbi{(`POH3|3b@ zS8{8}&8vkCD}xrsTJtde_viS#c7OwTF2~mt&3t$$g@qMWnQIm#A-u@HfD*<8|EVyw za_7*#59hH>KJprJB`7C-5?)^U!!wfZoGFrIPBatuvEu9|SsN6u7BsA)*qyp>O&67==xYf2-(QZ#?A0 zeDYxt;rWEE+I;ekwJXP!72ot#48}Hu>EHG3zkOb6w3Bqu=7MNgppvkFFf13pix9``_P5Z*K#u)SeE$VRXFy=knZYC;F25Z*j2y2OKL0 zH?neV;^<4~`d`eH|NFGfu8{p=@wQ_PY(~U1e>KmC&Y;y7sCPwxJ-C|8(KM-}L{r1MHgpIkp6(du);2{QAtm zNd*75|5wKteBswVHm!wkgN^8?4R9=PaIqT4Tb;EgGPJMt{&hE&1T=ABe}gyvKmDw^ zRfdYH+hpGlE`wKv-Py z{9?$z1V&Qz!@!5nfEhW*F49K_$@n)nJzo+8yB1Qr0O6tgk7}Iw1W-O0Z{Qto{>-KG z%%$8dZ$%kG`*K- z+p`S|7sUHCt`rY&$Q!#`{5^(K=AznOWA(_5F_GB=f0KIouT@K5N7#8i7s?rB&X;=2 z1}EmfaFdcB?o*vddiVJi1r^vKW^4}5?|AL*#rPE+5V+0YaNF2Q)tG4Rr$_3|W-&PR zSRoIG_z3Pyt?$Zf9jwS)Pq)%!x(dQn0aI9(nTV*e&yFblR72bQNpPB2M^XWH zN~oDxOENv@q44bN1;9r?6QIF&nB!*{78W^gkHMTGmVTWpTu6lzhX~5*yznkNbM9X% z+ckzBsQfw{Q)4FfsJp}$LS1jK^KWlWOKmjyB%M^i2ZcQ#U)g5Nu&#b2gxcf*G{{$wD@msOx zEY{I4EYhTfq%pDu5?0*!!=azx^CS)r!367r~mMLOz1(l zD!h}ell-(@Qb#4x1HKJFh#%cQZFgIAsHhd+TZhRT>iQz^M?o6mNG9&@^kBqi5=%9d z1Tb~!Q~dnQ2!v?A2tx*(#F!`L#qso|E}Mk%jb=-D6ZQ9d{4!bFtK2Natp>qfC>xL( zR2h*U(vsOp(t$)|qGo!?dOkuZ9HQkSu*lRz06^`<;$%cWy%3DnkLifO8}|0=Cn2fX1h~`gP zqZ;}F7)+g^`XqKzwqpxZy2kL`jIo4b#R&$g2e^I=GlH7EGhEM^kWTRJ2U*p^EU*NCJ~VUnQ+q15 zHY)(|>s&Pvqe+@t=^Q&KTd?z2=`VA@MY+fuz`2#U0no=@kNHRM4BSVPm9u<`LTNtm zVBu=%;I6Q1L+_$^sVN)#^~1Z#Xg3PzJML~n;CUx%;9hHJ}=s^ z@zCk(AMQ){T zuY-lzCCBPdMRdo?KYZBpDuYIYd6gAMU~$X|C5rjf1Gh`D)uO1MrB32F#`5CPPlALw zOi~&e@+?Xvvz>op!w8^n_tnr-{>%sXKBB%-%wk zG_gA?Aw2onXKvd9H36H778r63<A%xBUescoMcx6kcI66&S;uiP#ZpJ3My|8yneO z`)K$ZV-HMU2Ifh=5a7hZ*{3}lRro^R{xT?&k<*e$HC}XVs>WWQ*HHn1ZpLNa!0SHx zlw-}%lk83FCirDbz?m`8nKAH7W>hgMm;01A!D)W_WnwXxuE}EjBdUV06UNYF7+KiS zK~T^FmSLS~93Re?`NK7Q9vo#`SNl`j^fw*E$&mF67&T%pI2BYq{nrN$D4-INz# zx7`ppy}boEeg}+^g~O5yoaaNa{NeFYp5XMiM%S?4Gc7RV9mS&)Jphal?kxQn>l2qY zF!fMkMDC-l(ht)GfgBbrV{Km?%atLR_5w$^70a@CmoGRlv$F9DRZRI(JSM13cgm(U zVI;b%NmFSwxEoXc9U(haS}7)o@NimXv`ij|mK9V+2TVOp3!!8`D?50OzCZlXhrS~m z>zR(0%}-h&`(|HaS*uZebVA}ZkVCu(t1y^H2Z44n6?--A+}?Whxv}sYX_NI~ny!|y zuzDR@We?bt70q>P9-Ipl54Q}~jFc+}XJ6Z0Ke6>IKSXw6T*p4j`@NbmDr?nI8c{MP zA_?wPvIG3Z#mGRXvBW|R&UA};&h8C%5??Qe<>9=~2bx7jQL&L`A~2P_Vz78>oM4QTs?uX)d1Ws9KDc;aqTfkt)Qjm}gu4Kq}h^@yJdT5129KqXhr-MW&wj zH5P)e2je+mB%e&&#mrj&7{y}hYeA`g8f_h*pnHLLzYACkTF`ReqbQr?W0FvfcJ{l+=N0k-xgx7 zb&|&hUiMuO5k!BslR7k6AEvRAELwIvH@zRGmIUAEx#DzAGBr|l;NmL=lB!Ln<9i0)iB@Mq+l`3?kGmeI>**r>G zAnZg31#Bzg#xXwVlXolcCMw$=oP;S8yRX0Q5unD5x@fgqYf+M#UTbx7wuL(|YV5+d zeVyBMEp=isRZt-8o5_cz&qVWQmU<$xvJo?J;-W^2|2UKeSjlyZ?iJ=8eBOS8sqDMg zfFzS!jY*5tP@7k^zlA4`swpE-4>7^qwG|Q2g^{DUFsaFDOTreX=>ROA#P9OLIvA4) zj+%?PtUjPM%*_FsgRxCGluN8m%r2%D7FVNOweS|UU{(u8;@l_Y_6sA_6i?qiZ0}(xgv)_FNC78) zC_;wg$EPR7_z@M0!?46?-lRWIZ_I%UB+^YbBay55#+R^LsxM5`Z{&GkZ&V zFEX>mJhh{H*O~YJHdtFqyaT;vC5T0E3R!k?xT-b_O$+L~3 zBz+(I6}KKbNFVl`G05in~P`=*Vv zW;z(_#LcY!W-1p6O*7(kvH;ZJ$`P^NtmtaQplZg_h#`~_`TFPO7dl6h7Yyu3Zg8RbhD!DXA>WN%&_Rp;+4ns2=mT;M_vBk=I3UaF1cx1Srn^|0~cSyd|b z^tp}q%U`bnB@rO|r%0{$jK+)Pu9l+u&CQR5&A19e=yrb|v%_LXRQT+MH3FP2`|a$q zuXMOeby>VN`1$WLUEGnXxmo zYIkF2C!UYc(Tr|HYsG=1=uEBSDooeY@-pvu5x-ISnk~%@RTR1KkH*Gw&a9TLabcB`JRwOg zXmVJ$IR$*usNf(L4LveQ&;!p5i_3Z&o8rjI#=RPN~296e}!(3FdO`_caLS_w#|~okn-@d)(>z6J`~HG-c+OZC~1m4z9YyQJ==X z9(jaKrQ>WFAp!z~Mq$}hl@DFq`JPo9R1P)4Teeo3^;t2lO{ci6+paePgbUwf;;z2H zw#_~v6m=y(kY4@#-cFysU=$w-rZ4B)<&-wmk}3~7>}X7G7At@=1A>7c$q&A;im@I}t74S;>tBqDEzGpk(y+|P`^ zgS?LRJH1c0VOj+8iABN-#;dQ02rg6nd?GiMnH&wHvT(jGM@jD5tw&M$H6w(zJ{RNr zQ)GOYf^piqbPo_+E}0>`YIcB&ftKnPjRT?_XIeDv@4G-tbVD_Hy@+O+Tnhrts4{vJ z2iR1a)QCb3f;WWk<}=>7j<`Z3{RyE0Z#s~Ha#R^n0)J*?4vc%q>q+7IZy4=OmBGQeTXVe*Q)9AqUWc1iPc*8#1@ zzLI5ko{Q2GC^2>!HLultZ=xJ=PHrtAsPeqm+pWKX3oeioaU(+C5TdlJ1ZNLF8s{z4 z0-`>``)~niXT^H1UHz$EBw^pr&;NK51`6}SsG0dHpE|yw>9_;`a-_&*6tV#~GtN#Z z@GJD5rtFdKM09!~LVcUymbSP?ogPQd4`Infc+Xdg^wr1<*ni8HQ78~pH;=!-x z=XLEbuLDw2=-9V?Z`5{4Q&h4fZMFDXTge;-Sn01-bGR;WT?zSP;wDutCV=-9MOmpy z4Kc%XB_g&a2&JC%xTf50k&?1$Qiu6J`PzD!GDdp}#|di*pTpJq#wLQEkbsk5hu2IYtOoz6W!})Js}yN$&&m>{~)Rt@;nfz z0u7cO+wlDk!`;k`5jiO)Bg%D-O9jQPMu6WUAcRC6`>A+BrK8XQ`gTic+v)#8I`H16;T_f!R`YB;_H(70-ys4g;at_i*)N6h0rEIe8 zBkR*l4i52!`=}T`v}ylyscDVxhQ!w0?T0e-y7d~jcjk8v zCVUoriqaXjOW^+O(s%mA@xt<5nowiFVA`hc6A&w;eT2C_(rPqCxGz1IgFgz9TJJpJkkJ`0jFMsMe3LZ}6iO z@W`2HbYFPs8c&BL3I)6eah=v-qnP*1FPhGj$dHlZ+sd^;MO zyo{5f#iDpvwExql! z6u?rd4InL&lw8~uM8b4nnWbxIAgUj200(VBXKerL}5Fy^k`&GEt0kM$Y zL*Ck8b8I8={pou?Hm=h0$)}hJq)U-IrQyPolk-FH%p$tp^;2rM45Q+kLl)P(Ux5Qh zcm>jSMBPR84Of_Po0=1CHJT`Spil@eO<3~lSfr*+u3#zWrc>NYr% zfRR9kX3V{)50NchMetd`*s11@rUmCtomyE7zu9Rp&oyZJ=~p~w0mM5DB5ecvD0>klrV&h9SP2jrxhq0s`4?#2Y^!PA@W%M}dX0ucnk?95KV6}FFY`&`jH zOgaqZ$MOL85s&Fd`WF}BnRv83I6t$rH@$LitR@HT%%3rP<6SW3F2Gs}pda)bzk*zz z@8;`jcxB>*aiBtE3!Gi5^C%^A-qTF;giEA^f8Vb7t%3w?wJ-yANgEpe1P9;c=D*_z zHWjXQ_OcXXI=|Kxm8JX^d~bOBo&77Eud?WZxz~8yEp;`dOFt!;5BsrqQ$&({r)edS zFh6r-;BuRj9anwo3DW4USG-&kGX}F&OfS$l}p z>_Mb+%tAz@89f$$)oXOgN(YTKh_-3mIiSvmOZM6_KE)3ATke|Zt!0MGT$PU=e=^k9 z;&nN&*sMaUAA2nm=bV2AYmlMqJbwkH>!$oc=IkI7iuk8|7o)O2`RamB)+G~;Y(_dw zUuz>VREYX8zDMFbAU`#5-S$mdrwvv}3orD$9_=VJiDygr)qr?$|53SR#t2tW&j3R*(!hjucC=}@Afo(n7uBx<@L$WM7=~I^NLzl@?oBi`>}QJ}*I+zU z+l%6T9}VYH*VqC}D1CDWUAJUf(v!SSg~eO3;r? z+pKKAtk2K++ptgqNuJxi8j*vep4ISF<9qn{s3|RhRo^mTT+FKh!Q{=$cyQPw9KL{5 zl$F@S9#12z1URD|@v;VP{h^I52=9)NKB4L!L#&mSAOKC#kD0g_$CJ{_6N5b6`$r~l zLL;w%ziaS2Qc@%>+|-wZuT+0vhG-5TT!2~3B;vUxL8uf5+p43;giX^ehn2;+Zj6JW zqQ@2i;vOyno@$K0TU-T*b+O`BsiS;tQBD4MSZx8RgEFuQKp&(CdmDr~tYm|0E0XQY z&90!LrbK;aYR~0Z4NYg$V{sc7qN~sVukp}4c#?pMDO$YkaF!?(#Pr^tQ>4lCkD6tags8#YA5aO~D z44L1r6oOi$R|?JcBv6=B3X_R$2l<(?ThX@~mQIXa&CtXf0wE*;VNGprA{d+e*7a_> zA*8ex&w1)IBWjuwEVPqlkz2{|BcbX4n3zmUczG6* zO3`P3f7>&4s|H*W)Y_6#mp^85%#Cq6WR`bCopyQkM#gz`eR2M$19tNdu<01O(T5)W)i0?dE;LKw)*}ErnmVmTuklF;|GQZ z<@N*;0%-0`4}?qIO>({(EI$C9*h@_83v7NrdbT%XPIB_Kz}a{t#qbIZN;i%(DxPzJ zB=+*eI{&@{Wg|f*==lWIF84|`Hj(g3TUR%9O!9^<^t(umJ&B$p{m&tXVx}Nt@(4{? zdTq8P!q1vpUH&TvjAPy~)kK=H^$q2i6OtAflt~oHjHqbY%6n~y8VI$!=l)CQ_BJ6L zZKsvO0e$E9yk;*G!b+!N@xFk2&{p9WOoHNXkNq*WrT40(-in(K;C1IB0L}XkLxB-) z*^JFsUcJX%YQ0IkcOyfz08R3c8HM4syq&W=(ynDRS7bI&m)(ZkD+kO}^}(kN4~wt{ zw*$5G0XIS4t0`}O?n&aHmJ;{V5s2Z#%b_cnlx<*GF_Zg;A(G=J%#zA%1UbCBIK%f? zvAE#xUU@>d3cPO#D_~}epS<5&r0lhYQ7qj~d(-WRyH{fpArARaCf|PuE)2BwrpDGR zF8Nh@(^Kcr=SF*n$ib)PBNYj*#i9rahBl2o(YX1TN9lD!bJ=MIT?{GNxoUAwSryWs z_lz8#Cm^7_^l_=hP{_<8siSRD442G4IuX~qCqC4Z=oba^fij+bO`Y2-RL=klD zaUzSCHLSuF!1;oIG5j4%HTAJL#L50Zx9rj&pADM2+xEO@=g3@C^*fm0x&x$Lrlq7r z*;$7R(<4{5{xCQ_r~#wemsKSS9mpmv8D$o{$Apq*c(YEx;xjjFy|48qDg#`H=A7*`lqUim`5cTu* zybE`dpOe7t&$n)A8~v;z6 z%=Q%G&uPq4RK>jM;>SLu!Z)}53Mk{t*xspG(1u=2ll{SkYi}88aE~+pEBq+DyhrUg zQy$Eos=;wIEG@8q)^tuKIjyD+17_nDSIGC=_+`6~p0K=7j%g)jh6-|ouBvY`yBWjo z-JQo4_LnG|N$KiTyr#K+kSRuzKS={2OT*jpEEmm^z_jqN4mSD)l`ST8s7ZIUt>Nan z7?>g1WL7RQDKu}DSXDZ?B!6oe&__{UJuC19v*A@#{eUK%8~_E4Y&;2NvLi!)|I^0+ z=Iy1d=`!q|t)|12eTe~4N$xqyMaSJdA};V6z1` zKmC1Ya^MglBpXW=?(zNQ%x3NCg&5wJE4Nt@F{%v4+vu15YSYEgSD`K_#Y%Yb#4(&# zhONa9nw|G7WI4&B^BLz|tX`WoU+YiZUvcl9Z#;T=#1oIMvDGL!ZjO+kk$|F5hUDyz-maTV#UCvj_B{3K!f)`E`S=-WLqN(+=gi>s;#R6~FZX6z6F`iQbiT=lB&Vm)h} zPx$#Aue@*fuc}LWI*~zCv0Hy|IDsQvveUv)f@(c*zY_?f!bSoXU@}(e>%--TuZZ0; zsT6@a84MFdyg1o=eqxfg~sr?ito{d~oT^iAra+icbg9l7uBRuc$)Z+$FEgTG?N@^W56l4oRcgph*Zkw|W|U zlu3Z#hR}uhic54%Kls`TYSA<$GGLl{GiWN`nCPz;m8#B-2K23WBwxaxZN?G$S%U%8@H#F&h%%gk$N+f=zA$l(A!^QwNPtu?a>!dsEH+t8i2L z60%j6_2);TZ#?42UG-cTzCWv~=-Ryy_XwjDknL4s2boOyV9aQ8ew(xF%4Te-%scU5_HHDKTZTtWm zp1Z|^^t0d*`ozG)4oiBmVhaFi-i4vKszl7z7f#?ksVPaYXam@*m<;`NzHK7 zZ9W0qducfE`9Q+F6ClT(sjXGlimr!?xW=qm0yQ$iG`GiO#<|OH>zw@mNq@Hpw4xi-7I80z4xl zJl&e=^CAViG6O}o_6tLb%3*5nEUhOmBsYUk7S%BK-voJaAe6jjyv7m5nI%R~*pSI8 za*aow469s%{H{d#TN&Z#OsUCAnR?$8g@y=VB7ZJR9+>ocwGI?+4MG`e5*7z0VyAsi zBo3De@9yPct9E{<`AmaJ^8r0Ls|hm}O8lrlqz&~=K9o3!V=#npbP7i`%&-KP3mAn^lW?8d>tJq8NMS8X4;3P~UJ?t`_C$$}ZOBpqV1 z+7H>1!#^*mbCABuA>kjvR2pK|&mFP^jeez4xv;j-hfpwC1mxO!Z;mkea*KYcgG!P= zJ7h^SJhGNlcg5FxG1&AVsj?OdV(<_+%qqNTDJ~*%83=jsephandiLDO6LYuI2aEld z%3SO;v?hV(Y>jEqMF?a6{Z7P0g#j8q7ddzFb5LF$d=~LsopM^jEb>&wKZ@(Vij@?yaL6~8rkSBlicP+^d}%Ou|EaJf{(&rHDqTWxB(%EAzp zBkCCJ2{#j{JHK&wAYv)y^h= zYe0h*%PSX59YU72g&;g%n(1MB!p8i>lSXW7@uOdLM8IGwpn)|&O%5TQPdpbP@Z6h^A zW;7#rU=)BDmPL+<$8q;^Xa;T$ZlM}Bidc$?N-bdqe;B@ky3fWynejt5UqOe*sQn&1 zN(p$BgzTM~(n4+e?(}dy*7|&-E7_+YkJ}$%E48OG$c+>rwtpl%UBOKeX#pk*Y#JD8 z+L2mB;S@93$Zulj2T9jS+aS#vImQou6SyC#dl0e7sRl7%5aC`BK^jdrn}eV`_v$J;38Tw6hCUbTrW!J`y@R8_BxR5eFYo3`>uS87 zW;BlAgru)3SM;5$GyR>~rojzQiWPl3$wxw(j?N%{7!8vk2*%GHW#i$M=;7=Y?KhS% zLS*IXYL?pt>yx*$E4+Ad71#C)&8SUz0hE~!^OP33Hm9Ls`mfTo=GH+9nvc>G+Sc=? z20;BA_!;Zq>B|_dn3D;FZ1HzDqD+VbkiGa(1E@f9<;H=}d%cJge{R1&C9t+-VthY-m<6i$D2|Z^($c z>LpFBM7l8G;ArS_QJ*qHCnPK~J!V>}RryG%9k6Y6nlObjzY3^&T2{XYWxBha;GNoJ zy_KhWwNA+)EYez~7x~WNnWNz*6>#0nPNOL0bl@=DtXX=_;kHgM&_M#J_?qQ_IZAr% zK@8V1*?s>MZs5=flbu8@v;Rix0(aAGf<%!*R+*HAxI(~JR_9QM8#AqUOCsaQ1mEa* z`|YDmZrjX&2uws@_?;RC4qw@rabFRVURhyo!Ij%EOFY3#vUasTpqaiE?SFmKTED<3 zpdKvRnxGHF4-Ox&0-eX<>|~`{K4e5mBQ$mC0!cEXpS$X?g*t?wz8>jI^2PHBUtoj` z`8_cEdQDoF%g=Nh>pV4Lv%S2=qwm6@v@SE`>g~GtnBt$!*QJ)c9Cs2~3|DaEtRGkZ zBFwE>N|N=~4wLEeT@)^Vz4Tn;pT#08l~h|yG#X1bZGH4}sN0Stb}?b&ozNhS2}JRU zrvqj3ecSe1_+XRzp0K9X|nZx4Yq`$5n7kId-o z@7qIE;s*_y9j-*aZ<#I+)5o8JA7}8malrDR@Mr}VCIFi#$CM{i%OMkY3Q9&~x5fuC z9~8JWbo(d~b4|qLP;(m7<|7pf#$q{2qJ8Er(;se(@K!bYeL~yPuR4&3X4dJ`s32k zeN`X1PqsplrqL0s_-nfX`5WEOKRa>Qxthr7iiXn!{NCh|Yt-U?<~KYn=Z#(B>cXsr zP7c6Ot|v?ktZ6R-!|oaT-Ox)+V_9I{U$4s^p2?mRT;7-zs5jqfd|%5BszF(sa<9$z zD4L);A9t<}w6mLvf|_l}th|FtEMmWzn4qtmUo)7NY^9-vMtMiH&*wgvn&h zG_WB$N{wGiDqyQ>&JUF3a?^K@mi4s?naRyOEN1B4-}DZ~iQ-dMpj0nf4Hd0~KcrE5 zMqSVFC7+IG1yEb1vi>a7mOms+P*V4Gr*h4r?VD}|jGJ_$^;{q9+!1WsU+B0kxz(%O zsbCxz54koqu$TPYDfidPD^$rB!1SN&B~ZNRXMFlbcC;p1g#w!$FqG9wgm8Me@Ai!^ zjZZ!&{}N~u9n_8&qP@|hO0ux+Y(s)YMYN8+{!V?ahZm+^>Nt1df#KG<=-<1KU=|p2 z`WK1kr1Kqv9}i~k%oC}~+Y!-jcZJiq0$KJOeb=kxS_3=!;&X)IY0f>*u_Gb&J>Ru^nd8%@-#OYE_EgXcQ5$IgL$2GEf`JT_8Ft{uN^&CVsqC|h z>U%S8h&lCEM5`}29}h>lIB(k-uHS*!)j{`B7empS9_)B_RxHHDLSww50EhGK!^Z*9 z{X#0eh9f~XRC}_(zH)wNKPdN)|BC0z5Y&F3hUeb!@>N9SfXfFa6LBC4>)y6~PQ__p zQ;RdwI7N6aPDO^OK40KOR^$YfKj@tgzN>=)0f(eO_Yh|{1jbgcP^&{NC!W^P5>XDO*Cggq?!9`SGJ6@%IHnRd>Dv=I5zWbv`cL5j5 zs^A0R#Ti5QM%uI;4E9qrLKfOn$dLUig^V=(jLtT0F?zHa>Grqs-a5C??r)-t=f~J{ z>~}L}C7^Zx(u`)yt&1Z>J3JH4BAbD@_w)dar20>Bf~OKHPkLKeVI;2x9F^%ML6ZhB zTBQW>#>~C!I*;OCnu=JrvS4rB{EI0`U_NY{HaGb~z~RLa6l3{@sopgAQ_GfbxsD{Z&^A0|2&Hg}x=4@u2KHgZ}V-E}gN zqW=F93DVtyfGI(@wdI9;K;Uu>BjJTHFJLIH7#%PxDXMWX`+}ULN-|cXyuo6(u*oDU z^;O7p0xq*-F2gvPh9)%Z<`85uChWTknczm_Kfil!t74)Bf|50D1Y)wk!(#PZjsJ zn&wYb3i~_P?bz(oR#KuM@=~7li(SNy1*p#6XDCl)jr;Hrc&+a!h-->xDIlv%TO35&g~Ikdm$otY2~xye7@gGm$COK6o_0!ii=x}AJQ|5n40oT zxX#A7Q0f1hn$gLJn$dk9m6E)dIJsxx$XrxwE3&g{)uRYpCYK`01GERl)7qnbU=v$N zV~DZL*P(Nad1~v6Iz~Oz)Oe=A zp6ux`6~G684fR&Xe&w=e9W&vGanb)SvvI?7V%TxlRswBU zOfPx-wzJgE1>yD8Ysv`!DZdGE=45qsS|n;U7|K?bvO(e!B%)aj(+eJ2`QDioYp*h8 z6tJdqx}x}6AD2X0(aT-P5{<4WGRK$hX;c++CEgD@5q%vQk^(z;(@@(>GI|FfTFdKLp^%r5Bg|`rXz!)h1;xc+U^oj)-9zH2d;__sx^0*(3keRm!$(vPIP z6K-ZMKYJ_ZP*}Zv347NpHY?Prc|E|He$?lV4GK=@o^v|ayX55l2?mRY(@n(F-V|Ow zFdj^j!do#L)l!;f+0U}or@}|Hp)O=MU|W|vXLkh@l!Sm6^|EkG=fQiZY581qI-kmv z33F1GW+J$%;^s6>hDSajBP!WV62mt)HZ}r)YhD@v|Irp=fajU^ebxY@<6#=P!|HM$ zf`TIgJp%{zAEy4!U&O8Pwq7mvEgb?nYXV!=oH^`VFh`W~)D~UMPPWz-`TvKquZ)VT z%hC=I+zIaP?(P;6pm2A0m*DQ2;4VRfySoK~yHmJR1oyAro_DR8?)f^a=U?6Od(OW5 z+_U#1!Y4^U1-i?9F$%9z8h1UYo4bl1GGEO2pxa$)eD6Meeu_m?}!7kds!5 z9mNx9lAX`E@+xXDWY|O4%f$~=S9zxM@SqwtPw5eiT{De1@A50Zv2Rag$7?465`@k? zv763$CDLD|ITbyjrqdoo*^nFV6tYm0!HxMP4zm(+#O!nM^*2QxBMdfK&+9D2*$3B{ zWlG$hCAv+(HQ?JA>Rmngn@c+pwdc>+_d|$qxm>}RBE$*H5+4_<*ZO5@Z)}BrudwW^ zTo~hFIl8(Bl<3FlKYlLbyIWq8_03{P)X|Mw7f>{r&9Ob5u&aaF7><{gl_>tTD+;?b z?N;En*4T|LwTH#~g`Y%6SU3(8^l;m=zrgF~1n%t-|)K_y@1y1`zH;MHPdCw1f*z z+hgf47ZbjXebJGPH*TOqFT`+}UvL_}6Rl-xrt-NFbcLTSbdzC+jNQx2Pr9b)0t_2c_bM+rQbNbnI)kDpml zuX~O0Ix493)+=R2vZD@iUy=PTwTNNcS$;5I#QX`@@lRwc(FRlduTu8a;$GiA;Co}H zGLk1U7#@5Nj4#AgX1h5eJ`JxefwcqM(Hs_b>o9*=d=~%rd#nG|QcI&Gm5Yq8r6tOC zT-XX4+W3U(S^r0r@xR21PdemwU@wH1$aLyM&a?hMP3gZ6(7)aWUQz}yBHv@M&6DCd zO+6vn{6_hw)BfLt?*H*j7bisRXZmnWMj+t@OKjF=#D6@RTh4G1MHqC@9en*y&W68* z{|~<@2qAZ#qB)lCB6h`sn!Wi)WX?Z*?N&5mgj9cLJClKrK?m&rVRr6k-j}BE*`@qo zS!0SB5&v?4QHJS$i%^>6yfkeY4)bf3N8YgQ!I3Q)KEyXd(s%^Rxl|QlX^bjC?-xp! z)uB(ve>5MC$%wK+KE64LBc`QiDTS+__r|L;k*F4_HeZ2K>eSS|A)ZrW+ zc3Z>zgnF2HAM%h__>drIFO2C1B?Q%kA`V~ajkaK`8A(GdFILw8Woaqy6kl0=aPTLj z@Bc_Hy7G_(dsq9~yK-0xJiK}Or}23aa6We_XqJ{qGj!4`^YcOFGZ?#O*e2fg0>7X% zs0G%H$M;bB^fv$ExPpQ`WT={iz)~bt??-75eVJ^PKB*fS*}nTK#LT&Zt-6nCv`S!+ zAg%b)HgI)DI2WPUh+;!N2Uy4+jFgZ8i2>)ZQ>L_9yv5+uAGN0RlcV1{5<{J5-_hpS zt%vPP(2j>o?dU_?V#i9OaZ<| zFK$js!TYLvPs)kOIU}V!F5Pz=gnXE0zp!AaqZjR$kUpl1`97W?*xi4I(^({;<$8^LnX7T34Hxys$ zQyduEMGz9x6EKBOhB~fSBTScU%w-5-uk8whhXP}yFBj66S2JHb2@=POfNUGss9h`VHI#YYz# zZh8NYjQ<*&1UJz8*UQ=LB{@YdgTtf6kx4atCUxOk6TzHD2NKruMWW^&=yosl6~!-3yr&(WD>U8nH79mS%HIZeBOj#Y+aI4h zpRbO5%t&V=<(DyznB`lg^}6AO`2v z+jI?=Q!Ftp6*H2Hjw}M1N}$o&r>Fe~?4DZD2yb%a%W!nfjxB|@6)wft8zVcG>Umd- zy*w^PAw?qYZlqx>WL&?**|EKpl^F2^p-6Bi?Bup1)6_E0b$_DEWxtl(dx2$3J|AY{ zry~f=sZabejDxQ0sy2ye!0_*BXakb>q{1`E6Rv^^n4l)V;S=_Ec)5na-1-E)u{{M_ z%!5CLg030lS3{9*i|@{S*6q88U)v-uPNEyHt{o3gMD?VgqDJun+7_ZkH`8Kx%?K@U z>560<5grvXMpm%&nerN>vJ9pwt>jiltma|-;>-4;=YgDARwcXTHk8mSe|MwR@Qkdh zq}8n`3xMVJY&g1*{U-&uNrygJvwbjO!%z~tn%fNff@+T3O~8q3>>b!5Mf)qyi9&(pdC&} zugvm|Fqg{^Q?*?FL*&SS1_D<8-8O~=aQH5?fBo~cYCc2AK!m*nRGj^U82pRd_n@$; zg@M5_ScMn6Lt8v=yNu_}b!AvuQ)O8%WTG zI02=G`8hxcg_Rkv)Fwq(P=mAQ&_w^4jS48cNGzi1M9fBwXtX>7pgkK#eQZJQ>@4*; z300iv5Nsod#b-9;vIu`u6q7HEDx;u*5-TRTi06&0ys#e7u0B5CCU%R))l6Dl2XDqD zv3S0cLX4XiBolyBAg%_`X;bnnMsRZ_!l+vB+h#19Aecr>1$x{~_WCH|sbZ>DRhG(# zB^%C0>Vx6?FM{Ye=TU~ApeL|z3gjKp6{bP0Q%DW@l@Hq!gT=vI3q9>1te@gsUZ(Ea zA&jzpFFY*0*@)uk7tEopMOZNWIrRKF&OmQHc_I4f=$ac_#Ms{b=%d9WjnMeef4}Z; z*^rWIH+tqv71u~;XJfcg;BAORhr^obzie&_53lBGXb0EynWIBaonQmIbj*Ph0Pn|C z$d2E;+#N2ZNa?9~JK&vPr<_{cqmaWkSlbh@^z8O?vkL@&fOLUKaLMtHL@x*TOVr>(7o(1uHK!-aI(ZUXX}sdf8SteiKI-m)s4&Y>P(y>MQb=Q zIaKT6zWr9jooB_1Tj4%UVLK6fKiF>+adjwRcdXR$P~JUKv00eY{siTtZ7RAkm<8u`KH%cC z_*57QWKtDfpXVU<_d1dOrNpqcpdY^yWb4y#!-_I>xjS_Uu;=-s&Jw5*4UNfwb+Q1> z%X1YIRQ!u-7{J&~1|2U#tO#99P_xr|cX^xxNq9Odc0>>^;=_~jsF$JSa*ZkcbPvZJ zKleGi$IL0dUx;UTXTQ~2HZuzJdVy+~YeT4B8Pf{|-v+c;6+1YGi~WW)BTTVEOYl?F zqw$IQyC}~2N~$xeb3_N3-X@{@By18>IbU$!q-bI1vSi2U&`w5C4gS`rhJb)!#5W2%3oL-$vW6xfU(;OtnBU>s_0JN^@3evs3y3;cpa?2 z5Igkj+VQ+V$5|STUeAlp!{l7Jhh|5+^a#&QRNa^p&4Le_0A+>}43EPepByW6$_)Ps zH<#1pRE%icwe$Tp1PByb_wxLu9n-zJ1%=v(rkT(;p%1M{!ZjWPag9qGT$Rm!LamBq z$;8qV$wY9}q5LiwV}nrv(saOv?;=f2;n4Q8rw z03$8HY)l!H>)pS_$TXaC-~oJrg67>2+gqws`a-8Vp|5IX3US^=0X^nMZQA|9{@V5f zHy1NbKX{TyqgVjPA+|NGRYmJI*<&L-w=%EoaGvI}_m&f1hH8bsZAxlb;=3!>F1Q`} zKekH$^0ReY=k2%hb)A<%kgU#JFHTo?{&rJ zy|Qt?rHs?ORyw`Hpvk%EaqF+~-$%45ee^z2EeBTJNxGI!g8H#?RPW|cjAi%a4xfF{ zumykDPm2VDMehakfi0nRrN-vty(aMnGRu}gP3)uad*I6i5^B%dJ@1;wg}D$UmKOqj#a*H}4JU5ruT0hafRxc+ z(g3aNcQ_)yKIQE^aK~EQdt!uKN`{g8oinc89`dhY6iU2buO?~NdM;%121}h>gBe%f z^iw5KD7u0qItiPr3P?p8P|c-b$jzpG zD)cfUo-C*P&VG=y(ahnn-Ufc(4Eta(WS1s@qk7c;%4^^XJ( zYJyA#0l=yWgj;i-;#vOJ&C1|7Ren84?{vb6i8weU$3RK;-$uSbiY(r+&iS*0p#ZT* z>bYr&z!R~wx!W2KHF1Yc)Uqih6Hfx%gqb^1n!^T87^+5>BaZxN>~XEIZb@iB+3$3q zpCdkN!QR}*)5#KdDwq%aR-iswDOJag)q;SCDhB?d8WZpL?+>@O$r*?1?K01GV>(tK znOylveq~n{=XoQu-zn#UUIuCN>OjcZeNQemtK3$8*#EwE)6+;!+BBu7trN7~2ceau z0E)Yol57#s9XG#D!cvJmXP#41uPyDy*>93N9b?ODOOCQ?Ya?X^b8lOyipt73~Pot2}NrnRt5W5KpMO>vrLBQRQP*LqzM-oGb4*Ol6rMg!h=mVJU&?yv*XJjUV$WIzTqC% z!hX@3>~f6Og+N81o-~jf{)Qo2WcmZ($%?$%Tx6tS4n=>qhR#ca$3yuoc+p ztrY1RGqzL1Ka~8at^wra^AQ{(t6t3^6hGvvZ81`KXAa2oSj!(dBU=nNJaZ=TL|G_c zErFvsfz5ZnlOFvl$*4HfTUm`)a;uTI!Whoai$vx}4A=0o@p7&GZC~Q``vd4_+|Mf` z55M6lpTjdr4=d)TQ(^mTjtl!w!xqEkN{Z~}$B)_?Y4L?m)ZKnpMx&sr65-MhI}+qy zr=bmRPw_N~Kc)K?Qxg{QwMGur?6E?B$QS^DO7h;yH7TE_p3`gK!2Mgq4LmUXZ=NpC zwP>q|;hFOm?USnG&2+zFWt~1^^)+=qX-ycrcj}-g#pjKRr~`|$Dp zT7Y?@`b9LszIVUGd~|t?v#I$)e#WigC){-}A>}Wm?qNK}P*!XJ843maNg3gretWR= zI%R^2!9{u?vttcONZ_L$&i+DPj32jhKz|%IOX$GhcHD`DGM$q*ARqNusWPB&0Z;q5 zQ%JSh^wF-34HK~6$O?19Evj^sLB2bGmlrmX=ArrCUWX`{YML0%F+t)aFU&v|4x2e6 z+SK59b6qR+w=;sJ3Kap+3w+%-Hc!9@=E$YV>(L6UM;J?_HdZ&)L=Iq_JZQC$Vt+E} z+!FE0R-IM~C4JN;P|EriKZ#;y_>|B1SPz9_L=1ECkx1zKv^cx1VDaCsy#eu26?V$_quvBs{Kl^?sI(KKD2=i1ZDLU996JT=@LW;9=^CSg~6AqXZ8U zHNA?q=(7D;Fqo>%gY#_i4NYQsIe(Nmjn*^MK0!<@(DldOQh0`(-6xo7;WY|ZQ`mpB zdHix6PkL}9u#FW#5cVI@p*ITkt2&2J& z6b99Khqz*gnhXK6a)1%Q<^f>YLd1F}PR=Li2++vk(JY`Xqs z^C;h#iuX##TO_;jYA&653x|1Fclkd$&;;&^wsT3&2fVKz`=Qry^S*W~0ds0RW<`~= zz~v=wOpleetX=IFIG_`lkP!2s#zo9A0TzRNJ+F|9eLs#qi&r&dwy4swEl3r+7V}mc z^_N~ZjK?6KgkDbEi+3C_ln}vP;NDoNjzllDs9~f6;;(jj$dL1S-IqY8VchN^*J{ZLuYB95bian;yrzdjj-C_KZ&wB>pT(-3 zl&M91LOteiaXbW&O=z#i0=Q6cEJ7%$j9$hWE;9*k0M|%GpQ4L=56>;dhXN5e0r>Y1 zL65U>fsgU=9SWv+0j2E_P!qxcK1=lNPX|uwaN>vfOeOeR;!`3{%Y)WT2+_v^@v( z>YyB-uM2zLp)FGsg3gpP-bAP%Cr0g0B~Q|XuJCN3z`HAc0GA~g{(zTLMX_kuRy8XH zroav>HZHYxwA#6(|4Fyg(G4N%$BLl6r#SVGPn`C?yTl#OeTp?^_q8{R&0A$u_8_~_ zf!=1}fjgdgatYZB;$@h_6e};f(M*0orEA!?aGw2#sY=`Y-pdi{!hmKExIUpIM-t1R z{3>jklXtUwZL9Rf0nHYqK|=GOXH(B{`z|9P{>00qeb(6K$SZm12QsuFyMno_7( z`cUo^q+S$)b0#CcgQATUuGxv`bLfePaxqM?>*yIHq2a>j{_@1t;nhN%J}zgO)ff?( zULaWEs9$Drm;aU8M_Rrw^h%(ik>ZJ$i8OBz9vZ5$)V_e=;6R-_Mg;dR!n5LS<4_mh z9Gr?p*UerGGpg#Usy(8%vk}z$`l`lcRSQE9omDcO_Trp~J04m>=qX4T(dQ%-h^Mm*N84m)wNXB_!2tJF!v| z_q1jA106znp52*L_ipxjcekQ+cXGWmy6(dHU2kOhjQOYb%l+v40b}}Fy5h{i9d6)7 z5|g=w18k%AM;^y;5_*BsT@**;@5JjoECV}{=Wy=$-X0m}Rkt|Xn(ACL2uzM{^E)YS z=#ItUoS#W_MnOr2`RXdMpsW%frA$95#0~X~s4Po~@qP$eWzq(ABr{V6E`K!YR-!NuCTb3X#W-B{@2G|`9+q2y8^BS zg8sf~xT39b%wMd^bnf}kM-QWIQM7O@iQkI)amSphoN4z=5X%*%EysjE;|)Gt`j;F} z&+{0bWzrK)ifXX5{Xi-$5k95ncj#-ylu!_o2P-QT3#^r;yK$JQAM9ZlMiWZw^X!VI zugwJraWzNP&953Mz5redB+%r-3X9anSu-&I#HJE>awp zOn|;gk#`=O=<%{RADnNqdwW&PXxq|YR%g?+bq_Ppuw#ny&FKa8V>;VQ+kQ$B#!HDM zi$3og&VMd1FR&A5Q+r$L{PA-o-n-#76poz!6LW>ehse^{kKQa9?L>w+n6Wf|J~TPs zv8=|{m@I$t#rnU#Vm;ej(iI$5iU z;W$3#h*Aw7Jw+>%g?|3LC{`kT9ra{%OrkR=@p-4jhE)yXh{RGxz7bl8-holK9jW{I zRojPWf{1tspYYjJ;Pqz3ufw-I9X}QTO$a7Ce7zzLX627&?kjdNdLbqiJUs(8Ir4E= zDAcL%UzS91A9PKY(IKw0V7sK~#diyGpt=ar()we)>0eI$O99}Y4!3+DjcZknJB=9E zz6&)gfl!Ewmb%?|a-POuJ*{^ySKOZuWZ~<)lR!w(1IW$H1IQe%aCqkubf;pJrbIY% zpPqkXTI3&cv+wuGUgi zV~-=CN-9k~HF+-rKdubdZ|aA@;=qzivzTV;d2)C(^&~VQ`afOB6sDNyZ3+f@DCBf6 z+1c1($&E26tuTkc582MGb_m_^zCKUJgMOsOo480rWzbQwV5=NCI0*34##-8(NV<(* zzX<49XH3s6gc6VT)fej5TW25^z5vFPsLVy}^#!!Gsk=M`ko2VK7rl&v)#)MpKs#(M zR;QPUZ!b>FaY-I}o-zhU9F{2=D*%T>X_cqlukSm3&2jm?tibJ~s5}G+<;V5yzrf;| zG*h!1fxm;43CC%rwWV;tB89GPU9L1V2LAL#MDcF>N2d7@fRY;^!rW=TW7E=No{p&Zez&9f4`9?sAIR9jR)%zQ(kdaSan}yx4)2 ztV*|E$a4oASDYkoRHr=<@9fyw2kQJVt`W8`KR>j#VvRqGL;N;Hjmd|f0g9UNZB zey_nFcr~S=_tsz7I6_CqC+~WYURtib2;3g5{?xYy%_Bxo^+Q}-O5|r=tvB+z+*58m z7?S7{`aK^MLV4P)viZ2T;SUNafMVkN3ut*lPNe$_`~3K6UE1r);pedt;Jic0rzId1 z^Yx3fDdxQV84=tAhIGTTzQSbD?7byp^i5cIA#T*w z0QZwO|5TzsB#DpLR@Pob+07&o-%|3byM9QHK84vg#W=?3NB(IQ8Q&=$qMk7wXUCdS zEIZ69>_}Bd)kxBB>4pXTJ9-DvR4P*|mdC?$WS3$HTepCrY-nHZ_e~`N5fhJcri6sq zpLXJMkzQRA9?eyTi2p9LHz8`C>Y-s`g@xApY;9^pUqc=7>du6fvv^uHPW|SJo`TQ(H|wsGs`5hoz%^H0>xmv6JkMr8QW{FRFUs zkh6VWVr)dgA4_pLkWWThWwVZKW?K{B)XWaqmK>xN<%Lm5gabW9UI?pwIKff4x1;Lg z6GOiRV8GygG=VV7gM=l1E&SSx42?LTg%`G^HJZ$&1Y`AMt>&@93-_ndgw?5_=p!g= zhUnJZQ5%(vGty+LGy9U$ik1B<;c^0jsU-Q8yDBpax$55(c~`B09yjDt?vjHx*S^E32?jbCNu`$=Pbt>4Q$P_X?( zu6r~lT(5_p>~z6!P{vAH0X8Q*SmqZZnIkj3KPjBqF>}q&v~Nv1Gs)|zCt|YAtjFKf z7Dc@37__7(o8;l%Cef*PYRN~zYdyNZZ)Ea3zWKa63(55D3F%i%>`;F#`;yk;ixS?o z0{!p?eR!u_xEarI&+v4_XpE}uvnPY!r9C`*+asClOA2pUUcnA1|1D*jjT5Y$$U9y} z%!lJbp=-yFV>fsFy|ptF8|u2?2;}Ee!vM89*$~jxm9>gL_Nn#&Y<4fi*5D)d$#)=G z6*Bve1|Kch(6n2=T@$G)B+44q@bmI^Nr`5G(mQal$MQmcCz9?`Tur$ZwXZIwp6}K_ zyM=8?#kK;yMkvpC#nYvzikMQ@Kf}2$PAz%S6126mGew~ySZ2UGF zclX(aqPqy25B6?{#QzI?{8X3U^-28Y`Kxo1%9hR9^As(oBfMTf?iY+b^KhwBFXJ@Lz_n^(t6 zFm#KEm=INPO!;?4P5fxEc-Hr1H(G_UA!e^)w2DSIM3gJ>(JZ)@^rvZeL8uaIf<%$M zXu2(-CGkxL#=J2!yUtRUU%mSxU7;dAfXL^z%RQ-Qi~GLRDxC?}K#ryct!k}VuCp3n zq<~J{C@MAx$9#G=OImTiA*<(0%+T6lT^Vow3?;{Bm5%h~IG<7OMeA&IbYj^`r4T9y zJIfD{8w+8`J>i(#h#};rtH;<>YPCHs!@JH8BXL zGhHzK!DvOu{p6Lz@V&taP08D?AHh|5yGhJ?wJ!ldAgPRLhg@IE= zCT)LvCVNMT6(uwNVR%^yEK?Zw+;rEBa~qU5r7n!aIWxt~rJRm2-w*Oq7(oFF1c z6L^$CqHvx+whm4rwIVmZZOn`F9bqHPvMBx@MiQ||E32?pDGX%410&^(6%#`dX4|Y9 zB2bG0c;=g!n9HOkf`P^!{gW18M-zNFPnFFRfi7=Y{kIpU`@PERhvUi?V;QP%W2J7P zNphN>NR>*rj?W<-I#IePP|3zt$06d9f<8|MsG6hVJf^3DrpmW$MILMd2IC-qY(%z@ zZNQ7QsV8Bj>}&-}yCN>S5X28`V?^NrUp4U+?AU&p-TQb@MUA$V1&!>+MwQGqj)uHg zFieRr|2(u8Q&FS3wP-9X9*pUF&5y1RU2%h3tO$|iIc&VOED?1Q^P}@BD<4x$y@i{NFh*8whdru1&U$jD_fSeb}$oioB7@`kxkHO}nBBA3;F2EmFO-H(% z^SA*0g#h&o9PP)~z3O6ac9l~dI~Fh;A>-;F2$6qx!?V~HaHDVs5IzpAR}Rg~+2Fyr z+9{~vkFc-%)TX2_mOc>MX9t4UiH9I^+v8RKcvqGDDw}~5esTa!J~|OmRRFmQCXCA7 z1($4w2>e=~oBiemxE;+?wMl59B&_w5I}GvLnzhBI|GA#16MF1^EKoU3VYtsI*g;O{ z;)9t4!E;THnC#Xlid^aOZl5_LQq3h8UF=PGW_%SAI_s$MQz}c3ybC1TtO5Km+s9L) z&fo?8!W6&bM5ZY5QvT;a^x+jxGhn==>itGQpgJv_O3u8`+&PL4G4)SNR-NOj-U-A6$_>;UAxD z+9O6g8Gs~5(f68)fS8pb`Fo=LnI05tUI6#qh`E!q#K3Ms-)CP?@qf;B$DMtYXN+)EzPq zmp0FS+LP2-pIx0PrcR$_NErt8vi5naHAeGXZ6G1_9_407}h8Wpk(Ad#6vd= zn|GC+rYfqS`^yKuBs{qFTU~lAYt(68<1GZ%W8kCl?Wq=K3(By#KS!JO?-~z9YUL|! zfCx~(GU9iO%Ohe-21Q?(7*tdN2JVc?7GBw2?7rtwM7RzMHQcMbs$my}H?zQFkF(eg zW-=?yTSS?uyu|zWw68p2lBc@kM0Km6{~?6(S<5bcZ{$LQoY#u^t8a3R4V{#qI|_=r zB8T6FBV+8X_*a2s6^HVHTcJHmRuz#&c*R^^l3zo9Bgv{?eSi5(MR>6;ZHjP`P}@3> zy1Kw44u7@~xNjTHbIywq^U9GG;?EV#!UWu^z>thv*%;?4!@iOFR}^eTXUJW-yDBZ~ zMH0%zdV#T((#FeCTAC8k6y%glmcrie9ZqRwyw2_)3|G^4EWoR$?kr@R?5}h#sFMS) zUM0qoNovGnMfJRf5yvXnn?1oUeeF_JUCkg03xpCM!ihX+-g$R8_&d=MlH}K_iD4Z@ zhavCl=NGB*QcI#YF{?y+AP#m|<^qdkl)z20usfuH%2EC6GsD~j(N`(Slf%=jTHA5* ziqD`B9Sy7rpAOUuEVuj#PI){m;QRu@mg`>n5n^_U0AwQyoMXxM{uxGT1AYtaBN;Ux z*ta}A9GaLsf}X?adPK`sa3zR)Rn4Sh6Ljql=1)zYAZ-5u{N9|J0^l zMeZG$7=&zEC)&w=Tc658XkCY{?WPC5MJYrx*ZBrTkdT_6Qyj8r%>;4|b8rpChs4m= z@#rpZNlD}R<7Lh4-C$NHMEn_%;ZLjdiL16buAP~l%+{#HL+6EqIKnut*0-&eCDlFn;lf*>VF@UX*LAu^Hhu}Sl^}CqwRwNHfaIgf`B;rTDY;h1j3?451Szb#pdx2h9J+|y=}bFpl~C9FG_E!x=!)>> z<;8M4+l|nAEPmT;aE~N-J=R{Uz!E5s?1SZ%9gpot1?zS8j?Wc;)G>z8&toYB^7w$y zUFUC=JoU0srS1dywFiADgrnl7%1mzn?Sk(cjVC)w>FNzWSQrm?W2EtBUSbkavzGX- zB4$|PBR;)1LzpUS&7)T7>BE#$+PFOL^Q*hh^%0$qCeJlLqIeCkx5)E8A0X+zzt!r^ zZLFh56ZK+()@aIyB7_0+-C;=O;`@$B8Ihwqa?f3^_xon(>pb^i=8lJb2%niBgQLTK zF~cgZj`S=V^}{8^-DbD^&*yPko}A`rH-F3Row6a?;0)P)IOspTj1dM?peJ{_ zy%C1T!xM86mfhm67Pf=E#nFFgXpK$FQD4_O{8Aj=STyK)`&6_9Js8Be;>f67i{}3# z7R2?*NqD z?jy?P-2EXoUe_%=U1ZQ_x`PVy5e2t6P$zx-h0ik-d&m1e3o7Owh>O_McL=>+C08XV z-^ns+HKO@@aUu}!6L!2kt#ilgwbVtKq9nkw43Ole1rr$mvi$t1|0>?0S>J%hFGq3E z=%a4z)8Y{DDe3i;qJ;cZMZX@u_H91C*2x09N#UOSQfi2_;o+UG)5YZZ&?Db#T2V59 ziU3}ZBh>kze^I)8pIvrw0s?`45u0#mh=>L>96vTJ(DvACGHu=QT*(S90SA0@J!~Iq zxgc&REzggsQtAEz&7wq=6$T$@K8AU)-B{8D?4Lu(+)tF+Ly0ea@O;pqgY&2(;0Vjl zN5DIJ>FcX0)>b|DAwspcmW%{im#JJ~Jr{s<{=ldLCpTk`^#-Cmf?VvjNblatBB(Ry zlA4`akIVJV?$})7!@`-}gD=U6eZzZvygD|L-_V|ItYid|rPn|9_Up=f ztX_`Y%{m4>T6o+p$|Wg(1w&oP8@!y>&4h3(suKjhXU zJvN`wx;I>hju)AdtQ+mA)4Xi}nSSpbUSH&&eOI-7%*PNy7=*VGJ9e65@jk`iNE@YV>1PLz4NZH4pCJPmC6$V6Nz2|PNlCy&hT@L3cvXOFVmb z@ht2xz{jPK__um^|CdGPw%5f1b<1I)VvP2(cx<pD1L%q{hzal8L+ipN)tPFoFNozji;{kbN*YfR`x!IWF zQ(sTevLbbi(V=8R(;~2^s?zhe`K^h0C^PNI;pAxh;Ey}Sc`$gHTV#;Db>+|!U!FM$LWH$dcgBBHXwS&DO1WGwJ{no znad+Ia{wz$GIYOjYMxp?=(l6r2nHtI$PoPD;wSg zb=&1eC|G|*S7|lK+BvNp&arxnN^~xFP;O=k17rsw(AojEjH?iA%jv(Drg;t!WB zgz6Sj--^6kW>$J$j$3&@Bw%rymkF-Ju9OiW@@{;nO>KzB&16 zqt%OUpEFP?Cehf}i1gNh2bF;vQqUHI_gQu(-iXIhh_p-Wss*>YVRt*VQ!3r_ok>D| zjGF<|n$fHz+5nyTnCCiX8^ht-W#7w#Zw9?!L0>mS-qzUzy95@q1-U7S+!u?{RlvHi z@7poM7f$hFR@zk_?x4|-_Gq@L>8PwZ=eem&1>IB%-Fl&yPBi>ol+G;Su^)&|#dWj$ zwTO5#eT}4?+;9*I&LaW@01drhleyb%WA12i`0RG<=|KKAbGon}j#JwmUHWbI9(fG~ zC~9_d!X{BS4yh(cLBY`zp;hRrudB-ta*yJas@6D7fq{P4_ySX!AB%QR+NWkXZoV|8 zsFj?UsV1O6RK+r?@tLZIb68 zT5QibH{;e;;IzV~`-^Yq;17AQrbmO0R9lc{nOvhhVR|=Wi1@*bDEjlBcxQtJ&_72r zh-%}-lGhEhy0Z@XB6W6LeN{)xV1ey&LUYR)S{iDDZEBIIck|5&*TG*uvOIbnT_pEU zpx6KId2Q7pM1(r;i?hgN%4MwHFNlXF2i0}>1VPqVu0wwJT1*yEcjy1K<6+GXSaMDeUYBs#jR>g0T=O`A>2MTEe(!cHz5?c|ucyLBc_?bVW-6lp z>4xiH_?5ab0ck6E5}rQO@@H59A>PFO#W=Zrz0Em2CyFe+cJ*bG9ClhHXZ_wX3^mOU z(Orn$Ise%}`~x8z_I{x64gT_+1^+6A7Sqx3M$)qewLszqwVn%BZ&IHhZI zKu{7b^Yc$~T>tcESjkC=3BNzv=XY`scYIO*m&yObp{@j^FI&HNXj z55W^vreiti{}3cqWPvVt8(G`F$k|-P^#6GfQ0m*;PmW+AaHc06;w7-b|Mw?-${?{L z2|*G4CgA3zLp6eAg*n>%1B~l5ElhWh?6XOs0s;u0Kc>9#pf<2a@>E+%DcNza_V0UTW?-E>P_=&<5ckZphOt~& zK4kwrkz4p!3AFE;X$3uXAX6p*eN~m{GVu#}=_nRk7^puBevAI@qg-pFhW}yi*}o|t zb{=J|3NGkv`bP@vrT%Fd2k)QUAh%y%#WZ2c;_uSr?=z+HgC=G_preb)#-K`#j!=ZX z5}!r_JYadF-W@fBe-DY)K~uNa3?=cq;9uidMdTprKHcfY9|Dd+M0 z)PemC*td>zo`w^@4e!ga0De^F8vVFkU!e|o{%fA@ixCbx(7SE<{O))AJtM2uGo`CG z{a=YU-j?m|b2BN}Hr3$A7uRIwvcjJWAi=i@1K^7&Bbp&mYb|i5srn)C3izkN?cw<> zDkwY7#*{Q;m;VNzIU^rG(B2j7;nxb$-R1LTL$J8zAd(iDE_UpI zi$}uzcPQ%mLb500_wua8`afTzJRePXR=~N3&>&ywQa6thkBW*=R(GMt+rjl#0G@ta zkTPFIAjD<&A$GqCq^#Y++TNe3cciL>KaM>UcL@9mR%94htuDIez-?k^Xh?f_wgvAi z%ShZN3>MT}1KL)JKb}v5p6jcD?G*9;ej%FXR){?yW-Q&MDqk^tt!)v&@35eL)C~sBA z_iVcG1lj=xYT>8b)|jfz1+9xnSBuYS51@a^V*hlwl}SyCaQVBjrKPoC=&X=x*gaO#M?-DkhL2Y1SZn7Bp8gyUm#7V_MVV#kMe7t#=i++_ zc`WCX6~OHLn|!ACe{tnOjhK$k9#WzSIDJ`QeVXLYEZVIE265DKUILSai6B9qX82yyh+y0LXP(A`{*8bx@*CuScG z*38($V_O*$HKC}C!)|$1bLp1zPi2>pZ^j+>V_!6j9mF|o8)+)m1<;cKxS#zwY9|DGH+k%>s*O1!xJRZdaf<^0= z74`#(${aqBf@oViNU3Zlhh_GnMqd!iSLF{goDEzXQ1B(8kI=S`;b0#guwgT%G_^y& z{-##F)(?d5Yd8J>p~U|NkOx+`2GCCRuND+#UQtmCo$f3e&aWhU+S4V|Iq(J^yxsC` zymnxyag%DUL2aeg!GsgT2Upjxg=ruO6|spBc^mjcOcKLpggIPCnbDWJ8p);;gv>`n zCSsgJ_{+?<`Zj@GeHcYhE#k5Ubzq|b)~xyM@lkaK#cY}lK-sj^pj3ZsR8;5tZaP9n z%&B+-PE=IEE|_LdZj;5guApX=RFk)~_Cs+{&-5}D@KQjY94XFuj$5#|B~o62>5 z5m9US9k9Edy@sh7uQJQs{Hg;;^Vdyn&pfSRB3)vQC(3!d2c7-hg~Z0C(EW+d@>2G4 z90S%^(s5y}>%8&v9#Ho1(Hl_X`{A{b3yQ?l!vHgJZJGpqI$yJk_WjtmPV`E*FmZlN zF79-%sWs)$U%^)Q_g8|1Oa)RFdf$RKu+gEt)Ec&!1d+xLhK%PcNF~9pW-?D`U3jiw z7EV*!`}ACr-cPy76zyH%;!EG4Hl)f*KnKnAK%ZHJHR+wmJ3#+(M&^24#hkC_!#Bp$ zpJ{?Hxuu$G&)LIZlgOSy`%@sI3DZ#fq>>aSn2-z)&o(l>=U`&cG&KZ;g7xZ<>dWO^P8I$Ku z|IX6&+j2YV|0C=xqvC3iZG*eJyIUZ*yCpb5g9i)l+PGT-f#B{E+}$C#1-FI}oW>jH zG4suxx%1{t-XDIj&RX4Ft4_(T+Pn67Ct2)zIEbNwjA2lEHrjP)qp<19^?xRs|L7cY zKjwGh{b9jp_tn%NIq`1O*wJxsW9)jN`pe`+#-H?d#4#~Z8pq|Z3#&=6%&icePj!I)UM+|o z6LE4eU$!v@p~_W1PZ>t|P;?=5chf+7VO<wJ>b;&)aYm`@1KrSDwgtrj^Ut97V&0f9HB=}r^s!V8jzr{u z(l?OGhz>`GUMxgiKOw)Tb$usG2`*~QoEO7`Imt;9lRv%RHn^CBp)#J5jUX#W+5TdK zfIjp0XUB^cR0Afm+OLNkm)xMi@cCFP^_=@W3gp9vlG*$Y$%CmwQ!u zYR9|EZ52Viyp@rlRV`3L__v)nM-o)I&A#Rwj^RmS6#Cy}Mt&*^%^P9E__Ai?c#oo< z9cXgxF@%oo2VF-fZlAf3dB68|{+O>BP>X}n2W~HR=lKxWxi?US4{OK9C$-)#XhhfY ziogc`W^d5aG{*R7Ca^38H^?L*v}6<;vV=IUdljAG=&;JW>CAqVG)z+D8=u_|_ccyo7{^e0ApeV$$pYokI2EYY%co zDMWM6Zm%Mu4J2-OhFA$nGpk}w+g3+ZwM6*iO>fwj%V-)ibn$z6GZks9l!f#o#Z%JKf^JD{JU24IJuVXF<-Slnbe{{nI8(0C5L=&q@XSfcjt%eH`^(FaaBirJhs>Q zt|_|aWZ9}5Ev*St6ih!%5|_H_fh1YIo% zt-2-OAI%KD`!$r?iebm&#_wDFN)XmlTV8orXTTg@ULed-g#1IGcV0sy=5(&H)ULoV zJ$Q~A-kg!z%&gW)4OVl(J(GVSWS0IbpDMsljgndvzkaWTdTul9UTToh?m%j%CB3ms zCc5UcJ2uy#AouYL=G3wMP;HnYH}ddik(_=>;PYB=dKf$Re(5LH6z-QbBS+tWSDWOx zK(+ao^*>>KC5)6d!upV0QnPDJ7T2inbS$Rf~DSr>j?Z0f!T+ z=$@+3_WIb-(n^$%WLoko(dS2eK;toxcc%5egh;ZO!^uU_LlyjrV-C~smb;)a@BWN3 zL_SSwwhzoVA~u zzj3mBRkImJJ22MnblBPN>7q|0T6HMh2-(;SS7s4`C6M1^lZ78tMQG}9#>e~qw4c?= z3)bdJxE1+>U$Hv&BS)A!AM!ALm7>L$`plQ#Tt*D`b%m!OuabM;t3p*`h zuXVeV+Z$yE<9W@DASFvtr>E_>>wVv6Wa=3L8srUt_;Y_g3{SMwUBtElp389~sZ2 z-1w_m?n#2Cwjm&{U_Jv?y<2MPhShJ%=|8^_{ZuSJ$}o+43Q}h*mAILn#vHdG$xKS~ zWs5G0Bp(%23$>e1X&d@nRL;^b;evHN*);Q1ezC=*xo`Kj^;i7ZE@H0WPJRLyN)q4G zN}e$4x7-Y15>4u-0I9I_uzzuIlZ;4@To|`_XOF&+kmE07k~1quNkh}vl$j)(k=fzA0m(y+2&Ly`sIEG=JrXfs+W&om_~FwMbRY(d@iu=%5?}= zj*eWo861p-gT-|dRg}FBrHEmh?$&HbKFT>T896TS%EJDcD;bSjUX&9$^e3h16C=nb5! zhl!j=V19Wc9Rf!sTS4xziIywY4k~7*Pm%_Js23>t`QhuouE%S9{AyN0tfnhe7XBj{ zeMWY9+T8NIUi)yyl87ypy^{5D`AybLER=)ZEh_t>Abh#|j=S1I+gnXw4EYF+iubhA zz9_q|!FhbOdQm`5BG=Rb6xM?Dreo{{l_^Z!oB5&rrN_A*6qC3S&DV zpcxWTM$6Jh>}WiO@B1=5wR7sw9SZJJ4aZ4_saZ)vRG1vBlLHSrjNO__N{xp_EsvlhiaatGAz+Zu^OA@bFKMacmUX1JWRD#s6T`69{ZnKSBvc$uq$ z#tBmiU=_}F>@I)D1K@EH{1OE2_J*e5Z2?gf%P510g}GFML$T)gC{5l=tjJe-Un%&$ z%)l)*(Bd6Lszt=2l0np^DvH&AbN`xgE}s($I#^D(>4_@;YI!znxzQuly%FreJidQ( z9&Gdpbr$9KPE|O#zq;Ft`q)WS(*?m%Mi``>$bCAw*hdb>BW$m}S|dVPICdAVA2 zi*@6AwfI1>Ca9MhCY)9xrwCxa_{mZyU&u3Qi1Daac3llhqYRb?2}W7`@UgS$G>K->sk&J-0^_s4>{?Gi9K^EEKQs^BX?}jML7mO{1aro2wBHn~4#RHBhOp*SBLY zSyJsA$}&4%f2!*KM)HMnlKzYv6!bG5xs$d;N7~VB#9Y?MgGM!Jh3C_JGC1|zVZLUAV7R6ms?KbE+7|ad z9VHXL6Dzr7tR~hwq3di2{qgzkbugA3yyTrv5PT>-Zln|N;4sl|cbSi=4DOD@S*Ui4 zJNN!8@V}!s4*6j!<3It|QAW_fD}bNy?AMasUZ-lY`jwlc;@f0zG2DEWv;xtv91xU7 z&>Ytewl5F^4{y+;xN7{|Y(nodAs45B>k7Ae3FOA#jUl_d?l7r?ph$jsJ-|n>I&EGO zeo2i}`}x4O(kMOp8jiT|-Zk&;7^|b>1o7E#5;6E`#k2&m5e~DHK;vd_)O3%+iU+$&l{d`>m;~m!1c2XEafO<6vN=SAb`076Heg^?Za}e zP1SIAv)EAe%RQ*&;ne-{xV3xz?oDmW`K57cMla=-4&Apyrb6N7(C)~J?Cx5M~!hCXwv8z9{ca5qvIt~ z1Ohz#mLsaEl~u%Of+7{IZcBoTH55)v~43 zh%>lSEv|&1l_7DMuyE=FDcpTo#AKBcTb|gE8xbyersU{Yj*-D_b1xk{MZf?9nyG6g zSKU<+gn1urK%gnrmY%e_a^U6hiCeL4yylJxM3Nh%O62#ukD71u*KeA?MXx{={T`Y` zN+);p?8l8APlyL_ivUfNivt#MWeJP0 zm*ol#I#qHNBX0$b?1QoUVe+sQ^Yn#gWEVgQE~bf}JzJNjW?&t_*qu zSKcFiT3Kvg&>(O`KQZ?DNWE4y`aOK7nSXtxU~E}YRp6S(1B1I~740YBj7fJj+a8XY*CsTnz8MFM)GJ>=y5K|ZH_i(vMi zPF>v89A_-}qM`D}qcb3|YEYwMJ02fq+69^>8v40QZ;eZci0QfOtiZW}_bbuKRW+a4 z*xZ!;{blywU20gN<7E|nTq=UGy{goi zy-@PJh>X2m^x2LleckpdxCs5C#kJsj&G|S7aLrL6SBCLuTQ5D~>a#7Gw@W6b!b;Gg ztlW#$e4x?Eh)&Mn-By{}h~jC5LQK2*Y3#|0zpo^iS$Q11&Ka`RvD@;}m3+InYK?kT zt%*9=4m)?VH$FOqV`LB#n-Cb0p^!3Vyb6L+1WWn!^#`t0YU0w%nE1s|n1*E2{ZIP- z3uFF|zvB@Bw3PBs4H=5|9@p=4m4Ebi(1k92!iBazNnSXg8-1HFQ7_kQVj zJ~t0FJn@Vb^gf?+3z;J9J-q326n`nLC?YztgrXKPJ^>PVs<&YB~_1>RIZr^*&#~U4w$$8*U+p?g*y`w63XuI-|%LgILI5v`^sB67c zHL^N`&!S@kc)2mL=ACH-nUT|oh;&4sH|pc{!hX&4Yc=U;HM10Ik>{yWN8fc5-$R~R*SI){@0ip*ZJo=%YzLGT;F&X&I~M1xWT@)mVC@FA zm+Hj~eh$KbyDjJs!opL899j`e;l~D^LXKn&SqO?%TRjB4G5GSj!o7n~m`%N@V~+pc z;=Mra6Q|cgj=+*Ao&~-VRDerNKmfmk}ZrCxTN#LFd=T<^q0O`Mh;ZJQSlI&0cr+5 zGMP&kM-%{r=s~oR8;0e#EX@yx2=bbG(;m>!*7!L3KRTrUaJj$gN#9dA+AcpRmG`BU zrIYO8QpBjC6xZajC~}G)2%YE55>l|jkLOcCDfEO1>Iff&?S_8f(A`??A=y?ON>$wT zb$rI!WyY8Vo@K$4P(SU)KU84i%8GH9&>Ao7-|TnSDl(9|l{ltSL-7)Ly*@T+PXHhE zgjuXf$;AcD#MDPfeINr+z>{s@Tg)w7M$M9sZZReyR{217*0sPH!C1Y@^D8KCGbL!5 z`!oVmnofq=_3GoT|3N<`7LEc_fGI%qg)!PZVRoD9Ln zsberE?LLCw)Xn`cZ+*Qgct!wmH2{aY6`N`W@fSSj5ij{$4V$l&6t`+&&L2{V&l?PjJvuRI!)7O1yNTqKvt;VuVMA%ot^It* zxx|{u$p_c*{oe3u`q`i%YFs-Mvn_njVun!m^dXWn@JjVnlZE(8S+g4oGn%`n&AnIF0q1N4&fX+^BvGzg*zU0by`( z_S)sgdrA{6(rxHqtSYnsS(2!h*YHUdUJKSJQyY;-l_M3&%q8N=TeK|!t51@6ZeLFS z3FzIb$BDnaEz8zY-JBE+r||YU-p@141&|+ZidYThuA`fEqlw%eFl6WWfoBC#7s6p&ss}!*Pl@uE=cE(t?`V2Cb zj=B9-QaQS}SOy>DWQJviD=x`}k^{lE5=uzd3hT~@;H+cW+W4U%l)tJvG&V}<9@9 zW<6;PU}zg-`@@z*hyHA2ohT@>DosBmw|UG&LPG}aux)>12m2yFOEdDb<8k)t2MFXa z$~(z^H4gI1JN~eDrG0XX-w+!=l(z*jNO|DC9jAS5PsTt@3hG? z4vxLd`(~`&3Hli4@wE>iwttLI|DSQDXHP{Ow=nWbIwUl|pD5N3GU%=D|BRjq{9l^l z#Tt|r=YqB?HK-~a`B%@A{hs%h;b%8LCQ(M0!}oq0FP~JL9ed}sx1)y}y{^o3c%eGX z_51&S^6ICo03FZ~N@NIEg|wt0*FRS0|!}y@r!K5 zhT84u?-cyuN4+`>Ev5Gb#q$p{ULwbuFPJBQ$FD~Wv%ix6`Lq6QN8tY@GAYUf z<>cW(fC^7TI616c`v7 zLgH=b-@;V?-|zX)2kc3qocy~ZgV*^c@3s^E>8<}a+V&rzBL*=7@XLARfDS*J=npEy z|6wD0LMSzNi3A4j5sFBlujDFvOkxsv%b zSVV;(6q#=!Y10cPLFOYc5HxpE;ZOhLnSmMFJup}zj7)OU9r(ol-o~@Dz-(T!6$A%E z98u^0dFtOS{Wqr$oKhA~6!QnoDH_4G-4E7$DiPD9pUQ}B?|yva_cEZkmRLEUngTV! zCVK^Nw_j}7)6e!q6!Y~J$!?>=OY=j2)z=Q*;DH_Hv5VFI7f(KLN;04v=1z8}*Fh}I z-^&(iK`t6pUfPE=XUU1b!SDw#bAp}n+ug0WD_P1rNXTbO9yWxd*`SU+W^Mue`njM4 zEa#m}L7*^VcFV3#22Lz&BdMYrCAJH84Yx!L<}Xt~Npv{k<= zR=-79SA!CwyE*t_lE2K`LJj4n$$F7e-NQEX#_gqLfO;PHpzoAmYD>q3La^HE=#d^j zm2oSO6xp0R+w&evI2DY7OVP{H?L*M*V8Qg?J>iwUdj&^JwX$DAXNu)r>ffw{63&n+&4G`>9Jvg)-%Ku2u)4spEKRyihU2j&8oJj0^wC9++mG+aP+&$@-IPc; zFDgXt1GQQRuJV=I*m#;*ck#}z8S_*K7B}z}lv#<{tDuee_-4fQvRZGAM*M`G=_G?-;*Iz*n(a3Nd^8xb9>)=GcS(lNR$=x~3MOAM?xU#0 zc#v%msM|lpqdf?#mY)Iz<*ORuNjT<8_Q+D43xbLrWy%zJBNUf46ZlPQ=8I0XCc8J57WPUzEuPD;`!Ho6H?$$xJPFL2=c-ct&Hz z4;QtI=SR&d+bRtA)!sST0jdKPCX{Q+m}?VIu#?r06#!mJ*8vQA4uSS9FBX1uE^-kfBLerM#xEoVE1Jag=r-n3q-BceK$Lb z-3*l@4CaNZ_-$_NW{*4DHwEmS-wdAB_{i^DgD%(3;0JRizc1fdfBt&cFM+~T_VS?q z_Q)pL3cIU4=C}tYPr(P1*WVmQt9bUoX37L26nRaS{<%iu+K5uHl zc<&OkGAa(vJ~D>P`q0+&t;~kpo$y+<GH}G zey2*LA|?8m=g;iULY&66J*PVuULT0H27csT?5lm8i=F+lqoZ>2>n^(Hixd5Cxb_*B z4upjFDW)fXV|=PWT}z`S(i|YTv7Nj>0#X`bv3}3mFE-LE%WCvMLR~aHZHryX#EH^9 z&xVC^(%=9spxIj*ZMi3lj~rr?4adozX?j_x{uUH zMY@K9V4%oo4*aqUGc5(tmg|)cH%p+V0Z}it*!%Ni5NYKnYFxQZjE)A(NY`yV4Y5x3 zvR-fMJYlYFhIE7NWlLNTIsbBMD`t|`DENkHX zE-A^RAlZ;qQEa(ygZ zrQhZkJc4G4a{1759o8&_rzxx7Vt8yeV`d=F)dVcO$63HRT{km33+}TGnlP4y6p|zl z8^s13-+6j!K%M4+sZeIk;)x5=u0%{9pETlni|OaJn)7D4d`bJHd|38|X;v4Jq{@&u zn_2te+vKV;$-8u+f?7Kf$fQN?QCIc}yIdE2ZS_*)=yW+p3a@3m zho$ErIXZUyfN(^~ph6foZwA}R1P*b@9wAm7;6_3;9g`^LQJZ5bc?(W9iYriwlxmAC zAQ@6QkiHCxAmq-y8*h1Dex8w^njF|6nT!O5%Bbt%N>I#;by_=tQ z3W1|Ev>#x)M_&@-KWA#Ib#Veq+8V}(-KEXQM-zz>)b_Pb!&CE%L!}Ks0Z<@k*^x)- z&41uVIKCc%nU7g3vEzN0&bVcRANq-FOQcO9XUj2!zStBH#o@d5imMbHHzKd=6xYRD z^9qR||4_uJl!g0k&p2@W7Rz@(e6>7^H;E6@i)a>Blqk;&cmvl1TAgc4Pb{<-T;~iaK$1=q8mP z->Y(v-+eR?`Tb*QHuKhZ)Bssf;OAW6!clPw8oS<AtQkLu$}{#zD-%FsljyB5bs@t!iIL(WgDg zsZf~Mx0~K=a=>D;60P4q=-)^og=WudsK^VlRN}0`Vj{OcojQoz8ogb|DW@4;4YO}j z4tn@az1A#B;bDP5wKNkORmZEzjk?LViiX|-Eg7Fc8hV9Eu%5H;r)?=NwtgWC#_u;v zJ?eB2j5U=mVlX2&mtmOcEGlXvOGXpC;x9Uz`I3-Gj`XsD@4Zxo;YJTxdSYZ3p=e$g z#eh^rNZ`ljg$=1Hn3bl#g=gzC0Ju`{)YZO$fm6jFDE-k7-{ z0K}{Z1we)??{z0kDQ-sqxmT)%YfE9l=CS;K<>=%iX3=PbNk zo?cWwiirzc;F$yPaVrKN|5E*2dcXe=P7aSEqRQwCl_wCK3%m9zx)u2hGtI+o#sSw6 z3eC0$v!Q-3CN{3049t}G_FpVCuBQ+gPazC;yKFe4aFs|%42xv*d$o7 z~2 zN@Nk5WmJY^<)}E(cK?`Tj}Vm0_CCT@A8p7j|Fqj7VN+)-O84!N=%bw_8*6Q3L@c6I z`6x`ICJ+*R{T2;T%p1l%n&^74qy_+H>S({j-4K|GHSOeB_#RP|lZaN@F5QzMIURqu zyUk+6+EXm>rPNzr&D&SV?>ZyvcFsrcd~}lQSa>dW^37-^^0l0_CgUSOI$kq*hm~ka zj(X!&`j7e^WEl5(G%+qJ&w2CpVx#vF@8hA0(D~Xob<#zzEvX_Sm*6DL@}B|eRidO7 zM-(XO5bg!guNjcp8M&MQ+#BqJRHkSF)9QBxZnRPpY}f@#`GXf9kX5A>w+h3FnbEoPQsThA*?iY_ zDY7OzWS445)Pv$?JR5fpCYfAbJ?Hk%$A53QZ7@~CsMzSBFYEfSSc|7-1C=ucRin4P zVPu(=jrwIdx<_vVn&lTmM%{7rD%D}{Ss1z=e<5BG_2t?io+dnG$?eQYjmCmPfj?E^p8q4=+AxJ_eO&Bgt$^W;_a!78fo5_T+G&E__paMxCu=UtiX6!u zC4&gv)234bJkaW-`W}AT{R(r#A3*R72@SqIniOoAo5iH4Dh_BOK?XvBvrh-#h%_)H zX!MBqqjy1mu@<(%Pk(YptbTbi6Z9hvhO~>5m1oUk)3FjNq#K9O4vXulg`sD`UD>W) z!FNQPZc&uW;EIUzO*`ZJG=qDl{1o<*hMZJOLL5rr>koV~xnsIGY%8Qo0`-a!jrycr z*>O2Ne;qY%-}G4xtO`!+_`dPKTg898`EKTEO#%=TQjK%r;Vs49&iy#&5%WU=GNz*I zhw$H#jyEVDG6I%l0EFQW(nbgQlKgPNdqoHm)L6Ys^I^sIqt9&vhj{u;TPf8P0}d)4 zxoK^x>Vev}A~W*3>VP-qdOsw8%Hu}owarp}+6I`W!7A8T(x@=09A)GvglPytEwV8JI}|Dh5PubG`ebQ8V`>-Y>$Dbn?AUYS~TZ| z)ioKeZhipB9F({p+L0>)Bnyf`gvI7K?1I&UXr+95)8(j=xxC2Hrcii;EyMT}%vr=4 zajxI7iARGLJ>0iGGbDe@nJ4kp8|wf2#&}?cgt&I#eH${V?b}!Hl<=s8Wf1aKy=Ef! zaolhgzKbn6>wUM`c6MFydcQ{d9Vg4IgRL}I5h+tMo+mg1YrTG8?H*9_&lulT`2Y?n93#=gH@ zPA?3i1etIw;%Mm0DM~6MP2TRLkeT6&y4ZeqOBD;^jy1UzU^hX%UV0wKw=K&v?qbD4 zQi#;~3NsQCVhO(4rwZP;`W40xqOl%o0+yf6{4n%{@Jd4ls^E`b_EFu*90HXkAl=8B ztXIjw_OS#8Yv>508-64&;8+^Xr^0BxGDLytPR~6@nlGzmSE%2sRS~FUX!GqC=LLls z&~-JVL{>T9C=8+tKio43iwVMmX#nttVLrn zn#l)MHcAv>8kj(N&69K2j4XDNa6c!ohH`%@Zi(H~eW-eaTxuyG(vV7@8ErOv=FrU_ z2w{PjfOGDMwwsPTbQjSpRh*E~EA#J@xIFwrdSG?jh29otCOfSt95?wf7~ENqaTy{@ z<3A|5)=ZCKLmftm)4X-7#*AlZUHtYYG`gS~Vg12yxW0X?rn?t0c%3KF;5e*k;*9}C z@_iviBo$VF_%jRc$0u5pUHv&AI4@O92pa1P+`|#AVf^N4M67Nk8JU)#kS3dJ zUdBMvxv3WKGc!?OXhCZK?wB2eX0_1qynz~)N+~uFPx(-ti`!17z zCgm96ec1Ig=_6@HG39q#e$|t}O!6D#!M-5SLvdFybByMEe#I2%yC;|XrmH}yi~@yw zQd6#iWhgT(;dvU8e7+Aws2qpR{UljmQ)l?uS|qQlt}HksNmm)egh(%}e!UZ-)CNI; zC=spuujTIW8=hsLG#4KPEWkhCkfS@*bRh17BGi5U0lrsxUik8b-Ixa4MMwGP4et8d4a z)4w++C0+kU@*7{o`vJi?|5~QcgK!1rXSalU2fToFFD3@M`t&nvx}MuUi5NWd2T`lW z{LIlHFf&2a+I!5jgaBzY^K2CetdoYBlL3<9!xm~2scq=wF=<9Pdpi`oV9trGgzPrJ zQ9}5FN0mOAl2bVvvmAa4cTz@4MEUSQLTvc%kmHIcg8Zfc>`FeRqwsJ*F6sdM6Fs>~ zGXQ!+;_M?MCHYg4hR)Yf6RB4`gC%8)MP)4v9M{nW8DSQ78y2oiE0DO2Coj^6nEG&D z?~*Pydq2h@lyQ6MFDu|SljN09_%g7ryDfE_Q9MKLL~i>RyytbY2({I&UKLOd0HUs> znq0yQ1WA|sj(_AZ7^~fQN)ik$Ztj{0a&V6E4+N-f4 zNv?jr{Dxx0aojg0YA+RSa^+VX0F3cg7-s2!D0OyGoRBR-^%~g)x>o~ z&kq1=LX-e5Y~`;c3my?iUK378K4cB)F@1=BjSn(UJT2!CkMvVFktVO$)nkET0^d1Nw0$n&kcEBs;)q2F%>6mm?$P0 z@<1FrheH@Q-T|w4j2_$_e37Xys469)pC@*s8NEIq{>{bGvA92^t5=~&MX;jAY?YkZ zsf)sYV>yDp{M$Qu4{ba7H>TXC{08{*3u;ES%`h&)#o#tWQO~Un zgt@`+-fDDL4B)g!v}o_R_D_VV+tDd8T_|)iA>vFad7H+P+IwdnFznA<-z~%W{vhY@ zHWu0x4z4{khLLK<+ZIbL9ViCZp{>^Q@V*)3Q&6qsQp>9gmsW;T0!#s&Xsdu6NuE;u z6QEl6hcydoDNbi(^L9LDHiHU$Ft#x`jtAeZ9;(@7#050R#P#RgC#!GiS%j~jii>?D z?c6tQngMnuodAebE9~CDzrEkgF@AIo@K<*=1XyGu_q z=#P)BYy@3~Yq2?CE4d>bN7KhU^9&eZp)6o`mw5x)PU$_Gc17@+QVB|TkP24UZ;wq_g`&+9LXV6Z!|A+HEKV~I+ zm$+_+)#>7+UW8#ilcMnDwHX)3u>zwWitHy|(c6B$+TBe)P!54r{PtY%?mWk2RzGf0+^LEY@Iqix(*T!R ze;Vv=DZ&l7kAA`*)k79*ier-``XEKLal7;0bGyvQcxV3z!M{)J(Hg^0cs&r_`||o* zvUIB^Zu3Hc{@xHS(lSAM2%IXCHuJg2e!y47XP3IzKzVV0BN-qterfe%n96t>W zRvuMgM1EZb$~)=<2ULFFLUOd&#rK>yB=Fx5{yyE#feDmo36I&|zy7ogcqfb*sOc^o zK^{TEeUVsnZCwo4<_J`NQO2%azy*C8UzR&H$w_vKBXWvbgjeh@AUUgo` zK7@d6)@<$^=rKeoZ!Q6-hss(nP}xNSAB2~k&^C3xQ29Nk0B%#Cf2;pE*5*2m1aqpz zZ=jb$``v|h`Hb`h=N5S=UIX^2rmDuOugkjojdl@u8hu+Gv6x{(C_k}(%P-(b%_4B>jT4SnrPjy%HXd0(F&z9>noj6?-CO4X0dm9<@$w^6+ErSM*?L2L zEy#H#iB<%Q=uneYOU~FH`6;xEyri_yHhSawhx>rdUt0#AaMbEwYwl_%ZYMD8`^D^H zB=ka5O?JEu;7d;;;$AmrTV5+^-%R}FdTxz1z9QF6)S*!?C;7Ou@M!3UdqWsoO)_&q zuCG~DRGJ=#ox8KUrhK28o-a2=hWs&zAbU|3Wa$s3zPDB#Lh3L|-lX5|HI5DwX*^G2 zA!q$YFJv!gJKZx!aNeC^;75CoY(O`$+~|D=n|v`OTV;2ptlJBy1|KRJJ1B#Mh}K#2 zt~p#WhhbRO_-BU|BAM(5L6{HtBqDWu*5@C^L0|-sJ}OT-k-l#*OhSz_Q&j%P={Oq` zQG<6MMjF6{hNr>vn`>e{7*vNnNEtWNrTx@qwRe$4jD@Y3Tz-yoJct|Uf9lmfg$685 zslc^D&dTJcx~Tzcj!c>~CvD*rS{f2$MB!dC zX*!v&bN7|I{bmAxySELTCWs~2CtTq~#W(m#St8Lu2*sd{e&`}mhffVr$x-E7-4e5T zoMx&%%JhtOHN%2%1FVo=gVByhiMY5!>Ofa81Orqg{rL;=H-cglvo?yS*sZ1DxVQvi zue>JT95k&I689YOkT3bQo?86*=GeE>%ZSBh9G^HTRBW?jA7A%}lxIdCzmlhYtvfy{ z*UKw#0p+=1e=lBQsX^hI5k-|k*Z*zt)8oEB9-!Y!w(v5_%CnL7pv(hc(3K35-sb9>iJ<~pk zoK4nAgG2B$C}JWb94y99()?R3S9?iI5&GiN0@UZd_C7C6039w9k7(mu2lFAuY84H#`ZDzsG1pz(lID7^_=&HzCr-mDwxPs{C z@X^d?@>|kx&fSk*+ka1$Jq;+ZLsZPn=&cD*@$$i#Imuyb)06`r9^#4}f`jK_evS8j z-FUEQriL!NgS(vscvn=Q@^^J$L|{oYeaR zo~&HPM1I^T0KC!t#)C~>+~oI&M_>|v+h&mo7Tg9!TQwqt{k;tS34ptINrgI0kvUMG zUP=}FBiE0yo|V=}#&nT$Lje{#?6gReh=OAq|Hz2bA9KwO^XlSHALy9BbI0j;*Vr3~ zlIwj7qXt8OI>i3WT9s+xJh59Es51{C4h}3DN z!WgUHj?YQ_Fl-pn&c`;OA)twz)kUsaaba!r37uhO@?)NsW#|TwoH;ca$ndS$)E+)o zj02^4O)sR~`a^5By$*b4&14T@@l&p6@E-zvjt$g||0ATHT*^VHiPT0am<9hXI_hk# zdpxk|f!_~u1n~4SLeZ;EGzI~H+tJM&16)o#%H6l`eIb<7YyRdW=K*z9d*g%tqV42& z4agtqJCA2O!ETTDCtq*pA}@s$+OGYCn?xy8CbG&QzxL_N{IAErpzCHJ2uz0KQIJP5 z=J0ageBNlQ*tGJ*_qf|x;F-5wCw1N>F(L_5cYcynJ^XqmB;FmaLRY^+wQd(r_>B1} z;JD@O+3646!0NR|LNNmzx0&x*ejtL|xk=)Vk3JxM;jTRKW7Cd{uhh7MaPbvTCp?yC z(cznCH=HM3L7W%*e=Sw8vu#CY0w2Ji0{j7tUlr9*X0`-7E_N`^`xd@rrb~3B>Uy>8 zuozu$)MvhmoiZ5ys0w}fy~szf1tR@Pw^7xj?F1?J{a!x2^BE-A{AduX5uFHjy0viSsSioP}VUZ*v@SGt}jIQIBUK zMH1&A6tZW;)^AOgOhv(0`cnmf0<4tpC)MYSdw$aO1$Omc#Wg{9LyzPRxZQHVru@<15`P+r#u(8xZ&H z#;pB((gwWa-;}iN%6Cmv7ovoe`A9xo5&rLc}Gka>RN3i`y1BhPcnHYNQ z!OlG1m$*iI!?4C@1aL#~>wF?r^o}8P1r|H3a#~qSSuQ(uJU(cj4+Gqm#5DNgvblV3 zLH3WUMnF@WRxBlS<`WSM245A<+~y`&eZzY~4nI$LxdR7T@aevdxLm)kujWq#lJ5xR z_NGmQxqQlg+i`XCPiFDmhgy$kPRs&11=$PrW(QWiWz9x?7)HWTkTJb!6QbB}D7%{v z(~EkM!C?Oo%V#h^cu`W0TjqVjw_v&RnQ%JKk^xjuYY@ncyP&<5l%n&Rv+EL!;8Z*& ziKb#giO)(NY&LU1JpXqoBZbz&3`NazBV1c3()!P ztQde*mB6^ayn?}Q(0T<2dDaboC#3XF)!yQp-UcbT0c;Bv@uCRk%X zjQoBiWd|TR^gem3JX(pZ9L4n(QNinOByYe<4&}PF3M{>g_uK;xR80|1s@vU3AjR7{ zS@&ukH0R83&O@g7xVqIL|6UX1$(^A0nHC->lzpjxS|%J@_f2&E+MtCGBSde{8z9QY(zha>3OP z&Ot|YQv#@TB*I*wAj{&e^J$pEYtpVwWjYE~*31Ix+p6%cy%9cWtj!GrduLUn z>d`tiHh}DW=)j20!d$qkceUo%mjcQhFcfZnyiJ+JE{ za3}$w%zNG>Go#w=%G{kzNEbeRqW=NoI4u^wVZkG>Z6lyZ;4&WX1ct(lq5S=!lly0V z@=Z+XVOdk%Dq_C{^i2Mrf&YiHw*ZQxTi1mlxVy_B!3pj#xP=5KSa2t}+u$;|1W9n$ z;O_3hCAho0+duo9ea_jZ?)|@S->R;usqU^`J=5>%wcd9|T5tDXB zRY`y;0&0g3+mZ+jcms$It!GG&Zqsp(!Y!O#=alrS<1aD6 z&d8zUo|le`dGjl=rRg--8V%ZTt|83Qpf1rbCZ{}7jkUv;|g((64RJ>5Hv zMxG||{uh>-lZ67--pNikro~o2lC=;`O#c}gVxfg?UBRZTaMMde!H)w$XAC&S?5JRB zfQ?yw{RmctT*bm}i2z(@e~lP3(1z_*R>o5L6-XJc`;q0Q_BfvRk^$MBp6)a4RWL0N zJPOZBKz@}RZ1SO!>X(={(&Ja$aoDr)|0w$z?83goBvVM#%6VRQBa%3LS13UmkS-{TG8W2SHr+FW;b|mXH4B8?CZ4ik@O^Wf`UDu@=7wwR+lG~1pFQ4_eaZe`r5H)VfGD}-uOE2k)5!VqeGq3#uyDx2^9GfA zqgx?lEX*ZTi{kR`=##=KQ+=B77HhV&n6Mh!ze>d_JJDzvKj*UJk^u6Qy;T0n{GFjr05II|}*}2XAavZ){lwsE=AyOIu%s;RE8TXw2d7U89 z?+aYus(dpg&q4+mX)29sXW;&={GT^7ZL)&4Xxh)!PftuvBg{O$Gd*wfU&8R zh;{<8s;nBPjrq5AS8b`F9o*dspT985=6_G!uY6GYt18U@?r65o&{Z*?;fdf{q^K^U ze3*rN{xa=g{ zfg3RYSkwOZwnh)w-q8=E6Gu0==dQ~_GNUs8!dv*iH}~Iog@3gB!3@Wm2W6Rs#nPuI zQ(hSA-)=Vy_I>sSmg3XBtf4cbq1$iU9Em*%Q-3C$^CGHPVRM%D*L@@Fu`l9Nc7b}l ze*R2f)7Sd`>Z$+Fy|O{nSBoW4-GzE8jx4aGxBTB3VolQj%nauKG|eUmrS!2pSL{;B z79HAyq87<=zOfzijzv*2S{<$&^I>`Q|2G33716*2LFna1sZ5V8SSD z@$v?X@az@{%M=~8)2Lp|+(B8%(+nSj9uwn(x~&c*zsaZgGz*3i@x&jmgNovn{Z=MN z7GU735BsPyHi*>H7qY6r`FK#qY3kXeJaXOPC2178(~gLw)V(&2;8=_}HJPsR@kQ(j zYUB^}^$kY1@N{5P_=%VJRF(CO%JU%!f9SDL$t zmK?f1pz2QhhUJu!4*|ijN_*10+SqSZh)Y*+_XP58(7AiplZl~nj{rNd7x<2G;b9zM zW7UTHtHEJS&YH&x02w3puaCvoj2597ZfZ&N+fmWwLxK;w-Ip3*PTol^H z4?#eB5g&*clDO&4E7-lX_EQP9GY;ZZpARm+V`dE%cl^mJE@SB#RrHIo$3NHnVl3KI zZF)_gRd=W2mtVur@`#_Gt#yPENbqT>1y?i4QHZo2NA|xJ^>l5~osT6ECkQTA>ewD$ z{9`l+*}@8`Jc2@zyEeIh**|rE#+7=C@)q7lwc)Ejqo}v#kB$+ED0C6#9R^YSPq_Ve zclehtbE$ssg@q3e*0V(S;k^yxEwK_~{aQ3=DI{3}0d2VPdW`u1t`x*P+5yV7LbTBk zG3T#lR9p-u?qI{$YTWI7gzoV?nZ8w3KI3`c6T3^>2-);gg5|#;6^OJ|G8VpC3Y+U1$D4Br( zGNg4r^WjTtI<(G4+FtG5T!bmAX596?o9poVhe%p&@cpEQ#)khxG5v%JQ;0(*24l%8 zHW^v8*3h^2*BZHD!kwQ3=iVGH5dWrQtvf>I>!%)_)OZmNMPp$+ABiss@HU!!lTpg@ ziNJSr8_s1|{Z(Z}n5pTJ0n3^r=)?i}mKZ*-zqZ`pK4S>5G!*`NzS}@OLj~Q)SY4cl z&}2ZM_~9mkGMp zC)vrk+j=T~V09Da{%qWrbUZ%w$pEJh>V(p{{asuQIk{M@b=_Z@$n?GINYn>L)G!(s zx0=a0T7kp%CZm~PR&NIyo&hF`L#y7Vnj1cKGs*FNXyu1zr84-16sT=Jh4o2uIftB8 zP#yU98HDWB*aa&TD-oaIKYM4_%d265b#fr7D+N?Ya?2g2=b}@lG*n>RHMfc_-^8+*lDFVn3Pyiy*{A1Lk-+6rV85x3?r-*D&=k->ds{^(eRy&`o`D9&S5JLDiLyB6 z$nFuiI1kEd>K+GdAmKt~NiV))S2dVl#}1%9W#OI3lkIaY8aBydAKN#6iHwE&j!cf9&kapW4YH$?6qr#4lCEfQc zu7mlIj!)RDmczq8PpE26#&@815E5v#w?%;`taN282*& zKgxEOvhjDrmz-~kO=~uRvNKy`-^+-~LQ!=WcZ+7R-V~4>>7aq*J$?RA(=XS?QCLeaE zVX9Jkwu}aqkLjtoO@SH*RZ()CR8k532cZ^%`1wIB0)=Vum-9lU?JjUWuNI8r$M6ZH z0)7o5d{H0hJO{{mE?^n6qr$qL^XQoo4?CRzyt(a1-6#_h8vX&he`ce_pe}AOf@p<( zy3>y1<(vC06wq()vVS#MSu1$Hccg#U6Z?bsb0&uEPr(DqWS$jM5x{0oKIX!cvRgCE zN|1mjSMHpdW+_CeZc#)xwYxB+5>>#O?GVkP@Z@d+Sydi9F%R2o`HZ<@ALZ*0zja5XX)Q$suU325h%Qsp-&h1Fxa|7tTKxnC|A}-sCDYc|)k49MSjmrQFV4(iaz-Zl9MR?t&E@upbw+G#}1CGy<6jhvXQ79mJqj1U;SQ z=WiEztodg`Yj8)a6&^>|V6b|r;ND5(RNhDD&sQ>{L>Mv1@-?Hx!>#P>**m}aJX^?6 z!~F?iYf68hLvy$KuHx`C_eQjqTsE*ku-5adr6|Ew6xsIWQsC_3{nW+%(xXB4@tqB; zkDo{qp_0_i>dDq1P`Dj;FrvGZzsY?+iC=Wd?MJBUp0_-j5ac%*A^z7bcEIT~;PvAP@GnQt)`dA)1H zuO((B?YZaoILc+JVgXuor;!R1EVVgR2kma(g9)hiJ`AM0mG@15+HVxZ*dpiva%~tU zFf}W+?j@E(e<8%K=CH3b#=OPiWWqSgxE~JU*TPeno2T9?XHSU_NpYILd2~HXE5+T- zqat0@lDeP0OUh#F4(_)BY@KM_>D*pzTZM==I=bcE_ReQ(H;#>RL9xC^Kh{q{5|<9=d~!Z>g;Mvc_-9qso;ADy}pwJtNz zORwLzT{*IYzzHujnV+fk%U`Am{)(SOj~$h>lJq1pexdCk`YTgACsch78|(BVAKT5H z*Aosk%ME`7fhp48c@lgzn$D%~;Xv$q!ADi&Uia(aAI<+_tkh^kWGTbQF zUtMFW0s3EzP?!@Wr6chh10&V$nsRWyd+`=MFjo zLu!85?>+mQE)(zLduX5Mw&2`L*w(uzpOh;3X<^>(%Vr^(b;Rtrc8Lu1@qAw7Jf*DN z@pn5$s&OF!Q3=8F{BOlpNrn!#0+$w_I1b-35^!SXDTedvT(axxaee1=WGW7Z16R8J z60#`=n~Z_4CmX?yR<1%(V*G|_|CCAwlP?CXt%<$tNO%_rqb$D9D_sf|0hyzbYvTqU z8vr6Rvk%wlN4}%DY7)LljhP;X*ST-|kKXq$)1Sd$_MGKDU?xY*TJdZ&q_Xma zTsd71jjW^W<=yF^jt|isCa1`}foG00vRC8hKh_9SAf)}9_J2Tp|bo5@~Rt*%nvJXl{XjSKD;NyqVUv${avM$cz7 zYzJ^Y3jb*0vGifu7kER~-D{9<9-FQDS?9og+T_N58U+OkL7|3-u>8PB9Fnr2dskAtZJ7PsWQi8P9mDRj!bbPbKmuXY?Q=iHM4z%Brs4>aC(p;7Mj%G+V$S zj(YxzT;*Ydj<2G9+*zf2|CEiNwqK>Xn*t8lmDop;>s==FWt2Y&s9O_V+7D2&1aWP+ zHuAc$CE3t-UmimZdXZEaA#nrx&(N5)lUUo*VQcD7WuVK#iqOdkyfXke>WPmpUAtbq9GcSCgXAuedh{FBpKU0aZ>y9$90FS`O7zC zK5cZ#}5pC(_+sSzrl)KH=Yd)P8Lz6FX07D+xrX&3*vwyNNk5Q8?T%Op(dcb%DY&ep>A z|B@PB`JMraQ37X-93r%Aex;t~&?UzJ1CKY$q)iLGsL-LAy@}HGC zVOX#}p`-D$MY{rN&v_GK8XKLr75c`*-d)Vd5JyV9E}<}i|0@3hFq{*U`oLXi+Jo^7L#KS?wM;SI0+H?;Fc7=E(R z<-&xlv+!@G$FqXm(Fa;cmEQMLv&^pv(lH4<+DFU%YB^XuzK!YI%oELn7c{8(X&)&J z2-;A51}VjWge|hBrd#>#q3pgavdjL629tjc`>4=UFfg~d8i3e)_a(>qj`G>Re3U?D zSK=lMmBWRtn(NiM4K=4EWq3w4?D68uP_PxJ2siQp*BSNq+&JkkFlsAm{svFb&o_7i zyn;vUvO61r#au3>-CZE7VvI@ z_%wb2tVGz-!S8E{KaS^vO^~-R=}xL#1$|3AU z_}zwa5K0E5|8OMg(l+FE_D=xk|1RJC=Thl^e%h)*e*`(+PQ$39+~|@^cE|!r&-F;* z@Zb*eg#AN5M)oZ8ThiyuMH2oxChw}b{r{`NiI?IERcI_ikfnGQB)DZIM zJIC`WE*20GsfM>LaJca@40dlQMWH(?reka~zn=X@itg$~kZlL?p*(H(B3Czi5MR{s zchg^r(LkTskhMWzv}i#)@wVU;$PNpWwB|Aesw#eyu)+KG0aueWOa>tcOzpe!Z8;^Y zQ)yHgRC`6JComsbL;Yl9J)PV1+wakJQI8rfg&|z9J)w~;VbagdlMRjlgsWt+$wntQ zYsJ5jxDK{&g835v_yGfvR4Q+KINclO1LnV)Q7U|V zSvn$7R$h%3P~=N0O^pyL!_K%RPUH7M{z{ytfp<(UT#O4YAfGoOLN&yQeJL!>!EkEPdWU~x|c;Q5_Rln2J$SE)9loR=`W@gP*p9npP zXUqBIT<4oD?}Vr4OvC=fl&N%u+jwmxd@F&Za_3hhUn_*+v9wM}O{= zSkIxj9nHXceDLhSKLWnfjSMyDt$^n+W@A$0rEBldD4FGs(&HH$&|ack=nD(wg9v~9 z-UtYNO!}Q`6o-%RH^_GQwMSo zt5>umL&Mb0HWL!`-DyH%PSyUqd4g&0mL?g`(wKi0WVuO*0QV{U7Y<`QYN%sz_fRG~ zp|lm$a$PR>0tLwKY)1;l5fGY-)LvSa#x|_iDq%p}vgzr8tirJoBiTHpPy1}E%RcyD z$GCE5ylf8l7YoP_RcMUjjbky15S_d~XnQ_Qnu@%!1BuVa5P$TDj9|PZnpb(xIkbLs zG6IZ-VJ}9ra6uy(`v1&#mDuDlc=AVQv{LALA-S2(72hN4yZq%nXu0^3S(R%3_z?zIvh0$+=%@+G?54(Q>h0$Az+e+MH5YIPr zx8uI0LILGs97+m$#Dkhz#Ds|+bmN{Z$GdW9X9y+3IhVZ8lg{%I?xXfdIz7KC*xUT; z1iOiUMnFw@6$NJ^AHjntC4oN=SgZxc>QbK1l8c-A;D!{%&H6grC1^P$9e1z5{)909|SPkz+9l2{(}V z>-DuA4GkKfn)p@l>umtTM?6%vdGH@6^D1Kk)8ou34^Ez737$IVoT_@8VRndIJkUeo z)dM3rCLIOrrjW7XU}CKxEh+83muH>#uFXOeeA|rN`s%=c`=c&*aXVr?4`khbqz>BJ z*lCRM{9cif8QxU9F|(HTZc#it(Bbzzd(lby>e1%60k(&k$kCxPaR2T$)bT36M`^8- zwF3M-qLYeW4g%x;Rd)G6q-#kxCSgh6vn1etl9Wg{XdK}!p*C(D%)`aavn7gCCg8}i zO-VV?D@`e})33D0Zw;LCi}@u#5o0a-6QgX8(ILTe3UGkclP}ksHUrfgl)<_q^2)c2 zF35a>Hs7!Xbt75WzV(6DbHXsxOkPAGp*}Zz8Wka3B&-8an@}dWm5x%-{`_EPM*$s| zyesblS5L+~u%UVlH95vXYR5Su>w3o)f!*HivPD-*oBc#$>e_P9Rb4qqIFimw;I`_4 zLOz)PR9S~6gPz$_54_pWt0SEu7MGeUuvh&1LDdAhN{y<}FE276ev5bp`K1-CQ;9L( zCMGw%|69&<0KpqGR&>Dxqr9)9EK~wL5u6m=`%7|FRGBO~seVH(80ByR(Rw){YC<%a zSC;v`1>-X)PAfKY9tsYgL3UngE(HGZ>DSRA$iXp8G9aNgmv!OG9{?h4)Cfbt%wk*zn|7f z|GPDVTxUXy!TvB$lp=WN{dfD3ab!v_hGqtV-D44Sf7ffx8;-aQi&M1F$8QupP{QNfUI82d;x{b;HpfFBDm9TsB1<{|ZZ@vk4 z%#s35L<;wr_jaJ|fq+t2)TAB>$;iq#-JAT*#fHzL0Vj>ZlcBja;R{<`Lc zEBTAF^Axj3gbn%*0)X*(su?)%cAMKcg3}Hvp_dgr{Z1|duWXlj*W8%I9x1Xv$^RhU zm**ko1=%@g*BOK@~HmNy%`%VD+Un9dvC z9&mWPx7^&H`-n+xnnK1?f8je!feO9!Sat8S!!*6_h@bZXwtWQgc;~r)puXxa1cJFNfURQs+ zZ>Uk1M5>Vs8MCMh-|)SH>u+{_R|7LwWxQkKE0}r543EX<#t6c?i3Z@b%-p4 zWZK%bY{!v2jj$#6=TpbDFD;_IH0j>&io6iJy%;e0bW{Xan+K0L4+r4|j5?w)tCPT; zvQ&8-KCRf*8LQBHo4^s6zL88WY=qo!T3<6J4aV|$akpROBV1gLcL*GSeBe5s9kG&> ziL0zt%xZWKNw84szLPsv-gM2(hU7}h<8_MENy!=ijOITet5lN8j+bk(d%zUAAG&Hh z^E%rQWSz;bjeZK6;#8989rI)z~WesK!)zDVz6|Owi%aNZq$0w@Z%!b*9SW0 z_3^#ju^Pv#YASatHGZQuG(dJoTXKY@x1qh3Sg~AQtQF%6JAVzD$lL6byN@DD$z!=| z>hs^B1R7uAdb_%CNeir}kf7}-VXi*%)9Uy_l$3$|pg^M^_ms46sK=)YKL0zsx zo6kp=c%yz#DT^bznJ*Zt*?=5-eJ#b@IchpoJ82iiNxn}ndRBgm#IXD5q6?} z>e8|D@z0n0T>`rvUy)|0-$r?egc|7HmzDrW{&hCj+b9rrmi7;XCLXO)Nu4y~1h zSpg3$H2#h1+wAssG`uMILl~fJ(^xnA(7ME=e%1Vm?zl%W6f4|Q(B0>BQ`YSj75oqR zFwqsBz7NGGSvD%gmWQ7{lroJ}t!FWLi5gti!xY(FPdx$p-2jZex(z1T6seDcihPA} zvIQBnVl#|S0eN1O650yhEtbNvD+&2WS$a2I@+gmmZ0Z=J^W^$Q-A|*rt=Y& zJ?J7$PT=T106oG6Q&I|h4qFLQLul-3E256cjHu*t18z#b&e=tMaC1r10juTYYO`*+ zC8MZJx<1o09viAD9<8aV5}l|hUyKhpRllO+d8^xI#N<15V_B5-U3f2D*s-SdKbevh z<$48ZLIJcJ>dlEoYkSnW?J0L zvVm7x!88eENf}j)xk}=uCgLFQ0~I|pEK$vLEWT)4;ip68 z*%FyKt}Rb`$60eCzrcXTzz~I*457$3FPk|Uecy+3RN#|>dIdS5L6$^4p z0+D6_2@psLdna^#9?(=y2(VppTR3{krzR^p-FY`Q=UncdPa@hWYa_G2fl3WT-OQC# zF~clH`!Zi+Dx$aS3BMF^V?ku^B{H3ed;F(Bk}BnunfE$-j)(2!Zk+@w5j zF)Qa^z!Z#>&>jifCxR|2F9}bvmRnef>0mSm$mFOqAZ3g0;&N>@-Co%D{8!oiR+3!8 zohr-Ywkkbr>y0#FQAg89xdB4bfDudv+`Xkb{hlh_6-JifjE+VAhpivz9(&vCUvNeD zt+EX64pjbOccCC)T}BHlruO<(vp=S5a@t*LuCFd~L(W7}jj%QSaqPzzLUsxyQI(L8 z;j<@dDj`B5BJH4w<6jl0d8=0hKEj9?=*~nRR{a|44(T&|AKHHFt%)rC3FRb%0NTDg z^_(S>LpNn&FA{#J{$BhpJcK;tyW(jb8}JFMo+<$E(FbMG1$PR6F^K%N zzwBbp7Z6A%oaZ1F*woLWD5n(sd< zo4%){d5;gbu|YqG`7Ko=w{|2XIvS;6epmi2n` zm`s9em;5)lD`6VwDup$qh`P*SMSbC(r9ja{{+u@!=dEEIN$KK{k?HT0*>n$1#71`O7z$)L^;W|c4LhP`p7}oB^ zWzk+eMgxc?Ad9Ue5Kil>1Ws(d1={QV4ApY_4p{aZ0}HcwK`PjB*@$Cryh1da;B}{jqhv32z#5IEy19!XylM>X#u=I5Bp1>4?iZxv~mj1ROma{soFWje#q`V=~ z=eTDs4t2&qSI6`8&h~nS|qZiZ_S1J1hen6 z;!O&XE>q@Q0ZN%&5_&BC4G75|3pz|2=ekxU+pnuUk9+`Y#+)CYgg{1uCaH^+0@qTD zL9>n!RYs{_FIrePHbFqNHD~%5?hZbT$r!a z%-IWP)Dj56O=61-!UV=9V*76+BD?oV8>+hsgzq99ja-udK7{Zn^+XpIsF;XvXS2In zWDGB)G)++dEPJ6O<%dl17{&22p+)RQJ88y-KOFcY#@%LLblSH1tC<2(#%r9>F8G%+Um&cZPiO`Cf9hg#BGt-Ujuzg=__?Em(owVqA?T&aQ@C$+k zm{AYnxVgIofmZ`Wi zM%Ko6Y0LkO8J)1G(A8ZWn>^P5xw)jWr4*%58$KIihja65&q%#8-jiu=>v(}S;TC1D zTMmPnZzD_ev%3!LCIb_1K)}-EB>UhPp?P!cE`IutZi{N(KL$)%{0!8tY)!hm>XJdP5rAWge~0AFaPOu;Ia7Fy1c-I9#6CxSyD?mOSY+KIhs_ zb4sov|4p5HB*E`Jhu%}IO1Ym8M5d)W&hPF!VG-yV3x^~sO)CM&f616NG9}4<R)xRN=K#Y(Tsci&C?HlwMl=Ki$#+dgXw z4yNrRZ4w2u5|S1sT=~{kY-+L)53Ql~Hwidm?PevhQCaX@uH#^vt7Z{&wa^5He;01= zXZg-!t%REcU=knh2(pwB#fjKlK=_n4DgA+e>@g3i5ssKNQ1fLoCl*&M*`xL}O>2mr z)a56hG&*i%{`$+pX3hNNq$R0EzQOsu1+UFc4XS$ty~&51tYZIwPK5?UF^D%5N`$C7 zEnJn;_d&lgn;a21^`{B#uVE)k3hTK&QS|w+OB>Ipisa`kxuv#Pz;{_kT%88howPYM z5?CexftZgM7e6^qh0OXaFb}FbmGvVy3y9Aa-nW`w=8Guns|2 zA|UjwFJ^=-B+3hB+2PQJp~$47D;rnPXOl!c^M&9cxvo1(qy&!44febVLdWs({9Zy4 zdL4K!4PN8BVsz)JVZ8`N!t>jVh>uPxWI0mTG`l924rtK{NB#ZlTNNQG!&r2ER&5x{ zBk75L4_p0unDS2F83`MUj3h1&IF47m6UZy~B_d4kp(8Ggvyu*Dm73mukp)(!A0WG< zEIGR8?YlAVr$ma8nx0y{kX5?zZtU#Ekp#UibohZIMv#IfkX6~36=IR}(K zk8zm^pGqNFpfk%XIj6u8W7U~GPD$jo2ixhEbR!S{I#9JCF%{HuZLg>nNqlfEDwTjy zcWqJ8n-N&Yx3DZ?{6(~NF1RNeKafNP30RJc9e{hb_Z8V&y*HPFn=lSr@NtRQ{%~8X z_4bx1jiYfwq>tM*J`*Sm`pZeFKZ%kkb~@%oZ5oI94UfqDdrHJ?uH)`&D2SC+L$F@K zMTP4jihOdvAO>0gTbpl4z=}i`-&7yL#(?uMvI5Jn#J5Idu>x1F452Xn^gpW7_lb$4 z_%}xedBPh}yOi`Wy|F6Ar(&r}yU)+_DPwqBYPzh4k7F285a-&mCBI7r!S}-L=Y!z& z`X%;t-SN*Ad>UlABo8&^=ndJ(AjgHcw{QKL_4Qb`Z( zO~xG{paJF9kLa`m!KjPd&b=YZ>o%1Hx^+AA+NKf!IQt4`2*gtKvo^d+0?)M?#7L_E zClPn1Bc*R~B^v#3dQo9vOjr$BPhp`-yuM~=8KJEm4Xw}A{jJU0{mvOdj_w+SCJ73M zM{+=xjY{XcR7N|rR`{vbh4{y!Qa}$~^%M7P#*wrZ7)BTwkK-~vD^YVoR~I}L&Z8D3 zgh&Z%jJm>gdkH^Gj~lm#iED(R<2o?!VV%?T#bqB6{Zz=`O(A(g;&V4DRu}q}ACfuA zNa)PHI190^A|F`Sf>|)UL0CAvZ0DsCwvST5R(!UKBhBhe<|wbpa*||HXU;Q>ool@} z8~a#5C87;@8`mjoRSOR1Z;GjzO4#gc z3GLcE2wSud9+MOL8Ff;_Hhh${i#a5Qh)DAbNk&w4dNiEMF1)lLcK7A%^m(zx#XA8e znDPjB8>7=F^gLtMEOizW@LuL9(X+Q*8Z=T_;^K;l6Xx}I&HLF1sU;5f1m1eKg26Ui zYlVzio#ubX!?2ZvRzB^vj*&Z!VbrC+R{NvF7}x#7hrSSVDi|eE>K0X*!RYWSQ1+lf z;z!sDvUiS{R)hZ2L%chiene+T?*0B5>-rixT9+$c$4f-75wg&yb?SIgssg`*ytt-x z^hez_w7t9wclzAT5B1` z$Ur@n4N++VjHrlr>k5qEBWFd3a+#T5OiY5FiQ-w!5~&__gFQIZu^PC1c0NDhCzqqwLu%7=xGx$nuuNy3sUrR>0;bl$F)evGq8c-}j_`4B?1W3^C zc#wA!~E8e|3xc$K*r%Jz@Xu`%xxC7JX|4WMe{J*t7OtE`X^s+F+|w^7FvB z`B~k^qlq;9^59QEMaME@Oranvaaw{jk%ctedhTaYm{CqR)8%RQu!B;J$$NxjE({jV zsjHO7poYm` zlg0cMRYeoN|2R}eC{ngU%(b>zvs`Hq-|x_MXY#p~<=KV5%>lh(J>M!mRf4M%SQpy8 zv}L+TjQ{$g|8n$R2ssoSLJu=SZ6dEYmfC*Xb0g}nB+rq=q8C(Qml3QJh0uKI#OGQ{ zY<@jse$QB)R^g4?`qzZSf2D*&9Hm9MT8buc_V;2gZSkDd7q|hxJ{OCNN}@W}i8mSh zO48*SK{Vf%Q}!?)<6u`;sN$vZcMKe>iFXd)xBzyPUVz69DkB9G#JO zHQ-Uh2~q!riS~C1`W9j+H5C;mDK2dCXVZm{=QK*_*5(!#F|p?gTq_W>E6~7XhqY7V?LzPQaLsODi``G%XF8J;{@)cS6o!tzF zKr&*FHX50WV6s`pAfIq1UgWt8g}6Ao2p`kELp) zbeB=S%6#OVYxTRGRiD6@7CKroshZ77VTB<7Bu62)A{5;hUWIY@7!J~*gQ59aE@FQZ z)~3!i^ye=U?h%vev@yE zy_opZrt-RBQ^%A^A&oQVi3)t^kF8v#JUA37p&mr+|9b5~2U=esv%e*ou(RwQYfCRG z9JgD-UHX~9em_Y_RpEge55~j9k8bSM+%^xPRN4WH789=S?ZO`*E`GWY6v!w(mFf2U zSbQ<~2~8}m17L!^A&B%rp;_YV{#AP&d7tS?(OFeDn`NPxHU~3fcR2lo=Z~KnKZpWl zh(hP{2ussQIBij#Ss*gqYYP#a=2psoOu?%@rcQIYsD4!Z1p4}f(FXd42KYZc1uFN> zXjae2RlVzoU4F*nhZ80`1_ZXOMb_UIL4*75;kYfS@e;a8i9r2>(|lZy~M&huG7SzixH4(60j zV1sR?-(9s#X19cunX%L6j)I!t@GW4#uA_zQYtY&>>)kEM@fz^K>LPJzZ>uoa=%)h6 zFKS$EQ)fVJ|l81EpYqarA9iP@3Lj0_Y zH#ueuMDbwVi7x9LL&C@m`cyMM8jpxwcIw`Lv!xSrB@i*o=5XVe8PhQZ(RUEiN&ivraUAx_#t2vCnKf#2^cuYZ^lEXSx} z;ZkI#hjB-6DktPheXA4!wZ{2slRATG$5S4WNd=toy%f1O4RXW82Wr=_#{Vhp)8}S3 z%~s&)Xg~9!VvP8Qitz)|Cj#@0F4Li{e$l<|Z$VW}FbL7)eS!!i_9gyfecSQ;2g{yW ze!kAwmw@FU^FNZ}M|8_Wo|Ae`_#N)|XlHI1TX`=1g3LovqSy~nZuTUfi|k4=)(u{l zb+tgEe-R110e?24lq1W7Ss&sHB%y&XQ1fiJ=KnZ!JM>NXYgUv{d;&6bo}ou zp;;QOU-sFx4UYkJq;LAbl%qxaO(jm^gQCK%$NZ=k8XeX3901EKXP;GCkFWwSn3mZR|3EZOvkHVb zHzmBoDrV4p>wCHg))6T(MK2LBl*+VUt6wyXAIw6G6949kdO7uMu&U*6#wcN!p%!NJ zx(gBRv>{KD3|p^Mja?Q1WmY!|5vssZ(lg=(NA#>OEu!e=qDNidZT&bP?8$jL>seu{ zDfd7XcOeYZ30^O?7J4|B26;#bC($8vj-P}K2#F@2)*Jp1_M|V)hp))|BPMcb|9wIZ zPDOuv#g&eHg%5x+f-dIw8_xR;>QVZ1Wmk;XTG(geeJ`a*#4R|9^D#9~Tv^1#JPzMF2<&yy)4gDLiQ#FRTv}hjQoL`Z1er z#$@}1L_ZO}ZI?6lrZ?;w8K+?^!=mt%a;g*lhtIP+fzc zjM`@b@pApQBnSn}ID(_KnUA}|yhN*OgHk4E49_QabaZ+I%9ff{6bN^?G`VbJ7`6jY zx4<_9p^gS}0Jrzya;pS{9g?a*4X z(7uw*K_8_3}lsaj9?R zt`yo=|0GYVX$;{^1{ZNP_3VByKP5d7+lXWID+<2PJp0hoY>l^FR>ya>>hsJC%*$`U z;3ZLpvmA8dZod_!s-98jBI64n@M(Z!byMkomL2f`g}6=M{y3j1N48Eq)MMKr1X-Y3 z-rqLx8W}6Fb)(tvxmCj2*%bHlN5BZjj|JyCXWr>N|Mr?W+rj?Szd74zb5(Z#2;z^# zLn91F4P;D^n^uh504DZqG~90T_Jts!CkI zA*!hZ8_0Nfy+uE_G!KpcCjp~>-Y*<9f?}N$q|wfk2G+j0b~cQL9RxA8RTytI^gpZh zs3Pw6?5CRCKlExU-_r#=N~^G{Q06i+5MBMiHRu_BXRYV*%Dto!)AcG$yeFxc9b_KM zLymH)9mu*|g^5v~3U0A%TT0qf@lYN9Q+Hrk5LppX7k_KUKN+(}6oKrpr2G3~e;3Z( zz_~-s@&BXj9iuDzmUrQfZQHhO8=a(Mr(@ez$F^O3x$hYFjyujd_jkts z+uonnnziPvdaCAAPq}Kz6Pw9qDAy8YH=5sDgt<3Hd*x~5^uvu&lhuwLv}C^&RvYm_ z^iU~;6WfxfZoL!ty8ggz9L8L$P%-Z_VE=WacPfwzb>?xSl^y7cGobw3T9hRFTc^z8 z+s!Rp5G4azmYrT$-JI9+yjM`(UcE;w2n)sQkD6PW%qP>FHyWzPn{7G(slT8$LSuJkF1pCWYx*a%F2=4m;n%uyu#_)*Hh- zs+0uGWG;WrO!_o zw6zxeW(7~+gpjc!3PEZus2mDOVnFLEjGdXFc&;t^wiE>8?DV3GU2CWaIiH;k$VrNe z$w~?mb1KKS(?jyIX#0NrKK(V{4r!+a`*{{2&|eOX7ZMDm&tc(%F+wEF<{M)XjP3V_ zFoIsjQo^B=L3;Wq1kv^;By|_Y_Ow^?KRB~sFYw@nY>V}Oa+hD8PF$v73tEXvK^~rz zZuj|POq>zd=9kyxeRD1yIt!qt)pACNx7uj3w944}so^B@dEqla2*KAff%-UlyS``u zUd&(+*OW(YiJo4%E^5P@9srUu&As0ly`sxI1u2zUEb|X6+)eL>qDuckl&{(CQ(gjA zbXH$j(5S&t)9+N0pIIqb*o0^2?-}u*=NjWHzSY3H8NcT5sm&_wP~T6yg&-QncA1Ea zzB)HRdYeN8!R8|yO{jo*0QJJ46*Ssy=;v#}$(5TMt8h{hv<4CpWi9VHEuAp32bTeh z!S@$XW-Y5pHZtj6gQGr?zL}iJ^e6y_Zd`(8v4CejMPO1Q9{pGz7brhPAuQ z>80+O&QdX*iu=r^Cw{b8(P2$0&|m-m&ZhtM_ue9AJpI=$T_kJ+o9;K^qL`-H zv$Y+IG*O_oWu4zeVj^v4F-#DvSthl&WG|ePG8_HvSh^F?NQ(C2%xuw1Y%(eAD%c#|pi?$T_s8K}{0QEq3R=ilr*ixKBC!^Qb5+`sv}yYlWt;Sx1x9GXYv`h_wG#PuE$E ztt6ly`6`Jt+62TtPf!#0e>K~!R9(0emPZQj+h*MYeK3lrT^!V$1YOTTw^|tOuRK^y zh7!;*qNQO);U93R+l}&+@3zqrqOV??9EAvmuHjhgBk&u?MVKFWheJqtLkL}z5eLVX zXna!X7XmH?`*1bl|bT#9mpji2SkKA%cf=qoxHe>9=Eusej$n3 z%n?JnXf(5@Te?Nl=P~awJR?cU|1tJ)^hLB|kd;tz1HDTu8aoMefQLySiBNebS*j@_ zjs?RUlU~vh%{d!l1jK_DmFvXkp7&Z8f^XS|v`|=&?~?X}vF- z^V_X;^SylfHy3^#j_FY9V=>Ya*{}}CnoWPAj&p1O`WA zJy}qH$QOfz6$AM^*AKx!H>MB}ceosMyyxQupKnHiICj(SbU7>DsW1Aj1HEQo1z$0L zgpKj7WfwU*Ms3~j*X66zr3JII^tQ!ow)Ne$ zV~6~>8xTE7T5p9O^wCvRNBA{n^wfyt5Q{05F6KGSptjkkf^GKOKQ?Hx_HcOu8f9&L z&u2|yc2s5}Q9gTx;S1e3d!vxa8eAqn9*4`ON=@Kb1Q$8tM8QOMz zulx>+RIjQF;cc_v9^|ooqdJC3OL|udCf0PZ1J}Oc@or=`+>5jMrY@N8L5F!u!*{6% z264QON2ZExEe1JL&F*UgmO$)%k7cr}GhRNARK<`JI>%)OJUY|dmpKc&3o)q9Cdlv* zgkSJ6XC(T*M^o;C^QU8h#%x6Dzy0~{nLn?S>hr<+;gBfgbY|2tEr%L^xfr~t^Ssx= zYCvwPy#C02z61iG!FP)fo}=>V4*p#+c!kk{hK~qq2I29K@|sFo!u-NoMu=|(TWl_` zKZgiAP)X3KV`E{(12!R`KIb;q7>ox~;;~~a7%clcM5rLF5iBa~hYJ>$A1Vue;Nd=U(%xT}Chq=pQPVhd zi3HlC8Bm~0Baaf(585vbK5?*EYIZt-^g6uLS0k_wX)i{g0=!(4c_eY_Z-l4xyOG@) zW``$D{a@z229<`2qL!pW<6m^QeC<(grVvEc{IM>^uAkNPuy}`ip)*s$DE3jo7Xe3X zZR5!386l*wZbD9*HuNc3MzvPr=jUG8wk3i!0}bQb^{DPsQIfG?teIo@e}ueGL3Wlr zTmR}LQh1K19``)AHr#%L{|NvWMQxN?ELKP=H5gkhz1-#e?0mLMsx8JbMS=za4Y7sC zHtF{U*#4GlG}9Vd`O9;c2xZt$N$$IIsY?8k{oH-}+&jzD>(V#-NsZjjjFV+w5`D&D z+9!*T8!@DXhp5-gLhLDl>nJSD+qycV}7^v|!O zsYFHrGo&=4>n0{|IcOZ1#cPhI;!9BSb{4Pr(um zf!i^IoPK+G0ViJ30f`)j08ufD_};5g2v$odfPHB$T`!L6jQ_-FeY^vYc!;Xr(A{g=HuSn99j(D@pQD5hI0*ZDkre5xu&K_a6g;u z6P?Cvdu*?5bjoJ17&xahlTTuc$`DNI5tn47DBZY*-IcCZLfu(}WLMWPJRN{_+9_~# z=$N1C-*2T5S>zrbqfk0@Q0JO}VgsS<2T%WoW(X=D0K@!me@-F-hV{>%$iU3}TP($~ z z5lQaIi9k0s!X~6ps*8CFZkJf3^kkz3q}H7l^xrZV1l4q7GXzwQwcgl}jmM069&MfwwXOZ*Q{n7&O3hb(#@Nrxq4zv#ow+z54ao3 zsB4Je8tn1yaC5&FB!3?|w7=`_An#5aa~J!e7O2N2V8``sY>BRxWSusRedvNanjX)# zFY?)NK3UH7e`5qZPU4_|ZS$9edEVPa){OoMs^ zdvbU<*~RR!iKN+=7_7@%D0!%1OCuuC$n^8qe2zEQdTWl=gc;DIw)2WW_=k{%t)MFb zo|n&E>pjKwJwYdy2iM2)>T0q5^cja7oE_FsF#f?FlvRVsB5%dRx;p#;qFo-rPQ^); za_7LLI->PVxjp=gkXREA3;S!atZ%CFmkKx`G346A;_(PVW=-Mi=X2UF*t36wSBBxF zfD7lc*=nUfrXFzN(0B~!`hF3*$Z?Mai1mvcq)dGv z=5k%-`t&rT#sC@X#``6xmvew1zFv}NGo{Y_IUo+2t8uQ3gN79$|3egx*Fr%X4NihF zqHr4A;Kjeqs3;2?QGNXd7}Mi%q67uZ=FkU6B>(m9wdh-pOhD6;yIV<#r;iuqZlq8u z2|>!D8CqUq1XTYu=eU8_$Ur<_SCg$4a6;B#Fgyv(whJw zy^YlYdj5iY4r^Lze-RuBWridnWNX4xmYI$AgR_mGsmo?zJULq**=7#RN(vana-9Ej zB)$)Wc-Sb^9!VS4 z2{^SYry_Me^Ie|2x~OT+drOhFM1YU=@^!FlQYcv#qgpSj&h9a&@ep6%n+mCG*3H-n z0+5jP&i$nmb9FQP0O7$J#99|Mv%kwT{Q!>}7M!g)XMWUU4TaO=d_A1ZqQHS=Ll}pw z751fI2KsTZUvMY!rLUK2I!ycvpKgkPcdhCpzT1=ItAQ{@+P!EuV}@ufT*~>@=XS4n z%27w|ey7q0JwZ&a#_r)w?YmxkZ%8duv7AATB4hNAtKtxTdc-*Lt^t#J2#QekwWQ53 z#;ivQ8^&Zhbxn`mPY;^}Dp2jvjT^PNk0209GinW{LIkI@@vq6WLkABI!|ihbNKX9T z2Mb8dDoW?{Q;M1G|Kfdqk`u$kMtmm7i?(ikqQbAm!0yn27Q|N}qu>R{;4L}=R?Iwv zU#jJX-!vg~H)xWaPeJ&d^9d;kAW^NP-U%riIbr z6xE%|T~PjR3fu|ChhuL?oE>h>I7-!FTLw+3yJ&$13-zyA&boW$=cMlsy1M!HYu;2u z+^?hJZcF~CH#_LT6g!_5O#I<_9~@X^OToknIla1sL7vKSCr%u?q@vP$4<+5&lMeRN zLlSSTnnGSovXejMbebT4e_qe2dq6_XrW|NyIXp?@v0uzDtb`37@akF+1Y}kVmT8y7 z!tC7cn1bLT$3!2iIcGK2)X>`sO)x^Y67|pDP23Gc?Da&0+xG|BRn@d(kL_-T0|?5+ zX_hl?nv^9Qa=s|cKbrvfg05x6N3 zeGl=QEl3;ugfU>4kQzPG&I~Uq2X|yA--z7sP`WEtI(Cs26kln&J(^JgZ5v`o7y+|$ zSl7fIMSIemPw{3~T0Q9VbcrZ39F6a^H23`eH{kY7fhV=4gk?;sZeB6C3Toz?{Q4ft z&cGVpnI%pwvN{@5k$~@Gd zk+{)pS8 zbG$B^&mO|R9w}B&fUu{Q@8c8lH&RZ2B3DEu2xwqw$Y9>cz`RUp3wb=B?AN$E0WTa; z(-2IoRrm5o_Tu4h9220`JVm!u15$4Y)z;~&PzJKDu2Nj=kFJzE&5?4qoe=@a$^_aZ z-{axevaWnlF3Us{PnjVjeyq$xHqH^CjBQz%h}_*BYZ4HP==_n^#czv*>j|_82yLgf z?1w<@HU9kH}vr@-x)df>p5_iE4Xdj2jXVflV*_YtYKezAB1t{t7$Dj80>} zqHE>wUTw$ps3$AJR&Fcd$WBsBq^-sD_maE2xfsL6_>SJ;l_Ujj_a1;CBAG%)vx^pm z4z;{EybH0#`}q*?#R+dJ$LefA#VsPXfw1Qiax&Cv#CEqUwcgE)g<3dt{4GjLbznS- zY__>-AW`@s{fr2NgB}x$s~(m0=LxI4cc5%T2mH98+zk(g+A3VQohpKhC$1SfFTw)i ze$K221NhqY^?`(0N;-)9fr7xYD>ofPkze{t*FqjLi1+n_9diGOVAA`e!G|5yPI;-R zkr5FQ(V*f#sf%GfUSEkb8%409eMNha6bpL>-9&XQ2}R@mdnrZ1HxDrr^s(E&gEWPtvHq*{z^{bCoP;nR0<+S=HOwL zKqxC%K%H%Ds;DXl!5-u{>@%AZiYv+C3DQ~=PB{={>!v`CPHslid4BFd);#VLql8tYcFWU(7NqYy`1mO{1txu)nku=)ZoMr$YPrh)e5ovJ_OXqp@@GWkU~2B}ua z&5#x{uPiI@4U%dr6F6v6qv1u5PXp`6zkx@E=hsk=gl=%6TT5MB!P! zsjc_@Q0hGb;a0pp4wcZ4WKEhQ>j(H8-=*rQf3!*b`g~KCpmBykHWvM8YfO~mD(=RI zWaaH_DO7 zF|BDcM+9d&$J2ai=bzsi5aGd-V1WZgt8t|Y$TTXN*$vR{TPEkAQy)t+bz{;W7O9yND8=hp_s zo@Rz{H-?UV`Tafek{Gn6Bj!`<96rG-M4q-lpfimuUWZsN8C$z&qk1T2*7C z_1I4tzL`|0417#6Euma1SobZv%35NP7^YH|D+FpjtsNGQonZUyY(+#)Yc+_Ss<7_S z)r}B%e=FjZ4BATwX==t;+fR=;&C(nHb9ARn z$hiVw*bfVCLb)Q^)s~L6l*ItDWym$Yih5HMTvWB>eLapgoSngR3G&{~cPW#JAmnOU z1Sv1o;%T2SWeo%715trJhQ%V*OHx?eaVG<6E32&iYuynU5|U0pE3&U>-xd(r#6+8+kWVM5BY{X z%Q8VB0+<;2QFAMCUwiJ#Pb#l3VPWttlf>a^F=*JQ0H#Qws4jRSHvkXWFa}O(gT|;} znm8>A&JXk}V)KCn$4-W@FE|%h;vB2JiCU+J=Ln|-Ne4B7z0Ge(yX`#G@+dKqb3Ee0 z^K}jiMR4lB(&e+d%tI0hbUp-C4JA`*W=2^Qp>^<~FTP@(eOFzNoe_k~{s^)pLmcT4 z{}SKJoAf%X&Nx`y7-NUrJ@cTKj}VrOhiCnmth0Y^O}g;uoA$(kZ*|4sVSFxr6at(NN^zoLeFrAi>`FnjE*)ex{@$U5`7ve5 zv?}E%@r6ZGvMm~?f>zkn1AN`UNMhvk=WC+ZQUcjje2}=^h6T0^9!w#>d^sHzpVMS# zUyvJO$q(j*w37Ya>1LSO+31a{q_vJdaH^{2{MBU-=TcVEC~397AEn41%|{140$4zl zWm|g;tKSi4SiM?5JvN=7T`-L5OYBgg><^gb0Vi^fFU@0LoxK0Ag2Vss1GtbtCKgig z{Mf~VEIorU1rCGSkkGd!JT6m;UdFP@8tA&PrOus;yFr$D;f@sTpvgq|h$rD1OSRcK z+zWs8!V_78QBqAZ-VG0$6167)SGrHGlC!#5xAY}zY+ax%{P-I zTxIm2s@o2TRyKd}?i{3|hrLXtoO+Q#A_K`{t&-nRY*t4%X7a3ygV_;-teoA}4HulW za7yGG*xrWgHNEXMH6vXa^(0tMm6BAqWTRrNCv3EWw=|w+q@3FlN&~f?^lCO(L)aG+JN4% zHRBdtY3)F`r}NlM(Cgq^A7s?&MMT<7j1IR~7)@QC;B>}~k(l366Y{|}P9Qv{Vj}TK z3ax2vAcUHL)h&1BC3%2ecZDskRuna!GXn>d{P|Ml5EFOdj-2JRrrjY@xlxTk5GW@$ zG6O_~H{@|bHAmls#wYFNv>QLF*T|SC;cZmO-R_j{5ul@mk5s@&Kc@B%@PS80Hn7#6 zr$mZGJSVF7YNNba-#Ml>wwa@Mhc8j{`Qne^S}snS)<6~x5H6`N6JO%5GpEG^1!>*j zsz$5JSRv4{v{SIwuQqiKNr_1yqofW=<2i$ra|OIYH@=l-93Gr_e%wl@_m@QljI+Wg z^uirCztT8A2sqPsfm2{?W5-h$kh`Y_ApamAomBp@6(ZRZ%h@FFS(ff{W=T;7&HH!F zg6Q-PZ+=PUu}05#pFsFnQS|tToHd{l6g5glyv6s~H`@d{TF(%p`@2BcS&w3$Nj87D zJ5ui8SKnm)J#gHctFHoyk_zi(VU*awEAJJLPGw;uYEUD%#gFGKC(rK^lfRh-LZ|4g zV@D_OFnsnPrtLmnU2c$-XAqobYmW%~mqf3d1G{z2tQPA8wteuYZ#h#5D!DmT-(_eA zb!^3;pbPIzTCnco`4QGwaFoPW~y6XC`wAl)kH38oFCgg7O1Lk7Jp$QY7B<>Iz zOJ|dQQ^ZeBlUElBtX+hEKBa6Rj<&V}ynJ0ota`6HvMSz4vVz?4c8!L#oJHZ^XzDeh^V435fefz zA{DoNOlKT?)#h=d@N_tEIuR9RVl-CabV^O?Z>5%6tHePl)Bi70;m@|Z7Dna zHeCz2>1D(h$O*RhfA{rSDh%A2yeX++(;L*BOH4= z%md^O;As(*+vi~`!=;40>`8`>2pW?#5TxRg0K-)k9sU6NfjSAMn#nBZQt;KQ7V3A=5MN#AYJ=!NG~ta z`R&DH{KN^9C>_^EK9|nF9cNk1%dO>ZZ`l0Dgcw~4bFUj%eKf9YRJArmCdXu@`T@WKwu?I~4FI>6B zy}5sG6}$bKFW|;o?k*w|~Gqcl2gh-^>OW$zg4DmG3-7`!#*%eR2qlN)lM# z!Zo_N62X8W|6KLC?hu$qMMmh8_9StHOl> z*$hn2r`mm28`6+z(XQj2z{g#hf7d~$-&LsS6-`cM*c3_peEZ9x{a+43EP(2@6A2?f zsmbV}C`WkOQSFy?+ciKLEH162jE-A!nTm>x@}cLi~j&T;E2g=7h0T_+y{S z{{vUw`^NH$@Y4r)wF(?ytE%@6q*`Vy>%0P~cp-YraF~j%s~I-`p2LC`E@Y5BQ}A-t zYl&a$BJ|<>Us7@(WMpq|&!GhRGz!##6;C$>E2^+0u!=bHL_BHooJ<16<+=jPE8)jb zujKD(jcd%}UEwAfT}YTx>jSlQggjGe;{@GPDm|M|bpGQ9f)2+(rDhN53Q4t(KAQ8?=?e|)S9klgU zJMgyDAB$bec;`t(pq&YWn(JUYIwZIq3N0pmTJx)aek+EURfhXh$><&$EaSteJbjtz zb+l1iL0SpWE|T<}CC>Ozv@b0vs4_?@VOZgiu{&5rMp!3-9>#~W^AhtL^%SbS zU6u!zcsMz>o}nvp2a?}TLQ+zwu4P;uYM|!(?&&lNqL1Z0dKKi*pZH;Z7T#XUiiNG$ zl9eP)D89|>WxcE5v|S2#kR=X|Zk?41!TGy*y1F_0)^N(#fpL`r(0s0nV3N>2H2qwOBVD*@5SOqp4n8O zy2trN#O~x#UT^ED`)J3J$SDLr50oXG1yX`bt6XuztF%;n=>IWV$s5)}N7PB4m0oN+ zJj05xE;H+67$a49AS)#A5CLtiop|i9o#?13a z9-?avIi=gVlvUb7+L1Bp-#W@Z>sm^OQa|xz6Mpt$2@xYWZEpq#MEHS1^@`yEFcC!5 zObHR}QXzsZ*HNG-09z4vB`U@f*ZGbgC5BU{HJTl=<%BKjlY}=?M9Y%bM9d3+ zVVtEOm3ju_TRlKD${@+26YqZZ*_!Bw3sl^b6nSoBc2iIohH=OoOr2%QN8L8mPBd^V zE3HS^##l8+$=JX~7G+*0Xkr$SikKg$4t8P;!~LyCrZ+%|;r;=YSawni^GT=IQ|;J5 zI%7WCUT%BdG#bh*Wa7x;4T$K#qkA3(7i0v*ltKz&k{!qipeP| zsmx}9kvTG&#c@$hNDHZ^hVO5tTbN>=Tc0u9o`HNmcDSt=-*P@TPbKDD_3N2zAW1`B736#9^p{LgR4k#U}p7;*7I{J-}ZPhdj{6*I{9k4h9s-{FTf^dj@cEf=&$ z_42o7-iRVaB=VWir~iv|5^ z+^MWg$TJ8ZWMLU$0<~lT(ZsTVLR)qh(yj@Q9A)P8Z}sowmNsHyH8EV8)UgMA`A?)9 z+53=m);sv=nzNhb0v*z+0wGL#t-$abg;70gust#g9D`~pi4_TS_6KdYJ>pV5#7SZs zUCd}~cedu3M{bX9kf5Y1am+5_B)a%UUYJOchY~+`x?hS|BxPx_DD3d4^`e7f^`4Pj z*_P9J0-FIrya>nAGmQvv)~f853XFFsVu}sSo(gY^nez3u6C;GG*v?iY?MOO5q7}!b zUBYG)4Z*#jNG9b1g?T#YlxsHhMPAxQLCvm1#SPap$@!h^*{_&ZigdQ2vhG@tS4^#v znLx+ydjA~YWLto;r)_%}d&j|sNRI9g%-Rhw3^Z@|5AZWEE-WV2Gg3fD-k`G~P#iis zsz(+#4Nr!%1ZE`$P{Gv5$pH0Hps`qZ{9o1z_}Wk&Q}kA}pYP|Z@zTLbR(?ZN&OaZl zIjfhb5eu^8x^K7Ow=p7!#)}|4W|+K){lxplE2XO;S*(qdObfAf#?}&N=oMG1nHVG` z)P`$$GgPmpJDjjM;vuNScIVUh#KL9b;OZQPXQpNF8(TOl3V*y|l#LN{UQi$UmRYoV zRcuor+Gujn&GAXXbd+?fi3SCUirSFSV)(s|Q0%8Cm-aaib)q!MEzFqHo8HK89S{hu zY$yZ^aT7S6qcP*R`t46Z}-U70tn6nqgQ!Uz~b zQGYR%KaYKN`&zty_9AqX%cVFx9?$cDNUvLRL>e4C$5~o{41VK@b;7LFoBN#f-E4_kZnKeCWwZ@uryPx!TcC8O$~}))ThNV1_y=k9r^M zKTgDnW?JFnpo70>j!&Q^)-QWJhM!9#Dfhz&Sdi^M85sBy0TMr*FU?R3CH=$=Sj(!1 zk{%>Jl~xiitXaOdaz)xC2g=uO9@bc_!g=fqleqne^L11*=ngME47@&nc@jtfq7OTu zZT~L5r>4uYvXd>jrvA+vZr}0-o7h_uRf?h})VqPP=0!s?-V8qLcSZPTFAXlU zp&PtjC$%%Vd}DY=I!O5uyWcX;)XPwjbvv?|wugo1YYD4x# z)4zK$ZX%4#yk%1Fbx8YhTNMek76=vkO95AxXtBfHRe`OC_I;%|W2N|Y!TRnX@cYZ` zY^*Voo{6cT#WW4r9$_Co((ZLO&UUAEGvys2jFRK@TNbcPIo(rnbE|3C(~Y__Xjs#d0vSV)3Ah%Hm=~`Yj4N0vJ6hjDRivn++uP!cXd+0W14w% zl$P<~Pznu_To7`;!)BBmUtSP-( z&qCgyuOdH#%!+D%{V;7oJvFen%NN97xnF?e+o2^t*W`=L zdGs|}O^E3e@W!{FqpWkni?fCUwS=!&6$k@-{K2$Qyz3ohiT@oA$J1I|Gt{J1wg5?w z%eGzS`0>y0labl8r*2MxflsI_OrcvMWbHk!0Joo_h_VCLMu&{od! zhgA9tB(LGzAa>7i{fWXE7+O6L*P9$0t})J{nGm--|E}k;Dxdr_Z)U)TeO_RJ&(kFv z6bi;M-XLg*pTYGe^}nDNG7v`t10tA+(h0Y0(J++AlBeYPBbzJ+PSdcG8uazC=Yui- z-B5$XHN7pKrZom#TaWk)+SSy;c3 z$B)|~<0JRSA#sCFKDw_O0nHKWW!j)99#32^z8%BBzS!99A^{J#+I$@6By}sEP#o)e zHk6U-kNt<8BoFgli0p!U%ETq8xgC|b)g7KdFbJz9obr2_RdW4IFLZpNSpUyY-;cMW zZx`%IBR6s0Jz6~QSt@zH_+2}jappp_Vk)!W#K|?=HBZ&xp-?+pk}KNG$KGFN3rO*; z2vE9CYv!?zNGtGX6cO2ey6fnHXCEb3NRGuI1X(3;EuHSS%@T}d@N&FaY;$X!il&PR zMAw)%*w4PdY(lMbi-5M-#>{(m#Z_H-lyZ1BOL7fm7Ee9TbG+{CgI;Fh{}#nEHY)D} z+b+?1nGlNG8!>62zAA9NF~x%;-_F{YPjn}=|2QN@WOpxmq8;;k9jb`+aE{?%L`;2{ z!p0I4;P~P`o%RWJ(;ONrIy#uk8&ZO9W0cp_^k=*Y!Y`I4*KU#O+FUlnCfu(M*OT4O zPh1Qezsu*V5-J8W<8C?{|8@MhLh`45fd4NB7@xmtb&#H^9xQt zOL%kv)Gt2&rQUG`6T!;4W$oygxMw`Xydi&MYDpMjO9wi>=NaZT&MWZnSyOIhIq;fE zSneG z#uQ|$<9*AMO=mAA^L*3*ouNugL{uyeK^lLdRB4)g{8K<&dSs!fuLy2AC5GCb^wv(6 z;d>OpdVZJZVh0E`lG@;+jI4U!*v7X9fgX!WYY{C3tpL>U4Aj&wbu$tcpQVLv?Rs`V zAFZ4-)pA71D=X2!!Urj%ZfHpd15BWSp#?E2=@v@9Lw>YfAd&BceR1X*`Eartdw#X; zw;aya2h8>u&CD|B)Dr^kmc^9?e)zZ&*wm8}ZdGP0%bPQ+7WO!I4EpIRO07&C9|$>T z|7xw;7V?rx_4~N<4w>C7w^q z+L@bM4{KlPElfz?YRRgpj0qC1x%6Vw#&%+jk1qE5N4Q776h+(Ug*01#`J(XlTC8g3 zqEqATvcgNNPTUvTl`S^3+_7w77xGh2Jz>W(UA8{Gh@@~FfWA|gkBSPcwPWXME@=Oi zi>w5r`>Ad8{`B|2xnl+W8nj6 z50m%1%wCRu<`5`F%)sByv3f5#_ClYWvS<+{lQ{!Nc$1-4Wl6r|T+LK*K#wq2`4O4D zUjc%$XVTk+c5)hLp(q=hCGFZbB7gf~$v3hMISJ9GcnTq>>UA6P+-(c`x}lLy{boxl zdo(mZ!0p5RP$33PMA1Fvr2nEW{AD#@YqC-?ne%amAM2r4%z>X!`biX-$8)L@r{&DD zW~^7t6?w;&O!6_UoomAba#gunA6=M&pPbpfMMo|bx|ZrY?cy9~6$~QF4lQ*yrSqJH zrGPre%(#)p;YslSmGAy1wz9Lhu**A`lGfFAm_wy*_{mMjG$3WIOL)KS+wS|5Z99c- zP;d95$EQ#iP!z(q!K>tM+u0>}>z}VT{uTTB@WMoF3v5l0YJ)^_T)Nw3D%)$yr=HOo z5Ycy=u&snr?{O%{T>QetXDrz=#_T$UWPcv~2WIuZF6o7dl2{{t&DP#t3G}ht;5576 zLBzrZQqX%=z{4&I3RL$k!J8Z@JT|#7?9IH#TannA>R;dR-|5@`=OKZAtw0Oy|LhXc zL+T+tnQ;}gD!5NG;|utrq&K3+k<;vvwuM(^QHhHAAYW2RJ>G)7%zBqK^wlFgzFGHz z=Z*gl7V^a;H_Q&uq)pOl>XInDEFyLO8pb7v<8Gt<3#zTuNH3F0H%!OjV9)4k%@;9z zvP<)-S8&*e^Ph`%|H4gQLq;AF#XLMAfk#?2s4dEP1Us{>9O?LgHO*lfyKM@6*(;L& zINY^AEOCx0UrDbmau-bbXF&3=+p6Cbw2;aF^hav%4JSUsnfUj#gx7zt@4pe}zbyYE zj*RTy+$L6Z9=dMxM;tyKYT|!pMqy&&R!w@fzIR?Y54Qipa{D(1KUaEyrky>~K3Rga z9kArp>3^_U{?}q^a{@FOlLkZ>!!_x9pY&hk|2e|_$H$i~8d+GJK^mkojs4FSzV`;L z31J^R5wgF(e|Z@>`}3dqLjU?*9Kc{A1o(UQ3<1)qC%QxLkWQy^EdS{X{Xd!>()(Re zk)a?V1|-fw`MR>?fUR>eTEyX5Wn8GJWbqBu=nb&_wL1SonGEOc zr?J%Z%2tkd8GVPZkog)yLaW)A`qvmU4vlF8DqbbIkuL-{bB zeqaw`x`l>>rGZ_hpj;dvm+$GEbv)eM{qwoGIBv$5UAh)SVn4m?k&K0@_=)T;Hunbp zyJ6dDK?_%fxGgIfe~(#1!K$pBhJ`e%eZ0xR?aOSB|2(Vwu^C%=Kzfu--%oeSYs5So zcVye(r$7`s*4KlAWRDQyuEXKxI|vSV=pq^=pgXLm0m?cr#NIV|dffh?a!5wx&^rez zoy{^l!Hx%;IQ;E2t(Lx(NbeHZ8U;uM?~EE}3m8OW#jO-JW`N_a*o>WPs_jb~G=R_Y zr+%}4TRkuQYS(G`0+_9k-tMRSrq*2YL-%M|d2`2OLq9?Dyg)GrDn?cjk1DSZ6cK;}s+YT$tRCGb=AZ6wUMcT%N z@HdxgUzFlGE^=}VtBd0z75hM8vJ^3iL$TWSDUO2a=+l=rz>7)drpRX3qvlDCg2T;! zMoav}Yv2Yuk0e)vR5<0%sDc3_xNi3-hsAJN&Ew2j1vLjB9x=HTxCCC?(rBikhj{p7 ze5k`_ag+wg9!GvlVGEM@3RLrh?88CVFTtY|cqk1j?dD?OpwyJxr6ZKL&W^!-c}xdI zpYf>N5tXTa4-fvLLC1@C;>YiXphRdOQ9ZDg5fUD6_tp-8Mr?Y7C*g?AVK$AD;?w#( zKI0(0y}BAv6QX<$Kl$L}->m=j?4^r=CZ4?{6IpsKm0K(nt{%V&Ri5|Qb}*rTDvVD| zjrA5ma61)%mR09bvSX7w+}(-F=ktm3zo{53gr2m5oSir*lj*?(wNYW#{1R48hQk*M z400bIl#q@FN`y3HZ8SE0&9!Ag%wZrh;~7v=goN5W$d7Vy85CH``|$7}@(Du&!h9Nsd=n4zk%n9^j5r&>T-{|N zAlSx>e;cdqqMl03#)jmr2sgX-lO1W|OIcmgCju{M>%oHhT8z(D^PN3y{)H*SuUFxp zy>Gw20LXmmb)5E*DqLd~f<=NjiK{1M?q54tpN-jrI)C2SA8}myj_64cvcsmuhrQS5 z9xfeJ$JZ-+k3?6abYqnX)(Ij9`Qp0esIceE58FK!R656;LsQWVP86WNDM!6lPzfU8 zCzFaUlgYq4Cz1Fn!%{|)eJ*Tw{zh!PG_U@W9uzA5wHRLl;mc&fcRua8g=HayH8h)f zv!`T)O8_EMD7vB=n>Mp7mK6b>f>*iD@>wx@Tc8~IKrHmEDs_(<(8WD$Qbe?I(1HzV zU~V;hCs%*TB07CS!0WL{X@6f~V(m&Tyj84jZ-8qZvzx0A62`@oFgG? zV?S3xUkyTyK=4XOeMDqy6cnM))t4q8E9ALd@R_C6aAvz(@Jo@z*Ty_rY zxgG0(YgY7?%%&<-Kad-Tw9L8fxiGis{NI)?^8pD@*wbXPW<3le2cR@d_su;KAMeL1BDY2tB8)(sIx9;p-3M zhOVf1h#v)qgj>~bq^hgA3N~_paVRS3xNj8$$Mq|!;SP$ja;SFMBHs=m!3C0Oc^_64 zM>Ns{mL2A*yt?RxQ>;Cd``vh|JiPQvaC4j2WhOq9cYz7UL(tCQ2af`7u=2N^x!t&% z8^R?^1-8)>|Ieg6kSRJ4sS>zu3)?py_@cTpID`k`CHSd4_wbPcJQ^Ii+nhRk$*^Cw zDejQoh^B`4ET2cemmQlai1bVQU!cC{C)fCDl47Ibf9Fg6a4&{cDVnZy3beTQ)`uZ zx9f#Cdp$AKm4a5LMg3iqR-KfX5)n_R567LVlO%IkU;#wtXt_v1FL=AoCt$k_Pq~;d z$a0c7^e;vNJdOLqz@7KX!Hf=C1MM)5pGn%;wU~|wh~k2;A3zh$3t?!ndc5uj@Ch+) z@Y>)NvNvTb^yA0QQ0!;RxNAgzYMo8fjuQEHTvRQTZ%fJACm`oVN=AtGJQC9C-?Hre3F) zfXSByY_?ox-WFtR`*^AWYGww2g7`u zH@I!4T=9`1m=jUkYx=n!A=sZ$^L_6EgMo$^>+L%)^iFGSV^Qm?W6qF9f|wosdhD<6 ztjJ#kR)B9AORaHbsHlX2>)D-9Eod<7t+-k!o=g}xWDy9wE4(kHd)bRit(v0tEZB8f zn~ixpvdAvo-iR<2(Z?n4geoQiq>SCQl<48@WS#G~ge$W&3Zi{X5o~FIvVZl=}4?I7y$ z&J&T7@(U%U6Zi{b8enQ$=!WFf6Z87vK}fdojPi<$W{sG1t6I_gHIJ!gNP2v{aQ}ka z3QV)!1*!W_VAa!aaL&P%b)~7_QVk7>10!sRkNoX~3N}$A(6K)l&%_KL!M$!gAGc3B z5^Kkn(GrnW6r*pA%M(3*@$g|=!2G&dxZ>^%mezYVkmlK(UcSQZA*S9rdYH09q!xb8 zh~187CoXK2ZSz?`uk3mSzWokASdkz|8Z@ZX;&zin4duPQoo4D+IZ;t4CO1i%CBzM^ z;qO9otwa?1bb(u2Q0blnB~$Ax1D)+f0_SS#rqblh5+3(i%vw7dOPWPfs)T2>NE443 zkx7H6tO46OX_X;t)4F{%a&zANYkD9n&|IAWvhKB<`{!!o+5jg7{I{n*(Wf~=X{krY z5C-SRS|>g`-Zq-b`>tZThcl#o$lRiH@3s0o<%H5J*gw+zQ2O^N_e-sA0bH_?2xlI+ z;gQKUY)Jm~8?=nw4-Ky%TF>So$V0}qFi~bOwcCxC2qjgIl##%|R)OUKb7*CWmZkW& zWPfvX>ti=oYpmj^ge;uI`XFw19m5nLquIz0VUeMDMb~G!93L}dnO)6mt|Zw{lAxb_ zx0dxM5;`x+U~!3Iat%)Y(Txwe*Jd2Sp{NZpw3Bhx$d4EsRk^P045m&fncLY`7wTnr z$&$L3T|VTPj=z^-%+rt*jMbNd4o-22@3s7QtU2L;t#;FW2S_{!nW8)&~N zosR6WK0pvOsuLKXUT@!|O@lC=hAv~P6?~ziQX4;LmUDRPb{jqKcBaqhl0_qK>JK0U z34EyINyNAz>!d^b=ZMa@MvQ%7l3~cyt48)R2BbT!MGnTS&fU(~H?KyWrw=&`;;l-M zSa;*T`E_QKR(LmAwt_-KjEsSJRQ5P6_lj zgAFLLM}_?GlO}++2u9pz16ec_fmY@~>-X~yiA?@=W?DvxLtWJRz_=8maI;{dMJ*hq znVCrKJfG$?*3)F+l~#IO7XQz!?d_y-Ru5{bk-TSjc%5y3*af(>qVwgUM7(sjB^_BR zuOt$`v0C+nR0rmz(G-TEB1Vm6Q?zL-W$y8Bc+ zJpP%4)D?}-#0`lq6R<0GfM)e1{H&l>P*{(^aN9d1G9+%8uv=$gP9s7|$klTMDL{WF zKHnQ=9ljzD|4Y2$=6Y$U)mICZjPJaP5|(1vWgn+Gzfxkrx%0^2YwKS@pjLa(1pLBT zvAt>JG??opd;LItX4?nIu#kFvArl})H1DTo0LxHU$+E2%<-o$+&GP?iuH(pOA zxdk209UwaLklN~sFEauYLHXe7?3wyfnbNWZN5Fc=tm1rt1>g@&$jvG~MyHW(nMypY z=oj?Id=UxFHJ<<)&rAzmjSA}uAOyLHEi~Mg%k^&;|G`3Wl`ZkkwkuFD2PK!*Mi6`# zqz6;|kCFvTg$~A~W!D`;ai%Ck-qsQ0ZAaHZqv&6#FB9}B`G$2HMH>LzaOd`?!Xd7N`A`UGqQV(NE@R!^g=x% z7uLXl%SI&h=#-AHh`FVDKDp!3nXSoW{?hq(hW@0YzG7@mTk#4I*|zU1wlf%HwY_`upU* z70s|p1n1H6B|{<9&8z_shmY2uwIXBuW~XE1`m;S~r^2?>Z9E>jF1Aty?MR`}Gb(z~ ztje9CK~GJO6qaukUYGHz6cKBR>F(IJzHx!B@@ixwfQAbS_6!z!R}sxL!G3Vv85J$L z`^cu_TBS}&NL$}QkHqbZGjMM`?ik{UVk82bx*Sbo6~U}ae^_#4xJD&Wo{d0nYMorR z`C=qMh^5dcY#ZIs3$zDjY?IyI9VY;vNm9 zVG~Cbi;%4C(~DS+x){Y#>bI~VR&D|ja#E2rA*mk%il*T&_kLS&V1b$r)*w}o%QJ1HS;Jw)1Ef?7UFCUVBWZd70Wj}Q_ zL)~Qm#m$k$RYBEPs6iraoeS}NL}$0_g#-v~Qhb~%4z8njt!KmO;1#9Bjz?UN{rCWL zS}XtTqa?LjYtIwQ^ef_Oi!d7Yhw(~qB60a{i@u!&-Zq-&g)X66ldv4mXo}$D!Shx+k{aKQ48~EiP7Yb62Oq8n6W|&K zyw}kz_zzYJv(F620V0OvPlZN*|5G}Xn{2D-!V*yJ_M1gVI(8^TjRgDZ`*ARyOW*`9 zOhRP)e}uWRh%S5$Ls3XEQc#+1)uhUIukO+eOQe>G7k|`u2=Cw3bU?Yzd?pH!lQ>@3 z->Cfq`{Brp;%VVABY!3biBwO^)>W>B&>#yRt_{HkOB`{s-&V65cs`9QE|zyK@uTuej|Fg;$*)( zMy+=&d-t0`o@*N(bRg7#A-C?PcU)Xj)Wzdwz({KAfM+X28#m>OZz*`yLQnh_&Xfb* zbDo{iUy=FiF)E?-cvwSpXL0p1GvFj#_AH#{>x%lD6;}ASON^lkarL@#f)aQ@yb3EK zlY-!e<1%=?U3Mvk#g%bv+E6^KI*(y#8Pfe?^pbW#>TKk9w$d9T3Us)9<$ko?V!y&b zRzA8@MG?WKCRJ>INZy1KM)kN0mrx?)q@7EdhcOqYOHF+CbVW(6dbwPn33RDkr{sdFDhx`K zrc{F4lX{5-#pd?F3IuR;GBg>2%#m2&fS6X`D@sy+b+@Yn@d1uqeJ50?`9S{xz6tQ* zWM;{yXs`P1cEX-{mS6UOBy|!ilrGj~WBNMI-+P~xE_+mne?a~CvLSjE!_o6NA3o1};-yLCyd{13hfG=$qf3inf zT#k0_3gB3SnXm=y5H6)}gzG2vXPcLlO`QV)dh!%bOkw@X<2(-qqV#bCV|@@Zdt>#h zWrR>ra$Jd3Kjw9?=Di`^+WX^Kmoo!)Yft;8jUF8prk|eI1MM}5*c-g~b8SR#E(zVZ zTd<4xjcJKeBb*hyiF)$7x1LwKo}RtKHSq*U5x!kgA#Pfmfr^~&yG_C91_C3C_giY> zT^txlxZSy`k`@#|w4$8*m-(iGj%((R$1~r4evn;D5239Pn>}_UZNYS4{pNx9amm_o zmPqGV$Z$i3Kpfk%_V5|$UOZi1JbAREBfF&H zoJB)pXq&Tzm~UYBLK{euZhcHwxb5RJ?ac~iiEibtYRl-Fy)z&!t-MV`jq5LuR@J#r zq*5E+j<^m@@&Ijr7T&0(^+uBj*}#fuCG1nWy&&M<3?51ajkYVg`Vjlvj%>P}m_d{_ za&rFvG46l*Y&ksOhB!DHG?`h_cg+oL-1VHC7BiYEu^R|jTpSN$p9i-dV|TIwpSd=6 zVI}`a(T6`u6kds?w9Jg@Te77C)|HA%e#)C5VoNGRH*IH>Q{?ed5w(P@4HSf)C*kwh zHGBSq@Vs2%Q3O`#Ls=i~gHPu&(1jlxxOxZuy5tHc zJmQ%(y9)kvYB^hvY1Ls(_;Iu&_w>*natZco)9@h8Zp-W$xsc$}!e9D>H zbi#ztYs{+jkR9#)c08L;3K6AUk3C&8_#+>vS_YFFs!z%g+7(qfNojiK4!w@~Sf)X? zGYg^`uzg>h*RI9QDA#U9$$?^h;)y^SKdA& z;&P^8k-C?AWu7xEOp!2&7D^X=4*jkx=1Au%uJ6V?XSM8{3x5gG7{0$E{kBIOdToo| z62W1NC(tYpDRVvB8uwYZhL+LTn36H|i@77Bb>TIlkd@V7lzkJ$5=aG%8Q7d*X4=cf z#}_3$zC_fVqMEiL291<{3W!Vm7VDVIKQqGv@KjENfdQ>0AM3=s8a3JV!=@RDk8W05 z-PVB|z@9Ge9W0|;=t;o05V)V@{yxXhFnJfLeZo6|2kUcnq?^P714yHSj*vYb3@}%R zOL=J`i0=&8~>Z;@c(QydDX*(b$NU5lsg0_1y#~ju^j+f+22>H>v%=1-x^QtnWrx-1s3zV_mKDtvpmovJe=D4R3tW!G}UrwZ1nE%x@k zlIH7S!>9p?oobZ6y-qh3OiaO;<4s%-Zi1YoUlhg4N`cS1TcghR9AZtnFf%pO@piyh zID&(?iF190M_xW55ka`P;j?yuEUUu%Sy3{VKd5)6c$i5SR|ZDDzFnKsmtO5T2Ja&i z1}+eUf?uQ`UXWFL-V!ERWt-;L6_YYzQLL8liL^61*ly-JsBca~p+=Qage}<~14{X@ zaRT;wt#)@ef3jNYrX44UU|4-P2SRI_WgVZ&l&ZTH5D`?6bMFqGl`} zG45`nuu2-;-nm&la6`uo9zK}t)jiuMk+u%&?9He3s-YhThYVVBaL14C!w*t;8njkn zmmr(&E_QvtnfigOdiE1_YZ&=*>KgG;_|v=ImRv^6=&BL&XF1&iw`aS*uL6!TLgz=s zpEQahSnX=)-D35$QM=n4c`QwfNsQOlC#a&o1c9M<>e$h@{HTxipGi}EYIP_1If->L zo1JvE9)0fUZ0srU*k&TKWLBUJkvCP7*M*IPa^9cn`!Z)Ds37Qx>MJ155eOrh+(jED z4nV(lbi7`hxY`|ASf2j)O}fRU9F2}-g7O-=TYX_Jb?;PXI=M*@EhY_;p7Kgt0mDcO z&MhQEPj2Z(U$LcfuM5ugiy$&-*KKPXVD8y#AeOz!q04t<@d0bH>^L#kcQ+#RZD2HG zQroN!m(Jgu9bi;{Wezi!5S$OjDK_6Nc-AH+D#~%xKn?h5sc&YpFVwZc-sC&)TPd8= zy#6>e(r!>p_g26|?reY&Y}8x!b;l9(q=q3*DxDRfmeU(EMGqU2xx&z4=8w=_T6eVw0hU4wvIFJ%@n! zZ2*CaQ=|rab!F|{6W6P<+vTuQC+^#)^74oRU)*Sm_M_|=6oOavlp!7FNcuX|Ry4`1 z!dP5M9|thp-m4;4yt{2XF%YzFAZH%cMASKdp8;(2Myxm z?}qqH+}0<*Ub|2kFpbKHJLiiZpDyLbc3b5vX}9Mwl#Xb<^a(lPCT#51%}x@J?F81I zRSphG@B^s3BXih<28_LRSC=3d;I@`34N;c4&pay&(o?>4KJ9RKIu)W@8)w?5mhroSj-DAC{K6uQ)v=`Y)dF2RN$&(kq>)$|Le|%9P zdUS-gab z4e{fmot#~FNT%xRG?IIj7Pig=RhlAfY~v({@m_ul9J!Jb=6Qcjqc9+KbYRMX<$GK8 zylGlbtflIMA`(IRJqt9pr&5~3x9_&GBe&NS%lE}`51kJ5@ja0Ku>(t*I%5UgSqLXn zbunYv#tTS0s0f2t)O96KQHOS**$AjToSj@r-wwAcAwm}f*ge^CX7Oe$+8yNKjS+R7 zDhj~sc+QgL(O=ErTKzfQd>TJRtt9nyWXfQCJGrXXxcprngUWS$A2`qT_SSb@u{TpP zqVFoWCXS969vIgdXQ46T-XGfuPfy`pV!i(5Vb#3V(;vZD)lg?F z^7kNve6`{b)8N3bc4Ak?JK@qIIA@Ngr|Vr*Sq&A=cUFxiMY;RB*5hl$mf;~LV)+bG z#*LA^-B}%M%{`I0-C*FxMl=!nV#JVgT7mlZM-|<*pk-iPoY+U5L^g_IYbc4yBCFTM zS%#fXZpNa3dv!W$2AFUi=sfpg4W~&Yv-_U3f_QUNH(VT1zcykB>TYm5a!_1`!pV~9 z+eeDH851lGK8YNB$>?NFsGFO{K)W3^FD*mRJD8-wn$UNO9(a*s(aaIM;@Wv8%a_y2 z7S{AwhTdr4fTGhI+tBqU8oBi}$N0IycXo8M)N1+n)n9{xBwSwhJ^t%*Z26&&8GZFN z0(^fn)(3@7xB;~a88bbuIqmFd?)2{@u1cNkpv5ttFlCEbrw5uXUTy!%be}ul;&+4egk!B4RB#m+Bux0Hud)NUJyBi>{ zrTm)(`_8P*5cp_w<%_d_#Ew$Sv2pkRsdb#;V17L}hl&<79b+|q0)Jn0Z`E81^18=5 zTJZ1-wicz@%nS>00JU=2$&}vg#$IDhX*N5T9BcJwuZ2OSa__^=`lgITzG%JRC`Jw z+WRT=Ij?G{%V#2ng{&?jWRYRtoMK<}P{nWBk=bAk`y})O2BWleYb@-D2zpuDm%Fg8 z#3+!ViM29kX7ew`mGIc2<}A7DXP-E!`9C)>=I7?&H1(%b_~ZVk9#VS*zKlF6J3A}} zWhfz7Nwb@asA6uf&cuWsedFgb15d1I=x9u9A@RG>{Kc_9YWvn9<(A#0?cizy5)Fvl z&D(K6LJu1eDQu}*I{H=M^8yS@cQx$wZM(7V6ViRbvlGMTW5AM{B`XFzn#X>1Smd=N z^D24hODicC*C+cMqdK(6WSL{`cr^c}$jsS9wcxdfZt3PR5#2(GXEHyl$1|qvzHq9w zHCD@IN6Du|o!;V(Wqk;Kjeb!tG#o+!S|F#QRq;sqHtD5^%EQ>r3PHHFjjVn)Tq#*x z3PCtSr1y?UhA{yq^g>pdxVuSe(?)M6J1KCiNc;-JPipNPZTke0*kdasc#iFJ@|LR% zw*Kw78-1i|KZrE))&+CTv-rSBj_(u`>HY)lGU;zjSQ`?s@bCI7v9i$hI2!n~)WzrW z!l2{}*kIl889VfjV5W%?fg7-}d(wA>Ur~`mLtLG=%mOrLFejUAzyfJm?9~CyPIkz= zuTyrQOjLC}Ki^K}fO?+>wV$1;7zxJWcWRw$G$DbiAwsTD=SkTVFY#%$%%+C2>_B2U z+Ec)~;vB!Spq3b`fl&t<&u9PhFC6iDn=~M&FZ9Sn>HVfH1e4?91jR$j(5z~#Mao4k z_in5zr^_%KCMy4Vyi1lOJi_hBpcSdY`L>E-ttT`X-Y{ot8amqk5AW}Gjax!SSzesP zCEE=9=aJB!GbRb~OSJwi<8boXA5tK5%sF=dZ#38=GZKCVgggK`dpBF)Lw4z)JGz-< zGpTORw%&@QQSDSPG(W%TxR*=rSl%S0uuoWlJ^fd9mRNiLsak6Prm8luXA>+?x=mL7 zA%i;0p$DWb+G1nYc;6!Dr|^bDl1ggwC<c1RernFQ%`>?Ku0lDUAa?Q&ajIW0xev)&fls8>UC@s#R`1vhoTW%U+jd=%v78azx)`_N24Ryy? z8$C(0rb$j@CTi~khD-#~%9@p)1LFGN6b^K#Zs0<9^1Z$fF&u$+qZ3?IpE+K@1M~VeHSLMsEGI8XaDNUi@_Tv zI*o`|4rVVM22b*8F>ZWO%~%+vN9b|aFn#SpX24EQi-$mK*)fr1o7A-8Liebrx1S4&Xvlj!2TH+ubsg>QNpxJ{ zR@bH@21faDosEaS&HMZO;5=7TMo$j9XBOJi*z3Qc?|heMlvhRSqh$oxkNc=*lhQp> zA)S_(y1mYMkaawRIgrl8)|3dOM?$AZ?zugz%62Bs^Jtx8LvQDbe1hww!!9K`%ToqB z0w^uyc3I$ilQNd;w8tqp9`5hLhbJ0;(REVPP14@m?ZPC ztRg>5A+tXkp4}Q6GkVU>e~ry&1F2XoN9uZnLzieTQABhHVcPn#Ru*-C3S$>_S$wCJ zLZ~a7JyV*?^)KiT1{O;hP}j*uOg5jwXY#v1*K~Tq*Q8DnWN6@sd$D7r@q>{L55}-^ zJ-v`mnd46Wki33rgU&olM~7{=a!{9yfOekYT;4U-VoLrLKd`vT^cWzOvOiu4I9YIGt_%|jSry$tu!$`MjeA+#i+>foNn@wrGgZ7g zZfd_0{Ewh|&Js*%;OPs^?LwG8?OvUtw?kQ!m;+3n4QsfA;p{O#+?UUbFI4{WH8_`{ z^^+xD&$fA%VdusaR^vM))OEUK`JGpFz#xNm_W=?;l_%YRz^;Bg`3DNGurZqyv2Pr- zh=;3Zo2ZxTv*K`+CUEdakMU9-92>(DbazI!OreQ^m=3$t^}ic>S!Gjh2KD_;by09b zg^_pnCPk7nvM`bDuz~Q18M!AEEWtqLv{9gj>D4D~LsA_lPwf$#Db^JwM2lDGS%t_4ZT5<~ zR@9|tS&x%e+}s;{(^fxcV(_7m+GfHFbACl)^2JffE0a+~@;Rn*is(I>FV4Bb1yYaE^AB5(xtiUx4o?XC8$pKJ}9&+ z{0@fonETxog`fDYxI%M(nJcMoMfLOX%iUIe0g@rP^?nuyms#!+e{}HPE&%S<{BLbd zJ2rGw?^|l$W;0$Ld*&7_B*Ijg;PR9N0L0jKz46i=}==;r%O@?2c|IPdTKi|ge z3MppMw3d*Z9Guf*hj=uxR^9f!EfSsxjYSiG_mgB9tVAMF7NK?N=W5|-Y-U6~$7L_F ze*}-UVHcl*1=WjRNM%hVd}Y{J8+2wwT}?j3e&L~H|LrvTzu+OSPRK*q>kl{Ez?#3a zd;e80_Qx9XaB}Xg2Z`br(_i~f|B4`QXoAzb{nFg>;`n=6`Y$&!jU05@G@8_9$iMs3 z{^Mb=p$Eh6w57N02K=`M`4bIv*%2&->%iYOihmiRJ~(H}Cxk7|6wYta|E)nDhJh|~ zgiPo#_;1Z7d>Nra^$G?pEv=_#gb};$%8TKzAmpM!NKDXK*vgP1r5J`pmOHE-q~%tm zo-yb&4;h1ahD59FC91X&(Cp;HmcijEIJ)EBKU~_Cy`ny*vI)qG87xjPWa|fH^gVc& zdOgAls6y};XXyL!LH>LHmj53Bcp~K0h6meQ0C=6X_$SODAyx?J_gw7LC3SYy7Lt-Y z;=`S10~7x^FQTZ6*y?_WmQd243lV|SZ-mpFpPF8t+YWUf0rkvC;XB=7N_u7A8F)@J z>>m`d#!qJ4MLddxe?Ct$7}B2P|HFoZW$A|J(!GJdo#+GS43c2zRr#eA+O#7y6qB{m z#)NXU$@j`vEp=?lrB4AIpaG`p7_kYdL>l#Yq4`!ptRbcngxnpU zEf?$?LX4+-%y5r(=-7mCAF+6`!fFmS;)$OG&5TM7LV1#k(Kd8X1OszH8isc4gQDot z886n$P|3f`5cPqOR0vxZ8vkMF@=FJtm`6uI6lG0-p`uzgLRnNP~`VUiZShT z0{`5Dr%g_c?FUuc)^BhShpBdw03=x^s&EhJc*qwmY>Zh=r&bW`IC5E6!tU_*x< zmR3Be*xP|1zgythj=VO?{G&f&zwumtgHGg6lt{aC5n6{+ZKYojrOa>lNmbJI}XV_7pHMOpUqnGGwjKJ<;fYUmLsta6fei z)(!L6jo6^?1CP(}{Y>8qLN!k#jth%g|HOOVY`hC=?%Ucw~aTYQakw1`>D&DQxjr*HJOj=ZT;W&KYs-%{~v6fJsI#hmm;0_7K{%E z&4xd3Rzu$BxfT?r-CtsL$B|)Qj zBMfM1M2(gQ|Ab4DFr1ta)2e%VmEKoKQ|clbFgEaX``3lJ4SCi;(mTK#wcDIB5eLl8uHXsy29@ap0;J5+4>yBoCUp0|2$ zCm>P*JLlffSCHjzv>%i_tWGT|iqA76AHf-HtiMAh_m4>aA5C2IRK>0l@CckGdohbj zng`ayLd))N&#xobKJkF293ZZj;D1>b|1U4Dze#R`%JBa~N);I_JH-!pm|GQMWj*q2Ep)%Y$@DJGNlxVz}zX+8CZ{UM-;dtjauh;F&K1y zVG^XM)C;>KfqL6Vx7^gfjYI2NL(b%lk3?APG9zpq#D(g^o(j`Nk8Rv18T90lU13&P za^##yrZCcb^GaHf+NkNmMPcmI zXnL*uIkBsv22O{*xGiFCr^5IL%jCz$pCh4!6Y(P@uQ=vnZpMIxNrm@~8)HqX3j*X# zcHQic8ryKm>El<)JzkC6Omz@bl!tz+5O+p~Zk@LpZ);(8!{&K3#%=;2)!v~xeaaD# zOexV5MdP#gEwfN~k6B7>3htGH1CPqO`LI%OAXO3IN^R_EpMD`SweqgbdN}x1bWkg& zB!~+j9#@u%T9aFgq$y*3U0?D`s4QTw$#u`dO;_s;MW_npI`fdqz2D|}+57M(QcYDO zq3*yGZ#<;+_tuWo>c*DA=tMKM5u1W3p#jBN|KKsPHeXkA??%-MmgBNj`L3~znur<= zvjio(8&@B8$nG;p^rlQuj65i!lzaDE{P&A-AvBj@-l5|~J{>oj$ zaB*V`esr)J%>~Szir7iJ3e2^VFg`qwxqubJBzdD5mpAmUC#94on=WQ3>>m&W$(Xl& zTdnui>-LuQf&uKoG~Au|u03->0t17_QIq25AVQ~XE^f<@$nFou1yxl&7e+`bjomo8 zrD>?>cQygyjkmzKR*Ps3pk-{%@Q+=a1#VgQB}J^5D%I@lR-yr8ko>hZY4_IRw; z?LqJH<%1G_xZrBoW8UHyF#!W`m^F9*I^V$pgzGe$ZueD%YwnkeKit}GGr^48)y6L` zP4?uw1^r)U;eXNR+i`;@fc%%&1ue|XNLZSX86Y11qYH4*t$3U+&0H=joHd;8OwW!M z!knAjzc`OCT>-v>f;29lv~7q4_jSNwG;_1={t`(u2N2-ah72Ls#I?%m7_X@I#>!{6 z4oWrt36p2Y5n~F>-AWZ}ijKS)imuZ{#gZacc=~*Br`Cn*!aA;v0OC3aU0)>%P7#Wi zR@#b&N4GMD9gr$1t$5*^G+E0I6*t<^M)kR)PDDo74sH7FYGZK(1#kUoXpc^JXJ#Qf&j1IKK`*MqM#s1-$EiJM-;Q_?x_y?* zuY2mN*$dLl8cB;A6gdwi+B#>^?i5z|iquijj61lfzbK~twWED-=)$MEG8CjPBkK7k zPWt{X*M#E>L$O3Xc3`4VyETY4GZMA&>Zct#Gw4>inG|D9M;4DQ?s$?PSgjKJ!n66* zUZ>}07*5D%m{|9D4Z{Ce#K;}a1wB;;c=Rbq<#4x!NH3_!W%HO!X_g73Xw=RKlbbL) zPWP9J_${iN3!}FVW`nJrxEXlN5vPCrW!LKz{_Uw+j9vjT&l6<5my3Yem_SK^!rL*A z+h1H$LL!L~rPjvvg_mEpV4l({JMK$YUBps9_L?0@WoT0)QP3Fzy%8wdXZHd!c>&Q# zhq@gp#r%xa;KI~OFE#A`!_bVeQ6xSsgd@Yux~f@Ahm;7`p+FOm?`d`=3}bGrev!#V zQCPHViBcrLYd8HOW~J!@g$%R{ZViiy9SUKHG?yzh5Vcq-{6{T@ZmDb5@jA=jEJ)4= zwN5=mH8gEz_2nX~vJMY}JFCd()*W-%HLpAsnluIce|9T0IU(4i<+!BqErQ;B3>L#j zKeqU0Vw+QdY2fIn7{@W1pk_oM|B7op6wlfy$?-|EBkAB_6`pLe9kWkQLVx zjab~NIpMkkuE`0SEIy-6$2=gzrBO?aLWz_znN9KcJ-+A-HYzYWb%x>1JhJ1nshwok-*$d3TaAiu@as-umX{GA5BvOcwHULQ6o&U=1(sKF7=GlfzvIUY$Ko)?Z`7>3{vDT zYQ9=aK$&zQN%7TM?OAN}0Ex~-2&%M_oA;8WvU2Za`U7LDheS^V!dM?g_yrgNk~&O{ z6qv7!(u1bNa2wJS89h|~{rs4CbZpmy{4(|x6>#~7zy-C&-15kC^De2do=5eKhEZba zY;p*^o$XIGP!zqJ&G6qkIk3$K^CG#D*6eVTJkUZ-+=okQAMJ{4w)- z*ukWS$LuRS5jo2x+!)xc^)ceP+{6rF_eEoG0^A{S_qo~wl=DSVd5`$a%6MK3pFuIM zt}=WnFX1yXk4lVQ=`eZrB-DOU;!khy_F)f1KNQlC8YLEKYHR>{3RR_63(7?8!9gl) zFYP?DnrzDclx(x3H{^Co;DKCMnJ}xPaY)ee+1yX$oK4*^(=3G zV7fx`!X>=OMgwhE=G);Eh6WyMhP=lFV2Lr8QkaKt9}E3)6zaq6-sN*QconYYiN=?04td%7dbg~v%-#aT3M&1&Yfk# zVM6t&Cu(RJ>+%UA&?z6pgHEuz5hpuqFh14gi#xT6mRoN-o{?ta#%Z1orL)&;GT8(r zRu_Y8tf%cPtpt3iSqP&i(`Q%MpT%QFOe@#-u}EFvB!=5f_8bjt%<#M=IPzPYkruTv z2+;T9(8ckibPumi`uV3>z)YCm-UH*sG6E=E8gD)e0Hlek8~eWdq$?Vdj7}s2-%It0 z2!vEz(BKyUzrW#GWAZv^cu);V%t^p|q()a$;&4*xW*+0Q2@dRj{X0Um!3?gEyo2D)}8SAox1BwrI?3glG zJ^?m9E34O*;O_<$#;xPUySA_LOw~ck2G^h@T&{*l?j^&T@rS7OKIkztM7Ir9q}6cU47S{x>7^m-ETdCAaw z+O*^zwIU87BgJNcmlWf2DaaQMR9W<92k&dg4%HymO2G)tK@a`5Zg&ii zAl&!`S#UhgB`HBlM>PmxaL&qJ@}Dj@4h(6pmiX#5V881g`75_>bU})~RkTBpYb_I> zSQS?XHB8To3Z-g`c%KeqG2#HUs@h_nBJOaK%Oc)ZOp-l)D{>`#0Nd(3OgX0ADXrud zOZvQRPo&_Cm)DAj%Yn^@CN>pJ=a3n{s!3JoR`pe2bvf$Q2s|EJ;><=3Gob5&B`r1j@!Ljl&YQWQPeTR4 z@HI2!lN;&U7$Or4!&mN#5Mf+cdssM>zC#nRL@whiUt+Qa!2?2FFsjm)$SH@y^z%xX97MDnZg6Hrxy|<8T}tl+2rR zb4T~%X`MGw>ymCM*8s5}i?!1_HDVh)4sFkR^7``1svl(kWme+!Dx5dyH>umIZesWc z-;-)mye>G%!?s4+aaPKaB|(qZ6B$9eFbbX|el2C-m?T-%hJ@9mjssXgYos0~_nmNP zML2>bV)9#8N@V2&X{l6gj1wSyvU8Xy(>6B?(`Y)>+0y>?^BULgie*-$?T0?K&*KZr zTh`J-#_QD1#t_jRj}*(yO4!n{ON9wvi^3-`2O~{XoUr8Z>_+Y2P$^D$1yz!sdP|X@ z?D_R;Aze^+wD7gxwiIgQ7k6;tel3gomIw_wn)~{|(}@wDn^QQB+AERufF8}Ht%M0> zRRcF6itF%SQMm14^fc}P9kKklb@2b7YQH%u7(E^z1rq;?zN)&H(3cdDKX=3bwz?Y8 ziJfsbN&4HjTQibpoYB(BDR_?h(*$jmoI%EgjMnaTtXLEZT=9T~Q&aOUL3m^U#C;~a z!Fl&i*tN4nTv|Ovq{B_s(HFb+#CpFf98}0g9s+j*!3Rv|d~MlPw>+g*20Xj`yl4(? zlN4z83YtFEfc6(`O!lUNDN{efu8UE=tmva}JV8g6vSwYfc&b0fVFd7r`WkxP*0?5E zikAd)+Ms@|6W9%{+cMGiN!D}+QoE**$goKzSPOp6$hbKS=fRZ=2yQ_qqNsjWQa}f| zt`r;7->H$-Heh2>$L>n+#&Lv0EOz=_3O-Gbsqee;h=^G_K`Tn5gz>lU`6%BaS`SJAKzqUDufz;xBBG0qzswko3Ac5>J`yC zX+Xhsc{(OAD8P=L@omO9I`XPV(FOy@!%~;P&1Tw7H%KB#YcC*W4#`raxjZ=N8EWV9 z`nIve0V1hPTU+$ZGEAMfiPrIE?y}$9QOW7M>nOHyfrDI!^822Sx+N z=c1C<-15oJ`Pmi;bZVamLwQ6^IZ5x3gTqvVsnLx8+xDRV=Ka4$pA?Qra&Q8v`)YF=&jp^pXZ=I_0>MlRrNHZmdKm#JR22p{o0V^ z7&#H3A?~V?lvz5wI3}p?6(j5VDKD}#?Lwhl5ht;_Dohl^+?W{c{*`nJBUBzA*|Y%p zV$pdeXF2HigD_WFQkW)c0Erp>q&Uin3Bfe4FuMalPEdNROMm(OC5O6r{*lgRKH z9US-01q?^zoxjn-_r;Bk65<41eyfLyK zbQs=KOL|6v_Vr48``VOKlh_)V&q_k}vtRWL2+q#ve+^io&`F=Z zu(JEB^3!e)?kBxT{7Qho3+BP$USLf7qNN-b~$OQ4`V zd-U^KnUd;URR0&k!O!EkUsL^Pg88*N;O|{2?VOy1zkDI_%8WKE@>qj+%7SPu81H=stQmA=v)9G|Z*QobBv&RwFCaJG5a$D~6@% z!#y7zl=qilIK$D_46)v6=%X3C$X)sZ!Minuy zq5`MsK2;vAs>W7QCKcOs{ImLtTW=(ntW*;+LF-g~?JiOC@oRjia7f z_!HayU_)&k4wbGsq$F{fru?x6kC+EJ*>*zLavfpY9Ib1hnWv(!0ET1*PpSG-&}z?p{>434jyG5h@z0UhRR)m3 zl##>STa$g<_&F$h$yD+zVApUn%DzsYkI~pE1{H^_9E|Ts?#pV?$IgnFQR{blM%#(r zKun{Y4o{X8s0o%0O@Au~)Rk{MpXNHMtWS06H9PG>+N6E}aU52|DqT4Uu-!(h{wX|; z%jp}34_BK{>Q+_0vJ++CWKczBGhh|b(9{TD#F6)>R1XEVRP}xj?-RvOv_G0-{vWix zRajh0w=SGOaF^f~Ja};T;2zv1xO?O7?(V@YxVuA;;7&L0?s|G{{r=}aJ8SKWbH@d< zx~gW)s!?OSLJq^(>nBBN_q2_+Z*DGf3;K4yz(aMuyo5X(o&1uz!Bf*Mj7-&s>@A^{ z9{$v1s(|#!)UQ=SAhfH|-f)HK^1E%%WeL0OHm=B?A&1{qlMC2YK6&2O< z>qDybBk1h?6UrHx4Rt^?*5X2v2oqSptPM1UGOt`5gZYfBxgLXzekZqG9HS6tTwDdv zqef z!`5Z%i6>mah9Lj=?8p{Tkaf>KstL+DP~i|e79`{zf(`=zxJ zi8~CVk}kp};;f<9f^9Rw;>fskZfrfb!@TnJh;q<*hip%ZC;y_ul-XypH}sk%T~7;M z_6^#7!I1GVLMT&v)+@yI0$BliJg#qs;eap|Mv`x3 z*TW_(Y77xfhlSN?J4JV4{Ga9be*rA~YjIsh{}om{OT%94U%dY!N>3Z{4f8utaX1S{ z?MzuTGc*-fcO=MS#2jh~*4MAq9%GI+Syw@}Fq6UVnB{G8JU(|WYkV1q(BG9RFBxC1 zojq>~2|U%;5okE%*wRIQ+Pz@$UX6=i^ss2zxz-~R-7a`>o%+H(yJAcs8Rixdncj88 z5DUCOfIaixM>~19#wF&A3^;aqzsL8kg?ZzevuZG1;4B5=Wrerpc%q-Z9t%BhG*Z(! zy*W7o+uDdAI;L(DPP}3e@R(oUh^i5 z|5EV5zNW{{)ip1DP>L@4CZs@z*kMw&pr~p^GsTr5BWRF%(eVgL43Sj@cs-$Zk!H*1 zx-_}fwH}p2d?M83-CEO{_V}A^0gSEN0-W0NoI4*Lg>-Gipipa7%}hXg|F*w>hKz{Y zJwcrNH>#QOkBVcPlD5)h+PS$-!-7bFsd%j|JJ=_0J~x@}WP~tth59{Gm~d9QH)2NA z{;%~2fwzYs+N#p(PSx;$B*(Z6K8_iZ*&oCa5wETJ8Uq6uK8vmEuQs{HUnb~rlv*qig82X=n9<3Fg5Z75fnc&xKFo-VURbK2C$8#V;yvE#M=HE}l`C3-TA&rGZ#3s8sw^zSgEHbTGyY1i%%NAP`LRP{k&aW3vc69vmU|Ea^mEp=yH6Bxu zY1zo%_BKfewv#rsQX@=GhFK1awgipPk6+F+YnvVdxBo2SRlG6cRHnd1H<-7d)xIP^6EGB6*jhqB0~{q5ut+^}*3?&63{If&|*l&4M`e(=fr-q5!MS za6&vJDGMIOr5_Xqso}0;$0QUNKJ`yAUcaZvRl&-r`<_HVqMgx-+1jFnwPe-%84xkM3%Jnqz6%`3O{|e0>Fn$KE^@XP4J4sx zFP(kf(ah15#(L4&$CA#44Hq-CqQ-)5=^oqVH5ivT(E$?fha}FT2J)=TsQPCVr^$+J z*?+0HtQ{N(=R6x5{3=`$!p2aPQj9%61O!+u^U#PHeq%#3x^mw8wnxg9Jc=Nbfp7pW z)zY@wu@PjN2SlHHHnWCUwvE;7$qOo=#^*z#66gBHV@h05@4pK19j>&->XZbF$=A@u z2?`TGL^|4A8v*NfV|)j6gU|WQ6|e6faFe z*oN_mu;C|`@kvLC{jIqAqvrF)#ZEKh5+T|T1^6M_j}zC$#QE4oAiv3qp#<gBho1ETHq&U*O?LhwTy>{j4$0<={Y)ZEACi%afSca|? zrdOkEj7dnR)zCveRKPg}btU=HdP4TuA8lpSa0OemE;kg^YMK!) z@yO_k!>2Ryq%)$y4J&cM^=(sTjh* zC;LgV`rf9>Xp)NK-u(k`egFh(pD0{)5KyERLCI~&AAeGP!*Jg&jcOMmY-Wa;3|&rA z<0!7IiJtrbATi|kgR@us9e8EJv%j`!KQ=GAnk-jC$9trcnfv3S!b2b9w9WccGWUVL z*{{J12>LSaT}Opgj=vAC!A!}2LA}M6yL>&oMC5&Y!|F2~_7yrIar#crt7xh<3}007 zMSRqht&s$5S#cQ6NfLE6qeyF9Gy@AV$L zLTWUOeFFw0gu!~ATMP9deKWE3^2sfjCpKyYl)l?!Re?uLqV>ecaXDu*o@;m_&jP}a zS#=x;cmJ+RO4*r&SWo1M#@Oxy&6x7b#z38Gaf$39+T&tL7U9CqpKnfYL8PFtg%q~0 zU)4%H?U+26bF6;&4fxLGWOR_$*u8w95-P5F@4^|diJ%yIL_26JaK(Pxc$-H2Ha%uJZp%!ACjck{v7c}+vSCR7c|{|DiErs%N4A~V}{^&X6X4A#%d*Tjx%ES zLk95K_(L1KFi|C4pD(h-8cu^tV$OJ9L>ISTfm4a#=q3?MEoD~*MA!Vc`zyWL^TP{h z)@A*lf?*3bxYn=Dx*gwh2k;O-Jx*Orr8eFpd&f9iu+P&prH&+Lgw^rX- zcljME%M&cAeDnWy))}ssMdp|Bsxus%(x$k!l9+VAH)9^^f+dn)e8Xy1&t)4}yy^`r zha3fXrRBMJ9l+XNLDaY6tH4Sjy9(Oa8d?(Ua7n(BBv4IAeI2T%)Wracm4dG+W9Rq5 zg3Z4>jsl;WMYS;rxdT$Xy)iw+_6)6lkafn3R}4=S>c&k|GqM8uZ}A~aDByp z<5G>-`Z516SiA{XdOW$Do_~X6bK5*7r=_*XWJRb$&CyfRzS52ltgvDi&O6iB$L;lf zdC`ku?HVcp;|<5@!%AVt3XH!%C^o|D|lV>b-+FT-KO81frMSI8&j%T0bJB1 zx1gppdXI5090M{Q>-W>4Bd`yeEtePr8&jLzgL+KuJ$(LaH# zmFbw?7|?nmjT`%Hw{emQ`*vnG-?%=e9HhUoVCKcI9p2Zl5l-^u7U(4Ro_`cf)d(g) z;pGGF@iZc50SkUCT74dTZMp^Kc$CPwQADgQOgus7ENMjr2U~2j-+q&{W^un9Q<(i7 zwd_U^%*Mc-q3F0x;(fIVM^I$CLegS-4?n4+$ML}}jAVg5_g<7z*C#96rx4PNK)=R= zs5tO%wNU-=CG;JFUHh0I`h@K_g7qz5K<280UXWAf8H)3ZzAPVg!1~~05}9uOSeA1d z@}3VI^1wW0;(OQatzYX|faf*#YkU(uDoxO?+!p-c<_Fsk)C3@E!tzEwhqdI0;#if{ zNY9&Xd-W2V(l(!W(_13L@vCsB4mHlAWP{z@W?HkuwQ!WC;#={LyRG0t2!y{yKlgi#>H6=W=>gT_Shsl04Ws_iH zndhdJN)%Qo%?Dyx3@)hN$y2u!EY2YIBr7;iGETJLP!9Fl%djgmK}CjltypbDL|8Mc z6Eer0*irq|6yx%#q}T2VZ`2UUDLW{(Qpi$;kNGY!FI9{hwh~LcI*zS{A63d4iJ8SR zPHT>3gkQI0hzJ!e*tmQ%7FZ#&1gaaZJP_NVnDvNLN34#uBUfBIF!MoQ%A)*r4AuH_ zGF~#w6@+3D8b9u&5g0|{^d_k&BoTS--_^ESB*!tAadsr+p+kEaA^Glt1OkAV;yicP2Fr0v-~ z!_8VYb0*ahkxFWg`eXLT&9Ix;eFH&x9l~`11;`#1x7$t_GOw8NubSGhhNbiO+by|| zn_e9$SqPTIYQS7`(jmWa_h0=zb3?>6(kvALE#hf+VK0B1A^Zgs3g?1$#6 zF3X7?2j+pYQU(m2j0>-}GuI03s-y4zvbv6$VF!$!Nw?pCAr zY@Ee?rNI!smQWFKDMi@|jkDJ?9XrpxzrRlW*VOodojgqan*!Rfd(}4l&%6(8o;QzN zfjl|m-8y6bsHc=)EhnHnQ*}aqiSe0e)B>tbW1jwZ^a=UTeq0#sJ5n4Ue$e%qo@$0L zu6Gf*R>1qlv}15l$!}$?ncDvpjVkk#|NOO+{-4nw{)6b!4El>zL&S_TRc-TCLxl_s znX>OJfq;oI-dyVH4BV5O%WEG3^w~x;{_i}Xa&#d`8#Jv)Mn`)m^*DpCjI9?ui%Dy6 z3`-HCT}VSkeFqGC&SP=K3UGG~9^Wia)8zl1{N?vHxvtYa6;E$BG8ZpXS!Z^e34a)v2ji`*nxqmeuyHO-BcEc0v?O+DUNtFf?O zF8j%=&Uy>s?4@gOVtdbV((SY0dw2z32+Z7fP}KkTKkYiZf2aVoo}PX$7z?$HL^dMV zJr_e!N;A5r9-FKx{_)xWY_S^?Rz|be1AcJuo6DzcKkGThdgR|t>3{q}GXqrB zQecw`XXRAy(l{iVqEIT)Squ}5pwD>peQTxpiyc#J3gk>!>}fCpkxThkUW<~7`O)YtH8 zR@;$zqAXI2B3RBHX?B!e22j_#%vhAgw;yLjDLqeP^xJ%HiZt;p8>6#{ zcH?(hZJQ`q9B3|_KWymKCQSO_Z1t~M^TdL(+VFOvF=Nww7lS%I9v5jVKV$WU91C7oRpATtALY-$s1VF>);#yw(*>511A5zn8 zF11{ zLOzvO_w+bQ{NdXY^rOX85O~;5kWWfV0tvdqmC->5iVgu0ng+;L`=DMgFL3uTfO`R< zB*cLQcq)}^X2-`}y<>XEOofB1FbJvxhV!gyIGXrz4OB=}T7JpvpPN^|XDOXQWZAM3 zt$|5cJ=w7BzMzMyTP8EjxK~}Q@Ir`c>)JsKW+Z8ofz3{GGS6RyV68#E!{sEr%cJis z_sB!v1Jxg+jt=|;1q4Kc+{xBABJ(vdG-VeYVzsGm2`Hhc?bcw`of+(qGW@8Bv?HS; z(0_7{qI~hTDew;Pe+ILc&tR+P4V9hWEzHRGIJ2M;Q2$Rm%U|o{_^&se<$ezXWAsAm zgTq}O=SGL%fxH8pN+bO-vUi_mq3mj@e|{mP9g3aLt68|*hWoL>#7XXPDk-oD+k`Qy z|JuxyQfM8 zCiao0(87D#;^zz57g}~yTFAm0YaRYqujbQ7DFBZ<^3adp%3+a4O9e)?^%(Sg+yFN> zL(N2#e8|ixP2J$ZU1U~Syv-jl9P$$2PhEfdL&eV!4?!HPje2$R}F>MZ!Y<0o)@&_*E93X()9ZyxJI^-0YTfTzJZc}x&S^Wsg>0pSzM8n@jMJ9BLb_V zpDXyNz>^QAQJhT~3ahg)rr1;$vwgpH=}lGHHPlpJD_RC3v7{MW#eW6Qk-2bEzLcYE z#=NC)b5p*M)&N|1Pc@T6=U9Y+2k*AqA6Q>o+3>3~2?;$#E`Y~7h-w-}UQWE~AAn{!LkRZx2CSpbb#w>>3ls7>siv-IQPiwLeOs92i&M?QE}F~t#na*$W+ggz}y_68r=*v&~b#k{%WPZBfqNscKynLW@= zaQ}I~{p>d;1)vS62j^66HT`Yh0H1dA-?zP&?rp>@9Oqx06zBQ2N7@V@NG0#P?Hwe>`0prqf3o8_w#k8Ra^CPK6FojX z-+rl~uy;Gpsswl+eQu{`bd6ktHgtIYqR&Jr@Ms6~`XuoZXn0vm#Cj_89$rR*#O8u` z_3Atdz*~es<>KkP(H%#JaOupZckC%5j>~~q z(w(u{9*W4@ivBc_vFea;atqrQtWPO(U_BA_hohR>ju0V}cCO<%Lt!*OV>17IGQDj0a*+*{cIxw~peuzxDFW*h_Rg;7TfZ5c}e z!3ea&>BViER0QBDJzK8S<9XZzfm`6B3#b|D_4q^lkq+McJu-L!ZfAuafGNR|6%DKd5C2)u>8(?0!a zVuO7~7dCqX0oAVC6q`Nz5h1qE$Jro&9kKnZUyFJuqkugvQPj^aQCi z8LJj35`!1KRp&d>ReH(K9u!@Cm?)PJLj!}pJ*nFD1|x|B+aG0-QS!S@CAtrBLqdlE zbaC@wFEZ@Sy+ZxcE)K(@DU#_)LY7{y-(9=~=^VRGKt%HTh5I=H&} zCCp4!Z(<@x7Z?303YMwqhMGT5wy@S6S1YV!{W0MVYW=Dnw+)@L z%S^DG8SaW8W7gnQP@V_9WP0`U$ga^7&%oX#u)K-fA)^ee)JP9-eADoZr8$Zx;=fyR zt$ml4l-00im1{%L;RN>yj6U>)DM8*OoIlHL2+ zd~S_d4&gBFYA=ZiU)qQljr`;IPK(ApNgKu*wpH;d#6~X8>dUahYQ{F?*(uHTD9$=A zkqB=1FBiMZ3t_`h9tf{lGr9`lZwZ`{$J<^>mH?jS7EEdsp!Y;I?dzst_x$@g__{~8k^SVKr{;O1siU@Jz=q( zjc`R?jb!C8hQ!wNgQS5^Obe3fH`*Vr-9T-`YS0OckvLa05k3CL1d&d66k@P-jDd3? zHipf7_N`)p+sw5m-$>;=8Q68mkI()zY=?J4vftZa7F4+(*O4=GDPi|*zs?7iz; z-uAv^`7*PrW%2z}P;qg$seCsZ#OIMXb&fIY2^yY#f^lkY<-p@-F=bi5U==Lvuq=M0 zF)UFM?KR&>l-tdK3d%$mfz)N-`GwNAT6;1^+Sv6Zz?n2$>vkBnawkP@3 z5!P0@h|`vh(b#QTeVLv}9xX=kmh=macJXhlBJjv@gJdLN7@UYST;UhVIX?9Je%DP2 z=Pbf`+HU)4e%vX1(w&Zx4gsB@l&yRtr%tOJ8otWaX z>6I@4*R~*rL&>J|ebZO&-p+m4M$cwqpC=&QEwU~LZ5P%68+}Qvb9XsBZS2DDmJTv(E;w89NjviK^dQ>}+-TrDGXcL7W_70z=Gh4Wj>z&74JKR0RJp5faf|>21h2kc zTu68;)^=m$ez8{)oGnij;jAX@<5(eu?IErw07&PO{R=;n%otH~v90wJ*sT0WGeGH2X`JpMGA3_n zN8>fK1+$7aOFr+%t;wxPk(}zP0VBr_)I~*qmM7#*Vi<6I%$Z-IVNR8$6WDu*mAHrt zI>hibR=j1}pSUq@tXt^gCx`#NK8@a9PIRL($NAZ3W!*XK`-Lc%GP8@d!Us~%sPj50 zC2m^CF3(EX1Nt=uRT>o`^auJR&c_KNt8oj_usLjRzdZG%lHdZRTlVH9%h_|MFM_^vF8#p#agDdLj!X}$&-G7t7EsrcG(g4o(-^pYUN2PY^Uhn9gZiAW}Qrq9qOZBB%S--_jSMY`2OlkU~9Hj&s45j~$}m;;)Q^WrIs{nb3efPNri7arj1Bn!w0m3_qfgM@uT#( zZXPu1VKwc)kJ=aK_y3`{J3GDVyG3lBl0rRwZj#Mh?S-y3zL=vMy?Uv7eQ=y-?=1FH ziemf*hTWrb5G%ogXUB?>!%m>}mmHM2in&Jf=G;Z!y@#WMPE*CO1_t+r~?#21)~k<7}X zcR5E&;XK*KnUoen30e0)u*+&D=4jnR%Ppo(rNiU zaa8sAOeBsvFM(Fqw8teFT`KC)?yh=&nVDYS+?akNa4duLq|pMv!m^4JsO>Xx8PU`jO5^p;7nONPHs(wJ~p~bxE;2i z`tE*In>BMp#83GKg`#Z|sezC!>V`9U&3~Q0yuTAaGizw>5Z$lEeRLuq5rHf#D)FKk4&^qweu#FnDfOXiCkS3%4s5E=5p!f;_jr|k9&&y2hXMQj zK2J*DpH-$wR5tXEkij~h>PD>;k3EhJzK1U)Ql+R&qYbxIRG$yU3czq0`I35)8&Lh6 zrlLyW;&k4>`axrIY09_Gl*ay8{ivIJB%yvulJQuOn8WpOeebo}8(IX6LtB@*PAMMLj$^ko|&tZ?<3eZQkD7m2rJJDQK2k)G=B(C)Yw*lB4|| zSP1-HXY9N|D?WC!Ab93GLnczCb%zN|N5zQ6iGRxs{6Pi(>--9gr76cRX5)l<#K)2& z&K5TkI5yrvJ>(s?LYFUdISZNo_V?)YDKP&g^JR zAvOwkP0`;;KRryyMYR92^A6TCwh=avBXS}9HE{aP*(@>gUZL$RdjeTYrt|7H8kA~v z2gk!m*;Q||jM=|ECr1)f{0^!}EEmJXEv#tmJ4#0awZQL(@U?|5?pPLUWi=-pq1V9si zyd7@+EeDHq;TzL5v;W?8Hm{@}JtREodn03faa-TY7?GTAHf#=VOxkJ3{xFTOi!qs0 z5m1%qS8Z~s^5RWBM;e9bwcIVeRP68XHXO-_)Y1G=JD`G=9*pQFfxsn;#4+@SJr!C#_iKy|5t@Dj z8^Ko%H#nnh&r_+sHsYeqhXt3dG>(~{1x48OWV*;drIzlK2Ky9LifW_VG^{FLye^r= zKgnfsdX1zmCsEX_@oLb{mz1#rP2yB@PZnp?% zs=xl}-K0YNmEuFu>6)1iSl)Fp7qJeitHU556fbsH*%yo^Z*L+luU9D+8wlqF`x znn)$yf~+iq3W>ogDEVPLZ7W%tURh%6$1LV(%pcu;2T$aFS&jX|`?Sw~vDo#u2&ybv8h%xAFkV~-haWV$XG#ue%F4B9B5 zBlf(6;=Sp$CoqE;Y-ePWEWqK7QaN16n9!d=m^Sg*_Iy30cwUGo1#BtPj~Xx3uq@Kf z&8p#{h%gG)OK5GjCL^nRcuYAxlRY2EzqNjs@!Covu$oj;lKEDLG_bw#_Ppu##@nEBcMSpHdz=G`B6u{)qfjX%j*e2K3Y4(%){D|uO zXPbDM8kbTA9@}yY;gtg=f+PW^fxu51^Ln~RM4@SDI#aCMTi-RPXo_-EEOIK0v(#p+ zw1}7VW9JWusuGYjlvR9ve4Gd-Pe#R~zB5F(*AmMUHTr_wYY_;Yupl zYx#VBfDW6H7RdOrExmYCEq-ym^(FNqr6s=%D4BLmDH>Z@G6TtNprRACc$C}j_38Tr z?B#85X0zW$|8XYi>@2$+s03i~=P4w!)8LXSz4~f)ZMFJSAB$bIOy71PIDb=2dBG`L zV0qo7o17sSg%o--z1KHQb?awlJLQ!|Cr)_gpZ|$efs@+02d7HtkTIY{6;9C z0*sG6)k+D)?h{c~1LXoBZ+ zVim|M=uZFS6dag(|FnPPya2lB@|M69sO!V5* zquxdR4qCGHR+A8Tuoq$u2TC=5>enC0$5rRz!3oP&^2>BXJv;d&W+B9rK1iolAhed=VHW6cU;^znT+V(+m)?CF+NPvMxEn>oB=Blirzp%)LYsjm<$ZdBpopH(|%z z+$+F@TJuH32wuFT3X*SEj&*6iJ$Z}Ued_EGA|M5Ov+pGqm1M*k1^YuVG}*d~cHoI_ zG96fIDFPC8XEC763yM0q0LG>djsLwt^UW)pI_^n$D2b$MAhe<8>=c_(jiD|b76pK` zI}dVh2pJgFH#cm3AhhrmqLl{7#`$*U#(ZxH3@YH z?p#3Tev;cRERuFMKnPE=S&#ShlV+NygB7X}XIvhYuCcaFTkWV9Aa+rj9)#Wq2}9biNsKtD~$2V*piG8pY3d6)uHmMm|F|I#D7d@7=wj)RMG;mvS<=Rk;o zQnNQ8(y85hD<_sRO|ythiH*`P_JMSE<)Z<=1F{}tpco>qn31;>Z!%-};BwIEKBso* z=<==N(N-|!q?pnVVqujiYFU9uuaAO90}v*&^xULOq<9=_4d|8yI;dF3&ONEuGmW{F zCsToj4*ub*;1Wn`iLVFi?vH-`7i}NTF==Kw20m&5CI9wkF$tvGS*uakM6rlZF~*uI%FrG^YD5n5+h;B;1cvhR$4mRMa3V{0Wq?I zDtdahva+%RjM-}e_5V=`?i5&1#bsB%@O(A<#nhAt+~0T$*CVVasdRb1&?Myb0}cRo zOc83B`ZcDDWlMhXgcWyP6R}I8UqXaLai_7FLuD^E<8*1`+X*H9T6pvCvYP1Dk_vXP zt9zUr=)m9I3PI`bJIl{Z;_Nu1emxthT%>&Ztg_sAcyKT3xl@c{)IsNRXzr7Tk?DB< zTNk1BJK<4;_5Z)7E6s4*E9qk-NNuwI^7VO#QvMz<_%LcnR|tLeh5~RU?lYk0KnEGN ziNeb(8#Ch8p-C(7ni88@zj4fXhjVlTw(hR(0_*i&t4DSsp zQLJdqm$whPPiy6X)(<}=8kY{ycu*7G*f3tf6^)@c=>h3@R<-$~&dd|3O@lgZ{e3>< z@*b4nlCJ<2L#~lAMZ<^QFYhrWBDxy}VTd1=S+t?n)2jUOUWj>)mQ z|NH9k(*35-dK3>uZd5vgURMVt3{|!dGDg_Q*q7~2%-rrmC^4S}YFpNiz@!{+-#vj} zUzZC}x;FVL_zljr+-P4f?8xJFPK-;#F4!^fq^{1BpLKb^1z&kHR^4y%#{S_}PJIps zudOP5C2yD6&ibdU_rHLd^b@=9>Bq5Qq!P>zV!5%(Yd+HN6#wLL#`eCubsY7?iRhC&TZsRgovX~d)n*vbll%7tZvTy-t;lC{XkXM*G9c9d$L z#ORZTwSc*`(VV;7x)uLSJPcL~zT>PLJGOLg$z$wq19tM@_`6gHZqG5 z_mR&UsbqvFs%bJ6TB}m)`=h2^Z8M>tx1610Y?)9c`p0lRj6(;di$R#Sa}#$+i#5Zz zBot-OPF0FDaXhNY06)<@)z4f!?SprU%sb!hi zlF81@@N~Tlc-FafVmv=93M{k|Hn%44^6l@}lC+f(x_4k4XC5=+B)oYWW52q!8wr1L z8_5MCgO|t-+^}nuT&G@UfPXB|D&$dw=R(QiJ@Twe)FXd$dxD()S(TiV3f7js9G??3 zy{9%IsNx&98Fg2Er5VHc5a{FyeBtppH*CapuFZr{JJ0r|bm(_#}4q(86I$>{Fde;oT_pTsHYvEgr z9w{iOQjGw(wkYD)MoZTU5}4FZd*tI!RK7kes_2VNQq;cE@bEN0!F(d^N6OO`Yeu4K zr(%aLcZH4LCc+A&u4dBqJUWR@c}L#UNzvp8&<+onpTmeKdLo;egOjUec=FA`CA?7? z{%k3zlY_u3ycxS`EvB)ov8~*Yr#=6zY4ovy>4UyxxIpik`)@^+uov;N?bFFhkaf`X z_ii+}t4-7+Mn-Jbg->^)49o+{ZhqZmuK1CXww!5Yv2lt)$Kftc+J`2C4_A2riSYA) zm||}k-c$-AO$Hp4(SwRwXzs}DQ25(8=e0E;8x3fU{%Cki^L7r2nz~F_(Nch0+@x*i zzWbiMKN#>yfr8N}lPipj?UH}km@e0H?l9N>w)>je=L292fgC$@qR67_}6(ze;5c{H##FJYrkWL-_f^JM`8uD59ODh;BOX zc|A=_Q&B}Xp!ZU2#TJX>k1==gSAFH)C(-EdKuY@=&emQo0Hyc!NrO6};n%AXFla(A z<6QXt6kFcqsU!iS{2yxn~CcV3{OL$UYG`-E*Ow`ZW1 z&5CGR`}FOjXgltoI`?0TJ}0m{k-WX|j76AqZ!=qKVXLWp4P?vu$>`1ecqJzUy+wMr zO(3jvm+c>cNIhFWP*xVU^f2O}MW}%Uc3Zk-ZBfJnSUlUc(STK7=XYJt7w%?$@)f^F zN~tlqD2_;X75UQ*{lCYZ@R`Z{<2oLUcr$dc!R@sfom7~hX9=16N_fr9+W7t5ybJ-I zxpA!rvuX5R{(p_`4}ruvE_P~tpleJiArjQmq8Ae+IHfWK<1u}{8}f89iOs%s^UET! z@y2to)a~gH&HM*!^{<`9I_}PtQH!rh$a`g{KW!C{;a(Hx9Sz20pKTzipo4kQ2PDS8l$`LkjVkMtxe9Het;E^`_Gi3Pq zH^=c2&hj}q$c71D)W4vI%8hNQi}Nv^L@bA+np5+(Unl#K)6aEPlOp?dQ5dnQaI%i` z5^AzMTys%6)=W}mOlF&$d#3q7Gv1Ug^<~aXI7qPP4$a+;pS-;~_K)|4r5&l3J&I0S z?qz(hC_jV2v*LDGl+A;o#_ab!s12~yuU4PpI|x9mAUBJz-&82QpMdy_)4!uG;fOhE2rH4rNH~e~ zI*icff1!v)#z3|QqgV?YDRSQubB76dr^ZyE=T`d|?!C|*8{dQu)UrumJlPg?>)8OP z{hUtM@uwD71IeBo&If6Sepa><@m)?s{M&9!T`iCuTQI;0ZcH0lu8Ag@RK8!uc6|+G1IAu%=yU>a3=?olVT>?xpbCE?f`{cI+Pv z*Ylz7Cw$h!y1XgSe!oViI6|CCgTF~2xGm(<^H8m5J?|HOPakJqRRB-7S3j;!W=9QR zK*@8ZAG0VIZ@QhCq~5^{<;nox?!2xbA7#hn*L2#5>XPN?`RrdSmVTxUMH3?BnqT`Ir&!MZ5Xw6F&`(V}U0s!_lt{ zJgM_lfsO7Wqom=AuGh01SMa8%y#k?nFtmw*7Q%K{HN>HIPdcR;+w;)X01m$<)&myG-)E);uRpKOQ^T@*f$5kyWsvaH6RpL{$Mts&{vHJytd%lHQ+3{|{|%8QfO1 zMQJ8>3^7wIGcz+YGczV;W@ct)X2&rz%goHo%*>e4>*?-#Q(cvrKlAUDN|scz?mcI( zz1Fu+C(Js!GZw&QOCPQg?!?XFxZk6+;Fd02p1RkUgEGo2iWV|v*!>X}|IbqMKlWiL zt>ol+cpK=4Cy}6PX5fF!pz6&Pg?e*gvmoWqDUGoXw$*yVCRc&y@db3X2$G=Sa8GL} z_+<|v?)EhZ8KJr6(>eH!mW%GdGB7i7b``I%?$bG3Y!5V9k0I` z;*pFjI45NFo6ex@;zG<;n_0?1DsGN!Lu#zSkz)S3Mu+y1fS0yU}^ygM%C@g7$*Y z$f5C!oZAX){%KBeY4`O5MP2=Yw+$3)0zC5tEq@?Y$!c+rX6~Y+1fBAj*F7>7vo!s@ z5-aYonaDaPF6vUeNMWcm6)pJwl7J&~e_~9NPKhd`Qc;z~DcYt_J2HN*m;MWGxA`E4vUO+#?*IjCPIRSaYRiLrbd%l$ot()?r;^4is~YPbi$5sCT;EUv42>Q$olp5 zgxh_LdyA_oj7_595>3?5Itl&p+S$zdatxU=zQ-V(vLwq|DbDsOW>_#geIM^rRX<>H zYG6ZnNiMvHhhO~po^?kfPFkSQepO+Sk$99CU&i7j1mYX!kke#9_YxlBZOriLg7(XC^peot)Pu(2CX${Hvqhe2a zHC~BSro9LiMd&086PfMHJMD7-M^uDlrf?uF8TL@LBzL$Z?>aD`cKdg6Q`&n$f1hsP z9)1`Ub=z5);sVhf35eKBW?I<=8@thk_C&^2K+g-Mx+*}jL2%=}74|Hb0+3fBOFP9@ zoL>c{Sk>H-4-5=j%uUb^U$}b)X8rC*o4)e`au?|JH=jzByUUuy&$H6qt|QNG^v?>B zFKFn&M{GqjbpgMr4y^Irdw zQ45gv_Q9HSh_cG8x=%7-fj18)S$La2{;`pG!9Y|Q)S8ecF9x-7Nv1Rn`(9Lt%is6_ zbIk=63z2<%^wQX5rF7|Qg5_YvT5`G9wMi8{+3?$o4BAYT{Do_dLl&N2s%?f`P2GNG z1bVb^X_wFRY>~qt^4imP+B>4y+~ZyK%1v{V?PYekec=c4L!5zUF<7t{q5@6i`x2m* zcBJFAz8#Z0UxSl7-URI3wqN^hb>VJxvf_;}g~Vq@&R|ET&<{NMz7yyH`M=n29xW;_ zm0i?WcyM^>Mk}G{hZQtzJWqi){z>S+O}7220d!;adHHA$m4zQ2!O7Y|WM^I0X%%5Nb_%Jd7T=x+5(_?LE@jS1SV;|p%aghkZ z^Q-@!!ahH4P-+yZaK$ckJOu zfW$4N&^v?KLk6ToYTiNYfO=Z8uBW%qP{Ub}x(I$#1Gn{hsQawd@Ih)Y`yBxRW$Q2D zO~)@8uXZTHm&weV?LO*jyDvZaPqlY<4gDf#9(8C^joy=Z0qQK=JYit?iGHpq1%~^W zF}HqNXVLuwjn5p2$I(&umX8n;nz*2>mti`fLk-T*8I2M#kAm## zF<#8dES6`6DI%9v@#~8Od{O(Yo$*@t>bi}F#~v7sG=q@3ew6MNUVjV1A8M-Z z&v_?c``)+B6-Ds+_OE!KvxDuOaGswpRG+Us_P~aNmiL#|sgymC+him75wAG9RcY!l zqPUrM$odSWcDVy;upsbxs2((a>P`ImG)8&ZUPz0NyPddyBTS%he*Gcc{!pgSI!pLR zEy86^m|i0cA}x%7lj+x4*YiI8+_g|&M7^i(8znSJ?t7P3X60APEUQ!DF;a(-ROKD( zBCzXG(L`v;?;smi}TO z5`Q>jdtpOC+SKo7A)X#DD@BEEU$|6#Wiby@z}jU_EPSLea><2=;pA7~y{$bCBj6!t z_HbPk$`%poPo?+qFr`?&6Ik;^u!=gOGcHDTo5!}#{WUE7V1>IZVIlZ*AcMk3<2S2yGt2J(pGMwWB)-pq#I8Q>~*$0)R;&mt)Z+bNSoX4P3 z+u=1j-9Cw|F`ug;6PmOw?LASxwK8HIwj`7qTsBsbu^8CV-v#}!ORPa>i*2LG5u4KG zsR{F@Mm6=*i^^Fc9*NcXt;Ye@7Q;3`fR=+b<4Z$-A1q4Z(XL<{y&FgGRtM}#D~M!u z5@Ot66bfqENI88mIMDMZen-aJgV$BXi?NPh_8?W=ZAZGu;j>F^fthydnO+Kes#`5W z?Gae$>KQ_e2gOQeNWVf`k72Vy9;EZQ73i#vxE2(4VP}`rlilm+*vL5e!syI_O$tgR z0NPT>J^Lv5#a&L-j4q~zO8?_J@9D0z6O&QmL7#vZ3)97&<&zkgd{u6 z$_xp6P;X{Kv`B{_UQkYw8k^e>i=WedNu+tT#1u!Swu;;A+D71>0Vp7bQ^=J4!d%JkX$xcG>C7b@-f4`ZXhPX^T5@U5?tr=^}OsL+=m#dtro||5*|JcrN5B-grt(6z8Tp|avT_=0W%n_!OOm;Sw9(R&IAUKlr zgK0Qz6^&u3GCa3Y_hYvOBm-6-@+kSCUT`sNw$5qJ#7Zi(1F`$=kEgh!Xt`sy2f$|$ zysp~@e$=_R$R<`e(i~BzI48=g!7=GDpwp4>Si^<&MnTlyJYa(v@jh5dPU0ns_>w*5 z;9v=ZQ(qw^{4vW{5_l`#POQJ#za|VqfI*(@ZUw zfn-vq_h^x1<W?BhZC`tll;+45A_)+%in5uL1F0c9d-!_H$n&(L=;fxO zwFr<1XqOH|cmj1j8GCg%!hi{4MiO<6;#%pRq%_?}wlRGu)pRVmvO{yW`28vKLO9qt zu##Yn4ZWKKfX%wg%2YM7IwC+jb=yo~&_WRzaASLVDL5yq&&@g$s8IVC4k3qXAidWk zX~CtNlmdFQGsjL@GQw>f0~8x;8kO4i$w$^`A^Gm;-B^=kwA(#`a!#Lw04X)Q!RnwQ z)A?|!2c$zdGN{8$rv12vxo#XN%CAPX9)RGWKKs7xFo96F`4L6pwbOYLc2zC#T2<(F z5tz74b7MD(o(NB2+mN@l>9;*h5cJZX*TI0#8f_itiWt(IALN?Vj37o&-e7EMa5h=! z=6Gd({v#5OQ@%r+fT-wAD8Lhcezwl{?2{_ZNY<4UZygMr(eMGL0&yvy`fc5jks$;t zNrf%HNXww84o~#9LUzBkMX!s8(*{OIqI+yfbn*I8JnVhF5n%Ll%pYXfx~l2uW_rn_ zPcRw!c>{8`JFycOdSb;43+r!H2KG!q&81HDWV4SC;nsI-Z?1*c0m+ufo&v>CZU!(9 zhR4hWHue!COpE@dae7&Sxg3UgsidO!tW%OU3TGy;u#Ix{l&5Zoi`(}2B6wdWbg{@^ z3*=RtZs;fzS_-=6H#+uH^?WGN>L$c8lRhMLy99;W5-b+C^sLFK{q}DfG=N*GWf~nL)EbTr|g2n0BQ$5w7j_ z$L!v6Q?BWav!H7Z{-AFy-IAEip&+9@Rq4K^czZ>(E;myl;rFYc0qMz!v*~vq8;DK^ z*;wh-v+{C zj2H=BY@&sMDaYvRrlvUJUhBrfFeW1aJw0;#!t?rdMk*_wk*mFxkZ%S55{p~=$8M1g zZ?;(}O@Eav_x1atGDpf%1iJf3e)CvVnOAATWCbQhU_GpXVKHuPLvZe}i8Dhlxds=u z3~XO7LupQfrLdj{rbA>VK|VaUro6Y6%%?2Q(@m~W=v(3xj6>= z`AabEkmRf(RXX9-j;~3IhXnz_jsVZW?%Iy+Q4-TUR++0}1fg<~Ou^xab!8>pC+^8yW9|s4G?wwZsLgX*4|gXo5ulOvI%9hg zBB|GTy1>z+uh*?v=k)cm%kl@FghN18DN?(u^i$FW#GjT_pW z-Bnx{@HnfV$XFJZQyXEbQc`c8zv3SR*49WF+3p$BXJ(3n2{};i*ebeR(WSvAl@TX? z=4cp8r~M$NEr-E$@33=z>Van;?Ag#XwLGmrD?7z~2$MueY?@Fa)KZL0D4hpgiKR`kqAMEiw+cPfriE8PmE;SS?YVn=jKVIKDU?*=k zI5`(K)S+Lb*gQ|=glgMrMO2R`S#WZOmLwv`aW#^#O_2_hv%_Q|@6%fHgknxFEk)LA z4wzXaC~es{o&I*gnWRcgne(=T1^H=Gx!=VumcA>OK*$QGD;`YkXKkRHuko@}C$wB9 z7(Em>EuI%HJ6F=;aVb~go@{#6y#7*k=`4lj3RMQi{z)pq<^!OjXX# z(QfU&<5Y0rhYBA6HO=r+$lp>RkBAyj{rMuw^ZsFaJ;4qWuf}+YnVG=&ID93_eTsdt zA6%kP0d(f<{0LTUk=N_BH>2u%Y;N9LSwb8^fvEfwf2RKl22f@)%SrlISH^Au%;oRv zPULJv3rtE5GNq}eI3_%%+fMA?{td)WIB6(;>CQWr&i6xPE6TI@exolY-j`}T3`3ww zN<6l(E)NTW)Y*(ds?Iv3q26U$TD7H)vwM3xnsg+`j#X`Me}oB#W7=VXo$>aYOF|IB zqe~!2S%l9I*LZlTHrR^f$9lSZKSHhLaRO?YbgQTbE8Fq}`r=UbuaMDtp&tF(XzmQ? z8g6a+_!NA<*+Hv_iXW&bF>;LG2PRgSZxH|RRKnDtJqyw|i&ssA@LrJplah)yC|`=P zQ=xM58iQfB$!O*In0s{i&i|2lys&N^t&_QEK_?aViBRf!qpqzmZ~)6F(Wv%^9EWEA5;0SBfXE0 zDT+z3*^H8IfNYl=)D=KFHLyo}Mym03VX!EZN4m4_5GYk1cy;@BJ(ug_x}N59RpPq) z7OA_F*YP}tp?fPNZmi1d(Kh4`I%VL}e?Dlge=cv?578qM$|h_I*Kg`+T6xladR16G zx3)aA>*M;+`MCbQr}Uz$+F9P7rnnA=T^25U67D`1ecoBJ8Dw7^A`)8i>ovUE?ecvg z`)rccvuXX^^^@OT0O7w}A^*p+O8IO1?+mt57+lT1()I9p$4AZS#dWHYMX@AAZ--Gk zqp`2Rx0&x&bd90eJ^0}>deD!!*({gVf5aLqth2Z1VADu&I--=#llLt~Q%SkYjQ}$gRmBKG}Lw@>B+4K9*d6@s@^;xqhR}sv_!mfGR zsC+)C=e{n{9pKog^4FR?0Fa*PRqMo5^LR1)e6+r3pcnbqe;mZz8oaFuT9aG;p}wd% zH~`0tP&wE8>07$rNOeX%mISZ5Gr9&_vnbVm*6AY|5E-n}Q7-P(r1qfk)54mUy;|0! zK|ZgOqga_xSVOl96VPm*fTvuIJDwDKm|Q(*-jXUWq?@u5{&GPtd7 zYQQC3W`~+9Rq3WOKIQ$g>KgPDn1$)8u7iduQhmk$Y=NK3wn}L%2bmDf5*KgPF%zYD z{uH0;mOd|Xa7sTkzqK&p9v{FVY6=O2|BbX(a~CX7C)$aU~{agtz9 zNpbPy;CT6YLra;4dIj@#h=a3Q5C8Y$7SoE}Odz-vpzDFll2f-H8fK==J#BF!G*+S$ z+ARK$@;}$-YkQFBF9r?^YuX|D#!{|!kf0uLKQ44mU7J^;Pt^>*v2(!r`=y~(uxyaJ zmR_Aw+GXhegb&2-_A5_?+BNAX7}Q+!o}>_wb1$rHJTa+$yNNCI<>14=!e)LQiuYNRYzaX}SE@zdjuzU}28|GtjxC8d~oDz$;hWUqHK z=Me& zAI28n{bk#5!-Ld+Bb-fBzUfHk@Tr%W;kY=t1u~}2#J#H&^#M?!k=vGO=a|5m#HeFe zFXiQ=vMq9|2;^bVr<~%H=k3~@cI+A^)Nj%+26*4Bw8}hS4gGV zY$+ZIC24o$!VUu5wWf=9Bb_d{KQJYhWL?R1w>nALqgXz4Ik-1E^BTNRIgy!1@caOL z*L_*tpzCq87IcUVWA_MzdG;{}u*aCNIHTrL3aEDWt3FVX*uQu$mX!Wxg)4wVx^jVi zV0+e5U}+)P@opmXXnWmA(a-pgHfVQ=cDKz%VKXruAC_FqUiAa_=EakQXzd6MwV#xd z68RafW#g)1d+ARxdr49R9NNHH3T_5IFu@$3u)F*2UJiD%w^KWYN;pyDy@sJqsVg5$ zWqVm>nYu?8TSJIC#Pe=MpTC2m{C_{LI@}K3xL1>u7VX(oJ&C25=58i4@pu1@wEDa~ z(SocERygHNLKlFjOq=xZ^aP1(;Am|ww~qN0?T@)=rD7ZMg_}(=j#26FhU~3eQ8ts% z(U1NmT51ZZ-^2=yMzBd5XSVc1dto9;CLTaVlX!0wQjp}KVnjUu?@DQ^HqsNlEhxuS zNIAK>$JU`2Mw4VIyKtiCVE4YMzAxgX94rfx#VzA|-7w31zOzLsAftv3C)Vxme-`TOztC59e> zV)LV44GaH>Q(e%rlli_Hl+lv4L!utZUYMw`Hm#v-9s-HoJ|3RvF_-?{DKa9Y%7XNO zVWZ<#x3dStkle^4*Zs8|*wDP`oul3l!w3$&5U`~Pzrsi_`k^2LK?epD;jHalH_|N` z)OPG2My=4A76lDzos7v>f2z1});y4^yF4M+wUk{17k&3s}n$A&; zL3I#vRG~mwH>mBE)yfNX5!}!SoBLs+;v%zek=iVu+b}>^mS`!hZA&f=)zaRsv-zE@ z#?{=KQEwwYM*RtpuU9G7)y(a6-e{NIU5mOR8q8K2b(usGqNYc7-F=!o0}X?7#RnG# z1KrIlE&QumRanzdJ012%+YI^0;oeHLnblc{vIGVS`s5ICkCH8aY2^~V7dyCNT;l+C zQcyE8@-Kf427aR~@T3R}`gIm@1Css)wG}<}Et2nVjJ)fli`yrV@|u~tCo%jEcaj+) zoRJB&GIboQ)T7k!QJ@*a;9qk**0>HzrqG9<$xAjm6RtZ~)2!lxT#X$=c^s)uQnnGG z>{}Mu4qDxQjY+OK&g3n?@dK0_XFnQU{^B4)gnSc9*u8nV^7(r8ej@n(x+6gX6|47X zSXT^FmKmo<(zxn9D_5BRO*5G+sWG}E0{Js1Ck>hRT00?CKSImBHSFI(IuAfg#eJTt zQuGb8+TJI&`gX0k_jDjDQ;9yXmG1SR6YLa##B$ESu^6LTQ_*IEUJ1Oj8?#b> zjvB7hDwcg~m{y>Px(|%42((gP^EUMz53#p1Ew0`oFV$M1!* z-CzqbzO!GmuCJMFhtg8zbGaz%KVb%UoFS*(xZC89X@Dt}OXa?UiR>H9_5Louff20@ ze7MFJ#Gv{M+D@h^Ezc>$jEMHNV;b z1zD#Gii$x`Tefj*$AQkXv}8^rW2nhW?HlB-{I-`Y6*>7F6pqKy1BjcUD3CyQGi@9h+W36)N-_S#$u2?-XLl1bSdgiXnh{|s2}vEOCavGo(fLw-rC zN{+{yHUq}Dn9-?0yb}3PLGe9*#8oX8j(MVA0xcmg)9AOzM;*)S0vG5}$~*12JMFH# zDqP~X!cJAJWGzKq7E}--j{a%B042Qtch*8uCN)oLRsZcj0JmKMjPnLNhm;4m6475X z@8%kmxj*huYdi#T4rLRiG(ypn&bMONpU}4zN-?bs69Q*{VtZ53V!Z*atjEED+1r;y zXPnJRhD&4OHTC^LgZV{=El*`6JjS>-uKeF#-F~_FH9WZ3Cp&k4AY?sxPXjKGy*U0MqJuZzdy z@Ybw1G;BS>_K(6#*E00t)*=h0@zFv?nnZKB=%Ja2a`)-Z1?+yb-wf7jp+WZ!q?A8O zr9~Gr=0FP(k2=<03%ZcEiB~-EB;=Q9Qxy#;U?cgP^Ucz2sA`6;A)aSC^hx3O)4kA}kMD zF&M|E_g5ssQ%px!!)EXMmemP$SIO5O*1vY<|I%plAxsfzBjzG<%Q_-Lp;Q!e&(Fsz zhI(4diS%-(BRkvh507xx=ijV@P%8SD#LwTW!qX;9K01cbDpPRDVpt7&{i#y=QK1(6mpF{pQ=1_x{}=z&|c1 ze@Rq@EjH%;QsR<3JDTRNvfgwc3JIwo!!kB98ctYIkli@e`*_T?U`soRing@f@xHm$ zn$s8UI~fYzW|`wZ{?1Qj)6>(jNiV;kADDV8yD%4CO0HAY9pX(Bj2=a8gf%U+NX_fW zRwOM;QW}$S^PL|A?98Bl4~ZkhN@8YuDyLLH=>^hIV&ZdDDKEyPJd_)MHOh{x$UQv_ z%rlb|A`$snb)hH3z}^I`kREB_XUK$wZwAqeU)m4uR(f&2QU3T+2+_ z!(}^6*dvWYg1e;?Gkz~)wdnx%Hr77lRBP3o_27WAS*91cFLA&pgXK2-TFq5R!qFEH zmp~Klf;nVm3^z;N)?9^iLe6yaS}tDGwFq`Xz~=@fj9_hMaW3ZC%qz3u@eJus%*6*c zGB<@8^2Q<6+X7)+EXv_Q252Wmo}DMBCm&9)BHO7j!d)11WadOx zYReleg*)t1u6*WSP@!&)!t59t&TjMp`~l%3$|vq1h7T9iFa{dzKz?C8>VPrXv98lJ z7uF8(_q!I6(px+qu@44X2|b$HrouJ?Y)`}#g60(_Dn?)D@3ueAqalxrwOHAPLB99= zBVIs0o%gYIX?J)7oL2+y#-k34{%&hpgDrDT7}!#PpB6cN{cxnxt%0N;4dIMtdh`a= zEvSJCPpizrxAqhWR8d}>hl*Z>K}19p8Bro)E}`xM(C_o

    RW`wDGMQ?p(}y&9I#5oMtqDOpOjr&N z;hZmmeUm?+xj(=0ZT8L(4q6!GSv%J%kIz*0^BzDiUG2EG?_dh~z00%Da-UZzp7-Wi zWU$KPc6Bs(eRxQ`tTYoFW1j$^iu~Sq%hWx>+{mG77#!J#%bS2k>+K`qRZb=j0ht*sO#~r znC%a^QVG2Db2Xd(%`ft$GO_XfZl-|T zoc*r?@@%n?_r7w$>6wtNHfs!8Ltd%y3E9u!;-RRRot6q=&G7y@lJ_mIGX@uRrveih z88^t#zAa5y)&Jzil{v_4-JN6@2rGF27bd6<(xhKhu$)HS2KfNNnky0;jyToUd@-)K zMqs zBvNBs4xS1``4$v%COWudx2@d;Ez5bHvSnQK*Zliu{#6_YL8x?PlsDQi1rwEXgITMo zmmUvWLjl-=}>(eU_S(VdripA8@k5yrKy3bDKX)03zACfFrZ)|u>`O9yR=o$Y8 zO3t)+9_S4oZdt1~Drwr#Tk=}6CKRO@PT^K@NQ}8~s&RfANS?*3H_WXH(?8|K&wJR$ zlFZPr&VH=NyD<5H2waU!G5LxzUT{sG@r!L1>Dt*O1}wXrC^J-dtMusJw`NNoEhN@BH zx5n=5Xj@w*KMkk7Cco7;r`k&yw~-8c?q`i=X|cu#Tob)ta!1-*IswXJae5JbyfI!J zcGc-uS6o%HM0dSgbC8i%C24em_;AAl zL54c86!zxzDl}qzh@#1ojp>{pv0kcL zt{wAvVo|+H4sMa%zd=;lf8{=K9nypKbni~SlC8hx(b;`+V6qu`qyhCBH}yL42VXjl zRXa@&BK@Zhjm++F{#6!NLPtrtHIKb^C$@6By%L+XK|F5h|x2gEgQLPML7ijmA|N8X*SYAs)gR&@+f9^8= z@udIt@}U0~sDA^Z*s~JK|JP&xTIL3UqBOZdT-B2QkbnQ{t<`BkQ5sd$+i(B%*guy4 z|9^Zx57oTa(sexb`KQ*xwX!#oL554#N`(=AS7D)1xOMj>p>m6L*CU^5NhkEB%B32_{&<;{|1QfYF zN+?E5f|b1RLb&lYLp+y4iRP7pEB|M{rh12@bYT;dtJ;po$q)k!gjba3$e}s5s_eZ? zor~XC2u%T{O+I7PlAl|}cNPzJB%qmkPZEwSMV$pHA8jXlG(iZ}Ey^0H1U4QQuFluM zWDUIa*et+i&luBe{#Enu=D?#sqJ3%NYkMQua@FK!PRpJW~LN*NZs&c26ewwqizTb5&?i^Zy;; zelUfNKR@8`7rC2;Yb+?GLhbUthPOI77JE?*siN({Y{Th#n>1L@*aeT3&Z$NzdBPp| z%iH=R(|9XK`qI~(TZ6P<*K~4V>TeqYrJ2ww|7LeN=z_v4IOo0AAsKb79evcnsF&aQ z2qyvlkIhe;XPpj2)!0mKC)u$UaLWnr>7YTjH6Xw7ZP+q$CARX670i8lO*-nhUAYknd9T;0#_v#V+2ncGaDUneEG#W)D=RDCM4CPkRBk%w^}cnP^frHf`@Bh20mf^^ zMC_n?7z{>7+HF-b*AfaLT25)c-@R#HkNPWRwMIqC87-YP^=hLaQZ+*UXAXuTQ*bSI zXV_I$WG@cd_Hl~r^WmYGlM~`YP;)QU$Zgdmp0;yiQF*mRJ+5tuf1n(AC7h8N1;|@7 zyry($x<-P$MZMH~FX!Rh?BJs2roZ5XfX_quV>2H25048D|MSDI{jqdw>TfNt-Q;9= zu^UYIXS*BQhBd*Lop{r2RIVb!vS?#GYhUKXwL7v z`n|D>Lk4^f_SYZH*U#J!Am#qqzNxXLLzuzW15J(OnOJR*fhQ=2Y(IxK3B3_QqTEun zS}EN(-1;2j(zo(5KwKmGYgkxhpSlfVp!kg<56Fr<&~dBOpG85FeqdWaEzvfwq#QhY z?**i!=R+GQxI}+BQd75eBbyjNOnK{_lhlL<4NHi`-c9r_8mM|sRmm?9DucCHq8?p4NDf83~L?A5?9e8d>{G#+#B6fh;v9A*7I((rHCLpohdu^E!VV}JFH zM)*n&POrgkitK#&PaQ8{F&+d>SW|F0X6SrSDHGWh=v^yIKD8-i?)~7cxvb*0KdT@R zamf;V%$aEU&@VQ-;&Q#Mb&RKBZ3$6$1Vi4&4u zzO>tP?XqvX5&2PqrMS&-2%68C*HHmIW_U61n;Jov@^27KaTnA-&d-*{=; zC>v#For1yMzxx@3Mvo8G65K-}E@8Xb2Xytn4@aG>StF2lq ze`q8i1!=q?q>;F{Ry({e@F|24uW^%+U&jy$|*f z=mR^7Rxa{pPInHkLZ^T7zZ@0vx1G)nQ*or&`Vk)WBpyQ~I74zR>b+Jp(KjMUSc*BB!H9L-GrVN({I?k8fyj@F%yvt(j&^Se z<{He@DD|Mg-4j0EKBc5Q;y2Hh-l;0|WZI2XnY>usK5kRG*?t|Aj-5G_o9MR$#=g}s z^rN3aB&0hr#r7H*DE{AS!{8spf=DF$c(Qj26Wq*>MG{4AMhCF*M(%Dtw0EI~&V!Nk z!Es3KY3sj}tFu2tFB05n9-9hoM0kNFQ+;Kulp5^(Sg^YRkcX_(;QkIMg-!UC$!81T`M9GUP3;buTFACr74_+r2&Nv97=h}3k{SmiR~E3*09&6 z8Ip?Nb7LL~b6}fyj)ck+jX;;w4&jluh16V}`V7al4uxe~`!~ah0Hpp_kOLJ6wzhAa zBKAUD?50h+0r5JXZ5D?|m>;t69J=P1ta8zt zKll`3uOF&ux}$$#9b1&edpF^jLRM?9{1htbh?-dY(jEnuWqkrljI8qM%k^qY(qMV_ zF_`W}KTl;EGV~P!OfdUSb{JVATX}iFKjN8azerY9QpD|xW>=tYy2q2e8j}J+94vi5 z=(v3e`m6#2B>W41yJQuWlGF&}=(MqQj1FX~@GDS}7L!vUs9Ff2tL3iP)1&AmTNmP% zJ)T;DOeZGSDR)aH$c`mF8lS36L@yncGnNH3$l}uWgF9)cLYvSg<-9bz7wkPBcz#s} z7!-F|jO)O0J`+-ogKt{@7_LkyYA1-wiuq4BCE{MJsPKm_uGo0;a@t-=h_E5N11a0& z@Uw@`{xgH`w|2|?YO3DN(M$iLc8(yipxuyGpF*5~SL`_Qg>7QoUSZxiBs0Dv0uWc~ z{WvXaMmci!d{mKfQAd#QmcZHLs8!aHbBbr09q%eZyG}v=#5NjiA;ZgCM;i%^>s#3 zqlE+J`^N*tSn`ohP9Rn!%&WkO0uuhWr$Ht(Np}B$MMuPtM0qfqR&V4^f-S_tA%#F9 zcgeh}4*XRC_2mUs>59>(5QE`pFjVC0s8l+%xtd>sU$QRFcg}x_PB5PI=8<%eJG>iT z76OsbQnP|oBXrM8pH^P^g&f?ejkgh=N8jKI&cn(9ZMcT0b0yBX7jYMbsxGINB zlbD``Wp08o4c#4E3->=#dJ5YS5Oi7BY)eGU9WW5A*~fKDLge_~3M^{tphmR%;7=`e zSg9u8u%o#%`!;8S#%1!0W@@KT4YZSpeSt<2bnW=oYBczS79RB@+T`CZd@YJ)+yJq) z!g3bGOg%}EvB}4YRgIYZ4sLS;wCfh(zP58`mv`+hUH#r^rJW^G zd&GP_AHkJyL9|NHNxIwm3~S)gBa~#2X62H%8Ib?$iv9V1`3nf#V{!S-p4YPmWzTmR z_I+BYyl#6w-hoBR!I6U0x8Vqa0Zm41tv!JRkvH%=?6eXUE`w4#|)#Kjd@%#n|+9r1trn>dy$QFGS+hRieB& zBBaOQ=;Q1MxU{zZNw!ca?sy1p0*w@+hYy+Q!}d|KwpGs!Z17&Yj?}m5ab$||et4XA z`}R|>1zaWPc@42wNV-23ijt7ksGRg5?!(}RjE{ub`;GQigW-uLO%qp?Ra4MAr z*8*!1%RB!dS0s~=76LCdXs@W*My@@MrmjZtE^iaW&(=Z=@0}g!$0wmAL;m%7c()e` z+_obAHfM^R4g$L*;nPRj=iDtT>tGsD5*H6^r$j+QhhEcBK^Fxq{>NqR^OfuD_3q+K${P%1 z;>IWvo#IaAIa7CWfP6p$Pt1d0R4wX-v+**p{##?hbTTzJ5*7Nc~Q0rA`c=0SElCDFdO>1YhkgnD|vwbG6uOq0EQ?-z*; zeesxJG8nGC8CEjiA;-f8h};Q>x~j2CukeJ*fHZ3KwqwgHBTRT=#Jh{u{k|K#$|8Z^i zM2H4-p}xNseK;9IAgGVN_ND%b$*Bo{hv-W3lA2Xm!7U9KQx7HNU_!t)1&1{Dzv`I~ED`-flIW}j4--jkUsnMmN(`wurxL9D zrgU?^#n(UgvJnS%Be?-Y5sGUdLau-H_?g>?>+5-d^x0y%kAY?HGUWn%AGLWW9+O*a zf9!5BpAF$0W+>gmaIULE1&uXA{M;J=8%9}cYHYKVLnpkGpqnjLbkA)ldwiJbU2sMT zC9w2w|0Y@7-T<-4S}a+z z3-EdLr=r=q9HM%FI~1lk(67kne)e>847}EbN>kJ)%X)gp(-tlF$WAMv?TFKC|0@P+ z;?}$4Vpv+zKCplP?eE*8os5{&LLExtCq0 z=?KlkUfmQP&^eN{Z_iR>unGKVLKOIS8-W-nfZ)gHt(9De@WaWR+uO<#h+0@uTe3n_ zt=vG^4#WXjJ_MT+)*W4gs}r5DF?Np6Y=SapkS{Kz)B|X;E^%Ic;#w}72+H?aK0nUi z+&oP2TqwP_S`~j5fH{}MrFz1&->&_fbVlIP zgyI70p;JPpvCgEHqK>D30WsEJJH2!oR}nyj4CLL*Z{GD4$+`+b#1k84@d>|*xf`V{ zc;4Q|85)!JLbH;p8Nc!OJ#3s#O0&yx>DG!65*1t!wnsHSp%&b@oRY`B??Tu`;ZN2*02J`bj zyh2Y??r<9t8u73b&FeN_-5FPO*l-fXj{MUa5{ur3YBh0nx2foTtXfP-7l%9v=BFcI zN^LgV%kju0v8bnFtm%3`CNm@RT~(9P&Y4)V*a20OTx+yZPSY&&D>)P8&Sn#w5#UgW zyTysge{53G&p$>T>83(R>N2S^6zTuAYgdM79Xjo^tCo)h$Vs!`UtWgkb)dVJd^70G z>;Tr~_c!9qtwpoBe`<4i(zS_n4>7U>2OmiD5)OE!CXIHAySiekKW<6At{QQ0=$KbJ znM+I(pHt{{8{5Qvs#g`&$u}@?yco0>8~@G8np{5vD-Ov~V7F-vtqtNcT*2ybAl`l5delHd1Zn_!byHJT|ovmrPq+|xEUaAC#< z8f%=EYQ*SAMjWjrYHqyCsG2%^KTU3k24%JjGTEBPcubWF4_~NZ5I)*v}A3r@e{9pk-4Vw=0}?BXnOdJNNfucYk-lN6z&Q3?L-YuV(_&y}BFI zovHhegC^jF3cX0VPnvG+G*Rqe^Jg-p-QV0-ZZ%!hNORnMM!kSgt}0ya2?n-W{dl;z ztWV+X!yBfnDn2;GIdT21@X*l67D){)pp|7Ed0NI230Xg((=|#-EV*%uKNrWp;+Frt=F7?+1-+^xqO;pMmV??4>KF1ciP^F8+uRFE40oVgma&mC!+6( zTPX+yd;N%le}uuzNqs@cMSXw@D$s~gHgRjBen2%D79rlkn@1q@zg2T89E=G)Z&f3mQ_&p*(*$ulCS<87{Z$W$JRh zZ_c)_LJ*IifX2wLl&4+pLasjL_eY(!QX;cvhON?yo`BHeUkV8>ZKYE;S}3ud^L#cB z3Ig0zoK0dJrcbu4P6Hddh{jcd?OK#ZU1U+8()lL8B~>J-Q~5!ks=9><^L}jR;pEw4>Wc9Uooq_N2M999UdSgV~ z$X$ri&u1=O#fJxv#bfRh9 zb`lBM+N(Oog0DmdlKu`z!Aial(fe{r@vJ--=C|sHw%$SMz$J7EA(8!&hMlfv>^*UZqxC5?zmJWc0RClDmW0o(;H70 z1=8eo&%xge$x8Yho;QYeR!*Yb3rm|^oR9yKVf zE7zSQqhL)7n;z3mRG(J?{?!{7vH+(f6{*iPk-MMhx8L4Dwa1nxcYSjgRV$!@h}F-P zbyPX5=ucu-PD$UnF~X(qz$(}Xw^t$8W2P0?Gu?H0ggnR$L#c;SLjJFwW|aqh_IAAq ze;Tju_4&dx{}J6e-T*#R7#&%8AJE@#?_E?3GQ?>&E2`Jt(>QFj@0u%pk00DuvApiu zp?J9iF>N(n4B_v{XWNDL)+4=~yzBQ4ZrJrXm+o;h$dc4c!y=>%9cjIT`yTG^xi;Il z#7KpYoFPS*g^KU=%Y_3HCglQz$bwoOWYCvA+Vwa@J^S|?16*0-qE;p;6*f%iQ&8Fl znxBXK8tm;v6Zr2b3_iE~w2%ArFF*^#txRn555)2Jz>>>7x4lt%+4jC~Z4Fu?e4K21?)ADqh!)_{N-m{M&Lj^PB(WCI@q87_RM|@7b<(7*tg(WWP>4u0P+Ysy zB4l**NvPxSAmpMw%)Wi&m*)(0T05s2sq+En%f!Tc(DSY?Q0S2^YekzBtNX7*OlnBA zKqFG*C*9oL8ya(KachVSFB+3OJpsi^i0ffkd!n@ndv?@u50m@UbE#084p2^@J+(0t zoVHfIDJk@HMs?uaH-iUwmIHA(M|P-)d$h24?A)){449fvd|{8UXA;#vh6U&vdz?+y zUH02M?m&>bgzBupb4V&f-~NyhQPNjlUD! zClj5&?0t8*9$r%314v$sxMI{s%TO4}v^w2T&h_wUs?VgvPdPA^3E`k65ZH4I^FO(c zER#0+BFS?ZZYx&uxs0Lj9)WJOlcPhS2R(#`)x9u(e{z_-=Pd~D?IGVN~ zK_ifOw}mbJ&0W@dHZEP}ZF)^@?$?zn)=-j=l4LOH2m|5usy8!*?)+GCkdCJj#Mr@; zX06IV+Y4u*AxBi($9gK#*O~9{uBPryg1QQDdtd)X-;m5PsX}?}tF@=5h8l(9Usv$% z*Y?(HB*Da6&CLueGjzu4v^Z^XhX$xD(57K zfd1ffud+#KOp!*ttBY@$_AF;Zy7KzsPo2?a>A7I-9|ZR**S~d4L`)7$D-rx|6P78? zW|;V>WeIFpzHae9>iFS|oypV2Y6Y#NR!p@Zm5d z`?ug88CIul*6}2vuu>;AkZ4GIa?K9Ae|Mx($QtgO@52K;b$t6Glcj%f5l-so{&}=h z^Tv$lu@1zh5BpJYi>!I;-1XsTL1U-3;VleItOfF=#WP>iVRlO{GdTnbu&VQYEB;whME$hwm!r;$)Vbfr##Q?_h&?|+z?oKCLrp~`lH{p&pBnXNO>I~-7wnZm?mVlj0?KqaB(O1Rj6 zV+Qo3t7)H5$_|yH8eEh2=Pc0w2R{pP1f64urN~#YhL8(_(^N;TN?TKs;U^h3{{IXo4mclb;_xm2YiH0lV2~&X; zO-?IfR{?k}h;3M0YLM5tu0PHBj}S>tN+Y8%dj29X^)WrZQml@@_M`2|SyO0aJ;S|I z$^~Xi5yO6_E_!@wn0Q@&Ew>ahL^^m_YV}A&aM;=X?+MESh$WCq`2zqj zRSO%-gsHj1 zk}Yc@Gc{1Yuc%EfpX&_Pc%sZ#$AB;<^y@VWcN%b59cioO{|a`0@S^zmvWmXBgRmi7 z9(FXWMe4j&&Y4@-sXxy!kHR~G_<@)2#?>Xe{2`%#{5$_c&wtp!Ih2W&4M~c(6Z_`& zq_S|~Uk)mKDJt4g`+*oSejtSHi9^x8vlF*T?tDZKuWioZ$yd0%__nIsN|?3C65<8ZdKj>VM? zrT7z>+T4H27J_4Oe721Hd$!U3!<|ld+GxI=wjXyapD2;pz9uGOxW%7WTEZ0=K5Q61 zET$v(_i8fd#De8&Z}K`DgPxzF&t^hAFD0K}Gv?5)sk;ol6n!FCm~Q*|nd)aEZe2o? zz< z-P$C;3mEGDt{Wa0*~FCh^Y5UDP!7XAH!Gr5><^)-Y9r~p9wM%_T5N(835a6HThj7* zb8{2PU30Ikhrp-@z1h(WAz6InUR?GotK#lv;24Zf`h6*FbN1m-%Z4lYCRO;}V?0=& z@UuCez^V_2g$%uJsZl-FpF`CsWWI2ivQ#>jvA0FV1utCtb9c}`LIbWTvMswr8s z*DS~cEUEd|`@KWF5Eo+d)u%stWXQ#i3?m+c%>YNBYi6d&4>augMa-YxAD+AbvnGHqGrz9Yqt>EhQ0|w|F5N;`0s@ z;;eSndDIk+L@&=>eF-8O^(B@0(z$tZnp^I-7XzJI`KppxNgXOIJnZbSYW`bNyLi(- zb$ZzqLi|^06htF&chy}xp?vb(6w>37RQ=l*j~Kr7g4oxEQ_ns38@)Rhv$DqSFBBDY ze9bVyCT~93eHROWZdLn+HPNQ}bmCN0yg)ZY##Zf-+M|Q_eglODiZ0Q?($&Ds*>YHh zo{26_)RXuQssXN=CCjti1(|Y}rSc|8?FQ6pbiL?`KpOCU_G!PylA`pBj({=j_7;SF z)AdC9_TX0vkd7~)Sb%Gi8Gjrziv&MbZ$w4=A}`*Zm|q%O!Mg!}`02LD@=bgPR4xB% zI!BZYNa;u&@s=6%Go^nFd6`*!9;tg6HYznqma9<7Ea3$7QCLF1z4m#e?$crQcgX0* z@GF!#6prXu9))xi;rcy~@Bz3w5PnnS`7RxF2Eoq%?PhJ$J@vcuyWEicH9htF8PQjk z7G-q)+rULvmWy;KsLO+5{+T`62{(0%h2`tch4T5%N0#56x1?{k*K3RX+&H3veD5t_ ztO7x;M03|M=eWz`8Gx^SPq%Y!9P8<(_`{kz_Rif9XCfr03_|v`(s44(gJ)XNZT{SA zvYa=X7P(-?_{Vl)jwe)-L@S7C;|okRy#t&~tQ|Vg8*d{MD$)K4F>52u|DcZgj>jtl|C=l2KON*VGu1aU1f@41M%)^JGcl>yiKTI)}CZATk$R$5-i$ZHQXVn z^HJlyrP;mD`vvR|cvzaBW$dOGdi^lrml|3BHLpe>-4`9M!${!GrP{j-f451sQ>QJ| zx2sSzWM1EwY4+-mteGI^>nX{Dq%aeL9M1cATHe-G{lD-yzxzvL;db?UNs}VQ-%QDh zs29(O2;Ceda&9&7aJ$$DW%*uz&=;5uTa_ri>HMDbXLoCIV?H|7!x8S1y?ae9Fe1w3 z#m<1LEEKb8X9M_0q2}r+Vg9g4!;-{Kxo5Z!swxJBnOABL!ZhPJ$mkw^!8etL-|u$R zC?&Luo9~w&Dm@7q?1A?lt_kyvq5;izEC&2NVbbtCL;TVbospN?|laU=b@Kz~2W zU`=~JDZT#qj+GaAy)7!&&JfAIvw?sqGjYUBS|914T0MTzIYnl!5IvRn7^bPG z_GFjesx9~PWmwDH?hCX4s>Rj&dt-G zCro~B!w4-e2Ww=3?Pk-Sr_AQMm3al5ABL_OYIiLniv<^NrJ-$nIoJKH>GfBChh{=! z*GD52NxvfO4-2|})U$PPNg6pf{L$EL7#d>Yb=m5ICY=NzvC?H(y0`J-Y~!8!q353v zJnq1Jym??5R6M0@tldd*%4bwY*Awm&3Lb<2Bq~4Y=@_nLLCMew0$BVc{{nw{fBcwF z-!AJ_80?BR&y*b0gd|ZKOxW<-^lUT6>WiBCmY6adr8)G8czM06Q!`HIQ##1OFM{dC znk}~Vh=Kp|JeWQm#OC1S8kkLq8ed4%+?DX@CT)tMT)>MEa9K{RRpX=j<677dw(C~cPMu1*)`K5 zQJdJgT=F)_8OD?7>F;;&aHE=ONq!Kl;ptyp^$v~CDn;i-Im2J%3aQSkgp@-puwT(} zjv)kM4-cbq&x;K zxs|zN!Hp^RTpkOpe(VA@#!Z_zvFdK)0w#Lu!d=(#W^c2uB9G(SFU$`EG2 z>ZCEnZo3s0dJLL1u#?~x&K<^pm87LYJSdd*w^r{n+xe$#MZDxcDVWR3K0YzBOBu%! zKr>2qtNK=B#GA0Jh(^ZbA)WHB{Av#=^|S7!OImff?EUz|jg)LiPhU*g_cD=$hK-jX zT}fLve07_5w?Y5!nuEc=Nh`V=7?|m{e8`J`sz{d4^Yv|Jhg}GHAkK@IOl3L3Rll6* z@zYcFb9kddX@1b{m%RlX_L?h&MyT}jQL^rC#yE)c z$Czd^_MXIlUGZ-`{x8jt3>9gBXqr5%Bc)<%MMk+JEux+?JOhM z?)hIfZwW26K6zh35DG4{?Tg|VYp-~9=+pqR|63N^eWT=hX!vP!gX!^g( z8UG&z$3Hmv1q^8&1=;!~YX~@PD`K-#$KYL#Kk@xEnke{&(l6 zvO`g~(?rM9{I5b_AZ&BhU+@<|)%1n`<@wT>hP__Xv>xRDyXO4=Xui6SPX`AF2UZur z4OL-xR&F`G`W_Qcpgp$6ln476im|oUT{U#Z>)L_617Tp{GFm&g{lc)no#3a5Mk?mb z?H+f_0VN7MRLA_u!(dflZaD{j|F^Wrfw*<>xxJ*B@>jRhammc6juT#7p-`!RyY>Gk ze8=Bf_!rhXPAasdCKn~6UN9_YMK9)k)N6sEdOZy#j&G*D6(XOT>FBY@f3f7_B^ z?tnY*eXh)pi}=7hBv8^YxqPyDR1^x+0=RfT>+aGQ3Km^BI9rmi4c2(8MkV$*CgZP} zBpQ6d1f027Zy#ZFPorAgqNId{3WkTCPl)j&0lwOQd@y;GcXl|ioeGdWpg z-)9~9Q|ZZtOOCU7|K0*OO0l|Wb@ts>8Abnbm<>>hKwGB^5+2Bfz%1FRzbaWmC6HlZ zVY!bRCaq7IZ&2j@44A%QBl5~aqy>6_FbzH|_PaX=hr|m%FFp%(x)rYMIl8WQClu9m z_{_Ce)n({iD-iRhAu3KF#7PjD-A&Y<>NdAa((zEFxaA-ZMUySus#1V3TB3QVOBQ}3 zxXJf-*tx=N{cTS1#k8$@#U13;ak+0?m<{lkI8~e1i1psrCR11fD2!Lv-%mAY$mG05 z>%8T#t_!(bhQCqv`<;H!uvKx0f<3Ax4bkbGn{iprT_2rqhn@gy3dX|PJmTQ4SQcVJ zR3EGVL9cQaB8X)|+`c+0x8pi*VxWOJq&(b`_Yse5|%nA-twlw@<{;Bz}t= zx8o%vJkj}HiralYRPlGvj92%83r`&eF5YyHh)$IX=H=@RuWM!2xa2>_`s#!-Xp+`i z9>8p|UvLTauzxQG1t!H^Si6j^^)3B#iCCZ9-qqKTj(0mwNmf9JqVCq1^EV;-`S*5^%9; zh@VF1V0r=N-TX+~m}CG5(r~Bv7+-8OcMM?w?#3u(;!k^jOlHKiI*A0&3vCQY7N;q# z3c9-UxFKz^!hl9`1JyAq;KF(q&eH?=euh%aE=k8EGilc6&^=Goa)Cl?S?uBvg<%J&CT~xM2UW9!qI2;PAi_>|%r#(&w2qpeC_@{mHk! zo(0TL;rDcM!xezp+xS35&BzKvwM2wT2-LYy=!sBvo}zS)3kPzVZ59GYlpW%>eyqJR zoA|P3wbMWk>)TzChhFKd!prI)kFYw`dYl+}C$72mq(V&7AVE6qR)uFRTHhvu?^6%9 zJLDy6+peZ32INmPwvqu{QBlKxt_W>>FZ&_|aTa=UscAj}u>Xg-Q8)d+EK(qGv{0)7 zv8frqsDxGUium45947l_W{9??{H0`W{8c^B@e95*pBWeOEbRLjc&cg8KY4mhG0Yk2 zt*M|FxrI#ep%G|&mc;~1?2<5wJS}PKQrbHlS$l7L(fV21bdQMYOZ&EHKDZ;%^?ybK+lgySTc`Gp28#K_2DQy#oZl z(lQRDw`4wPvoau%FE1byeNy9>leAWoE3i|x+>3p_;zv-mZEE0LoM4!XYf!q{Jnsk( z;Vv|@c_5-lA3u75M(2&T66rh3QaVICVy(f1%K@_h={gDJTt(yhF`$d=!1SL%$2|ZYX!c}l^)460_x^F}h5fwC#vI}zyB;nUMhT>t^Frk<4J|lM*TGKR= z8>yiOz}eiY*IohVipGsBrB%0k@6}GqFPG;rf%h{J8MEFQemJ!<_5`G+W4P?B zF^z~ZJ;O8~!maIl?$6W0AH#d#@Hud%g}XPQ-qDyods!RuDu=_g^rprJ`PGl@AR~fX z(lJ?RhA__+P#j_blP3j;{((@8#QJcNEO`^NA;}?bE8a1yAz6_mg0&b;<1g>0Yp^al zpd>D^P}sWkhtFOY;svzI9Xfv^Y=;|9n+L*oz7(g(ugG6frOR^;+j(-%DL5O0I?7sx z8ad%|#hZ_EjsqJ9YNNMM{eOc`&$qAz&H4ZoZukQzZWCQoqrt5%kpn z2(9(&zdx$D{2k#h$b7!A{;?o2&xaj1N8M=<4PNxAAe8*8F`W;cw59-u4k;E}irX z;Na$xzp(r+7!6Bygcc%hjS-h#7We|O&*-elgU7lfM#N8FR$iM8E+W>hlz8VK^+-86 zdktCX`}mC+_M`p~I(}x@t-DP($WlZhxeQegYk(U7CUhgl66{N#WS1(eq3Danvj1Mu z6aIujzwB93P!AEG&}&zT|4mD3HXr@Cnp`EWAx5G<;_hn!l=eNZgYH}?G-1Qu{idpb0>ks!@v4|V2^vg*G%OSSUMw7;(T@upi@h-WC-+352 z5#jBBi$u?w5ezo;6rwi*j>cbNx-$-h5OTmA9|{8XC_{}2zm{~zS@C&d z-3YKUe#FaV4Z3gG)Z)7xs0mDIj1!i^A;anIx zFM%AL82e*F8_s-|eugFCC;&DlQqoRFB&~gci}CJEi0ehK$iqd~6m*1c?v#I}i`r`Y zsc%Q*VXRo%ABx4YW`27tt`06rI)w%4sP@fq>-=0)lqb4t3xKhV7MB|0s5zAyut7Q9+zMz~T=V3_};eL|?N)RWN%*xOzZ^)i0{f^5N zt|llJEwO=%#zybW?~O~wjvh0WIi5ki`|1eOU(z3|M4(&MLw_OZn*@JR?uZ+XZKR$e zRq!iDLm328%_HZ*_z|uwD7l4>Qz}`a@UhVS1NQQ#YZYnO+%HWcx#FhZ1cU@&euu|N zVOF8b0+}(B85Je9xnG-Cd3=NKEqc?pb06kFmni}Vg9D<{)~L%~EP}+X$5X3QCy}t# zVH&aJBCkGirr(2>BRds}?W_OBH9jQ}BJ>y2kn?d6hLf>MRcdHi)UFKiI5ohq9N`Tq z7D~gCqrzBrsWc@TGYdfd=&Ma4mY2>j{HpfqwrJ_mYW^_53Yc6crnKjNxctwl%#42yd5=0B(OG#JpNiQSt5%vg?Qjv> z-9O?}B=IXmO8Q1XQB$2^o#owQEt>%TqPXI+;`{|2oR31vpZ<+(#Wh|F!u*fRmhIo^ ze*rUWzc)m$TLy~8eur2(4CgxFEaX;I;zToAX`&^4;40kdBhe0ExJFiToy$AS6n!`u z4F&i1V6^+@!9c6m7lv#47aTH+f$($jZo0K~BSq+r$kaanKA!w7FC`V8nbqe&Ab7dy zWHU4kwC;0$mIdz*ThE#Qu%<&=Oon{FIEZXYE}P*1(*P5>>DYU2>;a2V^SAMScqU;=S9G z4r&liFbzn4KXE z!}Tj=4_Y5xFHT49K%aHWeC-q^2p@xP>2!>%YRugmv)pKY0A;CxP9}cf@a=*cUi?P-j4uI3BwLUq)6p6-|(>4lP zZOckdwXoPvQ+&Q2{Kf$muE>?CU+vF(FGo73=1N7#wXyO2cY_}R4_V_6%dh3&Eu9qO z=RxtsR!&%YoK&)tb4hm~^4e?FRDs(Y(ft-8$x6gTMb4b2Ey%Go$!+xu>#r1UvHESP zb{m4XdsPB(G)E%Rt;^<~NZAa22hzsNwC%(4KCY>>E#N2*iJ+-!fQFrSNX-=;bA9dc=Q(hP#tdju)y3$SXdJ);C5?AfM zx%=k1ES^No8g=*ewM4$na{V><`7#N}2$~negJIO|$CD`lQYy>UUN+ydL8QAv83Cr& z^sVWchlSH^P2P8+5Bvl3Alk-rgWnGGx z>!Zv6idDs1ERb9MV~N}ec=zE&%`0632CGSG{a7HTc}cu;@V zwb|T^>PF3-QDLmRcP{dBFPJV2mhN)(0%dc_9pAw}*&b0fLM*Z1%;s<)M+BBl-EnwQ z>Cssci*eetp;v=T3<0Zvo^#8YKEGy2&g_q3_CU6;H?F-Ka$YDkN%$dA+s04PvtX1U zh7pnW-|_3lH2qchr;J$Z*3?Zh4nz7KNcVo;C-sC9%isnMh& zr6pQ2+1FW+`{renwPTHcXPeS>yPA4_bsdrUQ~f0Vn3iJsBKooTS&T}((k*^&#$CVY z!#;&-Y3*Jd>?H{*;~-HB-O%%jL-UZ^QYT?kZ`Bag?z&T7cHRjG zR@fOon*7OK{b*v>YOmWLRvC-LzBwS0W<-8N(qOb#2K^vcbtPck=du$$VFHD1_}?D> z1V6r)EO7Vb<0VC_1B?t%&+O%ef~hA*7923IK2^sz!les&bG=>2o`7@tF{xC8J4jwb z6E%D#Lkc(Zvs+-h-d>!%U6Xuo>}}UHZnTJEM@_>bkP4kaSzPKAh4G{XlK8p#uY{Ev ze64L?WqHq)$mza*GI&`kzMS*IF*d75A?xfyT;S-fcOfG71z-u*G1!H`%FU{{h_Ao8tB7RB$3tK;vqbVQjx4i=<02_E;sqE z8}NiyXJSkJ3vA+K0nf+lyBq;w*z-=>Yd%lp>p6ZnBbh*A z_8z3mA4AavDx2&n(uFGBg!loZ+E4;}!YE5ezh~TVEd!;?TZ=fg($gHS9@ieW1o@((Oy(TJlZ8zC--yBdUR&M+5~ z5wFX5dOO;RcTHQl$d_yupX5s>OAS%nRG~8!GWh2tHYSSFIu^tB@33`C&^iNS?Qwmw zo&_gCG0X0ETcvB_59XI+7Zm9uQNXCkeJ-G`o31G`5V3BFnV0c~uEk#W^Wg4^Y80Zh z?%-kbq{U&UrEV0V2*DKwg}2FdhgIL$-UHr$zxG1bWQQI2G43sfyns;wB7tT=71UXv zsKf9L^XGDO^lyndD0!0K?6l)!_%!-Sg|~$LUeRB6+!c3(e8KMCZ?KA68-B7v`pMc; zid3wa*MDlge=u@}P6H3rUR%R87TmNm(V)Xg%M--RyP!9&` zVDsanYC3nw3W2&nHc!j^6&+Nth<%nMGj)>S>J9$ri6^J7STh)-$MZz^exC+d{rqyEXY}39y&m4M?1|D3>k6TCtMP!PCyPl>W;i zryh5OTh8yo@6Vk2{0k8p+AK>my5T;+SE7x_OR4Or*NcgDJLuOzp>tY+7nHX<(3Z3B zgQE8vDyX)po#4&YFh!`HU7doA7Yn$W89u=BW#Udd1K`8;=B3M@xb+d)pP5cCTiz>X zJ)TgGo~O9EimaE5v60$Z0yN-<42;YsDg0C2w?j_F;ytz{gS^{S_W|(%x?k-S~9y670g} zmO2X@NtPrv{8W#aEt~Qv<+dTEgi?BvLOrKzPQZFfkPIdT7P$+Hv{uI%_RG2RBfC*p zncO5-C}}XEj41Q=p>rC7kfPv_Fk^OBV9j2?6hWdBh@-*C;+IDL%;#oCnzLf>mdci3 zTawmqYHMcT>5CrWo3Etm!W1b=&lZSZ(xQskkf3} z(8rEH`Q+K?D^Dm$pF7O&yr6&g+yvlxkIvt4jrR7q%?GF}fF+8spe!mdR85P}SdB0& zyxJDOneB`yT^Ox|6%n@Lzj`liPwLnW&*wOak7IWK6-98h}6<08MLZYg&@f*vY= zZSwP!l;~|ry}4{fqVW3!@%`ERzB1WkS;GhG)|xW^c7wjNV4SX-|0(`RIp)AQ?M!hjV%= z9$k01PTl%bxq)Ktk=6 zm7*i&d6*U(CxSdS%fg4bda@k#w`XN?o(O8x;8K=Dr`)Crn7LQG8{IOlRW~G8&HUzp z2>pW(x@zJ@`JH&Z#yfA8cR62^Ix%haFP`77j=b!9i|ut{fa{6D$iF2hmDF!#iS*?u z|6H-wdPw7Lm$u!(z^kZzb^F8z)t6U1nn2DFcZlOhW?KwHalB-|5P`8iuMhi;^=p(GwVq;md+>lo*$}tsnm3~Fi#nZ22M@7Fy?sMX zgf?X!$&DpTEO(f1)VXV($u@Pyr`MW>xviJ=4uFj$4+@9Ul5=a;%DLE1Eh23m$r&H) zp`_O`&XQD8N9gs*!fd%nn*IVut=0F@{19hR+5T>0X zEIVYP4vTB0t2^y;UQ%M19O9Tz>z2*J?343Cm5$LrD{BK9nrW zfatq>!h&63md2KHN(^!4Kz*yv#n%^CKOO|yzZre$E{H5ghxv1h?4>z51FVe1v_NM) z!g@|3bj!pbgT!C`!d4dpqKmanXnai51#w&02$z!%mxTHoUf2^U&71fIKFVz5XtHK6 zG?id{hljy|-yQbA7{pO78Lw6nyEawoJ{su#QiBr zr9K2W+H>YsU5h66tWqoX|4p4G-{7g|K-o$9PWM-H3QgpW%obG#OL@)zUbh}qTvNiAB;_c1_gvCd_Gp}P&BRb(; z#O(|BuX`Ya7FeOTQ=*3npnX5iIfM|OGH7D-rIHkd_H0{mY!of7<%2agl}TwS>aE)N z?or=a$wl7y*ha8P8K+uik+k-VO<>sZr&%@S(yMK^G~8UVZO^odW;^(Et+Ze)M3q`6 zBm6VrtU%kQ%AQcJeM6Jwhclic=SbEDsPN%ZfW?o`QO8j1$sD=$?F@#-@X?4#Ha5E4 zgM$Nqu<8fkqa!7;OC&)9RZa9hJH4VT0=$g<`0vedVbZ1Zn*=!iEI&LQZFFy@-BFEn zgJv2`)eyg11ZoHzlB7FNh5*+xwg}Qw?D|~T9|`}5O(7I^^Cff@w97>p| z2ihwx992+fAqTg#O4v`Kw|i`UAg0f#p`O?Z2;DA?CaqF?ba7e<0vu-K15%OU1&sUT zhN2dXW6S8i=vRm>6uch4R?p0?h2|F`2C=yI=uJTE`27DTf6Q4QXnd>)obc=8l{-w>Go8=kX>({8kb@=4^2-i&8aEXjbd-tq%rBbyj4nl|_f2QM5cu z>mSWxpqdCmv%HB79)TO%{_jhon3X}U-I^Y7Nt$wM>eN)9%I!8{s{L+v04`p%#y1o* zt3f9SX8Ll?NsZ@Pb=`29dPHslj)XXsDGFl-X4Z_?^~1J+vldl0D^V}9GibjGq~LlC zFSKwi?|TjJcR!&>BEJ`2x0g5T#m5fd4(OfKFIky+lAZu8_lV$i{n~yFy?a0TE{ZM;Z;>>O zKz}y6xbBOGDx+|>oRR2;!XM<9f3QTmMf6jQ{mcu3C+HRMe7uf_nVg-5$2n8XFyk~7 zq-v)!<_#T@r^{4B$jst$r!q00t~NoDfv(i*q6@8EK*W%ZYd_R@dBzcn(e!&)KlR&g z%Ljf^d?9$d*=txdF0z%NsgOX)Gi#|eBI|q|w@sY0zxXoW*hLT;D}}agWT!8?SiENZ zdt1_02k{tq(N80Ei)r(6HTtl$o+eFChaC5H(FqiKc{3pt+Tr)C@oT5a0g^=vPQr?l z`u!+U*U~cOs98v|&q0?eqKk`vTog1zh z)H19NdibF@{pA|dS_qS^tYlurCv_VAK}gO$;oA)_6)Dq?Hm@Mz$jwE$Ri_0B{PI8YFwqr>-#$kvoJ}5Up&g2c3{=Wep=SUVo4%` zw=XvO6|7EzGHI$>ZhN7F&gkE66G#kqM1{K3U_r!OJ~xsNyMFwUerM&P3>`IU#ge-W zE0=LD0#2c$>7%oB1se@mO$DLktu464s6>6)mghOQYd==c+TKf-!N9@ajk(a`<|x}b z*?u2|_|^k3u@_P~d<6Ze#Wje8B2wq8Cc)A=qZP8 z;1)8wcm#=`{^7{qA(xmvCBWHusy>Q|tWABH;o^co0)}#(3a`$O0)um>0O5 zrfsyW4QC|aMS1rTcAAz1;v8%s$K<3}XGqq`QC;p@Q^RlrF_bO%kh)>Zpe@G0mB6KT zxE=!_&>ou@)*P&J-G`&28;<1q&_{}VGqYZC^ixh$wDz!w)uzA(wOexv@+214YV zKMIJnU4NM%^$s;tN8o|9hpLy zhVab%uR#0R+&?-{ssZp{@yO6D4+&)=WHVlCo_(9Uh+|k_N5=IZQ#Us^a58-#=9MiU z#&o@1o_TEy(1RW9nGh5Wx@X#AVg$36UGeQRswASF{dVL-Y%+OeQ-r2IM=4_j|p4Q)A2a8qcbbY+HO#|-1J8994)E-nOKqZ4N zXRDmK*DOTu_o!*c>}GyCa4aXR$PWkBGORMa>XzaPTS3qEnxe}D@Em%mVtHitL|&Id zN)`(Zzo0u3+s_Zv6f8o`Ov!(8c$soOdU*-_NKFL zE6gYV#X7$W3B@HZH(Exp?F)O)x6ej{WbB0e0XS}_eO-6S+YSwLDTLTDo4XETK_x~x z6MC97@~nBbltpdXw}p71$n{^kLz;_{+PuPj)(2wB?fPp8U5pB(qq2m5~|e3oS~6E+oSs8*4{``TUz6z z_pXb1vwYyQ{olbs!UX#hOcocZvGHEdr)L3z{h4bu=CZ0|>otpou>xeP$%8SoeS{2RS}9+`cvo6ltITB(-v(Ia$efGLjK&>FdXNx8ow zs|~IU=lTSJ7M3^)9X_8G+g%WzkB|631wU}ub8~@jJ^)?QJ=mzowPK&0yuTdWyo_V; zMi3Yz|DRo`onq5J^OXKeD?(XhRa0vT+tJYdo)pI^F=g&Cek-wp1dttuOaqO7Mbzwbl3XR2E$5~?1 zAxUY-Q`->MT}Fp&Ejk(z?i7hER;Cs|Gslgjdpg3>aHtfulE&vFOgu=w`Mtsk8X|M` zM(wq_eiOO7%T3&;6AgLsXq4}kwja1G@mTuT6ipv2R-#e|cf)+v_W%$y7iYsLTo4UKTgh5cEBHKQ66voHeo8;svx#+m(5k9s_UrcpjS znGy^3WF>h-I1Nvqjp59+ zB(qi5mEeKxNKF1CWN;47hu2))ioKjpdI0T5h3Hr5!)64-j_Hrh#c34=zVNIJ_Ab3j z*h>;MhDKv?kXdrC?HN(%AmkHP z1+q4Hgmn3(5$%U^}&7x@|=qnjs980U-iIW)dkTKt0X0#Bof4c z=8?tli7SmS`+)mXyCY(JQp$N~UjNA z4ZZ$M96J&GVc02x&SYYZTm)`0h@#D^RgTAHZrlAY{plPhB@x~|@G(~dM;F$v+N*gH zFFzxU@JFbH#R#6Cojg1|lIXs&UQzoQwWcX~5S#PmVqn*WeC{JhPw9E zbO9u06zB3#A44iAQ*%Zn>{l&PMQoP=BNrY7lLQk576`a_Y&BOEsio^N>_mc0>*}7z z0V`sbO8FS1Jfe$(v*4aoF~7+ z&Tp8G9ch$SFwZ`CE$h~GU)q=fiYD{DI~7k681c6o=D5bM58A$U=%u95 zVvNbNl*pD;J7>qk$7U@l7)LFj2O;*n6apbxuLf~IJ=N=V|Do}C@jeNoW|=6;af$$d zXK7d9n=3qVAdt-0o_|w3=*hG5qJw>h-Rym|_2D-ca{V<+3z+Cor2zImzN6B+0#neL zXjphUOI_}EPDT9vuQo@N?q)6Jw4JX4_x<)hH+$H>0waGLm#2$D*-_GkEK+V~eN!J@QBqYD?SM zr9=0d7(4a}%^s34wHD95UJz^02-Nc~go^2Ob`(;6wwi%^Ll7Qs3Zyjy=}#;af0%l6 zlRZ1Y>k;kgTxl8P(^dvn@3_vIL)@+R2tHd3i9AeC@$q<;95FGna=WH|fxhpF3vlq_6ZN>6w9Rogm=W1mlQB7*=&I{!&bPcNNRA z0SmJQrh+|W#r_xL3i)BeR!?5z^NC2njfG$RqSABW8qqr{JoaKFE%Jdb z9W`O6A|hQ}-Cx=qGBpF0-JE@t%;96s>T?!lXx3ecijElTrj;x3?oupH!MkEl2RAgk z^4Hs|Gp&$E@$-H&CS#il+y(AxxE)<0iUgz3T9ln+BErbBE7Y$ha)HXHkV^T=V8ogo z*=-k^KaRs$;;z_Y-xV;l>g@6(fNHv)*v z{F?~Uy~~@ou6>TlLF9b-{!9F?QR+SOp-rRBU6{=tn2Rjq!|=;wbOPC9MN>V5;GxfIk;xM@P(6G8-9jsQzrK^&h!mV^Hj8jlq4-J|UEIj62^aWB zPauleZLgh3lR=`SJZHhvKo1xgnDJ|a@6D}siyLMgr@zf!!$W7VanSVF>KT%xa-OanwoszPz!~AS=fMT>$T-NSJL3+pO&rn9+ z%`rPD{o?cAGlVlaX9T&K9WX9{IM|Vyn$jQ6S@;et!|Dw7m+Z z{=6RU*%Yl(nBcQ*N_Lio+=pmXxh}+v5w#ryO=6}9Tt_OyTH?Hrgz=qZClU!WY0{gs zdU>GB=}Zuo-qn{z^V5LcK_*-FIXq(#Kg>_I*x(?$h-5^x1chG5Th@`ED6~#XB@_bA@mW zM?}5)#L%47Jf&)wkA7Y8zVn%Iga)m7H>bubY4B7T7~cnz$4ME)jYCkb@#Zze2J{&+ z^t|OOX(+-Ts4~Y!W+Hchxo#;LQ5TXTqvDTo$VeDi0ms{-Xd?z-W`+pCi`wJgx0qA?-kojuJ!IQf5?SwK z6eUx(Y1U%bcm}0HMGq?$8O|r9Cb4vFMjeY_uU7jv{Xx62RR(3iLrl46Lb>uyE32L4 z{SH%jC&P>w-1o(ZIy{;@NC}W;N2A=!_r%9J$-N(MF%FP{&dU0UXZWR)S8ja(D-wJ(Q=)v z*(97NRyYuDo8(9?#E5;X zT18&H^0h|fr=~TQuj%vT_*{~lpB6?N$JH1m#_eRPLR)ps2Fe$W^uEEjRIg6pTWuSZ z1dQWXZdVvzUXettY{tfyO(6}m@qN%F&QvS?%N77N8w~EZ>{+>%ArlcgW>BeAq)k7U zRahK?A1{AAg3g1r4~5^TMjsuX6&mN5NM<N)i{>jvB3$!KDOX&d%F$Zo?M~Qdf%TTH9$?3}qdUd$P4%HPup4NDm7fozMotK1f%?Sj$RoQa5+y3$ zM=aW*ERd9_+gljnf1c-OYbrhLC^y|A#)t5*;U&h$Sznoi3`Y(xNB1vn45vZ)6kfr^ z1eE18e<_umpPGpAqiFX?3JV>9JKG6?_>Ea(i1CXgSj$Bky%w?A9ej7)g=Q6K?pG}X zS=Rqi%?BL}JytXyi@4QNl0z9iJ8{@TF!bA{v$7VceLx13M10`?qBQ3EG*9>hIi%WH zU!xZHL1EUE)d}hxQH>l9x54#_COVpC*!@#s`94Uxqy? zD0eyzi3$2n`3LUPuJ3+g$U&tB>J%mse4I(U-GL=H+@G5ltIdIVDs7#%-` zKB%OPx6V~>PVc2?l1YkC183lrCn*)8WRhtKFse&Fc&ecO*+Y(+$49Z11&v0&tkdbV zPLq9oCns|RZH>g03DtFmE8CTE{UTBlIL1uLh@hRvubHJvuBeca(B)iTZAPG{{men6 zJH0YY?}4cAPc;`4f^vjz~|9&l`W5+rt@1rhG^=Eo@P_-OCSWyix&}R(W1YV zLDj(?N=f8Ww6P~sDyNcc zPWAg(Rz63=t;F#_w>T}6?GuSm=e6APU`$!ydnAzP?PpFH6inb-@6-U-r&=g17mhbG z)A(atc|^;i-$)Jhq9g;+^`@w?9jE?WEQVj5x9G%;7&cAX66@4IpFoHen!d~%R-^HZ z(>I`vSFFG*B~O~=CDpTWOB2y_TFsRS<`ktfs;r{;1e4uvK+=8cPGwwW(OIxNfb0CU z$hes-6%nm!fX}7a*X7o~WYZ#v4p(PlOm+$?C5`>?$nGY*0^C%I77-n9yZBV!WUDhj z+xBlt@T)2b>4&wV<8Ge&GtF$1<-Cl!8+wu{;ySfx^&2T`XDR{Gcc@e=Y}!<8Mm;SQ zVtJ`KwGdP>0&k3RT#j@o0l2NjURsBbwu1*Q#4VcrM$($1p2QU{KcWZvt1u!MS8bf_ zWNk;`PF9UV@NX6#>B8fU)@m!*2?US9*ST06;>LG>XhU`I;_r4p>`wK_1b-w-E;uT=q_CV>dK~F*nSChiUx7mi~mgUqtRC7E+Y?B2-N&AJukvpQ{{YxqvlqGmb8x}BD zTx@(~m$rYYv=-GCV(rEPpl1rVY86h?=>RZ#+1%A%V{LC}6-2oV#m<(ZY_Av!`~Ma? zumEa|5&x0cJ^1vE%I+B|f zXyL(@(nUE%Bi_^BD*gdNq|Y9zC_=)-8mi)LJ>XSSk>DoGeHQG3lgyc*aXT7z6OnS}kAQZd6WoXz8gKxzLmO^rFA+6IzNUanFTTM4qNG|=?54gxa<0(SoNHc!y#y?ftT)v>42XGqM&aS8SJ2vm9$(?3We@NFm6OG}I z6r&1s=>d2olSa1IID0W@DV$jez@rPPPRMeMD+HsB`$l2P(1;;rTG~Hdi`ZixzI7U& zxw*I`olcZw`1~b^Ocaw5F}DP*pEuob`B9kl9U~LM@;I`l#(G$)?Z?C?af38fD|WwA zwrrd8_i!14wRMw5lO;yuU3h1L9at56S}f=|^sVWmk&@BY(1I zsk$0!ZRj^ja>%K|sH-fy;@PgQDM#|e#r3J3csm77Iw$ME&Cj4^I3p?1UD0VVK9WuL zH@`Doo;G-&IN+bOZN^SMR5wg%@J=|KiBAIe57b7(Y-mT+m^3Vl-t2I~V`0o-V@&ff z9GS)>j)SX{Fg$?v>NLXN3v(V8^5ZvLJqw~`P8%-0SMi@-VV^%9)RWWxo5o}%LBe^e zyy=4{Veu_>(~LF~+9f|FiJRZId&p9+Go*>OO{2gos6h2g1OFFMs9=l~^k6*bP`1$3CQ1dS|G zLNCG-d+YAPcCKGS#2#&=`Uj1$(5|FEIET}-5Mk~fR+Rl|d`Ay%W!k4rU6Vo|$8adY zJ^DO@cscti-*MNy7(H|SqYl1t?-}U`_%{C&c>6p2hCf(k?5lJ|I428^@~kHTsHFt# zf*Wh^A3!_F?ul5~Ck+}iAo>{6Hz)7-D^7mn%WyYxj-wCnhzoJ17BM_SONG+_4#05@ zG!!7J#E!RFT?yElS;L3uy{A859@!25vaCT!`c+*+QZ++=IFPr##8i!Y>qrv2avV3;+hEn&R2s1vSRp5@eZ4o{L3=UVtmVSLq;G)f7(q%5Lh$sZ7Rn)F1`tzXQ1+8A? z(`rsD5iyA?1(Um6mjd;mM1tcki65zB1H7H#46%&0%qa+=E#U&Q-$d16AmX&Kvh!53 z5-kwG?|{vh(P@aVCENJ{PiAjI`oI(ii^=N9sF7}!@;b7EoUami(@>_XuEcvKb+~9s ze6ovi7tUHP!^p`5R8l1a>9;2P;UWbdR?Jqb(fctB)E7lGWd==Tp+1mC$W()ww3ryh zi6I=;#1Z~Q0ten&k#9N>uzy<!citRC_ zPlQj!G;>}w*sma>Qu;dp8Kofvyv|rTC59H5sU+Kd`;`nK(95r`VGGRi<6ivrpi54= zUi}F^-_|YOSaL~Y{GC|GVVBn3Nd*$07cdR_;hQH>D|M%S z_2DQ`rT9&US zf+OFbUG$3AZKmdm=sz_V^aio?xoIyoW$HUK$Se9GS**3)&*t1w$a8mWju7ALDD7o@ zLWBTXAd?8c-y8AO+wirGzy&FgDWJ0Js;!L-x?ci+{?mSuH8<{mRDqJrvrbO*|5>~8 zAE5VM1Y`4@@sDDgN&%053yA!i^KdEu4Si>Q2iq2W%_^q0cnYT$ln&sb}6aO}zod}&;W$EDlzt7$Bk? zg-%UfKIZS=$iL03?F?36D{##di9h;p(d2)9Hs(UmsTCw*6+-I<{M%dj&m%5tNYEg= z{TRy$j~K&oky@uRB;Hhq zXPCfEVf;=8&nqgfxrQuYm|kK`Tp{Q<~yF+B2@OwGk;)C!sj~R3$I@=!6VWfL((^GJ{a58!8Q-KhZ(k%N$;b9 zt@{@5!!Ruj89!L!w@;c%pbceaSlK^hpKpDphHyA<1+2F7l6!xRmeP?q6F0S*8pr!t$Ob|5 z;K;>1fXxUPovpKa9mCtkyMby=N?U4YsL6Gj*WPd^0#nndno-9$ADx{L-HGCn}0T zX`CVHmo^`PIh0=?Q_JuaDKx7%#l?|qKeF;jt9kJ7Z2suB)X{pg@+n!QQ1STF<7!H_ zakB{iv7U88+^8(1I2sMJYszYt9G!pTJB|^5Ipx%52UB?~Z^RCp^P_rXxzVlghZ&^`?3@2vo?}KNS0! zu9Lda$sVA`%0t=KiZb-5w!=azu+bdR%7Dn^4y(n*-C)5>YY5e?FXpHh~zwjVeS9mzo~glN$yhG z+KBW?Eo=LF4r+}5aN8l0W%-9xg|iwEC*}6Bot^G{y_2BTiGVyU4r?IUyuxI3V~O)H z38+e*lT>~wRdnhg{d>zj+g4Lm4IWMY3Tgem6gg6>0#Nn zU}-)*w)l|t?|^Hb!>|3W&&`EUp71}P9RJ^TU83ss_c2pS!isZC!26sFmEM_kqKJ2A z>CFx^7c~oSHV92Ki@*b?op~rc_xu7p>|ruLfZ3*(u;R}b-4RxuNc>-PpB}w~fREjm z>H)X+FzGXK!W*^l#(T%nVNaZb&MSeXoZq<&`55UCCep9AvpbcngNRU8LtrEgVS(D^ zK-SyMtc@40g4Y`$__f8_(xPmZKL%K7u@(|Iruy+84}t6!=<&}kS6MMg1SG>+?xgsSYd!7u$$X$wDt6)9IY=D1yEH@J z;Su~Lu7DQ+ZM6AM&zD@_t){#@@D{u^a5rOiYeC_K*|PBsw@}S>b3!~Qv9SAh^t*&K z)y^5)==WW42;%whUDqT9cO!3~ZW7dZ$|puz7o!HMQm12~VXHpc(3ABHV)mQhiEA*wUC)_W=*X&OHQ3`@IX!{Mfn~Wl!AY}X_mWFAuT~HgbX*GdX0ukpQ zj))kcnOR$Dll?n1tu7`}DXX1^k3m=$R=m?=)qx(UsO=Vq_9NBrtObk~67iPVMZp-$ z7=@`}K<5})g|+u0o@FT4@BDUmY0Yh&V5JT|Ak`|Ko!iJNTcCLr*p&6m#a?d3sZ2@! zdRm58*2GOL_%d)91p!c>LbS}@2$ivn$^@CRG)ZN2FX01nOA&O-_XPZ#VE2Va_qddi zy13xV{ty((>ZQKL6f(>gnZ*xutYWX1vQXqsTzKI3yB$`K2V%qmf4D*@PLR&?8i3xX zDNBt#RSWp&)bbBwxeYABcqr2J!{10n9h-el8@1aMg4+2pD_loWLSEW2J+ z+o_zN3-aY?Q>`#&jY9cvGj|MZ`P<*EAmMJ$YBxAp0WLheaL&Y{-&yBZm2r)Q0#HDB zJQ;cxbO7xkX|Euj?S95OmNgrOuY={=TR%~1+b|G?I8pCjKZU->fm)jSXK@7$h&e-+ z(M2*9bOEu9&P-9J77H~U5n$#RE>BLxE+ zUK&P1f4&k1Sp1jM+(#XD_;gG3|1xhE31px=@mOlztX~60pTfivQycH;7*^92O30Vg z`Qm28o#9^g*Y6EJV<-7mr}HGv++*c{Iv7B5*p^sU2OA^embzqZ%<4M|+_h41Mj@vl z^_x$8A5jbOV-dSZkYOdMwEJ-I!$G^FOVcf8GO{Mjv5^x-$*_pyeIsWkvBLX@n5=|S z-|0wi9deRZ^gdbA(i-6dS}9qz(7yeEOInNSPfXF_EGmw8c`AE&ev45M zSc>7C{(G~m^GbnDn`d`OqX#9k&WXqCrgTa2Jvd~*K2dr(jKpCBgyCH`);Ih_!}25k za?ME3jb;{0C3+fufX0*Zhm~yL=AT_drHIMgBvmw9X!1pEoHAz_D-on2I)Q~QQU?L_*ZNR~>kuXKwoaSQ ziTXu97(i}qb&Kr7e;4U4(AD?uRy*nu2EleD;D{c3AuL z@_y(Vcit7=_*?hIw(PHql{XMowS6TNhg1l2GMOSjQjS)UKO3_Kve z%fa=5?(9`%ZV9^KU5e*{JxjOs?fbUpKO(ENR|EZnuAHBhI0>sSM|LHG$#WiHK4NRA zeB5Ur%o1)<5 z+le0*u|9}%KLXCtwIY{qUtFqv7`_}!mG6oAChg%rhamYZZ2d4QNJ?7&2GhDPODQ&= za5Lt_!~1*Rsk|B7z2Pj|+KfAbZqj>Pd8{!{0vpMQ#lMyrrjSFj5Kw^#XWa?BMPMPh z_j>CpcR!8hMga`+>iBNIP>{C1BJW)>F0AMlvl9i%k~bd&qT*Z=6vFSQhbQuLTw z<3+!GId*|i)w)&CE$(PQ7%6+SuK6+4$t(EQ(%W3szk*>&+TM@T%30!Igr%Amkv{v*i|?LQ~R6 z0Y&m7`(@3A>Ck076hl@gA6~f+*27kkIJJdj4MjzrE3JNOw*k1cWL8#j%v4tO_OuonnR0tt78E37)@5*yS4{PimGm_Ku~QXBd{KmGNKMt-l98hi!R@=$1wDO8*aR~iSku^-yBi(8bRb~Rl+Hq{ zV3L@y3Me6+Gx`0jhH^u*X2kjNC$&c4u8yWg8WBWOx2o)2jL4ziDFy_Vl7vH6#MiDp z$xrC1Fb}_6ISE?=I2UE-$k}J`-%UD^h%Rj%qnx{_)S0M0{+P4xuus}F>rnbgkk-!> z7_1`ZvhNlUAPZX}5p&R<2>me*N$kXxfSJlzo(aR3ruewgyD}dKQ!F`7=$+6*7XXxr zh>5-<*kxCh%o&dPG5{x_tcw|dbp8g28jfn0Bf~)rWZdqnNtLX?u!yEZ1nDnqX+d0~ z)=6@nBH!JahknOJ{Mmm&`@8LvERToeRe>!)YNXn4UdJQ!kLS-($}p6`E|WHwMx?!3 zz^}D_;v_&ZCNvMkcIjsL$1JJWllHI0&)sZO&pb5QMGv0%%be{^Ym-7a>!d78;OBC4 zm<9e-%D&@2MRxfdxCxpui-5B$siQL%ad*1Ar#~RdPo|k2`>lf;mcs{m7KuqA5@(lQNXfc1^D<-J+vDf=O6BkuWzJk)WvT2XdXE(*V&0dy9 z3Tl#NT@8P|pJ97?_#A$Bd!0_SoLUc5j1Z718P4gBit0Nf(*E%)QId9{1 zPCq8@*QlmS5`4f}-|fpr&7CM=_W~O*TgidFQif;3l&9-`44;zJBa^S$?3U`&X;KF` zPP`|fhrDLcSC{Xi+QHu^0?|vE-0)T}?92E-kAhKLcDjei#ac&$ppH`cg8KH)Pu|=9 zJprUW*VnFsv1?ohe>G^%Q!1dJWzDmbbO*kZ5%h}Kvsf9Hy_>wD$wok!*7d{dsAhjr z2!wpw@)7WDdFM!m@8@q@GAO9DjOdt+gD#4LUf~J>pMFZ*Viz7B8CY)`%|J3_9(TDa zdhM(<6OODzfyb1q8Pnb_Bj}XsCq|TaQX}iWUI^G78+2LB8&q?OMA4sAq?-4(Y^5%U!IX z()=U2GSlVLSmYVSsW@Jp@+WDu9Fs#!Wif9(#_Y*s%0;E1GTTAkObcdKdbc|}9o>(D zjg=HX?OP^TEhZvm_>T%nMJ$4&8coTzHNn^RXj1X}cWk)mc_-a%?Blm(TKI&*=NawfSMUb_BM#$n3r)LjGfe|-`1>Q^4cSBP>anI^1 zK_qwg^5BzqP+Mz7z=LP`@sXX}+?hP&dZQSx4I9JTee_ z@rJAOrK4vP{hTMkKHNYdK;3gbzwcQ1c59=cNHq8Gyg%&s;x}CZ?