From a704d4c512cc72c6b0bbbe302b3bd668ac77a07d Mon Sep 17 00:00:00 2001
From: erjosito <9462396+erjosito@users.noreply.github.com>
Date: Tue, 3 Sep 2024 12:32:06 +0000
Subject: [PATCH] [create-pull-request] automated change

---
 .../appservicewebapps_sg_checklist.en.json    |    2 +-
 .../appservicewebapps_sg_checklist.es.json    |   22 +-
 .../appservicewebapps_sg_checklist.ja.json    |   20 +-
 .../appservicewebapps_sg_checklist.ko.json    |   20 +-
 .../appservicewebapps_sg_checklist.pt.json    |   22 +-
 ...ppservicewebapps_sg_checklist.zh-Hant.json |   20 +-
 ...ureapplicationgateway_sg_checklist.en.json |    2 +-
 ...ureapplicationgateway_sg_checklist.es.json |   22 +-
 ...ureapplicationgateway_sg_checklist.ja.json |   20 +-
 ...ureapplicationgateway_sg_checklist.ko.json |   20 +-
 ...ureapplicationgateway_sg_checklist.pt.json |   22 +-
 ...plicationgateway_sg_checklist.zh-Hant.json |   20 +-
 .../azureblobstorage_sg_checklist.en.json     |    2 +-
 .../azureblobstorage_sg_checklist.es.json     |   22 +-
 .../azureblobstorage_sg_checklist.ja.json     |   20 +-
 .../azureblobstorage_sg_checklist.ko.json     |   20 +-
 .../azureblobstorage_sg_checklist.pt.json     |   22 +-
 ...azureblobstorage_sg_checklist.zh-Hant.json |   20 +-
 .../azureexpressroute_sg_checklist.en.json    |    2 +-
 .../azureexpressroute_sg_checklist.es.json    |   22 +-
 .../azureexpressroute_sg_checklist.ja.json    |   20 +-
 .../azureexpressroute_sg_checklist.ko.json    |   20 +-
 .../azureexpressroute_sg_checklist.pt.json    |   22 +-
 ...zureexpressroute_sg_checklist.zh-Hant.json |   20 +-
 .../azurefiles_sg_checklist.en.json           |    2 +-
 .../azurefiles_sg_checklist.es.json           |   22 +-
 .../azurefiles_sg_checklist.ja.json           |   20 +-
 .../azurefiles_sg_checklist.ko.json           |   20 +-
 .../azurefiles_sg_checklist.pt.json           |   22 +-
 .../azurefiles_sg_checklist.zh-Hant.json      |   20 +-
 .../azurefirewall_sg_checklist.en.json        |    2 +-
 .../azurefirewall_sg_checklist.es.json        |   22 +-
 .../azurefirewall_sg_checklist.ja.json        |   20 +-
 .../azurefirewall_sg_checklist.ko.json        |   20 +-
 .../azurefirewall_sg_checklist.pt.json        |   22 +-
 .../azurefirewall_sg_checklist.zh-Hant.json   |   20 +-
 .../azurefrontdoor_sg_checklist.en.json       |    2 +-
 .../azurefrontdoor_sg_checklist.es.json       |   22 +-
 .../azurefrontdoor_sg_checklist.ja.json       |   20 +-
 .../azurefrontdoor_sg_checklist.ko.json       |   20 +-
 .../azurefrontdoor_sg_checklist.pt.json       |   22 +-
 .../azurefrontdoor_sg_checklist.zh-Hant.json  |   20 +-
 ...zurekubernetesservice_sg_checklist.en.json |    2 +-
 ...zurekubernetesservice_sg_checklist.es.json |   22 +-
 ...zurekubernetesservice_sg_checklist.ja.json |   20 +-
 ...zurekubernetesservice_sg_checklist.ko.json |   20 +-
 ...zurekubernetesservice_sg_checklist.pt.json |   22 +-
 ...ubernetesservice_sg_checklist.zh-Hant.json |   20 +-
 .../azuremachinelearning_sg_checklist.en.json |    2 +-
 .../azuremachinelearning_sg_checklist.es.json |   22 +-
 .../azuremachinelearning_sg_checklist.ja.json |   20 +-
 .../azuremachinelearning_sg_checklist.ko.json |   20 +-
 .../azuremachinelearning_sg_checklist.pt.json |   22 +-
 ...emachinelearning_sg_checklist.zh-Hant.json |   20 +-
 .../azureopenai_sg_checklist.en.json          |    2 +-
 .../azureopenai_sg_checklist.es.json          |   22 +-
 .../azureopenai_sg_checklist.ja.json          |   20 +-
 .../azureopenai_sg_checklist.ko.json          |   20 +-
 .../azureopenai_sg_checklist.pt.json          |   22 +-
 .../azureopenai_sg_checklist.zh-Hant.json     |   20 +-
 checklists-ext/fullwaf_checklist.en.json      |    2 +-
 .../virtualmachines_sg_checklist.en.json      |    2 +-
 .../virtualmachines_sg_checklist.es.json      |   22 +-
 .../virtualmachines_sg_checklist.ja.json      |   20 +-
 .../virtualmachines_sg_checklist.ko.json      |   20 +-
 .../virtualmachines_sg_checklist.pt.json      |   22 +-
 .../virtualmachines_sg_checklist.zh-Hant.json |   20 +-
 checklists-ext/wafsg_checklist.en.json        |    2 +-
 checklists-ext/wafsg_checklist.es.json        |   22 +-
 checklists-ext/wafsg_checklist.ja.json        |   20 +-
 checklists-ext/wafsg_checklist.ko.json        |   20 +-
 checklists-ext/wafsg_checklist.pt.json        |   22 +-
 checklists-ext/wafsg_checklist.zh-Hant.json   |   20 +-
 checklists/checklist.en.master.json           | 3820 ++++++++---------
 checklists/waf_checklist.en.json              |    2 +-
 checklists/waf_checklist.es.json              |    2 +-
 checklists/waf_checklist.ja.json              |    2 +-
 checklists/waf_checklist.ko.json              |    2 +-
 checklists/waf_checklist.pt.json              |    2 +-
 checklists/waf_checklist.zh-Hant.json         |    2 +-
 .../appservicewebapps_sg_checklist.en.xlsx    |  Bin 24007 -> 24007 bytes
 .../appservicewebapps_sg_checklist.es.xlsx    |  Bin 24550 -> 24550 bytes
 .../appservicewebapps_sg_checklist.ja.xlsx    |  Bin 25982 -> 25982 bytes
 .../appservicewebapps_sg_checklist.ko.xlsx    |  Bin 25449 -> 25446 bytes
 .../appservicewebapps_sg_checklist.pt.xlsx    |  Bin 24517 -> 24516 bytes
 ...ppservicewebapps_sg_checklist.zh-Hant.xlsx |  Bin 24992 -> 24993 bytes
 ...ureapplicationgateway_sg_checklist.en.xlsx |  Bin 25782 -> 25781 bytes
 ...ureapplicationgateway_sg_checklist.es.xlsx |  Bin 26310 -> 26307 bytes
 ...ureapplicationgateway_sg_checklist.ja.xlsx |  Bin 27842 -> 27842 bytes
 ...ureapplicationgateway_sg_checklist.ko.xlsx |  Bin 27317 -> 27317 bytes
 ...ureapplicationgateway_sg_checklist.pt.xlsx |  Bin 26482 -> 26482 bytes
 ...plicationgateway_sg_checklist.zh-Hant.xlsx |  Bin 26875 -> 26874 bytes
 .../azureblobstorage_sg_checklist.en.xlsx     |  Bin 24409 -> 24409 bytes
 .../azureblobstorage_sg_checklist.es.xlsx     |  Bin 24907 -> 24908 bytes
 .../azureblobstorage_sg_checklist.ja.xlsx     |  Bin 26222 -> 26221 bytes
 .../azureblobstorage_sg_checklist.ko.xlsx     |  Bin 25556 -> 25556 bytes
 .../azureblobstorage_sg_checklist.pt.xlsx     |  Bin 24812 -> 24812 bytes
 ...azureblobstorage_sg_checklist.zh-Hant.xlsx |  Bin 25247 -> 25246 bytes
 .../azureexpressroute_sg_checklist.en.xlsx    |  Bin 23067 -> 23067 bytes
 .../azureexpressroute_sg_checklist.es.xlsx    |  Bin 23478 -> 23478 bytes
 .../azureexpressroute_sg_checklist.ja.xlsx    |  Bin 24505 -> 24505 bytes
 .../azureexpressroute_sg_checklist.ko.xlsx    |  Bin 24098 -> 24098 bytes
 .../azureexpressroute_sg_checklist.pt.xlsx    |  Bin 23484 -> 23485 bytes
 ...zureexpressroute_sg_checklist.zh-Hant.xlsx |  Bin 23796 -> 23795 bytes
 .../macrofree/azurefiles_sg_checklist.en.xlsx |  Bin 25746 -> 25746 bytes
 .../macrofree/azurefiles_sg_checklist.es.xlsx |  Bin 26442 -> 26441 bytes
 .../macrofree/azurefiles_sg_checklist.ja.xlsx |  Bin 28176 -> 28177 bytes
 .../macrofree/azurefiles_sg_checklist.ko.xlsx |  Bin 27295 -> 27295 bytes
 .../macrofree/azurefiles_sg_checklist.pt.xlsx |  Bin 26437 -> 26438 bytes
 .../azurefiles_sg_checklist.zh-Hant.xlsx      |  Bin 26994 -> 26994 bytes
 .../azurefirewall_sg_checklist.en.xlsx        |  Bin 28810 -> 28809 bytes
 .../azurefirewall_sg_checklist.es.xlsx        |  Bin 29545 -> 29546 bytes
 .../azurefirewall_sg_checklist.ja.xlsx        |  Bin 32003 -> 32000 bytes
 .../azurefirewall_sg_checklist.ko.xlsx        |  Bin 30855 -> 30855 bytes
 .../azurefirewall_sg_checklist.pt.xlsx        |  Bin 29553 -> 29552 bytes
 .../azurefirewall_sg_checklist.zh-Hant.xlsx   |  Bin 30252 -> 30251 bytes
 .../azurefrontdoor_sg_checklist.en.xlsx       |  Bin 23500 -> 23501 bytes
 .../azurefrontdoor_sg_checklist.es.xlsx       |  Bin 23969 -> 23968 bytes
 .../azurefrontdoor_sg_checklist.ja.xlsx       |  Bin 25229 -> 25230 bytes
 .../azurefrontdoor_sg_checklist.ko.xlsx       |  Bin 24708 -> 24708 bytes
 .../azurefrontdoor_sg_checklist.pt.xlsx       |  Bin 23993 -> 23993 bytes
 .../azurefrontdoor_sg_checklist.zh-Hant.xlsx  |  Bin 24252 -> 24251 bytes
 ...zurekubernetesservice_sg_checklist.en.xlsx |  Bin 26759 -> 26760 bytes
 ...zurekubernetesservice_sg_checklist.es.xlsx |  Bin 27623 -> 27622 bytes
 ...zurekubernetesservice_sg_checklist.ja.xlsx |  Bin 29719 -> 29719 bytes
 ...zurekubernetesservice_sg_checklist.ko.xlsx |  Bin 28937 -> 28935 bytes
 ...zurekubernetesservice_sg_checklist.pt.xlsx |  Bin 27605 -> 27604 bytes
 ...ubernetesservice_sg_checklist.zh-Hant.xlsx |  Bin 28114 -> 28114 bytes
 .../azuremachinelearning_sg_checklist.en.xlsx |  Bin 26179 -> 26180 bytes
 .../azuremachinelearning_sg_checklist.es.xlsx |  Bin 27053 -> 27052 bytes
 .../azuremachinelearning_sg_checklist.ja.xlsx |  Bin 28812 -> 28809 bytes
 .../azuremachinelearning_sg_checklist.ko.xlsx |  Bin 27986 -> 27987 bytes
 .../azuremachinelearning_sg_checklist.pt.xlsx |  Bin 27030 -> 27027 bytes
 ...emachinelearning_sg_checklist.zh-Hant.xlsx |  Bin 27435 -> 27436 bytes
 .../azureopenai_sg_checklist.en.xlsx          |  Bin 21347 -> 21346 bytes
 .../azureopenai_sg_checklist.es.xlsx          |  Bin 21668 -> 21668 bytes
 .../azureopenai_sg_checklist.ja.xlsx          |  Bin 22522 -> 22519 bytes
 .../azureopenai_sg_checklist.ko.xlsx          |  Bin 22109 -> 22107 bytes
 .../azureopenai_sg_checklist.pt.xlsx          |  Bin 21658 -> 21658 bytes
 .../azureopenai_sg_checklist.zh-Hant.xlsx     |  Bin 21929 -> 21929 bytes
 .../macrofree/checklist.en.master.xlsx        |  Bin 503872 -> 503941 bytes
 .../virtualmachines_sg_checklist.en.xlsx      |  Bin 24987 -> 24985 bytes
 .../virtualmachines_sg_checklist.es.xlsx      |  Bin 25611 -> 25610 bytes
 .../virtualmachines_sg_checklist.ja.xlsx      |  Bin 27058 -> 27058 bytes
 .../virtualmachines_sg_checklist.ko.xlsx      |  Bin 26260 -> 26261 bytes
 .../virtualmachines_sg_checklist.pt.xlsx      |  Bin 25510 -> 25510 bytes
 .../virtualmachines_sg_checklist.zh-Hant.xlsx |  Bin 25806 -> 25806 bytes
 spreadsheet/macrofree/waf_checklist.en.xlsx   |  Bin 201483 -> 201483 bytes
 spreadsheet/macrofree/waf_checklist.es.xlsx   |  Bin 195132 -> 195132 bytes
 spreadsheet/macrofree/waf_checklist.ja.xlsx   |  Bin 215020 -> 215019 bytes
 spreadsheet/macrofree/waf_checklist.ko.xlsx   |  Bin 207803 -> 207802 bytes
 spreadsheet/macrofree/waf_checklist.pt.xlsx   |  Bin 196478 -> 196479 bytes
 .../macrofree/waf_checklist.zh-Hant.xlsx      |  Bin 201212 -> 201213 bytes
 spreadsheet/macrofree/wafsg_checklist.en.xlsx |  Bin 118889 -> 118887 bytes
 spreadsheet/macrofree/wafsg_checklist.es.xlsx |  Bin 126548 -> 126547 bytes
 spreadsheet/macrofree/wafsg_checklist.ja.xlsx |  Bin 152374 -> 152374 bytes
 spreadsheet/macrofree/wafsg_checklist.ko.xlsx |  Bin 141461 -> 141460 bytes
 spreadsheet/macrofree/wafsg_checklist.pt.xlsx |  Bin 126726 -> 126726 bytes
 .../macrofree/wafsg_checklist.zh-Hant.xlsx    |  Bin 133292 -> 133292 bytes
 .../alz_checklist.en_network_counters.json    |  508 +--
 ...hecklist.en_network_counters_template.json |    2 +-
 .../alz_checklist.en_network_tabcounters.json | 1564 +++----
 ...klist.en_network_tabcounters_template.json |    2 +-
 .../alz_checklist.en_network_workbook.json    |  426 +-
 ...hecklist.en_network_workbook_template.json |    2 +-
 ...hecklist.en_network_counters_workbook.json |    6 +-
 ...en_network_counters_workbook_template.json |    2 +-
 ...elivery_checklist.en_network_workbook.json |  200 +-
 ...hecklist.en_network_workbook_template.json |    2 +-
 169 files changed, 3910 insertions(+), 3910 deletions(-)

diff --git a/checklists-ext/appservicewebapps_sg_checklist.en.json b/checklists-ext/appservicewebapps_sg_checklist.en.json
index 818926c5c..fa8e5526c 100644
--- a/checklists-ext/appservicewebapps_sg_checklist.en.json
+++ b/checklists-ext/appservicewebapps_sg_checklist.en.json
@@ -253,6 +253,6 @@
         "name": "App Service Web Apps Service Guide",
         "waf": "all",
         "state": "preview",
-        "timestamp": "September 01, 2024"
+        "timestamp": "September 03, 2024"
     }
 }
\ No newline at end of file
diff --git a/checklists-ext/appservicewebapps_sg_checklist.es.json b/checklists-ext/appservicewebapps_sg_checklist.es.json
index 209651f62..736a4ca79 100644
--- a/checklists-ext/appservicewebapps_sg_checklist.es.json
+++ b/checklists-ext/appservicewebapps_sg_checklist.es.json
@@ -190,7 +190,7 @@
     "metadata": {
         "name": "App Service Web Apps Service Guide",
         "state": "preview",
-        "timestamp": "August 26, 2024",
+        "timestamp": "September 03, 2024",
         "waf": "all"
     },
     "status": [
@@ -217,34 +217,34 @@
     ],
     "waf": [
         {
-            "name": "Rendimiento"
+            "name": "seguridad"
         },
         {
-            "name": "Seguridad"
+            "name": "rendimiento"
         },
         {
-            "name": "costar"
+            "name": "Operaciones"
         },
         {
-            "name": "seguridad"
+            "name": "fiabilidad"
         },
         {
-            "name": "rendimiento"
+            "name": "Costar"
         },
         {
-            "name": "fiabilidad"
+            "name": "Operaciones"
         },
         {
-            "name": "Operaciones"
+            "name": "Fiabilidad"
         },
         {
-            "name": "Operaciones"
+            "name": "Seguridad"
         },
         {
-            "name": "Costar"
+            "name": "costar"
         },
         {
-            "name": "Fiabilidad"
+            "name": "Rendimiento"
         }
     ],
     "yesno": [
diff --git a/checklists-ext/appservicewebapps_sg_checklist.ja.json b/checklists-ext/appservicewebapps_sg_checklist.ja.json
index b62772a5d..e5ad47672 100644
--- a/checklists-ext/appservicewebapps_sg_checklist.ja.json
+++ b/checklists-ext/appservicewebapps_sg_checklist.ja.json
@@ -190,7 +190,7 @@
     "metadata": {
         "name": "App Service Web Apps Service Guide",
         "state": "preview",
-        "timestamp": "August 26, 2024",
+        "timestamp": "September 03, 2024",
         "waf": "all"
     },
     "status": [
@@ -216,35 +216,35 @@
         }
     ],
     "waf": [
-        {
-            "name": "パフォーマンス"
-        },
         {
             "name": "安全"
         },
         {
-            "name": "費用"
+            "name": "パフォーマンス"
         },
         {
-            "name": "安全"
+            "name": "オペレーションズ"
         },
         {
-            "name": "パフォーマンス"
+            "name": "確実"
         },
         {
-            "name": "確実"
+            "name": "費用"
         },
         {
             "name": "オペレーションズ"
         },
         {
-            "name": "オペレーションズ"
+            "name": "確実"
+        },
+        {
+            "name": "安全"
         },
         {
             "name": "費用"
         },
         {
-            "name": "確実"
+            "name": "パフォーマンス"
         }
     ],
     "yesno": [
diff --git a/checklists-ext/appservicewebapps_sg_checklist.ko.json b/checklists-ext/appservicewebapps_sg_checklist.ko.json
index 7faef5641..89c53b370 100644
--- a/checklists-ext/appservicewebapps_sg_checklist.ko.json
+++ b/checklists-ext/appservicewebapps_sg_checklist.ko.json
@@ -190,7 +190,7 @@
     "metadata": {
         "name": "App Service Web Apps Service Guide",
         "state": "preview",
-        "timestamp": "August 26, 2024",
+        "timestamp": "September 03, 2024",
         "waf": "all"
     },
     "status": [
@@ -216,35 +216,35 @@
         }
     ],
     "waf": [
-        {
-            "name": "공연"
-        },
         {
             "name": "안전"
         },
         {
-            "name": "비용"
+            "name": "공연"
         },
         {
-            "name": "안전"
+            "name": "작업"
         },
         {
-            "name": "공연"
+            "name": "신뢰도"
         },
         {
-            "name": "신뢰도"
+            "name": "비용"
         },
         {
             "name": "작업"
         },
         {
-            "name": "작업"
+            "name": "신뢰도"
+        },
+        {
+            "name": "안전"
         },
         {
             "name": "비용"
         },
         {
-            "name": "신뢰도"
+            "name": "공연"
         }
     ],
     "yesno": [
diff --git a/checklists-ext/appservicewebapps_sg_checklist.pt.json b/checklists-ext/appservicewebapps_sg_checklist.pt.json
index 7bf2c86ae..da13ab061 100644
--- a/checklists-ext/appservicewebapps_sg_checklist.pt.json
+++ b/checklists-ext/appservicewebapps_sg_checklist.pt.json
@@ -190,7 +190,7 @@
     "metadata": {
         "name": "App Service Web Apps Service Guide",
         "state": "preview",
-        "timestamp": "August 26, 2024",
+        "timestamp": "September 03, 2024",
         "waf": "all"
     },
     "status": [
@@ -217,34 +217,34 @@
     ],
     "waf": [
         {
-            "name": "Desempenho"
+            "name": "segurança"
         },
         {
-            "name": "Segurança"
+            "name": "desempenho"
         },
         {
-            "name": "custar"
+            "name": "Operações"
         },
         {
-            "name": "segurança"
+            "name": "fiabilidade"
         },
         {
-            "name": "desempenho"
+            "name": "Custar"
         },
         {
-            "name": "fiabilidade"
+            "name": "Operações"
         },
         {
-            "name": "Operações"
+            "name": "Fiabilidade"
         },
         {
-            "name": "Operações"
+            "name": "Segurança"
         },
         {
-            "name": "Custar"
+            "name": "custar"
         },
         {
-            "name": "Fiabilidade"
+            "name": "Desempenho"
         }
     ],
     "yesno": [
diff --git a/checklists-ext/appservicewebapps_sg_checklist.zh-Hant.json b/checklists-ext/appservicewebapps_sg_checklist.zh-Hant.json
index 87e077273..42c836781 100644
--- a/checklists-ext/appservicewebapps_sg_checklist.zh-Hant.json
+++ b/checklists-ext/appservicewebapps_sg_checklist.zh-Hant.json
@@ -190,7 +190,7 @@
     "metadata": {
         "name": "App Service Web Apps Service Guide",
         "state": "preview",
-        "timestamp": "August 26, 2024",
+        "timestamp": "September 03, 2024",
         "waf": "all"
     },
     "status": [
@@ -216,35 +216,35 @@
         }
     ],
     "waf": [
-        {
-            "name": "性能"
-        },
         {
             "name": "安全"
         },
         {
-            "name": "成本"
+            "name": "性能"
         },
         {
-            "name": "安全"
+            "name": "操作"
         },
         {
-            "name": "性能"
+            "name": "可靠性"
         },
         {
-            "name": "可靠性"
+            "name": "成本"
         },
         {
             "name": "操作"
         },
         {
-            "name": "操作"
+            "name": "可靠性"
+        },
+        {
+            "name": "安全"
         },
         {
             "name": "成本"
         },
         {
-            "name": "可靠性"
+            "name": "性能"
         }
     ],
     "yesno": [
diff --git a/checklists-ext/azureapplicationgateway_sg_checklist.en.json b/checklists-ext/azureapplicationgateway_sg_checklist.en.json
index 69d22a2ce..3191b4572 100644
--- a/checklists-ext/azureapplicationgateway_sg_checklist.en.json
+++ b/checklists-ext/azureapplicationgateway_sg_checklist.en.json
@@ -301,6 +301,6 @@
         "name": "Azure Application Gateway Service Guide",
         "waf": "all",
         "state": "preview",
-        "timestamp": "September 01, 2024"
+        "timestamp": "September 03, 2024"
     }
 }
\ No newline at end of file
diff --git a/checklists-ext/azureapplicationgateway_sg_checklist.es.json b/checklists-ext/azureapplicationgateway_sg_checklist.es.json
index da5a549eb..b6f50a1e5 100644
--- a/checklists-ext/azureapplicationgateway_sg_checklist.es.json
+++ b/checklists-ext/azureapplicationgateway_sg_checklist.es.json
@@ -238,7 +238,7 @@
     "metadata": {
         "name": "Azure Application Gateway Service Guide",
         "state": "preview",
-        "timestamp": "August 26, 2024",
+        "timestamp": "September 03, 2024",
         "waf": "all"
     },
     "status": [
@@ -265,34 +265,34 @@
     ],
     "waf": [
         {
-            "name": "Rendimiento"
+            "name": "seguridad"
         },
         {
-            "name": "Seguridad"
+            "name": "rendimiento"
         },
         {
-            "name": "costar"
+            "name": "Operaciones"
         },
         {
-            "name": "seguridad"
+            "name": "fiabilidad"
         },
         {
-            "name": "rendimiento"
+            "name": "Costar"
         },
         {
-            "name": "fiabilidad"
+            "name": "Operaciones"
         },
         {
-            "name": "Operaciones"
+            "name": "Fiabilidad"
         },
         {
-            "name": "Operaciones"
+            "name": "Seguridad"
         },
         {
-            "name": "Costar"
+            "name": "costar"
         },
         {
-            "name": "Fiabilidad"
+            "name": "Rendimiento"
         }
     ],
     "yesno": [
diff --git a/checklists-ext/azureapplicationgateway_sg_checklist.ja.json b/checklists-ext/azureapplicationgateway_sg_checklist.ja.json
index 37cf51a6a..058523c20 100644
--- a/checklists-ext/azureapplicationgateway_sg_checklist.ja.json
+++ b/checklists-ext/azureapplicationgateway_sg_checklist.ja.json
@@ -238,7 +238,7 @@
     "metadata": {
         "name": "Azure Application Gateway Service Guide",
         "state": "preview",
-        "timestamp": "August 26, 2024",
+        "timestamp": "September 03, 2024",
         "waf": "all"
     },
     "status": [
@@ -264,35 +264,35 @@
         }
     ],
     "waf": [
-        {
-            "name": "パフォーマンス"
-        },
         {
             "name": "安全"
         },
         {
-            "name": "費用"
+            "name": "パフォーマンス"
         },
         {
-            "name": "安全"
+            "name": "オペレーションズ"
         },
         {
-            "name": "パフォーマンス"
+            "name": "確実"
         },
         {
-            "name": "確実"
+            "name": "費用"
         },
         {
             "name": "オペレーションズ"
         },
         {
-            "name": "オペレーションズ"
+            "name": "確実"
+        },
+        {
+            "name": "安全"
         },
         {
             "name": "費用"
         },
         {
-            "name": "確実"
+            "name": "パフォーマンス"
         }
     ],
     "yesno": [
diff --git a/checklists-ext/azureapplicationgateway_sg_checklist.ko.json b/checklists-ext/azureapplicationgateway_sg_checklist.ko.json
index 4973be6c2..289e4f79b 100644
--- a/checklists-ext/azureapplicationgateway_sg_checklist.ko.json
+++ b/checklists-ext/azureapplicationgateway_sg_checklist.ko.json
@@ -238,7 +238,7 @@
     "metadata": {
         "name": "Azure Application Gateway Service Guide",
         "state": "preview",
-        "timestamp": "August 26, 2024",
+        "timestamp": "September 03, 2024",
         "waf": "all"
     },
     "status": [
@@ -264,35 +264,35 @@
         }
     ],
     "waf": [
-        {
-            "name": "공연"
-        },
         {
             "name": "안전"
         },
         {
-            "name": "비용"
+            "name": "공연"
         },
         {
-            "name": "안전"
+            "name": "작업"
         },
         {
-            "name": "공연"
+            "name": "신뢰도"
         },
         {
-            "name": "신뢰도"
+            "name": "비용"
         },
         {
             "name": "작업"
         },
         {
-            "name": "작업"
+            "name": "신뢰도"
+        },
+        {
+            "name": "안전"
         },
         {
             "name": "비용"
         },
         {
-            "name": "신뢰도"
+            "name": "공연"
         }
     ],
     "yesno": [
diff --git a/checklists-ext/azureapplicationgateway_sg_checklist.pt.json b/checklists-ext/azureapplicationgateway_sg_checklist.pt.json
index 1870444fd..e2654be69 100644
--- a/checklists-ext/azureapplicationgateway_sg_checklist.pt.json
+++ b/checklists-ext/azureapplicationgateway_sg_checklist.pt.json
@@ -238,7 +238,7 @@
     "metadata": {
         "name": "Azure Application Gateway Service Guide",
         "state": "preview",
-        "timestamp": "August 26, 2024",
+        "timestamp": "September 03, 2024",
         "waf": "all"
     },
     "status": [
@@ -265,34 +265,34 @@
     ],
     "waf": [
         {
-            "name": "Desempenho"
+            "name": "segurança"
         },
         {
-            "name": "Segurança"
+            "name": "desempenho"
         },
         {
-            "name": "custar"
+            "name": "Operações"
         },
         {
-            "name": "segurança"
+            "name": "fiabilidade"
         },
         {
-            "name": "desempenho"
+            "name": "Custar"
         },
         {
-            "name": "fiabilidade"
+            "name": "Operações"
         },
         {
-            "name": "Operações"
+            "name": "Fiabilidade"
         },
         {
-            "name": "Operações"
+            "name": "Segurança"
         },
         {
-            "name": "Custar"
+            "name": "custar"
         },
         {
-            "name": "Fiabilidade"
+            "name": "Desempenho"
         }
     ],
     "yesno": [
diff --git a/checklists-ext/azureapplicationgateway_sg_checklist.zh-Hant.json b/checklists-ext/azureapplicationgateway_sg_checklist.zh-Hant.json
index c3eca56c7..f37adbb5b 100644
--- a/checklists-ext/azureapplicationgateway_sg_checklist.zh-Hant.json
+++ b/checklists-ext/azureapplicationgateway_sg_checklist.zh-Hant.json
@@ -238,7 +238,7 @@
     "metadata": {
         "name": "Azure Application Gateway Service Guide",
         "state": "preview",
-        "timestamp": "August 26, 2024",
+        "timestamp": "September 03, 2024",
         "waf": "all"
     },
     "status": [
@@ -264,35 +264,35 @@
         }
     ],
     "waf": [
-        {
-            "name": "性能"
-        },
         {
             "name": "安全"
         },
         {
-            "name": "成本"
+            "name": "性能"
         },
         {
-            "name": "安全"
+            "name": "操作"
         },
         {
-            "name": "性能"
+            "name": "可靠性"
         },
         {
-            "name": "可靠性"
+            "name": "成本"
         },
         {
             "name": "操作"
         },
         {
-            "name": "操作"
+            "name": "可靠性"
+        },
+        {
+            "name": "安全"
         },
         {
             "name": "成本"
         },
         {
-            "name": "可靠性"
+            "name": "性能"
         }
     ],
     "yesno": [
diff --git a/checklists-ext/azureblobstorage_sg_checklist.en.json b/checklists-ext/azureblobstorage_sg_checklist.en.json
index 7049be557..d84e8ddb9 100644
--- a/checklists-ext/azureblobstorage_sg_checklist.en.json
+++ b/checklists-ext/azureblobstorage_sg_checklist.en.json
@@ -277,6 +277,6 @@
         "name": "Azure Blob Storage Service Guide",
         "waf": "all",
         "state": "preview",
-        "timestamp": "September 01, 2024"
+        "timestamp": "September 03, 2024"
     }
 }
\ No newline at end of file
diff --git a/checklists-ext/azureblobstorage_sg_checklist.es.json b/checklists-ext/azureblobstorage_sg_checklist.es.json
index 8e75d2e53..7ffb65971 100644
--- a/checklists-ext/azureblobstorage_sg_checklist.es.json
+++ b/checklists-ext/azureblobstorage_sg_checklist.es.json
@@ -214,7 +214,7 @@
     "metadata": {
         "name": "Azure Blob Storage Service Guide",
         "state": "preview",
-        "timestamp": "August 26, 2024",
+        "timestamp": "September 03, 2024",
         "waf": "all"
     },
     "status": [
@@ -241,34 +241,34 @@
     ],
     "waf": [
         {
-            "name": "Rendimiento"
+            "name": "seguridad"
         },
         {
-            "name": "Seguridad"
+            "name": "rendimiento"
         },
         {
-            "name": "costar"
+            "name": "Operaciones"
         },
         {
-            "name": "seguridad"
+            "name": "fiabilidad"
         },
         {
-            "name": "rendimiento"
+            "name": "Costar"
         },
         {
-            "name": "fiabilidad"
+            "name": "Operaciones"
         },
         {
-            "name": "Operaciones"
+            "name": "Fiabilidad"
         },
         {
-            "name": "Operaciones"
+            "name": "Seguridad"
         },
         {
-            "name": "Costar"
+            "name": "costar"
         },
         {
-            "name": "Fiabilidad"
+            "name": "Rendimiento"
         }
     ],
     "yesno": [
diff --git a/checklists-ext/azureblobstorage_sg_checklist.ja.json b/checklists-ext/azureblobstorage_sg_checklist.ja.json
index c282a6555..1f2e86f8c 100644
--- a/checklists-ext/azureblobstorage_sg_checklist.ja.json
+++ b/checklists-ext/azureblobstorage_sg_checklist.ja.json
@@ -214,7 +214,7 @@
     "metadata": {
         "name": "Azure Blob Storage Service Guide",
         "state": "preview",
-        "timestamp": "August 26, 2024",
+        "timestamp": "September 03, 2024",
         "waf": "all"
     },
     "status": [
@@ -240,35 +240,35 @@
         }
     ],
     "waf": [
-        {
-            "name": "パフォーマンス"
-        },
         {
             "name": "安全"
         },
         {
-            "name": "費用"
+            "name": "パフォーマンス"
         },
         {
-            "name": "安全"
+            "name": "オペレーションズ"
         },
         {
-            "name": "パフォーマンス"
+            "name": "確実"
         },
         {
-            "name": "確実"
+            "name": "費用"
         },
         {
             "name": "オペレーションズ"
         },
         {
-            "name": "オペレーションズ"
+            "name": "確実"
+        },
+        {
+            "name": "安全"
         },
         {
             "name": "費用"
         },
         {
-            "name": "確実"
+            "name": "パフォーマンス"
         }
     ],
     "yesno": [
diff --git a/checklists-ext/azureblobstorage_sg_checklist.ko.json b/checklists-ext/azureblobstorage_sg_checklist.ko.json
index 29a7c7294..d49e2a754 100644
--- a/checklists-ext/azureblobstorage_sg_checklist.ko.json
+++ b/checklists-ext/azureblobstorage_sg_checklist.ko.json
@@ -214,7 +214,7 @@
     "metadata": {
         "name": "Azure Blob Storage Service Guide",
         "state": "preview",
-        "timestamp": "August 26, 2024",
+        "timestamp": "September 03, 2024",
         "waf": "all"
     },
     "status": [
@@ -240,35 +240,35 @@
         }
     ],
     "waf": [
-        {
-            "name": "공연"
-        },
         {
             "name": "안전"
         },
         {
-            "name": "비용"
+            "name": "공연"
         },
         {
-            "name": "안전"
+            "name": "작업"
         },
         {
-            "name": "공연"
+            "name": "신뢰도"
         },
         {
-            "name": "신뢰도"
+            "name": "비용"
         },
         {
             "name": "작업"
         },
         {
-            "name": "작업"
+            "name": "신뢰도"
+        },
+        {
+            "name": "안전"
         },
         {
             "name": "비용"
         },
         {
-            "name": "신뢰도"
+            "name": "공연"
         }
     ],
     "yesno": [
diff --git a/checklists-ext/azureblobstorage_sg_checklist.pt.json b/checklists-ext/azureblobstorage_sg_checklist.pt.json
index 69c0069fc..62638d128 100644
--- a/checklists-ext/azureblobstorage_sg_checklist.pt.json
+++ b/checklists-ext/azureblobstorage_sg_checklist.pt.json
@@ -214,7 +214,7 @@
     "metadata": {
         "name": "Azure Blob Storage Service Guide",
         "state": "preview",
-        "timestamp": "August 26, 2024",
+        "timestamp": "September 03, 2024",
         "waf": "all"
     },
     "status": [
@@ -241,34 +241,34 @@
     ],
     "waf": [
         {
-            "name": "Desempenho"
+            "name": "segurança"
         },
         {
-            "name": "Segurança"
+            "name": "desempenho"
         },
         {
-            "name": "custar"
+            "name": "Operações"
         },
         {
-            "name": "segurança"
+            "name": "fiabilidade"
         },
         {
-            "name": "desempenho"
+            "name": "Custar"
         },
         {
-            "name": "fiabilidade"
+            "name": "Operações"
         },
         {
-            "name": "Operações"
+            "name": "Fiabilidade"
         },
         {
-            "name": "Operações"
+            "name": "Segurança"
         },
         {
-            "name": "Custar"
+            "name": "custar"
         },
         {
-            "name": "Fiabilidade"
+            "name": "Desempenho"
         }
     ],
     "yesno": [
diff --git a/checklists-ext/azureblobstorage_sg_checklist.zh-Hant.json b/checklists-ext/azureblobstorage_sg_checklist.zh-Hant.json
index 0a6582d66..2bcfb0662 100644
--- a/checklists-ext/azureblobstorage_sg_checklist.zh-Hant.json
+++ b/checklists-ext/azureblobstorage_sg_checklist.zh-Hant.json
@@ -214,7 +214,7 @@
     "metadata": {
         "name": "Azure Blob Storage Service Guide",
         "state": "preview",
-        "timestamp": "August 26, 2024",
+        "timestamp": "September 03, 2024",
         "waf": "all"
     },
     "status": [
@@ -240,35 +240,35 @@
         }
     ],
     "waf": [
-        {
-            "name": "性能"
-        },
         {
             "name": "安全"
         },
         {
-            "name": "成本"
+            "name": "性能"
         },
         {
-            "name": "安全"
+            "name": "操作"
         },
         {
-            "name": "性能"
+            "name": "可靠性"
         },
         {
-            "name": "可靠性"
+            "name": "成本"
         },
         {
             "name": "操作"
         },
         {
-            "name": "操作"
+            "name": "可靠性"
+        },
+        {
+            "name": "安全"
         },
         {
             "name": "成本"
         },
         {
-            "name": "可靠性"
+            "name": "性能"
         }
     ],
     "yesno": [
diff --git a/checklists-ext/azureexpressroute_sg_checklist.en.json b/checklists-ext/azureexpressroute_sg_checklist.en.json
index e45d148ed..a828a30dd 100644
--- a/checklists-ext/azureexpressroute_sg_checklist.en.json
+++ b/checklists-ext/azureexpressroute_sg_checklist.en.json
@@ -277,6 +277,6 @@
         "name": "Azure Expressroute Service Guide",
         "waf": "all",
         "state": "preview",
-        "timestamp": "September 01, 2024"
+        "timestamp": "September 03, 2024"
     }
 }
\ No newline at end of file
diff --git a/checklists-ext/azureexpressroute_sg_checklist.es.json b/checklists-ext/azureexpressroute_sg_checklist.es.json
index 2a5e28599..5524640ca 100644
--- a/checklists-ext/azureexpressroute_sg_checklist.es.json
+++ b/checklists-ext/azureexpressroute_sg_checklist.es.json
@@ -214,7 +214,7 @@
     "metadata": {
         "name": "Azure Expressroute Service Guide",
         "state": "preview",
-        "timestamp": "August 26, 2024",
+        "timestamp": "September 03, 2024",
         "waf": "all"
     },
     "status": [
@@ -241,34 +241,34 @@
     ],
     "waf": [
         {
-            "name": "Rendimiento"
+            "name": "seguridad"
         },
         {
-            "name": "Seguridad"
+            "name": "rendimiento"
         },
         {
-            "name": "costar"
+            "name": "Operaciones"
         },
         {
-            "name": "seguridad"
+            "name": "fiabilidad"
         },
         {
-            "name": "rendimiento"
+            "name": "Costar"
         },
         {
-            "name": "fiabilidad"
+            "name": "Operaciones"
         },
         {
-            "name": "Operaciones"
+            "name": "Fiabilidad"
         },
         {
-            "name": "Operaciones"
+            "name": "Seguridad"
         },
         {
-            "name": "Costar"
+            "name": "costar"
         },
         {
-            "name": "Fiabilidad"
+            "name": "Rendimiento"
         }
     ],
     "yesno": [
diff --git a/checklists-ext/azureexpressroute_sg_checklist.ja.json b/checklists-ext/azureexpressroute_sg_checklist.ja.json
index 0413b155a..9b6ab744d 100644
--- a/checklists-ext/azureexpressroute_sg_checklist.ja.json
+++ b/checklists-ext/azureexpressroute_sg_checklist.ja.json
@@ -214,7 +214,7 @@
     "metadata": {
         "name": "Azure Expressroute Service Guide",
         "state": "preview",
-        "timestamp": "August 26, 2024",
+        "timestamp": "September 03, 2024",
         "waf": "all"
     },
     "status": [
@@ -240,35 +240,35 @@
         }
     ],
     "waf": [
-        {
-            "name": "パフォーマンス"
-        },
         {
             "name": "安全"
         },
         {
-            "name": "費用"
+            "name": "パフォーマンス"
         },
         {
-            "name": "安全"
+            "name": "オペレーションズ"
         },
         {
-            "name": "パフォーマンス"
+            "name": "確実"
         },
         {
-            "name": "確実"
+            "name": "費用"
         },
         {
             "name": "オペレーションズ"
         },
         {
-            "name": "オペレーションズ"
+            "name": "確実"
+        },
+        {
+            "name": "安全"
         },
         {
             "name": "費用"
         },
         {
-            "name": "確実"
+            "name": "パフォーマンス"
         }
     ],
     "yesno": [
diff --git a/checklists-ext/azureexpressroute_sg_checklist.ko.json b/checklists-ext/azureexpressroute_sg_checklist.ko.json
index 254199e67..1705cf76e 100644
--- a/checklists-ext/azureexpressroute_sg_checklist.ko.json
+++ b/checklists-ext/azureexpressroute_sg_checklist.ko.json
@@ -214,7 +214,7 @@
     "metadata": {
         "name": "Azure Expressroute Service Guide",
         "state": "preview",
-        "timestamp": "August 26, 2024",
+        "timestamp": "September 03, 2024",
         "waf": "all"
     },
     "status": [
@@ -240,35 +240,35 @@
         }
     ],
     "waf": [
-        {
-            "name": "공연"
-        },
         {
             "name": "안전"
         },
         {
-            "name": "비용"
+            "name": "공연"
         },
         {
-            "name": "안전"
+            "name": "작업"
         },
         {
-            "name": "공연"
+            "name": "신뢰도"
         },
         {
-            "name": "신뢰도"
+            "name": "비용"
         },
         {
             "name": "작업"
         },
         {
-            "name": "작업"
+            "name": "신뢰도"
+        },
+        {
+            "name": "안전"
         },
         {
             "name": "비용"
         },
         {
-            "name": "신뢰도"
+            "name": "공연"
         }
     ],
     "yesno": [
diff --git a/checklists-ext/azureexpressroute_sg_checklist.pt.json b/checklists-ext/azureexpressroute_sg_checklist.pt.json
index 329d252d4..499c701ce 100644
--- a/checklists-ext/azureexpressroute_sg_checklist.pt.json
+++ b/checklists-ext/azureexpressroute_sg_checklist.pt.json
@@ -214,7 +214,7 @@
     "metadata": {
         "name": "Azure Expressroute Service Guide",
         "state": "preview",
-        "timestamp": "August 26, 2024",
+        "timestamp": "September 03, 2024",
         "waf": "all"
     },
     "status": [
@@ -241,34 +241,34 @@
     ],
     "waf": [
         {
-            "name": "Desempenho"
+            "name": "segurança"
         },
         {
-            "name": "Segurança"
+            "name": "desempenho"
         },
         {
-            "name": "custar"
+            "name": "Operações"
         },
         {
-            "name": "segurança"
+            "name": "fiabilidade"
         },
         {
-            "name": "desempenho"
+            "name": "Custar"
         },
         {
-            "name": "fiabilidade"
+            "name": "Operações"
         },
         {
-            "name": "Operações"
+            "name": "Fiabilidade"
         },
         {
-            "name": "Operações"
+            "name": "Segurança"
         },
         {
-            "name": "Custar"
+            "name": "custar"
         },
         {
-            "name": "Fiabilidade"
+            "name": "Desempenho"
         }
     ],
     "yesno": [
diff --git a/checklists-ext/azureexpressroute_sg_checklist.zh-Hant.json b/checklists-ext/azureexpressroute_sg_checklist.zh-Hant.json
index 5824bf36a..eb7f2c616 100644
--- a/checklists-ext/azureexpressroute_sg_checklist.zh-Hant.json
+++ b/checklists-ext/azureexpressroute_sg_checklist.zh-Hant.json
@@ -214,7 +214,7 @@
     "metadata": {
         "name": "Azure Expressroute Service Guide",
         "state": "preview",
-        "timestamp": "August 26, 2024",
+        "timestamp": "September 03, 2024",
         "waf": "all"
     },
     "status": [
@@ -240,35 +240,35 @@
         }
     ],
     "waf": [
-        {
-            "name": "性能"
-        },
         {
             "name": "安全"
         },
         {
-            "name": "成本"
+            "name": "性能"
         },
         {
-            "name": "安全"
+            "name": "操作"
         },
         {
-            "name": "性能"
+            "name": "可靠性"
         },
         {
-            "name": "可靠性"
+            "name": "成本"
         },
         {
             "name": "操作"
         },
         {
-            "name": "操作"
+            "name": "可靠性"
+        },
+        {
+            "name": "安全"
         },
         {
             "name": "成本"
         },
         {
-            "name": "可靠性"
+            "name": "性能"
         }
     ],
     "yesno": [
diff --git a/checklists-ext/azurefiles_sg_checklist.en.json b/checklists-ext/azurefiles_sg_checklist.en.json
index 17a27e472..2147ea8b3 100644
--- a/checklists-ext/azurefiles_sg_checklist.en.json
+++ b/checklists-ext/azurefiles_sg_checklist.en.json
@@ -301,6 +301,6 @@
         "name": "Azure Files Service Guide",
         "waf": "all",
         "state": "preview",
-        "timestamp": "September 01, 2024"
+        "timestamp": "September 03, 2024"
     }
 }
\ No newline at end of file
diff --git a/checklists-ext/azurefiles_sg_checklist.es.json b/checklists-ext/azurefiles_sg_checklist.es.json
index b8727f8d3..6f283e960 100644
--- a/checklists-ext/azurefiles_sg_checklist.es.json
+++ b/checklists-ext/azurefiles_sg_checklist.es.json
@@ -238,7 +238,7 @@
     "metadata": {
         "name": "Azure Files Service Guide",
         "state": "preview",
-        "timestamp": "August 26, 2024",
+        "timestamp": "September 03, 2024",
         "waf": "all"
     },
     "status": [
@@ -265,34 +265,34 @@
     ],
     "waf": [
         {
-            "name": "Rendimiento"
+            "name": "seguridad"
         },
         {
-            "name": "Seguridad"
+            "name": "rendimiento"
         },
         {
-            "name": "costar"
+            "name": "Operaciones"
         },
         {
-            "name": "seguridad"
+            "name": "fiabilidad"
         },
         {
-            "name": "rendimiento"
+            "name": "Costar"
         },
         {
-            "name": "fiabilidad"
+            "name": "Operaciones"
         },
         {
-            "name": "Operaciones"
+            "name": "Fiabilidad"
         },
         {
-            "name": "Operaciones"
+            "name": "Seguridad"
         },
         {
-            "name": "Costar"
+            "name": "costar"
         },
         {
-            "name": "Fiabilidad"
+            "name": "Rendimiento"
         }
     ],
     "yesno": [
diff --git a/checklists-ext/azurefiles_sg_checklist.ja.json b/checklists-ext/azurefiles_sg_checklist.ja.json
index 0731ca359..65f0dba13 100644
--- a/checklists-ext/azurefiles_sg_checklist.ja.json
+++ b/checklists-ext/azurefiles_sg_checklist.ja.json
@@ -238,7 +238,7 @@
     "metadata": {
         "name": "Azure Files Service Guide",
         "state": "preview",
-        "timestamp": "August 26, 2024",
+        "timestamp": "September 03, 2024",
         "waf": "all"
     },
     "status": [
@@ -264,35 +264,35 @@
         }
     ],
     "waf": [
-        {
-            "name": "パフォーマンス"
-        },
         {
             "name": "安全"
         },
         {
-            "name": "費用"
+            "name": "パフォーマンス"
         },
         {
-            "name": "安全"
+            "name": "オペレーションズ"
         },
         {
-            "name": "パフォーマンス"
+            "name": "確実"
         },
         {
-            "name": "確実"
+            "name": "費用"
         },
         {
             "name": "オペレーションズ"
         },
         {
-            "name": "オペレーションズ"
+            "name": "確実"
+        },
+        {
+            "name": "安全"
         },
         {
             "name": "費用"
         },
         {
-            "name": "確実"
+            "name": "パフォーマンス"
         }
     ],
     "yesno": [
diff --git a/checklists-ext/azurefiles_sg_checklist.ko.json b/checklists-ext/azurefiles_sg_checklist.ko.json
index 64048894c..d231803a2 100644
--- a/checklists-ext/azurefiles_sg_checklist.ko.json
+++ b/checklists-ext/azurefiles_sg_checklist.ko.json
@@ -238,7 +238,7 @@
     "metadata": {
         "name": "Azure Files Service Guide",
         "state": "preview",
-        "timestamp": "August 26, 2024",
+        "timestamp": "September 03, 2024",
         "waf": "all"
     },
     "status": [
@@ -264,35 +264,35 @@
         }
     ],
     "waf": [
-        {
-            "name": "공연"
-        },
         {
             "name": "안전"
         },
         {
-            "name": "비용"
+            "name": "공연"
         },
         {
-            "name": "안전"
+            "name": "작업"
         },
         {
-            "name": "공연"
+            "name": "신뢰도"
         },
         {
-            "name": "신뢰도"
+            "name": "비용"
         },
         {
             "name": "작업"
         },
         {
-            "name": "작업"
+            "name": "신뢰도"
+        },
+        {
+            "name": "안전"
         },
         {
             "name": "비용"
         },
         {
-            "name": "신뢰도"
+            "name": "공연"
         }
     ],
     "yesno": [
diff --git a/checklists-ext/azurefiles_sg_checklist.pt.json b/checklists-ext/azurefiles_sg_checklist.pt.json
index 83fb05374..a6c83a13a 100644
--- a/checklists-ext/azurefiles_sg_checklist.pt.json
+++ b/checklists-ext/azurefiles_sg_checklist.pt.json
@@ -238,7 +238,7 @@
     "metadata": {
         "name": "Azure Files Service Guide",
         "state": "preview",
-        "timestamp": "August 26, 2024",
+        "timestamp": "September 03, 2024",
         "waf": "all"
     },
     "status": [
@@ -265,34 +265,34 @@
     ],
     "waf": [
         {
-            "name": "Desempenho"
+            "name": "segurança"
         },
         {
-            "name": "Segurança"
+            "name": "desempenho"
         },
         {
-            "name": "custar"
+            "name": "Operações"
         },
         {
-            "name": "segurança"
+            "name": "fiabilidade"
         },
         {
-            "name": "desempenho"
+            "name": "Custar"
         },
         {
-            "name": "fiabilidade"
+            "name": "Operações"
         },
         {
-            "name": "Operações"
+            "name": "Fiabilidade"
         },
         {
-            "name": "Operações"
+            "name": "Segurança"
         },
         {
-            "name": "Custar"
+            "name": "custar"
         },
         {
-            "name": "Fiabilidade"
+            "name": "Desempenho"
         }
     ],
     "yesno": [
diff --git a/checklists-ext/azurefiles_sg_checklist.zh-Hant.json b/checklists-ext/azurefiles_sg_checklist.zh-Hant.json
index 6e06398d7..09bc207ac 100644
--- a/checklists-ext/azurefiles_sg_checklist.zh-Hant.json
+++ b/checklists-ext/azurefiles_sg_checklist.zh-Hant.json
@@ -238,7 +238,7 @@
     "metadata": {
         "name": "Azure Files Service Guide",
         "state": "preview",
-        "timestamp": "August 26, 2024",
+        "timestamp": "September 03, 2024",
         "waf": "all"
     },
     "status": [
@@ -264,35 +264,35 @@
         }
     ],
     "waf": [
-        {
-            "name": "性能"
-        },
         {
             "name": "安全"
         },
         {
-            "name": "成本"
+            "name": "性能"
         },
         {
-            "name": "安全"
+            "name": "操作"
         },
         {
-            "name": "性能"
+            "name": "可靠性"
         },
         {
-            "name": "可靠性"
+            "name": "成本"
         },
         {
             "name": "操作"
         },
         {
-            "name": "操作"
+            "name": "可靠性"
+        },
+        {
+            "name": "安全"
         },
         {
             "name": "成本"
         },
         {
-            "name": "可靠性"
+            "name": "性能"
         }
     ],
     "yesno": [
diff --git a/checklists-ext/azurefirewall_sg_checklist.en.json b/checklists-ext/azurefirewall_sg_checklist.en.json
index e9253e5b7..7cfc7c305 100644
--- a/checklists-ext/azurefirewall_sg_checklist.en.json
+++ b/checklists-ext/azurefirewall_sg_checklist.en.json
@@ -437,6 +437,6 @@
         "name": "Azure Firewall Service Guide",
         "waf": "all",
         "state": "preview",
-        "timestamp": "September 01, 2024"
+        "timestamp": "September 03, 2024"
     }
 }
\ No newline at end of file
diff --git a/checklists-ext/azurefirewall_sg_checklist.es.json b/checklists-ext/azurefirewall_sg_checklist.es.json
index bfb554c19..a6eedcf4b 100644
--- a/checklists-ext/azurefirewall_sg_checklist.es.json
+++ b/checklists-ext/azurefirewall_sg_checklist.es.json
@@ -374,7 +374,7 @@
     "metadata": {
         "name": "Azure Firewall Service Guide",
         "state": "preview",
-        "timestamp": "August 26, 2024",
+        "timestamp": "September 03, 2024",
         "waf": "all"
     },
     "status": [
@@ -401,34 +401,34 @@
     ],
     "waf": [
         {
-            "name": "Rendimiento"
+            "name": "seguridad"
         },
         {
-            "name": "Seguridad"
+            "name": "rendimiento"
         },
         {
-            "name": "costar"
+            "name": "Operaciones"
         },
         {
-            "name": "seguridad"
+            "name": "fiabilidad"
         },
         {
-            "name": "rendimiento"
+            "name": "Costar"
         },
         {
-            "name": "fiabilidad"
+            "name": "Operaciones"
         },
         {
-            "name": "Operaciones"
+            "name": "Fiabilidad"
         },
         {
-            "name": "Operaciones"
+            "name": "Seguridad"
         },
         {
-            "name": "Costar"
+            "name": "costar"
         },
         {
-            "name": "Fiabilidad"
+            "name": "Rendimiento"
         }
     ],
     "yesno": [
diff --git a/checklists-ext/azurefirewall_sg_checklist.ja.json b/checklists-ext/azurefirewall_sg_checklist.ja.json
index c4fb389a9..307e47f0a 100644
--- a/checklists-ext/azurefirewall_sg_checklist.ja.json
+++ b/checklists-ext/azurefirewall_sg_checklist.ja.json
@@ -374,7 +374,7 @@
     "metadata": {
         "name": "Azure Firewall Service Guide",
         "state": "preview",
-        "timestamp": "August 26, 2024",
+        "timestamp": "September 03, 2024",
         "waf": "all"
     },
     "status": [
@@ -400,35 +400,35 @@
         }
     ],
     "waf": [
-        {
-            "name": "パフォーマンス"
-        },
         {
             "name": "安全"
         },
         {
-            "name": "費用"
+            "name": "パフォーマンス"
         },
         {
-            "name": "安全"
+            "name": "オペレーションズ"
         },
         {
-            "name": "パフォーマンス"
+            "name": "確実"
         },
         {
-            "name": "確実"
+            "name": "費用"
         },
         {
             "name": "オペレーションズ"
         },
         {
-            "name": "オペレーションズ"
+            "name": "確実"
+        },
+        {
+            "name": "安全"
         },
         {
             "name": "費用"
         },
         {
-            "name": "確実"
+            "name": "パフォーマンス"
         }
     ],
     "yesno": [
diff --git a/checklists-ext/azurefirewall_sg_checklist.ko.json b/checklists-ext/azurefirewall_sg_checklist.ko.json
index 70ff45e36..f9b224878 100644
--- a/checklists-ext/azurefirewall_sg_checklist.ko.json
+++ b/checklists-ext/azurefirewall_sg_checklist.ko.json
@@ -374,7 +374,7 @@
     "metadata": {
         "name": "Azure Firewall Service Guide",
         "state": "preview",
-        "timestamp": "August 26, 2024",
+        "timestamp": "September 03, 2024",
         "waf": "all"
     },
     "status": [
@@ -400,35 +400,35 @@
         }
     ],
     "waf": [
-        {
-            "name": "공연"
-        },
         {
             "name": "안전"
         },
         {
-            "name": "비용"
+            "name": "공연"
         },
         {
-            "name": "안전"
+            "name": "작업"
         },
         {
-            "name": "공연"
+            "name": "신뢰도"
         },
         {
-            "name": "신뢰도"
+            "name": "비용"
         },
         {
             "name": "작업"
         },
         {
-            "name": "작업"
+            "name": "신뢰도"
+        },
+        {
+            "name": "안전"
         },
         {
             "name": "비용"
         },
         {
-            "name": "신뢰도"
+            "name": "공연"
         }
     ],
     "yesno": [
diff --git a/checklists-ext/azurefirewall_sg_checklist.pt.json b/checklists-ext/azurefirewall_sg_checklist.pt.json
index 0b8ad9c31..e50127ae0 100644
--- a/checklists-ext/azurefirewall_sg_checklist.pt.json
+++ b/checklists-ext/azurefirewall_sg_checklist.pt.json
@@ -374,7 +374,7 @@
     "metadata": {
         "name": "Azure Firewall Service Guide",
         "state": "preview",
-        "timestamp": "August 26, 2024",
+        "timestamp": "September 03, 2024",
         "waf": "all"
     },
     "status": [
@@ -401,34 +401,34 @@
     ],
     "waf": [
         {
-            "name": "Desempenho"
+            "name": "segurança"
         },
         {
-            "name": "Segurança"
+            "name": "desempenho"
         },
         {
-            "name": "custar"
+            "name": "Operações"
         },
         {
-            "name": "segurança"
+            "name": "fiabilidade"
         },
         {
-            "name": "desempenho"
+            "name": "Custar"
         },
         {
-            "name": "fiabilidade"
+            "name": "Operações"
         },
         {
-            "name": "Operações"
+            "name": "Fiabilidade"
         },
         {
-            "name": "Operações"
+            "name": "Segurança"
         },
         {
-            "name": "Custar"
+            "name": "custar"
         },
         {
-            "name": "Fiabilidade"
+            "name": "Desempenho"
         }
     ],
     "yesno": [
diff --git a/checklists-ext/azurefirewall_sg_checklist.zh-Hant.json b/checklists-ext/azurefirewall_sg_checklist.zh-Hant.json
index 72a976897..1d06c6555 100644
--- a/checklists-ext/azurefirewall_sg_checklist.zh-Hant.json
+++ b/checklists-ext/azurefirewall_sg_checklist.zh-Hant.json
@@ -374,7 +374,7 @@
     "metadata": {
         "name": "Azure Firewall Service Guide",
         "state": "preview",
-        "timestamp": "August 26, 2024",
+        "timestamp": "September 03, 2024",
         "waf": "all"
     },
     "status": [
@@ -400,35 +400,35 @@
         }
     ],
     "waf": [
-        {
-            "name": "性能"
-        },
         {
             "name": "安全"
         },
         {
-            "name": "成本"
+            "name": "性能"
         },
         {
-            "name": "安全"
+            "name": "操作"
         },
         {
-            "name": "性能"
+            "name": "可靠性"
         },
         {
-            "name": "可靠性"
+            "name": "成本"
         },
         {
             "name": "操作"
         },
         {
-            "name": "操作"
+            "name": "可靠性"
+        },
+        {
+            "name": "安全"
         },
         {
             "name": "成本"
         },
         {
-            "name": "可靠性"
+            "name": "性能"
         }
     ],
     "yesno": [
diff --git a/checklists-ext/azurefrontdoor_sg_checklist.en.json b/checklists-ext/azurefrontdoor_sg_checklist.en.json
index 16f5336ed..a4648b9bd 100644
--- a/checklists-ext/azurefrontdoor_sg_checklist.en.json
+++ b/checklists-ext/azurefrontdoor_sg_checklist.en.json
@@ -245,6 +245,6 @@
         "name": "Azure Front Door Service Guide",
         "waf": "all",
         "state": "preview",
-        "timestamp": "September 01, 2024"
+        "timestamp": "September 03, 2024"
     }
 }
\ No newline at end of file
diff --git a/checklists-ext/azurefrontdoor_sg_checklist.es.json b/checklists-ext/azurefrontdoor_sg_checklist.es.json
index 66b81299c..028562556 100644
--- a/checklists-ext/azurefrontdoor_sg_checklist.es.json
+++ b/checklists-ext/azurefrontdoor_sg_checklist.es.json
@@ -182,7 +182,7 @@
     "metadata": {
         "name": "Azure Front Door Service Guide",
         "state": "preview",
-        "timestamp": "August 26, 2024",
+        "timestamp": "September 03, 2024",
         "waf": "all"
     },
     "status": [
@@ -209,34 +209,34 @@
     ],
     "waf": [
         {
-            "name": "Rendimiento"
+            "name": "seguridad"
         },
         {
-            "name": "Seguridad"
+            "name": "rendimiento"
         },
         {
-            "name": "costar"
+            "name": "Operaciones"
         },
         {
-            "name": "seguridad"
+            "name": "fiabilidad"
         },
         {
-            "name": "rendimiento"
+            "name": "Costar"
         },
         {
-            "name": "fiabilidad"
+            "name": "Operaciones"
         },
         {
-            "name": "Operaciones"
+            "name": "Fiabilidad"
         },
         {
-            "name": "Operaciones"
+            "name": "Seguridad"
         },
         {
-            "name": "Costar"
+            "name": "costar"
         },
         {
-            "name": "Fiabilidad"
+            "name": "Rendimiento"
         }
     ],
     "yesno": [
diff --git a/checklists-ext/azurefrontdoor_sg_checklist.ja.json b/checklists-ext/azurefrontdoor_sg_checklist.ja.json
index 62d072f3b..8d157f5ff 100644
--- a/checklists-ext/azurefrontdoor_sg_checklist.ja.json
+++ b/checklists-ext/azurefrontdoor_sg_checklist.ja.json
@@ -182,7 +182,7 @@
     "metadata": {
         "name": "Azure Front Door Service Guide",
         "state": "preview",
-        "timestamp": "August 26, 2024",
+        "timestamp": "September 03, 2024",
         "waf": "all"
     },
     "status": [
@@ -208,35 +208,35 @@
         }
     ],
     "waf": [
-        {
-            "name": "パフォーマンス"
-        },
         {
             "name": "安全"
         },
         {
-            "name": "費用"
+            "name": "パフォーマンス"
         },
         {
-            "name": "安全"
+            "name": "オペレーションズ"
         },
         {
-            "name": "パフォーマンス"
+            "name": "確実"
         },
         {
-            "name": "確実"
+            "name": "費用"
         },
         {
             "name": "オペレーションズ"
         },
         {
-            "name": "オペレーションズ"
+            "name": "確実"
+        },
+        {
+            "name": "安全"
         },
         {
             "name": "費用"
         },
         {
-            "name": "確実"
+            "name": "パフォーマンス"
         }
     ],
     "yesno": [
diff --git a/checklists-ext/azurefrontdoor_sg_checklist.ko.json b/checklists-ext/azurefrontdoor_sg_checklist.ko.json
index 05db1897f..aee129e56 100644
--- a/checklists-ext/azurefrontdoor_sg_checklist.ko.json
+++ b/checklists-ext/azurefrontdoor_sg_checklist.ko.json
@@ -182,7 +182,7 @@
     "metadata": {
         "name": "Azure Front Door Service Guide",
         "state": "preview",
-        "timestamp": "August 26, 2024",
+        "timestamp": "September 03, 2024",
         "waf": "all"
     },
     "status": [
@@ -208,35 +208,35 @@
         }
     ],
     "waf": [
-        {
-            "name": "공연"
-        },
         {
             "name": "안전"
         },
         {
-            "name": "비용"
+            "name": "공연"
         },
         {
-            "name": "안전"
+            "name": "작업"
         },
         {
-            "name": "공연"
+            "name": "신뢰도"
         },
         {
-            "name": "신뢰도"
+            "name": "비용"
         },
         {
             "name": "작업"
         },
         {
-            "name": "작업"
+            "name": "신뢰도"
+        },
+        {
+            "name": "안전"
         },
         {
             "name": "비용"
         },
         {
-            "name": "신뢰도"
+            "name": "공연"
         }
     ],
     "yesno": [
diff --git a/checklists-ext/azurefrontdoor_sg_checklist.pt.json b/checklists-ext/azurefrontdoor_sg_checklist.pt.json
index da697d871..7387ddefa 100644
--- a/checklists-ext/azurefrontdoor_sg_checklist.pt.json
+++ b/checklists-ext/azurefrontdoor_sg_checklist.pt.json
@@ -182,7 +182,7 @@
     "metadata": {
         "name": "Azure Front Door Service Guide",
         "state": "preview",
-        "timestamp": "August 26, 2024",
+        "timestamp": "September 03, 2024",
         "waf": "all"
     },
     "status": [
@@ -209,34 +209,34 @@
     ],
     "waf": [
         {
-            "name": "Desempenho"
+            "name": "segurança"
         },
         {
-            "name": "Segurança"
+            "name": "desempenho"
         },
         {
-            "name": "custar"
+            "name": "Operações"
         },
         {
-            "name": "segurança"
+            "name": "fiabilidade"
         },
         {
-            "name": "desempenho"
+            "name": "Custar"
         },
         {
-            "name": "fiabilidade"
+            "name": "Operações"
         },
         {
-            "name": "Operações"
+            "name": "Fiabilidade"
         },
         {
-            "name": "Operações"
+            "name": "Segurança"
         },
         {
-            "name": "Custar"
+            "name": "custar"
         },
         {
-            "name": "Fiabilidade"
+            "name": "Desempenho"
         }
     ],
     "yesno": [
diff --git a/checklists-ext/azurefrontdoor_sg_checklist.zh-Hant.json b/checklists-ext/azurefrontdoor_sg_checklist.zh-Hant.json
index c6ffc8e9b..7d3260f2c 100644
--- a/checklists-ext/azurefrontdoor_sg_checklist.zh-Hant.json
+++ b/checklists-ext/azurefrontdoor_sg_checklist.zh-Hant.json
@@ -182,7 +182,7 @@
     "metadata": {
         "name": "Azure Front Door Service Guide",
         "state": "preview",
-        "timestamp": "August 26, 2024",
+        "timestamp": "September 03, 2024",
         "waf": "all"
     },
     "status": [
@@ -208,35 +208,35 @@
         }
     ],
     "waf": [
-        {
-            "name": "性能"
-        },
         {
             "name": "安全"
         },
         {
-            "name": "成本"
+            "name": "性能"
         },
         {
-            "name": "安全"
+            "name": "操作"
         },
         {
-            "name": "性能"
+            "name": "可靠性"
         },
         {
-            "name": "可靠性"
+            "name": "成本"
         },
         {
             "name": "操作"
         },
         {
-            "name": "操作"
+            "name": "可靠性"
+        },
+        {
+            "name": "安全"
         },
         {
             "name": "成本"
         },
         {
-            "name": "可靠性"
+            "name": "性能"
         }
     ],
     "yesno": [
diff --git a/checklists-ext/azurekubernetesservice_sg_checklist.en.json b/checklists-ext/azurekubernetesservice_sg_checklist.en.json
index 20d14cece..09a9e574b 100644
--- a/checklists-ext/azurekubernetesservice_sg_checklist.en.json
+++ b/checklists-ext/azurekubernetesservice_sg_checklist.en.json
@@ -477,6 +477,6 @@
         "name": "Azure Kubernetes Service Service Guide",
         "waf": "all",
         "state": "preview",
-        "timestamp": "September 01, 2024"
+        "timestamp": "September 03, 2024"
     }
 }
\ No newline at end of file
diff --git a/checklists-ext/azurekubernetesservice_sg_checklist.es.json b/checklists-ext/azurekubernetesservice_sg_checklist.es.json
index f79a191ff..aa145ca83 100644
--- a/checklists-ext/azurekubernetesservice_sg_checklist.es.json
+++ b/checklists-ext/azurekubernetesservice_sg_checklist.es.json
@@ -414,7 +414,7 @@
     "metadata": {
         "name": "Azure Kubernetes Service Service Guide",
         "state": "preview",
-        "timestamp": "August 26, 2024",
+        "timestamp": "September 03, 2024",
         "waf": "all"
     },
     "status": [
@@ -441,34 +441,34 @@
     ],
     "waf": [
         {
-            "name": "Rendimiento"
+            "name": "seguridad"
         },
         {
-            "name": "Seguridad"
+            "name": "rendimiento"
         },
         {
-            "name": "costar"
+            "name": "Operaciones"
         },
         {
-            "name": "seguridad"
+            "name": "fiabilidad"
         },
         {
-            "name": "rendimiento"
+            "name": "Costar"
         },
         {
-            "name": "fiabilidad"
+            "name": "Operaciones"
         },
         {
-            "name": "Operaciones"
+            "name": "Fiabilidad"
         },
         {
-            "name": "Operaciones"
+            "name": "Seguridad"
         },
         {
-            "name": "Costar"
+            "name": "costar"
         },
         {
-            "name": "Fiabilidad"
+            "name": "Rendimiento"
         }
     ],
     "yesno": [
diff --git a/checklists-ext/azurekubernetesservice_sg_checklist.ja.json b/checklists-ext/azurekubernetesservice_sg_checklist.ja.json
index 9c7895aa0..21107b57f 100644
--- a/checklists-ext/azurekubernetesservice_sg_checklist.ja.json
+++ b/checklists-ext/azurekubernetesservice_sg_checklist.ja.json
@@ -414,7 +414,7 @@
     "metadata": {
         "name": "Azure Kubernetes Service Service Guide",
         "state": "preview",
-        "timestamp": "August 26, 2024",
+        "timestamp": "September 03, 2024",
         "waf": "all"
     },
     "status": [
@@ -440,35 +440,35 @@
         }
     ],
     "waf": [
-        {
-            "name": "パフォーマンス"
-        },
         {
             "name": "安全"
         },
         {
-            "name": "費用"
+            "name": "パフォーマンス"
         },
         {
-            "name": "安全"
+            "name": "オペレーションズ"
         },
         {
-            "name": "パフォーマンス"
+            "name": "確実"
         },
         {
-            "name": "確実"
+            "name": "費用"
         },
         {
             "name": "オペレーションズ"
         },
         {
-            "name": "オペレーションズ"
+            "name": "確実"
+        },
+        {
+            "name": "安全"
         },
         {
             "name": "費用"
         },
         {
-            "name": "確実"
+            "name": "パフォーマンス"
         }
     ],
     "yesno": [
diff --git a/checklists-ext/azurekubernetesservice_sg_checklist.ko.json b/checklists-ext/azurekubernetesservice_sg_checklist.ko.json
index 3b5f20cf4..05c9639be 100644
--- a/checklists-ext/azurekubernetesservice_sg_checklist.ko.json
+++ b/checklists-ext/azurekubernetesservice_sg_checklist.ko.json
@@ -414,7 +414,7 @@
     "metadata": {
         "name": "Azure Kubernetes Service Service Guide",
         "state": "preview",
-        "timestamp": "August 26, 2024",
+        "timestamp": "September 03, 2024",
         "waf": "all"
     },
     "status": [
@@ -440,35 +440,35 @@
         }
     ],
     "waf": [
-        {
-            "name": "공연"
-        },
         {
             "name": "안전"
         },
         {
-            "name": "비용"
+            "name": "공연"
         },
         {
-            "name": "안전"
+            "name": "작업"
         },
         {
-            "name": "공연"
+            "name": "신뢰도"
         },
         {
-            "name": "신뢰도"
+            "name": "비용"
         },
         {
             "name": "작업"
         },
         {
-            "name": "작업"
+            "name": "신뢰도"
+        },
+        {
+            "name": "안전"
         },
         {
             "name": "비용"
         },
         {
-            "name": "신뢰도"
+            "name": "공연"
         }
     ],
     "yesno": [
diff --git a/checklists-ext/azurekubernetesservice_sg_checklist.pt.json b/checklists-ext/azurekubernetesservice_sg_checklist.pt.json
index c37561433..e50dd7973 100644
--- a/checklists-ext/azurekubernetesservice_sg_checklist.pt.json
+++ b/checklists-ext/azurekubernetesservice_sg_checklist.pt.json
@@ -414,7 +414,7 @@
     "metadata": {
         "name": "Azure Kubernetes Service Service Guide",
         "state": "preview",
-        "timestamp": "August 26, 2024",
+        "timestamp": "September 03, 2024",
         "waf": "all"
     },
     "status": [
@@ -441,34 +441,34 @@
     ],
     "waf": [
         {
-            "name": "Desempenho"
+            "name": "segurança"
         },
         {
-            "name": "Segurança"
+            "name": "desempenho"
         },
         {
-            "name": "custar"
+            "name": "Operações"
         },
         {
-            "name": "segurança"
+            "name": "fiabilidade"
         },
         {
-            "name": "desempenho"
+            "name": "Custar"
         },
         {
-            "name": "fiabilidade"
+            "name": "Operações"
         },
         {
-            "name": "Operações"
+            "name": "Fiabilidade"
         },
         {
-            "name": "Operações"
+            "name": "Segurança"
         },
         {
-            "name": "Custar"
+            "name": "custar"
         },
         {
-            "name": "Fiabilidade"
+            "name": "Desempenho"
         }
     ],
     "yesno": [
diff --git a/checklists-ext/azurekubernetesservice_sg_checklist.zh-Hant.json b/checklists-ext/azurekubernetesservice_sg_checklist.zh-Hant.json
index 0ca836685..e4100d639 100644
--- a/checklists-ext/azurekubernetesservice_sg_checklist.zh-Hant.json
+++ b/checklists-ext/azurekubernetesservice_sg_checklist.zh-Hant.json
@@ -414,7 +414,7 @@
     "metadata": {
         "name": "Azure Kubernetes Service Service Guide",
         "state": "preview",
-        "timestamp": "August 26, 2024",
+        "timestamp": "September 03, 2024",
         "waf": "all"
     },
     "status": [
@@ -440,35 +440,35 @@
         }
     ],
     "waf": [
-        {
-            "name": "性能"
-        },
         {
             "name": "安全"
         },
         {
-            "name": "成本"
+            "name": "性能"
         },
         {
-            "name": "安全"
+            "name": "操作"
         },
         {
-            "name": "性能"
+            "name": "可靠性"
         },
         {
-            "name": "可靠性"
+            "name": "成本"
         },
         {
             "name": "操作"
         },
         {
-            "name": "操作"
+            "name": "可靠性"
+        },
+        {
+            "name": "安全"
         },
         {
             "name": "成本"
         },
         {
-            "name": "可靠性"
+            "name": "性能"
         }
     ],
     "yesno": [
diff --git a/checklists-ext/azuremachinelearning_sg_checklist.en.json b/checklists-ext/azuremachinelearning_sg_checklist.en.json
index c2c3e302b..1d0304c31 100644
--- a/checklists-ext/azuremachinelearning_sg_checklist.en.json
+++ b/checklists-ext/azuremachinelearning_sg_checklist.en.json
@@ -333,6 +333,6 @@
         "name": "Azure Machine Learning Service Guide",
         "waf": "all",
         "state": "preview",
-        "timestamp": "September 01, 2024"
+        "timestamp": "September 03, 2024"
     }
 }
\ No newline at end of file
diff --git a/checklists-ext/azuremachinelearning_sg_checklist.es.json b/checklists-ext/azuremachinelearning_sg_checklist.es.json
index e5b570a30..2736dc363 100644
--- a/checklists-ext/azuremachinelearning_sg_checklist.es.json
+++ b/checklists-ext/azuremachinelearning_sg_checklist.es.json
@@ -270,7 +270,7 @@
     "metadata": {
         "name": "Azure Machine Learning Service Guide",
         "state": "preview",
-        "timestamp": "August 26, 2024",
+        "timestamp": "September 03, 2024",
         "waf": "all"
     },
     "status": [
@@ -297,34 +297,34 @@
     ],
     "waf": [
         {
-            "name": "Rendimiento"
+            "name": "seguridad"
         },
         {
-            "name": "Seguridad"
+            "name": "rendimiento"
         },
         {
-            "name": "costar"
+            "name": "Operaciones"
         },
         {
-            "name": "seguridad"
+            "name": "fiabilidad"
         },
         {
-            "name": "rendimiento"
+            "name": "Costar"
         },
         {
-            "name": "fiabilidad"
+            "name": "Operaciones"
         },
         {
-            "name": "Operaciones"
+            "name": "Fiabilidad"
         },
         {
-            "name": "Operaciones"
+            "name": "Seguridad"
         },
         {
-            "name": "Costar"
+            "name": "costar"
         },
         {
-            "name": "Fiabilidad"
+            "name": "Rendimiento"
         }
     ],
     "yesno": [
diff --git a/checklists-ext/azuremachinelearning_sg_checklist.ja.json b/checklists-ext/azuremachinelearning_sg_checklist.ja.json
index 60e3a0324..e509e0e72 100644
--- a/checklists-ext/azuremachinelearning_sg_checklist.ja.json
+++ b/checklists-ext/azuremachinelearning_sg_checklist.ja.json
@@ -270,7 +270,7 @@
     "metadata": {
         "name": "Azure Machine Learning Service Guide",
         "state": "preview",
-        "timestamp": "August 26, 2024",
+        "timestamp": "September 03, 2024",
         "waf": "all"
     },
     "status": [
@@ -296,35 +296,35 @@
         }
     ],
     "waf": [
-        {
-            "name": "パフォーマンス"
-        },
         {
             "name": "安全"
         },
         {
-            "name": "費用"
+            "name": "パフォーマンス"
         },
         {
-            "name": "安全"
+            "name": "オペレーションズ"
         },
         {
-            "name": "パフォーマンス"
+            "name": "確実"
         },
         {
-            "name": "確実"
+            "name": "費用"
         },
         {
             "name": "オペレーションズ"
         },
         {
-            "name": "オペレーションズ"
+            "name": "確実"
+        },
+        {
+            "name": "安全"
         },
         {
             "name": "費用"
         },
         {
-            "name": "確実"
+            "name": "パフォーマンス"
         }
     ],
     "yesno": [
diff --git a/checklists-ext/azuremachinelearning_sg_checklist.ko.json b/checklists-ext/azuremachinelearning_sg_checklist.ko.json
index 5765b04ca..f050406b4 100644
--- a/checklists-ext/azuremachinelearning_sg_checklist.ko.json
+++ b/checklists-ext/azuremachinelearning_sg_checklist.ko.json
@@ -270,7 +270,7 @@
     "metadata": {
         "name": "Azure Machine Learning Service Guide",
         "state": "preview",
-        "timestamp": "August 26, 2024",
+        "timestamp": "September 03, 2024",
         "waf": "all"
     },
     "status": [
@@ -296,35 +296,35 @@
         }
     ],
     "waf": [
-        {
-            "name": "공연"
-        },
         {
             "name": "안전"
         },
         {
-            "name": "비용"
+            "name": "공연"
         },
         {
-            "name": "안전"
+            "name": "작업"
         },
         {
-            "name": "공연"
+            "name": "신뢰도"
         },
         {
-            "name": "신뢰도"
+            "name": "비용"
         },
         {
             "name": "작업"
         },
         {
-            "name": "작업"
+            "name": "신뢰도"
+        },
+        {
+            "name": "안전"
         },
         {
             "name": "비용"
         },
         {
-            "name": "신뢰도"
+            "name": "공연"
         }
     ],
     "yesno": [
diff --git a/checklists-ext/azuremachinelearning_sg_checklist.pt.json b/checklists-ext/azuremachinelearning_sg_checklist.pt.json
index 40d0a73d5..4a4e14480 100644
--- a/checklists-ext/azuremachinelearning_sg_checklist.pt.json
+++ b/checklists-ext/azuremachinelearning_sg_checklist.pt.json
@@ -270,7 +270,7 @@
     "metadata": {
         "name": "Azure Machine Learning Service Guide",
         "state": "preview",
-        "timestamp": "August 26, 2024",
+        "timestamp": "September 03, 2024",
         "waf": "all"
     },
     "status": [
@@ -297,34 +297,34 @@
     ],
     "waf": [
         {
-            "name": "Desempenho"
+            "name": "segurança"
         },
         {
-            "name": "Segurança"
+            "name": "desempenho"
         },
         {
-            "name": "custar"
+            "name": "Operações"
         },
         {
-            "name": "segurança"
+            "name": "fiabilidade"
         },
         {
-            "name": "desempenho"
+            "name": "Custar"
         },
         {
-            "name": "fiabilidade"
+            "name": "Operações"
         },
         {
-            "name": "Operações"
+            "name": "Fiabilidade"
         },
         {
-            "name": "Operações"
+            "name": "Segurança"
         },
         {
-            "name": "Custar"
+            "name": "custar"
         },
         {
-            "name": "Fiabilidade"
+            "name": "Desempenho"
         }
     ],
     "yesno": [
diff --git a/checklists-ext/azuremachinelearning_sg_checklist.zh-Hant.json b/checklists-ext/azuremachinelearning_sg_checklist.zh-Hant.json
index 3ff92bf0b..b6f53e95b 100644
--- a/checklists-ext/azuremachinelearning_sg_checklist.zh-Hant.json
+++ b/checklists-ext/azuremachinelearning_sg_checklist.zh-Hant.json
@@ -270,7 +270,7 @@
     "metadata": {
         "name": "Azure Machine Learning Service Guide",
         "state": "preview",
-        "timestamp": "August 26, 2024",
+        "timestamp": "September 03, 2024",
         "waf": "all"
     },
     "status": [
@@ -296,35 +296,35 @@
         }
     ],
     "waf": [
-        {
-            "name": "性能"
-        },
         {
             "name": "安全"
         },
         {
-            "name": "成本"
+            "name": "性能"
         },
         {
-            "name": "安全"
+            "name": "操作"
         },
         {
-            "name": "性能"
+            "name": "可靠性"
         },
         {
-            "name": "可靠性"
+            "name": "成本"
         },
         {
             "name": "操作"
         },
         {
-            "name": "操作"
+            "name": "可靠性"
+        },
+        {
+            "name": "安全"
         },
         {
             "name": "成本"
         },
         {
-            "name": "可靠性"
+            "name": "性能"
         }
     ],
     "yesno": [
diff --git a/checklists-ext/azureopenai_sg_checklist.en.json b/checklists-ext/azureopenai_sg_checklist.en.json
index ef7b0920e..c3b58f4c8 100644
--- a/checklists-ext/azureopenai_sg_checklist.en.json
+++ b/checklists-ext/azureopenai_sg_checklist.en.json
@@ -173,6 +173,6 @@
         "name": "Azure Openai Service Guide",
         "waf": "all",
         "state": "preview",
-        "timestamp": "September 01, 2024"
+        "timestamp": "September 03, 2024"
     }
 }
\ No newline at end of file
diff --git a/checklists-ext/azureopenai_sg_checklist.es.json b/checklists-ext/azureopenai_sg_checklist.es.json
index 2c93af697..6f9963187 100644
--- a/checklists-ext/azureopenai_sg_checklist.es.json
+++ b/checklists-ext/azureopenai_sg_checklist.es.json
@@ -110,7 +110,7 @@
     "metadata": {
         "name": "Azure Openai Service Guide",
         "state": "preview",
-        "timestamp": "August 26, 2024",
+        "timestamp": "September 03, 2024",
         "waf": "all"
     },
     "status": [
@@ -137,34 +137,34 @@
     ],
     "waf": [
         {
-            "name": "Rendimiento"
+            "name": "seguridad"
         },
         {
-            "name": "Seguridad"
+            "name": "rendimiento"
         },
         {
-            "name": "costar"
+            "name": "Operaciones"
         },
         {
-            "name": "seguridad"
+            "name": "fiabilidad"
         },
         {
-            "name": "rendimiento"
+            "name": "Costar"
         },
         {
-            "name": "fiabilidad"
+            "name": "Operaciones"
         },
         {
-            "name": "Operaciones"
+            "name": "Fiabilidad"
         },
         {
-            "name": "Operaciones"
+            "name": "Seguridad"
         },
         {
-            "name": "Costar"
+            "name": "costar"
         },
         {
-            "name": "Fiabilidad"
+            "name": "Rendimiento"
         }
     ],
     "yesno": [
diff --git a/checklists-ext/azureopenai_sg_checklist.ja.json b/checklists-ext/azureopenai_sg_checklist.ja.json
index 936696bd3..78aa3ee79 100644
--- a/checklists-ext/azureopenai_sg_checklist.ja.json
+++ b/checklists-ext/azureopenai_sg_checklist.ja.json
@@ -110,7 +110,7 @@
     "metadata": {
         "name": "Azure Openai Service Guide",
         "state": "preview",
-        "timestamp": "August 26, 2024",
+        "timestamp": "September 03, 2024",
         "waf": "all"
     },
     "status": [
@@ -136,35 +136,35 @@
         }
     ],
     "waf": [
-        {
-            "name": "パフォーマンス"
-        },
         {
             "name": "安全"
         },
         {
-            "name": "費用"
+            "name": "パフォーマンス"
         },
         {
-            "name": "安全"
+            "name": "オペレーションズ"
         },
         {
-            "name": "パフォーマンス"
+            "name": "確実"
         },
         {
-            "name": "確実"
+            "name": "費用"
         },
         {
             "name": "オペレーションズ"
         },
         {
-            "name": "オペレーションズ"
+            "name": "確実"
+        },
+        {
+            "name": "安全"
         },
         {
             "name": "費用"
         },
         {
-            "name": "確実"
+            "name": "パフォーマンス"
         }
     ],
     "yesno": [
diff --git a/checklists-ext/azureopenai_sg_checklist.ko.json b/checklists-ext/azureopenai_sg_checklist.ko.json
index 510ff5453..a562a391b 100644
--- a/checklists-ext/azureopenai_sg_checklist.ko.json
+++ b/checklists-ext/azureopenai_sg_checklist.ko.json
@@ -110,7 +110,7 @@
     "metadata": {
         "name": "Azure Openai Service Guide",
         "state": "preview",
-        "timestamp": "August 26, 2024",
+        "timestamp": "September 03, 2024",
         "waf": "all"
     },
     "status": [
@@ -136,35 +136,35 @@
         }
     ],
     "waf": [
-        {
-            "name": "공연"
-        },
         {
             "name": "안전"
         },
         {
-            "name": "비용"
+            "name": "공연"
         },
         {
-            "name": "안전"
+            "name": "작업"
         },
         {
-            "name": "공연"
+            "name": "신뢰도"
         },
         {
-            "name": "신뢰도"
+            "name": "비용"
         },
         {
             "name": "작업"
         },
         {
-            "name": "작업"
+            "name": "신뢰도"
+        },
+        {
+            "name": "안전"
         },
         {
             "name": "비용"
         },
         {
-            "name": "신뢰도"
+            "name": "공연"
         }
     ],
     "yesno": [
diff --git a/checklists-ext/azureopenai_sg_checklist.pt.json b/checklists-ext/azureopenai_sg_checklist.pt.json
index a12afa8cc..5aa14722a 100644
--- a/checklists-ext/azureopenai_sg_checklist.pt.json
+++ b/checklists-ext/azureopenai_sg_checklist.pt.json
@@ -110,7 +110,7 @@
     "metadata": {
         "name": "Azure Openai Service Guide",
         "state": "preview",
-        "timestamp": "August 26, 2024",
+        "timestamp": "September 03, 2024",
         "waf": "all"
     },
     "status": [
@@ -137,34 +137,34 @@
     ],
     "waf": [
         {
-            "name": "Desempenho"
+            "name": "segurança"
         },
         {
-            "name": "Segurança"
+            "name": "desempenho"
         },
         {
-            "name": "custar"
+            "name": "Operações"
         },
         {
-            "name": "segurança"
+            "name": "fiabilidade"
         },
         {
-            "name": "desempenho"
+            "name": "Custar"
         },
         {
-            "name": "fiabilidade"
+            "name": "Operações"
         },
         {
-            "name": "Operações"
+            "name": "Fiabilidade"
         },
         {
-            "name": "Operações"
+            "name": "Segurança"
         },
         {
-            "name": "Custar"
+            "name": "custar"
         },
         {
-            "name": "Fiabilidade"
+            "name": "Desempenho"
         }
     ],
     "yesno": [
diff --git a/checklists-ext/azureopenai_sg_checklist.zh-Hant.json b/checklists-ext/azureopenai_sg_checklist.zh-Hant.json
index be29af142..b56e3ca5d 100644
--- a/checklists-ext/azureopenai_sg_checklist.zh-Hant.json
+++ b/checklists-ext/azureopenai_sg_checklist.zh-Hant.json
@@ -110,7 +110,7 @@
     "metadata": {
         "name": "Azure Openai Service Guide",
         "state": "preview",
-        "timestamp": "August 26, 2024",
+        "timestamp": "September 03, 2024",
         "waf": "all"
     },
     "status": [
@@ -136,35 +136,35 @@
         }
     ],
     "waf": [
-        {
-            "name": "性能"
-        },
         {
             "name": "安全"
         },
         {
-            "name": "成本"
+            "name": "性能"
         },
         {
-            "name": "安全"
+            "name": "操作"
         },
         {
-            "name": "性能"
+            "name": "可靠性"
         },
         {
-            "name": "可靠性"
+            "name": "成本"
         },
         {
             "name": "操作"
         },
         {
-            "name": "操作"
+            "name": "可靠性"
+        },
+        {
+            "name": "安全"
         },
         {
             "name": "成本"
         },
         {
-            "name": "可靠性"
+            "name": "性能"
         }
     ],
     "yesno": [
diff --git a/checklists-ext/fullwaf_checklist.en.json b/checklists-ext/fullwaf_checklist.en.json
index 94db56bee..77a4e9475 100644
--- a/checklists-ext/fullwaf_checklist.en.json
+++ b/checklists-ext/fullwaf_checklist.en.json
@@ -26083,7 +26083,7 @@
     ],
     "metadata": {
         "name": "WAF checklist",
-        "timestamp": "August 26, 2024"
+        "timestamp": "September 03, 2024"
     },
     "severities": [
         {
diff --git a/checklists-ext/virtualmachines_sg_checklist.en.json b/checklists-ext/virtualmachines_sg_checklist.en.json
index dd57b02ae..8aeb8ebcd 100644
--- a/checklists-ext/virtualmachines_sg_checklist.en.json
+++ b/checklists-ext/virtualmachines_sg_checklist.en.json
@@ -293,6 +293,6 @@
         "name": "Virtual Machines Service Guide",
         "waf": "all",
         "state": "preview",
-        "timestamp": "September 01, 2024"
+        "timestamp": "September 03, 2024"
     }
 }
\ No newline at end of file
diff --git a/checklists-ext/virtualmachines_sg_checklist.es.json b/checklists-ext/virtualmachines_sg_checklist.es.json
index c5eb03709..e6a60ab45 100644
--- a/checklists-ext/virtualmachines_sg_checklist.es.json
+++ b/checklists-ext/virtualmachines_sg_checklist.es.json
@@ -230,7 +230,7 @@
     "metadata": {
         "name": "Virtual Machines Service Guide",
         "state": "preview",
-        "timestamp": "August 26, 2024",
+        "timestamp": "September 03, 2024",
         "waf": "all"
     },
     "status": [
@@ -257,34 +257,34 @@
     ],
     "waf": [
         {
-            "name": "Rendimiento"
+            "name": "seguridad"
         },
         {
-            "name": "Seguridad"
+            "name": "rendimiento"
         },
         {
-            "name": "costar"
+            "name": "Operaciones"
         },
         {
-            "name": "seguridad"
+            "name": "fiabilidad"
         },
         {
-            "name": "rendimiento"
+            "name": "Costar"
         },
         {
-            "name": "fiabilidad"
+            "name": "Operaciones"
         },
         {
-            "name": "Operaciones"
+            "name": "Fiabilidad"
         },
         {
-            "name": "Operaciones"
+            "name": "Seguridad"
         },
         {
-            "name": "Costar"
+            "name": "costar"
         },
         {
-            "name": "Fiabilidad"
+            "name": "Rendimiento"
         }
     ],
     "yesno": [
diff --git a/checklists-ext/virtualmachines_sg_checklist.ja.json b/checklists-ext/virtualmachines_sg_checklist.ja.json
index 2b89ead84..af5299b18 100644
--- a/checklists-ext/virtualmachines_sg_checklist.ja.json
+++ b/checklists-ext/virtualmachines_sg_checklist.ja.json
@@ -230,7 +230,7 @@
     "metadata": {
         "name": "Virtual Machines Service Guide",
         "state": "preview",
-        "timestamp": "August 26, 2024",
+        "timestamp": "September 03, 2024",
         "waf": "all"
     },
     "status": [
@@ -256,35 +256,35 @@
         }
     ],
     "waf": [
-        {
-            "name": "パフォーマンス"
-        },
         {
             "name": "安全"
         },
         {
-            "name": "費用"
+            "name": "パフォーマンス"
         },
         {
-            "name": "安全"
+            "name": "オペレーションズ"
         },
         {
-            "name": "パフォーマンス"
+            "name": "確実"
         },
         {
-            "name": "確実"
+            "name": "費用"
         },
         {
             "name": "オペレーションズ"
         },
         {
-            "name": "オペレーションズ"
+            "name": "確実"
+        },
+        {
+            "name": "安全"
         },
         {
             "name": "費用"
         },
         {
-            "name": "確実"
+            "name": "パフォーマンス"
         }
     ],
     "yesno": [
diff --git a/checklists-ext/virtualmachines_sg_checklist.ko.json b/checklists-ext/virtualmachines_sg_checklist.ko.json
index ba0038b6b..21a9ddb13 100644
--- a/checklists-ext/virtualmachines_sg_checklist.ko.json
+++ b/checklists-ext/virtualmachines_sg_checklist.ko.json
@@ -230,7 +230,7 @@
     "metadata": {
         "name": "Virtual Machines Service Guide",
         "state": "preview",
-        "timestamp": "August 26, 2024",
+        "timestamp": "September 03, 2024",
         "waf": "all"
     },
     "status": [
@@ -256,35 +256,35 @@
         }
     ],
     "waf": [
-        {
-            "name": "공연"
-        },
         {
             "name": "안전"
         },
         {
-            "name": "비용"
+            "name": "공연"
         },
         {
-            "name": "안전"
+            "name": "작업"
         },
         {
-            "name": "공연"
+            "name": "신뢰도"
         },
         {
-            "name": "신뢰도"
+            "name": "비용"
         },
         {
             "name": "작업"
         },
         {
-            "name": "작업"
+            "name": "신뢰도"
+        },
+        {
+            "name": "안전"
         },
         {
             "name": "비용"
         },
         {
-            "name": "신뢰도"
+            "name": "공연"
         }
     ],
     "yesno": [
diff --git a/checklists-ext/virtualmachines_sg_checklist.pt.json b/checklists-ext/virtualmachines_sg_checklist.pt.json
index 46d21d24b..2cac56337 100644
--- a/checklists-ext/virtualmachines_sg_checklist.pt.json
+++ b/checklists-ext/virtualmachines_sg_checklist.pt.json
@@ -230,7 +230,7 @@
     "metadata": {
         "name": "Virtual Machines Service Guide",
         "state": "preview",
-        "timestamp": "August 26, 2024",
+        "timestamp": "September 03, 2024",
         "waf": "all"
     },
     "status": [
@@ -257,34 +257,34 @@
     ],
     "waf": [
         {
-            "name": "Desempenho"
+            "name": "segurança"
         },
         {
-            "name": "Segurança"
+            "name": "desempenho"
         },
         {
-            "name": "custar"
+            "name": "Operações"
         },
         {
-            "name": "segurança"
+            "name": "fiabilidade"
         },
         {
-            "name": "desempenho"
+            "name": "Custar"
         },
         {
-            "name": "fiabilidade"
+            "name": "Operações"
         },
         {
-            "name": "Operações"
+            "name": "Fiabilidade"
         },
         {
-            "name": "Operações"
+            "name": "Segurança"
         },
         {
-            "name": "Custar"
+            "name": "custar"
         },
         {
-            "name": "Fiabilidade"
+            "name": "Desempenho"
         }
     ],
     "yesno": [
diff --git a/checklists-ext/virtualmachines_sg_checklist.zh-Hant.json b/checklists-ext/virtualmachines_sg_checklist.zh-Hant.json
index edc5dc6f1..19ca9e01a 100644
--- a/checklists-ext/virtualmachines_sg_checklist.zh-Hant.json
+++ b/checklists-ext/virtualmachines_sg_checklist.zh-Hant.json
@@ -230,7 +230,7 @@
     "metadata": {
         "name": "Virtual Machines Service Guide",
         "state": "preview",
-        "timestamp": "August 26, 2024",
+        "timestamp": "September 03, 2024",
         "waf": "all"
     },
     "status": [
@@ -256,35 +256,35 @@
         }
     ],
     "waf": [
-        {
-            "name": "性能"
-        },
         {
             "name": "安全"
         },
         {
-            "name": "成本"
+            "name": "性能"
         },
         {
-            "name": "安全"
+            "name": "操作"
         },
         {
-            "name": "性能"
+            "name": "可靠性"
         },
         {
-            "name": "可靠性"
+            "name": "成本"
         },
         {
             "name": "操作"
         },
         {
-            "name": "操作"
+            "name": "可靠性"
+        },
+        {
+            "name": "安全"
         },
         {
             "name": "成本"
         },
         {
-            "name": "可靠性"
+            "name": "性能"
         }
     ],
     "yesno": [
diff --git a/checklists-ext/wafsg_checklist.en.json b/checklists-ext/wafsg_checklist.en.json
index 363690f65..6296765b1 100644
--- a/checklists-ext/wafsg_checklist.en.json
+++ b/checklists-ext/wafsg_checklist.en.json
@@ -5613,6 +5613,6 @@
         "name": "WAF Service Guides",
         "waf": "all",
         "state": "preview",
-        "timestamp": "September 01, 2024"
+        "timestamp": "September 03, 2024"
     }
 }
\ No newline at end of file
diff --git a/checklists-ext/wafsg_checklist.es.json b/checklists-ext/wafsg_checklist.es.json
index 681aad35c..21f763b38 100644
--- a/checklists-ext/wafsg_checklist.es.json
+++ b/checklists-ext/wafsg_checklist.es.json
@@ -5550,7 +5550,7 @@
     "metadata": {
         "name": "WAF Service Guides",
         "state": "preview",
-        "timestamp": "August 26, 2024",
+        "timestamp": "September 03, 2024",
         "waf": "all"
     },
     "status": [
@@ -5577,34 +5577,34 @@
     ],
     "waf": [
         {
-            "name": "Rendimiento"
+            "name": "seguridad"
         },
         {
-            "name": "Seguridad"
+            "name": "rendimiento"
         },
         {
-            "name": "costar"
+            "name": "Operaciones"
         },
         {
-            "name": "seguridad"
+            "name": "fiabilidad"
         },
         {
-            "name": "rendimiento"
+            "name": "Costar"
         },
         {
-            "name": "fiabilidad"
+            "name": "Operaciones"
         },
         {
-            "name": "Operaciones"
+            "name": "Fiabilidad"
         },
         {
-            "name": "Operaciones"
+            "name": "Seguridad"
         },
         {
-            "name": "Costar"
+            "name": "costar"
         },
         {
-            "name": "Fiabilidad"
+            "name": "Rendimiento"
         }
     ],
     "yesno": [
diff --git a/checklists-ext/wafsg_checklist.ja.json b/checklists-ext/wafsg_checklist.ja.json
index b7d7aa173..700bdae09 100644
--- a/checklists-ext/wafsg_checklist.ja.json
+++ b/checklists-ext/wafsg_checklist.ja.json
@@ -5550,7 +5550,7 @@
     "metadata": {
         "name": "WAF Service Guides",
         "state": "preview",
-        "timestamp": "August 26, 2024",
+        "timestamp": "September 03, 2024",
         "waf": "all"
     },
     "status": [
@@ -5576,35 +5576,35 @@
         }
     ],
     "waf": [
-        {
-            "name": "パフォーマンス"
-        },
         {
             "name": "安全"
         },
         {
-            "name": "費用"
+            "name": "パフォーマンス"
         },
         {
-            "name": "安全"
+            "name": "オペレーションズ"
         },
         {
-            "name": "パフォーマンス"
+            "name": "確実"
         },
         {
-            "name": "確実"
+            "name": "費用"
         },
         {
             "name": "オペレーションズ"
         },
         {
-            "name": "オペレーションズ"
+            "name": "確実"
+        },
+        {
+            "name": "安全"
         },
         {
             "name": "費用"
         },
         {
-            "name": "確実"
+            "name": "パフォーマンス"
         }
     ],
     "yesno": [
diff --git a/checklists-ext/wafsg_checklist.ko.json b/checklists-ext/wafsg_checklist.ko.json
index 48af42ce3..563f5b021 100644
--- a/checklists-ext/wafsg_checklist.ko.json
+++ b/checklists-ext/wafsg_checklist.ko.json
@@ -5550,7 +5550,7 @@
     "metadata": {
         "name": "WAF Service Guides",
         "state": "preview",
-        "timestamp": "August 26, 2024",
+        "timestamp": "September 03, 2024",
         "waf": "all"
     },
     "status": [
@@ -5576,35 +5576,35 @@
         }
     ],
     "waf": [
-        {
-            "name": "공연"
-        },
         {
             "name": "안전"
         },
         {
-            "name": "비용"
+            "name": "공연"
         },
         {
-            "name": "안전"
+            "name": "작업"
         },
         {
-            "name": "공연"
+            "name": "신뢰도"
         },
         {
-            "name": "신뢰도"
+            "name": "비용"
         },
         {
             "name": "작업"
         },
         {
-            "name": "작업"
+            "name": "신뢰도"
+        },
+        {
+            "name": "안전"
         },
         {
             "name": "비용"
         },
         {
-            "name": "신뢰도"
+            "name": "공연"
         }
     ],
     "yesno": [
diff --git a/checklists-ext/wafsg_checklist.pt.json b/checklists-ext/wafsg_checklist.pt.json
index aec4bf9d4..06be01809 100644
--- a/checklists-ext/wafsg_checklist.pt.json
+++ b/checklists-ext/wafsg_checklist.pt.json
@@ -5550,7 +5550,7 @@
     "metadata": {
         "name": "WAF Service Guides",
         "state": "preview",
-        "timestamp": "August 26, 2024",
+        "timestamp": "September 03, 2024",
         "waf": "all"
     },
     "status": [
@@ -5577,34 +5577,34 @@
     ],
     "waf": [
         {
-            "name": "Desempenho"
+            "name": "segurança"
         },
         {
-            "name": "Segurança"
+            "name": "desempenho"
         },
         {
-            "name": "custar"
+            "name": "Operações"
         },
         {
-            "name": "segurança"
+            "name": "fiabilidade"
         },
         {
-            "name": "desempenho"
+            "name": "Custar"
         },
         {
-            "name": "fiabilidade"
+            "name": "Operações"
         },
         {
-            "name": "Operações"
+            "name": "Fiabilidade"
         },
         {
-            "name": "Operações"
+            "name": "Segurança"
         },
         {
-            "name": "Custar"
+            "name": "custar"
         },
         {
-            "name": "Fiabilidade"
+            "name": "Desempenho"
         }
     ],
     "yesno": [
diff --git a/checklists-ext/wafsg_checklist.zh-Hant.json b/checklists-ext/wafsg_checklist.zh-Hant.json
index a6286e0b1..40745254b 100644
--- a/checklists-ext/wafsg_checklist.zh-Hant.json
+++ b/checklists-ext/wafsg_checklist.zh-Hant.json
@@ -5550,7 +5550,7 @@
     "metadata": {
         "name": "WAF Service Guides",
         "state": "preview",
-        "timestamp": "August 26, 2024",
+        "timestamp": "September 03, 2024",
         "waf": "all"
     },
     "status": [
@@ -5576,35 +5576,35 @@
         }
     ],
     "waf": [
-        {
-            "name": "性能"
-        },
         {
             "name": "安全"
         },
         {
-            "name": "成本"
+            "name": "性能"
         },
         {
-            "name": "安全"
+            "name": "操作"
         },
         {
-            "name": "性能"
+            "name": "可靠性"
         },
         {
-            "name": "可靠性"
+            "name": "成本"
         },
         {
             "name": "操作"
         },
         {
-            "name": "操作"
+            "name": "可靠性"
+        },
+        {
+            "name": "安全"
         },
         {
             "name": "成本"
         },
         {
-            "name": "可靠性"
+            "name": "性能"
         }
     ],
     "yesno": [
diff --git a/checklists/checklist.en.master.json b/checklists/checklist.en.master.json
index 39c7ae56f..c26760d12 100644
--- a/checklists/checklist.en.master.json
+++ b/checklists/checklist.en.master.json
@@ -79,8 +79,8 @@
             "guid": "32952499-58c8-4e6f-ada5-972e67893d55",
             "link": "https://learn.microsoft.com/azure/cloud-adoption-framework/ready/landing-zone/design-area/azure-billing-microsoft-customer-agreement#design-recommendations",
             "services": [
-                "Cost",
-                "Entra"
+                "Entra",
+                "Cost"
             ],
             "severity": "Medium",
             "subcategory": "Cloud Solution Provider",
@@ -94,8 +94,8 @@
             "guid": "685cb4f2-ac9c-4b19-9167-993ed0b32415",
             "link": "https://learn.microsoft.com/azure/cost-management-billing/manage/direct-ea-administration#manage-notification-contacts",
             "services": [
-                "LoadBalancer",
-                "Entra"
+                "Entra",
+                "LoadBalancer"
             ],
             "severity": "Medium",
             "subcategory": "Enterprise Agreement",
@@ -108,8 +108,8 @@
             "guid": "12cd499f-96e2-4e41-a243-231fb3245a1c",
             "link": "https://learn.microsoft.com/azure/cloud-adoption-framework/ready/landing-zone/design-area/azure-billing-enterprise-agreement#design-considerations",
             "services": [
-                "TrafficManager",
-                "Entra"
+                "Entra",
+                "TrafficManager"
             ],
             "severity": "Low",
             "subcategory": "Enterprise Agreement",
@@ -123,8 +123,8 @@
             "guid": "ca0fe401-12ad-46fc-8a7e-86293866a9f6",
             "link": "https://learn.microsoft.com/azure/cloud-adoption-framework/ready/landing-zone/design-area/azure-billing-enterprise-agreement#design-recommendations",
             "services": [
-                "Cost",
-                "Entra"
+                "Entra",
+                "Cost"
             ],
             "severity": "Medium",
             "subcategory": "Enterprise Agreement",
@@ -138,9 +138,9 @@
             "guid": "5cf9f485-2784-49b3-9824-75d9b8bdb57b",
             "link": "https://learn.microsoft.com/azure/cloud-adoption-framework/ready/landing-zone/design-area/azure-billing-enterprise-agreement#design-considerations",
             "services": [
-                "Cost",
                 "Subscriptions",
-                "Entra"
+                "Entra",
+                "Cost"
             ],
             "severity": "Low",
             "subcategory": "Enterprise Agreement",
@@ -168,8 +168,8 @@
             "guid": "90e87802-602f-4dfb-acea-67c60689f1d7",
             "link": "https://learn.microsoft.com/azure/cost-management-billing/manage/mca-section-invoice",
             "services": [
-                "Cost",
                 "Entra",
+                "Cost",
                 "Storage"
             ],
             "severity": "Low",
@@ -184,8 +184,8 @@
             "guid": "e81a73f0-84c4-4641-b406-14db3b4d1f50",
             "link": "https://learn.microsoft.com/azure/cloud-adoption-framework/ready/landing-zone/design-area/azure-billing-microsoft-customer-agreement#design-recommendations",
             "services": [
-                "Cost",
-                "Entra"
+                "Entra",
+                "Cost"
             ],
             "severity": "Low",
             "subcategory": "Microsoft Customer Agreement",
@@ -217,8 +217,8 @@
             "services": [
                 "Subscriptions",
                 "Entra",
-                "ACR",
-                "RBAC"
+                "RBAC",
+                "ACR"
             ],
             "severity": "High",
             "subcategory": "Identity",
@@ -277,8 +277,8 @@
             "link": "https://learn.microsoft.com/azure/active-directory/conditional-access/overview",
             "service": "Entra",
             "services": [
-                "AzurePolicy",
-                "Entra"
+                "Entra",
+                "AzurePolicy"
             ],
             "severity": "High",
             "subcategory": "Identity",
@@ -337,9 +337,9 @@
             "guid": "1559ab91-53e8-4908-ae28-c84c33b6b780",
             "link": "https://learn.microsoft.com/azure/architecture/reference-architectures/identity/adds-extend-domain#vm-recommendations",
             "services": [
+                "Entra",
                 "VM",
-                "ACR",
-                "Entra"
+                "ACR"
             ],
             "severity": "High",
             "subcategory": "Identity",
@@ -355,8 +355,8 @@
             "services": [
                 "Subscriptions",
                 "Entra",
-                "ACR",
-                "RBAC"
+                "RBAC",
+                "ACR"
             ],
             "severity": "Medium",
             "subcategory": "Identity",
@@ -386,8 +386,8 @@
             "link": "https://learn.microsoft.com/azure/active-directory/reports-monitoring/concept-activity-logs-azure-monitor",
             "service": "Entra",
             "services": [
-                "Monitor",
-                "Entra"
+                "Entra",
+                "Monitor"
             ],
             "severity": "Medium",
             "subcategory": "Identity",
@@ -463,8 +463,8 @@
             "guid": "9cf5418b-1520-4b7b-add7-88eb28f833e8",
             "link": "https://learn.microsoft.com/azure/cloud-adoption-framework/ready/landing-zone/design-area/identity-access-landing-zones#identity-and-access-management-in-the-azure-landing-zone-accelerator",
             "services": [
-                "VNet",
-                "Entra"
+                "Entra",
+                "VNet"
             ],
             "severity": "High",
             "subcategory": "Landing zones",
@@ -478,11 +478,11 @@
             "guid": "d4d1ad54-1abc-4919-b267-3f342d3b49e4",
             "link": "https://learn.microsoft.com/azure/cloud-adoption-framework/ready/landing-zone/design-area/identity-access-landing-zones#rbac-recommendations",
             "services": [
-                "Storage",
                 "AKV",
+                "Entra",
                 "RBAC",
                 "ACR",
-                "Entra"
+                "Storage"
             ],
             "severity": "Medium",
             "subcategory": "Landing zones",
@@ -552,8 +552,8 @@
             "link": "https://learn.microsoft.com/azure/cloud-adoption-framework/ready/landing-zone/design-area/resource-org-management-groups#management-group-recommendations",
             "services": [
                 "Subscriptions",
-                "AzurePolicy",
-                "RBAC"
+                "RBAC",
+                "AzurePolicy"
             ],
             "severity": "Medium",
             "subcategory": "Subscriptions",
@@ -567,10 +567,10 @@
             "guid": "8bbac757-1559-4ab9-853e-8908ae28c84c",
             "link": "https://learn.microsoft.com/azure/cloud-adoption-framework/ready/landing-zone/design-area/resource-org-management-groups#management-group-recommendations",
             "services": [
-                "ExpressRoute",
-                "DNS",
+                "Subscriptions",
                 "VWAN",
-                "Subscriptions"
+                "ExpressRoute",
+                "DNS"
             ],
             "severity": "Medium",
             "subcategory": "Subscriptions",
@@ -627,10 +627,10 @@
             "guid": "49b82111-2df2-47ee-912e-7f983f630472",
             "link": "https://learn.microsoft.com/entra/id-governance/access-reviews-overview",
             "services": [
-                "Cost",
                 "Subscriptions",
+                "RBAC",
                 "AzurePolicy",
-                "RBAC"
+                "Cost"
             ],
             "severity": "High",
             "subcategory": "Subscriptions",
@@ -658,8 +658,8 @@
             "guid": "c68e1d76-6673-413b-9f56-64b5e984a859",
             "link": "https://learn.microsoft.com/azure/cost-management-billing/reservations/save-compute-costs-reservations",
             "services": [
-                "Cost",
-                "Subscriptions"
+                "Subscriptions",
+                "Cost"
             ],
             "severity": "High",
             "subcategory": "Subscriptions",
@@ -690,8 +690,8 @@
             "guid": "ae28c84c-33b6-4b78-88b9-fe5c41049d40",
             "link": "https://learn.microsoft.com/azure/cloud-adoption-framework/get-started/manage-costs",
             "services": [
-                "Cost",
-                "Subscriptions"
+                "Subscriptions",
+                "Cost"
             ],
             "severity": "High",
             "subcategory": "Subscriptions",
@@ -721,8 +721,8 @@
             "guid": "5de32c19-9248-4160-9d5d-1e4e614658d3",
             "link": "https://learn.microsoft.com/azure/cloud-adoption-framework/ready/azure-best-practices/track-costs",
             "services": [
-                "Cost",
-                "Subscriptions"
+                "Subscriptions",
+                "Cost"
             ],
             "severity": "Medium",
             "subcategory": "Subscriptions",
@@ -790,8 +790,8 @@
             "guid": "373f482f-3e39-4d39-8aa4-7e566f6082b6",
             "link": "https://learn.microsoft.com/azure/cloud-adoption-framework/ready/azure-best-practices/plan-for-app-delivery",
             "services": [
-                "AppGW",
-                "FrontDoor"
+                "FrontDoor",
+                "AppGW"
             ],
             "severity": "Medium",
             "subcategory": "App delivery",
@@ -820,13 +820,13 @@
             "link": "https://learn.microsoft.com/azure/cloud-adoption-framework/ready/azure-best-practices/traditional-azure-networking-topology",
             "service": "VNet",
             "services": [
-                "VNet",
-                "VPN",
-                "ExpressRoute",
-                "DNS",
-                "Firewall",
                 "NVA",
-                "Entra"
+                "Firewall",
+                "DNS",
+                "Entra",
+                "ExpressRoute",
+                "VNet",
+                "VPN"
             ],
             "severity": "High",
             "subcategory": "Hub and spoke",
@@ -871,8 +871,8 @@
             "service": "ExpressRoute",
             "services": [
                 "ExpressRoute",
-                "ARS",
-                "VPN"
+                "VPN",
+                "ARS"
             ],
             "severity": "Low",
             "subcategory": "Hub and spoke",
@@ -888,8 +888,8 @@
             "link": "https://learn.microsoft.com/azure/route-server/quickstart-configure-route-server-portal#create-a-route-server-1",
             "service": "ARS",
             "services": [
-                "VNet",
-                "ARS"
+                "ARS",
+                "VNet"
             ],
             "severity": "Low",
             "subcategory": "Hub and spoke",
@@ -1063,8 +1063,8 @@
             "link": "https://learn.microsoft.com/azure/site-recovery/concepts-on-premises-to-azure-networking#retain-ip-addresses",
             "service": "VNet",
             "services": [
-                "VNet",
-                "ASR"
+                "ASR",
+                "VNet"
             ],
             "severity": "High",
             "subcategory": "IP plan",
@@ -1096,8 +1096,8 @@
             "service": "DNS",
             "services": [
                 "VNet",
-                "DNS",
-                "ACR"
+                "ACR",
+                "DNS"
             ],
             "severity": "Medium",
             "subcategory": "IP plan",
@@ -1129,8 +1129,8 @@
             "service": "DNS",
             "services": [
                 "VM",
-                "DNS",
-                "VNet"
+                "VNet",
+                "DNS"
             ],
             "severity": "High",
             "subcategory": "IP plan",
@@ -1161,8 +1161,8 @@
             "link": "https://learn.microsoft.com/azure/bastion/bastion-faq#subnet",
             "service": "Bastion",
             "services": [
-                "Bastion",
-                "VNet"
+                "VNet",
+                "Bastion"
             ],
             "severity": "Medium",
             "subcategory": "Internet",
@@ -1177,9 +1177,9 @@
             "link": "https://learn.microsoft.com/azure/web-application-firewall/afds/afds-overview",
             "service": "WAF",
             "services": [
-                "WAF",
-                "AzurePolicy",
                 "FrontDoor",
+                "AzurePolicy",
+                "WAF",
                 "ACR"
             ],
             "severity": "Medium",
@@ -1195,10 +1195,10 @@
             "link": "https://learn.microsoft.com/azure/web-application-firewall/ag/ag-overview",
             "service": "WAF",
             "services": [
-                "WAF",
-                "AppGW",
+                "FrontDoor",
                 "AzurePolicy",
-                "FrontDoor"
+                "AppGW",
+                "WAF"
             ],
             "severity": "Low",
             "subcategory": "Internet",
@@ -1213,8 +1213,8 @@
             "link": "https://learn.microsoft.com/azure/web-application-firewall/ag/ag-overview",
             "service": "WAF",
             "services": [
-                "VNet",
-                "WAF"
+                "WAF",
+                "VNet"
             ],
             "severity": "High",
             "subcategory": "Internet",
@@ -1289,8 +1289,8 @@
             "link": "https://learn.microsoft.com/azure/cloud-adoption-framework/ready/azure-best-practices/connectivity-to-azure",
             "service": "ExpressRoute",
             "services": [
-                "ExpressRoute",
                 "Backup",
+                "ExpressRoute",
                 "VPN"
             ],
             "severity": "Medium",
@@ -1497,8 +1497,8 @@
             "link": "https://learn.microsoft.com/azure/expressroute/how-to-configure-connection-monitor",
             "service": "ExpressRoute",
             "services": [
-                "Monitor",
                 "ACR",
+                "Monitor",
                 "NetworkWatcher"
             ],
             "severity": "Medium",
@@ -1622,8 +1622,8 @@
             "service": "ExpressRoute",
             "services": [
                 "ExpressRoute",
-                "Monitor",
-                "VNet"
+                "VNet",
+                "Monitor"
             ],
             "severity": "Medium",
             "subcategory": "Hybrid",
@@ -1684,9 +1684,9 @@
             "service": "Firewall",
             "services": [
                 "Firewall",
-                "AzurePolicy",
                 "RBAC",
-                "ACR"
+                "ACR",
+                "AzurePolicy"
             ],
             "severity": "Medium",
             "subcategory": "Firewall",
@@ -1717,8 +1717,8 @@
             "link": "https://learn.microsoft.com/azure/firewall/fqdn-filtering-network-rules",
             "service": "Firewall",
             "services": [
-                "DNS",
-                "Firewall"
+                "Firewall",
+                "DNS"
             ],
             "severity": "High",
             "subcategory": "Firewall",
@@ -1781,11 +1781,11 @@
             "link": "https://learn.microsoft.com/azure/virtual-network/virtual-networks-udr-overview",
             "service": "Firewall",
             "services": [
-                "VNet",
-                "VWAN",
-                "Storage",
+                "NVA",
                 "Firewall",
-                "NVA"
+                "VWAN",
+                "VNet",
+                "Storage"
             ],
             "severity": "High",
             "subcategory": "Firewall",
@@ -1799,8 +1799,8 @@
             "link": "https://learn.microsoft.com/azure/firewall/firewall-structured-logs",
             "service": "Firewall",
             "services": [
-                "Storage",
-                "Firewall"
+                "Firewall",
+                "Storage"
             ],
             "severity": "Medium",
             "subcategory": "Firewall",
@@ -1815,8 +1815,8 @@
             "link": "https://learn.microsoft.com/azure/firewall-manager/migrate-to-policy",
             "service": "Firewall",
             "services": [
-                "AzurePolicy",
-                "Firewall"
+                "Firewall",
+                "AzurePolicy"
             ],
             "severity": "Important",
             "subcategory": "Firewall",
@@ -1832,8 +1832,8 @@
             "link": "https://learn.microsoft.com/azure/firewall/firewall-faq#why-does-azure-firewall-need-a--26-subnet-size",
             "service": "Firewall",
             "services": [
-                "VNet",
-                "Firewall"
+                "Firewall",
+                "VNet"
             ],
             "severity": "High",
             "subcategory": "Segmentation",
@@ -1946,8 +1946,8 @@
             "link": "https://learn.microsoft.com/azure/firewall/dns-details",
             "service": "Firewall",
             "services": [
-                "DNS",
-                "Firewall"
+                "Firewall",
+                "DNS"
             ],
             "severity": "Medium",
             "subcategory": "Firewall",
@@ -1962,8 +1962,8 @@
             "link": "https://learn.microsoft.com/azure/firewall/firewall-diagnostics",
             "service": "Firewall",
             "services": [
-                "Monitor",
-                "Firewall"
+                "Firewall",
+                "Monitor"
             ],
             "severity": "High",
             "subcategory": "Firewall",
@@ -2022,8 +2022,8 @@
             "link": "https://learn.microsoft.com/azure/private-link/private-endpoint-overview",
             "service": "ExpressRoute",
             "services": [
-                "ExpressRoute",
-                "PrivateLink"
+                "PrivateLink",
+                "ExpressRoute"
             ],
             "severity": "Medium",
             "subcategory": "PaaS",
@@ -2054,10 +2054,10 @@
             "link": "azure/private-link/inspect-traffic-with-azure-firewall",
             "service": "Firewall",
             "services": [
-                "DNS",
                 "NVA",
+                "Firewall",
                 "PrivateLink",
-                "Firewall"
+                "DNS"
             ],
             "severity": "Medium",
             "subcategory": "PaaS",
@@ -2074,8 +2074,8 @@
             "service": "ExpressRoute",
             "services": [
                 "ExpressRoute",
-                "VNet",
-                "VPN"
+                "VPN",
+                "VNet"
             ],
             "severity": "High",
             "subcategory": "Segmentation",
@@ -2134,9 +2134,9 @@
             "link": "https://learn.microsoft.com/azure/virtual-network/network-security-group-how-it-works",
             "service": "NSG",
             "services": [
-                "VNet",
                 "NVA",
-                "Entra"
+                "Entra",
+                "VNet"
             ],
             "severity": "Medium",
             "subcategory": "Segmentation",
@@ -2277,8 +2277,8 @@
             "link": "https://learn.microsoft.com/azure/virtual-wan/about-virtual-hub-routing-preference",
             "service": "VWAN",
             "services": [
-                "ExpressRoute",
                 "VWAN",
+                "ExpressRoute",
                 "VPN"
             ],
             "severity": "Medium",
@@ -2338,8 +2338,8 @@
             "link": "https://learn.microsoft.com/azure/governance/policy/overview",
             "service": "Policy",
             "services": [
-                "AzurePolicy",
-                "RBAC"
+                "RBAC",
+                "AzurePolicy"
             ],
             "severity": "Medium",
             "subcategory": "Governance",
@@ -2414,8 +2414,8 @@
             "services": [
                 "Subscriptions",
                 "Entra",
-                "AzurePolicy",
-                "RBAC"
+                "RBAC",
+                "AzurePolicy"
             ],
             "severity": "Medium",
             "subcategory": "Governance",
@@ -2501,9 +2501,9 @@
             "guid": "29fd366b-a180-452b-9bd7-954b7700c667",
             "link": "https://learn.microsoft.com/azure/cost-management-billing/costs/tutorial-acm-create-budgets?bc=%2Fazure%2Fcloud-adoption-framework%2F_bread%2Ftoc.json&toc=%2Fazure%2Fcloud-adoption-framework%2Ftoc.json",
             "services": [
-                "Cost",
+                "TrafficManager",
                 "Monitor",
-                "TrafficManager"
+                "Cost"
             ],
             "severity": "Medium",
             "subcategory": "Optimize your cloud investment",
@@ -2517,10 +2517,10 @@
             "link": "https://learn.microsoft.com/azure/azure-monitor/logs/design-logs-deployment",
             "service": "Monitor",
             "services": [
-                "Monitor",
-                "AzurePolicy",
+                "Entra",
                 "RBAC",
-                "Entra"
+                "AzurePolicy",
+                "Monitor"
             ],
             "severity": "Medium",
             "subcategory": "Monitoring",
@@ -2535,9 +2535,9 @@
             "link": "https://learn.microsoft.com/azure/azure-monitor/logs/data-retention-archive?tabs=portal-1%2Cportal-2#how-retention-and-archiving-work",
             "service": "Monitor",
             "services": [
+                "AzurePolicy",
                 "ARS",
                 "Monitor",
-                "AzurePolicy",
                 "Storage"
             ],
             "severity": "High",
@@ -2554,8 +2554,8 @@
             "service": "VM",
             "services": [
                 "VM",
-                "Monitor",
-                "AzurePolicy"
+                "AzurePolicy",
+                "Monitor"
             ],
             "severity": "Medium",
             "subcategory": "Monitoring",
@@ -2629,9 +2629,9 @@
             "guid": "a6e55d7d-8a2a-4db1-87d6-326af625ca44",
             "link": "https://learn.microsoft.com/azure/governance/policy/concepts/effect-deny",
             "services": [
-                "Monitor",
+                "RBAC",
                 "AzurePolicy",
-                "RBAC"
+                "Monitor"
             ],
             "severity": "Low",
             "subcategory": "Monitoring",
@@ -2761,8 +2761,8 @@
             "guid": "aa45be6a-8f2d-4896-b0e3-775e6e94e610",
             "link": "https://learn.microsoft.com/azure/cloud-adoption-framework/ready/landing-zone/design-area/management-monitor",
             "services": [
-                "Monitor",
-                "AzurePolicy"
+                "AzurePolicy",
+                "Monitor"
             ],
             "severity": "Medium",
             "subcategory": "Monitoring",
@@ -2835,8 +2835,8 @@
             "service": "VM",
             "services": [
                 "VM",
-                "Monitor",
-                "AzurePolicy"
+                "AzurePolicy",
+                "Monitor"
             ],
             "severity": "Medium",
             "subcategory": "Operational compliance",
@@ -2851,8 +2851,8 @@
             "link": "https://learn.microsoft.com/azure/site-recovery/site-recovery-overview",
             "service": "VM",
             "services": [
-                "VM",
                 "ASR",
+                "VM",
                 "ACR"
             ],
             "severity": "Medium",
@@ -2897,9 +2897,9 @@
             "link": "https://learn.microsoft.com/azure/web-application-firewall/afds/waf-front-door-best-practices#add-diagnostic-settings-to-save-your-wafs-logs",
             "service": "WAF",
             "services": [
-                "WAF",
+                "FrontDoor",
                 "AppGW",
-                "FrontDoor"
+                "WAF"
             ],
             "severity": "High",
             "subcategory": "App delivery",
@@ -2914,10 +2914,10 @@
             "link": "https://learn.microsoft.com/azure/web-application-firewall/afds/waf-front-door-best-practices#send-logs-to-microsoft-sentinel",
             "service": "WAF",
             "services": [
+                "FrontDoor",
                 "Sentinel",
-                "WAF",
                 "AppGW",
-                "FrontDoor"
+                "WAF"
             ],
             "severity": "Medium",
             "subcategory": "App delivery",
@@ -3050,8 +3050,8 @@
             "link": "https://learn.microsoft.com/azure/key-vault/general/best-practices",
             "service": "Key Vault",
             "services": [
-                "VNet",
                 "PrivateLink",
+                "VNet",
                 "AKV"
             ],
             "severity": "Medium",
@@ -3067,8 +3067,8 @@
             "link": "https://learn.microsoft.com/azure/key-vault/general/monitor-key-vault",
             "service": "Key Vault",
             "services": [
-                "Monitor",
                 "Entra",
+                "Monitor",
                 "AKV"
             ],
             "severity": "Medium",
@@ -3192,8 +3192,8 @@
             "link": "https://learn.microsoft.com/azure/defender-for-cloud/concept-cloud-security-posture-management",
             "service": "Defender",
             "services": [
-                "Subscriptions",
-                "Defender"
+                "Defender",
+                "Subscriptions"
             ],
             "severity": "High",
             "subcategory": "Operations",
@@ -3208,8 +3208,8 @@
             "link": "https://learn.microsoft.com/azure/defender-for-cloud/plan-defender-for-servers-select-plan",
             "service": "Defender",
             "services": [
-                "Subscriptions",
-                "Defender"
+                "Defender",
+                "Subscriptions"
             ],
             "severity": "High",
             "subcategory": "Operations",
@@ -3224,8 +3224,8 @@
             "link": "https://learn.microsoft.com/azure/defender-for-cloud/connect-azure-subscription",
             "service": "Defender",
             "services": [
-                "Subscriptions",
-                "Defender"
+                "Defender",
+                "Subscriptions"
             ],
             "severity": "High",
             "subcategory": "Operations",
@@ -3253,8 +3253,8 @@
             "link": "https://learn.microsoft.com/azure/security-center/",
             "service": "VM",
             "services": [
-                "Monitor",
-                "Defender"
+                "Defender",
+                "Monitor"
             ],
             "severity": "Medium",
             "subcategory": "Operations",
@@ -3269,8 +3269,8 @@
             "link": "https://learn.microsoft.com/azure/azure-monitor/logs/design-logs-deployment",
             "service": "Monitor",
             "services": [
-                "Monitor",
-                "Entra"
+                "Entra",
+                "Monitor"
             ],
             "severity": "Medium",
             "subcategory": "Operations",
@@ -3286,8 +3286,8 @@
             "link": "https://learn.microsoft.com/en-us/azure/well-architected/security/monitor-threats#centralized-threat-detection-with-correlated-logs",
             "service": "Entra",
             "services": [
-                "ACR",
-                "Entra"
+                "Entra",
+                "ACR"
             ],
             "severity": "High",
             "subcategory": "Operations",
@@ -3571,8 +3571,8 @@
             "link": "https://learn.microsoft.com/azure/api-management/api-management-error-handling-policies",
             "service": "APIM",
             "services": [
-                "AzurePolicy",
-                "APIM"
+                "APIM",
+                "AzurePolicy"
             ],
             "severity": "Medium",
             "subcategory": "Development best practices",
@@ -3586,8 +3586,8 @@
             "link": "https://learn.microsoft.com/azure/api-management/set-edit-policies?tabs=form#use-base-element-to-set-policy-evaluation-order",
             "service": "APIM",
             "services": [
-                "AzurePolicy",
-                "APIM"
+                "APIM",
+                "AzurePolicy"
             ],
             "severity": "Medium",
             "subcategory": "Development best practices",
@@ -3601,9 +3601,9 @@
             "link": "https://learn.microsoft.com/azure/api-management/policy-fragments",
             "service": "APIM",
             "services": [
-                "ACR",
+                "APIM",
                 "AzurePolicy",
-                "APIM"
+                "ACR"
             ],
             "severity": "Medium",
             "subcategory": "Development best practices",
@@ -3631,8 +3631,8 @@
             "link": "https://learn.microsoft.com/azure/api-management/api-management-howto-use-azure-monitor#resource-logs",
             "service": "APIM",
             "services": [
-                "Monitor",
-                "APIM"
+                "APIM",
+                "Monitor"
             ],
             "severity": "High",
             "subcategory": "Monitoring",
@@ -3646,8 +3646,8 @@
             "link": "https://learn.microsoft.com/azure/api-management/api-management-howto-app-insights",
             "service": "APIM",
             "services": [
-                "Monitor",
-                "APIM"
+                "APIM",
+                "Monitor"
             ],
             "severity": "Medium",
             "subcategory": "Monitoring",
@@ -3661,8 +3661,8 @@
             "link": "https://learn.microsoft.com/azure/api-management/api-management-howto-use-azure-monitor",
             "service": "APIM",
             "services": [
-                "Monitor",
-                "APIM"
+                "APIM",
+                "Monitor"
             ],
             "severity": "High",
             "subcategory": "Monitoring",
@@ -3676,9 +3676,9 @@
             "link": "https://learn.microsoft.com/security/benchmark/azure/baselines/api-management-security-baseline?toc=%2Fazure%2Fapi-management%2F&bc=%2Fazure%2Fapi-management%2Fbreadcrumb%2Ftoc.json#certificate-management-in-azure-key-vault",
             "service": "APIM",
             "services": [
-                "AKV",
                 "Entra",
-                "APIM"
+                "APIM",
+                "AKV"
             ],
             "severity": "High",
             "subcategory": "Data protection",
@@ -3692,8 +3692,8 @@
             "link": "https://learn.microsoft.com/security/benchmark/azure/baselines/api-management-security-baseline?toc=%2Fazure%2Fapi-management%2F&bc=%2Fazure%2Fapi-management%2Fbreadcrumb%2Ftoc.json#azure-ad-authentication-required-for-data-plane-access",
             "service": "APIM",
             "services": [
-                "Entra",
-                "APIM"
+                "APIM",
+                "Entra"
             ],
             "severity": "High",
             "subcategory": "Identity",
@@ -3707,8 +3707,8 @@
             "link": "https://learn.microsoft.com/azure/api-management/api-management-howto-aad",
             "service": "APIM",
             "services": [
-                "Entra",
-                "APIM"
+                "APIM",
+                "Entra"
             ],
             "severity": "Medium",
             "subcategory": "Identity",
@@ -3722,8 +3722,8 @@
             "link": "https://learn.microsoft.com/azure/api-management/api-management-howto-create-groups",
             "service": "APIM",
             "services": [
-                "Entra",
-                "APIM"
+                "APIM",
+                "Entra"
             ],
             "severity": "Medium",
             "subcategory": "Privileged access",
@@ -3751,8 +3751,8 @@
             "link": "https://learn.microsoft.com/azure/api-management/api-management-howto-properties?tabs=azure-portal",
             "service": "APIM",
             "services": [
-                "AzurePolicy",
-                "APIM"
+                "APIM",
+                "AzurePolicy"
             ],
             "severity": "Medium",
             "subcategory": "Best practices",
@@ -3767,8 +3767,8 @@
             "service": "APIM",
             "services": [
                 "ASR",
-                "ACR",
-                "APIM"
+                "APIM",
+                "ACR"
             ],
             "severity": "Medium",
             "subcategory": "Business continuity and disaster recovery",
@@ -3798,8 +3798,8 @@
             "service": "APIM",
             "services": [
                 "ASR",
-                "Backup",
-                "APIM"
+                "APIM",
+                "Backup"
             ],
             "severity": "High",
             "subcategory": "Business continuity and disaster recovery",
@@ -3813,8 +3813,8 @@
             "link": "https://learn.microsoft.com/azure/api-management/retry-policy",
             "service": "APIM",
             "services": [
-                "AzurePolicy",
-                "APIM"
+                "APIM",
+                "AzurePolicy"
             ],
             "severity": "Medium",
             "subcategory": "Failover and Caching",
@@ -3827,8 +3827,8 @@
             "guid": "f96ddac5-77ec-4fa9-8833-4327f052059e",
             "link": "https://learn.microsoft.com/azure/api-management/api-management-howto-cache-external",
             "services": [
-                "AzurePolicy",
-                "APIM"
+                "APIM",
+                "AzurePolicy"
             ],
             "severity": "Medium",
             "subcategory": "Performance and scalability",
@@ -3842,9 +3842,9 @@
             "link": "https://learn.microsoft.com/azure/api-management/api-management-howto-log-event-hubs",
             "service": "APIM",
             "services": [
-                "AzurePolicy",
+                "APIM",
                 "EventHubs",
-                "APIM"
+                "AzurePolicy"
             ],
             "severity": "Low",
             "subcategory": "Performance and scalability",
@@ -3858,8 +3858,8 @@
             "link": "https://learn.microsoft.com/azure/api-management/api-management-sample-flexible-throttling",
             "service": "APIM",
             "services": [
-                "AzurePolicy",
-                "APIM"
+                "APIM",
+                "AzurePolicy"
             ],
             "severity": "Medium",
             "subcategory": "Performance and scalability",
@@ -3916,8 +3916,8 @@
             "link": "https://learn.microsoft.com/azure/api-management/api-management-howto-deploy-multi-region#-route-api-calls-to-regional-backend-services",
             "service": "APIM",
             "services": [
-                "AzurePolicy",
-                "APIM"
+                "APIM",
+                "AzurePolicy"
             ],
             "severity": "Medium",
             "subcategory": "Request Routing",
@@ -3931,8 +3931,8 @@
             "link": "https://learn.microsoft.com/azure/azure-resource-manager/management/azure-subscription-service-limits#api-management-limits",
             "service": "APIM",
             "services": [
-                "Entra",
-                "APIM"
+                "APIM",
+                "Entra"
             ],
             "severity": "High",
             "subcategory": "Resource Limits",
@@ -3961,8 +3961,8 @@
             "service": "APIM",
             "services": [
                 "FrontDoor",
-                "Entra",
-                "APIM"
+                "APIM",
+                "Entra"
             ],
             "severity": "Medium",
             "subcategory": "Connectivity",
@@ -3976,8 +3976,8 @@
             "link": "https://learn.microsoft.com/security/benchmark/azure/baselines/api-management-security-baseline?toc=%2Fazure%2Fapi-management%2F&bc=%2Fazure%2Fapi-management%2Fbreadcrumb%2Ftoc.json#virtual-network-integration",
             "service": "APIM",
             "services": [
-                "VNet",
-                "APIM"
+                "APIM",
+                "VNet"
             ],
             "severity": "Medium",
             "subcategory": "Security",
@@ -3991,10 +3991,10 @@
             "link": "https://learn.microsoft.com/security/benchmark/azure/baselines/api-management-security-baseline?toc=%2Fazure%2Fapi-management%2F&bc=%2Fazure%2Fapi-management%2Fbreadcrumb%2Ftoc.json#network-security-group-support",
             "service": "APIM",
             "services": [
+                "APIM",
                 "VNet",
                 "Monitor",
-                "Entra",
-                "APIM"
+                "Entra"
             ],
             "severity": "Medium",
             "subcategory": "Security",
@@ -4008,10 +4008,10 @@
             "link": "https://learn.microsoft.com/security/benchmark/azure/baselines/api-management-security-baseline?toc=%2Fazure%2Fapi-management%2F&bc=%2Fazure%2Fapi-management%2Fbreadcrumb%2Ftoc.json#azure-private-link",
             "service": "APIM",
             "services": [
-                "VNet",
+                "APIM",
                 "PrivateLink",
-                "Entra",
-                "APIM"
+                "VNet",
+                "Entra"
             ],
             "severity": "Medium",
             "subcategory": "Security",
@@ -4053,8 +4053,8 @@
             "link": "https://learn.microsoft.com/azure/cloud-adoption-framework/scenarios/app-platform/api-management/platform-automation-and-devops#design-recommendations",
             "service": "APIM",
             "services": [
-                "Entra",
-                "APIM"
+                "APIM",
+                "Entra"
             ],
             "severity": "Medium",
             "subcategory": "Best practices",
@@ -4068,8 +4068,8 @@
             "link": "https://learn.microsoft.com/azure/api-management/visual-studio-code-tutorial",
             "service": "APIM",
             "services": [
-                "Entra",
-                "APIM"
+                "APIM",
+                "Entra"
             ],
             "severity": "Medium",
             "subcategory": "Best practices",
@@ -4167,8 +4167,8 @@
             "link": "https://learn.microsoft.com/security/benchmark/azure/baselines/api-management-security-baseline?toc=%2Fazure%2Fapi-management%2F&bc=%2Fazure%2Fapi-management%2Fbreadcrumb%2Ftoc.json#im-8-restrict-the-exposure-of-credential-and-secrets",
             "service": "APIM",
             "services": [
-                "AKV",
-                "APIM"
+                "APIM",
+                "AKV"
             ],
             "severity": "High",
             "subcategory": "Data protection",
@@ -4182,8 +4182,8 @@
             "link": "https://learn.microsoft.com/security/benchmark/azure/baselines/api-management-security-baseline?toc=%2Fazure%2Fapi-management%2F&bc=%2Fazure%2Fapi-management%2Fbreadcrumb%2Ftoc.json#managed-identities",
             "service": "APIM",
             "services": [
-                "Entra",
-                "APIM"
+                "APIM",
+                "Entra"
             ],
             "severity": "Medium",
             "subcategory": "Identities",
@@ -4198,9 +4198,9 @@
             "service": "APIM",
             "services": [
                 "WAF",
+                "APIM",
                 "AppGW",
-                "Entra",
-                "APIM"
+                "Entra"
             ],
             "severity": "High",
             "subcategory": "Network",
@@ -4226,9 +4226,9 @@
             "link": "https://learn.microsoft.com/azure/architecture/web-apps/spring-apps/architectures/spring-apps-multi-region",
             "service": "Spring Apps",
             "services": [
+                "FrontDoor",
                 "ASR",
-                "TrafficManager",
-                "FrontDoor"
+                "TrafficManager"
             ],
             "severity": "Medium",
             "subcategory": "Disaster Recovery",
@@ -4402,9 +4402,9 @@
             "guid": "ae0e37ce-e297-411b-b352-caaab79b198d",
             "service": "AVS",
             "services": [
-                "Entra",
                 "AVS",
-                "RBAC"
+                "RBAC",
+                "Entra"
             ],
             "severity": "Medium",
             "subcategory": "Identity",
@@ -4417,9 +4417,9 @@
             "guid": "ab81932c-9fc9-4d1b-a780-36f5e6bfbb9e",
             "service": "AVS",
             "services": [
-                "Entra",
                 "AVS",
-                "RBAC"
+                "RBAC",
+                "Entra"
             ],
             "severity": "Medium",
             "subcategory": "Identity",
@@ -4432,9 +4432,9 @@
             "guid": "d503547c-c447-4e82-9128-a71f0f1cac6d",
             "service": "AVS",
             "services": [
-                "Entra",
                 "AVS",
-                "RBAC"
+                "RBAC",
+                "Entra"
             ],
             "severity": "High",
             "subcategory": "Identity",
@@ -4447,9 +4447,9 @@
             "guid": "fd9f0df4-68dc-4976-b9a9-e6a79f7682c5",
             "service": "AVS",
             "services": [
-                "Entra",
                 "AVS",
-                "RBAC"
+                "RBAC",
+                "Entra"
             ],
             "severity": "High",
             "subcategory": "Identity",
@@ -4476,11 +4476,11 @@
             "guid": "eb710a37-cbc1-4055-8dd5-a936a8bb7cf5",
             "service": "AVS",
             "services": [
+                "NetworkWatcher",
                 "AVS",
-                "Monitor",
-                "VPN",
                 "ExpressRoute",
-                "NetworkWatcher"
+                "VPN",
+                "Monitor"
             ],
             "severity": "High",
             "subcategory": "Monitoring",
@@ -4493,11 +4493,11 @@
             "guid": "976e24f2-a7f8-426c-9253-2a92a2a7ed99",
             "service": "AVS",
             "services": [
+                "NetworkWatcher",
                 "AVS",
-                "Monitor",
                 "ExpressRoute",
                 "VM",
-                "NetworkWatcher"
+                "Monitor"
             ],
             "severity": "Medium",
             "subcategory": "Monitoring",
@@ -4510,9 +4510,9 @@
             "guid": "f41ce6a0-64f3-4805-bc65-3ab50df01265",
             "service": "AVS",
             "services": [
+                "AVS",
                 "VM",
                 "Monitor",
-                "AVS",
                 "NetworkWatcher"
             ],
             "severity": "Medium",
@@ -4526,8 +4526,8 @@
             "guid": "563b4dc7-4a74-48b6-933a-d1a0916a6649",
             "service": "AVS",
             "services": [
-                "ARS",
-                "AVS"
+                "AVS",
+                "ARS"
             ],
             "severity": "High",
             "subcategory": "Routing",
@@ -4540,9 +4540,9 @@
             "guid": "6128a71f-0f1c-4ac6-b9ef-1d5e832e42e3",
             "service": "AVS",
             "services": [
-                "Entra",
                 "AVS",
-                "RBAC"
+                "RBAC",
+                "Entra"
             ],
             "severity": "High",
             "subcategory": "Security (identity)",
@@ -4555,9 +4555,9 @@
             "guid": "c4e2436b-b336-4d71-9f17-960eee0b9b5c",
             "service": "AVS",
             "services": [
-                "Entra",
                 "AVS",
-                "RBAC"
+                "RBAC",
+                "Entra"
             ],
             "severity": "High",
             "subcategory": "Security (identity)",
@@ -4598,9 +4598,9 @@
             "guid": "d329f798-bc17-48bd-a5a0-6ca7144351d1",
             "service": "AVS",
             "services": [
-                "Entra",
                 "AVS",
-                "RBAC"
+                "RBAC",
+                "Entra"
             ],
             "severity": "Medium",
             "subcategory": "Security (identity)",
@@ -4627,8 +4627,8 @@
             "guid": "586cb291-ec16-4a1d-876e-f9f141acdce5",
             "service": "AVS",
             "services": [
-                "VM",
                 "AVS",
+                "VM",
                 "Entra"
             ],
             "severity": "High",
@@ -4655,9 +4655,9 @@
             "guid": "a2adb1c3-d232-46af-825c-a44e1695fddd",
             "service": "AVS",
             "services": [
-                "AppGW",
                 "AVS",
-                "Firewall"
+                "Firewall",
+                "AppGW"
             ],
             "severity": "High",
             "subcategory": "Security (network)",
@@ -4683,8 +4683,8 @@
             "guid": "29e3eec2-1836-487a-8077-a2b5945bda43",
             "service": "AVS",
             "services": [
-                "Monitor",
-                "AVS"
+                "AVS",
+                "Monitor"
             ],
             "severity": "Medium",
             "subcategory": "Security (network)",
@@ -4697,10 +4697,10 @@
             "guid": "334fdf91-c234-4182-a652-75269440b4be",
             "service": "AVS",
             "services": [
-                "VNet",
                 "AVS",
-                "VPN",
                 "ExpressRoute",
+                "VNet",
+                "VPN",
                 "DDoS"
             ],
             "severity": "Medium",
@@ -4727,8 +4727,8 @@
             "guid": "9ccbd869-266a-4cca-874f-aa19bf39d95d",
             "service": "AVS",
             "services": [
-                "AVS",
-                "Defender"
+                "Defender",
+                "AVS"
             ],
             "severity": "Medium",
             "subcategory": "Security (guest/VM)",
@@ -4741,8 +4741,8 @@
             "guid": "44c7c891-9ca1-4f6d-9315-ae524ba34d45",
             "service": "AVS",
             "services": [
-                "Arc",
-                "AVS"
+                "AVS",
+                "Arc"
             ],
             "severity": "Medium",
             "subcategory": "Security (guest/VM)",
@@ -4809,8 +4809,8 @@
             "guid": "d88408f3-7273-44c8-96ba-280214590146",
             "service": "AVS",
             "services": [
-                "AzurePolicy",
                 "AVS",
+                "AzurePolicy",
                 "Storage"
             ],
             "severity": "High",
@@ -4851,8 +4851,8 @@
             "guid": "bf39d95d-44c7-4c89-89ca-1f6d5315ae52",
             "service": "AVS",
             "services": [
-                "AzurePolicy",
-                "AVS"
+                "AVS",
+                "AzurePolicy"
             ],
             "severity": "Medium",
             "subcategory": "Governance (platform)",
@@ -4865,8 +4865,8 @@
             "guid": "4ba34d45-85e1-4213-abd7-bb012f7b95ef",
             "service": "AVS",
             "services": [
-                "Cost",
-                "AVS"
+                "AVS",
+                "Cost"
             ],
             "severity": "Medium",
             "subcategory": "Governance (platform)",
@@ -4879,8 +4879,8 @@
             "guid": "6e043e2a-a359-4271-ae6e-205172676ae4",
             "service": "AVS",
             "services": [
-                "Cost",
-                "AVS"
+                "AVS",
+                "Cost"
             ],
             "severity": "Low",
             "subcategory": "Governance (platform)",
@@ -4919,9 +4919,9 @@
             "guid": "48b262d6-cc5f-4512-a253-98e6db9d37da",
             "service": "AVS",
             "services": [
-                "VM",
+                "Defender",
                 "AVS",
-                "Defender"
+                "VM"
             ],
             "severity": "Medium",
             "subcategory": "Governance (guest/VM)",
@@ -4934,9 +4934,9 @@
             "guid": "41741583-3ef7-4ad7-a6d3-733165c7acbe",
             "service": "AVS",
             "services": [
+                "AVS",
                 "VM",
-                "Arc",
-                "AVS"
+                "Arc"
             ],
             "severity": "Medium",
             "subcategory": "Governance (guest/VM)",
@@ -4962,9 +4962,9 @@
             "guid": "4ed90dae-2cc8-44c4-9b6b-781cbafe6c46",
             "service": "AVS",
             "services": [
+                "AVS",
                 "VM",
-                "Monitor",
-                "AVS"
+                "Monitor"
             ],
             "severity": "Medium",
             "subcategory": "Governance (guest/VM)",
@@ -4977,8 +4977,8 @@
             "guid": "589d457a-927c-4397-9d11-02cad6aae11e",
             "service": "AVS",
             "services": [
-                "VM",
                 "AVS",
+                "VM",
                 "AzurePolicy",
                 "Backup"
             ],
@@ -4993,9 +4993,9 @@
             "guid": "ee29711b-d352-4caa-ab79-b198dab81932",
             "service": "AVS",
             "services": [
-                "Monitor",
+                "Defender",
                 "AVS",
-                "Defender"
+                "Monitor"
             ],
             "severity": "Medium",
             "subcategory": "Compliance",
@@ -5008,8 +5008,8 @@
             "guid": "c9fc9d1b-b780-436f-9e6b-fbb9ed503547",
             "service": "AVS",
             "services": [
-                "AVS",
-                "Defender"
+                "Defender",
+                "AVS"
             ],
             "severity": "Medium",
             "subcategory": "Compliance",
@@ -5061,8 +5061,8 @@
             "guid": "e43a18a9-cd28-49ce-b6b1-7db8255461e2",
             "service": "AVS",
             "services": [
-                "Monitor",
-                "AVS"
+                "AVS",
+                "Monitor"
             ],
             "severity": "High",
             "subcategory": "Monitoring",
@@ -5075,8 +5075,8 @@
             "guid": "6b84ee5d-f47d-42d9-8881-b1cd5d1e54a2",
             "service": "AVS",
             "services": [
-                "Monitor",
-                "AVS"
+                "AVS",
+                "Monitor"
             ],
             "severity": "High",
             "subcategory": "Monitoring",
@@ -5089,8 +5089,8 @@
             "guid": "9659e396-80e7-4828-ac93-5657d02bff45",
             "service": "AVS",
             "services": [
-                "Monitor",
-                "AVS"
+                "AVS",
+                "Monitor"
             ],
             "severity": "High",
             "subcategory": "Monitoring",
@@ -5103,8 +5103,8 @@
             "guid": "64b0d934-a348-4726-be79-d6b5c3a36495",
             "service": "AVS",
             "services": [
-                "Monitor",
-                "AVS"
+                "AVS",
+                "Monitor"
             ],
             "severity": "High",
             "subcategory": "Monitoring",
@@ -5117,8 +5117,8 @@
             "guid": "b6abad38-aad5-43cc-99e1-d86667357c54",
             "service": "AVS",
             "services": [
-                "Monitor",
                 "AVS",
+                "Monitor",
                 "Storage"
             ],
             "severity": "Medium",
@@ -5132,8 +5132,8 @@
             "guid": "9674c5ed-85b8-459c-9733-be2b1a27b775",
             "service": "AVS",
             "services": [
-                "Monitor",
-                "AVS"
+                "AVS",
+                "Monitor"
             ],
             "severity": "Low",
             "subcategory": "Monitoring",
@@ -5146,10 +5146,10 @@
             "guid": "a91be1f3-88f0-43a4-b2cd-463cbbbc8682",
             "service": "AVS",
             "services": [
-                "VM",
-                "Storage",
                 "AVS",
-                "AzurePolicy"
+                "VM",
+                "AzurePolicy",
+                "Storage"
             ],
             "severity": "High",
             "subcategory": "Operations",
@@ -5175,8 +5175,8 @@
             "guid": "0e43a18a-9cd2-489b-bd6b-17db8255461e",
             "service": "AVS",
             "services": [
-                "Backup",
                 "AVS",
+                "Backup",
                 "Storage"
             ],
             "severity": "Medium",
@@ -5190,8 +5190,8 @@
             "guid": "2aee3453-aec8-4339-848b-262d6cc5f512",
             "service": "AVS",
             "services": [
-                "Arc",
-                "AVS"
+                "AVS",
+                "Arc"
             ],
             "severity": "Medium",
             "subcategory": "Operations",
@@ -5204,8 +5204,8 @@
             "guid": "925398e6-da9d-437d-ac43-bc6cd1d79a9b",
             "service": "AVS",
             "services": [
-                "Monitor",
-                "AVS"
+                "AVS",
+                "Monitor"
             ],
             "severity": "Medium",
             "subcategory": "Operations",
@@ -5231,9 +5231,9 @@
             "guid": "17e7a8d9-0ae0-4e27-aee2-9711bd352caa",
             "service": "AVS",
             "services": [
+                "AVS",
                 "AzurePolicy",
-                "Monitor",
-                "AVS"
+                "Monitor"
             ],
             "severity": "Medium",
             "subcategory": "Operations",
@@ -5246,8 +5246,8 @@
             "guid": "aee3553a-fc83-4392-98b2-62d6cc5f5129",
             "service": "AVS",
             "services": [
-                "AVS",
-                "Defender"
+                "Defender",
+                "AVS"
             ],
             "severity": "Medium",
             "subcategory": "Security",
@@ -5260,8 +5260,8 @@
             "guid": "25398e6d-b9d3-47da-a43b-c6cd1d79a9b2",
             "service": "AVS",
             "services": [
-                "Backup",
-                "AVS"
+                "AVS",
+                "Backup"
             ],
             "severity": "Medium",
             "subcategory": "Backup",
@@ -5344,10 +5344,10 @@
             "guid": "d1d79a9b-2460-4448-aa8f-42d78e78cb6a",
             "service": "AVS",
             "services": [
-                "ExpressRoute",
-                "ASR",
                 "NVA",
-                "AVS"
+                "AVS",
+                "ASR",
+                "ExpressRoute"
             ],
             "severity": "Medium",
             "subcategory": "Disaster Recovery",
@@ -5360,8 +5360,8 @@
             "guid": "33bd2a09-17e7-4a8d-a0ae-0e27cee29711",
             "service": "AVS",
             "services": [
-                "Backup",
-                "AVS"
+                "AVS",
+                "Backup"
             ],
             "severity": "Medium",
             "subcategory": "Business Continuity",
@@ -5374,8 +5374,8 @@
             "guid": "bd352caa-ab79-4b18-adab-81932c9fc9d1",
             "service": "AVS",
             "services": [
-                "Backup",
-                "AVS"
+                "AVS",
+                "Backup"
             ],
             "severity": "Medium",
             "subcategory": "Business Continuity",
@@ -5388,8 +5388,8 @@
             "guid": "bb77036f-5e6b-4fbb-aed5-03547cc447e8",
             "service": "AVS",
             "services": [
-                "Backup",
-                "AVS"
+                "AVS",
+                "Backup"
             ],
             "severity": "Medium",
             "subcategory": "Business Continuity",
@@ -5467,8 +5467,8 @@
             "guid": "0f1cac6d-9ef1-4d5e-a32e-42e3611c818b",
             "service": "AVS",
             "services": [
-                "AzurePolicy",
-                "AVS"
+                "AVS",
+                "AzurePolicy"
             ],
             "severity": "Low",
             "subcategory": "Automated Deployment",
@@ -5495,8 +5495,8 @@
             "guid": "255461e2-aee3-4553-afc8-339248b262d6",
             "service": "AVS",
             "services": [
-                "ExpressRoute",
                 "AVS",
+                "ExpressRoute",
                 "AKV"
             ],
             "severity": "Low",
@@ -5550,8 +5550,8 @@
             "guid": "d352caaa-b79b-4198-bab8-1932c9fc9d1b",
             "service": "AVS",
             "services": [
-                "AzurePolicy",
                 "AVS",
+                "AzurePolicy",
                 "Storage"
             ],
             "severity": "Medium",
@@ -5604,8 +5604,8 @@
             "guid": "1dc15a1c-075e-4e9f-841a-cccd579376bc",
             "service": "AVS",
             "services": [
-                "Monitor",
-                "AVS"
+                "AVS",
+                "Monitor"
             ],
             "severity": "Medium",
             "subcategory": "Automated Scale",
@@ -5619,8 +5619,8 @@
             "link": "https://learn.microsoft.com/azure/active-directory/app-proxy/application-proxy#how-application-proxy-works",
             "service": "AVS",
             "services": [
-                "VM",
-                "AVS"
+                "AVS",
+                "VM"
             ],
             "severity": "High",
             "subcategory": "Architecture",
@@ -5690,8 +5690,8 @@
             "link": "https://learn.microsoft.com/azure/web-application-firewall/afds/waf-front-door-policy-settings",
             "service": "AVS",
             "services": [
-                "VM",
                 "AVS",
+                "VM",
                 "Storage"
             ],
             "severity": "Medium",
@@ -5706,8 +5706,8 @@
             "link": "https://learn.microsoft.com/azure/frontdoor/best-practices#avoid-combining-traffic-manager-and-front-door",
             "service": "AVS",
             "services": [
-                "ExpressRoute",
                 "AVS",
+                "ExpressRoute",
                 "Storage"
             ],
             "severity": "Medium",
@@ -5722,8 +5722,8 @@
             "link": "https://learn.microsoft.com/azure/frontdoor/best-practices#use-the-same-domain-name-on-front-door-and-your-origin",
             "service": "AVS",
             "services": [
-                "ExpressRoute",
                 "AVS",
+                "ExpressRoute",
                 "Storage"
             ],
             "severity": "Medium",
@@ -5767,8 +5767,8 @@
             "link": "https://learn.microsoft.com/azure/frontdoor/best-practices#use-head-health-probes",
             "service": "AVS",
             "services": [
-                "ExpressRoute",
-                "AVS"
+                "AVS",
+                "ExpressRoute"
             ],
             "severity": "High",
             "subcategory": "Architecture",
@@ -5782,8 +5782,8 @@
             "link": "https://learn.microsoft.com/azure/nat-gateway/nat-overview#outbound-connectivity",
             "service": "AVS",
             "services": [
-                "ExpressRoute",
-                "AVS"
+                "AVS",
+                "ExpressRoute"
             ],
             "severity": "High",
             "subcategory": "Architecture",
@@ -5875,9 +5875,9 @@
             "link": "https://learn.microsoft.com/azure/container-registry/container-registry-authentication-managed-identity",
             "service": "ACR",
             "services": [
+                "Entra",
                 "RBAC",
-                "ACR",
-                "Entra"
+                "ACR"
             ],
             "severity": "High",
             "subcategory": "Identity and Access Control",
@@ -5892,9 +5892,9 @@
             "link": "https://learn.microsoft.com/azure/container-registry/container-registry-authentication-managed-identity",
             "service": "ACR",
             "services": [
+                "Entra",
                 "RBAC",
-                "ACR",
-                "Entra"
+                "ACR"
             ],
             "severity": "High",
             "subcategory": "Identity and Access Control",
@@ -5910,8 +5910,8 @@
             "service": "ACR",
             "services": [
                 "Entra",
-                "ACR",
-                "RBAC"
+                "RBAC",
+                "ACR"
             ],
             "severity": "High",
             "subcategory": "Identity and Access Control",
@@ -5926,8 +5926,8 @@
             "link": "https://learn.microsoft.com/azure/container-registry/anonymous-pull-access#configure-anonymous-pull-access",
             "service": "ACR",
             "services": [
-                "ACR",
-                "Entra"
+                "Entra",
+                "ACR"
             ],
             "severity": "Medium",
             "subcategory": "Identity and Access Control",
@@ -5942,8 +5942,8 @@
             "link": "https://learn.microsoft.com/azure/container-registry/container-registry-authentication?tabs=azure-cli",
             "service": "ACR",
             "services": [
-                "ACR",
-                "Entra"
+                "Entra",
+                "ACR"
             ],
             "severity": "High",
             "subcategory": "Identity and Access Control",
@@ -5957,10 +5957,10 @@
             "guid": "b3bec3d4-f343-47c1-936d-b55f27a71eee",
             "service": "ACR",
             "services": [
-                "EventHubs",
+                "Entra",
                 "PrivateLink",
-                "ACR",
-                "Entra"
+                "EventHubs",
+                "ACR"
             ],
             "severity": "High",
             "subcategory": "Identity and Access Control",
@@ -5975,9 +5975,9 @@
             "link": "https://learn.microsoft.com/azure/container-registry/container-registry-enable-conditional-access-policy",
             "service": "ACR",
             "services": [
+                "Entra",
                 "AzurePolicy",
-                "ACR",
-                "Entra"
+                "ACR"
             ],
             "severity": "Medium",
             "subcategory": "Identity and Access Control",
@@ -5992,9 +5992,9 @@
             "link": "https://learn.microsoft.com/azure/container-registry/monitor-service",
             "service": "ACR",
             "services": [
+                "Entra",
                 "Monitor",
-                "ACR",
-                "Entra"
+                "ACR"
             ],
             "severity": "Medium",
             "subcategory": "Logging and Monitoring",
@@ -6009,10 +6009,10 @@
             "link": "https://learn.microsoft.com/azure/container-registry/container-registry-private-link",
             "service": "ACR",
             "services": [
-                "VNet",
+                "Firewall",
                 "PrivateLink",
-                "ACR",
-                "Firewall"
+                "VNet",
+                "ACR"
             ],
             "severity": "Medium",
             "subcategory": "Network Security",
@@ -6059,8 +6059,8 @@
             "link": "https://learn.microsoft.com/azure/defender-for-cloud/defender-for-containers-introduction",
             "service": "ACR",
             "services": [
-                "ACR",
-                "Defender"
+                "Defender",
+                "ACR"
             ],
             "severity": "Low",
             "subcategory": "Network Security",
@@ -6102,8 +6102,8 @@
             "guid": "976f32a7-30d1-6caa-c2a0-207fdc26571b",
             "link": "https://learn.microsoft.com/azure/azure-vmware/set-up-backup-server-for-azure-vmware-solution",
             "services": [
-                "Backup",
                 "AVS",
+                "Backup",
                 "Storage"
             ],
             "severity": "Medium",
@@ -6118,8 +6118,8 @@
             "guid": "fc8af7a1-c724-e255-c18d-4ca22a6f27f0",
             "link": "https://docs.microsoft.com/azure/azure-vmware/set-up-backup-server-for-azure-vmware-solution",
             "services": [
-                "Backup",
-                "AVS"
+                "AVS",
+                "Backup"
             ],
             "severity": "Medium",
             "subcategory": "Business Continuity",
@@ -6133,9 +6133,9 @@
             "guid": "be28860f-3d29-a79a-1a0e-36f1b23b36ae",
             "link": "Best practice to deploy backup in the same region as your AVS deployment",
             "services": [
-                "Backup",
                 "ASR",
-                "AVS"
+                "AVS",
+                "Backup"
             ],
             "severity": "Medium",
             "subcategory": "Business Continuity",
@@ -6252,10 +6252,10 @@
             "guid": "b44fb6ec-bfc1-3a8e-dba2-ca97f0991d2c",
             "link": "This depends if you have multiple AVS Private Clouds. If so and they are in the same region then use AVS Interconnect. If they are in separate regions then use ExpressRoute Global Reach.",
             "services": [
-                "ExpressRoute",
                 "ASR",
-                "NVA",
-                "AVS"
+                "AVS",
+                "ExpressRoute",
+                "NVA"
             ],
             "severity": "Medium",
             "subcategory": "Disaster Recovery",
@@ -6269,8 +6269,8 @@
             "guid": "a2c12df2-07fa-3edd-2cec-fda0b55fb952",
             "link": "https://learn.microsoft.com/azure/azure-vmware/tutorial-expressroute-global-reach-private-cloud",
             "services": [
-                "VWAN",
-                "AVS"
+                "AVS",
+                "VWAN"
             ],
             "severity": "Medium",
             "subcategory": "Direct (no vWAN, no H&S)",
@@ -6284,8 +6284,8 @@
             "guid": "f62ce162-ba5a-429d-674e-fafa1af5f706",
             "link": "https://learn.microsoft.com/azure/azure-vmware/tutorial-expressroute-global-reach-private-cloud",
             "services": [
-                "ExpressRoute",
-                "AVS"
+                "AVS",
+                "ExpressRoute"
             ],
             "severity": "Medium",
             "subcategory": "ExpressRoute",
@@ -6299,8 +6299,8 @@
             "guid": "cf01c73b-1247-0a7a-740c-e1ea29bda340",
             "link": "https://learn.microsoft.com/azure/expressroute/expressroute-introduction",
             "services": [
-                "ExpressRoute",
-                "AVS"
+                "AVS",
+                "ExpressRoute"
             ],
             "severity": "Medium",
             "subcategory": "ExpressRoute",
@@ -6314,8 +6314,8 @@
             "guid": "aab216ee-8941-315e-eada-c7e1f2243bd1",
             "link": "https://learn.microsoft.com/azure/architecture/solution-ideas/articles/azure-vmware-solution-foundation-networking",
             "services": [
-                "ExpressRoute",
-                "AVS"
+                "AVS",
+                "ExpressRoute"
             ],
             "severity": "Medium",
             "subcategory": "ExpressRoute",
@@ -6329,8 +6329,8 @@
             "guid": "1f956e45-f62d-5c95-3a95-3bab718907f8",
             "link": "https://learn.microsoft.com/azure/architecture/solution-ideas/articles/azure-vmware-solution-foundation-networking",
             "services": [
-                "ExpressRoute",
-                "AVS"
+                "AVS",
+                "ExpressRoute"
             ],
             "severity": "Medium",
             "subcategory": "ExpressRoute",
@@ -6344,8 +6344,8 @@
             "guid": "91f7a87b-21ac-d712-959c-8df2ba034253",
             "link": "https://learn.microsoft.com/azure/virtual-network/quick-create-portal",
             "services": [
-                "VNet",
-                "AVS"
+                "AVS",
+                "VNet"
             ],
             "severity": "Medium",
             "subcategory": "Hub & Spoke",
@@ -6359,10 +6359,10 @@
             "guid": "58a027e2-f37f-b540-45d5-e44843aba26b",
             "link": "https://learn.microsoft.com/azure/vpn-gateway/vpn-gateway-about-vpn-gateway-settings",
             "services": [
-                "ExpressRoute",
                 "AVS",
-                "VNet",
-                "VPN"
+                "ExpressRoute",
+                "VPN",
+                "VNet"
             ],
             "severity": "Medium",
             "subcategory": "Hub & Spoke",
@@ -6376,10 +6376,10 @@
             "guid": "d4806549-0913-3e79-b580-ac2d3706e65a",
             "link": "https://learn.microsoft.com/azure/vpn-gateway/vpn-gateway-about-vpn-gateway-settings",
             "services": [
-                "ExpressRoute",
                 "AVS",
-                "VNet",
-                "VPN"
+                "ExpressRoute",
+                "VPN",
+                "VNet"
             ],
             "severity": "Medium",
             "subcategory": "Hub & Spoke",
@@ -6393,10 +6393,10 @@
             "guid": "864d7a8b-7016-c769-a717-61af6bfb73d2",
             "link": "https://learn.microsoft.com/azure/vpn-gateway/vpn-gateway-about-vpn-gateway-settings",
             "services": [
-                "ExpressRoute",
                 "AVS",
-                "VNet",
-                "VPN"
+                "ExpressRoute",
+                "VPN",
+                "VNet"
             ],
             "severity": "Medium",
             "subcategory": "Hub & Spoke",
@@ -6425,8 +6425,8 @@
             "guid": "71e68ce3-982e-5e56-0191-01100ad0e66f",
             "link": "https://learn.microsoft.com/answers/questions/171195/how-to-create-jump-server-in-azure-not-bastion-paa.html",
             "services": [
-                "Bastion",
-                "AVS"
+                "AVS",
+                "Bastion"
             ],
             "severity": "Medium",
             "subcategory": "Jumpbox & Bastion",
@@ -6440,9 +6440,9 @@
             "guid": "6f8e93a2-44b1-bb1d-28a1-4d5b3c2ea857",
             "link": "https://learn.microsoft.com/azure/bastion/tutorial-create-host-portal",
             "services": [
-                "Bastion",
                 "AVS",
-                "VNet"
+                "VNet",
+                "Bastion"
             ],
             "severity": "Medium",
             "subcategory": "Jumpbox & Bastion",
@@ -6456,9 +6456,9 @@
             "guid": "ba430d58-4541-085c-3641-068c00be9bc5",
             "link": "https://learn.microsoft.com/azure/virtual-network/network-security-groups-overview",
             "services": [
-                "Bastion",
+                "AVS",
                 "VM",
-                "AVS"
+                "Bastion"
             ],
             "severity": "Medium",
             "subcategory": "Jumpbox & Bastion",
@@ -6517,8 +6517,8 @@
             "guid": "4dc480ac-cecd-39c4-fdc6-680b300716ab",
             "link": "https://learn.microsoft.com/azure/virtual-wan/virtual-wan-site-to-site-portal#openvwan",
             "services": [
-                "VWAN",
-                "AVS"
+                "AVS",
+                "VWAN"
             ],
             "severity": "Medium",
             "subcategory": "vWAN hub",
@@ -6532,8 +6532,8 @@
             "guid": "51d6affd-8e02-6aea-d3d4-0baf618b3076",
             "link": "https://learn.microsoft.com/azure/virtual-wan/virtual-wan-point-to-site-portal",
             "services": [
-                "VWAN",
                 "AVS",
+                "VWAN",
                 "VPN"
             ],
             "severity": "Medium",
@@ -6548,8 +6548,8 @@
             "guid": "e32a4c67-3dc0-c134-1c12-52d46dcbab5b",
             "link": "https://learn.microsoft.com/azure/virtual-wan/virtual-wan-expressroute-portal",
             "services": [
-                "VWAN",
                 "AVS",
+                "VWAN",
                 "Firewall"
             ],
             "severity": "Medium",
@@ -6639,9 +6639,9 @@
             "guid": "4ba394a2-3c33-104c-8e34-2dadaba9cc73",
             "link": "https://learn.microsoft.com/azure/azure-vmware/concepts-identity",
             "services": [
-                "Entra",
                 "AVS",
-                "RBAC"
+                "RBAC",
+                "Entra"
             ],
             "severity": "Medium",
             "subcategory": "Security",
@@ -6655,9 +6655,9 @@
             "guid": "b04ca129-83a9-3494-7512-347dd2d766db",
             "link": "https://learn.microsoft.com/azure/azure-vmware/concepts-identity#view-the-vcenter-server-privileges",
             "services": [
-                "Entra",
                 "AVS",
-                "RBAC"
+                "RBAC",
+                "Entra"
             ],
             "severity": "Medium",
             "subcategory": "Security",
@@ -6671,9 +6671,9 @@
             "guid": "8e477d2f-8004-3dd0-93d6-0aece9e1b2fb",
             "link": "Best practice",
             "services": [
-                "Entra",
                 "AVS",
-                "RBAC"
+                "RBAC",
+                "Entra"
             ],
             "severity": "Medium",
             "subcategory": "Security",
@@ -6687,8 +6687,8 @@
             "guid": "00e0b729-f9be-f600-8c32-5ec0e8f2ed63",
             "link": "https://learn.microsoft.com/azure/active-directory/privileged-identity-management/pim-configure",
             "services": [
-                "RBAC",
                 "AVS",
+                "RBAC",
                 "Entra"
             ],
             "severity": "Medium",
@@ -6703,8 +6703,8 @@
             "guid": "0842d45f-41a8-8274-1155-2f6ed554d315",
             "link": "https://learn.microsoft.com/azure/active-directory/privileged-identity-management/pim-configure",
             "services": [
-                "RBAC",
                 "AVS",
+                "RBAC",
                 "Entra"
             ],
             "severity": "Medium",
@@ -6719,8 +6719,8 @@
             "guid": "915cbcd7-0640-eb7c-4162-9f33775de559",
             "link": "Best practice",
             "services": [
-                "Monitor",
                 "AVS",
+                "Monitor",
                 "Entra"
             ],
             "severity": "Medium",
@@ -6750,9 +6750,9 @@
             "guid": "8f426fd0-d73b-d398-1f6f-df0cbe262a82",
             "link": "https://learn.microsoft.com/azure/azure-arc/vmware-vsphere/overview",
             "services": [
+                "AVS",
                 "VM",
-                "Arc",
-                "AVS"
+                "Arc"
             ],
             "severity": "Medium",
             "subcategory": "Operations",
@@ -6766,9 +6766,9 @@
             "guid": "11dbe773-e380-9191-1418-e886fa7a6fd0",
             "link": "https://docs.microsoft.com/azure/governance/policy/overview",
             "services": [
+                "AVS",
                 "AzurePolicy",
-                "Monitor",
-                "AVS"
+                "Monitor"
             ],
             "severity": "Medium",
             "subcategory": "Operations",
@@ -6825,8 +6825,8 @@
             "guid": "e22a2d99-eb71-7d7c-07af-6d4cdb1d4443",
             "link": "https://docs.microsoft.com/azure/azure-vmware/configure-alerts-for-azure-vmware-solution",
             "services": [
-                "Monitor",
-                "AVS"
+                "AVS",
+                "Monitor"
             ],
             "severity": "Medium",
             "subcategory": "Alerts",
@@ -6840,8 +6840,8 @@
             "guid": "6d02f159-627d-79bf-a931-fab6d947eda2",
             "link": "https://docs.microsoft.com/azure/azure-vmware/configure-alerts-for-azure-vmware-solution",
             "services": [
-                "Monitor",
-                "AVS"
+                "AVS",
+                "Monitor"
             ],
             "severity": "Medium",
             "subcategory": "Alerts",
@@ -6855,8 +6855,8 @@
             "guid": "1cc97b39-2c7e-246f-6d73-789cfebfe951",
             "link": "https://www.virtualworkloads.com/2021/04/azure-vmware-solution-azure-service-health/",
             "services": [
-                "Monitor",
-                "AVS"
+                "AVS",
+                "Monitor"
             ],
             "severity": "Medium",
             "subcategory": "Alerts",
@@ -6870,11 +6870,11 @@
             "guid": "0962606c-e3b4-62a9-5661-e4ffd62a4509",
             "link": "https://docs.microsoft.com/azure/azure-vmware/set-up-backup-server-for-azure-vmware-solution",
             "services": [
+                "AzurePolicy",
                 "AVS",
                 "Backup",
-                "Monitor",
                 "VM",
-                "AzurePolicy"
+                "Monitor"
             ],
             "severity": "Medium",
             "subcategory": "Backup",
@@ -6888,9 +6888,9 @@
             "guid": "4ec7ccfb-795e-897e-4a84-fd31c04eadc6",
             "link": "https://docs.microsoft.com/azure/azure-vmware/configure-alerts-for-azure-vmware-solution",
             "services": [
+                "AVS",
                 "AzurePolicy",
-                "Monitor",
-                "AVS"
+                "Monitor"
             ],
             "severity": "Medium",
             "subcategory": "Capacity",
@@ -6904,10 +6904,10 @@
             "guid": "7f8f175d-13f4-5298-9e61-0bc7e9fcc279",
             "link": "https://learn.microsoft.com/azure/cloud-adoption-framework/scenarios/azure-vmware/govern",
             "services": [
-                "Cost",
                 "Subscriptions",
+                "AVS",
                 "Monitor",
-                "AVS"
+                "Cost"
             ],
             "severity": "Medium",
             "subcategory": "Costs",
@@ -6921,8 +6921,8 @@
             "guid": "01e689e0-7c6c-b58f-37bd-4d6b9b1b9c74",
             "link": "https://docs.microsoft.com/azure/azure-portal/azure-portal-dashboards",
             "services": [
-                "Monitor",
                 "AVS",
+                "Monitor",
                 "NetworkWatcher"
             ],
             "severity": "Medium",
@@ -6937,8 +6937,8 @@
             "guid": "f9afdcc9-649d-d840-9fb5-a3c0edcc697d",
             "link": "https://docs.microsoft.com/azure/azure-vmware/configure-vmware-syslogs",
             "services": [
-                "Monitor",
                 "AVS",
+                "Monitor",
                 "Storage"
             ],
             "severity": "Medium",
@@ -6953,8 +6953,8 @@
             "guid": "7cbac8c3-4eda-d5d9-9bda-c6b5abba9fb6",
             "link": "Is vROPS or vRealize Network Insight going to be used? ",
             "services": [
-                "Monitor",
-                "AVS"
+                "AVS",
+                "Monitor"
             ],
             "severity": "Medium",
             "subcategory": "Logs & Metrics",
@@ -6968,9 +6968,9 @@
             "guid": "b243521a-644d-f865-7fb6-21f9019c0dd2",
             "link": "https://docs.microsoft.com/azure/azure-vmware/configure-vmware-syslogs",
             "services": [
+                "AVS",
                 "VM",
-                "Monitor",
-                "AVS"
+                "Monitor"
             ],
             "severity": "Medium",
             "subcategory": "Logs & Metrics",
@@ -6984,11 +6984,11 @@
             "guid": "2ca97d91-dd36-7229-b668-01036ccc3cd3",
             "link": "https://learn.microsoft.com/azure/network-watcher/connection-monitor-create-using-portal",
             "services": [
+                "NetworkWatcher",
                 "AVS",
-                "Monitor",
-                "VPN",
                 "ExpressRoute",
-                "NetworkWatcher"
+                "VPN",
+                "Monitor"
             ],
             "severity": "Medium",
             "subcategory": "Network",
@@ -7002,9 +7002,9 @@
             "guid": "99209143-60fe-19f0-5633-8b5671277ba5",
             "link": "https://learn.microsoft.com/azure/network-watcher/connection-monitor-create-using-portal",
             "services": [
+                "AVS",
                 "ExpressRoute",
-                "Monitor",
-                "AVS"
+                "Monitor"
             ],
             "severity": "Medium",
             "subcategory": "Network",
@@ -7018,8 +7018,8 @@
             "guid": "b9e5867c-57d3-036f-fb1b-3f0a71664efe",
             "link": "https://learn.microsoft.com/azure/network-watcher/connection-monitor-create-using-portal",
             "services": [
-                "Monitor",
-                "AVS"
+                "AVS",
+                "Monitor"
             ],
             "severity": "Medium",
             "subcategory": "Network",
@@ -7033,8 +7033,8 @@
             "guid": "4af7c5f7-e5e9-bedf-a8cf-314b81735962",
             "link": "Firewall logging and alerting rules are configured (Azure Firewall or 3rd party)",
             "services": [
-                "Monitor",
-                "AVS"
+                "AVS",
+                "Monitor"
             ],
             "severity": "Medium",
             "subcategory": "Security",
@@ -7048,8 +7048,8 @@
             "guid": "74be60a3-cfac-f057-eda6-3ee087e805d5",
             "link": "https://docs.microsoft.com/azure/cloud-adoption-framework/scenarios/azure-vmware/eslz-network-topology-connectivity",
             "services": [
-                "Monitor",
-                "AVS"
+                "AVS",
+                "Monitor"
             ],
             "severity": "Medium",
             "subcategory": "Security",
@@ -7063,8 +7063,8 @@
             "guid": "a434b3b5-f258-0845-cd76-d7df6ef5890e",
             "link": "https://docs.microsoft.com/azure/azure-vmware/configure-vmware-syslogs",
             "services": [
-                "Monitor",
-                "AVS"
+                "AVS",
+                "Monitor"
             ],
             "severity": "Medium",
             "subcategory": "VMWare",
@@ -7078,9 +7078,9 @@
             "guid": "fb00b69a-83ec-ce72-446e-6c23a0cab09a",
             "link": "https://docs.microsoft.com/azure/azure-monitor/agents/agent-windows?tabs=setup-wizard",
             "services": [
+                "AVS",
                 "VM",
-                "Monitor",
-                "AVS"
+                "Monitor"
             ],
             "severity": "Medium",
             "subcategory": "VMware",
@@ -7122,9 +7122,9 @@
             "guid": "ebd3cc3c-ac3d-4293-950d-cecd8445a523",
             "link": "https://learn.microsoft.com/azure/cloud-adoption-framework/scenarios/azure-vmware/eslz-network-topology-connectivity",
             "services": [
-                "ARS",
                 "NVA",
-                "AVS"
+                "AVS",
+                "ARS"
             ],
             "severity": "Medium",
             "subcategory": "Hub & Spoke",
@@ -7138,8 +7138,8 @@
             "guid": "ffb5c5ca-bd89-ff1b-8b73-8a54d503d506",
             "link": "https://learn.microsoft.com/azure/route-server/route-server-faq",
             "services": [
-                "ARS",
-                "AVS"
+                "AVS",
+                "ARS"
             ],
             "severity": "Medium",
             "subcategory": "Hub & Spoke",
@@ -7167,10 +7167,10 @@
             "guid": "e942c03d-beaa-3d9f-0526-9b26cd5e9937",
             "link": "Research and choose optimal solution for each application",
             "services": [
-                "AppGW",
-                "NVA",
+                "FrontDoor",
                 "AVS",
-                "FrontDoor"
+                "AppGW",
+                "NVA"
             ],
             "severity": "Medium",
             "subcategory": "Internet",
@@ -7184,8 +7184,8 @@
             "guid": "e778a2ec-b4d7-1d27-574c-14476b167d37",
             "link": "https://docs.microsoft.com/azure/route-server/route-server-faq#route-server-limits",
             "services": [
-                "ARS",
-                "AVS"
+                "AVS",
+                "ARS"
             ],
             "severity": "Medium",
             "subcategory": "Routing",
@@ -7199,14 +7199,14 @@
             "guid": "66c97b30-81b9-139a-cc76-dd1d94aef42a",
             "link": "https://docs.microsoft.com/azure/ddos-protection/manage-ddos-protection",
             "services": [
-                "VNet",
-                "AVS",
+                "LoadBalancer",
                 "FrontDoor",
-                "VPN",
+                "AVS",
                 "ExpressRoute",
-                "VM",
-                "LoadBalancer",
                 "AppGW",
+                "VNet",
+                "VM",
+                "VPN",
                 "DDoS"
             ],
             "severity": "Medium",
@@ -7249,9 +7249,9 @@
             "guid": "3f621543-dfac-c471-54a6-7b2849b6909a",
             "link": "https://learn.microsoft.com/azure/architecture/networking/hub-spoke-vwan-architecture",
             "services": [
-                "VWAN",
                 "AVS",
-                "Firewall"
+                "Firewall",
+                "VWAN"
             ],
             "severity": "Medium",
             "subcategory": "Virtual WAN",
@@ -7265,8 +7265,8 @@
             "guid": "d7af5670-1b39-d95d-6da2-8d660dfbe16b",
             "link": "https://learn.microsoft.com/azure/firewall-manager/secure-cloud-network",
             "services": [
-                "VWAN",
-                "AVS"
+                "AVS",
+                "VWAN"
             ],
             "severity": "Medium",
             "subcategory": "Virtual WAN",
@@ -7295,8 +7295,8 @@
             "guid": "7242c1de-da37-27f3-1ddd-565ccccb8ece",
             "link": "https://docs.microsoft.com/azure/cloud-adoption-framework/scenarios/azure-vmware/eslz-platform-automation-and-devops#automated-scale",
             "services": [
-                "AzurePolicy",
                 "AVS",
+                "AzurePolicy",
                 "Storage"
             ],
             "severity": "Medium",
@@ -7353,8 +7353,8 @@
             "guid": "7bd65a5e-7b5d-652d-dbea-fc6f73a42857",
             "link": "https://docs.microsoft.com/azure/cloud-adoption-framework/scenarios/azure-vmware/eslz-management-and-monitoring",
             "services": [
-                "Monitor",
-                "AVS"
+                "AVS",
+                "Monitor"
             ],
             "severity": "Medium",
             "subcategory": "Automated Scale",
@@ -7368,8 +7368,8 @@
             "guid": "95e374af-8a2a-2672-7ab7-b4a1be43ada7",
             "link": "https://learn.microsoft.com/azure/private-link/private-link-overview",
             "services": [
-                "PrivateLink",
-                "AVS"
+                "AVS",
+                "PrivateLink"
             ],
             "severity": "Medium",
             "subcategory": "Networking",
@@ -7411,8 +7411,8 @@
             "guid": "e52d1615-9cc6-565c-deb6-743ed7e90f4b",
             "link": "Internal policy or regulatory compliance",
             "services": [
-                "AzurePolicy",
-                "AVS"
+                "AVS",
+                "AzurePolicy"
             ],
             "severity": "Medium",
             "subcategory": "Pre-deployment",
@@ -7526,8 +7526,8 @@
             "guid": "0c87f999-e517-21ef-f355-f210ad4134d2",
             "link": "https://docs.vmware.com/en/VMware-NSX-T-Data-Center/3.2/installation/GUID-4B3860B8-1883-48CA-B2F3-7C2205D91D6D.html",
             "services": [
-                "VNet",
-                "AVS"
+                "AVS",
+                "VNet"
             ],
             "severity": "Medium",
             "subcategory": "Pre-deployment",
@@ -7569,8 +7569,8 @@
             "guid": "f2b73c4f-3d46-32c9-5df1-5b8dfcd3947f",
             "link": "https://azure.microsoft.com/en-ca/pricing/details/azure-vmware/#:~:text=Azure%20VMware%20Solution%20%20%20%20Instance%20size,TB%20%28all%20NVMe%29%20%20%20N%2FA%20%2Fhour%20",
             "services": [
-                "Cost",
-                "AVS"
+                "AVS",
+                "Cost"
             ],
             "severity": "Medium",
             "subcategory": "Pre-deployment",
@@ -7657,8 +7657,8 @@
             "guid": "8d0a8f51-8d35-19cd-c2fe-4e3512fb467e",
             "link": "https://docs.microsoft.com/azure/key-vault/general/authentication",
             "services": [
-                "ExpressRoute",
                 "AVS",
+                "ExpressRoute",
                 "AKV"
             ],
             "severity": "Medium",
@@ -7687,8 +7687,8 @@
             "guid": "9bb22fec-4d00-3b95-7136-e225d0f5c63a",
             "link": "https://learn.microsoft.com/azure/sentinel/overview",
             "services": [
-                "Sentinel",
-                "AVS"
+                "AVS",
+                "Sentinel"
             ],
             "severity": "Medium",
             "subcategory": "Investigation",
@@ -7702,8 +7702,8 @@
             "guid": "f42b0b09-c591-238a-1580-2de3c485ebd2",
             "link": "https://learn.microsoft.com/azure/azure-vmware/azure-security-integration#prerequisites",
             "services": [
-                "AVS",
-                "Defender"
+                "Defender",
+                "AVS"
             ],
             "severity": "Medium",
             "subcategory": "Security",
@@ -7717,8 +7717,8 @@
             "guid": "bcdd2348-3d0e-c6bb-1092-aa4cd1a66d6b",
             "link": "https://docs.microsoft.com/azure/azure-vmware/azure-security-integration",
             "services": [
-                "AzurePolicy",
-                "AVS"
+                "AVS",
+                "AzurePolicy"
             ],
             "severity": "Medium",
             "subcategory": "Security",
@@ -7887,8 +7887,8 @@
             "guid": "eb2f9313-afb2-ab35-aa24-6d97a3cb0611",
             "link": "3rd-Party tools",
             "services": [
-                "VM",
                 "AVS",
+                "VM",
                 "Storage"
             ],
             "severity": "Medium",
@@ -7903,8 +7903,8 @@
             "guid": "3f2a5cff-c8a6-634a-1f1b-53ef9d321381",
             "link": "Contact VMware",
             "services": [
-                "VM",
                 "AVS",
+                "VM",
                 "Storage"
             ],
             "severity": "Medium",
@@ -7949,9 +7949,9 @@
             "guid": "7628d446-6b10-9678-9cec-f407d990de43",
             "link": "https://learn.microsoft.com/azure/azure-vmware/concepts-storage#storage-policies-and-fault-tolerance",
             "services": [
-                "AzurePolicy",
-                "VM",
                 "AVS",
+                "VM",
+                "AzurePolicy",
                 "Storage"
             ],
             "severity": "Medium",
@@ -7966,10 +7966,10 @@
             "guid": "37fef358-7ab9-43a9-542c-22673955200e",
             "link": "https://learn.microsoft.com/azure/azure-vmware/configure-storage-policy",
             "services": [
-                "VM",
-                "Storage",
                 "AVS",
-                "AzurePolicy"
+                "VM",
+                "AzurePolicy",
+                "Storage"
             ],
             "severity": "Medium",
             "subcategory": "Storage",
@@ -7983,8 +7983,8 @@
             "guid": "ebebd109-9f9d-d85e-1b2f-d302012843b7",
             "link": "https://learn.microsoft.com/azure/azure-vmware/concepts-storage#storage-policies-and-fault-tolerance",
             "services": [
-                "AzurePolicy",
                 "AVS",
+                "AzurePolicy",
                 "Storage"
             ],
             "severity": "Medium",
@@ -8063,8 +8063,8 @@
             "guid": "338ee253-c17d-432e-aaaa-b7571549ab81",
             "link": "https://learn.microsoft.com/azure/service-bus-messaging/service-bus-outages-disasters#availability-zones",
             "services": [
-                "ServiceBus",
-                "ACR"
+                "ACR",
+                "ServiceBus"
             ],
             "severity": "High",
             "subcategory": "Best Practices",
@@ -8078,9 +8078,9 @@
             "guid": "53d89f89-d17b-484b-93b5-a67f7b9ed5b3",
             "link": "https://learn.microsoft.com/azure/service-bus-messaging/service-bus-outages-disasters#geo-disaster-recovery",
             "services": [
-                "ServiceBus",
                 "ASR",
-                "Storage"
+                "Storage",
+                "ServiceBus"
             ],
             "severity": "Medium",
             "subcategory": "Geo-Disaster Recovery",
@@ -8094,9 +8094,9 @@
             "guid": "1f38c403-a822-4c24-93cf-0f18ac699ef1",
             "link": "https://learn.microsoft.com/azure/service-bus-messaging/service-bus-federation-overview",
             "services": [
-                "ServiceBus",
                 "ASR",
-                "ACR"
+                "ACR",
+                "ServiceBus"
             ],
             "severity": "Medium",
             "subcategory": "Geo-Disaster Recovery",
@@ -8110,8 +8110,8 @@
             "guid": "d5a83de4-de32-4c18-a147-0607c5c0e4e6",
             "link": "https://learn.microsoft.com/azure/architecture/best-practices/data-partitioning-strategies#partitioning-azure-service-bus",
             "services": [
-                "ServiceBus",
-                "Storage"
+                "Storage",
+                "ServiceBus"
             ],
             "severity": "Medium",
             "subcategory": "Best Practices",
@@ -8150,9 +8150,9 @@
             "guid": "4a69b9d3-39ac-44e7-a68d-1d75657202b4",
             "link": "https://learn.microsoft.com/azure/well-architected/service-guides/service-bus/reliability#checklist",
             "services": [
-                "ServiceBus",
                 "PrivateLink",
-                "Storage"
+                "Storage",
+                "ServiceBus"
             ],
             "severity": "Medium",
             "subcategory": "Best Practices",
@@ -8191,9 +8191,9 @@
             "guid": "1549ab81-53d8-49f8-ad17-b84b33b5a67f",
             "link": "https://learn.microsoft.com/azure/well-architected/service-guides/service-bus/reliability#checklist",
             "services": [
-                "ServiceBus",
                 "ASR",
-                "Storage"
+                "Storage",
+                "ServiceBus"
             ],
             "severity": "Medium",
             "subcategory": "Best Practices",
@@ -8305,11 +8305,11 @@
             "link": "https://learn.microsoft.com/azure/service-bus-messaging/service-bus-sas#shared-access-authorization-policies",
             "service": "Service Bus",
             "services": [
-                "ServiceBus",
                 "TrafficManager",
+                "ServiceBus",
+                "Entra",
                 "RBAC",
-                "AzurePolicy",
-                "Entra"
+                "AzurePolicy"
             ],
             "severity": "Medium",
             "subcategory": "Identity and Access Management",
@@ -8325,12 +8325,12 @@
             "link": "https://learn.microsoft.com/azure/service-bus-messaging/service-bus-managed-service-identity",
             "service": "Service Bus",
             "services": [
-                "ServiceBus",
-                "Storage",
+                "AppSvc",
                 "AKV",
+                "ServiceBus",
+                "Entra",
                 "VM",
-                "AppSvc",
-                "Entra"
+                "Storage"
             ],
             "severity": "Medium",
             "subcategory": "Identity and Access Management",
@@ -8347,10 +8347,10 @@
             "service": "Service Bus",
             "services": [
                 "ServiceBus",
-                "Storage",
-                "Subscriptions",
+                "Entra",
                 "RBAC",
-                "Entra"
+                "Subscriptions",
+                "Storage"
             ],
             "severity": "High",
             "subcategory": "Identity and Access Management",
@@ -8366,9 +8366,9 @@
             "link": "https://learn.microsoft.com/azure/service-bus-messaging/monitor-service-bus-reference",
             "service": "Service Bus",
             "services": [
-                "ServiceBus",
+                "VNet",
                 "Monitor",
-                "VNet"
+                "ServiceBus"
             ],
             "severity": "Medium",
             "subcategory": "Monitoring",
@@ -8384,9 +8384,9 @@
             "link": "https://learn.microsoft.com/azure/service-bus-messaging/private-link-service",
             "service": "Service Bus",
             "services": [
-                "ServiceBus",
                 "PrivateLink",
-                "VNet"
+                "VNet",
+                "ServiceBus"
             ],
             "severity": "Medium",
             "subcategory": "Networking",
@@ -9632,8 +9632,8 @@
             "service": "App Services",
             "services": [
                 "AppSvc",
-                "ACR",
-                "Entra"
+                "Entra",
+                "ACR"
             ],
             "severity": "High",
             "subcategory": "Identity and Access Control",
@@ -9649,8 +9649,8 @@
             "service": "App Services",
             "services": [
                 "AppSvc",
-                "Monitor",
-                "Entra"
+                "Entra",
+                "Monitor"
             ],
             "severity": "Medium",
             "subcategory": "Logging and Monitoring",
@@ -9666,8 +9666,8 @@
             "service": "App Services",
             "services": [
                 "AppSvc",
-                "Monitor",
-                "Entra"
+                "Entra",
+                "Monitor"
             ],
             "severity": "Medium",
             "subcategory": "Logging and Monitoring",
@@ -9682,11 +9682,11 @@
             "link": "https://learn.microsoft.com/azure/app-service/overview-vnet-integration",
             "service": "App Services",
             "services": [
-                "VNet",
-                "Monitor",
-                "Firewall",
                 "AppSvc",
-                "NVA"
+                "NVA",
+                "Firewall",
+                "VNet",
+                "Monitor"
             ],
             "severity": "Medium",
             "subcategory": "Network Security",
@@ -9701,12 +9701,12 @@
             "link": "https://learn.microsoft.com/azure/app-service/networking/nat-gateway-integration",
             "service": "App Services",
             "services": [
-                "VNet",
-                "Storage",
-                "Firewall",
-                "NVA",
                 "AppSvc",
-                "PrivateLink"
+                "NVA",
+                "Firewall",
+                "PrivateLink",
+                "VNet",
+                "Storage"
             ],
             "severity": "Low",
             "subcategory": "Network Security",
@@ -9737,11 +9737,11 @@
             "link": "https://learn.microsoft.com/azure/app-service/networking/app-gateway-with-service-endpoints",
             "service": "App Services",
             "services": [
-                "FrontDoor",
-                "Monitor",
-                "WAF",
                 "AppSvc",
-                "AppGW"
+                "WAF",
+                "FrontDoor",
+                "AppGW",
+                "Monitor"
             ],
             "severity": "High",
             "subcategory": "Network Security",
@@ -9757,8 +9757,8 @@
             "service": "App Services",
             "services": [
                 "AppSvc",
-                "WAF",
-                "PrivateLink"
+                "PrivateLink",
+                "WAF"
             ],
             "severity": "High",
             "subcategory": "Network Security",
@@ -9855,13 +9855,13 @@
             "link": "https://learn.microsoft.com/azure/ddos-protection/ddos-protection-overview",
             "service": "App Services",
             "services": [
-                "VNet",
-                "WAF",
                 "AppSvc",
-                "AppGW",
                 "NVA",
-                "DDoS",
-                "EventHubs"
+                "EventHubs",
+                "WAF",
+                "VNet",
+                "AppGW",
+                "DDoS"
             ],
             "severity": "Medium",
             "subcategory": "Network Security",
@@ -9878,8 +9878,8 @@
             "services": [
                 "AppSvc",
                 "PrivateLink",
-                "ACR",
-                "VNet"
+                "VNet",
+                "ACR"
             ],
             "severity": "Medium",
             "subcategory": "Network Security",
@@ -9970,8 +9970,8 @@
             "link": "https://learn.microsoft.com/azure/virtual-machines/migration-classic-resource-manager-overview#migration-of-storage-accounts",
             "service": "Azure Storage",
             "services": [
-                "RBAC",
                 "Subscriptions",
+                "RBAC",
                 "Storage"
             ],
             "severity": "Medium",
@@ -10171,8 +10171,8 @@
             "guid": "a4b1410d-4395-48a8-a228-9b3d6b57cfc6",
             "service": "Azure Storage",
             "services": [
-                "RBAC",
                 "Entra",
+                "RBAC",
                 "Storage"
             ],
             "severity": "Medium",
@@ -10205,10 +10205,10 @@
             "link": "https://learn.microsoft.com/rest/api/storageservices/authorize-with-shared-key",
             "service": "Azure Storage",
             "services": [
-                "Monitor",
                 "Entra",
-                "Storage",
-                "AKV"
+                "AKV",
+                "Monitor",
+                "Storage"
             ],
             "severity": "High",
             "subcategory": "Identity and Access Management",
@@ -10223,10 +10223,10 @@
             "link": "https://learn.microsoft.com/azure/storage/blobs/blob-storage-monitoring-scenarios#audit-account-activity",
             "service": "Azure Storage",
             "services": [
-                "Monitor",
+                "AKV",
                 "AzurePolicy",
-                "Storage",
-                "AKV"
+                "Monitor",
+                "Storage"
             ],
             "severity": "High",
             "subcategory": "Monitoring",
@@ -10242,9 +10242,9 @@
             "service": "Azure Storage",
             "services": [
                 "Entra",
+                "AKV",
                 "AzurePolicy",
-                "Storage",
-                "AKV"
+                "Storage"
             ],
             "severity": "Medium",
             "subcategory": "Identity and Access Management",
@@ -10278,8 +10278,8 @@
             "services": [
                 "Entra",
                 "AzurePolicy",
-                "Storage",
-                "AKV"
+                "AKV",
+                "Storage"
             ],
             "severity": "Medium",
             "subcategory": "Identity and Access Management",
@@ -10293,8 +10293,8 @@
             "link": "https://microsoft.github.io/code-with-engineering-playbook/continuous-integration/dev-sec-ops/secret-management/recipes/detect-secrets-ado/",
             "service": "Azure Storage",
             "services": [
-                "Storage",
-                "AKV"
+                "AKV",
+                "Storage"
             ],
             "severity": "Medium",
             "subcategory": "CI/CD",
@@ -10389,8 +10389,8 @@
             "link": "https://learn.microsoft.com/azure/storage/blobs/secure-file-transfer-protocol-support#sftp-permission-model",
             "service": "Azure Storage",
             "services": [
-                "RBAC",
                 "Entra",
+                "RBAC",
                 "Storage"
             ],
             "severity": "High",
@@ -10600,10 +10600,10 @@
             "service": "Event Hubs",
             "services": [
                 "TrafficManager",
+                "Entra",
                 "RBAC",
                 "EventHubs",
-                "AzurePolicy",
-                "Entra"
+                "AzurePolicy"
             ],
             "severity": "Medium",
             "subcategory": "Identity and Access Management",
@@ -10619,11 +10619,11 @@
             "link": "https://learn.microsoft.com/azure/event-hubs/authenticate-managed-identity?tabs=latest",
             "service": "Event Hubs",
             "services": [
-                "Storage",
                 "AKV",
-                "VM",
+                "Entra",
                 "EventHubs",
-                "Entra"
+                "VM",
+                "Storage"
             ],
             "severity": "Medium",
             "subcategory": "Identity and Access Management",
@@ -10639,8 +10639,8 @@
             "link": "https://learn.microsoft.com/azure/event-hubs/authorize-access-azure-active-directory#azure-built-in-roles-for-azure-event-hubs",
             "service": "Event Hubs",
             "services": [
-                "RBAC",
                 "Entra",
+                "RBAC",
                 "EventHubs"
             ],
             "severity": "High",
@@ -10657,9 +10657,9 @@
             "link": "https://learn.microsoft.com/azure/event-hubs/monitor-event-hubs-reference",
             "service": "Event Hubs",
             "services": [
+                "EventHubs",
                 "VNet",
-                "Monitor",
-                "EventHubs"
+                "Monitor"
             ],
             "severity": "Medium",
             "subcategory": "Monitoring",
@@ -10675,9 +10675,9 @@
             "link": "https://learn.microsoft.com/azure/event-hubs/private-link-service",
             "service": "Event Hubs",
             "services": [
-                "VNet",
                 "PrivateLink",
-                "EventHubs"
+                "EventHubs",
+                "VNet"
             ],
             "severity": "Medium",
             "subcategory": "Networking",
@@ -10723,8 +10723,8 @@
             "link": "https://learn.microsoft.com/azure/event-hubs/event-hubs-premium-overview#high-availability-with-availability-zones",
             "service": "Event Hubs",
             "services": [
-                "ACR",
-                "EventHubs"
+                "EventHubs",
+                "ACR"
             ],
             "severity": "High",
             "subcategory": "Zone Redudancy",
@@ -10871,8 +10871,8 @@
             "link": "https://learn.microsoft.com/azure/application-gateway/configuration-infrastructure#size-of-the-subnet",
             "service": "App Gateway",
             "services": [
-                "VNet",
-                "AppGW"
+                "AppGW",
+                "VNet"
             ],
             "severity": "Medium",
             "subcategory": "App Gateway",
@@ -10888,12 +10888,12 @@
             "link": "https://learn.microsoft.com/azure/web-application-firewall/ag/ag-overview",
             "service": "App Gateway",
             "services": [
-                "VNet",
-                "Subscriptions",
+                "NVA",
+                "Entra",
                 "WAF",
                 "AppGW",
-                "NVA",
-                "Entra"
+                "VNet",
+                "Subscriptions"
             ],
             "severity": "Medium",
             "subcategory": "App Gateway",
@@ -10954,9 +10954,9 @@
             "link": "https://learn.microsoft.com/en-us/azure/web-application-firewall/afds/afds-overview",
             "service": "Front Door",
             "services": [
-                "WAF",
+                "FrontDoor",
                 "AzurePolicy",
-                "FrontDoor"
+                "WAF"
             ],
             "severity": "Medium",
             "subcategory": "Front Door",
@@ -10971,10 +10971,10 @@
             "link": "https://learn.microsoft.com/azure/ddos-protection/ddos-protection-overview",
             "service": "Front Door",
             "services": [
-                "WAF",
-                "AppGW",
+                "FrontDoor",
                 "AzurePolicy",
-                "FrontDoor"
+                "AppGW",
+                "WAF"
             ],
             "severity": "Medium",
             "subcategory": "App delivery",
@@ -11005,8 +11005,8 @@
             "link": "https://learn.microsoft.com/azure/active-directory/app-proxy/application-proxy#how-application-proxy-works",
             "service": "Entra",
             "services": [
-                "AVD",
-                "Entra"
+                "Entra",
+                "AVD"
             ],
             "severity": "Low",
             "subcategory": "App delivery",
@@ -11038,9 +11038,9 @@
             "link": "https://learn.microsoft.com/azure/web-application-firewall/afds/waf-front-door-policy-settings",
             "service": "Front Door",
             "services": [
-                "WAF",
+                "FrontDoor",
                 "AzurePolicy",
-                "FrontDoor"
+                "WAF"
             ],
             "severity": "High",
             "subcategory": "Front Door",
@@ -11055,8 +11055,8 @@
             "link": "https://learn.microsoft.com/azure/frontdoor/best-practices#avoid-combining-traffic-manager-and-front-door",
             "service": "Front Door",
             "services": [
-                "TrafficManager",
-                "FrontDoor"
+                "FrontDoor",
+                "TrafficManager"
             ],
             "severity": "High",
             "subcategory": "Front Door",
@@ -11147,8 +11147,8 @@
             "link": "https://learn.microsoft.com/azure/frontdoor/best-practices#use-managed-tls-certificates",
             "service": "Front Door",
             "services": [
-                "Cost",
                 "FrontDoor",
+                "Cost",
                 "AKV"
             ],
             "severity": "High",
@@ -11163,8 +11163,8 @@
             "link": "https://learn.microsoft.com/azure/web-application-firewall/afds/waf-front-door-best-practices#define-your-waf-configuration-as-code",
             "service": "Front Door",
             "services": [
-                "WAF",
-                "FrontDoor"
+                "FrontDoor",
+                "WAF"
             ],
             "severity": "Medium",
             "subcategory": "Front Door",
@@ -11208,8 +11208,8 @@
             "link": "https://learn.microsoft.com/azure/frontdoor/best-practices#enable-the-waf",
             "service": "Front Door",
             "services": [
-                "WAF",
-                "FrontDoor"
+                "FrontDoor",
+                "WAF"
             ],
             "severity": "High",
             "subcategory": "Front Door",
@@ -11224,8 +11224,8 @@
             "link": "https://learn.microsoft.com/azure/web-application-firewall/afds/waf-front-door-best-practices#tune-your-waf",
             "service": "Front Door",
             "services": [
-                "WAF",
-                "FrontDoor"
+                "FrontDoor",
+                "WAF"
             ],
             "severity": "High",
             "subcategory": "Front Door",
@@ -11240,9 +11240,9 @@
             "link": "https://learn.microsoft.com/azure/web-application-firewall/ag/application-gateway-waf-request-size-limits#request-body-inspection",
             "service": "Front Door",
             "services": [
-                "WAF",
+                "FrontDoor",
                 "AzurePolicy",
-                "FrontDoor"
+                "WAF"
             ],
             "severity": "High",
             "subcategory": "Front Door",
@@ -11257,8 +11257,8 @@
             "link": "https://learn.microsoft.com/azure/web-application-firewall/afds/waf-front-door-best-practices#enable-default-rule-sets",
             "service": "Front Door",
             "services": [
-                "WAF",
-                "FrontDoor"
+                "FrontDoor",
+                "WAF"
             ],
             "severity": "High",
             "subcategory": "Front Door",
@@ -11273,8 +11273,8 @@
             "link": "https://learn.microsoft.com/azure/web-application-firewall/afds/waf-front-door-best-practices#enable-bot-management-rules",
             "service": "Front Door",
             "services": [
-                "WAF",
-                "FrontDoor"
+                "FrontDoor",
+                "WAF"
             ],
             "severity": "High",
             "subcategory": "Front Door",
@@ -11288,8 +11288,8 @@
             "link": "https://learn.microsoft.com/azure/web-application-firewall/afds/waf-front-door-best-practices#use-the-latest-ruleset-versions",
             "service": "Front Door",
             "services": [
-                "WAF",
-                "FrontDoor"
+                "FrontDoor",
+                "WAF"
             ],
             "severity": "Medium",
             "subcategory": "Front Door",
@@ -11303,8 +11303,8 @@
             "link": "https://learn.microsoft.com/azure/web-application-firewall/afds/waf-front-door-best-practices#add-rate-limiting",
             "service": "Front Door",
             "services": [
-                "WAF",
-                "FrontDoor"
+                "FrontDoor",
+                "WAF"
             ],
             "severity": "Medium",
             "subcategory": "Front Door",
@@ -11318,8 +11318,8 @@
             "link": "https://learn.microsoft.com/azure/web-application-firewall/afds/waf-front-door-best-practices#use-a-high-threshold-for-rate-limits",
             "service": "Front Door",
             "services": [
-                "WAF",
-                "FrontDoor"
+                "FrontDoor",
+                "WAF"
             ],
             "severity": "Medium",
             "subcategory": "Front Door",
@@ -11347,8 +11347,8 @@
             "link": "https://learn.microsoft.com/azure/web-application-firewall/afds/waf-front-door-best-practices#specify-the-unknown-zz-location",
             "service": "Front Door",
             "services": [
-                "WAF",
-                "FrontDoor"
+                "FrontDoor",
+                "WAF"
             ],
             "severity": "Medium",
             "subcategory": "Front Door",
@@ -11381,8 +11381,8 @@
             "service": "App Gateway",
             "services": [
                 "WAF",
-                "AppGW",
-                "AzurePolicy"
+                "AzurePolicy",
+                "AppGW"
             ],
             "severity": "High",
             "subcategory": "App Gateway",
@@ -11415,8 +11415,8 @@
             "service": "App Gateway",
             "services": [
                 "WAF",
-                "AppGW",
-                "AzurePolicy"
+                "AzurePolicy",
+                "AppGW"
             ],
             "severity": "High",
             "subcategory": "App Gateway",
@@ -11517,8 +11517,8 @@
             "link": "https://learn.microsoft.com/azure/web-application-firewall/afds/waf-front-door-best-practices#add-diagnostic-settings-to-save-your-wafs-logs",
             "service": "Front Door",
             "services": [
-                "WAF",
-                "FrontDoor"
+                "FrontDoor",
+                "WAF"
             ],
             "severity": "Medium",
             "subcategory": "Front Door",
@@ -11532,8 +11532,8 @@
             "link": "https://learn.microsoft.com/azure/web-application-firewall/ag/best-practices#send-logs-to-microsoft-sentinel",
             "service": "App Gateway",
             "services": [
-                "Sentinel",
                 "WAF",
+                "Sentinel",
                 "AppGW"
             ],
             "severity": "Medium",
@@ -11548,9 +11548,9 @@
             "link": "https://learn.microsoft.com/azure/web-application-firewall/afds/waf-front-door-best-practices#send-logs-to-microsoft-sentinel",
             "service": "Front Door",
             "services": [
+                "FrontDoor",
                 "Sentinel",
-                "WAF",
-                "FrontDoor"
+                "WAF"
             ],
             "severity": "Medium",
             "subcategory": "Front Door",
@@ -11594,10 +11594,10 @@
             "link": "https://learn.microsoft.com/azure/virtual-wan/scenario-secured-hub-app-gateway",
             "service": "App Gateway",
             "services": [
-                "ExpressRoute",
                 "AppGW",
-                "VNet",
-                "VPN"
+                "ExpressRoute",
+                "VPN",
+                "VNet"
             ],
             "severity": "Medium",
             "subcategory": "App Gateway",
@@ -12065,12 +12065,12 @@
             "guid": "aa369282-9e7e-4216-8836-87af467a1f89",
             "link": "https://learn.microsoft.com/azure/ddos-protection/ddos-protection-overview",
             "services": [
-                "VNet",
-                "Subscriptions",
                 "Firewall",
+                "Entra",
                 "WAF",
-                "DDoS",
-                "Entra"
+                "VNet",
+                "Subscriptions",
+                "DDoS"
             ],
             "severity": "Low",
             "subcategory": "DDoS",
@@ -12094,8 +12094,8 @@
             "guid": "44008ae7-d7e4-4743-876c-8bdbf55bce61",
             "link": "https://learn.microsoft.com/azure/frontdoor/front-door-overview",
             "services": [
-                "WAF",
-                "FrontDoor"
+                "FrontDoor",
+                "WAF"
             ],
             "severity": "Medium",
             "subcategory": "Internet",
@@ -12108,8 +12108,8 @@
             "guid": "9e8a03f9-7879-4424-b626-786d60b96c97",
             "link": "https://learn.microsoft.com/azure/openshift/howto-secure-openshift-with-front-door",
             "services": [
-                "PrivateLink",
-                "FrontDoor"
+                "FrontDoor",
+                "PrivateLink"
             ],
             "severity": "Medium",
             "subcategory": "Internet",
@@ -12123,8 +12123,8 @@
             "link": "https://learn.microsoft.com/azure/openshift/howto-restrict-egress",
             "services": [
                 "NVA",
-                "AzurePolicy",
-                "Firewall"
+                "Firewall",
+                "AzurePolicy"
             ],
             "severity": "Medium",
             "subcategory": "Internet",
@@ -12438,8 +12438,8 @@
             "guid": "76af4a69-1e88-439a-ba46-667e13c10567",
             "link": "https://learn.microsoft.com/azure/openshift/howto-segregate-machinesets",
             "services": [
-                "VNet",
-                "AKS"
+                "AKS",
+                "VNet"
             ],
             "severity": "Medium",
             "subcategory": "Cluster Design",
@@ -12523,8 +12523,8 @@
             "guid": "08fe8273-4c48-46ba-880d-c0591cf75ee8",
             "link": "https://learn.microsoft.com/azure/azure-arc/kubernetes/quickstart-connect-cluster",
             "services": [
-                "Arc",
-                "AKS"
+                "AKS",
+                "Arc"
             ],
             "severity": "High",
             "subcategory": "Control plane",
@@ -12548,9 +12548,9 @@
             "guid": "d55d14c3-c492-49cb-8b3d-1325ae124ba3",
             "link": "https://learn.microsoft.com/azure/defender-for-cloud/defender-for-containers-introduction",
             "services": [
-                "Arc",
                 "AKS",
-                "Defender"
+                "Defender",
+                "Arc"
             ],
             "severity": "Medium",
             "subcategory": "Posture",
@@ -12563,9 +12563,9 @@
             "guid": "4d0685ed-dce9-4be3-ab0d-db3b55fb2ec1",
             "link": "https://learn.microsoft.com/azure/azure-arc/kubernetes/tutorial-akv-secrets-provider",
             "services": [
-                "Arc",
                 "AKS",
-                "AKV"
+                "AKV",
+                "Arc"
             ],
             "severity": "Medium",
             "subcategory": "Secrets",
@@ -12589,8 +12589,8 @@
             "guid": "b4935ada-4232-44ec-b81c-123181a64174",
             "link": "https://learn.microsoft.com/azure/governance/policy/concepts/policy-for-kubernetes#install-azure-policy-extension-for-azure-arc-enabled-kubernetes",
             "services": [
-                "Monitor",
-                "AzurePolicy"
+                "AzurePolicy",
+                "Monitor"
             ],
             "severity": "Medium",
             "subcategory": "Workload",
@@ -12862,8 +12862,8 @@
             "guid": "c851fd44-7cf1-459c-95a4-f6455d75a981",
             "link": "https://learn.microsoft.com/azure/architecture/guide/multitenant/approaches/cost-management-allocation",
             "services": [
-                "Cost",
-                "Monitor"
+                "Monitor",
+                "Cost"
             ],
             "severity": "Medium",
             "subcategory": "Cost Optimization",
@@ -13394,9 +13394,9 @@
             "guid": "074541e3-fe08-458a-8062-32d13dcc10c6",
             "link": "https://learn.microsoft.com/azure/backup/back-up-azure-stack-hyperconverged-infrastructure-virtual-machines",
             "services": [
-                "VM",
                 "ASR",
-                "Backup"
+                "Backup",
+                "VM"
             ],
             "severity": "High",
             "subcategory": "VM",
@@ -13830,8 +13830,8 @@
             "link": "https://learn.microsoft.com/azure/ai-services/openai/how-to/latency#batching",
             "service": "Azure OpenAI",
             "services": [
-                "ServiceBus",
-                "Storage"
+                "Storage",
+                "ServiceBus"
             ],
             "severity": "Medium",
             "subcategory": "Elasticity segregation",
@@ -14051,9 +14051,9 @@
             "link": "https://learn.microsoft.com/azure/defender-for-cloud/defender-for-cloud-introduction",
             "service": "Azure OpenAI",
             "services": [
+                "Defender",
                 "Sentinel",
-                "Monitor",
-                "Defender"
+                "Monitor"
             ],
             "severity": "High",
             "subcategory": "Threat Detection and Monitoring",
@@ -14137,8 +14137,8 @@
             "guid": "2bfe4564-b0d8-434a-948b-263e6dd60512",
             "service": "Azure OpenAI",
             "services": [
-                "AzurePolicy",
-                "RBAC"
+                "RBAC",
+                "AzurePolicy"
             ],
             "severity": "Medium",
             "subcategory": "Sensitive Data in Separate Instances",
@@ -14190,8 +14190,8 @@
             "guid": "ac8ac199-ebb9-41a3-9d90-cae2cc881370",
             "service": "Azure OpenAI",
             "services": [
-                "VNet",
-                "Firewall"
+                "Firewall",
+                "VNet"
             ],
             "severity": "High",
             "subcategory": "Network security",
@@ -14440,8 +14440,8 @@
             "link": "https://learn.microsoft.com/azure/ai-services/openai/how-to/manage-costs",
             "service": "Azure OpenAI",
             "services": [
-                "Cost",
-                "Monitor"
+                "Monitor",
+                "Cost"
             ],
             "severity": "Medium",
             "subcategory": "Cost monitoring",
@@ -14620,10 +14620,10 @@
             "link": "https://github.com/Azure/aoai-apim/blob/main/README.md",
             "service": "Azure OpenAI",
             "services": [
-                "LoadBalancer",
-                "ACR",
                 "Entra",
-                "APIM"
+                "APIM",
+                "LoadBalancer",
+                "ACR"
             ],
             "severity": "Medium",
             "subcategory": "Load Balancing",
@@ -14733,8 +14733,8 @@
             "link": "https://learn.microsoft.com/azure/reliability/reliability-azure-container-apps?tabs=azure-cli#cross-region-disaster-recovery-and-business-continuity",
             "service": "Container Apps",
             "services": [
-                "TrafficManager",
-                "FrontDoor"
+                "FrontDoor",
+                "TrafficManager"
             ],
             "severity": "High",
             "subcategory": "High Availability",
@@ -14903,8 +14903,8 @@
             "guid": "36cb45e5-7960-4332-9bdf-8cc23318da61",
             "link": "https://learn.microsoft.com/azure/cloud-adoption-framework/ready/enterprise-scale/business-continuity-and-disaster-recovery",
             "services": [
-                "ASR",
-                "AKS"
+                "AKS",
+                "ASR"
             ],
             "severity": "High",
             "subcategory": "Disaster Recovery",
@@ -14917,8 +14917,8 @@
             "guid": "170265f4-bb46-4a39-9af7-f317284797b1",
             "link": "https://learn.microsoft.com/azure/aks/operator-best-practices-multi-region",
             "services": [
-                "LoadBalancer",
                 "AKS",
+                "LoadBalancer",
                 "TrafficManager",
                 "FrontDoor"
             ],
@@ -14963,8 +14963,8 @@
             "link": "https://learn.microsoft.com/azure/aks/operator-best-practices-scheduler",
             "service": "AKS",
             "services": [
-                "Cost",
-                "AKS"
+                "AKS",
+                "Cost"
             ],
             "severity": "Low",
             "subcategory": "High Availability",
@@ -14992,8 +14992,8 @@
             "guid": "daa9a260-c3ea-4490-b077-5fc1f2a80cb0",
             "link": "https://learn.microsoft.com/azure/aks/availability-zones#azure-disk-availability-zone-support",
             "services": [
-                "ASR",
                 "AKS",
+                "ASR",
                 "Storage"
             ],
             "severity": "High",
@@ -15021,8 +15021,8 @@
             "link": "https://learn.microsoft.com/azure/cloud-adoption-framework/scenarios/aks/eslz-cost-governance-with-kubecost",
             "service": "AKS",
             "services": [
-                "Cost",
-                "AKS"
+                "AKS",
+                "Cost"
             ],
             "severity": "Low",
             "subcategory": "Cost",
@@ -15036,8 +15036,8 @@
             "link": "https://learn.microsoft.com/azure/aks/scale-down-mode",
             "service": "AKS",
             "services": [
-                "Cost",
-                "AKS"
+                "AKS",
+                "Cost"
             ],
             "severity": "Low",
             "subcategory": "Cost",
@@ -15051,8 +15051,8 @@
             "link": "https://learn.microsoft.com/azure/aks/gpu-multi-instance",
             "service": "AKS",
             "services": [
-                "Cost",
-                "AKS"
+                "AKS",
+                "Cost"
             ],
             "severity": "Medium",
             "subcategory": "Cost",
@@ -15066,8 +15066,8 @@
             "link": "https://learn.microsoft.com/azure/aks/start-stop-nodepools",
             "service": "AKS",
             "services": [
-                "Cost",
-                "AKS"
+                "AKS",
+                "Cost"
             ],
             "severity": "Low",
             "subcategory": "Cost",
@@ -15457,8 +15457,8 @@
             "link": "https://azure.github.io/application-gateway-kubernetes-ingress/setup/install-existing/",
             "service": "AKS",
             "services": [
-                "AppGW",
                 "AKS",
+                "AppGW",
                 "ACR"
             ],
             "severity": "Medium",
@@ -15503,8 +15503,8 @@
             "link": "https://learn.microsoft.com/azure/aks/load-balancer-standard",
             "service": "AKS",
             "services": [
-                "LoadBalancer",
-                "AKS"
+                "AKS",
+                "LoadBalancer"
             ],
             "severity": "High",
             "subcategory": "Best practices",
@@ -15518,8 +15518,8 @@
             "link": "https://learn.microsoft.com/azure/aks/use-multiple-node-pools#add-a-node-pool-with-a-unique-subnet",
             "service": "AKS",
             "services": [
-                "VNet",
-                "AKS"
+                "AKS",
+                "VNet"
             ],
             "severity": "Medium",
             "subcategory": "Best practices",
@@ -15533,9 +15533,9 @@
             "link": "https://learn.microsoft.com/azure/private-link/private-link-overview",
             "service": "AKS",
             "services": [
-                "VNet",
-                "PrivateLink",
                 "AKS",
+                "PrivateLink",
+                "VNet",
                 "Cost"
             ],
             "severity": "Medium",
@@ -15579,8 +15579,8 @@
             "link": "https://learn.microsoft.com/azure/aks/configure-azure-cni",
             "service": "AKS",
             "services": [
-                "VNet",
-                "AKS"
+                "AKS",
+                "VNet"
             ],
             "severity": "High",
             "subcategory": "IPAM",
@@ -15609,8 +15609,8 @@
             "link": "https://learn.microsoft.com/azure/aks/internal-lb",
             "service": "AKS",
             "services": [
-                "VNet",
-                "AKS"
+                "AKS",
+                "VNet"
             ],
             "severity": "Low",
             "subcategory": "IPAM",
@@ -15709,8 +15709,8 @@
             "link": "https://learn.microsoft.com/azure/aks/limit-egress-traffic",
             "service": "AKS",
             "services": [
-                "NVA",
-                "AKS"
+                "AKS",
+                "NVA"
             ],
             "severity": "High",
             "subcategory": "Security",
@@ -15801,8 +15801,8 @@
             "link": "https://learn.microsoft.com/azure/aks/operator-best-practices-network",
             "service": "AKS",
             "services": [
-                "WAF",
-                "AKS"
+                "AKS",
+                "WAF"
             ],
             "severity": "High",
             "subcategory": "Security",
@@ -15817,8 +15817,8 @@
             "link": "https://learn.microsoft.com/azure/virtual-network/ddos-protection-overview",
             "service": "AKS",
             "services": [
-                "VNet",
                 "AKS",
+                "VNet",
                 "DDoS"
             ],
             "severity": "Medium",
@@ -15862,8 +15862,8 @@
             "link": "https://learn.microsoft.com/azure/azure-monitor/insights/container-insights-metric-alerts",
             "service": "AKS",
             "services": [
-                "Monitor",
-                "AKS"
+                "AKS",
+                "Monitor"
             ],
             "severity": "High",
             "subcategory": "Alerting",
@@ -16062,8 +16062,8 @@
             "link": "https://learn.microsoft.com/azure/aks/monitor-aks",
             "service": "AKS",
             "services": [
-                "Monitor",
-                "AKS"
+                "AKS",
+                "Monitor"
             ],
             "severity": "Low",
             "subcategory": "Compliance",
@@ -16091,8 +16091,8 @@
             "link": "https://learn.microsoft.com/azure/aks/spot-node-pool",
             "service": "AKS",
             "services": [
-                "Cost",
-                "AKS"
+                "AKS",
+                "Cost"
             ],
             "severity": "Low",
             "subcategory": "Cost",
@@ -16107,8 +16107,8 @@
             "link": "https://learn.microsoft.com/azure/aks/concepts-scale",
             "service": "AKS",
             "services": [
-                "Cost",
-                "AKS"
+                "AKS",
+                "Cost"
             ],
             "severity": "Low",
             "subcategory": "Cost",
@@ -16122,8 +16122,8 @@
             "link": "https://learn.microsoft.com/azure/azure-monitor/insights/container-insights-overview",
             "service": "AKS",
             "services": [
-                "Monitor",
-                "AKS"
+                "AKS",
+                "Monitor"
             ],
             "severity": "High",
             "subcategory": "Monitoring",
@@ -16138,8 +16138,8 @@
             "link": "https://learn.microsoft.com/azure/azure-monitor/insights/container-insights-overview",
             "service": "AKS",
             "services": [
-                "Monitor",
-                "AKS"
+                "AKS",
+                "Monitor"
             ],
             "severity": "High",
             "subcategory": "Monitoring",
@@ -16153,8 +16153,8 @@
             "link": "https://learn.microsoft.com/azure/azure-monitor/containers/container-insights-analyze",
             "service": "AKS",
             "services": [
-                "Monitor",
-                "AKS"
+                "AKS",
+                "Monitor"
             ],
             "severity": "Medium",
             "subcategory": "Monitoring",
@@ -16168,8 +16168,8 @@
             "link": "https://learn.microsoft.com/azure/aks/configure-azure-cni",
             "service": "AKS",
             "services": [
-                "Monitor",
-                "AKS"
+                "AKS",
+                "Monitor"
             ],
             "severity": "Medium",
             "subcategory": "Monitoring",
@@ -16185,10 +16185,10 @@
             "service": "AKS",
             "services": [
                 "ServiceBus",
-                "Storage",
-                "Monitor",
+                "EventHubs",
                 "AKS",
-                "EventHubs"
+                "Monitor",
+                "Storage"
             ],
             "severity": "Medium",
             "subcategory": "Monitoring",
@@ -16202,10 +16202,10 @@
             "link": "https://learn.microsoft.com/azure/aks/load-balancer-standard",
             "service": "AKS",
             "services": [
-                "Monitor",
-                "NVA",
                 "AKS",
-                "LoadBalancer"
+                "LoadBalancer",
+                "NVA",
+                "Monitor"
             ],
             "severity": "Medium",
             "subcategory": "Monitoring",
@@ -16219,8 +16219,8 @@
             "link": "https://learn.microsoft.com/azure/aks/aks-resource-health",
             "service": "AKS",
             "services": [
-                "Monitor",
-                "AKS"
+                "AKS",
+                "Monitor"
             ],
             "severity": "Medium",
             "subcategory": "Monitoring",
@@ -16262,8 +16262,8 @@
             "link": "https://learn.microsoft.com/azure/azure-resource-manager/management/azure-subscription-service-limits",
             "service": "AKS",
             "services": [
-                "Subscriptions",
-                "AKS"
+                "AKS",
+                "Subscriptions"
             ],
             "severity": "High",
             "subcategory": "Resources",
@@ -16453,8 +16453,8 @@
             "service": "AKS",
             "services": [
                 "AKS",
-                "Storage",
-                "SQL"
+                "SQL",
+                "Storage"
             ],
             "severity": "Medium",
             "subcategory": "Storage",
@@ -16498,8 +16498,8 @@
             "link": "https://learn.microsoft.com/azure/architecture/guide/multitenant/considerations/tenancy-models",
             "service": "Azure Monitor",
             "services": [
-                "Cost",
-                "Monitor"
+                "Monitor",
+                "Cost"
             ],
             "severity": "Medium",
             "subcategory": "Azure Monitor - enforce data collection rules",
@@ -16514,8 +16514,8 @@
             "link": "https://learn.microsoft.com/azure/cloud-adoption-framework/ready/landing-zone/design-area/multi-tenant/automation",
             "service": "Azure Backup",
             "services": [
-                "Cost",
-                "Backup"
+                "Backup",
+                "Cost"
             ],
             "severity": "Medium",
             "subcategory": "Backup",
@@ -16555,8 +16555,8 @@
             "guid": "3b0d834a-3487-426d-b69c-6b5c2a26494b",
             "link": "https://learn.microsoft.com/azure/cloud-adoption-framework/ready/landing-zone/design-area/azure-billing-microsoft-customer-agreement#design-recommendations",
             "services": [
-                "Cost",
                 "Backup",
+                "Cost",
                 "Storage"
             ],
             "severity": "Medium",
@@ -16571,9 +16571,9 @@
             "link": "https://learn.microsoft.com/azure/cloud-adoption-framework/ready/landing-zone/design-area/azure-billing-microsoft-customer-agreement#design-recommendations",
             "service": "Azure Backup",
             "services": [
-                "Cost",
                 "ASR",
                 "Backup",
+                "Cost",
                 "Storage"
             ],
             "severity": "Medium",
@@ -16588,8 +16588,8 @@
             "link": "https://learn.microsoft.com/azure/cost-management-billing/manage/direct-ea-administration#manage-notification-contacts",
             "service": "Azure Monitor",
             "services": [
-                "Cost",
-                "Monitor"
+                "Monitor",
+                "Cost"
             ],
             "severity": "Medium",
             "subcategory": "Log Analytics retention for workspaces",
@@ -16604,8 +16604,8 @@
             "link": "https://learn.microsoft.com/azure/cloud-adoption-framework/ready/landing-zone/design-area/azure-billing-enterprise-agreement#design-considerations",
             "service": "Azure Monitor",
             "services": [
-                "Cost",
                 "AzurePolicy",
+                "Cost",
                 "Storage"
             ],
             "severity": "Medium",
@@ -16649,9 +16649,9 @@
             "link": "https://learn.microsoft.com/azure/cloud-adoption-framework/ready/landing-zone/design-area/azure-billing-enterprise-agreement#design-considerations",
             "service": "VM",
             "services": [
-                "Cost",
-                "VM",
                 "Backup",
+                "VM",
+                "Cost",
                 "Storage"
             ],
             "severity": "Medium",
@@ -16667,8 +16667,8 @@
             "link": "https://learn.microsoft.com/azure/cloud-adoption-framework/ready/landing-zone/design-area/azure-billing-enterprise-agreement#design-considerations",
             "service": "Storage",
             "services": [
-                "Cost",
                 "AzurePolicy",
+                "Cost",
                 "Storage"
             ],
             "severity": "Medium",
@@ -16722,8 +16722,8 @@
             "guid": "a27b765a-91be-41f3-a8ef-394c2bd463cb",
             "link": "https://learn.microsoft.com/azure/cloud-adoption-framework/ready/landing-zone/design-area/azure-billing-microsoft-customer-agreement#design-recommendations",
             "services": [
-                "Cost",
                 "VM",
+                "Cost",
                 "Storage"
             ],
             "severity": "Medium",
@@ -16750,8 +16750,8 @@
             "guid": "b6b780cb-9fe5-4c46-989d-457a927c3874",
             "link": "https://learn.microsoft.com/azure/cloud-adoption-framework/ready/azure-best-practices/naming-and-tagging",
             "services": [
-                "Cost",
-                "Entra"
+                "Entra",
+                "Cost"
             ],
             "severity": "Medium",
             "subcategory": "Advisor",
@@ -16765,8 +16765,8 @@
             "link": "https://learn.microsoft.com/azure/governance/policy/overview",
             "service": "VM",
             "services": [
-                "Cost",
-                "VM"
+                "VM",
+                "Cost"
             ],
             "severity": "Medium",
             "subcategory": "Advisor",
@@ -16792,8 +16792,8 @@
             "guid": "b835556d-f2bf-4e45-93b0-d834a348726d",
             "link": "https://learn.microsoft.com/azure/governance/policy/overview",
             "services": [
-                "Cost",
-                "Monitor"
+                "Monitor",
+                "Cost"
             ],
             "severity": "Medium",
             "subcategory": "Automation",
@@ -16846,8 +16846,8 @@
             "guid": "2bd463cb-bac7-4581-a59b-b91a3ed90cae",
             "link": "https://learn.microsoft.com/azure/governance/policy/overview",
             "services": [
-                "Cost",
-                "AzurePolicy"
+                "AzurePolicy",
+                "Cost"
             ],
             "severity": "Medium",
             "subcategory": "Baseline",
@@ -16925,8 +16925,8 @@
             "guid": "aad53cc7-8e1d-4766-9735-7c449674b5ed",
             "link": "https://learn.microsoft.com/azure/active-directory/reports-monitoring/concept-activity-logs-azure-monitor",
             "services": [
-                "Cost",
-                "ACR"
+                "ACR",
+                "Cost"
             ],
             "severity": "Medium",
             "subcategory": "Free services",
@@ -16980,10 +16980,10 @@
             "link": "https://learn.microsoft.com/azure/cloud-adoption-framework/manage/centralize-operations",
             "service": "VM",
             "services": [
-                "Cost",
                 "VM",
                 "AzurePolicy",
-                "SQL"
+                "SQL",
+                "Cost"
             ],
             "severity": "Medium",
             "subcategory": "check AHUB is applied to all Windows VMs, RHEL and SQL",
@@ -16997,8 +16997,8 @@
             "link": "https://learn.microsoft.com/azure/active-directory/privileged-identity-management/pim-configure",
             "service": "VM",
             "services": [
-                "Cost",
-                "LoadBalancer"
+                "LoadBalancer",
+                "Cost"
             ],
             "severity": "Medium",
             "subcategory": "Check Red Hat Licences if applicable",
@@ -17011,8 +17011,8 @@
             "guid": "a76af4a6-91e8-4839-ada4-6667e13c1056",
             "link": "https://learn.microsoft.com/azure/active-directory/roles/security-planning#identify-microsoft-accounts-in-administrative-roles-that-need-to-be-switched-to-work-or-school-accounts",
             "services": [
-                "Cost",
-                "AppSvc"
+                "AppSvc",
+                "Cost"
             ],
             "severity": "Medium",
             "subcategory": "Functions",
@@ -17026,8 +17026,8 @@
             "link": "https://learn.microsoft.com/azure/active-directory/fundamentals/active-directory-groups-create-azure-portal",
             "service": "VM",
             "services": [
-                "Cost",
-                "VM"
+                "VM",
+                "Cost"
             ],
             "severity": "Medium",
             "subcategory": "Planning",
@@ -17042,9 +17042,9 @@
             "link": "https://learn.microsoft.com/azure/cloud-adoption-framework/ready/landing-zone/design-area/identity-access#prerequisites-for-a-landing-zone---design-recommendations",
             "service": "VM",
             "services": [
-                "Cost",
                 "VM",
-                "ARS"
+                "ARS",
+                "Cost"
             ],
             "severity": "Medium",
             "subcategory": "Reservations/savings plans",
@@ -17099,8 +17099,8 @@
             "link": "https://learn.microsoft.com/azure/architecture/reference-architectures/identity/adds-extend-domain",
             "service": "VM",
             "services": [
-                "Cost",
-                "VM"
+                "VM",
+                "Cost"
             ],
             "severity": "Medium",
             "subcategory": "Reserve VMs with normalized and rationalized sizes",
@@ -17114,9 +17114,9 @@
             "link": "https://learn.microsoft.com/azure/active-directory/app-proxy/application-proxy",
             "service": "Azure SQL",
             "services": [
-                "Cost",
                 "AzurePolicy",
-                "SQL"
+                "SQL",
+                "Cost"
             ],
             "severity": "Medium",
             "subcategory": "SQL Database AHUB",
@@ -17130,9 +17130,9 @@
             "link": "https://learn.microsoft.com/azure/active-directory/roles/best-practices",
             "service": "VM",
             "services": [
-                "Cost",
                 "VM",
-                "SQL"
+                "SQL",
+                "Cost"
             ],
             "severity": "Medium",
             "subcategory": "SQL Database Reservations",
@@ -17158,8 +17158,8 @@
             "guid": "d3b475a5-c7ac-4be4-abbe-64dd89f2e877",
             "link": "https://learn.microsoft.com/azure/cloud-adoption-framework/ready/landing-zone/design-area/identity-access-landing-zones#rbac-recommendations",
             "services": [
-                "Cost",
-                "AzurePolicy"
+                "AzurePolicy",
+                "Cost"
             ],
             "severity": "Medium",
             "subcategory": "Tracking",
@@ -17172,8 +17172,8 @@
             "guid": "78468d55-a785-4c6f-b96c-96ad8844cf3b",
             "link": "https://learn.microsoft.com/azure/active-directory/privileged-identity-management/pim-create-roles-and-resource-roles-review",
             "services": [
-                "Cost",
-                "AzurePolicy"
+                "AzurePolicy",
+                "Cost"
             ],
             "severity": "Medium",
             "subcategory": "Automation",
@@ -17186,8 +17186,8 @@
             "guid": "2b38c886-ba2c-4021-9990-14a5d3ce574d",
             "link": "https://learn.microsoft.com/azure/web-application-firewall/afds/waf-front-door-best-practices#add-diagnostic-settings-to-save-your-wafs-logs",
             "services": [
-                "Cost",
-                "AzurePolicy"
+                "AzurePolicy",
+                "Cost"
             ],
             "severity": "Medium",
             "subcategory": "Automation",
@@ -17201,8 +17201,8 @@
             "link": "https://learn.microsoft.com/azure/web-application-firewall/afds/waf-front-door-best-practices#send-logs-to-microsoft-sentinel",
             "service": "VM",
             "services": [
-                "Cost",
-                "VM"
+                "VM",
+                "Cost"
             ],
             "severity": "Medium",
             "subcategory": "Autoscale",
@@ -17216,8 +17216,8 @@
             "link": "https://learn.microsoft.com/azure/reliability/cross-region-replication-azure",
             "service": "AKS",
             "services": [
-                "Cost",
-                "AKS"
+                "AKS",
+                "Cost"
             ],
             "severity": "Medium",
             "subcategory": "Autoscale",
@@ -17270,8 +17270,8 @@
             "link": "https://learn.microsoft.com/azure/azure-monitor/logs/data-retention-archive?tabs=portal-1%2Cportal-2#how-retention-and-archiving-work",
             "service": "Azure Backup",
             "services": [
-                "Cost",
-                "Backup"
+                "Backup",
+                "Cost"
             ],
             "severity": "Medium",
             "subcategory": "Backup",
@@ -17286,9 +17286,9 @@
             "link": "https://learn.microsoft.com/azure/databricks/clusters/cluster-config-best-practices#automatic-termination",
             "service": "Databricks",
             "services": [
-                "Cost",
                 "VM",
-                "LoadBalancer"
+                "LoadBalancer",
+                "Cost"
             ],
             "severity": "Medium",
             "subcategory": "Databricks",
@@ -17418,9 +17418,9 @@
             "link": "https://learn.microsoft.com/azure/azure-monitor/logs/design-logs-deployment",
             "service": "Front Door",
             "services": [
-                "Cost",
                 "FrontDoor",
-                "EventHubs"
+                "EventHubs",
+                "Cost"
             ],
             "severity": "Medium",
             "subcategory": "Networking",
@@ -17434,8 +17434,8 @@
             "link": "https://learn.microsoft.com/azure/cloud-adoption-framework/ready/azure-setup-guide/monitoring-reporting?tabs=AzureMonitor",
             "service": "Front Door",
             "services": [
-                "Cost",
                 "AppSvc",
+                "Cost",
                 "FrontDoor"
             ],
             "severity": "Medium",
@@ -17536,8 +17536,8 @@
             "link": "https://learn.microsoft.com/azure/site-recovery/site-recovery-overview",
             "service": "Site Recovery",
             "services": [
-                "Cost",
                 "ASR",
+                "Cost",
                 "Storage"
             ],
             "severity": "Medium",
@@ -17582,9 +17582,9 @@
             "link": "https://learn.microsoft.com/azure/reliability/availability-zones-overview",
             "service": "Synapse",
             "services": [
-                "Cost",
                 "Monitor",
-                "EventHubs"
+                "EventHubs",
+                "Cost"
             ],
             "severity": "Medium",
             "subcategory": "Synapse",
@@ -17613,8 +17613,8 @@
             "link": "https://learn.microsoft.com/azure/load-balancer/load-balancer-overview",
             "service": "Synapse",
             "services": [
-                "Cost",
-                "SQL"
+                "SQL",
+                "Cost"
             ],
             "severity": "Medium",
             "subcategory": "Synapse",
@@ -17671,8 +17671,8 @@
             "link": "https://learn.microsoft.com/azure/application-gateway/overview-v2",
             "service": "VM",
             "services": [
-                "Cost",
-                "VM"
+                "VM",
+                "Cost"
             ],
             "severity": "Medium",
             "subcategory": "VM",
@@ -17687,8 +17687,8 @@
             "link": "https://learn.microsoft.com/azure/load-balancer/load-balancer-overview",
             "service": "VM",
             "services": [
-                "Cost",
-                "VM"
+                "VM",
+                "Cost"
             ],
             "severity": "Medium",
             "subcategory": "VM",
@@ -17702,8 +17702,8 @@
             "link": "https://learn.microsoft.com/azure/application-gateway/configuration-infrastructure#size-of-the-subnet",
             "service": "VM",
             "services": [
-                "Cost",
-                "VM"
+                "VM",
+                "Cost"
             ],
             "severity": "Medium",
             "subcategory": "VM",
@@ -17718,9 +17718,9 @@
             "link": "https://learn.microsoft.com/azure/web-application-firewall/ag/ag-overview",
             "service": "VM",
             "services": [
-                "Cost",
                 "VM",
-                "Monitor"
+                "Monitor",
+                "Cost"
             ],
             "severity": "Medium",
             "subcategory": "VM",
@@ -17735,8 +17735,8 @@
             "link": "https://learn.microsoft.com/azure/web-application-firewall/ag/ag-overview",
             "service": "VM",
             "services": [
-                "Cost",
-                "VM"
+                "VM",
+                "Cost"
             ],
             "severity": "Medium",
             "subcategory": "VM",
@@ -17876,8 +17876,8 @@
             "link": "https://learn.microsoft.com/azure/virtual-machines/premium-storage-performance#counters-to-measure-application-performance-requirements",
             "services": [
                 "VM",
-                "Storage",
-                "SQL"
+                "SQL",
+                "Storage"
             ],
             "severity": "Medium",
             "subcategory": "Storage",
@@ -17891,8 +17891,8 @@
             "guid": "dbf590ce-65de-48e0-9f9c-cbd468266abc",
             "link": "https://learn.microsoft.com/azure/azure-sql/virtual-machines/windows/performance-guidelines-best-practices-checklist?view=azuresql#storage",
             "services": [
-                "Storage",
-                "SQL"
+                "SQL",
+                "Storage"
             ],
             "severity": "High",
             "subcategory": "Storage",
@@ -17906,8 +17906,8 @@
             "guid": "e6a84de5-df43-4d19-a248-1718d5d1e5f6",
             "link": "https://learn.microsoft.com/azure/azure-sql/virtual-machines/windows/performance-guidelines-best-practices-checklist?view=azuresql#storage",
             "services": [
-                "Storage",
-                "SQL"
+                "SQL",
+                "Storage"
             ],
             "severity": "High",
             "subcategory": "Storage",
@@ -17921,9 +17921,9 @@
             "guid": "25659d35-58fd-4772-99c9-31112d027fe4",
             "link": "https://learn.microsoft.com/azure/azure-sql/virtual-machines/windows/performance-guidelines-best-practices-checklist?view=azuresql#storage",
             "services": [
+                "SQL",
                 "Cost",
-                "Storage",
-                "SQL"
+                "Storage"
             ],
             "severity": "High",
             "subcategory": "Storage",
@@ -17938,8 +17938,8 @@
             "link": "https://learn.microsoft.com/azure/azure-sql/virtual-machines/windows/performance-guidelines-best-practices-checklist?view=azuresql#storage",
             "services": [
                 "VM",
-                "Storage",
-                "SQL"
+                "SQL",
+                "Storage"
             ],
             "severity": "Medium",
             "subcategory": "Storage",
@@ -17954,8 +17954,8 @@
             "link": "https://learn.microsoft.com/azure/azure-sql/virtual-machines/windows/performance-guidelines-best-practices-checklist?view=azuresql#storage",
             "services": [
                 "VM",
-                "Storage",
-                "SQL"
+                "SQL",
+                "Storage"
             ],
             "severity": "High",
             "subcategory": "Storage",
@@ -17970,8 +17970,8 @@
             "link": "https://learn.microsoft.com/azure/azure-sql/virtual-machines/windows/performance-guidelines-best-practices-checklist?view=azuresql#storage",
             "services": [
                 "AzurePolicy",
-                "Storage",
-                "SQL"
+                "SQL",
+                "Storage"
             ],
             "severity": "High",
             "subcategory": "Storage",
@@ -17986,8 +17986,8 @@
             "link": "https://learn.microsoft.com/azure/azure-sql/virtual-machines/windows/performance-guidelines-best-practices-checklist?view=azuresql#storage",
             "services": [
                 "VM",
-                "Storage",
-                "SQL"
+                "SQL",
+                "Storage"
             ],
             "severity": "High",
             "subcategory": "Storage",
@@ -18001,8 +18001,8 @@
             "guid": "155abb91-63e9-4908-ae28-c84c33b6b780",
             "link": "https://learn.microsoft.com/azure/azure-sql/virtual-machines/windows/performance-guidelines-best-practices-checklist?view=azuresql#storage",
             "services": [
-                "Storage",
-                "SQL"
+                "SQL",
+                "Storage"
             ],
             "severity": "High",
             "subcategory": "Storage",
@@ -18047,9 +18047,9 @@
             "link": "https://learn.microsoft.com/azure/azure-sql/virtual-machines/windows/availability-group-azure-portal-configure?view=azuresql&tabs=azure-cli",
             "services": [
                 "VM",
-                "LoadBalancer",
+                "SQL",
                 "VNet",
-                "SQL"
+                "LoadBalancer"
             ],
             "severity": "Medium",
             "subcategory": "HADR",
@@ -18092,10 +18092,10 @@
             "guid": "667313c4-0567-44b5-b985-b859c773e7e2",
             "link": "https://learn.microsoft.com/azure/azure-sql/virtual-machines/windows/availability-group-vnn-azure-load-balancer-configure?view=azuresql-vm&tabs=ilb",
             "services": [
-                "VNet",
                 "VM",
-                "LoadBalancer",
-                "SQL"
+                "SQL",
+                "VNet",
+                "LoadBalancer"
             ],
             "severity": "High",
             "subcategory": "HADR",
@@ -18109,8 +18109,8 @@
             "guid": "61623b77-5a91-47e1-b348-ef354c27d42e",
             "link": "https://learn.microsoft.com/sql/relational-databases/data-compression/data-compression?view=sql-server-ver16",
             "services": [
-                "Storage",
-                "SQL"
+                "SQL",
+                "Storage"
             ],
             "severity": "Low",
             "subcategory": "SQL Server",
@@ -18124,8 +18124,8 @@
             "guid": "8bbac868-155a-4bb9-863e-9908ae28c84c",
             "link": "https://learn.microsoft.com/sql/relational-databases/databases/database-instant-file-initialization?view=sql-server-ver16",
             "services": [
-                "Storage",
-                "SQL"
+                "SQL",
+                "Storage"
             ],
             "severity": "High",
             "subcategory": "SQL Server",
@@ -18154,8 +18154,8 @@
             "link": "https://learn.microsoft.com/azure/azure-sql/virtual-machines/windows/performance-guidelines-best-practices-checklist?view=azuresql-vm#sql-server-features",
             "services": [
                 "VM",
-                "Storage",
-                "SQL"
+                "SQL",
+                "Storage"
             ],
             "severity": "Low",
             "subcategory": "SQL Server",
@@ -18260,9 +18260,9 @@
             "link": "https://learn.microsoft.com/azure/virtual-machines/constrained-vcpu",
             "services": [
                 "VM",
-                "Storage",
+                "SQL",
                 "Cost",
-                "SQL"
+                "Storage"
             ],
             "severity": "Low",
             "subcategory": "Cost Optimization",
@@ -18277,8 +18277,8 @@
             "guid": "7ed67178-b824-4546-ae1a-ee3453aec823",
             "link": "https://azure.microsoft.com/en-ca/pricing/hybrid-benefit/",
             "services": [
-                "Cost",
-                "SQL"
+                "SQL",
+                "Cost"
             ],
             "severity": "Low",
             "subcategory": "Cost Optimization",
@@ -18323,8 +18323,8 @@
             "guid": "74a748b6-633a-4d2a-8916-a66498fad0e2",
             "link": "https://learn.microsoft.com/azure/defender-for-cloud/secure-score-security-controls",
             "services": [
-                "VM",
                 "Defender",
+                "VM",
                 "SQL"
             ],
             "severity": "High",
@@ -18431,8 +18431,8 @@
             "guid": "eaded26b-dd18-46f0-ac25-1b999a68af87",
             "link": "https://learn.microsoft.com/azure/azure-sql/managed-instance/frequently-asked-questions-faq?view=azuresql-mi#can-a-managed-instance-have-the-same-name-as-a-sql-server-on-premises-instance",
             "services": [
-                "DNS",
-                "SQL"
+                "SQL",
+                "DNS"
             ],
             "severity": "High",
             "subcategory": "Pre Migration",
@@ -18447,8 +18447,8 @@
             "guid": "c9a7f821-b8eb-48c0-aa77-e25e4d5aeaa8",
             "link": "https://learn.microsoft.com/azure/azure-sql/managed-instance/vnet-existing-add-subnet?view=azuresql-mi",
             "services": [
-                "VNet",
-                "SQL"
+                "SQL",
+                "VNet"
             ],
             "severity": "Medium",
             "subcategory": "Pre Migration",
@@ -18463,8 +18463,8 @@
             "guid": "dc4e2436-bb33-46d7-85f1-7960eee0b9b5",
             "link": "https://learn.microsoft.com/azure/azure-sql/managed-instance/vnet-subnet-determine-size?view=azuresql-mi",
             "services": [
-                "VNet",
-                "SQL"
+                "SQL",
+                "VNet"
             ],
             "severity": "High",
             "subcategory": "Deployment",
@@ -18655,9 +18655,9 @@
             "guid": "141acdce-5793-477b-adb3-751ab2ac1fad",
             "link": "https://learn.microsoft.com/azure/azure-sql/managed-instance/auto-failover-group-configure-sql-mi?view=azuresql&tabs=azure-portal#test-failover",
             "services": [
-                "LoadBalancer",
                 "EventHubs",
-                "SQL"
+                "SQL",
+                "LoadBalancer"
             ],
             "severity": "High",
             "subcategory": "Post Migration",
@@ -18671,8 +18671,8 @@
             "guid": "aa359272-8e6e-4205-8726-76ae46691e88",
             "link": "https://techcommunity.microsoft.com/t5/azure-sql-blog/storage-performance-best-practices-and-considerations-for-azure/ba-p/305525",
             "services": [
-                "Storage",
-                "SQL"
+                "SQL",
+                "Storage"
             ],
             "severity": "High",
             "subcategory": "Post Migration",
@@ -18687,10 +18687,10 @@
             "guid": "35ad9422-23e1-4381-8523-081a94174158",
             "link": "https://learn.microsoft.com/azure/architecture/example-scenario/data/sql-managed-instance-cmk",
             "services": [
-                "AzurePolicy",
-                "AKV",
                 "Backup",
-                "SQL"
+                "AzurePolicy",
+                "SQL",
+                "AKV"
             ],
             "severity": "Low",
             "subcategory": "Post Migration",
@@ -18720,10 +18720,10 @@
             "guid": "9d89f2e8-7778-4424-b516-785c6fa96b96",
             "link": "https://learn.microsoft.com/azure/azure-sql/database/long-term-retention-overview?view=azuresql-mi",
             "services": [
-                "ARS",
                 "Backup",
-                "Storage",