-Eovomt-yJv$(9 z?#RdD@v<7AX=8M(4fluI(Bu6%J z5W&kupg0#w2<{GmPdc-Q)JEKpuQ4opLoNRSME>nKF1cBj+G4dANu(Pgvg2G0H2j!! zcHuko%=1yL;NW@u{dYGyb&j>eHNuH=WZxovatp*Pa&K;VDkea;-jhtrJpsLFzB9yk zbK3F{d$%gm{RaG3zgVoLa;z(Kg5(TqIn>jn!0K+7yk*X1e4Y&}Ei)S)oeSXx_9%9m z!4Jyz`|(y<6?*Z*A9R#s*y+SyI<`Zy%M_7u(u9K{z?p1RwCkie<>B4tn^<y7^c0z+CkI65X1I{>IPdvSLL>4$INQrKeF@ zC;#30iStxHkL*i`4-dD{BU)|-^NsfV!(}Xydpp8OU5}Eq8(l9H+5sT^7RYPoO$L1Z zk&9Hh4yDlYn;02`&#EzIktBZ00mcTo`!_xuGX9?Gw-{sUaYKDSa@GBvh;g9xN{c$H zQ1^ZUu4ZQ)i|1RT>qG=39vxd-EX*{&^`QBYZrcW*8@OVmhqB8#$~x1o3%b1R0L+(U z-VohpeXnTw&3aIg`U|ZKx(pOxKI_Qba>y!=7FT~k41UsoJDKiTIwy!|IG0Fi*mr#L zRbCrCW8f5@nn6KDG1zXyrQe8L4e2r6W)K#w-%ynq=XhCDDvDZIIgWw#^q`dM)KgVJ z@3dDU8QwL;FJcziVhcm5#J}3bOD-0Zu~E|H3bgY}cwf^Pni^Up9fy2viPQ7;_SSxX zluE^ONe7lnVD3d4H14YVc&qsC$ukVO6h zV`S6uIkmCBT%6p`bYs{dsGOiQ3N)}kaaNZ;eXrkOjQ&KF#zk0*MV_c=Z(qYs$841U zmQ&ICfRWDM<~TGZd!8VyGI8|x8*i^WOSg}JZ;<}K?7Bv8Q$|8_;$(duAo}3^jn0tQ zpl;ZaT;;Q~x6WYr~FdyWY{I|3O$$(EvO zJcC*b@Z(*y5wS|Dt^`k6%}mz;%IEXUFRWc&I$EZHnT9eb-1?{+dm+!iJOi4 z=$mHr%bIiUq6=Sr@Za3g{=XRdKZe(vCOFw#TcQg7hWe+$xIK?+J9qu)l|D~ro&nCz z+<66u^#MWn=Z8dQb{OwKsY|NkPLWrwDomtm5$d;1T!xgSs8$@bb=ClZJdj<>KG#%v z)3z7=>AuL?cu(B^p$;;^H4&_083$V@Vd2C4ySwLGvVyC-LiM!>dAy^dWEF-HwVDNs zMalYPsU1-N^6x13(~zC0vFEB{O(u-5*BaI#VmZAWu>0jqtJ>m#X{KwoFNhpzq#O0C zJ~)y0$b34U zodRHB-uQb)PWMN+O=Odx=vzflmg@m%U?`H(8GqS^)+P9rr{Kfv%=!d!goY~Q?O2n( zA5a2!tUhkQ(mhq0Jj!M$_^}utl2-TxSP^@?92X;dv8VLP{PlcVsXJyvhQh{w zT6u~mU7o^y+>5i1YJu?6g zq!qSYSmo$w(>K(QJbxXxr8Q#NSHj|8njbw>Z3v4J(`mt5FN4bYEUojA$t^V;laLBR zI{}1$)X`dC`UBn}joQ@n`3wxrZo(u*{CYf>PFU5~b zQ{4xP0438U&!XJauQ|VXc0bUV2YsDf0#XC_Mbk$u6(zKGMb1OlIhw?+Y#v(LdrLQKIdEBa{Ad9`QJRSf zw&kp7NN5oHNjmuEs6PbtBmS z**|t^YQxrX^<6DSUZfNeCcgAQHXLG!G~J0TU5OG)K_*H-_G5jn4}+@moe;nOsn+V+ zI#f)DE%(y2WEFf5$XbBUHHwg|e!cIPCgee6&zQQI4zr9NlyHIJV@s0ut0Gx9#iuoT zv?!*@&l|Hl9-zV~EKEugb7O8Pud--L-&`Gq5ozhbJ)MW&!fLpdmWuJRwc{!QX~_)H zQ&JDbpK$OSGKQa*-_+<_En9%3M1(Po&c0)>Sov+XXlXT$!cl%&`$a2f=*Ix{^I>9J z3?ISbvs|b5;ww@vMNRW+Hym2=@2oq#>#qiT&U}V?$_uTlO5pF7i?}Gc`0!Trch}Mn#QiYoSv?Y`30o+tWZYzGq2ZW<#K$r~3=?`7R6nvJyzN}!uQIgF z>w9-4-&7=~pHu)~UXGyCNQz}pJe`rFSS1KsmBF5fAvD0?4xxxcQ3Ez;{R+(uRx4gkx+`b{43i znHY#HvcyaJrQ@u3JK>Pq%Ah~1N}=a#AxGN00VKWt76rJaGNpW@fR}S8nY9TEbB)#$ zZ=KtP-wJS~!E-bY6L$U#%#{*#F^mOIn4!3o4N4sb35D52MTsqvrws%`;ICzutRJLi z7ei9D%ijh{avq{dX-J7+*)&P`5vceD zrw0=y9dYK|t@pB(zKcL~{AXq<*)G>=d3 zlRCFW!!@z#{u8Gj_|^g|!?>>OmOlSgbn=#il244N#yM7=K$Yy6tzO!(gLDnr1#`}c zOj<{CFpyNWDTkV@o8=#OXz!!(|4*ky5N#51dh0M$sZAnqnN+w_>CCq+vGd`rvj>r- zo^xNHdZnbZD3Jce^-WJ;H;(SxO5|!aMH^Hee#enI1nd-B)RHf2Y*)XH5Aai027aH` z9a)n2ZYe%hyg2|=y`H>s(;DM%#H%}-g`U^(&J|2QAAE!M3jP54)MnS>qBnX*4;eHX z@~O?NW2RZyUfS9>GmBigRGI$1)-dZ%qEi>3;G=0+%aS?6NMcXBCd*Rf1cftA8 zwTd?7@)+otWoI6%&^OZKg?~0tOjA6e%B;xf>Qs5jV0B_2tbrk;#Yx+EnKqR}iw`e71T@0NT2FQ@29HSfqt3>&psdf7)aS3uUJ_4E2 zqPLOkJO>laHM;B}KkbR*Q8eu#23-aNAvCm##KVNgjPJX!(1Q>8R!L`K_+R$xeYRa# z*Nat-1b{e9szJLH-S^J}3?=(0_bwau5(Z4333I4S+wDs{%S*2#aZ24HC_BqKox33=3`;&W{@& zjUyV|T69Y9PW2&sr1=fnvqlZ5%H#d99p`=Oi;=w)m%SF}l}B*z1{}+9A9+4Yl~(L( z`tz9Pz zTQJarSMyM5M060d1PH^Vh!}bouXo`{qC%bh9le;;EDk zKZNj)yY~&sY8#BZ-mI~~ny|So(E7FJZa{gY@mm$HW4I(@d0?UymCfG!vR6#&*?x(h zN%hrpeFj_B67oaR@=p!t&EDV|(IJ729jRo)@aTrdeUv4{rO~2-FB5{at>wtHsKtHJ z6@hVq^@Md{@2x{?{KQ{wYCb{6_u0+WpADLf4wTGRM7=zCGPXXC6!faUN{#lUT^GSE zBchYq2ir6dSprE_{Y{6IJHEKI^cNCcH3t@v;{w-*-KS3b$Zs-Be+j+e&B#f-S!*S- z5Tb`aMrnK;&4TQ&?KjkTvHT9~iomX2i5yuE9p-)n7Y6&GB#~FiS4)Rc91Wzr#3hvB z#&e;ZWZ;AQt(-R#DxBt3+Ctw}l9pFaZWjjoB8dkbk|gr2aFpp$x(UEX*pFHR=8eDh z7Gp06$W0ZtC4CnsgQp(~SEM>Wt&s_ZFVJZJ^ z?z5B5@8{98-$D`DS8b2bRXOPVDn^v1T2Q3O8Dlz*!>KqY0BxOWHr2HiH|l1$W1#W{ zy3nh|ppl#NViIk~v#ThgvNpAv*ehK@KqW359?Zq}BL=e014hBfV9{>!*Hz6hqSoMx zUSm>fh&j8^nSb!zTCR2XEdnJO)d2lpe=H2&C+>|s;mo{CB)kRf?8aQbPR168zV*oO zjt+^~<<&lx27G;J1 z9Roi&gZwLHVDF-+egtNG2t`2KS~B0tMQYU5@LI)DT|u!oEM8;Kb|G0gLJ(ex_@N3d zU%<>Drk_rDSuWEA-E6g{L~APssm)s&^(t^dz^4JelG)!J$)={k+0Da^D)Z~4OkHB? zm~(#b;gJ)fuXla4=}2)!MIsb z`x!LlhghZ7i;M29E}RoPxf%0K&#d}6MOudWVSq7nzdVwXI;XC@#QL;*0N}6Bf5b$j zp|KpzbyU{N)YqMjsz|bgU$0>XGOJ*xQC(>iw9ZL(7C7DIB1lIq)11Pu1~UE zW#X7{(Rmhsgf_gR5>Hb)vzN1+Rpqpmb=DSU!_ieIOnb>LR)n!!9uJTN{3%DEo|H*L z38;2NIEt;&(3p-e6*Td-71NXbrFk=nL{f7E|8pOl^wR=Jl7=GM+}x&zP^_w*)ChsN z6qUWB#aRky=rdp7q-r;M3P(?BVPw)S=49S zFZX6?XC2=OI@A}oY?`mvD7KdVTQ)0*O^^i^(`G7@c0REZD(`eY5#C*d7Ki@tP{RLw z2N6cnbUEJ82i*5hVxoW9TKuUJ$!ku)mDAzr>FI=dCnx6r?d2MvI$#O~1&>SQbM*hi z*jon0)pc*5A-KD{yGw9)w*bLC5ZoIY3GNQT-QC^Yg1fuB6Lk8Xf7QIt`_9ar=L1zu zLv`)5_wIG}xz=x83xIKT{@)I?8<7SjUzvs^QI-@f)VBM;DgG}y=YObfg2kUjJUWO( zXZUEOU*B0!9?0FkO|LEa#eu9X8&|fo`F8!zFQYH^+x{}u|BsH~iwYJyZhm{Q*+u+u zf26~$H}jkA|CphF`_*0y24WqhVo$R6zh0&4ZU_(t>?HkPE-L8X)?)r)jY-=g@yGxB zg@v_?`hPC+uP=P@RY9Qj7t;DOM(2~7xEMprldz;)pV#x>EabKX@me}=lq=;D<>BJe@jXJ zW5%AcVdP~2KnXHsb2PjLG~PrEIM}z3FIU?IjX?kYn2~+uSpiEk+*f4s7xZa>GavTVXt8=wGy-M1(uUhA|oIK(EO`*v@fUC z0+RbNjaA<}qh;>%0a_m5_uD`W-q%_N7Dlit8W^+^4A}zXr&~p^MEMB(*IiHT#|i3x zPZD}wL5Opujko!Hc)u>@*=;+^u($UZO);%UbgfC0+1p@WRS6Vb-F7H^DUZ<10V9jQ zo;r}wY9RR>DhVlhTdvnpTuIYA9WSxePz5#boRo?GpjdSo1T>QLxFGX<)J&@uH{YrzO_Y zPZ&TSTD7MPQzNrdUl0f3dIRK8=5plWCf#6XB{IzCO{#wlTHVl+hBv+D+U|6!$0)X3 zWDEHsA+nx*#z)3+)gG%{AV+-st7(@KtyqGnJ85)dDWZ|-VVy>pCY#?wZ}fLlbbyS< zH5aamTx_{)^)V96@JbJf4vVSCmGA+;#pLAntG)h@>LQCj}}dG<@> zpy>(*Ym1FZCNtIk{yRvXexYWZ=5BWm{ynzH>uhF%XvG(_n-YQ~zB+7|7u(1EMG%78P5%w;bGzNoL;#%Y+1 z_*Q#HVDni2^p?e&)Eea74wz28xCU%|A{>p`fJzM zj8*z4IwR(|MLy7eljgDK{4dnKZy8Fm?#vnr?D|Su^=*#n?^C`&p$>bLP4@fu23)Ra!`i+L1Wyl-VyYQ*--4 zv-G}-RiZF@a-xi|xnz@Kw%E@v1QvDN(@JS%(F|Aj=g|za#>aYYyX0REw>H#i`4?={ zdEcorH{4L6!x=1yn2t{n;YBn&ps*xpP>h74r8bX6qP@xmI;~^^f!S|CoX*6xHD|ls z+0aO7=p9(l&uidU8GN1*^`xWaL5ggjlIEjMD#4EYIbjx%FAGli+{WV}4;+~flp*+TOM4C&4&gP2rxRBTU^pds}raorEY`X*cBix@} z-84wRy=c6z71~{kG3?x;kSoBF&=)S4IMkqk{pw`#V#IiGaIjBIoEP>vO?_duazbaC zA*#$3EJ^fU zozVTfmH_~gGR0h1o)@^HZ10i9O!bJVJ+;8T_G>#?7mHM+xC5rky956%v*ze#=vSP+ zrprij{T;XAy?lg>4}L)M+*r_->(cbv52-Hu4_^m4HxmS8k&x8E@>wLg@65ckI#lW8 z{d@Dg@=?JoVZpyaOvs6^D!~cSW++h+IG5Zb$ks#j%Wc-TEdlHp_{(@G!U#v^^acIr z^xQ`&&8?#TGp=cTK4SbYRXrxeQNcx%Q5QjY?R8aPUtK9}|4cG!h1jNhpYgm#HX$bK z0Xp&iJ%G57vPi*Rq67?38xK6ouQl;N%JoK0jRw?{Y&r5xuV{qsRuT5c+i7lFoIf?R z=$r6jRqFb7c{&O9!ar`6`IPkXC~@1iWN7@@Obr5YXK`qS3#Duc9S(3GZ_cD}>;Cm( zB_CH%)2IDaeUn|Ca81kz{-qUI6~K>B=uBHN_ru?=M-Qs*ZvCcPl?r25H7=G~u{39a zCqk_rsrIkkxa~J*mS^QQ{@-axXmOWCdSB*VJRO-LM47dLnZ_ ?$?F*bABN*=vkFuy@uF_ zcgio-7CS(|)MR1vB8?jrpCQe)x+w{3t77OQ#77818EL~UfU;ocf!UjIa~K>UEHsI( zZ>(!Ayh{KGCRKGsw-IAcv3Ib2>&7tD=nj<(Vm+zekferl!U(8__EsXTuF9BA$*Y+! zUZ+&oT%2yI{e`IDT?zV_4d_G+4FHsMB(D1)3Uuk7TkuVFXnw%-m4B_lXqwXGrlm-6 zCo(ANniXVR%@_Zo>~n|H`3w@s$UhwpFI^X0^j(cy`d}bevIu*>!{|TvjXmixPANHk z3P^6R6=UW}P;zWu0aysSVZ3Cyd+PGb^CdrtV*#Qe*fbaiypY%Zl!{vH%`cf=?^@sp zXk31OvuY3N&6W7}G2Ob`e8hK_S_ zp8Qu+=AL%IOy=c^T+9vfV0AJnaV<73+b(P&fCcWmO~E@Fis-Cp_4da2(`b@i54GlC zB$XBzr~34_;r3mw*Ax1dVFk3Argt$0BvDy?v>imeqx11%dLB8MYc6dOzCP0?L5xzD z$1UoQPC|n&a`@Z4x!skL#USJPR?eq~N1}do;wZ_W0J~5G6qecGqM*~zu$PjF!E_S`dE-=IYWZJ zo%Zd7FQ797L8(tl$VsTv(+bHJHlr0*zXoGNqG^XcYdwlsupUQe#?Q-()p3Zf04X#y zrTKPyehI5Y>V)!QujBQ*-5{Lx`<32P7jsqLIS&*>eBUtZfjzVL+aLOYJuL%IXG{5? z{$0#i)?EYG@xET9@p9Aydy@v%S?=<9KC(2cm@)D#ttvtD6U=rp{<`F*K%)WZi30JZ!D6;1XYuxEsj@mRy!MXgI-b8|X`65uqO#DYa9;qa?>|}jz&WP-3 z2BmuI>Q5K9@}5=18zlPEfC|p@&T*IAMg`usa74 z+)IvVahmP8K)#smvIcLb9ct6`d#DhDZgs;Itg2J=vHIgP51iL@puP#sj_7@eYAfqr zeQtHTo35pOl{%ukI2KW-59EawPM~QE{K5(wLH^fMW*u@J}7_aX+Sj` zVuowINAOm|V@_EmUa%6@%kMBe0T%NVn(YhW@tSzRX`~6@N7ok5!;)Jq#?aV`@~jkP zPcZg4u*9@AV^mvHm!a1e-TC4Vm#zi4s+t&y81`uN*SzdvL_{^`LS=p8gkSnnWv!Rm zNnvJGE0c}e1g@9a-pPB}67`|7)yOSV8Vf%qOCQhaZ56#xvoNB^<;YQ&up3960DqRz zVa~$qX($Ks;mN&7`}0*z22XS}LDa1fai+WcAl3Js%INZLy%eed?l;yyp9l7$U|Ca8 zOZ=B9aEaqZ=fS+nnW@+j)S)_aQ0>mDs0DJW--k)HEUOJ|m>i80W9m7x_ta?>wT}pL zm++(we61m`|-BAdmr+EVw+J#8dcn^53VQDI_RDcp0d1}KS(Yhe$8 zNTfyO`Sa&#B^V9WE^lUEDth;rkosy=M`B5-%BQs$cV561fyP4Us9IWF0+-Z^LCT~J z(hSR^pgX{=9kmC98zwhE@jViCvnN=rJ2fLn(HEz?RDtoNKm|xigW5#j^I)L%Hunqh zSa8_dj@0U8w!30jJs{6vNAOQR2aE&ETM#rBP8Ud!V9?C8kpY=U=DO@{U;+`9V zo)cG876QUrZ8@g(8#oJWEE?OU4;^~e=fiquw9~IszD;dZNxs{RsB^4_%`9&8MClD( z^@rkZZb}gyf}nT&m@}-4{@oKPpdR7`_RA!n-eUAZ4vKXL?XQ_Sz2av1ULA&lw@P%Z zU39nczVU0aJ58+J61|t}-b#3Y(_BtG0aVUn8VZ(?p9mX_iXJUeBZ8suPaK&$rf|GP zY^8JFh{I!EUoTc4{c4u)5GG!vc{qqg`LnrJQ6mFm*t>FW{p5{JL_<-TR|9)v81cQy zAakm#5E^m$h>>M^fWcr+u^3V)6=*BZS9n>RX5k=vVIY@+PLQ7y{e6Or=~#%E=A7lj zf^iYd1QQ`QyuemY1?hsQ#0n%y!d#u~ITE)r#4x$PE`DjfA8ebYQ3Q1HO}x_mZ*s=} zOZd2K=uS`IxMX1J$<&j&@~Oh!wXi}y1Mfs&5KowC1Uc~R6ufb-ulYxbKw`jQijIrY z-oRq$Ypb5r>1tgPCDlDeuAdW+%ngEat7cBw7s6n0eC4|Y0j|+} zOxq;#NXbWr9MVCA0qJcxVF4KVl1C^!OMauhbx+&u^W0VrVoNz5`OH!Lb=Yn2e9D|S zie*!lUp<&A;)p9B&I@w)LD}mxF0&c9D-uBI#P0bQ6160Z>T<`D z!sk_ST5n9oAN-5x_NB2qouZvtiOf`{ZAu3CLv7-5COB#0v@_)Uqi%OpAGu{m?5vHw za$G|q+Yq@~)tgT&skEthvJ67O>kmH3=p`0y0mTH3X{o_jdwzuQ0jIRS zMzeVwU-PxW*&JO}++nR0st==@bH(IXG{;gM%{dHD-ib2RZLPIv>oTM+VQZeg+VU$Q zwQyjBvmvmYm|56eN`8}Ar!;snl|VnSNbD3<+J9h2iP7mQW*%}j1AWcv0^ZnTe?PYv%Q$48JBpL1V5|4}+lCa||Jg@6cdp2tm3 z{X(M-38kukSEyOOe0KVEg#@eA|EzN{n78SJ!~DLfd38eEc>p|n>PtGlMiFeFA%GpF zUz?lyq-(1^eX=UdeRVY>xOnFif06(nxk zE_i+ahD})enAcSjK5B*BBSv33P|puUqv3S4p91GQFXI*DVb<+AefeV4b7mHe%LhZh z=8uAH^z#?n$H|d%dF!K5JI5L{C@|d(XqboF&1}DhM)^X^wPjzSz*#!^UfakBPs(INVq~qdyW^T3Y^A# z_7gSg6@eQ=CaKsfU6ewXg^(-IJ!N4FZCU6&nz$+e=PWo35cF?2!d zR;>IoL7IS`BtnWF3w}PNP;jreo75cLg_#sQk+YOCkAJ5ex57owN*k}z4$Hdi6PTR; z(yVXdsA2iX_}|0v|NNC0;QLJh0JNkmTf~Sov(nt@sR*wj6+={#BS#|a3R$l=X!vl* zBr2f!;gs#>${s$KVyn%%?pqi|I`yzV1$ByoiWy}1Jce<+CgFCSH5zuolEqZ#_ogY+;gE(>g#hLee7|r%M;fbV+oRIYdX|X(2e<6i2 zSfU~}+Rs@&hNFgMFCa>|I9f4n4r8LCc`oN<%<&vce=wOmjTxx71hv4W$MUvE%nz%@ zhWlunQ<7q*hR0#^~}`ae9|FRgksDChkFf z{GS~LknM@|z9R&_KPq}<@Hgf_T@UgOJAJqGHIlz1BAUy)%L^O)Eb?|JoLKH;aknfa zfa{R_PVL}WKtl!loTwJmoCMq1-y(+qs9^gmW5N}n%}+XlgJy)aCX8&|bB<`iyJgz# zb#f4di)y7&M8ZV{2s``{gNGUVve2(W#tE~&-ch|wFzXrFB4iU1*YNcmOY3Dlf#hqi zA<6>A!gX~)Pgl5kKFfmFeoz-hiv!l>WqOL%NRV6neJ!i|;my+6 zP`)HA&sU+4g0{j~UXS5>-h8{wur##@>GWg8PqXJ}g3*wIpFY>{qyV1qL57o^ zdSO@X)GtSECUdeL-|ededQ@hyaIhBGw+A|Yz>uh?vjdHBP}XrE(MUM9;n**J>qsmS zJoV_l;4~F&*NRi$?@E1gp*~6?h^4?Y3)VqWmp@RiuO@QUj0%BQ+opxprOR^h$Yg3x z_MlwG)d(Nf&jTn!YbzH%%8yltS7T<%&HA($@owu)gV^zouoWjnQ6szGOTAc2es@@MP>~mfjEt*@#ha)WA8)L{ z!&f{tLE@tPP#kQG+{?*(Df$Q>{oU6Xy%9xh7b)^9Wyc%z#VKS(ENr-`e2RsVaC+MN3#L2?tM*x4NiT z%`ju!yG{WZ3MNVv@@_G)CIXNmg}u2bsfz%nK?sJ!^U?uZVXoQ-HCp+~+{WPehV@||pqqcism!!)=XCwbNz}5xZ z6;sosXXVduXaQ!^x_59q7O&KB9Tc~P4I;Ng?t2*0*I;=2oDH-s;VLXN1e;>m<7@N$ zAWI{-X;L~StQ5;$FN!}GW|)*&i_Gv+?Y{$qz!PbTlCWDvrR$NV>Aq7_dYkOXv!q0X zAW_nTKHH^uk}R4??y$(%%$shZ97g2h*dvUbZ-oky9Me}*rBEO&ZrmJ`Y(!nGkd##2 zHFL*=qOmr&9>$>|Cl>1n9-Ss26m4+IVy)fuH5$pAk(!@c70jnrTSjL9HS;m4* zf+j9#mtE|zH)d!*T*j!NZGI&>#zOm?*jCa}i)BYNamw6XpypRdf5~U>tY|DDZc5y&j;!zLY2Ue@5qg{e{JrLVU1*-YU z1F6K0VWAdMi2C%kePS&?NU2B@MU=dftU*A&5d#%FRljL@F{m>fQe?EuwjjS4OW_bX zDH%p6FJ>Ury>BRiYJ9cxAO3QkxS#Vq^_$J(MIc*Ba9PE~sPGYbJ{n8wL6WI$>kLT5 zH*|30kR4z1c8Gp|?IQosXI2&>w%!t6-y#zZqRJhCD3EjMWu>q*+s&G*zpWf`B6@1-@2mTVW+2n%c9X zC5)8h4_=MKN&Jqa#BZ>}b0OK*cESUH*v_g75}Om&Fx@RKPrUi?pzlJa!%*dA{GR48 z%5_uNU)KP8l5{!FuDP}KIFmvTSo(I3*@2F6ox8l!fEU8@V$1uf%rz01XgJ?#jL}VDl)kT<6kD7V;eZHBn{(c^KQ8^-We0#&Nc>#5qE9kTdGQ_O+ z238{Z7-2!POHz^9uMC7a($bTCi{8%EMEPBISo-WjsAC}0X9jiT+zrI=qEm?eBTomy z)YVomR@z+Cy5Z%(C{oUI9mb+$b#iXM3m&0(Dg&4r;gRPx77A(IBdfB$&J3yQ-E%a8 zypy}U)3z$sZGo@yC;enJqPU!n^@o$kt5obnB)f0WL@zs_T-9*f?27sc;LYW$HqHosxJFeJW}=g z|4N82p^KO&-^9X764Ji24NJ7s@2sEQxd4b zl~vw1@GST-dOR(L)BIN8wcFL>`syGhBYa&WY6ftshQ@ zHlDx{xZk2=0-g!^HTgn1yKP1#)RDFE{paC(QOnMyG;Ihs1lNw_Tq825<{~u6fR<3I zy~QDbv`tV!z8NtFTLl1A+$#-$tw8e8`K zQ|HT35p+c%6Vu>n6+yofFx*~C>ze>+c5pF)>sz2P#uu$=9&uXp3<$|%=`N2clVedc z7uW|uABf2$=bS{6A$65t76MN5vRKi zxlEQ^B5gBxm~T<$B19h41HP48OOC%k^HY!{-vV)(m2 zLIN(17q8}~JY4e0a(A98TutgNYBfqMpAAZSl!K_AtT3OAb2t69z~Op*{_pvkasVK zh>_RF?~9q}5JH0SpVoh+z5Ak|Oaqw`(1!cSVoQibci%ezae_mN&XC^HzqtZI4ke$% zHN{CyQ!nEy58%$)rUINI7bi6c>MD8{P5w25^JEAUV$GH2_VNDqR3)|9dmLvD7(ff* z?2*nFh{CM*xk`)zOM@irKyv08oXOV@Mc}1NAt==pr9_o=gNIHWBC_u>YRb!tj;qq9 ztD`F?Bg~%fKF4xavsIOj_prpQl&z4IPllTT<8A5-B1(hymCy{FIi^FT6tzUYFg*Tb zO(<|w+iI9bHi;)5s?d@;f%!o9OU}}6w+48l+&gPh*JI=~wK16RilOh*iwHl7xIk;+ zV~4w!kbY0BezSJ|AW*eJ_lt5bBwgGJ^R$z4hMXdAxs4_UTZpIMs-n`!<} z$cYUN57XZ3NFEnvrK_VDvK9?=+8oUAN17+!v|G+y+YB%3rb|7L*E%EK3ZhZf7*psZ z72Xb!l~vbP6bgK3ubFfQ;I*$6Y@$OJ5UY+lRmEpU?X8e`U($DtXNnl(MJiOt1B^u^ z&{4HGSvUx^3UxaDy6?auBOH84|Aa?OH@Em2j>{*(eud<}r(7w>@vWOx#Uv;exswO6r8Nrw>0^b7w!_yNB z^M82%n<>8x`Z;V~=l*!P8U5jL$C%D!N%WYipGXuNYa|`cNlK;;%lY>8jL+ngn7`{1 zU#dfABYcAm)6&aky5~b5YCrQoF1WWl*F#Dm zW+I0zM_j1oDvMwfg@zgFs$~a7Qp=ec%1iioThNOte`u|Y(1eD zwkqfh?d@8(T{~X?C1Gc6qUfr7)~33JXIB8*i#HASvc+Pv&1HOe;I!I(wUB-=zu|;{ zsr`E9g^P-3`^{E@plhOybZcImgv^bQ=w-q9H}coW$}^&m6;~~tF^8QRp`ETMumMpS zRKdT50Z`-RVU?E>6#(7e5btF3_&e3qi?MXY$>?m2G7r7+*9QCvs4=2F| zCboMdGi-DcLQztC<`!0-6&Mr=kyQI{-}WEPG8i z3`7$_cb7`#&WSy@59lS%TP6IsaMsh*zM11)-vMWdEMAKXmFs z-sNiYUch5I0(<8XkYuai&UL5#4`2)4ZMz2nQ$C7~fX^9^4|!or%L>IN9@XzpTGCEb zLx~nT*C(k(+}8uXm#fhMq`7wJ^Zlg1k*doW|I}p6(@H+<3_Oh#agipSB(2KAJ8V5! zp79t&#V6_=<#-7RfcFy3s`Gv=6*1Q4h#SzDYjOp#v^Mp6uE;z&E}dh}Y61Mx>J4>J}#+xXOM9p#<X&gKjv2fAQ6lFz}! zL;o4wMMh92{ZM?)(iRwYLzt{^&vPXgD=U@T@X>4~LVaa&=9 zVLneIisMDj(lyQXnhjh(oM%y{z1;sY&?j&9XBBQtMdS8kxed9StCHSki5ceSCmH9T z9gm<`(4kqTRm<2i#HqN`Uo%^mwoZ}eNtF>8g3Tow% zu%P$x_GB|W42 z-)BTbGVh@@D!lysAr}*h>MmMS%U|B%ZzJaMtK-dMZA0S?f1(+9)81NeJ)v1|#spV{ ztJN^jgTcr7p%!6@30g}@wc%ooLPjuApZtOp#!K|ur@yT>@d9(L936BCS5*YVLMnZ!}sCp0ew1mk}*INUhV+n$tf`*NfnU#V5|)7x9lMJjLe% zSoJP<*&9dw)pj@D{YK-do@>=yA8|-}T+~pK*q*6a;iX^ z%Q*MGx;Q?h;ix5v)LS#jH}$;Y?Qf6pklS}q*UfYN4mCG`HB*02dYViPTvLS{3 z(!ZdYfZ9?yBIXLKQo$gYs*6Ru;JZ<~7zPi7k}JqDQ6+wdl-9TH^GcEV z-WrV};FLv(7Q=QCk1{1LNyq)9QgdQ=mEky(5YpzS07%&>?&U9$w?OZRefFST|cyumUC`O z2r1wKDD!vTtJZ|sC-P9~U2~Hd(s;`)nrKmyGovfMD2ry8*F!5VGx4&1I|>m4bMDwpBDyjAy(lWHS{jA;%Od!EE}Iea)xiX zc;h>A8?xh0uL<4=;vG#Z`V$1Ky%uQbVtX_Fw%0VnGTcQxy&g|yCXEwA|6^4+tco zPPqwSN=4LFjbzGWdAxCK`tYT;%nw2@%7ZM)U~Y`bHDH1 zpUBmk_|YQfIbB;m<{KW?#2&?QF%eN1wDSt}hgSjqyEo$9R%q{tRqrdP%(X>HSclYx z)H;kWlqFItB>v(AVU*vXa5&zpU0m~WYKaP*lT*g?_%35A6BM_vie!+QzT*|T!bAz% zLyh|(LKAQTuamMqz}({YU84EJf;ZT5Ytv>LV~sd`dErirGveu7;gN75$&ol|JTJfT zQ+Q_TH@%rNXENk!KfZ$`KXnEb2r`!lbsF-@p@kQXonQF1v5IDA&{3TsAMbsd1Mbz92_y|5L8RpQ14{dxB}Y{@wZWPXd&4cG6!(W+V!3N|?Q6ylOI@ zMMJ{zyY8T0SF2pNmv_%IzYSzofQ*prgd$fv?`~t4+%XpIeB{(>?z{zCNAi zIk>!MeewEme|?2WYl9R(*isW`_1*giAB{cT& zp|Ebn{J0&rd7AhI(4H_dowY*2k}jBFzAb)b{nyhD7*?}3#6;070$%EMfiTVZJ0a19 zh*cW6m)Ay1*@ZCXTDV=elFt>2{>$x`p)T)6MC7WdlpQ%Iqry6zS`ysS4R`o1Z*yjE zmtrK!M*U=)alo}b+5?jJ%Rus{z6+>l zf(oDlb9e<|V4F}kJ2OGI8m2KfZA*Fzp5M}N$sv^wg@w_Zbtr_FS@8AqE%PqlhZ{oR zKKKzEVs>Ey8c<4cTjqzq9!5lZgkcufR0J>UxNPC%s>jRJvLznHOsQW(0z)EY(<~ z1r3ky$Ey{qpv93$d=WG4gazWA=EoJUK0V0Aq86gRsBm}CJ;C{L1aNxy!+NO}=Xgc9 zxCF6n(;ay;zY`GooE!MhelCncBH(s_^YL;P(zj{MPDNsNR7-I#B5drOUc$|HDb2{d zS+;%dBIQdIApVn59X+jS*JYwxyXu69(6)txBYbH=@UUF+yKAft?zzAmAO~(H-CX%8 z+}J0%;j;60@^3xKQ?%KJWBm96lSOmDe z+N@^;qKmQY+#>$+0bo>4b+E9PBoJ2oU+9{PAG&n3E;CPDEXXa^FPJwJ=CM?3*i-@< zPdv`N^KdxS;axNEJW{s>etpVH8@$&4oBTZi2|Cl6p-Iz>(d0R2$6Q?;*{k#d_nzvB zm@VG6%OfZlva)#JCF;uJ{lHnj%8psG=M^1^wO2oKY%tr1xlEFbmt)TOBh}BV@%&ID zwoZt^oIW#zq^$0*PZ~~EHZ=SEA+^b@{_QxX`a4xi zci!x=V_`cvfz)E}rU9lPEe5biq3j1Gdkli|dv4ES7`sdI-~+*_*KbO-i?*yHG~nxo z1&QnH?=fREHN0#Rx}u+QO0Gj@p+$`H9@W2Y`}5+jSXMZZ9y63fUOG={&vRmOYnbIy za95O7Op^&{fZ;K3Ew3qyR)lrWe3m^KhMHEFgnd9yq$%t?%I>@>Kb2oaNo4+_Q(;kj zD!H1Co|nTnhRV9T-a<=c%Est;C`B%d4f9Lgcn#(hmJOH(~)Ya|wIA1Jq?(G&Ag5=txAp;p9I%GcTM7X0foLZq~`> zqLRhEQb9=`s_ftZ6lvF*F3YK@ya=Iyt^BM!%SMCiL&S!@xbPuInHp}D7?VOTOy1W| zt556n1>7s9x4K16buy#{U?%VHV)lrSeRJ#x!SYfPJO|s2_?p}7^fNWmm%?MXrN3?t zVB0zLWD3ODiu@iSUR{*pw%BT<2^aKw?!!)<67geU4OY|K~)Zu%_3 z!N<;qvCTnZ>e&m#^D;_X!d86(eX+TW*=T1rLB~issHCC7EmLo#|(>h zdwE62X2*^Rsb^<+9Q?GJ%X{RjG3t$;JmSWj8SXj}rKBS2xeEI}QY4Y*cK)?mC!UM- zxX{2_#W@1zet71Kp1Zta%Wu??#;1u1ko6sQmc|v zh|8b;0P4`<9R(iEwLM)L2>1fu&sEmm!WXaZzoboHVxSdbZxC?QwRGg+E2i%AJD}r^ zT|L(^Z^vE=`AfZbv2&Xhpq;4C>B?AzopAOtII&Yg>m3ni2=Y2WtD7&)n~7jkrZN92 z>$sT^T}U!No1ukwHx`oBl9eo?S88M3C2VaCD%uzBL#r%RkUu2M(Igc8AH!i{>OZ89JDzofgem`$*h~EsUtr@Mt2zoS&0UQ zjo6y2dcfo(4c;5uY>nIbu*}(P<<4F2kH~$!z4|neWm)3u&sbb|f=rf*2!f7IIdaD( z@)D?oGOFTccg+9KeAxftrqa#vPt1=@u&7gJvrQ%5YtoYjk;Of>&dRmkKiRHD>Lp7v zN7ZfzKNDyD%!o58tVvd%@#rFmCpNIViv4Ej3dwMEek#?J0)<5@TI2m)kj*&%sDdZ# zi@pz}fqVOB=t%WIG45irPctltWJd;Xz;c%9PwDWBY02vvH-CHBHLQdHjV+j=dg*z} zvhdz}Ks&$SBxezpvbAbY@-!We-Ee%C+x*jbI-&;ok`hG9{K21{PA@#-wDG3mz4ws3 z`_Q*RMh}~!<@yYZiyNwT%pPrV>OqoNB>uMsRp!Z_%^d|pUCUtjl-6QnVXLM@0)ivE z%Kq)7kI=TRx5MyG!AGI0?INHD3rj2a7sk|!?B!lU)3ce9oV?|o)aA2&o=xnpWcJe$ z7PBm8v$PV~YO0CgxaxNYr16k09CdGbRZ>h8?Uo9svB~N|xcscRKDeyQ>>11V&Ni|Z z8lCo_Q-LJ`PWumI$BDKy!B&EA^AQ@DHbK+onZBP*AF*ff4jB2LcV$cfvnuz(sgmbDUpMYtdhz7{ZBS;AnPJFOUeB+A5b*W`+X z^2@Aroc#Oj0$<0;=N?hm#c2h)Byw(ga7$7V7I`6ffy!f1{JS5Vjys$vYH>Mvvk>r< z8xjc`_K3(^)_Pw&tX-uo*H5mVD9WSrPS$1x7XZO?b1{}Y2&#V0vcdGrfr3Mhsv~Pb zitN_@iXmrQ$vP)j5AW>QUL8KUP(!ISB7EA6o72d^Do7hHp=Q% zTJq0Uz5J{#bmj-Fmh~Y5iwA)w{}*HL99>!SZjHvaZFg+jwr$(?j%^zq+g2x?bkwoc zVFw-i?sLC;#(Bqg&-nHG-&%W*v3ISiT2=MTXU=D;{_5hqWg7uTBh*wjDC1>ieFHz; z9BeB)ImO&s1Q*(TFx`2%_S6`Q;$cSi?_+PC^|1CMC7{G@0}6#(V#!M)z;$~Vs%(qr zX-3qGHkTty)HJxAzY=0P9AjfTi$%^E6KqKYdpbG9vlaD92P>fq_+`dcKj4;CmO zAaHVZRavIbl!LeK^2;8-77Z378*;Ui9$t?vEV(R0R7L?kkzGmlQ+--QP2z6J&q@pV z>)9&{#S)2?4iVOmSjkYs$mF9@T3Ts`d8rZ-K3HHqgb?|K#1|+!(ruO$)lv=_mfi3$ z)(Sm2F)X z>S(-lL|wQ*cQtWJQ-H6s_Cnmc<<;E^sqSFUi94<>FU=bDGATDFAzw$Cu}maVvM;T* z>C@`3jQQtqNOE3A1exLwcD=l1&HUY@0o#vO0$bYvf?q{Jmfdng#clQA2JIr9OSTB-=w&=+}lOTsD#T&!;~o`&W($}QAfTl13pC1>F@#83{T4Dm}RC%U%kyG zA$?3;Tg5}f=_4e|MeTcu_FSu}i`jhK<_D3et%q6OQ@52c!G=dLimr276v9cl^8{!b zScg`>h&byLWYkVc8uo@l>A|qb+=y#s{4|Q58+G4orGe5(R=vB+QZd|C_>Hj~{&|v{ zZ@HE@Zr;GYik`~lAd43(12-bWf{TvLN=s#z3kBR@o#YdcWKioBJfvHX*Ef?J9{(%U z#ft~u4tUki6$7Q4ZR26eBap105pMed+?RvCpV=7Z5-(W*Ew0M#{E!azO53x9g6`ov zPjwZiW`+ciH=_#u?|uEx6X@xqOQ#UsR_`(_$z{Lj8KW*AR)E?gWh0n=jU?629VQg_ zwuGFRd*@<9k~^RsgzgcTt*vO^=CQ}T%J~arqdqQ}*a1bQ%et7Zqp26DCW&$G41&oZ zrF8A6pTNE}N_1jCkP@tW$CYHl>?^50bZwu`tnNxS0XC=hbEMYa}2hvKNtg{>IM%WG-5YL#Gd45|yMJlU8>gwe!y>`w zeGVu>2f^5D1QrHY;>9QjM4n)X*wJt9wcp`+DZ#f_?^uBkM@OA*3N$IDeXlncv1nV* z8!HFfvrc0xT&Em_ackiTlMNEB%rYm>)L^p7-zlc zbbt^1$Yuu~yn%DYnnsg8D-qh}lS{HXncc$g)h5FO`Am1KkxwJ5gAVBSW@Tou|NMdS zB98l_2CxAE`Mi@67g3jvCM(>Mf#1H-I|w(}E$CG`C3ynd=pwLoT8(Br5VG$W8wONU4$WGSSGAlPXAm4rBKT700FR}|efJdawXDO~vw_9+bQ`F=|K_HK=>=)uD;^jHB6&iuKo=WOdsEgF?v&4sK1=NR04qvAUC=@XZ*NLZR|{v!P&Y2M?6(=mB}4U;{LF1kngUTstRxz~w9h z5F)-9>?$B_2qRWli`NS?3b2E8lqM3sEq;IMASN2+d0CTwnP<}@f*Csw^hUnatq5zL zI=`Oq%>j|79Gf8MPfd(!7kk>eLf$WY#hX7|On0nG9>{^B@;~z3Byb${6AB_wBCMS# za2yhm-u{l7(u2^kqZ|z291~vJIi`JgECyc{$Q$;fNSY^sYnzITM6bMA4eF2OI#H66 z^LdqdFNQ;$$T#W-?>LeqF*q6zo{3DT7n$vXTbiXbWdS=RgQ(WMnRV(<;Hpv`T7xB} zPD6Y|ju+Xy@7VoxjFHS)j_>am#PNeN7BG6o7P!acet5Zkavo%&<`bvN7KbbEGqWietfz`F>MYvRegH4=7(ANmDxTs5`Ux0U3+Lu3f;{~DH5W* z$bq?_6&Fxp58QzCU0|3#pVM7{7}fP+;qS2;>UFBovJ6vKT7N>K4Wq;nfdg>UuilOK z>vImpA9vA!`j{5(`|WeH8)nklCm|icpWBjQv1RT~WyhLISKr!XX6fTKAq`LrZu31>?>DHgE7{tctd;C}>QU|`_Z{~3p*#uS+s#_aV_)CB~Z6tVTwf)gs5XHk>Yp>!G~ zY5LMYRS{H5YM(c8d;Q8#oCXsy%+uWa=E~^l3WyaZNZP?MN_*_$L3$8}BP*Ll*5*q;wWrKUF z_Z3uk7PhEEIMkA<@T>Pb1`mM|>d!*lO!Ti5W>Oh{;_p z_qbb|+n$eCM5lCpd#fgBhl|EYB`syar75BC=A%=>*jp-9Nc+~5h>*m+qh0LX9Sg;L z=ixQN=1D3Hg*hhS9<}Gcv+x0yhlL}jWXd(ha8zouNW#d2yK$KX@VRqS>hWOT71_JW zj#jMJ{T3ElL>Q0!QrX*rG1kV8QaX0&;ml*qp=W%Fx;$OZ`Y=Q%9(jVID08Wd$6bQh zII^Y>5c5OcA2S$R)w7YDcux3pC!udjz{vpDXKsW+uPFJ|)HtU9dfdEYJ_<^Aprb8Q zwSOuYe%$=@1Ks=4`L;95eJ(g6VHruEhKiCMe*oxM>C_*9GD~QENAVMC+yHyq4xN#w zOg86;uu|muTN|t%^jD?4p@9Ov(6d4H**4rcu>hYEe|`BEUV@?_%%i&P5YS^T-b!w| zy2}IQRbwa(GvW>fOk`1F$%wdZyWU5>wP4hWDK^0y<~lvxfzw60-DWWdm=c^gan~f6 zU;Cxr_re@V9jX!0Jgle%T#BzCzPvpuJ2qjWgyGh{mgC{DP4csXzLw9~8_F&z1uIuX zTp~H$v^w%1c8`}&7WBquxt*n1869HkQHJwu-W}?p| z6a`RYC+O}m$9p!Wv8rbhnM{YKZ+#nIH*Kw}r_a(Y+WQFfAe2la+6+7X@=Z4DRB;}? zFem)nX+|9EebWl|0iI~Y{}RPB-)0!lb^vZMR0M|H@5r(HSG;#j9KT9FH-(wq zIPaYt7B&WJk?>QZ#%3OwDRc_aQv$B{qc!s!ZfWtErIa1m*EY5lxHX2zvi>iP*+LY6)Q=zweiz&mW49$Lvxw*ej)}NrOwDr;I;H z=iHG(Z=O44s@s`8P9Fq+$({cXfH!yn^VGG~YS?=XvCbnTcsGXD}C{u9%M02NA>9!2}hlJF0nJ-zb`tT)>B_6o@~vG7s{E5e^bQy|MY*B#($|<=%}ya{%tR41OEmn zGm(|Kb7H(}#)Z^{CF90x2rZ==K-!2rPssc1nzc*Jh;9 z`zid>yh63M(-Th45Fif{bg!E^&Hy{;c^H|vD*p4 z2(p7XgR*=!F1+6ALXAti0P}yv&TUj(ifsuBLY*D(fMRN!y%^nkkv{xoVY0Z7aadvV zBXfWVC%mr(f6OAn+fNHKhVONbqs8F1r;>KJk8$CoTl>6=(H+sk``Aip7x`YeCm@Hf zxC550*TPo7(eF^v-%|z*O&_>d356KF?-S;^f>@fIU2`;cg_$MgrY4+cmXopR2ryE; z0?RP#>KsN-vSFlF*zNjTu8+=pKm7@E7*60Q&Ll);6JQ+pJi~B~wL#F!!h+YNpNM>; zm_|mv4@wP3 z5PE8zK%ezRKImM!VDWds0xlv=hZ$kV=0D8`d(FtR#J#o){WAMM^jw<9{WP9e^Fk3sA)^gj{>C+XmJXDLG>+mmCWz=sJaM>K*;~&gc!VDPsxS1zH4Q;g)Z6?a zT=2Q`GIjkx$Dj{5JZl!T)WQwk9rRR@K8{q=Kk;ANn}CMI1vWE}HT|!hA@s~tyO9_< zyVCSJ9cYgZ`f+tPAIk2UdxzV}es{SM+^QSMHsWZUj)o!7j`9*Aq#(AOe-lb51rK(n z{IdE=gWj|4>hiJWVkNkEQ(c=AZ@l!2KKqHCL)jExphGN7SX?C+XXP~qJyYIcV0hVoGs}-qJn@l2@6-DGD@cI$mM-$4cXUn-O@1*0t zbmubEE#|Z~5DgYg!?vpI?zTU0^(DVCmI6i@(&vG)Jm47-c|_n)n0O}TcexpId|C*R z$6WOx494QI)yXct*0w2`r8XkkY zDc|~8jPuD$c~oH_@1nEJ{{%3}2?5ZH16fy6F8XOkTH@`>R~CJ%N8DctUDxx_*ld)QP>C+sg#>5 zNPU!-9n%Xyqv_z7rMKU~2C)dR6w73FP?eBWhY9vrS$;iiZa%^Il?5k|E(MtTDNoJ9#oexJy9DmP|cnEtZB;~_rv)T^ll)%w81ek-TOCti))x^$KhPGx+ufwEB}Nkgb5wxt}EtC?_T^|PsS02 zT(%_Q%JO^h2zxo?^+%$K0Ykpn6**oNt_9r7-utIB1^DYWi(>L1vd95_upn8G=tx=@ z{@o&TYRUtuLqu6aAA-aIy|@+I@yD^6KH zc=UQS6Q-+E1?*#?6^1hydBYUWGMB!LXq1X!!W8 z!EbmVJo0UQUvyZ<`Dv0owuz_JZyc%L;f7*@#-z`B!gjNf62Io4ivIUEeEDCTdHn7W zPJO+^SDf?Ho5^n_eB4-H$5!_0UQfk*EBp+AMJprIR_YD=^!tqx=mm69bBM7#`Nvu z%Nh(*ApDL`1uo?eW&2fDWG*N92koa)?DiL1j6OGlAm387u{3`I!j!!X2#{pC@%u3W zC7njcjS^syIt3OVS5v5iz<5@;ugE@K!>UiF3D%A-mtAcm(kERCSO^>FxAJEQM z$bAj0BEBzqL*am#aGeXBpOL~sP=}*iTv-WjZp-WT&2~x5mG>{S8T+g zF#%UFP`c2Lx2_zxOX2@o5`2lwJNv%pZ`3RL2pEUGX*7M8eVZkR=V!4Iyn`$7KmM7< zaw>I>D@St~k>!r0vZ?fKzsF-QYUW$Fv3&p2s>lVMO#v%aW`jY(=Z7fOFkiyH)&Ng% z2OOX9mSB5VvB>40h|ViH{3gmy=$@cgj1QM8)QMBW1DB}c*AcPXz4Jz!V^{qFMqvEw za78?H>y$aXGGx#QX|$EWcPU6)D&D0o3Qo(2ikx`)b)3;?F7}S?^W+btY6kt_55DDt z4|C`r7Xiover-?yIw>NQ%z+Jfqtxi<)m9I}kE;Z2X^FO{YJ9#*lYjEC%;Pq_C&AAzks)Hbj*Q>PK!^tNyEuu!zC!0 z88PQ-U?w#JvEb!|G^bh2>F%x3WU}F>Xib4O1X$s+sM2gDTi;jqKQyAVh)X3JnHTk_ zBJ{B!ES$MhMu0>c9pVQ~_!_81tnAPwA6V_olJZBGD|E{NxE4a%Wb%^3bfKBRvdl-T zVYx!P6FBn#k6pw^iZ6?qRiqUU@e;cY2ue8yi4!)@m2YIjQkJ2x$ z*Jq+euz0WZ^LM5RC3W{DNe)3zpZ*}XAF$b}HSx=aIh$Di`PTIXEDQw|H|{P?8A4O5 zv^o*3Pqaj*I*gtX+(;iULAh^z)QVuX`hId;ojtI(5%kc8x+1N!m9e*LfjobHgoK_$J45y0_OlAMJc| zVeV(hl)^biC8MfVX&ITpw`f?DZezy6Z%|{hC7qt z%Lg~tnIY&`gNXwIc^nNfVryaAD(OZ}?yF$nM9s}1{w$C+s>{gyP7rZ_Of=64cp*~) z&v~XF8STI3&AWo1Z^Q(g{m@E7F?C&Y%_+~pJBgmO`tTrVAa>}f&D!)l!1Fhgx`Z@i z4L<9tDTR|27F7^U9W*LCMxno zO^=F0!J^evW#F-+7;gq+Zeq_$C7EWmxN{an29V0Sl5ImXv1u=}#;_^9Lj;0zxwvn*P# zY0g&MR6zuQt2tQ$2c%35pV@FWcA;DCtO2+ZHTJ{M)9+et8d?-M-RB{Ao$570^2%df z-k1IL3rj_7s|k9xzYN!tTdZnn14O5uw9|Ac#7|I3iAR~+iaWcpMHy|`wQ7pQJ=aUh zwQ=Y|Q)KG^)Z*j}I?xVow1S&z;Q|x3D%)%bF6I>bWbAV~dUM9DMbcGY7$|xtO%4{c z%Obv59g-Yg2po-)hH+-evO4L-_H3$CPBo3VIhf6aKgD1 z)iGe|rky{R!RCYBJF^{{BpYhNOm|SMQoBnNy^>n2X5)S`AvF}>oo@o0_^u}a%aX|l zGU>CX-9?5jhfq}ZDbjmwLWs0{@AD`WKl59r31E7e}yORCIP>GLQ=qPQv{02!m`>=h9;YgA^Rsmxr^koYLKrXf1Ie9TTZ8} zm;^k9+(vT11jQ<$bx!^?&}kt<)>w>?t)5BrfE?wwEe>|-61x`Pa1kDMYJUJK0cs*< zTI=KQ*p4bDPlbzEXGl@;il+W+LcD!VNix47et*jifBWxqq;u;bIVGkS0_x#jQZFUl z+cAR4=$xgngw#38JVzcT#pj}zU5xq$bu@uNLWae&R{}iG-88ni*ZSD~xm|sj7RM)j zl{GF^<4CmWhRZhkI2V_Ld$AO~Tgqf)EQBjNO<;xD*pZEUia!%Z539t!qaeDooFoy| zNm3~2IW^db0oe|kCj0G5MrBeo#bqMY{Q*sOhabBe*nL~(J|*#RH}E&R@sk{B;*3QB z@GQ@>TOQnsusz?SC-qjWj3potr*N@T@7;rnrVuewX_Ixu@kdb*=Rjg|9)Q`>OdKi7 zQL*Ayj=jMl-!!G)0fx4sn;vuiJcsfSjN$l%jxO}MIgo~43VTMFuox)YNib+- zzfLR*jjaMu`j$Re@KRN`mPT6{v=oXh8lPjaUXjuPJZs~W#^|ak5ob$5&W4H*QMvsj zg-03O_b&5B#0bhdZY{fe{@1^A8Z?YA(Y9$x=jL>WP{A2i`@EP60#9iSKZQaeqV$mk!VWg%}*-~V~<&WPp$j8UH zP4B^tP08pT$|yS@FAEihOjC$8Q;k?|GQG8eQ)UxnCI6)3UY{iU23V3`09-mqN73Dk zf%hqbL**Gn&p%vS-L>cG*q6BWfC_eAJ8;3x zfgpYPj7KRF>WGwBL6*}EY+4_lr_HeM6Zd1lQ}mVMN$k%~W{PpB_)~LXOjJkP-d&T~(@G8CIxbNxePuTAMhIf*$ugH?WejGpiZWUkEtZyjq8231$9B>q#Ra^Qh zR!L1Y5*B6xQ!K)mrijg@5g$9LBj^3f-P_^ERN!|H;ZKNVsgmu52eW_9EI)Y}eS^}* z4CUhTM{XRPx~E~VR2MHiOB=jdb>yTA1i@3?B8em31x^~-;gR*FUFzNi9S$v0xF;; z{9j6D)e{3gAL$GDHx*e(0g|O+p6#F?!@i^am1IAaiHU}d15gFMKWPF#d`m0u+L^=F zwb!E-*gR;6u@DzMx>403s*U4scLovS!k&OUPZAnfodyBE4!D6vA`C8 zRU>b!i`Zl?A=GDFmATb!69#|cfsYl^x7%>kB|*Dy9eBA-ezQ6;HM#`lv#{u;4Ur1k za)R6(XxZ?oNvE#E4gNv}0i`HPs=y3-8u1%SL!S!-llpx6FI93%4jhx>kYVPuo7|0~ zF5tY4NODKNLo0;$w&G zJk=&2hb&&4#CNx8ogVLrzaah277)J}_qL=gT4#wy#0D58-GCNW>ZB1;Eu0FioDUIL za33(omr{1ARL9h0ij~1-E%=D(>WcXfT>a)XbCHaB^<_W~JvdC#cN8MaqPDuqAKj06 zTYwJF-{V(s)U|_j(`AmO*_~-|ea3W8tc0PZ_tNEU86(yP_GU7aUwi!K1Scab`MkXL zoMjTNeqR`eVbP`Ulb<{Xsws4{7$xae+@I8fyV>84jtFr$!EX#jVzGI@c7Y~1jdl8{c8|%r z=rxvy3rJ4E8@ZsZ0I+XoouwLPHM!v*&F(%s6H&g z;`3q;*&QdK_F#pMXt@?tPoy~2i>tbyEG~i}aFgH1-ja5S%ytf3!Bn%1esKy?>FM$@ z;iVF109Apk%1S_il4;7XpRx2F335_j4=)NJt{h5)4NOpp-h&1v za$bW%^geWB-aWMTbvw*}#t95FjCasurXvh`*NaZS2g!Bt!tb~a@+*zToQO6esFfaz zvhn!e_vAJQ{x;4Y@Y4pvxt0gK7vLu+F3S6M?iLp+2sv9aL7W!`rtX?tEDDhE@$AA9 zi*4W|Xid8>8`m91{;;1#E2-oSl_!Nt@B8piK`YcIfmuT0>=x>xlb0@RF#)OenV^%>gphQAH`FUsqvXOY(z>`Wt zGXj4x_US#7Yj=nr(wv=Kmm7NT&C2Tb_Tn7O45Y#Z1~))6G0T}Y6zs*gZGBGiJj%!# zzbFKpDrd_MGl4cW)YoFT);OlPSVY?)?1V5&d)ODpF{e+!y?SbyJYe3YKnFO`sHn9C znns(M3g-uk7x2aYBG$~JHd_vTi*W_*R2Ma_MJs|g-C0oQ6AxI3t#p*bcZ}VRHVkLK zL{@z(`-AiQS}na|Ve{QXkYD9U%WpH~?K?J3yM(4|fv>yI^AgGUgt-!sJJ?*lfu7p8 z4?lKD?;e>L#?0pRCTa10d?LsL&v0y@FFt6~F(Mz9mb0#4-Np@+jA)MMeU%}tC}+Mq zy}jA(!@nNGZ%HPW1^-U>u*;O#A3d={HxV5fs0~G1Uq!gGuw|vV=6(F12N;-5w6~CI zpo4*|L!>XR%~G!xGna*Gug~E+va^UmLYS zGO?@!5~d23SVU$-1c2_CL&>+g6xZB* zCRZ>K%?qzv*V1;@0*R$Z%v%-HLrl3iVn$x1ws3J|Q&^OQ<1xoGm(#pB>AO(t2%BD- zx$xY5+Uvmn>D>Oqd|jb`5I>^7QO)$E`BhXq$UoSUT}__%lweGi7VK1eWqFKC9M)0x zLy`Jb?wF?JBMtW4LCt8L76eMrmfBnJDt?l&MM-{PeasCj^-pqESzyn)sjDWp4|O3* zNI~+sD4b6)6lBeQkt?2xt2J=jb3p#M<`meeRh;8SeXH*r4!xA$MHu3KGDm)gi*)GE~NjX z0DAXpLji4vK;OGHhwg3#?$G#1!*0;Wu~H^~;wv%JQ0|ea?m?*&nfCmmT`6bhu2jpB z7^`YBTCK!rD|zH{s)t8uof{6gXU>sAc~$wsBr(?1S$DO6S5OufuLemgunwTj?|Zs4 zsSPQic%8MdIqcsR+uyI?Ne_0G<1Yp2+~|?TLF!=h51IZ@gg4~>_HWLfLQ*zTefGaO zL`Qj1t%V6DQw1;=&nj5DE2}!}e?8B1+b(5U+YS(W(<=`_DO~!X)f-GR`kPFF<;0n9v0?N-X}P3IWJSi1-cmHb2C3U3Mv%l z(RQypIM;B5iooZ?f&XPi>}dk@`)Wvpof>hyn6D!J@Tt<+I8mz_Y$A~Of_L?|vYGW! zg9L$yK@#girzDKJ-@7Un;|yiJp&=oK8_;7q4E=JGmqi>eF7MOOk&DIMga_}An|>^> zX)boJPt@qr8kSq%1eo?dP#vi0=L%gSVd_JF~{s%W=Uc*Y>ZTP%b%d6*D1 z@3R*y^yV8-;n>tMhVezWvx)(NnSiX`%bd61ih!#ZD_n=1JH5OWdrnWX5?`zH`{Cn_}u~kR%T<0Tuk*#j}r_Bk`RwKw8ipi>*m~TI+;RZ0gi2MPwAa1($8^4iF z2%$R1(7lz*>}uOl_xANH+kxpWqN&?K)yVwWoJZ=F%<43h_C*xvVi6w$g?_e?2g9x` zz9Qf|`iOm9>WJripxz{2Ab0i529olKYl}c~EUEy4$egWYy<;9-x2G!O+5a zpVG_t$jSR<>4QK}pe2~20$9poi_7~0`(atR$;kM#HoAlG+q5TJsTVRk?!4x9oU9Nm zK@2y&ZbsDDsV-1fU%~BhPOj4Ef#_+U4d573>?XuC**SGoZ#QIsmzq9tf1dfzlaHQR zQTXk81o^YEtqoHuCU<_BIzo^P>RhXgjENF&?QZJ3?0B!b>|Dg;E?#4?Qf)95JAn>u z@|~)vBjKnpaorOAg{Jr^j{?6YQyQkOqHMIJ1UVxahEH(_b2yYrwlSR_AwlSBr!{Z?BPQ+diKGA!tk-W{ zYx>v7OCp4LaX(j;&BJMn%2~eyEl@`%;Eyro8Yt*>(n1iwlq3?PSNYc`3%_A>c|)Pa0|Nv5B|Rh38>KpluEG ztQCo-VZc36XHJTC-d>}H%_>ZdIRaLMvnU6Bm$IE(kdZl%aVWzGQYP6{asQD98OuHg z0;Yiy3YKp6iuRBx-ft_#wf-7z-Z}@R+nBv9Mx68oRgrQ6@sNnHLQ>ut3s{4@gK4z2&?JU>r+>~?116ei z2m4DV)j{{s!K>&uub2~SBvi^5S|l?wYs9T6m{FWE<*6#c} z1-6oy0iLdBLEabLS=f>+A~y`h6s;lq8;{*Ek1fMTt$y|Jq&dQqtF_OQ+G#+UDu3UK zm!~9}=3zLg;uSIrBJ0W3eOST=f3~5`9$dK0%bYnbm_}A*_RCMSYJ{O^mMHjna#`xI zkbT+mpX5JU1}JKE#aeQXB}im!CB*hr-p=D?^K5@VW>h|&#<~->)l}nVp25pVp-(BM z9rzn@?^bv|$bbp3;NoG$R4H?i-Md0mu>+~PL4mx>_4>QfljD|n&U1S}ta@JM5R+9y zzQWhkRiX?>Y$i>A#|^K6$eNEhl@XP4OatbJw0I;LOgD%SL^X!;sn|DCSbR>V;R+1g z;Wq-_uTn+%SATmdJLYwCVa$~q@4czp8)1NAQWk~%RAeWttHfPW zzcH;(keh{Xl1H*pML|Dmzy{kIT~c?E1=ipa;DesAj%PGr0U^J(U>eqyHPmkD3r^3lA!v8*S2EluWHg=vigS9Z-aZ*oK3#w{;m;xxbBQWa%?MH+a`c+aqr_Gb z>j{2}wJ-DQ3kj-Uf6z_SV=c4S*}ACw(2nVZ5I~58DO2fLp)UlS3pmUcV^apDdcY)W zz#1EF|MHbOUcmQNSzUZC=>sADIxBnN04ZdU}Xg>xvh;_e{Z3NqaOoBKR-JY%no2mYjbL$YFBunTo9#Lv4p_h zB-_@Pa<8DlC=qaF5Z}Z9`^T6jUS3L7B`AXW4v8>osQq3JF;C?ZyB+_w4q!$0b+<^q z_M1s*SqEV}BVlvsd+|>wa#8_AyNUI}(9kLpYkjPrY55~xf_$)@I3J2V*kk$NVVy{+ z{ARFXWZ+a|WXcDKF+^GuyyRIm6{03JXi=q6k-bg-Nc&*Z^#FjWSTf)NPR5#f8q&16 zp%V7hNGM8cTL>TqL@(H>BD|fIrEm;PXrh#bi3t0PQ5zXby_ur6gUiCgk-`*&%EX3R1>I-QK9=&FsC#B&4OHh(B z&vimprbC@wGz?d-6V2{6bgl9~(%@~XI>L&}M-iBivePi|nH{cU)VtvwmSc*o??kM} zu=0PdI{Hh43&$NxX-`YEco+U<^8_kP>i1KAZQo*R6bu%uY>#_=dZ10L_t<#u-^n({ zbjRFW>Rs)B8Q6%$o>e|w4k68Bs-?dWqfraMb9y^)csn{3TNMjp_4|T2tGE+=VR@%@ zIj;42?D2M{A=^FQU3-8|6>!3}RP<*K@U)d^IC|@m_OoZOSR#Wl3P~{W^JBu0KcEDP z18X*KL(Y*b=k}7oemGU=mEq%7i)lZRIIU#Wn&`3X15`G2nR9;>U1@jrlYT4&Er;x~ zg@e!^d-m-B^6lhkk$cTV^mERdczutcXl>I9X>W2zAbO`yBfR67j@*5ct?vn69DH0R zz=Yrt)yXJtqvx?CKt)SCoI2>0qW@u3rB`h}l(G4CE3Sfy;ANM>a82tndJO&^a(G zV98GP`5t6+KWd(B^OhGxN_GClcHH!j_t8_0Uex60>%@1p(ZfM)`H$aPO5UcfkE5s* z?vl$Hnt48#9B-#HSOle`#a>mv2TI;Am1!!{fB7^=$uEDp~~rV183&e<q79V zOO*RU`_8ZZjOLV$^O5yYYLYo}Rq7eO3t=x!6=X9}(bu#3qTAz;#!v8R(lJ_SS+|h0 zdM+-JulFX4D0nW2`f*)MH5$Z_y-LXLVmlj^Ca2J8F)}R@?Hch$Dije=)55lK181J9vfeu4d;?1y=*@!cHS7(r zC1Aao(5g|sIt_Y4op8THaHJfS?ZxdF-KlL@%35ki*BsQEB^6jlj+yStK%6aoM&1b# zzKbn`6ZQ?0@`OBX4xJORHpzJ99EI96S<;8QJ?2OQB<`wrgP+Kfxv6L!=&wmH`cacO zl;%kAIeONTf`lVniFCD-^<@E4;-|%#3l}Hjo=WmLHb%oQZAsO88`vBesiIm5i84Vk zlXF0?nd*LJWh0oCXs_D`iNZEy$vu6>1#HvkG+9$SloI&h$Yr6-=vgBhqzMpvtS{a2 zt%d!u$d@=Am=EN4fR($q<&Ev|_5#pZkG;OjP?UUO4McYKp0|CIeF1Xa;XzB*lG;T* zIDdO|6&a@(a`5!k71|@1w77b9#W3<0XyfuB3K4hN`ZVMdopGl!h+$@?f_Q;LGI{^i0l5N-zY+!gxgDZ^?TzXJ6u1VD%2W{Y#Z3 z=~9Q(q?G_Xy~k_rwp6jIcV6gGjCj-CK~!?Z2ZzuIGdLJ_r2?2xaMTUz_d|jznJ%Zk z%Kb~qijj($aWA0aj4t2sd%(B9M9BYKh0!7EUs8T;n*H;$zg#n?gHZSKF#ano$Nwws zsFwjMN{mvs#^e9JLCS78*TjEIcK)u88swk_+Hcr3Z*g+eVYLM-#2Kb4A`*^la2?HE&uw_oriPH{xAK^f4JSv!2r6U zaI86OTK@$~{l}v#db=U~eF*-$#rmmWCC$xnkCUm?*8{TzL)l;J?fy{wDw%(&(yr}4 zAll482#1j87ZrH;xTP@+Xn?ai-rv=-E_9SWk>=gJ8*^CAsgzVUquqX==<%+{bna|W zCb!&UcBDx%WJcx_Y9Xlcz#<6T*XZ@=#++biX>{9${CBFmL5(lMY`qP|)4wpy)4rL{ zNlB73u;8uHq8pJ$Eklr;z_nXBB2kuXy@(NG#gvW0l!@D*l7YX43-woUvVdXGiBCw8 zvQZMS*ap#r>kB&l%V90F2E7?U4tfUE)zxvUZUW^9fYuB7+8@!9Sd>20{b;3PsHLg% z{_CXN_DHKjL+qy27$0eOp6(pQ-R-brh?eXNaeLR!kTbEDl4Hrbd4ek;6?W^w@^xAy zK^}~*reGv&ZN-PqunD=Km3ooao!W;$m+JqAv2zZRtXa4Iv~7FZ#`&}MIb@qg`Y+X848zwjad)ucLXpuk|%z52J}*OR94=cF_Oj7U(2@Nn&Lz_;Em4R`{&g zvWsOrT(x%P@G$>+!kRv#rW&aXHT7rXy^+)UB4kifKhqDEBBH%9LV{W&)ZFhEK1ylN z+GjhQ-={hXqCV#9!Zk5R;e5P;_eI#_pK4QXstUR7R(;+m{zWjbe$UEwQ?!dNFN`KA z<;eC^PT$X0r0e-?&w0cg`)=)Y|Hh@7fo?x@>Vp{~Y3|tVvJ%8?B*w&o1K6x$JS(YH z#^E6SwZQW{ijK$I;p_Qc&$Ht$A%s8ue+_`1VY)w|(7wK?;8b9_(XvA)=>7TbtBF8I)~`TcbFaajmCMSAXAGh!p*$(&hbFj#NhIH2kLk z-ju$NVeMB*tbPMfa-X+vlh!H%A}qZ@XbC_`)i1j~F0x<}PV&B=XP5_3|15`IIYN&h z=SB{%PHjXDf1bL&-LO0_r&i{JXkEeE-q?Y}Lk^G_ZN@x3R>9S>OMW`CCdU0YF>gH$ zlWCvV$hYuWj_iTQ&r|i~5AyAMZJXCw{;QE3zJc44_L&0(5>65no-QAb3vJ9Gk8(|0 zw97Lq)FZqe1xtd+FqLU?NK!u6x3PW8I^q$SB~Su0XJ`0+!oolbsveet`2Qc26+lah zj7k)AO4NdY#3(P~nu^+gpq07uiQ0AlQ-6E0#yw{rm~m|GeZa5RTi|6`7Ar=H|9}(Y z(aucSC;nf2jR82YGMck*y?efyFT*ugQI8qdhAe+VuZmhgL#cR`elpi3EP8htIP2QZ=I>l*Abj5v+Yr29QfXKbY_<)f*+G;YLc(H$niD*FcsnY%l5$R~1(cg{R2>FfXH%RwPqF;Lx`sA(9#b->`x({^9H5d;`0CW=>%376*-C; zo7dfV`RZv9pAW<`qejH_GyN`U!6{ZCHF zAJPG-!O$j!A*94Y5c@}XkfP9WF+*=`I1QoAF!rA|CqE7dp{hX2qLdQkY@v%&(eZ;* z@0#*5SEr@FarIY(Z%zKST;T%^O{Fr~Cod4-4_;iA!sj*@3Q9;0O)Z$HiW2CJEPA@= z#H(XU%+A;+=XBUXcg?Em$%7@0#&lmi!Mq3n39#}c93mzVOJsG<3(oc{$auu549n|= z*cX>_7_StN5CbqP^(T}j%@Am~n_(;JD@E+Q*d=Ct9xd~&``%TmLy=N);kMRsiK7^gZ3n$AoJghkn-Eu+72cdjWJjk#Al~T>Cf`axIQo;E@;dM z=#xbqS${`4!>&!A(bxi`^|7p;C}bQDN$U_~XJvIMD9sO>-P)X}V*X0Qi*UM#{^#Ko zbGON5MWdOD;5QIv?5GD?MU4v^Bm((-^(8Zw&-vb?ds0rf9l~w17Pa|s)@CPG2;a`J z*E?aaAO`?lUZj1Um4USr3lFo-OYi=U?*m4Z9mlxQjQdE3C>Gd_Mv1T3VtFgH{;ToJ zQcZr-xO{%o0Lc_Gc#Ji&4?A8tU5bPl_)%_Lc<+R@G1bg!OgU*Ir%yE)FjSMWnF3tV zvW&$Qd!tCCI+%|bX^nlnKL+pCVQy8&M(@YIBf8!#3uyvonUH%tc#s-ew2yEt+}6vh zjhz%?u-K5%Xr#w-mm`YZ1~*YgvWY=sZCr;4U5VhAh;1n<6JaLhn~r}xF+=tQslH=T z7$0{C9Ia07*dw4wz+wt7ED4XsVzNTxfchY^SH}of_XW1SA1b6|Mu0bB5QyGW(b*MCu1>j3tOA(a6mz|nAI*+LwkQ7QZoXk(+nLd4TdHxPq&Q)@V2=wXKb zeb*UUarO(y%oiHOOfkg*92c-d;vsx03b!+zn5_9wS@fTQLC8Nh*_XeWoQEthL(`fI zRF4yc$Mu2cFo87dL}ijgv|L`?yBoLwe%ymuRGkVst$jJLqKn}s$D&=N>&J51kAG;| z*;sPh9d(Pm@=e2FZ$msCH`O4k{QP)XSrOQ6m`TeeJHyJ{R5GO8>++$gCDud@} zrO`+9V3~!MpA_Gbn|$8a7nv)D2}waUe#SgmLvHE<)cY0=2-LVS2pV7+@C{2}`EafoGH(1vv{2S&p3tIp{b)bnGi z#N3ZYZPr>47U4&M)x|}Vor-qWQO?!+TW|je&fzlZ1HVcZ7a^)IydyN-z_D+D0faUWvJ6;EHr$@y@$T!n*DsHr_x{ z2vY)~KHk~a{d8e}sh~c=oY&6KIq~=$XV*jX*y#!AkBPrlI=;-jdd~|cH#q=3VB$#g zr}1?z1YLEcNO;OZc@*SP!!y>@KS~o)B_qPMn|J-}B8Ad>w^*?Bmpg2cd-cUeFB)mD ztNgZtq142PwE)q?Ya@J+Bg9O|uIULJ>Bwm(XJI-F_+097m|^&aD3Ie($evM)ArrBp z&Lha{F){9LH8_)!qptRVC+y&Ihfe2`DeJ&4aOw+UJpgeg7rL==QS#IIFt1(B?Q88m-NxLMuZ#di>F_VB8j0;{{`@}9kE`GqDahr8i zL{6)R9Y+37(u+b@o0qWy_p1dp71z1SixGujauGv%A7+O(sII-&4#Y>j6n0}M;%7f! zC!=N2BK0YPVd*&DxUjAlZDw?Qzvv{lPaGs(y=XUFNnU~2@R;AVS~YnEv35e3z5eu% z)qPbQdtWyMgFsgQs$G6Sy7|ns$H^kSp(6Qws&=@}hBsX=m=5RU#Y^((#iYw&;T!gj zOw4%rcKtAWriAC3o}Z4~xZC=9I09FHJ;XDQ?_;S1c>A#!l7o$ONPr$LBQqq--$qE= z7{H`a?r_q1cm*t2@ht@+4vMA2a1w8y$4C-EMUMJf_4~<(OWNasCbR?a zGMY?C)A(F8v4+WwgSP&$ov){k_fM@=P}p}|CP2(AWpzgTo_UrF-`$Xb(`-tq$JP~{MM|Et79tgc3Wfhoc*MSi*?cZg-?&Lv>uP!8K zwu;+c;r~qHqg*fX+wm~-NxGQx(ti1>YKdIuLTNXZdpNqhiq2xSH@HPtP{hv+S4$@s zceF`?zj;qV_*Q*2{`&3W?b^$In+by%2^#dEs>e1$&}lAI6F{(u@pto9ZOk4KB2gg^WuWP}GV$Vwt`iUx$S$&HqxU1di7bKm8FrK_J8uv9#e& z>32>3X5a*V!#nC?h&Ds#kQeQebLb?t8!TFB8QNk}iZnK+`*hDQ|L52kfs-_msmf|_ zJ4G(PwgO96iRQ3s-k)Mvko%?cT|7EnF|4RzE{$8lySN>}d9H2Nz9Zz4zX>YN*8ww( zCSzLU{IToA@#r0Gx$zKx?41l5B7~G;p6F#}FCbM6+2qhz)D;}Fl+J>dJC^9fhB2FO zI(p7!(?^BFW#`Wdq>4sa@Z-RJciCB`5RSm0amWP3i~&SBE`7sE1)(F3r9@%k)vPnb zy9cG!sn*xM-<_>y5Q$P;7T>uGS&;?9q4dM-`F+il03B~BB@~1Gslx8)LI?W>=8^bq zn@Szevx0Beno@T;crHgnD`RTt?9M?ne~f3D4~(?1*jZ6lsCy;Q@W)`Um96^Qca46b zGrsTJcIcXkwUb0Fa!>W#uk>gT9+D1$`DFqpKV>q5auHo!@>te8BX0#Ho*Uipt*kf~dz^;7<(U6$K^rUy;}YodvR zzj7r=;Fx9*Q?htw&x!7Cf4`x{!o;Sg z;1kX###(=Oy;FWaBG#H(+tLSZ)sca*$M}UcM8cpFU}(%k6BT)FD2cQRX=%npAf&-R z&t)Mhtx3K~ZzY;EBe_4ZAd$fM&muF z(rP3y)~oUUt#7t3{e<^?qO`(ZFe}DngE{?JZr?OSa-rdQ2DdEq30veeDEFv@`OehT z{T>{cnMVjpe}BHB!)nlLgC|mB?S6A+LxaXx#CKgx60E{LaZ+L;=);I0CL!7Tf?=tF z4-CXM=OFKxa6o#T>sohcdm~2U6Tkk$sP47XyR`k4Jc)8hSXuHJ_^ftOP&fbp*g?NB zV?pBmcDR!vK%85>A>do^gu+*0-nuBX0y|v#L2!;=rvfVc9k4ShNYAOF@<-N67$`O5 zhMcgVq3+#=l^VbMoi}rufJOv;0{f2~cOYmwzn5@6CA(jm@qAD}XDzC`Q!mn3*7-Ag zM$hc(;LB%%S0j+F&1z8+LsJvIN%X!SFG6PYyo3K&@3nTMn-vZ!uC&=XW9!xMglF`2 zK()`d6QJg$wPnqe5D{Lts^Fe6%fIh;yRY76|OjR2<8UI$2{SSroYPo>l((Z9QSXyu^$N5U-%uf-* z@hO#JwL?fl)r9l&&N^3>zpYoN*F{a$gDhO#Wx(^PS_us5`lMJI+bu+G9ZLzX6Dw8b zQg$5kAn7DI3=F0N!uK@NM=MMCk^EB^kD?JVh^OOzz}#__H}Lu5vF0^)f%!3 z_u8hz!qZmm^NPG?p2u=s<`%6ivbcm7i`=)=Y*ND!6~c(3lGk7zkQr(EMo!U!S}F#_ z&vJ!RB;Gs}Xu3tHTlPbfnVgaD=T*``9`{6~$ zP$V{UQzsaN%*eo8)@618qrMH~0p93PK{WA;8mh{ckA@BEiv?*?_vs~DCK8rcB1U5H zeG7tDZVIcSsKK1fI!C)L0DhR?x73QlKX*hCQ_K-Os?PG3w- zC+_HSJQ1#A8Q_5S5CB+WAc=(}O5^v!A0y6FPPmtN#l)`3R`}d&0kdMSg-FhK%L=p0 z`_E1>T7qB=Vqs~r##?Wge_H|%sE{+jJg5a$Daa>fHxiF9j#0`V3(|&sYVQ?y(ic^_ z{+Jc+xo&;+9O?`(bDukm_ECC*m>bulQ705R4GcXlV|CAjJI|uv%m)VBERjSV2ucs! zWgF0xa4*9-ZGEv&ovbk6x%`^4#xS@2W*J^a=GNDN08Fdm3-VKvTwNl1UtB(o5$_Jy z=WoHsE6wb17LtEa{KX!LIv9|6bx{vfzeO1f*#cjlPBWj}wC(N(ePB*WT-!>pFUBHO zyq?tT7wrB-g@`NqMaYE)UYRW*77^_Qih`1n!Ic6vy%;#jp=SiBy7}5==G7eLT#OGy zE^|@Uc;U>yq5Rb>scHWF8%_)1;kkm!qy@!5ljPkc5CidgLF5Q@oeVt?bq3aS5yShm zJ+X6Ih--Us==3EX!DN)~vVL42{cJhJli!i{^6F`C--ICWF5quy3gflFhd9&xpNL;{aEd$^$+f8}AkTW`DP- zzug)1fD%>on38uSL6Yy(8>2|pn}d0_Pp?{vAymbkyJpPT5<=4R`W(wv2q0JSmgnE6 zgq6y;pe2c(mn`tvHauB0tIF&bswT2xkW#YXm*sspG|wAt>1jP?6bGLg3nxgN`o7Mr z=0K*8(&6FeHx`7|{8%wMB%o6FKDG@MCY>^?-bMN52h&wc0;@R#d#9e&5BK>< z()CtA>8{)qq=G!)J*$mt&EuDruqi5lkdC*wDmPH6wNI zsF3xY<6T)JsI#INzdgrmaxOHdV=eG!)!`Dxvy8H)|02KTgz4TWey6g#5t4E<-Qwu<`2ErT<68IaAr~S@80}<0 zzm4OW;I9RRgDFI&nTBT>vs6uDvcvSW0TaE7)Nzt6m}ePx6v4r!B|f``$`*V`qVg=YcisY2ue*uv2;efKpxwr3Yi3|=I^anCoko!6`HRtD5;WfS^!XvpA zOdJVqeXRE)RxSVeQy7IH-+$gtoU!WB_Is;^k0no4#YS9gw&ByW zB?@l2fLI4^ULt^PQMI796@~oV72Z-9(p}I z+PUmH6mB1KQfBaTZ-4yCn&X8Eik{yoQ?}RX$nxn*b7bwK3KTb$FyA*e+P7u}=1s|{ zR!9iNGEHK#)&@(Q5a#yXEcEhgZ+sXafu+93O8Zmm#`{A)fn5-Q~WEkrj2+Z%tBES z6V@O7!pPF2ClLf(G7+0E#SBsu@O}D{L69T`$QAiypq(@H*W&&Z;Fhf`?pM~db!1Xt z@8a`lX8uUrp;VBe#Kmc!N~28VYhHlsKd15NVnOH>13~O09)ER+R8JcVI~GHUJt$o= zRSc%-Xy-Jdb=K)#+4?qwgox!@TM)a|)JPHTun0?X%0X3SVXQXGhdd&#;NgL<)H)#s zu=t-S4d3PjAcXoF!r>J?QR&gX9}+2s^8-uxSC+^Q(qIXx89}c^Z5Z937l_`M7w~kk z%F|3Wtt%p|?QL~s1fr&5@FQjE!*8a`O`H&?Xe!~*g#ogBkIcm40N;`6vj#~EVIBlJ zD+?DP{M_N4MvoC$Bw_3cR;-(gO|MFD!E^_@vB=>GIN@V?$m!{6grAb7mLweko2DgJ z^!;`%M|zdBc=1(8{*jP8&of!Nn1v!To+OJ~ZG_fFNzmO#5zub-FmKe341hR5JC>dj z7c23%5xI!oA0oKK`?WhFilo3?x_Yo)ufIQ4deQ&~_ON36n1B`qx|Lrj{7)|w-p1yz zeL6u`r<{>ke5F89nEfwJ35E;bN3uvfZbKMJp_f%z_k)ZT4K!4Nkopk%FJtlGHoi}g zXX6NB-xaXZ%T%6E?Vab~X)m2uEKgBbQWV{tobs|%+& zc<#d7kRq4qXIob%9$4a?S{XXi5!+D-Sv@jR7owjZr?C>i=JQ|@NbNkBwhCuZ z;Y)SPz1~KKw}xhEm&;$|xMT5WuzM@StJ%ajfTM@PUWoS|ZK3q+LKLX+Z{8+~tL)kE zkWwgmN|><5&8UZd^tI&qINvnY5cm6@h6c@_43~y92Aq77pux?7u3o&;9|){#T<9yb zn8rRT*vyBu9$DluRNM-YEQ#1n!eOR4tswfHeh6LJ1;R80Zmb-1@HVKBkQ0Nh7d8Zl z_|(E-bR$kRA49xRSA*ol;kWoQ5(203&6Zqt>*-MlkUZ~h5U!V&f};B)XIAAmffS@| zkXf}#y|<;M&g*R~V7Gx5wFK{wC^_BH7gNoDW~v}XDi~edFhlu{k#SK$v&{CyF2(&Y z6M|iUIG3r-I&{4GJ09Uz;tt0Sq#__xu1mOo z+rA3oL!^G!LhB8d)E7XYrd#FcaB+uwVc5)>I*qDr8BfgT$Gxw&!c2@>Sd^Muv21D{ zn?ay13OxP9M5;%!L3!J%J((Zjwl?5uI5rUAF80V}L)o}$(K3mqSVpBJ=xOBS$ z>AWb$Ov-AyyNwQR6zeHRuAgd7^Yi~dP{m`=K@iZiF zH;C2DFt~BoW;_R2Z{dWz*5bktK@f3J!N;s(=#lN4I&#s~VAKI)SHUf7cnR;%rNOsq zbQME1wtNM_nJ`f!wigC8Bmkd{svA;t$`?PM3P*i<*&Us(ckojT{vp7a3?&qYwLuq!&)k6cFm2? zq5Q((M7X#&OXt1tRVK;&3KhYsmW!dIxKV>b+~EOKCnZ0ytp;a*f5E-`2Y0a9;VU=Q z-OPv<6Ca_PvJn-tg@Fzrnv3(*vLgg9AmTP5FArU;6y*4MWx2_hc+iAGjbhrfQMSaP z`WGV9xuV1(eC|Pf99VDwIy-AZLaLdbSrImJC6b_$8vA0kW^@Jz-1{M0r=ut=Ci$!I z>|DT{7nP)3&R+R}`ia`Wuwj6FxIZ)O3eJp18k$Um)^@g~&~;c6r?%+S7#EMI7Vf}i zSULk`AAH`l^07U_#$!P}bFIxg$&}LxyXQs+L(0YJos(hAWfx{9Kr^ndoN$_ctA22w zzUM8`A(&@vM#meKh!ynxkSG(&zOz0qyUq@N`j&%HL~4qUz({Gf&gxufy~71&!x+op zG?3FIIP#l`)zE9VAIc|9F^DW!-*<{Wignv6>|$6ZMcf$kG6Yd)`0pu)yDt+E%S|LW z5P2k}m4nMmg&{<$C^#oT?Bn%!bgkoO1_h`P5(Z-2j1&26L6Px|Tq~zWvIDkr161KL*MMe{> zF+ebSBX3A{<|vOUzuLT*bHDB<>G0~ns0tF!W-AGiP3n|A~;#CLkQbPvlW1vrkpUv7-W4#lgE{Q1|dt^fMZNsLk5~T6j{B z27^&7ksZ1hQj3Q-aFHP{w<|pUYi@U}S!d2*FAW^`ds#zk7tsP=#AaRB5r(0IfJ~7| z8UN2xqQ1NEf<{#^8G=%PH@2VeEt%F`Yd8{8;HoR%c9rzR;Osb+3DpZD&vs`;`4$@R zK|rI`%|>D54G8B>cR0DKbG&9c`HJh>CwXe`<~nD!!Au?~G#?&`g8F0?DcPgs4SRXc zB^ZH&i-3|906`2^nsp?AV)bopTGr9hH6dj6i>(RMpeYk70NB|Pem&-PwSYq*&f#wE z(afW_I7IqgFv{_P0<}17R7_`qvB{$0a^V6({?N(4fFU#jY_UyuhSewW;T9ul8=G;} z4}{LFbIiyTT6|<*zkE~F8W;*8_1xnsQXVD#r9Gph7mXB~Gx%DPp}1gLqPe|!UO?6n z;?-!J8@D*nWHc=~)*NO;$S{S84P6F(8RdbcY*N7? zuv7SLQ(<%b$1LBq(WK%qc8b*HfjkVC(%M$TL%er3_dLg+f2V~0)6vrs+&n0G>Z26l z(A-L(iojRXrlyj#xNBp{%&QJrLZB9@`|!J zNX{sBT9KWv4#mZPszp3prAp(vL42Y`F2m@xyATldAdOAN=H=(vQoDS~eqq9RgDlHh zK;TqfhaQ{i(^k|0x|sRz=0gdsgtKY}AwD`ATF@!2WJmKLc^dKw6D`lgN#h^SksDm=d5?vy`%w6HE})b zx2#BnYe^N>y-QXD-N@IMqpjDf4U7EO^P}62hPJ;7Xo~J<=$o91LBRAijm|i=sp4rI zW2e}CYm z0~bE_n|6az4uANQ&k5YTJh*S`-?$7tjpTod@8{HO^dq-;Gh=IGcb|@@9(Ib*Y@IZu zK2~qG7k~Xre)=DTsy&pdJ(oW{jlA{#{?y{%Kh3fEE2RI|YsysYe<&FL$8s`X9cbp& z$ABw+4))*v*?+rI?_UrA82bc?yHP%AKAyiVNB+yV|CcT|Kt9ud>)C{ZvXkGj^Ec(c zw!=A?AkA>Xa!{ULPzL8tJr}q`S0(%F&w#(3M3m{imY0@(&*5~$@AiFx27(rRBdMR} z|K~T=svyld=r><*?xg&}bzM{GgO1!<{wNd_g}xRrvS>-H4F9#{_j_& zBMG7?Dw^~<5V8AoKPT=`Tz)G>m=X6s>GfAA5bMlreI!D4RI)+-y$t9W%>|pB{sD0< z`X5gwARNJtf!_BYtL%XR0(3A!QhGZrT~sANi$yg= z*o?b`B#f}LzmMFGU>TB_iqdT5V9>x85sIbc2(;o?hf<=UCb>iv=RTpUxlY9D#g-jc z-3(A688P!>5>+CgVf5j^HBlYUuy_uqi(UR0ZRX?)#=9>nVf3;Cc_5g{9RM{ZGi91~ z^Ho=L>5I&y{J^mu8s&EAG}L!8vq4e@0Q6V@;Y(KT>aEv!k0=8se;szZ!b>N)P>h7_ zSM-lNp6TTS5qW7m+;Xiyuka5L5fZXON-daqKZsL#cpR!bz{JAfuwE91`M<_jAL|ra zf)ss&&C7M>TrG9O3CDG38Pq9tzHVOwdLrMR&8rD#o5yn7pm zI25TER~^v8^WvrOJ(n;>xF7p1oRH{n*yoib_M>`1kG-?&iF0jyI9to$&Mh^ugKPle zH}NT3es$sGEl;%YQ+f~w<`oKZ7v(}&uz_Y1VE`Bb6@9@L#_H=df0Wc_D*Tl%B?d{* z{OWnc==ZgfQ?G;-2jq)|ms*8FGZEtS>%sxUuMOhL`6xi#p6kkwPe5S zk-TK|$HNKFy}<=P+8Tj_g9{WDtH-0GhJoEZn#ed|IR&#yw_}Wck>tF19m;yT0TNPY zI1OpaMIz#_vM*pFT~fO}x%eKZ*}Zq$99kx`g_YHbv?#qnn9CT08)B^8wR}*L6C+QF zo;p7r)vMU|ncL+rpqO%c185cDL?1!UR>bAml^#|#JE<0KJEN!W zp51Ef)Mg{WR)^z`4?DO54ZNbaZClcB3HqfXbqOtQmAnL4o((%xHL{dAsiOGU^|M8NvGClI{pz zKNxC_I?T^&{m1PYq7DD4;V+?*^-jgz!xbl4H($RppmCvm2j^LxUR)1FOJu`DeVN<5 zOMouH*=)sq87im(9X`&8E2b_fjJ}NeT*c?_?@D!zdWxZA@(BG_q#;& zHuqwH6>^D>VdVIZ0z=Pyo3b6H|CgDgU-wBZ8}&LMhoq&IPgP2flo_Wifo34W%fQaI z?}H-ukwn!jG2vRn`S9>+jj?io{&oksEK@M-X|AC+HAzFf9>2aH3?*0XD+31#Eovdt zxB-XL1atFiig1~1j|-36ACB&KfUmC~NK^3mIST)b*Ah7?A2||-iN!V}W^X)xP$nzb zua&#iQ`hYe~{Xj$jA1FOQdvzBO@aw{lnmKm7pClypwUP%lwu`VEEaq z-2exNxuISy=FaV0J5cfb;ymS2$EC{Rs=HTY_1uQM=WJ-~Lwr%5t_F%BA3qq@OcxeGqTP8$o-MHxcx9q7x&^GWk8L$yos`cS`d0wJCW-*n(1Y$t^T zIo#}_1wvmg5tq$WFsW@u&DOh(xd=xb@*np3cQR`3a@Y6LSy^0-^zq;O=iD!XZY=LZ z=p;adMZk^F{S^ckt0MDoz%-v8bj$8ubs(}oXL$ZWBlRG^Hhb2v8~KV9-3MgVGV-zT zf8q4Oo_gEHc&pof3n>0Rq8%T`xRvR?z}b>FI7@GR9l}`M`=EfP_q3UFy*KKLf04$^ z)T$)9pVv1u*uT#W%_1?st=Mv!u;wt;ArXwww0)Mh`}BV4w#^x{eYC%#TEFDjQDO-L zOp65jbVaf&C=5gXDbCLsJWRM2){p)Z4FBic_sl8|nEfMv_w~n|rQHh`R_&T@xN}Om zKh!UqxzT2Ko}X>h&XH)kE>#wd+y=L4nrFpZ#CFf?R_h+pu*{jZ?vFrVQjPfp)h;8x zSy2?3Ak7Q!0pi=+qRL4|{nMX)^=o~5Z9w<144dmzjDiV$dR$m{Hw4E~(Ge|oh|lYk zp_?Ywk$QWAEj0VjwB%-{JX51a+;UjZR$MoqeZ=)HI*8{R-}y|wSnd4zhn{fcBlth5>I6X)YU{NW1vY9?xG=e7fxv=uuwxa8+a zz%J50eYXhZ{xI6<{<6wY&(dsxwbHJQ8=Pqh(Q^Ay)k3Km(iMu@@!aPNxHm(Qo7%Y% zAXRo*}&?6t$r|g8{)$~8Ak1Bo+ z89$BE#&AwcnD&)ebX>XNZnv*7zTb(hw~|3#C$qB>@JmijaL;q=l1@z+!nfmRADVd) zZ8%Y`^K5*;?$Kq%P5EAUuBYeT>0mJeoQg)RG5#J$fXJGDm)4o^{F9I_ zL{oDbhd(9@>)Z-@^yxQNv}KH#@>aqaa`-gE8D6V^Br671Hz7Ps!5{&aI#P!Ry{bB|GWZB<6Nc_S~Fn_(b;M z@siBRl0hUrFWX@KiI6sRY!=m!U-ufIO8TgvYgD!ysaiWTq=o^H;CL}Gh!KCdy3-km z+}3%@cIH!^eO+_AL78!d?tXn2eEWH0dg$l(UP_PhAx1i2LN&O@+hU!DI99Hlo%%-V za%QmrVk?54eA$A~Og_iV+qcHpz-39}v;gA$xR0AS?ZUT~;b1$YxSwDO@l7LB25fM+ z8t$@@de3tzF|$7#452j5Fe&MnQ|H8cU4b-*#*hz)XU@JH+5jT$jr(94Z9Ce0-#fmQIs1S<5zMdBO zCmWKq8vUSbniS`6q#ftqUvP`d+jHT<7>xP4{CsGX<~uE_?ZgesP$=a4cyKf9wf!5V zQ4{!A{fs{gyWK++^&wADFw6a&bCJL(Xt^mrAc3dC0z*dLZq~5Bz{&M=vRR zb6IHc+d}t=zd#mjTTCNdbrE|0;lz40JrI9#Q%V^Q7iWxa{1I{0niHG(b{cz>DzbC zU7C+Mc(7w_RDABx^9x_dTW%u(m3pE5ejK*I={1qUnj%1=I>R{V!MdCMaWK6Zyt4~r zg30eAqvOZkNA*{egaH+S!^XaX03{4Cs-hNd>7`4XWLBc@%RraSK6m(fLujt?mqk9B z5{<3kzPWu)4UI76n9Uml7HZckNBuePH~G*Wi@!|%+Sa&$ZytYGeYR)Lben(NZm759 zyj%RqU`ODvlN{_DAx=G#o=DLLL@&v6@9Kl+)KcRj}Cl#Psx~2 zB{ivA-rJ~x?-q@>)`qXfvQfP?RzhLr^yeUA1bnp! zGCuZ7lOcmb>{ZeWsy9F7CD-uCX!W;PhM|1dn_I9IbTTDCB;*eZ8l*2}deEOcg`d*d zS^W%t{FuIM<#%Rn%x_ut^5c{m#Y3yYaH;bBeO7GP$QAXg&eRA0$NTE_wo_PLO&1aY zme!-V%!-*Vq+K^Lga_oyd-@Lr#_sRxKcNe1LteK@zD@xTTP~ zjEgvo!8b9AU)gNa*?9O=Nm-}~aV(o}&I0>mKWI_7&l!)Em5iyn=B%SgY4{FBy zT`KYcK6S4|ua5p=W-$*T8Ygic8TLKNZ`gE_grgoZFBjf@Idgw%kjr4a+&FSWAa5oX zX;jjKSt~WVzPMHX9x5Nad-u}8MkTTIxrZjm54pTRz&*NWmVm^sZMg3PY-9c*$`w($ z0oZIN#t{ICdn7EF$91fKR-E{>UM}>*!WGD!R}I@Xqg7T05nkzPUT;6^A2F{Sb(a>O zP+3@5f=s2EN5*X^U3Zw+ZKXV9yT8AVJ*|?3u*%L2Agn~7Q96!~+l*pLW3sT+A7~#= zMzi9^j3lF#bRIq~bzerAUu3pVuDqVr8`_!zEcw>5#|PRx1jFI3=Tn1dviHXL?lZ$u zT!_+fd1fRc(?&Dg`<6_IH$F)_#tk<$BBG^nT6&Q~xLZo$!W8UNP&iw-GuhKI}!LqBD&95I)AU)B)T-5gI9ktVw3u zLVUFK!_x8W6fq%jq?s}?1`Aptfq^>SiCQsAkiEr$LGe*=P;!W)gM+ganhY(NiUAkG z){Yc$0pDU872pwbnJM8?YAgl-th+?GpKeB$cvc$V(_3p{u|t@wNbs>n7VQ`?=nEsT z;_?IZ5jN}HpGX1$XC%&?(ooK;n?t9|76jexUf zZ)!9-;$(N4LmFiv%&5tzfh@dD6)ohc_4W-OSyZmIKqF1L2B)067Zoe}q4jnV???ix zJx0@f(A&kGrBl?{vE+^nCG|M*__cxd>vVvpBYZlTrm!{Erh(ZIVPnB-DtvFV!F4Wt zI-6~D)PPrPbuW|O@WE?T3Q1WU(fy6ECT{TwG_DMUKHeyVX}yipRIeDKsIX4vB2!sG z^rvRVvZ)gz?*jO7I-|XVV|v)`5QZ~t?(6l;!4Q%Dbu_63UxJpKyod4!pJv5|yhzUf zjP|8=h}`o{3Bj(NqEyRF?yRoJ02&N17?tx`#~bxZ6dO-Vm9G^m|#0IBPfhEV;T_u;hpDvKj-`@9~aMbhdgB4J-!Xs+Be2WxN{ zwHKylYVYdzr>WU>Y>Lnq)QRE;8QrF1&FJ#qn3zf4$v-nZ889honHIxlz)|!p<=(2(aO(5fHv3ltKkfAn zWS?K#HbuGJpGr#XzmV=2Bl#xP?aq9m$YgyBfkVH?4*@igW+?G6q>+3I8!ekCCrD{w7e87?mUWUYTm1k4 z)`$pj>^i;=soULHFLRxFARTpo2suI}AeOH%m`f_N*{2Qrjaj~VV^SIzGjup>Xs+ZziEUMRn z*0Q@%&4we-$-|~ppUN5WgB(WFUOWMfN$3+ybmO_kxjuehz*aLhvAj@|rMkQlh26a@ z_oFA zYG(UapX5y^+xRMwJvV|M0T&R`7hao3E&RcRD6hgJplNvFRRNqlp$B9a*4{OWZk>(~ zWJ?Y-b^sWx1zmY%zN&#tcZ!p?xbm$jfssayu)O!GHZbc=Jk>U50B>1#Q0oamH78>h zztlLU^k_)g<%izE{{wA6lD~V1v)`O}YQBdx&rwS{)OlqcU;nH2$F0smdblupST$l} z%60DSLVHUaiuj+$s?-x_zY+Dj`h9JL>>F`!O2-UkP2i|?hZdg|`)8u}xt;wwT}PM`_Pzs zK>6R*_8sRkNgO2qiMTM#LL7rg z{8?g8i?hN+$hG)AjdfM)C~ZBdw0(Fdl5BhGN$z`bjtPA!)a(v^SmA< z>*}>o`UkajwY1I?>1yHI)UhYUT9}LTZ=CN78$ntFm7kP1LFKbF?NiB5O8ZD-?!ulE zx<@%*VMmQVmo;TZPuM8ZKIi%fJ6B_I)N{~#EZ>v;KG71A08(bd8#`qX?Bh`_fNaJPbk@Ru0PT#kDe zhG4ZH*;i@{aCzr0eEa9GNpYCR=(~URwX@irN0xwY7tELygjK7&K{wN|oS56dK7=fN z8$94;){3&!YuNqPM?c`!h&~-%CAb=8wl#h9Q7e*1A;1cx$1I<&1InwsM1e z@C?S2NRe;aiu{Xb@z%?455x`S(@nzg7X#@4t(m?YfQ=#Z0L& zb4A3xYp}%E4S`x0KSN_5%#ELouRJ&lk#=m0TU&&yCyrq|*Hy#`pH#;RUpk4uke>Zc z4z+EyVCy{03v_{fLo-Tq%TYr{pvhMui>ng#=8zq&@=>bpY2)2{hvY)THdp#THTL8r z4z99mr|{;>W9XZoyotxRXW?cwsm-TzSbGi0rnO;{B%7LhQZ1YBUaVrmINMoJHX}St z$CXWE+Cd|IbCbhCt(!$m*VJs-4=rJ-@&!y}15Fkh_VCVCB(ks8i#so&(ux_s>sR5$ zbq*AW6ukD@8SJDW=5-DCmQ?V>7nd(H9>x|1yzsR5p@(!-+CyRO#J&v?cyKwXEF$b+ zCpBLJdi%ObKU9K4yRP9Vsm%&nNAjd9>;e!O7mNS@sHhjyW9cZs~2MVvM?<5wIT@u z@6epb^&@9-;QUQ|I!=|A!pWOdlhLF>2*WH^LA&s~!U*f=YC&a10d5?>f}Ph$InX>> z%oJe%bMHVber!255r;tHAab#WaX3O8YKX%~1ZS+;h%MVT;@O~1Tz&1=cs7@7*`9X*=W)DWnDeI&-ar4YQ;Q!Wq}X79Emfl zja09x%x=AkKkOfFf}$W>i~F1<_~0RbSczK`uf@i6mfPB!3R4F?yl}U7_JU@>h*6t; z1E=?Vguf;Oolz_Cy-hRlNQ^x{Bdk0lSlgS^$wL8@kN9?A->?6He_X6YV$aI`TD zlg{DOw-4dP++q7^!nJ56j$M6YuEie`#}>$;{zX5IgFAb8?;fXz_lUJ{ZbtrvYxvW@ zQc$RA8%Xcth6kVDip^2%JC|_-d*42acPge|DF`ZgcP~Gz+z^j7+|RzkX(}0%WE*Pg zfMuX3osQioyg0gtxAtt*vhwHWV&Q;p^hm{^#@ z%F_ns24nZ|mT(9T#mYyPU`?nke3=v?aOmmnM0rInj(l(&$15alI9$$Wt^n8mPVbWBALoe*Whs8a}*U=_HVeP|S zv2*bIugB2VF2s?)ox(o$;<~P>?|27r4-UB{9K6}HYWdbJ_)0_*F1+>uK1pguu~R4( zKe$-3(Iref8c~zMzP2A8=iLFQqiL_ObcbKeT>SnUG4M0(K*ru`qOyCJ~OR;Tp$*ZL7w3dot(h4eb2GSqb;a zbmUOD1tK9nl2tXKm=S0_j05*Waeg)uPqIf~awF=*VWu^rSMsj4E*8sel>7UGVlx=U zQeSO~#R@)4h>T%#C2n50f=>@6;e#>!LFzd?z&R}D_tc}Mtq!?ax!C`HBF>QtyoI_? z*HBO+nA^Bx#WQQMI?@r5w#IBy!lB?fRojHTs~7RX`3!uVKQ@oDn8UL9GqHJ2z%9)| z`Z-c+V&OKt`$#C(o3pa#;7L6G7U@jJ7>clY*t9ejzgkI8oivPKX(IxBOuifFLnm#B zwq90IX}KHnj(>y?j@{t+IZk!;scTzPn zbvUII?7?a67mO#@#AAJwBV1IKJA(?+h}IV3*e8iNb-kF5^Wn8nz#DUx&cfHeOiEkI zrjQMv*)h0pZ7_l?yHS(Ld;YE@Wc9kjZz1iwE#BN)O(;5kh&W_Th=Vvo0%ykJ$?t5% z!#?e}@y1TI(hY7img4|6jJ6I;9?&O^dj}Ii*n&a3fTyLR2-iM%U9zn!RN0U=E^b)<%yW1= zqy_b-j^U$&H*vOCOU}F7&|6i2L+>2KNBJGd)Y0!=8;4NhKuH~e!_mZYWb0U3Q7J}> zBKXe?z^cUoSU$r8LAK)C${}=A5i2BboJ+>r#GzG<1NR&dh#$VR3d{6JQ+=u!|4O#S zx1L{$*I)DJUP;gS2;%D|uYQbi7N*sT+XFGsLB&?th*5>iHAmhJ{u z#?mt$^YHu=@z~@~U*wgGl&?n2Trvym8T5$_u;<$e1=EE3tEo6hn*V*Qt`%pWuA%VY zIkqMm4=xBCfy3y}w&Lcw%lLHH*%5kQy%sB;S%WnpwotDHm{fwgCS+eYi+9=E^>DF{ zg;f2Bf;MIJ$~mLYu1W@4d0$#i z#>Z8vGfTg*3~8q>;?ODf3|0xL!ii_(`q}vUW?wdFYLdSDF{?&J+bZoLsuP{Vly+0N zT^-W)Ct~NnlW<=3LFF7~jj11A|Mmf#CY9=B^n=jVkug!Ye_0fwiKjbtwdjc5MY$+1 zCnMKc_EV)lIlq21rIzs3+PL`e+#I51zoo3tiw- zk%Eu^@;+Y4A3)Psbml^5Sd&|M;RD$Bcpw%GX5jt3XYkEkW9`7crCzpzPt!uS#1r2DfI9bdopgLmcN}p(A-*s%#@UI_oSpZHP%Ad z&RSFhsjpB==mjsdi39iiGdxT>C|iNh)0mo;q~k+iVvn?J-i*pE26GZoiQ9mQAQ zE0xX^;Xe_+dwnBISXs}+PyVnHtHO-XeeEj#{n96re6~`~6-VZ_SW$}n1 z#Zf4mi`T@`M)Zfj4FmP!6YOaZ+D?}K?y#^PL}l{G9^SfeI9 z+BM_gFvbxu;eQTWwho)OuE%$x2T*%qH-7g~20l$|Mn|7=vnZGhWM&b76||AQ`TQ)* z?5V)szwO3br}CtjmPnYxy!-ICMsslP@?hJbepDon?&0kc5RA>weHY)G$#&;Q z-^BJ$FXQd3sUmRepH~FL@?O0}DVte`@#A-rvGYpR(4G`e7P1*OcRn6?>H$0zGKjQy zUcwtE^2U_Sl^e-EK;PU{a8T-c;V*VX+EC>qFpFp(g$b{ zg)e&yFu45u)|prlPA8FzHG30Sz{biPwrp(gXlDz5KW{`k_Q7Vb2`N_*_gY@D7B z^wll^xXgdl*~8n~5jH+Scq+~jrahHNODn^*p&s5YNLU$+ za9<lj zbd)10t3>YMed~Hg{-%t8jKF_50t)+J%$*;H$5w|Uj1-X0F8XNBs$;KP_T0Kt@2=Iu zyVfKOQL(dd?;LN0yOL5#I&Q1s&AdO`M6V|$T`5@JiZBQh>#h!>Rtl+V+ z5*2}>!duj!2t%3~{;b*-=eOn`czG?)Opy|?`gpln&pt3K!kko}Va1G;b*rofF=a5% zTI>7bS#8-@kyOwCni=#Q(y(_3!nQRbh_PdGt}(q?u?z6Tk^sa7aNev+vR6IB-rfO$ zR{c=)ci?L2*!*x}EtV{ujR%+UJiXnuun)xSIpNqkhj_N$#LnHBNU9{A(_}Bq#_VVA z9gSzVh9TUz2DwReG84QKO-Iy(YauFo$6kvQS z;k*ZCq8r;{-rBiH2(pG%OEuqVWdH2x*zO8=(vF#nr@yoa_ssN0m*tR4L3xZwYLtD~8EfahnOUfM! zjW~4o@E*e9=>@na(gR^+2~gu;Yh?i^2PRYoI>V;D8EtjVsG5i-{}ylvoxc=|qrEZ1 zLwgU>fzZs$IBiUwfzg3(xcCPkBs7$L33qqemhO+EcEWy-wUjJcTUX$zMg_BpGs#<{Z5iLRo`$Y=gCY@P3q`L>1FUfA}R#;%=d(6OC4GQc>$gug^e>kS?OV`ydQ}> zjxBq_QSXMBx8Pa@?>E|6Pq!@KZkW9!6pP{*v}1Ljd8p{|=fysJ3^LnW!p_bP#shko z&0zPUIsQy`vVnuRZ+RG@nTJI^=_J)vQseE(&f03E9nY8UJ>xlJq~L7iB7E(k1U$Ml z1POsoWEEB26IFLTS7$4Ddl{gSwA^(qY!jvR?p{$dF^^1H@s9l{WP-B)l7$Qq#$r{Z z3j)>8vf(q`9pLO}27{s^l=CvCcDQQKVJ_$3!SAWhTswZ(-NhN| z%tBKzL?0O&i!c4p3T&Ij&$-*c)0TT#t!Knu@U({MAOmeB6)4oo0vIueCG5Q&;5ex{ zD5S80KOT5?6~6SqLOilE9$Qw#V#^#~#ClqiWyTWLZr+$Xdj{_1zYYB*1ma%59$e=c z-eSj|g3&>EINnY5&a51isy+p)fs&QMO2^sPRg#X(ymF-0-STD}^NWh$+1R{!A-=kS z^r4}y2ykMuJbf6_9bV{Mdt3PV8KRr5O=?R=+II@CP{glTgzr8Whc!{22;?4iv{m{+ z#GgH7%b)$}qTG$(G+2wIa<#&yZ4(iI)oYpLM;X`mqvJT96qA8Ww&z*r=;R2)L4Ab9 zFd2cts#(-Uj#gH1a-koixf8YN^{5;V3M+Sn%!tAhD?Q-ek%z-{d|t?DL7m1{Qqc7m z85@UZzr7C6sMc%C!f?sHbEjhumJaX<4#UdDv@tc;Gr|JqgPlmHu22u9Tts4lulAWi z+j5YJ_J?zkL$*L2u`=CnK|9LI)erYA^M?H-dw8qm;w#TB$9=RRV%!-F<60=?!U7I< zVl7B3YQ&zn@7zZ@PoSK8sN|eF(#C;FQS?=rcDABL%MMVk>nu!!gTr7q2CHjF;b3CT{l0u7 zp4$|O4e>q*@t`iFPSMm+t}fJf0lo+`s76Uc7b%0q#uEC0eb*nIiCHctv{iUsMMYt4 ztgwT)r|oT6B~R7?-Zd6)o`VGuZt!ztWgz#vvzsBRuakneg+50KQY8*+0?pyY#DS66 zb)qVR0ow6;y4wd~4Ru=r`)k^<8myCnp9jcpxFCdmUHO|zn~Z0WlM8$u4Pa~3j+6N# zcc-K$XDq}2do%&}Cj?=Jm(vIwwAYiW8y&QvZ>HoUS@kH*wb&LzJ>bf-c4$uuyOzCD zy{%!~!(OZv47!i8C!ctJ4IWw(HEK^v=Y=bEiH{x3E6P#LhO8nOraAm(&Bp8)f6TP* zMbX&?gsxkG4Xa}4w{=Fq(3!Xz(R8bK=EC+2y;ue*dk$^z`kXc!72DCa=@$IuT+pJqvIFecIuim>_EyfFb^ zT_1%-Y#HURsjJn#TKcxzvTD&-)jr}bF4iJ;!5k*tEy3uuQ2DHVogn0*yRvqKuXapT zYebqqW@Y?rA&GkxACqgjgTM zPO^u$cps1_RP4z|7`#{-py6+q?5K(Nr1n~<{pLe94CTUE$VD%E%9c^bOs0-NV=dww zT2Y&Ib7(E5YLA<7P3GNmFYb?Ja%N*5lFnbl>rC#E3dvM>j)#NL4VpL@6&9kNei$iG zO|Ofgu@jU0=OfOOeVp^NaGuG0hs*kgo-KU$3MOInbT-2=EDGMv&Tt)QMq};`T(0Hq zk?K~D$&LMN?^9n|iL9JTWLEM1LPJyiu7lKjT}+Df^6|o!NG4SpHY1(EtgMn|Xx9FX zw-&>(9MbQzrgoHE&^O@f=7qKMTw!9;hFr49l$0@%NF!@@aFF*C?*Ob}zxoifHsoKr zfveed$k#Bg)pK};vUy*eA0oXR*k@X0(~@;Yy8rVIVMtr4xoTt&Z(TSv_b~RMS|>FQ zK>k`A235gMw6ZNs}xkI9dHi~$)l9_0`a zg&DjXbQPu{tF#t0%OtiYSa`EC7RF*#172i|96fPeA zxc8BjSnof8iVK%;=v)bs23@dffhX-kR?=V2N7@8Eyz7kunf%G(*(E-_d)f`h_P7=< zw6mkxb})$&I)yGPis$#dx4F#CoQEtX<*RHJvq9Ewq;2-;L~!1u00r zd1vk~V`6OT09O}xNjA+)T9K1ihC;TyXw>i-3EA`u4#uiAeh4&eN6wi<#)DZ6K0-EC zF;3#Jl?((Co=VxAEDnMq-^4T!U;6GkwpEV6l2F=x&b;fZ@2kYp(%KBHuVzw57jn+u zUJq}B=bn3x0q;sF;9b+p3mmBsmPOf7?b7h?>_9g&os-t*$6qd?Jy%VCB&cS`m zfL$BF3a{2eTw(?F`Q&_Dp&^<@jfd z3bUU_1-zAw%xBJFFxRRR#aGjj%)ULE0dL=!cti&>fN#SJGd&y5DG~w36!5%!oWI0= z2N^Z!vSqN_gNC;SvjCald!850p{yHLn;AO=u%d`Y$P)Isc4S|Tx^ko^(!rlxh%4!Z z$jYxpEhlcmbcD)t1t@2hvN$Z1I>a2Iv9qy$y}0x{A&59!9s>t=qb~Hf^1vx-AF80Z z(*bX3iXx!k8iM=i`1NxbKudWAvxl;gN&`X;c;AjXmcJ__AS3W!i-27q;%2gU(QG$Z zllslfvIoVNi)d6djPHoN9l+E9?>TO)rJ(ss3K}1KJ(xEa;oQkgT+S%O%@zi+t#}r> zS;N<^1=*~QuA+t0#W@-%`eDQXc4~GJk}}9v(liJwA8VdsU8qRU!WH(9I+0Sye;fY0 zmYRnfITgs|O>aP-L9AY0B+Ho;l~IDk47w+5g|VWC{>EBlu&Vq7&&|s`H#MJe^#;!y zI!EiprIpWstsgcn@}@J9jzK!tT!VZOq}PO-IX7|nMh=p0)}pxC1YT~A@T4=Uud5At zSrw?K{h+fxiEFW74l6-pTyA?UJY(iy*}PE9ckV_*(kZ-sPB615Go~jqEbJT+wrCk1 zo$CmrvNT+{n2sYi+ec=PPOuiG$?3RyEpyzp7;`RD3V3U*g;f{o3rlcPN5I?A$QrYj z#2}hZdsI&%*gP4aRG(2^vdqcm!^*$)%qnJ|G55YIWM0q2`Rn<(lvaqe+zOPj{8m9{ zsi_Gw?8_%Hhg%5rPGQ|$d$d-^k@b^)HgF9I{HyU|`&K$*(KDawS9hg>=uTKh@0 zNkiX~_F&ejM5I=>OG%icaEP&iOC8_;TsAJI7T{_|Ic`=kX_Cn-LA0w~^xEj?ZbV*1 z*HDmH=lpL02T>W&-B^Rde9k+o42dOuFz1EDnmVqP7rQGAc#GtG?Mh(1{x0;`y2IJs z6Z1Xj6h66L#$c9k_zdrd`!>g74IMSN zf`h#~gAXw=(q$8*^z#m9K-HfVfULN@aw!X!QY%r~#VSrucli4-fv3I*>6L9LZt4Q# zOlWZo#X=uTc#)p2v9SRc)0#%Suc+iVGPXg&#wA!9%tVIj0wkTefgL&R)8G_fpp8{b ztG0x}ok2h+XHrIUztpFtA+ekNcx~tm8YMkm+I%H5KZ#BB3ZsmP|n z>NImfaELD}s$F2k#8)dnfB4xm!MC1${u0x0iTg6QW)OM|E(M6-zHL9Ni|I6P?ndXd zG{kmB%sfBLVm7y%g$3_(b{J%JdVV#X3kJ3bp!45`PU;{Z1{3RA=%{UjDTA+e>@(Py zQH;_eI*n9{chsIN8-O{JN5r0NEGa|M1Oaaa-_g#8j-GoK;<5P*)L5}+C@U;eh{GA; zaE)hHP9du{S%ztBH;Ae;1t=m8+69pAp%I7)r$f$OpGn~s%#II3ki7zZ1$nq|fwIaw zXOj_GN<5gqZvhcJtF&Y@tEa}WV7U)=Yl1UgZI5KlV9U~gvxJ1Hs0$+Zeg zI|l@d|E~GxY>HrVw7j3lfL15%mfj9@)>TP5F)^bVor0F%kpaT4X5?K;Vg+s<&QtG? zutSn_kjyHR%JKT5PEmm?448ap?TzK@7viC%Jo7zGVbD;H%%oIYOd*>b=a7+0O3*sm zO->3X-7|5mxM|3~6O~=zOnSU`LoDtkE1VVABJt8qT;TjKXOz;xRgZQnJNVH55a7yc zD@8j>vYAlEJ>91u%S5mj7A*FGCvmf*6Unf#9OZ?qx*f2SWJA#X`B0BqkhkFK$r>2= zu#()~nAN=ucBd92eH>0lr+`o-ER4naAR{tAoWsZGOOaaBqouQ55H>3k4?Zy$%hc<| zfUUbVaUlgH%=mx1aecMd)1;YB?aC2J@q*g6ue}8oMap$cB(p~kZ9PZYr~Pd;xW+Rh z`wj-Y#lH3nXK;1HT-?9N9l;&!FUhsIs9K9OI`P^pY^1gDvY-{o1fUeM9|#E5PFy2X zCKN<0#4`^>V~Hyry!p8}do~*vRQ7OoQ9bJENC#PsdXrO-OS`&SI1d@v7LsMvSx5Vy z4q3`^PI)i=*MiA~33~ZF8!o2ch{_I7@9V_0d|b~gMkXEBsv>EaSy>|_VKHXA48n#9 ziB4Xgh@RyQk0u7PuIKW7ilu;~KF?ThPcmZAFz0`s2ui3Qs%IUpAv4lXIwH za*Y)5cEZXnp$K9i(#ej_eLH=$rzRn_oxuuAYq+xz#mUhE!9EHUCfB2u@@(oM0?-Di zZ_(@a7$3$s8XZcCLuOcRik6 z=!pmha~g7Taf18dytKcYQQOZ19iD5p2ApthK8{?@!qH24NTr`rBsqy;?ZqORrEz$2 zwHHEKNHNRbR<1=MlCw)uT+QGrnT-1DYS3KB0ER}ySDJ&hGvb#o!&CP~Vvb$+h&?IJ zi*lY9X3mb1Bj2H~4h7}xIo!g%tDy_MB4ZF0>`8iB`Zouyne!EiAd4RK78c36MIgqR35JW; z&chN96Le)>#c96d@seQ+Q7|6#@I2Dg4+>Uwu`Wu|51002B7dBKw^VU!C zCQnd5bg=5$n~7>dF8Z1pkg4+3j>m~%YGs3fgr(Rv&kas(1xUGc9UmpPNc(8`dm`ZN zk8NL0z^Yh(#7gHT*(b;bAzF0`AFVZmBct@JgCRWo%dz8X-4Kg{KJ~JKflf`i$Zyhz ziz|Z)l#5(l0icP_#VG{5#h$bwBWUc>#mYTt)sCKme4L_OsBM_49=0`bbQrNGtGOpN z@6bXnR;-$hN0xa=Ya#sRml!|Ll#4!VQx=I;qb{HKy|IaEhTcwdEgTzjka9IeT8l}1 zbp%4fRg)rTd9;jE94yA1Iq6aA4wWVO1vt4!y+C$jBZG z*2N*xnamdzj5DyH?*jFk<`4l&J)YQ>fia{3cSN8O?;^z+ILYjJ7VS!7kaX=`%`FVp zF}SUZ42aCNL4iKl5>EDw_A;D5$z+_eRw)rg9mCL;i{Z5x8Ow1uQObpgVF>w`zR&-k zNKo{j5yl`G^%belEt$Zm&kER1CPG=bx+5%-OeqNwOxU%AQDGAHpJr^PpiPPgY0qH` zFKj^u^*rk`ap?x_z|=ydFi==j)x{py)ImIAx@t!TyeEr8RHz@;2QxuM3x|osW8#0e zLJ$*+<9JR78h4}M@>K?qTcME;C_RFf5KJiNHa=lk;$@2dicF*y)grA{b=l(o_yl^v z$JYg})<&=;6QdF3eSmh8zM&bM{ev(kj;tk1ec&_5MAnovvL2VAm`PH73R4E%S%f+- z1d*1l$Ub%k`^j2zQ=?MDE+Cvic``c9XJRGk)XiwN7@Z=# z+k>eHgD|$Ijm?BR`++LnlTxI6Z+1mD1`Ms>PrKXGae(*UGSt%cP$r~^p%L5D*puSy zzNp%hB{fVKG_z!jFcyo{-h}~g8Zx3SfRIfuJNjQJmF_o{1__rYtt3aw84Y{72o`_n;E#=jn7mn})sDYf(yi z(zX9%g|Cn*b)lmZ;+Zk$aFxoQ-W(yo#+J75nz;~PTTUaymQ~i-IXHXq22PTy=`!i` zm@LWO5jODk^u)|XwrFgk6LV;OG*nF8v4lbYm2*fNUQ>wFQ^)a7;*dCm12Mj5G5%)_ zGqfY9Y+Bo>#H(?N89ka+=2L#Y4K8>XtAOj#`^Qgc&v>D?JqlPF=+= zwxB5E!|Y;L;&HN-_^zM>ByJXyxEKU4YC%&=Et+{I{^q*!7Zv1IiC>gJYC9T^49DhQ zzK9+BQgCRT3M#!4(p!o@>HDJLM>xLAURe$_8cl18arWI0@dhU$IRPg#?3`e0)`^Jv zLY(8dyX*W7B<3}ueUOfa@CC58U5I#pZv+HZVZCoMjndIH-_p-;En3^!Zfh-+My@4h zvG?}OFjBTRWa0ARbQIEaF&Ua%C8jj)7_3;iA{cIbubean(Xy*XWK)aJ=}oW}H_x)o z%!!-huEk{F{X%?33Oe{%Gi=^U8!&y4bYndcrW+H-O;dtchPFQU@ zm2SPCAp#662hWPYV-H6oLP5trSrHB%yM|9Ll_Et|rs`_X;L6%1c+kZGF4P$#h92L` z)PvdEGqH50JuKP7>*}FnczJILojrZjE36h|709Cdm*H#6SQR*v6@e8E$jE7s?8)gI zIqW}{b5W%y3^`Hn1$cp#ZSJEe&PV@hX>l!X7F461)ho6kp$K(kRefvCaB)H(WYdx{Z*PcB&dr*4iBwl;9 z6SJRPip`$P+Bami9FubmHI){f&F~FDP$L~6Svfd-ffw5=*-q#ZYzTsr zKN&oNucM%v=UUw~=JK0ZNK7Ds?ZtTQ;9;EZ4}i~dd(2%$+FUXTG-h1Dm3>7xRpx*v zSjm`RY{5!(w#yJq->UZ*wI_X-;sqxW^q(A_X7;WKkDG_@t@MKTKnn^o*aqv&HJl<2 ziNrw!oa{(V9mKW?5wYf|ZDV_nF(1vI&a8f&v&{kRwXD#%b{)r$C$cS91&U#Zd5>(u z(@fUb#NhAzr9p7MLaNmkGL@Ly!-v%!-&pC1a77!+=up~s_%c2|QqH@os7|*=KwK17 zu8o7$!Z3J*#$jn>F$yV9#U;ZxHkS}Oi6gw>)7yo%)YJHIXFd+(woA+$`V18LvVBQ- z9GP4g0AbP3h+(8PhXT^!9yxJ+QgbMh=Fp1bJSNQXeUv@{Tl7+@5Ef3YV{l6E<`m)L(;`;&(jn@>Wd63|bX;Zv%b#}+;OSToEFl%DIr|XXi>@+bc=81eV_=X6 z=FD<~S!X4#oXKKhOX~<`IwfvhXlbZH`t_V)y~d!h11oXE$k2hddSq91u##EJ-C53L zC@s3+vWyh&XVUqq7DPds+^;+`kMiV9_x@)vOk5GiK;GI#o^WX>L-y%Ycw;vMi>kFS zW3SQp&5QB%bqvz@1Y-WOdd#_6iSxAYT2!KC!piK>RWlJn_6ZZx;a)p*8h_khMVVFx zK^@4n7tEfi;iO6zrQPa+AU#%DBkLmmuA-|{kh;+)C?3CH6_velC(6=q;FEVwW9PUf z`PvvUnJF$9?(LN8l6;&wdI}$(E5y~RL0Ck^V3V~wz7=VXpfCnfGm2oAs$xeW4hbt6 z_}9YWB5`Qsp47x)9@~Y?U)DAXhe5U^Y%9Nst9-ApZemt5o;HK1BEqGe&nBrOIJ%Tw{%J0Ia%!~=M8y#*eKw1h7cu^LkNKJPZb zgl(bjVGr0?J;6-HK$&2KXSBA9#UV+1Kct>f=?NyLxKUPT#JMn8a0>g$$`%&p7MRms zhqFnS@ZsKcoMRGjErTb%%PjEo2LfRiY!4ex54KohQHz=ZlFo2DM=w0K&;z~}ooG+a zz^OeK@DKJZ75ia;fuvcyKRwLEf``LQVBD08gCAYS{*<~AV(A{q3VG^k&(1b9-8haN z?=q>hgfh-&7?S4Jmn;U6v%TQZ%A^793_>vnR=7R()wzhVY(Zxlo&NhSW4n3|Bk95|YT$>|-e?(Sj0Nj=(_fTArI!E=^KI%!IBF$EDC@lozcXTQLq zJ=vPXAk>lT_!sx2@IMT2PlhrHY(0ayntQT@>%myn(2(SUc8ppsw!co@#)K?QxrmwX z1Dl3=7U@kqS?#r`PAVB=Ehc`JuobS+p2Vwk#G_ zun_Ug(Q^!1vYn9{PEpy+M3yCMVz5rcQR;7HnK(%AqYM4m?o-&WtJ~UiX7L8AvupGr8wc4+IC$4{|1tg`TFcojC)` z$gt=`T~f*_`J-%EbXpkw(qQtir3GAA)HulGtzs6CwlKLunV4+~2PVnSU9$pDEhZb2 zgC1JT8Q^v&YX|4+$b1u(ciL6LE@n$9Z(q*iiH*3J9vsZ8;vkIxLOyZvGa)|&w{iHs$#`ACH zVDHs5>|kuKn6W);ced+TyBH2zBgufk)*iu0sHkit(VNJ&Q|`%C8_7tfwI@&Jk#UQA zSL{h27Lq>lbvvvhqs2sRye-&TI3Oe#^Tl$D(aYqK-fqcnS>Hq(Pbzwt-l5l7J0zPn z2~G&1Y(C5&_snZKO4%eU(@e6J33e{So4Gi1in2*&wISIQE!)_7P7{Y4SI^_UgG~OJ zEDmN&?2QV;Q%}VrnoLa%H`8$J#5H_)mcee7ui44ggDh4H@UWW;NPKYHLwJ3LhF)ta zTjt!rE2o=KC#VK(0?6941>gP2b9n8S_uvsBP&E9<8U{v&2v{={Gki#q%}l@?2D_hq zm07Ss}jW6Cd~Y~lOt>Ye!TeMdHjuZbR|3x z6m$U`yjCpHrSr#O=*T`Hlv>egNDO-_pB1a);7|H8^K$kIJ$f8J*qMxDJh?@%Ta4Du z7FHN#;_WvsVt*waCF&Ot!sJc^kUdAe^{biXnuPBYhf5kbw6TBqsqKexfGNC%`abaR z3&IBS`IAZFGZ{8C$`>wPgMU2{h+rC4tvOt;6jtK%*FTSpozLW@FZR8;49Ar+U2`YS0&Bn?{59sb=Bk1x57{Rc1MHw<=*)|TQLRCT=o>1id%l6nc- zGx)*2SY&a!TSs?YDT&vKQ~9w%}$HF9{-BoISn_n4PF= zh_$$xmvftIA@Jfk>0<>ScV_6fR=sk0qSLsLy~x!x%_FAAODQ~p5X$Ts4}k-FLj8(8m9Ntf6|o;Z zzIkIMdtJZIUTrz8C^I5;c#scPM}3wrIf>sYsYL?=bm?^F4mdOL=3xOAx{Vyn+;(wy zMyLgE47JyAG`SNj=2Z?299#xVrVWRxRQB`Rxewnukc&jpvvu&cl2Kg2`+=$%J!y+w z%}m&r?nC{K_@(ul-d4x+|hXbDEpr7$Dj6Ov)V-T zbEShn_Zm(lrDIQ#5ey6+5E&t=-qg49NzZWN4|Y*IT|zA}tN8ub$? zI8P>oyxtZjKG2q=}##a9BnQPe(^Wiy#qF^>Iz>TjamGE zTS;@cgg-IZE!qQ!SEd^Zg-I9j>3fIqdX_#JQEW)1?Fesg^^H|IAv;pQIkL*Xmrj$E z)Es1T;njXG(Kot~J*N-sKaK52n4G4Sz@|Ni5BFZ3^c=+9UXR@$-}&=f`103Z#Ag0& zdj3^x`gb<2h?XO@c}!gRK>F_^{=WAXHuG*=#Jlm`G^~i@a?;TU(ZOg@#Wr7Oj^Y2k zm576d%3!w`T|J$wYRtlpw=Q8%&Pe;tZ&@^Zz`Mb>shn&u$MF2WGI5gLFtHYTbYc$l zR^j}P5AfER5?rWaKS~BiX2(0x$tik`YKa)0ssd?_bRb?ijvs2Q*QWnFir=25N07-B z$U2VS{pnw$*YkJBvHjwmQg*kvLtK4Xok@B|qdHXPB;seUXW^{IT6DFQv;^!AA&w2P8HR>j!Saqg{t7;*4tmA*C( zV)@0M)Wji&Z9{b7(9=Tt%RPJXo9(CZk8`<0!EW&rLPr%OrQr18>qwEFNUD7%N7&lx zc$=m==8dM|9VW_Ltz_`LUC6(fLp4r($TmkMMJS?yU9V$rP6nGvf2K<$BpkomKbbQ+ z!Buk(t?AfzEETV7&VgsASc^lSCgDUAE355durS&VvwX)#Cim!3yu9m-bY>Ou3>JRU zSeI1+L$w#_K4&(cr`slsUdiIAq@bLCrCf`k#Uu@D6aqA!Cp0xJ#R>}qU zI3Od7Q(BRxmUg+13&Ef?984{f>l=tG_}l#3HOFHG96Fmf%5 z$-tm%Ehh8g!d6_mJVvq=+plMkv7wB*PHT*VgZQL24t0osZ+8M$Pu zBU6R?Ra7wyab9T3g@|FOn9Qaa=QH9=EUjVXdtn=s9E}jZaVd321m=?Vd1#QO zD`fs`Jg||;NegWmFdY$=8~RwrsUvv(y*-R!)uNjIyTEx%@bw>k8GriKWBAFvVVLL9 zhN{yCslOBP>J<$-5YbMJZBv}YMPtMu`;ucIR)76z{Fs#T3w;JrmS2n`AE%(4j2hi+ zRbtEUF-IB(EQ}2x)wGqVF*<0@D-0a5ddofd;}4(1u9v=xeO%9duRhPeFX7Ga&A~&A z>4`x39T|>Hl86q+wrD<`K7x0T(I--RYxjqi%!}Bw`&0as=S2=VDusqJ3Ey314662IydUqwT6tJulatBK^#L;mk?zKk8; z-H0D=3k{_HU0o0LscA2MsGW%KLHCE2v9O~tWy_eiptD`+&;!-ReS z%BCg`KlragAaCH!pk2G2fM{j)i$@IppmR^{J*Co&0b$n zplFT`QbHu{{3jmy?QZ<)(@dn4cfd&M2^WILzxn{)eC4ay{lDw*!+2J1X*iih4=)1) zXUvOqgqwp2X^a|>O}e46#-*F&jIU`VGnO@-fx!r+GPo1I_nwAIR2+N_FPtUq5~-C& zj9O;8w9`4HHAw|U+{Tg=l+nzXHETv99b74?ldsS)UQTlUv>6?0ZtS$M|9e zq?AFgqPKUS4R7MOU%|)!ll2?COzFc3(`STiy^rpQIO$(Rr$Pxgc!c znQ4mwa|!%PxWA6>kFiZkdnKh?!Le2|WcObPcqS7Tn}A&sqX8}@=#tZ|(HxHIwf0(8 zq_b+fxK~vB1xAWIkQd*Vr-BW+m}`w2j@^`C%#mTpr6bHFDoVdNgeqgbr@G0Ic^4|TqZKk9)%}%!-Fsz# z0&TR@LozDNfQBnuY4`&~$yTGY9Qbm9r(*r}H+X{KbN9GL&K?wAn}eqaCBH}))M+cT zX1cKG56_$AsO~Zi^n{ZmfL?A_c=S!fLv~4h+}%YtyLL@^QTr`4V}b=BvBeio@Ml=k(; zJet)xY6m8^h2D;Kgos%~I({HS3y3pun$^Wjz#kvJH-0s9R~ScoYiVYA@fcDi@29_Koh zoLwI(1xY7$lCido*9-5U;0rfZ6WJ@afpwL!%W>KCARDJ^N^e;OOt{}PqC(*-UAkWgvttbxayQz*bWYzt5<+0*W z*i=sueSX2(bv97n-ZU--_&-#xP%igB-6lcXpa53MblD*y<@E+xE(*&94S#gIVS96v ztj7B5@};qZUXD$_T5Q8eHpR!&?wrKSw;l5!BQeacOLY#1-kf;qbPT`_|M}Z|H!w z>1tn0o^$&B&23@@iY71D!5K}J?Af z*v6N@d*czb!_hJ(@C8E{$P#gXT{HyO)UbIqBb+2}Z;yX5V7B3v8kG|WwCsDxmiHmo zl!Dbe55R$5J*vcP<7FxLMuVjlBJ*yvY>o47oCoaaaw@q7`RebtnPvN8&7nnpe-BKs zu5iG~izRW>Bdf+V%lTv*KmC$f^#U zN^sVuaN{y#p$&j}@35Y)X%0zR?jF%KWe#EW7Bk`f=K?y<=bBAVKl##!1WFY;cLH0g zGOsebeY7-xS_pjJ$-V8S?=SZetp_Ao5>%0~x-Hv=M;RkZ-5)y!#p#=tSvt+{y)twE zEvg>%ZAfIX?JZGxT90ksZf8NhIw|ifUx&Gxtqi@gdnjZokYh<1o}Fd-!nRb^=e86K z!c2o354~Xs>NExn3pbf~nj&>Qierq4s}JxHlHA}14Co!bx^&C|b&e$YO24&#`oeRa zEH7GAbhAkB2Kmmu1LK5zjqXVGhS)AC)&}oqV$iDOfPX_sLOc~TGjTU-1>mHbz9S$H z_jz6P$ND|+Z}Ge$*jx|h+sI&6&Gx#S6y`+ zDPu|)Ec9`1d9Y+R`7?G%jx6fyF|AtROqdZDCz9%ajSGwXJ6RiB`zq`0?H_f$KLNR0)R(MUl~qz2l*S{zaq`GlY(^Za_+H?0 zQ)?1dzT~<&N02L!$%4#!(2K{D+;Ro_?YLB7$K>N(=l&7?^D#MBFyb)PgFHb4)MvnC zE^{%izaP-b!M}`6pXI0chHzUS%vN4<^LQ~hb_s6Limpa2v(w=BC&v|hEB|j~@LX%G-7M)tvv9K5hdq1a=I3k%#VF zPK1R|>}M(F&T4SH9%kVfLbe&4@ffhJYE0ffS{5$dZYVw-*^ zgyqAi&a~h;1G3h%>c`A8C-Hkxp1^Kuh5ft|Jz`g&(v^{(c)Un;$M`Bq7JIYE#u@s? zV%Vt~opkodm!=aKb_bAt&CYR8esza<#d788EO>%$iJ>D9P5gNx=Y492?eM45SNyNc z3SSMviiHWV$5N^}n^4;f%7F2bg{)Kfj-4Y`>0HtKQZ0p+3!7#-2?`X0P@fNbQuMd)_FLSmbz- zwpx*vG8b4X&RxJNL7cQGA(=NW-rDhCjj5fgV5#If0O|&t<#^$AKlgIJ?XL_PTR8d0 zW;5SY;4U#-lXCV}`dzeFXggw}Z%@=jv7JNK+UK1v7nb&=#MPs06& zA<#|DCS4}8ZX7A$q+x?+9Zod6SwfXk*c9q>OLhB)>B_8wpFo<&_AA>%Dv~Y;x%*{i z_bC%uZ`@54M!&i}ex6wK$&h{R-6c`-^`IB9@>&=6o^6B59VrMZZQ36GeEp{D?JLk# z?~ke4)fO1;2GNG~;KInjAO+PrC$%h=Eq6589wpS-fc|+|jBcz%Ph6mg#l0M#@4(7E zPR19`NHBl7gU5{ixLJ?f{rS*Dnwv7)>>}iQXHS2C0?(Qq!&0`nELlX7+sVoSDD(G4 zbOvRVdZE01UcBK@ywfHoMl1_8x2xU4Ko!i_bhux&v3oi<S+>H9PXi~apEc@SY+2$a*FXB1V&vV1Yv$BPKMx4J%SCW?2y zN6^#!17lk29`>&3f~2*YB&e;RXl#wkj{PX$NUS@%JZH$D`+U6nw4R!}-TTW)9rv`> zKHPQtSNhA}(udmIqCM&=Bc(f7`lr@5?W|R|U%d5Qw~`fm)GDk9*VeW+effbFG&bi( zdY;&IF)cs*W#C|PtTqr4rM_v3&a4HEC;d>Za#g75Vlm78{bKoyo&ZMRlc)%pEA2{M zy(h~BM^bQ;E(C^f^%s%9!K-SO<;3hWzvD1_hUbtfvD|wn<1j6cfhkNDIlmh>vp4VD zF0co3?wrZBDlHWRUj~|F&Sk_XiEpM+933vu5^H}u);{IjCuqN2ygmX(f(wI@sW1p@ zs5ITpYb01+n-xlKlwKWtjV;46aS?^yZP_Vx`;TWO|IHh)DPY1FQOUur{NBy`1!@BW z%Bv8+zu%c*WdQAL+G|T4W_amdd+d$9Xk0we>TQApZ8P3Vz^!{i|8kNIc|qznU1eV_ z{a+k`{b26aTZ)GWqMgou>Tuo=(n$olRvfwzmK5!@RUR_)K~w&EPpT9sJY~s9`*a3w z-KPcJ4wrne&(sSD>^s};&7kW^0y`siO>u(q;_9t~^V_J;O^eQlyT~0)Wcj$|(`t8G zH?0yKh6AWXmv*EMPL=3qA#kBLd-A&+c3TWJ%&AJTJvXl0nx}i3y98{XR~p|@?so=u zw>vTn=5}JzXvF=$MQiCkvN9ENCYW*z-d; zCAc8-Go*4sP}*lW*o8XAJ%Kt?dFT^d=(V@toP?2|c02eT)PAoD#5=LM##cb{pUHaM z2b0zs_wDBe_nu5d3p_PU$kDK+w_tVr(?A*t zhMQ{LL93CX7c=}n;g_we5Ta4X)Hc=zd1|*Cop+oP-KrDZe4Kxpmuju4W6@0BEdddX8 z>nby3>S>`fjFk8qeZ*OJ$!$i)$!THnGHKRoCQOhVZfBN|p2L!6HU|a@B*Ok{d4z$% zEGy6}OP4@)dtoe?qe#x;C7hrcDMsT?4SNJ=$TKXfG!jt>9k9TSf#b*JETW0mx(Z%WS)NXbcN%!|U3mf_g z3aLLJYN)|=Y=^Yj9CkDPAHU$6=djMPy=RnhGPu(~q1wM>f$~~6y^T(wnAiFK6Zy47 z<+P4PsWm*j_}q+O0xGo!zBV@Iy)S;>%~DkBi}^(PZI*`llx2D2$LM8w_~706 zR1%z=EJZEOUaZ^nO8=4Pm`z3c^`3T3C91@V#fc5c2=ISvI~wi+?^we{+&H42lv0ymXZfCSVr;kWaDIbs#6@9`#~F_Q zF)|I0yfHdkV1M#tzR_a|cgx*==e z*H7pENwG$lgp?OMf9PO!U{Jr>Tu+7k$b@JZ>%{AQ`TIP;Qhr@v{{0_U;baw91;T~3 zJ3nIebTlBRJ!*$%NQTCZGiSk%O8{}^(*1`eQ3PV=z~KGII*womDbeY{3u#!gh!JzW z<7k0Y@ejs}`GU=n!&y%ADmt?pF>=jz9Cu_uzhk~yxn8LA*(mIZIyCIdUjlntz{&!i zb8kg!qgpbp%l)=^hg%ooAhf)Fu7H)gTBJ`S8GNKDL4$Lny&_(p(jfSvm;tSD^)9PH zTG&!?6^j_AMob~>nIfip(!NTBsJ@-@57u&1ag)HM+<_ac>Y5V*5$F zH#-a$eyA3Txx8ToH;zT4kuuc+Yg*1|6PvZot>7g|220vw@n^{!U*^;w;&TLt(z7Fd z!}YWf@O(d7z}qP4)ypS|V;nES;oKQ*jRk|O+0Oo3rT>3m78$+=Za|$!g8OEXCrRVo z?biu_(bV`7dX(@rl^aqVpFY?>9qJb`KJufeujzFJFccDOgOms)#znHQv*(;Yxf+dR zB@se@QrDag7`W@mZ4Gc@A*7rNJ|^*!V^tRX`~A4GZ5Po5H4$CRJ>m8t-RX+Q!eQa_ zya~`9G0W7W`aXAt-W5ZXJX5N_X&ziDbU-n%lQS3}cB_xU{fQQn^~+b`?OZTr{6X)0 zx*2SL<8j^MW1)(w=%=OY$Klg)MgzT0Ih`DB5v#tLW7s25YQ38)N$xB~G=FDJzaI z?{HEDMBZAC3}%;f!gm^!-E9sT-y9Ed&wcmOoOAJcHei50J!Eu3iP&6!=`K=Qs@b>X#(MRG6~c&2-_n|7rhDVqz}f~f^h$c%-qh9cS_oE~?^?e7kx`U7wlF`=^fr2y^8Er;~G5vix=>lh5zQHo&NYIQ| zl=~({_=zUz^ZKJ3VZFAC_Qz$S7N%5!RNX3(Lv&F+`Stg=gZ}epJZCaFN`oGm?yQ;X zXb&BEnI0a!R;Jts^=kd(+*D#0@``=%eK8BHX>!6A?Ykv319}*>6 z3%)k*`y^s`p-F6uKMGAM#NM*+c;E9}3hFjBI@MZ5{&289EPZ;Q3%!2y;j+K-B&|+O zfUaG_GKf^$elF$Ol6ssPaFi_mhM#|fL5V!a9m;g)yG^Jm;zM^a1E0eqne6tF)FR4HqxAgvmtqRUi%yem^HY+O}oe+jjMJ~=%JGXX(>kfJ@EK0 zyf5XIYlmr5J9_xA6_m=7sD2?zK#@Dou#?A3wch3S<-+gayZ3DuZd$*vrI&Jj3WJh= zhhrTUtZRI@^NLQ$)Lto@@altno&Wr`A1(&yT5@ZL<7s;;r*G`dYd>@B`pg=7^~IbV zgKBrv>*kkwKA(}~(Fr8q!%ij>ac?Dz@=CR6d8HLbOqgyLvXHwed6$=6LrOIkkJR0* zgI*-*(ciJLv?F%^STH#!U3;}uW9#*pvTBkP657iRdAWaZ9n(RuKr{Kmok`E#t1izh z57nidtH?`X!GZL|JxrQoAco}PTIg*etaz5fo82U@awl_|@!=p2yv7h18G zwyuHq!bpq+ypcM@ddX*BbUf^u$*{@(+x98D2?b5){W;vJ+5#?x%sYXZio<5Lx0Z0_ ztC?}mC+r)B{Kw~s!DXiW7ID`_3}V+s@pk#f^m8WZ2&c&pAky;(nSY;9$Y0L{fYJRh zuXa)4fsRzNG$dm`EoR)C#3q!u%<<)PlzQ z`;C>ZS&RyJEXEPEY*1ttA@B8m|3L`&m-c6pF9Eb{lSQ~a<`)ZVF9t$S%ouTGT`{29 z$Q2yA9(wXpqF`}S*yuBQj`E^+gXen=jEBJVrmfo|MCbZ^(vt6WG2u`0IDPFKH_**H5C(&T?%} z5sX*wc9vGYx-=ams>^zbm-)wM)^laEJwrZN5FQ9wk5V#=q?mM+y3`m~QG-obyu$tZ zfxmp$h&}Ya_HYZh-X)Jd>d1~drBW?S2Z6$I}>#hxb0`Ig_FQb=&4K>vsF(sbGUr<65lXYf(HPR%FONyxv)W+$s z?g>w9oyY!x{~F1A<{@=!np^d`JTsnCZ|$Zc1$Za%N@~9{wRuhNw&tr;linW_uYg0( z8NtdQ7C4YT%;m8l%9Msw16p-K@*B}QI=m$+TvzIK1b{cUOIL~5G27Z-=~SY1m;;>y z0X4Cru-%mu6;_!aJl+S~@^gTMQBX}At_mXU{jx@XPI6KK$If0z-K8r-AIpie$?zCM||yBn14myI-5>-F{V?V?Qm6)7|c(PB-Km=(S%lGU_K9v z9j2yU{puj6E^DOHO`DRb)F+B)I-QYg-tLjS-!qxE*M#1`*b$G2i8NEn@&{Z$^~0&7 zosl)3v}A_#h)i#7vLaW1wa=>mwiyM%f0W9kAUp7Y{ZSmeU+I2PQ`(Ch_Srjv!B2hG ze-%j$v2D2-eN!Qck!t11w6=`Jii90Q+!OoZ4ePbiR_odkJuMY#p#f$?JfZqN%ys{4 zd%tYykC&U9)vXR}#U*bvz z`QhM!O5PnAav?JV1IBwLA^~yn8UII9a&@_a!mu8L(~!YJ`?Qv@e57=>$!&lT5mU@9 zllNt35(^8V-mLbv@o7jp>ANfzt+>1`j8_F+H)%o)w$xK!;N4Uilcd8a=GzVYZ4~=J zNvI9y4LV@EGs(03$G^p)1W#_10wf%qQQLF<9xX?hF!~0pA_8vz^H2W3r3UYBoKa&? z67@T&-4>%w1Bv0(7TszVkO+Kb2tz2ASktQdQ$m{qT-^d#DSpF&LaWhgw_c%WMZhC$ z*z{w78?>aHO#n#$7VGVO;nFboU=tyBn^-}Lv?pnNR6q9S^C#L0g;sa-z#oT8 z#}|9OzJWB__fLJ*e7zTt4BmhV}0k>23%!piqR&V7Wnb?d%HI0QG5CRyUydb zfg)2XLTc>bxCsC04=bHvXRnB0h5F@hV<$s`yEN^sowF}am`2fya|X7fLAcQR!x|AX zM!?Z<)JWdep5}njpGly^1xY*x{&BuySgz*_Oc$CO6DmXt-?w*u7QdXwvT&L-Att=3 z8tQXJj92N$1kU`X690D?Xi2K($S5y7<``#W%hxa2g=EZLzEK!?CI(Y?0124mf(+aS zPJL*BXlzr$LGkDxH8{6!FloivQf>XJ&>a&p>1Gn!7R3gf7sTZg>|Rk^x3?V8RSD$G zw5%w|yxE-{?#o(64n?s=7~prjGx?MSwLkFhUJYH@Ky+bw%VhJBe(bEUpPBf#=pETK zU+aD9QP{uW^A<|JMMxM^+VzMb_`Fv5)W7>Rt+%V;rp4!*xPlGT`jkU{j5B9?Ue091 zS*C<>GH$ygDGB32%A%;qQg~n$7neYQkQ$_%u10imLkPxNI0!j5%tN&-wiUKnR1yNS3F_iDs+U3?< z>L-kyw-wewJe37-W{l{(n1gJ34TkPvYre@}yoR4^^9%ob|AP9SEz&Tb0fMERd~an^ za1|4g`-euy!{Oytr=H#5=NkX&jT@SCgi+nGzKDCvjG_6=qrgfXFfh!BZ=q?2MizW>IJ&GA@zctA$t*2&Yk)DL%25a-G@1<54-TTt z^&ZS?CWi+_O-~Xlyb4G?QxRI9Ha7udgNWTS?sin3S2iE*acTh5kzr=i{9L#Zjrn?{ z=(c_b%U1WZ&?yy##x?;d2dWLfYL412Ww<XO;hTn%0Gr`b))&*6tJ38$N2Jq&-FUtId^+5i?mL5X5v8=+(Z%y9G-J{KD@J3jb zChGT@WoI|*BH*?!n^eJI-s+Yh|BWRCb$eamhK zF2A9eg< zm3Q)Qo^_J-JG{n#?yUSZm6xP|lkSO_6_0ZEO~|b&(3qK#VHw|`Jb-S|Ice=3zzFO%|D!HilF}5Ak;69xXe_=Py+Ka2% z_XlGZgwA;{B@t`tzPf0yI=3hR9(rtn1nuAR^TG_+GEon3tstXcKa~Fq>;OuDYTj+C zg8TkLz}G;jv-LygGa}J^ryc5jZ`Agy>xufh?7W-z&IYf9tF`L6b4^^`U-t!O8LJlC z)e%d6=5Bhjc8;2|4y-(NcU9&m%Cv|PY-(SAY(HQ2&Bs{6w;+zWMmqs3RG3OAu)XtM z;>py@j7@g^3?NJal~W6t?I&(Zu=vU24JYmiE##4cBZjb^u8Q0=0T(IOHU~${tY{SW z_V)K+gSp!I*s6}9)=#S)d%cE{B8Oj7%17J|2X6769%lj*iy(ohSh<-$=npH}ROGhn ztmrecH)TRj>B(!>}}zuB%0T+T?*(Y?z!f3V8{4l0U4;uPHLo(hhdPlWulmL z-N>Sh-#wFE0*7-kqTRj}J2bH{6`a5qQM4 zw$6tViOty852p)zTbGKl9tIhtfu&n-1afy^SM>rUoU|iJU}RYm34()d-_MAh?|%^8 zRIcV9Uc{zRB2bh{C2@G+{IHDuv^o#bIK?s;qvr}*VY{uZhCiHIsyFjLnMYq)7;m%F z-wgPQ4iFE1Hf-u99BCdLT!1FM9eMSevbK(P3Pv!o*%Uf4+uVTc|khLQ4= zQKzZ>Ou8@e4^LjOs9e222VqPUb>g$Si(-CGMzas8*iM+7-jS4ZBC<~s4(9%mVSArA zkmJ^LJ6@XY!O~pHx66@%itUA0#zP}6Mu@md*khN3K+GFu2q-?mBYVJeWA=aDPYCL- zdd*yI;9QsCL>xPwBB-V^a_zbCk#Eaeroe4|$4 zJvy6y7q7+Io@s8ul9vZP-il@oeraP(aA*X=aZxKb7Ux84ZNtGygjI47Nc(Fi#0Mvi z*JW!?<;Pp0;^A`-Hm2cNWapw_lg~;vqAbgcJ?uE%_use!zJb0ceXrs%`}_s`*YRzt z1|S-Q{y9d`kr`7IqSr!#rG+jEB4Ld3|6|f3G)Z`EStw~mCeZPF&on77BPK~uiuha5 zu)Y-u-A>wm87QC4#+9B^2=omw?h+gu96vd>#L)GgrpM-{FZ2+M;IJ8B4~zozCIoR? zt7F85y1&-rlb05k)O{T+b}?r$6sn7RR!6;v#+63|;noZBpM%Yw7WLOwX~rMxLm1W8 zzc9U>f0v-KJrzZ8fQ`%zwF8od6s6XwIGjg_D+&0lhJKK$H~MmNjz5S!Id{LY3)tEJ zk>9HLZH!URDz*J>sRv~o0O)}bVq0!jDJUv{Ui#LZu{b@DpS@t3%ZHq;Vh;Q+q11{B zO&`eYr$VnfbzMaM2M(Fbj;yl^fRt#@%qKOGw70X-+V6PXLx0G!ZX@cPHzg{q)2&z$^e zX~=T&f~1emfnTXQfyV-aYVLZdQJ3artp(yaljS)axBNGb`w##tC8utT*aX^KZE7XD za#|o~$aO5(@wUD+TnNdZUMLDHoU{J(73 z3e~|wm=0bDPw!&k%Sy~6I4-W_Dyta;9Y=oK4JdaDCQ% z7Y70KMc7G!=R}`YlGN$kwCYfrcBc?EY0pmwL*_u(qHf9Lr2<*OJey<8u%P1F7CSi# zQ#8VR-biC2Ix9EeS_c-u2|yL3E`p&|E~UoQsRvKhhg-Kv_8$5|zjIUokap8GVzRMp zqO?$rOUQsj712#g-3m0P#n_ekRktx&07o#2S9aN8Z?D){Mui-yIuzZPAIe);^>cwa z7TGLcYy4g!AfzXjvsw*f5gcDI+$>2l`Y_o&b*}Hgx7k=%9~2s!_&dxKzbPBK2Ntxp-p(HIm=uWG%z9I(=AZJsD zF^`Yz}$Sr@2IW&1xJm!p4|0><9>>M>V-UgF4Jtq#J z{-cFhHpyh>BzNV{8|IcfI| zPfu3F9P@2&DXh~BT1f^u_6uTVdMxoxF>tgag}K(&G!dMro(Gupf^e;&40Zd34OAIp z7N?1bsLObWkWYAM-6K`U4*FxMr0dFu41f|Uzb@S+LS}Ot2&RPU@M0Nm#PdWr9IFp^ z{uW!_j3UCo4zd9W&RFbjExm1==ocmN3_*hE#6IqbHMw*{(Rfro(MFd4Ys>#9!Nmca z@%-1Di@$*@D#DI#u0~cO5khEyA3dzYu=iuU2!j^3P*Bixwb5it9z~75eyzU*q9Gz{ znQGi%9-RiHCr#$YcKww&_dP;jYJpJ8;duJ;-84KunLTLRgB{v_mD^dRNDeQQk5V6= zD92QnF-(h_SkF_Ru&YiG`lol8$by{rm4)E!N}3Mg2x>UF%f$K74(=EHhbjOfPM?T? z5IH)6d(e2VH5IiNC?qfYPBd5o6H%R(Dev55Uh1xRkF9!9ZZU2eS1=8;09Bzt4yB9x zEB?}eAthIVq7`E`b2>w%tj7l35#WU8uMsJAVj$A7U3gY_DefA=QrJ1JMjX7)hBkj~ z4?^vQr)-RE&pkdS{Z-lkr8`7k`^k#w!8qyLcJlhu^-toX53hTi4{s1kGFi{h#rOuc z!)q#`*EzL^?O?Y1zcow7su=O+RPUNAak#>mN$8grhhP@~Ct!x!Zr(2^MfRk5`^TBs)$6gJjE-pHTduOdz$ z?tcmyfdP-S!HHa0wi@BD!P?(eems^OGshz3cwPAUDr#u>j~(wby8#TCy#z0!*@J@# zEy&84eboI?2R;&K^@4~Gn2MA`k)u7>r#&m!9G=wiCfBXS8TLhu2RNIM`&Q<@ZU|mn zIn^3X(a6^?5j;%FzuBGnqY?$|6=XHr%6vZ5XGGj3>pJun zQGx!Td!fK;LZdrrwLDGpwD=NnPU@Ss6+<*;4}sY8_4VYW97O~o*k24^h6c!ar;)lm zk;;B_M(q{@C3B5UlI?{Nm54m=j?W(Vpw=cZHy9VMC~Xe(n{f}fY47)<;BWf>rJ(?| zk0Cmf;O9A<|AdE(&f}}Ps?SC=I++PkGpUKUr?ZU>d{G@(h)%~B8K4fkL>Hnauu6Fe zU}#WuVDbv1#tJ~ii7qJ|2N`* zA=yHS;6XfE7b~rA6vP!ggZ?$rCGiXdqRm^m8K>3j$^BtkoK>`2QS`sXj)>P;Vbp;R z4aFt2_6;*oQ4GSQQ=X*Wm4vI`bpZiz*EIX1-d_%QwR#r(!z~Yn#$Sv}iV{b$@-`mp z3THNkb;aI3j$SuO=-=N^_e2g*q}aHxQwHRdnM-@C`9G8V^uD~<(j=mK_U!Ym;W3e4VM2z7<2?fSrcSyAeXLN}j77V<15^$65WJUp+L42B zsOs3Kyv2w#ZQL40M4eRE0vCY%X2r;7e7g@D`^VRt^Bp447uJ_Nja$%AqJd&%(*9AM$CTXfl0 zUZIRa>}I90LWvcZgH2Qf^rO4!=oHcrnu3vUPN)A$>PXoO)#x$GPZg@^7#v7=SC+y~ zRF;0g#XmM%V1^@$ek?Pc*DPg-{x%ua+k~m3j1>=nl&s zF>|`ONG(Uf{%iL@-l^g!L4_FIbt?Xe^0~VVD5a zf_*H;-yD=ZX~h(nLw%Q}=W${nmipmhoMOJUb+C`@r#dT#3F8lr@Oz~j8vk}#RQ9tw z=rkDUP7s-EPhe6dg*(f}0S@PeeDE(yFHs&}AB2UDUTA5$gb3;uM)>mO^G-%wM>&x;QfdqT4&WK3TE{r`(j{!wkn8L5Zds57) zjBz+>m$czF6wnx%e+CVQl2Qddwi0z69#d#rl|T*zz0wR|kKw8}?+jKJX1?#+r2Y9h z`cC2pc=%&vIJ4?bA88m@)(s7nI<>u?=xkail}o$F0)gA8&5vpG)#~8~TM?ur1GbsW z1T`(1B(m8F3iMaEKXNH2&Hco(7LPeY!A1q%EUw!JNaF_|U zr7~-LyjnESwU*k(%Mp|71OQrEA*dxS$fnX zo3Tf;D}S?`OiHf^q?@x{H;549LT|6D*a-bgK`##k;4Fy7JTgd`T5 zBMIIs;8_Oo!y|Z)OTU{ztC?Z*ZUy^ZiPI4F&|ym&FlIli5}x(D2_Ut%N)0>)n_Eov zF3o(iT^z#WmNiAjOEW(o>F6LklS$9WOZV{X8Js|>*O9Rp8K8v}fK1Z}cfo5S)t2>K zamq~Q;^i!fZ-w$str;YrXZXr_mO8-$rx)PRE1_+cE248sp702BzmgHn%l3CJ#RmK6 zualGTAIPb0q8yQ&fg~?7vT1xLvmm2qM>X{%&b%g|$KNh1L*bQ;!IXC~f$d#UV)*AO zBM7!4IXij}`*hMzjT z9yV#_R2MrXauO|RiXo9u{9I8$7BdxsK4}NmU#dZ8dvEz{>fe@Zd`3!|`H2*Q(hFYB zGzeOCqaqOpWId+gD6L_^@(|n0R>hwy1l@kwuoPY}%qZCVfzpjNBw?;56zLfJ$B-w5 z${lS0N#leo6kkl}LTx0z>Aw)L;L6oCtu+|ZMIz4mASl8NBxLIjB2F3N?p=*rkVle* zC(xggT)6G5GWS86W>hr8YP!C2GPL5=a|@cjM7t0rw6v7&j>xtohSQ58-q~qQiG1qL zku>K{4@4tHN0XKvaJ=dBQLq_6qcZW}spTr^WN_*91Sm0@1{;jXQt|OHdyulhNmYXa zs_UG74`#b(d_CTmdq0wPZZd9%r3#v5u`DzDW@UCl^AZuHbG9pPX01oA*-|Pon8J=g zXB9+253TiGR52&K0Z2w6gIp?uyrbXiW4*i03IX#|i?{1|SLvlFi5sZ76PbQN?r_Am zmEAK6hmYNsSo=qil2;CCS#N$`;&?0~((H?&3T%plpC+C8C!TBmmL=XS!fE`{chOjR z^;XKHh8G`mlkVdICkYyqwqZ7mu|j^7sm~3il+Z`?bOPzj+1w-`o2fhLbPEy>wvv5k zK{iI|U1a$~;IabgtZ&|~z_QdTfHR~)4bM~Z42Eg!>k0D(+r97B|My?Le!DEE9lU09 z{ugo5Pl^+K8Rg&n9G`~TLov{#X`J&jeo}6Gk+r^5C~jQT%6us^Gwe1y*>n-Hpe|!R z`0#gLv!@<6Y0p}WFCQ;@`)kohTfdT7Bov(mfC+h+pXr3+#FDG_Bj<+>ArXeO4q-UY z2jX5s7`!}mWmzQ;)c(7_YYC}O@sPi)^^JXCZX!oV`a4aTIs;GW7YpQ#FyqGix99EU zhJQ$&ch{<^fK!@l940Dh3B{$Lw1yvMDcqF{ZecPPw8uuC{L1$Po!i^zV$Zcb!ZoDm z(dDI3`V_*rUAY?f|la= zd4Y$V{&CJ6#B+lB5zNF?(tLdVkv3)CXX>acb|QKWk^$Fp-8hxMS z1_$J7Yj>>P03+3GE#~=r2;6<80tHb)?wXcjWK@}! zm?ulY;r+LmUqFUV@U*oa{u$9P!v zDAI2?2hq7{hu239F9LM?!C)h;h+%Pyq*girDAd04{82ja4`w(E+^N_^v9 z{ERO>+UQu0T(gfBhx#fitY!|rSu&N$puokd=D~j8%-Wv9jPPvh(saUJZS6E zsXCmjECZhXOj*r4p)$D1j;7uBG#S4B>`=EUIcbv||IFi%FHmLb)n&=vf2ja z@sWyCsIX?((5=eGpNMUdSS#0t81&L3W@r9syq-_wXZq=Ao?8oW{=uLTL9v^&UjjYE z9DTRX(>p*71F2r0w~$mz@I42k7a|DLA?n=Y_Tz8;)+(;IeO=JVzja!C=`5ZkA2kK; zc4qF$_5>j#uRy%oPSCXexGqs-sL{Gb^WwJY54;V&IRDHBz7oy*>MCX!&$gMNjctn+ ziI$x5SElkfj4gN=dWEY$*$zl(LI$xnfaQ6dzyF6yTmpxFQYjKz=jv*(Fyo# z@dX4{20AK82G^sA4RD7#xF4#+DOI*!23dm@`t~gVeh<~Cfm>he_u0R4X7T)!j=IET`H@J^|(uG9rUobZxeZC<>IU1PEU^<&~KS` zy{5#cdo1}n{o?ARnOI43e5x9mEIi9$*D{UrD0QvI$cal3Wpi4z_D@GpSrZkB#>xYp ze8+6l1HE#&hmn{jP6^z1v%a-?>lg$RIX4f;_S3{$1X21&0~7);#7)*2kvuW)%$F8o z3twzpcNzC|q$M>iZo|NPXk@j{tSo*B!yS%}mRnX&Z8QD%k_C5HEXWO6F2VxEUqbOK z_K-#Fm#8Zt(JnN+4}!if4H?M_qVU{|eD9ZH_kT9lVrB#5zVQw*6OLzbVt zo~ZP*3wzqV`8dksQCX<{ z*Eb*be+tk&zN)7y-Ef2*;alYu3YUVG^Q5cSVRzN5}4hea6? zZGhP_85FItlSQv8*;rp7YQnn*GqOGy^RNWzOS!yh~LzrVL=EH zX+bVyR|9J58mEiGmX&@#SGrQ2{}p4#8TyEJlkhvcO_ymc`7>%*-ujW+sc7naN^iW@c!yT0HvBnRD-p`StEhS48dZ zAKjf^`f4lYByMTWXPd5r`7Kl*>z#n@(#>nb-O2SDX;tjmC z({2ZpmD>8ESne2ng7s|iENQ&$_`Tjeh_iZPvfs^r9bWNC7Y*0#Zd-!hHgP+$Iknyo zx}U+gCnUN>4K9X3f-eD6-}#C3o1Ivea$1?uP2DjFX=7caFMoAB-r&D#1Hzr*vkM=$ zS3HikYuTYvPZVk0x$Lc{JOGwHM7)cq7llvvK{31$A<2RI*2tNerySE57p8eaisrnG zQ|Ck2AH_Aa>CvK<9OU#o>?KEr6O=KaiN`%x9IW9QeY=F{`O{ZwT<<*skR>D2{7}iC z+h~)+yEmj=&3d=%W|9qza#?tQC34ywPv&`_#}jl_gGN4&6^DlrtHI;PJ2;R;IVM&* z2#0Eh^Zx< zCfeQh_87tTo8o6drv8}aN8;a|G||JITJ(3tL4IzkpEmfc+)rp-LyVafnRMH_Lyp&R z!_1vQx%94nRM@GTuNMk|>WpR#!)4_KB(Lw9A$IXo8If(sj1TZkX#~Yusb%}SyDw|C zw}3(NR%B}oPygNPV!TJ9WZESrI=r4}q*=T4uu`=a1R(GC@cYAWEq15Wtex%&Om;ns z)wVqe8UDz<6>l-#pH(+SRh4xn17}48pbOQ!!qNCR2!zr0u<82DOd4{rDLpve zwiC;iHJ%5;<+79n@JyVUB$#6KBaJ-DY&pZW)N1P2uCA`erg1(29C(PiD9=o9({KZSKQiK9Pmgz67t-_>SsyWJZQdQ4&VAyS(Ebeg_&e4<0m(%)P@wh+$^=v7iC*y5fQ1E+@CSRxYZ z(*C8!ZTQ^}tMQL0kwG58cDL&S8Zq#%Cg34~bH9$rw4jSPVw5CH-qoD${eI+Ihm$w^ zt<26}fe2+7(9T}N2(~Xn{+@QdBkR$&?RO>1H3XL1t;HhAs z>*AV%8e&9)o2qq$8Aj0A0R~r@3g5@&mn+1_<*DQ3#8&H5>_2Jj3gN;0iR}a$9ED}D ztC30U_FWIT0(;u@9>{p?V5(oA(V}m%P8te~{`B=dfv{!6P#(a()DAb79|{rZW+2M}dnAzVPqVqjdvp2)#lgPqg@A zfN#5BZJa2ngp=C&D=Ogd-!=mPo`q!VRCCuowwwK15!lCQN_C4yIO!}nwyzG@{-uUN zG*s@JunHvnBjt-oM3fs_Yrgw)Ve^e_cF&|#he}e(c@w>>WNbTKjSLdn6K~|+&Vf}X zb^4~NG&Wg$VSOQ0k+Tc1hFzUU+^_dgFlyUVdR*m@QNMIc+xUM0C3|Hq^&9n65jWo# z;T$6jmcwyKQfBLTOv#WXpah9LWzt?TZyP$p>a@pB=v=sTJKnF|{-(2Ee!nFK-8q~<;|6M3t+FFc&8Xr?eL@2&hd#^tO{)#Kyc*LV zGX4FGuv#P^J3WZtXR@8ZY~S~C3g%8EGH2z~>ZN@CPu1?AJzhaD)xfFr0Nsu@ZwZI% zlo-@sx|N3-+=GqCP6Mb2+LpQWg*J{cDG&QZv({YKv|p6+Je5k5%37m zH8kgzhkIwG(C%32pk|bq>2FJ#6ggYge89}?c*f^na&CIPQ0r_=>?6M5VsK>G#^RpvP;-C`WPCEl5N< zRH(RE=XSxGY*3Ks_4^G3kS?+%lpgjzuI1&ip1mf)RMylBQ3kKwUv+Z=i_%@`qe_7m zxAvjd8DO>nPwiAl(4XqZzgxm6Y%Z%nE5sdoU3;@Ggv;)X(ETD-fDe!Kt-OWiu&M`$ z58bPvtMZ+xh5cM~caz9aK-QJ&loIY5<)R-c!d>L4eV(Dx);2$@!9Yr~uedl%P*jtQ zGC^i%dV~tJadNm8WIMa1s>US7V+!+rpU(kZN8W?7umOrBg>>N$&EkQg^CH9doAvTP z`emJp(uDhHm}2IrtP|NucmB6Mh$lbX|8VmWqNy?z+fmkpVAHSuPJAN9;M(@y*<2R( zg15JEjH1NAKM`m{I=rBgI0L!20g93wCQ^PUaV#baO3|CWf`v^oy5+57 zWiJJiY1C0@7&NlZ=g?n3cwd>YGD?VYwtP}zOP9b~O&h{&|3>HLu0-j2OZ||0AUZDi zNda{-+D<8#=8X+}y})}t`27R%^eV`Cev!}^laA&^(k}PUr1eSrF82L!m%|Ubk9+9% zYkrL7IK9yY1x2vpn4Wz{pm*q2R~-Re_D^&y4hazzpX|P_(ZgIpgJY(~ z6LyDf==USr;##gW9_+SM9+tb9U9TT<*(s54ws^gKt~$6V=NJT*Ot4_b_$g*7lH6_;0xCP&HHoSG0H8sXLLjDtlIRf zkG6#dWaGx2`xg9oK)|a5w?T(~ShS-0{VTJw`_;#GyV=9R&f#lFqgq5{M#1;&Q;pc( zwXp>Bf@g$deZ3EBlhb-V$D07`#iGrg)IEzYFQe32?dtwKhU~w|JWB>O&Shx38XHru zM4fzcj^{Z%pT)ns{A%Qv(pBG@{Ag!K@NmWd+w9|xxTF@wjU7Bcdz)f^=)gKjpIW*t zT+Mk)zS*YGyFCL+XusR>?s$55igPsE#iiBBb^Ji(zO~1bNH1b|asG4CprS-%JcV*j zb66N%Wb2^~R`n}$XzGNV1l};ZZd}Xr<_7Uo7713>GS!-zSNz4ncjb_R%Vm2BNV2TR`u^}Xop-P;sO{h36oA5%fOh!%aMUx2yPu#w;z8hK99Jh z`@2M_G4l@Bs|RH;2fLG%l~>cOxw*&O4^~@#!1qYkTE@+;L1>oxkdLbxWz8k;=w<_M1_c*Sm#$zy*9-O^GhEsD~(O9g|oPXz|;*r5P05PLY=r z+Y<57-UaBwMcdJgxQIiH*9DF4-JMIPOFkwe|4te;O}lD03W-kqIoHTnc~7wZJnl}= z`HqK}hIySHt(SI)yV;Ri9MorYNIy}7MoN4?&Fkqi#PWx_LIBnIP)S5rl+4Dv zgCN8vJ~>u$bweSn7YFKkEh2Lmm#kFe4JULSCm3&T*S{^@y za(gCPLs|ZMCG#6ywjZ~4(RH_tn9+MYDq}|V8~rtb<@ef@G8eqzK304*C%~O&=%$hq zy8f|h&+trBxLBp)iOZbCh;k^T9og>nXaWLD9KM;tOgOtI#aFi>ip;jd=qhQi2Xfrt zg<*O`QJ2}F&!oP)(u~{7Tef#NxcIk{OF2u->rTj%4uH>5JLsevNfJy3J!}xqD|6~# z$J*G8wk7iMc+N6UHs+Q5E~zf_=Y2pjR=jYRv9D?jLhjU+|ZX^aj=3mJTqZ!8fVkf8gP7yE{%JpR6b4?drcs z|KTeI(wKZ`Twu%p3oj1!nPqs^FVOm=s)7B7m6U6=ix`K(lNk9z#w5Au>pIE(JuU62 zQou$wjGXI@=(4PKCzl0q;o(#NQEt=|SdI!r~6F@4&4) z;cMQwF|4Cu8gcCMmf$|Ft-j{0HNWn|yBvX`Hx~P?nHi6GFwXldG#GWot%Omm;;Wr= zpEKfD&{F%AGi1B1lw*x%E5?Oj-Ba&SX}r~G_-6rg)&NfRWvmfXyJthdnTvhNq^UxW z?t4_Xrv@kP8Tup1v;3^9moHzJV^~xPIDfNXBg$if0q_2H*ISyCFhxfBA+ zoW0r#4Xs<$gmj64Y=MPEQ*8;4lo+ZW&8rO+OqzG2id+M1oXo%zXAW%SXw>#mYz>FR}9 z7LI0tQGj?wI1$~6@WRbNERr@&xEYd$TX|7ZX)WYTjNXFS^L;*B1@ZFAp7b7~d#XPx zcV=xVXwY4uNp*U8Q3K9c1-X8WSW7H_q$47k6s=H260(+cAC}7m$~~SnnfZ6;MukDU zPS_6T<>o5K*6Q&7g%V-Z>{}Z2%bZ($VBZ2p zlV6p11*}i-&%`&DixQNh6qBH4HYx~3b&f_d%*e))k}v8T(jrNhDqRG0A_yDcoF~qW z*NvpKmzR@@8WE`;*@KE_M75)35N;k@gDH=Vc}0ddrO(j?_}Xd{Mb?;!d8{ty zbcZ%bY_qno1`--DV-5V=J+3VWsZpB+!t0hBFYG;Fq)9t;~b!~)IO)39B-tsvdvWH*4zTy27`M6 z0?pz11)@f?*Vyio9C{$FJ~>x~GaxCHC2za))|#X0hKFJ4=2# zt70FhYO2GL!JYpxz2R!l0aCBS|=$ZT>(NRXt&Y0rTvkDpx!^COH_Tt%|z zEUfsVPq2qwkW97~TT+>6c4yDWyf_~luH+gk(MjOhfw$B9=6fl!Ua(oV>tX3cHv7bs z_tBbEIgx0Oj8y-#Fayqf!r$tcjiNXq*)?QD;Zv7dQr_#-C|9!XdP#0Lv z5B1~p%wBjk!T-k$-ewg>jZu)|ug4^@^%EC4Wq=O_#HI8K;L&ULOY$sXVR~GPrE@b& zZd=*6!i95T&K`sEgWl{!H=Fe}kxr+6dql&Lp!m~e7+(AiU8mSQ>caE}V^7zvjEHj7 z-Sral;a&Sob|tt``3H?#xLf~nm=ilmDmk5rcOZ{}tcIg(o0PfiqDmZPmqhbqZ9$bI zDNjWP&k9jw2+-Z@jpx|R@)tVgODbC&qbihgXJt85hj=~EMCuSm#q5w3(O1)LRPYfO z@OWv^JzJ!bs0dtC`0b>{M!4Ub>@=n`*);1lmuT9ezz0u{)yHDJqdxXh)Z{&#RgfA` z4p;u$N_>kuuy6m6zJRLn!N^$}?{Rq^^$21vJ&L&Wuej;iZxc9F>1+reDW#`G!JAQxu!n?>z6JWI zrr3#CnI_Zh8_mAo9u0NDOz}6)WS$C+g<7X5kQCjU1j4VU z7V)5p2Tg2yx>m^Gzp`Ie)coos>ZoPn8s*$IX>h4S17_<826MZjn|M$?273wThoU)C zsL_H2+Dp1cx3utHKo9XMYXd1f)Is=0FHl+43k5A04}uUY`dT#PY%EdaFsdf6G6hAl*s~VA4%i)!ado_oh-6CQozN3a zHMww_B$b{ag`uR4{m?H27z?1awP~z4PNB3fe$3m_q%vz|iv2n@5^mE}sk|mg{85&z z9IJh7M(V{jRcXxtgZ;Tc6(pGb zI9*ohzV$meFwZ6D|MmVTZ>u;DVY_X!DF>`Q z6q<5doBX;oR+%`7W_ndEM}aTx3EGiO_i7IE>ay*UXOyOAI}xcgy1llGD}CH&&@NsM z-+hb}7AoNhvwM>>&IWFy&Djp_l8TihKd65dwq_b-%L>!NQl?=I8R<_nUL9(v$r$YJ zRR%35Typnm;Q@dIwPfNKTWdU*S!fQQ+85;13dm4YBU;=ifN@ z4cL?W)MCLsUKxuDPz3x!^&2EzSf;?6@{pBARs}19l31p2ke==TD82a2Y+hmv=9noS z($6jTup#SMfg6cuD#por(VZLep1IgzN!m)AY_Ra<7u1*}xu&uK>9o{yABLfshW96` z@Hcr@baKmr*h`+RW9~hFA$DX;L)tgj24bW0RDX;n{WO$gOXE%tq|uP&3Qjz33nn=- znQzT%5XYl966EDsrO&+k=72{Qei8PjXFQ~$&;S-}=+Wm`LS7|=UjN5=;GrmdLy5OK z$7diO?U|v+rH1)fDC*RvLLHTOu{V~121m5%ORls{&r2XS5Venu#}C{~L3uu6zI9h3 zS8^~=+roH41uXrOi+C@#ROWny`qFqO;l_FQHtm(@p`gVTE^KBUNuW9QT$Uw~VUjlM z#o3v=KFHRET-=3HOzN`UV#Vozt7YZd+kk1P z6vNmKM@wH+rBH!dbks+=uDw=f+Wo38yu zdJc1UU}DDzH*LG}%PyJM1aNcMfbn zI@qs7Jv3H3L{{Daye_^m+ym3p@n?BRUNNiqXJ|`A)FzWV88tt)ZcbFNChZotJ9w84 zZ>%+8$ZGC)LuBN;n!JP26mRi#O;yHf&lV(GpW)3~PP6q7L!D<@FO-W$F%QL+cM+Y4 zcBh_w^M9=Rv`Yk9s_5#7DLwp^>AxwD{&|;;^z|8Xu*NAuh@}2Z8{T3hOCfyBYJZ+5 zD32T!N9Ef6SufaFeEsO2md23~6n?eNx z2IWFKGzXb`bJWTH+6Cx#ml^jQaZo)q8$)yrL&rXQ+WB4}CnnbJz$F_#{b3)!c1S+| zdY_%$j>$?g-YZKGBMhy%g;lelYj4h?aB0@JLC097yWYC?%t1)LN#JK)FvH`RS!qNW zcRk>hNq0BixU{R_7S(~FdyJk$Mo0Yfv(fWF4<{bZ1?0b?{mZO>O#5f>g|=;Sn4vr( zaWvIxm(V;H83yG#gUOz^;R`=$ahxS#hpa7E+5Kw>#(ecM z-J{cXq1}0mjl~N>fQQ$&F!%~5iHe28yz`1fu-&2{#_W`&s_BP)-V=ElgpKp zqi=IN9<_9ve0qvMp6z9Cwk#%5W6>EL%6XQH-agbn6LH-c`p&r_H@6Gs;NH3Qo}PoSD>9%u8H5ZR<04T!jpTOCzz;(ulc9rD-1 zNqp!m>;UPWLwbgJLt|AqN(qVBKLFIUsCjwaoIL!XLL4F@@EY$XRIAnSnh!htx^k}R z=WiNFZe{;Htl2DIVFfpp&(~}0M85cUSZ`Yx!b?tw*XX)>2=YjbO2z^5zaQ{`A3s-+ zQG8_miyz$gzxprxzRevl|3RhxPp@6E|IB^eVdDfcntv^Ze-_05ut9Yk@ca+I@?U>( z6(r;fW;+A8gq!!ggoCN)HviZ3`}Y$3pY(nwBEQkEK6SxHrxO0_F8=3k{{OwU)I*n$ zPaIGJx!~$wo&Fyzx!mE|2>rje1SEw#JvK3+tkv#@nb^@bwJ-V~DZBr81G44+ zJH84DHp8ICvjvAj+hj-2G6T5BF#6LHm~UEVS9RU}E$*Z0k(s$U5crAL=iJ0ckpVw8 zuN0N`rjW^!9BjP7S8{oG-68C*jQqRd@B7IKU>DtsijxO(6wxlX#*#)hk}c0J ztbf02RuSeb>>C9ell-X!*%eKk;uuTP9({RCDzDboN5u@w=f(N`L3)L~j_(^(wNl=5 z^n2OsRXaM^#M}0As-Ga#?7^E|Gi@?A-T!_lA%lH`XaD4T@Nqy_5oznKEXMt|vUHt+ z1UIw5#a_vzqUJ%&PWgSygB=U8L7(@D9D7K?f-oa`4z~Wa#vYj-aM^nF52Pzh()^&r z<~+71{{NUNsiY7U+@2^Lrifh)Hl)epH-eGfT>c$@b}lYUo|*V%?HO(yM&mYkrTHlN z4yy$IPS4}w!%$sqa}$gsIR_U<;BjZ-ZJ(aPyOI%OJv!$X=0Z8ZA699wx-ow2K$A;Z zZExcQLw#zwR>B1^u=OJlZqAR{AYQpN1!ZQ!j6-_N=xl_ZW_{SvzYFTfLbL~%j{gnF zFx|^)edo5#MBW}@aYpA{3bwR>7dB+#)Zm<1ek8b=b=_t`gOnPrN9rAP{=~wK{h?!E^7&Fv9>-l{;DSde zmYyRuUu_V_wq09CoBcgUAArZiB#xnh!NkOr?K44z_aw#{A8mE8>G`;H#}T9W^0$M@ z1GrMJPXlhb><-!~_2}I(osPaaw=lwJ%Cmm=G2g-Y&{YHb=61DY%dakT;m`frU1JO9 zsHNr?gs!IMXFCRaTvNBi^EJjMqBqzM6SQpECsmD;Ry;bx!0zwXd5N{!v#>-E1B5R? znhSo7q})$z%->t9!+^U5@pXT-2nq^P2zk`yMZ?=f_&6c}?0{ja=;?pM_;7s(5H##PRqmqja#8U)BZ3#3D52grH|^ z4oN2Ia)BLzQO(bsteT(Kgm(|lRGlQHiRxZ7SW{c;mmkIoKmUm!jDe4V&yC46Q2w=0 zVoC6u4F}Bh2P4)`vjteIjaGPBD4d+;s^IP|ztt-5AZMV^W~vX6%b2I+2VTh`Aa41D>EVHrc zwFSS^SJ*@*!8JZXh8jvoGbs^dF|2{iNf(cMZ;Y zMOE0&c!KqpK>%)Ta6vV-w7$*NFYd3j+TJM*l%F)i^LqmFP@FGCRsEHd{EAawWMIzh zR7X$ z`qakK2s*;Ce+vIZ-c(9HEhc>!x}r*yXT)i;Il}a4?ej~jA}!ivUD59WDNAM}kvRL` z%xrra&x>GgXqMnaCpTt8Ia&DGTC=saQ>E$d8t(OM^uLOp2BlT8&J!-dy_;CV!IFbDL291Gs!8DF3enj(BQmZkQxa8NEbHr;KudPwcr3F`M(>N1EX*N`%4JO=com*n_eLhv0XLiZ6 z)_WEdEHZ_LBJyon`Ozn&S#<%9b$r2ZY6(?lA-d$h_RPmf@?vNc0d0!9EMYy{d+Cz5 zuR&wc=JrmJ79^zzo*ukT;Nh{%L~M~)Nw`9T{js#P6tp_3G0*a7ho|Hb*gDQXh*tv> z-t$0n4eD_hO>JKKSzG|_BX7_KZA1 zuK%|>*YOI6#v$I^LU3pp3(N+iW_ro5sf`&XGV%`flfAXkS-QmXEV~Xf??rT}AJS%w zZD;9xRNZLAjdeOp#feF*6i!qYie24OKtnTQONn}X-x;^2*@ZkEGbTFs>6=r5k#FtPQwS^Q@Nw69M?0< z`IXtayN{iNw6HnrpFRqC8gv81RK$4TUt9jN*wi$Spp9i&Ca8unOwM;#c}8J+5T$LF z-qV_Vg58tcZEI@`F(>YLd}<~t$pd7g{)vm5_8fbNIBAFGP7%vpga>X`Y5iLo9VoU{ zM=2!iR#V*>+Pu|KP{$qGD~Sq)387)hU$3~Hs}Z}!?zj*$?i;GKm>g<9FQ}`HJsKjN zV`%mjGeG}tF@-P)T6hC|PPLtU)fO(R1EJBmMTJXtlmQAaRZq|?n}tPc8`T0_6MU1R zO@o~2UaV3j>oD#ly=P(ME53{SH2$Tivke6$C*;gzzE+Vi0)4Zfe>q`f$eNo78)3cs zgJz?YV8+q@vASXI(3{+oy3KNXo3}L<=k%m|YF}bD=1W}Pit0el=*sFFrE)AWP2L{%8V6y2a&u_YkHn?MycV~^ zzZv7hxU5#>&_|~IY0jO=XPZo?+0mz|4C}a3J67gmcVr_k+c~zfZdT?N!q$TA`+eiC z2*sfbqX)T-)C9uP;PqpDdN`C+Zn`<#PNnjjSV*vU%psXO(C!oo>K#+z87By79r^^g z<^)nCFVnse!f!Rk^-&3pC{v~Q81||^gO0R6;FHRB-@h<%^)t3u2Uk6qs8YT zqf46#xy}Ujvda+_|0cVyOqaqxp${#(JPs?2Ag=KUBVdJqrk=$3<96%V(a8rMV)|Dh{+g>H zZT&tJvG;U=s+M^8>t)-I=_9sKUoS61iY`w}B*cR6r%i5HOu2j`^BuKkJ4t}MT;#yJ z$2`E+65vq}0}+Ec-#r+;ZGoeNp@v3pzAu@2;DV~7W;PqWi8PqayEe!#jfiwvarSBi zb180KTr8wcv)&+HP;qa5SCz|=sySI{JMAmec97>D1%SFa1_lHuV#Kf{zOXA!1= z7UI!>mfbOc{k$4@SpkyS7)_JrcSPa^df##IH4D+$-YKW2m1;MOH$CII4XFXh?oG~Q7 z+S4~i=5V4U!vK*{zTmGZ11oE=>>ZJn=2-~zXfw^hnhNj8r?$-7*ez(KE1Y63c~K=E zie@xm3c{_Xm>Zf$l@!V3AzJNa-w~wW(1rFz&fF<6m;DVk%kv$+?gGh< z&9yS0+g(F;exisKW1c>aIYGzFoC$R54-)QK=I;zO@|9PVFplt`BuMX=wfe1E$ln!G*JSXGl= zH|Zrs+mu_>g-!NoqQ_@WRkg@Uo-ve%jtP0-(2w(L1$@65Co)NUoiAJ^tFL2$3;}= z{+$B85Q^xV@#{;c6z-IfUP1)D7xw9cw@Bs-Og<)RwgfFw8#&OOg0??J4A^e*h_^;CadYe!>CZTyInkFUlQuK zuCs#XBL!;Ixbv|R?5uIW;IuOBW$+CGSCH`!A~B=x8DR$+m8lEW-KuD(x%1=6L@nlA_O{(TM8Tx+nL;dyhG8)S6$l6{HZwNjgox&q#_cms7 zo3Bjhz*c$q@ajoZ9DuXhPUN)YdbQMuK|jIQ%QbKOdecA7En%@KuhwDm?cvrIJ>N0y!j8$CRTW-fNZ<~nV z<7tNfle`CQ$>t#B=(?V9Rkek7h%P&FV1rQ5EW^n))>|TK;0LD+VBhqUHZv03|5-xb z=@Q!IgN#7AOa*0f?@#d?<+J|}YN-Y1`+>!z88tRiq#JTXwTew8o#3&NFwp+3RDsLQ zcxvK;LUE;QO`WKK6m-)T>aPt)csIm|jQQVe8Hf(?*Rs#9rT`Ts`ko3v!PBpbe!NHE z;3Gg3`4f-g0f=x7bFCxI8edkem7$LdIDf_y2rbk&nD<&)x}sF z8?}GC5$?Deb8HdW`$=aS7dEHMgxvi;Bx1F%z1dit<=FOfgCS6-g`Tz9dWn?#a3Ns+ z@!kJ}Qzyt#Sy9!h7nhUis>kE#Du(VxuIGO3?pzW;GWdOlRgrILVPotoQh*1BVQN*E_#a?I(`El9&6s_)BNU`tvHMjeJZ`D!%(*mahxEE9iqnfWz%b$0 z{M^HKB{&7>%uV0Eh`<8udb!31=Dog0iL*XyLp8v$u!1=!YF2M157Bx)e~sAg$Uqj5 zK1xFufi{{7(G?pEZaQ02?JG^ly{M!nk<=*OZ*g!FdpBr%b@Oz%a*)gOjlk1RJU)a- zdNjk4`~61itIeaq3=Ob;N^bGyR}>bG1vPBkd0%D=(;^seXD=`AP@5`F?aqjH{1!f= zoL?R>aPKn4LT-aFysj8~FnKz1E0_mqdWo%SuyF6_dM+hFzQ1|PVkEtVs;o9m_z$LL zim0BVKbgPQ2~M>1=jU%}OLos{uu~B~8Xn-OqJX7sASTS;rOz~QK+XRhc=}iL>0h0j zHdx&9UC*1PSM6s+6f*4uDsp+|Jf@}5bx*hZ9VYtio%i+W(vJG}2i3K*vrW^^a+fuf zj)wti*OXCnbM!M{A-5@-_x!^1YI^Q*SGC=%X3R91?$=#$Z7FXBBq#Kn8_dUg#>h{% zv-8)8&yAWGimiY1o?b_v$iy_23O7=uuWqj|FxuFTei67C>GS5sk-Ul%HzCg3-&QZc z20*~~0l}O<&CRicdfh!uYr)S~;wnz%oDrM1I^{=jMSKQW037%}c2M3gnGh5!l{Aeb zVYzVD#AGePWZSt%O}m#Y@cZgAOic2Hr~5H4Spck$w_YBAz9V#A>bc8~tF#7sp)P$2 z2gJHs|4B+|lrU<_TXi9r6Cks%9qjo z4bTuAl^yWrI=1&y*Hg~`mFQ$(t@~r8MTgo&k*B}tG)wlQ%k2+1c;x%o()N@O2u0`Z zQbN4zjeKj)`XiAeYNXGQ4`2|^9qAgn^$afif>30`yVvICku#^X!HlyYE!_E;&$sqR zdaor=NFKT~K)e49KN=7RwQktFi&TBtzXwwVooYiWu}B!tNqQ%c(+o+rkXz+pL)RR`8}1IDfUJUP0??fZECo6 z0O^8vmtS9u2+X7w62~K6l^VsVDOXH&S6(#UU3bDVtTjUM!))5>#QwP7CGBV#^BTQ# zMtFLIPye_MS-ZMBv~y9TJSClC$>PwL;^e-a#jrwR3)<_b4yr?E2`-iYsnars=?5=V z!VK-#X*7Y+A<6Z!XU5fk)e-BX5Cw*)N#(kJotX(Zi5mb=t0md~Il~Qg`K_sEGwT-} z&HWl6On^z*zEU|m&{@%&Aqv~t9BF{kIncX|%-rmVyAGGdr60!ty0*pd<>CwPkM}J# z7V{g!+{p@I+Y3{^JSUMaj>3Pz#v2XbX@?D1+&j^|?7wvl@ymOQg4cYcUvKq*+5~v> zB)2U86%*YY$pc5o!fpbaY1s>#030Ju>USuJ@uFu{ryttY8Sefr{%$&HwDmXFI=5YV+na z{BI2c#>Hw_if#v#Z4E$=>2Y0HP`U@-PM4*n8tm*El+Jz*pXLdrecWhV za;p>bqmcz+|L4$64 z#X%!%GXf0T&FGY@)tq@5f0yqt?N=cLwtaA10kujaxcUSXB z6&qiG4H4!30&~8tUFbaGAbmdGAL~yA&b}ye^}09|7?ix6Hk3x|jp^B0qvrI+yCW&V z2w_4U>YuD8wbH7pNI%r~Z@T%~R`k-Nz%kWQdl8)lRb?S6w0=EpA)+Ea&9qMkBjl=~ zAHaJNIVIuo_%_3N#6HsGWGjH1*GNd(Q`9gC@P=u82-0 zWJl5eNK6iFwz;jtpl;3#Io+<%yvN&wYqqcRrediJ9v{BNtheW6G}oLz4~nQgZa~#! znttk|E?ADJUhir?nVHy6HJf9ptr6c`4qeYo9Rn$b`#`u+@Op=50ZE#yyGaBP_3Q>^ zG<7lRe(hZz1m4#mhyG=C0iX57=Hs@%G4Jj6$;Y8yc9>{^m1Bc&g&@fclFhj zb&=#V*GKZY9N22X-0e_1*P|y4CZ3F#E-3_nb~XS&8Bvh>6a_u&K`C?B#~bjYuC2}8 zukQs1vnPn)Ga>Td`_hxHpH6RJ(&6DQvwrPkR_c3_)?5s&3;h!#?^=9jAThj#PU)#K zEHTSR{ht>$iy7>Ql{P%rTAU@#P9$ykM5p>6iXm^L97nLR1Bmr76PPkmup~lzm|Slt z0-q8yKWZWCC|Ph$o}BeM3`S$cosUh_IvvrQY8*)h9iUey)Irbn zh5!#;B3|xs2?K!^mQ?kg5M*w|2TnQDFQuH7VE)J=6#Yo;1<7@e_KlhFg2LESfprE$1OT2!(s(i&1N z6=?~?G7S$ox*sfRU=cY0?rtjh<{{4BzHn`iiYD%7XGDz&_~qPugvKIwqwJ~QKY)x9 z)3=}d7khgg(!7>wFRoD_1937&(^ir%LM^M^4|9RZAQI2#olp7_b{J8naygzH1XVgN zEGF{s|1*s6;({8IHXN7QD#zbGF-TPeo$qk% zFx@PR&m|)`DPc^kH1@&myt$bQ@mHf;F}vWCPgGqGBuTptZb%K#TqkD2sd7|sSO^SQ zBQm9yUlXL@PX~6Gz5(u1{Lm{*^a8(yt%?SEyy^Xe)t2}vi^ zri?GoYsQCEqR?J3k*qiPb9+j;fvkSGVUa@UIvR5*#4Fez&)>N`{B5-?VZ8}V1AEHW z9Ft4U`mA5qD1bdjIW+-Tq2X_d;0SM2v;tss9WKM$+zO?F@$rbsPld%Lk%Ul_d?SR0 zVY$0maB=*ja@N$N8s5mR)~0B8A`A_0 zK*V0H377X=$F)kr5%b?<>@4ZG@xtxFHt^PJM_GP8-c78RU=ycQ!&5)wC`%EJ?5rru zz$^cK7$1(w(VmOBIF#FtVJ!xKX*(UP%?VAY3A6f46t<0aS;`2nXXWRIyB|!zY99vj z8Y^)1#1*{z-f2nCFA=J8h_HUP?9jEOt#ckBWFqHT)HJUwdsCFw%Gm|Ww{OB-k?cfk zZX#^$AO;NBp*hfqtB3NC)6xsY)P<0#h^0(~Z4Ae9CtaAZGydGsvv}{T3wZnBH5@os zhFTNBjm~7DEh#0mhEaF1T7piTE>t_$Ie;m+usC-_1{12VqZX$=&O{cwRV2y|cB{*5 zJ@G&UJNnv7k(616LpiMze_L?6JG!#lz!4Tb#W=O^9Nu`3XU>>i*^^d_67HKG;mQTH ztGT5W3<#UvNjqMq5Z7}G@`1O#9<+*5@Zo!>@X;}z!TgTnDaFWYk-@>;1{Q=^H=(WW zZ>waN$NcW4%*q){HV~0zttUc^dr_X8iZ4GQjO4y6*q2<4f(}Au5{BQ5C@?na!-Vo| z#?d^*z@&hOb;Pz<4cT4o3VKJJ^0QFPbBdCG#YM3ZT@Avwf7W0 zKFIUpFrVi{CJvmXe2=hWrK1^TrS-Td9%McSDHAO0ov~wuGYr|)mXT71v^jEkdoNmw zXr7nGU6m-z%#gZ@l%n6-dm^4iSn-Y;7-*}&3Brz+67s%>seLob)Q*QYVoQiMJT)6p zl}Q?w&yM4@eaZOpcpk11W>nqE3W4^76Lru+V|Fu|i7+DXAC|!x>$fk)9h(EN$Vv;w zow+!%{}kTYa}n=wgZ!^j+XomCR&~P3BTS*3W0t>h+s+>bYDF2%yMjW zqwaK;BIDe7{O7H+(z*ZDiF|1eYL*u8vo(R4jUDtltI*TlIzcxD-A7SY7EYa=c!uve zk%N<|U9gPgT|sLAEqO)AzFvm(TZ`AvhXhRg4h4BI>Z(9`YNg8ZAp8eSXFuE-!u!!c zEwYQMa5!sbjWKa_hmRjoqFgjlnS2%(d#%YR;EYwyEOu!qz`Iv?{~kcr z1K`EesG}S?nORD^+U9?urvFBfgdLF$p}nCGW)4=cb+TdMp$=RudXY~mn0j`~3X7~o zDk9ev8*u+hFT`1rQY14SZ+@78tAv5?m0$RTKjh?#2YIg84Avtnziieu9W|pv7@^%Q z&CkOr(NU;ycTehK$F~vbmwGBubm0ho`p!jsaa1m^Y54k79dl(vLioX#UeZuL-_RWeC+))3Hy_4Q9+nrfh^-06(`vT z!?qF>=VasLRA8jh#dIVhk)J){9n>(;UWG#^%23GyvR>+@lPkL>pIRd6rcrwVuARS# ze^WO{?<)Do7Txe>q$acFxoK-J>1Jy)DYa%O9B_(XhkLgy!6S=p5v1FMWS*1Ednq5o zq>*T;LuOhQ4)Zs^=IbQy0F|0H5`=$8Cg-x}3|{$M+=Em2%Er0udQuh;TKj)e_-6Vo z0a?s*b6J!lf^A0#$2_{m0+3GJWMriBun14UZ?^lx&$0=5XH)R`$Ei3;J4--~dF@8M zl_ilG*upJ163^ZnjwpKrXtWg|eM}zSmHSf3Ik;HfObRY-IO^8p*mcrSQ6DAMAhH_* z6Yw1(Ntk0oUAwRt)kTLg-`9-O3Y1`0F75~n z4Mc?HFpA1*p=rSHBsEZ15zj!yD>}PaO2%`s>G$@UIK|2BW6t`{02Iy zszZe3R);;G<75SWjK0xZfRU*gV%Dz3W_xw|1@v236a=*vWF9LZVWJQuoH$=n{alSn#a&d~W zt>Uf`qFl4sj>swYgz2_4*2EAyl`FZFGj)0k8>l9Hxjs@-uv5IFn}1G%TpAgqzIC^< zFd>wb2gY#H>V=H3?*}LNiZ>)BZ1p;9j`KpeK|9*BlJKWPJVSYL9nd8OinB8|$J7xq8Fj*A0uQL*mT3P{BBzx;Y$z1Mt9i z7Gt@K8vWKnoIi94AAEccLMBtHc?+SY=%m&MXsX2j~pu zF&pi<%8Q|J!avQB@P_DkbfgnTsG}ubI*`>Ce!vj%aXH; z1MKX`^Eudu?$R=(wlayW3>V1R2TMa-uuKGo%d_#u<$7M0W?1uEn8Ou0uaS)>0>c9F zc)U6E8*=dVp=5kYNA+TE^|*{wH1=Y|z!;X!j&LK7V)M1D$gS^0naCFlr*UF2icAitiK z1-YHbNT*3y>#uXhK(444K|T(IjMhOzVLmQgy)NlRF_Ru{OWX0xCEfg#u*zRv%%7l}l})`&&KVI>_=a9wtLcQuS?iKsz-!eOJREHary(YyQwaC9 zj}UB><@~ZSd1$0f>f?po%bFa2yx5C?e_`DOZuDu_;YuzpUt>^#dLdtjlBS7zakFzM zDyRc<7o)?R@*W$8@2vHJvu-Q0k6&hBFCF`m2zAZ(6*3T3-y>rohe-U}GYMjdk&;pr zklVF}T)|>5IvVO`-V3f-MUVc3y*SOiINdNf78ulnJ-<6V#vLv+c{Qm_LN~UfoPi>3 zLJ7J>#$i(syR#X9%Dvw)hylxrR_?z#Z0s1Evm>W8*Icut5UC_W?NoAj-qaje*5(uD zMtf%iYeFPfrljH;eH_8HYQ(kojf}>2KSO9#XS2}13@3{xMcWk<-h=`?dz8tAlexG$ zZdb@DN6H8h7&NdWatga7E&HlaRYMNV${T5W4J{3HH#eZ*S`JQK;WJVoCCYTTFDja zYQ~}%BGr$O79;U|l>!%_HjK_yYDBHN3aIjV|r0q-+}hlHfS1K!PwkV(hCbFN=}#bkLtyw zF+m=*7&J|yJ)ulmuq9LH8%lV~7>KqdtmpUdT820lacI^P^72Xw_MA(@!OMk6%b}et z5%x;RcQenNF4R@kBA2}6tW#ld(go{R1R^2a1>WZ5>1}NtEnHIK6o@22P>2uKBzPgp zhcZfd_HObx^eIVrGmis40$Z#q4w6~5@C<-6sCx3LXjtb_5R zJHy~*)QOrjp1Vx;e?^(Plt=qm-h^r<2}g7d;N<26JMu)LvWk%PX44)g3geVsx3N~9OpqlCUp0}~SZFKV~NR|a19h2`1 zN)q0=tkN=Yqdc%{EspXa?pmRqmT)mbUyju22>fFp!>ASUGEQ zRvCLXP{EU9?gKugSMkO1Oq`%@3Li%3 zW^D(#vUv_`v&+(%9KS+0>)5$jz|5QyT4PCD9phGGTY^7UJB>iAsSta401>%b=};SC z;<}6e8-K58Y(47+S%5@H?N#o2=pod!us3_JvP+Tny0D!7h(fYkKH$+B|`Y6&Hv4Q;WK+;e#si;qsgiaew(aY1MR$$rBzFj%|y*5KSaID_V$w#%@ebB}&O>+T_q6Z$ySux57NR z4x_ftkBtQmTnkP5TEf=JhdzCy(Aa1^w!|7n^aYbC5Bra%lEy#FL_%K8x@4<}u-| zTT96DQ>XCOr5kpjl=@TC!gH%Z1J*94uyZu$xuM4ROgS#FIHa2yZ$aN+VdaPwo5GR6 zJ&Tsx#>szjFMZe$kk7!1oS{e9C=9VM-+2=RbY{A6)02vRDoJQxo1rU0N^=BC=P!za&plf$ZXSB07^+530C{0vF0tR1ip3Sy0>CC!VImCM-sZ&^3=}Sa7$BJZ}XWZcHvw66X zQ6|}_Di-jzsO!VP)B^q%2Cy>jqOVtjTHeRId0uO2*|3N-lxRshJpHwqJhsNN<>6Qo z%C({0HPc|BI(;1jq6sF%`OxQcMlkP7X8p~mqVkF7`6d(IgZkFA4?!$Aj>L8!H8wFM zVm}Lwk7p8*WlS*#2DMq3WW!{$J#0zwH&l8Z*Bg46^j1I8QqQcktC-?-OL_Sp^X5fM&%y4W3IZu%H0n~QPgLNY$1EjyK5HWtHSQ7L0u-GtrOHMN1OgEg#VwWzOeM;_0Mn<-FQfHYTr zZZ7=o!U`;`z`_bFtiZww{GV9?;a~*%^P*zYi{5(jqA)R7P&5A!STgcP%IKhYgoR+^ z=9T#FLtF8)XLjSaeEpuUUp=)2KYnOA9@*f50CIaOgOrw$w_D%R0iMfN;5KhMJau&R z3BPtYd*;qr)Yq|!Hj}}~M11`DA^h=uc4l2-fTc~fZPXy#sC7&v!X1oZ$K+^1W+vYH zNK_#YLQrF|rX8KF^+-ORg={8_+lRbzL!!^Y78A>rOwEPr`fF|f_c z051d@gy@Y7_PX(J^7nW%Nh#hVf)BSahw-N*bg70exfaQps@77CbY2dN$gin5nrkXi z%&O<&c2Vc63q3tGKEv2M*gXk$9b8~1>*t5h;I$8r;*|WS!sPH17Cl67GLbWgwKIA0oWQ3UE$luVh8ekk-94QpC}9D}DD%wAANdYTrY~|sR2!; zdEeq3M37lr+@se9ApHByP3{8F4qR|qvxFEsg*>*iG!T1?i>MpkVL-JGBo zj5&!lFl0huX^;a<4b;)ZuH&m0((zSM=XkfCkcZ|x@}QG@^ipjv8cm&91VkNBK=PYu z9ZvAOgkDUy4!1Igr3z4ZMsBX~3h+R%UN454Sah&I6ZWHb2O zuS3pu2P}%^<(OTwst#Qf23aQU#o6nMDdJAFceSCcMveT^b_fh-=b|^O$(d~N4fMjc z2uC;?3`sDqIVCsOH>x(k=c_HnnWLxhMN&CZ>xQ6Dh;*MIFPQ5xh{A_a>+42GSrHB& zOd*;G_4rT<4(E&pDMW0yiSlstN)hcJvs{AG!I9lFgrsv)bs^^XK9(84!YhCQ%Mh%z z?L=2z5(AY?O3l)RY#vD7aZl1KsJEc8>>A$wC=(~IcYp|b+)pNc$l08EArIH9*g-dF z2s0+t*Q{Yc)MzRs?#<4D*fnTqVG^N92ReH8h+Sd@J9c~8@SKha_P~xXTL!DTkWXm8 zG8RP4b*QyBGWeQ;ea92=MLy96s4KSI4@U;@6@8h?tX!NtdPO?3N*O(rADa>yPj)r~ zw@f;>4e`t+w>QuH`5tPmwYZ){y<&I$SD&B4d*@1Vy}h65bv8M14tbf`c>NT4{6t3; z6YoZLgnHz^-FOBjLk3t_SVm~dJ_g#o*d-Tc&bP9g%GVR?SU4GEt%;7-W+Z1fqMy8x za~VP}`YMYgy%1|8*9$Ly4@oa3OT=V(Xuf_~C7GPdoRqy+-`<6^DRJ0J76L1Fc4sDD z#Rp$p#Op_^Q9_PxqHRh;$oI%F<(u%4A6;N#OxOzz?ki~<)^58EKm6`CJijv%x4DuB ze45Cco&y7e8`t6I-`|K|+!Kf}b5bcNnUtZWHTS*)XVtWhu3f-kBLYgHe&q-dK-{=;tW1LLsX{9 z9u{Phro@-`78YchYv{t&-<3i8KvGLEnU`?|2anOGNoQb`Yb26AY7CFo|Trq?p}wVaBs!kM*jNc_qO1<`buV;z7w`;ZvT4go{P6KD_$BvI{`uejU?+a|_4AuDWdVHUTI)9VMMgug4>Ka6t@Cd?Y>c)?r+KQJ* z&2ona3xISbk5wAdU6Mtdk;|6g@rSmM24e*tTg74kea&&bkjs|4uOC+5#(U)>+wc_#XA*{#AIC=nMg7C&QnpJ*?4`A}Z!4bYO zgvXCGgR?euJ1w8*a5<{^xw%=pc@sUQUnK6O&5hMK^d%EJv^$OJynhGyVH=AHy-ZlR zM>$)`!r^5uGIZ6IVDG^!WDsU}{z|O$B;8y}>M^-)?qz|M(9L=U-K@+amoIhm^@|PT zx*6!{G_SgOODiq9t1W%7?)J6#*>{%XnRUK!^AEx1O@z9Ccnf|Z$&}F3E%^C8q|%CK z(${vXKPqFo4Fxv70oZ=W?fCW6Tk+g3 zLiT$RL1WT)$#~z;cVOefk{H~52hXu5c8smVsJ;97lN<4aJEO2M!d8MKmRmX_GebBy zTfv+OQ_YSNBqtW*?3g^re?qOR4{artxX63y-}jfHxNh{;A?_HO8hVKFv4yRf4%#Z{ zH=ko+Z;nWwjwa?LpSidI$3HrS^DLC9WI?sPn;SMb(ubMsJTMM|3L+QOvvAkOfkjiE zBq$+z!;HeBMJghqgcy_FiMn6a(1`2RYOwI9kIVCjt`BXWDGaQLbmPX@LP4HX$R}*W z|I|?9Ev<*>LODdO`sl-xM3N#MQ#a+r+6K`}z2T^*HO6C4|JNx9-x2$za86B;!-tpS zM{69Q%UG7;5Vk(^QZf=*G+nN41xM<{56PL}YN#>pr)lXK!kVanag-r@^#+s_7UJtm z)#xVbkFsH8ZHvG~EZn$rgF<|ew)?S_cw&=3VqEme)jmdsAS%YhnZ*L7VFszRd1lRa z3)Gg*EXE9EEcl{}D?~utjhl)Jv2R}z_I`SdMW8Hxro9w4N{o6I-|oL$jH6j?6b^2% zEBUVp89xeDuMaI94{YZ-^uqm%aPO)xERI{ovzsx^r+4EQkF3K(t3wdaxXY>y>+sZL z+wrSsw(;+YPO+Q_g_|(q)w!LIG$BA(LS`-qLP#(*Xg@z zXd1&mlr)8w21@6qM-)r@Q2I`!B+;m?KnXvW*Uez4O4n_n!2TVG< zQFnsSO06B34z=uNzJL5P>?}gqYCQ4CMm)D81k2sYk;;FRyF>=;a`W)?!{+-JV;uw0 zE=qsQ04_H6xNoH!jP$w*b(6v5YsswhRio>gpO=i^{pl#)I8%l4*10A0^~guLGQ=I` zMtbPtMJzuf52rc53DxJ~`B*##-P#;x{~ZhRO_>`j3vJK-S@}Cg zST$SQ#7=J!f!EW6&KT#g2xbbsxR#M5>BYY<^3pm-y-xUb##psB5-#Mv8ptlfbtb&8D1Lx? z(bGyqjxpVgV%76h-E@?6Q&BIvrOFI;8EG;2%4m(QHoKQAh)O{C&B;R~ABKnX2~j_Y z##TZ*GjU*TrTDH}S%;gSgQWtmq_3kT0?8{p$n&WFOpKr_N1lHa-;FhayNpnb zJO{qGaO>3}P3?sD?c_#s?_tC4I|fzcG0uKMwG|yajMs^xA>fApcZVtAs-3Vp+=9u` zI-LAG2`Qp`b(Tp*c{#ANkpv0k%&WLam`w)C1l7m*U;+d7?(no@*FLLpbhr+7wpP<{ zz~0;()Cg!@B6W?iCxfyQx^fYr4cS$C`(`})=oUQUHw@#B4D35sj)}z&b6fF#7ARHJ zw^D8xj3XDg84D0x=k^uSy9JbFOUtdxma?C2Br3r%c2)g79hihvIqOW-n4<6QZNkOO z7PPZ-%Zc2Lp>fd&@sGd*KYbcctYuf2At9&>ui@2$&FCOB?#+${+C#ZssIzEI=*1Lw zg^;<5GI`{~%PPs_&CW^wIakVaoUilf|1C|#v6L+AD^{&gLao0YYLyppDyN(D1LP+p z)OG;5zctAHt!y~3Sj5$V$On{(p`0RIA=IdxrbhAo?(xfU*FC%NQi3a7MZtvhk9usv zW4HI3yYSa7&RFC;zvPpO>(G*#g|v!VWKDhu78sd1IDmCS5cyGa(hnI+evR-#{IM>U zNkq~BHCNXo{ZcyeSR|pWuqr*d02xFgXwlY(rVTrT99g)?E>%T;_1yVFl(1V!+34gM zo1b2cYSIn$nc9(hh!CDC^P0{sF*+v3@ZGivKe=Zy?usTlkI6U-x%6QpLv#2C#bDcg zcj1-o&Iq-i8lkm|2*sw|tMM}ij3aE!$qRcUXsk&tb6aZ$gx77tvv3>d)m*!j9PXminXWRGUjVGyJgC@NE;SkjEpcj zP(Om6>MnG1jhmQwn0$^Yo2Vv>v>dHWps!0xEjludJV*uy25|X{12}lK2pJuu^sw~8 z_n!2JgM&i)UEH;zZo~b{y|KoF&Ey44NW6R)N85)#K%Y)G3y7>D*G(6Di+R<}d3z|@Qwv)+Jo2mi@#K~eB(QsSR0~DL z1dAdg6R_eu)Q6h$52t$%ptX zvrZ}9LU|^W;a?oXkwy(BikN^~;fs|kCUIB01|c9m0Y6PJCbbMHkG{N!!x!?Q=pRe- zv?c1$s@w7APjACL@lFV{)SbZjYhmVq$i<=9xSSoEeEV#PNY$R5lxb=fOvGuxK$rJ} z`ex)Qfv^@niilI>l&~YXfyhIIp|;`Oh`G*5L-;04cvq2{XpkrqUX0W5Z$=|7s*SS7 zHYAs^h>bKy;yiK?=9Fkldcj1H(=12&1tPuV&eD*f+E2~-UGjA}Bbrz$L;<5A^jPGT zz%yk&jy=)ktyY_i{Veu5livd)@@Pk_OCZVti@C;TYef2ymFptlMcDJ<{A^?p1?MwX zqA8=h6Cd$ju@3j&wH41Vawdw4JU&Pt$v%XIGrRDQt#=tKM1B<2l=u-$^ zd(0!7cCE}fA1hNG7TLC;Rum?V1@U^DnvwPOVf^({F9^hUbHmgDv8$u;)T6OHyXoEV z=r(ooKCxL(WA!}kh4KlD5^*yuArgkL4+bqQNPYhu z$v$LHf^|@1nNtPz={lj>MbVkHuLs<@pUULKfe`t^_toP2TFBj9&d=5KvO~K(8Ar4G zh!SN)eY0Ruqv^Ek=Z< zl-U)iWx{*FjEHwUFZ>na2y@xMg@pH9R%_wC3oEd&0t+j!umTG!@c+;X$ka3;vx`Ek zzb!kL2|L+VgpWU|Cj`>mlEJDxvP{pC9T`jTxBCLH)|EjZRt2UVKZrm4^w-$*onK?= zJ-^1*C;x@#|9l)@q&E_#Ptn z`11#(IkXm{s_;7YWou$^$P-)c-odURR%fqpgFoTP{G%3;Ywb2XdV3Ij+uKlm=qr4{ zHu#L2$ZJpgOmmondvoKh&!Mf8u)&>}kSlVxWy1#H-TDWhnaRsM|2==UO}LeR=N#Gz z!=!4yN}YS*$-P(?C3KTX3C^>c$)Z6fioQ)lhY(*r+aJQ4ulxjOKX^&C*I)0%Tlad- z-(wgsfWL@*XeRowt*S#^Nfl1<+vgOwqdZu7+mFk`m9Cz7l?R!LE37@kup^kTX4>ph zV^?fi+N9(N^`f*OcU(7jKXj+0o8OIh9@ow9J+o2LO+~%Po5FKw3{x{bCQ+0x@d&Ho zMMAE#rw@jPM4n(!eSFN@I?Qbj*0hsi2>vc}1|%#^2)*9ZgrwvK>dlSwNWhqTZn_75 ze|`gA*x)X8jzGXo^79V*x`g1LeTcnq@CurFFZeZW}aC)M1W8y|w>qnnb zeJ{m+{&oYtw@ic%Z(=aP+RLQ7ka0z?u#bu8tWPc=rJg}UBX@+vt-#CAufd(f|F`cY zst6(LfA@O2WJ7NbpG5V!PL_u^iU($tN%=RsuiZIky*T(?KS?jhv<`b~JB0g;ep^m% zDWO;Ap7A=DRfdxK7U;7u(%H|0cAf}E3XeXDUc$tWhb7#&g$<20M7+qMudd{Dqm2sX z8Rleg6B~@YlQjqyVv zh1ZX<-%y+OJs=7jyetquV+SeE<)CHw?(^Tn-rwxPPoh{C7)R}c6Qs^1VD1vyB$ za0UNnm9`?Ks)4l$0!VumWokgbFcVikd>apPA6AU*$Bys4fuH~D0ufVM(LEg&HfPeD zPYM$H0g3$Y4$6Dzh85Ux_cE-vCbY2{yA}84;4-<&zwM)#1x~5-X^L6)U`nc_+kf^T zc0}02%b^bkEv@>gqDQ{#GJ#NQcwy9FB;na6BD0`hFSQuxXJ$?q6e%p&p`Q9NRC&Sgz9E zC=Qv0AJ#36#$UF(NIrL4UOMgFJG6JBwobh6=kxs6N2$16GSL_}*R~>`iK-gLp9W~7 z?t5S*%;jH$%rkS1JEF=}huy(cBIqbsax;GPUTT_#C84l`f z$PjN}$93)*Jj?ysFt%^<{gY(!zb@d5>$3;gDlg_BBdr8E+O*ZSi?J!%0G>Qo1r>{_ z2dRQWG+}MXm|t22&R?7)O!9eB9zc1B^dXv-b`jE!eS#-AhqZj|e)%-szt#y&#?HwPFWci&D+`(vYfP}_{ zvCG#6Ce5`dOJ#QxNd%h+#W~-@g4KTUD`K#i4wOwx9{JAB;SZlC;;XAwNXe}tUtATg zUeCwjbIEw)tt1>L&+g<77MVG@@FM(id$=A9Tdw2tgY5Pov9#d+`euhN9Xks;XX@-c zBkUd%AiacR65zUIoPjT^q3_tS6i=*hLJ*{buKe|WDh}oGX4=z+o~$$Y`CmW0@o)0?yqAeH>@pM`oVPLukzN!&wc1c0>WcF4 z)%&00<%{Hi(;!4|bPRUiwHYtHcpqMRa5=l@?cg*}hV-wG)-2X=YtG4aw|*$Zngf9%}76~Ftz z1Ni4l^4Bi>`Kfq3wu0SN{OnxNl9bJ%vbJHu945=GjFt84cWsq^{~z3oUvV$i`;*gF zrvuH+RXB90e$D|Yak)^}FoU0~DJ)F1*g;H=O7g9WwU|>vcp3#$*CYhD1uv-Xj^wAL z{HyYEvr?K&yICF9VV8}In+?qMv@y^sIGBwQxo!=fd-NXs^~dtPWRmn}oAI0b1F(uv zqLVB5g*@0XKq{99`+yK7^04!!<-yt01<|p=@YW%>UwRs@6cbjsdty{y=tX5t=D2Rw z=@Rypx_Q^V>TH%m<^0Hh@#+Q!CQ*FnUsZ|KE*%z?1BM*5Uh8KLF|(Z#~2VRAT& zf*&&nFRa|P5zjN>zb4oKverhVUo1uw3yOv;%wSD>t4i)d+KWj48TUdg$B;U?T4hY= zwh9<`A}yGk!A7eK%@+^g=dYi_hwN&|Zn-(mF!_4R&kz?|Q#cV?a)3n$jrl|@VF#xw zHAVu;-=A&$OWCG4!V3A;qH@lcIk!<& z%o~dw*o|JCjSmkJYLYyllWAlp>amb51`x?nY-BJ@xLfWiyMkGBA<+;x1%~1FovZMZ z+q@9tsfn8FWyoQGwM|NRTf&)1I^(e~y!koYn9+cGADRdIP~N7F5ltgF*iqidv3Tv+ zVf^sb3pkL|fNJu&-fY-k$f=>88A82`$=pHk{klffG&E0vvy_o**TgFpKmPH(czNu+ z`RlXW@Z(*9@EfSW@vpAn!=nO9cjCdTsl%>BTRYYFQtYRTphZzFfGgm^^>r+;KFSI9 z7UVW%0Yz?es_W!o&>I~Q==;Ve) zcIp^ouo-;^J9=R?8hCWpZbNHrCC=pbqLc8^Q-&7%hB~=d$(Qk)kJ520w*sm3s}o5T zaPd+x@&(MasXhHzCIH8pdZ&KLT>nNSybW2cHH=igkPdHVMcbatZj#4-Gplu7?O zoQmTah0@(-^i_Z}CsT3cWcK)8xLE5=*^8!Z(&~JDl6!cOR2R8O$|;jRf4z`Cd1e;A zdiNp{$$Q+wM6d~cFXji>X{BUNT85C-ASRTsGE<%~!80-v}kz=@l zHi5+sy`4m+VBrQtcNqT^J?_?47Kn``N{Wv&RzwgA)p2r$y=N5Bf|XjMaN0%n40s{^V^g-_+NZhXYp%aX76Nn%eAAb|RXOp*GrcvXOW`35UoZ z(5+C2Hu<~F35&br4#oS?r2oDv1RH!N;cu|hRp_Rrz^Wh9&6eqkS*V*sy>;WdsmXTS zaVo93Jm@$5UM(gK1;TmRdA#=7RlIvPAD1ap*RsoSYEK%{8#>XT&15XkhzYu>Z$=;1 z1#3LX@2pMwv-4RJguIYR$v&iB!+|5|IB=m1&D5_E8fkrUFb_5m>2#w0267=!_%U+ke~+xT}`M=yMWIU$@ko$O&Dq~tR?q%9M^5}ifF8g z^hAVKCt9;F;Wv8XnRvfcXb8I zN}2o}GKL?MgB~opmHVAj-c8ymH5(IH@a`l^Le&PE(9u+eO9kYe_Hcz8JH3O<`Mb_C z6w}7kvCw_gw21SD)C^XPBdHEXH80ZKUr7|EHr`!$E^9F1ZEsKbXjaw<#J>LC4wO;; za>mc88+({l-9i5K*@Hj*9i_-FEWz0vKB=}bq7niTNY3y8+UnT&Fa(&e!6G*sS4EtU z`=)e=z2TW<#P7Oz0G##h-{&c=BpUJ_ct7RzUd7{B?UUwVPf{BBrkN16^SKIVBhL<}F zEroBOIP7g;MJlvl?S5#smf~7zC(4>fjruSX-t8$xC~hWFoiV8dorowz|HM#{N`Pww zTOR~Eu~1Tj-TBqkxKKdkA|Vz$FO1l@V8KlpuB$^1Ce>LT=?4ciS;%qo z=Y_gV+(;M3!U`;`z`_bFtiZwwEUdu)sTGisLr}}i1xq3wS&1n_YiTvoc+nEju`2j~ zb6N`-lLZ!p;awDE4GY~N)boOUE{+|#LLS!9*C&bP$Py%l zgS{B6Ex`U0iR1q!f6u2^STQc%BNCUlFb7lV8%9TWTMP11uHw`+LbDTw5Qet!3JSoQ z4Y61g;R=6V5H)&hP+ZJTt-KyqPtLzDsOlW@iwfpE2R%CaUgW9U5oiKa!rqtU)*v^p zd0d{v8W`}>YQ&2%7&H|D<%GqNxbwC++_`b$>kjdEgyXt%nKOB*w8kJpXO}2tbI31h zoiK+f-(ta}RAiVmhdVaJU>&*7>^0g@PQLhKr!#S2j(Z^^?4yybBO)S#v0U(H8TO&R ziV)_6HxnJ8^HC=<+{YkgJ_EF;67k8w%c{N3FA5TsM7f$eBgmoU9jW4E6SQwIl6p0m|BXpuw)$ zpxCiB;4|MLo?CkUIP6{@jdcu6+AHBlp6fd7Wb#Jng;U#bMX#Fsx-Dsl7M{Cr+i~aAFne7$_NJa9f}IKO2&Ud@mOH8_l>EGF>w` zdAVWb5@$Fvn=s6-X#rI&Lh6G9T`0+_CeJbh#M(wMck;p}+Rj}oJP>3%hVC)DiGbj9 z)G)I~U}zAQ_z_~(Vg#LSJVVa1!k&qKRnB1}M>j+Vx?`n>9t#6lZJ$zwGA0@odo0^4 z3UTQo1COfe=kauWlH7<^CVofHUk1mRa0rQy!7_hBH8z(bH7OgXirM`;YjK=NjBriZ zUZJhUWEkOUJG+_8G_v4x2V>*vIBZ|+g(c=)C`e1i{^QxWK#uZekuYJx#gIulQBZMf za~Sg@*liLJ=7B{a4A{sBzuO~%EW&>nLKo3Y3a(Y5fsvqo>Z_X{3+vW}LJuMy(=!*%_9cPt8JZpH~Z1iFAOiKyQoJqwO$BNl~PuoT=b{(F% zhN9z+$pw8;c*WrRAZ@Im&zauir2kEM>lVh5cHe;LE?O**(&pK1Alky2G;QOb)7egO zM#*G7ED9rM^fz#I815&!MqWOH+GR*C=YGkF+@Ta($E&lI>`OX-y7t5YP0*^Na9$xM5u>3i%4m= z`FHmI?r`UR=?fdhB$9zH=O^o<{8QeD#xl@5h;Fg3u-N!^X8sUy>YDh~`g7oGgLOd(~tl-1#>Zrpx7FZWo z^S`C!BmDs)(4-zKKrUO*=Fgi|$#mV+o7B)o`%sRw)Os{>oyl~>(SdSye`cgqOSE7! z-3bh>?BN|X^^PRBad*YA=yfu0wPYumfK<@U>2^x!=Ew+(c_!#4@1mO4h#>#$?PGqd z@MXnoy*~^2m`KwyGKaMf(UaDX{{84H8oSm8A=+A-iO`!`uIWEC*oBVzQXD^Y8HcVg zImr9DF#RGC)>2T6l9nDxH?^1;pP-v8R?{&yfdf@dOM|{aX%liwStuo!ck&2V6%%^8 zglIGLe`MC?EOypb4zJCkDt#L}ETVmlb{oO~Q7g`$Bh4Cpvf0i*HTu;)G?^{Woca~n|!6&hLqY`=I>2%;?YD3-Oi z1YgJ-V2evK)b6uWwui|xo8dJ}8VvoDO5HekG)2~}Ck-+5hWRsq8A3HU{RM zBbAi-GRMpjEYJR?QGS}yZ!g!pY`D>oR+s+46BNgV1-Up?SRXgJZHNPakAkmKEN%&E`G71G9HV z!RWls{(nbY6?NWF4AMle8{mNikFQd zZCYntM*IfZpmW-_32=hKMEt~I?r+wmov2-ex7xrO*C(KI!Iby-mbwzRG9(#Pq04A{ zb5RH^`69Lh1Qa>8^l)h18XNAl^3D0ntwpK+)T8I>R17|)03~xi+Sq8cu!6%{<2ul& z_eJxTsq7$ltgF9ChL!C1dnh#}<~qiqGcpmYxoHs2=HNv4YS)CM>PRLLu?x3o5+D^g-D2#-jFxCSF;tW)ro7n^ zFsJH63S5X4a~rK4apF@4V;O#Rn8(HSI_KmlW{P?d6^LF)sIvavt|kZ=ve> z+B2q&Pa_%R%@Vjpwcnroo$rq_pB|bx%kG$e6CGG5WjePccCM-4Plj8F8PkZaDdN)o1G$qPEc zP9bzNM<5*3KrHItshWeq<<{mBX*!pq-%V@gmiG;J8_%Kxp<+6lq#bJea8 zyBFDPe|lYzb=h4K4M3bMx=#AcBh!CL|9hwM7~CIFr?2?uy2JbN@~nCyVH&U4#nH!DR9l?Fcn0TWEkSXzZXt*xKpb5F|Whbih; zDs6T5sX<}1t%DdHDJ2_?C{#G9wia~plcDrQ>_upWg0-wI+{n~D_*mLL6L7GiidFXv z-DnXq#i_y+edHticpBiy_TkwljUap;M>d`BZ->o}QJc;Wlh4$0^z|geeDrT955%#3 zsC@LyKT{)51~+ZZ|3eWE7`lSU#)~T(>avIj6=oOeaQB4bG#Yv^yu<9Tv|}!sQv`(xyq!Z@JTs%xKdQQ(<5_5V<1T|I&e;f@ygH(0>PCgyrym|tDKK#b1okG zOT(mY$8*Z7XZ?PT&J0{BGrN5Fy1gsvkLYT9oRS_6Avcft{(Agm3QY! zc2ui0nL6qe&1~P#95d-1zmn`!zGa38v%nRYvk@n_JAoeMN&@W4f)k= z&(htJm4tAJ7j4&QlA1?2srH#aE=QgmhZm2L5k{~`Nr@l-M?_;azD9CO;fhP?E!*~; zXI(3@Ph=h}io6pNT2i;L(eOE;2B?6JS#_rsf9yv5z_($v!v~A1A=8&un{3j%?qV+c zwfa^cRfkXeA^^fOhiQ5GR-+Bo_vlj#|yOWMq6>MI;@|6lw)~I3U{&!_K9gsJswjf{SAk|48 zF?kznEx*>ZPXI;N`}FKzVNJXf1MDANktT-8HYIY>eUiCT+N4Ixm2r62FFo|@2$oPq zUBra3#?KdE)F@{uR)x+Vi;jV*oG@avEi>ElzHLKNWV2AEbbeh+shGC6~KV3PhGZ|#zk4J&Ls$ok^B@aF0x~7XHtmdS(YhFq~oL)!prH^ z>y+#bZgQ;YbuYdPO<(h0MU2XYl&Qa}1i6)1#NxtM@9a5hu`-c*Btne{OYuWk72Gg8 z3o>~7lHn`z)h3WTq}yu9qJxNNs9N2;0WRm#Y>k;h?%!xIWFE$VI1GY-l!};yh(?=Q zzz7T4vX9cBP;m}<0Wz9?CWX^sS4+<&)N`F4L!(28V5HaXZo2a$cf4H5YbD^*z+Zt$ z`fE@}>kgsNbouq6><(~{j=C$sS=x_ZT97)=Ui z#89{l80ZIEEh!=ckn5pXDg_W9^qI-32W`tTJ5LUrPkuu^?{IK-q@Xb~YW^X0^gc4n5H3u_Sn6!! zWr4*`!|TH)1aaz%r};YKrohTNd}n~FdZTFkOLYQ9jn*m=BOu_QA-A{-9o#F@CW_JO zl|!DgGifP>>@P{%`v6f1hJUsnrc`s0WcTB}N6Ill-ZTbG{k zLLI?`bhq7cvlpKF9WW&u)s6Qt0p!A&QkbrtRTtjZWr@35%*eGi@8p=4Ox#(FtPLa7 z+>lwsbwq&oedpPF^Kx=GJj5wiWr7z1=v8aLtCeHxNw_${zZuDl9d1MpK=*ZNH^q?} z+)G?BoqJgGIo)`8ZNyw}f)9r|%$$2c!8z;A*Y?@#f zvK5zjhILqJu`j^h$FQY!GtpCQbM1K(Vv~XtAa`2g(1ozH(dKs3^RiEeU!rI0j$V5L zMLMAklb4JD_jSn7nJh2KlZ)k*cENedE+pY$Z-{H-4OeK%Z^jPXf74KSYARbbRCv+3 zn>QUKyHEJ}-1EFAcrK)~v1u&djqWk|E!Bf=5*Gb5)J}>=e@1e+z9xGYnz}PI!)GYa zmbE1z!m8H91%^nAR%Z~J&$@SOy_TJ~B*km!5=92iv3Gdz+(!&)Nz2Z2NlC532Y^OV#FS}-7$)g{tqt5VcTNr}bfN`uJ z0*p+k7!mgi077lrU>MP1a2z`IvJ<|7;*}5Fvlgv;O#lTO89BJ-c&{s3+$dVUbyFky z@Ra!42d~pNUH@==ZMxk%^X-6hvR1q#!WkI1MA&-aPY@1l>q6~#k!d5|V3pO0c|4}<%q^8E6Jipoh2qz0Wy%71 zBquzm7G|RW?yt^2KL_q+yDD!lV-Q}k8`&vu*tgvr z`E)i?Lmx96FcW>VaALuv$R_(as^^n>`qkSZF8!hO=5DsPXdW^os4^kNTJpwg_+K4 zy})}uMwnh7UtD)*UV;plj3BPfO^PN=Z@18><&{^(=ot@v+3x!X;NSYTq=zoUp=3X# zdxmKHf&C+S_!AkIIWGKO-SDe)PuMSH*$(e>KGvf@;y-hkzfbtW@00Rd?;3rMetNcN zh1bZPTo~U>JVLVS9D?DSYwA)@8;bO&;O3R}SO1MeFJBHTPf!Yg%}fy)R|@?~ts9WM zoC9#zv!BCs@nfnrJNKqvDpY(3BQ!PauP;b0-`=qtKsi%jg9SQLw-z|qy&1tty+)Eq zlKc|t3`c0cbdaa>J8J%*yK{7vbAr#!P1wvnfWz&h_xPf7<$fUXdBloeauWqVo+j=O z;7{PS0{i+BLF6MlNljKj==Qim_;17V88$aGCk=#^R z3d@q2fP?V4}hE_YrB zJR)bLcCAs-YnUPxT z?7vuK1*?`Cl~HN5+J zg0ouzh|Di(c{%4}e*F=)eU6=3;DP{R-4tkb#;kmk-bKF-OqS|xHLn-ExKDi@=s3BH zRYV;%Z23nKmcsBxMjKR8b&hLhE=Ve=pzL3o?cUJB8p`O?mKHb}yeV;+@cK3`|J^(e zU3xnv}H>|te9t2!&Jxd7REdFT1jcM6`z38qn-Zt&8rB*S?uegJ7 zZRxuI@iJsMV!-6If?}|v%iG(NcpkUK%jmx$%Po$b{eJvx<1qY`cRh*N*>wWN%c&aP zd9UL{&p@FQyi#kpb9V6xNWNmf6mtC6=m&{hxDeeotv~)EM+s7q@Mw_gYKqPk0s2Ya zL1bF(qf87#%k=__>a1uc21{)ni`$Q{t&qw3N=mH8L8PO`kcK6^{zPdhbqDtz`J{`2v!09m4M&<2vHx~gJq5!1=t z`jm=XW z+Wwqm`*rKWEetYsV+6?}GuIQ<_3O^@(?*u{d>zuCW+BCm2^-rsi14@_?i}mzzapK{ zl|7S_*+HYbQ#}G%6mJB$sUU=(76wSn^OETNaihzv4)~eQ#K6WUp`yHe+>+=e!qgI) z8I*V{8-oV-cHZSNPkBw20iC*omB2dd?spn9D)9ln9)Kt>^*=_swQiaCdIr*Ed$Z!cE4}q|9aJG3Sk(r{x#*_&SQ4omCD{`ve6mJ z9#Qx{N||Qn<8m#!Y)0$yV8n>QJ0~UFTu1ui4{8Pjml3zz7_B)-sKw%c9d=ZlmCWw( z@%een*3FIu+*@7;`^6z}V~8I5KQnvzbb^SxA0{ik-J&j+$e%}DoHO_}wt(Ao5dY~e z@%}A=`}_KO!1V0sMp+&{p@Lcw1MuhxPEO1k+Ay1hh)z3~I1sksWey)4S^Ww%NE;wO zK8L@tn2{5{H_=n=k1Yr#FoPKGq6Q@4LH4(mc`ps>5_XdaSaf$ zDc3cdS(=eKZx2li{vH8;epy7$H;Q^C{|AXU&S$@ZL#0dcMF^{jp+&>I3N;W;Fgcm`bG&5mi6#I%`=GR8Z-4+J zp>R^ps#^i3d7a`+zZZta`e)Z!P6A}po&tbMyB>-8dRs&< z;7V^vTx3=`Xd)IiGeB=`=8D(5 zZU?W8*~)xw)VoHHq8`+Is=saf&$cUG*zE!C$d&J0&DW9`iuVJ)t!^WZ`k~iA!K~9Q zmK@sGRCXuo{frSN0ZJm!6~j?Ksz@+u$OlY_osr0?bzb@4qbybcc4?4DIgex02q2OH z?Cc~brxXUFEyzom-rY~9I7-~ za|X*TkiJTm8jJr8+~NDf;PY-zb#J-mNVPx=yY=6>dN30=oOb@T5Ep>fd7hk0M*CzHSX?KP- z7}mUe)aiwfYc$%*VALC}XPgDS35=@amTFq5VadAsl*<**R6JjCYT9Co--T7xXumPi zyUaSXPo?q|TXBah$KY`?VNC3!|09_?Q?7`qvKH>>uY$r=S^p`tp+}~vZWhq zP1lQJE!05Tc8r(1Qeabfc_ijj0gYlAHm`mM!o@`e0v79`EMRj_0Dsyr4_Ld&xK)lb zh?TT&D*pEyi4efs5)EmKOBWP++AA_hS!Jas;8ctId|qd8CyRFDHWpk%SY7P`;#PsFPzleE1#}!v7Bw88hF`Bk5t&%!v!*J3L1bw6Xf9mmn&nI1NAaGZg z*M@+l9X$+S_Z9o%IBv8A? zI-IaIm>Hy{D#4z~G3}n^>ZsM>p85NB*#7fajFa@8?7OW_d9D&6!E$Qi88`sRlATO^uveTk4E7<@B9=0Gl{)#$Sy3_3?o=HJ)KQ{@U5T3}MHZ^oUqq+Qk zcBxzlucU|SjJ^V~n;9;jHih1%TtM6e4GwYKtKAya0}*eu;+0|RGhs7XfK5^pVuzz7 zGj&?`e_P>M)nqlK=^Ei>8(|Gz4w@yXyNtT2gVc=};h@roKg_|@`2@e{D*qUPoXs_C z{_lH882eh8j+9nt+jM^3UtVyB!~6b?&6++vR*u2ZbQPJH-mcu70dR7tc=bLRd7U_6 ztfjCq8*)0XRmYzuGt&z-J!VKT8!un-8)1Ew>qk$0Q3#a+KD9*Zy2fUxlL|;tF^Jxp zWs4%R(*2ze33&#wvdKELDrtzpt8EV{lQFd=*=ynZ7)snP>(jE%kd~h}QXk@#nI7M8 z^tG?ol^ME&1IM;j1reVPbv+B=ekPYA2kxQg9}GI_MH1bi6>y|GW2``~PjeZ^@!1v< zlI+@2i*`yU_CeUY94YP#v)=wS%x>Nqh-RbRfFaX8>Xd^!(H2>5-yY<^=tBu+lU@zU z5m4&uwJ`kqPw%rDj7@a11_;}ioz`|-&1O~ zFeSwfbNH_jtmZfeoA zx|)Mrow5%kZS!q;;R9x5Bc z_|h4kI#d1l;eW}X8HaA9=h1DLXrhdJl4h%%M21C54eaeXo7?=|w`@)RX^=xTxlYEGH+$`=*#2OhV6o){|1yf7|0q6TW z@-m7j>1z9p7`az9%z{+$2n!bjiwkVR(`Gdx`a2`O304;9nAt@s98M>++MX_SU$-O2 z&xb-1Eh;b1=eT^8!-tkem^92#Ygekqv_`q5s`dweTSCNy2 z!RRQcWa=w%UoP*!=HQX<vDxAK%%m; zm#e$Lbinte(@QJ9M>bIWzaO+lS6{i(^H ztM#fPsApC|Ogz0sZjP`>;_?m$JCSz5rgn%kyKP#9#}9L*KIk1Ou#k7yRsvLhyo=7| zhJQo167M|~|2uH%deaWqfHHf4#vf>yAznKAa(PA zd~r-k8=;trBorXxsizpnBwO71Ot5%-jOituO^h4phB)>t*>nNT`4@&dYvamvS7~kq zAur)tnY3s@WX>T4#UN00f`)o9dG^3=cTXjwWG=8Zi)Ifbb9zXO0H=XTplt zd$wj*PdZl5HISi(5Z_3m0T-#5lXCtR+y_hx2U{_XF$|s?i!oB6Fk}fgeSI~dEuik> zSDB-p->UwpaIoazd!b8!BHM}DLbb^&oOo7JZpnqW_nY5$jZzX}$DtjDB3(Kg8%Nc3Uoq4wTrUR>q)toR*Yh%+hEZat=UjqFfCPB7)O#fE{o<cC@{5qnkPeNYvK=-`ewrPmMN*mY4d{g_?_7SzpzgKT(`(#CaepOg!kg7dA(64yeGi#))n_b^)&yhzX2R;Nr>IQLy34nlqPqv%2N zi#SdZP;=7>IGKSrNx5lbxRqfI*3!&CT6Z`eL4kVXEg~yp0?opFkZ{w4yQec8E#n-I zc0JM9(|warS3crOkK+;{@k3#y@c+cbl}I-;BW%0YIHbNgnyxvGii`FGy~o^6B!Jt= zwo^=1W`T76LN(rzIzQ|F0Ong z(%l#;cnhq@GTH6wiuY#$0v@#i6`W@dtJob&#Xvm7#4uQiMRJ1_$4fIyo(N=Ml47HV zPoU9rZNUTHwLH*Hvr5QM)~Z=a7?-0j2_0wsoeSql#Btb?qPoc`$h?9nfZkGCga-Cr z5=aWj)Yut?0*a3hBOx!f*CmyhC_jP1SbgY%`^AddIkd1PIm_bf>q^>?lMhu)m?237 zMDEqe5N47HsxL!8B5eq$E!REhEHM=LHY&|cF<}(QlqFt>njGG{^vHu~6JOs8kOOvj z2-=rl2`r>0mRIQg>i9rEY8&kYGF`U&;0R3s&8I}Nw&tOWZH2!j!~D{21n?e%zfv{1 zy4gcLv0*V^RENzmWZtG&1&v$)GAPYdaQ)x~1dT8gyH7Eqn4)-aj}UlQ#<{p07j2d; z6i%=3q5oDiSCctm3|+J|8T*VzWqeqOO-ZWMqdv%Tdour|6R;U0Vgu)`H;1XUsBsqJ zYa#nN^K#C&qpmnuuM49~(RpZ6*;)7^#b{OVBO=cfnwGkq^=<`@sf#L_)w|{A7a_q) zc|ni9YGwrT)%!whNRJ!D<)Z$oLAF@UwN z%S-3DCR5_CGN z^U!}dh7GvSg@Fni5`{J8$@DKd3#HB#OM;|^tuz>E6RCMbH;%Z%@99;$*mDN@Q7IM2 z_Uqxu3@U<2egQb~KfY`(a5EwaWkP+zd0qK6K$K&sWhZY&$7e96*kG^GQ}v@OC?3Sp zqod`*h{)VKgQq6RI|MHZsr+6{E>{)O3m#UK)5_Oh^v(^LLp;(jkBv#m9$Wqa=k*35 zye?bCCI_eXWMGb-VaLpzhWanj($Wb1L7AW(iJq%#3%!TN)X;N(c`Wq|N=?P=Rx=p; z%*1P?-#;YqmglEXb7)!Z=JKbC;ZhbG;-a^Ps)ZD&E{xWPRv{U_(GJH{x)D7}hV39B z{pcc*qu#@I`((H)zAgjB;aGS(cvnOcmkV=o8?0Qi>74*pdMDUn#e>((Mxsvo9%Rqg zgdU**(QaQ%Xm43G2U_L45)p|}+9ZpU(kRGopr9|?|P3k6qJ(Zum?sxf8dwOF0i31 zz$4A+5JEZSA8VRD)4l*v?VLowwRI^?9*KMkm^sr(N(d-r&9hYR8T=jXpv-1GXAw$E zLFWcSii=EG<8o*d!`wia%baLih8B{c-uMm#?9djq_Fm0)NM{rPhnPrI9zGJQ|DcX) z5fo@aWYE?sR>PJYOES{#nK{yomoM72hdVYl+`_s3UuqcO4ZF%Axam+MCzEslB|F8W@K9NAz`w4mb3es)E(uqhVACIHD1{yTQK+7 zD^r{LjUdOg}Z3$Sk9&AysLP2*-!`!QQ0*VCfn6 zZOd2DXrQ>A+Ln3u;vr1^Gn%UKSWu5zB?|O1t}sUk?7J^&i}yUH2_1F^Z4VI6)*fZ|%ryOjq(tiqS0q77Q)qS7`Q* z`<-iljmm|Qdx@qxu@(QHXayK~>!oWG#+ z{`{iOM3g#$ohJE z8UpTGm5%A30$p_@^BBu@$>|*E@?bLpm;(YroDR%G>N8^`zf^`jz!Bg*-oSviB1jm$qm6O&Qj+1!C86svhO-t>dqP&-(EQ^e<3kp8I*ua>&L|!J!XCBbeH&r7Og$u{7wKyo|Wn#>`k!z#_glctf@ zpVM<@R!-i>=Cgr&=O4qGg!cnQ_w~Kgdh@oTGmb>7!%N~$QI4A$ilDhrexFy$ zCyWFDYp+sj!J?ylgBpYsHp-3C_o0bjT!aNHn z7y}VXim^e1{RzOx@;*#24r4X4;Gn@TUo#eyS6gqZ36x^3Kwqd1e6>(Mj?1SH?Y{>z zN?xqz3V?vIekwap$k*;Yi1tO#@52mxv2PL$>fj9lYmay7f_VaX$gw6}4Gk?~sx<_6 zA>;md1UWa=^GCJe0nCVtOQL*K5*igh@JGg1)45&LO&J#T9MPtc1L`d}rJgk7T%5@) zV1*jYo;)@^H9?x)VGBzD@EBSa?CdaC$^Xn7kWqf3N@)QY$N?7uh ziOumJK>(#`IMC7ekiy?51IlJMn2}*feZ|GiX=4V%uD1D!4zwFJ)6TO;oN8(yM2iDK z!Hip{*H&P2{g9Qs@6tr#o@Wp6$~%(vxwTmXqN*bmE5l?(Q;oxv^bnQJwgWRM=?zkK zKx5=|yNSOO^p;@hBhA+5kHSbf!NOk(Y}LSj!i^3FV@xSIC?ig>nC^yx4YFqNp~vQV z^N7J$R;yD6PSRo-(A^Pws|3h4!i*Sb6AhK^lF?(Q)#>nlTGi&E5f`h;62!)zL{d%> zg2?y`G$US8O*jfV{$GHNE~f&WoZ9d`>WlYhKRNBn=zv{ zQY6oIHlDss)mR%FVh1jG)3^N71DE|TQvOMgK+lrYbD}X(+x#7DSnSr(ucr%gPya)X z-)9(T+#e%(@uE`Qc%Bm`v9!6q5j@!x6VYuNhm;(z~e4=i+fs0FQ ziau-JzYu@>e!{R`3pFp8eTY7bd@d+dx+(u8#&@zTU}R=_-e-EkOA}XhT7?QVjD-QF z0I#WX_x&P$(fj$o{rwvQS+kw@(}MC*6~eyL0}DVcwb1^JyvRVHs1(O-xeU#A`#kS} zG$t0ZOLm5lqYqLqPa3p8X`UPX@yPSW_WDd6Dv;ky`WW?ky~{>`iADLKP6aY#YS7V_ zG`_JKQbn>boT=(vfnfQR*%s7b4nVU3HXi52gI!j#H4Oj^LmPM<0Ib*_#MKupY-7@B zqR&hsL?rx(iupzGrZf0~^z&DrPDsAmst6Re`f~H;zp$w_XISBXI zQFpqGzyTDQ;+xFQr3AE88pGTKNi%@?WGf7G8n)WNVG-CA9*w@fu&D<$-O!cL9t}kW z9`Sn%PCmX6H+Havyd9J<7ga@R*fUJb&!)?fW!WAs<4x7h?Kd9$98&H~|WH(Vx zPpnSk)pxM!C1ZD-@k``hYI$|`1ifzrA&V~9u@)jJGZJHPh3tP%T|+p`fh*hUgkUka z2HBXPMAZIHoBQf!Qnr^%?`WJJ4=V#5w5!W)vDaiiFsA<;(ar5<_fPIX5@wC`J}KdB zx&GJlbpq~o3i{S{2F(3-FWl)77EX}US25oWgv#znhKheRA&7@~I*D#OBuKqkznqBT zD8U&{>SN=EsX3N2xvya;GZ0LP}mDhW!?5#X&WOer*sA3X$Pu$<+!~B|V zXS6Pa`VlA`jtrvTu&lp(1F%7}7HV7*MJyG_Opy08QG;6eFCUlYAF7B>5hbG`LvAYV zWprDK(3r$D8SJqU6!g$l{>)Y%kJ#~6*Txd8z6`(Gg%AhH&x@Wi9%F?^m>z>WpDmWenk)g1}5Udbf;P%OX0Q#-mo*!G7mxyZBjF>A^LbulJte z|M`~l3jjZ~|IwG4g#chFMz@j++!km#%Y?eUGw{UT2* zl(z{kqwUO(K9qXkN9Z-^K6)dL(ql54lBFD?ce;Er2jTV5j<2wqT-}$dz zC!PlP5HB)jn7F4Ce*=VhO%GBcQqm5f7y&*t(;Cb%N=~pFfQ|9*&s)wOe(;uj&Ear{ z8kEfi=5P!s*uc=S-QjGyRo(-qt|6_Xm|d<9oP0~|2y(~4?cXvi&W*;q?@IiGsR>ju zD`owXYS<#5%Kj!50U8aV-DjG1%+jI1J2x+*H}@t>O=#@>MJbAdw!AoW`QSMT#<Oy%3!gR9tG&+u!%Z=ixKyw{3Jg$ETb7eTiy%FBy7wEUa?Rbi^{789Af&c@OgQ zJ*S%Pmg?7i-+{j*>X3=x4Bc zdanii6q5vvAXWUvL-5?!iQPx$17Q-PVDV6|9|UF3`39PSn0Z_6RPeSlB8I8H>!CAu z!8@DKn0l7!zZsquu$H&={_=EC_BIZ;$R>WFpxl)`?3u>noMbn`Z3GXE!^R&o_-*zi zf8<7eW3;8{3o@&MJNB!?XT5b0@tHOSI9@eey->T~Rd`6m$zO>NX<)4(z^~;K$1y%s zg={xSs{3cZXW01u2%2eif@88K*)rbooKp?CPj_#-S|b7+Pb>PQe-d$&#D5blj3fhH zmkE4o1A<&L;t+?dvjb z=a-xUX80kjX5mf5Rn-xg9Znn8d`6n&$uz$J>OGKVD5<$7m`Pb3hzUGYDOhJ2%oB7$ zW}aA#+|O3q-}OR=&*w=S_rlYq^;w8;DRSASG)_Xn^qw#k{X0-F(jeF0E*Uw>0pS$x z$sTHK0QZTzt*aob!%wS!By29s0o<7SFdT8peelaJ1G;P3!2^^%g@z0_u9Mvcbw$#? zShb`n_3vd7XEtFZRR;I;-;*>0r}AiIAM4~MNr^CAZ{U(6xSYZx6eeq$#!lQVUGc}$ zdgDUcm^QDZ_h<ye56(I#DR7WR z&yN`4;2}?*60!LNd=|uL9G@NB!2@!iaL;f~4KmpFJ9`JAK8Q7Ss2#>))hVZxpOUOU zRn!6nH8cxnfB>ShTesdvRxB)?=)y& zO5D0SJ;1FYX&3Co#rIW#!xL5SR;wMmkrHIk#F*u6C}}og)q9PA?6R;zOxN>Yt`DyV zy2N&BSmesMoRt-HJ$axQFsdClf~25>ylu6Yod?eej)q9 za+MCIf5$T7eQs{TfgFeDyWvPP?xU&r#DSm@Z_PxIzO=iVt03M#mM|f;#jx{pb;g)Z z$2UOCa3TEFU~W$f7l0tLNmlBVu0Nvlp}RvGz1pW zHBm&YRhSg%tWpN2r#wG1bshcR`AFqCH$a-{)GNF_Za}L3NCk*Eostgto%_1iN8Nvy z?GLP-?+0ptf-Fp@`d(@_=pPOVqX=90>7Q!AMbQjn`o+HAt{Gvd@aPl?coRLLln3;W zP?oxjj*OP?QBGM~7mbbQrOu~EAh98cb*sx0j*h4I4%@yjwdX11{jQ*{egwB%H~E+# zp7mjs2cb_@aNN&7_#O`Wb7IJkI*w`GHg5!5gy0vzD^2y0`-<=*?Xavt?xP4vdA!xH zAURDps_PNl%)$gi%FQ)(p;Xy)0J$8cCCK0kP1dbmui;t)FG6j%1fZlUDXAKv{?F@Ibu+9e%kwmGer}=FrZc2+r)ip( zC0efYTJe7p&1z~usH%U5WmMF__ok=z)G+^sC_8Liy7NGyr^Db09;)1B9)GjO^WqRG zCG92~2L)|a4%d;hwRABB(#iL!iQ3fD>^CvuR37jkBLB6ShlcTEiTjA$8WlV&I75gV zSm<02RfnCd3Ee=#!E~`2Y%*MlPg4oE0?TWMm?4iqFg|>KhJhGB=35T~f7RrAU2o<@ z!A9#K?oHuN{Bt}L5O=o6uhtb%SO57^jYo_`ZfRdw291W0lU+8~Xi^#u`6*syJ_A?k zr`MgE+P=Z@G8H+RD$Xtf{zZG3+Z{$s4rx1d{bv4gay3?obqezC5R^VK(h*dT7d(+= zv-yd0cz54jLkNb+tcSh}2QKiUp|;k~7c^@!(Jz{tUOOcjSht#c8^!5;XviJ=^R94v z{S+YWg~Uv{8?qH!Jp|l=Y*+g)W`9W1+7C82yDql93gP8mU^9WjN@M6I%0Vbd9bP8Z z*?Yd@~`ci|)V-fGfr;82iMGfAkH;=cUn z69k9k1>}|lxvmS7BSEJ#j;81E34QZafq^pno&5!p9kww=g7O(zRK`-NQDH%1T>b)o ztoi>#*;_`%6>aIFxNC3<36S7kxI0O3f)%cXyE_DTg1ZI+!QI^*f)(!W?(jH$Prr9g z-@ZNW`?<#2YwWS++7Fk64BeNo$xB10+nUJwL0 z+LN_=ByG-Xzzx`UOJBltIoNPM^R4U}6|p1YF!0|?BPdLc0UXzZk)kcT_ZQ=*rv_F~ zqFs)K&`77pW`9E7i@o}=nUQMQdiB2&M`z0Sdk$^K#1Z5xl6eGkOir584h2L7!Snag z^`Kl<@~$GX!BU={X)s<{UJiHC2 zb?J9s!cwzJ=~}ULyQy=8C@@~-$xo%0u!6M_eF$#E>`DJHllH7BB>Ze}bt2t0!B`%V zN5}vmhY)Xm3zc&WYReH^sE_m{I)oEua7LR?-nZw1J9W)gF+mz0vycT$$myuFut5W1h0|^Y|CrWJu=2N7Mi$-jzvlp~WiE zm&p8O$;sQnFL?H$mZ}Ox!wYk1Ks(9E%zF%*%co$7ccMtHYzQ=st~6=j z39*?93D zD8d^Pcz$#q^xxkfcI^789a=Z|C3iXAQY-QC&&7)|1l(5$CvbWGZ3t6oxrIqP#92FJ zA4&@nnLu@7NdJ1JivKtDMD2%KU@JfeqTrxzpX6yLe#d&*tjxCIBjWA zeB8!C<`Nt8+BsL2Ilj;)6m`#Cu5F)Y`!%cvuLzIzlwM#~+nBw70*deDrWU*SONn*7 zakV;gJpJ>WtSxrtR+~5Jp!I18FDjWe@_@CaH8PFEYw!RYsNd1F=G-zlL|-ltR=W&& z8nWgmkms#EZk7_;iBFQ#4J_`nlOblhhN3m2W96AHKR=1T|mCJN`0`%Ta{_<N(r2oNa`78Eeg*S2C@ zACAu2hhSM@vA6&5aY+D(kq+k5S@sviU~Y_T6K~f|H|!1c)!gB*wW*df84uei7}~VbU7vhbe)@<#{WS^)oynt6Tc-d)n*&xuhj>PNyC1}UAykjd zeL)u_-TpRba`AUomRc`MT89y4kf(BwSwD=xEpC)U0XFvhPr8q*2LjOuH; zr!N7(4&Sdo7`GcxK-#^r=RUZLRS05+d`Z5(>7&QJiyT*w`*>Y@#T_Dj7U*(ZT1RRl zhRl!ny~Hy&w-|n+h(}@?6KKUCYA??vFON9By&vHw?Agm-c~4)kLw_L%3UwfJ?f@aimYf?$+vZz-iZ_FXR40DV?V)A2(b}`^aznnI* zo;8NLv|wHXdX;{q+NKx&Rl*#_Clui)jQQxh(Yb3>9(#7=>^-bh|2H8Xk!CJASmge(DiW5@*CA!nC(^E^ z-{E#y!%W+vX4$lH8nr&Wr!AJ8WKD9fO?FnFhKDJKa{y-u!GgT^>up!}m)dmIp}je7 zQS}ZKt-fX-DVY$IJWtq}FT9x4p+bqb7tGG&HL)+<5V4;?oy8@biR;Sv#l`#6ZoyLe zh}KO~;uOkZ8umeZgR(u7tBE>$WXC+ePgq8Jr!v&&Qj6G@Q3YMq9q5nZw^H`nWBjHI zqmoWHwL?C`O!dMP9L%nntkfUqt!dqrX9!B{@!)!5vDN;VgwzH9z(pys+%S zL=ThH&BR@^+8=Q+#DC|*=^ZnOxS$&O3DlsWMK-EIpVxCy{^s9e`1SXof{~R$gPG97&dxBb$q$X>SXS7#Sw*ictMW)^*Kf zMu~0JTf>W}4?A)7@wF{S^nH+=;<{VN<41_zC;O#XN9rJVYN_G+gW^yDarSQCq3?ufDK6Rmp=u_jUPm@e2GzV1fm&;C$ z)NwJlp~mDAOiR7{a0LN-%}JT4+N4&<@Ct!EKK;vI$Zr-T;F~i1fjdB>O;mn1+G&Za z9HO(}>jByjaK8X1vCR37Fv}LD5klFwN$!xa9Ntc`34C!HN|w00^vRuZo0$m7Um(JW zv9K%3;mme%VL)26R}{BGB1N%_3X2Vx@l&fUcotu%=3mpsYk7EBU%%;yGe}hEh3N!x zIRMHfD4Krg2`h&Y^C4Z$`Uy-^$xLorx8^iVFHo;V6PFB)SrgLUx%~KDLfZOJZOSSm zoheYfJtN>z5Z7Ah&HVup=*=4-aLb(UZ${PZ+O#()qx(hLv)hz#^y;cdCx%f9#&<;T zQ4V1?<#=unK3xAxV3f)EoV^qC--xwXO^Mg+aOQ(J8aMMaz7#kxO<^QP6)dSJ3nrpl z(?ZYE5FCaS8i-4cis^#BT_`II*fh4jV*JQ95P0{FR21tULMCR;c_sF{xEPj-`lGha z@y3Ka;)A1BYAjxH6U=;tZV!$0P+i(r+8&!Ge#Q^0%#aI3fjQ<&vB+9AF0a%sF+GtP z96n`fg&&1Zu0&7rK=yQ3m1y3l*6VQtjDxU)`(wAuUfzA+hjp9?nyt)r+s}V`h_p?) zi$3oRje!i_wx4KUKgpI~DB{QizfgR@g>^c6S|C~$Tg_&6$tA*Op3Xd4ANk{HtFF~v zs&CEu15AmQVL~(2KFz30dmt+F2I0H_@9K}`g>T>o@zRC|QUk@mTFiefTISbuddCuA-^{1w-w zrx016>e8>YZ>X|wU>vGv1hw6*sw!WMA-IvH97Q7ck(|0N}7O@4Y8`KYc8?{Qd4M-H+yKijb{TrN{%v$lw}Osu1UxX#mR)ReJ%annLyORF?h> zoU`{v-+BA@FLK!SVk)b<*|u`sjRnvGCVy&vv^1^&;RQHD_wSGKj(d1L@POE_#SWCy z*;)7qXTGm-6=kQp+(zE+xseHSb7~tk14h_9bU83OT1nWy*7byIsh`6e(&E>=YGa+8 z|DerUx;*CW!_|yquY9=&S@CxhyO$OVtd>1|IP?GSZ}@(ggS^Uj5A)79NH-&fCd_M!#f z;+CWY<7`W3>3aPvQtJ9u1`XQN05AoWL!pC_3h^3%dW8@rh_xZU28JZ-%Pk$e?H>iZ zi0~d)0-hr#szf0!RhaM;Zvxip_GsO`gtya4RBK6eW!gVF-lI==qgIv(9AlULUhTP@ zM+NaCrzFNzw@YRe8U~BqP_>2lbA<(BJE#30VWLm;$CZMLvw>wK>9jl5(8JvSIkI$ zy;PCcunV3TOs$3*F4m~uUKULJ#%(S3(H}y`&7PasL~WkBqt6;iWXX|z`k5%9w6P7c z68;&o#XE+xyN`E0x~*qY93+SPQT;M#YLdZf(T~q;z3=9G{;ViCj~DJxygT_H)*dqm}j; z1p{?uY~_1==iV{p34fN;5)05-dkFxak#lQnCs>hva)PBjwn5z@i(r>(!|emt*@)CP z(t*jMJ>mj%xly<2zZl+TV+!EWnQO>CDsv|Y%CdM-IQIk995odNg@;7sF8lWf{TG(jVzE#rm*Q`#9N z9S{QgaKw6lCA4Mdob|CdIY!Z`xURJB-+zAgqkyc-7 zJ%D)ukuoVPt!4)&$3>xNXz3JQ0d8)k{~!WysoX^PbE znp06gOtgohk(R6W#`s6C99?#(D-Ht<&Dgna%U1UmaV=ll?KbBsARv0nALi&He+c5j z3XjNBQNq$1K=`3`uPn^;qavDGFq&|~B+N=z4qz;Cho?^@V1-7x^2Uyh-IAYrMyw-a zeT?txegS85L<=A@)QSjq&{4VQJKUKH%IfM*+}i*~1I2W1rmm&M6#@eTXpPN&Lt065 z$Ut3X0y1eEsdbV0!7e`=f(HB5>huUaG{I^gPq)ASk0@119{YXV`eXhmqt7b@yM2UR zT0}BvvF)9cSrfImz^8OeyHgd6TcDf65_Y*g+NuiK_re$Lm(N(OiJnP1U(k+}moBm_ zV06?OO7=f(aUy)dW6McbxMek@41V`V4F%mmtB9 znP;%AW>43p1?o;fnk%395-6#6kl3+3xs(l+&jz|M|+f3TN>Vnks&hcuG`^F+)}#f z!E-D~A|XLje1r?^tdsQn(EtyW*5F?X!mha?io8?_#1#7EMP_)16w&qS!;zqxQ|r&t zLq~gk?Ua|_6jj#-%1+OIj$@y5AL%l9T^H>A5#+q}o#yusi{3O(F17OltSJ>8`L0wJ zbb3t?k==DaIj+lS_ZI2`b5@DNeFoKD)^+wn6Hl5>OzUDq1+{8fRFU$nDLTXV*PQ)4 zIaL#M%M7*ooW@^-AUY7Fodz56A+Pz~0W+``_Ntl_Tuaw6l4jRpeg&~NkNNll@14d) zi&;hL^`MxfAY^4m`~xNQ#y{M#W0i? zc&c#cBavZ8Rpg*QVPxjlF&!C4+XNUo_r4dET7)N*)oQ271L#X))fIz{ zOf9a(B86%~Ii)?#CQ^qdZ4$$UBWV4&r{f$rLh=XV&asckPey<9@bL87j15Z1p7wl#*iCmtytCW&=hB|G$Wb}J-3_pvOBr_ zOJ7ygAnvxaMTjr(WORGTCWTNkXH#b8=Y_uEXmX(!HjjsZF#-F?I$;2a8h}Yas8LA< zpepsYx@Z4|k}3_tNuGKRDpl}kl1nA9)@-kxsFy)ro82YO+w}Z1Ej$JTtZ(@ZFO8N@zV22JIiwAK3rKBRgpS+F zpST$FS(7g~<`h*IbN>GLikHXbnZ$)O-%sSC!1XUTkNO&cAXBNN)|%fXJ~&f3^l6q^zQzr!5u?o2i>=>t^`XX#dNDKfgvh$clrKE00OdvwZSHVG zrbl@-zo}C5T(T}Z9$J$jweP1|mt}6}dy^c!-gbm8SV}8>s@Y>ybA&4)annm4yWZCh zg*@X|k(7M)*9SX)r**4!DLIq2Zxv%$1#C3k{QqcifTiF-wNGwB>D5_^&rRRSCw~6jN7`(YU9FE ziuYComdK&1AbPZ>;K{tj)CsFa;<@utX%BN8jn~KSIn4or&QY^c3j;7tc0^j!s_Nl9 zKOd*c97V}TOix$xuG3%2D8F!;iuP5@45f^0BvFsXYEF4F#Wd61Sf+tR5@Gt0uA1 z26WlBy53!qIaHzJS;6+TZ*U#w>oCQ?_FG-Ipe-Fe=l zp1R&L_S%GiQJ@3X4pDhJQ5>jGd+q*tN_=Geoe$gRtzTrivZ&CAdDi@h#nDSWEo0;3 zB4pVC2dH?TH-`IN=5|Od#0dtbuzEJQ?9keppGZ~=tw3AJS23xD#ir)p$1vvCV4KQs zs$THCZizlN1gkY0SD`x->^5~%;7DUu74FqDW|&Av`fw;!Wz{wH!`pzJSj^`gR@FaV zsj$23UF-uoo%jWkN~XZ1|F z-R~PEIncKAkjYwEZ4eWMEpR=1=a^v4&>^&tjrN+a{*@N)ixOyIa zEVY_G@Bn~*;f6a!Yxem)V7%PX#2-x$9|Q6qgs23g&fwnT31P*^8QQ7Hq{M!#G6?;& z69Vo#+APExn4ZR2S1&L%&HU&O85?EBd+dV&cXP5ye=YVL_jeXqzw~uv8jbpic?j?2 zg>U)9c6~cIV8ofRh9O9z2t{!YGdXLwj4j^~8h7g^%7v`J&`CFe`65`m} ziY&QRZNsmnF_OGPny}|5RL)7NZ5ce*lFOE*6B}cUa7GIDQ(^aIh<>I%$@#L{*}>3Z z|G1bUIZ--oF}L5&N{&KL*xPy0>58>(IY(mDP9!6?l1v1v zLVc^LJLTbYVu$zXr4{L-a8&d8rI~%7c~U#~f>)3sdhAI3Z8{J%jfj;jX6X6=G!9F$ zhH~7hV+8Bp6B#3&<86DDJGk(}eC6}WzQ2f`qDpXEnf5Ppm&H9&q2l^X7vl@!E0iAN ziL^S?QhSDiJ&V5QtAlt17GpMvB^73>B~6+&-T2?WX8I&o4*_c?51?;%eY2}M68aK zPZ9JNU$!RdhFyQCpPeLW?`kD5xBQu{7CckhoU8oPYYwBCM~<3k-%mvV^2u zy<`2wXUL2ih-^V=x;eJ6lBLP9b*?XuL?H@A$E4wVaSyDezcPyIckUf;wz6j!Pu5(1 zw=j+()}NFEtRWMcLDc%Hsw~aCzkDs;c%XS@J~;&j;~kl5rC+U-`RML#^#1f}H#J0# zJ%}t2#Y1~S$LciIY?~GV#+Sv#pEuy1{4%^7qXoo!}+Sel8lD8$i6WT?r-7*jikyMK^6Y>3Omx?`JS#Iue?{9T{rR zfI<{f?zrHHx~DLH4w;(nzHVTeA#z>~$sg z{5(@9Df@Nnr`*5a@_(7_|9O9ZqEGr#T98;RE`6O)1Ovw3-wS8<3LtXHXB9hYVi8Aq z@4}L=g~DzH-Oa9;`Her;w^F|N(Q-(dSrZA#p9K}V?;xc9PL%5r z;e8HhRPE(qF5{%V7Q={!$?r-308xSLu%3}*_|)1fR2nSuO?Y8~x^|VXOr&~FqtD55 zNV3U(pXXa?5zed>k9R$4`q#U)u`&mNw}h4HCiqZ zo+s|k`W%IQp?n`UnC>f-5UTG?F#B{+EmMtrJVCl+y}qSY(?cZTBh9%X{6( zlC7}ob`B#2@FBD%8L?|9rLJn}P^qt)#hr19Djh4u9LB|`J*ADFEQaw$GyzX$6fL{6 zcN9fPiNVe?fr^rY(Q$GnaP*kkUODvu<35~BVc_TXAyJrfiTVcOdrzk2e87+CR33MF z%%*vLsNeL$!g{vmuX_!+GFRqJb-t1<^2{>-17o#$p^an!MX=qK-SZ^%g-N9qC-1cq z`iv;`B95z|;}vI^GZN#d9fmR!-yON8!n^ax(Eevhdr0jdW({X)fQ1Q?k4Cn^ znb)rjfslsV?R5!JVD0>M;+L&=CfqlFnDpli-(%@yy3-EH9qY#% z)pa^|q6R0~-NtnF^PnF;eY1PsGIBdundTXP++n<7e5a{M=ZqBke2yaHZC+GU6<)?l z8!P`JIqHj?V!AheIyZTD^sf&Ywk@~oVe8%}H(|A3{*M$|myzgPTtV#O_Qjc~_(wwz z8v?@P)XGXwQX&2)pGw%X&)Zx2sh5W!F3b1cl~V0!TR8Xbi3LJ1SVX}SmL3?rK6Xb( zJnOn;Nk;H7K;r%Tx6JSxXTqA2!QVRLMietLMYcr6Ng)DsnmM&RAx^F>Mcj_7ad6JB zPilFdZxkDT8i8?*x;ss-agWBns&u+>c%DE|fTT_NcPhg71?bz^VR^p@?pvLRe7!WV zT1XBgh}Z1MAfPLI)kcCm1nF;_taWCqE%gNXhYbU*)zxW;{~X5FI=_QPgCc93YZ;pn zxUpL+y5xUSBmak+{-6K*zb?Goks=9Nmlo4wGgE(H>OCOwUwJ4o^l5bnWYRI={X;y; z2KbFH6Q85>;Bd2ar@`wYxqx{irk*$(^2!^L25@lBA6pIvk4dri!p-dxE3`?WNv%?b zNF$>ZY(_GBa1bv}3?`Xyu)YSvPY{8!;&3R-9Cr6I4 zSP#59V7GQ~^{6nb{GWMO^HE>l3g)|(ryGQ@D}hcmAOQ9e&DPooRnybS z5by{RNj5_H$3@#kVE7XKHwn#xgm(y;DPRv6? zW5UM5i|#}1sbcL#Zr`1knEr(=whsK918fNK{eq>&jMg7cOT$C>NB=oBO9_Mdzq`FY zB{X)ciORnc>mRBO2U?uJmk|_w_I7OFdJ!Uh5ks?UC>qOz)*(B8o@iOZ7Rj`1f7Ea` zke$_pIk8L>z?oLDEIAC1>>mclVE}QuE4!Zux~^x(NK$prASHEw{qMf*&OO<8c1{pA zX2}2hwii8&0X7oqT^Bo|h>020Z+*Sqr6r2z@1!a&uPSh(j0W4J;S1%|c86tB?vkYP z>fV2-hR6SV9r+JdOn=Iur=^|zOhdD^z>O1|rpG)w+25lnV1$K|koTFGNE={SZ1`4u# zqG)O%Ure?9;52u8etkC(4iO2A4WQypiQbHj&j=GIa;CL7PQ5PWLy5Jk7T-Q5>WtN!}g;8;i}Jm#u}+1)2o;ZwO5Ryn$eS<0%dVCI$m;TYR6k0-7--Js-ZmIdD z{f+tJFCYnVe92z0p;|1J7Z3Nsn7EcDBJm%3J0S+l0UQR!ao<@_cp9MNwaEF6>xS^% zqex;q>Y0sT*jt9xj#>7DoY7HeEEYK<=)I(q-;$7!HopYmO?p!_G|`_#T0m=c)^XhA zOpGZJ^k`&X%MByQbaRv-MBH40NcuiWk8W_TX3+LzihN{v721(&HQIUAZ{!nQD=BHK z`pkTO(i174Zg^bzNP_|O!Tz)97I@KO4cB0x2jlX4(AHVO`uV~)Tv-RoOg3p!B5fN1 zlFtFd8yD-?_(6V6s5jEnj%HhKU&lLr-s~J* z1N%{31@I#tUM)0c6LPkf>7IAoP@A6;on4L#Yp$lXPS)yYf?k%R0~_ufbf)t{?;H#C z^5<7Wqx`AkZ;$$@=wvMiuSW?B`6eXqyQpN&_r<8twm)rNkdsPjny#75Q<9pl{W#jH zGLFU+Q_UwOvH4}K3SQ+HzQOs|+!gTG} z)=)x1{&MnZoWr$Bn%QRfS(|7Vsv$|+ID;pUyV@_yKMYZIci7nx*4{P{x!E%06ts85 zH&9B%7ljU!PsvIn0Cm+Uq}>?fTv_pF*lyE_>(&m<^_qT5>^}_Ce-o^o1PYz!#lN#2 zO-xKae;7~BFD%}Qu>D#4|LKAIW#oNE9V{Y1bd;r${fgHdT=cbAZ8kv6TYKZ|0FE5f z)9gNLwzLATEz@gA;Co&JFT8Dd&{~Huh9m3>cK;Q;+>sG_lsV$%?QUL$4YNie@|yuo3@EgnuQkL`9J ztx=k_6;g!kz0rHIj%3R%%>!EKUiE+qXtq&_#(9&Y<7-3=G#XpvZ8S0GQR}^@;_D3X zKI)D^XdmCsVe?P5$2|O#HZ_NcCOcyWP8z9=1|vl^kZ-Cn_h&i^V41D@(bu!I6_F;# z>8%WUPN%syde#eS^Ie?}EqLJG@Kbr|qLDR!CaxJ`yN}z_lw;=GJ{}ge|4zURfSp{4 z^6wIwv8rk5P=(5M8bLMdn(I78)G@I_TnauYVflx>?U#oCM}>{?^hUq6vuWTZk`%$S9)~5ZBDn_gQ@uXbh9Z4GC*NxA{v>QL%pb4 z4ZUIaE6;^#!A!_WDotR`lCkYSkBaEYy9YJ0En^53I)9P16;pL&DI{hO?(aVbwIX1a zhxO7|h!S!n>1&BGefH8VXajVEB@Iu~2$$O#Nv_0Ou}}BPvjNb$8EetEcD3rFoREOU zX0F=E9$yoZLNcx7mP3YzmJbkpn-l*X*RpO{nIDym%klI1yCg@Fx8qg`wZL`r8EDfr zJ0KS$Qa?$$niF2ZW<2}w%R7C1YAQXHINIBK@pO0Pz6gNA*sU=WCYin0(=##E%F}`X zYQ2WD8CZVY`RjBumudGZpM(1S>xTxlb5IkCt93>Q;x2!W`0S6gJk10Zj+|eQlp!L%dJ=rB z1dSc&ygPD_$-Ci2Iibw>qxg~9%_tq-`q20-#68uSVlw9F4kL+N4Y?zoB<1fNY{>Q! ze&x7(sl25H>}>gevl5BxeJI@Qq7lGjeLSg3Lf&0VohdBM-c<%+1kWj_3ri5cj0}3* zpYFxoZMis6I#QMOQy&?-lSQ$?m6LT;G#v;t0oUnqoCn)Dew={$&8G&0u6fyz+cYWM z#F@OJLS(t+wV82fUFh+17p`C>6J++or>WJaK898LVa6Bm9Bb9x`{Yhbh~{l>eIQZD zLS0cRql~<7Us9-Ed8oXQ9l4dn>HuQp=N3{E?_E1Zt_P~Ie0_0;s& z94eF@r5H^nHza^z2pH;cLkyQa-6d|jhYePv4|`hWdsHNDGx{f!En_vo*Bx&-h1D2^MR)$v8qh(`(n$aLHDaetz@ewQ0R-f#EX-ptE20Eu+&De z=krF6T#vutd+N5!GF>Qd#OHhV!XKBeOZ21jv8X8xBEtaxM+D=9ncUiMsp&dq$2ER+ z(onk-j)B%jK#Rsx+{i66V*~gomc2bD?oGraF}j4b?#AE9J0_g88+SJYe;vkViMqat zvyJA!neS-ga$GC9)ri_XD~~#Z&%c|J{uyR)d;Q7TgeMoiFKOwjuIJl3b{8C?#O(oz z{szvipU`%d*EcaUMvy)Wa@!xLWkg?pJ~`;~3!|u+1^l$Hg)-lQJNtQIcSU-15nuP3 zOo};`hHxxvI~Rk9fuo|@koTt%cjM>j`L9?D;Ysw7Lqn31Tt)t{MzbS@DLZpCn=mea zNiF16uOpu5y^E|%x@#LeAVgK0PE!SK+s;8GmV7C7&6r4vS% z9QXKuluL%Q4t89_Nq@wirs67F?JoTbF&04#{Aqvu_0g9%`Zuff-!P^hB7Uk)dDwgD z6|9#TLPRR+0DBo!_z0|x-40m1UkhkU&O}B&ktBMShJ_JZ+G&{p7anp3XZ=v^`sf_g-ex65Visc%&Z}YG zgvcGc1(4T{9&62Z4NOgo@1@zNXF1w)%tKZ)4k#U4!4L2CWwsgXq_z5VhOJf`lc4Ch zNEMQdZ|5$klZely*KA@H^=OFE3ArghTxsSlfR+e_Oj=>&tGt-$V#n)zli_Kb^xH@C zh~rn#<$J^g5|gBqi#j3oyZ9<|b$NAr5gj3Vyao&6|L!m$`B!{+_v1Rgwb9K}{?pA{ z4@ag=wU=)^05DXV|0I8QM&G9s4)PVg6MB6dXM46}=u3|Tb9e%`w2Wka{>4D3#i|fe zi!?mtZF?Rl1{53~iKy$a-JU7*CawIgbicoP9iZc}lvNt-L2$V_;JNMsFJE;avOIfV zoz_6?TjAV+A6+o(qKV{?dR#jIG3Yg!`oGI0z7CT;-=>n@4}{R1AD&K;jIM8QpdteC ztSps92@W>U=)(~V4BYm$N-8^}UCzgdc$!@?UoZa3Kku$cw6^e*KOo@S*}011)_h#a zBUNf^@WbGr9^7w>^U0*^S}Mf=gVH3AC!TWP56DwpM*UIh-WA0Dp|G5gE73{Lr z)eu8j<%6|&3s%|Q(;q0Z_YT$FX~UgPZUp4q#&chcj*xGq&d1nmXYbMw986=iRNOYV zLtc(I)(M031Y5`$o{!i6evb*iu7SLE**vewAYPoE&|IW-ABfO%Wt*ocRe74p2J3HZ zHr-E+tttZkOvZW=YOO6sti2d@_*gL20(FuuTTw`gk<5c-T7cLQ!9 zlkXFuXp#$3-I0hOtPRFaG3)IuA7+@A!!7RJiJ#E~#Fsa| z*jMp4K<#OoCiJHSfFO&8C$8;b>D@DSGjsX5x)JgS%o<8@V`&oSWJH*29a8|8X+lh9 z@D0SiSyY%zrOjHgF6ls6N~mUI?=T#6sLPXLb|IxK=s{hD6Qff{!p#`nYef|-@{7Db z=1z^W#va@+Ed#=lZAxlJU@ckc$MyFS(UpP?8ggk9tji6f`(fKmx)yrZ4^yJKT|m8+ zO5mUT@$v^T?L zyaZGoR1KUjA(~Rev50CN(XsL%7@Qb2Y=j}IZG1F@KOxj+P(<)_bt8`A0?5uEKC%ngG zCB<=s`@AiLYhx)wXMHJaDEYpW**#2Fh%|_BbSbpM*ObYp`Y$rG)Cmt;*h)Qg4G}5T zRwcUz`tMa@+?`zm_3<6=8Ry_pMHkdwbnepLyHl+Q@)c>oWP0+UaJm`-MG9qE^ny{r zx3txwvF?6i2J%;g)9?Z&J4>=SVctlZR~8)JS~b*{v9uZ!;6otgF9b4X4z zUA>iv=3kv_k4=*5_2BXd`ZqlNxcat&?RK9ztGO(_?;wl$ha#h( zdKlj)-}$YJbsO9ncFQqAxP~=nQlIl)4}tNQj-iRNh-GYp5m}Kr3f1ezT+5lR(Lus2 z$L@6_bBy$IkC}PZb-STYELVva_@p8H_}>G6bwX5PgOY`4MX)>gQgw~wmX0bbp%`yC zq_kc^B*RmbwkQS(W%@=i7Z3&8o;$KOG6nRQt)CZO8`<0EP`op-;?TU2YYB^8N8}zz zzCJu33|7z|ZwxvET&^(JBF`MHywiP0(vC zo_J*KCT6no&!c@&sLQ!SBh8g_ZoxtNV{PenrmXYne?L91AtGLsxDqldf1#*z^aBOO zYl+5m;P>$@2mLsC9I)wgCD#r*t31JEu+|`tv1N>u(6%D6X&1zhNv$g_XOu47bQ~S~ zEbu{wKx%_eL7Z?lyQ@QwM-n>z2*q+jSEIby^FTszqDm)p<*O=f+0iCX`?I%rvA6)Y z5JE#4s(7FYPP8>|xDk9=QAXZzi@e@vt$_QbxeWlOcFdV$)Z;DEzz&-RzbzL&8_p{L zbAZAR)Dx9KFpO2Dx@0s~D5oK=4!^Yt6 z@q_9F_o<4eh*q1!WsUdnsd7C6l~|hj_x~zsL~T!7pDQlvn?tMPiC%LVXf?C9B>L2g z?Ps{V9ZTPB5xBAx?7SHpnQgE2ZIsuIv-0W%JmN3fD*PqoL*zEYFYkM^$zcd$#thki zv@h+1!ba1s&Jz2F9=D1&^I_m`|VFWW04*^1x9u3fWPm9 zt-;#k4LwY7guJdIAD8a{yNhIqn6BlI=SL>|hv01E{oorPR&VYPT+2IH+qtFEyMqcB zI6t2d=rHp5%wo8lM=LLj?BD+#jeHKLHs+Rfu&t>Jd3bj7qFF_U4si1RI^0{oHCv?e zSWtuK?UhATR3bM2lhh5Y&O1IoEuT#^B`CO3R8icwp@vSWQ?{{X5gL8!GIL_uN#sfj zTBt}0c+J{r!s>WCOMh6dg0l2-Tcc$`h!SEhXUS(hB%!i@DV)9UiJ3pw-A0C;OUbtK zI(p8-ZZW3tX^)&hVKO~`T=kf_*6I}QJOtvj%6WOSxvn?}5St*5^gDSqKJdKuJ+2~? z0CkQ(kk(vk9nmZ4EQGo=5VAs(aCspVm77V(OKlN)-k3*{JcR#OT_dJ1g-mO!ZHxo+ zpP~5nUO3s&v5ozWut_L&w~{u{nllC2@7T+-&s`dLyHN|GS)q|g@2C(DjZZ`A?@48Z znfmMW)MDh_K4pkwt$+C+k_9>2?{TU-Vebn4T-q#$z>9Ruz>>q!ncTT{p+3FggMzRF zDcJ%KfWZh9qt$e~F|jD4rmcwFt9%V{i>5qLMEFM`9a?#O`47W)WP z&E+OX01N9RUSAo$El1JN^alZXsBh5dWx~dC4)z9BqO}B?=?}D?X5xh5n4;F=5?7{t zVG1Z3SZZDNDU3e&AY8{KWE_`%@yvoT_^{&f@o(^)Pa`mRAZJ_{VT7x^AM;G_eIQ*( zjW~$k@t!zO{H2oBg{%ExEb4x!%m9MR<+3*6L0E!78(7zn`==Vg++@sbe?O=yk@r|T z^`b12W{2ID&(}vL&L~|b`Js>yr2K%f0DVYE#B)rL^@zo@S5d>q@RgSTLWt#bYP3-8V27S-^ z%2zTJ>jC=n`|F-NQCeswRnxNJI(*YA1*QQtq9M+4`kEBSI{5|^$<8*h5Uh)o+UM%m z=LiTOxx^1za6vYt84WRPAlL+Mv9ZCa+q2lnY0b&ON5g?(kUUqOF^^rx>KeDmUo z4xOrJFtZ@tLmg;EBOSTCXsuYF4fxln=DM!JmDldEwq%706O1~+omIg?BQ?l|%>1fE zU_#n!bSdLp)>6c;mN%)+wx{S9pM}9jCHAN%H0r#kms_cA(@n6K5wi7XOb0F=Q(AZ= zIL^8lT#LdBc^^!OsDY}G**jqhx^U9fvwD?NxlEB_g|-pOB{wgtzjlL+Zo@4YE2p}N ztt+BGC)TnahAG;a+C&JT>qlHW7xwuO*Zlr{W{f=a#l-+XQK$|()t3o8i=*}MII>~c zAtDkfGN$=bW$Y+?+`c3Axaq|{>_o;>6zf*#>RXjSk?1a5exRzRlO^0u@g#4+Fb@{Mv z${pI9%*D!Y4y?7N+Q^;|r5v_yFI_=7i=X-%>Z{kDD6!*`3wJC2pvfW)g`%Ti78Av& zdC_4kHfHy9#!XXIhVgErV=77Yh>OXB>Z(S)Z0Q%05O82`_zIisDk)-tRTvHv_H19T z0>~f$fui2_>eTv$*w{p&m%k(PtE4yy-KqWBa|!4eWgv<;c9UF_CMaYafhGIk!(z8r z#*!C6T1z|MgB{etF2JowXN87$ojQ2 z$=@65LEG}ptDI+v0jB$|u?3_-cN;#v!tC#azz5a}V5O?8E%Pz$K0)ppn2Wx8!Ahym zS2hk+A!-gf68B{eG)^|W;CMcaXnRLZNU~J)4zhb!(lv1^3Or;AsLYg zIFEX11!h(;Fc_wV4&7B`hw-?e3?m641!QgLaxo>$Fc}fpat^HaCM@^6^EB5$t^J;6 z*Oy)woieg<^_OxbHt=nfTh}2AjSk;C0pc#FfU9&_tN3)W`j?7itufmAa-U|~H_jmA z@X4%&$!R?DI-eWodT|3qq0kgzJnjaAe{L$uf7Ku%DQreZ%NFjp=m*oun-=Cq3dC|a zl<1cmYmhrm%}yqgG6~DEMT4*qiGf=se~f`S&mb)mvhCAs{4cq@$Ojv3I9z|IeJj9m zR^N5Zv4CHQF}p;0xQZewa{zXd_TEBPPL|cWpAWXams^H+@^?KgGJavu^7yS6Sb&&m zCE+kMi2YRvJ&%bU_W_G;4N=>GV$`NDAXF%CXF|azZgvxph;Ae8&!R;XxP^mRwOiah zVDe$EhW?EZZj|!0&D$FU)EEGkV=w%(XYT6EOjO;4TCufx8AC>^M-x?0=HJOhLf!(l z`h;9$=b*zqpPVnwzPPB)R+saqKwM}ppa91*a)&=W9D24pCe(j^`XTs3VIw03Uu%^p zB-(AF5^E1dpfGGU99akJ>D~dZ3(I#S`bC(ua2-`lL_`)^FPm2-_zeRb_A%q$)I+X@ z!Y!)|fv1kjJe&YkX{Wa8>KmI%@!D?YCw^&eNT!hNa=*<2b;f8h3~g{~8CtjAqKVAc zL^GU&yk$OWIQC3MM*;ZOZFH?cx)V>_5BG4a%P&A2S#WdVfUEbrIw(Nsx2uq=hS2{; zH@&;39PdXOMLa5&6Z=^Q)#sMqP%n=mL_vMIP#^9mlt%I=1(axL~anR zt#=#J+w%-R?CC21ih~P09;5429xQSwg@0OTNl`L9G#YVWhFN6U_F_{!AzkHF7rrg> zSUx!+7pqWo%oGa$^HK22F=V$7229mB5S+W03#=;Q!m?s~T-g+<`Xxg0=&Nu2AZ zeMxVt$Ag38`3L-SpWt@dPE>rncC?gsxRB(qB+E(BN}GCSfWi{>L4Hbe6V2V5#gLsi&JgOHU@;E1!p<9Hq&Q3omGnQ5B0oPDhqJZV)=>C^$LJsUA}snd zJGy3sIi=%uF$?#@n|&Kl4zW$rJk++P%&FWo$--g11 z)yu(zlE;2(caiCZ(h~PfG0s2866~IUyWZ7kyer_ls+1B2+KQm6vnD@3RYqF1-!-%f zp#CK`4d+0?DAlV`KfuZ=J#Ds;E_wJJI%>bW`lNPdrFrz^uT$6o#oA7%AI9q4)q%&x z?8)yp1}zr_UcU!P;?Bw(fCueiwJ_e*tlo$;b-On5sY01VH9i_0@5pD{KWlnZLB9xa zt=ff?^P^^8lap%4G8p!+uB;N0mSfaG@l4bW36V(L`sA8zjx^5)&q%{n8WOYP6@(rr z0~2Y1Z)G~bfp5J3QhmH(yU4e#=DcS{bG%$57k((>J44j($L;hZeYyJCKCD0VnfJ&Q zqpcSkDD;uEoqp`_2_jWYEnfNqDmTm<_5nDTc-Wl9w!nB1l7fpR1x?Px52kB+p`4QO z9xPRsVc+_m0JNU$9znus$N#2iY{VsDBGpa_0c z@)Um$)K*RpJrcTJ*Ld;3SbZ9?zTNA@GCn9lopu(cWFPY3Q9cj{-({? zTaEF5;2XZ-d0Sr+4bG)Sf1L$K)}x{}pVidJM$P0k0y=z77{0`#(#}0Yr9GrpU*Mwb zWPPg&FuiB-dwYgiGjAhbj^ckal~`lXXCr6_z4S?5t|X2ZPwQJ!jmTzv_%EH2q!mTt z!YM%+-z5Z`Zcd;E($LLXinStp&H&0*4A&oRD0O(fVxlptV*c+bR9vhKVO5bSG#L!1 z@2;;+D2vd|m?Y3^6eUvIDRB7Djd(k;LcgFM$vEAmRuPY)X?h#M$u6qGj`1)dzq1k? zh+b~88&7|)VsYNBoUHVn7zjtvAlc@W^n{dGw~;hAn+-qmbOq=U9XDCykar{z?9^Js z9`-%gbA)p4yd>GseDSe?h>@`!=33c^PX==1ImH6pR4Bap8#iL@S$Eb8B7aj5B_tF)+(^;v^5(-+@imgMo|7@l}z}xA9F1>Fl zCUU$ah-`f~^<=d7%i%A{c$D9&(c#Fp7=5Ui+fKq+{GyStk?^gz?!1S^F!Seo0c17@ zn=5A<*7Tz&3kp@u3CFLv)$hxKM%Ju;;NShb%>u`r4_prmQN)wK$-=IxM*wd*6{iAP9`V|)p4}c};12_< zZILgYJUAcjTt=!K!ekBKlcVR2iviLmVO@s@EXb6O7<&zF!D2h6?`-?~Z3-2tjM{ha zo`YG4CnFy7knvI!mH7-GHP?%QYuekU{ng(VBi|q|*28%70#?DL`8L}SVBTgA@8W8-d4=a^~L-SxB(iV+^YVw%i+0gc#^cRY~SU{HKEKMohDFb-ZrxQ zgDYHLz~BDD-=KDxzpv75l5#M&_qg0mlKjYjAki=v?&|9kmu4)TtVC4ID9Kj7Q!heL z1#*b39UAX)$!>hR>T_%NctD7ya3awkZEk-S817{uuG#EmbX=%Y)OhkwfIPOpyq31l zM{t>C73aU%iT|S=H86X{!v0C#8WsQH#gpHas;X8Wl-qh(nUgE*9%MC8)z-b$QB1}< zQ(Eka%&TXccBGQ3vw%)6lU zS(C}7AgL(vq!b%<;DPznv3pE|C7O;k5PPU;qc`NYcDU>Bz+lqrG?b;GxT&$QQCE;hs+hn&>Fc!Qj=cK=v z=|Rr?4s?hV_>Am((y=H7WOernDv>6d3lFMU#z##z!->98*i~?y!FCi z+CS9z)-onbW^W52SURioxds#p?n>iC`V?-oSUq2boo|%^V)@s6(hrYLSo% zH+yGL@cv$KBr7ho*TBE&8ns^nL#9-A zwgPa}fB7NMFyZ4*`S7Hu3s^4{$3kZqRZ zkmJ}?{?2ys%X4K>HJopDJ<9_2A$vm{5fZECYzln7zxQi%t3po#3%4bRRv+%AEq04f_i6FA=NQ;GW9qx(tLX|Y; zl-BfwPGHV!2b(*~RdC~Pd_j^_9I;`OQXFS3%uaotgx))qAJZ1f#&#G$a|4!B)8^k3 z(Zq;|>-*sdFq|8%=}GMTkMy_kJ^abh;12Rz>ZOKp+}fFXhT+k!p@;PGsT-}d@t=Z? z3#i+V7MHo!@?PCw5bM+e3+oNI}UO%%&Wn<>}yBq1$XAK=?6gtA)L?IRD7`|rz3<4|@DMN$W|0tvkn97VxB z+Q1e@QI1OYCO=+l$0;axW8Rx^E_~u81U4hTQ}>4Ovb=7l*?e8X(Dct+&XMYjbYm`S zFn>0?KP4PIhRBZyNNcEMf~+D{E^wyD!-3da1@zj57G_76gV(pijD*L5OR#>-$(E<5 z`g8cB99bIKzZj4;?sSd1hn)h>K`d99{%W|yY%Zy3whBP>@8LjA7%#|Vz8mb?j-TM5 zJHMqk;#z~a3;D+^NPs2cBy#*7-psnM)Z?{GL1EEk^S6`Ft z#Mxkzi_vs#%(}t3V_PZy8APJLq#SDHmCqdXE3bg@rBY`-o^v=*>wNTZ=mS_qr~VjS z^!^itvqVpF|-wgT>3sw_G1lVuZTL5>Y;#4)wK`*K0)&14y0r=}quaxrx7A|TA zc$K7>jXO?H#I45XmA)p^M+~=kOT~UStGEO*|Gu6=%)pjOuKsw*r9C@MA$yk!?zP;r zT54d!Jg@{GAA!0l6B2&X=(guq+Z+i#Zly$HpBNALZ03%{n9#*Xhm|*f5M(M-&KQeX zV1vEh-hn|ncRO8_wK+v=m3iM_nu)=^_U&Pd&rN9T09Nzsj=1?Tk`NT>_3EONo|mVs z&yPC;W=&!?U#15)|KWq91n}B;AlVA7`;Wk#GtNK-{LA$}4X_ju4nrw>TQ6R&)EVuG zA(Gzw1qejMD-J$dJp5#5OFG&3i88c;1OtlB67gCi>wkwWdOLel{d7lR*iS*xPpY^Y zL|uHYIk`@!l(4 zQZJz6rUlotOYs{KczQ|V#&|alALM6WjfK!IL*lVtiY`&egi}eV_jHLgw0DJXHI;)L zBnj1>@K8ENkw1K?UBoihP@~v~e9;0KaUScF#_51c440F`o}|wmPj!bj3osK!cYMog zTe0+F{_f4PJ4k??4g>wd{?zg1#4sMW`wr@oq$k7qo_r&%jdvn-H>=5caod}#+1$j2 z-hXn-DGj?Yv3ewYHvXo84n!u`%>d`W2o0rco}ai_rCri~(Gby=c`aDR(qwOIB3p*! zia2Eh4o@VE_36gM z3Vhm0=tF7VyIkgOxtTPW5L?8kd>Zsn*_HRw$skNQ>Qr?{aDdOuQnB*UG{ub;~gX{ME3u z(4e6C?v66G2a-bVLAux*U6K!KAO2H_@AV`}Kc+Z=U#D4Ll=_vby|NO&kG9<6B(*Kd z$=n%be{lb5*3QE01De-i+yLDZUOCai3^o%Dv!<8o;auIj)iy?gA+4e5yls{h-wTA5 zxddoBWLVgKZ>n>%}+_{4^_o8Gyzx_!