-                "SQL"
+                "SQL",
+                "ARS",
+                "Storage"
             ],
             "severity": "Low",
             "subcategory": "Post Migration",
@@ -18738,8 +18738,8 @@
             "guid": "ad88408f-3727-434c-a76b-a28021459014",
             "link": "https://azure.microsoft.com/en-gb/pricing/hybrid-benefit/#overview",
             "services": [
-                "Cost",
-                "SQL"
+                "SQL",
+                "Cost"
             ],
             "severity": "Low",
             "subcategory": "Post Migration",
@@ -18796,9 +18796,9 @@
             "guid": "74faa19b-f39d-495d-94c7-c8919ca1f6d5",
             "link": "https://learn.microsoft.com/azure/reliability/reliability-traffic-manager?toc=%2Fazure%2Fdns%2Ftoc.json",
             "services": [
+                "TrafficManager",
                 "ASR",
-                "DNS",
-                "TrafficManager"
+                "DNS"
             ],
             "severity": "Medium",
             "subcategory": "Azure DNS",
@@ -18852,9 +18852,9 @@
             "guid": "23081a94-1741-4583-9ff7-ad7c6d373316",
             "link": "https://www.windows-active-directory.com/azure-ad-dns-for-custom-domain-names-with-advanced-dns-settings.html",
             "services": [
+                "Entra",
                 "VM",
-                "DNS",
-                "Entra"
+                "DNS"
             ],
             "severity": "Medium",
             "subcategory": "VM Based DNS Service",
@@ -18911,8 +18911,8 @@
             "link": "https://learn.microsoft.com/azure/data-explorer/business-continuity-create-solution#replicate-management-activities",
             "service": "Azure Data Explorer",
             "services": [
-                "Storage",
-                "RBAC"
+                "RBAC",
+                "Storage"
             ],
             "subcategory": "Replication",
             "text": "Replicate all management activities such as creating new tables or managing user roles on each cluster.",
@@ -18977,9 +18977,9 @@
             "link": "https://learn.microsoft.com/azure/data-explorer/business-continuity-overview#on-demand-data-recovery-configuration",
             "service": "Azure Data Explorer",
             "services": [
-                "Cost",
                 "ASR",
                 "AzurePolicy",
+                "Cost",
                 "Storage"
             ],
             "subcategory": "DR Configuration",
@@ -19032,10 +19032,10 @@
             "guid": "56c57ba5-9119-4bf8-b8f5-c586c7d9cdc1",
             "link": "https://azure.microsoft.com/support/legal/sla/virtual-desktop/v1_0/",
             "services": [
-                "VM",
+                "Subscriptions",
                 "ASR",
-                "AVD",
-                "Subscriptions"
+                "VM",
+                "AVD"
             ],
             "severity": "High",
             "subcategory": "Compute",
@@ -19049,10 +19049,10 @@
             "guid": "6acc076e-f9b1-441a-a989-579e76b897e7",
             "link": "https://learn.microsoft.com/azure/architecture/example-scenario/wvd/azure-virtual-desktop-multi-region-bcdr",
             "services": [
-                "VM",
                 "ASR",
-                "Storage",
-                "AVD"
+                "VM",
+                "AVD",
+                "Storage"
             ],
             "severity": "Medium",
             "subcategory": "Compute",
@@ -19097,9 +19097,9 @@
             "guid": "4c61fc3f-c14e-4ea6-b69e-8d9a3eec218e",
             "link": "https://docs.microsoft.com/azure/virtual-desktop/disaster-recovery",
             "services": [
-                "VM",
                 "ASR",
                 "Backup",
+                "VM",
                 "AVD"
             ],
             "severity": "Medium",
@@ -19114,11 +19114,11 @@
             "guid": "5da58639-ca3a-4961-890b-29663c5e10d",
             "link": "https://learn.microsoft.com/azure/site-recovery/azure-to-azure-how-to-enable-zone-to-zone-disaster-recovery",
             "services": [
-                "AVD",
-                "VM",
+                "Backup",
                 "Cost",
                 "ASR",
-                "Backup"
+                "VM",
+                "AVD"
             ],
             "severity": "Medium",
             "subcategory": "Compute",
@@ -19132,11 +19132,11 @@
             "guid": "dd2e0d5d-771d-441e-9610-cc57b4a4a141",
             "link": "https://learn.microsoft.com/azure/virtual-machines/azure-compute-gallery",
             "services": [
-                "Storage",
-                "AVD",
-                "VM",
+                "ACR",
                 "ASR",
-                "ACR"
+                "VM",
+                "AVD",
+                "Storage"
             ],
             "severity": "Low",
             "subcategory": "Dependencies",
@@ -19166,8 +19166,8 @@
             "link": "https://docs.microsoft.com/fslogix/manage-profile-content-cncpt",
             "services": [
                 "ASR",
-                "Storage",
-                "AVD"
+                "AVD",
+                "Storage"
             ],
             "severity": "Medium",
             "subcategory": "Storage",
@@ -19181,11 +19181,11 @@
             "guid": "fc4972cc-3cd2-45bf-a707-6e9eab4bed32",
             "link": "https://docs.microsoft.com/azure/virtual-desktop/disaster-recovery",
             "services": [
-                "Storage",
                 "Backup",
-                "AVD",
+                "AzurePolicy",
                 "ASR",
-                "AzurePolicy"
+                "AVD",
+                "Storage"
             ],
             "severity": "Medium",
             "subcategory": "Storage",
@@ -19200,8 +19200,8 @@
             "link": "https://docs.microsoft.com/azure/virtual-desktop/disaster-recovery",
             "services": [
                 "ASR",
-                "Storage",
-                "AVD"
+                "AVD",
+                "Storage"
             ],
             "severity": "Medium",
             "subcategory": "Storage",
@@ -19216,9 +19216,9 @@
             "link": "https://docs.microsoft.com/azure/backup/backup-afs",
             "services": [
                 "ASR",
-                "Storage",
                 "Backup",
-                "AVD"
+                "AVD",
+                "Storage"
             ],
             "severity": "Medium",
             "subcategory": "Storage",
@@ -19233,8 +19233,8 @@
             "link": "https://learn.microsoft.com/azure/storage/files/files-redundancy#zone-redundant-storage",
             "services": [
                 "ASR",
-                "Storage",
-                "AVD"
+                "AVD",
+                "Storage"
             ],
             "severity": "High",
             "subcategory": "Storage",
@@ -19248,11 +19248,11 @@
             "guid": "23429db7-2281-4376-85cc-57b4a4b18142",
             "link": "https://learn.microsoft.com/azure/azure-netapp-files/cross-region-replication-create-peering",
             "services": [
-                "Storage",
-                "AVD",
-                "ASR",
                 "Backup",
-                "ACR"
+                "ACR",
+                "ASR",
+                "AVD",
+                "Storage"
             ],
             "severity": "Medium",
             "subcategory": "Storage",
@@ -19309,8 +19309,8 @@
             "link": "https://learn.microsoft.com/azure/virtual-machines/shared-image-galleries",
             "services": [
                 "VM",
-                "Storage",
-                "AVD"
+                "AVD",
+                "Storage"
             ],
             "severity": "Low",
             "subcategory": "Golden Images",
@@ -19381,8 +19381,8 @@
             "guid": "e3d3e084-4276-4d4b-bc01-5bcf219e4a1e",
             "link": "https://learn.microsoft.com/azure/virtual-desktop/install-office-on-wvd-master-image#install-onedrive-in-per-machine-mode",
             "services": [
-                "Storage",
-                "AVD"
+                "AVD",
+                "Storage"
             ],
             "severity": "Low",
             "subcategory": "Golden Images",
@@ -19425,8 +19425,8 @@
             "link": "https://docs.microsoft.com/azure/virtual-desktop/app-attach-file-share",
             "services": [
                 "Cost",
-                "Storage",
-                "AVD"
+                "AVD",
+                "Storage"
             ],
             "severity": "Medium",
             "subcategory": "MSIX & AppAttach",
@@ -19455,9 +19455,9 @@
             "link": "https://docs.microsoft.com/azure/virtual-desktop/app-attach-file-share",
             "services": [
                 "VM",
-                "Storage",
                 "RBAC",
-                "AVD"
+                "AVD",
+                "Storage"
             ],
             "severity": "Medium",
             "subcategory": "MSIX & AppAttach",
@@ -19615,8 +19615,8 @@
             "guid": "b384b7ed-1cdd-457e-a2cd-c8d4d55bc144",
             "link": "https://learn.microsoft.com/azure/virtual-desktop/terminology?WT.mc_id=Portal-fx#application-groups",
             "services": [
-                "Storage",
-                "AVD"
+                "AVD",
+                "Storage"
             ],
             "severity": "High",
             "subcategory": "Capacity Planning",
@@ -19661,8 +19661,8 @@
             "link": "https://learn.microsoft.com/azure/virtual-desktop/configure-host-pool-personal-desktop-assignment-type?tabs=azure#reassign-a-personal-desktop",
             "services": [
                 "VM",
-                "Storage",
-                "AVD"
+                "AVD",
+                "Storage"
             ],
             "severity": "Low",
             "subcategory": "Capacity Planning",
@@ -19691,8 +19691,8 @@
             "guid": "992b1cd6-d2f5-44b2-a769-e3a691e8838a",
             "link": "https://learn.microsoft.com/azure/architecture/example-scenario/wvd/windows-virtual-desktop#considerations",
             "services": [
-                "Storage",
-                "AVD"
+                "AVD",
+                "Storage"
             ],
             "severity": "High",
             "subcategory": "Capacity Planning",
@@ -19750,9 +19750,9 @@
             "link": "https://learn.microsoft.com/azure/architecture/example-scenario/wvd/windows-virtual-desktop?toc=%2Fazure%2Fvirtual-desktop%2Ftoc.json&bc=%2Fazure%2Fvirtual-desktop%2Fbreadcrumb%2Ftoc.json",
             "services": [
                 "ExpressRoute",
-                "Storage",
+                "VPN",
                 "AVD",
-                "VPN"
+                "Storage"
             ],
             "severity": "Medium",
             "subcategory": "Clients & Users",
@@ -19837,8 +19837,8 @@
             "link": "https://docs.microsoft.com/azure/azure-resource-manager/management/azure-subscription-service-limits",
             "services": [
                 "VM",
-                "Storage",
-                "AVD"
+                "AVD",
+                "Storage"
             ],
             "severity": "Low",
             "subcategory": "General",
@@ -19852,10 +19852,10 @@
             "guid": "c14aea7e-65e8-4d9a-9aec-218e6436b073",
             "link": "https://docs.microsoft.com/azure/architecture/reference-architectures/identity/adds-extend-domain",
             "services": [
-                "VNet",
-                "Storage",
                 "Entra",
-                "AVD"
+                "VNet",
+                "AVD",
+                "Storage"
             ],
             "severity": "Medium",
             "subcategory": "Active Directory",
@@ -19914,8 +19914,8 @@
             "guid": "347dc560-28a7-41ff-b1cd-15dd2f0d5e77",
             "link": "https://learn.microsoft.com/azure/virtual-desktop/prerequisites?tabs=portal#session-hosts",
             "services": [
-                "VM",
                 "Entra",
+                "VM",
                 "AVD"
             ],
             "severity": "Medium",
@@ -19945,10 +19945,10 @@
             "guid": "2289b3d6-b57c-4fc6-9546-1e1a3e3453a3",
             "link": "https://docs.microsoft.com/azure/storage/files/storage-files-identity-ad-ds-enable",
             "services": [
-                "Storage",
                 "Entra",
                 "AzurePolicy",
-                "AVD"
+                "AVD",
+                "Storage"
             ],
             "severity": "High",
             "subcategory": "Active Directory",
@@ -19977,9 +19977,9 @@
             "guid": "e777fd5e-c5f1-4d6e-8fa9-fc210b88e338",
             "link": "https://learn.microsoft.com/azure/storage/files/storage-files-identity-auth-hybrid-identities-enable",
             "services": [
-                "Storage",
                 "Entra",
-                "AVD"
+                "AVD",
+                "Storage"
             ],
             "severity": "Medium",
             "subcategory": "Microsoft Entra ID",
@@ -19993,9 +19993,9 @@
             "guid": "6ceb5443-5125-4922-9442-93bb628537a5",
             "link": "https://learn.microsoft.com/azure/virtual-desktop/prerequisites?tabs=portal#identity",
             "services": [
-                "VNet",
                 "Subscriptions",
                 "Entra",
+                "VNet",
                 "AVD"
             ],
             "severity": "High",
@@ -20055,8 +20055,8 @@
             "guid": "ea962a15-9394-46da-a7cc-3923266b2258",
             "link": "https://learn.microsoft.com/azure/virtual-desktop/prerequisites?tabs=portal#supported-identity-scenarios",
             "services": [
-                "VM",
                 "Entra",
+                "VM",
                 "AVD"
             ],
             "severity": "High",
@@ -20086,8 +20086,8 @@
             "guid": "5549524b-36c0-4f1a-892b-ab3ca78f5db2",
             "link": "https://learn.microsoft.com/azure/virtual-desktop/administrative-template",
             "services": [
-                "Monitor",
                 "Entra",
+                "Monitor",
                 "AVD"
             ],
             "severity": "Low",
@@ -20133,10 +20133,10 @@
             "guid": "7138b820-102c-4e16-be30-1e6e872e52e3",
             "link": "https://learn.microsoft.com/azure/virtual-desktop/autoscale-scenarios",
             "services": [
+                "Cost",
                 "VM",
                 "Monitor",
-                "AVD",
-                "Cost"
+                "AVD"
             ],
             "severity": "Medium",
             "subcategory": "Management",
@@ -20150,10 +20150,10 @@
             "guid": "55f612fe-f215-4f0d-a956-10e7dd96bcbc",
             "link": "https://learn.microsoft.com/azure/virtual-desktop/start-virtual-machine-connect",
             "services": [
+                "Cost",
                 "VM",
                 "Monitor",
-                "AVD",
-                "Cost"
+                "AVD"
             ],
             "severity": "Low",
             "subcategory": "Management",
@@ -20167,11 +20167,11 @@
             "guid": "79a686ea-d971-4ea0-a9a8-1aea074c94cb",
             "link": "https://learn.microsoft.com/azure/virtual-desktop/start-virtual-machine-connect-faq#are-vms-automatically-deallocated-when-a-user-stops-using-them",
             "services": [
-                "Monitor",
-                "AVD",
-                "VM",
+                "AzurePolicy",
                 "Cost",
-                "AzurePolicy"
+                "VM",
+                "AVD",
+                "Monitor"
             ],
             "severity": "Low",
             "subcategory": "Management",
@@ -20186,13 +20186,13 @@
             "link": "https://learn.microsoft.com/azure/virtual-desktop/tag-virtual-desktop-resources",
             "services": [
                 "VWAN",
-                "Storage",
-                "Monitor",
-                "AVD",
-                "VPN",
-                "ExpressRoute",
                 "DNS",
-                "Cost"
+                "Cost",
+                "ExpressRoute",
+                "VPN",
+                "AVD",
+                "Monitor",
+                "Storage"
             ],
             "severity": "Low",
             "subcategory": "Management",
@@ -20207,8 +20207,8 @@
             "link": "https://learn.microsoft.com/azure/virtual-desktop/azure-advisor-recommendations",
             "services": [
                 "Cost",
-                "Monitor",
                 "Entra",
+                "Monitor",
                 "AVD"
             ],
             "severity": "Low",
@@ -20332,9 +20332,9 @@
             "guid": "2463cffe-179c-4599-be0d-5973dd4ce32c",
             "link": "https://docs.microsoft.com/azure/storage/files/storage-files-monitoring?tabs=azure-portal",
             "services": [
-                "Storage",
                 "Monitor",
-                "AVD"
+                "AVD",
+                "Storage"
             ],
             "severity": "Medium",
             "subcategory": "Monitoring",
@@ -20363,10 +20363,10 @@
             "guid": "dd399cfd-7b28-4dc8-9555-6202bfe4563b",
             "link": "https://docs.microsoft.com/azure/architecture/reference-architectures/hybrid-networking/",
             "services": [
-                "ExpressRoute",
                 "NVA",
-                "AVD",
-                "VPN"
+                "ExpressRoute",
+                "VPN",
+                "AVD"
             ],
             "severity": "Medium",
             "subcategory": "Networking",
@@ -20380,8 +20380,8 @@
             "guid": "c8639648-a652-4d6c-85e5-02965388e5de",
             "link": "https://learn.microsoft.com/azure/cloud-adoption-framework/scenarios/wvd/eslz-network-topology-and-connectivity",
             "services": [
-                "VNet",
                 "VWAN",
+                "VNet",
                 "AVD"
             ],
             "severity": "Medium",
@@ -20396,8 +20396,8 @@
             "guid": "d227dd14-2b06-4c21-a799-9a646f4389a7",
             "link": "https://docs.microsoft.com/azure/architecture/reference-architectures/hybrid-networking/",
             "services": [
-                "AVD",
-                "VPN"
+                "VPN",
+                "AVD"
             ],
             "severity": "Medium",
             "subcategory": "Networking",
@@ -20411,10 +20411,10 @@
             "guid": "fc4972cd-3cd2-41bf-9703-6e5e6b4bed3d",
             "link": "https://docs.microsoft.com/azure/firewall/protect-windows-virtual-desktop",
             "services": [
-                "VNet",
                 "NVA",
-                "AVD",
-                "Firewall"
+                "Firewall",
+                "VNet",
+                "AVD"
             ],
             "severity": "Medium",
             "subcategory": "Networking",
@@ -20457,10 +20457,10 @@
             "guid": "523181a9-4174-4158-93ff-7ae7c6d37431",
             "link": "https://docs.microsoft.com/azure/firewall/protect-windows-virtual-desktop",
             "services": [
-                "VNet",
                 "NVA",
-                "AVD",
-                "Firewall"
+                "Firewall",
+                "VNet",
+                "AVD"
             ],
             "severity": "Low",
             "subcategory": "Networking",
@@ -20504,11 +20504,11 @@
             "guid": "ec27d589-9178-426d-8df2-ff60020f30a6",
             "link": "https://learn.microsoft.com/azure/storage/files/storage-files-networking-endpoints",
             "services": [
+                "PrivateLink",
+                "Cost",
                 "VNet",
-                "Storage",
                 "AVD",
-                "Cost",
-                "PrivateLink"
+                "Storage"
             ],
             "severity": "Medium",
             "subcategory": "Networking",
@@ -20522,8 +20522,8 @@
             "guid": "b2074747-d01a-4f61-b1aa-92ad793d9ff4",
             "link": "https://docs.microsoft.com/azure/virtual-desktop/shortpath",
             "services": [
-                "AVD",
-                "VPN"
+                "VPN",
+                "AVD"
             ],
             "severity": "Medium",
             "subcategory": "Networking",
@@ -20685,12 +20685,12 @@
             "guid": "1814387e-5ca9-4c26-a9b3-2ab5bdfc6998",
             "link": "https://learn.microsoft.com/azure/virtual-desktop/security-guide#enable-microsoft-defender-for-cloud",
             "services": [
-                "Storage",
                 "AKV",
+                "Defender",
                 "Subscriptions",
-                "AVD",
                 "VM",
-                "Defender"
+                "AVD",
+                "Storage"
             ],
             "severity": "Medium",
             "subcategory": "Management",
@@ -20704,8 +20704,8 @@
             "guid": "a0916a76-4980-4ad0-b278-ee293c1bc352",
             "link": "https://learn.microsoft.com/azure/virtual-desktop/security-guide#collect-audit-logs",
             "services": [
-                "Monitor",
                 "Entra",
+                "Monitor",
                 "AVD"
             ],
             "severity": "Medium",
@@ -20720,8 +20720,8 @@
             "guid": "baaab757-1849-4ab8-893d-c9fc9d1bb73b",
             "link": "https://docs.microsoft.com/azure/virtual-desktop/rbac",
             "services": [
-                "RBAC",
                 "Entra",
+                "RBAC",
                 "AVD"
             ],
             "severity": "Low",
@@ -20780,8 +20780,8 @@
             "guid": "9164e990-9ae2-48c8-9c33-b6b7808bafe6",
             "link": "https://learn.microsoft.com/azure/virtual-desktop/fslogix-containers-azure-files#best-practices-for-azure-virtual-desktop",
             "services": [
-                "Storage",
-                "AVD"
+                "AVD",
+                "Storage"
             ],
             "severity": "Medium",
             "subcategory": "Azure Files",
@@ -20796,9 +20796,9 @@
             "link": "https://learn.microsoft.com/azure/storage/files/storage-files-smb-multichannel-performance",
             "services": [
                 "Cost",
-                "Storage",
                 "ACR",
-                "AVD"
+                "AVD",
+                "Storage"
             ],
             "severity": "Low",
             "subcategory": "Azure Files",
@@ -20812,8 +20812,8 @@
             "guid": "4a359836-ee79-4d6c-9d3a-364a5b7abae3",
             "link": "https://azure.microsoft.com/global-infrastructure/services/",
             "services": [
-                "Storage",
-                "AVD"
+                "AVD",
+                "Storage"
             ],
             "severity": "Medium",
             "subcategory": "Azure NetApp Files",
@@ -20827,8 +20827,8 @@
             "guid": "a2661898-866a-4c8d-9d1f-8cfc86e88024",
             "link": "https://learn.microsoft.com/azure/virtual-desktop/create-fslogix-profile-container",
             "services": [
-                "Storage",
-                "AVD"
+                "AVD",
+                "Storage"
             ],
             "severity": "Medium",
             "subcategory": "Azure NetApp Files",
@@ -20843,8 +20843,8 @@
             "link": "https://docs.microsoft.com/azure/azure-netapp-files/create-active-directory-connections",
             "services": [
                 "VNet",
-                "Storage",
-                "AVD"
+                "AVD",
+                "Storage"
             ],
             "severity": "High",
             "subcategory": "Azure NetApp Files",
@@ -20858,8 +20858,8 @@
             "guid": "3611c818-b0a0-4bc5-80e4-3a18a9cd289c",
             "link": "https://docs.microsoft.com/azure/virtual-machines/disks-types",
             "services": [
-                "Storage",
-                "AVD"
+                "AVD",
+                "Storage"
             ],
             "severity": "Medium",
             "subcategory": "Capacity Planning",
@@ -20874,8 +20874,8 @@
             "link": "https://docs.microsoft.com/azure/virtual-desktop/store-fslogix-profile",
             "services": [
                 "VM",
-                "Storage",
-                "AVD"
+                "AVD",
+                "Storage"
             ],
             "severity": "High",
             "subcategory": "Capacity Planning",
@@ -20889,8 +20889,8 @@
             "guid": "2fad62bd-5004-453c-ace4-64d862e7f5a4",
             "link": "https://learn.microsoft.com/azure/virtual-desktop/store-fslogix-profile",
             "services": [
-                "Storage",
-                "AVD"
+                "AVD",
+                "Storage"
             ],
             "severity": "High",
             "subcategory": "Capacity Planning",
@@ -20904,8 +20904,8 @@
             "guid": "680e7828-9c93-4665-9d02-bff4564b0d93",
             "link": "https://learn.microsoft.com/azure/virtual-desktop/faq#what-s-the-largest-profile-size-fslogix-can-handle-",
             "services": [
-                "Storage",
-                "AVD"
+                "AVD",
+                "Storage"
             ],
             "severity": "High",
             "subcategory": "Capacity Planning",
@@ -20920,8 +20920,8 @@
             "link": "https://docs.microsoft.com/azure/virtual-desktop/fslogix-containers-azure-files",
             "services": [
                 "Cost",
-                "Storage",
-                "AVD"
+                "AVD",
+                "Storage"
             ],
             "severity": "High",
             "subcategory": "Capacity Planning",
@@ -20936,8 +20936,8 @@
             "link": "https://learn.microsoft.com/fslogix/concepts-container-types#when-to-use-profile-and-odfc-containers",
             "services": [
                 "ASR",
-                "Storage",
-                "AVD"
+                "AVD",
+                "Storage"
             ],
             "severity": "High",
             "subcategory": "FSLogix",
@@ -20951,8 +20951,8 @@
             "guid": "83f63047-22ee-479d-9b5c-3632054b69ba",
             "link": "https://learn.microsoft.com/fslogix/overview-prerequisites#configure-antivirus-file-and-folder-exclusions",
             "services": [
-                "Storage",
-                "AVD"
+                "AVD",
+                "Storage"
             ],
             "severity": "Medium",
             "subcategory": "FSLogix",
@@ -20966,8 +20966,8 @@
             "guid": "01e6a84d-e5df-443d-8992-481718d5d1e5",
             "link": "https://docs.microsoft.com/fslogix/profile-container-configuration-reference",
             "services": [
-                "Storage",
-                "AVD"
+                "AVD",
+                "Storage"
             ],
             "severity": "High",
             "subcategory": "FSLogix",
@@ -20998,8 +20998,8 @@
             "guid": "5e985b85-9c77-43e7-b261-623b775a917e",
             "link": "https://learn.microsoft.com/fslogix/concepts-multi-concurrent-connections",
             "services": [
-                "Storage",
-                "AVD"
+                "AVD",
+                "Storage"
             ],
             "severity": "High",
             "subcategory": "FSLogix",
@@ -21014,8 +21014,8 @@
             "link": "https://docs.microsoft.com/fslogix/cloud-cache-configuration-reference",
             "services": [
                 "VM",
-                "Storage",
-                "AVD"
+                "AVD",
+                "Storage"
             ],
             "severity": "Low",
             "subcategory": "FSLogix",
@@ -21029,8 +21029,8 @@
             "guid": "0b50ca97-b1d2-473c-b4d9-6e98b0f912de",
             "link": "https://docs.microsoft.com/fslogix/manage-profile-content-cncpt#redirectionsxml",
             "services": [
-                "Storage",
-                "AVD"
+                "AVD",
+                "Storage"
             ],
             "severity": "Medium",
             "subcategory": "FSLogix",
@@ -21100,8 +21100,8 @@
             "link": "https://azure.microsoft.com/blog/setting-up-active-directory-for-a-disaster-recovery-environment-2/",
             "service": "Windows AD",
             "services": [
-                "VM",
-                "Entra"
+                "Entra",
+                "VM"
             ],
             "severity": "Medium",
             "subcategory": "Windows Server AD",
@@ -21214,8 +21214,8 @@
             "link": "https://learn.microsoft.com/azure/cosmos-db/high-availability#multiple-write-regions",
             "service": "CosmosDB",
             "services": [
-                "ACR",
-                "CosmosDB"
+                "CosmosDB",
+                "ACR"
             ],
             "severity": "Medium",
             "subcategory": "High Availability",
@@ -21230,8 +21230,8 @@
             "link": "https://learn.microsoft.com/azure/cosmos-db/high-availability#slas",
             "service": "CosmosDB",
             "services": [
-                "ACR",
-                "CosmosDB"
+                "CosmosDB",
+                "ACR"
             ],
             "severity": "Medium",
             "subcategory": "High Availability",
@@ -21277,8 +21277,8 @@
             "service": "CosmosDB",
             "services": [
                 "Backup",
-                "Storage",
-                "CosmosDB"
+                "CosmosDB",
+                "Storage"
             ],
             "severity": "Medium",
             "subcategory": "Backup Strategy",
@@ -21373,8 +21373,8 @@
             "service": "SAP",
             "services": [
                 "ASR",
-                "SAP",
-                "Backup"
+                "Backup",
+                "SAP"
             ],
             "severity": "Medium",
             "subcategory": "Disaster recovery",
@@ -21388,11 +21388,11 @@
             "link": "https://learn.microsoft.com/azure/reliability/cross-region-replication-azure",
             "service": "SAP",
             "services": [
-                "Storage",
+                "SQL",
+                "Backup",
                 "SAP",
                 "ASR",
-                "Backup",
-                "SQL"
+                "Storage"
             ],
             "severity": "High",
             "subcategory": "Disaster recovery",
@@ -21423,9 +21423,9 @@
             "link": "https://learn.microsoft.com/azure/expressroute/designing-for-disaster-recovery-with-expressroute-privatepeering",
             "service": "SAP",
             "services": [
-                "ExpressRoute",
                 "ASR",
                 "SAP",
+                "ExpressRoute",
                 "VPN"
             ],
             "severity": "High",
@@ -21458,9 +21458,9 @@
             "link": "https://learn.microsoft.com/azure/architecture/guide/sap/sap-s4hana",
             "service": "SAP",
             "services": [
-                "VNet",
                 "ASR",
-                "SAP"
+                "SAP",
+                "VNet"
             ],
             "severity": "Medium",
             "subcategory": "Disaster recovery",
@@ -21507,9 +21507,9 @@
             "link": "https://learn.microsoft.com/ja-jp/azure/virtual-network/virtual-networks-faq",
             "service": "SAP",
             "services": [
-                "VNet",
                 "ASR",
-                "SAP"
+                "SAP",
+                "VNet"
             ],
             "severity": "High",
             "subcategory": "Disaster recovery",
@@ -21675,9 +21675,9 @@
             "service": "SAP",
             "services": [
                 "VM",
-                "ASR",
+                "Entra",
                 "SAP",
-                "Entra"
+                "ASR"
             ],
             "severity": "High",
             "subcategory": "High availability",
@@ -21691,11 +21691,11 @@
             "link": "https://learn.microsoft.com/azure/virtual-machines/availability-set-overview",
             "service": "SAP",
             "services": [
-                "VM",
+                "Entra",
                 "SAP",
                 "RBAC",
                 "ASR",
-                "Entra"
+                "VM"
             ],
             "severity": "High",
             "subcategory": "High availability",
@@ -21744,8 +21744,8 @@
             "service": "SAP",
             "services": [
                 "ASR",
-                "SAP",
-                "Entra"
+                "Entra",
+                "SAP"
             ],
             "severity": "High",
             "subcategory": "High availability",
@@ -21776,8 +21776,8 @@
             "service": "SAP",
             "services": [
                 "ASR",
-                "SAP",
-                "Entra"
+                "Entra",
+                "SAP"
             ],
             "severity": "High",
             "subcategory": "High availability",
@@ -21793,9 +21793,9 @@
             "service": "SAP",
             "services": [
                 "VM",
-                "ASR",
+                "Entra",
                 "SAP",
-                "Entra"
+                "ASR"
             ],
             "severity": "Medium",
             "subcategory": "High availability",
@@ -21910,8 +21910,8 @@
             "link": "https://techcommunity.microsoft.com/t5/running-sap-applications-on-the/optimize-your-azure-costs-by-automating-sap-system-start-stop/ba-p/2120675",
             "service": "SAP",
             "services": [
-                "Cost",
-                "SAP"
+                "SAP",
+                "Cost"
             ],
             "severity": "Medium",
             "subcategory": "&nbsp",
@@ -21927,8 +21927,8 @@
             "services": [
                 "VM",
                 "SAP",
-                "Storage",
-                "Cost"
+                "Cost",
+                "Storage"
             ],
             "severity": "Low",
             "subcategory": "&nbsp",
@@ -21944,8 +21944,8 @@
             "services": [
                 "VM",
                 "SAP",
-                "Storage",
-                "Cost"
+                "Cost",
+                "Storage"
             ],
             "severity": "Low",
             "subcategory": "&nbsp",
@@ -21960,8 +21960,8 @@
             "service": "SAP",
             "services": [
                 "Subscriptions",
-                "SAP",
                 "Entra",
+                "SAP",
                 "RBAC"
             ],
             "severity": "High",
@@ -21977,8 +21977,8 @@
             "link": "https://learn.microsoft.com/azure/active-directory/fundamentals/scenario-azure-first-sap-identity-integration",
             "service": "SAP",
             "services": [
-                "SAP",
-                "Entra"
+                "Entra",
+                "SAP"
             ],
             "severity": "Medium",
             "subcategory": "Identity",
@@ -21993,8 +21993,8 @@
             "link": "https://learn.microsoft.com/azure/active-directory/fundamentals/scenario-azure-first-sap-identity-integration",
             "service": "SAP",
             "services": [
-                "SAP",
-                "Entra"
+                "Entra",
+                "SAP"
             ],
             "severity": "Medium",
             "subcategory": "Identity",
@@ -22008,8 +22008,8 @@
             "link": "https://learn.microsoft.com/azure/active-directory/saas-apps/sap-netweaver-tutorial",
             "service": "SAP",
             "services": [
-                "SAP",
-                "Entra"
+                "Entra",
+                "SAP"
             ],
             "severity": "Medium",
             "subcategory": "Identity",
@@ -22023,8 +22023,8 @@
             "guid": "9eb54dad-7861-4e1c-973a-f3bb003fc9c1",
             "service": "SAP",
             "services": [
-                "SAP",
-                "Entra"
+                "Entra",
+                "SAP"
             ],
             "severity": "Medium",
             "subcategory": "Identity",
@@ -22039,8 +22039,8 @@
             "link": "https://learn.microsoft.com/azure/active-directory/saas-apps/sap-netweaver-tutorial",
             "service": "SAP",
             "services": [
-                "SAP",
-                "Entra"
+                "Entra",
+                "SAP"
             ],
             "severity": "Medium",
             "subcategory": "Identity",
@@ -22054,8 +22054,8 @@
             "guid": "23181aa4-1742-4694-9ff8-ae7d7d474317",
             "service": "SAP",
             "services": [
-                "SAP",
                 "Entra",
+                "SAP",
                 "AKV"
             ],
             "severity": "Medium",
@@ -22071,8 +22071,8 @@
             "link": "https://blogs.sap.com/2017/07/12/sap-single-sign-on-protect-your-sap-landscape-with-x.509-certificates/",
             "service": "SAP",
             "services": [
-                "SAP",
                 "Entra",
+                "SAP",
                 "AKV"
             ],
             "severity": "Medium",
@@ -22087,8 +22087,8 @@
             "link": "https://learn.microsoft.com/azure/active-directory/saas-apps/sap-netweaver-tutorial#configure-sap-netweaver-for-oauth",
             "service": "SAP",
             "services": [
-                "SAP",
-                "Entra"
+                "Entra",
+                "SAP"
             ],
             "severity": "Medium",
             "subcategory": "Identity",
@@ -22102,8 +22102,8 @@
             "link": "https://learn.microsoft.com/azure/active-directory/saas-apps/saphana-tutorial",
             "service": "SAP",
             "services": [
-                "SAP",
-                "Entra"
+                "Entra",
+                "SAP"
             ],
             "severity": "Medium",
             "subcategory": "Identity",
@@ -22117,8 +22117,8 @@
             "link": "https://learn.microsoft.com/azure/sap/workloads/rise-integration#connectivity-with-sap-rise",
             "service": "SAP",
             "services": [
-                "SAP",
-                "Entra"
+                "Entra",
+                "SAP"
             ],
             "severity": "Medium",
             "subcategory": "Identity",
@@ -22132,8 +22132,8 @@
             "link": "https://github.com/azuredevcollege/SAP/blob/master/sap-oauth-saml-flow/README.md",
             "service": "SAP",
             "services": [
-                "SAP",
-                "Entra"
+                "Entra",
+                "SAP"
             ],
             "severity": "Medium",
             "subcategory": "Identity",
@@ -22147,8 +22147,8 @@
             "link": "https://learn.microsoft.com/azure/active-directory/saas-apps/sap-hana-cloud-platform-identity-authentication-tutorial",
             "service": "SAP",
             "services": [
-                "SAP",
-                "Entra"
+                "Entra",
+                "SAP"
             ],
             "severity": "Medium",
             "subcategory": "Identity",
@@ -22162,8 +22162,8 @@
             "link": "https://learn.microsoft.com/azure/active-directory/saas-apps/sap-hana-cloud-platform-tutorial",
             "service": "SAP",
             "services": [
-                "SAP",
-                "Entra"
+                "Entra",
+                "SAP"
             ],
             "severity": "Medium",
             "subcategory": "Identity",
@@ -22177,8 +22177,8 @@
             "link": "https://learn.microsoft.com/azure/active-directory/saas-apps/sap-successfactors-inbound-provisioning-cloud-only-tutorial",
             "service": "SAP",
             "services": [
-                "SAP",
-                "Entra"
+                "Entra",
+                "SAP"
             ],
             "severity": "Medium",
             "subcategory": "Identity",
@@ -22241,9 +22241,9 @@
             "link": "https://learn.microsoft.com/azure/quotas/quotas-overview",
             "service": "SAP",
             "services": [
-                "VM",
                 "Subscriptions",
-                "SAP"
+                "SAP",
+                "VM"
             ],
             "severity": "High",
             "subcategory": "Subscriptions",
@@ -22273,9 +22273,9 @@
             "link": "https://learn.microsoft.com/azure/quotas/quickstart-increase-quota-portal",
             "service": "SAP",
             "services": [
-                "VM",
                 "Subscriptions",
-                "SAP"
+                "SAP",
+                "VM"
             ],
             "severity": "High",
             "subcategory": "Subscriptions",
@@ -22305,10 +22305,10 @@
             "link": "https://learn.microsoft.com/azure/cloud-adoption-framework/scenarios/sap/eslz-resource-organization",
             "service": "SAP",
             "services": [
-                "Cost",
-                "Subscriptions",
+                "TrafficManager",
                 "SAP",
-                "TrafficManager"
+                "Subscriptions",
+                "Cost"
             ],
             "severity": "Medium",
             "subcategory": "Subscriptions",
@@ -22323,9 +22323,9 @@
             "link": "https://learn.microsoft.com/azure/backup/sap-hana-database-about",
             "service": "SAP",
             "services": [
+                "Backup",
                 "SAP",
-                "Monitor",
-                "Backup"
+                "Monitor"
             ],
             "severity": "High",
             "subcategory": "BCDR",
@@ -22340,11 +22340,11 @@
             "link": "https://learn.microsoft.com/azure/azure-netapp-files/azacsnap-introduction",
             "service": "SAP",
             "services": [
-                "Storage",
-                "Monitor",
-                "VM",
+                "Entra",
                 "SAP",
-                "Entra"
+                "VM",
+                "Monitor",
+                "Storage"
             ],
             "severity": "Medium",
             "subcategory": "BCDR",
@@ -22373,9 +22373,9 @@
             "link": "https://learn.microsoft.com/azure/sap/workloads/high-availability-guide-rhel-multi-sid",
             "service": "SAP",
             "services": [
+                "Entra",
                 "SAP",
-                "Monitor",
-                "Entra"
+                "Monitor"
             ],
             "severity": "Medium",
             "subcategory": "Management",
@@ -22390,9 +22390,9 @@
             "link": "https://azure.microsoft.com/pricing/offers/dev-test/",
             "service": "SAP",
             "services": [
-                "Cost",
                 "SAP",
-                "Monitor"
+                "Monitor",
+                "Cost"
             ],
             "severity": "Low",
             "subcategory": "Management",
@@ -22406,9 +22406,9 @@
             "link": "https://learn.microsoft.com/azure/lighthouse/overview",
             "service": "SAP",
             "services": [
+                "Entra",
                 "SAP",
-                "Monitor",
-                "Entra"
+                "Monitor"
             ],
             "severity": "Medium",
             "subcategory": "Management",
@@ -22456,8 +22456,8 @@
             "service": "SAP",
             "services": [
                 "SAP",
-                "Monitor",
-                "SQL"
+                "SQL",
+                "Monitor"
             ],
             "severity": "Medium",
             "subcategory": "Monitoring",
@@ -22473,9 +22473,9 @@
             "service": "SAP",
             "services": [
                 "VM",
+                "Entra",
                 "SAP",
-                "Monitor",
-                "Entra"
+                "Monitor"
             ],
             "severity": "High",
             "subcategory": "Monitoring",
@@ -22491,8 +22491,8 @@
             "service": "SAP",
             "services": [
                 "SAP",
-                "Monitor",
-                "AzurePolicy"
+                "AzurePolicy",
+                "Monitor"
             ],
             "severity": "Medium",
             "subcategory": "Monitoring",
@@ -22575,8 +22575,8 @@
             "link": "https://learn.microsoft.com/azure/sentinel/sap/deployment-overview",
             "service": "SAP",
             "services": [
-                "Sentinel",
                 "SAP",
+                "Sentinel",
                 "Monitor"
             ],
             "severity": "Medium",
@@ -22592,9 +22592,9 @@
             "link": "https://learn.microsoft.com/azure/cost-management-billing/costs/enable-tag-inheritance",
             "service": "SAP",
             "services": [
-                "Cost",
                 "SAP",
-                "Monitor"
+                "Monitor",
+                "Cost"
             ],
             "severity": "Medium",
             "subcategory": "Monitoring",
@@ -22691,8 +22691,8 @@
             "service": "SAP",
             "services": [
                 "SAP",
-                "Monitor",
-                "SQL"
+                "SQL",
+                "Monitor"
             ],
             "severity": "Medium",
             "subcategory": "Performance",
@@ -22725,9 +22725,9 @@
             "service": "SAP",
             "services": [
                 "WAF",
-                "AppGW",
                 "SAP",
-                "AzurePolicy"
+                "AzurePolicy",
+                "AppGW"
             ],
             "severity": "Medium",
             "subcategory": "App delivery",
@@ -22743,8 +22743,8 @@
             "service": "SAP",
             "services": [
                 "VM",
-                "DNS",
-                "SAP"
+                "SAP",
+                "DNS"
             ],
             "severity": "Medium",
             "subcategory": "DNS",
@@ -22759,9 +22759,9 @@
             "link": "https://learn.microsoft.com/azure/cloud-adoption-framework/scenarios/sap/eslz-network-topology-and-connectivity",
             "service": "SAP",
             "services": [
+                "SAP",
                 "VNet",
-                "DNS",
-                "SAP"
+                "DNS"
             ],
             "severity": "Medium",
             "subcategory": "DNS",
@@ -22776,8 +22776,8 @@
             "link": "https://learn.microsoft.com/azure/virtual-network/virtual-network-peering-overview",
             "service": "SAP",
             "services": [
-                "VNet",
                 "SAP",
+                "VNet",
                 "ACR"
             ],
             "severity": "Medium",
@@ -22793,8 +22793,8 @@
             "link": "https://learn.microsoft.com/azure/sap/workloads/planning-guide",
             "service": "SAP",
             "services": [
-                "SAP",
-                "NVA"
+                "NVA",
+                "SAP"
             ],
             "severity": "High",
             "subcategory": "Hybrid",
@@ -22826,9 +22826,9 @@
             "link": "https://learn.microsoft.com/azure/well-architected/services/networking/network-virtual-appliances/reliability",
             "service": "SAP",
             "services": [
-                "VNet",
+                "NVA",
                 "SAP",
-                "NVA"
+                "VNet"
             ],
             "severity": "Medium",
             "subcategory": "Hybrid",
@@ -22843,10 +22843,10 @@
             "link": "https://learn.microsoft.com/azure/architecture/networking/hub-spoke-vwan-architecture",
             "service": "SAP",
             "services": [
-                "VNet",
-                "SAP",
                 "NVA",
-                "VWAN"
+                "VWAN",
+                "SAP",
+                "VNet"
             ],
             "severity": "Medium",
             "subcategory": "Hybrid",
@@ -22878,9 +22878,9 @@
             "link": "https://learn.microsoft.com/training/modules/protect-on-premises-infrastructure-with-azure-site-recovery/?source=recommendations",
             "service": "SAP",
             "services": [
-                "VNet",
                 "ASR",
-                "SAP"
+                "SAP",
+                "VNet"
             ],
             "severity": "High",
             "subcategory": "IP plan",
@@ -22895,8 +22895,8 @@
             "link": "https://learn.microsoft.com/azure/cloud-adoption-framework/ready/azure-best-practices/plan-for-ip-addressing",
             "service": "SAP",
             "services": [
-                "VNet",
-                "SAP"
+                "SAP",
+                "VNet"
             ],
             "severity": "High",
             "subcategory": "IP plan",
@@ -22911,8 +22911,8 @@
             "link": "https://learn.microsoft.com/azure/azure-netapp-files/azure-netapp-files-delegate-subnet",
             "service": "SAP",
             "services": [
-                "VNet",
                 "SAP",
+                "VNet",
                 "Storage"
             ],
             "severity": "Medium",
@@ -22928,8 +22928,8 @@
             "link": "https://learn.microsoft.com/azure/well-architected/services/networking/azure-firewall?toc=%2Fazure%2Ffirewall%2Ftoc.json&bc=%2Fazure%2Ffirewall%2Fbreadcrumb%2Ftoc.json",
             "service": "SAP",
             "services": [
-                "SAP",
-                "Firewall"
+                "Firewall",
+                "SAP"
             ],
             "severity": "Medium",
             "subcategory": "Internet",
@@ -22945,8 +22945,8 @@
             "service": "SAP",
             "services": [
                 "WAF",
-                "AppGW",
-                "SAP"
+                "SAP",
+                "AppGW"
             ],
             "severity": "Medium",
             "subcategory": "Internet",
@@ -22961,10 +22961,10 @@
             "link": "https://learn.microsoft.com/azure/web-application-firewall/ag/ag-overview",
             "service": "SAP",
             "services": [
-                "FrontDoor",
-                "WAF",
                 "SAP",
                 "AzurePolicy",
+                "FrontDoor",
+                "WAF",
                 "ACR"
             ],
             "severity": "Medium",
@@ -22980,11 +22980,11 @@
             "link": "https://learn.microsoft.com/azure/web-application-firewall/afds/afds-overview",
             "service": "SAP",
             "services": [
+                "SAP",
+                "AzurePolicy",
                 "FrontDoor",
                 "WAF",
-                "SAP",
-                "AppGW",
-                "AzurePolicy"
+                "AppGW"
             ],
             "severity": "Medium",
             "subcategory": "Internet",
@@ -23000,9 +23000,9 @@
             "service": "SAP",
             "services": [
                 "WAF",
-                "AppGW",
                 "SAP",
-                "LoadBalancer"
+                "LoadBalancer",
+                "AppGW"
             ],
             "severity": "Medium",
             "subcategory": "Internet",
@@ -23034,12 +23034,12 @@
             "link": "https://learn.microsoft.com/azure/virtual-network/vnet-integration-for-azure-services",
             "service": "SAP",
             "services": [
-                "VNet",
-                "Storage",
-                "SAP",
                 "PrivateLink",
+                "SAP",
+                "VNet",
+                "ACR",
                 "Backup",
-                "ACR"
+                "Storage"
             ],
             "severity": "Medium",
             "subcategory": "Internet",
@@ -23103,8 +23103,8 @@
             "link": "https://me.sap.com/notes/2015553",
             "service": "SAP",
             "services": [
-                "VNet",
-                "SAP"
+                "SAP",
+                "VNet"
             ],
             "severity": "High",
             "subcategory": "Segmentation",
@@ -23149,8 +23149,8 @@
             "link": "https://me.sap.com/notes/2015553",
             "service": "SAP",
             "services": [
-                "VNet",
                 "SAP",
+                "VNet",
                 "Cost"
             ],
             "severity": "High",
@@ -23182,8 +23182,8 @@
             "link": "https://learn.microsoft.com/azure/sap/workloads/rise-integration",
             "service": "SAP",
             "services": [
-                "VNet",
-                "SAP"
+                "SAP",
+                "VNet"
             ],
             "severity": "Medium",
             "subcategory": "Segmentation",
@@ -23198,8 +23198,8 @@
             "service": "SAP",
             "services": [
                 "VM",
-                "SAP",
-                "Backup"
+                "Backup",
+                "SAP"
             ],
             "severity": "High",
             "subcategory": "&nbsp",
@@ -23245,8 +23245,8 @@
             "service": "SAP",
             "services": [
                 "VM",
-                "SAP",
-                "Backup"
+                "Backup",
+                "SAP"
             ],
             "severity": "Medium",
             "subcategory": "&nbsp",
@@ -23261,8 +23261,8 @@
             "service": "SAP",
             "services": [
                 "SAP",
-                "Storage",
-                "SQL"
+                "SQL",
+                "Storage"
             ],
             "severity": "Medium",
             "subcategory": "&nbsp",
@@ -23277,8 +23277,8 @@
             "service": "SAP",
             "services": [
                 "VM",
-                "SAP",
-                "Backup"
+                "Backup",
+                "SAP"
             ],
             "severity": "Medium",
             "subcategory": "&nbsp",
@@ -23349,8 +23349,8 @@
             "service": "SAP",
             "services": [
                 "SAP",
-                "Monitor",
-                "SQL"
+                "SQL",
+                "Monitor"
             ],
             "severity": "Medium",
             "subcategory": "&nbsp",
@@ -23471,11 +23471,11 @@
             "link": "https://learn.microsoft.com/azure/cloud-adoption-framework/scenarios/sap/eslz-security-governance-and-compliance",
             "service": "SAP",
             "services": [
-                "Storage",
+                "SQL",
                 "AKV",
                 "SAP",
                 "Backup",
-                "SQL"
+                "Storage"
             ],
             "severity": "High",
             "subcategory": "Secrets",
@@ -23490,9 +23490,9 @@
             "link": "https://learn.microsoft.com/azure/storage/common/storage-service-encryption",
             "service": "SAP",
             "services": [
+                "AKV",
                 "SAP",
-                "Storage",
-                "AKV"
+                "Storage"
             ],
             "severity": "Medium",
             "subcategory": "Secrets",
@@ -23524,10 +23524,10 @@
             "service": "SAP",
             "services": [
                 "AKV",
-                "Subscriptions",
                 "SAP",
                 "RBAC",
-                "AzurePolicy"
+                "AzurePolicy",
+                "Subscriptions"
             ],
             "severity": "Medium",
             "subcategory": "Secrets",
@@ -23559,10 +23559,10 @@
             "link": "https://learn.microsoft.com/azure/role-based-access-control/security-controls-policy",
             "service": "SAP",
             "services": [
+                "AKV",
                 "SAP",
-                "AzurePolicy",
                 "RBAC",
-                "AKV"
+                "AzurePolicy"
             ],
             "severity": "High",
             "subcategory": "Secrets",
@@ -23577,10 +23577,10 @@
             "link": "https://learn.microsoft.com/azure/cloud-adoption-framework/scenarios/sap/eslz-security-governance-and-compliance",
             "service": "SAP",
             "services": [
-                "Storage",
-                "SAP",
                 "Defender",
-                "AKV"
+                "AKV",
+                "SAP",
+                "Storage"
             ],
             "severity": "High",
             "subcategory": "Secrets",
@@ -23694,8 +23694,8 @@
             "link": "https://blogs.sap.com/2019/07/21/sap-security-operations-on-azure/",
             "service": "SAP",
             "services": [
-                "SAP",
                 "NVA",
+                "SAP",
                 "PrivateLink"
             ],
             "severity": "High",
@@ -23728,8 +23728,8 @@
             "link": "https://learn.microsoft.com/microsoft-365/security/defender-endpoint/microsoft-defender-endpoint?view=o365-worldwide",
             "service": "SAP",
             "services": [
-                "SAP",
-                "Defender"
+                "Defender",
+                "SAP"
             ],
             "severity": "Low",
             "subcategory": "Security",
@@ -23744,8 +23744,8 @@
             "link": "https://learn.microsoft.com/azure/architecture/guide/sap/sap-whole-landscape",
             "service": "SAP",
             "services": [
-                "VNet",
-                "SAP"
+                "SAP",
+                "VNet"
             ],
             "severity": "High",
             "subcategory": "Security",
@@ -23861,8 +23861,8 @@
             "guid": "aa359271-8e6e-4205-8725-769e46691e88",
             "link": "https://learn.microsoft.com/azure/azure-arc/servers/prerequisites#azure-subscription-and-service-limits",
             "services": [
-                "Arc",
-                "Entra"
+                "Entra",
+                "Arc"
             ],
             "severity": "Medium",
             "subcategory": "Capacity Planning",
@@ -23961,9 +23961,9 @@
             "guid": "9bf39d95-d44c-47c8-a19c-a1f6d5215ae5",
             "link": "https://learn.microsoft.com/azure/azure-arc/servers/security-overview#identity-and-access-control",
             "services": [
-                "Arc",
                 "Entra",
-                "RBAC"
+                "RBAC",
+                "Arc"
             ],
             "severity": "Medium",
             "subcategory": "Access",
@@ -23976,9 +23976,9 @@
             "guid": "14ba34d4-585e-4111-89bd-7ba012f7b94e",
             "link": "https://learn.microsoft.com/azure/active-directory/managed-identities-azure-resources/tutorial-windows-vm-access-nonaad",
             "services": [
-                "Arc",
                 "Entra",
-                "AKV"
+                "AKV",
+                "Arc"
             ],
             "severity": "Low",
             "subcategory": "Access",
@@ -23993,8 +23993,8 @@
             "link": "https://learn.microsoft.com/azure/azure-arc/servers/prerequisites#azure-subscription-and-service-limits",
             "services": [
                 "Subscriptions",
-                "Arc",
-                "Entra"
+                "Entra",
+                "Arc"
             ],
             "severity": "High",
             "subcategory": "Requirements",
@@ -24008,9 +24008,9 @@
             "guid": "33ee7ad6-c6d3-4733-865c-7acbe44bbe60",
             "link": "https://learn.microsoft.com/azure/azure-arc/servers/prerequisites#required-permissions",
             "services": [
+                "Entra",
                 "RBAC",
-                "Arc",
-                "Entra"
+                "Arc"
             ],
             "severity": "Medium",
             "subcategory": "Requirements",
@@ -24024,9 +24024,9 @@
             "guid": "9d79f2e8-7778-4424-a516-775c6fa95b96",
             "link": "https://learn.microsoft.com/azure/azure-arc/servers/onboard-service-principal#create-a-service-principal-for-onboarding-at-scale",
             "services": [
+                "Entra",
                 "RBAC",
-                "Arc",
-                "Entra"
+                "Arc"
             ],
             "severity": "Medium",
             "subcategory": "Security",
@@ -24040,9 +24040,9 @@
             "guid": "ad88408e-3727-434b-a76b-a28f21459013",
             "link": "https://learn.microsoft.com/azure/azure-arc/servers/onboard-service-principal#create-a-service-principal-for-onboarding-at-scale",
             "services": [
+                "Entra",
                 "RBAC",
-                "Arc",
-                "Entra"
+                "Arc"
             ],
             "severity": "Medium",
             "subcategory": "Security",
@@ -24056,9 +24056,9 @@
             "guid": "65d38e53-f9cc-4bd8-9826-6abca264f9a1",
             "link": "https://learn.microsoft.com/azure/azure-arc/servers/prerequisites#required-permissions",
             "services": [
+                "Entra",
                 "RBAC",
-                "Arc",
-                "Entra"
+                "Arc"
             ],
             "severity": "Medium",
             "subcategory": "Security",
@@ -24072,8 +24072,8 @@
             "guid": "6ee79d6b-5c2a-4364-a4b6-9bad38aad53c",
             "link": "https://learn.microsoft.com/azure/azure-arc/servers/plan-at-scale-deployment",
             "services": [
-                "Arc",
-                "Monitor"
+                "Monitor",
+                "Arc"
             ],
             "severity": "Medium",
             "subcategory": "Management",
@@ -24087,8 +24087,8 @@
             "guid": "c78e1d76-6673-457c-9496-74c5ed85b859",
             "link": "https://learn.microsoft.com/azure/azure-arc/servers/manage-agent#upgrade-the-agent",
             "services": [
-                "Arc",
-                "Monitor"
+                "Monitor",
+                "Arc"
             ],
             "severity": "High",
             "subcategory": "Management",
@@ -24102,9 +24102,9 @@
             "guid": "c7733be2-a1a2-47b7-95a9-1be1f388ff39",
             "link": "https://learn.microsoft.com/azure/azure-arc/servers/manage-vm-extensions",
             "services": [
-                "Arc",
+                "AzurePolicy",
                 "Monitor",
-                "AzurePolicy"
+                "Arc"
             ],
             "severity": "Medium",
             "subcategory": "Management",
@@ -24118,8 +24118,8 @@
             "guid": "4c2bd463-cbbb-4c86-a195-abb91a4ed90d",
             "link": "https://learn.microsoft.com/azure/azure-arc/servers/manage-automatic-vm-extension-upgrade?tabs=azure-portal",
             "services": [
-                "Arc",
-                "Monitor"
+                "Monitor",
+                "Arc"
             ],
             "severity": "High",
             "subcategory": "Management",
@@ -24133,8 +24133,8 @@
             "guid": "7a927c39-74d1-4102-aac6-aae01e6a84de",
             "link": "https://learn.microsoft.com/azure/automanage/automanage-arc",
             "services": [
-                "Arc",
-                "Monitor"
+                "Monitor",
+                "Arc"
             ],
             "severity": "Medium",
             "subcategory": "Management",
@@ -24147,8 +24147,8 @@
             "guid": "37b6b780-cbaf-4e6c-9658-9d457a927c39",
             "link": "https://learn.microsoft.com/azure/azure-arc/servers/plan-at-scale-deployment#phase-3-manage-and-operate",
             "services": [
-                "Arc",
-                "Monitor"
+                "Monitor",
+                "Arc"
             ],
             "severity": "High",
             "subcategory": "Monitoring",
@@ -24161,8 +24161,8 @@
             "guid": "74d1102c-ac6a-4ae0-8e6a-84de5df47d2d",
             "link": "https://learn.microsoft.com/azure/azure-monitor/agents/log-analytics-agent#data-collected",
             "services": [
-                "Arc",
-                "Monitor"
+                "Monitor",
+                "Arc"
             ],
             "severity": "Medium",
             "subcategory": "Monitoring",
@@ -24175,8 +24175,8 @@
             "guid": "92881b1c-d5d1-4e54-a296-59e3958fd782",
             "link": "https://learn.microsoft.com/azure/service-health/resource-health-alert-monitor-guide",
             "services": [
-                "Arc",
-                "Monitor"
+                "Monitor",
+                "Arc"
             ],
             "severity": "Medium",
             "subcategory": "Monitoring",
@@ -24189,8 +24189,8 @@
             "guid": "89c93555-6d02-4bfe-9564-b0d834a34872",
             "link": "https://learn.microsoft.com/azure/azure-arc/servers/learn/tutorial-enable-vm-insights",
             "services": [
-                "Arc",
-                "Monitor"
+                "Monitor",
+                "Arc"
             ],
             "severity": "Medium",
             "subcategory": "Monitoring",
@@ -24203,8 +24203,8 @@
             "guid": "5df47d2d-9288-41b1-ad5d-1e54a29659e3",
             "link": "https://learn.microsoft.com/azure/azure-arc/servers/plan-at-scale-deployment#phase-3-manage-and-operate",
             "services": [
-                "Arc",
-                "Monitor"
+                "Monitor",
+                "Arc"
             ],
             "severity": "Medium",
             "subcategory": "Monitoring",
@@ -24218,8 +24218,8 @@
             "guid": "ae2cc84c-37b6-4b78-8cba-fe6c46589d45",
             "link": "https://learn.microsoft.com/azure/cloud-adoption-framework/manage/hybrid/server/best-practices/arc-update-management",
             "services": [
-                "Arc",
-                "Monitor"
+                "Monitor",
+                "Arc"
             ],
             "severity": "Low",
             "subcategory": "Security",
@@ -24261,10 +24261,10 @@
             "guid": "94174158-33ee-47ad-9c6d-3733165c7acb",
             "link": "https://learn.microsoft.com/azure/azure-arc/servers/private-link-security",
             "services": [
-                "ExpressRoute",
-                "Arc",
                 "PrivateLink",
-                "VPN"
+                "ExpressRoute",
+                "VPN",
+                "Arc"
             ],
             "severity": "Medium",
             "subcategory": "Networking",
@@ -24320,9 +24320,9 @@
             "guid": "a264f9a1-9bf3-49d9-9d44-c7c8919ca1f6",
             "link": "https://learn.microsoft.com/azure/cloud-adoption-framework/scenarios/hybrid/arc-enabled-servers/eslz-arc-servers-connectivity#define-extensions-connectivity-method",
             "services": [
-                "Arc",
                 "PrivateLink",
-                "Monitor"
+                "Monitor",
+                "Arc"
             ],
             "severity": "Low",
             "subcategory": "Networking",
@@ -24335,8 +24335,8 @@
             "guid": "ac6aae01-e6a8-44de-9df4-7d2d92881b1c",
             "link": "https://learn.microsoft.com/azure/governance/policy/",
             "services": [
-                "Arc",
-                "AzurePolicy"
+                "AzurePolicy",
+                "Arc"
             ],
             "severity": "Medium",
             "subcategory": "Management",
@@ -24362,8 +24362,8 @@
             "guid": "667357c4-4967-44c5-bd85-b859c7733be2",
             "link": "https://learn.microsoft.com/azure/governance/machine-configuration/machine-configuration-create",
             "services": [
-                "Arc",
-                "AzurePolicy"
+                "AzurePolicy",
+                "Arc"
             ],
             "severity": "Medium",
             "subcategory": "Management",
@@ -24376,8 +24376,8 @@
             "guid": "49674c5e-d85b-4859-a773-3be2a1a27b77",
             "link": "https://learn.microsoft.com/azure/automation/change-tracking/overview",
             "services": [
-                "Arc",
-                "Monitor"
+                "Monitor",
+                "Arc"
             ],
             "severity": "Medium",
             "subcategory": "Monitoring",
@@ -24403,8 +24403,8 @@
             "guid": "195abb91-a4ed-490d-ae2c-c84c37b6b780",
             "link": "https://learn.microsoft.com/azure/key-vault/general/basic-concepts",
             "services": [
-                "Arc",
-                "AKV"
+                "AKV",
+                "Arc"
             ],
             "severity": "Medium",
             "subcategory": "Secrets",
@@ -24418,10 +24418,10 @@
             "guid": "6d02bfe4-564b-40d8-94a3-48726ee79d6b",
             "link": "https://learn.microsoft.com/azure/active-directory/develop/howto-create-service-principal-portal#option-2-create-a-new-application-secret",
             "services": [
-                "Arc",
                 "Entra",
+                "AKV",
                 "Storage",
-                "AKV"
+                "Arc"
             ],
             "severity": "High",
             "subcategory": "Secrets",
@@ -24435,8 +24435,8 @@
             "guid": "a1a27b77-5a91-4be1-b388-ff394c2bd463",
             "link": "https://learn.microsoft.com/azure/azure-arc/servers/security-overview#using-disk-encryption",
             "services": [
-                "Arc",
-                "AKV"
+                "AKV",
+                "Arc"
             ],
             "severity": "Medium",
             "subcategory": "Secrets",
@@ -24477,8 +24477,8 @@
             "guid": "4b69bad3-8aad-453c-a78e-1d76667357c4",
             "link": "https://learn.microsoft.com/azure/azure-arc/servers/managed-identity-authentication",
             "services": [
-                "Arc",
-                "Entra"
+                "Entra",
+                "Arc"
             ],
             "severity": "Medium",
             "subcategory": "Security",
@@ -24492,8 +24492,8 @@
             "guid": "5a91be1f-388f-4f39-9c2b-d463cbbbc868",
             "link": "https://learn.microsoft.com/azure/security-center/security-center-get-started",
             "services": [
-                "Arc",
-                "Defender"
+                "Defender",
+                "Arc"
             ],
             "severity": "Medium",
             "subcategory": "Security",
@@ -24532,9 +24532,9 @@
             "guid": "676f6951-0368-49e9-808d-c33a692c9a64",
             "link": "https://learn.microsoft.com/security/benchmark/azure/baselines/sql-database-security-baseline#br-2-encrypt-backup-data",
             "services": [
-                "AKV",
                 "Backup",
-                "SQL"
+                "SQL",
+                "AKV"
             ],
             "severity": "Medium",
             "subcategory": "Azure Key Vault",
@@ -24549,8 +24549,8 @@
             "link": "https://learn.microsoft.com/security/benchmark/azure/baselines/sql-database-security-baseline#br-1-ensure-regular-automated-backups",
             "services": [
                 "Backup",
-                "Storage",
-                "SQL"
+                "SQL",
+                "Storage"
             ],
             "severity": "Medium",
             "subcategory": "Backup",
@@ -24565,8 +24565,8 @@
             "link": "https://learn.microsoft.com/azure/azure-sql/database/automated-backups-overview?tabs=single-database&view=azuresql#backup-storage-redundancy",
             "services": [
                 "Backup",
-                "Storage",
-                "SQL"
+                "SQL",
+                "Storage"
             ],
             "severity": "Low",
             "subcategory": "Backup",
@@ -24622,8 +24622,8 @@
             "guid": "4e52d73f-5d37-428f-b3a2-e6997e835979",
             "link": "https://learn.microsoft.com/azure/azure-sql/database/threat-detection-configure",
             "services": [
-                "EventHubs",
                 "Defender",
+                "EventHubs",
                 "SQL"
             ],
             "severity": "High",
@@ -24638,9 +24638,9 @@
             "guid": "dff87489-9edb-4cef-bdda-86e8212b2aa1",
             "link": "https://learn.microsoft.com/azure/azure-sql/database/azure-defender-for-sql?view=azuresql#enable-microsoft-defender-for-sql ",
             "services": [
-                "Subscriptions",
                 "Defender",
-                "SQL"
+                "SQL",
+                "Subscriptions"
             ],
             "severity": "High",
             "subcategory": "Defender for Azure SQL",
@@ -24654,9 +24654,9 @@
             "guid": "ca342fdf-d25a-4427-b105-fcd50ff8a0ea",
             "link": "https://learn.microsoft.com/azure/azure-sql/database/threat-detection-configure",
             "services": [
-                "Monitor",
                 "Defender",
-                "SQL"
+                "SQL",
+                "Monitor"
             ],
             "severity": "High",
             "subcategory": "Defender for Azure SQL",
@@ -24670,9 +24670,9 @@
             "guid": "a6101ae7-534c-45ab-86fd-b34c55ea21ca",
             "link": "https://learn.microsoft.com/azure/defender-for-cloud/sql-azure-vulnerability-assessment-overview",
             "services": [
-                "Monitor",
                 "Defender",
-                "SQL"
+                "SQL",
+                "Monitor"
             ],
             "severity": "High",
             "subcategory": "Vulnerability Assessment",
@@ -24716,8 +24716,8 @@
             "link": "https://learn.microsoft.com/azure/azure-sql/database/security-best-practice?view=azuresql#control-access-of-application-users-to-sensitive-data-through-encryption",
             "services": [
                 "AKV",
-                "Storage",
-                "SQL"
+                "SQL",
+                "Storage"
             ],
             "severity": "Low",
             "subcategory": "Column Encryption",
@@ -24732,8 +24732,8 @@
             "link": "https://learn.microsoft.com/azure/azure-sql/database/transparent-data-encryption-byok-create-server",
             "services": [
                 "Backup",
-                "Storage",
-                "SQL"
+                "SQL",
+                "Storage"
             ],
             "severity": "High",
             "subcategory": "Transparent Data Encryption",
@@ -24747,8 +24747,8 @@
             "guid": "2edb4165-4f54-47cc-a891-5c82c2f21e25",
             "link": "https://learn.microsoft.com/azure/azure-sql/database/transparent-data-encryption-byok-overview",
             "services": [
-                "AKV",
-                "SQL"
+                "SQL",
+                "AKV"
             ],
             "severity": "Medium",
             "subcategory": "Transparent Data Encryption",
@@ -24791,9 +24791,9 @@
             "guid": "29820254-1d14-4778-ae90-ff4aeba504a3",
             "link": "https://learn.microsoft.com/azure/azure-sql/database/security-best-practice?view=azuresql#central-management-for-identities",
             "services": [
-                "Monitor",
                 "Entra",
-                "SQL"
+                "SQL",
+                "Monitor"
             ],
             "severity": "Medium",
             "subcategory": "Azure Active Directory",
@@ -24822,11 +24822,11 @@
             "guid": "69891194-5074-4e30-8f69-4efc3c580900",
             "link": "https://learn.microsoft.com/azure/active-directory/managed-identities-azure-resources/overview",
             "services": [
+                "SQL",
                 "AKV",
-                "RBAC",
-                "ACR",
                 "Entra",
-                "SQL"
+                "RBAC",
+                "ACR"
             ],
             "severity": "Low",
             "subcategory": "Managed Identities",
@@ -24855,8 +24855,8 @@
             "guid": "0e853380-50ba-4bce-b2fd-5c7391c85ecc",
             "link": "https://learn.microsoft.com/azure/architecture/guide/technology-choices/multiparty-computing-service#confidential-ledger-and-azure-blob-storage",
             "services": [
-                "Storage",
-                "SQL"
+                "SQL",
+                "Storage"
             ],
             "severity": "Medium",
             "subcategory": "Database Digest",
@@ -24871,8 +24871,8 @@
             "link": "https://learn.microsoft.com/sql/relational-databases/security/ledger/ledger-digest-management",
             "services": [
                 "AzurePolicy",
-                "Storage",
-                "SQL"
+                "SQL",
+                "Storage"
             ],
             "severity": "Medium",
             "subcategory": "Database Digest",
@@ -24886,8 +24886,8 @@
             "guid": "f8d4ffda-8aac-4cc6-b72b-c81cb8625420",
             "link": "https://learn.microsoft.com/sql/relational-databases/security/ledger/ledger-database-verification",
             "services": [
-                "Storage",
-                "SQL"
+                "SQL",
+                "Storage"
             ],
             "severity": "Medium",
             "subcategory": "Integrity",
@@ -24930,8 +24930,8 @@
             "link": "https://learn.microsoft.com/azure/azure-sql/database/auditing-overview",
             "services": [
                 "AzurePolicy",
-                "Storage",
-                "SQL"
+                "SQL",
+                "Storage"
             ],
             "severity": "Medium",
             "subcategory": "Auditing",
@@ -24945,12 +24945,12 @@
             "guid": "9b64bc50-b60f-4035-bf7a-28c4806dfb46",
             "link": "https://learn.microsoft.com/azure/azure-sql/database/auditing-overview",
             "services": [
-                "Storage",
-                "Monitor",
+                "SQL",
                 "Entra",
-                "Backup",
                 "EventHubs",
-                "SQL"
+                "Backup",
+                "Monitor",
+                "Storage"
             ],
             "severity": "Low",
             "subcategory": "Auditing",
@@ -24964,11 +24964,11 @@
             "guid": "fcd34708-87ac-4efc-aaf6-57a47f76644a",
             "link": "https://learn.microsoft.com/azure/azure-monitor/essentials/activity-log",
             "services": [
-                "Storage",
+                "SQL",
+                "EventHubs",
                 "Subscriptions",
                 "Monitor",
-                "EventHubs",
-                "SQL"
+                "Storage"
             ],
             "severity": "Medium",
             "subcategory": "Auditing",
@@ -24982,8 +24982,8 @@
             "guid": "f96e127e-9572-453a-b325-ff89ae9f6b44",
             "link": "https://learn.microsoft.com/azure/azure-sql/database/auditing-overview",
             "services": [
-                "Monitor",
-                "SQL"
+                "SQL",
+                "Monitor"
             ],
             "severity": "Medium",
             "subcategory": "SIEM/SOAR",
@@ -24997,8 +24997,8 @@
             "guid": "41503bf8-73da-4a10-af9f-5f7fceb5456f",
             "link": "https://learn.microsoft.com/azure/azure-monitor/essentials/activity-log",
             "services": [
-                "Monitor",
-                "SQL"
+                "SQL",
+                "Monitor"
             ],
             "severity": "Medium",
             "subcategory": "SIEM/SOAR",
@@ -25089,8 +25089,8 @@
             "guid": "a566dd3d-314e-4a94-9378-102c42d82b38",
             "link": "https://learn.microsoft.com/azure/azure-sql/database/outbound-firewall-rule-overview",
             "services": [
-                "Storage",
-                "SQL"
+                "SQL",
+                "Storage"
             ],
             "severity": "Medium",
             "subcategory": "Outbound Control",
@@ -25104,11 +25104,11 @@
             "guid": "246cd832-f550-4af0-9c74-ca9baeeb8860",
             "link": "https://learn.microsoft.com/azure/azure-sql/database/private-endpoint-overview?view=azuresql#disable-public-access-to-your-logical-server",
             "services": [
-                "VNet",
-                "Monitor",
                 "Firewall",
                 "PrivateLink",
-                "SQL"
+                "SQL",
+                "VNet",
+                "Monitor"
             ],
             "severity": "Medium",
             "subcategory": "Private Access",
@@ -25122,9 +25122,9 @@
             "guid": "3a0808ee-ea7a-47ab-bdce-920a6a2b3881",
             "link": "https://learn.microsoft.com/azure/azure-sql/database/private-endpoint-overview?view=azuresql#disable-public-access-to-your-logical-server",
             "services": [
-                "VNet",
                 "PrivateLink",
-                "SQL"
+                "SQL",
+                "VNet"
             ],
             "severity": "High",
             "subcategory": "Private Access",
@@ -25138,9 +25138,9 @@
             "guid": "8600527e-e8c4-4424-90ef-1f0dca0224f2",
             "link": "https://learn.microsoft.com/azure/private-link/private-endpoint-overview#network-security-of-private-endpoints",
             "services": [
-                "VNet",
                 "PrivateLink",
-                "SQL"
+                "SQL",
+                "VNet"
             ],
             "severity": "Medium",
             "subcategory": "Private Access",
@@ -25154,9 +25154,9 @@
             "guid": "18123ef4-a0a6-45e3-87fe-7f454f65d975",
             "link": "https://learn.microsoft.com/azure/azure-sql/managed-instance/connectivity-architecture-overview",
             "services": [
-                "VNet",
                 "ExpressRoute",
-                "SQL"
+                "SQL",
+                "VNet"
             ],
             "severity": "Medium",
             "subcategory": "Private Access",
@@ -25170,9 +25170,9 @@
             "guid": "55187443-6852-4fbd-99c6-ce303597ca7f",
             "link": "https://learn.microsoft.com/azure/azure-sql/database/network-access-controls-overview?view=azuresql#ip-vs-virtual-network-firewall-rules",
             "services": [
-                "VNet",
                 "AzurePolicy",
-                "SQL"
+                "SQL",
+                "VNet"
             ],
             "severity": "High",
             "subcategory": "Public Access",
@@ -25186,8 +25186,8 @@
             "guid": "a73e32da-b3f4-4960-b5ec-2f42a557bf31",
             "link": "https://learn.microsoft.com/azure/azure-sql/database/network-access-controls-overview",
             "services": [
-                "Storage",
-                "SQL"
+                "SQL",
+                "Storage"
             ],
             "severity": "Medium",
             "subcategory": "Public Access",
@@ -25201,8 +25201,8 @@
             "guid": "e0f31ac9-35c8-4bfd-9865-edb60ffc6768",
             "link": "https://learn.microsoft.com/azure/azure-sql/database/firewall-configure",
             "services": [
-                "Storage",
-                "SQL"
+                "SQL",
+                "Storage"
             ],
             "severity": "Low",
             "subcategory": "Public Access",
@@ -25216,9 +25216,9 @@
             "guid": "b8435656-143e-41a8-9922-61d34edb751a",
             "link": "https://learn.microsoft.com/azure/azure-sql/managed-instance/public-endpoint-overview",
             "services": [
-                "VNet",
                 "AzurePolicy",
-                "SQL"
+                "SQL",
+                "VNet"
             ],
             "severity": "High",
             "subcategory": "Public Access",
@@ -25232,8 +25232,8 @@
             "guid": "057dd298-8726-4aa6-b590-1f81d2e30421",
             "link": "https://learn.microsoft.com/azure/azure-sql/managed-instance/public-endpoint-overview",
             "services": [
-                "VNet",
-                "SQL"
+                "SQL",
+                "VNet"
             ],
             "severity": "High",
             "subcategory": "Public Access",
@@ -25598,11 +25598,11 @@
             "link": "https://learn.microsoft.com/azure/key-vault/general/backup?tabs=azure-cli#design-considerations",
             "service": "Key Vault",
             "services": [
-                "Storage",
                 "AKV",
-                "Subscriptions",
                 "ASR",
-                "Backup"
+                "Subscriptions",
+                "Backup",
+                "Storage"
             ],
             "severity": "Medium",
             "subcategory": "Business continuity and disaster recovery",
@@ -25704,8 +25704,8 @@
             "guid": "67b23587-05a1-4652-aded-fa8a488cdec4",
             "link": "https://learn.microsoft.com/azure/site-recovery/azure-to-azure-how-to-enable-policy",
             "services": [
-                "VM",
                 "ASR",
+                "VM",
                 "AzurePolicy"
             ],
             "severity": "High",
@@ -25784,8 +25784,8 @@
             "link": "https://learn.microsoft.com/azure/backup/backup-azure-vms-introduction",
             "service": "VM",
             "services": [
-                "VM",
-                "Backup"
+                "Backup",
+                "VM"
             ],
             "severity": "High",
             "subcategory": "Virtual Machines",
@@ -25831,8 +25831,8 @@
             "service": "VM",
             "services": [
                 "VM",
-                "Storage",
-                "SQL"
+                "SQL",
+                "Storage"
             ],
             "severity": "Medium",
             "subcategory": "Virtual Machines",
@@ -25879,8 +25879,8 @@
             "link": "https://learn.microsoft.com/azure/virtual-machines/availability",
             "service": "VM",
             "services": [
-                "VM",
-                "ASR"
+                "ASR",
+                "VM"
             ],
             "severity": "High",
             "subcategory": "Virtual Machines",
@@ -25895,8 +25895,8 @@
             "link": "https://learn.microsoft.com/azure/site-recovery/site-recovery-overview",
             "service": "VM",
             "services": [
-                "VM",
                 "ASR",
+                "VM",
                 "AVS"
             ],
             "severity": "High",
@@ -25927,8 +25927,8 @@
             "link": "https://learn.microsoft.com/azure/quotas/per-vm-quota-requests",
             "service": "VM",
             "services": [
-                "VM",
-                "ASR"
+                "ASR",
+                "VM"
             ],
             "severity": "Medium",
             "subcategory": "Virtual Machines",
@@ -26162,8 +26162,8 @@
             "link": "https://learn.microsoft.com/azure/networking/disaster-recovery-dns-traffic-manager",
             "services": [
                 "ASR",
-                "DNS",
                 "Monitor",
+                "DNS",
                 "TrafficManager"
             ],
             "severity": "Low",
@@ -26180,8 +26180,8 @@
             "service": "DNS",
             "services": [
                 "ASR",
-                "DNS",
-                "ACR"
+                "ACR",
+                "DNS"
             ],
             "severity": "Low",
             "subcategory": "DNS",
@@ -26224,8 +26224,8 @@
             "guid": "a359c373-e7dd-4616-83a3-64a907ebae48",
             "link": "https://learn.microsoft.com/azure/expressroute/designing-for-disaster-recovery-with-expressroute-privatepeering",
             "services": [
-                "ExpressRoute",
-                "Backup"
+                "Backup",
+                "ExpressRoute"
             ],
             "severity": "Medium",
             "subcategory": "ExpressRoute",
@@ -26239,10 +26239,10 @@
             "guid": "ead53cc7-de2e-48aa-ab35-71549ab9153d",
             "link": "https://learn.microsoft.com/azure/expressroute/use-s2s-vpn-as-backup-for-expressroute-privatepeering",
             "services": [
-                "ExpressRoute",
                 "Backup",
-                "Cost",
-                "VPN"
+                "ExpressRoute",
+                "VPN",
+                "Cost"
             ],
             "severity": "Low",
             "subcategory": "ExpressRoute",
@@ -26315,8 +26315,8 @@
             "guid": "927139b8-2110-42db-b6ea-f11e6f843e53",
             "link": "https://learn.microsoft.com/azure/vpn-gateway/vpn-gateway-highlyavailable",
             "services": [
-                "ACR",
-                "VPN"
+                "VPN",
+                "ACR"
             ],
             "severity": "Medium",
             "subcategory": "VPN Gateways",
@@ -26398,8 +26398,8 @@
             "service": "Entra",
             "services": [
                 "WAF",
-                "ACR",
                 "RBAC",
+                "ACR",
                 "Subscriptions"
             ],
             "severity": "High",
@@ -26441,8 +26441,8 @@
             "service": "Entra",
             "services": [
                 "WAF",
-                "AzurePolicy",
-                "Entra"
+                "Entra",
+                "AzurePolicy"
             ],
             "severity": "High",
             "text": "Enforce Microsoft Entra ID Conditional Access policies for any user with rights to Azure environments.",
@@ -26497,8 +26497,8 @@
             "service": "Entra",
             "services": [
                 "WAF",
-                "Monitor",
-                "Entra"
+                "Entra",
+                "Monitor"
             ],
             "severity": "Medium",
             "text": "Integrate Microsoft Entra ID logs with the platform-central Azure Monitor. Azure Monitor allows for a single source of truth around log and monitoring data in Azure, giving organizations a cloud native options to meet requirements around log collection and retention.",
@@ -26555,8 +26555,8 @@
             "link": "https://learn.microsoft.com/azure/cloud-adoption-framework/ready/enterprise-scale/network-topology-and-connectivity",
             "service": "VNet",
             "services": [
-                "VNet",
-                "WAF"
+                "WAF",
+                "VNet"
             ],
             "severity": "Medium",
             "text": "Use a hub-and-spoke network topology for network scenarios that require maximum flexibility.",
@@ -26570,14 +26570,14 @@
             "link": "https://learn.microsoft.com/azure/cloud-adoption-framework/ready/azure-best-practices/traditional-azure-networking-topology",
             "service": "VNet",
             "services": [
-                "VNet",
-                "VPN",
-                "ExpressRoute",
-                "WAF",
+                "NVA",
                 "Firewall",
                 "DNS",
-                "NVA",
-                "Entra"
+                "Entra",
+                "WAF",
+                "ExpressRoute",
+                "VNet",
+                "VPN"
             ],
             "severity": "High",
             "text": "Deploy shared networking services, including ExpressRoute gateways, VPN gateways, and Azure Firewall or partner NVAs in the central-hub virtual network. If necessary, also deploy DNS services.",
@@ -26620,8 +26620,8 @@
             "link": "https://learn.microsoft.com/azure/expressroute/expressroute-howto-coexist-resource-manager#to-enable-transit-routing-between-expressroute-and-azure-vpn",
             "service": "ExpressRoute",
             "services": [
-                "ExpressRoute",
                 "WAF",
+                "ExpressRoute",
                 "VPN",
                 "ARS"
             ],
@@ -26638,9 +26638,9 @@
             "link": "https://learn.microsoft.com/azure/route-server/quickstart-configure-route-server-portal#create-a-route-server-1",
             "service": "ARS",
             "services": [
-                "VNet",
                 "WAF",
-                "ARS"
+                "ARS",
+                "VNet"
             ],
             "severity": "Low",
             "text": "If using Route Server, use a /27 prefix for the Route Server subnet.",
@@ -26654,8 +26654,8 @@
             "link": "https://learn.microsoft.com/azure/virtual-network/virtual-networks-faq#can-i-create-a-peering-connection-to-a-vnet-in-a-different-region",
             "service": "VNet",
             "services": [
-                "VNet",
                 "WAF",
+                "VNet",
                 "ACR"
             ],
             "severity": "Medium",
@@ -26686,8 +26686,8 @@
             "link": "https://learn.microsoft.com/azure/azure-resource-manager/management/azure-subscription-service-limits?toc=/azure/virtual-network/toc.json#azure-resource-manager-virtual-networking-limits",
             "service": "VNet",
             "services": [
-                "ExpressRoute",
                 "WAF",
+                "ExpressRoute",
                 "VNet"
             ],
             "severity": "Medium",
@@ -26719,8 +26719,8 @@
             "link": "https://learn.microsoft.com/azure/virtual-network/virtual-network-manage-peering",
             "service": "VNet",
             "services": [
-                "VNet",
-                "WAF"
+                "WAF",
+                "VNet"
             ],
             "severity": "High",
             "text": "Use the setting 'Allow traffic to remote virtual network' when configuring VNet peerings.",
@@ -26734,8 +26734,8 @@
             "link": "https://learn.microsoft.com/azure/expressroute/expressroute-howto-macsec",
             "service": "ExpressRoute",
             "services": [
-                "ExpressRoute",
-                "WAF"
+                "WAF",
+                "ExpressRoute"
             ],
             "severity": "Medium",
             "text": "When you're using ExpressRoute Direct, configure MACsec in order to encrypt traffic at the layer-two level between the organization's routers and MSEE. The diagram shows this encryption in flow.",
@@ -26749,8 +26749,8 @@
             "link": "https://learn.microsoft.com/azure/vpn-gateway/site-to-site-vpn-private-peering",
             "service": "ExpressRoute",
             "services": [
-                "ExpressRoute",
                 "WAF",
+                "ExpressRoute",
                 "VPN"
             ],
             "severity": "Medium",
@@ -26796,8 +26796,8 @@
             "link": "https://learn.microsoft.com/azure/cloud-adoption-framework/ready/azure-best-practices/plan-for-ip-addressing",
             "service": "VNet",
             "services": [
-                "VNet",
-                "WAF"
+                "WAF",
+                "VNet"
             ],
             "severity": "High",
             "text": "Ensure that IP address space isn't wasted, don't create unnecessarily large virtual networks (for example /16).",
@@ -26811,8 +26811,8 @@
             "link": "https://learn.microsoft.com/azure/site-recovery/concepts-on-premises-to-azure-networking#retain-ip-addresses",
             "service": "VNet",
             "services": [
-                "ASR",
-                "WAF"
+                "WAF",
+                "ASR"
             ],
             "severity": "High",
             "text": "Do not use overlapping IP address ranges for production and disaster recovery sites.",
@@ -26842,8 +26842,8 @@
             "service": "DNS",
             "services": [
                 "WAF",
-                "DNS",
-                "ACR"
+                "ACR",
+                "DNS"
             ],
             "severity": "Medium",
             "text": "For environments where name resolution across Azure and on-premises is required and there is no existing enterprise DNS service like Active Directory, use Azure DNS Private Resolver to route DNS requests to Azure or to on-premises DNS servers.",
@@ -26872,10 +26872,10 @@
             "link": "https://learn.microsoft.com/azure/dns/private-dns-autoregistration",
             "service": "DNS",
             "services": [
-                "VM",
                 "WAF",
-                "DNS",
-                "VNet"
+                "VM",
+                "VNet",
+                "DNS"
             ],
             "severity": "High",
             "text": "Enable auto-registration for Azure DNS to automatically manage the lifecycle of the DNS records for the virtual machines deployed within a virtual network.",
@@ -26889,8 +26889,8 @@
             "link": "https://learn.microsoft.com/azure/bastion/bastion-overview",
             "service": "Bastion",
             "services": [
-                "Bastion",
-                "WAF"
+                "WAF",
+                "Bastion"
             ],
             "severity": "Medium",
             "text": "Use Azure Bastion to securely connect to your network.",
@@ -26905,9 +26905,9 @@
             "link": "https://learn.microsoft.com/azure/bastion/bastion-faq#subnet",
             "service": "Bastion",
             "services": [
-                "Bastion",
                 "WAF",
-                "VNet"
+                "VNet",
+                "Bastion"
             ],
             "severity": "Medium",
             "text": "Use Azure Bastion in a subnet /26 or larger.",
@@ -26923,8 +26923,8 @@
             "services": [
                 "WAF",
                 "AzurePolicy",
-                "FrontDoor",
-                "ACR"
+                "ACR",
+                "FrontDoor"
             ],
             "severity": "Medium",
             "text": "Use Azure Front Door and WAF policies to provide global protection across Azure regions for inbound HTTP/S connections to a landing zone.",
@@ -26939,8 +26939,8 @@
             "service": "WAF",
             "services": [
                 "WAF",
-                "AppGW",
                 "AzurePolicy",
+                "AppGW",
                 "FrontDoor"
             ],
             "severity": "Low",
@@ -26955,8 +26955,8 @@
             "link": "https://learn.microsoft.com/azure/web-application-firewall/ag/ag-overview",
             "service": "WAF",
             "services": [
-                "VNet",
-                "WAF"
+                "WAF",
+                "VNet"
             ],
             "severity": "High",
             "text": "When WAFs and other reverse proxies are required for inbound HTTP/S connections, deploy them within a landing-zone virtual network and together with the apps that they're protecting and exposing to the internet.",
@@ -26970,8 +26970,8 @@
             "link": "https://learn.microsoft.com/azure/ddos-protection/ddos-protection-reference-architectures",
             "service": "VNet",
             "services": [
-                "VNet",
                 "WAF",
+                "VNet",
                 "DDoS"
             ],
             "severity": "High",
@@ -27015,8 +27015,8 @@
             "link": "https://github.com/Azure/Enterprise-Scale/wiki/ALZ-Policies#corp",
             "service": "Policy",
             "services": [
-                "VM",
                 "WAF",
+                "VM",
                 "AzurePolicy"
             ],
             "severity": "High",
@@ -27031,9 +27031,9 @@
             "link": "https://learn.microsoft.com/azure/cloud-adoption-framework/ready/azure-best-practices/connectivity-to-azure",
             "service": "ExpressRoute",
             "services": [
-                "ExpressRoute",
                 "WAF",
                 "Backup",
+                "ExpressRoute",
                 "VPN"
             ],
             "severity": "Medium",
@@ -27049,8 +27049,8 @@
             "link": "https://learn.microsoft.com/azure/expressroute/expressroute-routing",
             "service": "ExpressRoute",
             "services": [
-                "ExpressRoute",
-                "WAF"
+                "WAF",
+                "ExpressRoute"
             ],
             "severity": "Medium",
             "text": "When you use multiple ExpressRoute circuits or multiple on-prem locations, use BGP attributes to optimize routing.",
@@ -27065,8 +27065,8 @@
             "link": "https://learn.microsoft.com/azure/expressroute/expressroute-about-virtual-network-gateways?source=recommendations#gwsku",
             "service": "ExpressRoute",
             "services": [
-                "ExpressRoute",
                 "WAF",
+                "ExpressRoute",
                 "VPN"
             ],
             "severity": "Medium",
@@ -27082,8 +27082,8 @@
             "link": "https://learn.microsoft.com/azure/expressroute/plan-manage-cost",
             "service": "ExpressRoute",
             "services": [
-                "ExpressRoute",
                 "WAF",
+                "ExpressRoute",
                 "Cost"
             ],
             "severity": "High",
@@ -27099,8 +27099,8 @@
             "link": "https://learn.microsoft.com/azure/expressroute/expressroute-faqs#expressroute-local",
             "service": "ExpressRoute",
             "services": [
-                "ExpressRoute",
                 "WAF",
+                "ExpressRoute",
                 "Cost"
             ],
             "severity": "High",
@@ -27116,8 +27116,8 @@
             "link": "https://learn.microsoft.com/azure/expressroute/expressroute-about-virtual-network-gateways",
             "service": "ExpressRoute",
             "services": [
-                "ExpressRoute",
-                "WAF"
+                "WAF",
+                "ExpressRoute"
             ],
             "severity": "Medium",
             "text": "Deploy a zone-redundant ExpressRoute gateway in the supported Azure regions.",
@@ -27131,8 +27131,8 @@
             "link": "https://learn.microsoft.com/azure/cloud-adoption-framework/ready/azure-best-practices/connectivity-to-azure",
             "service": "ExpressRoute",
             "services": [
-                "ExpressRoute",
-                "WAF"
+                "WAF",
+                "ExpressRoute"
             ],
             "severity": "Medium",
             "text": "For scenarios that require bandwidth higher than 10 Gbps or dedicated 10/100-Gbps ports, use ExpressRoute Direct.",
@@ -27146,8 +27146,8 @@
             "link": "https://learn.microsoft.com/azure/expressroute/about-fastpath",
             "service": "ExpressRoute",
             "services": [
-                "ExpressRoute",
-                "WAF"
+                "WAF",
+                "ExpressRoute"
             ],
             "severity": "Medium",
             "text": "When low latency is required, or throughput from on-premises to Azure must be greater than 10 Gbps, enable FastPath to bypass the ExpressRoute gateway from the data path.",
@@ -27192,8 +27192,8 @@
             "link": "https://learn.microsoft.com/azure/expressroute/expressroute-erdirect-about",
             "service": "ExpressRoute",
             "services": [
-                "ExpressRoute",
                 "WAF",
+                "ExpressRoute",
                 "Cost"
             ],
             "severity": "High",
@@ -27208,8 +27208,8 @@
             "link": "https://learn.microsoft.com/azure/architecture/framework/services/networking/expressroute/reliability",
             "service": "ExpressRoute",
             "services": [
-                "ExpressRoute",
-                "WAF"
+                "WAF",
+                "ExpressRoute"
             ],
             "severity": "Medium",
             "text": "When traffic isolation or dedicated bandwidth is required, such as for separating production and nonproduction environments, use different ExpressRoute circuits. It will help you ensure isolated routing domains and alleviate noisy-neighbor risks.",
@@ -27223,8 +27223,8 @@
             "link": "https://learn.microsoft.com/azure/expressroute/expressroute-monitoring-metrics-alerts",
             "service": "ExpressRoute",
             "services": [
-                "ExpressRoute",
                 "WAF",
+                "ExpressRoute",
                 "Monitor"
             ],
             "severity": "Medium",
@@ -27240,8 +27240,8 @@
             "service": "ExpressRoute",
             "services": [
                 "WAF",
-                "Monitor",
                 "ACR",
+                "Monitor",
                 "NetworkWatcher"
             ],
             "severity": "Medium",
@@ -27257,8 +27257,8 @@
             "link": "https://learn.microsoft.com/azure/expressroute/designing-for-disaster-recovery-with-expressroute-privatepeering#need-for-redundant-connectivity-solution",
             "service": "ExpressRoute",
             "services": [
-                "ExpressRoute",
-                "WAF"
+                "WAF",
+                "ExpressRoute"
             ],
             "severity": "Medium",
             "text": "Use ExpressRoute circuits from different peering locations for redundancy.",
@@ -27272,8 +27272,8 @@
             "link": "https://learn.microsoft.com/azure/expressroute/expressroute-howto-coexist-resource-manager",
             "service": "ExpressRoute",
             "services": [
-                "ExpressRoute",
                 "WAF",
+                "ExpressRoute",
                 "VPN"
             ],
             "severity": "Medium",
@@ -27289,8 +27289,8 @@
             "link": "https://learn.microsoft.com/azure/vpn-gateway/vpn-gateway-about-vpn-gateway-settings#gwsub",
             "service": "ExpressRoute",
             "services": [
-                "VNet",
                 "WAF",
+                "VNet",
                 "Storage"
             ],
             "severity": "High",
@@ -27304,8 +27304,8 @@
             "link": "https://learn.microsoft.com/azure/expressroute/designing-for-high-availability-with-expressroute#active-active-connections",
             "service": "ExpressRoute",
             "services": [
-                "ExpressRoute",
                 "WAF",
+                "ExpressRoute",
                 "ACR"
             ],
             "severity": "High",
@@ -27320,8 +27320,8 @@
             "link": "https://learn.microsoft.com/azure/expressroute/designing-for-high-availability-with-expressroute",
             "service": "ExpressRoute",
             "services": [
-                "ExpressRoute",
-                "WAF"
+                "WAF",
+                "ExpressRoute"
             ],
             "severity": "Medium",
             "text": "Ensure the two physical links of your ExpressRoute circuit are connected to two distinct edge devices in your network.",
@@ -27349,8 +27349,8 @@
             "link": "https://learn.microsoft.com/azure/expressroute/designing-for-disaster-recovery-with-expressroute-privatepeering",
             "service": "ExpressRoute",
             "services": [
-                "ExpressRoute",
-                "WAF"
+                "WAF",
+                "ExpressRoute"
             ],
             "severity": "High",
             "text": "Connect the ExpressRoute Gateway to two or more circuits from different peering locations for higher resiliency.",
@@ -27364,10 +27364,10 @@
             "link": "https://learn.microsoft.com/azure/vpn-gateway/vpn-gateway-howto-setup-alerts-virtual-network-gateway-log",
             "service": "ExpressRoute",
             "services": [
-                "ExpressRoute",
                 "WAF",
-                "Monitor",
-                "VNet"
+                "ExpressRoute",
+                "VNet",
+                "Monitor"
             ],
             "severity": "Medium",
             "text": "Configure diagnostic logs and alerts for ExpressRoute virtual network gateway.",
@@ -27381,8 +27381,8 @@
             "link": "https://learn.microsoft.com/azure/expressroute/virtual-network-connectivity-guidance",
             "service": "ExpressRoute",
             "services": [
-                "ExpressRoute",
                 "WAF",
+                "ExpressRoute",
                 "VNet"
             ],
             "severity": "Medium",
@@ -27426,9 +27426,9 @@
             "service": "Firewall",
             "services": [
                 "Firewall",
-                "WAF",
                 "RBAC",
                 "AzurePolicy",
+                "WAF",
                 "ACR"
             ],
             "severity": "Medium",
@@ -27460,8 +27460,8 @@
             "service": "Firewall",
             "services": [
                 "WAF",
-                "DNS",
-                "Firewall"
+                "Firewall",
+                "DNS"
             ],
             "severity": "High",
             "text": "Use application rules to filter outbound traffic on destination host name for supported protocols.  Use FQDN-based network rules and Azure Firewall with DNS proxy to filter egress traffic to the Internet over other protocols.",
@@ -27523,12 +27523,12 @@
             "link": "https://learn.microsoft.com/azure/virtual-network/virtual-networks-udr-overview",
             "service": "Firewall",
             "services": [
-                "VNet",
-                "VWAN",
-                "Storage",
+                "NVA",
                 "Firewall",
+                "VWAN",
                 "WAF",
-                "NVA"
+                "VNet",
+                "Storage"
             ],
             "severity": "High",
             "text": "For subnets in VNets not connected to Virtual WAN, attach a route table so that Internet traffic is redirected to Azure Firewall or a Network Virtual Appliance.",
@@ -27542,8 +27542,8 @@
             "service": "Firewall",
             "services": [
                 "WAF",
-                "Storage",
-                "Firewall"
+                "Firewall",
+                "Storage"
             ],
             "severity": "Medium",
             "text": "Add diagnostic settings to save logs, using the Resource Specific destination table, for all Azure Firewall deployments.",
@@ -27558,8 +27558,8 @@
             "service": "Firewall",
             "services": [
                 "WAF",
-                "AzurePolicy",
-                "Firewall"
+                "Firewall",
+                "AzurePolicy"
             ],
             "severity": "Important",
             "text": "Migrate from Azure Firewall Classic rules (if exist) to Firewall Policy.",
@@ -27574,9 +27574,9 @@
             "link": "https://learn.microsoft.com/azure/firewall/firewall-faq#why-does-azure-firewall-need-a--26-subnet-size",
             "service": "Firewall",
             "services": [
-                "VNet",
                 "WAF",
-                "Firewall"
+                "Firewall",
+                "VNet"
             ],
             "severity": "High",
             "text": "Use a /26 prefix for your Azure Firewall subnets.",
@@ -27662,8 +27662,8 @@
             "link": "https://learn.microsoft.com/azure/firewall/premium-features#web-categories",
             "service": "Firewall",
             "services": [
-                "ServiceBus",
-                "WAF"
+                "WAF",
+                "ServiceBus"
             ],
             "severity": "Low",
             "text": "Use web categories to allow or deny outbound access to specific topics.",
@@ -27691,8 +27691,8 @@
             "service": "Firewall",
             "services": [
                 "WAF",
-                "DNS",
-                "Firewall"
+                "Firewall",
+                "DNS"
             ],
             "severity": "Medium",
             "text": "Enable Azure Firewall DNS proxy configuration.",
@@ -27707,8 +27707,8 @@
             "service": "Firewall",
             "services": [
                 "WAF",
-                "Monitor",
-                "Firewall"
+                "Firewall",
+                "Monitor"
             ],
             "severity": "High",
             "text": "Integrate Azure Firewall with Azure Monitor and enable diagnostic logging to store and analyze firewall logs.",
@@ -27737,8 +27737,8 @@
             "link": "https://learn.microsoft.com/azure/virtual-network/vnet-integration-for-azure-services",
             "service": "App Gateway",
             "services": [
-                "VNet",
-                "WAF"
+                "WAF",
+                "VNet"
             ],
             "severity": "High",
             "text": "Do not disrupt control-plane communication for Azure PaaS services injected into a virtual networks, such as with a 0.0.0.0/0 route or an NSG rule that blocks control plane traffic.",
@@ -27752,9 +27752,9 @@
             "link": "https://learn.microsoft.com/azure/private-link/private-endpoint-overview",
             "service": "ExpressRoute",
             "services": [
-                "ExpressRoute",
                 "WAF",
-                "PrivateLink"
+                "PrivateLink",
+                "ExpressRoute"
             ],
             "severity": "Medium",
             "text": "Access Azure PaaS services from on-premises via private endpoints and ExpressRoute private peering. This method avoids transiting over the public internet.",
@@ -27769,8 +27769,8 @@
             "link": "https://learn.microsoft.com/azure/virtual-network/virtual-network-service-endpoints-overview",
             "service": "VNet",
             "services": [
-                "VNet",
-                "WAF"
+                "WAF",
+                "VNet"
             ],
             "severity": "High",
             "text": "Don't enable virtual network service endpoints by default on all subnets.",
@@ -27784,11 +27784,11 @@
             "link": "azure/private-link/inspect-traffic-with-azure-firewall",
             "service": "Firewall",
             "services": [
+                "NVA",
                 "Firewall",
-                "WAF",
-                "DNS",
                 "PrivateLink",
-                "NVA"
+                "DNS",
+                "WAF"
             ],
             "severity": "Medium",
             "text": "Filter egress traffic to Azure PaaS services using FQDNs instead of IP addresses in Azure Firewall or an NVA to prevent data exfiltration. If using Private Link you can block all FQDNs, otherwise allow only the required PaaS services.",
@@ -27803,10 +27803,10 @@
             "link": "https://learn.microsoft.com/azure/expressroute/expressroute-howto-add-gateway-resource-manager#add-a-gateway",
             "service": "ExpressRoute",
             "services": [
-                "ExpressRoute",
                 "WAF",
-                "VNet",
-                "VPN"
+                "ExpressRoute",
+                "VPN",
+                "VNet"
             ],
             "severity": "High",
             "text": "Use at least a /27 prefix for your Gateway subnets.",
@@ -27820,8 +27820,8 @@
             "link": "https://learn.microsoft.com/azure/virtual-network/service-tags-overview#available-service-tags",
             "service": "NSG",
             "services": [
-                "VNet",
-                "WAF"
+                "WAF",
+                "VNet"
             ],
             "severity": "High",
             "text": "Don't rely on the NSG inbound default rules using the VirtualNetwork service tag to limit connectivity.",
@@ -27834,8 +27834,8 @@
             "link": "https://learn.microsoft.com/azure/cloud-adoption-framework/ready/azure-best-practices/plan-for-landing-zone-network-segmentation",
             "service": "NSG",
             "services": [
-                "VNet",
                 "WAF",
+                "VNet",
                 "ACR"
             ],
             "severity": "Medium",
@@ -27850,10 +27850,10 @@
             "link": "https://learn.microsoft.com/azure/virtual-network/network-security-group-how-it-works",
             "service": "NSG",
             "services": [
-                "VNet",
                 "WAF",
-                "NVA",
-                "Entra"
+                "Entra",
+                "VNet",
+                "NVA"
             ],
             "severity": "Medium",
             "text": "Use NSGs and application security groups to micro-segment traffic within the landing zone and avoid using a central NVA to filter traffic flows.",
@@ -27867,8 +27867,8 @@
             "link": "https://learn.microsoft.com/azure/network-watcher/vnet-flow-logs-overview",
             "service": "NSG",
             "services": [
-                "VNet",
                 "WAF",
+                "VNet",
                 "NetworkWatcher"
             ],
             "severity": "Medium",
@@ -27884,8 +27884,8 @@
             "link": "https://learn.microsoft.com/azure/azure-resource-manager/management/azure-subscription-service-limits",
             "service": "NSG",
             "services": [
-                "VNet",
-                "WAF"
+                "WAF",
+                "VNet"
             ],
             "severity": "Medium",
             "text": "Do not implement more than 900 NSG rules per NSG, due to the limit of 1000 rules.",
@@ -27899,8 +27899,8 @@
             "link": "https://learn.microsoft.com/azure/virtual-wan/scenario-any-to-any",
             "service": "VWAN",
             "services": [
-                "VWAN",
-                "WAF"
+                "WAF",
+                "VWAN"
             ],
             "severity": "Medium",
             "text": "Use Virtual WAN if your scenario is explicitly described in the list of Virtual WAN routing designs.",
@@ -27914,8 +27914,8 @@
             "link": "https://learn.microsoft.com/azure/cloud-adoption-framework/ready/azure-best-practices/virtual-wan-network-topology#virtual-wan-network-design-recommendationst",
             "service": "VWAN",
             "services": [
-                "VWAN",
                 "WAF",
+                "VWAN",
                 "ACR"
             ],
             "severity": "Medium",
@@ -27946,8 +27946,8 @@
             "link": "https://learn.microsoft.com/azure/virtual-wan/migrate-from-hub-spoke-topology",
             "service": "VWAN",
             "services": [
-                "VWAN",
-                "WAF"
+                "WAF",
+                "VWAN"
             ],
             "severity": "Medium",
             "text": "Ensure that your virtual WAN network architecture aligns to an identified architecture scenario.",
@@ -27961,8 +27961,8 @@
             "link": "https://learn.microsoft.com/azure/virtual-wan/azure-monitor-insights",
             "service": "VWAN",
             "services": [
-                "VWAN",
                 "WAF",
+                "VWAN",
                 "Monitor"
             ],
             "severity": "Medium",
@@ -27977,8 +27977,8 @@
             "link": "https://learn.microsoft.com/azure/virtual-wan/virtual-wan-faq#is-branch-to-branch-connectivity-allowed-in-virtual-wan",
             "service": "VWAN",
             "services": [
-                "VWAN",
-                "WAF"
+                "WAF",
+                "VWAN"
             ],
             "severity": "Medium",
             "text": "Do not disable branch-to-branch traffic in Virtual WAN, unless these flows should be explicitly blocked.",
@@ -27992,8 +27992,8 @@
             "link": "https://learn.microsoft.com/azure/virtual-wan/about-virtual-hub-routing-preference",
             "service": "VWAN",
             "services": [
-                "ExpressRoute",
                 "WAF",
+                "ExpressRoute",
                 "VPN"
             ],
             "severity": "Medium",
@@ -28008,8 +28008,8 @@
             "link": "https://learn.microsoft.com/azure/virtual-wan/about-virtual-hub-routing#labels",
             "service": "VWAN",
             "services": [
-                "VWAN",
-                "WAF"
+                "WAF",
+                "VWAN"
             ],
             "severity": "Medium",
             "text": "Configure label-based propagation in Virtual WAN, otherwise connectivity between virtual hubs will be impaired.",
@@ -28052,8 +28052,8 @@
             "service": "Policy",
             "services": [
                 "WAF",
-                "AzurePolicy",
-                "RBAC"
+                "RBAC",
+                "AzurePolicy"
             ],
             "severity": "Medium",
             "text": "Map regulatory and compliance requirements to Azure Policy definitions and Azure role assignments.",
@@ -28125,11 +28125,11 @@
             "link": "https://learn.microsoft.com/azure/governance/policy/overview#azure-rbac-permissions-in-azure-policy",
             "service": "Policy",
             "services": [
-                "Subscriptions",
-                "WAF",
+                "Entra",
                 "RBAC",
                 "AzurePolicy",
-                "Entra"
+                "WAF",
+                "Subscriptions"
             ],
             "severity": "Medium",
             "text": "Assign the built-in Resource Policy Contributor role at a particular scope to enable application-level governance.",
@@ -28215,11 +28215,11 @@
             "link": "https://learn.microsoft.com/azure/azure-monitor/logs/design-logs-deployment",
             "service": "Monitor",
             "services": [
-                "Monitor",
-                "WAF",
+                "Entra",
                 "RBAC",
                 "AzurePolicy",
-                "Entra"
+                "WAF",
+                "Monitor"
             ],
             "severity": "Medium",
             "text": "Use a single monitor logs workspace to manage platforms centrally except where Azure role-based access control (Azure RBAC), data sovereignty requirements, or data retention policies mandate separate workspaces.",
@@ -28235,8 +28235,8 @@
             "services": [
                 "WAF",
                 "AzurePolicy",
-                "Storage",
-                "ARS"
+                "ARS",
+                "Storage"
             ],
             "severity": "High",
             "text": "Export logs to Azure Storage if your log retention requirements exceed twelve years. Use immutable storage with a write-once, read-many policy to make data non-erasable and non-modifiable for a user-specified interval.",
@@ -28250,10 +28250,10 @@
             "link": "https://learn.microsoft.com/azure/governance/machine-configuration/overview",
             "service": "VM",
             "services": [
-                "VM",
                 "WAF",
-                "Monitor",
-                "AzurePolicy"
+                "VM",
+                "AzurePolicy",
+                "Monitor"
             ],
             "severity": "Medium",
             "text": "Monitor OS level virtual machine (VM) configuration drift using Azure Policy. Enabling Azure Automanage Machine Configuration audit capabilities through policy helps application team workloads to immediately consume feature capabilities with little effort.",
@@ -28267,8 +28267,8 @@
             "link": "https://learn.microsoft.com/azure/cloud-adoption-framework/ready/landing-zone/design-area/management-operational-compliance#update-management-considerations",
             "service": "VM",
             "services": [
-                "VM",
-                "WAF"
+                "WAF",
+                "VM"
             ],
             "severity": "Medium",
             "text": "Use Azure Update Manager as a patching mechanism for Windows and Linux VMs in Azure.",
@@ -28282,8 +28282,8 @@
             "link": "https://learn.microsoft.com/azure/cloud-adoption-framework/ready/landing-zone/design-area/management-operational-compliance#update-management-considerations ",
             "service": "VM",
             "services": [
-                "VM",
-                "WAF"
+                "WAF",
+                "VM"
             ],
             "severity": "Medium",
             "text": "Use Azure Update Manager as a patching mechanism for Windows and Linux VMs outside of Azure using Azure Arc.",
@@ -28373,8 +28373,8 @@
             "link": "https://learn.microsoft.com/azure/governance/policy/concepts/guest-configuration",
             "service": "VM",
             "services": [
-                "VM",
                 "WAF",
+                "VM",
                 "AzurePolicy"
             ],
             "severity": "Medium",
@@ -28389,10 +28389,10 @@
             "link": "https://learn.microsoft.com/azure/cloud-adoption-framework/ready/landing-zone/design-area/management-operational-compliance#monitoring-for-configuration-drift",
             "service": "VM",
             "services": [
-                "VM",
                 "WAF",
-                "Monitor",
-                "AzurePolicy"
+                "VM",
+                "AzurePolicy",
+                "Monitor"
             ],
             "severity": "Medium",
             "text": "Monitor VM security configuration drift via Azure Policy.",
@@ -28406,9 +28406,9 @@
             "link": "https://learn.microsoft.com/azure/site-recovery/site-recovery-overview",
             "service": "VM",
             "services": [
-                "VM",
                 "WAF",
                 "ASR",
+                "VM",
                 "ACR"
             ],
             "severity": "Medium",
@@ -28454,8 +28454,8 @@
             "link": "https://learn.microsoft.com/azure/web-application-firewall/afds/waf-front-door-best-practices#send-logs-to-microsoft-sentinel",
             "service": "WAF",
             "services": [
-                "Sentinel",
                 "WAF",
+                "Sentinel",
                 "AppGW",
                 "FrontDoor"
             ],
@@ -28563,9 +28563,9 @@
             "link": "https://learn.microsoft.com/azure/key-vault/general/best-practices",
             "service": "Key Vault",
             "services": [
-                "VNet",
                 "WAF",
                 "PrivateLink",
+                "VNet",
                 "AKV"
             ],
             "severity": "Medium",
@@ -28581,8 +28581,8 @@
             "service": "Key Vault",
             "services": [
                 "WAF",
-                "Monitor",
                 "Entra",
+                "Monitor",
                 "AKV"
             ],
             "severity": "Medium",
@@ -28628,8 +28628,8 @@
             "link": "https://learn.microsoft.com/azure/key-vault/general/best-practices",
             "service": "Key Vault",
             "services": [
-                "ASR",
                 "WAF",
+                "ASR",
                 "ACR",
                 "AKV"
             ],
@@ -28674,8 +28674,8 @@
             "service": "Defender",
             "services": [
                 "WAF",
-                "Defender",
-                "Subscriptions"
+                "Subscriptions",
+                "Defender"
             ],
             "severity": "High",
             "text": "Enable Defender Cloud Security Posture Management for all subscriptions.",
@@ -28689,8 +28689,8 @@
             "service": "Defender",
             "services": [
                 "WAF",
-                "Defender",
-                "Subscriptions"
+                "Subscriptions",
+                "Defender"
             ],
             "severity": "High",
             "text": "Enable a Defender Cloud Workload Protection Plan for Servers on all subscriptions.",
@@ -28704,8 +28704,8 @@
             "service": "Defender",
             "services": [
                 "WAF",
-                "Defender",
-                "Subscriptions"
+                "Subscriptions",
+                "Defender"
             ],
             "severity": "High",
             "text": "Enable Defender Cloud Workload Protection Plans for Azure Resources on all subscriptions.",
@@ -28750,8 +28750,8 @@
             "service": "Monitor",
             "services": [
                 "WAF",
-                "Monitor",
-                "Entra"
+                "Entra",
+                "Monitor"
             ],
             "severity": "Medium",
             "text": "Connect default resource configurations to a centralized Azure Monitor Log Analytics workspace.",
@@ -28766,8 +28766,8 @@
             "service": "Entra",
             "services": [
                 "WAF",
-                "ACR",
-                "Entra"
+                "Entra",
+                "ACR"
             ],
             "severity": "High",
             "text": "Centralized threat detection with correlated logs -  consolidate security data in a central location where it can be correlated across various services via SIEM (security information and event management)",
@@ -28835,8 +28835,8 @@
             "link": "https://learn.microsoft.com/azure/cloud-adoption-framework/ready/considerations/development-strategy-development-lifecycle#automated-builds",
             "service": "Key Vault",
             "services": [
-                "VM",
                 "WAF",
+                "VM",
                 "AKV"
             ],
             "severity": "High",
@@ -29086,8 +29086,8 @@
             "service": "APIM",
             "services": [
                 "WAF",
-                "AzurePolicy",
-                "EventHubs"
+                "EventHubs",
+                "AzurePolicy"
             ],
             "severity": "Low",
             "text": "If you need to log at high performance levels, consider Event Hubs policy",
@@ -29197,9 +29197,9 @@
             "service": "APIM",
             "services": [
                 "WAF",
-                "FrontDoor",
                 "Entra",
-                "APIM"
+                "APIM",
+                "FrontDoor"
             ],
             "severity": "Medium",
             "text": "Use Azure Front Door in front of APIM for multi-region deployment",
@@ -29212,8 +29212,8 @@
             "link": "https://learn.microsoft.com/security/benchmark/azure/baselines/api-management-security-baseline?toc=%2Fazure%2Fapi-management%2F&bc=%2Fazure%2Fapi-management%2Fbreadcrumb%2Ftoc.json#virtual-network-integration",
             "service": "APIM",
             "services": [
-                "VNet",
-                "WAF"
+                "WAF",
+                "VNet"
             ],
             "severity": "Medium",
             "text": "Deploy the service within a Virtual Network (VNet)",
@@ -29226,11 +29226,11 @@
             "link": "https://learn.microsoft.com/security/benchmark/azure/baselines/api-management-security-baseline?toc=%2Fazure%2Fapi-management%2F&bc=%2Fazure%2Fapi-management%2Fbreadcrumb%2Ftoc.json#network-security-group-support",
             "service": "APIM",
             "services": [
+                "Entra",
+                "WAF",
                 "VNet",
                 "APIM",
-                "Monitor",
-                "WAF",
-                "Entra"
+                "Monitor"
             ],
             "severity": "Medium",
             "text": "Deploy network security groups (NSG) to your subnets to restrict or monitor traffic to/from APIM.",
@@ -29243,11 +29243,11 @@
             "link": "https://learn.microsoft.com/security/benchmark/azure/baselines/api-management-security-baseline?toc=%2Fazure%2Fapi-management%2F&bc=%2Fazure%2Fapi-management%2Fbreadcrumb%2Ftoc.json#azure-private-link",
             "service": "APIM",
             "services": [
-                "VNet",
-                "APIM",
-                "WAF",
                 "PrivateLink",
-                "Entra"
+                "Entra",
+                "WAF",
+                "VNet",
+                "APIM"
             ],
             "severity": "Medium",
             "text": "Deploy Private Endpoints to filter incoming traffic when APIM is not deployed to a VNet.",
@@ -29423,9 +29423,9 @@
             "service": "APIM",
             "services": [
                 "WAF",
-                "AppGW",
                 "Entra",
-                "APIM"
+                "APIM",
+                "AppGW"
             ],
             "severity": "High",
             "text": "Use web application firewall (WAF) by deploying Application Gateway in front of APIM",
@@ -29689,11 +29689,11 @@
             "guid": "eb710a37-cbc1-4055-8dd5-a936a8bb7cf5",
             "service": "AVS",
             "services": [
-                "Monitor",
-                "VPN",
-                "ExpressRoute",
+                "NetworkWatcher",
                 "WAF",
-                "NetworkWatcher"
+                "ExpressRoute",
+                "VPN",
+                "Monitor"
             ],
             "severity": "High",
             "text": "Ensure ExpressRoute or VPN connections from on-premises to Azure are monitored using 'connection monitor'",
@@ -29705,12 +29705,12 @@
             "guid": "976e24f2-a7f8-426c-9253-2a92a2a7ed99",
             "service": "AVS",
             "services": [
+                "NetworkWatcher",
+                "WAF",
                 "AVS",
-                "Monitor",
                 "ExpressRoute",
-                "WAF",
                 "VM",
-                "NetworkWatcher"
+                "Monitor"
             ],
             "severity": "Medium",
             "text": "Ensure a connection monitor is created from an Azure native resource to an Azure VMware Solution virtual machine to monitor the Azure VMware Solution back-end ExpressRoute connection",
@@ -29722,11 +29722,11 @@
             "guid": "f41ce6a0-64f3-4805-bc65-3ab50df01265",
             "service": "AVS",
             "services": [
+                "NetworkWatcher",
+                "WAF",
                 "AVS",
-                "Monitor",
                 "VM",
-                "WAF",
-                "NetworkWatcher"
+                "Monitor"
             ],
             "severity": "Medium",
             "text": "Ensure a connection monitor is created from an on-premises resource to an Azure VMware Solution virtual machine to monitor end-2-end connectivity",
@@ -29752,9 +29752,9 @@
             "service": "AVS",
             "services": [
                 "WAF",
-                "Entra",
                 "AVS",
-                "RBAC"
+                "RBAC",
+                "Entra"
             ],
             "severity": "High",
             "text": "Is Privileged Identity Management implemented for roles managing the Azure VMware Solution resource in the Azure Portal (no standing permissions allowed)",
@@ -29767,9 +29767,9 @@
             "service": "AVS",
             "services": [
                 "WAF",
-                "Entra",
                 "AVS",
-                "RBAC"
+                "RBAC",
+                "Entra"
             ],
             "severity": "High",
             "text": "Privileged Identity Management audit reporting should be implemented for the Azure VMware Solution PIM roles",
@@ -29832,9 +29832,9 @@
             "guid": "586cb291-ec16-4a1d-876e-f9f141acdce5",
             "service": "AVS",
             "services": [
-                "VM",
                 "WAF",
                 "AVS",
+                "VM",
                 "Entra"
             ],
             "severity": "High",
@@ -29860,9 +29860,9 @@
             "service": "AVS",
             "services": [
                 "WAF",
-                "AppGW",
                 "AVS",
-                "Firewall"
+                "Firewall",
+                "AppGW"
             ],
             "severity": "High",
             "text": "Workloads on Azure VMware Solution are not directly exposed to the internet. Traffic is filtered and inspected by Azure Application Gateway, Azure Firewall or 3rd party solutions",
@@ -29888,8 +29888,8 @@
             "service": "AVS",
             "services": [
                 "WAF",
-                "Monitor",
-                "AVS"
+                "AVS",
+                "Monitor"
             ],
             "severity": "Medium",
             "text": "Session monitoring is implemented for outbound internet connections from Azure VMware Solution or Azure VMware Solution based workloads to identify suspicious/malicious activity",
@@ -29901,10 +29901,10 @@
             "guid": "334fdf91-c234-4182-a652-75269440b4be",
             "service": "AVS",
             "services": [
+                "WAF",
+                "ExpressRoute",
                 "VNet",
                 "VPN",
-                "ExpressRoute",
-                "WAF",
                 "DDoS"
             ],
             "severity": "Medium",
@@ -29945,8 +29945,8 @@
             "service": "AVS",
             "services": [
                 "WAF",
-                "Arc",
-                "AVS"
+                "AVS",
+                "Arc"
             ],
             "severity": "Medium",
             "text": "Use Azure ARC for Servers to properly govern workloads running on Azure VMware Solution using Azure native technologies (Azure ARC for Azure VMware Solution is not yet available)",
@@ -30024,8 +30024,8 @@
             "guid": "d89f2e87-7784-424d-9167-85c6fa95b96a",
             "service": "AVS",
             "services": [
-                "ASR",
-                "WAF"
+                "WAF",
+                "ASR"
             ],
             "severity": "High",
             "text": "Ensure that you have requested enough quota, ensuring you have considered growth and Disaster Recovery requirement",
@@ -30062,9 +30062,9 @@
             "guid": "4ba34d45-85e1-4213-abd7-bb012f7b95ef",
             "service": "AVS",
             "services": [
-                "Cost",
                 "WAF",
-                "AVS"
+                "AVS",
+                "Cost"
             ],
             "severity": "Medium",
             "text": "Ensure a good cost management process is in place for Azure VMware Solution - Azure Cost Management can be used",
@@ -30076,9 +30076,9 @@
             "guid": "6e043e2a-a359-4271-ae6e-205172676ae4",
             "service": "AVS",
             "services": [
-                "Cost",
                 "WAF",
-                "AVS"
+                "AVS",
+                "Cost"
             ],
             "severity": "Low",
             "text": "Are Azure reserved instances used to optimize cost for using Azure VMware Solution",
@@ -30114,9 +30114,9 @@
             "guid": "48b262d6-cc5f-4512-a253-98e6db9d37da",
             "service": "AVS",
             "services": [
-                "VM",
                 "WAF",
                 "AVS",
+                "VM",
                 "Defender"
             ],
             "severity": "Medium",
@@ -30129,10 +30129,10 @@
             "guid": "41741583-3ef7-4ad7-a6d3-733165c7acbe",
             "service": "AVS",
             "services": [
-                "VM",
                 "WAF",
-                "Arc",
-                "AVS"
+                "AVS",
+                "VM",
+                "Arc"
             ],
             "severity": "Medium",
             "text": "Use Azure Arc enabled servers to manage your Azure VMware Solution guest VM workloads",
@@ -30157,10 +30157,10 @@
             "guid": "4ed90dae-2cc8-44c4-9b6b-781cbafe6c46",
             "service": "AVS",
             "services": [
-                "VM",
                 "WAF",
-                "Monitor",
-                "AVS"
+                "AVS",
+                "VM",
+                "Monitor"
             ],
             "severity": "Medium",
             "text": "Deploy the Log Analytics Agents to Azure VMware Solution guest VM workloads",
@@ -30172,11 +30172,11 @@
             "guid": "589d457a-927c-4397-9d11-02cad6aae11e",
             "service": "AVS",
             "services": [
+                "AzurePolicy",
+                "WAF",
                 "AVS",
                 "Backup",
-                "VM",
-                "WAF",
-                "AzurePolicy"
+                "VM"
             ],
             "severity": "Medium",
             "text": "Ensure you have a documented and implemented backup policy and solution for Azure VMware Solution VM workloads",
@@ -30189,8 +30189,8 @@
             "service": "AVS",
             "services": [
                 "WAF",
-                "Monitor",
                 "AVS",
+                "Monitor",
                 "Defender"
             ],
             "severity": "Medium",
@@ -30254,8 +30254,8 @@
             "service": "AVS",
             "services": [
                 "WAF",
-                "Monitor",
-                "AVS"
+                "AVS",
+                "Monitor"
             ],
             "severity": "High",
             "text": "Create dashboards to enable core Azure VMware Solution monitoring insights",
@@ -30268,8 +30268,8 @@
             "service": "AVS",
             "services": [
                 "WAF",
-                "Monitor",
-                "AVS"
+                "AVS",
+                "Monitor"
             ],
             "severity": "High",
             "text": "Create warning alerts for critical thresholds for automatic alerting on Azure VMware Solution performance (CPU >80%, Avg Memory >80%, vSAN >70%)",
@@ -30282,8 +30282,8 @@
             "service": "AVS",
             "services": [
                 "WAF",
-                "Monitor",
-                "AVS"
+                "AVS",
+                "Monitor"
             ],
             "severity": "High",
             "text": "Ensure critical alert is created to monitor if vSAN consumption is below 75% as this is a support threshold from VMware",
@@ -30335,8 +30335,8 @@
             "guid": "a91be1f3-88f0-43a4-b2cd-463cbbbc8682",
             "service": "AVS",
             "services": [
-                "VM",
                 "WAF",
+                "VM",
                 "AzurePolicy",
                 "Storage"
             ],
@@ -30377,8 +30377,8 @@
             "service": "AVS",
             "services": [
                 "WAF",
-                "Arc",
-                "AVS"
+                "AVS",
+                "Arc"
             ],
             "severity": "Medium",
             "text": "Ensure workloads running on Azure VMware Solution are hybrid managed using Azure Arc for Servers (Arc for Azure VMware Solution is in preview)",
@@ -30391,8 +30391,8 @@
             "service": "AVS",
             "services": [
                 "WAF",
-                "Monitor",
-                "AVS"
+                "AVS",
+                "Monitor"
             ],
             "severity": "Medium",
             "text": "Ensure workloads running on Azure VMware Solution are monitored using Azure Log Analytics and Azure Monitor",
@@ -30418,9 +30418,9 @@
             "service": "AVS",
             "services": [
                 "WAF",
-                "Monitor",
+                "AVS",
                 "AzurePolicy",
-                "AVS"
+                "Monitor"
             ],
             "severity": "Medium",
             "text": "Use Azure Policy to onboard Azure VMware Solution workloads in the Azure Management, Monitoring and Security solutions",
@@ -30471,8 +30471,8 @@
             "guid": "f0f1cac6-d9ef-41d5-b832-d42e3611c818",
             "service": "AVS",
             "services": [
-                "ASR",
-                "WAF"
+                "WAF",
+                "ASR"
             ],
             "severity": "Medium",
             "text": "Use Azure Site Recovery when the Disaster Recovery technology is native Azure IaaS",
@@ -30496,8 +30496,8 @@
             "guid": "8255461e-2aee-4345-9aec-8339248b262d",
             "service": "AVS",
             "services": [
-                "ASR",
-                "WAF"
+                "WAF",
+                "ASR"
             ],
             "severity": "Medium",
             "text": "Use the geopolitical region pair as the secondary disaster recovery environment",
@@ -30521,10 +30521,10 @@
             "guid": "d1d79a9b-2460-4448-aa8f-42d78e78cb6a",
             "service": "AVS",
             "services": [
-                "ExpressRoute",
                 "WAF",
-                "NVA",
-                "AVS"
+                "AVS",
+                "ExpressRoute",
+                "NVA"
             ],
             "severity": "Medium",
             "text": "Will ExpressRoute Global Reach be used for connectivity between the primary and secondary Azure VMware Solution Private Clouds or is routing done through network virtual appliances?",
@@ -30550,8 +30550,8 @@
             "service": "AVS",
             "services": [
                 "WAF",
-                "Backup",
-                "AVS"
+                "AVS",
+                "Backup"
             ],
             "severity": "Medium",
             "text": "Deploy your backup solution in the same region as your Azure VMware Solution private cloud",
@@ -30664,9 +30664,9 @@
             "guid": "255461e2-aee3-4553-afc8-339248b262d6",
             "service": "AVS",
             "services": [
-                "ExpressRoute",
                 "WAF",
                 "AVS",
+                "ExpressRoute",
                 "AKV"
             ],
             "severity": "Low",
@@ -30782,8 +30782,8 @@
             "link": "https://learn.microsoft.com/azure/active-directory/app-proxy/application-proxy#how-application-proxy-works",
             "service": "AVS",
             "services": [
-                "VM",
-                "WAF"
+                "WAF",
+                "VM"
             ],
             "severity": "High",
             "text": "When using MON, be aware of the limits of simulataneously configured VMs (MON Limit for HCX [400 - standard, 1000 - Larger appliance])",
@@ -30848,9 +30848,9 @@
             "link": "https://learn.microsoft.com/azure/web-application-firewall/afds/waf-front-door-policy-settings",
             "service": "AVS",
             "services": [
-                "VM",
                 "WAF",
                 "AVS",
+                "VM",
                 "Storage"
             ],
             "severity": "Medium",
@@ -30864,8 +30864,8 @@
             "link": "https://learn.microsoft.com/azure/frontdoor/best-practices#avoid-combining-traffic-manager-and-front-door",
             "service": "AVS",
             "services": [
-                "ExpressRoute",
                 "WAF",
+                "ExpressRoute",
                 "Storage"
             ],
             "severity": "Medium",
@@ -30879,8 +30879,8 @@
             "link": "https://learn.microsoft.com/azure/frontdoor/best-practices#use-the-same-domain-name-on-front-door-and-your-origin",
             "service": "AVS",
             "services": [
-                "ExpressRoute",
                 "WAF",
+                "ExpressRoute",
                 "Storage"
             ],
             "severity": "Medium",
@@ -30894,8 +30894,8 @@
             "link": "https://learn.microsoft.com/azure/frontdoor/best-practices#disable-health-probes-when-theres-only-one-origin-in-an-origin-group",
             "service": "AVS",
             "services": [
-                "ASR",
-                "WAF"
+                "WAF",
+                "ASR"
             ],
             "severity": "High",
             "text": "If using stretched cluster, ensure that your selected Disaster Recovery solution is supported by the vendor",
@@ -30921,8 +30921,8 @@
             "link": "https://learn.microsoft.com/azure/frontdoor/best-practices#use-head-health-probes",
             "service": "AVS",
             "services": [
-                "ExpressRoute",
-                "WAF"
+                "WAF",
+                "ExpressRoute"
             ],
             "severity": "High",
             "text": "If using stretched cluster, ensure that both ExpressRoute circuits are connected to your connectivity hub.",
@@ -30935,8 +30935,8 @@
             "link": "https://learn.microsoft.com/azure/nat-gateway/nat-overview#outbound-connectivity",
             "service": "AVS",
             "services": [
-                "ExpressRoute",
-                "WAF"
+                "WAF",
+                "ExpressRoute"
             ],
             "severity": "High",
             "text": "If using stretched cluster, ensure that both ExpressRoute circuits have GlobalReach enabled.",
@@ -31026,10 +31026,10 @@
             "link": "https://learn.microsoft.com/azure/container-registry/container-registry-authentication-managed-identity",
             "service": "ACR",
             "services": [
-                "RBAC",
                 "WAF",
-                "ACR",
-                "Entra"
+                "Entra",
+                "RBAC",
+                "ACR"
             ],
             "severity": "High",
             "text": "Use Managed Identities to connect instead of Service Principals",
@@ -31060,8 +31060,8 @@
             "services": [
                 "WAF",
                 "Entra",
-                "ACR",
-                "RBAC"
+                "RBAC",
+                "ACR"
             ],
             "severity": "High",
             "text": "Assign AcrPull & AcrPush RBAC roles rather than granting Administrative access to identity principals",
@@ -31105,8 +31105,8 @@
             "services": [
                 "WAF",
                 "PrivateLink",
-                "ACR",
-                "EventHubs"
+                "EventHubs",
+                "ACR"
             ],
             "severity": "High",
             "text": "Deploy images from a trusted environment",
@@ -31121,8 +31121,8 @@
             "service": "ACR",
             "services": [
                 "WAF",
-                "AzurePolicy",
                 "Entra",
+                "AzurePolicy",
                 "ACR"
             ],
             "severity": "Medium",
@@ -31138,9 +31138,9 @@
             "service": "ACR",
             "services": [
                 "WAF",
-                "Monitor",
+                "Entra",
                 "ACR",
-                "Entra"
+                "Monitor"
             ],
             "severity": "Medium",
             "text": "Enable diagnostics logging",
@@ -31154,10 +31154,10 @@
             "link": "https://learn.microsoft.com/azure/container-registry/container-registry-private-link",
             "service": "ACR",
             "services": [
-                "VNet",
                 "WAF",
+                "Firewall",
                 "PrivateLink",
-                "Firewall"
+                "VNet"
             ],
             "severity": "Medium",
             "text": "Control inbound network access with Private Link",
@@ -31283,8 +31283,8 @@
             "link": "https://learn.microsoft.com/azure/service-bus-messaging/configure-customer-managed-key",
             "service": "Service Bus",
             "services": [
-                "ServiceBus",
-                "WAF"
+                "WAF",
+                "ServiceBus"
             ],
             "severity": "Low",
             "text": "Use customer-managed key option in data at rest encryption when required",
@@ -31299,8 +31299,8 @@
             "link": "https://learn.microsoft.com/azure/service-bus-messaging/transport-layer-security-enforce-minimum-version",
             "service": "Service Bus",
             "services": [
-                "ServiceBus",
-                "WAF"
+                "WAF",
+                "ServiceBus"
             ],
             "severity": "Medium",
             "text": "Enforce a minimum required version of Transport Layer Security (TLS) for requests ",
@@ -31315,12 +31315,12 @@
             "link": "https://learn.microsoft.com/azure/service-bus-messaging/service-bus-sas#shared-access-authorization-policies",
             "service": "Service Bus",
             "services": [
-                "ServiceBus",
-                "WAF",
                 "TrafficManager",
+                "ServiceBus",
+                "Entra",
                 "RBAC",
                 "AzurePolicy",
-                "Entra"
+                "WAF"
             ],
             "severity": "Medium",
             "text": "Avoid using root account when it is not necessary",
@@ -31335,13 +31335,13 @@
             "link": "https://learn.microsoft.com/azure/service-bus-messaging/service-bus-managed-service-identity",
             "service": "Service Bus",
             "services": [
+                "AppSvc",
                 "ServiceBus",
-                "Storage",
                 "AKV",
-                "VM",
+                "Entra",
                 "WAF",
-                "AppSvc",
-                "Entra"
+                "VM",
+                "Storage"
             ],
             "severity": "Medium",
             "text": "When possible, your application should be using a managed identity to authenticate to Azure Service Bus. If not, consider having the storage credential (SAS, service principal credential) in Azure Key Vault or an equivalent service",
@@ -31357,10 +31357,10 @@
             "service": "Service Bus",
             "services": [
                 "ServiceBus",
-                "Storage",
-                "Subscriptions",
+                "RBAC",
                 "WAF",
-                "RBAC"
+                "Subscriptions",
+                "Storage"
             ],
             "severity": "High",
             "text": "Use least privilege data plane RBAC",
@@ -31375,10 +31375,10 @@
             "link": "https://learn.microsoft.com/azure/service-bus-messaging/monitor-service-bus-reference",
             "service": "Service Bus",
             "services": [
-                "ServiceBus",
                 "WAF",
+                "VNet",
                 "Monitor",
-                "VNet"
+                "ServiceBus"
             ],
             "severity": "Medium",
             "text": "Enable logging for security investigation. Use Azure Monitor to trace resource logs and runtime audit logs (currently available only in the premium tier)",
@@ -31393,10 +31393,10 @@
             "link": "https://learn.microsoft.com/azure/service-bus-messaging/private-link-service",
             "service": "Service Bus",
             "services": [
-                "ServiceBus",
                 "WAF",
                 "PrivateLink",
-                "VNet"
+                "VNet",
+                "ServiceBus"
             ],
             "severity": "Medium",
             "text": "Consider using private endpoints to access Azure Service Bus and disable public network access when applicable.",
@@ -31411,8 +31411,8 @@
             "link": "https://learn.microsoft.com/azure/service-bus-messaging/service-bus-ip-filtering",
             "service": "Service Bus",
             "services": [
-                "ServiceBus",
-                "WAF"
+                "WAF",
+                "ServiceBus"
             ],
             "severity": "Medium",
             "text": "Consider only allowing access to Azure Service Bus namespace from specific IP addresses or ranges",
@@ -31465,8 +31465,8 @@
             "link": "https://learn.microsoft.com/en-us/azure/app-service/environment/intro",
             "service": "Azure Functions",
             "services": [
-                "AppSvc",
-                "WAF"
+                "WAF",
+                "AppSvc"
             ],
             "severity": "High",
             "text": "If deploying to an Isolated environment, use or migrate to App Service Environment (ASE) v3",
@@ -31479,8 +31479,8 @@
             "link": "https://learn.microsoft.com/en-us/azure/azure-functions/dedicated-plan#always-on",
             "service": "Azure Functions",
             "services": [
-                "AppSvc",
-                "WAF"
+                "WAF",
+                "AppSvc"
             ],
             "severity": "High",
             "text": "Ensure 'Always On' is enabled for all Function Apps running on App Service Plan",
@@ -31547,8 +31547,8 @@
             "link": "https://learn.microsoft.com/azure/ai-services/openai/how-to/business-continuity-disaster-recovery",
             "service": "Cognitive Services",
             "services": [
-                "ASR",
-                "WAF"
+                "WAF",
+                "ASR"
             ],
             "severity": "High",
             "text": "Business Continuity and Disaster Recovery (BCDR) considerations with Azure OpenAI Service",
@@ -31654,9 +31654,9 @@
             "link": "https://learn.microsoft.com/en-us/azure/app-service/manage-backup",
             "service": "App Services",
             "services": [
-                "AppSvc",
                 "WAF",
-                "Backup"
+                "Backup",
+                "AppSvc"
             ],
             "severity": "High",
             "text": "Refer to backup and restore best practices for Azure App Service",
@@ -31669,8 +31669,8 @@
             "link": "https://learn.microsoft.com/en-us/azure/architecture/framework/services/compute/azure-app-service/reliability",
             "service": "App Services",
             "services": [
-                "AppSvc",
-                "WAF"
+                "WAF",
+                "AppSvc"
             ],
             "severity": "High",
             "text": "Implement Azure App Service reliability best practices",
@@ -31683,8 +31683,8 @@
             "link": "https://learn.microsoft.com/en-us/azure/app-service/manage-disaster-recovery#recover-app-content-only",
             "service": "App Services",
             "services": [
-                "AppSvc",
-                "WAF"
+                "WAF",
+                "AppSvc"
             ],
             "severity": "Low",
             "text": "Familiarize with how to move an App Service app to another region During a disaster",
@@ -31697,8 +31697,8 @@
             "link": "https://learn.microsoft.com/en-us/azure/reliability/reliability-app-service",
             "service": "App Services",
             "services": [
-                "AppSvc",
-                "WAF"
+                "WAF",
+                "AppSvc"
             ],
             "severity": "High",
             "text": "Familiarize with reliability support in Azure App Service",
@@ -31711,8 +31711,8 @@
             "link": "https://learn.microsoft.com/en-us/azure/azure-functions/dedicated-plan#always-on",
             "service": "App Services",
             "services": [
-                "AppSvc",
-                "WAF"
+                "WAF",
+                "AppSvc"
             ],
             "severity": "Medium",
             "text": "Ensure \"Always On\" is enabled for Function Apps running on a app service plan",
@@ -31725,9 +31725,9 @@
             "link": "https://learn.microsoft.com/en-us/azure/app-service/monitor-instances-health-check",
             "service": "App Services",
             "services": [
-                "AppSvc",
                 "WAF",
-                "Monitor"
+                "Monitor",
+                "AppSvc"
             ],
             "severity": "Medium",
             "text": "Monitor App Service instances using Health checks",
@@ -31769,8 +31769,8 @@
             "link": "https://learn.microsoft.com/azure/app-service/app-service-key-vault-references",
             "service": "App Services",
             "services": [
-                "AppSvc",
                 "WAF",
+                "AppSvc",
                 "AKV"
             ],
             "severity": "High",
@@ -31785,9 +31785,9 @@
             "link": "https://learn.microsoft.com/azure/app-service/app-service-key-vault-references",
             "service": "App Services",
             "services": [
-                "AppSvc",
                 "WAF",
                 "Entra",
+                "AppSvc",
                 "AKV"
             ],
             "severity": "High",
@@ -31802,8 +31802,8 @@
             "link": "https://learn.microsoft.com/azure/app-service/configure-ssl-certificate",
             "service": "App Services",
             "services": [
-                "AppSvc",
                 "WAF",
+                "AppSvc",
                 "AKV"
             ],
             "severity": "High",
@@ -31818,9 +31818,9 @@
             "link": "https://learn.microsoft.com/azure/app-service/overview-hosting-plans",
             "service": "App Services",
             "services": [
-                "AppSvc",
                 "WAF",
-                "Subscriptions"
+                "Subscriptions",
+                "AppSvc"
             ],
             "severity": "Medium",
             "text": "Isolate systems that process sensitive information",
@@ -31834,9 +31834,9 @@
             "link": "https://learn.microsoft.com/azure/app-service/operating-system-functionality#file-access",
             "service": "App Services",
             "services": [
-                "AppSvc",
                 "WAF",
-                "TrafficManager"
+                "TrafficManager",
+                "AppSvc"
             ],
             "severity": "Medium",
             "text": "Do not store sensitive data on local disk",
@@ -31850,9 +31850,9 @@
             "link": "https://learn.microsoft.com/azure/app-service/overview-authentication-authorization",
             "service": "App Services",
             "services": [
-                "AppSvc",
                 "WAF",
-                "Entra"
+                "Entra",
+                "AppSvc"
             ],
             "severity": "Medium",
             "text": "Use an established Identity Provider for authentication",
@@ -31866,8 +31866,8 @@
             "link": "https://learn.microsoft.com/azure/app-service/deploy-best-practices",
             "service": "App Services",
             "services": [
-                "AppSvc",
-                "WAF"
+                "WAF",
+                "AppSvc"
             ],
             "severity": "High",
             "text": "Deploy from a trusted environment",
@@ -31913,8 +31913,8 @@
             "service": "App Services",
             "services": [
                 "WAF",
-                "ACR",
-                "Entra"
+                "Entra",
+                "ACR"
             ],
             "severity": "High",
             "text": "Pull containers using a Managed Identity",
@@ -31928,10 +31928,10 @@
             "link": "https://learn.microsoft.com/azure/app-service/troubleshoot-diagnostic-logs",
             "service": "App Services",
             "services": [
-                "AppSvc",
                 "WAF",
+                "Entra",
                 "Monitor",
-                "Entra"
+                "AppSvc"
             ],
             "severity": "Medium",
             "text": "Send App Service runtime logs to Log Analytics",
@@ -31945,10 +31945,10 @@
             "link": "https://learn.microsoft.com/azure/azure-monitor/essentials/activity-log",
             "service": "App Services",
             "services": [
-                "AppSvc",
                 "WAF",
+                "Entra",
                 "Monitor",
-                "Entra"
+                "AppSvc"
             ],
             "severity": "Medium",
             "text": "Send App Service activity logs to Log Analytics",
@@ -31962,11 +31962,11 @@
             "link": "https://learn.microsoft.com/azure/app-service/overview-vnet-integration",
             "service": "App Services",
             "services": [
-                "VNet",
-                "Monitor",
+                "NVA",
                 "Firewall",
                 "WAF",
-                "NVA"
+                "VNet",
+                "Monitor"
             ],
             "severity": "Medium",
             "text": "Outbound network access should be controlled",
@@ -31980,12 +31980,12 @@
             "link": "https://learn.microsoft.com/azure/app-service/networking/nat-gateway-integration",
             "service": "App Services",
             "services": [
-                "VNet",
-                "Storage",
+                "NVA",
                 "Firewall",
+                "PrivateLink",
                 "WAF",
-                "NVA",
-                "PrivateLink"
+                "VNet",
+                "Storage"
             ],
             "severity": "Low",
             "text": "Ensure a stable IP for outbound communications towards internet addresses",
@@ -31999,9 +31999,9 @@
             "link": "https://learn.microsoft.com/azure/app-service/networking-features#access-restrictions",
             "service": "App Services",
             "services": [
-                "AppSvc",
                 "WAF",
-                "PrivateLink"
+                "PrivateLink",
+                "AppSvc"
             ],
             "severity": "High",
             "text": "Inbound network access should be controlled",
@@ -32015,11 +32015,11 @@
             "link": "https://learn.microsoft.com/azure/app-service/networking/app-gateway-with-service-endpoints",
             "service": "App Services",
             "services": [
-                "FrontDoor",
-                "Monitor",
-                "WAF",
                 "AppSvc",
-                "AppGW"
+                "WAF",
+                "FrontDoor",
+                "AppGW",
+                "Monitor"
             ],
             "severity": "High",
             "text": "Use a WAF in front of App Service",
@@ -32049,9 +32049,9 @@
             "link": "https://learn.microsoft.com/azure/app-service/configure-ssl-bindings#enforce-tls-versions",
             "service": "App Services",
             "services": [
-                "AppSvc",
                 "WAF",
-                "AzurePolicy"
+                "AzurePolicy",
+                "AppSvc"
             ],
             "severity": "Medium",
             "text": "Set minimum TLS policy to 1.2",
@@ -32066,8 +32066,8 @@
             "link": "https://learn.microsoft.com/azure/app-service/configure-ssl-bindings#enforce-https",
             "service": "App Services",
             "services": [
-                "AppSvc",
-                "WAF"
+                "WAF",
+                "AppSvc"
             ],
             "severity": "High",
             "text": "Use HTTPS only",
@@ -32111,9 +32111,9 @@
             "link": "https://learn.microsoft.com/azure/defender-for-cloud/defender-for-app-service-introduction",
             "service": "App Services",
             "services": [
-                "AppSvc",
                 "WAF",
-                "Defender"
+                "Defender",
+                "AppSvc"
             ],
             "severity": "Medium",
             "text": "Enable Defender for Cloud - Defender for App Service",
@@ -32127,12 +32127,12 @@
             "link": "https://learn.microsoft.com/azure/ddos-protection/ddos-protection-overview",
             "service": "App Services",
             "services": [
-                "VNet",
+                "NVA",
+                "EventHubs",
                 "WAF",
+                "VNet",
                 "AppGW",
-                "NVA",
-                "DDoS",
-                "EventHubs"
+                "DDoS"
             ],
             "severity": "Medium",
             "text": "Enable DDOS Protection Standard on the WAF VNet",
@@ -32146,9 +32146,9 @@
             "link": "https://learn.microsoft.com/azure/app-service/configure-custom-container#use-an-image-from-a-network-protected-registry",
             "service": "App Services",
             "services": [
-                "VNet",
                 "WAF",
                 "PrivateLink",
+                "VNet",
                 "ACR"
             ],
             "severity": "Medium",
@@ -32236,10 +32236,10 @@
             "link": "https://learn.microsoft.com/azure/virtual-machines/migration-classic-resource-manager-overview#migration-of-storage-accounts",
             "service": "Azure Storage",
             "services": [
-                "RBAC",
                 "WAF",
-                "Storage",
-                "Subscriptions"
+                "RBAC",
+                "Subscriptions",
+                "Storage"
             ],
             "severity": "Medium",
             "text": "Ensure older storage accounts are not using 'classic deployment model'",
@@ -32254,8 +32254,8 @@
             "service": "Azure Storage",
             "services": [
                 "WAF",
-                "Storage",
-                "Defender"
+                "Defender",
+                "Storage"
             ],
             "severity": "High",
             "text": "Enable Microsoft Defender for all of your storage accounts",
@@ -32345,8 +32345,8 @@
             "services": [
                 "WAF",
                 "AzurePolicy",
-                "Storage",
-                "Subscriptions"
+                "Subscriptions",
+                "Storage"
             ],
             "severity": "High",
             "text": "Consider immutable blobs",
@@ -32422,8 +32422,8 @@
             "service": "Azure Storage",
             "services": [
                 "WAF",
-                "Storage",
-                "Entra"
+                "Entra",
+                "Storage"
             ],
             "severity": "High",
             "text": "Use Microsoft Entra ID tokens for blob access",
@@ -32468,11 +32468,11 @@
             "link": "https://learn.microsoft.com/rest/api/storageservices/authorize-with-shared-key",
             "service": "Azure Storage",
             "services": [
-                "Storage",
                 "AKV",
-                "Monitor",
+                "Entra",
                 "WAF",
-                "Entra"
+                "Monitor",
+                "Storage"
             ],
             "severity": "High",
             "text": "Consider disabling storage account keys, so that only Microsoft Entra ID access (and user delegation SAS) is supported.",
@@ -32486,11 +32486,11 @@
             "link": "https://learn.microsoft.com/azure/storage/blobs/blob-storage-monitoring-scenarios#audit-account-activity",
             "service": "Azure Storage",
             "services": [
-                "Storage",
                 "AKV",
-                "Monitor",
+                "AzurePolicy",
                 "WAF",
-                "AzurePolicy"
+                "Monitor",
+                "Storage"
             ],
             "severity": "High",
             "text": "Consider using Azure Monitor to audit control plane operations on the storage account",
@@ -32569,8 +32569,8 @@
             "service": "Azure Storage",
             "services": [
                 "WAF",
-                "Storage",
-                "Entra"
+                "Entra",
+                "Storage"
             ],
             "severity": "High",
             "text": "Consider storing connection strings in Azure KeyVault (in scenarios where managed identities are not possible)",
@@ -32643,9 +32643,9 @@
             "service": "Azure Storage",
             "services": [
                 "WAF",
-                "Storage",
                 "Entra",
-                "RBAC"
+                "RBAC",
+                "Storage"
             ],
             "severity": "High",
             "text": "SFTP: Limit the amount of 'local users' for SFTP access, and audit whether access is needed over time.",
@@ -32844,12 +32844,12 @@
             "link": "https://learn.microsoft.com/azure/event-hubs/authorize-access-shared-access-signature#shared-access-authorization-policies",
             "service": "Event Hubs",
             "services": [
-                "Entra",
-                "WAF",
                 "TrafficManager",
+                "Entra",
                 "RBAC",
+                "EventHubs",
                 "AzurePolicy",
-                "EventHubs"
+                "WAF"
             ],
             "severity": "Medium",
             "text": "Avoid using root account when it is not necessary",
@@ -32864,12 +32864,12 @@
             "link": "https://learn.microsoft.com/azure/event-hubs/authenticate-managed-identity?tabs=latest",
             "service": "Event Hubs",
             "services": [
-                "Storage",
                 "AKV",
                 "Entra",
-                "VM",
+                "EventHubs",
                 "WAF",
-                "EventHubs"
+                "VM",
+                "Storage"
             ],
             "severity": "Medium",
             "text": "When possible, your application should be using a managed identity to authenticate to Azure Event Hub. If not, consider having the storage credential (SAS, service principal credential) in Azure Key Vault or an equivalent service",
@@ -32885,8 +32885,8 @@
             "service": "Event Hubs",
             "services": [
                 "WAF",
-                "EventHubs",
-                "RBAC"
+                "RBAC",
+                "EventHubs"
             ],
             "severity": "High",
             "text": "Use least privilege data plane RBAC",
@@ -32901,10 +32901,10 @@
             "link": "https://learn.microsoft.com/azure/event-hubs/monitor-event-hubs-reference",
             "service": "Event Hubs",
             "services": [
-                "VNet",
                 "WAF",
-                "Monitor",
-                "EventHubs"
+                "EventHubs",
+                "VNet",
+                "Monitor"
             ],
             "severity": "Medium",
             "text": "Enable logging for security investigation. Use Azure Monitor to captured metrics and logs such as resource logs, runtime audit logs and Kafka logs",
@@ -32919,10 +32919,10 @@
             "link": "https://learn.microsoft.com/azure/event-hubs/private-link-service",
             "service": "Event Hubs",
             "services": [
-                "VNet",
                 "WAF",
                 "PrivateLink",
-                "EventHubs"
+                "EventHubs",
+                "VNet"
             ],
             "severity": "Medium",
             "text": "Consider using private endpoints to access Azure Event Hub and disable public network access when applicable.",
@@ -32967,8 +32967,8 @@
             "service": "Event Hubs",
             "services": [
                 "WAF",
-                "ACR",
-                "EventHubs"
+                "EventHubs",
+                "ACR"
             ],
             "severity": "High",
             "text": "Leverage Availability Zones if regionally applicable",
@@ -32995,8 +32995,8 @@
             "link": "https://learn.microsoft.com/azure/event-hubs/event-hubs-geo-dr?tabs=portal",
             "service": "Event Hubs",
             "services": [
-                "ASR",
                 "WAF",
+                "ASR",
                 "EventHubs"
             ],
             "severity": "High",
@@ -33011,8 +33011,8 @@
             "link": "https://learn.microsoft.com/azure/event-hubs/event-hubs-federation-overview",
             "service": "Event Hubs",
             "services": [
-                "ASR",
                 "WAF",
+                "ASR",
                 "EventHubs"
             ],
             "severity": "Medium",
@@ -33041,8 +33041,8 @@
             "service": "Front Door",
             "services": [
                 "WAF",
-                "FrontDoor",
-                "AKV"
+                "AKV",
+                "FrontDoor"
             ],
             "severity": "Medium",
             "text": "If you use customer-managed TLS certificates with Azure Front Door, use the 'Latest' certificate version. Reduce the risk of outages caused by manual certificate renewal",
@@ -33101,9 +33101,9 @@
             "link": "https://learn.microsoft.com/azure/application-gateway/configuration-infrastructure#size-of-the-subnet",
             "service": "App Gateway",
             "services": [
-                "VNet",
                 "WAF",
-                "AppGW"
+                "AppGW",
+                "VNet"
             ],
             "severity": "Medium",
             "text": "Your Application Gateways v2 should be deployed in subnets with IP prefixes equal or larger than /24",
@@ -33118,12 +33118,12 @@
             "link": "https://learn.microsoft.com/azure/web-application-firewall/ag/ag-overview",
             "service": "App Gateway",
             "services": [
-                "VNet",
-                "Subscriptions",
+                "NVA",
+                "Entra",
                 "WAF",
+                "VNet",
                 "AppGW",
-                "NVA",
-                "Entra"
+                "Subscriptions"
             ],
             "severity": "Medium",
             "text": "Deploy Azure Application Gateway v2 or partner NVAs used for proxying inbound HTTP(S) connections within the landing-zone virtual network and with the apps that they're securing.",
@@ -33201,8 +33201,8 @@
             "service": "Front Door",
             "services": [
                 "WAF",
-                "AppGW",
                 "AzurePolicy",
+                "AppGW",
                 "FrontDoor"
             ],
             "severity": "Medium",
@@ -33233,8 +33233,8 @@
             "service": "Entra",
             "services": [
                 "WAF",
-                "AVD",
-                "Entra"
+                "Entra",
+                "AVD"
             ],
             "severity": "Low",
             "text": "If users only need access to internal applications, has Microsoft Entra ID Application Proxy been considered as an alternative to Azure Virtual Desktop (AVD)?",
@@ -33372,10 +33372,10 @@
             "link": "https://learn.microsoft.com/azure/frontdoor/best-practices#use-managed-tls-certificates",
             "service": "Front Door",
             "services": [
-                "Cost",
                 "WAF",
-                "FrontDoor",
-                "AKV"
+                "AKV",
+                "Cost",
+                "FrontDoor"
             ],
             "severity": "High",
             "text": "Use managed TLS certificates with Azure Front Door. Reduce operational cost and risk of outages due to certificate renewals.",
@@ -33594,8 +33594,8 @@
             "service": "App Gateway",
             "services": [
                 "WAF",
-                "AppGW",
-                "AzurePolicy"
+                "AzurePolicy",
+                "AppGW"
             ],
             "severity": "High",
             "text": "Enable request body inspection feature enabled in Azure Application Gateway WAF policy.",
@@ -33626,8 +33626,8 @@
             "service": "App Gateway",
             "services": [
                 "WAF",
-                "AppGW",
-                "AzurePolicy"
+                "AzurePolicy",
+                "AppGW"
             ],
             "severity": "High",
             "text": "Deploy your WAF policy for Application Gateway in 'Prevention' mode.",
@@ -33737,8 +33737,8 @@
             "link": "https://learn.microsoft.com/azure/web-application-firewall/ag/best-practices#send-logs-to-microsoft-sentinel",
             "service": "App Gateway",
             "services": [
-                "Sentinel",
                 "WAF",
+                "Sentinel",
                 "AppGW"
             ],
             "severity": "Medium",
@@ -33752,8 +33752,8 @@
             "link": "https://learn.microsoft.com/azure/web-application-firewall/afds/waf-front-door-best-practices#send-logs-to-microsoft-sentinel",
             "service": "Front Door",
             "services": [
-                "Sentinel",
                 "WAF",
+                "Sentinel",
                 "FrontDoor"
             ],
             "severity": "Medium",
@@ -33795,11 +33795,11 @@
             "link": "https://learn.microsoft.com/azure/virtual-wan/scenario-secured-hub-app-gateway",
             "service": "App Gateway",
             "services": [
-                "VNet",
-                "VPN",
-                "ExpressRoute",
                 "WAF",
-                "AppGW"
+                "ExpressRoute",
+                "AppGW",
+                "VNet",
+                "VPN"
             ],
             "severity": "Medium",
             "text": "Filter inbound traffic in the backends so that they only accept connections from the Application Gateway subnet, for example with NSGs.",
@@ -34024,8 +34024,8 @@
             "link": "https://learn.microsoft.com/azure/app-service/environment/intro",
             "service": "Logic Apps",
             "services": [
-                "AppSvc",
-                "WAF"
+                "WAF",
+                "AppSvc"
             ],
             "severity": "High",
             "text": "If deploying to an Isolated environment, use or migrate to App Service Environment (ASE) v3",
@@ -34095,8 +34095,8 @@
             "services": [
                 "WAF",
                 "Monitor",
-                "AKV",
-                "Subscriptions"
+                "Subscriptions",
+                "AKV"
             ],
             "severity": "High",
             "text": "Create alerts to notify teams of events such as an entry in the activity log created by an action performed on the resource, such as regenerating its subscription keys or a metric threshold such as the number of errors exceeding 10 in an hour",
@@ -34243,9 +34243,9 @@
             "link": "https://learn.microsoft.com/azure/ai-services/openai/how-to/latency#batching",
             "service": "Azure OpenAI",
             "services": [
-                "ServiceBus",
                 "WAF",
-                "Storage"
+                "Storage",
+                "ServiceBus"
             ],
             "severity": "Medium",
             "text": "Estimate elasticity demands to determine synchronous and batch request segregation based on priority. For high priority, use synchronous approach and for low priority, asynchronous batch processing with queue is preferred",
@@ -34379,8 +34379,8 @@
             "link": "https://learn.microsoft.com/azure/backup/backup-overview",
             "service": "Azure OpenAI",
             "services": [
-                "ASR",
                 "WAF",
+                "ASR",
                 "Backup"
             ],
             "severity": "Medium",
@@ -34474,8 +34474,8 @@
             "link": "https://learn.microsoft.com/azure/defender-for-cloud/defender-for-cloud-introduction",
             "service": "Azure OpenAI",
             "services": [
-                "Sentinel",
                 "WAF",
+                "Sentinel",
                 "Monitor",
                 "Defender"
             ],
@@ -34566,8 +34566,8 @@
             "service": "Azure OpenAI",
             "services": [
                 "WAF",
-                "AzurePolicy",
-                "RBAC"
+                "RBAC",
+                "AzurePolicy"
             ],
             "severity": "Medium",
             "text": "Take segregation a step further by placing sensitive datasets in different instances of the service. Each instance can be controlled with its own specific set of RBAC policies",
@@ -34619,9 +34619,9 @@
             "guid": "ac8ac199-ebb9-41a3-9d90-cae2cc881370",
             "service": "Azure OpenAI",
             "services": [
-                "VNet",
                 "WAF",
-                "Firewall"
+                "Firewall",
+                "VNet"
             ],
             "severity": "High",
             "text": "Enforce strict inbound and outbound traffic control with Azure Firewall and UDRs and limit the external integration points",
@@ -34847,8 +34847,8 @@
             "link": "https://learn.microsoft.com/azure/ai-services/openai/how-to/manage-costs#base-series-and-codex-series-fine-tuned-models",
             "service": "Azure OpenAI",
             "services": [
-                "Cost",
-                "WAF"
+                "WAF",
+                "Cost"
             ],
             "severity": "Medium",
             "text": "Understand difference in cost of base models and fine tuned models and token step sizes",
@@ -34861,8 +34861,8 @@
             "link": "https://learn.microsoft.com/azure/ai-services/openai/how-to/latency#batching",
             "service": "Azure OpenAI",
             "services": [
-                "Cost",
-                "WAF"
+                "WAF",
+                "Cost"
             ],
             "severity": "High",
             "text": "Batch requests, where possible, to minimize the per-call overhead which can reduce overall costs. Ensure you optimize batch size",
@@ -34875,9 +34875,9 @@
             "link": "https://learn.microsoft.com/azure/ai-services/openai/how-to/manage-costs",
             "service": "Azure OpenAI",
             "services": [
-                "Cost",
                 "WAF",
-                "Monitor"
+                "Monitor",
+                "Cost"
             ],
             "severity": "Medium",
             "text": "Set up a cost tracking system that monitors model usage and use that information to help inform model choices and prompt sizes",
@@ -35060,11 +35060,11 @@
             "link": "https://github.com/Azure/aoai-apim/blob/main/README.md",
             "service": "Azure OpenAI",
             "services": [
-                "APIM",
-                "WAF",
+                "Entra",
                 "LoadBalancer",
+                "WAF",
                 "ACR",
-                "Entra"
+                "APIM"
             ],
             "severity": "Medium",
             "text": "Use Load balancer solutions like APIM based gateway for balancing load and capacity across services and regions",
@@ -35290,8 +35290,8 @@
             "link": "https://learn.microsoft.com/azure/aks/operator-best-practices-scheduler",
             "service": "AKS",
             "services": [
-                "Cost",
-                "WAF"
+                "WAF",
+                "Cost"
             ],
             "severity": "Low",
             "text": "Use Disruption Budgets in your pod and deployment definitions",
@@ -35318,8 +35318,8 @@
             "link": "https://learn.microsoft.com/azure/cloud-adoption-framework/scenarios/aks/eslz-cost-governance-with-kubecost",
             "service": "AKS",
             "services": [
-                "Cost",
-                "WAF"
+                "WAF",
+                "Cost"
             ],
             "severity": "Low",
             "text": "Use an external application such as kubecost to allocate costs to different users",
@@ -35374,8 +35374,8 @@
             "service": "AKS",
             "services": [
                 "WAF",
-                "AKS",
-                "AzurePolicy"
+                "AzurePolicy",
+                "AKS"
             ],
             "severity": "Medium",
             "text": "Use Azure Policy for Kubernetes to ensure cluster compliance",
@@ -35582,8 +35582,8 @@
             "service": "AKS",
             "services": [
                 "WAF",
-                "AKS",
-                "RBAC"
+                "RBAC",
+                "AKS"
             ],
             "severity": "High",
             "text": "Use namespaces for restricting RBAC privilege in Kubernetes",
@@ -35653,8 +35653,8 @@
             "service": "AKS",
             "services": [
                 "WAF",
-                "AKS",
-                "Entra"
+                "Entra",
+                "AKS"
             ],
             "severity": "Low",
             "text": "Configure if required AAD conditional access for AKS",
@@ -35753,8 +35753,8 @@
             "link": "https://learn.microsoft.com/azure/aks/use-multiple-node-pools#add-a-node-pool-with-a-unique-subnet",
             "service": "AKS",
             "services": [
-                "VNet",
-                "WAF"
+                "WAF",
+                "VNet"
             ],
             "severity": "Medium",
             "text": "If using Azure CNI, consider using different Subnets for NodePools",
@@ -35767,9 +35767,9 @@
             "link": "https://learn.microsoft.com/azure/private-link/private-link-overview",
             "service": "AKS",
             "services": [
-                "VNet",
                 "WAF",
-                "PrivateLink"
+                "PrivateLink",
+                "VNet"
             ],
             "severity": "Medium",
             "text": "Use Private Endpoints (preferred) or Virtual Network Service Endpoints to access PaaS services from the cluster",
@@ -35796,8 +35796,8 @@
             "link": "https://learn.microsoft.com/azure/aks/configure-azure-cni",
             "service": "AKS",
             "services": [
-                "VNet",
-                "WAF"
+                "WAF",
+                "VNet"
             ],
             "severity": "High",
             "text": "If using Azure CNI, size your subnet accordingly considering the maximum number of pods per node",
@@ -35824,8 +35824,8 @@
             "link": "https://learn.microsoft.com/azure/aks/internal-lb",
             "service": "AKS",
             "services": [
-                "VNet",
                 "WAF",
+                "VNet",
                 "AKS"
             ],
             "severity": "Low",
@@ -35963,8 +35963,8 @@
             "service": "AKS",
             "services": [
                 "WAF",
-                "AKS",
-                "AzurePolicy"
+                "AzurePolicy",
+                "AKS"
             ],
             "severity": "Medium",
             "text": "For Windows 2019 and 2022 AKS nodes Calico Network Policies can be used ",
@@ -35979,8 +35979,8 @@
             "service": "AKS",
             "services": [
                 "WAF",
-                "AKS",
-                "AzurePolicy"
+                "AzurePolicy",
+                "AKS"
             ],
             "severity": "High",
             "text": "Enable a Kubernetes Network Policy option (Calico/Azure)",
@@ -35994,8 +35994,8 @@
             "service": "AKS",
             "services": [
                 "WAF",
-                "AKS",
-                "AzurePolicy"
+                "AzurePolicy",
+                "AKS"
             ],
             "severity": "High",
             "text": "Use Kubernetes network policies to increase intra-cluster security",
@@ -36022,8 +36022,8 @@
             "link": "https://learn.microsoft.com/azure/virtual-network/ddos-protection-overview",
             "service": "AKS",
             "services": [
-                "VNet",
                 "WAF",
+                "VNet",
                 "AKS",
                 "DDoS"
             ],
@@ -36368,10 +36368,10 @@
             "service": "AKS",
             "services": [
                 "ServiceBus",
-                "Storage",
-                "Monitor",
+                "EventHubs",
                 "WAF",
-                "EventHubs"
+                "Monitor",
+                "Storage"
             ],
             "severity": "Medium",
             "text": "Monitor OS disk queue depth in nodes",
@@ -36385,9 +36385,9 @@
             "service": "AKS",
             "services": [
                 "WAF",
+                "LoadBalancer",
                 "NVA",
-                "Monitor",
-                "LoadBalancer"
+                "Monitor"
             ],
             "severity": "Medium",
             "text": "If not using egress filtering with AzFW/NVA, monitor standard ALB allocated SNAT ports",
@@ -36623,8 +36623,8 @@
             "service": "AKS",
             "services": [
                 "WAF",
-                "Storage",
-                "SQL"
+                "SQL",
+                "Storage"
             ],
             "severity": "Medium",
             "text": "Avoid keeping state in the cluster, and store data outside (AzStorage, AzSQL, Cosmos, etc)",
@@ -36707,8 +36707,8 @@
             "link": "https://learn.microsoft.com/azure/cloud-adoption-framework/ready/landing-zone/design-area/azure-billing-microsoft-customer-agreement#design-recommendations",
             "service": "Azure Backup",
             "services": [
-                "ASR",
                 "WAF",
+                "ASR",
                 "Backup",
                 "Storage"
             ],
@@ -36786,8 +36786,8 @@
             "link": "https://learn.microsoft.com/azure/governance/policy/overview",
             "service": "VM",
             "services": [
-                "VM",
-                "WAF"
+                "WAF",
+                "VM"
             ],
             "severity": "Medium",
             "text": "Make sure advisor is configured for VM right sizing ",
@@ -36801,8 +36801,8 @@
             "link": "https://learn.microsoft.com/azure/cloud-adoption-framework/manage/centralize-operations",
             "service": "VM",
             "services": [
-                "VM",
                 "WAF",
+                "VM",
                 "AzurePolicy",
                 "Cost"
             ],
@@ -36831,8 +36831,8 @@
             "link": "https://learn.microsoft.com/azure/active-directory/fundamentals/active-directory-groups-create-azure-portal",
             "service": "VM",
             "services": [
-                "VM",
-                "WAF"
+                "WAF",
+                "VM"
             ],
             "severity": "Medium",
             "text": "Consolidate reserved VM families with flexibility option (no more than 4-5 families)",
@@ -36846,10 +36846,10 @@
             "link": "https://learn.microsoft.com/azure/cloud-adoption-framework/ready/landing-zone/design-area/identity-access#prerequisites-for-a-landing-zone---design-recommendations",
             "service": "VM",
             "services": [
-                "VM",
                 "WAF",
-                "Cost",
-                "ARS"
+                "VM",
+                "ARS",
+                "Cost"
             ],
             "severity": "Medium",
             "text": "Utilize Azure Reserved Instances: This feature allows you to reserve VMs for a period of 1 or 3 years, providing significant cost savings compared to PAYG prices.",
@@ -36888,10 +36888,10 @@
             "link": "https://learn.microsoft.com/azure/active-directory/app-proxy/application-proxy",
             "service": "Azure SQL",
             "services": [
-                "Cost",
                 "WAF",
                 "AzurePolicy",
-                "SQL"
+                "SQL",
+                "Cost"
             ],
             "severity": "Medium",
             "text": "Check if applicable and enforce policy/change https://learn.microsoft.com/azure/azure-sql/azure-hybrid-benefit?view=azuresql&tabs=azure-portalhttps://learn.microsoft.com/azure/cost-management-billing/scope-level/create-sql-license-assignments?source=recommendations",
@@ -36904,8 +36904,8 @@
             "link": "https://learn.microsoft.com/azure/active-directory/roles/best-practices",
             "service": "VM",
             "services": [
-                "VM",
-                "WAF"
+                "WAF",
+                "VM"
             ],
             "severity": "Medium",
             "text": "The VM + license part discount (ahub + 3YRI) is around 70% discount",
@@ -36918,8 +36918,8 @@
             "link": "https://learn.microsoft.com/azure/web-application-firewall/afds/waf-front-door-best-practices#send-logs-to-microsoft-sentinel",
             "service": "VM",
             "services": [
-                "VM",
-                "WAF"
+                "WAF",
+                "VM"
             ],
             "severity": "Medium",
             "text": "Consider using a VMSS to match demand rather than flat sizing",
@@ -36960,8 +36960,8 @@
             "link": "https://learn.microsoft.com/azure/databricks/clusters/cluster-config-best-practices#automatic-termination",
             "service": "Databricks",
             "services": [
-                "VM",
                 "WAF",
+                "VM",
                 "LoadBalancer"
             ],
             "severity": "Medium",
@@ -37072,8 +37072,8 @@
             "service": "Front Door",
             "services": [
                 "WAF",
-                "FrontDoor",
-                "EventHubs"
+                "EventHubs",
+                "FrontDoor"
             ],
             "severity": "Medium",
             "text": "Frontdoor - Turn off the default homepageIn the application settings of your App, set AzureWebJobsDisableHomepage to true. This will return a 204 (No Content) to the PoP so only header data is returned.",
@@ -37086,9 +37086,9 @@
             "link": "https://learn.microsoft.com/azure/cloud-adoption-framework/ready/azure-setup-guide/monitoring-reporting?tabs=AzureMonitor",
             "service": "Front Door",
             "services": [
-                "AppSvc",
                 "WAF",
-                "FrontDoor"
+                "FrontDoor",
+                "AppSvc"
             ],
             "severity": "Medium",
             "text": "Frontdoor - Route to something that returns nothing. Either set up a Function, Function Proxy, or add a route in your WebApp that returns 200 (OK) and sends no or minimal content. The advantage of this is you will be able to log out when it is called.",
@@ -37154,8 +37154,8 @@
             "link": "https://learn.microsoft.com/azure/site-recovery/site-recovery-overview",
             "service": "Site Recovery",
             "services": [
-                "ASR",
-                "WAF"
+                "WAF",
+                "ASR"
             ],
             "severity": "Medium",
             "text": "For ASR, consider using Standard SSD disks if the RPO/RTO and replication throughput allow it",
@@ -37195,10 +37195,10 @@
             "link": "https://learn.microsoft.com/azure/reliability/availability-zones-overview",
             "service": "Synapse",
             "services": [
-                "Cost",
                 "WAF",
                 "Monitor",
-                "EventHubs"
+                "EventHubs",
+                "Cost"
             ],
             "severity": "Medium",
             "text": "Create budgets to manage costs and create alerts that automatically notify stakeholders of spending anomalies and overspending risks.",
@@ -37211,8 +37211,8 @@
             "link": "https://learn.microsoft.com/azure/virtual-machines/availability",
             "service": "Synapse",
             "services": [
-                "Cost",
                 "WAF",
+                "Cost",
                 "Storage"
             ],
             "severity": "Medium",
@@ -37226,9 +37226,9 @@
             "link": "https://learn.microsoft.com/azure/load-balancer/load-balancer-overview",
             "service": "Synapse",
             "services": [
-                "Cost",
                 "WAF",
-                "SQL"
+                "SQL",
+                "Cost"
             ],
             "severity": "Medium",
             "text": "Control costs for a dedicated SQL pool by pausing the resource when it is not in use.",
@@ -37267,8 +37267,8 @@
             "link": "https://learn.microsoft.com/azure/cloud-adoption-framework/ready/landing-zone/design-area/resource-org-management-groups#management-groups-in-the-azure-landing-zone-accelerator",
             "service": "Synapse",
             "services": [
-                "Cost",
-                "WAF"
+                "WAF",
+                "Cost"
             ],
             "severity": "Medium",
             "text": "Purchase Azure Synapse commit units (SCU) for one year with a pre-purchase plan to save on your Azure Synapse Analytics costs.",
@@ -37282,8 +37282,8 @@
             "link": "https://learn.microsoft.com/azure/application-gateway/overview-v2",
             "service": "VM",
             "services": [
-                "VM",
                 "WAF",
+                "VM",
                 "Cost"
             ],
             "severity": "Medium",
@@ -37298,8 +37298,8 @@
             "link": "https://learn.microsoft.com/azure/load-balancer/load-balancer-overview",
             "service": "VM",
             "services": [
-                "VM",
-                "WAF"
+                "WAF",
+                "VM"
             ],
             "severity": "Medium",
             "text": "Right-sizing all VMs",
@@ -37312,8 +37312,8 @@
             "link": "https://learn.microsoft.com/azure/application-gateway/configuration-infrastructure#size-of-the-subnet",
             "service": "VM",
             "services": [
-                "VM",
-                "WAF"
+                "WAF",
+                "VM"
             ],
             "severity": "Medium",
             "text": "Swap VM sized with normalized and most recent sizes",
@@ -37327,8 +37327,8 @@
             "link": "https://learn.microsoft.com/azure/web-application-firewall/ag/ag-overview",
             "service": "VM",
             "services": [
-                "VM",
                 "WAF",
+                "VM",
                 "Monitor"
             ],
             "severity": "Medium",
@@ -37343,8 +37343,8 @@
             "link": "https://learn.microsoft.com/azure/web-application-firewall/ag/ag-overview",
             "service": "VM",
             "services": [
-                "VM",
-                "WAF"
+                "WAF",
+                "VM"
             ],
             "severity": "Medium",
             "text": "Containerizing an application can improve VM density and save money on scaling it",
@@ -37455,8 +37455,8 @@
             "link": "https://learn.microsoft.com/azure/data-explorer/kusto/management/data-export/continuous-data-export",
             "service": "Azure Data Explorer",
             "services": [
-                "Cost",
                 "WAF",
+                "Cost",
                 "Storage"
             ],
             "text": "Leverage External Tables and Continuous data export overview to reduce costs",
@@ -37484,8 +37484,8 @@
             "link": "https://learn.microsoft.com/azure/data-explorer/business-continuity-create-solution#create-multiple-independent-clusters",
             "service": "Azure Data Explorer",
             "services": [
-                "ASR",
-                "WAF"
+                "WAF",
+                "ASR"
             ],
             "text": "To protect against regional failure, create Multiple independent clusters, preferably in two Azure Paired regions",
             "waf": "Reliability"
@@ -37498,8 +37498,8 @@
             "service": "Azure Data Explorer",
             "services": [
                 "WAF",
-                "Storage",
-                "RBAC"
+                "RBAC",
+                "Storage"
             ],
             "text": "Replicate all management activities such as creating new tables or managing user roles on each cluster.",
             "waf": "Reliability"
@@ -37565,11 +37565,11 @@
             "link": "https://learn.microsoft.com/azure/data-explorer/business-continuity-overview#on-demand-data-recovery-configuration",
             "service": "Azure Data Explorer",
             "services": [
-                "Storage",
+                "AzurePolicy",
                 "Cost",
                 "WAF",
                 "ASR",
-                "AzurePolicy"
+                "Storage"
             ],
             "text": "For applications, where cost is a concern and can withstand some downtime during failure, create on-demand data recovery cluster configuration",
             "waf": "Reliability"
@@ -37670,8 +37670,8 @@
             "link": "https://azure.microsoft.com/blog/setting-up-active-directory-for-a-disaster-recovery-environment-2/",
             "service": "Windows AD",
             "services": [
-                "VM",
-                "WAF"
+                "WAF",
+                "VM"
             ],
             "severity": "Medium",
             "text": "Follow VM rules for high availability on the VM level (premium disks, two or more in a region, in different availability zones)",
@@ -37834,8 +37834,8 @@
             "services": [
                 "WAF",
                 "Backup",
-                "Storage",
-                "CosmosDB"
+                "CosmosDB",
+                "Storage"
             ],
             "severity": "Medium",
             "text": "Enable Automatic Backups",
@@ -37934,12 +37934,12 @@
             "link": "https://learn.microsoft.com/azure/reliability/cross-region-replication-azure",
             "service": "SAP",
             "services": [
-                "Storage",
-                "WAF",
+                "SQL",
                 "SAP",
+                "WAF",
                 "ASR",
                 "Backup",
-                "SQL"
+                "Storage"
             ],
             "severity": "High",
             "text": "You can replicate standard storage between paired regions, but you can't use standard storage to store your databases or virtual hard disks. You can replicate backups only between paired regions that you use. For all your other data, run your replication by using native DBMS features like SQL Server Always On or SAP HANA System Replication. Use a combination of Site Recovery, rsync or robocopy, and other third-party software for the SAP application layer.",
@@ -37966,9 +37966,9 @@
             "link": "https://learn.microsoft.com/azure/expressroute/designing-for-disaster-recovery-with-expressroute-privatepeering",
             "service": "SAP",
             "services": [
-                "ExpressRoute",
                 "WAF",
                 "ASR",
+                "ExpressRoute",
                 "VPN"
             ],
             "severity": "High",
@@ -37996,10 +37996,10 @@
             "link": "https://learn.microsoft.com/azure/architecture/guide/sap/sap-s4hana",
             "service": "SAP",
             "services": [
-                "VNet",
                 "WAF",
                 "ASR",
-                "SAP"
+                "SAP",
+                "VNet"
             ],
             "severity": "Medium",
             "text": "Peer the primary and disaster recovery virtual networks. For example, for HANA System Replication, an SAP HANA DB virtual network needs to be peered to the disaster recovery site's SAP HANA DB virtual network.",
@@ -38039,8 +38039,8 @@
             "link": "https://learn.microsoft.com/ja-jp/azure/virtual-network/virtual-networks-faq",
             "service": "SAP",
             "services": [
-                "VNet",
-                "WAF"
+                "WAF",
+                "VNet"
             ],
             "severity": "High",
             "text": "The CIDR for the primary virtual network (VNet) shouldn't conflict or overlap with the CIDR of the DR site's VNet",
@@ -38052,9 +38052,9 @@
             "guid": "0258ed30-fe42-434f-87b9-58f91f908e0a",
             "service": "SAP",
             "services": [
-                "VM",
                 "WAF",
                 "ASR",
+                "VM",
                 "Entra"
             ],
             "severity": "High",
@@ -38096,8 +38096,8 @@
             "link": "https://learn.microsoft.com/azure/sap/workloads/disaster-recovery-sap-guide?tabs=windows",
             "service": "SAP",
             "services": [
-                "VM",
                 "WAF",
+                "VM",
                 "Storage"
             ],
             "severity": "High",
@@ -38182,10 +38182,10 @@
             "link": "https://www.microsoft.com/licensing/docs/view/Service-Level-Agreements-SLA-for-Online-Services?lang=1",
             "service": "SAP",
             "services": [
-                "VM",
                 "WAF",
-                "SAP",
-                "Entra"
+                "Entra",
+                "VM",
+                "SAP"
             ],
             "severity": "High",
             "text": "If you want to meet the infrastructure SLAs for your applications for SAP components (central services, application servers, and databases), you must choose the same high availability options (VMs, availability sets, availability zones) for all components.",
@@ -38197,9 +38197,9 @@
             "link": "https://learn.microsoft.com/azure/virtual-machines/availability-set-overview",
             "service": "SAP",
             "services": [
-                "VM",
                 "WAF",
                 "Entra",
+                "VM",
                 "RBAC"
             ],
             "severity": "High",
@@ -38226,8 +38226,8 @@
             "link": "https://learn.microsoft.com/azure/virtual-machines/availability-set-overview",
             "service": "SAP",
             "services": [
-                "VM",
-                "WAF"
+                "WAF",
+                "VM"
             ],
             "severity": "High",
             "text": "When you create availability sets, use the maximum number of fault domains and update domains available. For example, if you deploy more than two VMs in one availability set, use the maximum number of fault domains (three) and enough update domains to limit the effect of potential physical hardware failures, network outages, or power interruptions, in addition to Azure planned maintenance. The default number of fault domains is two, and you can't change it online later.",
@@ -38241,8 +38241,8 @@
             "service": "SAP",
             "services": [
                 "WAF",
-                "SAP",
-                "Entra"
+                "Entra",
+                "SAP"
             ],
             "severity": "High",
             "text": "When you use Azure proximity placement groups in an availability set deployment, all three SAP components (central services, application server, and database) should be in the same proximity placement group.",
@@ -38269,8 +38269,8 @@
             "service": "SAP",
             "services": [
                 "WAF",
-                "SAP",
-                "Entra"
+                "Entra",
+                "SAP"
             ],
             "severity": "High",
             "text": "Use one of the following services to run SAP central services clusters, depending on the operating system.",
@@ -38283,9 +38283,9 @@
             "link": "https://learn.microsoft.com/azure/sap/workloads/high-availability-guide-suse-multi-sid",
             "service": "SAP",
             "services": [
-                "VM",
                 "WAF",
-                "Entra"
+                "Entra",
+                "VM"
             ],
             "severity": "Medium",
             "text": "Azure doesn't currently support combining ASCS and DB HA in the same Linux Pacemaker cluster; separate them into individual clusters. However, you can combine up to five multiple central-services clusters into a pair of VMs.",
@@ -38298,8 +38298,8 @@
             "link": "https://learn.microsoft.com/azure/cloud-adoption-framework/scenarios/sap/eslz-business-continuity-and-disaster-recovery",
             "service": "SAP",
             "services": [
-                "VM",
                 "WAF",
+                "VM",
                 "Storage"
             ],
             "severity": "Medium",
@@ -38355,8 +38355,8 @@
             "link": "https://learn.microsoft.com/azure/sap/workloads/disaster-recovery-overview-guide#storage",
             "service": "SAP",
             "services": [
-                "ASR",
                 "WAF",
+                "ASR",
                 "SAP",
                 "Storage"
             ],
@@ -38385,9 +38385,9 @@
             "link": "https://techcommunity.microsoft.com/t5/running-sap-applications-on-the/optimize-your-azure-costs-by-automating-sap-system-start-stop/ba-p/2120675",
             "service": "SAP",
             "services": [
-                "Cost",
                 "WAF",
-                "SAP"
+                "SAP",
+                "Cost"
             ],
             "severity": "Medium",
             "text": "Automate SAP System Start-Stop to manage costs.",
@@ -38399,11 +38399,11 @@
             "link": "https://learn.microsoft.com/azure/sap/workloads/hana-vm-premium-ssd-v1",
             "service": "SAP",
             "services": [
-                "Storage",
-                "VM",
-                "WAF",
+                "SAP",
                 "Cost",
-                "SAP"
+                "WAF",
+                "VM",
+                "Storage"
             ],
             "severity": "Low",
             "text": "In the case of using Azure Premium Storage with SAP HANA, Azure Standard SSD storage can be used to select a cost-conscious storage solution. However, please note that choosing Standard SSD or Standard HDD Azure storage will affect the SLA of the individual VMs. Also, for systems with lower I/O throughput and low latency, such as non-production environments, lower series VMs can be used.",
@@ -38415,11 +38415,11 @@
             "link": "https://learn.microsoft.com/azure/sap/workloads/hana-vm-premium-ssd-v1",
             "service": "SAP",
             "services": [
-                "Storage",
-                "VM",
-                "WAF",
+                "SAP",
                 "Cost",
-                "SAP"
+                "WAF",
+                "VM",
+                "Storage"
             ],
             "severity": "Low",
             "text": "As a lower-cost alternative configuration (multipurpose), you can choose a low-performance SKU for your non-production HANA database server VMs. However, it is important to note that some VM types, such as E-series, are not HANA certified (SAP HANA Hardware Directory) or cannot achieve storage latency of less than 1ms.",
@@ -38447,8 +38447,8 @@
             "service": "SAP",
             "services": [
                 "WAF",
-                "SAP",
-                "Entra"
+                "Entra",
+                "SAP"
             ],
             "severity": "Medium",
             "text": "Enforce Principal propagation for forwarding the identity from SAP cloud application to SAP on-premises (Including IaaS) through cloud connector",
@@ -38462,8 +38462,8 @@
             "service": "SAP",
             "services": [
                 "WAF",
-                "SAP",
-                "Entra"
+                "Entra",
+                "SAP"
             ],
             "severity": "Medium",
             "text": "Implement SSO to SAP SaaS applications like SAP Analytics Cloud, SAP Cloud Platform, Business by design, SAP Qualtrics and SAP C4C with Azure AD using SAML.",
@@ -38571,8 +38571,8 @@
             "service": "SAP",
             "services": [
                 "WAF",
-                "SAP",
-                "Entra"
+                "Entra",
+                "SAP"
             ],
             "severity": "Medium",
             "text": "Consider Azure AD an identity provider for SAP systems hosted on RISE. For more information, see Integrating the Service with Azure AD.",
@@ -38598,8 +38598,8 @@
             "service": "SAP",
             "services": [
                 "WAF",
-                "SAP",
-                "Entra"
+                "Entra",
+                "SAP"
             ],
             "severity": "Medium",
             "text": "If you're using SAP BTP services or SaaS solutions that require SAP Identity Authentication Service (IAS), consider implementing SSO between SAP Cloud Identity Authentication Services and Azure AD to access those SAP services. This integration lets SAP IAS act as a proxy identity provider and forwards authentication requests to Azure AD as the central user store and identity provider.",
@@ -38625,8 +38625,8 @@
             "service": "SAP",
             "services": [
                 "WAF",
-                "SAP",
-                "Entra"
+                "Entra",
+                "SAP"
             ],
             "severity": "Medium",
             "text": "If you're using SAP SuccessFactors, consider using the Azure AD automated user provisioning. With this integration, as you add new employees to SAP SuccessFactors, you can automatically create their user accounts in Azure AD. Optionally, you can create user accounts in Microsoft 365 or other SaaS applications that are supported by Azure AD. Use write-back of the email address to SAP SuccessFactors.",
@@ -38683,8 +38683,8 @@
             "link": "https://learn.microsoft.com/azure/quotas/quotas-overview",
             "service": "SAP",
             "services": [
-                "VM",
                 "WAF",
+                "VM",
                 "Subscriptions"
             ],
             "severity": "High",
@@ -38710,8 +38710,8 @@
             "link": "https://learn.microsoft.com/azure/quotas/quickstart-increase-quota-portal",
             "service": "SAP",
             "services": [
-                "VM",
                 "WAF",
+                "VM",
                 "Subscriptions"
             ],
             "severity": "High",
@@ -38737,9 +38737,9 @@
             "link": "https://learn.microsoft.com/azure/cloud-adoption-framework/scenarios/sap/eslz-resource-organization",
             "service": "SAP",
             "services": [
-                "Cost",
                 "WAF",
-                "TrafficManager"
+                "TrafficManager",
+                "Cost"
             ],
             "severity": "Medium",
             "text": "Leverage Azure resource tag for cost categorization and resource grouping (: BillTo, Department (or Business Unit), Environment (Production, Stage, Development), Tier (Web Tier, Application Tier), Application Owner, ProjectName)",
@@ -38766,10 +38766,10 @@
             "link": "https://learn.microsoft.com/azure/azure-netapp-files/azacsnap-introduction",
             "service": "SAP",
             "services": [
-                "VM",
                 "WAF",
-                "Storage",
-                "Entra"
+                "Entra",
+                "VM",
+                "Storage"
             ],
             "severity": "Medium",
             "text": "If you deploy Azure NetApp Files for your HANA, Oracle, or DB2 database, use the Azure Application Consistent Snapshot tool (AzAcSnap) to take application-consistent snapshots. AzAcSnap also supports Oracle databases. Consider using AzAcSnap on a central VM rather than on individual VMs.",
@@ -38808,8 +38808,8 @@
             "link": "https://azure.microsoft.com/pricing/offers/dev-test/",
             "service": "SAP",
             "services": [
-                "Cost",
-                "WAF"
+                "WAF",
+                "Cost"
             ],
             "severity": "Low",
             "text": "Consider running dev/test systems in a snooze model to save and optimize Azure run costs.",
@@ -38822,8 +38822,8 @@
             "service": "SAP",
             "services": [
                 "WAF",
-                "SAP",
-                "Entra"
+                "Entra",
+                "SAP"
             ],
             "severity": "Medium",
             "text": "If you partner with customers by managing their SAP estates, consider Azure Lighthouse. Azure Lighthouse allows managed service providers to use Azure native identity services to authenticate to the customers' environment. It puts the control in the hands of customers, because they can revoke access at any time and audit service providers' actions.",
@@ -38835,8 +38835,8 @@
             "link": "https://learn.microsoft.com/azure/update-manager/scheduled-patching?tabs=schedule-updates-single-machine%2Cschedule-updates-scale-overview",
             "service": "SAP",
             "services": [
-                "VM",
-                "WAF"
+                "WAF",
+                "VM"
             ],
             "severity": "Medium",
             "text": "Use Azure Update Manager to check the status of available updates for a single VM or multiple VMs and consider scheduling regular patching.",
@@ -38865,8 +38865,8 @@
             "services": [
                 "WAF",
                 "SAP",
-                "Monitor",
-                "SQL"
+                "SQL",
+                "Monitor"
             ],
             "severity": "Medium",
             "text": "Use Azure Monitor for SAP solutions to monitor your SAP workloads(SAP HANA, high-availability SUSE clusters, and SQL systems) on Azure. Consider supplementing Azure Monitor for SAP solutions with SAP Solution Manager.",
@@ -38879,11 +38879,11 @@
             "link": "https://learn.microsoft.com/azure/sap/workloads/vm-extension-for-sap",
             "service": "SAP",
             "services": [
-                "Monitor",
-                "VM",
-                "WAF",
+                "Entra",
                 "SAP",
-                "Entra"
+                "WAF",
+                "VM",
+                "Monitor"
             ],
             "severity": "High",
             "text": "Run a VM Extension for SAP check. VM Extension for SAP uses the assigned managed identity of a virtual machine (VM) to access VM monitoring and configuration data. The check ensures that all performance metrics in your SAP application come from the underlying Azure Extension for SAP.",
@@ -38926,8 +38926,8 @@
             "link": "https://github.com/Azure/SAP-on-Azure-Scripts-and-Utilities/tree/main/QualityCheck",
             "service": "SAP",
             "services": [
-                "VM",
                 "WAF",
+                "VM",
                 "SAP"
             ],
             "severity": "Medium",
@@ -38955,8 +38955,8 @@
             "link": "https://learn.microsoft.com/azure/advisor/advisor-how-to-improve-reliability",
             "service": "SAP",
             "services": [
-                "ASR",
                 "WAF",
+                "ASR",
                 "Storage"
             ],
             "severity": "Medium",
@@ -38970,9 +38970,9 @@
             "link": "https://learn.microsoft.com/azure/sentinel/sap/deployment-overview",
             "service": "SAP",
             "services": [
-                "Sentinel",
                 "WAF",
                 "SAP",
+                "Sentinel",
                 "Monitor"
             ],
             "severity": "Medium",
@@ -38986,8 +38986,8 @@
             "link": "https://learn.microsoft.com/azure/cost-management-billing/costs/enable-tag-inheritance",
             "service": "SAP",
             "services": [
-                "Cost",
-                "WAF"
+                "WAF",
+                "Cost"
             ],
             "severity": "Medium",
             "text": "Azure tagging can be leveraged to logically group and track resources, automate their deployments, and most importantly, provide visibility on the incurred costs.",
@@ -39000,8 +39000,8 @@
             "link": "https://learn.microsoft.com/azure/virtual-network/virtual-network-test-latency?tabs=windows",
             "service": "SAP",
             "services": [
-                "VM",
                 "WAF",
+                "VM",
                 "Monitor"
             ],
             "severity": "Low",
@@ -39014,8 +39014,8 @@
             "link": "https://learn.microsoft.com/azure/sap/workloads/planning-guide-storage",
             "service": "SAP",
             "services": [
-                "ASR",
                 "WAF",
+                "ASR",
                 "SAP",
                 "Monitor"
             ],
@@ -39087,8 +39087,8 @@
             "link": "https://learn.microsoft.com/azure/site-recovery/site-recovery-monitor-and-troubleshoot",
             "service": "SAP",
             "services": [
-                "ASR",
                 "WAF",
+                "ASR",
                 "SAP",
                 "Monitor"
             ],
@@ -39104,8 +39104,8 @@
             "service": "SAP",
             "services": [
                 "WAF",
-                "AppGW",
-                "AzurePolicy"
+                "AzurePolicy",
+                "AppGW"
             ],
             "severity": "Medium",
             "text": "For secure delivery of HTTP/S apps, use Application Gateway v2 and ensure that WAF protection and policies are enabled.",
@@ -39118,10 +39118,10 @@
             "link": "https://learn.microsoft.com/azure/cloud-adoption-framework/scenarios/sap/eslz-network-topology-and-connectivity",
             "service": "SAP",
             "services": [
-                "VM",
                 "WAF",
-                "DNS",
-                "SAP"
+                "VM",
+                "SAP",
+                "DNS"
             ],
             "severity": "Medium",
             "text": "If the virtual machine's DNS or virtual name is not changed during migration to Azure, Background DNS and virtual names connect many system interfaces in the SAP landscape, and customers are only sometimes aware of the interfaces that developers define over time. Connection challenges arise between various systems when virtual or DNS names change after migrations, and it's recommended to retain DNS aliases to prevent these types of difficulties.",
@@ -39134,10 +39134,10 @@
             "link": "https://learn.microsoft.com/azure/cloud-adoption-framework/scenarios/sap/eslz-network-topology-and-connectivity",
             "service": "SAP",
             "services": [
-                "VNet",
                 "WAF",
-                "DNS",
-                "SAP"
+                "SAP",
+                "VNet",
+                "DNS"
             ],
             "severity": "Medium",
             "text": "Use different DNS zones to distinguish each environment (sandbox, development, preproduction, and production) from each other. The exception is for SAP deployments with their own VNet; here, private DNS zones might not be necessary.",
@@ -39150,9 +39150,9 @@
             "link": "https://learn.microsoft.com/azure/virtual-network/virtual-network-peering-overview",
             "service": "SAP",
             "services": [
-                "VNet",
                 "WAF",
                 "SAP",
+                "VNet",
                 "ACR"
             ],
             "severity": "Medium",
@@ -39181,8 +39181,8 @@
             "link": "https://learn.microsoft.com/training/modules/introduction-azure-virtual-wan/?source=recommendations",
             "service": "SAP",
             "services": [
-                "VWAN",
                 "WAF",
+                "VWAN",
                 "SAP",
                 "ACR"
             ],
@@ -39197,8 +39197,8 @@
             "link": "https://learn.microsoft.com/azure/well-architected/services/networking/network-virtual-appliances/reliability",
             "service": "SAP",
             "services": [
-                "VNet",
                 "WAF",
+                "VNet",
                 "NVA"
             ],
             "severity": "Medium",
@@ -39212,11 +39212,11 @@
             "link": "https://learn.microsoft.com/azure/architecture/networking/hub-spoke-vwan-architecture",
             "service": "SAP",
             "services": [
-                "VNet",
+                "NVA",
                 "VWAN",
-                "WAF",
                 "SAP",
-                "NVA"
+                "WAF",
+                "VNet"
             ],
             "severity": "Medium",
             "text": "Virtual WAN manages connectivity between spoke VNets for virtual-WAN-based topologies (no need to set up user-defined routing [UDR] or NVAs), and maximum network throughput for VNet-to-VNet traffic in the same virtual hub is 50 gigabits per second. If necessary, SAP landing zones can use VNet peering to connect to other landing zones and overcome this bandwidth limitation.",
@@ -39229,8 +39229,8 @@
             "link": "https://learn.microsoft.com/azure/cloud-adoption-framework/ready/azure-best-practices/plan-for-ip-addressing",
             "service": "SAP",
             "services": [
-                "VM",
                 "WAF",
+                "VM",
                 "SAP"
             ],
             "severity": "High",
@@ -39244,8 +39244,8 @@
             "link": "https://learn.microsoft.com/training/modules/protect-on-premises-infrastructure-with-azure-site-recovery/?source=recommendations",
             "service": "SAP",
             "services": [
-                "ASR",
-                "WAF"
+                "WAF",
+                "ASR"
             ],
             "severity": "High",
             "text": "Consider reserving IP address on DR side when configuring ASR",
@@ -39271,8 +39271,8 @@
             "link": "https://learn.microsoft.com/azure/azure-netapp-files/azure-netapp-files-delegate-subnet",
             "service": "SAP",
             "services": [
-                "VNet",
                 "WAF",
+                "VNet",
                 "Storage"
             ],
             "severity": "Medium",
@@ -39301,8 +39301,8 @@
             "service": "SAP",
             "services": [
                 "WAF",
-                "AppGW",
-                "SAP"
+                "SAP",
+                "AppGW"
             ],
             "severity": "Medium",
             "text": "Application Gateway and Web Application Firewall have limitations when Application Gateway serves as a reverse proxy for SAP web apps, as shown in the comparison between Application Gateway, SAP Web Dispatcher, and other third-party services.",
@@ -39317,8 +39317,8 @@
             "services": [
                 "WAF",
                 "AzurePolicy",
-                "FrontDoor",
-                "ACR"
+                "ACR",
+                "FrontDoor"
             ],
             "severity": "Medium",
             "text": "Use Azure Front Door and WAF policies to provide global protection across Azure regions for inbound HTTP/S connections to a landing zone.",
@@ -39332,8 +39332,8 @@
             "service": "SAP",
             "services": [
                 "WAF",
-                "AppGW",
                 "AzurePolicy",
+                "AppGW",
                 "FrontDoor"
             ],
             "severity": "Medium",
@@ -39348,8 +39348,8 @@
             "service": "SAP",
             "services": [
                 "WAF",
-                "AppGW",
-                "LoadBalancer"
+                "LoadBalancer",
+                "AppGW"
             ],
             "severity": "Medium",
             "text": "Use a web application firewall to scan your traffic when it's exposed to the internet. Another option is to use it with your load balancer or with resources that have built-in firewall capabilities like Application Gateway or third-party solutions.",
@@ -39362,8 +39362,8 @@
             "link": "https://learn.microsoft.com/azure/frontdoor/front-door-overview",
             "service": "SAP",
             "services": [
-                "VWAN",
                 "WAF",
+                "VWAN",
                 "SAP",
                 "ACR"
             ],
@@ -39378,12 +39378,12 @@
             "link": "https://learn.microsoft.com/azure/virtual-network/vnet-integration-for-azure-services",
             "service": "SAP",
             "services": [
-                "VNet",
-                "Storage",
-                "WAF",
                 "PrivateLink",
+                "WAF",
+                "VNet",
+                "ACR",
                 "Backup",
-                "ACR"
+                "Storage"
             ],
             "severity": "Medium",
             "text": "To prevent data leakage, use Azure Private Link to securely access platform as a service resources like Azure Blob Storage, Azure Files, Azure Data Lake Storage Gen2, Azure Data Factory, and more. Azure Private Endpoint can also help to secure traffic between VNets and services like Azure Storage, Azure Backup, and more. Traffic between your VNet and the Private Endpoint enabled service travels across the Microsoft global network, which prevents its exposure to the public internet.",
@@ -39396,8 +39396,8 @@
             "link": "https://learn.microsoft.com/azure/virtual-network/accelerated-networking-overview?tabs=redhat",
             "service": "SAP",
             "services": [
-                "VM",
                 "WAF",
+                "VM",
                 "SAP"
             ],
             "severity": "High",
@@ -39425,8 +39425,8 @@
             "link": "https://learn.microsoft.com/azure/virtual-network/network-security-group-how-it-works",
             "service": "SAP",
             "services": [
-                "VM",
                 "WAF",
+                "VM",
                 "SAP",
                 "VNet"
             ],
@@ -39441,9 +39441,9 @@
             "link": "https://me.sap.com/notes/2015553",
             "service": "SAP",
             "services": [
-                "VNet",
                 "WAF",
-                "SAP"
+                "SAP",
+                "VNet"
             ],
             "severity": "High",
             "text": "Placing of the SAP application layer and SAP DBMS in different Azure VNets that aren't peered isn't supported.",
@@ -39484,9 +39484,9 @@
             "link": "https://me.sap.com/notes/2015553",
             "service": "SAP",
             "services": [
-                "VNet",
                 "WAF",
                 "SAP",
+                "VNet",
                 "Cost"
             ],
             "severity": "High",
@@ -39514,9 +39514,9 @@
             "link": "https://learn.microsoft.com/azure/sap/workloads/rise-integration",
             "service": "SAP",
             "services": [
-                "VNet",
                 "WAF",
-                "SAP"
+                "SAP",
+                "VNet"
             ],
             "severity": "Medium",
             "text": "For SAP RISE/ECS deployments, virtual peering is the preferred way to establish connectivity with customer's existing Azure environment. Both the SAP vnet and customer vnet(s) are protected with network security groups (NSG), enabling communication on SAP and database ports through the vnet peering",
@@ -39528,10 +39528,10 @@
             "link": "https://learn.microsoft.com/azure/backup/sap-hana-database-about",
             "service": "SAP",
             "services": [
-                "VM",
                 "WAF",
-                "SAP",
-                "Backup"
+                "Backup",
+                "VM",
+                "SAP"
             ],
             "severity": "High",
             "text": "Review SAP HANA database backups for Azure VMs.",
@@ -39543,8 +39543,8 @@
             "link": "https://learn.microsoft.com/azure/site-recovery/site-recovery-monitor-and-troubleshoot",
             "service": "SAP",
             "services": [
-                "ASR",
                 "WAF",
+                "ASR",
                 "SAP",
                 "Monitor"
             ],
@@ -39572,9 +39572,9 @@
             "link": "https://learn.microsoft.com/azure/virtual-machines/workloads/oracle/oracle-database-backup-strategies",
             "service": "SAP",
             "services": [
-                "VM",
                 "WAF",
-                "Backup"
+                "Backup",
+                "VM"
             ],
             "severity": "Medium",
             "text": "Review Oracle Database in Azure Linux VM backup strategies.",
@@ -39587,8 +39587,8 @@
             "service": "SAP",
             "services": [
                 "WAF",
-                "Storage",
-                "SQL"
+                "SQL",
+                "Storage"
             ],
             "severity": "Medium",
             "text": "Review the use of Azure Blob Storage with SQL Server 2016.",
@@ -39600,9 +39600,9 @@
             "link": "https://learn.microsoft.com/azure/azure-sql/virtual-machines/windows/automated-backup?view=azuresql",
             "service": "SAP",
             "services": [
-                "VM",
                 "WAF",
-                "Backup"
+                "Backup",
+                "VM"
             ],
             "severity": "Medium",
             "text": "Review the use of Automated Backup v2 for Azure VMs.",
@@ -39665,8 +39665,8 @@
             "service": "SAP",
             "services": [
                 "WAF",
-                "Monitor",
-                "SQL"
+                "SQL",
+                "Monitor"
             ],
             "severity": "Medium",
             "text": "Review SQL Server performance monitoring using CCMS.",
@@ -39678,8 +39678,8 @@
             "link": "https://me.sap.com/notes/500235",
             "service": "SAP",
             "services": [
-                "VM",
                 "WAF",
+                "VM",
                 "SAP"
             ],
             "severity": "Medium",
@@ -39720,8 +39720,8 @@
             "link": "https://learn.microsoft.com/azure/cloud-adoption-framework/scenarios/sap/sap-lza-security-operations",
             "service": "SAP",
             "services": [
-                "VM",
-                "WAF"
+                "WAF",
+                "VM"
             ],
             "severity": "Medium",
             "text": "If you run Windows and Linux VMs in Azure, on-premises, or in other cloud environments, you can use the Update management center in Azure Automation to manage operating system updates, including security patches.",
@@ -39776,11 +39776,11 @@
             "link": "https://learn.microsoft.com/azure/cloud-adoption-framework/scenarios/sap/eslz-security-governance-and-compliance",
             "service": "SAP",
             "services": [
-                "Storage",
-                "WAF",
+                "SQL",
                 "SAP",
+                "WAF",
                 "Backup",
-                "SQL"
+                "Storage"
             ],
             "severity": "High",
             "text": "Encrypting SAP HANA database servers on Azure uses SAP HANA native encryption technology. Additionally, if you are using SQL Server on Azure, use Transparent Data Encryption (TDE) to protect your data and log files and ensure that your backups are also encrypted.",
@@ -39822,8 +39822,8 @@
             "service": "SAP",
             "services": [
                 "WAF",
-                "AzurePolicy",
                 "RBAC",
+                "AzurePolicy",
                 "Subscriptions"
             ],
             "severity": "Medium",
@@ -39853,8 +39853,8 @@
             "service": "SAP",
             "services": [
                 "WAF",
-                "AzurePolicy",
-                "RBAC"
+                "RBAC",
+                "AzurePolicy"
             ],
             "severity": "High",
             "text": "Based on existing requirements, regulatory and compliance controls (internal/external) - Determine what Azure Policies and Azure RBAC role are needed",
@@ -39869,8 +39869,8 @@
             "services": [
                 "WAF",
                 "SAP",
-                "Storage",
-                "Defender"
+                "Defender",
+                "Storage"
             ],
             "severity": "High",
             "text": "When enabling Microsoft Defender for Endpoint on SAP environment, recommend excluding data and log files on DBMS servers instead of targeting all servers. Follow your DBMS vendor's recommendations when excluding target files.",
@@ -39883,10 +39883,10 @@
             "link": "https://learn.microsoft.com/azure/defender-for-cloud/just-in-time-access-overview?tabs=defender-for-container-arch-aks",
             "service": "SAP",
             "services": [
-                "Defender",
                 "WAF",
                 "SAP",
-                "RBAC"
+                "RBAC",
+                "Defender"
             ],
             "severity": "High",
             "text": "Delegate an SAP admin custom role with just-in-time access of Microsoft Defender for Cloud.",
@@ -39974,8 +39974,8 @@
             "services": [
                 "WAF",
                 "SAP",
-                "NVA",
-                "PrivateLink"
+                "PrivateLink",
+                "NVA"
             ],
             "severity": "High",
             "text": "Isolate DMZs and NVAs from the rest of the SAP estate, configure Azure Private Link, and securely manage and control the SAP on Azure resources",
@@ -39988,8 +39988,8 @@
             "link": "https://learn.microsoft.com/en-us/training/modules/secure-vms-with-azure-security-center/?source=recommendations",
             "service": "SAP",
             "services": [
-                "VM",
                 "WAF",
+                "VM",
                 "Storage"
             ],
             "severity": "Low",
@@ -40017,9 +40017,9 @@
             "link": "https://learn.microsoft.com/azure/architecture/guide/sap/sap-whole-landscape",
             "service": "SAP",
             "services": [
-                "VNet",
                 "WAF",
-                "SAP"
+                "SAP",
+                "VNet"
             ],
             "severity": "High",
             "text": "Isolate the SAP application and database servers from the internet or from the on-premises network by passing all traffic through the hub virtual network, which is connected to the spoke network by virtual network peering. The peered virtual networks guarantee that the SAP on Azure solution is isolated from the public internet.",
@@ -40105,8 +40105,8 @@
             "link": "https://learn.microsoft.com/azure/azure-cache-for-redis/cache-how-to-geo-replication",
             "service": "Redis",
             "services": [
-                "ASR",
-                "WAF"
+                "WAF",
+                "ASR"
             ],
             "severity": "Medium",
             "text": "Configure passive geo-replication for Premium Azure Cache for Redis instances. Geo-replication is a mechanism for linking two or more Azure Cache for Redis instances, typically spanning two Azure regions. Geo-replication is designed mainly for cross-region disaster recovery. Two Premium tier cache instances are connected through geo-replication in a way that provides reads and writes to your primary cache, and that data is replicated to the secondary cache.",
@@ -40159,8 +40159,8 @@
             "link": "https://learn.microsoft.com/azure/architecture/example-scenario/analytics/pipelines-disaster-recovery",
             "service": "Azure Data Factory",
             "services": [
-                "VM",
-                "WAF"
+                "WAF",
+                "VM"
             ],
             "severity": "Medium",
             "text": "Make sure you replicate the Self-Hosted Integration Runtime VMs in another region ",
@@ -40173,8 +40173,8 @@
             "link": "https://learn.microsoft.com/azure/architecture/example-scenario/analytics/pipelines-disaster-recovery",
             "service": "Azure Data Factory",
             "services": [
-                "VNet",
-                "WAF"
+                "WAF",
+                "VNet"
             ],
             "severity": "Medium",
             "text": "Make sure you replicate or duplicate your network in the sister region. You have to make a copy of your Vnet in another region",
@@ -40300,11 +40300,11 @@
             "link": "https://learn.microsoft.com/azure/key-vault/general/backup?tabs=azure-cli#design-considerations",
             "service": "Key Vault",
             "services": [
-                "Storage",
                 "AKV",
-                "Subscriptions",
                 "WAF",
-                "Backup"
+                "Subscriptions",
+                "Backup",
+                "Storage"
             ],
             "severity": "Medium",
             "text": "When you back up a key vault object, such as a secret, key, or certificate, the backup operation will download the object as an encrypted blob. This blob can't be decrypted outside of Azure. To get usable data from this blob, you must restore the blob into a key vault within the same Azure subscription and Azure geography. Familiarize yourself with the Key Vault's backup and restore guidance.",
@@ -40391,8 +40391,8 @@
             "link": "https://learn.microsoft.com/azure/virtual-machine-scale-sets/virtual-machine-scale-sets-automatic-instance-repairs",
             "service": "VMSS",
             "services": [
-                "VM",
-                "WAF"
+                "WAF",
+                "VM"
             ],
             "severity": "Low",
             "text": "Enable automatic instance repairs for enhanced VM Scale Sets resiliency",
@@ -40406,9 +40406,9 @@
             "link": "https://learn.microsoft.com/azure/backup/backup-azure-vms-introduction",
             "service": "VM",
             "services": [
-                "VM",
                 "WAF",
-                "Backup"
+                "Backup",
+                "VM"
             ],
             "severity": "High",
             "text": "Consider Azure Backup to meet your resiliency requirements for Azure VMs",
@@ -40422,8 +40422,8 @@
             "link": "https://learn.microsoft.com/azure/virtual-machines/disks-types",
             "service": "VM",
             "services": [
-                "VM",
-                "WAF"
+                "WAF",
+                "VM"
             ],
             "severity": "High",
             "text": "Use Premium or Ultra disks for production VMs",
@@ -40437,8 +40437,8 @@
             "link": "https://learn.microsoft.com/azure/virtual-machines/managed-disks-overview",
             "service": "VM",
             "services": [
-                "VM",
-                "WAF"
+                "WAF",
+                "VM"
             ],
             "severity": "High",
             "text": "Ensure Managed Disks are used for all VMs",
@@ -40452,10 +40452,10 @@
             "link": "https://learn.microsoft.com/azure/virtual-machines/managed-disks-overview#temporary-disk",
             "service": "VM",
             "services": [
-                "VM",
                 "WAF",
-                "Storage",
-                "SQL"
+                "VM",
+                "SQL",
+                "Storage"
             ],
             "severity": "Medium",
             "text": "Do not use the Temp disk for anything that is not acceptable to be lost",
@@ -40469,8 +40469,8 @@
             "link": "https://learn.microsoft.com/azure/reliability/availability-zones-overview",
             "service": "VM",
             "services": [
-                "VM",
                 "WAF",
+                "VM",
                 "ACR",
                 "Storage"
             ],
@@ -40486,8 +40486,8 @@
             "link": "https://learn.microsoft.com/azure/virtual-machines/availability-set-overview",
             "service": "VM",
             "services": [
-                "VM",
-                "WAF"
+                "WAF",
+                "VM"
             ],
             "severity": "Medium",
             "text": "For regions that do not support Availability Zones deploy VMs into Availability Sets",
@@ -40501,9 +40501,9 @@
             "link": "https://learn.microsoft.com/azure/virtual-machines/availability",
             "service": "VM",
             "services": [
-                "VM",
                 "WAF",
-                "ASR"
+                "ASR",
+                "VM"
             ],
             "severity": "High",
             "text": "Avoid running a production workload on a single VM",
@@ -40517,9 +40517,9 @@
             "link": "https://learn.microsoft.com/azure/site-recovery/site-recovery-overview",
             "service": "VM",
             "services": [
-                "VM",
                 "WAF",
                 "ASR",
+                "VM",
                 "AVS"
             ],
             "severity": "High",
@@ -40548,8 +40548,8 @@
             "link": "https://learn.microsoft.com/azure/quotas/per-vm-quota-requests",
             "service": "VM",
             "services": [
-                "ASR",
                 "WAF",
+                "ASR",
                 "VM"
             ],
             "severity": "Medium",
@@ -40564,8 +40564,8 @@
             "link": "https://learn.microsoft.com/azure/virtual-machines/windows/scheduled-events",
             "service": "VM",
             "services": [
-                "VM",
-                "WAF"
+                "WAF",
+                "VM"
             ],
             "severity": "Low",
             "text": "Utilize Scheduled Events to prepare for VM maintenance",
@@ -40685,10 +40685,10 @@
             "link": "https://learn.microsoft.com/azure/dns/tutorial-dns-private-resolver-failover",
             "service": "DNS",
             "services": [
-                "ASR",
                 "WAF",
-                "DNS",
-                "ACR"
+                "ASR",
+                "ACR",
+                "DNS"
             ],
             "severity": "Low",
             "text": "Implement DNS Failover using Azure DNS Private Resolvers",
@@ -41129,8 +41129,8 @@
             "link": "https://learn.microsoft.com/en-us/azure/app-service/environment/intro",
             "service": "Device Update for IoT Hub",
             "services": [
-                "AppSvc",
-                "WAF"
+                "WAF",
+                "AppSvc"
             ],
             "severity": "High",
             "text": "If deploying to an Isolated environment, use or migrate to App Service Environment (ASE) v3",
@@ -41182,8 +41182,8 @@
             "link": "https://learn.microsoft.com/en-us/azure/app-service/environment/intro",
             "service": "IoT Hub DPS",
             "services": [
-                "AppSvc",
-                "WAF"
+                "WAF",
+                "AppSvc"
             ],
             "severity": "High",
             "text": "If deploying to an Isolated environment, use or migrate to App Service Environment (ASE) v3",
@@ -41660,7 +41660,7 @@
     ],
     "metadata": {
         "name": "Master checklist",
-        "timestamp": "August 26, 2024"
+        "timestamp": "September 03, 2024"
     },
     "severities": [
         {
diff --git a/checklists/waf_checklist.en.json b/checklists/waf_checklist.en.json
index 60b1ec4eb..ff5c9534a 100644
--- a/checklists/waf_checklist.en.json
+++ b/checklists/waf_checklist.en.json
@@ -10493,7 +10493,7 @@
     ],
     "metadata": {
         "name": "WAF checklist",
-        "timestamp": "August 26, 2024"
+        "timestamp": "September 03, 2024"
     },
     "severities": [
         {
diff --git a/checklists/waf_checklist.es.json b/checklists/waf_checklist.es.json
index 918b932f9..1505b8c69 100644
--- a/checklists/waf_checklist.es.json
+++ b/checklists/waf_checklist.es.json
@@ -9500,7 +9500,7 @@
     ],
     "metadata": {
         "name": "WAF checklist",
-        "timestamp": "August 26, 2024"
+        "timestamp": "September 03, 2024"
     },
     "severities": [
         {
diff --git a/checklists/waf_checklist.ja.json b/checklists/waf_checklist.ja.json
index 7534ea85c..22f134c65 100644
--- a/checklists/waf_checklist.ja.json
+++ b/checklists/waf_checklist.ja.json
@@ -9500,7 +9500,7 @@
     ],
     "metadata": {
         "name": "WAF checklist",
-        "timestamp": "August 26, 2024"
+        "timestamp": "September 03, 2024"
     },
     "severities": [
         {
diff --git a/checklists/waf_checklist.ko.json b/checklists/waf_checklist.ko.json
index b6d09f0e5..57aa16fba 100644
--- a/checklists/waf_checklist.ko.json
+++ b/checklists/waf_checklist.ko.json
@@ -9500,7 +9500,7 @@
     ],
     "metadata": {
         "name": "WAF checklist",
-        "timestamp": "August 26, 2024"
+        "timestamp": "September 03, 2024"
     },
     "severities": [
         {
diff --git a/checklists/waf_checklist.pt.json b/checklists/waf_checklist.pt.json
index 0a34db136..81b33a1de 100644
--- a/checklists/waf_checklist.pt.json
+++ b/checklists/waf_checklist.pt.json
@@ -9500,7 +9500,7 @@
     ],
     "metadata": {
         "name": "WAF checklist",
-        "timestamp": "August 26, 2024"
+        "timestamp": "September 03, 2024"
     },
     "severities": [
         {
diff --git a/checklists/waf_checklist.zh-Hant.json b/checklists/waf_checklist.zh-Hant.json
index 39ff6c441..22a6753c3 100644
--- a/checklists/waf_checklist.zh-Hant.json
+++ b/checklists/waf_checklist.zh-Hant.json
@@ -9500,7 +9500,7 @@
     ],
     "metadata": {
         "name": "WAF checklist",
-        "timestamp": "August 26, 2024"
+        "timestamp": "September 03, 2024"
     },
     "severities": [
         {
diff --git a/spreadsheet/macrofree/appservicewebapps_sg_checklist.en.xlsx b/spreadsheet/macrofree/appservicewebapps_sg_checklist.en.xlsx
index 9522ce947942e1c2c52acbcf93856a4b6252a836..ddf6ae5d0ddae6647ed2ed771e931d93f5c9b30b 100644
GIT binary patch
delta 467
zcmX@UoALN=M&1B#W)=|!1_lm>AIZuSc@J;^smQc2wU~)l<?G|U4;zRa-S73Xde)M+
zZQQZ)AvFTrO{_<^Pq>qN^clbBlH1$OSI2HQJa~Lg@w@l)3bYev8t}!<-T1(X-R|b<
zxN5aGR(D$yB#*_taVVUBw59LaF^i+lHM?}T#ngP%eK2Q&YM8)|CykGl1#Zrq;pd^5
zw&ZWwUycb(&iq^@A7-S9)X(3{IOkJ6U(dNYcYf#j@gAPQdvr#3ug1TOxO>Mwt+;Gg
zpsTP}TXROif#$-mn?Fu4*|^qBbl-*5nSa+a7<GC_SVTlDSAV{@q9SMhB`bAH*Oo;!
z7cZ%5i>=x7+h)_cXXhPKQ?|eSr#!7=jeus<tj$fEib@@A7+-0{t$S`~GP$5$V#mL8
zYi+ZxA759`fD%rdxtI>HF#|(t^I49AE?~w)-?_|ShGC!pD~K`KCF~hkKsWpxBUs>H
z#7nTit4M!{fK9YDJh&&<N1KCH?Toeq)4!sf!L&mRgl>zm0P_#Vm_g)YtiZH+tSgwV
HkM#fmN0HI0