=>Qu0qHQT=30 zS1a%!J!CQq;|`$ht<)?#Iav@Y5L)Ld&nZfYDRk!Hb6fbV#Ne) ziwB%)EV-W4bw~KT8K>R2nnHUmqc*N(#($+qV;{FLzI7Bm`X`zcr-(@?uWhjOcakJ4 zI>pErU@da_yAuQIuK?TAio!^FJ>I* zwx(xNnzVY?d5X=VPc-UnA;vWNY2$|i(z!MptCpabv;%p0mm>Lmj)AqbXy?NU#_b9j zi(1bIz8{Fb`y&x%lEPnv*YY?i*l3K0Ye?NvWz|PByr<^(okrK!lB1oSP2=`o?)Z{9 zUZFjm>!x9VvVl1ewbY9U!sAG1A;ceMd1wDmoZUHU1-bWaNmOlN^izUc1D=}gvWuuu z0MSsu-^tvCm|4g>eugo;TFc;ycL$1?2!U=Q3<3!; z!O}p-N3Qw<_M!Ec(f!$h3BV8Cv?#Q)goMQiUe(c?yWEJp-cYb#JJ-fjAEq<4-dbLv z^EYLrkGQXtShe&wEy3!#-n_e}lq-lW^E`A@_i)5|s?vRSr4U^TsF_}?aL0dhH`>C4 ze2BkcDzkDax+5F^7aKVmZ!$rV)^o;GJT?{U+vczPZu_bIV%e9$9+Sh#MmV1<)-{JtgsS&XDk!y{qXB-J(9ZW6OWf%YN%ZI-^8F1aXteJ)p9dC`WBCl zIMI$_v*hwjm7&E^vf~N}zV%96k1ohZtCf0u2KmjfE-!c0xH%C?eM4UE@1UC)1g@PS zXV`~EB12?ugW|@01|LO7!-ZB%B?}EX6ZU^tKU7>H^GhYB3lr(fF?rnuf8Nld4aES4 zp^R+s>E zmfX{&{%UwqX>{s1f9P8&mHL5|-kS&)i@jd~J_8F&+1`{$?BYsJlSS+-+ z`T#bs2BpOmub!zE6xZRVvEdR@AUU3+?7+P`m#`4Cv%|*Mk1O+j?<#HX-m#zi4DKY^ z(rYTVV_V9bTEl~BUA~^Wkf2H`U)P({HF2sXv5gXLkyN;;PEdWGQ3)ST{9&^wK_A0P zf4UH7>f>?>h}*1sZcHNuv1Wyb+h>H+`XxK0GLb;X0R&c9ke`l0WmHHVliHt>biH`B zQ`3|HTwCeguO*xVZS6G~^7vc2_-It0$P}O`LJI5c!HjdBmw@ZjTAe$9LU#pXQMIc- zH722ZUc>JL%CQMaBVP+r?fk^W;9rim-72Uu*gfVAjrQByKdyLCo;g#c|7(Ge>_31?xOSHd8YI4--~W^T6)v zTl$8JjE`J@)zhoT!^1)1khVW~l22q=`xC|3SIqJT6s_L*q#NOj29l_B$$#aR;I;}O zQga&+=FRvwh&K7pRz9{qnnqR%ZEJR)JR(ijH=W}>qN z?F9xY5+Re7^!IrJua=Bw}~ zN{i&PtkK-c1aa+CBIjQhwSIo{nVlC|$M9LymX9g`=% zG5PEI_gA+ZIxpN^s*(qG+!2vQ7U()CVl0?_iw(i753ZjdN8qcbj$W(UI}&nw)WiyD z@gW!GOCfbVcmL1c`QI|2Z*Q~Lb>i61Yc`ku^DLxm>w}AGfW=qZ1CX1W4i#k&it~mA zP+K)11d(E+@+6~&bl^$}Jv(V+Zt4w*H4J#1SI>R)HQEw)NpfDZdTj=cm`Nf^W%{j_ z`P5V|fCO}xao|V}P4Gqa2l~YD)vuKq;SoJ7XPA<*C29&60 zf!JP-!r*jMJ9_x4TwU=b6S>AivVpAmelU6iF*q`{e?zb1v^$fRXB_{wo?rwomo#18 z(5|Gr6r7)WHaNUG4fpUrPIJqf-mo%wWsYU0gV%j-liIklT-LLj-|?T;2~7)$9B->)ov`mdK!pJbMRrd1{S3#ykvyF9Vl5r3vZ z@T6eaKTZBF8yJc3RkZYJPwh{5dG>0U`AJ02$035thHXO>YitU5I;YnZS8zupEk1G! z@tV^H_R3;*)H0)d@kCKPmMu@HC%*$13Pl!K&~DeOUVa#XtTQ%Z=eIMjabd3UfKa=> z5)-w%6}VyOxBtkZ#1sYj;oWutBx zJ-4RFhh*L$(u}SS*p%Q~`y%=VbWP9Z7&CnN?DUrR}S+Z z8Tj?ke<69 zx<6`ZT~kR1d#C+FX+e3hCC@GVtwxsSXy(r&y^)wmu(lUDPEjeS#Qs1gE;QJDu0}Qv z#aGq48MTOxrn>6Qe0kmZvGIq{^Qk${IITX_#N%;dl5W^C8fnKJho8q70229{BU>|B zSx+b`KMb;yCOyGWjl7Sd2;CUpAg{;%$vV+B3qp|WyW*FnPvOm^LPpH1rd}e8)=N9{ ztM?tTo-iJr`=WQRV`OCijWwc=EQpe_G`-{SqxSw}WlTN?19c z*9PB$hS$Vsl9@S(zIyARSRI7HNXGiC&;F`nt;?^_6kgqJ>3N)y`+F>6mEXb0J2XA| z+y4(xQe^LKzW`LC1|EL;FEsQY8*!ILc$eBU*Zn?1JoA5!0jF2A;@#d=AMmdPL6*#T zElR&rB5nPBa6A1g(M!xsfQ-I9?P~?oWm_q&;JSZ1Xp?LfmO2W#jiJfgbqcPoJmNl0 zXtm90L^862Aye`U$AEy}jm*LlzJ`ZA5Th(hl1PxoIP0)}QE}mWft2OcP`gbFw3gD| z)LEr|mJ2I_oI{O$LRHISGgu*E-!R7rZQSMtqJf4^6l&f4u}S-}4C)qMTR1<%10%H& z@R!(Jbc(()=;o{%Lse*zDxRgkE>K_v5fP7fj*w-?>n?U9Hj~!C1M5bT?IzVx=;&I; zlzch3h~mXysb@@T>mqo^VeIvEcq8PTFx>+g8EV8kzR=jHAl*1C7ueoCDCz6=w}mcB zqsH@>&>wSS@;~DDVa|s8mQ1_7&KmhLTXvK_Y`;?Z=$Zv7)1>k1^tXAqwh!|1^6T=? zj)BMMyoMt4Z686j4Z}*O&>8&!^ZM*x8-SRH*>^_zsUL<2xv4}nhByU3>Q98OTz^db za|o>+JL6o~&%sJPqnK#Pfa_z#}q2?Zb3%;&_LfQfXBt_xKJ4lXg8n zFL$~3iw|SlqP!OiJt0qWWlR_fFqJuKP+3jHw-S}sWVufg5x3>L+>(uX;;=#%NM`r$A1Z$enHkhaBFih_Nh!`>yLgzY#qTBy%~xw~Z>D zK9@UKjq9_G$WFcmO{n&ewiDjRNdK3$#+!{kFxk4LkjQ}hrH9h?a{;s$Tby=ZR*P8^ z++2vZ%xYUa_)l6?PqI*#o~%75trhU|D{*h;G5JhMiN}sTL{GS8<#p$=7ryR)nj4~m zaha*q;s?Eba=77jz%Blfr z$jmc(@w)Sfw7(x|B}h@E0Td@Abk0;(b!Wj?{)jTqzT%Ki){2X`tUi1m+WcMU*BBlZ zO)Y4cQO`GXz5gdP!Y5;ALr3ftoBpI&?9>mJCTtEyA~!T9k9zRCX!3jPeE98pdlyxv z%e{Ngp|l$EQEIWCyFUMSwwG^Hga~(>OKaNTF?9N^R90X_9zzAEwK;K`!t{vTJNU3` zDB%CkAqlJ```_%hn;sh>%YXgv4I=_nikixbP{K!3@+v|*(#YhC+1Yz@U80)geRqi~ z${^EO)5-*q7|uc9U;%?DE3NG6_j*skk2k>fh`xb$JI5XdLe2H z!!|cdQOFt0r3J^`KcL79z#SM>I|Pk2lhC;`iML6}8k^Lr(q2MT09JKeZEPjV(IsaE zT6DkB?p|Fb|FW{3uaYz$iXzT>Yw3p8tIrFZE2%r~R6>k7q$Ulk47`?6KV`OaJ;2x{eYa=B6G_O^O{!b(M{q1e~?@%z;Y zq=`ToV_hKERGG4Br3aZ05}&pMjUZ7q`l(XN4wdDs^eqL5!2hC%eT`JiD=S;$bmV0| zilRLuY`KWv4}4EQT~JYJ^VL#|EZy>D4SNHN!WzV=5Hy$`h^7E>7xGhuI58j8*KHgJ zlZm_>^+%2iMv1wxb!fVcp$@y&1#UC>FJHR5R>dF;k)fwZSnT+pfdB9YsVHii^tW`? zGO&=Stc_WH)|%h)_Wx#c96(juivPyOWyF(KLIXwUYei~!=!FEf55DCrDvG(H!P3<< z35#1@fTf@4WOGLbksG%Lw5CSNEOBNkrWa4@*ijS5EI6VhrKOByToBhf)oZjbn0Xmz z-7YQ*c?Ats#v#jVdl#E2vzf!h?d?OPdSX2W*P_e0Dl@?$-KC;B zOaW0p7^Ai^$vbX#_h&6@M(VnJuNmzLvHD{i+RJgb{|U(Ct91CDz?T?uEJ0*vMISotc}n6u~w9l$!B$x{mtt zi0c4C@}@aI5}~{%(Kc&VY^-P){(Ve@&{iE&uGo) zZYDeOUN6XdGTSaWSZ{TMtA}BT(bUbLx)kd2h%u$t{!DZlT$)seSZ);-CI+uX;C`R) z5@ma?yIw8~tVsh z`ft{o{oA;FekvW~rrbTA>j_`GQOSVA2+A5zVJChkp=CQbi)i&~R;&u~S;{QJV9c_9uY0gHEYk{T8UnE++w zO2UeP`TY3UF-eW(eHb_-9wZZ1^>u*osfA1St0Z}xA!abcrqZs1*>WF0JIv3fL|WgC zmW1IwxjEV3Ai0poy%(iuB2QcM&t&zLqv64BOJT(#V#(NMG{>nyY?g~g zm^nLB`E)f?qxn}Nbyn2wdjwjfI^-h7*}Od667}zA^^G60|G)y`vXs10jE`$PJsd)r zAGK6f?iy6gVJai{9oEV4EVGpe7xmoosN_G9KHrB@76z>swts0SZdYvs%a>7NcuujL zC98HENN*tps;!hZ6T%QZlE7C}pSP?iW)XKzRg3gXUT13&S!ASSu_;ORJf3aUWTO#| zUG@>WKM(NS+RE{Mn8AKG4M7mGzshmaaAl$3_PVfHlh86ItJKA2)sLu>Vz9Sa3M8!G z@wo56EN9r`Xja+KVi@XeB)8J$)RUSq=dxwiiEmS0Zj>9*C}R+J5ba^k3;JOYBPQi8 zV*3<5q$N8;)ZXwMkxm#zJHhsz??~K$@o3puTWQ+Kv)dWD%I`Rwqj0NUHl8#?>*u^S z4?^#Xo6C=68sLL4CT*edST*{gdF%$Rmi7-mjDUe4+=hyDk{^jbs4Br%9=^s^PPt+P zj&@9WH{(m2Bof}Iv=>1R&O}qXmbqDJeF(u&s)#4#D|*quhS*8I|jlBw-}u^FR<`9pzmTD79p@;~K6q?T!?De?CzMCeH&&MXXDFfuLb3ZgldQE&VI(aIK0#v7<~!5bjasY1)loYp1E|}jg%t8# z;Kyf!6|<4+KkD3*j;5xRz*#c8FuYLU*oL9ktFvnY zxxE^dm|nq9hXm-c$hwB}F=lIs=Cx2os;umNY13oDq}}2;2}#^{T-2uf4sxE3*^z5Q z)^kkmA4wbeAt2OQ+}8&xf}pCu-@a$#4|_bF4fQnX&vn&SV!F~I-EuUNjx7IXezEI* zqgiW*L*AM-fB4Gci)03{wkjAcrpatN#`(dFZ;(VGJ1aW92)XB<>r%a_d=$80>{wqj zShMk?E)w)s!_FP;P!^~cQcoUkCr!M8Ljk6IHQcDnW?oFMa?_ z*M3S;QqnhmgVBgJ%eL}6uZv%0gm3>Z3*|6^Q|0RPc{hW9*me70aA}G^QzIC%XO-i1 zbM(2mcWJHX&|D0Kd0Y)wk2S2yO{sTa4E)vr-LBOYC%K8^TLlZo2l_GiQwW{K-Kdu5 z(UNUnOX)G2rkHGR`rvk5HJP}i6dNX4zO8vt6kP$Hm{u@wxE~YqHJKs4LHzj)&Yz(7 z^UK14LIZJCLy3tgKpnXjqn(FgaHO{)qeQ+{r=fsq{pj6d9Ru`1Y6wjJnyRw(=XGNEbzm@cu01m1(P3fm&LU&YO6+}Y!Yj6% zm=r;`o*n6L;a7Y|%AI??g!5>wL0m(k$*g0E_>iX{6cK>U*VNM7Wj@IpQiXA*c_5Jh zVWb$KAAOCp=K2v6W>FAUZt$KwBR`PXIwplr)sPN_9d@5_2)CK+U06qiR1dAZPIa@L zXbjo5HFNps>pT^oUrGa_Z4Byqc5ioCY}N>g;~tJXFx|r!dsf;okOV^c`{i~~OLx%RYN6_Fo4klU;3-c&qdqO05xWMIhcbLjkA@3tn+C17Jc!9BY=J{v6`;X9EB#BD|+F|xKozz2R&h(-7jPX+rU%7JoXs67s1Sl8D!LmW`SqP>TR4FA5OcvCM#Zg{F<3<}BT)Kr;u z&YhWHCM9e2xhN1RaCLB7p`e1FJDP-|i1%IZ=6-*1jD~wYf=;$0b9RYPqvdMGI%=-E zQ?>5n{BWAszF;Vh>d_!>6I_E;IO@VO7qXmfT?`hwx`TpHt$A;5IBFgLP~lz5u?&o4 zI*;{-vf&6mwITHX(H7%t$7$y#ASFODDsRLA23=I&wX5H-SXdEj^BF+l{;O_~ zQrZ-9_I!TD4~NT(*IKIgSI}Q-(N%T|2-^ae`-@evZsU=4H5v;XHG8Q#huFk{cW4rh z`OLM-H;3Kcd-DG*+kLtu+&ej^hZoReFJ~&1<9v@e3|Vb67l=CmI*qFhM9jkIYlf3p zVOZTgRcKn_3bp#2dIUtu`4Kq*jJm$BCc3^uIroAiU5%c(YtLFo+)8^^BuRU?6kdkB zY5AotV5s0Xbob4~yo56N%b#H6l{j^W>(e0i{+cqfS`{_uaE`f%;i#gbScQ8vo-(m+ z?Qj%vBfd7Cb0$|~!~ag#d1`<4I*~8L>DQ&B$G%aFJ7{*!b9nkiwA3<<%huvHy`9mY z6}(f;S{Dsai zxD*OE;>hp+O-@U6<`P-;pgiwv927?}z~FpU{8Wm_HLfpQXU z(3tRsQo!L-rl66q9Pj5NL>kXdXX#>3=5#dR#@5m6`&y#Ok9(H# zE5uy^~hNn9)nA}6mu{yM~QN)H(X+dL?x;jfZe6irtT3lC{povs*ceeTl z-TRtn8Ig!#w!i*92sCshC<-I3?%?Iv;sh_ca;yQI9X4CGj~pF+9=O)zbwcV?i_Xsb z@u~!D>4pL1I!8xH8h$-mc0F?wM9+3^9A%7u?>47ytv`}!(RG*9y8e0J`u?T@98CH+ z!aquyFwAnpf}H58E$=jDRPN61P2dA=|%_L1H?K z!TN&?q-)YP{eE5BdS@+!15G>m1{g4rTz{mew|0UXfnSzvJO!ZlNaN1qfD4N*{Emzv zKsG?X&bN*4_Cd$a7J7c{IRof6GLam##c+=Qh*S+% zG*)!t991lW4s4NAZl3)23FJTNhk=Tp#nqIQa%2@0ptbgNlspEg?7pbUHD&*0Gznx6 z2{8Z4ZTAd=dr*I5SbY}GT1|_>I&TTjGK38<;Y-5bTC`kvm1`E)um@OZqLgOP?(08?ir4!+5ow8Og zU24id2ks)|=GfcE)z@3)(8D$t35; zA@x4^iDExy>;Nb0>q&*&^y#RhgE!Hv&}7zNCCf!P<`8rsA+)A*(w#kPwPsbGN;@^! z$xkS)|H$m;j9h1wCSMt|((M^&>50v{q*0z6J2w&a>@qtx z`_YxPwt_V$&0%bVWM(z!xsXOcG*MEk@ zOhAS8fow7fFZu&cEIvC1r5+qoidJGQn+PZu?n+xNrs0u+O1#QScfiM%^eTf&@5k`l z72W8_C&6v%qyvU7p|L}f-XA;UKj|rSL&7UB0?WAgnt8{i6#Tbyz3IgepL8op6Ryu3 zZT#SrD*zD&XrRl_PE0V2y|+?bP`65OOsoz~NNg!~HSYM|1l(%k==R9A_Vnlu@MCJe zg&3-q5@Y|ei!I7%If3G;M;xx}l*-@079)ZD(rwL{^)mkvvc0gEGnH3Mi`MDChGg z+m)3#;LF}2(p1iHAzEBr4HJtsu~NttzD*9lW!Z|b;EP_rGMfG|JLZgBTz~Q0eB$~D za{qAc?E62Kg;)AT61QoP$=$%EcI)xK2Xt4=$A9uYqwek-?sdWP<@QpQzw98ZEtc$B zk?EJ8+OC#_JkGwoiHp@xt|QyE%ZVShXRho8%Q7je40(0jKPCCA#`HuHB>rH2(ZQ)s zSL(O7$I%Cl`GQ}55EKy-SjtYzgV%y$7zMR3rmCF*0 zCN=M9&E3}(#r$#o=SBV(cW)UGSC;e-2X_k=Xq+Sv+}%9{2ol^axVyU~c!1y@+})vZ zcW7K1cX$1hotfR8l_xvz$M@sy?%U^{@~U&Ietq#x25Ye=>E~T0`!07-_anrYGMq$W zs1x0csa`G6is$=8O!c3`WLV}WWXwpoQU`_)JNIC!JC1G z!NsDF?luaOSn6tKJ>Zgg9I#vMT^KK=SrgkPLC1s_5kGxk3ur;!4>Ra;?W30$QiMgZ zcz|OjyX&d=-O1(m%9+GD)Hh3F^rSUaS+@pcj!fI&9pzKGF$Rq?*M&D5$sA#{RtFu0 z;vur#x4q3-&C}Rp@o#Vv&zS1@%$p4WE9+gz%B+xz(#9h^LF}rHjpvB=sghiT`>rNP zkIk((TS<2&$-`j;a8zbdErv**SF6wC(Xym_>6uMq91{1c$1jD6_uERn?)VO`JKnuE zZKQ`!#f%sYbF^Swy6@mW;ivZuo&JcE9!Vf>MVPWkGZGo`gMF#(12Gm^q5Vstg>&IT*`-dwlaJV*6_k4c!Z3}+mSoqQcA`QQk+<8a>Hu)O37_$qr$FJRf!CAKR zu&;YP*Qyz(+QHAO^3Il)bd4 zKmhJq)jpG_72a)`JFF-bY~zq&)9*U%ufLNm@eE;uT$zGVj~X#lDR|CO4Ia=k(!>iV z;0kg={Y)OaU%-(|7yjyV0vbaS_Z4Q-b*|HKqjGfF9TVfF!-l=rySx^T5mnzGnVATx zs&N*5)n_oU1{q|;oUAG7@1ckV=f=_$z1Qriu8S0qZDn4AtK%+L*wvlWiU`(SoiGMo zK%wp8OR7xYTioABf5%JkH>s^bs8`qS(q7^Vb&58t;|uMYTUzoz%l~rSL;UoGVwt)- zf2Rm-T4qGz!@ssGTq9yeA|I7nZ}n&Y);tTG_Vdmrv=H-4;2pvbAvCP-1&4sg-xamf zi;5WaBQqPpiQJm3^t$#0y0ZE@#y4wjn_7y>nXvX(V-@rubV+)chgFh)9?CeNy4o&$ zmm$zTS6l@ooK1FzLSNZ|r#BPLF%=xnXToB4kbc*nhm5>aL>M}os#LaTC8nr~Clf18 z_c^TPEtIhE4A=PZoG^-$nvELDG)8uTf2z{g)2S+yVoR~EHzJaD0QI^$uJ-xZ?|sTZ z-5-QpT_p)Ms~C^?YK8Nmro!y=0!hmwbtsZyW*^w;HHZzeMzoq1K&nwe=M^|u3f>dt zj~qoB82lmM_cxo3^GgH~50qoC7IDuU=siRT51e@yQp#tP^Lu!PiVIQeT^xE#jfLm8 zk*$tASqwH;JDLMzSKkC0$Qnvj@L32GR@hR$8as8r@0G16yue%fDApc!QSWp(+>xM% zD1n=pbuNn8FNq&HLen!KjZ0X0L9?$}Mlz0pI+)1*BYC2`Xtk)*)+1-hVD^YhZNSx) zOW!dPe=wzOk`znU8zsgf4YpgnU_F(CmM1Kk@QF|;^axrQ%(bQ~1mpyOpN zPN3vsa~OxEH*jcz`&t))2lqA3-hJBWN_2^uRY6?S2rjzJaw%)cDr zrZ+@k;7mO`2C8v9KDPEQ^}{PtiC#DsYBMFuD@<~{wZQVlmy_?h`22Mj0Sq{N2L53D z0IERVQC|kK*Rp;zQRY<*qIO*B?j9_-ya+6X8z7FK$Vp5%;6fa{*vOVB)Kv|{4msJb z{r>SAxOmXeZf@ePW8}+4O02)t=fJGOp!+#l&4E*xY76tbjp@FqnpqC6wiL(~+=HR1 zqIuqm3%Qs*a}!Z@&gq?7OO{bs4bFlu^)NggMx_2%_}^iO8q4Wj8|N}MJi83dk@n!P zsN0~|*fu=DtKiUH)#2N_E<x>ztMh!G9Pb#t!_wVh;9-6M{_w$sXxe`daS<}yrh<}fSHXg7 zX-`1?Vw+?xeqJ4AnLg&I5=HI%hdfgehd7Kv9{*@JG_?>(S=l9j(`*g6qbR!tsSGw^ z0W%9iKdk;pVH<}EciWUXn6@R2h=m}ftiT19A9m@}wnfwryF@R27*Gy2d#?841E~*8 zg>CSmbi^1HH*?;=I4i3~xYbiapnNXV=|SZ*D`WLr+%_)|cC^H#s&3Y|xTJu1#vtqG zb=HdS809fCmQd8fM%?z4V}+4OiAMW;mxr<6`|Z`lEG$Q6BOuZ_C(#Gi9tn?Vd14D_ z!`C;1&sohh9Ylaf1Uxw5gEt)(x-4P8FcU-hV6HKgQ#nd9llI2kIKpx~R}?mdh02(g z|4SRZl&V^1TOX8MDqC62C!1yfS5~+TvZe-oKjMJwFxOF7T(F@W2#$Vf07}@G!Kn{& zfqej<7p89}HZmY$xNK5Ti*t+fs8<2)sIXpYR{URPwnC6vPdyKsZZWm5$of5VgZO!f z1C+uX4Z~?F1u1!m9D9;sSx!-$?D41SbbDOH==DiycWl}4Nbk!REtSDOX&Cy2ccL9X zuumN8COUS@6#HSAncwN$WTCCJ;>>hJ;Y`6@5_T{reGoU)LQRn|G(gS`Fgpox+tO2r z!RC@wWn0;L>K>p0$hyPejVjMOi&`^R9>>ccx6G}D@8_1i*gpY|5Vy1Aa0_WV;~YI5 z&0o7=uvQjMl)Sb0re{OgYB~GE_bRs;c2@ftHDn~h+ozm!-w$`SCxX7G;Dx@u(QEJ` zE`O()2D2K4&GSK*n&XBMlhcW4=Wfz*e}@l4E^~hk?-%EXXgvcEGVLK7J{ojGV%u09 z-krQy(07fSdIPk-A8Y;neVklUlJA>ofvNk{zn|Fu{tX`#BvsCO0{2XZv_4E&0HYX% zR${z5`FIar2qb}uTLZ45J*}~k*ukLXTL%4O!8&?P#KEx9@loGfE>K3cS^Ks>9~2k9 zO1uiNOd-3@E-UDJJybJqdLi4bkt}lRtXX447T&AGa{6}kL&NuSxq);j8#-OSrGpom zcqlhD&m2_181*SZ$x*UrJnsAkz|o6Bn?9g{3>fg=Jm? z{-~V&S5&eG8fqQCW6qG1b1&X6Sym51PcB!uW+y9D#Lk>~7{g}CIr;Z-4RP7Ox70lA z!tW&yjijH7!geRB_U7-OJs*f3SHER2$RcF(;v~8|(Rbb(N?Yqa-YR~og=FvKO3y7P zdUNNvDh*;%HoY3&2L%Lvr)sKVN5c-IIX629_P!3dzBy_QYc72_7gE1$y7#z0*kWI~ zg;xhPSqXcpp*prW;U}0&^$fCYBXO%a*+JRzyTe4dUtP^yH~L)glx5|KX2owuNTgX3m>-3x${nG%*G99S-&!;0o?X0SI;FR4H?pdH zMA+W=4keFxLt{z96=$C9sEz)St?JOLCPP_y&i1C|pH0HwMzd1<>^x6-ZpQr+|5rW; zrk6HjVk2x>S7ah7emAXybs@98UMnCH@OTeKZ%KzE~$;w3PbbHbyUBa6gq!WA&toq(6fCXdx8sv|+FZX~aH zUR)K~`)PjQbKHLpbyjhVTSbZ-7!1scG0MqcD^0M8R&`+K!I!mFQ(2km@Cmcn97;2n z3EHv4OW2j|_l(>#*q)Z(ZyhO%C#*b*W{WLE-*du5#K;>c*JkZ7TaC?NZtFnnW4h5a z+mLSFy~^U}2N;ECuSLtL2B+CYm+abesgN>Iz4{OrMAn@Hm0L^H9+im`Lq+w?{5gTt zh=!IbG6%DH!5oHE_(o@wHn?%gDl7Z^_$afcVZpEFR@(RZL)IVq@Q;@Pv^jrD#YV#? zy8jOS_J`&Cqkj0TI2R<(HdOn$>QRUV`Sh$ZPRTVQ8y7 z=l9=b;GfS}6;Ik!Uah`hZJanZo5*JN%HSfBheN7!z18bGovky}#9Bp|5=tNDG3U(u zH=X%+p8w9%iMKlG^7#zs33U;}oyctX;?U4HWR8yLILDQ;H-m^kUvzqZw;5pHphQJ( zPlf{CD}l9*knLWQPFRli`OmwLqq7`9c3_;82Rd$EV6hLP*u-JW$XXwe$N^3t(gc{|mMyC`QN-APwy8#QM;30{?i~L%g~{5x4eO_Td;o-9ISR{T27) zCAyXy7wQ-?Nm;|DHPsmURi-g?u&pd8QcvmIUvy=iC?AG&zS zpMp(9Uo#Y-A*CjpX7}pJeMj+rnpmsL>A9hjKIx=mD5#88I7G}f1Mr@4i@peIqw{}P z-e-&eY6wL^L7$%(u_G<9-geo%)@Z05yb%kbaP7r9({f*`s_bTx;=iUCQOQj}+h0L) z*!=Q!u}j`Dp1d_th{JwP?OVE z4QbzHo24Ji|+b}xLo6a9T419I0 z8qWV@&BzAhn6bLfct1`5F@1a*PAe7Fy7KdU#u~fZsET5E(MwvYBnm6PQ(7RhOpE35 zNmWo`H6u-+`uxQFm%v1|7@X-?U8>Nb!E!Jhe~$tZYuONgu*FeJgwaciR;k5% z>FWbcyOV=F!AS$co;7~1(5hiR1yObQ^D zCf!r8vI%nBS4X?%ifu9LYYDJ?4mgvDa_7Q79T^T@EX7XJ}JPNspi`m6w9Wb z^}s{9-+b!7oB2Pnnfb#?=E}ooNG7giMynmYrsGA`(Q~Kt>lM1DCSJTJr|_?b*yi0z zsqn~1?FEKDb#zNeQTW^{_<)^=(fR4Hz_*AmDCEo5ByhqvCNl~gGSSm4 zB7N3_okP^w7*L6@mL6r4Ad zrn`d5%hu$9tv|?V0o>yLgWjbbd)+SZjFtgO6P$MX)SaCz+R@&bVr>jzjdUJ+rkHg zsUN9)Auf&(DyrnA35`kK&lsBN#i9%MRB3s99#$I8;qKOQur3lB-$zi5jK)((^mH`* zstB>nhpagf*=xRi0iTbrO~vU7Qsb!0@nhQ*Xc04n=!w*`h7YH3p@`9*Et}UAdZ-@a zV^LZG3JwEvM5q3f2cX4kkEY0>dNkyKJSi*|_6(P{(IJM8btpY$9#C?Wm zZgqkpYUO){VcxNAk%w|}y@Y1fb5`3xCSk{Tcei@Q!(i3LbboHt1d?#`j|XV=$_I_p z@290-d?;gFLMs&0UNN%fw3YacnyKDzksl#+RaTAAgvrJIhab-TdPU|1+Rlt-#veNYTEm$SiXD$pV7Abpdp)nX7fSSkbNkv411Jpk_))aZmurIqK=*c@8nTv|`T+%?a`qc&U4j-%l=^%Q3;*hlvz&^%b(*x3G#EE^iTLPsisUosz z@5STQGTd?dA+(k_o4mR)R*8*3UNlNmvTIb*qJP8Z&nlG&fmnNfYjJw1xT0q{Wa|b7 ztHxbeg!>r2u~CP?cA$*r7UZ9RTs2maJ!8NgddOuDE+T3Tn%PHW0z<$fX9kKXG`D&? zNHc87mx+bF#z)gp*DkFUeVR6;Q!D~PWs|sVIqmM%)0{1G=?Pbjr#ot{0-#qbsHVbp z@;iv6*}{3c=536Tk?sh^duJ!7m!4T$(9<7_zdJ^OrbK7*9nZYBf|aFHK2JVSVAFhjZyM7cBJ z(eF#NjoEcc7&h-_N^WorQEr_eQthe=CkqKF6LZCGK380L_jMMRq4pZ=oWq4~YV=_^ z)MY~;YciTZkYGj`tfquS-WC*`;bT;!o-8MEQsZ>wFL#(HhpA^Ak%~jNlUU1zNwQO; z0TAR!9Ct2l%TuT+Z|d_bO$9jtjB3Y@Cl`jcgz+!g|1la zV*AgC+MT3q&{-F8MOYA1fQKFuI9PK~q_il@&iNH+;Liv96+_SXkPjH3>{y>G-}`utZnIW_A%eP=F1> zfe$?sQHjKs0u)A78S>X`u#h$S_Q-~_-sf9jmb;%G(*xlgIx2UX(Ed!7}si>qc3Vo>7;9` zn;?ze=^aVE6L+-Zc7+WTvBS2jYvjg{blWAUFqbOJL+7e! zs&)BzMm7l`S0=ebJeS&;Mx&SDFo#54RUFLfZa2;rZ^B}Ic_LB<6R?)3LBRRJ?24?$>6(CQQ+pZ*d*yuAouH6F zAT5C6Gt5l;yiK0W&Gu0D6cXcr5?I|y=JDo|Nn0eWl1e#rUh`f9gK-|o66ygj`G#6qHIqG@sdEgYuE!%qF@r0GxC2z zN*?6!k@Kx(EutL+>##F#F{BsQX2+sv5FV_6^*)k<1fNbaN%nRMI&?}=rJ&R5@HpD% zx&bzVTq^jiU~^N1VWTN+&8&u9*>6dK+Rfi15_85V6qwSJ#%9KYP`mux7dCso>eccZmv{YtVptzH@ zw>rQx!!Om(wxR!dAfv9Ula987Cu(f|>BsFCb=Iec{7`v&G-Tj#4^(RS<*nKlxwE`ZJjiiUJ$`-t4PP%o|I+xhfQAJw^yG}so%+;vyk)ZQ z{s_UtHVxy6`3x!YU5IHp*xU*wwj6=wjD3ZI-$n1! zop{L_obwq)((x0{Y}-P7fLiX1X{G!z*zPGLEaKzi?6C%!qk&1!f%M73I3&IUF|5N- zUOu5n?oz48x8i74kXe%4K+*lu`$vt0YXnpRuCEbau?&}qbODx~Ya={9xKFo~OZSgd zJUq)7C2UpSWSpGq$%`TvFdh} zF3{XBDueXXx{iS^iuh+~ZS$vI2jdm6F_icRVcydG8i+R?jV9(Pdtv4iE zXqtI3Ub3S(@maG!UY^6c8wIeF?ek-^&8q$~zW7Ip;<*0ht2dlxW8+IcYB&W-<%gBg zX%x?l)U|^d8pC@fw1pXv9rAf?Gr$wR3LtW@^ZI_PxcPd`%MsPf@hnZ;nk0=?n!?WI zU|&@G14ZIHGPF^$g}IqmO3I^w3D>6LPV}nwx{;E0W=nYH^EFmK#X*0cKaKxWU}Y?` zq56D4Nh(oQ&BrxUsW4p~BLsEO4%_bb59cMf4A6D&(m~izFJDqPFEPc+#T9?IUFku0 z>oRBfV&BDReV~q(JHeqEZWxN)BDgap=lfCa7}0-#*7&dKztD;u*)#VKg_>(nx>z+C z(ycAl2)$+5S(_*-3DYudsD#N?0*3{qyfKA}8#9Wjx}u7)RJ0cZ_?w#)o^I9#uv)cc zfaShQEHXK0P7ayM^S--8*tawZ(g)@!PU>%_ZqDWt-#IG3W37DWd=-{w)H< z6$7?|VENkkf+H@4ey~G*qcKo?Xy+1^`J=t>zfwlq1yX;h9rqK6{9Pj!FGG8}$Lm%7 z1$1IPNF;?Wy*o0bW(T&X07lx8A!!qSz9Mk|6ZO2fJ`}(XW8OKWL7jfZLhn)wturq*S?B zE(4FB=G5r8&$t>btO<3AjiY~JW(DWNbeLGRvTnNk$uc9AQiNw|sSl%k$j&(+2*TWAgnOT=AvGAP+l~r09C-U%<)#DL zzG>v9O9VVd%iVo zAA>C0tPU@P%P1(h(9&kckw3RBshsq(AFpdhsoL3IN1H?(z6$T!V*?X=H9`P3Ie{kQ`zNSX_AD!(#F)7nV0Ca?(AgIq2|ew&=Yd(F z`+E8&A*yW{&MQ%(bz{>I5X?Q$dB!5@N}TcuWI&^ni= z+0Uaj=Y!QfSeWMmeVZhcrFz9s<{8i{k}ZNe^g}ex@n(dR@JT~9bqI@ll}&DSi>TVm z*QR=hiC#7Zh4vkkyB=IzA3~X(984|U^8J9iJ^l=9W`|ppg6S<_W~VYf+)^1p#{I-q zu2Dyp#xCc7lrzpRyX2wFW9v+^Rgr+W;xE%&MPqvdJtW#S^B4k~@R?J8;|G)B4*Apgd8 z)IQ%cVAE2Mws@=X&bJn2vsl&p&6!_0_AP zM!-*YPSZgwdFf@|m%RnSfb1a{8TSMp`-BWO*fV$MEUK%dek}%Z-+`~%8f)@Vco$Rh zXme3GMYqBa`G7M7rbb30aMz?XK+Gt?RQOBVz}(n(gOX>FZf^k;cKEWBOaky&V)J(l z#umuT03>JmqD$0cQHk`5G^qP`yNUMSN#DI86x9qbD`WBXaZH{W%tAh0NI|L2J3166 zPSP>3M5soZM{i?0zLx~tH}7ZE>Tna4m;a66bb=_-6g^0fOF&#@2hapY)llLD*eH(>)YZOgbyDPJnDrg z%N?0yYb!Hz%aG2*gtu?e+4Z$GB5JaJAjgNeh-IvuL>7u3vRFr_{d6atfro z#0#@YEuB?_kp4<7 zKOootNkjj3p_79UI&^HgJ8GnYhH9TlQ~LsD%EEX*JF+-)cVQ}|poE*k_}ulGBxg%9=JdfS597#ULjnC2s0s`>!+xBM)D4Ntl>(2enm>X78Qz$u;I30 z^cje_q&$3D!T)?>=UT^%EL_Pk!}1y$wuts{pBULm;d6m978!3Ly3t_v%OTuUN@LVIK%V%4gb;dUZ0}NVq;-#e|yF%+D}4|7)q0jeK^&KtonCU zooD0xyByqmT`ob9l+JHt=@# zwM@lqSY1bZyP!;nF&MUr;YE)q@qOaT1TCx80-KVSF&!e4MVS#dP*N45I09=Ol%l=vIN z|JOU^A>|QV8oJuT{?cvnz%UU3Q>Fw4=LLzy%@(GA@c!2i4jhuv=>&UJ`mLNW|E2rF zM0I`yUWH9r9Mb+JdM@n$6s=0L7ZGWHVUyN=FC($Au@mUDnu3kAxkF&7(K;zQ^|Gc{ zjH#kWRwiR1lZ)|rxuT;{6C;i94N_1GZq40Y%U`5@W}%0Ne)|P^G!VRGAsBq7*m0Ps zb&*-x3Po!HtHG5JL>=Iecet;L?y)8FhoaVLLB17d_Yb<&7mdeVZTe)-4OQ{+?W(;k z-uPVU)uB7@FE{KHAS!VAaOCx5^xV$Mk)(!d=D`87TJ|q30g+Rwpb;yu78IIAs^}6d zniW%2l~X_Wo0JFFT8Vj@pbX>CMV4;MbFScoi65y3^6s^l`FE3c+g=d9cV=y@wT9TG)MEN2=E=Cd9{#EzG?ZJZ~=$J1a{zY zmyP!q>XDvK!h%kEN-coGCx_Ox_yTa{+pV+C$Iibp1S>gYBnSKZB34%Pu&}UVuuIGQ z-uu3`EOQNHWHY#K_Ux3=!}wTQJfXy%4^DL<;ft%+Z6VI*BNWGvv92uk=WT7g1OxiG zYuq;8S*Ngs6i!LMTV*XsEmsk9wNS6t0bJ4+Ta{;z`P~oqWDbBEDfFqqQj3Yl_Fpae zzf!Rd0bU}Uh}X1#c(@yh*hqk=39)v$8R;YJ71@s8+NDrZqxv9uL4co6g&p@2_m)36vFDe~Ej<+qIQ6xtr0z+BuH)8E$Mq@h=I;7L>R)Ps5 zEIT$O;PR+Wt@l$#%34v4kFMGq2t&&3Qeaa#aZd)t1DZSdm>iX&I~zJA>w~vg&#H&wcfRvF5piFe67qq&Pq!W+#D76ik5=N zE+$+^A+#RwLt8B|`sr{3+9iyc?F9pdF)@Nr51|h3_?*KYU#Jcr5+m2FNT-&>m^@rbMO^x3lDK5%u?(^ zVKc)eszt>)r?S0>S=B>n6t(o_91%8vl+sB>a25~JUjt>&WV4eUow_tRWJ2Z}o+-0+ z7_0?hQ{#g9TQ!R5}hMM)txY+3GQfwg&Q2QLHXYsB>2kU1;o&1`l>@bI_4wM6-haasfC=0Un2 zd@0=DSWvdc_{6ZKy8%%U%=F9j%}7=iAGU1~dIA-7RRDVdI?c@ITqru*!m{R+Agj=} zM0hl4SB?$^Zts#g#~9qIjQ1Rigb!tg0cb)gccV&LU&$xoPQtX$1@-U+ygst4sjER8 zNr*UelTVi8K4@NW2&V4kl<=LoyrtC5K5wJFDrwi8Un_e9LbLI-Jm;Zp+Bwc_*>+gB zcPtOgFM8>qIT=(ac)B^3xZ-^75=VRX znoQSFevyL$;rq*!I__b7sMo{^6~qH*+s8GNwm;$NLdABnCTflGS2ZRojNApa71rZGL)9h2NN>k_T9uw!~k!EB{Kh zugMT3qNAhbw6wwxEeE!>FiIA@7ku&8CkJ#kHbPP!LDn_jJ^4HoXMp|W@QwL3HLVUv zR3Va4W5&L76SxD@UHUy#PS;diksjrU)gB;gcvRu|Rtn!DBT%!WFnfbrA2&^$u<3`f zdHHws^#NIGsIkpRncwNU7HjFd!gb6zKv?8A227Vp5j3yk9EHG}L1F9OEl%0EkdsQU zJe$%f2sUp8YzM8>zPho&=oLFanU)%?#@yW66EtcBuF_!(t>WrmHNcxAJ7ikCSdS!j zf>#>7h1H$9&8~A&c(n?LFYCdHnfvkcin$iE=>ZRVgAIzMdVzS%oiTikWs6Fc-U)|? zM0cCrbBFS>H%=J9eUT8ul$+Vpo$WVo7)q*B=ob=#>Z7JEVHhLbIRX$gb*md9r$kWP zEh(h!${<(eh@SS%ktvzuji|c;{VI4X1Hwy;JR|b8w+q=jY9$SGaaW_i#~Wgpxm&H7 z=S{aOZ{J!yt*P*lDikk+%AV)DMM!nKpnSBCBCE)U>4pV%6rkYUMXbfOas?nAh*cra zw72=l2PwR`wx3HER)fus4Rv39Y4>p2LPYK=^)}wGD*Mv<3awLrSv_P!4aUGl*?POW z_Qa2vHzH`~8348voG?wdGSP&3K3}K1=3!PgIFE5i=DfHN{8F^XswG5z&Jx+%Nden* z_^`+8=~R@*u;o#d=VTz_BnY#s*Gis5$L2L>H#x@p7SpI>4|~kcso=SnK^uD>;5pSV zF&=j(^G{b~sgGj=*L}+)dfKA=p-`qYs`%cKB)GQI+7`EO+JZyReYD-k8%p+jp6*S{ z(DVqjJvK#o&Ke(_PXyTHspfQbi2Lj(gGO|J8ZIfR^j5g$W?qK#%MKAUNo^zchCFwF zPHsf@U&;Bib<-I}kPx+Zva@5JimB=K9BbZq!33p7HZAUb^bMF+at7Z|!wz_7}_q-)a zGcYOT2@WCP?Q4T-i(ms1-d~SB8G<#SvgO&+#=|ZHglG(8RLHaSO@zOG(ue^nOUznYJg;7!JD8lZYpb0Uu!V zT|Q_ljwPeRSjcKw)@Og*Jb8eoXRP1y+?y<^kDgC!nPNBl{l<&jNXmtW6}AQJ4c`}y zpC_MZ&>Z`yRmtP4oM53$&7i`QQ&jyRKDfD&D9sZV#N{>H&cVVAPc4DPQvL*%lHtC6 z9n-SVfiWz@w#jV3gy*ggxw2&rx0eGOvyQW3Zbz?n3rF7j21}c7bQwnY10J2c#dJju z#LVn$+s7mL1pE6Ro5jyT$LtB__1TT>r`oGbJAs9ex+=WUPx29J-*oADmBoe~Kcumr95MH?Hpq|kF+?zz%c_x4M@}a zL#gXxk^^HLVKjs>%k-z;x*tRlULSTO9S^0*&7iNp5Kl70%pYkCzJd5Dx<2&pe8Rgw zum3Or19$8RMl1v^;HE>azkN*%>iSihkL2w=xwMp;Tn)mCo^#F0$aR0+kbZZ1PW z7K^V1oGYCz+R5F;WQMEXjxiJVT#77`2G!D0!lHSE5iHr?7jh7(1W_p8kq*`%DZ<=v zxRT(($zYQt9WoNMS(sVCuyPh=GjS65u9X{&)U=uP5G>C{d-Lknlzj_Zq9I{J<50l2 zd9y)L>v$q`T@bdWMSplTrReG}XK|jN=wn*s6c*j6IX>|<{M7z_jW}%;&FamXjuKQh zSL>JEZ_QAL||56497Y(wApK z!Y^g2P>Cp8boI9VftKTv%O8eyW3k=f+Pu+B^SA_> z3L=tJ~&lSN!+4N7n3wja?_rTh>RV%WWT*M}Rwl!*XMz9e$=e z+d>u!+)|&G8^G;+_qWp{C|cZoCo{{;$M0*}+>yWxrLTKjjXu&N8_sgvfI<|sysnL@7+Q8}?^9cg$^EJx1jH2-z{jl(CP;BD zSmQ0fQuXz;ePmlXjkR5`R_TZ$Ygdk}hyK=w6in zoi#?b(S_8rL!QS`o#6ZSL3;VQzZXVU+Dbx-18p94k!bcO*np4FN^eAT6zZ7o_e-^O ze6foTsz%}9^ag4uJ59_p2yZV0o?ax{QOQk#VEm#1?&NFM%eyaV$Z~^RdyjOjn{cVAzHUF4bW3s~f$Bv-Y}*qaf6 zMDKKMWJ$i$Yx{CrX@^j(u9sz*HHIR^$a|0{+J>B{D&i(;ke7L!+49u$;?Lu{kTMxx z!vj}mUYRddAZkDDQkfsicGx*{Kw(X3%KFD-av5B3xA8i1dY%F$7b=-vP?N!yMj)PM z@C%pOZoFJ@x}xGKdxOkq|L{ZZjJf@dBRL0&Ck&^irFMjPt*D-66Rw_cP})Z(1f*_@ z0T1vINzjjSgfLbV%B;ef9bWQLcc!04VucE#8jXk71APtrB4Gie1%otrj7x|=B2+3y zysI08;aOGVk5()vC&&fu!U+sdrG_c4A6C1*Rxi?ZeV#Vkzg4d6ZuaYVC=Ct5#LJ66 zdxePMc}(l9=?7W)*agiX^y@(>r}BMxJDEGQSpY}z`kv=RB6ij`R)%af}7U}M;eyGtSOwY zdKY~H3kV1vwn6Ww+tPfdI+X;-)&X(i}<@<{XxQG}h0*!=>LGW3SB z&KZ@SrxBMpjx9c=D@#onhmYG9ncoG>a+$-PQC5hSLQWC93m!72k?d%z4PS}9!nFD7 z$)qKHG7EvuWYHd#wRO@>p={mME041p&dcDan8o!#w&VgPyuWOwX^Q4_B4oJCcyvdkQ=A%8V)#AM{=-)P$1*n19X%2Y3oC(6Q?j$NG)2&*mKM_Q z0b^q(sA2!L2Hk;xVb69?A`1~b!g0InQ-&`{+ORHJJ?uwCAw^=IR;}0v2dQ_}rs=h; zqH$k7E%Gu{)ud z!J+(7OZ@4aq@@JrmY0KkAZ%TiJJFrD|Gc07s09C5-g*rq9sY<^ncc0)if6|r;#XDl zfBrjmMu?r`nfjP3=^_{&`(N9gzdsldMdIh_5!7W$;j;JYEL0Z7*$zj16KhE@m4<6y7?HhygHP?&~+c){8 z;KNH;joX!1GE?|+i*^S?3w}^##x4XkZu1%SG{jpYTjY$Ts3;T8heEuDvN))(Lt?WG zPVi9rjnz1sLC&t^t_QH@XR!NN`ge+9KZFxFQdE3=-!~96m_mIQchxT+n2DYn(@+nD z@@n=+zEzxW$GeQHp%B6`%WB5h;3=n(-%$=Ud5LakH`^~dvu$XWnndx@kUYC?ConZ> zg5Wl9B9OD_s!YsGbWD0cmu>$#v7VH~{9^S2U`!WYJq2~{t)?-P^tCddl`?g6%>WTb zuhs&%DL|WirzRJf5F*@jDknO9C38mPJ~t!{oT5i(q*m5#MAI=GE@WBomjOk}|7VwkY0Yj>-?`mcWn5YFulG23SxFm2*+O z7$aS`M*>Y`2&c>Vd`EiUYq=xb5l_GK7J!l&N88=(RMfrr0TN@IO4!PQuzz4zZjt>X z;iHBnwE=_BSd?RjmIYMp<4_dgd zd}Fzt*1oX1b_S@Ga0*dm|A^k00QChR$v{wNBh@UlqBs>@`lOX(TqM9q{BYv@zuf)G z83_sN7@T_aHL>a2gqLin_|R}Jq`u+3W~fg7w~fI0DF{>Q`WpqR+I)m~k^lrM5sRfj zxT~V}#gL{I(0o`$JEFlxEcv4QC$hpkBE=M_ZK9(ORsAS*bcgUZ<&6BJAWr^Pu^ufbM=<16<_3!ZI9~YS>_b z`<=t6ZDUgrm%g$l>PW5e(A#jW!O>EVTByeG#snQ0H*u7E@qK@8cUCsp5!U;??KP1& zMAaCaktiDT#UVRpSuei7GZ$1MY z^ljq1;&Fj*B&%UlUD5pS8h|73QE&3#$IZBnzxC_bS_h^@zzOkASyx62Qbo7PZG92& zqK9te)-g`NbFzOsFL(#QTL~mV7%q2{DMN@-M46(>$hAx zzIE8tCzI1oYZMWs-InYE7o6vd-E9~|w9i!NP>u%aNVo<%4h_zw1Jt$lSa z9kZaSug;vP_I!S4PIT!N8S1xj!GOBpoVF(-l64J#e?3CT#^u?lDB7@AaSJpQ?*_1%!{0UU6+LzK$P zVxPORRQ!ff!30EkCOYt91d~mDgWt=5Va@2sGtrFKTZo*9g8*KFhrxG}Pg`y$lR+B$ zPaPOd=Q8-i(x(#jvDjF)4H3tv?@bo822M&p()272U~l(-=sF^D#SPk4W|!23z;rLa zxm0w%-ErC$y;W3P0g$en1P#^@TpM>naCd2F+#Q0uy9aj*?(XjH?(XjH8uT(} z&AI2yT6gBY?x%j(T~)jO|NCp*fA-@E`4R{o>}YA$=L0(bsHq}WOG@`c9nu57mAK*n zfElTed~NVDqU_0s2b((Ffu14x|4}%)A#^{J!E5;}d*MWwe!ic3wzaWAWiH6*Uttug z+C8ZU_W9Y4x4f(Qui-dzar~|RQpiB5b{1<5oSnWdxsb7H*PPx>)90QV1_D8?iP0PM$Jv| zjyZZ^ZL6w0`)`G;(^MIuaDZ6AvXd|xmZ)|$e{EkSIUh1;84~|u5nQu0sH27_?MocD zlOu6*-o9me`+A>E_V1ep%L_rQO;(&UhwP5shokQ{q@BpKvIL^Fo*Bf7JzE0 zQKjrU-MU8N^1B+*ZGxbe@5AfMWJn#$+J7e~|Hlw`$j_gWmWEKW8*yO;-jI-1O7_iR zJy){H67n41hNIW|!fK%&2IR5l%lHsQ(|h%2N?gr@9Fl`;$K_V)YsiJgE>65ogy3je zl9XOX0^@UgV7ZM=ukVUvi%Y&yf~9+DCg0IpJKwpuAI=J0=$gO9vsKl)ldF@Ewcl;J zVR}7(<`=F8CFrRzi(vls;sl%)g^{fFe5m7VqEGwsXW!ZPQIAV_czakoT@#WQ??J2 z201p2AT^{{_>Qug2n&>Q+zK4`Cs(uaR5Nn(1;tp-zSNo@?906dXCjS0n)9U2G`P4+ z%f-K~bDK_*a4$s}X_ls%&A7~$G!%q6Ovfx7jdHv=g9dgYK?GfV-fa*%YC^>iJabny z9>DB-X1jUtT8BF}!SWVl{*D=dyk@>fT4qrh@F*dug4N1tdl&C~bq;)^zj$k0y!v=g z_C;WPouzWVf+`)D+Rcv+8Rua-VHTBpSyN}(aL*onwO$xZKG{n|1^`0-hfl1r?_W*9V7QUdQ5gJ< z-iS1J6PliC&!Fow;6^u7@8GEMwX`073bX|Z4t8(^F56CqNJX%1a%_i(tF<7KfJgiNPJA zj{d9tCoI`;sKSiJ*f81F?e6rr57DE%di0O)ByX3FHeSLe-}U8(J0v~9govFV+QP-V zY6mL;z{`@$31+$1xylUw|3^;k3WpuS!<*wf&4Dej8(Ci^at;V;WOJ&V>8{{_0d~4$ zSf9ysSC8qDPTQ)@;aQ#M%!M!9#i+rg*TUDG2T+!lfy~b5qYiLnto{9uPzq`TrMNut zE))dMw~;!3^UPb_31f*oK%Smu#oP&Yy}Dl<&_lyAWr1dZ+yYxjeM+^`Cg2My}cu{ zLG?v;SYc}AB25(R0#G<$-k=_bUnC5YQwD!{0Dimg^Qc1n#UUgQ`dwV?Y;F*7ivHC+13tb_`0+8Ac?J+iQ8#RdWP>C#m}vX z-n`V1elbasbu`B*8XVchCBKDdxIN`hUii2~FJ!I)9FMQLu7yId69Rkfq2tUn`DG=1 z>(~e$^zTdf0IvgfA&R}B5X+pWN40r9=Gk=c>#c~`M4lAv?B_*8sjp_%Wf~`bCP0p7 z9CO=?UP-i>`#|vv24##GBaX-nObF&os@|(6snheIs^9efGi!Bb<|3evtu;KB!N7xq zFZqi=dZrq+#;k!*$M2u|HRNib{FysFpahGriSyIpvEBo62 zWv7%PJ5TPH3L_E_D;>%~z{!lk^KW`zl%%Cq^fYe@ro0s<;WLd&hAZ<(NZJDH1DY+)57zCqy5oXFdB_hJd;7BA zl8hV%4~m#elkftHVZ7nQhd~@J#}?ZbLavL$49n9@ZfNA8i*aIQ+gXkUID?%2vyLcz zx=W%i3hTNmD^I#CQ$ZLz>}!%>bc?n2YTgvAl*2!4Ib!6aJ5(o$4OwTk*jOHCzqF9Z)fFt#(@^lXBAR|rnjaKsE|KeA z4#Z7iEd&`(=gmeI$UP%VJrlA+zsRZ6UCn$x_ zv7!qqmx;8sep7aI9U2?!Z9e&KwT17ap|^&T&ydsHf&lvb?JHvY>_)TBVdi5G-3#ca zPS*WerG8a2`G9kDD0aIWgbj`qf0@aH9fz5zRxwi+>SAa+Ay3qklhbJJ4Zrsg|B@M` zj>WQvtQ}&hA>QPmxmQs|sTm!WPW}>X=@u+@r*%i))?7S@di;ZCo@4^V6>;;XsTUAo z`-?E7{P7>67xIIGl(Wp@R`@`M2Dc<3i#R||8}wp+iWBx)v6b7>)CxXlos+wo1R>e_ zNj4{CuX*Eeh=o8jfrLpq;tk5}Dke?hDaw`^qM-~uXG-g@tsK8fue+r*sq%w+>l){h z&9HyCFhuhlQDVC;Sv!!1>6)agR1Jrpp8jv-oC+#l0Rk| z&RJQGb?z7aen7y#5E@{iNV0Z~Lq7~8$T^v} z*(RYaC?1PO&BxqjoJe0*{K$1hO;oL=HIy@so^_uyQG;~j5|nXLAIeEJVA#j_F(bbD zMaM#;fT@$uK+ZI!*g^izl@(9)jJF*iksp`b-KO1?ytoR>7bSNZ5Qg6l|A0Hq8S?f^ zP8tR`9^$UUfu|f-w{Cd+Ra@#AZD%_)e^dy0k61*-l%XaTK3eQ@{(qjm1o(3nUy?Mn zv}EVEB&Y9O^Nz3;8m-PVX4p%TOn+uNl{Fu1KD2+t5mScAwT$jjzwT zZ(^c6Xf8a_bedV9CEOXS9y_&rPs=x8*P1ajSOawZfE>Ce1~Y*_Gk}p%jp1-(EhQE`=Q*Pxc zb*I2VrpAtPwsfO4LS3$1MomR3p7A(A@vVcPdg(O0fzNI&va<{Dvs0>T-+XOP8@>Jj z2jo^HDNiA%Ksu0MDRI2>g%Yw1TlJ9 z+VZVXRBN2jwVw!%4ZHy(GH1PEK&>vFpAm|@nG4)8%P!M_@ZMz_nBhEm@Gjg@>D zx!a#OW7F0FFQsQEJvC-;h^Hp0+^Ye^4m*$H#W7&0IW4?BNd9^wU`39_kIarsmFr2?!GO|g9V-~U+v-Y1 zhmK)-Ni!tp%p&dm3{IO+B4S^ApPMDL4X>8#(N+3$Z1YPkMrdRdW}5-U#bQ)%P0(@bJkHOwIq2|Uuu{9L zdQLD;k?k+jL5V!#Y3~O&`ZulTZn^jI~(9hlG$I2~_R$F<`q?Eor z<0Q&`=d+f5m!oYum!VF~V`HS9M{A?q+Pj8RC%C9b1BKV0uUnD*Pm4>uis>I{&fJM1 zI|Uiv)2pfNoCdg`=w270-G}JC{Z&3(5v&zC^%oyMAY|y|yIJ*t8?MGcuSDi|cB#^f z0eb*l&zny=r6gwr@cj&-!U1PoZgO!Rjha%hVTYbiJ@8(@35#+>@Py)W`?y^(R&&oH z(-4(Y&#Tgvd_%MMC3CiDyM6z3vrzGvXz76GA^VO4IvEg5J;N`UCMS2MAy-6!Q! z4h3KzZ3tfo8!+o~4pfOZ-k;!jr7H=lV+#x$cM>1zx)&42Y40ZjFufuVBbB!JhiL_( znrYt`T5TUKQ*Amy5I;MvGM_4IwVE_P-C(F~)gc?#9sev#X03$md2dl)J5}g+15lNY zusP@RNME*&{Y1VqxELtVvIb18@E8DF+!2b(XuEuz|Jp<|ZW_$jhc5*o%Dlp7Y~c7( z3gJYyKYZ)(Zu9Pm_`M_d!)-IJvIQU1i4$D)V9<6y{oTWzzCCqnPACtn*|1kMK2cC^}RII9~)y@h-LjuQ@$ zRs%H<-`umBTo}e0Ovm@RJU+yMWkhlD!AGs!hD`Q>yLUg*pL zd|FcP*5nUlRrtfo@Mohu>lfiU^5RuSYI2|R|FTg2ZyeiLb>|RAk-#C%8avRmj{NV$zl#BeT2bdQZW5`=wQ{YBVf|>6qdmyi{88#rY9q z?Vd1S#2MyH)G(_dV21pM46o4QI<}wX1@*0C?|8R#SpMDD7u?Mb_$V0FZsRqyB(&-# zUHpuHldD(b<7nlEGLE1iYeKWMmT2>Fvl`zRrc=LGyQhPPxknR^Lrj_7`HvUghtOTN zD7{S*pR2`anh6?c+>18vtHXprYl6No0CZ2nOva>VZD6bQua1XW(A6EmO7NC00CX$V zSIa!rSJ~tFNZ*^gS`>W1Vj11*>}@+)XJ8xew;xe4vh&@JRfhzgZQQ?R%FPT}OwN+C zME9q;WOsJ02z!Poi?Q)iTSEVCq&w?QP-_l~M2(8tT(eU2tlS|+@O`UQZ`7qYA?T~6 zziPD9(SnH@a*TT;)V|V*M2kev%KyxyZLAs3l71h2BjGd^*V^qwdz?N9cV~5x zB>Zk`O<~dDOq1be$8-_$$ZQ>qoiWWStsSi0@x9Z9_}f{^{{({}T}tyt%sL>;NF+%Sp~0DYVT zv1gW;Jz!<8)*jXC#o_7o)Gr|e1uJs?9cKtl-Jf0~+!5^`7N^b;?#k5kMt~96xMIp| zOXhy5(#pN*AzRsw!@~iGvb<#qY{-yOD9y^K!vl2Gfr@{J4Tb-+kzp3%teEqQ3&MK? zg!}o{4@4}UWiRyY40d{d`KaN-!=)Tqno$mGZZ_*xPqJj;nC~y`ej11FK%=5N+hcPQ z{T)-f9_@*o5Lp95s}TeOYBGkTYaZ>DM5`!=>L&&@NI*Ul3ZMFmjamiGigMKe_`EHe zmzOO~fn_GO;f=g#|KaqiZjyV*4os`G475@|jI*(ymvy+^YkpS(a|o`p)XB*OHn2jB zM^tODLmOWA$y_vxV*Cg=4W<Y8z?Oubqo_vcso` zYt`UH@l?&WX&=q+#s^$?FK{*PBxhdq>F=E(Rb_LY_xhn<&hE6Y?5vwz!uV}FWr%(_04vHpCMNipecduUcP@n}Ca$EW;R|+Vdbf@aSA{t%gm4Jl^w9lrdr zU?e1devHG3u&p>3H7@k28lV8hv2SISb?f2t&OlaTcQFZW=Ibr2_VX2<_RHOm{9b90 zyc@*4+d|hyr2MZaaZ_GLAm#pP67Sxge9I$7Oixl0B~R5$HhZ5Ndv~ukR6V{(sRC)f zq=!xZUBB|e-R90=LQov>%}Ll*)UD$YcBtt2>A8TGIMGCAyMH^{{(bj9JIx}MM2t~NT1}$Z;lS&{RP?R>4-~fcx{}5S($R! zucRj2wA{Pe4AaYLnw+r8#`-mk%Fux_-^LkmCn(mpwI<2w0!QEO8hD^ev{KJ`yLML) zw-pHy@kAL$tngAP8b*Z%N4xF?-vCL>25f;O7GqPLOd0Bb8*p=_~8uePNC! z`N-8VXuc&FZ-XxN9~?sOEg1~nlM?7 z&B(xz5#Shcesgsxe0@Ju?tzh+AHw$b#6feih-oYnrR9wQ)rC~bZ;RzNG@VWKNU}Jq zrbb#!%&7F9)V}S@m!I20e^1eC6j;`wnHS|x4h%xOa8ptRDJ+K=_OQ`|BTC%z(!m2< zFB7wlhhvN1J%`Tager(YH1U>GZYi<}s$n=_i1mdi0vP_RdKH4+_#OVwnWB&bN2h0`A6)m>scT za#I4*^XlCfanw_f@q5IDjytq0bhRWdzh0(wm0qUjTF@Gbo#fsS>M>=Fep#W?mzoX; z?PflQ4t@POGcZA!hlP@N?osQ+FeJMuD}q~Yr;Xy@-7rsdz!bXYy#WKUL( zt$bcIn#FQ*Ie1OI9Mm|>i#KV)55FA5zq2cCp5kkfS_Sx5r|r-Jt*3?@?^t~*tR+Am zAH$Huq$xQ!rB_Xu8n|U1@9{z3#VdkLWE_r-~ z0o+{kgs8G`WL9=n%`W6dEu_cXQPh1AYhOhPYLxy?0RYt*kne6yhq-(hKu6}s5!Tlc zI7%xj{LL|?L`JLWaKr0V4J-HwKDFG1&b)%<{x?MIFHsWnybRU$HjM6JmmgPAD!{9y zv9T2KwPgQv`%+}u4e5xMMgWS#pSnNMmWo5pL+|}-W5IwQqL1*u@C>}h={Cakv3masTH=R9ae>;cz(T3*F3hmpaG6G!r> zYG!8vabs^HHOK0XGN=(1kJQtqWU_A*nA!aTs{N!U@vza$DJ>OAh`|ufcA@uj=lh{y z979=^7YCO;33$-d(XZH^1_WebAsk7DM1_F*jpnG-E)ai1w*tHr8=FPPHP6kqnJYy|F$0bfd@L?JGGSmNVL?;c+!O}Zlom~#W$msA zUu!CZW!C;}QPbL*iYTd*KLF_kP>v;K62E=jj^oV08<#dfq^3X2j>};}?A^iHzbX*p z1j|{EaYQu&$YP`owj|A{7{gBFMDK0q-FP$|)lHx|3CpSas^RQrLSGQL+7jJ+HbkLJ z9g*VMn*6=-#JacpG)WJqJc@}mNELeeH-Q)GT&hZcZyQUnq3BRuxQw>1FjD0PCdR$& zmMn8qF7&KIIlC1&+B|nvb|aT4FF8)e;iAu5hJO=kh*`n`Sz zz}{g^FD^(rYZa{l%SW4c}^YeSQTa>Wmi(o)<-;pP0%dqugw`vhy?G z2?1-9G!~l}hnz%ttjyvZoMVjVD$f9lGch3E3OGiZjQaiknhY-oQGjahvIm+*b-5S? z{S*NP&bN|1m1jtIM6k71L$P1!Cnw8mQ9;WP?~Hb|FT~zehwO&!n`!6Z`Cs@R5^faC z^Dn6rZkoL6{y(VuEPw=l^{ERxxTkkl7i8%<8cFb=Te8bWx^(zB!vInHTOP_#HPl?P^438j*FSBhX96S5YCgp4 zIHJ$0@=`4X@$X%SkoFR(Q3MTz1wBlKgbk^rJMEFJ3qRv+UG82hOwzfG8@qTld)*m> z8vj`ii`_S$*Q<6cN9ipX{)$5*>}*0)<57GkcSFxu!S^*psw-yLhs!7&H-ni(S_!hK z0rV@yDdn|8fDsL!vM8;LR|tsCdZ!sl+?2Fce@LtS8sb=0Pz!D}x%FRaGMt$b9a+Ni zFjQb~d!d=$SPxR(Avf~}m8tqEU1*t%fqS7!Ff&&~$3*cq{Azy17wnL&Xc|z3ov?z0 z``J?sr^PSL=a2i1)FhXTWP3FP?rSIxWxeTw-dXSF6OuSIEg^p4tjH$n@L#U}V~J(0=nqPv3M)&?h@<~FPAF`J;?rBI;YD5R&0H3ZHpg8#|~`Isl-I3 zWV3LLB7#(p{>~~ZhDbS@J(p`ZPBOio@OV@xw*2$?$Z6+_ssu_prdkjX0LgZ$f?YB-2H9t-{U~4rR zHs(Z&F7-! zr9%IB^m(KLL|C*q6RXeqU&1sH)8B{JcP~#R(8X`t@MavG4 z4T#{`tYvQ7s^Ua;hd%3jn7yO?Z5!6Y@O2C6ff2}XdT5PXo%~?w%dvH8|C(abVL>FC z9;sz<4*{d)FTFc7mNl7)z!vg7gu*{2`5apFpEJ>qB~EwQzG6fUEDAA_RZxAmxj)kp zr8ZYwU?2AgslbGy++YWFCNVbCN%T6QPi`(wclRE2OvG@h6|uFk4Ezl}ncj!b?GuH_ zd+a4d4x^BSCBskSLwy}>00+Cp_8}+|`Ox;1U@W$dyt8~r@ROl&aj0YKdBxM6U-&Zv zZ$J`du*0;&KWm>i-?%_TmLJSo6zvz}W!5~O+u96eh)KVDpIet)SQS~(dZHWC_2(uW zFE1Y>s|r+A>!(iVH~y`gu!fJ)f)dW#6U$c%|F@QcZ`&y5^-Z-In$u%yt{a(RVN+{+ z!oh)UTPkxNU_u%e$vzOth5NuLnciR!wNE`MSWG^j}=Av41v^%PhNh>tjMp5bPmbQEEv@Efm(z}p$7pp-st(+lo{#M zw7;y{@~j9jBUL0DcIVu0(N(5QUQhAoE@tQ=%;x9^utrpt%)ch#O=;9aPFafIgA8I^ z&em9JiX=yHVgeA?4Jr(X&i3Z;+$y%WBqzLeDaP>v`_|{Df(1uXu5My1Zr$W0@jAkDGdkuAX-eGm?@d3aD5@CHPN#Se6{tD}ij|GSS}lL+chsDG*QLijDj=~i00u@gGMnkxHp_1q$K~gV9&9?_XYTe ziR0Nq3BGUE99p1387EK{2fDq@4>l^V)7d`tjSfA_0 z4k~Uv5%ZxM?D|Jc4!e(TOWeTSI;`75lZNp*O$|^B2B+=59w?HysiI1>g%)20f!hBl z@!cmEBAaEnIH^wJ6Z|I2YIRCJ&209dF)Fty!4@`!;bu zeIh{7_74`zp0&Itp>jUkFt&8Cx0(uqYQ1_(NDe0m$a&oLkP%3{2aS*l$Fy!C+=_&ekn! z$NJmv-L7pDK?_}UH~2cF=Y(fbhf|x*Y>y=*MP7(Vk6MOV@O4C!al%cvJep`u2tq^s zQG>=@PF>T7xaE?Yd^jon`RYF@ssBy1{1;?{<*O;Ah^32*i!AA&EM-s^Q8qi46zPTQ zjX>MeE1=5x>B-x9Cs~68`IHP~Y|eu8s>_G8rzFJAFlf%x-dgl0I2KkNg<)Tt zB5x?e$_9Mj;2X1N3XtzWg7InLT+!1H=d&o=qogVq70D0IZC@z~GnW$vl}4~=lK7&C z;bI(^boMw-Y5YzMHF1lR%#) zv+FWbGsH0kiq*^Bxs1|m^E<)bR-LkZ$)!^X{rWF)zG2fcdngK7YQzJUw}Br@zfO^9$i_`j;oDDXjl<*U%1SdLB%<=l38WUf&wvX@Vnd%!q--F=V=krcOE9ZSuk&vx2t0K4%Hl zTuX9yXJrCG@6z1T1zMC)^D@!L;s_uyMU|p_8vthqQdmOD)z#;O)ND!`Me_0`k4N^} z%*0o}Das}kbopzHo%W}8z6`LO_IvaE{S&`SyQCb)BY1ftoce9=K$1%;H+=jM>U6|R<9r1bKJ22wcp&=v>_bMP%a$?exoI7BW&qRfeL7Qy8KQBjBU zhZ=WeV?kbrV#ia*BnL|cXvJE`&t9Rg4Duys$qmg%y^@*D$dkbS?ik)5ld>4Z)Q`^w zy8Iwa&)0&=C1RY>UEK5q(E%C6MuVxC3A#y^R&HVxkgp;Vcd#J=pUi``a5Io5Z)C4r(ebzF~P*{$r0~qy{l~uGx{h zPt#sm`z6uqQMX}}qZZ_koY%o6FaT1X&KX4gz3nO`F6RN=;8X-|`<+OGN1R?SINPQp-&en`?9@Q$IA9o8$2Y6U2V|~g`laFMb zeEU9j5ZF$tLtQ#0>=Ysy8d_shH1AZ~JdNoUp(&j#>|c&?$tZ1gb&Gx)*6%(ywb^?& zf!y$1U`=gzVs^GgyzyZY_$UWH>)_P|?lIK@;&y)5c^(xa0N;KgO|>7T%UT@AJ)dmn zHwNLxGl+9&h2n&;wSSZhONYiCI7EtdOfQA23t^UE`u{c>)NO0j{xmsRv|WCE-Rp+D zb*pB-S-J1gIs8Js=_!ROkznH_VLJXp@e3aSQkD}j7pRBPdE(Vs{pZOe}9kYOLlAozc>e%svkkZ?p zJw`iJU*G1L48n+yqiffO1%@0ck&U?SbK8CmG4`;U% zx~kVC1^1pAObeo@;}_-6<@8LK!e0fpu4I%*NOvYvuGbFJpy4jkcWdGHAfNseu{5LJ z`1j-=ppD;qYpv6D{FjxPc4{Y95ToZG{Xzfzh~D$vK$>`@Q$!91ttIQ;mQ6z~K{1GL^<`|- zk@(R;f`XIkR)o#f1AT7|RlrfdBu?hpBsLefO&?=>T5Gh*vKm*hT&c^=g!?6@HSt`S{&DtRo-^v-QV<~Z*wtOgGuYt5e407a&H1q;Td0>7b8GC0 zpR>bsTlBK5l-c)JlJ>2`k}iHV?1{9j8tio^8-Rn4PB64xOHgoQV$2yr-YR@f9Z&O> zac_4@cu7^PAD&5VN+2sAow|RJGwE;hv@q9pcKfr}&)PVM36^CK5I{bj>JN-FPqmp? zl{ZCPxnj5_^WHclYdN zXW1D=;a~iG1q`|FgmGadOLXN1o7;zgs06c($lG-*R?nyL!v0&$!uyu#i6`g;JOqxz zLNa&>Byu~j6bR#@<9&BTP!L##O9fY5RuROjI=Y319FB~iPhP*2$}pdmr@T-VsTzph ztuD;4iXzXro9|#R0vO3Qzm8M5uavHgS@}V_ePv}L9Gi`K zuIyChXeZjlB*HY&Ra-dquZNBC2bZU0ons-ya^d9eeIg&8Ax-ALOPTAQ4hsY6xXp)W zkR84=GD^EtQ3;UW8K5+kuYPV8WKQu=#cM*98x)oc$GW~3p2LWa-qWBtID7aaPgc&u z*^Y$bW0g0mcRSD&e|A`eTlbw`xCU-8%U@nmwV7ya^}AK5HuIuVwnG*k=IyE+&8*<% zML;|nhZI?^skFSM>5NFNP`Haz7^T~@HO-2@uGCFZ5r?dB#b2}MhskVO(qBDdC>#IK zd&HLk@eAl~I@W!E^}V#G$73LAt!I}OOdIAQ27WpiWc1KfdNc2HjadWYcfs@HhgYn_ zmRs4*LKaO(#E)J4mQhuvkE@0K^RJ)bk|&@s;^XXj9< zja3xLHos$)Es3MZ+dVrA7baA9Rl}N7k;Lk2ut?ll4|GzT0Ri)Z0!JK8J`LWNQSfBG zu1f_DL$=R>X-IyJ25`@jrBT zcVpm0^d>!;jd1Hr;bImU`Bo-?9mlrtEeQ$;H~;>(@WK{38R7ZG1tXUqv@m`j)YQpJ zi>&;nD3F0HE=36feg0d9IO;BCsbxXbLHogxRr&3bum2qrfRFq7R%;1w>)WHPl~=oG zlDIeKO>+XCgVh96f(S65Fe8$-2giqH{>mFv3sFsJS?KU5T2#%RO{zy`9mYp!h@9AHR(6S|6icsyPjnZ z5yeW6oNraLou_N*RB2R*CME^2Q%H20>)&h+@hht8(?4?pRbbHXCi2S3XLegg*%LJV zB}DY~f8Y;cOVb`y?Akj~d~eo$e#Vv6HWxIGf*|hktagg{V1ES81-UOm6EElprDC?o zscafJwbAY!bW-Bze0*dK7}N7b^6_B%y6}blC9+?${hmT4zwxKVsD;5$`45*R!i~+J zymBNpj{ZINv%$}!KXGhDTgTg>BDO;KCT0SNmgL1bA7~9N{s+OTZ0+1yD0oLay7Y^p z&w`aolg+f8?&0h%`ClUT^8DM`?tHSFtU35YaIA`yXU%@Cn#l$B2p#GZUs)>+o1I{-E1`bL}t_I+Fod3HtS>l#b`6uAk~- z=J+_p$scJoV-5t6<;6|3)%`-nep6#lTnHBKwKo=p8D{(?*3jl9`T zfo3iQ0}sL-j!{ru40Vd3P}zsApMW17HZ}(>CLirq_(`xUTW>~SzF%UTspt5d3YN1; z)tC&IGf%=xsP$=hs1amfO0ZQjO@=kkiKCLG-8;+@_Z33$q%XVNZ+-w|Jl~v`cqXb( zPrZ8=yw%+^A4M8+BGX1h3y7zjR=dz+Xd;7H$W@Jn}tLy7Y> zKmIIWZf7)HIpc*#vQ6WA zUM*J}*#*)?-RZ^Je`StbHmYw{K}e zWi6Xaixw(5c|4EFo-~ZWZa}Lg*gn5}h-}{J4yo@3)Df}CQxDrnDyztO{5bD= z;UBD(dexPidesL_p$>Dv%(2@hJkPkDsGa(Vq!<38gOc_El&EZSrE7GyrnSLaG2b0B?(z z71mnMsnxm2r666%`to!mE~?zWJS|E2s=Jm@tqah5m~|;^u4!YmB8It$Yj160hcIj~ zEQ@Tpy=h7Yx^=}IMHSn!va(hUu?cu38Yc47FAzuTYGs%k1_n}f!!pFV^{iH@uI*0? zB-^kAt)Muo86h?Kn@Y57UjscG0LWww&Vx%DqFx>@b^$)j$-0k3#-iWJ4Y*x%2QOsZ zg!x|wz5g=;Her7s>UcZ1{wS-d`EfWiBDXGbOjaySfaY=!nhOGZW83la$O^z?;Mo5fV9Dh=+Wy}ZDxwrKnv&}`SQG^ z>471B9(kl9Mr2tcI?#-uX_{XbvGa08`z-5B4a~2PV|C)DtH~b1@uVcsC=1Y#L1(-f zy*3?~kBZsV(#tXX%UMad_BQX>6fw}I7Vd7!zR>SVqHYZ^2h&*QEB2-mn= zhWKRsRFqATwl~uN@mZ*C`^g^i*2O38423Yxg>6T0%d+E~SD9!bZzG8!?MefRKR>$_O=1jQX-rv0MHxC(hsEZ4`HC zUkj91dXx^qKns$pz&nAX>4N>Qs;CmXmnwokvr{tf{hoiV!4Sb;{`s|beUvg?6MQe~ zU$`DugG|-%6=0F&HrjX*Ja|FmYN`6eH(s~GrciO>a{~lC$q_<(vqHo#EqZW_uE9>O zk9&3%!)U+r>2T`$not8<;9Bi+z2v$bHP66`B}3tHh?slltYco>mHmotuI!%b z$T%j1$d!Uw;U?2J0HsfN{E&svTTRvt>^>owqtF@1?j3$2o#Y=j4N3vS|1WOl;Hx_o z2R$Xei);}vVL&0>X{SL~1fijl5R{(DGnYOumR*Bjtz9H)1;315>-ni;t%_rCQN)Na zzgeBL*Ca*qQkJK0;hylBSvkdMl~`RC=D_tKza8b67zT`lvg$SwPNmmKHI-yP-iRtH z!YU))n=?fipEIg7B_FNy+3ii&`;mi1OpEJ-b&kKgH~&C#Lb^hH7~FXhv&b@UEF*R$ zWAEMU$0;D7vix}@cyVl?NtMssxR`ei?E1oy&B@%cv}XxJC-RN6rKx9fbLK#laAOst zB?FB1=|%l65XiA6a=W7}fy=^3Z;%x37d*pSS0}i=1MTe01{q=pWdOW$)9It|M|Dq` zq#>?$Rr-~q1udKD1_i^{?jJR)L8ym0ZnZ$Gq@5EGcfy8YStSetr-YJ^;x zIC~Uij>mgVwfg`oEryYvcG`rILA}5Pwud4NxukekXfJk`g)>ts8=(cQ_ zAJB%?SkIXvBws_#=$ly_MI<6(=A*N?KZs|J%&!xm5DmHMU8b}wxLXxembU}XthAd) zu)T`w;D&;2Up4bx&pTQ!K^C6X{eQ>9P|gJo7vo5H7+^x~keFJMx%__`muQ_|gtI%Z z?B(Z2Xw_ZQFmfW$BqCJeqrfsN<;1cxkHu6jk}!WmF@V5q2LCoR2SjE4s+rw!jWN>b zj6Zl9v6%t2S}`Bw??x<2@AlHvQyyd0&FkIfWamSH0rX8xQ${q-H2`L4pfz8urz*u+ zFSrG>d^2X{tKzg#NN-R@(m6yjrTuBHlv0L)2J2v}+`1c#Nts5pEfow*h_NYse5;8w zze66^IQ)#`isNC?iO@;*Y?JKNC+>eVMAiPKTrHvIDZB#xpCGLvkqY~iyJDFd#@l}X zkn~Tin1HF_t}EEJ_bszCqV!b*uS9r~=2MgtD~U@0BN&FaNjtnSwsyPfgP-xixKVrm zcb#8QD!g7|Q?Ji}0biXqDJiU%fxb$hK7^&gwQWP7e-ou?`w*wocky`qqU?Wk7LL{+ zE^a}gtU_n{_P~wOVO~g4|EXu;8q(IPK83HTJ@!o|Q-ac|;_d@BNx;!T=l>}TQ{}UP z-KJmCewwWOssA6&-Z8qea9h`{Bo(V-ClwnNbEab3R>iiB85VK@$o4g0;DA>tdenq7TqZ!vhB6Oy><9;!GtWF zmbrc>qbT5+gcg3nf|(Pf=tmis=gNS;k&ItHFX=F`EJqD0aiBWnMkWPg6;MPG zkVeEj5($(t8z$0)WRCazSX!SC3(wWWrb2B>pV=50#>piH_U=^a(}iQ>`$}hHffEde zDd|P`9m7Cyt6gMC;QjP(ii+8 z2a1iF0UKjQ?3C#`UfRd=exaDSxX1}%qB~1fA2;n@-#1wvl31~fjv>P)Hmt69hx?Re z4@tAl|0=Xc7-s2N{yNwo=#^;x{V;6mRM*MLCHMDCtmX&_9gUeh2i-yNz+Ci6fYm>u z!`baLnU0duktum7UEcl!J*#sjASCO0R#Iw6$DoG9G$1+m@Sgq3KATG{dK^9sktz08 zKf%uJG;?b&JA`PMo;?5`+vMFvjEoE6Y-KbyH6tPr`tO#w10)I#AqnX! zSE?qBQWm)TNLd(t6xuG%QXgro0;Jx>HJbL8@VuC5%}OLWgj_WZye< zn%I~mv3?I^XF_PqN*1kian4z$@|QG##EXJ|8}4r6q_F$N+o7wR(h%dsRf}DuXrUm3 zm7W<<$08Ti}nXtJK#x+ZU~Si=QV= z#C8q=W7puXEh1~{iYy!i8FeRAb*~mz)W!=rSlr_`P5096e*JYkA`_Ecatxl_yu3;w z!5+H~d9RHE*v7dkYb-P2>nbb)rLUm;g>Myp`r~10hO3_ohtp{b^+AtHB)K5anV7rH zSkhri5uMeVE~lpZsC;aodiJ?VSyEx~_U^$T?^g5+SKH!iNp?Q&TKoPor}Gb@L8^FX zrs?-DtYBa;2v@n|6fSk#icz~W2wusG(R<+x;zK#)<`vK-Uxt%G0yJ&~L!NK5p?MKRV=$V^tiDO^PWx{9urOKkY7sPK@TG@u-sxi5GH=lnv1+Pxr~>8Y)C| z40Kdlg7)RT8kcD@k{VNa{kA7PVPjBI(!o`Y(y%fEpu)SoHn%yX($Z0#M=VHSLuW^_ z!@5lXDHB&L2=0e*ah0HH93+s6M&+ku*>w>NkU(4sX*{!&QgjEiV)Otu>qJ!odiOIZzYGa*rIuD9_?`0D`@8kSt8hwSEDOmpf~PKN_H z-BmTenJgd2ar0?1iWPie$Icw!!mpZ5i&BE~y^ApM8srGznNSe2HQ>lXP{M}d;j%q6 zFl7`}Dac1G-o7{p$FOYQw)q=S%?$r1lN{)(N{b+9zxuL;vK_Id?=k3vT6bdq@=mt$ z)$k|V`D7YAuyJa*nEcx94DZyQHp;g||0g$&AZRrxhhNgq_k_8**r03X0eu4jz5e-d zdz#5Xm$=zmHaIWlwGk=p^ww6_f=%v#<72+?yX6K9XBCm5f_2(+MZ`9IF`hQy>y$)i zEy#q2C5d%vwsmdC&Lig9KBTo8@m|Ax$#suzMp*%5I3CbuQn%~N;1qt@{cklA|LChR zt!#tltd{$6Mg`BO)$~FlQbuA`rU7@|UN7Hu-odwvlzMZ@F#FBb>`LQjlr(+3(sxwj zeO}zwbpuEH6Gv*)pi=AcDa?spR(Yl^0JsWT5=65MMcbK;a@(~tNXp?c378cf<^Ct1 z54l#4QG+@4nW0~!Sj#1>(=0z`a_i+;SIJNb)({?9t9y3Ls%Pmg-t|KBO(*K^FM6v z=t&uR{7>7u`P>c8V&MBME(-FAvI;n|+QrOb6guY=nL-S!Tk5`UB{D}PxO=fHvYRQu zHtb$}2K4&8b}{Axx`ADNYIwHcT-QiCANN97nm<0ZzFM)sWB2B13O?UpDfp_G$07Rlk}^9BIO8QlmCQgxHX3vn^B=9<_F# z;)=)I#5#Q-_wBsYRX%iMYKBL{#mrC0VjdI=u#sT33W+@f3T9)Cjo3u8 z<5&*Aa4A4#MzALPlzK|v_9$XzyH9hN=;mk24ZL1v_Pf1~D_#C>q&Rac{n44YmxVomPm?X65t*nk-@_xca6LQ92ZHRZLs)mygCLz6-(yfVH%xerAy1dx27a=tx<{_$R=|D(QzgyYB zi_9-ee5a(8BPvKDTsYmi0oUeEmqZB*=3M`Y10PZzRD8Z-WhP=_fG2Vhrw>+>Mf(*pWwCwiP4#s>zXFie@-NQMF>Vf=Ej2N5}s+R%JPrG9qpFa3Jcc^=jA|{f}#u$rPww44m7oF zodUwm0G(zIjh50C1IMb5Ma!wtphUr676<)hy;dw;V@!I~0qJqN6BaWioN zkN-NL{h>ZCJR_(x0Tp>qNlyiakI~#1OHhXmAtrd)@G6i1%0N!(b=zbO4F{5Fij*zz z3dlg&Ny59;*{70^N@S7ha7W3Rcsu668Y1;WRDNGe*#v6#+8<*W65Iw9s47 z5R8IyGVoFF9p-XMGu{wMEbEnm{gG8!GlBxXYz$*#GQ>`T9L+x>#Mm#UBvVS|$52}H#@Z7!=FYkfQ)X}fIc zkH70`jo4v6G$@!v!g#t=w6Fy)a#9Sef7f@}B%}y%(^m#ljnpLDbR{#QG{B45jx^Th|rI-Bg3=7KDbfR@JLx7N@O>#*S4gd!$$bHy{C}Fv+R>9uPu}kFh*{PCgZZ6LJRJ$R(wSDFpvO4eloC?I{g7Yf}H30!UZKy*u z>mKt8LHiS~wr6T%BbpO|#ubQ;5lqmml8B@;rCH~aco}V_kP=S?3LM7S@IvV0$-@ZL zUS?+y1aNXYCS_%73oGO&<%+NhdvfpED%}5(laGB*P+nCvmH7MjKfUN^pAln6sY+MU z08?o%Q?s)`-SDb3^RFq9Age7MT`q6bv&-`zJOd^k$hXgXAelxnS+F)-sNmz2CZ`3&f=rc&4)e9`Kc-Bke0}Z^mBW-mH&$6oK_ohWR#^%B7Ykry|JfTEbt` zUm3_XXw2Uf(YPYb#}Z9eZUS$0iJkdu_;UGsK5&O3)}~$RTx#@^??113l)%7Vlzt^Wnk`DUo{r zRbctSn8<#!JQ{#cz0d%IFP zT0}Qpiy&cO%ZiXBT}J8RnB}2-`DzX3=li*toBa6V<|l|)tycnOY(iwgIvA!yG!8*L zTm9oG@Ua!3F{Vn?VlKTa>p5eTsx9jfC&*A>W-3*W=^}f?s$+)k-bbHy1Pq$Ma`d`$ z?wNqiEPVdCLUC5DD2gQHkRPEunvkTOtjHe}P4g?iD476dhIn;Z>^Kd`!HwWpRp|ah zJ=pt%!fMV9zmIdzp0(>!0#7U5>3>HzjXey6PT;IqpjG2%KQGY^7#N&}EZSgHU^&dF zRTnxd?cF|Ea-{i7=;J0#jeQem&Oc!#^D&ZWbPf0j_4zT04isvzI z1Pi}Em5g*DKX}Vy^|fy4<24`$UOJH!yw^YY*qswLDC~|$Y(J`8XOUe@%~D%|2Dqar zBN*a?_Z|DV1eMB<_#`7$mUQ#nTnXcYH7H9i4d4GXWY$edNIBK+Gl@rdP;XEVtBwrY z=(1gs!OsxgdI%KQ?e)n1UW_2Tef>0R$J?XcDCqO7*FZHKXYX{K<^vroN|=8ha~N?- zo6=l!{k!V!Kj8NsFyeFs8^i9-i;j#P$^YnOG7*EJ&3E*N_O>D#A5QFg^7900w-~k< z8_6UiU7plF?fVi8ilvkaXf*uaLZjD$z7}G1IiWdh6aP<4M}BvKQ+6R;LNa{6ApE!U z0{>;q`9Dq~<^Ext`VWJh{}yfVUpNQIjZ}oR4 z){h_hqQyZb+|s?e0VCv1z)&!kla#fgG8H^wt~*)u ze~IAsYKE!meH|s2BSicktjbm)aToQtEv~}t&;JQATaN+!?CQf|I6>^+E1>^(*=CbD zOl+@~!z@BF^#24!t`Dw92rh)Oad!7{6PhU2^M81r_Qu) z7+opRT{62@E_U`Ioqs5M-q*HH4WYH*EIQ4hJ`0qz2*3Snf!EBwO2-Q9XNRQx!6FHC zn&MFxAaAV}HOOUVqM*vYpCYE}f)F6IFvHNsKNyH7dHmtn`U4pYroo~%1 ze5$PwClUlb?{hKS+H2`yqro!8X`{O1+wIa0mR%cY{B8#fYXpaod@HekGJ;Y*Jc$4m zry|~)_y8+H8{>HS3ugz^zOSC3;T;UZ3CUt$meG-wh_wi0xWlMjOEH1>TemkMSyv;- zInxhzP5rC11=d&Sr|(%aAz~g&@`pTez5vKDoTQvMfJeWb3H1B+;zOKp~)jA*4Z=-zq>laU(@O)D~S_Xb{fsljC_P&Q)-NsIzM?q z&3vRCRf>r8)cnM<%!LcY>y6Oc`JQFbHu*3Xgrj0hVFe$YncFhT^FWD$po9&Gob4R- zGjpku*@CKE9_%PSvs1IKq*-e5zpUBSo^J|cGDLG%NK-~q0UUQOG*rI~|NLT%)Uh_B z`75Alf-+;-0;(HJKg&9GOhMyu$kD}I`4<54@n!phlZTyW%8_wBzXk`V-V=x3b^AmD z^7AoCQ!Z}Z*%I2J7JN{i7U0x4mqXh=2+XL8T$>+RVkJJ=HZrhRIT8Tqct-D4Kjb4t z+rGrh;*SU#suGOw7x|CnBj=*~DISN0ih%u6)6Q{i2#I2nqe#QDhN^2!B4#N<#bQoV z;75MvSZ*dIVgACC?D=~$PlA@twA|gM!4+FRLoFh4&S3^v)@m=jNx;fYx0&px9))jV zL?3=DRrRS(Z9#X?0V}Ca%~$>EPxW<*KX-0j#;lmG|JCz${1E5RK-){|-}3GK1;7_M z+t&Ys3T7(`mX%P5dtNZ=c>PG^6Tl&hLF(*}7PZ-q*eLAL69J&XH2!69*-eLj|6mkw z*#~dPN)gPqSE(DShw5*AO{|V{45pU}HzCw+d1)prqCm_X?{L+9jjm01E^Nu+*^U)- z)r9uXR52Om2kStU=rU!N3BuUHgI?On4Xk2V!ISc`D#4QB{8)6op4mY6;*O@2m@9zd zvN*%f%yw1j?d`>R*w|b1XM z1}eyH&wjp;ek8)9BXDg2L1eo<1V*e^1#fkNv#%VUyLB)6@ze$t_CjZHdgYpNe)A|B zp?1~&CdH!_=l4Uh65Y!QDfXPz*r`!_+8KoqdYrY|@594Sd+$#YZC{Ov+9Dbs^aj%V z`f8}D;MOFH#F#49A8ir3SM&*-8hUCe7Y<$OK(>lJ^bnM2vsVklG;>bzq*h}y)-}^z z9AofOYGV4&JDlYYwZPUSgt}l5>r}_grlPwgU}t}nk;p(`=y4TqpP zFOi!I+5Cjwmv5a5M5Cyf>G#Cpcir}pfQ+Xzl4w0*;3>kLfl2Mw$udQJuF@B-&C52( z&&K&cC!ze|zhVN4Bp+{ggG*wcY|FX`Xnlnco?kCEqHWi4fk2YXqt1ScIq_F;c@^PfvD)6Zs2c z&4EjMsKJ@7i#sWD!o7inw5-n-cp2&R73V_|w1Xu|sZH{UF{6;yOiqupsu&n+-n~~K z+;=yh&%)Ia?Ld+e*7d1r%r@EhrU9CvB4@X1Co1EIJt?Z0S6TxqI>n#CS$=N7c@)Ad zI@q6oF9Tu<@jK($e4d!3p{2EFs6b$gf?6`qKxuJ;Ol|^O@V+xh27Jsl#*)^1pG^z! zmkG>-f&Wr%P|zOku~9*vcD`|9e#o5YOI_ohdrTJv$kX>_r5`C}2%bXzJ#XB8)C(J= z2;Z7c^O%~S6WD|drt@I>Uh5wL?cIiWKM1!Yf=7tUL+K>a=GF|RfUv)PnNvMtz9A=uVhG)h})glWxQ48Nf-zPEu6{_iIn zR&$-LO+Js1w|bi)BH>EAy)sd`HF~Uc9&(RFsokC5XS~eQ_$*!(Paka7k$_yGAI{e= zU-WAvgawqPpmDXJ7iFldavpDccEr_!uxnzK7l6q&3CkFK#tE(6jGUO8-ZZE$9oiYW z2pp6NY4XWz!VpvZ>^7;0D1l+Zb zv5UNZ6T~sg`iV^lE&{Z6p9H7Ze;Y-NN=Uz3b7V*5>Zh+B5sJblK4|ta+z1uRut<;J ziO0_+PyO(IZFEbZMn}HoYl8^6YnEj zIU;d2!PZ-oLgZPzVK!5ZY3&F(@vfMx@PLgu5oVzR0DNZK%txZ@%M0BGFwvlL_Tk3+@{HZVxn{h~7(uOBvbQ?E{FBKGO8 zKOJl9wV;|Yj9IVl2WCV(%CAqm3&u3(8t-!_^Zoe7S4B<@QOu>ZFs=5EE>46^k+=rZ zk2cYS-V@EK(tB6fo>DjwwW&x0hnGSYUTE+E+CiEpFk)_cf4@C@{JT^lEv>HzbbW7b zcYB^kzM5T}P(q(w+68~7Lpzkzlo#r!J-lL}937SJLIeX-c)ET}F$`-5AGo3Ayz3Tt z+m-`fna200-zl(yreW*Tp$s&6mOLPPo4J61Ew;SuV3dEEw{^(~b@6;1Z7A=uy}Sb! zCC@Jfv;sk=5C*NUC+uSJ^vh{_qXD{(YtZe{XErPNE?b!xr!#X9;qwP<;>%tyo!-K+xSsejWR{=bGl_@j?1kJ zr=dNcfFavCgB<$x6L1gK&3)TUA2%~TZ!ekf2hJ?5e`YjVX9fT*MV7xwO98Y(I*yO| zDD|Ws!gyog$&5X&SgqOTcf@VZmDok69%I$@q){`!p&26v)QG}_>PiufB_y7%qDY@Q zQ=+$mg~FPYS-xmtu{kkJkYQQ&EwLKfiqhh8hZqTqtd+1l@Ydk)q&$BY-T*f;CK=v= zc-tOVdO8)O=FC_L)y(ASp^|BA9hC@eo-SK$+Ibj2LJ^&F@(KUeWxx|*Z z)#JbWbb1SY^#(MpVr<5re_w!sb%kzb*d{#&fp`(c95oMZMwS(3j{8sbOOVgWpWW^Y zMyuw4!}uE{a31PJ3r*Dev++g?z(d`&7}HIRmsqivpB^N4-8zVkcH?89Ju?qcqvI=& ztyYAVlVaUoVzv%3P=d{`(ww_Z1?fTkc5A)Ku^M`fCv94L6(%tG0EVlr7C;Gnw0gn&hqJY=?A zc>1&H9r@{f{<|63mH_1TmVh^9QWKKb4yUW>xn%LarR@!A?0jAfBC@)1sOE(+6R?iR z*jdnYb+j?a_fR=Hx;XY8Xf+rlltS?7FyGCHX8QYM=KCgEXZ?ZaDx0I5Ph~XvH?~$? z0mMuty{#;aD2J7M+sgJ>^AY%$M-E>22uW9(Xtk=qVo~k<=;}M}!ObgBOzYy%N{u@p(g`$4^p4dwzwF@dH+ zZJULqHB5}H!`L43pMCm+tYpXA`?XQsHs~w&Pc9G?L%h+(ct4=RwX#3j3|d^$!TvxT zE_xx9wHwpA7}*l7+`x(se;)d>;N$91Rc0O98zwh}alm!)bjwO53e7g7hv(0)Z8r(p z(lnl9zQW!%(T7p%?Y&C~UrIzP+*^gYHUGEd;oG$IA$MF{H2+l>QKKX+EL48p5KFZnPfz?ylR4s|1wW|p8ygFAF%1K>jKH@o*=Wa# z60E{xRD6285o(aS{u^6TiEL9;5wvpsGZl|FsxLq>VD5%OSs}<(2%hUEy(MLhRN|U(8b98(FADucma3`2V(4o8b)+zL zpNdfw9aKG=q^9{0LByzOjEU>htAzEOP!*M(n|ZKQX* zBZk3Mwc_N*A<@|5^j_FWd>6ODIHk<9HOg1VSnajYksLrBTVr-RL6Iq;QerVD?t$$aQ+bX2^4hI6G;bAl76f_V>R`BE|_ZdyTh&-)e z%5f?M-Po~ETkFGx_MWHj+HWR{m&4>z6)l)J$+t+?Dy@wWMqdEbJ1L-64d1JcN14}r z2BCNxEU9g@@PGtDgA-9w_J{Ok*HQEvSFRW;^kN(pjYK=Bm0A2=>(TWnOI1r~9S+ng zyBST?*5_Mz7!ioHy(LgI^WagD-R-VcJ&P`}z24sVF5y1qF@qBov{zGsr}k1+q;JAu zvJob^F?s?hKbkJLqw@ZuEmmp;t+LY(<~^48XSp#7FYC3-Yae3e56&1f*q!CYloT;; zTN%REShS3x*yl=6(VI%iU{q>P3{u|3HD>`DmR}%=`xXg^cXUxvD=KJ74121~C8!$c z3tIAAt$TYtRpat_Kq6mtimioA%j=_PsT-v$Z_R&+%cVg;uCZ@C+b8}0PBt&*OVSq1J*MM+C!dc*i`31(+ z-L;@_6A|yP_MfQIeM!&R=(q%7)= zLvn>)rF(f9cH2O0@$&RMu#fdiSPo>#Aj8&s4C?hlm|=dR5;}LgDU9<`j`AD^Mm=Z3 zW=J&Q$fZ$H06jrV3HHR^qjw*uWvfUOou8QQ?7;pqm6ghxi;U=WTK)1pDIw4s&YMYN zSzsR}T8o{2pb`ndV!Z(|)~ej?pGGIT^jD@SupkMjakLH?7@qmj?cbEjjS? z4qbaL*46&Lr{%sn^!i9l$Ad;zm!_*fty)Wx5}Mvh*-aYZ0b#Xxy?VAmVR05(NQzdn z=EnSkBd2DTvu4}LO?OYFE-#)v3nBL7{sDLVcK_BwkUL(sMvm2$abNj+v&EE~#odKn zV`D+uC37h2MZ;YdV}kSdqBgMOd2hQr_&(GMblF67FkH3bciyU@4qP=^Op?C=2ZM)f zUwn}MeT_Nkfz|gRJ$+$w5qLIRWPb%dFHlbATNZ)buuc$zO@voG+-em7zTm)kz>26-f=M8Il_K5L|@qQMIkveA|L%F_K%Vf3O4#Q zCOXj5HfF$(pAEmiQ8I!eqq|uHT_Ty)NuHo1JUPpfWW0#589bU0OugBKi;#G*Uz1!! z?hu_c3IOU=DV_6E+V-8T1+AvI5wFO2UE@kmTLfUNQOy|9bJY`dB%NTEt{M#G#S9#L z$U8~75S+ZshibJ4;2&)t;I23HW>(KA^d+K!YkN$Y7IzQ#Nh&WytGOiw+@!6_OT1I( z!ra;<;jQTqZ2u)-p(%h^dlR~v60)r3>cLb68H*J9WE8cWm(;7q%JZvPhxaWc>3&O@ z$P|^9Ntyg-9oVY`X30~a=vMG|Isum`{uahrj2$J=-Pujbj8<7ig&6SkJEJXC#*9gt zu!1+a(JoiA81??y@p#F%8slAc^;qFhCqaw)T`e z-hiCkZap^K-(N?QQA?)?*szOK=Ff<3p2fW;G-N&9(>@j&UXHZ9>s}bQ6efD3Vrer= zIDxPps&jx9EKk9erQs>oDMo7T+&H@;tlhlEl~ha(&@~UNq85#@8zfBpwu+3jKi!&s zZ9(u#U6?Slfz$2((L}$368^xP0Z0ghcSk&+lVq{@mB+hIecv&f9d&~QpV1JdSXzSg zpnca})2rOKwlIyjQR!k=|0B1(88$4DFDIb};EhsIR)j^5es6747uP!-p4&R;lwaCL z=w3j7WPj5KLLG3fN*WvR*^$HR2d78R-E`dwJVBbzg z7#{|QIVGnN_i$YwAfQkeZHt5y+2xz})V))X7+wMT+Zj{GW5nie*5wDG-t)Xqn@cY0 zx}xRpo)mpNZ~bthTQ-{gtwFa3e%~0aKZLw4pPfce-`fdU%9yCHVwF4&QOh?`5H9^a z_IzuwI$y5;Tup(rF|Ct-1}NtqH^9WowQ)kLzNu9Q`r$T57BDQie8QbA6NYy!XgZNy z^xJ-(%el$l?H}`RfB3#qX7MRS=cH!{#Euh{=@4vfnZaX)qo0;BbOpna zS`0k8CJd$nnp9#T+S3%nA7-49?zXM1vKv&Pt;MNac$AdgkVG=yw{4$r?{_PSI)g5~ z6(iOLbP?Q|dZKa{7pA{d4(x6=g^%-@{v#855r36_Kf1gG#*KJ~!t{e}BajUq+!=Cq z#u84h3iadpvsiDebQt{rpIa!-MYN<&6`{&Zq2%r!7JyVM0@-`9lF(OxjngNdXq68s z;#d`5*grL_Uf7r6m^+slFWJ>4by`x|2%K9R8q|39mNyE3Nqc5l$q6v}Slvs^kIpWj6C<76X3kgG;fXXy4RFKa!KYrp}u27A; z_s^yHM4Lt~0BM!~xR(Qj&pTX&iOxKWa*)y8txh-;+f58*aiXMIC;LU^Q1tjT=xSn{ zliDG2Z8xLGN%DS*U^2|KUY6DUa7yc5XHrPT)lueDwUX}Q#*>Wk-GKp&6n7`3w$CBm zV6m4@_J}I5-aA<(9tAGu9-W>9YJBE9s3%OUAiuBnNXS^JS`Ct(nmd+gq20_RT&*IX zDsad`1wX5PC#KC=bvWJvv2ciu;@S3jzw-!o;$8fdpigtKh$D9uwF3b?Pu4eEjDn{cmm_yYi82H?O@fQN3rW_o5+@85PHCI8R> zPO0;{U>Mvj4ej;AFzTIRnjB{db&n9F+_jSe|0>@X|BHvKxz8#AQn z`|4!~YLQUyfKo;IYm{Aj9=y?lV@k9h2e;!q3xpzIYWs-Q~Hdn|?2~?r7 z0S8CaprRY^hQ-Ph(o9Nx3-thk09An9vJQ%F+T8v_CEb;XE zVS%nH*Xi<9{2CWEGBMfxJcCplRmzjV%7-W7t&T*jd0iAluw zNbq)TIUUNRvV8}Acm-6OiIXBITzqHD=IT-^6Pc5T3k_*QrI7$pptZ=+xy70i4n3;y z6%o@`X<}8&{n%Nt!H|@d*5@HT7G?AE4-}XEw~uT_tPJ+Qv}ds=+}O-8{>*w4|L=>A zTP7q-*jX$BwW>-M09(G?fI+SRUX=Y)7OW32{nVS@Fl_-mz9o-tSw7Z8BD6f0WONSSy!WMkcibuY;XqJSS8t|PQcY2n5 zl7FJ1St=cN;395)TV^Tp4wH3eH4X z<%#9D@rbg;3m6>QQaB#6>!s!>69pvnZkD#aSyI0c(t_?}LCt5wGhqV@T-}e(#_I~b zju2mO`d)1@4~AL3Nn_u`dtIBoE2M{RL-Gm*oRTJGP2icv%TeJ)QO1G{wTPTjorN#Y z$w~1TFbWTK;cwq;jLjfg8TdEL)sS*D%BzvpqN{~xTu0#=1%bslG)qA}^oj@=ctIFr zU3<%NQF{w0BzZGeymQBN^Mq;70H1vet8h|^6`Q*HWP?w!B=q4GsY~?SFg50p457?8 zNuH^Vji>_#jPg4Hx1;HGH;+fuGnl&IHfCtsk9(cB^8_pH?2KcXy9?q1dl=Kl{8sGo zOG>4CgA;|4dqAj0{a4p#+7cIgdd0uW-;X6(RK)eft?K}D3u%=ny}epvFW=1PK@TvO zdZp=#L}U=k{B6}xz|9TdAO2U|j>k0xUfPx=dVw%y9<2R>SrqvHxbIN zJk_DhU!@rj1BV#&bKzzz+39;i$S>^7O8Ty2CU(*1TWvs1{U}R=JO>7y?uf~D;|2wO zcNSAcJmY1cvps9k-y-B(ZIqnjJbrKwJOlEAiaM+Rbe4C^Rpcp>Mb0Rpf5MPsT= zDJvlR%2e&PYOh(iwGMXlvbDa*{JQHwT6txYpN!)_!jjhBqWPcxQjl6`rP-5|5uzf~ z{HP+w*TU53E-S*tV!$2RUJp=(NU~rK<&tqspeVxT{`XFX{?DXL@&2A|Vyu`ZJA2!C zPot~5_?H=ddJl)B1q(l`Cl(tj54iUf(I2EPO}>})!&O$tsn@I_gM~xwWpM@~Po|Kx zx-esX@s_zL6%ue~;cER`5x6M3aXHhX>Tol2D2%dB*70pp$&zMV%!GZO{4XAwt)ZEK zr!L&b^~aC4Dh>$B+w`%xB@%*MJwKj0bnC)8)!uo2RM(AKl$hD;y{YRtKD?_rKH92@ zO_a(7)Y`z+g#{Cz6H`2%DP_H2(iFTY*@=rX8L#Tg{9<N5AN_ zq$gZ!hZ)srnaWBCf86Ac@;#I3ZhkXSR&0Mb7VVj6Ltcy)K0gUGmNK+kx3llIV0QI)IMg+&ftBz=Td7a+h=m$)5j zV~haV877hq9aRt+{t(nC9MdPPP>lkDhSMwmB17EOEGtIN4o*xDBy{^~wOvj8X!|s$ zxzR$mgM}TO$dtNH(xQ@zhe%RMJO4u28jU|y^*B&EPJ6X=#q->bcRja$dX>Z{RplIq z$Ew37&f}E9zQCUC1paCbVpRwzV$OIv!)T)haY|m3mC*EG(}c@jUgpZQuySCX)cr=T z^pgAUQv&GbxBDv;!3Nsbu(@AkJG+e={hjZRoP(b}p}wA6kVT`#F1wt8u~Uaz11lD1 zzO=Ah<2py*O&P2(j;w42Zic1N*<&uLJ_Fn%U!S6*WwC`B?tjS4tVcfV&_3P%*&LkI zZ3{(KI+^-;C{883(mx%2qD7;>dl0cC!*f-3xz2KNy)M%c>VlWlng}lTLJgjA0veRF z9Pu|3@=de!jF}Z~7eL`NjD|^&uTZxq;Q5P{i);VqpRz6vWUyeUI3L2LZzeGSNeCaV zB3L$=+h)$Nd)qGqfDvw?xOD;Apf!#kT_ z@if^E(+0=%wADQkB%e~ZcH3TsT#ky1bj%3SmnC_VxU0}g#Kss+(E#zGZTg(V6VFY4 zKRtx^)t$}bNmD)E@JBgx(sqG>&(3xp|CmzVN9d1qX%h;T;a{7NK~_PT--EpM*5nnG z=QPW7>s2iqEv-MT|Ek$uw%0G{YE{f@R^;aHgwzZp5r6B!1@}LD?YK-$CA;;V_(kmh z1q}7a4bS^nk@&<-$EG9mo3yY67ILeqI%>Tkj`n3!$16cu{Y6*k<)HINC=vZF1i z4E}Vfa@|Bc0vpm`k&n+CCij^d>ODWM!+1=Ev*8eBw%5=mR2hd<0HlCWxOjKiSvZ%G_4(Fmz$w&3MRahX*I`2acZo1(NC~*#C3rF90Ks*eOu% z++4;vgq9_5`!p1|Um37FqU}-%gCH*uU(=i+mt6`Lg-BlSnVZ7J z&xdkmL<#2N{+ykIp&~h#3IDIp-m-vogB)(F-@q;_19BPj0}_8;A4|nx=n0;l$}dvw znp7Y~i}J78O|quChy;d=wLdwXi@9CRD=krLv`J!Ma-QZ~y9P>^!ON)7m!@eEU++3% z1+vWL{0P0B?P@1Oq%Nwtc7G;kE%8*jtX?!2epKC-LyimpR>J}T>!Gdy={~Un)5|iM zk!mTCFVvmZ%&q!kiP&`7+>*?DQgJP}d~XL)>u&C9)Hj~&34kUZE^&4Xys?=W{O8wO zV^8D`M2JVZT{Gdmo7byLaB^wrLa;xBYP!EIMc{--|aLB?cv zQel(&jRYq+%g2?$FI<%uHzb)4L(AAy9WOy6#gSBy4XmWtXM{CCxFc`kxc+tqqsh`5FGSFs7AQC2j6a(% zy?3XpfAnH8J~iL+0|x$bEN0J>Ag`C=lG_Wzx}6$avcN4uuJjJt5z++0JNf4^X@GBt z!n!RkvTS)TV_|UQ|078KiBWz#>7Y}HLjGJ`iZr4=HjB$XyJC>^QyS>x-lrOwBXAZ^ zrkh#ZT#9f-wenqVZF+7Zagb*6+P7s@Om3y2(ip(|>GWPCK}u#^2}JS`$0hDX}hQD zqMg_OFzR{3>3z5`s75BZS8oUS6}!EO`xKVfzLapeS(y8sbKfU4AJ^ODRX*0Z%kjsEw8en*66u?X1WP{e9ZE{efhh25KJ{mD;4K*?R2pivcIXv7HLf- zsNu{dOJi$;a5zKENT7`0W9j<@?K1`1cAlivKUO)eXMM?cdUyAkJs-C)rKHe6jv_>z zFEO24)18;SJm!I`(UuDT&1M1yhtTeq8NaoDi!-wR8U!@DU`};)h==yFoT++0C3qTK zELl=A@FUh|w$Z~5yWSoc<<4j3C~hpn+sXYUD_jrPUyxK>`4Lj9%P@5_Axm2`YB5D6 zSANbz4v}989wx@j@Fc;lLFO2qHl34!;0P;8YZ0qJfkPhsq0USDRp3L1>&BEZ>mw^P zoed=}`e7<1X{hahjq|y}`-`_mQ99l~elxZLIAEJt-DUCK?P9p!?N>>s^~a&5vBE)n z1Id?NQBP9lVuFhMeR1xopo4?$ith3NNR0wEPKED~p*$=8FW~rm$-wuL`JqdhS>+4Y zyQ{~CzI=7YXEga(6+gw{C0-tU+oUh~DV|>r`dWKb)WQ&`he6JvPiNZovN3+g5q6XJ zO4TG2Xj#dqXBxGHmuIn_{yh{3%IiAhki#+um}G@Xxs@8x^O_OiZQ526R9)9^n9W5; z%xBEWDbPmVC|l;S^SH63@A3y^YJ%^4qx*H+XQy*qoZ#2+hr7eZKYn9ci46ObdEFb6 z0Js!Gyh{3Q2q$O+)UKo)C+_7_7CrgU7l!Vq+wZiIca3-%-T3ax|IVNO@VVCJy&k%M z>gPkNc3SItG#Pn;$|H>CrWUDO5U{-KSqf7Kjfog2&zjt$8jC+=no_yA&(ChzIP!;i zUS{1#+Yc7kn+S{Ic3e&{wo7JA&`s zPgT`KY+{3-JO>~(vGtc35P9^CoH;BG1|)m|DwYgaPj*D z{4g2+EdDuN&DZ5ytCUP}n_uwqF98n+C^%!y1ko~F?m)1OZ9?V&spP*i$R%%v2r%7y z?zL5J<&@ygh*S(T-5a|NsUe;zwB|ySvWeM8Z6dSP7T4Hg@K!$;s)e4;M!nTj5@QlJ zv$QI2vl2TNg-rjP3b@bDxbSf{Kk6c1e>hCK=bQ>G59lHX+HxkZb3*esS%ML2a3MBM z!V3I;v&y!ZzlTf}UrUcgLDl;88q-MFuU3?%FhBE%5qj||_8g7N=T4%! zzI;o-cG0$}Q23H&U@o+oP#EvHO>t;=(--!e{;}66bN{iLmtZ)UA`$VF6(;c2yJM|B zkw&h9`EO%pq5uas&M#cM{Y^IQ|1M2`feexQ`Myi^xwpKtV|d1+`@P_6`u5(1|8H{^ zCY6KnQ>sZp7jwSwai}Kj$&aJ`%d?z@At83yD;jsPhNde{N);3!6B!3iaBo-DZETaQP#qi-tU*i6Q2c=4h?m-J>93y5598j&#v2; zx{GshFu?o(!&S#4^W<(uPvRyxOY%Npvy&hGu~N~#{n>$J-8^V_=Y*mNm9gjOr(~1_ z)KszfDuduRS^QJ@>DkC5_Uob6>GT?Lss?xe42)?Wzv1q{c5?clzGy6=wP$TCb*mEH z>Ab8w7njj7HW8;A6v>#@P4kMDg4%SnOTl=}d15e2)lP^+6PGaI1qX)V?#kCQfP%ju zIjJZ)@~uv9)h|&PL*A8X`QI`BtFfz&i)&fZ!5xA-1b5fqk^sToT>=D$z~CMTFt`MV zV8Pwp-CYNVU^7UtV9S-ad*AN8*~ee!$MiX;y1Tl%>ieorm$e|IOKF< z+qVn6AdLrB#Fhm^?!vsINXQ))=G6iBiIZn6>l@$zD{BnV}6QRr}4LrA#^spypu696Z%KDtj3%Bm&NSFjS zB==E+F1A$^x1>QUn~uyc-|o9|LAaA+_q3ON*F(gBiB4m0AhGl5ZmPi|!%3k!+9ZNB z3rQVg^2)N^HM>?b{X(2G+rpElGC1x2rvb*TvjU#>ol(3(0T}N`6PbiQHF5j1XO?&b zHGIkbfxFy@W5P{XzOq8f<*FU3A{5k4(7J)gU@_nj)=STqyE^dB(9Me&nJ;fe);KEz zSZe-ACg==Jd`&`pT0tplFGIPUU; zFiX0vr3lV5wH0i94=Vhw%$&Z1p1aEBu#ys5D(g{Y{!&o0#hv1n06ZWP5R|{ck2O7P zr;);1%MUAMJWB7^>+vzWh8ivFTU}1G1--8z{FHII#9v~@|Gq32htkm0jN*BH`{J=t z0CRwoiCT>KlV0XMTqXhCJ6!?n(Ij+_S0XXM^K3d4$OG8MyOoWcZl|Nv?MiHtMCigw z2%LtEDrwCdRpvoBVcYPk1;n^Sch0`rM~v=b-?e;~FI3P$xD<-M`S3-gtA!KayiI7K z+Ov01axcaGLQ8Ga<|KG{6}?6X798VIWfx&CyJ)jRk=sUS#{;K*eShT6RYpih)J(R_ zgfZu@Ep(eDSLyx!C8cL7tDVc_k|dQv0-~^d86N$N1=C6`jwPk*h3@@M$%h0!SJ(Oq z$+fG7vkA5<3{U&^@+8?8l+0u$n!VcxiLs|~X1dHLl`@XvnKl5n^B6sr3)TMpkXuxdGv#NI4;1DZ6!JCmXWRxDaP@@mOD`3CsEe6^CR6epL8v zEZIfMBsPgA8rRJ!st!r+Z}%CE_Ory6(aWv|eal*lh_AMo2=XbxnM%mq+O&iW_;Bq) z8Sj~R-)s@J#?fKe-^zoD?gfm$Fo*>(;a2`s>M36Nw#|3l*FB+WEPz5TM3-MmL+|!o z7T}wCQs$iZj;mnvV1Lgfr*zv`Pl?cIc9M9fkDKsdnZ`w%aKg*zz3fWh{sKw&${o|r zH(B3ePJ7l~WI{ekujt&6d2vF^<80M__91O`)3ADqQchxPuLhGjQLemMw}r+cbuy{@wyO*&XHb1zT4LDI8)=7~v@ zPQgj~J1f*Q{PfrFFxEMdltxbjr90ZU|TpIcuRfUh4z94B^5hhxB67dzdl~G`>+n~VeJ$g4@~%dd8O3~J6Lh5 ztHrqSVybcR(m2UR)nh*g!s9Vh@~ydIfNP;=1>+5+`iuwY=qo1|ZrbAyu>XRjl2)mr z?`ax4xx?VY!5cOhl3m>H(&rEQU2Gqn)|IMzh53M+l)SFa+*bwlLUorGN~+m*MI0;d z4%;jrFL6?Wgix~3w_2obqda#WU*8~EtASHrIjX6x4#B3lV`gVo-J-K;^bH)8ZJ#_*pG32K`)pda{#P-;5-*r6Zu!`%0t zxs2CkAC%cBn+D{2?*%ot^7F~8R@;a=jM4&m81UPNCGponLLJh=5PI~KtIyC@YYIpR zeG0S)KK3+G{=MU!4LdFm<`c^ot~19zNR%&ksc!LlRIHB78!f;x)g;rjsRK2-z9rc* z^EPiEW>m*X?_Yky#kd=mc>YS0VQXz^)jugOXwhiWAG!wf(PXpHr0)&TE$%qGT|tu* zxC50uFOEP*N0ZiimmGz)QT96Q;i#hc?<)dw z%YI5v5Ny9%8t2>_w8|R=m&AtCMzw7#X@%5l_V;qhEi`((2dZ3AUB4iz1D+X(Yi5|! zU4xDK73ea~<3%E1WnG~*lS#6Jyb@balXQS%yI(lz8FaGu>%Sg}Y;V~qgE<5~$SSv* z!DM>bG4YbHNtCsk%+Jvw^$Vt&kB;?!Wm!3$Um-rztnbq_yidpTgnusQMd3(=Po_D# z!XEm-N|1ec>%Xs-K1)<~0+PvJ9grE}(XAq;L!-CS5o zI~KR&61A0&7zW-nk2B6@hyaz=f8so?W`wQbS_ZDw^BR~C=WWJFjR?oruDO{}Uk%Fz zar)J%rh0UGNzlD^ICl=l8YD^8D`IVlFu*{E(T^A2&xc%|9%;chlO=dnf{!-a%Jw_R zJlz&`gXX(?7Gn*=&ZW3?!-uH{{fLmxFPP9yG1dV+FT9cyJBymkUiIBqLyab00 zL0KBMl3^d;4ha3OZguEXmBQX3YfruF%Bc}s*+9j*l6ZLQn;AC-BhnsJs}`crLvo~^ zRZVc_|3y}zko8NTi%XAJ!Kjcn{v;JB=>~Az9>~AfoUM{xheCtDnFnUz;z*e``t=Eq zl)Ro0T&{5bo18lI-8G9^CiAgOv2s;L9IWL`AqUESgr@F+awLUB)ex0oJN$a>$>p?7 zmL*1oK7Qs40E%w3zNhEk^=VDG$o&2{^KIXt9N9N_1EHVWzHwbk)3tckr6zh$XV=b~Ix_ znA^SudACjbIW2ij3F-^)vi)hsD&{JnuhO0Y7)Gdx4KZK_LC}#9x7G0LkQ2I+5S|(( ziDpDZr0(>-+zqx2enBtiPG1dk<2w#QGnCY3rd;=tM#6w9PWxsw_?#vpTn`;>mrASx zFke}EelTQ~7}DzkfbDeL;cES9&G{HB^tsk*g}=O2U_a7>Pl{@I!hOk3Ikj9}CLrNe zCIFWBYk zeW_B1ZDKqb@xL+27xG++nrJPD=z5(Y69#F-=P|b)!8yQAkSwnHFHd{hE~e4}LS&gL zY!8aXwmozfdOGqxh_Cm#2{#U33LE;e-5Fr8I1A4%mxtD-Bb)Q-w~i4ZAiUA%!<>2k z^wBgkO@q=mvxkGOb~LAXkHdDQG&+mc0fdq%U0q<1DiWoEreKTE&s*L1b4)WY;7pnl zxB+oFSJo|DF`SA# zT=AQFzAyY9It<*EkV1@3Le6gf#bKb*XD4JwrE?Qv+~0dO(&ZryfP9G^Yz4x`@~IF? zk3I=mmj2w$)#ed=K|vE*b?X4x_{5#PCri~x6&k>j|G#*U|MqF=*|%VS&U2AEMOp?i z{K=Fw{)Be>VC3G2U}hTp*4c&Tg1-joEfxJ@8R9T-UD+lVlX&m*i|Y^ST8Xc235-pj zcV;7FTd2S5-|zHG016`e#@I;EpEe_a3F|b2Bnqjdwr#^DVp>0IZIs(VIHx&n?Ka3#{J6HA)^L*o38@P7zQrRNU?iS>D0^!%eurv`rE zglJ@NMSJIr-_6SoowQF>`F551mzoB;Fao1x^n$HuY#rxNnI2S75ZZ-o9k;Kek7J+y z&ZhmzA+@(bqq_TfO`z#X{qb@FOlTI|K7Q95c9EYy+1usIBt6syK3f6SrQCE!3x{O- z76j2ZYJ6VvtD6%!`56EA(Ee{e>e*^WK(Dv^H{`=bYUJ~Oq{hBeO32MFN3&blN-@d$ z*Npt%+x|*!Z3IFWA0O-6IG;n^J6#%*j1|7Z|Hs+*_rWuMgXn$7*(wc7O#JTOfB9Ry z`}wU}dScL^`I0qwvaDYW*k2(W$02C9VmVMS@n2>Br^o-M?d9$MWqD2EIv}kl`AWEd z>Hn|qc6EVw>+_Apf{AQ06$vAXlleX-_3Vq2 zd5EFk64mdDN+1HIwf+K_#b8!OZan!zSn=DvG;Wl4M#xSrG7h>CcBAD#>pV^)JlwJR z`kA8MoUV4pJ-g-9M{kE+XrXFnUa$@~k(2$EqpIJ4px+dj;e`}1GAmqAbF{x0ZtAlO z)N#iVe&1VzM(E#lM8DX7Y6c~KkF6Vq34gPy<<1vx*l)nZFgdODWB;$#1U-8#bp7jA zjdK;ek_>p=HthR*p_lYo*(koNyZcg&2gg%vu}8=&fHU4kip~MTOjb{VV+72qd46cn zHv8*d7!fJ7k5Vw+lC2!`(r^P`ZEtX&YX{W+&Av9hV|@8EzJ>s^s+<+_(KQERd- zD`W4u)wRABmLkK^oHJBN>trCE3_tYkx&c@Io}T$rWmqY*heyV%6S<#y4t@Al8J61B zwoXF_=(^>2XAK?ABJQ~n$e$+Mykqr))g<58xe~j^^3LX#e}$LE*x5L$h%%FQ!e!3b z_e-$Xcqeak;@|T0KyklPD)Z(m{J=H1$H-_YERPoDuwwJusit0I4+4g$mnb;x0Nw0g zVJku{1Flum@6vRBet8-Z-dF7f>3QJrKY~Mm@UARAfF0_$M&fq|$+|%d;((wjM9bIh zW!^wLp{&5Chbew{DwHgt1~Q1P%)nO)AzHxOUoF*23-{|i!*?MKxp<(>K|WjedKr3{R^8`vc$5K45?9 z2b?b&xs|oLoUPAixHw1*q_hA_B6@TGoY=qGg@5t#od8ua&Q`7#uGZ^q856quprA@` zw^!+TEwWvX((7WuQqtQ6^e{v<(G(PABt;hQcc<#Tiyc4Oz(?&beD(h9UP{LC%z$A# zJbpm-P78P9XTTV^I8<4$@xxbo69Q+d+K3-$pl-!190|~J=v)pK%9}$~p(>AEWAC{m zdOdYa3rByNfsaTeh{;6eMWO_ZKV-I`i%HN7?CC3j`dOxKStNBHGQ+R3OrLvm%F?!d zTVWye1r?%{vMKDnxXSg9hBm-P``J=RIP2-G?xd<-^eh&NP@BQV?k22d8z-bG&d@%fsUFIr z+Q*`XQ1+6Wv7 z44=}nT7IWrXu>17*)MJ1yM?4!DcBdchu>D&^qYkWh(IJTzdyZl4ee;hj;xD2&|eDw znY5Wfm*dd6688i15i%3xPSvy-H=c-lHF6*d>`-1E55ZY#?A#Hx_dghs@vN*Hv^u}jG%Bz%7_+BFz zf}N#dT?%kpdI zI*A+0Gbahvq5^;b>Dt`>Bp!4R?Z{zWl9gsmzcn{3;_5?_1MH$U?amei7VqJYtL{(N zXCKp%LrO_+wh_YIH;*WP2nA+ccValLPrqwqxwqXT!m%XjViLWFK1v;hd0%i{zj+XL zs<0MpR6afshHj+q*JHj~#f{}#FMSYcH9RJVyv zHr_g89%L~>5LDcAo>)`4^;26O-6iN7%dBBUb;i)m=>^rzu@#bH>K(#M9K6Kfep1xO zuNg8x6o5CRUsF zINC)2rPiH|4{5T2;+h=>v>sw4TOaToBsD>6CK7G$DGmrmAy9B&CU>yIH;kk8;E-eRFRn<8S=rb~cv!Ha+b&0311z?UeW~P6 z@H6puoS{MW9CAk?r%2mXKkiVR2KX_8a+UC?+bjdF@_n3 zQ7qjU%V5Di98X?yjw@SJ$%H%9gnI^Z8VVFw5c$p!w(Frr>kuri{bSl5r?<{o|Li)n zzlKWb@#4o5mDgh@e}eGwz4Ooj^ztv}@=Yy+KzPQH&DQ8i6No*g6C;AYY9&a0iLP<3 zw9&-|z*9%=R~zSUt^s8@WLl$bt`uZG<{aP%jA~)-FJyzJ{vc7JDL&@s(@X{6bMGhk zq8nlEC2~(sYt{$08x+M_J5;U;nTHKmH#jWtG|R#VU`C)3tU_}~i$u_s9v0SaZb`8# zXD40-oO4Cg#M5o%-`{PE8is{RTW>DJ|6FrW3NYB;YSKIF-9qdoaDABg6y5R$(&E|s zhZj(;+{uNPOKHkMw@UiKO9>bi-J>t+@WyDihv^Zoea_KN0-2eNboRIGJ5mh?sbrFJpIHgCF#5l!^?vTXVlLs}I}(ziypi z9X;IGgy|@pYE)UyuailO!rySzP27n@)4sCT!aaSqIMdy>Re2w<~6? z8#79^2a8>Zk$$%h;{4Jy{sKdk{N|84S5R)aprZ~UYw+vN-gFaajX<69DkoP6SVv`2Kb z?L8EgrXD}iQ+TarvhnIoLS|U7TcZp=52*O*R8aS_k{uBKk_$q52?VZ zSuiLb3kK{6Y*2=IQQZ|=9{m=&pnmc9zE&b4kD_sEXD>cB{}BD&oc28xOAQfCkE{Id z3TOpC_nUrbk%;O+?sw`q#S8~@$OT`w&9PN)=)tC%)@M>9^1j20__N*eTuxAWfBTFo z^r{^WWg98x##+EtKkW_)W5XDfF9`JjR5fc<96q}-3r5Y;@9ko<$FtYxCTn<8yqOL_ zELoT99aur%Mj^a*qqP`(kQ7eMAN8=YCmRlDbSj=eWzzJ>7%?hNVeW810;duN7be-} zffu8%=fMNgEoyn>OM|>NCO?w!G4IncZEbtc)LaYgl8O{V&Q={4{@D!Bv$sMYWeYt6uMqnO&j5a5X@-~mmZuwJnf@_aW&G#3wvzzfeu#U$o zY~NU~(~Sioy6fdt@&rh_^2uHAYVi{N<`2^Mw$DS8eSN3JNeFmv?#N?uOuYniA`NL`W%YGbw7W8FfJ;RK6{+u zr+{EB?m+`iB?iB9xc~TSO;EwuQzVRVdiLe{R2~j&goH=)B&v>n*peK$B`RSFJmjdazvs{eU9MBiC{*LgXFl_sDvJIOJu5#DsYj%T_RhEBtB{%V7Jo6<*z4E)nQQ9>Epfr3$oH=)BDqwW@ zSX7P${ehapMiE@yPXlQKysA4$y@w$7dgg)TJE$>g$yiIN0|Vmd)3|7{}a6yw3N z#=t2UU-~o*w&jj3(#k&Z_+ybch!mUPMth8AQ086tHd}_6iUlBVslFf%+3-_15egB4 zRWl%)E@uF?N7|66P#`v-^spIZ444Q=2)(wL!(C(xIK4t=YPA^Gz_+AZiJnuHMWh_>Si4Enx^`fmZSfc4F`_1s{%fGrFbZWg?HLBd`!gt&!{#HrX00BJp)j!rh z>U+$UU|DFKSP}N~<;j*Ds;n#`Ur(}+dfu4a4+OF^UrcrZUNX0T75N;F?*DDcl$ej} zkl3~h+#Vr&evHDz7{i=Dn%F1(oM9tC2ww&Gd#?V^KyzI)z+~u@RWRM(PS9=pf@HU- zQP9+(9XI-EAKU#QU%K+AWyI+sv(b$J)2%MPc0%!@cpdi|*$>1k2L zAE#(a81;5d@}2Y0-So2DJ7)%zit3v9gH{+0&yT%?K_X-`QV7PiU+@m04u=n2iJs4O zxB4=@OFQJg{YP%bx(}3`0h}{eO{_ch_NtOBD^`t#$XUIMB`7Lc0GkP-9Vl%d(X*AZ z&EX}RRmI1u+Mlf)-1NaI)BPf*vtBcC(@_G;&<}u;`EbLJ&P$YyhSB%kdb`qblXJE=UX+jRZup=_Q#MV%I*cr^P*~6{sbf?saK#}t2*H6QG=E!Y zllCZ!E2y9jJErq0Op@Wo`9Y-g;C9d#WYmE0^phG2QYskUmPi^?ys_StuK+!(P)4gQ zC@`5`F*=vw-Je|{oh9n$lm~sFvFF0fjm6J5*jl*H8r}>ApJHa9x%tNcE@b;_K=*1s z$&4EDV*}U-Lyw?m3r9vfn^_Qk0tMgQ7(Z~3u-LqPV2^InfO{*mnEH8P0bIW(+DfsDXLy@!DLvuo)2xW1B4Ja0VQm>um$-O+j{mwj;i3B-kb%5qg7 zP)hWAy)W&v&8fiq=j4sQN3a5Hw4R}${0qs9t+kUP&IWOfq@a@{zHK%(KmYxwN<6j- zQ1r<+VwJM9-n;`d$A?mx;Gv)Uy?SMFKAKr!V>ZvUcjgm*=J(syR=lS=UP7Y+jU1W! z_{tlAbCKPL#M>rf>J2;bhci<5qcR>#)SsR|ZZ8}}MtZ^NTrPdO%YqiZPE6?}m#04* zPxj3dUj{6Lpvn!!5r52f@dIf-bi~tr&d7OQy^ds1k%|afx8rE%t^o}ZQq@s+O0UoC zg4C=pCl%A9n{wOO$HxLw1BH$sH?Z%|{Xi$A0N)??cjx z8&jCa`~B;)Rg|oaIgI!!rWQC?PjdMTVRX5I5UMw+(-+AJQhR?W-cwD%u~r z-VThd`=*4#d|DR^4aovZ|1&$_IEK9VPW-~5^ukr4Zqe(W!1tnGgoM6aI(`Z%s(c(V z4sX%Vtc-vVp*R8Ix=8~~by^?J$N_@@75&TX>2pRpGUJCSN}a8G|AuczIxB*mGomC) zk7t_9$k)N^G$$EMzoUAcx3Jx`(E}Jy+o6k(S3T~#Q&#dwEwvDcgRW+Z1Xce!>9{OS zOg}V^IcZPoL!#B8)|Ecf*m+0=a6W4NBh0QlPo&18?+tyXFApYz#+a28M>l{2A>3RfXJY6wue|_2s`}CnBX?%#@AVS@pg<PYYVbTz=SoE`{4kAC!)TeUU08 z@lwbh-WPKpimi=EQ;R%!A~nkE@x*hLC?_a7XswB6SGtshSn*l%jYA~uwOn>aPP_}V z`;9#!|94z;CQ%*ul;wu;te)l(K>XYDK#iIN*w8LG)=V;jeTz?;Wvit8U44RhF6Blc z_(s}+aAv?$f{>dw4Jity)heqcRiS2QR&d5aD7y!?oatG8{!DRDZV+8TA1sB~w*W~O z6y2T2uQ?N>@|NN>AGqWkb#ogc(?lCx@yJq0{lhYS1{Cr|bJ;!0fniVWsC@1KxUoMF z>%V6XI|p%$etdi^`vJH;+zM)MtgNIb2| z9V>}7*}qSge20sP6}iUL=jBFm{P}^ZsV3wZ3W{x1^yTI0hB3Kv9W1HqEPVq)n1e^S z`2=q^T}$6fq!-h6O&^6nOVOZV5<~Z++(es`3YLTH#EO1&VBP?(FoC@8`byFx9P)YS zg4Xokl4GNwO{}HA!BP;BtYH#k`oARS3%->V6Xbr$v1NTUvon>k^f&WjkzaxB5tFKDeW$HPGkDP>-b)QHo}fyGYC>S(4Y2);7MvDYVzrdhkjsM&cm*}D;wM|27a0*<+z$0Y$|UiJf` zN3iwvrWm)?-_~$G=UgwBYdfxZGp7q6&rr6#BqOtJ@k{0?vT02dB-Y8^-?E6-~klPWz)Tdb__0g;p z6p#oUkbUu5Uj)5SiS>=WZwAZY@-tfdMY{slie^$+gcCKMw%@c~s5H}Vg%(xKYz;Hd zLDEA79t%L;J-?$*Qgjk;CQ@j8@ku#B?3{k}a?y0P#gx&$id0L)%=;yMmwg%5F|SOe zmnn6D+Y>XZ3`RxBN82IWxA8ies~E*-J;bM)UBJD0TJycMjXk@V>@bvjNeTA%TUMh- z2WtB4Ta@}VdZ0joGxW)N6E2mG7J*jL@b^rJ~GL??@3 z^T*t_IvtopS5>E{?49`srP+6c3>Mdm5+WYY-i$`n&B}rz(36Zmy>fwWp)crx(#>l z{1M8b6M+Mpc2jynKYGOiSRJXh9rP2f#YbYd!)u_z3Ru5K(Uy%&H$2vMjX^f`6%qNW z@21ePm*E;i_H?ygfqpB;fTpE|kmmMav4)CpB?@P&k#ob9jWKz0aXK*F6a@%IS3O@P zg)&iv+bwl+QEjX_9tb|XS6ggi!q7q66Yo&x1AdEXDfoNi^t*#Sg7ZDKr{!C5QymN` z9v2a@-sG#SpAo+DRyL4h7HNBwYS~6tzby*y)-(3{%Nsig(hfmUs7W8#@7@%PL45_ zXOuC6bhwdjJ2v6gK89mpmgA;KR-IF#C?=AvUA|K~Eo$?PwMN!i2a(06BAL}HvJM|> zG>{TY&%p=68eJClp$+dndd=FA(crBkxFOhA^Nr=UY%-JRBWDe?~iLD)1DHJPke6cEF;ro{Wu*z zDp5W@PQSM;w|X}{&ku0C* zh`UH~5#{fBth0YQnYc1N$WDB;G8g&5I#HgFt%+2sH;QE*)9D#uyFy$GF_cWf*C?6l z+Mu_a0%V~S-7cH(=GN8W)?rmSvJ3Ql&kpe!=(KBWe6{eq`xo%+k^)Vl6yXVY7(dG7 zM=j%_=&}T1h#5uY=~9^mKQqchj18%&c5Kc|j7j?4Il#3jcv7HezHO7LX{$~8K?29L zIp~EYl5KY$=xz^NGd->g!kacQ5W9x8Gadr8udXg1?-p zuF+&WYy5&gBXA4wg@Tyr%=P$+k^L%9wor%z#7_(5x!M=`L&tXKgCyndHVCE7%X)UvGHWu!XKF+zfQ1u zehZKrDv6ui+7fv3&*@};9bl+5f0mxKKda>b--$HNLt@_$o*pMy`K`R@|84FM%?kzJ z>Ot|Jw8Y8o{ETDV>GdX)mpAnnq55A&mEd%b=imDB&mvK&KBu2ydMqzm{d1eYs#c|% z_*=ODtm(7d*fIWpW={V_pZ?*pa}YZwZclU1J-YRxAMY3b(f@3ljeBs9qB6>7uO|IT Sm0vvny?d+prd+}}@V@|1x;X0q diff --git a/windows/deployment/do/images/test-scenarios/Win11/M1-Basic-Complete.png b/windows/deployment/do/images/test-scenarios/Win11/M1-Basic-Complete.png index afff2cc698b4be139b8ab9e11e72ebe653d5e821..108ad7581b52a74a167b2311f7b7246a5bc09395 100644 GIT binary patch literal 103390 zcmeFZbyQSs`!B9Yr%H>obT>*2f^>^?w@9OcNH+*bE8X4A0Mgyv3=9p!%-Q%n z?|I+H^F3#s-ygq!&ibykS+1E`?tSNVU!S;kkeZ4t9`+;bJ9qBj$;-WXdFReOL*TCp z6CL=5@ZyFF_~-81m$H&~ihe!b20ox#KUaQ!=T2!j4%`$C_>AQwr~CHK9m>Glzq{e< zN0xW)AhYFPJb(4UXz#|mLR0o?5#u0L*IfQfDv7cQM~Rd~3%n#7U9<;J_|aXSd~m4J zhPAZ>vqitYwb{Z*M+DY)3GQ@ylZV{g607n)E1g(`MvPQ+xH^isU$zrSrP#SE#-*xF zNwBbu}Z3>^O)5gL@2bz|s% z4B(6JlEBxjpYpS$|Ll-L{LG(i!+a$tp`ab$6kGAn-uT`QHpM?i8tB9ScCh^%aUTmG z3bhS=Yl)zhijt3Jti>2i5t$VInCgVup^W$ZKSuETEEZf9IhJ;%0WP1VwO~P(TMtGR z>Q^&@F9N{{UaJ&~a^g29qwK?V2y*A$D@K|-|DLR&Q`9x1giI_iSTEDTcJ-oz%88J6pIFl}m@Binv@AUN7DqjM#e1hlKuMiJP ztiUSvrV@6d(QWwPJpYjU`COx?n|+2-gO#(HGYy7250AiQ*yE>B1%~w#wROZ;-C>l9 zC36w@qGhPCN?48<0Y=kiE#i?`&8aqtG~`qkd?H)4k4MH$bEyd4<|3BQQ(Z-DFE6Sf zLhO+$A6J&x2;l?BK5U$g=0x~@BghG)i8_K8OB?eDQo0R7ROj{ZJ{v&JM}g_dpPlIU z_T4j*LkNLSxnAUs20gIB03+MqSJq{OU0m-&RoN?rrDyc>cXBl^*Y3_@&B0;iB0&qwfnT68L{2x}Bbp~6seZmrpI$S;U z9F}Ne=I(iJq@=|0m5hfjQNUKq<>GKzGI(;eJ3KmHySUB*2{FE8la@Y6x>(Ut(OhhB zFOM5)^gM^iS9Jd59=^GN7Ale;E32a>5qoLdks{z@Bn5IwHe2qr7}*Ju+klTl>(aE) zfPNmeuYRlZ^hiQo2pqp>-`pJx77zpm4HokHbJxC>!JscFN=7XF7BPPE|cc8rQ zSOjl|$H(S9Cbe-a%uCZ+kIpT8hf-azp5A!F1icxj+7GSqNn5IxR;r@-->>En$F4i#pH}`_*0xk1uQs3gQ!|0R*Qw7dg*kfDdO09m z%U8$`#S;@IPDtcsz4H=ANRFH4%}KTEki&Yq*aOa+weqp1{Z^3o%1p*b%r6pd55K&u z^LoXsq;yC5C`r&>Z{OD7uz%&<)=+wqi=}gk0wWQtb)T74O-nG*5i#;tojp{**i6BZ|HE?T5_B? zZq7k+i1znLWqXvi7pRsd9aGed*1x=yG*7BLe?gvKVlo?nR|CsuBvmYSEvnpU5#6@P z;1Jl>@Tf(vF%mRB^9UC)`PTIr8g;&Q^|&h77GwVe zLvw63`K~(;g$~R#ia{kv5<#bnfwaYd0wX!Gf zU4~MMOt3UqEsMP0dBuf@t7bs)&s9xhgf?9}3{Vo)s#~(YlC4F2aJMB365~BpbIVnqpftg z!^Z~}x+o-7bbexnHJoPK9=02CM)EiF=3sjF-2vxcdA!?P4qHdw6R=M~f_`e98S!evK+6ohU()k3S=?{MUO6K;M>P5<|`6sH@XpQYs$M_O~O~B zcA$uCAB;kt+%zY{j{}=sU_>^K?z`Qoi{(ft6ZBW&$^wH0vYK>H5pf-zpYl=lk|lqT z*->1#kEjW>*WDpDg;HiReOaH2FfBfd6CfDDKJL}0iVk#rL4k99-}rf%b-U|f>muU( zjeWH1;knOjU;y;XqDpCwp#Bnb+jrsuic^7sE801B&DTJ4jX3|!2f*(fHo*PG8xZbdgWjuU%%XFT6?jgX!KYi(I3<@;Bf zdR@iKET54WAHw_6_oP9gt-n%4G{{Z1kM1?}lE&F!baX&usCv%VdI@uJ+g*`}n*%qL z%U{Vt#k$9Ra53!s=JYVLT`aeh^ZycH%%0+Q(W5h`W%BUV|s0uTVDm}!a_V!|X zOa5VKG2Wc5*DGV_@db#J#d7f#rysAl*U<>bS@m;tm@5Z?0=sFKK3K5wQ#1lDcMfL! z=EJNWO}ifJ>+pDF}c2kK=^Xo*+p-&6AnSoFDiMT>ME^pb%7DM__!m!SE(#X zh37>n=Ex*Q-*>z8no)uP?;h~^Y-gm5CzlNdLY#f(F2wSK1i?O0z*k>=9tBO!^c3Cl z1V4SQ{j5H`!x|5y(&Y)QXbm>ZO$US4l96Mj|u z0XG>;uw^C@NG*q-?ayvfovYe@jT{){V-t!Y&=6Ej72Sr&T$U1j#`eqUr2a z;UhB_6pjs%NndMk+LG$3{YBK~KDenjnYE`;oafrAj~1|>j#z?X_M;Ea*G-O0V$-mQ z2wicqQe3w_fyn}H4mJ~A**%9dXY609iVObi(@)h|=xD#%h_Bbx)4{`1ifJ1_^f)T? zgFWHYV^P5@;k}lDA8{#RAh**m@9(&mK6%hH$XEny`)lfXotlz1T0$)@_6k%YN)0-*S$(COgpzm!G_AI7J=$p%_@DEO&GWJ^$au`0 z!d=$wF?}1nz5xSZDp$s6l97z2>y|j4DlbKYO3mZJM zj^<}I6Zl_jaqc+Y?1G1OkM1GIkpnm3ZkU#Y`38+_kAk^h6YqZJl7qybVCb}CjWsro z`qb;(P~S|tM~@%V4LM>GY1Jh}l({&>Wr(;PocOjkN-C`=Coa3I@U0=GwFmnO&7*fl%!9e*elrL{wEmne2G6pU$Z1iTKuA;rq5ddY7yf~Yp**|qs|nz7HNxWzx&ZslNfx^o#$U|3Mw zxvcUB(z>nZR(jHO{l01P4@-o+s4Kf zyPArb!lBjAO}14%&)-GJ>2m0AzoYYG&hBf@#p#Q!UE_JKGE30;gvzq3nuhx*f3s)2vVYT?5IX_#OUSVh>sKufxP^}dKzA)zTZvW-#Yt7jNU*J6cg)Qjb=kd=>Z<6GRAsg?Cddv9A5 z!H{%p!xg0qmB>j8rzSVSCfw#6v zjB?RH%l!S$YDyJnd(C7GaXPhdiI|afrY_WYd2Y6q0Tm2>92D#XujCU-A7K@y{aoD@(pMumVHYABGB%f`9Q}yxT&@=1r-DJQk zu;x_Vt)CL}3tn&2TPU=MG5yy-S?`NqKA@diu`5WDE_wS22Hu+jVH;_2 zXFKKPkFsI`As#J~15GUT6ocZU?2-dJb-_@3zZ|2PDql6N1uJhD$4QMYiKh5WiU5=U zN^qa2GU#JHE%sC)xMsXEa!NX)Y)5+gi-hrQE)Boo(s6f^GNVfoFbTLA4)+1y-N}-V zE|XFAJ~)`KKR_#JiN+R93q1~hk}DTQPy zKRFKf{tN7_0wBxODhgzy5GJJKcpn2*z|E7udXMBaX0Z0 zJH;vE>i$;Q4CJhTjmnmogpY1&3JaRmSU;jzz!^d;v) zmTLX!^koPSkENsA#71!6DRqsW%Oh5jmv7NzgS7AaIWPcVEcR~x7DHzfZko^4&+F)3 zK?il7RuDU#Dx5(4V%}R+X>RoF$22PSv}7L^IQipHPlmrD^>tDL5p=q|dp)phV{?=3 zA+v=JITrTgEBzch5vzdEyxtTUO^(jsac}QaH$Iak>qr(2!B(yTk zW1mK*O4L4Ye6Ve_K+iSksXf!6qykCe{yR}E@$w?qD?-{cr{${Xv*;?f?|JgC;>uo% zzwJFXqz{QUzEl5jIFSEIQXa@#2MjSvbxT^#LxH~I{W|Cvu<0%8$ zMz}k9*k_GXPd7bdC)qul5vRyv+7RBIbgog~a4@deM2On**}AzgmEVoZ-gz6u95et? zKlQvC1;YkYFqy;C>Gr8zjtCs#4)7mz{ARK~?qn57rxC4=r8H4B%~CO+LsCd-JM>i|gm+EBs68tKTY;)tnU zpHTdRr4KG5hCJci%;ByugBkUWoVD*y5;X%(OeIoL3pAE}c#&<^(SgEE(gT~WS0~#u ztyGVt@ZTEu(mRllwzFFfvgzw34b)5@A(^Es=-F`AVO&dRqg{IDoKeumbECqBp6g#C z&>Gp^No~>H+MKA|{cY^^@JJ4v$tDl<07|wrLmH#8Jk8?AbAjd)7+NB_(&tRitET6} z!$p!)xVwg@9%n4oZ{BZCm2OLW;cOj;eB4a>{#c%kY1<_*tky!^2su_ww@wR6{${Fq z$n=%j-7*$~Jd&cCyZoIRhE1*t35V)};2`3WEkOmE2B!CRGEmW*uIt^OA}}{AGuQOm(f!iWdx3~kM@XYat~^yU(yjIE-FRR98;1(= z=t1b)AG6uWgXZN9h4L6HOUprZtr_xt-aXqbFgyIDe38Y^r>Fh9X2E_Q+5$CXBfdP6 zn5<~|9KP=+ zyb|x{7*5y?^4_(gR&MlV`v!iP#zkG0aGgO7+Ap)c7Ps}Z?P?u4-tFc@6O`$qh1V}w z4u&p36NC{Av#!JZ?k(MC$KR*grgnVmt{hd3w%=cw#?D0qp<$m9XQNpdUO~ZX=TWDJ zE>_J4aA?vg#+spw@i^;5Pv3Jg8!e7Gw1Jh4^S21J;nNxY@^&3P9()#p2U~0?v3hkX zDbLpN{V}zF?H}SDps-3UqfkY!py80z1n~yGy9kt=63_LBXS&uRtuJR)4VYSBSz*_! z_@VvktV2yJ&7Y@*HGZQjwkoX$q7EH;$S$nI#w(zzUs59xH+f!2< zu}JYT%oi~q&fYna3lyo7JXe^ZZs;Khm_Kt<=W6O>3XY>}dBCPmQgw4fKBt_ca-EDt zC_S5IZdpa&JP^>2fOcb@2l9)2@>AYhizR`^YNNmUnCy~%X8_(e`!ZaK^Ci_>Oajg4 zK+%Xz&`qwY0-NfV!iBNVVf}UBh-4(J1JkZ->Mq`?3da+BBG#CDY4Is$-AD>b@35B+ zp6YTTXY%@OFb%E~Y0nT-9oNTUqk(u|6S8IzoMhMM>FU-t7+S9e2Etr&DKBLAHJXtV zj)se7#l(kCM>y5<+I$9PDE6^bq-RywbVn!J-F#i9I-xNE&rS*Q;l&Ig$Qk|0cD|9bs?N=fgue-EH4Z>+7>8-@{PmgP{*o_B zfu3Dgv74Mc)-*HL-`xL?Prh?FY^`}O{v_;|+)ypHUn>4zv+(~ddHgwo694~69{)Yq z|2^3M+Q9#BiFyBTt?Y}g7QcI74bv;JC@Me~EVJy3Te}q`@To)-z6m>LXit!G8SR}m z4~k#2>(;%q$?y0I*}Psv`jk1$KO=Pm5?gf}=BVH5sKhDin6dU?jpkFe_;RZOg|0Bl zWLz@t7RzgZ%(pn0s~x86s0dFG9!7CB=|HsQ2A@qpcJ{bVhZL+VH)0jH6*Rt#eEOOD z?p7as9|j~@ukvF!o0kPpk~IBZN^zF!vT^`Ag$i8@>iK}sq7tK0f*N76I0B%49sD?O zr9R`zZww^IHz2Ndu|k|lzPv@iFUQcHg5h%J(bmpIMqqD1RHuUR=lP%RPBO)F8HW|+ zOu=YGmb*eJRBCAw<^a}8xyo^IL5fj_OSkNa`+ntQ)B}2%8t9kv5Mwyq(|21D6d|LM z3tnb@gm{P54}gLB#%@rE0?~BCdNs8lj~&gvG%gueD?wLbRw-?FEZvxmB= zj~l6TR8o@m7Mno;Ri?s)7ATz6X)^WeZg%#UHe!9jsb%%n!KGIJWXAU6Kmuylkdz#! z=@(!~3`_4VPafOfaLG@c^$|l&t3T;(yQriSBaK7r=w+F!0YE|`P;SOvqiy4sUNpTYV@*^vpt10zb;KC@N!4qn)a zGi0CWw50+3e}4ix*S5He<#90gbdsk`lB}ppQ@uvUhAxDwy6`N0YkapxpCc0nWGDCi zTp3$}*S?bTefy$aWbjkjYkSi^G8EeGhe!IBF+k}_g7D}jFDJJ^#r!zYb)K*u^+CyXoU=x#_n`8EZ;-&kjs`SDkx8kyk*i2jP6MaG z#*-06`#_5IA+0pf)mEl>2C?hPh61a?36?Yz%4X2uCO9W;yIx`rG z>`%MotE{rNXXZ#t5Y!83u(64|;jECNuqUq9sva)b=ct0~)G9@adYrueXzJUNn*#Q| zc4gA7*LfusX<>ILHvfnxI4C;)vL}+>R^4g#q`T0t-gUewncwE+LRPZ4aqUO|lIOaj zjrzFLp4BuAL+08VmFSp7`c zx}o`EC8YnuA*;N(ef0N=@wo&qUK}D(G7*Pn7=(>8+e4q2J$Xv-&CzmuL)!-T7zb26 zQ}a;N8RA8n_c}8s0QS1l)YFzjAxQ3k`9N&Y`_mf8_ z?W^|bQH@k<9u&kC$qeleMORb=uSMsI7Lrw$S511@6HQ7ZeaUv>&VQ&=ga)mueo}YY zX}n#_r)Q`$;+cS4eJ0GnyOEMP$Fon96H4N)T3$t;8q#Y$^!+(!hzyRV7YGoysWLj& zEV0&Xa;0It?L|H1y4O@B1O0WKD+wIm53vYQI3v?>+!oGh3+=Uw-U-ai>7f=;PcAO? z?4+#sG7W9f?4&rw$fA3B*fX51^+s1VVkSu0OZJNIUhu2r@V*P@PmuJn}U!`3D{Wr$z&$@0?3Oz$d7loIVMfqoqRW? z7>KAHimvd()Rv{Tpic!u$5KXnv%Hp2Kp;6_cn0|n?)i+Tc4|Q5%tVJDZ8WkO81()0 zTqn-Ut%>(~H;9nw*(HlANhk3+O_w|y5->F|;c6$J zGoM|-II}KW6m-!_Fh~E`;9(AFvg*QBuZV-Sm~(>QIy8u7MrQy1y|nFkW1nq=*Kz>q zOZD!K-eb;BiCV)l-shuE;SVm4e+AexZKU+g;`fMDg+3J81;%Ef>@ z#uRzTcE#W2V#IqJE%%nMg-&~{&5}3KQ$AI>pJ!eD@ozv+gi@2j{W_ih$e$sY_z(;a zM>^XNt6zdjNIPFc98g)vj7(AI?G*ig+-eB=h zbJBCS`^LtLm`bG(PaJcuGbMxcFe#O*yXR3=M`nK&oXI=q*)aT37CIw%~bldfR%H2Y-eYryE6jL0gPC&Y<0$1!XXRcJS{`vZL9r^SOFN&KsiiR8S*3qUd1W$H|NA4-K7fcgA<)2PP$E zW_<*4%vZ+s8jOPsg-!WUU;{23>l(L?Z!h#Kngy#l8puaf?sg1dU#gj@JsLP2K5NX< ze5d5zAM7jnsO~)QI(Y>4i5eD(e`-$A)oyJL3t~~t@7^z)`2pflDStNRS!&OlBB0Xf zM$2)-I`d;adi~*nT8=2xKuP3_O(qZ2Mu~|sIefqHgy7u~N08PAa5Rs11P|n^*N)8C z5MOqbaO87UcGh|@rOk+aHSZ4FkF`v_UFzpJ*?o?m_Lj@W{SM22P&YK*v9Uf6^r^NK zV9ut$rCX%2N?z)o9j%{Q&~Xvr?-C*}!jZz|7foLgbmZq=rF21P92^a2GqwkdO~gOG zB4+S+X!cb>H~a#QBIHr^?-Q7lcg>R&;}{~UMSD!OKJ{}W*Pe@H-Sx@xQ%r|OZRg&u zW>|!Ee%C&~5wPEbn*qBLi9w$T<85ErRWDp7J?%W2K}a;#250>}=_<=U^q|wtnFkRnS#CHDV};RIeL;mmuI5yNIBBm8OXZ ze|iC8W^wPAa5PE(yhVQkk62UA*HcdSU;0#x<%sPs%TU4T&c@N^CRCNNyAwPpdm{$e z%7;^4u(&|Do`8e?G^}E{!s9c8=c&#VLkp|D>R0M&-ERqQv@wNwf{?X^GvY#>(ze+7 z#k|O>2tqzt$n0(8>-T&#s@=75&#^pfFb&i^0m|^5W=Y&=wRGv+Adbt|72#k@BTF4v z={OOq^6e5{U#!Kz=;EeO^|=~Nn~?N$^URB8p^Og z)yWNd^m68>Uc(qJnGKuQ9z{!NC(1qH6w}6W39WN@D`UPL;*J&KP>a^*soWyE;QVxK zrS$gG-$(F}<7ISv*)GJwq#%p^#5r$^<8)c}Bw7bEZccwTkGWI@Xd!0U z_^ln^jaX5@#Z@jEy3OwOKAHUrHwll=^m_*G<(Il|DFBOv%s#4R64pJ1cyPB4-$a}h zS+SAPDXi4}dFmCd%7XK3e10T*I^42aeS^JU$jfcis=$0@%##!j)0~$1NnOwvdd3*X zBg;C1-&R*N$!WHzp$M||>`Nlp{_HJDk6(ed)8_WHKPf&{mk9u+1z(@Ou$ro9^zyC&*tZlVxn?Et$E#u1l45Lk9Q;Ko z4#G1QbGR(k6ahgF5Sl8Ee35}TUeedLF=YBC*S)GfFG{(Y%MePU7!EAr}qvz$m7jhWR>(H{6|I^PNx!*^~zo}P0gfw83M&_x;%KV3y`8Ea*09NTY<=BzG59R-P z9~zXK5WwP%&`e_u{o~QefXRE@ikQy%59jt3DZsqkLYCZ>n)H3l$}T;D0*APZUvV zV~Y3#m_s2a+oKw$05B2+9KUhbMX7Y-Z?bIx(xW%ou_;k0fjga%ugtK~W1Qu4sAL@M zq)#hTG6=X?OWJ)hUJE&10Nk&gP8zG~d?}LvdE8PLodT)1MrvMn*qVWJ6Y>Vi^py*+ z5UZl&k}Z|x2`wZ%?x}b^oT2v(;4K)c9p)8W_ogC6ec&~+Vt@(zd!T42t2^Mky|tlg zP@5Vg0%#2YN5wTKDygE0d-L_x-Q_%UW~=P~L3Id|GoN$$9EGe6rAs-mtKgI{&eb?) zcJ*F-6Y~_DZt|{Q_{*v9_ZU@g$LIq9I+I=l8L1+1^xZL^t*Lxm+$%P%f~|C?NNWGJ zwg8-Hdf71k$G+t;xeAxDRk!ne!r=E)BbV{|9ICp}pE#OdoJE}t&Q8N?2YjUl)Vpjp z6Xy>D(F(bj$V(mO>ns39LLeYtcRJE>^H+-4%J+iEE+B*FW79DeXXdcMCWVl=yhMkU zz?SEi1IZjpotc?#sSH{S2nDQ_vEW`46PM00--p8`tAx|W-^)w_9YtM%^j=Q!k}i6X!Xb7Oe5#BI_U|Q7biqiG))$8GGj5L`z$$LSzhfH;J7fmGVAu3t&*f= zwIkyJuOsB+$!M4G$^*dbIM0^Ku|mrv%4txu1p6dE^C3Q-f_x+N_?DZ9a#T$A2l&u2hrr;(tBu#nea<0-=dtYSk z81DPh`lbwOsaC9{W2@vY>~Zo#{|Wt}&2^A7n`-$M8MIMlz*&t*lXsdAuuLNz&{m+ANz59r?}UI6P4U*a8CK z-)sRX7vVFTgM~(sr*AjD_JylzJtFsNKLj??Ofx#(qp{uV3csj8SR6*;2!tBJ6)Keq zi|JLj0d@_rvrqg_p4vEgN-GAJ#Y`B_bfh#&`5ay^a4$qNslEwcXa+aSiW>jyqdV4j zY+R?JC(x*2Pi;09viFixT#S(*iga2&!~k9Rg?!}gF*9sDYF8EF5?bl%Fnz$IOr>EU z6+(B3OCi`Fbk#{}Z1KF%`mb2Td;f>QHiSlsC46b7)ubDeT_}?TMF9MvCyNnolHmPi zvzGx6b+Sy{`!t?#bpil)s~Ob}iO*2s|22=D<1&42S?kNkj{6bJ_8UO4xpd|goQLo03KUhwub7jhIP{b0eilveeo>ply$~YOgQg_xx;aDSPghRqES6Nna|MM(Gk-ca*ahNJ%1F36JpFEDu zgz<21h!J0gj=F&seh46TK}859x><-jH5l$3zBzz`z6tf(6ghCh#wU5+x^BHYQTU$Y zt9xyvv(mQ;l;21_xv|d&Q}w$Ywk*M4Vcmib@VxNQVU7Oe0i3U&UJ?p<~{o!GoO z=>33ueQ~FyRZg!4Qz8kEN?rsM**_+VJVRz^N`M^>!Vsr4S++&*LSYF24SxM-UEr0$ zzD1ic@@leI1lq6~mMQDJ*4@CO)-=);(=Zo7%c!CwXi-{crdm#|_L!rh9kHA7zWCzy z=o#Wf&4?*-eXy{`eI5Y-*Yk%1#_Oj-PS^g}gbx^>FiW5^qASD5Y|Wffx%3-M}CS5jly=Gn}wHgE4L69`UO9ZLEPw1 zvKVr9^%gsS9?l?3e0Yy3cD#L!in*4I`&AxiOz~~01mSls>1FO}8+H>P5JVcnY@xKX z{dOR!jVTqInT45KRQri27%?YJE$&rw-7y}C5UV)zzFd#TD{nn+X)87F_7J!RAn4&ZYR=+C@#7p`LZh@|#ILVFXr3C57DabhU^y zS^uaHT%&v^*6#!8YB>CjabPz|cU(&ALF4&C{yh2W=7StvD|fSXP0`;mQnJM@`RrO< zL%bjj=eR_q1kf$?pIpxvF=*7u^;a(>)GueshCkXcFA89f$xcBbI|yQZa^groxjMl- z&+hER^5Q|xoKuOEV%xh=9EeNJ7aN>}sutafg1?0Kc>sno8zR03G4yKjwGS2`wspg< z2S(-W-bc269hXM0mvN6VOcgEL(fvKszT!V1-g!11a5x-|t6U=6aQyi*SI4nppVNFv zV(0A<22xPr9wJ3QvsZElZwap;SclA+ z#llXB!k@XAlI$gB6Ww3ccPDg16AJMx)VQdKpC1tq8e_JApzCnQv}6j1o3kP7_2pTV z8Lg2`-^@D8o33e_SH*2;8`v0g@Roo1wFP_~AS#-Ib@XK4rgZbqeZ_lJUUQUpxQf<+ z*`IlH-Ruy6FQnp$Z&Hh=5@2l$9QZROO-U6~NXxjmG{i}6z>Cvjv_uftXMf9;h-kLh zmg>PNZ_?AZR{LySi4{&eV=U*6kk$mV)u2!YtyG|3Y9gcCDJ0bYJx)HcUn$2x_7JMS z?2JwQ8K|77%sL#&@^^e-It=x@hk;<+U9EYf(@kk4m>7rduOF8Q-tHMy88^Fc-Xf>( zF5(WeC+_Qm$0<6`J7$)1t=u&Am3owg9DKTLE4;i9v$v%x7 zmrRUax4NO=T-2|!+kT(O-Cdo`8>L0DOe-}2E9HlsWcE~fobG(akV*JfLsGU_U?ic- z-^ti_FCqM>7w!tY!>6sw{#JB0Wpx}C^WTkyxI zvp!=)nQX7l_}UThsqEdJhWfOxHP7$6?F>PVxKoL<01N zseA+!NA5(C1;RHR-}2u!R(~@xcP>2kF`)eLlPJO}oukjpFwP~SI+Rur{}3zO3douQ zSU!U;dsQD31vM|S>>4M^wb^^RGq|H%IpZvg|Al_lN3Fvs7> zqYywI?`;S2=l*yw2Q85PGbF?Y{c)dapel5{P@vf5kBZZZPXO?UGtpxF<39g~4sdAJ z0f&4%poh`{sfrS>+riuzic!M{9xO2aW8tBPWbS;uFH;+Ab}m1lEFux-w)RZo#GOQc zCCh)O%r017zpHwClb%4-;<&x9PR60<_fHM7_Mvcqja%TT$VR&g?~P{K3~m?sRWIfPztBq?-7}QUkq#jlUlH{@W3PR`t5pUt zRYu-KI9@*Fk2DvrPIsgG;<<9g+iG}iMzYpowT+y&Q$*c)r|aDu!>!G0I=ghsEaYK8 zh+?3Z`Rc?wB!pZcZI;8Qe74rLQgO$&EtEp&&9|?E0Ph_Q$aQYdceNh;X7EH&I4a-G z0~L~tmq3N&OU2eZZ$R(%G||y-h}pDG)M|RdpSu7BhP{9^^a#I27ow33_l_032lD6o zs-~s9EJ=m_o@lo{kbp@v_x2zLV=1LP6PRuWgL$ogeKYcAxM99wyRjn!(8tDAxLRwe zF#GF(yX&C=*(@44CtGhH4NErx;?&s}DX{dT6LnqU0&aqsIQ{?}OPr@HLhd?OT+MKo z@Fzg(+m-(9q!)l5nBIH<^a#D{-kOvK%-8uMdO_4J&Xd5w0`hj;geDgvgpn%Z?dGqi zyCiI%_DdA3IKu!<)7eEGUtIl62haQB&~#o?0y3qt{+y(l%I-9(>;lP^X>Sj3F@kEw zHBPPLOzthwcNesx^zFAjarUH7rCZR3gz9@m;UkT!>~!Clw)>1;sr>_&Y*F;$Fxspd8aY@b z2>m*5Iv3OaRpJAb>S&w$5_99`d{JNUh%50be4+Z+_PPZnCBy#-N&>pvN+rb6<fu(@{#093+JCm!wQhf#^`ko01DCH2wAT@_4l#xPOvi39p5)$|A#9mU=3 z`&1{PYq3=qMC}}m_`KgGKA%cmf-ctxnV>+Oh$k(7egey{{o$D>0k$3c&9 zy>v6*ic$j1tz+kH zKAq4%;DK=m^sQWaYtLLn#5J+_G1D!#Efe@0-Xle`jOeUm*FrSR$$=R0L%!I+5>}En z(8cYhxV2Ncnl9*Y-iZB0>_qqhKtUUwT)`c65+7Xz93FXj;5b)P8o$!{-R9l{PR0R7 zWHx3ZePqLWZ{)k3OaQKImsW@RC3rtteiAChhiP*l5Nd&W&d*KT-udO3;_UHrJ*Ceh zXY@La0DiALU`Z(0OTrBRN0w)mm4jVQHzK<84-wL7Oupw1lav%6AwMZX%h|)<4+(L6F z$yqT!FhMvjjFKwWYJhh)jor{)zd4okR%yIKW!0{;yU&+)!OH6I*L`MP>ahtOG&8Y` zawwwqL3D>xyMZ(Aa9?%@YeJblL*lDNmyOs~eN`LLh;Tq1ak-eY03$GYCaNYwVYm2U zHI%A1$#Y;3j5s!!<_S7FkK>s(Gn1B^RU1UAf9?(UMmsFK=#UmiAZJH~G}c=zyUv{W zSyhcoexa!lgh)I`VdtE_Hh2~JlL;F-4AeOrPzT3;^YQnwZ~ch&Q;US8&B=3BY~7uG z#0w^b99)^1$Hn;zRF%h>51+RKbu?4#EY;lR-izJT;JH=za^KcVk;Tg}k#8T-*oX{# zbROqfoA&pGel=goB6b@4p?9F2%QK+KsS!pj%I|r$ zH)FL7lntD7+6h1f zwM#AjV)q4GNad@I3}V!0B9+mB$U42Mev#}sk}Bru@mNIJK&xX~@#SDAkFERF$M?jd zu{oIhbS>9ybT4KEC@mwTmRrg!y$d+3#xw+l9}p-3~2~qJByd51_eH+jL%m0rMY!TM> z;(O$*ek3f@DIK%yO>kT6Z}?SOHeRpDB-mK-A!gpdVQ*A$I`AN{X;-m^x}A|KRBOL{ zfn}1kpwA+&;sp(kUxl}_?#jA*SM`fbr=jk2JCnP|_kt5CS5>HA=cd8j&kqbYNxmwY zC2Fe-1^x@4g#_}=fq@hqfLBO%Udj;ra;)am`$o$$*QY)F?`m5AR%aw%fpr_syQA&nJ5aBn)mBY zH5%1SC-jAS3$EH;TK?KorRpz>Op%>Ue80d8l!L#G6k__b>;roZt_ zIQWfLBkz5vEa*yofA?@|WvYyC3V?5(l_KVF(Kh}*cGZH0)0NVP$`=Q2&B;$~43gD^ z$=4FUq*u(UmWR%08uw5CD&V^};ZHa88P#jjxS3jDy?vok?VU(gH~xMQN7B9~Z+0IM zz2e|pJhhm|7&p#a4vTbldmg4aLSnY!&iw8|^*Y^^rI&I@#ai;sy`d;>!_|*vk2%d| zP;xk&NI3FWZVx^Qp$A)}z`HMAo5`1r_aE}*gFUp^^8EH+-%ca%re!ly?67=&osCOfyA%281Bzm))Rl8=xUWx&F*1@y7OR3 zEYBtFjb4+F58`9I?)QYE zP*uxtKk6*?7b;;jGwsNZDCM!o&1i5nk)yo`X8)a84~0nRvl$A~TG1S;5}$-`Wxu%9 z-R@!fcLJ`Kd0OHo5yctWN6fhY0)gfMrS}(z2}eIWZA!>L@3O+ywsSXI3l8!hv6x^{ z*}{g-@G|tKp^m+k&%$pD(NJb&l#Ck;CT5#6;%-ibB)#aWNFj3o4mof6zYwDaz6jMk zh$O`=+UGP71W)e^_8HW+Q*t-u`FuWe^=8Bj8Lz8%D}9kX9B(GE04VXw%-QYaJsSGs zFF)cV!7T*d(t5)0cVe!E)=iX3eIQ*A*#^h+wQYxQ^Uc<}fbn1naLUHZ*B@KkL6(B> z`7`%Y>u~7bFV!g{yy$WapF=25bniQ%JUggp$7_2>HdpreMo~7^HIKxf?4HaFWEMz- zqk+V8qU?m=ha4M0z9+(@-2@O0lekrs+{?PK5;r(hC%oW(BjJSj-$R>@IowWX!i;m3 zvh0ScGZzxSs1=VDQ*I8feGLg80J7F^YE!QlwaM3e`=0GyXKcRsPKkMlxWHJCd8+F$ z0WDd&wO<;=W4-mNXQ8+G+9vfmY2DmrZCf@n6p=mb_kfY9C}2-0pA;_6`M*b(`1{7Z zw^&P}{{CxQMbc=e-{{gf^m?5OJnc`LpQN-vj@#xfX%oovZ)_>~8(X3r$K}3phoAf; z70k}$ZiQ^xUhlyBqL*KHGw}_V0ZLYcS3Ct{AVNBud+CIWXs;sZ0kY3UPJvHwzrQYV z@5%@@>A{kBrO43-fLTjw=@N zyLxLLf`>(XV19spCyjLJzd4Y%gMMnC{yynV;VksWUJl(1qPyF3sS zD=j*{JWxT0-2Cn2Rg)CUM$;j5n5$7=weTX_%_ECn)%$Mt8>v~}f31HmNyN!`zKq(; zUVuAx)_&*Z6YdLot~d(*waPRng;fG4td?59SbLLKZK#111CCm;7# z^E@nq{>yx886a-j8BF}sd*xQ+0xz@K5Dl!9)DWV_2whD9FmsHk$VxckFM(^w_`eXi z8~}l<5f1AUi~6!mLJ{b~84+jhbZo_9{17}PVbYbd(<%^Wiqt?S>lG`o&m27Mga|93739VKi>b~>n)(F>bCb` zL8PTqTImKsR9Xe3L8LnlB`ql}APUkA(y4TJgLDYeNJ&X|$G0}%z3+X0-}sMl2E(DU z&p!LCz4kNb6LSR>{OWn)Ez~;_$YIVWf+u(CWxsIfi((>6?Zj;1=4n*UX;gh`&J19p zN71Edn%?7R>8O(XpywMZa``z$OaQ7RGxH_TOn%?9{v=l6dTO6<%v_Od_Lty#FCME% z&&I>qO|s-XeVV{zq#_8!x7i#Gs6>bgE%cWBk}8*$V~ojA{S_`r88)D35qZwWt;81u zDmzp|R<`r}@O{aar0z7mu1J;*Dm=Ey0B9pW;ek7;1A9Il=sq~)wJzqhUCKX22H6#_ zFp>ZN%0`b@zBoSn3qU6>-Kdw#vEX?zrcr;)6(v@KGQiAl@+p;1_449}7{$ILf->KK z`K`YHH@`)I8`m^^6Q(AOQu5-D-qr+&zOn%fr#C;BOA$N~hCRB5OJC5YlJVuPU~_1$ zMr9E})RNWP2bjB(mJ%uNk?6}iG%R(1wk6CN(FsL_Nac)cI6&hv$beYhdb z0|jZe8d#$9jXBmEaCF(=iee^0`i2v>#|pDgHUhR32WEEgwMmj7a26{*G$hT^(Nyk)J+;GC!!OB${V9`74W>c18o z5DnECa*U1(6~BYf5N;;D!AG3+C-QM!Up?%g35|`bXT;q@dc>PO zmv5bNogGJV6TG+WANN)DX`95w4P4Yp!=Bi2VP==MmiMl7s(6vicX}1bCD|-VL=2hX zF31U{$Ox$Kk&y?NleH{{`Gh6>afUB*M-u-w{$MpK^vto(iYe_f_3o*s+m9S|dap-+ zmckAr8|I|t%gcnl5GzYuM0%r|2PmG}8m~_;u0$_lw9k@x7vyJLmUEsRwF%n$e_}3Z z@JP(j*LY}Q!oolsn68hcn66rE79tm!SLg0d;|ZS9msEfeg&|4yJ56|e7wYOH!F{Qr zz~|d5?ZEPZH#|HK!taY_OhaWrgs)eq3Llt6FRzChLp?M zcH73P3L<)4S>k8>ZmUFuoSyU6dCI``au57d_GiO&)v^SJmurdV#pC)H1`lL;w{{D; z%(Oq`HjEq9iZ^b}HotLxtfSjkyZxO+)$hk1(5TFtr_!$s3p_sWKIrQ2HG?NYy$1xG zJ0_?vF-z{kov6LJ6v2;q=acfQ(8EjQUN+|@@w)AG`FbLC;z$thm~aseaf0?_&#*s! zA$(aSl$8T-%pUj^OLEirwIzLw+NJoCGw99GeOa43!nq+pc_F;@jd-=i-4LS zKAR7QXG$&!@4TeYLnAVrE#xwX%akYITSquaFOcOz zJIHrGU!9M4n6hsBk@|Q?f0G$iB{thx%c30%myVgFNJY~ch;sq!_>&i>-q@AC?y8UV z09>IwWo_3X4ryMvj{0hvRnbL5eD57YRTzsqibd(r+c-_B3wP^-xUammW>@kZHJ|$^tcumK5*SFGTZK-gnrf zF1y(3r9>1rEs|<91`~o9g3`k>1IDShAyqCL#|jxW7PN90yix~@$)G|Rwq)UYzmp8r zx3Xy<^T_jJD$x3nWld$gaudrzO#?^&G^xaB|AScR_iu-%Ij`g>|%~uWRHJE1u8*@jCNfjGzEP`?YBQ74_INPd+{rrVpN#esUWnUScZ@ zWjP)Xx5lkEbCgm&TwXX1HCq-o>K)QZhE)CLPB&K)*a6b~#qX3EQT13FacU3fUBjF9Wa zS!EZ6vOauXpvuX!H`=v6B-x}nZ3H=NhfEt2(-&o@VLMk$D4Omy6UrS~V{LXxo4BW) z%**GbLJ^ud{U_?Kst*oSONT;_APL^2Mz%IUT%zKmwZf&p7xwl{h)_B;dBnjQZjCjT z!z4xTqKt#6ug+a^o7+rVtyc2UZYS)Np!=J#(}%>14&8a-3-lVx`t!1h!PY4%r9^S0 zj0)OCl(N`~Wv=3Pe~#Co?43OR?`fZgj3oyr37lrM&-~p(#A;q8_6+6$r;MfBZd}Yl zpgEF3FkNCd{GY}=nwdnbWw!6pJG$oF2nLbvy9gie7&}Ku{kcyz{Z4<=vUs~q1FeuX zbN|h3LY9gXix$5{z(5aHOC}O-`=(x~UQ2Z>( z+dGnA`d;|r_kJ_VJ*E!Uaf4|LFU)NBgTc7Zxm<=i@|l)R#g( z=4Wv<)-IN~Im+9zvI`nkUuu%!$3D^#&@&}&E)or534~G4S1DDYObyy5)-E>K!%wNA-bd~UDX9B+8GgM zA-$}d+Ss{kOu)&D?<~$E0wBoq!%l(hU!krli`aezcV~?}DX*iKTl@uSAL4f(t~;SS z_P;g5eD1|w(YHdP@DYrfDsE<$z0RAp$_h0^l%rNsSw?@h@e8+P*bot?HCuPKFh5Y5 z2d>{`Ta@~(hpRZSk56|=KV!)E$q4o=!HUw?Cw{cu^Pc^Q#)FY2K6IHx0ZmDFkb;Kd zbOfqSt{lFL52mLSeJ7`wO{X@`2<%^Qc9P$Iv~W4&g=rcD_QSZO0!EpWjAeFR{UXC- zuIwnjX(QmIf!2OTaB9Ji$XtQ16DETh=>#kpWG(YyzS#-u&hTp?dIJGnRxyoJuG4p8 z>?KIfXEEKQ$J^p|o>d!e=9a$sXU!iWFp7tkx5rNWXLn8R!895b%friCv{OKZe!~!V zd@O5dr_+y$XgfIAxx)G?vG2znu^Z-Z7m(?y%E9Wb~hpvSwtA zPs5_4AI^-*|3Poi;9RZN8`bG}3v{*>6T0VA>?%f2I-^UP_&)X_+%89-*YQ|RDZcQk{shc^>KgA>M8+M(#zY*Zr=005!C1spr5a*~37dQ=CwVKI_YHgi@x{gr~H(6m}U`p`)VR z*7F2=piAd4$8#EW&~;v$k^1G``Bo+0X+qdcAVwRVe>4*zOS`(bzy7iSJ=uz6Uh^&> zzm<(M_fH%#N|Wl5@yRcG2RFHxZg0NdUpM(J`@pBGUTpiS$&lk%AHpjY#Nm0TslN(h zgk%6$be&m{WQUN#qM3_Z=)N$ou23+rtTJ_>SpP4Dsy6~-xh;y5EIi30GpopZN(t#! zU+tiV%YR-%mvoep%B^;vVg7?lkLSH=U!KLo*o0g47(meGH648Y(~|&bT@|U8O9J}# zF=Dgi(ElA_-0uqleMjMsDzJ-^V*`f4e=_zY>U{R!D*j3mh>6@jFoe_}k^YZ!fEqxD zSRjzWc}0x|YO(&~wR{^A#@?zb`X7cGbd$-!-&bYkDZcuj|BmG;KnW;z%p@ksfBpRi zM7{sN-oT6kelp#DdrssKm*n3J`ltb(>_0w8QX)>fi-F6yNd0$j=d3)f+E`LP$AUyX zMlI$eY0#XYDFMxi4=4vl!~TS9GPE*ZqCW%BLd>q?@f-9WyyiiNq63M-CD_WzmdUH{ z9b`;a&A*Z3`gc_q*!~&Fvc(fecp7mF4bz{1MFO-MHm6qqA)fuQ<4~nQEMal=Aw4go zlkg-7Z*SblSgC=(_|J69eM#S@)|N@yrH~Hl_|8~+>zM|)5g8p_R6Q$XtIoB*Q z%+#=z`GH_M75w@O4+9wwMrkUmJU$gA>a2f+amX>zrmqwLuE2h5 z*4+C=%>JBc0oM~Qr^8cO=_)HSbWK2yX5`CIKtDZOUEhN^ZBb?}aDQcW zc<*d=&?QoXhE6VbsHk&sQ{?4ZnXThT@TJ3V$~LlJu}QKtmBZ4F7CnBs<~;jEfcUfg$Lm1O>ib?#`^LzVz@1jv zCQh>IdFSBn=vP%fedlDASrJ-hEuflbrjBDmtdd}-XX^*Vd))9>e#>>PjEkZY zvK^>FXbv|EPJKi3z90c1t!%;<|8(*VEqImW9CuEdEarRpH9LNiofyHh>@+#*D&^;p zurx9vecu>dDDO6DaQD@3$n?n+`E%8e<=|bo$(XaVC0kk#>4< zx;dhOVxH(B3k0z_>VWzDx=u4gj7PzYrt;n8Ffygc^=Q_Yn}@Tr*$weoMCN8hPZj;` z&bV~9&UX*9By%(#d4e2b!=N<%anD4d>=mvz0{Qh9Rk)ZUxaEqx2Hy6cCsN-d8_)<* zw5Nzfj1V7fCT`yG_zWV5yBNPgaXZj%?CB;B#Fa%|2FC`L{*^iGPxcPcq9r>(IDvEH zuClgRAgL-LEAE<=-Eali_e5Zl3K!pusT7M?J3V#`zb4+-up)f% z_0V1G-5;7LgJm~>T3yEcG=jfmepa0bWT8G=GZI{lsBxEaO{m#7bHGW$G%LX@LT60V z?n^lsQr3t!k|ZSW%f_Cy@IspNkMafRARyu- z;DPPQVQiLDQl&u0vpB_E!j-BF@e*8Tntrcy_hB05lyuS)Fy+H~W2h&Y)n*QxqMEV+%l)9uXF z%LHZ71S#guN;6XZagXJJ?nb8?!V2yTm%R3$Ifv=&hMZE+T*SG`HUb}h*%Z99vXb6~ zP!~C?I^11B|0zrG$e^JMb!UI^kXW52u0wu5?Lh_~hjpyA^y$T*tf1YcA^dlaE!Fqy z*arEesQh`7fXs7~;%&b#sm-q+HUeV)_i?Bu9}X&WGEVnWVv+N`j{JGSyF_93;)L`} zZ+JY#)kSrOk?iKPLxEb1nh*yUcS-DcxH-KUczmGQ97~oGf{%K;N>xxPM`iZl@+i;W z1UFEr!w|Nm>|Qu}w6pE}Fsjm!S+5fpH#3IRWIB~g_1r2)VBwI?ID`50GJ7fX4RQyBm0oEGl=G`tmj5nySr4 zo<{pVk2!{7H?EfKG8cThW}rs?45>GG2q^J2FG21F)^{{q)lwBdS`+4*QG5czqqcCy z_=H|?Q)MppCVng+V+V}rd@Sz zM3ntJ#ndZ%XOo}41&+_^H4fzWb7`_BujTqLk{)|XuxNg4lc2{nz{{{=lUegbGHIoy zU@cz|NG*X&xb#7CD3N#+7FBDx|M=nD-^RJ8}9w z&iUwD1Us!R2t7uUWKZ5>(+V&F1&@gcX=m@$BbhtgS}sL$v(u-;sH)*&OE^hnW9RmY zB_vaoP>7skzDedhgHQI`i2!Oyi~@`qQ9_22%9Ue`++ZWPk1)#S#l(_q)+K^niKqNe zP{iZe$)fol#B0e3c=AlU4AP9RQMc{9Rr0%T^RX&VH}L^FE|jc99vYy7RhF8}vH{bi81%Y5i1JNC;^0J4VJ ztscW|c#~4w?5`*~SjPMXEYOjKPH};{^1_Z91(NCg5UFT66u(B}?VwGGxRFC@$|*C*6T;8RcI%-r7uLP(k$BUUgw>*PPk zsXBa_%A1F+5D6B&*&jU*ktb^97MewXoX1{O2T=C=Uw zaU%*~p4JWu9l=zpY`+$3-~d1x0^D6`gMJU3z_+CK!lRWqocTN4D&cX+?v}x>Z8|kTGa5w|iA%eqJ6d9* zz^VToz5H2~PUHKuALOa*79gj3?sp(ij*OC@qJm7ph$PaCI~w=FfuqsyakZ=3oml~& zk-^Y6Mg9vT=PH$sQWVitdpju52Nz=w1ajN}%3&QZ5*hjj=uWK6eLyqzZo9SPQ~dBF zRjm3_yV^e2iiP8cp*C^$x7j*)Jj{71g%hg)Dw!;+?KL#E8ab6bcDS7)zI9$DPvv~A zU%%yP+39ml7IZIPs5!m#a0C(P)_MGC)$W&WhrFJg!`c3PcLH?DaND97n0WAxl}1d+ z?cXUOs7ZU=A;M#QHs%a?_51xxX?N7kNB|>|?Vo%0cNffsEMqxZ-z@>oty zrdnlqODFJEDksY$OZ_-L`W^J^P$kgJGNiI>`_j-kBl`6yBhxSg^P3h9G!h9STx&rr zBqoyC&Il$H=fNfy`}J|fiXtfjCd@Fr`NFFN_Z=Z}W?_OgIUGD?Nv|POrSMM_j3xv@ zxJXV3vQPxiuj%j*cC*ofZW!mA6ox)pBlOi8YrTrnZ!!;W{{-Lw5n=h^8kx-QWBU7Z zO!+l)Dbv*seXcfJ82ZiNhIOVs1u%l3L-fkn5B8g+-;kcx?W_DPL`?EEjXjriPa`Y3 z!k(X?x&P3p*S3S5ivB5fG{1A1!i$$^4njcZv)aA#dy|Rip`lbR5s$^>OFKa`YC2jeO#8rtP^f$D8;~jE}G0L3#J|sG_l@t5DGRwC`2W_`@Hj)6FR5 zRO)2)KwrIHO*G75{YRB-re6hzA_CS8{Ma8++K?{pTADnz(Q z{N3G8LP3HwzM8ij!l*;Iy;+T_#(BnfSWwG ze=hbzlfnY_pPa|OonN*~`1Jq}@huD&#^ExoJkUA$WrHbrEt8Xnn%UrjJQzBwCco~c z-29ai<5NW!?5x;Z=Q@%6St9e4=kEwgq2GNu@E=bwnJfUKsFDHqb>h;Rdwzo1Ja2Q@HNQ>wZiX4X`muqEAyzTw$QgxtN3hWYdhwvhjglCmg9Yb*heG2XYD( zH;rC=Gwj>0-5icOa8W#^4#wt@))19XJI88%3OrI%Ig@@rO(LKEcnJ3Odb+K%- z(wT6BFGg2Qn5D}^Jn=jm^Zjn(zE=1Yh-D{E4K_ZmDX(?~+gJFq^??md0=KVRtLZjR zPs!kSJ(aeWPb@0cBPM2*pb0S^(f}ml&h(mRv+7H^m`ug_reYYO;y2HuSZsRfKRYZM z$u=NS%!$sol1L_&tKdiwpFr8=_yA1D;3Gssbz57^_lzdrqkK);d`hkJN!;Hwn z3Z=+y39*~^KY0&b1Fu!cbT;26frn9`(zy1MALA#Hpj(Y|S;(8@e7TvHB#)}e5vP;= zqGC~KH!jYWV}S2jgRpFQUdOqvcU)s~(#P|z{7-hpR0>9GH&3tQmTC+L%(E`pMmEx=lmWj)Xxv>UD=HZ?aW!^O(!Z1W9qUuAt;O zb?1j^dVX5*wTE8WsJU}jw+iAz#B65e98 zppii%r^Wc>dC9X8B4g`X8JGp-+hXLJ3BcnN5Jkx3Mp z!ZOs;10FBw-UR-*FT4(UTp05_x=jdCQ^39;DOqm(3?%n;hqnOF+e7}5D9jtvzEYE> zDP+N+=>#^iQ0w2{E359VQf9d6&F#@pEC5&2&Ga^>-9;Lx+Fxa3?$7@s=q~WYdhUhk z{j07dXj(8~xFWl*0;N(I+-<}P+qnJGYnwjl_ne!=znA2Is($`xbvHKZsrYcdw)Wvv z2XN}phS5q(XgMw5E7$#%FopcTBuv4pmxJ&*DBww!Wo^nuYoMEP<=#q)L%}Pv<=9Fl z1+6<)T`U%+U|Li-LDY4ztItxR-9Zxq?qKZbr*@`Afb%iv{qlrAoUTr6Or=myWTm3O ze4@+%fK$8Q1(bL|qx3!IMx(^-=>jb&Y+nw4E)ZEZ$#iM>XY7!k1tckM>_3K__!c|t zGLL$ALGNb}M zEAK-+^k$GQzDtOZ=4`6M`;kcy=!fr*{m0zGnU*+Qj~iqK_#CZm726kM&tx0{WNTbN z3FER106GJ9%P*U*o6dP(bkEl&%JaY9V$va!!cMK(XVz6cS|z?d*J)g6`j^i=Y8v$3N*&?>vZ}*chx^YMhz9>RZaw ztTvsVO;|z-e;Q7o!v;{887g5{Fazdi`NfOg%t}5zSIA>e69_!^lh+=5jqTt7k5|Y+ zJ#jqMe9s9*6F$un;35&rQ8u3>pC!8Ndw{>OS9&9ff{7s&)Gp>bm=dky>5L^tDKdI0_>%hwHv%ZNmz+bud-8 z?j>{Q*pIZPT3t7Cf0w{#XbPDtr29zH3IJg5b;#Y~g z5)|2CE!*e6STYH<9Fq$)bm8Y=PU8;r&px7#1daM!>2q$!K6ZOyks1=Gup2=-kF&UsY#4aFx zM=Z8TMjua0l%2AJA5KZJFb6Io8W;Qg0Lpw^jXrEs$DtDse+Jajj9n$Ni3 znuIbf{Ca^&WUbB+%!XQaO+4qCekaHeLIGsIuV_|?-GU+kn8~fp^5JgtIb$`sxF|=B zu5hU4@JS&Ax9v2SCwTDLtKqp%BvYfmi$ui5Q(}gYJ?%7*-Tm5i!5MXK0LWg4DH^c9 zUlXGrC!0yxn+YQBo2~mjdc8Qy!XbqxhAwSV@JLVsjHQOIZ za0!@If=yw%lS#4$vpvkakl)1!F4uTwUZ@EOuO~BA&z@s`Ak=m#G*Q}nSQc&cJ3@pL zjp$1~h^DJ(W_Ya9g7IE&J14=1gN=uTX{R7hxdQ4~=93G!jQ$SULg>t}+Pk7zJ_^x7 z7bubQHg+b7^q0qlz5@*pE38I8ELhp_0aGWqHxz$-YJe0$aXwdypdb&R2%^5w;e-@H z9FK8$)~UaV+Hf$muN*Az>fJsDGv>6r*w!Dz+&6Fa#gfvqLmr|I4wcN@Bsbux+&JCZ z1+ti&3CfvJrO5kvA7j+Czx(PKYzUVShCA!;Ah~ZL5i9)Azu#YrP(WE|6=Ki*g7~!~ zn`%puKr=zp3IoY!VrHTLgc5KTCBgh%AZ<`F^9znTY&orF>qZ&cv;BPc_?q2b-i^oa z@WkA@b20C9Yrih8*|jO=c!;^mW#6u6*IKykCS+X_{D_qx7p)a)n_N#2@c~*gPhc3$ zASbaTi0U72-SsX}NZL{QQ0c1y$R_32?hzx?4eQl{HgkB{Njc;xTdymX>CO8eC1j{T z5qNo|CUj!Q5^B}-B2KGJo4Y2r>vOdxOzo$*_G^%Baj%3vQPU?J;kwe>2aPc z=Q{RMaYTKME(f_|`t%ER_oIZ77Cyj*4L!$W?^M{dLJP~E3fb0YaM|#HM$hNPeNY zh943G&IXSy05xi{VAq$x&w4E9X{OkGbhg{~=GYh2x37|oMaXHT4J64>S&UC{s|S=0 zttkx!>|lG!P-Bt*9Q5Nn^0&N**4fO7XC>;?%N)N_)=)2k;z{GIr0De2kR$+YuYOVO z=uc+iqi|nWQ56SWvSHc7N7XoXS@4>6b%+3p`jLU9kG4Bo^_ZAH z*za8!>Oo?ey2Dvbj$C8OEl!>m;8e<2vY+Sfg{h+GcZFrTF@xaimUP##w5Gt9We5Fc z_wm#PT5&xuUfhb}r2SPP9Ywt6XzQ-)?GP?-bmfL&T+3dIhiyi>Pm`MzUUo6F2%i6u zMf=qG*ud}3NNn`yJsSIhu+2{)kuhXPEe@X_n#=+j`o?s4To`t)Sm-l>h`bLcG4>GPF!tcvn$X0POJ{rV%j8tV(!CVI|_=zqdXbAIO=S->axAk zduIG3;k_uma1&=Q^5rlP3%1f2oIhL_c5;O_L+a`Jc6}6PjtQwQBtX{E%=z0wSZ52B zZ4!OZ^!sN|rgZ_L0nfXqT?6o_#15~IJ6XaQ5Mh#oj=t^>jmHxZoxfiuCTd3;hMW{u zsILAr5+feiAk>qEKjngy-7C0B_4}utoOE41Clw`isNzp5vO-R6M-Lx$wMkGMbb!lCK@a$JArxLust-Sc-2L{y4xE4B}oSkBJ z(W6;-(X%9H-*aX16RoZDYsER}|A30=9yNA2AX_A)m``DzW_9c!elbrcX!6nj4*xvH z-~(*}rrja& zobdmt1u5f&Od|7`J$TGUXYg2+G}EnMRM!>4KfCquLg^Aw@%Kt?79`3uJe@-3xCocF1^(u+5*C>!B`=`H|_Zx5vtp1h@v;dQVuqoiLpoqLg>694**sWQS4HALCfVhaP8ju8a6&KM8`=Sn__+LNu`+MapnKjYBT}Q8Z1`jnrv#9}pY+dgQ=i~3$ zg_!@Xpqw%B+q`lWR4ezJTxCCyKDKHIfZJ=#u#yjiV(#58K^G3C&rYqvY1dGC9w;vC zVvj;^y7>Xf^RKG9Yv(}OWziZm^jrY!-f>VEgwxShvijZE*Ozq}10F=Ad}S&7t5+c* zA!3s&BO(D_@F5$pe)quC^QG^PJ71?qi4qqv-o37^4rswp?Iy)$C1?WSYlS?yBBIYK z3tY;92dqVD*K9ex*R9|0op_S|qfe2%=kQFUm)F%y=W{Vero^xSa&lJ+PdpW;gDq zToU+=G%2qHB;h&j*Rn7*Q5`_9bc8b~d{KTDLlF0?+JQH!spd3(XK!18S_3bNSv3?2 zS}m;`VFrV<;#W9WkM(aWm2=)37!u=es8^{IY4T=7 z%!O&mTYE5wQZe6rmSsgX0+@yVs5u5p=*lh&dvw$?kia&x7y8km9{gMRpg+G=kD6me ziO=c?eSCHb=~Xtp8zFrO5hcBp%Ba3)Znp={0tKfc8^uMvej5f|m{ai96aDX>y*Wg$ z@7|K z11!@Zv^}j#C6fQ^pRo6g3Xn=egtbRdpRJY45UG-)d zC-yOwaX=O|4BL|9+;Hn%GylC(a&vjb`F^V`n!S9a%fjjs2|@i-xi^e#Vr zrZ9S)M=xhilwThg@M>@Ml~>oU6&sJkUf*H*M(Y2W3GFr=7*Dz0{44a6_Z8b~dmHXV z`2FUc{+vmX6UVN6Rr1-x+`8z>7?;J!V_>%7a(+F1O?d9%!vBznibx!4r8r*}<0b{o zEJkm{bi{HIC9ZADwiH7_kn0^T+}Msj^@VjGz*Syl$+K;1Y+X)|Nhl~k+AHPCPi=%% z;e42fy9YU)3_bn#wgLOv`$d+H@2JPptr)i@{PT6Yj|PiA$Cm1Ov0@9j>M(*KnX#rN z@=JSW(}O|g5WZs-H50GLammF9lXth<+Db!R5fPNwvnQt`MOd%9s{(L2l8Sqh(D1}A z#B9N~1|t*>*E0x54uq#p%}T58SVS3h<8zva3<#bVXwFBFUcYZEih)uUkz8e%&x48c z!Q01VlHooe&GIm`^RRSjjJzIybZ^GSRc zpA<~c{gfkKK|7}BV|Y?o3%cI#>A~dwJ{-G3GsyNQ4%(FuX*w>or6?#iGGY1of`PBo zUq^Oy%637*4On*}NAR}Yc!`N3Ec+_|9k}3vg%-O))|+NTi;6~2MygA6qKq?K+qUb= z;9|TO)>Q0y5u+7fGrz1LDYE?RVYd$A-D_pCJ7Y0TtguAKHPtK7PNIwfk32|5Ij4=K z8Fbq^W|AJ-Plb4~be?TeY{?z?RNF7TR?{|JIAoIzT>t&Y{Yi4ck14Hsvy1dr-I!I^ zrOSHxU&jldIx?{z5+In*=C4(m`X0~|U)_4@C;H@cW=u zfPoh_hju=vMNQR;FTIxJz7e&UyAv{HU1aDZ<^ulq;9GglF;+{Pa zOX|}nO6!{?uCQ=8R(hXT6;=C+uPQ~7_)+?!#`%3O;y=N}B~L&&q18EszNh=B&wjwg zLPw!1ADXs?O}D^!Nf_#JqUAYbwu@rg?P9AlPkende7n~o#NioNKto6XK88i}ICN<6 z`U?j?olpvl0&uNSifk9sGnb%SD#;c4NTrt8)G;^cWDgVGvhFy8=_T)%;R(Ty-|(Q{ z?k9&76=M7^QLi6#tTZ}Eo=481*4%#|n1YbL*L~#`&9#Va`4;>dKd;q{kfyjDr2^9H zloyah*YgWF%mPA2+YRDLqW6U48KE;+cPCMvFt31Ys0|B=YmLDFD~Q)vRyj`bW6Oi3uL!c_%zZOu?2E#e3teQK}SfW2pEws^MkFJ!$uu`C3 z9A(D8QWuZ=2@RthfmZ*7gat}iqK6=+oa^FJCJ{LLuPcQwLE;Ts5(j};uNZ&C@mLNI z0Nb!AA%Y(D?SJDOThTdD_zeO{q^8#fA;N zx;N0}MrbMR7>oJ%zb`8`OIP;B`IlC^T{@{Cy~{>Q9S&M9?`hiMnUZA_1*E534}Xnc z(1u3>M)OeaTa%;PnJ5!rzhvx8g0A(_LOY5W8xeKwu~TQ z(if#*VEgzeG$3jo46YFe4C=%x?4^D~amCMxDGMhvTV;xr0f5i(=)l#95JNcNEiYAD!5S{|y zYhaE=wF;HFoxeN01dH*B`0~7JNU_egBkdcyz8MKhcmKW>)@-MFVn+Mi;JevhA{vP( zQ_uS@_ed7NYMe|21klEilKd+%peet&+-{@DX1RJgK8N4)9A?W@?LCFpW;%KE9lzQT z0WDzvcu}~aqTzlLh01c#mHd}g;GAoU$mHBQ#F~}OD`lU{tY?|fi3;ya+6r&jt62x=_#7E*#>XFHlR+V1CebQ_?@{bhp88fCAeVg!bw`aP7B z$RMQEeGv*7BD00}0u=u6chSpAPNMk;>AtJ0!Gi@&k%q%}w|}dun`By|?GaHbC(r&y zHbfy`%XME-Ss6V=_oPm52{TW3L5W7)?13I89F>M9OdEa{P=STwOrUcp6ooD1L_g3L z`6*lRd>;f~$B&NWYj4ujS)P+X?2U7=%{io>#c!*>pN1X8tS?TCzB4R7EYkb$GjU<3 ze~K;>R=!g<8`uSRo5 zV6%^u_PbVTeNa3cfkYOn#q`mJo|5X`4}(5IX0pOf(_Rn-;;^i;Edp&kJl18;~* zGMX}*`2+6h!v*pzBA?B(w2I?{4*#i_2^riWZSi| z?J@Q?a6|mae9S-u0e4i5p;I_Z z97-vuldHTQv@K`84CtfTiz&uVP)GzZ@O)>tXQry>Lzk)p!k?dkC5K&2R7&>m+4T_| z6!aQ*7tmH~ryK%^8vJ>?kYVMiIqTAWSBVvwILm~QtTPY4&Rnn|iWa}y?$Bu=(_Ak= z@~gF^x1C)ynFqzbjw#7gC@rTxx4*NrKtY?kg9YC8xrg}UbIQhgwgStvW6iwWmHa=4 zmHydU^(34g_-(7rT@+$+k2(zrn<>NZI;j>w8oFHi&-l|P!{sU2<=D5ig#&tpu&*GI zBm{}<7!u3qA9>MdJ}**xL+D)Qql0thR;u#$u#5?f$dqK%yvoJj63kyQR9HO~6= zF3F?EKK?@^b$sY)>kTg{p~Y>CeI<8Y__-E+Nbo7u>>5ct{p`W4X|AFR2GR1r>5k^G z*nQ;wd*yvx8o((z?4Q7w*UyHcqTQ{jU6zQJ?`2U@nb->b5_y0zXBe=FVbI`|!qgz9UbT*^ zt!D(cV2}vT(--JtwOzJFfI@a?9*7||`^0WtpXwaINPfRFR3H@d&sXp#4~&6!Z*k23 z)7K&e;K_Ot?`p2e^)ar0asrQ71WFh=;@)W+JCp@ zDB-OE&}+3;$nit5vK0{HIc?)n{*oU0KQdZR31kBSPJ#6SE$TV)u$%N3mVFG|oj7*g z_e^_W+hk&JkxEgG@c1*B*+xBWWK96ZAWD6C%t6d+Z^o(9aElJI(z#<#vdk(vhyDLIOS?hkkHA2N}$D7%RnwO0gP*{Wk5TLPa z@;=2#Kp?nAsi=_R61{+44E(EPbVU^Y%eMgjZHOg5g@;Bzf*jUhFpRN(D3w8D{;^&Q za@%z~Ykx$jS`!ExFn#=sI77Uupo#vA$#ZW)AZ)z zQ;Gw10yE}8F?fm_VN>a_EJs4xhq~xNX~iAwFv;|^i~ZOd=GCV-|gB8R3Z9KDqmzrni3mG(58 zv67}|&l}&V{}uZ3Q?khQ4n280F(PelSro(T3daK*^GstE^V zSAf--uao*-I(IJLS|UgjL&1V#S9(i*Z6UXZ8=ahJJ*(Uza=GPnuVOD48dll1o7Ux> z_oGf=9yZsC&|_q7_d<2GGLu!it|r4Ogrk#0f&#aWecl|YMB#0G%Ux6$jbuCU1@q2O z!Z$h8pZ-=#qqTOg?E_2 zT^qwo0M{9h>`Ex?S<6=z)zJqax28{at3lxoySOlU7wG1>vSQ9})1BGVqxfZ~H=1&z z!f!vP=|Na1;ZIl!^LW;JBNA4N>CW9)61;TEvnhJD@%9<3Bt@@D-V1sz`)|asvZI#t z&n3w~rIpd?X#-|J(EBs&0x^MT{?ncbjF&T@m|!Ivf8h5(>8t1|uKu{X6mP?`H#R;} z@_Or5xX$i5WD78?2kLoQ&s+>DE_ zKMuz!heY3~G+lxVwKz>8^G99IP}>JET$nW4_n_=0$v_dr`uH-5vd(*9ICeq{(GuM6JfjI>6U+Dd3i|ay%qv8hT zkE}L#udHfx4$E%Fxa^$?WlPyHbMgBYCDHaeci$g0c>gRP|A8?uZX4plT+h7jVbo*C zZp%?}_y?G-)_*LjGpM^S->ObWuhCaMNFtaOKG|nB)dqM!B<;q00Cb26ki0tbo=8Iu zUb6Zy5IIc#rbo`8W{)ZTbOgZnYofU<`BaU2YsxQ+1%?!4RL)!P;4C0YqJ#eDY(s0# z|4}nb>#Xpr+a`K<%&DKpcEAqb6(V(Q$QSn+cA6#>o!S`i=LwXN9XZ7eVcbDy!hwqt zuQ!9uheh~QVhjl6lEu-4bAgbBU#XpH4C=*YDVwK)o{(DL86>20wV}k>lrfgi9vGOq zWXQhpyPSJMvR}$;>2s*hjr2L5uifBjpNaLp$3LXcAHtjh#g|G1C%Ycg1lEc#2DZDE z)}fpDIv?$TnXXyEj?jF-?Nzd$!I6*s7{lE0o*ir_yNt^|q`~I-$@tui_hs0pvfWgQ z^Q?oRH1ROg`luM$hveD=<$d?i z>(nl=Qt0Gj2Nu*To-Hhb${;Yc^2JzM;g7FQPKYL#s(3W&CU*r%7#v;Nu;(kn3O7Gu zF$U+Fq9?jvII&#zODw%*ts?Bz7>p*eMt6zS$xJHDM_r|jq&oddcnM-NHkdAN`7t{! zxMqB|pIK7vYf`co=;<`s=Q1DXI$Q=f{4b-}30OAl4Q+LuB_{l=Fh5Lup?+faLd@OL zl-U0btRu(v@BYSy46*zbbwD#Cx6H5KLU-f1u6cfDhPs``&AMtrR;5S* zv9vJX%i7KH<>v=%NM)D1IrW!oARm(@pU^SpbPTFfn0R;YEpg^}(@Pu1&mr4CKE0_kXlgI_3+fV6krF_D+^+Zlt^$6pW2JK@nXt=V-qR9MF`XpIb{2R z>F66jYsq?K&uuF6*Y~}6=mUH^5dH@~KDHD3> zlYN>c&O+JGVIznZP&_@8{56;tv%2@tYpSAE=rmr+uqarh^`iUl%-({l?$fjPj-o|zk#^&$kh2|h9NM+8t;c~;3z=i*00}&c#&vb&m61nX0$V4!oN%t zX>(3ktL|~)KR@MUGYO66H;Bsp@ah{v%lduE_!a`eF18*T(MJ6FgWW*78EhGJG*C~* z@B7VdBuubni15qf{JE__rFtN@r}WrC`cFeQKQbA#D!HXo|MhdoLSaCE&Q9HY{r9gH zzK$S87_`prKvL#uo-YE>5JY@KiMl9D06O51KEJm?S}Q#& zHQ}&w^~u~LU%=C_Ns1^v1MX?bbjjFh97d$11AzIT^4w88 zb3{}ofX^#0#U>Zv2Tuak4Rw}4BQ_uWK2~a`9^~HD=(2X>Iszj*a92IEHHzuYL&u= zw-hcWvmlk@O`AXS9|V1xv>g(t;0mx&f>@%*V83C{{ddDHCN<*(f-~%uTQ?AwQo11mrFtunz zHSi?u@|wGE{Y{oBF$!bh10;8?1X}~&`?qaHS$59anO@&d<7rCg0zphaf1cv*vD zp_n?#AipGxfo>o#^ua&5gvjvzB!~JaFg|_MH`#OsIc@BWM+sleo{vumygQf!3qk#O zNV7l7P8)D)4{TL@Xgy2*VHn=Gd8csl>_3R$*O9>YuLmD-nhQ)C<+5+xkaWy_Ae}jl z^-O2RO>fnYayH0*@4b&E%N@!pwa|Fan=_@Mxrph*cR`(s2IRJmjp8+xi%)=YJmg_) zU2<_c%;yl>c#ib^G>`p8Q^j`ZDnwykLx!v5F>c_Txav6+VrTb} zi_kRtXDCqUmV5)?E{sV?;vmUe^B(Q$?eHjJjn?X|>K)V$C(=;jmcspQ&^m5db~bop zwdfCGG}XgJK{>m4!$k4jB;c^dZQAFeBUwb$ch!ce7)ETyu%=PyKlgcob3$!^_tu=N*go9Y4&y#oXxlMJS+QdhF@gZ?hc_HALw{p4D0gcqgSFuxR zb#1IdzJn65vH-yzmL?rgTJ{YtCycqvaGt)CJ~&@n_MadjtzJO}Z3PS=(1Q1O@vGm0 zgkPT+o)~$N>6t}5DsmAv-p5C@YXDPgGP%DR0z5(%bj9VaDc|)K&*{#JGNZ!o&lvBg zKyrCB8(eocJ1-URQLS-!BT0_u)1sePSpnufZw4Dh5#d9v3Ije^#UmZfA3GUM#U8-x z{XuoHIB!IqwREqB3#A*waM(l5^U}g#Q6|(rCK9fsaVBoO1mcFW$}`HIQn3ePlFrLR z%sZTDuV_%I@0DWh0pKdGH|MiH>gY=m>ugK%JaeA?S{k?I%vDmF$FE-u+_+njSN7ch z!y*ykWcJOp%W7z=E_n0heMD19aMhv?0Fg zQt>0lj-Dr*fhfgsbwJ9~j4Hp1&3PTwMD1kaUSy%;JN+wtNoDli-Su{J%{ z8@R#MRKGowzo)jQP|xjEaENS3SjgQdBYk!A!p|a%px&b)J)4bLu`-VKG0fq-foRed z3k>9+8vB6E??<{uADgrl13A-ag8ffQgO3K=Cf)s zPeZqpMC1x#1K*3nUbWiYQV-tJ2d*sX8pu<7(dFppe93_jT|!sIw8$(ZMw{=r? zzdY9GV_tv}Qb8{@8lkVY&z>7ZJ~S@oaQ~j1SeROEy$~)z%i#RKpPGZ#XIiVC-mJje zL%SG-qxJKP-6U)U9JiKi-X}}oK3H=e6eVH7tB`#+_1yJ%7(_nQpD=xAi7tT*vXpng zgQ#l&`Wl9!-=^cjH9-k08q~lo9=m4Y1z;Q^^^J2NaEGsBZZwnH0r`-CJA(EUa0LWWo*Q&Ix2nr8eo0s z?=!@;KegYtToyE`X-w$eZmdtJEPMO&-6RMcbDF3W1q22axK7y=b%ZVTt4`SRKd_%> z(^JZm)*Dr)vY`ww0TzYHJ!gZF<_!_@=bJ~}d=}LrS}Jn^kz$r-8iOfhQoZiqcs2h~ z+DggPKG59m4}V00&GiXxuio{$x`W0XigAlG|1!FgM(p=NN8YO%BgEvR_))g9Lc`y0 zrnQp$IUD|(hxg!`mz!~0s1=t7^A9!q4nd4Ujt*;U4F9q-;{D5PmXa{4E@_XG!3v1g zBRmcu&S)Ukwcki4TU{fLrmUI@3qD;ou-i;Q*-)rtlbm6`|4?(YL24G;$tU7J|4!CK zjWk?Z=Cf}=;0<-2x`f;W?dSWz!l#mjYFrm%`vI$#7$P{L{d zEtRP$b-SnsW;@J03%qGjW7Uov_rb@Q6|nU5XopXFqGD?}0Jszr!}uH2G%3&Co@Hc_ zlq=1KK)h_vRxP^qiUs!-!LaT$jv0nxONdUkgywBG^A<_UA9C9GcFNzG1K`)l(ZoPJ*^}!KRjCxMSG4# z0&m8xBIbwjKG(WhXi1jddxcjg+n9nd1Vk&>qA_E->ah-d7YRezg{%wcjey@34ib&! zxIGuq@yLU=-+Eg1ZcAd4*fjyUYI{f-fG*!vil1i;11|+hP>36;eg6A}+!v>U`_o2o z^C%uu5MutuJau~lWD+9mCY{SlpI&7zpYrra|2G3;Rqrpsy*X(70&Z0MxqiLrd5?S6 zAWv6PSTs3vX2kG#!8!~H=!*mt4fLiTr`a5QHu6iYwF8^KflNhK3DIar_`uh*shjfB z);cf{d$RXuGYn5u818?KV>a4!?%a={k`A*YU2{~Ea~&>d-!PwEov&pwz-bwwShI}F z@Yssplo*jvxny}7js{6#H1*1u>`zI2ldxkz-@A8>`ubN}PEe4ozza+Ow#T)g{z=D0 z5o!yo{MrO#0ivBBN+$*Qa#@;r5-;;1z?E)dn$YD(*e^my(_x6BvYzq+bvH{ANIvtfsbQdjFd7l}6j3MlMmV zJAY5#rF6vY6sIp?1_;Af;9$%LiR`g%<`W+(e7aAO96B+aqxxGjA$+!zMI%YJ7W_p# z@{+WsuR6$YAx7^O;TW-a5?>Ekki{Gvw~UIW^C_gW)79%UmoZY(wCO=^^R78}Zk4O_ zLn-9cxlxz0`m?FA`4oESi8FfFxsxE&TvaX29i5?koirGY;qeFp=*An`f%Ai7;^mzp z4G5vp)w3F>>RU*DqcP5z7SLL4jOa7(z&%X?1a3Ku2k(Au(0X=1`brTlqlzIZ`|7~9 z?gWT4=}velRcEMe6^HK)qv1#0p>p6EFPi%_c)K(m)HI^oSRK|dM1Ap z)&}+}b0kT%@(XGXU!OcxB5{4pg-GUs5{Ixwm!U_D+1NE3#1C+-rOMvo-z8LYD&17&;%XOs&gRd6cX${|$%5n-S8C=?TeP)Y<39Y zA#vjb|DmQs=traXmQ#dLCf$4}N%XMJyV^`d=!!|a?Bi(Ts8UgMRBAXi-%*zYQ}wJr zW+e$8LwqfDoeS*?hQ`XTNo<5aj-cHmVovj0)=n|?zHNX^JbfeWSf<7qC9dQqR{NO~ zkO88^d10}Hl`0-ukaYYbuN#;8EkW{nc^!fla`&C&FL^y2l{*R@oDS4cV?^{h?5DS7 zLBTsTz5T2>p4Ocjbd`}G98LO_bqYnv z)6Z{e(PW%7bj;3I?hs9+t!ap|6{3mI>1>q*zHKq%b654I@A@7gf8mh-Xjy2cm~UGJ zlvwtx6foNfZ)a^8JmMN_jGhOFv(7Y6I(~e5AQpm2?|sj_MD>FI1vnp^$R9(z>X1!- zx9}?_@4R}d@l5$ddIfjO2fmYOe+|$^_Jp{lCpTe?E<5-_%hijeHShWQa^NQ)Y_g1y ziR@Q??s0s;6j0;GCWAE4e_ZJ~DxwxI?YZH?{`mWDuwF+2Qof82(9q}J;pmB;u zWt*qfdf$iT?vUPGq5QER;c(R)=q%Ej(8%L1zu~>FwV@F_wp=(biVtHcFvO4tx_RxX zZqAL+&7U7zjT>&LP8hVbTNSYXWUp)*gtxpn^6F%sBMthH?I*N9<=G&L7NVt8h4Q-G zHkCV9xmbCEu&T#x=T$(G5C{LpR7LT2kb1TzbE!kQN!7t<%IuJ0$> zKBm$r$u1_U&6BKBsqwuMG;+-ucTKDe><|_TC%g73x7K$kwF|j?f_WI^QLM<#!sDO? zBKa;M`p$>carY*FI_yD*t_(%Jkta8x<>3oIT|Clh$c^0T4GN3jf}tIe^h8nr7RkYv z%U%pT%-K`5U>YjJxN9cZe(bb_kH%+)T_IO$>WaVC3GEdoY9C09FQ;C|5aIf8CC4{ay4;V6p#w2KVL9z|QRJ@iGXA zK)cVa4Sez?5@vHVlM5e3H_mRpr~iXKg=}mOtkg2`WWQKEe56VziZE3DHq!%NH>?VO zTD0w}>$UVRU);@k&%JSFBZU3MV7`sv4hLnEp4~-%jre5UTBr)<3yXPQ6d3q*9D-6gMGmtIm77hpB3r_6mj~&8U2OEhh z^}-3n;&;c^x*JBP^0!3-nc$ zVk0>gP$;Zl=XTy)qx`f+coy6}4%1?2eNLYiVeG%ac}4;azNz<32IzO*$`T=#0}!~7 z0q&4qp((P5l#dUNfx6X?+TB7Ue+1mKl^btkptQ{tBR|lENA0JWHE5S=2df2IMjo)5@nLD}Ae}B33tYR$pw(?puRxLV z^!aZSf!3E7<^L=fxno-vNm%@0cfCx2CFoPo_2>skN#!<>vlG>3%&ZD&!W3 zkmAd9_*lzE%BDZE1FNmM)ziP1Wj|XbU#u#nM2$t&)-dLG``4YhQ+t>u>dh;voz?&X9peL?^tx zhDAxS@zlWcpOy*jv4ev;KH zxM6OMIVGFgQe_j4!o0#j8O&s&G~oO>w?q3q+j~;}(Rt0=fA0uN@|T!`Zis>r~CsdP=M2+XRw_>^_xhM4xvrj9i!sd5opQ{#@2d_ARfAHCg0Q0Oi*5R$P zU7^(oq6~ofh@ow$xIpa&_O~&VuA~3*;?TjHFkox}K1j_!(jQsw-FB51ZOGSY9Gi#4 zV|#;wq2b0HMj6wK7XEQ7Oetn6>Z#*%_rEvOzb|#uw!!V40NT9H_X#|=myT=+a%#$O1> z#7tRjI6o)ce~~WXjVf@$=13qD1Pj34ez+u!e&Ndhisq+hWj^p=lIZ#zvcufTv9#>%kmpc^r#am9{|L;t!0YFBox@66)?= zswhBCkq^M`ozR{36g1S)EY{?>`1bOH@N-dGc%*{L<1FYx$IsD?ArH;-03L&{8O5h} zRd-dW!{L*XFHYkEDCtq|zkoKt)j@zd zt&+JW+z^MS)>o)DB60>7+oOX>7++#8UMk~s#p;?Jq^yI+_6TTfpK1H}N+*i6gY{q& z_o_a78LRZZUI^}vf=++F5VeKW@<05)H_aYZQq#TLVzw{>B2s6{~qNPBo1Bgnb$ zjj3{*p}(rYrh9ee0i?;hAVUBdp@nG-*ZRhZpJdL8`!F@EGwX#5QW|iAdC@7D1C?Tp zyr})~KMm@R@AIF5GwRlMeA>{T>n+Wvs0+A9S4HN%c_0QclF&N^Wjk1=?K)?Z&FR!? z6PPMihiMqkF`Go>d}@uNgPv1ASXaoP^h#ym26Yf8aLd{VdQ+u2|z!P57 z6L|MIg_F7B3@(VrW#oZS@~=nuOrMT&knPOozSY}TgH_1AwZai%7S$bWhsF18%O{ZI zPtk&Mw;&zA$ zZ-SFVeG6e{S+DTIzJqgPgJY+gY%YWb`!M z7|ogR9nrrZM#Hjh#znya3i(Xwg}yikeQ#sHtL954+g1#~`dWP9wu18?-vYj?8x>j2 zAyky=T-a$q_@8f(rGy~b254DlH{`Q`qi}LBlw>Tv5%J-l??(J;A`vi|KU9qN{JS}Y z4S4P!}VnbL>hLnO58JZLk%1{WOU%&&bua_*!!&dPvmA z)WDQ7z_j645^xOqO0$E~qR)1t?i-M8o@wNFY_*B7G9y`c08WZnB{QLwQXGx z9&dm#3QWrmlAOLf;816F+-@>wMb+b~IcG}X-PwwKZl7yJi_N_oqzPq{E~6E%!&ZT7 zc)SJ;erX;g^7u*^sZ-PH^=l@0AJhitn*w5Jiqf@hbEi|hgh{8GY6f%mkEqt?S5!yU z={<^fXgepjRnw~@>?ggl=hjF4+aoeG=bh*G%0rg%hvoUo_wPBB>7i8uIel<`V>QG6 zfr_hGZR(*9vnTFJf){LUU>6f)j^T5ynXv>=$Q$@LC?^JZ+Pq(w>$@_PR+9XxidT1V zlV9F`N+A3H4|5&!Dp$2AJ>3G6MC3WRH=tq{un0;f?EN$}Ftgl<%*Zq~`2H?hG|&`? zYAQR;T*?$n(vRYIu)G3fw~1BpvQRef8`tBFLft2*ndEOz-=_+qf6USq0OCpfDh`X? zeq;8@MSjw|BJ&8necv&#)5iapW0bWywLwX>Kw3xjPO$2bY=f-z0spORQ%{gfAYYb3 z{{iUW$~xcwo~ENN{cD=8OF{t@Vv-l%?hc_(*~)k65X+K%RBvt`C%F={Z4beF3$(ZR4iMXyFg{iqz6d| zYPIT;lN~?h8pOK`VR4r#vUUE4cV|kewz|f5@VzlEfFj%UxfWr@LUW(7iW`0QA*X7G zytiqEjw7Z~s|xl<2TLF~jFf?g+2p6AxtT!MkUcu1+idXpl0n6L{?l1{PVuX*jN%5! z9-l0?ng3t7*?XQ1^4>kNd6IvSvjc()33!+2jGe3R^GNB?t3~7SrAs${D9YcS(Pxk$ zES#I0rQ2QBWaVI{k2yN3f=)=A@>jF$7@3xicDYYj+HmRrY(9@`e{U9kjYA#^e)0sr z(iTS&56ba$0h|yo(%>8S;A!>3Y#;X&WbW&1;p0Dwys2bl$sv6HEw`lU(n>s8p2Ncy z4!XdVyl30DCil(tjJtN`ov{jR7GJ;{A4oV4u^O~RQPqA|g?rs(V62|sy&0OITR3EJDN1N1^INSexF}lR++t?{v$Z2SKMnaqG?}{eX>&0u{nr+g{>TM)vU~S>=;Wm z#&4{F8J{PT@#uTbj{%>p`I`6YOHbxb0$yzoliAWb$}GI#AHg<|pl}*2wSx)@J&KR% z0Y9!7@Z)f}Yi2TE&|f~IZ1Wbc%eemGb$N+8qgz@jJ(FrmoCT~ujmZ_{)k(f#pyw^n zROhv=!#tc?hARV;xKBPR8xqFF($dz}q!{!pbLeAF?G9i$x(MwYmj>-7>|5JI01ZyN z;DiRp>~ipO$MnvipjJv9tV@}9cYM;$28x>kty`M-Xs5>HEe2tLMrPmlvfrHICS#CO z{7mdt!pp_A8S&p}D&^4cXuO?Hk9Z4&1#zzIeQJ)%ke{|xCP5d6m~h{g76MQ-h;$i; z`-+GXXC1jBW6OF@gMjYRWQZ9VX#g=JV|!&H4B)r8ZY91ln0(P!>H7V=2aggX*A`P` zShf05*!I!fN5}%MQ~s2)Yp(4hFq&J-(fHFN2yMfl`_O^9Y^u4XWppFIHul`GO8}&0 zA2nA6F)o|g#xgA^DrS6yKMnzd{6=Y6jBSF~Q?-3?T>+eXpkPgd$|iG#n(i=XQaN3d zUQ2jY)Xb;Ge~ID2M_MgUpI;ul8xWV9ytBoH{;~1C zoAWz)npX}!HAiM(Pv_Se>}>wrA&H{kGV>8hc5sH_vU^Vk13 z4i%?x4A#I;yk%!Uh)niA5Q$-TlrH`H&XX_x@4nx?^I=Pdrfr}#@TW4@$-$`l z9|dJI+LETT_sIa}UxIQEIn_tiBEt$2uTQt@noNFcVzKt_4u1@O{Pq9fL2(iI)3CkO z{HI~NcFqsCi;1IFZ_d{~)$@%0-|NLuj#F zrdezg{9~Gv4{r zvVH3+WZ7OU^iDZ_%WaZfFUg=Adm34K*{}X3$j&kfW#2Z$-JpP&VgJ;y5Ie@k^(&4% zp_;8Dviy%DZTGK{cG2GoG#_%r@_#leUAsaI*|nL5uMs`y3y@k)%suPkYeydhnmZ-H ztxJwSpP%=DSwS8XXY1w0U4Z)t2YlacYFF0b8_p#1eD>2S&M|e_rF_nNeU@d1?!`hH zi4EJbsYGlhS%AZ~7k6$AY1Kt_?>%?ni9dT2ANaF3d5|aWuWWS+DV=5?HaQS-FE)gL z)&M%Q>`Y_oz}U6pnb2!)G52P(Nb+J+v}nX|udSile;g zNZO+x(7p>%%`t;mm_Ne{C(R+FNVBK#P=ps!YwG*J>+;}$*GYBCY|G^Mp%}u_O;+-r zD6(G8*q8qa(ua=C3!W!|%a_0_`d;NEa`{2`1RVm#ns3So5IWP!Wv@$<&L;&e7lKbx zmluQD^JpHBxE>VjPfT(cm_Iw<8)L#%tN2yW!mWqL9(k8?(&hFwCH4kz<*~NYy?!o_ zlw?K1OD~AZ3QDmnC8`pMmdc{~e#9|}*SfTkY>Et@Y-@fBnXC^9+KkYCAWYV`vTg>* z%nt3ft7o(fj9kMO+*KQ21x^y!Mf?2Z;kBG+mn--ebug*@&K(9;hZqxI7AdrcQj?oN z(XEiV_F2bt2mr-H^g$rLnQWN)%%E(|4FwRG?nR88XuI)kBRjtbCtLpsPUa$llOZzl zXmXrRX?nlUqL~`{;6yvB3}TZ|-bDKf4vkE(j|;OkUB*K%D>24f5dJ7u+Mn_v8PK>+ zQ?}CE0j$-g1^&bSdkI{2&xV`&z&T{TMjO(L7Zk-jlt(YXqam7<&pbyYbxwjk;4ZzS z0`9kCGt!S^_6&Kzj;;vH={dbAgNg#k?0`oad3jqdt)js4IW{Sz-$FCJmq6@E3^Hx* zpBQAhZZle$U_d;f_+urJI{{xHn}*|+IaY;fCyM0kps&==&wLpADB~E;KYMY)4d;F^ zB!cdiL5ggXBjU1{JwHEect9Z`OIfMO%_H^xYjFjAJ7lsH=lAMa*5o83V4F*-eGoF4 zHXx(;%saXQIr??p#pI7tE?BT`Axs%HX{c!}N`icQ-`+NaiU!@7>(TC6qeI$ui@)3ENkAQ={0t!G;s>m2n?cp!_OV0y$ao(5hdT-0Com2*7fje8kA2LbDV(s|0GU zbxk~J)TJW!A@>`lYd-yh4jE`)X>wMm?wW+p5xQ7~Cy=xyIU6Bb$9G;p#_G%d*0OyT zQuM%g*Ef}M2m&mEswteeSs}AUuJCrR7jTMLj-dt7u@X289ukq%Ra# zlCKO$dZRR9ea8s#le)ujQt;9X3SNq!f|vBMU%p8-z@a*`RTSz`pdoA(k4Y{+3nby2 z;2DJkTfzLHT{QICea06c9Fv^@VHqk4E_p-0O+yq7!fk;B6BO$B!I;$+AhaeDPaW z`jL;f{nIW+ra_H(vI>Xj-Zu*jS@ayKK*e8TE3i|)tM_3_@-DL>?YOIaqBe+GiKuYQ|FjK#U%+&3W=>ePQNCacWcM9&Q@|F34x*za#UwVewB0y-Wk{~Z_f<*&k`{@4RcbAy_u z(eSf!)ebuaCA)sfs3%_l@VPjHCP1RR3vDC<$GcxO&>_Er)W7@=;1v)24z~H{9nnD> zu_~N6o!hJL-+l#UWLi6>rl8QP1Iu%2HBJ>cxi#;N=YDe=LvQPDDyST0OUyX(-JkO< zM1h0GPcx+_erIm6Uvnh`$P8wsmBY@Ud1q>W8Kj2?sAUatM`b1zJaDoBXiT^ueJ9J8&jF?pZDt zW_Z(jtx>i^v!Dj3V-d zEtCp*2U|UKZ$cwehO$rVrm^!Ry>5$^g7c)UKL3}@;>vHgg$^~U9r|fn(a5^}kX2^? z^Wd7GLf(!51cOJKh6OrR+s*}86$5^*KERZvp+1bGzM9S%8D$Yo-sIJX2cnOI6lvyC z%yOA4KF!{5+)#L@Tdkv~MBz^~-;A8+$+Uy$8pQwtT|IsQK&9?y3LjRNs9!60q zao3I=1be-zYvMY{%@erIv})cb!=-|@ANP=JZmkS=u??pTkb}u3qUepO2P7X@wYSU$+tCV)FFZYF4wyH4A9I8(WJWIj6|Qa@qBEG z$Rv&^tB6q|od;eA!*<YW!ZTuW5TV>bJPXhBuuYW%%;fFH9=Ie^yc&pyO{=7<2AXgi6q(>JNdZcr;CNzJ3T|yTLbE=%G+jMjt+-B z{y}?R%->&zDV|sp98qxqOjHu0i=aFKErOz0=m94!g0S!4qi*~d6qqZOUy3;>$O}~L zx6rBwg0MVQAhmOO%k|5HxpzN&Z$S5&BRfCF2y&`%v|v~r(Ge^({1`Vo{` zMg$wqBfYgXngB0?#;Z}wcLa=gmio41WHC~1(j#ol%MWQBlXS26#MnaRf-Vj|{@Lqa~+6k%s?Vr4`_PS!cJ zt2O(Q)=DA*ukmmR!c4Ep$8>>7U)=bXZ5@huW_t^qHLI}=PuftAwWK)bmVFN)uhUC2zDo-+ z4F{lwT3^}_Sb|nnM}!EeR9h_cj(rmnO9632EukTvg>)1;bBjdX;jLY@k75@{9*;B* z%D&t?QfxV2F=U&tqnU53w{{ELm|%qK{KJUWY}XtoR~8O_o)~dAmzEJ2jetRl12pSC zwp9sHjTT~Z2Y3I1Z2Dh%ku^DD$fb!W0z)npFzheS1$#OAnWbNoVJ}8~fc@$XwmUFd zRf&-q=K%g)6!AjbJG)^sJX%bKUII@8kP6W%?~zSIR7Wg@Po%>u(hNxP|* zdKH55@kY49Ea}NW@8-)-+jlG#tUq6Gyy{hl^An6Fo8|FWCV)lRBA)2ury@WXd-Ke! z#3;6Bx|h=OCyPWAGy{h;7cYUxo<^IXddZ=ivE7G~#Y51c$B`~J`jj~ZUNw8L)0Mk_ zcL1ztOQOrPMW^@mJ{0g8Z30X2uT!&=FOqq|Bc`)%Y}921wVi!DcQy9JQ8cgECqhL_ z4O@Eq7lD0ef{tOb#BjDPtYqzw=P49E^kK|@coAJfX-OKd9%6Rv5a88zTYXi(t~S*$ z@Mwa~L^Nt+{Yqy!GOl^#4?yEneLLXH=pCPvtCu4F;<>55VsnpgbNjJ9s8@RJG?ke5 z#_PxUi~Gq9+rwXazLBhv^ycbKd(OFQ4JoZ8aOCDVxcV0=9ZX_A;`;W+l)X5}!8{Q9 zt;54KJf~~+H)@0pLXdL#YauT2V+$ynSiUyVIy*+$hUh)iK5;VJOK~maCklFWT;2a9 zi(?_77lMyQF!#<*O+7pR=t)8`+XKtD6$Re06 z)5TbwHHNd_fdY!LosS!iD2_ADD8I0ymdRgP={~2V)lvQs&TbihuYKbRUlOnL$OXQi zFLql;pVzKjyUGa)5xMx?!6ZF|p``SPi|Dh=J~+KGFzDZ~E|l)kLk^f~A#Th*-|Su~ zS|PNqGa2xYi`n1Uaal-m^eG;6VVk1f!q#N61O1g5+`(eMEnB(UsAXNSQx>sb_6(KQ z260J2QOfU=b#TUiUznJE^;QEv3T|7B=sHxE*n`Gk&RfKiBgAag(!@M>zPWyOzAlml zRNjm+YF5trPbKXQW^35GUA*j*y!(aBfbZk9(xJ0tRj{AD=>7K&uJBMPxcP6st9!|7m(+6mg3ZRRY&TPpkfX)Tk zyCsvV(m$-wcL)pkI`Srq{W9jJl3IMeYs8p3R^GsEiM+M34l~;J#RW#@5gW3+3wlOs*;t|W-mwv*lU zFe;xXXCP)&GtPZ1={8K)c*44EUPSfv@?=DC5jwd(Yap*lA>=w=PCOy<(w>_UG zwYi)0{7?`x=RDF`iCjE65#bxHy0@`=dkah^4f>ZyIqoWqt*I zkRKTN!6zj9vuNl2=ugqjzT1Xt{A$OPURm@#r!Af!0SMrTFu6yQv~FIa9+rd(Fz-L- zW_~Vg#H=5>yj6cSKv9`SL)G_h+pfDbmF&AT^bR~KT&qX*fZOmadLG_d+Z!J=`v=4i zVr_u34mvXrUc{(B{CxYafminYU$^ke=#%86Rol7C@)mUhuJ_sAIK~H_Mvs5V!w_jC zDwkXE-_gr&c?dd)vITAQpAQDmK|r?#9XiF|O_sNj!XP@xD|xolyYH!E_5aojeMSfQ z`8OTJ|1;N(pHeY*>zxY#mA9uSNGkKm&!sdDuo4VqKU@EovH7TL{3(DKNCPafI%kNj zR5IrCU$*8I+L~D`_gpgm#^&>3<-XFy597jY0d!(pKg;c0F6)($zMaI1%15d z&~HO#44_)SIK)ZXlsj-8E;KkS82SZ>nI(fxp6_eaINiSw;8Xk2IaXi8`7w6L+{kp$ z2Ei%Q>zgS612t{_6O;f@<*$`$&plixmyBo68NHtQfvlSy>K0#OMT9AV_X?GY>Ir&{ zqxC2Xlfapu(hK3!*oPe)a-8`z(j_&;PAxUyZ4dUx5x&$!+%hmW^ALOlJ06 zm>Dn<2QwSX<+)_;BxvQS2n}Yd%8%~XyM%x^7Zr)qcY%;<5@R!XSJvkpfF_W6O_m){ zTqb!{0K<{{z{s4TH>&G)4d^zk#ZTK zY|CQN-!0%M6T0T{2ptiMtbsz2xsry%%HFRqSLuezE%jc#*5UsPJo3n`9Rf<=zMMxfSPL^K@c%yB9-*LpB4{67P&lR7Uw20VGZlVT^tOkf#~LqPY>Hw_ zWIjM0?qFTLScj7k!gn;}ytWq4vcr5tvKoz+qXFWLFx;ic+G9Tf5{fGqoBjnB5xKoW z)O?LV0QKImioKx?!LXBv5j0jJZ@j)_yl{hqQYh7IZlvsal0>wXUVlO8!%`M)i^|xQ z{p3&CLEXd~x0-a#>Tn$C01L3~CY84h9pI#FrLyf|oZlmKl<5IJ<;YE#@)OI?YX}11 zn0J8=So(RwoxvwSfd1QGg3>y)zSj0hE<+4Jjm?90?o);c>J~uHXtGG6_)8-jb|tRh zTYhB-7blHyaMh}hVb*)r3`7ah_xn0>6>V<7L@_bpdVCmXO059-C|K^2$`m#I zd~G?i4%2jL{h0Ga+aMl+7g65ril$IcEIW5!GB&kFwlC-h$w55{o0R_pPp_P@NsvCo zL(m*hy*e8z6<2a-_<6cv$oY4RhA=CUqftGMCh>YY(}sIUfcGR;mFCy@zzNO0Mwo*3 z+9Zl21?ykQ@YSkbCe}I2L*S5n4(cmMw0X}(HpWSmvsI>mH{nYXidO3PFqXOzu4EB3^t9S&Mg-LaawUU5?psyr z?qLKdA}8*!zjCoB@2TAWVpg7RxWcWoahwBO;oSU9YK(tKA?44F1>Y6Gx*Lbbb~Vnj1LMz0C!xE!!PLFL~SV zz2sUhKMjgfH>*!S>NZV~(x^4Bvt(Tbs&-)=`6%UxZL;@DE96Sn>-zXucYqw>O1`1b zzQZ1@^>ht;M@NT;lnCdZ26hLU@nxG`V?Kw?wnJ2m_@;~%FFFZgzJ%;TSeRX)NLN|* zW99PD^aM}5-fO^gVr69D7yy%77X~S#Ut_mQK~3{s8MpD0>e-c(`GXb0%u1o#lPb2l z1{(POM({bSsK|gc?aVAXn7jRtq53^zFHpbNnUpzJY17eMzoC>~!Vt+P$}ZvI?4*<5 zzbg8=2d+0jseUhHO7eA#?R9J_C0@QK;0XmHx9IVm>%__ON~la=Ko1v}n4Dx)YnfJ4 zWjQ@)2M1i}(6zdfyY}Hna0CgR6lb08#iEEkPFWA^Wfa8F?RoV}O~W)vmh^)&f!oCn zEwPq~j$62qUoQ+Dm-J|xK@wn6nG~2J$LW>Vs&}3+@NKXgrZk6CRncD)C%^n~*DA^e zOC`{>e0!MOWDX9y$9_O;o+xwSp*ph!waskw3cyD)G(CV`j()g>xGM}w?9EG)$Y6V& z!i&5?RD&(#R+D%XP}fgdnklGW))?XR+$V+`w3nWI?(AJS={x^$(swRddX^mAqTIOU zzDgntfP1fWsV;i6c;jFF2P{H*Je(bU=dDq`GCf1GhUG)W5wGSTxR9EyfMt2t;--;)9s67YL_?b_UUHo&AQMYtMXh?ox6u6MBTH=I;uN=?I2@b(o2!dYzx# z9U4_()&dv#KrqaCy+pRzu2s~xcC#QWnucvyZgoCiRC-i9{M{cgptD1_tnj9 z>70kr=hmp!=tw(Ax$VWiALUypR z-Ca#)Z`;^kq_A~$&=vhm%^gk#|I z7c}9{#$>re3#M^ET!;XrO?aWAaw5q^D1ZAjP-hxIqjESAmo0e+3EygV!y~oR8(5|r zgjTyi5646s2GBkU>@c>cALHg+aNbkg9`G}1G$`hvOagP5B;d`4Um;{k9r2f6BAs0{)=w-S`X( zKqFy&gh;RQpR?x# zya@&<9mDKWW*ll5v19D6+11iJD-r_$L#~Z8qqAgOMq_gTzNXcO(UJKWpED2Cx98BF zBun`fXyWA>Kof8AX)ij}#7BQ=;xTmCqLh`A(;%@2q*KXI)+-22oaz^K8z1#9p}={m zh@k50#)Y`;FCoi@fw%RLIvdc$Jy9PMl6sdUG2IH>Kd!BIMem;$-#J`=b`(IQXWF;& zSoVh8TVbU_ws>DTqX*(Xq8{;^UU8x5LEAx8Q8%k)g~(kC)-6(m&sjZe0pp7m>|z&AiEtW&zIN0AnTRP6JpXruT)f!qYI-gzr&DZZJ2P`UvUW~)Q?a3 z5kGlAc{DNJp)XOq>*`ReFydI3++e7>E+hdid+?1fr(B8a4=9nDAtqBdin~6Li*wS3yQ`F=7QAF~D)&7N6bgx1dL-Y;vjVj%c87^tZIjo%B=%ANv*}u1tLH^y2o zu|H-((l&Y3^Tsb|ukqUH8=uD~Q-1_qbO${DLdAncK<87k57CX%pG}&VbKKiBwt-VqolTB{NCKkD zYBHCa!OUG9y9d1FzHh4%DFbiBqaK2Oam^c}KpvgpCiq_Ip}o)3m8`QJO%X~U+}T|? zcKyN?X99lZ1!t@1I0Kq721jB+)v5=LRl%}e0DvvX6jfH($L<{V($|#KxMyR((0mSD zwt^m8Ja^y zmxi*D7N+&~ZP6=`#&4k93AKA9rDERblDROL;=Dgl|6x$1A}$Yb#}L^OX#&#`?&xCLe#@2d$ zj0h~at&D|yYsU|tPCEUNdbcNFr#`*aPL)JHCs)dx1)ssEHKJ4Tfh&<~8gV5Dl3np{ z)3+4TM;F5;yJ@VpPVWg%x1K`V3 zpsK@O*+*+vMjPo~p99Q|uYkF+AfLbN7))q~q4LEbB)UTyO|k=6M|K`L?rePJc2;>7 zGZ8=2vQ<$WvrCY+jN5@mpbsRNRlUr;CnHP536tL%CJdv0k|}Fu$1jB2shVW+ii`?8 za{MtBt2jtnh%1H-uk?SK691suoe~(6N0kkMG1*(}ExR~0F0X9PMt_zvKD(Nw8m>pJ_d5V-aLm0sYQ^PQ+3! zXd=FF`s>cl2`j_-{~uv*0aex3Mh#N}N{f=xDcv9)Qj!MU4FY1&a0o%^E@=c5rMnxY z8|jqLgESIysDEvR`@Yxr`@e4t$G8mip0i`^z2-BYIp<@aR#=!#^Y-EzU;f423{#W} zk6M;^t;zpE&RPVKL!%o1>!Yg;^9e0{@_+ErX`q=qI%zm5YG1s|E(m4cCv?t5iM&u(I_ znkvkH_5$o1uae&MWRqk6knX-+is^`t%qRo`c9*O{IK>c{hDA4r13KoRpcW+%^EwfF zI1F9~EX3?qfa4khNHhy%R*8{;0XzEi!Y7+9O(8&Pdt)f!5rK3MgiiMWl`0RnKu&A~ z9m9J}@kDIe_@}=*BvcVb-I*zJTOJ5oM$`g|$oG@W#zP320YjySvK|j8!Tn5C%ZMFX z$qm@q&oesBW#yEpY;hCB?)@ohpd+Wn`6VJxt1Q6<@$7|8s+dP*@zB^&L=pWB-vh!o zU}SDN$o`m^xQ7v11STEt@je2(qP1>$irmg^3AOah(pT|iAV|X+r03Rr))*at9ZXsc z0Yd&o&mHeGPXHd?i_e!uBgybkknK;)t_9S4u&WGJX8i&OHLH}doyLJpD16^bJ6N7+ zAS93!no(@!Tss?*b4;&wdQ#92Rwr@Q5WuOO3qKm)vjx@pH-nnN%r7KJFcf7D$8*{wcX@Oy(6wq)0J{97v(vC}|9cXUfaPZD($F+B!F#!W$LfIz-or|F)-ePrcsMLLn-5&ubkr?f( zk%y_H0jqwv?QLiBx6Z!5rp2B?I35zzVvpE2ci-#z-aToDv@jyql{LCiU=3q!#LNbh zTdPm4HT=DHW70qAn54XEv2d$9_MAPVrdJ6Rf4jmJ^`-)^4?D;*joxTXw#N-fvR=}# z&x5$b1kb}h!TH$SIk3fdtb*+=H8Dajp1g(s0SpcEW4fWzQk&v4@LqBckYtb}76Nh- zqK7469j^mdNI{5YnBdY>lDD`HBbXc6FYfnqPieZ(VK77LSv(N7gh}YMN8SYCB-2() zoSdD&lf)#aH<`q+)$NH70fLvV^F7>A($bPAXo;r{>2_^V*KU7ada39KEla_T zVyxY^H)Xy>P_omUlYyR{!Iq`z;~eV;MhNjo;(?(TWLGDYM~C zvl^E<93&ntF3B1nUt=Cv1n$;?=Pk3-#WzA{ z`~{rxSOid^B_Y8I_Wd;QIsl0$D(|=SnfPoJ+p#lbIhWc-#&sSl@bqXM+O1_e{MEmr*Va{7G$@Hj8qF; zsH|9;4h7@P)ObzOK{cTBtrf`+hOVhPIdyf2DNlLt`-*ifRC&QN8+O{scjieffhtfj zzP8x2?cnB(QHDHlRibXDlREww+dXW+$|Ln-G5^_>WtTcOIp?{ob&Ft|#)rwj>x1wX zO?Fdd7w!1ZFi!!U_;`ML9Jd>zOy##?67~e{w3qCJN#CEGsZWY)^N0*8Ea(1o?`8h^ zae0{It#JP;mv4=*<3$bHlR>XH^c9C=KnPD24YN%8ee2^|9?5}coI)vsCyUiK^%z9H znts-~_9o553FCWVPKSYjHRt28;hdk|Kvd26XkN-&AC*|mrJe%&`dQ;8Hx6i*{u{w?-DW4t=0nobw=P?1y)#h0>>haY2ibc8` zr~FS`vJjRV_Kzeib_b^QzJDWa%?MSdu?hKNqi}YQ4y8e10T2=;x|K~aSCAp6Gs z7ffAHt(TX1Yuc!X33eCpBp1J?bof_nTj`5AoO(i?+a`Hfzset8$rF}(v$8<)g2d>g zxR-)+yyyCj?m7g2yReMcw(RM{%u&b9N8%7-9>xXC=t0v z@ya}Qn<|y1JzrJxeoVeYizxo$PkPUAV!g{W==CWdIsAM(Kq6ncLvH_}4$U3XI1}|M zyLj&?Vf#2`7I`$`RG$rp=Xe@V#iS1OYha$B^ux92F*zcG2?%GzP-qg+DrNCCu1s{} zO-m&7{{%hgohC+=q(?!4m&c6m{GDuTxm4@f@8kWLof#Vhy-e^we1f;4TKFOIw2BzJ zlLdn(YxYbC*58#ZG-hwC^tP{ox%Ib8NgpgOoR%iIjwuE>J;WR8P{lEGAoVDXoc7vX z=BLy-EXY2*_Y0n)B@sV%&{N|UCzjaV$LjC<&IQ9(yp|}8@Ij7jkGdy;wV>}_i-1Pg z3sCe3H^W@|wFnC*aZXVX-XCao_2>Swla@lw(<+Lbp69je<( z3HFBp{K5;ZT9s^b%0yGg-_y^J(v<}NtfO}{ET|x#qmWj;8{QhZc*damXmRD!gEByc z(IZW4nf45bA1%jx+BUUx0DiD%^?RX->>tfEBTnqqd$BrHyMO8oYi1MK8LPP!atD?y zav)<5b(p6Dc8w}(!P0hVq;x8jq5ay9GP>%d$M;m1dJS7miOmMyO#{mlO4FH@t3<8M zyU%fU_hz5KwVcnT6;j=`d}xCu1MrQD@Z|1}rFvT2{q%;%Y&k1J{2s1sW<=FPDYw_N z--W=*%Yl>ceyi3}#}8gR)e4A|Or>iubFACn5<%Jsw(#C9+$Hi z2?(1yh_0x$aI?yy3(`3rco6G|X|nLGWoN`qZegy$Bc_dQruNB~_oPU*8#&gg@%9el z1Idelk{W1mwHZ_+=`BQ0OhDJ|WLKq*w@qf8>WJ;2NWLfD8+mF&&pnSL>l^zMoUHG- zomP~*o$p`Ef?3cN&5na^3smBETyDPRI$C15YUp%}%LE;--3VbWX@1m3bvBqo z6!N2u?KY>ip*D$NWm8B(goiph=UowX|LS!rpQs*ezdU%pZ5cu_L1vPKXOq#!{KetO zP5Ut#>=~X3dfc`>N}-7pi{Xq9LZ^$w1tY^(z&f?2K~A%&BOYuxEMy^oXBC|H{#Ytg zJ;qWr+a(&xQNBat8Qe(}ErAiY-KfI5;=s5=rV@NJs!x@X-e?MU3ym=+SG<5f+smC@ zML|TJ3@rOi`h|_vAFBKG6@LqL$`d4Q)U-T4YpsIU)4%=s%9IGmU}EbrvE)MKQ*AvI zRYQ-*7}bW4F)V)MP^@cMx)5eG0PdPKiO1sJaKLWWKT$f(-q)>zaeW#~*?gHo?vf#C7I}5@2MG0#6;7iab4ZU@8KBVPAxQ zbx;FsTek=#ASQuX@9E;@d9jhj7dJ_r*EgQTfPW1?aab>r(z z?8Lm!L~GrCz85uU@h>Ax14Hc(;#;T3f9jNA!b%^Ce26LB-E;zp&4XHoHP0CgS2O;( z{e$VvKK!-XxMt|Y=wraMk_m$QJN&g(U4c_$0<|5xP--Gx#=& z4jNpdpvbXdBJ(mtn|50erD9{%lxxklcw*{2lJCRf`!=Nt=Zz_I2W0dwpb>Sv(KiK> zI_k5z%+-d#9nJz-&s>wJmXsv`;eS4=p<$oSN%u-xcaW(B8JBY4{dzmKohL&yUUuq? zFJ=R%TWaKRc}JBJIKsdr&3#uL1{zia>(j{ejUy!qPauK{+4fv{RjX5#OTjlqn0RO~ zRQd3|*O%J|0?28+@#hvBH3bh|RN;X9_c(Kq%L6ssB&!JFchrc{6Y8pv{7~rp8O)zF zGt+>!d!9Ol=@?@9IlNB%?h*17C}b(TW{JMlUmar z^x07tPgHq?q`e&R9G0c<(X;WR>GK)2hZ6KEWE448+SVyT2RZD&|=VWDsX0Pj{V<3}cX7 zE%rRx{Usu*2e6pR5A4*)i1YIm{~jToLZOy&lyAi5s*t#Sj`FF0XExug zluu(9BB`9IQG_ot_F@$do}yhNHz45zDMau?v*WC(F#nixyBab-oP)=cl1m_po|S=8 zE(~Y53UK?&N^Zc;7V@+GSJ%(q)P59BBJfWqWp@$w3ij2z{WP5%bOXVpL3Xiz30O-( z!q3-&-bsF&odV8PPnY;Bj;(bs3A)ZIH3OWB4@OJ!?HX6AcRT^BICpR47|k_4QK74L zGwZM-;q~Rwd7-=tD?A99(SDiVM!K%O3(TW&*S%Z)uRe3fezO-^Vq3gSn(^e8k(B2M zRNwVSpW3c2^gBj?lKyBaUYG|ft)eK{aU+S;0mF7)_%>^@!<{Fh^UnCuRl|GY$Z0Eb z9!wtTK73$uJ49{y9$W`}12^V?F6~5NiyK*b(Jc~He=w_ys1R8%Hzr{aJEN5}L4gaT ztP1ga2n4&+hRFsk+A8S^t{K{5RA~6~TnGh!e;g*G`ULzM$4A+#u!K8c>lKW*22mET z7+&C|bly7w-L_V@copM0(Vwj*o|dPg9tZhG_d&VDtmkRJx@I|RyOB{DtloZcC4N8L zEoi!?j;}~)XlybfE7H5`B{>c26(kLsyu{8@rA|Q>Qa#dKoeO7p$J|F?y-3^szGnZE zUL;Zz{5*3{@n~Q=zDAAFq3Nx{9etI;%Cb!knJ}ADrvcL^!!#`oE56w;xi$Cc7vq} z=jG=Z43>e_=VnG>?DEHu58X4U?CIB5?JEbWb-O7U2E+jr3)zujM&?$!GYC)$CZP7fB_(HT?PWf1k=3R(rtlyFzrp7ZAuh(~OHPw|1ANbBEFBtin@LCzRQAmPI zmyNXJaa$l6 zE6VKw&1>~J@tR1)?cvVf*U(4c&68whA^kdM_Lf#8H~8RNS+14#f;ul2f(MCTRDBLq z>gcLn7{?5Yul*wyR=@<@xNxElU4$f45Bua_#It+4WRIvpL&O8J|50Cf17Pum<*$E# zH$x8m`mujr{@+Bkq+G((e`P`c(Mx<$$Y8=9{ty*W`rnVz?}zgN+VU#PE484%KPQ75 zAfv}L|NWpqKdaM$U-P$WjQ#x=)LBaQ|FGqkKRl)fuuHDGTleoKfVtyGoLE{e5M>1= zoDKoSeI^(v65Flx@8ifIzUoRv`WvAD%8=U+Bw#qPg@AD=cO4p!EctAPv#r7ITaxlO zIO*t~<7oLX{qbQ=`)9zgHAIqt6p0Y9J(1@CKcs3oF!)KYt_9C1ZDc5)e)+6*6zrqq z)0F^3os?gjzgHi4>E?CWEYE=6G-1K0z&l?^>Fb_^^EC;nL-S zgPcS=&|~f8f39s<<+wTw2LtLN5;U%t4%a;Aw{2S$^JH7X*$` z$S#K{{*1q{5-}dshD-LU!gibyop^_fnQOsys17;H|0!5U()*p%Cg8uY1D{Dlv;$^i z`sFJ|lQVm=!_DY&n*f8^gY@XcQW{P_a%_IyYUcUjx3+bvBz9NUoXh>BaW;#hLdyLj zPvYdz^ilSb_iFqjVaZ|ExK!ezXNbD3#-311LM`CmdhqT->(uPSs9rbpS)59g;h-&a z4a8-b!r6{&%h%0;@vw^$`2goD105trS9>@4medGLPk-CZmlfgJHGe?MWvi41Nj3Tg zv;+iE=lQTf2KQpdwU{t9bnZ^{I!EIz|I}NRVAisD?+`)6cqEO?qPc5!zUrIP%7wAG z(=?8b<*s9KEL~RZsw|2dkDq#nt&iY#e^ComzBf{b1|P`ZQuf&Dc`Rl(Q7nWdauJW00F^Rdb+>qg_93dQTQ(x@Il1&_w=hp!bOfxkE!ckwwjZQxtFtC zw(QaQpn8FXgYBxLw;|vZNj%+;-s+K864Zs0C2^TZr?8_dyC00R3l0zx(@+4 z$KjP*S2hNXziOTwWtsHsvC*i*jgq%)khipZOYGEG2E&>bx#XBH`u9 zhMTXQ8*^q;PCuf31AXWvnp4?kh4bJ`miq*>>cP$6fm+;SOJrcvEoVM>|4!^NaJt^s z2)}+|K?2wve2u9h7CMTbJ+7;<8!*a|`w$}oh&w9;kkd#AeaKQRhN?M(*B<=-SJ58E z;!}ceui9kd_J4vJ(MvXrggeu2r{Y~vvQtro-xP~9X^5mOno!UfKN$bF|6!VUKHRIE z_GVnz1x$Y=ouQf4quOiAN#qfv?PV$vr*J;54CSJesNcH3MF?&gvAo&Vqp26mY1`xB z3~rl9uf+5PUZk8kZnf6}OGkc$2W9{s#^M(->cuzQL?Ey zEicz^dMo><%b}8UtC*L@TH(pX9+`pZs~c8WzhX!tSDBL+SnT$U8{Ye(J!;o=WCq!X zly>uc!pLG51~MpvzRIS6u4=n%30@|J-z#u`IxNiaf5RxAt{2mN9a2=Elh=%|nK81W0U60O_m)tGS zWke2A5)Q!jXzK9B^CpKbn^{S4$F6MPsQ8RdBQ=rRT9;z0!s_-hbL^nft>FEK*~ z6T}jAJ&t?u7aB^H1}ss|7yspd;NPDg;EDjXxtHp`i~Wlw%E1RL(QSU3JAdIk_h`Tp zrR8hh{)a#K!$*Jw8$fj3Q&GVEi|9&&5EoOP#=XB}3jdc=DE|Ua`ioIwK@|q95FF$( z>V-MYg=ChGchZzTP! zyr4R7FsITH0h;Pr5cESYc?AN65WwIm=%(T3dVc$7`vaHxH*D{5e}lBC}M>7@ zfe^_1AgHUk7k$3h9DyERXwmRA@oEKed2)gt?p(Z@#3`Sb4IvjA$QU8nm@Lat+vzhm z^G4<^WUJ%F(<|c(+cV490bx~gF^np~KlvSi`ZmBci-)z?(-yQoh5+S4Sz;GqysDZe zIyr!EQ1MuU&-?6zp4Bo6OtvQ3s_I_+7T-ll7hg|Bls# zvTC=?x#Ow%vr4|k{iPqn>!b=2OtR@$dYYaw4{ooy6sNXFVg>=e{&F z{^jkuG>JAcjgu}tj-B!HrW$WQ&|Bo^dtF0jC8+t$WJyQfu)&}?I($rqP(k2Icb>J$ z>A%LKqVzrm>B$yyWr|=%f!sce;p*ixZHV?*uy(t=IzZG_aerLFtUXlm05cMAjT;WN;eE3CPg9 z9!R6R1M*AB{6&KSn+wk$KnKIU%ScgnNb{~-P2%WqO_ z5n&Qp0|Gy?y{tuCYq*|pYZ~}f5U(XdidVrj(W*#Xqdv@Q)n{v4LB?skSMf zsm`CRrnvBTEz`N@)+w2fJ;68*Gt%K6yq+K5lEwXflU)>25${VFlp%#| zPPoXl1f-BX=GkBBVdFCd2iC2tDKP)MyD~NMxjQ$`M$5Ycs>7~l=!M=&O zyG6+4FZEUW8Y6@qQ&2R=aAyYOlz2kEs7aOFlmCO_hMVJj1%InqpXs0|Lo<%nRg^rw zq=~vMrsmLIzK}St!|!DEuzc*7D)%6f)68-O0I>;p@VQ&-PK$3~qWZQ7U_32m>-0*( zX>PzeQu+j9o!f_i8Oo4e=a%4~gD8eEd<*(C*pGk|Fdq@OnKf78zwxU&SvAi#V{=e0 z8ZW?+sSBl*$)il}#F>GYiwG6Xy&qmGgAI*xSY8=0LDO&zgs`L5o#WTThJ=TEQZ9qf zpr&h>N2g4gvl&xZNdOKfMUOL>5;sLVZv^u_r9x$}Q{J@H7@EI`bx|gJq&&cHaVZ6z0cQbXS{fLKM~dIKHjhVULp5Tw zy#5^6tX#(TP>w1TabQ9Fr4~xRdCWpSp=VB6t|op&&s|Sq#|Ff${b>z^n@E21eIlQu zlV?Kzf-dVHM& z0^;*>6fS`1s30s5{pj_Vh^{5F@!}V2aq~T7hyqin*3}Yd{>;C7BnI1l>5wWI47j{U zG-i3b#@?(LJ5ROr<9xpdh(~OLS>+5`JcCvfUCH0<3rqD^E?+#ea@24zd;*n1Z(z&g z{zs2H4p~YeKO1dh+c~!GS{_P&!=LO#r9)r3&1%eM55|4Y%XW~6q^M6=<8K;fA5U7P z%Yp%1;UUFzD?4%~qNOu~;bKQbRMiz0GwvK{s)}? z3`d525Z9z?+#j*0a3OH}sCUSfM4K>u96JI}%u>tV%6qO>5TP7=nd6lzmysi8(EP2D zH96??GpE=6phLiR;}Db`e2ZF)k)rbp$+zG;aR8{309|ct!SB4r@OtP=a9Zupc_k}O z4M@V~y^igNUy~?XP)tb)hc@k5495NpkT`j(Mo!O>JkLF>pBiZXhfDNf?at7^p&BE3 zx2?40-821NtK3W9KqyJPD1UF(mIhlF;$MAEgGE_2iDN^axdZ#P_=Y=R4{53q?><88 zVd*zzV>_3VARiUl%BD8Trz$6pJnnzoQ?!FmP{g)Y9}61C{nbt6 zDh3FZY+|2t<1c>iF(bfhZ7N;`{o7{^@vgp|{On2dd5s@rtOL2N#e3pPhsn z1vMFbj<3P_@Lva-VF~e{==tk;G=H;*k77PPzZi;q(SRVr|J4GhjWhl1lqfoRImp?* z2jZ9RV*9g$2@g!QU|TN-@R4@X$$sX4$VJM($;I&>nh6UpzV!wH4;PtL6G&x{{+zE@ z#gPO;3sPQJ0=vdv;N0su&mMGy?wRmbVZdv5|z`cTE@7}4SjL|SF&*I8dt&?p&?rWkLIwEcN5Ggt1 z*1L0sh98|)X@0{Ed}$zTUIeC&YxN@FU9!t!3zT}W_^&$;yuhBb2Ouk>hleYHS#x%n zkm0vaU@~!~`~pC)r-pL^+Pzb2F^8!lPuu_WU?ouGM*h=-Wpn9F%cMnQTO99=s1X`= zIs?Mj%j3KBur@<<{OJRmvESTep$*n$v(*~#R?jpw<(~*^6)U4SDd}L$0Ph&h>qtSx(L4V1K*{u*#{Z(! zZ0kmooNZ4v4s7f<*$B|Fc+;KVppZrh_7KfB_asj~T%4r2>B(a~QS-v;Q$}sKPmAoF zCQ+@a|H9AmQT}cffUM%)SLImH)#DQnYd`L4^l5fq1-&CE8!-+TgmELN-W_;>m`Q}~Y z_wkdDhI7KoEuZrprx8}!aiaJ+*Sn!%OUJxw>SI1etQ93&OnyJ+L4bG+#wZ*jE*d~{ zvTLEw^F0+@f`ec=*a4hdTiQsEa+#=|5=Z21sPHEli({ckyohll)z6_ZgNExKwiqY# zXWzZv-z=@I5)vQOYpJE!XqG>8yahtq-+M`$KS&xQ%$P6t%KE|J1$nz})`G(F#0{v} zF}H~3j0LgD_&)3h=iR;JYp78S<+Rf3UG-dBY9-jN_F(l^KA9|K&?#+?{_NO{SuDl= z%s#StVH>D6pE-uUVrekwG-;zlD0XDMAGq}HZRGdK?`&L)RyM8Z23jNbKBI-L|s|$EQ{u25LDt??3dg z6)~;mrl~l*FM`eEjuk}rRoxOya{wzv&!#p6X}}^%;~LFWly{o^2GFO{=&)Q8gL~M> zoLM0t-k`b%=}xVP?W#5<1@`TEW6rJmUmBYP+x*v+&mg#v8}-Tdop@tw7!cKlcZ)}q zcSJXllUB<97}iS5T^#MJ9iNiYn28%`rrQRUzP3$#>GkR?0telxtOFo^@WqfPyWG2E zntR}_gyyJyU^q=31JW!iS?M)T0Aekk|8nmGneOBXV3yckt3}lVDxV<(ee><6uU4LRRV{^orR}_Xi7V(S z-*>ywB#g4!7M$BXxq&yMfxo=9X?82{P+0S`_R*hr#~wQ1OG1uIdZ#}lrONQ>XMM;W z`8W|^x&jU0Q6#M&1o{M$hgRM%kFS4U7UM+&^XTVC$ZN}T!&-cCNJvtuYbTMC9dF^9 zD2)qMriQIvhju%yq^l9gK;zK<%kXYMk4IYAi)1V%VR@Qkd;VL0A8&o77~O^nRK zE04L`=Rq0WG<<uxAD`W|3FLyyab zd2?=Qq*UaugJP+Rf*%{V`g=%up=W2blQ&NL6^|P;KKEOY-Va@`+*|1)agyD8W}#$6 zl5%LEK$b4tSBstO+KR)Uir)cC`MB>s%}X*1W54NO2ju(s5;Z=xiWPVxF+Mq&mdo_U> z9f$WPWW=*cC8d6vKzx)q9-@ZLY`CDKq#<-Yaf@Aimn*OdxIby}{2~CoauBlxG9XWf zGwIykqaK+CKD$%QO11NwMqS2--ILktZ7vwuL%#8E;`Cv8SUv3dEfu`!e88M?stxgG zRe&;QN-EKrqP1ibaWzWOrkfz6U|8__OxM)L6x}eJeqZj|@;Ahab{;}8{1OMxzQq{mmeIJja zzYw2XqEfgiz>BrjyYzn@EznT{=Jm*l{_0-% zc{)~?U%za%LR(_SC|Z3)XgaTzYB@k??{|SJF3;vxI%ce((~mDgKY;uW7QLsRqK^Kz z+|G>SZ_qhV!jh-XY};*cq36@~7jfCV3n&y;R#k>okB=0wAJgv{v&6hcd*k}+*HT0l zt&(_qhr?x(C64)U0!NwZe&a$G@gWA^D#=oE{ znthlS>>Y7jA5h@>tY`^jh5A+ivlbk*zDvH4=z!d#P%&e1rMn{fqv1Cq6fu`(Rgp(= zrxd*x;=&So5UD`XE~hMs|I0j`4w>^^y#Z>Gy@J`FH+v&m{h{N#mXgpg;@fG3^^-6c zDw02B>156;8jyMQ*%}N8Q5bj-#7UI>0dsnES8b6?9fIbJf(JHyi<o)5Ct$}Oo!CN8PjcKjm22YK*oHO6E3z3QI^eITIb!Xb#~d6teM*o!M zYg=d@Oyb}mtWlW)TC;l^v=?$))FjEC&_ZAqqF+0mJa0vKLu6?5wWo(++;p}rvr3jt zbrtOyt?0wI9!s8mT8c>!M}30LBB*_fHJ}A`$Bya?(1tC+m-|9Jgnz-!Rzo_8x|?zP zegRC0#cz#GjHnnOq92ZTibL1izw=9;jca^ClZr=S&kxZ*U2w^7;9(+|V;3#_ zKXk#tIX%o#Wmr1}ZrrnU_0Nj#zheNVusOic?o_s*ECBwn%Xf77r?i@txBs-mE2(IT zoMHPPr7LT7N!l}ThKFX+&9R+0lh_4muHk#@}s9Y zu0;?m0dn~L1RWuw1BO4P3=27}RR8t}Dk`f1uPgDD+1{S2{jJ*{=zzsMLZ9&*M54no4};85-_`qX zOhnv&t!Ln*Lt-cQvR3C%SLDOXn%xf(zgyzHIvn@@o7jAij^BM*ht~Q?s*xB}rZi7>`HSQ+bL#m3 z^ouKXHZ^p^K#7YRg?$^wz^(DPGCgz{KdSN%pM4L7!q%|{6$Z@oa>z|}7*A6mxMmNu zP%wg=Pc`#`B6qXyWvteBcWU}02gpne^M@}6B#L12$b34bI?l7ZGsTqd8O_Dm4_bg` z8WUK<;m8lcqs<4QyU-%Kr_(A~zE%WdG#l@JBRe66FWCCyo!<}lXs*%J58M1GOlL7) zUxs8+1V$fQPM>R_r`v8zs!?@>B!>AMwgGl?)5ueF8qhrmzw-|7tD9XwmFT~^-;Vh? zSQdBAC{USUzkEE#qoqvLJ0Q3Hn$P!SE7HkeE@Ph_Ip<5+;qfdaJ0w|p!XqgDj8uqM z`*A=*o^mSfR`5;MOki9z$K4}2S)s^(;9ubY>}G#BL$gjBrm=qJgsw=iV=z4CU7!+n zw8kv-f-dwu|Mh0&55zx$7UsOQ<35PKQ0`yer};OOgLuQ_xY+f-z!L2s2MPsXq=|3D z{f}Q>1Gw5XZYo~1%`fRV@ByR%|9sTBz~=ub4JE_CuSYSpbS`VJe?Va(BA>Uk8Umr*FZ2u{Hd27C;z@enCB4Dh~hug^>#w zGOw|ZeoB4# zohJYm(3=;BYMep1El^u3i9;zW1U25vU3V4(eb0a-uCZB=vbtY_0_^F6gng5W^Mt{XoGnN|GHn$)OXEPe`d z4H7twIQIHATI4mV+w$l#CCZV+w^c5IRRVniz}75K>2{pAZzC4`@Pw5=`!e(c7oyp# zzKJA0n+JP9(Fq5FLR2jOauDbBA+;H#0TB9y95#cXF4{RPG!Kb-Fzsaskb|}fvR5vv zJSIYB3&%v$di5e;Y(Iwzb1y{ci8)XSMs2V!z5u}QG(PhwzTXB$v9eu+&xS1RZ>KkJ zA#i#F|E=Ls8j2B28RLMj`uLXiW52V`RN_HDAr9X8Q*CT#L)iYPkZow;{OP6(&b0A; zn6!n=e7^IbO3wq4Ba?VL+DLhyMt||nD!d(rJN8rMLO%f6wqmdS?hrP_sZC{mO8=}B z@ro7}w;{t=?4KkeVOp z$4@AmLd@OqBo6kCJ%OCpQhA-GRO|}TfTeklrhT9|TZ<#!rlj~!Y@P`P2XU*Q_oT_| zQO#Vmr=YNaN)$eguV8UJOF2KAKleD9w6;+Lx5k_o6<-ImO^2)oFbwbfAi;%HnxllE zV4fasV!1~O=0r!UjQQ&rk{(bNqlQAg^+RMxBYRu}cGPyoRl%82B-!KKQsLq8sXBl0 zUjW}ei{Bd;E~#QOcn38qe0}91Q!B+pvS7C;yYVb=T9=Nc6Yl}JNHlStZFXYRUCM*j z2H3GPAIK6GIs+a1#R1URv>Y1)%pEN`5?8Yjz)cTSCx75TcI)M~HM76$*6UHmgLj1h zuWjy8Nwz9&F!7Z!HcD{t+7Q#-N)XlY*^gxpWEnf9i&44OM8^3lPyJ%kGr9-5BHQU` z+f&Ap<%^W9`D?PJ@xOFt7gQEcjkoaQcizb;7->{)Mzzf`>=^*A`yQfj+|Z-I?g089 z!F!Xd8S@dyLMeEW4y22rF;Y(M3tNravn`c%c7yf0uJXf25^lTnWx1t>6B?s7f#RA1 zuNnLZ4!?s@ap6tOOMX47HnAwva{p6BApKWBsRomy#LvzEYPZkJr9~LC@$~dG3LKzTOSqAj z+EXQzVBWtGaUGS|(kl5CEyBOk(&_c)Dpuu@9%Z2=fA*Ga#!pOO_FyCEHb94SFv`V`uOmDBe)7avFO{kS2f5P+r)fNxezDq^;A<#}h#Ew!8 zomWRm=-J48QHv;L3qKMef>d$w{Sg z18K`S=6bqSViMau_G;c>OP^=DUzIo;ZcOq>|8^%o5sB{xruUrJB~_tfI-T|sZYsmB z)pIf-YiZjWm5KpyLfT~8M`ZyaFa{lo+MXP{FqQ^Pb3z5Gd-reVfcm;!r!P&cZj4Yt z2Ej5ibbwkX%=>nn&74BV!SEP_S@9_qZe8#m8F;=AUk zlfzMeI@{X8rC{e2qBLZ4DYjSoF)<)}c2K&)V3nhPQzv}!;k@My^)y@T-C?H$q}On> zQsA5@iC}(OCT3tm>M&b-^BlPTTp3ZBEFl$$IE&k7kW+BC@^_<&QsO-`_5{_{7;f|k_#sj$`EtXm^|K*MMS6B1w&RJnNrys6(9VXT< z8W{I5cD0Re0C%y4#)E$r-JdPLETX^uDcS7K%biaRdNvMMIH6gOmPEc%t*J~;$P6d2 zv48c46MXaN?pRpxcGa7CSnbNqlR;e^(S;M%Sms)%(!Kvino zob)Vhlw`2S>O4_RPXlBJ`!*3QBs$@d+&hf2(Bb!}?3zc|RY~--2o{~wJ{f8Z=F`8M zJ{s|yC%-`Y>AV5NWbXH8Q5gZThK}8Tp7+>Y$H|@>ZRVhZop>m^yDj^H#|o6K8%ar)$JiVr}y;y=SGgh z3~Y2c$h$X*g-(~CL-AS>+9|Urxw%ZD=6WVeKu@;mA%ug z9rfq?r{pBl3M=1gwfs4u232E7TL+ePR{HtL_qp8H**pFE1b-gcDQW268f(3U{w;7E z0$55&e#0LEu}#wa)=wdr3Iu~g&{hj{hwgFs(TuE1AdGbH7<4>cGA(-I-MWSf72Gy* z3HLsh_G!Hx0R0mP+R1})?e}IH0jioSeEhJ+o-v~m-w;`J98yw(1cn=jzmSEEb`x zGCo<71z34HXy>^141Oedr*@tM8G3dH0OWFcJgQhogs-m0j7!?qU9SVNwOYv4r^><| zw5Ja7eBc-ep*}>AF{XkQaKZkBgPTC0M0_Kc21%)E_p1Y^YN(zYao*Q_edxYtJVx0Y zuOD<1^a9cChLZum7leB}Qa~9O?lkbHl>?1I+UUbzex{7d!Ib;L?HE*^_#Rd89Dp?S z>Ts6q9lt&(a|#c@rMQRI#52&JwW&!ATF(9e<${^6QnoCM0FLy1+A5Aq*rMQYK&i5`sJ4L8D4WXIp~jO<_K}QO zO>k*`Vh%F(17+?(tkxa!%>xlvn>V+!Z=rBKVf|>L&?6Mq>j$9WVsc`v$bI9lz1q%Wi%B!inaA%3cDve ziDGauPc6@al}8-&BbCccOS;1A_?-B47WR;B5sni=452Bxua*AsbCy-GX9v~d;$zL9U30l|^<)XT1i z=IeUph6br2q37%rdDXuy_8?5Dt9qs}%K^fJ68SVM%V8}eiCRPFx@mK19HBSMP{6&R zY#Q`L;WQ29ckv^mKVQN#z$(O=IJ^zxBy=+oD)$y4?M1jJwUD;+wanPOZPF z^9mD}8I?iEa@p;AD01k0!~=*TN9@?ztFOxhH1ibYZ-c10_VcrG@6+*nz`0)w@xE#L zR{GU|mipy_veYbkM;Z}{?<=#y`arXDV!W?Or$Kinaz{e0GHibKSC))_aS&>V#TrSmZW#UtMcmT|dk<|5s0dcXz+N1f*0(kTe5E{(Gxho*teNbD#=a^w?1 zLVAB7X0@`U8V>O9)OpmHX^)&391fHD5%)Ye{M;tMRsZUjfUvK#hi%`}z31?3qn^*i zG~U^nPQzgI7-o8%+@Nl8uGa})Jj0-#2q8DQ(-(Pe<<Bir zXRPzS`(5YDS?8>EJ{&)|X6?0QnCJh@6Zd^xzl+8oU>HWjXp}PevbmXA#xHn4>-)KC zzIxjIM3DhDI-pm_Omq9;SZMdWaWK)yOce}hmz|S6mgwFi(s2W#*t`+kLf*c5F5Hqw zFCKH*dVVLnvr+cArjze3TsMj!bY-LDp*K*XoU)vc_xX}t_TDWQ=gE2l1>)UE``!vo3P&jjQ#rwOf{F($4d( zIqYw)LndDjg8CngiLP5Km!&J?6+%zvy{lEpXvPJeje`U|C{k6j*W1Cjh5?zJ%xzZ$ zT2grXxS>8fDOE44A$D&o=yrj^yG`K(IRot!WB?!sN3`^m(|fM3^~dTHaXlqk;kdf5 z0Xa8JxNl{&uMfR|?sj{7P3}wp`3a)8mR)ov2&4|EznKN0#H*|>N>ruc;u5iH-WP{e zO&e_QefHhNhp}RcwcD?G)%QfJ@d*eM41wsJQm`iwG)pp-F=jg9#%{i`$Y+(Y`M za;9DK5d@T{d3)RM$D((d>ZV9S@W(XErux<0dd(q~G-Gx_MyBwqTuXyoylbA;WFoby zwt;4IQD|1QEGp~eR<|6Im5moFLh1_IZP%Z|cDZhN0Q!h?BE(T?Ol?)WMB~kV%#H|g zXYbxmJ7vEzhQ9Nz_Pa)%-dItt*+}}}pso9XU}Ilg3Epxb?EzwpN$2_C&e63USuGp5 zM4yqljq%lXS#ZDJjDwOQk0VQe-2dn1oWqUuvK&gRri+8pumS_GGu;Em1f2A^Os8o} zR=!yH%5lcXKiqe6aVIztcn%7*1}VF`?W8>UI&X%SFsO|ZiSTxkn$DoHTLw-IBN|CX zy-yr-?nTjkRJpWieMvL}o$Pt%wb?JZ9uh|k3vk<%!oBVPvRU;p8~6Cm2*|BKZOdsG z1;%PI`C(o)MWu%WcUU4c8mDi32jWk&j!^x(aIg>Syf7;=Ctifx_qE&6RK}zW+vZA% zM9P_ncYem#mMvk*hw63p^cL#Cl#F)s_jm*kd6=~acA9uDmjjjILS^M)I&N@S2>N=t z+<;5>%EOxuw%K8y_pEM%NEdQMuvv`bhfOpZh!7S8@3Z;_SN4b824IjoE37;D2x%-a zyW6&~gg`orW2wjoC{f=(bHHn}hW8nr_6QvPd=hi=46v8c8Y#64$Ew1)P%LG6I!Hyf zNZcjR%^2#0J+bg=Fbe*$`Hy3(0E-%XK-K|dnf6CZ@60KL_~T|*i^7s4SrhNLT>G_N z%VMODft*cnBkiNukHXa>$geJj2Ie*!pRH{(HPRBHQckee86!1anj^%FB1KFKgMAp!RX8PMhQ2|Wx=&^PEpnt80g+UKEn8=+e`6iA-MNBa> z`v&DQ#CSM0#C*As(dB~39Pmvxm59Yx1Qx1Zaqd`#iMz(%@Zon1Za_Gr82_oMxY#i zJR>Tzq2H)S%u zZSocD;^!zPm7f}Z{c_hhT`#~+qWns8F5Dr*$wsOBUO%pTdV; z1+CqRbPZE8NikTYedFtQ>cX6EbU*cg?qhcL-h>?yjQg?{ibF|XT|QpdpmiP(8=DN8 z)m5wzh~4tcPd1byubBKA@;#(>zGD32-A1>^lmNU=!wuGEC$d4pUHFJ`#n%@=>YR3_Dc*0mu zE2KfQ=e>h{8#le^W36YPJsz9a_FPPp4<9K36{cRY%(&r77Y>`Mz@JuY;)<05$3_;vFlxbzJ~6_UFIuJ#nAR6Jqg~|oIVLZ6eYX!?6Nofz|5S1kFrG;` z=ybNU(p2PP93CUzxRAx>U56xuV7ZE+jRmZpN{r-c7b2r;7xfy`?ln&ijd*3LF#WzU z+wl3LFbHG}uo`>j_i}@kdMXLLSBn|9SMxL4C)u{IAFG;HDsm<;T^%8e&M%~j>{j@B zLw*~8Ws_JNz$u^gQU)JQ!r;xr+h99g6r)LuD?87bR!l+?-kL1H?i|v&rM1NNAJ_K& z=qrkNr_NvVg@9dbaU1s#{&8~d!N@BaT2x0#R>$kN#^YzJNto4?T=c2t)sR%T&(Kb_ zAYBY1EQYsBL1_K)|5GG*2HtE*<^Ip5{BL^*ykK|^iU(J0?*CC5{H`4^Tx|qzcoO?S z;=gMLXy6?fvbnCL#QwYI^_&mroEmffR{wup;lbZmu~zm!U+phwWG`JiyZ-Kh$}k~J zZg80C8G-fn1puJOjQ_QRlau)_*oM!rT1ds7T(cTK%L%I(R_JQr^UW^rdb6PLtlENj2xBj zFggI|(SVC$Bn>5xQLV7|`N3E=IH0#9hsOQ@pcmbC@-&)=AK=@fQg>D&L}!$cTF9Tq zA=no%GRWbi)9@UwSl>B75)K6@>(`JD#v)jHjq988rQ;9kN#opV$x=Bh6=^#8os%om zj}+)MNnM=_f5!9lb4r7dchDxb7)dt*UK$?I~yf*o|tI0@_QOF1U;vwO6 zF^WKV03klmK5pM1weOir=rUnG2`B14%msa#2$iQDLtcWx@E|6!q*d}&98|R6y}UR{ zf{2-xR{yHenvmszo)Ygh*{BAps$ZYZ=80@WGJzz zpMF4lQ~@`G@xgXMy~X@|itzJ9evj)L!KHqwu)`fjTdLKBP5Dr%NiVmxMryBbx|E^( zSYB|oQKqGB)m#wys|~Hg_ga>#A$PbIPyAUd=Z$XJm$kwI$FWSeiR+lU`3kcKnGPlP zVo1vNZ;e~gOcogQvDpTZl_Gx@ZC*E>+_^niH)Uls;@| z=f-wfB8>CX97EXZTwFC~a+hqh4=XE_AN=ZS7SW$j7=Y%h2+mTHyg zTKo~683-t=@dP8RKuH3F%R}nUBLIdwd$a_?7)SnW(ydd7e4<2tLKbU1+C~2pl_PZG zBi~WKm;-4*G;(J|k}q9S8e);5Xv~`~Fhg&f%~1LVjO;G^L=xE&;RIP|qWoF3^~lY# zArV4Dib=_5#~)^I+X4Ad7Y3Jmc-6oy&@#Krm-tUg%;)dms+az(Lr@0iQS7KG;CH8R zr<$FF^C;vv=kUlExfwka@{b^qD+XvHIF5XZv#t#{_;S?6Wj&}GH`I_I zM`M~SMs5N>z<%OZg%x*=Ety;fJ>uw|G*at~Yol)9De(h!n@Nsta9KiL7n4QeB~B-A z?%x4bxA5e8K$bt>Cg1Ro>z1VpZ>qHSv?~RL8N@!g#NV=`+Bw>9P?bskcJM`fYhPI} z{-a(dWefn#cc+-k4=%0_za!v4+G~5D;3Y-c#^r(FE_8>)DZ^EPGEibNvk08zX%XF{ zXa-Cw)E|`z(#bRW-x-BSJe7i4wQ)?~%R$I_u0ep-UuQ$CQr+Owl~Kk6;)!Mbv@agv z{YoXA9Tu4mne0{3)(MSc?P;52|E!nV+kfwtqpEQ7)X2)H8aM!&J(kk_Dzdn7msM$!`igR22L-VwGvuhtAH0wCr#z$}*5To~D+Sv8m14Q+ z@2Xr+T}`|dCL-;w96vN#*|YGfxEA{a=naC~g5rrM+(QMic&=Hn6wdNnh_2tkTLt6$ z=@=0U?#{N(l9DjwaK0Cdvnrbp<5zM8h(VpxVb=p}Q4*ezO2#5Eu>SVLA%XSeo;y|} z@A1BVRe7Yq-p#N$j$ceav<1>Gb>5|@s^(6*4Oo{zeBfI{8?`p#SWu%%8gj?!qA>Wn z=BNVrzTpBsHXr(Y?xZ0rfx5ryvkt6?@}4yn0g>>4Iv3_JHLRfT z>%ll~m$6W|IGwuhaYMm5uxV3eX(&-m`o({Yk4J}KT_Q^_sq_zEgG0%Us4_ejE<u;oxGX|Mb#sDt@OI5qN3a3!rt z!_ZDBd_ZyOXTvw;`QngS4n_bIa1gZ{Yjn)4YnM(g>bx%X^~T< zMze?aAe#)d9>OWgkfPxH&Iq8EqH}E z_Gam3I1j;tfls!&>5g@vSMQP0g&~F~kfjMxQg(GT0!}&^O&>fo__MDzPluRub5y&wc9Vs&?8Z7*U;+RRk=qX-eFa~TVis5 z%oAP|v6F6T&f~=4H6YcIQc0s*`TASm+diWhGepF*MD3u;b*8>I8Wwy*_?@#T zjB&B0QKix8_Q9*6BCzr@03PDL9Z3jUL*Ik?@}+n+lLOD9fn&Cm0EXJ zg%9n8eFPrW)+ehW7t7OwqLJ9j;3UPOrbPeXa2zi6lKg|uL&4pAf>`#6jwI;ZseMTN zg13EyI5ooS3kBOF=~Gan>A9($XC&$am!Gg1cb`LmbC~-F-oX-i&-@|b!XaG&5EsF@ zf7Ht?xoms*rPMs!wEPxz)X7>uw{ZpBbd{3)vPJq#-rjz^I_2_KYUe&ox0q&kp<^>o zcuOi+kl5CXi<-NkDjyMu#e#mtHYxEag5*MBP9@z;*BAriEjHUgNN4Du`5ATqsHL%f6{;28ruX_! z7sm_W#Jgw5of(nfyr49R9a9|YVy}_ObE{KKp*YmHBma#sI`YmbM|X$_q7@IpIhEV4 zuvd26NZkypCylWDx#s2&yk8q%R){20ohGEfvZS4f?cgYkA}}M|wFg^$gZ(S+cIg?( zJ$-*U5%iVeYdax{L45Dn^MjUbgM$J=H zkj-4_4s=4Dh!T<5^0c*iOyY<8iiUo0`FW(%omH2Lo0(KQ&RY&%sOBYhsg;nOf@c+z zBRFFULu!TBa@>ZhxCO&*BQ`z?QF4U z7;mklZ)7Z8AgD2#fWN^x9V&6JetWQ^Khc4KLJ1x?4r&}Fl zm1*^{iN)737bzd)Ga>_Xl-E_$C`*B;I;ps%M`U8flvqXc-ei|{UeBI3h9>Gpn*UOj zOtg{)`3A+|_l@)%g*;d>9!_CX8Sn)m7FCiXk~Q-P$t|WY`Lmd2-1;(}ov$^fCtDH_NJry!)vcMsemIO-s zK)n$1eMHT;j<;JZN8O-}A;-7BBMEJ%U`-`VN*=mEP8n6BPMYBoCN-PL<}jE@Ix(FP zzFIz0s*o{aEkvJ6LPfm!dz3y*R#B5$ruruLGDnY2Z$ar~ zs?nwmqgFB+dxpE6sWHUrs4EK1Wgx%TJmEbMOe1r!daB9B$fz7i@=x@&OX z*PwVf?w-Oyw0kCu5L!P4MW+dMkc_va>E~IsZBFcIm15LGHMkWRzaTgl)cl~Khzncp zk(&y*c{AFE9x`V3iEKP?oQBm*a<5CD4@tL~Z$EHnBbP`1Ix!8n*vH0rREUe1KKbED z+sw{Y-YQrqnFL#YmLAjZt{Ly9bf?(r=YFEr!J(gDY)<$)<9qw|?BgYKQN}ktJi)OImG{-LwtZ(|RkaNYXA#qG&M?TjRRFt5 zTKW8vgJO@kUQzFfkfKTm#{>ab1$#X_r9~(usN%Y9Dz+qFqAaX;yt2bOE*9$|jOpm9sk| zZ0llpu5M9-4#W91OUH0|lkq_iM7~F&udX%PNgCTel5bCc18KjPK3VVevm%CWHG|-Lws{tz@o=#;|aL?!&Rw^4$r8{10F3#uO+|4;dZP;Gwe2 zMxpg4u;j1qiRI_zPF|T}BpWIMy1TmW&YV>~YEgX`i~D;H-qmAr0_hb2M+G0$rjFd` zW{ZwIz0cM+R;KGDL*Bt6MRFcNUSQx7QA zvVeLiO+<9g-qai2Wi_z!Z!Ed!#l1&GSDRN2voeQBNHZz~$7@$^1a^{6fQdJ<=6fybY9HqL=Tg7( zb;6iB5jE86hxzV{RN&E7kbpA%++S9@&xh9z8>U20{~6qOctIV7pU`D1G~n8nD3L{=9-nZwm6YRyNzGOPQKz_bXBND2bA3q!CN?yOD`d0xc|p{_qW`L zj&fLz$zZZh|1RAAEmATBf(j+!7YXC_2Pl>|5PX$L4`69v|0b^@qfQy0~N~j zwzR4Ne}9?ZFXog1KbVbO;cqSSw=&-f{f#a{qlJ&l~+q zo&Wm|Zx1j~Wk6Ksm-8n8PqS;dLK@Gmq4y7ALeO7lz|R*lk{BqDTQQ*dBTxGLj5W}B zI&~EFa2N`)ett@SZ!DlYVMD=W&xUw1b-)Fz^nDJsGTLRU@`*#bn-w?to1}(d8W*2hS{thi{4!eT5 zt6Qv3DiEzkU{B8dXfEMiT1>RRzmq;3us{~c>;j-FEpL-0tiHT~yn45ZGnIho{&wox zsS+o`sSnk(^nZ=g@Pm3_Yo`qTMP5X;8IV0W!-NH80LkmR8+0SAGUDn|jA+INZfB3` z#qfLWY#@$j%gTX}#KcGp;PHC-pB1ZFe#~ZCB1)1tc3yJSC1>o@h!F;VX*IlZ+7RAK zF5mh#{pCCF-75FIOxitF2@to3LT0dL1@7-baS{h~65kH~GG2HRH)D-gIhml?YcJ8N zsE<(;FfHbV_PV#tFEe0=5N>qz*-Cqq>4_cIs0(tmBHm1l)02zfejSKj6UK1?Q8R z0SYC7@^k+DNPy-0B;ydJ2VDV)VmmTY8XAf8HRu(f*dan@2h=NgZ9she=@5Da4%El0C9B3=}A}W6&aJO&k&mlnYa^7(g4uD zeM5Zl1l%oIRb#$~2nwVW@Tox!d1hYFtr zYYX1KllWD5ug9(j%(k6yR&+be6kH_AQ!4P4r6*l-QoNLtS@3mvIdB%l;y$CiGF$D; z9MgM??1a`LT!x04yAJu*g3?Jr|K1q8Qc_$;i(1?TZSo}1T>IN3?+!$u;WNSG@0TF% zL8CRR;dK%M)3l^#`{UBR%d@^q8ovXOVAqjh_3+lv4$xurW(^;nqvToZ;hVs#6R|l} zqpb{iQt`bTpHa#BjNo#cV5bS72MlUeeMI_O?uA5uXJd&deAKxoj|7czaTG+R2|Jmo zA6Vcr?)n{Xo5kdyiRK5pS^Q;^ABA;S5zb9K}(yX=TpOcX)D(Y#OhyGH36ROSu z$Lm1KExRmIF5OndT?&#L$Cu!lEzF|gvgXbZES8!IrqSK14Gpd*z}@G@v<{$+86!@K9ArI)CeNTg6hF=pFBIo%_qo15O~1=M5G_b1XNi5qQG+vvea!nAKXo!&wY zSTx7ZoDSKPf)fic`9>l>%0AYA33Nv#8HOUJ4c-TjrPKNcL|{!ou$0VmwPEVqg4<5^ zkW|}}$A{uobUUfcS24S>)Mio+-1-`9^ zcWYsVp!+#)-Q@*SFZ*!Xfh;wM zAin&UER|jTIr$Afuf)S|&xmECGZGrrs6S^}@+ zYVhlw|AzPUS_|&;0j^#K4Sh^jdf2|!*+;MIEw|QFZ#c2^@Vw>n*(nbP;js+%exty3 za!N@p^0iCQlB2Ia9B{1Hm>(uqaUl>2Ow@)obTUHx#@?&Bw@s>yr(~Z%f`>UU(+#TP zgOaMc=d|&?zd5t!95E*oDTzB&zUj`VNy`6tYE>JInj8~5XVuWply!3Nk)r!2E&^sE5*-{xJtfaD1#`$Td)q4W<*)%# zTWQ^46**MV7J!MjmOljAXY-feHoEs*b{g#NLSRfdf+=OFLjV1VsEwtH08xHUjxb3N zRa{g$DDSm9KU}4&)K%#)$5v}yt_3L|1eWaQ>{VYx}GrNg8ng@|~%_7tc+IfXZ zTYI3EWb~=APotJ@ckSIcN8moKL_XXv=2d_q+x9?y4eW(lo~EyH2H{{-PE9>X6WnPU zyjJi!8-Oey^7@3PV2#hwY`IzNLz0)|>ii`(uzHi7o3Ka~g%-PqZa0w}jL0?}Z!Q{7d z-K7grqM#RVZXRjrP}*Knl)wx_i8pbZYBwi#dA_3(2Duw~dWDSa2R}EQva4uhxLoYe zUkWJe?|ZRRWxS9Z%yBDRKVdY%WkKSr^MBO7wc{y_Q%P!v*vD4Qdvq$yd?)SRxNmD( zJwN(%_Y+BZtJmWms1DS;NpfeWPp}+Rh>!dPIsDPdFQ}fs{fS`m#-iZ`Q2&GZCLrqz zKyj*GR0oVVQ^QNFicMyJZS}))%~sfyujd#|O+TypAs@L@M^82nklu8Hn7nMpb?wnM zQ}K=t@#hfAc5m+RJL~Y1lU=Iq`!rGj2WdP-WN+TBAP!m_|Cbu2OC;00sO1HAxm>|?ZUYQu~B^LNYsrnBzt5^hftqS_mQQ(1Hskq%$U=y+rd#X{b$N zm6Kn>NRp{djb4B$f4(HrlLNA*Z1maxh~$TjbOe5vGa_zaq=@X`7qd@B1q(PM%Qs0L z2cZRI;dTo&9-GzB2M~&H@WR$!<04JdJ-tz;Q>PS%5F0c3>NM8 zjf5npwqU13^Z`^bdmVosfl8^ArI!kL=~m@6A(12lHL8ZLixUJms~*uj2bO#s#7|W_ z%^tQyiCJ*CRekC4%=dPU90I7pN3*C3-9pE?kq;#&1ZA zKlS z!qXGyqb!%c*VDHW$FAjEIvL;HBNQF#$fqw`ilZPJ?I&dqx35%DX zC}-24l^!RGt3KYod$tqfBv#U`bDJ(JA+zcnY>|Y0uNKF&U?zMMdROP@FtT! z?RMBV<02js zP8q*4hu<@;J=xtk)?MlDS}*AoKMfWKlaqIa^{{|5=?41l-Jgdb;lY-plW!l05@|v< znQu9fpJPjV(eW&nVY9D=`hJ=h*}ETn$n3sL*SC#ILwgnW{mn(2WqFHi%Eq-y09UDa zRlrH0>_R$ED`%o69oNW`c5X!0cmf!`G=oV6d#tO|#Ii%SgA9JZVkM;>hW^nc@uG>4 zSWiPfm*WWOQbcb})d-1TdO8b;zb5y5|CC-0S?z@Ty2#~`h10#0ysaOcoYaB>&1O!q z)X^C&oB&5>~Suc?eux^d-aD>RR_T{do>G0{S#3h!+_$p-3@A9VPC96aFG?X-)Ho9SXQ_oi9 z?FX?IB8H@}OP&o|)Dke^V+#7v^9T>Uhe*fzHcmH2xyM3PA*TYAyAy^l?QQWXGI}L6 z7|(Td=`%{!_n*p|v~k2oT-}m5noev3mZRwW`?kMsT;^BpdEsswXT2)15eu7xw=pT* z`!Q5zDR6U4@^INb2L$@neICC|bq4it&VlEjQ3Au^P+_#Ty018 z7K}rC9zQQSPr8Orvoe;yYnU6AT3SnQHvbu!W&)b|$q3vb73{suzUv9SxU$ISS+KWG z1`1X)w5!%LNPFa5kvKuc;nIYZ?oF$~xK|L|#ns(n*0%pFmAs319@W8TA5o$bJT}3b@?}rLBkci)|I+H(Ayxd@|5O{>M&6lTsmwfX|yQm1&sEbLzQzvJ+5(^aL z=BW_2@&cchoq5&*$eCWK{!ky*Xuzy|djA_Qzw43Y>ugwTa8l7y(6=A)5B{Sz^j7Zb z8>+`43yUS_s|Mlt>pMn+m{H~!=Q2l*!Vf-Xxh51O)?PV1V& zF8VG{qz5i9W-rC(t9KPakUd*We12iv<7_F&;%Y%uvCF>zUxfZj*KFSr{jDbbe)0c( zn8g1@$`-h5MLbFPpTN@2l?T+n3u%9BfrS24fXrJ!RPsNGT%cn282$g89>4sB{}0A) z{r`jgpVia<7YEz>^GXUpi?{;Z$noD`g1;J3u~#zDKh>Q!z{H0NK)YdqN>3U9FybsA z+H;TfO#pE*6z;%n*w>SExhJ_ZLCP<~(Uc}wsp9c3TuYkL+vtHH*&wqrfD%DvxuPOl ziPL^M9@E4{#Xtd1gW5Rl(W?^GVVr~JsJ{V!zpBJCr`RNdwIWV4G-~M*cM_36NQg>I z%>t!71>o^~8BvTPiGYOVa5`z1NO8ivW~kW&Z!N{V1q zHt||YklGP=>v>|qV)oGTA6$}pTZ-GjpGT1WvJ!