delta 467
zcmX@UoALN=M&1B#W)=|!1_lm>f=H=}yazadRHT|lmiol2^7Uu44jTxx#2@{UcY2es
zaLZ%o=qe3Uk*tiDz8<rWT>0gA>(P_9t9SGXUv_d7KYONb_vx@hMu{?eERqi<vfEj$
zimO(8V`iri<<=q29&l&5;=<;g#(sr7@!Qp>b^GsQpOhZyDWWi4#?q2m*jo58r{>X~
zE%EE*8G{5~I5xWZXL!}0H0^#c<^Se{l4nmYmKSG9w3TQai<!|e>HD*vr80Iex45rk
zJyNR5D$Hjg6>cxdA1J)+>M|wsD$}k11s&WLavq-Cnp;zNuj_aFH^X(Gb(VX&O|H3n
zX_9F6wp%rGBD;TS2T0z0yX$|)YL(k6l{bS<9n$WSe#9CO{;<gQ`wgE%cO^1+p3ASk
zGVS=f{fsE#w3&<P02?zfq&A=BIOqaqO!S@03}zSx3b2A0lU>4|fdzEK&oP1p{zbe5
z3%rW-hX~k2Tf>8Ua(%QpSk=yGJ23q#+8Inc#6ak_7z;4}V2l|=KE?`6o5#9>>H1g?
E024C2*8l(j

diff --git a/spreadsheet/macrofree/appservicewebapps_sg_checklist.es.xlsx b/spreadsheet/macrofree/appservicewebapps_sg_checklist.es.xlsx
index 1334cf88549593c90cef1442b12f3e62292c39b0..870c90fddfe3ec7d6e98c19f30adfdb01ae1c8d2 100644
GIT binary patch
delta 466
zcmaF1pYhp#M&1B#W)=|!1_lm>pUKJ-c@J;^smO>}X^V+h<?G|U4;zRa-S73Xde)NI
z_O^BWT6P_*2b&&6d%WA0^toN-(%aj!uda&@{9yQe&hOpocf2ChdYZ-4b#`26^ygc3
zeIDm-&+m#6Z5zd_1MZ|7E?m6R)bFFf{JeHu@%c6E7V0UzqAYrq4}P$?l&LKf4(gK3
z+#h4lwB*2rW+qviWs*nhr{^#%|1+O?v9UV;zS+Tt4N{y9pCu`G-JkvZ`bL{qTlizR
zJzjfpsmXjui20jhqvD&h+P8K6m#nD&$_+k`gv9#9%wFEC)P5&_>-d&)o_>N0HT0u*
zrMaFAGnZGtmh_J)#I5Z1JNrjm6Qf<arafD;V2w)n5#t5x9zCsk=WNVbeq8)%dEM>B
z+ic4Iq6X7uPNoBF%)o%!e1_w!8<;W2e<L%P5fCiE3Svx7j(7$Z@QFOf2o{iyehC)f
zjPZvEM8{ggLwoYPSaYzd8?km^S~AWVOvgj%rEwNu{)0F(h<v;im=23~1=I85JphCh
B#@GM=