}oB9eryf!bhW9%Pj1jthJZDr!Z)J$Ws(kT9SkAfn6_?N#YE_XFQCeZ z>=FU#v&ViP${U{YcJxVKN+<_(^fy}EoP0q&>su;EkK%guOJb~87t#0Z6?jC6#6J8z zPPK8*s|IuuyeY6elk5q%fy(Z%D<#)ud3+qGSy0)=Qtkh!ToZWkRX&mQ=WXA>^11W= z%D`=XB>O1}pMgn$ej{;p+%!-Fz;fLw0wIcwmlZyrruvGiDcr3-poqL2*YJNwOFRZ# zCDn&Olc%4N8-EytsiE^x34o0nG@kp$y-H_NY4OPj{hL-gN@Vj2e3{HV?u~y(@HNrc zB^-jKMe2pLW13(rx+4B7gp3)Hnj5g>lzvGl}d&oq0d}&=WQ^Jn6!-u2q7SP8g7s$`hHB&2R$1c> z#y_mf>#~1TB=49m-Qr?CZ`g7^Sm=m~ieri@9qaD??AfhfJJv}d%*?4lFLZUo$13km zB0aw6#Usa;Xu+B7{eoTbH zkNjjJLGxCuEf+banI=DJbt^h{+`OU;P{$9loaIv+HKX`xo;pwt*y$`g14;wq`uugE zF5kJ}H8||Nq4b9=_@`a;1;t}D0ucI(I<^DpK54>SuatoCvp??%$2xMiOlc z5knM#CeF8|sIoK_7I5e6Q>0W?_Kb4aSjbYaJBzqt2Uz%HiLu8^TLGO67vm__=5d{KtuQjET_9=KYZ_T(5;_3B&baemanlX}}&Qbl7NHr1Ezv}58mIu9q@&>5W`#aW|MB45qn1<@8X$T17=cUsTD>DmYw1X=5 ze{aAmcvpi!=xJto<=-*;Gk->j*cVqHr#<3S{*Tk?&lT1?0Q5#@-rckP!wmfM>@z`c z)Xk<%iTgjdcd$~=0QW|r=$e-PzYadG?BJwDt1oclPlW96t@*7eitrHO9Z&Xmqx$uN z_C7e?h3JO2{+sZChYIz|rpx_zXEOwF%SJLunaloe`oCWM-}ngI0gUp&XXE!0+}1}G zP#A`6V-QcS-{cF+umnbimzOhe2Lsp5sXH0mTw%b8@Wyxd(K0GYsu8HLSHNi?At68f z*SlXRn(i)k4g7JB{7maY5eh)e;y@&=corZ#;3WK>Fu0yqWz$P2g{GdL867*Z#vr~r4^hd;**T-U3zisbz$$48{4 zC{T2F`l7P5(ja{0w$-w%{@Gt$OWWo^2TnOd7O$!{sh90BS0) ze8aj7K3J5OYMPkNObObUV9tkM?dKHmv(|ygJ8W!i;m&-}B>M+~@CIXW>e?db*%F_R zwd#sx-BFnwtauZ{`r@qDI);@C#E-p1RORxO@c+0r38LCv!N$eAc=KKz6MOQ>wM z0Skms_1p>!&2whdB11SIS3dUzVfS3W0@W*__{&-gwpQ$%r_Uc}_+8XgU4*g&cGVN?em#R(Yeh{RVQ~5+vvvcT_v4}ZU0aQ_x3U2R zoDY6e&0oss-M|v8?cWCq$+Dg2RqrCVQ7zc$C5bom3s?Jh`34=Ty@D> zrW^!CeeGx3ewBofu-_DHj~2Eyivj!-9-?5bPluA#J2%zeygu^+b#|5#>io4&aiR|u z06=<0>?*2{#4>%zU z;}(h3^U3Rp*+}sMEhP#fiaCt(Lqna2zzeRv>_f0w6@+Q~{#ogCFkVFP8qaehT8JMm zYKG|!eliFOpCSd+OfPV9Dr2XBmSkErS+A1B-YhQNP_b+GPhLd<3Ft(vq9CXTw!wvwI&JsGFN2nVM`FKN)fQMrqyto_h8EJ~{mP?)i3zYe*fxPpF3JU*7# zIX_p0%D855s6VAJI{W6m>rnFzG-oF`^16SQ2mIkE7T`CxPq$x-IOxkOD27uEZ26>8 zI*_Az5I#q^*W{hn13g7?W}$-ln5Ayj@^cI*oxjIoJ*HJmCPZ+!r; zj1ElZfUA+&-(?8(qKcq#jJ9$IpWoi+b6#}vAea`NeMX$pfI5ocGF%0K?U!s0<(sP9 z0iV>%S)+dDeOd)vAn+mOIvCJyE#SEQIbl}ZujWSZifc0C1lE;-yug#L84lm7>{$Vp z?bjcXyQ;V);I!Y4IN*ohrkmllfa4?&dH9p6wKTUJz8v?bTd})D)V(7i6Op-3k2_Dt zT1t#tcfJ#M#-u5Yh7>he*6X-1Sii?%0luWpmx`Bdfn?`}B~|a5B6WVP#(;Ou?%*o0 z?XlH#zp%%j5KjJTi{G$1H8i`Qho7ASIEoRr0xDr;ZM6Efw7dBASjxm%kI1wq{Sw{y zm6Rw^CFlNAjFqPjv4~Baq6c=!R?ue}4iQaZuWM%mz#N7qGN{55xCox%sF(5tSb_T53XHcpI$K-8!t7 z|7i>Te)-!LnhZtV$R~itZy%%)-bI1TQK-urRUOMmqE%Lc#??7Z81jWv8>99WfSQJdBuBEZ zTmQzH)+%q^w^Xpktp$`r5PVGubT)#bmjH|>eL;u5kuQC2%j#0eMZ7=zd)Lb`qPgS3 zq7Rt#@|YX3RodNZ(ki&yb&{^;b-_XoF(7J__<*B8etKv1$ctWhp$@2|ZqsF8%+`yp zPXj8R14F-jk&^tLgFo0b#=yqMVlv(2*Tfa`R-8|JO~T;`IK_w@p3zD@tA1$k1Ooi8 zqhZ=8hz3{WKA;YE+(CuAUpxcg5H8-#NA5aL)?3}xCUbapK@e${l!Dtk@e8n!QPf#Rb@j-NJ_XF0)_>=|O7+FJCEm*z<#DxF%S7C!cddwwH+$ET;avEQFS> zHMBR{gYiNspYR#gR^kYdke>t)NWE;(!F>ZNJ=A6Uy=-s9J$Oa>Q3564!JTGP?r1af z%JH)Pk|9mME|=Pj)%Nv87fQ$gO}u`N{S&4m?O@BHqFpDsFIVTj{&sBteKrgRcv#MG zpgZDP_^CU3cmWef7WhxOdlF0>H@9Qf6Hridn>5xB-!)u{kf%hssAa;i!H!-M?pjVk zVC9Jd@$u+pO17c2I-xl22%X{T=i`9NI?3$W^#GD*j!BL=nx~d}!)UHq>Xw8lJgUUf zSu%;ny{D0yi=>r#2#0Ro(QyodR}6k1q*=FM*0xnO3=8u+)htO@k#&sFP^i z6%=XSW;OK`fc#>=p(n`LW+R%%U1-ErUtCU3JTv&-s}h|gc>4T@Uu&1XyNsbn6XANx zIB|5#tnl zrQP`&`#c@t?3hDj_MiVLRTKmC$sW=5`}0AEI*dUf@HD1#^#Qo{G6c&kIw=^t9pI%~ zO+YWb!9;lWd&fwJpz_uwGoQ~WkGhs4)a_`bqnl%}sRm}#>6u^Th{F46MgsO~QWQnc z%A^!SSYNXxVD!Rbt!Xv=1w?@~&jz@_&T;uLol!ealW2C7hH-6#Iybj|WK^V1huJFA z)YKPuu)QQ>LIK0Cdi+5(C^(TmNEo7;ZkCBaer6uslz$ZJqQbQ~S)y!xR$^2~X8jao zf*wgwz!Tt3cNOXzD8>@foK+q59p$qR^nU;5+5WH)~G4t?oU(s@a4=><{@9CK$oc4MR$Q;|gNzNaPkey}N_B8|N6boEW&3~_P(1s{ zs4-FY5q(0`XBF!SLP#GB+xy{Y_lRq)hjP1T2B|Wl6Cwe*O@>ye zx}8z<_!aSlUJw>a1-&nhO2)Nj43y0lZn`|*iYuKS;mqudT9Tz5f}@PG-<>ixZ|AUA z3D$lu@{d0%pyLmHDOaSkhEw6z#UewRIfD!o9}69$D~{QcH??9c3!S z2LROPNnx^-(Aof3@z>8~&%m-8E2+!vSLeB7o+rV$^e|*vIv*J56+~LD1%TsR`>P?J z=W_el-EItfKdO*8BY1_rA5ztHh7`vxq`y(NyLVGZA!$W`Ey})#tYGpa%x|i<{ zm@M7s48_xM3IQgvr{M0h^Bo-dgxX5t3|>k>z0{tk< T9#vfdf0Px}@0Q4!zW6@?YjnoG literal 118625 zcmeFZbyQW|+BZxoE#2MSAq@i3EhQ}>Qqmn8q`OOjEg_u>o9+gsrKKCCB{%GE;eC#` z_jAtp#{1{{jqmxx!Dh=^YtFgmyyo?bYes6Q$z!6CqQSwzVJa%fYQe!h$b^GKyh1?$ zzPWLSyaIl}yK2cx!&Q!u?*hLdSwB&I0tZ(Uj}CqD0Qeo%N#VIG92`aX{Xh8l&0{M# zIM@e8*(cgwCf{#CXF599?~w~%PS-|FrQiqE(NnBpWpGh&R0p$Euj41Y)G6aR{W0>M zn2$r+3KvPMfCsPB3`ORt8ROU*+*9?5H}o&^xOcG~-W!V)KeOpglSS1vlu6|-%zwt6 zCL*r7`xdlSa=0+p>Uway*gV>Jak_4j^U285cw}4rFyP|Th49kF{RdA*^&Dutw}KP` zZbBduJvBV)?~g(7G)Iyo*rEc@{`3FfQK3PBH5l7L|Geba)xokI`hC=~X%MCVyr~&` zxA33O_}Ak)sByT{cogzKRQyLP;8BT(ogV#e)ZgvnRzQle!kBnvQ}$ol(8rsF_+M^? zfeUXz63lNf&-(X$em4i`&i@#J|G#zTD0?uO35zGxX0q@LSQ7jwN5tJWqFHgKGCSwd zh0wg{-*e-y;oDJK0bLi}O@a4V`5O@Qs!YDM`QMmcqJvgNm#;>UsrLw>E zneqQ)daW{YL+w9Y07sOc;v*8eyPu3rVh^$*_G&j#ZvXLY1+Z2^*sKUnFql%dwjztx)S5l;} zqFD()m~P?|nf0JDkBfp+*43?owwq++bjBbyF52mZdVeou-0mzMb{S8ysF=)ndnF0m zmaj@}dJBsrS%zVGK-n5D1{bzPt@rj&ulgxlFRFgrqQV54#f(G4#IB`O;L9LTQJ7Y| z?JyT?x$=6uNFBBmn_PKg3i|+pKub|+2brN2dV&w7#*S};ZVqhi4J&wlaMj=0?kky* z`_6wAG`F=;A(>8m9d2N}Gye)y=kB2PcVD^7k=|}t9Wna#MiIyoo>U_^hu7K7jJ$iy zm8fLyR}zi&1qtWXgV2T&=c~_|e249@J0erR8eO6Fp;R{Ok*w8|_Ddp|xiQ~E<-7S^ z8wpOTfXf%q)3x4cJj)g*XH(caGQGP^s&B{EcW%6qhgrfm^`PmF0nowd?fA#`GnqR( zCx>w52o|%i>NC&><+dwn>bFdHKQ9kwm%XaSs$qMMFjjilK|h$lg!f5L#3l4AY~7U6 zj`}-1#WHNY{Z4jWLF3=u6_Hw>og9Jic)$)OK`gN>UArCw>Mm`%MAzsAWr7cW$E*$k z<@fw)HJ2bE-6|9RlMO{Loag#=wmJwzBzK2xH=GCqVZ^97VE^;Eekzbr`XR(&ffm8# z`fOMAonS8Ztt^j**TJH2*0}+iqP`Sm=*6O|dIdVN+9l9`Qqs~U-nk5VQO^T=L6iOI ziiM9>%E1wa3tIyNvvs$cAF=K_zdB;w^*h2sLC(la5?~={miHD2RGyjW-?EqAese+l zFtNO86Z{tPW7#-t)8GC>MQOKuz>|E?6_X@vX6E+i`0KLx>tp-K%lAjOuxoP+X5)r4 z7_|G@4pTfArO<0UZ~VRq!M->gzZ)Vdz1I`!ux2je9f=Vt9mT)HY|O);34J-+cO6J- z79o6u90vH?&)ab3@WLNaL=8NRNYt-!Uhix2$mbweenVtf|Jr{$+w)Qly0+38`~}|} z;|XC(HDzukPcQ@M#~D8rkq|@U7A4A06ClacE)f#@cgko8K_t@mJUhuAH z75_N$Lc;Z2T|MjieHuiQ;89t1vM!1>G!?ugS^6c^g*00OTd4_pDE5;Gr`hjnUk7## z6MmS&39U-|@iIkmj9B(p&-w%jeYia^Hrv}z+Xoycd zAl|gvJ!bIAcKMg}NV=?VpKG|z7<;N_@`i4tSkgpOOjntj=7x;SeX_>eiHu2F?~mX1 zllC@}CThF8-j}EJrk~z5L(R=HYN#Hs6n`ol?Uv(rGT7+49rgkrv-c8$7%QkU)SS?z zQ&O}cz-|a(zq{Hk0w+bvgeFd_Iw_N4QoCgtR16@lW?JXW)!7kcjYGeG8ZE3D9%l$l zm78Q|D6u}>`U0Q!p7{1#v!~-numtXg`CShQ(h>;fFIW0R0w?|1LXv*pVEfNi*vqeX zm7j>h_e`(S4{!NgU#{q`5`%B6xbDJ{)tU6b?H?<1gK=?@ngkQkHMoL9SvRbpuXZ6& z=(5*t6?A7wn4a`A%=O*m)d(cDSd}-0W*~jR>8=WTcxSQHv8_}r1&_r090hK38-uU#314GBwwZW+2i(!{w0#qO5XhtFWc%l6Cu zBDI%2lbE=uvUQY?(3JnZY=VO5G(@@b9k84mExz^Rsf&#__Pj);7PIad0ZW?F#$c#9 z3gsa^l50Xj?-uwWE)e_^MRR}-%kuqI)BfF28W%+fWyGTbA1YZ)ZroA70(VY@u=%k- z<@OidVFeY{nj6jM_(rnG+>BZ_mm!7>x&%LP5vXN#cDoL~HM1F0SJBL&;_*)&E4j~} z$mM_IYP)B^tOF^6hx5+!*w*UF0(&OZ~R%OcFN1I(FEb77;V*K7`sByu#EBKcAq3{^S9J9sPa zjdk^KJ~8vZ51ws+qj}r6$JCU$+(PW#jS2g-zfjyJ+I4I>e#l!MU7{mWYmPYckuoTm-5^q$a@Xsi zaXX3I{7Il+xV9A1=?*D;G(90G>Vc@G_tDH)qvNu~NI|O}8kwrC=tW9|lg3Nj8Wxt6mQMnWGLYai^+#kLpQ7P!#=3CS8QAc!LU1S6e0N%| zw%)PrgJ(ZR}hs;T)ynED8g#EVFWO_c7^2LB1HdYz=D}$QRzSvy+5cnvhme_dVH@UwY0fk%W;QyVX_osAha;HyO4? z1({|+${LeJ^pyT=S z$K7;q12KHxIu#z+{pe%%K92h|@2!e<9>R9F5{xDI`qgy#bLSsGz-KG7IZ;4U9mD=o zvqw*WO~XRxf;pd-iNs>ZEX`E7MMx<4HvVaN&XV_bwgN7NS@u)QNsWjQDD0k6s^d2wl+zirLu13BkC*+PT|rNVxyZ0ch}uqu*lM65H9{^M z3T`jxLp!XeA`U~O7`_!&lB7ClIA=P;svr8$UlcU&Hi%^?X=s`4#7hV}(rC7k? zL7)?_xwNHZ$&(|n^10+S(=tsmp%VX!+z?#A%QNTEHc6FWH~ZTQ*lDqMA`^ZHJcg>( zs-kyhe0#vo7nGMZl_4MGLW(Z~W)?xE2MsC1^0aby-d97gBIrpXeI&!vOE^aoUAoBe z=e8=cE!0$POPB)!*meoJW@=V|;shCps;uk+Ac- zRpmdB5#s%1khic8{QT|)OHU|CPbV{Ln)Aou;GyY4ueF{KWF?k13lNDO4PEsQ=dI z`G%`ehh;zuwI6$)x+^t~>~%ws9h;rH5~+h2XEs-PPnZY_UrGv0O5($)-`&-A{)?|M z?~2~1DWNsG7%e-YJPVM2F`4QYJ0!{WmB+wc*JEv`$|2NPik&cNV_1dOV$BiQ5*3t4 zXCF>1)}afrI5WDC+(DB>weTbx*1;R1bC?9f!!vi#FUc^~00(<1QTIKnHCaTrF;iVJ z90}@#aR@mhLdf0(DEal}volUp+wtX*yGhU%mZEx(-O0F0X9>vTjw(m*N;A^1P9O{$ z&QpGfjb?UySSgd|VG^MtPUs6mtLb;x2PDD9?$@H_w#mOyY%FR@AFmdoQ2k|VOC6<6 zaFQ3Fx(3~%g$Dcd*X*d9?&v7W$Bzmt84Mw26^ zvpQ`EOL(O^#?%|QrW_tCnLk5E!4SJOGm6qbPv+-C9WhrknpIQ}zkt1aHWh$78FUexGnR*{2U#S+u8vYY9!6 z9b0QQz@||3{<_uG_;iPwLOKq<$cv-PO4xYkW8YQ6IW#(o(I2ab+ zFVHN&V9_0#ibaVb!WNu-frH1F)g1Pd5lLX=Hv0#Ls`p|A2~Snh?-9fc0%k28fh=`N z5Qd-8=E(FZFU(r<=J~*9uw=Wg9+y!=AQTI9*=?XlfYxsw^#Gj^e<&O;;Oa!ufLPt< z!5s&={xg|D)RSlCn<&Z(Nh8rjFpUB3BvJ#cb2b)x@yJwugYmh>qUGBIPi6b!smH46 z^wdbtcSLEhx(s^|)`(dUv}RvLzVJ_>iF$$(3};lH6-8l5Y&sFQ_u8uK-NaEAsHIl* zHgR#wOD~?A<)8vqm-ceU0%WKYTBnJYXwhP?Y^P|R-L)oJf~cfAHVbc=VxK>*Z-s5e zd;A&kX-+Mbg-E?sqQVA3tTmtd80gdaeJ*;c^S?1@;6Rwsc1m1?_R0GP@tjSk7&pIxgwiaIU zRG$SW;azr&O2Wi=WyO<5HumsVR=x#n?pQ6%KZ@18me5k~maIa`m=L5=9ApCf;bsrH zDrzatY;1(X)N#bz3>=XTZ50j0dgWNxp;eofrkcZeXShac4wkhx0pn^Ao8vciz-2 zEJaAD%Pi7Qa4?fd*V+@`9?X2d-CVvsw0VP~Ov$SBKomAICn;9tBR20rm~Gt5O)6EW zdP^1hP9AMdHr?C2dYyfa;axp6w*V*QTI(`jKF5UfH{6#?l>(WQAW_U71cj0f9&Vx^ zZg-z4r*nSYL(H*knPpm_VqlTNeivL@!8F8}UjtH_35%%iDI`w4<)Up1+^39u=(mkm z=hr#><<=Er;G1t-5qtd9q@Jn2K&j)$56t>newGDYVB;^GHnn+{1vz~$>wBn)>$ow{ z=axRW2$!JMeBT5BPu!h(cQ=;gXCnS0Czbs-)KhY;F;HgvTDI_UZ0aLf+K17(8Pe`} zJO)3mE{YC^GaL-bt(J~? zfQSR1Qrkh#8SjOrdwb8MfFztRgAL2I2C+PfQPp{I$<4oMnEVU|#Z6?Soz;I*LE?qu z)uIj_HpJ7(P|)Pc|GA^5PEz>l@i$#5liRAh)2xz>@f4{JGr44(QAg&3s)qA)Dj3b{ zq_|4s9j=7g+w`lj#21LB^NcrA)RLnYDLA^j(x`Y=e-jjDIF}4z(zEKV7mov1Ma_^F6`M}w;JCzc5Ykky*@ z)9H3S)aiudk!W+$u5WocYYJkn)HK18B#w>3%)HW_i9>b94rC?0ka=nEgdoI6^kC4| z=-oo9oU;#0{@6S^;qwAa39V*+?bXlM(O00?t`$5S8*pacVdj2C)wzJ9^7r!<56J{@dreWOqyGW-V*Xr zk9#GWZBWb!`ob{DP6T*kxcp_AG-H^v;A?8>!?ESGQ8^rIEs>ZSFkXKZkG>N(8e;Cj zmj8ZCGEB0jVD6n8l!&IIm4O{fF!=6usoc-PM$7~0gV{Klf`{K||%N6aA-g)4U!1eYWt1iP=(xZoW>=J|#G@xp*!FQyzxd zUU@W@%)|)sL_;6N@>qR0po=v6+KBFt+!Zodgsoe1Y)g!_q#Xv)%BSBu#MZWLK2+hN zJE;53*qb5X?j)u2z;hf#D;~R0Zf7~ktT$2m*I3r38i|TiI3(>+y+&YZrvG8BS>Nu! zhp@-0Y4Q(|f|+Iv+!B+N#+ZWflWTz5OrWP!N5I#o+jTcR0+Fo*)KqT z^pQD=c^$0)beij?W82lsyU}>bJFlO6UvC{+H5LF0v)*}KE`*57#K;9g$L8* z^OL~&!fr1{0bO;XK#|{hb0{^O(x%bVT%!zUghxlGl2yQlNl%6{}N|oPi;j z2Kf=WfPxaYxQ=3B&pQk}AchV{5iK5My{ zmB;N@Uvg!_cWinKa2+-wsTV|pscd?c`ZamoFsr6V{;Qu_H87Nw7`2we+X!oo8d^*p z-Z7J0H$mJfCS5{5?*WRV-@#&IPh+J?s}JzOxY?sOtIGXM!G_)qx`(oWO}tBlqUuS& z*4}8=Y}WZ^B)-AGQYoZ4PI~z`4UwhB^e?`Xm=WRD)Z%0{oa*6wfTo4q(Qm@m$e{z2 zj1lKgfh2(s!4P8qyxGG6&2o&hy}~(A7;N9Lo#PA03GMcCAH^CvJUKUJU>TWjABXho zuq9}|rq5;=jI9g2sujD=iFO(`@k=XV&7duOuIS-W!4Mak*_( zz@^!Ir~-*CDAgz*OQI0Sa&UJYj2L>NH05 z)LJ|UYT?&TJ^;8E8bXp=c1AGS#?v;M=XJ}5H^zHz&H;AeqXR@?b!^7Aw#?~DcJF4) zv#z2Yp)RbgdUwRapqRerXd#nwvG>?6WHh5gUF=wvLp+~GW#FNO7qfeS`ZH!iLXWma zVs>e!RHhe;0wL@+ulSpU+w#Yji@q=)YgYUU5ivaX;w{IgOVbhN)}V5$u&(>05QjSV zE#>Oy5g~s-!)ar{?ezd3Y+dqheTQolj7cU~{`^x|DAO_1NS1{ETdv28PTl&vG)cHs ziKf0k>NIU1YjMzO@lDjY@9VadlcQ8cECY6n4afG|b7(29L;h5vf0p=uG)h;Z^|X(`q#!j+LRK0#O$qN9KnOzV9-*d zDgBU6V92tLcc@`;Mb?X}WN6{L*U}FAYdx>Z{B~q=0**lmD;Sn9jTh3t8uyZ_7f^;% zc2|=O=c7BonDiw$l;v`rcI>_^jaUqE6WHF2#|MOP;|U>Xc$Ii zdbDw&^(wuttZKg#={b2PBL0xexG9B=B~y98Gn;-hUn8QvU>uk9FD?7tr{Gu?*)GJzdGZuuY1ZVg2;*AbF<5J}!z-VOy{PGrqlgBye($j0RT_BI7!vp;s<4H{ z+;SN`3)-8NgXY7L<(i_;+xH}D<3r10LPf7PMsA#|eW33({j80sGo~Q_2KdC1kxrr< zJ}(qSopo!J_9;5jo9q3m?J%4}g-zjCD9gd^x? z^FfB$4)n_5{;+7N9?5qx$&1_ z`O^KJnF-yChvbTF8(V7zO9$0XF#_gd%Wz#x%ffg!UyAZAISJH~PBbH?Mb|m(YmXFX zxi0q-f5FI3T7Y0(fyJdV(C5#L-aD^`rfM)GIFL3$3(y#J>wMiw`=JQ2rLLt`-|kqN zQ9i;bU%*&lp%^$5)?gVsY-`TyTXixRZw6sm#S}(HV~NGlOaiui#=}P!zN{#u?e7fJ z>l5_iiQ71Rgq$eWGrL8PY7g>{`8Fz>52Oho?kLL%e4~>B-%Xp`Y+i#R9V9P1vDT8B z7@~HJ#gymL1OyB!D|#Sz5`%V_;^ID=se0z(2m^l9Md? zQCjgNeZfS_#nqX{8;xFRL(}-90;@IJHZbiJrwQYvty?x@2@!UQKtF%^Njl(gm}9MC ztkP*s&u%Z4N6A#V+@B4WNhhz#uL25EnNgc-P^I*jdkVV_MLVr|rb#fwnaR8eE}-)i z0US(T21w4rtUh5cHDpx2A@b6(NR$$t|ZI+8Cy# z@fw~x&+w@OL06mUekPvZ+*3)kn5W%oH*I~%uWQelsxX5B3aupcLnl94;%k^loEcj? zUS)W+5wX_Gpyam*wCLdO!iSoeY4PXsRSSt%MuYr}Yz437 zQi*OgtsQ=g1%u#(>!i%XA{beE(X?f=%HA&gn06L$w^^R4#&0SKmDRb(EZl% zKDH~qHbiuwX!v=ds3wCM))tS4r4x!*!X-mxc;z94R%ErxjQ_|#{!{%#wu{4ZzzxTY zoDRNj)av5at}#yW8nd20FArb{Ea-j2n@T1r*vtTVs;jqQc}yZIg0rz!)mU2TTH=(1 zA1D1n9i5Cq(eQ!7i~PT&3t;p8HA(98(ed?>Ya3N9;{{z#b1u>vun8o%vUEIF%M3J5`^wc$e5?XvzVo#QIzAqH(o>O(KUae zoFZL3##zf@GJ^Mha0YHGl!?`Lm+OZM!D614SpdE*Tdf0s&c>Ip9EmV8Bk!PPk#6N4 z117Df>hUsE^ZHLTTo667(?at#gw8@g)%Unq4%I!?N!MN#*enW}OXo6;BOE4x)K&9d zi`%k=jD7EmSFqbJl-wQ#Z$rP&eR8cczF!tBJ4T4 z{8TStQx{oy++-+x*Iso7Y*+6|W0x+vp?o`$Lnx9#FPdYe zLSjVh)05y6FqBW{31^lvLo!lbX#N=Fu)+(Sj00(cxPj=GUAaRFj~J{k2bGLjR=4pL zzLQM$VKs#7{n+*T1Ak|B?Gagqk3QK3lsP@&k6xO>wWixEl>RNcy zw*-XZq*OdOVy=`ptBwhF3Gzr@x=!syA?O>8`=IMdFl}a$V*z*zNtQO9Mr^}tj;xpQ zow$tFoOI61)DgM13m~PN@K%ZSA-U2tCtI?g$6|otnsC}VO>9k`J(4YObjo?8o0cZq z{A;9M03-FnawfORtYAHbj)t9*qI^nTp^Gk(K&_xJ z9g?KUOm*EgXXq82ZWpY$@mL&4t(;9yks^$3XubIi*!40Dg(h|$PwLKIB=!J9hmv%1 zW)aqdMds5<$CG2+4&CIE0Rhn>lRme?5+Cibvr7&==q%#f@GtJ%ObXSH$>B&)3t7Q< zOC1VzxH;jjT+@4MMOJM@*3QQ&N_5n25}>cQ#QgCrJLb3{fr<@!ZSTK1u-|jW*5aDK zEAPktC?3{XgeZReNg@(+=h6m(^e`08)BJ?qxAE}uhgwkNlwE+~vzt$A`Eh4X9l~=E z2g96&-eitEn$+MZpWV#q6_PGUqL{0`Sr^)Q)Jtfr*JTgkyNKiW>)ym~bb~~v8&9E+YLHC4Sode>)Twj!)yA6_oN-|Vjkl2LbN7bnn zSX!HgQNAufudB$LSOGcI$~l47&7 z&7cW255;5gI=9 z-Xz`Q>b^kk_lFnsuWj53n;78vSIw-s{*!0ICH6(=e@F-$vg%(yk;W?=IKBmg!y8{~VbYnH5ZXIh*!hIvk7Y7H_4EfSsB~2=F|@ zr&G_=zky)4S@xJZF>>tdx#5&e0N~jE@{Z``*beY0l>AzTiB3o#QmY0)NGKyr7OEPy z`CVmuE-Aj^{q_?uP39Yt-k z@5KRq827TN-*N9qXS5NSbC42sF!RF-3*k~}tX=!vr2Brn;LzMcv2?fm9B8kF`0q`z=*AsAbipuLTg5QzXg+LHj@IvG z(!@2%3^<>&uHYg|Bv)SWAt9(r1sYBp*sX2^H=4BoZqAYaQUnf&I!a50H)CLzhQ0|~QygH@bKZ(%$|;_W%o)nZRkQ?rvS4L7^0evQ z;oZq1O$ATZ(a%Xad7osz_e@^K?rLACrE%g*W=woJY_{f}=0lT-(fsF{+}Y4hH(AH4l5z;6#*v<+Ws#k? z|C~1Dcf0vfzik}X6N`fNk9sMyF5DeM_F#dpDcu9{`flGYS5Cxz&$EP_5wiVGmT==~ zXU>1lnD$E+sbnUBs~V7?B|U;~%Vxo_PZQCV5P^d_A|-vxb12ssqiE|dI{Z;mt3nVj*^liFJV^SY}6jdbH8NCtDCfPZ`EP|#!HgaC zj3aH_G+(h}OHblZY(4d5xf%!{BwXs@m#G8ZCU1SSSS(08W`KOvDz3igWi;Oh<;Xd# zw2|-7^LFjwzIjk!MxQN4PD>HIqj_3kyfaoV9Ri(0?-5_JxcXM zA~?38Cq+QO;42~dt+cVzGlu%MXX;<<1lR4e9r6)L?YL4iSt>D z)B;3laCxa2`~zP4;G;p$5jXunL0l(6l2vuh&lyc!ujs7UQB6U&Kk1AW7WwjO0M^GR zDN+Tq{I(M-Kx$WYF9UaRb+*ml*RD@VQGHyOS-0kN+R$+m<7?=|mEUMO&AR{(`9EI3 z019B!bAn@4=9a_i3C5Bjw%P*<62Q|<>zNvHap3u@JvS&GD=bvyyH!VK+s3P-IDW{} z6^_?!-FA%*`Tg==aEUb#EaeiIpV-&P-*^ipMB~K2LE(bP!Ow;T`$hS|KM>$$v)+5# z`H5lr(}pioZ(a(Yvc29XK!Z5<&XIZ9+69QKXl zuDAG)N?qiHEIQvjAaKa`eH((_D^0nO_Y&Fa*{RU*y$y753D0^ck@X*O=OvPo1xbbP zM?t%)jnVxWTwPHxd{5zFqByPN zp+xAIS=tsf175$)#jeYZ#jZs24kmAt9&{AiqZtDSe;`^6jArlzs}p`Y${Kv8+y+>I zA@c*PQKww3XIh*`z?g$Ux`NtW)e%c^DVsc6>TIg%5l>hUM0%`dm+5D)M<1hurr%Qj zU8n$XU+4fu+^0`Uv_J7&vupHrn(l|jm@RIX$}d(z=|rYnVvu$(F8?P4vJsP}o)RM$M7evs?t zktoHcvtZUN68x#8zAJNq^}UcOlCa z@Vo#ROMC&Ncd*aoSmA<2c><`9ODj^S_O_KpW|cP?tM6~lk$Y@EJ0_ThQ}L-IgqEU0 z5L+j*S~`5&@P)cBK00E=GYt>R0utr#kr9g4B-YJ;w-m6$WOQ5t^@tA%`sw!E`hp~n z7MAY>Z}Gq(*V#~?IAg@M4%dO*BcD%NAyn{g2MhI8KMeZ=5;qi^>T66VCj) zklO=jN(_aa;orXJ-;H|j31BE6>*BvFZ~h*hzPP_o#`5&m=gdzI3lK6Oy9Y`M<>M*8 zq_+QejDaC*2<)@VeX(Rb?#FArh%c(;{wF%?5RiWF%bt%LSnOou?gsYRE4evrr>dFO z=zZ10OX;(d>wDPhxzytQf;ct@(0sX-7LNDL3_<;(4-n={9mpy48(lVm-A%yv{5w#W zn|n2>E_u6?A8+Ed8VX3ZXEOn{B*QzRS_J2z9RQX{<1!5ZsvvRSs(9W4?bnRVI$=6U z2aMcq1Qw;P$^cAw{JJdhwfdPD0GDVy0P)*(d*sJ_9b5a)N8~~Y^R^3cXz>4<2m z^$|cu_ya2#?Tvcn z`p%a}s}QxP$P3rzqdP2}#+~`^?c4;#I3M}pcF6&%87+vSweTx@P^8RCj_<)-I|%mC zYWRdK>rf2Yi*&=|V74as=7Ua5;7d+9q!4I+C^}K$LaBqbjpxO|H${vWZLa(7k4!d7 zBha-GNMw0lQ4DJm_$XK_r{ka38e!OZ8_7}!2ZulWF;SvKq=AARSMsb#Ez5c4A6?P@ zmE~Y)(bK{v(9Whxo|TiYVr~$(^mLPS1Of_fI$=$edLDfX?=4UpX<#ZyEBq2Nu91hI zW~MJPX-4?bp2;X~vPiv~Q0I(dn|=u^Ud}`gk*-x1!9ofy9E>`;u}!!lx8gzlB+?_D z{dtnX_RCJqDlzgkwI1-O1;}rkagAg`xI;-lQ6}LXm3wp(BdCw`247wNqTwk zigXj)qp^ejSOAR;XRzy^ux8fj{~gv4VE>=M8b?(v=9<_o*7I#x`B`3>Lujj7?1@j> zh+Om~F;Ff&EKqPwSK%(jn!VX&DTwY6C^*49Mmu;u5aMUp^#UUKvSN}z)?5JC4X zCUqMi$9q&!FgI4efuS2rS@b^A7$0P`bb$Q(8M9ng{e*6aBP-j~Yrw^#764TFxc5Kx z{&S(lFx<+IvR8LYravjBphk5lv-Gv<7dbX-ZPZ`24TWgz(tDvF^(j z6AXa?eYe$(z|%D2>=X>k%6haG?-rErssb4Eb-4+ndUcLJmlT-EzK!%I@y`U`GZg>c zMu^1`{G+XU4ljj#_|w7btD2|t+yq@64js#JJ>T70fCSaA-=^P!=_>Cl7SAy1cu8>WKCLIHsY1#$^g9v^4en8cCHZ2OrwtV5C(NI6#so zSwn>AkKr9+lg?M+dzSQOsS~1!Fi}^8hCvQb8_!d}ABJn-J5&x7(WBRkDXJ{8Eat|G zpX)R1297b6v1YUm$Ts0E3s1g)pI1{P zqet1QT5xxPKp}9onl&{s#u_6n$I;S%U-<`rDXVq|plmRtMmD2(agS0M~WW59CNj>5wv3+qr*%GX#><`i44tHb?$m z{2?w9Mcj2dEAcqyh>R+6#mLR8HJDTQd>c1Y*w@ZdphKd_0xD7nsY!UP`WYvYC`e9a zxDTkG(Xr5f#xX2*LGN#q^fUPjzuAy8Z=~6%a$N0|Rn2>Z=&qRz6J;EY4y;q>M1+c& z418EKW6%T6D`3~x7@uw|Qf$y*->BiR_0SL$Xy12i{voJ#o+C6lJmB+}QRZJMjMDvv zVsK%}F}|e2$P0E>W6h+dI7g2lM|wl5`6W(=Aod%9L8O$N_Ewo&Zji$l>J7c#oVZUf zzwDJqaVEQ~7y1;G_w(R}k3DyBTRL(#3QWnU_*^FyNCuXYDo3DuM)&1>b2!}B4L6>n^f5(0_ZrzKVK4<~2SbMf_TDStzz`Oq%e#yAQAsv3 z)))G+j`Bk%#3e$xzPZ^?NbM$;n?kqTOgH*CF-ey7O=Lr)HrMk)+(JyWF|{OSFuFdXoA2} z7-{SCIKEL91*8F%D;MTkO&&&pXT2_|7??q|+^pYz;^0IKW>RTNJ&xKS7z2=dO&riW~Q8GHWf zLXalyy>2-8m|Bw7Bxp;1J9IHS8AU`UW+oN-wjZ{w7htH!!B6+!jSlL@WWKuy8 zTBC@xDR^Y*B~B)9mk)T71eumf2}oAXbzglM95B5)SRox zazAH~1Tquub350|C-I0?XM%val99TPMF50w|iFb2N_zz??x#%RFTBXT8Xt5M0 z?g*Unp(B^IOHB#BM{4LbAI|MN@BalO89CGg!FOjx%o`)BFG3@zvAcUA}3K-R}1G1Ae7VLwr;g>D1PO4qmDzb zd!-JZQq;r#aH%zyTW7hPxcgqHBj*aO-G=xN_o6xMv!{8s_drJGlav#BT$ply45si+ z%rA!!>2dg_&KeWUpmaIK#o8aA0foIdgWGOF9Ln=)6R*q+QL!DRQMs43Vi)carzas^ z03cI%M0Svhl#*w`JcZ<)+wyozB2I2=%FmfrCQ5?f*cVEJ}Z&&7%50-|Amz zb4736OE!B%=m`0jiUwLsUI{wg7v{RqV9^`g|DuEwfOKEx-v)7{xOoccfdtg0o=L^z z1tT%;n5|(mJk3LbLvD@xLgAbT$YL}ZDIepQNPOd*#vYujQhRATcVAkEBb3p(+X8DW zyBbaY9UNb>5JCmFGFg2uEAC61Hla7(Bd&oN(pDA77s^&)t~8z+;l*~yWg3+6|D}+rvZN;RbtV5i7c*;Ru z@@WVEIkNw{hlM;)1u|O$VfcG0{chI(Re<={kyi1>cK!~#Umh=i{^<`r?l04;I-0Gi2IX-)LH;3w7voN4M5&)}P06GpO zl~XTw!j~HjENE;W55Kb|3qCLvRaJQ>=m1cOfG2qya5Cr3^zbYL*5!QpcwOppqed5i z*fj1Xw#%^q&}TNk4KAsiPhsx%aX%Fn&q3#3h;$z~x~XLRFPZF7f1&ET`!frM!1svx z|6C}0Qe}=SCFFYkeQwA2EE@S`y!v-L>!|r>f4}D-9%}AKb}A^AE1BCP-k$>2TzWd= zzZ;M`J*^J%ylfDu<5cOo-IM+_T|+fv4xBy(9H`X>V3xNmyE8hm^0}rDi?`p>c7!bd z3xgKJFV9pO8#ZQpexL0WpJ0`< z^@H|HaY-|Qo0qtVmXgqXboLJ~@V)qA3{QIS)K`)*G`RS65X5miR+%^htw(N$e8L}|8lRBK~DiXV>2MKnK8%g^7M+M+w(O;k4U&IYBYBHO5>9VBnLki0_z5Nwr?e3 zG&pj&nSeWXJ4x2$z61Wk{@46yyJ`%_xdlZy@VjUmf9YlBH|Ia1ITP%Y$Ov;W@21{X zjjwljH~zT{uNBP5Pk66i`Sa8#1pv-vuKeWANT-8|{HB213ySqcWq`Rf0JEc1W z1mQ>sNVg!32uLa|ARyf!C5?c9h@=9F`s{{S%q?AEW|K1o)Y#kfs2@+|__aJ+WaAI_fAc#_AB3@M0oo>t?#i zd$A$uE|#t1OYLsOj&gFheAMm4$OE7i8+#0En(f%* zp~M|&TC<+mff|o>IODneYt=wwRz(7ck(b-tFVORt7~gAL$-OI%FHAqbd$oZNMN`Yq ztHr#3xc~0uR(CYPl-6pBaNK!y(EWDrT!u=n=#UZy`#QI!7N6WS!qOO~#UdZe0D;+$ z=|ILFaXcsew!Q`Th=|rTBm5wem^Z86(WAuM{?N)JJn?)DCnQr1Nd8Q_RQ<{0D!xPL zex`~JJ-3NPTQ~?I&FU>0f7hU8B64EbQ=yzv`ND&?vBs8guwL-OWcBv59o>Zxd9~z;f84L4tQ$2b43NaRj;a?9}#ZJF~6?aWz`+b>8*#AOnEEc zmru`PgU&Aej|NzZ^f^%6aGs)zLa;^W7N;AU8f>?D!%p`C4iOM+UDbrrV`ZBgsu&6Z z)2y8j4_$WNEY=?%aIy78JLSGjpR*Mo?}J&$viAIVK>Y&-UI!>yfik!&f{ifQ7)=6@ zH3|H+nNMG6gc}!Ju!V#kKu}Ze|2)nk5NGmNA`ualVpsa;h~!^jXi9YI3;KQUn?Kn3 zb6@FAs(ZldRrxiE`|y1@fu^X-@c0w7w?uJ^KTxY|%}~uc$Yi&W&i6f9_VlHh+%cPpBOmCY*Qf6&xz>7C;%*LmwjA z|Kb;=^5Db$@sZc3r$5av1OsHul;|8EsTD$`TchK~^l9#Z&>n4u(D-f(5F+=v zuF`fJ?PgC?&AuGrElYtnj>8FE+N@JE`9tQ(1glWo<7c3=NW{RPhMQPHj~|g47yHvD zK|)_ebX90eTaFX|u`=6xF?;LvWn+}=SlW=o_X?5>A?%vjFK zeh;I$2zB7@>@1B?=WG&GHJrR%M--zM+X}kTH;>=h=RG|>&*iSiWxIyxc$vq6fX$fT zC!o1aT~AshAX+idi< zrTzixtB|v`hwtXn4$zgyQ|6>w#U??Od}fKZZSS08j`!bZgf5y?h% zg=kqFh2JB9sKonRPnOl5b%i^+Vu+C+v}YKM_}gtJJ&3VgV=dNWTnkIOnY?=ra(_6e z)YlCs50h-sT^|j-!VW%5dHrp=`sjnPvoKhm3L4B?_UmQxb-W5mI6cJ($mnpT7ZX|G z8Z~wL`B@sYZjotjNSOUDpxIvcuoL5(I^VkCi1n*SuMVFsVGzB(f8BD%iY|c`KS`u? zkZdhh)rr(z^i;sekTu=qQ5Mxk(WYm5lcpL%SzBz*>{XT>korGB(L=>>qgG>g0Ar*F zh4$W)*j?qe_@dhH6AjuI$E-^k?nB=u)wn&GH*YZ-Fs_8=*I*>I#=T4XR#It2wXD0Y z(T)7P)rq+j>gw~F@iCKYU!p zbXapp8V$>utK=F_lK*^UoyR|;@rz0bhE(%AHR1EXkH8iG)X0KG5x1~E-*APGGKx`E*`G#1XWJ86Hq0=J! z$e_vf)W@MsD6R|GRR}_QgxAx&OsSviiv0Y!^6R_Vf-C2^Z{!sDH<)%f=LQ=M(uvRX zOw+8n$UI~+ot~|Q1P_`CcaC>cKgnJ1zPv(ol$}R$T}0*>gT#t86m3T~O-ulEWZmSH z8@|?6Mq*owfA+7kzEYN>STP__B)$9JvK+P;v<|ayC2mm_r#@8e^_m@5bn%mRM82PN zoW&d8ek%1iLx~uO!?4I>NM+6xTuCy0_GIyC8S&gbkBeMA!c%lZRs~`E77dS>yPO)c z!rWv17vTM$Q!ErSdD_ikhs^3)%tv18SU3*5$z*AivzZhDXkj9^MbIPWzeyri%S3D- z#P)s|RIzW#U`V0=N;8l!m%e>j#Gk>+{v)FG+h~~$jr^KjnTa$(2Qmu{h03??FM9S- zUA*+xkayNxV0Y&r{vs35b>Kor63e2))c;^4sc7RGporGYm#W3|qAWyz185SeHO%|! zx8KEcR|a6Q)yXs{!~`EOZ9aThu1k`#?_xswg>RmE?L{G71j}UALk6=4wwX#M%^b2y z*58TPLwnmvFE2wE(9e?x0`pu#`BZ)Df&E-M`$3Nso-)PDrNT2Tjk0nfLrHI;Ub@!LJ?7keIFuZ2~;V9n`0O){!1`xj`FL7e^VdE9~GBqCCF8 z8@ieGp&^dGlkM^ILLNP~JNWuPeJ;*CM=go63%U^#HK`-5Omz36QnN6Sp9>FfqehbWh>9L6ay!GW#ppJ4jQ=2B#%=1MeAmQ za|>wg&77uRM7ak)Y6tbQ;VEQ|57>jJ$KJ(KoBgANN0cS56T znJmPRp55&l323S*_Ia+TMI;+8rmc_f+RQne%G=I^S<6UZS&N>o%e*6YLPwFXKeU7rg zVD4L24m-tNPM!i~C5||OF)?vU^n3F~hNL``w6q2J<+T)Ox zd)!05FN{hjDY-Hwb~5c$vaN`HvYc$jFjebAYp?TrX|4AZTRC-(wri5^=L2M0)R~%7 z86@`s*6>{-ne?V7pJJDHE&Qk=U}v1$VEB=yUcvgsCSKu_%X6m4F!6C9kKmUh&h=i` zsEr9nd%_*Rifw&jLL*4Hvq3$8h{bewMmdr<={?=;fcAPU+k>eXo(+cs;mNubz1~qZR|VjkTYpK!qwBG9z2v7d^!yZJ7D;>Y57U6SQRW z-2=#&;;>?dKa6A#++L-60gaU*2Tg@YMt!TL1AOv`{>>%#5{-E8NImKUyZjy7qd{k1hP)EZVHc1RryuetHycJC^KWfW6tQSL@!u|Z zI9RRozj|d{NXw^zm}e~@*%!S6__NPIo-+y#HKk08(#9 ze*3ad-v6sF9^8+g*z<^lggperUw;NDC;YK8U`n`JRe8}E5yIcVM7cnZ%l8H_9e*s$ zalI$$*UC~xAfyl&80r8)!J9{3fX;W zeO2Kb;9cIxnb$i_3qB~T&n6(~2jZ2kA~Dc613U;%vM*&*z~Se>2dzz#z8?u+q8=-% z-fzCcl19Z%CtVtUhV)KR%FEFbh<$SdHN2(@Oo#YZQ=~PTXp>i z3b-Hr3<>hV=ub?<4@@(W@HT>ByCh>M?YKVO)+?bbbtXA05G6c8N&VBry{-Q4{xWHE zgC5V3%&jGwGI4o++OjY09t$t+aoRZ8WNSfr4J6A7yR9p*Vu5v;EZ1riV7Qyh!0?>x z@=L$9fS=}v$Q#O10b@Qx&l`~wrsbK^@FZQr+7Iely_B3oB>2lAq@H(Blg4}5Zfd(k zd~ehd5sJ*U@7J0+B%7AezV>h+CrR(M#wLlXw5cp#JmbTvjrsxdkk=%f7Ss}BUtk{^ zSW|-Lw{o&+gvo=q_)yGvttQYxU3^$J&06K|gsn+xPyO2Aq_<)mboXrSQQYK{aK%D? z2F+?L0S-t7xhvG}Q%$j#)f#KJ9uNmdOCu}o`-|Zae=GZvX`pWS!gc@%JwZbR>dDwq z+JjkUlEB;;Fqq1AaSUwlr9R=f)b=I7&Kgfu=XmWsw;V}+Q+rur zD*Hmlf2SMa-Z1JAtdKn8cn3eBI@g;tXw{ujwLXD~YWA6-ku~CM*Wy>p^ZHgIO{(w# zpx+*1iq&OOcx_9lW6}uRZOZ;~%!;oQ?H_i^P9JR!G4%U>n&X8lOzEF}fQ0e;?44Az4askT50++SYo0nsf6pvJ`o9~H6IfOs^c5yuRObX9!)l8z9g6(0e zTTylEk!poQhY<0?@l)>afhP#XZX`9$h>dsnahMtH!c&?-;n`A@xbgi_#R{_MbF~nFcg@I4K;`(gLkt+Fb{qgB`m?D^Ma_Y35baLD!7HN>!)HFU@!i@)O!9$ znc}E*l@f*hr1>9!Xx)-fskU-&-b|mNelNaNZNKgt+)dtf6VzDh@Db-sz7&=6>Ve_Q zB(%P-a19mT>pxejprK>_9SJ&gT+b3wlt>=;0O^OQD2{%33$TG&Y>qswH2-cF7Whpg z)TGJPC>bv!v9YK^C##6(oYUrW|;az)jUa zB&}(0Xof^CAWHt`Ek+`;*>)(?PXX|xjxI4$M1&HiDUnwD#HJQb`hr_+)4b+fQF0D0 zv67AS^vxu+AfVF7?89f2goTgkh#zq#aKFCrqNk{Ky|z$EzlJqMb)JTyQ2U2QFs6+l zSf7jD=Vn8!MERa3z;hP_J>*oA$0-i&eZolm>9+<**12DAXnxjsbN3&!^mdE6BIqz) z^d+h0=~nHDqHlJ8<2qm3zu&koswdKkRtXBm_O1#xDYot!uZA*>Doqj(gFB>g%8a*#%&i&!;=?M4>r|zTKDp zoQf;jm_-+pj#i=YK4s+*ur@lFg!FWUYa~I)L@zA_Lx`^P+a9!-QI!yHW>2$a|elMJX zp`!NAHCPo2L5}LUJ4yV^HLh1Ps)f|-l&PnhmW^RK{zD(|Pc*tMk#i}TTQdyQU^$i3 zWoZ<~ftHyfu9sSiP*!8M#aw}f%i-L&$h=CcB62$#sJ#6vzXD?6s5LId_TbHqkw=4< zDIhOw(JZVJOv1?oXR^CLH;cpo5D_IP5B$Bv%DV$efq06{3+VOrd(0q@dbMSA8oov9 z;ef8txM0-3@CMi@<-cDdSMannzRYXU9 z2oxkw$ws$}W~3EY`qUz>z5<#3kd_TQb=$Y~w-9c^&rH;?M)S9|9+Q+^rGa42s(KJY z@X%1^nb~yL8nXuol9}vG60#-x+`jPdIVZD(0J6A!G~_(|Fd3n+Xp2uJCk(r)rDlNu z3<233maV*M+qWko`?q=0VUu_tkPC%z;TlwfT|+`Q*9qXtL~G>01!Ox zvVY15;xHEg*s~ABjNkM>uzYQ-odAi9?Eqb}KadpW9AlaM$16s+Te5UT^#m@IB0Wg> zN8ExcL*U~w}J9y{C=dvgfMTG-JxZ>k3v|W%DQ-;Btedl#cv-44_Hnw*J@Z;pU9@z%Y_q zqZrI1;CQFY^$0qJToZwKTDmyl3`w(~spy8L{P zF)#=i!V@n* zrUp&GMpEgn%(H&WvFwte3&F;{@dCMk6*&q63Ba3i60K>Di63LCedEO^ACvsH_V0qP%Y9C- zFWYs~I)D}t3hR@&J!%$5mveo>$X*MEHZX<~D10ihrocGkXrN1g$qr=@#L0h8WUzMP zD6N_yMqndU8}a?T!@9ONZ-f+?3@0N2B9kjKjBm={nCNiTlOgQv1S>fXlc?DBcKxLY z)_;!-1s*BLYdHh}aKW9Jre1*Ey!J#6@T~oRe3?CGWT7vY?M6V4SN#&>b3;^)#Z&vVdd|s1(x{d*aiGCx%lnT zYW~y1Ce|Cr{z}R(sL=SplYDW09Mq@Vz7ljik~8v%Ff9sKVK+irwHy7OYEf{v$z73D z8cBpjX5Ob9?@a0g1K-{frn~G=lqC!iID$+sl{WxITBv1T)h>aYqELKTf%JK;4z$11 z?5GABw=_3=mCoCOyiLam z#B!1XO?5Tw_TzFvbXe0V#tWYL9%64}<-fC0Sp~_^j9--mDo+&ye#(~$Y-%31Ij7c~ z`c4041pZpY)FH5p3-Mj}*&H3bG*=^r@3fjD(vkcd3{!jdj4?3f+1 zcxHym{I++t*DA$mQfbH$7JI0iW~M$e2O7T=Z~yl3xv?tY^_>Da6&60ePhEA7aBgU5 zzYRoXJW&ZC=q7w0yyINmrcW|b*|;7CWsYUT!I>XoZmDo&n0e z*$H&Kf^@Vq2@}MJikz2khY~w=x z1zmPW8O+$at+5q9J3zCs&Fe2 zdfGNlqCcbi)tVLDKYh0~|Fs*9S_95;9rk&_>DFXHDm&VqYC`Ss)q=5K4Xz$Ym`1)8 zCxe~sMp6W@HzQKk4%>ogub>7q%gN~#WrT3X_ifJi>#*WIynuRXgHQa|#c^FWiqSVQ zS)k!n*&a)g$B%1ClR1($`Dh?JQt4&w$vj@9r;l1vZRZ-k?*k$6D zogAiY2{aNAN+YD1Ie%)AMF-Q-(ec{USPC9h>}OLoy@N2X^qt2H zK@1x9@m!S?2NX{LOZVKXWlf>uz}UJ#G)g7i>qYOp0;b!Y0>| zhcS#flE(PLhK2=922Z5!Ux?%-sZ3a*5U9$oE^HAAcq$x~qRT*uIP~iVbw#zxI?0%X z*dzGAOMX1FN!<#SW^_1E*@j3t=^ig&KnY`r_{d0FBO2I*JRqoUUe7FrPJOw1`3IsY z8kR$m`2q_*{u4J0yJVaQW=DMFK47fP1Vo2jSz`Q^1Kjxa0`E5(+Lq3@GFL>2%NBNL zPVB@m1ieA=s{r{AG58HsApv9?)-|33AkYKU3Eg*Rt4@QT=w5C8|G`(%xZ84^MLHVE zdWS&lLOuN+4?Fii(A+F1w7rtoN&#*9tTeS2h&d3+WZSe;f;MoBh|ZU165<-C@jT;7ahR>tYkH``*Xt=OkRF zBEY*3>?K)7&`}Wl=(z_BI@yk;_olPm+uyAv0|IkaZ;t!?kMio**?Iy{X65XPd#u6$ zW9SnG_6>d3nQE?5B?KFF%lSG-02E#WfYq#2==eDw7LowyRwA{(;|Uh|#33KRcQ{Tm z3dEjBOOJtoZ)$6CorLs7Bfdc&SH3<2)99&0G9f<%O@|92PA2|F`wvl~4I35+Oo3EG80BLQmj| z=M#8%0Rr|nAVaApmilpWJO4l~sAhb1q1b%G0{J0fhM7kGokQTE+_?j0f)O`AdNR1f6Fn#r=8or9C1I z;Vj&m)*`3+Ox&88+FxQa26;*5f#N`9AS<3xMLk>u$q^L>g_Wa}^-yv0lq@PL*ZI@y z5|O8G3WlL7h_k~|7>n~1C|WUW^K@zphW_gwBKTt=t2-ya$Aom9KXiUEXz_zj=t`O(eA<$9XA~Dk>y9|C2ZX zFB#yjB3D^?97q5}QF@*wT%I%GELZ}!Oh6fYQ8wuV;CSWa>3F282xbA4q{fOdZ!=(L zb8+yHSw;PU(+PsuK-<`g!7Nf~E2IVAvYq!G`*ZOYb3Hs-c5Tn^mu8$~7{*_}$8`>B zqV54OWP)jckYLBMH{t$CkyaWB+WW4i;yrIR$45 zCUFxo>=a%4aqj+rX)*^u;9KkGrawWEf7Y5>MlG@QPMlMiz=UAkj1}ee#5xl-(m8uc zAH{2!?#V493gLhw?{4m)D!=|SspDaOqDH78TD35q+M|x&@~6LH{YeMLBxA>;8Bp{X zxY)c4c&--4_?h6{yn|&@NO6`8!1U%7u0eY#nv#!aeyxw;+RTH!&BoQ76*>wjlt$zW zu1E{hpl7JyTEmk^SL6$Qs8ei%D}iQ_qsc68p&U{AD$p7b$)=fC%sP*Z{+M-+>}hdg zcy_j=e%;iJ^xd7AK#CvbO-c$hwlZfWHt1ofN`8Qsq<_rUnsa46W)=Yqr{bUyZGNbx zhP9B&P?YvToTJnkDHXBuUx7O)`;FwQVH(#x&d-0~+}U#+)lpUH_*WW3V{ zHLOVNyIByURCR+XCF5;EWS5XB$vk>a1$#n6VS|)XD(Ob!ebWaoyB9PrYXcxnMJAIx zA9V_7w_#sdAF*H4?yuD1bSLEIApRvMrkF_QY&uzABNk)!64G?5ORkDS)q$z^hcab~ z56e+B@B+C}EB$fsun;x!uTAyGy-(SHQsy$O%SY+L_h1gJ%jdD5%Ega&VFjWJ+TGjo zHtS@hO14gxdpP$G5Uum4c;k%w<(2>K-?>a+lw3J}8XkMCB}2*$1MIdmQX^&VA)u?p zw2~{8?>M8k>La~q&rI0DZ0ut4Het13x)I2>uS~s{jGBrwmw-nT1kip=uj+Z)2 zqNT;~(yPSnt@sJOWOj1H*)pBLfHyuoy~sHM+kXWx^yfYIbobkHY&KlB_`gb;K$S2S z*x{Q83U)h_nSROs+x&@Z>Q4hhRP5>Pzr*qkBYx*HRJvM;!I`HY^53ZP4EDJNcwu&*mOC5=Ss5$u<%vBo{qL!0AubrJ`6|8wc@FWmnuHD89pU>yjMx4Nn$2uv)NSAO^q@{RzgSU^|ma2B}tsAb@J?YqQe#aP%YYz z>$aYC8NC0p^^EhRC-Lze^>+btG&C)Vfl5PR0g2g+>L;VL@}<>hVHK4HaAiYcb0Bgz z*YB8CEu=FT=)MZ1a3GB2MOi!JX(lIiT9^Z>z6t(J6xI0>j6CF!Bl4EusXY4f9Z$ly zBA1FFqaBzcsB#9@E!g1beKvX1HBVWb#u_>R8dBp8HwFWAM^`|z^U2N=f{FRJ4TB3Y z3c*^`$>QzG_Ui@4XfG_ib=kjM#gQG|EZ~ZFCis`nOb92_9<3ZQI(NrY>%zt5pe|e~ z&)B3crVT8xBtF^1l>10>Uy#|}K5sc=L2#@;2i%2Xm}GD)5i2l}`;aDJ$rKskt2QT@ zHAj@o@-mY39Ryg@^lgtSR~akN5$kFXdsrQqk33l|NBVH8EmxFonG*Z;UR6x^n ztB(ceP0bB-oSuPX5DS$Qk4GUjahVP=*D`lwroD$DqJ=TZb?YkfhDJ-Tioq=9mMBv1 z#9XZU6V_9QDOC?Bl@&hRm3lpOK8)eCQF*{1xq?djv-|V2vM6S3L>011ZnS`$%=-}x zZ@3~|9KtgG?YgQZnwao#<1(l+CpFO%oZ2eIhCJci|X)H(c#)KA*CgO^X)>h`j+b$z*j&*YFWE$KA}NEM{dlnRxKwKad{Z z5Z~%eHB{)5$OSSRI%(AWFUXASN?1AKWg*)3;1dyU2ZT?B%n`B%ME&y7DN;h!`AUF<0)NUt36DUQht{_mFn zy^wr|VPwjGrCrF-gS3l8MKzNv!0E5A=1E_pyt)+pb*cYfq&zi(3LPV1WPzOOR#Q#Nl;4C%iu52OSn$(qV6SnfRZdVGz%uUm+57#$$1GCvk1--o=Cc zAKTRp%X`|u!^MM#3Oq)89Z*E^2mbPZ)HmV*=0S%FKSl9kLBs^kn^-VZKm&5G?%L&+ zQv`7w3|__HqL?jn9T_K&ft3YlfW81dz(Ldw>w*mS*;_STD+$v63mjI0}c~)npN(#Vu^A5E`r%dJ6Jso7_4V{ z<~;Eyuf%UK(+o5PC7pvmhdtEEoSrPrASbl-jrwf5^CP02w9Rc-%|dbgSxqnx-1KCM zIAC>mwt8ReHW9elu4o`W#|HGt8T|xD_2+p zcwU?xo^-3>FyTvs>EJ3YxbUgKf$j{L#{f;E3mu~XrHtb(imv8{k!<0JYy8p3{IbLN}WZRiVD?6WEmU5rsRHd0@W6n)Xc7 z&1((p4j#O1bMAG3iA&yGjI(TanDou8oVNOIFwvn@n;_o0;HSFDz1&xF+*(_Vi4wvz zo@jn&W>TLIzX@^%r#z`&QKi`j?vcUe7+)Ypmse2fk=5k(_3Ntr^`$ywX*#zmA!}SZ zRpL!z2&1bS^Vd z)h7FqETSyX=P)s1e)~vMP<5tUA3;t%R2|ZKTDwx@Q>=tFRvSeEqmspE9*B3%H3PS6K70RNKK0cv z#$<&S8Y-ULSa!vqiduQgiCIR0C!MRu&M9y28z}mb-4QOUvBG6Vc~ayv{O&FKdWf2b zFS)}pcxf$LQ9VfB`lvRL55yXSdt~GlyBS$soAm+c!?}6Y$*z8jsWZf>n-2l2nj_@v z%eGrHvjJpbWYd0n zV7}!^MhD=nw9a4>m6!A28v*tAb+%v9>HFuquNRbD%dc)@9pkvAR73e&3~f(ZgU-F| zxoVN%c8875Zlxn*y{C7|{)+9nW8cg>roz{vz01KNUntpw{0JR=A)1Xa~8k6~xuM%t%`LS22Im2+(c*&GFF((qKW@mnlTaRGfk{!rj^@D-d^{k zGU0pbr#1ZcXM1q$W~A?v8l3S-?;^PHkuT5*HiYvy*m~8{u#Y_^B#ZW!|7O2d#LQhH zhm?1cx-IcxvMFq*>r#x8Q12gpLYO0Vu(2g3}u?umd7 z0PmyLVkutK`+Fp%cO^Lt3h?Tl=HVq9-Z4ke1lTM` zAIz`!$-h^Y)2FKd2oCVg)bzq5Z%7ouQ)pMeG0QTL3VsWddlOuU0 zb8WE31BF!e_4erHFD+frVof-0fHVZ8j!A&WRt`r(;Eow}hGJjE-AmnI{yqfs$|e0C z-lFLKYW5oaDq0*5mClebIwyJs#M3d$|A?nu#?4zc{y?vDmU$rISb9``4MXf0SC#xH(i?UFvaAERwQ0ciE)yu;<0b+M z{<*3kLbWs}qca)zJ&8PTjpIb2LYrY^IWM-YZ^e(Zd$$Cr+MB?C@9(5--~hbGRvxNf*h4&e_@5oy@aPP% z>pe8qEK#DYPZxGyro`C-T^g8Y63EF%P@YdBK@77<^iqcPkK3<2P?;jIR*R2dj>UlP z+o+X6%5D)M5O(;bJO)mxDVjVVk`XF(7>!YP@6_%7JCI|Uq4p^nq~a>=X`>Enc;8=&v>B7hMX%9szm0LLI}9eZH%@l=6pDUH1`)BSNb^kxXyQs{MIU zKWom>YziP6K-{%jg?q9!#jO@&i7=6JPPYfgW7@PPC)<=@5RSIlw)<_hd^+ODPbt}D zJYtzb?^*^3Im`^fn70N+p{AY4THHa7n{HuT#%-Vma*nE}&-S})AIWzq1DdUirnQ*r z`wzSC%YsCzmYJw0yJTL#?OY>YVz}GcaO-9r%nccAJ6Fv$#aH&)taQ5WaTaRxMa>UnB zH2?Oeq}-$pl$?z4dnqMb6j?%vKW#CCE4fbN>-rWRkfLrXg(SHvlp$sIeLCWf&~;sh zDyn+7Au>k`!xxaFn-}kaypS&risK-%y_1K8taM=#3OZ-W8GUasIb(zMO5w;Aewtb8 z@GYb^_oCIEueaO&<~K)!mf>D}02EHdt~$!Bu} z@xFElY>kB(x~a}&`N3Bj#<1OpK!DqZR?!(aYao37SkAOIw7qH!Ogvv9pW9B&$*CNj zr)wMgh_50G9!kjYP^obIhPBp4$V`P%>dCs;z(z$7Z@M;4;Uqq(AHrdNez6AO5ZEj* zzt&Rwm44N{s^R$+1>hI?%L1K7?&<001+vz`E=!4h60?_>frLPR1 zHJPmy%qjqL(SDjTTn|(L+0O;cxc4eN5^H-}l0mEW0<8BrrzT`h)P5RQzp+RGMEW=+ z=~e%8DD^+zYF%SzEDd@NT*YA*Fzx)5?@BF$x+SwcV#j9s4 zX&8zLs$V^o%Oe?2hhe+Jd%{3(Z1FF>ab}@6U`|b6f#94w|W_#d-~;0%lF z;jtJ0GRd`73X}wYIs+in2PnpSYrKN~5hkz185BThd4Np$&$Q1)Zt)}_9f9dYCYp?j zualo3(5e2I&x6{-2+d>lzVI%7#>y`irI$kwKb3>gq*NjvmOz$l30zEl;C`(g1Auij z8@*z2rwhnCZqqWD-U{?NJFse35Bgs3QG*Jjynu8F!K^*vo`dCxUmv`)c+AH$F?yAJOT+^7&M>2zEso0)A2sDXW;|Xf0~ki z4Q!eK$_aiwR+-2C8UiLsFgnC?o0|ZsX!t-BOnWSrrO8ZTpX>iVdTqBt;%ZeM3Yovu zhCW&W+b@Gs{J~hNJng$)h~Z~EDCPqalSa3Q8!OQkHKK?QD_^uc^W-QBq%(_p?6Eyw z5M_EW@UcLqHbi%=v~?e%JQ!sX`Amz`d;J)Qbb{#k`=?^t5y3_OYr_Bq4>L1#GLS65 zHA1x$=~CtVR>HjBVEK*vyBBsqe9|fd!MTrKAcc zyHnY28)hVp!r~@&(EXqqyu&<8^3;DGT|-SWi6gyDJ%B%`RK$!836_t@o>ab ziRtr-e4q#(NQrFmE2x=>4nV|7*IP6i7M}DYpB)SU_Dz3I-AGbY&jjy2qo;N?CE+uF z*CSwK$tQ!(2augr0gno6TrD$wR(Dw3Z^1OFCs;bXKL9rSxicjm`U`v=v}i+oO_9(U zZ@sfBZAW@A!p8$p*VC@N8A?{AaVhdl03#x0ip2N^7smn{=?2n=LcYYB!FUK)6;gVdJuZ6 zsVYJz5+ZnP&jczRx+#^6G%5`v=3}Msuf4 z+W|GLY&7!=|0J!gN7VLwCE*^*-Xm4cFvMUUN|W)3i6YiTf#`NB3#eZ z>WD;7_ZIrd)K%jH2_=|<2r>@J$?U1m#g{=udIk#6Tjzu#t?;Jp1EYsGYWK%ji(lVn z%_=t~{613Mh@^JVP5y|+Do>7a=b?C4=HPFJlWvlb2!)5UP#a_--(Av{{t0N-4=J_G zt+MfQ3$pAHHpU|8w%hWL0#2jX<;$ir-Fcmu2+C?Es%(m-?P1F8k-)M-FQD5lSOW%% zARW_m7W{!*WlP}EUH;F@(v4sc0F+&vyZshjDYI0Yr$-~V02ex_C&J@vmH~4E>Y4V7 zCh0z)vt~W38VJt$TeJN!vf;*i$7fOML1d1h0r!Ua635BZ4&OrEDdD5)G{Q-5i5&Zn zrcK2Hz9I7Xd<)D>eD}SgP~jWCo0W8Y7+&=11fUJ`h7~g-7`u&(z4tFk)TanlrO;&e zY#kAFXjGFXkG;>_+i?Cg$~Z6AGBGMeI;OCVrC)~$A;b0EuP3)p8z+`gG_ceay6nvi zbkjmrUrMYq;B#jt6DSdjw$Bz{0Cpm`7ksUMdDQu8| zfa|yA?bYQif^M%8>xWr_^|A7r&gp$XKB1=;eGLWw(bjJ)z41-RxHxxu06={-Kbt#( zyO8NFh~cW_$^sBRP0di(LZ!$dju2=fHgCui_bXYpsn|klh70O_kkCy|ZK(!oSY0O8 zP+7{ql)f^RB3DIYW~fJ17gZR+$Sk%gF1=;2ew!mlIOqmVL@^J(BC1m&Wv5Dd2O|T8 z!|q~|p>lHiWBGQ>j8>pjAINPNHonWuv2qsyHgHkY9+ZA8L=lf&0@9T%j&i@by}ZV< z&_de@9Po!aqWa}K?y0Mx_1})tjbL>l%T8Xsad&B|qXX#u2er60FxQ)rMg)=&(-tdLI(9J-xqRDU3{7ME^?t@lt)r!iTzn{E zya^LIXp}t2knn5mWGyB(;g<}Y5Ykb4uw1C{=v7W?D~59gI%jOn=xuJfYyk??<60=;Vc~lnJ_-g+ju~T zx2k5G(7^{Ceg`Uu7J=*x%J1$UzL4Pls+<> z)V&~cdWt5hU==^8^5i4TJJ^rCOx_-BO09mhFJk7HB$e-RFwbSIVx1}&w`6Z~S1+6n z@nWukcob%tgodJ-q}Sbeiue4!h>rc+$4MF>744*Ik98vq%)O-s`OUaD_)3!Mx+eT; z6pJPra=zFaAgB-dgl&0O??wYN%a~XH?Nimw6M8XK)FzIyBtpVg>UxQ zdSAlv?7>qYO^J4U`Hnr;-uw{WfH9#Qm#{1`al2<9MbD^yxwK8Z_*4MSaU36Ky{M z$)&TfNfVDFTMXKOy`GB8=(6F1#E@-a(fBs#J9N zMUFwV=SkZQSd0J4)h9@SIj)R;jf(A4!qnltYT5~Ov>gZpGvDP!Yyf8?H_q^irvg@q zTwvtN)(*#wfrQqhh;Z)P{E@zkdl^^n7CS_B*KPxeid~QTfUCiMCEnb8f1PLx3-s&% zDMjYf9s46V1Q`l6WdXAf)y=MeZXf(kJ>T>ZFm#sF$RRM^*>Ex;Y1|)F zZgNen=DmNk5E8O)fX7Pl8T*pTyz=9BtpVPont0GZvW4hg<+uh33lVg)9;g4q+E+$p zxpiyPjnduSB_-Y6Ac7#$AR!?jNOz~CB8`NAgd!p$-O`eZbfdHgir>0H-8_5m_q=C} z?~K6@6n(gJt!vJC#T+N8?w3XBb6sYh^&eek`umiI%DT>13uWK?PP`msgl;V4?%oM5hT=>6HX8tNMghMD*QpG?HUAHG4 zE0Xj!+-t!hHZ9;sX0GgS(~!^q1iStV;}6CrJ4*VK zzd}@j`pfm$MIePQz8QEZz+NWe zedu7dr94ffY^j8sal|*AzH^vvMU#6ab-oDkt+KX9<%v)OKCFChhLRP2?# z0q_^qUn6Cr_ZdI51Q=g6fjAX@2;nSuhQ03LB_!41e(8gBo`d?(oqQEaxjjZXGGkV1 z#(|!|E0-MGr2i#$_j{z)Z58Qx?_d_QFR8^aL?$Q@_JYb&;8LP*LXkC1E9oxo`XL)$ z`zMfV`n_de=PQ)9vUl6D7qnWuWP7KO5U_nGb&`3csjwp(72Tj#|9KrSPkCMk;D)GLEf+;kp~n6t{j|dsFE^xu z(xo{W|MlYEyL|mB#^%z}SCji|jQs@-=;jzZjr*XF|1^3T3KYa^*ia#pw=W17Z{TpE zt!^T}F~)>5+9W8pH#SVj;_&f-J40(;rF=L&XIpVs%&@Dk=`d@QTN4ANZ{$?SkNvbI zu`+TxiIn?#(Dl4p-0x{0d;4Qa;rASTNC&!x@U-}-AdiQY>KxXiP$nK;d_*8N4MQq? zn&;ktUG($e5V26DYY{D}+CG8fmF1%GZtY~zbM#+x4@|=o3*dhwZ<#*Bu`{9&^@w>M zWDwpGlw481Pp8Ey@K6s*A0U1~e>2)!vj{B*=MD`Wey7q-vMZua1vZ>vzwRVl9&`zN z%E_MbLdsBJ;B!gh`ETI9$nr5@VdB=K3$r|c52o;JNqUt?NxdxR0AngA*1(z%cm+uS zY_+!T!~idYw=*LkIfbGq++CYrK=_w3bo+10&}bDRy+)c3Qg$HKcwCSOG+|__P^@Dn z(*-NvsXoN*vR@S(*#;Nuu9>`Msrd+v>r@{WObZ_n*wUmP7@%aewqBNu`N$x>*pJvv zR+W!RCJWD^sj_U29p`mdZ`6|DKUkzMHGTL zd}A2#AR;n<>^TuRGI7YfG`jmM(3Qx)i5U{b0Op!yANs4PM_i|qHxrvGZoWnnt~M>L zqPn0OMaO3h*R?aSSb}jOhDXQ3_%&=OKSKAy4vk_^rDDUxFIH2QM$N=V!0}l|7TC3) zRN(#Od(IiQWi-K1Catni^3$TE-$IVYVq};i13rEqHYch>2D_EkumES6^M)>G-zd)G zJRZfun=RO&zo?o>*&ski>EgxH{dU2vo$hD9=K~Teb&DdMu@pHMoGv&?kK)k1NPK3J zhyqTcqqd>@)#V08F^u_5p*P!mc2eWlaz2<&WuR@VDG7N>$ZycuiGHf%o*?i_#>-#7 z0dz~hp%;V_d8UvaE?Sx57t;MhRa$xlQk7CWpQ%dWDGu~AfZ+aJ1WT26iP_}6pmS<) zf$F)Ybbogm{Zl|tIRYy$YH!APF0hm&@XY?IZIyIHm}9i*f?H zKSWb4lmA!9jIU1P5-^JRCK?6qZwl)(gbTtM$d;|#2J5``tPw~X0t6D~`d~Mvvr`2G zhvNrn(p)IyXun(f(xf6 z>j@xaU4W?2w)-C-U2jkz3h5*##4Ba${pPYGy`0^!A8GfBFeuTl08rJ zME|93UGq6bcpF6Dt(!dkE=S`GvXVDv-gtvDK`gp5T(c1h9FEzPU?uL5` z!nh$MuJHQiK|Bh)jCLEhCq_HvJLVG7Ot1M!W`+E#fAf^YPk?}U#_2^MUd7zRhOS_? zIZYWvB&~?Wa_++yM0L~tCNNLhg+7u`NFv`E3;os;Yh(Mp=F(jH1hRKt^eRYepB~} z+MK%gaED9`Bq{S(@Is#X z;y%Q1>}|@<@>(WM-M3)i&+j()$D?H5~7pXtzWZ&HWejdMUMY49B|HyfE^BOPYhLp z;MGQFJY6H{19QiX7hv#V$(OYap9?S6)UR%8mZNbX+@sEhgg|YqPBFx9puGl{{_0i_ z5ogJ52He#`VO2A3j1{9?1H0#Ya%6>*MiWa_#1?FP51&t~mQ&=V+RoONPEemYu*Cbm zb*)*Wx#0F?gVbAM$i(|uLb)91Had!@m()K@cUhNZ3Wq?V>tiFTA7tb-xJ|r<%WdI zkG1!cx7CeXo?6e~(Pwvx$|U{ZOPG7`1*8nFh(6i<0n)hdSexuuZM*>7

    >w=OkuN zfZN~ey=y>GD<6>PSShYfi_=3Y7lo~qPfrr*l?f%i^2L`W@F$}o@pin4??nwVONead z%yeQj555On z4ITC6U3XgE8g702;?!M zt2_X{cgzJO${6UpIf-M)G)={!h!i6wox$C*Q7V?GKKnz8x#iA{gi%XG9_dQ%Hcs)B z*)(ZaKC~5~ecivK`B0k`8T~PKUdS7xJlNb)(@jXOzFUTBd{0GQkMHM2o0n_<(dH$_ z_xpOI!}G|!OhwteFSwL-TeZ_i45dk!3@Z)suMpjHmv&Q*RBf(Fh>>Nb6P%QtH?HoNVFJ#x6sAt|#3X?aBzNB~~ODmDIZ0R_V z*fx>3IeqM1j`Bxf#YD(45;m6~gp!{f*VtCnqK9QVhsRzJ(Z;xd3B7m{j3QrOj%}8E z<6}Sl4y5a<;|B8WU;?1L(^VtZ!Sv;}!Q>S8#iPc;31q6mswZ|jHFQkWe>jU0&P)-? zna=?K%#3`K>aRkfjrd}rkhXO;0LT|XNzutKDF;>!@piBCa~te^atnrJXv#F!%do#@ z&C&D8)CErHQqUu-s9<4cBwuUOGn><~QdXVwVJBdJY1d%w^ePlzE6LZfk_`&GJ|?>2 zjN{aVj%Ij9)&0G-^X#AlqtAkv7_sW@4sxf#x&NtVXmBW^K-^lEPCbol25zZ%$9oKk za``SMvi`9gqeN5^pMBHS%O9YS;)F`gfL{MYrE7wU)jVv5V3O>N7>zd1vZ-NF1>O9y zrWoEwZ?GLUzA$=Wf3$u$BG{!oO;_};Z=3DnMN~5NLFbROn!O6~ktW`;|M=DC zZ(`2^69a_vPXG1KtaMFji%M^QRT6hmMS-GmblYY(9pRI1a~xP+Vo?l_Ng}Z>6cRnQ zB!<^*98M6nfjDLSO)ZX+3005`$?Z|Le#c66ciwM}fVBjO>xU6X2va)3kxTOK^n9Uv zy4xH?_^)> zf1cm`U{%nppN)H*da-qK{)rXxpvR{cg6I7Xz{0H1CK-C8VvEq0U{4shI;zI5DrXFwwz@1 zbIaYsLVldvEY8|KFV+A&K`8b5SLB#x!CyIJNwEHk6}abQrU*HlSrET%bw$D0?`Jl} zJ1*+#r%-qQ$H`Z2;4+BJw@UNr>Rpgk4Zp>4_{^XR;RJmI%a)kmy9IAHb@Gk(S8yU; zM8K59$A71tcu&-}h3pyNga6^70m8^FX!pBdx#%dlKPc;4W!jevSnu=)bU*p5QJxEi zJbi1{iX!3l(g*zQ`={3}NU{swI4=Vij&H(KAh9uoe{*FQ%s47;yeO@pT4Ef`fHUKp zCl(8xk6V85C=@be3|WOOf9yk`l4Q;kgoVdZTy2qDC@fawMshx&PpATMTl&eB{D_V| z)yK=A=MLx2-P5@-RVjI1qHtevxW|GHJixz!Utpd=o(-f5OPElVg0+-0&3f@!dydCa zo|Z_QqQr)jdD=cNo8+jKucUPS}v94&QfDDprJY+ zPc1pKK2!6@qtOsfc^bsU*7^N7-XADVYd)F2Bp?Chl~d3%ygfbMP^9u=Sie8W$~Uq1 zWR1`NoujDRs@BX`z+wtvh|u3I0%=lVj6X=wW5IYpFl49sXye?NcFN4-aJ&|{D`8ZU zGG)p@UxmE_*RkNXZPIpuD{Wa@O@8&NXyBt=KM?~E56?Htu)6aPP{Iq7w9}Bnn@f;f2`?BmscQDCNW!lUShPVUWeF5=stw=WFaK3yh##AE1()sC5$(ohJ=#$w)1i; zu`g5@445JPEcaE8n7HPyU2%#`99W>FRZc+2K)Y7Sjs9y;a3vd}lt;LK#I@#kU|*3{ zP#|D3)iTc^ovcW?Mc>O5WDH;FtftzA5jbc|ZKHIRmvI^z6MWMGV}j6)Cy(yPoc<;d z4FgeIQW#(mHKq!N!mLPv@QhGb;A89UY!P?1UXdiHf$Xl0xLxm8(XRnl|1<ir&vWVPS`JxmWU>A(>v>%dLdJosi9sw6i{gOR^W*Z{$i6yyDNKu(~?pCsqekr?m3HA8bzEv@A17+m! zY7FU>KVyQGhN7yMV=zo;8juYP<^+MPiIGiq(Tm{=J7FW_0Q(yw0POF;LFRM{4GENJ z0|p05Q4cY4YuiCTNeL;!orOb*l+h%&R>zM2g*(vp?t0MT`*{}jE4>Pf1YC| zbJrySJ-To~K9wn^BoGjk>PR5oeZag@`C=%_F;N8fS!Zv23oj=DyOWS|+$7d*)9Dv? zl}%({8a{*QKU`(2|0_Dr^PoR;9+pS9Xa+q3m0gbv_Y>(5ZU^gB+y^QH*~=&Cd2A_7 zU6}qT0@X5SKtHba_r$<5swmq}Ys5lQw#V@`3gf-4Dfy-ko!Z5;89as)FiSaKJ$_-#bS&B-iY)7Y;iZ{EVvw~oQ_%>~zAxFWF zbDE`AWMI?pVU+EB;p|N3e|MlPz5d66GU<;4W%_RiO3q#ClA^gsv}5%~QxbG!gBN{Go-!_pcWJl6d`YUurfYVl3DNQ@WKeSN zF{e8-o)FC=x^eXwGMf7j*UWa~Q6clz-V|i95lRf_z^wXOQa@T~u3R?GTQ|*Ee5$ zxt;bwyi`{xDFN3rt7~Y)&>hKzU*MC)aC|-1mVR4};r=^<^};WGIP+oULOFpkCdIHZ z=_t`sX$>(bkDE!E9!jYoUq!x8j18xepxT4a#T3!}@E>Rz#Hv8nBC8HF4H;4>+@{!; z#`Jf){!%plxfUHsQvT+oRpoGu42BC*v{*#kTJK#sUYi-g0JdKUnI7pFr%aHQWh3U^ht1wRo^smvP(M^62Aa3g;-;MFUbN6398jCLQbo`V; z4r2;-8$QF*O*uHg>#`%q%|H}p+d4l95?d&x=l;<}N5fyWfb%<`Idyr5{fZKH)qoaa zEPlZ0K@|5PyO@A}{)u(VK!;Jc9QNVTKjA*gLr_2jQc1-AO965BqSa-QE37-ZZ7z&j z;Q;gwJ?bpMq{5x>P_>cJsp3_JnMM4|Tl`5`6*p~rw}3^Z#NFk-=3vy5JMkFIWPt$d z{|6k8|4w5I7RoC`LadEUR61NFVc>!}*~i57_NQi?b(;4z8wA;amxjdKPJdB&t}2J6 zUx@12<;Z(l2^cML%QmgC^-&|x%~H_BCQWYK1mOoGnlhH z^8y9AVb20&&4AteU<+jOTm|X4KV#DJsGuC&2&5`Y)-zQ85RK_}t1Zrj$pO$0_YeLV?rt6AMf;g3yH=FaWLNLD^obeI;@ui#Wu982eKZgwoyy^ zWh$v4)2ZJ4T)$Dls{3SHM&idBm;)QX_47Tp8SS0@;TTRvje3bfDGnzIg!>%O$BW^) zi?0%pZhDQlWxQRkr4(^v`QmN6PznWlFkb$?2D}l>lqD5p7C`=Ic|cxD9g2)c zYZr-f=c$S!ov<))25{NT`J0WA1!OYUY(F53#xnb0@ANJ-3+Oq=>MzMrC1kM9W&tIF zavVr7NWJSoii1xg!XC%Gt6k}MHXEcGa9tB~bp(?%bqxRVdCzv$`cy@n;J`Y9r~*KxPK zh!ygP*GQzFR1UdT$3b_yD)b0ai$(HQ(oH@0xL28vo z5<7;_UPdF&Xma8YTKg`J&~P+VYF(rE#zzV_v!r`y9k_(+Z|KGR z>GU3gIM^9sm5JBlcCdII>_-0yub<#Y&O@=SerESeyn8ucwtahEYqd4?q9K>DDqBhx z@l)e_u^FnBp@da$B-}f%w*)03OBWGXXLzRyQP~4i>P=-Eahxg|ejjY=J{NKki#0Ag zahH!WvLXgKKzK-e_eZLcx{%W5xISyuJW1VIz5Q zn{so%{rW3o6-PJXYvHpuhc|BW1Nt3%+U!I9VU`>8$PLR@UYLobXRbC4|;c=%(x>DyGM}oPhGR&3J5JzGGEgjJ&nn)9FnP0xl7siRDjdoU3U)h zHALg6oqrJ3QsB90NF}~39tq281@7VM=A`?aCM`8E?(ST_+}(%%gS-2}W1livGijA^ z{rkAZfUjQ)%nCn5PgT9DrEsF&A}v(Vt;e|=K&YG|&T)3lig-;%sz0Hj~O$7V<|3T>M)rQY)o zHh(;D0h<5SgU95`0_I<~WaL2#H4Mp(8V4)FIn$T!?vtK6&$9?*UgopGg6u72vsXz{Sv<1=V9 zPxptkD7=nJL1fKN4c?7eO?xbcKa8CrvlV%W5dhp~vhi~*Xk;Xr#$%E8E`KM}y;VER9+UEH>aMke1{b{r3&GVe* zv*vl^gHJQu4L{_s3qKjM9p@sL0=ECT24?vSe4Ln$;x zE*c0>m!Lv``hMiUkX$Iy`1^WSb6n1K!~ctRIEcd-```4#d+5&l;rKg$;Z=KPM!RE@Tme z6=MC*vtZDYyFh!ts}4Nh-#E{;0LL&8M{;dcCK^Ws__lPe0pAwE5iP%KPk)q;bD1>M z1-9I{p0eS@K3PkAf%Km5%AMBKgqwcFrXPaRz-L7H0n?5gh;{e?Ucw6FSA5QtL#8li zcCM*}csOXzWyY_n4Ilh!fPXEe2@rj0-W~-+^O}zY)tT_>JT9npX$R=;zhnM%3z+bI zj<81!62D0AX%c`e9;C@+C>{wq9)oy@+`~cH%j!NJ4Dk%T-(V6C+d=OvRV5D;gcpf|2QOHw(RngzUGF~G9%O|*1@)xf~4Ca{v*DFG= zkyc~=ro*Sk$J`8W=`^?LqyZBy62L#{J3s}QqBG7oV}p;z34j7a4ncLK z9~Hyk$nXkOuvdE`DmQh{{?}Ond>}9#25WgqKnAmmqqf zU}nrzAFF|cpvEv3>{bW=n(W)CuI7%xELF*3sLNd!&XHjZzMG_M7iW6FT?>N4PCp?y zyaK`D(}j_ab2uFF7aUG%5qiRansv94;S|94+n~p?;~ez?&K69{ zeXXGzT9%7YYn=xk^?(~KXtst>Fgcpgm7PHKVHKxvC+T@$rvKI#7XH;2X;?_`OoI2| zpB(D2hZi%FH3Ax!N*etv1bqXgauZ=*QmOdAdel!xynem{4AN1LHUT0Ig9M}CPV)0M z^?+VIoxXzeqCER<0oETv`*&6d`_5_?G2#5C!szXsQ(>^{hJ!^B4YLVUu6-EXq;sc&GmFho7_wO)GH)pSntN_ z-x64|Q7;BGn8oulW04@QTsJ&Z5wY^=!qHW0QvfM{{ z{}Dt~&j1C(cp=VzLbFzdh&vG-%{-??Cyh(hEt9SAa?*h!fgf)n*wn3tjrpdfI-Kpb>ptrGvkg`ZrD8 zBJ}T+VH`+QJHtrvg{3kr?UVOfVVdxRU8V@uwv*vAX=>b=G;8jcZ~1*&dJ)_LlOR2Ng9+lNKkK45)mFH1yT$v& z)18`7DnA+VnVHc&s0wW zRjRNW3*2(+?rzK!jgyI=Tujmn%%#0(stup^pLr%sPZ(H#bJH=x*MYD!5_4}ee)L^E zvT$A!atb$^Py!aUVlHEBJ9G~Pc=Eq$+YT0|0lJMIUv1Sp0QLpP_4fhlDn z1dw19PW3CnsDwyACO(A#B9yGkdAZd{dngyH{9%po-dCi333~IQC&Cy@v20f(kUXG1 za^lkU*w~f8)*oF`vOJM zlEa%OY2ccnO!>E<^$s+l^O_Ea87ijpg<#f79=(YAo_E-!vP&x=uY89?@V33627wF4 zA*uQS-(GK3Y7{wPs2n5k%t@6Id>lBd-oEaOk=UV8SjHadO0|z{TvfzjsgWrRUthra zDXI3r(x|GIl6$TLkkA#@t=a2Q@_AUkhIt&Ooq1ZX;5Xi3ceLTYN9xTy{w}+8`uQ&G zJB>7XDY^vnMa~6jA)$gf9geom|fp4hv^L^Hh^*gEH-BOQP>plcTn%J^evCA zwtHH0&$W-8jQ$Ve&0@er#}33o{y$`*um7)@=Xbr+nCP~HwQ0XU7-k!<2mFmu#wW1af%AW{ zpbYpMp2II4VP2i{F7Y}Z0J&-Du($dg|Hd!_kh`G#srFym&c&)tzG~}uPdO$3!9?HM z_*vz@3D~96zyg{Wf~d_)_;X26PN+~Yr4Imk;<#8Nu%t$CEF{7RH_b`AqctdB1HL+N zOx4H|gFGFq-^gDG)=a+j-p+sH#R~)^>=q17@qiN;L&h!SehwXv`!(Y{xGMt>2%O1-#gd0U_olCDA|lnJ`S+bCaavdhV5=J- zAk{*u(5Wg5)V&bRU&2r|gGYZe6k6qmHafe5i~VFqq=?+6aygw04ERA@#Hcf*ym&YE zB1+E3!agITFO0N)zAz9l7Dck_iXmmwwPYEzs^|3pCB{Wr zFMi#eygT29j&!uR#g6@=wqJ+1&6e(Zdxo{F5`KyTxwj(d8yCAJP`xUl)qFfpVdmQP3)>SlW(C#g>4+)}CZBhno@Ylu@x*{5+2|W158{XG*1TkBpS6` z#-cs~4F8oYDHTfZsrT{-zgg2AiOsPs6zXyX0%yo)LG-cN84sl#fXmRi%#%$1Oy+6N zv#$LvxlWD0N7T~f=dkVPcd1XY8C~4oKrxF|N7+y5c-$bz#6~-iTZ6_!ge{oNy2*-+ zW}Y1ZWmzfm;Oz-RtsF}#dnp}FTvOpAeERpog@rE`nt8gMlLr!#A_?dTNARv^aCN%n zjSuM;WbFGkx<4kAWor6JKu_WlZruqqpKYPq3PQu7y9{MeS2*Lw-$ZI)N(c>1Ff^UO zvH=J**Bj#k0IGYN=5zNRMd873^hEeiw*RtR%Pkh<<%Sw?jxq8%)-H zM(NR*3KDQWklqg01LA75Gyx{5c+^()D3ykRpR4)tGDdS)AU+d7Y9=YQqR|bU)h|99 zxV-@;{fo3y^4rDtPDZ|~Df6#FsvYm~GT8OebRHi(svzij7#9AVui?P98Jzg7X6f1% zpuc7pzy(Si#3w!(=zN)1fnxBcPu1!V$fA*34SoI0qEXXbWUS(*YVFk*SY5)anf-&! zNl<{!+oa>f6}JMRJzrz4p|LO(3@ICPx4R&=ai75cGNp(fv6GqRg1ZnYQHlVEBfevo z5v?~JrO*dw#PMZ!{&lj9F@9~|D?RL$Zj6q0M#8c{F*?2KBmr+eg&KI;|FT{xOtw*{ zrY22;m!+ItABqb#af6-nLOnmgJM!{(Zm@`yHi6qMOf#8RyMY)~MA^R$#f7G|pT&iG zR;Kt$0W4lnrdx`bmh~QIv>%EKE%(+;CQo4F)8opZ5kN*n`xx_{Iz}e=J^#>)maLZA zE8-|*vwDbD4Z}mid81QAC|ZJ{#~f|_!?!SPlmI@rT{%7UZA=+ZV+?Krgz#SG1FIt+ zV6|mXk@U>q+iov6@Ry58eUzq_iKTSVM#rFp`r=i1=79M>H2Ys1%ARLXQ%J*7wRAZiAx*J%bLLHa=k; z4({c>ka|r@KA2t2bRX>^E8NtU<4T64zeM)G6GfhVX4O-E?UhiN@DXB#6E9CvmpqCc zp~f)cCcwN*{Z(Q!ci1i%E21T<5h&pK6FsmE%8)Sh_UVIFz~M1Ka7 zz8QFl5__qc@wRSyhp+Mo-!t*do=L%oOu^bVOc+oR=)wT;YgV>_M}P%CI>M_xscHoW z^Qd_7-#Mf%@FufG0LCX7oq~}>7(~Zh`Fy`IQkkYTyIc0Mk0!Dx*Ufr8O!f}N##Ugg zKq;b4_0b{qrq0uY`j)CSjtD`g8RM^0Em_M;v@9Ws!q-0x1*9Gx&7J`LQJ#syH2plL zt*Q&1o#SY1*V#(!8sMAhv=n>k0fV~<5TLS@xD=(Qeuy_d1@CglXBjLNhwNmXRxTENKp{z0d@$0vQ6qC`)C{V4mq`wP$?rS1N^gA%@rSLRCowm^uKX zL%5ql*kxW$LV2*`7CU|KG0m{u)Zv@0qcF#tHcF8bN`p6;m4m+tChd$bdxc4Soc$K^ zOf`RN@XFWpr}zy1rFY_!VW0L97 z?iNxg2KT=Iiji5qEPcn|UD+W@CN=KI=4uug*FNhalD^S8xN-6Az#3+d0^7; zAUEgU5M0i`;p@Rbsn&*=OJpUpO&ADJR?UBNeqn)oWjjRI_}b&mmxTh@N926b4uYa* zQr08OqCNrAa9bJgT=4~X^&8^ztRfxPc7zZz>Mi7dW_nMDZHaaKe9-UW37q{?h&>MC zQqiY{u>VC~YkGvX&&h3ZG&n*3kN*k$25F#XwzC$$GE7VLyqS%QPSWe_`ulJ$R2)1? zpy0q7w!Qst(%25ZOhlOC@w}qI!UMl4nE%EUEF0lJKMK73(15{5n%^)Y@stWs{Rtw6l&} z>m)s1gN^4T{cen42gTj;tK-M<;oZh}Uku&fczepL;FNzLc)C#RaX&j-0GutvNC%QX zVLqP7FW+5({j`M8vxo2#Z-Eqavr}DHJ-8n)aE7)C4p?=MgQjJAG)tmpBlT5R2CDcs z7Lh8r@VGb^zE;^0Om3kxV|qAzsM|UHagzQTOdlHgrfzXH(>J>|;`lbbLP}|qJbppj zt>X_S&px~SM?l&M1Wk&B*{h3bpH2^77Ct{HcMdQ;wCGFcwE#giV=whf+;F>?14gia zBG(LpT=?RVLi6+`h3^D+GoDfutc_Z3Ig}g+?-GYbMq1xV{Rb+A9EuhNX3$J3Z9l5qUOf!LMM#-@rtStgZ*VJMvqe4Nmqa&Y;Ea1pt$n^i5zQWVRl~;Do%pDVrhe zVm^WA4_5NBnt*aHVE?yVY1SISincUU=VI~hp}^#rIPj5wN=dZ!PRCs<4RR6T+TWgQ zbtyCunClhxKm86afb0EuLQ4cOA;05&Ry$5rw5f>jcy=9wRgeK8-5iN?Db(5@D+E2m z@a3JyR`@iLO@Ju`$!YK(Sqvo!{# z2W#W;GFOH*q|smNwXB7P9%Eu83G>Ma!ed!)DH13ni}&k0MLg*sCV92XvI@Q4o~nV6<-wb&=~Abfv`Jzu%YGHvi->ZAKWW+CRyQ}&rjyEi z8gc6g&4k35hv-lccnd-zS=#B7?8Q{z=YP2_9O`RPi&iw;C(me=dLU$;ND(mB9LEG1z zWjj4hoIseyQ>NDsKa*^tqo=`;L_U|%EL@)MHoJ$8=hPQkrqGnP-4SEz3yW4rF|2?3KPO4oW2*EZwwZ$znc7313Fr$L5r+6YQ))Yj!cqb3TyD<2QS4??=bcsg^7Fp4+qV3JFc%}a3+P{)Bf!_{erHyZxs>|Gf}e* zhDBlSr(p8Y{xytT4P%^K8ZIqF{9bH)SU;{GL?<^x2I&~NA11oz9a=z(eoP~V5d&eGv-_p z-xl#lB3++aQ`~d~Ce-+?12T<$TK8WNvj}5aAx4yc0)Z)xDf6nCyF4YV*p@qdnRqb` zen0NB(wtq?=!z=!AE7GM_s}*!yuuH+XeD^1ftc=05|6fLZM!!)WX7@NjD~%;G%5YU zvJB2h>MNe7+4gMn)v+3lh`THdNtOmmf=rdJOasW#*!n|09q0n{cfDfGJy`osR9fvN z3<_sCDv6`pP$zj?UYjOPf>3AKg-M6uK?fpjPwFm5Tt4HDA`4DZA-qseuKV}zo2RK? znRXD6M^nCHi{0x^q~bba$&TUvTqwTD3*a0BlAc1E-X+pYI<5)EO{ZAqJKoOZ=KIeP zn2Dmk1?t(3e5Uk9eCN6x!qbF#Vsa@n>_@Ci&+7-h)={Lk>N&?SE4I{IS}jJd;2wNd zDLwi5uGz1kQrW$oNO0AOhgKAEV@r62Q8jVmX-kg}XeSwFgm@LgTWVr zl4t~NR(iz@s`d@&A$mBuIq&6>15z}1P>uDtWSC)2?flV`%Em7yNlUc&3d9Fd^uef= zu9o{=8$EEaOXArYwCazvzGF3EkF2EB9fyu*R!JB{k@4elsvQIDD|QZe23L^mwykE{ zn?j{4-XUWW8T4p+)UdPU4?NOG`D+vZ^ZZM_WzY)dZmpYbpdqKu-~){242Is#v{^mY ze>oDIKnYqc|IY&wC1DtZuua! zb){*?r4`6uT*-caf1DcNL+aamt1$Y{v0wNmnI3%bRg)y5e>BA z@R>l|7#Rcm;x@t2LXfH*F$;}?0tnE{J0eC_K(}LS|MZ@|B%Dq;MwwC?ham*Rap@KI z-&$Xbosu(M?#loklMi__Y}&p9n-z!8;#3f1di5Rsry> z@l;Qi+BvoEd=HK#V}1&abzDfwb*E z_tumM3MTp(sVQ^i3}_QRUn79M(}8ywz%CwA4@}Fxfl=}I+n43tBcucnJcA}IEkDN? z)>vQD&8tBn1N0e=(;&mH+E+VXpr~)ep(q%P2^^!=yLI970^wDg9&yw6BjLJIPsEpT zfoWt1an^IAVi{r3auKuXr^w2IhCn>-@<|Q|UWd7AnZmpdk&<4!3|YwqB@^qrfbDXL zTrj5dWbPISIsgMQ^;+%A6v9n*;RknX^e9J{f-g%%V2b-3IqQ_<2r3#Ca}2SA#LnIUGaUlQ}VQmgOwB9pl9%-FTXKK0=Kfsh$}uTl>}j@-3^;iR5A?h zsC9U9WL2h>MZ0&DCR1Yq_jVURpXmxew}+iJASuk_{+3jqLu+r+GOUHb&xW zOI?|;-VH6EeI|3oeC)GAhhg!pKJGIf7#oTr(Z@yo(b(YNmG0{10nqTc{J zKMH@6*?eX9wgkaB%Jp zmNL~hf2=+iqbHo1oI}Fh8<8+>pzda=ihz^q2r z{O+gEtzQw*ty>E?4&@qUatl@3WDaqv47*+Zr{*|DS&60}Tn5jA9!6-$52P$f|2UrM z{3C{Z9$G4woQWL-m?m%ing) za-8DTUNl_NDw{blNNOXPw%!GfmphZr!OC;@>CtABDpx9Yh6b;;#5ZgtGk^b$rwjIg zBy}p%WnZz_Iuwbb-&Gv55<}{Hq0j@4Yqn;OM7GY>03x#J7c+@$1R~BF-Ap;0Mqk06 zmsw?}G#zm;C-r-iocj=184iG!xE36%?=KgZrqyx>UQ0!9PoBHDM} zml53rR^AFUr!ts~Kgt72Ti6JQY!ILat6yegOX*YwHD?hhOkISlG0R*(W&nho+5afl zk)3p5ROeFoU}aB_d*0txs+TzD5V^KmBVvSo*(OtqULtLr zrNfE3(tl@tFd;VS8iq9Kp?TsFji`brF$W)TXtcK#d!$bG@Esk7B(f7Hb~n?)NL6YK zd87;lg}AtQv(U|HcpKz1P|WDBN8bV8sdWOy~Wo`)dym=5;kIfr%$vN`6)3UM8P07amPa@lmL zOKae7_4WCpRs2{=+=aBwe0x3#9iIsh4x_(Jy*BX{RnCRIjlXtI+~Vf6L)!$I z_&#lC$U`mIwfh`An!@1~JI14ns&sWIK8XQ7fjx=5aNbF!e`}?j9qSv}oUpo>8D71@ ze*w$j*TO*n7w2EmEx0Dg5YR-hB>Y?PdwvzP$l<^7*~zlX|Ls*i|Kl4esm2(SfHFFm zI{r8MwS(}jBTJ#uznxzWF`C?edGitq>eHH0T`3nT|cVe%o?qtq%n-flH z6kWV=&mT!$y`@lz65j#MaKM#$IV}-scXM56`F#=EYE(y9g z`}dV!)uaTP(ZmnEhm8l6CgyMFJU)N8`p^&Td9Idjo@wN0%bbSQNQx+*^~ScxaQzFrLc@Jgs69zoh>~z#I!2ER+M=eE;PfRuC3>-w; zGgF0M;MO*^_<=EpLvsx_H;D&O;Wa{tw!bkIx23^@&kpUuJ%(LBuYv39~J}0qL&XtsEBWy$iyP z4Pbs;RsJCf6musaAKlU-?d^>XMTw?6XI z>(44;m_7;WM*FcxFMtfKiFn3Iys9YwP`ew1Vv4EcD>_6h^CLBqWbC3m-RtK5yWFQ( zMa25FmDsnnf|l#h)y$0V{6FTtIxecUjaHEEZV;qP8tHD7W=QF75R{T08l*c_KuYOQ zx*McR8bJjGK?JG$j(WcDz~{Yx-+#{U0M6{$v-f`A^{i*D^)NM?-bdfBdwySZh<-vH zfkeP`Qio@Uxb+y3v8sk&K9rK?i7E-YO66=Q#lqRV%XbD_VTa;nHnH2c!sQo0ym~p2 zYa@sqdVYQkh7=^PiP%jtZ8!syKo%iE&rmh0QbKjsqL5x0fhg*~E8#;17=^V13PQ5n zl;sgDvyysHD?L|V=pA8<9|gZgD~*(dyNu&wp>7^`CFPb_YTV#3NXR2$Rc%`NQTpGLqT(!0KH&q0Rk~F zWF{|>5wft?hf{!%Q)!e6JK-Lr0nT?FoodTYP(G7y0DSezwW)~)j8VxYuS5R5M0qDl z$Qt*wUY@pQCbw&w+WR@pIgaw*offGzZ@=}rW?j>v_pK;W&FIdqSp7&HJyrJ6GMJ>G zowr^SQW;c#Hxvw$k1gP-mhq*ZWkW0*y;OK#)Ny2=`i;fE>3Foh zFizj~lmG(vG(nql#|>M%j-yf(;&k+*%ZkxRxbzkOcbCL_^0+2a73zxv@IIiNuxWVw zl`0oO6?aoITH|HmiJV}T*=m>X!hl^=o(71sS>jKN5-zBoVIl_WU%vZp8$MzGT&Jr>}`pm#H!Lj}$&k0CM z>_nXm`(_m$XE3a{xwm|G$uszCgCH2GW=}KSRlktpIU4VBkd@H4XF=Xq$at9@HC&>W zKbECAuvT7h|8sdz&37`mHN-u-nGZMzETJUyEtxvJVp(QcYn8*VhaDuAMDm+b zYE6?xp`rMhw&q0L-K3*2UDoui0)Yo#wCU7q0R#+M5wPJnd&iG|0n9rpqEq_q5%sEF zCEA8p2-=#b;F8O&X_AQhi7-?t()q2CLFQ>*(d^u=q(>I+Hx~urPAZ?$TOp67T<5Lk zUEa=8Hc`Snw&Dz6joSqMiCE>)e!o-_y>{Y68xwV0>AJiK&r20k!mPzCvx2>6)hYZQ z^9+?Lv~e4aHr*mWefbAyKVy4Dnnv{UxAGHk&w|I%yk(Dn!YZFBM=C~x$8qSD!)9l9 zMDSEc?QxUOk2|duSU<>Epde zU~mqRpBZ7X3-1O*NtM4;LEya}RHIuEioP%OUEvp#R|`TvtQkT6>u7Y zwmM^05gx}DHhXe-){?_rZZ(ykV-zDkCJAt(&#X->iD>L?fm{O^Kz(V1F z{@Hjz=R|4&<>&({BRcjsV;qR1d^P>g($_8e!;_(lCB*|d+9hZngm&I&`_l$lHJG~a zDW13K@-g6e6Bu81$$?yHAcm6u?k+dvzD6#P;d^ zGOP`FJmbQn%L5y6>xmz3IAk+fm=3zRBYj0R3a$|CvdtvrH0=mcqu{H3u(ofiD!fm& zXUrN@?+LT|EcaP0vb{s{9`tvB-^unwCs&8R8F*vi zj_y`GyzIsxD&9ypP46)-U@npss@{D0_z~4?(V{wfRol$WW_5y~We95F`b+%-PbYtXPaNVf z+wr3tDI49V}(tR%>TL{g7CjD(1wC_Cq#m;a&rnriWuV;g)9oQ8=W#Rps>fYvq z-(2J7jGBUX3Ig>FgHKW8T(_uXUZ5=UUVk=kX_W2|gscvwayeqehAXqM{A53^ivvGD z56I4GB*2+VYY~yBaE{_xyU0_y`BvSiz$iqifXgWX`+nb^NPuGx`*f(AAu3Hf6*Sc1 zb`I8RnUtDrkVFZ^7DB!Thzt$2^4#;@NxgT;Ao0U$MNQsEQ*JZ3xUX`Z0YFZvkJ^7c~I#5pwgIxITz(>vBTzjY1rld;D8wM?+)D| zcVJLMv{9X0_rHJpUzjf;7C7!o3eWPd_4Rkf_3OV+6hL7m7V`SpzhT6GiYz7kIF9GM z+}Zzn!GD*!u`q;QWoK>hCv{`D^ZA0M{rm4NB^3q{a5 zhS_03q~zNU6Vhv}*RL~Cf#<-W5)qJh|6L2h#sPzLO!LZ{$XFHnVxTSrgki^5@Y`&V zZRg)3Zj}t+KB0sI5Ng9TEkMD8j7ip&`{V0!E2x%0-p(yi?+u;tlZ1i>y-xLFhlSeW zLdpfSf`(eu*vV<-0DcgeeFP>tIrJSg8=a3cT)m)Us|cT>2ixM?f6k?h35ID7-E`^- z$Mw`sVbcpzF_>}zG9)B&SoEa7sL~tRLV|h_|Eb#yqOE4WpgrKeu@isbfxx%Cos}4J;KBrPd;*Ay_q+{?1hNC~sxy|*jq7QI6fqrs%QBO#_ z(lcpqZgm3%4+wx5dVEF<#!=nY2xhE5FDo8^guSQlc~KswpI`1-Afguo$bgZjSVs9=Ce<6sXN3GHYI-lLhUPV_BjwFEI1I~L+Y-I?U3tVELA8K>6 z)1B;D?FUXtUZF%Q|FDlSIUJ1?t5%hegoAih|F*resspFS_DRB|P^>1=uZN!i)LSs}r? zsER8;BAMekxAZlV_kmI#$PsX{2zjv2cD#>XkxdiOBj5G|$W92K^@@U&(7HIyn~#y~ zK#W?qx0ufzXa;R?uoN+yZkzs_Ad*H-*L^yu(|ipxbCS5%$i1nd_;%9|rY@&Ok{Yye z{Iyc1nHd4qm09z2(-8P*1|fb~g2GALQc{g;UB5AGl*yIBl}hnZS;3AYk5e9s(0*nj z9{StC$c-t8!O(Uv6IKeHZ+9AP|w0Eq#0F{ z#%0ZfXbY1FZe*ndcdcFV?4dV;N078Au%{xWvRSX*^qeNB4ZftFICsu2pIXpLXYTEH zz%SftX90>j|l1F0mx5ye(ok5aMN7pMuXA|2}~oT---s;u(E^>Z{k=FPyru~RE8Lhcf?*3F`{)gnE>u#0%F1m3SaWu{ zI4q{`h1?SJ-4<*vi-yMOaw;5o0@}LF1tjxYey_h{OdO};1f6D948Hnp0De#c8Smvp z>gpl7KzBegXoi@Cfr$p>y}+b@(4XN89!)_DFx$=GLis3imIu!Wcf9aMqME#$MI0ry zV8>EAAlgk06bLew#m^SMeV;^sL0KLr@K|AQZlJF?%7B%B+mKd5hfzM-=D)k&Z!T0K z3gOeCB|__skLN+_0UU~7?iG;`cCMSS-s0Ue)0(i2vc}RdpO-^5%2bLljj?zYxW~v$ z=y0nGMzxb2&%i=8I=-CK(aT5ic76m#{W_fjU}nut4Ml)=T~iHVeqT}n^2OBJt(3*Y z>(BJTCtHH7)N(-1S8~^sJ!PG0r@`l|9ru9TGXdK{)63(wz?&WaLk5@Qc(xmz&Fz>3 z-XBMX1oxLB>&8^DZPAy38SCMr@0)!dKiceHkV~Y9IWapX)7{G>I!~hdY`xhE1i5?Y zQAQAX%zEW6{`L7by|_tSWO-Fp)ji7)srCAFD}VP$bs|Z61j|`gt+n9P!EY)ld+26O zRWDXcHLAX9d$`%pW;nu2>G9RU&&N`UX7FxJl_ zl*wvW#LDt~b&t+JpnVkso9ZqiZZTHFMhIGNXbEL`pcPMIfg{0A6~d2bsoTh8TxFq{ zA~$Y}W6QsQD1JLHcm8#d^Vw#$M=iy&4WgZqh;#Uix{r&>t+n8)%QV{|j zmEQ3JWiZ8W7+hN{z=iVwNaPP(eZk1sV%~=@v!0ElAbkTelS)@0Gl8an(#Q`ehr{1D zKC}kOuF!Ag=yRR#~7%`98FOA*E2uGtkRFc1C_y=78t%!stUjlZew|gDE!S&~O3>@!;*F;WVyJD$EimP$ACE&BS2Ti^P2y(j^fhdzr07HFy{av@mXi~W9wk)Y{?cCvFa1@}Gq6Q`Fdp&6DRTrf%5M%9o2rw8ZpDYiDyWbn zPc2F{J>8u{V8z$Fg!kbE_>SM}o5iDEmy~p3I_ZdEq5E0SLn!a|3&r%lLp7SvB#!eo zXdm~bbIdq@HvvGf$NPYtWuyt)Iczs@(+sG~PFtt(CM?zu@#l4(M)X$u^Jwi}`TPc0Jb@yeNO7^qP9;bIElCo=KyF!??&EaY;Lf4Wm80gM7jo2&cF+!fzQ7KM z%cpqVEgX{<6PJ~}>12iZo4`c6{sX29IeFd4AsaSjgx5fdOzsJYlAJ$!llU``8jG&zekKu%E%P}j7&1HTGG8NLZdbZ_nGAmXg|sq_ zZQ@3W%|)$pP~2Sf^L?vgpQ*8s6AyfOf=)PB?`+%_RD8zmxo1KbQBtw&bU$sQgqEY5bgXyghs5$Ub_VOQOdWDd$Sleon z_+|!dJpK%BBjkwR2#5w@`%-|y-YeCG#EhmRN+_0$uSD98h3DE0Fs}rv6{IgW>moze zfvmRY(DSR}OGVwKdX0K8nd_mDO2{#n^H^34vMW&rhn3_GFv!QSV`FE5RmQ$`;U}82 z3JifksFb$W?eOEg(LL%K{(F4P#3n6HY|%NUr(k%3mRf=4wS&Kjl@M*gSff@@QDi`Q z)DiYv>LqlwQ?z{xNMA&F9YqsG=W8DNEjG9&$x@;^J$)K#U|V*(*>@80MWR7|YJ5q< z2+iKv$-`(uewNWD|E2NZf=o*h|n^ zAO86Azyi#V*_Bd6kg^(p$*Hc&%l=%QSaJ7yBf_^ zXIO7}xRyEusIVyq;7aC1Ratj`Gqvc35rjKF@dnJwTh}zA?reeHzNB;KC=E1h#&Xb` zVd35Gd#@mC!X3}L4R5ZhYOv@wf>E3ijXZzATiqFdxgD4y?D$$~uGL?h0~7VsX00oi zMB*a^3KFm4CFnd2$X;y*EkFm56kC$sztH3W>rdcJi$pLP;w6FcT3HO?PsIm|ECl76 zCAhO-khNam+*8P|JGmZ)L)^B8ULfJAjb7G0AS5e?I50 zCpc^M9nhVl={#W^Mw4+1LBy@Koget%rD%BvEal5LvO~Z zkGdpsbUszTLTuk2n?m>$F=&G651PS{7i zaG_-}Afh4EBjYw;qmx8}OX+2^ohL{#-F!xI3-fynevrk4@9jD;auAH;Wo6?W^~R#A95h@WJg@1AY2`gF=CRs(CpL(SA=A39oIae}EJY3`i+R z_hJ0))o{cBycwp^{at2E1Ea>`LgPrU;EjI>ush(58#opJE?1BSI^TCRm^9ZHv)|9W zA$VgK(}cLcBE~QrK-Wo=Nm>0BH8y}ZUhSZx`P<$~QEDe|$algeUOP7oSz#j&YK+7J5tLu&xM)J`3$KvZNRD8Zz=;rc|rSuh|SFlXFgCJu!J zg9xaEybeB43c9_>EgySH3l3NF!1>V&EN7_3qKLy=eXIYdjYDBa95HEce>e3#VgK6I z_k;g_$_>7hUcX3i;4ib4ozA@h$rj?VBD;3RF@5~j||kn%=Xv@Z;XM1@9R>tUM1ZRM)Gy9p98NjqmK6$ zLOGT50KaCk))iq>5f=trSk+o8vz0R@e+aZxltW7Q=bi#X@14+)Lfe25;(_qo_r+D9niV==ly zbNN_BceS`TppNPxR)I#sse*y$)TSspOfw4Hwqri)6YNFUVv=V8gp;4HE3?1c9!qJ6 zmO=nA&OGv=?7^;>1RsLC)Xf&wrOBWj8bLP(a{vbi4I!v&&td<;7HUp^)~_F)oB+V& zy@ZGBQ2f_6sMa(QH{b|f#2hZ*{|8xa36+|7XL+J`za-FBZUCm)VzT-Up%lEAxC)v2 z?RwcT@c7Y}OHL>lQ8*h_lWf{%w!-x60_5f}T=KPU0A@%yH<<0(3T2Zm;n;%VW&yI! zp;j@!@Zv+Fe9S%&63Kp924EO696Wu7ti(o^Q!El1H!X9<)|+EykUT-2+wJEQH9uSL zoI8c6II@;{JX|XS4avCe0(3A*74$EpeBXLm!_cOb*$7J-72}dG7bNFHd%Ks#;;}_{ z_^?(T!QBkD{t&Vo^QpR-)wEM6FYcGC%@#sqv?DXC8^j3A$L35%d!$dw$$(3*BSj}| z<{T$hQun^VIf#__R+{kQ+70^y@8xi+I$C?NX3-FRdr9b%ufF~MrpTAseD*|UJI74g zI2~+#j+G!R0Ae7ceh5x7-c95Bvx=Sy^64zYvJ^;U%7W$w(P4L7mx3S?=c z$O`X&h#JlnzvWaWK2xS=zIY5U<|q~nV;1+6%PKj-Cpc@*No9Mu^QUMUghg>>xLmHj zvU@)=wl5VzEcAbs3qM&OL>Ym{rk;)iMQqpCHkJ%J;v7x0bbu%i7`J*n*H zZo*SsM2afJE+IzzZNu1 zK@09nd~!szw#<&%oSa@YJIqCM)y8Cn<~Stvf(Jz?D`4oFIPfJ@V)>Xms}Nseq|$DR zB`S?t;F+8I8+M;6`KorRR3MdZ&;lS73G?VIj8^<5oqRswT|fz9<5&}ll!$PH4O%){ zNS`(2`6?ts$|(nLaNsuvWlQwqxC99FQ{NGj7+}Khh09ZH?t=>7PgUajju{{!f6843 zwbNq^bI(yM756>nys!j(;K}RLvS`760kEoAo|s9fKBH0n8>TW7O)pK&zr5o# zrSy8At%um_j=nm{PlGbX7u*rc*^5fdLONG@le|t;_Zkk`ic^qJeH<&k29hz@(UW`; zi01Y|DrcH-u=dy=Ua{hMH43UzQ2>=8Y2S}8YpFWLb&=L>i4F}bmwHFk#JDk!LPbh( z8^YvVK;J^kHab**ci|4nXG`}z0g9-F1*4;{%eQ>u0iLySajUKh+6o^)>hNX${H%l+ ztcWIGF$(3{#k*4l#4Vv#B`{L#vnaId?#6&+D#Wt(@a`M>BABZpr6JYSjH9-4JOA$h zmd0;{GVQL774cCM!i&Y(-lPT(t@>HH%t}x&xA#M6*nRJ`k^vXuJ zZ3O=wHx+J~QuxvA!R%AHAa%|z)KfoBFur&(k(KQz3)SVfeDb0P*)57|IC|wtK!Kvxpna82gVA4u+(h`v35Cp)DTue$mE0kPRqpmVHZi#qpLIqwR{MIh=D<(3}xcO@$DL`pzSU4#u_@rs0>n9cb)wg2$L~l zqX8G>yx0)WQctn-`GA1~Q{Nv|WE8-ozXKJ>W7;Gf?|_3fKx(-X?!7w{mzT5dA$Ip; zb!Vt|qHuMrP0x!4*iIec4u*&;gor%V#bpn%H%p3Ve!zI(3W=R3jY4qDt$@)Vl#Jm&QMu73ZOJJ3Y;zB?q7*J=VE*M zyBY16(|h;7&FIRmbnItibq!;{1TgtY0oHhqt_~CE#$fK4yo=-p%fi?S57h-3*nmLo zjVA5X3%#QdikHc!*|bUL#F6+^C$uv3O~B*=8lksBbq`B-xipgFj||DXnOx>_tmGMG zA4y#m>*hgu5kUX>^^Osw%JAx=2UP7#RQQYdDGcjCh4xL_!fTXA!(iiKUdRKMRd)!r z2xPOh?tQlEG(T8U&4zb4ZpU}U2jXdlx3hVK-$vy=Mmbg~9G5yTaCknZCXe=@!UV3g z%mEi_CZfS$E(;&xeghTf!XjG^^rdmf;HsazrY?rz-~5XE_wy*?FW~ecnNB-*;dc4J=tK_-2inQ^VhE_8JJ`h{ziV z+1R^bZZ{|&hHC4sVagZZs+spHtAgxLb>p9&Q(B_p#hVIm>G|MGb$k?1E2G9ba0Q)* zyHGpjIeu8f6yWCzF&X0VD>ntyPXf>R0ceyeO2U14~bqp64^ijisVz^_G_aE1p>7Q=x}+ zdv!i8^j5m3p*+iD;N$mMd|*DM!8U_1iNlI!pYAwZ75nLHX~XF9=^L2{ebjRUv|oG$ z9N{&b^GA+606Nd?V!_YrB|`ENOn(0V%AoLS!O-y3f8T+HyR?|@V9^Jm(vcOzH3+nL zI^gsEVCKMT6vn;oYQ1$lfyR>G#ey40?s|8}*Li!I8R2uWiC+4zZg`UA?GrIN8274V zJ%MwDd%ZPZcwHz31cx~s!JfzlL4aOtmJ60T8j#rnb#7^L!mTk^z`#zzvf8LNYZp?C zUxIFVp3)IY3!Nr6@YJdjeo6*KD`UM>bJvUVas*(r$MGfgMfJP)`DOA}T-`j|=9QJ3 z8om~vY1X{MK%ChP#O5R?>U9zM1E_nZ7#co%ieuCnAEHC2{MZL?VNb!K+639hZ_xGp zr-zu{r!u2vA!K9bg->>&6^FOwLq$zvpH@8n0J?5TBzVvdsYWwyfOOlnLG;JouhDt1 zC}N4Jn=XLq!iQqY7GlD67{bdscb8O$RrZSX7;Mn)0)gxbj$aQWzW;vxRm+!xlLm~k1CWF-f{%3Dkf4dn$zx%JaauSASVH&lo+svN> zbKq{TE#@}MDE$4!?s#zBmhKw%eMDET#~)+~rjmTKB)}cNyn-bD`P4$NkCi=1RwaA& zru_Z)ym0VW*^op3zrL{wto6=V8|v^^yvqdpD=y7>s}p=8!+jyYvtux_n&^%pkivbu zMj?Ptx_ya&w$u-sQUZuv-cC-?IY$c_69nK>Wf3^npcBHY1pb7;a`qF11^~e7I+iD? z>vwr^zEJNBoEv+0M$4%)d+s>K6m-#Wm}2*$JRn(k=AV4A~mL3h>ZkB`8)TGt@-TkROwlY#~@JRf#R8)5ihpO^}^Egy>LF>sKuQz9w<0F6YLy)fs1V- zq?a3<%)fn>9ChY2}xH!LqZ|Os<@DLam!)>SZ_q zb~poqdqH=QotybEWvk`Q|D%W$XTV%V?r3!NfkLV`ZQKBtv;?W(y``9G<$risud(Ru zuVG^x5v_R?%$p^h1toL&kV5CW15(Gw+FtfP*w&)It_%G_5A-)Zfd3oHY-{KCY!5;# z6J;5r(W7lgr>6BL(dvG1;*6gn*8+lMFt1;Rjj*Szt{uOnf+prXqSS7mXS?BJH8y zpUeaBDDTV6&LD}Xca5VNBMm(HJhLYdKSF#Jn%gz? zPU$z^S8%i|O^eiNF(}e`-y^ptBpMfB3rag5tf}l+ZB0or`;~@<2bd?m(aPZsboB2! z?NxZN2_MjG?0R_aimFc%Pl2>1=X*DGiZN6T@|llMn~u67k0ef?+?1;D+u%xjuyQSP z2c-Q)d9|+{!gwKs$w3qUr6rrd;3qULp}JvI*CBPiLC~}rU{2vX0u^S6InEROq$Yqt zEeVy3t}Z`$!~1-ahN1mEZY$4DRRuIN8c2uXnHs#dl`s>&CZOB>`&-ssh*3 zJnSJ1;UTg<>_~LyPAkzt~bZ2|veWsu3x83E4CV)o(8ak%lIKJAP-U3s*fo-uB(BRlppD8LKE+E60R1&m{T3FtzMBaUL9_#zRwU{hMW#sxL zt8O(o;ngvpU=qPS2<5{s2(VUuSK^3Jj~NggsJZ86RXyBNS*nE<@dE`D?4)E_7pq~n z^xX_Yqnl5A%o?_?;U-7jG8xG{Q^+c6O=(YZ7jm;ZVob+wmC@#=NAgMWgP3ddno7db(r zvfrmccT`frUAo_&8+gFga3PO@Z2*HCr9#9? zd%7?WgLOtvvkSyxd4UF>MMPijoJbi|BFjeSqiRQ;NL$w!q8J@o6_G8YyfN06P0QF z)m8KV>0y6Sl1@=;N33AFos?l8KwT*u#!DAwnRn)YpfdV zTLZ#Vz^nnicCRH)EI?H-Fb4Ya@ENK%l#q78o+63oeMGB;2$Cl9xB~%NgH@i<+&u)# zCk20rwRwOru**dXdi_9E0NU*xcuznh{fU8g5cQ4#0AI`c37S7ao~`a>W`&eh zXupZILb%c0>agAq%UCQre+EeCJTkZsS%6{x)~_byx`x1`A;NJE?5X92kpC%oiQ!T? zXthv_dcdO$gb>Gwk9$tPwk|)Y-LaI|f0wp_+THMSFD2U9x6 zn{V0Iw8)}S$j$iQoak`hMnldkz+CHUpsW_}!PiNjAGi(Ruly$?L$)$k^@clBi1ijg3~2 z@b9qh<#0e8Sqo041Iz~B71%f-rXDti;>%cC2NHFSZ;jBJVazx?5U7ro>5-1ON_eg)-@NDA;eq91$C z;pBF-;!yF~5s1%QKf3G&cm6x`)79P9Bdxlf)tVU2?{TV0ZtO=P+G-RJI_k&{Ix2K- z-9`8Yl%VO{mP$N{pe5PWda-}&GJZ5vH9@pa5S_0G74bbN(l>CaIT0o&pRw`wM@cjz zbWpJ_kZ7!u2tO*zP8N`>E-AY-fUJNpJ}v|xlkejIGU;_|0`4 z96*`BaRB5Q5&5tvE?IOT5D#rNKfqt~%OQ`qVuI9qFe1F#>fE%CwCwt@LMOMDbQz4R zu<+s{qY9|fDtH&Qezk-o&ViIg0X@>$?#+-D!QL%801;2FpPr@@Ozq+gnfcf5Ly{fajWa zpE>%Lcn-WSPw(LO3I~+Z?TV-_crKJ%;on94&IBsC^*pugWkK`?MLl}ybC)JSjGU$I zh_0qu)T0pgSMCB_byja$g;C^4gsP$YvM~fip_7s0Q-y|E&rflFV#Bq`zR_IC`Qq7k z4Lr;U@^@yhhcLEou-R+i1$N8v@M2I3)s#_P7s&F`s=Z4!btc&i*I^ho8aK6fhz0$i z998~T2k1uF%5MTsO@IW{7l!8+W>lbctJUd?@o+1nP zTE_UT^FwjhrI9pGpM_&sD=U_DqKZ8EImw10EYs1#xu7z>$K;Fawt9mts^A+#Mirvs zRaB3}2D_&LvlcwWuNOkAf=G6Gv9~IHdH`ZJt2pR7Oync7o!)8*T>PAAt$R(1=1BW9 zn@_xy3>egroaL)!M_>l^=f%)EJw4z|T{n)3?WZ!O)P26GK@Z=o*!IXl{n@a%2jvLd zHiycRv^cBcl{Fc}9D>wc8I4)}+YZ(hacCXLYnh&d(*3wO8X20wk5ik#c%8cEA^y09 zruGs1h`GX!)pyzAl7r8Pb;)Wxa;h-Ci|DB75X=b(5j=Cbm_5j?w%t=aKr}9S$&l1WE$WD-&)bJ{ zoq{*mX|QfasyoZ>(f0=T%UHZM5uhjW0`AkQ57#cV4A@18k+7+hgRA zORwML=_81s==cahj`0%uVqFTSK{=dImV zHj-HqGe!E2c41AgsqpiUm5zX~5!sPVdqRKo0hi#}^pcg*lhG_e={_XON-E``aj)HH z+2k078Cof#XFFR@%LgvLR1WJgA+C0DscMen=%yuBNOwvjcn98iFJN&H6ZUBCS*C~E z;VduShe(-+k3@tRk-K0Hq-bv=D~onRQ*Mk+4K;2@?ou|8Wa)4pT<0rrZ7f=%u>r$? zeT4xwG_1-xP#f(FDwWB+rlwfq44^h0*{po%9SR&<@v~R&Iiyd7l+o|~*WC@`IARLK zSaGx}%__S{HwIAz#q>h;kTenc$|R?x_zc|fJ;Bz3rk%y1MK^NzPH8AgE*51{Ho$49 zP0~OmM@3aHKe3mYUws4v7TfI2+r^y&7w#+aiP;{M^C@rAg8OOc&MS>kbkQ{tIwn&m z2FVz_uHbN-KnfV3GW+emTcL@=7ycml;CjQ|50-s-Rzm+b7c%%ZYGE$zM=vz~j)CQ1 z7#R1J*0rYWZwx%C0%*_qc%{E4h)Iy6GX1b7UsbC8EBM|;AV^gQX^YobwBM|!4J~M= z&!gy+Tp{%SAwBIF0l3~(DEMn2SzZi6636oxmx5ou@+<_P1_dD)&NRMYu4I;G7D%_F z|K)vtuOPu=dbcja;fpl>S1 z2U^Tiy=HKS^Vp2#fejIagE1A^sZ`2z0(7%x4E|L$=*Ek|r8%}6Rg}Bc7n>~nMbMBqq-9@VzmqzLB+ilUNW!drxf@eEkD&fC773+qp9wkU;&B2Ah_Dtz)t$fBH$H2Xs#4|%UIj>^A53~@|S>Vr~-l!%TWfA;V`hmcnH5WFK;v6)}hd2t-bxjFT%q!Qy#d0iH zK-@eZssnW@NeJk+YUkx^e!9&mK^A17@ix2J|5B_SV#?c1g1!~@ChbQ?P8RCK&90rH zk2FsNn7?QCkWt?pTi*I}KKKG(3p?~gq=DX|s+BT+vB~RUrw3OnvgolqO7-SNBH^?1 zzDZu-l?VPWZ3E$TWYdq7xr2{~n0yUW%k_8byaJML8$udpQ%zI*fxTzeGC}oAD9{QW zt+d~SPaaH}5#K2GY?y5CO+h{^xgdTuEZA8>{&JaqH=W*ld+bl~*4n zDq<$f4e3EjFRZ5rlIawA)&`}qkeMI z_(}2NK8HmkapL$X@Z31w3b**1_Zaq0(fZm*xi1#z&d}?cVB-UnV&Va6Sx6dW5h#m- zi8*;Vg(L1Q02A3>4j7o85Yu_Yag?UJvkRM4Rw5GuGw>AcEH?5G{G7ASoqKwOCUU9% z+EInt?|?<&qUh`)kQ&;-15Ha5J-HEIg#HQOyV*_&Mv8#!8VNf*TbT|6>jmAe;gLMQ zJ;ErFB;Ra+{=!B_V?)E*g3O}2MOn6pR~2+$w-H!>?m5w~%cu=ou&kgL;iyCp16jPI zY{Up*;Klub)oANCuR^?gK&P*R(2UQyj7TFZ>ca^0_li+g<6RbI$D-9_9L@(ce zgJWDbWb#wuoA(1{g-3vf8PmC+aC|Rki|&LB-SNPX=_5ZV!JeZ?$tHvyL747ZfEK_J zew|b!8h$UjwL3@*hM z+Jmvgv*nR^ZIrHv8S!+VfFv?KD9Dj^Tosi|#Y*4VV=J@ujV!Ny8 zBEjf+MPHdCxzyqoQxaLz%+PL6-%iB{t4`QD5$(EkdF;rVg>)`~rmal`Y$16un2R8X zz$9A}qn>S%2fCxVSUJ~{hsLbErlF>Qq0l$o&gTHE&yv({w|WP<69j0K5>NgAOZ ztD7Bx&6wB%a$J`B5ETM&rQ43sGg9}{m;yyVr`qrZ<(?*4dX$Ah;#fKwvp-rfw1Ta zB>zSzTJ~LRN!5$;@PiBF%lP-BU9lLEu>5QD;Ou#{&$C!?jCcJB2kLB#hC@d3KRNuY zx}UPlo?W*;UZ8eIG?6qDc?9$Ey;R4tj!&H8Aq%HF9wNf&>wYnscnIezO)Atm>R)q* z&}q^F9$F-q!)G9m#MweL2jk+(mb|(Wn&BaBnKiH3kuoW#7j~afV5#OC4(t-eTho2u z;>txdUVAHld9FI$5n3nc;~c9i7B~GpGjz?D6c*9ucF$$VNl;PKaSeU0s4WIRBy(o= z`wH*;n{4|0m3>5|Ssw?Vn6mRA9YpLX(J$-9b>|Uom4U_p={j^nWz>#4r3SEnA~3q? ztnxC;W1M@|mg5_~eN^rN9jAsrPq={}G`v#l@X3n4$D|%Ztnd-&(DcM0D=Fp-S|nO9 zS2nOW9P8yTj)Q77$DeN~Vg0r3?9KFBN$>6r=}okJQYmwA9G0UC+9lrfYI!eF1JbSa zPd)PW=DQmTrw2GACLX(@+t)L+UY>tdeo&o7tn~RM5h58DMnxeiG{p`#Csso!H>=yq zyyc;A_hTP1P18OBi5(#oS4_qO3l{02;F+!+QtJ!-wul+Q^wZN!YYV|roX792 z?qZ*t^wH5ydfg@bpzFg#XbhL_3B-#&DjT6Zu^lKhH2x=p#%_hNKoYfYER`D+U9Gm^ zbz}5Rnt}0A$*h6;@d$@&2lCdrsx*3a-Dc|F>7*j#5iv-itJCxWy zaBM+BY9Ji&m3m>Xl0sp9f0s*Yl}f)z_id>$q!mie$yHU*v38o4g1$VZQI{mMq-P`i z3LTmPRxg;B6(tcG^>xt*`Ia%_g4>-W&U#<-{a^@BfL!qh-LsEHxdNgWzQB^%`RO$5 z9!>KL8P;aK#*_K1yV#Wp6dfa{xge%DO)AHWPJP&wRiM_(W$MoQ2BZY-qD96-$dSPv zOWS%v$L4jG)5jWi<|K3qWm+E*992yQNJ*v0RDWx%FylkUB{T`QJt4-2*a#L`w53vn zNF#B~+M4`71GD|8Mw?ZdK6Gt`CZ@^w%<$FMmI*md&XU-Ajt$gp(49-+xDZ92fw@>- zZ*DDb$B>+s(8NEgt}pBXsB0`xEXg z=+TG=&ETA&;66XT&yXjmXQ>U_>$1@4?RFuwemRQztbWXyt<6&P``GDd1FX4g!217v z3+K_&Wyrah2+msakxaM2!1)UzD#uk)v3lu86Ui^OU)yKgcX;S_pp`GRusIa+1hGp{ zEBn52prT5>`@9wOTh}{?<)dE|5Xo23Vw23Rq_Zvmk$#ZjLx960=5O@<-Ulj_J^^{i z919GIf8s|qy_w@s>Aq%JSNY`THVt)bu#G0w(!$G=h2@Lsig&mdVE;KGj!)QEn$u(Y zY?HvhVz|Egf7pBLs4BNM>{pPGlI{?Ykd_8XLFrOLO1fc@N=wP2yBiVdUbOTgq*IWR zZb2ytS->}O@BQv~zh|Fu{yt-T|1cN>2CVh0`OJAg_kCTzD+c=WzyoN&e2keL8lr@P zl}wCz=i)*()<*U!-E z<>?vq&d z7*~KOmpP}G`=7_?bvwaj4H(kg1);^u$C!2NhUj}Q+vx6c&-Wz`Eq*UDqF4VBQ)DE` zCWw2`2z8^#y0{0gZHRqJOzn5cM6#~%!Ct_1GPlft!UqC5wq__7BMVTI_4!09fOpL(g-k( z2lx85m-`3m*!3~o`Gnl#l+}9LF6Y{23awLY{CrbC`Rl~SEMP))Q5&;h*!9dP-m?Sh zD@vMIbcA-jRYQwj1IP!qt_n%}<|#62R~v$DRX_S{jp6`)F91wJAC(o+%6wM7(mC1v zY$5}b?Zuf>3jG<8!5T9}hLly|+PiD$pK~+J-N&|!rj1hNX`K0qR+xwv?;0s7v1 zm(EyNkb{qEjWYUgca8nJ9p?BG_?)X8%3bGn;j)jD(kI3%o||wr3)L;qsgrwk5@I>f zC=hQpURSkPHzNmK7=8EifLnOIoHE4|&f8Q-p$`XM{_1^k3QR`Pz%5@LW7!FhFGcQ@#Z=4G~%e1Erz?c zAXSP1KU~FzJ!;5Y?;qJ{GrtNAZEt62_v`ni2JqVq1C0W*I>u<#J-R-i->$YGol00k z?X8T%NPR;w^_2ybt-+2(ERPEE1&)|Gf5g--n9B2}PGP+^Al2oD%{10!c71PQC$xbX z7gN{Gh%?Pum~g~ZcYLTk{Z;i@$P57`QF!D)gZVQ>vgqQT2$T}{=E};{ab2w~uqZ_k z*AUO@*!c8XzhSO-)#wl=Bza%>;vHOV$l9~IOv7|tCHok!HlMB;sms)sp72Mk>086fhm8b; zO|}jibjsmB-6!H1uJ{VjOg8cakOBhEq$UrU-RAfUMk6pI3)RtxkkArZ?iRV(P&XGU z=^S7u1*!>mSCU_satM#&ZDi~cu<9kjQ*;mKR>RVJiDsvevU%D{;6UMc)&Y=6>$Ac`TB3oQ=uA%WP_LTNI z(}+|#9>tU6<1YWw56uenxER$nKJA$#Man_guV7PJ&ODwid zDK$yQaNA_5x_mD5^wW`tk22(*1#O^ecnPU%TWJVD~u(gEm%=+PdeYO5yvv|tY6Rl zNG+^#^D3C2PhoWQ;rDP$Iy6>BKz&C$n_ZIUi|^~c&utF7i#i@v)Ispmof9VfQ%;eiwCuXJ8H+W{g-1$ z)Pq$Hl;@Zg{90FL-%$c+HhWo119bR*p9oSt-yOG}GNkvaq^LCa*~A)4eIMB^5pYTJ zKS-R_u{v28+>PeCH=JIMuupX%9or>XMT&Fru(>n@ZPR8c;l9RxGg)RM?iiue-N`b< zKy$M4cM+i>!M5HxD$BV03rT2Z& zEIj&%hdH#VRV?u-U7?}ZVuZsyz1oVcSO5Bto2y!gu*9}Ef%WtK-DZ#dLa82)>-Z0J zm3%B*VnJc^Q0_h`s`p9@`XT2c&| zNaHq6Q*kP%uKa?bm2sV~+Ev11o=`(TW_si!H*x%3JwCg;G9*Uc^KRJAMl0PsbjMWYFG}`)F?`S!517!Y) zw73kFRGF8B+BgGLu0WS7qsp{)x_W5<(j)VBf;+gWM;8X)ymzR1%I5Cld{qQp+ta$2 zBJ8+y5{bDYbHZhZTB2)7Gu@~UBwyg20bf&Pd~XPqEE=*( zRe2#SViynj#&wRgCaTc?!;9La3@{6Z0(Wj>_-9`uHWA~`9CWv91So_Aac>voXHI>3 zG(-c`xw_%KG@unaO#d!;FmsXymXD2O!tL&a(Rj%&!hb|URKG&P({KIyP2b`vUZnrcIf9vGl`4Y4jw2K>zbF%}_`g5PSpSfS7BCbN8 z*Af6J?MvicT3SjdwLmnW1@*$qR>`xrD` z<06~N))g9Wx@Q_pcwR3#o^j6P$}6WGd4}|xZ-Y2c|L=_N#F)O$x&E(t=XYBjjUI@Q zvAeWhWd2Lb{hb#E5UjL7mV673~AtE~eLyG(@vAG=! zG&HxXCN(YpIo9~?AOu#*%WE+vKtQb}6&eC?P&<)YXZsmgf4>OCB`lGng>wBdx5Gm7 zAJnfq7l40S1H#wrOGE7b!1or0`*Gq-%0-cJn*d3_@2Q)w8vx0J$CMW!B<)ZA%B5 z;OGFD(Ljs1OpWlnl+ZU2WT7<*xDTVQ!1M-`gei4eBu6+S0Bs|txKax2AwbFuWfeML zO3VD&A4dM3N(6Lc-GPb&lbA&`ud+%ie%T!s)x|ZGp_ccHG6qD_#c7k-y4tu1knsQ1 z=*W${=>9v+V_H?>`Y8L_8+fG8CcnwIILjodQ=0r~6*PVcUG@f#4MCH@04JrBW80l) z3To3g-DQxvCQm;i*PQ2K3|1~G{6k#|IOM9#s`~=z8f;4Z=lri-otf*kDGR_%IoBE2 z$yL$vw9;DQ`lC^Ch9s+%Ew!BJt@NLG%y<$D6my>!F^6?;KpnC$cs1rkl8f~Nk$v#^ z90qs%5nDU8h^N9de0Q*BAH2-@!Rpq}j!6O(fca^$e+KAm*Pv634%#m6_v<}>?tm_R z3fx9eV%SFEFK8O#DVIEzYiiv?>vJH**ch%!9t@!O!N&!sEi`ntuC1axGQ z*Xz&!oW)N7J1~->X_+McF7UIj$-y! zDVmqg_&ToIGl6O4g6w2dLMq2|OK+RbrEoa6*n|~@DzpU%>Im8zA1cl>7#UH16ucy$HO0|ZP#M< z_E*hrKe8q){$e}>2?(Y)x&Dr}(6cpQI<~{_EfB-oz$7(XXh3nkG%f4J#Nifi>^&F& z%}j#uz5f2jc}(Dtrjh@i?m}a}rXeKCH|!zvlB?ofBtd7~G?4LfE`QSV;&2a0n|2Un z1jNPS7IyV5JN8FtNu!IE4?hw3`buM{3UO#zfp9#WrZCy`wklCgN1F>UCV;L-5PfGN zXX2Xy4m&$D{M(wYX2P|`={O^54{{!z=$9{NdTz;KBiZtQ_X}mj*zoW>^U5?#cPVxX z^9YKlj$i$#ywBqzWdw%vI(M^*del)>nd`^JX5lF?jO_e+8YvXRI?Qvit{IL?@C8$a zRt3V3oRgpDDJM=YvEW&3eBnI=`3LAWJKq1bi?ryzAG}36WF!b$`R1MH%gOI({OJEkhfFB_>VbX}W4!$2fuTg$5FW=SbOB1JEDDh$nd?H{& zL+#6W^WZ$v61N0GJ{lQJ=)k2B*+k++bkt31SW_fqY3g+J1b5k=hVI)C`@yN;#C~=5 z<=`**&a92k8xHKM#DM=!JMYHxe7e@Shqn|&HuffeG4SHpSS8m{fh0gbF>ofRWrFyX z=kwuQttk^?DO3$b{J&$^13sXKw0#k-_3%>zlLT9XPP*0YwRSV4m?iT|Nqi9V0Lzw+ zIo1Hn_)=0Pk^=fLoGN|a+ViM(>{I^y8f^BNDUGi*HUd-<)@I`55yYxc;iN%nG-^bqOqtZ)pY1MpfxUAveHT+-+Q^{TR13!C)6B;jsbs4RVw-C4n*bum^0bUE#U~5S6OZ z%#9?ITEo58K<5rr%}y*axt_f!XG>G)Q?I*9zP`MSYi7&UI#i|VznAd7?P@D8Im^bn zyk~_AShmaD@|c+d5DKU`$lR-pPxqixNc}-WJLQr_jUo~3EH;bhitH3791PZN^)0#m zS$MS41E_m7au%zQNMm+->dkBy6V1{qq(JW%_(F`36rDv5{OITI8FDWK-C<92-*KP< z`8pEa2b!hju5gu?v%K9`OJM0gN#9k8DmP7%OX^ip~?SW;g}88RKTvD>~Z1-u58 z({W~3+^gHKXEbC(%?cg#hYT8YSnU-4Oq$150t*#etBxe9WBl`!iZ?;w2q`j~l;8W8 zOmCy_zvJ@^!OzLH+k7g0R|nk(MKAS2$# zJdaFt2&!%q{D?~u zCgCMgFTQ?CO`p@IMPr6*o3mk+lDi5k=&SRw%|M(;XEmXNdhEXc2vj`gdZIO`Ma^*E zOU)&wKG?HB(rTxXW1u%bEUp7vRXQ9NnYhRycFA#(6v@Dy{u<5q$7=ztWj{>htbB(; z2sqOb!}go|hMVA23-8vRHz`=(rTvm?S(=JIx^0YYuIYpGxKrWgdS^)IYcN}$7^P#3 zlnW0yTbgBuc;V@mkQX8K;nm8$bQ&eF6-Na&zy6ib<&td-DlF9pbybP@>mgq8b zfXt&3#AEN!AaVY)!uRVw<11I*lOe%HB7-)mH_EVmO)e-V;~&CoTI4dk2R_jls;C~w zcolQzj_WpX0o$Mt0!DTi*Cj4gtcimt$DnT;UMa|N%;Fk_Bh zCG(N_DOE!6g`r1RhnsrCiTnIaav8Fv z#~+`8tr>X6J1o_RpO6m!F;mU#-n67dgdH6RKPYe@3hc0wAV$sFYaA2w^kMQ-D@ zp|xo=ykHqnIQ&x-HHw82wrFa?wO|_SP*isQJADW5ZszXvCw-DC*SC}vVVyKyUV|ak zw=?Hs_uD(Ngc&gQDJ@u{d6y}Z0l|nFb^QpF4MJEQIYgJ7(`eKRmaw*b=W)E~wDGe4 zKqrmbJAw4hMIBUoc2W1tI)DgO;CnBe6^Fw#%o+%S?KLrHttJ|96CmuCUq-ea5NsM9 z?DFGd%xI)129~D692NPIJ+QSqAHpII9?5FeZBv4UT&m9B6e-YGS!0B6dr_Xs*)Lw= z=Iru&-vH~_j=BCSR3afOwDZm@P{T(J9R9wr14NLyez;da-(9N<6o`QP6~aTRR0G#~ zstxd6;mNUl9a^?x`PFpUk$5gQ=-W`!(Y_&5lc;od&8>;x0cy?D;r;OzMGUEbs z0Nsw4)mOlUansGHI?|;`L_Jaro?~U-UJQvS)6)5mTo6L9wlq*FnB=6|o;bpp=MD1+ zOk@>=A-)X4(q9NT{dV(|ryXD^NI$B%{$+U0hAh8gt1-hyAaxd0T}+a(t%T4ioG@W$ zvn|m={k_jtp>zXR)gGzq6wz}VCZiuNL&7`Y>iN28eJUE7(H@p!v#R!fKw_8C%<&%H z+doF~!hg&rxWM4m?Rno)=T+?UEW+3WW}f2*uYMm^O0_D(&r#ZNM;}1ZD|OJFo_q34 z0?5+t8Vy9-YA#Bfba|40lfSK!tWFGZ@V%hx3{Dd_!IAk#wM7Ggpdz61o|B+QHS>H^`~M4M9h`vIHWFEjCuXvvI=kWhAWBSGmZk5 zxCd?n8FyFhP?_rRkDOH%jf%w?7DF3grJEo)6(i6>XA>&kOvTxNV_Jn=@3mKF$t z&-ho5HUuDU<`j#acG8s`zBf34H+OaZikp{YxjD^`E}0#UR&J`k$dMZbmew>NrS67N zI>50jj8#qUSASaoI&2ruqLe%K$E(TWNyWTyq5JGqzraJQYx%h$JnySdM77T}*N>J{ z8n^u<4N-Ac4gZPE-}k6Vb%)jKW}iz>ogn!M!NGVN9u5JmsmkY8o>kLFQMYrm46n2dcjdv`U0fu7d{jIfu7?j@g4`Y? zrP*NG?trCbf3lxcBg;h9#5?#Y_G^pgv`v=%_BP#>*8VLg8(Z`k_9{EvgInBUP$J5XZ{f*+Y55SQXvgLjI%?`t{b5 z|H_^-r2D~NGz2v+038T=x!fDoaUU5=b}ekUzd!3E0t6)S*uuTq+`XVLof-+|;sb>w zF99ya)v#MpiNh~IRZ2#A4m?G#S5VqeE}(VmnNiwQuepdy@y$sQ;Dqz#Nt{iJHO0s(h|sK@*GHrp0`Q*mlZH`OL;?Yv|>@_mo`^6G#$Y#S&mL`T@< zzRU&0DQ58gE}D;56B3t%d6hkPvJAn~XlX!oyjM-?b+WvOK9M#?aAe?_5N3TJ!<$^Y z`oV48zpgBvDz4LAZrnefjB46oWNt)4$P`R1#qX;3b;;q+I$MzPZb@LHt4gOBXP6KM zv@Avr>APddcTz>OtD?)?rtVuHzsEV`I$@6b=Jc!E3AFHDQ`C`<;1wm6WkRo}WT+I| zE3!XRYe5`@!5xPoJFTo1Q~nFX@`{70%U+eL979xjpl03B&HMS|s z3pQ)YE68Tx!Lhu>9AoFC18KR zOU!Br6)k6v!>h6BdmX2Co)Y#Qjrg17A&jvr@!#xMdY9a&NHQpGSBW@JYK3?xw9-@d zgx<&f&@v$?afltCrrLGbFzDcgZy!w16nAnFA5xoCqE}1^6llK-ocQD|c+LBL}W-*x3@JSLbzJb;12S^a*sg4 zSo*vco7{pSNJf;U>ddmvxK62VRrt>$Jr}3bk$d{B{@oq;U|&Q(qu&C&G){SYoUVml zpcA9Z)T2cbA=YJ@uAaZZDulI1!oAtftfwZ*xhqq+@AM4015PP?P(31!wHkh!d5{_W zz-a|r72V>ls)48Zxm&g1%Lo%r$N4O1lTdYbU%!<2>pzsqH(4PM01`qn*ZjX-v6A-) zXx9S$qI3faepQnE89fEMn?#??Upag=``tbL>ksUqO!J$1DRMMM|3&=TdING3w%%;8 z{ujIEWAv?13o!8ExsQf2-3`QQXt9F&;Y^gH-o5khHjAUM}@lY}5Z&0+!nM zk@4PF0spGJz6biXxwy+ER{zp;#q%Ertg;7@O3Z&=hJRYLj_Hur{~6k4v_t^bGTB7BT$Z*?j=(MWPUdod2H+V0ibClc6r8pioSJ2X;Q6f}Wg?5D7CeWA z2ekg$VPh+Q3QS zo5W?%ErxzmEhiUcdg=pOzr;$*kAB_sW`S=lM@@_6#xc)H17ajBO>PpdK*PB0>RX#Z ztG957@X#HTnebHAcCI!+<0ClOHpr-yUN#nz=%T(8!r7Vz(UcCFh@d;bJ!j%xCH* zKFso-cZiMUX6@c?n7IeBFp9+60ogj}*yYfPN@m-AHhiYGCxT78zS%Q35K_EZ{}5wT?7a&VljiL{1}a)NI5nm{~iYfVf8H7E_;& zs~d7KEDBp=Y?KPv@kgqtE;X2Uh)9$cq7s!CP zC#C$jU#O;4tFBAVkBykFpBwaR2wuW7V-K8R^1^&HWG%;zU5AR~xZJxm;(MO#d+_D6 z@cT=bwgy!`G)yeqh=D>}E-CQUh7 z{CW&iU@d!voPRn)Nukc?hFjn2{Efj0mpkQF-+}208R}irRDY`D>m!M4-o?}yMPb6s z`yWR(%e^B&IUpe~3%ly995RUBfv7iennlB2j`0#EP3j~=w93^f*9a-f^fNE3YtZjL zD-TH(bOZwJAr&W*ozENGgJxvSl`B`wlmT5_Gvcn`33k|oh;VYcl4#Zh2#;}yf0Z4| zkt{HIB$%1A>U)$Bf5x!vOCG~0qooA1uN{W=+hUwjz*ev}JZbXdyqohSX!km2GCuvd zD}4K#W){wD3vD*2Ww~!Jc>NHIH}8bLeC&IazL-K*=VS^A_x?_#$A=36N_pu}sMPUt z#{^nacNdKw!@jkflqeSFFtu$i17BwV&yp!KlMg1}s&Lp>>E7w15dmt6iil#6#C_B{I_0;w*BeU>yPr!W6JoQy9;)dy7 z%J?8xs^IMr0#RBo$s?Gqc+pDA1wp zMg+1cuJpj{34ie1NgY{13O6jBag;2D7gl-DDj}a()*V%wml|(;c@7QIn+B400kcF2 zG-(G_0R#SKF6L=6ia{EusYgD2NqX9-BZ1_fH=@&mYU{drzc(WI<+m8BwDgZI-G}E&K!jYQ7tZ21y8nwQ7#}h`27UAx8#sus$y2 ze!@FjSU@k2TpJWfxj^zr*s?oLxXU-)tXTBaf@UsmAw5$Xo-kfn-F><|gtB|;c~l`- zlIBgGC6gQhCi|p>MpGL$fs|Q#W?ACUw0#lZo*Al!BinV%%uXv%IV?XX`i^Ge;q@`= z>y}EdjP@mLs~g^cIYXdx{|%rdBkY|XOx~5!W#6AJ&orZv=iH>Lm&&+fI+3qjMcS^V z6Ur8BxVyaw=9+II@>Vh+OfcoEW3U{d9-O^3?Zb*OVyuw^Jd2%HOQ}F( z=HTdHC<#CJC*^mn-ufX=MIZejk5-s!aXi@0Y}I|SY;ugf!W))(abGw;q=Nf(TLeji za5w3y=ea$P;$By_hl$oAZY;#izlN4ml%1d16zaYsp`=gSL+`uy_Lx!6du42(&25uu z@}rw0s_tvMGqZyY#}YSq4YjMhq>!};_x6pYVE9&qhz3l>XK8{F<^P6 zv}L&xTk6IhNYLl~B-`x#Q%Ca0ID=ZB7e>p0b<~}8(iWz!1opyEtPbUOvBie__znxWy%;pv!dt2p8<(ZtZ}`Z`Se*F`k$C_8lxvW!3p=0f-~}r5c$z( z7+GS3QTI^W0JOkqEYR~101jr}Vf*0vV45mECW4$+(8+w%h@TOw7t30=K!)0duO|ao z!vR*_=<|d76l~#%F4zxi@@3OgEeA~JqRc*l$AMu>D$cdfB=ZKsefXeYV<90N{^7u# z$Ntd**M^M!*g&x|z>DqTd(g7c!lPr$;I}THyZB+UP$x94@D!tlZW@`08WlN< zh7SYhSUB>SX{hG!gnhB;jik|zLY^U8cM9U0*vPGziiuJg-+Qbdj$n0XQo1heyQ@7r zHZQMJ_gH9~Ay4KF-Uh2tsQaK(r``5g{2pBv{!8QU#iN)92?3gca2@I3&vf#wehsbI zkGi%T^dE36h5SGe2(Z;QDW`+xyOk)fF$-`{~=9y@9%c zQ#Dvx)#4evipj_(TF=5zuTo??rOsip%Vlyb5GeLQ{)z>1l~G=hu|CG~EFrG>X3X{)g+Y&X$h23ya3G9g1BM|Hq{OLG1<$v83e+fCTig0KS{}xB99y}M)^1Pb9sR`& z*S86A*9Sj!te4G-pbC8v2vx(YP|Kmc%PB0nENJLw?uQjD5wdg>P9=LAtBTO}{0dl_ zKuC#+pQXqhcY2O=77VB}NBu5k)msZ-Iyec!hxrF`Ol?S4rB^=TNJ<%buwY<(aUb4+ z!&kiPgw$VT(JAUJiUsr38E!MuWILr2-CP7Fs#>{aHZQCuuhu#sai_pJc=_&pxb(;@ znhJ8gk9%!&nAN%#>r|`|Vb{`@+1@ipKLxIiAj6TS5h1g?)&n(UXj(bhIzpUjYbbt2z}&bEZXA@d!i0np>WVh?_7DV<{JA&sIfCapNIzosf1YU0-Z6e zTv;r2?CteAlX1k_a$p?8<0PdN<4<+e$f%i`$a#C_N=I#G5je?Q)_UsIO^Q3?*|`NX zR3-)P_VIXZ&7AJ6&+AS-U!9aic$2>wFw6t)Q=lIvj>6ChuX15vPFggQqF^@xrXZADPrO$e;QV@a}7ogF6$Te3q zd`Me5#p;%8wr3VnDeUvaG>`d*zSS1QI)7-e`c&w-te)^F&hF0#Lk90+av=Z#ZsqvM z>E^bTX*|E=xN;zQ8JBvGLevM_D@|K=ozEP$TZ7FsLpm=c8%Z3POo*HIl$x1(L^S=z z<={T~@L5UqsH5x!u#Ing=JUm#4IRD3bd=sGG?o$JiDIX*vP~-xHp6voE`P4Muaq(= z6G`sSIvhl)r0|+xL<3Lju2Q1TsqK5Zf?#)8#z&wxeGn zr6lUDDN@FYd}UyzFcb)dK0*~W?I`N+BI|v{OY>qnFIc>tYeR8J{Nd&&ymwDJ`4vyU zHM2danW&5JYHVkZ8Fdz8kTuT9143&p1wUpbKK<-nPB7#u#T=gdfcO@0)UW6DgJTkN z4=;%;ms%rF9Xye}z2g{b^r8-xfUpRkMp8%ACGtnxJ0g1&odf56Kj^y%--~+R>J@f& zUUr>eZ1T8UFh)-f^!mpq3Hip;jRheHKKB!WF0)S5UBQph&oAB@Y5aoetcD-M9;~`0%@5}ES>g}KH_r?eYd zS%lbZJMcY@7UXPHselJ;v$NsZ&}Bo9tJK zw@8}qbYzu6t(KKTHJOu?8lR|CsCjLASS-ahuw?d?3SkA+-LEc^N+sF&RArFr0M@-6 zLAzgwXYs2K;R0BnVGt&P*Oj>4F48llqcQU}3kG3D%VqBmh=Pmkdguso?6s&$8*bZi zk=f=*-KNmG+2*E!)A-%j7)Z6sb8To4@`*c1X3}E}igWu#Z*=qJ5PPTZHnwcjkAyFR z@&O7Gicw5qHr($pAyqq!73spn&R!lM`O?&%#;RiCaN4in5NP$Qnx*m#81x}YcgX`_ zb z*CHswd(AT))REFhRzuL#t+JRXE0gBCsxNYNa6Z2U{fukngQ5i72u_3H=A| z(Y>H4uqk}jsq+yp1j5kKmtv<@yU9s+oKIf=VU(m+SdW>lr=)h9RjC=rh319UH(_qy zyVjo|&vP_^4MS;Xn~1HZm>8fZbaM)BP;#D$eq#66ore?qFgFyZF4~`lFLuJvJ?u5F zx3jM>&V`=9X~gh3LMzLR@f4e}U5QVLY)+=fGv92R-KrH*I;rcL!Ly?aB;)#789eB% z3s>Z<8CofcUDkOorm+4f;a=wO*G>@P67$3u`r6qzoWKZI20K6MfP&T|iN=6ZUZ}nn z)r|c`>QfgY5+baWdgKw*dZ&}-sHXiG!L6EIEBO6LkvNI#8d(v78#~(fX!iD8}Hj#a$k;A{20E47)^t$96j0EPl0sdlZ zo^FnsrS@o$1OshSFfi)E{$5`w zhoI5g>i!YH&wb}8EUbZ;Rg{w30kxRD^zGXvB`dux3s=paHZ2Ds(+r!5>S% zuZZ;=Q+2}Q(uW?OzaF`&4-g2T-KsiiXASKtddIP7bn`JoVHuY==P;x@y>lfV!pR)E zc3-2}LP-7U!qZ0#mUJPX1FOl9Ys9~XK9eWxTEO&ds!hh(V_1ji+b^r(*h2xlJ891% zR5ZQp;pD<>3L>1FEFT}?HdF_Oz6$Y%sGEU0IW|czYiH2nOW~vPQn>PHQJDnAov_i_ zgvXZAmO6xJwMw!|-6!x6i>TrZnt-ef{2||g;g`g^NUw12V>VLEwhaoC6)V|OG(D1x z`$m0Kyj~LZY(iSsqe6W~V5kmuEw%c?82})Qcc`(n&Fi`4d5x723KcPxN!#3Wd^z#S zX?aKfYBA^PunKvLBBhZkNSyG*yUT&nGDW=xQ){7}PE`63{1cOU92^I%l9#7rNiNZ2 zm8AUX(l*V?VFN>rhXT7TLmPOTAzOOf-R8#}zKKAUt`>DG`o7(OV1ZLbrG&$=9YoG?!u?^{V*!iaE_JTRY58)!+5CFMq4Yy_PK=$kg|-BB%O zNd}KKhF*nIb`p!Rk1cy4S*jc*l~n8W)(>GJD@?R1`>|i~!?aaZaeJoQ&H}N^)Rt#L zJlJ-lx<<(%7mOu%CR(owF?l2q`_j*bJXfzzcBrbGXXdnRYdR+u9}KfhjaGVIq>H`Y zd^jSdPjBGoel~G?_0x7)1jW3zz=}99keU_9H`jq#k(pGxVPQ)I-i4x=8srWYuSqr( zhclht#FD;^nZ=!b2&coOD!Nk#^*T_e_;f|T^5^)yt9|tA&?$KsDA}a%1i|l<2qH=P zSu1C|c&gy`-5VQjEJ@U=d||~ex{qeTyaUu`=*DqDOKXt@fSP?!A1<$DJ7LEHYJQd@ zOn>*9NpTXgXzYcxfNrkg&sj9-=|khfl6F`ai9-g)L*HIBXmW7YyoO}ioTMp1y&{5K zC(Wr9@c>kgZqAq^Y2GKy7?Vbun{vLt00Sp!;y5|yIhG;WPC9i+N|nX&--J!W71lZcWy>F8F83~ZzmO}3d!)d ze2|4kIV4A5smB+&C7UtV-`Wt#*W*9*j3jmjEd4avY2R7{(b#U$>ZOg7wjE0OfrQ1xl;(Il6ZQaM?&Z}5U zDvFDuRh)ar{Z5SOR;1v<*}dykU&QJ4)#CLL__coK_Sx-$OqJ8DXB#m*RoCe%b#rDEnPyq$$z@xTmL)j z=^oPhmEAo(>;HV*e=wl__*$3^=Au7&6J`E&Sb2gEMwxHy@^t=*pZ=46?*nFvpGPz( z{>8K+i83n-S^+0ji5CC*hkpUX%QFe}|JPRx=v1GyKtkfb{NJ4$I@P68-hT~=|Au|P zdjrO+R{!_Sf)DrqezJe9JpcbcF5^dI$=rbZi*@Z(Q!zXKZ`LpR(L9vq)(9X)`@Ya} z0aE%l%!U3)-j$6Y8#|xuQNb2>T#__lZQB>Qh8Pk%_P=W@ds;K%{%<>h|1g8v?m)Y7 z2h10YvH?|$n$Idm^CrRp5Cuh?*W_L_@czOS>w4EU_5!UC^!NTFx%lgwEngHstN`Fb z5NGjzV{;^X5zyBG@{5#HKZJA@po;8@7tJT>(#q zL8Xy@-#joxfiu-C7X%^epRm{Ev4gHM2<@`dSZ*U(bUIvZ{7?0^CD)J0#r4yRq5O_mwyVLlu!07$xEv|S-Ew#9J zic7pyAI%|XT;8P=7%Vmd<4wV-QXRs%#R#%0j!PJC(R2D3RU-g}#oja<#Yp>K`A7nz z8eVcoF-;`!{jh$%=x3`yA=f%9)!vt_+)!2N(vb{7ABHZWwxj#+gSdo!eFiufF!BLA z6%C#@qdblBvATlXnsG5me0#zIMYBYGc#D?+0^)BJY9I^EGq7L)8meglgAQWMNfrQI zyYny*BE)Vr!`^4LBl4h|&>}luQ?`E|cG&)1owU6dV5*~OyL8Jp14N|=E24|o&5;vD_WXAdn98~8zmSk*;v-k= z-l&E5%OOQP;c&}d!RF?1M8 z-i`WD3YPN>Cozcx7^ki(B4!iLk2Y7WjQqQX@9I$>$g82*<5N8d#f3`jL14>rD30MN zs}^7#w9pjtU4TM0-{{bHlSD;+y${Y>8X|AVCp zETXh(1zc}YCA=iz2ZsY(rfSWnfp5qW0nzvSa{VRV=iI;5Casbv6GheMTLCz>1A&%p z0362wH3gl^-c|Ha4vf3WOK0uA#^Px}H$g4tnQ+M@^!V6h_IV+rs1e3PQOb=`@=8e! zr+?mv{x&yq-qO7>$^iVd#14}zjWmXIBW7=*w6cBWg3Vsvn1K3Cpdn&GJ^$Rp`Wsa!-UK;y(MHsp{G4t{I)-wWeE-y`27OMPu}!+!%9 z*hjHd&CJe7vbQ|MLh0&rQw@zk8CJ{J4wOWrrm;jbs{jv2tRO$`frbM_#n_7nmHVEv zKd4Wp#-nP{`Zc!QAz#Q;6?zdd2ST3c!mDZm~90!Z62yHR|sAG zeKubZbl`(6ETTxBMtt`QHRH~1yJ{3e>QiH#MV|`}o)3c|M^=F^O8Br>-rZTiSG2$z z_nmHJKncYP6QhNq$w{L80&pB39+_Wn5;Y(H&((Cr12Da%^vZqAgOThy#P z<1Clfq_G=lfY&PP&=`R-KI8oV5-s2v;?~<4CncBuT&(#5hb#uncrO z_1CZU>^z&s-n_2$O@CW&&GQO;A$2sP#7rL6X&IJ+0} zhkj(3XJ*voTbpmHbdE4DWwSmi%AkA%B>^LgS&HeEE;v@Xtm6ZsI0Zz?y^J>pyqFe}8ibewuUjKb-PEHmyc>7=f;MXUh_O`d-nEBTL z1Q7lD>z}g2KmWO;;7z%ouB%x0KfBoA5{J&oH-~SoBz2E0=R13ICvjrV!kYAMR z&r}*q$22=GBQMrFEcyU(-E0XsnCBbVCwzfh9Iym;fXBO*lo<;C&ex|#;~(Vz^n;_} zP#lA@;crFWS4}J(wtsSk)l&TgIRV*|{Ju;?p}x{LW-#W1ne_qr-o;eJ6x(lEZy8<+ zIA8$nJ|))C>|L;G>pfxTK$iE!wf~dC`vgQIy1yaU*ao`8AM0U5SH96eB?vg6N#h{O zv)XP3W*{Kl4Jwvbcagl)&bWZ0O;w+a7bQE;;Q7zzlN9&j?C0PK` zEOlvdxfwW2BCfj+f4f3|^yVgSe z@oy?hRs^XIKqfqAm5R6AtQS@7}l_bE#E*lsd48Bcj z1H1Y#KC+mj!A(L8*H+iF=f=2L;;68|Ls5YR;WhxxEdADTpQJcQYGwMo#<0=_D5;j) zz(-woZQ`P|3Jke+)KPpPlD>?7t8rZ(e`Zz+8+!6=|)Kr0Brqp zA%1<@{%xSa`)JEV+I065io~Eakg+HoC_WhqS0zpjS;vCG}5+z zzP5H0leb?GcPFEAq=TJTz#(^5(_Sb>%^;JHgl zBhG~z%%Q8>=KcK}nq(z+}= z7j`cSQ0t~ofk8S|Qb<=Pr#3{RARK@=Kx`cKoYFpJojphEQ>+Ng19fk%@wTt@-4rBqgjts$LZdE0yEL%i zQK!JgDjsFuC)VqAC&O`{jm?kng6G+ z>j0ixs}MpR>yW*YoiehrM^;9Ntp9WB z+xq^#*T2iv#o?UyectzZpXc+rKlkUp|K|}i#EajwLK2&aD>H2OJ0w5{1D-x+kW?6p z(E0?nhW)6=tQt+7U!ftOP5MPd-lnblrsDyiVs>omC4<06H1uP~;@Ndk3GQpyxWxV- zx6m0yYkdB4XKKNF>5ru<`qy#~bU(9$1h7ca)cgHnHmriP4%e=1fnB#O23l9r)K_`w z%l^60CmoDnJLY3sEPZ3SxeOk5oVbo8;Bk(xaK-U9;kev+;Zbh$b4%(+ zIz3Lz#1S6!gj0&dF@V_B_fk2QMX>)@u)%$M!nmMq87SjCsrO3Rvc(VMlPD^){-5Xl z3byK@FfW#^Ymkf&FnB?(QTmjMmy`{1q_*mw-(}>r15y3!6Jp@95|p4_Y^$pZ1T%a& zyII>^JNhb#az-5ewzuQkthvo2N+ksBJk*L3wRgozD|R_BAL)$a$68i!87kB77L1`_ z^sUibp^9-PJKFPQ(0_@_e^kq^5C~kTsh4Gv>VckFfwHeT|Jsb)1W(zqPzeSX)4jdCLUGDt`Z(-A zyfEU?H0QbL_TsP0eUJLPSpS3(Rky+45!sK-*Wdqo_C4Si7@Sx0*P{J%0pF1XoA|dn ze9NCN{PjS};{y;a{vq3q|NLlKG}e_R?oaf;={9(U^D@}x$&t|i+~xb1&@sms_UJSJ zS}TA2$OfX78<>eo{|T{uO9!#VgGp@RKT^Wqp-wh77?5gHY{6fb>7P-_XQAcp-=@j` z?4bL5)bUK4EkLD7E%a-~Ct&3$?l>ZUP;T?~?rVab9A?e0bhM?SN>GsPBrQ2DzKda4&rYKq+fI2L=I>aY7I23Gaq0` zkD@djzIm-L+ng^nmZ*PLqQFzpiE@8C4-+=D|2^bvL$raFvv_-nnd?7ZNguUaM>Klc znT3J1Cfw5b5seUwVGIyoe>@d)upr0AqEJ(-`%ce+nFbKsImrF@iKWXR z@VR!#;TBM>KL6g4=B@piwNh4~%P!QG4D4ZZZz=|bgFr?s-(90rY%4|ffmAB^v3*H; zqi*1t_H`H{b-5PIb!f^wM*%;|^=hfcWg-7&L*nQBtpN5jFV^#~jhP z90o_U0I2Dh1Ep97E@~^$@}Hoyt@xRj0<05Evp7gmLBeGqs8c!KK(`B2Y7Zyi9|Cp-4wr_gZ3Y%)8v8+Y>dq7qb`tGgo-bKKCZY|%=PX)Ns=jbsq z+PhIi>C^xz5^62LS(XVMM2fH+FK3tWh7<=3Mic}Q-#PDglSIX!F%IUCmjg)H3K%W@ z@+FaE5g!Y_+OA@(osG1j#+kTe`XK05qHmi zJuViywrc9P{SvxD;~%}_A340{^fs8S+dRBimZI#1NEit!GkojGtrnU3hW%Vq$aK~qYCHW`klZ( z*>&n>S5qp;J)w+UW7ZIoyP!!T1QX$D@5dfyfE;?7S>PPDevXC0)g50=iP2}8IiC^i zyr%s;?r@pej*BlnOs*`oSF_oE^u#Jk2J?)0C(sc|6z*hQyYLX`yX?~!Ia_+t72Q;J z)n(=he!L58vW`vw2jb0X?}k&em^7P)ZA;kj%(_WtYNBX^GjBH1Io;q%W=dVL=U=u# z9n8R)CnhH*|5M^{v!xz;iBYXs2gj)RRxp^|-}$`KfoUzkByGF)Ky}}e@10;NLfJ4a zH7k<)Nfb?;X>))jVi8!I=!{#s04%4aX7h6bQ)?_qFz?=2M!}HIz{vIyV?gfESJ0yC z10J8Gw^g7|)9j-iqF?i&id<<(Yv;^4p0?F<*%v7;2MU=D!H#`^Qu~$~{9A4*z||Cn zDK9#L9Ro7Ja1N+Cky7ONb4CdCwO!C(Sj@-czu9^Sgz?8@EVkG2^0!HvwB-p9YLUfW z^hN!sU`#P<#i}K5Ge3(Y_2RC+2g`X$`wYUCcv*=e9I`9V?ViAN3vAM*Y_{!hx+VTG zbLAB=DId@->YFwOb5-6$zj?7ru%U09#lyVbMtyJ3-0ql9e>>@R!M;B*K5JW9ZbEOb7 z8+F*$cWnrFbC!BVYl@!oH@QgIRFQnTsM{XtDs&NAwp5Ce@>;L_KsTIWY*r#K#~gk>{m3;u=$hxa1k@l+}n>oW9+yb<#ivQ%$zbeUPr!S>D}IsIBi?{v^k70p#! zlHqpZH`!v1an!S_*qj|#Ree#Z43*8AX5LYPX(?^r_C`uAy2s{{zLLo2Yk)3EqzgYjY&@+!X1rr@a$=qTFjYes5d9m*ZK}IG>Bn zn&|K$0qYFjp3g1-F!k4u9KZxYtso~NXOe*vR@HM}I{?~RtkTNjcbP_pj3Fmcb&rc% zf#{8cH|L0<3s8j2<;_Ql?LI`~iWFC#JFkrhHMB{d2VPnZ1|i2W zd$AR^n$j8q(q;Be#RLfiee8sV&U@l%ITEkO;=8**r_O;e!0~0XWISW_wAIuzP;6Jk z>GNS3odDtd!$H;GUmhe=c%?*ZHYidT9|*+cOLL@M-BaY*4%Bpo_W(fE+bvrM#x^a7 z5(7;9j@@{vCPip{cWenspry^lvt;*=oTbCSkv(Uhsc7tsv~%^Pek)OkrR3^+_QTeT zCPXFay)Nfkv0X7oeh8EGxQe-W3R@p&wD64)Wgpct?bIsUc;yTPzJ^&%FS88_EgS57 zSyQb|qIUrB=t%IYAPTxO@3^Vq%kj1Un&m?+&$g83rU$_Osw*pr->6LXqFGB2!QQ=X zE-Pi-^~hUiG-841z*GxAIboaW^T)fECS```@zVyixQs=m)M5Jl8OdXXKm3qHmhC*% zSRmy^3LBIef1Gn5sGI&ykJ#MKjpBXN7OV3~4`O zv2LzcP3a=rJXN2-`dn7hJ2P}ueyY2nW3?v5A9oSm$RVwiis)LRwtL*WUh2Ge%~;;_ ztr0v*drXGcKAy|U&`h20)N0%PVR0q)<{ahhX9i7*m?L+QTK$(rWqI}ndYpvG)_v5O zKGvrTJy^5nctqX`m|otNRL&Af9Hq#&e#Ccu(qrYNqm!zEUn~5wF(dqjP!Z~VI!hSENs9HXMaJW)c4;6GIaM`&adTu!p(rK`ah}b+W?g$`f7Rr4Om+@< zLyKw<+HCLLQu?C+Y>Gj?`AyjVGDRZke23{JGSrnh#S2yo8KQ2_D*=ELh zS-+FI)Z~EFGgtf7I9&I!#bT}oe8ZkEi?`Ty4SX-?kEwal}7! zgiM9eP{jx=78jONIK?uf_jE(%Fpjxroi0X za&wJLyKe@Dj2TbCfe$hTSTNvx@16nDRi66#13iRyrK^;-FOLKa9;LH%-T2k`>QB8W zbS~u2>rXwKq-1^CtNmu%94hee5nJGOS1En5^3KcpeB*phEIovxo+OCl4uZ&A%H+op zP3e+way6MTh0Dd+)wl23QVRFlo8_0|B9jC}u-|VgKZc#8ip5`d9Ix{%XD<8The_H8 z;PkH_%k(b67q8bz;$<9(+YwF%cCT8@4s)I30hcsHE81$eTzuF1kS4)ALT7@Y;+fS` z$XPd&I*-z0+OA$|!llIzgQJT5xTMDV@B818w%-_SAFKDiFD4RpzkyDu5mxQyTn5b{ zL4u-bbJEPld|2j@oZ=ySPIWwaIV5noN-WWZ=H1z~r0S)S4gH0k0|LW&87$=a^M%eR z-f_Ky^PQtqy(7Y%Xx~ovaL;e_1Hy6Tl}rL(7VquM)h)gi+)7OKE}=qDB)t(^lGuGa zuhH^TPVal_$_ec+a-r30eZZ~eK*j9B7&1RYFWx4jzHo_aPdckKpY=tovLSPT7(TFB z`*2Pr@e^AL#<}e6Iw9cfxN3Pfe~0K>Ym#&TE^R1Bc-j)pT4|#?=Y9u^IKYFOl4t) z#=WbnqauWc%@%3!^lvuXW$SEzdcXNwV-w5@V{2ebML*=YgIAtmeqQf#3iNN77XUxe zirH0j!h{61F!z`wCdHtCr`4!*#6&B0a*dZ5;yPM%YWsspoR;WfPq(UQi9K3fg%CI2B8-_0v47puGrO&*$b(t z{&gDJk}-3S%!zk&CU z8ri0gI{~iXDLYym3#tuhQCLH=V$k{un&i*DBec3fu$xy6Q1Z4qq&OV7<2c4TmbNU0=~zj9NYCX%NnKg698W4*Dsp~m}BXw$aSSK=b5@eE&5sw zyy0X3c!GpP>zY2=xEC#%gi@00n*iDZ9rj(1?g8=y$Wd4>L`YUjzD|eSs6_#BgHymb z%Wkm7;A}YBR$~|~y_8`1#4Jx{4EV;8UbinmBhV*=O0BD0qOTp?0q&74cg_p!2B45O zz9F$wQU!8&caS;vS;r>--aB?IFf$mFfcFa|#}D`syNhEL5i^J{c1%yV$83PiW$vpx zHQzCq5E_`pPPF+Kt$UDpM&+$siIXfB5-(^w@WaiAfur9tocY1 z`2=NhymGr(O&@nIK^_AESQa@-zEEsd{&?E33n>TyzeLewv7^jihcf|X&vS71K(ERh zp8&Q*j)f230Q-Z16XHnKb1XhHu|gW+KL*+nB*WOuFVi2tsS&zMsNiNU#M5FP#Y<80 z-Ie<1W31GK9?gS}2=CtEtOt~1PDOa1^UNhnn$W&ZpH+9w+%Q$mA9z! z(P@Tv20<2TDZrzYv}GDS2HkRFSWgA021NRAcB285MbNV3o;sLj?vc%_3R2Jp+tNEP zM5~v3Gt4}1wU`;Te0RXkElPGW3i&;GLLZV9yh& z$da*8%G{X9fP0beHwBx;5uIIPhf#HJn%q4G4-jnoC_>J{6MO$PAJt4Ro)^&xOl|96i7XeD{qe!jFMgK>1Ky znk!@F7D8)NqA2A!$s+`b&!B>e`nt1Iff;%>LFPH6kl(pbZ`nOaiN?L$cDzpSN#YF?PZukan*FLu>uuVXCn_nL=E3K`RkoX9b)ouJo_Z4u^}BaSeD z3w%ef+~guFK*;08IxTV)Rw(Z?_PCkuS$u51sQPg)IzeHP@3!V9yP@J~g(Q_t(eAZ!4v&y^gLQ70MiO%tDkvh+m0isw_P zYhlG7<{TnGAQInGF*#=lXYFtJoqBVmC{UUkGT>GA{sTuzB_B{I&*R+>glcx|O)QoG4REhY zs%v)wZKjEKPC)cVmo%&SODy)C{S9hOplx|eo}PZ};OS9zLYgKAF)60f#nSx^M0zu& zhXKu%@--P?duL8837qQp;M0PYok1xawa1ZDUnurk{=lN08#R-(R!S zed7b0;muEuvwVVTd3ILdHe}9}_>*I<;izthKt-{bB065*4x4&Hm6Yyz+8gE$*0mt9 z53Kw-6~0EVB@K1{Tv#d5gupem>t#c&VWyXU>`iX!sFWHu?m2(xq2khD#_Mt`W8lFpKyQFJMGWl% zh%Dt6?^%w<r zXy=tywkirnUy~7`y!v zcw0v)e|X5Ew+z8-^zy2~iLF24J*SX-wUxrb^C_i6pQnDt6N{p8pwmQ)$li;vP4XBFXV`j*oi5%yo{_A;$n7`W{k7Bz5!OsqfTQn*-=dJY_I#UaE=0P|esI ziV-i@ATCj81Yk1U(QB;?!u&^!OY;zWWyi|-B5bBC@o`-An)UtD&J8Llv$xC+axLm| zlEQ1F);>WW`2lS+*VZs72r%OGL z?4jj;fLH0mzU)s3L@pLyDRE?)pb~@DxrL~@50gpDZyRiS*QvkF>D4c2G)hOb!|htz zSb9}^7A^RP2%d@MH{R;E#y7d)4RUxn&cFQ0E5hVq4Md;mzITT4xLA@h_k1?_{OWeG z-aA2sWa;hASTY4k-s?H);-LVLUZkaK2NZ;tAO{BgeVdzMLJ!Cg5%3Zz|& z^6-V*cUSRcHq&X`sn!i61=KI#XOdiQk}#AwwbNU1V<0m#Qv&n#D1mN7%ZaWkJ%Q&% z{z)FOWF$`;J~tWMm}|{EwLVewus&4?tRlb0SCb)s$%U56u(@Q(ChLK zG0MU&5;Mwl&@ox!FFfO`HLAN>HUXK-&5oB?zanPDNlf_p?yFmsPx*N08*MMbBVo+9 zuo5xgm^qm%= znZbc2^8Yw5oW%IqMk^om1ufq?3N z>%z7P@-IIN*$wGs{L72|$EOQUqpeb!?w>jHzi%b=f58HhzuTfokN#p({5XvN8BLHk zo|(eI{uTND@l8!QNM?gB0Y3uRH(vMoYR9}pVyZa+=2wgf|S2mU1Xh`knlpnHhZ z!L5M(=pl}d<5a^j$YI@tO7~xC5T86RdiI|6uUT>&D1YIN71E>WqB+SGo8Hu+XfEN5 zwT@30j^!)=>#p8q24rN5<@b4j!D(HEN21Z%EP&v3WbMqp92fu8$Yb=*FEKZ|`>$6zwde`Qj%^(wp2G+~5pQ342QW@zIw3g4B}uTL$f3j9<#o|I8Co3Un60Z3RgCpXyx~ zy4oY@6|Y`u@Yx%+LA3Q!JA*8nsWXi%Ft%kt`7vX!;_Z3K?)d9zVtn4Z4K%mV^fntZ zsCnL(&OIt0s(sr4bT$u!WdVs(L!Qr2T)FQn*|N+u$)uf7VfFJQN{fY z>OMx@LDJnX2>!I+ke2qwlUXW~`ph%h^|W4YmFe^x5BJuO!mQ}YSj$?&>AJds;S?bc~COQ zpgoMy`LDIT4cq>U6?R^mMI1Oz1aP6>Wc4TFYal4SPq#MH8lp?uN4@ujL-`t}d7%iv z+)75CZ&D>p3f;;Jl}{pP5`KE$8cVHNagX6Bcg?;uhssv+OB$TG@HG+FUsPw%MVT#T zf~ywqA&ol)0;RjojfbCW`|^Q!nH^*OtmkN>pPYa$(aa~8SxtLTIOmhq=PEI-AG0LQ z6m`&Dx~)YO4uaI_2kjn`qsQ;=s^KA@hDMjiZ4l{oC%xMg6vqzyXl&iqyjbm_8E)eX z?_*wnQM>ckNCExgI|T^7(s|xTgPqVj>G{X6<)ZaZ7{$`CA(ss$N@utZ5ahIG8<%Yh z_zrV)dh9Q21zWX+l59UjK4|wf^KA9%5q=nqb;g?w=39@e;HQ25N;d78c8!k4@vdvk zIgl$z8z{$Mz)q_ebo92liVw{PG?LFVS1E%=@+%?Z`%c1pqddx?DSqfPTw(s#CQ?FC zz{k%z8gVy_LyEaDKa1?$9Isnn<|XCM$!*hmOC4FMXruc)+ljG4 z3@)~f8Qo8R9Ip`OA;jx~+weHLjQTC29u8&v0090i!m#89U!YOOH2r;ntX<_tqjA5# z1WD0kBqD5V(3kobMeIjlB2P^QPAey3h4*JG>L0r=Sc_|tzy|#PxQ~Gi*u1Ey@AvV3 z9lO6C%@mtN#r=B+L;tNHDd^M`A~iH}`;YcfV0pIbhefl(3@i_umNCFTl`9%bFBD7z F{tu-H>j(e< From ba94fb4d6bc17630930d7aa99249ecb983cfd2cd Mon Sep 17 00:00:00 2001 From: "Sean Williams [MSFT]" <72675818+sewillia-msft@users.noreply.github.com> Date: Thu, 10 Nov 2022 17:28:51 -0800 Subject: [PATCH 035/129] Fix acronym in audit-directory-service-access.md The current description uses an incorrect acronym for Active Directory (AD**A** DS) - this PR replaces it with the correct acronym (AD DS) --- .../auditing/audit-directory-service-access.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/windows/security/threat-protection/auditing/audit-directory-service-access.md b/windows/security/threat-protection/auditing/audit-directory-service-access.md index c954c98ef9..a70119e0d5 100644 --- a/windows/security/threat-protection/auditing/audit-directory-service-access.md +++ b/windows/security/threat-protection/auditing/audit-directory-service-access.md @@ -1,6 +1,6 @@ --- title: Audit Directory Service Access (Windows 10) -description: The policy setting Audit Directory Service Access determines if audit events are generated when an Active Directory Domain Services (ADA DS) object is accessed. +description: The policy setting Audit Directory Service Access determines if audit events are generated when an Active Directory Domain Services (AD DS) object is accessed. ms.assetid: ba2562ba-4282-4588-b87c-a3fcb771c7d0 ms.reviewer: manager: aaroncz @@ -34,4 +34,4 @@ This subcategory allows you to audit when an Active Directory Domain Services (A - [4662](event-4662.md)(S, F): An operation was performed on an object. -- [4661](event-4661.md)(S, F): A handle to an object was requested. \ No newline at end of file +- [4661](event-4661.md)(S, F): A handle to an object was requested. From 2df9cdf4a829981d1e8be62b6a9c38b377078d68 Mon Sep 17 00:00:00 2001 From: Frank Rojas <45807133+frankroj@users.noreply.github.com> Date: Thu, 10 Nov 2022 21:00:02 -0500 Subject: [PATCH 036/129] Metadata/style update BitLocker 8 --- .../bitlocker/bcd-settings-and-bitlocker.md | 7 +- .../bitlocker/bitlocker-and-adds-faq.yml | 10 +- .../bitlocker/bitlocker-basic-deployment.md | 241 +++++++---- .../bitlocker/bitlocker-countermeasures.md | 6 +- ...cker-deployment-and-administration-faq.yml | 16 +- ...r-device-encryption-overview-windows-10.md | 25 +- .../bitlocker-frequently-asked-questions.yml | 2 +- .../bitlocker-group-policy-settings.md | 4 +- ...tlocker-how-to-deploy-on-windows-server.md | 19 +- .../bitlocker-how-to-enable-network-unlock.md | 379 +++++++++++------- .../bitlocker-key-management-faq.yml | 40 +- .../bitlocker-management-for-enterprises.md | 58 ++- .../bitlocker-network-unlock-faq.yml | 6 +- ...itlocker-using-with-other-programs-faq.yml | 2 +- 14 files changed, 487 insertions(+), 328 deletions(-) diff --git a/windows/security/information-protection/bitlocker/bcd-settings-and-bitlocker.md b/windows/security/information-protection/bitlocker/bcd-settings-and-bitlocker.md index e4f5c23c51..38ebaa51c4 100644 --- a/windows/security/information-protection/bitlocker/bcd-settings-and-bitlocker.md +++ b/windows/security/information-protection/bitlocker/bcd-settings-and-bitlocker.md @@ -24,8 +24,7 @@ When protecting data at rest on an operating system volume, during the boot proc In Windows 7 and Windows Server 2008 R2, BitLocker validated BCD settings with the winload, winresume, and memtest prefixes to a large degree. However, this high degree of validation caused BitLocker to go into recovery mode for benign setting changes, for example, when applying a language pack, BitLocker would enter recovery mode. -In Windows 8, Windows Server 2012, and later operating systems, BitLocker narrows the set of BCD settings validated to reduce the chance of benign changes causing a BCD validation problem. If you believe that there's a risk in excluding a particular BCD setting from the validation profile, include that BCD setting in the BCD validation coverage to suit your validation preferences. -If a default BCD setting is found to persistently trigger a recovery for benign changes, exclude that BCD setting from the validation coverage. +In Windows 8, Windows Server 2012, and later operating systems, BitLocker narrows the set of BCD settings validated to reduce the chance of benign changes causing a BCD validation problem. If it's believed that there's a risk in excluding a particular BCD setting from the validation profile, include that BCD setting in the BCD validation coverage to suit the preferences for validation. If a default BCD setting is found to persistently trigger a recovery for benign changes, exclude that BCD setting from the validation coverage. ### When secure boot is enabled @@ -48,7 +47,7 @@ All BCD settings are specified by combining the prefix value with either a hexad The BCD setting hex value is reported when BitLocker enters recovery mode and is stored in the event log (event ID 523). The hex value uniquely identifies the BCD setting that caused the recovery event. -You can quickly obtain the friendly name for the BCD settings on your computer by using the command `bcdedit.exe /enum all`. +You can quickly obtain the friendly name for the BCD settings on a computer by using the command `bcdedit.exe /enum all`. Not all BCD settings have friendly names; for those settings without a friendly name, the hex value is the only way to configure an exclusion policy. @@ -57,7 +56,7 @@ When specifying BCD values in the **Use enhanced Boot Configuration Data validat - Prefix the setting with the boot application prefix - Append a colon `:` - Append either the hex value or the friendly name -- If entering more than one BCD setting, you'll need to enter each BCD setting on a new line +- If entering more than one BCD setting, each BCD setting will need to be entered on a new line For example, either "`winload:hypervisordebugport`" or "`winload:0x250000f4`" yields the same value. diff --git a/windows/security/information-protection/bitlocker/bitlocker-and-adds-faq.yml b/windows/security/information-protection/bitlocker/bitlocker-and-adds-faq.yml index 1330b0463a..7f6ba12c95 100644 --- a/windows/security/information-protection/bitlocker/bitlocker-and-adds-faq.yml +++ b/windows/security/information-protection/bitlocker/bitlocker-and-adds-faq.yml @@ -37,19 +37,19 @@ sections: Stored information | Description -------------------|------------ Hash of the TPM owner password | Beginning with Windows 10, the password hash isn't stored in AD DS by default. The password hash can be stored only if the TPM is owned and the ownership was taken by using components of Windows 8.1 or earlier, such as the BitLocker Setup Wizard or the TPM snap-in. - BitLocker recovery password | The recovery password allows you to unlock and access the drive after a recovery incident. Domain administrators can view the BitLocker recovery password by using the BitLocker Recovery Password Viewer. For more information about this tool, see [BitLocker: Use BitLocker Recovery Password Viewer](bitlocker-use-bitlocker-recovery-password-viewer.md). + BitLocker recovery password | The recovery password allows unlocking of and access to the drive after a recovery incident. Domain administrators can view the BitLocker recovery password by using the BitLocker Recovery Password Viewer. For more information about this tool, see [BitLocker: Use BitLocker Recovery Password Viewer](bitlocker-use-bitlocker-recovery-password-viewer.md). BitLocker key package | The key package helps to repair damage to the hard disk that would otherwise prevent standard recovery. Using the key package for recovery requires the BitLocker Repair Tool, `Repair-bde`. - question: | What if BitLocker is enabled on a computer before the computer has joined the domain? answer: | - If BitLocker is enabled on a drive before Group Policy has been applied to enforce a backup, the recovery information won't be automatically backed up to AD DS when the computer joins the domain or when Group Policy is subsequently applied. However, you can use the **Choose how BitLocker-protected operating system drives can be recovered**, **Choose how BitLocker-protected fixed drives can be recovered**, and **Choose how BitLocker-protected removable drives can be recovered** Group Policy settings to require the computer to be connected to a domain before BitLocker can be enabled to help ensure that recovery information for BitLocker-protected drives in your organization is backed up to AD DS. + If BitLocker is enabled on a drive before Group Policy has been applied to enforce a backup, the recovery information won't be automatically backed up to AD DS when the computer joins the domain or when Group Policy is subsequently applied. However, the Group Policy settings **Choose how BitLocker-protected operating system drives can be recovered**, **Choose how BitLocker-protected fixed drives can be recovered**, and **Choose how BitLocker-protected removable drives can be recovered** can be chosen to require the computer to be connected to a domain before BitLocker can be enabled to help ensure that recovery information for BitLocker-protected drives in the organization is backed up to AD DS. For more info, see [BitLocker Group Policy settings](bitlocker-group-policy-settings.md). - The BitLocker Windows Management Instrumentation (WMI) interface does allow administrators to write a script to back up or synchronize an online client's existing recovery information; however, BitLocker doesn't automatically manage this process. The `manage-bde` command-line tool can also be used to manually back up recovery information to AD DS. For example, to back up all of the recovery information for the `$env:SystemDrive` to AD DS, you would use the following command script from an elevated command prompt: + The BitLocker Windows Management Instrumentation (WMI) interface does allow administrators to write a script to back up or synchronize an online client's existing recovery information. However, BitLocker doesn't automatically manage this process. The `manage-bde.exe` command-line tool can also be used to manually back up recovery information to AD DS. For example, to back up all of the recovery information for the `$env:SystemDrive` to AD DS, the following command script can be used from an elevated command prompt: - ```PowerShell + ``` powershell $BitLocker = Get-BitLockerVolume -MountPoint $env:SystemDrive $RecoveryProtector = $BitLocker.KeyProtector | Where-Object { $_.KeyProtectorType -eq 'RecoveryPassword' } @@ -70,7 +70,7 @@ sections: - question: | If I change the BitLocker recovery password on my computer and store the new password in AD DS, will AD DS overwrite the old password? answer: | - No. By design, BitLocker recovery password entries don't get deleted from AD DS; therefore, you might see multiple passwords for each drive. To identify the latest password, check the date on the object. + No. By design, BitLocker recovery password entries don't get deleted from AD DS. Therefore, multiple passwords might be seen for each drive. To identify the latest password, check the date on the object. - question: | What happens if the backup initially fails? Will BitLocker retry it? diff --git a/windows/security/information-protection/bitlocker/bitlocker-basic-deployment.md b/windows/security/information-protection/bitlocker/bitlocker-basic-deployment.md index 891e70f945..7b7c600fed 100644 --- a/windows/security/information-protection/bitlocker/bitlocker-basic-deployment.md +++ b/windows/security/information-protection/bitlocker/bitlocker-basic-deployment.md @@ -23,7 +23,7 @@ ms.technology: itpro-security - Windows 11 - Windows Server 2016 and above -This article for the IT professional explains how BitLocker features can be used to protect your data through drive encryption. +This article for the IT professional explains how BitLocker features can be used to protect data through drive encryption. ## Using BitLocker to encrypt volumes @@ -34,76 +34,148 @@ If the drive was prepared as a single contiguous space, BitLocker requires a new > [!NOTE] > For more info about using this tool, see [Bdehdcfg](/windows-server/administration/windows-commands/bdehdcfg) in the Command-Line Reference. -BitLocker encryption can be done using the following methods: +BitLocker encryption can be enabled and managed using the following methods: - BitLocker control panel - Windows Explorer -- `manage-bde` command-line interface +- `manage-bde.exe` command-line interface - BitLocker Windows PowerShell cmdlets ### Encrypting volumes using the BitLocker control panel Encrypting volumes with the BitLocker control panel (select **Start**, enter `Bitlocker`, select **Manage BitLocker**) is how many users will use BitLocker. The name of the BitLocker control panel is BitLocker Drive Encryption. The BitLocker control panel supports encrypting operating system, fixed data, and removable data volumes. The BitLocker control panel will organize available drives in the appropriate category based on how the device reports itself to Windows. Only formatted volumes with assigned drive letters will appear properly in the BitLocker control panel applet. -To start encryption for a volume, select **Turn on BitLocker** for the appropriate drive to initialize the BitLocker Drive Encryption Wizard. BitLocker Drive Encryption Wizard options vary based on volume type (operating system volume or data volume). +To start encryption for a volume, select **Turn on BitLocker** for the appropriate drive to initialize the **BitLocker Drive Encryption Wizard**. **BitLocker Drive Encryption Wizard** options vary based on volume type (operating system volume or data volume). -### Operating system volume +#### Operating system volume -When the BitLocker Drive Encryption Wizard launches, it verifies the computer meets the BitLocker system requirements for encrypting an operating system volume. By default, the system requirements are: +For the operating system volume the **BitLocker Drive Encryption Wizard** presents several screens that prompt for options while it performs several actions: -|Requirement|Description| -|--- |--- | -|Hardware configuration|The computer must meet the minimum requirements for the supported Windows versions.| -|Operating system|BitLocker is an optional feature that can be installed by Server Manager on Windows Server 2012 and later.| -|Hardware TPM|TPM version 1.2 or 2.0.

    A TPM isn't required for BitLocker; however, only a computer with a TPM can provide the additional security of pre-startup system integrity verification and multifactor authentication.| -|BIOS configuration|

  • A Trusted Computing Group (TCG)-compliant BIOS or UEFI firmware.
  • The boot order must be set to start first from the hard disk, and not the USB or CD drives.
  • The firmware must be able to read from a USB flash drive during startup.
    • | -|File system| One FAT32 partition for the system drive and one NTFS partition for the operating system drive. This requirement is applicable for computers that boot natively with UEFI firmware.
    For computers with legacy BIOS firmware, at least two NTFS disk partitions, one for the system drive and one for the operating system drive.
    For either firmware, the system drive partition must be at least 350 megabytes (MB) and set as the active partition.| -|Hardware encrypted drive prerequisites (optional)|To use a hardware encrypted drive as the boot drive, the drive must be in the uninitialized state and in the security inactive state. In addition, the system must always boot with native UEFI version 2.3.1 or higher and the CSM (if any) disabled.| +1. When the **BitLocker Drive Encryption Wizard** first launches, it verifies the computer meets the BitLocker system requirements for encrypting an operating system volume. By default, the system requirements are: -Upon passing the initial configuration, users are required to enter a password for the volume. If the volume doesn't pass the initial configuration for BitLocker, the user is presented with an error dialog describing the appropriate actions to be taken. -Once a strong password has been created for the volume, a recovery key will be generated. The BitLocker Drive Encryption Wizard will prompt for a location to save this key. A BitLocker recovery key is a special key that you can create when you turn on BitLocker Drive Encryption for the first time on each drive that you encrypt. You can use the recovery key to gain access to your computer if the drive that Windows is installed on (the operating system drive) is encrypted using BitLocker Drive Encryption and BitLocker detects a condition that prevents it from unlocking the drive when the computer is starting up. A recovery key can also be used to gain access to your files and folders on a removable data drive (such as an external hard drive or USB flash drive) that is encrypted using BitLocker To Go, if for some reason you forget the password or your computer can't access the drive. + |Requirement|Description| + |--- |--- | + |Hardware configuration|The computer must meet the minimum requirements for the supported Windows versions.| + |Operating system|BitLocker is an optional feature that can be installed by Server Manager on Windows Server 2012 and later.| + |Hardware TPM|TPM version 1.2 or 2.0.

    A TPM isn't required for BitLocker; however, only a computer with a TPM can provide the additional security of pre-startup system integrity verification and multifactor authentication.| + |UEFI firmware/BIOS configuration|
  • A Trusted Computing Group (TCG)-compliant BIOS or UEFI firmware.
  • The boot order must be set to start first from the hard disk, and not the USB or CD drives.
  • The firmware must be able to read from a USB flash drive during startup.
    • | + |File system| One FAT32 partition for the system drive and one NTFS partition for the operating system drive. This requirement is applicable for computers that boot natively with UEFI firmware.
    For computers with legacy BIOS firmware, at least two NTFS disk partitions, one for the system drive and one for the operating system drive.
    For either firmware, the system drive partition must be at least 350 megabytes (MB) and set as the active partition.| + |Hardware encrypted drive prerequisites (optional)|To use a hardware encrypted drive as the boot drive, the drive must be in the uninitialized state and in the security inactive state. In addition, the system must always boot with native UEFI version 2.3.1 or higher and the CSM (if any) disabled.| -You should store the recovery key by printing it, saving it on removable media, or saving it as a file in a network folder or on your OneDrive, or on another drive of your computer that you aren't encrypting. You can't save the recovery key to the root directory of a non-removable drive and can't be stored on the encrypted volume. You can't save the recovery key for a removable data drive (such as a USB flash drive) on removable media. Ideally, you should store the recovery key separate from your computer. After you create a recovery key, you can use the BitLocker control panel to make additional copies. + If the volume doesn't pass the initial configuration for BitLocker, the user is presented with an error dialog describing the appropriate actions to be taken. -- Encrypt used disk space only - Encrypts only disk space that contains data -- Encrypt entire drive - Encrypts the entire volume including free space +2. Upon passing the initial configuration, users may be prompted to enter a password for the volume, for example, if a TPM isn't available. If a TPM is available, the password screen will be skipped. -It's recommended that drives with little to no data use the **used disk space only** encryption option and that drives with data or an operating system use the **encrypt entire drive** option. +3. After the initial configuration/password screens, a recovery key will be generated. The **BitLocker Drive Encryption Wizard** will prompt for a location to save the recovery key. A BitLocker recovery key is a special key that is created when BitLocker Drive Encryption is turned on for the first time on each drive that is encrypted. The recovery key can be used to gain access to the computer if: -> [!NOTE] -> Deleted files appear as free space to the file system, which isn't encrypted by **used disk space only**. Until they are wiped or overwritten, deleted files hold information that could be recovered with common data forensic tools. + - The drive that Windows is installed on (the operating system drive) is encrypted using BitLocker Drive Encryption + - BitLocker detects a condition that prevents it from unlocking the drive when the computer is starting up -Selecting an encryption type and choosing **Next** will give the user the option of running a BitLocker system check (selected by default) which will ensure that BitLocker can properly access the recovery and encryption keys before the volume encryption begins. We recommend running this system check before starting the encryption process. If the system check isn't run and a problem is encountered when the operating system attempts to start, the user will need to provide the recovery key to start Windows. + A recovery key can also be used to gain access to the files and folders on a removable data drive (such as an external hard drive or USB flash drive) that is encrypted using BitLocker To Go, if for some reason the password is forgotten or the computer can't access the drive. -After completing the system check (if selected), the BitLocker Drive Encryption Wizard restarts the computer to begin encryption. Upon reboot, users are required to enter the password chosen to boot into the operating system volume. Users can check encryption status by checking the system notification area or the BitLocker control panel. + The recovery key can be stored using the following methods: + + - **Save to your Azure AD account** (if applicable) + - **Save to a USB flash drive** + - **Save to a file** - the file needs to be saved to a location that isn't on the computer itself such as a network folder or OneDrive + - **Print the recovery key** + + The recovery key can't be stored at the following locations: + + - The drive being encrypted + - The root directory of a non-removable/fixed drive + - An encrypted volume. + + > [!TIP] + > Ideally, a computer's recovery key should be stored separate from the computer itself. + + > [!NOTE] + > After a recovery key is created, the BitLocker control panel can be used to make additional copies of the recovery key. + +4. The **BitLocker Drive Encryption Wizard** will then prompt how much of the drive to encrypt. The **BitLocker Drive Encryption Wizard** will have two options that determine how much of the drive is encrypted: + + - **Encrypt used disk space only** - Encrypts only disk space that contains data. + - **Encrypt entire drive** - Encrypts the entire volume including free space. Also known as full disk encryption. + + Each of the methods is recommended in the following scenarios: + + - **Encrypt used disk space only**: + + - The drive has never had data + - Formatted or erased drives that in the past have never had confidential data that was never encrypted + + - **Encrypt entire drive** (full disk encryption): + + - Drives that currently have data + - Drives that currently have an operating system + - Formatted or erased drives that in the past had confidential data that was never encrypted + + > [!IMPORTANT] + > Deleted files appear as free space to the file system, which isn't encrypted by **used disk space only**. Until they are wiped or overwritten, deleted files hold information that could be recovered with common data forensic tools. + +5. The **BitLocker Drive Encryption Wizard** will then prompt for an encryption mode: + + - **New encryption mode** + - **Compatible mode** + + Normally **New encryption mode** should be chosen, but if the drive will be potentially moved to another computer with an older Windows operating system, then select **Compatible mode**. + +6. After selecting an encryption mode, the **BitLocker Drive Encryption Wizard** will give the option of running a BitLocker system check via the option **Run BitLocker system check**. This system check will ensure that BitLocker can properly access the recovery and encryption keys before the volume encryption begins. it's recommended run this system check before starting the encryption process. If the system check isn't run and a problem is encountered when the operating system attempts to start, the user will need to provide the recovery key to start Windows. + +After completing the system check (if selected), the **BitLocker Drive Encryption Wizard** will begin encryption. A reboot may be initiated to start encryption. If a reboot was initiated, if there was no TPM and a password was specified, the password will need to be entered to boot into the operating system volume. + +Users can check encryption status by checking the system notification area or the BitLocker control panel. Until encryption is completed, the only available options for managing BitLocker involve manipulation of the password protecting the operating system volume, backing up the recovery key, and turning off BitLocker. -### Data volume +#### Data volume -Encrypting data volumes using the BitLocker control panel interface works in a similar fashion to encryption of the operating system volumes. Users select **Turn on BitLocker** within the control panel to begin the BitLocker Drive Encryption wizard. -Unlike for operating system volumes, data volumes aren't required to pass any configuration tests for the wizard to proceed. Upon launching the wizard, a choice of authentication methods to unlock the drive appears. The available options are **password** and **smart card** and **automatically unlock this drive on this computer**. Disabled by default, the latter option will unlock the data volume without user input when the operating system volume is unlocked. +Encrypting data volumes using the BitLocker control panel works in a similar fashion to encryption of the operating system volumes. Users select **Turn on BitLocker** within the BitLocker control panel to begin the **BitLocker Drive Encryption Wizard**. -After selecting the desired authentication method and choosing **Next**, the wizard presents options for storage of the recovery key. These options are the same as for operating system volumes. -With the recovery key saved, selecting **Next** in the wizard will show available options for encryption. These options are the same as for operating system volumes; **used disk space only** and **full drive encryption**. If the volume being encrypted is new or empty, it's recommended that used space only encryption is selected. +1. Upon launching the **BitLocker Drive Encryption Wizard**, unlike for operating system volumes, data volumes aren't required to pass any configuration tests for the **BitLocker Drive Encryption Wizard** to proceed -With an encryption method chosen, a final confirmation screen is displayed before the encryption process begins. Selecting **Start encrypting** begins encryption. +2. A choice of authentication methods to unlock the drive appears. The available options are: + + - **Use a password to unlock the drive** + - **Use my smart card to unlock the drive** + - **Automatically unlock this drive on this computer** - Disabled by default but if enabled, this option will unlock the data volume without user input when the operating system volume is unlocked. + +3. The **BitLocker Drive Encryption Wizard** presents options for storage of the recovery key. These options are the same as for operating system volumes: + + - **Save to your Azure AD account** (if applicable) + - **Save to a USB flash drive** + - **Save to a file** - the file needs to be saved to a location that isn't on the computer itself such as a network folder or OneDrive + - **Print the recovery key** + +4. After saving the recovery key, the **BitLocker Drive Encryption Wizard** will show available options for encryption. These options are the same as for operating system volumes: + + - **Encrypt used disk space only** - Encrypts only disk space that contains data. + - **Encrypt entire drive** - Encrypts the entire volume including free space. Also known as full disk encryption. + +5. The **BitLocker Drive Encryption Wizard** will then prompt for an encryption mode: + + - **New encryption mode** + - **Compatible mode** + + Normally **New encryption mode** should be chosen, but if the drive will be potentially moved to another computer with an older Windows operating system, then select **Compatible mode**. + +6. The **BitLocker Drive Encryption Wizard** will display a final confirmation screen before the encryption process begins. Selecting **Start encrypting** begins encryption. Encryption status displays in the notification area or within the BitLocker control panel. ### OneDrive option -There's a new option for storing the BitLocker recovery key using the OneDrive. This option requires that computers aren't members of a domain and that the user is using a Microsoft Account. Local accounts don't give the option to use OneDrive. Using the OneDrive option is the default, recommended recovery key storage method for computers that aren't joined to a domain. +There's an option for storing the BitLocker recovery key using OneDrive. This option requires that computers aren't members of a domain and that the user is using a Microsoft Account. Local accounts don't give the option to use OneDrive. Using the OneDrive option is the default recommended recovery key storage method for computers that aren't joined to a domain. -Users can verify whether the recovery key was saved properly by checking their OneDrive for the BitLocker folder that is created automatically during the save process. The folder will contain two files, a readme.txt and the recovery key. For users storing more than one recovery password on their OneDrive, they can identify the required recovery key by looking at the file name. The recovery key ID is appended to the end of the file name. +Users can verify whether the recovery key was saved properly by checking OneDrive for the BitLocker folder. The BitLocker folder on OneDrive is created automatically during the save process. The folder will contain two files, a `readme.txt` and the recovery key. For users storing more than one recovery password on their OneDrive, they can identify the required recovery key by looking at the file name. The recovery key ID is appended to the end of the file name. ### Using BitLocker within Windows Explorer -Windows Explorer allows users to launch the BitLocker Drive Encryption wizard by right-clicking a volume and selecting **Turn On BitLocker**. This option is available on client computers by default. On servers, you must first install the BitLocker and Desktop-Experience features for this option to be available. After selecting **Turn on BitLocker**, the wizard works exactly as it does when launched using the BitLocker control panel. +Windows Explorer allows users to launch the **BitLocker Drive Encryption Wizard** by right-clicking a volume and selecting **Turn On BitLocker**. This option is available on client computers by default. On servers, the BitLocker feature and the Desktop-Experience feature must first be installed for this option to be available. After selecting **Turn on BitLocker**, the wizard works exactly as it does when launched using the BitLocker control panel. ## Down-level compatibility -The following table shows the compatibility matrix for systems that have been BitLocker-enabled and then presented to a different version of Windows. +The following table shows the compatibility matrix for systems that have been BitLocker enabled and then presented to a different version of Windows. Table 1: Cross compatibility for Windows 11, Windows 10, Windows 8.1, Windows 8, and Windows 7 encrypted volumes @@ -114,11 +186,11 @@ Table 1: Cross compatibility for Windows 11, Windows 10, Windows 8.1, Windows 8, |Fully encrypted volume from Windows 7|Presents as fully encrypted|Presented as fully encrypted|N/A| |Partially encrypted volume from Windows 7|Windows 11, Windows 10, and Windows 8.1 will complete encryption regardless of policy|Windows 8 will complete encryption regardless of policy|N/A| -## Encrypting volumes using the manage-bde command-line interface +## Encrypting volumes using the `manage-bde.exe` command-line interface -Manage-bde is a command-line utility that can be used for scripting BitLocker operations. Manage-bde offers additional options not displayed in the BitLocker control panel. For a complete list of the options, see [Manage-bde](/windows-server/administration/windows-commands/manage-bde). +`Manage-bde.exe` is a command-line utility that can be used for scripting BitLocker operations. `Manage-bde.exe` offers additional options not displayed in the BitLocker control panel. For a complete list of the options, see [Manage-bde](/windows-server/administration/windows-commands/manage-bde). -Manage-bde offers a multitude of wider options for configuring BitLocker. So using the command syntax may require care and possibly later customization by the user. For example, using just the `manage-bde.exe -on` command on a data volume will fully encrypt the volume without any authenticating protectors. A volume encrypted in this manner still requires user interaction to turn on BitLocker protection, even though the command successfully completed because an authentication method needs to be added to the volume for it to be fully protected. +`Manage-bde.exe` offers a multitude of wider options for configuring BitLocker. Using the command syntax may require care. For example, using just the `manage-bde.exe -on` command on a data volume will fully encrypt the volume without any authenticating protectors. A volume encrypted in this manner still requires user interaction to turn on BitLocker protection, even though the command successfully completed. For the volume to be fully protected, an authentication method needs to also be added to the volume in addition to running the `manage-bde.exe`command. Command-line users need to determine the appropriate syntax for a given situation. The following section covers general encryption for operating system volumes and data volumes. @@ -128,7 +200,7 @@ Listed below are examples of basic valid commands for operating system volumes. #### Determining volume status -A good practice when using manage-bde is to determine the volume status on the target system. Use the following command to determine volume status: +A good practice when using `manage-bde.exe` is to determine the volume status on the target system. Use the following command to determine volume status: `manage-bde.exe -status` @@ -136,22 +208,24 @@ This command returns the volumes on the target, current encryption status, and v #### Enabling BitLocker without a TPM -For example, suppose that you want to enable BitLocker on a computer without a TPM chip. To properly enable BitLocker for the operating system volume, you'll need to use a USB flash drive as a startup key to boot (in this example, the drive letter E). You would first create the startup key needed for BitLocker using the -protectors option and save it to the USB drive on E: and then begin the encryption process. You'll need to reboot the computer when prompted to complete the encryption process. +Suppose BitLocker is desired on a computer without a TPM. In this scenario, a USB flash drive is needed as a startup key for the operating system volume. The startup key will then allow the computer to boot. To create the startup key using `manage-bde.exe`, the `-protectors` switch would be used specifying the `-startupkey` option. Assuming the USB flash drive is drive letter `E:`, then the following `manage-bde.exe` commands would be used t create the startup key and start the BitLocker encryption: -```powershell +``` powershell manage-bde.exe -protectors -add C: -startupkey E: manage-bde.exe -on C: ``` +If prompted, reboot the computer to complete the encryption process. + #### Enabling BitLocker with a TPM only -It's possible to encrypt the operating system volume without any defined protectors by using manage-bde. Use this command: +It's possible to encrypt the operating system volume without any defined protectors by using `manage-bde.exe`. Use this command: ``` syntax manage-bde.exe -on C: ``` -This command will encrypt the drive using the TPM as the protector. If users are unsure of the protector for a volume, they can use the -protectors option in manage-bde to list this information by executing the following command: +This command will encrypt the drive using the TPM as the protector. If users are unsure of the protector for a volume, they can use the `-protectors` option in `manage-bde.exe` to list this information by executing the following command: ``` syntax manage-bde.exe -protectors -get @@ -169,13 +243,19 @@ This command requires the user to enter and then confirm the password protectors ### Data volume commands -Data volumes use the same syntax for encryption as operating system volumes but they don't require protectors for the operation to complete. Encrypting data volumes can be done using the base command: `manage-bde.exe -on ` or users can choose to add protectors to the volume. We recommend that you add at least one primary protector and a recovery protector to a data volume. +Data volumes use the same syntax for encryption as operating system volumes but they don't require protectors for the operation to complete. Encrypting data volumes can be done using the base command: + +``` syntax +manage-bde.exe -on +``` + +or users can choose to add protectors to the volume. It is recommended to add at least one primary protector and a recovery protector to a data volume. #### Enabling BitLocker with a password -A common protector for a data volume is the password protector. In the example below, we add a password protector to the volume and turn on BitLocker. +A common protector for a data volume is the password protector. In the example below, a password protector is added to the volume and turn on BitLocker. -```powershell +``` powershell manage-bde.exe -protectors -add -pw C: manage-bde.exe -on C: ``` @@ -199,31 +279,30 @@ Windows PowerShell cmdlets provide an alternative way to work with BitLocker. Us |**Suspend-BitLocker**|
  • Confirm
  • MountPoint
  • RebootCount
  • WhatIf| |**Unlock-BitLocker**|
  • AdAccountOrGroup
  • Confirm
  • MountPoint
  • Password
  • RecoveryKeyPath
  • RecoveryPassword
  • RecoveryPassword