delta 466
zcmaF1pYhp#M&1B#W)=|!1_lm>{79*ZyazadROHD?ANEYVDqnv#>#%`9OZ?FvdfuCa
zg<BpwM^|Z>iezQH^!1p1<jOC{pu$hzLSv41W-eUNotC!$ZmM?TOas2SIU651vD;a$
zimO(8V`kfuAbBiK#-VWj(U!hv=PZso|Jh}`EvDv^?SnZJgtR$gJ{|Zd+4085M}3Ki
z@uj+*bu1o@3)xw%DtwIVyVl=i@cU`c?UwE*S8Kk!E%8KK(wU>38g=>e;*UQJTwePi
z${{K|$lzfE`{P&Yj}<c?ZMhZl!)^VtZ}v<lRLl||rX<deo3s7VzlF6vujf1w5$yU@
z>g^r2=4RIC!Zh7i>m5>4w!i+TyiVZef;~B!sUJn3v{f)(3EdNOzBWVc;XCmyG0(T#
zW}QyHejg>6Hghr^U}FXb)aElBXWhVzIsO}&!Hj@l0ag%Wa&p8ouz*kGIYzL6Z1hX8
z0B4LpL?AlW8Xnq{=f#?XRo#fS1Jjam&R{woN-vGG0P`QjnL*^^t-y3xyepWV7w-W8
DM^VKg

diff --git a/spreadsheet/macrofree/appservicewebapps_sg_checklist.ja.xlsx b/spreadsheet/macrofree/appservicewebapps_sg_checklist.ja.xlsx
index 509d4243abb824711348c0496f51105b465f8dda..743bfac53f68736317216683de32a25aa880fe0a 100644
GIT binary patch
delta 466
zcmex&it*nmM&1B#W)=|!1_lm>Z^_CNc@J;^smSI#ZSyBym9LNYK5QUzbidcj>RC(P
zwzaL}*RtziJ=pXp+T-1}q|fatm)_o<eRW-Q;0MF!bAInuzvC65*3&GWuCwDpqd(uO
z>+?8wdwy4pXxk`W9dIYzaN**erhXp<=I6ERiqEfMw@^>%6=l(@eDH(CrA%#^a8Q?I
z=KdIarX>e1G&9NCER#H1KRt(G`JegBi;dO!_stGIY>?t?_$*1e>;CNL*Eia{+QJ{h
z?eW@+OHJlOLd@S38x`N2)xNFkzhp)IS8nimBqY`+X7=)CrS?1dTgSJY^Yjy3s1d)l
z<ZPFycD|k8nxlVMSM<EucDMeB(8Oq$u4&KKELfwnz9Zcs_UP%aciPj0-t~!}e*b5i
zdv4{MU(zVSw3(CX02?zfpf;c3c;pRcYz#4B0W)4i2(W?}lYhrP0}DKfJI4qX*qZPX
zEU+-qA0qHM$r>Kolg*ON!Kw<9?ZEWLWM?q_9ZK7#Sb+HzDP|D)6e}?OF2xm0o27aH
E0E3*-jQ{`u

delta 466
zcmex&it*nmM&1B#W)=|!1_lm>f=H=}yazadROB9K<L48v%GaOGI&2`&5`XlE-swrg
z!Yz-TqpLJbMY1wp`g+Vha^;s}P~oR<p)tohGZ!xCPD|T=H&r`vrU75voQ)5h*zGJ=
z#Z{}lF|%z+kUSPA<4`#NXiML-a~4OP|Ln5e7E|-dHeuFt)i8k_PZ}Q^3*4MJ!_PxA
zZOPxFzZ?^oocXy*KFmm|XNlj;IOkKnSkJjRHox-xcn?qDJvyUXSn$t1oBe%<7yJD_
zu(e^!x+MvR82OJ~^*`o(=}6|*l^=TJeBaiyOz_M(bm-(Ev%MDiNB=tio^j1&Im=U)
zi>2OPVQX$?eJ)JXeYM^pHD&wjf6D6u_Bn3J;Y|D}`lYRc@k;2PnDez6Y7gIuZ;5%n
z-8SoV^7Z>D!L*r^=>QuuFrYS{;dtZ?W^4>GVF5E<L<q2g7?Xd;J_8Fpi95##7TB8b
z5-hMV(H|o4ImsFx+LO(a&B3Y)lI_6s#$;zO{T)i%rdWXa6)9#A`4lTK{Vv57Oq->8
F005Yr%M<_r

diff --git a/spreadsheet/macrofree/appservicewebapps_sg_checklist.ko.xlsx b/spreadsheet/macrofree/appservicewebapps_sg_checklist.ko.xlsx
index 64619737f71b4744ac70ef500cd1ec42b640e201..6d57f0ec6111fe964b4c0079837249e8bc190727 100644
GIT binary patch
delta 628
zcmaEPjPcnqM&1B#W)=|!1_lm>AIZuSc@J;`smMRJ^>a8TUX!bj_daYOa&-Tx7uB<t
z-EC`I$FF7A!FsUiQMAXqZAqWopLlK0&kx&u&gkIrImPeZ&nxhLxnql5+@8`08(TM6
zyg0|AcUSGEvXx)vgz5`QOAHei?c5s2-Q&N1vEK>*jm)#sZ_dhcSjfUv#Ux}dI9YJz
zla`YBebNkGK`$Jd4?0AidQq?1{h;(maYDheCyHBwSH1teMZYa3=g5odzkjTzsITSJ
z=xJG^HTB7*W{20S)uj^xk8e9R?aTDIzSs3E0o^-V9$!4DW@(*&^sn>h86lO^j3*gR
zS}(Qj+0icjd^^82H~+A%Sev!|ZT%6|lX;$DCOXeqXA7TiSk*KAwabAjk#~Kc-;2iF
zZZ@+o`-&P$o4J?{urUL}Y4cf*FP>n=ksuxxFynHV04s<w`C0Tcu)z74bBtht1#vII
z0zL8m5P^FM)`-BKtdwX5Ru-Ko&G>6_d7=`SHz!e=X)nj*|B0fL&m{`VgW^W&J8S(-
zW(J07JPZsHz=(r^hQ=+E|0SwNfz*UecoFh~g@HlCfPsM*rT|DcFdhzLV5rE^FD|Lf
zNiEi^$ju4xW@Hj!hNpnY?e4F;4gi&kF)=W3qiDT0xjsn>;;JNR#{H9bB*}q!H<P59
eCd5r%A1A|)X4quKWNF5l$+pRAY-bWcW&r>TsQY37

delta 638
zcmaEMjPd0$M&1B#W)=|!1_lm>yhy2uyazaeROI)WXK!#%ye3zFHtVo~Kui45A9|-J
z2~Xxa-oEWiK$gap3zue3Fza0TwRy>-CvR8p=$kyj$x;05nY!Jl!wwlG%IvX9KG@1v
zvnhP<H=i4&ySNV;_3XXT_{grCQ}%3cVORT)(&(I>KORLNFgfqNMxo#&^Ko~DO~!_E
zCj_1G`2F^mpaN@~oXCp@h9~Pe?9!Pnp8nU7m}|N7``tNGZHm%ehT`f<KNeS3O1Hbu
z{nnVxm>KJNu!UK!XZ8Hv_9dN{vw|OT@11q)KbOMf8!fHPt)*2(_qyAUf74u>>Bo7B
zbJ6K(Q`SUmI{NDKiCwGgnWs*?yX<%W4u_vy7dNT49Cd%M*P-qZd-U|zJMC#g?<DxI
zzrJ&8aarw~U+gFWwV9pi02?zfs5YPC_~Hp>91P-N0W&Uy39y0~lOIPv0}GsqImZYV
zm>c&JEYKP64-vSXV2udx$?}P2@}ST^C@!#X5*q`<F$D$&VPMq2Km+67$t8(OV54Rx
zN;4hcn0z5fbn@v$L9oz$pwRXpppcYyfHxzP2s1odBf}=V2zkN6z@TBkz`zSL4oEjJ
z9-Hi#Bm>r-kR;7`b8=0R6vX@_Y5PMl3=9=H`sMjW*-82N*?JYZIp_wjjw{mJ0yL<X
liGe{1#o)<tlh?$_Oy*DK0h=e6EX`Oy*(zC$?R)}A9RTnJ^gRFo

diff --git a/spreadsheet/macrofree/appservicewebapps_sg_checklist.pt.xlsx b/spreadsheet/macrofree/appservicewebapps_sg_checklist.pt.xlsx
index f862e390c8befe0c15dbcf20128202cd462eeb34..7280e30a94042eeabb26adec1c8f1f4c54d874ee 100644
GIT binary patch
delta 663
zcmX@QpYh0kM&1B#W)=|!1_lm>ugS_2c@J;`smQh?vo~{1ye3y4?|s-n<mi5{m({bE
zyliV*$FF7A!FsUiQMAXqZAqWoRW7}~J^Sjq=)ez#&*%K!t$xQVLanD+JY8qUg+_nA
zRoCZn?)Lny7|}LCygJ~{bHjy;cbfWr6qujat|LCbhJD3>ie3>Gy~+nKSkAoh@ljtQ
zVtlD?XB~@2;{tY8s|uH*rh2`b41PcD+1=9p<Z8^9w<Vrnw|bVO+;ngD^XnUHu4T&a
z5Swsqs)&!pgM&MMoviSfbt7yxSM1BHTmHE-%sis1Bcq#hY4c~d_wu)nZ_z7oH1gS$
zbaj&HV(qYdHFF}me{u&%-pt+ozazCR-`FQQ$iOSYbA3m;L+sJhU+=W13BBtRKmGpC
zHuv1hH@~D&!f7)X(*ZVSU`TB~%dyf8%&7F=%nWAe2Me%*7?YhMo`D6lBhN8{1^z_6
z1Pi=~_J;^q#abhRdvaZ@nLH@)4~h%yo5aSza7=-LK^Pb_FwnsGXY%D(B?XWg+1q`Z
zWo`@%0!B;>5-<fox}kAD$K*R4Qj_)Lc))hr#Yr<}PmYRH2OAwW;YG*`76t|l0|o|O
zWNnO!lNZFvfOYH#>M)snJ5DMFWRZ9Xd(jd`1_pIz1_pi<9kP)O3>7*0<@rU~N%{HN
zdKI}j0p5&EBFymA6uCOCNN)>JQ!f((gA|J9casC-HNn=^#!EBanmjXJjZG^Sqyzw?
Cdh?e6

delta 664
zcmX@IpYiB^M&1B#W)=|!1_lm>!bqu!yazaeRHU*&IXCyjYjX8xvkn^ww8X3a$UD7B
zR=DM{b99x4sYq7FOJ9%KN3Q&Gy!GhG+toYzgfBZeil04GxBGP1A)`c@Jr>Ca6WQxZ
zL-v02xshAqu%$;ppKrkqe<vsQ;`BL>B=+U`>xj><;aBm#JW0br&$6h9?O2(bn{ZH<
zWaj=Dd!{7{7n+%R=Ur&2pOh_jQ1gHK!53#vE`I;)iUH5b3H>__1XbUk{ruXZ=1yjR
z40p#XFD^Bi0+V%hMsi`kGs0$f-Fb2K%0G98om{>W^K^0+cYmIC-+oJf;M}E>y}?rH
zucuAZiQk;`xiC%l)q022l<lwoDT@{E>fF3(>6F&#;^s%V7pyz<wCdf)nJv2|E*H(c
z|80eCe{4N7N<eMqWIDjc3=FExXE;{6ff*J4o0-83y<h=W5M#1q#51sfR^&NGu)y!A
zmtcYC(f$wt%UEkfcu%g4HIoO0{y}kpeUsQ27>+40FbD&q1_l}!|4zOXtE2!@BYV3~
zv&@ZwLBNQKK?0@#NH;Vd;Fx@yLu#^K91qw|+c;^)oXL@K>R_Y8CcFrF!NS0xVZgw^
zi>!@NY4ZFy8L*ChKpm!&Z^cQ)fGiRZVJ}+3$iSe^%)r2pqC+l{fuSNtzdXMvJ1IXu
zTdyKFC%~JLNrV}moFZ4p73pmOYU*WTV30!5{C;vkye8PXns{l(+mmO+tFdXvf|LLN
DOcUc3

diff --git a/spreadsheet/macrofree/appservicewebapps_sg_checklist.zh-Hant.xlsx b/spreadsheet/macrofree/appservicewebapps_sg_checklist.zh-Hant.xlsx
index cd070f3fc0d27465566489e4070871a184dd1f8c..19ed82ee833925750077b41be6cbc997b6e06cab 100644
GIT binary patch
delta 638
zcmZ2*m~r7@M&1B#W)=|!1_lm>AIZuSc@J;`smQc2wHWS+*W~Ksy$>6R9Nq8rvU=8%
zw{6_9@*y<>+)b=Uw@<i}d-NH<=aSpo%~!{6H#~TJPVu|<^9r;RXBzOu&E5FGiQVqz
z>bPpPH&%CB6C{tty>Td<f3&6V*)fZw&NaJqx5d<a)O|2#f@+w+jwg+el?86joZ;u8
znYQF_*<X$cOwRmVB_C#_iPX>E%sA&$JzvkcId^{N`SBi}z<YE?cdy33jJSKpKCQTH
zSD>q~R$FsM!GY$&ubV$kFxj})OmyFc)tP_SGZ=MxM_5EeELVTNx1u6v{v|7QOV^e~
zH5V_bYKyJe^V??Ax@YGdQd73S{HHvvV~v1j)U3@-n~F*uZ5Ur^#jSg8XEM2<USh|;
zb8Bt0t{-1l&wvt8n>m>durdEkR^EJuBfta9kPm#p3}$eJ3b2A0lVzixfd$y2&oP1p
zuE)Ft3mlI1XJiJ3^JLL@YeaZYj*K^x2ZjDYae;l4*ccd&DKIby1EU588W{ghUKg(<
z4>UXSSlHQ5vK|Z!fx%1+5-<fox}ovF<oEIFVCy6kq?v>RCx3_+o$Q?;2o{P@kY@Zh
zxjI1x%$t=UZ6z4Rzz|=Qnp3Q=2O<N!8JR?wAqfIxk9Y`s(Go@m26biz27Y9F7=KNE
qpCAV|Mj%m|@$_V!L`|^EmOhk@kO%5WU_p2N_Q@rQYHaNBAY%ak#_#3;

delta 626
zcmZ2@m~p{jM&1B#W)=|!1_lm>yhy2uyaxn<RAla_DH2?aKv5<J2EoY%@gnuD6VGNH
zHV|luKl(%O^dw>7mdDP~RT`!uSs5>VJ!T)d^2;%(@YA=@nB$$93m0^!rR~3)s+~B~
zfG=*&#s^O9c9yH+s@2|@*|sD|9*dK4D4c(^rSI7}i=)necG+%=srh7^FzdN$n81!F
zjgO55ZqA(H=b@Rl<ZsbmjtNZ8{9Gj;>Sv^|#BXMt^Qm5}=iD5dUwMAKhbQnJozX2U
z_~)L@{=UPD{eB<V+OTEal7vHy{Ku~PA9KERBy;P^54~}|Z|hkmc;*~Bbn=kdUW@#r
zf1Q8NxMs4P<tfX>Qg5%YH8-<97pCdHTJMmWvi<cx<#hr39Jl0fCVspa{fIRn{9}>r
z_k}ZCBzIpfntT7-3f=zLdS;X$+swsufQ=a#Xq(S+1bBcM3V|<}!3^$D0ag%WvRu?N
zumF4XIYzL+jhL5Ufg`d05CO4xYfgB`PmYQ=lLzq*iVN(U#KypIOo4$x7#JNe(7^a-
z^7?osu$p6GXFth$FfarLGcicO6aeXl#{H8&#H)j?lS+_g5(=FBF<x}CPl6y=C?P?b
z@$clC1Q{@Ic7n8(KokQ*d{JsnvA!ON4De=T5@CiXjY#nj_M#=gG@;JSz`&1e5980t
i9}?ui#t0@#GoG5Po2UuqMFM%-CYL6vv9ZO2GynilAmt7K

diff --git a/spreadsheet/macrofree/azureapplicationgateway_sg_checklist.en.xlsx b/spreadsheet/macrofree/azureapplicationgateway_sg_checklist.en.xlsx
index 9f0ce54643f75f19f88d046980216b113c0cfca7..c927e79ee6a0758205ab936fd2f60b5f200e4cf9 100644
GIT binary patch
delta 637
zcmdmXl5y)vM&1B#W)=|!1_lm>ugS_2c@J;`smQh?vo~{1ye3y4?|s-n<mi5{m({bE
zyliV*$FF7A!FsUiQMAXqZAqWoRW7}~J^Sjq=)ez#&*%K!t$xQVLanD+JY8qUg+_nA
zRoCZn?)Lny7|}LCygJ~{bHjy;cbfWr6qujat|LCbhJD3>ie3>Gy~+nKSkAoh@ljtQ
zVtlD?XB~@2;{tY8s|uH*rh2`b41PcD+1=9p<Z8^9w<Vrnw|bVO+;ngD^XnUHu4T&a
z5Swsqs)&!pgM&MMoviSfbt7yxSM1BHTmHE-%sis1Bcq#hY4c~d_wu)nZ_z7oH1gS$
zbaj&HV(qYdHFF}me{u&%-pt+ozazCR-`FQQ$iOSYbA3m;L+sJhU+=W13BBtRKmGpC
zHuv1hH@~D&!f7)X(*ZVSU`TB~%dx>5%xDOi%M4~HL<q2g7?X`-pMeEr;?6OG1>VNL
z1Pk0u@P`O!Cs`wcdvbn~nLH@)4~h%yo5aSza7=-LK^Pb_FwnsGXY!FGC9qL1lcbsU
zb4>0J5uGfZEC?3TPnKpX3IPg9X$N>SGKnz5V>L2t!i$g>EDQ`91`G_mFynx91EbL7
ziODix?HiJ%8C55rNtS|`pDb<97stR*k)vOpUzDAcpP#K)k(+~V@aniCy)8h4dYKp)
jq)-gLA3ym|yv*eI6dtg7c`4G2rzdx%sIf^Wfz$y2S%>pl

delta 677
zcmdmbl5yKfM&1B#W)=|!1_lm>yhy2uyazaeROI)WXK!#%ye3zFHtVo~Kui45A9|-J
z2~Xxa-oEWiK$gap3zue3Fza0TwRy>-CvR8p=$kyj$x;05nY!Jl!wwlG%IvX9KG@1v
zvnhP<H=i4&ySNV;_3XXT_{grCQ}%3cVORT)(&(I>KORLNFgfqNMxo#&^Ko~DO~!_E
zCj_1G`2F^mpaN@~oXCp@h9~Pe?9!Pnp8nU7m}|N7``tNGZHm%ehT`f<KNeS3O1Hbu
z{nnVxm>KJNu!UK!XZ8Hv_9dN{vw|OT@11q)KbOMf8!fHPt)*2(_qyAUf74u>>Bo7B
zbJ6K(Q`SUmI{NDKiCwGgnWs*?yX<%W4u_vy7dNT49Cd%M*P-qZd-U|zJMC#g?<DxI
zzrJ&8aarw~U+gFWwV9LY02?zfs5YPB*x(Ij)Q8Mv1~cR%1Xw|g$wslyzyi{7=NQ2P
zZ{lBq1#TqxLj<&vtP$ZoIWNgf9u)cq#Rc|FVq;)9rog};42&8WXkh$1`EZhw0!YmU
zKhw}!Zw7|H=1dF{Fa<!mq45C6<l7ulljW0nz;@~-OEVRROzsPj(hl%uWD;S9M|Nb`
zgcl(%SQr>I3>X-Ak<DNfo;)F02CRL3vNWUG<kQJgF(6yTL)eR!FfuTxGcz#oqv+s|
zV_>Mr(J#+0%1+A9&(^ER%|W+rbzG6&7NDkHCI$v66wMDNJEmxYt;<c3W;`>wGewO}
ICJCej0Hh7_ZU6uP

diff --git a/spreadsheet/macrofree/azureapplicationgateway_sg_checklist.es.xlsx b/spreadsheet/macrofree/azureapplicationgateway_sg_checklist.es.xlsx
index c1a38feff0d08a7331dca9b54188894e38a2ad9f..033c5f9737d5e3535ac1eaa91374002791af217b 100644
GIT binary patch
delta 622
zcmX?hmhtdeM&1B#W)=|!1_lm>AIZuSc@J;`smMRJ^>a8TUX!bj_daYOa&-Tx7uB<t
z-EC`I$FF7A!FsUiQMAXqZAqWopLlK0&kx&u&gkIrImPeZ&nxhLxnql5+@8`08(TM6
zyg0|AcUSGEvXx)vgz5`QOAHei?c5s2-Q&N1vEK>*jm)#sZ_dhcSjfUv#Ux}dI9YJz
zla`YBebNkGK`$Jd4?0AidQq?1{h;(maYDheCyHBwSH1teMZYa3=g5odzkjTzsITSJ
z=xJG^HTB7*W{20S)uj^xk8e9R?aTDIzSs3E0o^-V9$!4DW@(*&^sn>h86lO^j3*gR
zS}(Qj+0icjd^^82H~+A%Sev!|ZT%6|lX;$DCOXeqXA7TiSk*KAwabAjk#~Kc-;2iF
zZZ@+o`-&P$o4J?{urUL}Y4cf*HNId*P1r_eFvB29fEC1;>>U3LETEHcju9;IH}NG{
z;AN6OM8G=58WGr&>r>3+K|y~|TwvcMHU@@c3JeUwz<7ay2F72LucRn}jry4)&9s+e
z@*NJT$p)!BU?KZdX~vw%(W&ZSL&7G!2zkN6z@TBkz`zSL0Z2D6DokFODg)MW0I0)w
z@|{#Eh>@w%_A&_!3>7*0<@rU~N%{HNdKI}j0p5&EBFymg5xF|9NN)?!pk5{h1}Pv7
h0}YIC6DRW|$xO~qgSe+IO`7rM<XLHIY?>(`MF3fo_$UAX

delta 688
zcmX?nmhsqGM&1B#W)=|!1_lm>f=H=}yazaeRHT|lmOA&uYjX8xvkn^ww8S6%k#~BN
zuyD&`=jbX8Q<1EUm%bjek6iiXc<a%Vx2t#b314<{6hC{WZujZ1Lq>@*dn}R<CbHXE
zt%|Ewdt+v&5are(&K_`Qx#Gg+oyLBJJn`Grr*-@9W1o~B=_#TxUB=RqS=d_mF{kFy
zo-Og~<QanmUN|<o`Db|5pET`$Fy;T|gpy}ZE|wQ(Nwk${9E+LJG3ooWpQSQ(FSod_
zV?9!;$|}rfAr)>f$sZ`Z?CLTl^D5J={{<b~7IGe*+?rccc(3bs`!~aNpLLddx=pUR
zduftr_O@F!b0WKcX$MH&e7oy^$7+?^DwQ{bP94(jl77S*5dN^p_WKQ=Lw6-Icb?0y
zzB29jy8VnO0kxT(=>QuuFsL@4;#lJgW>ki4WCk;IqXbw%jL8o1&%gqj3FjEW0>2Vp
zf(4!>`9lOOQmhf-J-H^uOdb^a2gL>UO=4qUIHthBAPkHe7-(SpJNaUY5?GDux4<8j
zz6=b49!v}pFa<!mq4B_Ep;UFSbvCKejQNuzQq{pa!X~^3dBMWKpkctkz>BPdQF-#b
zR2i_2y{XdmX7LOR@kOaQ#rk?6GQgXWNrV}mLL$XO*o&4hGBBt!GcfR@7$cv+z)+E+
zU!Gr-os^%StyhtogRXgXT#?=upr&3X1_mh<%^woMn&XQmho>om-BO(<&3I?>^fWa#
IofME#0BhmpRsaA1

diff --git a/spreadsheet/macrofree/azureapplicationgateway_sg_checklist.ja.xlsx b/spreadsheet/macrofree/azureapplicationgateway_sg_checklist.ja.xlsx
index 1c1270785ed54dc38b02f4babf62933aa913f2ad..e2b416b6e72104756b4ca99f6e7a0d0135847c09 100644
GIT binary patch
delta 478
zcmX?flkw0^M&1B#W)=|!1_lm>Z^_CNc@GEzsmSI#ZS%Ppfuc+d41$v<W{K3dPK@_H
zY#?%Uzt_v^SxerwwXNgVvg=?y*z_pc<K4ET&+RIg-rk;lbzOAe2gB!ce(zSl;}xOS
z(=48@v*SXeKi{hB^Eh{VepifW+bCWga3|ex;o_a9ejf$q=e6sK&#z&(P*3R<WznmA
z@PoyrOl_HPP?u!p{uq0vB?m4vGs)U4tCu`FJ%?fWpZUy-jn(=0%?>_nkm79kEJ?ZR
z{_N-1H`=_~!XLx!@!E?^P3A*F%-<9n72llIzOC!OWJUc~Zt!^|B-STp_VQ+>_B;7o
z$G4pG^b=gD5x=$MY?r8ZzMbEiqkmXe^t{=2xBiIG#AuhUY0uUySfjJPBi$kP=;^O_
z+S7z2-}Rk-|7V+fZsnU_(kMZ;nUm=N8#6G_HlN{83kEa3Mw_sJ89E69tRTi@`_yM(
z0gbeCj9`JE=`X<oPc!@>0_IuP9I%j|T$N=GR<$L|4orW|at71Z*$}!h+XBqrlWhi(
Q&$a^7Mmervx+=#50In*~kpKVy

delta 478
zcmX?flkw0^M&1B#W)=|!1_lm>{79*Zyaxn<RAlhal{H+9Kv5<J2EoY_vqb7!C!WnZ
zY#`7QfAmM*=}p4IEsvd}t29hSvNB%!ddxm@<(K2FM^E0a-q9y~*~wA-?3udVr^5~z
zCCcovNIsazZfCVBu3GJlnVmwETZcG%z@6oa3!8Tu`xWxUZ&#nz?Z1zGQhKDPh{ALk
zOG{>9YvIS7nn!!K#IKWQ3=(+Z*y!e8pW$`VwEMx7|C<v^o;|r(UYsS-R-$n%W=6-P
z@6Udg%GkZ!;=YdcNU18TFrS4~xV<EQpzyM*%aqKkOt=0QbZ}e9d3bVbZcX96uHWt7
z4A*_uS?=jJx#sSrNut@?Zq>|*?Ea-4AbIocuKyjYRc@<P-V8c*Nc#ovN2V343wF+{
z&QX(m_-;$g^X;}-r<1SWM+vgcoJ<GUn1O+|`3#3zFqrW*+Jptn&`A(r1u-Vur#=G<
zXr!HE1PlC3e+d?Nn&A%-Fwe5)fQ9_zsw{J`sx4V|VESv8Gnlr{hR}`K7GVCKY%_>_
PwiTE*%5eqLRXH92x@N(r

diff --git a/spreadsheet/macrofree/azureapplicationgateway_sg_checklist.ko.xlsx b/spreadsheet/macrofree/azureapplicationgateway_sg_checklist.ko.xlsx
index 24e3f2be34902bd8a8aacad36d46871bac7bc8e0..c2bb718aa9f2c7ed1ef1d6cd15234b3989893f9a 100644
GIT binary patch
delta 466
zcmdmbm2vA;M&1B#W)=|!1_lm>Z^_CNc@J;^sYuD~_v0sCm9M|+eb_+c=>MsgzMFX3
zx3#U~*RtziJ=pXp+T-1}q|c5*FTdTNeRbXKfDeYx=ltHSekUqIt*2Q$U1!IIX8&(l
z7v^#9_A6J6Xxk`m9dIYzaN**ehJGIf=I3?miqEg%wop%L6=l(@eDH(ArA%>|aZnd)
z=Kebdj7ts}G%(59ER#H1|2&6b`JegBlQ*k;-xnYB*di_2@M)5A*ZteiudlRuwUs}H
z+hcYVmzvCngqY7MHY&L}t9^U*zf{HjS8nimBqYWscJ1ZKO6_;@yN+);>FFo9P-DH-
zt|Zr^r)Kvnzs~x{6XN!5_CNci&J(&yuI|NQ0bya{M}!xweEgK{owGG}dAs=Q_kXsj
zzx{RNtT{?BZRTV;z{U&=sLf|M90S1&fhZmpFhf30fEC1;Y?S;AEFhh7ju9;ICiNv)
z;6|E1L_jOU8Xnq{b2H4rs+MQif$0|+&R|+E6GE3{T7dcMGtD6KnO0z0HOm!D=Vo~T
E0R897KL7v#

delta 466
zcmdmbm2vA;M&1B#W)=|!1_lm>yhy2uyazadRAla_DH0Q}%GaOGI&2`&5`XlE-swrg
z!Yz-TqpLJbMY1wp`g+Vha^;s}P~oR<p)tohGZ!xCPD|T=H&r`vrU75voQ)5h*zGJ=
z#Z{}lF|%z+kUSPA<4`#NXiML-a~4OP|Ln5e7E|-dHeuFt)i8k_PZ}Q^3*4MJ!_PxA
zZOPxFzZ?^oocXy*KFmm|XNlj;IOkKnSkJjRHox-xcn?qDJvyUXSn$t1oBe%<7yJD_
zu(e^!x+MvR82OJ~^*`o(=}6|*l^=TJeBaiyOz_M(bm-(Ev%MDiNB=tio^j1&Im=U)
zi>2OPVQX$?eJ)JXeYM^pHD&wjf6D6u_Bn3J;Y|E^G5Qf}K={WZ+wTi!w(PzvUNraq
zw-vhmvGvR-!L*r^=>QuuFrYS{;cyHDGX$b|SilVVI004=W3o~5Gq8Yk$~i``z?;;U
zV1XNH{tyAJ3~P93PtMIS2di41VF#vPWH^Iqy-WyQl4$|vug^4t$Y)xCY1J%OFrAy_
F0RWpZ#u)$r

diff --git a/spreadsheet/macrofree/azureapplicationgateway_sg_checklist.pt.xlsx b/spreadsheet/macrofree/azureapplicationgateway_sg_checklist.pt.xlsx
index 74f8cea3c8f841d5652396b5276f651e100cbfec..1feed7a98d7fa0aab4a660cce4d25f88fb5746f6 100644
GIT binary patch
delta 479
zcmex#j`7nuM&1B#W)=|!1_lm>@5#y&c@GEzsmPo(85V9vpePdqgWzPxRFV4DiSgct
z4MdLaKlP$|){?i&+Sc)F*>$iUY<d*!@ornv=XRA#Z*R}Ox-NR=gXD9T-^=}XEZyKE
z!M^@nM8QJV{Wn(oRja+Ry4ji_c`WXYL*e{mEq%|9SsZn)*`>QJrskvWgPsYZVFEjz
zG(J`qxY;?Q$3s(X$=|ZO3=^1~*||zS%&1=`GJiAUoKN+9Jm;p|`CaDqwRZlupA))!
zHU6!Lzt{F@#Z|ikU4@linllOxG#6go{BgsI<mg<lnuXIJ|B7dPqNJDjFd=d7oH^hB
zJlt66wW=pYM6hd9s&lwb{H90WKA)I%c7Efj6J?kGx$6k*bXLjFI97D3Yc}^I&VZ>O
zi)6nql#^=xefW>{^=}K#_Q(EZKnb(WTucYpn1P|T`7B46ADE#QzL^=!xDzG73Svxt
zAO8$2a3kRyBUoT%(o3+w)MS5%!1EMq4p`7n)=D)8t4c|=1Jg@Wox${LC~cT#0p{nV
TnL*^!tibf6G*>XKmF@umT$J2N

delta 479
zcmex#j`7nuM&1B#W)=|!1_lm>+(@a3yaxn<ROH{4-y66Yfuc+d41$v#Q$^}qC!WnZ
zY#`7QfAojm=}E%o9LL+YeF@0YxN_mr><MO_E59}`dGzG%>K%QPCpbBZpFLBz`*heL
zqePiKR>=oj`D!+W@BQX;qjVSdL8G3%HyR(=b#uy|?JewT|4|y9v-8KJ=mRF_z1Jud
zoMb-kuCU42aPEYlGakR+{t{GRZIcsu@u1%DB!^u(v&GZ@Iudg&cYeP+N2*Oxy30^p
zUFpZ-%1Y^W_qpF1vl%mEJrA}p%k`|D-`l>V^Kw@3L+-t^ZvE#{n0%w9wYjyls_0&K
z`|)p@Ycu^gPjN0fJ#EUGh)qXdeLk^kl|A#+iFcR%?%(0?lk4Ip)s~~~@AW#=9b%83
z{(7f9O-kq;|Mk~*ZY?gWee;VQCCoN+F&$uI28P<^vm9Z5V1`=wW@a$sPLu#Eh%xzn
z{4=n?jf8WIV1boMFTny+ll>tA&r_^9U_n1wE7csVDkaqpOfOA!2Gg&hv|*YBn4gno
S29Zy*0@IJuT*0(fx(5Ij;?Oz(

diff --git a/spreadsheet/macrofree/azureapplicationgateway_sg_checklist.zh-Hant.xlsx b/spreadsheet/macrofree/azureapplicationgateway_sg_checklist.zh-Hant.xlsx
index 5b5b2918c333edda4ddd52276ad66321d31f859b..6dc6056dbc457494b35e8ac86217645ae632f8a4 100644
GIT binary patch
delta 630
zcmex;k@43>M&1B#W)=|!1_lm>Z^_CNc@J;`smSI#ZS%P%UX!bj_daYOa&*7f%j#K6
z-nO-^<JYq5U_IFMDB9!QwxrMPDwp2go_%#)bl?ZW=W~AVR=?vFq1MwZp02awLZd(5
zs_XMOcYA(UjA+{^UL9~J-EiUJou+;t1?K0q>x$2>VYg6E=@n(st9<Z-#idMbnQ%~-
zWaj=Dd!{7^E;KXA+ANbiT0cF9Vfml=%!`fH`S;BZK5UTUZ1^lmx$FMy=hrvdyxPJa
z!|n0fi%U)BLqg2o6dM)aoYlUq>%U}0{a0@Ac_bv(Cua8YW~KH!`CG@gob&V(T&NMh
zwd8D<sCK@c-<qR;SXcDC*><=7h|t7nm#%5g)+|_~v%VwUA@=C$uXozhgx>XupML*m
zn|p5Mn_to>;k22H=>QuuFr+r0<yhqpW>iJIU<NZ%V+2@1jL8*=&%gqSN#_{B0!Aq>
z!2)ur{t$tJG;2g~Pu`Md23GbqO`7q~WX^OYFi$UCnrT1B<caB`lM~Vf<w3DCbJf%M
zt;`GzQ@I%!B!E!|0}YKilP9FBgSG8Sm$nIyVPL4p(JwBk%t<ZQtH{j>@MdHZVTQ+c
z<aYPhT?c@=#h4fvfM&r#17p@?!3-&g{Tb4X!IQl*<iNb_3~45nl*x`MGTP{dEqy2*
eA<xLbkif#gAPhH(fuVs>VDkA4HMWE_kRSkqg6;eO

delta 643
zcmex$k@5FMM&1B#W)=|!1_lm>yhy2uyazaeROI)WXK!#%ye3zFHtVo~Kui45A9|-J
z2~Xxa-oEWiK$gap3zue3Fza0TwRy>-CvR8p=$kyj$x;05nY!Jl!wwlG%IvX9KG@1v
zvnhP<H=i4&ySNV;_3XXT_{grCQ}%3cVORT)(&(I>KORLNFgfqNMxo#&^Ko~DO~!_E
zCj_1G`2F^mpaN@~oXCp@h9~Pe?9!Pnp8nU7m}|N7``tNGZHm%ehT`f<KNeS3O1Hbu
z{nnVxm>KJNu!UK!XZ8Hv_9dN{vw|OT@11q)KbOMf8!fHPt)*2(_qyAUf74u>>Bo7B
zbJ6K(Q`SUmI{NDKiCwGgnWs*?yX<%W4u_vy7dNT49Cd%M*P-qZd-U|zJMC#g?<DxI
zzrJ&8aarw~U+gFWwV9LY02?zfs5YPBSmh69R7SjD1~XD(1Xw|g$>oX9zyb+L=NQ2P
zhAA(>0<x+85P|$OYeaZY-kfFzR`w=Mn(^;sj&vn3Pd8nf=>W&%3F)GfKX9;W2Y53w
zi7>-sEOO?mr}0~v85pK=GcZU1;}HfL8gnQ2r>ldF*qJVE6A{C}P?4iwTvC~nTC7)*
zn}cr9cK6p^2Y|Z8m>3v<X2C%NWA<c$3@M0PGNc(pCVOVcfq7XO(oCu;lO0lIFkH3t
gp>%{iBLhPM3j>2N+$aWy21dcj=Q7mT64O9}00YYIaR2}S

diff --git a/spreadsheet/macrofree/azureblobstorage_sg_checklist.en.xlsx b/spreadsheet/macrofree/azureblobstorage_sg_checklist.en.xlsx
index 2974fb7c37f86e66a8dd34ad80503db2c9f516a3..9220a0e53bb4afde1f4a63627e49ae4ca5a70a99 100644
GIT binary patch
delta 466
zcmcb)kMZU{M&1B#W)=|!1_lm>@5#y&c@J;^smO1<u16+bm9LNYK5QUzbidcj>RC(P
zcD1eJ*RtziJ=pXp+T-1}q|fatm)_o<eRbXKfDeYx=ltHSekUqIt*2Q$U1!IIX8&(l
z7v^#9_A6J6Xxk`m9dIYzaN**ehJGIf=I3?miqEg%woqSkh>K~uO+gKd(r$svlA1@G
zw#4VnU<gW(aA@R{yWI1rzSyiG_}}@)laZ6E@9VEDl-ay-M$tyWqwn8-ejOtB^%na&
z)+N5WtipU12J0$~<R+PIySnU{c$Mw?|AG!`g`C{%+^@ep*(3U$|8DZFCo0Q30;a6D
zirScT^wjKr<=0vNctYI1&HiVf)OkWz$<@6$EFdgQ{D|;^m5-mYy>qtaE^ilq{r=B3
z^|!xnoHa)Yrp=s82iTZ_0k!!IM~EAkq3l1G8O%5wB)|${OuiQW3@ore;v6GbU_#VO
zus}_;KSbbMj5R#8Ckw`!gH?IQ+JWhwSZ6SO2}(=ES%CS$ab^(tI4dxHGR_rD3&wi@
E01^ev{r~^~

delta 466
zcmcb)kMZU{M&1B#W)=|!1_lm>!bqu!yazadROHTRz0(t~%GY1aZZ;4&_J8W5>Yj^Q
zsuA+rHntlk8YCv?EAHH8l<ZV=_}l*YS8LYh7@Y9l_kQ>NyM;@)#7MF0pNlBC(G)LR
zdc9ijt(lcVl;6tf>=zClSG>qxoIXcPVqc#B+6nWM_)UB#HDx(0WZ|k}6S5Xw%(?PO
z&zAUg(u`g~FC3iv=WUt+v|sFC=Ku7AFV37?od5ia0nf(?y*mvA7r+1d`L%^jW_ACf
z=>nlkC&gF^WW;<;v03xVAUEHuYVq{o-|~!Cv`ijWY}(MPcP_f@{{<Vj&{<1*RC<<F
z9_E_&v}W&5i_KzR!xxyXy1Vti;B}Ro6SibXJbsw^llLRjic<wU{VLX|KYS;?CFc2d
z+pN>c;rCI3X)`C&0XAk}Ky5z55#k1BDErT41~U!^39y0~ldpw80}JerIL8PUm=N_6
zEKn2e4-q&QV+{}O$%3)wU{&6+c3`?E))`D+g3=Ok7GQpGoEbzu&I(MQjB^Fkg7F>z
Dc8|q4

diff --git a/spreadsheet/macrofree/azureblobstorage_sg_checklist.es.xlsx b/spreadsheet/macrofree/azureblobstorage_sg_checklist.es.xlsx
index 58d8d6c56ef626d496c5ae3aa24073d474faaba7..b4a4afaf7249edbf91ea4e8bcaeded1ddd7e573f 100644
GIT binary patch
delta 631
zcmX?oi1ExJM&1B#W)=|!1_lm>AIZuSc@J;`smQc2wHWS+*W~Ksy$>6R9Nq8rvU=8%
zw{6_9@*y<>+)b=Uw@<i}d-NH<=aSpo%~!{6H#~TJPVu|<^9r;RXBzOu&E5FGiQVqz
z>bPpPH&%CB6C{tty>Td<f3&6V*)fZw&NaJqx5d<a)O|2#f@+w+jwg+el?86joZ;u8
znYQF_*<X$cOwRmVB_C#_iPX>E%sA&$JzvkcId^{N`SBi}z<YE?cdy33jJSKpKCQTH
zSD>q~R$FsM!GY$&ubV$kFxj})OmyFc)tP_SGZ=MxM_5EeELVTNx1u6v{v|7QOV^e~
zH5V_bYKyJe^V??Ax@YGdQd73S{HHvvV~v1j)U3@-n~F*uZ5Ur^#jSg8XEM2<USh|;
zb8Bt0t{-1l&wvt8n>m>durULJYV#QmBM&fxF>oU@n6WiPfEC1;d?NB0SYTt+IYzKR
zQ_M@SKwhjrMBqT2H6pwxv&5T$mD$EiGya_%8LtH9)x}FQ9pIS!FkW=>hIm1FQ1n<%
zJifY)nStR97XyO?Fz#TWq4DeF2l47)ZCnY`HY-CI7%Fn~i%TkVQj7H}a&rQ_8JR?w
z;n5wr-Tigf0ibR%CI$v>m?=QIfpO2|!~`jb{Rz^HODE4tkOT8}CrC4u#Y~<UBcqLO
f*wTm65%P=-3<)d@48kaeB~6x3RAbu|2NDDTV72nP

delta 651
zcmX?ei1G9xM&1B#W)=|!1_lm>{79*ZyazaeRAlhal{H)wugTS)%{pu#&=P<2N8ag8
z!on?&oujKXOhvLXUix~>K62%k<E=+e-mc!!Cw$q-QT*(gy4|P44jCoN?6F8bn8<Et
zwJNS!?Twk8LX=yFID5dI<%$cNcN+T@^2BdfpVsZak9|^lq^F3&bQw!aW?^gL$DEo+
zd$z={lV=PPc;VRS=AYqJf6}!3!Ib}-6H1;vxmaGDCDB%*aV%y=$E5GiewNDEz1-ry
zj`c{XDyuM`g;cn`B!8grva8FK%&Sbd{ugv`TgZ8Ma%*l);k~Zk?cWU7eb!m-={C9M
z?xjhh+1qZ_%!%y&r5zx7^X;zx9jjGtt5n_$I(10<1@A|u6{`z&&a2K*d-zU#OU(1_
zwppi>uir-rr_EeU2iTZ_A+`A|hmi-E!4$ZW8O+!gBESk_Og<U;3@orI>Kr3jpgHCx
zSRg;vA0lut&KeQilUd`<z{>36r5XQBj*3?T^XlWJnf7x`77P?MFx0Ea%?a>kWD;S9
z$5^E0#N(^$m>C$(a4|4Q0OJt`8XCV$ei*L~HiJ7sI&wt_14BiQesM`<PHHhWgSNZB
z?m7U}Eyl#azzs76NH;L<j$~knFG|fR*4G1(XfBvspCHY+Wb*6;Ij~)OfV|SlHxe}E
hK?!N;L+J>4Mh1oi76t}k6hjjyD<rD1ZHxm60stfM<U9ZX

diff --git a/spreadsheet/macrofree/azureblobstorage_sg_checklist.ja.xlsx b/spreadsheet/macrofree/azureblobstorage_sg_checklist.ja.xlsx
index 3b0aa78752d5c581b4102ee65490937cebfe9a2c..3b3def9d0cbe956d3feaff646c444af0b5a7fd93 100644
GIT binary patch
delta 625
zcmaENhVktgM&1B#W)=|!1_lm>ugS_2c@J;`smQh?vo~{1ye3y4?|s-n<mi5{m({bE
zyliV*$FF7A!FsUiQMAXqZAqWoRW7}~J^Sjq=)ez#&*%K!t$xQVLanD+JY8qUg+_nA
zRoCZn?)Lny7|}LCygJ~{bHjy;cbfWr6qujat|LCbhJD3>ie3>Gy~+nKSkAoh@ljtQ
zVtlD?XB~@2;{tY8s|uH*rh2`b41PcD+1=9p<Z8^9w<Vrnw|bVO+;ngD^XnUHu4T&a
z5Swsqs)&!pgM&MMoviSfbt7yxSM1BHTmHE-%sis1Bcq#hY4c~d_wu)nZ_z7oH1gS$
zbaj&HV(qYdHFF}me{u&%-pt+ozazCR-`FQQ$iOSYbA3m;L+sJhU+=W13BBtRKmGpC
zHuv1hH@~D&!f7)X(*ZVSU`TB~%W=^M%vcy|!UAU8h!kK2F($u`dj=M`5`T^nEU+~3
zC0Jl$l0QV?ak4ccxF@Tpn1Pigq)0RVnOu{i1m-PFk!IS@F?mC%=;X^Of(oG6S);E!
zkCBCeVHqz2g9I?@V4$IKawt%t)MU9-9<W~BRB6UjlRZ;qY(Uz!yT9%_08}f+#K6D}
z(*vX%81Ke0FvJ(7<`nDefye-FMkWzvc%qoR5NOP?$$L}fz=qxf@}^Jzm8uDL%hHF^
f5%P=-3<*H@2%{L<oHThslIY}!Gy%5D$sid3@?iDQ

delta 633
zcmaERhVk7QM&1B#W)=|!1_lm>+(@a3yazaeROH{4-y66mUX!aon|0Vgpe6q3553cq
zgv~jQw{QCrkfm|u!ll_0%sN+oZC>)|$=lUC`X*0sauh#%rf&D?utP?PGJC9&54Q5v
zYzp7|&F4nxF7AUyJ$r97KC<iPls(&9*wy}{G&*PJk4Mo5OwN0+Q7AaceB51Old<94
z2|;H(e!u-CsKDALC-UNf;mLXqyL4uYr~h>%=34Ijes_*ko1%1=p}4xzkHwXh((UeZ
zzcpqvX2yCRY+;t`Sv|kEeM#r#tl)>-duQGH&!sT=MoVjRYiU){z3%qo-!#`|`f;A(
zTy%Qclr<5Xj=uVQV%I8r=BX3!F8kfT!{H~_#Z9U$N8R7+b*MYU9zFf_PJ5crI|=^l
zukYMiTvq$$7duKoZRTV;z{U&=s?BFOF8Y8O3qnm;z>MpW0<0j$<X3Uezyg=!&oP1p
zmL$Fe3rtAzhX_1Mwnl{aWVIACu(J3RX~w^kt5cM~yag%JOb0k7uMZWS{DFg2C%~JL
zNrV|5W07n0mFF?CFfc6RWnhp1#v=?gG)@TxYLc2Po5}+=M<-R9@$_VmR2dsk3~zUT
z-E{z{R*Z>(fg7d=NH;Lvi(_DjFG|fR*4G1(X!cEB05s<K<UOf!U_<W$c{3*eOx2VJ
f8M^eLbc8%3149DPJ;Er4woG<RQ)9c53=#wY5p?lV

diff --git a/spreadsheet/macrofree/azureblobstorage_sg_checklist.ko.xlsx b/spreadsheet/macrofree/azureblobstorage_sg_checklist.ko.xlsx
index db0d5ebb3ad7f758ca495c89c256bed16dc9a107..180e78edc82073f193ad5130ee54b75b7885e737 100644
GIT binary patch
delta 467
zcmca|obk$WM&1B#W)=|!1_lm>AIZuSc@J;^smQc2wU~)l<?G|U4;zRa-S73Xde)M+
zZQQZ)AvFTrO{_<^Pq>qN^clbBlH1$OSI2HQJa~Lg@w@l)3bYev8t}!<-T1(X-R|b<
zxN5aGR(D$yB#*_taVVUBw59LaF^i+lHM?}T#ngP%eK2Q&YM8)|CykGl1#Zrq;pd^5
zw&ZWwUycb(&iq^@A7-S9)X(3{IOkJ6U(dNYcYf#j@gAPQdvr#3ug1TOxO>Mwt+;Gg
zpsTP}TXROif#$-mn?Fu4*|^qBbl-*5nSa+a7<GC_SVTlDSAV{@q9SMhB`bAH*Oo;!
z7cZ%5i>=x7+h)_cXXhPKQ?|eSr#!7=jeus<tj$fEib@@A7+-0{t$S`~GP$5$V#mL8
zYi+ZxA759`fD%rdxtI>HF#|(t^I48~FEB$tn1=<-unQMp1u-TE#ykTHSjC=W1PgG-
zzXS_>kN1ZNcqUrIgL`sMqB&UAu|zvC&7R~8rhTFG<Rl9)|6Gz8L_XOHOuHnzg6W=Q
F4*->-&a?mk

delta 467
zcmca|obk$WM&1B#W)=|!1_lm>yhy2uyazadROI)WXKzfrDqnv#>#%`9OZ?FvdZ#A|
zPv$z_zU@mumd2F}mu62e>s<M@dC8+EZ&&Z=n>@kEQT*(gy4|P44jCoN?6FEd*veP4
zDSYoYpBtsSxDOij?7h+W$gZ1H_H1uqSNo6B=$xHD9z`E8Iq$tjq2MI*ad(AH#)fkz
z1fB8t{q~oj0&AO`$cqPtC+j)v(wQxu{@0P1Yq|6L-8oWiiqc(%;_6C27FSkEx4X~%
z)|kzh8S8nlg;}m=_59xUC7qYEf**44optL!m%`*5Ev?P1rBy}uy4#O`(_EYB$9al#
z(dlVZ)<kSN`s(wEU90Swr%t@P?05eTho4**H>tK9b$_qdq3#fS^z_#|?P)^qB>1nt
zzH@7FS?!x&>?q;1nTzQF8#6GZHlO8)_X0EYgLzoM47+dvRuE%yV9YbHfK}`{Mz8>P
z{7bOF_jrGZfM=pLJh&(KB$|U&9ZR$W)9gvkVA>Z-PfoG`^Uo!jLFALIz_d%UE12#{
G_5c8%{mXd(

diff --git a/spreadsheet/macrofree/azureblobstorage_sg_checklist.pt.xlsx b/spreadsheet/macrofree/azureblobstorage_sg_checklist.pt.xlsx
index 5e2a543dba845b0a0026eba266b1c6b59f68f1dc..10b71f376aefa3a2d84680875b556cdab31e6790 100644
GIT binary patch
delta 466
zcmaEJknznyM&1B#W)=|!1_lm>ugS_2c@J;^sYsdihl(d&m9LNYK5QUzbidcj>RC(P
zwzaL}*RtziJ=pXp+T-1}q|fatm)_o<eRW-Q;0MF!bAInuzvC65*3&GWuCwDpqd(uO
z>+?8wdwy4pXxk`W9dIYzaN**erhXp<=I6ERiqEfMw@^>%6=l(@eDH(CrA%#^a8Q?I
z=KdIarX>e1G&9NCER#H1KRt(G`JegBi;dO!_stGIY>?t?_$*1e>;CNL*Eia{+QJ{h
z?eW@+OHJlOLd@S38x`N2)xNFkzhp)IS8nimBqY`+X7=)CrS?1dTgSJY^Yjy3s1d)l
z<ZPFycD|k8nxlVMSM<EucDMeB(8Oq$u4&KKELd}9eMh=O?9tO-@3f~0z3US{{r=B3
z_uR@izob!uX)`C&0XAk}Ky5z5anT*jSP-z88O#U^5nu%|CTB)I0}BL2onr(GD95}6
z3-HJKLj)4ztl^<Oc}bi(Sk=8aJ1{LD?+m6>q4er_3o!p#yctA3!3s>rB)Ed<B?%q?
DQ>e{g

delta 466
zcmaEJknznyM&1B#W)=|!1_lm>{79*ZyazadROHD?ANEYVDqnv#>#%`9OZ?FvdfuCa
zg<BpwM^|Z>iezQH^!1p1<jOC{pu$hzLSv41W-eUNotC!$ZmM?TOas2SIU651vD;a$
zimO(8V`kfuAbBiK#-VWj(U!hv=PZso|Jh}`EvDv^?SnZJgtR$gJ{|Zd+4085M}3Ki
z@uj+*bu1o@3)xw%DtwIVyVl=i@cU`c?UwE*S8Kk!E%8KK(wU>38g=>e;*UQJTwePi
z${{K|$lzfE`{P&Yj}<c?ZMhZl!)^VtZ}v<lRLl||rX<deo3s7VzlF6vujf1w5$yU@
z>g^r2=4RIC!Zh7i>m5>4w!i+TyiVZef;~B!sUJn3v{f)(3EdNOzBWVc;XCmyG0(T#
zW}QyHejg>6Hghr^U}FXb)aElB7u~^(1p%9x!HlpF0ag%Wa%SW+us~4MIYzL6a?DGx
z0Dr7ML?AKF8Xnq{m&BQaRo#oT1Jm;H&R{wfO0SN$0P~;4n?d9gtiW_kf-9I_lHdUV
DgV)8T

diff --git a/spreadsheet/macrofree/azureblobstorage_sg_checklist.zh-Hant.xlsx b/spreadsheet/macrofree/azureblobstorage_sg_checklist.zh-Hant.xlsx
index 2b79344515cbe18a78a7133c7a7b64b82b2dfbe2..9231177554fb0c52578c002c24349bdcdcf97871 100644
GIT binary patch
delta 642
zcmbP#lyTlsM&1B#W)=|!1_lm>ugS_2c@J;`sYsdihl;r-UX!bj_daYOa&*7f%j#K6
z-nO-^<JYq5U_IFMDB9!QwxrMPDwp2go_%#)bl?ZW=W~AVR=?vFq1MwZp02awLZd(5
zs_XMOcYA(UjA+{^UL9~J-EiUJou+;t1?K0q>x$2>VYg6E=@n(st9<Z-#idMbnQ%~-
zWaj=Dd!{7^E;KXA+ANbiT0cF9Vfml=%!`fH`S;BZK5UTUZ1^lmx$FMy=hrvdyxPJa
z!|n0fi%U)BLqg2o6dM)aoYlUq>%U}0{a0@Ac_bv(Cua8YW~KH!`CG@gob&V(T&NMh
zwd8D<sCK@c-<qR;SXcDC*><=7h|t7nm#%5g)+|_aW_?GxL+sJhU+=W13BBtRKmGpC
zHuv1hH@~D&!f7)X(*ZVSU`TB~%i-q<X2=D-U<NZd!vt7CjL9<5&%gq#G3OY;0@q?+
zf&~u6`9lOm608xyJvk!546JNof;8iw$!imo<Uvsp!&UfN+LM7HJCcb(0vJy)(9pPl
z^1B3e1(2GVtDeShWoBTQ%FTeLMj&YN`vlR+UWtNWqvH~#8Glc%N|XWfW+qBo@kKK*
z#22OJ6zl7O$N+CfCJ|<MdWaMcVJ}+3$iScuG@T!2HIQy#{66_zq8!*5{v>I}6O*-*
lG{J6J`cOJT9;hRMg@HjBMaP!7$rs~9CwC?Zu(2e7WB_jK?}7jT

delta 621
zcmbPtlyUx1M&1B#W)=|!1_lm>yhy2uyazaeROI)WXK!#%ye3zFHtVo~Kui45A9|-J
z2~Xxa-oEWiK$gap3zue3Fza0TwRy>-CvR8p=$kyj$x;05nY!Jl!wwlG%IvX9KG@1v
zvnhP<H=i4&ySNV;_3XXT_{grCQ}%3cVORT)(&(I>KORLNFgfqNMxo#&^Ko~DO~!_E
zCj_1G`2F^mpaN@~oXCp@h9~Pe?9!Pnp8nU7m}|N7``tNGZHm%ehT`f<KNeS3O1Hbu
z{nnVxm>KJNu!UK!XZ8Hv_9dN{vw|OT@11q)KbOMf8!fHPt)*2(_qyAUf74u>>Bo7B
zbJ6K(Q`SUmI{NDKiCwGgnWs*?yX<%W4u_vy7dNT49Cd%M*P-qZd-U|zJMC#g?<DxI
zzrJ&8aarw~U+gFWwV9LY02?zfs5YPB@bd&SWP@HXgBcuQ0<0j$Wa;Q<U;&nxbBtht
ztFbS^0te&#Ap*h))`;+)9G+kXRyH9)n(^=CH3>>!-bEnqz~r|H>I$HknYrp|{8nZL
zhN;{P3=+U-gMo%d!Jx@HK~j_b5_!PdViTnq|4gn-l(7M6+wT6l>i|%#7!v~nP$wKT
zF!Dz;FvJ(7<`nDefye-FMkWzvc!HRG5opYh$!`<oz=rZANi&|Dtd*n*cFWR-(h>5E
h3=9b@3=G0>BN-SP7`Mhvz7Qumxg$w{jWq!z0{}s}?brYS

diff --git a/spreadsheet/macrofree/azureexpressroute_sg_checklist.en.xlsx b/spreadsheet/macrofree/azureexpressroute_sg_checklist.en.xlsx
index 83d5f9a047a7c683ef334130b235eda5159dda2d..9a41ab4c05a7d685d653f5060ea19c7d63397f6a 100644
GIT binary patch
delta 466
zcmbQeg>m*4M&1B#W)=|!1_lm>ugS_2c@J;^smQh?vo}w?DqkP(eb_+c=zg!4)w7qp
zY-?M`uVvT4da&tHw8y(`NuS$QF1@`y`|7&rzz>Gc=ltHSe#a|9t*2Q$U1!IIMt{Cl
z*XMEW_WZ6G(KbQ6I^fQ8!-b1?n)-bdn4j0KBR;=|eZ_%_UJ(|($_Fo4&b;yQQC}ir
ze5r0{9g9cf0(Mrb3YVg$dcB(ren0Km-O~N!YRs3nC7xindX}WzbZ_?a>l<sXWy<dm
zn{aKah>yjCgFAkmtniq1BWyNT?8~cL{<$;EJff;2qnmSS^JlmB^0$s}(JOE?^4XMh
zb&}~~?XY__b0WHbatBD>%-#LJBegBx*e5#3z$?OYeMh=O?9tO-@3f~0z3US{{r=B3
z_uR@izob!uX)`C&0XAk}Ky5z5A?65XJoTK*3}&?Y3b2A0lV=1y0}C_;pJN0I1ckl?
z3)qGELj)#-Tf;+p^5t-IuqxgNJ234R;S8pyK<Qf%7GS<;q!~m$(h5v>N4kRP%aI-c
DaKg^C

delta 466
zcmbQeg>m*4M&1B#W)=|!1_lm>yhy2uyazadRAla_DH0Q}%GaOGI&2`&5`XlE-swrg
z!Yz-TqpLJbMY1wp`g+Vha^;s}P~oR<p)tohGZ!xCPD|T=H&r`vrU75voQ)5h*zGJ=
z#Z{}lF|%z+kUSPA<4`#NXiML-a~4OP|Ln5e7E|-dHeuFt)i8k_PZ}Q^3*4MJ!_PxA
zZOPxFzZ?^oocXy*KFmm|XNlj;IOkKnSkJjRHox-xcn?qDJvyUXSn$t1oBe%<7yJD_
zu(e^!x+MvR82OJ~^*`o(=}6|*l^=TJeBaiyOz_M(bm-(Ev%MDiNB=tio^j1&Im=U)
zi>2OPVQX$?eJ)JXeYM^pHD&wjf6D6u_Bn3J;Y|E^G5Qf}K={WZ+wTi!w(PzvUNraq
zw-vhmvGvR-!L*r^=>QuuFrYS{;Sh5KGoE_RWd<`^eFa!SjL9>Co`D4#gU>O71%g6f
zf(7it{2>Ap!mZ(<J^6CDIan2MgdLdni*N?hQ=s&%2n#S@G|~(rA87@qyCYq}^yNqo
E05ZJAy#N3J

diff --git a/spreadsheet/macrofree/azureexpressroute_sg_checklist.es.xlsx b/spreadsheet/macrofree/azureexpressroute_sg_checklist.es.xlsx
index 76997adef4bb65f8349d4af9d4fdeff9e929a524..4dd3e49f4d7a52ed51fdc86030e9f8b66b699760 100644
GIT binary patch
delta 467
zcmdnCopIZCM&1B#W)=|!1_lm>AIZuSc@J;^smQc2wU~)l<?G|U4;zRa-S73Xde)M+
zZQQZ)AvFTrO{_<^Pq>qN^clbBlH1$OSI2HQJa~Lg@w@l)3bYev8t}!<-T1(X-R|b<
zxN5aGR(D$yB#*_taVVUBw59LaF^i+lHM?}T#ngP%eK2Q&YM8)|CykGl1#Zrq;pd^5
zw&ZWwUycb(&iq^@A7-S9)X(3{IOkJ6U(dNYcYf#j@gAPQdvr#3ug1TOxO>Mwt+;Gg
zpsTP}TXROif#$-mn?Fu4*|^qBbl-*5nSa+a7<GC_SVTlDSAV{@q9SMhB`bAH*Oo;!
z7cZ%5i>=x7+h)_cXXhPKQ?|eSr#!7=jeus<tj$fEib@@A7+-0{t$S`~GP$5$V#mL8
zYi+ZxA759`fD%rdxtI>HF#|(t^I48LPGClk_eN$gL&0Bw6~vfq9P$h-AQO6y5iIaF
z>?K&>X1G5@Ks(YJ9^8}jBF(|7Rz%u?>6ektU|K&4LYGEafcYDu%pmenR$y8!+7(Ra
HMSB1MmzdBg

delta 467
zcmdnCopIZCM&1B#W)=|!1_lm>f=H=}yazadRHT|lmiol2^7Uu44jTxx#2@{UcY2es
zaLZ%o=qe3Uk*tiDz8<rWT>0gA>(P_9t9SGXUv_d7KYONb_vx@hMu{?eERqi<vfEj$
zimO(8V`iri<<=q29&l&5;=<;g#(sr7@!Qp>b^GsQpOhZyDWWi4#?q2m*jo58r{>X~
zE%EE*8G{5~I5xWZXL!}0H0^#c<^Se{l4nmYmKSG9w3TQai<!|e>HD*vr80Iex45rk
zJyNR5D$Hjg6>cxdA1J)+>M|wsD$}k11s&WLavq-Cnp;zNuj_aFH^X(Gb(VX&O|H3n
zX_9F6wp%rGBD;TS2T0z0yX$|)YL(k6l{bS<9n$WSe#9CO{;<gQ`wgE%cO^1+p3ASk
zGVS=f{fsE#w3&<P02?zfq&A=BnBxRy<alpn1~U}=1z16h$;KhizydO%=NQ2PZ^K@K
z1#X7>Lj<%Vt>M8vIWN*2tZGH19hiO@=?tdzqabu?lm(c-A<7IQA7urm)uLU&bY8Rv
E0Ao43RsaA1

diff --git a/spreadsheet/macrofree/azureexpressroute_sg_checklist.ja.xlsx b/spreadsheet/macrofree/azureexpressroute_sg_checklist.ja.xlsx
index 410a1adb81c7310f1d07be1c26aa5968950be4ed..740edfead2682d21e899105389cd6165b3b86441 100644
GIT binary patch
delta 466
zcmdnFpK<4YM&1B#W)=|!1_lm>Z^_CNc@J;^sYuD~_v0sCm9M|+eb_+c=>MsgzMFX3
zx3#U~*RtziJ=pXp+T-1}q|c5*FTdTNeRbXKfDeYx=ltHSekUqIt*2Q$U1!IIX8&(l
z7v^#9_A6J6Xxk`m9dIYzaN**ehJGIf=I3?miqEg%wop%L6=l(@eDH(ArA%>|aZnd)
z=Kebdj7ts}G%(59ER#H1|2&6b`JegBlQ*k;-xnYB*di_2@M)5A*ZteiudlRuwUs}H
z+hcYVmzvCngqY7MHY&L}t9^U*zf{HjS8nimBqYWscJ1ZKO6_;@yN+);>FFo9P-DH-
zt|Zr^r)Kvnzs~x{6XN!5_CNci&J(&yuI|NQ0bya{M}!xweEgK{owGG}dAs=Q_kXsj
zzx{RNtT{?BZRTV;z{U&=sLf|MWZl4wH-088V1{zA04s<w*(~B2SU^7V93xoZL)1&K
zz@2D+h=5+KH9WK@7si@{RjrP-1JiF}ox!wG9E7fjvjFoq$C*Lo<E+56X1ptyE{yj8
E018vfdjJ3c

delta 466
zcmdnFpK<4YM&1B#W)=|!1_lm>yhy2uyazadRAla_DH0Q}%GaOGI&2`&5`XlE-swrg
z!Yz-TqpLJbMY1wp`g+Vha^;s}P~oR<p)tohGZ!xCPD|T=H&r`vrU75voQ)5h*zGJ=
z#Z{}lF|%z+kUSPA<4`#NXiML-a~4OP|Ln5e7E|-dHeuFt)i8k_PZ}Q^3*4MJ!_PxA
zZOPxFzZ?^oocXy*KFmm|XNlj;IOkKnSkJjRHox-xcn?qDJvyUXSn$t1oBe%<7yJD_
zu(e^!x+MvR82OJ~^*`o(=}6|*l^=TJeBaiyOz_M(bm-(Ev%MDiNB=tio^j1&Im=U)
zi>2OPVQX$?eJ)JXeYM^pHD&wjf6D6u_Bn3J;Y|E^G5Qf}K={WZ+wTi!w(PzvUNraq
zw-vhmvGvR-!L*r^=>QuuFrYS{;gEF$Gv4@_uz(rL!2+xx#$>aIXJ7&O$a9Qffe%qH
z!2)-p{UHK+vDWa=o?IAf4py}~)(%X+iFF3kMsX0jBF+NL-yCNKk&m+i)0*+FV7f5g
F0|2Lv##I0S

diff --git a/spreadsheet/macrofree/azureexpressroute_sg_checklist.ko.xlsx b/spreadsheet/macrofree/azureexpressroute_sg_checklist.ko.xlsx
index 1ae0631723dd35913d8f898c7d6a62510e3fa2d8..45aea3048da3e7b26a1972ed40f90aa438ca5dcf 100644
GIT binary patch
delta 478
zcmZ3qhjGy!M&1B#W)=|!1_lm>@5#y&c@GEzsmO1<u1B~Sfuc+d41$wCMvK(9PK@_H
zY#?%Uzt_v^Sxeq_wXNgVvg=?y*z_pc<K4ET&+RIg-rk;lb=~cN4~Ea@{NAm8Cn`d%
zr&&B*XUBzR|8H3r=5g-!D_4wY+bC`wa3|ex;o_Z!ejf$q=XL9f&#&ROP+xM0i)p$|
zK@E%2Zh^~^nn#<q#OKXm2uhG}XylW-T;KDk*sLM=-}%Oqk&~+L>#r=7*}QQ^(MG|e
z@85oY9U}Mj7W+EZCBC|>!h975>ne@pCYf!!y6l*EmF@cff(~khoZRf(ufIImBl?~H
zZt|@sD$6?prmVM$+L(0o)a-uc*IEB~LfpR1{%4=mc|upo)x9_@AS_J$i131ykDs!=
zbGGJ|EN_4P{?9h`x4&+jHAe}u&74dJ*qDKVw)qUlIu|gb)|ZC`%;*UeU<ENI&kuVB
z7U&2+#|RdPjC=_eaE<bZ2uzQ*=75F#<Xh3^U{xY9c3?U*#u-e{hSCpXEWmu3STl%x
QtQDA^6zdA6Z^e2507`n!4gdfE

delta 478
zcmZ3qhjGy!M&1B#W)=|!1_lm>f=H=}yaxn<ROB9K<L6wAKv5<J2EoZ6qebdlC!WnZ
zY#`7QfAojm=}E%EEsvd}t29hSvNB%!ddxm@<(Fen;iqq*F~>VI7cS^dOWS`pRXcH}
z0bksljSrmI?JQTtRja)*vu#O`JQgS8P&of+OW(6|7Dt``?6Tb!Q}f9-Vb*iiFo7LU
z8Xp@A+?+YX&qFh9$={;C921zF`MF9y)Xzv^iQmjP=Tp5{&$&4^zw-Qe4^QAdI-^@y
z@XtM){e6cQ`~5z!wPDM;B?*TZ`Hx-oKjwVtNaog+A9~|_-`2BC@XR@M=;R@@y%zaL
z|2qGkam{2o%Ttz%rQTj)Yi?$JE=<#Xwca5$W&7)Y%IgC5Ic~|}O#CSNrLBVTO6Z=L
z^R*djk`Lc)iFv-=HtTfq_4_D6wwaUZ02?zf&^DjpSmy#})cW$UfEhi30<0j$<oRLG
zzyclN=NQ2Pk&!RK0<Ka15P|8@)*P^qpL{FY9IQ$t#tuw}#yErN*--jnj0Ko46Ke*M
QkF^5RlVV-L^sQJA01tY|e*gdg

diff --git a/spreadsheet/macrofree/azureexpressroute_sg_checklist.pt.xlsx b/spreadsheet/macrofree/azureexpressroute_sg_checklist.pt.xlsx
index 63e001f65715b5a1e382b07009b22641425dccdb..0109ffe6428386ef681c34d574db46d12ba918de 100644
GIT binary patch
delta 651
zcmdn9opJAWM&1B#W)=|!1_lm>@5#y&c@J;`smPo(85Zt|*W~Ksy$>6R9NmBFMfI#D
zZ<n>L<JYq5U_IFMDB9!QwxrMPDwp2go_%#)^vnmz=PbXM`|nt~!AF99{ke#Og{=E;
ztoEx`dt-I8H9_)N+#83&`NvxNo*lC|>Rhu+cUw%&N8JZK6GX!Vc06f(tSoS|b4HJc
zrrMIfWp^1SFgdexm3)}7Or(DPX2v<6>iKxiO}X>C%<F6I{BJ)eboXlfTM>V+?bC{@
zb_Kc$E4?&l6dY(Syt?`0h84-txn4C3r$7D`&-g@1FY#eQ;@mlNzW;f+vC?Z*Pl||O
z*QQkGaGm%~kG_3AG3)I7##1NCF8_1a5!mUhlAm#`=v3Ei?nj&fQ$H5TeqSip`di}g
zAM5Mi7M$&m{mXz7P@6fK4zMu;gKF~`j)hKOMuGQcW-vp|Uw{?Fm~0vH3@o4&dX5n+
z@Hy-ySm1uRKSaPV(i#!olS?Dbz{=J|N;CeQd@522%zGax&2)fca=o|c<PRLI+5z5-
zOd`zi7>neq@3L-SW?<mvW?+y2#v=?gG^R`rj8X?1Q5_{6Ddo?=P?4iwTvC~nTC7)*
zn}cr9cK6p^2Y|Z8n1F`COaamjjJhEV4Dm&&ImP;VAQDaE<o8k1jAE0yqvgPM=|oF2
nKA-Fnttk&mNJ}3|N60fWFeI=rFbJa<dU^7MXf-zFNRS`^hyVI)

delta 633
zcmdnHopH~0M&1B#W)=|!1_lm>yhy2uyazaeRAla_DH2>0ugTS)%{pu#&=P<2hu-N)
z!on?&oujKXOhvLXUix~>K62%kV^HCzZ=o^AJ2Mw9=uS)9e>YV-ai#%Z+?<UMoY?Iw
zSH)GUy)m<GNsv4iC*x2!|7c6!vvU?lo&W5z-4;{x$u?oubJZ|`9Zwn`8w=c=Im6FG
zGi}M=qQ4vyn4I~!N<Pd;sb`7b%sA&$y;#q=IX1uY{CE#f;5|B{TUhYVJ)8Y~hZp<(
zKCrc6%eo~AhZy;fUG+caeCbH$)|DT6<9y%NvrO>JIdtgcA+x;}`A7dc|DJKpWI4-I
zmW!p{USVr)W_>P9(|xtxAvI<D>wn7Y0`@s>$>B`=crp4BYe4wNBHQl^XSVFVEM7GC
z{<jsn{jv4TDB-l3i|GIxGccq!pXFHS1ZEU^Z)OHF)cplmL5#^(A<w`9%Aw~N!2(~x
zUV;T4g!@ATj3TWO!9BSw(hRI@eWWzwpUI~qmB73Yk<v{2IVLxFiy9j0RpjObcr!AI
zFvDXklCQqYx`CO2ft#CwK>`?$FwoGL><!c<H90qm2W(JHlr*E{<QY*iHlP^Z?*6*#
z08p(M6HqHm50GwP)Cpl=h%ZXbDc08mk!bc!{s1&abTUu09N19ZXlcf0lRcv~<w1rn
deJC9v&&a@#z{0>FjAH1e$rGd1*pwncf&huZ<$nMG

diff --git a/spreadsheet/macrofree/azureexpressroute_sg_checklist.zh-Hant.xlsx b/spreadsheet/macrofree/azureexpressroute_sg_checklist.zh-Hant.xlsx
index 9df8a98cbad36e7a159bf4f9171863a2cefff3e0..6f1b1cef79fc4894f8ebcc5cf961626d3b375633 100644
GIT binary patch
delta 663
zcmeyelkxLTM&1B#W)=|!1_lm>ugS_2c@J;`sYsdihl;r-UX!bj_daYOa&*7f%j#K6
z-nO-^<JYq5U_IFMDB9!QwxrMPDwp2go_%#)bl?ZW=W~AVR=?vFq1MwZp02awLZd(5
zs_XMOcYA(UjA+{^UL9~J-EiUJou+;t1?K0q>x$2>VYg6E=@n(st9<Z-#idMbnQ%~-
zWaj=Dd!{7^E;KXA+ANbiT0cF9Vfml=%!`fH`S;BZK5UTUZ1^lmx$FMy=hrvdyxPJa
z!|n0fi%U)BLqg2o6dM)aoYlUq>%U}0{a0@Ac_bv(Cua8YW~KH!`CG@gob&V(T&NMh
zwd8D<sCK@c-<qR;SXcDC*><=7h|t7nm#%5g)+|_aW_?GxL+sJhU+=W13BBtRKmGpC
zHuv1hH@~D&!f7)X(*ZVSU`TB~%dyxQ%qaGG!3<`^1qiT$7?TS_pMeFU!p<>*1+*hx
zf(67Q{UHLGQPzmyp1d~7Odb^Y2gL>UO=4qUIHthBAPkHd7-(SpGnpw`Ndcs0edy=c
z1<ni%X%0*b5-<fox}kAD$K*R4Qj_DNdBAq&MoTlMPVS6W2OAwW;YG*`76t|l0|o|O
zWNnNAlg~%XfOWhB>PVi<6(bb`vPe9Hy=Vy|1A{s<0|P&b4xcavhKd~h^8BLgr2PDB
zy^7qN0B=Sn5oUO5id-F6q_+jAsh5d?K?+5)?Bs?RO|W%qVx$>4C!dH>V~dOeDFFab
C{_#lw

delta 710
zcmeyolkv+=M&1B#W)=|!1_lm>f=H=}yazaeRHT|lmOA&uYjX8xvkn^ww8S6%k#~BN
zuyD&`=jbX8Q<1EUm%bjek6iiXc<a%Vx2t#b314<{6hC{WZujZ1Lq>@*dn}R<CbHXE
zt%|Ewdt+v&5are(&K_`Qx#Gg+oyLBJJn`Grr*-@9W1o~B=_#TxUB=RqS=d_mF{kFy
zo-Og~<QanmUN|<o`Db|5pET`$Fy;T|gpy}ZE|wQ(Nwk${9E+LJG3ooWpQSQ(FSod_
zV?9!;$|}rfAr)>f$sZ`Z?CLTl^D5J={{<b~7IGe*+?rccc(3bs`!~aNpLLddx=pUR
zduftr_O@F!b0WKcX$MH&e7oy^$7+?^DwQ{bP94(jl77S*5dN^p_WKQ=Lw6-Icb?0y
zzB29jy8VnO0kxTv=>QuuFsL@4;aKbpW)%6nU<NZ{0|Zz>jL8L|&%gqaVdogZ0$LF-
z!2)8D{t$tTC~HJ`PhJycCJzezgW>}FCb2Ov98+Lm5C%pK3^XwQoy-`mqySR0KJ@eJ
z0%rz>GzTUI377&P-OzY|V{)U9=;RL^tdnD-dBFDOL`yTJ`2dBbv;({unM9c35gr*f
z;YG*`76t|l0|o|OWOEn;C!dR!0c(F7EnS}y%D@m`l$ukluLmO0jS&xFFIvLLz@W~|
zz`&1UjBgkNLq(2$d45rLQht86UPW#Wy5`k!MS5F+ntGWS7^F}%%SC`S#}`d*k5L4>
TWp#`+BiH2PF=}j4Q6QxN_J8QN

diff --git a/spreadsheet/macrofree/azurefiles_sg_checklist.en.xlsx b/spreadsheet/macrofree/azurefiles_sg_checklist.en.xlsx
index e44be29c47c683464c7d0a91d23f8a819dd716a5..7dab439f89cf97bf298240961e8e6d8dcc09c2f9 100644
GIT binary patch
delta 478
zcmbPql5x^WM&1B#W)=|!1_lm>ugS_2c@GEzsYsdihl;rvfuc+d41$vrlSJxUC&qgp
zHV`?w-|J=dtR-*T+Sc)F*>$iUY<d*!@ornv=XRA#Z*R}Ox-L5KgW>Zzzjv$O@rqFE
zX%<h{*>R!KpKsOmd7QgFzbi(xZ4|E#xRY+UaPdx4zmEd*^V)UA=hv`XsHgObvglPl
z_`%{*rnXEts7o?)e~dlTk^>i-nPhF2)k_|op2M*G&wS>^#_Ih0W(OZONO3lNmZaQu
zfA;h18*N@~;g8|=c<sfdCi5X7=5LCPif_(p-`4eCvZDSgH~2gf66+H)dwH```<?u)
z<6F*o`Ux)7h~HXrwo6ny-_CE%(Lby!dfsfiTYp4oVzf)wv}bD;tU0s3Bi$kP=;^O_
z+S7z2-}Rk-|7V+fZsnU_(kMZ;nUm=N8#6G_HlN|>^#(IyLgq4q8GphBSV4@*{ISo#
z0zYEUF@gn7#=is$Y)$Zo2(TwvbHGA=vR9HhSXE1s9hg3v<P4^{lOc3qvIUsmlWYc&
QPqqTnOewBl+AGBa0P*F{IsgCw

delta 478
zcmbPql5x^WM&1B#W)=|!1_lm>{79*Zyaxn<RAlhal{H+9Kv5<J2EoaRNh0;F6VGNH
zHV|luKl&r@^d@29mdDP~RT`!uSs5>VJ!T)d^2_noqbF}y@8}c0?BpnZ_DtRG(_x2<
z5@q&SBp*y<x3gLmSFQHO%uXT7twWqW;LdWzh0QyS{R(;Fx2sR<_TR@oDLv9tL}9v&
zr6selweVw3&7(bA;@8PD1_``yY;^Ol&+s~F+Wlb4|IG;{&z@W?FV2!^E73R>GoxeD
z_h&y#W$a#VabL%Jq*Rqvn9o8g++LDDP<YwZWlH8%rd$6DI=C(5JUqEIx2Eu3*YEak
zhU-4-EcbMqTyyu*B+=|`w`%4@cK^~2ki7YJ*Z+>yDz{ZCZw8$@r2T^TBh!l21v}?e
z=cq|Oe77a$`F7i^)5+KGqXgMzPNoBF%)mg~e1@af8_b9anad1j{0SFe1u-V`$36oK
z{D?ir2o^XQ{}L>)HNhVuz@B8y0So!bUP<O)RV_(&VESm1GnnR1hR}h@7GQo)vKd4^
P*$PZErMQA=uM`geok_pU

diff --git a/spreadsheet/macrofree/azurefiles_sg_checklist.es.xlsx b/spreadsheet/macrofree/azurefiles_sg_checklist.es.xlsx
index 22ce28762d179b8bb698118a7167a27fad50c26b..00069feafdb9384f5ff71ada72f1b729eec97fe7 100644
GIT binary patch
delta 629
zcmX?gj`8F<M&1B#W)=|!1_lm>Z^_CNc@J;`smSI#ZS%P%UX!bj_daYOa&*7f%j#K6
z-nO-^<JYq5U_IFMDB9!QwxrMPDwp2go_%#)bl?ZW=W~AVR=?vFq1MwZp02awLZd(5
zs_XMOcYA(UjA+{^UL9~J-EiUJou+;t1?K0q>x$2>VYg6E=@n(st9<Z-#idMbnQ%~-
zWaj=Dd!{7^E;KXA+ANbiT0cF9Vfml=%!`fH`S;BZK5UTUZ1^lmx$FMy=hrvdyxPJa
z!|n0fi%U)BLqg2o6dM)aoYlUq>%U}0{a0@Ac_bv(Cua8YW~KH!`CG@gob&V(T&NMh
zwd8D<sCK@c-<qR;SXcDC*><=7h|t7nm#%5g)+|_~v%VwUA@=C$uXozhgx>XupML*m
zn|p5Mn_to>;k22H=>QuuFr+r0<uLFAF*b#7WCjati4tH1F(x06e+CxVkZ_I>EYO(r
z5-gCL><<yxpJI&&?a9okW?*GDsnU#pCP$<yfqAv5(oFj~CO=3OoxDC(P#zRHmJ^S!
zu486kIK#!jAOVay7-(qxH2Hq2I#?TLnzYTbC<ca#9R1>w%AC|<y^7qN0B=Sn5oUN~
zM{ak2-E{z{Ta1Z;fg5HDkZxeyIXNLs3SxhnG~=SlGt=b2yj^M1OvOo)CnU*eqZ_vL
cp>%{iBLhPM3j>2Nied4S<<iyI)~A330p{TFd;kCd

delta 643
zcmX?kj`7qvM&1B#W)=|!1_lm>f=H=}yazaeRHT|lmOA&uYjX8xvkn^ww8S6%k#~BN
zuyD&`=jbX8Q<1EUm%bjek6iiXc<a%Vx2t#b314<{6hC{WZujZ1Lq>@*dn}R<CbHXE
zt%|Ewdt+v&5are(&K_`Qx#Gg+oyLBJJn`Grr*-@9W1o~B=_#TxUB=RqS=d_mF{kFy
zo-Og~<QanmUN|<o`Db|5pET`$Fy;T|gpy}ZE|wQ(Nwk${9E+LJG3ooWpQSQ(FSod_
zV?9!;$|}rfAr)>f$sZ`Z?CLTl^D5J={{<b~7IGe*+?rccc(3bs`!~aNpLLddx=pUR
zduftr_O@F!b0WKcX$MH&e7oy^$7+?^DwQ{bP94(jl77S*5dN^p_WKQ=Lw6-Icb?0y
zzB29jy8VnO0kxTv=>QuuFsL@4;V|$6GyaEdWCk-fM+vZk7?Y31KLZP_PdLX27HCL%
z2^Ppn_J;`UOR+|T_hhD2Gq5u2RB6V)lfzS$z`UANX{G}llkcaBPX55bsvY3X$RxrH
zkFiM0iN{yhF*7in;bLHr0LCK>G&Fvmd@of!3KX4T6JCV8U}0d;FkoQdg((2i4UEg9
z7#J#Y^ovU>b5e`-Dspqsjo<G6y6XT?sTdOj12>A+U6bR}q#!O#lV)5zc}AKXn71=c
fnyDmda(|KxKbm2a8Pla16DG^1tFdiJ0ht8==j7n&

diff --git a/spreadsheet/macrofree/azurefiles_sg_checklist.ja.xlsx b/spreadsheet/macrofree/azurefiles_sg_checklist.ja.xlsx
index 65f70209dcfff8b781447aa654f35c38ef000038..0dad13cb098046d03284f2867c169ce69987c912 100644
GIT binary patch
delta 638
zcmbPmhjHQ^M&1B#W)=|!1_lm>@5#y&c@J;`smPo(85Zt|*W~Ksy$>6R9NmBFMfI#D
zZ<n>L<JYq5U_IFMDB9!QwxrMPDwp2go_%#)^vnmz=PbXM`|nt~!AF99{ke#Og{=E;
ztoEx`dt-I8H9_)N+#83&`NvxNo*lC|>Rhu+cUw%&N8JZK6GX!Vc06f(tSoS|b4HJc
zrrMIfWp^1SFgdexm3)}7Or(DPX2v<6>iKxiO}X>C%<F6I{BJ)eboXlfTM>V+?bC{@
zb_Kc$E4?&l6dY(Syt?`0h84-txn4C3r$7D`&-g@1FY#eQ;@mlNzW;f+vC?Z*Pl||O
z*QQkGaGm%~kG_3AG3)I7##1NCF8_1a5!mUhlAm#`=v3Ei?nj&fQ$H5TeqSip`di}g
zAM5Mi7M$&m{mXz7P@6fK4zMu;gKF~`j*<{C!#UQ31<a^Q6kr80CikX20}GU;pJN0I
zxM#iu3m9klLj+p0tr6ip`DC`4JSg-JiVN(U#KypIOo4$x7#KA$(7^b2vRsZ5Sk1FI
zt18D328NH<nHVHs3V?J&<AKTXIqG2RI&-9%%ws1f<cLn*og)YqI-euWm^b-#jtrQ`
zl`C!4n8v^mUzD0ttgi<m1H2iTM3~_TB2qkry=Vy|1A{s<0|P&@J&akC<8$S}#x&$g
jGg?ocldB1K+0uv75%NGC2`uQYSD*YOSB<Sa8)OUsG@AKc

delta 626
zcmbPuhjGFkM&1B#W)=|!1_lm>yhy2uyaxn<RAla_DH2?aKv5<J2EoY>vPJ4!C!WnZ
zY#`7QfAojm=}E%EEsvd}t29hSvNB%!ddxm@<(Fen;iqq*F~>VI7cS^dOWS`pRXcH}
z0bksljSrmI?JQTtRja)*vu#O`JQgS8P&of+OW(6|7Dt``?6Tb!Q}f9-Vb*iiFo7LU
z8Xp@A+?+YX&qFh9$={;C921zF`MF9y)Xzv^iQmjP=Tp5{&$&4^zw-Qe4^QAdI-^@y
z@XtM){e6cQ`~5z!wPDM;B?*TZ`Hx-oKjwVtNaog+A9~|_-`2BC@XR@M=;R@@y%zaL
z|2qGkam{2o%Ttz%rQTj)Yi?$JE=<#Xwca5$W&7)Y%IgC5Ic~|}O#FB;`VnhD_{SpK
z?+a(PNbbH|H240u6}tVg^~@+iwwa6R02?zf&^DjtC<y^GTw+aFz>Mld0ag%Wa$njr
zut0hGIYzL6N9IegfJv4=M4&C(niC%KlTT%v$%A+Y#Rc|FVq;)9rog};42%vKXkh#^
zSw2SztmavqRh4511H;GbObik*1wgu?asT9m9CfgDT{+TBX0ekKb3`Za$q@t#UC5DU
z%$@uuM+VH}&Xu-mNMm4#FG|fR*4G1(0p5&EBFyll5h)(RUbF<5Ce)c382FLxVa%MI
hkShl^rZHEV(Q5MCTum_VB#@^z`Dv~iTUj<p0|22L=UD&%

diff --git a/spreadsheet/macrofree/azurefiles_sg_checklist.ko.xlsx b/spreadsheet/macrofree/azurefiles_sg_checklist.ko.xlsx
index d5386de61d80f2646bafc77e5688cbd9ad12495c..ef69ca3db07e8cf818bd6351b6e4849377a803ae 100644
GIT binary patch
delta 466
zcmbP#m2v)6M&1B#W)=|!1_lm>Z^_CNc@J;^smSI#ZSyBym9LNYK5QUzbidcj>RC(P
zwzaL}*RtziJ=pXp+T-1}q|fatm)_o<eRW-Q;0MF!bAInuzvC65*3&GWuCwDpqd(uO
z>+?8wdwy4pXxk`W9dIYzaN**erhXp<=I6ERiqEfMw@^>%6=l(@eDH(CrA%#^a8Q?I
z=KdIarX>e1G&9NCER#H1KRt(G`JegBi;dO!_stGIY>?t?_$*1e>;CNL*Eia{+QJ{h
z?eW@+OHJlOLd@S38x`N2)xNFkzhp)IS8nimBqY`+X7=)CrS?1dTgSJY^Yjy3s1d)l
z<ZPFycD|k8nxlVMSM<EucDMeB(8Oq$u4&KKELfwnz9Zcs_UP%aciPj0-t~!}e*b5i
zdv4{MU(zVSw3(CX02?zfpf;c3&<+GMens-IfEk=|0<0j$WSQh=U;);YbBthtYpE~6
z0*BK4Ap#;9*6`4t9G+ngRy8rh4oqLla0b&7nGiZI(*n$&nP~=*&$I&5{8_GGIy}n*
E0JHndng9R*

delta 466
zcmbP#m2v)6M&1B#W)=|!1_lm>{79*ZyazadRAlhal{FKu%GaOGI&2`&5`XkZ-sw%k
z!Yz-TqpLJbMY1wp`g+Vha^;uftw&GZuHMlneA&rS{Op;!-KWD2870c>u}D6c$Zlt~
zDy~}XjhUT7lv{^5d%&ILiVK@}8v7OU#BW!h*6qKKeNuX)r-;II8B0rMVQb;XoSH{_
zw#2WKXABZ};n?WrpW#)1(zN@*l>eI(N}fHrSYDhZ(N>~yEM`W>r0>sumde<@+~U5D
z^+>5It1zF1RJgq)f1vQPtIL$kt4z247j$r2$a#2jYi>>9y{_Nw-wfA%)>-c9Ho4~R
zrAeaM+ium&iR}KR9Uyu0?XLeFt5t5RRNf3abx8XK??<K;s|$9{tIkn-_)dIF%=7KG
zS*Me)-$x0i&74dJ*qDI<wfPK(b|9GXE0Tu=%;1a@U<ENI%OpPo3$Uh~V+0FaOMM9z
zIF#lO5fI6+hKKg#@C<XXs)-qPVER&qGnkghgwS!B7GVC&Of!glrWKgx&vFIR;aMI4
D&$7L+

diff --git a/spreadsheet/macrofree/azurefiles_sg_checklist.pt.xlsx b/spreadsheet/macrofree/azurefiles_sg_checklist.pt.xlsx
index 6cbfa32aa6f41d931480299b236e8c168f931248..6c60393b4acac27af1168d710753e25c1a125db8 100644
GIT binary patch
delta 664
zcmX?lj`7$zM&1B#W)=|!1_lm>@5#y&c@J;`smPo(85Zt|*W~Ksy$>6R9NmBFMfI#D
zZ<n>L<JYq5U_IFMDB9!QwxrMPDwp2go_%#)^vnmz=PbXM`|nt~!AF99{ke#Og{=E;
ztoEx`dt-I8H9_)N+#83&`NvxNo*lC|>Rhu+cUw%&N8JZK6GX!Vc06f(tSoS|b4HJc
zrrMIfWp^1SFgdexm3)}7Or(DPX2v<6>iKxiO}X>C%<F6I{BJ)eboXlfTM>V+?bC{@
zb_Kc$E4?&l6dY(Syt?`0h84-txn4C3r$7D`&-g@1FY#eQ;@mlNzW;f+vC?Z*Pl||O
z*QQkGaGm%~kG_3AG3)I7##1NCF8_1a5!mUhlAm#`=v3Ei?nj&fQ$H5TeqSip`di}g
zAM5Mi7M$&m{mXz7P@6fK4zMu;gKF~`4lO@0<7e1rW-w!YlmIJ;G5JvZGqAwwgma8w
zftsY3V1bNee~7@Y6l+9yPyUx;CJzezgW>}FCb2Ov98+Lm5C%pK3^XwQogAF1qySR$
zFt%IkyDtL+w?7ku1WW;tZfHEfG5I!!)a3Q4JYYNbrAjltoqQ`*9c*;igcl(%SQr>I
z3>X-Ak+m@{o~)221J+@mCe65Qa&($h49Ft!5cZ-aj0_Cw%nS_tC_3gRFfdf)=$Gdg
zWhdq5XX{nu<^*^%GKnz5lT+mCxFWqRKux_&3=C2znhPdhOw$Bg_ZMhg%w)-QHMTV=
GASD3w^Z{)E

delta 624
zcmX?hj`8R@M&1B#W)=|!1_lm>f=H=}yazaeROB9K<L6uxugTS)%{pu#&=P<2hu-N)
z!on?&oujKXOhvLXUix~>K62%kV^HCzZ=o^AJ2Mw9=uS)9e>YV-ai#%Z+?<UMoY?Iw
zSH)GUy)m<GNsv4iC*x2!|7c6!vvU?lo&W5z-4;{x$u?oubJZ|`9Zwn`8w=c=Im6FG
zGi}M=qQ4vyn4I~!N<Pd;sb`7b%sA&$y;#q=IX1uY{CE#f;5|B{TUhYVJ)8Y~hZp<(
zKCrc6%eo~AhZy;fUG+caeCbH$)|DT6<9y%NvrO>JIdtgcA+x;}`A7dc|DJKpWI4-I
zmW!p{USVr)W_>P9(|xtxAvI<D>wn7Y0`@s>$>B`=DEg(Xg7He|o|yBs8EOyTiEoK{
zzTGzKbn^B4DB-l3i|GIxGccq!pXJc<12cYwZDs~DHbe=qf*6wz$3FuLtVuY>2o|VK
zdI=WDO!kKe>`t*p1o!0sDQ5DZz&|K1ux}C@1H&-|1_ohZ%)mec<DbbPsY+m@DpRGI
z_H#_W!yz?!Ln;qgXn(3S<D1F1Q`NzSgiUx6@`8ndLBoK7ffr^1kZxdHG+8lC2CTy&
zO`37*<d`%mh>>a1_VW@L7%Fn~%kzt}lk)Sk^(u060=yZSM3~_zByx3Jk=_=dLA^{2
i3{oft=O<0>Ns^iTJ`LiYe?ZftCrhQPv8_%4sRID1UhPHz

diff --git a/spreadsheet/macrofree/azurefiles_sg_checklist.zh-Hant.xlsx b/spreadsheet/macrofree/azurefiles_sg_checklist.zh-Hant.xlsx
index 2905955f00cb82a3840234a86985bcc5357c0676..c8b982bb29a84d465b68d86b445ffbf9a7df8152 100644
GIT binary patch
delta 478
zcmex#iSg4VM&1B#W)=|!1_lm>@5#y&c@GEzsmO1<u1B~Sfuc+d41$v#(?#lAC&qgp
zHV`?w-|J=dtR-)|+Sc)F*>$iUY<d*!@ornv=XRA#Z*R}Oy6$$s2gB!ce(zSl6BVJ>
z(=48@v*SXu|F^6Q^Eh|=l`BTHZ4|c-xRY+UaPdw<zmEd*^SX7#=htvss4qFh#WdZf
zpoT?hx4>md&7)0Q;`3%O1SLo~H1f$^uJ3tNY}OF`?|kFQ$Vt`r^;Z_kY~DDdXrtiK
z_isPH4w3tMi+vsI5?@_bVZI83b(KbPlgzeVU3N^o%69#KK?k)$PHuMY*I%CO5&h18
zH~H2RmE|1)Q`TEWZA?0PYIeW!>#Tn~A#UGh|Fci(JfW-P>Rucc5EdqWM0ml<$4}Yb
zIa_l}mbbrt|7V-}+g~@%nxh2SW=^I9Y|Oww+kA#YDFDp)81aG`%(xRHzzSkaexLXZ
zEN~;~93xm@Wy(viz|>TKh`{qSYYte*Pu5B|2dhd+w*%8l)1ATeYbb4)VFBjnWSBwZ
QGpxY$qYPItt(EBk0Qm^fXaE2J

delta 478
zcmex#iSg4VM&1B#W)=|!1_lm>!bqu!yaxn<ROHTRz0+KbKv5<J2EoaW=_2*56E9{r
z8wecxKlM>{&qXcO2>ERr+YJ*95|i^4cWyIEb}BmjZGZf$HEVMWPI&Kozx)2(!lhec
zq}cV(MHJj<ikB_DUaj}m%t|53Z{>9M3x|#?USuy$pCcx*FVBDNg!xJQCccxJvK$t&
za8<DhSqm@bT=}GDOZ+-%Mz5e34$l4a>Nm}}m@RfN^MCrm7iUf`&VPQzfal|c-kk=5
zi{F3!{My1Mv$}uLbb-*NlVYp{GGe}_*sOVFkelySwRn2)Z+XTmS|$%GHf`wDI~QH{
z|ALKM=&U6@Dm_ao4|C0XTC?}3#b&Xu;S0=G-QD_M@Vd&)30pEG9zRU|$@`IM#i@dw
zeidufB_F=q67zh!ZPw}J@cSr1wwaUZ02?zf&^DjpPznGuK1RG?1~cx&2(W?}liw#k
z0}I?pI>!hWSefz?EHE|IA0qHP&6)!i@{_gF&B3Zt((S<X(sXAq{TfOeW>|pvIT>aU
R`3x&C{V2l~OlxI&002&?$)W%N

diff --git a/spreadsheet/macrofree/azurefirewall_sg_checklist.en.xlsx b/spreadsheet/macrofree/azurefirewall_sg_checklist.en.xlsx
index b9ceae263c86e8e11ad3c7b7002f87eacbd71cbd..d5fdddd32a13ed65db0493db8660d1b102a46929 100644
GIT binary patch
delta 630
zcmeBr$k_RikvG7bnMH(wfq{eJYqIi0-UFOKDzfd!?9E&gugTTNdmlCsIlABLW%cYO
zFWcJI@oU+2upVrB6z%bDThixtl}m4L&%U}YI`D(x^EtnFtKad8Q0r+HPuJOTq0ygj
z)%AItyFI@vMzl>3uMW8L+;HLIou+;t1?K0q>xj><VPA2eqF01PukyhQmNRdBeAJhS
z7+<Q}S;ykhxPYD2s=}qHsb23UgWpekcDHmtxf=83ZHXt?t)3+*H{F~4{QAb4Ynk#p
z#3o#uD&k}D;NXs5Co4Q=-3Xh_75nn)mVfRHGmoh1$mr%=+Wgt=z5K1?Tl5MXjeIsG
zU7cjQSUc=q&76qtpWFeGH*<IY??`RSH};7RGVqG<T;GxI5PS6W*E{WLLht&-Prv`O
z%{{mB%`a(`aN5kpbbyT+7*d<ha<qhl86gRCnZb-N$pWk(#$@))XJCO3ndcb60td5S
zf(6#*_(KH#=UO9zd$Mz$8CY3Oo;2g1$ushlz`VVA(oFj~CM)ENPJW*!C=ZIAJxxzL
zvX~hdCUY?`NC2Y_1{xaOCd=omgSC0)OWQn4W?-nu(JwBk%t<ZQtH{j>@MdHZVTQ+c
z<aYPhT?c@=#h4fvxM8LM=?2E1lNaPmLF~_$W_&dHX1*Ml_bXqTX><1E3)wQ-=!PwQ
cC><fs$iR@m!oVPmV%Yr2aRq8@?{h(d01zMcWB>pF

delta 643
zcmeBt$k_FekvG7bnMH(wfq{deFj8tF?*UFA6{&1c&dojXnq2+atiuKZE%B;9@=kA(
z6>fR#99^YhDw37)(${15kt@F(Z#{bQcJ+=v;mb~r;%Cp)?LHlL$S6@}k45sqME1JU
zkiFl0Zse9YZ0Qlu=UcGD-^q!+IDO6|iG6wgI^y$d_*J|wPttJEvn(oNJ65LVCLGiy
znYlm4o@t4~g=VJSc^6vhCuNHr)cl`*@Wq*vi{C%HV!(59LjO(!LDlzXKfku9xs%x+
z!`<=9i%U(Wz+_#WkzAPXjIh~VcV1k*^3R=NCzr3pJe{1y-Jhr3x8KqqICrUJZ?IJQ
z>uJ+;;x{LKE=<#Xwca5$W&7)Y%3_7PIyY}xI;C~GxcL$81?vtyt$Md{X3K7g%SChV
ze_Ns3A6w6i5>T5tnGUcq1A}Vw8IG24Fe5l&E;E?%Iaz=e#F)&M`3x-ZKJy$SSl~eR
zOR&J29Dj(wzg%lXcu#i9GXpED&XZ>RJ9&DZ5}3CqPnzif$7K0@(a9e;ShWMZ8JR?w
z;V~Aur|D@&7Bd6GWG)5<31B?JKtrSZWVw9xC{T2UO?VOVf`x%W!+?Q-7p4G6H!wa=
zW?-nu(JwBk%t<ZQtH{kkH-5YO>#hSprD9AB4BRMMe@&jBF9mU7zBJ?G$v5)lz`URN
g(o9>jC!f!j;YTxUvSWcX<ATYt1!`;`azSPR05+!QDgXcg

diff --git a/spreadsheet/macrofree/azurefirewall_sg_checklist.es.xlsx b/spreadsheet/macrofree/azurefirewall_sg_checklist.es.xlsx
index d24b32d4d864f5d2e2a41ebd28cedb57febf511c..00b8a83459b075ec386ac9cd2c8ab8f2775ec3cb 100644
GIT binary patch
delta 643
zcmaF)jPcboM&1B#W)=|!1_lm>@5#y&c@J;`smPo(85Zt|*W~Ksy$>6R9NmBFMfI#D
zZ<n>L<JYq5U_IFMDB9!QwxrMPDwp2go_%#)^vnmz=PbXM`|nt~!AF99{ke#Og{=E;
ztoEx`dt-I8H9_)N+#83&`NvxNo*lC|>Rhu+cUw%&N8JZK6GX!Vc06f(tSoS|b4HJc
zrrMIfWp^1SFgdexm3)}7Or(DPX2v<6>iKxiO}X>C%<F6I{BJ)eboXlfTM>V+?bC{@
zb_Kc$E4?&l6dY(Syt?`0h84-txn4C3r$7D`&-g@1FY#eQ;@mlNzW;f+vC?Z*Pl||O
z*QQkGaGm%~kG_3AG3)I7##1NCF8_1a5!mUhlAm#`=v3Ei?nj&fQ$H5TeqSip`di}g
zAM5Mi7M$&m{mXz7P@6fK4zMu;gKF~`j({jILq2&UGnjEXO@I}|nEWjJ8Cc+a&N)V~
zz=FJ&V1b@|e~7@n0&7HgPgW{411pOzlxF-pxx7#b%$rjv&2)fc^8Z57$sagawFA5v
znM9c3F&1e#@%ZXGW(I~cTnr2nz<7j#hDPDZ{|eQkK+zdC;YG*`76t|l0|o|Om;xZ(
zz<4~3fuSNtzqq6_C$(6wA~y%!`0ehmyAA-AiZL-TaHD9wHMzb>3gW^dX~x5ocNEEi
jc{husnWp4TUY{q!k7n3p#bRm3hRL?YYHSw@KxP2|7199?

delta 629
zcmaF$jPd0&M&1B#W)=|!1_lm>yhy2uyazaeRAla_DH2>0ugTS)%{pu#&=P<2hu-N)
z!on?&oujKXOhvLXUix~>K62%kV^HCzZ=o^AJ2Mw9=uS)9e>YV-ai#%Z+?<UMoY?Iw
zSH)GUy)m<GNsv4iC*x2!|7c6!vvU?lo&W5z-4;{x$u?oubJZ|`9Zwn`8w=c=Im6FG
zGi}M=qQ4vyn4I~!N<Pd;sb`7b%sA&$y;#q=IX1uY{CE#f;5|B{TUhYVJ)8Y~hZp<(
zKCrc6%eo~AhZy;fUG+caeCbH$)|DT6<9y%NvrO>JIdtgcA+x;}`A7dc|DJKpWI4-I
zmW!p{USVr)W_>P9(|xtxAvI<D>wn7Y0`@s>$>B`=crp4BYe4wNBHQl^XSVFVEM7GC
z{<jsn{jv4TDB-l3i|GIxGccq!pXCUM0y7knH!_16SJDJnL5#`Iv!8(lF65kJ1Pd(8
zdkGfk&G&~0+%K?31ovd+LNl<km_ljBKa(p8mB75Yh0;v>IVKf}PCj2KC=ZGp%ZbNV
z*D*6NoZ(_%kO0OU3^X(fP5xh~4%VevByDpnje(&eN58nFGAFfIuOc@mz?+dtgc%;$
zk=xy0cO3xg7Gq*y;D(t3q#GD-PHrfYf>>W9&3I_?&LTN5?^cmC)8xF#8}ekd(G6Sr
cP&z`Mk%1wBg@HjB#jyIxcExIJ=L<lB0L`N8l>h($

diff --git a/spreadsheet/macrofree/azurefirewall_sg_checklist.ja.xlsx b/spreadsheet/macrofree/azurefirewall_sg_checklist.ja.xlsx
index d722db0390af81ff10bcceeaaa4da0fd88a1affa..c6837c982441657c28032ea263d039245587991f 100644
GIT binary patch
delta 690
zcmZqv#n|wRkvG7bnMH(wfq{eJN3!xn-UFOKD)NtQ{Tz;o*W~Ksy$>6R9NmBFMfI#@
zciY<5@oU+2upVrB6z%bDThizDCtln0^TT$ZGdg&DPVu|<^9sCQ?${z1x2N>M#?}oM
zFV3;(-Br7(Y~`0Zq56W-62rtrJGaJh_xSH$?03R{BlE2Eo3pYU7P4?vF$tLqP8MAG
zq@^T&pEQG4&<ls=gAS3WUev30KPdfCoKUdriQ<;vRquaq(Qk{%Ir5_V?;oov>T5YQ
zdRmrfO?`5y+2QqSb?Jn_<J*o+`!YSQ?{z&(K=+Q8#}^N(Sz6~G{p<XBMo8r}<4J~-
z)=O=BcC<@B-_CE%%|EOw)@E&gTYp6LWS(c3iOzG@*}~@=R`pDO?Q)<><XzwA_o6Yk
zo6YRYzM_WGW-g`!Y|OxL+I*HHEg8%(%Q0aAGja<ASV4@*4W-Y(0-0s!7{LNo6)(X8
zYL)&Ffr=_?L|{+eQ)MO(3i^ZM0{bShF)$ocU|<ji#tRHIF#eh>SgoW0Qp2-$PmXai
z1H(r(W(EnE0wCScxR+z{9S*6<xz#*iJ8P<?8Pz7ws8$CX9X8=b$O{$*1`PuS23}-s
zjIopNRm*^N{H>O*FDPYTh%ZXbDc08mkpbR}Od`ziG!iKu!d|q5k%2*-nSp^H#hA!4
z28N0p{qp>x?4<nsY`u!y9CXdA<BIgQ05$b8F)&D>Xx6F#YmP6PJiSH{?3Ud%(u`u0
Nuh*!trB#8H0swKu0P_F<

delta 638
zcmZqp#n}9dkvG7bnMH(wfq{deAW~`~?*UFA6{)6?rOrL^nq2+atiuKZE%8Tx<elCm
zEZp+gIl4;2R3t0orLV{ABUgSo-g@-p?dlzU!k3*K#m}Cp+kHChkWr${9*g9IiR^Y(
ztKzEF-k8}bM7ec{vj^N+uDGyyr?FolPyBZEY2E(&*e9h&dWtAam$9^D7Pc0C%&B>_
zXG{D#dBz}t7mkf?{uy5NCr!H_O!>b#q2$?<i{-^x5^W_K$6{u5O#1%pXQ_<c%PsEf
zSdWydvI_HANQK)=@&^hpyShxtyvlUze?bSgg`9^cx8~Lq-s}3^{>^aRXPxDqZj)>7
zUYaDDz3o=boXGB9+5wU`-|qU~v0CM}O6AR<Q-`#>q#v;cgg-2@{eHve&|Qhlo#*na
zuS`3>Za*VRKy7AcI>5#Z464niIMR~A4C5RV7BC~LK!6p*m|R=>3@ngVc8(D&U|#VO
zETCNJ4-qJ>vPOjW<egP!@}ST^C@!#X5*q`<F$D$&VPMq2Km+67$$ZsHU^P5z_v9ES
zGcbHqV`h+mDFD(9jRz+CSF3}qtE`r0(#)A0P%S!nb+sT^Xn(adW5VRy)iPk-uWD(l
z;!*~N_@dODVtqXj8Q{&xB*F|&5Ru{`>_tl$85q==85sDH?O}|W>|Y}XHm0CPno)Oh
fPmLznWlJAQN5}(pB(R{nUUKr48a1}eDv&V%sP)`q

diff --git a/spreadsheet/macrofree/azurefirewall_sg_checklist.ko.xlsx b/spreadsheet/macrofree/azurefirewall_sg_checklist.ko.xlsx
index 217236b348eb85416d0b640d7ee70e3b42cc98f4..3cf9ffb5f2840b627924320c0c4275676450fcac 100644
GIT binary patch
delta 465
zcmZqw$k_gokvG7bnMH(wfq{eJd$RIG-UA#!D)Jkz>ye39<?G|U4;zRa-S73Xde)M+
zU2W_5wd^`r4>moD_IS4~>2tfvrMI_dUtM=Q;Dh1wIlp(S--(J)>uDBG*V%EQ+5cPC
zg?XI2{mK<1+BS+?2i!?FT)23rq2EV=`FY*C;`3{`E!3AB;$oU^Q&7XAv|He^q~_74
zE%A9X7=jWc92)uLF84gDFE(ok{&&9dWaOmk`}!*jWj1e|QM6I;==-;yUx&zjy~Vzc
zb&0Pot1w@M!MaK#xk+Z*t}Z(!US+%fzo3I!AtyIG_v<fD_K1GxzngsPiOTYhfGO*(
zqBbTSJvF;u`E}Mmo)EWhv;WyAb)L{wa&<2b3kVAnKO($f<>RMp@0_i<%iG0YzyGsM
z{q3(CXU$Q9X)`C&0XAk}Ky5z5Asi28JWA(b0W&^k3$TJ1lUWL%fd$?co?`?H>??i=
z7Fbo{4-xoNY7GzV$@XRDU{#f6c3^r}nKOu<R1T&lyOmpjg&WJwAkyVlVETKxE10&g
G@Bjc+Z_fz;

delta 465
zcmZqw$k_gokvG7bnMH(wfq{deAW~`~?*R@V6}iXR`1!=E^7Uu44jTxx#2@{kcY2br
zaLZ%o=qe3Uk*tiDz8<rWT>0e~RQTyzXw31>%!LcO)6(|eP1R1EX}}jZXX67Wc00>e
zan)*X%xqf{B#*_(I26u5+S2#zoW)V+Kf7$V#ngPVO_=puHB4Z~lg7u!0yk&Q@bl12
zTk^N)FUJHXXMV1d4>MBgS>iV{&iPa?)^l!-&96K^-oq1kkIv{87W{M1W`Ez|#eTmJ
zY;D-GZb`x+M*d@0{f{|cI+D3{<%ixl-?#NF6FhSc9Xff)Y_CQB(Z9~WXIwK`&hnJy
zVyU-R*qWPJp9|A;U#)jYP1*kXpYpnZeU4jlI1@jLerc;<yb`)6=6r32+QWC^TVkGX
zx6L}8eEmL3Fm2{!I>5#Z45-a#IE3TDj7RA_EMUgRYynmfV=_zOGqAwh!gGvZfqlg<
z!2+vF{2>B=O0D6cJ=wm@9IUFc%nnTNDsu+Wlgh!=WVdn)uyA9!8AQ6=3QT`5cLme-
G6&?U9FUfiU

diff --git a/spreadsheet/macrofree/azurefirewall_sg_checklist.pt.xlsx b/spreadsheet/macrofree/azurefirewall_sg_checklist.pt.xlsx
index 10b4d2382e43c1bea090d186849836c909ff99fc..c18fc5217ceb3a88b02efc35ee13783009ed817f 100644
GIT binary patch
delta 626
zcmezPjPb)WM&1B#W)=|!1_lm>ugS_2c@GEzsYsdihl;rvfuc+d41$v#3PtK$C&qgp
zHV`?w-|J=dtR-*T+Sc)F*>$iUY<d*!@ornv=XRA#Z*R}Ox-L5KgW>Zzzjv$O@rqFE
zX%<h{*>R!KpKsOmd7QgFzbi(xZ4|E#xRY+UaPdx4zmEd*^V)UA=hv`XsHgObvglPl
z_`%{*rnXEts7o?)e~dlTk^>i-nPhF2)k_|op2M*G&wS>^#_Ih0W(OZONO3lNmZaQu
zfA;h18*N@~;g8|=c<sfdCi5X7=5LCPif_(p-`4eCvZDSgH~2gf66+H)dwH```<?u)
z<6F*o`Ux)7h~HXrwo6ny-_CE%(Lby!dfsfiTYp4oVzf)wv}bD;tU0s3Bi$kP=;^O_
z+S7z2-}Rk-|7V+fZsnU_(kMZ;nTzQF8#6G_HlO7PjRG@NlQ%Pi8Mo5}SV4@*@3NnP
z1+M3uV+0GV$a@JEn3C@g5qMT$%?S_r$y$YG@*v(pae;l4*ccd&DKIby1ET{58W{gf
zt}j#qt1-)Hn6DJYz%aj*i9rIU07y49?w@?1P#tXDt3qie@#M(|3q>c(6bXWb42q-~
z&rbF!k^%Fwi=?d{WHT_t7p3MD>+6BY0B=Sn5oUPOh!hWDFIoaj6Y9(i4E)IUFrJ)z
iphymE%tN4|vnKy7(ggD~i=`RcCc74^v0W<wX#fDEyYZR;

delta 638
zcmezHjPc_$M&1B#W)=|!1_lm>yhy2uyazaeROI)WXK!#%ye3zFHtVo~Kui45A9|-J
z2~Xxa-oEWiK$gap3zue3Fza0TwRy>-CvR8p=$kyj$x;05nY!Jl!wwlG%IvX9KG@1v
zvnhP<H=i4&ySNV;_3XXT_{grCQ}%3cVORT)(&(I>KORLNFgfqNMxo#&^Ko~DO~!_E
zCj_1G`2F^mpaN@~oXCp@h9~Pe?9!Pnp8nU7m}|N7``tNGZHm%ehT`f<KNeS3O1Hbu
z{nnVxm>KJNu!UK!XZ8Hv_9dN{vw|OT@11q)KbOMf8!fHPt)*2(_qyAUf74u>>Bo7B
zbJ6K(Q`SUmI{NDKiCwGgnWs*?yX<%W4u_vy7dNT49Cd%M*P-qZd-U|zJMC#g?<DxI
zzrJ&8aarw~U+gFWwV9LY02_0Dq}1j!9HCKQhD!2gW-#McngA<^G5KxwGqAw5oO6s|
zf#rEG!2*->{TZ2o;XL_ifi)t$Cu<g($%8`wpt!)kNo))Z#}pVCgn>~50}YISC)X7!
z$pg)fG|On1uN1|=Fu#<EK?0@#NH;Vdn7qGG9c<mpLTM(6<jDsLMJG!a34(?6i=-LP
zP4+I50rRqoq^%xiGcd##rREgt>w(AsZ$>5&W=Mhn*&`mpUbKXffkB;_fq@^{9>!CX
r_ZP{5jd=hxboS&wMVerjEqy2*ArI7%z=H1j_Q@{AYHZgFK*j(7DKPTO

diff --git a/spreadsheet/macrofree/azurefirewall_sg_checklist.zh-Hant.xlsx b/spreadsheet/macrofree/azurefirewall_sg_checklist.zh-Hant.xlsx
index 8395598493a7406fe581e79056481c5de9b3ae82..45d58d3b6c992bd53556bd9fa4a255d4eea6d375 100644
GIT binary patch
delta 632
zcmZ4UhH>>9M&1B#W)=|!1_lm>Z^_CNc@J;`sYuD~_v5)HUX!c8>wVZj<mmsYm%f{L
z+PAf><JYq5U_IFMDB9!QwxrLFLNCAFpM7=R?SK!4&*%K!t$rseLanD+JY8qUg=YV6
zSr_JU?)EEJjA+{^ZXIwZ-EiUJorZoN1?J~<>x$2>;kHmuX%%JBt9<Z-!=+4dnQ>4T
zYv%qt28>G%7&I`++ANbiTK_zUVfml=%#$~(eBT!z^w=UT+3;zSa@YOa&#$kvd9{^4
zhTCIy6qlOJhlH5VDK;v(Ijenp^}kfb{a0@Ac_bvpCwA@S$x7{a^1F_2IqB&qxKLxg
z)vhGhqo-!~E5FYA#}nfAZT3I=q|Ot%O0Mq3VF6)b;zxuRtbF{G?VYnVcX_+`>-T@Q
zslWYo<E%MKIBn))I>5#Z45`g$Ic~>*8LLxYFoPM>G6h&cjL9qWo`D4><)32&3nUl5
z1Pk~V`9lO27F#2Nd-Bs_Gq5tb5^2UildVdWz`S@MZ~x@#5_Ne{#LQgvG=3{H1H)8q
z1_lXWtieD-<J`#yOVq(SUYAHmc4RUzROILvmsIAY7VA~y<^*^%GKnz5BRX=s`|GX)
zK;2?Y3=BZC;GltVb{+#md{JsnvA!ONMAJAqzEqmAWpZ_?9N4ZoKwjwN9i^IJ*DZZ0
e9U;%iz>vVgz#t4al7XRt(Q#6l8r#HTkQe|hNAafs

delta 631
zcmZ4ehH=dsM&1B#W)=|!1_lm>!bqu!yazaeRHU*&IXCyjYjX8xvkn^ww8X3a$UD7B
zR=DM{b99x4sYq7FOJ9%KN3Q&Gy!GhG+toYzgfBZeil04GxBGP1A)`c@Jr>Ca6WQxZ
zL-v02xshAqu%$;ppKrkqe<vsQ;`BL>B=+U`>xj><;aBm#JW0br&$6h9?O2(bn{ZH<
zWaj=Dd!{7{7n+%R=Ur&2pOh_jQ1gHK!53#vE`I;)iUH5b3H>__1XbUk{ruXZ=1yjR
z40p#XFD^Bi0+V%hMsi`kGs0$f-Fb2K%0G98om{>W^K^0+cYmIC-+oJf;M}E>y}?rH
zucuAZiQk;`xiC%l)q022l<lwoDT@{E>fF3(>6F&#;^s%V7pyz<wCdf)nJv2|E*H(c
z|80eCe{4N7N<eMqWIDjc3=FExXE<)hfElY&Uoe9iQ!@ovL5#^O@}7YOCgz`G1Pde;
zz61;S75PI178F|}!h7<QVl%KZ*%E2SzmqLXl)${W5^1Ib9Fq^0h)$kRA}9}vo|&tj
z#&2b2V3^9yz#svPI~ZtaoHzMEi8@%@s}gCO&P)b|iX8polFFRaV!evooB(e|CJ|<M
zbVqJ?f8BKes9TJQfdOb195gV_ne1391+l+Wnz40qRjC}9H@j4tDXegEVWEsRx?xKn
gN=L{uGB6~tFfa(ijbdPEV04=Nzf_HFQZYyn0B>sKwg3PC

diff --git a/spreadsheet/macrofree/azurefrontdoor_sg_checklist.en.xlsx b/spreadsheet/macrofree/azurefrontdoor_sg_checklist.en.xlsx
index 289f06903f1cb74ae9a92903385a7577685691b2..a0239cd47364806c8556b5e3c8e241a770eb2193 100644
GIT binary patch
delta 634
zcmX@Jo$>5;M&1B#W)=|!1_lm>@5#y&c@J;`smPo(85Zt|*W~Ksy$>6R9NmBFMfI#D
zZ<n>L<JYq5U_IFMDB9!QwxrMPDwp2go_%#)^vnmz=PbXM`|nt~!AF99{ke#Og{=E;
ztoEx`dt-I8H9_)N+#83&`NvxNo*lC|>Rhu+cUw%&N8JZK6GX!Vc06f(tSoS|b4HJc
zrrMIfWp^1SFgdexm3)}7Or(DPX2v<6>iKxiO}X>C%<F6I{BJ)eboXlfTM>V+?bC{@
zb_Kc$E4?&l6dY(Syt?`0h84-txn4C3r$7D`&-g@1FY#eQ;@mlNzW;f+vC?Z*Pl||O
z*QQkGaGm%~kG_3AG3)I7##1NCF8_1a5!mUhlAm#`=v3Ei?nj&fQ$H5TeqSip`di}g
zAM5Mi7M$&m{mXz7P@6fK4zMu;gKF~`j^j>X#x(D_%wUF@zW^(UG1)WZ8Cbw5^c*8t
zfI0jnSm1rQKSaPW(i#!olUpOrz{>VTN;CeQd@E83%=-`I9hfW~r7jPOnLSNUJF=J=
z7$$QuFh~HS4F(z-yCx?_se^TNM@dI&`7<z7<meZdROX}>>s93D1b8zti7>-sI&!=F
z>#hSp-C|4(4BRkNfOG?+Z3qKHd{JsnvA!ONMAJC=f0Q(%+GOcyIj~(e(bA0HCr3nU
hf?c=tp>%{iBLhPM3j>2NilL7uFNjuSGmZoa0sx;@`f30G

delta 608
zcmX@Ro$<_eM&1B#W)=|!1_lm>{79*ZyazaeRAlhal{H)wugTS)%{pu#&=P<2N8ag8
z!on?&oujKXOhvLXUix~>K62%k<E=+e-mc!!Cw$q-QT*(gy4|P44jCoN?6F8bn8<Et
zwJNS!?Twk8LX=yFID5dI<%$cNcN+T@^2BdfpVsZak9|^lq^F3&bQw!aW?^gL$DEo+
zd$z={lV=PPc;VRS=AYqJf6}!3!Ib}-6H1;vxmaGDCDB%*aV%y=$E5GiewNDEz1-ry
zj`c{XDyuM`g;cn`B!8grva8FK%&Sbd{ugv`TgZ8Ma%*l);k~Zk?cWU7eb!m-={C9M
z?xjhh+1qZ_%!%y&r5zx7^X;zx9jjGtt5n_$I(10<1@A|u6{`z&&a2K*d-zU#OU(1_
zwppi>uir-rr_EeU2iTZ_A+`A|$8jexW4iZTW-!CtUw{?FnCunu3@l(AdX5n+z!Lrv
zEbt-RA0prsX^jZ($!(ElU}gIwr5XQBz8$Fq;!TQ@X52qnCQ4l%6fb+4o_1t0GcZi%
zVqlN}Mj8w>G<Hr-ic$w_?*Z!2oV+4R#s;KgyZh^|13+bBObiU%Fy%nHfzc*}fg!#q
zHK$l#4@3rdGct)V!&AbfXlX{($uiM$U^8ujyl;~uqcy><So%;pLY|R<A%TT~K^Vo%
ON0S#utFakHf&>ANw%OhQ

diff --git a/spreadsheet/macrofree/azurefrontdoor_sg_checklist.es.xlsx b/spreadsheet/macrofree/azurefrontdoor_sg_checklist.es.xlsx
index eb54183509a062716f86fefb698eec7ee386d106..c59690a4001e56b5df2d1cd175cda1a5ce7a1d55 100644
GIT binary patch
delta 626
zcmZ3un{mNzM&1B#W)=|!1_lm>Z^_CNc@GEzsmSI#ZS%Ppfuc+d41$vjqDAUkC&qgp
zHV`?w-|J=dtR-*T+Sc)F*>$iUY<d*!@ornv=XRA#Z*R}Ox-L5KgW>Zzzjv$O@rqFE
zX%<h{*>R!KpKsOmd7QgFzbi(xZ4|E#xRY+UaPdx4zmEd*^V)UA=hv`XsHgObvglPl
z_`%{*rnXEts7o?)e~dlTk^>i-nPhF2)k_|op2M*G&wS>^#_Ih0W(OZONO3lNmZaQu
zfA;h18*N@~;g8|=c<sfdCi5X7=5LCPif_(p-`4eCvZDSgH~2gf66+H)dwH```<?u)
z<6F*o`Ux)7h~HXrwo6ny-_CE%(Lby!dfsfiTYp4oVzf)wv}bD;tkGHDk?s(C^z_#|
z?P)@i@A^)^|Fg|KxAM&|X_O$_%*AwojTsndo6mBzyMP(tz8jgr4DLVyRuE&dT-Y<P
z0DJg3MzFw*h?ii2Ba!|P0kLRnPI$;qj*2#u2k{Py3+$W3#=vk)fq_977#%Rs!1!nK
z`e-Gvn)_4A_J_DIFsxN)Vvv9-0MZSO`zL>hRtH-r6(h~$={xyjwCH4?7(uX5LX0%y
z-^n#GGGN~97-=hkFb0PBqSTyXeLWBv;LXS+!VFIuk>VljMN5EbLY<j`fgjl(#-Ecv
h#K?h-5sZ~)JT+N2RujyN1oE~`E{#=VV~Yl9004Qa>{tK*

delta 638
zcmZ3mn{nZ8M&1B#W)=|!1_lm>+(@a3yazaeROH{4-y66mUX!aon|0Vgpe6q3553cq
zgv~jQw{QCrkfm|u!ll_0%sN+oZC>)|$=lUC`X*0sauh#%rf&D?utP?PGJC9&54Q5v
zYzp7|&F4nxF7AUyJ$r97KC<iPls(&9*wy}{G&*PJk4Mo5OwN0+Q7AaceB51Old<94
z2|;H(e!u-CsKDALC-UNf;mLXqyL4uYr~h>%=34Ijes_*ko1%1=p}4xzkHwXh((UeZ
zzcpqvX2yCRY+;t`Sv|kEeM#r#tl)>-duQGH&!sT=MoVjRYiU){z3%qo-!#`|`f;A(
zTy%Qclr<5Xj=uVQV%I8r=BX3!F8kfT!{H~_#Z9U$N8R7+b*MYU9zFf_PJ5crI|=^l
zukYMiTvq$$7duKoZRTV;z{U&=s?BFO+FihmFyD>LU<Oy904s<wSvKq$Sb#1393xoZ
zdc;exz~M-Lh=6FcH6pwxM@E~;gF^qHxWK+iYzz#?6c`wUfl&hk4UB&$uZva!tGPd=
zY=4Lg1H)Q%CI$(Z0wCSccwqATXmzl4k}=XuUcQq*M2k-Lju8Y4#m7i9{+nDKBLn8m
zijlSw3}ax3FG|fR*4G1(0p5&EBFyjv5h)(RUbKXffkB;_fq@^{9>!mj-^a*-jS+~I
jW;{JvCsq^evZW8DBjkZP5?Ih(zkPB^tQs48G{_hLD(vhj

diff --git a/spreadsheet/macrofree/azurefrontdoor_sg_checklist.ja.xlsx b/spreadsheet/macrofree/azurefrontdoor_sg_checklist.ja.xlsx
index cc7d541845b834ba9c8821560adb40f7ee76aafa..285c25802939d0f80ff5a64544e8a5f3d773cb04 100644
GIT binary patch
delta 633
zcmeA@%Gh_5kvG7bnMH(wfq{eJd$RIG-UFOKDl#WchJ}0LHM#nD@52TnNB5t4Q9WzP
z+huL*__gdhSPwQmiuQQ7E$MT+%B8orXJ1_xJ@Y~GIm_?m{yUa#@R49&e=ee6A?yAd
ztNp6g-dNpiO^`em_r{@c{;`(6XU8m#I@j#d-4;{xQTIX51ko^o9Zwn`D+}E0oYCW<
zskY>A*<FSSOwR0FB_C!i6RDrSnQ_jidOn_WQ||mO^ZHsl|J%<A-Mt$BR>a?H`?TV!
zU4gE`N-xbB1qYf7uWtUhVMTIuu2;>%>5qTKGd@w$OMIA+ICsvR?|&X{tn^ydlOiJ6
zwJFs(Tql0hqi>&2%sM;2@zja3%m3VU1a>;B<Yyc!I@L9s`w?fr)Q?57-xtcY{+2lW
z$NKuW1!wzX|1zKi)Miem18mH|pxS(f<D&<daUjry1<d#!D!>Y2Oy-Jy1{U}neU1?<
za3uC6SYSh(KSY2j!5R_Xlid=`z{=_qq#6HCo}His<{e0oW;(zz`Fx=0<PRLIIsx8{
zOd`zi7>it^uRM>Dg@IuiF9U-FFdku`p>azfP?OYT+e99)IX;QfjISqWB+A%;VtBjz
z>#hSpwPH*R4BRk1K)QkPUlapFd{JsnvA!ONM6+-50iZF@C*Mhw0~`7m$lEblGD%Y&
fWa!d|(h>5E3=9cC_XwjHx@2-<k{a8Wc#t3fp^p60

delta 625
zcmeA>%Gi69kvG7bnMH(wfq{b|KT>KU?*UFA6&d_<WewNFYjX8xvkn^ww8S6%k#~BN
zuyD&`=jbX8Q<1EUm%bjek6iiXc<a%Vx2t#b314<{6hC{WZujZ1Lq>@*dn}R<CbHXE
zt%|Ewdt+v&5are(&K_`Qx#Gg+oyLBJJn`Grr*-@9W1o~B=_#TxUB=RqS=d_mF{kFy
zo-Og~<QanmUN|<o`Db|5pET`$Fy;T|gpy}ZE|wQ(Nwk${9E+LJG3ooWpQSQ(FSod_
zV?9!;$|}rfAr)>f$sZ`Z?CLTl^D5J={{<b~7IGe*+?rccc(3bs`!~aNpLLddx=pUR
zduftr_O@F!b0WKcX$MH&e7oy^$7+?^DwQ{bP94&I!TXVE#p;5c^Qv>y9=;Rb67zh!
zZPw}J>-SN@X)_no0XAk}NNqmL@zDd!I2dTc0%rUO6<`H1CUZwW0}FhKKF0_aI2!vB
zEU+=oA0oh<V2udw$?geeU}X&n(u{v5&q+`M^A09RGwtV?d?8SD^5+CW1yJm)(N~_w
z$il#|jF*8y0vL5L(9pO!5U5aUvRxt%Sg&uQG~=tunTawsAZ^>-Uw0h<sug2mVBm)7
z0n!bOf1?-};)_yqiuLtCWPmp#lL#|BQA|DvH0IglyNPmOL;nGJ+b2sUX@cFd^r3Ww
eJR<``0?<9eD26VMn|vTnbaF+K0NdwykPHCG6Xdu6

diff --git a/spreadsheet/macrofree/azurefrontdoor_sg_checklist.ko.xlsx b/spreadsheet/macrofree/azurefrontdoor_sg_checklist.ko.xlsx
index 2fe06736c7a2a06e4244803eda044dbdc2f1796b..5acd7ea177ef6a5fd7244452a4a95a0c8e7c050f 100644
GIT binary patch
delta 466
zcmZoU$k=j_kvG7bnMH(wfq{eJTe9**-UA#!DpGR${rHJj<?HWyA2tv<`hV)B?<Su1
zZEfrLwd^`r4>moD_IS4~>9eEI%WwB*UtM=Q;Dh1wIlp(S--(J)>uDBG*V%EQ+5cPC
zg?XI2{mK<1+BS+?2i!?FT)23rq2EV=`FY*C;`3{`E!0z5MOpMJAN=5ODN|f#9Mr{{
zx&Mv<<B|gg4NS5&%OsE1KhI%U{%1b(<jpGI_r(W2wn$4he43=(b^rGB>nm+uZRL;Q
z_Lv>Tr6%(sA?9<6jY@9LYTsV{FI92>l^c8>35oHEU3+=5Qv03!uH#!ydin`2)L3t|
zE6MffsoDL?ue1K~gt&d1{m(wB^MtOFt9x-+Kv<ag5#a?ZA3tS#=WNYg-Y)+7{hw{>
zZ-3o5YmO33n>m>durUJzYV#Qm0e3LtzCRBOnDH)HfEC1;%ozC$EbuDw93xm@cl1lJ
z!15S>h``TSYj|i+wuv(bt164L1Jm2%oWb;8DD50?0p{1mn?dB`t-$n`cvmoOli&dW
D-U7_T

delta 466
zcmZoU$k=j_kvG7bnMH(wfq{b|KT>KU?*R@V6&d_<WzEE^^7Uu44jTxx#2@{UcY2es
zaLZ%o=qe3Uk*tiDz8<rWT>0gA>(P_9t9SGXUv_d7KYONb_vx@hMu{?eERqi<vfEj$
zimO(8V`iri<<=q29&l&5;=<;g#(sr7@!Qp>b^GsQpOhZyDWWi4#?q2m*jo58r{>X~
zE%EE*8G{5~I5xWZXL!}0H0^#c<^Se{l4nmYmKSG9w3TQai<!|e>HD*vr80Iex45rk
zJyNR5D$Hjg6>cxdA1J)+>M|wsD$}k11s&WLavq-Cnp;zNuj_aFH^X(Gb(VX&O|H3n
zX_9F6wp%rGBD;TS2T0z0yX$|)YL(k6l{bS<9nyZm`;lqI>Vlo~s&mvHz7yXP^L)E)
z*6HNy_fdjrGbhslHfCTzZ9c;x;0|Wo_vc{&Gu{OYu!0zq86%&81zts-V+0HAj(!Oi
zSRUgK5%?Kv4G-<fHgV=)Rb_E@V0wF;GnoDhrJds~!2G&+Gl+b=6`1}K?+T`E5<CFn
C*uU5S

diff --git a/spreadsheet/macrofree/azurefrontdoor_sg_checklist.pt.xlsx b/spreadsheet/macrofree/azurefrontdoor_sg_checklist.pt.xlsx
index 91545a2cb42cf710a549b2db038e0f09ba968bd9..3eba15354501be8b4fe58999a40048b5acf326d5 100644
GIT binary patch
delta 466
zcmdnFn{nrEM&1B#W)=|!1_lm>@5#y&c@J;^smO1<u16+bm9LNYK5QUzbidcj>RC(P
zcD1eJ*RtziJ=pXp+T-1}q|fatm)_o<eRbXKfDeYx=ltHSekUqIt*2Q$U1!IIX8&(l
z7v^#9_A6J6Xxk`m9dIYzaN**ehJGIf=I3?miqEg%woqSkh>K~uO+gKd(r$svlA1@G
zw#4VnU<gW(aA@R{yWI1rzSyiG_}}@)laZ6E@9VEDl-ay-M$tyWqwn8-ejOtB^%na&
z)+N5WtipU12J0$~<R+PIySnU{c$Mw?|AG!`g`C{%+^@ep*(3U$|8DZFCo0Q30;a6D
zirScT^wjKr<=0vNctYI1&HiVf)OkWz$<@6$EFdgQ{D|;^m5-mYy>qtaE^ilq{r=B3
z^|!xnoHa)Yrp=s82iTZ_0k!!I$2=D>BiDB`Gnk<qD8LG0Og0O91{RPHKgS3b_z>|D
zEN~~%A0nU^Z4D3Y$%WD8U{$N5?ZEV#XlF2O6a%3vVl2S?%`s*W`4}rOtr_bIrVC>|
E0AilZ<^TWy

delta 466
zcmdnFn{nrEM&1B#W)=|!1_lm>f=H=}yazadROB9K<L48v%GaOGI&2`&5`XlE-swrg
z!Yz-TqpLJbMY1wp`g+Vha^;s}P~oR<p)tohGZ!xCPD|T=H&r`vrU75voQ)5h*zGJ=
z#Z{}lF|%z+kUSPA<4`#NXiML-a~4OP|Ln5e7E|-dHeuFt)i8k_PZ}Q^3*4MJ!_PxA
zZOPxFzZ?^oocXy*KFmm|XNlj;IOkKnSkJjRHox-xcn?qDJvyUXSn$t1oBe%<7yJD_
zu(e^!x+MvR82OJ~^*`o(=}6|*l^=TJeBaiyOz_M(bm-(Ev%MDiNB=tio^j1&Im=U)
zi>2OPVQX$?eJ)JXeYM^pHD&wjf6D6u_Bn3J;Y|D}`lYRc@k;2PnDez6Y7gIuZ;5%n
z-8SoV^7Z>D!L*r^=>QuuFrYS{;h5(FX5{*AW(G5q0|i(?jLBwU&%grm;pZ5^0v{q?
zf(7nG`a=ZtqOIYfJ-IO29IR?}v>lj!6YUJ9jbb2lMT`ZQzd6PXA|GP~rZr<-!E|A)
F2LLtE$5#LV

diff --git a/spreadsheet/macrofree/azurefrontdoor_sg_checklist.zh-Hant.xlsx b/spreadsheet/macrofree/azurefrontdoor_sg_checklist.zh-Hant.xlsx
index ff68a6b50dfc8dd39724d3f09c5f13d957de2903..7e5a7b02e085f65c1dd19326ad76061e7ba47093 100644
GIT binary patch
delta 633
zcmdn9mvQ%AM&1B#W)=|!1_lm>ugS_2c@J;`smQh?vo~{1ye3y4?|s-n<mi5{m({bE
zyliV*$FF7A!FsUiQMAXqZAqWoRW7}~J^Sjq=)ez#&*%K!t$xQVLanD+JY8qUg+_nA
zRoCZn?)Lny7|}LCygJ~{bHjy;cbfWr6qujat|LCbhJD3>ie3>Gy~+nKSkAoh@ljtQ
zVtlD?XB~@2;{tY8s|uH*rh2`b41PcD+1=9p<Z8^9w<Vrnw|bVO+;ngD^XnUHu4T&a
z5Swsqs)&!pgM&MMoviSfbt7yxSM1BHTmHE-%sis1Bcq#hY4c~d_wu)nZ_z7oH1gS$
zbaj&HV(qYdHFF}me{u&%-pt+ozazCR-`FQQ$iOSYbA3m;L+sJhU+=W13BBtRKmGpC
zHuv1hH@~D&!f7)X(*ZVSU`TB~%aQF0W?1{ZU<NbPf&^GWjLDYa&%gpo5$71e0-qya
zf(7nJ`9lN@W2_OuJ-IZ-46JNjj5On)$){qJz`XZB-u}tlvFh@mh?%+SY5Z1Z28OBJ
z3=9&$Sc8FvM%~GQvFczQ)v?l%5<v_M6*>CFC6zg;#d;OFIRV~`Od`zih>qOu{<`Y`
zP`4Np0|U@3IA~zh4rgG9FG|fR*4G1(Xc{NKkCkQ=namw02ewNmPMY!QWREyau<MpS
gl#Y;RWMD{OVPFu38_B@Xz<6=;gg7-e#Tbwv0Qh3?Qvd(}

delta 631
zcmdnJmvPTtM&1B#W)=|!1_lm>+(@a3yazaeROH{4-y66mUX!aon|0Vgpe6q3553cq
zgv~jQw{QCrkfm|u!ll_0%sN+oZC>)|$=lUC`X*0sauh#%rf&D?utP?PGJC9&54Q5v
zYzp7|&F4nxF7AUyJ$r97KC<iPls(&9*wy}{G&*PJk4Mo5OwN0+Q7AaceB51Old<94
z2|;H(e!u-CsKDALC-UNf;mLXqyL4uYr~h>%=34Ijes_*ko1%1=p}4xzkHwXh((UeZ
zzcpqvX2yCRY+;t`Sv|kEeM#r#tl)>-duQGH&!sT=MoVjRYiU){z3%qo-!#`|`f;A(
zTy%Qclr<5Xj=uVQV%I8r=BX3!F8kfT!{H~_#Z9U$N8R7+b*MYU9zFf_PJ5crI|=^l
zukYMiTvq$$7duKoZRTV;z{Z>xDYf|wN46`NVdeLN8O%@(5?}=}CR>C*0}CidoMQwF
ze2RPt7PuGX&&Ui6=g9^!)`;+)ToPjj7F`=7&G>in$rvTDrgt&YOb0k72gZs{R)`gp
z2O1nXbJf%Mt;`GzQ@I%!B!F=T0}YLOlLKPa!P=@~rEMgG7#J#Y^ovU>b5e`-DspoI
zycwB9m?6;(GHAQ|>#hSp-C|4(3_!Espn*|m^2Jywi2bqBjG~jd;^e?Q?Ko+sXOWW`
nqhz$v4O{w9Izpb2fgyo~fk7B<6azy8<E6>{acXQzF(5$zpN#Af

diff --git a/spreadsheet/macrofree/azurekubernetesservice_sg_checklist.en.xlsx b/spreadsheet/macrofree/azurekubernetesservice_sg_checklist.en.xlsx
index 47005e7564ae25810c490a5e964c264c75ae64c6..8ee6991450c294d41e58128394c3b048d2fbad01 100644
GIT binary patch
delta 625
zcmZp_$k=g_kvG7bnMH(wfq{eJN3!xn-UFOKDl#ohErxsIHM#nD@52TnNB4WZte&;x
zZ5wy2d`OJ|cN6Q;?Gx_g9(~5|x#aeC^VPB24G$ilQ~d7zyaMgSnFf4ub2mP4Vz;}w
zI<8vnjn&=O1j%D@ZyXBeA8qM-cFf|abImT@Z80?;bsx-`pc*Ey<4NOVWr3SBXZU$&
zrY-qf_LpM<lQTb8$%h$fBK7k(GtT)`&)0Kq&Yj<Re!Pb#@E)Df-K+60Bkta@Pb)6l
z73eCg)z+L*aG<&H>*kLWOg64H6Ww=Vb>`po3`U*a5f%{<%hjLnt*FSEf5}SS(zRt#
z&BaTq+G1<={I=P&?%8>V)RgTn|0z%FSR<erHEVOzrlL|u8^%{!aqFJjnM^LIm)P;|
z+*;eL>&MsCGoS?2W=^I9Y|Ox*+I)ti$sf!JjF`&|W_*kmU<ENIvm`zP3%pG{#|ReK
zm;4eeuqwqLBJd~G8WG-;9n#Fe$|}>O8UIe6nx+Ki?MjnoI>0eGAwqQW2M$*L0B=Sn
z5oUOdO-h$$a*Y7WN_nBlM21ax5%PkCfkDH7fq@qo!!Xdm_%xb<p(01WxTG>CwOFqr
zHwR7Y<i>Pq#vhaCrb|Iw0OUQKd@Ws00hBgY#}(;q0h-mz#K0g0GZRQRFm6hod^TBT
YvOxw9Set!@G~>L<(HUxN?@~eP03KoVWB>pF

delta 635
zcmeCU$k=|7kvG7bnMH(wfq{deAW~`~?*UFA6}iXR_&L|aYjX8xvkn^ww8S6%p?7+c
zuyD&`=jbX8Q<1EUm%bjek6iiX7*zP_TWHMj&dh}iy3^A3-%Zs{oN2%pH)rDmCw4o_
zRdLm7Z_I345+sks$v70wKibmw?3~3>=Rdn_x5d<avQ3!vTs2H!$CJj##sW8I&hYcl
zOk47|=r6|vCTD)Gk`FUd>RIA9GtT)`FV=Hzj?J$;Ki<O=c#qEL78d+-&t`w$;l+Nx
z4{UANvTjMjAx8dVSN)GUUpkVxb>)ZNIN!JREE7C)4jnpq$ZW4g{?WhAzh_)CS<dp5
z<zlI~SJ;}HS)U8jbYHD^NKM)P`k(T;fPIczaySz|ihgOUV7wB#C+2)@hT6k-;#*>#
zZ@0}loqYX1N;qxiVmiRa3=FBwXE~bu!Hl4Yxy)e3r)U9I5MwfH;xn+oyTo&hV1fO~
zFTnz<Q~V(Ue^ady!9CeA%?zxpDovX4&*W)oN?_jZG-;;&9Fr3xL?^#Z69fw}rb{!q
zL;!`PCR?QQM1dkKY{H9>7c2}68U_puyujFmfd<AW(F_a~Ir_yVl{u-!dKI}j0p5&E
zBFyk8kKFG5y6XT?y%-Y%12;?`kZxf7K6zfc6vPqf(u@x#Ur(1)09m#=u1IeSP(?3L
hhZKsAjmeYGCCl)mSuxomLz;2!<d_UKwzsJu^#DjR?SudT

diff --git a/spreadsheet/macrofree/azurekubernetesservice_sg_checklist.es.xlsx b/spreadsheet/macrofree/azurekubernetesservice_sg_checklist.es.xlsx
index 5396f219e865ac063ed931794aacaf3d84d39fb5..3944cbe6578d647551cb01461ec93cbac078ab32 100644
GIT binary patch
delta 608
zcmaEUo$=XqM&1B#W)=|!1_lm>Z^_CNc@J;`smSI#ZS%P%UX!bj_daYOa&*7f%j#K6
z-nO-^<JYq5U_IFMDB9!QwxrMPDwp2go_%#)bl?ZW=W~AVR=?vFq1MwZp02awLZd(5
zs_XMOcYA(UjA+{^UL9~J-EiUJou+;t1?K0q>x$2>VYg6E=@n(st9<Z-#idMbnQ%~-
zWaj=Dd!{7^E;KXA+ANbiT0cF9Vfml=%!`fH`S;BZK5UTUZ1^lmx$FMy=hrvdyxPJa
z!|n0fi%U)BLqg2o6dM)aoYlUq>%U}0{a0@Ac_bv(Cua8YW~KH!`CG@gob&V(T&NMh
zwd8D<sCK@c-<qR;SXcDC*><=7h|t7nm#%5g)+|_~v%VwUA@=C$uXozhgx>XupML*m
zn|p5Mn_to>;k22H=>QuuFr+r0<v1GzX3UM=$P8u##tX257?V>{o`D5?Q_nGi1?19S
zf(5uT{2>A{nbwHlp1dH_46N*CrZnT9$zL;-z&xoeX{P-glkady@dtP_GKnz5BWrR(
zmNaAk<eDsXJ5Zd3O?VOVf`x%W!+?Q-7Z{;1(7@;%&%jWTqhDN7nUh+qSCN~8ZqP%Z
zL1B~sW=TP8%$8=fpKO*brvNf`bzG6&7NA+ZObiTCFf)O41EWCtWZiU`$rG}9z}n^m
Qwf&jAJ6ny-CljO&02oK?w*UYD

delta 625
zcmaEMo$>i~M&1B#W)=|!1_lm>!bqu!yazaeRHU*&IXCyjYjX8xvkn^ww8X3a$UD7B
zR=DM{b99x4sYq7FOJ9%KN3Q&Gy!GhG+toYzgfBZeil04GxBGP1A)`c@Jr>Ca6WQxZ
zL-v02xshAqu%$;ppKrkqe<vsQ;`BL>B=+U`>xj><;aBm#JW0br&$6h9?O2(bn{ZH<
zWaj=Dd!{7{7n+%R=Ur&2pOh_jQ1gHK!53#vE`I;)iUH5b3H>__1XbUk{ruXZ=1yjR
z40p#XFD^Bi0+V%hMsi`kGs0$f-Fb2K%0G98om{>W^K^0+cYmIC-+oJf;M}E>y}?rH
zucuAZiQk;`xiC%l)q022l<lwoDT@{E>fF3(>6F&#;^s%V7pyz<wCdf)nJv2|E*H(c
z|80eCe{4N7N<eMqWIDjc3=FExXE@FVff;k6H!_160r3K?Ajah6lxJW8pVV`VU;)|m
zmtX<T41b6~bfz^TyeH4kG?NE~{y}kpeUsQ27>+40FbD&q1_l}!|4#mrsRTAkGE182
z0LSFp98!}5vUtEk@mbQ06DC(@se=s(oA4s!1q%a%h5-WuFU$lW-N5KF`Cyg|SjPjP
zj_}EUvZNqJW=q>Uq%ts6<mi{@7iA~q=V$9x<mLo;Gct)V!;?tl>bN4kEkJ{MnHU(P
gPz)AKpRAKEGr2z-;+}cg(m)6A%2s3Z%>=0f0A@bo82|tP

diff --git a/spreadsheet/macrofree/azurekubernetesservice_sg_checklist.ja.xlsx b/spreadsheet/macrofree/azurekubernetesservice_sg_checklist.ja.xlsx
index 7a5f15a04a477bea409cb8be71d55313b8692ecc..f4c7f51d86ac86d768da884fb6d42513c8b78855 100644
GIT binary patch
delta 467
zcmbRKf^qr_M&1B#W)=|!1_lm>@5#y&c@J;^smPo(8J3Ax<?G|U4;zRa-GAyu^{gdt
zm$j|q*RtziJ=pXp+T-1}q|fatm)_o<eRW;*%m>NmEWelg?^wFQM}mF*xrl;=tov`Q
z_N!KVV|BANLGoDK8;8RA$6ETH9kV#<T(e7eTTIPI-3L7rM8gDjJZXHaEO4`PMvsT4
z+LFIzcNr!yIkR(>e3-FJq<;Qp#yOwr`FPGvx%0cs>uc@&Z$Bq=_iFrG5r41k(~7Hh
z1-c3=y)<VO9B3}Qy7}XV70J=LUNsA+KmHZZ_(VxB@nJ&Z+&Oc;|9QBv(rZ;uiilv>
zrc~!}o%l_UzI{G1>+Jl-QzyzU|8v(7*y*g2pK+|{RM%|oN1OpuKNiV;Untl5TjKB^
z>+9bZob8YO%YYJ2o4J?{urUKeYV%o+swgnSE7^nv%xFv(U<ENIPsw=(7O2fV#|Rei
z%YO+LuqyC}2=o+M!-ISB`9gEBD$XK1Fzr?345lYQ>1#z6V7_3n8AQI=3QV^byMpQS
G#U2271KA7!