  • WhatIf| -Similar to manage-bde, the Windows PowerShell cmdlets allow configuration beyond the options offered in the control panel. As with manage-bde, users need to consider the specific needs of the volume they're encrypting prior to running Windows PowerShell cmdlets. +Similar to `manage-bde.exe`, the Windows PowerShell cmdlets allow configuration beyond the options offered in the control panel. As with `manage-bde.exe`, users need to consider the specific needs of the volume they're encrypting prior to running Windows PowerShell cmdlets. -A good initial step is to determine the current state of the volume(s) on the computer. You can do this using the `Get-BitLocker` volume cmdlet. The output from this cmdlet displays information on the volume type, protectors, protection status, and other useful information. +A good initial step is to determine the current state of the volume(s) on the computer. You can do this using the `Get-BitLocker` volume PowerShell cmdlet. The output from this cmdlet displays information on the volume type, protectors, protection status, and other useful information. -Occasionally, all protectors may not be shown when using **Get-BitLockerVolume** due to lack of space in the output display. If you don't see all of the protectors for a volume, you can use the Windows PowerShell pipe command (|) to format a listing of the protectors. +Occasionally, all protectors may not be shown when using **Get-BitLockerVolume** due to lack of space in the output display. If all of the protectors for a volume aren't seen, the Windows PowerShell pipe command (`|`) can be used to format a listing of the protectors. > [!NOTE] > In the event that there are more than four protectors for a volume, the pipe command may run out of display space. For volumes with more than four protectors, use the method described in the section below to generate a listing of all protectors with protector ID. -```powershell +``` powershell Get-BitLockerVolume C: | fl ``` -If you want to remove the existing protectors prior to provisioning BitLocker on the volume, you can utilize the `Remove-BitLockerKeyProtector` cmdlet. Accomplishing this action requires the GUID associated with the protector to be removed. +If the existing protectors need to be removed prior to provisioning BitLocker on the volume, the `Remove-BitLockerKeyProtector` cmdlet can be used. Accomplishing this action requires the GUID associated with the protector to be removed. A simple script can pipe out the values of each **Get-BitLockerVolume** return to another variable as seen below: -```powershell +``` powershell $vol = Get-BitLockerVolume $keyprotectors = $vol.KeyProtector ``` -Using this script, we can display the information in the **$keyprotectors** variable to determine the GUID for each protector. -Using this information, we can then remove the key protector for a specific volume using the command: +Using this script, the information in the **$keyprotectors** variable can be displayed to determine the GUID for each protector. This information can then be used to remove the key protector for a specific volume using the command: -```powershell +``` powershell Remove-BitLockerKeyProtector : -KeyProtectorID "{GUID}" ``` @@ -232,17 +311,17 @@ Remove-BitLockerKeyProtector : -KeyProtectorID "{GUID}" ### Operating system volume PowerShell cmdlets -Using the BitLocker Windows PowerShell cmdlets is similar to working with the manage-bde tool for encrypting operating system volumes. Windows PowerShell offers users flexibility. For example, users can add the desired protector as part command for encrypting the volume. Below are examples of common user scenarios and steps to accomplish them using the BitLocker cmdlets for Windows PowerShell. +Using the BitLocker Windows PowerShell cmdlets is similar to working with the `manage-bde.exe` tool for encrypting operating system volumes. Windows PowerShell offers users flexibility. For example, users can add the desired protector as part command for encrypting the volume. Below are examples of common user scenarios and steps to accomplish them using the BitLocker cmdlets for Windows PowerShell. To enable BitLocker with just the TPM protector, use this command: -```powershell +``` powershell Enable-BitLocker C: ``` The example below adds one additional protector, the StartupKey protectors, and chooses to skip the BitLocker hardware test. In this example, encryption starts immediately without the need for a reboot. -```powershell +``` powershell Enable-BitLocker C: -StartupKeyProtector -StartupKeyPath -SkipHardwareTest ``` @@ -250,7 +329,7 @@ Enable-BitLocker C: -StartupKeyProtector -StartupKeyPath -SkipHardwareTes Data volume encryption using Windows PowerShell is the same as for operating system volumes. You should add the desired protectors prior to encrypting the volume. The following example adds a password protector to the E: volume using the variable $pw as the password. The $pw variable is held as a SecureString value to store the user-defined password. Last, encryption begins. -```powershell +``` powershell $pw = Read-Host -AsSecureString Enable-BitLockerKeyProtector E: -PasswordProtector -Password $pw @@ -258,20 +337,20 @@ Enable-BitLockerKeyProtector E: -PasswordProtector -Password $pw ### Using an SID-based protector in Windows PowerShell -The ADAccountOrGroup protector is an Active Directory SID-based protector. This protector can be added to both operating system and data volumes, although it doesn't unlock operating system volumes in the pre-boot environment. The protector requires the SID for the domain account or group to link with the protector. BitLocker can protect a cluster-aware disk by adding an SID-based protector for the Cluster Name Object (CNO) that lets the disk properly failover and unlock to any member computer of the cluster. +The **ADAccountOrGroup** protector is an Active Directory SID-based protector. This protector can be added to both operating system and data volumes, although it doesn't unlock operating system volumes in the pre-boot environment. The protector requires the SID for the domain account or group to link with the protector. BitLocker can protect a cluster-aware disk by adding an SID-based protector for the Cluster Name Object (CNO) that lets the disk properly failover and unlock to any member computer of the cluster. > [!WARNING] -> The SID-based protector requires the use of an additional protector (such as TPM, PIN, recovery key, etc.) when used on operating system volumes. +> The SID-based protector requires the use of an additional protector such as TPM, PIN, recovery key, etc. when used on operating system volumes. -To add an ADAccountOrGroup protector to a volume, you need either the actual domain SID or the group name preceded by the domain and a backslash. In the example below, the CONTOSO\\Administrator account is added as a protector to the data volume G. +To add an **ADAccountOrGroup** protector to a volume, either the domain SID is needed or the group name preceded by the domain and a backslash. In the example below, the **CONTOSO\\Administrator** account is added as a protector to the data volume G. -```powershell +``` powershell Enable-BitLocker G: -AdAccountOrGroupProtector -AdAccountOrGroup CONTOSO\Administrator ``` For users who wish to use the SID for the account or group, the first step is to determine the SID associated with the account. To get the specific SID for a user account in Windows PowerShell, use the following command: -```powershell +``` powershell Get-ADUser -filter {samaccountname -eq "administrator"} ``` @@ -279,11 +358,11 @@ Get-ADUser -filter {samaccountname -eq "administrator"} > Use of this command requires the RSAT-AD-PowerShell feature. > [!TIP] -> In addition to the Windows PowerShell command above, information about the locally logged on user and group membership can be found using: WHOAMI /ALL. This doesn't require the use of additional features. +> In addition to the Windows PowerShell command above, information about the locally logged on user and group membership can be found using: `WHOAMI /ALL`. This doesn't require the use of additional features. In the example below, the user wishes to add a domain SID-based protector to the previously encrypted operating system volume. The user knows the SID for the user account or group they wish to add and uses the following command: -```powershell +``` powershell Add-BitLockerKeyProtector C: -ADAccountOrGroupProtector -ADAccountOrGroup "" ``` @@ -292,7 +371,7 @@ Add-BitLockerKeyProtector C: -ADAccountOrGroupProtector -ADAccountOrGroup " ## Checking BitLocker status -To check the BitLocker status of a particular volume, administrators can look at the status of the drive in the BitLocker control panel applet, Windows Explorer, manage-bde command-line tool, or Windows PowerShell cmdlets. Each option offers different levels of detail and ease of use. We'll look at each of the available methods in the following section. +To check the BitLocker status of a particular volume, administrators can look at the status of the drive in the BitLocker control panel applet, Windows Explorer, `manage-bde.exe` command-line tool, or Windows PowerShell cmdlets. Each option offers different levels of detail and ease of use. We'll look at each of the available methods in the following section. ### Checking BitLocker status with the control panel @@ -305,20 +384,20 @@ Checking BitLocker status with the control panel is the most common method used | **Suspended** | BitLocker is suspended and not actively protecting the volume | | **Waiting for Activation**| BitLocker is enabled with a clear protector key and requires further action to be fully protected| -If a drive is pre-provisioned with BitLocker, a status of "Waiting for Activation" displays with a yellow exclamation icon on the volume. This status means that there was only a clear protector used when encrypting the volume. In this case, the volume isn't in a protected state and needs to have a secure key added to the volume before the drive is fully protected. Administrators can use the control panel, manage-bde tool, or WMI APIs to add an appropriate key protector. Once complete, the control panel will update to reflect the new status. +If a drive is pre-provisioned with BitLocker, a status of "Waiting for Activation" displays with a yellow exclamation icon on the volume. This status means that there was only a clear protector used when encrypting the volume. In this case, the volume isn't in a protected state and needs to have a secure key added to the volume before the drive is fully protected. Administrators can use the control panel, `manage-bde.exe` tool, or WMI APIs to add an appropriate key protector. Once complete, the control panel will update to reflect the new status. Using the control panel, administrators can choose **Turn on BitLocker** to start the BitLocker Drive Encryption wizard and add a protector, like PIN for an operating system volume (or password if no TPM exists), or a password or smart card protector to a data volume. The drive security window displays prior to changing the volume status. Selecting **Activate BitLocker** will complete the encryption process. Once BitLocker protector activation is completed, the completion notice is displayed. -### Checking BitLocker status with manage-bde +### Checking BitLocker status with `manage-bde.exe` -Administrators who prefer a command-line interface can utilize manage-bde to check volume status. Manage-bde is capable of returning more information about the volume than the graphical user interface tools in the control panel. For example, manage-bde can display the BitLocker version in use, the encryption type, and the protectors associated with a volume. +Administrators who prefer a command-line interface can utilize `manage-bde.exe` to check volume status. Manage-bde is capable of returning more information about the volume than the graphical user interface tools in the control panel. For example, `manage-bde.exe` can display the BitLocker version in use, the encryption type, and the protectors associated with a volume. -To check the status of a volume using manage-bde, use the following command: +To check the status of a volume using `manage-bde.exe`, use the following command: -```powershell +``` powershell manage-bde.exe -status ``` @@ -327,11 +406,11 @@ manage-bde.exe -status ### Checking BitLocker status with Windows PowerShell -Windows PowerShell commands offer another way to query BitLocker status for volumes. Like manage-bde, Windows PowerShell includes the advantage of being able to check the status of a volume on a remote computer. +Windows PowerShell commands offer another way to query BitLocker status for volumes. Like `manage-bde.exe`, Windows PowerShell includes the advantage of being able to check the status of a volume on a remote computer. Using the Get-BitLockerVolume cmdlet, each volume on the system displays its current BitLocker status. To get information that is more detailed on a specific volume, use the following command: -```powershell +``` powershell Get-BitLockerVolume -Verbose | fl ``` @@ -343,7 +422,7 @@ Administrators can enable BitLocker prior to operating system deployment from th ### Decrypting BitLocker volumes -Decrypting volumes removes BitLocker and any associated protectors from the volumes. Decryption should occur when protection is no longer required. BitLocker decryption shouldn't occur as a troubleshooting step. BitLocker can be removed from a volume using the BitLocker control panel applet, manage-bde, or Windows PowerShell cmdlets. We'll discuss each method further below. +Decrypting volumes removes BitLocker and any associated protectors from the volumes. Decryption should occur when protection is no longer required. BitLocker decryption shouldn't occur as a troubleshooting step. BitLocker can be removed from a volume using the BitLocker control panel applet, `manage-bde.exe`, or Windows PowerShell cmdlets. We'll discuss each method further below. ### Decrypting volumes using the BitLocker control panel applet @@ -354,33 +433,33 @@ The control panel doesn't report decryption progress but displays it in the noti Once decryption is complete, the drive updates its status in the control panel and becomes available for encryption. -### Decrypting volumes using the manage-bde command-line interface +### Decrypting volumes using the `manage-bde.exe` command-line interface -Decrypting volumes using manage-bde is straightforward. Decryption with manage-bde offers the advantage of not requiring user confirmation to start the process. Manage-bde uses the -off command to start the decryption process. A sample command for decryption is: +Decrypting volumes using `manage-bde.exe` is straightforward. Decryption with `manage-bde.exe` offers the advantage of not requiring user confirmation to start the process. Manage-bde uses the -off command to start the decryption process. A sample command for decryption is: -```powershell +``` powershell manage-bde.exe -off C: ``` This command disables protectors while it decrypts the volume and removes all protectors when decryption is complete. If users wish to check the status of the decryption, they can use the following command: -```powershell +``` powershell manage-bde.exe -status C: ``` ### Decrypting volumes using the BitLocker Windows PowerShell cmdlets -Decryption with Windows PowerShell cmdlets is straightforward, similar to manage-bde. Windows PowerShell offers the ability to decrypt multiple drives in one pass. In the example below, the user has three encrypted volumes, which they wish to decrypt. +Decryption with Windows PowerShell cmdlets is straightforward, similar to `manage-bde.exe`. Windows PowerShell offers the ability to decrypt multiple drives in one pass. In the example below, the user has three encrypted volumes, which they wish to decrypt. Using the Disable-BitLocker command, they can remove all protectors and encryption at the same time without the need for more commands. An example of this command is: -```powershell +``` powershell Disable-BitLocker ``` If a user didn't want to input each mount point individually, using the `-MountPoint` parameter in an array can sequence the same command into one line without requiring additional user input. An example command is: -```powershell +``` powershell Disable-BitLocker -MountPoint E:,F:,G: ``` diff --git a/windows/security/information-protection/bitlocker/bitlocker-countermeasures.md b/windows/security/information-protection/bitlocker/bitlocker-countermeasures.md index 77484cb8b0..33349719c3 100644 --- a/windows/security/information-protection/bitlocker/bitlocker-countermeasures.md +++ b/windows/security/information-protection/bitlocker/bitlocker-countermeasures.md @@ -27,7 +27,7 @@ Windows uses technologies including trusted platform module (TPM), secure boot, BitLocker helps mitigate unauthorized data access on lost or stolen computers before the authorized operating system is started. This mitigation is done by: -- **Encrypting volumes on your computer.** For example, you can turn on BitLocker for your operating system volume, or a volume on a fixed or removable data drive (such as a USB flash drive, SD card, and so on). Turning on BitLocker for your operating system volume encrypts all system files on the volume, including the paging files and hibernation files. The only exception is for the System partition, which includes the Windows Boot Manager and minimal boot collateral required for decryption of the operating system volume after the key is unsealed. +- **Encrypting volumes on a computer.** For example, BitLocker can be turned on for the operating system volume, a volume on a fixed drive. or removable data drive (such as a USB flash drive, SD card, etc.) Turning on BitLocker for the operating system volume encrypts all system files on the volume, including the paging files and hibernation files. The only exception is for the System partition, which includes the Windows Boot Manager and minimal boot collateral required for decryption of the operating system volume after the key is unsealed. - **Ensuring the integrity of early boot components and boot configuration data.** On devices that have a TPM version 1.2 or higher, BitLocker uses the enhanced security capabilities of the TPM to make data accessible only if the computer's BIOS firmware code and configuration, original boot sequence, boot components, and BCD configuration all appear unaltered and the encrypted disk is located in the original computer. On systems that use TPM PCR[7], BCD setting changes deemed safe are permitted to improve usability. @@ -37,7 +37,7 @@ For more information about how to enable the best overall security configuration ## Protection before startup -Before Windows starts, you must rely on security features implemented as part of the device hardware and firmware, including TPM and secure boot. Fortunately, many modern computers feature a TPM and secure boot. +Before Windows starts, security features implemented as part of the device hardware and firmware must be relied on, including TPM and secure boot. Fortunately, many modern computers feature a TPM and secure boot. ### Trusted Platform Module @@ -88,7 +88,7 @@ Pre-boot authentication with a PIN can mitigate an attack vector for devices tha On the other hand, Pre-boot authentication-prompts can be inconvenient to users. In addition, users who forget their PIN or lose their startup key are denied access to their data until they can contact their organization's support team to obtain a recovery key. Pre-boot authentication can also make it more difficult to update unattended desktops and remotely administered servers because a PIN needs to be entered when a computer reboots or resumes from hibernation. -To address these issues, you can deploy [BitLocker Network Unlock](./bitlocker-how-to-enable-network-unlock.md). Network Unlock allows systems within the physical enterprise security perimeter that meet the hardware requirements and have BitLocker enabled with TPM+PIN to boot into Windows without user intervention. It requires direct ethernet connectivity to an enterprise Windows Deployment Services (WDS) server. +To address these issues, [BitLocker Network Unlock](./bitlocker-how-to-enable-network-unlock.md) can be deployed. Network Unlock allows systems within the physical enterprise security perimeter that meet the hardware requirements and have BitLocker enabled with TPM+PIN to boot into Windows without user intervention. It requires direct ethernet connectivity to an enterprise Windows Deployment Services (WDS) server. ### Protecting Thunderbolt and other DMA ports diff --git a/windows/security/information-protection/bitlocker/bitlocker-deployment-and-administration-faq.yml b/windows/security/information-protection/bitlocker/bitlocker-deployment-and-administration-faq.yml index ca332ab051..114aaf78b1 100644 --- a/windows/security/information-protection/bitlocker/bitlocker-deployment-and-administration-faq.yml +++ b/windows/security/information-protection/bitlocker/bitlocker-deployment-and-administration-faq.yml @@ -30,7 +30,7 @@ sections: questions: - question: Can BitLocker deployment be automated in an enterprise environment? answer: | - Yes, you can automate the deployment and configuration of BitLocker and the TPM using either WMI or Windows PowerShell scripts. How you choose to implement the scripts depends on your environment. You can also use Manage-bde.exe to locally or remotely configure BitLocker. For more info about writing scripts that use the BitLocker WMI providers, see [BitLocker Drive Encryption Provider](/windows/win32/secprov/bitlocker-drive-encryption-provider). For more info about using Windows PowerShell cmdlets with BitLocker Drive Encryption, see [BitLocker Cmdlets in Windows PowerShell](/powershell/module/bitlocker/index?view=win10-ps). + Yes, the deployment and configuration of both BitLocker and the TPM can be automated using either WMI or Windows PowerShell scripts. Which method is chosen to implement the automation depends on the environment. `Manage-bde.exe` can also be used to locally or remotely configure BitLocker. For more info about writing scripts that use the BitLocker WMI providers, see [BitLocker Drive Encryption Provider](/windows/win32/secprov/bitlocker-drive-encryption-provider). For more info about using Windows PowerShell cmdlets with BitLocker Drive Encryption, see [BitLocker Cmdlets in Windows PowerShell](/powershell/module/bitlocker/index?view=win10-ps). - question: Can BitLocker encrypt more than just the operating system drive? answer: Yes. @@ -40,9 +40,9 @@ sections: - question: How long will initial encryption take when BitLocker is turned on? answer: | - Although BitLocker encryption occurs in the background while you continue to work, and the system remains usable, encryption times vary depending on the type of drive that is being encrypted, the size of the drive, and the speed of the drive. If you're encrypting large drives, you may want to set encryption to occur during times when you won't be using the drive. + Although BitLocker encryption occurs in the background while a user continues to work with the system remaining usable, encryption times vary depending on the type of drive that is being encrypted, the size of the drive, and the speed of the drive. If encrypting large drives, encryption may want to be scheduled during times when the drive isn't being used. - You can also choose whether or not BitLocker should encrypt the entire drive or just the used space on the drive when you turn on BitLocker. On a new hard drive, encrypting just the used spaced can be considerably faster than encrypting the entire drive. When this encryption option is selected, BitLocker automatically encrypts data as it is saved, ensuring that no data is stored unencrypted. + When BitLocker is enabled, BitLocker can also be set to encrypt the entire drive or just the used space on the drive. On a new hard drive, encrypting just the used spaced can be considerably faster than encrypting the entire drive. When this encryption option is selected, BitLocker automatically encrypts data as it is saved, ensuring that no data is stored unencrypted. - question: What happens if the computer is turned off during encryption or decryption? answer: If the computer is turned off or goes into hibernation, the BitLocker encryption and decryption process will resume where it stopped the next time Windows starts. BitLocker resuming encryption or decryption is true even if the power is suddenly unavailable. @@ -52,7 +52,7 @@ sections: - question: How can I prevent users on a network from storing data on an unencrypted drive? answer: | - You can configure Group Policy settings to require that data drives be BitLocker-protected before a BitLocker-protected computer can write data to them. For more info, see [BitLocker Group Policy settings](bitlocker-group-policy-settings.md). + Group Policy settings can be configured to require that data drives be BitLocker-protected before a BitLocker-protected computer can write data to them. For more info, see [BitLocker Group Policy settings](bitlocker-group-policy-settings.md). When these policy settings are enabled, the BitLocker-protected operating system will mount any data drives that aren't protected by BitLocker as read-only. - question: What is Used Disk Space Only encryption? @@ -71,11 +71,11 @@ sections: - question: What causes BitLocker to start into recovery mode when attempting to start the operating system drive? answer: | - Because BitLocker is designed to protect your computer from numerous attacks, there are numerous reasons why BitLocker could start in recovery mode. + Because BitLocker is designed to protect computers from numerous attacks, there are numerous reasons why BitLocker could start in recovery mode. For example: - Changing the BIOS boot order to boot another drive in advance of the hard drive. - - Adding or removing hardware, such as inserting a new card in the computer, including some PCMIA wireless cards. + - Adding or removing hardware, such as inserting a new card in the computer. - Removing, inserting, or completely depleting the charge on a smart battery on a portable computer. In BitLocker, recovery consists of decrypting a copy of the volume master key using either a recovery key stored on a USB flash drive or a cryptographic key derived from a recovery password. @@ -85,10 +85,10 @@ sections: answer: BitLocker can be prevented from binding to PCR 7 if a non-Windows OS booted prior to Windows, or if Secure Boot isn't available to the device, either because it has been disabled or the hardware doesn't support it. - question: Can I swap hard disks on the same computer if BitLocker is enabled on the operating system drive? - answer: Yes, you can swap multiple hard disks on the same computer if BitLocker is enabled, but only if the hard disks were BitLocker-protected on the same computer. The BitLocker keys are unique to the TPM and operating system drive. So if you want to prepare a backup operating system or data drive in case a disk fails, make sure that they were matched with the correct TPM. You can also configure different hard drives for different operating systems and then enable BitLocker on each one with different authentication methods (such as one with TPM-only and one with TPM+PIN) without any conflicts. + answer: Yes, multiple hard disks can be swapped on the same computer if BitLocker is enabled, but only if the hard disks were BitLocker-protected on the same computer. The BitLocker keys are unique to the TPM and the operating system drive. If a backup operating system or data drive needs to be prepared in case of a disk failure, make sure that they were matched with the correct TPM. Different hard drives can also be configured for different operating systems and then enable BitLocker on each one with different authentication methods (such as one with TPM-only and one with TPM+PIN) without any conflicts. - question: Can I access my BitLocker-protected drive if I insert the hard disk into a different computer? - answer: Yes, if the drive is a data drive, you can unlock it from the **BitLocker Drive Encryption** Control Panel item just as you would any other data drive by using a password or smart card. If the data drive was configured for automatic unlock only, you'll have to unlock it by using the recovery key. The encrypted hard disk can be unlocked by a data recovery agent (if one was configured) or it can be unlocked by using the recovery key. + answer: Yes, if the drive is a data drive, it can be unlocked from the **BitLocker Drive Encryption** Control Panel item by using a password or smart card. If the data drive was configured for automatic unlock only, it will need to be unlocked by using the recovery key. The encrypted hard disk can be unlocked by a data recovery agent (if one was configured) or it can be unlocked by using the recovery key. - question: Why is **Turn BitLocker on** not available when I right-click a drive? answer: Some drives can't be encrypted with BitLocker. Reasons a drive can't be encrypted include insufficient disk size, an incompatible file system, if the drive is a dynamic disk, or a drive is designated as the system partition. By default, the system drive (or system partition) is hidden from display. However, if it isn't created as a hidden drive when the operating system was installed due to a custom installation process, that drive might be displayed but can't be encrypted. diff --git a/windows/security/information-protection/bitlocker/bitlocker-device-encryption-overview-windows-10.md b/windows/security/information-protection/bitlocker/bitlocker-device-encryption-overview-windows-10.md index f2e4db7323..b49839a6c1 100644 --- a/windows/security/information-protection/bitlocker/bitlocker-device-encryption-overview-windows-10.md +++ b/windows/security/information-protection/bitlocker/bitlocker-device-encryption-overview-windows-10.md @@ -40,20 +40,19 @@ The below table lists specific data-protection concerns and how they're addresse | There's no support for using BitLocker with self-encrypting drives (SEDs). | BitLocker supports offloading encryption to encrypted hard drives. | | Administrators have to use separate tools to manage encrypted hard drives. | BitLocker supports encrypted hard drives with onboard encryption hardware built in, which allows administrators to use the familiar BitLocker administrative tools to manage them. | | Encrypting a new flash drive can take more than 20 minutes. | Used Space Only encryption in BitLocker To Go allows users to encrypt removable data drives in seconds. | -| BitLocker could require users to enter a recovery key when system configuration changes occur. | BitLocker requires the user to enter a recovery key only when disk corruption occurs or when you lose the PIN or password. | +| BitLocker could require users to enter a recovery key when system configuration changes occur. | BitLocker requires the user to enter a recovery key only when disk corruption occurs or when the PIN or password is lost. | | Users need to enter a PIN to start the PC, and then their password to sign in to Windows. | Modern Windows devices are increasingly protected with BitLocker Device Encryption out of the box and support SSO to help protect the BitLocker encryption keys from cold boot attacks. | ## Prepare for drive and file encryption -The best type of security measures is transparent to the user during implementation and use. Every time there's a possible delay or difficulty because of a security feature, there's strong likelihood that users will try to bypass security. This situation is especially true for data protection, and that's a scenario that organizations need to avoid. -Whether you're planning to encrypt entire volumes, removable devices, or individual files, Windows 11 and Windows 10 meet your needs by providing streamlined, usable solutions. In fact, you can take several steps in advance to prepare for data encryption and make the deployment quick and smooth. +The best type of security measures is transparent to the user during implementation and use. Every time there's a possible delay or difficulty because of a security feature, there's a strong likelihood that users will try to bypass security. This situation is especially true for data protection, and that's a scenario that organizations need to avoid. Whether planning to encrypt entire volumes, removable devices, or individual files, Windows 11 and Windows 10 meet these needs by providing streamlined, usable solutions. In fact, several steps can be taken in advance to prepare for data encryption and make the deployment quick and smooth. ### TPM pre-provisioning In Windows 7, preparing the TPM offered a few challenges: - Turning on the TPM required going into the BIOS or UEFI firmware of the device. Turning on the TPM at the device requires someone to either physically go into the BIOS or UEFI firmware settings of the device to turn on the TPM, or to install a driver in Windows to turn on the TPM from within Windows. -- When you enable the TPM, it may require one or more restarts. +- When the TPM is enabled, it may require one or more restarts. This made preparing the TPM in Windows 7 problematic. If IT staff are provisioning new PCs, they can handle the required steps for preparing a TPM. However, if BitLocker needed to be enabled on devices that are already in users' hands, those users would probably struggle with the technical challenges. The user would then either call to IT for support or leave BitLocker disabled. @@ -77,7 +76,7 @@ Unlike a standard BitLocker implementation, BitLocker Device Encryption is enabl - If the device isn't domain joined, a Microsoft account that has been granted administrative privileges on the device is required. When the administrator uses a Microsoft account to sign in, the clear key is removed, a recovery key is uploaded to the online Microsoft account, and a TPM protector is created. Should a device require the recovery key, the user will be guided to use an alternate device and navigate to a recovery key access URL to retrieve the recovery key by using their Microsoft account credentials. -- If the user uses a domain account to sign in, the clear key isn't removed until the user joins the device to a domain, and the recovery key is successfully backed up to Active Directory Domain Services (AD DS). You must enable the following Group Policy settings: +- If the user uses a domain account to sign in, the clear key isn't removed until the user joins the device to a domain, and the recovery key is successfully backed up to Active Directory Domain Services (AD DS). The following Group Policy settings must be enabled for the recovery key to be backed up to AD DS: *Computer Configuration* > *Administrative Templates* > *Windows Components* > *BitLocker Drive Encryption* > *Operating System Drives* > **Do not enable BitLocker until recovery information is stored in AD DS for operating system drives** @@ -85,7 +84,7 @@ Unlike a standard BitLocker implementation, BitLocker Device Encryption is enabl - Similar to signing in with a domain account, the clear key is removed when the user signs in to an Azure AD account on the device. As described in the bullet point above, the recovery password is created automatically when the user authenticates to Azure AD. Then, the recovery key is backed up to Azure AD, the TPM protector is created, and the clear key is removed. -Microsoft recommends that BitLocker Device Encryption be enabled on any systems that support it, but the automatic BitLocker Device Encryption process can be prevented by changing the following registry setting: +Microsoft recommends automatically enabling BitLocker Device Encryption on any systems that support it. However, the automatic BitLocker Device Encryption process can be prevented by changing the following registry setting: - **Subkey**: `HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\BitLocker` - **Type**: `REG_DWORD` @@ -94,13 +93,13 @@ Microsoft recommends that BitLocker Device Encryption be enabled on any systems Administrators can manage domain-joined devices that have BitLocker Device Encryption enabled through Microsoft BitLocker Administration and Monitoring (MBAM). In this case, BitLocker Device Encryption automatically makes additional BitLocker options available. No conversion or encryption is required, and MBAM can manage the full BitLocker policy set if any configuration changes are required. > [!NOTE] -> BitLocker Device Encryption uses the XTS-AES 128-bit encryption method. In case you need to use a different encryption method and/or cipher strength, the device must be configured and decrypted (if already encrypted) first. After that, different BitLocker settings can be applied. +> BitLocker Device Encryption uses the XTS-AES 128-bit encryption method. If a different encryption method and/or cipher strength is needed but the device is already encrypted, it must first be decrypted before the new encryption method and/or cipher strength can be applied. After the device has been decrypted, different BitLocker settings can be applied. ## Used Disk Space Only encryption -BitLocker in earlier Windows versions could take a long time to encrypt a drive because it encrypted every byte on the volume including parts that didn't have data. Encrypting every byte on the volume including parts that didn't have data is known as full disk encryption. Full disk encryption is still the most secure way to encrypt a drive, especially if a drive has previously contained confidential data that has since been moved or deleted. If a drive previously had confidential data that has been moved or deleted, traces of the confidential data could remain on portions of the drive marked as unused. +BitLocker in earlier Windows versions could take a long time to encrypt a drive because it encrypted every byte on the volume including areas that didn't have data. Encrypting every byte on the volume including areas that didn't have data is known as full disk encryption. Full disk encryption is still the most secure way to encrypt a drive, especially if a drive has previously contained confidential data that has since been moved or deleted. If a drive previously had confidential data that has been moved or deleted, traces of the confidential data could remain on portions of the drive marked as unused. -But why encrypt a new drive when you can encrypt the data as it is being written? To reduce encryption time, BitLocker in Windows 11 and Windows 10 let users choose to encrypt just their data. Depending on the amount of data on the drive, this option can reduce encryption time by more than 99 percent. +To reduce encryption time, BitLocker in Windows 11 and Windows 10 let users choose to encrypt just the areas of the disk that contain data. Areas of the disk that don't contain data and are empty won't be encrypted. Any new data is encrypted as it's created. Depending on the amount of data on the drive, this option can reduce the initial encryption time by more than 99 percent. Exercise caution when encrypting only used space on an existing volume on which confidential data may have already been stored in an unencrypted state. When using used space encryption, sectors where previously unencrypted data are stored can be recovered through disk-recovery tools until they're overwritten by new encrypted data. In contrast, encrypting only used space on a brand-new volume can significantly decrease deployment time without the security risk because all new data will be encrypted as it's written to the disk. @@ -108,7 +107,7 @@ Exercise caution when encrypting only used space on an existing volume on which SEDs have been available for years, but Microsoft couldn't support their use with some earlier versions of Windows because the drives lacked important key management features. Microsoft worked with storage vendors to improve the hardware capabilities, and now BitLocker supports the next generation of SEDs, which are called encrypted hard drives. -Encrypted hard drives provide onboard cryptographic capabilities to encrypt data on drives, which improves both drive and system performance by offloading cryptographic calculations from the PC's processor to the drive itself and rapidly encrypting the drive by using dedicated, purpose-built hardware. If you plan to use whole-drive encryption with Windows 11 or Windows 10, Microsoft recommends that you investigate hard drive manufacturers and models to determine whether any of their encrypted hard drives meet your security and budget requirements. +Encrypted hard drives provide onboard cryptographic capabilities to encrypt data on drives. This feature improves both drive and system performance by offloading cryptographic calculations from the PC's processor to the drive itself. Data is rapidly encrypted by the drive by using dedicated, purpose-built hardware. If planning to use whole-drive encryption with Windows 11 or Windows 10, Microsoft recommends researching hard drive manufacturers and models to determine whether any of their encrypted hard drives meet the security and budget requirements. For more information about encrypted hard drives, see [Encrypted hard drive](../encrypted-hard-drive.md). @@ -122,9 +121,9 @@ Windows 11 and Windows 10 can enable a true SSO experience from the preboot envi ## Manage passwords and PINs -When BitLocker is enabled on a system drive and the PC has a TPM, you can choose to require that users type a PIN before BitLocker will unlock the drive. Such a PIN requirement can prevent an attacker who has physical access to a PC from even getting to the Windows sign-in, which makes it almost impossible for the attacker to access or modify user data and system files. +When BitLocker is enabled on a system drive and the PC has a TPM, users can be required to type a PIN before BitLocker will unlock the drive. Such a PIN requirement can prevent an attacker who has physical access to a PC from even getting to the Windows sign-in, which makes it almost impossible for the attacker to access or modify user data and system files. -Requiring a PIN at startup is a useful security feature because it acts as a second authentication factor (a second "something you know"). This configuration comes with some costs, however. One of the most significant is the need to change the PIN regularly. In enterprises that used BitLocker with Windows 7 and the Windows Vista operating system, users had to contact systems administrators to update their BitLocker PIN or password. This requirement not only increased management costs but made users less willing to change their BitLocker PIN or password regularly. +Requiring a PIN at startup is a useful security feature because it acts as a second authentication factor. However, this configuration comes with some costs. One of the most significant costs is the need to change the PIN regularly. In enterprises that used BitLocker with Windows 7 and the Windows Vista operating system, users had to contact systems administrators to update their BitLocker PIN or password. This requirement not only increased management costs but made users less willing to change their BitLocker PIN or password regularly. Windows 11 and Windows 10 users can update their BitLocker PINs and passwords themselves, without administrator credentials. Not only will this feature reduce support costs, but it could improve security, too, because it encourages users to change their PINs and passwords more often. In addition, Modern Standby devices don't require a PIN for startup: They're designed to start infrequently and have other mitigations in place that further reduce the attack surface of the system. @@ -163,7 +162,7 @@ Part of the Microsoft Desktop Optimization Pack, Microsoft BitLocker Administrat - Empowers Windows Enterprise users to continue working anywhere with the assurance that their corporate data is protected. -- Enforces the BitLocker encryption policy options that you set for your enterprise. +- Enforces the BitLocker encryption policy options that are set for the enterprise. - Integrates with existing management tools, such as Microsoft Configuration Manager. diff --git a/windows/security/information-protection/bitlocker/bitlocker-frequently-asked-questions.yml b/windows/security/information-protection/bitlocker/bitlocker-frequently-asked-questions.yml index f372194183..6e5641e175 100644 --- a/windows/security/information-protection/bitlocker/bitlocker-frequently-asked-questions.yml +++ b/windows/security/information-protection/bitlocker/bitlocker-frequently-asked-questions.yml @@ -26,7 +26,7 @@ summary: | - Windows 11 - Windows Server 2016 and above - This article links to frequently asked questions about BitLocker. BitLocker is a data protection feature that encrypts drives on your computer to help prevent data theft or exposure. BitLocker-protected computers can also delete data more securely when they're decommissioned because it's much more difficult to recover deleted data from an encrypted drive than from a non-encrypted drive. + This article links to frequently asked questions about BitLocker. BitLocker is a data protection feature that encrypts drives on computers to help prevent data theft or exposure. BitLocker-protected computers can also delete data more securely when they're decommissioned because it's much more difficult to recover deleted data from an encrypted drive than from a non-encrypted drive. - [Overview and requirements](bitlocker-overview-and-requirements-faq.yml) - [Upgrading](bitlocker-upgrading-faq.yml) diff --git a/windows/security/information-protection/bitlocker/bitlocker-group-policy-settings.md b/windows/security/information-protection/bitlocker/bitlocker-group-policy-settings.md index b1f0b075a8..f31f5430d7 100644 --- a/windows/security/information-protection/bitlocker/bitlocker-group-policy-settings.md +++ b/windows/security/information-protection/bitlocker/bitlocker-group-policy-settings.md @@ -611,7 +611,7 @@ The values of this policy determine the strength of the cipher that BitLocker us If you enable this setting, you can configure an encryption algorithm and key cipher strength for fixed data drives, operating system drives, and removable data drives individually. -- For fixed and operating system drives, we recommend that you use the XTS-AES algorithm. +- For fixed and operating system drives, it is recommend to use the XTS-AES algorithm. - For removable drives, you should use AES-CBC 128-bit or AES-CBC 256-bit if the drive will be used in other devices that aren't running Windows 10, version 1511 or later, or Windows 11. @@ -978,7 +978,7 @@ Once you enable the setting, you have three options: - If you select the **Use custom recovery URL** option, type the custom message URL in the **Custom recovery URL option** text box. The URL that you type in the **Custom recovery URL option** text box replaces the default URL in the default recovery message, which is displayed on the pre-boot recovery screen. > [!IMPORTANT] -> Not all characters and languages are supported in the pre-boot environment. We strongly recommended that you verify the correct appearance of the characters that you use for the custom message and URL on the pre-boot recovery screen. +> Not all characters and languages are supported in the pre-boot environment. It is strongly recommended that you verify the correct appearance of the characters that you use for the custom message and URL on the pre-boot recovery screen. > [!IMPORTANT] > Because you can alter the BCDEdit commands manually before you have set Group Policy settings, you can't return the policy setting to the default setting by selecting the **Not Configured** option after you have configured this policy setting. To return to the default pre-boot recovery screen leave the policy setting enabled and select the **Use default message** options from the **Choose an option for the pre-boot recovery message** drop-down list box. diff --git a/windows/security/information-protection/bitlocker/bitlocker-how-to-deploy-on-windows-server.md b/windows/security/information-protection/bitlocker/bitlocker-how-to-deploy-on-windows-server.md index e7579cafbb..c81d7ac7b4 100644 --- a/windows/security/information-protection/bitlocker/bitlocker-how-to-deploy-on-windows-server.md +++ b/windows/security/information-protection/bitlocker/bitlocker-how-to-deploy-on-windows-server.md @@ -43,22 +43,23 @@ This article explains how to deploy BitLocker on Windows Server 2012 and later v > [!NOTE] > Server roles and features are installed by using the same wizard in Server Manager. -7. Select the check box next to **BitLocker Drive Encryption** within the **Features** pane of the **Add Roles and Features** wizard. The wizard shows the extra management features available for BitLocker. If you don't want to install these features, deselect the **Include management tools -** and select **Add Features**. Once optional features selection is complete, select **Next** to proceed in the wizard. +7. Select the check box next to **BitLocker Drive Encryption** within the **Features** pane of the **Add Roles and Features** wizard. The wizard shows the extra management features available for BitLocker. If the extra management features are not needed and/or don't need to be installed, deselect the **Include management tools**. > [!NOTE] > The **Enhanced Storage** feature is a required feature for enabling BitLocker. This feature enables support for encrypted hard drives on capable systems. -8. Select **Install** on the **Confirmation** pane of the **Add Roles and Features** wizard to begin BitLocker feature installation. The BitLocker feature requires a restart for its installation to be complete. Selecting the **Restart the destination server automatically if required** option in the **Confirmation** pane forces a restart of the computer after installation is complete. +8. Select **Add Features**. Once optional features selection is complete, select **Next** to proceed in the wizard. -9. If the **Restart the destination server automatically if required** check box isn't selected, the **Results** pane of the **Add Roles and Features** wizard displays the success or failure of the BitLocker feature installation. If necessary, a notification of other action necessary to complete the feature installation, such as the restart of the computer, will be displayed in the results text. +9. Select **Install** on the **Confirmation** pane of the **Add Roles and Features** wizard to begin BitLocker feature installation. The BitLocker feature requires a restart for its installation to be complete. Selecting the **Restart the destination server automatically if required** option in the **Confirmation** pane forces a restart of the computer after installation is complete. + +10. If the **Restart the destination server automatically if required** check box isn't selected, the **Results** pane of the **Add Roles and Features** wizard displays the success or failure of the BitLocker feature installation. If necessary, a notification of other action necessary to complete the feature installation, such as the restart of the computer, will be displayed in the results text. ### To install BitLocker using Windows PowerShell -Windows PowerShell offers administrators another option for BitLocker feature installation. Windows PowerShell installs features using the `servermanager` or `dism` module. However, the `servermanager` and `dism` modules don't always share feature name parity. Because of this mismatch of feature name parity, it's advisable to confirm the feature or role name prior to installation. +Windows PowerShell offers administrators another option for BitLocker feature installation. Windows PowerShell installs features using the `servermanager` or `dism.exe` module. However, the `servermanager` and `dism.exe` modules don't always share feature name parity. Because of this mismatch of feature name parity, it's advisable to confirm the feature or role name prior to installation. > [!NOTE] -> You must restart the server to complete the installation of BitLocker. +> The server must be restarted to complete the installation of BitLocker. ### Using the servermanager module to install BitLocker @@ -99,15 +100,15 @@ Install-WindowsFeature BitLocker -IncludeAllSubFeature -IncludeManagementTools - ### Using the dism module to install BitLocker -The `dism` Windows PowerShell module uses the `Enable-WindowsOptionalFeature` cmdlet to install features. The BitLocker feature name for BitLocker is `BitLocker`. The `dism` module doesn't support wildcards when searching for feature names. To list feature names for the `dism` module, use the `Get-WindowsOptionalFeatures` cmdlet. The following command will list all of the optional features in an online (running) operating system. +The `dism.exe` Windows PowerShell module uses the `Enable-WindowsOptionalFeature` cmdlet to install features. The BitLocker feature name for BitLocker is `BitLocker`. The `dism.exe` module doesn't support wildcards when searching for feature names. To list feature names for the `dism.exe` module, use the `Get-WindowsOptionalFeatures` cmdlet. The following command will list all of the optional features in an online (running) operating system. ``` powershell Get-WindowsOptionalFeature -Online | ft ``` -From this output, we can see that there are three BitLocker-related optional feature names: BitLocker, BitLocker-Utilities and BitLocker-NetworkUnlock. To install the BitLocker feature, the BitLocker and BitLocker-Utilities features are the only required items. +From this output, it can be seen that there are three BitLocker-related optional feature names: **BitLocker**, **BitLocker-Utilities** and **BitLocker-NetworkUnlock**. To install the BitLocker feature, the **BitLocker** and **BitLocker-Utilities** features are the only required items. -To install BitLocker using the `dism` module, use the following command: +To install BitLocker using the `dism.exe` module, use the following command: ``` powershell Enable-WindowsOptionalFeature -Online -FeatureName BitLocker -All diff --git a/windows/security/information-protection/bitlocker/bitlocker-how-to-enable-network-unlock.md b/windows/security/information-protection/bitlocker/bitlocker-how-to-enable-network-unlock.md index bfd8ef3474..c2a6a79c56 100644 --- a/windows/security/information-protection/bitlocker/bitlocker-how-to-enable-network-unlock.md +++ b/windows/security/information-protection/bitlocker/bitlocker-how-to-enable-network-unlock.md @@ -15,7 +15,7 @@ ms.custom: bitlocker ms.technology: itpro-security --- -# BitLocker: How to enable network unlock +# BitLocker: How to enable Network Unlock *Applies to:* @@ -23,171 +23,215 @@ ms.technology: itpro-security - Windows 11 - Windows Server 2016 and above -This topic describes how BitLocker network unlock works and how to configure it. +This article describes how BitLocker Network Unlock works and how to configure it. -Network Unlock was introduced in Windows 8 and Windows Server 2012 as a BitLocker protector option for operating system volumes. Network unlock enables easier management for BitLocker-enabled desktops and servers in a domain environment by providing automatic unlock of operating system volumes at system reboot when connected to a wired corporate network. This feature requires the client hardware to have a DHCP driver implemented in its UEFI firmware. -Without Network Unlock, operating system volumes protected by TPM+PIN protectors require a PIN to be entered when a computer reboots or resumes from hibernation (for example, by Wake on LAN). This can make it difficult to enterprises to roll out software patches to unattended desktops and remotely administered servers. +Network Unlock is a BitLocker protector option for operating system volumes. Network Unlock enables easier management for BitLocker-enabled desktops and servers in a domain environment by providing automatic unlock of operating system volumes at system reboot when connected to a wired corporate network. This feature requires the client hardware to have a DHCP driver implemented in its UEFI firmware. Without Network Unlock, operating system volumes protected by TPM+PIN protectors require a PIN to be entered when a computer reboots or resumes from hibernation (for example, by Wake on LAN). Requiring a PIN after a reboot can make it difficult to enterprises to roll out software patches to unattended desktops and remotely administered servers. -Network unlock allows BitLocker-enabled systems that have a TPM+PIN and that meet the hardware requirements to boot into Windows without user intervention. Network unlock works in a similar fashion to the TPM+StartupKey at boot. Rather than needing to read the StartupKey from USB media, however, the Network Unlock feature needs the key to be composed from a key stored in the TPM and an encrypted network key that is sent to the server, decrypted and returned to the client in a secure session. +Network Unlock allows BitLocker-enabled systems that have a TPM+PIN and that meet the hardware requirements to boot into Windows without user intervention. Network Unlock works in a similar fashion to the TPM+StartupKey at boot. Rather than needing to read the StartupKey from USB media, however, the Network Unlock feature needs the key to be composed from a key stored in the TPM and an encrypted network key that is sent to the server, decrypted and returned to the client in a secure session. -## Network unlock core requirements +## Network Unlock core requirements Network Unlock must meet mandatory hardware and software requirements before the feature can automatically unlock domain-joined systems. These requirements include: -- Windows 8 or Windows Server 2012 as the current operating system. -- Any supported operating system with UEFI DHCP drivers that can serve as Network Unlock clients. -- Network Unlock clients with a TPM chip and at least one TPM protector. -- A server running the Windows Deployment Services (WDS) role on any supported server operating system. -- BitLocker Network Unlock optional feature installed on any supported server operating system. -- A DHCP server, separate from the WDS server. -- Properly configured public/private key pairing. -- Network Unlock group policy settings configured. - -The network stack must be enabled to use the Network Unlock feature. Equipment manufacturers deliver their products in various states and with different BIOS menus; therefore, you need to confirm that the network stack has been enabled in the BIOS before starting the computer. +- Currently supported Windows operating system +- Any supported operating system with UEFI DHCP drivers that can serve as Network Unlock clients +- Network Unlock clients with a TPM chip and at least one TPM protector +- A server running the Windows Deployment Services (WDS) role on any supported server operating system +- BitLocker Network Unlock optional feature installed on any supported server operating system +- A DHCP server, separate from the WDS server +- Properly configured public/private key pairing +- Network Unlock group policy settings configured +- Network stack enabled in the UEFI firmware of client devices > [!NOTE] > To properly support DHCP within UEFI, the UEFI-based system should be in native mode and shouldn't have a compatibility support module (CSM) enabled. -On computers that run Windows 8 and later, the first network adapter on the computer, usually the onboard adapter, must be configured to support DHCP. This adapter must be used for Network Unlock. +For Network Unlock to work reliably on computers, the first network adapter on the computer, usually the onboard adapter, must be configured to support DHCP. This first network adapter must be used for Network Unlock. This configuration is especially worth noting when the device has multiple adapters, and some adapters are configured without DHCP, such as for use with a lights-out management protocol. This configuration is necessary because Network Unlock stops enumerating adapters when it reaches one with a DHCP port failure for any reason. Thus, if the first enumerated adapter doesn't support DHCP, isn't plugged into the network, or fails to report availability of the DHCP port for any reason, then Network Unlock fails. -For network unlock to work reliably on computers running Windows 8 and later versions, the first network adapter on the computer, usually the onboard adapter, must be configured to support DHCP and must be used for Network Unlock. This is especially worth noting when you have multiple adapters, and you wish to configure one without DHCP, such as for a lights-out management protocol. This configuration is necessary because network unlock stops enumerating adapters when it reaches one with a DHCP port failure for any reason. Thus, if the first enumerated adapter does not support DHCP, is not plugged into the network, or fails to report availability of the DHCP port for any reason, then Network Unlock fails. - The Network Unlock server component is installed on supported versions of Windows Server 2012 and later as a Windows feature that uses Server Manager or Windows PowerShell cmdlets. The feature name is BitLocker Network Unlock in Server Manager and BitLocker-NetworkUnlock in Windows PowerShell. This feature is a core requirement. -Network unlock requires Windows Deployment Services (WDS) in the environment where the feature will be utilized. Configuration of the WDS installation is not required; however, the WDS service must be running on the server. +Network Unlock requires Windows Deployment Services (WDS) in the environment where the feature will be utilized. Configuration of the WDS installation isn't required; however, the WDS service must be running on the server. The network key is stored on the system drive along with an AES 256 session key and encrypted with the 2048-bit RSA public key of the Unlock server certificate. The network key is decrypted with the help of a provider on a supported version of Windows Server running WDS, and returned encrypted with its corresponding session key. -## Network Unlock sequence +## Network Unlock sequence -The unlock sequence starts on the client side when the Windows boot manager detects the existence of network unlock protector. It leverages the DHCP driver in UEFI to obtain an IP address for IPv4 and then broadcasts a vendor-specific DHCP request that contains the network key and a session key for the reply, all encrypted by the server's Network Unlock certificate, as described above. The Network Unlock provider on the supported WDS server recognizes the vendor-specific request, decrypts it with the RSA private key, and returns the network key encrypted with the session key via its own vendor-specific DHCP reply. +The unlock sequence starts on the client side when the Windows boot manager detects the existence of Network Unlock protector. It uses the DHCP driver in UEFI to obtain an IP address for IPv4 and then broadcasts a vendor-specific DHCP request that contains the network key and a session key for the reply, all encrypted by the server's Network Unlock certificate, as described above. The Network Unlock provider on the supported WDS server recognizes the vendor-specific request, decrypts it with the RSA private key, and returns the network key encrypted with the session key via its own vendor-specific DHCP reply. -On the server side, the WDS server role has an optional plugin component, like a PXE provider, which is what handles the incoming network unlock requests. You can also configure the provider with subnet restrictions, which would require that the IP address provided by the client in the network unlock request belong to a permitted subnet to release the network key to the client. In instances where the Network Unlock provider is unavailable, BitLocker fails over to the next available protector to unlock the drive. In a typical configuration, this means the standard TPM+PIN unlock screen is presented to unlock the drive. +On the server side, the WDS server role has an optional plugin component, like a PXE provider, which is what handles the incoming Network Unlock requests. The provider can also be configured with subnet restrictions, which would require that the IP address provided by the client in the Network Unlock request belong to a permitted subnet to release the network key to the client. In instances where the Network Unlock provider is unavailable, BitLocker fails over to the next available protector to unlock the drive. In a typical configuration, the standard TPM+PIN unlock screen is presented to unlock the drive. The server side configuration to enable Network Unlock also requires provisioning a 2048-bit RSA public/private key pair in the form of an X.509 certificate, and distributing the public key certificate to the clients. This certificate must be managed and deployed through the Group Policy editor directly on a domain controller with at least a Domain Functional Level of Windows Server 2012. This certificate is the public key that encrypts the intermediate network key (which is one of the two secrets required to unlock the drive; the other secret is stored in the TPM). Manage and deploy this certificate through the Group Policy editor directly on a domain controller that has a domain functional level of at least Windows Server 2012. This certificate is the public key that encrypts the intermediate network key. The intermediate network key is one of the two secrets that are required to unlock the drive; the other secret is stored in the TPM. -![Diagram showing the BitLocker network unlock sequence.](images/bitlockernetworkunlocksequence.png) +![Diagram showing the BitLocker Network Unlock sequence.](images/bitlockernetworkunlocksequence.png) The Network Unlock process follows these phases: 1. The Windows boot manager detects a Network Unlock protector in the BitLocker configuration. + 2. The client computer uses its DHCP driver in the UEFI to get a valid IPv4 IP address. -3. The client computer broadcasts a vendor-specific DHCP request that contains: - 1. A network key (a 256-bit intermediate key) that is encrypted by using the 2048-bit RSA Public Key of the network unlock certificate from the WDS server. + +3. The client computer broadcasts a vendor-specific DHCP request that contains: + + 1. A network key (a 256-bit intermediate key) that is encrypted by using the 2048-bit RSA Public Key of the Network Unlock certificate from the WDS server. + 2. An AES-256 session key for the reply. + 4. The Network Unlock provider on the WDS server recognizes the vendor-specific request. + 5. The provider decrypts the request by using the WDS server's BitLocker Network Unlock certificate RSA private key. + 6. The WDS provider returns the network key encrypted with the session key by using its own vendor-specific DHCP reply to the client computer. This key is an intermediate key. + 7. The returned intermediate key is combined with another local 256-bit intermediate key. This key can be decrypted only by the TPM. + 8. This combined key is used to create an AES-256 key that unlocks the volume. + 9. Windows continues the boot sequence. -## Configure network unlock +## Configure Network Unlock -The following steps allow an administrator to configure network unlock in a domain where the Domain Functional Level is at least Windows Server 2012. +The following steps allow an administrator to configure Network Unlock in a domain where the Domain Functional Level is at least Windows Server 2012. -### Install the WDS server role +### Install the WDS server role -The BitLocker network unlock feature installs the WDS role if it is not already installed. If you want to install it separately before you install BitLocker network unlock, you can use Server Manager or Windows PowerShell. To install the role using Server Manager, select the **Windows Deployment Services** role in Server Manager. +The BitLocker Network Unlock feature installs the WDS role if it isn't already installed. WDS can be installed separately before BitLocker Network Unlock is installed by using **Server Manager** or **Windows PowerShell**. To install the role using Server Manager, select the **Windows Deployment Services** role in **Server Manager**. To install the role by using Windows PowerShell, use the following command: -```powershell +``` powershell Install-WindowsFeature WDS-Deployment ``` -You must configure the WDS server so that it can communicate with DHCP (and optionally AD DS) and the client computer. You can configure using the WDS management tool, wdsmgmt.msc, which starts the Windows Deployment Services Configuration wizard. +The WDS server must be configured so that it can communicate with DHCP (and optionally AD DS) and the client computer. The WDS server can be be configured using the WDS management tool, `wdsmgmt.msc`, which starts the Windows Deployment Services Configuration wizard. -### Confirm the WDS service is running +### Confirm the WDS service is running -To confirm that the WDS service is running, use the Services Management Console or Windows PowerShell. To confirm that the service is running in Services Management Console, open the console using **services.msc** and check the status of the Windows Deployment Services service. +To confirm that the WDS service is running, use the Services Management Console or Windows PowerShell. To confirm that the service is running in Services Management Console, open the console using `services.msc` and check the status of the Windows Deployment Services service. To confirm that the service is running using Windows PowerShell, use the following command: -```powershell +``` powershell Get-Service WDSServer ``` -### Install the Network Unlock feature -To install the network unlock feature, use Server Manager or Windows PowerShell. To install the feature using Server Manager, select the **BitLocker Network Unlock** feature in the Server Manager console. +### Install the Network Unlock feature + +To install the Network Unlock feature, use Server Manager or Windows PowerShell. To install the feature using Server Manager, select the **BitLocker Network Unlock** feature in the Server Manager console. To install the feature by using Windows PowerShell, use the following command: -```powershell +``` powershell Install-WindowsFeature BitLocker-NetworkUnlock ``` -### Create the certificate template for Network Unlock + +### Create the certificate template for Network Unlock A properly configured Active Directory Services Certification Authority can use this certificate template to create and issue Network Unlock certificates. -1. Open the Certificates Template snap-in (certtmpl.msc). +1. Open the Certificates Template snap-in (`certtmpl.msc`). + 2. Locate the User template, right-click the template name and select **Duplicate Template**. + 3. On the **Compatibility** tab, change the **Certification Authority** and **Certificate recipient** fields to Windows Server 2012 and Windows 8, respectively. Ensure that the **Show resulting changes** dialog box is selected. + 4. Select the **General** tab of the template. The **Template display name** and **Template name** should clearly identify that the template will be used for Network Unlock. Clear the check box for the **Publish certificate in Active Directory** option. + 5. Select the **Request Handling** tab. Select **Encryption** from the **Purpose** drop-down menu. Ensure that the **Allow private key to be exported** option is selected. -6. Select the **Cryptography** tab. Set the **Minimum key size** to 2048. (Any Microsoft cryptographic provider that supports RSA can be used for this template, but for simplicity and forward compatibility, we recommend using **Microsoft Software Key Storage Provider**.) -7. Select the **Requests must use one of the following providers** option and clear all options except for the cryptography provider you selected, such as **Microsoft Software Key Storage Provider**. -8. Select the **Subject Name** tab. Select **Supply in the request**. Click **OK** if the certificate templates pop-up dialog appears. + +6. Select the **Cryptography** tab. Set the **Minimum key size** to 2048. Any Microsoft cryptographic provider that supports RSA can be used for this template, but for simplicity and forward compatibility, it is recommended to use **Microsoft Software Key Storage Provider**. + +7. Select the **Requests must use one of the following providers** option and clear all options except for the cryptography provider selected, such as **Microsoft Software Key Storage Provider**. + +8. Select the **Subject Name** tab. Select **Supply in the request**. Select **OK** if the certificate templates pop-up dialog appears. + 9. Select the **Issuance Requirements** tab. Select both **CA certificate manager approval** and **Valid existing certificate** options. + 10. Select the **Extensions** tab. Select **Application Policies** and choose **Edit…**. + 11. In the **Edit Application Policies Extension** options dialog box, select **Client Authentication**, **Encrypting File System**, **and Secure Email** and choose **Remove**. + 12. On the **Edit Application Policies Extension** dialog box, select **Add**. -13. On the **Add Application Policy** dialog box, select **New**. In the **New Application Policy** dialog box, enter the following information in the space provided and then click **OK** to create the BitLocker Network Unlock application policy: - - **Name:** **BitLocker Network Unlock** - - **Object Identifier:** **1.3.6.1.4.1.311.67.1.1** +13. On the **Add Application Policy** dialog box, select **New**. In the **New Application Policy** dialog box, enter the following information in the space provided and then select **OK** to create the BitLocker Network Unlock application policy: + + - *Name:* **BitLocker Network Unlock** + - *Object Identifier:* **1.3.6.1.4.1.311.67.1.1** + +14. Select the newly created **BitLocker Network Unlock** application policy and select **OK**. -14. Select the newly created **BitLocker Network Unlock** application policy and click **OK**. 15. With the **Extensions** tab still open, select the **Edit Key Usage Extension** dialog. Select the **Allow key exchange only with key encryption (key encipherment)** option. Select the **Make this extension critical** option. + 16. Select the **Security** tab. Confirm that the **Domain Admins** group has been granted **Enroll** permission. -17. Click **OK** to complete configuration of the template. + +17. Select **OK** to complete configuration of the template. To add the Network Unlock template to the certificate authority, open the certificate authority snap-in (`certsrv.msc`). Right-click **Certificate Templates**, and then choose **New, Certificate Template to issue**. Select the previously created BitLocker Network Unlock certificate. -After you add the Network Unlock template to the certificate authority, you can use this certificate to configure BitLocker Network Unlock. +After the Network Unlock template is added to the certificate authority, this certificate can be used to configure BitLocker Network Unlock. -### Create the Network Unlock certificate +### Create the Network Unlock certificate Network Unlock can use imported certificates from an existing public key infrastructure (PKI). Or it can use a self-signed certificate. To enroll a certificate from an existing certificate authority: + 1. On the WDS server, open Certificate Manager by using `certmgr.msc`. + 2. Under **Certificates - Current User**, right-click **Personal**. + 3. Select **All Tasks** > **Request New Certificate**. + 4. When the Certificate Enrollment wizard opens, select **Next**. + 5. Select **Active Directory Enrollment Policy**. -6. Choose the certificate template that was created for Network Unlock on the domain controller. Then select **Enroll**. -1. When you're prompted for more information, select **Subject Name** and provide a friendly name value. Your friendly name should include information for the domain or organizational unit for the certificate. Here's an example: *BitLocker Network Unlock Certificate for Contoso domain*. -7. Create the certificate. Ensure the certificate appears in the **Personal** folder. -8. Export the public key certificate for Network Unlock: - 1. Create a .cer file by right-clicking the previously created certificate, selecting **All Tasks**, and then selecting **Export**. - 2. Select **No, do not export the private key**. - 3. Select **DER encoded binary X.509** and complete exporting the certificate to a file. - 4. Give the file a name such as BitLocker-NetworkUnlock.cer. +6. Choose the certificate template that was created for Network Unlock on the domain controller. Then select **Enroll**. -9. Export the public key with a private key for Network Unlock. +7. When prompted for more information, select **Subject Name** and provide a friendly name value. The friendly name should include information for the domain or organizational unit for the certificate. For example: + + *BitLocker Network Unlock Certificate for Contoso domain* + +8. Create the certificate. Ensure the certificate appears in the **Personal** folder. + +9. Export the public key certificate for Network Unlock: + + 1. Create a `.cer` file by right-clicking the previously created certificate, selecting **All Tasks**, and then selecting **Export**. + + 2. Select **No, do not export the private key**. + + 3. Select **DER encoded binary X.509** and complete exporting the certificate to a file. + + 4. Give the file a name such as BitLocker-NetworkUnlock.cer. + +10. Export the public key with a private key for Network Unlock. + + 1. Create a `.pfx` file by right-clicking the previously created certificate, selecting **All Tasks**, and then selecting **Export**. - 1. Create a .pfx file by right-clicking the previously created certificate, selecting **All Tasks**, and then selecting **Export**. 2. Select **Yes, export the private key**. - 3. Complete the steps to create the *.pfx* file. -To create a self-signed certificate, either use the `New-SelfSignedCertificate` cmdlet in Windows PowerShell or use `certreq`. + 3. Complete the steps to create the `.pfx` file. -Here's a Windows PowerShell example: +To create a self-signed certificate, either use the `New-SelfSignedCertificate` cmdlet in Windows PowerShell or use `certreq.exe`. For example: -```powershell +**Windows PowerShell:** + +``` powershell New-SelfSignedCertificate -CertStoreLocation Cert:\LocalMachine\My -Subject "CN=BitLocker Network Unlock certificate" -Provider "Microsoft Software Key Storage Provider" -KeyUsage KeyEncipherment -KeyUsageProperty Decrypt,Sign -KeyLength 2048 -HashAlgorithm sha512 -TextExtension @("1.3.6.1.4.1.311.21.10={text}OID=1.3.6.1.4.1.311.67.1.1","2.5.29.37={text}1.3.6.1.4.1.311.67.1.1") ``` -Here's a `certreq` example: +**certreq.exe:** + +1. Create a text file with an `.inf` extension, for example: + + ``` syntax + notepad.exe BitLocker-NetworkUnlock.inf + ``` -1. Create a text file with an .inf extension, for example, notepad.exe BitLocker-NetworkUnlock.inf. 2. Add the following contents to the previously created file: - ```ini + ``` ini [NewRequest] Subject="CN=BitLocker Network Unlock certificate" ProviderType=0 @@ -206,29 +250,41 @@ Here's a `certreq` example: _continue_ = "1.3.6.1.4.1.311.67.1.1" ``` -3. Open an elevated command prompt and use the `certreq` tool to create a new certificate. Use the following command, specifying the full path to the file that you created previously. Also specify the file name. +3. Open an elevated command prompt and use the `certreq.exe` tool to create a new certificate. Use the following command, specifying the full path to the file that was created previously along with the file name: - ```cmd - certreq -new BitLocker-NetworkUnlock.inf BitLocker-NetworkUnlock.cer + ``` syntax + certreq.exe -new BitLocker-NetworkUnlock.inf BitLocker-NetworkUnlock.cer ``` -4. Verify that certificate was properly created by the previous command by confirming that the .cer file exists. -5. Launch Certificates - Local Machine by running **certlm.msc**. -6. Create a .pfx file by opening the **Certificates - Local Computer\\Personal\\Certificates** path in the navigation pane, right-clicking the previously imported certificate, selecting **All Tasks**, and then selecting **Export**. Follow through the wizard to create the .pfx file. -### Deploy the private key and certificate to the WDS server +4. Verify that certificate was properly created by the previous command by confirming that the `.cer` file exists. -Now that you've created the certificate and key, deploy them to the infrastructure to properly unlock systems. To deploy the certificates: +5. Launch the **Certificates - Local Computer** console by running `certlm.msc`. -1. On the WDS server, open a new MMC and add the certificates snap-in. Select the computer account and local computer when given the options. -2. Right-click the Certificates (Local Computer) - BitLocker Drive Encryption Network Unlock item -, select **All Tasks**, and then select **Import**. -3. In the **File to Import** dialog, choose the .pfx file created previously. -4. Enter the password used to create the .pfx and complete the wizard. +6. Create a `.pfx` file by following the below steps the **Certificates - Local Computer** console: -### Configure group policy settings for network unlock + 1. Navigate to **Certificates - Local Computer** > **Personal** > **Certificates** -With certificate and key deployed to the WDS server for Network Unlock, the final step is to use group policy settings to deploy the public key certificate to computers that you want to be able to unlock using the Network Unlock key. Group policy settings for BitLocker can be found under **\\Computer Configuration\\Administrative Templates\\Windows Components\\BitLocker Drive Encryption** using the Local Group Policy Editor or the Microsoft Management Console. + 2. Right-click the previously imported certificate, select **All Tasks**, and then select **Export** -The following steps describe how to enable the group policy setting that is a requirement for configuring network unlock. + 3. Follow through the wizard to create the `.pfx` file. + +### Deploy the private key and certificate to the WDS server + +After creating the certificate and key, deploy them to the infrastructure to properly unlock systems. To deploy the certificates: + +1. On the WDS server, launch the **Certificates - Local Computer** console by running `certlm.msc`. + +2. Right-click **BitLocker Drive Encryption Network Unlock** item under **Certificates (Local Computer)**, select **All Tasks**, and then select **Import**. + +3. In the **File to Import** dialog, choose the `.pfx` file created previously. + +4. Enter the password used to create the `.pfx` and complete the wizard. + +### Configure group policy settings for Network Unlock + +With certificate and key deployed to the WDS server for Network Unlock, the final step is to use group policy settings to deploy the public key certificate to the desired computers that will use the Network Unlock key to unlock. Group policy settings for BitLocker can be found under **Computer Configuration** > **Administrative Templates** > **Windows Components** > **BitLocker Drive Encryption** using the Local Group Policy Editor or the Microsoft Management Console. + +The following steps describe how to enable the group policy setting that is a requirement for configuring Network Unlock. 1. Open Group Policy Management Console (`gpmc.msc`). 2. Enable the policy **Require additional authentication at startup**, and then select **Require startup PIN with TPM** or **Allow startup PIN with TPM**. @@ -237,47 +293,58 @@ The following steps describe how to enable the group policy setting that is a re The following steps describe how to deploy the required group policy setting: > [!NOTE] -> The group policy settings **Allow network unlock at startup** and **Add Network Unlock Certificate** were introduced in Windows Server 2012. - -1. Copy the *.cer* file that you created for Network Unlock to the domain controller. +> The group policy settings **Allow Network Unlock at startup** and **Add Network Unlock Certificate** were introduced in Windows Server 2012. + +1. Copy the `.cer` file that was created for Network Unlock to the domain controller. + 2. On the domain controller, open Group Policy Management Console (`gpmc.msc`). -3. Create a new Group Policy Object or modify an existing object to enable the **Allow network unlock at startup** setting. + +3. Create a new Group Policy Object or modify an existing object to enable the **Allow Network Unlock at startup** setting. + 4. Deploy the public certificate to clients: - 1. Within group policy management console, navigate to the following location: **Computer Configuration\\Policies\\Windows Settings\\Security Settings\\Public Key Policies\\BitLocker Drive Encryption Network Unlock Certificate**. + + 1. Within group policy management console, navigate to the following location: + + **Computer Configuration** > **Policies** > **Windows Settings** > **Security Settings** > **Public Key Policies** > **BitLocker Drive Encryption Network Unlock Certificate**. + 2. Right-click the folder and select **Add Network Unlock Certificate**. - 3. Follow the wizard steps and import the .cer file that was copied earlier. + + 3. Follow the wizard steps and import the `.cer` file that was copied earlier. > [!NOTE] - > Only one network unlock certificate can be available at a time. If you need a new certificate, delete the current certificate before you deploy a new one. The Network Unlock certificate is located in the *HKEY\_LOCAL\_MACHINE\\Software\\Policies\\Microsoft\\SystemCertificates\\FVE\_NKP* key on the client computer. + > Only one Network Unlock certificate can be available at a time. If a new certificate is needed, delete the current certificate before deploying a new one. The Network Unlock certificate is located under the **`HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\SystemCertificates\FVE_NKP`** registry key on the client computer. + +5. Reboot the clients after the Group Policy is deployed. -5. Reboot the clients after you deploy the Group Policy. > [!NOTE] > The **Network (Certificate Based)** protector will be added only after a reboot, with the policy enabled and a valid certificate present in the FVE_NKP store. - + ### Subnet policy configuration files on the WDS server (optional) -By default, all clients with the correct network unlock certificate and valid Network Unlock protectors that have wired access to a network unlock-enabled WDS server via DHCP are unlocked by the server. A subnet policy configuration file on the WDS server can be created to limit which are the subnet(s) the network unlock clients can use to unlock. +By default, all clients with the correct Network Unlock certificate and valid Network Unlock protectors that have wired access to a Network Unlock-enabled WDS server via DHCP are unlocked by the server. A subnet policy configuration file on the WDS server can be created to limit which are the subnet(s) the Network Unlock clients can use to unlock. -The configuration file, called bde-network-unlock.ini, must be located in the same directory as the network unlock provider DLL (%windir%\System32\Nkpprov.dll) and it applies to both IPv6 and IPv4 DHCP implementations. If the subnet configuration policy becomes corrupted, the provider fails and stops responding to requests. +The configuration file, called bde-network-unlock.ini, must be located in the same directory as the Network Unlock provider DLL (`%windir%\System32\Nkpprov.dll`) and it applies to both IPv6 and IPv4 DHCP implementations. If the subnet configuration policy becomes corrupted, the provider fails and stops responding to requests. -The subnet policy configuration file must use a "\[SUBNETS\]" section to identify the specific subnets. The named subnets may then be used to specify restrictions in certificate subsections. Subnets are defined as simple name-value pairs, in the common INI format, where each subnet has its own line, with the name on the left of the equal-sign, and the subnet identified on the right of the equal-sign as a Classless Inter-Domain Routing (CIDR) address or range. The key word "ENABLED" is disallowed for subnet names. +The subnet policy configuration file must use a **\[SUBNETS\]** section to identify the specific subnets. The named subnets may then be used to specify restrictions in certificate subsections. Subnets are defined as simple name-value pairs, in the common INI format, where each subnet has its own line, with the name on the left of the equal-sign, and the subnet identified on the right of the equal-sign as a Classless Inter-Domain Routing (CIDR) address or range. The key word **ENABLED** is disallowed for subnet names. -```ini +``` ini [SUBNETS] SUBNET1=10.185.250.0/24 ; a comment about this subrange could be here, after the semicolon SUBNET2=10.185.252.200/28 SUBNET3= 2001:4898:a:2::/64 ; an IPv6 subnet SUBNET4=2001:4898:a:3::/64; in production, the admin would likely give more useful names, like BUILDING9-EXCEPT-RECEP. ``` -Following the \[SUBNETS\] section, there can be sections for each Network Unlock certificate, identified by the certificate thumbprint formatted without any spaces, which define the subnets clients that can be unlocked from that certificate. + +Following the **\[SUBNETS\]** section, there can be sections for each Network Unlock certificate, identified by the certificate thumbprint formatted without any spaces, which define the subnets clients that can be unlocked from that certificate. > [!NOTE] > When specifying the certificate thumbprint, do not include any spaces. If spaces are included in the thumbprint, the subnet configuration fails because the thumbprint will not be recognized as valid. -Subnet restrictions are defined within each certificate section by denoting the allowed list of permitted subnets. If any subnets are listed in a certificate section, then only those subnets are permitted for that certificate. If no subnet is listed in a certificate section, then all subnets are permitted for that certificate. If a certificate does not have a section in the subnet policy configuration file, then no subnet restrictions are applied for unlocking with that certificate. This means for restrictions to apply to every certificate, there must be a certificate section for every network unlock certificate on the server, and an explicit allowed list set for each certificate section. -Subnet lists are created by putting the name of a subnet from the \[SUBNETS\] section on its own line below the certificate section header. Then, the server will only unlock clients with this certificate on the subnet(s) specified as in the list. For troubleshooting, a subnet can be quickly excluded without deleting it from the section by simply commenting it out with a prepended semi-colon. +Subnet restrictions are defined within each certificate section by denoting the allowed list of permitted subnets. If any subnets are listed in a certificate section, then only those subnets are permitted for that certificate. If no subnet is listed in a certificate section, then all subnets are permitted for that certificate. If a certificate doesn't have a section in the subnet policy configuration file, then no subnet restrictions are applied for unlocking with that certificate. For restrictions to apply to every certificate, there must be a certificate section for every Network Unlock certificate on the server, and an explicit allowed list set for each certificate section. -```ini +Subnet lists are created by putting the name of a subnet from the **\[SUBNETS\]** section on its own line below the certificate section header. Then, the server will only unlock clients with this certificate on the subnet(s) specified as in the list. For troubleshooting, a subnet can be quickly excluded without deleting it from the section by commenting it out with a prepended semi-colon. + +``` ini [2158a767e1c14e88e27a4c0aee111d2de2eafe60] ;Comments could be added here to indicate when the cert was issued, which Group Policy should get it, and so on. ;This list shows this cert is allowed to unlock clients only on the SUBNET1 and SUBNET3 subnets. In this example, SUBNET2 is commented out. @@ -288,93 +355,111 @@ SUBNET3 To disallow the use of a certificate altogether, add a `DISABLED` line to its subnet list. -## Turn off Network Unlock +## Turn off Network Unlock - -To turn off the unlock server, the PXE provider can be unregistered from the WDS server or uninstalled altogether. However, to stop clients from creating network unlock protectors, the **Allow Network Unlock at startup** group policy setting should be disabled. When this policy setting is updated to **disabled** on client computers, any Network Unlock key protector on the computer is deleted. Alternatively, the BitLocker network unlock certificate policy can be deleted on the domain controller to accomplish the same task for an entire domain. +To turn off the unlock server, the PXE provider can be unregistered from the WDS server or uninstalled altogether. However, to stop clients from creating Network Unlock protectors, the **Allow Network Unlock at startup** group policy setting should be disabled. When this policy setting is updated to **disabled** on client computers, any Network Unlock key protector on the computer is deleted. Alternatively, the BitLocker Network Unlock certificate policy can be deleted on the domain controller to accomplish the same task for an entire domain. > [!NOTE] -> Removing the FVE_NKP certificate store that contains the network unlock certificate and key on the WDS server will also effectively disable the server's ability to respond to unlock requests for that certificate. However, this is seen as an error condition and is not a supported or recommended method for turning off the network unlock server. - -## Update Network Unlock certificates +> Removing the FVE_NKP certificate store that contains the Network Unlock certificate and key on the WDS server will also effectively disable the server's ability to respond to unlock requests for that certificate. However, this is seen as an error condition and is not a supported or recommended method for turning off the Network Unlock server. -To update the certificates used by network unlock, administrators need to import or generate the new certificate for the server and then update the network unlock certificate group policy setting on the domain controller. +## Update Network Unlock certificates + +To update the certificates used by Network Unlock, administrators need to import or generate the new certificate for the server, and then update the Network Unlock certificate group policy setting on the domain controller. > [!NOTE] > Servers that don't receive the Group Policy Object (GPO) will require a PIN when they boot. In such cases, find out why the server didn't receive the GPO to update the certificate. -## Troubleshoot Network Unlock +## Troubleshoot Network Unlock -Troubleshooting network unlock issues begins by verifying the environment. Many times, a small configuration issue can be the root cause of the failure. Items to verify include: +Troubleshooting Network Unlock issues begins by verifying the environment. Many times, a small configuration issue can be the root cause of the failure. Items to verify include: + +- Verify that the client hardware is UEFI-based and is on firmware version 2.3.1 and that the UEFI firmware is in native mode without a Compatibility Support Module (CSM) for BIOS mode enabled. Verification can be done by checking that the firmware doesn't have an option enabled such as "Legacy mode" or "Compatibility mode" or that the firmware doesn't appear to be in a BIOS-like mode. -- Verify that the client hardware is UEFI-based and is on firmware version 2.3.1 and that the UEFI firmware is in native mode without a Compatibility Support Module (CSM) for BIOS mode enabled. Do this by checking that the firmware does not have an option enabled such as "Legacy mode" or "Compatibility mode" or that the firmware does not appear to be in a BIOS-like mode. - All required roles and services are installed and started. -- Public and private certificates have been published and are in the proper certificate containers. The presence of the network unlock certificate can be verified in the Microsoft Management Console (MMC.exe) on the WDS server with the certificate snap-ins for the local computer enabled. The client certificate can be verified by checking the registry key **HKEY\_LOCAL\_MACHINE\\Software\\Policies\\Microsoft\\SystemCertificates\\FVE\_NKP** on the client computer. -- Group policy for network unlock is enabled and linked to the appropriate domains. -- Verify whether group policy is reaching the clients properly. This can be done using the GPRESULT.exe or RSOP.msc utilities. -- Verify whether the clients were rebooted after applying the policy. -- Verify whether the **Network (Certificate Based)** protector is listed on the client. This can be done using either manage-bde or Windows PowerShell cmdlets. For example, the following command will list the key protectors currently configured on the C: drive of the local computer: - ```powershell - manage-bde -protectors -get C: +- Public and private certificates have been published and are in the proper certificate containers. The presence of the Network Unlock certificate can be verified in the Microsoft Management Console (MMC.exe) on the WDS server with the certificate snap-ins for the local computer enabled. The client certificate can be verified by checking the registry key **`HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\SystemCertificates\FVE_NKP`** on the client computer. + +- Group policy for Network Unlock is enabled and linked to the appropriate domains. + +- Verify whether group policy is reaching the clients properly. Verification of group policy can be done using the `GPRESULT.exe` or `RSOP.msc` utilities. + +- Verify whether the clients were rebooted after applying the policy. + +- Verify whether the **Network (Certificate Based)** protector is listed on the client. Verification of the protector can be done using either manage-bde or Windows PowerShell cmdlets. For example, the following command will list the key protectors currently configured on the C: drive of the local computer: + + ``` powershell + manage-bde.exe -protectors -get C: ``` + > [!NOTE] - > Use the output of `manage-bde` along with the WDS debug log to determine whether the proper certificate thumbprint is being used for Network Unlock. - + > Use the output of `manage-bde.exe` along with the WDS debug log to determine whether the proper certificate thumbprint is being used for Network Unlock. + Gather the following files to troubleshoot BitLocker Network Unlock. - The Windows event logs. Specifically, get the BitLocker event logs and the Microsoft-Windows-Deployment-Services-Diagnostics-Debug log. - Debug logging is turned off by default for the WDS server role, so you need to enable it before you can retrieve it. Use either of the following two methods to turn on WDS debug logging. + Debug logging is turned off by default for the WDS server role. To retrieve WDS debug logs, the WDS debug logs first need to be enabled. Use either of the following two methods to turn on WDS debug logging. - - Start an elevated command prompt, and then run the following command: + - Start an elevated command prompt, and then run the following command: - ```cmd - wevtutil sl Microsoft-Windows-Deployment-Services-Diagnostics/Debug /e:true - ``` - - Open Event Viewer on the WDS server: + ```cmd + wevtutil.exe sl Microsoft-Windows-Deployment-Services-Diagnostics/Debug /e:true + ``` + + - Open **Event Viewer** on the WDS server: + + 1. In the left pane, navigate to **Applications and Services Logs** > **Microsoft** > **Windows** > **Deployment-Services-Diagnostics** > **Debug**. + 2. In the right pane, select **Enable Log**. - 1. In the left pane, select **Applications and Services Logs** > **Microsoft** > **Windows** > **Deployment-Services-Diagnostics** > **Debug**. - 1. In the right pane, select **Enable Log**. - The DHCP subnet configuration file (if one exists). + - The output of the BitLocker status on the volume. Gather this output into a text file by using `manage-bde.exe -status`. Or in Windows PowerShell, use `Get-BitLockerVolume`. + - The Network Monitor capture on the server that hosts the WDS role, filtered by client IP address. -## Configure Network Unlock Group Policy settings on earlier versions + + +## Related articles - [BitLocker overview](bitlocker-overview.md) - [BitLocker frequently asked questions (FAQ)](bitlocker-frequently-asked-questions.yml) diff --git a/windows/security/information-protection/bitlocker/bitlocker-key-management-faq.yml b/windows/security/information-protection/bitlocker/bitlocker-key-management-faq.yml index 1d4193f343..6613e835be 100644 --- a/windows/security/information-protection/bitlocker/bitlocker-key-management-faq.yml +++ b/windows/security/information-protection/bitlocker/bitlocker-key-management-faq.yml @@ -30,7 +30,7 @@ sections: questions: - question: How can I authenticate or unlock my removable data drive? answer: | - You can unlock removable data drives by using a password, a smart card, or you can configure a SID protector to unlock a drive by using your domain credentials. After you've started encryption, the drive can also be automatically unlocked on a specific computer for a specific user account. System administrators can configure which options are available for users including password complexity and minimum length requirements. To unlock by using a SID protector, use Manage-bde: + Removable data drives can be unlocked using a password or a smart card. An SID protector can also be configured to unlock a drive by using user domain credentials. After encryption has started, the drive can also be automatically unlocked on a specific computer for a specific user account. System administrators can configure which options are available for users including password complexity and minimum length requirements. To unlock by using a SID protector, use `manage-bde.exe`: ``` syntax Manage-bde.exe -protectors -add e: -sid domain\username @@ -42,21 +42,19 @@ sections: - question: How can the recovery password and recovery key be stored? answer: | - The recovery password and recovery key for an operating system drive or a fixed data drive can be saved to a folder, saved to one or more USB devices, saved to your Microsoft Account, or printed. + The recovery password and recovery key for an operating system drive or a fixed data drive can be saved to a folder, saved to one or more USB devices, saved to a Microsoft Account, or printed. - For removable data drives, the recovery password and recovery key can be saved to a folder, saved to your Microsoft Account, or printed. By default, you can't store a recovery key for a removable drive on a removable drive. + For removable data drives, the recovery password and recovery key can be saved to a folder, saved to a Microsoft Account, or printed. By default, a recovery key for a removable drive can't be stored on a removable drive. A domain administrator can also configure Group Policy to automatically generate recovery passwords and store them in Active Directory Domain Services (AD DS) for any BitLocker-protected drive. - question: Is it possible to add an additional method of authentication without decrypting the drive if I only have the TPM authentication method enabled? answer: | - You can use the Manage-bde.exe command-line tool to replace your TPM-only authentication mode with a multifactor authentication mode. For example, if BitLocker is enabled with TPM authentication only and you want to add PIN authentication, use the following commands from an elevated command prompt, replacing *4-20 digit numeric PIN* with the numeric PIN you want to use: + The `Manage-bde.exe` command-line tool can be used to replace TPM-only authentication mode with a multifactor authentication mode. For example, if BitLocker is enabled with TPM authentication only and PIN authentication needs to be added, use the following commands from an elevated command prompt, replacing *4-20 digit numeric PIN* with the desired numeric PIN: ``` syntax manage-bde.exe -protectors -delete %systemdrive% -type tpm - ``` - - ``` syntax + manage-bde.exe -protectors -add %systemdrive% -tpmandpin <4-20 digit numeric PIN> ``` @@ -64,38 +62,38 @@ sections: - question: When should an additional method of authentication be considered? answer: | New hardware that meets [Windows Hardware Compatibility Program](/windows-hardware/design/compatibility/) requirements make a PIN less critical as a mitigation, and having a TPM-only protector is likely sufficient when combined with policies like device lockout. For example, Surface Pro and Surface Book don't have external DMA ports to attack. - For older hardware, where a PIN may be needed, it's recommended to enable [enhanced PINs](bitlocker-group-policy-settings.md#allow-enhanced-pins-for-startup) that allow non-numeric characters such as letters and punctuation marks, and to set the PIN length based on your risk tolerance and the hardware anti-hammering capabilities available to the TPMs in your computers. + For older hardware, where a PIN may be needed, it's recommended to enable [enhanced PINs](bitlocker-group-policy-settings.md#allow-enhanced-pins-for-startup) that allow non-numeric characters such as letters and punctuation marks, and to set the PIN length based on the risk tolerance and the hardware anti-hammering capabilities available to the TPMs on the computers. - question: If I lose my recovery information, will the BitLocker-protected data be unrecoverable? answer: | BitLocker is designed to make the encrypted drive unrecoverable without the required authentication. When in recovery mode, the user needs the recovery password or recovery key to unlock the encrypted drive. > [!IMPORTANT] - > Store the recovery information in AD DS, along with your Microsoft Account, or another safe location. + > Store the recovery information in AD DS, along with in a Microsoft Account, or another safe location. - question: Can the USB flash drive that is used as the startup key also be used to store the recovery key? - answer: While using a USB flash drive as both the startup key and for storage of the recovery key is technically possible, it isn't a best practice to use one USB flash drive to store both keys. If the USB flash drive that contains your startup key is lost or stolen, you also lose access to your recovery key. In addition, inserting this key would cause your computer to automatically boot from the recovery key even if TPM-measured files have changed, which circumvents the TPM's system integrity check. + answer: While using a USB flash drive as both the startup key and for storage of the recovery key is technically possible, it isn't a best practice to use one USB flash drive to store both keys. If the USB flash drive that contains the startup key is lost or stolen, the recovery key will also be lost. In addition, inserting this key would cause the computer to automatically boot from the recovery key even if TPM-measured files have changed, which circumvents the TPM's system integrity check. - question: Can I save the startup key on multiple USB flash drives? - answer: Yes, you can save a computer's startup key on multiple USB flash drives. Right-clicking a BitLocker-protected drive and selecting **Manage BitLocker** will provide you the options to duplicate the recovery keys as needed. + answer: Yes, computer's startup key can be saved on multiple USB flash drives. Right-clicking a BitLocker-protected drive and selecting **Manage BitLocker** will provide the options to save the recovery keys on additional USB flash drives as needed. - question: Can I save multiple (different) startup keys on the same USB flash drive? - answer: Yes, you can save BitLocker startup keys for different computers on the same USB flash drive. + answer: Yes, BitLocker startup keys for different computers can be saved on the same USB flash drive. - question: Can I generate multiple (different) startup keys for the same computer? - answer: You can generate different startup keys for the same computer through scripting. However, for computers that have a TPM, creating different startup keys prevents BitLocker from using the TPM's system integrity check. + answer: Generating different startup keys for the same computer can be done through scripting. However, for computers that have a TPM, creating different startup keys prevents BitLocker from using the TPM's system integrity check. - question: Can I generate multiple PIN combinations? - answer: You can't generate multiple PIN combinations. + answer: Generating multiple PIN combinations can't be done. - question: What encryption keys are used in BitLocker? How do they work together? - answer: Raw data is encrypted with the full volume encryption key, which is then encrypted with the volume master key. The volume master key is in turn encrypted by one of several possible methods depending on your authentication (that is, key protectors or TPM) and recovery scenarios. + answer: Raw data is encrypted with the full volume encryption key, which is then encrypted with the volume master key. The volume master key is in turn encrypted by one of several possible methods depending on the authentication (that is, key protectors or TPM) and recovery scenarios. - question: Where are the encryption keys stored? answer: | The full volume encryption key is encrypted by the volume master key and stored in the encrypted drive. The volume master key is encrypted by the appropriate key protector and stored in the encrypted drive. If BitLocker has been suspended, the clear key that is used to encrypt the volume master key is also stored in the encrypted drive, along with the encrypted volume master key. - This storage process ensures that the volume master key is never stored unencrypted and is protected unless you disable BitLocker. The keys are also saved to two additional locations on the drive for redundancy. The keys can be read and processed by the boot manager. + This storage process ensures that the volume master key is never stored unencrypted and is protected unless BitLocker is disabled. The keys are also saved to two additional locations on the drive for redundancy. The keys can be read and processed by the boot manager. - question: Why do I have to use the function keys to enter the PIN or the 48-character recovery password? answer: | @@ -107,15 +105,15 @@ sections: answer: | It's possible that a personal identification number (PIN) can be discovered by an attacker performing a brute force attack. A brute force attack occurs when an attacker uses an automated tool to try different PIN combinations until the correct one is discovered. For BitLocker-protected computers, this type of attack, also known as a dictionary attack, requires that the attacker has physical access to the computer. - The TPM has the built-in ability to detect and react to these types of attacks. Because different manufacturers' TPMs may support different PIN and attack mitigations, contact your TPM's manufacturer to determine how your computer's TPM mitigates PIN brute force attacks. - After you've determined your TPM's manufacturer, contact the manufacturer to gather the TPM's vendor-specific information. Most manufacturers use the PIN authentication failure count to exponentially increase lockout time to the PIN interface. However, each manufacturer has different policies regarding when and how the failure counter is decreased or reset. + The TPM has the built-in ability to detect and react to these types of attacks. Because different manufacturers' TPMs may support different PIN and attack mitigations, contact the TPM's manufacturer to determine how the computer's TPM mitigates PIN brute force attacks. + After the TPM's manufacturer has been determined, contact the manufacturer to gather the TPM's vendor-specific information. Most manufacturers use the PIN authentication failure count to exponentially increase lockout time to the PIN interface. However, each manufacturer has different policies regarding when and how the failure counter is decreased or reset. - question: How can I determine the manufacturer of my TPM? - answer: You can determine your TPM manufacturer in **Windows Defender Security Center** > **Device Security** > **Security processor details**. + answer: The TPM manufacturer can be determined in **Windows Defender Security Center** > **Device Security** > **Security processor details**. - question: How can I evaluate a TPM's dictionary attack mitigation mechanism? answer: | - The following questions can assist you when asking a TPM manufacturer about the design of a dictionary attack mitigation mechanism: + The following questions can assist when asking a TPM manufacturer about the design of a dictionary attack mitigation mechanism: - How many failed authorization attempts can occur before lockout? - What is the algorithm for determining the duration of a lockout based on the number of failed attempts and any other relevant parameters? @@ -123,6 +121,6 @@ sections: - question: Can PIN length and complexity be managed with Group Policy? answer: | - Yes and No. You can configure the minimum personal identification number (PIN) length by using the **Configure minimum PIN length for startup** Group Policy setting and allow the use of alphanumeric PINs by enabling the **Allow enhanced PINs for startup** Group Policy setting. However, you can't require PIN complexity by Group Policy. + Yes and No. The minimum personal identification number (PIN) length can be configured by using the **Configure minimum PIN length for startup** Group Policy setting and allow the use of alphanumeric PINs by enabling the **Allow enhanced PINs for startup** Group Policy setting. However, PIN complexity can't be required via Group Policy. For more info, see [BitLocker Group Policy settings](bitlocker-group-policy-settings.md). diff --git a/windows/security/information-protection/bitlocker/bitlocker-management-for-enterprises.md b/windows/security/information-protection/bitlocker/bitlocker-management-for-enterprises.md index f3c3b1c55e..40381c3bef 100644 --- a/windows/security/information-protection/bitlocker/bitlocker-management-for-enterprises.md +++ b/windows/security/information-protection/bitlocker/bitlocker-management-for-enterprises.md @@ -16,17 +16,16 @@ ms.technology: itpro-security # BitLocker management for enterprises -The ideal solution for BitLocker management is to eliminate the need for IT administrators to set management policies using tools or other mechanisms by having Windows perform tasks that are more practical to automate. This vision leverages modern hardware developments. The growth of TPM 2.0, secure boot, and other hardware improvements, for example, have helped to alleviate the support burden on the helpdesk, and we are seeing a consequent decrease in support-call volumes, yielding improved user satisfaction. Windows continues to be the focus for new features and improvements for built-in encryption management, such as automatically enabling encryption on devices that support Modern Standby beginning with Windows 8.1. +The ideal solution for BitLocker management is to eliminate the need for IT administrators to set management policies using tools or other mechanisms by having Windows perform tasks that are more practical to automate. This vision leverages modern hardware developments. The growth of TPM 2.0, secure boot, and other hardware improvements, for example, have helped to alleviate the support burden on help desks and a decrease in support-call volumes, yielding improved user satisfaction. Windows continues to be the focus for new features and improvements for built-in encryption management, such as automatically enabling encryption on devices that support Modern Standby beginning with Windows 8.1. Though much Windows BitLocker [documentation](bitlocker-overview.md) has been published, customers frequently ask for recommendations and pointers to specific, task-oriented documentation that is both easy to digest and focused on how to deploy and manage BitLocker. This article links to relevant documentation, products, and services to help answer this and other related frequently asked questions, and also provides BitLocker recommendations for different types of computers. - > [!IMPORTANT] > Microsoft BitLocker Administration and Monitoring (MBAM) capabilities will be offered from [ConfigMgr in on-prem scenarios](/configmgr/core/get-started/2019/technical-preview-1909#bkmk_bitlocker/) in the future. ## Managing domain-joined computers and moving to cloud -Companies that image their own computers using Configuration Manager can use an existing task sequence to [pre-provision BitLocker](/configmgr/osd/understand/task-sequence-steps#BKMK_PreProvisionBitLocker) encryption while in Windows Preinstallation Environment (WinPE) and can then [enable protection](/configmgr/osd/understand/task-sequence-steps#BKMK_EnableBitLocker). This can help ensure that computers are encrypted from the start, even before users receive them. As part of the imaging process, a company could also decide to use Configuration Manager to pre-set any desired [BitLocker Group Policy](./bitlocker-group-policy-settings.md). +Companies that image their own computers using Configuration Manager can use an existing task sequence to [pre-provision BitLocker](/configmgr/osd/understand/task-sequence-steps#BKMK_PreProvisionBitLocker) encryption while in Windows Preinstallation Environment (WinPE) and can then [enable protection](/configmgr/osd/understand/task-sequence-steps#BKMK_EnableBitLocker). These steps during an operating system deployment can help ensure that computers are encrypted from the start, even before users receive them. As part of the imaging process, a company could also decide to use Configuration Manager to pre-set any desired [BitLocker Group Policy](./bitlocker-group-policy-settings.md). Enterprises can use [Microsoft BitLocker Administration and Monitoring (MBAM)](/microsoft-desktop-optimization-pack/mbam-v25/) to manage client computers with BitLocker that are domain-joined on-premises until [mainstream support ends in July 2019](/lifecycle/products/?alpha=Microsoft%20BitLocker%20Administration%20and%20Monitoring%202.5%20Service%20Pack%201%2F) or they can receive extended support until April 2026. Thus, over the next few years, a good strategy for enterprises will be to plan and move to cloud-based management for BitLocker. Refer to the [PowerShell examples](#powershell-examples) to see how to store recovery keys in Azure Active Directory (Azure AD). @@ -36,33 +35,30 @@ Devices joined to Azure AD are managed using Mobile Device Management (MDM) poli Starting with Windows 10 version 1703 (also known as the Windows Creators Update), or Windows 11, the enablement of BitLocker can be triggered over MDM either by the [Policy CSP](/windows/client-management/mdm/policy-configuration-service-provider/) or the [BitLocker CSP](/windows/client-management/mdm/bitlocker-csp/). The BitLocker CSP adds policy options that go beyond ensuring that encryption has occurred, and is available on computers that run Windows 11, Windows 10, and on Windows phones. -For hardware that is compliant with Modern Standby and HSTI, when using either of these features, [BitLocker Device Encryption](bitlocker-device-encryption-overview-windows-10.md#bitlocker-device-encryption) is automatically turned on whenever the user joins a device to Azure AD. Azure AD provides a portal where recovery keys are also backed up, so users can retrieve their own recovery key for self-service, if required. For older devices that are not yet encrypted, beginning with Windows 10 version 1703 (the Windows 10 Creators Update), or Windows 11, admins can use the [BitLocker CSP](/windows/client-management/mdm/bitlocker-csp/) to trigger encryption and store the recovery key in Azure AD. - -This is applicable to Azure Hybrid AD as well. +For hardware that is compliant with Modern Standby and HSTI, when using either of these features, [BitLocker Device Encryption](bitlocker-device-encryption-overview-windows-10.md#bitlocker-device-encryption) is automatically turned on whenever the user joins a device to Azure AD. Azure AD provides a portal where recovery keys are also backed up, so users can retrieve their own recovery key for self-service, if necessary. For older devices that aren't yet encrypted, beginning with Windows 10 version 1703 (the Windows 10 Creators Update), or Windows 11, admins can use the [BitLocker CSP](/windows/client-management/mdm/bitlocker-csp/) to trigger encryption and store the recovery key in Azure AD. This process and feature is applicable to Azure Hybrid AD as well. ## Managing workplace-joined PCs and phones For Windows PCs and Windows Phones that are enrolled using **Connect to work or school account**, BitLocker Device Encryption is managed over MDM, the same as devices joined to Azure AD. - ## Managing servers -Servers are often installed, configured, and deployed using PowerShell; therefore, the recommendation is to also use [PowerShell to enable BitLocker on a server](bitlocker-use-bitlocker-drive-encryption-tools-to-manage-bitlocker.md#bitlocker-cmdlets-for-windows-powershell), ideally as part of the initial setup. BitLocker is an Optional Component (OC) in Windows Server; therefore, follow the directions in [BitLocker: How to deploy on Windows Server 2012 and later](bitlocker-how-to-deploy-on-windows-server.md) to add the BitLocker OC. +Servers are often installed, configured, and deployed using PowerShell; therefore, the recommendation is to also use [PowerShell to enable BitLocker on a server](bitlocker-use-bitlocker-drive-encryption-tools-to-manage-bitlocker.md#bitlocker-cmdlets-for-windows-powershell), ideally as part of the initial setup. BitLocker is an Optional Component (OC) in Windows Server; therefore, follow the directions in [BitLocker: How to deploy on Windows Server 2012 and later](bitlocker-how-to-deploy-on-windows-server.md) to add the BitLocker OC. -The Minimal Server Interface is a prerequisite for some of the BitLocker administration tools. On a [Server Core](/windows-server/get-started/getting-started-with-server-core/) installation, you must add the necessary GUI components first. The steps to add shell components to Server Core are described in [Using Features on Demand with Updated Systems and Patched Images](/archive/blogs/server_core/using-features-on-demand-with-updated-systems-and-patched-images) and [How to update local source media to add roles and features](/archive/blogs/joscon/how-to-update-local-source-media-to-add-roles-and-features). +The Minimal Server Interface is a prerequisite for some of the BitLocker administration tools. On a [Server Core](/windows-server/get-started/getting-started-with-server-core/) installation, the necessary GUI components must be added first. The steps to add shell components to Server Core are described in [Using Features on Demand with Updated Systems and Patched Images](/archive/blogs/server_core/using-features-on-demand-with-updated-systems-and-patched-images) and [How to update local source media to add roles and features](/archive/blogs/joscon/how-to-update-local-source-media-to-add-roles-and-features). -If you are installing a server manually, such as a stand-alone server, then choosing [Server with Desktop Experience](/windows-server/get-started/getting-started-with-server-with-desktop-experience/) is the easiest path because you can avoid performing the steps to add a GUI to Server Core. +If a server is being installed manually, such as a stand-alone server, then choosing [Server with Desktop Experience](/windows-server/get-started/getting-started-with-server-with-desktop-experience/) is the easiest path because it avoids performing the steps to add a GUI to Server Core. - Additionally, lights-out data centers can take advantage of the enhanced security of a second factor while avoiding the need for user intervention during reboots by optionally using a combination of BitLocker (TPM+PIN) and BitLocker Network Unlock. BitLocker Network Unlock brings together the best of hardware protection, location dependence, and automatic unlock, while in the trusted location. For the configuration steps, see [BitLocker: How to enable Network Unlock](bitlocker-how-to-enable-network-unlock.md). + Additionally, lights-out data centers can take advantage of the enhanced security of a second factor while avoiding the need for user intervention during reboots by optionally using a combination of BitLocker (TPM+PIN) and BitLocker Network Unlock. BitLocker Network Unlock brings together the best of hardware protection, location dependence, and automatic unlock, while in the trusted location. For the configuration steps, see [BitLocker: How to enable Network Unlock](bitlocker-how-to-enable-network-unlock.md). + For more information, see the BitLocker FAQs article and other useful links in [Related Articles](#related-articles). - For more information, see the Bitlocker FAQs article and other useful links in [Related Articles](#related-articles). -  ## PowerShell examples For Azure AD-joined computers, including virtual machines, the recovery password should be stored in Azure AD. -*Example: Use PowerShell to add a recovery password and back it up to Azure AD before enabling BitLocker* -```powershell +**Example**: *Use PowerShell to add a recovery password and back it up to Azure AD before enabling BitLocker* + +``` powershell Add-BitLockerKeyProtector -MountPoint "C:" -RecoveryPasswordProtector $BLV = Get-BitLockerVolume -MountPoint "C:" @@ -70,10 +66,11 @@ $BLV = Get-BitLockerVolume -MountPoint "C:" BackupToAAD-BitLockerKeyProtector -MountPoint "C:" -KeyProtectorId $BLV.KeyProtector[0].KeyProtectorId ``` -For domain-joined computers, including servers, the recovery password should be stored in Active Directory Domain Services (AD DS). +For domain-joined computers, including servers, the recovery password should be stored in Active Directory Domain Services (AD DS). -*Example: Use PowerShell to add a recovery password and back it up to AD DS before enabling BitLocker* -```powershell +**Example**: *Use PowerShell to add a recovery password and back it up to AD DS before enabling BitLocker* + +``` powershell Add-BitLockerKeyProtector -MountPoint "C:" -RecoveryPasswordProtector $BLV = Get-BitLockerVolume -MountPoint "C:" @@ -81,19 +78,21 @@ $BLV = Get-BitLockerVolume -MountPoint "C:" Backup-BitLockerKeyProtector -MountPoint "C:" -KeyProtectorId $BLV.KeyProtector[0].KeyProtectorId ``` -Subsequently, you can use PowerShell to enable BitLocker. +PowerShell can then be used to enable BitLocker: + +**Example**: *Use PowerShell to enable BitLocker with a TPM protector* -*Example: Use PowerShell to enable BitLocker with a TPM protector* ```powershell Enable-BitLocker -MountPoint "D:" -EncryptionMethod XtsAes256 -UsedSpaceOnly -TpmProtector ``` -*Example: Use PowerShell to enable BitLocker with a TPM+PIN protector, in this case with a PIN set to 123456* +**Example**: *Use PowerShell to enable BitLocker with a TPM+PIN protector, in this case with a PIN set to 123456* + ```powershell $SecureString = ConvertTo-SecureString "123456" -AsPlainText -Force Enable-BitLocker -MountPoint "C:" -EncryptionMethod XtsAes256 -UsedSpaceOnly -Pin $SecureString -TPMandPinProtector -``` +``` ## Related Articles @@ -101,9 +100,9 @@ Enable-BitLocker -MountPoint "C:" -EncryptionMethod XtsAes256 -UsedSpaceOnly -Pi [Microsoft BitLocker Administration and Management (MBAM)](/microsoft-desktop-optimization-pack/mbam-v25/) -[Overview of BitLocker Device Encryption in Windows](bitlocker-device-encryption-overview-windows-10.md#bitlocker-device-encryption) +[Overview of BitLocker Device Encryption in Windows](bitlocker-device-encryption-overview-windows-10.md#bitlocker-device-encryption) -[BitLocker Group Policy Reference](./bitlocker-group-policy-settings.md) +[BitLocker Group Policy Reference](./bitlocker-group-policy-settings.md) [Microsoft Intune](https://www.microsoft.com/cloud-platform/microsoft-intune/) *(Overview)* @@ -113,7 +112,7 @@ Enable-BitLocker -MountPoint "C:" -EncryptionMethod XtsAes256 -UsedSpaceOnly -Pi [BitLocker CSP](/windows/client-management/mdm/bitlocker-csp/) -**Windows Server setup tools** +### Windows Server setup tools [Windows Server Installation Options](/windows-server/get-started-19/install-upgrade-migrate-19/) @@ -125,11 +124,10 @@ Enable-BitLocker -MountPoint "C:" -EncryptionMethod XtsAes256 -UsedSpaceOnly -Pi [BitLocker: How to enable Network Unlock](bitlocker-how-to-enable-network-unlock.md) -[Shielded VMs and Guarded Fabric](https://blogs.technet.microsoft.com/windowsserver/2016/05/10/a-closer-look-at-shielded-vms-in-windows-server-2016/) +[Shielded VMs and Guarded Fabric](https://blogs.technet.microsoft.com/windowsserver/2016/05/10/a-closer-look-at-shielded-vms-in-windows-server-2016/) +### PowerShell -**PowerShell** +[BitLocker cmdlets for Windows PowerShell](bitlocker-use-bitlocker-drive-encryption-tools-to-manage-bitlocker.md#bitlocker-cmdlets-for-windows-powershell) -[BitLocker cmdlets for Windows PowerShell](bitlocker-use-bitlocker-drive-encryption-tools-to-manage-bitlocker.md#bitlocker-cmdlets-for-windows-powershell) - -[Surface Pro Specifications](https://www.microsoft.com/surface/support/surface-pro-specs/) \ No newline at end of file +[Surface Pro Specifications](https://www.microsoft.com/surface/support/surface-pro-specs/) diff --git a/windows/security/information-protection/bitlocker/bitlocker-network-unlock-faq.yml b/windows/security/information-protection/bitlocker/bitlocker-network-unlock-faq.yml index 24ef8ce543..88967d942d 100644 --- a/windows/security/information-protection/bitlocker/bitlocker-network-unlock-faq.yml +++ b/windows/security/information-protection/bitlocker/bitlocker-network-unlock-faq.yml @@ -31,10 +31,10 @@ sections: answer: | BitLocker Network Unlock enables easier management for BitLocker-enabled desktops and servers that use the TPM+PIN protection method in a domain environment. When a computer that is connected to a wired corporate network is rebooted, Network Unlock allows the PIN entry prompt to be bypassed. It automatically unlocks BitLocker-protected operating system volumes by using a trusted key that is provided by the Windows Deployment Services server as its secondary authentication method. - To use Network Unlock you must also have a PIN configured for your computer. When your computer isn't connected to the network you'll need to provide the PIN to unlock it. + To use Network Unlock, a PIN must be configured for your computer. When your computer isn't connected to the network, you'll need to provide the PIN to unlock it. - BitLocker Network Unlock has software and hardware requirements for both client computers, Windows Deployment services, and domain controllers that must be met before you can use it. + BitLocker Network Unlock has software and hardware requirements for both client computers, Windows Deployment services, and domain controllers that must be met before it can be used. - Network Unlock uses two protectors, the TPM protector and the one provided by the network or by your PIN, whereas automatic unlock uses a single protector, the one stored in the TPM. If the computer is joined to a network without the key protector, it will prompt you to enter your PIN. If the PIN isn't available, you'll need to use the recovery key to unlock the computer if it can't be connected to the network. + Network Unlock uses two protectors, the TPM protector and the one provided by the network or by your PIN, whereas automatic unlock uses a single protector, the one stored in the TPM. If the computer is joined to a network without the key protector, it will prompt to enter your PIN. If the PIN isn't available, you'll need to use the recovery key to unlock the computer if it can't be connected to the network. For more info, see [BitLocker: How to enable Network Unlock](bitlocker-how-to-enable-network-unlock.md). diff --git a/windows/security/information-protection/bitlocker/bitlocker-using-with-other-programs-faq.yml b/windows/security/information-protection/bitlocker/bitlocker-using-with-other-programs-faq.yml index 349f5fe72c..1113643070 100644 --- a/windows/security/information-protection/bitlocker/bitlocker-using-with-other-programs-faq.yml +++ b/windows/security/information-protection/bitlocker/bitlocker-using-with-other-programs-faq.yml @@ -102,7 +102,7 @@ sections: The syntax of this command is: ``` syntax - manage-bde -lock + manage-bde.exe -lock ```` Outside of using this command, data drives will be locked on shutdown and restart of the operating system. A removable data drive will also be locked automatically when the drive is removed from the computer. From 95a46539091f0b9d4603a11a4f320ec0939d1ce4 Mon Sep 17 00:00:00 2001 From: Frank Rojas <45807133+frankroj@users.noreply.github.com> Date: Thu, 10 Nov 2022 21:24:16 -0500 Subject: [PATCH 037/129] Metadata/style update BitLocker 9 --- .../bitlocker/bitlocker-basic-deployment.md | 2 +- .../bitlocker/troubleshoot-bitlocker.md | 79 +++++++++++-------- 2 files changed, 48 insertions(+), 33 deletions(-) diff --git a/windows/security/information-protection/bitlocker/bitlocker-basic-deployment.md b/windows/security/information-protection/bitlocker/bitlocker-basic-deployment.md index 7b7c600fed..06fc8d4e25 100644 --- a/windows/security/information-protection/bitlocker/bitlocker-basic-deployment.md +++ b/windows/security/information-protection/bitlocker/bitlocker-basic-deployment.md @@ -58,7 +58,7 @@ For the operating system volume the **BitLocker Drive Encryption Wizard** presen |Hardware configuration|The computer must meet the minimum requirements for the supported Windows versions.| |Operating system|BitLocker is an optional feature that can be installed by Server Manager on Windows Server 2012 and later.| |Hardware TPM|TPM version 1.2 or 2.0.