delta 467
zcmbRKf^qr_M&1B#W)=|!1_lm>yhy2uyazadROI)WXKzfrDqnv#>#%`9OZ?FvdZ#A|
zPv$z_zU@mumd2F}mu62e>s<M@dC8+EZ&&Z=n>@kEQT*(gy4|P44jCoN?6FEd*veP4
zDSYoYpBtsSxDOij?7h+W$gZ1H_H1uqSNo6B=$xHD9z`E8Iq$tjq2MI*ad(AH#)fkz
z1fB8t{q~oj0&AO`$cqPtC+j)v(wQxu{@0P1Yq|6L-8oWiiqc(%;_6C27FSkEx4X~%
z)|kzh8S8nlg;}m=_59xUC7qYEf**44optL!m%`*5Ev?P1rBy}uy4#O`(_EYB$9al#
z(dlVZ)<kSN`s(wEU90Swr%t@P?05eTho4**H>tK9b$_qdq3#fS^z_#|?P)^qB>1nt
zzH@7FS?!x&>?q;1nTzQF8#6GZHlO9FiUKpdl1*5^jK*{URuE(Il$>W^f!f@2j9>x3
z{Fh(>s{((BKu@7HJh&&HFEj_M;w-WQ(_Tf+V0r?SzE)%b<_i{^LF9|Az;t`DE0{iC
G>;VAx?9HD5

diff --git a/spreadsheet/macrofree/azurekubernetesservice_sg_checklist.ko.xlsx b/spreadsheet/macrofree/azurekubernetesservice_sg_checklist.ko.xlsx
index d0922d989b1dbfa6ca1647bdc3bc1f5ef7262197..c23762a7acd8f39d78dc45b797ec5740c3c4fd68 100644
GIT binary patch
delta 640
zcmeBt#Mu6bkvG7bnMH(wfq{eJN3!xn-UFOKD)NtQ{Tz;o*W~Ksy$>6R9NmBFMfI#@
zciY<5@oU+2upVrB6z%bDThizDCtln0^TT$ZGdg&DPVu|<^9sCQ?${z1x2N>M#?}oM
zFV3;(-Br7(Y~`0Zq56W-62rtrJGaJh_xSH$?03R{BlE2Eo3pYU7P4?vF$tLqP8MAG
zq@^T&pEQG4&<ls=gAS3WUev30KPdfCoKUdriQ<;vRquaq(Qk{%Ir5_V?;oov>T5YQ
zdRmrfO?`5y+2QqSb?Jn_<J*o+`!YSQ?{z&(K=+Q8#}^N(Sz6~G{p<XBMo8r}<4J~-
z)=O=BcC<@B-_CE%%|EOw)@E&gTYp6LWS(c3iOzG@*}~@=R`pDO?Q)<><XzwA_o6Yk
zo6YRYzM_WGW=^I9Y|OxL+I)s%YB-pYlEA|PW)!Cgu!0zq+cKYl1@g1bF@gmga$bT3
zbaMS60(E)Th`^qFD9;S6?023t<FCo$`AT4(O};eKUXIE0^F=3r;9%7b@MdHZVTMOn
zq||rT`kTxQ4AXcR7$ks^2m=j`p_Aw3t4D$2GHk+&kQXcr3>pRu47@M}K)Qi3C53^Z
zB1gZtq%tS9Sg#^C2i^GX?ytKJ0F{a{F)(nWXf2;CUmyi>VSzMb!sLhoIWVuXK$^)g
bXR?2e3_qG-lMezF%1*vppvIP)2Qmu)Fu(Rk

delta 613
zcmZpF#Mt?WkvG7bnMH(wfq{deFj8tF?*UFA6}dB7?=;uMYjX7$vzrYBj{TqdsJiE(
zmTH9jwvFwEi3W+u`HDNY86`Uv9sagI{?(ebIR+=Z_r2eJ|8C*ZEiqE;`sX4FZZyTq
zmR_&cduwK;5aqXWI{Sq~#}zNK7pKn=lh~K%zjng>Bz_a$NljS}3t70T*o3Tw7jv$B
z(z7Lgoiw9Y&<h9W{&|~b0PPn$nE5~b;EOXS7w12}V!-opLhnuk!Nu>tetvCXlUd!r
zXu3e?(n&E^0vR!1Q*73}GRV#Ms#-if__sXc6)ls86`MBn>Ya-&`+vd4Ep*nB9+jRY
zm4~_JJ+0aM(_*vO*YE{qtL|?7FL+($=7cR75|1CI{^b40wBl63PQQvZ>JQ(EZ;5%n
z-8SoVa`=6eaN5kybbyT+7*d;0aZC*dGm;W`Sip?J6aiKcV{%L8Gq6Bz);UJ7fL+c@
zuz*&sKSZD=&l(ZjlMm#XftCHtlV<!gSu|e>%(KduX4=m&xiCR=a!$S=Sf~Lg6rKPS
zlJW}hW@Hj!hR0uI*n}4$FIX5DGz=IRc!9AB0}YI6DGUr1Ir_yVl{u-!dKI}jXj&&T
z7DzKzPL?f@f>;aWB~1=1kW&Dqht+XKdRu^I^)fLqNWshm(hZEpIg@>JWF~JY-~nsf
R57Z_<`F4RCTYer$9RPLQ<6Zy&

diff --git a/spreadsheet/macrofree/azurekubernetesservice_sg_checklist.pt.xlsx b/spreadsheet/macrofree/azurekubernetesservice_sg_checklist.pt.xlsx
index 783b5e633c44d35f9a9ff0eb2c90ee46a31d0a1e..6fa9a1d5e2ffdbd2fd7e1afa92be65cdcb75e2f9 100644
GIT binary patch
delta 663
zcmcb5o$<<bM&1B#W)=|!1_lm>ugS_2c@J;`smQh?vo~{1ye3y4?|s-n<mi5{m({bE
zyliV*$FF7A!FsUiQMAXqZAqWoRW7}~J^Sjq=)ez#&*%K!t$xQVLanD+JY8qUg+_nA
zRoCZn?)Lny7|}LCygJ~{bHjy;cbfWr6qujat|LCbhJD3>ie3>Gy~+nKSkAoh@ljtQ
zVtlD?XB~@2;{tY8s|uH*rh2`b41PcD+1=9p<Z8^9w<Vrnw|bVO+;ngD^XnUHu4T&a
z5Swsqs)&!pgM&MMoviSfbt7yxSM1BHTmHE-%sis1Bcq#hY4c~d_wu)nZ_z7oH1gS$
zbaj&HV(qYdHFF}me{u&%-pt+ozazCR-`FQQ$iOSYbA3m;L+sJhU+=W13BBtRKmGpC
zHuv1hH@~D&!f7)X(*ZVSU`TB~%ds;E%;=2X%nWAO#|yB67?Xoio`D6dQ_nGi1$fe5
zf(3r0`$Gi0GOZE8J-IK_Odb^Y2gL>UO=4qUIHthBAPkHd7-(SpGx>3*k^)E#FULjI
zwjc%u_82Ax377&P-O#w7WAYsismb<PJYYNhvZNWSCue1;gN+WG@FL^|3j>3O0Rsas
zvNlG;$s4j{z&g$Yb+}A^oh20mvPe9Hy=Vy|1A{s<0|P&b4&77+hKd~h^8BLgr2PDB
zy^7qN0B=Sn5oUO5id-F6q_+jAsh5d?K?+6lzsZT&nqcdCv!xkdO<tL;#%7fXQUU<R
ClJy+`

delta 664
zcmca|o$=~*M&1B#W)=|!1_lm>yhy2uyazaeROI)WXK!#%ye3zFHtVo~Kui45A9|-J
z2~Xxa-oEWiK$gap3zue3Fza0TwRy>-CvR8p=$kyj$x;05nY!Jl!wwlG%IvX9KG@1v
zvnhP<H=i4&ySNV;_3XXT_{grCQ}%3cVORT)(&(I>KORLNFgfqNMxo#&^Ko~DO~!_E
zCj_1G`2F^mpaN@~oXCp@h9~Pe?9!Pnp8nU7m}|N7``tNGZHm%ehT`f<KNeS3O1Hbu
z{nnVxm>KJNu!UK!XZ8Hv_9dN{vw|OT@11q)KbOMf8!fHPt)*2(_qyAUf74u>>Bo7B
zbJ6K(Q`SUmI{NDKiCwGgnWs*?yX<%W4u_vy7dNT49Cd%M*P-qZd-U|zJMC#g?<DxI
zzrJ&8aarw~U+gFWwV9LY02?zfs5YPB*ck+7bVP4v1~cs91z16h$$=@)zyemO=NQ2P
z-03gD0^ig9Ap)M6)`;+)+?#184+{N*;sX07u`w_lQ(#~a21X4GG%)_1{3ugN0i=eP
z<DzO?5Ca2y3=@L{OaYK?Xgt6%`8J2tWV<XLu${hH(u_5eGqcpeMu$y!5%PkCfkDH7
zfq@rU8>7+W^;t4t9p`{LTqnQEl8OOYBp$+Ew1km?L7ka_fgeSOUMd4aMUH-Xeo=N(
zetx!IMQ%=jHzSh>Gdwv(u8u3x+XB?o%f!GSg`)ZY<b-TZuysAz(u}VsugF$ov(5x5
F0RU6~^1c87

diff --git a/spreadsheet/macrofree/azurekubernetesservice_sg_checklist.zh-Hant.xlsx b/spreadsheet/macrofree/azurekubernetesservice_sg_checklist.zh-Hant.xlsx
index 463fc804ef365a7221d3a9e5984f65c8ccb25c45..d492cd84e3c6a36c3bad595ea5458234ef7bd53b 100644
GIT binary patch
delta 478
zcmca~oAJ_ZM&1B#W)=|!1_lm>Z^_CNc@GEzsYuD~_v5)3fuc+d41$vvW{cFfPQ2@V
z*g)jy|EZV0n|Ru{wXNgVvg=?y*z_pc<K4ET&yGSbzuljGb=~cN4~Ea@{NAm8Cn`d%
zr&&B*XUBzR|8H3r=5g-!D_4wY+bC`wa3|ex;o_Z!ejf$q=XL9f&#&ROP)}(UWznmA
z@PospOmUfUP#0_F{yPSYOAZ(`Fv;31tCu|bJcnWVpZUy_H>-T#7a#Q4A}!hQX_9i+
z{oBv4ue5o!l|P2tV|Emmn#_lUn9nITD!DnUeS7u4RK@*QZt!^|B*rIp?d8cz?RWCK
zj&C{X=_j~QW4+a`B-f*-X7?+<&icm_;`VL!Kl`N46S_*S?!{pNVPWD&gcq!Q{FLpT
zvo*J5dHd`4f3~T={dME4IZBXi=43j+#taO!&1X28Lcol`*cZ%ThE1XXD~K`KKkXS<
zz#{z|BUpel^Cei|Yo<R$z&+cV0~Yd=yRyx}s*YsafoawpXE5yzr6=ZCfca-~%pmf)
PR$$sG*A+~6<$3@B@V?DB

delta 478
zcmca~oAJ_ZM&1B#W)=|!1_lm>f=H=}yaxn<ROB9K<L6wAKv5<J2EoY-vqkD#C!WnZ
zY#`7QfAojm=}E%EEsvd}t29hSvNB%!ddxm@<(Fen;iqq*F~>VI7cS^dOWS`pRXcH}
z0bksljSrmI?JQTtRja)*vu#O`JQgS8P&of+OW(6|7Dt``?6Tb!Q}f9-Vb*iiFo7LU
z8Xp@A+?+YX&qFh9$={;C921zF`MF9y)Xzv^iQmjP=Tp5{&$&4^zw-Qe4^QAdI-^@y
z@XtM){e6cQ`~5z!wPDM;B?*TZ`Hx-oKjwVtNaog+A9~|_-`2BC@XR@M=;R@@y%zaL
z|2qGkam{2o%Ttz%rQTj)Yi?$JE=<#Xwca5$W&7)Y%IgC5Ic~|}O#CSNrLBVTO6Z=L
z^R*djk`Lc)iFv-=HtTfq_4_D6wwaUZ02?zf&^DjpXbJ%{0%Kn=gBdo70<0j$WdF2h
zU;&HtbBtgC&dir!fv=hV5CQjWYYte*PwvV#2dg@gZ3m`VbDY7nH<X^3V*%!$$uWb-
Q=URbjr(9Ps-IePB0N@(Py#N3J

diff --git a/spreadsheet/macrofree/azuremachinelearning_sg_checklist.en.xlsx b/spreadsheet/macrofree/azuremachinelearning_sg_checklist.en.xlsx
index 2ecf8c50a21d20dbb313cf381b71e078221b7bf0..9e8083b5658604a6f50283845ce1655af3bb183f 100644
GIT binary patch
delta 706
zcmX?nhVjT5M&1B#W)=|!1_lm>@5#y&c@J;`smPo(85Zt|*W~Ksy$>6R9NmBFMfI#D
zZ<n>L<JYq5U_IFMDB9!QwxrMPDwp2go_%#)^vnmz=PbXM`|nt~!AF99{ke#Og{=E;
ztoEx`dt-I8H9_)N+#83&`NvxNo*lC|>Rhu+cUw%&N8JZK6GX!Vc06f(tSoS|b4HJc
zrrMIfWp^1SFgdexm3)}7Or(DPX2v<6>iKxiO}X>C%<F6I{BJ)eboXlfTM>V+?bC{@
zb_Kc$E4?&l6dY(Syt?`0h84-txn4C3r$7D`&-g@1FY#eQ;@mlNzW;f+vC?Z*Pl||O
z*QQkGaGm%~kG_3AG3)I7##1NCF8_1a5!mUhlAm#`=v3Ei?nj&fQ$H5TeqSip`di}g
zAM5Mi7M$&m{mXz7P@6fK4zMu;gKF~`4m)2kgEwq0Gnlb9Qh*i2n0z4a8CYOt{5eLj
zKvm*Pus~XpKSW?hvNa;SC;v${lLv+VL2-e7lh_y-jwvuO2m_-A1{xUuP7X{_QUIwD
zHdjyM_GMsr>CD6+0aE~^8yXLAOuo$_HF<3c57^E<Dbh@gVUuOTq_hLP8JR?w;gKB~
zHsM9c3l;_j4Fd)SUSu;E7fzN-l>uwFO_i?S634(0UzD0ttgi<m(Tx!gVJ}+3$iSe^
z%)r2pV$9rl28N0p{qp>x?4<nsY`u!y9CXdA<BIgQ05$b8F)&D>XwFLnYmP6Pd_7eW
V?3UlD(u`4)#naT-RwaX!0s!@@1j7IT

delta 676
zcmX?dhVk$jM&1B#W)=|!1_lm>{79*ZyazaeRAlhal{H)wugTS)%{pu#&=P<2N8ag8
z!on?&oujKXOhvLXUix~>K62%k<E=+e-mc!!Cw$q-QT*(gy4|P44jCoN?6F8bn8<Et
zwJNS!?Twk8LX=yFID5dI<%$cNcN+T@^2BdfpVsZak9|^lq^F3&bQw!aW?^gL$DEo+
zd$z={lV=PPc;VRS=AYqJf6}!3!Ib}-6H1;vxmaGDCDB%*aV%y=$E5GiewNDEz1-ry
zj`c{XDyuM`g;cn`B!8grva8FK%&Sbd{ugv`TgZ8Ma%*l);k~Zk?cWU7eb!m-={C9M
z?xjhh+1qZ_%!%y&r5zx7^X;zx9jjGtt5n_$I(10<1@A|u6{`z&&a2K*d-zU#OU(1_
zwppi>uir-rr_EeU2iTZ_A+`A|hn+8&!521{8O&H0DZmP1Og<R*3@orJ{v0D%pgQp-
zSRg&gA0n_b*%}etlm8~0$%6v_pt!)kNo))Z#}pVCgn=;w0}YISCI_V`DS*@no2#dB
z`!X=RbY^0ZfGGgd4UPLbCg0(Zn!GNB2W;ow6lo@gu*tGvQrZFDj7%cT@VJf)oA4s!
z1q%a%h5-WuFR~eo3nt5_%7C@orAjkyo*b1b6$7$WJcPYy2_pl8Ix_<UKZ=ey@eB+V
zIr`=KMcGOD`Pq6ExjE?8t&S_w+XB?o%f!GSg`zok@`Y4Quyucc)<sU1NK<25nG8|_
E0I{^>mH+?%

diff --git a/spreadsheet/macrofree/azuremachinelearning_sg_checklist.es.xlsx b/spreadsheet/macrofree/azuremachinelearning_sg_checklist.es.xlsx
index 351167aa880dc6a95816979eedee7aa4d814e3ad..bddc6a72cd4fe2f54755e63a572a82780cad4e30 100644
GIT binary patch
delta 610
zcmZ2`nQ_f!M&1B#W)=|!1_lm>ugS_2c@J;`sYsdihl;r-UX!bj_daYOa&*7f%j#K6
z-nO-^<JYq5U_IFMDB9!QwxrMPDwp2go_%#)bl?ZW=W~AVR=?vFq1MwZp02awLZd(5
zs_XMOcYA(UjA+{^UL9~J-EiUJou+;t1?K0q>x$2>VYg6E=@n(st9<Z-#idMbnQ%~-
zWaj=Dd!{7^E;KXA+ANbiT0cF9Vfml=%!`fH`S;BZK5UTUZ1^lmx$FMy=hrvdyxPJa
z!|n0fi%U)BLqg2o6dM)aoYlUq>%U}0{a0@Ac_bv(Cua8YW~KH!`CG@gob&V(T&NMh
zwd8D<sCK@c-<qR;SXcDC*><=7h|t7nm#%5g)+|_aW_?GxL+sJhU+=W13BBtRKmGpC
zHuv1hH@~D&!f7)X(*ZVSU`TB~%P~0s%t(&h$P8wP#|p557?ZV<o`D5~lg}}N1)ik5
z1Pfe9^@j*3rCTF{dvaR38Cco;bZN#vlXs^pfq4&ry#15^q^rw=BF1v!@zr(A3=C(u
z7#Jjgu?7PTjiHmBGStC3ax$bDIVX2y$k>2%Y<GX%bpWVLjERAP8>SpcH!#X1F)+jz
zrREgt>w(AsZ$>5&W_VJV`~YYS>*PNfa$rMcGo=}?O}5O`1UqBtL+J>4Mh1oi76t}k
R6hjY9Zp>6;6G{gO0szC9>bU>_

delta 651
zcmZ2;nQ`r9M&1B#W)=|!1_lm>!bqu!yazaeRHU*&IXCyjYjX8xvkn^ww8X3a$UD7B
zR=DM{b99x4sYq7FOJ9%KN3Q&Gy!GhG+toYzgfBZeil04GxBGP1A)`c@Jr>Ca6WQxZ
zL-v02xshAqu%$;ppKrkqe<vsQ;`BL>B=+U`>xj><;aBm#JW0br&$6h9?O2(bn{ZH<
zWaj=Dd!{7{7n+%R=Ur&2pOh_jQ1gHK!53#vE`I;)iUH5b3H>__1XbUk{ruXZ=1yjR
z40p#XFD^Bi0+V%hMsi`kGs0$f-Fb2K%0G98om{>W^K^0+cYmIC-+oJf;M}E>y}?rH
zucuAZiQk;`xiC%l)q022l<lwoDT@{E>fF3(>6F&#;^s%V7pyz<wCdf)nJv2|E*H(c
z|80eCe{4N7N<eMqWIDjc3=FExXE-JYfEh`V8=1iju~-3C5M#1t(lfAtQ1UrOu)yP#
zmtcYOss0cF#dK>#cu!7EHv=o1moCltck-@uB{1)Px-`=Pj>(0QqLV*xuxbZ*Gct)V
z!(%Mca^msTb<7M5XSf&`B!KY<0}YK~lN~eE!A4|fNJnzTGB8x+=ogn%=A;(uRpjQN
z8?@d1b=Lu)ZZReX25y)sK)QiZHi>~Dz9==PSYHoBqG_CbKSP?4ZSwC7Ij~(anbM5c
mCtGA{%7YTp(udL!@{9}&2`mf@!YGCwp4^bB#wMH&5(EIMp5rqB

diff --git a/spreadsheet/macrofree/azuremachinelearning_sg_checklist.ja.xlsx b/spreadsheet/macrofree/azuremachinelearning_sg_checklist.ja.xlsx
index 24d64e57214955f80448991ea0d91f664baa0a71..4044ca7e52f61155918a9efc093f3c91e14ba028 100644
GIT binary patch
delta 631
zcmeBq$k_RikvG7bnMH(wfq{eJN3!xn-UFOKD)NtQ{Tz;o*W~Ksy$>6R9NmBFMfI#@
zciY<5@oU+2upVrB6z%bDThizDCtln0^TT$ZGdg&DPVu|<^9sCQ?${z1x2N>M#?}oM
zFV3;(-Br7(Y~`0Zq56W-62rtrJGaJh_xSH$?03R{BlE2Eo3pYU7P4?vF$tLqP8MAG
zq@^T&pEQG4&<ls=gAS3WUev30KPdfCoKUdriQ<;vRquaq(Qk{%Ir5_V?;oov>T5YQ
zdRmrfO?`5y+2QqSb?Jn_<J*o+`!YSQ?{z&(K=+Q8#}^N(Sz6~G{p<XBMo8r}<4J~-
z)=O=BcC<@B-_CE%%|EOw)@E&gTYp6LWS(c3iOzG@*}~@=R`pDO?Q)<><XzwA_o6Yk
zo6YRYzM_WGW-g`!Y|OxL+I*JdeHfUrKi-4|%=nfpzzSka=FEHs7WkBTju9+yIQu17
zV1151M1V2R8WGr&UGvPq%Ifl@8GlWlm8S&e?FaJqPQIO|E)R;9HTuf)7+Dw?mhmz$
zNC4vu1{xaIPgcxV2kY?8myUdv%)n5QqhDN7nUh+qSCN|&;LXS+!VHh*$nEa0yAA+#
zi!m`UaKlUi(hZD1GZ+}+i&Arn_4Pm`n#Rfd^Q9RdO}?Ek2e#`EkhgiVM1dyQbxR*g
aN60fWFeCt7D2!t0{K*LgYHaUwL4p8s+4{Ty

delta 631
zcmeBt$k_9ckvG7bnMH(wfq{deAW~`~?*UFA6{)6?rOrL^nq2+atiuKZE%8Tx<elCm
zEZp+gIl4;2R3t0orLV{ABUgSo-g@-p?dlzU!k3*K#m}Cp+kHChkWr${9*g9IiR^Y(
ztKzEF-k8}bM7ec{vj^N+uDGyyr?FolPyBZEY2E(&*e9h&dWtAam$9^D7Pc0C%&B>_
zXG{D#dBz}t7mkf?{uy5NCr!H_O!>b#q2$?<i{-^x5^W_K$6{u5O#1%pXQ_<c%PsEf
zSdWydvI_HANQK)=@&^hpyShxtyvlUze?bSgg`9^cx8~Lq-s}3^{>^aRXPxDqZj)>7
zUYaDDz3o=boXGB9+5wU`-|qU~v0CM}O6AR<Q-`#>q#v;cgg-2@{eHve&|Qhlo#*na
zuS`3>Za*VRKy7AcI>5#Z464niINpbW8GGVQSip?W$pWk(#$>k4XJCQ%ndcb60td2R
zf(6#(_(KH#<ys@cd$LoW8CY3$o;2g%$<y<cz`Q+q(o6?9Cd=oGPJWjsC=ZIBHTuf)
z7+Dw?mhmz$NC4vw1{xYSO_s}7j{>O)oA4s!1yGHK0Rsb285}e)zD#CdsL0VTE~(5(
zE!L~Z%?a>kWD;S9CxXcB?ytKJ05ym)F)(n$H8L<XF#ef5KVJ&ss(fk2r;~5w%Yk`6
h^QD=#WluhzEyIsy*ks27X~sp9V++*SKIMYU0sxtP;>G{~

diff --git a/spreadsheet/macrofree/azuremachinelearning_sg_checklist.ko.xlsx b/spreadsheet/macrofree/azuremachinelearning_sg_checklist.ko.xlsx
index d208a1e250ab497d81fd95c80fbde81448694985..f5f1c5c50c05379f87e9cb3a112e9b2b58c1f00f 100644
GIT binary patch
delta 657
zcmca~i}CU;M&1B#W)=|!1_lm>AIZuSc@GEzsmQc2wHR(jpePdqgWzPvY?1obiSgct
z4MdLa_j*}9YsuR-?pXPd8UgMm)}z}e+{r!qjNfy~?d|5PW49X~JU*xR-TQe3+KDp_
z_~PbneBi`xcXM@Iwb~o2yR8Y5$Ku{N6wW`|()a9`#Zl*)UAo(1YCh^dm@`2&Okl^8
z#>dJ6H)qc9^UzFN^0(|S#{?#4ey)-aGwRbs=5J=4^QoS%=iHn-zw`Wf4^QAdI-|Q+
z<6lPHy<?wNT(&FFRamR7Iiuh}bK%#`A19b>Tx%w}@51WLzv~%{I=v$-A|jTnKi^wX
zku(32mAa*C%c7c#msGXI*6jIhvuWM4^A4#g+h6`up4PEOKr?FA=B7<WrH(d?ue9RU
zJ-0KNELBjy<KMZpwprJYud8Q33A4?dOb6JQfuXkf49C4-Fk@{D4-1&FCqaM}#F%_O
z^%+=TN7^|?us~<VORzv`rawgBc$PIMJm@ELXPe1`cn8G=_Dy1AU^u40z#t5a4;W}*
z{5v@zTM4Wt;iUG3)xiu5tcRHxBwz}FbVK8T$qTd9!PcG5mS$QQGkH&p6n}s>Ba;X-
zJjy2v=14Pcn5>&416JshBW-m!m4P9?C^e^8Uk^m0X^0dLVJ}(&OdRUW3=I6p_A#!R
uyf8-&?55RmMS5F+a=pL=B!!};cJjR(O|Vs5xzdc8lhtz7*mh=tlmGzW81yy(

delta 705
zcmcb7i}BJeM&1B#W)=|!1_lm>{79*ZyazaeROHD?ANFufye3zFHtVo~Kui45A9~)K
zgoRrkJ4aV(n2Ka&y!7>$edNk7$DqPb-$G-KcV;eJ(4CgH|8A;w;!Fd+xH%giII-JV
zu8ONxdt+wXk|233PR5~d{?V4cXXh-AI{(>ayDg^XlkI~!6NI!mVm=-CDB1DG$47mM
zi1DSmopmf8jSJaXttxzs>$}$9WbpfG&+V4(Cs%8}ye;uWThf`Mof>ud^Wu*`3|wCO
zAj%;sJjmc-1N-Aw>W>vOA8ol6^22TYvTycGCsfQ5AEqSEj+?Xn(Z7YYKCkCI5fSYA
zRO;;=w&rHm=fX7ISL+>8Q?|eUr@T(!=7K#rnyDW}pR`plUJ2b3bG|l1?cqD|Eiuox
z+h(0kzJ4DioHlbY9bjVyhScV>9QT63jCC<QEMUgo1OZkMWAcU6XJCPyY3CTh0$mv|
z!2)HO{t$r^S=NZ)p3IYNCJzeygW>}FCb2Ov98+Lm5C+B!3^XwQnVgudqySQra8moi
z>R<*2*27E;5-<fox}kAD$K*R4Qj_;)^MLI<lP%4(AZGI37%A-lZ$>5&W_VmjhD~@8
z@`8ndLBoK7ffv~f#`Tl+a%8~TeRHJi52Z3N#22OJ6zl7ONOWVwL)eR!FfuTxGcz#o
zqZqR~je(&eN54G3C_5=XKU=RNHwRtw>bN4kEkI4ZObiTCD4J_Bz?$QWCO^+n1iOVh
RSDG<nvU;u>+m0-dQULw+^)CPb

diff --git a/spreadsheet/macrofree/azuremachinelearning_sg_checklist.pt.xlsx b/spreadsheet/macrofree/azuremachinelearning_sg_checklist.pt.xlsx
index a4cd3eae9063028e91560b997790562ade914f0d..7a3dd9dd0d32255023b727af54f7e192f6d20d37 100644
GIT binary patch
delta 620
zcmbPsnQ`)EM&1B#W)=|!1_lm>AIZuSc@J;`smMRJ^>a8TUX!bj_daYOa&-Tx7uB<t
z-EC`I$FF7A!FsUiQMAXqZAqWopLlK0&kx&u&gkIrImPeZ&nxhLxnql5+@8`08(TM6
zyg0|AcUSGEvXx)vgz5`QOAHei?c5s2-Q&N1vEK>*jm)#sZ_dhcSjfUv#Ux}dI9YJz
zla`YBebNkGK`$Jd4?0AidQq?1{h;(maYDheCyHBwSH1teMZYa3=g5odzkjTzsITSJ
z=xJG^HTB7*W{20S)uj^xk8e9R?aTDIzSs3E0o^-V9$!4DW@(*&^sn>h86lO^j3*gR
zS}(Qj+0icjd^^82H~+A%Sev!|ZT%6|lX;$DCOXeqXA7TiSk*KAwabAjk#~Kc-;2iF
zZZ@+o`-&P$o4J?{urUL}Y4cf*ssJ#<D{?b4h_NYFfE7ef7EXEwmiUu&ju9+yHsvK)
zU}vg7M1VWp8WGl${nO3lK_P!oTwvcMHU@@c3JeUwz-WPi2F72Lm!vC!jXIew&9s+e
z@*NJTNf|s~5&jHmMytu%8R}p&!X~^3dBMWKpkctkzzZ_~NH;Kkm|U141J*GCsDpX(
znhYt3i5b%NZ;}`oDsuG8^NX^R^7FIxDspoIycwB9nBl1-a&=sh-WH%iy-W-YQYZ%R
eO__WrMP{;nCd55{nbM3aCue1<vHeT~sRIBiDfguS

delta 688
zcmbPynQ_`>M&1B#W)=|!1_lm>!bqu!yazaeRHU*&IXCyjYjX8xvkn^ww8X3a$UD7B
zR=DM{b99x4sYq7FOJ9%KN3Q&Gy!GhG+toYzgfBZeil04GxBGP1A)`c@Jr>Ca6WQxZ
zL-v02xshAqu%$;ppKrkqe<vsQ;`BL>B=+U`>xj><;aBm#JW0br&$6h9?O2(bn{ZH<
zWaj=Dd!{7{7n+%R=Ur&2pOh_jQ1gHK!53#vE`I;)iUH5b3H>__1XbUk{ruXZ=1yjR
z40p#XFD^Bi0+V%hMsi`kGs0$f-Fb2K%0G98om{>W^K^0+cYmIC-+oJf;M}E>y}?rH
zucuAZiQk;`xiC%l)q022l<lwoDT@{E>fF3(>6F&#;^s%V7pyz<wCdf)nJv2|E*H(c
z|80eCe{4N7N<eL9XF9;f3=FExr#Pwtzzp}u&CFoN-xvW_5M#1H(lfBY&!lsVV1ZL9
zFTn!aQvD$U9O>4G@Sg0GZYB>3{e$8H`zEn5FdS20U=RjI4Gc6e{++xqT?wpae$tX%
z?g0!8m!g;$Bwz}FbVK8T$&b?2!PfC)NHf|_*2qu?>j<0hBIE@N1A~SE0|PIz4#v-u
z^D<<>I(jpt>)DbR7~+dkbBgu#KxBY7Ba;X-JcUGxhp-ndVPs%XXJ%mFM=|C-P-8`o
zetCXTc2a(Rwq8YU4!Y*maYcGtfSP)l7#O5bG#^L-YmP6Pte&X|c8hnWG~=4d>6vP5
If6_oo0cj-ap8x;=

diff --git a/spreadsheet/macrofree/azuremachinelearning_sg_checklist.zh-Hant.xlsx b/spreadsheet/macrofree/azuremachinelearning_sg_checklist.zh-Hant.xlsx
index 1a64ae7fe0ceedde9301d748e8e6de72bb709dce..49e8d051469958801834e91448a3e08addc95977 100644
GIT binary patch
delta 631
zcmZ2|jd9I2M&1B#W)=|!1_lm>@5#y&c@J;`smPo(85Zt|*W~Ksy$>6R9NmBFMfI#D
zZ<n>L<JYq5U_IFMDB9!QwxrMPDwp2go_%#)^vnmz=PbXM`|nt~!AF99{ke#Og{=E;
ztoEx`dt-I8H9_)N+#83&`NvxNo*lC|>Rhu+cUw%&N8JZK6GX!Vc06f(tSoS|b4HJc
zrrMIfWp^1SFgdexm3)}7Or(DPX2v<6>iKxiO}X>C%<F6I{BJ)eboXlfTM>V+?bC{@
zb_Kc$E4?&l6dY(Syt?`0h84-txn4C3r$7D`&-g@1FY#eQ;@mlNzW;f+vC?Z*Pl||O
z*QQkGaGm%~kG_3AG3)I7##1NCF8_1a5!mUhlAm#`=v3Ei?nj&fQ$H5TeqSip`di}g
zAM5Mi7M$&m{mXz7P@6fK4zMu;gKF~`j@yA?#;T|n%wWdUI004=WAcjRXJCPeDd!l$
z0!e8v!2*8i{t$r$8P<sKp8O=k46IBxQ=0MbWXnt?FfT4sn&|+?<b#=_lP6>f%7db3
z=BlUhTbUUcrgAedNC4vw1{xaYO+JvR4%YT6Q`)98j)9>fN58nFGAFfIuOc@mz?+dt
zgc%;)k=xy0cO3xg7Gq*y0Gb5{4UBUpJ7!5i?9Y;BY@J+{B?sos&XQ&dOPgGnCZmmR
j*wTm65%P=-3<)d@48m}u7#JEDohJX!Qe&Hx0TKiN_1*mk

delta 632
zcmZ2;jdArgM&1B#W)=|!1_lm>yhy2uyazaeRAla_DH2>0ugTS)%{pu#&=P<2hu-N)
z!on?&oujKXOhvLXUix~>K62%kV^HCzZ=o^AJ2Mw9=uS)9e>YV-ai#%Z+?<UMoY?Iw
zSH)GUy)m<GNsv4iC*x2!|7c6!vvU?lo&W5z-4;{x$u?oubJZ|`9Zwn`8w=c=Im6FG
zGi}M=qQ4vyn4I~!N<Pd;sb`7b%sA&$y;#q=IX1uY{CE#f;5|B{TUhYVJ)8Y~hZp<(
zKCrc6%eo~AhZy;fUG+caeCbH$)|DT6<9y%NvrO>JIdtgcA+x;}`A7dc|DJKpWI4-I
zmW!p{USVr)W_>P9(|xtxAvI<D>wn7Y0`@s>$>B`=crp4BYe4wNBHQl^XSVFVEM7GC
z{<jsn{jv4TDB-l3i|GIxGccq!pXIn62xhE~dch24Op6m>1u-VCOnwFyn3Qsk5iF3L
z_7W`MpY9J4SeRjr2=2*GGt9us<T9lh|4g>ZR08wjfxP{bt25Q*K@l@^)zkQ`%nS@u
zxfvKFfUyPx4UKarAIww->v)|h9oZ4bz)+E+UtCg|lUl4-k((3X&B!Fe43Fr@?e4F;
z4ghtFF)=Uz&4Pml#@WdX4Dm&&ImP;VAQDaE<oGOU#+J#|S#n^z<^Xx2lXqlkf?c=t
fp>%{iBLhPM3j>2N+(-t721dt8*=lSPGeBYhk7Das

diff --git a/spreadsheet/macrofree/azureopenai_sg_checklist.en.xlsx b/spreadsheet/macrofree/azureopenai_sg_checklist.en.xlsx
index 9ea8a938c0a71c8f2dfcdf5a37579ead5e47fa0b..8feabb4309c9528fb60a8ece9b564333f1976638 100644
GIT binary patch
delta 705
zcmaF7jPcPjM&1B#W)=|!1_lm>@5#y&c@J;`smO1<u1B~gUX!bj_daYOa&*7f%j#K6
z-gdRE<JYq5U_IFMDB9!QwxrMPDwp2go_%%Q?SK!4&*%K!t$rseLanD+JY8qUg=YV6
zSr_JU?)EEJjA+{^ZXIwZ-EiUJorZoN1?J~<>x$2>;kHm;a)^s*x=le1i_&g^%aWQ$
zo3_N~&0q*hkZ@?^le^sWsJ_^&A^6|<#*>kgs_*NsER@;2aYoTb!K3fretsPy_w^S0
zI@Tq=x~#%{6$a}njpQboZM(Ycn0S@#`u~CsYK5HK?A))vJlP}qo&Rp~ttTqWI|8Px
zw~E@BboA8he&yF$|9C>&zRmt;pVWCmSIO1AI4mG6O#F!Of|ZY-vb}S*<}Pm+fBpW?
zHubl^Zk#no38&3mOb6JQfg!c|EJv&rn4#-Dml-1BCcp|}On%_~3@mWc=NuzgV3yxY
zut1x?KSbb0fHfkxC(8ty$%6v_pt!)kNo))Z#}pVCgn=;w0}YISCKm=ODS*`ET8Gcj
zvSMI(z{$iQ0aE~^8yfd>OuoY*HTi5H57^E-fznL!&XaANrL+UQ8JR?w;c*=qHsM9c
z3l;_j4Fd)SUSu;E_fNJ9k^yUv4U(?E<juekUzD0ttgi<m(Tx!gVJ}+3$iSe^%)r2p
zV$5zI28N0p{qp>x?4<nsY`u!y9CXdA<BIgQ05$b8F)&D>XzuX?YmP6P{5?n!>=x-@
QX~v4l=D})gCjvl90XAXyw*UYD

delta 657
zcmaE~jPda@M&1B#W)=|!1_lm>f=H=}yaxn<RHT|lmO3{hP?U**L2$BRph$h|#Isq4
z4Fp=^kN(Izy-8TO<*{>gm4>NER>n(TkJ(4A{BpeY=*ipFJNkq#J2{G<JyW;)bl4%I
zM43Gn$p;hJ?W|VCRja)*vr~w2>kwxTxU*bwVe?L7ze1k)?dsFI{r9m?N{{puQJ5}c
zX~`^XE&P~M^JveO_;vD(K>{xv8{PctGrUfkc0ZW%e{({~vnLnJi?bx!N;Hne%;=c(
z{n^h_8M~KT+}E)lDOF_^=ChCrx0mD(6kc|9nUZ;x>DK>(4sHuM4^M8*ttq_M^}GF>
z;kwT{%RSvD*WA4{Ni=)gt(rNJ-M_R0ByYam^}l1a%59a(n?a`zX?ICKVhsp?SY-SC
zhL6;tyO}%B<yT*sc6{A_MwBqy%*k|sjTsnfo6m5>T7ell&U2X|B5ne#AjahT-p{}S
zCw$H^f(2&!y#x!i`ujr!t_N6i!h?RYbfB3$h<8w2VBaJ*28Lq_3=G1+_<(^1#=nyb
z0+qmOa;?K>Xjw5ZJm6$vkbo%w(hZFVCT|Q>2U~YLP?|}>d9t;$6n}s>Ba;X-Jjy34
z21zp>m~0y)16CLlByDxsn}H#|C^e^8Uk^m0X^0dLVJ}(&OdRUW3=I6p_A&06yfH`)
q?55RmMS5F+a=pL=B!!};ck;U+O|Vr`!P1PClg)zF*iHt3lmGx7W!tp?

diff --git a/spreadsheet/macrofree/azureopenai_sg_checklist.es.xlsx b/spreadsheet/macrofree/azureopenai_sg_checklist.es.xlsx
index 7f72c815118fee59bc3cd352f1606e11ea4e3bd9..3265a857fbae5bff1c8f72e25b4c8b4d2cfacfcb 100644
GIT binary patch
delta 467
zcmZ3ol5xpOM&1B#W)=|!1_lm>AIZuSc@J;^smQc2wU~)l<?G|U4;zRa-S73Xde)M+
zZQQZ)AvFTrO{_<^Pq>qN^clbBlH1$OSI2HQJa~Lg@w@l)3bYev8t}!<-T1(X-R|b<
zxN5aGR(D$yB#*_taVVUBw59LaF^i+lHM?}T#ngP%eK2Q&YM8)|CykGl1#Zrq;pd^5
zw&ZWwUycb(&iq^@A7-S9)X(3{IOkJ6U(dNYcYf#j@gAPQdvr#3ug1TOxO>Mwt+;Gg
zpsTP}TXROif#$-mn?Fu4*|^qBbl-*5nSa+a7<GC_SVTlDSAV{@q9SMhB`bAH*Oo;!
z7cZ%5i>=x7+h)_cXXhPKQ?|eSr#!7=jeus<tj$fEib@@A7+-0{t$S`~GP$5$V#mL8
zYi+ZxA759`fD%rdxtI>HF#|(t^I48AYcM0qWg|0~!RH~s3SvxF^nC^v;PN}i2o|{Q
z{}L>4Jis3!AQ@y05AMk^LFQmp(}L{4^z|TTFfAJlp_79x!2Ef^W)S&cD=;k*;tHl?
GLOcMk3C=(O

delta 467
zcmZ3ol5xpOM&1B#W)=|!1_lm>f=H=}yazadRHT|lmiol2^7Uu44jTxx#2@{UcY2es
zaLZ%o=qe3Uk*tiDz8<rWT>0gA>(P_9t9SGXUv_d7KYONb_vx@hMu{?eERqi<vfEj$
zimO(8V`iri<<=q29&l&5;=<;g#(sr7@!Qp>b^GsQpOhZyDWWi4#?q2m*jo58r{>X~
zE%EE*8G{5~I5xWZXL!}0H0^#c<^Se{l4nmYmKSG9w3TQai<!|e>HD*vr80Iex45rk
zJyNR5D$Hjg6>cxdA1J)+>M|wsD$}k11s&WLavq-Cnp;zNuj_aFH^X(Gb(VX&O|H3n
zX_9F6wp%rGBD;TS2T0z0yX$|)YL(k6l{bS<9n$WSe#9CO{;<gQ`wgE%cO^1+p3ASk
zGVS=f{fsE#w3&<P02?zfq&A=B=&}YgqFgpIgBg4t0<0j$WJTX+U;!?_bBtht+x{=X
z0>=aVAp(*?*6`q-91~;?Ry8fi4oqJUat70~!4Nt**aFO-7i<QR54Hl+A|b9|Iwr&e
E0D7vqZ2$lO

diff --git a/spreadsheet/macrofree/azureopenai_sg_checklist.ja.xlsx b/spreadsheet/macrofree/azureopenai_sg_checklist.ja.xlsx
index 2dbb38e8306b817eb9300bfd94bba53cd91693be..6bb06e4622be31a7e8ec2841fa894b13ce6a8fdb 100644
GIT binary patch
delta 628
zcmeyhp7Hy7M&1B#W)=|!1_lm>AIZuSc@J;`smMRJ^>a8TUX!bj_daYOa&-Tx7uB<t
z-EC`I$FF7A!FsUiQMAXqZAqWopLlK0&kx&u&gkIrImPeZ&nxhLxnql5+@8`08(TM6
zyg0|AcUSGEvXx)vgz5`QOAHei?c5s2-Q&N1vEK>*jm)#sZ_dhcSjfUv#Ux}dI9YJz
zla`YBebNkGK`$Jd4?0AidQq?1{h;(maYDheCyHBwSH1teMZYa3=g5odzkjTzsITSJ
z=xJG^HTB7*W{20S)uj^xk8e9R?aTDIzSs3E0o^-V9$!4DW@(*&^sn>h86lO^j3*gR
zS}(Qj+0icjd^^82H~+A%Sev!|ZT%6|lX;$DCOXeqXA7TiSk*KAwabAjk#~Kc-;2iF
zZZ@+o`-&P$o4J?{urUL}Y4cf*SUWI7*WH8#%t-MTU<ENImj^rp3nT=dV+0Er2EPOg
z$cFes1oA_z5rI8<bEp|u*_%*l#$S^;!j!-~-7smUy&RJ#go#d$4-=FJ#myRh<#~)O
z3=GS785ksh5eEYejk1&b!_>jrc7{pYgm^PBROILvmsIAY7VA~y<^*^%GKnz5<2rJ?
z`|GX)K;2?Y3=G^bQ-E{>WBO!)a4CrW;nIu&lRd-bz`U$*X(q+s$qvCX+USNYeJC9v
Y&&a@#0Cbr!iebEy&xNb8#fE|e0qRiizyJUM

delta 596
zcmeyqp7GauM&1B#W)=|!1_lm>!bqu!yazaeRHU*&IXCyjYjX8xvkn^ww8X3a$UD7B
zR=DM{b99x4sYq7FOJ9%KN3Q&Gy!GhG+toYzgfBZeil04GxBGP1A)`c@Jr>Ca6WQxZ
zL-v02xshAqu%$;ppKrkqe<vsQ;`BL>B=+U`>xj><;aBm#JW0br&$6h9?O2(bn{ZH<
zWaj=Dd!{7{7n+%R=Ur&2pOh_jQ1gHK!53#vE`I;)iUH5b3H>__1XbUk{ruXZ=1yjR
z40p#XFD^Bi0+V%hMsi`kGs0$f-Fb2K%0G98om{>W^K^0+cYmIC-+oJf;M}E>y}?rH
zucuAZiQk;`xiC%l)q022l<lwoDT@{E>fF3(>6F&#;^s%V7pyz<wCdf)nJv2|E*H(c
z|80eCe{4N7N<eL9XF9;f3=FExr#NEmzzi*S6BaNd(OZBO#F$(X@C+;v8+eWpET9+s
z5-cDU;tvtX3AILq_v8(sW?*G6L!}x2PG${L0`s)Oq!|xPb_-Jn^9q1Gg~>f(>UN-b
z3Y+jE<OK@@gN6YE11~TVVW5FA+?#=+B1gZtq%tS9Sg#^CC%~JLNrV|5(~~~}4a%C#
z8!iR0BwU&?c(Pl#oC3($)p137TYzTuGBGen!OR5G4U8(mlWl`#CNBu*0c%?i)Fv?b
MbhsK@LMTWb0A^Fyy8r+H

diff --git a/spreadsheet/macrofree/azureopenai_sg_checklist.ko.xlsx b/spreadsheet/macrofree/azureopenai_sg_checklist.ko.xlsx
index 6e995aeb55c6bbd1dc8b0cf27b3063e2bfe3c62b..0c22909cad80614e154ddceed9ceeb291f5b3419 100644
GIT binary patch
delta 608
zcmcb+hVk|qM&1B#W)=|!1_lm>AIZuSc@J;`smMRJ^>a8TUX!bj_daYOa&-Tx7uB<t
z-EC`I$FF7A!FsUiQMAXqZAqWopLlK0&kx&u&gkIrImPeZ&nxhLxnql5+@8`08(TM6
zyg0|AcUSGEvXx)vgz5`QOAHei?c5s2-Q&N1vEK>*jm)#sZ_dhcSjfUv#Ux}dI9YJz
zla`YBebNkGK`$Jd4?0AidQq?1{h;(maYDheCyHBwSH1teMZYa3=g5odzkjTzsITSJ
z=xJG^HTB7*W{20S)uj^xk8e9R?aTDIzSs3E0o^-V9$!4DW@(*&^sn>h86lO^j3*gR
zS}(Qj+0icjd^^82H~+A%Sev!|ZT%6|lX;$DCOXeqXA7TiSk*KAwabAjk#~Kc-;2iF
zZZ@+o`-&P$n>m>durUL}Y4aJ5mo{L=4p$x)FypwV04s<w`Ig@^u)tyebBthtDS<D+
z0u4d_5P?g<)`-BKEEZx0R^}ff&G>6_c8C&~Hv!1oJ9$lrx;!Xaq`tG(-(+TBn8w4v
zAOVas7-(o*Ir&qFI#`EHs5Ik_$rhn9HXt3_-CuVd04ft>VqoBgDF@OGjHmq=7~+dk
zbBgu#KxBY7Ba;X-JRwY;05oRH<TaskU_;LWd99OQhH8SHvGk#IggheyLjnr}gD{Gr
Og_8}#)YuLNg9HKVQS*xc

delta 630
zcmcb;hVkwiM&1B#W)=|!1_lm>{79*ZyazaeROHD?ANFufye3zFHtVo~Kui45A9~)K
zgoRrkJ4aV(n2Ka&y!7>$edNk7$DqPb-$G-KcV;eJ(4CgH|8A;w;!Fd+xH%giII-JV
zu8ONxdt+wXk|233PR5~d{?V4cXXh-AI{(>ayDg^XlkI~!6NI!mVm=-CDB1DG$47mM
zi1DSmopmf8jSJaXttxzs>$}$9WbpfG&+V4(Cs%8}ye;uWThf`Mof>ud^Wu*`3|wCO
zAj%;sJjmc-1N-Aw>W>vOA8ol6^22TYvTycGCsfQ5AEqSEj+?Xn(Z7YYKCkCI5fSYA
zRO;;=w&rHm=fX7ISL+>8Q?|eUr@T(!=7K#rnyDW}pR`plUJ2b3bG|l1?cqD|Eiuox
z+h(0kzJ4DioHnyF9bjVyhScU$94~FajBTzwEMUe_PXSgCWAY8ZXJCPY{^uCM0+Rw?
zf(7b={2>Atf~^t3Jy|5g46MvIM4Iu><jfEyFt0B}nrT1B<c}eulMjRl%7bD@>N{)w
zO=bp$X*>)J62Pc~friG_lRt#0gSAP8O55!6WMHVs(JwBk%t<ZQtH{j>@MdHZVTQ+c
z<aYPhT?c@=#h4fvxM8LM=?2ELlM6$oAohn!Gj5x_DpU^4I~^*`)E+o_VW5mQx?xKn
cN=L{uGB6~tFfa(C7*;%4KTM77a4<*^0R05$M*si-

diff --git a/spreadsheet/macrofree/azureopenai_sg_checklist.pt.xlsx b/spreadsheet/macrofree/azureopenai_sg_checklist.pt.xlsx
index 37991b013886a9ed94bdbc9c29ff9586cf08aaeb..c1c34e688ec643b76bbc250db3fe4032395d0101 100644
GIT binary patch
delta 466
zcmbQWl5y5bM&1B#W)=|!1_lm>AIZuSc@J;^smQc2wU~)l<?G|U4;zRa-S73Xde)M+
zZQQZ)AvFTrO{_<^Pq>qN^clbBlH1$OSI2HQJa~Lg@w@l)3bYev8t}!<-T1(X-R|b<
zxN5aGR(D$yB#*_taVVUBw59LaF^i+lHM?}T#ngP%eK2Q&YM8)|CykGl1#Zrq;pd^5
zw&ZWwUycb(&iq^@A7-S9)X(3{IOkJ6U(dNYcYf#j@gAPQdvr#3ug1TOxO>Mwt+;Gg
zpsTP}TXROif#$-mn?Fu4*|^qBbl-*5nSa+a7<GC_SVTlDSAV{@q9SMhB`bAH*Oo;!
z7cZ%5i>=x7+h)_cXXhPKQ?|eSr#!7=jeus<tj$fEib@@A7+-0{t$S`~GP$5$V#mL8
zYi+ZxA759`fD%rdxtI>HF#|(t^I48MYcRvlWivCF!Qvsn3Svwa_k9MUH~F1o1oJQY
zzXU7T8{iKS;19BfhxX*4Aak&)o*+9geKyD$ObZ7?=*VCTFn>z08ALwV3QTi_xPs}R
G5Dx&gqs@N+

delta 466
zcmbQWl5y5bM&1B#W)=|!1_lm>!bqu!yazadRHU*&Irqe?^7Uu44jTxx#H;?uJH1I(
zxaF~Pbd`pwNLI#6Uys>GuKaSm_2|jl)jRrxFFQGkpFLBz`*heLqePiK7Rd(_+3QL}
z_I~rZkz3-hrAI)YZ@~_KCnxse^f`|t_T~BOh|jO#SMk0)Ny9<UvZ#pdSecrea8Q?I
z=KdIarX>m&nwfg%U1+JFlr45p^MCrm7iUf`e*f%>0nf<^{W}c=Ro|ce{Mw@CPG)}$
zcgHI)E;X3~lXZ1Qa$&wR!e)2fd2#j1KX-<mT)q<XbaEDVf1Y;VeoKGg+@+Ge!BXk3
zr%ls|-<<ThFirQ>dWY1M?XUkSixuwb+`MV&l-B9u=0~^}tUL6y>fOefExRQy7tOu@
zZG~=sY&|ndIBn))I>5#Z45`g$IqIyz3_q96%wPtKhX5;xF<IRA8HnEGca9Ovzv%xG
ztYB||KSY2($QmBnlY@fH!K!+K?7;NdAZIWw91Ni&gDt@PDZyqC`CuzB%@yJbrh`H}
E0K+Q0ApigX

diff --git a/spreadsheet/macrofree/azureopenai_sg_checklist.zh-Hant.xlsx b/spreadsheet/macrofree/azureopenai_sg_checklist.zh-Hant.xlsx
index 1a7d1e606cfc3ba46424e727595c3209c19a3087..ab59255f31e712d1b0c04ba9c852f6215edb8ea3 100644
GIT binary patch
delta 466
zcmZ3vnsMc7M&1B#W)=|!1_lm>Z^_CNc@J;^sYuD~_v0sCm9M|+eb_+c=>MsgzMFX3
zx3#U~*RtziJ=pXp+T-1}q|c5*FTdTNeRbXKfDeYx=ltHSekUqIt*2Q$U1!IIX8&(l
z7v^#9_A6J6Xxk`m9dIYzaN**ehJGIf=I3?miqEg%wop%L6=l(@eDH(ArA%>|aZnd)
z=Kebdj7ts}G%(59ER#H1|2&6b`JegBlQ*k;-xnYB*di_2@M)5A*ZteiudlRuwUs}H
z+hcYVmzvCngqY7MHY&L}t9^U*zf{HjS8nimBqYWscJ1ZKO6_;@yN+);>FFo9P-DH-
zt|Zr^r)Kvnzs~x{6XN!5_CNci&J(&yuI|NQ0bya{M}!xweEgK{owGG}dAs=Q_kXsj
zzx{RNtT{?BZRTV;z{U&=sLf|MB5lA74c8aUV1}@#04s<wS<UYmSb*RE93xoZLBLC}
zz?ndQh=5$MH9WK@CkC5?Rm~2z1Jiecox!wH2!zfEu>kWIhnPX+L#)8GWT-2cP7L(`
E05<Z;#Q*>R

delta 466
zcmZ3vnsMc7M&1B#W)=|!1_lm>yhy2uyazadRAla_DH0Q}%GaOGI&2`&5`XlE-swrg
z!Yz-TqpLJbMY1wp`g+Vha^;s}P~oR<p)tohGZ!xCPD|T=H&r`vrU75voQ)5h*zGJ=
z#Z{}lF|%z+kUSPA<4`#NXiML-a~4OP|Ln5e7E|-dHeuFt)i8k_PZ}Q^3*4MJ!_PxA
zZOPxFzZ?^oocXy*KFmm|XNlj;IOkKnSkJjRHox-xcn?qDJvyUXSn$t1oBe%<7yJD_
zu(e^!x+MvR82OJ~^*`o(=}6|*l^=TJeBaiyOz_M(bm-(Ev%MDiNB=tio^j1&Im=U)
zi>2OPVQX$?eJ)JXeYM^pHD&wjf6D6u_Bn3J;Y|E^G5Qf}K={WZ+wTi!w(PzvUNraq
zw-vhmvGvR-!L*r^=>QuuFrYS{;fS;WGc;UZFoPMwo&u~O#$+|WXJ7$-|8tCBfd>IE
z!2)Lj{UHK!!PfB5o}3tL4pucg*bYqJ33dk4N+A$BBg6vCUmRivkq@x~(~_aCU^+3>
F0|3-5#Ge2F