    A TPM isn't required for BitLocker; however, only a computer with a TPM can provide the additional security of pre-startup system integrity verification and multifactor authentication.| - |UEFI firmware/BIOS configuration|
  • A Trusted Computing Group (TCG)-compliant BIOS or UEFI firmware.
  • The boot order must be set to start first from the hard disk, and not the USB or CD drives.
  • The firmware must be able to read from a USB flash drive during startup.
    • | + |UEFI firmware/BIOS configuration|
    • A Trusted Computing Group (TCG)-compliant BIOS or UEFI firmware.
    • The boot order must be set to start first from the hard disk, and not the USB or CD drives.
    • The firmware must be able to read from a USB flash drive during startup.
    | |File system| One FAT32 partition for the system drive and one NTFS partition for the operating system drive. This requirement is applicable for computers that boot natively with UEFI firmware.
    For computers with legacy BIOS firmware, at least two NTFS disk partitions, one for the system drive and one for the operating system drive.
    For either firmware, the system drive partition must be at least 350 megabytes (MB) and set as the active partition.| |Hardware encrypted drive prerequisites (optional)|To use a hardware encrypted drive as the boot drive, the drive must be in the uninitialized state and in the security inactive state. In addition, the system must always boot with native UEFI version 2.3.1 or higher and the CSM (if any) disabled.| diff --git a/windows/security/information-protection/bitlocker/troubleshoot-bitlocker.md b/windows/security/information-protection/bitlocker/troubleshoot-bitlocker.md index ac6920d120..f6656b4fb9 100644 --- a/windows/security/information-protection/bitlocker/troubleshoot-bitlocker.md +++ b/windows/security/information-protection/bitlocker/troubleshoot-bitlocker.md @@ -23,34 +23,36 @@ This article addresses common issues in BitLocker and provides guidelines to tro Open Event Viewer and review the following logs under Applications and Services logs\\Microsoft\\Windows: - **BitLocker-API**. Review the management log, the operational log, and any other logs that are generated in this folder. The default logs have the following unique names: - - Microsoft-Windows-BitLocker-API/BitLocker Operational - - Microsoft-Windows-BitLocker-API/BitLocker Management + + - Microsoft-Windows-BitLocker-API/BitLocker Operational + - Microsoft-Windows-BitLocker-API/BitLocker Management - **BitLocker-DrivePreparationTool**. Review the admin log, the operational log, and any other logs that are generated in this folder. The default logs have the following unique names: - - Microsoft-Windows-BitLocker-DrivePreparationTool/Operational - - Microsoft-Windows-BitLocker-DrivePreparationTool/Admin + + - Microsoft-Windows-BitLocker-DrivePreparationTool/Operational + - Microsoft-Windows-BitLocker-DrivePreparationTool/Admin Additionally, review the Windows logs\\System log for events that were produced by the TPM and TPM-WMI event sources. To filter and display or export logs, you can use the [wevtutil.exe](/windows-server/administration/windows-commands/wevtutil) command-line tool or the [Get-WinEvent](/powershell/module/microsoft.powershell.diagnostics/get-winevent?view=powershell-6&preserve-view=true) cmdlet. +For example, to use `wevtutil.exe` to export the contents of the operational log from the BitLocker-API folder to a text file that is named `BitLockerAPIOpsLog.txt`, open a Command Prompt window, and run the following command: -For example, to use wevtutil to export the contents of the operational log from the BitLocker-API folder to a text file that is named BitLockerAPIOpsLog.txt, open a Command Prompt window, and run the following command: - -```cmd -wevtutil qe "Microsoft-Windows-BitLocker/BitLocker Operational" /f:text > BitLockerAPIOpsLog.txt +``` syntax +wevtutil.exe qe "Microsoft-Windows-BitLocker/BitLocker Operational" /f:text > BitLockerAPIOpsLog.txt ``` -To use the **Get-WinEvent** cmdlet to export the same log to a comma-separated text file, open a Windows Powershell window and run the following command: +To use the **Get-WinEvent** cmdlet to export the same log to a comma-separated text file, open a Windows PowerShell window and run the following command: -```ps +``` powershell Get-WinEvent -logname "Microsoft-Windows-BitLocker/BitLocker Operational" | Export-Csv -Path Bitlocker-Operational.csv ``` You can use Get-WinEvent in an elevated PowerShell window to display filtered information from the system or application log by using the following syntax: - To display BitLocker-related information: - ```ps + + ``` powershell Get-WinEvent -FilterHashtable @{LogName='System'} | Where-Object -Property Message -Match 'BitLocker' | fl ``` @@ -59,17 +61,20 @@ You can use Get-WinEvent in an elevated PowerShell window to display filtered in ![Display of events that is produced by using Get-WinEvent and a BitLocker filter.](./images/psget-winevent-1.png) - To export BitLocker-related information: - ```ps + + ``` powershell Get-WinEvent -FilterHashtable @{LogName='System'} | Where-Object -Property Message -Match 'BitLocker' | Export-Csv -Path System-BitLocker.csv ``` - To display TPM-related information: - ```ps + + ``` powershell Get-WinEvent -FilterHashtable @{LogName='System'} | Where-Object -Property Message -Match 'TPM' | fl ``` - To export TPM-related information: - ```ps + + ``` powershell Get-WinEvent -FilterHashtable @{LogName='System'} | Where-Object -Property Message -Match 'TPM' | Export-Csv -Path System-TPM.csv ``` @@ -78,7 +83,7 @@ You can use Get-WinEvent in an elevated PowerShell window to display filtered in ![Display of events that is produced by using Get-WinEvent and a TPM filter.](./images/psget-winevent-2.png) > [!NOTE] -> If you intend to contact Microsoft Support, we recommend that you export the logs listed in this section. +> If you intend to contact Microsoft Support, it is recommended that you export the logs listed in this section. ## Gather status information from the BitLocker technologies @@ -86,10 +91,10 @@ Open an elevated Windows PowerShell window, and run each of the following comman |Command |Notes | | --- | --- | -|[**get-tpm \> C:\\TPM.txt**](/powershell/module/trustedplatformmodule/get-tpm?view=win10-ps&preserve-view=true) |Exports information about the local computer's Trusted Platform Module (TPM). This cmdlet shows different values depending on whether the TPM chip is version 1.2 or 2.0. This cmdlet is not supported in Windows 7. | -|[**manage-bde -status \> C:\\BDEStatus.txt**](/windows-server/administration/windows-commands/manage-bde-status) |Exports information about the general encryption status of all drives on the computer. | -|[**manage-bde c:
    -protectors -get \> C:\\Protectors**](/windows-server/administration/windows-commands/manage-bde-protectors) |Exports information about the protection methods that are used for the BitLocker encryption key. | -|[**reagentc /info \> C:\\reagent.txt**](/windows-hardware/manufacture/desktop/reagentc-command-line-options) |Exports information about an online or offline image about the current status of the Windows Recovery Environment (WindowsRE) and any available recovery image. | +|[**get-tpm \> C:\\TPM.txt**](/powershell/module/trustedplatformmodule/get-tpm?view=win10-ps&preserve-view=true) |Exports information about the local computer's Trusted Platform Module (TPM). This cmdlet shows different values depending on whether the TPM chip is version 1.2 or 2.0. This cmdlet isn't supported in Windows 7. | +|[**manage-bde.exe -status \> C:\\BDEStatus.txt**](/windows-server/administration/windows-commands/manage-bde-status) |Exports information about the general encryption status of all drives on the computer. | +|[**manage-bde.exe c:
    -protectors -get \> C:\\Protectors**](/windows-server/administration/windows-commands/manage-bde-protectors) |Exports information about the protection methods that are used for the BitLocker encryption key. | +|[**reagentc.exe /info \> C:\\reagent.txt**](/windows-hardware/manufacture/desktop/reagentc-command-line-options) |Exports information about an online or offline image about the current status of the Windows Recovery Environment (WindowsRE) and any available recovery image. | |[**get-BitLockerVolume \| fl**](/powershell/module/bitlocker/get-bitlockervolume?view=win10-ps&preserve-view=true) |Gets information about volumes that BitLocker Drive Encryption can protect. | ## Review the configuration information @@ -98,8 +103,8 @@ Open an elevated Windows PowerShell window, and run each of the following comman |Command |Notes | | --- | --- | - |[**gpresult /h \**](/windows-server/administration/windows-commands/gpresult) |Exports the Resultant Set of Policy information, and saves the information as an HTML file. | - |[**msinfo /report \ /computer \**](/windows-server/administration/windows-commands/msinfo32) |Exports comprehensive information about the hardware, system components, and software environment on the local computer. The **/report** option saves the information as a .txt file. | + |[**gpresult.exe /h \**](/windows-server/administration/windows-commands/gpresult) |Exports the Resultant Set of Policy information, and saves the information as an HTML file. | + |[**msinfo.exe /report \ /computer \**](/windows-server/administration/windows-commands/msinfo32) |Exports comprehensive information about the hardware, system components, and software environment on the local computer. The **/report** option saves the information as a .txt file. | 1. Open Registry Editor, and export the entries in the following subkeys: @@ -111,26 +116,36 @@ Open an elevated Windows PowerShell window, and run each of the following comman Common settings that can cause issues for BitLocker include the following scenarios: - The TPM must be unlocked. You can check the output of the **get-tpm** command for the status of the TPM. + - Windows RE must be enabled. You can check the output of the **reagentc** command for the status of WindowsRE. + - The system-reserved partition must use the correct format. + - On Unified Extensible Firmware Interface (UEFI) computers, the system-reserved partition must be formatted as FAT32. - On legacy computers, the system-reserved partition must be formatted as NTFS. -- If the device that you are troubleshooting is a slate or tablet PC, use to verify the status of the **Enable use of BitLocker authentication requiring preboot keyboard input on slates** option. + +- If the device that you're troubleshooting is a slate or tablet PC, use to verify the status of the **Enable use of BitLocker authentication requiring preboot keyboard input on slates** option. For more information about the BitLocker prerequisites, see [BitLocker basic deployment: Using BitLocker to encrypt volumes](./bitlocker-basic-deployment.md#using-bitlocker-to-encrypt-volumes) ## Next steps -If the information that you have examined so far indicates a specific issue (for example, WindowsRE is not enabled), the issue may have a straightforward fix. +If the information that you've examined so far indicates a specific issue (for example, WindowsRE isn't enabled), the issue may have a straightforward fix. -Resolving issues that do not have obvious causes depends on exactly which components are involved and what behavior you see. The information that you have gathered helps you narrow down the areas to investigate. +Resolving issues that don't have obvious causes depends on exactly which components are involved and what behavior you see. The information that you've gathered helps you narrow down the areas to investigate. -- If you are working on a device that is managed by Microsoft Intune, see [Enforcing BitLocker policies by using Intune: known issues](ts-bitlocker-intune-issues.md). -- If BitLocker does not start or cannot encrypt a drive and you notice errors or events that are related to the TPM, see [BitLocker cannot encrypt a drive: known TPM issues](ts-bitlocker-cannot-encrypt-tpm-issues.md). -- If BitLocker does not start or cannot encrypt a drive, see [BitLocker cannot encrypt a drive: known issues](ts-bitlocker-cannot-encrypt-issues.md). -- If BitLocker Network Unlock does not behave as expected, see [BitLocker Network Unlock: known issues](ts-bitlocker-network-unlock-issues.md). -- If BitLocker does not behave as expected when you recover an encrypted drive, or if you did not expect BitLocker to recover the drive, see [BitLocker recovery: known issues](ts-bitlocker-recovery-issues.md). -- If BitLocker or the encrypted drive does not behave as expected, and you notice errors or events that are related to the TPM, see [BitLocker and TPM: other known issues](ts-bitlocker-tpm-issues.md). -- If BitLocker or the encrypted drive does not behave as expected, see [BitLocker configuration: known issues](ts-bitlocker-config-issues.md). +- If you're working on a device that is managed by Microsoft Intune, see [Enforcing BitLocker policies by using Intune: known issues](ts-bitlocker-intune-issues.md). -We recommend that you keep the information that you have gathered handy in case you decide to contact Microsoft Support for help to resolve your issue. +- If BitLocker doesn't start or can't encrypt a drive and you notice errors or events that are related to the TPM, see [BitLocker can't encrypt a drive: known TPM issues](ts-bitlocker-cannot-encrypt-tpm-issues.md). + +- If BitLocker doesn't start or can't encrypt a drive, see [BitLocker can't encrypt a drive: known issues](ts-bitlocker-cannot-encrypt-issues.md). + +- If BitLocker Network Unlock doesn't behave as expected, see [BitLocker Network Unlock: known issues](ts-bitlocker-network-unlock-issues.md). + +- If BitLocker doesn't behave as expected when you recover an encrypted drive, or if you didn't expect BitLocker to recover the drive, see [BitLocker recovery: known issues](ts-bitlocker-recovery-issues.md). + +- If BitLocker or the encrypted drive doesn't behave as expected, and you notice errors or events that are related to the TPM, see [BitLocker and TPM: other known issues](ts-bitlocker-tpm-issues.md). + +- If BitLocker or the encrypted drive doesn't behave as expected, see [BitLocker configuration: known issues](ts-bitlocker-config-issues.md). + +It's recommended to keep the gathered information handy in case Microsoft Support is contacted for help with resolving the issue. From cdd513a2b5957e5d141650332f5c39c8d2b3e100 Mon Sep 17 00:00:00 2001 From: MattBrowne1 Date: Fri, 11 Nov 2022 08:50:28 +0000 Subject: [PATCH 038/129] Update windows-security-baselines.md Typo - configures -> configured --- .../windows-security-baselines.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/security/threat-protection/windows-security-configuration-framework/windows-security-baselines.md b/windows/security/threat-protection/windows-security-configuration-framework/windows-security-baselines.md index 5bedbaf17a..47647ffae7 100644 --- a/windows/security/threat-protection/windows-security-configuration-framework/windows-security-baselines.md +++ b/windows/security/threat-protection/windows-security-configuration-framework/windows-security-baselines.md @@ -66,7 +66,7 @@ There are several ways to get and use security baselines: 2. [Mobile device management (MDM) security baselines](/windows/client-management/mdm/#mdm-security-baseline) function like the Microsoft group policy-based security baselines and can easily integrate these baselines into an existing MDM management tool. -3. MDM security baselines can easily be configures in Microsoft Intune on devices that run Windows 10 and Windows 11. For more information, see [List of the settings in the Windows 10/11 MDM security baseline in Intune](/mem/intune/protect/security-baseline-settings-mdm-all). +3. MDM security baselines can easily be configured in Microsoft Intune on devices that run Windows 10 and Windows 11. For more information, see [List of the settings in the Windows 10/11 MDM security baseline in Intune](/mem/intune/protect/security-baseline-settings-mdm-all). ## Community From 927a4d48c2154b866f2d84849115f16767302ef1 Mon Sep 17 00:00:00 2001 From: Carmen Forsmann Date: Fri, 11 Nov 2022 08:22:34 -0700 Subject: [PATCH 039/129] Changed formatting of machine setup to tables --- .../do/delivery-optimization-test.md | 46 ++++++++++--------- 1 file changed, 25 insertions(+), 21 deletions(-) diff --git a/windows/deployment/do/delivery-optimization-test.md b/windows/deployment/do/delivery-optimization-test.md index 978eb7a4a0..457cdbee98 100644 --- a/windows/deployment/do/delivery-optimization-test.md +++ b/windows/deployment/do/delivery-optimization-test.md @@ -55,17 +55,19 @@ Several elements that influence overall peering, using Delivery Optimization. Th #### Test Machine Setup -* Number of machines used: 2 -* Hardware: - * Two Virtual Machines or physical devices running Windows 10 (21H2) / Windows 11 (21H2) - * 8-GB RAM / 127-GB Disk - * Network – ensure the test devices are connected to the same network, one that is representative of the corporate network -* Apply Policy settings/Windows configurations on each machine: - * Pause Windows Updates. This controls the test environment so no other content is made available during the test, and potentially altering the outcome of the test. By default, there are four pieces of content available for peering at a given time. The Delivery Optimization client cycles through the available content in the cache. Simply pausing Windows Updates might not be enough in some cases. If there are Microsoft Store Updates, for example, a download can be triggered causing the four caching slots to be filled. If this happens, the second machine may not see peers. Verify there's only one cached content before continuing the test on the second machine. If there are problems and no peering happens, use 'Get-DeliveryOptimizationStatus' on the first machine to return a real-time list of the connected peers. - * Ensure all Store apps are up to date - * Set Delivery Optimization Download mode = '2' - * Set Delivery Optimization GroupID = 'GUID'. A GUID is a required value, which can be generated using PowerShell, ‘[[guid]::NewGuid()](https://blogs.technet.microsoft.com/heyscriptingguy/2013/07/25/powertip-create-a-new-guid-by-using-powershell/)’. -* **If Windows 11 devices** set 'Restrict Peer Selection' policy to '0-NAT'. The default behavior in Windows 11 is set to '2-Local Peer Discovery'. For testing purposes, this needs to be scoped to the NAT. +|Setup Checklist| Value/Explanation +|--------|-------------------------------| +|Number of machines used| 2 +|Virtual Machines/physical devices| 2 +|Windows OS version | Windows 10 (21H2) and Windows 11 (21H2) +|RAM | 8-GB +|Disk size | 127-GB +|Network | Connected to same network, one that is representative of the corporate network. +|Pause Windows Updates | This controls the test environment so no other content is made available during the test, and potentially altering the outcome of the test. By default, there are four pieces of content available for peering at a given time. The Delivery Optimization client cycles through the available content in the cache. Simply pausing Windows Updates might not be enough in some cases. If there are Microsoft Store Updates, for example, a download can be triggered causing the four caching slots to be filled. If this happens, the second machine may not see peers. Verify there's only one cached content before continuing the test on the second machine. If there are problems and no peering happens, use 'Get-DeliveryOptimizationStatus' on the first machine to return a real-time list of the connected peers. +|Ensure all Store apps are up to date | This will help prevent any new, unexpected updates to download during testing. +|Delivery Optimization Download mode | 2 (set on each machine) +|Delivery Optimization GroupID | 'GUID' (set on each machine). A GUID is a required value, which can be generated using PowerShell, ‘[[guid]::NewGuid()](https://blogs.technet.microsoft.com/heyscriptingguy/2013/07/25/powertip-create-a-new-guid-by-using-powershell/)’. +|**If Windows 11 devices** set Delivery Optimization 'Restrict Peer Selection' policy | 0-NAT (set on each machine). The default behavior in Windows 11 is set to '2-Local Peer Discovery'. For testing purposes, this needs to be scoped to the NAT. #### Test Instructions @@ -104,16 +106,18 @@ The following set of instructions will be used for each machine: #### Test Machine Setup -* Number of machines used: 3 -* Hardware: - * Three Azure Virtual Machines running Windows 10 (21H2) - * 8-GB RAM / 127-GB Disk - * Network – ensure the test devices are connected to the same network, one that is representative of the corporate network. -* Apply Policy settings/Windows configurations on each machine: - * Set Delivery Optimization Download mode = '2' - * Set Delivery Optimization GroupID = 'GUID'. A GUID is required value which can be generated using PowerShell, ‘[[guid]::NewGuid()](https://blogs.technet.microsoft.com/heyscriptingguy/2013/07/25/powertip-create-a-new-guid-by-using-powershell/)’ - * Set Delivery Optimization policy 'Delay background download from http' = 60 (secs) - * Set Delivery Optimization policy 'Delay foreground download from http = 60 (secs) +|Setup Checklist| Value/Explanation +|--------|-------------------------------| +|Number of machines used| 3 +|Virtual Machines| 3 +|Windows OS version | Windows 10 (21H2) +|RAM | 8-GB +|Disk size|127-GB +|Network | Connected to same network, one that is representative of the corporate network. +|Delivery Optimization Download mode| 2 (set on each machine) +|Delivery Optimization GroupID| 'GUID' (set on each machine). A GUID is required value which can be generated using PowerShell, ‘[[guid]::NewGuid()](https://blogs.technet.microsoft.com/heyscriptingguy/2013/07/25/powertip-create-a-new-guid-by-using-powershell/)’ +|Delivery Optimization policy 'Delay background download from http' | 60 (set on each machine) +|Delivery Optimization policy 'Delay foreground download from http |60 (set on each machine) #### Testing Instructions From deed8d072b14782d5a2ed98b096b95dd67644188 Mon Sep 17 00:00:00 2001 From: Carmen Forsmann Date: Fri, 11 Nov 2022 08:37:03 -0700 Subject: [PATCH 040/129] Acrolinx fixes --- windows/deployment/do/delivery-optimization-test.md | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/windows/deployment/do/delivery-optimization-test.md b/windows/deployment/do/delivery-optimization-test.md index 457cdbee98..a37f097558 100644 --- a/windows/deployment/do/delivery-optimization-test.md +++ b/windows/deployment/do/delivery-optimization-test.md @@ -60,8 +60,8 @@ Several elements that influence overall peering, using Delivery Optimization. Th |Number of machines used| 2 |Virtual Machines/physical devices| 2 |Windows OS version | Windows 10 (21H2) and Windows 11 (21H2) -|RAM | 8-GB -|Disk size | 127-GB +|RAM | 8 GB +|Disk size | 127 GB |Network | Connected to same network, one that is representative of the corporate network. |Pause Windows Updates | This controls the test environment so no other content is made available during the test, and potentially altering the outcome of the test. By default, there are four pieces of content available for peering at a given time. The Delivery Optimization client cycles through the available content in the cache. Simply pausing Windows Updates might not be enough in some cases. If there are Microsoft Store Updates, for example, a download can be triggered causing the four caching slots to be filled. If this happens, the second machine may not see peers. Verify there's only one cached content before continuing the test on the second machine. If there are problems and no peering happens, use 'Get-DeliveryOptimizationStatus' on the first machine to return a real-time list of the connected peers. |Ensure all Store apps are up to date | This will help prevent any new, unexpected updates to download during testing. @@ -102,7 +102,7 @@ The following set of instructions will be used for each machine: ### Scenario 2: Advance Setup **Goal:** Demonstrate how Delivery Optimization peer-to-peer technology works in a non-controlled environment, expanding to three machines -**Expected Results:** Machine 1 will download zero bytes from peers, Machine 2 will find a peers and download 50 - 99% from peers. Machine 3 will find 2 peers and download 50 - 99% from peers. +**Expected Results:** Machine 1 will download zero bytes from peers, Machine 2 will find a peers and download 50 - 99% from peers. Machine 3 will find two peers and download 50 - 99% from peers. #### Test Machine Setup @@ -111,11 +111,11 @@ The following set of instructions will be used for each machine: |Number of machines used| 3 |Virtual Machines| 3 |Windows OS version | Windows 10 (21H2) -|RAM | 8-GB -|Disk size|127-GB +|RAM | 8 GB +|Disk size|127 GB |Network | Connected to same network, one that is representative of the corporate network. |Delivery Optimization Download mode| 2 (set on each machine) -|Delivery Optimization GroupID| 'GUID' (set on each machine). A GUID is required value which can be generated using PowerShell, ‘[[guid]::NewGuid()](https://blogs.technet.microsoft.com/heyscriptingguy/2013/07/25/powertip-create-a-new-guid-by-using-powershell/)’ +|Delivery Optimization GroupID| 'GUID' (set on each machine). A GUID is required value, which can be generated using PowerShell, ‘[[guid]::NewGuid()](https://blogs.technet.microsoft.com/heyscriptingguy/2013/07/25/powertip-create-a-new-guid-by-using-powershell/)’ |Delivery Optimization policy 'Delay background download from http' | 60 (set on each machine) |Delivery Optimization policy 'Delay foreground download from http |60 (set on each machine) From e0d12ac2decf50310f4c8070dce69aa8e0d760f1 Mon Sep 17 00:00:00 2001 From: Carmen Forsmann Date: Fri, 11 Nov 2022 12:15:41 -0700 Subject: [PATCH 041/129] Reduce duplicating text --- windows/deployment/do/delivery-optimization-test.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/deployment/do/delivery-optimization-test.md b/windows/deployment/do/delivery-optimization-test.md index a37f097558..11ab180c5f 100644 --- a/windows/deployment/do/delivery-optimization-test.md +++ b/windows/deployment/do/delivery-optimization-test.md @@ -63,7 +63,7 @@ Several elements that influence overall peering, using Delivery Optimization. Th |RAM | 8 GB |Disk size | 127 GB |Network | Connected to same network, one that is representative of the corporate network. -|Pause Windows Updates | This controls the test environment so no other content is made available during the test, and potentially altering the outcome of the test. By default, there are four pieces of content available for peering at a given time. The Delivery Optimization client cycles through the available content in the cache. Simply pausing Windows Updates might not be enough in some cases. If there are Microsoft Store Updates, for example, a download can be triggered causing the four caching slots to be filled. If this happens, the second machine may not see peers. Verify there's only one cached content before continuing the test on the second machine. If there are problems and no peering happens, use 'Get-DeliveryOptimizationStatus' on the first machine to return a real-time list of the connected peers. +|Pause Windows Updates | This controls the test environment so no other content is made available during the test, and potentially altering the outcome of the test. If there are problems and no peering happens, use 'Get-DeliveryOptimizationStatus' on the first machine to return a real-time list of the connected peers. |Ensure all Store apps are up to date | This will help prevent any new, unexpected updates to download during testing. |Delivery Optimization Download mode | 2 (set on each machine) |Delivery Optimization GroupID | 'GUID' (set on each machine). A GUID is a required value, which can be generated using PowerShell, ‘[[guid]::NewGuid()](https://blogs.technet.microsoft.com/heyscriptingguy/2013/07/25/powertip-create-a-new-guid-by-using-powershell/)’. From 975f99d8fc902994f33c32b3add4996941a2b372 Mon Sep 17 00:00:00 2001 From: Carmen Forsmann Date: Mon, 14 Nov 2022 14:33:41 -0700 Subject: [PATCH 042/129] Addressed latest round of comments --- .../do/delivery-optimization-test.md | 44 +++++++++++-------- 1 file changed, 25 insertions(+), 19 deletions(-) diff --git a/windows/deployment/do/delivery-optimization-test.md b/windows/deployment/do/delivery-optimization-test.md index 11ab180c5f..1cad399007 100644 --- a/windows/deployment/do/delivery-optimization-test.md +++ b/windows/deployment/do/delivery-optimization-test.md @@ -42,7 +42,7 @@ Several elements that influence overall peering, using Delivery Optimization. Th * Delivery Optimization’s hybrid approach to downloading from multiple sources (HTTP and peer) in parallel is especially critical for large-scale environments, constantly assessing the optimal source from which to deliver the content. In conjunction, the distribution of content cache, across participating devices, contributes to Delivery Optimization’s ability to find bandwidth savings as more peers become available. -* At the point a download is initiated, the DO client starts downloading from the HTTP and discovering peers simultaneously. With a smaller file, there might be nearly 100% bytes from HTTP before connecting to a peer, even though peers are available. With a larger file and quality LAN peers, it might reduce the HTTP request rate to near zero, but only after making those initial requests from HTTP. +* At the point a download is initiated, the DO client starts downloading from the HTTP source and discovering peers simultaneously. With a smaller file, most of the bytes could be downloaded from an HTTP source before connecting to a peer, even though peers are available. With a larger file and quality LAN peers, it might reduce the HTTP request rate to near zero, but only after making those initial requests from HTTP. * In the next section, you'll see how the two testing scenarios produce differing results in the number of bytes coming from HTTP vs. peers, which shows Delivery Optimization continuously evaluating the optimal location from which to download the content. @@ -50,32 +50,36 @@ Several elements that influence overall peering, using Delivery Optimization. Th ### Scenario 1: Basic Setup -**Goal:** Demonstrate how Delivery Optimization peer-to-peer technology works using two machines, in a controlled test environment -**Expected Results:** Machine 1 will download zero bytes from peers, Machine 2 will download 50 - 99% from peers. +**Goal:** +Demonstrate how Delivery Optimization peer-to-peer technology works using two machines, in a controlled test environment + +**Expected Results:** +Machine 1 will download zero bytes from peers, Machine 2 will download 50 - 99% from peers. #### Test Machine Setup |Setup Checklist| Value/Explanation |--------|-------------------------------| |Number of machines used| 2 -|Virtual Machines/physical devices| 2 +|Virtual Machines/physical devices| 2 |Windows OS version | Windows 10 (21H2) and Windows 11 (21H2) |RAM | 8 GB |Disk size | 127 GB |Network | Connected to same network, one that is representative of the corporate network. |Pause Windows Updates | This controls the test environment so no other content is made available during the test, and potentially altering the outcome of the test. If there are problems and no peering happens, use 'Get-DeliveryOptimizationStatus' on the first machine to return a real-time list of the connected peers. |Ensure all Store apps are up to date | This will help prevent any new, unexpected updates to download during testing. -|Delivery Optimization Download mode | 2 (set on each machine) -|Delivery Optimization GroupID | 'GUID' (set on each machine). A GUID is a required value, which can be generated using PowerShell, ‘[[guid]::NewGuid()](https://blogs.technet.microsoft.com/heyscriptingguy/2013/07/25/powertip-create-a-new-guid-by-using-powershell/)’. -|**If Windows 11 devices** set Delivery Optimization 'Restrict Peer Selection' policy | 0-NAT (set on each machine). The default behavior in Windows 11 is set to '2-Local Peer Discovery'. For testing purposes, this needs to be scoped to the NAT. +|Delivery Optimization 'Download Mode' Policy | 2 (Group)(set on each machine) +|Delivery Optimization 'GroupID' Policy | Set the *same* 'GUID' on each test machine. A GUID is a required value, which can be generated using PowerShell, ‘[[guid]::NewGuid()](https://blogs.technet.microsoft.com/heyscriptingguy/2013/07/25/powertip-create-a-new-guid-by-using-powershell/)’. +|**Required on Windows 11 devices only** set Delivery Optimization 'Restrict Peer Selection' policy | 0-NAT (set on each machine). The default behavior in Windows 11 is set to '2-Local Peer Discovery'. For testing purposes, this needs to be scoped to the NAT. #### Test Instructions The following set of instructions will be used for each machine: -1. Clear the DO cache: ‘Delete-DeliveryOptimizationCache’ -2. Open MS Store and search for 'Asphalt Legends 9'. Select ‘Get’ to initiate the download of the content (Content size: 3.4 GB). -3. Open PowerShell console as Administrator. Run 'Get-DeliveryOptimizationStatus' +1. Open PowerShell console as 'Administrator'. + * Clear the DO cache: ‘Delete-DeliveryOptimizationCache’ + * Run 'Get-DeliveryOptimizationStatus' +2. Open MS Store and search for 'Asphalt Legends 9'. Select ‘Get’ to initiate the download of the content (Content size: ~3.4 GB). **On machine #1** @@ -101,8 +105,10 @@ The following set of instructions will be used for each machine: ### Scenario 2: Advance Setup -**Goal:** Demonstrate how Delivery Optimization peer-to-peer technology works in a non-controlled environment, expanding to three machines -**Expected Results:** Machine 1 will download zero bytes from peers, Machine 2 will find a peers and download 50 - 99% from peers. Machine 3 will find two peers and download 50 - 99% from peers. +**Goal:** +Demonstrate how Delivery Optimization peer-to-peer technology works in a non-controlled environment, expanding to three machines +**Expected Results:** +Machine 1 will download zero bytes from peers, Machine 2 will find a peers and download 50 - 99% from peers. Machine 3 will find two peers and download 50 - 99% from peers. #### Test Machine Setup @@ -114,17 +120,17 @@ The following set of instructions will be used for each machine: |RAM | 8 GB |Disk size|127 GB |Network | Connected to same network, one that is representative of the corporate network. -|Delivery Optimization Download mode| 2 (set on each machine) -|Delivery Optimization GroupID| 'GUID' (set on each machine). A GUID is required value, which can be generated using PowerShell, ‘[[guid]::NewGuid()](https://blogs.technet.microsoft.com/heyscriptingguy/2013/07/25/powertip-create-a-new-guid-by-using-powershell/)’ -|Delivery Optimization policy 'Delay background download from http' | 60 (set on each machine) -|Delivery Optimization policy 'Delay foreground download from http |60 (set on each machine) +|Delivery Optimization 'Download Mode' Policy| 2 (Group)(set on each machine) +|Delivery Optimization 'Group ID' Policy| Set the *same* 'GUID' on each test machine. A GUID is required value, which can be generated using PowerShell, ‘[[guid]::NewGuid()](https://blogs.technet.microsoft.com/heyscriptingguy/2013/07/25/powertip-create-a-new-guid-by-using-powershell/)’ +|Delivery Optimization 'Delay background download from http' Policy | 60 (set on each machine) +|Delivery Optimization 'Delay foreground download from http Policy |60 (set on each machine) #### Testing Instructions The following set of instructions will be used for each machine: 1. Clear the DO cache: ‘Delete-DeliveryOptimizationCache’ -2. Open MS Store and search for 'Asphalt Legends 9'. Select ‘Get’ to initiate the download of the content (Content size: 3.4 GB). +2. Open MS Store and search for 'Asphalt Legends 9'. Select ‘Get’ to initiate the download of the content (Content size: ~3.4 GB). 3. Open PowerShell console as Administrator. Run 'Get-DeliveryOptimizationStatus' **On machine #1:** @@ -138,7 +144,7 @@ The following set of instructions will be used for each machine: **Observations** * The first download in the group of devices shows all bytes coming from HTTP, 'BytesFromHttp'. -* Download is in the ‘Foreground’ because the Store app is doing the download and in the foreground on the device. +* Download is in the ‘Foreground’ because the Store app is doing the download and in the foreground on the device because it is initiated by the user in the Store app. * No peers are found. *Wait 5 minutes* @@ -196,7 +202,7 @@ As mentioned, the distributed nature of the Delivery Optimization technology is ## Conclusion -Using Delivery Optimization can help make a big impact in customer environments to optimize bandwidth. The peer-to-peer technology offers many configurations, designed to be flexible for any organization. Delivery Optimization uses a distributed cache, across different sources, to ensure the most optimal download experience. +Using Delivery Optimization can help make a big impact in customer environments to optimize bandwidth. The peer-to-peer technology offers many configurations, designed to be flexible for any organization. Delivery Optimization uses a distributed cache, across different sources, to ensure the most optimal download experience while limiting the resources used on each device. The testing scenarios found in this document help to show a controlled test environment, helping to prevent updates from interrupting the peering results. The other, a more real-world case, to demonstrate how content available across peers will both be used as the source of the content. From 3f59a91cfb021529b6e2101af34b586b876c7975 Mon Sep 17 00:00:00 2001 From: Frank Rojas <45807133+frankroj@users.noreply.github.com> Date: Mon, 14 Nov 2022 17:09:41 -0500 Subject: [PATCH 043/129] Metadata/style update BitLocker 10 --- .../bitlocker-management-for-enterprises.md | 50 +-- .../bitlocker-network-unlock-faq.yml | 4 +- ...itlocker-overview-and-requirements-faq.yml | 22 +- .../bitlocker/bitlocker-overview.md | 73 ++- .../bitlocker-recovery-guide-plan.md | 422 +++++++++++------- 5 files changed, 316 insertions(+), 255 deletions(-) diff --git a/windows/security/information-protection/bitlocker/bitlocker-management-for-enterprises.md b/windows/security/information-protection/bitlocker/bitlocker-management-for-enterprises.md index 40381c3bef..c4539837f3 100644 --- a/windows/security/information-protection/bitlocker/bitlocker-management-for-enterprises.md +++ b/windows/security/information-protection/bitlocker/bitlocker-management-for-enterprises.md @@ -18,10 +18,7 @@ ms.technology: itpro-security The ideal solution for BitLocker management is to eliminate the need for IT administrators to set management policies using tools or other mechanisms by having Windows perform tasks that are more practical to automate. This vision leverages modern hardware developments. The growth of TPM 2.0, secure boot, and other hardware improvements, for example, have helped to alleviate the support burden on help desks and a decrease in support-call volumes, yielding improved user satisfaction. Windows continues to be the focus for new features and improvements for built-in encryption management, such as automatically enabling encryption on devices that support Modern Standby beginning with Windows 8.1. -Though much Windows BitLocker [documentation](bitlocker-overview.md) has been published, customers frequently ask for recommendations and pointers to specific, task-oriented documentation that is both easy to digest and focused on how to deploy and manage BitLocker. This article links to relevant documentation, products, and services to help answer this and other related frequently asked questions, and also provides BitLocker recommendations for different types of computers. - -> [!IMPORTANT] -> Microsoft BitLocker Administration and Monitoring (MBAM) capabilities will be offered from [ConfigMgr in on-prem scenarios](/configmgr/core/get-started/2019/technical-preview-1909#bkmk_bitlocker/) in the future. +Though much Windows [BitLocker documentation](bitlocker-overview.md) has been published, customers frequently ask for recommendations and pointers to specific, task-oriented documentation that is both easy to digest and focused on how to deploy and manage BitLocker. This article links to relevant documentation, products, and services to help answer this and other related frequently asked questions, and also provides BitLocker recommendations for different types of computers. ## Managing domain-joined computers and moving to cloud @@ -29,6 +26,9 @@ Companies that image their own computers using Configuration Manager can use an Enterprises can use [Microsoft BitLocker Administration and Monitoring (MBAM)](/microsoft-desktop-optimization-pack/mbam-v25/) to manage client computers with BitLocker that are domain-joined on-premises until [mainstream support ends in July 2019](/lifecycle/products/?alpha=Microsoft%20BitLocker%20Administration%20and%20Monitoring%202.5%20Service%20Pack%201%2F) or they can receive extended support until April 2026. Thus, over the next few years, a good strategy for enterprises will be to plan and move to cloud-based management for BitLocker. Refer to the [PowerShell examples](#powershell-examples) to see how to store recovery keys in Azure Active Directory (Azure AD). +> [!IMPORTANT] +> Microsoft BitLocker Administration and Monitoring (MBAM) capabilities are offered through Configuration Manager BitLocker Management. See [Plan for BitLocker management](/mem/configmgr/protect/plan-design/bitlocker-management) in the Configuration Manager documentation for additional information. + ## Managing devices joined to Azure Active Directory Devices joined to Azure AD are managed using Mobile Device Management (MDM) policy from an MDM solution such as Microsoft Intune. Without Windows 10, version 1809, or Windows 11, only local administrators can enable BitLocker via Intune policy. Starting with Windows 10, version 1809, or Windows 11, Intune can enable BitLocker for standard users. [BitLocker Device Encryption](bitlocker-device-encryption-overview-windows-10.md#bitlocker-device-encryption) status can be queried from managed machines via the [Policy Configuration Settings Provider (CSP)](/windows/client-management/mdm/policy-configuration-service-provider/), which reports on whether BitLocker Device Encryption is enabled on the device. Compliance with BitLocker Device Encryption policy can be a requirement for [Conditional Access](https://www.microsoft.com/cloud-platform/conditional-access/) to services like Exchange Online and SharePoint Online. @@ -96,38 +96,26 @@ Enable-BitLocker -MountPoint "C:" -EncryptionMethod XtsAes256 -UsedSpaceOnly -Pi ## Related Articles -[BitLocker: FAQs](bitlocker-frequently-asked-questions.yml) - -[Microsoft BitLocker Administration and Management (MBAM)](/microsoft-desktop-optimization-pack/mbam-v25/) - -[Overview of BitLocker Device Encryption in Windows](bitlocker-device-encryption-overview-windows-10.md#bitlocker-device-encryption) - -[BitLocker Group Policy Reference](./bitlocker-group-policy-settings.md) - -[Microsoft Intune](https://www.microsoft.com/cloud-platform/microsoft-intune/) +- [BitLocker: FAQs](bitlocker-frequently-asked-questions.yml) +- [Microsoft BitLocker Administration and Management (MBAM)](/microsoft-desktop-optimization-pack/mbam-v25/) +- [Overview of BitLocker Device Encryption in Windows](bitlocker-device-encryption-overview-windows-10.md#bitlocker-device-encryption) +- [BitLocker Group Policy Reference](./bitlocker-group-policy-settings.md) +- [Microsoft Intune](https://www.microsoft.com/cloud-platform/microsoft-intune/) *(Overview)* - -[Configuration Settings Providers](/windows/client-management/mdm/policy-configuration-service-provider) +- [Configuration Settings Providers](/windows/client-management/mdm/policy-configuration-service-provider) *(Policy CSP: See [Security-RequireDeviceEncryption](/windows/client-management/mdm/policy-csp-security#security-policies))* - -[BitLocker CSP](/windows/client-management/mdm/bitlocker-csp/) +- [BitLocker CSP](/windows/client-management/mdm/bitlocker-csp/) ### Windows Server setup tools -[Windows Server Installation Options](/windows-server/get-started-19/install-upgrade-migrate-19/) - -[How to update local source media to add roles and features](/archive/blogs/joscon/how-to-update-local-source-media-to-add-roles-and-features) - -[How to add or remove optional components on Server Core](/archive/blogs/server_core/using-features-on-demand-with-updated-systems-and-patched-images) *(Features on Demand)* - -[BitLocker: How to deploy on Windows Server 2012 and newer](bitlocker-how-to-deploy-on-windows-server.md) - -[BitLocker: How to enable Network Unlock](bitlocker-how-to-enable-network-unlock.md) - -[Shielded VMs and Guarded Fabric](https://blogs.technet.microsoft.com/windowsserver/2016/05/10/a-closer-look-at-shielded-vms-in-windows-server-2016/) +- [Windows Server Installation Options](/windows-server/get-started-19/install-upgrade-migrate-19/) +- [How to update local source media to add roles and features](/archive/blogs/joscon/how-to-update-local-source-media-to-add-roles-and-features) +- [How to add or remove optional components on Server Core](/archive/blogs/server_core/using-features-on-demand-with-updated-systems-and-patched-images) *(Features on Demand)* +- [BitLocker: How to deploy on Windows Server 2012 and newer](bitlocker-how-to-deploy-on-windows-server.md) +- [BitLocker: How to enable Network Unlock](bitlocker-how-to-enable-network-unlock.md) +- [Shielded VMs and Guarded Fabric](https://blogs.technet.microsoft.com/windowsserver/2016/05/10/a-closer-look-at-shielded-vms-in-windows-server-2016/) ### PowerShell -[BitLocker cmdlets for Windows PowerShell](bitlocker-use-bitlocker-drive-encryption-tools-to-manage-bitlocker.md#bitlocker-cmdlets-for-windows-powershell) - -[Surface Pro Specifications](https://www.microsoft.com/surface/support/surface-pro-specs/) +- [BitLocker cmdlets for Windows PowerShell](bitlocker-use-bitlocker-drive-encryption-tools-to-manage-bitlocker.md#bitlocker-cmdlets-for-windows-powershell) +- [Surface Pro Specifications](https://www.microsoft.com/surface/support/surface-pro-specs/) diff --git a/windows/security/information-protection/bitlocker/bitlocker-network-unlock-faq.yml b/windows/security/information-protection/bitlocker/bitlocker-network-unlock-faq.yml index 88967d942d..a9ce4e3c24 100644 --- a/windows/security/information-protection/bitlocker/bitlocker-network-unlock-faq.yml +++ b/windows/security/information-protection/bitlocker/bitlocker-network-unlock-faq.yml @@ -31,10 +31,10 @@ sections: answer: | BitLocker Network Unlock enables easier management for BitLocker-enabled desktops and servers that use the TPM+PIN protection method in a domain environment. When a computer that is connected to a wired corporate network is rebooted, Network Unlock allows the PIN entry prompt to be bypassed. It automatically unlocks BitLocker-protected operating system volumes by using a trusted key that is provided by the Windows Deployment Services server as its secondary authentication method. - To use Network Unlock, a PIN must be configured for your computer. When your computer isn't connected to the network, you'll need to provide the PIN to unlock it. + To use Network Unlock, a PIN must be configured for the computer. When the computer isn't connected to the network, a PIN will need to be provided to unlock it. BitLocker Network Unlock has software and hardware requirements for both client computers, Windows Deployment services, and domain controllers that must be met before it can be used. - Network Unlock uses two protectors, the TPM protector and the one provided by the network or by your PIN, whereas automatic unlock uses a single protector, the one stored in the TPM. If the computer is joined to a network without the key protector, it will prompt to enter your PIN. If the PIN isn't available, you'll need to use the recovery key to unlock the computer if it can't be connected to the network. + Network Unlock uses two protectors - the TPM protector and the protector provided by the network or by the PIN. Automatic unlock uses a single protector - the one stored in the TPM. If the computer is joined to a network without the key protector, it will prompt to enter a PIN. If the PIN isn't available, the recovery key will need to be used to unlock the computer if it can't be connected to the network. For more info, see [BitLocker: How to enable Network Unlock](bitlocker-how-to-enable-network-unlock.md). diff --git a/windows/security/information-protection/bitlocker/bitlocker-overview-and-requirements-faq.yml b/windows/security/information-protection/bitlocker/bitlocker-overview-and-requirements-faq.yml index 39f304e7be..523a647b0c 100644 --- a/windows/security/information-protection/bitlocker/bitlocker-overview-and-requirements-faq.yml +++ b/windows/security/information-protection/bitlocker/bitlocker-overview-and-requirements-faq.yml @@ -34,21 +34,21 @@ sections: answer: | **How BitLocker works with operating system drives** - You can use BitLocker to mitigate unauthorized data access on lost or stolen computers by encrypting all user files and system files on the operating system drive, including the swap files and hibernation files, and checking the integrity of early boot components and boot configuration data. + BitLocker Can be used to mitigate unauthorized data access on lost or stolen computers by encrypting all user files and system files on the operating system drive, including the swap files and hibernation files, and checking the integrity of early boot components and boot configuration data. **How BitLocker works with fixed and removable data drives** - You can use BitLocker to encrypt the entire contents of a data drive. You can use Group Policy to require that BitLocker be enabled on a drive before the computer can write data to the drive. BitLocker can be configured with a variety of unlock methods for data drives, and a data drive supports multiple unlock methods. + BitLocker can be used to encrypt the entire contents of a data drive. Group Policy can be used to require BitLocker be enabled on a drive before the computer can write data to the drive. BitLocker can be configured with various unlock methods for data drives, and a data drive supports multiple unlock methods. - question: Does BitLocker support multifactor authentication? - answer: Yes, BitLocker supports multifactor authentication for operating system drives. If you enable BitLocker on a computer that has a TPM version 1.2 or later, you can use additional forms of authentication with the TPM protection. + answer: Yes, BitLocker supports multifactor authentication for operating system drives. If BitLocker is enabled on a computer that has a TPM version 1.2 or later, additional forms of authentication can be used with the TPM protection. - question: What are the BitLocker hardware and software requirements? answer: | For requirements, see [System requirements](bitlocker-overview.md#system-requirements). > [!NOTE] - > Dynamic disks are not supported by BitLocker. Dynamic data volumes will not be displayed in the Control Panel. Although the operating system volume will always be displayed in the Control Panel, regardless of whether it is a Dynamic disk, if it is a dynamic disk it cannot be protected by BitLocker. + > Dynamic disks aren't supported by BitLocker. Dynamic data volumes won't be displayed in the Control Panel. Although the operating system volume will always be displayed in the Control Panel, regardless of whether it's a Dynamic disk, if it's a dynamic disk it can't be protected by BitLocker. - question: Why are two partitions required? Why does the system drive have to be so large? answer: Two partitions are required to run BitLocker because pre-startup authentication and system integrity verification must occur on a separate partition from the encrypted operating system drive. This configuration helps protect the operating system and the information in the encrypted drive. @@ -58,27 +58,27 @@ sections: BitLocker supports TPM version 1.2 or higher. BitLocker support for TPM 2.0 requires Unified Extensible Firmware Interface (UEFI) for the device. > [!NOTE] - > TPM 2.0 is not supported in Legacy and CSM Modes of the BIOS. Devices with TPM 2.0 must have their BIOS mode configured as Native UEFI only. The Legacy and Compatibility Support Module (CSM) options must be disabled. For added security Enable the Secure Boot feature. + > TPM 2.0 isn't supported in Legacy and CSM Modes of the BIOS. Devices with TPM 2.0 must have their BIOS mode configured as Native UEFI only. The Legacy and Compatibility Support Module (CSM) options must be disabled. For added security, enable the Secure Boot feature. > - > Installed Operating System on hardware in legacy mode will stop the OS from booting when the BIOS mode is changed to UEFI. Use the tool [MBR2GPT](/windows/deployment/mbr-to-gpt) before changing the BIOS mode which will prepare the OS and the disk to support UEFI. + > Installed Operating System on hardware in legacy mode will stop the OS from booting when the BIOS mode is changed to UEFI. Use the tool [MBR2GPT](/windows/deployment/mbr-to-gpt) before changing the BIOS mode that will prepare the OS and the disk to support UEFI. - - question: How can I tell if a TPM is on my computer? - answer: Beginning with Windows 10, version 1803, you can check TPM status in **Windows Defender Security Center** > **Device Security** > **Security processor details**. In previous versions of Windows, open the TPM MMC console (tpm.msc) and look under the **Status** heading. You can also run [**Get-TPM**](/powershell/module/trustedplatformmodule/get-tpm?view=windowsserver2019-ps)** in PowerShell to get more details about the TPM on the current computer. + - question: How can I tell if a computer has a TPM? + answer: Beginning with Windows 10, version 1803, the TPM status can be checked in **Windows Defender Security Center** > **Device Security** > **Security processor details**. In previous versions of Windows, open the TPM MMC console (tpm.msc) and look under the **Status** heading. [**Get-TPM**](/powershell/module/trustedplatformmodule/get-tpm?view=windowsserver2019-ps)** can also be run in PowerShell to get more details about the TPM on the current computer. - question: Can I use BitLocker on an operating system drive without a TPM? answer: | - Yes, you can enable BitLocker on an operating system drive without a TPM version 1.2 or higher, if the BIOS or UEFI firmware has the ability to read from a USB flash drive in the boot environment. This is because BitLocker will not unlock the protected drive until BitLocker's own volume master key is first released by either the computer's TPM or by a USB flash drive containing the BitLocker startup key for that computer. However, computers without TPMs will not be able to use the system integrity verification that BitLocker can also provide. + Yes, BitLocker can be enabled on an operating system drive without a TPM version 1.2 or higher, if the BIOS or UEFI firmware has the ability to read from a USB flash drive in the boot environment. BitLocker won't unlock the protected drive until BitLocker's own volume master key is first released by either the computer's TPM or by a USB flash drive containing the BitLocker startup key for that computer. However, computers without TPMs won't be able to use the system integrity verification that BitLocker can also provide. To help determine whether a computer can read from a USB device during the boot process, use the BitLocker system check as part of the BitLocker setup process. This system check performs tests to confirm that the computer can properly read from the USB devices at the appropriate time and that the computer meets other BitLocker requirements. - question: How do I obtain BIOS support for the TPM on my computer? answer: | Contact the computer manufacturer to request a Trusted Computing Group (TCG)-compliant BIOS or UEFI boot firmware that meets the following requirements: - - It is compliant with the TCG standards for a client computer. + - It's compliant with the TCG standards for a client computer. - It has a secure update mechanism to help prevent a malicious BIOS or boot firmware from being installed on the computer. - question: What credentials are required to use BitLocker? answer: To turn on, turn off, or change configurations of BitLocker on operating system and fixed data drives, membership in the local **Administrators** group is required. Standard users can turn on, turn off, or change configurations of BitLocker on removable data drives. - question: What is the recommended boot order for computers that are going to be BitLocker-protected? - answer: You should configure the startup options of your computer to have the hard disk drive first in the boot order, before any other drives such as CD/DVD drives or USB drives. If the hard disk is not first and you typically boot from hard disk, then a boot order change may be detected or assumed when removable media is found during boot. The boot order typically affects the system measurement that is verified by BitLocker and a change in boot order will cause you to be prompted for your BitLocker recovery key. For the same reason, if you have a laptop with a docking station, ensure that the hard disk drive is first in the boot order both when docked and undocked. + answer: The computer's startup options should be configured to have the hard disk drive first in the boot order, before any other drives such as CD/DVD drives or USB drives. If the hard disk isn't first and the computer typically boots from the hard disk, then a boot order change may be detected or assumed when removable media is found during boot. The boot order typically affects the system measurement that is verified by BitLocker and a change in boot order will cause a prompt for the BitLocker recovery key. For the same reason, if a laptop is used with a docking station, ensure that the hard disk drive is first in the boot order both when the laptop is docked and undocked. diff --git a/windows/security/information-protection/bitlocker/bitlocker-overview.md b/windows/security/information-protection/bitlocker/bitlocker-overview.md index 22d71d965b..a0f5f8c56d 100644 --- a/windows/security/information-protection/bitlocker/bitlocker-overview.md +++ b/windows/security/information-protection/bitlocker/bitlocker-overview.md @@ -1,6 +1,6 @@ --- title: BitLocker -description: This topic provides a high-level overview of BitLocker, including a list of system requirements, practical applications, and deprecated features. +description: This article provides a high-level overview of BitLocker, including a list of system requirements, practical applications, and deprecated features. ms.author: frankroj ms.prod: windows-client ms.localizationpriority: medium @@ -23,46 +23,47 @@ ms.technology: itpro-security - Windows 11 - Windows Server 2016 and above -This topic provides a high-level overview of BitLocker, including a list of system requirements, practical applications, and deprecated features. +This article provides a high-level overview of BitLocker, including a list of system requirements, practical applications, and deprecated features. -## BitLocker overview +## BitLocker overview BitLocker Drive Encryption is a data protection feature that integrates with the operating system and addresses the threats of data theft or exposure from lost, stolen, or inappropriately decommissioned computers. -BitLocker provides the maximum protection when used with a Trusted Platform Module (TPM) version 1.2 or later versions. The TPM is a hardware component installed in many newer computers by the computer manufacturers. It works with BitLocker to help protect user data and to ensure that a computer has not been tampered with while the system was offline. +BitLocker provides the maximum protection when used with a Trusted Platform Module (TPM) version 1.2 or later versions. The TPM is a hardware component installed in many newer computers by the computer manufacturers. It works with BitLocker to help protect user data and to ensure that a computer hasn't been tampered with while the system was offline. -On computers that do not have a TPM version 1.2 or later versions, you can still use BitLocker to encrypt the Windows operating system drive. However, this implementation requires the user to insert a USB startup key to start the computer or resume from hibernation. Starting with Windows 8, you can use an operating system volume password to protect the operating system volume on a computer without TPM. Both options do not provide the pre-startup system integrity verification offered by BitLocker with a TPM. +On computers that don't have a TPM version 1.2 or later versions, BitLocker can still be used to encrypt the Windows operating system drive. However, this implementation requires the user to insert a USB startup key to start the computer or resume from hibernation. Starting with Windows 8, an operating system volume password can be used to protect the operating system volume on a computer without TPM. Both options don't provide the pre-startup system integrity verification offered by BitLocker with a TPM. -In addition to the TPM, BitLocker offers the option to lock the normal startup process until the user supplies a personal identification number (PIN) or inserts a removable device, such as a USB flash drive, that contains a startup key. These additional security measures provide multifactor authentication and assurance that the computer will not start or resume from hibernation until the correct PIN or startup key is presented. +In addition to the TPM, BitLocker offers the option to lock the normal startup process until the user supplies a personal identification number (PIN) or inserts a removable device (such as a USB flash drive) that contains a startup key. These additional security measures provide multifactor authentication and assurance that the computer won't start or resume from hibernation until the correct PIN or startup key is presented. -## Practical applications +## Practical applications Data on a lost or stolen computer is vulnerable to unauthorized access, either by running a software-attack tool against it or by transferring the computer's hard disk to a different computer. BitLocker helps mitigate unauthorized data access by enhancing file and system protections. BitLocker also helps render data inaccessible when BitLocker-protected computers are decommissioned or recycled. -There are two additional tools in the Remote Server Administration Tools which you can use to manage BitLocker. +There are two additional tools in the Remote Server Administration Tools that can be used to manage BitLocker. -- **BitLocker Recovery Password Viewer**. The BitLocker Recovery Password Viewer enables you to locate and view BitLocker Drive Encryption recovery passwords that have been backed up to Active Directory Domain Services (AD DS). You can use this tool to help recover data that is stored on a drive that has been encrypted by using BitLocker. The BitLocker Recovery Password Viewer tool is an extension for the Active Directory Users and Computers Microsoft Management Console (MMC) snap-in. - By using this tool, you can examine a computer object's **Properties** dialog box to view the corresponding BitLocker recovery passwords. Additionally, you can right-click a domain container and then search for a BitLocker recovery password across all the domains in the Active Directory forest. To view recovery passwords, you must be a domain administrator, or you must have been delegated permissions by a domain administrator. +- **BitLocker Recovery Password Viewer**. The BitLocker Recovery Password Viewer enables the BitLocker Drive Encryption recovery passwords that have been backed up to Active Directory Domain Services (AD DS) to be located and viewed. This tool can be used to help recover data that is stored on a drive that has been encrypted by using BitLocker. The BitLocker Recovery Password Viewer tool is an extension for the Active Directory Users and Computers Microsoft Management Console (MMC) snap-in. + + By using this tool, a computer object's **Properties** dialog box can be examined to view the corresponding BitLocker recovery passwords. Additionally, a domain container can be searched for a BitLocker recovery password across all the domains in the Active Directory forest by right clicking on the domain container. Viewing recovery passwords can only be viewed by domain administrator or having delegated permissions by a domain administrator. - **BitLocker Drive Encryption Tools**. BitLocker Drive Encryption Tools include the command-line tools, manage-bde and repair-bde, and the BitLocker cmdlets for Windows PowerShell. Both manage-bde and the BitLocker cmdlets can be used to perform any task that can be accomplished through the -BitLocker control panel, and they are appropriate to be used for automated deployments and other scripting scenarios. Repair-bde is provided for disaster recovery scenarios in which a BitLocker-protected drive cannot be unlocked normally or by using the recovery console. +BitLocker control panel, and they're appropriate to be used for automated deployments and other scripting scenarios. Repair-bde is provided for disaster recovery scenarios in which a BitLocker-protected drive can't be unlocked normally or by using the recovery console. -## New and changed functionality +## New and changed functionality + +To find out what's new in BitLocker for Windows, such as support for the XTS-AES encryption algorithm, see the [BitLocker](/windows/whats-new/whats-new-windows-10-version-1507-and-1511#bitlocker) section in [What's new in Windows 10, versions 1507 and 1511 for IT Pros](/windows/whats-new/whats-new-windows-10-version-1507-and-1511). -To find out what's new in BitLocker for Windows, such as support for the XTS-AES encryption algorithm, see the [BitLocker](/windows/whats-new/whats-new-windows-10-version-1507-and-1511#bitlocker) section in "What's new in Windows 10." - ## System requirements BitLocker has the following hardware requirements: -For BitLocker to use the system integrity check provided by a TPM, the computer must have TPM 1.2 or later versions. If your computer does not have a TPM, enabling BitLocker makes it mandatory for you to save a startup key on a removable device, such as a USB flash drive. +For BitLocker to use the system integrity check provided by a TPM, the computer must have TPM 1.2 or later versions. If a computer doesn't have a TPM, saving a startup key on a removable drive, such as a USB flash drive, becomes mandatory when enabling BitLocker. -A computer with a TPM must also have a Trusted Computing Group (TCG)-compliant BIOS or UEFI firmware. The BIOS or UEFI firmware establishes a chain of trust for the pre-operating system startup, and it must include support for TCG-specified Static Root of Trust Measurement. A computer without a TPM does not require TCG-compliant firmware. +A computer with a TPM must also have a Trusted Computing Group (TCG)-compliant BIOS or UEFI firmware. The BIOS or UEFI firmware establishes a chain of trust for the pre-operating system startup, and it must include support for TCG-specified Static Root of Trust Measurement. A computer without a TPM doesn't require TCG-compliant firmware. The system BIOS or UEFI firmware (for TPM and non-TPM computers) must support the USB mass storage device class, including reading small files on a USB flash drive in the pre-operating system environment. > [!IMPORTANT] -> From Windows 7, you can encrypt an OS drive without a TPM and USB flash drive. For this procedure, see [Tip of the Day: Bitlocker without TPM or USB](https://social.technet.microsoft.com/Forums/en-US/eac2cc67-8442-42db-abad-2ed173879751/bitlocker-without-tpm?forum=win10itprosetup). +> From Windows 7, an OS drive can be encrypted without a TPM and USB flash drive. For this procedure, see [Tip of the Day: Bitlocker without TPM or USB](https://social.technet.microsoft.com/Forums/en-US/eac2cc67-8442-42db-abad-2ed173879751/bitlocker-without-tpm?forum=win10itprosetup). > [!NOTE] > TPM 2.0 is not supported in Legacy and Compatibility Support Module (CSM) modes of the BIOS. Devices with TPM 2.0 must have their BIOS mode configured as native UEFI only. The Legacy and CSM options must be disabled. For added security, enable the secure boot feature. @@ -72,34 +73,30 @@ The system BIOS or UEFI firmware (for TPM and non-TPM computers) must support th The hard disk must be partitioned with at least two drives: - The operating system drive (or boot drive) contains the operating system and its support files. It must be formatted with the NTFS file system. -- The system drive contains the files that are needed to load Windows after the firmware has prepared the system hardware. BitLocker is not enabled on this drive. For BitLocker to work, the system drive must not be encrypted, must differ from the operating system drive, and must be formatted with the FAT32 file system on computers that use UEFI-based firmware or with the NTFS file system on computers that use BIOS firmware. We recommend that system drive be approximately 350 MB in size. After BitLocker is turned on, it should have approximately 250 MB of free space. +- The system drive contains the files that are needed to load Windows after the firmware has prepared the system hardware. BitLocker isn't enabled on this drive. For BitLocker to work, the system drive must not be encrypted, must differ from the operating system drive, and must be formatted with the FAT32 file system on computers that use UEFI-based firmware or with the NTFS file system on computers that use BIOS firmware. It's recommend that system drive be approximately 350 MB in size. After BitLocker is turned on, it should have approximately 250 MB of free space. When installed on a new computer, Windows automatically creates the partitions that are required for BitLocker. -A partition subject to encryption cannot be marked as an active partition (this applies to the operating system, fixed data, and removable data drives). +A partition subject to encryption can't be marked as an active partition. This requirement applies to the operating system drives, fixed data drives, and removable data drives. - -When installing the BitLocker optional component on a server, you will also need to install the Enhanced Storage feature, which is used to support hardware encrypted drives. +When installing the BitLocker optional component on a server, the Enhanced Storage feature also needs to be installed. The Enhanced Storage feature is used to support hardware encrypted drives. ## In this section -| Topic | Description | +| Article | Description | | - | - | -| [Overview of BitLocker Device Encryption in Windows 10](bitlocker-device-encryption-overview-windows-10.md) | This topic provides an overview of the ways in which BitLocker Device Encryption can help protect data on devices running Windows 10. | -| [BitLocker frequently asked questions (FAQ)](bitlocker-frequently-asked-questions.yml) | This topic answers frequently asked questions concerning the requirements to use, upgrade, deploy and administer, and key management policies for BitLocker.| -| [Prepare your organization for BitLocker: Planning and policies](prepare-your-organization-for-bitlocker-planning-and-policies.md)| This topic explains the procedure you can use to plan your BitLocker deployment. | -| [BitLocker basic deployment](bitlocker-basic-deployment.md) | This topic explains how BitLocker features can be used to protect your data through drive encryption. | -| [BitLocker: How to deploy on Windows Server](bitlocker-how-to-deploy-on-windows-server.md)| This topic explains how to deploy BitLocker on Windows Server.| -| [BitLocker: How to enable Network Unlock](bitlocker-how-to-enable-network-unlock.md) | This topic describes how BitLocker Network Unlock works and how to configure it. | -| [BitLocker: Use BitLocker Drive Encryption Tools to manage BitLocker](bitlocker-use-bitlocker-drive-encryption-tools-to-manage-bitlocker.md)| This topic describes how to use tools to manage BitLocker.| -| [BitLocker: Use BitLocker Recovery Password Viewer](bitlocker-use-bitlocker-recovery-password-viewer.md) | This topic describes how to use the BitLocker Recovery Password Viewer. | -| [BitLocker Group Policy settings](bitlocker-group-policy-settings.md) | This topic describes the function, location, and effect of each group policy setting that is used to manage BitLocker. | -| [BCD settings and BitLocker](bcd-settings-and-bitlocker.md) | This topic describes the BCD settings that are used by BitLocker.| -| [BitLocker Recovery Guide](bitlocker-recovery-guide-plan.md)| This topic describes how to recover BitLocker keys from AD DS. | +| [Overview of BitLocker Device Encryption in Windows 10](bitlocker-device-encryption-overview-windows-10.md) | This article provides an overview of the ways in which BitLocker Device Encryption can help protect data on devices running Windows 10. | +| [BitLocker frequently asked questions (FAQ)](bitlocker-frequently-asked-questions.yml) | This article answers frequently asked questions concerning the requirements to use, upgrade, deploy and administer, and key management policies for BitLocker.| +| [Prepare your organization for BitLocker: Planning and policies](prepare-your-organization-for-bitlocker-planning-and-policies.md)| This article explains the procedure you can use to plan your BitLocker deployment. | +| [BitLocker basic deployment](bitlocker-basic-deployment.md) | This article explains how BitLocker features can be used to protect your data through drive encryption. | +| [BitLocker: How to deploy on Windows Server](bitlocker-how-to-deploy-on-windows-server.md)| This article explains how to deploy BitLocker on Windows Server.| +| [BitLocker: How to enable Network Unlock](bitlocker-how-to-enable-network-unlock.md) | This article describes how BitLocker Network Unlock works and how to configure it. | +| [BitLocker: Use BitLocker Drive Encryption Tools to manage BitLocker](bitlocker-use-bitlocker-drive-encryption-tools-to-manage-bitlocker.md)| This article describes how to use tools to manage BitLocker.| +| [BitLocker: Use BitLocker Recovery Password Viewer](bitlocker-use-bitlocker-recovery-password-viewer.md) | This article describes how to use the BitLocker Recovery Password Viewer. | +| [BitLocker Group Policy settings](bitlocker-group-policy-settings.md) | This article describes the function, location, and effect of each group policy setting that is used to manage BitLocker. | +| [BCD settings and BitLocker](bcd-settings-and-bitlocker.md) | This article describes the BCD settings that are used by BitLocker.| +| [BitLocker Recovery Guide](bitlocker-recovery-guide-plan.md)| This article describes how to recover BitLocker keys from AD DS. | | [Protect BitLocker from pre-boot attacks](./bitlocker-countermeasures.md)| This detailed guide helps you understand the circumstances under which the use of pre-boot authentication is recommended for devices running Windows 10, Windows 8.1, Windows 8, or Windows 7; and when it can be safely omitted from a device's configuration. | | [Troubleshoot BitLocker](troubleshoot-bitlocker.md) | This guide describes the resources that can help you troubleshoot BitLocker issues, and provides solutions for several common BitLocker issues. | -| [Protecting cluster shared volumes and storage area networks with BitLocker](protecting-cluster-shared-volumes-and-storage-area-networks-with-bitlocker.md)| This topic describes how to protect CSVs and SANs with BitLocker.| -| [Enabling Secure Boot and BitLocker Device Encryption on Windows IoT Core](/windows/iot-core/secure-your-device/SecureBootAndBitLocker) | This topic describes how to use BitLocker with Windows IoT Core | - - - +| [Protecting cluster shared volumes and storage area networks with BitLocker](protecting-cluster-shared-volumes-and-storage-area-networks-with-bitlocker.md)| This article describes how to protect CSVs and SANs with BitLocker.| +| [Enabling Secure Boot and BitLocker Device Encryption on Windows IoT Core](/windows/iot-core/secure-your-device/SecureBootAndBitLocker) | This article describes how to use BitLocker with Windows IoT Core | diff --git a/windows/security/information-protection/bitlocker/bitlocker-recovery-guide-plan.md b/windows/security/information-protection/bitlocker/bitlocker-recovery-guide-plan.md index 2dce6b6818..ffac549533 100644 --- a/windows/security/information-protection/bitlocker/bitlocker-recovery-guide-plan.md +++ b/windows/security/information-protection/bitlocker/bitlocker-recovery-guide-plan.md @@ -26,260 +26,308 @@ ms.custom: bitlocker This article describes how to recover BitLocker keys from AD DS. -Organizations can use BitLocker recovery information saved in Active Directory Domain Services (AD DS) to access BitLocker-protected data. It's recommended to create a recovery model for BitLocker while you are planning your BitLocker deployment. +Organizations can use BitLocker recovery information saved in Active Directory Domain Services (AD DS) to access BitLocker-protected data. It's recommended to create a recovery model for BitLocker while planning for BitLocker deployment. -This article assumes that you understand how to set up AD DS to back up BitLocker recovery information automatically, and what types of recovery information are saved to AD DS. +This article assumes that it's understood how to set up AD DS to back up BitLocker recovery information automatically, and what types of recovery information are saved to AD DS. -This article does not detail how to configure AD DS to store the BitLocker recovery information. +This article doesn't detail how to configure AD DS to store the BitLocker recovery information. +## What is BitLocker recovery? -## What is BitLocker recovery? +BitLocker recovery is the process by which access can be restored to a BitLocker-protected drive if the drive can't be unlocked normally. In a recovery scenario, the following options to restore access to the drive are available: -BitLocker recovery is the process by which you can restore access to a BitLocker-protected drive in the event that you cannot unlock the drive normally. In a recovery scenario, you have the following options to restore access to the drive: +- **The user can supply the recovery password.** If the organization allows users to print or store recovery passwords, the users can enter in the 48-digit recovery password that they printed or stored on a USB drive or with a Microsoft account online. Saving a recovery password with a Microsoft account online is only allowed when BitLocker is used on a PC that isn't a member of a domain. -- **The user can supply the recovery password.** If your organization allows users to print or store recovery passwords, the users can type in the 48-digit recovery password that they printed or stored on a USB drive or with your Microsoft account online. (Saving a recovery password with your Microsoft account online is only allowed when BitLocker is used on a PC that is not a member of a domain). - **Data recovery agents can use their credentials to unlock the drive.** If the drive is an operating system drive, the drive must be mounted as a data drive on another computer for the data recovery agent to unlock it. -- **A domain administrator can obtain the recovery password from AD DS and use it to unlock the drive.** Storing recovery passwords in AD DS is recommended to provide a way for IT professionals to be able to obtain recovery passwords for drives in their organization if needed. This method makes it mandatory for you to enable this recovery method in the BitLocker group policy setting **Choose how BitLocker-protected operating system drives can be recovered** located at **Computer Configuration\\Administrative Templates\\Windows Components\\BitLocker Drive Encryption\\Operating System Drives** in the Local Group Policy Editor. For more information, see [BitLocker Group Policy settings](bitlocker-group-policy-settings.md). + +- **A domain administrator can obtain the recovery password from AD DS and use it to unlock the drive.** Storing recovery passwords in AD DS is recommended to provide a way for IT professionals to be able to obtain recovery passwords for drives in an organization if needed. This method makes it mandatory to enable this recovery method in the BitLocker group policy setting **Choose how BitLocker-protected operating system drives can be recovered** located at **Computer Configuration** > **Administrative Templates** > **Windows Components** > **BitLocker Drive Encryption** > **Operating System Drives** in the Local Group Policy Editor. For more information, see [BitLocker Group Policy settings](bitlocker-group-policy-settings.md). ### What causes BitLocker recovery? The following list provides examples of specific events that will cause BitLocker to enter recovery mode when attempting to start the operating system drive: - On PCs that use BitLocker Drive Encryption, or on devices such as tablets or phones that use [BitLocker Device Encryption](bitlocker-device-encryption-overview-windows-10.md) only, when an attack is detected, the device will immediately reboot and enter into BitLocker recovery mode. To take advantage of this functionality, administrators can set the **Interactive logon: Machine account lockout threshold** Group Policy setting located in **\\Computer Configuration\\Windows Settings\\Security Settings\\Local Policies\\Security Options** in the Local Group Policy Editor. Or they can use the **MaxFailedPasswordAttempts** policy of [Exchange ActiveSync](/Exchange/clients/exchange-activesync/exchange-activesync) (also configurable through [Microsoft Intune](/mem/intune)), to limit the number of failed password attempts before the device goes into Device Lockout. -- On devices with TPM 1.2, changing the BIOS or firmware boot device order causes BitLocker recovery. However, devices with TPM 2.0 do not start BitLocker recovery in this case. TPM 2.0 does not consider a firmware change of boot device order as a security threat because the OS Boot Loader is not compromised. + +- On devices with TPM 1.2, changing the BIOS or firmware boot device order causes BitLocker recovery. However, devices with TPM 2.0 don't start BitLocker recovery in this case. TPM 2.0 doesn't consider a firmware change of boot device order as a security threat because the OS Boot Loader isn't compromised. + - Having the CD or DVD drive before the hard drive in the BIOS boot order and then inserting or removing a CD or DVD. + - Failing to boot from a network drive before booting from the hard drive. -- Docking or undocking a portable computer. In some instances (depending on the computer manufacturer and the BIOS), the docking condition of the portable computer is part of the system measurement and must be consistent to validate the system status and unlock BitLocker. So if a portable computer is connected to its docking station when BitLocker is turned on, then it might also need to be connected to the docking station when it is unlocked. Conversely, if a portable computer is not connected to its docking station when BitLocker is turned on, then it might need to be disconnected from the docking station when it is unlocked. + +- Docking or undocking a portable computer. In some instances (depending on the computer manufacturer and the BIOS), the docking condition of the portable computer is part of the system measurement and must be consistent to validate the system status and unlock BitLocker. So if a portable computer is connected to its docking station when BitLocker is turned on, then it might also need to be connected to the docking station when it's unlocked. Conversely, if a portable computer isn't connected to its docking station when BitLocker is turned on, then it might need to be disconnected from the docking station when it's unlocked. + - Changes to the NTFS partition table on the disk including creating, deleting, or resizing a primary partition. + - Entering the personal identification number (PIN) incorrectly too many times so that the anti-hammering logic of the TPM is activated. Anti-hammering logic is software or hardware methods that increase the difficulty and cost of a brute force attack on a PIN by not accepting PIN entries until after a certain amount of time has passed. -- Turning off the support for reading the USB device in the pre-boot environment from the BIOS or UEFI firmware if you are using USB-based keys instead of a TPM. + +- Turning off the support for reading the USB device in the pre-boot environment from the BIOS or UEFI firmware if using USB-based keys instead of a TPM. + - Turning off, disabling, deactivating, or clearing the TPM. + - Upgrading critical early startup components, such as a BIOS or UEFI firmware upgrade, causing the related boot measurements to change. + - Forgetting the PIN when PIN authentication has been enabled. + - Updating option ROM firmware. + - Upgrading TPM firmware. + - Adding or removing hardware; for example, inserting a new card in the computer, including some PCMIA wireless cards. + - Removing, inserting, or completely depleting the charge on a smart battery on a portable computer. + - Changes to the master boot record on the disk. + - Changes to the boot manager on the disk. -- Hiding the TPM from the operating system. Some BIOS or UEFI settings can be used to prevent the enumeration of the TPM to the operating system. When implemented, this option can make the TPM hidden from the operating system. When the TPM is hidden, BIOS and UEFI secure startup are disabled, and the TPM does not respond to commands from any software. -- Using a different keyboard that does not correctly enter the PIN or whose keyboard map does not match the keyboard map assumed by the pre-boot environment. This problem can prevent the entry of enhanced PINs. + +- Hiding the TPM from the operating system. Some BIOS or UEFI settings can be used to prevent the enumeration of the TPM to the operating system. When implemented, this option can make the TPM hidden from the operating system. When the TPM is hidden, BIOS and UEFI secure startup are disabled, and the TPM doesn't respond to commands from any software. + +- Using a different keyboard that doesn't correctly enter the PIN or whose keyboard map doesn't match the keyboard map assumed by the pre-boot environment. This problem can prevent the entry of enhanced PINs. + - Modifying the Platform Configuration Registers (PCRs) used by the TPM validation profile. For example, including **PCR\[1\]** would result in BitLocker measuring most changes to BIOS settings, causing BitLocker to enter recovery mode even when non-boot critical BIOS settings change. > [!NOTE] > Some computers have BIOS settings that skip measurements to certain PCRs, such as **PCR\[2\]**. Changing this setting in the BIOS would cause BitLocker to enter recovery mode because the PCR measurement will be different. - Moving the BitLocker-protected drive into a new computer. + - Upgrading the motherboard to a new one with a new TPM. + - Losing the USB flash drive containing the startup key when startup key authentication has been enabled. + - Failing the TPM self-test. -- Having a BIOS, UEFI firmware, or an option ROM component that is not compliant with the relevant Trusted Computing Group standards for a client computer. For example, a non-compliant implementation may record volatile data (such as time) in the TPM measurements, causing different measurements on each startup and causing BitLocker to start in recovery mode. + +- Having a BIOS, UEFI firmware, or an option ROM component that isn't compliant with the relevant Trusted Computing Group standards for a client computer. For example, a non-compliant implementation may record volatile data (such as time) in the TPM measurements, causing different measurements on each startup and causing BitLocker to start in recovery mode. + - Changing the usage authorization for the storage root key of the TPM to a non-zero value. > [!NOTE] > The BitLocker TPM initialization process sets the usage authorization value to zero, so another user or process must explicitly have changed this value. - Disabling the code integrity check or enabling test signing on Windows Boot Manager (Bootmgr). + - Pressing the F8 or F10 key during the boot process. + - Adding or removing add-in cards (such as video or network cards), or upgrading firmware on add-in cards. + - Using a BIOS hot key during the boot process to change the boot order to something other than the hard drive. - > [!NOTE] -> Before you begin recovery, we recommend that you determine what caused recovery. This might help prevent the problem from occurring again in the future. For instance, if you determine that an attacker has modified your computer by obtaining physical access, you can create new security policies for tracking who has physical presence. After the recovery password has been used to recover access to the PC, BitLocker reseals the encryption key to the current values of the measured components. - -For planned scenarios, such as a known hardware or firmware upgrades, you can avoid initiating recovery by temporarily suspending BitLocker protection. Because suspending BitLocker leaves the drive fully encrypted, the administrator can quickly resume BitLocker protection after the planned task has been completed. Using suspend and resume also reseals the encryption key without requiring the entry of the recovery key. +> Before beginning recovery, it is recommend to determine what caused recovery. This might help prevent the problem from occurring again in the future. For instance, if it is determined that an attacker has modified the computer by obtaining physical access, new security policies can be created for tracking who has physical presence. After the recovery password has been used to recover access to the PC, BitLocker reseals the encryption key to the current values of the measured components. + +For planned scenarios, such as a known hardware or firmware upgrades, initiating recovery can be avoided by temporarily suspending BitLocker protection. Because suspending BitLocker leaves the drive fully encrypted, the administrator can quickly resume BitLocker protection after the planned task has been completed. Using suspend and resume also reseals the encryption key without requiring the entry of the recovery key. > [!NOTE] > If suspended BitLocker will automatically resume protection when the PC is rebooted, unless a reboot count is specified using the manage-bde command line tool. -If software maintenance requires the computer to be restarted and you are using two-factor authentication, you can enable BitLocker network unlock feature to provide the secondary authentication factor when the computers do not have an on-premises user to provide the additional authentication method. +If software maintenance requires the computer to be restarted and two-factor authentication is being used, the BitLocker network unlock feature can be enabled to provide the secondary authentication factor when the computers don't have an on-premises user to provide the additional authentication method. -Recovery has been described within the context of unplanned or undesired behavior, but you can also cause recovery as an intended production scenario, in order to manage access control. For example, when you redeploy desktop or laptop computers to other departments or employees in your enterprise, you can force BitLocker into recovery before the computer is given to a new user. +Recovery has been described within the context of unplanned or undesired behavior. However, recovery can also be caused as an intended production scenario, for example in order to manage access control. When desktop or laptop computers are redeployed to other departments or employees in the enterprise, BitLocker can be forced into recovery before the computer is given to a new user. -## Testing recovery +## Testing recovery -Before you create a thorough BitLocker recovery process, we recommend that you test how the recovery process works for both end users (people who call your helpdesk for the recovery password) and administrators (people who help the end user get the recovery password). The -forcerecovery command of manage-bde is an easy way for you to step through the recovery process before your users encounter a recovery situation. +Before a thorough BitLocker recovery process is created, it's recommended to test how the recovery process works for both end users (people who call the helpdesk for the recovery password) and administrators (people who help the end user get the recovery password). The `-forcerecovery` command of `manage-bde.exe` is an easy way to step through the recovery process before users encounter a recovery situation. **To force a recovery for the local computer:** -1. Select the **Start** button, type **cmd** in the **Start Search** box, and select and hold **cmd.exe**, and then select **Run as administrator**. -2. At the command prompt, type the following command and then press **ENTER**: +1. Select the **Start** button and type in **cmd** - `manage-bde.exe -forcerecovery ` +2. Right select on **cmd.exe** or **Command Prompt** and then select **Run as administrator**. + +3. At the command prompt, enter the following command: + + ``` syntax + manage-bde.exe -forcerecovery + ``` **To force recovery for a remote computer:** -1. On the Start screen, type **cmd.exe**, and then select **Run as administrator**. +1. Select the **Start** button and type in **cmd** -2. At the command prompt, type the following command and then press **ENTER**: +2. Right select on **cmd.exe** or **Command Prompt** and then select **Run as administrator**. - `manage-bde.exe -ComputerName -forcerecovery ` +3. At the command prompt, enter the following command: + + ``` syntax + manage-bde.exe -ComputerName -forcerecovery + ``` > [!NOTE] > Recovery triggered by `-forcerecovery` persists for multiple restarts until a TPM protector is added or protection is suspended by the user. When using Modern Standby devices (such as Surface devices), the `-forcerecovery` option is not recommended because BitLocker will have to be unlocked and disabled manually from the WinRE environment before the OS can boot up again. For more information, see [BitLocker Troubleshooting: Continuous reboot loop with BitLocker recovery on a slate device](https://social.technet.microsoft.com/wiki/contents/articles/18671.bitlocker-troubleshooting-continuous-reboot-loop-with-bitlocker-recovery-on-a-slate-device.aspx). +## Planning the recovery process -## Planning your recovery process - -When planning the BitLocker recovery process, first consult your organization's current best practices for recovering sensitive information. For example: How does your enterprise handle lost Windows passwords? How does your organization perform smart card PIN resets? You can use these best practices and related resources (people and tools) to help formulate a BitLocker recovery model. +When planning the BitLocker recovery process, first consult the organization's current best practices for recovering sensitive information. For example: How does the enterprise handle lost Windows passwords? How does the organization perform smart card PIN resets? These best practices and related resources (people and tools) can be used to help formulate a BitLocker recovery model. Organizations that rely on BitLocker Drive Encryption and BitLocker To Go to protect data on a large number of computers and removable drives running the Windows 11, Windows 10, Windows 8, or Windows 7 operating systems and Windows to Go should consider using the Microsoft BitLocker Administration and Monitoring (MBAM) Tool version 2.0, which is included in the Microsoft Desktop Optimization Pack (MDOP) for Microsoft Software Assurance. MBAM makes BitLocker implementations easier to deploy and manage and allows administrators to provision and monitor encryption for operating system and fixed drives. MBAM prompts the user before encrypting fixed drives. MBAM also manages recovery keys for fixed and removable drives, making recovery easier to manage. MBAM can be used as part of a Microsoft System Center deployment or as a stand-alone solution. For more info, see [Microsoft BitLocker Administration and Monitoring](/microsoft-desktop-optimization-pack/mbam-v25/). -After a BitLocker recovery has been initiated, users can use a recovery password to unlock access to encrypted data. Consider both self-recovery and recovery password retrieval methods for your organization. +After a BitLocker recovery has been initiated, users can use a recovery password to unlock access to encrypted data. Consider both self-recovery and recovery password retrieval methods for the organization. -When you determine your recovery process, you should: +When the recovery process is determined: -- Become familiar with how you can retrieve the recovery password. See: +- Become familiar with how a recovery password can be retrieved. See: - - [Self-recovery](#bkmk-selfrecovery) - - [Recovery password retrieval](#bkmk-recoveryretrieval) + - [Self-recovery](#self-recovery) + - [Recovery password retrieval](#recovery-password-retrieval) - Determine a series of steps for post-recovery, including analyzing why the recovery occurred and resetting the recovery password. See: - - [Post-recovery analysis](#bkmk-planningpostrecovery) + - [Post-recovery analysis](#post-recovery-analysis) +### Self-recovery -### Self-recovery +In some cases, users might have the recovery password in a printout or a USB flash drive and can perform self-recovery. It's recommended that the organization creates a policy for self-recovery. If self-recovery includes using a password or recovery key stored on a USB flash drive, the users must be warned not to store the USB flash drive in the same place as the PC, especially during travel. For example, if both the PC and the recovery items are in the same bag it would be easy for access to be gained to the PC by an unauthorized user. Another policy to consider is having users contact the Helpdesk before or after performing self-recovery so that the root cause can be identified. -In some cases, users might have the recovery password in a printout or a USB flash drive and can perform self-recovery. We recommend that your organization creates a policy for self-recovery. If self-recovery includes using a password or recovery key stored on a USB flash drive, the users must be warned not to store the USB flash drive in the same place as the PC, especially during travel. For example, if both the PC and the recovery items are in the same bag it would be very easy for access to be gained to the PC by an unauthorized user. Another policy to consider is having users contact the Helpdesk before or after performing self-recovery so that the root cause can be identified. +### Recovery password retrieval -### Recovery password retrieval - -If the user does not have a recovery password in a printout or on a USB flash drive, the user will need to be able to retrieve the recovery password from an online source. If the PC is a member of a domain, the recovery password can be backed up to AD DS. However, this does not happen by default; you must have configured the appropriate group policy settings before BitLocker was enabled on the PC. BitLocker group policy settings can be found in the Local Group Policy Editor or the Group Policy Management Console (GPMC) under **Computer Configuration\\Administrative Templates\\Windows Components\\BitLocker Drive Encryption**. The following policy settings define the recovery methods that can be used to restore access to a BitLocker-protected drive if an authentication method fails or is unable to be used. +If the user doesn't have a recovery password printed or on a USB flash drive, the user will need to be able to retrieve the recovery password from an online source. If the PC is a member of a domain, the recovery password can be backed up to AD DS. **However, back up of the recovery password to AD DS does not happen by default.** Backup of the recovery password to AD DS has to be configured via the appropriate group policy settings **before** BitLocker was enabled on the PC. BitLocker group policy settings can be found in the Local Group Policy Editor or the Group Policy Management Console (GPMC) under **Computer Configuration** > **Administrative Templates** > **Windows Components** > **BitLocker Drive Encryption**. The following policy settings define the recovery methods that can be used to restore access to a BitLocker-protected drive if an authentication method fails or is unable to be used. - **Choose how BitLocker-protected operating system drives can be recovered** + - **Choose how BitLocker-protected fixed drives can be recovered** + - **Choose how BitLocker-protected removable drives can be recovered** + In each of these policies, select **Save BitLocker recovery information to Active Directory Domain Services** and then choose which BitLocker recovery information to store in AD DS. Check the **Do not enable BitLocker until recovery information is stored in AD -DS** check box if you want to prevent users from enabling BitLocker unless the computer is connected to the domain and the backup of BitLocker recovery information for the drive to AD DS succeeds. +DS** check box if it's desired to prevent users from enabling BitLocker unless the computer is connected to the domain and the backup of BitLocker recovery information for the drive to AD DS succeeds. > [!NOTE] -> If the PCs are part of a workgroup, users are advised to save their BitLocker recovery password with their Microsoft account online. Having an online copy of your BitLocker recovery password is recommended to help ensure that you do not lose access to your data in the event of a recovery being required. - +> If the PCs are part of a workgroup, users are advised to save their BitLocker recovery password with their Microsoft account online. Having an online copy of the BitLocker recovery password is recommended to help ensure access to data is not lost in the event of a recovery being required. + The BitLocker Recovery Password Viewer for Active Directory Users and Computers tool allows domain administrators to view BitLocker recovery passwords for specific computer objects in Active Directory. -You can use the following list as a template for creating your own recovery process for recovery password retrieval. This sample process uses the BitLocker Recovery Password Viewer for Active Directory Users and Computers tool. +The following list can be used as a template for creating a recovery process for recovery password retrieval. This sample process uses the BitLocker Recovery Password Viewer for Active Directory Users and Computers tool. -- [Record the name of the user's computer](#bkmk-recordcomputername) -- [Verify the user's identity](#bkmk-verifyidentity) -- [Locate the recovery password in AD DS](#bkmk-locatepassword) -- [Gather information to determine why recovery occurred](#bkmk-gatherinfo) -- [Give the user the recovery password](#bkmk-givepassword) +- [Record the name of the user's computer](#record-the-name-of-the-users-computer) +- [Verify the user's identity](#verify-the-users-identity) +- [Locate the recovery password in AD DS](#locate-the-recovery-password-in-ad-ds) +- [Gather information to determine why recovery occurred](#gather-information-to-determine-why-recovery-occurred) +- [Give the user the recovery password](#give-the-user-the-recovery-password) +### Record the name of the user's computer -### Record the name of the user's computer +The name of the user's computer can be used to locate the recovery password in AD DS. If the user doesn't know the name of the computer, ask the user to read the first word of the **Drive Label** in the **BitLocker Drive Encryption Password Entry** user interface. This word is the computer name when BitLocker was enabled and is probably the current name of the computer. -You can use the name of the user's computer to locate the recovery password in AD DS. If the user does not know the name of the computer, ask the user to read the first word of the **Drive Label** in the **BitLocker Drive Encryption Password Entry** user interface. This is the computer name when BitLocker was enabled and is probably the current name of the computer. +### Verify the user's identity +The person who is asking for the recovery password should be verified as the authorized user of that computer. It should also be verified whether the computer for which the user provided the name belongs to the user. -### Verify the user's identity - -You should verify whether the person who is asking for the recovery password is truly the authorized user of that computer. You may also wish to verify whether the computer for which the user provided the name belongs to the user. - -### Locate the recovery password in AD DS - -Locate the computer object with the matching name in AD DS. Because computer object names are listed in the AD DS global catalog, you should be able to locate the object even if you have a multi-domain forest. +### Locate the recovery password in AD DS +Locate the computer object with the matching name in AD DS. Because computer object names are listed in the AD DS global catalog, the object should be able to be located even if it's a multi-domain forest. ### Multiple recovery passwords If multiple recovery passwords are stored under a computer object in AD DS, the name of the BitLocker recovery information object includes the date on which the password was created. -If at any time you are unsure about the password to be provided, or if you think you might be providing the incorrect password, ask the user to read the 8-character password ID that is displayed in the recovery console. +To make sure the correct password is provided and/or to prevent providing the incorrect password, ask the user to read the eight character password ID that is displayed in the recovery console. Since the password ID is a unique value that is associated with each recovery password stored in AD DS, running a query using this ID finds the correct password to unlock the encrypted volume. +### Gather information to determine why recovery occurred -### Gather information to determine why recovery occurred +Before giving the user the recovery password, information should be gatherer that will help determine why the recovery was needed. This information can be used to analyze the root cause during the post-recovery analysis. For more information about post-recovery analysis, see [Post-recovery analysis](#post-recovery-analysis). -Before you give the user the recovery password, you should gather any information that will help determine why the recovery was needed, in order to analyze the root cause during the post-recovery analysis. For more information about post-recovery analysis, see [Post-recovery analysis](#bkmk-planningpostrecovery). +### Give the user the recovery password - -### Give the user the recovery password - -Because the recovery password is 48 digits long, the user may need to record the password by writing it down or typing it on a different computer. If you are using MBAM, the recovery password will be regenerated after it is recovered from the MBAM database to avoid the security risks associated with an uncontrolled password. +Because the recovery password is 48 digits long, the user may need to record the password by writing it down or typing it on a different computer. If using MBAM or Configuration Manager BitLocker Management, the recovery password will be regenerated after it's recovered from the MBAM or Configuration Manager database to avoid the security risks associated with an uncontrolled password. > [!NOTE] > Because the 48-digit recovery password is long and contains a combination of digits, the user might mishear or mistype the password. The boot-time recovery console uses built-in checksum numbers to detect input errors in each 6-digit block of the 48-digit recovery password, and offers the user the opportunity to correct such errors. -### Post-recovery analysis +### Post-recovery analysis -When a volume is unlocked using a recovery password, an event is written to the event log and the platform validation measurements are reset in the TPM to match the current configuration. Unlocking the volume means that the encryption key has been released and is ready for on-the-fly encryption when data is written to the volume, and on-the-fly decryption when data is read from the volume. After the volume is unlocked, BitLocker behaves the same way, regardless of how the access was granted. +When a volume is unlocked using a recovery password, an event is written to the event log, and the platform validation measurements are reset in the TPM to match the current configuration. Unlocking the volume means that the encryption key has been released and is ready for on-the-fly encryption when data is written to the volume, and on-the-fly decryption when data is read from the volume. After the volume is unlocked, BitLocker behaves the same way, regardless of how the access was granted. -If you notice that a computer is having repeated recovery password unlocks, you might want to have an administrator perform post-recovery analysis to determine the root cause of the recovery and refresh BitLocker platform validation so that the user no longer needs to enter a recovery password each time that the computer starts up. See: +If it's noticed that a computer is having repeated recovery password unlocks, an administrator might want to perform post-recovery analysis to determine the root cause of the recovery, and refresh BitLocker platform validation so that the user no longer needs to enter a recovery password each time that the computer starts up. For more information, see: -- [Determine the root cause of the recovery](#bkmk-determinecause) -- [Refresh BitLocker protection](#bkmk-refreshprotection) +- [Determine the root cause of the recovery](#determine-the-root-cause-of-the-recovery) +- [Resolve the root cause](#resolve-the-root-cause) -### Determine the root cause of the recovery +### Determine the root cause of the recovery -If a user needed to recover the drive, it is important to determine the root cause that initiated the recovery as soon as possible. Properly analyzing the state of the computer and detecting tampering may reveal threats that have broader implications for enterprise security. +If a user needed to recover the drive, it's important to determine the root cause that initiated the recovery as soon as possible. Properly analyzing the state of the computer and detecting tampering may reveal threats that have broader implications for enterprise security. While an administrator can remotely investigate the cause of recovery in some cases, the end user might need to bring the computer that contains the recovered drive on site to analyze the root cause further. -Review and answer the following questions for your organization: +Review and answer the following questions for the organization: 1. Which BitLocker protection mode is in effect (TPM, TPM + PIN, TPM + startup key, startup key only)? Which PCR profile is in use on the PC? + 2. Did the user merely forget the PIN or lose the startup key? If a token was lost, where might the token be? + 3. If TPM mode was in effect, was recovery caused by a boot file change? + 4. If recovery was caused by a boot file change, is the boot file change due to an intended user action (for example, BIOS upgrade), or a malicious software? + 5. When was the user last able to start the computer successfully, and what might have happened to the computer since then? + 6. Might the user have encountered malicious software or left the computer unattended since the last successful startup? -To help you answer these questions, use the BitLocker command-line tool to view the current configuration and protection mode (for example, **manage-bde -status**). Scan the event log to find events that help indicate why recovery was initiated (for example, if a boot file change occurred). Both of these capabilities can be performed remotely. +To help answer these questions, use the BitLocker command-line tool to view the current configuration and protection mode: -### Resolve the root cause +``` syntax +manage-bde.exe -status +``` -After you have identified what caused recovery, you can reset BitLocker protection and avoid recovery on every startup. +Scan the event log to find events that help indicate why recovery was initiated (for example, if a boot file change occurred). Both of these capabilities can be performed remotely. -The details of this reset can vary according to the root cause of the recovery. If you cannot determine the root cause, or if a malicious software or a rootkit might have infected the computer, Helpdesk should apply best-practice virus policies to react appropriately. +### Resolve the root cause + +After it has been identified what caused recovery, BitLocker protection can be reset to avoid recovery on every startup. + +The details of this reset can vary according to the root cause of the recovery. If root cause can't be determined, or if a malicious software or a rootkit might have infected the computer, Helpdesk should apply best-practice virus policies to react appropriately. > [!NOTE] -> You can perform a BitLocker validation profile reset by suspending and resuming BitLocker. +> BitLocker validation profile reset can be performed by suspending and resuming BitLocker. -- [Unknown PIN](#bkmk-unknownpin) -- [Lost startup key](#bkmk-loststartup) -- [Changes to boot files](#bkmk-changebootknown) +- [Unknown PIN](#unknown-pin) +- [Lost startup key](#lost-startup-key) +- [Changes to boot files](#changes-to-boot-files) +### Unknown PIN -### Unknown PIN +If a user has forgotten the PIN, the PIN must be reset while signed on to the computer in order to prevent BitLocker from initiating recovery each time the computer is restarted. -If a user has forgotten the PIN, you must reset the PIN while you are logged on to the computer in order to prevent BitLocker from initiating recovery each time the computer is restarted. - -**To prevent continued recovery due to an unknown PIN** +#### To prevent continued recovery due to an unknown PIN 1. Unlock the computer using the recovery password. + 2. Reset the PIN: + 1. Select and hold the drive and then select **Change PIN** - 2. In the BitLocker Drive Encryption dialog, select **Reset a forgotten PIN**. If you are not logged in with an administrator account, you must provide administrative credentials at this time. + + 2. In the BitLocker Drive Encryption dialog, select **Reset a forgotten PIN**. If the signed in account isn't an administrator account, administrative credentials must be provided at this time. + 3. In the PIN reset dialog, provide and confirm the new PIN to be used and then select **Finish**. -3. You will use the new PIN the next time you unlock the drive. -### Lost startup key +3. The new PIN can be used the next time the drive needs to be unlocked. -If you have lost the USB flash drive that contains the startup key, then you must unlock the drive by using the recovery key and then create a new startup key. +### Lost startup key -**To prevent continued recovery due to a lost startup key** +If the USB flash drive that contains the startup key has been lost, then drive must be unlocked by using the recovery key. A new startup can then be created. + +#### To prevent continued recovery due to a lost startup key + +1. Sign in as an administrator to the computer that has its startup key lost. -1. Log on as an administrator to the computer that has its startup key lost. 2. Open Manage BitLocker. -3. Select **Duplicate start up key**, insert the clean USB drive on which you are going to write the key, and then select **Save**. -### Changes to boot files +3. Select **Duplicate start up key**, insert the clean USB drive where the key will be written, and then select **Save**. -This error occurs if you updated the firmware. As a best practice, you should suspend BitLocker before making changes to the firmware and then resume protection after the update has completed. This prevents the computer from going into recovery mode. However, if changes were made when BitLocker protection was on, you can simply log on to the computer using the recovery password and the platform validation profile will be updated so that recovery will not occur the next time. +### Changes to boot files + +This error occurs if the firmware is updated. As a best practice, BitLocker should be suspended before making changes to the firmware. Protection should then be resumed after the firmware update has completed. Suspending BitLocker prevents the computer from going into recovery mode. However, if changes were made when BitLocker protection was on, the recovery password can be used to unlock the drive and the platform validation profile will be updated so that recovery won't occur the next time. ## Windows RE and BitLocker Device Encryption -Windows Recovery Environment (RE) can be used to recover access to a drive protected by [BitLocker Device Encryption](bitlocker-device-encryption-overview-windows-10.md). If a PC is unable to boot after two failures, Startup Repair automatically starts. When Startup Repair is launched automatically due to boot failures, it executes only operating system and driver file repairs, provided that the boot logs or any available crash dump points to a specific corrupted file. In Windows 8.1 and later versions, devices that include firmware to support specific TPM measurements for PCR\[7\] **the TPM** can validate that Windows RE is a trusted operating environment and unlock any BitLocker-protected drives if Windows RE has not been modified. If the Windows RE environment has been modified, for example, the TPM has been disabled, the drives stay locked until the BitLocker recovery key is provided. If Startup Repair is not able to be run automatically from the PC and instead, Windows RE is manually started from a repair disk, the BitLocker recovery key must be provided to unlock the BitLocker-protected drives. +Windows Recovery Environment (RE) can be used to recover access to a drive protected by [BitLocker Device Encryption](bitlocker-device-encryption-overview-windows-10.md). If a PC is unable to boot after two failures, Startup Repair automatically starts. When Startup Repair is launched automatically due to boot failures, it executes only operating system and driver file repairs if the boot logs or any available crash dump points to a specific corrupted file. In Windows 8.1 and later versions, devices that include firmware to support specific TPM measurements for PCR\[7\] **the TPM** can validate that Windows RE is a trusted operating environment and unlock any BitLocker-protected drives if Windows RE hasn't been modified. If the Windows RE environment has been modified, for example, the TPM has been disabled, the drives stay locked until the BitLocker recovery key is provided. If Startup Repair isn't able to run automatically from the PC and instead, Windows RE is manually started from a repair disk, the BitLocker recovery key must be provided to unlock the BitLocker-protected drives. -Windows RE will also ask for your BitLocker recovery key when you start a "Remove everything" reset from Windows RE on a device that uses the "TPM + PIN" or "Password for OS drive" protector. If you start BitLocker recovery on a keyboardless device with TPM-only protection, Windows RE, not the boot manager, will ask for the BitLocker recovery key. After you enter the key, you can access Windows RE troubleshooting tools or start Windows normally. +Windows RE will also ask for a BitLocker recovery key when a **Remove everything** reset from Windows RE is started on a device that uses **TPM + PIN** or **Password for OS drive** protectors. If BitLocker recovery is started on a keyboardless device with TPM-only protection, Windows RE, not the boot manager, will ask for the BitLocker recovery key. After the key is entered, Windows RE troubleshooting tools can be accessed, or Windows can be started normally. -The BitLocker recovery screen that's shown by Windows RE has the accessibility tools like narrator and on-screen keyboard to help you enter your BitLocker recovery key. If the BitLocker recovery key is requested by the Windows boot manager, those tools might not be available. +The BitLocker recovery screen that's shown by Windows RE has the accessibility tools like narrator and on-screen keyboard to help enter the BitLocker recovery key. If the BitLocker recovery key is requested by the Windows boot manager, those tools might not be available. -To activate the narrator during BitLocker recovery in Windows RE, press **Windows** + **CTRL** + **Enter**. -To activate the on-screen keyboard, tap on a text input control. +To activate the narrator during BitLocker recovery in Windows RE, press **Windows** + **CTRL** + **Enter**. To activate the on-screen keyboard, tap on a text input control. :::image type="content" source="images/bl-narrator.png" alt-text="A screenshot of the BitLocker recovery screen showing Narrator activated."::: @@ -287,26 +335,25 @@ To activate the on-screen keyboard, tap on a text input control. During BitLocker recovery, Windows displays a custom recovery message and a few hints that identify where a key can be retrieved from. These improvements can help a user during BitLocker recovery. - ### Custom recovery message -BitLocker Group Policy settings in Windows 10, version 1511, or Windows 11, let you configure a custom recovery message and URL on the BitLocker recovery screen, which can include the address of the BitLocker self-service recovery portal, the IT internal website, or a phone number for support. +BitLocker Group Policy settings in Windows 10, version 1511, or Windows 11, allows configuring a custom recovery message and URL on the BitLocker recovery screen. The custom recovery message and URL can include the address of the BitLocker self-service recovery portal, the IT internal website, or a phone number for support. This policy can be configured using GPO under **Computer Configuration** > **Administrative Templates** > **Windows Components** > **BitLocker Drive Encryption** > **Operating System Drives** > **Configure pre-boot recovery message and URL**. -It can also be configured using Intune mobile device management (MDM) in the BitLocker CSP: -*\./Device/Vendor/MSFT/BitLocker/SystemDrivesRecoveryMessage\* +It can also be configured using mobile device management (MDM), including in Intune, using the [BitLocker CSP](/windows/client-management/mdm/bitlocker-csp): + +**`./Device/Vendor/MSFT/BitLocker/SystemDrivesRecoveryMessage`** ![Custom URL.](./images/bl-intune-custom-url.png) -Example of customized recovery screen: +Example of a customized recovery screen: ![Customized BitLocker Recovery Screen.](./images/bl-password-hint1.png) - ### BitLocker recovery key hints -BitLocker metadata has been enhanced in Windows 10, version 1903 or Windows 11 to include information about when and where the BitLocker recovery key was backed up. This information is not exposed through the UI or any public API. It is used solely by the BitLocker recovery screen in the form of hints to help a user locate a volume's recovery key. Hints are displayed on the recovery screen and refer to the location where the key has been saved. Hints are displayed on both the modern (blue) and legacy (black) recovery screen. This applies to both the boot manager recovery screen and the WinRE unlock screen. +BitLocker metadata has been enhanced in Windows 10, version 1903 or Windows 11 to include information about when and where the BitLocker recovery key was backed up. This information isn't exposed through the UI or any public API. It's used solely by the BitLocker recovery screen in the form of hints to help a user locate a volume's recovery key. Hints are displayed on the recovery screen and refer to the location where the key has been saved. Hints are displayed on both the modern (blue) and legacy (black) recovery screen. The hints apply to both the boot manager recovery screen and the WinRE unlock screen. ![Customized BitLocker recovery screen.](./images/bl-password-hint2.png) @@ -316,15 +363,22 @@ BitLocker metadata has been enhanced in Windows 10, version 1903 or Windows 11 t There are rules governing which hint is shown during the recovery (in the order of processing): 1. Always display custom recovery message if it has been configured (using GPO or MDM). -2. Always display generic hint: "For more information, go to https://aka.ms/recoverykeyfaq." -3. If multiple recovery keys exist on the volume, prioritize the last-created (and successfully backed up) recovery key. -4. Prioritize keys with successful backup over keys that have never been backed up. -5. Prioritize backup hints in the following order for remote backup locations: **Microsoft Account > Azure AD > Active Directory**. -6. If a key has been printed and saved to file, display a combined hint, "Look for a printout or a text file with the key," instead of two separate hints. -7. If multiple backups of the same type (remove vs. local) have been performed for the same recovery key, prioritize backup info with latest backed-up date. -8. There is no specific hint for keys saved to an on-premises Active Directory. In this case, a custom message (if configured) or a generic message, "Contact your organization's help desk," is displayed. -9. If two recovery keys are present on the disk, but only one has been successfully backed up, the system asks for a key that has been backed up, even if another key is newer. +2. Always display generic hint: `For more information, go to https://aka.ms/recoverykeyfaq.` + +3. If multiple recovery keys exist on the volume, prioritize the last-created (and successfully backed up) recovery key. + +4. Prioritize keys with successful backup over keys that have never been backed up. + +5. Prioritize backup hints in the following order for remote backup locations: **Microsoft Account > Azure AD > Active Directory**. + +6. If a key has been printed and saved to file, display a combined hint, "Look for a printout or a text file with the key," instead of two separate hints. + +7. If multiple backups of the same type (remove vs. local) have been performed for the same recovery key, prioritize backup info with latest backed-up date. + +8. There's no specific hint for keys saved to an on-premises Active Directory. In this case, a custom message (if configured) or a generic message, "Contact your organization's help desk," is displayed. + +9. If two recovery keys are present on the disk, but only one has been successfully backed up, the system asks for a key that has been backed up, even if another key is newer. #### Example 1 (single recovery key with single backup) @@ -336,12 +390,10 @@ There are rules governing which hint is shown during the recovery (in the order | Printed | No | | Saved to file | No | - **Result:** The hints for the Microsoft account and custom URL are displayed. ![Example 1 of Customized BitLocker recovery screen.](./images/rp-example1.png) - #### Example 2 (single recovery key with single backup) | Custom URL | Yes | @@ -356,7 +408,6 @@ There are rules governing which hint is shown during the recovery (in the order ![Example 2 of customized BitLocker recovery screen.](./images/rp-example2.png) - #### Example 3 (single recovery key with multiple backups) | Custom URL | No | @@ -371,7 +422,6 @@ There are rules governing which hint is shown during the recovery (in the order ![Example 3 of customized BitLocker recovery screen.](./images/rp-example3.png) - #### Example 4 (multiple recovery passwords) | Custom URL | No | @@ -401,7 +451,6 @@ There are rules governing which hint is shown during the recovery (in the order ![Example 4 of customized BitLocker recovery screen.](./images/rp-example4.png) - #### Example 5 (multiple recovery passwords) | Custom URL | No | @@ -414,9 +463,6 @@ There are rules governing which hint is shown during the recovery (in the order | Creation time | **1PM** | | Key ID | 99631A34 | -  -  - | Custom URL | No | |----------------------|-----------------| | Saved to Microsoft Account | No | @@ -431,72 +477,83 @@ There are rules governing which hint is shown during the recovery (in the order ![Example 5 of customized BitLocker recovery screen.](./images/rp-example5.png) - -## Using additional recovery information +## Using additional recovery information Besides the 48-digit BitLocker recovery password, other types of recovery information are stored in Active Directory. This section describes how this additional information can be used. - ### BitLocker key package -If the recovery methods discussed earlier in this document do not unlock the volume, you can use the BitLocker Repair tool to decrypt the volume at the block level. The tool uses the BitLocker key package to help recover encrypted data from severely damaged drives. You can then use this recovered data to salvage encrypted data, even after the correct recovery password has failed to unlock the damaged volume. We recommend that you still save the recovery password. A key package cannot be used without the corresponding recovery password. +If the recovery methods discussed earlier in this document don't unlock the volume, the BitLocker Repair tool can be used to decrypt the volume at the block level. The tool uses the BitLocker key package to help recover encrypted data from severely damaged drives. The recovered data can then be used to salvage encrypted data, even after the correct recovery password has failed to unlock the damaged volume. It's recommended to still save the recovery password. A key package can't be used without the corresponding recovery password. > [!NOTE] -> You must use the BitLocker Repair tool **repair-bde** to use the BitLocker key package. +> The BitLocker Repair tool `repair-bde.exe` must be used to use the BitLocker key package. -The BitLocker key package is not saved by default. To save the package along with the recovery password in AD DS you must select the **Backup recovery password and key package** option in the group policy settings that control the recovery method. You can also export the key package from a working volume. For more details on how to export key packages, see [Retrieving the BitLocker Key Package](#bkmk-appendixc). +The BitLocker key package isn't saved by default. To save the package along with the recovery password in AD DS, the **Backup recovery password and key package** option must be selected in the group policy settings that control the recovery method. The key package can also be exported from a working volume. For more information on how to export key packages, see [Retrieving the BitLocker Key Package](#retrieving-the-bitlocker-key-package). -## Resetting recovery passwords +## Resetting recovery passwords -You must invalidate a recovery password after it has been provided and used, and when you intentionally want to invalidate an existing recovery password for any reason. +It's recommended to invalidate a recovery password after it has been provided and used. The recovery password can be invalidated when it has been provided and used or for any other valid reason. -You can reset the recovery password in two ways: +The recovery password and be invalidated and reset in two ways: -- **Use manage-bde**: You can use manage-bde to remove the old recovery password and add a new recovery password. The procedure identifies the command and the syntax for this method. -- **Run a script**: You can run a script to reset the password without decrypting the volume. The sample script in the procedure illustrates this functionality. The sample script creates a new recovery password and invalidates all other passwords. +- **Use `manage-bde.exe`**: `manage-bde.exe` can be used to remove the old recovery password and add a new recovery password. The procedure identifies the command and the syntax for this method. -**To reset a recovery password using manage-bde:** +- **Run a script**: A script can be run to reset the password without decrypting the volume. The sample script in the procedure illustrates this functionality. The sample script creates a new recovery password and invalidates all other passwords. + +### Resetting a recovery password using `manage-bde.exe` 1. Remove the previous recovery password. - ```powershell - Manage-bde -protectors -delete C: -type RecoveryPassword + ``` syntax + `manage-bde.exe` -protectors -delete C: -type RecoveryPassword ``` + 2. Add the new recovery password. - ```powershell - Manage-bde -protectors -add C: -RecoveryPassword + ``` syntax + `manage-bde.exe` -protectors -add C: -RecoveryPassword ``` + 3. Get the ID of the new recovery password. From the screen, copy the ID of the recovery password. - ```powershell - Manage-bde -protectors -get C: -Type RecoveryPassword + ``` syntax + `manage-bde.exe` -protectors -get C: -Type RecoveryPassword ``` + 4. Back up the new recovery password to AD DS. - ```powershell - Manage-bde -protectors -adbackup C: -id {EXAMPLE6-5507-4924-AA9E-AFB2EB003692} + ``` syntax + `manage-bde.exe` -protectors -adbackup C: -id {EXAMPLE6-5507-4924-AA9E-AFB2EB003692} ``` > [!WARNING] - > You must include the braces in the ID string. + > The braces `{}` must be included in the ID string. -**To run the sample recovery password script:** +### Running the sample recovery password script to reset the recovery passwords -1. Save the following sample script in a VBScript file. For example: ResetPassword.vbs. -2. At the command prompt, type a command similar to the following: +1. Save the following sample script in a VBScript file. For example: - **cscript ResetPassword.vbs** + `ResetPassword.vbs`. + +2. At the command prompt, enter the following command:: + + ``` syntax + cscript.exe ResetPassword.vbs + ``` > [!IMPORTANT] - > This sample script is configured to work only for the C volume. You must customize the script to match the volume where you want to test password reset. + > This sample script is configured to work only for the C volume. If necessary, customize the script to match the volume where the password reset needs to be tested. > [!NOTE] -> To manage a remote computer, you must specify the remote computer name rather than the local computer name. +> To manage a remote computer, specify the remote computer name rather than the local computer name. -You can use the following sample VBScript to reset the recovery passwords: +The following sample VBScript can be used to reset the recovery passwords: -```vb +
    +
    + Expand to view sample recovery password VBscript to reset the recovery passwords + +``` vb ' Target drive letter strDriveLetter = "c:" ' Target computer name @@ -564,29 +621,38 @@ Next WScript.Echo "A new recovery password has been added. Old passwords have been removed." ' - some advanced output (hidden) 'WScript.Echo "" -'WScript.Echo "Type ""manage-bde -protectors -get " & strDriveLetter & " -type recoverypassword"" to view existing passwords." +'WScript.Echo "Type ""manage-bde.exe -protectors -get " & strDriveLetter & " -type recoverypassword"" to view existing passwords." ``` +
    -## Retrieving the BitLocker key package +## Retrieving the BitLocker key package -You can use two methods to retrieve the key package, as described in [Using Additional Recovery Information](#bkmk-usingaddrecovery): +Two methods can be used to retrieve the key package as described in [Using Additional Recovery Information](#using-additional-recovery-information): -- **Export a previously saved key package from AD DS.** You must have Read access to BitLocker recovery passwords that are stored in AD DS. -- **Export a new key package from an unlocked, BitLocker-protected volume.** You must have local administrator access to the working volume, before any damage has occurred. +- **Export a previously saved key package from AD DS.** Read access is required to BitLocker recovery passwords that are stored in AD DS. -The following sample script exports all previously saved key packages from AD DS. +- **Export a new key package from an unlocked, BitLocker-protected volume.** Local administrator access to the working volume is required before any damage occurred to the volume. -**To run the sample key package retrieval script:** +### Running the sample key package retrieval script that exports all previously saved key packages from AD DS -1. Save the following sample script in a VBScript file. For example: GetBitLockerKeyPackageADDS.vbs. -2. At the command prompt, type a command similar to the following sample script: +The following steps and sample script exports all previously saved key packages from AD DS. - **cscript GetBitLockerKeyPackageADDS.vbs -?** +1. Save the following sample script in a VBScript file. For example: `GetBitLockerKeyPackageADDS.vbs`. -You can use the following sample script to create a VBScript file to retrieve the BitLocker key package from AD DS: +2. At the command prompt, enter a command similar to the following sample script: -```vb + ``` syntax + cscript.exe GetBitLockerKeyPackageADDS.vbs -? + ``` + +The following sample script can be used to create a VBScript file to retrieve the BitLocker key package from AD DS: + +
    +
    + Expand to view sample key package retrieval VBscript that exports all previously saved key packages from AD DS + +``` vb ' -------------------------------------------------------------------------------- ' Usage ' -------------------------------------------------------------------------------- @@ -724,16 +790,25 @@ End Function WScript.Quit ``` -The following sample script exports a new key package from an unlocked, encrypted volume. +
    -**To run the sample key package retrieval script:** +### Running the sample key package retrieval script that exports a new key package from an unlocked, encrypted volume -1. Save the following sample script in a VBScript file. For example: GetBitLockerKeyPackage.vbs -2. Open an administrator command prompt, and then type a command similar to the following sample script: +The following steps and sample script exports a new key package from an unlocked, encrypted volume. - **cscript GetBitLockerKeyPackage.vbs -?** +1. Save the following sample script in a VBScript file. For example: `GetBitLockerKeyPackage.vbs` -```vb +2. Open an administrator command prompt, and then enter a command similar to the following sample script: + + ``` syntax + cscript.exe GetBitLockerKeyPackage.vbs -? + ``` + +
    +
    + Expand to view sample VBscript that exports a new key package from an unlocked, encrypted volume + +``` vb ' -------------------------------------------------------------------------------- ' Usage ' -------------------------------------------------------------------------------- @@ -826,7 +901,7 @@ End If ' Fail case: no recovery key protectors exist. If strDefaultKeyProtectorID = "" Then WScript.Echo "FAILURE: Cannot create backup key package because no recovery passwords or recovery keys exist. Check that BitLocker protection is on for this drive." -WScript.Echo "For help adding recovery passwords or recovery keys, type ""manage-bde -protectors -add -?""." +WScript.Echo "For help adding recovery passwords or recovery keys, enter ""manage-bde.exe -protectors -add -?""." WScript.Quit -1 End If End If @@ -886,7 +961,7 @@ End If WScript.Echo "Save this recovery password: " & sNumericalPassword ElseIf nDefaultKeyProtectorType = nExternalKeyProtectorType Then WScript.Echo "The saved key file is named " & strDefaultKeyProtectorID & ".BEK" -WScript.Echo "For help re-saving this external key file, type ""manage-bde -protectors -get -?""" +WScript.Echo "For help re-saving this external key file, enter ""manage-bde.exe -protectors -get -?""" End If '---------------------------------------------------------------------------------------- ' Utility functions to save binary data @@ -911,7 +986,8 @@ Function BinaryToString(Binary) End Function ``` +
    -## See also +## Related articles - [BitLocker overview](bitlocker-overview.md) From 3e29812b628dbcef885bc9104afb19dda9a7c637 Mon Sep 17 00:00:00 2001 From: Frank Rojas <45807133+frankroj@users.noreply.github.com> Date: Mon, 14 Nov 2022 21:12:06 -0500 Subject: [PATCH 044/129] Metadata/style update BitLocker 11 --- .../bitlocker-recovery-guide-plan.md | 2 +- .../bitlocker-recovery-loop-break.md | 22 ++- .../bitlocker/bitlocker-security-faq.yml | 6 +- .../bitlocker/bitlocker-to-go-faq.yml | 2 +- .../bitlocker/bitlocker-upgrading-faq.yml | 8 +- ...ve-encryption-tools-to-manage-bitlocker.md | 147 ++++++++++-------- ...-use-bitlocker-recovery-password-viewer.md | 46 +++--- ...itlocker-using-with-other-programs-faq.yml | 42 ++--- 8 files changed, 151 insertions(+), 124 deletions(-) diff --git a/windows/security/information-protection/bitlocker/bitlocker-recovery-guide-plan.md b/windows/security/information-protection/bitlocker/bitlocker-recovery-guide-plan.md index ffac549533..7010d9abe6 100644 --- a/windows/security/information-protection/bitlocker/bitlocker-recovery-guide-plan.md +++ b/windows/security/information-protection/bitlocker/bitlocker-recovery-guide-plan.md @@ -358,7 +358,7 @@ BitLocker metadata has been enhanced in Windows 10, version 1903 or Windows 11 t ![Customized BitLocker recovery screen.](./images/bl-password-hint2.png) > [!IMPORTANT] -> We don't recommend printing recovery keys or saving them to a file. Instead, use Active Directory backup or a cloud-based backup. Cloud-based backup includes Azure Active Directory (Azure AD) and Microsoft account. +> It is not recommend to print recovery keys or saving them to a file. Instead, use Active Directory backup or a cloud-based backup. Cloud-based backup includes Azure Active Directory (Azure AD) and Microsoft account. There are rules governing which hint is shown during the recovery (in the order of processing): diff --git a/windows/security/information-protection/bitlocker/bitlocker-recovery-loop-break.md b/windows/security/information-protection/bitlocker/bitlocker-recovery-loop-break.md index 7609dbd837..61522933c7 100644 --- a/windows/security/information-protection/bitlocker/bitlocker-recovery-loop-break.md +++ b/windows/security/information-protection/bitlocker/bitlocker-recovery-loop-break.md @@ -17,19 +17,27 @@ ms.technology: itpro-security # Breaking out of a BitLocker recovery loop -Sometimes, following a crash, you might be unable to successfully boot into your operating system, due to the recovery screen repeatedly prompting you to enter your recovery key. This experience can be frustrating. +Sometimes, following a crash, the operating system might not be able to successful boot due to the recovery screen repeatedly prompting to enter a recovery key. This experience can be frustrating. -If you've entered the correct BitLocker recovery key multiple times, and are still unable to continue past the initial recovery screen, follow these steps to break out of the loop. +If the correct BitLocker recovery key has been entered multiple times but are unable to continue past the initial recovery screen, follow these steps to break out of the loop: > [!NOTE] -> Try these steps only after you have restarted your device at least once. +> Try these steps only after the device has been restarted at least once. -1. On the initial recovery screen, don't enter your recovery key, instead, select **Skip this drive**. +1. On the initial recovery screen, don't enter The recovery key. Instead, select **Skip this drive**. 2. Navigate to **Troubleshoot** > **Advanced options**, and select **Command prompt**. -3. From the WinRE command prompt, manually unlock your drive: `manage-bde.exe -unlock C: -rp ` +3. From the WinRE command prompt, manually unlock the drive with the following command: -4. Suspend operating system drive protection: `manage-bde.exe -protectors -disable C:` +``` syntax +manage-bde.exe -unlock C: -rp +``` -5. Once the last command is run, you can exit the command prompt and continue to boot into your operating system. +4. Suspend the protection on the operating system with the following command: + +``` syntax +manage-bde.exe -protectors -disable C: +``` + +5. Once the command is run, exit the command prompt and continue to boot into the operating system. diff --git a/windows/security/information-protection/bitlocker/bitlocker-security-faq.yml b/windows/security/information-protection/bitlocker/bitlocker-security-faq.yml index 8e44cfb597..6a6cdc9974 100644 --- a/windows/security/information-protection/bitlocker/bitlocker-security-faq.yml +++ b/windows/security/information-protection/bitlocker/bitlocker-security-faq.yml @@ -37,17 +37,17 @@ sections: - question: | What is the best practice for using BitLocker on an operating system drive? answer: | - The recommended practice for BitLocker configuration on an operating system drive is to implement BitLocker on a computer with a TPM version 1.2 or higher, and a Trusted Computing Group (TCG)-compliant BIOS or UEFI firmware implementation, along with a PIN. By requiring a PIN that was set by the user in addition to the TPM validation, a malicious user that has physical access to the computer cannot simply start the computer. + The recommended practice for BitLocker configuration on an operating system drive is to implement BitLocker on a computer with a TPM version 1.2 or higher, and a Trusted Computing Group (TCG)-compliant BIOS or UEFI firmware implementation, along with a PIN. By requiring a PIN that was set by the user in addition to the TPM validation, a malicious user that has physical access to the computer can't start the computer. - question: | What are the implications of using the sleep or hibernate power management options? answer: | - BitLocker on operating system drives in its basic configuration (with a TPM but without other startup authentication) provides extra security for the hibernate mode. However, BitLocker provides greater security when it is configured to use another startup authentication factor (TPM+PIN, TPM+USB, or TPM+PIN+USB) with the hibernate mode. This method is more secure because returning from hibernation requires authentication. In sleep mode, the computer is vulnerable to direct memory access attacks, since it remains unprotected data in RAM. Therefore, for improved security, we recommend disabling sleep mode and that you use TPM+PIN for the authentication method. Startup authentication can be configured by using [Group Policy](./bitlocker-group-policy-settings.md) or Mobile Device Management with the [BitLocker CSP](/windows/client-management/mdm/bitlocker-csp). + BitLocker on operating system drives in its basic configuration (with a TPM but without other startup authentication) provides extra security for the hibernate mode. However, BitLocker provides greater security when it's configured to use another startup authentication factor (TPM+PIN, TPM+USB, or TPM+PIN+USB) with the hibernate mode. This method is more secure because returning from hibernation requires authentication. In sleep mode, the computer is vulnerable to direct memory access attacks, since unprotected data remains in RAM. Therefore, for improved security, it's recommended to disable sleep mode and to use TPM+PIN for the authentication method. Startup authentication can be configured by using [Group Policy](./bitlocker-group-policy-settings.md) or Mobile Device Management with the [BitLocker CSP](/windows/client-management/mdm/bitlocker-csp). - question: | What are the advantages of a TPM? answer: | - Most operating systems use a shared memory space and rely on the operating system to manage physical memory. A TPM is a hardware component that uses its own internal firmware and logic circuits for processing instructions, thus shielding it from external software vulnerabilities. Attacking the TPM requires physical access to the computer. Additionally, the tools and skills necessary to attack hardware are often more expensive, and usually are not as available as the ones used to attack software. And because each TPM is unique to the computer that contains it, attacking multiple TPM computers would be difficult and time-consuming. + Most operating systems use a shared memory space and rely on the operating system to manage physical memory. A TPM is a hardware component that uses its own internal firmware and logic circuits for processing instructions, thus shielding it from external software vulnerabilities. Attacking the TPM requires physical access to the computer. Additionally, the tools and skills necessary to attack hardware are often more expensive, and usually aren't as available as the ones used to attack software. And because each TPM is unique to the computer that contains it, attacking multiple TPM computers would be difficult and time-consuming. > [!NOTE] > Configuring BitLocker with an additional factor of authentication provides even more protection against TPM hardware attacks. diff --git a/windows/security/information-protection/bitlocker/bitlocker-to-go-faq.yml b/windows/security/information-protection/bitlocker/bitlocker-to-go-faq.yml index f4eef062e3..a1532c98f9 100644 --- a/windows/security/information-protection/bitlocker/bitlocker-to-go-faq.yml +++ b/windows/security/information-protection/bitlocker/bitlocker-to-go-faq.yml @@ -37,4 +37,4 @@ sections: Drive partitioning must meet the [BitLocker Drive Encryption Partitioning Requirements](/windows-hardware/manufacture/desktop/bitlocker-drive-encryption#bitlocker-drive-encryption-partitioning-requirements). - As with BitLocker, you can open drives that are encrypted by BitLocker To Go by using a password or smart card on another computer. In Control Panel, use **BitLocker Drive Encryption**. + As with BitLocker, drives that are encrypted by BitLocker To Go can be opened by using a password or smart card on another computer. In Control Panel, use **BitLocker Drive Encryption**. diff --git a/windows/security/information-protection/bitlocker/bitlocker-upgrading-faq.yml b/windows/security/information-protection/bitlocker/bitlocker-upgrading-faq.yml index 2bf97935b0..f0557ad08a 100644 --- a/windows/security/information-protection/bitlocker/bitlocker-upgrading-faq.yml +++ b/windows/security/information-protection/bitlocker/bitlocker-upgrading-faq.yml @@ -45,12 +45,12 @@ sections: No user action is required for BitLocker in order to apply updates from Microsoft, including [Windows quality updates and feature updates](/windows/deployment/update/waas-quick-start). Users need to suspend BitLocker for Non-Microsoft software updates, such as: - - Some TPM firmware updates if these updates clear the TPM outside of the Windows API. Not every TPM firmware update will clear the TPM and this happens if a known vulnerability has been discovered in the TPM firmware. Users don't have to suspend BitLocker if the TPM firmware update uses Windows API to clear the TPM because in this case, BitLocker will be automatically suspended. We recommend users testing their TPM firmware updates if they don't want to suspend BitLocker protection. + - Some TPM firmware updates if these updates clear the TPM outside of the Windows API. Not every TPM firmware update will clear the TPM. Users don't have to suspend BitLocker if the TPM firmware update uses Windows API to clear the TPM because in this case, BitLocker will be automatically suspended. It's recommended that users test their TPM firmware updates if they don't want to suspend BitLocker protection. - Non-Microsoft application updates that modify the UEFI\BIOS configuration. - Manual or third-party updates to secure boot databases (only if BitLocker uses Secure Boot for integrity validation). - - Updates to UEFI\BIOS firmware, installation of additional UEFI drivers, or UEFI applications without using the Windows update mechanism (only if you update and BitLocker does not use Secure Boot for integrity validation). - - You can check if BitLocker uses Secure Boot for integrity validation with manage-bde -protectors -get C: (and see if "Uses Secure Boot for integrity validation" is reported). + - Updates to UEFI\BIOS firmware, installation of additional UEFI drivers, or UEFI applications without using the Windows update mechanism (only if BitLocker doesn't use Secure Boot for integrity validation during updates). + - BitLocker can be checked if it uses Secure Boot for integrity validation with the command line `manage-bde.exe -protectors -get C:`. If Secure Boot for integrity validation is being used, it will be report **Uses Secure Boot for integrity validation**. > [!NOTE] - > If you have suspended BitLocker, you can resume BitLocker protection after you have installed the upgrade or update. Upon resuming protection, BitLocker will reseal the encryption key to the new values of the measured components that changed as a part of the upgrade or update. If these types of upgrades or updates are applied without suspending BitLocker, your computer will enter recovery mode when restarting and will require a recovery key or password to access the computer. + > If BitLocker has been suspended, BitLocker protection can be resumed after the upgrade or update has been installed. Upon resuming protection, BitLocker will reseal the encryption key to the new values of the measured components that changed as a part of the upgrade or update. If these types of upgrades or updates are applied without suspending BitLocker, the computer will enter recovery mode when restarting and will require a recovery key or password to access the computer. diff --git a/windows/security/information-protection/bitlocker/bitlocker-use-bitlocker-drive-encryption-tools-to-manage-bitlocker.md b/windows/security/information-protection/bitlocker/bitlocker-use-bitlocker-drive-encryption-tools-to-manage-bitlocker.md index e80b224dba..1b45a3384a 100644 --- a/windows/security/information-protection/bitlocker/bitlocker-use-bitlocker-drive-encryption-tools-to-manage-bitlocker.md +++ b/windows/security/information-protection/bitlocker/bitlocker-use-bitlocker-drive-encryption-tools-to-manage-bitlocker.md @@ -32,96 +32,108 @@ Both manage-bde and the BitLocker cmdlets can be used to perform any task that c Repair-bde is a special circumstance tool that is provided for disaster recovery scenarios in which a BitLocker protected drive can't be unlocked normally or using the recovery console. -1. [Manage-bde](#bkmk-managebde) -2. [Repair-bde](#bkmk-repairbde) -3. [BitLocker cmdlets for Windows PowerShell](#bkmk-blcmdlets) +1. [Manage-bde](#manage-bde) +2. [Repair-bde](#repair-bde) +3. [BitLocker cmdlets for Windows PowerShell](#bitlocker-cmdlets-for-windows-powershell) -## Manage-bde +## Manage-bde -Manage-bde is a command-line tool that can be used for scripting BitLocker operations. Manage-bde offers additional options not displayed in the BitLocker control panel. For a complete list of the manage-bde options, see the [Manage-bde](/previous-versions/windows/it-pro/windows-server-2012-R2-and-2012/ff829849(v=ws.11)) command-line reference. +Manage-bde is a command-line tool that can be used for scripting BitLocker operations. Manage-bde offers additional options not displayed in the BitLocker control panel. For a complete list of the `manage-bde.exe` options, see the [Manage-bde](/previous-versions/windows/it-pro/windows-server-2012-R2-and-2012/ff829849(v=ws.11)) command-line reference. Manage-bde includes fewer default settings and requires greater customization for configuring BitLocker. For example, using just the `manage-bde.exe -on` command on a data volume will fully encrypt the volume without any authenticating protectors. A volume encrypted in this manner still requires user interaction to turn on BitLocker protection, even though the command successfully completed because an authentication method needs to be added to the volume for it to be fully protected. The following sections provide examples of common usage scenarios for manage-bde. ### Using manage-bde with operating system volumes -Listed below are examples of basic valid commands for operating system volumes. In general, using only the `manage-bde.exe -on ` command will encrypt the operating system volume with a TPM-only protector and no recovery key. However, many environments require more secure protectors such as passwords or PIN and expect to be able to recover information with a recovery key. We recommend that you add at least one primary protector and a recovery protector to an operating system volume. +Listed below are examples of basic valid commands for operating system volumes. In general, using only the `manage-bde.exe -on ` command will encrypt the operating system volume with a TPM-only protector and no recovery key. However, many environments require more secure protectors such as passwords or PIN and expect information recovery with a recovery key. It's recommended to add at least one primary protector plus a recovery protector to an operating system volume. -A good practice when using manage-bde is to determine the volume status on the target system. Use the following command to determine volume status: +A good practice when using `manage-bde.exe` is to determine the volume status on the target system. Use the following command to determine volume status: -```powershell -manage-bde -status +``` syntax +manage-bde.exe -status ``` This command returns the volumes on the target, current encryption status, encryption method, and volume type (operating system or data) for each volume: ![Using manage-bde to check encryption status.](images/manage-bde-status.png) -The following example illustrates enabling BitLocker on a computer without a TPM chip. Before beginning the encryption process, you must create the startup key needed for BitLocker and save it to the USB drive. When BitLocker is enabled for the operating system volume, the BitLocker will need to access the USB flash drive to obtain the encryption key (in this example, the drive letter E represents the USB drive). You will be prompted to reboot to complete the encryption process. +The following example illustrates enabling BitLocker on a computer without a TPM chip. Before beginning the encryption process, the startup key needed for BitLocker must be created and saved to a USB drive. When BitLocker is enabled for the operating system volume, BitLocker will need to access the USB flash drive to obtain the encryption key. In this example, the drive letter E represents the USB drive. Once the commands are run, it will prompt to reboot the computer to complete the encryption process. -```powershell -manage-bde -protectors -add C: -startupkey E: -manage-bde -on C: +``` syntax +manage-bde.exe -protectors -add C: -startupkey E: +manage-bde.exe -on C: ``` > [!NOTE] > After the encryption is completed, the USB startup key must be inserted before the operating system can be started. - -An alternative to the startup key protector on non-TPM hardware is to use a password and an **ADaccountorgroup** protector to protect the operating system volume. In this scenario, you would add the protectors first. To add them, use this command: -```powershell -manage-bde -protectors -add C: -pw -sid +An alternative to the startup key protector on non-TPM hardware is to use a password and an **ADaccountorgroup** protector to protect the operating system volume. In this scenario, the protectors are added first. To add the protectors, enter the following command: + +``` syntax +manage-bde.exe -protectors -add C: -pw -sid ``` -This command will require you to enter and then confirm the password protector before adding them to the volume. With the protectors enabled on the volume, you can then turn on BitLocker. +The above command will require the password protector to be entered and confirmed before adding them to the volume. With the protectors enabled on the volume, BitLocker can then be turned on. -On computers with a TPM, it's possible to encrypt the operating system volume without any defined protectors using manage-bde. Use this command: +On computers with a TPM, it's possible to encrypt the operating system volume without defining any protectors using `manage-bde.exe`. To enable BitLocker on a computer with a TPM without defining any protectors, enter the following command: -```powershell -manage-bde -on C: +``` syntax +manage-bde.exe -on C: ``` -This command encrypts the drive using the TPM as the default protector. If you aren't sure if a TPM protector is available, to list the protectors available for a volume, run the following command: +The above command encrypts the drive using the TPM as the default protector. If verify if a TPM protector is available, the list of protectors available for a volume can be listed by running the following command: -```powershell - manage-bde -protectors -get +``` syntax + manage-bde.exe -protectors -get ``` + ### Using manage-bde with data volumes -Data volumes use the same syntax for encryption as operating system volumes but they don't require protectors for the operation to complete. Encrypting data volumes can be done using the base command: `manage-bde.exe -on ` or you can choose to add additional protectors to the volume first. We recommend that you add at least one primary protector and a recovery protector to a data volume. +Data volumes use the same syntax for encryption as operating system volumes but they don't require protectors for the operation to complete. Encrypting data volumes can be done using the base command: -A common protector for a data volume is the password protector. In the example below, we add a password protector to the volume and turn on BitLocker. +`manage-bde.exe -on ` -```powershell -manage-bde -protectors -add -pw C: -manage-bde -on C: +or additional protectors can be added to the volume first. It's recommended to add at least one primary protector plus a recovery protector to a data volume. + +A common protector for a data volume is the password protector. In the example below, a password protector is added to the volume and then BitLocker is turned on. + +``` syntax +manage-bde.exe -protectors -add -pw C: +manage-bde.exe -on C: ``` -## Repair-bde +## Repair-bde -You may experience a problem that damages an area of a hard disk on which BitLocker stores critical information. This kind of problem may be caused by a hard disk failure or if Windows exits unexpectedly. +Hard disk areas on which BitLocker stores critical information could be damaged, for example, when a hard disk fails or if Windows exits unexpectedly. -The BitLocker Repair Tool (Repair-bde) can be used to access encrypted data on a severely damaged hard disk if the drive was encrypted by using BitLocker. Repair-bde can reconstruct critical parts of the drive and salvage recoverable data as long as a valid recovery password or recovery key is used to decrypt the data. If the BitLocker metadata data on the drive has become corrupt, you must be able to supply a backup key package in addition to the recovery password or recovery key. This key package is backed up in Active Directory Domain Services (AD DS) if you used the default setting for AD DS backup. With this key package and either the recovery password or recovery key, you can decrypt portions of a BitLocker-protected drive if the disk is corrupted. Each key package will work only for a drive that has the corresponding drive identifier. You can use the BitLocker Recovery Password Viewer to obtain this key package from AD DS. +The BitLocker Repair Tool (Repair-bde) can be used to access encrypted data on a severely damaged hard disk if the drive was encrypted with BitLocker. Repair-bde can reconstruct critical parts of the drive and salvage recoverable data as long as a valid recovery password or recovery key is used to decrypt the data. If the BitLocker metadata data on the drive has become corrupt, the backup key package in addition to the recovery password or recovery key must be supplied. This key package is backed up in Active Directory Domain Services (AD DS) if the default settings for AD DS backup are used. With this key package and either the recovery password or recovery key, portions of a corrupted BitLocker-protected drive can be decrypted. Each key package will work only for a drive that has the corresponding drive identifier. The BitLocker Recovery Password Viewer can be used to obtain this key package from AD DS. > [!TIP] -> If you aren't backing up recovery information to AD DS or if you want to save key packages alternatively, you can use the command `manage-bde.exe -KeyPackage` to generate a key package for a volume. - -The Repair-bde command-line tool is intended for use when the operating system doesn't start or when you can't start the BitLocker Recovery Console. Use Repair-bde if the following conditions are true: +> If recovery information is not being backed up to AD DS or if key packages need to be saved in an alternative way, the command: +> +> `manage-bde.exe -KeyPackage` +> +> can be used to generate a key package for a volume. -- You have encrypted the drive by using BitLocker Drive Encryption. -- Windows doesn't start, or you can't start the BitLocker recovery console. -- You don't have a copy of the data that is contained on the encrypted drive. +The Repair-bde command-line tool is intended for use when the operating system doesn't start or when the BitLocker Recovery Console can't be started. Use Repair-bde if the following conditions are true: + +- The drive has been encrypted using BitLocker Drive Encryption. + +- Windows doesn't start, or the BitLocker recovery console can't be started. + +- There isn't a backup copy of the data that is contained on the encrypted drive. > [!NOTE] -> Damage to the drive may not be related to BitLocker. Therefore, we recommend that you try other tools to help diagnose and resolve the problem with the drive before you use the BitLocker Repair Tool. The Windows Recovery Environment (Windows RE) provides additional options to repair computers. - +> Damage to the drive may not be related to BitLocker. Therefore, it is recommended to try other tools to help diagnose and resolve the problem with the drive before using the BitLocker Repair Tool. The Windows Recovery Environment (Windows RE) provides additional options to repair computers. + The following limitations exist for Repair-bde: -- The Repair-bde command-line tool can't repair a drive that failed during the encryption or decryption process. -- The Repair-bde command-line tool assumes that if the drive has any encryption, then the drive has been fully encrypted. +- The Repair-bde command-line tool can't repair a drive that failed during the encryption or decryption process. + +- The Repair-bde command-line tool assumes that if the drive has any encryption, then the drive has been fully encrypted. For more information about using repair-bde, see [Repair-bde](/previous-versions/windows/it-pro/windows-server-2012-R2-and-2012/ff829851(v=ws.11)). -## BitLocker cmdlets for Windows PowerShell +## BitLocker cmdlets for Windows PowerShell Windows PowerShell cmdlets provide a new way for administrators to use when working with BitLocker. Using Windows PowerShell's scripting capabilities, administrators can integrate BitLocker options into existing scripts with ease. The list below displays the available BitLocker cmdlets. @@ -139,50 +151,51 @@ Windows PowerShell cmdlets provide a new way for administrators to use when work |**Resume-BitLocker**|
  • Confirm
  • MountPoint
  • WhatIf| |**Suspend-BitLocker**|
  • Confirm
  • MountPoint
  • RebootCount
  • WhatIf| |**Unlock-BitLocker**|
  • AdAccountOrGroup
  • Confirm
  • MountPoint
  • Password
  • RecoveryKeyPath
  • RecoveryPassword
  • RecoveryPassword
  • WhatIf| - + Similar to manage-bde, the Windows PowerShell cmdlets allow configuration beyond the options offered in the control panel. As with manage-bde, users need to consider the specific needs of the volume they're encrypting prior to running Windows PowerShell cmdlets. -A good initial step is to determine the current state of the volume(s) on the computer. You can do this using the `Get-BitLockerVolume` cmdlet. +A good initial step is to determine the current state of the volume(s) on the computer. Determining the current state of the volume(s) can be done using the `Get-BitLockerVolume` cmdlet. The `Get-BitLockerVolume` cmdlet output gives information on the volume type, protectors, protection status, and other details. > [!TIP] -> Occasionally, all protectors may not be shown when using `Get-BitLockerVolume` due to lack of space in the output display. If you don't see all of the protectors for a volume, you can use the Windows PowerShell pipe command (|) to format a full listing of the protectors. -`Get-BitLockerVolume C: | fl` - -If you want to remove the existing protectors prior to provisioning BitLocker on the volume, you could use the `Remove-BitLockerKeyProtector` cmdlet. Accomplishing this requires the GUID associated with the protector to be removed. +> Occasionally, all protectors may not be shown when using `Get-BitLockerVolume` due to lack of space in the output display. If all of the protectors for a volume are not seen, use the Windows PowerShell pipe command (|) to format a full listing of the protectors: +> +> `Get-BitLockerVolume C: | fl` + +To remove the existing protectors prior to provisioning BitLocker on the volume, use the `Remove-BitLockerKeyProtector` cmdlet. Running this cmdlet requires the GUID associated with the protector to be removed. A simple script can pipe the values of each Get-BitLockerVolume return out to another variable as seen below: -```powershell +``` powershell $vol = Get-BitLockerVolume $keyprotectors = $vol.KeyProtector ``` -By using this script, you can display the information in the $keyprotectors variable to determine the GUID for each protector. +By using this script, the information in the $keyprotectors variable can be displayed to determine the GUID for each protector. -By using this information, you can then remove the key protector for a specific volume using the command: +By using this information, the key protector for a specific volume can be removed using the command: -```powershell +``` powershell Remove-BitLockerKeyProtector : -KeyProtectorID "{GUID}" ``` > [!NOTE] > The BitLocker cmdlet requires the key protector GUID enclosed in quotation marks to execute. Ensure the entire GUID, with braces, is included in the command. - + ### Using the BitLocker Windows PowerShell cmdlets with operating system volumes -Using the BitLocker Windows PowerShell cmdlets is similar to working with the manage-bde tool for encrypting operating system volumes. Windows PowerShell offers users a lot of flexibility. For example, users can add the desired protector as part command for encrypting the volume. Below are examples of common user scenarios and steps to accomplish them in BitLocker Windows PowerShell. +Using the BitLocker Windows PowerShell cmdlets is similar to working with the manage-bde tool for encrypting operating system volumes. Windows PowerShell offers users flexibility. For example, users can add the desired protector as part command for encrypting the volume. Below are examples of common user scenarios and steps to accomplish them in BitLocker Windows PowerShell. The following example shows how to enable BitLocker on an operating system drive using only the TPM protector: -```powershell +``` powershell Enable-BitLocker C: ``` In the example below, adds one additional protector, the StartupKey protector and chooses to skip the BitLocker hardware test. In this example, encryption starts immediately without the need for a reboot. -```powershell +``` powershell Enable-BitLocker C: -StartupKeyProtector -StartupKeyPath -SkipHardwareTest ``` @@ -191,7 +204,7 @@ Enable-BitLocker C: -StartupKeyProtector -StartupKeyPath -SkipHardwareTes Data volume encryption using Windows PowerShell is the same as for operating system volumes. Add the desired protectors prior to encrypting the volume. The following example adds a password protector to the E: volume using the variable $pw as the password. The $pw variable is held as a SecureString value to store the user-defined password. -```powershell +``` powershell $pw = Read-Host -AsSecureString Enable-BitLockerKeyProtector E: -PasswordProtector -Password $pw @@ -199,14 +212,14 @@ Enable-BitLockerKeyProtector E: -PasswordProtector -Password $pw ### Using an AD Account or Group protector in Windows PowerShell -The **ADAccountOrGroup** protector, introduced in Windows 8 and Windows Server 2012, is an Active Directory SID-based protector. This protector can be added to both operating system and data volumes, although it doesn't unlock operating system volumes in the pre-boot environment. The protector requires the SID for the domain account or group to link with the protector. BitLocker can protect a cluster-aware disk by adding a SID-based protector for the Cluster Name Object (CNO) that lets the disk properly fail over to and be unlocked by any member computer of the cluster. +The **ADAccountOrGroup** protector, introduced in Windows 8 and Windows Server 2012, is an Active Directory SID-based protector. This protector can be added to both operating system and data volumes, although it doesn't unlock operating system volumes in the pre-boot environment. The protector requires the SID for the domain account or group to link with the protector. BitLocker can protect a cluster-aware disk by adding a SID-based protector for the Cluster Name Object (CNO) that lets the disk properly fail over to and become unlocked by any member computer of the cluster. > [!WARNING] > The **ADAccountOrGroup** protector requires the use of an additional protector for use (such as TPM, PIN, or recovery key) when used on operating system volumes - + To add an **ADAccountOrGroup** protector to a volume, use either the actual domain SID or the group name preceded by the domain and a backslash. In the example below, the CONTOSO\\Administrator account is added as a protector to the data volume G. -```powershell +``` powershell Enable-BitLocker G: -AdAccountOrGroupProtector -AdAccountOrGroup CONTOSO\Administrator ``` @@ -214,24 +227,24 @@ For users who wish to use the SID for the account or group, the first step is to > [!NOTE] > Use of this command requires the RSAT-AD-PowerShell feature. - -```powershell + +``` powershell get-aduser -filter {samaccountname -eq "administrator"} ``` > [!TIP] > In addition to the PowerShell command above, information about the locally logged on user and group membership can be found using: WHOAMI /ALL. This doesn't require the use of additional features. - + The following example adds an **ADAccountOrGroup** protector to the previously encrypted operating system volume using the SID of the account: -```powershell +``` powershell Add-BitLockerKeyProtector C: -ADAccountOrGroupProtector -ADAccountOrGroup S-1-5-21-3651336348-8937238915-291003330-500 ``` > [!NOTE] > Active Directory-based protectors are normally used to unlock Failover Cluster enabled volumes. - -## More information + +## Related articles - [BitLocker overview](bitlocker-overview.md) - [BitLocker frequently asked questions (FAQ)](bitlocker-frequently-asked-questions.yml) diff --git a/windows/security/information-protection/bitlocker/bitlocker-use-bitlocker-recovery-password-viewer.md b/windows/security/information-protection/bitlocker/bitlocker-use-bitlocker-recovery-password-viewer.md index 4d74a53c11..3101c1d0bd 100644 --- a/windows/security/information-protection/bitlocker/bitlocker-use-bitlocker-recovery-password-viewer.md +++ b/windows/security/information-protection/bitlocker/bitlocker-use-bitlocker-recovery-password-viewer.md @@ -1,6 +1,6 @@ --- title: BitLocker Use BitLocker Recovery Password Viewer (Windows 10) -description: This topic for the IT professional describes how to use the BitLocker Recovery Password Viewer. +description: This article for the IT professional describes how to use the BitLocker Recovery Password Viewer. ms.reviewer: ms.prod: windows-client ms.localizationpriority: medium @@ -24,44 +24,50 @@ ms.technology: itpro-security - Windows 11 - Windows Server 2016 and above -This topic describes how to use the BitLocker Recovery Password Viewer. +This article describes how to use the BitLocker Recovery Password Viewer. -The BitLocker Recovery Password Viewer tool is an optional tool included with the Remote Server Administration Tools (RSAT). It lets you locate and view BitLocker recovery passwords that are stored in Active Directory Domain Services (AD DS). You can use this tool to help recover data that is stored on a drive that has been encrypted by using BitLocker. The BitLocker Active Directory Recovery Password Viewer tool is an extension for the Active Directory Users and Computers Microsoft Management Console (MMC) snap-in. Using this tool, you can examine a computer object's **Properties** dialog box to view the corresponding BitLocker recovery passwords. Additionally you can right-click a domain container and then search for a BitLocker recovery password across all the domains in the Active Directory forest. You can also search for a password by password identifier (ID). +The BitLocker Recovery Password Viewer tool is an optional tool included with the Remote Server Administration Tools (RSAT). It lets BitLocker recovery passwords that are stored in Active Directory Domain Services (AD DS) be located and viewed. This tool can be used to help recover data that is stored on a drive that has been encrypted by using BitLocker. The BitLocker Active Directory Recovery Password Viewer tool is an extension for the Active Directory Users and Computers Microsoft Management Console (MMC) snap-in. Using this tool, a computer object's **Properties** dialog box can be examined to view the corresponding BitLocker recovery passwords. -## Before you start +Additionally a domain container can be searched for BitLocker recovery password across all the domains in the Active Directory forest via a right-click. Passwords can also be searched by password identifier (ID). -To complete the procedures in this scenario: +## Before starting -- You must have domain administrator credentials. -- Your test computers must be joined to the domain. +To complete the procedures in this scenario, the following requirements must be met: + +- Domain administrator credentials. +- Test computers must be joined to the domain. - On the domain-joined test computers, BitLocker must have been turned on. The following procedures describe the most common tasks performed by using the BitLocker Recovery Password Viewer. -**To view the recovery passwords for a computer** +### To view the recovery passwords for a computer -1. In **Active Directory Users and Computers**, locate and then click the container in which the computer is located. -2. Right-click the computer object, and then click **Properties**. -3. In the **Properties** dialog box, click the **BitLocker Recovery** tab to view the BitLocker recovery passwords that are associated with the computer. +1. In **Active Directory Users and Computers**, locate and then select the container in which the computer is located. -**To copy the recovery passwords for a computer** +2. Right-click the computer object, and then select **Properties**. + +3. In the **Properties** dialog box, select the **BitLocker Recovery** tab to view the BitLocker recovery passwords that are associated with the computer. + +### To copy the recovery passwords for a computer 1. Follow the steps in the previous procedure to view the BitLocker recovery passwords. -2. On the **BitLocker Recovery** tab of the **Properties** dialog box, right-click the BitLocker recovery password that you want to copy, and then click **Copy Details**. + +2. On the **BitLocker Recovery** tab of the **Properties** dialog box, right-click the BitLocker recovery password that needs to be copied, and then select **Copy Details**. + 3. Press CTRL+V to paste the copied text to a destination location, such as a text file or spreadsheet. -**To locate a recovery password by using a password ID** +### To locate a recovery password by using a password ID -1. In Active Directory Users and Computers, right-click the domain container, and then click **Find BitLocker Recovery Password**. -2. In the **Find BitLocker Recovery Password** dialog box, type the first eight characters of the recovery password in the **Password ID (first 8 characters)** box, and then click **Search**. -By completing the procedures in this scenario, you have viewed and copied the recovery passwords for a computer and used a password ID to locate a recovery password. +1. In Active Directory Users and Computers, right-click the domain container, and then select **Find BitLocker Recovery Password**. -## More information +2. In the **Find BitLocker Recovery Password** dialog box, type the first eight characters of the recovery password in the **Password ID (first 8 characters)** box, and then select **Search**. + +By completing the procedures in this scenario, the recovery passwords for a computer have been viewed and copied and a password ID was used to locate a recovery password. + +## Replated articles - [BitLocker Overview](bitlocker-overview.md) - [BitLocker frequently asked questions (FAQ)](bitlocker-frequently-asked-questions.yml) - [Prepare your organization for BitLocker: Planning and policies](prepare-your-organization-for-bitlocker-planning-and-policies.md) - [BitLocker: How to deploy on Windows Server 2012](bitlocker-how-to-deploy-on-windows-server.md) - [BitLocker: Use BitLocker Drive Encryption Tools to manage BitLocker](bitlocker-use-bitlocker-drive-encryption-tools-to-manage-bitlocker.md) - - diff --git a/windows/security/information-protection/bitlocker/bitlocker-using-with-other-programs-faq.yml b/windows/security/information-protection/bitlocker/bitlocker-using-with-other-programs-faq.yml index 1113643070..f0a1626095 100644 --- a/windows/security/information-protection/bitlocker/bitlocker-using-with-other-programs-faq.yml +++ b/windows/security/information-protection/bitlocker/bitlocker-using-with-other-programs-faq.yml @@ -1,7 +1,7 @@ ### YamlMime:FAQ metadata: title: Using BitLocker with other programs FAQ (Windows 10) - description: Learn how to integrate BitLocker with other software on your device. + description: Learn how to integrate BitLocker with other software on a device. ms.assetid: c40f87ac-17d3-47b2-afc6-6c641f72ecee ms.reviewer: ms.prod: m365-security @@ -31,12 +31,12 @@ sections: - question: | Can I use EFS with BitLocker? answer: | - Yes, you can use Encrypting File System (EFS) to encrypt files on a BitLocker-protected drive. BitLocker helps protect the entire operating system drive against offline attacks, whereas EFS can provide additional user-based file level encryption for security separation between multiple users of the same computer. You can also use EFS in Windows to encrypt files on other drives that are not encrypted by BitLocker. The root secrets of EFS are stored by default on the operating system drive; therefore, if BitLocker is enabled for the operating system drive, data that is encrypted by EFS on other drives is also indirectly protected by BitLocker. + Yes, Encrypting File System (EFS) can be used to encrypt files on a BitLocker-protected drive. BitLocker helps protect the entire operating system drive against offline attacks, whereas EFS can provide additional user-based file level encryption for security separation between multiple users of the same computer. EFS can also be used in Windows to encrypt files on other drives that aren't encrypted by BitLocker. The root secrets of EFS are stored by default on the operating system drive; therefore, if BitLocker is enabled for the operating system drive, data that is encrypted by EFS on other drives is also indirectly protected by BitLocker. - question: | Can I run a kernel debugger with BitLocker? answer: | - Yes. However, the debugger should be turned on before enabling BitLocker. Turning on the debugger ensures that the correct measurements are calculated when sealing to the TPM, allowing the computer to start properly. If you need to turn debugging on or off when using BitLocker, be sure to suspend BitLocker first to avoid putting your computer into recovery mode. + Yes. However, the debugger should be turned on before enabling BitLocker. Turning on the debugger ensures that the correct measurements are calculated when sealing to the TPM, allowing the computer to start properly. If debugging needs to be turned on or off when using BitLocker, be sure to suspend BitLocker first to avoid putting the computer into recovery mode. - question: | How does BitLocker handle memory dumps? @@ -46,50 +46,50 @@ sections: - question: | Can BitLocker support smart cards for pre-boot authentication? answer: | - BitLocker does not support smart cards for pre-boot authentication. There is no single industry standard for smart card support in the firmware, and most computers either do not implement firmware support for smart cards, or only support specific smart cards and readers. This lack of standardization makes supporting them difficult. + BitLocker doesn't support smart cards for pre-boot authentication. There's no single industry standard for smart card support in the firmware, and most computers either don't implement firmware support for smart cards, or only support specific smart cards and readers. This lack of standardization makes supporting them difficult. - question: | Can I use a non-Microsoft TPM driver? answer: | - Microsoft does not support non-Microsoft TPM drivers and strongly recommends against using them with BitLocker. Attempting to use a non-Microsoft TPM driver with BitLocker may cause BitLocker to report that a TPM is not present on the computer and not allow the TPM to be used with BitLocker. + Microsoft doesn't support non-Microsoft TPM drivers and strongly recommends against using them with BitLocker. Attempting to use a non-Microsoft TPM driver with BitLocker may cause BitLocker to report that a TPM isn't present on the computer and not allow the TPM to be used with BitLocker. - question: | Can other tools that manage or modify the master boot record work with BitLocker? answer: | - We do not recommend modifying the master boot record on computers whose operating system drives are BitLocker-protected for a number of security, reliability, and product support reasons. Changes to the master boot record (MBR) could change the security environment and prevent the computer from starting normally, as well as complicate any efforts to recover from a corrupted MBR. Changes made to the MBR by anything other than Windows might force the computer into recovery mode or prevent it from booting entirely. + We don't recommend modifying the master boot record on computers whose operating system drives are BitLocker-protected for several security, reliability, and product support reasons. Changes to the master boot record (MBR) could change the security environment and prevent the computer from starting normally and complicate any efforts to recover from a corrupted MBR. Changes made to the MBR by anything other than Windows might force the computer into recovery mode or prevent it from booting entirely. - question: | - Why is the system check failing when I am encrypting my operating system drive? + Why is the system check failing when I'm encrypting my operating system drive? answer: | - The system check is designed to ensure your computer's BIOS or UEFI firmware is compatible with BitLocker and that the TPM is working correctly. The system check can fail for several reasons: + The system check is designed to ensure the computer's BIOS or UEFI firmware is compatible with BitLocker and that the TPM is working correctly. The system check can fail for several reasons: - - The computer's BIOS or UEFI firmware cannot read USB flash drives. - - The computer's BIOS, uEFI firmware, or boot menu does not have reading USB flash drives enabled. + - The computer's BIOS or UEFI firmware can't read USB flash drives. + - The computer's BIOS, uEFI firmware, or boot menu doesn't have reading USB flash drives enabled. - There are multiple USB flash drives inserted into the computer. - - The PIN was not entered correctly. + - The PIN wasn't entered correctly. - The computer's BIOS or UEFI firmware only supports using the function keys (F1-F10) to enter numerals in the pre-boot environment. - The startup key was removed before the computer finished rebooting. - The TPM has malfunctioned and fails to unseal the keys. - question: | - What can I do if the recovery key on my USB flash drive cannot be read? + What can I do if the recovery key on my USB flash drive can't be read? answer: | - Some computers cannot read USB flash drives in the pre-boot environment. First, check your BIOS or UEFI firmware and boot settings to ensure that the use of USB drives is enabled. If it is not enabled, enable the use of USB drives in the BIOS or UEFI firmware and boot settings and then try to read the recovery key from the USB flash drive again. If it still cannot be read, you will have to mount the hard drive as a data drive on another computer so that there is an operating system to attempt to read the recovery key from the USB flash drive. If the USB flash drive has been corrupted or damaged, you may need to supply a recovery password or use the recovery information that was backed up to AD DS. Also, if you are using the recovery key in the pre-boot environment, ensure that the drive is formatted by using the NTFS, FAT16, or FAT32 file system. + Some computers can't read USB flash drives in the pre-boot environment. First, check the BIOS or UEFI firmware and boot settings to ensure that the use of USB drives is enabled. If it isn't enabled, enable the use of USB drives in the BIOS or UEFI firmware and boot settings, and then try to read the recovery key from the USB flash drive again. If the USB flash drive still can't be read, the hard drive will need to be mounted as a data drive on another computer so that there's an operating system to attempt to read the recovery key from the USB flash drive. If the USB flash drive has been corrupted or damaged, a recovery password may need to be supplied or use the recovery information that was backed up to AD DS. Also, if the recovery key is being used in the pre-boot environment, ensure that the drive is formatted by using the NTFS, FAT16, or FAT32 file system. - question: | Why am I unable to save my recovery key to my USB flash drive? answer: | - The **Save to USB** option is not shown by default for removable drives. If the option is unavailable, it means that a system administrator has disallowed the use of recovery keys. + The **Save to USB** option isn't shown by default for removable drives. If the option is unavailable, it means that a system administrator has disallowed the use of recovery keys. - question: | Why am I unable to automatically unlock my drive? answer: | - Automatic unlocking for fixed data drives requires the operating system drive to also be protected by BitLocker. If you are using a computer that does not have a BitLocker-protected operating system drive, the drive cannot be automatically unlocked. For removable data drives, you can add automatic unlocking by right-clicking the drive in Windows Explorer and clicking **Manage BitLocker**. You will still be able to use the password or smart card credentials you supplied when you turned on BitLocker to unlock the removable drive on other computers. + Automatic unlocking for fixed data drives requires the operating system drive to also be protected by BitLocker. If a computer is being used that doesn't have a BitLocker-protected operating system drive, then the fixed drive can't be automatically unlocked. For removable data drives, automatic unlocking can be added by right-clicking the drive in Windows Explorer and selecting **Manage BitLocker**. Password or smart card credentials that were supplied when BitLocker was turned on can still be used to unlock the removable drive on other computers. - question: | Can I use BitLocker in Safe Mode? answer: | - Limited BitLocker functionality is available in Safe Mode. BitLocker-protected drives can be unlocked and decrypted by using the **BitLocker Drive Encryption** Control Panel item. Right-clicking to access BitLocker options from Windows Explorer is not available in Safe Mode. + Limited BitLocker functionality is available in Safe Mode. BitLocker-protected drives can be unlocked and decrypted by using the **BitLocker Drive Encryption** Control Panel item. Right-clicking to access BitLocker options from Windows Explorer isn't available in Safe Mode. - question: | How do I "lock" a data drive? @@ -110,18 +110,18 @@ sections: - question: | Can I use BitLocker with the Volume Shadow Copy Service? answer: | - Yes. However, shadow copies made prior to enabling BitLocker will be automatically deleted when BitLocker is enabled on software-encrypted drives. If you are using a hardware encrypted drive, the shadow copies are retained. + Yes. However, shadow copies made prior to enabling BitLocker will be automatically deleted when BitLocker is enabled on software-encrypted drives. If a hardware encrypted drive is being used, the shadow copies are retained. - question: | Does BitLocker support virtual hard disks (VHDs)? answer: | BitLocker should work like any specific physical machine within its hardware limitations as long as the environment (physical or virtual) meets Windows Operating System requirements to run. - - With TPM: Yes, it is supported. - - Without TPM: Yes, it is supported (with password protector). + - With TPM: Yes, it's supported. + - Without TPM: Yes, it's supported (with password protector). - BitLocker is also supported on data volume VHDs, such as those used by clusters, if you are running Windows 10, Windows 8.1, Windows 8, Windows Server 2016, Windows Server 2012 R2, or Windows Server 2012. + BitLocker is also supported on data volume VHDs, such as those used by clusters, if running Windows 10, Windows 8.1, Windows 8, Windows Server 2016, Windows Server 2012 R2, or Windows Server 2012. - question: | Can I use BitLocker with virtual machines (VMs)? answer: | - Yes. Password protectors and virtual TPMs can be used with BitLocker to protect virtual machines. VMs can be domain joined, Azure AD-joined, or workplace-joined (via **Settings** > **Accounts** > **Access work or school** > **Connect**) to receive policy. You can enable encryption either while creating the VM or by using other existing management tools such as the BitLocker CSP, or even by using a startup script or logon script delivered by Group Policy. Windows Server 2016 also supports [Shielded VMs and guarded fabric](/windows-server/virtualization/guarded-fabric-shielded-vm/guarded-fabric-and-shielded-vms-top-node) to protect VMs from malicious administrators. + Yes. Password protectors and virtual TPMs can be used with BitLocker to protect virtual machines. VMs can be domain joined, Azure AD-joined, or workplace-joined (via **Settings** > **Accounts** > **Access work or school** > **Connect**) to receive policy. Encryption can be enabled either while creating the VM or by using other existing management tools such as the BitLocker CSP, or even by using a startup script or sign-in script delivered by Group Policy. Windows Server 2016 also supports [Shielded VMs and guarded fabric](/windows-server/virtualization/guarded-fabric-shielded-vm/guarded-fabric-and-shielded-vms-top-node) to protect VMs from malicious administrators. From f433d1381aa40f09a45a0a317bcd7310585fcc57 Mon Sep 17 00:00:00 2001 From: Sriraman M S <45987684+msbemba@users.noreply.github.com> Date: Tue, 15 Nov 2022 19:36:21 +0530 Subject: [PATCH 045/129] Update event-4616.md Fixed typo --- windows/security/threat-protection/auditing/event-4616.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/windows/security/threat-protection/auditing/event-4616.md b/windows/security/threat-protection/auditing/event-4616.md index 6c96460629..dfd4eb58db 100644 --- a/windows/security/threat-protection/auditing/event-4616.md +++ b/windows/security/threat-protection/auditing/event-4616.md @@ -163,9 +163,9 @@ For 4616(S): The system time was changed. > [!IMPORTANT] > For this event, also see [Appendix A: Security monitoring recommendations for many audit events](appendix-a-security-monitoring-recommendations-for-many-audit-events.md). -- Report all “**Subject\\Security ID**” not equals **“LOCAL SERVICE”**, which means that the time change was not made not by Windows Time service. +- Report all “**Subject\\Security ID**” not equals **“LOCAL SERVICE”**, which means that the time change was not made by Windows Time service. -- Report all “**Process Information\\Name**” not equals **“C:\\Windows\\System32\\svchost.exe”** (path to svchost.exe can be different, you can search for “svchost.exe” substring), which means that the time change was not made not by Windows Time service. +- Report all “**Process Information\\Name**” not equals **“C:\\Windows\\System32\\svchost.exe”** (path to svchost.exe can be different, you can search for “svchost.exe” substring), which means that the time change was not made by Windows Time service. From 97bd9e00e19877e434de2b9ac7a37f0c752b1c49 Mon Sep 17 00:00:00 2001 From: Paolo Matarazzo <74918781+paolomatarazzo@users.noreply.github.com> Date: Tue, 15 Nov 2022 11:48:35 -0500 Subject: [PATCH 046/129] Updates --- .../hello-deployment-rdp-certs.md | 112 ++++++++---------- .../hello-how-it-works-technology.md | 2 +- .../hello-hybrid-cloud-kerberos-trust.md | 2 +- .../hello-for-business/toc.yml | 76 ++++++------ 4 files changed, 89 insertions(+), 103 deletions(-) diff --git a/windows/security/identity-protection/hello-for-business/hello-deployment-rdp-certs.md b/windows/security/identity-protection/hello-for-business/hello-deployment-rdp-certs.md index 85e91958b3..3c3763245b 100644 --- a/windows/security/identity-protection/hello-for-business/hello-deployment-rdp-certs.md +++ b/windows/security/identity-protection/hello-for-business/hello-deployment-rdp-certs.md @@ -1,53 +1,57 @@ --- -title: Deploying Certificates to Key Trust Users to Enable RDP -description: Learn how to deploy certificates to a Key Trust user to enable remote desktop with supplied credentials +title: Deploy certificates to cloud Kerberos trust and key trust users to enable RDP +description: Learn how to deploy certificates to a cloud Kerberos trust and key trust user to enable remote desktop with supplied credentials ms.prod: windows-client author: paolomatarazzo ms.author: paoloma manager: aaroncz -ms.reviewer: prsriva +ms.reviewer: erikdau ms.collection: - M365-identity-device-management - ContentEngagementFY23 -ms.topic: article +ms.topic: how-to localizationpriority: medium -ms.date: 02/22/2021 -appliesto: - - ✅ Windows 10 - - ✅ Windows 11 - - ✅ Hybrid deployment - - ✅ Key trust - - ✅ Cloud Kerberos trust +ms.date: 11/15/2022 +appliesto: + - ✅ Windows 10, version 21H2 and later ms.technology: itpro-security --- -# Deploy Certificates to Key Trust and Cloud Kerberos Trust Users to Enable RDP +# Deploy certificates to cloud Kerberos trust and key trust users to enable RDP -Windows Hello for Business supports using a certificate as the supplied credential when establishing a remote desktop connection to a server or other device. For certificate trust deployments, creation of this certificate occurs at container creation time. +This document describes Windows Hello for Business functionalities or scenarios that apply to:\ +✅ **Deployment type:** [hybrid](hello-how-it-works-technology.md#hybrid-deployment)\ +✅ **Trust type:** [cloud Kerberos trust](hello-hybrid-cloud-kerberos-trust.md), [ key trust](hello-how-it-works-technology.md#key-trust)\ +✅ **Device registration type:** [Azure AD join](hello-how-it-works-technology.md#azure-active-directory-join), [Hybrid Azure AD join](hello-how-it-works-technology.md#hybrid-azure-ad-join) -This document discusses an approach for key trust and cloud Kerberos trust deployments where authentication certificates can be deployed to an existing WHFB user. +
    -Three approaches are documented here: +--- -1. Deploying a certificate to hybrid joined devices using an on-premises Active Directory certificate enrollment policy. +Windows Hello for Business supports using a certificate as the supplied credential when establishing a remote desktop connection to a server or other device. For *cloud Kerberos trust* and *certificate trust* deployments, the creation of this certificate occurs at container creation time. -1. Deploying a certificate to hybrid or Azure AD-joined devices using Simple Certificate Enrollment Protocol (SCEP) and Intune. +This document discusses three approaches for cloud Kerberos trust and key trust deployments, where authentication certificates can be deployed to an existing Windows Hello for Business user: -1. Working with non-Microsoft enterprise certificate authorities. +- Deploy certificates to hybrid joined devices using an on-premises Active Directory certificate enrollment policy +- Deploy certificates to hybrid or Azure AD-joined devices using Simple Certificate Enrollment Protocol (SCEP) and Intune +- Work with non-Microsoft enterprise certificate authorities -## Deploying a certificate to a hybrid joined device using an on-premises Active Directory Certificate enrollment policy +## Deploy certificates to a hybrid joined devices using an on-premises Active Directory Certificate enrollment policy + +To deploy certificates using an on-premises Active Directory Certificate Services enrollment policy, you must: + +1. Create a suitable certificate template +1. Deploy certificates to your users based on the template ### Create a Windows Hello for Business certificate template -1. Sign in to your issuing certificate authority (CA). +Follow these steps to create a certificate template: -1. Open the **Certificate Authority** Console (%windir%\system32\certsrv.msc). - -1. In the left pane of the MMC, expand **Certification Authority (Local)**, and then expand your CA within the Certification Authority list. - -1. Right-click **Certificate Templates** and then click **Manage** to open the **Certificate Templates** console. - -1. Right-click the **Smartcard Logon** template and click **Duplicate Template** +1. Sign in to your issuing certificate authority (CA) +1. Open the **Certificate Authority** mmc snap-in console (%windir%\system32\certsrv.msc) +1. In the left pane of the MMC, expand **Certification Authority (Local)**, and then expand your CA within the Certification Authority list +1. Right-click **Certificate Templates** and then select **Manage** to open the **Certificate Templates** console +1. Right-click the **Smartcard Logon** template and select **Duplicate Template** ![Duplicating Smartcard Template.](images/rdpcert/duplicatetemplate.png) @@ -55,63 +59,45 @@ Three approaches are documented here: 1. Clear the **Show resulting changes** check box 1. Select **Windows Server 2012 or Windows Server 2012 R2** from the Certification Authority list 1. Select **Windows Server 2012 or Windows Server 2012 R2** from the Certification Recipient list - 1. On the **General** tab: - 1. Specify a Template display name, such as **WHfB Certificate Authentication** + 1. Specify a Template display name, for example *WHfB Certificate Authentication* 1. Set the validity period to the desired value - 1. Take note of the Template name for later, which should be the same as the Template display name minus spaces (**WHfBCertificateAuthentication** in this example). - -1. On the **Extensions** tab, verify the **Application Policies** extension includes **Smart Card Logon**. - + 1. Take note of the Template name for later, which should be the same as the Template display name minus spaces (**WHfBCertificateAuthentication** in this example) +1. On the **Extensions** tab, verify the **Application Policies** extension includes **Smart Card Logon** 1. On the **Subject Name** tab: 1. Select the **Build from this Active Directory** information button if it is not already selected 1. Select **Fully distinguished name** from the **Subject name format** list if Fully distinguished name is not already selected 1. Select the **User Principal Name (UPN)** check box under **Include this information in alternative subject name** 1. On the **Request Handling** tab: 1. Select the **Renew with same key** check box - 1. Set the Purpose to **Signature and smartcard logon** - 1. Click **Yes** when prompted to change the certificate purpose - 1. Click **Prompt the user during enrollment** - + 1. Set the Purpose to **Signature and smartcard logon** and select **Yes** when prompted to change the certificate purpose + 1. Select **Prompt the user during enrollment** 1. On the **Cryptography** tab: 1. Set the Provider Category to **Key Storage Provider** 1. Set the Algorithm name to **RSA** 1. Set the minimum key size to **2048** 1. Select **Requests must use one of the following providers** - 1. Tick **Microsoft Software Key Storage Provider** + 1. Select **Microsoft Software Key Storage Provider** 1. Set the Request hash to **SHA256** +1. On the **Security** tab, add the security group that you want to give **Enroll** access to. For example, if you want to give access to all users, select the **Authenticated** users group, and then select Enroll permissions for them +1. Select **OK** to finalize your changes and create the new template. Your new template should now appear in the list of Certificate Templates +1. Close the Certificate Templates console -1. On the **Security** tab, add the security group that you want to give **Enroll** access to. For example, if you want to give access to all users, select the **Authenticated** users group, and then select Enroll permissions for them. - -1. Click **OK** to finalize your changes and create the new template. Your new template should now appear in the list of Certificate Templates. - -1. Close the Certificate Templates console. - -1. Open an elevated command prompt and change to a temporary working directory. - -1. Execute the following command: - - `certutil -dstemplate \ \> \.txt` - - Replace \ with the Template name you took note of earlier in step 7. - +1. Open an elevated command prompt and change to a temporary working directory +1. Execute the following command, replacing `\` with the Template name you took note of earlier in step 7c + `certutil -dstemplate \ \` 1. Open the text file created by the command above. - 1. Delete the last line of the output from the file that reads **CertUtil: -dsTemplate command completed successfully.** - 1. Modify the line that reads **pKIDefaultCSPs = "1,Microsoft Software Key Storage Provider"** to **pKIDefaultCSPs = "1,Microsoft Passport Key Storage Provider"** - + 1. Delete the last line of the output from the file that reads `CertUtil: -dsTemplate command completed successfully.` + 1. Modify the line that reads `pKIDefaultCSPs = "1,Microsoft Software Key Storage Provider"` to `pKIDefaultCSPs = "1,Microsoft Passport Key Storage Provider"` 1. Save the text file. - 1. Update the certificate template by executing the following command: - - certutil -dsaddtemplate \.txt - -1. In the Certificate Authority console, right-click **Certificate Templates**, select **New**, and select **Certificate Template to Issue** + `certutil -dsaddtemplate \.txt` +1. In the Certificate Authority console, right-click **Certificate Templates**, select **New > Certificate Template to Issue** ![Selecting Certificate Template to Issue.](images/rdpcert/certificatetemplatetoissue.png) -1. From the list of templates, select the template you previously created (**WHFB Certificate Authentication**) and click **OK**. It can take some time for the template to replicate to all servers and become available in this list. - -1. After the template replicates, in the MMC, right-click in the Certification Authority list, click **All Tasks** and then click **Stop Service**. Right-click the name of the CA again, click **All Tasks**, and then click **Start Service**. +1. From the list of templates, select the template you previously created (**WHFB Certificate Authentication**) and select **OK**. It can take some time for the template to replicate to all servers and become available in this list. +1. After the template replicates, in the MMC, right-click in the Certification Authority list, select **All Tasks > Stop Service**. Right-click the name of the CA again, select **All Tasks > Start Service** ### Requesting a Certificate diff --git a/windows/security/identity-protection/hello-for-business/hello-how-it-works-technology.md b/windows/security/identity-protection/hello-for-business/hello-how-it-works-technology.md index 719c27216d..f48952acdf 100644 --- a/windows/security/identity-protection/hello-for-business/hello-how-it-works-technology.md +++ b/windows/security/identity-protection/hello-for-business/hello-how-it-works-technology.md @@ -194,7 +194,7 @@ If your environment has an on-premises AD footprint and you also want benefit fr ## Hybrid deployment -The Windows Hello for Business hybrid deployment is for organizations that have both on-premises and cloud resources that are accessed using a managed or federated identity that's synchronized with Azure AD. Hybrid deployments support devices that are Azure AD-registered, Azure AD-joined, and hybrid Azure AD-joined. The Hybrid deployment model supports two trust types for on-premises authentication, key trust and certificate trust. +The Windows Hello for Business hybrid deployment is for organizations that have both on-premises and cloud resources that are accessed using a managed or federated identity that's synchronized with Azure AD. Hybrid deployments support devices that are Azure AD-registered, Azure AD-joined, and hybrid Azure AD-joined. The Hybrid deployment model supports three trust types for on-premises authentication: cloud Kerberos trust, key trust and certificate trust. ### Related to hybrid deployment diff --git a/windows/security/identity-protection/hello-for-business/hello-hybrid-cloud-kerberos-trust.md b/windows/security/identity-protection/hello-for-business/hello-hybrid-cloud-kerberos-trust.md index d9cd8d2065..beaa22b78b 100644 --- a/windows/security/identity-protection/hello-for-business/hello-hybrid-cloud-kerberos-trust.md +++ b/windows/security/identity-protection/hello-for-business/hello-hybrid-cloud-kerberos-trust.md @@ -5,7 +5,7 @@ ms.prod: windows-client author: paolomatarazzo ms.author: paoloma manager: aaroncz -ms.reviewer: prsriva +ms.reviewer: erikdau ms.collection: M365-identity-device-management ms.topic: article localizationpriority: medium diff --git a/windows/security/identity-protection/hello-for-business/toc.yml b/windows/security/identity-protection/hello-for-business/toc.yml index 2c22050ab0..55cadf5a94 100644 --- a/windows/security/identity-protection/hello-for-business/toc.yml +++ b/windows/security/identity-protection/hello-for-business/toc.yml @@ -2,12 +2,12 @@ href: index.yml - name: Overview items: - - name: Windows Hello for Business Overview + - name: Windows Hello for Business overview href: hello-overview.md - name: Concepts expanded: true items: - - name: Passwordless Strategy + - name: Passwordless strategy href: passwordless-strategy.md - name: Why a PIN is better than a password href: hello-why-pin-is-better-than-password.md @@ -15,7 +15,7 @@ href: hello-biometrics-in-enterprise.md - name: How Windows Hello for Business works href: hello-how-it-works.md - - name: Technical Deep Dive + - name: Technical deep dive items: - name: Provisioning href: hello-how-it-works-provisioning.md @@ -25,91 +25,91 @@ href: webauthn-apis.md - name: How-to Guides items: - - name: Windows Hello for Business Deployment Overview + - name: Windows Hello for Business deployment overview href: hello-deployment-guide.md - - name: Planning a Windows Hello for Business Deployment + - name: Planning a Windows Hello for Business deployment href: hello-planning-guide.md - - name: Deployment Prerequisite Overview + - name: Deployment prerequisite overview href: hello-identity-verification.md - name: Prepare people to use Windows Hello href: hello-prepare-people-to-use.md - - name: Deployment Guides + - name: Deployment guides items: - - name: Hybrid Cloud Kerberos Trust Deployment + - name: Hybrid cloud Kerberos trust deployment href: hello-hybrid-cloud-kerberos-trust.md - - name: Hybrid Azure AD Joined Key Trust + - name: Hybrid Azure AD Join key trust items: - - name: Hybrid Azure AD Joined Key Trust Deployment + - name: Hybrid Azure AD join key trust deployment href: hello-hybrid-key-trust.md - name: Prerequisites href: hello-hybrid-key-trust-prereqs.md - - name: New Installation Baseline + - name: New installation baseline href: hello-hybrid-key-new-install.md - - name: Configure Directory Synchronization + - name: Configure directory synchronization href: hello-hybrid-key-trust-dirsync.md - - name: Configure Azure Device Registration + - name: Configure Azure AD device registration href: hello-hybrid-key-trust-devreg.md - name: Configure Windows Hello for Business settings href: hello-hybrid-key-whfb-settings.md - - name: Sign-in and Provisioning + - name: Sign-in and provisioning href: hello-hybrid-key-whfb-provision.md - - name: Hybrid Azure AD Joined Certificate Trust + - name: Hybrid Azure AD join certificate trust items: - - name: Hybrid Azure AD Joined Certificate Trust Deployment + - name: Hybrid Azure AD join certificate trust deployment href: hello-hybrid-cert-trust.md - name: Prerequisites href: hello-hybrid-cert-trust-prereqs.md - - name: New Installation Baseline + - name: New installation baseline href: hello-hybrid-cert-new-install.md - - name: Configure Azure Device Registration + - name: Configure Azure AD device registration href: hello-hybrid-cert-trust-devreg.md - name: Configure Windows Hello for Business settings href: hello-hybrid-cert-whfb-settings.md - - name: Sign-in and Provisioning + - name: Sign-in and provisioning href: hello-hybrid-cert-whfb-provision.md - - name: On-premises SSO for Azure AD Joined Devices + - name: On-premises singe-sign-on (SSO) for Azure AD joined devices items: - - name: On-premises SSO for Azure AD Joined Devices Deployment + - name: On-premises SSO for Azure AD joined devices href: hello-hybrid-aadj-sso.md - - name: Configure Azure AD joined devices for On-premises Single-Sign On using Windows Hello for Business + - name: Configure Azure AD joined devices for on-premises SSO href: hello-hybrid-aadj-sso-base.md - - name: Using Certificates for AADJ On-premises Single-sign On + - name: Using certificates for on-premises SSO href: hello-hybrid-aadj-sso-cert.md - name: On-premises Key Trust items: - - name: On-premises Key Trust Deployment + - name: Key trust deployment href: hello-deployment-key-trust.md - - name: Validate Active Directory Prerequisites + - name: Validate Active Directory prerequisites href: hello-key-trust-validate-ad-prereq.md - - name: Validate and Configure Public Key Infrastructure + - name: Validate and configure Public Key Infrastructure (PKI) href: hello-key-trust-validate-pki.md - - name: Prepare and Deploy Windows Server 2016 Active Directory Federation Services + - name: Prepare and deploy Active Directory Federation Services (AD FS) href: hello-key-trust-adfs.md - - name: Validate and Deploy Multi-factor Authentication (MFA) Services + - name: Validate and deploy multi-factor authentication (MFA) services href: hello-key-trust-validate-deploy-mfa.md - name: Configure Windows Hello for Business policy settings href: hello-key-trust-policy-settings.md - - name: On-premises Certificate Trust + - name: On-premises certificate trust items: - - name: On-premises Certificate Trust Deployment + - name: Certificate trust deployment href: hello-deployment-cert-trust.md - - name: Validate Active Directory Prerequisites + - name: Validate Active Directory prerequisites href: hello-cert-trust-validate-ad-prereq.md - - name: Validate and Configure Public Key Infrastructure + - name: Validate and configure Public Key Infrastructure (PKI) href: hello-cert-trust-validate-pki.md - - name: Prepare and Deploy Windows Server 2016 Active Directory Federation Services + - name: Prepare and Deploy Active Directory Federation Services (AD FS) href: hello-cert-trust-adfs.md - - name: Validate and Deploy Multi-factor Authentication (MFA) Services + - name: Validate and deploy multi-factor authentication (MFA) services href: hello-cert-trust-validate-deploy-mfa.md - name: Configure Windows Hello for Business policy settings href: hello-cert-trust-policy-settings.md - name: Azure AD join cloud only deployment href: hello-aad-join-cloud-only-deploy.md - - name: Managing Windows Hello for Business in your organization + - name: Manage Windows Hello for Business in your organization href: hello-manage-in-organization.md - - name: Deploying Certificates to Key Trust Users to Enable RDP + - name: Deploy certificates for remote desktop (RDP) connections href: hello-deployment-rdp-certs.md - - name: Windows Hello for Business Features + - name: Windows Hello for Business features items: - name: Conditional Access href: hello-feature-conditional-access.md @@ -135,7 +135,7 @@ href: hello-and-password-changes.md - name: Reference items: - - name: Technology and Terminology + - name: Technology and terminology href: hello-how-it-works-technology.md - name: Frequently Asked Questions (FAQ) href: hello-faq.yml From ea8b66f522c7a4c0ef2ec7858e183af0b2ddc7b9 Mon Sep 17 00:00:00 2001 From: Paolo Matarazzo <74918781+paolomatarazzo@users.noreply.github.com> Date: Tue, 15 Nov 2022 12:14:50 -0500 Subject: [PATCH 047/129] updates --- .../hello-deployment-rdp-certs.md | 31 ++++++++++--------- .../hello-for-business/toc.yml | 18 +++++------ 2 files changed, 25 insertions(+), 24 deletions(-) diff --git a/windows/security/identity-protection/hello-for-business/hello-deployment-rdp-certs.md b/windows/security/identity-protection/hello-for-business/hello-deployment-rdp-certs.md index 3c3763245b..7fd201a853 100644 --- a/windows/security/identity-protection/hello-for-business/hello-deployment-rdp-certs.md +++ b/windows/security/identity-protection/hello-for-business/hello-deployment-rdp-certs.md @@ -13,11 +13,11 @@ ms.topic: how-to localizationpriority: medium ms.date: 11/15/2022 appliesto: - - ✅ Windows 10, version 21H2 and later + - ✅ Windows 10 and later ms.technology: itpro-security --- -# Deploy certificates to cloud Kerberos trust and key trust users to enable RDP +# Deploy certificates to cloud Kerberos trust and key trust users for RDP authentication This document describes Windows Hello for Business functionalities or scenarios that apply to:\ ✅ **Deployment type:** [hybrid](hello-how-it-works-technology.md#hybrid-deployment)\ @@ -28,9 +28,7 @@ This document describes Windows Hello for Business functionalities or scenarios --- -Windows Hello for Business supports using a certificate as the supplied credential when establishing a remote desktop connection to a server or other device. For *cloud Kerberos trust* and *certificate trust* deployments, the creation of this certificate occurs at container creation time. - -This document discusses three approaches for cloud Kerberos trust and key trust deployments, where authentication certificates can be deployed to an existing Windows Hello for Business user: +Windows Hello for Business supports using a certificate as the supplied credential when establishing a remote desktop connection to a server or other device. This document discusses three approaches for *cloud Kerberos trust* and *key trust* deployments, where authentication certificates can be deployed to an existing Windows Hello for Business user: - Deploy certificates to hybrid joined devices using an on-premises Active Directory certificate enrollment policy - Deploy certificates to hybrid or Azure AD-joined devices using Simple Certificate Enrollment Protocol (SCEP) and Intune @@ -38,12 +36,13 @@ This document discusses three approaches for cloud Kerberos trust and key trust ## Deploy certificates to a hybrid joined devices using an on-premises Active Directory Certificate enrollment policy -To deploy certificates using an on-premises Active Directory Certificate Services enrollment policy, you must: +To deploy certificates using an on-premises Active Directory Certificate Services enrollment policy, you must first create a certificate template and then deploy certificates based on the template. -1. Create a suitable certificate template -1. Deploy certificates to your users based on the template +Expand the following sections to learn more about the process. -### Create a Windows Hello for Business certificate template +
    +
    +Create a Windows Hello for Business certificate template Follow these steps to create a certificate template: @@ -99,24 +98,26 @@ Follow these steps to create a certificate template: 1. From the list of templates, select the template you previously created (**WHFB Certificate Authentication**) and select **OK**. It can take some time for the template to replicate to all servers and become available in this list. 1. After the template replicates, in the MMC, right-click in the Certification Authority list, select **All Tasks > Stop Service**. Right-click the name of the CA again, select **All Tasks > Start Service** -### Requesting a Certificate +
    + + +
    +
    +Request a Certificate 1. Ensure the hybrid Azure AD joined device has network line of sight to Active Directory domain controllers and the issuing certificate authority. - 1. Start the **Certificates – Current User** console (%windir%\system32\certmgr.msc). - 1. In the left pane of the MMC, right-click **Personal**, click **All Tasks**, and then click **Request New Certificate…** ![Request a new certificate.](images/rdpcert/requestnewcertificate.png) 1. On the Certificate Enrollment screen, click **Next**. - 1. Under Select Certificate Enrollment Policy, ensure **Active Directory Enrollment Policy** is selected and then click **Next**. - 1. Under Request Certificates, click the check-box next to the certificate template you created in the previous section (WHfB Certificate Authentication) and then click **Enroll**. - 1. After a successful certificate request, click Finish on the Certificate Installation Results screen +
    + ## Deploying a certificate to Hybrid or Azure AD Joined Devices using Simple Certificate Enrollment Protocol (SCEP) via Intune Deploying a certificate to Azure AD Joined Devices may be achieved with the Simple Certificate Enrollment Protocol (SCEP) via Intune. For guidance deploying the required infrastructure, refer to [Configure infrastructure to support SCEP certificate profiles with Microsoft Intune](/mem/intune/protect/certificates-scep-configure). diff --git a/windows/security/identity-protection/hello-for-business/toc.yml b/windows/security/identity-protection/hello-for-business/toc.yml index 55cadf5a94..e0319abca3 100644 --- a/windows/security/identity-protection/hello-for-business/toc.yml +++ b/windows/security/identity-protection/hello-for-business/toc.yml @@ -35,6 +35,8 @@ href: hello-prepare-people-to-use.md - name: Deployment guides items: + - name: Cloud-only deployment + href: hello-aad-join-cloud-only-deploy.md - name: Hybrid cloud Kerberos trust deployment href: hello-hybrid-cloud-kerberos-trust.md - name: Hybrid Azure AD Join key trust @@ -75,7 +77,7 @@ href: hello-hybrid-aadj-sso-base.md - name: Using certificates for on-premises SSO href: hello-hybrid-aadj-sso-cert.md - - name: On-premises Key Trust + - name: On-premises key trust items: - name: Key trust deployment href: hello-deployment-key-trust.md @@ -103,15 +105,13 @@ href: hello-cert-trust-validate-deploy-mfa.md - name: Configure Windows Hello for Business policy settings href: hello-cert-trust-policy-settings.md - - name: Azure AD join cloud only deployment - href: hello-aad-join-cloud-only-deploy.md - - name: Manage Windows Hello for Business in your organization - href: hello-manage-in-organization.md - - name: Deploy certificates for remote desktop (RDP) connections + - name: Deploy certificates for remote desktop (RDP) authentication href: hello-deployment-rdp-certs.md + - name: Manage Windows Hello for Business in your organization + href: hello-manage-in-organization.md - name: Windows Hello for Business features items: - - name: Conditional Access + - name: Conditional access href: hello-feature-conditional-access.md - name: PIN Reset href: hello-feature-pin-reset.md @@ -125,9 +125,9 @@ href: hello-feature-remote-desktop.md - name: Troubleshooting items: - - name: Known Deployment Issues + - name: Known deployment issues href: hello-deployment-issues.md - - name: Errors During PIN Creation + - name: Errors during PIN creation href: hello-errors-during-pin-creation.md - name: Event ID 300 - Windows Hello successfully created href: hello-event-300.md From a91e5025f641bcb04dac20f0172c84492c9b639e Mon Sep 17 00:00:00 2001 From: Paolo Matarazzo <74918781+paolomatarazzo@users.noreply.github.com> Date: Tue, 15 Nov 2022 15:08:25 -0500 Subject: [PATCH 048/129] updates --- .../hello-for-business/hello-deployment-rdp-certs.md | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/windows/security/identity-protection/hello-for-business/hello-deployment-rdp-certs.md b/windows/security/identity-protection/hello-for-business/hello-deployment-rdp-certs.md index 7fd201a853..11d9864886 100644 --- a/windows/security/identity-protection/hello-for-business/hello-deployment-rdp-certs.md +++ b/windows/security/identity-protection/hello-for-business/hello-deployment-rdp-certs.md @@ -100,11 +100,10 @@ Follow these steps to create a certificate template: - -
    Request a Certificate + 1. Ensure the hybrid Azure AD joined device has network line of sight to Active Directory domain controllers and the issuing certificate authority. 1. Start the **Certificates – Current User** console (%windir%\system32\certmgr.msc). 1. In the left pane of the MMC, right-click **Personal**, click **All Tasks**, and then click **Request New Certificate…** From 4801714795cd4b4c3452f57da02fe5c1afd60026 Mon Sep 17 00:00:00 2001 From: Paolo Matarazzo <74918781+paolomatarazzo@users.noreply.github.com> Date: Tue, 15 Nov 2022 15:29:32 -0500 Subject: [PATCH 049/129] updates --- .../hello-deployment-rdp-certs.md | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/windows/security/identity-protection/hello-for-business/hello-deployment-rdp-certs.md b/windows/security/identity-protection/hello-for-business/hello-deployment-rdp-certs.md index 11d9864886..8e6cf54945 100644 --- a/windows/security/identity-protection/hello-for-business/hello-deployment-rdp-certs.md +++ b/windows/security/identity-protection/hello-for-business/hello-deployment-rdp-certs.md @@ -46,10 +46,10 @@ Expand the following sections to learn more about the process. Follow these steps to create a certificate template: -1. Sign in to your issuing certificate authority (CA) -1. Open the **Certificate Authority** mmc snap-in console (%windir%\system32\certsrv.msc) -1. In the left pane of the MMC, expand **Certification Authority (Local)**, and then expand your CA within the Certification Authority list -1. Right-click **Certificate Templates** and then select **Manage** to open the **Certificate Templates** console +1. Sign in to your issuing certificate authority (CA) and open *Server Manager* +1. Select **Tools > Certification Authority**. The Certification Authority Microsoft Management Console (MMC) opens +1. In the MMC, expand the CA name and right-click **Certificate Templates > Manage** +1. The Certificate Templates console opens. All of the certificate templates are displayed in the details pane 1. Right-click the **Smartcard Logon** template and select **Duplicate Template** ![Duplicating Smartcard Template.](images/rdpcert/duplicatetemplate.png) @@ -68,8 +68,8 @@ Follow these steps to create a certificate template: 1. Select **Fully distinguished name** from the **Subject name format** list if Fully distinguished name is not already selected 1. Select the **User Principal Name (UPN)** check box under **Include this information in alternative subject name** 1. On the **Request Handling** tab: - 1. Select the **Renew with same key** check box 1. Set the Purpose to **Signature and smartcard logon** and select **Yes** when prompted to change the certificate purpose + 1. Select the **Renew with same key** check box 1. Select **Prompt the user during enrollment** 1. On the **Cryptography** tab: 1. Set the Provider Category to **Key Storage Provider** @@ -83,8 +83,8 @@ Follow these steps to create a certificate template: 1. Close the Certificate Templates console 1. Open an elevated command prompt and change to a temporary working directory -1. Execute the following command, replacing `\` with the Template name you took note of earlier in step 7c - `certutil -dstemplate \ \` +1. Execute the following command, replacing `` with the Template name you took note of earlier in step 7c + `certutil -dstemplate > ` 1. Open the text file created by the command above. 1. Delete the last line of the output from the file that reads `CertUtil: -dsTemplate command completed successfully.` 1. Modify the line that reads `pKIDefaultCSPs = "1,Microsoft Software Key Storage Provider"` to `pKIDefaultCSPs = "1,Microsoft Passport Key Storage Provider"` From 6fbedf9001c5e39a01a217cd2f27a8811b4ef797 Mon Sep 17 00:00:00 2001 From: Carmen Forsmann Date: Tue, 15 Nov 2022 15:01:12 -0700 Subject: [PATCH 050/129] Addressed feedback comments --- .../do/delivery-optimization-test.md | 32 +++++++++--------- ...sToPeers.png => m1-adv-bytes-to-peers.png} | Bin ...sToPeers.PNG => m2-adv-bytes-to-peers.png} | Bin ...sToPeers.PNG => m3-adv-bytes-to-peers.png} | Bin 4 files changed, 16 insertions(+), 16 deletions(-) rename windows/deployment/do/images/test-scenarios/Win10/{M1-Adv-BytesToPeers.png => m1-adv-bytes-to-peers.png} (100%) rename windows/deployment/do/images/test-scenarios/Win10/{M2-Adv-BytesToPeers.PNG => m2-adv-bytes-to-peers.png} (100%) rename windows/deployment/do/images/test-scenarios/Win10/{M3-Adv-BytesToPeers.PNG => m3-adv-bytes-to-peers.png} (100%) diff --git a/windows/deployment/do/delivery-optimization-test.md b/windows/deployment/do/delivery-optimization-test.md index 1cad399007..2b6316d222 100644 --- a/windows/deployment/do/delivery-optimization-test.md +++ b/windows/deployment/do/delivery-optimization-test.md @@ -20,7 +20,7 @@ Delivery Optimization is a powerful and useful tool to help enterprises manage b ## Monitoring The Results -Since Delivery Optimization is on by default, you'll be able to monitor the value either through the Windows Settings for ‘Delivery Optimization’, using Delivery Optimization PowerShell [cmdlets](waas-delivery-optimization-setup.md), and/or via the [Windows Update for Business Report](../update/wufb-reports-workbook.md) experience in Azure. +Since Delivery Optimization is on by default, you'll be able to monitor the value either through the Windows Settings for ‘Delivery Optimization’, using Delivery Optimization PowerShell [cmdlets.](waas-delivery-optimization-setup.md), and/or via the [Windows Update for Business Report.](../update/wufb-reports-workbook.md) experience in Azure. In the case where Delivery Optimization isn't working in your environment, it's important to investigate to get to the root of the problem. We recommend a test environment be created to easily evaluate typical devices to ensure Delivery Optimization is working properly. For starters, ‘Scenario 1: Basic Setup’ should be created to test the use of Delivery Optimization between two machines. This scenario is designed to eliminate any noise in the environment to ensure there's nothing preventing Delivery Optimization from working on the devices. Once you have a baseline, you can expand the test environment for more sophisticated tests. @@ -28,15 +28,15 @@ In the case where Delivery Optimization isn't working in your environment, it's The focus of the testing scenarios in this article is primarily centered on demonstrating the Delivery Optimization policies centered around the successful downloading of bytes using P2P. More specifically, the goal will be to show peer to peer is working as expected, using the following criteria: -* Peers can find each other (for example on the same LAN / subnet / Group – matching your Download Mode policy). -* Files are downloading in the expected Download Mode (validates connectivity to DO cloud, HTTP, and local configs). +* Peers can find each other (for example on the same LAN / subnet / Group – matching your 'Download Mode' policy). +* Files are downloading in the expected 'Download Mode' policy setting (validates connectivity to DO cloud, HTTP, and local configs). * At least some downloads happening via P2P (validates connectivity between peers). Several elements that influence overall peering, using Delivery Optimization. The most common, impactful environment factors should be considered. * **The number of files in the cache and** **the** **number of devices have a big effect on overall peering.** There's a set number of files available for peering at a time, from each client, so the peering device may not be serving a particular file. * **File size** **and** **internet connection** **reliability matter.** There's a Delivery Optimization setting to determine the minimum file size to use P2P. In addition, an internet connection must be open and reliable enough to let the Delivery Optimization client make cloud service API calls and download metadata files before starting a file download. -* **Delivery Optimization Policies can play a role.** In general, it's important to familiarize yourself with the Delivery Optimization settings and defaults [Delivery Optimization reference - Windows Deployment | Microsoft Docs](waas-delivery-optimization-reference.md). +* **Delivery Optimization Policies can play a role.** In general, it's important to familiarize yourself with the Delivery Optimization settings and defaults [Delivery Optimization reference - Windows Deployment | Microsoft Docs.](waas-delivery-optimization-reference.md). ### Delivery Optimization is a Hybrid P2P Platform @@ -69,7 +69,7 @@ Machine 1 will download zero bytes from peers, Machine 2 will download 50 - 99% |Pause Windows Updates | This controls the test environment so no other content is made available during the test, and potentially altering the outcome of the test. If there are problems and no peering happens, use 'Get-DeliveryOptimizationStatus' on the first machine to return a real-time list of the connected peers. |Ensure all Store apps are up to date | This will help prevent any new, unexpected updates to download during testing. |Delivery Optimization 'Download Mode' Policy | 2 (Group)(set on each machine) -|Delivery Optimization 'GroupID' Policy | Set the *same* 'GUID' on each test machine. A GUID is a required value, which can be generated using PowerShell, ‘[[guid]::NewGuid()](https://blogs.technet.microsoft.com/heyscriptingguy/2013/07/25/powertip-create-a-new-guid-by-using-powershell/)’. +|Delivery Optimization 'GroupID' Policy | Set the *same* 'GUID' on each test machine. A GUID is a required value, which can be generated using PowerShell, ‘[[guid]::NewGuid().](https://blogs.technet.microsoft.com/heyscriptingguy/2013/07/25/powertip-create-a-new-guid-by-using-powershell/)’. |**Required on Windows 11 devices only** set Delivery Optimization 'Restrict Peer Selection' policy | 0-NAT (set on each machine). The default behavior in Windows 11 is set to '2-Local Peer Discovery'. For testing purposes, this needs to be scoped to the NAT. #### Test Instructions @@ -87,7 +87,7 @@ The following set of instructions will be used for each machine: |Windows 10 | Windows 11 |--------|-------------------------------| -|![Windows 10 21H2 - Machine 1 - Basic Test](images/test-scenarios/Win10/M1-Basic-Complete.png)|![Windows 11 21H2 - Machine 1 - Basic Test](images/test-scenarios/Win11/M1-Basic-Complete.png) +| :::image type="content" source="images/test-scenarios/win10/m1-basic-complete.png" alt-text="Windows 10 21H2 - Machine 1 - Basic Test." lightbox="images/test-scenarios/win10/m1-basic-complete.png"::: | :::image type="content" source="images/test-scenarios/win11/m1-basic-complete.png" alt-text="Windows 11 21H2 - Machine 1 - Basic Test." lightbox="images/test-scenarios/win11/m1-basic-complete.png"::: | | **Observations** | | | * No peers were found on the first machine downloading the content.