diff --git a/spreadsheet/macrofree/checklist.en.master.xlsx b/spreadsheet/macrofree/checklist.en.master.xlsx
index 36cb8a2108d725f23adeb229b68d82b3bc96aa9c..1e7dbef5416b9340946c05d9391bdd8e737ff7fb 100644
GIT binary patch
delta 418932
zcmY(qV?d|<_C1_6*|ss+wvDODHDRjB*42c`wl&$4ZQC_zvTZ-#`~1)E%>BITMZMV9
z{;a*$+NkRfanL3)l8QVe6ebuL7#!HEDMc(&7d+^P&N#7I1bplQF<>a)%Yxb8DR=0V
z_ESIjM<oiqPzZFl|CX-IS%b-SFy+kYO8R`IuIdHre#Ubv&8nO>bwmJ;1!L3HcV*<#
z#Vq(%*?ThWA2m2$DytT(x%thUN|&hFw!us|+1{``G+!dIpgwy1d4Q5|r7px!3&Z=`
zsV5Bavui2<f=HkcuOCRZ0V{gRhRkQDLFq_W?`8QS&bntp5w?-OzgQ!1REMJXLFQNv
zftv8bNbmKF0HvZ$nPO1Yjn(IO3O|J{bnGZ>uES*yhBK1igLM<KN@%&X%(^Y+lEYfu
zBs2>qZx9+%t}AE4TL`hb5@AVu<vHbT)LGyzSj>w~Bx$lu{2#G9uUClccWaLA{(otz
zMSvKB`A?!szRZFp$FIQA0#b3*FQ4pd(Pn2PlhYnx%%!h8etlW~{JBBK^JFPA-7Oys
zv!#YS)WAPsE-Lc*^pg&B3|K3AC=Bi78UYRls}_4~XwPCmdC&Eiw@0VuXYDokn#K;B
zg_R@a)?}b*<^25J*-5>?&7`*sXSaPxPS@a!%bWRqb!|Pt!{FzZB9KbVWzyQ|U|##j
zoMyq>Fk$7WvZ?AVCm$(PbL|{zat@Wtn#ig*{FLPF%Hnn<I5ROR^&!@-Z&bMa4~}ly
zNUyKHO%R7x@c55&;tsUqtLstWCBV{G8@tiX>$Z2?@XdSDu3zrt-IJMUC!5=4r}KrE
zVFz5pac)6rhxz?t1bCYr3H48PR3ms*3z^hB-q3RS<ojm(>5K5t+URzC`kBWsbnDnN
z$-=vPT^(C3I>XURsoI5X;U3Yd+i3fR_+Kw@WE*CvQfK1O-)rn2vz52%wMQ!qgRWxU
z)T2MX^nShhv;5}9KGb+LH?pnZPGyjMY#43>(6~LpGGOoumjm}j8(Z6UqgU7Wc|ykB
z;WDSxOpA$6z;W&RYEoxWu$7^$6~MFn49lamkFrp>RBFieBJZ@Y(!qLUz1X32dYtjh
zH}PT7#k}(L;R|Xb@|GZi7)n=_&#TkMlGo<50cz00TRH~n9IO8|ZsmPXR{xnFsxc9{
zw=;4;E?FL*1aLzuaYGK*rZeS4osR23L?IN726OX`#riBD)fg(v0)@cer!A9sL%EkZ
zbZu4pE}#EHCr#AEI1=>x0iRa@bMPsrDDhg--H9Y7bgtlmNE*SMuXFGS%MOJj;_Pbv
zU4A-;Z;w&h%ABuvwvZXic!ia4%j7}$Hb-MB`_>5GAizM-6x;EU8~+M3qGQwREm`<{
zWO4zy&CLE`kUxaNNAOYnE!ptliL~_nF7kRm{e>BL`zb!B`xd^gmX*1Xw2}SIgJPS+
zjT{!{;dsm-V`2p@AsxKU@dj+?&+cSDwt;`yt5Vtr-m6!`^((9Q>!>0UrpK^)gICuj
z_~YA589=x)-0FQly?vF&#+`7_nh1p$3D2%fnF4p+=!YF^@5=8#nFJkWNN>%XUSk)P
zLUNr>Y5KEYT@{L!PkG1BE;U*_X`+#LIL+My@H+Yt?etGFjDEPe6z4b{WF1cF&*pjw
z2A>`Bk0I;2r6}RdK|1=5iaNi$H?+MGoVT}K1_BE6PiLG&ThnBnqQ39gkFQKu&u&BK
z8;jzAbE)8L$(>@+Z}v>9*`(`1(*r&K?Z=maPXsN|wn97i+@L=r@9doKgpF20zk23>
zZJp)qvxAr&zEGs;t=oOMT;ijl;K_;r<HZ{~w~N{6l=KA%NNFG+Ukzh;oObTBZ_cB9
z0NV#YJnR(XP&_Rd@qL>gx6i!*>&<3EG>(WO+fTbdfi<717(2KP?mT+i-3+OTD}@{p
z_bO!gy{8}cuebBM#~s>Lj}w1hnCcB{o+*o(61#7iHd`>iHpkA6C@2Oafp_FjYPT?)
zp`D)(#{%fBChtb}KGMx+k8ehNJ3#Ikfa20s*lMce-ob44L(S%T=Fc<aCId#MiLQ+u
zQsuezBCf-$?cn)&dB5n1!v3N3$aB^CI_|3PjO`g>J6p-vAYv2=+~8ut<*=^GbATpn
zz((8^1J}LOAlBx?Ygwf_Y<3>sGn~QA&&F67>XWeJz&qHE@g1|qw~AE+YdRq;wXItC
zWSIUZDF~>(II@a+$rgq(whi44+k1Z7b}!Rc#s=?JZb9^_&<kaRyB~0Ov+YZV{hSyH
zXcJcN)Pxi-Z=c~mOjHxU8z31dGH`j1+HL-fS3<@C0{bhRnI4pE9lf-#eVV<hzr^gQ
zbR&GG0^TOYYcTvs_@0d0nN!yFZ+oD!GaVW+1drlE%6V)QnnFBYw9lACX4_Cx;jwFC
z$LhQ52XlxwKQNTeXWQET$*?uFNn1Gy@;+QWv6g6CPFNN-2ufF2tr~@OZR0DK8})k3
zmgrak&g=+Xm&{E*o$jtp-W1y79Yrcse<rc__U#gOMT~|enowJb&QB@G#bB9~6;B#t
zOXf8|Z^_N>n;7FFD@8sYBc{?yG5(I1lwxeg;_Syj454=k{oPun{IW|j5Wu%b>wfwk
zZZGvc`~vciXO)Ts%BrVJ%woiG!R_<2{_re6U~QPSiR-&6g&M|+N)B@`{<UTAyc#xG
zjMN7A+8qJ{t-}Y7^3Uqpg}&#f6Umljw<AS@spVXB{z9cTF>kG*Q!1^Jb7F4lzEIY_
z&}TFndkcq?VEAytboR+{o1{LSu^xf(Q_DTdT%0singLW;c1D(7boO$@AIMu>zj%>&
zf$I5w77Oj_%N+530RKp3`pG!>O3ESF5$aFLB%fY+tJ?Z0ebHgg^z-(bozKTR^w6_F
z&CAG`L7N|GXSOTa;z$QxyoeaTm$YG&yOH=3Jig(<@+3HsY}xZ{avyKQcgl`dDA?Z3
zBiU$jcFpz>UP`VL2gT^7f)(-h4Tj9t1GsS+GE1%}o@3#r@Vp&E+LTu@4j;XRBd$_q
zoG^Cg9FS51K4TY~g?`qemd9~B5p6OxM0bOMPWR)Ncv(EYiqR=^^ietN4%UAxiJ_}O
zb1qid(|Kx4AVKC1+-}uV{AK%rbGT){^;PSHF{_ZJBJL4slFN}RXJJ?KM}9UGFPkWP
zR|1~94W@fYZf;kA;3nmTk$CE2Qf!wvk1)LZ*~p}g;d;W#&z;tY!~H>b=5{;ecnmZ$
zNTol@@!V)^z!caxXH4+Uz>&8ZCzb-FqDxaJvzu3a9YtyTZ!rzJMJQJJi7v3bv6$_g
z7;!|*RPA|^QfX3Tt~gMlLU~-4q)B4exv?Rsd0tbxh?vvOddyOj`^H8cd5?#GMNr93
zIITE1*&67VY^Sk+*D|V%qSu!zBz>fA3SjAOr=&&%5V*iGLLQX6q3AJxzz1gYMOc4u
z0OXsi`rhoT+IGMG*l*`m4T~z?=i-EfZs1k)8bj#_7kcR9xiHfwFlC6D6yiz&Me=xp
zF`@kVcVdy#>qWXzi9j=!yqo_yv^?^1MGR27Dv|mbgJk<j&Z!t?&f!^g(8XjUR-I^1
z`fDE`fVLB1v1;K!i;=(*wl;PjS-hQB9H8^R7jtP7E#B5gclqbV_$0jX#81xLpvS;$
z-NZ-@zip^Es0`)aqr_Z`57*j#;Ug{jL*3^kf9{)((`aA16VI5vr9p#zwJ)fA?|Egq
zb|x39OkhwRe-)1BB!KA@0)ArzL~&y~Rd<hBkIIZ)PI>o=XM0z@52KI^D+=&l|M{B1
z#$02Hy&^iawS=|I=s+~dCHzSIv}2kCZKac!lsG)&bM-2!+yM;J04mk+%0g(sMZ9vK
zXtuZK`^C<C+jb7o^swLKG7UsGxiz&BIz+HaiF*HRoq)}4K<DPYC$<`JX8YLipeWj_
zX{PzSCh8O87dZ!G(#o)C&H1gFp$}Q;vw(K?dDzW_+~YzE#<5pszeY8G<yE?bAt`&t
z18oNCVBom^OO3XF<QD^7DHHfjg{q_sGs<$IOzx+m^o4!P?$kEEy{f74O}v=VbLo#O
zvh1n9b{LTZDV(q;%^k0R9k#)Gr!J=Kl@hdOZ_H+vQHXj*)zOhJhvc7F;F|sA$rp2s
zFk-?(gmIfgc*1<ms0V!bjS$<_sb(^1tc|G(pyIi!=Aec>eFohc#kLpAvRgWb^`yw=
z8mo5jY((UWIFIYw(Ec!3xjcC$B(-MB+%L2*ee+YfmhGoMPE6hdM*MzuN9clw>GnC?
z{uJ%jKInmAuVSLe4Ywyo(YJbY>18l#W@~@=_+D$ADzNrWITvK-yPkY&Q?bP6v38_`
zuaNopJH!b*%t=&uqQE=pgPl41$|l~mzknGU3UoLGjcY#X9|vMwhmRr-$ba!a5fotm
zv5j&9=^y;>hdcy0M1=&HTLx|%#SnT7&euzd5~C^Bz&e$=sMz%trDq%SHq}yq)n^VN
z({-hIbIsjfeQP$mmo^Ad8?D?;K+|DER(&8J2r1Ct)IRBvVgr3ZO}Kqw4Fg8@-PKrt
zt?tRuxdvxajbby?-EP$U3a$gKgahr#Aek^QzP%dmy%&h)jiaoGEgdx|CLA75JB%)@
z5W$0)#}oLs5Q1T*lTPKYl7c~nARdr9T6N5v0!55=sUm<ss$1x`RE|tExHh(umYOG#
zve2Shx){j_9xiDfA<8>AXT%bLC(kP-&DK~H6GgW_tlp|Pq62M+sO<y5M~DPmg|}k&
z#$isr%#H7~O((NUGf#fQUe<$9#Dw-Bmc6+g$KX#ej`+)>mN3&1pim+}p@4A&qz*uS
z{}B=lF^-y5GvQoWk?4&x@;o2H59vNQzWh|paBZTme7^ooI59}Uo?d@Ld{>}omzHyO
zd;I$+>0-cNLS_i3fgUC=j>1~pTU=arcy5X{0bgGJKhdJb)9qi<x_tIflhO2rc+Gxz
zQLZQYrRpLWSsdh;(3&*39cdvZHalkAJvMwB?3E?=g3!Z}0<D^{k{bKdCZEx4?w1IY
z{M;`#ofgRtFszB0@@$F0&;-$+HC~GHu(43Y0j81Yl<e5xZefIesD${sS+c`;x6VCX
zXkkYsd&qbQc}2oP<@uHXD@aUEJ*b?F8VPe}N+%11*i=W~BaMn~vb)Eqa~)OAT8_f8
z6LnRhhcwM+ajler>ki(r!Kt}=0pgOFL-m6_c5IK5jArPpadbOumX%R-?n^fQdkbny
zz)^*b-AX4XiONbRl~LakU&7q=qpUeGwhaUa+GRGPA_d-ff+3RPsGUJOml($8+dvn?
z4w5yh2;9N58MTGo@ohl=ZhPma(LXQKHYid?-4>McRg=WY)5n}wlWqkrgJswjpXIv^
zI{C6$(l!xyrQ<&#=<~P@u>G9w9?PUd1ip?u#%;WiUW*AoaSmGevH7!&OCAJQ!(s6|
zN*zcdTd2kjD1_)iHD^DNyF{w|P%BjZA47;OlaACm$&PSfo#<0Do7DhQ*;O~&P9_g{
z-PT4D6e=L=k$op)xc!Tpbg=&R=ynFqh;sR}xfI<+0T$S|5ruLpF$VzN)H+m*CPx+v
zzHZKn(?fMGiMbr>pz1cY!ub-D%FK#kumjRDK1<&fxhq1Qwj_-YU14xD!b~$?Je6Nv
zdmiKz<VrSdK`ytlMKzHbQ;svvqoH~2L`QSOND84K0KJjOzv<L7c8F-hv;@O^?3%FK
zJ<dK!uIrbN@Sdy<C1A@>>p)QdKVf7;BDdvFrnFV>mLkQFWbw`TDSC2F5~m-l)7~Vh
zR_tYO4d=BIq7+EMsD9{XXO8805mdaBuXzeRX(Xh5xFyZDOW*L-VRF&4bP$DYG%kIy
zY!AKfCa8?N%0T=5Gcl%%T;liH588%da-!*Edqw_0_QU~+-Tk{w1=vYg#jUu9?tEuP
ztIqLNLzg}BZjAaqRDW{~qN6h{2y+1$j)k?X`noA*&@56TYvP$d%ubvc=Gp>Hr(?Dm
z=iq#4fmO1H?JS8-%4i$v?g_IjJATHIcEA4GE+uvTC`Z%fs%*jp;i$ib`~m}94ra<<
z4VD;DblHL4tPQQB{emly&Nh&{=d!3G1GA?mDGfbKbRl4@%$LcHBo{(8aXoSO=|NJ3
zZ1w4e+lGPcbiPQ<UjUP#MH5Y#8S;gH!3|lCu}CT!Vp{t%FJD44dytkA?=1YMd{Z>T
zvqeW`#!b!GUwis9UDJ^2i`_tmTP~DqFlqHl6x=nBqYiNsd#YOyGTa{J%}+<J6u$4<
zJ5ms>0q9Hrg54x3M5~i51V5Gy)D2>UWgu}+BaY_}mHEgiaUSB_eXYp}zp4@%`>rv@
zQn~S|@=vK_zl`SfhBm(Jx%|cl+e<-9L{$ve4r?p0;GF=#%V1M$zLkq9K`u^-Z-T28
zJ##9LTlvBk6sZr+*M8<q%8f!cKT|L+R-X{x|IW#M1SeL_SAYXQE)$48L*yTGMkShY
zF=qA=Hm{JGd>}xEh5thUDV+X_q5uVYZlLpD{*mDbi8<4Yi&26m_$~oSfgfuLahh=j
zRN&;#EkCMMhR<Q{G7(8KOXKa;RLOe`ka5Oglsze|_4*o#6{F`>K-6XKrJeuzrBxJ~
zz2r;pT412bEsi|GSTqo^Cu-`kd!Vv6foZ_ID<FX4A6<D;_vTE$-ZL{Rc?3<Cz;uRc
z<FJ9HDiF?tp_IVJe5HonD%%yuk|rq&WPA|j3_u;hmS*}e_e+9_A->>)SisWO1l97E
zMl~8K2TLAWAg!$%3EXs>GbIr@5$D+fgdcD4?T>3b9g-mtE)Gmf6=WVx8BEK8xUT73
z5T{Vuk9hD*71!HzlWwT+k;4>aesi>y!b*5PMP0S?+Url{cEXD$O7<u@u2~ud%x$=8
zDY9S$u=h$Skw;#o{uf3#eL&O31Xc3}D2!q@P#BtU8wMJ9J!fZ|a4~22x@wyC&iXIZ
zY>K$3)()fhS5=wCXS>d2GN6&eA6xp4hA>UtmIGGCz)>dlcJsPQ=6Sm-HT^O!D;E8-
zuTYLS<Bd74yH-#@qRIk~i#siSWI^PAD8+I+;d<&Z$-u$ZF^fn8-eQdxw_JXsN9+c>
zR4OGG!7SR13Feo27X>$l&}iVXOz|(%7-;D+WOL&^i-wCp)sOo*Ck}rfU4=755cKGR
zphpMS1U-6g*u`m3X^l(qS83<1TjNjO06nEf=qzmC-Ttcu$$C40970tpsJtNQV)07t
z+J#@mtTe9e@5GRuZ-qiK<SfFDo;zlLgzLHBI}q3V9|qq6W!wG7Tn-w4*4#-Qro^1O
z74ig_7!=;>9fa_RUiPDE7ArF%5%!>LAK^+vCZn4e*;p-00^)yJ004DGjrG4t*_ym$
z*?6!{4oNvU^56q$Hwv_I^mZwv2=i8t6AqK_X<0+VF3K`I=Xp^wRzH3Id{y{}ZPQMd
zds|tW52Xpavm^2;e0QOxoW`c5e1*oK{Fp*Dxwtf*ImG7DCsOu#vVid0{8aK6M=Dd%
z&zkMk>$^GKwM|iV*uY|B<Erq6>wPu4`J36j{YtS^CLCj@nC^;7$`53-Go{UV^$F#H
zy6dWUYB=ktUDiMsCK$LfUU@{VgcO`f@_`_X8jiSGVQzRM(P1d#k8=3`0<v*{%=Q_T
z>^2BNs9Ycf^}ua(2!!4E@Xf{{c$79(Rn3P2mlcau#zM)-D(ujeebSdID}EA{47Q)U
zI4v4g^e<C1zBbLQMfyH83TJAtdRgk(CT43su2d`q{4ThaJbU8cW{f6++lj8&w#|5a
zeQnW!R2OcqHUQ_YgBjkYz4y1{Xc9`Bgh0n}$xSItkHe!@P2+R%yxc*Nq(rAxO>5x?
zf(n&*QD8?};tD&m@#!)3klU3S<lU{L6ce)7LGD5K4EB5SgMWYQU@Fd|;~n0Qj~K>#
zP_BQP1UM#y^b@lGMdqBam$Pf~SF<24S8;+6&b&I69Ir`i9R}Z*8*0=XqvCZ*XteXR
z*yRt6)81NiZVx=Y)!+nXfBZ;t`WC9}?Gu9{qwj9z#LQZ*G&`b)R{TWe_i;qBD5?lH
zV&K;_2yAO~HqM~Z#?9=2U8iff{EAO+XsPqqtQJUD!%l%dBJT!o;CVeA-Hk7F&1N@X
zLd-v=sLy=!3y*P=01bY(Apd_&ljKj)Hs|}eHfQ=J08RoQcREA{BV|9qF0-k9F(@En
zN+Qy`6^Cv2H$n2ig2<cDLWA|Mk6KkXi^JOO*Enm!E*@=ZEk@uLPE3sL3n&M58$@3;
zIv7x@ZM3Z5&Gp~mDp?Y20v?OPJdh$a|17!^P0P8|LQPL3F~Bh?YnF3~o$zl!{q~YG
z=BuEZ0r*l^dg~b)%_Af{PUb>SyN7BNT%B2*+z{e39ShUPI91%8TKrFxE^gnD>Ge+K
z515M1*#u9a=K{Ut_Z|3Ztiueu&!ylbmrp--+cwU6CrRL0Y%+p>Ri-AJ+vW}b#iMl1
z5!TG&`|7Of%Kz8r!4dV@x-k#i76JZ|epB!#t|N^&VuQa{hQYbv!5QO*ffL()E+0$t
z%BfGElnjM_t#E$ASXS5BdCq)*vUTCFn`F8DR(y8M_Nq-B!^xE}qJ)H{Z%QC<CLPS?
zR;02_x4*I9`aL{uS>JyQxmJqTLLoJS9bs=+mO{fcc{nYD>q($N+?Zfxq8Xq~CHm`r
zW)R71Tazhk|8YM^{kgsg2e_=kA!0tFITO=XI#sQBHNh7`&z|<a5>=z8T7^90I005w
z>Bm~=Zm#qct?|iqIv1aU?c=eqKD{392w--c3a604QB}s%5Ge-_pfCOhLwznIkMM^v
zS#)9q3QdGS+NaO&-FLe_@DOrNq0l%5HLXyQg5xJ$Shi!7*pFlKJDpoB@H(i$AC-UE
zC-o25C4ZDN{afPUq5+mCXH;KLKqZdL@qIw)@y?vT*YX5+G29VQFI5gI)z*~fQWvyQ
zpFVoc!9NwsQp!pOVjt@CKeTsj)YX>(J3DdbVQM&Ei_auW!ve%SQa!~$o0m9}Tuis4
zYR|5(jKf4kW2>2Bjzt;47BZ<SW;4;Us@Ls-bTi3Kl0q_hW3I_Y4XtluNRp^EOF=>9
zb9XvhKe(JSh8o*f<!e_n2y(|<|LQ>#N67M-LEQ2`CO{q|<un1XWBwRv)}S6mk1>;G
z1i95_<+Ji!&Cn^(^&;<bm^h_*Cb`y;J70XiL%LZ)U4rcx20N-qk~SHIWR2zPTl|5E
zHZli-wW(002Ye}(l)Ie9(|k;9`D*U_z0rbphX7wnGk*}XGOutuxxzC&>!lfr#@ubq
zwz%Le`!>!<t{Xgn>?1B@CW35gkkHI{m!Dx~eBkbY4$eImVn`cI{1+L%NLy2_$vaaZ
zWc<NFy9~xQT}{yL%!Rn|Ut%GDWfn#-B~lrA)nI&eH^4U$r?TCQm@B|IbKTw4sv2H2
z6K}pPSvp1W{`RWv)rHrNgYJ!<<!eJJ;1&$*NUm*YuzqTV$VqeG*b}dVe^_Aub6tco
zIWF=8{iLK<3a4lQ{RCtz*65(TMm$8ilm8iH29<L9P;}ULu`f`z73ok+vPD|0L>xwU
zNKuN@-RXxLC(@7mOh%!bKTjx3p!Q1SnPLB;MGwW;jXg%VrjblAiT*zi%p{L945NCo
zCa-n^;?0<dQb;B8WvDDc58J&?0rQ|+tuIC7SqH{pIIe17CCu@gl-R&&_zF&`SJLfl
z?EHL8-`-aDQxM5Q(a5De*<2}~9_9rE^mMF_@ekI7Ol2Y?Wg)Jl%xI8<R5IRIpWuk;
zmdK*x)rxm6NGn>^%`W97gfv0(ei<9J$$BKN^@w9*ZZJ*a5gl4xz0DX?Y+D)|bW;@)
z`X6r)^<9A+`(?ZQ)n$p1vNR(-d8oFApHN?(_cT1^E?n0aHRyJ)jX$xKDlbi|moyz8
z*^HD3ivo@!D!smhtaaCI2H{g9Gp}ps{R0f{AX;T!6dhr^;}4<C?)UvahDY;4=+X!g
zuuP&j#c!4QPgp%RG6Dy4=IT?Z1KABJzxMR-)T9FYfyCjnsS*-23i%TD%wdr}wgL&p
z|4XPmP67<;NxM87D4(NyvQH)bH>@UTXa~|AUlCf*ADO&g*&t@1!UXrc+Q95e4ggJ(
zeWCE%-y<5CE;(!^#-9!|+nVRuJQ*-bkq?Q=c`~Pt2rS_)jbStJJtmG!4ZgDgvFE5W
zG@QkY1!>S{pIz>5uquNaJ_SADm!QH$r0u5yJIq|S$!_heHrBYk_j9<_c)8q3hwE#`
zu!n^#Yw6X|1TCO>X(=k=O~UAMDswI2CcNcc3>-G>m9p@T?^)9-yoo8D5{g;Qzw|0m
z6w&!S4iThR_8QzCa^D>(aukfRmDe71=|%FtufrQ8P9fcQk1V#Wjg)@0S+wd#UY)GS
zDC;(@?o@BLMCP|<5(<rHpy33BHsG85RGe;i<&TdzeyW>oHgJ@-JTc2Ni_{lFl}@zZ
zs&#;u3bF`f593(hzTk)b>g<3t>ybxw9M(XjRAuJU@BG9TA1_l~Hdi=!kn<Vj(bhef
zvvs^1w^80Zu&??Z?oV*<nr{bh-?9xqXL+XPuZRR$JvVQ9zsh7*NlnFX(C~`1TsLa?
zso#gnWi9@Exx%%c#2+3N4j-2y&&~KG=Z$S>G*H5|Xl2(VW4<aGdNfDsW$(tQ`VR@F
zi)nyJ&^KP2Rtd-?NnU<F4p(DU_H#;*5f&qy-<4H7aW(ro^d^$y{+}7PyP)03DP0o1
z%;zfH(hr^k2W%7=a=JxPg|MmrPYc@V{?P&katt}Gd$?bo`4;9~3Kj;mHc3qeeHsLW
z2maf<h0KD&9<)0Dk|<DvUgnhyP?o88|DeFo<j9mLgx6fmuDiBAPBt`rb^qq`ylbF@
zU25jB6mESy9?d`@6nnc$;5`Dxm@n?qm4;fOVY~)`6ja(hRlR%*L*3L8@MEkE`@`qX
zIR!XgD^dZyGEco~1(a7+!}hOG3&JC^N%b=>E7`-n9_xY<3{0+vxl4u&Kpn#_k1G-Z
z<XQZ7+c2UBtzs6Rs9+3t67@f|u9!QlK4FM<rDEGAZNHsQxj8izF6u(KcS&g;dyY^j
z_ffomcZi*NIe*ptuQbGPhY+0W#}Oz)6CitFR%8aY!M8n>@B{MDmNDOSU0Dzl2F2X`
zhl<BW5vgc_l1zM6l!OSX`uu=YFLjyI1a?IkOP`N6_1yDo0-n6^#ND6Yg`HW)J-N(t
zBTOz9&3bX?ei~(6sAI3NN0-dZsOa#yL^2|xm|gq}=98j`z95+Uf?$60bLgJZQ_1LD
z`0IXCO9;ZOQE}WGt<dY?3eYZ8m;&5|Jy8*FTFg^Mq}ka~p(OcD5|(ysg?hr2FFJn8
zJ{l<4Cy=4Ko8m$nzEOD-a;X-)5J>9$Pi{8P)hB!|+JdcYOZ%PGXUoWV*)t@}p{x>`
z&e8f_3+0dl<nG79gP>T*-U~()#1jue*AUe~==XmI06hz&{97GvvRgt}Has?}&R*yZ
z)EBo!XD>`xf0nei(a>Gg1q+2z@b@eE!JU*ek++m+u&_{{q7z#`o1O2%#OpH<fj7l_
zF(?9_G~i|s-`-^Txfu@)b*s!e>?G2@-yZWSe85k7`2pC(Dr=sq@ou~zvMbTn6#NlO
zX6DpnYCpTurJ5rArK`y;|E|M)m#tD5r3PdMex1_F`w;j?ra9zH)dlqjk3j+iSCV`*
zsEJYBoB=g4BastNQS<uTM>{fx*iN>A=*Nhl0cNjtU^t=->IG7~DkCf4_LhWjaoWIl
za@0&XNA9ENsna{tnoZT$^~2w8&SV*_i;wu-gZ5s}OC*mn8$GKu<B+yx!R%*ljdfXB
z%tv9ku=8&;S!k6l!E-+tj*Kn?he$>zq+!|bi>j~b_G9ClC;XGqex_}EAgbwyhvpQ>
zY9l_0vQIiVVtdJUX*6m9mJ3Jew_!qZb$>0^2ep8ZyEm%PJB{j1(%S^NE2)^Yt{Pxw
z;&LYp0aC)-LoCO;sxQCAQCzd?`pQc?WUVAYdQVTq%vt>f20EF6i4hb3Kq=!PLEgsS
zF0s0y&yBCBMH8tgvN&KNuxKEXO7=}VO8_(|5)PsPKu#qWEHKcWOg-21kdr!B=A_|7
zV`l?Vh?b<&n)Tu`Kt=@C5=P?V-m-1a)@m{!mio}Lo{i?M@-LCpzrgDoyk{OBEb>Q!
z%`WlwW)mTK5HQ;x#2;%X|4P5pIEZbES9KPLt|8#Z%FPxYTQUyb!f>UYxZMKGu#HXm
z)#UJzFO2L{z<lfT{q%GG!?Dh#SX;FL@NiuJ@=g70=L-izX|xs<H)i3v=*A;$Vm4n?
zma`>eA_<5iv&D9cGO`npIg@2rQ0v*Xd*w&2C?I4lW!<w$%em`RVGuv=H4A*HnKUgN
z32!lgg8E27nH%WxUm5^FbLtq5km@tTxN49^M3z;DKmOt;B;z?U;dMoJG^Vv6xN&NX
zT=@C-0o$>_EY?C*#g@k7(nz1do?zI3rVA}nb;>k4n!%ynh7J*8LuF-JKckaDAlvVf
z%Y2V%Z6W^uq<Iq5agK){otu}p;2arSYDIks3$zUJPMACcFud=6Q1|;Gf%Th`V@t}8
zX~c)MOxFFA-+whPp!`~Z@@w(m{JQ=pzmbzs*k5wC+D4hyWT8JRmoIANmFk&U(d}#3
zZOuVj=zC)-+GW(OF<s78)sJ&AMWG=o%;sOd$gkbTnwO^gbG8D;?ZE)&!>rum*Im#)
zo}TwMK1${1haO>KGwTIy4w8o(y=lZy+Qclr5<$FWZF)hFg%J*tQ|1K(4N9Wb4t@OP
zHmb96?U7Qr)0ZQzIgA9b*;~&nzd=bR$o<QmV8W^%zRIf|mKgPlI?yL(Ax^=DDd*4R
z<KYdbF9N8&cAV9O;AjSyin-ynh+`3?wCtJqVkrI*W`!W8eO6C7Ot_vsjwCJ{28+GY
zrdviNhk|~+@n^Z>3b)cdYYe`9THdJqV`cdI+Ptb#IQ&lb{ezV~T&l0dnpD#H&W7UB
z`B7t{vmly;LgQ-moCtvxCS(ib^@-8I*4ShUJ>dVDdx*;fe<bm5{e^!GXu5i%YQ6&1
zUkX<ugEGuPZ(WI=2Yr_=ydHy**$2zo-$IRxig*tUw_jxoOudmv;LfWs2V4MV&4aSR
zKKeCHkJqU!WBq#T)RB_?=kqbJ(5usu{3Gz88gDO9s|z4(WI3Ke4w<A612kXn?bSJP
zR3MD&-y&~oPF|5~+v0W5GOkG#E&TbBuQMo(vn)mhCT_j4#|5&+9vG1!OvSZGb~FB^
zBDta&PVaFUP9PP*B!^tfdk}BAbDhjxofZhAY!*Kj9v=;~o*GJ-|GsM3;`jM#rrkvY
zU(-%q1o~lx-6i#+K1*eeK}Xu5F72JOqWtzpl2rlZ@ulLpd8h`;_@W53Wn*63+T}BU
zjEA;em_Ra0d=)DZ;7zDoCXwTBOE4}Cu88_=uUe~QYlIS_R8+ji%cGd>p3co{NOtFi
z^P81Fc(gdV@JZ^TO|^QoBzs2Qi~EsUZn(SY@+D}5`iAK$u>0Z?4*p2Xv`%Ar86`YQ
zuDe&K8V9$x8#}p`YFF#Gf)-6Uh~42qhEmY~e_ss@&qywa*15mO)wzQ{`wJE1=8#;=
z9R-7nkd{0}HM*@Grh(PTTv44mU&oT%#VX;#v;S9xW3Y1Pg%68eTQfLn{)(C})YsiE
z9w!6fe)*arX>2HM_fM^z&WWum{4q`q6t@1KX}>%F`uHVwJyC^LRV=NqA0jQ6NK_?v
z*?0x`3I+jZDEd@fx^HKo4QOVwPf@6zhq!3EPG3LBp%&a0kEZqPU{HLr{RrDY*Py6-
zu8@g8udP=9LAYV2!p-+(;=}f27Y4S#?Q_Lbu`c8ZG-B}ijg-CECV`o&2{K6l*i>0n
z+Rzp_J#LO|bk?eSxe?euWJivhlhMhRkq_hrR_<Olo$&1168Dcqid#CSFEL)m`#ttV
z`FFXB2NM*W3en4n{BO4VVLw0u{*6i!9)xLoC77Pg4Cm8er@mMBtqnE);$-Y&g^$PN
zCQRfr;Za3)SSsP=Z(qpC>d}c%Pj*{!{lTnK1mW1U(EUJGOF0%wWx~)BPgI3TWYJ^_
zVvZ9aCEFR37f(g~-SHxvHT2#B5%vWa4Qd`D=YR7j(HNr`Y|^Hm*nS8L&fAYV+|P4%
ze_RC#Fw$Zu+B)s7a7?qgM&9T6dIM<_?pO4i*E;FGA5z0!tyRS{bKn4EuK4KPjq3Iq
z!!aXVKt*DlmW!cpf=mG&&FO&M#_*RTcDrOI^+BU<(YESxpn{-@)9~v`rCl29PdD<{
zrjPWA(}yjqG3q0$3fZz0zg?8Y2~LYK0`v7*w3I=gM6584!C_4DfstU;l=A2^Vz#<C
z_dPj{MQL<JvM9Umgdl*8APje9gv}f3FwHCi|6XkN{c}>Wnb|MrSWDDR;U>z>Yy>Xk
zP+Ev5vT1qQivzq|ONhtptN!2Rs=h5JZ);?#k>qnz(LM`z<ICTrUzWTp&ZaauF;Nof
zbO_!GmI%4DI<O7vif0)8PojzfAo^syRE!vVLE<Km(sKc7003V{!9Bimp+|)?2b!X>
zR>+AJ%cx;64yb0sIp}U}xX>sXcA^2Z(q4%&(iAjH6-VL!^{@IlcoJtQA7#&q{39Xp
z$!U=|B*1n8x*K<<U#^aRdoqyRPkOg&nW04cOt(Ozfk*DV0}s=1vV8_e^R-7&y@=(S
z<`)ux6GOw{Q%<FFk=$m*#5el-;|0SCy&~c^Dl{bRcHNrV9aW<6-JhlV6KS#{0$j1>
z(ic6R$=R6ei=N-)CvW~JWN6z<Es4)V?(|D(y#>_#26v{tHVSj~bM%dK&AArh%Oe@q
z`JjR&DpCyB!>EpBgy#ks?IDm=qx~}jo*7*h*z@{|ou;&>3|>n97t-NA0UA)<RGLs4
z)ecM2kuhm!il~?>9d_#p1AJ8p*%LKg&r31bORXeEtc14vVxJP%t$Z4wik`*EY4oe1
zC)xbCbHNafCBsFKOL21s!o?=E`@ulhP%M(HA|SP{os)QmV<*MKjkCxF^1l0_A}wX5
zFNq$p@qgeoQtUBd&S0GkHz6Jupb3wVmj|cE|5sp~0TPhiRFaUOz_i7o3a%N|My5cA
zO~iA|RT1{$O|PDAdj3DySAOzVNXYq5tYJ^6g9pN9g6qrQs8(>3B3XG0g?`gItE4}^
zQ~8nu$xQ(u$@LZe_|0BKAm0b_mMDd&m+93%5{VLMNl+y`HbX*2>2RE0r_6~pjDO6V
z6(%KL(@xAxEm_lugkJr{>USelRiP$I)hrNJ;X-maP!&kW)jKTM%TR<3bgPo~1Oh{D
zl<06Zkp$!mS651xbVCIU#kM3Zh@pYO-&vxfR}PCputl0V*7a(7IGCCf3{;=kAfZPZ
zi+;R;PT&aEp-qSH4rKPaF@Fi}zWkI`0q>!0U`~Czst>3gt-~G5h|Nj-1L?n(g}`iI
zOKB{N-#z#-nEhj1LO=5TYQzd2&Opy6@Dba;GW<azVCl4*YWY+HsCE#MfGYTI2{D@~
zAUK+6u*_<LvdLH@4TM_-1j3-$uJMpnr(A7?r$LCq%&a5c5V3i&iX)7u6iEe&j%a)G
z@x^(t1Z64l0{Sv|+Ni`g{6%6H%!UmkU5j7$72DIa-gWfr0|g{qE2`{oe`)TuzscG*
zKKAt`d%0|o0M?JdLT4#9HFLV6fu&2#+i^fgqtd{F?Gc`9`>^VdIoB7_`AAqd-uHE3
z>-5Tsvh=cjp!VHY0Q|JOt*&y;r`&Ek@t0m|fzl)*|6B!eCaQ!oUUhooE%?1$YOyu;
zifl#@-UVLZ7+)=iv8wGp<9@C;(!+P0pHj9OeqnGbpyfaC|L%kQUrEtK?Pbxxv1|yJ
z)HCeRPeQ>+oGIK>8u2c(>=(lystgF|suQkP7HE3!TD}$NauW}itT9L5;z*|?IfBKM
z%D*n2hksVIZxFCs`v7hedXzHLV-597izlko{LC)eKR6BZ1EG4>`eByT9yg-g@1hCO
z$rD$`Z@_=3NNlAj0~V;6BdkzhwcA~>Fg#1UBDmeP(pnz#t^lLDfQ9-lte8J^x5L4g
z5=3`>!eQo34N+L1il>psrA7Tg1>#?<q(LC@2gFK$K&&LrNlqJSB?0DNE$L9@lFCBy
z6Ri>uRB}EhrPrxYRx5(R0|O$wyT$Vg976?Bmt4?}U@Ga2?zfR_T1^lACM+F2Sd#QW
z8)ISxvSjs%-jdu@zpV5Mlj(7s-Y0(%1e-vD1f%tO+=JXHBz{+uq~D<mc{7Ygv6;_f
z@`SW~^s6c9oj7?=PJhP&_Us`>#CmZ?pmqS3TjS6f-4-ZRouIoPY=fh?K~+6U<S+1E
zO=xMGShzB0FY8^JF@!%}-D@GE8DiR{ECL%!I7I&<fnFLH?DcV$0aqoSS0|@FHg$#_
z;PUb<XIevTZ3tE*FWN%yzfsVigQ}L&Oz`oC$I{q((6~5r++z2lrbu%@F6dG(`U$%~
zp!Nqe!UqEAFx^KU-HfGBo!zb_-pccJCpCPpOR{ns%@=OXZ%towWhdX|m14OGIs$%m
z-)1H!!E(ZDz5Cn|dTL_fu_>Q5bs;Way(~W>HUs_&8R4mL>NMzd;rf<pXTiwft6v5j
znc>>{CQK&T6R)1=L`wdpaMgl@62L18v+OJAt$JMPX+uvnz#vxW?z4V3BpjoF)$@@E
zY?XeFEZbqPnSHOjlQW>~{tVHMCfMrrHJ_#)AQbGaN$_-Lxwc0r$Z~uWoT}xm`@k4b
z%24)^F)aPoXKFz9cJ`Pi=gX+5@lOH)B#IIWSN70wbduDNcon5a$(}gINg&mF6p<$;
zBx7lSS&Ho6wkA9lWNSA6V{066c{LM6pmSIpe}4Ra^=w@sT>7l|`BN1Kui4;rn~Y0U
zlOmnyl?~p7oSTW2r-Pq0{~)LOZcD)7pM#-7$W3io2oU-6NXCiqzJH{ZJ3#SWB&>UV
zE$-m{lMW~zL(X-k`y8XluVo}STLJd|1dquR=2g!9_#Qun&yfeNu7%ZTn2`cFE}MJZ
z$qCI@rldLcxzc&Fdev8A*;&|0^S6-xBFs-frVY(NtxXh!upy040pD7@nxyNl?P$+C
z&hK}!be$Y2C^6o`K0T-qS85E8O9NZs+@&L{w`iV0w{P>uazCr7RnOS;c_j|=g|~PX
zWiQf%Lx|!nR%Y5oSF-I#w3@${$rXvYG?w3&*>(CDzam~O`EQ&(43vUyW2;$IHO4EC
z{0Ex755|_F>Dh~~r{l$==go5hQiIj&@Di@$r{1Sc%H9qrZrXD`M&rGyIsj5KA?$3d
zqc1$pI%yts*KC94-q@03uDz=`qDKYI4mF$-{dj+crsi7=4@KKgo&b>0tc2u1H7LfI
z$9M_R$l`-X!9i@4D_?14`g7oFeXGjpPAq5@(w_V?8~xC;N!HZRa8)CPcInaUXvIp8
zg-OittMeJGbqOHZ88-Zcts!<a@V(>w0=i^EeT?NtsbF#b+4q_nPn3Vq6}BGW=<7+h
zP3?BdWI~uH7agPG88Vi+tV61e$>;CU@zTjt{Vl1`molD{xyEM&POo?d^6#?69!bqJ
zFj>P>rF#GzXWncx0Nn^r)mkhbZlp2USRCM8EC_2T5R2gK><q5;nu$0x&@v~F<omjt
zBpb7gne&k!JBc4#gF7Fw^d?6tTq$AjNMI^=te1`tW#qBU>Rwz!4jo-Bu5gwwfOufc
ziE>CnDT$p1v!|8_oGBtwCO}U1AC~{`5$HH6ovgbo9XyESXH@Vbh<~P%0_3^g(`Gz9
zC`p@qY#N$YaD`?_BVCSC6|!rWr{C7hnq+kl4*2tETPKt340T;?r1wy|$>@=Ce=Nm!
zMra2A=Vj-}60R5flW6KpaBH8mfS_W#aI7}3@?^HjapDF&827sr$BG7zx1n2^1!|wx
z)o-eTcFYj2Fjo)v6dS;^19#}2ukW1nR@=D5=P&%cN`a#5I%FE@whuz>@if{Uf&Dng
z@9j_TS<AKWm%;`w$wYit!jmVR(2Q@-056c<4Xk#KpL7a;+QS`lMIC+zd~a9zblU~a
zq)~>N+-3Bh3!4Q4_GYfI;+`U&OL`#&hkcmg{bs&+d*wWl%mM#9DYT0geagOwdm^D<
zYHEZn$UF4#Lal_t%W#x7Bn>ody?phs{XAJJERJU6L197ll6VHy#$&`*E?<Fp3~P-P
znLjCftC6YG<YEdtR0f?0ry3v~zfglu2C}2}VNxNEZ!OG8s`$C@@15G9LxIV%XlZCw
zi`io!-hb#~&$9LX()E2Zi74Xh_qjFGPQQ?roXSy;z3>oGZu`AuouMsKxK!)b(Bx;4
zI5yW+Bvo*<|Jm@h#(q+8Rd-o%G%TCd6@R$j_YElvv4H~IWmHP81sNL&xBjJFT3mb>
zk!<`2=zJ{)&mOXmauE1e^CVbzDgcGV#s^a~K~THAiK&CKE1<W~dy;xjNu?Y@?;$2O
zJj-zkL*zNsHs+*_P6Zz@6R47kO3y;D39Whcw*?DI7M07oh?66xU*d5m^S|pJr9?v6
ztw>hfc(G*k7v=4hCay`mw{O;r^gPOdTK@?uY$1;92<6PE1;9G7t7mb)g~hw|q(9iR
z0x}Hj$Yf}cR_+)M$!&2<i*r@;Rak>}zV=nH47p^r?pNj9{v3|VZylkC3t9uRuT1o4
zc}k*_VZ+*?sC+3Pk|mem1r))=>qYfPw?#R3H}U2a5^1qLB3f;G{3#>MRnf(r>?!<m
zf0O<{&Sd=OniPynh5*w*jX(lKnnnqwg|J<4i|h5;J@*guu!Ah*JtBz5-jBTRTk*<b
z1i*y%b!=;3STT)EU?hQdU<cW;a@t$I$Ei_}Pq^IiuX^Q@21}Hh<$@(LctU#OJS8I(
zh$t+S+<z#rPdwo|;fiFr!Q@t~-Rh`yV8oAO(7a2mH1bE_8qc*kVwykuq@q4{u)%<N
zZ7R_vhhNqoDMpEUj=uz04Y1(<EC~HrQjiPMOfh;(6l}H1*I~llwe&I7i88NPvE!9V
zmzD6^yc;X2V#yfv^{`A$-*tKoUUOafP~Q!C6c5CedHvY)Y{;OC>WMTM+<v7)qJCt1
zHE^}aN-2q>sK!W{xmeQqkh~fzLTAcr%P{<4M`9@HuO3U9rTHiy0E^n!u|Tl%bV&CI
zUj1;gcXaURRRtEy-=KD-J{5{2TGEx}1G{iQ)*AI#sLD5l|KU`B4DY8RC~!qk;Jt+8
zmLz+i^4e3$OSo4I^+a?F0o$-m<cKEOX~m@FoHvM;Qan|niy5;pijS--a72GpY1~^#
z*eAz{-xo&(9=B>X4>JkHH1ksf^I8sZ0gZxnIQim^AU+kF0tWmtJJDda=)wbC+WjgX
zRhy_GFpWTSimCpudN3zMduGN%<jhLiJ4+3xUwC8OB0x(uuD>J+F;6-!<t#f610qQk
zG|`QDMr;Z-MHL&Bj*SZhGWE^^J>`DD>WCCfs%7f&X;TBfZ0=jHXE!94jEZTOh0e70
zcPJ1JIV4F%d6iSmsGeTZYar((Bm$|$;L?ja>}uymz4xHMPQ;}i*V+uMVW#N>n~z8Z
zT9N;az(hJf^ujRE=Z}M|DikORcT`cYZc~3s|Eqa;C6YiyOI=_(2sP3EKrC?~5~C|F
z(!@OF!@guO<@euCDE1MFlps=;R;Pqdxc&r*Eaq_me5h3m(wWcH-&itbsD)838<W$o
z6S<(omhI~4l1;&R^q2IP9=qecuMM1x8*9?W&UHllYba8LWIm$nt9=v$)y83h-cOVn
zngc+RcEhz%hewuV#3fcpPq(wfGkip*IE5xb`1ZRdjVw(4nK7(Nq$YLP)%1(Tm%*#D
zigih;Ab17i@Na6wUy9Fxx5wV`(qX>zma?|lzM&Tc(Oc>{<J&f|0eYpW?y-EjFpQDM
zQ2mI{ih0_zw4<Qk_fw;haeeQQ6iDLP4FVi15x<4w-Y}U=HOT}zm<P*R_R(qB`2XJ>
zfILnSOsHa>e3)Xf(YAdUdiu@g98^90Zun+`Rcytdkq`|D4NV}&*76$!<7<A&Vm(wk
ze@%xSOIbI?WAPkS0l&7}Pv1HM(|46Zk_yBQlAAMg8Z~f3$@C|fU9E|RM8JGcRfb|c
zmmc?M$7lm(K+b3?78Eo(E=ZEU6a6Nj%Bw>Q-L}sj{iz_**dX(TQE3$q!#1I%8AH0k
z)Mf@V_cz?%1RHV75TNO+5&YxWTobtRP)?}pBy+truYw%(Wi7fm@N%_wAmGJK;8=)7
z?hJiZ6E8FYElqXKr`giuh5d=~LjuuE3)X%i{;Kq<A(Gt+m1nI$PO9_xrDEa2kxt^A
z9r^f+;Zc;2j$5DT8Iy`(kt1g&Bdm*|0{BD^U_)xq5kU%N83q;L_*RM@K`SyH`R9t?
z_D>->&KR;O@9xcZ3YAF`D{UjhycXLaS3beWt~3+yf7hkqwgF8q(^SnbpmD^3l*8lm
zROH2}WTU8}NcBWx!u?mruLr)*xht;?o(Y9MJPqAGE^{Q|-&_r`!>$XbD_&FUbb8rL
zQRVK7q9FQnYMg<8LP1!|28Hr!Pmypzf)@C$gIOY{geb?$O1sx*vN=hK?_qodxEs*U
zbcKl0Zj$`<SujZCFVe}BFY4U`#;B4H=e?vo$*7pdXM<%INx!>;3%}nHCBQQgluABd
z7itpU@i|!)S}0cV`C_8dQ3uD+FrqbotYa?kZTA-YlSj$ltqHkygN!M|T%O&qAh&uR
zM8A15QORVn_Yf1f3%pdXXWtFFe3zDd!O1?RtSCIgwk~#~VQ+hl4KFi~Wb5{aKkRTg
zi@4n>8j&U6{oJx&4(ZXiEJ0>hE&@h0B9KOonv;=z^SZ0uY)^U#sR`%I6fK=NrpKJQ
z%y#_Cg6$YVZvveg)luot^ZP~bszU_A2%IL|{{$D9k!%x1_<j(F01i^zzI;pwpAc?Q
za*@ZpM{F0VT7|@()uefY9$kF_9WyPg8)Q|TC8hF2Y}qU-B-zg!&KaAsv#+eze44%<
zg&DibMTOE8m=ooyAnJz{(b&L7^aJ%Apc|chx)<+}$KyRcT4vC?jx;7y3fawRuPJJ*
z4)~Q(ON&f|?YJo!l`d6d{WceJb@g|pOR6Fel1yS4mkio|2Z?A*2|?v~Kcj|RL5JB`
zpRPkmX@r;_Mt|1syG3smV8+sj3A%yxqr+GUUeGv);{jf1_)}h;3U?&gh<@Wt)wk6h
zjVv!br=dUh{4z?S>-c#rUI4J=lM8Pq8wdtO?L*AamqB!ceevyV<DNusg`JmTJhEr)
z3ma5>0DZ$Y9j5Py$Cr_xybMnW1l^^)8G}ai^|(oY)U%~)X-&VP1~9JP;i9Z26p$&4
zovpBM;*DAk(B}RNR@zA9H-pKPHy~Jj$LhxhWL$#|0Rvxg5A^v^+Iu_qC$y0aM0!XC
zXh@#Jxs6@TOkym84lm1!Mw0$;PPkzrt!mCjj%S48*HHZ5)9^|ac<w4uLYxK}N2t+e
zhoCLgpt|-`!gXL&G-P-TH>^1rnSc5Dlf%)EN~7G;SaVq9@Mebh{%svvwW0KgFR!>%
z$DlO@@ZbMegU%KG^7;_>#Rr4}RC512Kh#axa#htc4FGzi^ROxh7k&_CnTS#@T;J1=
zIMNZ>bu}+ZA=~P~N~xC{G}^Z6+`tO8qJjQ>^z2jf^|!2XP+y7aTNxqgjkku$Iaa{(
z2U^PWpbm;A6J=uXtJ;?CxpgYqauhKL;Kkv#qCfnAzOyQNjpjNaBfZp7*ss7MSi|P_
ziny9BtpW8R>NjXtYD+NDbw7u9(7jUg>j!QkXP^2Pq=f5pzsBM&GHNJf&iWqXi=a4<
zi%2$qy98fC?pM+XO%4-{KYo9i+zyu0Cxp4gE(hcqbjdAI*3q*xSZCZqvrsf*615q~
z68h4J^a!ju-;Y&&m)Cn0%Y4MCYFp%#X)!zygmLf^9=}hh7g59$Do_Edh@T=Y<l9tM
ze6?!cid=3FeZ9;M9bE<#cg}uuugt54lG+V^7M|8J@)nq5L-_jEjM_SA{usShUl2gy
z#aT*}=J&4Hp_i@i(_2Q~-qKL1<>ldZt?zp4Epa()pbF*UV}(8v(f!F}uiI@4ssp3Q
zV-Eo+6hbH1fGnm3^<cn%|6lXW%P5AHyyGXWKLXd8pooim*9K(Z{_!uiHT(@V-!&XC
z^j#*r0?pi}*|n2uO{8hb0k)2PZF1yns}E~gJ~Zy7%T7g&{s_+`S9y?E{~uFd8CGT2
zb*prDNOy<`NOy;HceiwR+|u3M0@B?L(z)qwB&8AQI$NLb)pK3^f*;H^V~jE9id)S^
zEKUVw?omqc3T0<$P>p1;lnC4(ZojpJ1y6M>#BeYnLTHNjmme%`0R)+kjf`8$Pp5dB
zPU9T?_ggK#Q*c}^=y<E9>a9rg7Che^I<RHV=GEm7ze^LDb2>ftT@oh4lA94vKqfD`
zj!!S5b}XWpxyBOIU}HP}MWgBdc_HEG+jwCVa2i@u`Cl8n+X^#!x5a^`{Z<u1AuS`E
zM&KKA`A@)#E9vY@35J|Wh>9KT0bE9Li_fKu?gFXTW5JJLSDouv&7mismW0%DcCT{r
zqsVTguHr}kcELA~(R2D=M8K8u3m2R`kX`v&ac{Po`hB`;kvwjPZO7{-phla17CbpJ
zo(VM9EzfPW+4xv>$2{c?W$SZrP=1GRdTUK{^NXK^igFIuy@geT{kVmX{O;M^!!u-v
zW~bR_zgoXXQ9tMAodtQZ({=B~n$w{qu=>0k40yOcmYqu5c@v>8BzVcGy<Sh4mSX_i
zB#Sz}LQ?hb613M=>OHN@g_;sBzHUer8IEGj5HM&Ya0ojej}&XkVm5@8tx_@0=y{Vw
zko$MXO6*q1G5<E+kpk?mz#>XU&K}I{**yL&Ida~ujgzg_5*RP7#FhkHBm||6iwe_;
z^0RoaD>1f&H<@&n<$P^5aONz9NS1QB0tq4Vwm?5b=@a;Lamq@Unw7WP&w<X4Hi2UY
zSO11MTpU*ZrcxR`-0I5rxe=3{yK~Qw)l6Ttf7(x!9Zofk8cTT{ua~OT`?VPkFsg8f
z61k!JMyaBJTa`iOL~yHe_F2E!x7f;qw{h0tJLeTM4mE%M$MgdFYo8owxl_u@^T%(y
z;=rTumB_#T<iaY}m$vh(Zzy;`(?yGo7_A>j!=_m18A)ml*Mt1A++2AZ<wQtWMwy#^
zNzyvVwy|`3sxXn($&wrptv2_>?-#f*LjGi$4DS*$*PSsH#rwTRm<&9GaSvArb<9?J
zt0X6;=@T{fQKZ;UTs?w!JOz-os@kvH(l_W?eK8$lBJ*8OZ~D1G?DImtm#^X#Pmi$1
z`AZ{lNU~(#<oxy6M4BBB?|BF32&6Ig+M6Vye?fVz#3haA|JAZCLg+1?4OVizq5~6^
zE<7vM6FMi=(<}Klg;F{-AvG-*rA~7l7v<Kem)9~Cz-Mnj?s*|H!~DSxl7@?wkSpnk
z_MmT&#ZG4XTf(pB^aBsx(!sFhwBc7wzF1J2#5Jrjf~|eV$&@{YevC>hi1~}rQKf#=
z)vpchXCOG<JIsuH;uc90f}n0#f>zwK`j|RY>_aQkY_zc~IcP|-GR$=LGrh$`qsSk3
zw~>ySD}vP;$QOtpk(70jWbEhUdWc=89p0koxFZ-^Vru)sTDunNNC+=koLKT9D(EZF
zochDvn%aPTM<$o3AZ$OFJ`I{>?^bavZwNJ&!YJjz0<F2S=3E_f5l*J~3;h3?16e4P
z_uCx5A67%@U~|5)=EB1Nka-^z_j*=Kg97M(Tk2TxgF6fQW@g#jJh$9p2Ig0m)T$G$
zF9qYI=FFK*i_O!tZDdKxNgesb?&{7Xj~%2NW4W7`uAGD_2_$vVWTpb223NZlld0*h
zI7rl>%DW@E3C_8BHCgQHTciC76%zpi-B+lkrIJJ8?N4)YjzsX$#izv|qM!$X=AXa;
zcuDq@^%7HK$_?dsSaoK4se$xzgdsvi8nloEVPh--6m<MOvWTnoeX{TJe;^UUzKxwV
z!-X2G$`vBdzxJcpTHcU~c0Sv)JsY*DVRSRg{HnsYd?VvksXjhCtC~dzFM9Ny138yF
zK^mpsb0XYk`;*0l8}l0E36;NS@huQaY>tW%l|-_&oyJjE^YIs|Iw?^MC{Q%;p31?z
zbdnX4i}KQ%#xRbc8OgFycvwwABs~r;scW+k+E(j(VbYXyuxJ1)lVu$u`P70!cdX(=
zY^Z%fY$!L+q+&Zv+)<(ELX~&UIy_V?Og)T;&$J`QE!40^TV_zh6b#kNd<7tAaIL|J
zuCJXpt?Rj<pyKeNIb>bk@ymsNE#?(AT^QNm2CRy)>4#hQy(kNM1=&+bW}@QBWK#3O
z!Tiev-q2cBv&wD6J+a);c;0XgVy;FSM~U0CxV9B2b_i@b>TX%-)q3Xi@z0jAUqo$O
zg}&V5$73*Ck|>~8?l|6K_E7<5Cgc#jbW=_`tx8BCGl6G1lzBz*pm=XfhJL5U2ZlW~
zilg4l8Z9($-pc`294G3g?bK+l7wvGNX~whK6fN|hw)Nyt7mq|(WM^n%L#S8A288NV
zt~uc<-jhC^t|YA#$pjqh6DvmXZki7f^qG|sUOWj=gpCh&Zc!DUCBA^W+Nijm@T(n)
zi<Y9RLG8Jqvz8yDj2`-IY@%=A#?tl|nd_p-GlZxdX+=@)9WN0PRWtti{<;UBl1ni|
z_dMu|O_auDwi9=rbqW55K=CXb9`w4FY7OrB5A^3U0k~21_{{GqKcVd_BUI8QsF)To
zeQdjd*mMP8C<6)mYi$0BS3*?M*UdjkU{?!Yniv635EEi9^#$HSG`+0_?lEzfJnIAF
zHCKdaaxEvEk2(7&Q8pQij|zcb22Qg@ScaPT3?4Bu#>Zk1L#Twl2)U5>NiRiDQeVE1
zuBMvfG{`OvDgBTpUs~<lxB;<Jx>(aojIOf54sg-Rf7sU3CU{2wWiQ(h8LV1P=u)8j
zk%sfp*7l=4dpQGf)NxN9p+p`!UDPKT<Edhl<7`-8fYs+}9He`dtmGkUu@@N(`F`bX
zj<uVIuW!X^WX@K!rTN!jvxy?)qp`)sx)vuMJ+`~cL8FWgoe1wLsaIMP$pb8*2QRbH
za{%847f^Ij+^Zb2!u2MVV5l7T`F`(OuOm!g_J)6Fp+cm$Ny);Q$MPo9Enc4&fpAf~
zvl7dyytpyss@42x|6`*JotX(kdLjC@j{P3IVI3_p*LE63-9haBTMjh@3kZS@xneVz
z{{tg09^`2d*h9Cj_xK}t%$6G~K$tz%hMYXw#225EVOnwa85iA)x(44>?~JO`kzQ`d
z7MW|(oCWeH<x3pQ9D}zXsTbOH)3Iu8ui}7>W~qE{-PQ2m7s{J2n7xe|NcrK3vzkp;
z;P)ryJIi<~TW=3s&cCj1xGd|9hBauxg^*9#4D2`bFFf!lKxLr|_@O!|0bkBWF+8gB
z!inz1g*M8Jv3YJkfh+CU%f<iGzP~0v-6|IgAF;un1ba+JEc6GrR9ta}2tJ8w&e1i}
zbDcryD2M~<YIF(36O{kKL4Lq59xxnyKUh#W2g8BAb9!*ducDOUl2?N$gvq>Y^G|Cc
zs;>%^ZEtG0lQjV53hH8$P8fzYH%JJ=lsi#sMP|%u9e283ogx)D!CVZIpS1Tl<OAW}
z=NDrHGa8}kt7xCN`Ezaj#${kS{kA3U#$q%u_FrH6vl@qCn$ky`JO0d>P~wm{hga?U
zTPU;rG+wE61D(Zm!Qt#EImN|%x1uddw}E#g0As(lBQ6_+kMaROKQnCn`DNp(&mND9
z+(u|2^l_ctdZ!1<Qgkw#xh$2(nx6Qa*8Bqcyrk+J_EnOw$W&ZT3E41`&{~ZvX()Fj
zF<h-ggz4mOJ3qqZwF9tlmeHVBLb@~CQ@cG|uHW0}hY}(^EYNEEVmKon=@XU5(=q|8
z^t2!B3~56D5Z*sn((E`w%B=Vk1=*)|lVC?GvIF=LJmYXt=wj4ohv7iaiV{hmFIzCY
z&hixavq5GiDjuN_y9Ca#OJapJ;doy4MleL6_77401wgw|As0I)1A2HGX(;C4HJ5bI
zKJx^!4bH9*3ZG5~6KZ>cfhHYbz7a9Ekj`((iGAjh0Nc>kR{C6_6-NH$*v5C9sHzK<
za7BM%!wL<lr{L}E!F_H1)HIg!A2<wpzL>@$NGV(lWbFs_YM9jFIhom#*X1vo*9@`X
z^fd}xI_0di)HthRE`|y>vqH1|pG3$toW^>{o5rGB{)mOo2*~E@gpsR#eKCH+oR5mW
zCu?D|yM12_vHlh}eh6~PZxP}JdVPMc`n@w<;3hJIVD7+72uD6N?ZF>TSbyAxre$Xk
ztbu<We%6d(vYJWdXU8%z&Wr<6${5Z$VUjW8VauM#N&hC^-VIG#{C`-rj)eJT5f}T5
z!jw4h9pwHRVOQ!qa)sarNTe-wNEs^pw?m2y^yd0*hwkIlYW+B(R0z8C3a#L~^_2yt
z$ZR)<W)&+c4HE6#QZY>~=a#4q<>>-d<)yRU$tad=Ip=cTk@-McVTdl(%)3h0t4<FS
z)v5(3+wk=Qdjj=(1)9T<Y3HI2WnT(I)Ra14F=2;Z)&LTEV8E1`os1>S9sgWoEcHFa
zc>54Y<GZ<ki=5?P&9<1U!LjxR6nhUk1B=lA@!IC6)Um$K;<3PRc8usy@Xl3MrgQm%
znIL(l7b33A;-&U9UUTdHFLuLM5w?DXUV(nS{BKbwi+@3>eTMCKW#sUGyV1C+Tl?Qc
zQ|h_6$tLc#bIOdJM?=@0s>*|M)3i~?LWJZ5f-F0&Ta))nsPEAs97fFbM^##alq!Xg
zC`OtnoT@MRzqJD#i)K3nv_e@1f-Q5m<yi85*0ApBj%mV<wgj+x+0gK~H)qvf*gAiE
znX7|a^7cTR`M^q5e)0SKNvljWRd%$XTNQcJd1Yygpcb7w`7-kcw`kqKY-wlSLLpsh
z-K$}#;DAl@hxo8ny`)|*!w#ik0u#3;o=(2<JGq#zlT>jW;LDV<s(#<TeC>agF6&de
z(>>CswR$N0ff*K<B^X8D%jzu)IK)sN+)l9A5vOr=nJaUApL%*VGJ|FLPVj@&-8+c(
z=4Jm@N*|}?DNDrvGTf8q=2aS0NApMzwF(aZ4My?L@h@XMD!%)XMbW(~T&Bf^nV`ru
z(Ts262mPuz|4Xi4D9W0PxT>1q<Pv6_o6H4pJ>mC#4~V+<o4#IJ^gs8lxBq#?sT_O1
z45x5jCV1pt=lE=g@-j5)>@Im@<V03;)4X#o=-xn8E@`-Q<Z4U9M^m*nKF&|qK}tn?
zm<Gb2nKyvjz}b>pE6WeXY&~@#Z((O1J7E&hM%%%R+1vk@4~b<v3+*3kxAg#=530Ry
zq~7po8i+Gy2F0ZRrEE`R<E<53(=FvG@jP7g29gfAecxaB&HI0@tFQ#3qZ=TUk6<q#
z8u4fZ!q`t?&JJGcx5!d|CM#{~3gFNFk~y{eAjd>&SRympAah5*IJnZEL2^V{HcWn1
z8J%P(7Ym054+{kdb@JB3P}r*eD61>EZS$nFweUD09(q%>mO+MQKCMiHl*1ciHl6<`
zkKS<lNdm8tC_nv_N9$&@@JX06rrKKxFSlvH@Jc0BVPsu74`|KM>rA|v5aKQAXZE0N
zOzC&P0;NLk+P5o+My^y2LWG29?iAI8&=y%|UVv8%{7<2np&CDem-`4_t`R$Uxpm;M
zj1m71OPyi=PsmSSQ3wQkTQ$)pYV*vth%qO1?A?_<@PZ#Bn+>(+C6rx}kO22a#uw+`
zPq+>}>#ro1VG7ZB+jRn>(cKqWQ&cdP?z26#@;!dOQu0c^YaG%f9;_MDd5Q$6;B!8N
z0W5Lhng<@ac+d{IuPwDU3#n|i@MLwdoP&QLWJVk!6o1-Qhz(zk@K1DNM3DPkymzc;
z{JlLnX9iQsrh!K;4(}REs&_6+`?9M(3l_<(5Y&KQ3$sL|J+fd0Kazw}5)eE4Nion_
zybNJ->Ng1mT0;=<AFvk!0Fw8~T#_p8HJ^@x;D_dD`9P*aQqfHD7Lwty_W=kYxf#{8
z(mn$-tmByDnDVKJ;#|!Pui4()&tPy=L>98Z5fn<>Gn7hy$%_hPBDWL>L?3@bWA~k~
zlQhTbS?{>3<~EwA{o3OKGyBE<D}Duw;2$r=S^AF~crq*y&I<rANQTWJQqfn%<z6)&
zP~jEi6i-hxLjjWCt&?|KCgSNYQ&Y^)Bgo@E2-Kc@%che1p4wH!*-Q)Z&jtlT>Tr7o
zx^S=!P-0*kXyq&@g^4E^t12sIYIhjBI`3<y#DA&QlB0fn&u|zn)~^O#j+IqSq5o1a
zFANlC{d~$6F^-cPE(?Zs*J0spp!f5yk?JZn&gy11uvfNyXwFfW&EbFwb7+8eY3Ia<
znb-Oc)jl3?a#4^u-)=OZsJ;7KQkYcQD1|#P4ZH_@CFgp$iTPHiCbX`qzt|sZ3YA+O
zNv)-WvOMlJFRs*$XwLlWY`V6v+bMxV{Tu;-4#QLThDXg#-EgT>E!8ATn5SacqUCxn
zYt?~6mDG1B*)E0*msDa1PIwH5d&)kBlg#ZT^$2y`L}H4s$J=>b-&E`vx7c+sy{r)m
z>QZ||KR+GbZI}T-<v?-Us&72Sa*A8XS2gca+`}K)AJ&ylZYqc;8w%XcZ^Z#i<f!%{
zq?N<uk`w<n`;X)gEh_tly<NOB6vc?Au9aF|nV<<!=$1X%!lw|P%G5F`vjIWI2wtGj
zmaL{_L*T%&?~vEz`f~mv$7cTVxt%X|Pk&Qm!?B_!O_`!$Z8U{RN|&T!N$=(QK#l(-
z>SH9_?RVQZ9vAc`4m-l;OOt?E=05mP)yCE3$FFrm<wkDySvY?Sz&vb<DJ$7YF$)LV
z#>7Ze^h7?gkPRKb)s7r9Z`?7t;VM`4De7pk4jn3g!9|hnmU|gXs$LB_qVnlZ%~Wi`
zGyE>KDJAT|<?f5S`^VsbqqgGhgRLH}{43o*0>L_(MHARy+m$X2kZvOsUdCSb#c8n}
zXt&4tFyTh20dgNX?z_%p&Ghi?0igv+w<-LcWCRo&PBZN1O*4RHN+@~Wwa9G!sj$e6
zY+X#r$FqnPqRALl=qMHqj}Dj~do4^s!57lbp@mDQZ`CvAvJG}nuJ#VtY?W>Vq{XR#
z{_R=f&BvW?Dz$OSFznr@q&Qf02d=<y>Ar4y`G7zVUWe2as@Dl!ePhUc8_7QuGxy<s
zZqhN#)_?myqK`FC4IgbO4vzp6y~jtg`HH+LNZ-^c^YHixN89)KhWM^@f#h|X9CD=l
z)Z~nv#qHur?|DVOn30=`<LYPvV#u%b8}Ta2h5uBhpQ(TCAq3(<$`Rab7c;9VUa@le
zs^vr{!3?ZVPF7^a+BrRBt5L_W!`?FZ2&c8(joW6W8vSyi)zRS|IOUGJj9sQ>%LIoW
z7wbn;k}-MH-(b!deoyC;!*O?|*T5KJof%bGif1xr;TiWh7_`Mo2Q=+b7(7J&Y21qt
z$@R<#sdcc%MF+xnq8tkm;E}k6eBM&;cCB2zpAAy6FsUf}{MJq#>iU(|+O*b4#SXl7
z)sa%7Wr4;_%!JIn1W1)Zwa<v=QsW{Ami83Jzg{G$;&ywP>G0G2UT=N_`0n`cK4x?~
zKFfU;7=;`ean>ia&M){dgb1||!WGC*@0h3ZHQIm|RcQ~T6e7muwv)*jYE1^APHC2%
z9&ptAFAsW44DXrt^X{3zd61c&hnk-$nVI*?)ThiPkkRDp89%E5MV;bZ$hd672t>L{
zVb3x#dzdXU^~t?-fiN4Csr_qQfGwLp5wBuPc<?uUD8igoZ*M}p3qjKWF%!2)8nMv0
z8SnM;nup~K(8niC&tCd$neE}npfFSm|8?2%1qpSvBLiJ^US5><V-Z|At@+OjiN_e+
z?e{GaYA5v*{oK-b3}q@esAYOyDe`PGVjGXQhx>C4YK~Hu0H9v(e-d!$HeHW9Wpopg
zV6KcP*~zW?!3Gbq7g}ddlt_q#A#$EA_fP-d%p|lhE8xOMO?LIQR+F(TmXfkZF*Fvb
zAUg%-PKJr+9DIB9o7pM~CVK=CO^QO|07ETruypW0hl%7G#*^*m#gqNk_vz$#c|fKl
zR^GkwFRWy$n~oV!oEipqIqI&hT^OU=;}=dcLA1q#Mf<%u>S|$zZkavah2-151z25k
zNEzAg<Gs3k20O|xuRmK(P~Ms$V}J@*ejpxY%{P>#mbNes$+}U=p9NOFuVrBGe_p1$
z1|ExsYI*^+YWQ7IEJbPLVzyP}RX}Sppk(nQXQD)qAQ{6a@(E{DtmtIc|CXz8J4Y!i
zA0*sPBDr94D-NFJCv!8CUD}Md$F@0|nR(HpvG9bkoCfhTlk~cX6kGUZBsW`_vby9>
z5)~3SGL{m6BN8A?XUT}AG>(NOw|EEUZAEF7y7Zr|Q%cW|y$DkB!1~RH)3%4>&&X_q
zzXJStv<L#D!J<uESQc}UiNH!GIHb$Uvt51xk=!m>bSxV>J2MJeSg!B;XOFNGPZl0$
z=8X^hj|`Q~|GLEEEt0}!2gcIoTyQ$v7SY;*(_xDSn}_G%`4ZGEYVR)H+Uq%H9;Z<<
zW^8K;jO42uHq%K_n``17*hEt?9$FfFE4OS`e)!q>G46-D+lKBN(%_)EIiVaCd}#Z%
zC>}|-87TJLSL<&1R?J@n2?tqh+vppg5<Ps0Sx!wDE+J_U>qxKSC+R;pIE2CfgK}DM
zxAk35#Yk9;APhp8k~)zk3?dY;0%U`ELz3wFU93ODG5%B*`eAkC3u>}7HKkD^lZTw7
z%2+O^8J{kDcrY8kET(S2gR%#~vVG4E3*pha@{2YH%iHhY0#OKJsEG%0?5`5@RpUbE
zkY&f}P!_t$LP+gk$tOh6zslrAWV$qK4q<HV(ZlibxJ>tfcrPI$BNCbvfq$5uX}Du^
zlec37PR*e-;q}5yuNFy>o5+QwJaX@{B24qTDCM}aJ@^BQ!maNnR+eWzlg#PXQGaX@
z9)+sCLf2A)zfTIpc_u&vA0@I5eg!92;R<i*a=crKmS*r_pW)I>vCl~2`JJTEDeN=-
zcuR{_a0H-Sruf$c$XLT!%bUDeORx#A(u6AtGvO_-CVg&h;PUf6+p1!g$+BJkvU7R#
zG*#=CYsy`$kaFEAH$#odrQ2-ZJqp>-8pBhFBc%;=sw(N;jv&gnSUC7SvZ05O{h}*?
z7hoUXARSwNLZ9W)c~&E1Rx>tw83;Hq;*7}$3}IvV=OIZN*~hc}3)vgiNRt!2L=#zX
z$b^)&OclnlV9-xD&VOxhtt0UU9<>#cBpm{fCdm{{_i*4>0E}ReGnHgd-ss}vfr`ap
ze*@ZwZH&l69J56h)Ip?nmLTa#XGr;vtm*K3g>|1j;utl^fe(QN<cLlaH`9R`R)j5_
zvbg_*-PjxP85c&WnS#8iKBRDq(H4vOi(u#DoL^|;#Yh2;<v*A-!PBLihr$eq0Bl@`
zc>qyRRNoJ^Rj*ZREeN0FCHI{J?J0x6nWI+LM^?Ivt@-1i`wdVz!%gl_lB2;nH-w~L
zO~8(cZXrp`8WBBTw&xVAq^mtYqYK8li8*Tq?w?T!bS0vTCnwwc@+wTL!<h9)f%J)A
zN;bCQteKNX7=i15PRo+xaQB#JQy35}$!Q)+NX{VjM1JDT{r^@XN+5m!UdaJ?C8Dh1
z2@&MWiDsxfdT#wR0GHc+?xHU%<jN~{JEC5H(uD@*5a4_N{nxKmr?+w@)H)&xF#DHE
z6o=Z2c%Xf;KQ!U6SIdXDT-KMSf&24IwW(3&`(q4i!vnHy30||3?N{2IR~i`9`~l!s
z$I4(>8aJ&C|EYy)(>L0S9kkl1V6~u4+rtQizYjDPXjJgxGaPj(3aG`iD84Kg;LA{=
zxN?zNzqt9P62}5PH+<MBPE`Xs9ffEeC~gcm5g!LpyGZ8a&QG|BncDO{SB_EoCy5nu
zzq2kAu6a^nf$m@Bp|qOQP*s-^Aw?=8Rt{N)HOwy={BJH3DEoz2zj(^Y$(ou8p!hgA
zsWgE4<*gb{(3q1kt!^R|lIMs?W6nck06p&3SL1)Sf3tq`18n<`-?oo|Ba2|B?1`l?
zemfgu@2zZGbqy-LT>4t!SB>+rMBEqrmj2C`ddj4`wGKB$GwTcpH`b#6BHEt{pSeCN
zJ1Fk*4t!nudBV@-83x;~UN7D1<m%{J+tC}X!L7IK5W_J-tG~)_*e=HHtKu-wIp?CT
zr>{~m64nttG1uB>J4o{EQ{jBuo2l1XZ}w%5(JjsUEe&eL+T}=J#C=@5w;tzZJMA8Q
zy5A#Z1bN#00A5`$r8DN>7C(m@o|D7)|J4})?(^0-{5T?=PIMEUz?F7G{UtBY4q~L{
zMplqmx+&X^X0*Q<O=YY}gM(4IwM=t)lD}NZ#{_!9GRs<5U!(#jedNmaJ(oM2m;RAH
zct1V)76Q~~nGId6{0n7y#<L$yzMxBsNu`Ra;l*lA=h*4BsTr%ObDQt2{&9y*!V1t>
zd-kBJ;c~>VQiLSoO>L!mn7obW)sk4QVdScG(+(+VAIyU<DS_%r-5~HN77!>p{fQm+
zJO4gtt>N9fw3k<b#XkgIpNH78N!m)!Co3mEJgv-lg)6$*np6^MKyDwnCu`MuM=Msm
zH1Q7pDq<N+eu&@F2@mxkmulI(!4(F^lN0<4l2U5>t{f*~9)(p3=hmuPjT0pDrV&!+
zn-lR0{3PT=W&$*)oJ%>RV<>;vlLuh0b*HLhM753Da82C)Jd0CNQ_-hOnghQlzc83E
zVu1~$%p5x6*jbOPcFAp6TbBtz&8u*8rxzq!SHKiaH~e}rPp<{B&dCe%^9=&C0_;V=
z^MU&X;*5-<zQ(SD-T;JPThIiA9u9rjrflQUT>*(ZuM21p8uGFH6<vkBMU-@!BL3pf
z`Z|d2a&ze7b$Xk$a$2FKpYN&O77sMTVj^dNA_HQb+Nn_!J#%#IGG>H4xAP<gTx6Rc
zy%-lBO=q_Iu$_wJc=Roudx-!sZvp`cL1cm(n<HhYgHK>@UD>p|iVB`TFrM4kES~63
z1&j;?U=vJsHK=VI-I$VXKKNG2eSTb&1#Q^OU79r{RA~*f4WRg%E4BGNjF#@MU9grY
z(lp#WoU#bH#1n-}X0bM1JzVRfv{~d&_NQdzmZj4vpQ)7qZ7ttV&w=mYq3=8$qfQgQ
zu<Q2_o|>ethkPkv1@$VPjqMoOIZ9L4d)JrSLqG?3)l_){>B4v~;8)Wl?+gl(ejT!|
z>+W=Cb@HUaXD+}o&YY^IL!2zo+36b&@Mb=jGzN}qe~MCBbJt|5KdWtPQ`XREzq=R=
zG9*4X?&py3Lwbq20}SOwTaJ>+Z)W1Dh-a~|h3H8hjJk1Di5**DoG`OfNv?0-5~*ly
zP2;C9=d-#m%JURpj(JLj9D;rt$`jY;5??oE&gSB8qk83SWi7&STF%S)W<eavmSVum
zCf&(;&AbF>bUrj<!|rrP<xJ-WGc~pu`$)kOO(;n>#+;@}0pvPvZuMa`MIl8qE-{1c
z6#+Rb@S#pTLAX#gwB$G~zT^w2HG}bDyS2j2ai0{K>k2maT@@^Xq^)#DBB#G86=to#
zoAEV?T$x$C6|Jf-h$V{DM3`zW(Ytx>T|Ry%YPC2NHwu#^zNu(^-Riq<x{)DbKzLRA
zTw$cuZwC2-2xJHdcqcezY%#uLFz%JN4_)@C=+{~ICTrv?<L(r)Mi3Yf@yYv;QOiFR
z5N%#UrJa#p;@dMsUBC3@T!innLov<kNNm!1IMVqqaF_!k#7zA)jlAi9{#ab!Q^3Yx
zDsEw*FoSXhRY!c7>siNIto@E=k|+`n>nd%NXzdA5TmH5fd>Ob5KT<U7@$H@Fj{^ax
zBF(p-V@hb_fR{rN{q~Xszcvm{B_as@dE0pVA~dGOC|?0}wlhe^AGqvoc8j*`zR{ug
z-o}-tK8bLD99!wqtC*LegD9Yeg*F(@$z&>+2o3&;Q?IRe7AgEvON%u9l^GNIwQo5b
zkfhdJKTt46i>za{T$5)oZ!D%_ms}~9jgqHxl)NpbvTdd{=UXdqTjGwj$1<fNVPgs1
zf8`z6^i$xB7@wdFYWAlOmOSV~-iB6y2WnB4yi0ETv7hurX_Lfla17{-t+?zLjf?+%
z)wMw3BBrlS=slY8wTX|xe}-N=1DAeeiT-o^F0xYLoY=lPv|pkTReLVCm6%#aMl?6Y
zp{3WD%`%HTX8je-ih5!YbN|AUvMdh+)|jVG=pksjWJp;cQ5l`6yuWbIqeBQ3{wYSj
zEHwB;b7*v<=@QD%#dAlSMwgxe7At04Z~XHP(BU#t*L=)Xk^+dejX2=`bd#WifVzbz
zxBP58VC>`npLGLHz3}Ay3olGVW)HpgdVRC3DSW4$HTQk9axF_hsFMg|X+YHJup7GH
z-r3Gz7|*YOfeyDTS^0BM;%B(HD38)`{~QJg4hGGG6vsIH#J8hQbOvJaw|cuF7R0F&
zIxx2_v?{>=N{eaAVn5Gcb3#n9Lo=Or%Id*r`EL8E3q&kcPZKX6o5G=gL$QRWR+v@8
z<B~CTMw=4%s4#lBtT;Yx(5;ojZvSOdgYZx%i^xv*SFud}3M^rjpIvF1uR&!viDljZ
z?_TMANc!XjeS^tSX&sRz^X%){;D;!?I3SJCH@k!pkJfbo(;<m^tcv_&H+CQW#YnuE
z1^S-hmRPoVB`5CYe%im93oOhsM=;}?5Czwq@a!=8NT6+bzM!7Ip1TQ4&Zjl3Hz)YR
z+g$3(O?&GkeIgGd)l}Y@MVEUjqb>S?vflGRz^h~(y92ij4jS&35g?I_$7}J}u~NFu
zjUmb%$5%A`-rhLd)aN6@pH$Ai+EBYSD7D#wM!lcDF-8pFm2%Q!-q^RtVZn;TRqP4W
z2@+StdZ^6Fut5~?4v>1MqqVJMmU!QYEyv@HIqrEId<YtEEY^FwlD8alniz+xp3SCp
z{rT|w_NhI{>bV8r8}V71w$zvOcPX)9X&_<jLTY(~{Qx@kaBnTN-9Q-PO8zBaay?6;
zG!a%j70s#m$!84uw`Iw4q7Bby6_b?$^WN?}-UV>Gx+G0)3EanvRD^9op&N5lt-n|+
zSxPPjO*LA{(dZomLZJ<nYFUvm)sh^Jp)IoAKicM?2>^kAZHCd~Izf};JR&0mGi?>6
zCsjxMC;5}PxP?KSbd_E&TI0Dr1m$;QRas%#{C(r7{l>_)@LeMu)t)L;l#M^_bYE%E
zJr%u3duD|%Qu+#p;Gd<+YLQF{4c5)ZSIA;iysXez-zVTvTl@TYsQDp@hggcXZUX~w
zNsA$zYhV<L5k8Q!7kQ#wP|*AXF5#Kz%)mNguHV2#b~p)ZDlF<{R2R|So?aVe>RIUd
zxxh>y=hFNs9z*Vx>%td7llm^m2i>2!$o(suOFq*#&gw1`g`AeogO~zYD+s<oxcNtD
zXTgY-z*`Tj!-UAC#48{SykRN*erb6&)8&1+H3FjrI!1LnZcE($WvUpNyyoVBKUES*
zwWx~T8!SB?m^~d+GL+H$zaSth8?f7}Y3Kp=SVo?`%Sd79^^Q(hD?hh-p8cJ4v^uo@
z4s7Rp;%?V;ppE|hu2PLT_kKkwDjn$KeTMK`=dEo($Jy;d^$=Q-+$@mgdbW9RY$&}(
z;*ZbpK#K6&)GR$89%8>88#5-eP;Axm2FWs<4n{Jze{Rv!Vt`;gZ->xq-b&^Bt4mU+
zSjYG?vFnP!9-}~TE*cB{B%hA%;<JmkVXDaVFave`>@(1Lo-l%eyz=WlizLCv%?&{B
zh>sSnry=@nI3GE_?<Dj|Ch|mo@a`jRy7Jy*ZuembX1<kWiLK-3(KO-?Z0L--@g~nY
z3(GHOTqaq<yzn8rC0j8b@oe-le>h4$J^yq-Hak%Hl1vEXWr(pW`G#pCrL2LpQYRT|
z)zlO%SxC{dvrUi}zGzR;A_(|DGEFE{yxc0E<(<nYpix}q-jx*fnocM_%Fh;ETcxO$
zdn#Az9H(<xzIreI-1Mojx8K#x*F7-MYmhHwc={s!jQ9gFVL;J9=pF-n1(~}u>+h(J
zBcna?HU?0fllgrs5+h7bD%N=O0F6lAWWXzhi9=;b_acCV2`qT`G4-Ll|CJflSr%~K
zobMpyudd;hitNyZfArdb&W853zjh}QT$nbMASyq^m^|bJ5%K_&JPWe&<LJ{i;UTS?
z86XxWXw?dY*CounS;9s}?_PG?w7>0a9M)&bqUJPRl_XylR>^j__DhHuQKNuQl%Dgj
z1rGorocQuS_^XlS-T#@LuDDV|7N_)Pn_Wn7-7t<?G0uzL#U};Yuut<l^oI!1ST)1V
zpLwh)rl<}>1b+$C+6aG#XdJ;qxkHiNLHd%X_O4kLEowoa<K=vw4CHV0m8<W(S5y4r
zbW&!Vl}<^A`OqJakf+6u01!~XQ7T(-D%FjUKV|RPvP{lTCky_pytWf6kt{Z^!oi&l
z*3R$Ay5GN+sC<Yw#H89HW^_tvalotjc0)c;He_tr9UvH}h);fHFHG1XUVzO|;qaD4
z3Q{^XSSO^8d_l!7k!p4NG1{8n7GA};<r6K+m0tf2lpSenn?Ux?J&?!GAKmvP*)gpa
z;*w)xAbeWbD<{5!xiRuKl-qhi1}nNP_(xpV^XkskJp1e7aY@$;T1c!yj6tI&2^tJe
zO<AAx4;$6gWmA9Xh2ZTe0q5mv3K9WPHluosWVhpj^4#=pIE79#edQ_>8vn%8koN(5
zUz+*<;tkB+M18`)Bm|A{DtDlFIw=44U9p`^D>{X^P{WHDv{xOB`zilpg8=Wy84NS+
z1>bQeaiXmC4s*f#G=^t7cE^$_e5p>J;j_A_f{3{}s+z7P%=`Q!4+u7UX9sjm%<(_E
z-Wh7GrW?K9#6Ga|*Av@QpEUH2gDV9`919ReYxq_liaxrf>EjIPSlse1y4>}@{)a+_
z!Yf~MSg(|01l`ucSAw0y4XX5F)C@z#O+C6YON2F~P6c|?F2?0z@jV+kiUgZbtlC8b
zf9WM!R0JVU!2MPmeDF`iJ~I3E6nrkVJKkC|uc>Y@5nG|T-}}5zL-Ge-7=qlm2^c~A
zlFCTW29e^xxKID<`((s4sRsR6i#|nWtJvR=2BeCwiPtGLfkP_ve<4Lvw(U!$kRi3Y
zbn4)$@$_2awVoI_c5{TuJx3jKY^=y3_4p-M_su(h#E2gu8U$-Em5h(gPf~4WGBpJ@
zgWwc!pTCAHQm63O1BvMjkbf@uj9W)ahdD56)ZN3xSUMyt)&u&c5ja!!ml)7aXAb5*
zsd*+HMj_m2r*Fi8279wCS94J7Jy42lgyK0`Jg5-lZzCwmS0J4{JI`NJBf9v)w0ABU
z2C5f%`Et(nd-S4$3WY9vRBEc%fZAD*)b^I+1KLU|tBkIJKj9a`5eLR_{M!{XiTt<f
zt|~#GuUdyX3n#TDEV*%qLZ$j!?HiKkMcX{E<I%#qY?YxcR@Va)T_qc_6*)=oiGyx!
z&k8zTFPr8Xc&>GcfmAak?m{}z)p;t@dy%ekIj-V~iZjZU+-3*&j3a8DfPf5DB1RH|
z9#sB`)AMglR~yUSTLFoW3iwSP&tkr~6kc3$Y=VSauN<5)1<QHZx!9tw#i5pu)Ggxs
zEQZ?Au0Qj&IBqNA)rpPglSetl73MCLIMn0*1%^yd{AB`A__b1pqMXlvz@V%grQhsG
z(fXiiDgX%#u4LypI(!z9=}6LXYuXP>5oVl^)ito0k!8>-;7ImV_$&?3d|J-74>azY
zEh4x?w>rlCqmKA7Hu?P_ThL$cwEiIf_(*ARo~=248=gs3a>T+B*?a{3q1}xA0S;y7
zUpB|cKsx4Y`sskPS>nHJz5(Liau|(qhF<5q3$e?|aIBKJCH&d8n4SGlmDsQE_<Y`I
zMay*3oGoU_tS|Vik-9ki15SpTxF6F9iqlFu%5@B`TvPiGi{p38gq5tA;C_3mHmc)E
zLF!~+*~i&(w-McJAj5*hvh9B)MW-)rk1Yt&(M|TFiRaxHBTTmfpv5`$BK{}cU{F|)
ztD?;MtxDEuLs|;%h?cxp4T}dDGfU9cx)I*ah|jcjr66(Zl31$i+Ec&sw8Yra-&{3v
z<18LCWLz>G2-CJaHoi6nt>$fOS`N?ql6w>T&s3ue^$tj$dQ_g(@P76um?AglrS(x$
zlf-`D4Ic%1#_B~mk^fo1@F6NV%B;W;Y(YwMRB%ChOj}<REB&1BERJixX8-jSE`PmU
zf$JSm3W<Px<hhi$bY^Nr`RFi^guktEtF2u5XX=6sWI9IKkAR;FS@1{f#w9mp$dpG}
ztu^BP1@&&G{`}p<wjy?FFG-OO0OsKTD46uINU?INJn`Ke0rqo~Vx`LE#d(e+#XwKa
zCjp%2lcn@0L)baPEg9tYh~;m0_=|VPybo?kmxrdr7YHBVGrbD<hf^groT~o(e>U(h
z=HiDb;ZE5=0YgzbEzU#Rnb5xJwSl;CI+CHht|9`GK7nf8Er9y}keHPz%wpAw_1%rs
zm3SJ|)T26Aj5?#`+*^!>^hAJ&nOzP|$ZVUm^|6{K9e+Imc?F*ZIoY-O>u1j+Qa;~I
zCM=)C+qnk_lt4DN5PeB6bZCKW(YukmA3FS@375VUC~vOUyJQ3&PcG($@b$%hi!7Vl
z?b}iyS!PRqtIR_6UXc<P#<tc#=wO!~G@4pq7&~}jq$rAB8~1tpFZh&@JYTSSvt?uJ
z7kEDG{;X#S7Fc>zdOP&yP{oOShG34+i-a%xDeAC6k`+Z_ll^=Astu$|g-RBh3mPt3
zQnIg&v>)+R+Y*SSeH`sUIif*l0vN1MgG(>{g^PCTa*23Ow%$&(!RdqOp)hMl*awfH
zcgl?h!fe+H!XGi3*c#h#sSka3btW>AG*m_8R<MYl`)4Hu?-VP3^ss?)H?QrsU~jc2
z`|CD0H0ve;p{5v9P|d14!K5>pr_slYPKD^Gua$F-Ij~zBS`c=$o6SaY7sQ0C8R{VS
z4>QW`@QVm0Mt*=XV_t%drab18oaRQNcJA8g6Zg@WEAyRv0>1w?ps&ZgpK-02sb6>f
zIbLq)XWwp4d;4e=@Un|6voz~i?YA$5H&Vo|E}RnOvA=31S9y2wQ1@7yvGkqM#*M_2
z@4`tlC)58dW0jRDW5z_rDo~;0`Ie})sL(xwh%rf1I>IK}XaujA@W;g?C7+^w5^Tpp
zlcV0<8I47HUVNhmAiRoBQ#$+r{=QwkS?PcLAH%Uj#IEi=pG2}a(>oJZ{6M(9=qh8d
z^1gwHX(NIHCsA_zrxAKBO2bJ82z{{eZ|;91EHYfVC|_isBQT8?z0~J{#jPyC9uwzk
zc-Kc;!rR-G`abTHD_{E+iC06l_01e<0S!~aW563A=jh~)asNht_PO;Cz6OsspXrV$
zYB7=xE%LvCO$%AReH{v4nVmlyYC<n+wd^Zk<0U3jlLWA4QRhpuDjeW+B*YwYkS6q^
zr>BU4R*bK%kHjq(A<RGx>Em>a{0mGBEXZ8Z=3>#mVSy~YtIxF1HK-X0ND_SGkoLC4
zf8QZ(?asMe+CeO-O}XwS1j2!Ykb=6a4gIEOAoM@q@N<};cCPu@D{xT@?viVY_LF~1
z#oevR+)l(E4S;aZwN!+1Nc7C*k~WVF82QV#oBT6^yY6ZVX@^mcB&A$6uPD=%qghT4
z?XuVx4oCn490<)9bRR$DABhDv0*AZLhJ$luzAax{6Fn@--W5Y2gcfazGT-Hj^Y*8I
z6#vuO6s^io9ua1GTKJT74|cNYL)M!0)a;~wi(hd<B@1};r2mZMMaX>YGR{Y;eaM;o
z&jr5B$kNf~{qbNI2;`<?`U<la0goojbD(FTdgzx)D__`=B3A23A#dpDP~0Fo1sWO)
z`$y%IjUi1bhhq8I)EO>*$Kw5x1Vhq7f2V;R8iEhlR^xB}a9N?Fi0uZRtFe6|7q!A3
z``aP|i_Cla(Cy3%<{M4IR^A);(|f|Sl1*Bczs(lsC~G1Ykd19x=$W4xWGTmqIF;#$
zlXoZm8aj`MiNJzpV!`dj{_wHg?q#(mGIQK6Cid>;ZB>(wwn7&HZ<aZtZ0UE!4re`7
zb6;B2_VuB8x?=74S|`V&m2EkyYYTZ}))sL#b(i;XhypJ#B@k5tt(3^DY+^bXgEb{9
z;k%Dv6`I!0028>;(W0D6*BjOKz?wg&E#Fo2{VV`Ke|Ok6%Hz&8CaYQvw0Nr}*kK@X
z#)!U2b{Hn@DAC#4WsoNAE;$p6T~{&XV0)k*|NO75wUaacwylY04<>1jlD$AX4A9$+
zOjnmWNemkSy9iJVmZwrd`!=(P7nV0901wy2zJw4%R}jiD3;%$xV4<6!>$wZ7Kj_fJ
z)w>^O=DFFQb0|T9Ta401Gq+#B=pph-?lW6K>0Wh^Ff*F!O2YED1bsKiZ2i{5^MgKq
zZj`hH4o?&RPsnNce;D*Bbe@s%`BgtAL5NkC?7X+%5EeSk5_lUSNH^i@k}(h)mjoS~
zkR&2EFQz0Yu9g%#XYIl{9R0U!)HtF{V$7+Qz&TTvpN^>};eWoZ#&L3JRz|UGS+<QJ
zWEWjuYD5j%nma?PENIo*xK}q;#SLjy%TWx=Sdk+`ow{(x8I;B_cY&tovI2&D7;9<P
zjjg^D{Ye`=K(wCtlDx(gwPiRieGNjRab&++k?9qC>OJ|+*$3UPdm*W8`aN;ORqa!n
zUZwE9XRkWakde$U9;R<{ijdw3z+FmJI(Url_;Z+rW#G^|;tGv>=)i=v(1}IX-Ttoz
zOY97WS#bo?lKP80DUc$;jg*0kQ_nYQy|qt(fyzqT+Vz~I+*bpb{;s#3SQ?%h@q3QR
z1sGvAyE%>S;A69`ZhOWPg9)ESEpnQE>bu{~Z|&Mv#rF}BMqg*l4`2zUpP{UbQX<61
z@wqKR?K{o2NnPJP;|9g>*C!@tR{n^bwd<B>0);ZRxmPI9gFb$<ex1+uVEhvO>oKk!
zm}(ZFo<HXM-6YaK#aV*y1!f>o9a;sI`_B1+zbz_6idz~qf;mP!KFt{Oc~?Z~t!Xgq
z>jX=C)%@3oF;-09I!#i$*?#==fx)Zy6Ha=8;i`Y44Z9;(fUl2&N!=9X|66WvHd)ER
zE*L8E%ttzBC(p5z!`rMc12T~99rLV_^PZ8QeCJGnK)c<=O2!odt3Flx%q+sE&@v6k
zlRtvQC5hnk_1T{Gf_lu8F~8aVH_7Wx6VA~Y6VN!GLWbiBE+u`Cb(><^j%kfTi7RN_
zFX8xq{<qj9ocVZdq86V8#=z*6kFKR$yM!~9{JxGMz~K&RYOFQ1%=6tAp5<-Ws8|1W
zA2MV38XkMQ0iPmAi5tfW?m36|>rD>Ojne$1VH?j#SQN!G_wW^|%x43=`RkxtRFues
z8-qTe+|S{Uj=i5i{&pMsa!{Iok_+kDay3+w4n;GF=})-e%n8}7EN46&OBJgy9}!PU
zXAC6C&RdIfa{WtqGu9|Vc{8d(aKf|XrDK{o6TIiYI5a~|kBmIBkZGf~WRc=QHCjPI
zNtRe!efFmG5%!1tzEgx(gKZ^9_$R3w9U)0=yP`}QaR_nc;dFE;wvax)!x4;L!g3rF
z{-9iJitr_ANy}b`5Zq$`|Bdg<P4OAB$HF7P(}#Isuwd9_7xn%=2bveI?>MuTbh`#T
zLt;qo)VFqo#{+IJX!nI;t%MlT(`}AX>b_k2hp(AYr0Y617_JA4y+rCmvK1S<Ey}t1
zUvBR_z4<_6<@=vqd(Myoz8{LN2`@IrbfG+R`we2wfc7p0twj@9i6Kk~GWnkR^BL%!
zXa}<4%puKA`(0qbaU>y_m(loAy9r8S=pWn16_V`?m&0+*5$t|!BHK}M8i^~^T|53L
zs@<?@8J+6wzOxb%{OYzHy6}}Ho&GDoDz-BsD7Ea%PTh!(lMd?ue6o@LXoxZRdBAp`
z&-xB-@xenO8p`P{7tUOR)ZlrYPI5<zQ?YrA*3n+EVxw!vchf7kWj;7AJRVZt;JTxo
zHNp!PE7$)p#Mc$F?Rm{a`mtf-n1ScxLfg31g-g>QA#%tfCWKLy=nq^&jSs~A{?L+y
z%;Tf+cf9+)Noob>aa=ekHTl5bVPw8+z+!?XnJXBzr)&cjOZF1;Wm~Y7NtH|U+hAI}
zUq<E6urci4BCMtP_+jfd`yqBX2R7&?&=$6}^rd&c@^oZi1b={3bsHe{-M!k2|1O3d
zK#xsy2<PkV+Ubyly{B;=)hxIC(_EPtrmk!24c{Fo`Zj|N5dUxJ2V{g!y&LtsAzcXG
zf7I<b+HW=DR`jg1<?Vqwr9{!@3R!uKYQ{&Iq=6Eg@Ic!m|4v`huGFf9KkSiyu1Od|
zj$uJcj_c7B4EgI{(OJ&Cx;Ih#oDD9zhLu;I;G(mfskCLUg|GLvQ<l2xgFH{H0*k4i
z&$7M!H#CYm!_!exH6h@a0I1bOWb1DBVefpnJ0Iq?-3!Hfi@HDGqZsF)^VSqj{-=hR
zI1~<yz%S1myYji5#Xu4$37FjXUAz=XeYashWE`;;=8Vc#VC6OvmYhyk086RBnS;Nk
z83@mO`emYqpLGaCF_Y!p5m~Q#a~;cp2BMb2Liy)^I?R6+W;UlDT-LXJmiUQrBl}+J
z)=8k&YzfBhl(8g(0SaR*$M@d8$(EV<gzJl#XI99Vp8Y^Z`whjq5y<^N;?v$UX<yN#
ze0M}aX~RFnSn!I`!|dJ)z1*jUO9?>|P)jI6TXdrbZhJ6oyNx))HP9S$c1^Ks#nJ_*
z8fYuSSC8LvUPt|<!E9#a2RXC;PB1FSlcmf5#L7dRRt~)uC_z@ZJP!V}ycA?<Yc->O
z`TX(~<&ljlDqU7>{}&RKg+AaPnfv0D#r3i&{{V0cRMl~eM9tQ|w`<!3Idmzh0FUjj
z`7giXXgg|AW>7o_I&I9-bVqMc%};W0r-J8(pdT;?4?IqmnD9qIOl6fk-#6~Cjbu2-
z*HVyJjmHxp#`B>JU&HSpq!f6(VX2}OJ>9p^fpcP8f*Nf3U$rW2q)uCKx^cf7m%S2y
zgE{vIU6NH?DK1^35C!W2utzb7T{-9m@MQ++@VlTg9D$~V3*@>It;^&#HrG}*T{7h&
z?j9J`8A^mGt}KjwTQrNTk~r>;I-<w+=3cP)F3G#Byd9IYM3(-r#4pCRnp~NHWF)=m
z6eO={n`cPsX--o=lHR*SW^-Sf7r!ZKrOe2GLr#D(O<cUFE`AC;5=)U0%b;<GpPFk<
zL5tE)tV?O9d2dV^pk4Hf$?Tw`6ChZ@Ev$5Hs4h%VADkb(PqD^4CC(aHCatoAv~6nf
zV1y4^SxU@|2y;U{Tj%Z?f!CzzVr<8K)FN>`M0(B`&uy3M2}D*YP?DCoSm^Z7U2Ga{
zIs}$G`aBN_KM-!s_?9RgyP)E!A1323<h<l{C7_ek4-7rvo;+;IzTuj?hyEC#TZ{KJ
zEMqG@xnr8a=9dJYGQ+_T#qO{jFP2pfZ`Rar;rO=~w_mYf_27OdD|aQ{@_wpaSGIIh
zn}fxzZf-p|DdC1vyUQhU+gBq4Ku$i`wDi#Q!MM-o)&JnY$-eQ}b7s@}i@ob^YDyYc
zf>Afqn5^+p;Y@`*9iMsR8^e;~2h{0x2A&UDU-xuua-+^d3pkzRd_fdurl8FKQonr9
zWc&t{b5I=}KrR}i5Nqt+pZ0yzL+bNBcRz8!5;>wlXKJsvq8zRh7oe?@AXaC$waN8Y
zDBRAop7Um5^MZwfcf=?Dr6ya7$ziW}GFLV~{*W;>{avi6%j5XeU9WeCY9j9Yoceu2
z=t$UA9OsDRlH*644+>6YGx?m?h_s~Qfy#$FH|$2D^NHMlrr=QrFj5^JCn4XJ+4dzG
z)n7i<02p_nOE%G#%EyZ0xK<Zv4GY{Z0DZsab)vzN%Q8Pq-FuvG-tR*0k~3{v92*O$
zwauD(G+qCBxy*vzi~HT^Z!cp{dDm*M!89m?B(6_O3RCW|t!&EH^3Ob@=<WtraD$QN
zPk*ZKw*RQuCXs^C)XjFOleVP;>iD)Yx$nfH78BTtqW`p<Ug-hKId)F`{WVvK-{xIT
zd0;g2zuu`3OY`Q`2~&!ldh%07F=wDgSNv1_cQU>6GnzFnVD9iP?moVW9cc<aTRY}%
z@;g$wj0su0c5Vs~>2;*dd3HZ~ym-!E3M`gaN?x1kOaW}(ex~;mO?hJ9eWl9KW(!UC
zbjRosktO?7r1zopH8)d_oZ8e))_l&6(is8ZOViaCav4m*u5gIeIliaisQtOx9jiY_
z*0gITOhn7{0QtG?JAp;cLzYg(XP4wWAHN9DxP5t6tH`H<u33Cb35nm^iFY9QhSB|4
zEo|4$UqIn{$)lfKVn`~nTw@W`QubFdbc6-dOxOY)l6x*`r7n}Cp_y6mW_gd94(HN8
zl~l+PWi4+`wF1V&nS2<L^mQ9+p1F2oPdqG=wQyt`Kr{#MtNo!@rV*(b2e*BlzH__o
zz{_|GCWyY#*pB;$ig72+Yl2Z455VK@QkUib5p|VeRW)5yM7q06>25CFT~Y#40@B^h
zLAo1h5Rg<_y1N@m>F)0OuK2zB_dW;CI(zo)T(gHKJ^M%9`z?7018>lo!ed|f;KTQ1
zmp`q=C8WYN7=qg#U$-!*kK&8%63M4c3ZF+e_e6i8P%W$Y`b2&E5c4&r(Ry8+9yT=X
z1nOfV{OW6(HAkiRO+pqLh1P$|bSM92c|sG;wWubBE0JV7>pZj?NL?6tyuC7ALw1(A
zKvA%F^>qnj_8aecBJ#Q?QP{QQrO{<H{u~DHD|6d-n7Z1a5HYcjVo&@w{5!SXa60~O
z(l-r<!~f!AkPGdSEtM=J)5;K>{X6EaPnYp8=FZ4hjbdL}#=ug`u5{5Oo%(m_4=;Q@
z#THIV;fI0&=KeF&<E<)r5C=Qog?N9?*XF+!O<tzCoNkdMaN!TY&ra**<NbA`)k<;z
z5!qZI2jA#w`OauaGTPcsp8k7{HQID5oU=KzVTrzc*&h?Yu}MCYVDZCxutX1fpbO3Z
zQG|F|MBBm8fYKLZAKXJ8W7HOemlf0pULVt8_lo1k<)N3qnlf~2YoZpSqy)A7TWLzx
zh!5bEo+(`HmiIUHY+*nixsxT16YQ!qvvYD8AUy;(r0*9RZ(q;p!1?96I(w@paa;1G
zlU7X1Y*B~$nO5rc1AdZ5LtHbIC<>V>Z`!!rzMnWeHyC*a(tzt5ENyd2@>7&xuK=c(
z<)~>KN3u&OveR52qD2y+yyGj_Pn0PQRvKbbg`jmR1D3!4HB`Hr!P=M#<){}Hm71`#
z^GN~G5mfJc8T@MVkAh}JdYy}K-|48W+A?@KvBXho^{XB3?{53o%PV8~aI_rmq8E8s
zM_F9}{*-;KdEP}#J1$ZAqB?0j6B$#P;oj`H9@A01Q2`@Psw#An?Z3+|>2G3+t<FxY
z2dd|e$sOuF1qMG&F{IoG57%ypcdcySC!QTB3Eie|HC><ds846<R4NgT+?0bRX@w$7
z9}#5CdRw?}YO;@`)x92q)D@;~jz(Obp!R_6Cx3?K!y_-orAzOlCHvLQ`)$jOC-8sE
zY;fPZ*R&ZR;mYPY7;Y_ToH7)2mfXL;&Y8fgY~&wWP<m1|v?|pZ*c0Befyr@QYh7|X
zl3dv1<w99@^>$wky0x+8@;Vz~MF$*JIkTs2NL_mTSqdkJb1SEcjig#iqUO(x&w%>r
zlhm5wRja4>HjFi&>}G-wLJ~7d^Ci6FGpp(bpXq&TE9Z(mUWV5mcU(7Dd1q~v>_{Tm
z>l7x1M*|$L8&HLN65h*{c~lvPGsm4B|Mj~3s20CspzTf@d#=uAie3wGX54o+tT1=}
zxXVHj`4T0V9miz*L(>Q_As)`*Xv`Z{=5R8ZPvhC@@T(<mGY9=r=6|V=@K#_$fqCGw
z&LI<c$iP;?ZjPff_bZIcK~aa%xJ;w{WD^h97bL&QXd{i>4x=rW*xom9mqyxQVn4ME
zxovl4^^g+r`}v=Tht+;8hmCE$GU%1Cxg<aT^@8y~CL-WE{?!2z4D*~kyT(rOHNN5{
z`JM1DMO^>;iTII`yblbU(qdF3F8z|VY5caJeYb*^DFQNn$;YZNB);RHY50dA!AxQo
zd-u^s+JHplRZ<gAR@6z&w;P(aRExVI&JJG-eH!%=co;_q+pn?<ZX^`g`Y&y=&Pvq0
zD7VhiX#w-FI&Ak)pZgzR2AD_apRXz5*rM@GtjBgY|3HeTz*}{}g1cU9BHXU?`JGvN
zEC{KoES%J;X|`%q1+w-(n%eUFI0d8vz0|R);Kgp8FjKzSs(lzc#U+%%f&%BEu`^Dk
z?w>04J!Gj)Pwza}2=W<9rt|i=w*Y(SpB7W~vxWS#j0=j7-#uf69rz*$`AEVmj|8S9
zVN_LQuY{wJP5Y+2HU)WXJFFqx=|7Nq2`cE2`3aYJV1Iqf|3>E(_#O~a`teuF3#kXN
z{MbIS|L5^QJG1X-_}o_E9RzP%{fg{mKfyTY^+vrqe`wtg#=ocNp<M!Yf8b^})*{ol
zt;66e_^kifWZz_<zEX@d8Pu|@13Z7TOWX(2emx<T_?|vO?%bj6uHqsNONo3ci{H>+
z7Qv2qX>Z<&CSCdMOQYc5RjutOU(|b;3oj8l=RBkpTk9(^5DfOHIKin4k6n3mXnHs+
zKD%q_GW+-mknko>_)=Dc!dyICfbw%H!@hcTlHAx@Q8Co2Zt3USxW_N=?3Y2)nH=Js
z&AT`?4E?OFBCS6rOG%LfvTxR5@EoYMKqSvPh|EEiwv-`P&)7D{6vT1$*bsVYOul}q
zFYhcKeS7<Z(@!*(-q!2Jh7TRFLRm-|9`wennhuDc?D=oYKsKa^?S2C<VTlyI*I-F-
zcicfgSXvm+S<bPHRY*#uuWxUnIHOiJglr*lvu-x;+zY#3<0jJcoia8aD5R!Dd^J|@
z<0i=xFwnwQdhsid6;ZT(OUG$JMe-gYcdrkHYg4b<kze399pS+OxnB1UCx{8yv(X<E
z8XI{)+~zmXr8X6eZYKFA&^WXlO@RPUT&C)eCfm_}#+TWFCtK;3^@abhh?CTR*%fe`
zxmVQK1%Y>sa{)p0t=W~I=aYoU6~W01hwQzunr<Eijuy}60c6)g6N%%AGtwN5xb?l1
zE?bZ9QB(;fd#C0pfPw)C*LEr5d!gsg$?=G{w0g4D*6dUXg5M#$G}p_W1rV_?E@m}4
z!{3Skq<F9om&{y{Vv$e@1Tt*CJD8X$K|E*W$3w>c=(m4&!UqZIp771i<G#i2p<wVn
z2)F)lvUB(824(E9M1J@ezs}5|Iy*@&&A5Y)10~?WZGk?GqLp4F9*2R>N@Xr-PT9IT
zdbCdPHQ73hAq9a9Sz?Zh*rH62ql%pvbALLv_+$|NvgH^HU*;Hvydykc+!F7tG<|Sg
zPb@o<Mp7c*u@}h~^2)w1ul}iHlH43iGB=ACSXOb#FcU3C&s#vw_+{P*&_We{nGGo5
zKQ=gEYd*L@&b*HNw0gT9+)dblJ=61C?>D^9guG-T>0ifvRaS~74n2s9&<Oe{9nU%X
zmT?t5nyk|BORK<t3$x1`*ig$8$V-=?c)_`gtGZSgY1i@FNkedpEdd&92;@aUBSqL>
z&X7Jc*~i8LB#ch7E=$!6^A5hAUlhwWHZ6^!H?vhPe+)su&rh05tHM*q=5TQ=ac4S#
zq`u7tm)hce2qVUq<vE;d_njYbml2NIu)f<}=bO@+O^4Jf9Njtej75V<_jdht5Sgvc
zUSGThDej)KF@I$S#S{dm8e@)ErP#`E1JVX_#@uazD|c+Eg&8yi$6`g;FTX3+<1Y)R
zo>CWwcScNXJDNYfpwb!)ZW{ow*ZB<iA{_F}7eos^1X)HhwFx)>rIB3w`(_Q5=<}*J
zYt|r)a<Atv{^UkFc9^5>YqX5^lC|39Xls6$an#8mH&OSg-@9%FwEjWE3veixEZ4EX
zBzUgeZL(5@dim8Yt2*o5diz5#W%Gq1e7@6GC@Z2h3W>I;@<cnUMYYRF+*E&JR51D%
zSk}1`IV58><+&4ZC2FA;FD=*~cvO_TD;hf|!0pV+$5;9!WBi)1CRRF*fhotLEyg^e
z$S~E5<~U#m=-O^f&65n@84OAOiQHs1*K;lizHd&61YFAU!%{XEvF01UX%jX}e31*;
ziv^!7vO<B403XAg(Lk(nH*f%FSsAnZh5c{(h8wcP602!uT2y2ArjFw5W`SY4Io}2{
z{=A{ldL+gEv$0`T(qYT;NL6}5tL8RPS|<Em#oqgBv1!&|alaY`5&bRqTj4YJ;QjOo
zXBV?MWUJAl;uablV1$>uj@xUVdxW)neYdP6t@uU9DvTvoz}dv436TT1$cX<e!b5P8
z@nPu{da(=7Jn=&Tq!c8CH0d%D4uTlH#;ydTO6uf6pJt`X3L?idV&M020Fc_KU6H1+
z85nYYJ;mNLWGaHC5Si9)*(caWGg6Yi=J)YRE<2tx`@^|8L0g`)M2h_-w-?19zy)GU
zk`t`7^t|qXjW{JF1|29W@brUTv!aWEO}@mMXrsIIvX{+qdxIuRo>akE%hx|-mnRTF
zMkprxkWSqKKy=&}b|;;@%d&aHQe)A!6SKd$C3Ae4A$29|I9R6w?PW#I8njBh6gj<P
zvg8bNZbp?KO}{BSnTzx4IZ6!45jKl(qRphIm@<IQ<swjPur1c{h=#y{$rLNqsb^p*
z<V;aTdL|;F1P-#{bR$%7-|}dstk8&eCtw%_1NW^+ruRav?1LF$r)ArjEgF<J?q>J-
zdc9!|_&IRH?3oT07s5lyMmH;W!D-D}Lyp?gurYV_aSbOK5l%AIm?5c)kXO@#Nz+w#
zl>_ue4hi!L--7QC1YI_&48F|i<?sqw=6*XuSAB{m2~6%m^J`zbHUyyCOSiLG4>O<+
z)Aw*@n*)>+F7t<+Z^08@!Aq9|e%~R7m|?$#wQyW{cjDb`%zjH%w1*eww>7-eCqYq&
zM(20FNiT=tR1&-8+fvXao>NSkL1{RYB4MI=jtCLIm3Oi>1rUQ{TWe+V7-^W!aLO|X
z{p|e@P+{6+Kt9PQ5|%@3D7rUF46%){YcJds{o~sIRSMyVlxNZtFu_}^=2bR}5nRoS
zcGb1LbHlI3JhNeo)k9<)T_rc5(-Pv$D5{gm$(KP-#MlZ)2bb*)TLXho#+2rlzO{(R
zP;sI}v&mI~zJF?$Yz`uAUBa!>!$ZK~Cp)ja2%X^{ES6zVb_9fYhqBNgL2{mY!AU2q
zv>K=h0_#kUnwZ!uO!jE62!B8D&+63dkaiq??_~xjZ1boQG&OYrn0feDiZ&_5f!nL1
zD%?FZ^BC|vS>{iuDsk@9W++ZYuXN*(onJfqVRTK}_Uw13Py>Hjx(kESm?NjJVSB>C
zjV(hgeW=_B+D(WP^iHLAWhQD3@DOD}?3iVm3Y##)?*C*{c*Lp;!**%h6<)X~p%Z8>
zS38I_-AqML!*~Y1@oJfC_FlAyT_Ngtu<`RJOM6GGh7Ms%RcxY*+Z1m2*NaxW=pft&
z86exuNXMpBf*fe#pB!E1DN$5ts}Z7fska<kF9lbfhI=f8DU!I1GLHZ|T|LGZpFCab
zGho%uC8>szXj+c*+mN<r@tkZ%IZ{l9pmTD5+wVcgp2xB^Jx26Rq98cwLYG@6?Z-mP
zD4}E$pq5XPRMIIG;&#5AF`a~LVVoEke-*sO>xGSs{&r7pF7dNF)gc=@&jI*k#OiT9
z<I=X+{HRW<?A=9Jpj+dk=Dn?^dGk0!mcv#INxC}Exj+p`(V28Ki;PX8_t|@t>N9C1
zhQ&s_r%?<Ck5u<SBKVGxCq<JR-K0uS6~K=#JeItVA3N;TA}{01&x!V*)2O5YOn2$p
zV;KixOca=ozp420%}<DqCe1e6qMDN}oUtT#?}c_hl?XfMICE|Ze=fMXR2fVU#wX1m
z$7-ooJ0kA=EvAw2_k@UFp0>+OTKFw4|F{zr6db^Hna^2|^}FX<FP1fGB`rJ@Lce(b
zY2&d5mYDFyO*??mYaxKLRsQ$Yq<Or2)m(H@@)w-M6E!C@T-tXTmVD?FALlGs^Dg{F
zO3cFq&ldEU5X{or@&Y-r$EOfEpKEKPa~-1iR5|><;f(x=`5EdJWy>sS#vAk}uATQ~
zp$;R(zZzLh?oVu4@&8iWMCwIJBs`vruWMvp1bAK@RY!f@h7B63^NV9w9#!Udj&a7h
zRM43&d8H?nm2tTkkbr$@k3*crklVVR8nJhmtB!+FO-*~<FPe)s(#nmx#dsU7JlTaG
zRNOcLMjmnXL&xGLq9+=VWt3Q*D7Ie`ZmF;1m+(!*pN#~;U`Qo4tsB*vRyWByW@aIM
zMx(2k@inM+E)j9r9R1y=G?B{2_d-paf*;`&?Xexme8=g4H%pSF5QN%)Ih9^DC%nr=
zf^@Yq7se}`s)<at1Vwc1R%M$+HDpJ|#c4U137Cw;6AOgf3p)b`Jbj8Lmtl`s9^S%8
z&>orFT97&0AHb)^ejpTGkT=YnO}uH8_jjDywMFtMP?THLgGTt?@%WZxW%6ixfq0f+
zlmr-ACiLnn<64HXM%};)!;yydfTUToBd(y0kYT!fT{p$d8x-}%@4r0??tBt`9L>bS
z`|4h4hnzi-2<l;wTjihie3-aH>GqO5C62n5=2B`AXe<dAOK<%YKX0H?zE)SXn>`g!
zN=D$Kb<x3hWOnA*;;=Z79PV=<3rKBvx%2H0qeSgKK(E&<s4?8Ew@Nx7Hz2VtoUq6o
z>#dte9t_}XioyJ@^mz@%lw3OBweR#cf7CF}eGQLu;)|tEtMP*FJ9+8rceN!XP)4o%
z){9gpc0A~R)nfmfsN`+sc#NtI=cTyg4f<U@R7;~|stc6>hB7d1ztyotBJhj*&Yelf
zCe5N{mY+BC2Bwaa=O-4^oc46KX5y!;`%(v$GE;Sqy`sFKxa#klVY~5U!p`qK)AGJb
z2v$t2YE8udshOo}vdwYslw}U5sx&29d^_|q-g@&@q<2qbUyD{0s7ZoaVb50_O|!-f
z<-?>IfE0`d*b4kBRb3$**2qu!xkC7+)A+}G%oP4Q?XoY(Lpvif4$4il8mMC%vh>^7
z+ULYpi&dnn@R>DTo7(+1eboYeZlmR1RNuZ!E(RVt7S8l7tx1|N@$VS$nm52i61EM9
zb{g2$#^Em{b!nWXKO?P5;=UQ~a2o*LN15z;=<mMMYkXCXo_2K(x9FgB%&HigM1d90
zU9?_7|0z)@S4+BW1V{J>vliU2$3OCBf}^V<@NO|~cc@#Y7qfh#c>S|n&DF=VC7{iM
zM9E4&#i4jN%fdyd-LJHv-jVnw>*Kh#Dl|5CM<LdWaei7)KAfm!fG=H{WZ2@SlfUoU
zHUmU%fhMV8K=hTHD9Rr1E%DNMzcvYxnfY4=sB-Ew-dq8~`j&kyhx}&-HAewKtx9<U
zMr!In*$v2j7h}7yL8{+2CNI39#GQ_)qEXJCQoC*t-3+%j1CRW~?i};4M%)+rW!zR~
z=d0QPoR4D0Y3YZGHRQuhRH+kv)P=+)Sd-TmkFDCUQt|S4ME6KbZ68PqHB)wmzV1~k
za#7?Wy8eVP5CrARMBpzRm3ON?^QZR&KzX}sNkxhuiuleuv!yVwCEfa8Hox$rR>t1Y
z9X{(nbJZ`A++0hd{TtcNh`^`-7bab*g^QM!p9azH)GVDnu;c`%6R0!7BKlH~dNZii
zg;HE_gvb|*s#QU+y2>>-**ARVKH65LXs~bhQ#hy;ayqn}z0lxD7&5`xXi!jlEi{|C
zeh__lTqrSIbqku3@q+e5Hi)Ro{_V=9pf+3Ir|K->H&Z*$m6t;8-@XRekO_4z;2f(8
z{7G((1!%)_t6Zg9PhW@QqVRE@i@&W!V3Sx|+x`byLl#Eo!bDshjQM-O_9@hqy{y5!
z#}BvZ_rY|YzpOY<d6yNCXX#WWq`PXuf=sGzm3B84RLFqTEncX>tyM>J#X8srO7pYt
zSt(g6(sTgp!L(;I=S9iGZJG`nTRna5S0w%nhpimKmj;p`QCTl*M+F0<(QLop@FO+{
z!{!g+I}i#s32@}=`(+kCTJGWGJ9_z!GZ-+z4zPY`lmQ`N3z$e}^w3M=1PrWYuNLkY
zKNj(F)?+B_WdAufYMYOoyEh^OCNs{~VgO?s2){zML+q*W=P7KAY50XxCLSASwWAkG
z1o=aU7H?F7y{1hkf8~Q205Eor8J!Tr=e=9U!(+fnaO$!U6UT5l{|AdNe+bZlB0s!m
ziOX)+tX<wgo6*c4eYvWJYnGYvPDol=R<+Y(wQP0OhCO8XBB0sp`wNGji7pBdx5IxY
zzJp^FY1z80%JNq?a20}RFHLeo!D2=X$_vfMAGUhSGSz4S!c_I-JMmN@A!&0=!I3am
z%YF1EFpLqfpMC52I9<p1=vZ{iL@oa0eHI}|qGsi$X4U+L2cIFZaPnJD+}Y~L&>=+V
zA_Aic?`fjrRKFh&AP&)k+IB<gwb7<Tv%6Hp^wQPjdPx4^>tY~QloogLTrY=CB*UC7
zb8<bAVY6`r<)5T(dQ&Ve)dWf<Dk>&{Ad>tl_egS0+^$m`RXEfd*`v#sLWvf~-bk~*
z1+LC<V5kn(i%|M+nCbNmo=3`_nJ!lD!dM?rQ%%(Q)<0(!I96B?37g-Z;*u6x-#%hr
zKuge;PR-fKA9G)KbsxZiNne(><lHdir1{emL9lJ&y7<idA?z$Q+B;8A=z$U$X7S6w
zfiPScB>J#oLmYcm$D#E5nGFx+!Ke_cc&@$LppUJ3XftI1n>)6|0+r(uO<7<r_{0HF
z_0jBu>K+bW(wrOZNGM$ZQbF6VaFP|TyzSwkLF|0N;<nY>*tXTs3aJ5hBO_f*`el2v
zq;9odG3{IZ*Hp%Qml4=F%lrS*RSoT+bYx?reDK224-16t63r%6aC~)}o&s-=MVS%)
zb5`$fxdhApo(`yuo`HivYn`RDu=|H0b>}pK!%+@#Ho2xb7oQ3eZnGkiFL$C|_bO(i
z4owS(&73tZm>9cJ%}1i0FdbgKDeiwV6O<tZem%W5J@WzY4SDmc?m$v$5|DD-S)I@*
z*+YoDu9(lLcueQ75rlXC<uJPI<&zi`vhW#ae4)Qg^@riH43<g%VRu!6@kgfoG<wwH
zc{rs??C>VLMKOBU6k#cH*3ESP20feGa(y4=ZF#ehZnw&UlCIc78dD|&j<43a5mi1p
zrRcrX<+vMJi_`j`w89tS+y~3n`>P_YxXW^LKyES3>_q-Nd#TZe(>60oUT)f4Fke5m
zu1NZYVkwEL{>!l$2v)CF8bfnZLo#c5yk|Az?DXR6w7cc{vc2S~M88V?QEj7#{x~N-
zH>~kvb1#1jYI!OXx<l~VIn&>L<L?^uh(tNo!USuVElAsGHgzRV=1p(}$S$Vo2d`a(
z6qLMpvbwbuAinnFA$Q0HPz;#ncEjF|Zy3DXJvUyc;E=zB^ZF$*8!-FIHZl=^BMD9;
zuJPGpa(sHh1wmMj1l##JNE~$&f!ZcXlKz;s&e=96jY3Un9W83YQC~nFb2*sdFPbDF
zm~tdavT7zmW{7OT{#U`9E&J80s!zo)rwK1>^nZXYwZ08<oO2}`1bbXjr5-?G6X-q}
z1-@|3-IR@Q>E~~HSP^_~GN?^dhkv_E4|PiZgz_e{sXcGgr&~$Gocj9R7Y_KaNaI3^
zdE3Zi+wQ`jK40FsX*0%tXw!_rgh2R$OTZ)!aiQA|LUSvFRdxWaP5v|G{tiL!ktmhE
zF~OREWtCP)m<@=5mZ0-ux%`k#vV%C&8cH#o?8GmmynS1CmD602xQP_aHNAO~I3Wa(
zN`9gk-Kl>6#33E}yURTPp<AUK8nljw8f}7}Yu)wW50yo|5l$G{;`TO59@8i#-dh8n
z&6jvNn(D7~UOB*=B2o%xFu@vw-=9Qt9}U26&Vv+AjYr$$&X2Pg*h&zXcivklo(dme
z!ql}xx5K^E5CEsh;gzYAT_^eF9CabjpZ-GO_(gYC-|vG|9c8plpb<?%J6HM4dU~e&
zq`sgssaR$lCE`>_+#t$-X^9W-=tpL_6i?w77!O|WOqvx(kk+!nXMbGWIbk>g<VCXf
z9`vW*^>Ipaj`f(nH!3P;yjj?<AlusAQJAw7y8nt1W;8qUV0ctU8Z<}S%C~!Km0o$h
zyYW=n{U$a0Me0`dl)vfm*E3>Wiq!0ri4VbEHf8dI_~4mjf2KMFVqQU~DeucJ=}jp5
znZ_h?JBYd#zXPy|*QB*s)X4+(PCaAtdNX(xX#U1q&0PLOGAwCgGzwSHMS=)6Nprbl
zm<8QAc|wbX8_=#zSVa$s-J{D7vxjh;%jZfjs&)g_ElXvMJPDeyY|?BlcFLXnuUxvf
z5B17$7A7@Dw~>p-gnsueH6>~eXHXa3vx)&Odbf`$uP=Uq<PEXk#dx0fnDxanM`|d$
zHGW?eCx>@%3<7-#`b#1jTYxxkm-bmi$WDDZMW5|qkhr<soGZiQ=1{OrIoDzFV=v^?
zqHvvP{hO=5B9x+M0@POfV$~65SKCbmZ(1#0B%IxGB>qG%I{y!equ<BDfsX`Rt`X;`
zK}#Ypy%7Qsk4d+_OX2uJh1^TNeu}!W_sWnEuj-{cL+9^Y;rbgR2cIF|V-F*?C_T(}
zawoiZR9;~(N<8t&6l;rk#W(iYAuJ^Ht?}Vb6zS>Fb|(Gm!0cpGic;)m`c`ABY8V<`
zaF)xl-i@DRm6;IW_*(8-6S(qxG@alGgov}stS!}QtM<AbME&Y4HXyAkU%cI3QI%e%
z5j2DoqNQqlEYPVB`Um9-84+g~u|w%Wsa&4@DJ0LZfHByL`!w)FX<uRBG3rwY4p5}Z
zoDgnP<+H^7GLq05i<hbYta|+vy5nIu6<7+eRc~<JP7*|7TtKn#c)|Dsdif8SDbNd?
z)fd`Q5VlI_eLJ?jjjS7|EW|MMNXqKq@tj*>P*;94X@k6-5dXly?jgSbgJ}hW(U)h>
zM4ze=wpm9??yOR75(<Ax73@pyIr4lny;OhCO&;m)?yGGJ97O$W)~P(pQ<m$KZs=Yb
zM2noTT32U7Uzu_wc+Se-5a!Q|q*)`t)myD>mEe3P8^~c#M6ee$a?|cpbBm@@>hqht
z8oEIMKO_2IAIJ~(Xw+(D(2)Rq72}H7S?013x!j@t<$IeE_kO)8$r6Q&8j6;fpWI`2
zz<U8PH#QVbNkON|iVGu2Vqu*^Mu9`*;q-l@928WpIJ*;azY*@Arx-=@H5Mh0IS%yK
z5)8_itM0ee4(9~Uy-r^SK7ZY5V1H;y-`~12Hfe<eozfB6L0h~;ey-*Y`(W6TDYOQ>
zf=EPQG*Iivq0eQzF8Z8&FNvxyt$oWNjJqB)i)Z^1`ERO_mL=L6z=mO~3dFOa4%s+D
zXS<B!6{O~-w^_!0t&0SvoMK<>U7syl!jbFe?_Ia*fykqNO6MDeZx!inmGKTl*`&mH
z<DV~~*sqRXhjClvAwSnq$s*aD$c85aFjdsujfg}1DfH2VXG{D~M(L8$AjS9!8bKE^
zs6EL%e>DsC1X%@VcyJQDm}Cm<Pt+uisO_{Rf<VD7l5u_HZgBXfv@22FGL?HBq3yTS
zE&-+u&&9&^ppUyMyYh`s8c*K^?8ZC|uGMA^==^VW5?)2va7wv{Ka$>(DSBzW8F8{e
zMtPQyaFm1VdsZm^wiT%6U~D)1GEh+X2Z1ZxEu${61SVhBQ@3c+c@I#~|E&OE91ktL
zv~t{@%*|IMNV{FQAGG>~w%#%<j~+ztc{0;Pa6Vn9cy&&di9IF8M6$lxz!;$LwwLH+
z8cu380{%mm!`lMdt{2memuJ=4v1c9$Ip2g14lo|kp2PvXH!M~|BU!(jD4cm)gTxww
z2Pos}cuUikz(bBfS=CEHPXpk9-(-mEqk>D0;I}?mSZkDijKoG*O~No=C@e+I*lPhx
z!p@(s&$0DGEy-7Z5&!3Vc0HsgS1z-Y>-dWV+hq$jnJ&<a1Xr6N++0$)9`rVPZl<{f
z$EQS{W-{^?;6ZwoesK<EUdPn=hYDLv&C;%KnAA=4l|^koAOgj_cvktqMaIEf$PVQO
z$thKm-#kZpen}V0BuUdg)H`r>#r61?czhm~Y`>6%r-mzi;jj3Ba#+Y|lv7rg{Q6Ma
zB9y<{X3!#fA<m}ar3$F-tGM0i;@?f&vB5l%mqdlT79~D-pM95+Ojk&i4gBUTJQm<p
zy#?fJOWc;!k2kem5e3{+u;q}fc#_<xtyG5hrW}d>Zns%=j>NoI9ATZCAY;w~RV=(4
z;>=(K>NdH>{Z;(Ygwg6VQq==8D?)p?5wOiVPbWw4Mmh>?&kSM+jyA!wmvTy%G0Fa4
zve(;r>pwP#N%oUugASABT3Ii75y+fXr(E_krpu~r+Y4zqGlL<?S+IOtil4r4!_FM*
z?!ni_95q}cIp)(r>s01_@F5TFHQ^ibmO?bG@^0AY>a_(ONCI~SS6}RdzZ>y8Z`_SR
zCbuqMTuyRj2)BO2jM^}9aDxgd1hxnEpZ8wo#noqLlaRUqB%%1!Ztrp-1e*jMTIWRq
zR68!A)|4!1FKc<*d0$C&e1oU-R4K(x;nh3rw7Zijd2_8URWf}HrBFUggyjcoS6V}>
zFWS+Fg13@HcH<S{-^5`Y{2b7f^{{ln_8`7_$tLH^hvb@3$sB;GRmX!B-#M5V7DO%M
zM~$|rA`GBK;{El|!ZR++9j3;E(YsOb9z}94VQcsA5GF!yc`G1yb0OUXM?sk{u)Se0
z+b-80W5XZc2V#fl5|WYI+)16kf8+lgWk!I12)6}KPev7~L6=U3AzMS>GKL^LlMa1R
zq~xKSbS>W1)lS$15()m}g~`GDZ){!|HYXWP1ib&;rF%<hRIA_F^bFY`?Fa<F$cQGl
zX^$Ih4h2TuRt|WY`yBcm`$@x{ANzT$-es;^-V>1TMqAiz@BJ(<6bk&_VAmQ|kJ|qz
zHswn4JR=JdyXWpT;ZYcDBU5mZxc0382G+6{#9JY?lrm~YY%^_tBW2QgOVHxKpa5dN
z?Jhg{L;#HDL&zrHcjc$tcZHiDfF`u%H#RUlcNzWrRpL~L0|&%2BUtS~{2OtHDM?Vb
zWCS#dkwrMlvvtf0H}ph{JQ07@y~S9>9D+^!4O^|>mo-uo-y<zoUsc>d$!+Xqa@ZO!
z$$uLf-`^f)EzG$4y5RAVL7`07(R=>DC3QixW7d1ds-{Rc4d8AUh;BkB`V~VIO<;zp
z>pEkl=+dwt99RD)Y7@>>&tY0EANd^qmv`>tH!oc-X_f|un{OydYs4lu1rQNK^~IV3
z&-^_Jf#FlLKFpg}12{p}wD)2q?Q!IZF-I`;5!q?ty7B!xuH><pA)aX)|J+~iQJLo$
zFi21GGt+2&KEJb}A@_ve3s6maVif$$J=n+EZw}Ms_MN18%AOyBJsHvQ@Lrch!K7|{
zs%D=<dn1Co#4aNWzfD71>&)|yl34JOWPFyhlecve$MdHRQ6S7k!0sf&%+^@9#b(mM
zRC-Tuz?MX^qD}Olcy@aLr(Y|(tI2gdMS=~rdG16Jdj$AP6IWa4(~0!8hEWbh4V=R@
z2RilfZI)-djgKyuJ4lwLh2~g24vawgf;F#*_b(NPcZx_IF@^<2_0gv&@aF+pDfu@K
zN*9)&@Q;HTI;VPxeuoJ3R>CfpWl#)wmRU?*z)*lTYJ>i2`7cE#9c=Pb5;MH5@4>FS
zl%7hqOKG-L-7&m>JzQA;vOUg7_%Edg&AE04@YGjRPsJq?BZTNRS;j`7qy{jL!Yzl+
z9+<+P6EKpD!)+%462Fm=Mf$vPn*{X`w&C|Z+q>d7%QRO8grCFUG#Eo61vhou8)xDo
zTbq10vZ*!O+;A~NsKnWLG1kfm{}T>ANCf6{m`UJ9!6Q9Un}FWp0z<^n&Yhpto)Xg0
zZcdT&$wr#ZN2$HLQ({^CYqL>9LD!J5tOn<Dfa5aoIRP2%DzCxqSu}X*L6^h6LV@}D
zJk}pdm@NP5(6^Eu#jteU8{htHHW~cL-@!$sj=VEkd~BBz7cMl~BUCsgR6(vgeS~#2
zMiXyJBfA;Lz^u(Jr;B~<wtdRB;lu?lyI$fh<B2Bep4GQUF*W8akyT1S4z9;*Ekmnk
zr9iSEv<S2N&OljK9pFixXjl8eK3%tu%D&tOevF0ApBh^jPV;c+=%)dp#Xr?7JN#gE
zGN?iDGgDq;DMKl0*BAak8t+2Fcth-tZlEM@R?p(lbMYMvW8&J@%UBau?~h$2m`8J3
zON%AKv%SD3HKXN`*Y76wS@XJwlb;~*b(|^j_2|>cX<)~zCqN{UIO(P3^28gpU4yjT
z9D%7MBaKSOXSh{}X}Mu`pBX7N>f06D8(&&d7OxAgk{g5|nEen>-V#RZ_V$rmwfp=p
z5~I)Q81G`MbW{a6KMUt>r+&Z#Y7)Ls*q|HXP0Gh)HLHXilR+$%*n5{ol>wRQ!$wVU
z7HJh67@*-6{&s%9D;KpmZP@0t)Au3sgx4T;NhE9f<Kist=UojgfIQR%V#fhb@>jk7
z6}ExcCU3~Cew^)_tJbB7u9l6sz`7w--Gm#o`ELP_!Q)=E`PkScFHA75KYr%<x<fP@
z4}T4JoyI*L5}3KM-%^)wAgXtu@A<gWLDZP7?s0u=TFTiix|a$4aJ4ogpr&g%H2x>N
zi3CfcTeCjt!_GZ(!7qcAfu8EUzI<2A3i5RdI_xk|??A<==QLptNcNwhwfhC=@2n<k
z@)WhiFqER4e`xlUSpE4}bfr=fDz+E@EtFDCAx<g(t*Lg6u1-ySgd5xH#4^uAK~*U=
zftI1eA4~F{Fg481l995kjt~BxUCPV#*dE(IVPu>-f$oA9-ht7-Mk+diCvxcTq%+}3
z=dwCiW6Q{08$Q6iu<eVI1@QBZMqNDHxnHexOGJxjvm3Vigv%Uch-Mkl^5^q>?e67e
z^I$2DxuPWPcAy0uaH1WHG<pji_C4rju%+?)0vxNDNysAX?veh6La%H6TDsWQY*c|Y
zG`UJ+saH!Pweq#J=xt&h&U*Vl-wWNq0eGE5szka<f<N=|N1e8&1s6^9CLewp`s4UT
zHu!|I`({R#5;BT5&ahK$gh?vh?|4F@6UR<-I<2lyq)3=VYn_`h&v<XoW7wB-kOe(^
z{m~vcZiZx$Ow#rBPM+fq+K&(@q)rS>8pQ65bZ@4SLiy-1EJqNj)}Pe?08jl>7Cetb
zCQBTY>s5M)2o&JPr9Zc+-F=AvmLi&IUa;+S!?#GZ+cIBpG?~VOznF1AyQOZr;(GKE
ze2oX2o>gSwm&46KW@r}x)U=!@!Gr!Qgkvl4H<E$nDIx-2E!n{3LvWFR4H3r<Z5?jS
zE}?gs@lETT&W(+93?)$Bpn+M)Qj3x1@NY{mAKF^?4W<$NTynL=h!C8-le80By~9q4
zXhZ-TRBE_y6&%8aS8-?aBY3a;=f>Zerp#amZSkkYsRIK+&iSaj3WV2}8kvjS_`qzs
zVo|?`$_WuOsU6>G2iy8*&_U=z-mDH?ipQj5%Mw5oRb^>u{0lwJE=K?-w2yqspWr!a
zXnH{f{?S$zwta{$0F}9EWCH4I2o2w75%HAQG+t7IG}wi1HVkcW|8n?aU*wg~gL1WC
zA$mZF2Nd$`$ioYTht}!8xH?}jwU?s@xCkJ}>OJ0FP=`W(*e^{@ag;v+>bQ1Yi;84m
z$d)qfv_eg`T)Y>1C1{BzD;X8@h1|;BtSxrTQ)lP~m?Z^~`;`28a+dI8MSu5dt<Kk?
zwS7hH;UN0d;7adVk&?9BqY+tk%gBRiZ=xpU*G3T<M;qG}ZKeL%pX?UMJ_<Hbd$2-|
zDY9GdDWw8?%!|LNQMVGPr7eY*%v7e7=ea6+0zEE9s~f=4mwP#an;^~ziL;MEyH1Ju
z4cv`(+L8FnGpbAYiGN~qpS4<T-!*%<PXk?r181y#nuHx|I@gSZT8en3Vrro?2=@8{
z<FU)N|9sUeSC~Xu<8H98>V^c;On)gaZf;k%9P`g!M_rLHaZp~}DFWdVxBiZ{OJXHg
zOOun$MJTHTOO|QVr!qEa+WB97C|d7^kG#w=-XTU+r1}xTEEKS;j@VlaBK--yA`PwK
zBI_t#ZEm`Sy{2~U%!c*30`+SiZji-|*b-B{E;=RW4C0Bb16u^(&rDX~0vG0*kLa79
z4^R&D7VOxE3x|1tDi=dDEP-g92vSB>71}+-sYm-L!S}zanm|I>)N14vshZHv>&s{l
zh*?ilvsN3Ogg$C`9ZSS}t7x?AA-CT=lU&e6t4*dBxu1>>zvo@NeItIkde4Adaks$5
z&E{$z*~D9?4ZH@Sz>w7^)32Makm{@n4^u933*rGe0-SzkDx+4UGim$e)A0AB^mt$A
zL;UW8%j}fGI?9QL4;yKiu#W5bIZN>f@+6TC9u`UkJ&Upi13M7Hxo_EPXT1h0B+t<;
z#Qvnjc>!<S;Uc#wFtgPu+pk>P@5wK|n&ncgwE?e94zoi~zl72<iDQ$3vj5rUyr077
zvC_edsuS6)^<Jj7d@5KwC?EHDb$0Ce-|fWi2K=DU_Tmad#%#JTW{EbwG=9Ab7S5W*
z?oBtO{ff}A+f4BH`TL|h`4-G-cbu{0Gj@WwTdBibf&{Kgf4sN6$Igpx*DF9uAIxlR
zXSvWWWTaaV2ljK~qIJ|--ukNNCB{pH@29U(up2*^Mbm4v=EQD@W0if3snvx&_O<Bt
zz#v2r`>#L)d9?lEQy)3KZIR2{3!9!MLlIrjmKPP&_gP+RxeCd}Xq3D$fPCI-k*DX(
zyM<S1n^Sm+a_(ROSa4Q9wV%r%QERePlUEt$sLroB5ZjhMw$e&E+GTGn4u`N2{j$8t
z7LP4Jw5yE=9aO|DDavx_0-k+vaRF7-rQNg72^yAKC}ycC@5cMXWdi?@v<xy7Sq@j*
zutz(=WreDvFAy6ZA9vEk#WLDgv&MsU;4gXAgQsK${5N>jiU(xK3TKkG%PD5!KaW~W
zRgW}=u)`^Jceol_>pzFJz)>nz9f@!j6!zxa7^~O*B^7odT@+LyNBN&zkF+a9oFUma
zo)r6AQLq;X|Lq3%$74-bdX)Rn6V}tXTG&u=e>pf?1GK;134DzNJtYtq+*K$n<H+gW
zx(PYkD4!OPJCL6ex59mJx(V0zqdJh=XAWs*pE%NHLxnijL1zjg;6B}D*yQHi%LfUe
z&fRV4-q|Hb6}siTWTI*;vk11PQ3iphKrNU@F#gCHFhH>(G$9w94QA3<3x9Uk7f^&I
zld*j`uxTvFIKnHy4FWd9Jt~MQGnXvLP|R-qBs&<p9M43~HtjFc3oo*R<?tQyG`no3
zx9MojLL4K(zUrzT{kUb9>06xKVs`e!ce-S}Nyc0?rQ8Ec&Hc>XCM|cmp33UPAtRG1
zQewZ02u7Z}kw_<n6r!G&xksftp?p&P%%9u=Y^XRkGrW{A&o&t*z4+YYZ{qsi*7=~A
z|0k#5-1KCY41GdcY<2RQoF`{B&KJJ$ntU$qB;?0YH<ew;UGe+d-D}IuaUb&20k+!;
z%0SwmTlthn-GbK>kD2xmdbIdij+X?@9D)Wagm1n=2Vs3vD5eo{{5|BNn@Isc%L9og
zp=0Xf!<5jGWYb5Hb_Ft#RG7i<u*H#ocg2Dgycj$QQ}O@HUO{ak3S~|gLsN**%VwkX
zrg>2|+t1p=IQBVQ=c^Z&bBJtfN^PYi6j?#LIuQmBCdbnD5XiOC)zZ2!4KXvt^XfwB
zQ+HR^yLnUERq%C?LO?Iq$C$ZuWv6|Tb(Q;R`iTXyPmvgYlT>&f@3h$b{zO<#X?SvW
z#>^B+Z56bxYJJO$O&a{)`0@6n`?9~-4)kxaFbzs6g|hvl*r4ta88fGMB0fHb6{W`?
zaBg9vN7FSNn9eA6JPn$TAw?YZcIQ~4&0eReap4`dmM!ue0VCbpuZwE1$-DuVMDC5l
zkO4Cntw8XMqf#xO>k3FcE~6Z+<zqa16TR-2tMBHvr>o-wxo_>hMB~%+<K|9*$aqpV
z#BUkhf$m&A#yHy%X-JHrhPbAYw3nufaoVGikl8n7afhS$5T0>xW9|?RasFe{z*AJU
zi;ew!_f%6$=x$?`OB(H)O{m5Log>~2M;8N<F5<93kjhcv8H|+g!rVLACMUb`vmF#{
zSF=#vu&}&H^E~v1OlVkPO%%Hu{j6~Gtk_?1S#CHzaA;lZ;u11+?`6zrM015Puc#|N
zqKk9B2~BqI$#L~w(W*Xn#dKI`1H@QV8lNa1lO9yqzjJpU)<Y@v2a3$j4Nlw@C&Sld
z;w*OPP3O`u-xBB1u$Oq9OSyCUNmLupN^9JY`)JbXpA5V({-oDk9*Ln;uf+Iqee3n5
zDyb^&jub^bqP@XMD)gX~nYb(sgHZu{@DlNd&vGvZjXRlCj$H4DnLG!uiGe7+67cE$
ziOi+Na0wQbzJ}Wa_@DH|F1d^J_Mnxi45?36r4v~V_|-dirFdUE$=+3(3WQq>%<#H!
zl1NmWfN>0tAFI>pvkbKA$?(oa!881DtAyLBuj_qi^^^UjN=#9giW*{yf&chA7mFeH
zM|{?}=HTrx!aWqwEHPMd0YrA~Qv}$|wi~hxfKNgt8PS!unJf0sJ#2TZ9*+`3u-Pme
zl<SsMOe}4FR@Zn49Kc_ZD4^02T7BOT8IZl?w{<0&WQ9-EUcLPtHE+Ih|ErB?(q{q3
z@ftF|=xEeoL#`A4+LkP-!S!kXvQPubYkjP3=F(F>VI~I)Ith`a&%nDM@#D&YGJdGe
z9%OtWD5+@ea!qSwd@aWeTCRNlb%#lq?S%Q9h$}ixso_^n4J)rE)^E9l9`!5fnv*nw
z{PqPWr%SD;qAXya{HkAsq4`LD(qt#zCO7T&eqrutg)ofh5X-(tPCqCe{ynaY*@U@*
z)%IRUB7piUyNx-K$7{fjzgK1Fox%oo5$qV3lNJm9Cb@*fp9O<;D8<=~W3Ir{AD-kT
z-aJECstD-mNZX5)))!!)A^Mn4qY$)qXji^um2#F8WN<a95bZ%{-~^56L4QUc!9d(f
zF4WB#fxKLIjk}OyM5PZQSD~No55=6QSRzN8|NSfMS_LY=8X^)yMT=%@%UYPtd<lP^
zCJx5XN>1<}h7T<`t<(A)Gw!K_O4pi21kIXvtNKXN6n2j*pNp5{7U#uE=3mkQJzUEU
zfiO%#RYWO7c@K*}GF&-un(lH^;m(C^c8fQ#5lcn&rrCBxl7WJ?)wb}ylO)P==ISm-
zKyIX~eS3;t%ZwO(PAxouUpf+r{MFM`f)+Fnwof#iPw$||JcHPNcU?{zAuKE3zO;S#
z=l|BMEU~Gq1(~~hY9N3=h%zFh^<!9+UKwZA2~c2o^5u#F?{+#4PntwoD(=+%<YuC0
zIxNO7WuGl2(W7N5AjDP0#zq~eZ|iZ^()S(+zuaq#XY#x5sfYMX_sMFP#GPO+B9N8R
zZz_Gha}d#~dRZ=&G`U=%UH5^UZAv-`hIue)_|3GEH+g8IZGfY%P^S?dY{GR`=oud^
z?dnfOR>L1ZvUB4<v#R2|3XPum>@gc!Hl@MXx^>~A)Na4~Sr|cb;e!$mK*{9{Os>us
zRK;sHgd$^)=B8P<9$PD;uw5~*G+x&)lB`fpOG@d~RJF`cDKg=-7Gu3EDF#*MB~q?>
zi?CYUPxDo5b0xmd0qZ{bppuk%aU8RxegOxY$7sg)#?2IX53g@H*X=4H`FvPAtio>R
z)drK`ry@Qpzwdu*woDD^k0_Oh7MEYxN4B@Ah39BHTG1`hER*t&xHf^VaDR#Bp;@W$
ze-(_aofHX|gdO1#2k`yoA>letmS%(b2ccHCFX?&VDq+xr_s9o{YtL=Q85|1;(fa#?
zw3$BjhB2cy_e17?C!9tIfq;SQ92*b)^WqOEN+ZN2ke%hgh5cnKg&ms>&p1I+MH-i!
z{_0|0r!u6<HA<~kcb?6UAXW2FXxQ3mN{M2AOBX9vs<YIRHPA)rv}}mt-9lVFP##j5
zBG<U|kidADdOjTu)nY<cDi^nB<wr8cR^*qL3G?XR>FGK%La_~2GhR3ZkJvBZ{kV_k
z%Lx0R{TUD^{~G!g?v4*L<cLnGzF+#++kh-`2`F-5N!kC5_e{@kH52Zcx}#h7TtKJu
z<gz?Dgziy4Fp~?XY)IEev3{Xq%j4YPlLLVgrs#2oy=YoHm~FV>eg*S=o?tl@s@q+(
zO&5UJgPGt&)AQb&um;%u{M5VkNIBBLv$Cg_5>-=&4i$B>9T%4;(mXokct)_(c96)^
zr=^p)q8)Xq^cP!4-Lm$&%G9YpRF2|`LCmAnqdVJGa4&{>KuT}@mFhB*^aw$T=oWZ2
z7n#w@4VzY8szx29N-wsmw&VKoB<$sc*h_IiDBZt=LSpc{3|2f61SSK0gLp$O%dPS|
zyclOBYks?y+PDvTRQfB!K3)Nn8Rsh*2ummd^l#M369_`c9ha3G`1<@_qPU>%=lo~V
z-D(^7%SM{eXL^1P`17iJn%628!yvg-+eq}eS6|;1%_1%bzJ$S8IQB4MgF;xRt39{Y
znTpV8Y_S4{t3NZrSnIySHWzE5iT1jFz|hVspP$zK1Ps~CYmbMyH286(N6_v{Sh+~H
zBJ3qkDu$_V7rY#vD!rO4TWth}Jp=dZW2&HCI032O{wR1NdOS!$ByCgswz^yiQ7kqz
z0B18J+0noGZGs^*b^xvK*TqM%^zPgnQRVkz%7Bb49xYN@UJpsV`YKADJ9mCEELw$v
z16+9TCDIzZc0DNRT8my^ogv!L&6c_uI8-2!FcnG6gR66n?tpaRl$UyT#-roxS+W!U
zjG`Fbxh3#yw5S<cx3)u7ROtEr;_G5ERPQ&&+p_e*e<uB(H-?=fmfzM50VvmZH+-F6
zqxV7|P?(a<bEz0ZYEy7IRc}Jm{ou1}!W`w5v1qR$xPv76{&R&oV@_Dyk52ggwsMWp
zac>@rXi2gm)B5Zeve^u<fiIW$3uHvXuSYc1xYbn_m!>~`snF5mMx*+|10o>#Np=Uu
zIz(4%;azw)ClY?F^6yUvkPI4N@axrIBGtLq&157=M@AeVu#TU2bu>o1ZI0@;TP^+A
zEY|;+nr&Qqq)1S;#Ft7cI9D5#SXIHar!K$!Xc~3HE_j#pa3+bnGN195z*7WROgXE~
z@X9Sd8V*G2`)wY=EK<lVDd<bMW6S9IX_~~g`B)*Xm^f8#rRsp!wqc|rxt|ll7Gb8r
zz&Pa5{{TZ;t(QcvSAPu$##Nh<Bo!I4hky>oHDUb_)p_YZVDU41^lh8*Luukbk%!5O
ze8E=zuopz7%?!fAzN(u><L&)QP)AhQgIPmB-+AQB0oZX$K-F<hK%UJOkk0;ghr$Xu
zzKlQwd_5v9Zl`{XM+lwcN}vdB4W=EYxe`SJosL?30HyH+JFV2;FfRJ)t?-ph0jW9@
z&N_xeCxfn)#VeoS69na<6CF`P%;o;%#7m;^?@yyahAwo5Rf|b36-`Z9HTR2YIYFLy
zEo<d6hT!WsyLJ02S@<gW2Nc?~frRd3ZTt=gJVYj$d+Po$<#q2@F8S0_2&udx-&hf=
z2;#kIPE2!I_<k$vv#w@W1+CPnw;$KK*O{g#K}3d4A)xo2=s?=6>!l1Vr8aDw92?Qz
z=6Lie+o&PTw%**>BT0T5q}G1A_`y3V>X7;hzk4Z<&U@EdH^2g;7=YZqH5OwV@Geq>
z+87xUjUL#UPbHa;g4%++_o{PM_UL6^U=P9_obV@}hCJ8u=FF7*t?)@Uqn;VEXKsug
zTQrIZbz0Zi=bmiwC~6c2Ow|6d$_@JHszxCsn@(l|QStxx){slvCvJxc*L)?q!(5cc
z>1&>AzUxka=k!|}w-Unr(s{X9$~3M9kFa^6if?U)x9+J&3Y@DJimuY+3q<!f-MWLN
zD%66ta$HEQkeQU{wIgCMkCq})mO~YBWv%&e{E3w3+JU1JMWYqHI!e3R@Njb0+Sdux
z+J#m956mYa+<fxeG5@(A)N6hbu(`_W`3Vd_J$@9i;X7u6IG-u`1ko{LM)J6G@xT<d
zK=z9M(ItPa^+hu`QZOLBZhhDKYQLgchr3{TDx_ngUgJn1h%3rm<;g6oTk7#l(ajo1
z4kmnv+1SwIqsQlTe>~`jgDP}mT*T@v3j9N_Gk*fe9t=sDP6bT3jSb<~evPW=J(qF(
zi&((7M7Hq0nZ;UtZIOd=9X~?c`+}&Uv6cCGB9`c7R%l|&*_4_9tyR)DP7cTUU5<k!
zM~^Z~t(vRG<}a=We3F0A_#DsV!SR=<8J6>>j=lLE3eZ=ZNt7m(%^2hIFD0sJQj}2h
z>9yywX1vv34xv772b-is?s7OqHutYTvVrF?g(u3Yv}fB*-Qc{|J$Ys`R5ARZ@aLEE
zA!j5OgysI9Vb@JsgnFn=fl;4OK8nmcUwl)vdAc6UsI8nNe)I+w4x3s6o!U0lubh>S
z5A*JL@sGBO`NLce{lYsNxKiVvL6I*??}$>7op>{no#@`qh2%0dQqu>-17$2nwYKb~
zr@zExH+BglT%ss9{$(v!#57wvA@OUw8>?QdG%hF@D_og^s1N`gO%GP{&xFO#^29Ir
z&hvHdZ>#U&`IQ*GffuiO9BuASy)X22_FaN>paj2X8k@Yj$Q{}Zd*3)@?M-O8KQuRX
zW;z*phiPahNB~s-5!s>H%y5oAZ`7xQ*zDc`keokGV87fg0$X6zM~Zm+xW>~sR=DGz
z0#Shn|IpnLTW;yVRsTlk&1%`x`9M)dG|zRZeMrpfeS)BcyLdTd;N@-z$yFI-en3d5
zuwX7^e`v+!B`L?{`lQK&YWNyu9#}ATX{pY){~u9T9T!#CghfIc0qKxN8YHE=q>+-P
zr6d=m<02tlB3;rYCAGxTE!~|G(n$BW;`icTXMb?v%$}Kf<~cKS&K)EV(fTetB@}GV
z$)I8|?he1_4}U`5zYi8-HzTOH5V}W<9pCjc!KB3_LT}|>Dn?^Y7FpCaRGq|f@s(sF
z-;s~>j%z>ER*-#UjyzzR{mVb6q#_rOO4|3qCl1aWiHjyXD>&YfyCh|y)+Z#k1f#4#
z)J@Ey3c}A@d*9Sn?y}k(en!qSw$s6rlk&Bm5?12p*j*=C`VBMRnwnX&%7iLjOa`*u
z7z7shS{|*O&DK8$-Zoq&L2q2?+Q{2m(k>XBa+H#(jc~azyS*G%7Tk1gb7h8@4VjF{
z#VUM?{oN4S9(R6p7MfI+)Nj=zsa*{LATI&=$9e%X(T%4=^$s&3s*zuHMAhzh&L3rt
zwMF;knPHH-fgPhG+DXl71UKDSE)lY3K1ZF<$}=uQ&;xz3`_h|~;<=&0MP@n{TR~I&
zrQ0E%uj?WG8yM)3POSGw%5W*(f_G`C-FePsc>Zu4$<d{B89#s={+0m{k!|P>55TN?
z^6GK_)gl@-HX}<LJJ^YI743!`<MtnF3=16$*5jPRNRHI;yMxH!&DY%`)pq%`aJh5+
z1LSGbyzuUjpS^vTKQ0U9&Q<dAa4c@xexXFH0UKjYsYn#?090pDVr-Up|2y!M?E^90
zPvPk)2*3j<+%uO1_#yTTnKplNcwD4H+3XFs)=5^HT?ew&M~&3RTC^kK*(55MqHX>U
zdgT+vqB|}@z;!rrz+|sIUl|{jCZn9@U4~OoEI>hvE#=L|IFO};-GlGOQ0(qo_3?&S
zd=azL&d9TAa?Mhgkx%|AKN73{dp)rJTjTQd#>Ry+a-N^!agy0Jgy(a9ByaK|weBA%
zNwMr4%pwwrG`jZGlPU~D#g6l)$=**Ua95EO$E%HdIq0;x)B_PrI;8%O4^pIfgr&RC
zc19M(qiytbOxv%2zW^@_GSEIh9?6?G(-TY%h7!Fk^4M{_X`SE!(0?0@xtn-XL<k(+
zVf@4#Gh@dbEGTUTO{EYzA1QCIuDH3(Oq$u}lax=rSA6P4u6PVC&TjMM8NQE2+6kkQ
z=`y%p<PyiRVCGcFZ>gVB>%}ag+B8Nb{saPPOn&WP)1bgtipT#nxh|9m)8sHrlK~e$
zffefnPVRD}0VkEX2<t75fGbrS@ehYzt>4?e-bv!ESlClK!wS6<-i;{iDTAjz-Qx{4
zdu-@^vfx>JS~BYZt{2XSCv8@Cf}1~{qicXucpB+S+`B3aM|M~dE%==q7Urqaq<_Cf
z33Wy4VOq`p{ed+2MaZ%=mQF}JH|Gi83!qh=RxHiGeTF3b=RXk-g=k<Re*R-@*FRUR
z+c~*83Y@2JGmKLiCL>RfCO)1E?Tx$Zu3orIi%g!D4WjVu_lLS`HGYcsa@3Jg@6P=p
z#C+?iO@I|DgX^7JSLiF?8&$#YsyTm@o7Q#ZsWO<1u@$|m<BWq39CGDP%4@fCe$`jG
zEXTZ-Z&qrIG9^V_3s`?HmC+!pSr#2BBM5u?|KanO;K~ho{)Pd{*y@%kmA5;Xb)_~b
zA;|p7oc*&*TY3?K*Lab0U&$%{ObzD2Be`Aqqv}9fLD!6Jvpmf8rv{bY-#70j+8c)r
zS<8ldui>15Eo=D&_wz?hmE!<wb^T}Ae7A)aPJ$)jz96*oio<){69@Tx5&nR)@_1vU
zCfr7qjPPeNiWfFLl@coL93wOQB8DMA?gW?KdG-L!_8-X`VKOelpc!Q70G>chNU~J`
zEgy=|_LHez5>$V1Y3qc#r6+4O0w{Z3@ytm!)v34Hsh?~mj~p!&L<r0?s%_RW1;;Fn
zBdu<=^9SipyZ>-mG^eDgBTM5!^B^dG1$Nn>?Wgk+wm16HRD)!bMVX}4(}yZ~!9ovg
zO&lt-bD>3b3S(<3>7W!0CsrXcqAhh-A^x%2kt_VESu2k_g#aNpz+ZXnTUFZ)f%3Wr
z^ftbv_>nPma8+^H&WkvI^{wn~(N%>d|91|UEr}=Q{_;%9Jt9gf$uUB(E=yL40A+m0
z57<Dk{TYD06BE8p`2NHpL$H>Qq&NQHgZ2JXN2d}{O$BD#Hl3J_qe+MNjRslOxefG2
zjhfx*c+W6x;d-DesQ^*iMNh@gF3EY7nD<mV4Wr?&addJWOvq~!ayILRHX~2b@>1Im
z;+ESj^n35{f7}o#i^19;l!bZGA<RSxIk~};78PWYQok#$94M0&lTUBfScze&Q{ma{
z4qt7N{H{~H1(jWAbHl^ZdCeyNrP&qX@LF&&wbtOxbPCCIjNOI^00mJfvkpYtf)rQx
zO>z&WIrzFQg1fjp_KSs3dEFPn(<CN0w>Pj9^hwflCn2Zd(68pBR`-OfgIlrmf(yFN
zd7KpH$adVT@=Qtvg(v}8%bwZ>XS=K~W+YPHQ>!oU7x#mDV4IB63$4san0g?$nC{`h
z+raDZ%jM9~^}L*jIxyaGMBQ#ED^|zy8bsI8f8K#PzJnX192`y>x;;%ua=+;UE1Fmf
zhnHWVcTRlHd+f?XsX>H-7uOi%xrpIM^*9A1(u&yRA26195GDh(Vc|vbq1*e-Qwfm9
z9b=tpARo;8qiEXYc=s(ZZ|Cv^QiS6Co%{rBcRRISdR3ynAsn6q4$lajt|;fa2b9*h
z&Jj=I*GELmED=myTHl}Pt0oyaZxV>FxlyjLpMDlylUl(kH6eceZ)R%`?IeJf88$Q8
z?0)k|LYe9NmDafJ^cKBCS9H$UxvjkZz3G8a0GOR;Td*BppO*Y>ba<+7*Y#3f$qR3E
zifFR3T<g&KAk2CY#<&x5TPieLjg#O8vsrQT-psUrz;0u$d?rV}P8Bjwr4@^b_L%#`
z@*wO#_V1Ul_tE?|wwbd;pEb7$UeLt&^5sF;Zn|yMd|)r2*%3dAOTIW7R7nnmtL=rT
z$0&^ChVRkF_w73J>v!a{yyJN}xz6H4Hw>AG)M>WH3I8JmJK9&dO3hYgAL`+i>@Q;3
zk}FaHQQkPg*&p<lT>}^;aw@lRvcO4_4{K11*i9ZxS1OqaK6#1XjMp@sD5{OyVK=>!
zrEXPnVAx~5<24|nff!@$Jp64_*h*w{r=*U{a?EXYfGXAMOg8(+bS2Rrol{0D$v@{u
z2|jlGHQV`qmo|EPJ@Xh|xm%op(<jDciwf9Uqe?Yx@1(x@ObP}W3Cobq7T~j2(TgtI
zK1uL7YbC;YB@x^v9&6g48CDBN-oYi?$!*IVV($0u-j1a>Fh0u>)5M_5YSL&J=?~R*
zXH9YJZ<pZ&^GKXB4&v$|MLh3Djx;8wdH7}&As!To4LGu$uxP;n(_y&GAuZA36l;cY
zJi}Qa|5$LsmZBwJUU5@le?cP+nJ6wUG-|6{qT}>(fzF8+j2?t4gvz!nm?n5bYnc*e
z#Z_BIXMXhVofT{wBgNGpBbP)UgRZREY_q|CD!J)yhEqbN^;2mrL>$jZXVEz#vYEC&
z=D+A*`E(c%N>k7eriURfRTAR&PU=gXps-yW#>`rW+$T1YykRaLB)Tys%Vn-k`6%V_
zXoQQ*GtXOw**WnRCnss{ATM~{j_V{EtZ%w<jT#b78uBNZo0$HUg)=<13J1R*M9#f9
zIx^ZAY*yow!c?vj;UKAxP?D8XI!9<g7taM~{;Rxjot3?Gqx}{Jb2zhHK7#)EY-N*r
z{}8k4e)FC<TVZB`Qrn%Ajdk-A)i9jzS>r@;HiZH6&PNT}T0G;vw`R`J$*r>4M*i!d
z^x-dD8lBuu*4aYIOn)~FpDjxiMnH-0ATK$iSm$J=Gnsu=Wa+u00n*x$uv)*&58L%I
zhqAe~FCXxRs<tb(hY4&7g0ck$9muYSxV)BhrQz&I!~<8WPvLQ}`Vs$B39LC@rd%xW
z@~T%=Oixgm$JL@s(QA1JTE1NlDz$x`M7jD_x+&Bg_y77~SB#QNqKH8kn`p4bRsF*L
zT?s&C`OWSk^=7@C0O92a?(!8W+;<PGQPMt=B1Vg<8wPpE>mi)jea|+iTv7RWVDFhh
zR76Nts(L;0KI^PY;--*W0)caEfjI)pO#Y^9_RGoOcuzw`EUns7yo@@9FjQrG-RADs
z^H88k<ko!WdUm^Gw)89%>k?c80NxjgUccHFsWukv-+)FAh|a_;B@)8ZqKjdC!wi|r
zozC)D;pL`ILYLb1*JrU|@|4h**kID+i)!63V!yUT8C#!P96w+Oyu@aP`EU76A}uy^
zWDvOXDeG$gl#&sK(c8>Q)=QhHw!^Jf{s6sG+l57To*E8aWuUrVvb%O6p_CK#)+VFR
zXUWJ$*}RA~{QU;~iBrf4K~SJT_&4x#Kg_e~ZsPk~(6SP>)o1Am8ozI}Mo|_bC{jC{
z-F+SX6ry;+Y`*M4@?AfQLLg_NBi+Od#TE=XIq0!S%L@_{KVze~VSqMQyP^Ow=qxBt
zZT%#mF6P3~_@nVG!%C4|Yx`<c{|xIRmpKQ)e&vj4Qsw$&4K2ucBu9u=`j9KPvnnED
zWjcy@I;MC}7|>@8f&HUr2GY6ZsUx8)hg^9eMP8c&9QfaHq`Yj0AT~^QtHq5%vL@ch
zPj4*iM^Dck3J&MBMl1G}YODO?Ph15TEa}2;h@~|b%s4IoLWy91Hq2oT(PQEQ8MSik
z7A6YO{f|S%X@Z@lhyslWFT~y;wD*$qXT!V~xKGW)$ekZ~3_d7W?hm<3V-Y4l1cB*R
zrj?c#W<iMiMN$PP>h<18J&{SQw@E_NUjohg=F_HbBRj6zR;=DH%t!IA<@`E$48Rxd
z79W>44m%w->ckeslvJA6C-3jsS&XIgo-=RN4vN!ipqRB;zB7SAjK3g**Cq`>^K+2a
zI-k6UYA7ejZ?55|U%S8O&#QIC{k4+cusfd);yp#%EFbLH-xEs-tpp(twyUKaeD*wi
zdiF=i;$f=q%7zJ>M@c6uZKklY;sX2nLE-K7@)Lop+w-%<-F<G}APk@?HLnIhyj7e{
z$1~WPKk>Vm8$%QM3S{u?QAfdF8}f|&t+4Kl%Ib<z+rar%7PR+Q>0UgJNJyN7ex^DL
z8A;>#an#_0Yvu}jhUCE{$`>VOe3>Y1Kv2*QXGiT+Q}#L8B13!bE3J~?gVR{s+;tgQ
zEr`yBM^zwlfYK)`Nt=~69Q>7H+yvL^yJ}$Dc6<h%^Fw?UB9>8-kx3JwdmnjU?$lq}
zX`Ez?W)Z?-_@X-Q4Q~0qn7F!fD9r~w)ppwyfx^ePh*+=({)K}ek7v5}v>|_jy)g{+
z+T))!tqLIOFP(rn)}cbXnZutny=KUEBqb+jtq$UB2SS{lv;#}JWoM{K$RcDm137w5
zrvrDE;F@ZpvAR&C<j`Qna1}AHUz?-0HP|Y(1;}Z(+wC_#xl2>~uI*T6j`sJ~b^+Jl
zQiZer1pUe6cUvk3dF5`t9x44#we}v#`;g~Dq@)ik<vp~z<jVxM2SHPwvv<4_fxuP@
zSY$A9iE#{Qs<lplDm}gZeUP$0X&Td)Bly}A)y?2iE2Zf@Ai5xqeDV40w7!jZ7Cz~#
zNz)`YR)XTtJy%_a;}RnnLeOh|`XOy(CjKMamrtu}jp;$!owa3_sT4)(OE~ZzNnamU
zsTtlKLC>DnH=-#1$mjJ_0P@#@T1!^TYp2%FMJwP$%6yJ!aLZn4-KE$rminEhKDoH&
zvT3pIj<_d56nT{OKA(0TBYl6}&>Z;1I`d61(fO4s!y8JkXaXbEI@2%t2+B=_Ls4W8
zUtDa#Z^xHO%o%1PQ3m2Y^ZJ_C5&O^HpALNS0Ge2M@_yI*&NjrH7;ImjMz5bPFPJ`&
z;q<QQ@L0VD#+tZiTADDE++n5QifY7);aB$wq1F`XjmN~PXoMdIVlt@v+4b`wz5=}z
zR>={@sy{P+-!vRQ17BE(W;y=z95<{~v=aXTnCBRIqg*+A=o|_(sy70)_8*Qr2F6Z5
zN0*oM>+6+OeG$aIV&fUMhH%^MmnhdG>8MRMEY#0V)?f7=Eah?VpQ4eW+)h)F-SglU
zWxo$_7$b=2vK!L;YT!g<8A}=2U9kfz<ta~`D5Xr5^NeaAq+bvFGvr%xSppDBHjE|s
zrZWgTFao=$pIcq5jfBAnT5S!go+eK?)#XxZehC)V+P$YKH1~7*3u)XK6EH{{N7sH*
zaYS(tn;$Y2IHpYZb#)FGI{oTUKCgxUA>3xxJ()n%db|yB2O4V?4_(($)q=-ur!(hL
zTdfTmzKyLe3$m2!LecNO_e`(?ErSd1vRe2`q)e~{NW%Vxcw<ZUlGw5!(`JZSp&qI%
z!20eDV@7s*=)#+1Z57zV|4o%DV?71G+RF4141&IEcR*~aJtxM{FTrPZowg;af11K{
zJ+N*xXN_O;>&I8uXe;Qh!6}A``N?;v+5WSt4b3F94r?Ipm^5x;>Aje4-B<_l!dPD3
z{Ha~&U2M+tg==LmuE>e4!~VO{v#$B%LE_u%QDu=EJFd&YWN-YNxjf?FTYDaAnLh<E
z+2fc$1+dJ!KLxOln2xeXG!%olq!RJ=US)}45~m46hsJozx;vEp-Tx@tjgT}e(11hT
zHU3&gBwpC&?J;Ln+3=v#4~t{Y0E6{8qK2?pEVVqqm*|8y9Sk1pXmhTao)__h=Sp68
zBHNE`O*-8EO0*FzC=#s8m+bl<Jz8PO4z7u!Twu&|poGRedM_<ogDy#amG*+t5uGL?
zc%CrwU6Sj6{s@dveD-M9b){W_!B)h(+@*F|v-d{SiQ93*vSz5WvL#qavuIsO7G5(i
zj`#zwI`Qk)^_<7u3|-i6CecouwDx1um!8)1d%kLpx;cC!*xZ!v9N5OcxI}#t)wv9b
zi;=YABl+|<qt$3h$eL{giTb$wc1iIOB6YSejfxznDk__jgWjiCqU^4oqwN2{>Tup~
zxs|B}238+DIT7hQdDYQK7C|*(un#ezr$oS~-JF*h2G!5&IN_l;bqo8|Khq}NNCx~|
zh1>84%>IwxCP_wCw9H|(AX|()x<~Ig;BAS5B!7vwH>SJxpS*J=97X>ZM~vo7rdpXe
ztYH%p!Y2I00h_QBHX-Z-Ve1rUhK`1rK2%8D_@|IUB9=0MTCy{6a;Q9y4o$W$D&0lU
zy~|m8?|-Ka8Bjh2?B<3Bdgt4(dN5W`WmukG{r1l#7F@D448Ni{*7e{i`5WpWqmZ|<
ztM4iOimE~v9!KF*#%PCTzX>km#lRnVl8K1rLag<lnnoz*JRomfX+bb8VY=+?4FHzQ
z17m-P&+Y0)O}`>C&%yq!yRVO;OCI&WcgK^P@&)UG_d3^g(`)OdY41&uW@<|!qb6!e
zYIJ3rukoC}T}>QR8i=$qE$D}gKo1Vt%4$U#76=5ian{SGlApBM>ekM-mbG4=+!~eJ
z417-#YsEHubgDw~E|Y)hiMB+NKd{PgWDQ|Y_P@8fJ`oEX)@(UQ6y@>^tt;HOuqd@w
zxKqgYGKFthgepXHuwO^~w<(3c+l;nfj+Nyr(Vr24`0lzN_uE?CT8XIYu7QNU`6<Y~
z;{9IR8M`012?&d<IfR>Db_CXlnA_PpM@FVEPi-e-U0S3y0Ic3`Ykr*E-QM|&EnVGR
zjQVO<<+Z%p^NXl$wYI;H6zp1GTWX__HpG!qtd{xUo`y#;vQko3;zyijX4b|ax*!s#
zJS=ZBp8FEWmDU~>m7EbvmfmO?ZW-wrp$hV@qbgjim$dU|Kj~VWxyIcpPnB-|-Q2AK
zbSn2#WKb+8MoF(g;vxc0tZDv+r?T8=2<&I#NWoU+HJ6yQiETIr1rA1~s_$7XTiTMO
zSN>t~HaQM~K1%TFR!&<I6Cd}tME9w(b^cFiR`|tPZI?SQie?(UKdvR&@X4OqN+0V|
z2^?Qk44SwK!%k)+0ZaD`CDe%62WH`)h#s*HW_5og`C@3U*UdN>Fk(uvLo453#q5ec
z`skliam>LlwKBo|aVm62#JtXf04~y5j<FST^*teb8^sb{5AA0T3Xcj=EprUfZTH_k
zrYo5bu;Ra?wXKgSyl{-PxT{o^kwsJNYooH1kFes1m1Rr`?~V@tlh7RHqJrf!6&!;=
z@U6&GCV{#!{Fih9bQk!zOU~*2YaK&(5SHwoTCtx?rrZ!BUjYgA_25+}2O)3t-Wbyj
z_uroXATuv>v^CqXA=cJd-LeOd{3vB6SEjpl?AOcvu;5dny*?w|;lM@WN=*XGkkiE7
z*R{$$S-obb*1HpNz_db?KVE#&#X>uZJnc?w?V7^I02=<m?GK?PmO7k+&T)ZPansup
z^qs#=Emx*&GmR4&WI7z`(@q_TUVZyglX7VcYcreD)uq7mpKoO{M6~hn$2-c@kLNTP
z?S6M<Ek*7EmlVG$jQ8tth0&|~>>$YJ(;5|VTqvP-$t#cbgz{SW`U6!s9ZK9`K)~Y@
zTagSGv&?_x?2l;2hP9jWWu#jB?+BJ=CdJHaOlrIrzT<&;*f~u|wf5rUN#1^N+e0`p
z=*zzWL-j<G&V_a9id+^^tA@)Ung+F>WH|df!Qs?dZal<)%PL%>79hziFm_<4R4~*Y
z)EvGlPS;5PMy-VcnD1YfH{m4f!i7q65kCka#&tFX*_5|{3GvfneTMf{65DICu4=y!
zv)nmZE|-b}G77N$Zh`*wnWcH@Ydv_L3eGk{jm5z?=H6t`_VWhX4b^_G&tY5B*`(76
zu&TbQVvIwvzZADbFE_n<r4LDW0Qx%wIm7HSfL<LWKv{Z_pDXw3zo?CoStrvgrA4&{
zai^Ezo^0$<_0oCFS54;UkL?=78LL8h>z*-tJb+qO6MkFBeCNz#U-QFew?hHr{PA!}
z9l5@?e~IS6Z&fbdR|%}zbCG&7SKCX}DIV}gzhvza!pHBeaUFw8lVDg|4`?@Z>eq=^
z6aA#k8H!b@(r7OIo6TI$o=`Zm{2ya!$Os&l(rVp;3FHAk*~t3E)*V8$hZ&#q$wb$9
z-spnJ1u^&F%K3YvD_^3{%?bhvW#5&j?o7Q#%~rV_fybE^YRhfeZ0Vgw*A>ByHU05>
z_?j}E8BMY@0>D{qaei#9WNOyHn}0Xm`N_@t2a1(+x>d-aSm&KJbA)vtEU$N-R}Km4
zT%ke=9o1K*5o3@7HM8n|fl#r1p)M>#ZlzHA@N}u(8auq>pE2JFF|*d;;CI1{`L_1d
zOXk`jjyu8zr5#8QBLl<dGB)r0DaVZi3-g9Dr)AsDL+j&<pteu0K0+t%L&~W5ob@Dg
z!n>2R#x`>~<boeQ*b4o2m7}{*Y$ZN=`U(Hm=|F5C)%PMSTfI+ut-BMJf_FqEjt#YV
z!)mNjd#Yq6%ZgZm+)b*BSH4MBg96U`s`^j8DVc#V^@{&duK<8J*|={X@&jkEoFzl^
ziMCnEOA)t3oP?*J+EwWql3Q9@{GWh!-W_#thhA*&u0ZPw`dh-7)9P1FG7TI#LAyw&
zdwIMcFpJ<RcdC;&PV2OMka@PdxIY}99w$tiJGXq{A%W`b)RkPJxI7~sTdfQH@MZc7
z`Mpg>h^xC}1B$<-&~qkp%W<M!$;is8CvV6xxYN5I;Cf;!{(4x=r58f-Y;`y}u+^Ma
zg`9c?X0dC4BU(*7AX)5dw~w?eSZ!)@hrKc#Nt-1Px^~i6Tvpl7xStvh{wzX#m&J1w
zvpDI_HrD}VxXg3+#>fh@Jv7474Yd=2J^`5cNvjxVXSS|CdK4||i^2nQPpF}WJiGUf
zn?NvBX~1Np-#p}P<I4=E{n53@bT)M$_)DY*oZ{6#@eqY(VB+om5f2S=>J%N*l16O%
z7^J%;N;9#xH}!j(LFC!hiFyo{9~WXSu@$Nn#I4Y}BqG4x8z@Jrw|vo;vQ!0CpD5AU
z+X2_RM<3c37FH3(SVy+oXDn1(3|^977VqI$X3~P=zg~###Y7mk3|sq0-Di8VzGAm(
zwubqNA?sGkK5{ce!Z4*W?)E6U*=xouH<Y7(D2(#+hCl+Jc4~<u*ShBsBhEIWNVil6
zsBxfHV=TUFB(GlxDY8j2_*P@?41Qy9e4yF8emUdrW5hV;bf&gZ=ZhG%AiHKbdigAy
zDTVj44-YcPxq^CVO&I-0il<r>IasOwkk;B`8<W_ta4&#`o|5J&yAUROn`Mv@U2u1-
zAO7szB-A69*NoV{x_O9IG2wahm=V+~QSe<&4R2Ysp%(U%B%ny^G|qxr6~LIZ8R*w)
zkG~A@9t+ia#K99vlGl$t@rs~h9l?!2e?s7JyTmw2?Wgczf<zw@-hDrnBQo)uFiRB<
zGtmxwzyL>70vRQd-?4jaT0qg?d?VaaCHjHk1a5u|IgAyRDp}~k<RE%O3PvtrNs;LD
ze^%?j%Myd0jA{^$F~ww!xp?{M7Z@;TeQ$L4IkZCe*Lb6=_H!q&f9bYH#U`>&-C0yc
zGO`n~(a$7d{H+QG>HDpxcxo;oV3K4U_9~>@!LMN`&F#vHA={x+MT|7`MRXdo5L=kB
zXC759gY*O7!s=lhom!cMweIwRm+wNrG-I{Z_8G!4hCh3`J)S+?bhmn|Qd#OarOii1
z5V=))vihrhfr_so`(%^$Y?}(YE#>KU(7>>vDkQRKAed}SGYkBwP#0Q;l*g9ko4x29
zar{le{1|(UpB?wE8Lzj%*a#I#>S>^q5-13J^cnTTK3sJ^i*S`mH4Fre$#Q?$!G|**
z4;N;Q3z=oAMb&4|>55M-IHmVN>tk=am^R!JNg*aQw*ZC}R(6d{&UJDolFe*H?O2Yp
z(;fj@T%$;wny%yH7u42<!ih;-%cxup-ClJZS_%DZpZ^qC*HO8e2uH7t`wl{Fbs!%d
z(3T}X;;Yfe2IUk<sy;J)O6&b>-SusA!aBi2cc6U$c@v>Qu))u*o3h5mNLRSY!UYO^
zUSG7)$KNp?(Vt(#@xrkpQuI}C10EJ4*Ed;u<LcEOB%Nh$Rmn|ceMJk9yqT@}UxsvN
zySbU*PlL}fL$z|xS9s5D1TbA)js`pKK1WnM4NdZ#i!UW8F#!&eXWBH4;z#!ZTzIb}
z&`)8!L~O3KaMsVoI@O<*i}5{u)&{DGL@Dv^I^(?g$kQ?J4%hpoi*8Qy=(<jG%hN;V
zO>Qc9BkOTMSBhuh$R})9gKAU4B?YQR=;x&yys{+m>+o=|04+8X2~d$XNgaC)#q6W^
zaV=j+-bN*gH#1U#X2#LUo8Ky6iR^9R;_0$~?&zYE%D>&tuX*BbET$d~YO^3n4CnqM
z&j^UXNdAcRcXk9;An&}`QKJ(n!iV49MLgouV*2Ln{;5OXO#8~>YMq%xSQ(ek8SzJs
z9HM^=5lE#08&cm;+2jrc894gie*Ui+%#dDa;$<U_RnPd3DHQcO6gJ#gNTU5$`kHqf
zw6x0`%Fn?vMyO4t#3HIHQt|au$BgKT<g?x%-!ZHKVlSW7zdu|)0}{jrnkwh>=h{v;
z)`>QVO_HqMHGPS;?6I!AM~yN|lyII-E?|a`)51ibrsT7?r8HcQuYem`hB2QS*()PF
zJlkld>uytptni044T3$EO<1WvkHg7JxV|szj}ulIYagY_aX73k$<n5H@xSI<0Fe&e
z4Ea|}p>CxCczgqa*FAL4cvqL&BH4n~t&I=&>=6_!42^$x>2jvI@+b8G@{T_<lS7u4
zm9j#2wD@rLDt<}*%^{`c66m6!xqQ+e%V27wV3lI<L)N4ejD~nq{ho5v>tcFCgtKpz
zq)+qE;4$ZMZ0t$v9$gfV;u698&GBZr+}r50c(qKvcDl1hsSwT0Z_R4m8=f1u6x*47
za+|pslyBYu==su)I!TFh`Qhp!09;fh^OMP+p_TTg-UNK&EwjW@v?n|M0Utd6BuVmJ
zQ+M>&bVaIr55hm@3Z9bJ9^$0Q9Em8Bu<6_oww85`eHOftsMSb7V7rHJy0nZkWSk`V
zAfek3y$}vZElzOvxJOaMdxWX_WfGuM@v0UTvSd!8QYsu_5(uJo#`wBt!fDH~Tz_tg
zL4v*giNGfuAz>q)%nX^@?fA9ZJgs8U#-pylDyV=;Rg-oSYw4ij=>U8Fs%m0{|8lFl
zox9_a^(zZ?r1Zxrz*kO>CE@KLA)1P4N!YS#Ce@Y=X@>F1GErhWuu`^t5(OC9KE4j)
zBK1)Vp#GhIAPK?`e(o>!^A%srm!UDL2W-L|$-<9eQVj(`8~p4sOvrw=TKP>Qd3sE_
zkG)RVy39f~mA<3>X8g;+epuD3uAuQVLTjVI>v>iuo%GF}+|_t{-mixeB~>Q2>?9&I
zvlZ4kwYH+TAt;J306NkPZH<@6rmQJ14+FmR63C@^P#rtHiOax+2&c(&WS~er0QKBg
znHO|gRL@}N`*@d#JL_5kw6H2L&Xsr#3%BcA*w&$Ua%9gbwzi7{9LkF>XvRqOSy}4l
zC@tPcUm=)aawNa~J2R%3UpNW|4;}i{X5dReE=4626e~=cph<;wE&fckVE(11{MtEX
zk3SO0KkN%4pGp9sSpVGO1}3^z;4t|ot%YoHLEGBNkOL%>YB&?EbccX?3}1;!qJA;I
zqdpsFgQc&$>yF~Bb<4C-P~8a3Py+YbTDIk)#FDQT6Myoy^>Cvf9MplAiT(V4A%yKK
zxZA&z5*H~Dor*Uq7&?l)C&6N(ZKEK+ideh9G4n%Ds*lWq^z%a?W!qei>WQ_NEm;WG
zZ?1|s@kJ{YGb0h5ek3ERR0$WfzEe{Z1wJf-W*jI(_)b)}J1H;C$qrrfUP+gPe`pxY
zCG44C26QcL8%DpHi2FsL!1MQtcN&q$Q4RbMm!+5WXDpOOc-z%`l1dYCC~1R&!T*3y
zPxpm}V1~TeJubkpz=lX(i#p|+{#fvP&2z^ph45QXb2D`FBR^v(o05;z1OeT&P>*}`
z$V|)h#9A8zz2;NPhG?r-yC@Zh(%%7Ym{D${eE8kzpNon6iC@9@1w-3V7#xlX`b!6<
zj8^d$lwcYZ-;roUj^|$s?)&5KTaE=YWXR~WGBII6+r2gCm{JRF8)Y%M9QzC*H|`EC
z?ck9X&E#4B<YYcC6NW$9kSo=s<_x0QYA~#3Tg)|yxY-_tf`LYd&J1XGXDb*(TszqG
zD81O8%Gahvx#gSw@(25P4>Z-_WwDC3`DWiA$ATx=Z1L@hH57v_H!Ezpoj#)3y@V}y
zKSF}Tss53l<z=Qd{YBTj^gfG({g8}kM3QdrcIEa7T+prQMu*?b0xy&QMtpK<(Yic-
z>tl<gC>tJ2xC%f=9M(OdnPdgWWt%VrF=}1<WSSB4;?VJEovlxlf)|hnrJ^Yll#IO%
z;BOw3rsJ}GX#M_(cx>PH4#yVx>@#Cl^ZT)znTC=yf<#s&4?@R?i%05ix=+Y&6^!aH
z4lJ7l-ZRDz?$TmFR_oW1>UU2F8kgxdm%qYI16A8H+AEVl3+i+7cHH!#(tN-%d0u`9
z(Ae%T&;9KEHbG@~;`v0Ndw<5wNnO%OR<W7ZIAC|gY}3DlpvJL~9cTXtt1V@NY}R5%
z->f2ZBT}#?{+!Aq<FHe+btj;OL?dlVQvUHv1{9sTS3`Xf2h<*o1&j_WeB$D(f8xsD
zMqlEo*I0H6bj#t6y8%Dm^Sx(NSe83|*#ze@T9@1ZUD_Q3P3ZJnr{;v2XRbRrZ;EB4
zYMz5vWjsHx=+8-5OD$HJVS4L;qP`l}scrm4L}!Bui3CZHHTm!B=nd)5pm#J}FQ?@b
zqS?D?K%$5jagq$Q_9GnjBl^s5eggcvid>NBp>CT0ux=nslAo=c=KA8jbgQPY8IAQa
zinN0q{N8y<ty~Wp?Kyqh8!R)@bV}hJ!R)<dy66hGo5?(4{X`12+@>b?7b|_jn`e6?
zE|8{`3TV?xtmR3h7jp$21LfT;wEyH%ig!*jX0u-b_7Vf|#nIvn5O>pGjq9vYSDo~p
zKskBzW`?U?7<9h29a(*QI_gd4Ipf?1|5j+}Bia$81}T;Zi+)nX_1RhPhr7rVJb@=3
zGtZC|<L>-<$SS>ZeP8Wln8=<ijy2s@&nDj$wJq9udtk*~T9AjEH3D7EET%!#OUx3a
zg5T|ein#`#)`v841MNze6HlMu7zZ_?H?*@!K6?yDd>O4GwiH73g0vuKl@89`wxO7i
zL-Or^&Hm`ayF@EAk3W=9Is}u*V1Q92dWlx9k>(EdINt{`AL#6)r$?NAN!T5vOZNi5
zTtCj=9iKssGYjKgmgYMPwW@fF*QsF0ZaNDl1m|Kh0R>)1c^!j;p=w%&#fmrvg-Z56
z_TYU{X094{Q+;I!d$@m0oJfgfo&{r_QtrA<RV!aM4U^T@pudj6&9~H;eRQx{ryEWZ
zZ>C`B{gubdDJ$(H&Ax3K{TmDaD3%;jb?o{jWluAV@CKs8Z~x4}{SrX`K?BJwmneXW
zHHS%_4X{tij8bJC4)_K;g$DbBxciE;<x-&jAQnAGnd41Vf#)1nV(b2{mq#w#(^k9f
z2F;;?8(TkE`KxoTJYc`iaeQ0q@@SUCVWLO#aZQw$g?Qt|hi(30tqR?F5p+(7t%8k8
zq3H;xZn93g(9xrtjO8{@ej6S;;Z#hl(<6Xo>lo(*+-Pi4O18O?(L5hui6k_U^m-7J
z+-;8~eyBpPBcUehct`Z|G!aa@YePjP@AEa-!GOl?7s?tV7AtO$)5_9<_(;XSqkW-^
zM{#n;J0QE|r!%T{%TuHKCvg|ywI*oFNBFFY78TXd=|qlDXx~#|BS$TupdVtS*o?`P
z#`C@?nY~Lfz>TnPXX^=+<@u!Uxms+$`qUh&VQ#MJJUQA*bsOR4PFvevC4<ob3ht=0
zt~VS{&ZKk7>D69nbv&y?U=XN<w5B{;#>;amb{;AN!R>$NV$+hSB>BA_hPuJB&NVUY
z^u|;3AlR|o{zrIwOxVDPlVkK%)WQ?w+ZR3aG}7@cuwH9=s%gEyr<6b9_N3t|8oO-p
zV?Q~F;KvSZ@-D^gx9cO*bxpzrdwG@pkg^LE3S+{*gT2?~w&GS-pqV|rA6+cWR1`7`
zGKRgHqKZh$-TV9PjQg`N%?TS3A&ynbT&H<f>i3{is;Rmg02(*L(t28O(t52}=SsxA
z+xfY>(Ii<?U<6d>deH4CQ|HgR$Jj|4oE`cE$Km^nhz}~8Y7l+xX3TUpV+};AvlJ?Y
z&)NYviir!FVf;991fzeC#E>#<z8ayab1k6;2OZ{9gJt*5_($$7hD3%68pN<5b>&>+
z<vj<aE)_bj%9%){2Xhxz5HAXT#EKekG$|s}^-BDKi$(6f_c;Eb9cBb*QG$nmj9}($
zl_t27=<_o(5Kb(13I}oks?b_pu)<?ckCI|SC%Dh_xqn;iA)-@`ALRrOK?F-*S5yg>
zDCYK^KHl4bBWv?BI}_(pSi-Fvh`D9P3~;lIXIn+%T%)-5DX32?Mqk%mQ+i%4LOQz|
z)F0J40A(hrbiFz~HI+S#DbL%;#bE17_F<_iE-Cf+uIu&6lWfpFYcw58pk8~<+vka%
zmQV7aLeMmRilq=u`<%REaiD(!>_8?tk}+ogm%M{m`oa;;i5QQ!?ckrtfL5*k(%Rd2
zJdQ_{lx7bg^NoH>XOJeyt>na><|zNfK2f4+(tVwGJ%VLUdob_jvWS0cablLOl)%O3
z4l1w~i2d5wE-lbAXqPTl@4ZIoDtSJvq1_2>Pi~a)&Mdz1ket({=cJ7|mw$KTWh8UD
zv(>8dyq<%NNj2bv`g%^=EOQuknAU`HcvI<;2a$vY*80)M4dE*CE<tPhlKDHw4v9H{
z2}gukiX0)9prCu47!h|iM0Jv)*8KlwYSk_@386ac(-ht#R#@J54o4%jsJ0g{Ol)TS
z?v&~{Y&VJ(M?cn#&13SZu#qa4_i>AjpWD!4O)_9hIAY7`r}H7w$}*GZ$&U-pT`F50
z1F~t#@O6^S(}Lvk-ccgkVCP<e>SB|loLbQFQpU!D0}8>sM%Xk~j}#WoyK%`^BgOIt
zt|&`kaw(xxp(fE+Qu)4RLv9q{E6Q4nhc(@y|1~{`S8GxI8+>JidRJZFRP!Ma0H<Tk
zYbZgEKt3`R0VEriN$e~9qeE*B#d|gNe!+)r#_E9NobJ@%2T)2H1s+Jt$RoRGA(UtS
zwC%@rUql(E2v=yANWy@g-E4ZI0WZMoNLS@ny{mR|oi}ta%p0nfJX6C)VvxMRd*slA
zzZ4u5^BY~%x^$Rv>rA>vb%GS2wi|i#k$&&Q$i=t*e4@*5;SGWVr+`c`48PlD>FQ(G
zlL&j>x!{-?qsNdj5p_uwAkri}9r+RJt~=N7^h`rPA6~JqL6$E0zZ2LSbnB-H)@Mly
zJX#m|!Qg<|ZICo$Ei@a^#d_Ib!s8|nrMD$)yTX!a*A$e~&khV-=cVo|&DzS3V#@Al
z=cOXI9H|7Zia7Ugb6E-RV)F3~j`m#F6AD*P?+FX<xa3_0!U;fz4NlAsZ(}a{npl=Z
zllE+pKn=eAN0HN|p?m(avsNOlk#Bns0-cx63%otA)+S6$4u(A-%-4p(-XHr%7RsNy
zwKvU8BcEJI3<B3bpvW1vOw!jyu}|;#;~TwlH{wQEprU+Awn#=w*^+6ZW`e&GG7{tY
zRDJ0>Etxv6LmxH(cUzQWd)(OXOMZjzj8T=3N?#McFF8oGiuUe^UUFTE*m<j1jO~)?
zB&9>0JywxmI6Z}G60<)Q7v|P!-8YrPVRA+V+>h~{VR}fMtnzG1hV=q{daFdH<e_}X
z*~rjd^|wDLn$>r!@v_pyOgjJ1ga<c`I`_CaOknd48p7rcdp%`ba=<m1(0ozI;<do2
zdz&SEHWaRWnbF{Sg0gqQC)B#X{A3)0G*%?jf1IyHa@ZUVb=Z?L!G8%P(>YrvO+kb1
zha5}e_>ABps?(eHc&Y)R1fJLo6)BbA<`W#YC^-<e#~Q05Zp=fHgi;9hhjfa48p5`e
z3d@%G4k+S%f6rgJzk>!AW$5f%GJR*F=Vc3gYZRVKctmi1Q<@ikp_9sQ5xz(#e5fmI
zB~7_+%|df~yB|{?jj@ySe1<`*|5?rJQ5)T+>AR$fP8VyEcxrq&I)KwC{59v1s@z`B
zQ1nZsAUJfzrw@WG2@Cnc1QCM?vL~#tJP5tZOiw<NYM(gVrDdsIy$bqG9??^LR;2i*
z^tH$9ZgvMSeWIpSeWcz_FI~)F`qq#~oY0p?T4cP*Z{hu1YlEJ7u4w|?LdR$HOCJn%
zroxO4asY!8u!%{+^jPU@^(NMi-COC`ux{T9WLBdxbkHuNax;-5r>LA~M&=NK+@_3u
zCuu~&D!v#s^dWPjEs6EZsWkZ5AvRJMLH+!Sc?BmeewVtJD#3vr`bsExRY`QLwX+Yq
z1V^wz-+Juy7J=@Nc&c`_WXfhseQ_Mn7kW<^kA2Fq9L%1|q3k<4Z*PzRB?N1o*b;44
zwFzD?2p(dmJhmF$7Ry3jOh|N^f*ltp=AzwEOWC)pJkE$=pEP{B#PiGF2NzBp$;>di
z-pp71OUZr#qYpeB#A*nc{XhDRR5C2#Gq1xCuvnwjJb9JCi&c02oddA-^>}g=lx}BR
zo?pL=R=D!x7m7>p4>gpd`NswR+Z&M!LhYJkb3$Kc3%9J7%K&3_k*VasMl(B+R`TyR
zyw)geg(vvmqpCd`AYKX{-xL|9cCBj0(9Y%OzsAqL-a^ybmQIa`8hiGwlc%tDelxE_
z4{BOzyJ0kY`Q=LiHlq(fmd6&FH*ZV*)j?g=<p<Rscb^O)Nmd_{pB^!~Guz|)0e0t|
zY4Z{dD$}Z9^g-$fo>9h^7lLcZgTaO04_YZ49Ot4e*b^R{S7Pg9%ig!0&P8+CK57ez
z71Ziqo<?7)7Sg&q;(n-+9(f(FC_xxF)@<m4YD56@B>|_j6-VA?mcWAJwz{c(%=)dV
zam~`mrItYr9-QlnWxe=MF7vN{6T9G<v?w1zS=-JurM?x))@B9?GE|y((gu*ki{tkm
zz0r14mFhFHXpH|)62GPWL+Bn&<JtEmb8@jKB3kzE4>(WCS_V&49k-_;@b+))paB0z
zM3II?BY%5#b;M*_RQ<hh<)y_z^@<9$=8kQMi@g_`V~Vq)3FVe`*ZSQqGWsV4J<U@u
z#}i^(=A#}x_m8RE_(^k4Y*a3@Asi+dJ@bwzIwIrxq=8Db*CVg}LvUz8YZl9avB@6Z
zdx5ATd`lxgSsyH-bA%djnV0*yXWH2+=*xo->p(Cu+A<0c*rvW-L8zX~gO(V&nZp-o
zek-0Tm$D-^VpFb%LgAiU(qWts{MKjKNo@M<#lw!isuS=si};Ah+H9owvT%ZAO1)Lj
zSeW>=G~PZA7xA{fe`htG39DFE`3BB+LN)i;@=wiSydm;@rW!#2MGz`w%#h;m_7|TC
zy@xEA{}XONuXQ`4e1V4Rlq!CST&xa3*FN*L{fRwm%PICU4yd+XB7>)ph;2u|dotcq
zf^#q5j+eb8BWXBrhIvT%D%NY=LtDu*-K-FpdEsH*voL{-nQ6VJfLzj<leAC%IcLB6
z(Y4F;cG3$Hy=0nS{jJ-JDlW@O+$*dL*7hgY8RmN{dI%-ec+`6%@<H_}ue*Q7uMop=
z0+C<mO&@2tIhS(mu_&;7tFag2a>(G+CB)~R83;HT-TSoe-ezg=9HX+Px`jpg<Sp}M
z>XLq&;BBY&r(&8L6_VNdWME~F{kiIi8Fe9fc)mLU<^8~wxy2FmeoZFWzoM@Z7n1p=
z7dt|CEt5Ihxsv(^dx*WuS8NSfx(@iuf#)&;^W9^fj{lhZ=!US1sn8O<*F4r*2R|v1
zwZ{&pQe1yNNBWJSIrL^Wc|Nkvb!v~N{>nT-O(D7Fz-#D@ZK-7;)3)jS&9z0-ZM4&r
z%MNwtwFyu9*05)x3-<jWb5uaymUjuex7d~l?fFYS#FE3vc5ZbdpsDZXWl&0{{h`7P
zd4JwR+G^>!knni2B&+`VbC}EBB}9=q`vUA$Ww$LSL-_!EKrt|8dC~vwtDbMA%!lM)
z1;?)?iLxJ_*M_gPS<SISq=EV3*9rb9eO#OQm<Br^SG&{?AKiJ+kYQTAkM=8a?|WgE
zl}#T0*&QIrxF5OXw>VxDOhn|#n_$_J%1{k@(f-!PZ+-Ud-PaUJEq~Ra7YzT|5t8(<
zgd9}v#V=Fo7MP8Pp!`y$Cqz_7vw8-?3MWQXKR2r>o;b_96sI|2sHUB3I__UbOg0U+
z`FUDftAoIf)-9}(MdVjZGDoz&ngJ|W3yx(Ss_bWGmys(*xpRqaaUc|^ySmXhQG9L<
zm3k(S1G^xLphW93Cr-Wqc@TYR7~!8J14GoZP&tHOrUT7_zRsUef|cp{;MLK#(P5JC
z!)rkXcCK$njj<*r+gLj;o0Oe}M)Yx%k#<V0$JzN0!+PGtE&#J=oV_?DIR>O@VVuo5
z<6R<7oP!1F4z4zG>^Jegc4s2^B}XwgizK|2U-Oe)MQV-aZu4_G_0xvl_|5*fwys#P
zju^{&rM91GT|pk6<j(beizDB1nZaO79F^_Ri_%Fu==*_0hLB8Pbg$#C76dw!|4;nW
z5eYyMx}B9fM{VJe7?tJZ3kAuheis_cAaenP#2)3<kE%B5dtP7TyO8DzmjxK`*3T)B
zsabIpW6$MM!(B7!+BG?CU=glcSlQwi;u4<NY+5#X`+tlUx*NfWIk=OYiK*vpj-OI@
z4TZXKecg-9^Mm$e`G2dlVU6Jl^&v7OGXiGbm16lO+hMhP_j}@uCo5*Ua|LhdN!|~`
zG=*JJ`L$m($hX9QYAmA~biDmi`&%;ObH2mpb`~Mh@G}dX*#EE@zG*8uf8j*#%^o%{
z^q|=*^hZ_QLR*JkX?1-E>{eE91hw~v1Gy|e${dettOL@I$$5Av-`WFc$-cSXJc=zC
zp$uN@v}T|WXIgbHCazX0g;^0it1ksChh1Bt5IS2M=tkqXC-!MbTYslM<_A9U$2n~h
zUbzGcMU$knqbJwfIm{fSNrQFn6*^jxW_r+2?LUK1lG6#{goax{qP9kweWpB$L43{u
z>MD;$0cp2+GX2LunEw0g9=y(wO=x1gUU<7#$hU?d*Y`G*yaqS-@q`jYi5T;fy>8+J
zR;cZdoB_Ibtwg*}bNLB1KjIzRD$Ut+;L?!2N|>HtvO*J?Vd~w9pAyD*3A|`7<R#G-
z0yb*}KnUMpfW0RQUjzeeGE!nrdkN*Aj4Jj?K+Q8FnyUOaIUo&0jh|1gIJnB>A3BT#
zj(s%tFPj<9kQc}xG{xTp?0>%4z!WU!?;zug8|xFh1;xjqT@b_?#T8`>m0m#_OW9U^
zb$O37YCo9Nl;ftZUaCrn+54*{|5~TMrrl4&(oP~8TINM_U?JoTneN;AL+Zm<sLZO0
z2{}=dbcEugG-7+fq1}T4+dZ;;jA~S$l_)EVV&i}2{6;Yw&r19QnD=;@N)oVWqIt8;
zSu{tjowdYh817r-!--lQLq~+D{$r)Is~?!c8^1dPL>1ldH0~nr_RpY&g-*l8vS0UF
zs`jyD(H*SczkP0P$`0&W;Bzf0*e55PDxZ&ErG7#$Wj~ue*1;L$g9Jtr28xi#z!oqO
zd`_^OZ_^P3uEa4W-N1Qyr&7D|>1`-qbjiWIC|a>RZHR1r?1r2Oo8B0oC$S9ef0edo
zK6k!Cz>7521Hq0|0kHvWkD~f&b&20H2^==*OVTwBT*B`Wd#)md(l~2m9!2ji7wE?~
z+ZYK4%70?DL*okEGHB1Zgbkylg@g9_wy_8qaUa<^qtp<jaF7jJL>yveY*YAD1M;*^
zEiwPOg6<|b|Muh+%oQ3~*zp<!*81nsr$_hDmeD~o>H|a&@9$`-&$%ZMo61;oGM0?X
z5tXuTDa-|`Atd&R?=rrB623wmpPlueRa~#QB(M{#^+5}IKKuyi5{_r5f|CJY_CS(=
zO6LZz{$v{iB;r*ca0R=ci=*C<@mhnd|KQFI%(tdn8DcQa_)@oWmYt>VU27kEQV3_^
zf{QiOM3X(4>clc+tSRVz$YW4T&ye-gex;u+q<W!B`&*P>9LbcT@=N)#MoGg{<<ZsA
zXa68eb0|v|xY<_Eo}+eUTC%N9H%3$-`-W$Kb3Cuvyrz3|Tps>*?g>PH-pY{S8J7uo
z@m$`qYRvB!`^5W&@<_r8|LOC5<<+cPsrx}VJn|A<_-*eL3Vb3mJ=kk``vphiQvq>2
z{a-Rl`E8E|Rd+_uUpxe!xS=+go9$H~3pV-dB^+&~a)eyW2^@&`rR{4&#!9ZX1X_FO
zjJ9~26c<uit{|K;S+CH$zGr3<>B1OZmjq(>1K05{&LMNs-jO~c2kck2FG61U?+Dn^
zh-<+P3$8^QtbFlPmPmitj3kI-T^^TWc{xNbDSj+i5=u#JHUOM!tc@lx5`I4yY08Oq
zfSKS;W8<i^VhYtVqpNwN8k%60*HAHe(ktKj03Y4XyDHaO!oliEI-?1+)!b47U@=6Q
z<#NbYeJO=@GJzvBp<m~c%lwx?`~5JQk~3%@C$(%j*^i4&Tf&s7R%^zH-F7LivB@Z(
zt#;neC=B%L{6j2kp@ESmVe=jsVj<`H-nqGZ_PPMvCV}bWAGI}`Os$M>jNk4l7s54_
z;bmWfpY&W_zT??>o{4|Vv`7wVbuOo8((}|SN;+TIjqD{vww6z@4?sk|5-_mandV+)
zo)+oYcOL&NpW0Go+9zrj^F>%u?Ghk}z8|^desR*6{@h|`tz`Q=HA*!k_JWib+%E#^
zQq9R~dn%&6GD<`Hpgg1zYKEKbm@hEh!5cB2W5U-yEqLcqG!HSf_TP`*OW6ie$(Jj{
zHYXMl^$ts|JDi`xqpvn4vHHEA%(<YN)JXL!O8X?bg^64Wn8;X*>?{@H&AnPzkGr+*
z{e7LWF#yIkoz@I{^+Zu8?e(HC=Qrcj^IlxF^^$JKnrHgxtC26ey*Qaw!9Mi!hnBtn
zDw7+Vs&Tg`46k9X>d21g8R!TK()|uKO<jdwB~hTAx8aI>J1v0v44uL!Mcz)Nil8Yi
z5+JfCF{=2y*GN2RVHc&>zyYX4lH|_|ZYst>ugof8*OUTY*BODDRR|NWO@hWFFYI$g
zNCpI9ai9r=U=E7|x8iMyu#@<MeX+->FN6C1rIQY2NuRZ1Ei0Qftnk$;{ibS$mGn9P
ztLc8&WBdNZymz}T5r($FG9z$)jUrIw^doL{&VQF=n{KlWNW3fvr00L8x?E}<aOcXf
zC^9)bjum*kEx>4?<}aL9y?q(fWpvovr{nGK=qi)EvU-Tk8pT}B>AF8v9hMM~g7Gd*
z<hYOdr<ACfE{8FGv428Gt^W|79O)A|5Q;J_-rSqrV4C=hC@}N<*CC*Gf7y)Ek|O3I
z^jB=cCH}q?rGo(za{{Vt1thBN-IduGGvr&oI;N|A?6rZ=Qn_o+KEZ7xNU#7(=8^C}
zqOLM1kE~e-cL)K3dvF$acXubaySok!!6mr6OK^ABU?I4>yTg5Vzq{E#OubcIMbFbR
zZKu!G@o6vmtB}T^w}$d$2rC(q)o6sitYlwWJm?366}h0sfdGZjKrRLK>8=oz9M$)I
zvMj=&Z}Q`MUyuN+|I{CwS3_Bs@YfDOj}~+&mr{}gan8uyM2SfxX6Hr;%tA#u!R-bC
zpD9{hi>#zm`W1<-^2|z6L5u8&efp9l_yQ8m=8g%mF+n%H_)a*_G?UCIQ3W{9ZZ?SG
z-)|j~b>5K8=&@5eNO9Bksr_y+fDgDEx(>uOBd$Nqe}zlR!X!O66q3=-+iY4T9qw7a
z{Z<QBTCq{9BEN=tv3(a8vFkL-=GyyI7bho4nt4T1pgbc{To5NWLX=rcYkX27gx*RS
zoQ<xeVuBjZ;Oe;UK*FxVF+*ih@E^X(2gI3IPZAU$e92PafkB-up`?V<oL^*OgBUUx
zA2d?keT{nSr}X%G49T=FBB7_Mts7F;x-CT$0yx%rX>kY@<cp4qU%%e6nStGT`_4QF
zk>3|E+NDgmN~N8C$NZ5QZ^}&u`Vn%9xWdG;-K5mNbSY9&|EW+<iaAF?^<Z$2Fl;Ud
zMD&kJ0)OvAy$B&#rmCKD1v$nJ|5E)GT)GyutkX<PBXdEj75pNWJYSD(w(f>}Yj*u*
z$sj1&96jC3^7v~oIZoV-?=0O^^xzz1NcK`V8{ZMTOMT==NFsyuK1Wk(>%oIkKvefa
z#4!?e4}nN{bH6_@1P-5rWn4Xd04VOm?p>X-!#%5fT!%i!coZGDkIT0Zzu8)uUb&al
zQL*?psiccOZ(>%<!CarIiT>cWiGiUN12TVN-^Is!w&*tjjc#=d$&F1h9%c8U_jjJA
z9Ye~$9Hy|Z0~QO43M6GcP)n&Sl$2)*ii{;DsOgPWb`ysqzMv;cdFPIG1Bme9Ulwxp
zz6<(izkg>bmHZR1Vctl{diW?Mc=b19+MnWHf)^b$W6BsXiMRVbkE_=CJl?q~o)OG@
zK6~aih2GWX340k9cFMojxGTiYXxSNv=rL>bSNMCJiMMGko=9|$_SiMq@u$i=-qjVZ
z?R$2SdK>b^Qkek|sqxTEyP^U`1^zOUpdVmN*E!?)UjpzxdC+ZXV`u*qB&)ABq6pij
zlnk?h!x{cF*3(VlDNxkT7dyghxIzKi{_p^)?7Tuzl#@)#*MlDVmjrI!9p8;?Y1ZfJ
zuij}`^!7+xsXhLOL*$BN{oIj4$klC5TdcgI#1$Chq13z9C4c+fX#iCP<ab5+kyQWo
zyLA_t61_*skThV_KnzxlZ<P<}G(W0te?FkpD8=<eVVr^|*2T*t7{s@bHYNn{ol}}!
zNAIKXqP#}94>cOn-dL<%Y74nrYVJr9pp*DJ|5C)W*i15^ZC|;5)qt@*K!Zh_;QrVA
z4|#3^3C^*!v)y(G7;&DoH{%{UItniE*O|9_rqF>Qk09hix*O1vJr(@pWs&0*x}tKc
zE_2f-j_PjKmpxKi65|Qv{T|blXQvJ-ga-PF^>Oqab8=dk=AV7KGnb<L^!;0Vbisz%
zzC9?84k-9PV)WU-Jl=jXKf}_I5G{wJKAV&E^G%W&ujL@nBdgHit#gQDdw%ol2}l)d
zE~Ex{x+uwfx5Wg|V*i8_zr|zx5Ub<`9AmJWP>L>^ea7j%hwc%7i-X#->56EZRc7qF
z$7A+KG=HUyvAE)Hks#fn;bUko&z^A>D4=E_F*Yn1RSZNqz$o)~x_7Jcn}XM+4*Hqm
z1V*I%{eVcbK*TCi+#8iIxC&C!d+4;s*9_BmR&p<-R;`N93%d~go9f^13JZfj!7K<p
z3lMs?;4+&IXeoLR(dVg><lU<R$mAEzG!10Y>GKdgFPu#Ea=1pX`RWT}SIOXifq|9|
zA$ljm>X9pn_*;z&iJ2TGDq<x)xEc%ONB()&W?>W)#Htu3(7U?9&`oTWaR2kN<6qo1
z804A_&uuJ7ehuDkIV;?Av_9aovU;WY#JKDEf<G*-fhI|9vo@KW8gx?5?Sbm10Vnl6
zRa@=7i01VYh*pZHXuxJTMRB|c8zRjVkuL9_hj|*KzWJcW7$tRwRDU#SuwGKM#0wL8
z^h~f^eYzKh0XoaXfAc7cH|B#IPb{SOVGj9N^yA|P4$t~j-HgvE;Ow<`J-5R>y1!c1
z4!qEQ<1bwZ+C)YD&R06VLm;}NZJ~InU1lc*qQy(lU1j~9`nyi=vbx!lbzZfyPdIJ8
z%(lQx85D-l@aDPjP88+5h%)mEK!(;bVa>;s^EkXg^3TI>j}#&##u@K)Ck{JFMY2j1
zgDW}=VI9q%4i8^Fi%!^ZM(8^3KOkjeVi2pQ#Qz2|{j#@iW$zPU7=KzVY1?-Td(3vE
zQswX9H;43bui}|O{-v;|?3-8kIzXhZy!OK-hI7ce6ZD@)H%R_@`0dd^gj72l9wsuC
z1UakH8q&x2x&#WitCoxr#TK4#X_13XsQ+tU78`iHolMPqdVl*1&OwAJ$7tzh>Bg>Z
zPJr*E@p#*o-;zLvx2uvciZuleb|uwcMvZ7w7+?dJ{>-4<;}h7HtV<XjQQScteJs?)
zMj9E2?Pb2|i)<uow`P0uCc!b}jl-NGYXr>_g{>{}&*LYHY4^{RZ@B0liekNRg`~~|
z7=yw>@?R3q#T6Bf{5a;Zf3lE+LQ3F&TLdPj^BDt=XH!;42Q!V@FKG9hgJz7MBNhX8
zpL)j;{jwV66pluRUB5Z~yM5E`eLAZSoLTXgjBbOoniIj?+lkTL6d~q-?sBK<!QODS
zwbh%gDeWCD8#DHDNjw+Y<UGqBK^^vlpD9aV1lHdVh_q=$EF&@I8P&p!Ues^69zsK3
z!-o+PVe^?5s3#koFRWj|Cd~hXkbqZ=xtTA2gm=q?DEb*jx&2ul&#Zxt+IQ$)KK<nE
zlwjHP-9!qi$Qxk0Dm!yhCXTjtU<C*JrIMV&07e3g#60p{(s%ezRW_>LL5?V5qAdTt
z@Gb;lVv6wZg?Acsr`U7^&wtm5kBE~L_Kfm-tgUZAjyc2`m2F8a68lqBRF?E`fDKtk
z4K==Eugzd#c7JbWuhjQM<((x2UW{#aC`cBz|B4R8w>8rnProVeVJBl#wtx&`9VO5q
zYeI%E%aYly=`NQm69M*aX>-f+jpQql<QpZYp42Mf1og{%ZI}ec52~FUGmDNVW64*o
z?1Z%tMYc8W=0`+(;@1Xq`fQP&Z$F)cTVTa(Xa*63Llmb9?XnMBO~0UtcK-B5?91rK
zsB$)92Cavb5``a!W=F>nBLn`;<Xdusc(GX9`65BJ8AkLf4kJoTjIQnH&}Qc#n&ied
z>U5n;sO%1V)o!k%{H3h%ox(Z!^i^hO1K9+Elg&BX+|L#Iz+JazO@7zX?P^{PjFv2K
zSqYj$+WFkxC0UX=uGBo;Lyl>$?{0l+P~G(0b!b+qq&sRF0D>?@l7`q6G=plI7gzxM
zD)PmnAQ(PV8<OiXn2^k2v#bmr_Uuc+w921=al9b3C}crgxkcRGv=@DUd?$X(&HG)!
zw3o58_>^S*l#<XuN|_Hlm42!3hit7JbH>4|l-qFO3I>Iv@B#jNW>j;JwHRvw_WT8j
z80a=y?D<$z72y!YD4OcnT%|k(TiZ8998v{Q5}pP6@?J$<EPWbfz>Y?2)z4H#@_%+=
z`_o9J@0hu4g_MI`KitXIUJ`Uh9XQc8dBkpld?RskKTdxLc5C-3?W+ys!YABthTBBP
zyIS^Tj|fe0h#au63c>#TUL#Y+yG(CLXvFNCDxRu2+;w!0ngth#JQn<WefsEPMOSi$
zAjis9x2fyJd5QlN`Dx<Nk3QLm8C2BgGk~*b{I49Me)ywu^LA0~43!?udPTMQvr_u^
zCTqn>#iE~;MhFBlP!F~$fi>yKO*93gzC5^F1HMRRM(nXE>VyQY>G2%=L#!{!ORcUk
zdwrO<XkwT~*}C!Qbh@kFPeWVl=P~ct-0!9@H^;AAfxbcYe5+HPKyMGvgVxRqZs*eI
z8z$oxYu)AV*g>Pdh>O1;!Z<NV*gR@pSy!W9{C$j?of)Zv&`PC(3Ta1I{wn;=QS*7m
z{ZG>bT6eb3sPB0D2MEgQ&959=tTKv|Rz*2A`MS)f(YKSr)^iI#;A!xR-}_dU*@mK+
zEn0zK;0K{x8!2MjgWUMHRk$WHX@aIUoq}cFwsnC|-#O?oZs#Iaj`V;Ju@xkxGUTF-
zrc;B~pjC*(J%&_v;2XjHtGu3EI2f%DT{aZgj|=*2?>HMTRyAP&lKmTN_v3=!hF+le
zE_&mX=0*@Fg2z{e9-VXy5+uj7U?$9qvGfo7fS#g7lr$q9Sq@800`fafJI}k6i{K)h
zOE9Uc5KG~SG5j%?C55xeT+z7t{;QQT(s*l<VLrLo#7|LrC+qU-ddO5-MT(Usv*J~|
ze!*pN+_(9tl_Rg*sxLnEe94PdOX>q)Kf)iotr&3Kk?c2EH6YueIWBNEx~&90RJ$f!
z0t_ykPPGb5LkKrHq|TaHmld%V#4RYvF!1&p7>U1{(YKYrr69@=K2-ONK~$??epgkf
zFB<M7JU1vON>fr}++C}$c1uslx^0;IGFlQU^CV+L?_CO;>>}DbbY#974&!rj>~UJp
zmw$`6pk>j-o!?k(Fa9y!E_>=c%s@O91?YvY6a4)F#vo9X$l5Qk1`N3u8WOf`%O9;G
zAX1Y3b`Dm=eh<cfqCg$J<*9tXTK^+kx1ff~*KMUpX*fzGyh4axXnK@hB^`xmp-g`I
zGtrP!_#zzTEG8(g%<(9NX`J7}CuR9kM`Jtu(oQF}iDRd_2{>Hyg?!5;a~nL?EJPxh
z*#+$jVZ%D5@+xhKzr@0y%vrbbTig9s(lw{l-V~Cn*}!xu6D_mwW_=oICXV_$vHda{
zmk!DU{xagBZogWJBoA^?R&7bNKxpAkNM>LM!vug|bS>%MDt$GrM===6m!!&>*bf_A
z0G@;A0{S|hm-?nMLalNy+;xEkSJ`*yDEC=w=*D%6_4Ln-H8%Rg>Gsf#^k53Us2HvX
z`{S+%F^|YGSjm=O>ZInizhP?b1r19;o9X{in~Nf32;6oa2x%8V547nQp%Xg*X$S6k
zmI*ScotIbmNtWQoc~jnD*tX}B7~!zr`II=x>byav_YQ>aG}v+Cx^k?~{>FjK{>K-j
z^~{z9rKo&c+qg`>on&r9+&akx-(sI-4UyJHf8ynC$%Rfx89!@m5$!6Clu}KFBXKCF
zJ{B`wf&!if<*Z-=Yg~@Qa49Q5JKTW^tgzE22!Dpv+hZp2D4+(Z?6G=Y)+@5d%;R?=
zHcw}6@5eX6wc;$`%TbrTOFoLqmmM3&Hn|An$D-C2!KtXiD&9D)x>bdGJI}N+ej5!w
zq!>C@HYXpMiLg>^$wOPc`Jvte&{TfSn$5u8Wlkp??`Ugs5i)#xtn?dTyHSNUDQ5Vb
zd8bXG9n|0G54K=I*6s52=|VR;f@F$m5<F&~Hl`h8Tl9!|)0Cz($S?Hg{!0fEVhi%$
zSLY5ELVky?niVwcOBOdQrK4ORPLp@ZG%=_3$S%3(SMdwg2$y|qsu!c*3GYlty8ddD
z%2e6rSUtv>t!7hM%W)2@1p4UnA>vMk7zpEqAYt~@5F_`6a3JD-Vz5prB#B^3_F%%K
zy>~(yDd#s4Jc?k!7)9TJO8gjV@Sjlqkr8n_c@RNDef$7wO`^~S8jd{Aolz3pf^&uW
z%FiH@>EjX!u}ITT{U)k-pOH~CUR$PHA(S{6ST_Zf37=4_59z)7#Y|_biRHRNA`TWl
z7V8OT_#(kQvAXaqxLN0hpy^JAQ(kD6WCU`$_NcQ>sd*riegP5Z&EO;(YD)=N=#%0<
zfyDO&5??Lq5zC!t57=F_$-{AfReD3Tsm0wDJ?}ke5B??5MBH3Z!#J^Vx?e|UD}_cj
zfRZTopmCJ&n#Y&QH&(?=$+=Jz8o6J5GLknTUo$mMq1U&#V-=QAy-9M#+CQ@JkwQ;6
zz}tl>mz;dX)Z+}A)){YdhA8a!sBVj3l8J3n-#^49^@D|2$)6N(9%Mqjk@T{>3tMx%
zL(KV(n8$vqU+wYSCMrs&x{_8HsspQ;>U3#1q{TKJtEy4OGO#DqB13xRvjKFv)r!K@
zGW6v)<CRAA)laO7)HZFypGLfC*)pOALO4F-()Ah&<3%7j(6W80(U{D{XyQ$VDi>l(
z$E4YVsT#|hLlIhr>r?3-zz0!@7P8U}G=KM->9*q1uztAGpq+=>Wfi$r1gbR$2jba7
zwJ}rgrYjRVoQFO}tOOr4Z_|zP{mz}CyLuY=C?-2U=)rac5#2m!EyUIjw`h+_jJp+N
z9fnp*EI3@G{iOKObR5Mgxl~cICwxvWRjWe89LApl!QIUPMDhoVX0gy%5Eii@EVPY$
zp%xHo8BK7(rjmQP!AMb2h6_R;5cS+F52oX-Gan}tlJB^|z5?{agWo%3dQ8MmO>`Hv
zoSH>2Zv-*|%Y?WuNLfv=v6S3I2N5GT&T$J5p(pbuN~v5f%ui#UpP6XNx8F`Pf6oC-
ziOB>TcE@RNve=h7iyv*ngqt@>VA=bLS3ZW?3xoF}b*MnoY}QtM#HLZ}bj;U=98Yw_
z2xj{F$jQXmOAKiL@!mWo5St<ND4QVfO(4SZe)lL3rl!(Kl&*v<vWh$7ANHY(tq)WA
zx&)nl*%I(u_t1&^L1*Q9x`jR{(!p#uEw}yUWB~O9_Ii53p6zMry#5?E;^zVz!wxLR
z(^7KQ9Tm@l^y-{h@V2-$h6mr+6@$J<3Z_3m`w~_iD~S@_`A5??VDWE2ntlV)bVtZM
z4<DNvQrd0Z5ijP$2}aa{_p-ayD5^lUWRY?dgwQU3Twc-K#yuU`j{8?p)Z;|-#Y$vd
zTk&6N`@+?m)&~tBN6zqBuo~pZ8SD=l=)oQ|TfY{9VbVI93^HMJjb8)cBLU+M1Jr1T
z;eAji!g!wl>XFhqLmu)CP6yA8l*=@2v|)%K>jI*wZ048ydAHx3C0O|sy0J~LRHG90
zfyE46s%?Fz%LOwgzg>^IZl}GD<k_1>xhhb0<=%d}V5-KqwXL*bazA{Jp}DH1H&#nq
zjDPCtlRH=qQUiXJ`ud#-K;b%snzLnqP}@hICgEs6LTnbM0XzGd?6(<o`lO3fY7vYt
zne@4{78XdXrJS0#?$eSa=v9R#!IS%!;hAoHE_=(HD|>2?;v<V(OP&ezW4VQ<l4+H?
zCJQ0KzRl$as1r`)1y;rXs?hI+(NaK_hpPr+W*O-Xj;qh>>6Tgrj@c_0+u6+Iv^!sC
zrEnvS89FK3FvE}-O2%;OVi&cof}AR+Nvc?TTYkare<cmDa%m0=DwZxVX^oFNh8}kb
z5SWl{)~nFgYaKRi2T}ZSpf$0`3m_;LK*5wI?6h}$Fm2%15&4T#9bq89BLbB>*M6?c
z@L1fVS=GZ%$EHk$%&MXoswUxMkKto={uQ*3%7VwoysGJ&pDB`29w~|wlZI;XBbC1s
z6L&SLZ&JOfcij3Z_5#bNt?gNRd*;nin{hTlt7rntQNgN4S=?CJ21WMv#+{nSn!85l
zzkeAcow^P_?-tMmQ2>98_dx_kJ4%;8`)@}UV9qx}kpxz;Ba71z#%XLxA7xNSRCPF|
z#j5|?rSH2}-OzgjnU$DtxgZMf+fV+(3bkALbEM=ll$B5HMW53=CT0){LU5NB>R*Ie
z%(gQ&W7UtuD6?B=Q24v1yC|Oou1<TNa=l847p8!DyBeqov#<G!GFCy%AasjZdsBbG
znt{-@_$z#F>P4o8C5D3rUQ5<_=BG*AMaPO>%h7wEmOV*^#eb3y;F7VrxssuohcXcq
zxsI7Qmi+A%Hn=^Dhhq^e8*1+6k)Nt?+^OUgrtW2IDBS;`7XD`2HYqe>#S92N=802Q
zSFXpu8|zg*8<mlB5_WZ$@)I&fnUWTvMyH5He4K?9mm$StjDqb~aWA(|jL2wdq17-J
z=S*ma)uiUNOI)VG-n;Nh08#xBxWp^6AxPkcAb}V1O?&g)ejD5_m1lXYDQ^soD6?cA
zZ*S}Bdb)1N0#Lf687>1gf``YS=bxV^%rjL<h}8Ve^-+r@BOgE5#Qaj_Z8W!R)7-1u
zJF4r23N4vp1JxB2K|IOki<Vdf<%5_^6N9v*ZrL}s^v*dEf;Ay-*QZ&B!;;S=8uJ-x
z!R<Zs&oBBT=4NpiR*;xkL1JDBG$#NSs&VwMQ({VWXPQi%2bn?{eYn<3_8Cmce`ZN2
zt3Gy-&Zb&GeSLptH%pDl6{};MgB?=H7sav+GAcoh&J}|Uq3&b&6g{qSv`bv)L}BcE
zU^0H!&LDA0G|qV3!>IDdyH*qj=8DnB<bu5GuR2I!ou3c!)-P6Mz?ELVSoTuRAYGq<
z3;^gdmpm5nStET*iR#A0#Mshyx|omgLi<^UGCpGzuj69QHliAw)nt9cz2vEJa~VN)
zrLC8{^3EO5qQt(DxTfVzusKKg!-?<)sdi=-|LIP%?n~&2*|93^c^S;3o$NF#L?flT
z*YY>B)0k3%fkdqrAakD8BiN{l6<0gT-k$X<WR)1lKh`7SS1zbuwopAML$f>X+M=&n
z#MrPh*+OBw$;sgIX>)`6zu0UZOg%ptM*Z*Dj3h0l?bpj-@=ZsN+Sf4GCrSr{UFuvW
zW|o%qM3h~zwS(5H)KZA@^P$d`mg>&-XEZ=Fiuh@I`A$Yw9m~bbhPQn||8<gfh=sqE
zx&8R|d3N2PE@i4-tS<EzDD<t<=&uKbzIENHzdCQ~r&gStdNMJtjguHRC9Ax9uT$;a
z(T$mEoiNud&^Bdg{xE1dZSXZe+3YKb!8)Qez@|GqX8G0Ul_%6D5SEhJ7MEoeei?ci
zd0Rn$d^<d{*rr4`w37X)H1=du4sfg3l^^}F>@1tSB@8AHtdFh=66U?`bDP5hf{la|
zz}4LW=Y+?|HLf=*;V=gm=*o5p>8=aga5q0~YU__GFgkR%LzO%$Wz+uQWvDE>+(S<H
zO|qA&NJWR6eHNR|x2UFfZ#W9U0=iWr<v5HOe7N?fZcEG<ov`*c5D-N(Qhud3g~dLt
zq8q<E_iMF5*W!+~|1|BS0RLPhw{yv|f%P`&(EVR#sC@XL>SY&9y$oSgC2X&tl-6Hs
zWZ9^3JV)&+hO|nh|9vcs#>K;koC()qmt$)bleh{`T$?kx*%91fLRj%Zu-UMYFP47a
zcQQbmgLX7fA9N6+J`kM^70=;+z6SU^z7pXIqX9hn6OXpsu2Zb#%2&GZ2Zq;XF|`SO
zXq;$9AT^2}0wOPWy}!^||0VKVT)fjwARIhRC~&^sR5r^yExwxawW4O|BkII6nGH-)
zk{35QYOz-10x#42wv`T)=lbs$--uW95SnKrC;J7kMTCcHBbSeR;x38}KEOR+M)<JY
zI;@OO2BUmh)T|?3@ot3u*XZqfydeut|Jjg7sVH1EzJ$_aW_kPMN19D$b{CtTi0(!R
z_kH9chp&Ikk*73p_9}VEqLeP{P;w4R{_+b6^r2+J#nKruU{tK7Fl}i?-87qN0dFDA
zrQC9gJuB#~4p<P#wV2C&vMG{vGrg{b*T{_Sk}%1=uH!t{zOUssZAz9D15*HG-gD{P
z!{0wLO1!7SEh?Q_7B7}ZGE!*o%;K8~=_{x0;K^J2h7ENzB+lR!B-}mCKL>u_gp<yv
zJ&KQyh`3Mstu?QP6n*0lJbO0(3bBfTw0;rmD&s2owfB8S{Yuc*ifQkxne+So(?#`!
zL-n2oYe@b*7SVP6V=R3((xYQCmN=LoVCMPBrAL|PTbQ8dCmp@dcVFN+*-|^bLNHOm
z*2`f{*4m|f6+#k@nZfVn@uhsenQb)jGIXrP7l<2q&XBn-+LTV?z9L*&0__V#S$DE^
z$WbYy-gn7UrU2*U+m+}E{m`ObbX`}5J`gA|QE)}1@7oNYYIXgcihcy!?SugnKy~v*
zKG)jec#e>=`d<R-U+Vl@@9pY@etv*iHn??zsz|7xNH(}Az(6@y!Ptn}ZL9j~%$<Ez
zGpq!&R^eTVu(j$6wD@3+-KnX`)1>rt%D&C3&hc6U-(~(N)KT5$*r*G~sML<`YF9fU
znaPx-j!HLLx!oIeV9X&r8Q4arr=VOLcd7mUOqZZoV;Ed_g>^67QyaVQe_D}2<QMV9
zK4a^@52y$iIz8YKo_w^GN-m^xfsRIO7)xGTKS+zJ|58GruMd_!Hm6j#TGr6ET~uYe
z{<-^{ehaZ!yH(BDOLHh~clKQ^%yG8jiY1gZ!mEQ_P!<@P8$Ot)+M8;PeD4VVf~uT`
za(J~EOE*NU(+NAX%TX}qAd!p~Yn!s?Pwzd_tI{=nm6@?yie51sK;j&{FT&T};I|!1
z_s4}5&G|b&jtRG_U{0|Vk`13jEoR)1;;i`C_$(%(Q1AQx)%4SXi0~kyWI6qbs%HHo
z046v4g%@x7xKDMuUDi^F*~exTUp(>g(^2+gC0{}DtC)UUN(_jl6x*)ZP954_=jHBL
zosAS*J<lbIg~ALT#Tp5Y08YV!8ifL4X<mck87EP?k8RzII)5zaBros~WI@g#3$nnJ
z&RIvO<+Q+L_SdOh*SXaPh_Eu-))6(We4cMt?Jo8#sM9=(=R8)O2*QjfI8X9cvsIKk
zygZb<*qIt~<Y+qdq+5(!+fFYV9I^&oZwQ8>ZqLTVU#l#DSQ5K@A6qsUbEL+!M@ok5
zDDZpkQ>_US^kyVPO{8e>doq1v!?C=L@{C6kl+@w53@Uq`7)~J|O2(1>`V@Q(wc7z5
z>)*;5Z~3LV8M?;%V{m22$reIq&PA4OdqPDOTqQk>BPNpwEqkHF7?RN0bQ7#=GTiIh
zL3&d%ZYq8^WDALr_guBj=!u#vw@eM;uBnlGn@X0HiSVHu^x*6&OJ?F(pj_MGn$-2o
zEBb>)Yc^0&e8?A@b=PtQ+U65bH>|o1M<5cgNRxRMXH));wsI-ZS%rjHz)kmWf#cBD
zZRT}=Sf@7P(zzH%Uc!w8GWASZU=_Iqe4kHrAw2M>G}Kd0+KD34hdF#YSr72n61%^0
zM=b4|1@+8ylnjce{_5bg?ay7}J!+z}(E~L5O1>+he7>orb0<PxoJvt1Cv$+wyvsC%
z`{o6Y$O$F2g<MeVBegzq+I@#TRoh)de$>Q*q;b%~ghHl=k)oXQh3*e;a+}T>TLY5X
zwGp5-S2*(a@U?6-o9J_Y^+H2$pT-`=-7b3VB@W-YCm&Vv1bfV_t362oov(}?G$>0f
z`b{Ycp=zOa7H?_Etn^lu&ZOPc#tX)CpcxA3eq^pwuf9(tcj#DG(BH%GCAy!2680=R
zKQc_!A&|T8)GEMEs`+NYfKB!32fIT^^>6)K4B0@k9m3Vk2qSC5x`!^igtQ|Pid_@9
zuC8H^1ziHVZ+!>o=xgn^n#TLmT>8n9mn=KZ*JI)uG3PfOq#?2=y*N3{2^PQZ=mq3w
zfeVksY?VM9T4c-Zgp`xmr)CzSIu(?Mz?RqOr=Bkh;@Gd#bo=<)=rcSj;$i%+78CoT
zOYx|OCl31e^1fx4K|2&eu_N+7vJ%*KWSS%Q`t37;x;;^mX*`X>eWbLt{z$)8QB(X&
z8@I0U<<*+HSFK~G)YCE_RlK!s!p*c3i*eGut=vGlXM!J)D7;W1Jm3SuFrOF%U~3sR
zc#O}aAZcY=`qZM6>w0OLwH|^A4GH|Wa-07xz_<skUxr~036IbX@&;J)^pJ*qED#42
z6!t}8h<abBkML;$t1s<ihP{IVfw_Anx;~y~$7{Z=McVICINm3XhUMh+zcO*+to1>Q
zgWS@Jn03H*xwR~+XmY&wB?GkmH@IKJ#Ap73-y0(`DgDld5I$@ctt@c}=}Ha}du|O8
zSmk$>`Tuokby%*di!E=8#erskMj?u#8C(@F$uZc2Wk1L_z4$&VZEamk%Yot>CW=UR
zbyID0UJ;>ZB~j;0M&Q%hxGC`ZS?CQ4kX$f6`EipiZ3<G3;`dKX*XUSM!1r-H3Hj%7
zbys6d%gOHBe&WB{zhiXXXdYqm{3S%p`wbCZfe9`7|Lfy{Hz?e|;ro^``Qm{4lX4VA
z0Y7Sh43O3rG@EVi=Fn=*>YXh5h#B`H(kyMT#=({pe_D`>)xTy9X@S4#U2e($G2O?c
z^jyVGPnlogY+2gE-S(8cMrYiVTy{3q)t@N=bj+Df!Sw2jpsOH5Lb+igclo$MXALJp
zra+gUy_)p^sr(T@O74zKKs*Z#eF|<u{{KZxS5%jit$|cYkR7!VT?#GHfh48#Gv$jl
z=InvoSbGr1U(|EABC<ku{iGTiH{pn{zZ@#I8($U_7kt*4cy)e<J$vzr{^0ZVxLA@J
zcUi9?91kG@vE=I~6bE7nMS&8;lCOY3oI%`YAi9VsxV)l!-*=da0-Y9C-FD|WmvTdB
z$VUGsi15?@^mqfNeH(@zSu|cJ@)-;cZN^t1i0IXCkLbAdxQ0e1kOQXbr#OazJP|m5
z$?!zc^vw@ts*1{=%D>3^buIdS6S`i-u97TIk5mn|8_*4K9Mqp9NmC9g>ks290O1Zq
zU`D~T@Ca4%gSV%#oQ<>^n@@Z+cwS_VQ?4C&1z5}7IqW&;r2o|Hl-6-ikO$1Wcm^a~
z7>|&Qjh1kSKW;~|_(a71=nZmJyE;TURuv{Hiy>}mc|zA;6l7X?UM`#Axn^f~w|RRO
zeUCYx10F3ktB>Aavwx}Uz(WA8U}XuYm^Eg7QLl1dbo%rGxXays2=$*fz<uD{k2jz+
z`vd(jymxDIE_C)VY=_m#hY?KB9ry!vx(7GK{(R%Kb0FB4=uy~}bRyfj9h>721zSEK
zvG>vmsOs|mfMtzRNiN4Gj;$V!ZRM)f#VqM+XuB#}Bp|+F1pe}3M&eXSEG0=B3!L+!
zK7u|%F-3VyjVW0SD?(Sd?HFB((&}pO3cGC`KxyfzFy?zTpDH4>$?&bmoQ`3W<6q)<
zHAlP2w-T?ytt8olEY;_6ve{b{>~UO2L&bE}c=%t1{41Osf8PIkFBJvC{7dxm{2*4f
zMjU~sIQYv>aQc_{PIk{E|N1w9#%QYzhvJCX<Jt6$$~bl74F03pLl#Px@=pENE|c5{
zNsZ^_qvnwY{`qt!+<qo@ts<GwCE`2Kl7Qoyat5Q67`~;tX>nX}!c)<M{HXjGwrIX3
z$R`aBivv^Lo|P4Zlw;$JM-KyL{-`UGF&*G6cw-t4q-<FBH>ipKD_|qy-%R^@+{7Ij
zu3#nQ#~8y}MhdRxeHrwC&SM-G>%u(J8|@>F<WpXl#S`{u#(>#IY1$G@>j_vnUchm*
z@-tVKdT4k`e=<15DbBWrK|2z+o3o2tD=lr`%UeN^)z|znenVnb{fW|=^4bBA@?w*-
z*ybqgfGw_f$e0;)kV@~SYN24F|3rn>a+9hR7K<@$SqM#FOKdXQr`jBV1T{qUr+UHg
z9a+wzi$_k<h0&IB%t4A8vY|q9jbvOp%ynPq5UFEsAiYAQ3{EETbpAw0S+2D7XZpyg
z+{x%@?a8bf9HDFGB`_IhM049Ksma5Z&Xvwyx_s?&gz)qAypmhT8jCIdalDW>y`|n^
zZ$`IYdx^uzVtc$$mLb`-$BBNz$J8tBhdqf;tW6SADp%vo+=Gaa-tjpIO9}hEPydhQ
z7yP{$Uyr?b5S9{2%*iUSGZK3k8wE=}E#7pIr6{z(PYTgA>h}57jwfZGxMBC;=Fv0v
zLQY$y7(rxiMcd=TWKauktkw4XFzjq$LRaCnS~kCEP}hdlZFiy)ULAe(Jtr;8PQN@A
z#c`=lP!1P{^Hh|mI4UrM4cT!Ca=7#`LM3^h1vCuL^O4qRUXPbP{E9MCt>uH&NrS&&
zd5<6<r}9tN$$#EiK<;^0P_8T@t}baUA&S0f@$8a-o5xXd9aJP>Tpr^035+srXS8Mk
zGLE{u<70lYJFKuQ50CxT#+c5vdw5L}Ev)V2gws1~Zt}Wx*T8uz;F@@T<p6NiENTB1
z_Aw}em1|f}rqUR@NNZ1FluwlnUE;vE1nBdGZ8DG>9JuDl4}RJwVpwFE(YiUsIB<t+
zV40%UF~`Ac4wGEyuZ#^ID*Q2bo<iYJkPU@`Y{(0KK;%;vQ`fol)0(-w<gc#YEFqR(
zcVIhg*62I348jS_y^1z*38~K0Ws{e(Emfh@KVn{fqo1$TJ_QBHJ^~$1sU9uwYoPVD
zTX}q4x3^nY`|Q8ULw8o~cpq~xJy4da95u}eg?>5jCluXT&&&-<Dtn<?SZ)`TMkN%n
z38tAghMjb)>Z0vJX_>?`qqYWkP+`V}U9Id6dl_Z0{Fk_Raut-mUKLQy4>aF?jG{VD
zUB4&uv8xAewciTGNuM<c(Kwl!iG@l9g?Pn&uIWd+B`nI3$Y5j0v@Lne<?e~x!WP0=
zAPVE5G|gANXl20AnmX4eTb|`31hUPexUf#y6rqT65{Aqy62@c^n{gek;rw>mo2_{0
z{d~yDF=0ucrwK|N_BU9pK#7Cd_i7Q92et^u1v7wc$}x#E*f`7CXPHWg9=1m~bE!KA
zL`OsYzb1_n7fbo;6$=fB?|lWc#rMJ~v02gjV-m)i>+!At=_h1^2-fY>4Neti`?zBH
zdF@n}_Ub7<3#rX+U6FaERr6mv_d9sEx_Gr(eeF$!{J7E{@LhSNl&_dARCYHaWdL70
z_alUB%A*WzT3mhKhD=3A*f$#pVdOyOA3mU1PZzatQYyv-&*0ci3JNV)vkukv2-1UG
z4fTY91MN@B+S$i}PyWlpgFNZTaL%A)kgy5Ga$I)})>*$U=UMvcE`>AE7rze5?FW!U
zqAzA7hf-qai>sTw%Uun$kQ37L_lXJX)Dhgk&c4}PJ-1;wLr@Qf;d0b1{`M{AWw-zQ
z<A;rYH_}%)`@l}fc2ha!jtM>^-OjI!?7MsjHthN{4lmxS51JdjZDx2GQU8e?iOag;
z`pTLX1Rd_Uo%fG|OR~iWq0gQ&HGQcVB)!e3J196n!ANCwlP7Ma3$cq2vU6cl>+h*=
z^Safyf-R%ZvM%F#T2pvh-GhwTK`y2VHOO+kToDo)Fcb#(89^?vpBgVRoD-`!#=LEr
zhvqQ?U(E+Hv|Cd#ADKiOe{pcY{lUlI!C69Me^*kYEW%+sW&OcWa$EXoQicj$27oF}
zXY-cwrrUXbQyIX#gF9L}+Uh<nw>T9kHtfCy6NgUVSA~}w&^^NP>fmqUi@v)Sy(G{T
zE94?{3STs@2+aR6Ny750XIcYB+z1~$O16&2O`G1(wlkg<VdncH%^3r6J8hHb#~m<j
zj5!e19}~{V3moL4j{ydibmn>tvWe1sDc!C@e_QA54kFavHY<)-KyjUhbe_uKhwlk@
zXE9J^jGjE9RMV}$JvtfbKj{JMOst+QH2040b=U}pz)Lgl@TwYt+`GOno@?-<cR6#q
zor`_vyk>tB7svY1hIhH}MP(25_=${t62d9e%-*<qNVl=&7(j_Ak|cFOo6p8@0MD@=
zF7?k$iG48g`cXU2x|9p!9=wQhFGdMhc77E@f@P-nNYYcxlhF7~&TqoCH;W^$^B~{D
zvisKWEh0rM>c$j$<>XJd&+ip5sHQ17h(zVsOHI#1Hqg)A-aPZEQN>&wSx2<J%J_Kl
zF7`b0xfgQ)4}8nE8Lbv46+(nI(<Ub$0@=MNfrr2SN5byQ|BBMyIf2C>w2DCv57gLp
ze)+&$%L!E!&kl19o|ic?Y4fJ0DewshVa|kgAZB)gOw*+;QJi*NsPvV6mI}6UYfNbo
zEbXHB@ncR~$aWs3#+2*FdB(!Zxakql_Yr~0nRAAhDKP~lg{uxs83slsQ`E0C5TXbf
zIfV;S{|HL)$aBR^4pkxvx>Miw3&LIziTx>yvNAjtw3B@|`oB3lMBTxMqRBCcA{9&{
zQ$d!(aYKVBg{wV%Q^9(#_4aTUGc;SLF+A*&_dHDa`h=7o-)ryC4r2hh6X#eNKIVQ&
zk4tOksBT>ge7kOC{che>uey`&H|L&F!K8KMTo0p?8LHUP23BdHQ30}lT+z&k@fo*e
z>yL1aGib1}a0VlqsWEFh{IhC(mQ@h(e`=N=7zY9_4g?%0%=CB1Xp^D#S#}sF<l2hE
zw;Gx{;2QPF)JoE+pp~<xgbLsEA)MC}G><kl<O$LBc663rDW*1`RoPxm6WHK$dR*DM
z@6*A3n_rB9NXGZQ&C+T#%sC3`F8)!wggG6-#hz|Xvp<-N1M_G@yF}PN*C6ZLI0`2X
z6RX`NbJmYuI-x=3<vVvpj?@SlO?$e3kOTf16rw-0&z&4|$^}8E3mRW)4>FhYghLAH
z)fKvoR;^>NYUQWIeAL>@e66mr`iM$jc2+*cwNN=VZ}*P8|Kv?Dn>t~1$9=m0L_$!9
zgt*H!X>>>C2S(4suT_`<m6}}UAr@ClIqdzJBlxC6Ro{%*o6SG)I^~~E3-I@7z>a6=
zkh5;qP(dr!m`gar3D4pjVanrQ>&Y-Ru9HyswkP%X(oeburSh9ONX8x%bLLz0$Mfgk
zCUKaxYv%G_&CF4b=I2oI#bINf1KaD^t^`TdMZNO8%qTx__kzx1q)y0#xa006@vTKd
z<OB!ZIzgsSj%pfggGnb1*oZT&M{{hie745e2~K;icBBvvqsqt@`Tr>arFGO5Wd6fW
z9)3`aw*{**YsLkRZM%Xx>=n!bK2JA&+tyFlbjL5HbGvZjtnT4df*SPVKyx;FQV{Sa
zaEsbx0(Ojan?BLP{5rwr<2NY~OyB_R#wNW8>fa)sktEduNQfMu2JR%NfjckR6}xiD
zx~O05IW!nv+9TXOW4()RTc&5(%i67-QTQ)QGu_x+w1v-Cv}E%GDa;>bvyTxGXrklU
z5$d4xR!jGib@dK9f`fGYL_{X`YCK1Te0ZO)&Ry|Yth_9dsTF0r`gR#g<OV_4NRb?F
zg_#z#!Nxf|h|CP2N+t_@A)^oAnPX_U;UUM5W5oWPA<147K^gH<<F}7Y7cKE$=N$%L
zWX8us1Qb?|ql6Vr-9k{~F)F2am~zdZeU17w{(6e>+rLtO^744^_=oMXu4{6H4wwmX
zS!T2Ul5VUGl~a!3$inBfcbF%m<KB;#17^wsc?9d(6v?Q%V7A!XvDNcF#8=rb2e-nU
z9@*aYcSjagF?d|Rl9P483;>H42cfeB!j8$;2*+Y8ZQqyI8#;vv-!d59<?2Fup;r|;
zR(Htd4{%;(_O-L})DdM~L2xH<*OKCHY=;M11^I1Z&dv@q(*u&?$wc_8y{Nuw=(G_c
z-QWvo<8&wAAFF8H&$uk5{M^Cixc+-#IQ*GuACDPOP6CXhl}M!+WeL<5@)$_rPbl)|
zRCV~i0MFi+Bh;gf&9gy@-FU;79lwu;8=y)yd-h6DV1AR1fnQIHy0Nt$Y#rpa!Rk0W
zI8P5uizW+Tn&k3yH`sjk6zx}gf)f55hH<SF7wq2=FZV%siY}V&4+r{C_|6~>oZ|ox
z=I|xpNk(cQ4l4AO9>*AIavlaEOsy|wUr)C?$NNod;@#ADuZoM`{Af`>c63zlLwgnx
zRkYK>x6GpFc|?Gt!K(B#3a3mEwsHUmbXzDo8T`%;Z$HT%gyW8`5$iJGC@3{>9AYqL
z_GxSKyLWTXA5pbQCkGyd|8{G@KNEb2xqXDK^izZ&zlIGy?L7A}tnoYX&l3Y)y#p0J
zBD?@Y*yGwCMd1bEikQ*@y7V7&<#wM7O^)X7gwqyM*ZJP-7X~bW=hyPb7Q7Q3LT&eE
zRsLUZs$Cxv_ttCAf4$00Sg>#xQm}yzNAl@1EI(b`f?Va%Tu-IVIdE*#($MLQ(@n>c
z9qDYA5cewgOjjQkX$>Jv7nBg^1DBHnK{3iJFDs|yHQ@eHEYgh0D7XpUX;QuACblV^
z1N+;bMgxM&u*CiDh(uWgBW7MoFC*sH5W#r%y+=9`jMbA9bMvyMld@->(qi;=J}sD1
z+tyOG#rtnSkre-lnn<#q!?U8n{S2ZJj+@7A%gQNr2XL~#WTCrocjfh@=SlX3aer`O
zpZixAhOCnjzfPCXLHHwH5qEmuiQCeBwkVz{F4h%cM&F5aH@u|AaPKYY=kV{$Qy3YK
zSqY3oa6-w?opoP{^NBM0{<V9hb)X$N^bqLa3H{p_@vF=-zUMA|dJ|qt5qvFmIM2=V
z`M6tD3h7kBHbZL^85vMwFHB?ATPHjKz1c8j4*U*l?e5R~KH*!nc40wdf_%P~M`zN{
z-oE(Vv}-oY&OL&1f{kGVw-WL}OfO)qahRn^J>xO}G;!xWaxzDyaaNU)cq)<=0km7(
z+DoDR`RuMAD5R~8DW`$H9i4)gVW2;#SwVI`MaT^>(By1^`(+sB#A$9mw^pKl0wi})
zy*T)!Z#F*0POs4oRdYV0zN;7y!JQ$08Ss@HPC&Er;?3QB_D>@~w)EsEIYiAV${Zd3
zF`MBLjLS5H4Cz#u&J2h@kRWiN<bB8*b>}GgPncxR0<w0WN**JgNYZ;D?0?CV6M>Rw
zAu#T%dtU6r*7lZ$HQo~Od<j(0OCbs+CUh@lpIyP!MxZ2?LN##TJ5#50C1|=7+X}3$
z#LdR(Z@WEO{xsW{?jol*qxCW~N;tUnwk&K}i~x)h2%=>@A=$9QRwCL}`wI~9_kyd2
zf-s?JG2~QsG&ip?>Wg>p*%(qfIM}}ZFP<A-LuNaa?Ij;M$&93oUz8R}OX?8$$mA7w
zw|YX>+RTA(l%V#+qrhvjuJS|{#+hhE;ZoRKsjIJovXa?eioj#C4Q0+7$<j_<ZAJ_D
zm?gygkD0@Wgct%jK2OL;N(lbsxcXGBi%5@DPsDPVs=fe$f>e9(>WvFuDHICAKNSm!
zb>znbSrWpLn@kz(_`|<B=|qTO8(MOky>GdfO?G2P`I;NUlw9#fc#S+8nV_1q{*^tQ
zT2*sJ`p{?9_kEBFfblH@b93Q2n084t8Crd7pz4fQU(QB0ZM1RKPjkFYnmhLO@`)7n
znVtCF33tDD2=T6hAeTD6H{Dv@6gyA0RUx!`DYfh9C8lmN`0<Ev9Gcc(6`wscejd|i
zb@<4X;>>P>TkFS|t+WqsSsQ!NOGjtq82=50?-i9EM6$^*fXL|;emAr=dfRlieyM4f
zi9V+7NcY!g&GlbR6RWEu*Vt40uSDFbg!4beQ}-V|)3~dv51pwz7fQ{2=Z%*SmuEv~
zpLLH9V|pa7o+hTKR1{T1pLJSzyU+7^5ntNLfu_L<ceb!_-Kk>GCf)&#u%k_)GI75W
zHhF{*r|ic^U{qP{#MIM@+bp$4nW71Q8S^5(EHtp>&)|rL1B}Qm<y_rJs9v-eO%h7s
zi{M{DGJE{TWsam(G9pi+m_J@?XEl?Fx#vng7Es8yaUbn<my?QI>lKb7pT-e(cGguT
zjufii;>&4APPUVCV@t0r)>C@&W`DJ?-P!``OG0P!2m~Xpexl`8hsYajNU=hV;t!q*
zAeD+>xo1=heQQU!wEy}iFb?cL{h3GL!Sv{a=EhVYNlu4qA+<$E8!6cU>XQ4~C@xC(
zbC}pMGgYW_zsVQI3{pnSQW{<V=KKmFXPcK_op$n|Smy8Vc~Xu#p~ic63zPyKaR~&I
zaI9F*24r0tph7*8yQRq!C9zN5MiuCeF{lpod}w&nmAv;iQM(7;HO-M?{-e0O+omVT
z3f{;3H*~w3-z9I4XXo>oJh04+bKA^+mFeCeMV}lW8g_6u5+EMNNi~+=HGChbG|)}A
zxykc_cxPj;;YCC(-YIP>0$@&Sjwhgvc<~}{Kl}e6Kpynuz&b|NuQ(P{;_4h@;vP@k
z=duLPc_Wk-=CAjOi9k2l0nz@K7T<E|SBPh2zG*L{kLSl%iHo$xW3*A;3(c;9a!(IL
zYhU9i+1?jQ3AS(Yb}r_a1@KX}bIu~^Q~SRVTd%Y4fQviVLDji)R|DJvX<xRgo2M6B
z+x5#<?gMzluWjm0TIwjCJdcZ_g)*jA<bhFwn(thr`QBb7XJZwtOh#&Uas(~!zAA%l
z9znV2M^8i0hIP~0DB?~XqUKeh`7H#|d!CSK$88?{5n**J$jW=7x}(kMPco1Os72a)
zzTxeXK=1T_qnNa%fqS0lFHhFeX)^usNg^ViA!Mj=64H4LIyRCC&?X`|(fIS&Jj+pG
z(cf`1)dy-l<zoo4So_1TO4^yA^QXjq24>u7*g6)8@#M%Jekxu{mJ1y1^rlCC+HEmO
z>i*hygffs8r_MY&Gp6Q=RK<6wy9gMoYKU1RkI6NDi)Ffo)3amSTt2V2GmU^<XJarn
z<=9+K_S?<rjbgIfWkTgdzGfOyHci5?R{b64K~INZ>>Z5O`NvdJG(#_LhmDr9txOYo
zzRrw?Nhq5pionhc6rm2*f1BV;)}_Z`M;m$aofogE=T5e}<qq!yPOG@qR@Mkns-w=m
zr+1Z6kRDN%SH2XqJvR`#xKKLa5Er%`wRw6{8nvp{b<3I|YhWs}yw%w>a=2`#Y$n}N
zGH)p{j}Il$RbloFZQU&6{5a!nni+bE3ao9~WL-O_zD@rD7^T9w+++A_Dp&synl9C-
zHe2LM@ufSG=33VkvMJ7lv-1(Ot2jOiy*q!p4U48?dmaUCyXgciDR~p_(xF1Zv9>ln
zs==Mw&+J%icLFueap|`*LG>@(?RF<n{VTcF0*n!8v6X?!I2%+cfU}he&RKEaTJ4cZ
zvGjc;ViV^bXR70GF@m`zWbI!b&8rwvmTyOO{_V@(QRsE_No-~*8+51D!gXn)X^{&q
zmc+3d_)IH3SRgI^MZPvt<%`7LID$~RLzdY1kJH2iOgW-Ln4*T5?cqPT7r4NP19v0f
z1yi!eBj^mNzeEbCEM$X-W<8fy1!vRD*H&$Qc1+)TE5;<yy^rqrIQhw%>F3_7kE}wk
zZEqL}oU?ie9&k1A<I;;&?<vzv$U5NB-#N7ZF1|3-f)+(@k$IBq;h}fdC>Y}rOU-^t
z-R5q**+d_@H2jknE42fGn9n;FS5vZ=hXss@TObaoI%AoOmH^P8!qLdHRm&@%Pi`9g
zQzu`goIFvh+xrd4iOyRN>R|geq!qKqdu=(gs+vuO`Z-^9*Ne5T>*0th?yh6{x_Y5*
zxLV)S-VFD<dC0^4ysusnE}Ri3A2Nq>wxx9#1FpST^*)GagIg3l`#Xp3MT!q*@{l~c
zEo0hrOuK|k#w1~mru(^s54m-YO2%P+5R-pkdk}}QzZ((W%RVNY)ifLB2dV3e5%D3<
z<ynrLpsSs230v@6C?mqy{XX@*nn!W+fEAcJ(89@&A6w*@6~;ogkGVCCc8;8OEpk1J
zU^0PPx0ar26Ubn99U`(eB9nw8%|=v%BTtFOa8lQdx~sPO?Wt11=M6N2qbK|s#-1p-
zb?XPkyEPGJN0$8Gd+Y6q7KZ$_vp+a$xyD$`1$)d~Vo#mK?pBeK5(km%=wo*KgB%4Y
z!T%><2X&}+p59qvrJ=k-5NKf>OFtGMDC`<!2R177q%oULK!<|PLeRw5$aKk1b0eO~
z)j=``G8{j-45lZ(z8<eh<d8{>zIxymgj=Qs*losr1CIt%CNv$VGd1e|Uohh8Z`92f
z4fYHPy&_~MV?;T=E!r<qbpnt?wa>XI>nT&#=xksy{25eno$m2_1#lpW!1?;<l8m}R
zoe8?4Rs1=ku)Tf3K#%98K8*;|82Nhy4n|CSM<eG$Ru5vM5#DrH(SM{TYn$PE>##IW
zVZQL0&<JNtUw5w(3p1`SWBd}ForWb5jDlUR?eFAC@}Hhk><a$U{Cly5I`sx~d^$)J
zEtrN?e~V&8<a*3?eQogPv01lNHe@NC>~8eazN6JD-hiAnisyHQ(>XjaIortDcJkzH
z8_>K|c9B@A-;{(6$;|gT-LMF`c5ZV^v<dm@yD75dcVXUkZkqSgQ{a{`J0ZJL2woQM
zRO`bq&+kOTj^``XNmoQ;Pz-mva0HWaQdcT<W60Mqvtm3{I;s{BpP56gr51X~{yrXY
zqsyx|adu5quTzEMU#o6kyRAa@|G)v?p-0wosb7J#vI1~E(#2%uL={-3#o|?bmc?&-
zt&of9>vUaTyYTIHdX)Ok&so(p4tvSmhHQ|O7eWPji9wfHm3S4CzYeF)yq-Om%4uV#
z9o5D0{*Murp|}pU0HsWUyRW{X7T|s!qUeltKA{-82OJ&*<{v)Dx!^4V!v7XV_~!$W
zYcXGDhY2w3J<F8i$P2hI0;F!gxxq-gls$UzRncJBNR_Tnr+#b3$vKyHst=&jvrZwX
zb1l~UKdQblJkMrpJGO17VPo4(W7}3^>x#`LjnUX{?4+@6t3lIP4Ziz%_kP;_{mgOY
zxYx`%Ypt2($<rdg7u?(6+u5#HS^iDfq%MHGv#_Mv$*i1Y+~R5a^l@H>{kjVoY2S|l
z+-nO|6R;vCDA(O;X)p@74C*s!9geUd=IeF0z+MaWqznB~Dpy_oH_&e!b01*G<M?@|
z{)r;p+!Zk2>N0o&w*#LMTe7_QrzLWgG&uOrQ5Uk;>)Ixj?EO;XC%EVZ8EQPf64LOL
z(s(xcR8l8hP87qppzzJ`cJS{V3q`t*ys3RGbwO7LX4<>BHLlA=O(lzSoNi4kgr`oQ
z#$jIy+P*)DE`eF~4R?T}+$j1o-ELNw^SC+;+A;`|jHkQ`)HIWR74|M?0)q~>zae~R
zp+E8ImlEi;n`iA&9x_5dk#6h~Bs#x;ySw`-6}53Uq3@%)Rmy7q;^6SB{JACZck?}A
zow@mMz{-T8o1wYLf2IGX*z9^D0vR)XGxG|kC1t7v6<+&&uZC0}tpK{S#i@RCPKHRG
znkPA8urz2I!<s)Bb2b!@?q7px!F_pjJJ*8YIKWgxmLtck@tS$t`Q)cam3s&8nR_a|
zt-D1-@~eKAD$^2Q`Q)OXsgvPtDKM7o|DrB1n!VtUbh@x)cv~KY@9=V3ii9Tcavt?;
z^-J-Zd&86-Rk)Bz!_u6Peev`xrGjDjQ?C8Wk7QKZd&M({XUq<K#O9^1%lckcOoQXx
zw;~O)3G<T%x$W1sCMymaw{FD?!M>(`3ypgxzdMA_M&-ImHk)xBX+jNhHi6vcj7DtL
z3>vs+{E62c@BXjk+iTH;t!%1lQf?bBCV>1l2HZR@7uQ3!d<6_o6#-+udfDO}Dfpr7
z+=8ZaG0A1S;G9Rw1~$Z{PgW>09M0mD9i6YRxdB=7mQSJ(n7lO3Vcv}j^UWL>(;eY9
zBjX>1<-cWY91H*%p+%5!kAgD~ruHe(Cm5~2#>M@7P5kTjy_rS^NBg4k$4_LJ-O|&R
z77sM!V+?gKnSX8G$H4}YVyR6WgqPd-xoDOZs#9j1l-jj445=@PFU$BTLTOp;Mx8+W
z6QvUr4Z=>4toBOnCH?MP>}&tNT9(D}mZ4kMHvP0XZ`lJZ8ZOgV#}ORkF7v6++8CVW
z_Hq4=%%qgDm;CLwgbEgn{8O>&hIy!Z>0xiDL<q|)MjOZoKCcs6n$Wu{erCEAuOt>d
zaU<1t_~z4q>}+*Xf6^*pJ@|I$HSLAhRaYrIzI1cG5n4@3F9(`D?PvX|HPU;sz9JXw
z>E2X?$#@TVd%VpGUfFjJNE+*<a89?8|NYj<vwpr6)gAko+uc~6EnCOtfSbA!d)U=P
z!0>?tfrpV8t=2W!!g{A74|sRW@I_Bbu5vx-k_Dj^SHcUehq@4wC`IbuqO9$_>A<33
zfFPw9GENYSw#{=;-1zlY?{n<d#ug1~`W5i3xYa`wBvfvHwv0>vn!6#WSd)vF(AZrS
zm)RloU6L@dcC|6IzEibrvVSFceE4?6YOOM})N<5T@L_|nzYQDpXPcxCSqz&!rkY))
z=IE<ob7RVTeOg|IUvAL9=i;Azg;K<Xp}W!#O!U1>ZI7L<gO`7#5BTqYL)hIU8~Z@h
zNwetnnvdw2xl1g+a6E@4<rjQ}v6{_a!L)$o<V))jUNER8>0Xg4;tEbncTn(j%gTK+
zQ$GK5OZzq|%;r+xUVa97<;AEiPRCD0^IEU+e(ZRlJUcbf6`UGTyfyJ8^{XG0V7*If
zuPbOCS?=KtNIFr;5X^Hg!7>2BRMlUTbK26*a`!9MmG@hisO0&mFP}wTo_?V&9yfOy
zEKVcV&)&ciK6tJt(nX|GSOF(7&xXyx))h)l%M%L8ZT>ahM#Sz5gXQtuRxy_)FDo2*
zB^#-eA^9OV4RRyoemJYgk8M-szgL?YGgH<8y^TmcVLY7z&E_AX_Kc5*hw`0~J8r5O
z(q4~U*XBkFvcB-N9eCrLprM<YC_$2$D5Z;Yej2ZC-OBoPYG-3Hjp5c=Rd*Mj%yo_a
zzCPk2b`G=<YfA$vX*VwsUeF%+9s-lI!;PQTM&<-UDzac7?qL4ta=oU8PJsNOq?vmf
zd`K^)@1o+97fT6Ae;gku)Lwttyj4g5%dIJ5@0XvipOKi~SY|)&DI1TfC_8m<Cwh*0
zAm5N;6z9pIFz;$VZc(C{IYpwnG2bu2nI)L)@id>>Au#{;EEBo_S6rRs&v*Yl1|{=k
z`+g!?O&>V6T&^p#`K1_B4*=#i1hu^M;ng}RQjY~V2D&9qHyR}VYVE%c#eJXiJA7Rd
ziqlG8Te&r!Z(PiGH<ME^xw-khOjF{nRMzbn+<vi{inX_Uk5~UX4_^MV;I!o@!WkcQ
zg7na_O4^{?X=0jks@O8xdYF^m=}L-UYdN(gk1@U}kFnkUF-WrgBT%}is%ibiz!op(
zH@C-Zepy8iUZ*aJ)kN7Z)*b(T-VvliM@zHyUcxIbYqJjm_j;sa9n?ktm8G6ieqHq-
zz`Fv0*m1lxa<F@0C5GVkxr=#ZuydEI(N@($Ucz^a2{hM{?p_|Az>8kAU`fS>-RmUe
zCyCq7w)-K#wV>m8-_4D%!5<LngV;=$(c4qAdMAht&WU)O-$`ZO`m-;fYunkuZ=OcF
zl)>C)JbNPpkso`D7jQOKpcI_{C8FREaZ1?_ZV7mcmY4Zo(%s)mcYc`GDjV)9S<q-=
z-7Kv*ndbVUJzBFh%|&_Dn=NE$RhG(6e@nZt7M%gq&-|eO{VaCfd-h%&yvv+c>zjFm
z&C6C}TcCp?Ld4IHdc$Pf=|%=rf`^gAmSuZ9<LZh>wDO;ZB%5fUAMU9BFw<E_gCHG<
zmuP0dht9IB<W?R*D3ol%&$mY&(){A0G%(e)5G68%`7up&sFeHCIX;?ylsKCVP^?A1
zA7zd=#IFCImzprK>_G#RG6)vXWEjr}$O!8F(#=#S^0465@=JMQKk>ft_PXCog{=Vw
zHUMiTLsTn}!#1Ky^B1>C_m<UwmT-INc?ibdNolH{|6(!SAP#*5v&lGzr9<b5$13-P
zq;3u9xM4dj8SApq>)JEhA#DK~p9sy}_Vy=?+IHE80eV_H{mBLM94scx^^vrsF(p3t
zZA+#rdW@}&&_6zHO?P(>=p>m^!{P9)UwL-Vp-2~1<Taa1wqdoBD!*IQ_>Q?nxpAUA
z^%6uUedLWQvYaUg;gUY)=DmU~yED=cdPPfnw^1UuI_W4&0^Q}dYyw^DygrJW-D6$h
zjH`1CFkyG@+dgeivvWe`OlNx1;pXWCuwLmU(X7Sf(Pxa94ESaS0cSsZ?p^c#n}l1I
zyKQW#s3~oCOpcj_z(U<yhL?nqg&;=tP)Nx7d3#PcxYukSc|1bd_;vcr>K&|LUPaO~
z)}#&YG*CU-4=c#77L0N`bZTmI+#N)xcpFyi%j3fjT93hKcyyCXV_;yi12x&fZ_t9~
z#v}99EEv(;zp5CN+T9DpKQ?_^u$sK}4G*Rx-Cb){`nP9;^y8#^b;9znScw3-k;<s*
zz%otI^Zx3E<EUaQx+$IF&wailo6IC&!c+*qG2qzP;T9qR%fn}k@fr{9usFn`Y{^VZ
zV9C<K=)_}X>Q<64ZM8?Kdhd56s8ro^N^B^WC^fWCBi@7mI$c_Dq~puPr>R)6<9=VS
zh+i~f|4Jv>694Z=F_Srn>{E$=kF5&o=DEqINzvc?TZIm!Vh;G!7hiyu6)mUEy%KHC
zprp)o$@=!0?uQIXRroSRb5@TJ1y-S()N_K*_Lfi9D1<nRsdx&$`LY6+mJYh`m!BAR
z@;@<rGNQe_jHM>8tCP4GhiA)ST|%e3e&(=L#&H~^-0=)_-H4z>_3|}^|MSX;+*;AX
zP~j&S{!RlS2gvxAXFU~u&(+%?R(Pi4HetLhySufqa3R#eD|<Dog;dJ4Q)qaw$m2K-
zw|@bfynW2X>RZXg67x+GYq3faBg7kZ_Z<?EKEs16^8OZXJQ+mG?lVG!6FF|tvF)A!
zD=<!pM~!ev4Ee{xHuJFr{XgraSraDsJ9AJ>t^DnuT#;{=$Nv6gd)+n8*3{_%T&#wP
zRo(MP@2u>fD@K>}8X}EKZP~D1IdYI4!g)G~nSz?vdX)TkMckyp7ATmVY1F2StUu(D
z_#(a|+A=Of6F{b@i=r^Yi-TPFLwMg3wiKmocGJus1N_|q4SK=*c&H=bXkX^kF^poO
z9be|=;<mr}-rH-;%!ct-MJLQv0v$)FVs6Q_Vqc%OEY$ZXAf(~rHX2P}za*6-A)bs*
z))X?lP-=8(1QCsSq8#tFGru_n65=7$Y^o@|YM`K+lMwE|F_hrKpBJq=R9DW7)^wF_
zGP4-0gGuhroh|^6b>iVhA+@(BXfodgjRtCCf7z&5nExgNpOKqK4Qqad%D~#vN(H`Z
zu;9k8^0&|U_0N(}QtX~w*aW+3RxJ?-piCzGnBYuuaQj1p9dG-z`f)eNFTGDJvwiUD
z1Zygz>Z72h16ke8fxSqBz4HG_#S?|`=$S|e82Nz&<X~;5%A7gV_V}>%XwscmG7}ne
ziS_Xcv{v$F^-Evdqs+lsG(SXXJA}EUO30!vUcM3yv=OcqxycXqhmSUV>_MXe2jO7^
zVg&81Nkn))=27#+-(JH+{P$^=r`~-P>Vx^}X*haO^SZs^{vkZs;s5F}(Mk6o9YBIn
z`j4z^EF(tCNH9$2ln9Xn#@UX{1`h9~iIvVx6n~NWlpruv6Az{972R}F?!y;Og0l=H
zuBKOxOo>yERmD|FDxH7Mf(Y|ewnu4&=wQc(F~)V)J1=Jo2Hz#WXF{W*ZxV{Fdw`Yo
z&t37kDL67zmbK0rd=U7Y0>?sboeFNEb!|V3A;=MYAbeY~9uMnfnO>FbIQ!XcU@Bhc
z+NNdx(%!rkv;7PwgTpY1bq4*)?zv*iRM-i3#}FifPEOAi%z{4~gi0yz(<9ciyk@7g
zPs+bHHVnu0ebFkyj{!n?UjJxt|6M8KX9k@pKpqib`P`xg#^+Q9C$VcX!5=Amn=l;9
zOELF!y{D;<s@mNIK9_<pZ(U>fkkb^S(92!6{KJYjW5W5i{p`TuTf~74B;@0ojL7R9
zs4~!^=|<1^!?+#QeU`L&{Wv7fYMzi!|9vM|4rmnH*dOYmukKpaR&-;W?|Zaf0Sxdi
zjfKH8o0hU9G=&{=GTg<E%svTJWIA5|JWaE->#)nG6wVT(jBUro$x3?SiLiPKqR}WE
zQEhY-b4i|LY;+}!9XL9{Ez4?JwnNG43aK%J?_xAo3Ns>KE8)WH|LWsalw|Dpq4mYk
zc(OWC7Uj93-(5WL6M<09U+><}h#zrIwr8pc(sci<qFM{Y9IrT%n9CZ-7FgHFJb~Ga
zb&?MwOh1uo=q-nXt;m-&QV$7MM@P|+gwi^29P(&Qtq;g-7PB7?85TG!o>0aEuQ#UX
z>!tsD;LVU4lCr(!pacJ$3is8}<Q&Cnk*U9|_7K>pr1ow>`@N<H2=K^8F8(@YYbhbK
zaQK~i62AU&HM5!?AGd$%%R!$JD<#Q8fc;*qfPyGC%8`RUf0}j(QAJTu|3!ql>ga%X
zF9$Ats)5CEgTo^P`G_G->fg)JI-!P`gI*^}N*<9VrA7jb!Z31Ct!vf_%g?W^4bbgO
zDXb7HwWP>urRp<ZEWAKlGK;7q%8vaY$wPwuz7Iq$KFU#mKL3K22FrLGeo(V)Gm}hz
zkdiLFe`8$1h1-$cGu0_%Px-H&vx1F}O4(JOgNQkxMGqLBF?YlQ9clsAoBDaYiRx<=
zda?Y*!YBC6N(Qz?pyuH2x6uKfS3XAIV7(g`F7}R|+P8@4C`TsxzSh!+?fejFP>f|^
zJN2{*TJI(D2;Wk2(1l-~lG$zNi4J{I^6xIIh?(ehMkVDDFN!)+bwn{zB1Eaq*jNy3
zH|4dip5%=28`@sv?aPrYGHZrKwp{T94gIY0Q}+VF)qoHB)SvYj3}7UTC)!*2V@=x}
zgjlnh=3%Q#>JC|Tllk?B@lieG!}<-+$EETph(e=q@|4iy#3XqTu+eGNWEEImQc}D^
ztBR{BoVA%=^x8y=4QKn(qYIS&fMRA38yc08uQUgNmM)tlmBj9Wj{{;o3#I|KvT@+$
z02Ckr)j2rW@1x+8s~XE`*ME=|nlITp7LUycDB+L_8<#K>h_{?meqs9U)e#YA11atm
zGpFnaFG4_=5Omz!DA!$MPH{n*!k<VwA~4NtyCX1oO#6rbu3E%DNXj0UT7yRj6mJ(;
z?q9O0fN+^GJu#W6>+}ZNes^#Az24r8?3leXIo51?H=1WNr6n6H86%uv*{3pNr&SKp
zHSxH;Dj;1G@1#}E3{H6rQ)=`C&2(K@A~jo0tA*3b<k2DB-5q+37hd$Q)Xh(sZUz=T
zsA$>f1Y8Ofn+Q<Gmnlh*m`?C}$=!Z+`E?Q>Zvi{?190?~`6`Dy!^n=Qboi<9RghP!
z`&~giquJ%kg<AKVfzY+&g&HB=@R0_@RqH=$&is9ve@O-E+TFZMdPSu3d6=GAj(-v2
zA^Xq{-QP{OLMmPsUCe(2lMupW%}JU9b(O62;?6ye{?tV5`^Dp)@Rl(Yc3CaU0toZ7
z3hrn+A5d5y39fc4Fnk#8cKx|2c%@xEf-=bF&80oyR3F7mQNg32;gnUm3#GjPfhX5}
zYi@8-7IOy~Uu2LIo&$F)YsgdJRFClI%8fZsQ1_+N=6ny9II}-;KF98jZ}QKXbIkMu
zYIL9bB>LZlR=uf!8vwe$gN6Evgc3wIPfgvMrPJ4J+1U6#95&R^$C;}8qH7E|RYvV;
zVbj!>;|v%*>9bsmefbttqw-F37MYUnw!(<V#i{Zy-SMABAi5g=&~3%?xrrIq57P!Q
zcDk&gouAf+Y<Ju%g%{M%WBcSk-=#K`q1TK65vEgHE4A1|#tdC>O}jjH15V3Pn6>JN
zwk$7kX<q)NS1Wr#MeB$5IZiK8c#|eXO@E)5(fqa8hM<-Zh$3dJ+9%fDILyH{wTByw
z#Rv|O`en^v<dL%9x=LrN>d2PN(4M{c30rr0oCk2pHHkh{^Tg>nLA2V40?5UNs1-+_
z63dRN#?w~@D?Bc}$z$}Kh+6;BQRN@THjL8yhYme@K~fp+mA|TBKJ1f9VyQ$CJY#wI
zHFO;F2UVvwevfOH@ypwaR@jBB6+E0FR>m&4{#~B10VkwrOgxP-dzP0BtyFg$@7pN$
zhFndDqc75c6JeaG)?Zn5gzevzWvv8B3(~tWPWj1gb7>rq2J5BzT%<T}k676^BAerE
z%LQS%U|;ffuh#ac#Mx>W*BIpD`Py6L%auLg#23w+-%z?}YRQvcaK3p`Z-M&xpr|Wp
z;k=Hw|Hk!1pYFa=2&+bL!}?8w)HDK6+kEwXs!Z@fQ_~uYXL)hX@T%Z26=*2(;wL_y
z_^truV7kkL9ro|TCD6yUl%*>fArmLSG5%N$?|@|ND@&!<l3)bM38Fx@4eS~$`d-Tt
z=LYwcXeo_<`@;q+s^20V#&ZUekOf%-IcuD_i7z_Upp$gWUIHEsSsj2wX8iQ?TZXd_
zxGdramWF;U2bMTJykGk~RDXzyQh1QDc41+Fh)VAtC*XY<9>Ze=iBn?Pln>BdLGr!W
zV4sZ!ph$9{P-1_y566CKxj)Hq54*=-oZwuU&@z|`8+^*XyY@!skZOE&;6rbI@l6Ov
z3(!HVVF6yG^hj}b*moSm(_<&Sb6w)jer)r6{X;u2+!c(o3rh(^`y$~ufZ%|9?12Nc
zVetr(>I?2IiLpTrxqwyL@)zTBRkXUHEEBGjMNrQltmxWrTr3<AJ$2u@pv)YC%UNFT
zbi4Tw@lc85(?3mlFEyl6B7*azgaQ8|Yj6is!Jbn5)<Nq-1A{kVz&5ylMok%O$-MfU
z)rl$mD}0ZO-Ew139E?pRX(Bj)uWD~>zv7?rV1Xx2d}3oc`F8CQfgg35<5e8Y=_8BG
z-o@9)rh>Q8fj2jOI%r|X9_Qm@3ufdP#q{pmpg*3z@bBY-^6mj<$A8Vn3&i$4T*SKO
zNN~9Bw75=X|GEfo@l21GpdX@sv+{zoL*?;$iL4nfUw^W_X;EXc;WVu~5KMBwV12SJ
zY8@2$mLo*kvK8^3|2L@5_UNZp;bCHaCq$F}6ZS^5OcCw2K&WL2@eP(2m0YjDrzA8A
zbBkZin@_;RC&wijLcDMA$wmGDX{EIsGFKNF%DC|zEJR+3b>8F2la{^o7J4P49tI<q
z(#J|T`zq|k$)&dId>^OMM?z|J(yA(M2Ig7$kQ-zDOkV1H31soHT!F~PHc*BOmc;3?
zl<^>f%7Nu%oKNc-yM93;$UW`^ojgY<tyohA6nUn>z@;4(G3}Kxr>&T5CWD8AN<VM@
zpyCMKyoZ3u+X+HN^Q%crdmjY{>ZeUN=zLh!o!_SlW?OE8eyS9%G5BPAWxcZ+-3}ay
zuE;y$=7L%DeLv`#YDLGxZsg|DVFJaxK~YVzh(*;Byq|3*g1$=K@C()2fWldqcgM^x
zf@YJ<kKZ|!m>kIjJEv1<O$c<R&7&X(8y2F{fBuw5c3uX3L;JV36LRT-uevS)F$*ui
zG4@!GjPpP%1Ui4B9ffT(_;zXIaO>`#BI)fK_z}zEd{6c^^j5#Qk@oV#+fQ^I&!)7T
zYuGpB0WRC56f{4ndPK>Ti!GIm$aS?jks6A8<*EA!df@n4^i^~^>iyJrj;62LB@vR!
zEhZMaeyWhfcc{r4-~YApdxW3k0LDUW8W^(Yz1)245$R+g;Ty$@c(_K#s``f(6(am1
zTa3eOiy|pv@6hXyo~J`q>pJ|8HKwhQ>`xhINczCftT7f8?=zoajIcyI!42_!!xJfb
z+>ZlY<7sz~Y^nwENwH~|CTOst)+2#XMi|I*-#M6jJEl?6r76SHkzeFR-Iqm`bTIxP
z0}IcGQlF6W4>AcrR0<WPGK!dAnj-x4IpoSYlBgeFv5hZd;?h^MuW=1ol(E28vMn3!
z37N~|h-kbYtahK`=c*C~izm#~55@LB9x!MTKB7<=Ezex2%0Xg`a%2S*d7-hYa(<<Q
zLd}Fh__+ITDYg-T@el`&*k?>gv|>?>f(k>wULn@*OX}4Y{>iVU!yY4=pq3z>83-#+
z(d*a?=aX%o>j<~}_Kkq1t=|`)!lolmd{;X@w$xzIIdBJ26H%>rKPlx`fBMd*%2y^?
z!ca7Sn%k~s7D4m1<3PmQ+wDE-0Ec@ohi9*6^4j=3u~pPWe@?(v%HMKmvH8o8(2fI;
z5YeEq4hkCkgZvCmOPIqC7Ff2N6)D4H2T?KCD+0h;rS(qru_I*{OKJg#_I)Td5%r4q
z30R&NetvUiot-MNOG-54-8-nzcc5bI0;_5IVlRZlM?HMeuY(B1F`}w7BwP?!8Gl&<
z&T|M3M=S{hgp^1QB%cM;HKCzG`xEm*@%Yy}(&4*0f=dTvCi9@40kP_LzCc)T5l~RI
zLAU9LIi*JI^Hw+5!E7{@Ca(sn!4`z1rU%tvTcTCvc7Ees&xdY@L9hiC?BmWuXvpnh
z|I^AUB>QkYS>B5Nw7)vAFXP|spR|W<1akf?sy+M$wpT4W$kY8SMo*bQ9svzk>1By0
zdV3*x_T7S#yC4_1jY66`Yvwvl-JS6i)A;n|@@Lyx^$s~SHleO#ttDi}3yIIB5i<k_
zD9qNm6JxX?RNP*FJ-PRxb)tgQry+*UqgMADDVk$+*Ub%v?qrnpS&&!glcG%t9eWXB
zM&IjK-DRHgzfnnDS0#BLx^mw4U^_TwbzO<9z+li|s?}b#?6jQ)vXNh6dpkxIo+syy
z*p$7|Mm$VAD90*>@N6Xpl*HP_&1eEz##DIoZ-pKi^1HLVb>cXa{&NZU3O=3{m|aYs
zij~v=$;hw{69d2ca9lROCRlc8iVRaIqud^C`9F_S-~4`?Raxx`YjC(+GJpXh?(sXQ
zRS{?nigM7LZ_AV=5YzXxQ|}?MPVPxfZ*_*Hf3z5LrC9H26?ejo73v6Y5q^K^%*b6Z
z{qXLM&uYB<ph<g7jjTAJAcHH=rpX9<?gr}G`M5!?Z4}FOBm7VfVj0U(?Qce{>W{A(
zcPeTwIsqQ-;@UuI8QB>;N2^uoVPfPUn+~S!W+TjrDHrMVQw#ABM~VOPwV=2Z>UFD}
z4_B)7o?dZh1ZWM4x!U{AhMRU%*OBgXxa{oeUct!Nj#zW=l*VyVO)?^;+q)_J7A+>_
z&?65+AeTX({?ga{@ipyE1q(#qN%QMRKyDN}1wBpcx|#t^(3iJ3(;3iB<*4?z<Nh){
zBy_vbKw)t*8t*ZSQFWiJYa-1`+V{;;JdF#*cr}_#uKYISN|~QCnrHaz>l?)zhPP+$
zUHW>IzILbJ#CwUHrQn!PlUFAS$<sA!M{}^Dj3HlHbq%7dg@U}&3G^M$J;&!004o&r
zfcH=(tbcM?K~3Uft(l8hOQ7+Z(Fg_$8O`uRA~}EQz|HhK3^6#KE@H3LHzHv6w&AXL
zs2XgXy`k-yMyDr(DrxJ#IgQR5NNB56Stm_D1WPfPBT61u<-^|A6nxoN$c1x;463vf
zr7a$TJG|6u4;)4!K<5Bp*?Q~)lD_<TfwqW-SAI+V`~_q}w}T^VsMyycm446g*a)D%
zpe3P-`KbI}mzxDW=Lm*9@}mzItM%UZ!p?{^J4oU8xGtZ+`WAg1gi$deFq*b3+-F1<
z?3I&`IK+eDF?1?L|6`o^{uGJ5Qz>-<8D_pf5u&ilV_WGq<!VP}jRb19-y@PG12kvT
z)H!o*Zfb>u9*3r-cq|tR=W6uVK`xf$3LZNv%v$3y^aaa2PiN}em5tBoeMl3=h>q2}
zwd8+1y{)T($RPRO0m*->Oh{Tng#;A6ruBZp$qsI-u$G}afz}9%!nQU!aD&mksi{xH
z<b_)^a$$OXy>esRJ?9U>oR13fvO?@77#Tu1=E58sKgoA_FFR+#b5Es}<xOYxg3+*`
z!2hXVNa!J!o;E;$R{=jME-{qj368|0j0N?yRJ&4v(r;X#aSMtdTewqnId?bTSYUl6
zo;;-!9rYtDTn9EqoT^87tY)Zhma-KLiJ-pW1_ppET|XzCn*TF5?b7^vs}T#zTdQ!T
z#<AF~P>cfRa7%9gn7N9ECE};Nvett1J;^skCNag#3u)4Zm0m|HAb(nfm^(LAyl~ht
zs_sTwk}zqZ+vAd7<C3AsY{wfoW@;4A6|nDS;o=Qy4p4T=xO=nOBXZJ&k<j)}ZRq>E
zz8hOdPFE&7zj@{Fa>Rj$H;^oD#6;Qu=E%&Fx$*zVYQV}afRK~Xk5V9%-!KnFt~=bA
zFN$J0X*(F%NfS?ZljM3^XKK}H-*c}~<YFmF(EdI2BD%?$WN<^+@@~%*U^lSj5?lIJ
zm)jJL#s?B8P?dtOwG^EL_rk=nU&|}|*ie%cAmqm~ObDk38nc+@5C@v`-kVQ*kzR&2
zO;ifz0~t5=#}TuQOsqGl9W|y54jOJISs3fxkD-TRyY2?_1X<3sz2?ICcygorv+g<9
zuxC15ew3Go4me_@I9TnOP9i*7Bnr~CrNb)TVy~cSzQMa!kIJZem{5jxbl+Vk_`_H$
zD?5u>Me79EMk?+gPj*9+fT9N@zqQGyK3Fw<H7$3HD(2=xIzNP2-M!UA(B!}tp<>5D
zjJz3|J3G6H-a1Z8^d_ms96g0vXyvpM8yes)d}Bt0u96RV%jo~UhxaV%REHcdP1w9U
zcOIMzU~j<f<^>1mf+o`a1AGq_-*QF+mM#c*Ht48r0#4}s%N9Dc*geC|PS~aCceksX
zJg4Q}3B{$<c0^dF8t3i{le0@=f-8~IrHbQH3q(ZfE;xBMYNx690DP9b3mjJ!wL+Tz
z#KcXs{UD_<%dgh!!+pqQ8b>bVe}xt@_eZVuqzYFo0?P;ut*`Ao%`jxpkZ(}&Y>rEK
z4EdQ9QDB6dy#X$mz`0xR-aY9S#qXbGo~D$qD*+k7kT#PPBC$3v_2D@@JVl3S$vU!4
zEH5(Ibfj<q9<J}exW)5fDdaM)qs(7=hCh^SCaH$cTqP9!h+yr|Bnk~T34?x9gjEGv
zRT)xh|00oSMYnG4bstk!Hffj-YwVU-^Y~=4syq~~YyESclXUX_yoqg~mC=tZ-28`(
z>`Mjjw7>!k*}c!{8@k8+Tg{i}Cm&r*K<&+&at=ENuRX_=9n@rRq9#uhlzDoX0X<p6
z%hP>`_MCClqP$bZ<5H+)J*vi5hoEu@H@Ok>K`dli?);xRh!LLdu>aOU?4xua%JogX
zGiO7O95&0p{Vw+|KOtQ%*iH?%TjrLqhQZp6dGSejK_jESliv?-CYDzau)Mb7Y-hiP
z=&h)d!BK8j1~?a7$D6+Rxa^@8t-l~yatwaaS8OYDl$t7DpRNF<j=8WCl&lkFIlI7(
z%3oMvuT)@<K`NTNqKC<u*^Jwd*<n{|NTNNVWX<p#{IOz1r95c4EinqY=nCi}Yy}D;
z7ctp0BE&2>Vu5yL{U02RF0BnAw+69v_l#Wdl|s#p4hCPALha{&C{te#ezo(4B)oze
zWU05kk{N_KYpCP8@%|^ZFXrWK*=Ol+(8*l(riNuQo3}cOWqmhuo#te-l&PI$$3MAn
zb;ILuJd&6UewB|}mO#1O=2u$UmVY7`c_PQ>k4e>!u7L2_#)bkpxLBVFgcbv4Nh5yJ
zrvZ#_O)RmqCWoNzM+WsqIG&6y=6b}xz3>o(WBO+&$?qL?2yHU<ilOawbmX(K*S<D-
z1zUXz)?nO;)T)D&)`rwzOpl7ws++evb02eP3QoQ^n^QE`|BVZA(yuWYdR?|!eSpD4
zRQK4l>Hu(~@fwQl!hfj#5xziN>F`i`cAHFiefX?=w6JzCVSAMM3GzOVJ?Bn^R5svR
z3UhmUW}RSeIW!J)J7%P58XiIq?Hd0`tSbYP*sh&1Ry8$p9u<MyW70T)sALC<XP#q7
z9&!EKw~ST94F|OCXHlpYa>VSb`R?hm#eN*VgHS-{$G+V*Vz!NUgR)#xbo1%2=Q?Nq
zEj=(g_0ozKvCc~K2frMv6;<fU4CL*g*I#ocZyi#zpPGlJb=JiXm)crhX0Ui&IhqGK