    * 'TotalBytesDownloaded' is equal to the file size.
    * Status is set to 'Caching' the content so future peers can use it.
    * Download was happening in the foreground.
    * DownloadMode is set to 'Group' and no peers were found.
    * No distinct observations seen between Window 10 and Windows 11 devices. @@ -99,7 +99,7 @@ The following set of instructions will be used for each machine: |Windows 10 | Windows 11 |--------|--------------------------------| -|![Windows 10 21H2 - Machine 2 - Basic Test](images/test-scenarios/Win10/M2-Basic-Complete.png)|![Windows 11 21H2 - Machine 2 - Basic Test](images/test-scenarios/Win11/M2-Basic-Complete.png)| +| :::image type="content" source="images/test-scenarios/win10/m2-basic-complete.png" alt-text="Windows 10 21H2 - Machine 2 - Basic Test." lightbox="images/test-scenarios/win10/m2-basic-complete.png"::: | :::image type="content" source="images/test-scenarios/win11/m2-basic-complete.png" alt-text="Windows 11 21H2 - Machine 2 - Basic Test." lightbox="images/test-scenarios/win11/m2-basic-complete.png":::| | **Observations** | **Observations**| | * A peer was found for the content and 87% of total bytes came from the peer.
    * One peer was found for the piece of content, which is expected as there are only two devices in the peering group.
    * Download mode was set to 'Group', but since group mode includes both LAN and Group devices, Delivery Optimization prioritizes LAN peers, if found. Therefore, 'BytesFromLanPeers' shows bytes where 'BytesFromGroupPeers' doesn't.
    * 'DownloadDuration' is roughly the same between machines.|* A peer was found for the content and 90% of total bytes came from the peer.
    * All other points are the same as Windows 10 results. @@ -108,7 +108,7 @@ The following set of instructions will be used for each machine: **Goal:** Demonstrate how Delivery Optimization peer-to-peer technology works in a non-controlled environment, expanding to three machines **Expected Results:** -Machine 1 will download zero bytes from peers, Machine 2 will find a peers and download 50 - 99% from peers. Machine 3 will find two peers and download 50 - 99% from peers. +Machine 1 will download zero bytes from peers, Machine 2 will find peers and download 50 - 99% from peers. Machine 3 will find two peers and download 50 - 99% from peers. #### Test Machine Setup @@ -121,7 +121,7 @@ Machine 1 will download zero bytes from peers, Machine 2 will find a peers and d |Disk size|127 GB |Network | Connected to same network, one that is representative of the corporate network. |Delivery Optimization 'Download Mode' Policy| 2 (Group)(set on each machine) -|Delivery Optimization 'Group ID' Policy| Set the *same* 'GUID' on each test machine. A GUID is required value, which can be generated using PowerShell, ‘[[guid]::NewGuid()](https://blogs.technet.microsoft.com/heyscriptingguy/2013/07/25/powertip-create-a-new-guid-by-using-powershell/)’ +|Delivery Optimization 'Group ID' Policy| Set the *same* 'GUID' on each test machine. A GUID is required value, which can be generated using PowerShell, ‘[[guid]::NewGuid().](https://blogs.technet.microsoft.com/heyscriptingguy/2013/07/25/powertip-create-a-new-guid-by-using-powershell/)’ |Delivery Optimization 'Delay background download from http' Policy | 60 (set on each machine) |Delivery Optimization 'Delay foreground download from http Policy |60 (set on each machine) @@ -139,7 +139,7 @@ The following set of instructions will be used for each machine: **Output: Windows 10 (21H2)** -![Windows 10 21H2 - Machine 1 - Advanced Test](images/test-scenarios/Win10/M1-Adv-Complete.png) +![Windows 10 21H2 - Machine 1 - Advanced Test.](images/test-scenarios/win10/m1-adv-complete.png) **Observations** @@ -155,7 +155,7 @@ The following set of instructions will be used for each machine: **Output** Windows 10 (21H2) -![Windows 10 21H2 - Machine 2 - Advanced Test](images/test-scenarios/Win10/M2-Adv-Complete.png) +![Windows 10 21H2 - Machine 2 - Advanced Test.](images/test-scenarios/win10/m2-adv-complete.png) **Observations** @@ -170,7 +170,7 @@ The following set of instructions will be used for each machine: **Output:** Windows 10 (21H2) -![Windows 10 21H2 - Machine 3 - Advanced Test](images/test-scenarios/Win10/M3-Adv-Complete.png) +![Windows 10 21H2 - Machine 3 - Advanced Test.](images/test-scenarios/win10/m3-adv-complete.png) **Observations** @@ -186,19 +186,19 @@ As mentioned, the distributed nature of the Delivery Optimization technology is 'BytesToPeers' sourced from Machine 1 are '5704426044'. This represents the total number of bytes, downloaded by the two peers in the group. -![Windows 10 21H2 - Machine 1 - Advanced BytesToPeers Test](images/test-scenarios/Win10/M1-Adv-BytesToPeers.png) +![Windows 10 21H2 - Machine 1 - Advanced BytesToPeers Test.](images/test-scenarios/win10/m1-adv-bytes-to-peers.png) **Output:** Machine 2 'BytesToPeers' sourced from Machine 2 are '1899143740'. When there are two peers in the group with bytes available, notice that the distribution of bytes comes from either Machine 1 or Machine 2. -![Windows 10 21H2 - Machine 2 - Advanced BytesToPeers Test](images/test-scenarios/Win10/M2-Adv-BytesToPeers.png) +![Windows 10 21H2 - Machine 2 - Advanced BytesToPeers Test.](images/test-scenarios/win10/m2-adv-bytes-to-peers.png) **Output:** Machine 3 'BytesToPeers' sourced from Machine 3 are '0'. This means that no other peers are downloading bytes from this peer, which is expected since it was the last machine in the group. -![Windows 10 21H2 - Machine 3 - Advanced BytesToPeers Test](images/test-scenarios/Win10/M3-Adv-BytesToPeers.png) +![Windows 10 21H2 - Machine 3 - Advanced BytesToPeers Test.](images/test-scenarios/win10/m3-adv-bytes-to-peers.png) ## Conclusion @@ -206,4 +206,4 @@ Using Delivery Optimization can help make a big impact in customer environments The testing scenarios found in this document help to show a controlled test environment, helping to prevent updates from interrupting the peering results. The other, a more real-world case, to demonstrate how content available across peers will both be used as the source of the content. -If there are issues found while testing, the Delivery Optimization PowerShell [cmdlets](waas-delivery-optimization-setup.md) can be a helpful tool to help explain what is happening in the environment. +If there are issues found while testing, the Delivery Optimization PowerShell [cmdlets.](waas-delivery-optimization-setup.md) can be a helpful tool to help explain what is happening in the environment. diff --git a/windows/deployment/do/images/test-scenarios/Win10/M1-Adv-BytesToPeers.png b/windows/deployment/do/images/test-scenarios/Win10/m1-adv-bytes-to-peers.png similarity index 100% rename from windows/deployment/do/images/test-scenarios/Win10/M1-Adv-BytesToPeers.png rename to windows/deployment/do/images/test-scenarios/Win10/m1-adv-bytes-to-peers.png diff --git a/windows/deployment/do/images/test-scenarios/Win10/M2-Adv-BytesToPeers.PNG b/windows/deployment/do/images/test-scenarios/Win10/m2-adv-bytes-to-peers.png similarity index 100% rename from windows/deployment/do/images/test-scenarios/Win10/M2-Adv-BytesToPeers.PNG rename to windows/deployment/do/images/test-scenarios/Win10/m2-adv-bytes-to-peers.png diff --git a/windows/deployment/do/images/test-scenarios/Win10/M3-Adv-BytesToPeers.PNG b/windows/deployment/do/images/test-scenarios/Win10/m3-adv-bytes-to-peers.png similarity index 100% rename from windows/deployment/do/images/test-scenarios/Win10/M3-Adv-BytesToPeers.PNG rename to windows/deployment/do/images/test-scenarios/Win10/m3-adv-bytes-to-peers.png From 14104f2d667837bab005af7614469575d41446b3 Mon Sep 17 00:00:00 2001 From: Paolo Matarazzo <74918781+paolomatarazzo@users.noreply.github.com> Date: Tue, 15 Nov 2022 17:14:08 -0500 Subject: [PATCH 051/129] updates --- .../hello-deployment-rdp-certs.md | 23 ++++++++++++++----- 1 file changed, 17 insertions(+), 6 deletions(-) diff --git a/windows/security/identity-protection/hello-for-business/hello-deployment-rdp-certs.md b/windows/security/identity-protection/hello-for-business/hello-deployment-rdp-certs.md index 8e6cf54945..08eac3591e 100644 --- a/windows/security/identity-protection/hello-for-business/hello-deployment-rdp-certs.md +++ b/windows/security/identity-protection/hello-for-business/hello-deployment-rdp-certs.md @@ -1,6 +1,6 @@ --- title: Deploy certificates to cloud Kerberos trust and key trust users to enable RDP -description: Learn how to deploy certificates to a cloud Kerberos trust and key trust user to enable remote desktop with supplied credentials +description: Learn how to deploy certificates to a cloud Kerberos trust and key trust user to enable remote desktop with supplied credentials. ms.prod: windows-client author: paolomatarazzo ms.author: paoloma @@ -84,13 +84,24 @@ Follow these steps to create a certificate template: 1. Open an elevated command prompt and change to a temporary working directory 1. Execute the following command, replacing `` with the Template name you took note of earlier in step 7c - `certutil -dstemplate > ` + + ```cmd + certutil -dstemplate > + ``` + 1. Open the text file created by the command above. - 1. Delete the last line of the output from the file that reads `CertUtil: -dsTemplate command completed successfully.` - 1. Modify the line that reads `pKIDefaultCSPs = "1,Microsoft Software Key Storage Provider"` to `pKIDefaultCSPs = "1,Microsoft Passport Key Storage Provider"` -1. Save the text file. + 1. Delete the last line of the output from the file that reads\ + `CertUtil: -dsTemplate command completed successfully.` + 1. Modify the line that reads\ + `pKIDefaultCSPs = "1,Microsoft Software Key Storage Provider"` to\ + `pKIDefaultCSPs = "1,Microsoft Passport Key Storage Provider"` +1. Save the text file 1. Update the certificate template by executing the following command: - `certutil -dsaddtemplate \.txt` + + ```cmd + certutil -dsaddtemplate + ``` + 1. In the Certificate Authority console, right-click **Certificate Templates**, select **New > Certificate Template to Issue** ![Selecting Certificate Template to Issue.](images/rdpcert/certificatetemplatetoissue.png) From 287324a7dc3f39d6c58253aed14a26edfafa79b0 Mon Sep 17 00:00:00 2001 From: Paolo Matarazzo <74918781+paolomatarazzo@users.noreply.github.com> Date: Tue, 15 Nov 2022 17:38:07 -0500 Subject: [PATCH 052/129] updates --- .../hello-deployment-rdp-certs.md | 90 ++++++++++--------- 1 file changed, 48 insertions(+), 42 deletions(-) diff --git a/windows/security/identity-protection/hello-for-business/hello-deployment-rdp-certs.md b/windows/security/identity-protection/hello-for-business/hello-deployment-rdp-certs.md index 08eac3591e..89d1beeda3 100644 --- a/windows/security/identity-protection/hello-for-business/hello-deployment-rdp-certs.md +++ b/windows/security/identity-protection/hello-for-business/hello-deployment-rdp-certs.md @@ -30,13 +30,15 @@ This document describes Windows Hello for Business functionalities or scenarios Windows Hello for Business supports using a certificate as the supplied credential when establishing a remote desktop connection to a server or other device. This document discusses three approaches for *cloud Kerberos trust* and *key trust* deployments, where authentication certificates can be deployed to an existing Windows Hello for Business user: -- Deploy certificates to hybrid joined devices using an on-premises Active Directory certificate enrollment policy +- Deploy certificates to hybrid joined devices using an on-premises Active Directory Certificate Services enrollment policy - Deploy certificates to hybrid or Azure AD-joined devices using Simple Certificate Enrollment Protocol (SCEP) and Intune - Work with non-Microsoft enterprise certificate authorities -## Deploy certificates to a hybrid joined devices using an on-premises Active Directory Certificate enrollment policy +## Deploy certificates via Active Directory Certificate Services (AD CS) -To deploy certificates using an on-premises Active Directory Certificate Services enrollment policy, you must first create a certificate template and then deploy certificates based on the template. +This scenario is applicable to hybrid Azure AD joined devices only. + +To deploy certificates using an on-premises Active Directory Certificate Services enrollment policy, you must first create a *certificate template* and then deploy certificates based on that template. Expand the following sections to learn more about the process. @@ -81,7 +83,6 @@ Follow these steps to create a certificate template: 1. On the **Security** tab, add the security group that you want to give **Enroll** access to. For example, if you want to give access to all users, select the **Authenticated** users group, and then select Enroll permissions for them 1. Select **OK** to finalize your changes and create the new template. Your new template should now appear in the list of Certificate Templates 1. Close the Certificate Templates console - 1. Open an elevated command prompt and change to a temporary working directory 1. Execute the following command, replacing `` with the Template name you took note of earlier in step 7c @@ -113,52 +114,54 @@ Follow these steps to create a certificate template:
    -Request a Certificate +Request a certificate -1. Ensure the hybrid Azure AD joined device has network line of sight to Active Directory domain controllers and the issuing certificate authority. -1. Start the **Certificates – Current User** console (%windir%\system32\certmgr.msc). -1. In the left pane of the MMC, right-click **Personal**, click **All Tasks**, and then click **Request New Certificate…** +1. Sign in to a client that is hybrid Azure AD joined, ensuring that the client has line of sight to a domain controller and the issuing CA +1. Open the **Certificates - Current User** Microsoft Management Console (MMC) - `%windir%\system32\certmgr.msc` +1. In the left pane of the MMC, right-click **Personal > All Tasks > Request New Certificate…** ![Request a new certificate.](images/rdpcert/requestnewcertificate.png) -1. On the Certificate Enrollment screen, click **Next**. -1. Under Select Certificate Enrollment Policy, ensure **Active Directory Enrollment Policy** is selected and then click **Next**. -1. Under Request Certificates, click the check-box next to the certificate template you created in the previous section (WHfB Certificate Authentication) and then click **Enroll**. -1. After a successful certificate request, click Finish on the Certificate Installation Results screen +1. On the Certificate Enrollment screen, select **Next** +1. Under *Select Certificate Enrollment Policy*, select **Active Directory Enrollment Policy > Next** +1. Under *Request Certificates*, select the check-box for the certificate template you created in the previous section (*WHfB Certificate Authentication*) and then select **Enroll** +1. After a successful certificate request, select **Finish** on the Certificate Installation Results screen
    ## Deploying a certificate to Hybrid or Azure AD Joined Devices using Simple Certificate Enrollment Protocol (SCEP) via Intune -Deploying a certificate to Azure AD Joined Devices may be achieved with the Simple Certificate Enrollment Protocol (SCEP) via Intune. For guidance deploying the required infrastructure, refer to [Configure infrastructure to support SCEP certificate profiles with Microsoft Intune](/mem/intune/protect/certificates-scep-configure). +Deploying a certificate to Azure AD joined or hybrid Azure AD joined devices may be achieved using the Simple Certificate Enrollment Protocol (SCEP) or PFX via Intune. For guidance deploying the required infrastructure, refer to [Configure infrastructure to support SCEP certificate profiles with Microsoft Intune](/mem/intune/protect/certificates-scep-configure). Next you should deploy the root CA certificate (and any other intermediate certificate authority certificates) to Azure AD Joined Devices using a Trusted root certificate profile with Intune. For guidance, refer to [Create trusted certificate profiles in Microsoft Intune](/mem/intune/protect/certificates-trusted-root). -Once these requirements have been met, a new device configuration profile may be configured from Intune that provisions a certificate for the user of the device. Proceed as follows: +Once these requirements are met, a policy can be configured in Intune that provisions certificates for the users on the targeted device. -1. Sign in to the Microsoft [Endpoint Manager admin center](https://go.microsoft.com/fwlink/?linkid=2109431). +
    +
    +Create a SCEP profile in Intune -1. Navigate to Devices \> Configuration Profiles \> Create profile. +Proceed as follows: +1. Sign in to the Microsoft [Endpoint Manager admin center](https://go.microsoft.com/fwlink/?linkid=2109431) +1. Navigate to Devices \> Configuration Profiles \> Create profile 1. Enter the following properties: - 1. For Platform, select **Windows 10 and later**. - 1. For Profile, select **SCEP Certificate**. - 1. Click **Create**. - + 1. For Platform, select **Windows 10 and later** + 1. For Profile, select **SCEP Certificate** + 1. Click **Create** 1. In **Basics**, enter the following parameters: - 1. **Name**: Enter a descriptive name for the profile. Name your profiles so you can easily identify them later. For example, a good profile name is SCEP profile for entire company. - 1. **Description**: Enter a description for the profile. This setting is optional, but recommended. - 1. Select **Next**. - + 1. **Name**: Enter a descriptive name for the profile. Name your profiles so you can easily identify them later. For example, a good profile name is SCEP profile for entire company + 1. **Description**: Enter a description for the profile. This setting is optional, but recommended + 1. Select **Next** 1. In the **Configuration settings**, complete the following: - 1. For Certificate Type, choose **User**. - 1. For Subject name format, set it to **CN={{UserPrincipalName}}**. - 1. Under Subject alternative name, select **User principal name (UPN)** from the drop-down menu and set the value to **CN={{UserPrincipalName}}**. - 1. For Certificate validity period, set a value of your choosing. - 1. For Key storage provider (KSP), choose **Enroll to Windows Hello for Business, otherwise fail (Windows 10 and later)**. - 1. For Key usage, choose **Digital Signature**. - 1. For Key size (bits), choose **2048**. - 1. For Hash algorithm, choose **SHA-2**. + 1. For Certificate Type, choose **User** + 1. For Subject name format, set it to **CN={{UserPrincipalName}}** + 1. Under Subject alternative name, select **User principal name (UPN)** from the drop-down menu and set the value to **CN={{UserPrincipalName}}** + 1. For Certificate validity period, set a value of your choosing + 1. For Key storage provider (KSP), choose **Enroll to Windows Hello for Business, otherwise fail (Windows 10 and later)** + 1. For Key usage, choose **Digital Signature** + 1. For Key size (bits), choose **2048** + 1. For Hash algorithm, choose **SHA-2** 1. Under Root Certificate, click **+Root Certificate** and select the trusted certificate profile you created earlier for the Root CA Certificate. 1. Under Extended key usage, add the following: @@ -171,34 +174,37 @@ Once these requirements have been met, a new device configuration profile may be 1. For SCEP Server URLs, provide the public endpoint that you configured during the deployment of your SCEP infrastructure. 1. Click **Next** 1. In Assignments, target the devices or users who should receive a certificate and click **Next** - 1. In Applicability Rules, provide additional issuance restrictions if required and click **Next** - 1. In Review + create, click **Create** +
    + +
    +
    +Request a certificate Once the configuration profile has been created, targeted clients will receive the profile from Intune on their next refresh cycle. You should find a new certificate in the user store. To validate the certificate is present, do the following steps: 1. Open the Certificates - Current User console (%windir%\system32\certmgr.msc) - 1. In the left pane of the MMC, expand **Personal** and select **Certificates** - 1. In the right-hand pane of the MMC, check for the new certificate > [!NOTE] > This infrastructure may also deploy the same certificates to co-managed or modern-managed Hybrid Azure Active Directory-Joined devices using Intune Policies. +
    + ## Using non-Microsoft Enterprise Certificate Authorities -If you are using a Public Key Infrastructure that uses non-Microsoft services, the certificate templates published to the on-premises Active Directory may not be available. For guidance with integration of Intune/SCEP with non-Microsoft PKI deployments, refer to [Use third-party certification authorities (CA) with SCEP in Microsoft Intune](/mem/intune/protect/certificate-authority-add-scep-overview). +If you are using a non-Microsoft PKI, the certificate templates published to the on-premises Active Directory may not be available. For guidance with integration of Intune/SCEP with non-Microsoft PKI deployments, refer to [Use third-party certification authorities (CA) with SCEP in Microsoft Intune](/mem/intune/protect/certificate-authority-add-scep-overview). As an alternative to using SCEP or if none of the previously covered solutions will work in your environment, you can manually generate Certificate Signing Requests (CSR) for submission to your PKI. To assist with this approach, you can use the [Generate-CertificateRequest](https://www.powershellgallery.com/packages/Generate-CertificateRequest) PowerShell commandlet. -The Generate-CertificateRequest commandlet will generate an .inf file for a pre-existing Windows Hello for Business key. The .inf can be used to generate a certificate request manually using certreq.exe. The commandlet will also generate a .req file, which can be submitted to your PKI for a certificate. +The `Generate-CertificateRequest` commandlet will generate an *.inf* file for a pre-existing Windows Hello for Business key. The *.inf* can be used to generate a certificate request manually using `certreq.exe`. The commandlet will also generate a *.req* file, which can be submitted to your PKI for a certificate. ## RDP Sign-in with Windows Hello for Business Certificate Authentication -After adding the certificate using an approach from any of the previous sections, you should be able to RDP to any Windows device or server in the same Forest as the user’s on-premises Active Directory account, provided the PKI certificate chain for the issuing certificate authority is deployed to that target server. +After adding the certificate using an approach from any of the previous sections, you can RDP to any Windows device or server in the same Forest as the user's Active Directory account, provided the PKI certificate chain for the issuing certificate authority is deployed to that target server. -1. Open the Remote Desktop Client (%windir%\system32\mstsc.exe) on the Hybrid Azure Active Directory-Joined client where the authentication certificate has been deployed. -1. Attempt an RDP session to a target server. -1. Use the certificate credential protected by your Windows Hello for Business gesture. +1. Open the Remote Desktop Client (`%windir%\system32\mstsc.exe`) on the client where the authentication certificate has been deployed +1. Attempt an RDP session to a target server +1. Use the certificate credential protected by your Windows Hello for Business gesture to authenticate \ No newline at end of file From 15e5f42549fff7b0aef3d142fea95d6b7961ecd3 Mon Sep 17 00:00:00 2001 From: Paolo Matarazzo <74918781+paolomatarazzo@users.noreply.github.com> Date: Tue, 15 Nov 2022 17:41:44 -0500 Subject: [PATCH 053/129] updates --- .../hello-for-business/hello-deployment-rdp-certs.md | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/windows/security/identity-protection/hello-for-business/hello-deployment-rdp-certs.md b/windows/security/identity-protection/hello-for-business/hello-deployment-rdp-certs.md index 89d1beeda3..bc9258e92e 100644 --- a/windows/security/identity-protection/hello-for-business/hello-deployment-rdp-certs.md +++ b/windows/security/identity-protection/hello-for-business/hello-deployment-rdp-certs.md @@ -36,7 +36,8 @@ Windows Hello for Business supports using a certificate as the supplied credenti ## Deploy certificates via Active Directory Certificate Services (AD CS) -This scenario is applicable to hybrid Azure AD joined devices only. +> [!NOTE] +> This process is applicable to hybrid Azure AD joined devices only. To deploy certificates using an on-premises Active Directory Certificate Services enrollment policy, you must first create a *certificate template* and then deploy certificates based on that template. @@ -129,7 +130,10 @@ Follow these steps to create a certificate template:
    -## Deploying a certificate to Hybrid or Azure AD Joined Devices using Simple Certificate Enrollment Protocol (SCEP) via Intune +## Deploy certificates via Microsoft Intune + +> [!NOTE] +> This process is applicable to both *Azure AD joined* and *hybrid Azure AD joined* devices that are managed via Intune. Deploying a certificate to Azure AD joined or hybrid Azure AD joined devices may be achieved using the Simple Certificate Enrollment Protocol (SCEP) or PFX via Intune. For guidance deploying the required infrastructure, refer to [Configure infrastructure to support SCEP certificate profiles with Microsoft Intune](/mem/intune/protect/certificates-scep-configure). From cc823ddab56a781c5d39b51475da347c64aa07e3 Mon Sep 17 00:00:00 2001 From: Paolo Matarazzo <74918781+paolomatarazzo@users.noreply.github.com> Date: Tue, 15 Nov 2022 18:21:38 -0500 Subject: [PATCH 054/129] updates --- education/windows/edu-stickers.md | 4 ++++ .../security/identity-protection/hello-for-business/toc.yml | 2 +- 2 files changed, 5 insertions(+), 1 deletion(-) diff --git a/education/windows/edu-stickers.md b/education/windows/edu-stickers.md index dc25c4e817..b87b1f8db9 100644 --- a/education/windows/edu-stickers.md +++ b/education/windows/edu-stickers.md @@ -41,6 +41,10 @@ Stickers aren't enabled by default. Follow the instructions below to configure y [!INCLUDE [intune-custom-settings-2](includes/intune-custom-settings-2.md)] [!INCLUDE [intune-custom-settings-info](includes/intune-custom-settings-info.md)] +```msgraph-interactive +POST https://graph.microsoft.com/beta/deviceManagement/deviceConfigurations/{"id":"00-0000-0000-0000-000000000000","displayName":"Stickers","roleScopeTagIds":["0"],"@odata.type":"#microsoft.graph.windows10CustomConfiguration","omaSettings":[{"omaUri":"./Vendor/MSFT/Policy/Config/Stickers/EnableStickers","displayName":"EnableStickers","@odata.type":"#microsoft.graph.omaSettingInteger","value":1}]} +``` + #### [:::image type="icon" source="images/icons/provisioning-package.svg"::: **PPKG**](#tab/ppkg) To configure devices using a provisioning package, [create a provisioning package][WIN-1] using Windows Configuration Designer (WCD) with the following settings: diff --git a/windows/security/identity-protection/hello-for-business/toc.yml b/windows/security/identity-protection/hello-for-business/toc.yml index e0319abca3..17b5735a4f 100644 --- a/windows/security/identity-protection/hello-for-business/toc.yml +++ b/windows/security/identity-protection/hello-for-business/toc.yml @@ -69,7 +69,7 @@ href: hello-hybrid-cert-whfb-settings.md - name: Sign-in and provisioning href: hello-hybrid-cert-whfb-provision.md - - name: On-premises singe-sign-on (SSO) for Azure AD joined devices + - name: On-premises single-sign-on (SSO) for Azure AD joined devices items: - name: On-premises SSO for Azure AD joined devices href: hello-hybrid-aadj-sso.md From 21674db962c90d796b48ca30a2f9128a5258a58f Mon Sep 17 00:00:00 2001 From: Paolo Matarazzo <74918781+paolomatarazzo@users.noreply.github.com> Date: Tue, 15 Nov 2022 18:40:10 -0500 Subject: [PATCH 055/129] updates --- education/windows/edu-stickers.md | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/education/windows/edu-stickers.md b/education/windows/edu-stickers.md index b87b1f8db9..500bd36b8f 100644 --- a/education/windows/edu-stickers.md +++ b/education/windows/edu-stickers.md @@ -45,6 +45,12 @@ Stickers aren't enabled by default. Follow the instructions below to configure y POST https://graph.microsoft.com/beta/deviceManagement/deviceConfigurations/{"id":"00-0000-0000-0000-000000000000","displayName":"Stickers","roleScopeTagIds":["0"],"@odata.type":"#microsoft.graph.windows10CustomConfiguration","omaSettings":[{"omaUri":"./Vendor/MSFT/Policy/Config/Stickers/EnableStickers","displayName":"EnableStickers","@odata.type":"#microsoft.graph.omaSettingInteger","value":1}]} ``` +Try this policy in your tenant: + +```msgraph-interactive +https://developer.microsoft.com/en-us/graph/graph-explorer?request=deviceManagement%2FdeviceConfigurations&method=POST&version=beta&GraphUrl=https://graph.microsoft.com&requestBody=eyJpZCI6IjAwLTAwMDAtMDAwMC0wMDAwLTAwMDAwMDAwMDAwMCIsImRpc3BsYXlOYW1lIjoiU3RpY2tlcnMiLCJyb2xlU2NvcGVUYWdJZHMiOlsiMCJdLCJAb2RhdGEudHlwZSI6IiNtaWNyb3NvZnQuZ3JhcGgud2luZG93czEwQ3VzdG9tQ29uZmlndXJhdGlvbiIsIm9tYVNldHRpbmdzIjpbeyJvbWFVcmkiOiIuL1ZlbmRvci9NU0ZUL1BvbGljeS9Db25maWcvU3RpY2tlcnMvRW5hYmxlU3RpY2tlcnMiLCJkaXNwbGF5TmFtZSI6IkVuYWJsZVN0aWNrZXJzIiwiQG9kYXRhLnR5cGUiOiIjbWljcm9zb2Z0LmdyYXBoLm9tYVNldHRpbmdJbnRlZ2VyIiwidmFsdWUiOjF9XX0= +``` + #### [:::image type="icon" source="images/icons/provisioning-package.svg"::: **PPKG**](#tab/ppkg) To configure devices using a provisioning package, [create a provisioning package][WIN-1] using Windows Configuration Designer (WCD) with the following settings: From ad1d79d377114e8509d24413875dabcf67f7936d Mon Sep 17 00:00:00 2001 From: Paolo Matarazzo <74918781+paolomatarazzo@users.noreply.github.com> Date: Tue, 15 Nov 2022 19:48:29 -0500 Subject: [PATCH 056/129] test --- education/windows/edu-stickers.md | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/education/windows/edu-stickers.md b/education/windows/edu-stickers.md index 500bd36b8f..ea06e4b2ba 100644 --- a/education/windows/edu-stickers.md +++ b/education/windows/edu-stickers.md @@ -51,6 +51,10 @@ Try this policy in your tenant: https://developer.microsoft.com/en-us/graph/graph-explorer?request=deviceManagement%2FdeviceConfigurations&method=POST&version=beta&GraphUrl=https://graph.microsoft.com&requestBody=eyJpZCI6IjAwLTAwMDAtMDAwMC0wMDAwLTAwMDAwMDAwMDAwMCIsImRpc3BsYXlOYW1lIjoiU3RpY2tlcnMiLCJyb2xlU2NvcGVUYWdJZHMiOlsiMCJdLCJAb2RhdGEudHlwZSI6IiNtaWNyb3NvZnQuZ3JhcGgud2luZG93czEwQ3VzdG9tQ29uZmlndXJhdGlvbiIsIm9tYVNldHRpbmdzIjpbeyJvbWFVcmkiOiIuL1ZlbmRvci9NU0ZUL1BvbGljeS9Db25maWcvU3RpY2tlcnMvRW5hYmxlU3RpY2tlcnMiLCJkaXNwbGF5TmFtZSI6IkVuYWJsZVN0aWNrZXJzIiwiQG9kYXRhLnR5cGUiOiIjbWljcm9zb2Z0LmdyYXBoLm9tYVNldHRpbmdJbnRlZ2VyIiwidmFsdWUiOjF9XX0= ``` +```msgraph-interactive +POST https://graph.microsoft.com/beta/deviceManagement/deviceConfigurations/&requestBody={"id":"00-0000-0000-0000-000000000000","displayName":"Stickers","roleScopeTagIds":["0"],"@odata.type":"#microsoft.graph.windows10CustomConfiguration","omaSettings":[{"omaUri":"./Vendor/MSFT/Policy/Config/Stickers/EnableStickers","displayName":"EnableStickers","@odata.type":"#microsoft.graph.omaSettingInteger","value":1}]} +``` + #### [:::image type="icon" source="images/icons/provisioning-package.svg"::: **PPKG**](#tab/ppkg) To configure devices using a provisioning package, [create a provisioning package][WIN-1] using Windows Configuration Designer (WCD) with the following settings: From 8ea9bcb6ecda4c9a7d8af1e90ba19a45626be4dc Mon Sep 17 00:00:00 2001 From: Paolo Matarazzo <74918781+paolomatarazzo@users.noreply.github.com> Date: Tue, 15 Nov 2022 19:54:26 -0500 Subject: [PATCH 057/129] update --- education/windows/edu-stickers.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/education/windows/edu-stickers.md b/education/windows/edu-stickers.md index ea06e4b2ba..f89fe5b379 100644 --- a/education/windows/edu-stickers.md +++ b/education/windows/edu-stickers.md @@ -52,7 +52,7 @@ https://developer.microsoft.com/en-us/graph/graph-explorer?request=deviceManagem ``` ```msgraph-interactive -POST https://graph.microsoft.com/beta/deviceManagement/deviceConfigurations/&requestBody={"id":"00-0000-0000-0000-000000000000","displayName":"Stickers","roleScopeTagIds":["0"],"@odata.type":"#microsoft.graph.windows10CustomConfiguration","omaSettings":[{"omaUri":"./Vendor/MSFT/Policy/Config/Stickers/EnableStickers","displayName":"EnableStickers","@odata.type":"#microsoft.graph.omaSettingInteger","value":1}]} +POST https://graph.microsoft.com?request=deviceManagement%2FdeviceConfigurations&method=POST&version=beta&GraphUrl=https://graph.microsoft.com&requestBody=eyJpZCI6IjAwLTAwMDAtMDAwMC0wMDAwLTAwMDAwMDAwMDAwMCIsImRpc3BsYXlOYW1lIjoiU3RpY2tlcnMiLCJyb2xlU2NvcGVUYWdJZHMiOlsiMCJdLCJAb2RhdGEudHlwZSI6IiNtaWNyb3NvZnQuZ3JhcGgud2luZG93czEwQ3VzdG9tQ29uZmlndXJhdGlvbiIsIm9tYVNldHRpbmdzIjpbeyJvbWFVcmkiOiIuL1ZlbmRvci9NU0ZUL1BvbGljeS9Db25maWcvU3RpY2tlcnMvRW5hYmxlU3RpY2tlcnMiLCJkaXNwbGF5TmFtZSI6IkVuYWJsZVN0aWNrZXJzIiwiQG9kYXRhLnR5cGUiOiIjbWljcm9zb2Z0LmdyYXBoLm9tYVNldHRpbmdJbnRlZ2VyIiwidmFsdWUiOjF9XX0= ``` #### [:::image type="icon" source="images/icons/provisioning-package.svg"::: **PPKG**](#tab/ppkg) From e735b28998f4bb3c1a3f8cbe1b00dc31d572c886 Mon Sep 17 00:00:00 2001 From: Angela Fleischmann Date: Tue, 15 Nov 2022 18:24:42 -0700 Subject: [PATCH 058/129] Update delivery-optimization-test.md Add end bars on table cells. Add missing periods. Delete extra commas. --- .../do/delivery-optimization-test.md | 86 +++++++++---------- 1 file changed, 43 insertions(+), 43 deletions(-) diff --git a/windows/deployment/do/delivery-optimization-test.md b/windows/deployment/do/delivery-optimization-test.md index 2b6316d222..a7af3ce745 100644 --- a/windows/deployment/do/delivery-optimization-test.md +++ b/windows/deployment/do/delivery-optimization-test.md @@ -51,87 +51,87 @@ Several elements that influence overall peering, using Delivery Optimization. Th ### Scenario 1: Basic Setup **Goal:** -Demonstrate how Delivery Optimization peer-to-peer technology works using two machines, in a controlled test environment +Demonstrate how Delivery Optimization peer-to-peer technology works using two machines in a controlled test environment **Expected Results:** -Machine 1 will download zero bytes from peers, Machine 2 will download 50 - 99% from peers. +Machine 1 will download zero bytes from peers and Machine 2 will download 50-99% from peers. #### Test Machine Setup |Setup Checklist| Value/Explanation |--------|-------------------------------| -|Number of machines used| 2 -|Virtual Machines/physical devices| 2 -|Windows OS version | Windows 10 (21H2) and Windows 11 (21H2) -|RAM | 8 GB -|Disk size | 127 GB -|Network | Connected to same network, one that is representative of the corporate network. -|Pause Windows Updates | This controls the test environment so no other content is made available during the test, and potentially altering the outcome of the test. If there are problems and no peering happens, use 'Get-DeliveryOptimizationStatus' on the first machine to return a real-time list of the connected peers. -|Ensure all Store apps are up to date | This will help prevent any new, unexpected updates to download during testing. -|Delivery Optimization 'Download Mode' Policy | 2 (Group)(set on each machine) -|Delivery Optimization 'GroupID' Policy | Set the *same* 'GUID' on each test machine. A GUID is a required value, which can be generated using PowerShell, ‘[[guid]::NewGuid().](https://blogs.technet.microsoft.com/heyscriptingguy/2013/07/25/powertip-create-a-new-guid-by-using-powershell/)’. -|**Required on Windows 11 devices only** set Delivery Optimization 'Restrict Peer Selection' policy | 0-NAT (set on each machine). The default behavior in Windows 11 is set to '2-Local Peer Discovery'. For testing purposes, this needs to be scoped to the NAT. +|Number of machines used| 2 | +|Virtual Machines/physical devices| 2 | +|Windows OS version | Windows 10 (21H2) and Windows 11 (21H2) | +|RAM | 8 GB | +|Disk size | 127 GB | +|Network | Connected to same network, one that is representative of the corporate network. | +|Pause Windows Updates | This controls the test environment so no other content is made available during the test, and potentially altering the outcome of the test. If there are problems and no peering happens, use 'Get-DeliveryOptimizationStatus' on the first machine to return a real-time list of the connected peers. | +|Ensure all Store apps are up to date | This will help prevent any new, unexpected updates to download during testing. | +|Delivery Optimization 'Download Mode' Policy | 2 (Group)(set on each machine) | +|Delivery Optimization 'GroupID' Policy | Set the *same* 'GUID' on each test machine. A GUID is a required value, which can be generated using PowerShell, ‘[[guid]::NewGuid().](https://blogs.technet.microsoft.com/heyscriptingguy/2013/07/25/powertip-create-a-new-guid-by-using-powershell/)’. | +|**Required on Windows 11 devices only** set Delivery Optimization 'Restrict Peer Selection' policy | 0-NAT (set on each machine). The default behavior in Windows 11 is set to '2-Local Peer Discovery'. For testing purposes, this needs to be scoped to the NAT. | #### Test Instructions The following set of instructions will be used for each machine: 1. Open PowerShell console as 'Administrator'. - * Clear the DO cache: ‘Delete-DeliveryOptimizationCache’ - * Run 'Get-DeliveryOptimizationStatus' -2. Open MS Store and search for 'Asphalt Legends 9'. Select ‘Get’ to initiate the download of the content (Content size: ~3.4 GB). + * Clear the DO cache: 'Delete-DeliveryOptimizationCache'. + * Run 'Get-DeliveryOptimizationStatus'. +2. Open MS Store and search for 'Asphalt Legends 9'. Select *Get* to initiate the download of the content (content size: ~3.4 GB). **On machine #1** -* Run ‘Test Instructions’ +* Run 'Test Instructions' |Windows 10 | Windows 11 |--------|-------------------------------| | :::image type="content" source="images/test-scenarios/win10/m1-basic-complete.png" alt-text="Windows 10 21H2 - Machine 1 - Basic Test." lightbox="images/test-scenarios/win10/m1-basic-complete.png"::: | :::image type="content" source="images/test-scenarios/win11/m1-basic-complete.png" alt-text="Windows 11 21H2 - Machine 1 - Basic Test." lightbox="images/test-scenarios/win11/m1-basic-complete.png"::: | | **Observations** | | -| * No peers were found on the first machine downloading the content.
    * 'TotalBytesDownloaded' is equal to the file size.
    * Status is set to 'Caching' the content so future peers can use it.
    * Download was happening in the foreground.
    * DownloadMode is set to 'Group' and no peers were found.
    * No distinct observations seen between Window 10 and Windows 11 devices. +| * No peers were found on the first machine downloading the content.
    * 'TotalBytesDownloaded' is equal to the file size.
    * Status is set to 'Caching' the content so future peers can use it.
    * Download was happening in the foreground.
    * DownloadMode is set to 'Group' and no peers were found.
    * No distinct observations seen between Window 10 and Windows 11 devices. | -*Wait 5 minutes* +*Wait 5 minutes*. **On machine #2** -* Run ‘Test Instructions’ +* Run 'Test Instructions' -|Windows 10 | Windows 11 +|Windows 10 | Windows 11 | |--------|--------------------------------| | :::image type="content" source="images/test-scenarios/win10/m2-basic-complete.png" alt-text="Windows 10 21H2 - Machine 2 - Basic Test." lightbox="images/test-scenarios/win10/m2-basic-complete.png"::: | :::image type="content" source="images/test-scenarios/win11/m2-basic-complete.png" alt-text="Windows 11 21H2 - Machine 2 - Basic Test." lightbox="images/test-scenarios/win11/m2-basic-complete.png":::| | **Observations** | **Observations**| -| * A peer was found for the content and 87% of total bytes came from the peer.
    * One peer was found for the piece of content, which is expected as there are only two devices in the peering group.
    * Download mode was set to 'Group', but since group mode includes both LAN and Group devices, Delivery Optimization prioritizes LAN peers, if found. Therefore, 'BytesFromLanPeers' shows bytes where 'BytesFromGroupPeers' doesn't.
    * 'DownloadDuration' is roughly the same between machines.|* A peer was found for the content and 90% of total bytes came from the peer.
    * All other points are the same as Windows 10 results. +| * A peer was found for the content and 87% of total bytes came from the peer.
    * One peer was found for the piece of content, which is expected as there are only two devices in the peering group.
    * Download mode was set to 'Group', but since group mode includes both LAN and Group devices, Delivery Optimization prioritizes LAN peers, if found. Therefore, 'BytesFromLanPeers' shows bytes where 'BytesFromGroupPeers' doesn't.
    * 'DownloadDuration' is roughly the same between machines.|* A peer was found for the content and 90% of total bytes came from the peer.
    * All other points are the same as Windows 10 results. | ### Scenario 2: Advance Setup **Goal:** -Demonstrate how Delivery Optimization peer-to-peer technology works in a non-controlled environment, expanding to three machines +Demonstrate how Delivery Optimization peer-to-peer technology works in a non-controlled environment and expanding to three machines **Expected Results:** -Machine 1 will download zero bytes from peers, Machine 2 will find peers and download 50 - 99% from peers. Machine 3 will find two peers and download 50 - 99% from peers. +Machine 1 will download zero bytes from peers and Machine 2 will find peers and download 50-99% from peers. Machine 3 will find two peers and download 50-99% from peers. #### Test Machine Setup -|Setup Checklist| Value/Explanation +|Setup Checklist| Value/Explanation | |--------|-------------------------------| -|Number of machines used| 3 -|Virtual Machines| 3 -|Windows OS version | Windows 10 (21H2) -|RAM | 8 GB -|Disk size|127 GB -|Network | Connected to same network, one that is representative of the corporate network. -|Delivery Optimization 'Download Mode' Policy| 2 (Group)(set on each machine) -|Delivery Optimization 'Group ID' Policy| Set the *same* 'GUID' on each test machine. A GUID is required value, which can be generated using PowerShell, ‘[[guid]::NewGuid().](https://blogs.technet.microsoft.com/heyscriptingguy/2013/07/25/powertip-create-a-new-guid-by-using-powershell/)’ -|Delivery Optimization 'Delay background download from http' Policy | 60 (set on each machine) -|Delivery Optimization 'Delay foreground download from http Policy |60 (set on each machine) +|Number of machines used| 3 | +|Virtual Machines| 3 | +|Windows OS version | Windows 10 (21H2) | +|RAM | 8 GB | +|Disk size | 127 GB | +|Network | Connected to same network, one that is representative of the corporate network. | +|Delivery Optimization 'Download Mode' Policy| 2 (Group)(set on each machine) | +|Delivery Optimization 'Group ID' Policy| Set the *same* 'GUID' on each test machine. A GUID is required value, which can be generated using PowerShell, '[guid]::NewGuid().](https://blogs.technet.microsoft.com/heyscriptingguy/2013/07/25/powertip-create-a-new-guid-by-using-powershell/)'. | +|Delivery Optimization 'Delay background download from http' Policy | 60 (set on each machine) | +|Delivery Optimization 'Delay foreground download from http Policy |60 (set on each machine) | #### Testing Instructions The following set of instructions will be used for each machine: -1. Clear the DO cache: ‘Delete-DeliveryOptimizationCache’ -2. Open MS Store and search for 'Asphalt Legends 9'. Select ‘Get’ to initiate the download of the content (Content size: ~3.4 GB). -3. Open PowerShell console as Administrator. Run 'Get-DeliveryOptimizationStatus' +1. Clear the DO cache: ‘Delete-DeliveryOptimizationCache’. +2. Open MS Store and search for 'Asphalt Legends 9'. Select *Get* to initiate the download of the content (content size: ~3.4 GB). +3. Open PowerShell console as Administrator. Run 'Get-DeliveryOptimizationStatus'. **On machine #1:** @@ -147,7 +147,7 @@ The following set of instructions will be used for each machine: * Download is in the ‘Foreground’ because the Store app is doing the download and in the foreground on the device because it is initiated by the user in the Store app. * No peers are found. -*Wait 5 minutes* +*Wait 5 minutes*. **On machine #2:** @@ -180,11 +180,11 @@ The following set of instructions will be used for each machine: ## Peer sourcing observations for all machines in the test group -As mentioned, the distributed nature of the Delivery Optimization technology is obvious when you rerun the ‘Get-DeliveryOptimizationStatus’ cmdlet on each of the test machines. For each, there's a new value populated for the ‘BytesToLanPeers’ field. This demonstrates that as more peers become available, the requests to download bytes are distributed across the peering group and act as the source for the peering content. Each peer plays a role in servicing the other. +The distributed nature of the Delivery Optimization technology is obvious when you rerun the ‘Get-DeliveryOptimizationStatus’ cmdlet on each of the test machines. For each, there's a new value populated for the ‘BytesToLanPeers’ field. This demonstrates that as more peers become available, the requests to download bytes are distributed across the peering group and act as the source for the peering content. Each peer plays a role in servicing the other. **Output:** Machine 1 -'BytesToPeers' sourced from Machine 1 are '5704426044'. This represents the total number of bytes, downloaded by the two peers in the group. +'BytesToPeers' sourced from Machine 1 are '5704426044'. This represents the total number of bytes downloaded by the two peers in the group. ![Windows 10 21H2 - Machine 1 - Advanced BytesToPeers Test.](images/test-scenarios/win10/m1-adv-bytes-to-peers.png) @@ -202,8 +202,8 @@ As mentioned, the distributed nature of the Delivery Optimization technology is ## Conclusion -Using Delivery Optimization can help make a big impact in customer environments to optimize bandwidth. The peer-to-peer technology offers many configurations, designed to be flexible for any organization. Delivery Optimization uses a distributed cache, across different sources, to ensure the most optimal download experience while limiting the resources used on each device. +Using Delivery Optimization can help make a big impact in customer environments to optimize bandwidth. The peer-to-peer technology offers many configurations designed to be flexible for any organization. Delivery Optimization uses a distributed cache across different sources to ensure the most optimal download experience, while limiting the resources used on each device. -The testing scenarios found in this document help to show a controlled test environment, helping to prevent updates from interrupting the peering results. The other, a more real-world case, to demonstrate how content available across peers will both be used as the source of the content. +The testing scenarios found in this document help to show a controlled test environment, helping to prevent updates from interrupting the peering results. The other, a more real-world case, demonstrates how content available across peers will be used as the source of the content. If there are issues found while testing, the Delivery Optimization PowerShell [cmdlets.](waas-delivery-optimization-setup.md) can be a helpful tool to help explain what is happening in the environment. From 6f9260d8a51a0cd1e3d6f3dc8b5893695adc8268 Mon Sep 17 00:00:00 2001 From: Frank Rojas <45807133+frankroj@users.noreply.github.com> Date: Tue, 15 Nov 2022 22:42:36 -0500 Subject: [PATCH 059/129] Metadata/style update BitLocker 12 --- ...ion-for-bitlocker-planning-and-policies.md | 91 ++++---- ...nd-storage-area-networks-with-bitlocker.md | 133 ++++++------ .../bitlocker/troubleshoot-bitlocker.md | 53 ++--- .../ts-bitlocker-cannot-encrypt-issues.md | 69 ++++--- .../ts-bitlocker-cannot-encrypt-tpm-issues.md | 120 ++++++----- .../bitlocker/ts-bitlocker-config-issues.md | 194 +++++++++--------- 6 files changed, 363 insertions(+), 297 deletions(-) diff --git a/windows/security/information-protection/bitlocker/prepare-your-organization-for-bitlocker-planning-and-policies.md b/windows/security/information-protection/bitlocker/prepare-your-organization-for-bitlocker-planning-and-policies.md index fa155fea15..a76b56a2d3 100644 --- a/windows/security/information-protection/bitlocker/prepare-your-organization-for-bitlocker-planning-and-policies.md +++ b/windows/security/information-protection/bitlocker/prepare-your-organization-for-bitlocker-planning-and-policies.md @@ -1,6 +1,6 @@ --- -title: Prepare your organization for BitLocker Planning and policies (Windows 10) -description: This article for the IT professional explains how can you plan your BitLocker deployment. +title: Prepare the organization for BitLocker Planning and policies (Windows 10) +description: This article for the IT professional explains how can to plan for a BitLocker deployment. ms.reviewer: ms.prod: windows-client ms.localizationpriority: medium @@ -15,7 +15,7 @@ ms.custom: bitlocker ms.technology: itpro-security --- -# Prepare your organization for BitLocker: Planning and policies +# Prepare an organization for BitLocker: Planning and policies *Applies to:* @@ -25,18 +25,22 @@ ms.technology: itpro-security This article for the IT professional explains how to plan BitLocker deployment. -When you design your BitLocker deployment strategy, define the appropriate policies and configuration requirements based on the business requirements of your organization. The following sections will help you collect information. Use this information to help with your decision-making process about deploying and managing BitLocker systems. +When BitLocker deployment strategy is defined, define the appropriate policies and configuration requirements based on the business requirements of the organization. The following sections will help with collecting information. Use this information to help with the decision-making process about deploying and managing BitLocker systems. -## Audit your environment +## Audit the environment -To plan your BitLocker deployment, understand your current environment. Do an informal audit to define your current policies, procedures, and hardware environment. Review your existing disk encryption software corporate security policies. If your organization isn't using disk encryption software, then none of these policies will exist. If you use disk encryption software, then you might need to change your organization's policies to use the BitLocker features. +To plan a BitLocker deployment, understand the current environment. Perform an informal audit to define the current policies, procedures, and hardware environment. Review the existing disk encryption software corporate security policies. If the organization isn't using disk encryption software, then none of these policies will exist. If disk encryption software is being used, then the organization's policies might need to be changed to use the BitLocker features. -To help you document your organization's current disk encryption security policies, answer the following questions: +To help document the organization's current disk encryption security policies, answer the following questions: 1. Are there policies to determine which computers will use BitLocker and which computers won't use BitLocker? + 2. What policies exist to control recovery password and recovery key storage? + 3. What are the policies for validating the identity of users who need to perform BitLocker recovery? + 4. What policies exist to control who in the organization has access to recovery data? + 5. What policies exist to control computer decommissioning or retirement? ## Encryption keys and authentication @@ -48,51 +52,52 @@ BitLocker helps prevent unauthorized access to data on lost or stolen computers The trusted platform module (TPM) is a hardware component installed in many newer computers by the computer manufacturers. It works with BitLocker to help protect user data. And, help make sure a computer hasn't been tampered with while the system was offline. -Also, BitLocker can lock the normal startup process until the user supplies a personal identification number (PIN) or inserts a removable USB device, such as a flash drive, that contains a startup key. These extra security measures provide multifactor authentication. They also make sure that the computer won't start or resume from hibernation until the correct PIN or startup key is presented. +Also, BitLocker can lock the normal startup process until the user supplies a personal identification number (PIN) or inserts a removable USB device that contains a startup key. These extra security measures provide multifactor authentication. They also make sure that the computer won't start or resume from hibernation until the correct PIN or startup key is presented. -On computers that don't have a TPM version 1.2 or higher, you can still use BitLocker to encrypt the Windows operating system volume. However, this implementation requires the user to insert a USB startup key to start the computer or resume from hibernation. It doesn't provide the pre-startup system integrity verification offered by BitLocker working with a TPM. +On computers that don't have a TPM version 1.2 or higher, BitLocker can still be used to encrypt the Windows operating system volume. However, this implementation requires the user to insert a USB startup key to start the computer or resume from hibernation. It doesn't provide the pre-startup system integrity verification offered by BitLocker working with a TPM. ### BitLocker key protectors + | Key protector | Description | | - | - | -| TPM | A hardware device used to help establish a secure root-of-trust. BitLocker only supports TPM 1.2 or higher versions.| -| PIN | A user-entered numeric key protector that can only be used in addition to the TPM.| -| Enhanced PIN | A user-entered alphanumeric key protector that can only be used in addition to the TPM.| -| Startup key | An encryption key that can be stored on most removable media. This key protector can be used alone on non-TPM computers, or in conjunction with a TPM for added security.| -| Recovery password | A 48-digit number used to unlock a volume when it is in recovery mode. Numbers can often be typed on a regular keyboard. If the numbers on the normal keyboard are not responding, you can always use the function keys (F1-F10) to input the numbers.| -| Recovery key| An encryption key stored on removable media that can be used for recovering data encrypted on a BitLocker volume.| +| *TPM* | A hardware device used to help establish a secure root-of-trust. BitLocker only supports TPM 1.2 or higher versions.| +| *PIN* | A user-entered numeric key protector that can only be used in addition to the TPM.| +| *Enhanced PIN* | A user-entered alphanumeric key protector that can only be used in addition to the TPM.| +| *Startup key* | An encryption key that can be stored on most removable media. This key protector can be used alone on non-TPM computers, or with a TPM for added security.| +| *Recovery password* | A 48-digit number used to unlock a volume when it is in recovery mode. Numbers can often be typed on a regular keyboard. If the numbers on the normal keyboard aren't responding, the function keys (F1-F10) can be used to input the numbers.| +| *Recovery key*| An encryption key stored on removable media that can be used for recovering data encrypted on a BitLocker volume.| ### BitLocker authentication methods | Authentication method | Requires user interaction | Description | | - | - | - | -| TPM only| No| TPM validates early boot components.| -| TPM + PIN | Yes| TPM validates early boot components. The user must enter the correct PIN before the start-up process can continue, and before the drive can be unlocked. The TPM enters lockout if the incorrect PIN is entered repeatedly, to protect the PIN from brute force attacks. The number of repeated attempts that will trigger a lockout is variable.| -| TPM + Network key | No | The TPM successfully validates early boot components, and a valid encrypted network key has been provided from the WDS server. This authentication method provides automatic unlock of operating system volumes at system reboot while still maintaining multifactor authentication. | -| TPM + startup key| Yes| The TPM successfully validates early boot components, and a USB flash drive containing the startup key has been inserted.| -| Startup key only | Yes| The user is prompted for the USB flash drive that has the recovery key and/or startup key, and then reboot the computer.| +| *TPM only*| No| TPM validates early boot components.| +| *TPM + PIN* | Yes| TPM validates early boot components. The user must enter the correct PIN before the start-up process can continue, and before the drive can be unlocked. The TPM enters lockout if the incorrect PIN is entered repeatedly, to protect the PIN from brute force attacks. The number of repeated attempts that will trigger a lockout is variable.| +| *TPM + Network key* | No | The TPM successfully validates early boot components, and a valid encrypted network key has been provided from the WDS server. This authentication method provides automatic unlock of operating system volumes at system reboot while still maintaining multifactor authentication. | +| *TPM + startup key* | Yes| The TPM successfully validates early boot components, and a USB flash drive containing the startup key has been inserted.| +| *Startup key only* | Yes| The user is prompted for the USB flash drive that has the recovery key and/or startup key, and then reboot the computer.| -**Will you support computers without TPM 1.2 or higher versions?** +#### Will computers without TPM 1.2 or higher versions be supported? -Determine whether you will support computers that don't have a TPM 1.2 or higher versions in your environment. If you choose to support BitLocker on this type of computer, a user must use a USB startup key to boot the system. This startup key requires extra support processes similar to multifactor authentication. +Determine whether computers that don't have a TPM 1.2 or higher versions in the environment will be supported. If it's decided to support computers with TPM 1.2 or higher versions, a user must use a USB startup key to boot the system. This startup key requires extra support processes similar to multifactor authentication. -**What areas of your organization need a baseline level of data protection?** +#### What areas of the organization need a baseline level of data protection? The TPM-only authentication method provides the most transparent user experience for organizations that need a baseline level of data protection to meet security policies. It has the lowest total cost of ownership. TPM-only might also be more appropriate for computers that are unattended or that must reboot unattended. However, TPM-only authentication method offers the lowest level of data protection. This authentication method protects against attacks that modify early boot components. But, the level of protection can be affected by potential weaknesses in hardware or in the early boot components. BitLocker's multifactor authentication methods significantly increase the overall level of data protection. -**What areas of your organization need a more secure level of data protection?** +#### What areas of the organization need a more secure level of data protection? -If there are user computers with highly sensitive data, then deploy BitLocker with multifactor authentication on those systems. Requiring the user to input a PIN significantly increases the level of protection for the system. You can also use BitLocker Network Unlock to allow these computers to automatically unlock when connected to a trusted wired network that can provide the Network Unlock key. +If there are user computers with highly sensitive data, then deploy BitLocker with multifactor authentication on those systems. Requiring the user to input a PIN significantly increases the level of protection for the system. BitLocker Network Unlock can also be used to allow these computers to automatically unlock when connected to a trusted wired network that can provide the Network Unlock key. -**What multifactor authentication method does your organization prefer?** +#### What multifactor authentication method does the organization prefer? The protection differences provided by multifactor authentication methods can't be easily quantified. Consider each authentication method's impact on Helpdesk support, user education, user productivity, and any automated systems management processes. ## TPM hardware configurations -In your deployment plan, identify what TPM-based hardware platforms will be supported. Document the hardware models from an OEM of your choice so that their configurations can be tested and supported. TPM hardware requires special consideration during all aspects of planning and deployment. +In the deployment plan, identify what TPM-based hardware platforms will be supported. Document the hardware models from an OEM(s) being used by the organization so that their configurations can be tested and supported. TPM hardware requires special consideration during all aspects of planning and deployment. ### TPM 1.2 states and initialization @@ -110,13 +115,13 @@ For more information about the TPM and the TCG, see the Trusted Computing Group: Devices that don't include a TPM can still be protected by drive encryption. Windows To Go workspaces can be BitLocker protected using a startup password and PCs without a TPM can use a startup key. -Use the following questions to identify issues that might affect your deployment in a non-TPM configuration: +Use the following questions to identify issues that might affect the deployment in a non-TPM configuration: - Are password complexity rules in place? -- Do you have budget for USB flash drives for each of these computers? -- Do your existing non-TPM devices support USB devices at boot time? +- Is there a budget for USB flash drives for each of these computers? +- Do existing non-TPM devices support USB devices at boot time? -Test your individual hardware platforms with the BitLocker system check option while you're enabling BitLocker. The system check makes sure that BitLocker can read the recovery information from a USB device and encryption keys correctly before it encrypts the volume. CD and DVD drives can't act as a block storage device and can't be used to store the BitLocker recovery material. +Test the individual hardware platforms with the BitLocker system check option while enabling BitLocker. The system check makes sure that BitLocker can read the recovery information from a USB device and encryption keys correctly before it encrypts the volume. CD and DVD drives can't act as a block storage device and can't be used to store the BitLocker recovery material. ## Disk configuration considerations @@ -125,17 +130,17 @@ To function correctly, BitLocker requires a specific disk configuration. BitLock - The operating system partition contains the operating system and its support files; it must be formatted with the NTFS file system - The system partition (or boot partition) includes the files needed to load Windows after the BIOS or UEFI firmware has prepared the system hardware. BitLocker isn't enabled on this partition. For BitLocker to work, the system partition must not be encrypted, and must be on a different partition than the operating system. On UEFI platforms, the system partition must be formatted with the FAT 32-file system. On BIOS platforms, the system partition must be formatted with the NTFS file system. It should be at least 350 MB in size. -Windows setup automatically configures the disk drives of your computer to support BitLocker encryption. +Windows setup automatically configures the disk drives of computers to support BitLocker encryption. Windows Recovery Environment (Windows RE) is an extensible recovery platform that is based on Windows Pre-installation Environment (Windows PE). When the computer fails to start, Windows automatically transitions into this environment, and the Startup Repair tool in Windows RE automates the diagnosis and repair of an unbootable Windows installation. Windows RE also contains the drivers and tools that are needed to unlock a volume protected by BitLocker by providing a recovery key or recovery password. To use Windows RE with BitLocker, the Windows RE boot image must be on a volume that isn't protected by BitLocker. -Windows RE can also be used from boot media other than the local hard disk. If you don't install Windows RE on the local hard disk of BitLocker-enabled computers, then you can use different boot methods. For example, you can use Windows Deployment Services, CD-ROM, or USB flash drive for recovery. +Windows RE can also be used from boot media other than the local hard disk. If Windows RE isn't installed on the local hard disk of BitLocker-enabled computers, then different methods can be used to boot Windows RE. For example, Windows Deployment Services (WDS), CD-ROM, or USB flash drive can be used for recovery. ## BitLocker provisioning In Windows Vista and Windows 7, BitLocker was provisioned after the installation for system and data volumes. It used the `manage-bde` command line interface or the Control Panel user interface. With newer operating systems, BitLocker can be provisioned before the operating system is installed. Preprovisioning requires the computer have a TPM. -To check the BitLocker status of a particular volume, administrators can look at the drive status in the BitLocker control panel applet or Windows Explorer. The "Waiting For Activation" status with a yellow exclamation icon means that the drive was preprovisioned for BitLocker. This status means that there was only a clear protector used when encrypting the volume. In this case, the volume isn't protected, and needs to have a secure key added to the volume before the drive is considered fully protected. Administrators can use the control panel options, `manage-bde` tool, or WMI APIs to add an appropriate key protector. The volume status will be updated. +To check the BitLocker status of a particular volume, administrators can look at the drive status in the BitLocker control panel applet or Windows Explorer. The "Waiting For Activation" status with a yellow exclamation icon means that the drive was preprovisioned for BitLocker. This status means that there was only a clear protector used when encrypting the volume. In this case, the volume isn't protected, and needs to have a secure key added to the volume before the drive is considered fully protected. Administrators can use the control panel options, the **manage-bde** tool, or WMI APIs to add an appropriate key protector. The volume status will be updated. When using the control panel options, administrators can choose to **Turn on BitLocker** and follow the steps in the wizard to add a protector, such as a PIN for an operating system volume (or a password if no TPM exists), or a password or smart card protector to a data volume. Then the drive security window is presented before changing the volume status. @@ -145,7 +150,7 @@ Administrators can enable BitLocker before to operating system deployment from t The BitLocker Setup wizard provides administrators the ability to choose the Used Disk Space Only or Full encryption method when enabling BitLocker for a volume. Administrators can use the new BitLocker group policy setting to enforce either Used Disk Space Only or Full disk encryption. -Launching the BitLocker Setup wizard prompts for the authentication method to be used (password and smart card are available for data volumes). Once the method is chosen and the recovery key is saved, you're asked to choose the drive encryption type. Select Used Disk Space Only or Full drive encryption. +Launching the BitLocker Setup wizard prompts for the authentication method to be used (password and smart card are available for data volumes). Once the method is chosen and the recovery key is saved, the wizard asks to choose the drive encryption type. Select Used Disk Space Only or Full drive encryption. With Used Disk Space Only, just the portion of the drive that contains data will be encrypted. Unused space will remain unencrypted. This behavior causes the encryption process to be much faster, especially for new PCs and data drives. When BitLocker is enabled with this method, as data is added to the drive, the portion of the drive used is encrypted. So, there's never unencrypted data stored on the drive. @@ -155,7 +160,7 @@ With Full drive encryption, the entire drive is encrypted, whether data is store BitLocker integrates with Active Directory Domain Services (AD DS) to provide centralized key management. By default, no recovery information is backed up to Active Directory. Administrators can configure the following group policy setting for each drive type to enable backup of BitLocker recovery information: -Computer Configuration\\Administrative Templates\\Windows Components\\BitLocker Drive Encryption\\*drive type*\\Choose how BitLocker-protected drives can be recovered. +**Computer Configuration** > **Administrative Templates** > **Windows Components** > **BitLocker Drive Encryption** > ***drive type*** > **Choose how BitLocker-protected drives can be recovered**. By default, only Domain Admins have access to BitLocker recovery information, but [access can be delegated to others](/archive/blogs/craigf/delegating-access-in-ad-to-bitlocker-recovery-information). @@ -167,7 +172,7 @@ The following recovery data is saved for each computer object: - **Key package data** - With this key package and the recovery password, you will be able to decrypt portions of a BitLocker-protected volume if the disk is severely damaged. Each key package works only with the volume it was created on, which is identified by the corresponding volume ID. + With this key package and the recovery password, portions of a BitLocker-protected volume can be decrypted if the disk is severely damaged. Each key package works only with the volume it was created on, which is identified by the corresponding volume ID. ## FIPS support for recovery password protector @@ -176,21 +181,25 @@ Functionality introduced in Windows Server 2012 R2 and Windows 8.1 allows BitLoc > [!NOTE] > The United States Federal Information Processing Standard (FIPS) defines security and interoperability requirements for computer systems that are used by the U.S. Federal Government. The FIPS-140 standard defines approved cryptographic algorithms. The FIPS-140 standard also sets forth requirements for key generation and for key management. The National Institute of Standards and Technology (NIST) uses the Cryptographic Module Validation Program (CMVP) to determine whether a particular implementation of a cryptographic algorithm is compliant with the FIPS-140 standard. An implementation of a cryptographic algorithm is considered FIPS-140-compliant only if it has been submitted for and has passed NIST validation. An algorithm that has not been submitted cannot be considered FIPS-compliant even if the implementation produces identical data as a validated implementation of the same algorithm. -Before these supported versions of Windows, when Windows was in FIPS mode, BitLocker prevented the creation or use of recovery passwords and instead forced the user to use recovery keys. For more information about these issues, see the support article [kb947249](/troubleshoot/windows-client/windows-security/bitlocker-recovery-password-not-fips-compliant). +Before these supported versions of Windows, when Windows was in FIPS mode, BitLocker prevented the creation or use of recovery passwords and instead forced the user to use recovery keys. For more information about these issues, see the support article [The recovery password for Windows BitLocker isn't available when FIPS compliant policy is set in Windows](/troubleshoot/windows-client/windows-security/bitlocker-recovery-password-not-fips-compliant). -But on computers running these supported systems with BitLocker enabled: +However, on computers running these supported systems with BitLocker enabled: - FIPS-compliant recovery password protectors can be created when Windows is in FIPS mode. These protectors use the FIPS-140 NIST SP800-132 algorithm. + - Recovery passwords created in FIPS mode on Windows 8.1 can be distinguished from recovery passwords created on other systems. + - Recovery unlock using the FIPS-compliant, algorithm-based recovery password protector works in all cases that currently work for recovery passwords. + - When FIPS-compliant recovery passwords unlock volumes, the volume is unlocked to allow read/write access even while in FIPS mode. + - FIPS-compliant recovery password protectors can be exported and stored in AD a while in FIPS mode. The BitLocker Group Policy settings for recovery passwords work the same for all Windows versions that support BitLocker, whether in FIPS mode or not. -On Windows Server 2012 R2 and Windows 8.1 and older, you can't use recovery passwords generated on a system in FIPS mode. Recovery passwords created on Windows Server 2012 R2 and Windows 8.1 are incompatible with BitLocker on operating systems older than Windows Server 2012 R2 and Windows 8.1. So, recovery keys should be used instead. +On Windows Server 2012 R2 and Windows 8.1 and older, recovery passwords generated on a system in FIPS mode can't be used. Recovery passwords created on Windows Server 2012 R2 and Windows 8.1 are incompatible with BitLocker on operating systems older than Windows Server 2012 R2 and Windows 8.1. So, recovery keys should be used instead. -## More information +## Related articles - [Trusted Platform Module](../tpm/trusted-platform-module-top-node.md) - [TPM Group Policy settings](../tpm/trusted-platform-module-services-group-policy-settings.md) diff --git a/windows/security/information-protection/bitlocker/protecting-cluster-shared-volumes-and-storage-area-networks-with-bitlocker.md b/windows/security/information-protection/bitlocker/protecting-cluster-shared-volumes-and-storage-area-networks-with-bitlocker.md index 4283cdaa53..1d91e76698 100644 --- a/windows/security/information-protection/bitlocker/protecting-cluster-shared-volumes-and-storage-area-networks-with-bitlocker.md +++ b/windows/security/information-protection/bitlocker/protecting-cluster-shared-volumes-and-storage-area-networks-with-bitlocker.md @@ -24,7 +24,7 @@ This article describes the procedure to protect cluster shared volumes (CSVs) an BitLocker protects both physical disk resources and cluster shared volumes version 2.0 (CSV2.0). BitLocker on clustered volumes provides an extra layer of protection that can be used by administrators wishing to protect sensitive, highly available data. The administrators use this extra layer of protection to increase the security to resources. Only certain user accounts provided access to unlock the BitLocker volume. -## Configuring BitLocker on Cluster Shared Volumes +## Configuring BitLocker on Cluster Shared Volumes ### Using BitLocker with clustered volumes @@ -32,146 +32,150 @@ Volumes within a cluster are managed with the help of BitLocker based on how the > [!IMPORTANT] > SANs used with BitLocker must have obtained Windows Hardware Certification. For more info, see [Windows Hardware Lab Kit](/windows-hardware/drivers/). - + Instead, the volume can be a cluster-shared volume. Windows Server 2012 expanded the CSV architecture, now known as CSV2.0, to enable support for BitLocker. The volumes that are designated for a cluster must do the following tasks: - It must turn on BitLocker—only after this task is done, can the volumes be added to the storage pool. - It must put the resource into maintenance mode before BitLocker operations are completed. -Windows PowerShell or the manage-bde command-line interface is the preferred method to manage BitLocker on CSV2.0 volumes. This method is recommended over the BitLocker Control Panel item because CSV2.0 volumes are mount points. Mount points are an NTFS object that is used to provide an entry point to other volumes. Mount points don't require the use of a drive letter. Volumes that lack drive letters don't appear in the BitLocker Control Panel item. Additionally, the new Active Directory-based protector option required for cluster disk resource or CSV2.0 resources isn't available in the Control Panel item. +Windows PowerShell or the `manage-bde.exe` command-line tool is the preferred method to manage BitLocker on CSV2.0 volumes. This method is recommended over the BitLocker Control Panel item because CSV2.0 volumes are mount points. Mount points are an NTFS object that is used to provide an entry point to other volumes. Mount points don't require the use of a drive letter. Volumes that lack drive letters don't appear in the BitLocker Control Panel item. Additionally, the new Active Directory-based protector option required for cluster disk resource or CSV2.0 resources isn't available in the Control Panel item. > [!NOTE] > Mount points can be used to support remote mount points on SMB-based network shares. This type of share is not supported for BitLocker encryption. - -If there's a thinly provisioned storage, such as a dynamic virtual hard disk (VHD), BitLocker runs in **Used Disk Space Only** encryption mode. You can't use the **manage-bde -WipeFreeSpace** command to transition the volume to full-volume encryption on thinly provisioned storage volumes. The usage of **manage-bde -WipeFreeSpace** command is blocked to avoid expanding thinly provisioned volumes to occupy the entire backing store while wiping the unoccupied (free) space. + +If there's a thinly provisioned storage, such as a dynamic virtual hard disk (VHD), BitLocker runs in **Used Disk Space Only** encryption mode. The **`manage-bde.exe -WipeFreeSpace`** command can't be used to transition the volume to full-volume encryption on thinly provisioned storage volumes. The usage of **`manage-bde.exe -WipeFreeSpace`** command is blocked to avoid expanding thinly provisioned volumes to occupy the entire backing store while wiping the unoccupied (free) space. ### Active Directory-based protector -You can also use an Active Directory Domain Services (AD DS) protector for protecting clustered volumes held within your AD DS infrastructure. The **ADAccountOrGroup** protector is a domain security identifier (SID)-based protector that can be bound to a user account, machine account, or group. When an unlock request is made for a protected volume, the following events take place: +An Active Directory Domain Services (AD DS) protector can also be used for protecting clustered volumes held within the AD DS infrastructure. The **ADAccountOrGroup** protector is a domain security identifier (SID)-based protector that can be bound to a user account, machine account, or group. When an unlock request is made for a protected volume, the following events take place: -- BitLocker service interrupts the request and uses the BitLocker protect/unprotect APIs to unlock or deny the request. +- BitLocker service interrupts the request and uses the BitLocker protect/unprotect APIs to unlock or deny the request. - BitLocker will unlock protected volumes without user intervention by attempting protectors in the following order: 1. Clear key 2. Driver-based auto-unlock key 3. **ADAccountOrGroup** protector - + a. Service context protector - + b. User protector - + 4. Registry-based auto-unlock key > [!NOTE] > A Windows Server 2012 or later domain controller is required for this feature to work properly. - + ### Turning on BitLocker before adding disks to a cluster using Windows PowerShell BitLocker encryption is available for disks before these disks are added to a cluster storage pool. > [!NOTE] -> The advantage of The Bitlocker encryption can even be made available for disks after they are added to a cluster storage pool. -The advantage of encrypting volumes prior to adding them to a cluster is that the disk resource need not be suspended to complete the operation. +> The advantage of The Bitlocker encryption can even be made available for disks after they are added to a cluster storage pool. +The advantage of encrypting volumes prior to adding them to a cluster is that the disk resource need not be suspended to complete the operation. To turn on BitLocker for a disk before adding it to a cluster: 1. Install the BitLocker Drive Encryption feature if it isn't already installed. + 2. Ensure the disk is an NTFS-formatted one and has a drive letter assigned to it. + 3. Identify the name of the cluster with Windows PowerShell. - ```powershell + ``` powershell Get-Cluster ``` -4. Enable BitLocker on the volume of your choice with an **ADAccountOrGroup** protector, using the cluster name. For example, use a command such as: - ```powershell +4. Enable BitLocker on a volume with an **ADAccountOrGroup** protector, using the cluster name. For example, use a command such as: + + ``` powershell Enable-BitLocker E: -ADAccountOrGroupProtector -ADAccountOrGroup CLUSTER$ ``` + > [!WARNING] - > You must configure an **ADAccountOrGroup** protector using the cluster CNO for a BitLocker enabled volume to either be shared in a Cluster Shared Volume or to fail over properly in a traditional failover cluster. - + > An **ADAccountOrGroup** protector must be configured using the cluster CNO for a BitLocker enabled volume to either be shared in a Cluster Shared Volume or to fail over properly in a traditional failover cluster. + 5. Repeat the preceding steps for each disk in the cluster. 6. Add the volume(s) to the cluster. ### Turning on BitLocker for a clustered disk using Windows PowerShell -When the cluster service owns a disk resource already, the disk resource needs to be set into maintenance mode before BitLocker can be enabled. To turn on the Bitlocker for a clustered disk using Windows PowerShell, perform the following steps: +When the cluster service owns a disk resource already, the disk resource needs to be set into maintenance mode before BitLocker can be enabled. To turn on the BitLocker for a clustered disk using Windows PowerShell, perform the following steps: 1. Install the BitLocker drive encryption feature if it isn't already installed. + 2. Check the status of the cluster disk using Windows PowerShell. - ```powershell + ``` powershell Get-ClusterResource "Cluster Disk 1" ``` + 3. Put the physical disk resource into maintenance mode using Windows PowerShell. - ```powershell + ``` powershell Get-ClusterResource "Cluster Disk 1" | Suspend-ClusterResource ``` + 4. Identify the name of the cluster with Windows PowerShell. - ```powershell + ``` powershell Get-Cluster ``` -5. Enable BitLocker on the volume of your choice with an **ADAccountOrGroup** protector, using the cluster name. For example, use a command such as: - ```powershell +5. Enable BitLocker a volume with an **ADAccountOrGroup** protector, using the cluster name. For example, use a command such as: + + ``` powershell Enable-BitLocker E: -ADAccountOrGroupProtector -ADAccountOrGroup CLUSTER$ ``` > [!WARNING] - > You must configure an **ADAccountOrGroup** protector using the cluster CNO for a BitLocker-enabled volume to either be shared in a cluster-shared Volume or to fail over properly in a traditional failover cluster. - + > An **ADAccountOrGroup** protector must be configured using the cluster CNO for a BitLocker-enabled volume to either be shared in a cluster-shared Volume or to fail over properly in a traditional failover cluster. + 6. Use **Resume-ClusterResource** to take back the physical disk resource out of maintenance mode: - ```powershell + ``` powershell Get-ClusterResource "Cluster Disk 1" | Resume-ClusterResource ``` + 7. Repeat the preceding steps for each disk in the cluster. -### Adding BitLocker-encrypted volumes to a cluster using manage-bde +### Adding BitLocker-encrypted volumes to a cluster using `manage-bde.exe` -You can also use **manage-bde** to enable BitLocker on clustered volumes. The steps needed to add a physical disk resource or CSV2.0 volume to an existing cluster are: +**`Manage-bde.exe`** can also be used to enable BitLocker on clustered volumes. The steps needed to add a physical disk resource or CSV2.0 volume to an existing cluster are: 1. Verify that the BitLocker drive encryption feature is installed on the computer. + 2. Ensure new storage is formatted as NTFS. -3. Encrypt the volume, add a recovery key and add the cluster administrator as a protector key using the**manage-bde** command line interface (see example): - - `manage-bde.exe -on -used -RP -sid domain\CNO$ -sync` +3. Encrypt the volume, add a recovery key and add the cluster administrator as a protector key using **`manage-bde.exe`** in a command prompt window. For example: - 1. BitLocker will check to see if the disk is already part of a cluster. If it is, administrators will encounter a hard block. Otherwise, the encryption continues. - 2. Using the -sync parameter is optional. However, using -sync parameter has the following advantage: - - The -sync parameter ensures the command waits until the encryption for the volume is completed. The volume is then released for use in the cluster storage pool. + ``` syntax + manage-bde.exe -on -used -RP -sid domain\CNO$ -sync + ``` + + 1. BitLocker will check to see if the disk is already part of a cluster. If it is, administrators will encounter a hard block. Otherwise, the encryption continues. + + 2. Using the -sync parameter is optional. However, using the -sync parameter has the advantage of ensuring the command waits until the encryption for the volume is completed. The volume is then released for use in the cluster storage pool. 4. Open the Failover Cluster Manager snap-in or cluster PowerShell cmdlets to enable the disk to be clustered. - - Once the disk is clustered, it's enabled for CSV. - 5. During the resource online operation, cluster checks whether the disk is BitLocker encrypted. 1. If the volume isn't BitLocker enabled, traditional cluster online operations occur. - 2. If the volume is BitLocker enabled, the following check occurs: + 2. If the volume is BitLocker enabled, BitLocker checks if the volume is **locked**. If the volume is **locked**, BitLocker impersonates the CNO and unlocks the volume using the CNO protector. If these actions by BitLocker fail, an event is logged. The logged event will state that the volume couldn't be unlocked and the online operation has failed. - - If volume is **locked**, BitLocker impersonates the CNO and unlocks the volume using the CNO protector. If these actions by BitLocker fail, an event is logged. The logged event will state that the volume couldn't be unlocked and the online operation has failed. +6. Once the disk is online in the storage pool, it can be added to a CSV by right-clicking the disk resource, and choosing "**Add to cluster shared volumes**". -6. Once the disk is online in the storage pool, it can be added to a CSV by right-clicking the disk resource and choosing "**Add to cluster shared volumes**". -CSVs include both encrypted and unencrypted volumes. To check the status of a particular volume for BitLocker encryption: administrators must do the following task: +CSVs include both encrypted and unencrypted volumes. To check the status of a particular volume for BitLocker encryption run the `manage-bde.exe -status` command as an administrator with a path to the volume. The path must be one that is inside the CSV namespace. For example: -- Utilize the **manage-bde -status** command with a path to the volume. - - The path must be one that is inside the CSV namespace as seen in the example command line below. - - -```powershell -manage-bde -status "C:\ClusterStorage\volume1" +``` syntax +manage-bde.exe -status "C:\ClusterStorage\volume1" ``` ### Physical disk resources - -Unlike CSV2.0 volumes, physical disk resources can only be accessed by one cluster node at a time. This condition means that operations such as encrypting, decrypting, locking or unlocking volumes require a context to perform. For example, you can't unlock or decrypt a physical disk resource if you aren't administering the cluster node that owns the disk resource because the disk resource isn't available. +Unlike CSV2.0 volumes, physical disk resources can only be accessed by one cluster node at a time. This condition means that operations such as encrypting, decrypting, locking, or unlocking volumes require a context to perform. For example, a physical disk resource can't unlock or decrypt if it isn't administering the cluster node that owns the disk resource because the disk resource isn't available. ### Restrictions on BitLocker actions with cluster volumes @@ -179,31 +183,38 @@ The following table contains information about both physical disk resources (tha | Action | On owner node of failover volume | On Metadata Server (MDS) of CSV | On (Data Server) DS of CSV | Maintenance Mode | |--- |--- |--- |--- |--- | -|**Manage-bde -on**|Blocked|Blocked|Blocked|Allowed| -|**Manage-bde -off**|Blocked|Blocked|Blocked|Allowed| -|**Manage-bde Pause/Resume**|Blocked|Blocked**|Blocked|Allowed| -|**Manage-bde -lock**|Blocked|Blocked|Blocked|Allowed| -|**manage-bde -wipe**|Blocked|Blocked|Blocked|Allowed| +|**`Manage-bde.exe -on`**|Blocked|Blocked|Blocked|Allowed| +|**`Manage-bde.exe -off`**|Blocked|Blocked|Blocked|Allowed| +|**`Manage-bde.exe Pause/Resume`**|Blocked|Blocked**|Blocked|Allowed| +|**`Manage-bde.exe -lock`**|Blocked|Blocked|Blocked|Allowed| +|**`Manage-bde.exe -wipe`**|Blocked|Blocked|Blocked|Allowed| |**Unlock**|Automatic via cluster service|Automatic via cluster service|Automatic via cluster service|Allowed| -|**manage-bde -protector -add**|Allowed|Allowed|Blocked|Allowed| -|**manage-bde -protector -delete**|Allowed|Allowed|Blocked|Allowed| -|**manage-bde -autounlock**|Allowed (not recommended)|Allowed (not recommended)|Blocked|Allowed (not recommended)| -|**Manage-bde -upgrade**|Allowed|Allowed|Blocked|Allowed| +|**`Manage-bde.exe -protector -add`**|Allowed|Allowed|Blocked|Allowed| +|**`Manage-bde.exe -protector -delete`**|Allowed|Allowed|Blocked|Allowed| +|**`Manage-bde.exe -autounlock`**|Allowed (not recommended)|Allowed (not recommended)|Blocked|Allowed (not recommended)| +|**`Manage-bde.exe -upgrade`**|Allowed|Allowed|Blocked|Allowed| |**Shrink**|Allowed|Allowed|Blocked|Allowed| |**Extend**|Allowed|Allowed|Blocked|Allowed| > [!NOTE] -> Although the **manage-bde -pause** command is blocked in clusters, the cluster service automatically resumes a paused encryption or decryption from the MDS node. - +> Although the **`manage-bde.exe -pause`** command is blocked in clusters, the cluster service automatically resumes a paused encryption or decryption from the MDS node. + In the case where a physical disk resource experiences a failover event during conversion, the new owning node detects that the conversion isn't complete and completes the conversion process. ### Other considerations when using BitLocker on CSV2.0 Some other considerations to take into account for BitLocker on clustered storage include: + - BitLocker volumes have to be initialized and begin encryption before they're available to add to a CSV2.0 volume. -- If an administrator needs to decrypt a CSV volume, remove the volume from the cluster or put it into disk maintenance mode. You can add the CSV back to the cluster while waiting for decryption to complete. + +- If an administrator needs to decrypt a CSV volume, remove the volume from the cluster or put it into disk maintenance mode. The CSV can be added back to the cluster while waiting for decryption to complete. + - If an administrator needs to start encrypting a CSV volume, remove the volume from the cluster or put it into maintenance mode. + - If conversion is paused with encryption in progress and the CSV volume is offline from the cluster, the cluster thread (health check) automatically resumes conversion when the volume is online to the cluster. + - If conversion is paused with encryption in progress and a physical disk resource volume is offline from the cluster, the BitLocker driver automatically resumes conversion when the volume is online to the cluster. + - If conversion is paused with encryption in progress, while the CSV volume is in maintenance mode, the cluster thread (health check) automatically resumes conversion when moving the volume back from maintenance. + - If conversion is paused with encryption in progress, while the disk resource volume is in maintenance mode, the BitLocker driver automatically resumes conversion when the volume is moved back from maintenance mode. diff --git a/windows/security/information-protection/bitlocker/troubleshoot-bitlocker.md b/windows/security/information-protection/bitlocker/troubleshoot-bitlocker.md index f6656b4fb9..8a4be9ec0b 100644 --- a/windows/security/information-protection/bitlocker/troubleshoot-bitlocker.md +++ b/windows/security/information-protection/bitlocker/troubleshoot-bitlocker.md @@ -16,25 +16,26 @@ ms.custom: bitlocker # Guidelines for troubleshooting BitLocker -This article addresses common issues in BitLocker and provides guidelines to troubleshoot these issues. This article also provides information such as what data to collect and what settings to check. This information makes your troubleshooting process much easier. +This article addresses common issues in BitLocker and provides guidelines to troubleshoot these issues. This article also provides information such as what data to collect and what settings to check. This information makes the troubleshooting process much easier. ## Review the event logs -Open Event Viewer and review the following logs under Applications and Services logs\\Microsoft\\Windows: +Open **Event Viewer** and review the following logs under **Applications and Services Logs** > **Microsoft** > **Windows**: -- **BitLocker-API**. Review the management log, the operational log, and any other logs that are generated in this folder. The default logs have the following unique names: +- **BitLocker-API**. Review the **Management** log, the **Operational** log, and any other logs that are generated in this folder. The default logs have the following unique names: - - Microsoft-Windows-BitLocker-API/BitLocker Operational - - Microsoft-Windows-BitLocker-API/BitLocker Management + - **Microsoft-Windows-BitLocker-API/Management** + - **Microsoft-Windows-BitLocker-API/Operational** + - **Microsoft-Windows-BitLocker-API/Tracing** - only displayed when **Show Analytic and Debug Logs** is enabled -- **BitLocker-DrivePreparationTool**. Review the admin log, the operational log, and any other logs that are generated in this folder. The default logs have the following unique names: +- **BitLocker-DrivePreparationTool**. Review the **Admin** log, the **Operational** log, and any other logs that are generated in this folder. The default logs have the following unique names: - - Microsoft-Windows-BitLocker-DrivePreparationTool/Operational - - Microsoft-Windows-BitLocker-DrivePreparationTool/Admin + - **Microsoft-Windows-BitLocker-DrivePreparationTool/Admin** + - **Microsoft-Windows-BitLocker-DrivePreparationTool/Operational** -Additionally, review the Windows logs\\System log for events that were produced by the TPM and TPM-WMI event sources. +Additionally, review the **Windows Logs** > **System** log for events that were produced by the TPM and TPM-WMI event sources. -To filter and display or export logs, you can use the [wevtutil.exe](/windows-server/administration/windows-commands/wevtutil) command-line tool or the [Get-WinEvent](/powershell/module/microsoft.powershell.diagnostics/get-winevent?view=powershell-6&preserve-view=true) cmdlet. +To filter and display or export logs, the [wevtutil.exe](/windows-server/administration/windows-commands/wevtutil) command-line tool or the [Get-WinEvent](/powershell/module/microsoft.powershell.diagnostics/get-winevent?view=powershell-6&preserve-view=true) PowerShell cmdlet can be used. For example, to use `wevtutil.exe` to export the contents of the operational log from the BitLocker-API folder to a text file that is named `BitLockerAPIOpsLog.txt`, open a Command Prompt window, and run the following command: @@ -48,7 +49,7 @@ To use the **Get-WinEvent** cmdlet to export the same log to a comma-separated t Get-WinEvent -logname "Microsoft-Windows-BitLocker/BitLocker Operational" | Export-Csv -Path Bitlocker-Operational.csv ``` -You can use Get-WinEvent in an elevated PowerShell window to display filtered information from the system or application log by using the following syntax: +The Get-WinEvent can be used in an elevated PowerShell window to display filtered information from the system or application log by using the following syntax: - To display BitLocker-related information: @@ -83,11 +84,11 @@ You can use Get-WinEvent in an elevated PowerShell window to display filtered in ![Display of events that is produced by using Get-WinEvent and a TPM filter.](./images/psget-winevent-2.png) > [!NOTE] -> If you intend to contact Microsoft Support, it is recommended that you export the logs listed in this section. +> When contacting Microsoft Support, it is recommended to export the logs listed in this section. ## Gather status information from the BitLocker technologies -Open an elevated Windows PowerShell window, and run each of the following commands. +Open an elevated Windows PowerShell window, and run each of the following commands: |Command |Notes | | --- | --- | @@ -99,52 +100,52 @@ Open an elevated Windows PowerShell window, and run each of the following comman ## Review the configuration information -1. Open an elevated Command Prompt window, and run the following commands. +1. Open an elevated Command Prompt window, and run the following commands: |Command |Notes | | --- | --- | |[**gpresult.exe /h \**](/windows-server/administration/windows-commands/gpresult) |Exports the Resultant Set of Policy information, and saves the information as an HTML file. | |[**msinfo.exe /report \ /computer \**](/windows-server/administration/windows-commands/msinfo32) |Exports comprehensive information about the hardware, system components, and software environment on the local computer. The **/report** option saves the information as a .txt file. | -1. Open Registry Editor, and export the entries in the following subkeys: +2. Open Registry Editor, and export the entries in the following subkeys: - - **HKLM\\SOFTWARE\\Policies\\Microsoft\\FVE** - - **HKLM\\SYSTEM\\CurrentControlSet\\Services\\TPM\\** + - **`HKLM\SOFTWARE\Policies\Microsoft\FVE`** + - **`HKLM\SYSTEM\CurrentControlSet\Services\TPM\`** ## Check the BitLocker prerequisites Common settings that can cause issues for BitLocker include the following scenarios: -- The TPM must be unlocked. You can check the output of the **get-tpm** command for the status of the TPM. +- The TPM must be unlocked. Check the output of the **`get-tpm`** PowerShell cmdlet command for the status of the TPM. -- Windows RE must be enabled. You can check the output of the **reagentc** command for the status of WindowsRE. +- Windows RE must be enabled. Check the output of the **`reagentc.exe`** command for the status of WindowsRE. - The system-reserved partition must use the correct format. - On Unified Extensible Firmware Interface (UEFI) computers, the system-reserved partition must be formatted as FAT32. - On legacy computers, the system-reserved partition must be formatted as NTFS. -- If the device that you're troubleshooting is a slate or tablet PC, use to verify the status of the **Enable use of BitLocker authentication requiring preboot keyboard input on slates** option. +- If the device being troubleshot is a slate or tablet PC, use to verify the status of the **Enable use of BitLocker authentication requiring preboot keyboard input on slates** option. For more information about the BitLocker prerequisites, see [BitLocker basic deployment: Using BitLocker to encrypt volumes](./bitlocker-basic-deployment.md#using-bitlocker-to-encrypt-volumes) ## Next steps -If the information that you've examined so far indicates a specific issue (for example, WindowsRE isn't enabled), the issue may have a straightforward fix. +If the information examined so far indicates a specific issue (for example, WindowsRE isn't enabled), the issue may have a straightforward fix. -Resolving issues that don't have obvious causes depends on exactly which components are involved and what behavior you see. The information that you've gathered helps you narrow down the areas to investigate. +Resolving issues that don't have obvious causes depends on exactly which components are involved and what behavior is being see. The gathered information helps narrow down the areas to investigate. -- If you're working on a device that is managed by Microsoft Intune, see [Enforcing BitLocker policies by using Intune: known issues](ts-bitlocker-intune-issues.md). +- If the device being troubleshot is managed by Microsoft Intune, see [Enforcing BitLocker policies by using Intune: known issues](ts-bitlocker-intune-issues.md). -- If BitLocker doesn't start or can't encrypt a drive and you notice errors or events that are related to the TPM, see [BitLocker can't encrypt a drive: known TPM issues](ts-bitlocker-cannot-encrypt-tpm-issues.md). +- If BitLocker doesn't start or can't encrypt a drive and errors or events that are related to the TPM are occurring, see [BitLocker can't encrypt a drive: known TPM issues](ts-bitlocker-cannot-encrypt-tpm-issues.md). - If BitLocker doesn't start or can't encrypt a drive, see [BitLocker can't encrypt a drive: known issues](ts-bitlocker-cannot-encrypt-issues.md). - If BitLocker Network Unlock doesn't behave as expected, see [BitLocker Network Unlock: known issues](ts-bitlocker-network-unlock-issues.md). -- If BitLocker doesn't behave as expected when you recover an encrypted drive, or if you didn't expect BitLocker to recover the drive, see [BitLocker recovery: known issues](ts-bitlocker-recovery-issues.md). +- If BitLocker doesn't behave as expected when an encrypted drive is recovered, or if BitLocker unexpectedly recovered a drive, see [BitLocker recovery: known issues](ts-bitlocker-recovery-issues.md). -- If BitLocker or the encrypted drive doesn't behave as expected, and you notice errors or events that are related to the TPM, see [BitLocker and TPM: other known issues](ts-bitlocker-tpm-issues.md). +- If BitLocker or the encrypted drive doesn't behave as expected, and errors or events that are related to the TPM are occurring, see [BitLocker and TPM: other known issues](ts-bitlocker-tpm-issues.md). - If BitLocker or the encrypted drive doesn't behave as expected, see [BitLocker configuration: known issues](ts-bitlocker-config-issues.md). diff --git a/windows/security/information-protection/bitlocker/ts-bitlocker-cannot-encrypt-issues.md b/windows/security/information-protection/bitlocker/ts-bitlocker-cannot-encrypt-issues.md index 2e17d0ddb3..b281be9901 100644 --- a/windows/security/information-protection/bitlocker/ts-bitlocker-cannot-encrypt-issues.md +++ b/windows/security/information-protection/bitlocker/ts-bitlocker-cannot-encrypt-issues.md @@ -1,5 +1,5 @@ --- -title: BitLocker cannot encrypt a drive known issues +title: BitLocker can't encrypt a drive known issues description: Provides guidance for troubleshooting known issues that may prevent BitLocker Drive Encryption from encrypting a drive ms.reviewer: kaushika ms.technology: itpro-security @@ -14,58 +14,63 @@ ms.date: 11/08/2022 ms.custom: bitlocker --- -# BitLocker cannot encrypt a drive: known issues +# BitLocker can't encrypt a drive: known issues This article describes common issues that prevent BitLocker from encrypting a drive. This article also provides guidance to address these issues. > [!NOTE] -> If you have determined that your BitLocker issue involves the trusted platform module (TPM), see [BitLocker cannot encrypt a drive: known TPM issues](ts-bitlocker-cannot-encrypt-tpm-issues.md). +> If it is determined that the BitLocker issue involves the trusted platform module (TPM), see [BitLocker cannot encrypt a drive: known TPM issues](ts-bitlocker-cannot-encrypt-tpm-issues.md). -## Error 0x80310059: BitLocker drive encryption is already performing an operation on this drive +## **Error 0x80310059: BitLocker drive encryption is already performing an operation on this drive** -When you turn on BitLocker Drive Encryption on a computer that is running Windows 10 Professional or Windows 11, you receive a message that resembles the following: +When BitLocker Drive Encryption is turned on a computer that is running Windows 10 Professional or Windows 11, the following message may appear: -> **ERROR:** An error occurred (code 0x80310059):BitLocker Drive Encryption is already performing an operation on this drive. Please complete all operations before continuing.NOTE: If the -on switch has failed to add key protectors or start encryption,you may need to call manage-bde -off before attempting -on again. +> **ERROR: An error occurred (code 0x80310059): BitLocker Drive Encryption is already performing an operation on this drive. Please complete all operations before continuing. NOTE: If the -on switch has failed to add key protectors or start encryption, you may need to call manage-bde -off before attempting -on again.** -### Cause +### Cause of **Error 0x80310059** This issue may be caused by settings that are controlled by group policy objects (GPOs). -### Resolution +### Resolution for **Error 0x80310059** > [!IMPORTANT] -> Follow the steps in this section carefully. Serious problems might occur if you modify the registry incorrectly. Before you modify it, [back up the registry for restoration](https://support.microsoft.com/help/322756) in case problems occur. +> Follow the steps in this section carefully. Serious problems might occur if the registry is modified incorrectly. Before modifying the registry, [back up the registry for restoration](https://support.microsoft.com/help/322756) in case problems occur. To resolve this issue, follow these steps: 1. Start Registry Editor, and navigate to the following subkey: - **HKEY\_LOCAL\_MACHINE\\SOFTWARE\\Policies\\Microsoft\\FVE** + **`HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\FVE`** -1. Delete the following entries: - - **OSPlatformValidation\_BIOS** - - **OSPlatformValidation\_UEFI** - - **PlatformValidation** +2. Delete the following entries: -1. Exit registry editor, and turn on BitLocker drive encryption again. + - **`OSPlatformValidation_BIOS`** + - **`OSPlatformValidation_UEFI`** + - **`PlatformValidation`** -## "Access is denied" message when you try to encrypt removable drives +3. Exit registry editor, and turn on BitLocker drive encryption again. -You have a computer that is running Windows 10, version 1709 or version 1607, or Windows 11. You try to encrypt a USB drive by following these steps: + \ No newline at end of file diff --git a/windows/security/information-protection/bitlocker/ts-bitlocker-cannot-encrypt-tpm-issues.md b/windows/security/information-protection/bitlocker/ts-bitlocker-cannot-encrypt-tpm-issues.md index a8a7d4dffe..63204fb370 100644 --- a/windows/security/information-protection/bitlocker/ts-bitlocker-cannot-encrypt-tpm-issues.md +++ b/windows/security/information-protection/bitlocker/ts-bitlocker-cannot-encrypt-tpm-issues.md @@ -1,6 +1,6 @@ --- -title: BitLocker cannot encrypt a drive known TPM issues -description: Provides guidance for troubleshooting known issues that may prevent BitLocker Drive Encryption from encrypting a drive, and that you can attribute to the TPM +title: BitLocker can't encrypt a drive known TPM issues +description: Provides guidance for troubleshooting known issues that may prevent BitLocker Drive Encryption from encrypting a drive that can be attributed to the TPM ms.reviewer: kaushika ms.technology: itpro-security ms.prod: windows-client @@ -14,116 +14,144 @@ ms.date: 11/08/2022 ms.custom: bitlocker --- -# BitLocker cannot encrypt a drive: known TPM issues +# BitLocker can't encrypt a drive: known TPM issues This article describes common issues that affect the Trusted Platform Module (TPM) that might prevent BitLocker from encrypting a drive. This article also provides guidance to address these issues. > [!NOTE] -> If you have determined that your BitLocker issue does not involve the TPM, see [BitLocker cannot encrypt a drive: known issues](ts-bitlocker-cannot-encrypt-issues.md). +> If it's been determined that the BitLocker issue does not involve the TPM, see [BitLocker cannot encrypt a drive: known issues](ts-bitlocker-cannot-encrypt-issues.md). -## The TPM is locked and you see "The TPM is defending against dictionary attacks and is in a time-out period" +## The TPM is locked and the error **`The TPM is defending against dictionary attacks and is in a time-out period`** is displayed -When you turn on BitLocker drive encryption, it does not start. Instead, you receive a message that resembles "The TPM is defending against dictionary attacks and is in a time-out period." +It's attempted to turn on BitLocker drive encryption on a device but it fails with an error message similar to the following error message: -### Cause +> **The TPM is defending against dictionary attacks and is in a time-out period.** + +### Cause of the TPM being locked The TPM is locked out. -### Resolution +### Resolution for the TPM being locked -To resolve this issue, follow these steps: +To resolve this issue, the TPM needs to be reset and cleared. The TPM can be reset and cleared with the following steps: 1. Open an elevated PowerShell window and run the following script: - ```powershell + ``` powershell $Tpm = Get-WmiObject -class Win32_Tpm -namespace "root\CIMv2\Security\MicrosoftTpm" $ConfirmationStatus = $Tpm.GetPhysicalPresenceConfirmationStatus(22).ConfirmationStatus if($ConfirmationStatus -ne 4) {$Tpm.SetPhysicalPresenceRequest(22)} ``` -2. Restart the computer. If you are prompted at the restart screen, press F12 to agree.8 -3. Retry starting BitLocker drive encryption. -## You cannot prepare the TPM, and you see "The TPM is defending against dictionary attacks and is in a time-out period" +2. Restart the computer. If a prompt is displayed confirming the clearing of the TPM, agree to clear the TPM. -You cannot turn on BitLocker drive encryption on a device. You use the TPM management console (tpm.msc) to prepare the TPM on a device. The operation fails and you receive a message that resembles "The TPM is defending against dictionary attacks and is in a time-out period." +3. Sign on to Windows and retry starting BitLocker drive encryption. -### Cause +> [!WARNING] +> Resetting and clearing the TPM can cause data loss. + +## The TPM fails to prepare with the error **`The TPM is defending against dictionary attacks and is in a time-out period`** + +It's attempted to turn on BitLocker drive encryption on a device but it fails. While troubleshooting, the TPM management console (`tpm.msc`) is used to attempt to prepare the TPM on the device. The operation fails with an error message similar to the following error message: + +> **The TPM is defending against dictionary attacks and is in a time-out period.** + +### Cause of TPM failing to prepare The TPM is locked out. -### Resolution +### Resolution for TPM failing to prepare -To resolve this issue, disable and re-enable the TPM. To do this, follow these steps: +To resolve this issue, disable and re-enable the TPM with the following steps: -1. Restart the device, and change the BIOS configuration to disable the TPM. -2. Restart the device again, and return to the TPM management console. Following message is displayed: - > Compatible Trusted Platform Module (TPM) cannot be found on this computer. Verify that this computer has 1.2 TPM and it is turned on in the BIOS. +1. Enter the UEFI/BIOS configuration screens of the device by restarting the device and hitting the appropriate key combination as the device boots. Consult with the device manufacturer for the appropriate key combination for entering into the UEFI/BIOS configuration screens. -3. Restart the device, and change the BIOS configuration to enable the TPM. -4. Restart the device, and return to the TPM management console. +2. Once in the UEFI/BIOS configuration screens, disable the TPM. Consult with the device manufacturer for instructions on how to disable the TPM in the UEFI/BIOS configuration screens. -If you still cannot prepare the TPM, clear the existing TPM keys. To do this, follow the instructions in [Troubleshoot the TPM: Clear all the keys from the TPM](../tpm/initialize-and-configure-ownership-of-the-tpm.md#clear-all-the-keys-from-the-tpm). +3. Save the UEFI/BIOS configuration with the TPM disabled and restart the device to boot into Windows. + +4. Once signed into Windows, return to the TPM management console. An error message similar to the following error message is displayed: + + > **Compatible TPM cannot be found** + > + > **Compatible Trusted Platform Module (TPM) cannot be found on this computer. Verify that this computer has 1.2 TPM and it is turned on in the BIOS.** + + This message is expected since the TPM is currently disabled in the UEFI firmware/BIOS of the device. + +5. Restart the device and enter the UEFI/BIOS configuration screens again. + +6. Reenable the TPM in the UEFI/BIOS configuration screens. + +7. Save the UEFI/BIOS configuration with the TPM enabled and restart the device to boot into Windows. + +8. Once signed into Windows, return to the TPM management console. + +If the TPM still can't be prepared, clear the existing TPM keys by following the instructions in the article [Troubleshoot the TPM: Clear all the keys from the TPM](../tpm/initialize-and-configure-ownership-of-the-tpm.md#clear-all-the-keys-from-the-tpm). > [!WARNING] > Clearing the TPM can cause data loss. -## Access Denied: Failed to backup TPM Owner Authorization information to Active Directory Domain Services. Errorcode: 0x80070005 +## BitLocker fails to enable with the error **`Access Denied: Failed to backup TPM Owner Authorization information to Active Directory Domain Services. Errorcode: 0x80070005`** or **`Insufficient Rights`** -You have an environment that enforces the **Do not enable BitLocker until recovery information is stored in AD DS** policy. You try to turn on BitLocker drive encryption on a computer that runs Windows 7, but the operation fails. You receive a message that resembles "Access Denied" or "Insufficient Rights." +The **Do not enable BitLocker until recovery information is stored in AD DS** policy is enforced in the environment. It's attempted to turn on BitLocker drive encryption on a device but it fails with the error message of **`Access Denied: Failed to backup TPM Owner Authorization information to Active Directory Domain Services. Errorcode: 0x80070005`** or **`Insufficient Rights`**. -### Cause +### Cause of **`Access Denied`** or **`Insufficient Rights`** -The TPM did not have sufficient permissions on the TPM devices container in Active Directory Domain Services (AD DS). Therefore, the BitLocker recovery information could not be backed up to AD DS, and BitLocker drive encryption could not run. +The TPM didn't have sufficient permissions on the TPM devices container in Active Directory Domain Services (AD DS). Therefore, the BitLocker recovery information couldn't be backed up to AD DS, and BitLocker drive encryption couldn't turn on. This issue appears to be limited to computers that run versions of Windows that are earlier than Windows 10. -### Resolution +### Resolution for **`Access Denied`** or **`Insufficient Rights`** -To verify that you have correctly identified this issue, use one of the following methods: +To verify this issue is occurring, use one of the following two methods: -- Disable the policy or remove the computer from the domain. Then try to turn on BitLocker drive encryption again. The operation should now succeed. -- Use LDAP and network trace tools to examine the LDAP exchanges between the client and the AD DS domain controller to identify the cause of the "Access Denied" or "Insufficient Rights" error. In this case, you should see the error when the client tries to access its object in the "CN=TPM Devices,DC=\<*domain*>,DC=com" container. +- Disable the policy or remove the computer from the domain followed by trying to turn on BitLocker drive encryption again. If the operation succeeds, then the issue was caused by the policy. + +- Use LDAP and network trace tools to examine the LDAP exchanges between the client and the AD DS domain controller to identify the cause of the **Access Denied** or **Insufficient Rights** error. In this case, an error should be displayed when the client tries to access its object in the **`CN=TPM Devices,DC=,DC=com`** container. 1. To review the TPM information for the affected computer, open an elevated Windows PowerShell window and run the following command: - ```powershell + ``` powershell Get-ADComputer -Filter {Name -like "ComputerName"} -Property * | Format-Table name,msTPM-TPMInformationForComputer ``` In this command, *ComputerName* is the name of the affected computer. -1. To resolve the issue, use a tool such as dsacls.exe to ensure that the access control list of msTPM-TPMInformationForComputer grants both Read and Write permissions to NTAUTHORITY/SELF. +2. To resolve the issue, use a tool such as `dsacls.exe` to ensure that the access control list of msTPM-TPMInformationForComputer grants both **Read** and **Write** permissions to **NTAUTHORITY/SELF**. -## Cannot prepare the TPM, error 0x80072030: "There is no such object on the server" +## The TPM fails to be prepared with the error **`0x80072030: There is no such object on the server`** -Your domain controllers were upgraded from Windows Server 2008 R2 to Windows Server 2012 R2. A group policy object (GPO) enforces the **Do not enable BitLocker until recovery information is stored in AD DS** policy. +Domain controllers were upgraded from Windows Server 2008 R2 to Windows Server 2012 R2. A group policy object (GPO) exists that enforces the **Do not enable BitLocker until recovery information is stored in AD DS** policy. -You cannot turn on BitLocker drive encryption on a device. You use the TPM management console (tpm.msc) to prepare the TPM on a device. The operation fails and you see a message that resembles the following: +It's attempted to turn on BitLocker drive encryption on a device but it fails. While troubleshooting, the TPM management console (`tpm.msc`) is used to attempt to prepare the TPM on the device. The operation fails with an error message similar to the following error message: -> 0x80072030 There is no such object on the server when a policy to back up TPM information to active directory is enabled +> **0x80072030 There is no such object on the server when a policy to back up TPM information to active directory is enabled** -You have confirmed that the **ms-TPM-OwnerInformation** and **msTPM-TpmInformationForComputer** attributes are present. +It's been confirmed that the **ms-TPM-OwnerInformation** and **msTPM-TpmInformationForComputer** attributes are present. -### Cause +### Cause of **0x80072030: There is no such object on the server** The domain and forest functional level of the environment may still be set to Windows 2008 R2. Additionally, the permissions in AD DS might not be correctly set. -### Resolution +### Resolution for **0x80072030: There is no such object on the server** -To resolve this issue, follow these steps: +The issue can be resolved with the following steps: 1. Upgrade the functional level of the domain and forest to Windows Server 2012 R2. + 2. Download [Add-TPMSelfWriteACE.vbs](/samples/browse/?redirectedfrom=TechNet-Gallery). -3. In the script, modify the value of **strPathToDomain** to your domain name. + +3. In the script, modify the value of **strPathToDomain** to the organization's domain name. + 4. Open an elevated PowerShell window, and run the following command: - ```powershell - cscript Add-TPMSelfWriteACE.vbs + ``` syntax + cscript.exe \Add-TPMSelfWriteACE.vbs ``` - In this command \<*Path*> is the path to the script file. + In this command, \<*Path*> is the path to the script file. For more information, see the following articles: - [Back up the TPM recovery information to AD DS](../tpm/backup-tpm-recovery-information-to-ad-ds.md) -- [Prepare your organization for BitLocker: Planning and policies](./prepare-your-organization-for-bitlocker-planning-and-policies.md) \ No newline at end of file +- [Prepare your organization for BitLocker: Planning and policies](./prepare-your-organization-for-bitlocker-planning-and-policies.md) diff --git a/windows/security/information-protection/bitlocker/ts-bitlocker-config-issues.md b/windows/security/information-protection/bitlocker/ts-bitlocker-config-issues.md index 70d3520587..cc7c58afe1 100644 --- a/windows/security/information-protection/bitlocker/ts-bitlocker-config-issues.md +++ b/windows/security/information-protection/bitlocker/ts-bitlocker-config-issues.md @@ -1,6 +1,6 @@ --- title: BitLocker configuration known issues -description: Describes common issues that involve your BitLocker configuration and BitLocker's general functionality, and provides guidance for addressing those issues. +description: Describes common issues that involve BitLocker configuration and BitLocker's general functionality, and provides guidance for addressing those issues. ms.reviewer: kaushika ms.technology: itpro-security ms.prod: windows-client @@ -16,71 +16,81 @@ ms.custom: bitlocker # BitLocker configuration: known issues -This article describes common issues that affect your BitLocker's configuration and general functionality. This article also provides guidance to address these issues. +This article describes common issues that affect BitLocker's configuration and general functionality. This article also provides guidance to address these issues. ## BitLocker encryption is slower in Windows 10 and Windows 11 -In both Windows 11, Windows 10, and Windows 7, BitLocker runs in the background to encrypt drives. However, in Windows 11 and Windows 10, BitLocker is less aggressive about requesting resources. This behavior reduces the chance that BitLocker will affect the computer's performance. +BitLocker runs in the background to encrypt drives. However, in Windows 11 and Windows 10, BitLocker is less aggressive about requesting resources than in previous versions of Windows. This behavior reduces the chance that BitLocker will affect the computer's performance. -To compensate for these changes, BitLocker uses a new conversion model. This model, (referred to as Encrypt-On-Write), makes sure that any new disk writes on all client SKUs and that any internal drives are always encrypted *as soon as you turn on BitLocker*. +To compensate for these changes, BitLocker uses a conversion model called Encrypt-On-Write. This model makes sure that any new disk writes are encrypted as soon as BitLocker is enabled. This behavior happens on all client editions and for any internal drives. > [!IMPORTANT] > To preserve backward compatibility, BitLocker uses the previous conversion model to encrypt removable drives. ### Benefits of using the new conversion model -By using the previous conversion model, you cannot consider an internal drive to be protected (and compliant with data protection standards) until the BitLocker conversion is 100 percent complete. Before the process finishes, the data that existed on the drive before encryption began—that is, potentially compromised data—can still be read and written without encryption. Therefore, you must wait for the encryption process to finish before you store sensitive data on the drive. Depending on the size of the drive, this delay can be substantial. +By using the previous conversion model, an internal drive can't be considered protected and compliant with data protection standards until the BitLocker conversion is 100 percent complete. Before the process finishes, the data that existed on the drive before encryption began - that is, potentially compromised data - can still be read and written without encryption. Therefore, for data to be considered protected and compliant with data protection standards, the encryption process has to finish before sensitive data is stored on the drive. Depending on the size of the drive, this delay can be substantial. -By using the new conversion model, you can safely store sensitive data on the drive as soon as you turn on BitLocker. You don't have to wait for the encryption process to finish, and encryption does not adversely affect performance. The tradeoff is that the encryption process for pre-existing data takes more time. +By using the new conversion model, sensitive data can be stored on the drive as soon as BitLocker is turned on. The encryption process doesn't need to finish first, and encryption doesn't adversely affect performance. The tradeoff is that the encryption process for pre-existing data takes more time. ### Other BitLocker enhancements -After Windows 7 was released, several other areas of BitLocker were improved: +Several other areas of BitLocker were improved in version of Windows released after Windows 7: -- **New encryption algorithm, XTS-AES**. The new algorithm provides additional protection from a class of attacks on encrypted data that rely on manipulating cipher text to cause predictable changes in plain text. +- **New encryption algorithm, XTS-AES** - Added in Windows 10 version 1511, this algorithm provides additional protection from a class of attacks on encrypted data that rely on manipulating cipher text to cause predictable changes in plain text. By default, this algorithm complies with the Federal Information Processing Standards (FIPS). FIPS is a United States Government standard that provides a benchmark for implementing cryptographic software. -- **Improved administration features**. You can manage BitLocker on PCs or other devices by using the following interfaces: - - BitLocker Wizard - - manage-bde - - Group Policy Objects (GPOs) - - Mobile Device Management (MDM) policy - - Windows PowerShell - - Windows Management Interface (WMI) +- **Improved administration features**. BitLocker can be managed on PCs or other devices by using the following interfaces: -- **Integration with Azure Active Directory** (Azure AD). BitLocker can store recovery information in Azure AD to make it easier to recover. + - BitLocker Wizard + - manage-bde.exe + - Group Policy Objects (GPOs) + - Mobile Device Management (MDM) policy + - Windows PowerShell + - Windows Management Interface (WMI) -- **[Direct memory access (DMA) Port Protection](../kernel-dma-protection-for-thunderbolt.md)**. By using MDM policies to manage BitLocker, you can block a device's DMA ports and secure the device during its startup. +- **Integration with Azure Active Directory** (Azure AD) - BitLocker can store recovery information in Azure AD to make it easier to recover. -- **[BitLocker Network Unlock](./bitlocker-how-to-enable-network-unlock.md)**. If your BitLocker-enabled desktop or server computer is connected to a wired corporate network in a domain environment, you can automatically unlock its operating system volume during a system restart. +- **[Direct memory access (DMA) Port Protection](../kernel-dma-protection-for-thunderbolt.md)** - By using MDM policies to manage BitLocker, a device's DMA ports can be blocked which secures the device during its startup. -- **Support for [Encrypted Hard Drives](../encrypted-hard-drive.md)**. Encrypted Hard Drives are a new class of hard drives that are self-encrypting at a hardware level and allow for full disk hardware encryption. By taking on that workload, Encrypted Hard Drives increase BitLocker performance and reduce CPU usage and power consumption. +- **[BitLocker Network Unlock](./bitlocker-how-to-enable-network-unlock.md)** - If the BitLocker-enabled desktop or server computer is connected to a wired corporate network in a domain environment, its operating system volume can be automatically unlocked during a system restart. -- **Support for classes of HDD/SSD hybrid disks**. BitLocker can encrypt a disk that uses a small SSD as a non-volatile cache in front of the HDD, such as Intel Rapid Storage Technology. +- **Support for [Encrypted Hard Drives](../encrypted-hard-drive.md)** - Encrypted Hard Drives are a new class of hard drives that are self-encrypting at a hardware level and allow for full disk hardware encryption. By taking on that workload, Encrypted Hard Drives increase BitLocker performance and reduce CPU usage and power consumption. -## Hyper-V Gen 2 VM: Cannot access the volume after BitLocker encryption +- **Support for classes of HDD/SSD hybrid disks** - BitLocker can encrypt a disk that uses a small SSD as a non-volatile cache in front of the HDD, such as Intel Rapid Storage Technology. + +## Hyper-V Gen 2 VM: Can't access the volume after BitLocker encryption Consider the following scenario: -1. You turn on BitLocker on a generation-2 virtual machine (VM) that runs on Hyper-V. -1. You add data to the data disk as it encrypts. -1. You restart the VM, and observe the following: - - The system volume is not encrypted. - - The encrypted volume is not accessible, and the computer lists the volume's file system as "Unknown." - - You see a message that resembles: "You need to format the disk in \<*x:*> drive before you can use it" +1. BitLocker is turned on a generation 2 virtual machine (VM) that runs on Hyper-V. -### Cause +2. Data is added to the data disk as it encrypts. -This issue occurs because the third-party filter driver Stcvsm.sys (from StorageCraft) is installed on the VM. +3. The VM is restarted and the following behavior is observed: -### Resolution + - The system volume isn't encrypted. + + - The encrypted volume isn't accessible, and the computer lists the volume's file system as **Unknown**. + + - A message similar to the following message is displayed: + + > **You need to format the disk in \<*drive_letter:*> drive before you can use it** + +### Cause of not being able to access the volume after BitLocker encryption on a Hyper-V Gen 2 VM + +This issue occurs because the third-party filter driver `Stcvsm.sys` (from StorageCraft) is installed on the VM. + +### Resolution for not being able to access the volume after BitLocker encryption on a Hyper-V Gen 2 VM To resolve this issue, remove the third-party software. ## Production snapshots fail for virtualized domain controllers that use BitLocker-encrypted disks -You have a Windows Server 2019 or 2016 Hyper-V Server that is hosting VMs (guests) that are configured as Windows domain controllers. BitLocker has encrypted the disks that store the Active Directory database and log files. When you run a "production snapshot" of the domain controller guests, the Volume Snap-Shot (VSS) service does not correctly process the backup. +Consider the following scenario: + +A Windows Server 2019 or 2016 Hyper-V Server is hosting VMs (guests) that are configured as Windows domain controllers. On a domain controller guest VM, BitLocker has encrypted the disks that store the Active Directory database and log files. When a "production snapshot" of the domain controller guest VM is attempted, the Volume Snap-Shot (VSS) service doesn't correctly process the backup. This issue occurs regardless of any of the following variations in the environment: @@ -88,94 +98,94 @@ This issue occurs regardless of any of the following variations in the environme - Whether the VMs are generation 1 or generation 2. - Whether the guest operating system is Windows Server 2019, 2016 or 2012 R2. -In the domain controller application log, the VSS event source records event ID 8229: +In the guest VM domain controller **Windows Logs** > **Application** Event Viewer log, the VSS event source records event **ID 8229**: -> ID: 8229 -> Level: Warning -> ‎Source: VSS -> Message: A VSS writer has rejected an event with error 0x800423f4. The writer experienced a non-transient error. If the backup process is retried, the error is likely to reoccur. -> -> Changes that the writer made to the writer components while handling the event will not be available to the requester. -> -> Check the event log for related events from the application hosting the VSS writer. -> -> Operation: +> ID: 8229
    +> Level: Warning
    +> Source: VSS
    +> Message: A VSS writer has rejected an event with error 0x800423f4. The writer experienced a non-transient error. If the backup process is retried, the error is likely to reoccur.
    +> +> Changes that the writer made to the writer components while handling the event will not be available to the requester.
    +> +> Check the event log for related events from the application hosting the VSS writer. +> +> Operation:
    > PostSnapshot Event -> -> Context: -> Execution Context: Writer -> Writer Class Id: {b2014c9e-8711-4c5c-a5a9-3cf384484757} -> Writer Name: NTDS -> Writer Instance ID: {d170b355-a523-47ba-a5c8-732244f70e75} -> Command Line: C:\\Windows\\system32\\lsass.exe -> -> Process ID: 680 +> +> Context:
    +> Execution Context: Writer
    +> Writer Class Id: {b2014c9e-8711-4c5c-a5a9-3cf384484757}
    +> Writer Name: NTDS
    +> Writer Instance ID: {d170b355-a523-47ba-a5c8-732244f70e75}
    +> Command Line: C:\\Windows\\system32\\lsass.exe
    +> +> Process ID: 680 -In the domain controller Directory Services event log, you see an event that resembles the following: +In the guest VM domain controller **Applications and Services Logs** > **Directory Service** Event Viewer log, there's an event logged similar to the following event: -> Error Microsoft-Windows-ActiveDirectory\_DomainService 1168 +> Error Microsoft-Windows-ActiveDirectory\_DomainService 1168
    > Internal Processing Internal error: An Active Directory Domain Services error has occurred. -> ->‎  Additional Data -> ‎  Error value (decimal): -1022 -> -> Error value (hex): fffffc02 -> -> Internal ID: 160207d9 +> +> Additional Data
    +> Error value (decimal): -1022
    +> +> Error value (hex): fffffc02 +> +> Internal ID: 160207d9 > [!NOTE] -> The internal ID of this event may differ based on your operating system release and path level. +> The internal ID of this event may differ based on the operating system release version and patch level. -After this issue occurs, if you run the **VSSADMIN list writers** command, you see output that resembles the following for the Active Directory Domain Services (NTDS) VSS Writer: +When this issue occurs, the **Active Directory Domain Services (NTDS) VSS Writer** will display the following error when the **`vssadmin.exe list writers`** command is run: -> Writer name: 'NTDS' ->   Writer Id: {b2014c9e-8711-4c5c-a5a9-3cf384484757} ->   Writer Instance Id: {08321e53-4032-44dc-9b03-7a1a15ad3eb8} ->   State: \[11\] Failed ->   Last error: Non-retryable error +``` error +Writer name: 'NTDS' + Writer Id: {b2014c9e-8711-4c5c-a5a9-3cf384484757} + Writer Instance Id: {08321e53-4032-44dc-9b03-7a1a15ad3eb8} + State: [11] Failed + Last error: Non-retryable error +``` -Additionally, you cannot back up the VMs until you restart them. +Additionally, the VMs can't be backed up until they're restarted. -### Cause +### Cause of production snapshots fail for virtualized domain controllers that use BitLocker-encrypted disks -After VSS creates a snapshot of a volume, the VSS writer takes "post snapshot" actions. In the case of a "production snapshot," which you initiate from the host server, Hyper-V tries to mount the snapshotted volume. However, it cannot unlock the volume for unencrypted access. BitLocker on the Hyper-V server does not recognize the volume. Therefore, the access attempt fails and then the snapshot operation fails. +After VSS creates a snapshot of a volume, the VSS writer takes "post snapshot" actions. When a "production snapshot" is initiated from the host server, Hyper-V tries to mount the snapshotted volume. However, it can't unlock the volume for unencrypted access. BitLocker on the Hyper-V server doesn't recognize the volume. Therefore, the access attempt fails and then the snapshot operation fails. This behavior is by design. -### Workaround +### Workaround for production snapshots fail for virtualized domain controllers that use BitLocker-encrypted disks -There is one supported way to perform backup and restore of a virtualized domain controller: +A supported way to perform backup and restore of a virtualized domain controller is to run **Windows Server Backup** in the guest operating system. -- Run Windows Server Backup in the guest operating system. - -If you have to take a production snapshot of a virtualized domain controller, you can suspend BitLocker in the guest operating system before you start the production snapshot. However, this approach is not recommended. +If a production snapshot of a virtualized domain controller needs to be taken, BitLocker can be suspended in the guest operating system before the production snapshot is started. However, this approach isn't recommended. For more information and recommendations about backing up virtualized domain controllers, see [Virtualizing Domain Controllers using Hyper-V: Backup and Restore Considerations for Virtualized Domain Controllers](/windows-server/identity/ad-ds/get-started/virtual-dc/virtualized-domain-controllers-hyper-v#backup-and-restore-considerations-for-virtualized-domain-controllers) ### More information -When the VSS NTDS writer requests access to the encrypted drive, the Local Security Authority Subsystem Service (LSASS) generates an error entry that resembles the following: +When the VSS NTDS writer requests access to the encrypted drive, the Local Security Authority Subsystem Service (LSASS) generates an error entry similar to the following error: -```console +``` console \# for hex 0xc0210000 / decimal -1071579136 -‎ STATUS\_FVE\_LOCKED\_VOLUME ntstatus.h -‎ \# This volume is locked by BitLocker Drive Encryption. +STATUS\_FVE\_LOCKED\_VOLUME ntstatus.h +\# This volume is locked by BitLocker Drive Encryption. ``` The operation produces the following call stack: ```console \# Child-SP RetAddr Call Site -‎ 00 00000086\`b357a800 00007ffc\`ea6e7a4c KERNELBASE\!FindFirstFileExW+0x1ba \[d:\\rs1\\minkernel\\kernelbase\\filefind.c @ 872\] -‎ 01 00000086\`b357abd0 00007ffc\`e824accb KERNELBASE\!FindFirstFileW+0x1c \[d:\\rs1\\minkernel\\kernelbase\\filefind.c @ 208\] -‎ 02 00000086\`b357ac10 00007ffc\`e824afa1 ESENT\!COSFileFind::ErrInit+0x10b \[d:\\rs1\\onecore\\ds\\esent\\src\\os\\osfs.cxx @ 2476\] -‎ 03 00000086\`b357b700 00007ffc\`e827bf02 ESENT\!COSFileSystem::ErrFileFind+0xa1 \[d:\\rs1\\onecore\\ds\\esent\\src\\os\\osfs.cxx @ 1443\] -‎ 04 00000086\`b357b960 00007ffc\`e82882a9 ESENT\!JetGetDatabaseFileInfoEx+0xa2 \[d:\\rs1\\onecore\\ds\\esent\\src\\ese\\jetapi.cxx @ 11503\] -‎ 05 00000086\`b357c260 00007ffc\`e8288166 ESENT\!JetGetDatabaseFileInfoExA+0x59 \[d:\\rs1\\onecore\\ds\\esent\\src\\ese\\jetapi.cxx @ 11759\] -‎ 06 00000086\`b357c390 00007ffc\`e84c64fb ESENT\!JetGetDatabaseFileInfoA+0x46 \[d:\\rs1\\onecore\\ds\\esent\\src\\ese\\jetapi.cxx @ 12076\] -‎ 07 00000086\`b357c3f0 00007ffc\`e84c5f23 ntdsbsrv\!CVssJetWriterLocal::RecoverJetDB+0x12f \[d:\\rs1\\ds\\ds\\src\\jetback\\snapshot.cxx @ 2009\] -‎ 08 00000086\`b357c710 00007ffc\`e80339e0 ntdsbsrv\!CVssJetWriterLocal::OnPostSnapshot+0x293 \[d:\\rs1\\ds\\ds\\src\\jetback\\snapshot.cxx @ 2190\] -‎ 09 00000086\`b357cad0 00007ffc\`e801fe6d VSSAPI\!CVssIJetWriter::OnPostSnapshot+0x300 \[d:\\rs1\\base\\stor\\vss\\modules\\jetwriter\\ijetwriter.cpp @ 1704\] -‎ 0a 00000086\`b357ccc0 00007ffc\`e8022193 VSSAPI\!CVssWriterImpl::OnPostSnapshotGuard+0x1d \[d:\\rs1\\base\\stor\\vss\\modules\\vswriter\\vswrtimp.cpp @ 5228\] -‎ 0b 00000086\`b357ccf0 00007ffc\`e80214f0 VSSAPI\!CVssWriterImpl::PostSnapshotInternal+0xc3b \[d:\\rs1\\base\\stor\\vss\\modules\\vswriter\\vswrtimp.cpp @ 3552\] -``` \ No newline at end of file + 00 00000086\`b357a800 00007ffc\`ea6e7a4c KERNELBASE\!FindFirstFileExW+0x1ba \[d:\\rs1\\minkernel\\kernelbase\\filefind.c @ 872\] + 01 00000086\`b357abd0 00007ffc\`e824accb KERNELBASE\!FindFirstFileW+0x1c \[d:\\rs1\\minkernel\\kernelbase\\filefind.c @ 208\] + 02 00000086\`b357ac10 00007ffc\`e824afa1 ESENT\!COSFileFind::ErrInit+0x10b \[d:\\rs1\\onecore\\ds\\esent\\src\\os\\osfs.cxx @ 2476\] + 03 00000086\`b357b700 00007ffc\`e827bf02 ESENT\!COSFileSystem::ErrFileFind+0xa1 \[d:\\rs1\\onecore\\ds\\esent\\src\\os\\osfs.cxx @ 1443\] + 04 00000086\`b357b960 00007ffc\`e82882a9 ESENT\!JetGetDatabaseFileInfoEx+0xa2 \[d:\\rs1\\onecore\\ds\\esent\\src\\ese\\jetapi.cxx @ 11503\] + 05 00000086\`b357c260 00007ffc\`e8288166 ESENT\!JetGetDatabaseFileInfoExA+0x59 \[d:\\rs1\\onecore\\ds\\esent\\src\\ese\\jetapi.cxx @ 11759\] + 06 00000086\`b357c390 00007ffc\`e84c64fb ESENT\!JetGetDatabaseFileInfoA+0x46 \[d:\\rs1\\onecore\\ds\\esent\\src\\ese\\jetapi.cxx @ 12076\] + 07 00000086\`b357c3f0 00007ffc\`e84c5f23 ntdsbsrv\!CVssJetWriterLocal::RecoverJetDB+0x12f \[d:\\rs1\\ds\\ds\\src\\jetback\\snapshot.cxx @ 2009\] + 08 00000086\`b357c710 00007ffc\`e80339e0 ntdsbsrv\!CVssJetWriterLocal::OnPostSnapshot+0x293 \[d:\\rs1\\ds\\ds\\src\\jetback\\snapshot.cxx @ 2190\] + 09 00000086\`b357cad0 00007ffc\`e801fe6d VSSAPI\!CVssIJetWriter::OnPostSnapshot+0x300 \[d:\\rs1\\base\\stor\\vss\\modules\\jetwriter\\ijetwriter.cpp @ 1704\] + 0a 00000086\`b357ccc0 00007ffc\`e8022193 VSSAPI\!CVssWriterImpl::OnPostSnapshotGuard+0x1d \[d:\\rs1\\base\\stor\\vss\\modules\\vswriter\\vswrtimp.cpp @ 5228\] + 0b 00000086\`b357ccf0 00007ffc\`e80214f0 VSSAPI\!CVssWriterImpl::PostSnapshotInternal+0xc3b \[d:\\rs1\\base\\stor\\vss\\modules\\vswriter\\vswrtimp.cpp @ 3552\] +``` From ddf1c60cfc0354b7f19008db58d977a2278f35c5 Mon Sep 17 00:00:00 2001 From: Paolo Matarazzo <74918781+paolomatarazzo@users.noreply.github.com> Date: Wed, 16 Nov 2022 07:51:13 -0500 Subject: [PATCH 060/129] updates --- .../hello-deployment-rdp-certs.md | 64 ++++++------------- 1 file changed, 20 insertions(+), 44 deletions(-) diff --git a/windows/security/identity-protection/hello-for-business/hello-deployment-rdp-certs.md b/windows/security/identity-protection/hello-for-business/hello-deployment-rdp-certs.md index bc9258e92e..a493995334 100644 --- a/windows/security/identity-protection/hello-for-business/hello-deployment-rdp-certs.md +++ b/windows/security/identity-protection/hello-for-business/hello-deployment-rdp-certs.md @@ -28,16 +28,16 @@ This document describes Windows Hello for Business functionalities or scenarios --- -Windows Hello for Business supports using a certificate as the supplied credential when establishing a remote desktop connection to a server or other device. This document discusses three approaches for *cloud Kerberos trust* and *key trust* deployments, where authentication certificates can be deployed to an existing Windows Hello for Business user: +Windows Hello for Business supports using a certificate as the supplied credential when establishing a remote desktop connection to another Windows device. This document discusses three approaches for *cloud Kerberos trust* and *key trust* deployments, where authentication certificates can be deployed to an existing Windows Hello for Business user: - Deploy certificates to hybrid joined devices using an on-premises Active Directory Certificate Services enrollment policy -- Deploy certificates to hybrid or Azure AD-joined devices using Simple Certificate Enrollment Protocol (SCEP) and Intune -- Work with non-Microsoft enterprise certificate authorities +- Deploy certificates to hybrid or Azure AD-joined devices using Intune +- Work with third-party PKIs ## Deploy certificates via Active Directory Certificate Services (AD CS) > [!NOTE] -> This process is applicable to hybrid Azure AD joined devices only. +> This process is applicable to *hybrid Azure AD joined* devices only. To deploy certificates using an on-premises Active Directory Certificate Services enrollment policy, you must first create a *certificate template* and then deploy certificates based on that template. @@ -54,34 +54,18 @@ Follow these steps to create a certificate template: 1. In the MMC, expand the CA name and right-click **Certificate Templates > Manage** 1. The Certificate Templates console opens. All of the certificate templates are displayed in the details pane 1. Right-click the **Smartcard Logon** template and select **Duplicate Template** +1. Use the following table to configure the template: - ![Duplicating Smartcard Template.](images/rdpcert/duplicatetemplate.png) + | Tab Name | Configurations | + | --- | --- | + | *Compatibility* |
    • Clear the **Show resulting changes** check box
    • Select **Windows Server 2012 or Windows Server 2012 R2** from the *Certification Authority list*
    • Select **Windows Server 2012 or Windows Server 2012 R2** from the *Certification Recipient list*
    | + | *General* |
    • Specify a Template display name, for example *WHfB Certificate Authentication*
    • Set the validity period to the desired value
    • Take note of the Template name for later, which should be the same as the Template display name minus spaces (*WHfBCertificateAuthentication* in this example)
    | + | *Extensions* | Verify the **Application Policies** extension includes **Smart Card Logon**| + | *Subject Name* |
    • Select the **Build from this Active Directory** information button if it is not already selected
    • Select **Fully distinguished name** from the **Subject name format** list if Fully distinguished name is not already selected
    • Select the **User Principal Name (UPN)** check box under **Include this information in alternative subject name**
    | + |*Request Handling*|
    • Set the Purpose to **Signature and smartcard logon** and select **Yes** when prompted to change the certificate purpose
    • Select the **Renew with same key** check box
    • Select **Prompt the user during enrollment**
    | + |*Cryptography*|
    • Set the Provider Category to **Key Storage Provider**
    • Set the Algorithm name to **RSA**
    • Set the minimum key size to **2048**
    • Select **Requests must use one of the following providers**
    • Select **Microsoft Software Key Storage Provider**
    • Set the Request hash to **SHA256**
    | + |*Security*|Add the security group that you want to give **Enroll** access to. For example, if you want to give access to all users, select the **Authenticated** users group, and then select Enroll permissions for them| -1. On the **Compatibility** tab: - 1. Clear the **Show resulting changes** check box - 1. Select **Windows Server 2012 or Windows Server 2012 R2** from the Certification Authority list - 1. Select **Windows Server 2012 or Windows Server 2012 R2** from the Certification Recipient list -1. On the **General** tab: - 1. Specify a Template display name, for example *WHfB Certificate Authentication* - 1. Set the validity period to the desired value - 1. Take note of the Template name for later, which should be the same as the Template display name minus spaces (**WHfBCertificateAuthentication** in this example) -1. On the **Extensions** tab, verify the **Application Policies** extension includes **Smart Card Logon** -1. On the **Subject Name** tab: - 1. Select the **Build from this Active Directory** information button if it is not already selected - 1. Select **Fully distinguished name** from the **Subject name format** list if Fully distinguished name is not already selected - 1. Select the **User Principal Name (UPN)** check box under **Include this information in alternative subject name** -1. On the **Request Handling** tab: - 1. Set the Purpose to **Signature and smartcard logon** and select **Yes** when prompted to change the certificate purpose - 1. Select the **Renew with same key** check box - 1. Select **Prompt the user during enrollment** -1. On the **Cryptography** tab: - 1. Set the Provider Category to **Key Storage Provider** - 1. Set the Algorithm name to **RSA** - 1. Set the minimum key size to **2048** - 1. Select **Requests must use one of the following providers** - 1. Select **Microsoft Software Key Storage Provider** - 1. Set the Request hash to **SHA256** -1. On the **Security** tab, add the security group that you want to give **Enroll** access to. For example, if you want to give access to all users, select the **Authenticated** users group, and then select Enroll permissions for them 1. Select **OK** to finalize your changes and create the new template. Your new template should now appear in the list of Certificate Templates 1. Close the Certificate Templates console 1. Open an elevated command prompt and change to a temporary working directory @@ -92,9 +76,9 @@ Follow these steps to create a certificate template: ``` 1. Open the text file created by the command above. - 1. Delete the last line of the output from the file that reads\ + - Delete the last line of the output from the file that reads\ `CertUtil: -dsTemplate command completed successfully.` - 1. Modify the line that reads\ + - Modify the line that reads\ `pKIDefaultCSPs = "1,Microsoft Software Key Storage Provider"` to\ `pKIDefaultCSPs = "1,Microsoft Passport Key Storage Provider"` 1. Save the text file @@ -105,10 +89,7 @@ Follow these steps to create a certificate template: ``` 1. In the Certificate Authority console, right-click **Certificate Templates**, select **New > Certificate Template to Issue** - - ![Selecting Certificate Template to Issue.](images/rdpcert/certificatetemplatetoissue.png) - -1. From the list of templates, select the template you previously created (**WHFB Certificate Authentication**) and select **OK**. It can take some time for the template to replicate to all servers and become available in this list. +1. From the list of templates, select the template you previously created (**WHFB Certificate Authentication**) and select **OK**. It can take some time for the template to replicate to all servers and become available in this list 1. After the template replicates, in the MMC, right-click in the Certification Authority list, select **All Tasks > Stop Service**. Right-click the name of the CA again, select **All Tasks > Start Service** @@ -118,11 +99,8 @@ Follow these steps to create a certificate template: Request a certificate 1. Sign in to a client that is hybrid Azure AD joined, ensuring that the client has line of sight to a domain controller and the issuing CA -1. Open the **Certificates - Current User** Microsoft Management Console (MMC) - `%windir%\system32\certmgr.msc` +1. Open the **Certificates - Current User** Microsoft Management Console (MMC). To do so, you can execute the command `certmgr.msc` 1. In the left pane of the MMC, right-click **Personal > All Tasks > Request New Certificate…** - - ![Request a new certificate.](images/rdpcert/requestnewcertificate.png) - 1. On the Certificate Enrollment screen, select **Next** 1. Under *Select Certificate Enrollment Policy*, select **Active Directory Enrollment Policy > Next** 1. Under *Request Certificates*, select the check-box for the certificate template you created in the previous section (*WHfB Certificate Authentication*) and then select **Enroll** @@ -188,13 +166,11 @@ Proceed as follows: Request a certificate Once the configuration profile has been created, targeted clients will receive the profile from Intune on their next refresh cycle. You should find a new certificate in the user store. To validate the certificate is present, do the following steps: -1. Open the Certificates - Current User console (%windir%\system32\certmgr.msc) +1. Sign in to a client that is targeted by the Intune policy +1. Open the **Certificates - Current User** Microsoft Management Console (MMC). To do so, you can execute the command `certmgr.msc` 1. In the left pane of the MMC, expand **Personal** and select **Certificates** 1. In the right-hand pane of the MMC, check for the new certificate -> [!NOTE] -> This infrastructure may also deploy the same certificates to co-managed or modern-managed Hybrid Azure Active Directory-Joined devices using Intune Policies. - ## Using non-Microsoft Enterprise Certificate Authorities From 5d00c8deae0bbca9f2a4ed5a7d36ec94021bff79 Mon Sep 17 00:00:00 2001 From: Paolo Matarazzo <74918781+paolomatarazzo@users.noreply.github.com> Date: Wed, 16 Nov 2022 07:55:38 -0500 Subject: [PATCH 061/129] updates --- .../hello-for-business/hello-deployment-rdp-certs.md | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/windows/security/identity-protection/hello-for-business/hello-deployment-rdp-certs.md b/windows/security/identity-protection/hello-for-business/hello-deployment-rdp-certs.md index a493995334..49c542d7ef 100644 --- a/windows/security/identity-protection/hello-for-business/hello-deployment-rdp-certs.md +++ b/windows/security/identity-protection/hello-for-business/hello-deployment-rdp-certs.md @@ -58,12 +58,12 @@ Follow these steps to create a certificate template: | Tab Name | Configurations | | --- | --- | - | *Compatibility* |
    • Clear the **Show resulting changes** check box
    • Select **Windows Server 2012 or Windows Server 2012 R2** from the *Certification Authority list*
    • Select **Windows Server 2012 or Windows Server 2012 R2** from the *Certification Recipient list*
    | - | *General* |
    • Specify a Template display name, for example *WHfB Certificate Authentication*
    • Set the validity period to the desired value
    • Take note of the Template name for later, which should be the same as the Template display name minus spaces (*WHfBCertificateAuthentication* in this example)
    | + | *Compatibility* |
  • Clear the **Show resulting changes** check box
  • Select **Windows Server 2012 or Windows Server 2012 R2** from the *Certification Authority list*
  • Select **Windows Server 2012 or Windows Server 2012 R2** from the *Certification Recipient list*
    • | + | *General* |
  • Specify a Template display name, for example *WHfB Certificate Authentication*
  • Set the validity period to the desired value
  • Take note of the Template name for later, which should be the same as the Template display name minus spaces (*WHfBCertificateAuthentication* in this example)
    • | | *Extensions* | Verify the **Application Policies** extension includes **Smart Card Logon**| - | *Subject Name* |
    • Select the **Build from this Active Directory** information button if it is not already selected
    • Select **Fully distinguished name** from the **Subject name format** list if Fully distinguished name is not already selected
    • Select the **User Principal Name (UPN)** check box under **Include this information in alternative subject name**
    | - |*Request Handling*|
    • Set the Purpose to **Signature and smartcard logon** and select **Yes** when prompted to change the certificate purpose
    • Select the **Renew with same key** check box
    • Select **Prompt the user during enrollment**
    | - |*Cryptography*|
    • Set the Provider Category to **Key Storage Provider**
    • Set the Algorithm name to **RSA**
    • Set the minimum key size to **2048**
    • Select **Requests must use one of the following providers**
    • Select **Microsoft Software Key Storage Provider**
    • Set the Request hash to **SHA256**
    | + | *Subject Name* |
  • Select the **Build from this Active Directory** information button if it is not already selected
  • Select **Fully distinguished name** from the **Subject name format** list if Fully distinguished name is not already selected
  • Select the **User Principal Name (UPN)** check box under **Include this information in alternative subject name**
    • | + |*Request Handling*|
  • Set the Purpose to **Signature and smartcard logon** and select **Yes** when prompted to change the certificate purpose
  • Select the **Renew with same key** check box
  • Select **Prompt the user during enrollment**
    • | + |*Cryptography*|
  • Set the Provider Category to **Key Storage Provider**
  • Set the Algorithm name to **RSA**
  • Set the minimum key size to **2048**
  • Select **Requests must use one of the following providers**
  • Select **Microsoft Software Key Storage Provider**
  • Set the Request hash to **SHA256**
    • | |*Security*|Add the security group that you want to give **Enroll** access to. For example, if you want to give access to all users, select the **Authenticated** users group, and then select Enroll permissions for them| 1. Select **OK** to finalize your changes and create the new template. Your new template should now appear in the list of Certificate Templates From 8e98de2687458c9c1876d0f9ce51e1d1b238f5a5 Mon Sep 17 00:00:00 2001 From: Paolo Matarazzo <74918781+paolomatarazzo@users.noreply.github.com> Date: Wed, 16 Nov 2022 07:58:51 -0500 Subject: [PATCH 062/129] updates --- .../hello-for-business/hello-deployment-rdp-certs.md | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/windows/security/identity-protection/hello-for-business/hello-deployment-rdp-certs.md b/windows/security/identity-protection/hello-for-business/hello-deployment-rdp-certs.md index 49c542d7ef..09ab1f8687 100644 --- a/windows/security/identity-protection/hello-for-business/hello-deployment-rdp-certs.md +++ b/windows/security/identity-protection/hello-for-business/hello-deployment-rdp-certs.md @@ -59,7 +59,7 @@ Follow these steps to create a certificate template: | Tab Name | Configurations | | --- | --- | | *Compatibility* |
  • Clear the **Show resulting changes** check box
  • Select **Windows Server 2012 or Windows Server 2012 R2** from the *Certification Authority list*
  • Select **Windows Server 2012 or Windows Server 2012 R2** from the *Certification Recipient list*
    • | - | *General* |
  • Specify a Template display name, for example *WHfB Certificate Authentication*
  • Set the validity period to the desired value
  • Take note of the Template name for later, which should be the same as the Template display name minus spaces (*WHfBCertificateAuthentication* in this example)
    • | + | *General* |
  • Specify a **Template display name**, for example *WHfB Certificate Authentication*
  • Set the validity period to the desired value
  • Take note of the Template name for later, which should be the same as the Template display name minus spaces (*WHfBCertificateAuthentication* in this example)
    • | | *Extensions* | Verify the **Application Policies** extension includes **Smart Card Logon**| | *Subject Name* |
  • Select the **Build from this Active Directory** information button if it is not already selected
  • Select **Fully distinguished name** from the **Subject name format** list if Fully distinguished name is not already selected
  • Select the **User Principal Name (UPN)** check box under **Include this information in alternative subject name**
    • | |*Request Handling*|
  • Set the Purpose to **Signature and smartcard logon** and select **Yes** when prompted to change the certificate purpose
  • Select the **Renew with same key** check box
  • Select **Prompt the user during enrollment**
    • | @@ -69,10 +69,10 @@ Follow these steps to create a certificate template: 1. Select **OK** to finalize your changes and create the new template. Your new template should now appear in the list of Certificate Templates 1. Close the Certificate Templates console 1. Open an elevated command prompt and change to a temporary working directory -1. Execute the following command, replacing `` with the Template name you took note of earlier in step 7c +1. Execute the following command, replacing `` with the **Template display name** noted above ```cmd - certutil -dstemplate > + certutil -dstemplate ** > ** ``` 1. Open the text file created by the command above. From 442890f030b3d91203247aaee2e363ba529b054d Mon Sep 17 00:00:00 2001 From: Paolo Matarazzo <74918781+paolomatarazzo@users.noreply.github.com> Date: Wed, 16 Nov 2022 08:02:56 -0500 Subject: [PATCH 063/129] udpates --- .../hello-for-business/hello-deployment-rdp-certs.md | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/windows/security/identity-protection/hello-for-business/hello-deployment-rdp-certs.md b/windows/security/identity-protection/hello-for-business/hello-deployment-rdp-certs.md index 09ab1f8687..afb40516e5 100644 --- a/windows/security/identity-protection/hello-for-business/hello-deployment-rdp-certs.md +++ b/windows/security/identity-protection/hello-for-business/hello-deployment-rdp-certs.md @@ -58,12 +58,12 @@ Follow these steps to create a certificate template: | Tab Name | Configurations | | --- | --- | - | *Compatibility* |
  • Clear the **Show resulting changes** check box
  • Select **Windows Server 2012 or Windows Server 2012 R2** from the *Certification Authority list*
  • Select **Windows Server 2012 or Windows Server 2012 R2** from the *Certification Recipient list*
    • | - | *General* |
  • Specify a **Template display name**, for example *WHfB Certificate Authentication*
  • Set the validity period to the desired value
  • Take note of the Template name for later, which should be the same as the Template display name minus spaces (*WHfBCertificateAuthentication* in this example)
    • | + | *Compatibility* |
    • Clear the **Show resulting changes** check box
    • Select **Windows Server 2012 or Windows Server 2012 R2** from the *Certification Authority list*
    • Select **Windows Server 2012 or Windows Server 2012 R2** from the *Certification Recipient list*
    | + | *General* |
    • Specify a **Template display name**, for example *WHfB Certificate Authentication*
    • Set the validity period to the desired value
    • Take note of the Template name for later, which should be the same as the Template display name minus spaces (*WHfBCertificateAuthentication* in this example)
    | | *Extensions* | Verify the **Application Policies** extension includes **Smart Card Logon**| - | *Subject Name* |
  • Select the **Build from this Active Directory** information button if it is not already selected
  • Select **Fully distinguished name** from the **Subject name format** list if Fully distinguished name is not already selected
  • Select the **User Principal Name (UPN)** check box under **Include this information in alternative subject name**
    • | - |*Request Handling*|
  • Set the Purpose to **Signature and smartcard logon** and select **Yes** when prompted to change the certificate purpose
  • Select the **Renew with same key** check box
  • Select **Prompt the user during enrollment**
    • | - |*Cryptography*|
  • Set the Provider Category to **Key Storage Provider**
  • Set the Algorithm name to **RSA**
  • Set the minimum key size to **2048**
  • Select **Requests must use one of the following providers**
  • Select **Microsoft Software Key Storage Provider**
  • Set the Request hash to **SHA256**
    • | + | *Subject Name* |
    • Select the **Build from this Active Directory** information button if it is not already selected
    • Select **Fully distinguished name** from the **Subject name format** list if Fully distinguished name is not already selected
    • Select the **User Principal Name (UPN)** check box under **Include this information in alternative subject name**
    | + |*Request Handling*|
    • Set the Purpose to **Signature and smartcard logon** and select **Yes** when prompted to change the certificate purpose
    • Select the **Renew with same key** check box
    • Select **Prompt the user during enrollment**
    | + |*Cryptography*|
    • Set the Provider Category to **Key Storage Provider**
    • Set the Algorithm name to **RSA**
    • Set the minimum key size to **2048**
    • Select **Requests must use one of the following providers**
    • Select **Microsoft Software Key Storage Provider**
    • Set the Request hash to **SHA256**
    | |*Security*|Add the security group that you want to give **Enroll** access to. For example, if you want to give access to all users, select the **Authenticated** users group, and then select Enroll permissions for them| 1. Select **OK** to finalize your changes and create the new template. Your new template should now appear in the list of Certificate Templates @@ -72,7 +72,7 @@ Follow these steps to create a certificate template: 1. Execute the following command, replacing `` with the **Template display name** noted above ```cmd - certutil -dstemplate ** > ** + certutil -dstemplate > ``` 1. Open the text file created by the command above. From 743127563d26466492398a18c30dc7498adf8c7e Mon Sep 17 00:00:00 2001 From: Paolo Matarazzo <74918781+paolomatarazzo@users.noreply.github.com> Date: Wed, 16 Nov 2022 09:02:43 -0500 Subject: [PATCH 064/129] updates --- .../hello-deployment-rdp-certs.md | 4 +-- .../hello-for-business/toc.yml | 30 +++++++++---------- 2 files changed, 17 insertions(+), 17 deletions(-) diff --git a/windows/security/identity-protection/hello-for-business/hello-deployment-rdp-certs.md b/windows/security/identity-protection/hello-for-business/hello-deployment-rdp-certs.md index afb40516e5..39f0b9693b 100644 --- a/windows/security/identity-protection/hello-for-business/hello-deployment-rdp-certs.md +++ b/windows/security/identity-protection/hello-for-business/hello-deployment-rdp-certs.md @@ -164,9 +164,9 @@ Proceed as follows:
    Request a certificate -Once the configuration profile has been created, targeted clients will receive the profile from Intune on their next refresh cycle. You should find a new certificate in the user store. To validate the certificate is present, do the following steps: +Once the Intune policy is created, targeted clients will request a certificate during their next policy refresh cycle. To validate that the certificate is present in the user store, follow these steps: -1. Sign in to a client that is targeted by the Intune policy +1. Sign in to a client targeted by the Intune policy 1. Open the **Certificates - Current User** Microsoft Management Console (MMC). To do so, you can execute the command `certmgr.msc` 1. In the left pane of the MMC, expand **Personal** and select **Certificates** 1. In the right-hand pane of the MMC, check for the new certificate diff --git a/windows/security/identity-protection/hello-for-business/toc.yml b/windows/security/identity-protection/hello-for-business/toc.yml index 17b5735a4f..da68032fe4 100644 --- a/windows/security/identity-protection/hello-for-business/toc.yml +++ b/windows/security/identity-protection/hello-for-business/toc.yml @@ -35,13 +35,21 @@ href: hello-prepare-people-to-use.md - name: Deployment guides items: - - name: Cloud-only deployment - href: hello-aad-join-cloud-only-deploy.md - name: Hybrid cloud Kerberos trust deployment href: hello-hybrid-cloud-kerberos-trust.md - - name: Hybrid Azure AD Join key trust + - name: Azure AD join items: - - name: Hybrid Azure AD join key trust deployment + - name: Cloud-only deployment + href: hello-aad-join-cloud-only-deploy.md + - name: On-premises SSO for Azure AD joined devices + href: hello-hybrid-aadj-sso.md + - name: Configure Azure AD joined devices for on-premises SSO + href: hello-hybrid-aadj-sso-base.md + - name: Using certificates for on-premises SSO + href: hello-hybrid-aadj-sso-cert.md + - name: Hybrid Azure AD join key trust + items: + - name: Hybrid Azure AD join with key trust href: hello-hybrid-key-trust.md - name: Prerequisites href: hello-hybrid-key-trust-prereqs.md @@ -55,7 +63,7 @@ href: hello-hybrid-key-whfb-settings.md - name: Sign-in and provisioning href: hello-hybrid-key-whfb-provision.md - - name: Hybrid Azure AD join certificate trust + - name: Hybrid Azure AD join with certificate trust items: - name: Hybrid Azure AD join certificate trust deployment href: hello-hybrid-cert-trust.md @@ -69,15 +77,7 @@ href: hello-hybrid-cert-whfb-settings.md - name: Sign-in and provisioning href: hello-hybrid-cert-whfb-provision.md - - name: On-premises single-sign-on (SSO) for Azure AD joined devices - items: - - name: On-premises SSO for Azure AD joined devices - href: hello-hybrid-aadj-sso.md - - name: Configure Azure AD joined devices for on-premises SSO - href: hello-hybrid-aadj-sso-base.md - - name: Using certificates for on-premises SSO - href: hello-hybrid-aadj-sso-cert.md - - name: On-premises key trust + - name: Active Directory domain join with key trust items: - name: Key trust deployment href: hello-deployment-key-trust.md @@ -91,7 +91,7 @@ href: hello-key-trust-validate-deploy-mfa.md - name: Configure Windows Hello for Business policy settings href: hello-key-trust-policy-settings.md - - name: On-premises certificate trust + - name: Active Directory domain join with certificate trust deployment items: - name: Certificate trust deployment href: hello-deployment-cert-trust.md From 4f11993d14840c79ea9e35de58229b5989a5f3f4 Mon Sep 17 00:00:00 2001 From: Paolo Matarazzo <74918781+paolomatarazzo@users.noreply.github.com> Date: Wed, 16 Nov 2022 09:28:15 -0500 Subject: [PATCH 065/129] updates --- .../security/identity-protection/hello-for-business/toc.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/windows/security/identity-protection/hello-for-business/toc.yml b/windows/security/identity-protection/hello-for-business/toc.yml index da68032fe4..482b89a541 100644 --- a/windows/security/identity-protection/hello-for-business/toc.yml +++ b/windows/security/identity-protection/hello-for-business/toc.yml @@ -47,9 +47,9 @@ href: hello-hybrid-aadj-sso-base.md - name: Using certificates for on-premises SSO href: hello-hybrid-aadj-sso-cert.md - - name: Hybrid Azure AD join key trust + - name: Hybrid Azure AD join with key trust items: - - name: Hybrid Azure AD join with key trust + - name: Key trust deployment href: hello-hybrid-key-trust.md - name: Prerequisites href: hello-hybrid-key-trust-prereqs.md @@ -65,7 +65,7 @@ href: hello-hybrid-key-whfb-provision.md - name: Hybrid Azure AD join with certificate trust items: - - name: Hybrid Azure AD join certificate trust deployment + - name: Certificate trust deployment href: hello-hybrid-cert-trust.md - name: Prerequisites href: hello-hybrid-cert-trust-prereqs.md From c08d6afdf908f68679baf4f8a60751deeecea6ae Mon Sep 17 00:00:00 2001 From: Sriraman M S <45987684+msbemba@users.noreply.github.com> Date: Wed, 16 Nov 2022 20:10:15 +0530 Subject: [PATCH 066/129] Update demonstrate-deployment-on-vm.md Added a note about hardware best practices for VM Reference https://learn.microsoft.com/en-us/mem/autopilot/autopilot-device-guidelines Fixes # https://github.com/MicrosoftDocs/windows-itpro-docs/issues/10459 --- .../windows-autopilot/demonstrate-deployment-on-vm.md | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/windows/deployment/windows-autopilot/demonstrate-deployment-on-vm.md b/windows/deployment/windows-autopilot/demonstrate-deployment-on-vm.md index 14d1e1698a..070cc21f7d 100644 --- a/windows/deployment/windows-autopilot/demonstrate-deployment-on-vm.md +++ b/windows/deployment/windows-autopilot/demonstrate-deployment-on-vm.md @@ -44,9 +44,12 @@ You'll need the following components to complete this lab: |:---|:---| |**Windows 10 installation media**|Windows 10 Enterprise ISO file for a supported version of Windows 10, general availability channel. If you don't already have an ISO to use, download an [evaluation version of Windows 10 Enterprise](https://www.microsoft.com/evalcenter/evaluate-windows-10-enterprise).| |**Internet access**|If you're behind a firewall, see the detailed [networking requirements](/mem/autopilot/software-requirements#networking-requirements). Otherwise, just make sure that you have a connection to the internet.| -|**Hyper-V or a physical device running Windows 10**|The guide assumes that you'll use a Hyper-V VM, and provides instructions to install and configure Hyper-V if needed. To use a physical device, skip the steps to install and configure Hyper-V.| +|**Hyper-V or a physical device running Windows 10**|The guide assumes that you'll use a Hyper-V VM, and provides instructions to install and configure Hyper-V if needed. To use a physical device, skip the steps to install and configure Hyper-V. | |**An account with Azure Active Directory (Azure AD) Premium license**|This guide will describe how to get a free 30-day trial Azure AD Premium subscription that can be used to complete the lab.| +> [!NOTE] +> When using a VM for Autopilot testing, assign at least 2 processors and 4gb of memory. *Note: The [minimum system requirements](/windows/whats-new/windows-11-requirements#virtual-machine-support) for Windows 11 are 2 processors and 4gb memory. + ## Procedures A summary of the sections and procedures in the lab is provided below. Follow each section in the order it's presented, skipping the sections that don't apply to you. Optional procedures are provided in the appendices. From c7b6afe99fd8ac293d74ff04330a63fa8e9fade6 Mon Sep 17 00:00:00 2001 From: Sriraman M S <45987684+msbemba@users.noreply.github.com> Date: Wed, 16 Nov 2022 20:14:48 +0530 Subject: [PATCH 067/129] Update demonstrate-deployment-on-vm.md --- .../windows-autopilot/demonstrate-deployment-on-vm.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/deployment/windows-autopilot/demonstrate-deployment-on-vm.md b/windows/deployment/windows-autopilot/demonstrate-deployment-on-vm.md index 070cc21f7d..563c4e237d 100644 --- a/windows/deployment/windows-autopilot/demonstrate-deployment-on-vm.md +++ b/windows/deployment/windows-autopilot/demonstrate-deployment-on-vm.md @@ -44,7 +44,7 @@ You'll need the following components to complete this lab: |:---|:---| |**Windows 10 installation media**|Windows 10 Enterprise ISO file for a supported version of Windows 10, general availability channel. If you don't already have an ISO to use, download an [evaluation version of Windows 10 Enterprise](https://www.microsoft.com/evalcenter/evaluate-windows-10-enterprise).| |**Internet access**|If you're behind a firewall, see the detailed [networking requirements](/mem/autopilot/software-requirements#networking-requirements). Otherwise, just make sure that you have a connection to the internet.| -|**Hyper-V or a physical device running Windows 10**|The guide assumes that you'll use a Hyper-V VM, and provides instructions to install and configure Hyper-V if needed. To use a physical device, skip the steps to install and configure Hyper-V. | +|**Hyper-V or a physical device running Windows 10**|The guide assumes that you'll use a Hyper-V VM, and provides instructions to install and configure Hyper-V if needed. To use a physical device, skip the steps to install and configure Hyper-V.| |**An account with Azure Active Directory (Azure AD) Premium license**|This guide will describe how to get a free 30-day trial Azure AD Premium subscription that can be used to complete the lab.| > [!NOTE] From ca2948b5e36e0955c885c4c69a127a79a5585888 Mon Sep 17 00:00:00 2001 From: Sriraman M S <45987684+msbemba@users.noreply.github.com> Date: Wed, 16 Nov 2022 20:58:16 +0530 Subject: [PATCH 068/129] Update windows/deployment/windows-autopilot/demonstrate-deployment-on-vm.md Co-authored-by: JohanFreelancer9 <48568725+JohanFreelancer9@users.noreply.github.com> --- .../windows-autopilot/demonstrate-deployment-on-vm.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/deployment/windows-autopilot/demonstrate-deployment-on-vm.md b/windows/deployment/windows-autopilot/demonstrate-deployment-on-vm.md index 563c4e237d..28d817ea6d 100644 --- a/windows/deployment/windows-autopilot/demonstrate-deployment-on-vm.md +++ b/windows/deployment/windows-autopilot/demonstrate-deployment-on-vm.md @@ -48,7 +48,7 @@ You'll need the following components to complete this lab: |**An account with Azure Active Directory (Azure AD) Premium license**|This guide will describe how to get a free 30-day trial Azure AD Premium subscription that can be used to complete the lab.| > [!NOTE] -> When using a VM for Autopilot testing, assign at least 2 processors and 4gb of memory. *Note: The [minimum system requirements](/windows/whats-new/windows-11-requirements#virtual-machine-support) for Windows 11 are 2 processors and 4gb memory. +> When using a VM for Autopilot testing, assign at least two processors and 4 GB of memory. ## Procedures From 1a72b252834bfba00ede850bb0deecfee9264662 Mon Sep 17 00:00:00 2001 From: Paolo Matarazzo <74918781+paolomatarazzo@users.noreply.github.com> Date: Wed, 16 Nov 2022 10:36:07 -0500 Subject: [PATCH 069/129] updates --- .../hello-deployment-rdp-certs.md | 78 +++++++++++-------- .../hello-for-business/toc.yml | 4 +- 2 files changed, 46 insertions(+), 36 deletions(-) diff --git a/windows/security/identity-protection/hello-for-business/hello-deployment-rdp-certs.md b/windows/security/identity-protection/hello-for-business/hello-deployment-rdp-certs.md index 39f0b9693b..f2dbd48777 100644 --- a/windows/security/identity-protection/hello-for-business/hello-deployment-rdp-certs.md +++ b/windows/security/identity-protection/hello-for-business/hello-deployment-rdp-certs.md @@ -1,6 +1,6 @@ --- -title: Deploy certificates to cloud Kerberos trust and key trust users to enable RDP -description: Learn how to deploy certificates to a cloud Kerberos trust and key trust user to enable remote desktop with supplied credentials. +title: Deploy certificates for remote desktop sign-in +description: Learn how to deploy certificates to cloud Kerberos trust and key trust users, to enable remote desktop sign-in with supplied credentials. ms.prod: windows-client author: paolomatarazzo ms.author: paoloma @@ -17,7 +17,7 @@ appliesto: ms.technology: itpro-security --- -# Deploy certificates to cloud Kerberos trust and key trust users for RDP authentication +# Deploy certificates for remote desktop (RDP) sign-in This document describes Windows Hello for Business functionalities or scenarios that apply to:\ ✅ **Deployment type:** [hybrid](hello-how-it-works-technology.md#hybrid-deployment)\ @@ -113,38 +113,36 @@ Follow these steps to create a certificate template: > [!NOTE] > This process is applicable to both *Azure AD joined* and *hybrid Azure AD joined* devices that are managed via Intune. -Deploying a certificate to Azure AD joined or hybrid Azure AD joined devices may be achieved using the Simple Certificate Enrollment Protocol (SCEP) or PFX via Intune. For guidance deploying the required infrastructure, refer to [Configure infrastructure to support SCEP certificate profiles with Microsoft Intune](/mem/intune/protect/certificates-scep-configure). +Deploying a certificate to Azure AD joined or hybrid Azure AD joined devices may be achieved using the Simple Certificate Enrollment Protocol (SCEP) or PKCS (PFX) via Intune. For guidance deploying the required infrastructure, refer to: -Next you should deploy the root CA certificate (and any other intermediate certificate authority certificates) to Azure AD Joined Devices using a Trusted root certificate profile with Intune. For guidance, refer to [Create trusted certificate profiles in Microsoft Intune](/mem/intune/protect/certificates-trusted-root). +- [Configure infrastructure to support SCEP certificate profiles with Microsoft Intune][MEM-1] +- [Configure and use PKCS certificates with Intune][MEM-2] + +Next, you should deploy the root CA certificate (and any other intermediate certificate authority certificates) to Azure AD joined Devices using a *Trusted root certificate* policy with Intune. For guidance, refer to [Create trusted certificate profiles in Microsoft Intune][MEM-5]. Once these requirements are met, a policy can be configured in Intune that provisions certificates for the users on the targeted device.
    -Create a SCEP profile in Intune +Create a policy in Intune -Proceed as follows: +This section describes how to configure a SCEP policy in Intune. Similar steps can be followed to configure a PKCS policy. -1. Sign in to the Microsoft [Endpoint Manager admin center](https://go.microsoft.com/fwlink/?linkid=2109431) -1. Navigate to Devices \> Configuration Profiles \> Create profile -1. Enter the following properties: - 1. For Platform, select **Windows 10 and later** - 1. For Profile, select **SCEP Certificate** - 1. Click **Create** -1. In **Basics**, enter the following parameters: - 1. **Name**: Enter a descriptive name for the profile. Name your profiles so you can easily identify them later. For example, a good profile name is SCEP profile for entire company - 1. **Description**: Enter a description for the profile. This setting is optional, but recommended - 1. Select **Next** -1. In the **Configuration settings**, complete the following: - 1. For Certificate Type, choose **User** +1. Go to the Microsoft Endpoint Manager admin center +1. Select **Devices > Configuration profiles > Create profile** +1. Select **Platform > Windows 10 and later** and **Profile type > Templates > SCEP Certificate** +1. Select **Create** +1. Provide a **Name** and, optionally, a **Description > Next** +1. In the *Configuration settings* blade, complete the following: + 1. For Certificate Type, select **User** 1. For Subject name format, set it to **CN={{UserPrincipalName}}** 1. Under Subject alternative name, select **User principal name (UPN)** from the drop-down menu and set the value to **CN={{UserPrincipalName}}** 1. For Certificate validity period, set a value of your choosing - 1. For Key storage provider (KSP), choose **Enroll to Windows Hello for Business, otherwise fail (Windows 10 and later)** - 1. For Key usage, choose **Digital Signature** - 1. For Key size (bits), choose **2048** - 1. For Hash algorithm, choose **SHA-2** - 1. Under Root Certificate, click **+Root Certificate** and select the trusted certificate profile you created earlier for the Root CA Certificate. + 1. For Key storage provider (KSP), select **Enroll to Windows Hello for Business, otherwise fail (Windows 10 and later)** + 1. For Key usage, select **Digital Signature** + 1. For Key size (bits), select **2048** + 1. For Hash algorithm, select **SHA-2** + 1. Under Root Certificate, select **+Root Certificate** and select the trusted certificate profile you created earlier for the Root CA Certificate 1. Under Extended key usage, add the following: | Name | Object Identifier | Predefined Values | @@ -152,12 +150,15 @@ Proceed as follows: | Smart Card Logon | 1.3.6.1.4.1.311.20.2.2 | Smart Card Logon | | Client Authentication | 1.3.6.1.5.5.7.3.2 | Client Authentication | - 1. For Renewal threshold (%), set a value of your choosing. - 1. For SCEP Server URLs, provide the public endpoint that you configured during the deployment of your SCEP infrastructure. - 1. Click **Next** -1. In Assignments, target the devices or users who should receive a certificate and click **Next** -1. In Applicability Rules, provide additional issuance restrictions if required and click **Next** -1. In Review + create, click **Create** + 1. For Renewal threshold (%), set a value of your choosing + 1. For SCEP Server URLs, provide the public endpoint that you configured during the deployment of your SCEP infrastructure + 1. Select **Next** +1. In the *Assignments*, target the devices or users who should receive a certificate and select **Next** +1. In the *Applicability Rules* blade, provide additional issuance restrictions if needed and select **Next** +1. In the *Review + create* blade, select **Create** + +For more information how to configure SCEP policies, see [Configure SCEP certificate profiles in Intune][MEM-3]. +To configure PKCS policies, see [Configure and use PKCS certificate with Intune][MEM-4].
    @@ -175,9 +176,9 @@ Once the Intune policy is created, targeted clients will request a certificate d ## Using non-Microsoft Enterprise Certificate Authorities -If you are using a non-Microsoft PKI, the certificate templates published to the on-premises Active Directory may not be available. For guidance with integration of Intune/SCEP with non-Microsoft PKI deployments, refer to [Use third-party certification authorities (CA) with SCEP in Microsoft Intune](/mem/intune/protect/certificate-authority-add-scep-overview). +If you are using a non-Microsoft PKI, the certificate templates published to the on-premises Active Directory may not be available. For guidance with integration of Intune/SCEP with non-Microsoft PKI deployments, refer to [Use third-party certification authorities (CA) with SCEP in Microsoft Intune][MEM-6]. -As an alternative to using SCEP or if none of the previously covered solutions will work in your environment, you can manually generate Certificate Signing Requests (CSR) for submission to your PKI. To assist with this approach, you can use the [Generate-CertificateRequest](https://www.powershellgallery.com/packages/Generate-CertificateRequest) PowerShell commandlet. +As an alternative to using SCEP or if none of the previously covered solutions will work in your environment, you can manually generate Certificate Signing Requests (CSR) for submission to your PKI. To assist with this approach, you can use the [Generate-CertificateRequest][HTTP-1] PowerShell commandlet. The `Generate-CertificateRequest` commandlet will generate an *.inf* file for a pre-existing Windows Hello for Business key. The *.inf* can be used to generate a certificate request manually using `certreq.exe`. The commandlet will also generate a *.req* file, which can be submitted to your PKI for a certificate. @@ -185,6 +186,15 @@ The `Generate-CertificateRequest` commandlet will generate an *.inf* file for a After adding the certificate using an approach from any of the previous sections, you can RDP to any Windows device or server in the same Forest as the user's Active Directory account, provided the PKI certificate chain for the issuing certificate authority is deployed to that target server. -1. Open the Remote Desktop Client (`%windir%\system32\mstsc.exe`) on the client where the authentication certificate has been deployed +1. Open the Remote Desktop Client (`mstsc.exe`) on the client where the authentication certificate has been deployed 1. Attempt an RDP session to a target server -1. Use the certificate credential protected by your Windows Hello for Business gesture to authenticate \ No newline at end of file +1. Use the certificate credential protected by your Windows Hello for Business gesture to authenticate + +[MEM-1]: /mem/intune/protect/certificates-scep-configure +[MEM-2]: /mem/intune/protect/certificates-pfx-configure +[MEM-3]: /mem/intune/protect/certificates-profile-scep +[MEM-4]: /mem/intune/protect/certificates-pfx-configure +[MEM-5]: /mem/intune/protect/certificates-trusted-root +[MEM-6]: /mem/intune/protect/certificate-authority-add-scep-overview + +[HTTP-1]: https://www.powershellgallery.com/packages/Generate-CertificateRequest \ No newline at end of file diff --git a/windows/security/identity-protection/hello-for-business/toc.yml b/windows/security/identity-protection/hello-for-business/toc.yml index 482b89a541..ce82c50488 100644 --- a/windows/security/identity-protection/hello-for-business/toc.yml +++ b/windows/security/identity-protection/hello-for-business/toc.yml @@ -105,7 +105,7 @@ href: hello-cert-trust-validate-deploy-mfa.md - name: Configure Windows Hello for Business policy settings href: hello-cert-trust-policy-settings.md - - name: Deploy certificates for remote desktop (RDP) authentication + - name: Deploy certificates for remote desktop (RDP) sign-in href: hello-deployment-rdp-certs.md - name: Manage Windows Hello for Business in your organization href: hello-manage-in-organization.md @@ -121,7 +121,7 @@ href: hello-feature-dynamic-lock.md - name: Multi-factor Unlock href: feature-multifactor-unlock.md - - name: Remote Desktop + - name: Remote desktop (RDP) sign-in href: hello-feature-remote-desktop.md - name: Troubleshooting items: From d07c978334c5d2b3b29a34cb53443bcba1187714 Mon Sep 17 00:00:00 2001 From: Paolo Matarazzo <74918781+paolomatarazzo@users.noreply.github.com> Date: Wed, 16 Nov 2022 10:36:42 -0500 Subject: [PATCH 070/129] updates --- education/windows/edu-stickers.md | 14 -------------- 1 file changed, 14 deletions(-) diff --git a/education/windows/edu-stickers.md b/education/windows/edu-stickers.md index f89fe5b379..dc25c4e817 100644 --- a/education/windows/edu-stickers.md +++ b/education/windows/edu-stickers.md @@ -41,20 +41,6 @@ Stickers aren't enabled by default. Follow the instructions below to configure y [!INCLUDE [intune-custom-settings-2](includes/intune-custom-settings-2.md)] [!INCLUDE [intune-custom-settings-info](includes/intune-custom-settings-info.md)] -```msgraph-interactive -POST https://graph.microsoft.com/beta/deviceManagement/deviceConfigurations/{"id":"00-0000-0000-0000-000000000000","displayName":"Stickers","roleScopeTagIds":["0"],"@odata.type":"#microsoft.graph.windows10CustomConfiguration","omaSettings":[{"omaUri":"./Vendor/MSFT/Policy/Config/Stickers/EnableStickers","displayName":"EnableStickers","@odata.type":"#microsoft.graph.omaSettingInteger","value":1}]} -``` - -Try this policy in your tenant: - -```msgraph-interactive -https://developer.microsoft.com/en-us/graph/graph-explorer?request=deviceManagement%2FdeviceConfigurations&method=POST&version=beta&GraphUrl=https://graph.microsoft.com&requestBody=eyJpZCI6IjAwLTAwMDAtMDAwMC0wMDAwLTAwMDAwMDAwMDAwMCIsImRpc3BsYXlOYW1lIjoiU3RpY2tlcnMiLCJyb2xlU2NvcGVUYWdJZHMiOlsiMCJdLCJAb2RhdGEudHlwZSI6IiNtaWNyb3NvZnQuZ3JhcGgud2luZG93czEwQ3VzdG9tQ29uZmlndXJhdGlvbiIsIm9tYVNldHRpbmdzIjpbeyJvbWFVcmkiOiIuL1ZlbmRvci9NU0ZUL1BvbGljeS9Db25maWcvU3RpY2tlcnMvRW5hYmxlU3RpY2tlcnMiLCJkaXNwbGF5TmFtZSI6IkVuYWJsZVN0aWNrZXJzIiwiQG9kYXRhLnR5cGUiOiIjbWljcm9zb2Z0LmdyYXBoLm9tYVNldHRpbmdJbnRlZ2VyIiwidmFsdWUiOjF9XX0= -``` - -```msgraph-interactive -POST https://graph.microsoft.com?request=deviceManagement%2FdeviceConfigurations&method=POST&version=beta&GraphUrl=https://graph.microsoft.com&requestBody=eyJpZCI6IjAwLTAwMDAtMDAwMC0wMDAwLTAwMDAwMDAwMDAwMCIsImRpc3BsYXlOYW1lIjoiU3RpY2tlcnMiLCJyb2xlU2NvcGVUYWdJZHMiOlsiMCJdLCJAb2RhdGEudHlwZSI6IiNtaWNyb3NvZnQuZ3JhcGgud2luZG93czEwQ3VzdG9tQ29uZmlndXJhdGlvbiIsIm9tYVNldHRpbmdzIjpbeyJvbWFVcmkiOiIuL1ZlbmRvci9NU0ZUL1BvbGljeS9Db25maWcvU3RpY2tlcnMvRW5hYmxlU3RpY2tlcnMiLCJkaXNwbGF5TmFtZSI6IkVuYWJsZVN0aWNrZXJzIiwiQG9kYXRhLnR5cGUiOiIjbWljcm9zb2Z0LmdyYXBoLm9tYVNldHRpbmdJbnRlZ2VyIiwidmFsdWUiOjF9XX0= -``` - #### [:::image type="icon" source="images/icons/provisioning-package.svg"::: **PPKG**](#tab/ppkg) To configure devices using a provisioning package, [create a provisioning package][WIN-1] using Windows Configuration Designer (WCD) with the following settings: From 4decd09d99b31703a05cf879a8d4b5790f83e698 Mon Sep 17 00:00:00 2001 From: Paolo Matarazzo <74918781+paolomatarazzo@users.noreply.github.com> Date: Wed, 16 Nov 2022 11:14:29 -0500 Subject: [PATCH 071/129] updates --- .../hello-deployment-rdp-certs.md | 44 +++++++++---------- 1 file changed, 20 insertions(+), 24 deletions(-) diff --git a/windows/security/identity-protection/hello-for-business/hello-deployment-rdp-certs.md b/windows/security/identity-protection/hello-for-business/hello-deployment-rdp-certs.md index f2dbd48777..a4c916396b 100644 --- a/windows/security/identity-protection/hello-for-business/hello-deployment-rdp-certs.md +++ b/windows/security/identity-protection/hello-for-business/hello-deployment-rdp-certs.md @@ -132,30 +132,26 @@ This section describes how to configure a SCEP policy in Intune. Similar steps c 1. Select **Devices > Configuration profiles > Create profile** 1. Select **Platform > Windows 10 and later** and **Profile type > Templates > SCEP Certificate** 1. Select **Create** -1. Provide a **Name** and, optionally, a **Description > Next** -1. In the *Configuration settings* blade, complete the following: - 1. For Certificate Type, select **User** - 1. For Subject name format, set it to **CN={{UserPrincipalName}}** - 1. Under Subject alternative name, select **User principal name (UPN)** from the drop-down menu and set the value to **CN={{UserPrincipalName}}** - 1. For Certificate validity period, set a value of your choosing - 1. For Key storage provider (KSP), select **Enroll to Windows Hello for Business, otherwise fail (Windows 10 and later)** - 1. For Key usage, select **Digital Signature** - 1. For Key size (bits), select **2048** - 1. For Hash algorithm, select **SHA-2** - 1. Under Root Certificate, select **+Root Certificate** and select the trusted certificate profile you created earlier for the Root CA Certificate - 1. Under Extended key usage, add the following: - - | Name | Object Identifier | Predefined Values | - |------|-------------------|-------------------| - | Smart Card Logon | 1.3.6.1.4.1.311.20.2.2 | Smart Card Logon | - | Client Authentication | 1.3.6.1.5.5.7.3.2 | Client Authentication | - - 1. For Renewal threshold (%), set a value of your choosing - 1. For SCEP Server URLs, provide the public endpoint that you configured during the deployment of your SCEP infrastructure - 1. Select **Next** -1. In the *Assignments*, target the devices or users who should receive a certificate and select **Next** -1. In the *Applicability Rules* blade, provide additional issuance restrictions if needed and select **Next** -1. In the *Review + create* blade, select **Create** +1. In the *Basics* blade, provide a **Name** and, optionally, a **Description > Next** +1. In the *Configuration settings* blade, use the following table to configure the policy: + | Setting| Configurations | + | --- | --- | + |*Certificate Type*| User | + |*Subject name format* | `CN={{UserPrincipalName}}` | + |*Subject alternative name* |From the dropdown, select **User principal name (UPN)** with a value of `CN={{UserPrincipalName}}` + |*Certificate validity period* | Configure a value of your choosing| + |*Key storage provider (KSP)* | **Enroll to Windows Hello for Business, otherwise fail (Windows 10 and later)** + |*Key usage*| **Digital Signature**| + |*Key size (bits)* | **2048**| + |*For Hash algorithm*|**SHA-2**| + |*Root Certificate*| Select **+Root Certificate** and select the trusted certificate profile created earlier for the Root CA Certificate| + |*Extended key usage*|
    • *Name:* **Smart Card Logon**
    • *Object Identifier:* `1.3.6.1.4.1.311.20.2.2`
    • *Predefined Values:* **Smart Card Logon**

    • *Name:* **Client Authentication**
    • *Object Identifier:* `1.3.6.1.5.5.7.3.2 `
    • *Predefined Values:* **Client Authentication**
    | + |*Renewal threshold (%)*|Configure a value of your choosing| + |*SCEP Server URLs*|Provide the public endpoint(s) that you configured during the deployment of your SCEP infrastructure| +1. Select **Next** +1. In the *Assignments* bladeAssign the policy to a security group that contains as members the devices or users that you want to configure and select **Next** +1. In the *Applicability Rules* blade, provide additional issuance restrictions, if needed, and select **Next** +1. In the *Review + create* blade, review the policy configuration and select **Create** For more information how to configure SCEP policies, see [Configure SCEP certificate profiles in Intune][MEM-3]. To configure PKCS policies, see [Configure and use PKCS certificate with Intune][MEM-4]. From 8934e8daf63c89b6565df7750b155d1f9804ec80 Mon Sep 17 00:00:00 2001 From: Paolo Matarazzo <74918781+paolomatarazzo@users.noreply.github.com> Date: Wed, 16 Nov 2022 11:31:38 -0500 Subject: [PATCH 072/129] updates --- .../hello-for-business/hello-deployment-rdp-certs.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/windows/security/identity-protection/hello-for-business/hello-deployment-rdp-certs.md b/windows/security/identity-protection/hello-for-business/hello-deployment-rdp-certs.md index a4c916396b..7906bff218 100644 --- a/windows/security/identity-protection/hello-for-business/hello-deployment-rdp-certs.md +++ b/windows/security/identity-protection/hello-for-business/hello-deployment-rdp-certs.md @@ -134,6 +134,7 @@ This section describes how to configure a SCEP policy in Intune. Similar steps c 1. Select **Create** 1. In the *Basics* blade, provide a **Name** and, optionally, a **Description > Next** 1. In the *Configuration settings* blade, use the following table to configure the policy: + | Setting| Configurations | | --- | --- | |*Certificate Type*| User | @@ -148,6 +149,7 @@ This section describes how to configure a SCEP policy in Intune. Similar steps c |*Extended key usage*|
    • *Name:* **Smart Card Logon**
    • *Object Identifier:* `1.3.6.1.4.1.311.20.2.2`
    • *Predefined Values:* **Smart Card Logon**

    • *Name:* **Client Authentication**
    • *Object Identifier:* `1.3.6.1.5.5.7.3.2 `
    • *Predefined Values:* **Client Authentication**
    | |*Renewal threshold (%)*|Configure a value of your choosing| |*SCEP Server URLs*|Provide the public endpoint(s) that you configured during the deployment of your SCEP infrastructure| + 1. Select **Next** 1. In the *Assignments* bladeAssign the policy to a security group that contains as members the devices or users that you want to configure and select **Next** 1. In the *Applicability Rules* blade, provide additional issuance restrictions, if needed, and select **Next** From 422af7550e40f213ac829674ebb50b32b41e3b02 Mon Sep 17 00:00:00 2001 From: mounicabattula <95552440+mounicabattula@users.noreply.github.com> Date: Wed, 16 Nov 2022 10:54:26 -0800 Subject: [PATCH 073/129] Update windows-autopatch-fix-issues.md --- .../prepare/windows-autopatch-fix-issues.md | 24 +++++++++++++++++++ 1 file changed, 24 insertions(+) diff --git a/windows/deployment/windows-autopatch/prepare/windows-autopatch-fix-issues.md b/windows/deployment/windows-autopatch/prepare/windows-autopatch-fix-issues.md index 4b87f046dd..03a37a5dc7 100644 --- a/windows/deployment/windows-autopatch/prepare/windows-autopatch-fix-issues.md +++ b/windows/deployment/windows-autopatch/prepare/windows-autopatch-fix-issues.md @@ -70,3 +70,27 @@ Windows Autopatch requires the following licenses: | Result | Meaning | | ----- | ----- | | Not ready | Windows Autopatch requires Windows 10/11 Enterprise E3 (or higher) to be assigned to your users. Additionally, Azure Active Directory Premium, and Microsoft Intune are required. For more information, see [more about licenses](../prepare/windows-autopatch-prerequisites.md#more-about-licenses). | + +## Submit a support request + +> [!IMPORTANT] +> Make sure you've verified the admin contacts. The Windows Autopatch Service Engineering Team will contact these individuals for assistance with troubleshooting issues. + +You can submit support tickets to Microsoft on the Windows Autopatch enrollment tool. Email is the recommended approach to interact with the Windows Autopatch Service Engineering Team. + +**To submit a new support request:** + +1. If the Readiness assessment tool fails, remediation steps can be found by clicking on **View details** under **Management settings** and then clicking on the individual check. **Contact Support** button will be available below remediation instructions in the fly-in-pane. +2. Enter your question(s) and/or a description of the problem. +1. Review all the information you provided for accuracy. +1. When you're ready, select **Create**. + +### Manage an active support request + +The primary contact for the support request will receive email notifications when a case is created, assigned to a service engineer to investigate, and mitigated. If, at any point, you have a question about the case, the best way to get in touch is to reply directly to one of those emails. If we have questions about your request or need more details, we'll email the primary contact listed on the support requests. + +**To view all your active pre-enrollment support requests:** + +1. Sign into the [Endpoint Manager admin center](https://go.microsoft.com/fwlink/?linkid=2109431) and navigate to the **Tenant Administration** menu. +1. In the **Windows Autopatch** section, select **Tenant Enrollment**. +1. On the **Support history** tab, you can view the list of call support cases, or select individual case to view the details. From ba9900a68020726ecb7bf3858633538529d0aa47 Mon Sep 17 00:00:00 2001 From: Frank Rojas <45807133+frankroj@users.noreply.github.com> Date: Wed, 16 Nov 2022 14:03:00 -0500 Subject: [PATCH 074/129] Metadata/style update BitLocker 13 --- .../bitlocker/ts-bitlocker-config-issues.md | 4 +- .../ts-bitlocker-decode-measured-boot-logs.md | 67 +++--- .../bitlocker/ts-bitlocker-intune-issues.md | 213 +++++++++--------- .../ts-bitlocker-network-unlock-issues.md | 84 +++---- 4 files changed, 193 insertions(+), 175 deletions(-) diff --git a/windows/security/information-protection/bitlocker/ts-bitlocker-config-issues.md b/windows/security/information-protection/bitlocker/ts-bitlocker-config-issues.md index cc7c58afe1..1c938a9f75 100644 --- a/windows/security/information-protection/bitlocker/ts-bitlocker-config-issues.md +++ b/windows/security/information-protection/bitlocker/ts-bitlocker-config-issues.md @@ -35,7 +35,7 @@ By using the new conversion model, sensitive data can be stored on the drive as ### Other BitLocker enhancements -Several other areas of BitLocker were improved in version of Windows released after Windows 7: +Several other areas of BitLocker were improved in versions of Windows released after Windows 7: - **New encryption algorithm, XTS-AES** - Added in Windows 10 version 1511, this algorithm provides additional protection from a class of attacks on encrypted data that rely on manipulating cipher text to cause predictable changes in plain text. @@ -138,7 +138,7 @@ In the guest VM domain controller **Applications and Services Logs** > **Directo When this issue occurs, the **Active Directory Domain Services (NTDS) VSS Writer** will display the following error when the **`vssadmin.exe list writers`** command is run: -``` error +``` Error Writer name: 'NTDS' Writer Id: {b2014c9e-8711-4c5c-a5a9-3cf384484757} Writer Instance Id: {08321e53-4032-44dc-9b03-7a1a15ad3eb8} diff --git a/windows/security/information-protection/bitlocker/ts-bitlocker-decode-measured-boot-logs.md b/windows/security/information-protection/bitlocker/ts-bitlocker-decode-measured-boot-logs.md index b1fdeaf64c..073f0772fa 100644 --- a/windows/security/information-protection/bitlocker/ts-bitlocker-decode-measured-boot-logs.md +++ b/windows/security/information-protection/bitlocker/ts-bitlocker-decode-measured-boot-logs.md @@ -18,102 +18,103 @@ ms.custom: bitlocker Platform Configuration Registers (PCRs) are memory locations in the Trusted Platform Module (TPM). BitLocker and its related technologies depend on specific PCR configurations. Additionally, specific change in PCRs can cause a device or computer to enter BitLocker recovery mode. -By tracking changes in the PCRs, and identifying when they changed, you can gain insight into issues that occur or learn why a device or computer entered BitLocker recovery mode. The Measured Boot logs record PCR changes and other information. These logs are located in the C:\\Windows\\Logs\\MeasuredBoot\\ folder. +By tracking changes in the PCRs, and identifying when they changed, insight can be gained into issues that occur or learn why a device or computer entered BitLocker recovery mode. The Measured Boot logs record PCR changes and other information. These logs are located in the `C:\Windows\Logs\MeasuredBoot\` folder. -This article describes tools that you can use to decode these logs: TBSLogGenerator and PCPTool. +This article describes tools that can be used to decode these logs: `TBSLogGenerator.exe` and `PCPTool.exe`. For more information about Measured Boot and PCRs, see the following articles: - [TPM fundamentals: Measured Boot with support for attestation](../tpm/tpm-fundamentals.md#measured-boot-with-support-for-attestation) - [Understanding PCR banks on TPM 2.0 devices](../tpm/switch-pcr-banks-on-tpm-2-0-devices.md) -## Use TBSLogGenerator to decode Measured Boot logs +## Use `TBSLogGenerator.exe` to decode Measured Boot logs -Use TBSLogGenerator to decode Measured Boot logs that you have collected from Windows 11, Windows 10, and earlier versions. You can install this tool on the following systems: +Use `TBSLogGenerator.exe` to decode Measured Boot logs that were collected from Windows. `TBSLogGenerator.exe` can be installed on the following systems: -- A computer that is running Windows Server 2016 and that has a TPM enabled -- A Gen 2 virtual machine (running on Hyper-V) that is running Windows Server 2016 (you can use the virtual TPM) +- A computer that is running Windows Server 2016 or newer and that has a TPM enabled +- A Gen 2 virtual machine running on Hyper-V that is running Windows Server 2016 or newer and is using a virtual TPM. To install the tool, follow these steps: -1. Download the Windows Hardware Lab Kit from one of the following locations: +1. Download the Windows Hardware Lab Kit from [Windows Hardware Lab Kit](/windows-hardware/test/hlk/). - - [Windows Hardware Lab Kit](/windows-hardware/test/hlk/) - - Direct download link for Windows Server 2016: [Windows HLK, version 1607](https://go.microsoft.com/fwlink/p/?LinkID=404112) +2. After downloading, run the installation file from the path where the install was downloaded to. -1. Accept the default installation path. +3. Accept the default installation path. ![Specify Location page of the Windows Hardware Lab Kit installation wizard.](./images/ts-tpm-1.png) -1. Under **Select the features you want to install**, select **Windows Hardware Lab Kit—Controller + Studio**. +4. Under **Select the features you want to install**, select **Windows Hardware Lab Kit—Controller + Studio**. ![Select features page of the Windows Hardware Lab Kit installation wizard.](./images/ts-tpm-2.png) -1. Finish the installation. +5. Finish the installation. -To use TBSLogGenerator, follow these steps: +To use `TBSLogGenerator.exe`, follow these steps: 1. After the installation finishes, open an elevated Command Prompt window and navigate to the following folder: - **C:\\Program Files (x86)\\Windows Kits\\10\\Hardware Lab Kit\\Tests\\amd64\\NTTEST\\BASETEST\\ngscb** + **`C:\Program Files (x86)\Windows Kits\10\Hardware Lab Kit\Tests\amd64\NTTEST\BASETEST\ngscb`** - This folder contains the TBSLogGenerator.exe file. + This folder contains the `TBSLogGenerator.exe` file. - ![Properties and location of the TBSLogGenerator.exe file.](./images/ts-tpm-3.png) + ![Properties and location of the `TBSLogGenerator.exe` file.](./images/ts-tpm-3.png) 1. Run the following command: - ```console + ``` syntax TBSLogGenerator.exe -LF \.log > \.txt ``` where the variables represent the following values: + - \<*LogFolderName*> = the name of the folder that contains the file to be decoded - \<*LogFileName*> = the name of the file to be decoded - \<*DestinationFolderName*> = the name of the folder for the decoded text file - \<*DecodedFileName*> = the name of the decoded text file - For example, the following figure shows Measured Boot logs that were collected from a Windows 10 computer and put into the C:\\MeasuredBoot\\ folder. The figure also shows a Command Prompt window and the command to decode the **0000000005-0000000000.log** file: + For example, the following figure shows Measured Boot logs that were collected from a Windows 10 computer and put into the **`C:\MeasuredBoot\`** folder. The figure also shows a Command Prompt window and the command to decode the **`0000000005-0000000000.log`** file: - ```console + ``` syntax TBSLogGenerator.exe -LF C:\MeasuredBoot\0000000005-0000000000.log > C:\MeasuredBoot\0000000005-0000000000.txt ``` - ![Command Prompt window that shows an example of how to use TBSLogGenerator.](./images/ts-tpm-4.png) + ![Command Prompt window that shows an example of how to use `TBSLogGenerator.exe`.](./images/ts-tpm-4.png) - The command produces a text file that uses the specified name. In the case of the example, the file is **0000000005-0000000000.txt**. The file is located in the same folder as the original .log file. + The command produces a text file that uses the specified name. In this example, the file is **`0000000005-0000000000.txt`**. The file is located in the same folder as the original `.log` file. - ![Windows Explorer window that shows the text file that TBSLogGenerator produces.](./images/ts-tpm-5.png) + ![Windows Explorer window that shows the text file that `TBSLogGenerator.exe`produces.](./images/ts-tpm-5.png) + + The content of this text file is similar to the following text: - The content of this text file resembles the following. - ![Contents of the text file, as shown in NotePad.](./images/ts-tpm-6.png) - + To find the PCR information, go to the end of the file. - + ![View of NotePad that shows the PCR information at the end of the text file.](./images/ts-tpm-7.png) -## Use PCPTool to decode Measured Boot logs +## Use `PCPTool.exe` to decode Measured Boot logs > [!NOTE] -> PCPTool is a Visual Studio solution, but you need to build the executable before you can start using this tool. +> `PCPTool.exe` is a Visual Studio solution, but executable needs to be built before tool can be used. -PCPTool is part of the [TPM Platform Crypto-Provider Toolkit](https://www.microsoft.com/download/details.aspx?id=52487). The tool decodes a Measured Boot log file and converts it into an XML file. +`PCPTool.exe` is part of the [TPM Platform Crypto-Provider Toolkit](https://www.microsoft.com/download/details.aspx?id=52487). The tool decodes a Measured Boot log file and converts it into an XML file. -To download and install PCPTool, go to the Toolkit page, select **Download**, and follow the instructions. +To download and install `PCPTool.exe`, go to the Toolkit page, select **Download**, and follow the instructions. To decode a log, run the following command: -```console +``` syntax PCPTool.exe decodelog \.log > \.xml ``` where the variables represent the following values: + - \<*LogFolderPath*> = the path to the folder that contains the file to be decoded - \<*LogFileName*> = the name of the file to be decoded - \<*DestinationFolderName*> = the name of the folder for the decoded text file - \<*DecodedFileName*> = the name of the decoded text file -The content of the XML file resembles the following. +The content of the XML file will be similar to the following XML: -:::image type="content" alt-text="Command Prompt window that shows an example of how to use PCPTool." source="./images/pcptool-output.jpg" lightbox="./images/pcptool-output.jpg"::: +:::image type="content" alt-text="Command Prompt window that shows an example of how to use `PCPTool.exe`." source="./images/pcptool-output.jpg" lightbox="./images/pcptool-output.jpg"::: diff --git a/windows/security/information-protection/bitlocker/ts-bitlocker-intune-issues.md b/windows/security/information-protection/bitlocker/ts-bitlocker-intune-issues.md index 03f65fe765..0bedc1fe52 100644 --- a/windows/security/information-protection/bitlocker/ts-bitlocker-intune-issues.md +++ b/windows/security/information-protection/bitlocker/ts-bitlocker-intune-issues.md @@ -1,6 +1,6 @@ --- title: Enforcing BitLocker policies by using Intune known issues -description: provides assistance for issues that you may see if you use Microsoft Intune policy to manage silent BitLocker encryption on devices. +description: Provides assistance for issues that may be seen if Microsoft Intune policy is being used to manage silent BitLocker encryption on devices. ms.reviewer: kaushika ms.technology: itpro-security ms.prod: windows-client @@ -17,100 +17,100 @@ ms.custom: bitlocker # Enforcing BitLocker policies by using Intune: known issues -This article helps you troubleshoot issues that you may experience if you use Microsoft Intune policy to manage silent BitLocker encryption on devices. The Intune portal indicates whether BitLocker has failed to encrypt one or more managed devices. +This article helps troubleshooting issues that may be experienced if using Microsoft Intune policy to manage silent BitLocker encryption on devices. The Intune portal indicates whether BitLocker has failed to encrypt one or more managed devices. :::image type="content" alt-text="The BitLocker status indictors on the Intune portal." source="./images/4509189-en-1.png" lightbox="./images/4509189-en-1.png"::: -To start narrowing down the cause of the problem, review the event logs as described in [Troubleshoot BitLocker](troubleshoot-bitlocker.md). Concentrate on the Management and Operations logs in the **Applications and Services logs\\Microsoft\\Windows\\BitLocker-API** folder. The following sections provide more information about how to resolve the indicated events and error messages: +To start narrowing down the cause of the problem, review the event logs as described in [Troubleshoot BitLocker](troubleshoot-bitlocker.md). Concentrate on the **Management** and **Operations** logs in the **Applications and Services logs** > **Microsoft** > **Windows** > **BitLocker-API** folder. The following sections provide more information about how to resolve the indicated events and error messages: -- [Event ID 853: Error: A compatible Trusted Platform Module (TPM) Security Device cannot be found on this computer](#issue-1) -- [Event ID 853: Error: BitLocker Drive Encryption detected bootable media (CD or DVD) in the computer](#issue-2) -- [Event ID 854: WinRE is not configured](#issue-3) -- [Event ID 851: Contact manufacturer for BIOS upgrade](#issue-4) -- [Error message: The UEFI variable 'SecureBoot' could not be read](#issue-6) -- [Event ID 846, 778, and 851: Error 0x80072f9a](#issue-7) -- [Error message: Conflicting Group Policy settings for recovery options on operating system drives](#issue-5) +- [Event ID 853: Error: A compatible Trusted Platform Module (TPM) Security Device cannot be found on this computer](#event-id-853-error-a-compatible-trusted-platform-module-tpm-security-device-cannot-be-found-on-this-computer) +- [Event ID 853: Error: BitLocker Drive Encryption detected bootable media (CD or DVD) in the computer](#event-id-853-error-bitlocker-drive-encryption-detected-bootable-media-cd-or-dvd-in-the-computer) +- [Event ID 854: WinRE is not configured](#event-id-854-winre-is-not-configured) +- [Event ID 851: Contact manufacturer for BIOS upgrade](#event-id-851-contact-the-manufacturer-for-bios-upgrade-instructions) +- [Error message: The UEFI variable 'SecureBoot' could not be read](#error-message-the-uefi-variable-secureboot-could-not-be-read) +- [Event ID 846, 778, and 851: Error 0x80072f9a](#event-id-846-778-and-851-error-0x80072f9a) +- [Error message: There are conflicting group policy settings for recovery options on operating system drives](#error-message-there-are-conflicting-group-policy-settings-for-recovery-options-on-operating-system-drives) -If you do not have a clear trail of events or error messages to follow, other areas to investigate include the following: +If there's no clear trail of events or error messages to follow, other areas to investigate include the following areas: - [Review the hardware requirements for using Intune to manage BitLocker on devices](/windows-hardware/design/device-experiences/oem-bitlocker#bitlocker-automatic-device-encryption-hardware-requirements) -- [Review your BitLocker policy configuration](#policy) +- [Review BitLocker policy configuration](#review-bitlocker-policy-configuration) For information about the procedure to verify whether Intune policies are enforcing BitLocker correctly, see [Verifying that BitLocker is operating correctly](#verifying-that-bitlocker-is-operating-correctly). -## Event ID 853: Error: A compatible Trusted Platform Module (TPM) Security Device cannot be found on this computer +## Event ID 853: Error: A compatible Trusted Platform Module (TPM) Security Device cannot be found on this computer -Event ID 853 can carry different error messages, depending on the context. In this case, the Event ID 853 error message indicates that the device does not appear to have a TPM. The event information resembles the following: +Event ID 853 can carry different error messages, depending on the context. In this case, the Event ID 853 error message indicates that the device doesn't appear to have a TPM. The event information will be similar to the following event: -![Details of event ID 853 (TPM is not available, cannot find TPM).](./images/4509190-en-1.png) +![Details of event ID 853 (A compatible Trusted Platform Module (TPM) Security Device cannot be found on this computer).](./images/4509190-en-1.png) -### Cause +### Cause of Event ID 853: Error: A compatible Trusted Platform Module (TPM) Security Device cannot be found on this computer -The device that you are trying to secure may not have a TPM chip, or the device BIOS might have been configured to disable the TPM. +The device that is being secured may not have a TPM chip, or the device BIOS might have been configured to disable the TPM. -### Resolution +### Resolution for Event ID 853: Error: A compatible Trusted Platform Module (TPM) Security Device cannot be found on this computer -To resolve this issue, verify the following: +To resolve this issue, verify the following configurations: - The TPM is enabled in the device BIOS. -- The TPM status in the TPM management console resembles the following: - - Ready (TPM 2.0) - - Initialized (TPM 1.2) +- The TPM status in the TPM management console is similar to the following statuses: + - Ready (TPM 2.0) + - Initialized (TPM 1.2) For more information, see [Troubleshoot the TPM](../tpm/initialize-and-configure-ownership-of-the-tpm.md). -## Event ID 853: Error: BitLocker Drive Encryption detected bootable media (CD or DVD) in the computer +## Event ID 853: Error: BitLocker Drive Encryption detected bootable media (CD or DVD) in the computer -In this case, you see event ID 853, and the error message in the event indicates that bootable media is available to the device. The event information resembles the following. +In this case, event ID 853 is displayed, and the error message in the event indicates that bootable media is available to the device. The event information resembles the following. ![Details of event ID 853 (TPM is not available, bootable media found).](./images/4509191-en-1.png) -### Cause +### Cause of Event ID 853: Error: BitLocker Drive Encryption detected bootable media (CD or DVD) in the computer -During the provisioning process, BitLocker drive encryption records the configuration of the device to establish a baseline. If the device configuration changes later (for example, if you remove the media), BitLocker recovery mode automatically starts. +During the provisioning process, BitLocker drive encryption records the configuration of the device to establish a baseline. If the device configuration changes later (for example, if the media is removed), BitLocker recovery mode automatically starts. To avoid this situation, the provisioning process stops if it detects a removable bootable media. -### Resolution +### Resolution for Event ID 853: Error: BitLocker Drive Encryption detected bootable media (CD or DVD) in the computer Remove the bootable media, and restart the device. After the device restarts, verify the encryption status. -## Event ID 854: WinRE is not configured +## Event ID 854: WinRE is not configured -The event information resembles the following: +The event information resembles the following error message: > Failed to enable Silent Encryption. WinRe is not configured. > > Error: This PC cannot support device encryption because WinRE is not properly configured. -### Cause +### Cause of Event ID 854: WinRE is not configured -Windows Recovery Environment (WinRE) is a minimal Windows operating system that is based on Windows Preinstallation Environment (Windows PE). WinRE includes several tools that an administrator can use to recover or reset Windows and diagnose Windows issues. If a device cannot start the regular Windows operating system, the device tries to start WinRE. +Windows Recovery Environment (WinRE) is a minimal Windows operating system that is based on Windows Preinstallation Environment (Windows PE). WinRE includes several tools that an administrator can use to recover or reset Windows and diagnose Windows issues. If a device can't start the regular Windows operating system, the device tries to start WinRE. The provisioning process enables BitLocker drive encryption on the operating system drive during the Windows PE phase of provisioning. This action makes sure that the drive is protected before the full operating system is installed. The provisioning process also creates a system partition for WinRE to use if the system crashes. -If WinRE is not available on the device, provisioning stops. +If WinRE isn't available on the device, provisioning stops. -### Resolution +### Resolution for Event ID 854: WinRE is not configured -You can resolve this issue by verifying the configuration of the disk partitions, the status of WinRE, and the Windows Boot Loader configuration. To do this, follow these steps. +This issue can be resolved by verifying the configuration of the disk partitions, the status of WinRE, and the Windows Boot Loader configuration by following these steps: #### Step 1: Verify the configuration of the disk partitions -The procedures described in this section depend on the default disk partitions that Windows configures during installation. Windows 11 and Windows 10 automatically create a recovery partition that contains the Winre.wim file. The partition configuration resembles the following. +The procedures described in this section depend on the default disk partitions that Windows configures during installation. Windows 11 and Windows 10 automatically create a recovery partition that contains the **`Winre.wim`** file. The partition configuration resembles the following. ![Default disk partitions, including the recovery partition.](./images/4509194-en-1.png) To verify the configuration of the disk partitions, open an elevated Command Prompt window and run the following commands: -```console -diskpart +``` syntax +diskpart.exe list volume ``` ![Output of the list volume command in the Diskpart app.](./images/4509195-en-1.png) -If the status of any of the volumes is not healthy or if the recovery partition is missing, you may have to reinstall Windows. Before you do this, check the configuration of the Windows image that you are using for provisioning. Make sure that the image uses the correct disk configuration. The image configuration should resemble the following (this example is from Microsoft Configuration Manager): +If the status of any of the volumes isn't healthy or if the recovery partition is missing, Windows may need to be reinstalled. Before reinstalling Windows, check the configuration of the Windows image that is being provisioned. Make sure that the image uses the correct disk configuration. The image configuration should resemble the following (this example is from Microsoft Configuration Manager): ![Windows image configuration in Microsoft Configuration Manager.](./images/configmgr-imageconfig.jpg) @@ -118,106 +118,107 @@ If the status of any of the volumes is not healthy or if the recovery partition To verify the status of WinRE on the device, open an elevated Command Prompt window and run the following command: -```console -reagentc /info +``` syntax +reagentc.exe /info ``` + The output of this command resembles the following. -![Output of the reagentc /info command.](./images/4509193-en-1.png) +![Output of the reagentc.exe /info command.](./images/4509193-en-1.png) -If the **Windows RE status** is not **Enabled**, run the following command to enable it: +If the **Windows RE status** isn't **Enabled**, run the following command to enable it: -```console -reagentc /enable +``` syntax +reagentc.exe /enable ``` #### Step 3: Verify the Windows Boot Loader configuration -If the partition status is healthy, but the **reagentc /enable** command results in an error, verify whether the Windows Boot Loader contains the recovery sequence GUID. To do this, run the following command in an elevated Command Prompt window: +If the partition status is healthy, but the **`reagentc.exe /enable`** command results in an error, verify whether the Windows Boot Loader contains the recovery sequence GUID by running the following command in an elevated Command Prompt window: -```console -bcdedit /enum all +``` syntax +bcdedit.exe /enum all ``` -The output of this command resembles the following: +The output of this command will be similar to the following output: :::image type="content" alt-text="Output of the bcdedit /enum all command." source="./images/4509196-en-1.png" lightbox="./images/4509196-en-1.png"::: In the output, locate the **Windows Boot Loader** section that includes the line **identifier={current}**. In that section, locate the **recoverysequence** attribute. The value of this attribute should be a GUID value, not a string of zeros. -## Event ID 851: Contact the manufacturer for BIOS upgrade instructions +## Event ID 851: Contact the manufacturer for BIOS upgrade instructions -The event information resembles the following: +The event information will be similar to the following error message: > Failed to enable Silent Encryption. > > Error: BitLocker Drive Encryption cannot be enabled on the operating system drive. Contact the computer manufacturer for BIOS upgrade instructions. -### Cause +### Cause of Event ID 851: Contact the manufacturer for BIOS upgrade instructions -The device must have Unified Extensible Firmware Interface (UEFI) BIOS. Silent BitLocker drive encryption does not support legacy BIOS. +The device must have Unified Extensible Firmware Interface (UEFI) BIOS. Silent BitLocker drive encryption doesn't support legacy BIOS. -### Resolution +### Resolution for Event ID 851: Contact the manufacturer for BIOS upgrade instructions -To verify the BIOS mode, use the System Information application. To do this, follow these steps: +To verify the BIOS mode, use the System Information application by following these steps: 1. Select **Start**, and enter **msinfo32** in the **Search** box. -1. Verify that the **BIOS Mode** setting is **UEFI** and not **Legacy**. +2. Verify that the **BIOS Mode** setting is **UEFI** and not **Legacy**. ![System Information app, showing the BIOS Mode setting.](./images/4509198-en-1.png) -1. If the **BIOS Mode** setting is **Legacy**, you have to switch the BIOS into **UEFI** or **EFI** mode. The steps for doing this are specific to the device. +3. If the **BIOS Mode** setting is **Legacy**, the UEFI firmware needs to be switched to **UEFI** or **EFI** mode. The steps for switching to **UEFI** or **EFI** mode are specific to the device. > [!NOTE] - > If the device supports only Legacy mode, you cannot use Intune to manage BitLocker Device Encryption on the device. + > If the device supports only Legacy mode, Intune can't be used to manage BitLocker Device Encryption on the device. -## Error message: The UEFI variable 'SecureBoot' could not be read +## Error message: The UEFI variable 'SecureBoot' could not be read -You receive an error message that resembles the following: +An error message similar to the following error message is displayed: > **Error:** BitLocker cannot use Secure Boot for integrity because the UEFI variable 'SecureBoot' could not be read. A required privilege is not held by the client. -### Cause +### Cause of Error message: The UEFI variable 'SecureBoot' could not be read A platform configuration register (PCR) is a memory location in the TPM. In particular, PCR 7 measures the state of secure boot. Silent BitLocker drive encryption requires the secure boot to be turned on. -### Resolution +### Resolution for Error message: The UEFI variable 'SecureBoot' could not be read -You can resolve this issue by verifying the PCR validation profile of the TPM and the secure boot state. To do this, follow these steps: +This issue can be resolved by verifying the PCR validation profile of the TPM and the secure boot state by following these steps: #### Step 1: Verify the PCR validation profile of the TPM To verify that PCR 7 is in use, open an elevated Command Prompt window and run the following command: -```console -Manage-bde -protectors -get %systemdrive% +``` syntax +Manage-bde.exe -protectors -get %systemdrive% ``` In the TPM section of the output of this command, verify whether the **PCR Validation Profile** setting includes **7**, as follows: ![Output of the manage-bde command.](./images/4509199-en-1.png) -If **PCR Validation Profile** doesn't include **7** (for example, the values include **0**, **2**, **4**, and **11**, but not **7**), then secure boot is not turned on. +If **PCR Validation Profile** doesn't include **7** (for example, the values include **0**, **2**, **4**, and **11**, but not **7**), then secure boot isn't turned on. ![Output of the manage-bde command when PCR 7 is not present.](./images/4509200-en-1.png) -#### 2. Verify the secure boot state +#### 2: Verify the secure boot state -To verify the secure boot state, use the System Information application. To do this, follow these steps: +To verify the secure boot state, use the System Information application by following these steps: 1. Select **Start**, and enter **msinfo32** in the **Search** box. -1. Verify that the **Secure Boot State** setting is **On**, as follows: +2. Verify that the **Secure Boot State** setting is **On**, as follows: ![System Information app, showing a supported Secure Boot State.](./images/4509201-en-1.png) -1. If the **Secure Boot State** setting is **Unsupported**, you cannot use Silent BitLocker Encryption on this device. +3. If the **Secure Boot State** setting is **Unsupported**, Silent BitLocker Encryption can't be used on the device. ![System Information app, showing a unsupported Secure Boot State.](./images/4509202-en-1.png) > [!NOTE] -> You can also use the [Confirm-SecureBootUEFI](/powershell/module/secureboot/confirm-securebootuefi) cmdlet to verify the Secure Boot state. To do this, open an elevated PowerShell window and run the following command: +> The [Confirm-SecureBootUEFI](/powershell/module/secureboot/confirm-securebootuefi) PowerShell cmdlet can also be used to verify the Secure Boot state by opening an elevated PowerShell window and running the following command: > > ```ps > PS C:\> Confirm-SecureBootUEFI @@ -229,56 +230,58 @@ To verify the secure boot state, use the System Information application. To do t > > If the computer does not support Secure Boot or is a BIOS (non-UEFI) computer, this cmdlet returns "Cmdlet not supported on this platform." -## Event ID 846, 778, and 851: Error 0x80072f9a +## Event ID 846, 778, and 851: Error 0x80072f9a -In this case, you are deploying Intune policy to encrypt a Windows 11, Windows 10, version 1809 device, and store the recovery password in Azure Active Directory (Azure AD). As part of the policy configuration, you have selected the **Allow standard users to enable encryption during Azure AD Join** option. +Consider the following scenario: -The policy deployment fails and the failure generates the following events (visible in Event Viewer in the **Applications and Services Logs\\Microsoft\\Windows\\BitLocker API** folder): +Intune policy is being deployed to encrypt a Windows 10, version 1809 device, and the recovery password is being stored in Azure Active Directory (Azure AD). As part of the policy configuration, the **Allow standard users to enable encryption during Azure AD Join** option has been selected. + +The policy deployment fails and the failure generates the following events in Event Viewer in the **Applications and Services Logs** > **Microsoft** > **Windows** > **BitLocker API** folder: > Event ID:846 -> +> > Event: > Failed to backup BitLocker Drive Encryption recovery information for volume C: to your Azure AD. -> +> > TraceId: {cbac2b6f-1434-4faa-a9c3-597b17c1dfa3} > Error: Unknown HResult Error code: 0x80072f9a > Event ID:778 -> +> > Event: The BitLocker volume C: was reverted to an unprotected state. > Event ID: 851 -> +> > Event: > Failed to enable Silent Encryption. -> +> > Error: Unknown HResult Error code: 0x80072f9a. These events refer to Error code 0x80072f9a. -### Cause +### Cause of Event ID 846, 778, and 851: Error 0x80072f9a -These events indicate that the signed-in user does not have permission to read the private key on the certificate that is generated as part of the provisioning and enrollment process. Therefore, the BitLocker MDM policy refresh fails. +These events indicate that the signed-in user doesn't have permission to read the private key on the certificate that is generated as part of the provisioning and enrollment process. Therefore, the BitLocker MDM policy refresh fails. -The issue affects Windows 11 and Windows 10 version 1809. +The issue affects Windows 10 version 1809. -### Resolution +### Resolution for Event ID 846, 778, and 851: Error 0x80072f9a To resolve this issue, install the [May 21, 2019](https://support.microsoft.com/help/4497934/windows-10-update-kb4497934) update. -## Error message: There are conflicting group policy settings for recovery options on operating system drives +## Error message: There are conflicting group policy settings for recovery options on operating system drives -You receive a message that resembles the following: +An error message similar to the following error message is displayed: > **Error:** BitLocker Drive Encryption cannot be applied to this drive because there are conflicting Group Policy settings for recovery options on operating system drives. Storing recovery information to Active Directory Domain Services cannot be required when the generation of recovery passwords is not permitted. Please have your system administrator resolve these policy conflicts before attempting to enable BitLocker… -### Resolution +### Resolution for Error message: There are conflicting group policy settings for recovery options on operating system drives -To resolve this issue, review your group policy object (GPO) settings for conflicts. For further guidance, see the next section, [Review your BitLocker policy configuration](#policy). +To resolve this issue, review the group policy object (GPO) settings for conflicts. For more information, see the next section, [Review BitLocker policy configuration](#review-bitlocker-policy-configuration). For more information about GPOs and BitLocker, see [BitLocker Group Policy Reference](/previous-versions/windows/it-pro/windows-7/ee706521(v=ws.10)). -## Review your BitLocker policy configuration +## Review BitLocker policy configuration For information about the procedure to use policy together with BitLocker and Intune, see the following resources: @@ -292,13 +295,13 @@ For information about the procedure to use policy together with BitLocker and In Intune offers the following enforcement types for BitLocker: -- **Automatic** (Enforced when the device joins Azure AD during the provisioning process. This option is available in Windows 10 version 1703 and later, or Windows 11.) -- **Silent** (Endpoint protection policy. This option is available in Windows 10 version 1803 and later, or Windows 11.) -- **Interactive** (Endpoint policy for Windows versions that are older than Windows 10 version 1803, or Windows 11.) +- **Automatic** (Enforced when the device joins Azure AD during the provisioning process. This option is available in Windows 10 version 1703 and later.) +- **Silent** (Endpoint protection policy. This option is available in Windows 10 version 1803 and later.) +- **Interactive** (Endpoint policy for Windows versions that are older than Windows 10 version 1803.) -If your device runs Windows 10 version 1703 or later, or Windows 11, supports Modern Standby (also known as Instant Go) and is HSTI-compliant, joining the device to Azure AD triggers automatic device encryption. A separate endpoint protection policy is not required to enforce device encryption. +If the device runs Windows 10 version 1703 or later, supports Modern Standby (also known as Instant Go) and is HSTI-compliant, joining the device to Azure AD triggers automatic device encryption. A separate endpoint protection policy isn't required to enforce device encryption. -If your device is HSTI-compliant but does not support Modern Standby, you have to configure an endpoint protection policy to enforce silent BitLocker drive encryption. The settings for this policy should resemble the following: +If the device is HSTI-compliant but doesn't support Modern Standby, an endpoint protection policy has to be configured to enforce silent BitLocker drive encryption. The settings for this policy should be similar to the following settings: ![Intune policy settings.](./images/4509186-en-1.png) @@ -313,18 +316,18 @@ The OMA-URI references for these settings are as follows: Value: **0** (0 = Blocked, 1 = Allowed) > [!NOTE] -> Because of an update to the BitLocker Policy CSP, if the device uses Windows 10 version 1809 or later, or Windows 11, you can use an endpoint protection policy to enforce silent BitLocker Device Encryption even if the device is not HSTI-compliant. +> Because of an update to the BitLocker Policy CSP, if the device uses Windows 10 version 1809 or later, an endpoint protection policy can be used to enforce silent BitLocker Device Encryption even if the device is not HSTI-compliant. > [!NOTE] -> If the **Warning for other disk encryption** setting is set to **Not configured**, you have to manually start the BitLocker drive encryption wizard. +> If the **Warning for other disk encryption** setting is set to **Not configured**, the BitLocker drive encryption wizard has to be manually started. -If the device does not support Modern Standby but is HSTI-compliant, and it uses a version of Windows that is earlier than Windows 10, version 1803, or Windows 11, an endpoint protection policy that has the settings that are described in this article delivers the policy configuration to the device. However, Windows then notifies the user to manually enable BitLocker Drive Encryption. To do this, the user selects the notification. This action starts the BitLocker Drive Encryption wizard. +If the device doesn't support Modern Standby but is HSTI-compliant, and it uses a version of Windows that is earlier than Windows 10, version 1803, an endpoint protection policy that has the settings that are described in this article delivers the policy configuration to the device. However, Windows then notifies the user to manually enable BitLocker Drive Encryption. When the user selects the notification, it will start the BitLocker Drive Encryption wizard. -The Intune 1901 release provides settings that you can use to configure automatic device encryption for Autopilot devices for standard users. Each device must meet the following requirements: +Intune provides settings that can be used to configure automatic device encryption for Autopilot devices for standard users. Each device must meet the following requirements: - Be HSTI-compliant - Support Modern Standby -- Use Windows 10 version 1803 or later, or Windows 11 +- Use Windows 10 version 1803 or later ![Intune policy setting.](./images/4509188-en-1.png) @@ -335,7 +338,13 @@ The OMA-URI references for these settings are as follows: Value: **1** > [!NOTE] -> This node works together with the **RequireDeviceEncryption** and **AllowWarningForOtherDiskEncryption** nodes. For this reason, when you set **RequireDeviceEncryption** to **1**, **AllowStandardUserEncryption** to **1**, and **AllowWarningForOtherDiskEncryption** to **0**, Intune enforces silent BitLocker encryption for Autopilot devices that have standard user profiles. +> This node works together with the **RequireDeviceEncryption** and **AllowWarningForOtherDiskEncryption** nodes. For this reason, when the following settings are set: +> +> - **RequireDeviceEncryption** to **1** +> - **AllowStandardUserEncryption** to **1** +> - **AllowWarningForOtherDiskEncryption** to **0** +> +> Intune enforces silent BitLocker encryption for Autopilot devices that have standard user profiles. ## Verifying that BitLocker is operating correctly @@ -345,13 +354,13 @@ During regular operations, BitLocker drive encryption generates events such as E ![Event ID 845, as shown in Event Viewer.](./images/4509204-en-1.png) -You can also determine whether the BitLocker recovery password has been uploaded to Azure AD by checking the device details in the Azure AD Devices section. +It can also be determined whether the BitLocker recovery password has been uploaded to Azure AD by checking the device details in the Azure AD Devices section. ![BitLocker recovery information as viewed in Azure AD.](./images/4509205-en-1.png) On the device, check the Registry Editor to verify the policy settings on the device. Verify the entries under the following subkeys: -- **HKEY\_LOCAL\_MACHINE\\SOFTWARE\\Microsoft\\PolicyManager\\current\\device\\BitLocker** -- **HKEY\_LOCAL\_MACHINE\\SOFTWARE\\Microsoft\\PolicyManager\\current\\device** +- **`HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PolicyManager\current\device\BitLocker`** +- **`HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PolicyManager\current\device`** -![Registry subkeys that relate to Intune policy.](./images/4509206-en-1.png) \ No newline at end of file +![Registry subkeys that relate to Intune policy.](./images/4509206-en-1.png) diff --git a/windows/security/information-protection/bitlocker/ts-bitlocker-network-unlock-issues.md b/windows/security/information-protection/bitlocker/ts-bitlocker-network-unlock-issues.md index f54e3befdc..37ea01bdbd 100644 --- a/windows/security/information-protection/bitlocker/ts-bitlocker-network-unlock-issues.md +++ b/windows/security/information-protection/bitlocker/ts-bitlocker-network-unlock-issues.md @@ -1,6 +1,6 @@ --- -title: BitLocker network unlock known issues -description: Describes several known issues that you may encounter while using network unlock, and provided guidance for addressing those issues. +title: BitLocker Network Unlock known issues +description: Describes several known issues that you may encounter while using Network Unlock, and provided guidance for addressing those issues. ms.technology: itpro-security ms.prod: windows-client ms.localizationpriority: medium @@ -14,78 +14,86 @@ ms.custom: bitlocker ms.date: 11/08/2022 --- -# BitLocker network unlock: known issues +# BitLocker Network Unlock: known issues -By using the BitLocker network unlock feature, you can manage computers remotely without having to enter a BitLocker PIN when each computer starts up. To configure this behavior, your environment needs to meet the following requirements: +By using the BitLocker Network Unlock feature, you can manage computers remotely without having to enter a BitLocker PIN when each computer starts up. To configure this behavior, your environment needs to meet the following requirements: - Each computer belongs to a domain. - Each computer has a wired connection to the internal network. - The internal network uses DHCP to manage IP addresses. - Each computer has a DHCP driver implemented in its Unified Extensible Firmware Interface (UEFI) firmware. -For general guidelines about how to troubleshoot network unlock, see [How to enable network unlock: Troubleshoot network unlock](./bitlocker-how-to-enable-network-unlock.md#troubleshoot-network-unlock). +For general guidelines about how to troubleshoot Network Unlock, see [How to enable Network Unlock: Troubleshoot Network Unlock](./bitlocker-how-to-enable-network-unlock.md#troubleshoot-network-unlock). -This article describes several known issues that you may encounter when you use network unlock, and provides guidance to address these issues. +This article describes several known issues that you may encounter when you use Network Unlock, and provides guidance to address these issues. -## Tip: Detect whether BitLocker network unlock is enabled on a specific computer +## Tip: Detect whether BitLocker Network Unlock is enabled on a specific computer -You can use the following steps on computers with either x64 or x32 UEFI firmware. You can also script these commands. +> [!TIP] +> You can use the following steps on computers with either x64 or x32 UEFI firmware. You can also script these commands. +> +> 1. Open an elevated command prompt window and run the following command: +> +> ``` syntax +> manage-bde.exe -protectors -get +> ``` +> +> For example: +> +> ``` syntax +> manage-bde.exe -protectors -get C: +> ``` +> +> If the output of this command includes a key protector of type **TpmCertificate (9)**, the configuration is correct for BitLocker Network Unlock. +> +> 2. Start Registry Editor, and verify the following settings: +> +> 1. The following registry key exists and has the following value: +> +> - **Subkey**: `HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\FVE` +> - **Type**: `REG_DWORD` +> - **Value**: `OSManageNKP` equal to `1` (True) +> +> 2. The registry key `HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\SystemCertificates\FVE_NKP\Certificates` has an entry whose name matches the name of the certificate thumbprint of the Network Unlock key protector that you found in step 1. -1. Open an elevated command prompt window and run the following command: +## On a Surface Pro 4 device, BitLocker Network Unlock doesn't work because the UEFI network stack is incorrectly configured - ```cmd - manage-bde -protectors -get - ``` - - ```cmd - manage-bde -protectors -get C: - ``` - - Where `` is the drive letter, followed by a colon (`:`), of the bootable drive. - If the output of this command includes a key protector of type **TpmCertificate (9)**, the configuration is correct for BitLocker network unlock. - -1. Start Registry Editor, and verify the following settings: - - Entry `HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\FVE: OSManageNKP` is set to `1`. - - Subkey `HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\SystemCertificates\FVE_NKP\Certificates` has an entry whose name matches the name of the certificate thumbprint of the network unlock key protector that you found in step 1. - -## 1. On a Surface Pro 4 device, BitLocker network unlock doesn't work because the UEFI network stack is incorrectly configured - -You've configured BitLocker network unlock as described in [BitLocker: How to enable network unlock](/windows/device-security/bitlocker/bitlocker-how-to-enable-network-unlock). You've configured the UEFI of the device to use DHCP. However, when you restart the device, it still prompts you for the BitLocker PIN. +You've configured BitLocker Network Unlock as described in [BitLocker: How to enable Network Unlock](/windows/device-security/bitlocker/bitlocker-how-to-enable-network-unlock). You've configured the UEFI of the device to use DHCP. However, when you restart the device, it still prompts you for the BitLocker PIN. You test another device, such as a different type of tablet or laptop PC that's configured to use the same infrastructure. The device restarts as expected, without prompting for the BitLocker PIN. You conclude that the infrastructure is correctly configured, and the issue is specific to the device. -### Cause of issue 1 +### Cause of BitLocker Network Unlock not working on Surface Pro 4 The UEFI network stack on the device was incorrectly configured. -### Resolution for issue 1 +### Resolution for BitLocker Network Unlock not working on Surface Pro 4 To correctly configure the UEFI network stack of the Surface Pro 4, you have to use Microsoft Surface Enterprise Management Mode (SEMM). For information about SEMM, see [Enroll and configure Surface devices with SEMM](/surface/enroll-and-configure-surface-devices-with-semm). > [!NOTE] -> If you cannot use SEMM, you may be able to configure the Surface Pro 4 to use BitLocker network unlock by configuring the device to use the network as its first boot option. +> If you cannot use SEMM, you may be able to configure the Surface Pro 4 to use BitLocker Network Unlock by configuring the device to use the network as its first boot option. -## 2. Unable to use BitLocker network unlock feature on a Windows client computer +## Unable to use BitLocker Network Unlock feature on a Windows client computer -You have configured BitLocker network unlock as described in [BitLocker: How to enable network unlock](/windows/device-security/bitlocker/bitlocker-how-to-enable-network-unlock). You have a Windows 8 client computer that is connected to the internal network with an ethernet cable. However, when you restart the computer, it still prompts you for the BitLocker PIN. +You have configured BitLocker Network Unlock as described in [BitLocker: How to enable Network Unlock](/windows/device-security/bitlocker/bitlocker-how-to-enable-network-unlock). You have a Windows 8 client computer that is connected to the internal network with an ethernet cable. However, when you restart the computer, it still prompts you for the BitLocker PIN. -### Cause of issue 2 +### Cause of unable to use BitLocker Network Unlock feature on a Windows client computer -A Windows 8-based or Windows Server 2012-based client computer sometimes doesn't receive or use the network unlock protector, depending on whether the client receives unrelated BOOTP replies from a DHCP server or WDS server. +A Windows 8-based or Windows Server 2012-based client computer sometimes doesn't receive or use the Network Unlock protector, depending on whether the client receives unrelated BOOTP replies from a DHCP server or WDS server. DHCP servers may send any DHCP options to a BOOTP client as allowed by the DHCP options and BOOTP vendor extensions. This behavior means that because a DHCP server supports BOOTP clients, the DHCP server replies to BOOTP requests. The manner in which a DHCP server handles an incoming message depends in part on whether the message uses the Message Type option: -- The first two messages that the BitLocker network unlock client sends are DHCP DISCOVER\REQUEST messages. They use the Message Type option, so the DHCP server treats them as DHCP messages. -- The third message that the BitLocker network unlock client sends doesn't have the Message Type option. The DHCP server treats the message as a BOOTP request. +- The first two messages that the BitLocker Network Unlock client sends are DHCP DISCOVER\REQUEST messages. They use the Message Type option, so the DHCP server treats them as DHCP messages. +- The third message that the BitLocker Network Unlock client sends doesn't have the Message Type option. The DHCP server treats the message as a BOOTP request. A DHCP server that supports BOOTP clients must interact with those clients according to the BOOTP protocol. The server must create a BOOTP BOOTREPLY message instead of a DHCP DHCPOFFER message. (In other words, the server must not include the DHCP message option type and must not exceed the size limit for BOOTREPLY messages.) After the server sends the BOOTP BOOTREPLY message, the server marks a binding for a BOOTP client as BOUND. A non-DHCP client doesn't send a DHCPREQUEST message, nor does that client expect a DHCPACK message. If a DHCP server that isn't configured to support BOOTP clients receives a BOOTREQUEST message from a BOOTP client, that server silently discards the BOOTREQUEST message. -For more information about DHCP and BitLocker network unlock, see [BitLocker: How to enable network unlock: network unlock sequence](/windows/device-security/bitlocker/bitlocker-how-to-enable-network-unlock#network-unlock-sequence). +For more information about DHCP and BitLocker Network Unlock, see [BitLocker: How to enable Network Unlock: Network Unlock sequence](/windows/device-security/bitlocker/bitlocker-how-to-enable-network-unlock#network-unlock-sequence). -### Resolution for issue 2 +### Resolution for unable to use BitLocker Network Unlock feature on a Windows client computer To resolve this issue, change the configuration of the DHCP server by changing the **DHCP** option from **DHCP and BOOTP** to **DHCP**. From 998ea5013974a48ed4456d281ba6de0d609c54a8 Mon Sep 17 00:00:00 2001 From: Frank Rojas <45807133+frankroj@users.noreply.github.com> Date: Wed, 16 Nov 2022 14:10:31 -0500 Subject: [PATCH 075/129] Metadata/style update BitLocker 14 --- .../bitlocker/ts-bitlocker-network-unlock-issues.md | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/windows/security/information-protection/bitlocker/ts-bitlocker-network-unlock-issues.md b/windows/security/information-protection/bitlocker/ts-bitlocker-network-unlock-issues.md index 37ea01bdbd..24b3a9d422 100644 --- a/windows/security/information-protection/bitlocker/ts-bitlocker-network-unlock-issues.md +++ b/windows/security/information-protection/bitlocker/ts-bitlocker-network-unlock-issues.md @@ -30,7 +30,7 @@ This article describes several known issues that you may encounter when you use ## Tip: Detect whether BitLocker Network Unlock is enabled on a specific computer > [!TIP] -> You can use the following steps on computers with either x64 or x32 UEFI firmware. You can also script these commands. +> BitLocker Network Unlock can be detetected if it is enabled on a specific computer use the following steps on UEFI computers: > > 1. Open an elevated command prompt window and run the following command: > @@ -38,13 +38,13 @@ This article describes several known issues that you may encounter when you use > manage-bde.exe -protectors -get > ``` > -> For example: +> For example: > > ``` syntax > manage-bde.exe -protectors -get C: > ``` > -> If the output of this command includes a key protector of type **TpmCertificate (9)**, the configuration is correct for BitLocker Network Unlock. +> If the output of this command includes a key protector of type **TpmCertificate (9)**, the configuration is correct for BitLocker Network Unlock. > > 2. Start Registry Editor, and verify the following settings: > From e13eecfabe6aa0b3078405115fe746833b6c11b6 Mon Sep 17 00:00:00 2001 From: Frank Rojas <45807133+frankroj@users.noreply.github.com> Date: Wed, 16 Nov 2022 14:22:11 -0500 Subject: [PATCH 076/129] Metadata/style update BitLocker 15 --- .../ts-bitlocker-network-unlock-issues.md | 24 +++++++++++-------- 1 file changed, 14 insertions(+), 10 deletions(-) diff --git a/windows/security/information-protection/bitlocker/ts-bitlocker-network-unlock-issues.md b/windows/security/information-protection/bitlocker/ts-bitlocker-network-unlock-issues.md index 24b3a9d422..55754de002 100644 --- a/windows/security/information-protection/bitlocker/ts-bitlocker-network-unlock-issues.md +++ b/windows/security/information-protection/bitlocker/ts-bitlocker-network-unlock-issues.md @@ -30,21 +30,21 @@ This article describes several known issues that you may encounter when you use ## Tip: Detect whether BitLocker Network Unlock is enabled on a specific computer > [!TIP] -> BitLocker Network Unlock can be detetected if it is enabled on a specific computer use the following steps on UEFI computers: +> BitLocker Network Unlock can be detected if it is enabled on a specific computer use the following steps on UEFI computers: > > 1. Open an elevated command prompt window and run the following command: > -> ``` syntax -> manage-bde.exe -protectors -get -> ``` +> ``` syntax +> manage-bde.exe -protectors -get +> ``` > -> For example: +> For example: > -> ``` syntax -> manage-bde.exe -protectors -get C: -> ``` +> ``` syntax +> manage-bde.exe -protectors -get C: +> ``` > -> If the output of this command includes a key protector of type **TpmCertificate (9)**, the configuration is correct for BitLocker Network Unlock. +> If the output of this command includes a key protector of type **TpmCertificate (9)**, the configuration is correct for BitLocker Network Unlock. > > 2. Start Registry Editor, and verify the following settings: > @@ -54,7 +54,11 @@ This article describes several known issues that you may encounter when you use > - **Type**: `REG_DWORD` > - **Value**: `OSManageNKP` equal to `1` (True) > -> 2. The registry key `HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\SystemCertificates\FVE_NKP\Certificates` has an entry whose name matches the name of the certificate thumbprint of the Network Unlock key protector that you found in step 1. +> 2. The registry key: +> +> `HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\SystemCertificates\FVE_NKP\Certificates` +> +> has an entry whose name matches the name of the certificate thumbprint of the Network Unlock key protector that you found in step 1. ## On a Surface Pro 4 device, BitLocker Network Unlock doesn't work because the UEFI network stack is incorrectly configured From d0bdd53a2ce1c5bfb6a496a2170dec9f9e7fca42 Mon Sep 17 00:00:00 2001 From: Tiara Quan <95256667+tiaraquan@users.noreply.github.com> Date: Wed, 16 Nov 2022 11:28:05 -0800 Subject: [PATCH 077/129] Update windows-autopatch-fix-issues.md Reviewed for grammar and style. --- .../prepare/windows-autopatch-fix-issues.md | 18 ++++++++++-------- 1 file changed, 10 insertions(+), 8 deletions(-) diff --git a/windows/deployment/windows-autopatch/prepare/windows-autopatch-fix-issues.md b/windows/deployment/windows-autopatch/prepare/windows-autopatch-fix-issues.md index 03a37a5dc7..e465726766 100644 --- a/windows/deployment/windows-autopatch/prepare/windows-autopatch-fix-issues.md +++ b/windows/deployment/windows-autopatch/prepare/windows-autopatch-fix-issues.md @@ -14,7 +14,9 @@ msreviewer: hathind # Fix issues found by the Readiness assessment tool -Seeing issues with your tenant? This article details how to remediate issues found with your tenant. +Seeing issues with your tenant? This article details how to remediate issues found with your tenant. + +If you need more assistance with tenant enrollment, you can submit a [tenant enrollment support request](#submit-a-support-request). ## Check results @@ -74,23 +76,23 @@ Windows Autopatch requires the following licenses: ## Submit a support request > [!IMPORTANT] -> Make sure you've verified the admin contacts. The Windows Autopatch Service Engineering Team will contact these individuals for assistance with troubleshooting issues. +> Make sure you've [added and verified your admin contacts](../deploy/windows-autopatch-admin-contacts.md). The Windows Autopatch Service Engineering Team will contact these individuals for assistance with troubleshooting issues. -You can submit support tickets to Microsoft on the Windows Autopatch enrollment tool. Email is the recommended approach to interact with the Windows Autopatch Service Engineering Team. +If you need more assistance with tenant enrollment, you can submit support tickets to the Windows Autopatch Service Engineering Team in the Windows Autopatch enrollment tool. Email is the recommended approach to interact with the Windows Autopatch Service Engineering Team. **To submit a new support request:** -1. If the Readiness assessment tool fails, remediation steps can be found by clicking on **View details** under **Management settings** and then clicking on the individual check. **Contact Support** button will be available below remediation instructions in the fly-in-pane. +1. If the Readiness assessment tool fails, remediation steps can be found by selecting **View details** under **Management settings** and then selecting the individual check. The **Contact Support** button will be available below remediation instructions in the fly-in-pane. 2. Enter your question(s) and/or a description of the problem. -1. Review all the information you provided for accuracy. -1. When you're ready, select **Create**. +3. Review all the information you provided for accuracy. +4. When you're ready, select **Create**. ### Manage an active support request -The primary contact for the support request will receive email notifications when a case is created, assigned to a service engineer to investigate, and mitigated. If, at any point, you have a question about the case, the best way to get in touch is to reply directly to one of those emails. If we have questions about your request or need more details, we'll email the primary contact listed on the support requests. +The primary contact for the support request will receive email notifications when a case is created, assigned to a service engineer to investigate, and mitigated. If you have a question about the case, the best way to get in touch is to reply directly to one of the emails. If we have questions about your request or need more details, we'll email the primary contact listed in the support request. **To view all your active pre-enrollment support requests:** 1. Sign into the [Endpoint Manager admin center](https://go.microsoft.com/fwlink/?linkid=2109431) and navigate to the **Tenant Administration** menu. 1. In the **Windows Autopatch** section, select **Tenant Enrollment**. -1. On the **Support history** tab, you can view the list of call support cases, or select individual case to view the details. +1. Select the **Support history** tab. You can view the list of all support cases, or select an individual case to view the details. From 6f477dd589205adc5d6afec446aacc8728bb541e Mon Sep 17 00:00:00 2001 From: Tiara Quan <95256667+tiaraquan@users.noreply.github.com> Date: Wed, 16 Nov 2022 11:29:39 -0800 Subject: [PATCH 078/129] Update windows-autopatch-fix-issues.md Updated the date. --- .../windows-autopatch/prepare/windows-autopatch-fix-issues.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/deployment/windows-autopatch/prepare/windows-autopatch-fix-issues.md b/windows/deployment/windows-autopatch/prepare/windows-autopatch-fix-issues.md index e465726766..01a4100390 100644 --- a/windows/deployment/windows-autopatch/prepare/windows-autopatch-fix-issues.md +++ b/windows/deployment/windows-autopatch/prepare/windows-autopatch-fix-issues.md @@ -1,7 +1,7 @@ --- title: Fix issues found by the Readiness assessment tool description: This article details how to fix issues found by the Readiness assessment tool -ms.date: 05/30/2022 +ms.date: 11/17/2022 ms.prod: windows-client ms.technology: itpro-updates ms.topic: how-to From e63301a35e463ee8fa2ebd99bab9b44f210b1f00 Mon Sep 17 00:00:00 2001 From: Angela Fleischmann Date: Wed, 16 Nov 2022 12:32:04 -0700 Subject: [PATCH 079/129] Step 1: rename folders to change casing Step 1: rename folders to change casing --- .../{Win10 => Win10a}/M1-Adv-Complete.png | Bin .../{Win10 => Win10a}/M1-Basic-Complete.png | Bin .../{Win10 => Win10a}/M2-Adv-Complete.png | Bin .../{Win10 => Win10a}/M2-Basic-Complete.png | Bin .../{Win10 => Win10a}/M3-Adv-Complete.png | Bin .../{Win10 => Win10a}/m1-adv-bytes-to-peers.png | Bin .../{Win10 => Win10a}/m2-adv-bytes-to-peers.png | Bin .../{Win10 => Win10a}/m3-adv-bytes-to-peers.png | Bin .../{Win11 => Win11a}/M1-Basic-Complete.png | Bin .../{Win11 => Win11a}/M2-Basic-Complete.png | Bin 10 files changed, 0 insertions(+), 0 deletions(-) rename windows/deployment/do/images/test-scenarios/{Win10 => Win10a}/M1-Adv-Complete.png (100%) rename windows/deployment/do/images/test-scenarios/{Win10 => Win10a}/M1-Basic-Complete.png (100%) rename windows/deployment/do/images/test-scenarios/{Win10 => Win10a}/M2-Adv-Complete.png (100%) rename windows/deployment/do/images/test-scenarios/{Win10 => Win10a}/M2-Basic-Complete.png (100%) rename windows/deployment/do/images/test-scenarios/{Win10 => Win10a}/M3-Adv-Complete.png (100%) rename windows/deployment/do/images/test-scenarios/{Win10 => Win10a}/m1-adv-bytes-to-peers.png (100%) rename windows/deployment/do/images/test-scenarios/{Win10 => Win10a}/m2-adv-bytes-to-peers.png (100%) rename windows/deployment/do/images/test-scenarios/{Win10 => Win10a}/m3-adv-bytes-to-peers.png (100%) rename windows/deployment/do/images/test-scenarios/{Win11 => Win11a}/M1-Basic-Complete.png (100%) rename windows/deployment/do/images/test-scenarios/{Win11 => Win11a}/M2-Basic-Complete.png (100%) diff --git a/windows/deployment/do/images/test-scenarios/Win10/M1-Adv-Complete.png b/windows/deployment/do/images/test-scenarios/Win10a/M1-Adv-Complete.png similarity index 100% rename from windows/deployment/do/images/test-scenarios/Win10/M1-Adv-Complete.png rename to windows/deployment/do/images/test-scenarios/Win10a/M1-Adv-Complete.png diff --git a/windows/deployment/do/images/test-scenarios/Win10/M1-Basic-Complete.png b/windows/deployment/do/images/test-scenarios/Win10a/M1-Basic-Complete.png similarity index 100% rename from windows/deployment/do/images/test-scenarios/Win10/M1-Basic-Complete.png rename to windows/deployment/do/images/test-scenarios/Win10a/M1-Basic-Complete.png diff --git a/windows/deployment/do/images/test-scenarios/Win10/M2-Adv-Complete.png b/windows/deployment/do/images/test-scenarios/Win10a/M2-Adv-Complete.png similarity index 100% rename from windows/deployment/do/images/test-scenarios/Win10/M2-Adv-Complete.png rename to windows/deployment/do/images/test-scenarios/Win10a/M2-Adv-Complete.png diff --git a/windows/deployment/do/images/test-scenarios/Win10/M2-Basic-Complete.png b/windows/deployment/do/images/test-scenarios/Win10a/M2-Basic-Complete.png similarity index 100% rename from windows/deployment/do/images/test-scenarios/Win10/M2-Basic-Complete.png rename to windows/deployment/do/images/test-scenarios/Win10a/M2-Basic-Complete.png diff --git a/windows/deployment/do/images/test-scenarios/Win10/M3-Adv-Complete.png b/windows/deployment/do/images/test-scenarios/Win10a/M3-Adv-Complete.png similarity index 100% rename from windows/deployment/do/images/test-scenarios/Win10/M3-Adv-Complete.png rename to windows/deployment/do/images/test-scenarios/Win10a/M3-Adv-Complete.png diff --git a/windows/deployment/do/images/test-scenarios/Win10/m1-adv-bytes-to-peers.png b/windows/deployment/do/images/test-scenarios/Win10a/m1-adv-bytes-to-peers.png similarity index 100% rename from windows/deployment/do/images/test-scenarios/Win10/m1-adv-bytes-to-peers.png rename to windows/deployment/do/images/test-scenarios/Win10a/m1-adv-bytes-to-peers.png diff --git a/windows/deployment/do/images/test-scenarios/Win10/m2-adv-bytes-to-peers.png b/windows/deployment/do/images/test-scenarios/Win10a/m2-adv-bytes-to-peers.png similarity index 100% rename from windows/deployment/do/images/test-scenarios/Win10/m2-adv-bytes-to-peers.png rename to windows/deployment/do/images/test-scenarios/Win10a/m2-adv-bytes-to-peers.png diff --git a/windows/deployment/do/images/test-scenarios/Win10/m3-adv-bytes-to-peers.png b/windows/deployment/do/images/test-scenarios/Win10a/m3-adv-bytes-to-peers.png similarity index 100% rename from windows/deployment/do/images/test-scenarios/Win10/m3-adv-bytes-to-peers.png rename to windows/deployment/do/images/test-scenarios/Win10a/m3-adv-bytes-to-peers.png diff --git a/windows/deployment/do/images/test-scenarios/Win11/M1-Basic-Complete.png b/windows/deployment/do/images/test-scenarios/Win11a/M1-Basic-Complete.png similarity index 100% rename from windows/deployment/do/images/test-scenarios/Win11/M1-Basic-Complete.png rename to windows/deployment/do/images/test-scenarios/Win11a/M1-Basic-Complete.png diff --git a/windows/deployment/do/images/test-scenarios/Win11/M2-Basic-Complete.png b/windows/deployment/do/images/test-scenarios/Win11a/M2-Basic-Complete.png similarity index 100% rename from windows/deployment/do/images/test-scenarios/Win11/M2-Basic-Complete.png rename to windows/deployment/do/images/test-scenarios/Win11a/M2-Basic-Complete.png From 4a376f4858e95f341acf9cd3038fdbb3e77a461a Mon Sep 17 00:00:00 2001 From: Angela Fleischmann Date: Wed, 16 Nov 2022 12:33:28 -0700 Subject: [PATCH 080/129] Step 2 to re-case folder names --- .../{Win10a => win10}/M1-Adv-Complete.png | Bin .../{Win10a => win10}/M1-Basic-Complete.png | Bin .../{Win10a => win10}/M2-Adv-Complete.png | Bin .../{Win10a => win10}/M2-Basic-Complete.png | Bin .../{Win10a => win10}/M3-Adv-Complete.png | Bin .../{Win10a => win10}/m1-adv-bytes-to-peers.png | Bin .../{Win10a => win10}/m2-adv-bytes-to-peers.png | Bin .../{Win10a => win10}/m3-adv-bytes-to-peers.png | Bin .../{Win11a => win11}/M1-Basic-Complete.png | Bin .../{Win11a => win11}/M2-Basic-Complete.png | Bin 10 files changed, 0 insertions(+), 0 deletions(-) rename windows/deployment/do/images/test-scenarios/{Win10a => win10}/M1-Adv-Complete.png (100%) rename windows/deployment/do/images/test-scenarios/{Win10a => win10}/M1-Basic-Complete.png (100%) rename windows/deployment/do/images/test-scenarios/{Win10a => win10}/M2-Adv-Complete.png (100%) rename windows/deployment/do/images/test-scenarios/{Win10a => win10}/M2-Basic-Complete.png (100%) rename windows/deployment/do/images/test-scenarios/{Win10a => win10}/M3-Adv-Complete.png (100%) rename windows/deployment/do/images/test-scenarios/{Win10a => win10}/m1-adv-bytes-to-peers.png (100%) rename windows/deployment/do/images/test-scenarios/{Win10a => win10}/m2-adv-bytes-to-peers.png (100%) rename windows/deployment/do/images/test-scenarios/{Win10a => win10}/m3-adv-bytes-to-peers.png (100%) rename windows/deployment/do/images/test-scenarios/{Win11a => win11}/M1-Basic-Complete.png (100%) rename windows/deployment/do/images/test-scenarios/{Win11a => win11}/M2-Basic-Complete.png (100%) diff --git a/windows/deployment/do/images/test-scenarios/Win10a/M1-Adv-Complete.png b/windows/deployment/do/images/test-scenarios/win10/M1-Adv-Complete.png similarity index 100% rename from windows/deployment/do/images/test-scenarios/Win10a/M1-Adv-Complete.png rename to windows/deployment/do/images/test-scenarios/win10/M1-Adv-Complete.png diff --git a/windows/deployment/do/images/test-scenarios/Win10a/M1-Basic-Complete.png b/windows/deployment/do/images/test-scenarios/win10/M1-Basic-Complete.png similarity index 100% rename from windows/deployment/do/images/test-scenarios/Win10a/M1-Basic-Complete.png rename to windows/deployment/do/images/test-scenarios/win10/M1-Basic-Complete.png diff --git a/windows/deployment/do/images/test-scenarios/Win10a/M2-Adv-Complete.png b/windows/deployment/do/images/test-scenarios/win10/M2-Adv-Complete.png similarity index 100% rename from windows/deployment/do/images/test-scenarios/Win10a/M2-Adv-Complete.png rename to windows/deployment/do/images/test-scenarios/win10/M2-Adv-Complete.png diff --git a/windows/deployment/do/images/test-scenarios/Win10a/M2-Basic-Complete.png b/windows/deployment/do/images/test-scenarios/win10/M2-Basic-Complete.png similarity index 100% rename from windows/deployment/do/images/test-scenarios/Win10a/M2-Basic-Complete.png rename to windows/deployment/do/images/test-scenarios/win10/M2-Basic-Complete.png diff --git a/windows/deployment/do/images/test-scenarios/Win10a/M3-Adv-Complete.png b/windows/deployment/do/images/test-scenarios/win10/M3-Adv-Complete.png similarity index 100% rename from windows/deployment/do/images/test-scenarios/Win10a/M3-Adv-Complete.png rename to windows/deployment/do/images/test-scenarios/win10/M3-Adv-Complete.png diff --git a/windows/deployment/do/images/test-scenarios/Win10a/m1-adv-bytes-to-peers.png b/windows/deployment/do/images/test-scenarios/win10/m1-adv-bytes-to-peers.png similarity index 100% rename from windows/deployment/do/images/test-scenarios/Win10a/m1-adv-bytes-to-peers.png rename to windows/deployment/do/images/test-scenarios/win10/m1-adv-bytes-to-peers.png diff --git a/windows/deployment/do/images/test-scenarios/Win10a/m2-adv-bytes-to-peers.png b/windows/deployment/do/images/test-scenarios/win10/m2-adv-bytes-to-peers.png similarity index 100% rename from windows/deployment/do/images/test-scenarios/Win10a/m2-adv-bytes-to-peers.png rename to windows/deployment/do/images/test-scenarios/win10/m2-adv-bytes-to-peers.png diff --git a/windows/deployment/do/images/test-scenarios/Win10a/m3-adv-bytes-to-peers.png b/windows/deployment/do/images/test-scenarios/win10/m3-adv-bytes-to-peers.png similarity index 100% rename from windows/deployment/do/images/test-scenarios/Win10a/m3-adv-bytes-to-peers.png rename to windows/deployment/do/images/test-scenarios/win10/m3-adv-bytes-to-peers.png diff --git a/windows/deployment/do/images/test-scenarios/Win11a/M1-Basic-Complete.png b/windows/deployment/do/images/test-scenarios/win11/M1-Basic-Complete.png similarity index 100% rename from windows/deployment/do/images/test-scenarios/Win11a/M1-Basic-Complete.png rename to windows/deployment/do/images/test-scenarios/win11/M1-Basic-Complete.png diff --git a/windows/deployment/do/images/test-scenarios/Win11a/M2-Basic-Complete.png b/windows/deployment/do/images/test-scenarios/win11/M2-Basic-Complete.png similarity index 100% rename from windows/deployment/do/images/test-scenarios/Win11a/M2-Basic-Complete.png rename to windows/deployment/do/images/test-scenarios/win11/M2-Basic-Complete.png From da9d473c729220c89cd41494797c07a587d8803f Mon Sep 17 00:00:00 2001 From: Carmen Forsmann Date: Wed, 16 Nov 2022 12:38:46 -0700 Subject: [PATCH 081/129] changing case --- .../{M1-Adv-Complete.png => M1-Adv-Complete1.png} | Bin 1 file changed, 0 insertions(+), 0 deletions(-) rename windows/deployment/do/images/test-scenarios/win10/{M1-Adv-Complete.png => M1-Adv-Complete1.png} (100%) diff --git a/windows/deployment/do/images/test-scenarios/win10/M1-Adv-Complete.png b/windows/deployment/do/images/test-scenarios/win10/M1-Adv-Complete1.png similarity index 100% rename from windows/deployment/do/images/test-scenarios/win10/M1-Adv-Complete.png rename to windows/deployment/do/images/test-scenarios/win10/M1-Adv-Complete1.png From ed4468498dd346f7e0a5cda04bdc04b94b719014 Mon Sep 17 00:00:00 2001 From: Carmen Forsmann Date: Wed, 16 Nov 2022 12:39:47 -0700 Subject: [PATCH 082/129] fix name --- .../{M1-Adv-Complete1.png => m1-adv-complete.png} | Bin 1 file changed, 0 insertions(+), 0 deletions(-) rename windows/deployment/do/images/test-scenarios/win10/{M1-Adv-Complete1.png => m1-adv-complete.png} (100%) diff --git a/windows/deployment/do/images/test-scenarios/win10/M1-Adv-Complete1.png b/windows/deployment/do/images/test-scenarios/win10/m1-adv-complete.png similarity index 100% rename from windows/deployment/do/images/test-scenarios/win10/M1-Adv-Complete1.png rename to windows/deployment/do/images/test-scenarios/win10/m1-adv-complete.png From 1fdad6e29ce9c0e050d37dfc10fbec71d1c7d762 Mon Sep 17 00:00:00 2001 From: Carmen Forsmann Date: Wed, 16 Nov 2022 12:47:17 -0700 Subject: [PATCH 083/129] temp names --- .../{M2-Adv-Complete.png => M2-Adv-Complete1.png} | Bin ...M2-Basic-Complete.png => M2-Basic-Complete1.png} | Bin .../{M3-Adv-Complete.png => M3-Adv-Complete1.png} | Bin ...M1-Basic-Complete.png => M1-Basic-Complete1.png} | Bin ...M2-Basic-Complete.png => M2-Basic-Complete1.png} | Bin 5 files changed, 0 insertions(+), 0 deletions(-) rename windows/deployment/do/images/test-scenarios/win10/{M2-Adv-Complete.png => M2-Adv-Complete1.png} (100%) rename windows/deployment/do/images/test-scenarios/win10/{M2-Basic-Complete.png => M2-Basic-Complete1.png} (100%) rename windows/deployment/do/images/test-scenarios/win10/{M3-Adv-Complete.png => M3-Adv-Complete1.png} (100%) rename windows/deployment/do/images/test-scenarios/win11/{M1-Basic-Complete.png => M1-Basic-Complete1.png} (100%) rename windows/deployment/do/images/test-scenarios/win11/{M2-Basic-Complete.png => M2-Basic-Complete1.png} (100%) diff --git a/windows/deployment/do/images/test-scenarios/win10/M2-Adv-Complete.png b/windows/deployment/do/images/test-scenarios/win10/M2-Adv-Complete1.png similarity index 100% rename from windows/deployment/do/images/test-scenarios/win10/M2-Adv-Complete.png rename to windows/deployment/do/images/test-scenarios/win10/M2-Adv-Complete1.png diff --git a/windows/deployment/do/images/test-scenarios/win10/M2-Basic-Complete.png b/windows/deployment/do/images/test-scenarios/win10/M2-Basic-Complete1.png similarity index 100% rename from windows/deployment/do/images/test-scenarios/win10/M2-Basic-Complete.png rename to windows/deployment/do/images/test-scenarios/win10/M2-Basic-Complete1.png diff --git a/windows/deployment/do/images/test-scenarios/win10/M3-Adv-Complete.png b/windows/deployment/do/images/test-scenarios/win10/M3-Adv-Complete1.png similarity index 100% rename from windows/deployment/do/images/test-scenarios/win10/M3-Adv-Complete.png rename to windows/deployment/do/images/test-scenarios/win10/M3-Adv-Complete1.png diff --git a/windows/deployment/do/images/test-scenarios/win11/M1-Basic-Complete.png b/windows/deployment/do/images/test-scenarios/win11/M1-Basic-Complete1.png similarity index 100% rename from windows/deployment/do/images/test-scenarios/win11/M1-Basic-Complete.png rename to windows/deployment/do/images/test-scenarios/win11/M1-Basic-Complete1.png diff --git a/windows/deployment/do/images/test-scenarios/win11/M2-Basic-Complete.png b/windows/deployment/do/images/test-scenarios/win11/M2-Basic-Complete1.png similarity index 100% rename from windows/deployment/do/images/test-scenarios/win11/M2-Basic-Complete.png rename to windows/deployment/do/images/test-scenarios/win11/M2-Basic-Complete1.png From 20dd56ba3fae38daab9f030ff1179ac9bb894e80 Mon Sep 17 00:00:00 2001 From: Carmen Forsmann Date: Wed, 16 Nov 2022 12:49:12 -0700 Subject: [PATCH 084/129] correct names --- .../{M2-Adv-Complete1.png => m2-adv-complete.png} | Bin ...M2-Basic-Complete1.png => m2-basic-complete.png} | Bin .../{M3-Adv-Complete1.png => m3-adv-complete.png} | Bin ...M1-Basic-Complete1.png => m1-basic-complete.png} | Bin ...M2-Basic-Complete1.png => m2-basic-complete.png} | Bin 5 files changed, 0 insertions(+), 0 deletions(-) rename windows/deployment/do/images/test-scenarios/win10/{M2-Adv-Complete1.png => m2-adv-complete.png} (100%) rename windows/deployment/do/images/test-scenarios/win10/{M2-Basic-Complete1.png => m2-basic-complete.png} (100%) rename windows/deployment/do/images/test-scenarios/win10/{M3-Adv-Complete1.png => m3-adv-complete.png} (100%) rename windows/deployment/do/images/test-scenarios/win11/{M1-Basic-Complete1.png => m1-basic-complete.png} (100%) rename windows/deployment/do/images/test-scenarios/win11/{M2-Basic-Complete1.png => m2-basic-complete.png} (100%) diff --git a/windows/deployment/do/images/test-scenarios/win10/M2-Adv-Complete1.png b/windows/deployment/do/images/test-scenarios/win10/m2-adv-complete.png similarity index 100% rename from windows/deployment/do/images/test-scenarios/win10/M2-Adv-Complete1.png rename to windows/deployment/do/images/test-scenarios/win10/m2-adv-complete.png diff --git a/windows/deployment/do/images/test-scenarios/win10/M2-Basic-Complete1.png b/windows/deployment/do/images/test-scenarios/win10/m2-basic-complete.png similarity index 100% rename from windows/deployment/do/images/test-scenarios/win10/M2-Basic-Complete1.png rename to windows/deployment/do/images/test-scenarios/win10/m2-basic-complete.png diff --git a/windows/deployment/do/images/test-scenarios/win10/M3-Adv-Complete1.png b/windows/deployment/do/images/test-scenarios/win10/m3-adv-complete.png similarity index 100% rename from windows/deployment/do/images/test-scenarios/win10/M3-Adv-Complete1.png rename to windows/deployment/do/images/test-scenarios/win10/m3-adv-complete.png diff --git a/windows/deployment/do/images/test-scenarios/win11/M1-Basic-Complete1.png b/windows/deployment/do/images/test-scenarios/win11/m1-basic-complete.png similarity index 100% rename from windows/deployment/do/images/test-scenarios/win11/M1-Basic-Complete1.png rename to windows/deployment/do/images/test-scenarios/win11/m1-basic-complete.png diff --git a/windows/deployment/do/images/test-scenarios/win11/M2-Basic-Complete1.png b/windows/deployment/do/images/test-scenarios/win11/m2-basic-complete.png similarity index 100% rename from windows/deployment/do/images/test-scenarios/win11/M2-Basic-Complete1.png rename to windows/deployment/do/images/test-scenarios/win11/m2-basic-complete.png From 4d2e742ab316a5a62887a3d669a096ffd62a9fdc Mon Sep 17 00:00:00 2001 From: Carmen Forsmann Date: Wed, 16 Nov 2022 12:52:25 -0700 Subject: [PATCH 085/129] temp --- ...M1-Basic-Complete.png => M1-Basic-Complete1.png} | Bin 1 file changed, 0 insertions(+), 0 deletions(-) rename windows/deployment/do/images/test-scenarios/win10/{M1-Basic-Complete.png => M1-Basic-Complete1.png} (100%) diff --git a/windows/deployment/do/images/test-scenarios/win10/M1-Basic-Complete.png b/windows/deployment/do/images/test-scenarios/win10/M1-Basic-Complete1.png similarity index 100% rename from windows/deployment/do/images/test-scenarios/win10/M1-Basic-Complete.png rename to windows/deployment/do/images/test-scenarios/win10/M1-Basic-Complete1.png From 3c059ee3d4c50490d5d3e5f607b57cfa1ad6dfd9 Mon Sep 17 00:00:00 2001 From: Carmen Forsmann Date: Wed, 16 Nov 2022 12:52:51 -0700 Subject: [PATCH 086/129] fix name --- ...M1-Basic-Complete1.png => m1-basic-complete.png} | Bin 1 file changed, 0 insertions(+), 0 deletions(-) rename windows/deployment/do/images/test-scenarios/win10/{M1-Basic-Complete1.png => m1-basic-complete.png} (100%) diff --git a/windows/deployment/do/images/test-scenarios/win10/M1-Basic-Complete1.png b/windows/deployment/do/images/test-scenarios/win10/m1-basic-complete.png similarity index 100% rename from windows/deployment/do/images/test-scenarios/win10/M1-Basic-Complete1.png rename to windows/deployment/do/images/test-scenarios/win10/m1-basic-complete.png From 0c7a343524108e27d4c0bf6d150d568d88003d69 Mon Sep 17 00:00:00 2001 From: Paolo Matarazzo <74918781+paolomatarazzo@users.noreply.github.com> Date: Wed, 16 Nov 2022 15:07:47 -0500 Subject: [PATCH 087/129] updates --- .../hello-for-business/toc.yml | 20 +++++++++---------- 1 file changed, 10 insertions(+), 10 deletions(-) diff --git a/windows/security/identity-protection/hello-for-business/toc.yml b/windows/security/identity-protection/hello-for-business/toc.yml index ce82c50488..cefc91cf34 100644 --- a/windows/security/identity-protection/hello-for-business/toc.yml +++ b/windows/security/identity-protection/hello-for-business/toc.yml @@ -123,16 +123,16 @@ href: feature-multifactor-unlock.md - name: Remote desktop (RDP) sign-in href: hello-feature-remote-desktop.md - - name: Troubleshooting - items: - - name: Known deployment issues - href: hello-deployment-issues.md - - name: Errors during PIN creation - href: hello-errors-during-pin-creation.md - - name: Event ID 300 - Windows Hello successfully created - href: hello-event-300.md - - name: Windows Hello and password changes - href: hello-and-password-changes.md +- name: Troubleshooting + items: + - name: Known deployment issues + href: hello-deployment-issues.md + - name: Errors during PIN creation + href: hello-errors-during-pin-creation.md + - name: Event ID 300 - Windows Hello successfully created + href: hello-event-300.md + - name: Windows Hello and password changes + href: hello-and-password-changes.md - name: Reference items: - name: Technology and terminology From fe021353e07859a57e47cb4fb6a476cfd4cc34a9 Mon Sep 17 00:00:00 2001 From: Dario Woitasen <33589238+dariomws@users.noreply.github.com> Date: Wed, 16 Nov 2022 21:28:16 +0100 Subject: [PATCH 088/129] Update waas-manage-updates-wufb.md --- windows/deployment/update/waas-manage-updates-wufb.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/deployment/update/waas-manage-updates-wufb.md b/windows/deployment/update/waas-manage-updates-wufb.md index 2737ca60d1..ce28b14f14 100644 --- a/windows/deployment/update/waas-manage-updates-wufb.md +++ b/windows/deployment/update/waas-manage-updates-wufb.md @@ -48,7 +48,7 @@ Windows Update for Business enables an IT administrator to receive and manage a Windows Update for Business provides management policies for several types of updates to Windows 10 devices: - **Feature updates:** Previously referred to as "upgrades," feature updates contain not only security and quality revisions, but also significant feature additions and changes. Feature updates are released as soon as they become available. -- **Quality updates:** Quality updates are traditional operating system updates, typically released on the second Tuesday of each month (though they can be released at any time). These include security, critical, and driver updates. Windows Update for Business also treats non-Windows updates (such as updates for Microsoft Office or Visual Studio) as quality updates. These non-Windows Updates are known as "Microsoft updates" and you can set devices to receive such updates (or not) along with their Windows updates. +- **Quality updates:** Quality updates are traditional operating system updates, typically released on the second Tuesday of each month (though they can be released at any time). These include security, critical, and driver updates. - **Driver updates:** Updates for non-Microsoft drivers that are relevant to your devices. Driver updates are on by default, but you can use Windows Update for Business policies to turn them off if you prefer. - **Microsoft product updates**: Updates for other Microsoft products, such as versions of Office that are installed by using Windows Installer (MSI). Versions of Office that are installed by using Click-to-Run can't be updated by using Windows Update for Business. Product updates are off by default. You can turn them on by using Windows Update for Business policies. From 0b24bf620ba0680a4e6bcff31708746f1809c477 Mon Sep 17 00:00:00 2001 From: Frank Rojas <45807133+frankroj@users.noreply.github.com> Date: Wed, 16 Nov 2022 15:58:05 -0500 Subject: [PATCH 089/129] Metadata/style update BitLocker 16 --- .../bitlocker/ts-bitlocker-network-unlock-issues.md | 12 +++++------- 1 file changed, 5 insertions(+), 7 deletions(-) diff --git a/windows/security/information-protection/bitlocker/ts-bitlocker-network-unlock-issues.md b/windows/security/information-protection/bitlocker/ts-bitlocker-network-unlock-issues.md index 55754de002..babc9f17b3 100644 --- a/windows/security/information-protection/bitlocker/ts-bitlocker-network-unlock-issues.md +++ b/windows/security/information-protection/bitlocker/ts-bitlocker-network-unlock-issues.md @@ -27,8 +27,6 @@ For general guidelines about how to troubleshoot Network Unlock, see [How to ena This article describes several known issues that you may encounter when you use Network Unlock, and provides guidance to address these issues. -## Tip: Detect whether BitLocker Network Unlock is enabled on a specific computer - > [!TIP] > BitLocker Network Unlock can be detected if it is enabled on a specific computer use the following steps on UEFI computers: > @@ -50,15 +48,15 @@ This article describes several known issues that you may encounter when you use > > 1. The following registry key exists and has the following value: > -> - **Subkey**: `HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\FVE` -> - **Type**: `REG_DWORD` -> - **Value**: `OSManageNKP` equal to `1` (True) +> - **Subkey**: `HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\FVE` +> - **Type**: `REG_DWORD` +> - **Value**: `OSManageNKP` equal to `1` (True) > > 2. The registry key: > -> `HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\SystemCertificates\FVE_NKP\Certificates` +> `HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\SystemCertificates\FVE_NKP\Certificates` > -> has an entry whose name matches the name of the certificate thumbprint of the Network Unlock key protector that you found in step 1. +> has an entry whose name matches the name of the certificate thumbprint of the Network Unlock key protector that you found in step 1. ## On a Surface Pro 4 device, BitLocker Network Unlock doesn't work because the UEFI network stack is incorrectly configured From ac28e5531dd2602796c9ffbf0102cedc7221fb75 Mon Sep 17 00:00:00 2001 From: Paolo Matarazzo <74918781+paolomatarazzo@users.noreply.github.com> Date: Wed, 16 Nov 2022 16:03:39 -0500 Subject: [PATCH 090/129] updates --- .../security/identity-protection/hello-for-business/toc.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/windows/security/identity-protection/hello-for-business/toc.yml b/windows/security/identity-protection/hello-for-business/toc.yml index cefc91cf34..14efe63a1e 100644 --- a/windows/security/identity-protection/hello-for-business/toc.yml +++ b/windows/security/identity-protection/hello-for-business/toc.yml @@ -91,7 +91,7 @@ href: hello-key-trust-validate-deploy-mfa.md - name: Configure Windows Hello for Business policy settings href: hello-key-trust-policy-settings.md - - name: Active Directory domain join with certificate trust deployment + - name: Active Directory domain join with certificate trust items: - name: Certificate trust deployment href: hello-deployment-cert-trust.md @@ -105,7 +105,7 @@ href: hello-cert-trust-validate-deploy-mfa.md - name: Configure Windows Hello for Business policy settings href: hello-cert-trust-policy-settings.md - - name: Deploy certificates for remote desktop (RDP) sign-in + - name: Deploy certificates for RDP sign-in href: hello-deployment-rdp-certs.md - name: Manage Windows Hello for Business in your organization href: hello-manage-in-organization.md From 662010199f8ba23bf957761ef864c3ac6af949e5 Mon Sep 17 00:00:00 2001 From: Paolo Matarazzo <74918781+paolomatarazzo@users.noreply.github.com> Date: Wed, 16 Nov 2022 16:12:44 -0500 Subject: [PATCH 091/129] Acrolinx --- .../hello-deployment-rdp-certs.md | 23 +++++++++++-------- 1 file changed, 13 insertions(+), 10 deletions(-) diff --git a/windows/security/identity-protection/hello-for-business/hello-deployment-rdp-certs.md b/windows/security/identity-protection/hello-for-business/hello-deployment-rdp-certs.md index 7906bff218..4e02c5471c 100644 --- a/windows/security/identity-protection/hello-for-business/hello-deployment-rdp-certs.md +++ b/windows/security/identity-protection/hello-for-business/hello-deployment-rdp-certs.md @@ -28,7 +28,7 @@ This document describes Windows Hello for Business functionalities or scenarios --- -Windows Hello for Business supports using a certificate as the supplied credential when establishing a remote desktop connection to another Windows device. This document discusses three approaches for *cloud Kerberos trust* and *key trust* deployments, where authentication certificates can be deployed to an existing Windows Hello for Business user: +Windows Hello for Business supports using a certificate as the supplied credential, when establishing a remote desktop connection to another Windows device. This document discusses three approaches for *cloud Kerberos trust* and *key trust* deployments, where authentication certificates can be deployed to an existing Windows Hello for Business user: - Deploy certificates to hybrid joined devices using an on-premises Active Directory Certificate Services enrollment policy - Deploy certificates to hybrid or Azure AD-joined devices using Intune @@ -39,7 +39,7 @@ Windows Hello for Business supports using a certificate as the supplied credenti > [!NOTE] > This process is applicable to *hybrid Azure AD joined* devices only. -To deploy certificates using an on-premises Active Directory Certificate Services enrollment policy, you must first create a *certificate template* and then deploy certificates based on that template. +To deploy certificates using an on-premises Active Directory Certificate Services enrollment policy, you must first create a *certificate template*, and then deploy certificates based on that template. Expand the following sections to learn more about the process. @@ -61,7 +61,7 @@ Follow these steps to create a certificate template: | *Compatibility* |
    • Clear the **Show resulting changes** check box
    • Select **Windows Server 2012 or Windows Server 2012 R2** from the *Certification Authority list*
    • Select **Windows Server 2012 or Windows Server 2012 R2** from the *Certification Recipient list*
    | | *General* |
    • Specify a **Template display name**, for example *WHfB Certificate Authentication*
    • Set the validity period to the desired value
    • Take note of the Template name for later, which should be the same as the Template display name minus spaces (*WHfBCertificateAuthentication* in this example)
    | | *Extensions* | Verify the **Application Policies** extension includes **Smart Card Logon**| - | *Subject Name* |
    • Select the **Build from this Active Directory** information button if it is not already selected
    • Select **Fully distinguished name** from the **Subject name format** list if Fully distinguished name is not already selected
    • Select the **User Principal Name (UPN)** check box under **Include this information in alternative subject name**
    | + | *Subject Name* |
    • Select the **Build from this Active Directory** information button if it isn't already selected
    • Select **Fully distinguished name** from the **Subject name format** list if Fully distinguished name isn't already selected
    • Select the **User Principal Name (UPN)** check box under **Include this information in alternative subject name**
    | |*Request Handling*|
    • Set the Purpose to **Signature and smartcard logon** and select **Yes** when prompted to change the certificate purpose
    • Select the **Renew with same key** check box
    • Select **Prompt the user during enrollment**
    | |*Cryptography*|
    • Set the Provider Category to **Key Storage Provider**
    • Set the Algorithm name to **RSA**
    • Set the minimum key size to **2048**
    • Select **Requests must use one of the following providers**
    • Select **Microsoft Software Key Storage Provider**
    • Set the Request hash to **SHA256**
    | |*Security*|Add the security group that you want to give **Enroll** access to. For example, if you want to give access to all users, select the **Authenticated** users group, and then select Enroll permissions for them| @@ -132,8 +132,8 @@ This section describes how to configure a SCEP policy in Intune. Similar steps c 1. Select **Devices > Configuration profiles > Create profile** 1. Select **Platform > Windows 10 and later** and **Profile type > Templates > SCEP Certificate** 1. Select **Create** -1. In the *Basics* blade, provide a **Name** and, optionally, a **Description > Next** -1. In the *Configuration settings* blade, use the following table to configure the policy: +1. In the *Basics* panel, provide a **Name** and, optionally, a **Description > Next** +1. In the *Configuration settings* panel, use the following table to configure the policy: | Setting| Configurations | | --- | --- | @@ -151,9 +151,9 @@ This section describes how to configure a SCEP policy in Intune. Similar steps c |*SCEP Server URLs*|Provide the public endpoint(s) that you configured during the deployment of your SCEP infrastructure| 1. Select **Next** -1. In the *Assignments* bladeAssign the policy to a security group that contains as members the devices or users that you want to configure and select **Next** -1. In the *Applicability Rules* blade, provide additional issuance restrictions, if needed, and select **Next** -1. In the *Review + create* blade, review the policy configuration and select **Create** +1. In the *Assignments* panel, assign the policy to a security group that contains as members the devices or users that you want to configure and select **Next** +1. In the *Applicability Rules* panel, configure issuance restrictions, if needed, and select **Next** +1. In the *Review + create* panel, review the policy configuration and select **Create** For more information how to configure SCEP policies, see [Configure SCEP certificate profiles in Intune][MEM-3]. To configure PKCS policies, see [Configure and use PKCS certificate with Intune][MEM-4]. @@ -174,7 +174,7 @@ Once the Intune policy is created, targeted clients will request a certificate d ## Using non-Microsoft Enterprise Certificate Authorities -If you are using a non-Microsoft PKI, the certificate templates published to the on-premises Active Directory may not be available. For guidance with integration of Intune/SCEP with non-Microsoft PKI deployments, refer to [Use third-party certification authorities (CA) with SCEP in Microsoft Intune][MEM-6]. +If you're using a non-Microsoft PKI, the certificate templates published to the on-premises Active Directory may not be available. For guidance with integration of Intune/SCEP with non-Microsoft PKI deployments, refer to [Use third-party certification authorities (CA) with SCEP in Microsoft Intune][MEM-6]. As an alternative to using SCEP or if none of the previously covered solutions will work in your environment, you can manually generate Certificate Signing Requests (CSR) for submission to your PKI. To assist with this approach, you can use the [Generate-CertificateRequest][HTTP-1] PowerShell commandlet. @@ -182,7 +182,10 @@ The `Generate-CertificateRequest` commandlet will generate an *.inf* file for a ## RDP Sign-in with Windows Hello for Business Certificate Authentication -After adding the certificate using an approach from any of the previous sections, you can RDP to any Windows device or server in the same Forest as the user's Active Directory account, provided the PKI certificate chain for the issuing certificate authority is deployed to that target server. +After obtaining a certificate, users can RDP to any Windows devices in the same Active Directory forest as the user's Active Directory account. + +> [!NOTE] +> The certificate chain of the issuing CA must be trusted by the target server. 1. Open the Remote Desktop Client (`mstsc.exe`) on the client where the authentication certificate has been deployed 1. Attempt an RDP session to a target server From 3c2669930795ee48dc24d68237b1e095cc5c9e51 Mon Sep 17 00:00:00 2001 From: Paolo Matarazzo <74918781+paolomatarazzo@users.noreply.github.com> Date: Wed, 16 Nov 2022 16:30:40 -0500 Subject: [PATCH 092/129] updates --- .../hello-for-business/hello-deployment-rdp-certs.md | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/windows/security/identity-protection/hello-for-business/hello-deployment-rdp-certs.md b/windows/security/identity-protection/hello-for-business/hello-deployment-rdp-certs.md index 4e02c5471c..282264de1e 100644 --- a/windows/security/identity-protection/hello-for-business/hello-deployment-rdp-certs.md +++ b/windows/security/identity-protection/hello-for-business/hello-deployment-rdp-certs.md @@ -72,7 +72,7 @@ Follow these steps to create a certificate template: 1. Execute the following command, replacing `` with the **Template display name** noted above ```cmd - certutil -dstemplate > + certutil.exe -dstemplate > ``` 1. Open the text file created by the command above. @@ -85,7 +85,7 @@ Follow these steps to create a certificate template: 1. Update the certificate template by executing the following command: ```cmd - certutil -dsaddtemplate + certutil.exe -dsaddtemplate ``` 1. In the Certificate Authority console, right-click **Certificate Templates**, select **New > Certificate Template to Issue** @@ -108,7 +108,7 @@ Follow these steps to create a certificate template:
    -## Deploy certificates via Microsoft Intune +## Deploy certificates via Intune > [!NOTE] > This process is applicable to both *Azure AD joined* and *hybrid Azure AD joined* devices that are managed via Intune. @@ -172,7 +172,7 @@ Once the Intune policy is created, targeted clients will request a certificate d -## Using non-Microsoft Enterprise Certificate Authorities +## Use third-party certification authorities If you're using a non-Microsoft PKI, the certificate templates published to the on-premises Active Directory may not be available. For guidance with integration of Intune/SCEP with non-Microsoft PKI deployments, refer to [Use third-party certification authorities (CA) with SCEP in Microsoft Intune][MEM-6]. @@ -180,7 +180,7 @@ As an alternative to using SCEP or if none of the previously covered solutions w The `Generate-CertificateRequest` commandlet will generate an *.inf* file for a pre-existing Windows Hello for Business key. The *.inf* can be used to generate a certificate request manually using `certreq.exe`. The commandlet will also generate a *.req* file, which can be submitted to your PKI for a certificate. -## RDP Sign-in with Windows Hello for Business Certificate Authentication +## RDP sign-in with Windows Hello for Business certificate authentication After obtaining a certificate, users can RDP to any Windows devices in the same Active Directory forest as the user's Active Directory account. From 1fab2aa3fbd888657b2eb4573f333e821f9c5bf6 Mon Sep 17 00:00:00 2001 From: Tarun Maganur <104856032+Tarun-Edu@users.noreply.github.com> Date: Wed, 16 Nov 2022 14:23:16 -0800 Subject: [PATCH 093/129] Update windows-11-se-overview.md --- education/windows/windows-11-se-overview.md | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/education/windows/windows-11-se-overview.md b/education/windows/windows-11-se-overview.md index 4a7f0897d8..0ca70114c9 100644 --- a/education/windows/windows-11-se-overview.md +++ b/education/windows/windows-11-se-overview.md @@ -81,6 +81,8 @@ The following applications can also run on Windows 11 SE, and can be deployed us | Application | Supported version | App Type | Vendor | |-----------------------------------------|-------------------|----------|------------------------------| +| 3d builder | 15.2.10821.1070 | Win32 | Microsoft | +| Absolute Software Endpoint Agent | 7.21-15655 | Win32 | Absolute Software Corporation| | AirSecure | 8.0.0 | Win32 | AIR | | Alertus Desktop | 5.4.44.0 | Win32 | Alertus technologies | | Brave Browser | 106.0.5249.65 | Win32 | Brave | @@ -95,6 +97,7 @@ The following applications can also run on Windows 11 SE, and can be deployed us | DRC INSIGHT Online Assessments | 12.0.0.0 | Store | Data recognition Corporation | | Duo from Cisco | 2.25.0 | Win32 | Cisco | | e-Speaking Voice and Speech recognition | 4.4.0.8 | Win32 | e-speaking | +|Epson iProjection | 3.31 | Win32 | Epson | | eTests | 4.0.25 | Win32 | CASAS | | FortiClient | 7.2.0.4034+ | Win32 | Fortinet | | Free NaturalReader | 16.1.2 | Win32 | Natural Soft | @@ -104,6 +107,7 @@ The following applications can also run on Windows 11 SE, and can be deployed us | Illuminate Lockdown Browser | 2.0.5 | Win32 | Illuminate Education | | Immunet | 7.5.0.20795 | Win32 | Immunet | | Impero Backdrop Client | 4.4.86 | Win32 | Impero Software | +| Inspiration 10 | 10.11 | Win32 | Inspiration Software, Inc. | | JAWS for Windows | 2022.2112.24 | Win32 | Freedom Scientific | | Kite Student Portal | 8.0.3.0 | Win32 | Dynamic Learning Maps | | Kortext | 2.3.433.0 | Store | Kortext | @@ -122,6 +126,7 @@ The following applications can also run on Windows 11 SE, and can be deployed us | NextUp Talker | 1.0.49 | Win32 | NextUp Technologies | | NonVisual Desktop Access | 2021.3.1 | Win32 | NV Access | | NWEA Secure Testing Browser | 5.4.356.0 | Win32 | NWEA | +| Papercut | 22.0.6 | Win32 | PaperCut Software International Pty Ltd | | Pearson TestNav | 1.10.2.0 | Store | Pearson | | Questar Secure Browser | 4.8.3.376 | Win32 | Questar, Inc | | ReadAndWriteForWindows | 12.0.60.0 | Win32 | Texthelp Ltd. | @@ -130,8 +135,12 @@ The following applications can also run on Windows 11 SE, and can be deployed us | Respondus Lockdown Browser | 2.0.9.00 | Win32 | Respondus | | Safe Exam Browser | 3.3.2.413 | Win32 | Safe Exam Browser | | Senso.Cloud | 2021.11.15.0 | Win32 | Senso.Cloud | +| Smoothwall monitor | 2.8.0 | Win32 | Smoothwall Ltd | | SuperNova Magnifier & Screen Reader | 21.02 | Win32 | Dolphin Computer Access | | SuperNova Magnifier & Speech | 21.02 | Win32 | Dolphin Computer Access | +| VitalSourceBookShelf | 10.2.26.0 | Win32 | VitalSource Technologies Inc | +| Winbird | 19 | Win32 | Winbird Co., Ltd. | +| WordQ | 5.4.23 | Win32 | Mathetmots | | Zoom | 5.9.1 (2581) | Win32 | Zoom | | ZoomText Fusion | 2022.2109.10 | Win32 | Freedom Scientific | | ZoomText Magnifier/Reader | 2022.2109.25 | Win32 | Freedom Scientific | From e046339c22795f2dc589b336dd46afd64c885f9c Mon Sep 17 00:00:00 2001 From: Angela Fleischmann Date: Wed, 16 Nov 2022 16:02:32 -0700 Subject: [PATCH 094/129] Update windows/security/identity-protection/hello-for-business/hello-deployment-rdp-certs.md Line 24: Delete extra space. --- .../hello-for-business/hello-deployment-rdp-certs.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/security/identity-protection/hello-for-business/hello-deployment-rdp-certs.md b/windows/security/identity-protection/hello-for-business/hello-deployment-rdp-certs.md index 282264de1e..21944d8198 100644 --- a/windows/security/identity-protection/hello-for-business/hello-deployment-rdp-certs.md +++ b/windows/security/identity-protection/hello-for-business/hello-deployment-rdp-certs.md @@ -21,7 +21,7 @@ ms.technology: itpro-security This document describes Windows Hello for Business functionalities or scenarios that apply to:\ ✅ **Deployment type:** [hybrid](hello-how-it-works-technology.md#hybrid-deployment)\ -✅ **Trust type:** [cloud Kerberos trust](hello-hybrid-cloud-kerberos-trust.md), [ key trust](hello-how-it-works-technology.md#key-trust)\ +✅ **Trust type:** [cloud Kerberos trust](hello-hybrid-cloud-kerberos-trust.md), [key trust](hello-how-it-works-technology.md#key-trust)\ ✅ **Device registration type:** [Azure AD join](hello-how-it-works-technology.md#azure-active-directory-join), [Hybrid Azure AD join](hello-how-it-works-technology.md#hybrid-azure-ad-join)
    From 36d0a44d3498ce48bfa39d4f86acad457b8b857c Mon Sep 17 00:00:00 2001 From: Angela Fleischmann Date: Wed, 16 Nov 2022 16:28:45 -0700 Subject: [PATCH 095/129] Update education/windows/windows-11-se-overview.md Line 129: Fix casing of PaperCut. --- education/windows/windows-11-se-overview.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/education/windows/windows-11-se-overview.md b/education/windows/windows-11-se-overview.md index 0ca70114c9..96a201ab55 100644 --- a/education/windows/windows-11-se-overview.md +++ b/education/windows/windows-11-se-overview.md @@ -126,7 +126,7 @@ The following applications can also run on Windows 11 SE, and can be deployed us | NextUp Talker | 1.0.49 | Win32 | NextUp Technologies | | NonVisual Desktop Access | 2021.3.1 | Win32 | NV Access | | NWEA Secure Testing Browser | 5.4.356.0 | Win32 | NWEA | -| Papercut | 22.0.6 | Win32 | PaperCut Software International Pty Ltd | +| PaperCut | 22.0.6 | Win32 | PaperCut Software International Pty Ltd | | Pearson TestNav | 1.10.2.0 | Store | Pearson | | Questar Secure Browser | 4.8.3.376 | Win32 | Questar, Inc | | ReadAndWriteForWindows | 12.0.60.0 | Win32 | Texthelp Ltd. | From fc383a31cbd4329cef16dc09a8a222a9e9dbfd61 Mon Sep 17 00:00:00 2001 From: Angela Fleischmann Date: Wed, 16 Nov 2022 16:44:38 -0700 Subject: [PATCH 096/129] Update hello-deployment-rdp-certs.md Add missing periods. Delete unnecessary html break code. Add missing pipes to tables. --- .../hello-deployment-rdp-certs.md | 117 ++++++++---------- 1 file changed, 55 insertions(+), 62 deletions(-) diff --git a/windows/security/identity-protection/hello-for-business/hello-deployment-rdp-certs.md b/windows/security/identity-protection/hello-for-business/hello-deployment-rdp-certs.md index 21944d8198..ee4350d328 100644 --- a/windows/security/identity-protection/hello-for-business/hello-deployment-rdp-certs.md +++ b/windows/security/identity-protection/hello-for-business/hello-deployment-rdp-certs.md @@ -20,14 +20,11 @@ ms.technology: itpro-security # Deploy certificates for remote desktop (RDP) sign-in This document describes Windows Hello for Business functionalities or scenarios that apply to:\ -✅ **Deployment type:** [hybrid](hello-how-it-works-technology.md#hybrid-deployment)\ -✅ **Trust type:** [cloud Kerberos trust](hello-hybrid-cloud-kerberos-trust.md), [key trust](hello-how-it-works-technology.md#key-trust)\ -✅ **Device registration type:** [Azure AD join](hello-how-it-works-technology.md#azure-active-directory-join), [Hybrid Azure AD join](hello-how-it-works-technology.md#hybrid-azure-ad-join) - -
    +✅ **Deployment type:** [hybrid](hello-how-it-works-technology.md#hybrid-deployment)\. +✅ **Trust type:** [cloud Kerberos trust](hello-hybrid-cloud-kerberos-trust.md), [key trust](hello-how-it-works-technology.md#key-trust)\. +✅ **Device registration type:** [Azure AD join](hello-how-it-works-technology.md#azure-active-directory-join), [Hybrid Azure AD join](hello-how-it-works-technology.md#hybrid-azure-ad-join). --- - Windows Hello for Business supports using a certificate as the supplied credential, when establishing a remote desktop connection to another Windows device. This document discusses three approaches for *cloud Kerberos trust* and *key trust* deployments, where authentication certificates can be deployed to an existing Windows Hello for Business user: - Deploy certificates to hybrid joined devices using an on-premises Active Directory Certificate Services enrollment policy @@ -43,33 +40,32 @@ To deploy certificates using an on-premises Active Directory Certificate Service Expand the following sections to learn more about the process. -
    Create a Windows Hello for Business certificate template Follow these steps to create a certificate template: -1. Sign in to your issuing certificate authority (CA) and open *Server Manager* -1. Select **Tools > Certification Authority**. The Certification Authority Microsoft Management Console (MMC) opens -1. In the MMC, expand the CA name and right-click **Certificate Templates > Manage** -1. The Certificate Templates console opens. All of the certificate templates are displayed in the details pane -1. Right-click the **Smartcard Logon** template and select **Duplicate Template** +1. Sign in to your issuing certificate authority (CA) and open *Server Manager*. +1. Select **Tools > Certification Authority**. The Certification Authority Microsoft Management Console (MMC) opens. +1. In the MMC, expand the CA name and right-click **Certificate Templates > Manage**. +1. The Certificate Templates console opens. All of the certificate templates are displayed in the details pane. +1. Right-click the **Smartcard Logon** template and select **Duplicate Template**. 1. Use the following table to configure the template: | Tab Name | Configurations | | --- | --- | - | *Compatibility* |
    • Clear the **Show resulting changes** check box
    • Select **Windows Server 2012 or Windows Server 2012 R2** from the *Certification Authority list*
    • Select **Windows Server 2012 or Windows Server 2012 R2** from the *Certification Recipient list*
    | - | *General* |
    • Specify a **Template display name**, for example *WHfB Certificate Authentication*
    • Set the validity period to the desired value
    • Take note of the Template name for later, which should be the same as the Template display name minus spaces (*WHfBCertificateAuthentication* in this example)
    | - | *Extensions* | Verify the **Application Policies** extension includes **Smart Card Logon**| - | *Subject Name* |
    • Select the **Build from this Active Directory** information button if it isn't already selected
    • Select **Fully distinguished name** from the **Subject name format** list if Fully distinguished name isn't already selected
    • Select the **User Principal Name (UPN)** check box under **Include this information in alternative subject name**
    | - |*Request Handling*|
    • Set the Purpose to **Signature and smartcard logon** and select **Yes** when prompted to change the certificate purpose
    • Select the **Renew with same key** check box
    • Select **Prompt the user during enrollment**
    | - |*Cryptography*|
    • Set the Provider Category to **Key Storage Provider**
    • Set the Algorithm name to **RSA**
    • Set the minimum key size to **2048**
    • Select **Requests must use one of the following providers**
    • Select **Microsoft Software Key Storage Provider**
    • Set the Request hash to **SHA256**
    | - |*Security*|Add the security group that you want to give **Enroll** access to. For example, if you want to give access to all users, select the **Authenticated** users group, and then select Enroll permissions for them| + | *Compatibility* |
    • Clear the **Show resulting changes** check box.
    • Select **Windows Server 2012 or Windows Server 2012 R2** from the *Certification Authority list*.
    • Select **Windows Server 2012 or Windows Server 2012 R2** from the *Certification Recipient list*.
    | + | *General* |
    • Specify a **Template display name**, for example *WHfB Certificate Authentication*.
    • Set the validity period to the desired value.
    • Take note of the Template name for later, which should be the same as the Template display name minus spaces (*WHfBCertificateAuthentication* in this example).
    | + | *Extensions* | Verify the **Application Policies** extension includes **Smart Card Logon**.| + | *Subject Name* |
    • Select the **Build from this Active Directory** information button if it isn't already selected.
    • Select **Fully distinguished name** from the **Subject name format** list if Fully distinguished name isn't already selected.
    • Select the **User Principal Name (UPN)** check box under **Include this information in alternative subject name**.
    | + |*Request Handling*|
    • Set the Purpose to **Signature and smartcard logon** and select **Yes** when prompted to change the certificate purpose.
    • Select the **Renew with same key** check box.
    • Select **Prompt the user during enrollment**.
    | + |*Cryptography*|
    • Set the Provider Category to **Key Storage Provider**.
    • Set the Algorithm name to **RSA**.
    • Set the minimum key size to **2048**.
    • Select **Requests must use one of the following providers**.
    • Select **Microsoft Software Key Storage Provider**.
    • Set the Request hash to **SHA256**.
    | + |*Security*|Add the security group that you want to give **Enroll** access to. For example, if you want to give access to all users, select the **Authenticated** users group, and then select Enroll permissions for them.| -1. Select **OK** to finalize your changes and create the new template. Your new template should now appear in the list of Certificate Templates -1. Close the Certificate Templates console -1. Open an elevated command prompt and change to a temporary working directory -1. Execute the following command, replacing `` with the **Template display name** noted above +1. Select **OK** to finalize your changes and create the new template. Your new template should now appear in the list of Certificate Templates. +1. Close the Certificate Templates console. +1. Open an elevated command prompt and change to a temporary working directory. +1. Execute the following command, replacing `` with the **Template display name** noted above. ```cmd certutil.exe -dstemplate > @@ -80,31 +76,30 @@ Follow these steps to create a certificate template: `CertUtil: -dsTemplate command completed successfully.` - Modify the line that reads\ `pKIDefaultCSPs = "1,Microsoft Software Key Storage Provider"` to\ - `pKIDefaultCSPs = "1,Microsoft Passport Key Storage Provider"` -1. Save the text file + `pKIDefaultCSPs = "1,Microsoft Passport Key Storage Provider"`. +1. Save the text file. 1. Update the certificate template by executing the following command: ```cmd certutil.exe -dsaddtemplate ``` -1. In the Certificate Authority console, right-click **Certificate Templates**, select **New > Certificate Template to Issue** -1. From the list of templates, select the template you previously created (**WHFB Certificate Authentication**) and select **OK**. It can take some time for the template to replicate to all servers and become available in this list -1. After the template replicates, in the MMC, right-click in the Certification Authority list, select **All Tasks > Stop Service**. Right-click the name of the CA again, select **All Tasks > Start Service** +1. In the Certificate Authority console, right-click **Certificate Templates**, select **New > Certificate Template to Issue**. +1. From the list of templates, select the template you previously created (**WHFB Certificate Authentication**) and select **OK**. It can take some time for the template to replicate to all servers and become available in this list. +1. After the template replicates, in the MMC, right-click in the Certification Authority list, select **All Tasks > Stop Service**. Right-click the name of the CA again, select **All Tasks > Start Service**.
    -
    Request a certificate -1. Sign in to a client that is hybrid Azure AD joined, ensuring that the client has line of sight to a domain controller and the issuing CA -1. Open the **Certificates - Current User** Microsoft Management Console (MMC). To do so, you can execute the command `certmgr.msc` -1. In the left pane of the MMC, right-click **Personal > All Tasks > Request New Certificate…** -1. On the Certificate Enrollment screen, select **Next** -1. Under *Select Certificate Enrollment Policy*, select **Active Directory Enrollment Policy > Next** -1. Under *Request Certificates*, select the check-box for the certificate template you created in the previous section (*WHfB Certificate Authentication*) and then select **Enroll** -1. After a successful certificate request, select **Finish** on the Certificate Installation Results screen +1. Sign in to a client that is hybrid Azure AD joined, ensuring that the client has line of sight to a domain controller and the issuing CA. +1. Open the **Certificates - Current User** Microsoft Management Console (MMC). To do so, you can execute the command `certmgr.msc`. +1. In the left pane of the MMC, right-click **Personal > All Tasks > Request New Certificate…**. +1. On the Certificate Enrollment screen, select **Next**. +1. Under *Select Certificate Enrollment Policy*, select **Active Directory Enrollment Policy > Next**. +1. Under *Request Certificates*, select the check-box for the certificate template you created in the previous section (*WHfB Certificate Authentication*) and then select **Enroll**. +1. After a successful certificate request, select **Finish** on the Certificate Installation Results screen.
    @@ -115,60 +110,58 @@ Follow these steps to create a certificate template: Deploying a certificate to Azure AD joined or hybrid Azure AD joined devices may be achieved using the Simple Certificate Enrollment Protocol (SCEP) or PKCS (PFX) via Intune. For guidance deploying the required infrastructure, refer to: -- [Configure infrastructure to support SCEP certificate profiles with Microsoft Intune][MEM-1] -- [Configure and use PKCS certificates with Intune][MEM-2] +- [Configure infrastructure to support SCEP certificate profiles with Microsoft Intune][MEM-1]. +- [Configure and use PKCS certificates with Intune][MEM-2]. Next, you should deploy the root CA certificate (and any other intermediate certificate authority certificates) to Azure AD joined Devices using a *Trusted root certificate* policy with Intune. For guidance, refer to [Create trusted certificate profiles in Microsoft Intune][MEM-5]. Once these requirements are met, a policy can be configured in Intune that provisions certificates for the users on the targeted device. -
    Create a policy in Intune This section describes how to configure a SCEP policy in Intune. Similar steps can be followed to configure a PKCS policy. -1. Go to the Microsoft Endpoint Manager admin center -1. Select **Devices > Configuration profiles > Create profile** -1. Select **Platform > Windows 10 and later** and **Profile type > Templates > SCEP Certificate** -1. Select **Create** -1. In the *Basics* panel, provide a **Name** and, optionally, a **Description > Next** +1. Go to the Microsoft Endpoint Manager admin center. +1. Select **Devices > Configuration profiles > Create profile**. +1. Select **Platform > Windows 10 and later** and **Profile type > Templates > SCEP Certificate**. +1. Select **Create**. +1. In the *Basics* panel, provide a **Name** and, optionally, a **Description > Next**. 1. In the *Configuration settings* panel, use the following table to configure the policy: | Setting| Configurations | | --- | --- | |*Certificate Type*| User | |*Subject name format* | `CN={{UserPrincipalName}}` | - |*Subject alternative name* |From the dropdown, select **User principal name (UPN)** with a value of `CN={{UserPrincipalName}}` + |*Subject alternative name* |From the dropdown, select **User principal name (UPN)** with a value of `CN={{UserPrincipalName}}`.| |*Certificate validity period* | Configure a value of your choosing| - |*Key storage provider (KSP)* | **Enroll to Windows Hello for Business, otherwise fail (Windows 10 and later)** + |*Key storage provider (KSP)* | **Enroll to Windows Hello for Business, otherwise fail (Windows 10 and later)**.| |*Key usage*| **Digital Signature**| |*Key size (bits)* | **2048**| |*For Hash algorithm*|**SHA-2**| - |*Root Certificate*| Select **+Root Certificate** and select the trusted certificate profile created earlier for the Root CA Certificate| + |*Root Certificate*| Select **+Root Certificate** and select the trusted certificate profile created earlier for the Root CA Certificate.| |*Extended key usage*|
    • *Name:* **Smart Card Logon**
    • *Object Identifier:* `1.3.6.1.4.1.311.20.2.2`
    • *Predefined Values:* **Smart Card Logon**

    • *Name:* **Client Authentication**
    • *Object Identifier:* `1.3.6.1.5.5.7.3.2 `
    • *Predefined Values:* **Client Authentication**
    | - |*Renewal threshold (%)*|Configure a value of your choosing| - |*SCEP Server URLs*|Provide the public endpoint(s) that you configured during the deployment of your SCEP infrastructure| + |*Renewal threshold (%)*|Configure a value of your choosing.| + |*SCEP Server URLs*|Provide the public endpoint(s) that you configured during the deployment of your SCEP infrastructure.| -1. Select **Next** -1. In the *Assignments* panel, assign the policy to a security group that contains as members the devices or users that you want to configure and select **Next** -1. In the *Applicability Rules* panel, configure issuance restrictions, if needed, and select **Next** -1. In the *Review + create* panel, review the policy configuration and select **Create** +1. Select **Next**. +1. In the *Assignments* panel, assign the policy to a security group that contains as members the devices or users that you want to configure and select **Next**. +1. In the *Applicability Rules* panel, configure issuance restrictions, if needed, and select **Next**. +1. In the *Review + create* panel, review the policy configuration and select **Create**. For more information how to configure SCEP policies, see [Configure SCEP certificate profiles in Intune][MEM-3]. To configure PKCS policies, see [Configure and use PKCS certificate with Intune][MEM-4].
    -
    Request a certificate Once the Intune policy is created, targeted clients will request a certificate during their next policy refresh cycle. To validate that the certificate is present in the user store, follow these steps: -1. Sign in to a client targeted by the Intune policy -1. Open the **Certificates - Current User** Microsoft Management Console (MMC). To do so, you can execute the command `certmgr.msc` -1. In the left pane of the MMC, expand **Personal** and select **Certificates** -1. In the right-hand pane of the MMC, check for the new certificate +1. Sign in to a client targeted by the Intune policy. +1. Open the **Certificates - Current User** Microsoft Management Console (MMC). To do so, you can execute the command `certmgr.msc`. +1. In the left pane of the MMC, expand **Personal** and select **Certificates**. +1. In the right-hand pane of the MMC, check for the new certificate.
    @@ -187,9 +180,9 @@ After obtaining a certificate, users can RDP to any Windows devices in the same > [!NOTE] > The certificate chain of the issuing CA must be trusted by the target server. -1. Open the Remote Desktop Client (`mstsc.exe`) on the client where the authentication certificate has been deployed -1. Attempt an RDP session to a target server -1. Use the certificate credential protected by your Windows Hello for Business gesture to authenticate +1. Open the Remote Desktop Client (`mstsc.exe`) on the client where the authentication certificate has been deployed. +1. Attempt an RDP session to a target server. +1. Use the certificate credential protected by your Windows Hello for Business gesture to authenticate. [MEM-1]: /mem/intune/protect/certificates-scep-configure [MEM-2]: /mem/intune/protect/certificates-pfx-configure @@ -198,4 +191,4 @@ After obtaining a certificate, users can RDP to any Windows devices in the same [MEM-5]: /mem/intune/protect/certificates-trusted-root [MEM-6]: /mem/intune/protect/certificate-authority-add-scep-overview -[HTTP-1]: https://www.powershellgallery.com/packages/Generate-CertificateRequest \ No newline at end of file +[HTTP-1]: https://www.powershellgallery.com/packages/Generate-CertificateRequest From 46c544683e71f8741e4a64a039db1b689e2a3811 Mon Sep 17 00:00:00 2001 From: Angela Fleischmann Date: Wed, 16 Nov 2022 16:51:46 -0700 Subject: [PATCH 097/129] Update hello-deployment-rdp-certs.md Add html breaks back into the text before the expanding sections. --- .../hello-for-business/hello-deployment-rdp-certs.md | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/windows/security/identity-protection/hello-for-business/hello-deployment-rdp-certs.md b/windows/security/identity-protection/hello-for-business/hello-deployment-rdp-certs.md index ee4350d328..f03c067616 100644 --- a/windows/security/identity-protection/hello-for-business/hello-deployment-rdp-certs.md +++ b/windows/security/identity-protection/hello-for-business/hello-deployment-rdp-certs.md @@ -39,7 +39,7 @@ Windows Hello for Business supports using a certificate as the supplied credenti To deploy certificates using an on-premises Active Directory Certificate Services enrollment policy, you must first create a *certificate template*, and then deploy certificates based on that template. Expand the following sections to learn more about the process. - +
    Create a Windows Hello for Business certificate template @@ -90,6 +90,7 @@ Follow these steps to create a certificate template:
    +
    Request a certificate @@ -116,7 +117,7 @@ Deploying a certificate to Azure AD joined or hybrid Azure AD joined devices may Next, you should deploy the root CA certificate (and any other intermediate certificate authority certificates) to Azure AD joined Devices using a *Trusted root certificate* policy with Intune. For guidance, refer to [Create trusted certificate profiles in Microsoft Intune][MEM-5]. Once these requirements are met, a policy can be configured in Intune that provisions certificates for the users on the targeted device. - +
    Create a policy in Intune @@ -153,7 +154,7 @@ For more information how to configure SCEP policies, see [Configure SCEP certifi To configure PKCS policies, see [Configure and use PKCS certificate with Intune][MEM-4].
    - +
    Request a certificate Once the Intune policy is created, targeted clients will request a certificate during their next policy refresh cycle. To validate that the certificate is present in the user store, follow these steps: From 2cfea2498349b58dc7b54cd20125ee25b2ad0808 Mon Sep 17 00:00:00 2001 From: Angela Fleischmann Date: Wed, 16 Nov 2022 16:58:52 -0700 Subject: [PATCH 098/129] Update hello-deployment-rdp-certs.md Re-add more html breaks. --- .../hello-for-business/hello-deployment-rdp-certs.md | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/windows/security/identity-protection/hello-for-business/hello-deployment-rdp-certs.md b/windows/security/identity-protection/hello-for-business/hello-deployment-rdp-certs.md index f03c067616..c76d4169ea 100644 --- a/windows/security/identity-protection/hello-for-business/hello-deployment-rdp-certs.md +++ b/windows/security/identity-protection/hello-for-business/hello-deployment-rdp-certs.md @@ -24,6 +24,8 @@ This document describes Windows Hello for Business functionalities or scenarios ✅ **Trust type:** [cloud Kerberos trust](hello-hybrid-cloud-kerberos-trust.md), [key trust](hello-how-it-works-technology.md#key-trust)\. ✅ **Device registration type:** [Azure AD join](hello-how-it-works-technology.md#azure-active-directory-join), [Hybrid Azure AD join](hello-how-it-works-technology.md#hybrid-azure-ad-join). +
    + --- Windows Hello for Business supports using a certificate as the supplied credential, when establishing a remote desktop connection to another Windows device. This document discusses three approaches for *cloud Kerberos trust* and *key trust* deployments, where authentication certificates can be deployed to an existing Windows Hello for Business user: @@ -39,7 +41,9 @@ Windows Hello for Business supports using a certificate as the supplied credenti To deploy certificates using an on-premises Active Directory Certificate Services enrollment policy, you must first create a *certificate template*, and then deploy certificates based on that template. Expand the following sections to learn more about the process. +
    +
    Create a Windows Hello for Business certificate template @@ -91,6 +95,7 @@ Follow these steps to create a certificate template:

    +
    Request a certificate @@ -117,7 +122,9 @@ Deploying a certificate to Azure AD joined or hybrid Azure AD joined devices may Next, you should deploy the root CA certificate (and any other intermediate certificate authority certificates) to Azure AD joined Devices using a *Trusted root certificate* policy with Intune. For guidance, refer to [Create trusted certificate profiles in Microsoft Intune][MEM-5]. Once these requirements are met, a policy can be configured in Intune that provisions certificates for the users on the targeted device. +
    +
    Create a policy in Intune From 3aa9104b928d2d8eba566288d20a8749131b40a5 Mon Sep 17 00:00:00 2001 From: Angela Fleischmann Date: Wed, 16 Nov 2022 17:40:30 -0700 Subject: [PATCH 099/129] Revert "[WHFB] Experiment for data club" --- .../hello-deployment-rdp-certs.md | 309 +++++++++--------- .../hello-how-it-works-technology.md | 2 +- .../hello-hybrid-cloud-kerberos-trust.md | 2 +- .../hello-for-business/toc.yml | 116 +++---- 4 files changed, 217 insertions(+), 212 deletions(-) diff --git a/windows/security/identity-protection/hello-for-business/hello-deployment-rdp-certs.md b/windows/security/identity-protection/hello-for-business/hello-deployment-rdp-certs.md index c76d4169ea..85e91958b3 100644 --- a/windows/security/identity-protection/hello-for-business/hello-deployment-rdp-certs.md +++ b/windows/security/identity-protection/hello-for-business/hello-deployment-rdp-certs.md @@ -1,202 +1,207 @@ --- -title: Deploy certificates for remote desktop sign-in -description: Learn how to deploy certificates to cloud Kerberos trust and key trust users, to enable remote desktop sign-in with supplied credentials. +title: Deploying Certificates to Key Trust Users to Enable RDP +description: Learn how to deploy certificates to a Key Trust user to enable remote desktop with supplied credentials ms.prod: windows-client author: paolomatarazzo ms.author: paoloma manager: aaroncz -ms.reviewer: erikdau +ms.reviewer: prsriva ms.collection: - M365-identity-device-management - ContentEngagementFY23 -ms.topic: how-to +ms.topic: article localizationpriority: medium -ms.date: 11/15/2022 -appliesto: - - ✅ Windows 10 and later +ms.date: 02/22/2021 +appliesto: + - ✅ Windows 10 + - ✅ Windows 11 + - ✅ Hybrid deployment + - ✅ Key trust + - ✅ Cloud Kerberos trust ms.technology: itpro-security --- -# Deploy certificates for remote desktop (RDP) sign-in +# Deploy Certificates to Key Trust and Cloud Kerberos Trust Users to Enable RDP -This document describes Windows Hello for Business functionalities or scenarios that apply to:\ -✅ **Deployment type:** [hybrid](hello-how-it-works-technology.md#hybrid-deployment)\. -✅ **Trust type:** [cloud Kerberos trust](hello-hybrid-cloud-kerberos-trust.md), [key trust](hello-how-it-works-technology.md#key-trust)\. -✅ **Device registration type:** [Azure AD join](hello-how-it-works-technology.md#azure-active-directory-join), [Hybrid Azure AD join](hello-how-it-works-technology.md#hybrid-azure-ad-join). +Windows Hello for Business supports using a certificate as the supplied credential when establishing a remote desktop connection to a server or other device. For certificate trust deployments, creation of this certificate occurs at container creation time. -
    +This document discusses an approach for key trust and cloud Kerberos trust deployments where authentication certificates can be deployed to an existing WHFB user. ---- -Windows Hello for Business supports using a certificate as the supplied credential, when establishing a remote desktop connection to another Windows device. This document discusses three approaches for *cloud Kerberos trust* and *key trust* deployments, where authentication certificates can be deployed to an existing Windows Hello for Business user: +Three approaches are documented here: -- Deploy certificates to hybrid joined devices using an on-premises Active Directory Certificate Services enrollment policy -- Deploy certificates to hybrid or Azure AD-joined devices using Intune -- Work with third-party PKIs +1. Deploying a certificate to hybrid joined devices using an on-premises Active Directory certificate enrollment policy. -## Deploy certificates via Active Directory Certificate Services (AD CS) +1. Deploying a certificate to hybrid or Azure AD-joined devices using Simple Certificate Enrollment Protocol (SCEP) and Intune. -> [!NOTE] -> This process is applicable to *hybrid Azure AD joined* devices only. +1. Working with non-Microsoft enterprise certificate authorities. -To deploy certificates using an on-premises Active Directory Certificate Services enrollment policy, you must first create a *certificate template*, and then deploy certificates based on that template. +## Deploying a certificate to a hybrid joined device using an on-premises Active Directory Certificate enrollment policy -Expand the following sections to learn more about the process. +### Create a Windows Hello for Business certificate template -
    +1. Sign in to your issuing certificate authority (CA). -
    -Create a Windows Hello for Business certificate template +1. Open the **Certificate Authority** Console (%windir%\system32\certsrv.msc). -Follow these steps to create a certificate template: +1. In the left pane of the MMC, expand **Certification Authority (Local)**, and then expand your CA within the Certification Authority list. -1. Sign in to your issuing certificate authority (CA) and open *Server Manager*. -1. Select **Tools > Certification Authority**. The Certification Authority Microsoft Management Console (MMC) opens. -1. In the MMC, expand the CA name and right-click **Certificate Templates > Manage**. -1. The Certificate Templates console opens. All of the certificate templates are displayed in the details pane. -1. Right-click the **Smartcard Logon** template and select **Duplicate Template**. -1. Use the following table to configure the template: +1. Right-click **Certificate Templates** and then click **Manage** to open the **Certificate Templates** console. - | Tab Name | Configurations | - | --- | --- | - | *Compatibility* |
    • Clear the **Show resulting changes** check box.
    • Select **Windows Server 2012 or Windows Server 2012 R2** from the *Certification Authority list*.
    • Select **Windows Server 2012 or Windows Server 2012 R2** from the *Certification Recipient list*.
    | - | *General* |
    • Specify a **Template display name**, for example *WHfB Certificate Authentication*.
    • Set the validity period to the desired value.
    • Take note of the Template name for later, which should be the same as the Template display name minus spaces (*WHfBCertificateAuthentication* in this example).
    | - | *Extensions* | Verify the **Application Policies** extension includes **Smart Card Logon**.| - | *Subject Name* |
    • Select the **Build from this Active Directory** information button if it isn't already selected.
    • Select **Fully distinguished name** from the **Subject name format** list if Fully distinguished name isn't already selected.
    • Select the **User Principal Name (UPN)** check box under **Include this information in alternative subject name**.
    | - |*Request Handling*|
    • Set the Purpose to **Signature and smartcard logon** and select **Yes** when prompted to change the certificate purpose.
    • Select the **Renew with same key** check box.
    • Select **Prompt the user during enrollment**.
    | - |*Cryptography*|
    • Set the Provider Category to **Key Storage Provider**.
    • Set the Algorithm name to **RSA**.
    • Set the minimum key size to **2048**.
    • Select **Requests must use one of the following providers**.
    • Select **Microsoft Software Key Storage Provider**.
    • Set the Request hash to **SHA256**.
    | - |*Security*|Add the security group that you want to give **Enroll** access to. For example, if you want to give access to all users, select the **Authenticated** users group, and then select Enroll permissions for them.| +1. Right-click the **Smartcard Logon** template and click **Duplicate Template** + + ![Duplicating Smartcard Template.](images/rdpcert/duplicatetemplate.png) + +1. On the **Compatibility** tab: + 1. Clear the **Show resulting changes** check box + 1. Select **Windows Server 2012 or Windows Server 2012 R2** from the Certification Authority list + 1. Select **Windows Server 2012 or Windows Server 2012 R2** from the Certification Recipient list + +1. On the **General** tab: + 1. Specify a Template display name, such as **WHfB Certificate Authentication** + 1. Set the validity period to the desired value + 1. Take note of the Template name for later, which should be the same as the Template display name minus spaces (**WHfBCertificateAuthentication** in this example). + +1. On the **Extensions** tab, verify the **Application Policies** extension includes **Smart Card Logon**. + +1. On the **Subject Name** tab: + 1. Select the **Build from this Active Directory** information button if it is not already selected + 1. Select **Fully distinguished name** from the **Subject name format** list if Fully distinguished name is not already selected + 1. Select the **User Principal Name (UPN)** check box under **Include this information in alternative subject name** +1. On the **Request Handling** tab: + 1. Select the **Renew with same key** check box + 1. Set the Purpose to **Signature and smartcard logon** + 1. Click **Yes** when prompted to change the certificate purpose + 1. Click **Prompt the user during enrollment** + +1. On the **Cryptography** tab: + 1. Set the Provider Category to **Key Storage Provider** + 1. Set the Algorithm name to **RSA** + 1. Set the minimum key size to **2048** + 1. Select **Requests must use one of the following providers** + 1. Tick **Microsoft Software Key Storage Provider** + 1. Set the Request hash to **SHA256** + +1. On the **Security** tab, add the security group that you want to give **Enroll** access to. For example, if you want to give access to all users, select the **Authenticated** users group, and then select Enroll permissions for them. + +1. Click **OK** to finalize your changes and create the new template. Your new template should now appear in the list of Certificate Templates. -1. Select **OK** to finalize your changes and create the new template. Your new template should now appear in the list of Certificate Templates. 1. Close the Certificate Templates console. -1. Open an elevated command prompt and change to a temporary working directory. -1. Execute the following command, replacing `` with the **Template display name** noted above. - ```cmd - certutil.exe -dstemplate > - ``` +1. Open an elevated command prompt and change to a temporary working directory. + +1. Execute the following command: + + `certutil -dstemplate \ \> \.txt` + + Replace \ with the Template name you took note of earlier in step 7. 1. Open the text file created by the command above. - - Delete the last line of the output from the file that reads\ - `CertUtil: -dsTemplate command completed successfully.` - - Modify the line that reads\ - `pKIDefaultCSPs = "1,Microsoft Software Key Storage Provider"` to\ - `pKIDefaultCSPs = "1,Microsoft Passport Key Storage Provider"`. + 1. Delete the last line of the output from the file that reads **CertUtil: -dsTemplate command completed successfully.** + 1. Modify the line that reads **pKIDefaultCSPs = "1,Microsoft Software Key Storage Provider"** to **pKIDefaultCSPs = "1,Microsoft Passport Key Storage Provider"** + 1. Save the text file. + 1. Update the certificate template by executing the following command: - ```cmd - certutil.exe -dsaddtemplate - ``` + certutil -dsaddtemplate \.txt -1. In the Certificate Authority console, right-click **Certificate Templates**, select **New > Certificate Template to Issue**. -1. From the list of templates, select the template you previously created (**WHFB Certificate Authentication**) and select **OK**. It can take some time for the template to replicate to all servers and become available in this list. -1. After the template replicates, in the MMC, right-click in the Certification Authority list, select **All Tasks > Stop Service**. Right-click the name of the CA again, select **All Tasks > Start Service**. +1. In the Certificate Authority console, right-click **Certificate Templates**, select **New**, and select **Certificate Template to Issue** -
    + ![Selecting Certificate Template to Issue.](images/rdpcert/certificatetemplatetoissue.png) -
    +1. From the list of templates, select the template you previously created (**WHFB Certificate Authentication**) and click **OK**. It can take some time for the template to replicate to all servers and become available in this list. -
    -Request a certificate +1. After the template replicates, in the MMC, right-click in the Certification Authority list, click **All Tasks** and then click **Stop Service**. Right-click the name of the CA again, click **All Tasks**, and then click **Start Service**. -1. Sign in to a client that is hybrid Azure AD joined, ensuring that the client has line of sight to a domain controller and the issuing CA. -1. Open the **Certificates - Current User** Microsoft Management Console (MMC). To do so, you can execute the command `certmgr.msc`. -1. In the left pane of the MMC, right-click **Personal > All Tasks > Request New Certificate…**. -1. On the Certificate Enrollment screen, select **Next**. -1. Under *Select Certificate Enrollment Policy*, select **Active Directory Enrollment Policy > Next**. -1. Under *Request Certificates*, select the check-box for the certificate template you created in the previous section (*WHfB Certificate Authentication*) and then select **Enroll**. -1. After a successful certificate request, select **Finish** on the Certificate Installation Results screen. +### Requesting a Certificate -
    +1. Ensure the hybrid Azure AD joined device has network line of sight to Active Directory domain controllers and the issuing certificate authority. -## Deploy certificates via Intune +1. Start the **Certificates – Current User** console (%windir%\system32\certmgr.msc). + +1. In the left pane of the MMC, right-click **Personal**, click **All Tasks**, and then click **Request New Certificate…** + + ![Request a new certificate.](images/rdpcert/requestnewcertificate.png) + +1. On the Certificate Enrollment screen, click **Next**. + +1. Under Select Certificate Enrollment Policy, ensure **Active Directory Enrollment Policy** is selected and then click **Next**. + +1. Under Request Certificates, click the check-box next to the certificate template you created in the previous section (WHfB Certificate Authentication) and then click **Enroll**. + +1. After a successful certificate request, click Finish on the Certificate Installation Results screen + +## Deploying a certificate to Hybrid or Azure AD Joined Devices using Simple Certificate Enrollment Protocol (SCEP) via Intune + +Deploying a certificate to Azure AD Joined Devices may be achieved with the Simple Certificate Enrollment Protocol (SCEP) via Intune. For guidance deploying the required infrastructure, refer to [Configure infrastructure to support SCEP certificate profiles with Microsoft Intune](/mem/intune/protect/certificates-scep-configure). + +Next you should deploy the root CA certificate (and any other intermediate certificate authority certificates) to Azure AD Joined Devices using a Trusted root certificate profile with Intune. For guidance, refer to [Create trusted certificate profiles in Microsoft Intune](/mem/intune/protect/certificates-trusted-root). + +Once these requirements have been met, a new device configuration profile may be configured from Intune that provisions a certificate for the user of the device. Proceed as follows: + +1. Sign in to the Microsoft [Endpoint Manager admin center](https://go.microsoft.com/fwlink/?linkid=2109431). + +1. Navigate to Devices \> Configuration Profiles \> Create profile. + +1. Enter the following properties: + 1. For Platform, select **Windows 10 and later**. + 1. For Profile, select **SCEP Certificate**. + 1. Click **Create**. + +1. In **Basics**, enter the following parameters: + 1. **Name**: Enter a descriptive name for the profile. Name your profiles so you can easily identify them later. For example, a good profile name is SCEP profile for entire company. + 1. **Description**: Enter a description for the profile. This setting is optional, but recommended. + 1. Select **Next**. + +1. In the **Configuration settings**, complete the following: + 1. For Certificate Type, choose **User**. + 1. For Subject name format, set it to **CN={{UserPrincipalName}}**. + 1. Under Subject alternative name, select **User principal name (UPN)** from the drop-down menu and set the value to **CN={{UserPrincipalName}}**. + 1. For Certificate validity period, set a value of your choosing. + 1. For Key storage provider (KSP), choose **Enroll to Windows Hello for Business, otherwise fail (Windows 10 and later)**. + 1. For Key usage, choose **Digital Signature**. + 1. For Key size (bits), choose **2048**. + 1. For Hash algorithm, choose **SHA-2**. + 1. Under Root Certificate, click **+Root Certificate** and select the trusted certificate profile you created earlier for the Root CA Certificate. + 1. Under Extended key usage, add the following: + + | Name | Object Identifier | Predefined Values | + |------|-------------------|-------------------| + | Smart Card Logon | 1.3.6.1.4.1.311.20.2.2 | Smart Card Logon | + | Client Authentication | 1.3.6.1.5.5.7.3.2 | Client Authentication | + + 1. For Renewal threshold (%), set a value of your choosing. + 1. For SCEP Server URLs, provide the public endpoint that you configured during the deployment of your SCEP infrastructure. + 1. Click **Next** +1. In Assignments, target the devices or users who should receive a certificate and click **Next** + +1. In Applicability Rules, provide additional issuance restrictions if required and click **Next** + +1. In Review + create, click **Create** + +Once the configuration profile has been created, targeted clients will receive the profile from Intune on their next refresh cycle. You should find a new certificate in the user store. To validate the certificate is present, do the following steps: + +1. Open the Certificates - Current User console (%windir%\system32\certmgr.msc) + +1. In the left pane of the MMC, expand **Personal** and select **Certificates** + +1. In the right-hand pane of the MMC, check for the new certificate > [!NOTE] -> This process is applicable to both *Azure AD joined* and *hybrid Azure AD joined* devices that are managed via Intune. +> This infrastructure may also deploy the same certificates to co-managed or modern-managed Hybrid Azure Active Directory-Joined devices using Intune Policies. -Deploying a certificate to Azure AD joined or hybrid Azure AD joined devices may be achieved using the Simple Certificate Enrollment Protocol (SCEP) or PKCS (PFX) via Intune. For guidance deploying the required infrastructure, refer to: +## Using non-Microsoft Enterprise Certificate Authorities -- [Configure infrastructure to support SCEP certificate profiles with Microsoft Intune][MEM-1]. -- [Configure and use PKCS certificates with Intune][MEM-2]. +If you are using a Public Key Infrastructure that uses non-Microsoft services, the certificate templates published to the on-premises Active Directory may not be available. For guidance with integration of Intune/SCEP with non-Microsoft PKI deployments, refer to [Use third-party certification authorities (CA) with SCEP in Microsoft Intune](/mem/intune/protect/certificate-authority-add-scep-overview). -Next, you should deploy the root CA certificate (and any other intermediate certificate authority certificates) to Azure AD joined Devices using a *Trusted root certificate* policy with Intune. For guidance, refer to [Create trusted certificate profiles in Microsoft Intune][MEM-5]. +As an alternative to using SCEP or if none of the previously covered solutions will work in your environment, you can manually generate Certificate Signing Requests (CSR) for submission to your PKI. To assist with this approach, you can use the [Generate-CertificateRequest](https://www.powershellgallery.com/packages/Generate-CertificateRequest) PowerShell commandlet. -Once these requirements are met, a policy can be configured in Intune that provisions certificates for the users on the targeted device. +The Generate-CertificateRequest commandlet will generate an .inf file for a pre-existing Windows Hello for Business key. The .inf can be used to generate a certificate request manually using certreq.exe. The commandlet will also generate a .req file, which can be submitted to your PKI for a certificate. -
    +## RDP Sign-in with Windows Hello for Business Certificate Authentication -
    -Create a policy in Intune +After adding the certificate using an approach from any of the previous sections, you should be able to RDP to any Windows device or server in the same Forest as the user’s on-premises Active Directory account, provided the PKI certificate chain for the issuing certificate authority is deployed to that target server. -This section describes how to configure a SCEP policy in Intune. Similar steps can be followed to configure a PKCS policy. - -1. Go to the Microsoft Endpoint Manager admin center. -1. Select **Devices > Configuration profiles > Create profile**. -1. Select **Platform > Windows 10 and later** and **Profile type > Templates > SCEP Certificate**. -1. Select **Create**. -1. In the *Basics* panel, provide a **Name** and, optionally, a **Description > Next**. -1. In the *Configuration settings* panel, use the following table to configure the policy: - - | Setting| Configurations | - | --- | --- | - |*Certificate Type*| User | - |*Subject name format* | `CN={{UserPrincipalName}}` | - |*Subject alternative name* |From the dropdown, select **User principal name (UPN)** with a value of `CN={{UserPrincipalName}}`.| - |*Certificate validity period* | Configure a value of your choosing| - |*Key storage provider (KSP)* | **Enroll to Windows Hello for Business, otherwise fail (Windows 10 and later)**.| - |*Key usage*| **Digital Signature**| - |*Key size (bits)* | **2048**| - |*For Hash algorithm*|**SHA-2**| - |*Root Certificate*| Select **+Root Certificate** and select the trusted certificate profile created earlier for the Root CA Certificate.| - |*Extended key usage*|
    • *Name:* **Smart Card Logon**
    • *Object Identifier:* `1.3.6.1.4.1.311.20.2.2`
    • *Predefined Values:* **Smart Card Logon**

    • *Name:* **Client Authentication**
    • *Object Identifier:* `1.3.6.1.5.5.7.3.2 `
    • *Predefined Values:* **Client Authentication**
    | - |*Renewal threshold (%)*|Configure a value of your choosing.| - |*SCEP Server URLs*|Provide the public endpoint(s) that you configured during the deployment of your SCEP infrastructure.| - -1. Select **Next**. -1. In the *Assignments* panel, assign the policy to a security group that contains as members the devices or users that you want to configure and select **Next**. -1. In the *Applicability Rules* panel, configure issuance restrictions, if needed, and select **Next**. -1. In the *Review + create* panel, review the policy configuration and select **Create**. - -For more information how to configure SCEP policies, see [Configure SCEP certificate profiles in Intune][MEM-3]. -To configure PKCS policies, see [Configure and use PKCS certificate with Intune][MEM-4]. - -
    -
    -
    -Request a certificate -Once the Intune policy is created, targeted clients will request a certificate during their next policy refresh cycle. To validate that the certificate is present in the user store, follow these steps: - -1. Sign in to a client targeted by the Intune policy. -1. Open the **Certificates - Current User** Microsoft Management Console (MMC). To do so, you can execute the command `certmgr.msc`. -1. In the left pane of the MMC, expand **Personal** and select **Certificates**. -1. In the right-hand pane of the MMC, check for the new certificate. - -
    - -## Use third-party certification authorities - -If you're using a non-Microsoft PKI, the certificate templates published to the on-premises Active Directory may not be available. For guidance with integration of Intune/SCEP with non-Microsoft PKI deployments, refer to [Use third-party certification authorities (CA) with SCEP in Microsoft Intune][MEM-6]. - -As an alternative to using SCEP or if none of the previously covered solutions will work in your environment, you can manually generate Certificate Signing Requests (CSR) for submission to your PKI. To assist with this approach, you can use the [Generate-CertificateRequest][HTTP-1] PowerShell commandlet. - -The `Generate-CertificateRequest` commandlet will generate an *.inf* file for a pre-existing Windows Hello for Business key. The *.inf* can be used to generate a certificate request manually using `certreq.exe`. The commandlet will also generate a *.req* file, which can be submitted to your PKI for a certificate. - -## RDP sign-in with Windows Hello for Business certificate authentication - -After obtaining a certificate, users can RDP to any Windows devices in the same Active Directory forest as the user's Active Directory account. - -> [!NOTE] -> The certificate chain of the issuing CA must be trusted by the target server. - -1. Open the Remote Desktop Client (`mstsc.exe`) on the client where the authentication certificate has been deployed. +1. Open the Remote Desktop Client (%windir%\system32\mstsc.exe) on the Hybrid Azure Active Directory-Joined client where the authentication certificate has been deployed. 1. Attempt an RDP session to a target server. -1. Use the certificate credential protected by your Windows Hello for Business gesture to authenticate. - -[MEM-1]: /mem/intune/protect/certificates-scep-configure -[MEM-2]: /mem/intune/protect/certificates-pfx-configure -[MEM-3]: /mem/intune/protect/certificates-profile-scep -[MEM-4]: /mem/intune/protect/certificates-pfx-configure -[MEM-5]: /mem/intune/protect/certificates-trusted-root -[MEM-6]: /mem/intune/protect/certificate-authority-add-scep-overview - -[HTTP-1]: https://www.powershellgallery.com/packages/Generate-CertificateRequest +1. Use the certificate credential protected by your Windows Hello for Business gesture. diff --git a/windows/security/identity-protection/hello-for-business/hello-how-it-works-technology.md b/windows/security/identity-protection/hello-for-business/hello-how-it-works-technology.md index f48952acdf..719c27216d 100644 --- a/windows/security/identity-protection/hello-for-business/hello-how-it-works-technology.md +++ b/windows/security/identity-protection/hello-for-business/hello-how-it-works-technology.md @@ -194,7 +194,7 @@ If your environment has an on-premises AD footprint and you also want benefit fr ## Hybrid deployment -The Windows Hello for Business hybrid deployment is for organizations that have both on-premises and cloud resources that are accessed using a managed or federated identity that's synchronized with Azure AD. Hybrid deployments support devices that are Azure AD-registered, Azure AD-joined, and hybrid Azure AD-joined. The Hybrid deployment model supports three trust types for on-premises authentication: cloud Kerberos trust, key trust and certificate trust. +The Windows Hello for Business hybrid deployment is for organizations that have both on-premises and cloud resources that are accessed using a managed or federated identity that's synchronized with Azure AD. Hybrid deployments support devices that are Azure AD-registered, Azure AD-joined, and hybrid Azure AD-joined. The Hybrid deployment model supports two trust types for on-premises authentication, key trust and certificate trust. ### Related to hybrid deployment diff --git a/windows/security/identity-protection/hello-for-business/hello-hybrid-cloud-kerberos-trust.md b/windows/security/identity-protection/hello-for-business/hello-hybrid-cloud-kerberos-trust.md index beaa22b78b..d9cd8d2065 100644 --- a/windows/security/identity-protection/hello-for-business/hello-hybrid-cloud-kerberos-trust.md +++ b/windows/security/identity-protection/hello-for-business/hello-hybrid-cloud-kerberos-trust.md @@ -5,7 +5,7 @@ ms.prod: windows-client author: paolomatarazzo ms.author: paoloma manager: aaroncz -ms.reviewer: erikdau +ms.reviewer: prsriva ms.collection: M365-identity-device-management ms.topic: article localizationpriority: medium diff --git a/windows/security/identity-protection/hello-for-business/toc.yml b/windows/security/identity-protection/hello-for-business/toc.yml index 14efe63a1e..2c22050ab0 100644 --- a/windows/security/identity-protection/hello-for-business/toc.yml +++ b/windows/security/identity-protection/hello-for-business/toc.yml @@ -2,12 +2,12 @@ href: index.yml - name: Overview items: - - name: Windows Hello for Business overview + - name: Windows Hello for Business Overview href: hello-overview.md - name: Concepts expanded: true items: - - name: Passwordless strategy + - name: Passwordless Strategy href: passwordless-strategy.md - name: Why a PIN is better than a password href: hello-why-pin-is-better-than-password.md @@ -15,7 +15,7 @@ href: hello-biometrics-in-enterprise.md - name: How Windows Hello for Business works href: hello-how-it-works.md - - name: Technical deep dive + - name: Technical Deep Dive items: - name: Provisioning href: hello-how-it-works-provisioning.md @@ -25,93 +25,93 @@ href: webauthn-apis.md - name: How-to Guides items: - - name: Windows Hello for Business deployment overview + - name: Windows Hello for Business Deployment Overview href: hello-deployment-guide.md - - name: Planning a Windows Hello for Business deployment + - name: Planning a Windows Hello for Business Deployment href: hello-planning-guide.md - - name: Deployment prerequisite overview + - name: Deployment Prerequisite Overview href: hello-identity-verification.md - name: Prepare people to use Windows Hello href: hello-prepare-people-to-use.md - - name: Deployment guides + - name: Deployment Guides items: - - name: Hybrid cloud Kerberos trust deployment + - name: Hybrid Cloud Kerberos Trust Deployment href: hello-hybrid-cloud-kerberos-trust.md - - name: Azure AD join + - name: Hybrid Azure AD Joined Key Trust items: - - name: Cloud-only deployment - href: hello-aad-join-cloud-only-deploy.md - - name: On-premises SSO for Azure AD joined devices - href: hello-hybrid-aadj-sso.md - - name: Configure Azure AD joined devices for on-premises SSO - href: hello-hybrid-aadj-sso-base.md - - name: Using certificates for on-premises SSO - href: hello-hybrid-aadj-sso-cert.md - - name: Hybrid Azure AD join with key trust - items: - - name: Key trust deployment + - name: Hybrid Azure AD Joined Key Trust Deployment href: hello-hybrid-key-trust.md - name: Prerequisites href: hello-hybrid-key-trust-prereqs.md - - name: New installation baseline + - name: New Installation Baseline href: hello-hybrid-key-new-install.md - - name: Configure directory synchronization + - name: Configure Directory Synchronization href: hello-hybrid-key-trust-dirsync.md - - name: Configure Azure AD device registration + - name: Configure Azure Device Registration href: hello-hybrid-key-trust-devreg.md - name: Configure Windows Hello for Business settings href: hello-hybrid-key-whfb-settings.md - - name: Sign-in and provisioning + - name: Sign-in and Provisioning href: hello-hybrid-key-whfb-provision.md - - name: Hybrid Azure AD join with certificate trust + - name: Hybrid Azure AD Joined Certificate Trust items: - - name: Certificate trust deployment + - name: Hybrid Azure AD Joined Certificate Trust Deployment href: hello-hybrid-cert-trust.md - name: Prerequisites href: hello-hybrid-cert-trust-prereqs.md - - name: New installation baseline + - name: New Installation Baseline href: hello-hybrid-cert-new-install.md - - name: Configure Azure AD device registration + - name: Configure Azure Device Registration href: hello-hybrid-cert-trust-devreg.md - name: Configure Windows Hello for Business settings href: hello-hybrid-cert-whfb-settings.md - - name: Sign-in and provisioning + - name: Sign-in and Provisioning href: hello-hybrid-cert-whfb-provision.md - - name: Active Directory domain join with key trust + - name: On-premises SSO for Azure AD Joined Devices items: - - name: Key trust deployment + - name: On-premises SSO for Azure AD Joined Devices Deployment + href: hello-hybrid-aadj-sso.md + - name: Configure Azure AD joined devices for On-premises Single-Sign On using Windows Hello for Business + href: hello-hybrid-aadj-sso-base.md + - name: Using Certificates for AADJ On-premises Single-sign On + href: hello-hybrid-aadj-sso-cert.md + - name: On-premises Key Trust + items: + - name: On-premises Key Trust Deployment href: hello-deployment-key-trust.md - - name: Validate Active Directory prerequisites + - name: Validate Active Directory Prerequisites href: hello-key-trust-validate-ad-prereq.md - - name: Validate and configure Public Key Infrastructure (PKI) + - name: Validate and Configure Public Key Infrastructure href: hello-key-trust-validate-pki.md - - name: Prepare and deploy Active Directory Federation Services (AD FS) + - name: Prepare and Deploy Windows Server 2016 Active Directory Federation Services href: hello-key-trust-adfs.md - - name: Validate and deploy multi-factor authentication (MFA) services + - name: Validate and Deploy Multi-factor Authentication (MFA) Services href: hello-key-trust-validate-deploy-mfa.md - name: Configure Windows Hello for Business policy settings href: hello-key-trust-policy-settings.md - - name: Active Directory domain join with certificate trust + - name: On-premises Certificate Trust items: - - name: Certificate trust deployment + - name: On-premises Certificate Trust Deployment href: hello-deployment-cert-trust.md - - name: Validate Active Directory prerequisites + - name: Validate Active Directory Prerequisites href: hello-cert-trust-validate-ad-prereq.md - - name: Validate and configure Public Key Infrastructure (PKI) + - name: Validate and Configure Public Key Infrastructure href: hello-cert-trust-validate-pki.md - - name: Prepare and Deploy Active Directory Federation Services (AD FS) + - name: Prepare and Deploy Windows Server 2016 Active Directory Federation Services href: hello-cert-trust-adfs.md - - name: Validate and deploy multi-factor authentication (MFA) services + - name: Validate and Deploy Multi-factor Authentication (MFA) Services href: hello-cert-trust-validate-deploy-mfa.md - name: Configure Windows Hello for Business policy settings href: hello-cert-trust-policy-settings.md - - name: Deploy certificates for RDP sign-in + - name: Azure AD join cloud only deployment + href: hello-aad-join-cloud-only-deploy.md + - name: Managing Windows Hello for Business in your organization + href: hello-manage-in-organization.md + - name: Deploying Certificates to Key Trust Users to Enable RDP href: hello-deployment-rdp-certs.md - - name: Manage Windows Hello for Business in your organization - href: hello-manage-in-organization.md - - name: Windows Hello for Business features + - name: Windows Hello for Business Features items: - - name: Conditional access + - name: Conditional Access href: hello-feature-conditional-access.md - name: PIN Reset href: hello-feature-pin-reset.md @@ -121,21 +121,21 @@ href: hello-feature-dynamic-lock.md - name: Multi-factor Unlock href: feature-multifactor-unlock.md - - name: Remote desktop (RDP) sign-in + - name: Remote Desktop href: hello-feature-remote-desktop.md -- name: Troubleshooting - items: - - name: Known deployment issues - href: hello-deployment-issues.md - - name: Errors during PIN creation - href: hello-errors-during-pin-creation.md - - name: Event ID 300 - Windows Hello successfully created - href: hello-event-300.md - - name: Windows Hello and password changes - href: hello-and-password-changes.md + - name: Troubleshooting + items: + - name: Known Deployment Issues + href: hello-deployment-issues.md + - name: Errors During PIN Creation + href: hello-errors-during-pin-creation.md + - name: Event ID 300 - Windows Hello successfully created + href: hello-event-300.md + - name: Windows Hello and password changes + href: hello-and-password-changes.md - name: Reference items: - - name: Technology and terminology + - name: Technology and Terminology href: hello-how-it-works-technology.md - name: Frequently Asked Questions (FAQ) href: hello-faq.yml From 143cbcdd8033229ddd042d0ee664826a076b9a62 Mon Sep 17 00:00:00 2001 From: Frank Rojas <45807133+frankroj@users.noreply.github.com> Date: Wed, 16 Nov 2022 20:32:10 -0500 Subject: [PATCH 100/129] Metadata/style update BitLocker 17 --- .../ts-bitlocker-network-unlock-issues.md | 30 +- .../bitlocker/ts-bitlocker-recovery-issues.md | 258 ++++++++++-------- .../bitlocker/ts-bitlocker-tpm-issues.md | 66 +++-- 3 files changed, 199 insertions(+), 155 deletions(-) diff --git a/windows/security/information-protection/bitlocker/ts-bitlocker-network-unlock-issues.md b/windows/security/information-protection/bitlocker/ts-bitlocker-network-unlock-issues.md index babc9f17b3..384f9c1f8a 100644 --- a/windows/security/information-protection/bitlocker/ts-bitlocker-network-unlock-issues.md +++ b/windows/security/information-protection/bitlocker/ts-bitlocker-network-unlock-issues.md @@ -1,6 +1,6 @@ --- title: BitLocker Network Unlock known issues -description: Describes several known issues that you may encounter while using Network Unlock, and provided guidance for addressing those issues. +description: Describes several known issues that may be encountered while using Network Unlock, and provided guidance for addressing those issues. ms.technology: itpro-security ms.prod: windows-client ms.localizationpriority: medium @@ -16,16 +16,16 @@ ms.date: 11/08/2022 # BitLocker Network Unlock: known issues -By using the BitLocker Network Unlock feature, you can manage computers remotely without having to enter a BitLocker PIN when each computer starts up. To configure this behavior, your environment needs to meet the following requirements: +By using the BitLocker Network Unlock feature, computers can be managed remotely without having to enter a BitLocker PIN when each computer starts up. To configure this behavior, the environment needs to meet the following requirements: - Each computer belongs to a domain. - Each computer has a wired connection to the internal network. - The internal network uses DHCP to manage IP addresses. - Each computer has a DHCP driver implemented in its Unified Extensible Firmware Interface (UEFI) firmware. -For general guidelines about how to troubleshoot Network Unlock, see [How to enable Network Unlock: Troubleshoot Network Unlock](./bitlocker-how-to-enable-network-unlock.md#troubleshoot-network-unlock). +For general guidelines about how to troubleshoot BitLocker Network Unlock, see [How to enable Network Unlock: Troubleshoot Network Unlock](./bitlocker-how-to-enable-network-unlock.md#troubleshoot-network-unlock). -This article describes several known issues that you may encounter when you use Network Unlock, and provides guidance to address these issues. +This article describes several known issues that may be encountered when BitLocker Network Unlock is used and provides guidance to address these issues. > [!TIP] > BitLocker Network Unlock can be detected if it is enabled on a specific computer use the following steps on UEFI computers: @@ -56,32 +56,36 @@ This article describes several known issues that you may encounter when you use > > `HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\SystemCertificates\FVE_NKP\Certificates` > -> has an entry whose name matches the name of the certificate thumbprint of the Network Unlock key protector that you found in step 1. +> has an entry whose name matches the name of the certificate thumbprint of the BitLocker Network Unlock key protector that was found in step 1. ## On a Surface Pro 4 device, BitLocker Network Unlock doesn't work because the UEFI network stack is incorrectly configured -You've configured BitLocker Network Unlock as described in [BitLocker: How to enable Network Unlock](/windows/device-security/bitlocker/bitlocker-how-to-enable-network-unlock). You've configured the UEFI of the device to use DHCP. However, when you restart the device, it still prompts you for the BitLocker PIN. +Consider the following scenario: -You test another device, such as a different type of tablet or laptop PC that's configured to use the same infrastructure. The device restarts as expected, without prompting for the BitLocker PIN. You conclude that the infrastructure is correctly configured, and the issue is specific to the device. +BitLocker Network Unlock has been configured as described in [BitLocker: How to enable Network Unlock](/windows/device-security/bitlocker/bitlocker-how-to-enable-network-unlock). UEFI of a Surface Pro 4 has been configured to use DHCP. However, when the Surface Pro 4 is restarted, it still prompts for a BitLocker PIN. + +When testing another device, such as a different type of tablet or laptop PC that's configured to use the same infrastructure, the device restarts as expected, without prompting for the BitLocker PIN. This test confirms that the infrastructure is correctly configured, and the issue is specific to the device. ### Cause of BitLocker Network Unlock not working on Surface Pro 4 -The UEFI network stack on the device was incorrectly configured. +The UEFI network stack on the device is incorrectly configured. ### Resolution for BitLocker Network Unlock not working on Surface Pro 4 -To correctly configure the UEFI network stack of the Surface Pro 4, you have to use Microsoft Surface Enterprise Management Mode (SEMM). For information about SEMM, see [Enroll and configure Surface devices with SEMM](/surface/enroll-and-configure-surface-devices-with-semm). +To correctly configure the UEFI network stack of the Surface Pro 4, the Microsoft Surface Enterprise Management Mode (SEMM) needs to be used. For information about SEMM, see [Enroll and configure Surface devices with SEMM](/surface/enroll-and-configure-surface-devices-with-semm). > [!NOTE] -> If you cannot use SEMM, you may be able to configure the Surface Pro 4 to use BitLocker Network Unlock by configuring the device to use the network as its first boot option. +> If SEMM can't be used, the Surface Pro 4 may be able to use BitLocker Network Unlock by configuring the Surface Pro 4 to use the network as its first boot option. ## Unable to use BitLocker Network Unlock feature on a Windows client computer -You have configured BitLocker Network Unlock as described in [BitLocker: How to enable Network Unlock](/windows/device-security/bitlocker/bitlocker-how-to-enable-network-unlock). You have a Windows 8 client computer that is connected to the internal network with an ethernet cable. However, when you restart the computer, it still prompts you for the BitLocker PIN. +Consider the following scenario: + +BitLocker Network Unlock has been configured as described in [BitLocker: How to enable Network Unlock](/windows/device-security/bitlocker/bitlocker-how-to-enable-network-unlock). A Windows 8 client computer is connected to the internal network with an ethernet cable. However, when the device is restarted, the device still prompts for the BitLocker PIN. ### Cause of unable to use BitLocker Network Unlock feature on a Windows client computer -A Windows 8-based or Windows Server 2012-based client computer sometimes doesn't receive or use the Network Unlock protector, depending on whether the client receives unrelated BOOTP replies from a DHCP server or WDS server. +A Windows 8-based or Windows Server 2012-based client computer sometimes doesn't receive or use the BitLocker Network Unlock protector, depending on whether the client receives unrelated BOOTP replies from a DHCP server or WDS server. DHCP servers may send any DHCP options to a BOOTP client as allowed by the DHCP options and BOOTP vendor extensions. This behavior means that because a DHCP server supports BOOTP clients, the DHCP server replies to BOOTP requests. @@ -90,7 +94,7 @@ The manner in which a DHCP server handles an incoming message depends in part on - The first two messages that the BitLocker Network Unlock client sends are DHCP DISCOVER\REQUEST messages. They use the Message Type option, so the DHCP server treats them as DHCP messages. - The third message that the BitLocker Network Unlock client sends doesn't have the Message Type option. The DHCP server treats the message as a BOOTP request. -A DHCP server that supports BOOTP clients must interact with those clients according to the BOOTP protocol. The server must create a BOOTP BOOTREPLY message instead of a DHCP DHCPOFFER message. (In other words, the server must not include the DHCP message option type and must not exceed the size limit for BOOTREPLY messages.) After the server sends the BOOTP BOOTREPLY message, the server marks a binding for a BOOTP client as BOUND. A non-DHCP client doesn't send a DHCPREQUEST message, nor does that client expect a DHCPACK message. +A DHCP server that supports BOOTP clients must interact with those clients according to the BOOTP protocol. The server must create a BOOTP BOOTREPLY message instead of a DHCP DHCPOFFER message. In other words, the server must not include the DHCP message option type and must not exceed the size limit for BOOTREPLY messages. After the server sends the BOOTP BOOTREPLY message, the server marks a binding for a BOOTP client as BOUND. A non-DHCP client doesn't send a DHCPREQUEST message, nor does that client expect a DHCPACK message. If a DHCP server that isn't configured to support BOOTP clients receives a BOOTREQUEST message from a BOOTP client, that server silently discards the BOOTREQUEST message. diff --git a/windows/security/information-protection/bitlocker/ts-bitlocker-recovery-issues.md b/windows/security/information-protection/bitlocker/ts-bitlocker-recovery-issues.md index 3fb0214e92..5292df2a16 100644 --- a/windows/security/information-protection/bitlocker/ts-bitlocker-recovery-issues.md +++ b/windows/security/information-protection/bitlocker/ts-bitlocker-recovery-issues.md @@ -18,16 +18,16 @@ ms.custom: bitlocker # BitLocker recovery: known issues -This article describes common issues that may prevent BitLocker from behaving as expected when you recover a drive, or that may cause BitLocker to start recovery unexpectedly. The article also provides guidance to address these issues. +This article describes common issues that may prevent BitLocker from behaving as expected when a drive is recovered, or that may cause BitLocker to start recovery unexpectedly. The article also provides guidance to address these issues. > [!NOTE] > In this article, "recovery password" refers to the 48-digit recovery password and "recovery key" refers to 32-digit recovery key. For more information, see [BitLocker key protectors](./prepare-your-organization-for-bitlocker-planning-and-policies.md#bitlocker-key-protectors). ## Windows prompts for a non-existing BitLocker recovery password -Windows prompts you for a BitLocker recovery password. However, you did not configure a BitLocker recovery password. +Windows prompts for a BitLocker recovery password. However, a BitLocker recovery password wasn't configured. -### Resolution +### Resolution for Windows prompts for a non-existing BitLocker recovery password The BitLocker and Active Directory Domain Services (AD DS) FAQ address situations that may produce this symptom, and provides information about the procedure to resolve the issue: @@ -35,182 +35,192 @@ The BitLocker and Active Directory Domain Services (AD DS) FAQ address situation - [What happens if the backup initially fails? Will BitLocker retry the backup?](./bitlocker-and-adds-faq.yml) -## The recovery password for a laptop was not backed up, and the laptop is locked +## The recovery password for a laptop wasn't backed up, and the laptop is locked -You have a Windows 11 or Windows 10 Home-based laptop, and you have to recover its hard disk. The disk was encrypted by using BitLocker Driver Encryption. However, the BitLocker recovery password was not backed up, and the usual user of the laptop is not available to provide the password. +Consider the following scenario: -### Resolution +The hard disk of a Windows 11 or Windows 10 laptop has to be recovered. The disk was encrypted by using BitLocker Driver Encryption. However, the BitLocker recovery password wasn't backed up, and the usual user of the laptop isn't available to provide the password. + +### Resolution for the recovery password for a laptop wasn't backed up You can use either of the following methods to manually back up or synchronize an online client's existing recovery information: - Create a Windows Management Instrumentation (WMI) script that backs up the information. For more information, see [BitLocker Drive Encryption Provider](/windows/win32/secprov/bitlocker-drive-encryption-provider). -- In an elevated Command Prompt window, use the [manage-bde](/windows-server/administration/windows-commands/manage-bde) command to back up the information. +- In an elevated Command Prompt window, use the [manage-bde.exe](/windows-server/administration/windows-commands/manage-bde) command to back up the information. For example, to back up all of the recovery information for the C: drive to AD DS, open an elevated Command Prompt window and run the following command: - ```console - manage-bde -protectors -adbackup C: + ```cmd + manage-bde.exe -protectors -adbackup C: ``` > [!NOTE] > BitLocker does not automatically manage this backup process. -## Tablet devices do not support using Manage-bde -forcerecovery to test recovery mode +## Tablet devices don't support using `manage-bde.exe -forcerecovery` to test recovery mode -You have a tablet or slate device, and you try to test BitLocker recovery by running the following command: +Consider the following scenario: -```console -Manage-bde -forcerecovery +BitLocker recovery needs to be tested on a tablet or slate device by running the following command: + +```cmd +manage-bde.exe -forcerecovery ``` -However, after you enter the recovery password, the device cannot start. +However, after entering the recovery password, the device can't start. -### Cause +### Cause of tablet devices don't support using `manage-bde.exe -forcerecovery` to test recovery mode > [!IMPORTANT] -> Tablet devices do not support the **manage-bde -forcerecovery** command. +> Tablet devices do not support the **`manage-bde.exe -forcerecovery`** command. -This issue occurs because the Windows Boot Manager cannot process touch-input during the pre-boot phase of startup. If Boot Manager detects that the device is a tablet, it redirects the startup process to the Windows Recovery Environment (WinRE), which can process touch-input. +This issue occurs because the Windows Boot Manager can't process touch-input during the pre-boot phase of startup. If Boot Manager detects that the device is a tablet, it redirects the startup process to the Windows Recovery Environment (WinRE), which can process touch-input. -If WindowsRE detects the TPM protector on the hard disk, it does a PCR reseal. However, the **manage-bde -forcerecovery** command deletes the TPM protectors on the hard disk. Therefore, WinRE cannot reseal the PCRs. This failure triggers an infinite BitLocker recovery cycle and prevents Windows from starting. +If WindowsRE detects the TPM protector on the hard disk, it does a PCR reseal. However, the **`manage-bde.exe -forcerecovery`** command deletes the TPM protectors on the hard disk. Therefore, WinRE can't reseal the PCRs. This failure triggers an infinite BitLocker recovery cycle and prevents Windows from starting. This behavior is by design for all versions of Windows. -### Workaround +### Workaround for tablet devices don't support using `manage-bde.exe -forcerecovery` to test recovery mode To resolve the restart loop, follow these steps: 1. On the BitLocker Recovery screen, select **Skip this drive**. -1. Select **Troubleshoot** \> **Advanced Options** \> **Command Prompt**. +2. Select **Troubleshoot** > **Advanced Options** > **Command Prompt**. -1. In the Command Prompt window, run the following commands: +3. In the Command Prompt window, run the following commands: - ```console - manage-bde -unlock C: -rp <48-digit BitLocker recovery password> - manage-bde -protectors -disable C: + ```cmd + manage-bde.exe -unlock C: -rp <48-digit BitLocker recovery password> + manage-bde.exe -protectors -disable C: ``` -1. Close the Command Prompt window. +4. Close the Command Prompt window. -1. Shut down the device. +5. Shut down the device. -1. Start the device. Windows should start as usual. +6. Start the device. Windows should start as usual. -## After you install UEFI or TPM firmware updates on Surface, BitLocker prompts for the recovery password +## After installing UEFI or TPM firmware updates on Surface, BitLocker prompts for the recovery password -You have a Surface device that has BitLocker drive encryption turned on. You update the firmware of the device TPM or install an update that changes the signature of the system firmware. For example, you install the Surface TPM (IFX) update. +Consider the following scenario: + +A Surface device has BitLocker drive encryption turned on. The firmware of the Surface's TPM is updated or an update that changes the signature of the system firmware is installed. For example, the Surface TPM (IFX) update is installed. You experience one or more of the following symptoms on the Surface device: -- At startup, you are prompted for your BitLocker recovery password. You enter the correct recovery password, but Windows doesn't start up. -- Startup progresses directly into the Surface Unified Extensible Firmware Interface (UEFI) settings. +- At startup, the Surface device prompts for a BitLocker recovery password. The correct recovery password is entered, but Windows doesn't start up. + +- Startup progresses directly into the Surface device's Unified Extensible Firmware Interface (UEFI) settings. + - The Surface device appears to be in an infinite restart loop. -### Cause +### Cause of after installing UEFI or TPM firmware updates on Surface, BitLocker prompts for the recovery password This issue occurs if the Surface device TPM is configured to use Platform Configuration Register (PCR) values other than the default values of PCR 7 and PCR 11. For example, the following settings can configure the TPM this way: - Secure boot is turned off. - PCR values have been explicitly defined, such as by group policy. -Devices that support Connected Standby (also known as *InstantGO* or *Always On, Always Connected PCs*), including Surface devices, must use PCR 7 of the TPM. In its default configuration on such systems, BitLocker binds to PCR 7 and PCR 11 if PCR 7 and Secure Boot are correctly configured. For more information, see "About the Platform Configuration Register (PCR)" at [BitLocker Group Policy Settings](/previous-versions/windows/it-pro/windows-server-2012-R2-and-2012/jj679890(v=ws.11)#about-the-platform-configuration-register-pcr)). +Devices that support Connected Standby (also known as *InstantGO* or *Always On, Always Connected PCs*), including Surface devices, must use PCR 7 of the TPM. In its default configuration on such systems, BitLocker binds to PCR 7 and PCR 11 if PCR 7 and Secure Boot are correctly configured. For more information, see the [About the Platform Configuration Register (PCR)](bitlocker-group-policy-settings.md#about-the-platform-configuration-register-pcr) section of the [BitLocker Group Policy Settings](bitlocker-group-policy-settings.md) article. -### Resolution +### Resolution for after installing UEFI or TPM firmware updates on Surface, BitLocker prompts for the recovery password To verify the PCR values that are in use on a device, open an elevated Command Prompt window and run the following command: -```console +```cmd manage-bde.exe -protectors -get : ``` -In this command, <*OSDriveLetter*> represents the drive letter of the operating system drive. +In this command, *\* represents the drive letter of the operating system drive. -To resolve this issue and repair the device, follow these steps. +To resolve this issue and repair the device, follow these steps: -#### Step 1: Disable the TPM protectors on the boot drive +#### Step 1: Disable the TPM protectors on the boot drive -If you have installed a TPM or UEFI update and your device cannot start, even if you enter the correct BitLocker recovery password, you can restore the ability to start by using the BitLocker recovery password and a Surface recovery image to remove the TPM protectors from the boot drive. +If a TPM or UEFI update has been installed and the Surface device can't start, even if the correct BitLocker recovery password has been entered, the ability to start can be restored by using the BitLocker recovery password and a Surface recovery image to remove the TPM protectors from the boot drive. -To do this, follow these steps: +To use the BitLocker recovery password and a Surface recovery image to remove the TPM protectors from the boot drive, follow these steps: -1. Obtain your BitLocker recovery password from [your Microsoft.com account](https://account.microsoft.com/devices/recoverykey). If BitLocker is managed by a different method, such as Microsoft BitLocker Administration and Monitoring (MBAM), contact your administrator for help. +1. Obtain the BitLocker recovery password from the Surface user's [Microsoft.com account](https://account.microsoft.com/devices/recoverykey). If BitLocker is managed by a different method, such as Microsoft BitLocker Administration and Monitoring (MBAM), Configuration Manager BitLocker Management, or Intune, contact the administrator for help. -1. Use another computer to download the Surface recovery image from [Download a recovery image for your Surface](https://support.microsoft.com/surfacerecoveryimage). Use the downloaded image to create a USB recovery drive. +2. Use another computer to download the Surface recovery image from [Surface Recovery Image Download](https://support.microsoft.com/surface-recovery-image). Use the downloaded image to create a USB recovery drive. -1. Insert the USB Surface recovery image drive into the Surface device, and start the device. +3. Insert the USB Surface recovery image drive into the Surface device, and start the device. -1. When you are prompted, select the following items: +4. When prompted, select the following items: - 1. Your operating system language. + 1. The operating system language. - 1. Your keyboard layout. + 2. The keyboard layout. -1. Select **Troubleshoot** > **Advanced Options** > **Command Prompt**. +5. Select **Troubleshoot** > **Advanced Options** > **Command Prompt**. -1. In the Command Prompt window, run the following commands: +6. In the Command Prompt window, run the following commands: - ```console - manage-bde -unlock -recoverypassword : - manage-bde -protectors -disable : + ```cmd + manage-bde.exe -unlock -recoverypassword : + manage-bde.exe -protectors -disable : ``` - In these commands, \<*Password*\> is the BitLocker recovery password that you obtained in step 1, and \<*DriveLetter*> is the drive letter that is assigned to your operating system drive. + where: + + - *\* is the BitLocker recovery password that was obtained in Step 1 + - *\* is the drive letter that is assigned to the operating system drive > [!NOTE] - > For more information about how to use this command, see [manage-bde: unlock](/windows-server/administration/windows-commands/manage-bde-unlock). + > For more information about how to use this command, see [manage-bde unlock](/windows-server/administration/windows-commands/manage-bde-unlock). -1. Restart the computer. +7. Restart the computer. -1. When you are prompted, enter the BitLocker recovery password that you obtained in step 1. +8. When prompted, enter the BitLocker recovery password that was obtained in Step 1. > [!NOTE] -> After you disable the TPM protectors, BitLocker drive encryption no longer protects your device. To re-enable BitLocker drive encryption, select **Start**, type **Manage BitLocker**, and then press Enter. Follow the steps to encrypt your drive. +> After the TPM protectors are disabled, BitLocker drive encryption no longer protects the device. To re-enable BitLocker drive encryption, select **Start**, type **Manage BitLocker**, and then press **Enter**. Follow the steps to encrypt the drive. -#### Step 2: Use Surface BMR to recover data and reset your device +#### Step 2: Use Surface BMR to recover data and reset the Surface device -To recover data from your Surface device if you cannot start Windows, follow steps 1 through 5 of [Step 1](#step-1) to return to the Command Prompt window, and then follow these steps: +To recover data from the Surface device if Windows doesn't start, follow steps 1 through 5 of the section [Step 1: Disable the TPM protectors on the boot drive](#step-1-disable-the-tpm-protectors-on-the-boot-drive) to get to a Command Prompt window. Once a Command Prompt window is open, follow these steps: 1. At the command prompt, run the following command: - ```console - manage-bde -unlock -recoverypassword : + ```cmd + manage-bde.exe -unlock -recoverypassword : ``` - In this command, \<*Password*\> is the BitLocker recovery password that you obtained in step 1 of [Step 1](#step-1), and \<*DriveLetter*> is the drive letter that is assigned to your operating system drive. + In this command, *\* is the BitLocker recovery password that was obtained in Step 1 of the section [Step 1: Disable the TPM protectors on the boot drive](#step-1-disable-the-tpm-protectors-on-the-boot-drive), and \<*DriveLetter*> is the drive letter that is assigned to the operating system drive. -1. After the drive is unlocked, use the **copy** or **xcopy** command to copy the user data to another drive. +2. After the drive is unlocked, use the **`copy`** or **`xcopy.exe`** command to copy the user data to another drive. > [!NOTE] - > For more information about the these commands, see the [Windows commands](/windows-server/administration/windows-commands/windows-commands). + > For more information about the these commands, see the [Windows commands](/windows-server/administration/windows-commands/windows-commands) article. -1. To reset your device by using a Surface recovery image, follow the instructions in the "How to reset your Surface using your USB recovery drive" section in [Creating and using a USB recovery drive](https://support.microsoft.com/help/4023512). +3. To reset the device by using a Surface recovery image, follow the instructions in the article [Creating and using a USB recovery drive for Surface](https://support.microsoft.com/surface/creating-and-using-a-usb-recovery-drive-for-surface-677852e2-ed34-45cb-40ef-398fc7d62c07). #### Step 3: Restore the default PCR values -To prevent this issue from recurring, we strongly recommend that you restore the default configuration of secure boot and the PCR values. +To prevent this issue from recurring, it's recommended to restore the default configuration of Secure Boot and the PCR values. -To enable secure boot on a Surface device, follow these steps: +To enable Secure Boot on a Surface device, follow these steps: -1. Suspend BitLocker. to do this, open an elevated Windows PowerShell window, and run the following cmdlet: +1. Suspend BitLocker by opening an elevated Windows PowerShell window and running the following PowerShell cmdlet: ```powershell Suspend-BitLocker -MountPoint ":" -RebootCount 0 ``` - In this command, <*DriveLetter*> is the letter that is assigned to your drive. + In this command, *\* is the letter that is assigned to the drive. -1. Restart the device, and then edit the BIOS to set the **Secure Boot** option to **Microsoft Only**. +2. Restart the device, and then edit the UEFI settings to set the **Secure Boot** option to **Microsoft Only**. -1. Restart the device. +3. Restart the device and sign into Windows. -1. Open an elevated PowerShell window, and run the following cmdlet: +4. Open an elevated PowerShell window and run the following PowerShell cmdlet: ```powershell - Resume-BitLocker -MountPoint ":" ``` @@ -218,17 +228,17 @@ To reset the PCR settings on the TPM, follow these steps: 1. Disable any Group Policy Objects that configure the PCR settings, or remove the device from any groups that enforce such policies. - For more information, see [BitLocker Group Policy settings](./bitlocker-group-policy-settings.md). + For more information, see [BitLocker Group Policy settings](bitlocker-group-policy-settings.md). -1. Suspend BitLocker. To do this, open an elevated Windows PowerShell window, and run the following cmdlet: +2. Suspend BitLocker by opening an elevated Windows PowerShell window and running the following PowerShell cmdlet: ```powershell Suspend-BitLocker -MountPoint ":" -RebootCount 0 ``` - - where <*DriveLetter*> is the letter assigned to your drive. -1. Run the following cmdlet: + In this command, *\* is the letter that is assigned to the drive. + +3. Run the following PowerShell cmdlet: ```powershell Resume-BitLocker -MountPoint ":" @@ -236,92 +246,108 @@ To reset the PCR settings on the TPM, follow these steps: #### Step 4: Suspend BitLocker during TPM or UEFI firmware updates -You can avoid this scenario when you install updates to system firmware or TPM firmware by temporarily suspending BitLocker before you apply such updates. +You can avoid this scenario when installing updates to system firmware or TPM firmware by temporarily suspending BitLocker before applying such updates. > [!IMPORTANT] -> TPM and UEFI firmware updates may require multiple restarts while they install. To keep BitLocker suspended during this process, you must use [Suspend-BitLocker](/powershell/module/bitlocker/suspend-bitlocker?view=winserver2012r2-ps&preserve-view=true) and set the **Reboot Count** parameter to either of the following values: -> - **2** or greater: This value sets the number of times the device can restart before BitLocker Device Encryption resumes. -> - **0**: This value suspends BitLocker Drive Encryption indefinitely, until you use [Resume-BitLocker](/powershell/module/bitlocker/resume-bitlocker?view=winserver2012r2-ps&preserve-view=true) or another mechanism to resume protection. +> TPM and UEFI firmware updates may require multiple restarts while they install. To keep BitLocker suspended during this process, the PowerShell cmdlet [Suspend-BitLocker](/powershell/module/bitlocker/suspend-bitlocker) must be used and the **Reboot Count** parameter must be set to either of the following values: +> +> - **2** or greater: This value sets the number of times the device will restart before BitLocker Device Encryption resumes. For example, setting the value to **2** will cause BitLocker to resume after the device restarts twice. +> +> - **0**: This value suspends BitLocker Drive Encryption indefinitely. To resume BitLocker, the PowerShell cmdlet [Resume-BitLocker](/powershell/module/bitlocker/resume-bitlocker) or another mechanism needs to be used to resume BitLocker protection. -To suspend BitLocker while you install TPM or UEFI firmware updates: +To suspend BitLocker while installing TPM or UEFI firmware updates: -1. Open an elevated Windows PowerShell window, and run the following cmdlet: +1. Open an elevated Windows PowerShell window and run the following PowerShell cmdlet: ```powershell - Suspend-BitLocker -MountPoint ":" -RebootCount 0 - + Suspend-BitLocker -MountPoint ":" -RebootCount 0 ``` - In this cmdlet <*DriveLetter*> is the letter that is assigned to your drive. -1. Install the Surface device driver and firmware updates. + In this PowerShell cmdlet, *\* is the letter that is assigned to the drive. -1. After you install the firmware updates, restart the computer, open an elevated PowerShell window, and then run the following cmdlet: +2. Install the Surface device driver and firmware updates. + +3. After installing the firmware updates, restart the computer, open an elevated PowerShell window, and then run the following PowerShell cmdlet: ```powershell Resume-BitLocker -MountPoint ":" ``` + -## After you install an update to a Hyper V-enabled computer, BitLocker prompts for the recovery password and returns error 0xC0210000 + ## Credential Guard/Device Guard on TPM 1.2: At every restart, BitLocker prompts for the recovery password and returns error 0xC0210000 -You have a device that uses TPM 1.2 and runs Windows 10, version 1809, or Windows 11. Also, the device uses [Virtualization-based Security](/windows-hardware/design/device-experiences/oem-vbs) features such as [Device Guard and Credential Guard](/windows-hardware/drivers/bringup/device-guard-and-credential-guard). Every time that you start the device, the device enters BitLocker Recovery mode and you see error code 0xc0210000, and a message that resembles the following. +Consider the following scenario: + +A device uses TPM 1.2 and runs Windows 10, version 1809. The device also uses [Virtualization-based Security](/windows-hardware/design/device-experiences/oem-vbs) features such as [Device Guard and Credential Guard](/windows-hardware/drivers/bringup/device-guard-and-credential-guard). Every time the device is started, the device enters BitLocker Recovery mode and an error message similar to the following error message is displayed: > Recovery -> +> > Your PC/Device needs to be repaired. > A required file couldn't be accessed because your BitLocker key wasn't loaded correctly. > @@ -329,15 +355,15 @@ You have a device that uses TPM 1.2 and runs Windows 10, version 1809, or Window > > You'll need to use recovery tools. If you don't have any installation media (like a disc or USB device), contact your PC administrator or PC/Device manufacturer. -### Cause +### Cause of Credential Guard/Device Guard on TPM 1.2: At every restart, BitLocker prompts for the recovery password and returns error 0xC0210000 -TPM 1.2 does not support Secure Launch. For more information, see [System Guard Secure Launch and SMM protection: Requirements Met by System Guard Enabled Machines](../../threat-protection/windows-defender-system-guard/system-guard-secure-launch-and-smm-protection.md) +TPM 1.2 doesn't support Secure Launch. For more information, see [System Guard Secure Launch and SMM protection: Requirements Met by System Guard Enabled Machines](../../threat-protection/windows-defender-system-guard/system-guard-secure-launch-and-smm-protection.md) For more information about this technology, see [Windows Defender System Guard: How a hardware-based root of trust helps protect Windows](../../threat-protection/windows-defender-system-guard/system-guard-how-hardware-based-root-of-trust-helps-protect-windows.md) -### Resolution +### Resolution for Credential Guard/Device Guard on TPM 1.2: At every restart, BitLocker prompts for the recovery password and returns error 0xC0210000 -To resolve this issue, do one of the following: +To resolve this issue, use one of the following two solutions: - Remove any device that uses TPM 1.2 from any group that is subject to GPOs that enforce secure launch. - Edit the **Turn On Virtualization Based Security** GPO to set **Secure Launch Configuration** to **Disabled**. diff --git a/windows/security/information-protection/bitlocker/ts-bitlocker-tpm-issues.md b/windows/security/information-protection/bitlocker/ts-bitlocker-tpm-issues.md index cb1ce79e07..ce3b379df0 100644 --- a/windows/security/information-protection/bitlocker/ts-bitlocker-tpm-issues.md +++ b/windows/security/information-protection/bitlocker/ts-bitlocker-tpm-issues.md @@ -20,13 +20,15 @@ This article describes common issues that relate directly to the trusted platfor ## Azure AD: Windows Hello for Business and single sign-on don't work -You have an Azure Active Directory (Azure AD)-joined client computer that can't authenticate correctly. You experience one or more of the following symptoms: +Consider the following scenario: -- Windows Hello for Business doesn't work. -- Conditional access fails. -- Single sign-on (SSO) doesn't work. +An Azure Active Directory (Azure AD)-joined client computer can't authenticate correctly. The computer is experiencing one or more of the following symptoms: -Additionally, the computer logs the following entry for Event ID 1026: +- Windows Hello for Business doesn't work +- Conditional access fails +- Single sign-on (SSO) doesn't work + +Additionally, in Event Viewer, the computer logs the following Event ID 1026 event under **Windows Logs** > **System**: > Log Name: System > Source: Microsoft-Windows-TPM-WMI @@ -42,50 +44,62 @@ Additionally, the computer logs the following entry for Event ID 1026: > Error: The TPM is defending against dictionary attacks and is in a time-out period. > Additional Information: 0x840000 -### Cause +### Cause of Azure AD: Windows Hello for Business and single sign-on don't work This event indicates that the TPM isn't ready or has some setting that prevents access to the TPM keys. Additionally, the behavior indicates that the client computer can't obtain a [Primary Refresh Token (PRT)](/azure/active-directory/devices/concept-primary-refresh-token). -### Resolution +### Resolution for Azure AD: Windows Hello for Business and single sign-on don't work -To verify the status of the PRT, use the [dsregcmd /status command](/azure/active-directory/devices/troubleshoot-device-dsregcmd) to collect information. In the tool output, verify that either **User state** or **SSO state** contains the **AzureAdPrt** attribute. If the value of this attribute is **No**, the PRT wasn't issued. This may indicate that the computer couldn't present its certificate for authentication. +To verify the status of the PRT, use the [dsregcmd.exe /status](/azure/active-directory/devices/troubleshoot-device-dsregcmd) command to collect information. In the tool output, verify that either **User state** or **SSO state** contains the **AzureAdPrt** attribute. If the value of this attribute is **No**, the PRT wasn't issued. If the value of the attribute is **No**, it may indicate that the computer couldn't present its certificate for authentication. To resolve this issue, follow these steps to troubleshoot the TPM: -1. Open the TPM management console (tpm.msc). To do this, select **Start**, and enter **tpm.msc** in the **Search** box. -1. If you see a notice to either unlock the TPM or reset the lockout, follow those instructions. -1. If you don't see such a notice, review the BIOS settings of the computer for any setting that you can use to reset or disable the lockout. -1. Contact the hardware vendor to determine whether there's a known fix for the issue. -1. If you still can't resolve the issue, clear and reinitialize the TPM. To do this, follow the instructions in [Troubleshoot the TPM: Clear all the keys from the TPM](../tpm/initialize-and-configure-ownership-of-the-tpm.md#clear-all-the-keys-from-the-tpm). +1. Open the TPM management console (`tpm.msc`) by selecting **Start** and entering **tpm.msc** in the **Search** box. + +2. If a notice is displayed to either unlock the TPM or reset the lockout, contact the hardware vendor to determine whether there's a known fix for the issue. + +3. If the issue is still not resolved after contacting the hardware vendor, clear and reinitialize the TPM by following the instructions in the article [Troubleshoot the TPM: Clear all the keys from the TPM](../tpm/initialize-and-configure-ownership-of-the-tpm.md#clear-all-the-keys-from-the-tpm). + > [!WARNING] > Clearing the TPM can cause data loss. +If in Step 2 there's no notice to either unlock the TPM or reset the lockout, review the UEFI firmware/BIOS settings of the computer for any setting that can be used to reset or disable the lockout. + ## TPM 1.2 Error: Loading the management console failed. The device that is required by the cryptographic provider isn't ready for use -You have a Windows 11 or Windows 10 version 1703-based computer that uses TPM version 1.2. When you try to open the TPM management console, you receive the following message: +Consider the following scenario: + +When trying to open the TPM management console on a Windows computer that uses TPM version 1.2, the following message is displayed: > Loading the management console failed. The device that is required by the cryptographic provider is not ready for use. > HRESULT 0x800900300x80090030 - NTE\_DEVICE\_NOT\_READY > The device that is required by this cryptographic provider is not ready for use. > TPM Spec version: TPM v1.2 -On a different device that is running the same version of Windows, you can open the TPM management console. +On a different device that is running the same version of Windows, the TPM management console can be opened. -### Cause (suspected) +### Cause (suspected) of TPM 1.2 Error: Loading the management console failed. The device that is required by the cryptographic provider isn't ready for use These symptoms indicate that the TPM has hardware or firmware issues. -### Resolution +### Resolution for TPM 1.2 Error: Loading the management console failed. The device that is required by the cryptographic provider isn't ready for use -To resolve this issue, switch the TPM operating mode from version 1.2 to version 2.0. +To resolve the issue: -If this doesn't resolve the issue, consider replacing the device motherboard. After you replace the motherboard, switch the TPM operating mode from version 1.2 to version 2.0. +- Switch the TPM operating mode from version 1.2 to version 2.0 if the device has this option available. + +- If switching the TPM from version 1.2 to version 2.0 doesn't resolve the issue, or if the device doesn't have TPM version 2.0 available, contact the hardware vendor to determine whether there's a UEFI firmware update/BIOS update/TPM update for the device. If there's an update available, install the update to see if it resolves the issue. + +- If updating the UEFI firmware/BIOS doesn't resolve the issue, or if there's no update available, consider replacing the device motherboard by contacting the hardware vendor. After the motherboard has been replaced, switch the TPM operating mode from version 1.2 to version 2.0 if this option is available. + + > [!WARNING] + > Replacing the motherboard will cause data in the TPM to be lost. ## Devices don't join hybrid Azure AD because of a TPM issue -You have a device that you're trying to join to a hybrid Azure AD. However, the join operation appears to fail. +When trying to join a device to a hybrid Azure AD, the join operation appears to fail. To verify that the join succeeded, use the [dsregcmd /status command](/azure/active-directory/devices/troubleshoot-device-dsregcmd). In the tool output, the following attributes indicate that the join succeeded: @@ -94,16 +108,16 @@ To verify that the join succeeded, use the [dsregcmd /status command](/azure/act If the value of **AzureADJoined** is **No**, the join operation failed. -### Causes and Resolutions +### Causes and resolutions for devices don't join hybrid Azure AD because of a TPM issue -This issue may occur when the Windows operating system isn't the owner of the TPM. The specific fix for this issue depends on which errors or events you experience, as shown in the following table: +This issue may occur when the Windows operating system isn't the owner of the TPM. The specific fix for this issue depends on which errors or events are displayed, as shown in the following table: |Message |Reason | Resolution| | - | - | - | -|NTE\_BAD\_KEYSET (0x80090016/-2146893802) |TPM operation failed or was invalid |This issue was probably caused by a corrupted sysprep image. Make sure that you create the sysprep image by using a computer that isn't joined to or registered in Azure AD or hybrid Azure AD. | -|TPM\_E\_PCP\_INTERNAL\_ERROR (0x80290407/-2144795641) |Generic TPM error. |If the device returns this error, disable its TPM. Windows 10, version 1809 and later versions, or Windows 11 automatically detect TPM failures and finish the hybrid Azure AD join without using the TPM. | -|TPM\_E\_NOTFIPS (0x80280036/-2144862154) |The FIPS mode of the TPM is currently not supported. |If the device gives this error, disable its TPM. Windows 10, version 1809 and later versions, or Windows 11 automatically detect TPM failures and finish the hybrid Azure AD join without using the TPM. | -|NTE\_AUTHENTICATION\_IGNORED (0x80090031/-2146893775) |The TPM is locked out. |This error is transient. Wait for the cooldown period, and then retry the join operation. | +|*NTE\_BAD\_KEYSET (0x80090016/-2146893802)* |TPM operation failed or was invalid |This issue was probably caused by a corrupted sysprep image. When creating a sysprep image, make sure to use a computer that isn't joined to or registered in Azure AD or hybrid Azure AD. | +|*TPM\_E\_PCP\_INTERNAL\_ERROR (0x80290407/-2144795641)* |Generic TPM error. |If the device returns this error, disable its TPM. Windows 10, version 1809 and later versions, or Windows 11 automatically detect TPM failures and finish the hybrid Azure AD join without using the TPM. | +|*TPM\_E\_NOTFIPS (0x80280036/-2144862154*) |The FIPS mode of the TPM is currently not supported. |If the device gives this error, disable its TPM. Windows 10, version 1809 and later versions, or Windows 11 automatically detect TPM failures and finish the hybrid Azure AD join without using the TPM. | +|*NTE\_AUTHENTICATION\_IGNORED (0x80090031/-2146893775)* |The TPM is locked out. |This error is transient. Wait for the cooldown period, and then retry the join operation. | For more information about TPM issues, see the following articles: From 340f0fbd35d121f9e92f0a9b34c8b388c3746d1f Mon Sep 17 00:00:00 2001 From: Frank Rojas <45807133+frankroj@users.noreply.github.com> Date: Wed, 16 Nov 2022 23:45:59 -0500 Subject: [PATCH 101/129] Metadata/style update BitLocker 18 --- .../bitlocker/bcd-settings-and-bitlocker.md | 2 +- .../bitlocker/bitlocker-and-adds-faq.yml | 2 +- .../bitlocker/bitlocker-basic-deployment.md | 42 +++++++++---------- .../bitlocker/bitlocker-countermeasures.md | 6 +-- .../bitlocker-deployment-comparison.md | 2 +- .../bitlocker-group-policy-settings.md | 42 +++++++++---------- ...tlocker-how-to-deploy-on-windows-server.md | 12 +++--- .../bitlocker-how-to-enable-network-unlock.md | 27 ++++++------ .../bitlocker-key-management-faq.yml | 4 +- .../bitlocker-management-for-enterprises.md | 10 ++--- .../bitlocker/bitlocker-overview.md | 2 +- .../bitlocker-recovery-guide-plan.md | 30 ++++++------- .../bitlocker-recovery-loop-break.md | 4 +- ...ve-encryption-tools-to-manage-bitlocker.md | 28 ++++++------- ...itlocker-using-with-other-programs-faq.yml | 2 +- ...nd-storage-area-networks-with-bitlocker.md | 18 ++++---- .../bitlocker/troubleshoot-bitlocker.md | 16 +++---- .../ts-bitlocker-cannot-encrypt-issues.md | 6 +-- .../ts-bitlocker-cannot-encrypt-tpm-issues.md | 10 ++--- .../bitlocker/ts-bitlocker-config-issues.md | 4 +- .../ts-bitlocker-decode-measured-boot-logs.md | 8 ++-- .../bitlocker/ts-bitlocker-intune-issues.md | 14 +++---- .../ts-bitlocker-network-unlock-issues.md | 4 +- .../bitlocker/ts-bitlocker-tpm-issues.md | 4 +- 24 files changed, 151 insertions(+), 148 deletions(-) diff --git a/windows/security/information-protection/bitlocker/bcd-settings-and-bitlocker.md b/windows/security/information-protection/bitlocker/bcd-settings-and-bitlocker.md index 38ebaa51c4..aaee4befef 100644 --- a/windows/security/information-protection/bitlocker/bcd-settings-and-bitlocker.md +++ b/windows/security/information-protection/bitlocker/bcd-settings-and-bitlocker.md @@ -60,7 +60,7 @@ When specifying BCD values in the **Use enhanced Boot Configuration Data validat For example, either "`winload:hypervisordebugport`" or "`winload:0x250000f4`" yields the same value. -A setting that applies to all boot applications may be applied only to an individual application; however, the reverse isn't true. For example, one can specify either "`all:locale`" or "`winresume:locale`", but as the BCD setting "`win-pe`" doesn't apply to all boot applications, "`winload:winpe`" is valid, but "`all:winpe`" isn't valid. The setting that controls boot debugging ("`bootdebug`" or 0x16000010) will always be validated and will have no effect if it's included in the provided fields. +A setting that applies to all boot applications may be applied only to an individual application. However, the reverse isn't true. For example, one can specify either "`all:locale`" or "`winresume:locale`", but as the BCD setting "`win-pe`" doesn't apply to all boot applications, "`winload:winpe`" is valid, but "`all:winpe`" isn't valid. The setting that controls boot debugging ("`bootdebug`" or 0x16000010) will always be validated and will have no effect if it's included in the provided fields. > [!NOTE] > Take care when configuring BCD entries in the Group Policy setting. The Local Group Policy Editor does not validate the correctness of the BCD entry. BitLocker will fail to be enabled if the Group Policy setting specified is invalid. diff --git a/windows/security/information-protection/bitlocker/bitlocker-and-adds-faq.yml b/windows/security/information-protection/bitlocker/bitlocker-and-adds-faq.yml index 7f6ba12c95..715efe3b61 100644 --- a/windows/security/information-protection/bitlocker/bitlocker-and-adds-faq.yml +++ b/windows/security/information-protection/bitlocker/bitlocker-and-adds-faq.yml @@ -49,7 +49,7 @@ sections: The BitLocker Windows Management Instrumentation (WMI) interface does allow administrators to write a script to back up or synchronize an online client's existing recovery information. However, BitLocker doesn't automatically manage this process. The `manage-bde.exe` command-line tool can also be used to manually back up recovery information to AD DS. For example, to back up all of the recovery information for the `$env:SystemDrive` to AD DS, the following command script can be used from an elevated command prompt: - ``` powershell + ```powershell $BitLocker = Get-BitLockerVolume -MountPoint $env:SystemDrive $RecoveryProtector = $BitLocker.KeyProtector | Where-Object { $_.KeyProtectorType -eq 'RecoveryPassword' } diff --git a/windows/security/information-protection/bitlocker/bitlocker-basic-deployment.md b/windows/security/information-protection/bitlocker/bitlocker-basic-deployment.md index 06fc8d4e25..5b78af4a41 100644 --- a/windows/security/information-protection/bitlocker/bitlocker-basic-deployment.md +++ b/windows/security/information-protection/bitlocker/bitlocker-basic-deployment.md @@ -210,7 +210,7 @@ This command returns the volumes on the target, current encryption status, and v Suppose BitLocker is desired on a computer without a TPM. In this scenario, a USB flash drive is needed as a startup key for the operating system volume. The startup key will then allow the computer to boot. To create the startup key using `manage-bde.exe`, the `-protectors` switch would be used specifying the `-startupkey` option. Assuming the USB flash drive is drive letter `E:`, then the following `manage-bde.exe` commands would be used t create the startup key and start the BitLocker encryption: -``` powershell +```powershell manage-bde.exe -protectors -add C: -startupkey E: manage-bde.exe -on C: ``` @@ -221,13 +221,13 @@ If prompted, reboot the computer to complete the encryption process. It's possible to encrypt the operating system volume without any defined protectors by using `manage-bde.exe`. Use this command: -``` syntax +```cmd manage-bde.exe -on C: ``` This command will encrypt the drive using the TPM as the protector. If users are unsure of the protector for a volume, they can use the `-protectors` option in `manage-bde.exe` to list this information by executing the following command: -``` syntax +```cmd manage-bde.exe -protectors -get ``` @@ -235,7 +235,7 @@ manage-bde.exe -protectors -get Another example is a user on a non-TPM hardware who wishes to add a password and SID-based protector to the operating system volume. In this instance, the user adds the protectors first. Adding the protectors is done with the command: -``` syntax +```cmd manage-bde.exe -protectors -add C: -pw -sid ``` @@ -245,7 +245,7 @@ This command requires the user to enter and then confirm the password protectors Data volumes use the same syntax for encryption as operating system volumes but they don't require protectors for the operation to complete. Encrypting data volumes can be done using the base command: -``` syntax +```cmd manage-bde.exe -on ``` @@ -255,7 +255,7 @@ or users can choose to add protectors to the volume. It is recommended to add at A common protector for a data volume is the password protector. In the example below, a password protector is added to the volume and turn on BitLocker. -``` powershell +```powershell manage-bde.exe -protectors -add -pw C: manage-bde.exe -on C: ``` @@ -288,21 +288,21 @@ Occasionally, all protectors may not be shown when using **Get-BitLockerVolume** > [!NOTE] > In the event that there are more than four protectors for a volume, the pipe command may run out of display space. For volumes with more than four protectors, use the method described in the section below to generate a listing of all protectors with protector ID. -``` powershell +```powershell Get-BitLockerVolume C: | fl ``` If the existing protectors need to be removed prior to provisioning BitLocker on the volume, the `Remove-BitLockerKeyProtector` cmdlet can be used. Accomplishing this action requires the GUID associated with the protector to be removed. A simple script can pipe out the values of each **Get-BitLockerVolume** return to another variable as seen below: -``` powershell +```powershell $vol = Get-BitLockerVolume $keyprotectors = $vol.KeyProtector ``` Using this script, the information in the **$keyprotectors** variable can be displayed to determine the GUID for each protector. This information can then be used to remove the key protector for a specific volume using the command: -``` powershell +```powershell Remove-BitLockerKeyProtector : -KeyProtectorID "{GUID}" ``` @@ -315,13 +315,13 @@ Using the BitLocker Windows PowerShell cmdlets is similar to working with the `m To enable BitLocker with just the TPM protector, use this command: -``` powershell +```powershell Enable-BitLocker C: ``` The example below adds one additional protector, the StartupKey protectors, and chooses to skip the BitLocker hardware test. In this example, encryption starts immediately without the need for a reboot. -``` powershell +```powershell Enable-BitLocker C: -StartupKeyProtector -StartupKeyPath -SkipHardwareTest ``` @@ -329,7 +329,7 @@ Enable-BitLocker C: -StartupKeyProtector -StartupKeyPath -SkipHardwareTes Data volume encryption using Windows PowerShell is the same as for operating system volumes. You should add the desired protectors prior to encrypting the volume. The following example adds a password protector to the E: volume using the variable $pw as the password. The $pw variable is held as a SecureString value to store the user-defined password. Last, encryption begins. -``` powershell +```powershell $pw = Read-Host -AsSecureString Enable-BitLockerKeyProtector E: -PasswordProtector -Password $pw @@ -344,13 +344,13 @@ The **ADAccountOrGroup** protector is an Active Directory SID-based protector. T To add an **ADAccountOrGroup** protector to a volume, either the domain SID is needed or the group name preceded by the domain and a backslash. In the example below, the **CONTOSO\\Administrator** account is added as a protector to the data volume G. -``` powershell +```powershell Enable-BitLocker G: -AdAccountOrGroupProtector -AdAccountOrGroup CONTOSO\Administrator ``` For users who wish to use the SID for the account or group, the first step is to determine the SID associated with the account. To get the specific SID for a user account in Windows PowerShell, use the following command: -``` powershell +```powershell Get-ADUser -filter {samaccountname -eq "administrator"} ``` @@ -362,7 +362,7 @@ Get-ADUser -filter {samaccountname -eq "administrator"} In the example below, the user wishes to add a domain SID-based protector to the previously encrypted operating system volume. The user knows the SID for the user account or group they wish to add and uses the following command: -``` powershell +```powershell Add-BitLockerKeyProtector C: -ADAccountOrGroupProtector -ADAccountOrGroup "" ``` @@ -397,7 +397,7 @@ Administrators who prefer a command-line interface can utilize `manage-bde.exe` To check the status of a volume using `manage-bde.exe`, use the following command: -``` powershell +```powershell manage-bde.exe -status ``` @@ -410,7 +410,7 @@ Windows PowerShell commands offer another way to query BitLocker status for volu Using the Get-BitLockerVolume cmdlet, each volume on the system displays its current BitLocker status. To get information that is more detailed on a specific volume, use the following command: -``` powershell +```powershell Get-BitLockerVolume -Verbose | fl ``` @@ -437,13 +437,13 @@ Once decryption is complete, the drive updates its status in the control panel a Decrypting volumes using `manage-bde.exe` is straightforward. Decryption with `manage-bde.exe` offers the advantage of not requiring user confirmation to start the process. Manage-bde uses the -off command to start the decryption process. A sample command for decryption is: -``` powershell +```powershell manage-bde.exe -off C: ``` This command disables protectors while it decrypts the volume and removes all protectors when decryption is complete. If users wish to check the status of the decryption, they can use the following command: -``` powershell +```powershell manage-bde.exe -status C: ``` @@ -453,13 +453,13 @@ Decryption with Windows PowerShell cmdlets is straightforward, similar to `manag Using the Disable-BitLocker command, they can remove all protectors and encryption at the same time without the need for more commands. An example of this command is: -``` powershell +```powershell Disable-BitLocker ``` If a user didn't want to input each mount point individually, using the `-MountPoint` parameter in an array can sequence the same command into one line without requiring additional user input. An example command is: -``` powershell +```powershell Disable-BitLocker -MountPoint E:,F:,G: ``` diff --git a/windows/security/information-protection/bitlocker/bitlocker-countermeasures.md b/windows/security/information-protection/bitlocker/bitlocker-countermeasures.md index 33349719c3..cde4db1b1b 100644 --- a/windows/security/information-protection/bitlocker/bitlocker-countermeasures.md +++ b/windows/security/information-protection/bitlocker/bitlocker-countermeasures.md @@ -33,7 +33,7 @@ BitLocker helps mitigate unauthorized data access on lost or stolen computers be The next sections provide more details about how Windows protects against various attacks on the BitLocker encryption keys in Windows 11, Windows 10, Windows 8.1, and Windows 8. -For more information about how to enable the best overall security configuration for devices beginning with Windows 10 version 1803 or Windows 11, see [Standards for a highly secure Windows device](/windows-hardware/design/device-experiences/oem-highly-secure). +For more information about how to enable the best overall security configuration for devices beginning with Windows 10 version 1803, see [Standards for a highly secure Windows device](/windows-hardware/design/device-experiences/oem-highly-secure). ## Protection before startup @@ -92,13 +92,13 @@ To address these issues, [BitLocker Network Unlock](./bitlocker-how-to-enable-ne ### Protecting Thunderbolt and other DMA ports -There are a few different options to protect DMA ports, such as Thunderbolt™3. Beginning with Windows 10 version 1803 or Windows 11, new Intel-based devices have kernel protection against DMA attacks via Thunderbolt™ 3 ports enabled by default. This Kernel DMA Protection is available only for new systems beginning with Windows 10 version 1803 or Windows 11, as it requires changes in the system firmware and/or BIOS. +There are a few different options to protect DMA ports, such as Thunderbolt™3. Beginning with Windows 10 version 1803, new Intel-based devices have kernel protection against DMA attacks via Thunderbolt™ 3 ports enabled by default. This Kernel DMA Protection is available only for new systems beginning with Windows 10 version 1803, as it requires changes in the system firmware and/or BIOS. You can use the System Information desktop app `MSINFO32.exe` to check if a device has kernel DMA protection enabled: ![Kernel DMA protection.](images/kernel-dma-protection.png) -If kernel DMA protection isn't* enabled, follow these steps to protect Thunderbolt™ 3 enabled ports: +If kernel DMA protection isn't enabled, follow these steps to protect Thunderbolt™ 3 enabled ports: 1. Require a password for BIOS changes diff --git a/windows/security/information-protection/bitlocker/bitlocker-deployment-comparison.md b/windows/security/information-protection/bitlocker/bitlocker-deployment-comparison.md index b2ab76413a..9e7aba3ca0 100644 --- a/windows/security/information-protection/bitlocker/bitlocker-deployment-comparison.md +++ b/windows/security/information-protection/bitlocker/bitlocker-deployment-comparison.md @@ -53,7 +53,7 @@ This article depicts the BitLocker deployment comparison chart. |*Can be administered outside company network* | :::image type="content" source="images/yes-icon.png" alt-text="supported."::: | :::image type="content" source="images/yes-icon.png" alt-text="supported."::: | | |*Support for organization unique IDs* | | :::image type="content" source="images/yes-icon.png" alt-text="supported."::: | :::image type="content" source="images/yes-icon.png" alt-text="supported."::: | |*Self-service recovery* | Yes (through Azure AD or Company Portal app) | :::image type="content" source="images/yes-icon.png" alt-text="supported."::: | :::image type="content" source="images/yes-icon.png" alt-text="supported."::: | -|*Recovery password rotation for fixed and operating environment drives* | Yes (Windows 10, version 1909 and later or Windows 11) | :::image type="content" source="images/yes-icon.png" alt-text="supported."::: | :::image type="content" source="images/yes-icon.png" alt-text="supported."::: | +|*Recovery password rotation for fixed and operating environment drives* | Yes (Windows 10, version 1909 and later) | :::image type="content" source="images/yes-icon.png" alt-text="supported."::: | :::image type="content" source="images/yes-icon.png" alt-text="supported."::: | |*Wait to complete encryption until recovery information is backed up to Azure AD* | :::image type="content" source="images/yes-icon.png" alt-text="supported."::: | | | |*Wait to complete encryption until recovery information is backed up to Active Directory* | | :::image type="content" source="images/yes-icon.png" alt-text="supported."::: | :::image type="content" source="images/yes-icon.png" alt-text="supported."::: | |*Allow or deny Data Recovery Agent* | :::image type="content" source="images/yes-icon.png" alt-text="supported."::: | :::image type="content" source="images/yes-icon.png" alt-text="supported."::: | :::image type="content" source="images/yes-icon.png" alt-text="supported."::: | diff --git a/windows/security/information-protection/bitlocker/bitlocker-group-policy-settings.md b/windows/security/information-protection/bitlocker/bitlocker-group-policy-settings.md index f31f5430d7..227070fc2c 100644 --- a/windows/security/information-protection/bitlocker/bitlocker-group-policy-settings.md +++ b/windows/security/information-protection/bitlocker/bitlocker-group-policy-settings.md @@ -106,7 +106,7 @@ The following policies are used to support customized deployment scenarios in yo | |   | |:---|:---| |**Policy description**|With this policy setting, you can allow TPM-only protection for newer, more secure devices, such as devices that support Modern Standby or HSTI, while requiring PIN on older devices.| -|**Introduced**|Windows 10, version 1703, or Windows 11| +|**Introduced**|Windows 10, version 1703| |**Drive type**|Operating system drives| |**Policy path**|*Computer Configuration* > *Administrative Templates* > *Windows Components* > *BitLocker Drive Encryption* > *Operating System Drives*| |**Conflicts**|This setting overrides the **Require startup PIN with TPM** option of the [Require additional authentication at startup](#require-additional-authentication-at-startup) policy on compliant hardware.| @@ -147,7 +147,7 @@ For more information about Network Unlock feature, see [BitLocker: How to enable This policy setting is used to control which unlock options are available for operating system drives. -| |   | +| | | |:---|:---| |**Policy description**|With this policy setting, you can configure whether BitLocker requires additional authentication each time the computer starts and whether you're using BitLocker with a Trusted Platform Module (TPM). This policy setting is applied when you turn on BitLocker.| |**Introduced**|Windows Server 2008 R2 and Windows 7| @@ -173,28 +173,28 @@ There are four options for TPM-enabled computers or devices: - Configure TPM startup - Allow TPM - Require TPM - - Don't allow TPM + - Don not allow TPM - Configure TPM startup PIN - Allow startup PIN with TPM - Require startup PIN with TPM - - Don't allow startup PIN with TPM + - Don not allow startup PIN with TPM - Configure TPM startup key - Allow startup key with TPM - Require startup key with TPM - - Don't allow startup key with TPM + - Don not allow startup key with TPM - Configure TPM startup key and PIN - Allow TPM startup key with PIN - Require startup key and PIN with TPM - - Don't allow TPM startup key with PIN + - Don not allow TPM startup key with PIN ### Allow enhanced PINs for startup This policy setting permits the use of enhanced PINs when you use an unlock method that includes a PIN. -| |   | +| | | |:---|:---| |**Policy description**|With this policy setting, you can configure whether enhanced startup PINs are used with BitLocker.| |**Introduced**|Windows Server 2008 R2 and Windows 7| @@ -237,7 +237,7 @@ The Dictionary Attack Prevention Parameters provide a way to balance security ne Increasing the PIN length requires a greater number of guesses for an attacker. In that case, the lockout duration between each guess can be shortened to allow legitimate users to retry a failed attempt sooner, while maintaining a similar level of protection. -Beginning with Windows 10, version 1703, or Windows 11, the minimum length for the BitLocker PIN was increased to six characters to better align with other Windows features that use TPM 2.0, including Windows Hello. To help organizations with the transition, beginning with Windows 10, version 1709 and Windows 10, version 1703 with the October 2017, or Windows 11 [cumulative update](https://support.microsoft.com/help/4018124) installed, the BitLocker PIN length is six characters by default, but it can be reduced to four characters. If the minimum PIN length is reduced from the default of six characters, then the TPM 2.0 lockout period will be extended. +Beginning with Windows 10, version 1703, the minimum length for the BitLocker PIN was increased to six characters to better align with other Windows features that use TPM 2.0, including Windows Hello. To help organizations with the transition, beginning with Windows 10, version 1709 and Windows 10, version 1703 with the October 2017 [cumulative update](https://support.microsoft.com/help/4018124) installed, the BitLocker PIN length is six characters by default, but it can be reduced to four characters. If the minimum PIN length is reduced from the default of six characters, then the TPM 2.0 lockout period will be extended. ### Disable new DMA devices when this computer is locked @@ -246,7 +246,7 @@ This policy setting allows you to block direct memory access (DMA) for all hot p | |   | |:---|:---| |**Policy description**|This setting helps prevent attacks that use external PCI-based devices to access BitLocker keys.| -|**Introduced**|Windows 10, version 1703, or Windows 11| +|**Introduced**|Windows 10, version 1703| |**Drive type**|Operating system drives| |**Policy path**|*Computer Configuration* > *Administrative Templates* > *Windows Components* > *BitLocker Drive Encryption*| |**Conflicts**|None| @@ -331,12 +331,12 @@ There are two options for TPM-enabled computers or devices: - Configure TPM startup PIN - Allow startup PIN with TPM - Require startup PIN with TPM - - Don't allow startup PIN with TPM + - Do not allow startup PIN with TPM - Configure TPM startup key - Allow startup key with TPM - Require startup key with TPM - - Don't allow startup key with TPM + - Do not allow startup key with TPM These options are mutually exclusive. If you require the startup key, you must not allow the startup PIN. If you require the startup PIN, you must not allow the startup key. Otherwise, a policy error will occur. @@ -495,7 +495,7 @@ The Windows touch keyboard (such as used by tablets) isn't available in the preb It's recommended that administrators enable this policy only for devices that are verified to have an alternative means of preboot input, such as attaching a USB keyboard. -When the Windows Recovery Environment isn't enabled and this policy isn't enabled, you can't turn on BitLocker on a device that uses the Windows touch keyboard. +When the Windows Recovery Environment (WinRE) isn't enabled and this policy isn't enabled, you can't turn on BitLocker on a device that uses the Windows touch keyboard. If you don't enable this policy setting, the following options in the **Require additional authentication at startup** policy might not be available: @@ -554,7 +554,7 @@ This policy setting is used to require that removable drives are encrypted prior If the **Deny write access to devices configured in another organization** option is selected, only drives with identification fields that match the computer's identification fields are given Write access. When a removable data drive is accessed, it's checked for a valid identification field and allowed identification fields. These fields are defined by the **Provide the unique identifiers for your organization** policy setting. > [!NOTE] -> You can override this policy setting with the policy settings under **User Configuration\\Administrative Templates\\System\\Removable Storage Access**. If the **Removable Disks: Deny write access** policy setting is enabled, this policy setting will be ignored. +> You can override this policy setting with the policy settings under **User Configuration** > **Administrative Templates** > **System** > **Removable Storage Access**. If the **Removable Disks: Deny write access** policy setting is enabled, this policy setting will be ignored. Conflict considerations include: @@ -603,7 +603,7 @@ This policy setting is used to control the encryption method and cipher strength |**Policy path**|*Computer Configuration* > *Administrative Templates* > *Windows Components* > *BitLocker Drive Encryption*| |**Conflicts**|None| |**When enabled**|You can choose an encryption algorithm and key cipher strength for BitLocker to use to encrypt drives.| -|**When disabled or not configured**|Beginning with Windows 10, version 1511, or Windows 11, BitLocker uses the default encryption method of XTS-AES 128-bit or the encryption method that is specified by the setup script. +|**When disabled or not configured**|Beginning with Windows 10, version 1511, BitLocker uses the default encryption method of XTS-AES 128-bit or the encryption method that is specified by the setup script. #### Reference: Choose drive encryption method and cipher strength @@ -626,7 +626,7 @@ When this policy setting is disabled or not configured, BitLocker will use the d This policy controls how BitLocker reacts to systems that are equipped with encrypted drives when they're used as fixed data volumes. Using hardware-based encryption can improve the performance of drive operations that involve frequent reading or writing of data to the drive. -| |   | +| | | |:---|:---| |**Policy description**|With this policy setting, you can manage BitLocker's use of hardware-based encryption on fixed data drives and to specify which encryption algorithms BitLocker can use with hardware-based encryption.| |**Introduced**|Windows Server 2012 and Windows 8| @@ -651,7 +651,7 @@ The encryption algorithm that is used by hardware-based encryption is set when t This policy controls how BitLocker reacts when encrypted drives are used as operating system drives. Using hardware-based encryption can improve the performance of drive operations that involve frequent reading or writing of data to the drive. -| |   | +| | | |:---|:---| |**Policy description**|With this policy setting, you can manage BitLocker's use of hardware-based encryption on operating system drives and specify which encryption algorithms it can use with hardware-based encryption.| |**Introduced**|Windows Server 2012 and Windows 8| @@ -678,7 +678,7 @@ The encryption algorithm that is used by hardware-based encryption is set when t This policy controls how BitLocker reacts to encrypted drives when they're used as removable data drives. Using hardware-based encryption can improve the performance of drive operations that involve frequent reading or writing of data to the drive. -| |   | +| | | |:---|:---| |**Policy description**|With this policy setting, you can manage BitLocker's use of hardware-based encryption on removable data drives and specify which encryption algorithms it can use with hardware-based encryption.| |**Introduced**|Windows Server 2012 and Windows 8| @@ -840,7 +840,7 @@ For example, not allowing the 48-digit recovery password prevents users from pri This policy setting is used to configure the storage of BitLocker recovery information in AD DS. This policy setting provides an administrative method of recovering data that is encrypted by BitLocker to prevent data loss due to lack of key information. -| |   | +| | | |:---|:---| |**Policy description**|With this policy setting, you can manage the AD DS backup of BitLocker Drive Encryption recovery information.| |**Introduced**|Windows Server 2008 and Windows Vista| @@ -1040,7 +1040,7 @@ Multiple values separated by commas can be entered in the identification and all This policy setting is used to control whether the computer's memory will be overwritten the next time the computer is restarted. -| |   | +| | | |:---|:---| |**Policy description**|With this policy setting, you can control computer restart performance at the risk of exposing BitLocker secrets.| |**Introduced**|Windows Vista| @@ -1287,7 +1287,7 @@ When this policy setting is enabled, select the **Do not install BitLocker To Go You can configure the Federal Information Processing Standard (FIPS) setting for FIPS compliance. As an effect of FIPS compliance, users can't create or save a BitLocker password for recovery or as a key protector. The use of a recovery key is permitted. -| |   | +| | | |:---|:---| |**Policy description**|Notes| |**Introduced**|Windows Server 2003 with SP1| @@ -1313,7 +1313,7 @@ PCs default power settings for a computer will cause the computer to enter Sleep However, when a computer hibernates the drive is locked, and when it resumes from hibernation the drive is unlocked, which means that users will need to provide a PIN or a startup key if using multifactor authentication with BitLocker. Therefore, organizations that use BitLocker may want to use Hibernate instead of Sleep for improved security. This setting doesn't have an impact on TPM-only mode, because it provides a transparent user experience at startup and when resuming from the Hibernate states. -You can disable the following Group Policy settings, which are located in **Computer Configuration\\Administrative Templates\\System\\Power Management** to disable all available sleep states: +You can disable the following Group Policy settings, which are located in **Computer Configuration** > **Administrative Templates** > **System** > **Power Management** to disable all available sleep states: - Allow Standby States (S1-S3) When Sleeping (Plugged In) - Allow Standby States (S1-S3) When Sleeping (Battery) diff --git a/windows/security/information-protection/bitlocker/bitlocker-how-to-deploy-on-windows-server.md b/windows/security/information-protection/bitlocker/bitlocker-how-to-deploy-on-windows-server.md index c81d7ac7b4..6e918604ba 100644 --- a/windows/security/information-protection/bitlocker/bitlocker-how-to-deploy-on-windows-server.md +++ b/windows/security/information-protection/bitlocker/bitlocker-how-to-deploy-on-windows-server.md @@ -67,7 +67,7 @@ The `servermanager` Windows PowerShell module can use either the `Install-Window By default, installation of features in Windows PowerShell doesn't include optional sub-features or management tools as part of the installation process. What is installed as part of the installation process can be seen using the `-WhatIf` option in Windows PowerShell. -``` powershell +```powershell Install-WindowsFeature BitLocker -WhatIf ``` @@ -75,7 +75,7 @@ The results of this command show that only the BitLocker Drive Encryption featur To see what would be installed with the BitLocker feature, including all available management tools and sub-features, use the following command: -``` powershell +```powershell Install-WindowsFeature BitLocker -IncludeAllSubFeature -IncludeManagementTools -WhatIf | fl ``` @@ -91,7 +91,7 @@ The result of this command displays the following list of all the administration The command to complete a full installation of the BitLocker feature with all available sub-features and then to reboot the server at completion is: -``` powershell +```powershell Install-WindowsFeature BitLocker -IncludeAllSubFeature -IncludeManagementTools -Restart ``` @@ -102,7 +102,7 @@ Install-WindowsFeature BitLocker -IncludeAllSubFeature -IncludeManagementTools - The `dism.exe` Windows PowerShell module uses the `Enable-WindowsOptionalFeature` cmdlet to install features. The BitLocker feature name for BitLocker is `BitLocker`. The `dism.exe` module doesn't support wildcards when searching for feature names. To list feature names for the `dism.exe` module, use the `Get-WindowsOptionalFeatures` cmdlet. The following command will list all of the optional features in an online (running) operating system. -``` powershell +```powershell Get-WindowsOptionalFeature -Online | ft ``` @@ -110,13 +110,13 @@ From this output, it can be seen that there are three BitLocker-related optional To install BitLocker using the `dism.exe` module, use the following command: -``` powershell +```powershell Enable-WindowsOptionalFeature -Online -FeatureName BitLocker -All ``` This command prompts the user for a reboot. The Enable-WindowsOptionalFeature cmdlet doesn't offer support for forcing a reboot of the computer. This command doesn't include installation of the management tools for BitLocker. For a complete installation of BitLocker and all available management tools, use the following command: -``` powershell +```powershell Enable-WindowsOptionalFeature -Online -FeatureName BitLocker, BitLocker-Utilities -All ``` diff --git a/windows/security/information-protection/bitlocker/bitlocker-how-to-enable-network-unlock.md b/windows/security/information-protection/bitlocker/bitlocker-how-to-enable-network-unlock.md index c2a6a79c56..cf2d6e9b33 100644 --- a/windows/security/information-protection/bitlocker/bitlocker-how-to-enable-network-unlock.md +++ b/windows/security/information-protection/bitlocker/bitlocker-how-to-enable-network-unlock.md @@ -50,7 +50,7 @@ For Network Unlock to work reliably on computers, the first network adapter on t The Network Unlock server component is installed on supported versions of Windows Server 2012 and later as a Windows feature that uses Server Manager or Windows PowerShell cmdlets. The feature name is BitLocker Network Unlock in Server Manager and BitLocker-NetworkUnlock in Windows PowerShell. This feature is a core requirement. -Network Unlock requires Windows Deployment Services (WDS) in the environment where the feature will be utilized. Configuration of the WDS installation isn't required; however, the WDS service must be running on the server. +Network Unlock requires Windows Deployment Services (WDS) in the environment where the feature will be utilized. Configuration of the WDS installation isn't required. However, the WDS service must be running on the server. The network key is stored on the system drive along with an AES 256 session key and encrypted with the 2048-bit RSA public key of the Unlock server certificate. The network key is decrypted with the help of a provider on a supported version of Windows Server running WDS, and returned encrypted with its corresponding session key. @@ -100,7 +100,7 @@ The BitLocker Network Unlock feature installs the WDS role if it isn't already i To install the role by using Windows PowerShell, use the following command: -``` powershell +```powershell Install-WindowsFeature WDS-Deployment ``` @@ -112,7 +112,7 @@ To confirm that the WDS service is running, use the Services Management Console To confirm that the service is running using Windows PowerShell, use the following command: -``` powershell +```powershell Get-Service WDSServer ``` @@ -122,7 +122,7 @@ To install the Network Unlock feature, use Server Manager or Windows PowerShell. To install the feature by using Windows PowerShell, use the following command: -``` powershell +```powershell Install-WindowsFeature BitLocker-NetworkUnlock ``` @@ -217,7 +217,7 @@ To create a self-signed certificate, either use the `New-SelfSignedCertificate` **Windows PowerShell:** -``` powershell +```powershell New-SelfSignedCertificate -CertStoreLocation Cert:\LocalMachine\My -Subject "CN=BitLocker Network Unlock certificate" -Provider "Microsoft Software Key Storage Provider" -KeyUsage KeyEncipherment -KeyUsageProperty Decrypt,Sign -KeyLength 2048 -HashAlgorithm sha512 -TextExtension @("1.3.6.1.4.1.311.21.10={text}OID=1.3.6.1.4.1.311.67.1.1","2.5.29.37={text}1.3.6.1.4.1.311.67.1.1") ``` @@ -225,13 +225,13 @@ New-SelfSignedCertificate -CertStoreLocation Cert:\LocalMachine\My -Subject "CN= 1. Create a text file with an `.inf` extension, for example: - ``` syntax + ```cmd notepad.exe BitLocker-NetworkUnlock.inf ``` 2. Add the following contents to the previously created file: - ``` ini + ```ini [NewRequest] Subject="CN=BitLocker Network Unlock certificate" ProviderType=0 @@ -252,7 +252,7 @@ New-SelfSignedCertificate -CertStoreLocation Cert:\LocalMachine\My -Subject "CN= 3. Open an elevated command prompt and use the `certreq.exe` tool to create a new certificate. Use the following command, specifying the full path to the file that was created previously along with the file name: - ``` syntax + ```cmd certreq.exe -new BitLocker-NetworkUnlock.inf BitLocker-NetworkUnlock.cer ``` @@ -327,7 +327,7 @@ The configuration file, called bde-network-unlock.ini, must be located in the sa The subnet policy configuration file must use a **\[SUBNETS\]** section to identify the specific subnets. The named subnets may then be used to specify restrictions in certificate subsections. Subnets are defined as simple name-value pairs, in the common INI format, where each subnet has its own line, with the name on the left of the equal-sign, and the subnet identified on the right of the equal-sign as a Classless Inter-Domain Routing (CIDR) address or range. The key word **ENABLED** is disallowed for subnet names. -``` ini +```ini [SUBNETS] SUBNET1=10.185.250.0/24 ; a comment about this subrange could be here, after the semicolon SUBNET2=10.185.252.200/28 @@ -344,7 +344,7 @@ Subnet restrictions are defined within each certificate section by denoting the Subnet lists are created by putting the name of a subnet from the **\[SUBNETS\]** section on its own line below the certificate section header. Then, the server will only unlock clients with this certificate on the subnet(s) specified as in the list. For troubleshooting, a subnet can be quickly excluded without deleting it from the section by commenting it out with a prepended semi-colon. -``` ini +```ini [2158a767e1c14e88e27a4c0aee111d2de2eafe60] ;Comments could be added here to indicate when the cert was issued, which Group Policy should get it, and so on. ;This list shows this cert is allowed to unlock clients only on the SUBNET1 and SUBNET3 subnets. In this example, SUBNET2 is commented out. @@ -387,7 +387,7 @@ Troubleshooting Network Unlock issues begins by verifying the environment. Many - Verify whether the **Network (Certificate Based)** protector is listed on the client. Verification of the protector can be done using either manage-bde or Windows PowerShell cmdlets. For example, the following command will list the key protectors currently configured on the C: drive of the local computer: - ``` powershell + ```powershell manage-bde.exe -protectors -get C: ``` @@ -418,6 +418,9 @@ Gather the following files to troubleshoot BitLocker Network Unlock. - The Network Monitor capture on the server that hosts the WDS role, filtered by client IP address. @@ -161,7 +161,7 @@ The sample patterns describe the behavior in the following example .xml file.
    Expand to show Example 3 XML file: -``` xml +```xml File Migration Test @@ -203,7 +203,7 @@ The behavior for this custom .xml file is described within the `` t
    Expand to show Example 4 XML file: -``` xml +```xml diff --git a/windows/deployment/usmt/usmt-estimate-migration-store-size.md b/windows/deployment/usmt/usmt-estimate-migration-store-size.md index 45c30d631c..2e1ddfc773 100644 --- a/windows/deployment/usmt/usmt-estimate-migration-store-size.md +++ b/windows/deployment/usmt/usmt-estimate-migration-store-size.md @@ -47,7 +47,7 @@ To run the ScanState tool on the source computer with USMT installed: 2. Navigate to the USMT tools. For example, enter: - ``` syntax + ```cmd cd /d "C:\Program Files (x86)\Windows Kits\8.0\Assessment and Deployment Kit\User State Migration Tool\" ``` @@ -55,13 +55,13 @@ To run the ScanState tool on the source computer with USMT installed: 3. Run the **ScanState** tool to generate an XML report of the space requirements. At the command prompt, enter: - ``` syntax + ```cmd ScanState.exe /p: ``` Where *<StorePath>* is a path to a directory where the migration store will be saved and *<path to a file>* is the path and filename where the XML report for space requirements will be saved. For example: - ``` syntax + ```cmd ScanState.exe c:\store /p:c:\spaceRequirements.xml ``` diff --git a/windows/deployment/usmt/usmt-exclude-files-and-settings.md b/windows/deployment/usmt/usmt-exclude-files-and-settings.md index 3821597500..0956d47d63 100644 --- a/windows/deployment/usmt/usmt-exclude-files-and-settings.md +++ b/windows/deployment/usmt/usmt-exclude-files-and-settings.md @@ -50,7 +50,7 @@ The migration .xml files, `MigApp.xml`, `MigDocs.xml`, and `MigUser.xml`, contai The following .xml file migrates all files located on the C: drive, except any .mp3 files. -``` xml +```xml @@ -77,7 +77,7 @@ The following .xml file migrates all files located on the C: drive, except any . The following .xml file migrates all files and subfolders in `C:\Data`, except the files and subfolders in `C:\Data\tmp`. -``` xml +```xml Test component @@ -103,7 +103,7 @@ The following .xml file migrates all files and subfolders in `C:\Data`, except t The following .xml file migrates any subfolders in `C:\`EngineeringDrafts`, but excludes all files that are in `C:\EngineeringDrafts`. -``` xml +```xml Component to migrate all Engineering Drafts Documents without subfolders @@ -129,7 +129,7 @@ The following .xml file migrates any subfolders in `C:\`EngineeringDrafts`, but The following .xml file migrates all files and subfolders in `C:\EngineeringDrafts`, except for the `Sample.doc` file in `C:\EngineeringDrafts`. -``` xml +```xml Component to migrate all Engineering Drafts Documents except Sample.doc @@ -155,13 +155,13 @@ The following .xml file migrates all files and subfolders in `C:\EngineeringDraf To exclude a Sample.doc file from any location on the C: drive, use the **<pattern>** element. If multiple files exist with the same name on the C: drive, all of these files will be excluded. -``` xml +```xml C:\* [Sample.doc] ``` To exclude a Sample.doc file from any drive on the computer, use the **<script>** element. If multiple files exist with the same name, all of these files will be excluded. -``` xml +```xml ``` @@ -173,7 +173,7 @@ Here are some examples of how to use XML to exclude files, folders, and registry The following .xml file excludes all `.mp3` files from the migration: -``` xml +```xml Test @@ -194,7 +194,7 @@ The following .xml file excludes all `.mp3` files from the migration: The following .xml file excludes only the files located on the C: drive. -``` xml +```xml Test @@ -215,7 +215,7 @@ The following .xml file excludes only the files located on the C: drive. The following .xml file unconditionally excludes the `HKEY_CURRENT_USER` registry key and all of its subkeys. -``` xml +```xml @@ -242,7 +242,7 @@ The following .xml file unconditionally excludes the `HKEY_CURRENT_USER` registr The following .xml file unconditionally excludes the system folders of `C:\Windows` and `C:\Program Files`. Note that all `*.docx`, `*.xls` and `*.ppt` files won't be migrated because the **<unconditionalExclude>** element takes precedence over the **<include>** element. -``` xml +```xml diff --git a/windows/deployment/usmt/usmt-extract-files-from-a-compressed-migration-store.md b/windows/deployment/usmt/usmt-extract-files-from-a-compressed-migration-store.md index 20b48b006b..f1a46e9c78 100644 --- a/windows/deployment/usmt/usmt-extract-files-from-a-compressed-migration-store.md +++ b/windows/deployment/usmt/usmt-extract-files-from-a-compressed-migration-store.md @@ -29,7 +29,7 @@ In addition, you can specify the file patterns that you want to extract by using To extract files from the compressed migration store onto the destination computer, use the following UsmtUtils syntax: -``` syntax +```cmd UsmtUtils.exe /extract [/i:] [/e:] [/l:] [/decrypt[:] {/key: | /keyfile:}] [/o] ``` @@ -57,7 +57,7 @@ Where the placeholders have the following values: To extract everything from a compressed migration store to a file on the `C:\` drive, enter: -``` syntax +```cmd UsmtUtils.exe /extract D:\MyMigrationStore\USMT\store.mig C:\ExtractedStore ``` @@ -65,7 +65,7 @@ UsmtUtils.exe /extract D:\MyMigrationStore\USMT\store.mig C:\ExtractedStore To extract specific files, such as `.txt` and `.pdf` files, from an encrypted compressed migration store, enter: -``` syntax +```cmd UsmtUtils.exe /extract D:\MyMigrationStore\USMT\store.mig /i:"*.txt,*.pdf" C:\ExtractedStore /decrypt /keyfile:D:\encryptionKey.txt ``` @@ -75,7 +75,7 @@ In this example, the file is encrypted and the encryption key is located in a te To extract all files except for one file type, such as `.exe` files, from an encrypted compressed migration store, enter: -``` syntax +```cmd UsmtUtils.exe /extract D:\MyMigrationStore\USMT\store.mig /e:*.exe C:\ExtractedStore /decrypt:AES_128 /key:password /l:C:\usmtutilslog.txt ``` @@ -83,7 +83,7 @@ UsmtUtils.exe /extract D:\MyMigrationStore\USMT\store.mig /e:*.exe C:\ExtractedS To extract files from a compressed migration store, and to exclude files of one type (such as .exe files) while including only specific files, use both the include pattern and the exclude pattern, as in this example: -``` syntax +```cmd UsmtUtils.exe /extract D:\MyMigrationStore\USMT\store.mig /i:myProject.* /e:*.exe C:\ExtractedStore /o ``` diff --git a/windows/deployment/usmt/usmt-general-conventions.md b/windows/deployment/usmt/usmt-general-conventions.md index ffa159f0c3..98148b856d 100644 --- a/windows/deployment/usmt/usmt-general-conventions.md +++ b/windows/deployment/usmt/usmt-general-conventions.md @@ -55,13 +55,13 @@ You can use the XML helper functions in the [XML elements library](usmt-xml-elem As with parameters with a default value convention, if you have a NULL parameter at the end of a list, you can leave it out. For example, the following function: - ``` syntax + ```cmd SomeFunction("My String argument",NULL,NULL) ``` is equivalent to: - ``` syntax + ```cmd SomeFunction("My String argument") ``` diff --git a/windows/deployment/usmt/usmt-hard-link-migration-store.md b/windows/deployment/usmt/usmt-hard-link-migration-store.md index 2c3791c771..b4790b2a5a 100644 --- a/windows/deployment/usmt/usmt-hard-link-migration-store.md +++ b/windows/deployment/usmt/usmt-hard-link-migration-store.md @@ -92,7 +92,7 @@ It isn't necessary to estimate the size of a hard-link migration store since har Separate hard-link migration stores are created on each NTFS volume that contain data being migrated. In this scenario, the primary migration-store location will be specified on the command line, and should be the operating-system volume. Migration stores with identical names and directory names will be created on every volume containing data being migrated. For example: - ``` syntax + ```cmd ScanState.exe /hardlink c:\USMTMIG […] ``` @@ -144,7 +144,7 @@ A new section in the `Config.xml` file allows optional configuration of some of The following XML sample specifies that files locked by an application under the `\Users` directory can remain in place during the migration. It also specifies that locked files that aren't located in the `\Users` directory should result in the **File in Use** error. It's important to exercise caution when specifying the paths using the ``** tag in order to minimize scenarios that make the hard-link migration store more difficult to delete. -``` xml +```xml diff --git a/windows/deployment/usmt/usmt-include-files-and-settings.md b/windows/deployment/usmt/usmt-include-files-and-settings.md index 52126c877e..7249c768be 100644 --- a/windows/deployment/usmt/usmt-include-files-and-settings.md +++ b/windows/deployment/usmt/usmt-include-files-and-settings.md @@ -19,7 +19,7 @@ When you specify the migration .xml files, User State Migration Tool (USMT) 10.0 The following .xml file migrates a single registry key. -``` xml +```xml Component to migrate only registry value string @@ -44,7 +44,7 @@ The following examples show how to migrate a folder from a specific drive, and f - **Including subfolders.** The following .xml file migrates all files and subfolders from `C:\EngineeringDrafts` to the destination computer. - ``` xml + ```xml Component to migrate all Engineering Drafts Documents including subfolders @@ -63,7 +63,7 @@ The following examples show how to migrate a folder from a specific drive, and f - **Excluding subfolders.** The following .xml file migrates all files from `C:\EngineeringDrafts`, but it doesn't migrate any subfolders within `C:\EngineeringDrafts`. - ``` xml + ```xml Component to migrate all Engineering Drafts Documents without subfolders @@ -84,7 +84,7 @@ The following examples show how to migrate a folder from a specific drive, and f The following .xml file migrates all files and subfolders of the `EngineeringDrafts` folder from any drive on the computer. If multiple folders exist with the same name, then all files with this name are migrated. -``` xml +```xml Component to migrate all Engineering Drafts Documents folder on any drive on the computer @@ -104,7 +104,7 @@ The following .xml file migrates all files and subfolders of the `EngineeringDra The following .xml file migrates all files and subfolders of the `EngineeringDrafts` folder from any location on the `C:\` drive. If multiple folders exist with the same name, they're all migrated. -``` xml +```xml Component to migrate all Engineering Drafts Documents EngineeringDrafts folder from where ever it exists on the C: drive @@ -126,7 +126,7 @@ The following .xml file migrates all files and subfolders of the `EngineeringDra The following .xml file migrates `.mp3` files located in the specified drives on the source computer into the `C:\Music` folder on the destination computer. -``` xml +```xml All .mp3 files to My Documents @@ -155,7 +155,7 @@ The following examples show how to migrate a file from a specific folder, and ho - **To migrate a file from a folder.** The following .xml file migrates only the `Sample.doc` file from `C:\EngineeringDrafts` on the source computer to the destination computer. - ``` xml + ```xml Component to migrate all Engineering Drafts Documents @@ -174,13 +174,13 @@ The following examples show how to migrate a file from a specific folder, and ho - **To migrate a file from any location.** To migrate the `Sample.doc` file from any location on the `C:\` drive, use the **<pattern>** element, as the following example shows. If multiple files exist with the same name on the `C:\` drive, all of files with this name are migrated. - ``` xml + ```xml C:\* [Sample.doc] ``` To migrate the Sample.doc file from any drive on the computer, use <script> as the following example shows. If multiple files exist with the same name, all files with this name are migrated. - ``` xml + ```xml ``` diff --git a/windows/deployment/usmt/usmt-log-files.md b/windows/deployment/usmt/usmt-log-files.md index e15edd680e..06ccc91749 100644 --- a/windows/deployment/usmt/usmt-log-files.md +++ b/windows/deployment/usmt/usmt-log-files.md @@ -104,7 +104,7 @@ The following examples describe common scenarios in which you can use the diagno Let's imagine that we have the following directory structure and that we want the **data** directory to be included in the migration along with the **New Text Document.txt** file in the **New Folder**. The directory of `C:\data` contains: -``` console +```console 01/21/2009 10:08 PM . 01/21/2009 10:08 PM .. 01/21/2009 10:08 PM New Folder @@ -115,7 +115,7 @@ Let's imagine that we have the following directory structure and that we want th The directory of `C:\data\New Folder` contains: -``` console +```console 01/21/2009 10:08 PM . 01/21/2009 10:08 PM .. 01/21/2009 10:08 PM 0 New Text Document.txt @@ -198,7 +198,7 @@ This diagnostic log confirms that the modified **<pattern>** value enables In this scenario, you have the following directory structure and you want all files in the **Data** directory to migrate, except for text files. The `C:\Data` folder contains: -``` console +```console Directory of C:\Data 01/21/2009 10:08 PM . @@ -211,7 +211,7 @@ Directory of C:\Data The `C:\Data\New Folder\` contains: -``` console +```console 01/21/2009 10:08 PM . 01/21/2009 10:08 PM .. 01/21/2009 10:08 PM 0 New Text Document.txt diff --git a/windows/deployment/usmt/usmt-migrate-efs-files-and-certificates.md b/windows/deployment/usmt/usmt-migrate-efs-files-and-certificates.md index f7f5a3ff7f..7b8526be55 100644 --- a/windows/deployment/usmt/usmt-migrate-efs-files-and-certificates.md +++ b/windows/deployment/usmt/usmt-migrate-efs-files-and-certificates.md @@ -34,7 +34,7 @@ Before using the **ScanState** tool for a migration that includes encrypted file You can run the [Cipher.exe](/windows-server/administration/windows-commands/cipher) tool at a Windows command prompt to review and change encryption settings on files and folders. For example, to remove encryption from a folder, at a command prompt enter: -``` syntax +```cmd cipher.exe /D /S: ``` diff --git a/windows/deployment/usmt/usmt-migrate-user-accounts.md b/windows/deployment/usmt/usmt-migrate-user-accounts.md index 8c124420e9..b0b1ba2611 100644 --- a/windows/deployment/usmt/usmt-migrate-user-accounts.md +++ b/windows/deployment/usmt/usmt-migrate-user-accounts.md @@ -23,7 +23,7 @@ Links to detailed explanations of commands are available in the [Related article 2. Enter the following `ScanState.exe` command line in a command prompt window: - ``` syntax + ```cmd ScanState.exe \\server\share\migration\mystore /i:MigDocs.xml /i:MigApp.xml /o ```` @@ -33,13 +33,13 @@ Links to detailed explanations of commands are available in the [Related article - If you're migrating domain accounts, enter: - ``` syntax + ```cmd LoadState.exe \\server\share\migration\mystore /i:MigDocs.xml /i:MigApp.xml ``` - If you're migrating local accounts along with domain accounts, enter: - ``` syntax + ```cmd LoadState.exe \\server\share\migration\mystore /i:MigDocs.xml /i:MigApp.xml /lac /lae ``` @@ -54,7 +54,7 @@ Links to detailed explanations of commands are available in the [Related article 2. Enter the following `ScanState.exe` command line in a command prompt window: - ``` syntax + ```cmd ScanState.exe \\server\share\migration\mystore /ue:*\* /ui:contoso\user1 /ui:fabrikam\user2 /i:MigDocs.xml /i:MigApp.xml /o ``` @@ -62,7 +62,7 @@ Links to detailed explanations of commands are available in the [Related article 4. Enter the following `LoadState.exe ` command line in a command prompt window: - ``` syntax + ```cmd LoadState.exe \\server\share\migration\mystore /i:MigDocs.xml /i:MigApp.xml ``` @@ -74,7 +74,7 @@ Links to detailed explanations of commands are available in the [Related article 2. Enter the following `ScanState.exe` command line in a command prompt window: - ``` syntax + ```cmd ScanState.exe \\server\share\migration\mystore /ue:*\* /ui:contoso\user1 /ui:contoso\user2 /i:MigDocs.xml /i:MigApp.xml /o ``` @@ -82,7 +82,7 @@ Links to detailed explanations of commands are available in the [Related article 4. Enter the following `LoadState.exe ` command line in a command prompt window: - ``` syntax + ```cmd LoadState.exe \\server\share\migration\mystore /mu:contoso\user1:fabrikam\user2 /i:MigDocs.xml /i:MigApp.xml ``` diff --git a/windows/deployment/usmt/usmt-reroute-files-and-settings.md b/windows/deployment/usmt/usmt-reroute-files-and-settings.md index ba1aa306c6..026a457ea7 100644 --- a/windows/deployment/usmt/usmt-reroute-files-and-settings.md +++ b/windows/deployment/usmt/usmt-reroute-files-and-settings.md @@ -19,7 +19,7 @@ To reroute files and settings, create a custom .xml file and specify the .xml fi The following custom .xml file migrates the directories and files from `C:\EngineeringDrafts` into the **My Documents** folder of every user. **%CSIDL_PERSONAL%** is the virtual folder representing the **My Documents** desktop item, which is equivalent to **CSIDL_MYDOCUMENTS**. -``` xml +```xml Engineering Drafts Documents to Personal Folder @@ -47,7 +47,7 @@ The following custom .xml file migrates the directories and files from `C:\Engin The following custom .xml file reroutes .mp3 files located in the fixed drives on the source computer into the `C:\Music` folder on the destination computer. -``` xml +```xml All .mp3 files to My Documents @@ -74,7 +74,7 @@ The following custom .xml file reroutes .mp3 files located in the fixed drives o The following custom .xml file migrates the `Sample.doc` file from `C:\EngineeringDrafts` into the **My Documents** folder of every user. **%CSIDL_PERSONAL%** is the virtual folder representing the **My Documents** desktop item, which is equivalent to **CSIDL_MYDOCUMENTS**. -``` xml +```xml Sample.doc into My Documents diff --git a/windows/deployment/usmt/usmt-scanstate-syntax.md b/windows/deployment/usmt/usmt-scanstate-syntax.md index a05ce994e0..e8fd16c69f 100644 --- a/windows/deployment/usmt/usmt-scanstate-syntax.md +++ b/windows/deployment/usmt/usmt-scanstate-syntax.md @@ -43,7 +43,7 @@ The `ScanState.exe` command's syntax is: For example, to create a `Config.xml` file in the current directory, use: -``` syntax +```cmd ScanState.exe /i:MigApp.xml /i:MigDocs.xml /genconfig:Config.xml /v:13 ``` diff --git a/windows/deployment/usmt/verify-the-condition-of-a-compressed-migration-store.md b/windows/deployment/usmt/verify-the-condition-of-a-compressed-migration-store.md index 5bb2cf2322..2f004c83ff 100644 --- a/windows/deployment/usmt/verify-the-condition-of-a-compressed-migration-store.md +++ b/windows/deployment/usmt/verify-the-condition-of-a-compressed-migration-store.md @@ -59,7 +59,7 @@ Where the placeholders have the following values: To verify whether the migration store is intact or whether it contains corrupted files or a corrupted catalog, enter: -``` syntax +```cmd UsmtUtils.exe /verify D:\MyMigrationStore\store.mig ``` @@ -69,7 +69,7 @@ Because no report type is specified, **UsmtUtils** displays the default summary To verify whether the catalog file is corrupted or intact, enter: -``` syntax +```cmd UsmtUtils.exe /verify:catalog D:\MyMigrationStore\store.mig ``` @@ -77,7 +77,7 @@ UsmtUtils.exe /verify:catalog D:\MyMigrationStore\store.mig To verify whether there are any corrupted files in the compressed migration store, and to specify the name and location of the log file, enter: -``` syntax +```cmd UsmtUtils.exe /verify:all D:\MyMigrationStore\store.mig /decrypt /l:D:\UsmtUtilsLog.txt` ``` @@ -87,7 +87,7 @@ In addition to verifying the status of all files, this example decrypts the file In this example, the log file will only list the files that became corrupted during the **ScanState** process. This list will include the catalog file if it's also corrupted. -``` syntax +```cmd UsmtUtils.exe /verify:failureonly D:\MyMigrationStore\USMT\store.mig /decrypt:AES_192 /keyfile:D:\encryptionKey.txt ``` diff --git a/windows/deployment/usmt/xml-file-requirements.md b/windows/deployment/usmt/xml-file-requirements.md index e717e950c9..156809cb6d 100644 --- a/windows/deployment/usmt/xml-file-requirements.md +++ b/windows/deployment/usmt/xml-file-requirements.md @@ -17,20 +17,20 @@ When creating custom .xml files, note the following requirements: - **The file must be in Unicode Transformation Format-8 (UTF-8).** Save the file in this format, and you must specify the following syntax at the beginning of each .xml file: - ``` xml + ```xml ``` - **The file must have a unique migration URL ID**. The URL ID of each file that you specify on the command line must be different. If two migration .xml files have the same URL ID, the second .xml file that is specified on the command line won't be processed. The second file won't be processed because USMT uses the URL ID to define the components within the file. For example, you must specify the following syntax at the beginning of each file: - ``` xml + ```xml ``` - **Each component in the file must have a display name in order for it to appear in the Config.xml file.** This condition is because the `Config.xml` file defines the components by the display name and the migration URL ID. For example, specify the following syntax: - ``` xml + ```xml My Application ``` From c95c61f592e0763877ad0b25edd1669332704de5 Mon Sep 17 00:00:00 2001 From: Tarun Maganur <104856032+Tarun-Edu@users.noreply.github.com> Date: Thu, 17 Nov 2022 15:12:59 -0800 Subject: [PATCH 122/129] Update windows-11-se-overview.md Merge conflict on the below app, not released. | Absolute Software Endpoint Agent | 7.21-15655 | Win32 | Absolute Software Corporation| --- education/windows/windows-11-se-overview.md | 1 - 1 file changed, 1 deletion(-) diff --git a/education/windows/windows-11-se-overview.md b/education/windows/windows-11-se-overview.md index 96a201ab55..f7ea182a40 100644 --- a/education/windows/windows-11-se-overview.md +++ b/education/windows/windows-11-se-overview.md @@ -82,7 +82,6 @@ The following applications can also run on Windows 11 SE, and can be deployed us | Application | Supported version | App Type | Vendor | |-----------------------------------------|-------------------|----------|------------------------------| | 3d builder | 15.2.10821.1070 | Win32 | Microsoft | -| Absolute Software Endpoint Agent | 7.21-15655 | Win32 | Absolute Software Corporation| | AirSecure | 8.0.0 | Win32 | AIR | | Alertus Desktop | 5.4.44.0 | Win32 | Alertus technologies | | Brave Browser | 106.0.5249.65 | Win32 | Brave | From d15914e473f68e2a8a98261ed927a114b48ea7f8 Mon Sep 17 00:00:00 2001 From: Angela Fleischmann Date: Thu, 17 Nov 2022 16:18:01 -0700 Subject: [PATCH 123/129] Update kiosk-policies.md --- windows/configuration/kiosk-policies.md | 3 +++ 1 file changed, 3 insertions(+) diff --git a/windows/configuration/kiosk-policies.md b/windows/configuration/kiosk-policies.md index 32f8c08e76..3c18ff8347 100644 --- a/windows/configuration/kiosk-policies.md +++ b/windows/configuration/kiosk-policies.md @@ -9,6 +9,9 @@ ms.localizationpriority: medium ms.author: lizlong ms.topic: article ms.technology: itpro-configure +appliesto: +- Windows 10 Pro, Enterprise, and Education +- Windows 11 --- # Policies enforced on kiosk devices From 5c1a0a966f736559129063e67becad659dd73dc6 Mon Sep 17 00:00:00 2001 From: Angela Fleischmann Date: Thu, 17 Nov 2022 16:26:44 -0700 Subject: [PATCH 124/129] Revert "Update kiosk-policies.md" --- windows/configuration/kiosk-policies.md | 3 --- 1 file changed, 3 deletions(-) diff --git a/windows/configuration/kiosk-policies.md b/windows/configuration/kiosk-policies.md index 3c18ff8347..32f8c08e76 100644 --- a/windows/configuration/kiosk-policies.md +++ b/windows/configuration/kiosk-policies.md @@ -9,9 +9,6 @@ ms.localizationpriority: medium ms.author: lizlong ms.topic: article ms.technology: itpro-configure -appliesto: -- Windows 10 Pro, Enterprise, and Education -- Windows 11 --- # Policies enforced on kiosk devices From 802b23f9809d97387553178d2c2e7c5f724f1405 Mon Sep 17 00:00:00 2001 From: Frank Rojas <45807133+frankroj@users.noreply.github.com> Date: Thu, 17 Nov 2022 18:49:19 -0500 Subject: [PATCH 125/129] VAMT code blocks standardization --- ...g-active-directory-based-activation-client.md | 6 +++++- ...activate-using-key-management-service-vamt.md | 12 ++++++++++-- .../activate-windows-10-clients-vamt.md | 10 +++++++++- ...sent-to-microsoft-during-activation-client.md | 10 +++++++++- .../configure-client-computers-vamt.md | 2 +- .../monitor-activation-client.md | 10 +++++++++- .../plan-for-volume-activation-client.md | 10 +++++++++- ...e-volume-activation-management-tool-client.md | 10 +++++++++- .../use-vamt-in-windows-powershell.md | 16 ++++++++-------- .../volume-activation/vamt-known-issues.md | 4 ++-- .../volume-activation-windows-10.md | 10 +++++++++- 11 files changed, 80 insertions(+), 20 deletions(-) diff --git a/windows/deployment/volume-activation/activate-using-active-directory-based-activation-client.md b/windows/deployment/volume-activation/activate-using-active-directory-based-activation-client.md index c19e08bdbc..3892da1105 100644 --- a/windows/deployment/volume-activation/activate-using-active-directory-based-activation-client.md +++ b/windows/deployment/volume-activation/activate-using-active-directory-based-activation-client.md @@ -14,7 +14,11 @@ ms.collection: highpri # Activate using Active Directory-based activation -(*Applies to: Windows, Windows Server, Office*) +*Applies to:* + +- Windows +- Windows Server +- Office > [!TIP] > Are you looking for information on retail activation? diff --git a/windows/deployment/volume-activation/activate-using-key-management-service-vamt.md b/windows/deployment/volume-activation/activate-using-key-management-service-vamt.md index 0d3d2d93aa..2475495915 100644 --- a/windows/deployment/volume-activation/activate-using-key-management-service-vamt.md +++ b/windows/deployment/volume-activation/activate-using-key-management-service-vamt.md @@ -14,7 +14,15 @@ ms.technology: itpro-fundamentals # Activate using Key Management Service -(*Applies to: Windows 10, Windows 8.1, Windows 8, Windows 7, Windows Server 2012 R2, Windows Server 2012, Windows Server 2008 R2*) +*Applies to:* + +- Windows 10 +- Windows 8.1 +- Windows 8 +- Windows 7 +- Windows Server 2012 R2 +- Windows Server 2012 +- Windows Server 2008 R2 > [!TIP] > Are you looking for information on retail activation? @@ -61,7 +69,7 @@ Installing a KMS host key on a computer running Windows Server allows you to act This scenario is commonly used in larger organizations that do not find the overhead of using a server a burden. > [!NOTE] -> If you receive error 0xC004F015 when trying to activate Windows 10 Enterprise, see [KB 3086418](/troubleshoot/windows-server/deployment/error-0xc004f015-activate-windows-10). +> If you receive error 0xC004F015 when trying to activate Windows 10 Enterprise, see [Error 0xC004F015 when you activate Windows 10 Enterprise on a Windows Server 2012 R2 KMS host](/troubleshoot/windows-server/deployment/error-0xc004f015-activate-windows-10). ### Configure KMS in Windows Server 2012 R2 diff --git a/windows/deployment/volume-activation/activate-windows-10-clients-vamt.md b/windows/deployment/volume-activation/activate-windows-10-clients-vamt.md index 3becdf4dae..9be66de526 100644 --- a/windows/deployment/volume-activation/activate-windows-10-clients-vamt.md +++ b/windows/deployment/volume-activation/activate-windows-10-clients-vamt.md @@ -14,7 +14,15 @@ ms.technology: itpro-fundamentals # Activate clients running Windows 10 -(*Applies to: Windows 10, Windows 8.1, Windows 8, Windows 7, Windows Server 2012 R2, Windows Server 2012, Windows Server 2008 R2*) +*Applies to:* + +- Windows 10 +- Windows 8.1 +- Windows 8 +- Windows 7 +- Windows Server 2012 R2 +- Windows Server 2012 +- Windows Server 2008 R2 > [!TIP] > Are you looking for information on retail activation? diff --git a/windows/deployment/volume-activation/appendix-information-sent-to-microsoft-during-activation-client.md b/windows/deployment/volume-activation/appendix-information-sent-to-microsoft-during-activation-client.md index 07a8a62eaf..bb61a1db81 100644 --- a/windows/deployment/volume-activation/appendix-information-sent-to-microsoft-during-activation-client.md +++ b/windows/deployment/volume-activation/appendix-information-sent-to-microsoft-during-activation-client.md @@ -14,7 +14,15 @@ ms.topic: article # Appendix: Information sent to Microsoft during activation -(*Applies to: Windows 10, Windows 8.1, Windows 8, Windows 7, Windows Server 2012 R2, Windows Server 2012, Windows Server 2008 R2*) +*Applies to:* + +- Windows 10 +- Windows 8.1 +- Windows 8 +- Windows 7 +- Windows Server 2012 R2 +- Windows Server 2012 +- Windows Server 2008 R2 **Looking for retail activation?** diff --git a/windows/deployment/volume-activation/configure-client-computers-vamt.md b/windows/deployment/volume-activation/configure-client-computers-vamt.md index 392c89d4bf..382a9b53d3 100644 --- a/windows/deployment/volume-activation/configure-client-computers-vamt.md +++ b/windows/deployment/volume-activation/configure-client-computers-vamt.md @@ -99,7 +99,7 @@ There are several options for organizations to configure the WMI firewall except - **Image.** Add the configurations to the master Windows image deployed to all clients. -- **Group Policy.** If the clients are part of a domain, then all clients can be configured using Group Policy. The Group Policy setting for the WMI firewall exception is found in GPMC.MSC at: **Computer Configuration\\Windows Settings\\Security Settings\\Windows Firewall with Advanced Security\\Windows Firewall with Advanced Security\\Inbound Rules**. +- **Group Policy.** If the clients are part of a domain, then all clients can be configured using Group Policy. The Group Policy setting for the WMI firewall exception is found in GPMC.MSC at: **Computer Configuration** > **Windows Settings** > **Security Settings** > **Windows Firewall with Advanced Security** > **Windows Firewall with Advanced Security** > **Inbound Rules**. - **Script.** Execute a script using Microsoft Configuration Manager or a third-party remote script execution facility. diff --git a/windows/deployment/volume-activation/monitor-activation-client.md b/windows/deployment/volume-activation/monitor-activation-client.md index 0f48de80b8..d811b9bb87 100644 --- a/windows/deployment/volume-activation/monitor-activation-client.md +++ b/windows/deployment/volume-activation/monitor-activation-client.md @@ -14,7 +14,15 @@ ms.date: 11/07/2022 # Monitor activation -(*Applies to: Windows 10, Windows 8.1, Windows 8, Windows 7, Windows Server 2012 R2, Windows Server 2012, Windows Server 2008 R2*) +*Applies to:* + +- Windows 10 +- Windows 8.1 +- Windows 8 +- Windows 7 +- Windows Server 2012 R2 +- Windows Server 2012 +- Windows Server 2008 R2 > [!TIP] > Are you looking for information on retail activation? diff --git a/windows/deployment/volume-activation/plan-for-volume-activation-client.md b/windows/deployment/volume-activation/plan-for-volume-activation-client.md index e9969efbf8..43a1c717d5 100644 --- a/windows/deployment/volume-activation/plan-for-volume-activation-client.md +++ b/windows/deployment/volume-activation/plan-for-volume-activation-client.md @@ -14,7 +14,15 @@ ms.date: 11/07/2022 # Plan for volume activation -(*Applies to: Windows 10, Windows 8.1, Windows 8, Windows 7, Windows Server 2012 R2, Windows Server 2012, Windows Server 2008 R2*) +*Applies to:* + +- Windows 10 +- Windows 8.1 +- Windows 8 +- Windows 7 +- Windows Server 2012 R2 +- Windows Server 2012 +- Windows Server 2008 R2 > [!TIP] > Are you looking for information on retail activation? diff --git a/windows/deployment/volume-activation/use-the-volume-activation-management-tool-client.md b/windows/deployment/volume-activation/use-the-volume-activation-management-tool-client.md index e742b9f498..b733a5046e 100644 --- a/windows/deployment/volume-activation/use-the-volume-activation-management-tool-client.md +++ b/windows/deployment/volume-activation/use-the-volume-activation-management-tool-client.md @@ -14,7 +14,15 @@ ms.technology: itpro-fundamentals # Use the Volume Activation Management Tool -(*Applies to: Windows 10, Windows 8.1, Windows 8, Windows 7, Windows Server 2012 R2, Windows Server 2012, Windows Server 2008 R2*) +*Applies to:* + +- Windows 10 +- Windows 8.1 +- Windows 8 +- Windows 7 +- Windows Server 2012 R2 +- Windows Server 2012 +- Windows Server 2008 R2 > [!TIP] > Are you looking for information on retail activation? diff --git a/windows/deployment/volume-activation/use-vamt-in-windows-powershell.md b/windows/deployment/volume-activation/use-vamt-in-windows-powershell.md index 35886bbb64..71e97c1a03 100644 --- a/windows/deployment/volume-activation/use-vamt-in-windows-powershell.md +++ b/windows/deployment/volume-activation/use-vamt-in-windows-powershell.md @@ -43,7 +43,7 @@ To open PowerShell with administrative credentials, select **Start** and enter ` For all supported operating systems, you can use the VAMT PowerShell module included with the Windows ADK. By default, the module is installed with the Windows ADK in the VAMT folder. Change directories to the directory where VAMT is located. For example, if the Windows ADK is installed in the default location of `C:\Program Files(x86)\Windows Kits\10`, enter: - ``` powershell + ```powershell cd "C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\VAMT 3.0" ``` @@ -51,7 +51,7 @@ For all supported operating systems, you can use the VAMT PowerShell module incl To import the VAMT PowerShell module, enter the following command at a PowerShell command prompt: - ``` powershell + ```powershell Import-Module .\VAMT.psd1 ``` @@ -61,13 +61,13 @@ To import the VAMT PowerShell module, enter the following command at a PowerShel You can view all of the help sections for a VAMT PowerShell cmdlet, or you can view only the section that you're interested in. To view all of the Help content for a VAMT cmdlet, enter: -``` powershell +```powershell get-help -all ``` For example, enter: -``` powershell +```powershell get-help get-VamtProduct -all ``` @@ -78,24 +78,24 @@ get-help get-VamtProduct -all 1. To get the syntax to use with a cmdlet, enter the following command at a PowerShell command prompt: - ``` powershell + ```powershell get-help ``` For example, enter: - ``` powershell + ```powershell get-help get-VamtProduct ``` 2. To see examples using a cmdlet, enter: - ``` powershell + ```powershell get-help -examples ``` For example, enter: - ``` powershell + ```powershell get-help get-VamtProduct -examples ``` diff --git a/windows/deployment/volume-activation/vamt-known-issues.md b/windows/deployment/volume-activation/vamt-known-issues.md index 948e4f2def..0507f060c7 100644 --- a/windows/deployment/volume-activation/vamt-known-issues.md +++ b/windows/deployment/volume-activation/vamt-known-issues.md @@ -46,13 +46,13 @@ On the KMS host computer, perform the following steps: 3. To extract the contents of the update, run the following command: - ``` syntax + ```cmd expand c:\KB3058168\Windows8.1-KB3058168-x64.msu -f:* C:\KB3058168\ ``` 4. To extract the contents of Windows8.1-KB3058168-x64.cab, run the following command: - ``` syntax + ```cmd expand c:\KB3058168\Windows8.1-KB3058168-x64.cab -f:pkeyconfig-csvlk.xrm-ms c:\KB3058168 ``` diff --git a/windows/deployment/volume-activation/volume-activation-windows-10.md b/windows/deployment/volume-activation/volume-activation-windows-10.md index a56f8ed301..3cc524e10f 100644 --- a/windows/deployment/volume-activation/volume-activation-windows-10.md +++ b/windows/deployment/volume-activation/volume-activation-windows-10.md @@ -14,7 +14,15 @@ ms.technology: itpro-fundamentals # Volume Activation for Windows 10 -(*Applies to: Windows 10, Windows 8.1, Windows 8, Windows 7, Windows Server 2012 R2, Windows Server 2012, Windows Server 2008 R2*) +*Applies to:* + +- Windows 10 +- Windows 8.1 +- Windows 8 +- Windows 7 +- Windows Server 2012 R2 +- Windows Server 2012 +- Windows Server 2008 R2 > [!TIP] > Are you looking for volume licensing information? From 785fd057c6558a97cc9260557dd0724e28e1dced Mon Sep 17 00:00:00 2001 From: Rick Munck <33725928+jmunck@users.noreply.github.com> Date: Fri, 18 Nov 2022 07:35:53 -0600 Subject: [PATCH 126/129] Update get-support-for-security-baselines.md Updated to new version of Edge --- .../get-support-for-security-baselines.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/security/threat-protection/windows-security-configuration-framework/get-support-for-security-baselines.md b/windows/security/threat-protection/windows-security-configuration-framework/get-support-for-security-baselines.md index 1f712dc9f7..cb62adc90c 100644 --- a/windows/security/threat-protection/windows-security-configuration-framework/get-support-for-security-baselines.md +++ b/windows/security/threat-protection/windows-security-configuration-framework/get-support-for-security-baselines.md @@ -77,7 +77,7 @@ Windows 8.1 |[9600 (April Update)](/archive/blogs/secguide/security-baselines-fo | Name | Details | Security Tools | |---------------------------|---------------------------------------------------------------------------------------------------------------------------------------------------------------|-----------------------------------------------------------------------------| | Microsoft 365 Apps for enterprise, version 2206 | [SecGuide](https://techcommunity.microsoft.com/t5/microsoft-security-baselines/security-baseline-for-microsoft-365-apps-for-enterprise-v2206/ba-p/3502714) | [SCT 1.0](https://www.microsoft.com/download/details.aspx?id=55319) | -| Microsoft Edge, version 98 | [SecGuide](https://techcommunity.microsoft.com/t5/microsoft-security-baselines/security-baseline-for-microsoft-edge-v98/ba-p/3165443) | [SCT 1.0](https://www.microsoft.com/download/details.aspx?id=55319) | +| Microsoft Edge, version 107 | [SecGuide](https://techcommunity.microsoft.com/t5/microsoft-security-baselines/security-baseline-for-microsoft-edge-v98/ba-p/3165443) | [SCT 1.0](https://www.microsoft.com/download/details.aspx?id=55319) |
    From 69ee460acd903d61ad5a3320c5ac364676fd21ab Mon Sep 17 00:00:00 2001 From: Rick Munck <33725928+jmunck@users.noreply.github.com> Date: Fri, 18 Nov 2022 07:36:40 -0600 Subject: [PATCH 127/129] Update security-compliance-toolkit-10.md Updated Edge version --- .../security-compliance-toolkit-10.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/security/threat-protection/windows-security-configuration-framework/security-compliance-toolkit-10.md b/windows/security/threat-protection/windows-security-configuration-framework/security-compliance-toolkit-10.md index a3d0a27f9d..11b8b102dd 100644 --- a/windows/security/threat-protection/windows-security-configuration-framework/security-compliance-toolkit-10.md +++ b/windows/security/threat-protection/windows-security-configuration-framework/security-compliance-toolkit-10.md @@ -49,7 +49,7 @@ The Security Compliance Toolkit consists of: - Microsoft 365 Apps for Enterprise Version 2206 - Microsoft Edge security baseline - - Edge version 98 + - Edge version 107 - Tools - Policy Analyzer From 9a93c43793f2743df03ab45b4cb9e1398384f089 Mon Sep 17 00:00:00 2001 From: Paolo Matarazzo <74918781+paolomatarazzo@users.noreply.github.com> Date: Fri, 18 Nov 2022 13:21:38 -0500 Subject: [PATCH 128/129] docfx updates --- education/docfx.json | 5 ----- windows/security/docfx.json | 6 +++--- 2 files changed, 3 insertions(+), 8 deletions(-) diff --git a/education/docfx.json b/education/docfx.json index 484c0f38c5..70b106e401 100644 --- a/education/docfx.json +++ b/education/docfx.json @@ -62,11 +62,6 @@ "garycentric" ] }, - "fileMetadata": { - "ms.topic": { - "windows/tutorial-school-deployment/**/**.md": "tutorial" - } - }, "externalReference": [], "template": "op.html", "dest": "education", diff --git a/windows/security/docfx.json b/windows/security/docfx.json index e440797194..b923e0d70f 100644 --- a/windows/security/docfx.json +++ b/windows/security/docfx.json @@ -65,13 +65,13 @@ }, "fileMetadata": { "author":{ - "/identity-protection/hello-for-business/**/*.md": "paolomatarazzo" + "/identity-protection/hello-for-business/*.md": "paolomatarazzo" }, "ms.author":{ - "/identity-protection/hello-for-business/**/*.md": "paoloma" + "/identity-protection/hello-for-business/*.md": "paoloma" }, "ms.reviewer":{ - "/identity-protection/hello-for-business/**/*.md": "erikdau" + "/identity-protection/hello-for-business/*.md": "erikdau" } }, "template": [], From c0be28b60a773ed59064c648cfbc14d97dd6eea7 Mon Sep 17 00:00:00 2001 From: Frank Rojas <45807133+frankroj@users.noreply.github.com> Date: Fri, 18 Nov 2022 15:48:24 -0500 Subject: [PATCH 129/129] VAMT code blocks standardization FINAL --- .../activate-forest-by-proxy-vamt.md | 13 +++++++ ...ivate-using-key-management-service-vamt.md | 39 ++++++++++++------- 2 files changed, 37 insertions(+), 15 deletions(-) diff --git a/windows/deployment/volume-activation/activate-forest-by-proxy-vamt.md b/windows/deployment/volume-activation/activate-forest-by-proxy-vamt.md index cec3e17944..b5ccb893f4 100644 --- a/windows/deployment/volume-activation/activate-forest-by-proxy-vamt.md +++ b/windows/deployment/volume-activation/activate-forest-by-proxy-vamt.md @@ -33,18 +33,31 @@ Before performing proxy activation, ensure that the network and the VAMT install ### To perform an Active Directory forest proxy activation 1. Open VAMT. + 2. In the left-side pane, select the **Active Directory-Based Activation** node. + 3. In the right-side **Actions** pane, select **Proxy activate forest** to open the **Install Product Key** dialog box. + 4. In the **Install Product Key** dialog box, select the KMS Host key (CSVLK) that you want to activate. + 5. If you want to rename the ADBA object, enter a new Active Directory-Based Activation Object name. If you want to rename the ADBA object, you must do it now. After you select **Install Key**, the name can't be changed. + 6. Enter the name of the file where you want to save the offline installation ID, or browse to the file location and then select **Open**. If you're activating an AD forest in an isolated workgroup, save the `.cilx` file to a removable media device. + 7. Select **Install Key**. VAMT displays the **Activating Active Directory** dialog box until it completes the requested action. The activated object and the date that it was created appear in the **Active Directory-Based Activation** node in the center pane. + 8. Insert the removable media into the VAMT host that has Internet access. Make sure that you are on the root node, and that the **Volume Activation Management Tool** view is displayed in the center pane. + 9. In the right-side **Actions** pane, select **Acquire confirmation IDs for CILX** to open the **Acquire confirmation IDs for file** dialog box. + 10. In the **Acquire confirmation IDs for file** dialog box, browse to where the `.cilx` file you exported from the isolated workgroup host computer is located. Select the file, and then select **Open**. VAMT displays an **Acquiring Confirmation IDs** message while it contacts Microsoft and acquires the CIDs. + 11. When the CID collection process is complete, VAMT displays a **Volume Activation Management Tool** message that shows how many confirmation IDs were successfully acquired, and the name of the file to which the IDs were saved. Select **OK** to close the message. + 12. Remove the storage device that contains the `.cilx` file from the Internet-connected VAMT host computer and insert it into the VAMT host computer in the isolated workgroup. + 13. Open VAMT and then select the **Active Directory-Based Activation** node in the left-side pane. + 14. In the right-side **Actions** pane, select **Apply confirmation ID to Active Directory domain**, browse to the `.cilx` file and then select **Open**. VAMT displays the **Activating Active Directory** dialog box until it completes the requested action. The activated object and the date that it was created appear in the **Active Directory-Based Activation** node in the center pane. diff --git a/windows/deployment/volume-activation/activate-using-key-management-service-vamt.md b/windows/deployment/volume-activation/activate-using-key-management-service-vamt.md index 2475495915..e136dd82b5 100644 --- a/windows/deployment/volume-activation/activate-using-key-management-service-vamt.md +++ b/windows/deployment/volume-activation/activate-using-key-management-service-vamt.md @@ -47,14 +47,20 @@ To enable KMS functionality, a KMS key is installed on a KMS host; then, the hos ### Configure KMS in Windows 10 -To activate, use the slmgr.vbs command. Open an elevated command prompt and run one of the following commands: +To activate, use the `slmgr.vbs` command. Open an elevated command prompt and run one of the following commands: + +- To install the KMS key, run the command `slmgr.vbs /ipk `. + +- To activate online, run the command `slmgr.vbs /ato`. -- To install the KMS key, type `slmgr.vbs /ipk `. -- To activate online, type `slmgr.vbs /ato`. - To activate by telephone, follow these steps: + 1. Run `slmgr.vbs /dti` and confirm the installation ID. + 2. Call [Microsoft Licensing Activation Centers worldwide telephone numbers](https://www.microsoft.com/licensing/existing-customer/activation-centers) and follow the voice prompts to enter the installation ID that you obtained in step 1 on your telephone. + 3. Follow the voice prompts and write down the responded 48-digit confirmation ID for OS activation. + 4. Run `slmgr.vbs /atp \`. For more information, see the information for Windows 7 in [Deploy KMS Activation](/previous-versions/windows/it-pro/windows-server-2012-R2-and-2012/dn502531(v=ws.11)). @@ -66,7 +72,7 @@ Installing a KMS host key on a computer running Windows Server allows you to act > [!NOTE] > You cannot install a client KMS key into the KMS in Windows Server. -This scenario is commonly used in larger organizations that do not find the overhead of using a server a burden. +This scenario is commonly used in larger organizations that don't find the overhead of using a server a burden. > [!NOTE] > If you receive error 0xC004F015 when trying to activate Windows 10 Enterprise, see [Error 0xC004F015 when you activate Windows 10 Enterprise on a Windows Server 2012 R2 KMS host](/troubleshoot/windows-server/deployment/error-0xc004f015-activate-windows-10). @@ -74,34 +80,35 @@ This scenario is commonly used in larger organizations that do not find the over ### Configure KMS in Windows Server 2012 R2 1. Sign in to a computer running Windows Server 2012 R2 with an account that has local administrative credentials. + 2. Launch Server Manager. + 3. Add the Volume Activation Services role, as shown in Figure 4. ![Adding the Volume Activation Services role in Server Manager.](../images/volumeactivationforwindows81-04.jpg) **Figure 4**. Adding the Volume Activation Services role in Server Manager -4. When the role installation is complete, click the link to launch the Volume Activation Tools (Figure 5). +4. When the role installation is complete, select the link to launch the Volume Activation Tools (Figure 5). ![Launching the Volume Activation Tools.](../images/volumeactivationforwindows81-05.jpg) **Figure 5**. Launching the Volume Activation Tools -5. Select the **Key Management Service (KMS)** option, and specify the computer that will act as the KMS host (Figure 6). - This can be the same computer on which you installed the role or another computer. For example, it can be a client computer running Windows 10. +5. Select the **Key Management Service (KMS)** option, and specify the computer that will act as the KMS host (Figure 6). This computer can be the same computer on which you installed the role or another computer. For example, it can be a client computer running Windows 10. ![Configuring the computer as a KMS host.](../images/volumeactivationforwindows81-06.jpg) **Figure 6**. Configuring the computer as a KMS host -6. Install your KMS host key by typing it in the text box, and then click **Commit** (Figure 7). +6. Install your KMS host key by typing it in the text box, and then select **Commit** (Figure 7). ![Installing your KMS host key.](../images/volumeactivationforwindows81-07.jpg) **Figure 7**. Installing your KMS host key -7. If asked to confirm replacement of an existing key, click **Yes**. -8. After the product key is installed, you must activate it. Click **Next** (Figure 8). +7. If asked to confirm replacement of an existing key, select **Yes**. +8. After the product key is installed, you must activate it. Select **Next** (Figure 8). ![Activating the software.](../images/volumeactivationforwindows81-08.jpg) @@ -117,7 +124,7 @@ Now that the KMS host is configured, it will begin to listen for activation requ ## Verifying the configuration of Key Management Service -You can verify KMS volume activation from the KMS host server or from the client computer. KMS volume activation requires a minimum threshold of 25 computers before activation requests will be processed. The verification process described here will increment the activation count each time a client computer contacts the KMS host, but unless the activation threshold is reached, the verification will take the form of an error message rather than a confirmation message. +KMS volume activation can be verified from the KMS host server or from the client computer. KMS volume activation requires a minimum threshold of 25 computers before activation requests will be processed. The verification process described here will increment the activation count each time a client computer contacts the KMS host, but unless the activation threshold is reached, the verification will take the form of an error message rather than a confirmation message. > [!NOTE] > If you configured Active Directory-based activation before configuring KMS activation, you must use a client computer that will not first try to activate itself by using Active Directory-based activation. You could use a workgroup computer that is not joined to a domain or a computer running Windows 7 or Windows Server 2008 R2. @@ -125,18 +132,20 @@ You can verify KMS volume activation from the KMS host server or from the client To verify that KMS volume activation works, complete the following steps: 1. On the KMS host, open the event log and confirm that DNS publishing is successful. -2. On a client computer, open a Command Prompt window, type `Slmgr.vbs /ato`, and then press ENTER. + +2. On a client computer, open a Command Prompt window and run the command `Slmgr.vbs /ato`. The `/ato` command causes the operating system to attempt activation by using whichever key has been installed in the operating system. The response should show the license state and detailed Windows version information. -3. On a client computer or the KMS host, open an elevated Command Prompt window, type `Slmgr.vbs /dlv`, and then press ENTER. - The `/dlv` command displays the detailed licensing information. The response should return an error that states that the KMS activation count is too low. This confirms that KMS is functioning correctly, even though the client has not been activated. +3. On a client computer or the KMS host, open an elevated Command Prompt window and run the command `Slmgr.vbs /dlv`. + + The `/dlv` command displays the detailed licensing information. The response should return an error that states that the KMS activation count is too low. This test confirms that KMS is functioning correctly, even though the client hasn't been activated. For more information about the use and syntax of slmgr.vbs, see [Slmgr.vbs Options](/windows-server/get-started/activation-slmgr-vbs-options). ## Key Management Service in earlier versions of Windows -If you have already established a KMS infrastructure in your organization for an earlier version of Windows, you may want to continue using that infrastructure to activate computers running Windows 10 or Windows Server 2012 R2. Your existing KMS host must be running Windows 7 or later. To upgrade your KMS host, complete the following steps: +If you've already established a KMS infrastructure in your organization for an earlier version of Windows, you may want to continue using that infrastructure to activate computers running Windows 10 or Windows Server 2012 R2. Your existing KMS host must be running Windows 7 or later. To upgrade your KMS host, complete the following steps: 1. Download and install the correct update for your current KMS host operating system. Restart the computer as directed. 2. Request a new KMS host key from the Volume Licensing Service Center.