zoSg`VQU*TBr3`FvX<M<>9r;A+O_+ZkZEo4lDr%TD_dkTy#uwLtYmZwSqH`{_j?2Vp
zv9<;{-EcgDDUML{hmm#GLugE#P)jZOjhvFO-6IF&sRQ`!j8p9lH?XGSYsl~%m<&B7
zYf!#4ymTdswmSd35ZEH&4re$Tdz}f~XnY<w5cx8C{=xNXm5Ydo+m=U%e;u(^KGkp?
zJnmpWMW1WAsw(<I+;aPqG+u5$ihc_R?KTu301CrQ@iYZOOvYZr+v~CHb>SY8L|>;H
ziPBS~NJ#cMGv76Q9Twzn2)`4Wj1`x6S^w4}FI!OtiGXaMB^*J>4TnXmcqC!?@<o3$
zvAUM9$hMwZG=Ct2n`=)E^=Pm0a3DjkGvfoKt)BfTG!PK>WG@$JJ|OGlvHx3)G`kt7
zrQE`~L*ykjt?{E8T4~Pt&~Q9``OgvG#xxxJX2~C6+O;tvcF<-Wj3e#^L3?qTM#A13
zb)7zaOo=GXT3KSBEdINwh8#jWzFavO_hxNT5(i9SjoS?O&5h{iQ*ZT^l>Mo~t?NE#
zf58R5Z_M_6s<K|zhWkJW?A3yz>Uk-XLdEk-YV+iWR)1jAzI)MfcLTnuMlWXgF7d40
z;UMnaV%}aWXK@|F(vT*Tg4Z?tXy(!3YvqNQMvC@$5Zf-9c+%TZDn)9b4?c~1N?W|@
zrqUb{_j|{=S(}r}b(n(*nufwyz1Cotl0=5oiyQW-ZW50>YFPk%wUnB_>GU2llkW|A
zvn}_2Eu7ey^`~iaeY_d2AA>u`05b7Z6>F@19e9_C(^a}+!qhI+eK4(j8lgD};_k4e
zUUE>Yc1EbRP6U2a-r$JkznsPCrePQCdzkcbM5=nZw`_D6Th{YLw@yOUc|fJ3;b3?6
zShs0@8bEF?tj>o|T|SvMR=+$UyK^pg`C1^zSL5&R(dk*`%-Hu{ThIkLr9EqEVomW-
zww~EPhT|@gh}J)aE2A$g?r<?}km&`@@QJ5;yyU@rC&rRwYI$7IJZ+*NsK^+-LExjH
zf!R6ZV2aQr^Z%UF4dF9e?zjk-GjNPLDJ#X~7uCGja6>aYA?5MnZ>0KC@9!~%N-6{d
zhQ8O74YfZNcI{}=Wd2fIb+jOup&k}@1R`5)n5BNWSIL%Z^ySfDcuX2*jTaRHCxXmG
z0E^^WAoqx3gl(zeTHG&7JuKs}#X2xEMMKr{g-gp^C_T|`|A{!OBu1|rP%Bf9ne&(D
zqF!Q_XQMn)%(kVQjieVjQR63fUh}ySAJX)3i(@`NiMNRO4+B(ST1Gtbh>z3YnKbYm
z86OW;x{7OM3t6tms~l1r(3|YEC)z3=Zto$n{!u=B6%D;;*B|@lh8I3Q_zj*=2~2Q1
z`0S3@)(Zll{K!STg@GD2KKGVuH;`oG3}h><|J11`e_j1_58LD&04(FaSHLLX8=N<I
zwF<-IOVc$aXg6^ROJiNpU<Cbc0o5V<BTj6qZavvYzZ45-%fMegqQ}sYr>m0dLX&9!
zgSrVJ5-WfvUine?NBhSN35)_ARG`BkM;e2YrZAje%w2!<=TGAboXR%Iw$ykiv!9r}
zzjN1OjeL}exS_X*vVKvx5V*N#Sv2|HexBSO_gl&=D-$fg3!;IEVS1R6V|8T#sX_PN
zJvmm>`uCnebSaNHj=UZRIv##F672ERAL-I)3^zpB=pd&Imgk4kP5$9j;2$N(*@){q
zZ4?C^oMr-vD{xQ=^r}{czxNzPY}_7!S4Ql*AC7ju^mz1t?Z8E4+gHD?6BvFACp4Wl
zP}7`D^-+d@Aysf&?`>ZzLwQEo{ITHeQ>w<`pM2S3l5Al^yYR)Wvl(_y=hr-sPyUq=
z2Y~c{@}ze)SZ6*$2qc-0G|Mag#u7aQRYj%K_&&xl%cN2}SB%fD9|`OmWO?3I9Dp6g
z=N0qX>ueVnEzE0QA-`&|L<n=ajwt3QC|AKUJw{@&Ig4F*2rRgMldf3Q)S&tLa0vdm
zpSeXjjo_%UoDkW>d^3~9@_*Nad){7FE!a^AG!#wDP#-3sd|pQuYSgt4o{T#I>U%iA
zIQBB0xdN>NJ_-LnCpS%)RcnMsWA{TWw{O_{1J~Pa^3YP(_sGM2jFOL^PO3Ijm(s2-
zM}E9y`}8h_`_P1oBl%#FY=<yA7kh7x7Qh?+@U)M$J~J7BHw0IBK!EE@Jsrq{^Bmm;
z7=vEi&)IVhp%FtJlPEsUC9LIKd+aT@X*u=b+WdFNmB@XXER{A#Jp+72Plx>Vk2OQL
z#seq`F49uPf<vasl+G(ENo-_zG~te`p%n~t5gPkG_h8*8ckVhrYjb^(?+#)c`bsai
z9d`eq;PhV<04SPqRIigm@^u#6M5NX^xv=$y&j+G<W@Qlwn#;V#|33^Z|G=PiIT0A0
zNg;L{zAkYZNPaItg2ziPNX|WT^Gx8+SMmG0HZ1E4G>^L7Fvn`@rByy2U&cQY6XTSx
z6@WPa5k&hgpNiRn!m?wWoLd`6WNFoB($11#Hz@SgFq0OE#T@vnxEc3glo|0fz+AT3
ziX)U?#yr7vt$WyVq)|WuV~LL`zjY0}!n{@UO2;vDYT!>^ZUd+1(O8tEcUu2o;gjHV
z;w}4AkJOld$FZce%<PUcj=isx+~jDd*GlZaV*DL&5(BNO4<ZN+W@PX)?f44gr8o|h
zeP6wt`Z|+p>e!O!Vd@=q9A@ADEb0=59JHtf=WUGKWS1BlLB~i%s=!3d*@o|t#fmAO
z*SB^kU7DGBtlSDHgltK7Uj#A;{-da?&9Vq^w&!aDzJ`7A-}zDvmxct?<QZ9vr|Wf-
zW9I06Hz4_<b<zV?681mrK7wqc#ZtL>(DOxr?g($eds`+)8up+4Q)9}Xa=^Vg%LHFA
zZ*ag_AwX4cZr+jy$p~2)Zt%3m5a?|Mu2?za^X2>lf0vW9HYlqbB1kV~NSk)4Wz51j
zx&A97Adr&MHFTwo15Ghu>18FpuoY{1`ZPFVUix2!?Z-WA4lb(bz4=5kPTRoj__<&K
zXcJ77lu{T-nEPoQKb<kXP|PQivRz)B=~p<_>C}eL8<1lzkm2;7TY||n%gI8n$y|<Q
zlBbXcZY*NJ`16=~77imelci+V2SA(gGuy#k$5-%4p8t`z7{Zu_ZEAeWWOf^T)C%uN
zroBi#c4zu9#y#VBBOVLB#p<aJkFS+a?~(~@bqSjA_4vntDh=3v`cD=C4^)}!8<5mR
z#}{Pu5`HTrhJ;|HdG}yFRxkwr2L&P+59CCe9heBq^i>ORA*ody(_RJ@@cmx<^L0e4
zWX^;hGkSIEDma+s*T2UA6HwbLf@t_TP>PolEWkzq3~V6_0?e5n1`O-~a@cYa+Sekl
zxA&n{=oe3EEz|4WvQBg^0hjwCPTafvykOA7C6Qr^r>WA{w7&AWX~cOE2d?`jO6hzI
z*x~7nfR<&eG4s+Yq&WP@i+PtNNv<IAKUiE5N_@MZj<iZ{$ay0CH9WZV+(TXl=2&%*
zU&s7<3E7fYl5g<n;P6&k<DD;9`J{XK<GDBfG<Z@Us(VLf-zTu6EWBlYD`9|jOMu|0
zd{HE+u?s!Fv^q<wVZ;A7@JW666O`t0l8v`*-ASRWIxPH`!L1~ZhqLm}wG9Rh3x{NC
z6btz&q1^s_;lE$*JUwcpT+Y3`{7zlDI4ukEVc?dxmP;E+NAShsvHNEV+t6qhLX)K3
z$Q8;FomBLt6HYLMx4ljnBFl_KnK0mWs)wGn&#qV;3wjzE2F0_~fbc(W1K4i_g>4tq
zAKj80{HODy{7}HF=%7E2l$DB}TDUA<lblhkgH2oE8}9hhQ=ya+58~YH5~`1x`4}{~
zQxQ&sldgwSYMi7f{|c>iG^w?qszmD_FgE9SVg7y$>`*-!M$Em5Wxe8J+z7Y+L|;FG
zzILuL3XA{_n1*A;Qhp0eN#I||ExYlME4=;19+Cn1$?)Oxjqs?paHW#EOnA>|vP}8D
zno=Fw3`t~Y*K@tAbDi+8It3)QvF2O?YOx+TEk}2GoNddT05Vu_KpkVRBZn-@ckQ4Z
zsuZJ$1}O0?YCH_aUN*YtZ%~b&h(0(17`ycx9{M<gPH8?t;l?=2tYDV#`F}3E-T)X`
z7T=F4WCxX`kfr4n;w(loJ8I7KHb`0|4fI<z?#qdjKC`O&sl8<+6~UeX8wi?&pNZnQ
z=<CW{gCHK<ev$HAeIxx*LVUJacHTVXwqtfx<2C`;s{K^&h7hTys}Hc{WAIlaNV#GT
zYi?}F6@-LrGNj*VBNVDVM$Xb{6oJA&3JY0^>gl`5!o96YqOtns4~f3dISp%$9OP`@
z;S+bL#LOZvDa5nT@G(M$BXC7A#xdSWAf;bF2V9b&Xb)}_GS;)nS>Ewsk}E_={4rmG
zwUEWk9zKTv(jaI}ly42g$rh6_s`u6ABW}&7Wbt8sY`{2&$O?{Wn5T1p;DHfG@RW!o
zJ$*kPMz67;$*+=FDK*z|l2RIQb2Htr-f>3i;W(bpX3+dWsUO#uX%7Cvje4a2r3nLL
z#Go^^mg03+WbQT7<)!)UQrI<q`=s0d@%9?<ixmOJA1E4jti&uLFxmP)hK!@pn1%6>
zvs1yPQy?HFM&MtMaRf^&L(3L?H&y=LkmaMSR6I=1sxbU_Cy=bjViusC$bmNU9W7Q7
z7WP8cKlA8a*@1t1Q~$(6@A~xItbk8l0n(0Wc9b2FGO=fqf%^SKLE_X?k2_Gquuf!7
zTgN*;)b2i>m-h7&x1;}>f?Iw+Np+l8Bzcvl;Y9Dvn(YzeN}Id?-R8$<-jDU|N3#bx
z!f>=@u;hs{o4H#K3p1CCyxEMW!3X^><!mL3K0hF(mNsrXKTSkmCq4DMcRyKfWN#-l
zLxZ<p9wYV7WG$c_RfZ+;RFDIc+Q?3mHqwq7s@xNgjMrM{-b{#nYPH{y*;1bTmBXCK
zu81N_94G1jI2?#;Z5=iGQ}-)XCZBrate)*^35C-Ly>+Z=DH~YC$T8u;*I*;r!e8o6
z)&*CLKc#8X{+@aNQ}aIglumakFS%$>7TJp63DmPux@wP!7cjrtI-R8&D8q?v(EX_<
zMkh_(0AVxfuC8{=V)XWytw}Ew>{<aPnXQbMpj57<%nw6SLvjt7n$WsR!l2GZ)LT;r
z9oRn;vyNuDAC`pIN<KM^>?CC`&EiZhmUOAzW9ExfCjw&?<MP0bpWjM{E15y5Y05*1
z%Q@jR2f_Wm3MfYL=EQ5=k!5qHvwZm>$>GoC9ZNcnEcl+o8=Ztqlg})6#Itb}cEA*q
z=tROr7azLw?dp-{vAZZk^5Ha>VlLr+?rNjP(F*#9s+A%3yohS(WD^=)nRq4N5e)~f
zBN)uv3{MIlv^~u6_u}PGn#D1z_!nlH7$i21kg)YW9{_Y57yRBUw<1Toc1*(K!b28<
ztyWhgR2tz>5qwrnp5#~y>gIMk@f9kKdMCSJwyZDfT!KH@87)N54}@f~>68b}7(u<9
zT+F2pM<b9R*!YuoD$V{HK1z#5)Zxq{GR0Z9;`r(|53NdE{w&-#-;g>kY1WZiF1LVa
zne%Cu9ifHZT>9HZdtG&gfL6+lElfr}WRak$5|v+YntYXP{>*EP6^o6zywQLR^Ynw+
z4rRcq*ad`WS)F-K|IGZcd+Mj;42f*6xKFg9swHdh#zKudsm&xau$2ze8yJ~+t{Yg;
z(rN1P!&G?O2>yk>m`g?y88~sh`8;nus?98;9Ge@hf(hdyt|$vzw7H^|`RgNhZv1KE
zDxZ_}vgVJzMhdJ0J<4SFR_}yYdY5E>42f=b{V|7Idv)Tw_|!?1!NPt9J0ADvuY<w6
zA2>1sHqPrqNoS}anw;!<QBCW&Kdga<g-{$Aq<ONsB=wn!Di70I;sBtO;R3Y?S{Z$N
z8X^fEaKb;UL-FT;Tb_}{s0H!GgXqD``exZpGZ<+IoM|7A{SSO=@ejFZ!6dLE#_YT^
z%GFb_JC)5IHmOv(D_-q8ryp9c>%)1~aE1F<=8E+;j^$`;+37W&?Hj5JW${ypP_CwA
zdS>v3sIvgSida=>%8;j9SaAF=R6PRtDgC!`?{QhkZCh!Qs=1H+cH1sH1+%)iU6>jT
z9J)2j+r!qs%Ry3EJi*k&++Adyq-}{elXm+)Rvw<zyG7N!)$3kEve2Krb+m~of!acz
zS#gB(_wlaJP@#B)xU^7a^%J8L*>7u7cM;aEyNLrvx}h;XLF{B&_%gx7_l_vse+7Nr
z*0H4^b>C5S^2sT_T<isDJyY!9o#j4$%ZIpvV4srESEOyq-wD4<vt?f9L-{2iLdZ)`
zyQP-iXlkp3tTe5eGT@rMoV~1?QYTN8BHbc;mLAmVW~{0`LtF+5KI&b<9YuWrcr*nl
zT6RU6qF%_7hOtNA_7V!phh<>w7{pU+`*A0+Km55eAPteLJ#RkiIe`?dFM2G13G0@(
zxwr2<3TOYLwKVXwS$NZc@0X^}rGE9e>=7z28^mBKR@;zxli+AkcUf+o(56rW_f)fu
zI}#;Bhi&CD1#$X|KG5YijKnyiG_s$h8SlCKo)#h0NofI7hn){Q;N`{J3H*aLr(o43
z-W5BnA1<x97;kI|nB3d=c-Cl>8_rjlP4Mz`R6R9>ZFDL^Lk2;D3D0=PK_8CDOOl<K
zdpOIE4^Vr=Rw$17liSk7QF7Rfh<gFOc{o|tpgFRZYtfE_{J>whsccy`3sTKGKyW9<
zSP3AF6f13xwANCt9KD<n3P%`fWY)keiiGt2vcq`3H)FmfIE>rXf<KzG#6Hauk<Op!
zcT#m|BGdUjc`sSyXu*6rup>z>o{GSmTH^iYa68#htdSk=bYd7s<5O8z6YYoq+Bf|k
z;NZ~BL%M(FdlcU@TMk~?i)Q;(lidz-eKlHd_(G0v?Xt5ARY?QJ9A15bNz(S^=5aQl
zsLek)0v^Ira#h$+rW_&Tu51pH7h7aK1vam*x3eYS6zTw(kNG=F-y)wz^0ks;W1O(0
z{}eacxAJiQhPR2(WBjT3FMJa79`JG3z{z{PcrJT=k0;oL7Q3o;0mTSD-04CL&su7^
z2BMwL^>D<O_Z-+8iru|}TkDYwy68#q`-)JqQ0TEK=n^e4WEoVH5svtxA!Be9Vp0jX
zdivTdEe%G!NCuE}_jp<IeKTgtX6~1!pznVzxDFTswxA!>=1|EE!0Qs&jOVhgQB+(&
zR`e6+bdMkZG^W4Mr*~mBApmAq_1O#AjBT`Vg>Y-a+WCu28CSV1V*N+3@}u47A%>$T
zD(iCob?)_252TQ$wqX@xCewwF*4ecfXj6raGd_+J)3&v;2}<rF7WVu>u^My|Ei&X8
zg(?w_U&KNxuqece0G4P$H|xIb#SmzwWSuL>NitO^s;FVfAiEK#FA#s31Io4(D?e3@
zPHFN9{U7G&EtbX{ZY@PWn`-`LPS&2v<J7rv&TQ;1^!(9oG~5cOhjsmP%61zhy*n*s
z$6`He_?A;dCIOTdq<y&elAY2|MR=kKD&2SEK&ALpSP^>mB6=AC=XeCtr2m28PT$^f
zv5t_*o4>c+;HlL&Z?e7x$Qi0zk&p^l3OzwI^pn8xTQwX47;7ss4?kMbVO*pu84(?L
z^xt<^Sm@OxB7a3z4Ea{%=JN?SNMzyAW5WZdu|~jnaTWV%L#5r9^Rjvk0BLq3>Km&?
z-@BGQXVMrbMYYkB>$at6Vu}>d+&H3sA<xc<Zirp1wO^Sq-R|w$!Wk(Tk{tBzlvTzv
z*xv;d`x*ETV-B7_6!5;GPd>)Kb9$xBx+dMpdW+b8ZdWc<nP(YR?hle{VU$J46(vD*
znXnlm%DRsKV{`zpE(BR`Kd5=%Kvu^%IRR>a7M%p(%p|u<kd`#1ix0W{+(F6$haX(Y
zRS~`yEc3oWwc2Q>U9-t!G2EI2d#~~mIwSUT5C#-N#OqVs^@oPTwd|%|BMjS3kWU|6
zG&Z$;NaxUT7m@$1qWam#a~=L@;?13jMB~w4_tRMamvzAL6^eiCghp@#_o{!lCU_dQ
zhRr4<DB2-Qv;D;#_Ax}l?e^5>+Fbu7?~C4>x5q;>_Z5TB`!#Hamg*Ga)AAMp&L)8^
zhkbFdOUU{Y7U_!qAQnWe(dYp1>wdkORb#}X`+`5#L|_$6x3Kp|e_@a{(G)S*Z)A%A
zl;vhcU;9s>Xo7YsvZzzu@;y#5B--Q9t~h(vrDC#js%wJIfAV0f;@t8c!}YE<UX@Qu
zk~9fWuQC^3*>HDh_W$;7SeewITm;@;n)?gAyqU#<*R9i|`6Gd&%GjW&6<x6CLi|(o
z>WP21;laIIaqj5I{!~50>cz)zg;25psH!Y#n@xGhm1f~HNhPuK5CT~K3`79vMbVQ@
z1;!HhDL}UNne$s0gq`2@U|1zCeW4$9|6!lk^<ZlPoFBNM#x-i{?CE6<;?b=w0q_eo
zT>rNHxos2F<RE@GeOOii*-?XxA1(Msgi+d(cPziwNJNJfLWTcoHv{^gXA<zA=+rPF
zHwWUStPKvWW#_OgCrL;Lrj(=jR4B+&cgd4|d~j)Ga(0_}aI8dm_ddQ2Dg^noeG6BX
zflAf?lu80DVM|dT4+^U0C(ory!||kMr6WPpM$Ng#3H{ACuTJ4(u>*>*Mn;d;&;ULB
zu-*>-a}QnQvFV9Z2Fq3evsI?5#X#6*U(K&nF}DpY8Ja8S!B$hY8q8qFVs^Ei*sScM
zs3;dn)n_Y@6^Iqj&oX^HO#zjx+D$E==H`S%Cs0Ph@XQEROx#ln^;i-b2(wGE>rC{h
z1OKo%Y#jl8<O8)j28hGIQxKqvSJFMfIWt`lIIGPu14DvDa^S%~!96iUhvTA*Y{O~#
z*7ElXL;Yb_zF0U^Vl5T&oUFRS<crW5fOng?P3!T&-75&d1uMSG8M_bCY;?{hMG<&I
z_~1dEN;aEVl$kPsBUGJxKe89J?vGeT#+h?@MP@of=458n@<Cy<bfm}F`db9~pd`{I
z6}os#G=OI!R(7$+z4oN(_Nl8pv#lo&iBPtyItTw*Io_1V4+)QyakwwQJe>v)PCXWH
z0;Q<s0^;u*Etx9>_fi&tnbz_}Nrr<2rbv|vcVBP5cdIeRp9}gk{b%QVAdiNWZ(r9T
zKD2)oC_I-Qa-F}hc0a6n2wpdrr2-bew4vT(@S`r+M*2JU>j)nFKc=oRy3S~6$4TR)
zL1UwFW7}+u#<r~!+qRv?ZEV}N)7aK`+IzqD{yl52wf8$`JkQJwa_F$xHrTb>^L*S$
zxY2&+h3Av0Pg+}uoV&xpLDuEDc#>^euP+|{3ez98pwXNE6XQ$e&kzbTT769mlpT%m
zlu3<GPgvkV&~V$7MyVmhP}6FPu)R@gjr0HWZhe*?7(jNTr39F~hTNiRgnuAu%st2(
z`r7_T&Kev&@VzV)KP^qufxEJ*p<e62qZSUFX`zE2XUTKo=g1K<g0*z65LW`ilcXHH
z%BS+{I>~?^T=y_F`Mu?7bH<4G=Gsd~pc?5^!ku5Wt5jY1MHR<o^T!@#7nI{`L{9Z+
zAMo`jEIk5jo#+9+=e=}GL%$R#sRJl$sUy?I?Hs;GT{)yS9&D)a<C?kT@74&~)MfIi
zJcD~KzG#+Jcp~HBnRJW#G4;095myLQlscGdXNeFwTZbEKlMHfdKchs?d-pcpkz^IT
zhS;5oMOg6Z3qI?a+QFMr)1>s#`9Dd(!&0W2Q#u>={UrGOuUr=MGxs$_N8wq3<5+Ay
zdD2_@Qx^gcCTqQ9WQq74>TtuuPf!;yz_*_}O|IAUEp0yO!08+B4cE_XAe_|QT5?zu
z2y2beMj}7F7Dywtf2HykF8OMrOl~T5Xy4iEiG9=%sP=X|i(*7uN+Bkm+^O1ESQ(nz
zTW_+c89FCu<ZM?iBqgHkBDf*p@M~u`WOnFSGsEE`|8gH`fa6Tc?u_jD(0#ol2xtVo
zW{N@F&l;&saY!<jM;`MdlxX51(T}*^lK)$9)D`nbB0$>i;X~pos@^W`zr7@NZ~YR8
zB*$Wn*L~*)HD<n$lPgD;O|Jb}u1vQz9ckj_j5%AuD6QilCfmqmbiTYb{j0GuNA^($
zuO+>!H`2YeD#hnbw+I%%oc%Y7{^SeNH-(o`=LU_q#yMp|Ig>`DmYuDP<7#8GvH-TU
zShvsb_TO<svydd4VVX=jJt{)x9l!FtxK}%W#Tki=7IWBH(W)o1LS+M5DFN&(+zu<?
z*nTWmk&KX(!a$rlp8?*TtO51Ge6?O~6iDLBP`f;i|GFXo4H+wODQw|uL*%I!^%&8n
zlR)OOOX$X%#ZHekShJ5$?YTH?BfL7C;n^GQ$HA<_dYPh@El{rILikRM_DU)83$b&J
zF0oZ^kPF9=u*OI$g5OWSpw8XeY;%>k`lylG^)5GjIeJq*0+!_DnmZho^l3uH-FY8S
z9&$hgf?p&7kD!PxlenGbig!I}Crxa7_IjvUh(ce$tD%EE7}v}CtO8lg$=&sT8Zr~K
zt(n0s#z}ZO?ks{?_8WrM*8^c)Z_*ETXK?$4H6vhb*J{|093KTox0&H)dfhc1TI?*r
zS^ovko%5Ud6#fstCcx`Ie|IeV0%@uE0QjY3AoNZ$8F8Ud7d77U9i#l~XLWN7J(tWC
zln5$kU8-3P&II}BJeWE7+#|J9bN$`V=|6^{8_P7VaCS37us>jbBFhim`5=ocM~*V^
zF@rs;k=+{^*er)Mvp53RH0EDMV9jd4o%%>aCxl`opn@Sjmjgke_t%DV&UQsZec-|p
z?)Jv_md@2zjI7Ends(sZ{8=fNeagTX7%szl1|F?9`U~!7)ZT~|Zf{^^ZsWQ!3_o&1
zUJIxW7-(HGSUYGuXiGy<JLnz+pfWc=1ynK08%499hhJ8sqAzn8_ciqWXt3d+r%b^u
z=7dtPQJF$6C!=lUmqYPuJ>5>hFZkr~HE)mAQmG!Od)PPlb5AchAh>3*%j#-Q)_VUa
zZzv`!=S%04DPBS=So^1T0P_HFhBu+)iEkt1ds`e}Z*JjeSUz2c<;Tnr;FZI1s%0e8
z*qVLm&h{La&6csFG<=Nmb-i@m7gt;>;A^I37Zm!Eebhl)alYI6=W!3YFZ)mQjfV^I
zLqUcRrFbF7zHo&5#rAxu7ZCQJNNL7ih=;q`=^dVpbi?A8|H&kwy8moeJ9lZO{Zh1{
z@Xi-;*1#=U7I1u2v}Dg-&__Tc)ObS!K$Ek>nvI%69wK5|KY(s7cO)^6eMvX8)ONI1
z=etmuDuX=6rdtKbq~W~qq;rI@t{GOv^-<n>PB%cSb$%fp6&pYE_Q*CypmZ2(rtI2&
z@5QYH%&xObDco)Hx*QJGyJO?6ppr(?Ztz_1_*mT1lliC04esZov`2s(dPXI);vR4T
zJlI_D&QmoQLbt5t9v@w93q=8!H~Wbymf<F+%7rO*(XoD+xqVeeA$-LiCTM8eCRaQO
zH{hd5T1Xu0MHORn;_F}zpirXk$}N4v9uM|<`6pgQ=mtvEd_K#E&y^D56lSOjn(;BH
z-Ts)Ihf0SaNk<g!)c61kO*fK`fFlr9!!bp<6|tJDg>qP!WTcj!9cmAzs5@E${>%bx
z?t9^c6o&kMUH)og-w@a&^sIsHJX>)3bkL6FH^iPq?0@QfT@Rs9^yx|xVc6)MD?(Df
z(hj~&I*oXW@BmC(iT3EGx&dRWK0a4|!u3>LAT<bZUlGuIiapJ4gFQWU#PK3vPHM~g
zJa72$Xyl>F^jaS^@0%Ds4%y1OIWEvHc*FM~fZ5W~xZ&MVlE23pBO1aORz<TZzcm11
zQ_u!pDsr~l(XN0d@hsH><<j%iuJn0Yo8$n^fQ9(bG*UdwLU>vNI~Hvrq@Yohl#H2J
z6uO(&XML0~lV-<gvj&%unfwucam<;fhlTjx2UUO1MUl|aCJ}5p8DPx2OmX!L6Av(7
zjTnHY7N$(D7yumw)O0m>F^D~ILE6#Q*76p4`tdm9=C{kYRDG;hf^9!Knw2S#A4qAw
zu<*)){Zwd<pr!6brBepe8PBAwWi;oL!-+J9Y4nt`E6e|w1U{>OVo`t;*@O@NLMdy&
zvfRe9u~FKi+HRJ-X3d=vH_W5`eW8{KdCBX*qp?g#H!fujz?*_gOK#?}95f`MkGiu6
z72lXr095V8C=m=fh9fZyu`4SI`h~+XhX;@hwWkcB;S&FX;!Z;$>A3dRlmPoBq<Elw
zFmQ<I3bNF96@(#q)YzL!fSEmLY`D#R&5x!`=i-5&d2Z>HQ{`F*Jv!T*mK5>jPgp$!
za7NgszF9s0^x{xf<i(kU;)nWdpG#g(*I$nb1!1*v#i{#42<?lN7cz?m&Ggw11o`-0
z;{F<hJlh)a6+@KpSzr~m)fywD+eDrHI(0bV5c<nx^C@y*xX9mUnhPj#bA^j+Zs>f<
z6HoR+7Gd?iKP+}xU?okPJ_R7~AV3^V?$nEz9(k5^Z8XKihL7jwQ8AtMS%0gT)v6yR
z0I^r8p!^8=%?eu|RgA#-c*N>BuVG8gWHM4`O6<zbmi?=YSQjYo?~*ArG{u12)~2C5
zEHoa_(~k7>2knZ1w5BA%=*XxcMzcFX2fcu^vem`?wh6-aC!GwSttdjoZA4&qwR3_#
ztR+AU>7R%OmKP6#ET!x0#4!(qt)7ay>PO{7_HFuh2+Ag>s2_`|Fmc*-tjeEwPX%Oz
z<+HPohbx@aQ60pdmZRWqz6*`Vj!=NiZ?Yc?v903;tk1E`-d}7~=*%TvmvW!>rWsh_
z&Zqhmqii!XTT}tEMi&ba(CArKh9Hzo(sq~TEJmb{UrEI;cIl8GB7cG(k4I-no>1|#
z;D+XveD6!?&!eQW;7GNkl!W1d2TuoWiiPy$GEm<vrjd4y6EYtg)%NaWuLmBw>HH6j
zkCXC<<?BsfAb!D!H=37S?m)ujYD{Fd8@DKus9z_bp_z4$hm@BC?{)BX&ivb~N4ejc
zjROcI7bRj$k|o3jQ_d@k+)qNUgl5V>gOcvjXIFdCIqtb9hyz*Fw|0le-OjwAd{1k{
z2_MnwjbX1`Nmu*ElIR)c?2>h|vVnlCEpJ_?$}xn~K+YeE>iIsjb$lQPdWDrzzSZC<
z<)3l@+ZnuNEwt_S-aQ1$K%|%?UIiU3{;a>%$de#uPTM}DS2AC$5Uu?DaQcaS1M>wU
zK3*kLs+r`3UBkM)@~(r?ggd{tBKv-na<5~vrNJ4R$mmcFf`hz>^uWyzIeO<;QYr5J
zW~OLJjtO<DMqMUVVd4*jM$Nb1$Jp!j>B>R?UH_$0$}t<meINQ4AeBbF>_kTYP$^ir
zau%&z(c^585UrhP%vD7Sr*D>s@sskfEOb1TZhT``Ia4Uoz70L$_zZ-tb|$eX<$h_&
z2{xyNX+mY%p=9oB=;Ze7<NVxVTJsN|>!x8h_F=%-9jdEi8<wx32w`>!z-EJ6C2#uh
zM<lPJBvS_N$|SUMjia>OGrax;tpdGX6C8?;b^wi?$ROBRAvbM6c99ArFgq?npw#F0
z2Mx*MG)ZBaGZ9{{CZ7EI>w23i>GMt#5e||7L3f|q28~^@SEWr(-gu0CB{;XV!L#oX
z&c~`w7+~CoGjdxK^9>-~et@(M;*Qkk59R5`NFIWIUo6<?p<8t5#dVU_@I1%o6zC9d
z@0%Tal3@#)7#35v7%XSdN1Q3U^1v)YV{dQSL!m@7{RP-&PP08K1&j6ZQBSQH|DrbT
z!(){ID>W)#HHI@oRK-I;n27D4@=XyUZy<uFyIl<oP~5Ts+L|<sM%-+MJ46r6rBwc$
z^Quc<=I%r*?G|aY=7Fa5vvPuFo@l*0MQ^4(WK9%aQwjaL58BDorl$<=fjJ3V>4wv2
ze!b<vszTYo(T0*zK@$oWmP=Qold_KZp!f1wDid3UVLT2;;nbx18NVb^Lub0ANQn76
zY_Ko6;`$-Lcg!+lwwtkA=>}dzB4~op?$hOJhh@i#fc5wOycq+WU53Qo|GF-^O7g*k
zL#>0DG*n?Bkad$rAMW=$3MH`6vFKlV)8@w6>xn;6q5r?w!C<f;pY#=i0T~K{1Up)w
z`ok4y?d4<y^bO@Y;PHj6;{6==TodrUfkTIyPNmRdu+!xDG;X}Rd=A1maY0PdcAQ>V
z4>hkuk(w(7MQFy5VGoT^0*?|4`Kf-}oqb<F?~8`RgLCe6whnGNiH=T56XS63@Gidc
z><{XL1BbLvdruAbM`$*7buS7e8F6i=A{I7fpNt|Un(W^Y&FT>cBFp?8KBNOwIb!|J
z$wu9P=t@UyhqAm*ML*}nc+lRy{op&>C#TFxx!rRk`uA_%PX(CV)aiPk^c7F)sgKVu
zNjTOXIF{A0go;O4Lu6yW0D0FIBk_x)G={ki%99)Zfpnt?&3#n{(^>Er2Y<pnbw;>X
z;+h>ADud3y$wvP=fE~Drj%Gi9^U1&xX7U$lU`V*+DqbLdTZMcl<q|0gf%+u+Lwj`m
zU?VyEO{ZRa=<CsGiw;8^bbr#jIAVbf6MIrybo6g*Bb{AB8-Q^siM?xGZiJNfirt_+
z`vZpSs?ln=6oyHu_?mQMVKfc!P;~lVXk#b^Ad>8D`^0P7=pB^;`@Z-hWBPuqy6KZ6
zv;@afz1AU!SbOB0MD6w2eczQZ#Lp_Nqp73w5~u*l7SCJjjtZ)~XKyEp275RMZU{jm
zj^L_eNn}P;-<vMk&yL;t=uDr~r(I$N3KZvVg);S(%iy~Fhdk-ntd39X%h-I;0mzo+
zfM+Jm0H>gP4P{917RPqj8byS4tNXca7@j#Yg85T!jlrU*6hv-9EUCP6$0gD7&!kWB
z1~?kIq)$=6$f$|(mD!Fb3Eg+~?9r{Ced1%k1DlLUQXyT#5mlrCHSn1Gf3e5@DrVpn
z+8M%f%_m~iX*%oQHA}bSaI|s&z1oUr?!&Iuzxus$M1Hgd^&CMzia8M$O!y(1i_Pe|
zXO>lUS{KDUC-}>w;h)_L0`)bvpBHq}@+mk^obg7Co7pQc({Rv!yi5l#J9DGr0BH%=
zw4xNsH5zsD;^x&|z>CyUd9L5qZl7dAv7djie~*eRXRd&#@Bn_&m7)h|^qss`CX&<*
zZBwbWSEd$xvhds<c3b%M>6paBu~*V67Du|_2_CT;zfzqoa-I);dlx1sH%$J-a3W2y
zt6bS>e`$_OKam@m%0)l{Hg~vM&>B5(KGJRu?7iPnYlsimiEtS>TUR^CsRCb$O!eSw
zkVqmId2wiMFb%zIOFRZ3W(3pEjIk?^)jebg?j{(tiFrtK&~4zBMM`7)nnEUzRp*&x
z(ux*~vj|6nJ)jZ;JpW%{EY9v)5PX-H8y47JE#_`%KMB8g_isA#5X$}J@o#O8eKAwc
zs;>9|A!AM-=Ug_UY*8f<nP*aU7=?kB^BWi)3%9}!sHd?ssHHji9p_5OL+H^cK)ujl
zkg9j1E@Xb8KX4;$1aVJt(ranV0r{Ik8}GJ;fn80;MEgqjjLACI4!G;iBBmt7xu><v
zt1!|#xZ5<CT<$mBBN+0%sW_ctc5&qXjWV^`VRpeRZfb!TTbrcH?N1o-BL=SfR!sWB
zMlU#lP85@UVu4fK^fzpsRbN3!Yk9t6b^%5M%ieBj&jG(32WVXMk905!zD*`8cy+f_
zRZ=*X_2~o9;_54HUWzziGrJirHI<*r=%egwf~ULWBwI*Mz|En&L5~vO>}G?N2<|*x
z&R1W4ej8zFcF~p@1E7|yWW<BKJqJoILoc{w&wc;3(bWg=8R>bW)IL_Ylygc@mRVFd
z#hF>8{G_)r`8D3h+H`fw(Gjyaza{?HFFIK<mk+=yLW$*!%-Q0rh8TqbX*M~mB3(Cw
zp8Anc>@%SeHyWLTR@Gn_`wr7WT@S~2&i~XW5AYG7+MciA-G}$i4}|^N_+O%KZkA5e
zj;KVOnJF@88r)|=lR*Kd(v@yuKUW*}OM7<@zMU%mj4GCDM23E>a>kDipVHuq%e=4H
zonrp>A3~GuFn_}=UTTIIs~<Gc;~bH~2n^H}AiiHZq#0AsLf6Z1mrvLm#K9?E`iB})
zA3{j0022G#@E(&2<CaA17vA#*=uE?b_M8s{fL*^L@mepqwB282hNw~{%?`9aFS<HE
z*&ULOa&6|KjK}l-0PV{$Ovanp9p=eW>Q=-3<G^)TsrSlc!oP~H*7@vt;}=+`nOFy%
zq}%P&{H;=DDzE5{H~Xj5v6Y?d4H&3YeS0>~>`p1fM$*VpG_6xIV1cxU0$5h{+#4Qu
zuo>);x0Q`YH!uHaGL1}^R#t=kF;(8?gzlBYDfVMElis;u!}}Y0p81!;;rS9Jd?xWy
z@YoK?g!<R^DYpULsw!UCz*fZa+vYAQuJFc*8c_pS$Ei;8287p=Ydr1-aT}8ZXX~`r
zH@}B^hR<Z<2jsqp6l=}#;(!LF<L4ed)z{PF?0LU)Hq`@*P|xR__q&;%dXVKSxvwz6
z6+Rr$Hu6n<u4-1h;p(!c?Q6emf~r#6F`kAPlXT>e%!E|@_HZ1uo3ldHlb}%5N5rd1
zL*Vw&OOwg1_xB;YKX$3N|BD-Aegg3w&^4aHM8{~(^m71L<XYL>YlX-UhIsL*Pf*Mu
zRCAawAp}uK6d-{{8gq+xMiXp_ad@xY1bf~C+=16eBlIH+NAPvy67oa?SO)#`kL%PX
zJp=(yN`>(T1hN`-%A!V!vzWw9AYFxm>WSw%h|_je#u|ZXLwGBR*GAO2@_g=vq-inS
zz1(yDn~8vv=4NKIDcMvH3+9H%A<}&{ES^BDZxfx3btoG~6Jw=sMy2ccwTc$>PMFF&
zI2H{mRiDJ!?_J+y@m-0I@b?DhMe?O?^L+BDP7oM4*<2&^KfR)MN;I93D$vcjKS=Sb
z5*cS;N`G*~lBV~d<nVi7-)pd{J@IK{glD8TvP+Pa?7esEeUNSkL8aevI}(%sv;z4`
zC;KS!*N{g(X!~CsBjmjx3VIGJ({C$Aid6@Z|Bj+)>>6oQoAA5erp-P)%h?30+({>E
zE`i#B-X@POfldP4d<D^OsdFzGA9fbJvp(;s5M6PgJcsXl@p*+(?I%_xY=y38r*^I#
zPHb8Od~YWrULo&}XGWhd>L<ZDJ`!DHrz)#-h(2EQkDR@18GC7m9v_%66Q5o$fZ8M?
zD3NgSy%LnaZc!HRt7dJCP?Th-0$w!Q+8x&k*f`~ROWFYREd&lpS0bO^b#RYfc)p1s
zRvwf$+k1O|A22Fq(e>Ewxs$yPp9?>@VK`lwaU1DVhPS5*m~=IqYky|?euJaJ+ggf|
zUDY6VW5lZcb2Czf*0s^RE4@G?M+0eNE@c6WtMn4?8sEe4fK+Jk8@#Ic4;eYJUk-e*
zZYgys2Vb=SpT$2-gdwB$_M07sl17~tYv5PL{Hw-ZV^~m<whF+8>e<wM9)>BqOlep|
zGlG~~Y%i|qXo4!(J10$^45n{R;BeF%@aneVVsSFiu{F!H_=*ApEJdOT*l4SMt@<c^
z?4KK6=KCbK9+Zuf9{DjQ8$bg~C{S$c4!AFiSP7IUtyxC9@`dxcRt#JG`9MA&)!5vk
zaK5+$o-np*6V0V%yt%n5HSp9h`7-i2DYL-Suyd%E>CdKdu(`zvZ4)={YtDl!6PQ%X
zfV_1u+R8EE13PQI8`ODiOGCE%A(Wusjj{nmo(7Z!CJ^F=K}xMRob-dA=0mDh7GQJh
z3gTb>R&6<k!qtEGLr=A%q&}eRvT9{a5}L+&H6yM!8<@9w0DNSOsf0EVldUE8(U$<i
zcU(a1%G|>^@N}%&LyxMPx$xLRu(OU3LH+I9{d)xiuL(CDwJ?k0*QtvAMr&KmJL6uC
z$$G7tSA!){OL;%YSOeT16U*O!fZs9!FoA0=N}J?*WkQqOnKzEUy5`r(IR)A8(PTx{
zd+P^ptey5{a%%j61SKjaQdckW{d$d~5~<b(&eXXL*Yz+yY-PMIutu7F4QuEA+NoLE
zHs)6D<8$@k4zX_P8ypPB-6{cwRCYW0G5zjvlq7z`>RhV=5L_<CEyxomkekRp`pM-w
z4)TmfmpgMTWx~IELIfFF#8^yUlgIC0WiS-y2*oDG-S88t+-G}!7V@ipnP1OAmM`j1
z>8K#y>Q?RbNcy`uC#Kv#T7B1T&VRfs+KZzL%p*@{0-Wr>E4PZmdV;a63E~|t;Fy)9
z>jR*d<wcM=4TkVDIYr_)RSt~#51ybo-4ypc{REHgGo<?$A9<=qnjEt=%I%PzWFdC#
zHUdkKdaXd#@uDnYl5@T~2o&O5+nZ%X9O%@Yihe>WqgzOIsZ%aSc&g5e>f);N#NUUN
z#J1l1HjSpM<c1OB5PC_5-8zMhkF;>%8V_LRRyuxHJV0&K9wfODB$}{4yYvb56WWKO
zQ;RzQ?m#6R%BPWC>mKL5vu#8EYqszpY<>l{3b^O$!SEKsL(HWJUVJ7aDCzI50iSw;
zSfEmE5d7>!7j=3ETu<+m=250TLkph|*S!ep9^rf_$1a|jnNZ&LKsVq9;Pqq)9ceM$
zPZ((9>`9c%&6b5Kp#ps=p4jlaGffA4`Dtl5`*b#Q+wFF1JyvdxfDw3mqEU>YWf^T-
zbcJnOyRNfnXWt4nj8oxzWs8u&CIK$;6CZmyizC!HzX$&eA92)j4cWEVNCls$Zkq{Z
zPXMi!G!R=`k61{Hk1iz}&`(&b^oV?N5i;`qZ^rDX(?H004<Sw+!G8cVUR6HJ8;bnq
zpn0?yfv{2nGlAUST#lc7>Zu^!`+bj=G(f##K|h|4lfY>6?%MfzF3PR3HteVhi9nRP
z{7+w?nrCOCGJfUvD;T51^CQOFQ6~p+AW)xX%c$QT&?HX_#^)42o3*yulc@a91Y+0-
zsqY~us33f6r7tSU<9>BnG^P=@qj~5bUT7xQiV06f6=5kcIJYc2yDtczf%RSy*WK)_
zE5)1CUM&S@g~5{bka;dUJ0HX!G96Ds;lYjaXmnn(=FFhif^Z~h=VBwk5m*R?1weHr
zmsvnM#V$N$Jzi^bi<dMyR+1TlxCtB#Yxt2SoWq&8J-eXK+a6?Jsi(^3Y0pl0?7g%m
z@^%)VTngYes)WvR#NCpGtN7zm)zHmh*wNn<)|a)wFRdn;;8c2(cA&qk8~s47STn-e
zBmX=VVSqEdCHdpGw_S*1+;pJ{NDA|*(<Nt2>X#T*7<|}tlh4q7q0|ih*Z&5+hb_r`
zzL#K{P;QcgyJaRGBG^bMZym=FX^wD@TWxB=4}#1t;3o<y1{wiTDA@CjNjV<xh@oOe
z%%0f`bky_|{Xg9tKR$Yz?I@J|zIvU8NdjLGt24lQ7!b$kONyk2PcEP27HXlh+=vGI
z&(EK>7SC->ju(`#%&PhEL5`p|DNF|jX?M7&$f$|1i8vs9!lJTjf77f|6&+e2+w(gv
zVlcwYX$9ThU8*Yj%S?$MJ2CV#{~c^#R_%_tmo8&K<Hv6*DOvYL2hE}*g}fzIJK+GS
zM|#P;0(Bb%Dt8O%GV%kCNjInVFRhO2Scrqrn?Aqt?<H|JA0R6+srxk4t)iOGj7ca<
zN4ih$%Ax577Et-S?2tnUzXdgu_XrRKc6Gh05EIWNo=C$+LO;Go!hCnuo>3o{&28-5
zmtXksy(21nbV09dX|M*<9?q>{%JUOI*;?t2&h_Ush3f6<yj-5J-qpME7R0A$O4-#u
zF4|a5p!o^@NaS?9dvBXDr{7h-kN07|Uxn>L6s~kxs~*KGE@qg$o`{pq$vmA#p?DRc
zDSbi>{(B-JEzuJ6gnE`xEfQZ;E$)YT+tQDJwTG4PJ&pp!`(A-;0-$^=MAj`2CG(1(
zh?9esIZu&}kZEDUXT^5-#kxbGh5x|HpYc1B!(5K`yMMo9*#^)#Yj!Wzr00D2YSIPC
zvVWO#M0%ddVtJbbW@?~Xk~-RV_q_k3m>Du%FS|vnhYhhI^!z8`hd7E0*b?_Wm5r$N
zY_^2ShqFd1*;1k7T0qeNXDykwFvmu!)hl&ntV?n1{cU1?C8|01{Ci^pU-z7-QG_>p
zB~tlXbKzbfH)3(O{?pJ6SIH1t!25ha^2~bsB{3sgJC#@7tLjzkOT9ao8Q_OyDX@;}
z{3=mP2CSpD^c(uF{bsw^i#3`sIE=p3Rg&P+kvOG1TdFvKx>|r)1_`Vp!2<HX)*0Wm
zprAnj2Lj685mq&@2NrtlIP}zJ@D5@<j*NnEf4ca-Ok>XN=ZYN~J(YmdT!X3D2-AOB
zkVV2V6ECzpr%>ZUnK1)#F8$E0QEPHC?E2d}jkskL@yS{v47gaj2FO1CN7Vp;t&C0>
zRzi$hNO984>zgrM7KPffZI-^-5))1i2P4i6T0kTAN$@O&HRfmsM^rDTwS8lRHo>9o
zXPj--(7uUoP1Qb8o6te>_{s|3iB#HjP)6M+9tms+36>mE2nO`s<3{u0=5Zu%w=g<7
zZ(lh)y0l1Xj4<FXoc$;NXJx=G`ZggR7HFMHpL}YWJz_y+5jYkvh*K9LLyF)g$>XLM
z2$M#Q&!6sDFnI0Mt^p?q-dqw&6DIt^K;284B#@8KpgR|USeWj~5w}>_=gYL{<Nv`e
zf=COAZ6a-lM}vLpz83e%?QdD(5aAKz>Xnwq)s2*!0la73ysKyX^hgYu<-k%JK6E50
zf*gE4a+XqM_Zg{8-1fd=p>{*uSABHu@Th121N@XJle{diIJ*6r*?45&coV(5_{^Zo
z%!B`@MYGQbGjAZhmGyw7a}?9080nFnZ@u{8vL^ky6X;UJW5LBun{W@q?Yp_jH`}jl
z?H2;@^lZJk|4Ig4fZ4^)tH8^HJPcFB<(p<eZa+2V8T4b`>o|%}s$c=Z<YO@3sW05r
zm1t&E`6guL?D5QV|M!K7UC-;yvvEW`*IdZ5XWn0*WM)JM94w>_at#<|JZKz|PmTqQ
z^3DC;<RY!lZ<5O;#ZK>5-qF@-0dnK%qUzP<N5_}2vYDIGM{|LC&M!OZE_R2SFOPRT
zFDu9O<!@jLvkrl|1mr}!m&3ggO_h|N=$l52wKp$UZ;k6xwQ>)4zT5wEA{!TU6QBLn
z_VR6QKFPf_HHx{u8jZjmn6wAgDHz_f2Kw+8JZG(M#3OzOfdRCXliNu^YDv=PcVx{A
zkp#24YQdU|d*!gF#Yg`6*ZqjKle;O@rY8I<er8;cN^`)f*=XbKMnAVKb};JRYCM)7
z*<5e`#0v?Dh3ZBc`3}DXFBt|cvHu0jX$Vi}*K;m?*mv6|yb#+r)_-IsG{0y7lKE5~
zz%T5I|3MgyDGiFa>_vng8R1tuK?tSx!-tSNJWt=_`^d86#pxyx&CgVO+Gt{rJ4rUj
zssoX6VIXO#Xyxxp_EtN2-Sq%=kqm5C0?o*xko-TH0NX&tUat(|vyW((%olBg4jfW1
z%*Fy}P!SZN1Kl)o-IU=Xsf#lY&+GsZ+`sk)k(Zfr`;9Q{fzp$ZJGvLzymb~TvaE0_
z9MSQB;Ozv3Rq^yaJ&Y&IdW32*In!YUO}}BCS1_n1QW1~o@#wo;I+^XsU7qGE<kG`C
zMFv6-59h|lXCC?uc0M;>Jj{zL{MnReTRrAd?EkPTWZrG`3Sb4L)zTy8W`FD=Q%eg?
z?VXSp-CoXRQ3YDOefm3sX2ZkHqgJ@j<$2wEqq#L`Vtl#s)Dm!u-#h&QUqdyYXMdvw
ziu-H!+Ggb&QHL8N?8VDPWN3%;%Z=-N2Ma-tH^7^<9MmnW9~X<_DwY0Nc~_EaZ^d&S
z=R$o7zuwIC32<~nP>`>z-mamXeyZo7S*0`Q&w+G2dvJWVQ2G2QVtGc2JqS8PFq~^m
ze}BfO)%xag&!=s}HdZyIBDK7IqO%YT@Yrz$B@C;mVv|L4JeK@e4AvV)In14rC^7nC
z$ZFt=xl41q6A?;Gvqp+)cNTP)Ok1h+H^KvyUe{VtqQ3}82FlZa>%JaLre)DSGLrgn
z4p>r%z8P3ibYI}xXb0xzZ8oG#+(yehJC^nC`_3ia7mjF;xnE_mO$u{tHlKS$+jaJA
z%b0p(1Uq%2Igd^26ZKlIFGrFms*<XF@9U>-8L1pD!3U6U_mKR>H_|GE+BUZ0kKzCW
z)foizcX{K&KbwREy^pvocbDej58J-F@y{}S{~`V=J1CYw;ukyE6vWr%P<53bL5IfS
z-d4e!+K9hnR<E>5^xn?#>O=Nc7R@uPX52QHs*YZcHI7@}e-HJTW$vOn&IPJ->wYWe
zU~lj&iM^xvSq_KqqW&OwZmn$_{>>WzXV0D4y{5Tm5{>AIU@Q6~>71#H;N(MLN$DwE
zq-eOpa%R0yzC<2c*=;mjr0tN@iXlg}L@ni2SO~hcn%{1p0j{%=nS!XuXKp?^<RW}J
zH-W!NiR&m+aqSm@xMcZr7$9X`Ab^y``%)-~JooVA-txnrZwh%9V72PIZ>-`3iv-fw
zydFEOteQE!;B`iBGd;Kz&^?d9=Qp3izeU2a%liY1HiiF>PMb2e-%G_<&e))nc5XVj
z@^T&(c=h8)tQ;~;r(q^^NrG*-QO7UFf|F#^4ONA~Fw#47YsW!j@<;<ASTM}_3+)Zc
z$jKc7z(AQX_VXj|x#8}{?2r)#o6B7W)!ZQvBhU4<D1y?)?5Z}wTaq%&id0JzQNQJs
zWe&zz{`5^pSTq`Wk5M#+j&?4ly~ydG0mtt$UFQ4aYJR|1Iwrs<OQCQ-Q(kx{xBkV)
z%`;$THJBa@dQcbmluV)_#*v0C>McD!ybr+JxWpCQ0kkQmKOdZKls4JEGEjqO)iKhN
zeigMIs%0Nep%A8eQQvoOYTNhpDX07wq<|O+iJ-tM$VY%l0!>>^LBAB}p0ID9&zs&r
z)Sg;yS~^~{6-fzGAh%4rKD4Z+yFg?v61$ib{eNPT%?wQ}0~%m6<xwO7QU=wp`OU$5
zkGF^DpPWs=32!itt0u&RmtX5llf=x>swYPTF-TFN+)@o`E=6M8L{Ogu%*FUM<NhZu
z2E~a>*bJ6XpqwB<u}vclG+%Gwz?*fU73aXDR0>XYX2<=yo?p&3MMQ=hS_<Y(t?V-R
zbz%+;upWLpeqx^4a?847;iUFBQ)@S?cIqlrzdQ=%b7BClX(7lXN{|;dpY|tZUlYRF
z#Mz(VW$81b4kkDb)_1YW9-f-*h7adDsE!?;aw!a)iZBt7y?AR6N@wzq6~Sc@IHWFm
zc4-n0VmFzU#|1fl1ykgGfsz9_O$OzmZK<HcO}~slNtXufCb7%<DZ}Mp4;B<U(wYKM
z54=?wI`xmLi8LS%R$<~P8Hb#ZaE1bAjWs(smHD~kIY=9#$EN=c^gPt@#vCpYFlQhF
zQu^uJfW@JvjT@3|NMI*~9Gk2<Mv)njG2u>w!%r|xY5(6z1;C#fAJ7}v`e~cNp=Lnp
zT}EDLB->QZKoFvQ+VWrZL&O2+4Y)6W3u)nuo`$bIN-6s&4Vq(hecD`hEM8`z5NQpw
zy?KRW?qf<^sQcpq3U3TJdZjNt8GVBr)8=9t29!vDD4dX<o6Vq()J}bKfJ{mxL2CCi
zoK8R;A-q0-YkiX#<Dczzok6aF;FInZbi)s2n{^#>H4h64G}lyAUVpQ*62r=SEJoeV
z^eXgEi2QnJD+38hf@-bo)23u(G|r+q3z8wXP+@bzgshwae+88)*|VvxDyc(VMTIn5
zD((L{+=I5PD)@BVjf~*e?YluRjV7)TfajF{+c)5hn6fqT-tNRNU8F|vbMCInnDHN_
zsujJG_dld>qY*U*F3`ZhjD=?ptpP`WXp!?Eiwrg%B+|h8<&9o3TpF{EU!3>Xpf}i#
z!TomtL{~-7KG}m_8s_k|_-bCi)b>2u5Zs(vR}fxpNRp0ju+y+XEeEgRR{%s2_nfMH
zXrFQ_U#7X^&sYmV<p%4RT@|Mf<xeu}lp&RDvHlk_c?)<si`v|SUWNz-oWhe7-I3-e
zq?N>%SacP+`=vHw>>3*Wf4r4#ys4+hIrX&o5m^b^n+97yL5K(2FLL}LZpPN*JFSlD
zpMpW*z^ZhyCK!_pxx)+qasf@zt8&}=`2YTc&IROa;D0bG<c9yjGeGso(K{^3<m<)+
zM<&I~Tyi4ph-|P*GnCK{u5{j7-$C2(C1pnzoLCUlw&1nV-uR_l?9cYLdnj?F7iw`x
z7u(Yg9RXs>tn^{eW}2KEEto;H?`&l-L0gQ3N0%2ofPGUG<Ui9U!gXDZ0(BFlp{E$B
zS&WG~=Ff>ObTiyuQw>InkVW6Aymyec5lYhNkNG^Q*1v~Iy`GO$4X}ycdL9mfdRv7X
z9}%>@wY`DuOU09WxW({A?gv{$JEa|$?+?(;*;F0$=&HCUX^iKIP9qom=)V+IuTp`$
z^PK=_27%f9&@Hr@>P{?@H2zjOFDM(jIy!>&8r(eYRY>ndy(HLL+t}`CoQ!y_liiwm
z%MV-_{SEe7wL-$fA=iQ*6Y~l2F)=NZZLII<$;l({7Jk_#Dl{7lQ#+<WVwe$taR^`V
zxqyX6IL5V`-ehld+yc?|6z;Dl2*`9%6naK|VK{}`bK7kRy^w56FA~>*x~<rd5gMm2
zO?|J|`n)V$zg*JFf0X_!%QQ=>KhA|DMG$C{&|YX6HRyf+3>0b?L4Be1qsCq)$1&-p
z?(R+Iy6jG-29UdKs}F&*UZXCcs~?GhZAEN`LH+xqsXKCUO<}xK@_etj?e{)vmnQOw
zOfr<%6dd0hS}4|uH9TH|MuGw6<Q7p3eKfXr##WB4J1we~?M$_daN4T{!$dc~2^@($
zSYk3D2Xu;{&i<OBbp0U+hBpdS0fEr1*ka<QXxfb2xOlH`v#@}cqgv;OhjYxNhs$lg
zw^zZ}W{hnBzKGKUF~R0GpEj_yM!=acJ?a)@LG}X2TFW#;)b)c4P9$KU9@@TFwNtAj
zqHWql0&CcmE)*;&h}h6BCDB{cICbzuSx!)s{C{jg5DsJPMevX?P@CzcTu2u87IMeb
ztooqb821(8W)xa<w7uFZnDWnq6J^VY>Q<NpD2Q{G&*Qr~G^>PZQcc$e+~qhA5F7}Z
zFk7vXK>@<Dgo5%5aekQs=fTiiJh5M(Ziku}I(f!bKSLzgk32tLR{K=_l994sS+q{K
zQSgHGUrM3|X<NE>Y@VGd`f@)^9HNG1$h40^W}<$A&bTfeM~N_95^|afC8SC9KhNI5
zRscR*LIn8iFHskgfoZ}Hd5)_&fORLr2kUQm7hv`YB%MtM=n-6rek*BWK4CVtuVB~9
z6$q-h=!z=}D2OWs+hwRn>b8`)6;uLZf5I<@&fJ(;r-%>%CntWd9#&2mD=s%#WOp^y
zvB{cC2h+Z+X20%h>~5j-<zNIReBb&B^wS4vPsmp39_~aR&EBjDKSsbNjZ9byS<S(t
zHX*6=%1BOd;}59+2^!c6ShkSj=f7r&Z8L2pcAMmJ1WpLKFFZs{F@45d$V&j2sQ}DQ
zj(w|^sMHX_Qa!(g00AlkX~Br^Zl#iposkdVow1v9=Cl-zi)V;Y!g}bHoQdoyoZ04Q
z=bIQ=n0<gUsC$PX0f<^VWrW)puY<7sK$btVd1y>`$V>z^&rwm`G1(*_<w&9*%@VqU
zRIIEx;M`(I<5ovTK$=oJZ|VMJH9HG(T|NL()&sA&QKez3&{Cx3Ti}7Mno6V^LY@>l
zlPA?i7g<5bNTEjwrfO+==gSE#C4duf*g$(_7EL?~RypD(M3S`6u(A|UEQ$k&IE}o4
z?o`~<I2E%0p|=1y{R`^0Mr_Pvm}__TWrPV0{B{7Obw*w9m`~cl6)|!kHEfGGUGLBT
z0jcum=b{7Oq!Ivp6LXQ7NXh<d&KD(WeQ1QdpUt5USIKYppfP}mEqHIo0l~&ecQh^7
zu3Eh&u*34<)Y-O(*)4FFJ5L9S&6|+lZ9QR`$Xk})<^is&3~6K0e{@40$oM`RISwqc
zr8oVM0ugGokv2Y4D0GIATUvDqvOHFiXHwAM5ajs&zrwgb7y>Kcp=a?0=&w*RM2^V;
zSkA?Kb1mQS(Fip?Ijn8r*)e|vhWe*thaiti1br@0z?5#nD5~~VxXZ*sG9RdU8u|Q)
zUDj<`o;VDnkTPM=>09?&8r<z`z`R26$3uWb%s91?X5A!QeADK<4kMjNO$QBS6c?fl
z)v6wZbH$h#W~V0RvfZ=<{Lxo{KNAT%QCJq=rjQJt6|)9Fq4yF&5X;=?ZQ+lev9=wD
zb?~H8P6g^|XHTCip#l_a2UCq^D||3i8mD0OxNv_2Px^tIJ5u5b1N#pDh%zbervVIh
z268yuA2La6!Wni8aE$xzc3oif;c7=7_}B3TFii9#SJSdV5w@J<EPqut9=qveX+D8y
zaS?ZPfWMied6^p@F8rRtJt4?eGTjrX4@7aQSXXlG6Q~_P=&Jl)w>x3=%>Rj;K@Y@8
zRkf0*GpQ>KPOH5qv5o=2aRw{mzSA5BF&nGJHxHmy!c%`kuT|SCf=DYna9=&|gQD6v
z+lvyOQ~Yk<{t?D!lUe5oxHgO-Z%SC_57+=h&^FIzcL!OpT0gvTFq~Uz>ASch2E^3{
z<2Y0QHGn<BBoEonyrV0`R^?yO9}mW?T0ftlKdcb=1u<sd)qr0R0DsV%hb$=LBG2xz
zSyHKrMD3;5blNnb_Jg;K6?5)zUy-=4Ean{wGc8K8z-7{`X_kOL1u~L!cr~=SGOw~w
zjk?LlZ%^soHorOE!nIr&I(QBo3P8(lmE``5*Az=8L*zgCAV`XFQBXu$h+HNq5}SPr
zB8O|i>P{KSq-NiMB+|_~N|{zvuJO(fng3)qr%>Qmg!iZ1c%Xb}6rpgI?!QhlW{yiV
z+P=A~y;m$>YPLQmue}efx3Dxt=36ua0&D1<UBpPs+;{<_?e<1RT8N1)G_@_}6V2+N
zak@oC2?|k&mG<vX2tIysd6!r5gl-dIq3S4FBX`t3$V?kZ#n1$-`qZpCz3)zqvybYs
zh&M2T%U(+w(V_SL$p(!}Z=0o9eVaP#!y|+FGsTCt1ws+7aiB*cUN^{^XRUl$nC6Rh
z-)LCYAB_OH{!_aBz332BV)EM)Yoe_%ST&B+&&-INU-6QRk&0)YkB=9w77n6KYPdlR
ziZO9tHkU{+i^NI^MwE8#i^TLij79AuHB<0qzVM`>-k2`4$}f`=U4wI^hqcI73tmJ8
z#+v$l)q+@CKAb|E$^V*WP}-|tlqec&!5>|;5s42dG<S~BT$svNx;z|oLg$f8d@Es+
z`Sp3qyuz=me5(;LKLLL=MqpRsdp7IKtvaaYK5_dSFHLE+buOLt<gRH4golFnPwkp^
zb369J244;u1^7q>9jMH&a+#^}iz%tGnnIAqqKcytMG#EbdmPakIt<wZDB=0c27x-k
zH0CSjF>q5M!ix@#MJZT;)3{P(NmS*`u;}2%%&*p?l*)AmC5=&7g<*2RVb|B;Jpzcg
zo@U!3_sVjqcjX(ZM@20iZv%jrvG}5MoetTJI}FsI8exY**V;LXK%P|Pr6BeJy-@Gz
zfr%r+aNK0yH&7bD`VS6zH4Vei44FQ>ksV@PJ=*C(`YYlx2alYtlFteIYE(5!>V@(-
zSUE+9E<!S;X?WlWbK2W^PGv8S1w^n?d<52~Kg3d{I22cm(l%@`VRnj@dM@c=n7m=X
zF)_ti7<N9C##-Bxb%B6;9|0V1)*$G07K!@a3GI5e&{|}vhZtU@3P1ViX?L}}4bVAz
zl|wnb98^cW<IY|76utX%x>#~N;FiQsP@s<_tGt5}k#M^0bbI@xKA{9^(OvP+(qNiZ
z#<>^MRQX34d8^KPPaDaYB&WTDl0kX}yzR#&cfEsBpuuIqbwuvz$_(aw6+_waTcDxK
zqf35y2W0_2e7{R%2BQPikIk^^ODx!N7!Km76qin<i9V>$KDmLBJ7JM~=Q0l{gcc4{
zMdtPRJdCyDTuRNIe8MZaQ<&Pq-c6?R9E$NRv)DH0{I*!VCJ#*v((hi%x&^ZtaoasV
z8nKHF$}pdfa&q?GBzN|{O5x)Fyj!AEmo|cBie^X?5f;&B_1zkfWC6b4AoH=nD$A(p
z71uln#g1~UMoGW4Rx*Fx&?m%X0|BMj-1$TXcxl@ZO9Z=e3buuURW?*p=i+q-+Ek+6
za>mo$M-SvwCL6?+-*h(#bi0PX-pA@nACMmqQ6Qx`kRRNxru-xa*Y!dNo6a6;lu=V<
zYm~wk{F}=Ff7pxxe4YE*x|IXSW<I&gQjjSYJ`QCJ=(<JWTw9u^{m&f~3yFG*nNLg7
zee@=ac=aa6qzey$diU@>XIP*u&vt~K>-#k2;8-2g#Kx;tOpgR8<bnZq`!09DLoR>6
z=Yhp%t?nGEMUjQ8pT4Y3>7_Zy86XxIZS&5f{tn=Ar|wDMyfs2@OXMIqs{X=6(gXz&
zQDX8*ega0gjWUc9?#j<8bNE3uAY)FXM?I#&t>jHrER}~)R~S#yfhJL{?E5q&Aw2T!
zNej`D(pVIzuQ@$Ba;4sEY4@y8koz6N6fJw((|i2ZFoUXWTX^YZFq10c3g9=%8oM;z
zf|{-(Hiz>YHwC64Xg;*0^vQp%?oRfl7!EI>MV-1pq?y#M#Ql2@aJtOZNsHYc@Sd$8
z;62urpd+Q-N{t*O^p|YGPFoO%fWy)?c#?zJh74HJ@mUVbiBa)NUkJqmtfFxyKTf&y
z9Mcw7J#GX5wn!!$W6XmuZWn};yjTT6knRSu;=y0_<ZH;EX|fT?3FHBIQYDX4e!&C^
zI;os6#oPdMuNC)GKfa3jl}y}lOQaRH;g@f3d%IAOXu7-Q!b}*_eu}4Qj2%oL{_sWl
z<ChOvdZ^qa;umz$;Cy>Ta3Vx%xL1Inp&HHMWlBVaDaSk+;uhd3#6pfFNg8DpGs8E~
z4_RJps2OETQ!m05y|Ew5*!Nx?vUt6I1$b^9JOdnaoV)KnT@|G<8F`qD;{0X{)fI!$
z6>-*;kFIvBF!;}*6Sc&$>Z5a~5P{<Ar@;c5A~Fd9x>r7z`v2t$dP$NMq>Js7maRS@
zE$cf_>5GOH+xegwDrfHwC21%;0H_X0HvVU8%FOK34+GH2&=6qw0K51nnsMRY?E;wD
zCBL*it2jfmxG?4hgI=uukpGw2%rrg%-QGu+o{-YCwNbe_$(u(dyY6Qbp0@Mr4Pua^
z*V19Aw}zXu<i)oe35xn+>@RxHtEosqr>R&&Q+GxB;ir*?HLs<H96ZPrTGJABm@<?m
z_huMOS%Dt_QrNMW-dPXCHx>00UkKp;66_h2AOpb0n*t=*o$6JWlH2gT2}*Z$ad8;H
zgNXR(;(cT_BE?`e<*8ngs1J+%&s{79x|{4sw&FxY@;YcvDYZ%uwBaK0b=;xg`@!-%
z&#e~m%k6uq2I6RcnXe!j9})~5Fx4Ogeb*_dly^t0wD{oJIX8FMo4HxBM5h);v93l8
zcfq~SS{fwnww}5Y@cX0Yu2WV<zci$NTs6it%nSA8FbQGe2#g^&$yh+J@T)u(&iE+<
z9)yyz67c`#=jz30WwZmQL1OOY*CTb4OxeqB`wkY;`^8G;{R5!5o33Hcy()_6<>`^&
zitlP=`BiQYf1ca_MWkxM<Ix+cwcZ{umcFrvYjA9}z=Qhv{j$74yL3u$CS+l)p`p+m
zwVRQ3>FhXham|cW>19Yqdk<MC|KocJuTS70u42OMLRuL4I2zd>(V2o!OyDS@bnwfw
zG>|_qORJ#+*qCFmS&f9L70{f7F_+KLLN<9_e;Gg{`)j(GvA!ley5v&=O;`Sq(`WzE
z?U}CK)r79QMgg*MWz#N|w$m=HffZh6)054B_#ZYxCAm;KEFe6CU+5)Rt-D{x2TA|j
zeKs&?7!^B|!B1YtYR;uoA%MoMUxN$aW>_EW5Y>t!^Tr{ofH?u4BK`lXW1pc14d2#c
zB+87%?sY<?750ixkzkQNnU}r2x38BoeS0=K4ppvuq-yclIqC_m?Rn^&G2v$|!5Ls6
zo&$3|V|Nin(X#+LG(W$HqBukl??Z$Q&iuG;VKvd~F~A7U)pc7D0nkLm5sv#aSh$)t
z08jlt+ecb*^P^m!2N5f<a4kPbqQz42Ss7r9{J7r`Zt`uof7+e5$>Vi9I7d2I^ez5^
zDb9oCv78DUQ1P2VW>R2Bzo4glRMMTD=a$(`;f~%`aUPpq<2GmC`Fx;<N$RGu;xM(J
z0{fdol8d3i2t|ic&P2)B9}ctMU%tB=+`dz{D1Ye_<1sSFJ(a%fx&vB4a~0{!y_D^d
z4`CC@-Y03CM&4^B6>Z${^$1+^%<3P>L_P-5Cd0#kQGEGYei96yeG;QFV=;fcG3VF9
zeBL!uEcQ{kqcxV~xMJOx3%;@8MFdxL#hvWbsm^*f*$@Vd7*I<Rq5gFMcH;nV2F^Ti
zgW0UB$@Jqh$1ZNZ=U+9tPLSjI=pyu3l7`m?AR87-%swj-*vh@0kOFzCmp=Q6)2>#U
z`QThNfznRbH2cJHlZP^($TNLe<@J=Scev+XPIh^qUp~Rq5n^!Xw-xc?)TX^G1P1j|
za_&bhb~f%xU^xcV@1USNUZS;-5MbxW&6J@^`hJ9m<`@pKb$J%3{nr6vW;n?VAHWy@
zP8YIxy(?#ieDth1bI~J2U3!$&iJ$`QaETOV<^1V=9U?2ykV-|qV}jqYS57W^el<~y
z7o`QD!lR9Y5Lk|mibwUcqJN99A`P#RE40a8+EvGOY!`H%WBe8)X3wfEl`R%{QAbmD
zy=;8~2L6u*{rDiBeJ<b+@<1X)dXaSkiEwf#zm;1N`b4nOr^o5d-CfmwFKVe{#DKD1
zw^?yiatp=2L06E=cHDN>Gj}jc|FU2BE)c?(Zqn`^*VY7FlzroI=|#@^n#=$TMg&Nv
z@Wv^|JC0*Du){O_9tB*mOLK1&5b}zAl7^nr?En8tB@7(=sPe&j77yrb;5NoJ=MMug
za88*$*q+3bve(&)B{v8No8u#Gm(HtnT*5J(4*F*7wXO^AgG-{1L3<c#zID`QhT+-A
zOx%=g-kv_M;t`MAcOCaB0NQn(h5>B=_q(?P@2MB-qq7J7rXWxV63<zebXdZ17=k~-
z{QCz;(Fa(tt$2a<P(P(8qQ;FHHN5AEcsgCs=-TSboq7uakS-X4|CeQX5G+C<-Gm;1
zWCI^egdtGQf+x&*v855<7Bqobx=6(3v{Z_Ussc<OP(5~Jtkdr~Oxf%B`f?nFDy}<0
z?E}${qV~6RQ2Vg(qv#L}m>5)`4pT#it;1Iv!XHL@xOMfmDAbdLo4$9QX~B;Qm_-$$
zN+l{|ySadjqHiFi<eNL+oF$q;mtM`pgK(Y_D!+fbx8^)ev)OymYF|9KbuMP4XgJ1n
ziu)u==DOhEoBV3uFv<M=<O(`;7hSqIj(j9}9}bKZ(E8!iIcnForqMHMldiWWv;88$
zMRPU5B0a-r=>M@_pH)5C6r%pvuQ+?9N3)fWfds0x)b&Vrp>g+u=*rZt+RCpdEJtO5
zvTb%-w=F*Ood3tvRYyhDeQml^x{(%<5TsLD%8|~YkrtGWOLvNdq;z*lBi-HI-Q9d6
z{`CF+U@g|HJL~M(XP>j5{p`3nlNuP)=h1?QJp+k9&D)QQ&3+c)WA!a8y>O(LJR?a6
z6bjLB1c-^}aG>!A&d8p2Ar*Sm0Y2*x#j8<<7dulrsf<Ro+RG>{+Q2)@KsrLgX+^RI
zbE^(!)ZyO=PSq1$#9It)gy;heU3J7k>3VxeScsH#EAw3*cH@3r2r+iS&&FZ%I$*pN
zI9F&2tksa|z1#)NqK^+#1wDZ}s|lG|`F4L0s(j(0qo(V!?AEUi$n~`2BD;kbH}n$e
zZSkt9R;OieS_ZQEUMJD2+(-$xX<covc~jv&0RwK_&_4@4x%YrPKe4-cKAHw<`l?y%
zgx`PI+dg5RwkKJZMsaw4xFu>@%?{E4LmwTWf|)R7)a(JpD91S)<h}#*_~vwSP++F9
zee(Ky@FLD9S5M~*Yx|4Ej>j7`*+Puv;Qfi)rt99_$5mya$2132d=dd%D2WcJMIP(X
z149#6%qn9D%%V4NEpEQj5m|BpB^}dP!pqzZnb;8f7lg&fzY&iKnkydVg!gs{Is9u+
zvG5p>BWk<Rb=fiQGMc{kzzo%(!R#+K`%tmdH2E^se>Xp-INlwt6%qUafVv`Vb=<6%
zsS8g6@lVA=Vpq2i5I^;_tLzU)P{OslPBqgwq1C=5(<Z-38nTlTy>v`=70(PymVSOX
zTM*(O1HN|jSiys{vTF<v3__wv5phde1`N{hM>;voBn95e(^dtm4EWVJG^txx7wn<m
zy?35Xs#V^~rO@HB{aMU%%c{BqQ>Xv_AW_x0I-i{Z@pnv_ug%6_LX)74{GR!vMslW8
zr{h*OQ_QMyj6bOFYlVyxV;QT$zN8ikTF>8~&0A`I(Bx^mGsso?QhgZ6(C!{FnT{^-
zEqSS~)9AM&V~{`;B`##IlV98{FsH@PIYd#tn>k?0q5{TGIDZ!!ef!dR?B;q!8cakd
zl!vf54xR4idYf}O=`g;!SkF?`pMaTuf#&8uQCD@XMeyZ>#|q*GtOSKr?g|IPN2&!W
zq!$I*F}*1X<XXfM?3n<okwiQjeAegLUG-f~?<Gt7Hz7E4u=H<~=}L~~DzE!t^EMG-
z2Ep87hfC+aY(`E&$?oy^@DkHL9UMJ@fe-A)Y+ur@vG4=0FIV{kSem+2=|gYzN^ecU
zyGrAAp-U`zKeC&oF>8+H`S-80_Du$?M|V5i4-fo7fQ)?7USH#OT9^)`w<S`m0d2ZE
z-SG7FuSO%AI9f6VwdZ$Q&OA5;7s21)ZC%OMlaQV*1{K8x6+#{-`4bbYt$$iF@=|kN
z;(J&%PGzor)gJ46)moQQbv8{jU$4-KPF|ND81Jsc)#|!%B!Qt^c-oCvhEj%!xbD9|
z2T%+LhQf>poYU<-$UU4L9NKmjGF&(}Jj@>`A$^YwZ*wbpsqgo+(+bb^?Y~(F(qff!
zAfM96qVg16kX)x|l%$2iot~=ka$By}R)*HQv*BsFp<uKBiT=8>hnutElD?EG1l}+o
zy#S4d*I&CmnqAU^zMW<7rZ1)d>SMQuc?S1#177ErjSKhEJ5%j>>Idg|wTC?l3-a~#
z%(t^yhKpK(#?<yY;|1XTVC{7LMBX_f@lkOy0Spiab&WG=+DFOm4I3Eo-e6AYlUiNS
zgai|FS=_h?R!K?WY{)4ylJA@F`rN4<n}9UEKNJ&rI3hXy`;1@#Kz_`@vokP0i(ej>
zR=|BC{jlEQvTEGp((rmmT^r+4dhe%m!vbG4y8CWru>9q0onEzD2<)tA)>g_G-Pvji
zUnyuiS($7$slsdi084~Af!oMI6%M`ncidGc3b)TNy(drk(GD9m5{buqU?!s768m*B
z;v3X>PD^j*z}+FBcF}^dYKDyJ;~#P-az4s)9=U!?zYgbITh}2i>qQ-oxOAOjqNehK
zlj1!u=%IYZ#$C-KQ?Xs5aniW(S5glXz@j4BdC95DH$|XMMrCApnpJQR^lkYG>DdK*
zBcn|iN6ui9LB+<iJv%_Pi?)mV+!4%RWcszzT?x3=PV`EKd`s;w`=+9Rs6ziKEx7Qv
zX2v0!DS&9E@Ze_a(gc4$wq0Yqa5rgNC1BEhdG9+*>`CVs)3D0f7IHSZedB~Of!!Hv
zTPx%W*9-86tm}`=&s5}H6<{!smJvZ7Hug?krGm+FgmVQ%e40_^Lb##_{9BiN0D+uN
zDlJ&R^`bI2!~eyCMN8|Xp1z6Tjr>Kid1Z?w*QvT4T3^9M>DjyMRFz`aPQh;zb5>^x
zmiL|SQb<N~^<s8!hBkYzZ=J_&c{m)kDvNi06Op@8MXu!qH?O7~?i+?<HXp<U9T=s4
zel<z=Peuqd?*hsV+N&s`yUQaDx3`@7#hL0ZYvuH#-31J^a?T1(V>Uov-$=uBoJH`r
z{zXeD&#oz@u;NDAMZ6$blTswr0!L(p7pDJy_;8SErW2uZciiFZ9wT0WT(~X76<<fy
zLA>wN@5lj?M(qpx+Ft^vA7d;Xg%nwyF@OUZ2Mn-HcXP>#*)_M;50tkB#eEMd^z#iM
z`d`35rLU_7qf|RpVge3%M;v1|?fA_6^1yD4NL^>3bH9VOXWQwget#I)z+hv=4e?H%
z%n2Jfd`y`^6S`|PX`Igkc+`WcHOW>?4R=e%wU0UGe*2C>jN^)Q!*X8FY~c9E0gTXx
z=~<-#dh%)}Yq7qOoWkAO?ooa?6@N$KnE!E(ius7J{I4k0GGz+o#~m8SbK?a~J$fHp
z9)x4EnB=2VwvuzxcF-nudG@aa*09J)dw3tU9gEAf%?O#ZVSCS`=(EpSO)T3~Fi^%c
z8iHQi3CTx9JvLEz{sgE6s$&cu`%CsHj8hkRE9f-?{4YG&&+Tu9qK>e&#2dZ`y;^RS
ziaD}jbi3{InUupmi3^NDWU{Iu9p?%q<>s)N$gqn+40S^kY#t-|2N16a-&;f5L2qX+
zuUZ_0pi$t~z9AC~7%{y10nNRGoz4n!)1G$c5e(S@c(#XgB|TshY7^6`+3N7M+Kb@h
zv{6~>@UixYFU4otOk2h}c!Hzqjrn^t@bT2=5JY}l^zVnY?GgW7ERq^=PveuyLe+<g
z1qIhlX`#ZrO>x9Isj>4?<!bN4n^oCE;^+^F73<%XXSAhplX<_%;ZIx>AJm_8I$Q!5
zR!Q%MCpJyiJ45=46CihA{fSXZjtza?;`s-6VT|z<4&BCcv*Fyu8wtEO31){q;Cka4
z)mGrPUn)H&k#_;l8#R%Q`w0=e3TOKXW$+2w^H=5ffO2jWwV0kFuA<raap@1`5*Z@T
zZ4V@q+}vI@6O#TDeH}m~)cT~7RmuKJVQgLhnmxZl^C2i0)ZM}=j;j7)Q_u18hkuXD
z_RM(E;9%N^mwCMrn5qPg>O|Z`t5!;=B~eLwTu*B!h3Hj7wOT<#*BLpfw529`XY0k6
zaw}-6T-p5^$?7r#tx3OED;9tRNsuSG7@nxXu5Q>VNRH*@;mmh=x*c1{yN;A+l3c~Z
z-jp5rL<N3rl0J<ee`C7knXo>$BtH-bo&ft?-ZtXbyQvr4eB0@K8Js;Iy3LuVtT<|9
zQj7jXbpZyoubRJT3J+P<?~6r!fnRl+D&xl6QLt=&cEF`hKa+u8&^<2Kt^#=u{oQXq
zAK*B-^squ5cvoVd1p%m9cW%bf_5e6iHk3&gW8j6w`!6Tpg@v4VUS~pL<+B&2V^w@S
z-3!}0<0bdK`Y)2jge(pRBO1wW1nmz-Cps%g#+Bwu`O2+I-axogVv2GrXybVpFT3DV
zhVZXhx=tFCOc=o)-LH{XMX*c)1A>@KffNjM)?I{uaQ_Z^7e6sta9?&6$F7F(v5#@T
zqlrqHSUrwI5FY!YWAZxYCPdoO`tuutNn`h5<RGWTyz&=?jf|$Ls?9aXcxH8>I7OYV
zq~im*7>nP-y`M;?%eZh<Rtf?v*TlhuEYsi+JWxzeuG47V_)ni}pdQ0%UsAkxKg8VQ
zn)@#=OudMC^>e8JRetbH02CX1I9M=paQl*(ofehC_0j4gfBphjx=QW*l8Rxq_+qDs
z-ELf6NZ@hRX<y(oPu?W;O}mQT!N?ph#q7l=#US1sy2pY=DptO}Vu@<2mc4;QlBa;f
zxHD1H1K_FlSel!mu_~uyQB$iZi^9AM8JEWG8E%kj%~-Z!5~dI5;rb_5IVN|thi)eG
zYd(ln(-5hw?9+}arUP3H=@q`I=G&z7mo%J*9d7LV=7j0U9gbI3Yee(G!L+wGG~$gJ
zz%1E^bb$&JZ0p!*5PuW%`Lk>Q4FtW;zK~*85F_-%UJdOD(3-TBqLA+8;@|eFK>ezw
zb|}S)r#T<?oacW=yALbH%)R?=jD6mHgEps54`a=*%TspZ=BT9Vcp201muWeU?_w|8
z6@_a}{V7J(<No|D-=XR?-eJ8N*gB#AEj`QPg3}Mr!)}wU^=m=EI;5b*@W;b#=itI~
z^VMamwMkJ7$v5w=%BJ=%T(=7`4mIRY?1~uhUQ68CF1S}JK~K770N<|l&C)2FqEL8j
z8$b1}GfU!mTbp3MCLBm_WSi@8Fh12a_?>!Vjq7Ls`l{u<1$p=gRiCIzfNTjj+J~6U
z$UB9OI_`eQp><sVj9KpVH=>iLmgUwxee0E5OVje+u11_NZ=!RxA8vwM6fY%&J?99j
z^f`FR_Im&PMbB9Ou^>JX&9~N?cNWJLpsYo~;!7E~%Dl_Ll>Fm$)P~xd-ho|((Q|er
zH*D_^Vt>qFL4rEB44av)C`w^Bil1Kyd8zForv#wpk$_e#r9~m^eg-cOp-zZs?Rr-k
z^!4W8nZiEv3`nhkz4_Ppk;}Mc_d%3x0c3x#E)XsurTwxxL0K{p{6M|ec?*N^*o{r5
zd;qFu6nR(6D4Pd^YyB5c`0D~u<h-Ej)V8G!aRHn6ZuLEHvxymEzzvgb4O$kE*HH^E
z)1-A_=0dlv91$Pzm%8EgzePZDtI%0oYr`;2N6cmXB}>y*PjRkIXH1pKe)42E=043`
z;DE@c2;qm7smssIud{?Hv))tkh)I#eOj^#<N*8idx<H=!kFoF}qy(1HBZcyqJCQ^{
zKos^0@lH4+e*l1G1`nBtIT#%M>UPfMM&`>--uZb|(`RL0C_BJA2!U5C#9JyQ@S+mP
zp?|5!GG5<f?G^gnGv{`B=t4B0MmTR@G4j`Uv?n(C&1>D)tZjz6QW2hh4+bbqUk&_O
zjqQlDPKr$vZtPNjQn?s58&dvLpdn#|=Q4oaEew&VOZb;(ROB)-cf_4wQ)Auf0{+Xh
z{G0lihT6i~%QJ#)XA51Ik5QL-yRYlM-q(vFc(lJm$2dFt6{Q2=mEC$>9`VB*_zsh=
z4_Gu0r3=QKkWvNNbTWSOg~;*`4{G++`sJnxk~7{JpTCu0x!xCv_|-*qj*{gS!fsT7
z^pqlt_%);-klG&MfsY>7g}c_g!eB}`I2u2$hwUTsm7(Joxgl!>(%)MW*AQVy-%<2q
zWL_^@7gi;?^FyoQJh@p>D#4($sA8$_3iDvdD`(nO?zO9{=~c^ogIIGi7*;G{r0AP;
zU2$xqor8E4PpqKWd@>k%Gu85EiGxvjYnIrpu1P7Fr=hKcztAxHc6pgJ&nEk;{LB2k
z<!0+dzAhTfq`L5cmrqI=&s(DO85_NjJiDcKG-X365~ro6k|D6l0M3|Nv`@khj>MFk
zA?pem-$ZV}QLUl?<E}t1?fr5rKRG13Y1L4Q2#b<Cci`Ccp}Qfrk=$*6&A70dabd)T
zS>@clROu4A0PJ(;-|*#O7HJtmXhhv)kn+|$J+7L~Dk_<E*mCQluRs~o=CXK5q6}ov
zJkgvWsHm^c>1aj0zHxZqDr&(8x3U_-Tf_D4@*+_SDXRGjpy+;h_LQvve&^&+(4@ML
z{4!{iC*eU$d+~dqrTCTblB-X_QO=gP^Ecv)pJ~wrrlKPZZd=diIxg!r`<)*RPkg!o
zK`pA0#p=St$?2llTiE#0d9K&)77c^Js;S8}_qYD-MJ&}1WgpkWb02Ol6k(o2;rvb+
z5TkJ8d@B+7ojrt>1>XC`{Xj$Z8u_Fsn~KTA+>*HN+ZBi8&C!*v6p493>4E(2?{%L}
z$x6x4O7iTRk~RUHXSsP9qNjO~P|Hdyr7*upl8w@&sZ;UpzCDPg{a7nK2!#&pNs8aa
zof^)`d=?#N#yNDkJ4>N7*oaf#z|Jl9nEpQ2<;!kAaWD$J^>@sNoA0MP*3OY5T9Qrs
z)jXJWi6k~LlrU7tx=7KPO#0%44zVvOVc3BQ)Skr$u(gZSPJT6I|Ci=Hf}B&u4cPv#
z>7Sov5As%)QI8SwiiSSrMm2~;LnX@8zt>_`4`?KFCGD*!PPYeB>e<cFg;dvf&Cos5
zgHwTH8~ba=+haY$P-Y=kNN+yaC0QHgWew`5*YY%$Wi`3{EW4v-653j$%9UgoY%J1j
z*kY;j_m=H#@73p0>)DOMF97RY^09Rx<lMzRQo=9-@gdiNNNS1rFY?#L0`2%WZKAje
zKkjJ)*v2^j(hz<8x;W`1Wq}ZN#(mET<TzDcr_j4j{T?XE-vgH0?n@VMc&q^*t`TY)
zUGW<-Ly@<Cp*-(<5zag6`Luh^xTBufS+LYz7#1T#)>KWA-bT;Wv`ole{_H|l*Bk@U
z$FuhN#+E#XApykXG9-%`ACY=71>ViW%w^;MJgk$g98!7Xn)?BvE9?@-+Ay3E;W3YM
zb}VHrVfZVrKa>3DK*xjz*U!86@=40>yGhF3?)du+3<?#UnoS_AW=hKQ%%vIUwGik(
ziF_DV1VTMDRw~wJ{#CmOqr^(P4<$ck%sWOY^+C9RLm{|A4(T8(oE71(woP$i5D0a@
zh@wU0?RsH-8W*p|RE+^>dLM7Pc^$HXa&3O{$T*hNR%_pBUaJ-Q=h9HiG)9Wrl#cA~
z3!LRoOyAI!O|I)M%N4fmD`7<`?pJm=CW`@DrT8z2fVC+dzo7PaMp*MbDd3kXn!vT&
zVZ8=IWb~ITrg0%Tp*xx>4lOc8=a^x$=|NQ4FluGmOI~L1{Eqa*2nv=lD~ePD4XJUW
zi0~7ZZbd_YrbdI2fI}k0wM;_L8-Q`6uco*S>3m~iLxL;>>9Cx;VD%Oe{&!AT*`c7*
zNxVED8|(8u|6s-q_+vk$rtcj{FG-UF=?1-690qmLU*}q5zK|NHTTC044B}jgW*IBg
zWr?5X!QeWBTO2#C)nW0>XKRtH#HpJhTK0ZQK#dbF2eY;iU?YLG2%N}hcDO+_n^%eS
zjH@F3U-<`vDL+VKHQzx~|CiG!BByi(hS9MF^NLWl+{Pi(uAkJb0L`m34V?2?m`(gB
z_p)y4dAM1RC>FLX%1_qT=tyK4J4LGWxXfSx-k_*ioMFSDpWJhiB%e|#b+kTUYx*8B
zsqB^1S|{HWhf@mbdW7HTa|?2>x;)|R4#bc{al*x5Bv%%e5l)mHrFr1`JKOZ)Zh;@X
z`JL99_6VJmaT5$p%N6-Q=jTee<T8wYEC3O5rB(UzNKi}t0Xv4`;>K{NwQxZA2f~53
zR_lWPESPX8<z{(7PvQPc_5D0>MgkRD6TQTZ7kP^4dy9JQaQ$M*25l2m*g@{#cdGk4
z%0K7!I|ZoFHpSr*V*}H$EhBo8o1zUonD7dicOu%MS%MPji6qSf2nYTnudkp6f~}A?
zL3Y|p$N2}4x3EJ_|GkRw#h$oQO{*N$$)tU2bzOhsbZ#{tYYF+8P;u=36}y><b;Ag%
z_d?yIDi6`ncZ4yUrs>8BNu+f#-EIo=QVvt(DsOmcJXU*NiW_tDIFT#3Bp#=x51P+*
zqg`W-X<_JqNO)NhXj`*Lu7VA%FdDIl3Y!E5x@K|})`NfP2V50|pWrW|bK#IPQ}T99
z%r82>N9gN1eGz#^P&{7{0_o8#tq01+ZZU;2^6<FzPkE1`@EatB#>V}(VL~b+%Dd|i
znc(+BFC%LabRGMSL6%7~VP7P!pAs;@Ilshph~X)}=Lu1V{|oycLa(&00(C_+GPGZ6
z_+m^6go6bCnmF|!=KIDiKL!ej$4YM6ky!G7*(=m?(z@M3)R(*h=x_y}8<%S4e0H9-
z6M7XPZ~1d<Qd<EoS1a3kHh83!Wp`hG01w|89i*Hd_hbEo-BI&Y+zyaVjN)Qzl84Fp
zo4r>x$QzX6RK-yOlXHj=!t<ay68D;l;Ft4vQ{&s&^@)%9SR&FP#qIpvwJ$q6j>6~d
zTp2exwF3@slt<fs&H0<72qj+%(#hW`uFD)(OkRGC6Zf=g;w7EkA3V$*+n6nE#CEI!
z^il1MH^Vmp$WY1A@D=dc54R=(E&ESPp%O%J2MbU%WL#IvXW^vO9Ig2sa#^0pbjxQX
zNpNU8y=flUd{N%NeGLx+8U!@!LO?UCJZ*2$Tigs&obiHO-@%m(mFu^6UX^T@n#qRh
zF|(0Agi+pq@x27JfiOk~7Y$-=Ei)1!aL|oJQS{<YstNPcNs4O@dDrFbgY|pQ8KSXO
zhcEVE%=?tK`0r7?8z|A<1#kT{g!d-NJy+R+q$-Jd7ru-7g#OM?AIFJ?u=x|>km?gw
z>qQvz$jp>PMcvaFoj?W~>)bFMijf;b!Wgy<tbbmJRA>onmBcnc3D73sPR`k`hQ%>(
zxQoW3ViY1gA6@)%X+PY3zX_PGHU`9=Z{+hJFS#xEHpHWU41B!4a7umV`Km4NI?ouP
zRlu)$T0|)EDvc8!QxP_l<l{H&M4SLNcPY1|KxtqPjk4u81G?jeM%h6q9D)qRX0^g!
z=+tG~WU01C58s;rFdGD7)gVzdeI&jm*9(Cb`)6#2m{4t3eo#~pV_Tp%i@$h?K6|e0
zjzUQZHkl=s+OjJza`90Mhd%4mNkZ5$7g9&wlet@RTWRVI^bnlS7qnawi)PlPt(qOo
zlOU7f^r{YC6}n%_#S1X&<f^;hU8*UJfL=GUA^7RDZ`Yu<&wnj?Ku^6|05_<W^x~Ux
zS1j2J7z)7hD;_Amr(5i$fovkJ;41%8!GYK?ois@sI-!Q{5!S!TlX|q~)+@iI=MY(!
zeQTW@U)O6%lck-srou;$yiZZ#mOy)MKhn$6b9EoL<kX;krwQ-RE(ss^GDG9Fk)}x*
z)}IO?{W8`LLp|9DUpXxwaYe*}FaTE>%NKc-3JFgXx4p3V8T7Q%GGUbOKTE12i|{>0
z?|uupKP_a&I4oyhmcGrqyLUD>KX)nnv6C>{ZeM;_%$R$*Kk7-1g}_cc7ja{6pbw;}
zISgqk+`TY)j2GC#L=O;B&eOlX)*~odKo5Y5Bh82x!h=qn7MY6WWrV>5IMZ^(mC9$V
zHMd=^v#B7N`yh!Vl{Nl%dr-n5(;|QOD;<ed7jc!O%p2nW#Gul$wvj&3atHKa@>#85
z8`B@fAt_@lSJ#D-wjDBc!dLZ|f4t1fjzv&GbPwBZ9@A_4)dI!J*#VzhB~LU<MEIvJ
zXNr(8gpCy-#A()z^Y=v(@7-bTGMr2{E?Cm;94SEB`5AyaW5C6Ufbh?(Lj<4@R!LwW
zGQb+(aQ*mNc+)~46HS6scmzg9OFI#@RwPX9S<QUrG<V2F0>7H`ZEk$<kbeWO9aB8*
znRQVE#UaJJ(9?o7;dv`{*%gpnTv-7-5b}qnFk%ZKFd$^1)2)|3`cYUHP-z)i@-y^v
zhcfd5)yH+hhTb(AzEVy6R>yza6GPVQc#N*c57{0j8Ei{`_+7+OZT@L%qKrIBZPXr2
zZ5aXmrV&*PitwqOu!+Q)=*OblIX*Z2>cOG%8OsS7OTFP>dji0qKFsXd+L?jLPmHG&
zC#J#A0Vz&QoKM=?G%X6^&0n>;oGO;ESH-7FO7L=#?m2R)hxYY<V*Itvu2$He%#F{r
zB**PM{R86%j*p^U$*%Q{l>x+3H(R-H4?nfd2{-%aYYE7mH6y>|v8yB;1S{8Fm3>t9
z^4M?0)X8<?K2$hR4?XvE_k1LY{lEl64Fo%BlnAfwNThm|$9KMv8I^?t;ao|ZWg{EN
z;=KJ|uAUd&pxc8^)=CNo0<9@Ja^fjtABFKVTVhWkIVbhASLZ3xu=Rp>xw9;b&%7;2
zN>>uvYrzsnO3Bcn&xBG*`V~^#Ukj%ab1v_<5#2qpXv4FRykK>x;W2QLYj|v*%wbB8
z62mFpqrcE&DnZIs5WG_oc0xBeI<vD6=MDVZhy`*Fpd0;{5M(3j<;KpM9p*-vlI9o1
zY(^G2?j1JeXwNbkucpwCgrX`ON(G9pAcHiZ7FayDvYhLu3#w<mo7R71@u7WqNVsHa
zfZd9qx_S?sG~R3pSd78L&5Gu13uWMtGFT85YSIugW-R<t61Leud8)fcXNY?#%c>fO
zrS%+>L<nug3(p<vWl@QdIQ6rbcFWN*%Sb#*E=RALxBpI&$Ll4OC=y%W-_aH>qZ1|e
z`+yZg;neQ8JJ>NYuxHWG_g7018ArgrpGT{nNM-6(c5Q)@yw%z_k4aba*C}M52{8`&
zC>G$B8g9#UDi$`Yqx_mK=+XBhp%nebR1<>W2EILiBL04VfSiSf<Mmp0H)~msjJ@((
z_e#})+He)T%nY}68J+6O?-x=YFGT-|CdK*#EsErWpOSV;KhRF#k7~aMyW~=q+}$9S
z$7&-A#VCjd(}r^}c|#Wws>*V?a;QM^eDlUUi8sQ!(b-JVhThFWSSTsef_6<og2|V&
zv4`gB-Q0PkZgRL8IWK(#cdP4D09Q-c>Wb`l{S0O!xRoKqxAyww#|+4Sy8KJIf=Yxm
zP8ngiGul9i-hZ%!02A^iZ$DNDESY9*L|9LUjBd=57TiIWB)D8!;5r=GJv_L9W;8q1
z-))%XFKoE=f8g{KSAYjxbcI7<WmSdNyw33SDPeRuB5urBVYokgKFJ{g)dx=(hboK2
zJVZ)pyc0ngJW8iup9_B)Rg0erfOFWrE|5HG{=@%BtV=MEo%2-E#_>Nn=x(`ewdAe4
zEUqCY#3Sd0OlhWT+m)VJT<u7oDVf4ZD%x1#4WF7>btZkNRWUg7oyla)_A;7m0^DYf
zR9=x=Tr%`4c!>z*{raT&+NR^~3Dmyf=(u|pa!rf7;h@1i)H_BbJRO-$6g7GlVaG3>
zK(oGs^kaUA@boV@;&^=qbt+>Oa1FAPBZ+5l^-G<nc$8{FtVF%GGDvV}5X#=)*|EZ`
z@2iITR9~hk7#N5bt9WZ4E6NI~hzPsr7OdT18oZBr<Ng6oE;cvH&0fZ!8S~$zG6LJo
zQuBOCa{P^@Y1+|h-n6S5JoT-=dGb9HDkk5@w1>+w8S${t@Z^Tmwj$GWulPMj<r(*3
zpztAiUge8x)7-iGBV?9;4y{Y{ifDmG)PiVDeX$rRxQjKN6<i3c=jc-V!-HLpz(T!W
z?kMSW{UUB=K205<VYU3OP9c8ADjcWl!TKEP?dOQt+*QY*>+$WkJgDVus-4GUru;5a
z%}~$(#TinBP(I!0&=5bl9U+YSP`|*)(N2yzM*%@y(Bn-)0rJ<j?8Bot;|z_Dqi^^7
z3yr=3tmoTq6}Q#rSFNO4jR!2K7&p#tl@T`*`dDTQ6KA*IpuMH}iAi<QB5#-#WsV0Z
zsh$p1DU^4BL|Howj2K6@)py=i$ZHaE$Iqc(p{B8dOzy_8g<P1LDXIR+#YE^4(2Xu4
z29Zlmm|!6w>E3JMCHZfu0D*~=dtPjW0OEy|<VB&qGBW!!fdvkI7uKJ(I3JHQ9~&0V
zdK3L!>cds-o2>BjjgJ}WZxOQ;D*O5B$qqjYy_-6#yW_R%O5s!9uT>yKNed2qL20&x
z>oumD5=1;O_owCy1p66~C=*Bbx@Grw|ISO$wW1*wGHLr^cme<=(P$Tj!Ox^4Y&`t<
zUmZr0MCh01`%JF2hn!lvbOdEb+lI#=dZCsU?-%Xr=a=+Qi(bt(ZV!kC8}4}TkM^w`
z=TtLyhMZvKHj86nZr!~5H8iAZwL5}Xf-~R8q9WU^0Q!)@Jcab+*^M1Oor)$8n7?t5
zWOzc*D}bEqYx`<8<j>!rL6!{LuoMYCf0tEP{Tt(6wIV%SA-MwE<G%oD?HKwob|K<1
zeJB2c8{{~%I=Obkw~Oa0NVAmK11qL{)@^vLUfGG3lI_H|Ta0MEOAc<jdHA)EzP;pG
z%H}UwW!5q^KuZ3!g&iHFIzc=@{kNr~zEYh^BNqR=(vNCMi0GqEp2`|al;tcZ*>SD^
zov{m#RvGKA<=<!QHvXHtD*tsPlSS5!J-ecU)zxy<lIV^6o1=#^a8IDK0t_RXWcc7K
zb68#^*Yle<g4#OT5_2h1GY}dtket-OUMYCF1=vBG{xtzWY~1WK+H@vinGAB*040QY
zACW1pCVRQUpv#+3{B9#*%-&t7J>nk|AK8x>q3tZ%6_#f{voRTA_gfC;`r_(-<6~#3
zn9vWGAI3?o?$>l)^7Tn9US?WvN2DJ<RDc2Y65^^>jz&6#!w)e^I**qcWJshHm~j9(
zwUbi*aF6>=$l9NBFsG2UOu}v%WST)?E?LX9a_(MR6(5`4FM{Ccfmr(7`BTE~e@Z#I
zgX)&ay|W0~ifI)u`oISn8hgEoP*CzHrE-x@9MPkmKYw=MOVQN=7a)lTXzg=Wwc;Fh
ze|`MmR$&XFo>C`{0C#Y~8SPw_iOT!~c#OD#ck`vCEB&j2*Von!H%D&Mkb0t&hNcI?
zhpXy3962MXnWnBT%F5fOZMX+#hUY4LrIFZ1FVnq9S?_*vrKMa7^@6=0=xfKh5GsO;
zaCn!cs@0pe3=wqIS=w1C&dHBFetq9~Vp`rf>c+FQbAW+&L#{ShhU$?t1vpNfD_zCw
zL(fswx2oknWCszKqzp>4_5ZUzTz&)&@ViX=ItE9qXgNg8%N9&SJx0eNCW>=7p19b@
zk=qO1eu{dLt@kl*pmf(&&Fk(5d<ySXW);--(^pLw<dbg%x>LUQ;4n!dbq&RBq{oM#
z1N*Y4zkc`1n0=Hz&5YZSL5^p!NY6pv3CR?vGl3FUEvXGy_xX{(-rQH*N_V*D*TL~G
z%@LW3_*<SYbzMVZMx%cAEO)~A2)UdTdcRVm18e<NVj8T|{We&3RUid;b~g+MZyOue
zS4{2V#xdO<35pMgTtYUv0cc0fwQ3R~c2_0u(#Rwt!6!~EG=!)Tm)-TnucKpDBro1#
z_0fzS20={q;gfG~+=q`@d!l|Iv^w`4{jD-1CUR;%%2Z0L4i1r3;<Pk;(oCL7)^mt+
zreAePot#oy%*W`xBsnV9BKyWy`Uz0EuvBZ%%)tgKFBQ%o>j_M&lP>$3&=42=g>5$N
zZ1E`pv{}ANZ4+if5Y1vRX=g9s_G~vB9dOg(Sg@Us<EuNXNvza(GbiAE<>4fFqH3fs
zw@9@8gdN|!)y-gOmjb_|bOYfA@W(uVZZRsRJ)zze2u!k(uYCvKnyTSmBznA%xcR{W
z{I9=>stsye=7sZa8j^?-C)x8kRG|ppTqNiqOlr7s{vzfXO$z*@gnRqym~xxxa7>ng
zx>JqeoTTekY_fa(gyQ?IC6CLT8g3w3Cw91bZTmXy!^vKCa>#2ww>1?ZAGL|jF7j*9
zl%rbqvOh7#BwHCI6FP}(h*x|RMOm00Vxxn&Ge&0OTN_hs3PTjT$pym#L@Ts1t>q?s
zUZZh+xwfX2aNc>;Dag{X3{Ro@uwcKrXn%fyH`8P~)?KgQdRjNt-R(l{G00{p`Or-7
zdH}gxo&s{n-9ps8@foHJQkN`KgQT{RAH}B~%c?V(XeZLjKAmFXWZ8M9h&KIqD|yeI
zI6d}W2i4UAZJSC)qfTZA#Y~T%jIJfs+=nVh!>`J)05quh#f<!EzS9lEYN3xlll;LO
zm+Sg<?32gLRR}A}^k2r7XV*1b1Xv@5EJp%!b0=B?T{rs1p6vXisbXpSh(wv%jZ)c{
zc`9?Co-a5^V2sh49HPOUfNK%@5vpYn_AJh#ArP1Q@1iL?^T_RGSlOYH0Y~>9JoKFW
zra67q{bT6J+2RIYYCak?Ou3&wJkPK*Lm%10FLurTs`VmH#T68FDk2YN|20Ws6dbF%
zuqR8=cwajo7~5o_FuIq^=Bls}XXIA5%VsO-_I%ITWa&@fHEFQK+}aFiOF%iKNws*;
zBcs-6_+v)-t!vY$;jC-#a@ov!`rH#C9Q<{dp;|&v2d^1>r^Sn!7?<bnqt_{ln11u|
z+6p61jQ5U0<keyA(F!gfAA%wMvln`YvI>3UUSNP?0&^k!HfgeGoNfM`pwj-5CgltF
zk7{stY17Ul4?%w_H!EMq0mQkJSDOqh{iz(b?_ARM`&AbLb=XqN5I=LN{@j0;iFxPS
zxX4fm^O|-fzTRf+J6@Pq0B-}L12<GBMpn_IzpHsLi~jC?<;`{M{^D8LwZ>ujd9_iJ
zYhr$gqw~JJ+g;L~qe)l%>PbRvQubg_CgWMv;O>3dx!Ll#vD~Lm=Q`k6^%g!f!~@*z
zQ-6(@OS7%#lq|)&g^&V@1OP+TA-oD|TpYIc>+&H?z?--WYG9iV&<|xl`jfvc_|**d
z^K1%%dU%~I!FCCc8lM&|8qBMk$n{*t@tKhm!4=3vC?iU5=^yH3m_YMr+KXwXP$nWW
zFJk<k{Slf6NZu)C&Wzwdxn&=4$(${u*Z4%`!;u?<50`ElB(BD5J;Hc-1#`wd>skTz
z`NohU4eiN>=`IRCG-ZF?WBZ?nmYX0?A59-*L&Bx>M*3tEZdlhRRvQ5p?Z}95sh7cn
zCD#|L-atDFm+7MX?EpLRz(|H%8SBQI&5K#?*J%G;dGOxQ&9U>(meLuiy?;S+JAXFZ
z8#=o2{bKnj|0!@j!TuSxQuq_MSJU38?VfDc6q*X=;OuNKYl-9o6aCF+6T>GQq>5@_
z$kN)SBk|ltJGSc)RV}j9_8{Ws#mi@)^4k1hy5jL+&7l+n!+*-@YJoLmsiQ5EROWOt
z+YD;KoWyna@%10bJUKPpWK?|cpDJhotbmJ=^gPUi@L`I<cFaO1|K-|E6{pI9`NToi
z9LYD>m(2q|$e*&A7wtcE{6rc;pw3TNdq{+O)FI4yx2IFrNv)ik)|HcDo6QuQt{a87
z^S?0rg3QBt`jv=4UYY4_ErI*btRrf5LhHU!+Qp6qGdzW)ayJt3Cg5oDVMqRrXsp{w
z>Sw{F%g(-;k;7g$^NDLrA=GGTnY$WAYMb_rxbL-0B{R7P^@|uo**0N_$8uDS1i$bq
ztF`W!{nXttP%$_B8x{qMxq<-&!=*0PG06r(QklfaKaR=(S>on($e9t`h^mjs4(g(b
zsZJXch9T37*Uy1RVj4@P87ebZR@`Q(e@+v`L`3N}{VGy0uWVawMdxZcz9qcm=o6%#
z;jtzq)n#{lR0DIN{oNjh^qaAvhHBf}7~VSdYBQ!{HE52*4k^ero<LZ|NA2_{M~6r4
zBvIxREqsy&DW<FsQ>Q}QVk$cI880Pm2RcD&!9`(Zyj3X`-H?}%{7t8?jYEHh*iCmj
zW5PwA%kpm)yQM|6_}MvT)oG{yM;*h?yzOg6jLSl<Nz+eUZ|zP{+Q(m%s(}4zC(S+{
zRe(?CHNb(?LM>eT(38>H*OLbC1mFC8?_h#d3X2WZ>OAJq=2pp`hp73xu`~aXEf3;n
z9+8z;wu#B<Lv`f{@{F!JO!(1BD)GTSZ^FHPme5ZRu;%@hZhP$U8fv`PI&cRREqC+y
z$F^uth3?YJ!ftYHFTJrFYr6-{CwD%OShs^QVyDh>4?BqL&phha^RqKiFi*DqQLT4G
zugM;@fgEih{LsGsn(XX6yO7U@cl^`V+1&S~C-^nI4dHi2Lk(?iat*h)-4-T%7t8p~
z#%W_xb;XlW@O{-Mk%jPys>}I#=&t@<vWbF}S0|d!Tp?ab-ht)rliaeTn&Z%@;&~Go
zQX0D-FL$%5eW7qGp3i4qDewq%TyRj9x`j#eogn&3uGFxb|8c!SZ04~B6U_8#bxaoG
zB$=<wM;P==BjgKbxpmb+M<pMfa5pd1KZmLF{pCZb0SvXeyO;tp<?p;s2lpqnn)ReA
z_InZyBCjw_#`PWYHGf?iio|CNkuNXH93Br!^t^StrTYlDh1Kw#IOw+A49xwxxhFd3
zw8LuZ5|<8UH0%e&Cri>W)+px=l|JmWsD5(mp^h}sHlXm?jH~<4?LBzZ^;&n&gQAm6
z?@7i^KB>I2->t)QRlw&jXiE@xT<8g8UqpT*L7*iwa=mA1a~}sSivH{T>-`6l4qz7j
zwXqbe#g%>a^e#ov-5CDyIZww@j^8R<4LjVQc7kIzxL5-uW_rq>{DD*p;_xyp%tkgJ
zvO@^u+D?98I6dp#t}X$Kem6k+k7K-oMPhEEg_Bga&pNh#-`lEQITfnV5GlBLmgG+j
zWmi+2{25bz$^tk77SJE;)xJl;IyDaAe5xd>jy&C4fYb$pzx{Yz==5x;B~-Ae-s#y<
z<=F;XoWm2Mw3(bJBjad~t$+u|&NXdV?kBe?%5^S?93Z_-0)#$TAp?<zR{Cd4XoFA4
zhFFZ1Ki0sJnSQB;PQj}v)F9@KHl?@J^G<B!aP`;@X<)<{nPsRAy7lwFdrQO+YH+>U
zXEUc~57xkirbbyAb5qqw$R<1pGy9&V;<D*WkB1Fk-m>G|658w^RPKZ}yG~fui##=8
zZLq!TQ(kh+hi_7EZ1-bu7V(wBDQA!yA4`J4)PMRpft`Zr$3jvWun%0fRvvG?R)+2!
zWgtI?vqL0bJe**en=^D$>!4WT>J_JtFYf<P4|$De@y?sY3f@qa{8RJGq{c=BMRe4P
z5e0gLOGBtt1KIF9vbe4NBoTqB-(@d_;UW#B-p)MGJ9yd?#~}nG=i03+1L5lyBJ$)x
zMOaQThMphyCl}U*2*>`P9YKxtS|dXawYL7frt<kGcje}rFI56N$cF^}pRY-hXp1*`
zS4Z5fP2F<amv!py&GVUKv){tJ0q$zeeLfm71;7Ufml)X%(=xG~@JsOyq~pTD$<F@8
zjKuIh(3Y`_U#rp?>u4zF^78yo^I@Ppokejj!Aa^Wh`}a2v#}jQlt0b<b<p?GJ^8qG
z^ACHs0Gj6YxY2ZCpU&HXZxCO!$KbX)l2UrM%`lB7OX<kJV=Dw8+fH=o4Xkuvs*~mM
z74b3Ga+~kU`q;x7!2RbAn_=NtnrOWsCK>4YKaImGT7T?m7Ms3prPMm3*B+1LZp2L>
zZvhuN1Rt2Etm~{#@Eu%W9u~fT!NZAqJwN_Kw{-rXT?OoyNjpAG8gbvgVJNCs<ES1B
zX>ugP-{0Z3aB8XLM>Ql!7AwFC41wa`*C2{T7lYwN8yj*j)xIR?zo<{*ja3wbG@7|b
z`SRy{576hqP^})CtVt<<-)2ig&OtS>=kysRWa6LFt{prk@T$djb9$JM4-500xtkc5
zz{K_G$wP;;4TU*wbw2h3SqsL%&&Uy)zSxNo2T+3Etu$lNFX8(EmyLuf^~;8uhitB^
z!wjO@OK?#NzFbq^Ws54nXtJo;E0PV?rHQzMZ%uMv4uN~h%@M1zK2y`BDWQyLrZatp
z&B)xOB56y!z^bz*xchn_!K2f5Oc%Vt!ussL8V*$iDP0>Gnuxr;)1@^3PWcCw{O5&a
zOAYGEn6XMmm`q<j2<~8?O(fsn&Ka8*H*-*qf8qyXJ{dzl_3obY8$+Y^!QjK8PF>p#
zjawFB401AU*tMBqSA<ln@0eIljVJB9Jm@o4Ig^)rynh<E5xI%T1X&UvvgEVDMTjNI
z<dwN35A;b2tfb3-O_iT_(VQ-p2~T<J>TpxVD}eCcVIep1W~9fqrP1+&w;!lh2bjL+
zx{ot(90JdKn+v}!dTrO!xtHL6`^hmsjL31zuH`fPIer{XMk5~v$pFpsCkUhm8|4E}
zhm7h)gJvj1%3;$Q#Gt~pah$jg`lY_Z<&J$)gdLeg!^A56pK3S}X!LAkzCz^uT4Ix*
zN6wtvL(Um+GH%7+u&hv3cGz8p`Bt7?XH5vBRXioIxGBs8;yD&yy!!!kB~?G;d-IyR
z1*&1Qv-cS>?^LdIKnPZ01i0uvwnzeo5^x$dN|RS3JPl}9k78p!34s@h<g|>uvB6Mz
z!Ak$12vi7(5LL<l76I$82vi^6M>w}(!wi`tX1hQ1USQ#1m_IIT$FC*qBTic9CVU}y
zY25&_%X{IggTO`sNko~K6aw|CsD!{ttg1MD!#avdCy=sln#`(P6C_3aF-Czj3;R%0
zZWI}Q12^~5Pm*>Zk?Kij&k;WdK|VwEQpDw#)?c(%S2cVUj5DB~1pg*@g*9Zi2uX}&
zRup3c_g~WP?SO|OQ;vnh40$wf`@#K}$Kl=Vl?xA1+70i9O9AzZ)6>bq#0r*ufX$at
zwjFoVuPJ*mh14h~u;-n;E(SH~p>hf}_ZpNcPNIEk85V02(~{HCuO^klhwFoZ`~_u)
z1tIr)ng`=*4mzyd3As?}L}an28&fV6xeW#<0A8AsP6V3(Ugl)Tq%`G*X^`(1u}-J-
zH!ks6uUrJW|8nMltN<kzsuz1*+n7>q;|oO`qii`jyewI{2JhPsyyiXAV(^&3`-cKL
zCHFTcRQ4q2%KSwKo3lGc?c=q0RShwi>3IrdyJ1N90|AszRAX3sfUYO@FE3%Zx`JbG
zu`4F?;E;Ab^3s`0#pu&uhct}cj8a<9yLKfDJ0=OZ)Yu*=2r<8YxzO~?J#(hn4yAE^
zQgwXU3YZLb%U1yxxoibb=C7;Tz39}L?;hS3Xc4Lp2OisRsU(*esfWPk^ASzE&^H8Q
z6b2j-W~<-ol9q*^^e`WKEkZp#CwJtn9Yb%2CCOv~^J|4$P94-6X+IlOzhM()gE0qr
z<_Y)!kO3^z4wzTJyeM0kZMdQ(tb68_)Yq)iNTZn-8~P#k-MQ|XdeuDt9NA&(&0REC
z&tc&~);ac4tDB2$va1roeLJ5&zGKRI*W7_=$Svqq;z<Sj!5;{g&4&GvCLtS{igojQ
z3a)8d*>*3R{aB8#o87$e%#G9Y&N(}DfNmfT>F*$hFDu(E05!~biuIalSst>&sL_5h
zT`zWWW7=;)04FTxYdQNCThfMu&pMCoE*qNDJi*b%U&djQ#~jS<YBr4T#Yt~ICS`q|
zK77b8xOGco$?90))%I|!JZsI76ZMYjzjv~{Ep;DTPn-)SfdJ=(x>(b9Fjxecde7^&
zI6~AC5d>Fj0@lEFoO1Ux=KHY`?;y3MlkPJG2Pre#ZubirH(4Qe*_-_%tGCgwT)O;0
z_u2Axen($GlI3ra2BnIOeX$lmW#6Mcj)KMr>_DjaUv>)ICgE%y$>0mjYkzE`V7F6M
zCg8nw{MVpmjE-nb%TOTG_fF}JsY)Kx>s>pKc|1#Zg_!%PZsrP5{s^#Om1^~KD(}HQ
z*C9^Kg{xNcz;dWzxY~qq=3vWGbQn#jXlGx@yqcHhu**+DeLlLO^{GK&C!&Gx9cMny
zo_2Cq;Ab_05J|11wpHl-T@GE5_<*AP%tg0dkcMLEIOM_BKhu8-$k7YrBNSuRl5)&O
zc9hf&&v&irfd+{7w^cVAm{fve?}N*Xhl-=Rg|_8v8+5WB*OfI?9fmrG9Xm;`mENeR
zTE(_nmtKz)mrM(wmvWc+Dkj^*uYP*!4CjDbh4g8S!Vykx@XPTE=~?b)n-$EL@qZ+V
z>E3>6oz8p+!#d%oOZvAvDl&W3GduUoCxF0lhKRB*yO&A<jM$((ym4tb4Hjwuqm;U^
z?;1CKxEv|u@}mXK-5zy?-I>_YR_1M4HaVY=xN_IwIdlK`x^;e5*mGctKYJcZILEXe
zx~%DL(PIxz7`>_FMY2GlnB`~UITwEgUZXz=ZvNi*@-vt7is@O6Uk#s%MX+E*4L~9t
z(=AFO_PV8lDey!4T;|&_hMAD#tkuB7Ny}Bu;&FC7&2&t|gOWePjJBfC(lG5nyYR#Q
zIcBeK-XBHF@0ixDuXr-agfS-0-X}BN${5kXqI_8%@hq%uvx2J0xjp9GUH>pu2J1>F
zu=J&V$u+!?d1p&4pnxpX8gm9P*d7IyO-C*bd*vX%#kQTmjU-*FE==t8*K2zwWR8Pv
zs6DK9*bM2X*hg~W_+N)8qzEI7YjwCQk8WRTzJ%APbN5rl%NfYxF5r8{TeJ%*oiPDr
zlIOQ#Z%_|U^&Ryy?K?H(>R#3>Ta1y7)7|^^LtYi5z<-|2?v@1v^WNZ$m`K>}gPyxV
zdR6i1w%C&;JiFGQ1P9CCX7*XB@1KSQW+0XGUPf_OZ1iy9X}&_+{@beBGTq$5l|I;&
z_h7@Hrsu$BSDh;$dJd}|u?I4}>azmx+`8BMcM-MqOH?Lnj1h4`8c<)M*g&e9HE>sq
zCA*D5FaVeN9f!q?7dy{Uq59l9_UaC)`S6(g7_BKzn~Lz5l0_v$TmK*BQwMLr1}~s-
zQRk;Iy~FLqr$zaSZ`ZN5kfLe-$xHUU$d3zlRwIHqeG!{GE)|tm1NXIoWH)DzukaM8
z>^dB(1x|JTM+LdUGoBu~w19Q@sPc?g@ytM2c|4-;Jb;DN`nOr}1k84{*zdtw#@GXl
zMW+n`lOlR0ce5fz<ujaTQ>J-D+dl<KzT_V$3)LeW&I=u$AK91AAV-lG4WgKuL#Ex3
z$XjlsxkK8MJA9U6Beibjk=!ADoes!HFC*ysN9gpZWZCV)_;j5Li#}l91I@*J$#6V`
z3vZ85W&St+Dc8Xp`U-Cj<1Q_as$K@qe<2g)!-Dua;)1|wzLU`X?lRn7e7srmgwu-n
zj?Kq)&QHb_Pt7YFX}MGSV$|v(j=vlKlxkR4Z0&P}3xDE4ztj-Yx14xq(ovc+W>1X}
zH|+KI#{#ccJcd!MIzNJxK@v1U2Gq~srKz8-1JURy{BJ}ibp6UYztb;T5h&c7N)%y`
z19yAJRr3M+D#M!j)fJYrZm(`P1fy??g_>^t-K>ap<Acp+#2$&cN41`)l^NnuE$FNo
z7_W_<x(d0IDqUNAM$1?6!o>CcN*(JJ8%_kV?C)WifDfn^k7|4Io0%0^lPK#m`$>~|
zV*V$sO)m2~>oU(~O~&_&#L6{YL0c20?Bt(x>^JqfgU#l?eNI|tdUA?M!OI0ut?JP5
zCcdRoRH@8d!EnL%bcXze>jj)lubbq}ntBT)sbt$#AYVj%YGUKCJ%AcOu|hO~{O$oD
z^O=RnrVjE)&^mpcJ}-5=K6U)Md)+Rmk6<CMR}Pozxa=S*zOX(AjNGU==7Ry{-7wK=
zcnuR}pb>0#@U1(^^wl4X5@uQmHL3wEZayxTT+yi8n4{bhQLoD%^?1ye%$0_r(NxYt
zh8Q>TPy4U0Jtk1BBmr}X6m;}K22o&X3y2JI^50%j2sV&dwHGO1G8AR$bo+z$v+Xk%
z@HNCR5|`<w;-^7nOjM%3uMVEb9(>3g&lzKAnIKL>oA(?ck|JHU!<@NYL21&3*+G!b
zJ$ijx<p2HX6%Q@Qdd!gJ<oRKB%J`0JEp$un$Ups%<zGqBuQTYe6RNlJR(x+;ebIQd
z{&t=$OD?A&_8J63Nff|(4o^^^f{4Gu-$#fU<z<wMWja>LZ@nM;`U7NsP1>~eQcfJh
z-7dWgSQ>ZKKg#`HX&Y3u!+{y-rMwY#E0~n6<93r#?de?a)T->>!WZ?Tm_D-U-XqVl
zGi7W8l)@{_qUS_miFAcnmip*AAyC_rP_3w-CH*p32t0|Hqu!nf7W$5<7HG87tq9#t
zREol?k4GuBW5VRd`>yIEAabl&g>4^`#MaVrhx;#QUqN`J_-p^_MIIxg#{2Fj@&`Rk
zeAN|2B_~{#0R6|kC?7N&U$M^6<y&e$CV^^!L|ox={Sy(`rhKN2!MomV(Q*A+4V%%&
zysy6d_>4{OUm9%fNcY&PJXS=OyO`q-rgS05PA?G6qOj6e;ZYv_5r%VCvD#+>G()Rh
z;F??-=a1eS#jGzv#-SdyE;148qzJKhB@=>(P>Ok)A$n?VD**~?BC(CmANb>F{GIj)
zl~2_pWOD{Fy;7Wu&zMwoWIp$hCuBC(l78#NUe%s@EreM!n9j}YS_1Y}XZ}ZUEn=t@
zE!i^>D39xo<#blwXT}e8j5WmHzb%{ZQPoC#2VlFBF{oG7KCX`fdUtcq6sogHg1aU%
z7#SPT&e~e*7vLbFb#Nc*=%K<QRbDZ%d0UV*zIlmwC^qYfi~L#Z01~0a;2y*Djb5Jv
zBpGGmb@&eEmy=d@0ke`2X`nDh)2v@6Xima2Wn9jzVWCsW;+%b>?#Gkc%y!2>bX9fa
zYYfiYc`c+^$tidJol)lM`yCaIJKdrQ5L--670$rAzw|44GKn7l=2_Ui%5>GEG-<Ni
zW^VJR?8EbDBm9Jz*cm05m%!Gug-<HDX$CfwuVeg8+k)Cyc(0ps!uGGl-}Zg`7ngqr
zn!ov08}#JlF>?q-E1UP+sm`Ol10r9X;usk{zOu~N2ez8RO|Ts3>*i&S#hEZ0E}mCb
zkyl%{?baT)X*QPcFS!y{E|0Aq1gLL?#Qh&p*BG7W(nVw2Nn_h+tj0Fl*lHR(Z_wDb
zZKJW#*lKLs`rh__xA#w0veuI|XJ+=<XP-0rXBo~uJUIY>!vYW6S57zkq)n+gRp85W
zy<XcQgPw??gF|Kap+3fIh|sVP;qS(qUGP5oHUdL&HK&}BkY!38`S^k_@?J4CNm;i7
z>m9B4XHxCadHZ9AY1%j5y0*xZ)Ov`vOP7TCo$VeCA`1uC1iRie<Kly&2xT#Po}^G8
zduc5HFzWyaLRkQgIy|gqMObg&d1|VY4jPSSg}&3yAicD*p!{|vLlV6@FbzE=`jt9x
z=SwdO33`+U{DGH&uGie?^$r<0b6MvV?#5nwiZ0;1HwD~ZE-}oC9W-5(XUs+enpPl;
zZ<mlhXp0F?I27YbAX!vsu?Q?H&N>+gZlM}3{@25N@I_z`t$+7WiYC=^I{%Zw&-_`g
z6jqvmEH5L#^fu|z5>`I~-qICp7>|niAM2ePa8%)0im}kLwWnrnumgeDbd>pP3(wT#
z(y%6C+8<<G)x%pokE;g@bNt0OHnLE|g>yEZ+FZWV+3;4UH(o5RY~#+iknN~6F)Iol
zqDrgjZCtt94=Fv%JHLJas_q2=_!lH=mhGNyATqo0?$-?ydo<8%uYD_Y06zS*`Ks)d
za=o_oBr6Tz-eJ7XT`8TB%;xLQ4ZIn(q}YfmO~V{=`149ISOd&Ge-9h)Y=ZV+tsxoY
zm6AFam2AlqQXb{=oeVT7^%HuxyqCwB5}sFZf6*|)>d&`ode&$F+4EW~b4<Rc!bN$I
z-!$^y$y^?LqB6N>liwBNz<gT5W%Z9p0jdK)7K<^K;Sha3F`LC2V>sUYgWdR6<jA3I
z<{Uljr`5R{y&akhw!qQ9W%L(5pV6KbVN+E#e$O0<Ipi>gh0Y%Z=Cg8x^T&n5a23w(
z#9>O5g=><)J23W0d3Fx!bOZJjXJyo~Q=Hbz*4LkI&IXUBU+L42!Yn_mO)%I~4*bJA
z?ncG*eTrI=LM9#Q6obCOnpB<%=G6Q2_cPIA1|L4z%s_Y>B{gV*vEnY56usBmaE2{x
zirlv>-4`)9ee~Q6o0ES_)B+>KHu*x13;#kL6K5=_&mCnyKSwH=Hy`yWi9-vF6;L2j
zU2bGCzH{-TS0{$Y%1=NcL)Lhn&+Dl~v}DI*GG|;L=TCWJmBDl{+?b7}JJN|n!7cmB
z(wWr64!@~<&t@!@Cv=(;TPwpSfpIkQU$^Jsuw&OB%w4H5QdRpNQnIz5_D~wg*RutV
zoVBEWC(k7Le%!EYE)3BA@YvK}s`EZ|PC}Gab6*<Y((N|YK2}t5&lQ#GU}#xdfDXSH
z!-fg<`=DiBg<L<@=MTe%$120DT9I|sv^?F@)iGWUqh9I@Zhg6&@?zNe2B^;JpCyvv
z{;SsB`oM*Kl?VWa+C~9naNfarjY2}v-JlMEx*9-`=)7f@r~O;1pk0IRDwA8gTbnP+
zXwVdyLc0uwg(v~5BlhVRS$8pw7+qA#c2eMP5Qhm)!fDQ=W-(RvQ-dPo07wNbltHmy
zP+xdf)<`6hZ~kfu`!k=L(618izl9Ay@+r^Y4^_E4wqH@k!qvr2YrHQ?<(~jeAN_Y`
zA3+3fg^IjX2@EvDEJswKPY|sB(43_af|VG~d?<`29r85kR>nlE>MC5X+mLJYC)rfq
zp|Hj<&&(y8a07<FuK593zv95T8cPk+#3=UxlCy(#4u@9o#3w|eSZ-@@E~($NefnAS
zej@i#r&v_w6c+HsLMD)O?dOtQxD-RFmI|daWy7EIEgUR?KS&WA#2`i!xWrOnm$3JR
z_sa6`Y2l^UYN<o>vMuu1;ZEtkpa%Z<>j<)ZK0k6-y1%HZ#fOA!VJAQE#2=SyT)DM>
zVQ<8_$fSQas9WoF_kz6QdeFkl7i4skq$>pIURUeQ(+{-@uypqtlFg1)>b2kQg;Zg^
z&#(J4wZB@jXiirqS>dv2w?Dl;wZz|D>&{(c88$aj7@sU2Tdm(HuRQIl&Cf$~*#axh
zbEBS}tJk|%WvQJ>S&j|@RqrTiM_TkrnGY)L?ki<guXM>RMt9-vYAV8mDg3{8w*ZDY
z4)pKndrq`IRh!x6R|f2Hj7+OmH%oeQ+h2$#?mDGo3de^odZ)7WoZ$Y|GLyK~W>cq&
zY(On@fYQ$d!=tfw58SdZfz(Il?cq{26fcUSRa(%H(S%CdDV615!K{}=2Hmk<p{LsN
z&E`V%EBfJKhNew7{4;aX<`>|BL(*L(?88|qExHWaH^H^F#$g-$rTZ7!@VXkaUp0_T
zl70&JeQn=X&hYep6fsP*Ih?I7E`q>ThYr$8iAp(p7z)0CZTM5;g&5~Jo`;3lJ?qK(
z(Z9zLKZu$N)v_CsV;Ky%MNg}Nj9wb_AjET4$M-55#GA@zpqOr+!m!a}07Q}vf<^@4
z)$Gb$%DG2**%8!#q42)Fp3SE2`E=$=I0r<lcGo)`iYZ9gY-FU9#$OE_3^rIkd0X$O
zc9yhn-|O5`7d<`K9T`v%UCu4)7h%kF@J=7wt^p5f1Tbp{BF^st@3=s~pKy=<LNv<k
zgVh6~9Smars|pAHHC0s&1%Qqh4@y&)O(~2!DAj;=NeiOBrw@Yo*HY&!5cADb5O#VD
zQ<w6eOCqhE)d#rFd}|}%Vc)t9&v#DSaJ2ZV%pe1!t~TlQ5Smk~>CA5ySHY*6u9^qF
zs8-lDV0r)&(O+6S+7k!US`sZxUGR8(lhMHu$_<jhnHB-O;8q*v^LfVZeZB13Ff-;P
zB6$JAv7eM^B@ZM}bIRB$3YO7g^OeNQV%2+~)j{;}{<AGJYZ7RiInXvvTnQw-qsOEi
z^U2MbkdO9(mrCPpy@@3ivsCle&-d1^5LLT?V_LK6M27IywF!AA8!?Sv^o|2#U4W@_
ziD6?g9Ig-KahRyT%8mU7%RW+CU_5=Fj*W>mQ$5|M*3z1HOh}O-{?7arO8SH5PlFO>
zX*N3fZ*>>W&A3=_9xsNs9a!3z0p+;vqCSaZ2Nyx!ntHeXDpj?J6Pk#H_#Smf-1m;&
z{OrdE&%8;`DqK|1g!#;&frwL_z0QEZsjf?)2|Iep>_8I$sMGYAcF|MC>S{k}AAjPj
zeOD5eDh&;W3b7QkIBP)f$;YL((WeP2=%LnmPLh{obLX8#fDho4uIa^o!iM*M#3q8`
zvm1zfT~R_v7);i%xi=G-&c}PI+(mDq6A*Z7PY1bQ;e0B(2w=W_b6acL2T++E+_=|k
z$PY3?c*?7o@gU-lxkux#=LdBKsxnIks(xeOF7O*lhNG4(@|}iCwAZ8!2bw5*!0yh=
zg9sl`09K!}Q>%I*!j8z}%~~-ae;FlFbL?VJ(qd?@JvOl&_c*?C-nbrwI5TFU2_;xR
zhHlmQ4m`>7+OnRRMU31FNXO%3U+f)E$NQLiOZ>wfXK$8zv_$E<%I6J(YXJs02g~ew
z-vazZxIFgji|;CVP2028ipfDSy-Ds50SwHS2AYKXBaye#Zd?hyP0vBy<!f<mv{kCM
zV^2!2rJEvNbx%@)2SH$OC&f;;@0h&R(q8=ne&8)xhzHB3no&xVfYb4hAO1AmLNKsI
z9bTsdVP=$Y<CsdBA893h5E_s#I};s@xjP&>PbWw}_BF_kQ*pUV8A&EUDfNe!U)|Ko
zrnP3VnQg}a7-Ps4QiLCUcn;S=E%r(}XyU3q2MZA+cscPK<2};8I>#<3;V$z*AY$*;
zmRyD~*EhanVS7LW7edPvN+TCk3#@n@k5)-VI!%tRqw|kaYS^9xA_+c>a`q&weCC7y
zpy#0=#O2OAi3o3E(Rz!;k7Ipz>sQwSjhs2&5%bW=UKHgam-_}1H&Sx9vUM(TI(nAE
zP*D2neL%Ul-hw5VRGVWu(vytC$)0AC!NLOgV?_gfc!&}XdL9gABb*riTpOuyd7A4(
zcsxDIcQJ1f(H2@QjARCQBg4OQQFj7?p4ZgdSFPwg(&9Yr*{!wi53Rru*8hH*6oLx4
zI5jlu8O7!VOJmDOVfxdA6J>aS5)OPG3|3-4`<8ET0+AYITs0}cWR$FjO$k~{C!n5v
z^?p65OWdqS6Nh@YS{0`tg^fxRr=0*RFrb!qromwke*B4${~@EeKk@^Y=vye^%jdif
z`qSe$uJ4y?C-P$ph5R2H?PwH@soQPu7)M=m$ZA{{QZB&;>j=p;&U?bK18|u_nRPAN
z;VhDw(JBlNby5ca<VI4`>W-MIq*5;+)ax<^1Mq*jZ!Lpa_r^IK8|&wpPB=MO`?2@@
z{YLjp5iQz#g(ocLbgcF9YL?cB90xL%ptiv@+=sxi%<*!}kC{LqFQX6CP=^~SK@4tD
zgpG9FOX*aAiS#OW6j7>4TM8o43Ci^{gAi6Q10o^+a*BuiH~JQs!KYVZXWNstPg^@%
zu8LN)M^?jW$fiN0B;M#$l<#hW1o9hx*UA_&?uV~L35#DLA#_D^3J1i-?~c7&6I@;_
z7uWo2zm25Y+&?Xc=G|8Qni#jY(b6Cd<3ZN~60QG^r6$fY9(kMrs(Dy}QVL)oJdVA9
zBc}vL3X7a1$0YR=#r4cG7uyU*V55))xC}QvrnrUaB5b`Fw(w_ogw|%E#r*inr6$Sz
zD35`5y~V^++R0`a=(?_EN$Pf^t#Oa*L;oMspw2HV-X@E!NytmKC#^2}MRDdX{2e)4
z?nk0iin-SZHfc;hS9K|7OPT=7_XUd3Zg_AjoC*;?5na~QS4-@hRa`7bX7k){6mU*Y
z-!{8FvCqv!JLNGe6NZY}ULYe)`6Vk$!1j8fhT~~b1j1*SuV?5fFg2>iENFJD91i31
zX;tR7X|Doo<uRFw{yNS=32Ewu!4#<gf&!*y`fdqWnDJ>d;PUIE&;@(VH}U}tUxMcj
ze-X+GoA}+%^NFj~Cl|M}v<`!cN6aUlr-ZN?bbrRk^eM(~>_ESDyhK^t*b-)Ke$Zy+
zyMRQtz+fdU{WLaN=VJ_eEroH>TuMr^o;Mcn43Vev*J~UuAx=ZFa&+Lov?U*l=!8c|
zx&RzFcwG;Pu|DE}kBysXxHqk2ur~&K)xEVY&1n|Ysuve=9Ba>I-mQHFSRS3PNmWzn
zjD7Y@;F3KpDksFm?3t}yDtQ&aI58{D_sji+VX1tme`WBl)6{(2vP94_mc7c8#*=@#
zg7qsx`12*P^Apx^`Sd}ZPUZA7X~#YLQ5@i7gB*qb5K7cD0}*&}b?dbX4Hc2)kWH)Y
ztpF2=-noe+prB+f<DOc<T3&&<A#hdrBR{vw?~v`klbWe-$>3Mg0FyJnB`Z(0!{-lk
zHh2YmLD81dPEOq#Q!&eKJRn6oOyBaqn0;s=QXv*r+yHrK!BQJoSOhT9q3@O&nD(WY
zRAM?P`f;I|65L@ftJZDJN<*NX5!jYz-pQG8;p$*Lp@Veup!GiFQ<idyXk@t<tna~V
zWcd%IZE;k>^ko@Dm>c4!$V-|%9Te&AXPM|?6B3wC8MZVbP>X&cBuX$B{>1{D2e32d
zsA3I(uC*`&=GisPeC5}bpdZsNBZIYFn@r}3Aq1@p*rZQpZk>_e%<r%Ig-@~L-W%uU
zkE9)Ggyeyny?kk-S^zxO0h#EITNkX;3_Ou#z!hSUUh9M19wJy$vt-0SqALyrp-zl>
z6pMuU1AI!cUnm;tWb|b7ml*nRx)gNMO#qcv8(Pmx46&cVe}RR<7j_hj!EXtR+_yhr
zdXn5ntS7E(x`tj7Z1L209<K&maMrzJ{KH-K3XuXWZ1JnfRln%?{;@WurV2rOOMgHs
zs`e>Y1@n21UM@c6`|7zAl9|27EoVc^>WI))z{U|5%|6_bj+iZvjWd9?sJM8wDEuq>
z@tddnVp*qkYZdR-N6+ARE``D*^vPLrza`$2L?O8WQnL#r{86BcoPkGJ6JvJ8CfU%@
zxk^=66Z#&_9e71fX@U9l9a>2zi6TM^ru<vi2Eo5dWo&u`qAd)|*9CrhWNXXX++CQ|
zYjKW&H*?v+37{<M!PU6HR+L(>tsQOoO&XauZFz|2L+5huv<t{759Cq3gVRdbnb(&5
zTma^ZlxVk+#)+7LaK+-$(qOeUXt`~VD-oyT17a`k8Mwr6qQCF`rU%jMg$i~bP>!VG
z7eqc}E@GaTSo+agT2oOhd?10E?3(coCh++Wy#apn+uj@OFKh<CXRKzT5QnNp*AvHG
z6`hkIDEJ(smM3O2&R3ae!4v)FlMl}M_U{3YGj?sqWrrO`&akl_MC=~<wDo6^RNc*)
z<U_E1+91c!%pk#th|W!HZ_t03>MZcG6K3F@6yiP4pnj{2J{tL2QD6o9kt*?%FD-yO
zuA2I)teCw?E=2zY`ETqw%iI7=k-pgawod)Dq}KZ$;JQ9X1%=pN-*Dhp^idv?5#L%P
z==EC(De&e!V_kze7ZcS2f=-!r0jEOKwWQUzm2r<n+aE`thU8DE<?Vm24c+?>z8wqI
z@uojNdM!8>sBvWP0*E?80Cx||&&Aq-Wpm;Uk;Qt|swrlVXqQr*xG%tmRBxs2e`HjR
zrGS~D)`SJI1+ay{{OM5&7$quM@~3bVv=}(;XNyl#(WT2(O8v0c{>iFyv^QD=3Ennq
zEZE)Tq<<m6+W-Ai_}5RQhIW~kSU#6dM;Tu_UXN&M0NiH8sMS|hlb17}3<Lx22WRd&
z36RUt0B=qH>B(i7{eV{EsIyjIS<LA+y$@<ZT9{Ve*7y5C5-CtmOC3v{%*nxPA16D<
z^-2GTxF>8VbZDTMhL8=PVIRw7CM8AK;S(4`Qx5c&+WI~yMUzVprOo?^IT_~vQ5PW1
z_AcMmcOb4$ie)w&M`-pSZ@F8p-{6x7Z7V@8l2b@2UZu5KSy@`Dy|j>_{WRBxY`LnS
zH;&qp{=5WRId&8ZB|dIW{HO6$OmT4NVPka&MAc9F+Hmq)(@CZkKjZUN1w1g(K7vS?
z*7cYZ|2rZ&X&jl^zL$WANg?|2s~`rf!|UCgKC#skyl=UYVm*W{lb7h7hDEML;)@k*
z!H1u`u8i9=Gm}mhjRaTsTL5MXLGL(8b8`^u9+uAgaR=BdsX=f2?U?U;TsBRywvKPN
zidE@RI*<o1i?~z}za2wjAK4dioQT~2x~hO^;_z83d0LZ45FkS<GQvz&ve6+60eU~v
zto|!<>X9WJ-S1zmKl+HC&fI}2AKdR2cpW22^gIA@HB3cSqL}Vtjz4?vI{fhjgQ$fh
zvK_;e@?D_zjla>s`mLZNg+QS~|LJ)74Ft3AM^?tm^6*eI{rawv*&Wg!T5LzCb72`>
z>j%Jia9uckQsVhed6n>k-a^{2v%IJF3Nzp6j&*eHZ^kh?f_}%?f$9+iv?3`+^1Mmb
zYjD1Qx=)mjaO0Mf9>a3q1aspoP~mfDx?JNkW+%Cuu)+~26XU`_06w;$GtsR4(dP&G
zFSm+H3YW1NrDvd(cvNy<2TeEu-^|n6pCm7qpPkm-qpsZe-sUn&@w^CBY~Iu$^VPmJ
zfEB54F$#_s3a(_d28F0@O~t`-$JQ~D1I)!3ma!f@iF(6{o$IVahEmWVehbZoPY^18
zEV8fzFccr7eLlsATse^zOHu+K3vT`rVDN=TaVR}lUmE3KM+caOn2W#;aOFbOe4LQ{
zq$$Vu=;`fgs3`U1Vh+Oox>2Ep9aWRXK;5zbGMn=@<MvLW7c78%$pU^j&amq1e*1RH
zL3Y#Y@@8+Zw_|btIiZ)Z|1KLP@A#}LE-9sO-d<xwmw;PGKE3V7t6W1wdNugo4cK+i
zB7y(9X8NJ%H+BF}%g8Y@d*Srn7=%v-DGlQy_WDd}7h<G72@Lm4QduaLPJdBCF*6k+
z4m=e7oBB{B!Fu7W2MhFV@sa&lBm=cNOFH!B-X!i7MMu(gK<4caGFyB&Xn(qSv>nW%
zTr@B{LE@jq4IAQ>esT)a$P#?Lo9TOY56lHV@TV=O@}w0ls|csq9395`c#x>Pja=NR
zG%O*W2K8KM=~UL4WOSrk%cEMWM!*5V1@H|wKtOF(X><$!O-E+Gr63d~su7TmP|;#4
z)oIXSsX`Q)R8=W6==W%7+|(qLv_clS;(}RZN&kYHeoj`h??IfL6brDATLM+)S|m8B
z7WF)kjJ1{nI$7_B9<)faCUAB?_;q~pC-lvQni7T2$a==&<%rd}ii+3aPDiE)Q>kvv
za|>ab3L&zH8voON%HiGA^HZ(*vi~rxg3}7|o6j9jKXXX14jSLoH%ip*sdDJyxmV^8
zoL+Ln@aSMt6K_p38Yw`WY>jk$9DOi)>;Ru`g4P$4kRRkO2ywyxiN<#zbK3r4&P{Lf
z=_*T|O~*A~CKe`ZL3jc|4ngtTlDBi&&RlA#R_`7<izJy=_alGULq@UpaMFaEp1!<E
zIhP&15-;Q#B9%VnPU_L;bo*-E$ye+8g+!MsJOvzH@X!s{--&@cj$*ih5Q{j7Sd2+b
zRz=dOEwDcJ|7ydStRN`H_6N{V&2+srXUGRRf}OQoiFfC<OuXq(XdUR{3c|Fw$&-$y
zJ0@$<ur>5-WJ2dJO$t38%GhK?qibp`@i~J!E-_uxAfpI|`+=ND{o_N#ACrHl{Mh19
zMmV_PsK(4_2I>;CROO|#B5sK&Sd=U@bh>~*sd_^SAN+o1)_*Bmn(bUZy8A(Vh!_j{
zlF|NVu&h+qw3n1bv6pnvNNl2dTQGc5iB4524oSfk!`j0={(NCB$-7aYEMz`OfGz9R
z+j-uKs}=2g4V&;k;mkP@wnvzC36}(BL@n74%K=U7i?Ec1xH9nh;wk_dVSsSo5snbL
zzTaP`1>X0M^8GRbMuZ;8&}`>m%#CSXZH&{~;9cwB;n48|gRQG7*I|s;-0`<BFDktf
z@3a2u=fjqp<#o1<@9b^<Wt4TLPuWXF%zVL!gPa!51JK=<zrj($Ebvj1vWWCSUzJ4~
zQY|A-jCdUo@2@D}Cno)K8o5VJyQY{^11sFX^RFe98L6@t-8<qB#8_sa$6)~vD**R`
zrw(s(wFCzJ7zFq$gk@|vj!S0mxzxK;=XFP`<5zp(y6d-GuD$anz0|n-Z(kppb7BaP
zJ~!BDFf?%RK0XkXhTdX(<Bxft(8l4l1HAbg>8gx+8(sPBprHQPIdv?m@4o;&ym4za
zeBt+nLO59}h-x${f5DBuoe(zn2nk9lnUa+Cd_+oL|F5B@x>+Fp!x28h^pUS6;RNma
zu@M1Xnd1i$AZwvD+fPkf+mqxSXV|xaVik{RHBZZx-i3OQR*{(iS7lTXZ7SayVQXVf
z30@=rKTtg~$N3<uZ_O-R-JO3&Mk_+8m$)r^TL=$>9zvW$^lX7s1p7Hfu$YRO^FPo?
zC{zOnY7qz;J9hgU-Z_WIlnT1_93`bVqkE`Bo{+5f%{G$?PvxW}87r{`4Q+w*74g$v
zz`8R*k%EVU<F(ss)(M?e<Lk!r_Du%PoAfvmt@G^4<IRNay^g~Zp<w0i6zjYreAS!W
z`{73dc%rWkyzKoaGO&cLSAHH17mJu|>QpQMEd_lMlvd%!^le!fziln#SgUbg*lq|)
z2=wnLvO6a^@^#VFsS;jV$WqeBLfd?H0GubdJ(hj^WE6-3MEXBf5v}nQ6u;pJ7-4#(
zScmAmuqazom9Gx5!adniP-fsUD#@sMb`l#(#kLSesFNyW%Xu!Izp|RXa5PrlKtE=P
zKetRc9QBOJ2O995F#1?IhOmYIqf-R}4cZ_AFVP?dMsiuha5YvSEyQ*J^tt2~xIekx
z*+XQoRGmP^2=sCOQ>g-(U9Q6s`h4``4yCvHH8--k(F)UrWnDIRH!@GFBG3wm5q*GG
zlfk@Fsx|(jT@E59vX1K=2R$#rbKzGR$Sj3@btbI%T=n-Zs=4mDv<_EVNR5E@Rsv{+
zlQ7R`jZR`Qz*Gs^&UIExJj&cYcP$kQK~SW!6InnQ(dq=_9go#VtOuF&8lG>=zrz?F
zvwBjOrjDP!lUC!ED3%?Xx*uAqqP(V>ee8fmm!Y~k!h<~Uga7i9*a3(#nXljH4D2!!
z*rPSinIfzU<m^Emq5FCkXQ0OC8SqU3NgU&Y9eQ4GdmU`wl-l04IzD=(-0jYZG)*aX
zn7>>Jdh4a}Bh1(>W^Yh+vJw0<l9Yjm%@Bp#Xx}6AILri?tkCQ;QSt0(<<eEj$2@h1
zhrLG0u1$M^U;I~L*@7iV`V}16yTv!sCs{thpfbUDZfIH;0?<<~LvCl9tR>doRuC)^
z1km50Wxd?5sJFK_EUA5tdAoYL6@FdtIvi^qw(6o_D3;zTB?fhK@K(&a-d$h6XM;+?
z(H*Y8jO#cg5_~J%SSq?6e~J$>;5pgaK-dhQ_Raf^!9X9S76|b}G>C#QR?1vz1}Usk
zI9+xbDN0X3)&nS$n{sUeQL@!51+z5tztyTb1Qy}L*bh05n(1aHFxIjO%b;bA{Ta*c
zKZ3EbdNK)^G0u~?Y{w2kxfM_2l%UH>Ug8RaP4FfcNZ+@P<dKhEs@l2i*WRkroMF%4
zoQR^HTK)JG3q$V~s~8B?R(xkrZk2O(l-L0kRJMsYfa+)Ql_W6sA~>91y^I+0nBzNy
ze<XJyT=Fj&eS0S1q4xaI;$kCVb=87UA!hEVAu#19%qX$yP;(1$FSO)e;D5cRG&$O1
zIAVyOe!NZ@5>1AQ>}4R*-Ksn^5q{0fh^q*ZJe}VL1X^Jo0gKJUT^I1p4Yc{%xaXi!
z#D(~bsfRb@$Znz7#@XGVdNWDm{SEy4+huR!a4U@&!K%k6t*od7T^7ZF$QJ4B*4M}(
zjNS<y{hH_H`e&Uc4XuI6wA;ui*(UK>Uyc;w7R%71sMEJEU)A<&+uzE1fAF6~DO&o{
zh@4<8b#Q!i`2L6K0I6T}Bfmw<4nuCj?6L`<$M=(82ON0-@8*@GfS1A_47upFZ17uC
z)sOs-YKKjFP${{#V1SBJnh^-5D0l9&48^R4K+{giB3AlB{$66}PV|OFyQ$JAYTiSU
z8UhdM)O|Y1w$6;5mkmA9249jVMG`S=9Kt;`z?aw48ltu{gP|wCzEbVWN9NP=<pfc5
z8;xK!Q|3miNCh5$juuC^isdYPWVyKmJQ^KzakUyvCxf#_==TdT$2Q}PWSsX>@4+@A
zDZ#Z(7xoig_I=9a^u9A}zEitB%0Ie@gRT454si-AdXF4s{f(G7*&H{GN(v20fg}KD
z(+=}m@l;EH@2e&3sN7!(=VU5P^~>0u>?>N>b^7S{{^^;_FU4?qy`7IP5ieW-<Glq6
z`b-Wwh8E$hyOly#f_FOim*?$}gq6LA#WCLHvXQM<6E|olzrr+VmdX!!B^@D_Ty}Z3
zmSr?Zuf7irE-B`R=@k3YfZX%;J97Cb5AU|}rF24*H}gn)za5+VR%kh`10Ke<cY&D`
z`EskSpW|&)AF|R;VH`nv+sQeM&{{gEG^Ai!brNBfkHQ`QP`wcz9@vNJNn+gT$%dP4
z?y~P{1=;r6s-eM(+IF!fPC}nj$?c@K>qAE^r~_i;|Iyk2;5tJ=4(xQw8q8te7JXM!
z4a&RD>$AqhAycE}m}b1$#foC_a2mEfCtI4`Fq%#l#3R^jFvIyC2l7>bgnZD0d`112
zJ!~D+#AC}jQ(3YA5`~jBAM}V>+{-^%p+-<|uo)a#CXJtKZ8;oTrrLKXlM)_I`&e~5
zN}F*oJivlMvgsaEB~7^N-=QDfMDJs3N8JkPcborY1bgvVV$)H2MnSv0a_MWu$*;aK
z#WMwhl(~#g_p<1fogxeW6gv8uL=Wf5B#AKjM7l8|E>K4F{@EqV{+9MC2{~)6?S~45
z;UL(#PE-Gxv+C-T<GOQ=Y8(W``FCwVnn}f*?{;+utIiBT5n-HmRMMkg%9^Z!J9;bC
zH&#1Su73cO(sg1ASC>Z9^R<>dq*N0ocY`TK7Ke(yAYPS}-k((#^Vvk6lDQT3FMS!a
z8gR{gs7V9T7X>=`{PS0t@98d{MirA2YM9p!E8K(Wip)H-sQ|@qh3Euqf>tnJdgop<
zk#1uORBx49qFQ@%hvpJFQ{)}D3yXR?<{B_&;d}Giew{XVEw`swce;$>A$z<Ml2D1-
zIJ}TfeB(PS+w=1}6lDw}J9kOIkNL{{PMtYhrq~WV7-X|xq+Ie<uY|lm&E}eTqWTqy
z90!NC|19Pd7(H?6Ac1LR0a0w9gyxe?yzC>mfjBf{JT+4IWVBd50$q-9bt&zSp03eH
za8q&Ne=GKhf|R4??qsGIVb|p^zJ2b1M^j(*(gDMzYpBRb!^;H`{I=oy#I?j;XI3@P
z#IP#ER>6ajsf^X9C<b@<p!?^q&pJtQiHYmu0Kq5rRtsyViywMFO<G^ip5tE7&z)0F
zjNPLj&G|+hr^}**g`9mhl}_ZlW{}O?F@Vd5@v=Wa#YI(c5am$WRhet9#ONiZ!BbFk
zvnjRE9=@9iYd;=2e1q75!a;=m%gSGqvvUq3CKZ9KY!ANtni3{x3`0)W_8ou_fRt$p
zX&tY_qS4;HUFIpK=)6uVK{$BZN7v&?zpY(Tg@05uh%sFZf5sJECMAqrL?<mcYuhqo
zR(6Ah?lt~eDX2&^@4LGKzseXFRC!$3cO34pkg+ZNK4APc=KNDziPh8*-}Dsq_Ltst
zVSPu;R;$Lx0Jb(bU}`B{hz|gZE1{7sEQCop3Jb0!HX`39C1)R@&2?o%%WwPHLmj%M
zZ!%88oC5b3Soo|YDl;EqN`S!HMZusUcpL6K&PwdxXhaqjV|UPYgDndsDEF!5MSdOf
zQ)+Tg8_v%P7-gs87Au*kXl!Gz_mgbFU~_s?N@o|euXzR(@cf#TF7jX6kqP;U>VKkU
zUBuPsG(x_zDJGuatBz<J1+7#<K=%Y*8=l|&W0Nk5JD|&&&iSzsV@tLP$U0H6Gyz=)
zmT-AxG=7y(CJg2nD$13vw0cU#vXtxzG~`HPqi$`Xp89xTd1Zf7P8kw(M~-&Xme77T
zfI3{awh;14qhoPr*ipWF-%Zu)-mgovSWF&Q9tz=OdG+U@40oqVA`!FJnT{j6<TK%!
zD#j#?9QCW^B7uVXRm(ml>&~Ai%x{xc=hsGT*%#Y^8tNltKMr`bkL7H7Tgnlh$&<B*
z)JBLiDq-CfZl}yYY)hOyFD2*}L2G1k0G#%;fF3R}9FMQB$q`^MhvBQHg)>86Vbmit
zU}7%`X}||3rACo(;nsu0wh$n1po#f!X~lHd0IaN#%TMih97I}7ZgI0W*<7wcxwH1c
zN3cIV=yJj>^R*_zB8y^WlMK2uIrZtwfvvFwpa?P_hpNBN*gaU)n*sK2ajI4$5Qu>F
zTt&D))lVWJ{cOi*Sy&KI>0atfngk{sla^3puxJ$s^&;F&HRV798n8WZJr#p&jK8M9
z>Vw4>a)C+zHU&hoyfZY8_UI$yM4C#M42<%L{wvKrxd3M?)1Iu4%VA|2w38XK4!Od~
zgTXrBrrn5=_p@VKvO(uh#hYBNR(Is+DvYPJpOvjtrW3uzl$?r-*W<;Mf8>xmp*RPy
z{OJZUhY-s{!xn?ui6M~F;5Q^j5KDjSA3O80TzVr1IWP6!nRYyVwDz+!<r3il8g|Kt
zWfikuL##ew1pQ8%Rkpt9?6D7c)j=9C_n_~4{#sPFu<~OmAv6MSxyA9_&T=<gw`2T%
zChg3m^Em>6Y!dqARA)^N-chEwa<QMNl$B%U2rmWsbzCDuZPdZ{cvE*5@<h6;Et<P7
z?$3^o<U{{y+dO0D*9PO{Lk*g;7kaW>)qMYn{B^fRQcQGVwSp2NO2A%19|9EFUt%+T
zg2hQ$g$V~1o<?pY%e{|Fxsp569@8qKzSn*xf+nkZz=pEtGNo-t&WKpYTAK3!z9IBl
z+o^`Db*iMnVf##QWS`nO_qw(Cc++fqt1&$Cb-ofp_kLfLuA`Ktm~!<ft`Gf}>WjCt
z)WV$$Bpn;JSvA@pO1ldx8Ad3iWc!{Pew?qZmh|QWhX1!Xaw3>RS@%IHPBXpfd0Q%w
zdpKyiGaEVBc8WU7Nkx-<v^5Q3?=_ctZ;;<UdwJ0NAlO_?xlzPFtflX^=9q{if^nUM
zaNPa<us0`RxU0U!Tab6IL1VQ{-gJD2^!IWyxBM1c@|RJ4dlu25{`^AWgnU18ivnhV
zIaYBbn!vDn3Q<^c0Uw7({*b;s>R-?WW=4lCMGT1nIW==%hFWx$qrl@!`?;RGuf&r~
zve?N+j?L)Pxv5oNkW0hftoFMrcQ5Zt4V{dNH<!R@iudt4(f88$mF}=tD*jtnjSEAL
z6t)`$&w1MxJWgL->f_2W0O5JlciOARaTU?4j^J~=l(*N2aJvPy=2KJX{Z(VqsWHCM
zX5gXj=5d}%Ojb6tc+}sUOTIWD$?_t_((Du0=bcyig{rYAna6nsp|H@X;Gv*Ga>#+{
z#mMcYgU>|%3sd$HZuDiAR@75q5n6q`8&5C_-Qlt6c@^M)zxUH*Z}b}N2$je6iPaY^
zb(_Z*uV&Hd`qj;kxd43CCvsL6z|#KaMh`7yOT>e$!+f;)DlTu<;{IiC7Bnt$ac+f@
ze!QIQ&ze0YGEUH_K0d4Hw;@nB@=y!XP)kz!ZNKkY>T`TFnA67cgv?0)35Xq*ZU9N$
zht25U3IdrtF|`{x3|X=tjy|5>EW4t5^9W<HMzB&=)>78-oOB_9cIUg{^Q)fW%cX&s
zGIsc)&Rlvl;JU9-5F=ahnKpSDw{=yJ&#~x|)>%=Gf3TPb(dn8pr9#!0LC#U8>NN7o
z*d1kX?_<S_An=rmb3*1BNC~t!fPCuNT8e)>m>g(7b&5Kt{wG#{)L{f+a%hBD>d6pA
zynb>zjr4pH6B0R@e(scOxNyn8DvrKN7G?NEJeVA7U(3yeWSE+YtnE<eLQ2x=ChRV&
zl^<d6(>0nj8j$9>g||9a&u1e;!agkR;vvOZ;oKR>j?5k00D9b3PPLu|wCGNaywFd=
zmZ#=1YaZR#&H@RE<um{z%)-F6vT(AjX@<DELbh3<2XAM$g{AHc@6q%_3E-{}B~}yY
zWbaY^Cl=9zLEmqxh`u}JWHMH<m$9gXg(5NXaE`2Izz_bbd^jghMlD4gNB|LC3yyXS
z=$-2{tg_05q~Goo&EwA#g21p$CBRx$aAOJs)o<25|5y_g)M02#qe`~g(M9zV16GJy
zlOwcy$7Y6u`e!Xuk5pfm#ow(TVG|RYGKTuAl)y=eX9)ESW{60psZ%PA^{};Bvc_Kn
zQZlI844uhzQNyn3dC6)3nHFZ`%MK?9-&2>}re50?wHPo@CM>tsPUF<04xt;5v8i{X
zolm5I&j7rhS!qnbCg=6ykaChw&W~e|{waPg;}xO+myE2wi^#^R;e<&>H|JC2_yy&M
ztCNJ7D?gIRxkAP_jOxSv=hTgvior_})SrMuU=4^+i?Lqp{mQi8JU8{c*uI|%thcyD
z=3G)Pk4RMLj^D<+PivO}jH6^c;=G_lI;YZ}zv*V(ERR+C80;b7`2EiP%Q6hQfcd4f
zI7qKrbZuXi6{)8he0S7GnqGG?SMpf$jah6GeKQ>9zhgkh`&>2`z&!hI2M-Y4_7!l<
zYH!gP@iyzSZKT=#%vbovdEn)`AbN+8A9<nJm~<Hc&cg7N6O;<yP|<&HQ1L$JT;*=3
z3m|!r!u+N>#*&q(3j0~7TwPo5c1(5coQvH><7WAKZPpTOz2qq8UCgty#l$7fR5!_^
zv?uH<Z|q*`6Q~m;#d(`;R0QBDc1n&hur#Ixtn#I^=sJ$FFs;IM^5mw{66y04cB&EY
z9KaEzT=&Ds@Ywk;cCF1$6zb1T5<CTTBR=zadx_PIIe<}3?9;(`js@9u&N5nQX=xmW
zxwL>zQVK*iv;z7HKjN{Ula4i=Q89>8Be^#8+Fz&O>Npj?ys_J@Ld604!1;}6{h*J#
z;dX7Ut~{EUG16<I^G-GU{p!lb6ur7NS06-G5JW?YIxLOvc@?prU4R91T@Txivkz*i
zIlKAG*B#Su&2g5sW6Ba~U(+7!Xq2E(yl$;lm5QqnIFN*Gf2Buc6D`ajQ$t1j3SFRe
z3MV4$gz9QT)e~~;BR~MaQnAO9eVISig~ygw8ls7@t2+iLXcm_Wd?JA_V@Il6Tm(3V
zTaOD7=UYtKhp8twxIw`c;vR73QxYDy;ljWcwnd*))n7jgBFVv%Vz~;DBO7qR$_j<0
zB{zAziYfc+9BBuB$!EprY~#|2^*K_{-=kio{FVbhSu&9*V^;=v+%OI4uHiFr$+t2D
zVVO{JkVhasaGMGb0Tt$-VT}YM)aZ*klB5hICetD>qAUsC4d;YG8}}k+@hLA7ThXll
zm5XU=lZn$~Vc3j#83L`{_ifuCQTSIA?)bBbfls;*ehGE7%Jpu3m4p+T$|=996V|O?
z{@WRK#cD$I(VGWA5Z79Qxp;T-?j!v*-!L~+G^o%P8c`tycr$BKB4~xg7&o}j;;tB*
zDF{THaT}JfG90NNJ&EHk8#hNVm~yEtiIjTfGzRbjl3|&!#v1b<VsxX+eBhH7P|b*d
z5NP+cS$$ZB5;&a8$`c2TCCnj6CSs<|Jf`Ek2VC#dqfSCVguj41s&s=aDHX4SqyaHY
z+A09C-BF%O-HUt8ttE*j=A5*LSKY>8(zCDZojx?{tZjHYG+i9O%sc2KcxTQilSv{y
z{)m*bL<=Q6N-aLezA>m_B5+FSQ6^)dc4;eBbB4)BV8&FNs+$WxVGa;EM}Q22kuxwX
z59ID*0XL6XT^pmy#r4~`%J5BI$3mi=p!2FliEb8M`;O3jtiO2z+dva|qE*W_`<Q{e
zrU~d+ndEL0a5OqErgoAe`%!Q6GqFK#-LSq4W9f8rwzcn$7sfgr+1%81aA0>erZNzE
zYCy?>lW#~+mpyM26^vD?Ol>qax|&$Ol-uqTD=Hfx_A0bipTZ1D4F-qs6Y;-hSvm9$
zs`RcyeeVO`Y`49@Ny-Op{=n`1s4)}31;q&WgScx^^7x2wM8e(7*1{u&;L~%y6@O;b
z*4cEB44~yBm*;5K(~Lw@@8`G)MMe;AanH8IFB?Bu{z3g0km*R^2*Cpnp|=BwAG{CI
zAKkMh;YcKD^-v_q*HJ#{Owq%Jw{7DrrNawtP5l`stLrb(vJTxg)e?M@(+z$U29|f^
zR8!>*Ran3Dh0c=#Kx0AY+h1yVm@z!m<O1eMyOcD{)v_dS(S+8o3ll-xX0+z~Ghb{v
zYqLW~j&>o5;eA}m1r%}20B4a-W8lQ(+?L~RAbsRasVvCE+2qJ{gbyZi7}{dy^rXrI
z6chy;BvI-)q-8#QAhEGnHb(#VL_*0Tw++rVazb+pLZP0Q+@haJf$~B~&E5KIOz_}4
zK4M8Zp)8@>hsD`Y9D*N*ngARYEzg@OzUiaU(rV7ib-5DV0M{tt;^m2o4YRp>ai_}!
z!JOLQHT?pv?6RJlSIfNU5U~t36L?}RpGgXDu|yhwIu{GvN%z@w706&+U3Q~Vp^XvH
zYI3+0Qua%$6pEKn7{M*Ra*fbsFl9(dJ?;7ku@MGsgZaG@(zL?R73O5u?1B<Qsbs3-
z!qJuRU4Ftsz<QS3zLqkSc9in{yXh+X=4|azm??Hk0;rC8Zs(#Ams~Ux3|zGS>fS}i
z`&oW?{U}S6p~t~{rC_1^FPAh{$C~0wts)a=Q2Pw{uOT+hn?Iek1AkLnJm^*iaFSW8
zP1pJRq%b(d%;V$9jq1q-ZZ*;aQ~U~j;z7|ev1|bUA4{#D7e(<!0J@*(@b%0l`UWjb
zu`T+!+&aGu@qx3;Vg`F6nLv?z-}g32ZLINRw|*M>D<eyK>c|xBh&9Smd8)PJ6wA8r
z*x+Qfe7pF)`u-DFlDXsi8G{uO#%a5tAfNN+j`k|+l?#?&ZnZDSFFb1c*d{WV9lQVy
zSR@O6%gPc%7#nF!e^Y79g;WD))Im%=3Qz+lbu?Nw2m^~mG^_x7-~kqkL=ZhPPk0Sj
z%MW3RpX+<d$5i^`%WiD@)eL<H0)*4SB?j{w`D@h2OB`x!T9`Zsdg>-{=KOZ0spoHI
zAe=kSkSvp;!osfH-WxV`<{t7s9!3#H*$?D!c^{Oier?h_e0>>Z%OlIH#akuNg9ri+
zV^UTG7!@EgW=y<kBP{!$HX{W3v0p!LhG}N+;}Cq9F~8}U8<n`#hwR{GBwRo%GeXJ7
z4{u}Duk^uxu^4eyiGK<z<MW$3-=8uQaAD+LA~-&BfR8xn3>Uv)V9&M9LG}7Bj^O{1
z(Vv*K#1D@8+9(#1f+`(8ku{YvAqL{vE8H4z_ai_YqTvtIpIy^L9IS_m_kr;b?n@TC
zY#pCN56#O2)%4Aq_ntuBD{zH9K3sBfZ&|$sXDE2gbxR4ZHpwxRp3kYv!qF7FfV8)6
z>aM>Gzd>#AuQw?MEq<)fb=gPiCIK@2(lOTAWYf1GfgXZH_K4S7I4P~ipU1hX0Apd<
zPe0kPSd}0JE;7$QH;XF%8+gucX<UHj@b-Z*cunY`h>v{*sMvP;tlBci-jDQvDA<-m
z<$E3r&?UKycpkMH)U6)bh_6bBY<am~3!b%CNu1B@cY<~_g7_^yZbAaq2~Z%QfunAw
z@fk#T9Sr6PhImM`<tLygo3x~OM>gY`!a%B))R(p!B`Mb!_XeT~#4r2bnDc8+MQE}U
zlQ<aCeH<Mh*2K$?iC`d>>H&-og?Ifx|2F+?Kc&RQa(CN%v;Fh;EP?bnGm%Hjw~9m5
zA?5TA*hj8a(#&NceYfwQCxxuD=OvnX@nL==bKJBE(B<0!iFAYdQL&Fbd_+y8Cpqc6
zc+8PVR=+W3APIw8h8pIL_E%qU;eUzg$5PR^YyjOy6!;tbI<lO#67`d3@U|qkOU=ZO
zgmiDvN&5ZBgv#Bk7l>8s2IW&($0hDfQN>s%`5&5&I8l)+ED<Rl<gwMv`_(;9pQh^o
zr92}V;Hz72HDnQIZSEe4fM~$|`MU(Zn85>)&_FfF_k*!&69kv<DEQMrYGMn7B)MUL
z$%!KVPI9ZFJ0JjyCP>U4sZLHOBaMb-O7gj&j2XlgcxyL`-~WT4)pa<F7|iQulJ7uF
z8zYcoWU_o!r$>!+;*jXV(?JF}Kx9Br&duNOWXOW-pIS_x+)nd%=+z2VC-R5HrQ?B6
zHeL8GE|yce?1KY=#IziRslc#oi#>Lr5Ag=inrduu7)LF&%O-fi)?@w!RY^QPFosAR
z_hz)I3-I6kb*nr~bYi{)LApo!$0#=YCq<fs`1@*VAc+IU@9jF@w`yi2FXh)JQ_`o{
z_;+oc)##EL(OCIvTel?K2daoWBnoLG>LYL(A*3eCSP!5dYr9GZ4Jaqscn$A~6{waC
z@>GEfkX9slGr^X0i22~~pusxD90bj5J{!?MA^S4g#O&j5I*J1Wjzb;~rKK6milnS&
zM@~W?>Iv8?Ywstm$YTeyjC#O=LYd{nVrViC&`L84rvV3|9~9_}R7U!kh*RNqbztG&
z%FDui(`~1*z8-DI6%)EdkOn#p-%#ED==jXroFA@zPK+;!e~@CEb5~uXC3hx&>MN=p
zm0CB<FuRtGD;Ig|C6At|mP;BsOcGy(7F)|h1}ISQ>ffOzhi3i}ungYt|CnM*iCj3V
z`;E>L8UCg`qFb{XyIxk4@Rzmw!9mGk4cks>YOcP*#51!C!R_+TMO+(oq+caG-z1Nf
z92%}rmW_9X*|Z+D*~*V@ckq>F5p!V8zN>MNY2h;q{w((UI;xIDuS!t-k6H)RaW-AW
zm%@J)n=|muylfi~X(wt)nG?B)Rnr3*S&J_AH`Kvh^cHXso>L%D=5jVa4uy9gEIqEw
zcit=hT&R9iN%(6ONwEK+4EjasfJ}9roET9vnfF9MYsQDy0s4=ZS#<UMg2dWm6iViO
ztQxyVM~x#lWksB|qn`oE1CV2)j^y&dfH|D!vD9+^{$Is^!m5S-&tH&DhG*46@SPJz
z2Aun^Avp=swk*j&@=4aXy(DvyIDDHwt~3MN2ya8$FoXXbl!5WaNYotXwDCKAIWdLT
z!qyyW0U<edRXz6lkq@T^s+d{&b^OZd%YrhtcS-{4jbalZ+UY--j;Yi#He+f5VLC2K
z0DEgU(R>fT@^e^#54MxUAgCYj2nFzTv64{)wGbg!e|5gL=d+3(4?4S`byw52?d@@P
zmZh7nVs^Z6M6@VX+#tAmVBXBIrcO{n_=*|F2CLJcn*`D7sCys)FQB;wLtjkj3_1@e
z@!>7~XPAb2{f;29RGEYn+rz^!qg+KqvQ*UgKa!`MYmnc@)tWkKDFGnKk>N|B|Axr8
zL5w;0YUiQni8a0P0)AU!7H_w*_lyp<#{&lMW_Ld~+m2dOt5s$HfSPkvH)QDM)LSyD
zN9x(eXXs5G#Kq^VXF!Ifgyy}j$>+JjY>zYzu^8P9Lbd(rZJ#5~gtw56fS(FJbqv*O
zv7g}{mI>y;|1h}TXZ`jruwzJ^a*anmq#4W-74Fs|lVR8qRT5-97>j%BghUX(51RV?
z|AmrcnsRJ?9q*(Eyb#|<cj15^6dmF{8y&h`fW4d~TE06uC(2(7Nt6`%OB_X&!)^>!
zA{DwnHLfO}Aa!2LA4Kcb@(9m&@1?BbO!ph41vrZw1T%O}ogj4TMKN!tM;?weZd@6o
zbl^c7xFqCN>6{uF!w_B<%Dh$>Fb<~kkPQ`($}I+oz%7HIu|QB-Kg@^t@`C&m0RX@Y
z!$6?0K$wL<x|mD1hp=h19(~hsf_X?RFe%6*l~D^XY0+8g#q~i!{)PZIuoN&KP(Mco
zX<|tPdS7~KnI>}I>|NLz2tQ8Y0R`5MXSVZ-%A+(FLhmFGiCZZVKF7HCQk$FYb(PnU
zxfi0;h0o?~6!(bCRlH#UXe4uBAlhrFcJ&SDheyFuXb{0*|BR|zVc4)FA00aY8`7LE
zZpIfu3O9DdKu`F8x2@ykI*;#%ua4}N84c^}8V$qmm~E59`PBwr%zHvk1Zm~6me)3S
z6tlvKjJ!OgVC|A9PmuXK=|Ar`%kV?WM`hKQ=bI3aE}Q|S0YBjBM|FIdT}JN%Jk?_5
z87xH1>51xajbJb1$O}nP*$su_B7q+4`)@#TD3VWU1<5JK;>HZ|<;LXpEK!MJZdSpb
zbXt_EOfM~(JqpW7=gz7(Vky)9)<od~TV2X~0`;ex>J43A{Y~p>!CL2VnN)O>`tAX2
z++>j&6b60{Xv*V8STY<S7mHnBt^YMvCJ%f7y#lewL*XaD+;+ARq0A^oG1&;4eOPBp
zlN{k}5z_I4bF5we2`;>;j|T((N-Qr_^FoH<KTy5brfw8wYr)Q0)RcQoE(8tPu2ydE
zF;afgBH!<?msYm}(5mAqE^$^XTK}bi(e}-FLwMAeL)^1|5t6fhB)tP&dW0ig>aN-L
zMX9$!8I`7%^qujz!i2y%#?z;bLr7~IQ#a8^w<0(hFKEJ!g`$?m^VrX(jkX8!mA>FW
z{x9<inxuS2N*(T4NZsUBQ&m5dRwXY?S@V>K1<1Gx?Y!4E-?;sh?&`=1`0_Uf?A>L=
zT9NoM@DFxKQjd1P^Heg{Flomi)}4b%BJvJbx%W#kNHp}?&t?o3_}{NPeLgvhJklu~
z8~5O`RcP^Ye((QLCcb{#sr>R&<I>?CP#P!pjt%Y1SK66UU1k)(O^vE~&_DstMI;Gv
zc7pdY`?ff#IT?8E$iMO%y*pk9-fqa!j#Nm*AVeS3t$`dho4~Z@lMlp0LqgNes%}Es
z+ppS|uceV|pm&8vo3mtkK{u+hCbt5X$dC;!Rda9Ua9TG#7de)#f}z_b3Pe7S48<$4
zACQvQ37r0!p6kzwO_P2t0We2cvmD#>5mFSZ05Nl{!2EJ_d3DT$YjE1!(FqXXS6qLo
z<m(&F5f*9RbkXbO&19(Ibq!a?{hgAkUSkC6(hDT=1Huj>{B77%(fcr%dq=O)#t#r!
z;&X%zcZ9_cx-)>)P(eqkDiM;?LVSC{C{Bk<_~N?B3?A^``G6VGXW$<Ik&FNsCoBnJ
zJjj~#Ar(FTzL8X8J`CdoWju10B8ni>Ypf%LzbfI`RT}tt){Q3-8EDqFQMl>nt?i^*
zb4`%NK^ahvUi;4rPJ6g?UvnUZd!Y>7G+W8c|HLM1dw4%AZIpTx;YoGxFKP{*@@%Lq
z0f~v^GBW^Gj-04ZDC8DUHk|MbFnIqt{3C`ie9e5t1n1-F(SSh?R?16(J{}ebC%65E
z`Bj<Av-)kwQPO@3ziDS1N5{&qi3w(hJNSd@$qb}_x@Y?t_=iYP01m-klAUrtEX{6u
z+T_rLWQ(+D>~ye%g>r%clxHIViNO))Z=?7BW9llys(hX{-Q6YK-AD+MiZn<`mxMG5
zk`LY8-Q6MG-3`)R(%tnQ@%QTg)44nzuGyWPz2~0T-K%I6MD(urPwE!hZWL)0D>*))
zQm@<^^=;nMo<9xkGBmoeLW}^Qyc~4hr$$j(+k^<fjl$|!AyqcU=Dex3{1uCG48GCn
zEek|>qYrgwkDg<A<D}sqCD<d%;CwQvM9b*!cq=BnQbQMmdiDdLq|=DW4s_8O3%{lF
zT5e$C#Q!@Qp8IHOMD!2+(+9Oh=f2)f33ECh(uKiGhgzB>4^RgKwPPRCv`<fmXXi_J
z3$Saw%y!a?-bv#rwLJxWxPCnOazxlg)clT%lKa&}5u@``$R16K@6#6@`!vMD!`tr!
z+$}u(VZh}vp@Wl8co66kw?=ITWF~AH7QdFLRspS^QXR>U_d5*uCeM`fGs}LTyxufC
zZD~)p;Ct@pDle(j^DixbNHfq$nQqNK(&&;u$EfS_<A^dAg2z{XAT##TQ1&Z|guI!z
zSa@|8YG3UrXUH&nDs~ZOeS0iI&8y|}?)m0)gdaG%7urKyC_p;0*y6mY&bipuIavw&
z*0Y6z;EN;A>Vi*;_vvl>7zBbZ9Ie_Z=`ek}q~;xbMw4_v$9GAhDR4~Bfh2SKZ&&xA
z439TcI%)pzOxTxmN&#qSQEwqTnU43fJCu5qASjcg1tXnn!6NsD(4^AXq-;PB9r)Dg
z4|D1MEw4!`ZY>!C3y_X-NPVqb22AYgtHqDk`yMwhJ#l8Q4)zE)KO2K|*?Q1gKxvov
z1*Y(*t=P$YbLAJwmtGy;`SdB*E9H7=n8j~NXl{7<BO8-)?Mu*?B;GpC$3`xfqI>(N
zvL9)ht4$kKD-xI1TqX=w(&YBS9;pT&N(kW#ofmKgOz-mgfU!8kyHm9uhU>!5fle@A
z*_0neZhN2RtnX@C7wI1%JGo7Ha|<I3i1)IePbQbzLUWHNfOeqvC*#40yLOs=tdCBQ
zJ4!}~`fP{0_7@nKA0Ikd5$PlcNvSzk3vEAqjOs(JB+XQ(Z{uP@ghcqus;W++!I3LU
zn?eEg8~ZKP3i+VQ6RCE2+BRjJnzSwfV}J%Fb780Mn5Nd8-9r_5DoJI9NO{dgl?S!q
zt*u|?*Jqw5*Em_j*yAm^HwCsOkfzI?iTXUFiPVdFN-rc`787Uo>sYWUgon&vuphiJ
zc1DKh$MwLdXc}pYb`+DQOwQr-{zPbQ0Qzr0VCpHWrxbV+=(=|FO>awSj5exwo&WK|
zcM<{zu_Q1Mx-Og6?!#M_&sy=gjTMmCVdTc#(#@vT+VyXO(nvmCe&5+(0#|7+rO;`_
z<1ZTSo=V|`{*8I6xTqO2%*32gL1on>a!J_=*i($;3it(D(a9JRssLSqI0hwIi3vvB
zXIv#jyMHRu5-^h8%`^+h52~OYwPC|RbU2kNP`WUCOGp9hmhacgGjpuHSM!uLclubn
zVZ`#oC5<;#@LLfx?%T`!74r|%cSFC5?r-OeRo+Ql*;w5TyZu7>dRY%mm%}3Zp#b!O
zlO0X|o(^EhVm;fB_crZ=3xT3h$A(v4ea-k7ANLhnpak@*zuMUrOe4?vs=zBYwWAij
zb3+v1b5FE?$?(avk_HAxTC@!2;ugZ?>*LcBVRQX{)8r%SMI!B5NwV8<c?awigg>a^
zKILG<?{_;$VpSBA3vKmD2G*LWdN@$}UHKiQhO)>d>3X)bkDSPKS@9<4h$o(Pr4Pu(
z{eJ>bHuWsys{)<aR6pXULuPySWqmxGGkp<kR(5-~^a$K&9+zGef@>V<L&!<&(1vLR
z-rE|jnMZ+#p<a{A_kF!bF0`QfWIpfxY=@sBBFP7IK~Dck&h7TVXrN*1ZFID^c)}5b
z;(iOcGSo+wEF3|s|M5NpeiP!z-U=iJ3aJ|g#j@+AmUE|5sSMM8a@A*!jXX7GfM2f&
zQ-~I>iRtEBqun(r&rfE6`L*$71@H6W&S)#BkD*j-X1KS91=oF$$(xp&V4nf><^jS>
z+$I6kvSv<o_$zv&BdaS1Vlzq7WiOcah<2Eje!`@b`~W%NO5&uefv51#IbYCGe89cL
zk_dUK6!Do|J5Hof(%IO=qrX%~R^#gJSUvtZJFJH5u$%-z`!4vE*2gf<v|25z7*U>Q
zRg*qRBDp=p%}&R`d8W7i@`$K`KnfmAS3W;7!V7t1t{F?867f<Dh6yQBY~g-K*{{F5
z&WiM2<t#B<8QVJ}%@zleleT&+{V$VS>{cR(W;VkKZn!a;h5+3GVcFZ&vC7<I>1%uX
zE#P$DBEey~&H&Sz&lctq@7VIz#dzE8ySW^<^*{l_IdRQB5NXlqxnWRmTa7eRwE?LB
zW(bQY7>NAyF4_V1{YzSnS4a&^(G2`O9YpwDKfQleVr1pVR|snH5y8{&1)@Umiiw7j
z@LRBmZ~twb^G+<%oS+*KPNAk^QZoCSiH8$KBCKZo)q__CVqx;=Ig?p8rRbR(x7M>j
zZK1byRby&*Cx0cK82A%3N#yk65$G&mHppC(79gk<p#+=cHJ^1_<Bl#KNuM5egx(-m
zr|IalsDIt36mpQ!y=ilPlq9BqdTrYB?U_<XZtm#9xQzGcDsRcL(e<0jwe6n0S=VW`
zfVsonj}<GS>idSdz>VkTJ3w2GO!E=gf0l&V3^Dtrn$qOE5~6?{_pJJWkwt0bk=Cyo
zR)^&si%zAESMvUC6{)`{fg$)s#b}4>zr+&}*A~Mrxh?9j!h0;ncVvDn!wM`pwBt$O
z+q9c+W3sU9Rb5;}KN?9S1WYk46>)EEOR!#_r&l5USPccg?S0h`3H%N>cODFc&tQ<*
zcaZHuuZ@qVPX}+Shd4`+t^&9o<VIzv`b;p>iX`aSPF0m#of6nSVWizL$aXS*;4rzI
zfPnuunvd*0P`jC>eJ1pd>LKqBPI3x1b7)DOIHvZ|7L}0sH31)!&_nfF*$X$`b66X`
z(8;7upyf;YS3QqSk}pfO;N}TmT?f<~+6&b^b*LBn1%DUl?MAq9Dy_zX%h=)ORBwe7
zWA()Kaj3jizKOGcpbKzWs|xqSTJ#lWG9>xSVb1M2sqQnA!d=y{x)x^F5Sv4MgquT_
zk(zbkFXcKzpX8l)EUjW3Op?m>Isq>yIo{OyW2FX%#U;1ucdOqgp3l-Yy++g;N6a7h
z$+R?pei<HTA=@4B_TS~a>3dO=sB75a&Brgp<wNRJHu2qLl4@9VH$vn?VVi>;1EZO=
z(wOMr%3sJ4QQ`jjyJn#+@T{a0cQve`dpwA`0|RIrm}@~4h&><-+d-SGgw_I%5}Y#F
zsig>4o&7-lHS%eb>N5w6+a4ipnxTFEsL4!ppC`CJsJUn%1@cdl7tna!*4F_p0SDWM
zKd6RQ_8uESB7ZMUu{6?K?Az81xRk0g{8yO(Mk3O`in+dyh77js0M}Pw1+unCd*3j>
z1+)kRAU<2DUZL`zq$D~aTGg&Z+%c|@H)=UVY4N{1{;ty45@zPH`h90B4Y<}u4j8&$
z6o5azK5O+}E<cZI3AxSNm2;WrVHehPgUV+mRL2uJAYe3Ydqw^-${kK!4>$@$F+4If
zJ@wmYcpS`(8{x#W;PP-AMQAsAeFC6o3qcoy98v6_t|r^C$b&5*(DfC*@|-zej@rY@
z*IC6ugGahAL>%LS4(<B9;@9Mm;BQ`?+8Z9ig!{t!9A`)O%5`dscvi)NM6kfsvDcEH
z&1%Xl!zo6HL>%$WF4K21Zm|<8LEBzL&;cS)s(uZpiM4Xo2i+6E{b?#6Q$Q>EsbteD
zwV&<{;>VB%#z1HTx-!}m3=;Jdk-x}$bV8?%w*<w~mC0y#<4Nk?xfJTsx_XB0$C3^g
zhP_az$gr}Rbe)Q5p;3WNbIO66mF1x5aqwjgrsBNw>YLy1qe~#kEjT8um2bV!A&?b`
z&l(H?s($wAL{4QY>W%2A#2JQED6SC5UvCy6kpFHgyL;J;_FvRvq&P+iuDDR(2mAJ$
z_t0@+v$(tuBw_jvbAfq#lDpL$69*q33qE{@{h4}kSN|!g@%e(M8e3=Sp!V^avTYp4
z6OAwunZkb&U*v@#aaa401v4T6dfu$wrsN-6^&~#rp2Uo9az^BCa}}ttWf?^mLrtwx
zRkC{j1N$i@U)BbAQGapu&wJ3qU`mazZr$3qC~|umxOBJ|*p5?f?#_*sS8JXjie;Wu
zZ&_7113=9`tpKy^J*2K7;(;GBq#I{rlpE+^0VsQ@kGP8qsK0N8BYX5@ho7Zq>JPkQ
z5MdyWGLP{QD_)NlSAInaadYuX{k_n?MOdfX#a;5g=*-kaDxPsiP)N}@H~Xm}FuOo(
z!1~$C;pQ~9s#V8Y^n$&<fg$bc?9D9Jma4#j&&^?`$yW!amCS{dWV`*^&lUXiuH`O9
zjlkahExs``0Dg&EuLQj0vdzCDUgDCyUkoWA<k;`Mb>p#iD@(YOA-P~_(16l9iz;jU
z?D8-Q2v!@PO2@)B!m4+h&~FA)hKRj2LG!ltBv(|7bwewS3>4>bXMTsn_%Gj0^Meit
zWI%{rnF1^sWbI?#zC>XFC8sJUnox;Lh5R5y6n1--YVCbqsblno5<?zMVR6Z?mb-$j
z*0ivdoRrjyPo56p=eWNvJ3G+yDXO+P90LE8EY1^r$ccVDL*GholU;6!Q$>6Dv{+s5
zfDH6a0RQ8{ZB>YF3rYrRLui)B$NO`TfBIQ-aR1zh-RL(7Y%sjKr6J7-?fw4zWPOJ^
z`V9Zxrq3eai_iyg+9}mg>D)Sc(wz5D@DHyGMQ+J^%n-6)BbNT#tV)Yms==0?4EhSG
zaqD9$3-1Fv2RP@Ih(Z}5=ur5>?c@^P1G8f;>y*v~K;GVQ+AOYCN77(%R;;8)pv25h
zA|@55>IXL4Jgk@9!JDK`+btZoQvj+O{?`mKG;tcO7;Gg%2a;f9%82*b^x%7A&N!hy
z6?R3|CC@MksrVyCuGX@izr)70%z41k4ow3$7dPAjBb7Z3+6#l2o&jNY83?oYzZ~{X
zN+?Jg#41FB&go`IQ)Wv;QBlccvX@Ro##PVFRQSAw`j2x0Ket;_G5k+u;KUdQ&Rs&d
zw<TOch{A5>tBJ^*=FNVkj&pPk4C#z&@PZ%B7Qozn#n-?SJt$T|ZB+7oF{1-LL?b*6
z+D^O-q^#m%PIXGf+(4?S1Q%`^+x1s@0-@@WJw$Cm`iMsVl=(&=2WcZo-WSBM9Ra+<
zf{^ccyu_!hp@hqh$6`z$QHk1y5d%@KN^tKozFTcI8qX9Z21Pk-2%rq;0aIMbvGq%y
z82VY24NI@6U&^n>wHmq|vk;g)aMEhZPJ`}u@%ROoqAC%bm~`sh>O?-K^y~&qB`dvs
zpFuwq`L8HonbzTbDx(XCfTq0|n(5)cP(eItU)%VTq6;M%2d(7*<?gbRMycuEu_?h$
z3%-3e1?~5-b1vhBPjKzCB5*x$WbYxFjc2M!h2wp_sTqU^V$ve$HBb4{)p6p$bu|#l
z{!Q3|p9*Rt3C$BU;W?bGN3;cfrkul?Zza6`uYlQOcwIj)7l?fpuqDfu{#18WGb*)O
zh+9WB+WUGPdv2!f<xx4l^BOyYz1b9!KR(e;<EDMK1GNWEsPFOh+M=AKJpDs0!bkoz
z>1j|mrDmR9Vg(dytq;lnFY?dr?bI``Q<)oK&}4@~u#Yj78Pbu35K(G)0cVBj_RAG;
zXM>%e_tuToM@IxxmWxLyW!(<P#|KSszNMW{skYR1!<MzGl<|L5g@)Y=?Z(MPBaHuc
zb~u9N`BIb`XOh-4*F!MyrVAG9+o#PD`&ftu3&L0dMgv6^%_raoh7p)d3zIb2Ul+}D
z7flyz)q$lCD5M&HEw-td{&myNoy8)Iq?fhftyinj`isFGFiX;!CYr6$;GbMMY4p2F
zacP<<c`aDz)X^}LewX2OF|F--HgDPLTvjuTyY_fK^y&6|;dsno*^^v<qgr5lNnPwu
zYP!`&JeY}5Ke*g~i+(e?J6ViQHHU8^I6FD63(%nw_^=)vfcMFys@(sd3wTt*VQYa8
z@)vhZy|;-STYtj!@c*?`-bljhbayuVdM4~jDzAf$#$T!XO-0fCaf2r6su`k_e@N%u
zM~8Q)e+uO@I2Ww4j4cx30uj-S@apeXBJSW+@)#mZ*AvBrI|i+l;Uk2BmKsvWe`05p
zC|O$IBmF>P%WSeo*7tEwzk|fy6Yx6K<lCFqEi<R5o?A^5XgptBO|5s{Qu>Z)xmPeD
z5p$z`?;d{D2Ki#5pu%_)C|6C8F(wv+KyUI^g)GPWZYwa_lqg~dRV3oG!jLG~j}Rs-
zP)ZQ^uhY)qGFl|aN+d&1A$7+rnY^m*P8^QFi6?iZ%lt_~xPd_q6}>uaCA5o1*BH^m
zH)ZB7+1_ug?WG@J90$%~EI731!<G?w(B7x;c)K+DZ5m4D=1SM;WWJ)0ESi0wpCJE@
zHF^0GL`?c+NI4k?U>^ZEKGzvHH>KT?aJ8_59Jb++p3oY8!e)knxnqaCpWehzfh1*u
z->yw+X5OSu_kNK(T*eM|zMntww7j~$OelQ}34w5HlwDNdd|B#m*J$&bN5c0jKfp~O
z`mW!Fw&tfs0a_M>w?U6>)3>3+c8KTtGZb|slzjNmwobwu0DCw--N^f&B@cdNv$6aY
zt9E}ELx4i&w0@KNh6tydj)Ex|-Y^@N?dvbCc6JQzt0hT+ul&v<dGEfxa;+z6-h192
z=08^ExtEvnHrU%kjTC}qe4@e`K_QH^xQnQ>vwwlg<aEYlEzk0=wKDSC$brGv{k!%3
zaS-L8+syxTnSq+jIJdx}lB_}eInVG1D|L9VHWXy01GJQc8sh490k30mBYI&I9$;qg
z+RoOE<XA@B6(HRzg_a4x42a-7p%MmhA=aP&aqr1Kj1M~cYtI<o&j!Lwo?^0`V&T+<
zimVi-cm=QQJ!d3UCOEmY4vq~Bs|Eq42a-S8J-ax$+ty9$2NIm_{w+iU(1RuDQ2xs?
z<692ePlHLd?lTn(b&1~(7PfV&9AVM!+=!h%f7$$@qS1Kn@rP7=K_rP+yJ>@3gY?Na
z!GXmt=!hJgfp4WWikzbK7pGijkCx<tGPhX!pEih+JitZQ7E=%{Xx(t%hYeh#6%Iq}
zcz|7lC7<OrhDUFU)Y|D3_q1fQcz&A`OKNhkU_NjeB|_^y$Ml1g8*fm=kDm$dPf-X|
z0toQIk!JlA{!<T&8v9gqx+z>0y<bIGL~VVh`b4TFFrB8(2j?Fys-#VL_R9b!!i<4Y
z)3`lQ#ZTmBXw3|>0<U<VRCo8}oR31TxBQ$li()T%o>Q*FT27v~z;2xi0g|z<r4AH*
zuPVW{r8(gjs#(+Q^GcfWK-aU}O8||5_|!Y!Qd{iuoIIg567_+WjxH<5Y#VxZxdY`N
z<z0}QYu}_k07yaVz5=Pc20$0}U&bD~>N{<<e{i=%PmcxD$VI$$UU(F(;x`*Ca`^U`
zmfy+rm6RK$sB`J|?TcXhIv-SNMi*Vr6OU?_*cqD|ayR_a%_7GRcqL_@4L&1ANmT*E
zF{0%T*ng7!<ZjzGsa<{xUPA;7AW#5wn%|Pw`c4al6zUI;iV7iHl!I&v1u!{zYscJY
z>x-G~^T7WATQ?2?tFV9T^S2c;$7}xkd^attyOmg_SHcGv1Ih$3Zm+_}t~o@ax@b&e
z*c4;Aa#}!vG<Y<REaMpYUk@P1tz^Ph5C6ko+~xzo4VruZw)hFTlWMu47tyo*BJ85{
z+n#6U=e5B(Xx;+Q)ri7VM^RwmUW}{c+)!wm(u?ilFJZInTO4bfvEWHKC`}{-l~@Mt
z$Pe@JV~HxD`Uf`rzO}M3<7y_9^=20Y^S`+p%e8lJQm>MO<~|1!JmLnRxBZ^`-0M0M
z>zYqfaijdp7bV?y$1W=Lw|CMUc8xd_Qj7Q!F9Nx1ee{Spv+CJ=BhJM5_^2gSetJu|
zh~sI9XJeRZQMr*nz<q))XAS-fBSVY3(R$KW9jy8annTT;xpRxN<Mwu04$y2owoNbB
zFzo`<k3!E$F5Rl<DyLSe8tBm(&*KL-PYVhw4;6<y*=N0-R^5c7=C}LjIvT`{++$}2
z{IkDrWHBp^B@szt6f&V6)cN8o=iEZ#%~$}3*cmRbpxE)COZ80I!PnP8U*uurG4($Q
z47))&vi1w=@ZXDn#^MQ80c4>MwxVHlg{mR~g=p{jaqdzrc=Ra<@&$J+y8Ej%j~*Yq
zIl@}OP^Fhn|Cn4&Jv6GcYtS(I!$=wCiZMKuUNTf+hn(cV4{3Nrm&CL9((jSr+_kF?
zf7P(Kt@Oa$4DaSAep~dqz&PsK5ty~QMon4TTKop&5l(sXhn1JN<{!O*ZGNqd-)h#{
zX^?K=KF*)*fJ2OO{ahYB((M^+1i8Eje0SbCZLW<H<P)q^sfC|j+v03l8hlVwCk)QP
z!9XSSnLat9Bz{S35iX0YgT7-Cf8SKNNmm3R5l_n?lJKA;!Al{?vLCKm7)LsmNLw8a
zeE&Dh6D16mX7~U<aT_iH4Eu<+2)w#AEva)o*p_|G5~10_`}?@jG$F^^r(&BFp5&+%
z2Zv8Y+;lQL5D%A6ojT7-^r$6?<RLzuxfWgvf>==*SN!Qa4rXL`<)@wDa(g4^FJ)Xi
z+wv0^x{iaTmXwI<xN%@(_v?4NTdk{SdbhL9uO|t;ngm4C=FTohaqtH<`HJh(l*yEy
zv4yH{#nd!&#HKMw%&;LH$35Bq+VpwTYjOO^r1W4lteGZ%Z>?zD2)r~gjpGHHbldfN
zXa~5VpgxaQ*;qDaDLg)z0iKQ$`Gd+K_ob4k=Pr*S;Bz}}1-crI;1L+bi{f^;5!>QF
zf%Ra4<3&X(3(#>WmUzCGbzzrP>w?4(6JRd#_r>>H{>lhO@pnJ-++gWSTS5G`a^z5N
zEkkQc7{OC@2oAUC?FSzV<wUT;a05N8y5eo-!Z3DYrt4*whi>QY(B&uVSrQ;;QqH*q
zbmi8^Wj7kIa=PmDpjkXdC42{KbfVvFw1<}9xJpp6O{X8XDM63KVjg~FuG)VZN4>AC
zjRMHK<Id&Iesmt+)hGR^_`;yxp{|G!X;i51w5`<95gqAotPZM2Zu`C6-I{{X{-?38
zT+l3&N$znVjR9YMKq@QM7SqkFeYaKEIyeYvJ2k-`x@6&YKZELU9;3EARm~Yozi-d%
zP^egRN5pXv=Br}N$V$yky-(Tws^=vP*(o;iU{gX2P9SIfj5d|?Ub*pCWGS4Cm`r61
z=!%vP>UWHR<T!Ee`%J9Vf3@cDh}9!)WddOUQkzy-O}H;Xhrv5?ZJiE%x4rpLS95zE
zzKw;uE(7#wtQ^!|%`2y!E#uI$s3qaCR?ssn+kn;lWP*hsZd673&=y#AMZ<mWWk5y8
zKFN<s%hIJPoIY%vP0U8HFQwM+1b;(!oJ$?(@qsP*Gknnh#A5uVWIKU$QVGl6IbE4`
z+X$2gI?G@Q5WFZrfO?1G)8nL$N0+-odiC{9vpJy_jBOLNwjEJMuq8at&4z2KZP)$7
zbL7qhhnHe9r|xYGm&Ogk(T+j<Eir!D^z~6T)r&#hFN=IaNgTh1Gc6zha(%wVhI97k
zAH_*j#`ix5J2n+o)eT^ngzAzp{cVk@KhDcGa>AUz2wLBBMyh$Z*yd@w?Te^8*Sg0x
zfNgPIJig}&Qf!{>s|7Cuwk}Z?s^-18u3k4E&9b+=>1&O%YLF`|r1XpBU<9M)78$hl
z<@bPpAqly!YSH4ou37=0*BsyAM(&X?c1M3N?)Cs0srdG+Fs`N^g7|O0bK*emkcmAe
z=y>;fd~SKUbz(=Tm{3;wb$5%cN9ba?t&RB;7iZeI6t+{D`rwwFMQhj~LEMBLz$v#w
zW98sRzvW`2<Lvil#+B|XU~hNUKs^2JtV05crfevM3i@|WdS;W$o13akm}6M2l&do@
zE^*q86r&OtFnMqC%8xRK9UCecS{*yu4f@h)n30k0ui?l+E5&j)!b=5;+sHuU$s*)I
zY`z!3uB)+-=r#Y;;(|3D$Kc1Hv#(;i%)o56<Uy|qUKKUe5uu+|fw!1K{vsMwN2Z+^
z0)+!`;sj9N#0E(zs5U&u!r2t>$N?(l_&|EZjn}eZY64aA+5g~iRVff8RvaXj>vfNI
z2MnNq{O%%`6!k8r?^lLKJ|&5umTU5>IKoD3`0ajGR38L*!6683IszFgsLP<;Clp&D
zb{ui*Uwqh3wR3CM7gvXn3zsq5o4~Z~`eA>-m2BGa!iF0^@TRCxmg>1h;lP=prQ-1S
z)rk+YM3-c}r$+mVWs2eo2~v-}PqNRVuMgz3N<Q%B?E)flnzQ5g)HNE%%IBhr54+Vg
z$LrHF_a~CX8C6~l1{*Y~mdOswZh4ve5r>;_-m6ZpbMStC+x&J(qgo=+h%kMozuc$6
zw4$;3g_QpYa4>8Bb<rnlHko>-aGPY1%up#8N1OI2d+|Nqp;%1=UU@@Gc9VYGHH=TF
z0MTr-aa$Sbl8>*H8~Cz0UF(^~U=#CX)TT%FVfc)Ce>@eQ_yO^06l@VIy1uhB0h)M3
z8wS-F=lkobwoZHq)O)?^PvSNr`O?Q{GNBUQ<L@sa0a=j<IO2P@69qodZ~kguU{r2x
z?ST4(6{nkP)ZiQIn!vN7Azm}fsu)TUN#XJ$C*vfb*)Y5KW$s8=vw5J|OqRY{;NY@x
zad}~nzE#OUP5?E>36V57<R|;M9jy0Drk@vF4Q!3^2PIfB*>_r<Wfe{`;WiFHWNU#?
za%-P(?UWUo(c>q0f=}eXDkZ$`hyKqz8HN?KrSM?z_xHkIb1uNiq4|juj_TJdW<Abx
zJ)OvmpDprcVj3@v+XisRaro&TXdQa>{^W-HafrC9R?G1{J0&F5Vcis?;#KJ~3OH@{
zg4`)hqx<|EsR5D;u2n-s6vV%kg%p8qy{e?uay2Yf8VWrH8j9Wx29DPVi1GLg5>88!
z<ty3GyPB3sAKonb8L2E06BSNJsQ0OwgOyh-wX6OiZZ*&@!{k8~=+@D(dg{J=jff%H
z6$LJ`#-8_-g%f-T6Xw`GU^tQLZJ;6~@ZX6k%LBUCiAzvK-I;X+gkFLy=SppJ@4;LO
zL%p)xt0Ew=IeP3jaGKqopH%MDN4mO65G<}+0wSZO*^Znd3@1XQpWi;iZx<}A@My)6
z?m6$=d_XmXM$`yIUhWAoJTj+yfkqk_M2$rC*$E^)sX<n)93vIXZB?K;xv`8^&t)qr
z+(=jrK2aXUnj*o6>E99r=ncev=FyV^EkOV{h1hu4$#d0pjf~~Shs0kxYbgO$hoKtf
z;utRbA<LMSsxgNVOEr`ZX|FK}E5IXlV?wDE-mw^|0<$YE?@w}QxjEWBIr*<8hT@JY
z6%)Yd1Ok9KmvB>7U3;X@v2^Qr65*1drl9?OmJtn`@RcqKBB|J3(NDxYx43OJf|W|B
z@Pcnum^aHY#Vd#gE^ca8%uo+~iPye>Ih)bWr<pQT`SJ-P%fOkL=x6$VHeI#DXFKx6
zFbmygj13rtSW$)Gk)*b9f18r-n^}oZmV{Z^U0w{JUNUoW*28g48Fu6B!Bl<DPa8z%
zY9YqjgAsSXyWEf{p4QhcCM~nVd>-?FuFhp~aI7XrL)~Hr5X9T&b=+EUd*7IlhST_G
z<fcYoHoalPI-K|sqn?#Y>dRdzJVofAQ4t*g=K-GDF+dXfD~j<eewfH^1Lm49rnx8R
zkMaR?iN0-bb2i5PtQILG8D<eAF7*oWW>@0j{i+{U5>0siT~BxSXjG3si(MNv+sE&A
zv$a%b?l!Kh%A)n)E|edN8q)Fv#<?^@1!!53d^}gKoW~$rxVShg@_aL2CDyQinZ=wM
zlekKgMLsND{HXNK=;o8ia!u1n$Ejvw{%$|u^128uV30f^Cs>NOiW9oSB=()-TK{Wt
z3Ir$_te9cAx#VyrU!y$P!IZBinI~cADY4^$DU<ApR4G4s=Xof!kt*M_(bsgLubCIw
z_0FWN@K?4}+fS>Y-*a#Y+u^WRnEK=Sx9(l8cIn_dzhnIPqco+rqmk3XD3-X0>&<Ef
z@M-RuDvT@I*rd@rD8N?LXvSPXEru$;W#cB7{XXxj=!Wuwxu|>5+C*PxPhw;=JMip?
z0)F@yHfopBqnZr5|JsXG0Y&Lnj`%JTzPidlWZS04k^1p#e8{*Ov29A-U-dT1*6#DM
z2p4gEs`!?2<)~6NI?;lEst?G|n96%UYRS}onFQT^)VRaA>%?@anaz}@@@1ayeX`s_
zU-2u-kvt2dXK<8CMb}Uc0{g(8?zO6iP5FAf-pzF+7Rk@*u`~)D51i6^GPG)uFqqUz
za=Dm7qvEe!0`e;a4%V&p*_i)W+wpo+X;33n#jHv9&+fTNud-3#WfWgkK7Hp;ldA3_
zthD{|gFV@!C8=~csV=}xW4Y^mFY;U4fGfqvETbd>;cH=GaTa1Fc<)V@*L1FBQg3=q
z(ppva=NlxFJ?Hz1wJ2nTK||dlpqnxIu*s0s;RW@mo%z(6#b`(#=NV8=t1mP%$x0-+
zVa15rD3Kf#1PuPMzD9}GeFB#D?%(POq1I+NBsi=FnP0q3>A3Ee1gc)OpBsIV>)sJ@
zifz&PSxbKM8pF~i>weA5r_uenO3UiplF?4}+K{37owecxl`FuwRp1v`gvRO}jqB0R
zsS{4&<ag@H-x)`hYU$|{#q=_3a`oat4|7BUsA+p#v3@C-BbYr#b|N)+v6m^B$9#EG
zC*C0{<|$EcMz8M}50lVYJ}29;t9iJZ^|Dm=(<d6uW_-LET4l!oyDY~nZYFiVezIs?
zN=;(F2(VWA8Li(WI;rycFxUEn4FjRS(3K(NY42O7-!~>8#)>?Q8}vib!$JEH;#i^q
zQh<N-T|u<~l2fu`@PEqi68z=)gb}Tug{?70I7IN)s?3#Ry&LS;^VJ;=_`SbN1H=@U
z->)QTe#sv?4_CxT`W^7k#2QYkhWZARP`M>@UElq3ONIz0UnkYYAnVV!QRB3s3^gV9
zzjt~|gAjj5`#FNP&fi<3tN&yeIO;iL&9&kFe+voQEf3n2Dh~inp3Ndn<m%7lbL*E}
zw={L)W*yJrWZ6vkgQ!*QckHcMo+&*old;UrQv_rysG&Ese(!gejqFtwU%l_zI>n&J
zKq#D&PFvIJhvoSLfP968<w>_jhOmXA5VgS~rcLOldcc{_mWBtm4`*@eLjG<amb%rd
z2=Q=l|5ebm#mV*Us2>KzkEBN2J3<zcsXS$b_3Ig-RN|w)%d3-{Oa-Vlp$}Z1+N7iN
zON!H9dQ?%TX^Wm6&-~3GIZvXe=SIG1cbJZXgK1jwX}LMwWw1PbSN?Xj$u&)q(v+Mx
zn!1uyBm}hf&o2%dJ#B=A&R6lQ{5rgr;C4?ALUy~{NlPJFUETM~*u7OfFPE9nJfTHU
z*ZfX&megQ|iVw|ro(<<2?MIH^(l?<-oa$uV!uQ`M6S@>zD%inr`Id#fP|z!wb$Y4(
z0#pRcoU~U~i5<VNlX?pkV+g8NDlEu=5pkZH0GsjZ%tItEyK%yV%ikXwbHFg`Ggs%s
zv#Bo|(gN#-USeH1yE6vch(UFIe`olu<$;u3R{}1|PR<ub)KS(OE_h9D8p9wxb-*{E
zkz<IeR1&Xbc7!$e3&sVK!He~za|8>Y%CsihM9mm7U0>flh-{)-Z?FLl^zRgc$Q+Ms
zCO`6NDq&}W0DL?t?11HiiPi!gd@JpEUvVDgL#7x5p}-WYW^}kD5!9_W$NLOacvDR3
z4o)NOZ70icxW4qTRpM4!kHOF0=CXY_ot1(|QOrjyHVPdkKGKROpT$^ISox7-8yf|y
zE|btpI&ZssZL0*LJHG)f!8pr5c9Ee3;IpNR&cX`l#`~ks6|A-CRw3uUA2-cP!E0B1
zdU|~vlUCPQ7PR-Hzp4nf1BLxm1EZ$}12*AjE#(P{j79?2Ht3rYbF_0`XBfSYV&oCL
zh>9ylO(zD_4;{vm2TldOqCyP5=P8`Aer#bY9Bu#Ybyncm{usXwx87K{Qoo}~@>!-i
zk#I=L*7fr}55+P>`V$PfXJ<Uml@3k9Qh(#dhXa+c%g3IX+fLguYXNs7YlOr%QZXI7
zT+Rp<N^xVzxnF=Ju*1<GF>~aNY;U{|B)Gi~l;+xy$%WQESX^R_$cDD}gaY6ow;jpt
zF!AL&pwxlxMkr+Bzkbfu(82WNNZjOvnnA*l@FJv7Fz+!5-3nZzG70NTCT5e6jX*S`
zm$GCAM?arg6y4bUz?;E0Qv{#76~4&Xyu0VHF#4HKMSD~#mHxBs;L69JTKKg`n?6*2
zh&ugavX3?+g3$YB^AkOx>R3MoDb_}XIpD>;x=z_AEFFo*FM-5P5nP1izxg9pyhQjk
z<vW<l+c%h<=qgcsw{^`60ZpZ_r<Vbg+2vJ!!_|AImEO|h;qPy|g~Igna<`^8Vp5y8
z95S^1A5Ib8L-#h&%5D%44EkWfUT%=ddaODSk|1d1G+rH8{&;~%02|J}b{}24{jFK7
zWwN1gWO-BkW-u(dzGP}qNW;bSwm_(sP$H?e2Ps$9U($4p-H`qHnmqe+6n2&>>o3CQ
z4&K9+;O~g}s;smSX{-C_9sFS1sDs0&&M_9{zNNAXk>CvSj<6{XM2cOi#@|lf)My4Z
zUM;}2!P5g(1prjrVZo5e3uLZB#mrs8yA%4i>!BM7K$;J}wdiz&lk5{1f#@S9u6IlB
z=}S?LBZc`l7St1Fw%KMlwpqh&IBTyK^wpgo0LMC0Iv7ucdB~(258?M16D-o^W10Jv
z?1%ZZbM!jQXk7y<o4N%h&v6tP0A#w0@E^*h<UO?@sb+l;s)YqSiX_dfj(j|G^drlQ
zt-WaF0>j^-LpXS11P}b(UW<*<y4U2<x>48^i^z8pb!n4N!~V7I9ZR#Pe988;0?`^F
z=bDzPTNInPT1*QU28XAglI-dbvI~yO!iqW-+Z&rlL)(&d;ejNlfa9%0$qp0Xx69aq
zlANV_-%;v8DPTim)_CMA{Q>BxV-St)spvIal_YkuO!Z^)wDqL?pP>viQtDlkQ|f_+
zG5{J%^nXLiT%0|PO6P5Q_gZwOK!qE1OBLSl*W(W?xL|m`@&dxw!H4y2Ccul-9w^*d
zWOzJ6xHv~F3GHnkMg$t-F}?Kkrq!V>4_xemU@u)-qy4;}XRN{S9aQvxxD4tB^V&o+
z+}Z?4@dhBp_xz`LR&H96W$(ie=G<oYOe9}p;}5XrT05K`E)|9cX81imUjE{m^eShX
zo2aJI$b1A6KrRao(@=_soYY+R$E_tXJeeX6G`e}2V~1E_?21QPZ$NO=qPSTnPpluA
zH0!+lA42L1=YVf<B#vhR+A(m1>bfv+|4mzDHvM~vbt8Rk!`+D1E!ZW>v}k_4sv)e_
z7gU@n5t+XGEJ1#|O6QbGX_6d^qD+7S;gN0=#{C_wgGIAYGj3YzH*Np2j$2_peVQpD
zSl%Si{Zfa#;GLpqjh4=Cg!37oDB}tOs<k8n*$Eu8l_?FY-XCGR-V&iem>efB!_eB3
z_*Q&?f+VRA-i?qx3B8h+Oap1~PCI?j%8sSOibI{v37kS`Xcc<IunvC()UF1N6lfio
zTA*xSU;6m~r}|i9imz=^B3){1N}6foy!MS0@^3s-r-;)n;HrG~)@<41Npdi~8hNe~
z@?X*`Q{sL;IURm>`h2CmQ6=WK=S+@<^y^!2kXR+>d)I9ox8z$N)C0b*Nwi|VkK7c7
ze;AfP$c)jnBd*?bLNO385F)v<X*y!|{JBe`4fK!GhGIx-jFC(GO8S+>{sZvqJ3Z(O
zuUi0kJcYF0i1S$_35Rr_#F1+bE8xN6TCSp*%=pbaG+?LViEZD8n49cc)8E@wA!El1
zQ>LCW$`krG#g_}9MWpS7f5ZX*@h*H<el9qC7=BJ)?I-M4AWnKm%UjyGQXlFf!LXrf
zz7_uzNB%7#R%?F!{@7=^sd^0bWQ;{#C5m74?NvJ?8IQjWCLHul*y@NQ%#miNw;q~|
zYU6`>haxlN_E~sueJ@#jsC)G4NXB2hLY-iC7-@ua7y+5;1V_D{arFyCkaE$=0y&F(
zD`vrhOs`W)UK?JIAdG<Njw}gT?y-|xTW94^h?B~&u1ITjkXgvNh`!)^IJLhOv9QZI
zQdh0-eFtf5?zYx$rPv3ZM<rkO&^K^7WWRrq|2OUsZIE&~XBKe*t-Q#c^!kGO3sUw-
znNlMn&f=HGWer1so-vQBABKnkv|#bD8h7P&5m5%e_2sM`@aQ+TvW&ms77pO34#=8L
zMfbZho*yV4|G>H~;EBG2k7q+Rs)c?YF3ExuEUNA$b|bi`g7`>k2f0=c_X%Et=%4+W
z9I~%B1+lJ6s|1^HVGP2I+q-@q<e^9<$^D*vyTJCUjAHM;1nBTVDO6UsbnkBfA6T$u
zn$s?{dKHU$MyE^-VdQ!Bc@F`_$a$XdPo&K*?0gP4pJbfgY~%r_$Z`_Tz-z48rmi08
zJR}zxyrV$S!)vSFO=0rCs;HN82C2gNw<_lPh($A8sMm&X9$;w0a+=!-i=zNBWq%mP
zB1hi)z3kp4;{J%!niUb$<{ERJ(bPlVKU0?~UlM@KI_$`(S*s*>)V55dG-MI4DaIs?
zX+*U~ETAXidAk2*R_0P?;!mb&>_noD1tt6odq}F@Fd3FiN-?$S^*Z^w4T0}3I>`1D
zQ6mnKKeTPd;2XXhuq=+}2Evmtqp`BuWs|+6Kh`*uhqRHpN?9eIv@1b^k7C&12%d**
zHi^2`uGd}p$t@=Qo5JqWAVutD55+I{T+4N7($Q2@e|r<qN~I9B!(PA%rW>z9`pP5F
zqN6kDvnVx&sIj9PV^U9j7X9wAD(Sx2a{?zw3R)|s|G>ii_zb)`=mcCwCD@(k7a=%6
zO)_?aGvv;rrbeW@*+G=M-8a2K5@$XJ;RN7cglHd0w`83%#Wye3(O56LJjsOZRBOgH
zzT5e(RvHU@<UttBG~zILM-TNpJ_{b`VJPPz_B#Ooc@&ubmb<c@D#$}|Ruj+Ax+yc3
zal(KO3*C-_CAdQjM=zdKmzvh+pDBCH9V;R{2FWAHs7UK_?<TdmsL1@LX`bjq)QHDH
z+kzQx8CGttz*g}W_h)G9CMLU`$DO^%3G`AX^ZjV>&N@MhW2~8;TFKS<T4S8d7u3+?
z$@Q~d>hraB1%XCf<v7GUoMgf}%A2G3LZL?MR$JZLjGsZEH>lpkp-n*OLQLn!*-k(>
ze4Mz!Y2$IF6@Lm+18)`0IGI_|Nm8MK$r=zA$RUn$;P2DVz8Wy&M<Mx@6+HtiJ{`tb
z7O2-8B+;9e2|cXS(#We^Q{l9>JY}kI@CTQHF29xD7>pB~gpdZ@g;##TjBI`;Sn+gx
zr@#KWFemgALpBEW&F7NUMX3r!6V>JP0ls1m0&E#;aT?JKMZbGI<<lj9)ejyEsc!=8
zO+m}vE>lk9>iK4ua5gF;@n=r32#&YpK%GAZwdeav&291ZT+GqI@C}$WUAcdWDAXfn
z=ZRK0!1=d7we)h+kVS02O1Om!VFAyQPsB<ya|esUD5cu->YTQ177)<V^p5g<RQWvn
zAbmn7^Qx_ru;on##^D&qRY1m*e!PRqnBYO9pL8FbilR%paV!O6bcv<Z?pjoHVwcl;
z%_9aTjYhBV4~MPe<ac$v<xMLAeW-Hb6{uAX^_ZSGcL<O(&61!W>Nx!RFlyk4#+9O2
zyyeE=OR{INVvkzuYu{fmlPdIQ(h*W8ph*ku65d1&n+kem3HLm{WsR^7b4+F7z?WM!
zL=$FiPZRsQ<4EeYp0WY-r|kYf^m-UqOxsaP1p*xifU#&l<`k#O?n{kb)i`g!g-hdc
zyxkFY;#RJ}@{;PTZ}+tzCc|!Yujr-g>o=2(W>7m&!xK|X`ffEl>VFbm(U<~KLX`5B
zt3=$!_eipnSOaT|E4aMp94v7W$DMivAo^tI|BuNHG$xBalP8P*p-%vHbebeDXA9I<
zH}21(<~Xw?v8c9?y@us&zFvnpPc!zaxs{1!-Db*pu)aY-c=7Op83i0r@rSqGe+cXl
zRN5HLjdzQOoZ1O_+FSdv_u1eZdTW)ONYGJ|%;Fd@n%=Vtc<nU*qlh6b!3+RhFaxBB
zA!>j-HL*pkK{I38Mg~Suwcsv%ArQ31AOnrP)~&wDr0{Urp;db9&EfGcljj4uHGNz)
zZ*Eava*mL(q|YFV@bN6|t{UfVrm(<ONHD6?*va28vY)k&Dkx{4Lz@yG({w~V{`)|C
zcEX8B=yx2?PQSmZXffWk1#TXKtZzVWBDFi+>WUEt^7E*EQuSE&jf63y=95Am!5bzh
zutCW0wQ{)B=nkUc*V3=vT7A5|8hZ0X=y%HH3*5Fg#r^0d*ZpU+@^9R}dH$|E=j(k2
z>hZM3QFri|HbiXb-j?*X?NL|@QD{V>|42zP^06(_Eg=5dmzsgv*kFQ(k1z^6tBS1!
zc4#ghE6Hf6(YE#hQsQyoR&zULIyj58(sYsmi9cylLN+C&0CH;HcYy<8oEa30mb98m
zquwS-aR0#PjX^e-@V1Wn5zg2TS&iRMlMFAk!DtgDT~`p-s74Ph%Zl)C7re8HQvmu{
zI%ql7*)nIlesN^Z>b3>zFPQsKcVEHO%)S*S<GMbGl{XM8!?-e|v&oU<^Q-)-qVGUM
zrjGGo(2B!A37=TdkE&~|Itkv&q{=`u9h`Q*^=dJEUa%R_bwnYKV2S_U!2Y;Ra{EfV
zbQ-m0;-PboRm?C!vptN~&X@u<{0tCIXtJHilC8W@tInbxPQj{P`LOmgrV4W);3K!~
zT!bg0m+aDE7tCHU^7D`5A-N!ucxz__G8$U%2Z5K5<a9J!NFP?TiOcWw@uTOSr=%!q
ziCg$ll8N`GeEnxw0XEj2BLB?4C2UU-?pB-@)K@A&Vl>7B+|zo2SA|u|{4`N?(Ruv^
z?}wlBR<>uqq2fJ?f*ne%O!egBBnN~)&*M77>c*K1yp@6@Dn*$;X11_W+IR|Dtua#O
z3q_m43>KDUg{k*o`_+4DNG{s$om>|z=iM7gK0GA^$p&xKCW<OKHUQuA+w=YB`0|h0
z0hn8HJg?tjaMF#v#1tV?yn>ZR-)#0x^mf5E5`-tJ(Kn;@L(2qJ;BdhU`E`N@qJSI)
zjfrRO$f|YC4%{EvuQ7>)Wv!v=Jt*R#D$-;E!+oM=jTcn`c=TLG7V><Tc<Du~de}Dj
z(EpKbePj!DEB+er1j&9)crk3vjmO$K7fWrT=sjUlq$vE|VbL6H!04QL6(u||fq(LJ
zvZ*8}pLZ|o(pFSBDIGPD&sP-W0Q_HQN`_21EN?sUCd`#Cj`SjH7)Pv+dPf~045O^K
zq2A`8z9N=Sk}d~VJMsU(z`WKK>2LfW1L41gR}20;Xz!UUV8F=)E>RXXV>?`0maP$_
zEhn`yT&LhC)%o|q>t_@Qz0N#T_xTe$jzblNV-|~8>SBM^yo=bsFSgz&AIN4lOwEU`
zOS;oWAAonFe_#H;_Wm_a8D#GCAaf_5PY=^sYvyJ^NE#Oi{P=!}oLfCEU><@N0Q%^E
z)$Ye~H$sG7#i0CpS`2w5Qc3pSXvvUNk@_d<*}aM}-Gq96IJ+6Cv-(llblGFh-Y*#r
zgs;;-WZ$Llrd|7`*dDQb<#E#$`l#gy|NL+|z<XF|0H>O$O_I$OsJJ!J0ae%lQ!p6W
zCWXJr^&yJWf1`a0JMGh8Cv!-;JdpXHZ7`QeWo+VR$R`%#X(bA$*_*-`RY?&>{fMwP
zrP$-J8bIFnK`Z@w<lry#`dG+S`{Q+7A+7kv)kWeKU63&Le6a)jUIg))=j0RU$tjPq
z?z1t*z^j-oOHIh&>iOPjy?QN43t^rT18jsAzSOlvl4C=fMonhK41n`O-klx0@l5_O
z6Xm+F;NI3}t9~15fAV4(4%cGzPK^IIm10iRb+z@p?3XDXm85p%p^e{n!kne_VZ5Ry
zlls19<iqk^P*}0n+Ve8tAJ{(cRtnyVtEGYL?b$%zHS%dkvnTKLRs3UEJH$=eeXj+}
zKz*4sz-RPL1JY&Os;CpCu*ZFe?s5(e!pxJ<Y!9hLrjo|@kHJf0c8y7J`<p_pOvtel
z`z3e}ghFpbjTzWP!VZN@a?+mB!rLB5N3Cl7;~QbS%qx*P-d3iS`dvQ)tR(gCG)r?%
zUztdc3dXxzu%F8_+wBxZYXI>R*Rb(*`#;`Y5<Gp7J9JJF<Hm&rS1nu3?s7c63v1YA
zc=rge<*0Ntlk+L2Pt-Tt>&>AY>b0?<+UAvj%nvD$Q$Tk0%$w_j$*|HDq87(Gp|w-*
z$|5prD%=$ah7Qskc_bZPqU;?JfCoMM^Z!ubG=|!6(7Q^00KALB#=MZZqr8wAkoZNo
z;$g$bqyB4CwP{-8Ks+Vo*WNDC4|Lb%{%X%x-#t{VA8z+cmZ87SfVT+}xW!rByYh-R
z6{KOULptYD&gXz)cX1a3C%DrPbGXyI$_z-TBP#Zg_?>R%4YzDG5<`5%%xJ{ahKj+6
z!V&QH=--<Y_!A$HoNDD7TBGOwW-F)Exs(AncA(=14!ROebkA$164U#!?l*TU*RRGz
z3q>w-t`w`68;UO7t)FOlrmvnmn?};|9WGnriZ(tyRZhVp3(;4nJyFNPR%_L19bNhH
zC_DYs+G4Zc0%bMbJk4?xEM7$)zRFH4JBZ^4ngedGa{~%lRVL#eRW4+S-@@DRi$$1C
z4w8coquipuc>cy$o)36vo4svs-GU!M&9BL9EZ+KO1;=a=FzADUjGN%7T0&_43uJv^
z|Hyn}3iB-+tBU_JNwS=oL8Ik_Uu%8b+|0CXx#1KG1yX7DEK#lhJw71bZ9b93{_bai
z+=ZtAgDOM9uHaE9!$IOrJgh|1WF2ML$2Uw-0s9#{U^`>ZC-<FtjnBK&442FfNpVZB
zyY6D#%T%6?zWwZ0wQY?{>QpSgDqB^q$fL&NY#)I2*Fch`x4LgWx((-uWP!Q*_~FG~
z4n>jnh8t(B>aLG!K~D|k3Y-_Ec)ykB8gC&m+1{AML~5XbWKg0MCh#LSwi%)c?wv3W
zz-@mldySyD*5l&`s<*<aQ2#ZhyQBQU0i@vUj-3XIDB+1$_|X9R+>G$jzKxvcO@cy6
zq-BpTnU}+M_I#)a#HQh};j1)vim(j{CQp?xKJ2*C6^QLuhL`80mhA6E7Sja~*6qdX
ztctm;dQG@-8MuvZ{o*QCAzXmf%X1=+e$rhyq=76V4=wm(!m7^>yjFZmM3<y_QO`DI
zxsSfxurZ9Pj?HJPZeS*os)uCReeBguLLWT_<5+a`S83`pbBQBYYmI|mLZdGynC9c8
zlx<e&B6qu#VXi3G1qNV1d==-%eGgV-c2rw2DmBSi_jHk$Jq^56vr(UzvDsO-MO~P0
zWMCvu2&3P509}}5t2_$ixaSNzyu@wEUn*r`*A`=_NVR61Z4@1EsJD9NSWwaOhF05-
zPvLKpdT6FHd_$_VkH{oWKjM8buPw^0fn3Lh^UN$*$<`^)qy00u*0=Ilke-=%c(j3f
zk%5b002HPpSWaT4Km6`CBSI(ZnHTK_5#0tF8kYD!iuWiI2l|T}^U-TWYOib^*2?{(
z<QaL|J22=qhk<wI^PJ}4sZhg(Zf}kx(E+_NB20sHnb#{bMQLAmfTuW%Z?a6!Tfi?K
zWN6~TKyxRl41;v%yhRbM+$=K(0G^ldr!_1V3jA$Xf1Eg(gLNln{7|N=hTO5=?%VCj
z>(u3}k=Y4Ehp7?cMy1pu1IUR6BGSGp%{P1r`N`2Y)b?`yUzJzv!;fJ2Mv3yZuGNTB
znm*pAd7b%`>|sMGB@$s+6KXA3+Da8~9?2_oa-B+5|L{)JHoRtUja0Tj0y>+==xV2H
zud5qe6n#w);$@7qkl!)2{AhQrk9~{NKegdC=o7tMFm+q~!*NHP{Wi#r^;WC6mf?0o
z>XOvrZG$V}h#n2M^DBv&uySwm^Z{kjfH&Kktju5MN1k*Rh%YD^N9|GA$<Q`cHs0n@
zLpi%Kyx>_X8q(hO3bhgt|9N_ttnX=PV#^GAobtxy`2)$o{+TI~8)D7qz+pP%-OWY3
z7iPGJ9HE2&vLSKR+b-~pfJAqU6}f~9Z-yq?5E0IwGAE}0*l?PAgUftdwA=X{W_Uj-
zFL*+JMb0NHGKYX(0eJTI;595&nJ|rTf&;E@N$;vRz|m3Lc*n<zY2=Ryt@FhsBZyl=
z+=|-+b1Jx>*|$_<Xtau^3rlGe+qbK=f9NMEd8&QcW7xGj2&guR10}xackreN)6NeU
zYU9jC_=uDW9*22s`i`FOPR_TN4vyzmR%FA%L^Gbl<XlO<Qc~NOCVi+qF~AuVDKW%M
ztx%&80j{b(9&%@r+E>IdwvUMa4Kqh0ytV8tO;*1ME=1rVD~5Ju3kX>z+txPYCPhV&
z#*0l<J`~0xJN_S2R~1lawySY>cemp1?oM&n;uLrNad&rzV#VDl#VJs%xVsmZ0(Z~M
zId{$zJZxB5E6JDasIP-Y0paHQAZA6+4uS4=yf@?^%Bb4SV$Cwreb@f>Tjq&#eg?x+
zeV;Z%p6$AN4@@g1y<GP>kK2iaVqT%2tTmvrAoW*NrB(QQX~0G2zEfy&hS`v0Yi-6g
zqtL-e8K0#?&T0NVS7i&};&WoD%??7rm|#}LdQ&3fRHM%8zKl(#^lvH&<puFz(tl(7
zz0=3nArhY`W)7c;K-hJd>GkblM8YUw)y+&kk`n*7P9$Z+TsQINQ#1hUD#)lkA(DFf
zIf^~<7g=U&IgVVN>2&koR4p0}7CKyV<=^ww-9~*QO(y06`EBP47E_JB?Z4u@QG$1T
z=?Oa(s6t{Rh?r4bh9P-_Zi-`{oWI||o6BIz(%dB$KK|=ET=I2dZC=e{8JCF7y5gmh
zbM~Zp10&9RQ<tO<B7E33$P=b6LKl4K+GaDKQI3FjURxFOv&aAp|3s)mMRy$YJS0t_
zn@?S^dM6O4A`25u8BSGYuH=K-IhR-pqwXIALU!w(IZ3C!-TxpCe%2`<7mhKx&(06N
z)xDoI`o};tNwfRfYxAcCCV4Z82n%f&W&rH0fCPAyj>V|tr0cLnV$(dT>%l=3?ntfE
z9MLvP7}O2!zezrp1&g=v49hnH<Yc4q!Zp+^foco#rV&L@*TJ;?upre=@o;Ii|8Pg#
z00{=Qb$rRMvR+cnCPcjv^~HQR!5K{{+NtbhZf|#P;e*)D)(3jSv}52+^To2OzuJg>
zVrAB66x~fWF<GfD)y?U?)chZsw~$T_`FT6gE1!u`cH)_M9!@@>jvDqRs3h<m?ITeg
zt)=B6@|gA~nyslo&_oNGCE?QAoWY7Figy!<1xx?GKyOaC%gt<;$<0WIlxA?y0qCAi
z<}r`#fZcsl*}+#`OtlTMG#}``N!7t-<rk`7`unOL2@6qL`<Ve1s6DeXhtGEzIi$Jt
z#brbqhZ+P^`8*N6k;KK9zwP_<g;-o+SooU{rAq!TBw&%aDwYVwB_{CtiM*c#&K3Q8
zDT1C?P^$vf6`uy5wFGS*v)lT=;0~nUsc!B|MPwXE<sccoU!UB0oQlo|p!GTqXU;su
zW|NQ$_h*yXS9;qm{^`cRP9alK$=^EmnR9`pg8ITp#JgXq3rV&#rg@nT^%%TQQ2Tkp
zp$eAj5euW)TD?t9#6%@V`tP7+KwzO%1QZiL=S(r-JtZVP)@}zW8~Jr0@T7|~H2Wh6
zKI{=Z7$@#uH=Fcmws=rsu2>0X0M+kJ@daF+L~mbau}tsQ(OSjiM?&j-H<w*NP1kzA
zexL$lUlj44ja${eV~E?2cfnC4c}-1tqRSx(O?i17=u!pE3vnhq6vI!Q%K00R7uTJg
zVYNbKZ(0Ry+5k%`>QAor{>6j(HL+pdB!4MCxPe-3Vb*<#v*m?<FfIb^>?F}dI|9bT
zeK6I$-_letkq<K{Qa90Db?@avqAnV#czyN10Q^91=;7{V<Iys<g-2?}$!5u9s?^AB
z6ED=tm03wz<P3IF^yaP6ZWF!LGIR_)LtkwXy%4h2Z_B4mU4J{_ig5X0h;V;N+AxDL
zP{VzfeG7j-Y5R{TV!~Ov%d%EWKsI%f*Rhe6vtHl`V>U2m7F<m#xT17peWyj6wEZt<
z)9?JnGjxfKvUTm*d538;6-Qev@i$|b0=}F4DEa&K-pc1>fPLDY2&}q-FdadAqGp*2
zVi>IJ@G5+M=a&@6{(9v^OC^8G1_zbwf8a<b0lo&bp-X+aAjkgE0tt>hmbO-0Xnrcw
zT--+&2a*(OfM3k)Ul1ofHN>#<vcaex+d4GN0{`*m-fQHLnnuhW(Z{yxlPALXun&Cf
z7zTNC;f3q6;+j3>7mArkpiQoxPSJ)Pi|RmLOq~y&72?gqo0li;LpJ?81~~VCB3FwF
z#A<$4^xrYtAf-}2d-ITf?nHS)3|z=wm|c8ST?~mtvPj7tDf}5OG!x8HwSV6vkl0<W
z>}Q!=8BNGEc<UGr0Ds1&!j1Gf#j>f9RJujXmv{I{)eoApdVtB+kL5v`(5mKS{_U+{
zYEh?dHv$}3`SW2*2~`?gxbaKUKauc$P$V2|b2J<bpeKxkUR+~<nTH*wtu>E|<eRWa
zR1ldAdSXR-j5Klk7l=_GnM*i2IZNiuuK?XZo-(sCS>|86Bq#&jTy=9bx^uYcP6H@A
zt6&=sJ8_VAHf^v<+2i{X9qR(C`&z+oBq(=_PKL#um~ee##B2E*N3XA~K4p=RWOzm8
zy~!y3`RM<=3^7=eFBe5*R#H&r@=P{fJp|qrL?&EF=<)oAM82VzBs(f}u}S@ZBN?0E
zZc$l3%c8PCPvZhsu2Dk+Yw}~5(<Z(h(w@B`5%#eC>r4&Hg_dNHLwrbdL1hRSs#zP<
zjzUiY&@jo6U#=D8-+N$Dn^b5b>BJb9An%>weg+{8M0r?WLo9~MDE!bbIk;*h&6K!n
z?e#A$$nFcmuTP8E2UnvfhMH;Fwms=Fuy>~q>_Ne1{<Xjs;M;{%MSCD43uoXP-&w5K
zW9=1nP6#(ueEc;LWiY=f@^9`F!z9UaQSgQ)1xYNihU3k^&o`29+b$=TD$;5Pt<md-
z=K^5TP!VYV+K`B!`)JY`2WZ(y!V{*MC(}7Z;at@-f4K}c?V>S-nOjiV1XQY@r{Vue
zw$Rb=2B8nY$0FtShhGko6{3##2ku02<P||+Xi(8b!z=$!D2ndF1)@a36+#K7Aj~Y}
ztMPZE%XoAENxunV#G0V^kp|P)LvsVZL!^T1)djeOqy0(>t96aM{Xm6_vG*{>-XU~k
zFPerg#{}i!nP_;V-2daFP*YpD(dWH3BTh6r(aO&u!Q*sCj1QtP;&Zx^P$e_BrKPwH
zR#^Xd_AKJ82$aF9c=&i>$h)u(ZsoBuru~vTK)K?VFM(%R@G_Z0=mT{B!|oV2{IH*8
z_+cP+UsDWEegXY2ORQ|pcQ<W>-&8OhJjAHQDj3R3!(SO>Nl%m2i{*UP*Z+jB!mE8T
zg);uh$UxNK`F8g!r;q$1kPJ4vQ=t>m*M;nF=hg!jijS3IG$<*EXbDL4$E%0JLp9sS
zgJ|KJ$)Y54mZV9fzeN{A`5#({-Nu4`mW>7dC3>(h`Y@g*N~q0$BmByG6f&A$J~uSK
z-qmZ=J)|xrnTF0!;N-NJ!mu_yqDY|F@g?q_H2`LrrIGgK@07M(ET(y1B-x7;Orx;`
zaBV7zXCjzyZadCGHOEInHY9;Yu6srieD-euU3j?5yzgk%TqI?{%5=@-6qob&^j$lx
z1et@<1Ba~^yzuW(DaRLXpGcvQM%-of`<cI@)m&!q<3^N(k~Kk%zv?~lB>&()uotyH
zi?ilkg3S_-f(dNX()m_=2L4+oOxdci9K)=%%z^KRV>SZXOd-C(!nUS|`M}8K_#^w0
z$K9>&qC?$^VlgW4(!<QvASy3Aq;6hhd{@hUWP!h@qoE1iF7HR-6et{bVlxF<WnIvO
zJ>F?djH{9I!VW7f_Pb)}qsdTR>K@7sAr$4ztzYS8y%kh3@V8IUC&mgvxLml&3i^S8
z23ZWY>yX_<<ymHlK;<5V{oN5QR`g$t{3E?)0X3Xq2?f%T5y#jQqH~_%OuT!-^z1fD
z&T2;W6(vzWV}Ybsk0;GVhDW6i9ESGWxmmE=o*kNFm4o>Y97IpV*X5T<Aw6>exq#W`
zybQuigAgCuUonqmvp!IP*DI*N>s5VO)T{8|owX3QBF_)4vH41^{043wTPwVQ6m#!?
z$Z6Q5h8@nJfdx^6`0|P0s=t>@<Zp#tmVV(n^1QCsABSzIN`{y1@YhoWWAJiK^gL4V
zS#|sxamBF&01ZMf|KwRHb4}idpk7$G>)#0+P(!?gcTEXcx8W0xk-*)*VnJ;~y`cUJ
z6QQ2V!0)nU03?v&?E{PF%B{F-Y@zy?U`p9_o0FBUz9G-7?}vypZ&Gh$Ro6teNyZI9
z(H9|a8i0;CALb}|JzuSQM~GvAA8<LoOxonjJKmR$T2MHnSN0%nj}v<GV=8Mx;1PQM
z9ufyT?N-A3OFC*@+m$~t#UsZ^MKOA1QQ`z_2Yp+==_1bf*O~z3R81^QPRTh$+VvzM
z<o`sED1*cCFgd?3iAsFVlt7AvN0UR+#i%TcQ0D%qJtew^E+zreFyOzLa$<Lz$lql)
zk$<U}42-^caU+{bI4^}A%1$K8;QqE@#>ddDbQ8#IJ#uHeX_$Y|ubp}+kZk}a7Ws2O
z)nxL=J+>G=?TN^5D!RGPY!f@YieVW_g1D=6XrKRwUCyf(kRaiK{EJ;}hg1L_(TzEr
z!`I3{%OB4Os@Su?#Qb>a48G<s37<EJ<@FP6lA~dXsmsV(uc|}+od)7+hL1K;{0Q|4
zQi@fMh8b6E>JO3wl#HMiMTkT{-EYZE%dD%!W)e0r^nU?_bj2{*#Lp(WaLlBIK-$i)
zmrb9{)z~<}mkNNITZD)Fk<C?psFJYBqyVkk<3aJFM}4)Fc6x4lS8;kz?50}f+kjsy
zd({d`j_z1pJ(&5vk^Bv0;k*NzG4O9jpSLc5izD!;ARZigfAdOoh5k+V$$95M_XJ0k
z#3TX?3iuz%iS&H({ayCtOB3SC@f{flG;|-SZu9jXaV_?j_CeLjXIA((`;M^*M_*YB
z_x;Jub-$TH-AQ4xi~j6gtJ%;=Fj_&81=#DEeiKK}nu`k!o-k8Hl!TY_V`rH?E<oo3
zMW(^bE@_?N=0&^Zx%y?qt!;AInMIeLr%{I_^Q3vLpJ2C6K=)6L(T;L}`rDBhAZ+<C
zQfG2&+~iV{7+_*HxaY}5HlMLPn0=fEUwvY@5KdTPYw_)bJ4^Us$z47+-yqtdBYI+I
zkG$wsQgiS_1Z4t1vhbh{mt?ahI%}$(=ie|@eXlB>-^^1L)#dVV<Tt}2-kR}cLr}_{
zG(!4Hz;&?nQ;U`OFcc=cZ~{C&fT=i|X(B!hLt~x@hac)Z9!h%XBu8%<bt`!A?42!R
z!|&V!;amfSiSe)UjjULRgG5L?8!6tYrkvSEa1y(5BT9nn!c?FLO=nX<SsRYWWpa?h
zVZQLG2<wSO6WROvTg$-IRhFImYZ3Ex<-`ZagovsmEulUvz`e|3-}!pvg#EtiH!RMZ
z*4@eD>q4R3d~qL%Waqm#tX1vK?+ca<!bc8&#)rECp3XP1L&$~nXNyD%ILDW|vbH}0
zArttku6%zBXG;b}doJ6+ek`)V6rB<TA3U{dhz|RO+(0tbZ=HjE_S6k3BsJ3CYET)N
z|J(-vbz%6kEbO}sXB@bIE_9^^gV;8r6kZ7uPKxi?_?*U$Z7~tCZsIVAF((^~S{+T#
z$~aUW+A*Xfac>X`ojsu^hnlvB*$Cx*v4J^-{@I=4!K?ZA|1DUU5hh$FYe#NYK@Th5
zqA-tQ_*C(n$eM&W^^G;Q^wjEt3J`7V8G$<g4>f-g<K$^m00M#nnh?r<dy4p~pYf$`
zJtPmJaIMJMZX`UeT{%4~U-vYNVS3sF&Bv9=7bi5+3Z9%Uu^3tus+f(Aa`Zkr`Kj}R
zR?kKFw!m#OT5GZ{;tVWt-X({23w^@;JF+biVD9eh2Yv4r4J<yTRFa-nynpOk_@bu{
z>Hqk6>lIQv)Q=PwJedZMsxuw}WuWkVmI6ajS~v6MLjpt)tHh^Z{OJGxDwuC4*Eu<}
zH#_+;MXbrrJ3dT%0r^CTzso4W_q!=5;XE%RaRa^YtVk13Z42@1dz|;K>jn>YFyPYL
zzgV7_LH__D3jW$=_W%(I4t0KUwVCno2;l<Em&z4bW;Yw-_5(Bf)+)9`KcR0o?vWqr
z17Pw%O*kq4I8`;6ZnL3<DKs$rHiNXE`r}Ll;XcuXk~ZbiI+F>ZR-nTz!t;OlH)O4I
zIV+c<Fej%3BV)2|V#@ZiWe^h*Xl|R05h%Kxt!X>!hY~iqg!to<H{<9Df*93bXWUW5
zF6wz4z&t$%eq~@iLok8sWr#mRSOe&>Iw`OmnU5~06U>M2_Od!tIO98&Kcc2=54+JG
zMl|GJ`=&SFE5-%{?z}G~Q~H{X#hq04S~%UKzxN2`{KJObd=pn1s2mQqdOkvCEJ)?B
zm1?IgxsK$ah61oJ5OmmZ7x3J)|B~N+*~pio(8LEKe+$?!*+w+L7puhjL;@Go;m)m)
za-hC10H=YHD{M;-JbY{^4yhaOnM&VR#+pjtXV-g$*`Lx4QCgb#Ol3fT)irX^tB4Jc
zz1-6zX!27&Sjff?Z=7MNiS{2Y(k5F<fgi|ML^>M_mmC7k&DDa0w~|BHcQq5CkCp`^
zg!m00K>7X;B-G7VsL*6ss{Exv2r!5+btX#rpsyy1-k_A%9);Va*i%&ATo30F(L<sT
zq|Ulw-PNqOvFO_igA8*T$5M+vNke5jx*A{lvEz?C%zd7{2Oq-HX|a4gQ6lJp@0`LI
z`*denng4v<S4C5tl;#GG=#UgA!!d>eH~YQl`7mwhbw_Uml@U;nkRwaTGBf|p$OuF;
zV{&wGV$PX6ZSZwS5QSB$wQf_KXUd2hgjMb*)tW)2-R^lw@D^~_31drzxI|hwcv=L^
zyIm_^<T{Q^^xKRE^bz&`zHZ(0LH%uo#)j!jL9<c@fRbL)f=T>MNyro%l8H5A@<_5s
zu~w!7vs9Cr%4y(P><FX+r&Mss|4)d3R5#Bt8r3!_u2lEWLiFF#h%nz1d`iW>=jfA!
zd6i^|eQ&bsSbR8Om}%=^Uw(V@8l7;&UNBX6$o$H3ba(n47w<*!5#p=eA>tLtzXh_&
zSge&$AA_~Hw-9|AMR-=7((q>R@Cv+`4H~mq^YkIr>?HkohnICouA%>J*Ls0yJ4Iwx
zwB;lq+D4Q%FJ7~P=(yxNi9*vhnW2)%pj;6ei>J)p6k*0ufo{GT$36?)fIJew9g?@F
zoZ-1^-84sCyQh-+YKI6o<d!at)(pg@VCnyba8yI#0pA113Tb?b-gd&w`Kw{57T~V8
zZ?)t0O`UeBr2f;#LAqvyyM{~ifdDxk>>+Y|8LQo%FX|xt%X}GZNhfoXfZ@@x{sZs;
zW$%xX_%;3ol4`g{8QiEw;0rWs)S)k|nlz&)e|meJW;IYlVB+vNt666(gljUbJm1;M
z3}!{k&2EPq*o3LST!_e8kIBK~-XsXBpoE-izrvtNHeeS)UzU{4!aW@1x*`DO!9jnp
z^WQXh|7B+&ViRT@j7)nVx<%6mT$2ff=7nzmVF`u9CbXFQV9wO$m16<<L<rddm_pPt
zfIHhq`&7+%vc~nOjWCd&zn(8TO<JTEtRFviSUBaV&60KJZ`b~I7in0FI}&8<6-1Ci
zMsrwMm=K1&(Hg1p_85P6T!m2GNC24_Gdd*FB2y;c|I@$mbGqxOk2U0{wG-5{%zS_O
zjH7}gh#D@t)(ngju0J4;M-TjF;VpMk<)+oKC&JX%vUss&h;>Twv-u+4a8?wkV`LD<
z(k%6`h|otEGXRdGeI=Kc9b56ap=M6)lYm=pR^-1eE#V=|;VhGiAdv_%#blca%<y}M
zU<VJ)sC$Pn29mxecllxF)%t;HC#H3B-nANhQ#NG!Mf%;@-GpDY<XIfp@HG0vT!qBA
zL_=crnAIiu1Zx*gy75<1*a!lYeZVbVmzoX}g@AR!F*JfcV03CUQMo^4cFLC*afiMs
zrmz%L+TvtQn`HXK%R<u|*|WVG4H6lvpcH6lP)Rz&Ul!2{-92w8Y%Ewhgfcg5AeaWO
zdh_*^mBDMCk{o5Q5FYl8GDR@{Xeg}<vIX#=Ybto(S+~VJd5=V=RyFo}N_gE`yx5(~
z!M|mKQ8rB<YM3a2N2FC9ZqKn$R5TwoAc1ktzadM9-_dtcCTIR{ru?~=`uI5=H0K&5
z5sx?_&?$}$Wmqe=8^R?M<89sO%R(Ag!f>!BCpC%PH$pi=hi22rAQ_wjpbud{LU`yR
zoh<#jT>X`I?ebKhbf>aHy`wr0I)un|B*fgljQz7fusXVLBlxrG-m@Hm@1#2|$u1w(
zRZ{WC_f%7KS7R7in&;u``jY<2$o794kMc{Lx-=voW;G;1R<?vymz6h~O@;G}ZrFO(
zMt%5!SWvoSJnvNuI79J;IfLdM`(qlg#yeDNAfVqusQTm27FJ7ipn(lb^?cms_uaI&
z0Ih>(aY!d@@^uXJtiaiV`XODp!-W0C59##@PinMHeY4IOPlo*;PO%M)cxzEU_7vv~
zI(LMx#dD#GUnaaM2}X9d%g&Mh01PZ2G<STjd|;Qb><eX10d|qvy*FyX^p%cvV)C=j
z&2c0>Clrg0Do36Dk(vWzjf84-v)gB{nIVNs=rzS-k5bo@82bTbAYR?d?zxiA>U1TA
z<)3P^Ca%hyJp0$KO6>J=osFQ0^-;*uYqQNjWJ=FSM|%?6(YE|?n0OzG=?P30%YJZG
z!frv61^}^THZ-GDjyVW|{Y>95c;$a8Lmbc51lASQ1wiKWQR^>`wv>D5{ln2R<sy_$
zOWzhF`KR%9wCK%yribo9{4=Fr`91%5ay=np{%2}6anmgf%&oop)uyyfyUI$cnK5K=
z#a|jlJinR-vXMozk_bwY#Pl?qK%<K1E4yq(kue98MgALDyrk%aQpNrBB(%w6k}k~)
zt+=p<TroxIu$4vM7COG!MhgYW2M*qnVG0d70?c*fa#ZNI1xI_Xe$`+&`*LZsdd0u*
z&=Vm&{|9DMd+rR}0IpQm3E@txWA2hT8h0=UIQcW7Vr!JX$<bk7O*lB+roO5+<7j(v
zZZ33lIFe`S)r|S7aCmu#TljUVaK?Yt(Nq%*RrS?UVHC22yY(*1Yy>HnS@0gd3>LoS
z8F;HC-j*v|@=lt7z4IYW?`oW4eE5_@b*cO``Kbzb_L-eQ|0pHywYrrny%NVmzjb}A
z#U-ew(>b_Z1qr(JrFpMdnPI_ojdsyx@X4(I&SXtH2iTT^j+v9Bai9-65$l>}mYW;O
z^qTf8$Sgy@z$}B*`a-8;i{1GU`R-Rf4lotD+>mL>==7X?b@ksXsc&P_-p{*E_B88I
zb#$H+4y(OZD>Hb;{8i;zL3`<ucw@L(pKhB7ZZu?SU40*aM9f#q1fMx4f0yeV*RnQ~
zg2#$G-#(>AGs|d6ag!`rj*o_W<h;I*(}@>y_OwgT#A#+w!pS|?Uhb0+Yp1xc1$ZwG
zy6aX^AIIsnkZcgo2@Sy(BkzwVW=r-Fd5Z2=S`HfEh*G*;Oth>_t&cqbX1LYM_f9kT
z!{fye6Q}3*2*O|4lV6p}-?hqLPWMR)uWDOMtQyuE_`-g*5PM#ODIt#JI2{hvQKQA7
zoKyz5o$&p3eZo)Qpx)E%%Yfic0QlSCQi>MS_*#31Nphi*snwnJD)S+!YWBm|2gwxc
zJmLk-oOz>k4lMCQkICg#AS)-jT-g@qZ-PQ~3BajRJ1rnE7JQ*(Gv(Vfj??D8A&8+{
zmc<l%dkY?^_G(kUef%Y_9aCdlc%n(__c+^8iSZfSC|;lIF~@#L^CjcP8_*5_x@Qsh
z1htKqZB}jb%D2nG$~ytu^&G`q+=6nE6K~79^!Ay;-u|{V#$RTdOlJ!eU3$`osAjG+
z6RX8~`pnfURs`uEPw;8j?ig)PTs2l%2kf_UWk#k=xS|G7eATJW7(4tx3?f=GW#ajc
z3nS(@oWg0@aH^b{@x_}CkOF6OB=9gyUWE=JwUQK?iTNbXh}N$g%FAd*NI6yo9V&{d
z(BAX*<xb00V|hYtZasz!a*@8(bj&nItLhL*2lP;Z17yjgUMNvi>^v6F;(TkgxJKfr
zOU$ka$l`)PzgfC8l8&M~_z<<nM>%->R*lOf(-*}weer!BA-xB{o)*-)LbO*~i>ztf
z7_KfsXLjkA=JL{<1%?30{;}a;G{|-=BKxnSG@7B*iGNt4O`EO76tS0(vim>a*9zYR
zupMuR-gQnAqwbOk`W6<aPeNjA4(YQ03a>>?P*WQc9Vd4qbm{BmE&au`GWN}SVfO)U
z#QHHGyG1chQ3DtgWbfgCqv*q6l9}~vVjb7Tvw}{AN77|9$e<R4|0bwdEO>LAw7f6m
zrSp(4!p^2ZDNR!@pP*QEIyzdap-73ju&}^eSg)l?Rgr&xXTwa@G4ti8Q~y(H8H{x8
zjoFi$J%_PC(5Zl9MxO@G?YIX6$%5^3Q{CeDMaDkMf-TSyr*J{_%)E)dP8HEXjc5jv
zK8{H?q3yA?7`23b2O@T(_TV9-tp?6%SN!4N5mjl_8;7%vE}b)y7EZIwPgS?9K)_zU
z1{<=g!Gn1g;vHyN=S1Gn&NCJI>fwn25x0BaR}=x$sqV*k>olU4dvv$UZaDrG7iJEU
z2wSn7Cm@mJM;=_dbdtFdoi_=bNLrRm!iodbdY29qG3bDKv#Q$)|A0Ta8f<ZToQWuQ
z%kt`nX#7=7prT&kAHub}dJp?X4)oIouzixXP3XjJ@dU#;Jr&$`Aj_?`#_-_pWmaMS
zp!WHc)6(g@Ll|#OG!{dV;yZft>Rx>tYMt*P5ccb5ItR1RMT9NsA*3Od3S>H#!}nw-
zin82NZ*;s|cb@JGL&olSJp#5fHcg);5s~)zs&1pnoDdP8vl2-#x>rQ$#trwC+S6Ku
zVCHJ|yQf2yx&vcj%>~r`Io0Rw0Bw@Xi?$JoG>c7L6ro9hVwSzYR#Y#aLuf(Jxhgn-
zZlVmMn=6Vtzfig&%?AZ<sz2XxF@--Ifv+Qb`QRdY6@$drS}~3Ovw|lv{!D7L4dbWI
zn0(ZCc!OF!kIjs<kTCKW`M8I+n<4cuJoDHUC>GT+^iQ|lThuEq7ryWb$(d!fgd8N*
zEsbzcR;Dy_fvzO&vt=XJJYL6!j9yUy=wi}rnk&b`A}(@OnZtC&r+&tD0V|GDG=CKh
z8R|V5zm2rq*G+m?G-V&fhFkn(PATxK4;B32)9`2RxGejiS?B3DrGdmVO>2EWuk-H7
z%ZWZ0bh+KCn5YS+mt>lB;8u4(<%-MBzVM;Zw?B*s+qul<a#RpF?YfD|?HT}~Om^0e
zJ7mJf5JW;n89G_N25tgj!}=#OuYh@U%_kj)^oXAWzTFmvQ*&|&PkA+J?;5{E1!7aH
zcD_I&(LaWl*DNd`(k~Y1MX<!kEZGO7J?zs*V2Xs1Y=s{Wbu6WRY}C~PZS7l(_6Ve>
z0*e&k=lXLF8MxsMF50{w_~M+Aj|>?PMDR#zeJaadA@bO-@)-5e;O`(%v0a4?o3|v*
zwXghsT+)QSu+iW<R<6(%c#}+R@H=Vgu>~HfSe|nD(mP13d7lQfWg<|IiMKd)s6!8k
z2xBl{x!Ur}Ch7~|VLdWtWR28gPcYU<BkD8%6)|$@s_6iqmZK!~7DP9pj`VT|XnncY
z`8;%SIwvolV04US`xV?O0Q;eWnIBHWwGajTYimk~-(6(vr)G(HUg@;S-6av0*vQtk
z?;r7qbUApNL8eYUy#tfHMD|-0mr#6{sbsV7H0j8_sia04$;dP+rLgvXx>}`H|LN{Y
zy+&8h9C}TUBXi8YrLJM3mck}1(4e0_;*V|j9i~zV4Na4PO?Da)qS!}i6f}B>V;5B6
z;pATs=1l+<MmX@qE+pF}Ci-qBCOSVGDHaU_J|_13hivQbD^1&W_C++_XfhpkR@*Mu
z8&w~_w+Ef_vEVocyr|ZZZ*^XjV0Cp$hBU3qwc0ZtA;yY|geg*4C;`|)TrUJ#-^T4P
ztKH$bhwa6~D`q3v0*ttDQl6I>UY}2T&54V<uD7bGbBU4H58l(f4rtg1x0>~thC*_w
zi*inPFHG3ww(E1GwRv=ojTv>K^az5O74IGr;Og^9zfi3d;%rwCP;J<7<U$0b=Y*`C
z$DhOvARLlfbiTtM%>W<arI6Vk(}n549gOJn+$vd6PhtePMqT{vP~x%gJk(za)xakh
zDw3b;Yo?SqTQlc*g2_>DdJTy066Q2iCp{GW;da56iLbGXM4REwKw=T-Wn_w#@(hrn
zHCQ=N$RowyE^y+Cb-MquaL)D7CF9LKniD+>S9y&IQ&Cl*L<)?oEEe?(*h{qzfy!t`
zgA@mT!th<qY|%)%1-w^e+<LdzuA~a^{t5>|tc(W<*T#?>Bu~Rc*qQCcb3iZU>@975
z6QcVnGK2kTdhL5GUTzHs$ygwKR@WqAli!Xn1j?d~q+3YU+fZ;7NXH`kHB==9Me^mF
zo%fr!sUQe4-)c`&Opgaou;2-(PsbZAZGdA=xJoDw`Kt^Xxo^^SMx0^QZjXB`aGyU1
z7gfx{E#+!sek*+=g(E!6%F)3L+4UcOrL&|^18mCq(H11cj5DsfOm*JPOm*f#A2z9?
z`<zc2M7=`xGq|mp5AJTc)@bmvGPC4hc#$$LLX#3RkFV@qQG$diPwfm9sVU3PJpk#O
zj*;~XmC;$rmpAWy6vdP2?-S~_(B&&@QLm<+lUpYEkjVF2O6@UXief*w5;;}8l5I8w
zW;PIi)xTfBIQk3bdc%%HoWL5%whQh~?hmR3aEQY;Jyec;Y4Q|q<=a9>GUeX*@W@w3
z`rU<EZ8R;03?Yt!fromQy4ahe5R`Fx>!O}qWP`5T7Pg%VR?f<yV!`C9)F56wKk>g-
zj{ftZ53QB1#0Vl7`=$LWV6=u~pVb8_p`X+xz{XrEIbfVp8))Aeqe>LZ9=>g%>?3Tu
z`yE-jZZdQxWL0m*EsdhZ8Tgr~#{WmkKy=nu*y{J1f#;J|2k*oKay!f#sWd<uY2_xk
z#d<<DAIda|mNB}BOlcA_y;N?XF>0DtZg0OqfE<?T62^{?q_>%%xuVAkNpF6*T`Z=G
z5ca%)vnvFL>qTtQJ<r%v=CH3iY=lGy24lGSz#-_<*AG1liT2V@SAo>VgI7*cnv;WR
z1-L0v`Uis3!QT|JKI$tCFN6ar@Z_J;71{f)8l$$ttMj@EQ}(@5XC2zj?(;be*a#gh
zmOGpRk+e8DLAS^}IOVz7rsl44t`<5rlv)e^qua4$o}hiTr&->UJ*)Fee8J{aFmD?Q
zMygDg_~sXjG2ewnTBFm=V3BZ9hR?ClPh9g0(c*OWh%Lt#kf!*5?E}{Kt_7}0O_w`8
zFU-B$FjrqJ7CFPohG`^Y>Erq*y~)j*_ZbT$-z1sjXr#8;^QF-li`C0<eo3Vs2Hj$0
zLr-^+o5jN_owJ54`=VH~5|*%rNLR&W4sbe8nh+Sv!(v!&T#m=}qJ2G%UvRSbMrATG
zPxFK;Hd~mfy?i8X^9HysPO-%5RbQJtbZw>_ag1|8!<n?JR(Icet1FcTGGH0WtQ+9D
zOXMkMTsB@cnk_^W#7Ra-Fxl1hr*d7>vB)*fHE!Y=XE{}lT?sajpIijJY$I?cH(Y0e
zm+``IIIllTB9=c{&_<hOX|79ScovQKwWP+ZD84>E7u#srRsq>FF_d{6xP;x@;CdQ1
z-?xM=(?6`Z5Xoj$pif5kPtV&LF(s(sw=0GxBW}w`4cKs_U53l?kvKIIc4zh+A{kA>
zn12X;E~{eE6tXb?Q(UC9`$+9r#646frz~h&JiB-p>k6;o)ze)$d{<y}?|b#cl2<i4
z>vDN^M_p0nl?)Kvc3xGpmwyRI;i}~yf_h8rMc3JX+8pRXYq5Q96S^WuXPEE$Bt+|h
zdOu(gV8n`R&nI6d@Vht@TD4qDoWf0)v21#W3XPq~90%^1H_0=kg9uq`N|={4!_!^<
z9Dxvyf(}#DgE2F>I*8S)>Mfl0`bEa7NDC7VjrHrai#CR+wR;M(%|_z6Avh%o{)-oy
zcg8z5<O@*y;UU;2YaJ1rZe$&?9D2^&5Vo-9Td{2@J($=cV8uiR*;~`3#zl>)#syu_
zFGt>TGc4P>sb9=sd?Dj0^@{~uc}MRlbeQRcGKqQP-o7j(530Q3TTWx<dWOOkc!F&z
zXAr-Y;%Yqx9a+)2SO>0-xHiJsNA?Q8LRf=^Jw1RWMyx)#_5%-W>>n3>Y(ncBvh~uZ
zH*%9Z_L4W_hPCr*tDmWP4J`M>zs<%pJB8qb3Op$Z?RAyg1Eawhr~F%n7+nUEL8Evk
zh4MQb@T9^GSi2RVw~j21eg_1zv#qEUN>@xmRirPge4GUHUr#WK`E>H@+;4eJPH7?W
zy>&9<0T*%)Am_JtVYDt`NRpf7I!Z=zKNhMu;AtlW6gZ0**yq8M{jpWNJ8Nq4Ceb`j
zzRBzLCZoEP^^s|PWI%S&)x_Vw^VTzz)du>Whng3K+Vd499%?J;RV}Pl3l=uMjz5&+
zk|G?gvuI*hy3vDuhwi1!&sw5ba+Q4aCPHuC7i0<s%#-DCU^>hN(=pSr<c1qL4^7X)
zie!=1fegxTQL7i9e#&Lx#VOCjMJX#z#42B>i^M4_-nAP2Id!fW@GL{cJ)zLz|5Y<Z
z1gex1U#=_i`Btl}SPIj&c1CEDdnG?lrTaDhbPP$1^O>1HD%ymn_nC&|L1p5#O1P65
zxu|y@$k}t}tMBGVU{Nm=sv3edXBEjBy2~yPHT!%wey~5*6uo|YL6Mf#OJ6ItF50W?
z_))~nu(-yDYwfA=Pni+#xrzGkZ%;%T2U2>%qog@Plb;Be&!6G_nGi_|S1p8U(RsvF
zQ_*-#r^mMs8(e16E$GbhCj$4OAMmHwL*e%|=rRdAoJsa-kr4Rdu-$a|z_WWynsdmM
zV%;&@(Z`hv^`v>k+<i1QWHW*YAnySYpvDl)yHwN4p&HTK!8GBk7EGIMQQ>J^uP(9s
z)%7b(V|X=lcf0?Mky0GApO=fqjAE?2EF>Q*87Z2gziNWltHMp>uRF@-Aw~Wf|KslC
zaAr56vW=<3J87{xx#wOKi3a3q1WkgV-5VWE>xo)z$rP%4UG(Sd^K&sqHgiCZq+IME
zEMI#DS0aSDnqJh^D0YO+!i+QiE5=oco+Z(zY)a=?PtUeB57%K0U(KG@UlX%5)2>{n
zjAXQxM#C&TXxnP)b1&Kj`6zE_iAi5WUQg-m4KMmb4eBy^RP3AYjrn<UzL=jXHLG3r
zyUQVw`TK+7f$59;zYDp~;o5<E5_I)aA!r8Pgy68&$vIXzXoEH!aiyf7&}x?ka|e<z
zQ@p3z0{rq(W@rY{rkjKa91wBMHC0fBdY0Cv*_}BB6AKu!9h9u$_xdEtr~z1hfoW52
zX(~OCq1&jZGX!pdp~!o^Ke3}uxNNBh57=sc_YKN7>2h)tFP%ipJ^=+-W-iNnd|$0P
zXihc+D(bYy&!Lc~Z#5hYRAO09tEq18e`nL=WSZUu7FNBEe?(*v^ELijR!tdHF8fK9
zEyK+jjn!k#+Pl{H@Xh9K{kbmV>Y`e2msX`VAjml9!FPr7^-mrF^2zzH>Nne)0D01i
zjMrzKl3vFdV2kC;@F)-_a8HS0G?uTAn>+GVLLX$%zt4#_QlY2~?~0y}m5f?pun%+;
z9ezP4UPtX*>jY!UXWd{>rIGffuBJc%K>>p*zMM2KWwR--zzU1q%ze`s^J&6RXNL(G
ztku;|IYHvzVsyxAhrfOWK%$K1NN4z#3iSxQz3wU;wvHS28XA50-DoXbhwW&@(#zY&
zL{!J8=6BZF`7AJQdUR<L=__oAs)--eesknwJrN|k2Dh^(tlcESGGER&)*ZROmg1Zp
z&4_Y5xi6Mci<_(Ri&808I=3hgGMLv6G$q#tGvgx(q$v1RMiL2R5x7+b2PtGQkQQVR
z-j6`tbo^=GC+~~4lap@?Ax-$_Ri8N+B*pe1Pl{K_THq7eAi;uxdkZ`>DLCEw>P4C=
z7+imKR@=+#Pi^S;HDrJHy&{7HTjf&{`ASVF>9y|wzh7&kl@|0NTlGx36b`6g*C|IH
ztchM*e*iRUXL_CLw-?fYE`gRIV5#XO+!W2pMxaGk2NRLzK8vr>wEp_~RxN12M=GE6
zPN7v_A;k<;oL;-{p(*@!TpKb4ukXR!L^6kr<V-gMhL5{)QmrzmU(kNULG|O|41>A|
zP@WU}LXXg}M(Qzf3uj$%L&`_E^xo4Bs=Xt<Th4@t5)S?O3u^(kGvO*5Se<WV$-{Me
zfQWZ8DS>_HH0g!-v(f8~irf<*ph0)T^jloG`mQQeM@eeBR$guInQ4JXLAm>z{=yIY
zA>7NUY5VKd{odcW&xVZ`F=v_nhR|W-<fj!m^&hr^>EoQR4wJfP(h0+1LUii%77v6K
zg4<2JvAhMxFyQWH<BJup0fZ@9?<5*&0fbcD5CMeKP?3uA-p^4g{noQoEkWJYk1)E#
zwwfh6xZlw{Jq7Lnr5!YZuqDW~FSIlr&w@BpA{ngeJk~7pyxJ@uRdN=pHCC4)KTj<z
zqOof^RykD(eIL73pyl9V%)B{}KCA6TKkW`II2kD)A9<7a9-!|D2g+TwB46kAGuOb)
zR()xtFzX#Qb{gSzF85B}Ssz+|IPc1K9vPeF#&xArBB=e&JBx}VY@I*9$L~6CSzGUN
z-5rLJ4OUaq#^xHL?`r9Lqre1%Pp22FssOp}XUeP0-56Q2=E6@@C!--6xLsT)ft%W^
z2s0(mp+fK;mr~w+fc@f+_1&^DvWq!KvN_Zz1PvWS0_mkMWgOVS&6+Ccp)EFlvfd_t
z6lI&;ijcBOb7vL09DomxCLz0ois@uaO$b6R1}8F=aKeSklF^@Q@I@ixDI7o!=Nc+%
z@|n{%kCW%bRuTP*Rk0&%9CD9H;WoQY0Ihxa-0k?o2zGo60zej+%_&co9yC?&FQ30+
zu#xxWL7rK6s?5G<J-I9-7aqUFvOWE*BtEr<B5}$m5#AB#W8XzwYMc3}B4Stqq38cv
z-~s#R>^ZlzB1vgjiYW_ri$aEb3kAm1_UYYg=sMC>YlwnjPEj;<g~^sXkRc0o%f*9D
zcfLZIsMv#h8Ngb;UY-VPr1krA5527D^K*v%9huR!eMMRKj(*cLrt<j9=R4@sCB~xL
z0~yv($Db${7wtd_%r~)2(Zmb5UaD@4R!_tVi>~uv5osk8>kj{|k0aK0Bp+P&a;c~|
z4!3!s-AoT==?elQj*r7yK79OyWrTbwA`v9bnwQ%7F(2UH$4xyAJ<hhU56Xr>bP#1~
zP`G^6;?Q=}uXOUbmt~D*SF8z&y>|9fE+kD-=`?)M|6&+Ymrm;}npO;BM1ZRN@xh?<
zmf(XxvylMl3@D)5oJ2`zjvOM&69dX5O68BeXAF5~m6Lz(Soiq>(@cE>Za>9LbK3G-
z8SdPJyBzqzwI|yj_qpmftzpfP7&iQd;MSZ}&xvQqp3FCWUQ-dA@}<;2IfO!6-_%kb
zp_9tLocyjD25r_24D*Pmjr>z}%@xSjDpVugamU41K+u1yCO=faOhA!q`*@f)ud(^~
zEO&XIkdGod#@s?mnyo%^-BU6I^)nAPlTwEJ3KIrEccmNKYNCi`r#WGbA14b7?9g|!
z?>As4Wj#DIYdnhg6py^%l_MbUh({lx%CN1X*2W+64fB$arl~NTJ+#zkWfOO*1m6($
zA&Bi|wMec;F|cxA7s_|J4+$!!`}B0*aF{kQY^REfDgJYreE*CvRl{IV$1Vupi1!!C
zHa`)dnk2Zii<7Vc#29`;V!xY1d=iOd9=x@Ge7L_WYexBO!MR4vnS?WS-tF~{DSD`R
zK;OK0#a{_6zdtySE@r1`{ZTGO>g$AjoNgdA+1)Ba%tXzTZAf_1RJlDkPi#sAM5QGg
zy=Tu0ZA-1fd|I$JA~MvXV$3WO`=-Pjel8mzS{;Iz{%-!JXEmJ+yJs~5?yN(8SaO!^
zO()=D9&&0Lh@4ngO<|>rfslSUfm9C;hU`?$PH2%aDYMMim02@BEI_WY%xghXG)_c`
zK@eNB1iiqD^bs}|y!qOfQAoC=`4-(~Rd}4E_ZX1-z>ytRhsqatBwVyJ5Q@1P{|gO(
zG7FaGP?d8N=~_IG<WG#Fk)0B3CgN)ZpJau5Z<75^JrQE@{hIz-A|Dp*)l(rpE?wcE
zWFMs7>A4^g8Y?1*m!E>`S<fUF#leGQYfNYM5Qqx~HUFU0BF06)%IJsS-3Jw_ev=f3
zbWdOY`EpNdxYxz`Id52jeASNk6dmA&H6GJK1#Jaq*MYe~uk4D-rm(jtNYGL^C|Vdz
zieZf0q5F_^)sYB+BfpHW52Wd$iT@EnHuE%m`7T{eee=^6B+ZCRUbLZsc|WeCTit@~
zj-sM_+O`3d!p!L7&pj&@jNvVToYoD{!<aV-!y=`3;Dv0zuZv4#4K73yQh}s?i4_Pz
z(w_85iMk|83AX0;#5V0jShkpNf@Xqa9o-|roYNC@bkcC`n1rAY$<%>fozZeP56#Sj
zTZ~|NmdR3s;Wbf8=K*qfV82MCQ8EgN?+zeI@)l-~`^+w8en37qn$$F2H_IEZiy;~1
z$0<d=>x|JzQ8muFW0M*OM8(D_DjZPGfnF3R3-qE%d^z_qpO0~}l5B0>1Hi6^nD}YH
zrCMS1a?1HD0%uff3w`?Lk=t3e)Ch{n>EtN2|4dWb%wySLUiq18v!gCc#pi~S*Fp4}
zcN93`P)Bv=G-fy1ehB8oq!=AUzYL8#lRu#B`s=V}&|zW%K+eElr*U@9>Z9s|{hoy)
zk&&fvQ!F+~!biM~e)EPpehQ>+9D|a}hSi~vxsPFw4GHF$ib<7nKH(sdW2hTV_tr`4
zpmTlrMBf6gaO~Hg+!Rxp%vqE&mn_LmbfcAsoEI!PjX67odOCm)xWWdU^zlG<QhG#u
z^}M-%Ug-kfo<>glHo6Uu#4!bao?Y;2u$;V?^VTe;MW0m$i}y2k{W^P{Atw*pyM6O6
zP0XcW3Nue}{-Ahhnl+mAS}Z$Ap;+1h7kg)8$eJG$JtT!EV*~Rf-l30R&#2B%I<W`B
z5G)Xe$ZmVR3X3DifGLGyseKhL+=QrFT_4Na*aUJYH^bh=iVL@pbuzA+?gMC5_{kNi
zu;)b*Sn~$qrMR=nlyAs5_eQe{u*7IcjVufiah}S$H+BTAijB0`R0gXE;El?-Luv9*
zi=07rCHE*AkZC!9uXJgl-Lpx>v4!xZT#m}W-kJvzaduj<v$N2PTl;-lH^sg_j=#X%
z0jL2lkI`GEZZ%gG3AEU_%mFV;y^H%KNFqNRNx5=iiyUSY8+5=tHG)jO)v7b@x=sIT
zkr#g+5gTt7->1-Cb8v54(KB}@!H_(i@$$BQ_#sUzAeuL&Ml0KoGfGnE^xZRancx9t
z@K#ngY8mPJo!`Mrbn}DC%r`X63Vk3}5;(OQ*+{w+ZybUeC;;z&V%_)?&<9up?VWmv
zy{kqJohO89nnuov4Gi&Xe<nk{Nb0x|WQVk{$<Xc@ezO0eUX5zyJKJm8N7w=njeOr(
zLPn=4Gqw~~m@D(EUX&WUcF_%zS(r|ys}7!2`k1j&Sm-89H@ZAzZXt=Qky{>X0Gz{H
z>`6kSp9i=!pDGCMssRCv9@XPChAUShX~E*q{l6l57lYTxN+Y3ZladvF{`_Gwj#yNb
zYi?qR;CP1>UURuKt!AOJ4aML7k*AX;N1PZsSF_ydNF8e%F7j&jMMYdDQ9$k_@+OJt
zSkN4i&xO8<>TWJpj3`NrD#>}<6`+yC8zRR=lXjaZiTf;fNU8r9w8=EmQ*ct6Um1Kv
zT%NJFoHI%3!loGP+##>Oe#qTC;kiucM=p^qBe<*|nt^R&H+G}QLpQwUQ&8GEow;t6
z##tZ5ZF|?50Ia(@y2ELC5tb@1&0Q`6=E8?Zii*JRgPF6>?K{<S5H!^R@Hjyo950vq
zTv4JwXF7><Mk1u_DN})yet3=-ovptwYq^nmrS#mRIE)%1)=zRc!)kI~lI~u-r7B=-
zVUc_S#m>~L!a*fNqmVce-cSuHaQ>Z|A;{};hZ3Hkn`j|x&@wMLG22FbJ_7yDaQ-ns
zJ>85cacB5NYCrqP1r`{MS!$9bS-wl9AoJY2<u#<nWh7ay8eg*m?bzIyHoT7cAbV#&
zw1DdkjRW2Vn!kiV=h3%ZSiO~hN#A^g&C@g0Yp5z^Ja)|QXK*;^G3#AV3^H5zCTP?a
zsstm9DtpMeSgM&ra&Ui5C0VY|a})kN0%HGmF~2iBZd~C909AlpKjE_nrL7a#IZnR*
zXvKXV@!G<NTg41(4Wmy8Jc;a%q8M(bXx2^P5aPC=CV`-g`i8^=hN#L?4SL8wd7lDk
z%c0LSs8d;2#|1Q$Ro-yBkFK_192{!`Xs93Rg_>F66~k;qowSLn`sLx*=3$>6eBo3-
ztne9$n{uG?0p$A{+P(}ZYq!fbO!-JB(gDJ^5g^>wuo4A?V|hsX5=bB4dV5aP$h$_^
zSJ&+CCy9_x2+DCB3Netrbu(5$Of{}$So$POdTY5xUUzbZ#R<wEQYNe!67}T635l6G
zc@!5w7qL{dmSnI+kw4S)Elx)iyH_G+H&>TLE?xBj`sTXSTAFJBt^^O~=tiiL&mo=~
zI@Ms@GB@G2KMW+XSXif?{|J81$_4sQa<a`cw{W6^HZhj4_QOrB#QN~*6CBLtM`iDu
z=O<&IXlh63*o@4xU<dv+$k>V?@!;O1EJy}+_f;{QsKb)HQ5wwV??}ya5x)=SzIs&r
z81%6KOiB37MoJAeziz2tbE(^A&f?E=<ITf{1h#UnhXgxMA*K&k7D(|$c(v+VEzMNB
z3Ez&d4{_#g7bX)d;9GsFGr*+fg#IBBt~QHJB%X90(;VQZQW13cIj?(sH3j?lhoQN&
z<^pn(%%s5~j!eAZy8tukdIUxso?oOyFheFjaLr;MFDlnV5Qg!1h^s`Eqlos1Ur~*^
z`{N6uAOYBQ9y965HFC2ZKCjnO`9Z3ix*fMH7EF)}PMFlF3yEubsXKU(OJqt{+3K)w
z+0AdG3+8gUwvzd+3bz8}M;E2sM2F-F1;Y%XJB<;j1;LJYCaW7?>L|iDxLK;Q#VH0#
z01JW(+G$OQcw>o-zkKc;!m?OrEzPo?rt*`I(B&8Xot$l<y7W*ki+si?HTda>gd`=J
zictKkhQBE6#fsgmy>a3eIInGjbo9Jxl}zTASNTYogk4r(DK#{n$)cN@n!6u>)xdfm
zR-mnkCv}k_VOg@=_+-uPiJNi@wLAns35m55`|`CP`0FVpGWCLeM0PoRCWd5YO5@p3
zz1?PUc!;oF&=DcxeOt&e);)enQx-66Io}Tbb7y`LVPA=)zzETm_lQBReN%4#Q?A~^
z@Ns&ULVC`ixz1g@rX1fDdQ~*a`3&b1*p@=gKph<PR_9iMQFo8Q&{@KCy~7|-3Qw`<
zZp=e~u=XKA#u!seNUw&VAv^r4IiJEacu^f>Y=zQ(fGzpsIlhTto055w;es~nWKDld
zeYwus$zWuOj*P0f=MX_?Y<3}J&qBVPIDmXzGgMUnNL6ni9L(Q!U23-z8cv}f$<-L+
zF7;7t2u#K);<cX^Q4gg&k?IPtu1VXR?{{=~f3`y%nH%UT*H!;1>%woW@?a61Te#mT
zUI+K$Z8k|ndqR3&9iO)QSQ)CNq&=i(4`!D{|6Pm&>OxIphu$(qf6lI`Z$iXjXw0p-
zfEdx!I`xJvd>JWr`!8YVLf}s;Q%?FdTV=i_6>c7BR0(zx>*AYu$^v+6!N_GbQ6L4D
zQ!?Y#O@vx_55Ka4CQ^2G%y1AMXa11k@9fGfSCJjAgMSVkCWyxqjQ7So3AO!Q_JDl<
z-S3;h`onc%o!Dq<%=N);PBkqKS`n)>%%6qMIpCxs>}C2M=L|X!|J&ro1=PsWL5oL#
zhm@4h+*oRt?;JjDs3;)Pw?e&a9xOUNh!W3L@SKV-tWT1)rqOnqY~Yd~J;RcsQGycq
zgA>tf>`(VphFsd74IjlIw<v24Dw>-on^O3gOBSa2qrnR6uWsCpA1rO5WGSxawqvAo
z;U46W`@U<%$o&QUM2V=Fr~DVbkRW}q#evDa-9x#MH-2}C!3M;-6(~D1HnE?NTo`<s
z*{9kYFHR3$?q^>*o|qFi6vABN4^ZzKoRG^ua`UPI&ks4qir$P*FgsdFLMOw3Ff|T{
z_~1-%qCcz~e$R2J3t<nzAN<;aFnO+xQ%T*luaal6=TD&PB(bTWtLa5Psj9J*&BB`<
z;CkoZQ0=-O0Mc|8++J)ss78O?Mti1(YQ%l015Nr@H}*MO5u-I4rO`JPNw`je`ALfJ
zn?XwRMJhImg_NKE59dG_zgU4wN?)mI&Xp4S212h$Jb^2BP<i%vc9guHgDWH(O_11m
zxWcjKQ?GO#t^no85W~$tp;97BEw{{hT4#aJicCO#+ER)rPk&P;f>=aV%mwEo*SQTM
z%;tj#-Cax*QL2lZ4%9=)=eamS*QA~DIf5j7BA-S|<W1flpdt{~66v|F;gVN8cWcU5
zNDcY*9(j&d`&aFttdT-OJ(-FEA(;u`J#B-W2U7wEpzL+6S-;f{tSZu*q$AxAI06o9
zzVNu>-$n>yg@08yk=9~$cZU@_RP~^h;>Nu6er=UD8T>oi65y89HCgHddL;DA21uJW
zSehCh4%}Pw@{i+*4@;e_wuU_rNZ#?bL@lQrw${eLW*9R=%|u#dZOP?+c6kupuPLSW
zd=w?wWP(bYfuj5{-u&5)%;S6~La9*;uF6ORQJAoz2!BIqcT_3M;@W3vo-BnB%OWpE
z{FXL&Gn)_IbaydLsgX=#6YP$&N!MHxCsZ0a)*4NF73_QmWcyNRJ|A`ujZX1-3o;HW
z;(8}#N{WlOUx5Qa3MGZTc-FrDPhl@kj%^~gy4DHw+f|k80M^DdQdbS78J-W?B%4go
z4D&#nV}H%3Yla?)b&qLhy)Q#QADM!>Qo4fLf-;jY(=w`98UWBcl>aY_mo+QWWy(b^
zcoDg)31>EZGn)_JbaydLSImHKl5I!pv$!Ts=nAUETiz-e!KeS1&!4WoeElRXh=o<?
zcU60D4)P}Mii=^Dz(GNg?#u{jBfN*)<ONh$+kbW}jy=j7u+^#%V^{iD8raR&{rY(4
zSOW%1<pfzbK`b89cA=4BzNE6RR9HvOYNacHgL>&YkP`!Bl7;lfY9mjqM6}GF{4J6y
zsLJTdhpQ?=UE(%AnI-6>N<bAU1u<=5Gofycy=QWARz8@V-koTenLf~+cM}C}bFhFY
zrGNH(j49b<f>N7@F&%6Ed?fl%g|QXqEz=nZOlKr?`i@d?)OLs}4Dw}~Gk}}0D9s91
zlrd+^q~xg|MSwPOD>xf#n$5?Wy1SUB;AUV=$+n}9yk|pA$rctU{aSl#zrn-e1_iFO
zl7<=351m$6czfU|`&Yhs_zPruuaG5ab${xS`OYzm-dWR`BKYXCYFMHE<^9N}q`(u`
zjQ54Ym_ssItLw3B)qhl?l&9I)R>-%8HE1B9)5Wf>Q7NVIY;r)d#RQ!(52iZS{P{Y=
z+Mkv|=I^e@qcZ~tp_B!+4{;R)NtPw73YP^?6_zYd3&G+%_VZ<(g;_N6a<ZYT*?)ZK
zs=JG6%3=m|m25kzES`;ArKf3IEd8#16#M%|+BG-$P=S|;mZzJy-Yw8T94QS?-Y{FJ
zq~@vHW+4rn4oUKW<(?s%<jDYpQW?Y9_V@}_L0YMm`vzWnI3maFd2|d}1*p2Jd4+im
zqCrP#0BROa*YEkj)NCFwb*%aH*ME?*%=$NwNnT@!Qx$ill|Ze%jI*RHf}HsRtb~O7
ztXQTA6Lntuk<ZKOSiFt|Kew@{`Ft#@yNgMJPj)du@X5BL&mh;tPfI>M&$afImeN8;
zsMM~(tWR{eb`o+myrBi(ps)$;LtbrH8}v`gD`Iz0<=iV3e=+@H#k0NC5Pw2Ne|cSl
zX6QzMvO}xwL9Url2jmjo)IgO1Zyc1YN9|nEg^D^JC^@A<K1~cd3{3~VyMuC`&=$NW
zB{+*=vK`Vx|5%$O>i2`%&E9*^E(1*b!~fKl!d_w}-e+y)&yKBh=`^y@xK7LGfmp|y
zPhhvQyk}S9PYxCiYfG`^yMI-4)jfN7RVh1XTd}HvK>leJM{Y%&=3$x^C98@M$YXuZ
zI3ibSUL}d}<0^8K$L2PgHJ^`Wb$2mM#Zg_1g}TUwV}^}u(u8`WTIe7b3OJ$;z-qzE
zAI%g*iRd&L@E`2$^cjr5plo7o*iTz@v4ZZ>v{O=@0ma41)c1FeNq@bu25;(9eiZG>
zh4R)~=AX_A>dh&vyurQny-L0J>(^^S_@9q9C7VnT{ds89vF78V5BL&*m<oeNgWTG^
z{M!-wI&#gCl<2DPOBPl^$f6+OtO$abl{|`spX6~}jmWr-FwN&9Ox;~flX0qxQ5ioM
zUh0}OA>(uj+D^vXr+>ip^;+%VY$+#%oLq<UvjHT2ZB1jfb)m?O+++Rjm0_?Q%vXxG
z3Jj~f6+KrA&!$w;jn)Y*F%8Vp`L7R<kK_NB4we1a^=JRTuHXOHn_J3mcs{O`Y%)Q0
z%qvPuj$8>|il{7@UjZH^DifA3%aGNj9|=(uVUoM~?s6Mmnt#uSm%6){Ccsn|qXK*`
zwv=q>q}(A}{nYHduQxw>KWh4_zP@wW>~^AkXp{q@6uZ4VGvNF0t#mv2tV^K#?W3Im
zV#jQBWkz7Otl<oG0B<=C)IuR7otpaZAfr<Iyy{&Nh!p8-V(%KTJyosQuRFeN!F?eg
z3y5(4aa-;lm4AJIA$Q=lJ3CIJRAALx4iE-2Y3&19Xr|oJJv))4_pD8#R0Oq4&Zous
z*w%a=DJD5`7UUunqGW-e0lp(k8DB0_mhzy8^C&JV?k-xH+qlwvKCaZ=#WW>Bq8LXU
z73X3~$%b!v`N!eGr6*`qsXp!Xlaj7aaOKiEZn`q8=6{gutFS5lj(k}c*d1n`Y*aO7
zsX#VuRrLM7UU=Vyl@kV$%5t}QKto~!ATtH=IBdPI3<<IDUptPhN&p_qT>s8UFa42^
z*QzZAEsPbu29$6YxVIJskTDkwBcRx|y4JL%1Mt@>Bt6s#U~e3DpswTqa*aT)t?9b;
zext$x&42J+D?*PCG@&LBdXnd>l-%d$yV%{{i?!k;yLtQOE93~;f4^Q8JC0RH6}e%@
z|I6DIB=V|{fhZY6A&RC^_u#|AR(!Yb;_kiYSo>xuZAN_$GW<ifn4rq$)!!vY4#P02
zt2$?X2@jUY&sbI@F$>Z-Nb)FJ7E$3=Wj6jcpMQ_Pb$2mMm6644M^xFl@LSiM2^BU1
zyzOd2nba9ApT<9lnXM1tu~L>kdJ7d$!tzCG_rT;s{mwBlG-Q;0aU!&WgaXR5s7lj!
zAPnzH>f&vwT&`v{sEbayPZ#zoyIR<7DRn7VURd?+!YHnkmwj)us17c@8?|U`3?na$
z*MIc?pFREAv8Rrg(V1A<UmQ(EScPJlMJx=`ghf>ZK#Zl&;-ahrKNk@n0b=AfDm9;v
zN_BTJP1I=?Ot+|0?M6lY*??5C#aF-`*a6Z36hof6kMGs3XYO@EVyXUZRRYJ=jwnDq
z4UMmF58(N#>w}b91G^wl7RXv^i~q2|4}W?7$&chR`_IRW=JRU&k|P&!mZf<dFhD7Q
z*`Kkz3YV-%k}^&U0U!mp0NGH@d_Gju-NiHkBB7e_smG+~Y^<hh=7bngEv`+9hWJyI
zhkch@3PiR&a*?37go6%Z2=E5w6B_^?r3Eb)0X)^zb?L$lnp7CWy(8yUAGQ?-hkpxS
zcUht*C-$)Bdw|9(@dX|YdCT_Rf%Rh#RO;(%S%{oV?<c(oecL|lRvW%Uy`q4n@P}<v
zDG(=`=yERb7xGOazq;np==McX>Yx(=NKDl&xD$7WHJ5K9dG+6ewQY*;sKR*)#R&`?
ze?BN5M^mczLMd?ma2wmR)&|DO9e**-QA)`?AHhjBnV@3kAvnjHPY7Bfz)J4>N<Q(f
z*3Dgq$$<Z6mCLjDi(}~qWW@lG!J@JVm^2GY<|o{*mT3Zb47ZN6(VF>uw5Gd@X*!NX
zYfjN|G=_3a$B_k=2YkW{??c0@w|or?I2B0v$<fvO+B*hL-}7&PX%t%<et*93(AxN@
z)S^)hsO;bm;1<yI`U(r#849IslXM)wTKvt>SGDegP?B_|>DE}&{3+H`m%csL#ZVg;
z=Fp`EYBz#aocjAp>J`kq+pPAhJ45}mTeX;CXRi;H8>&F7J?sSbfzd!j<s+uuYBx~r
zoht5%lTk|Q`OKzdlL<;{UIaa9a%7iyJ_8?rT};yvB>HiRjyRiO)HU;wLV;w{zEGfQ
z?pd?Iqk5eDHjU(u91q=nUD1yX#sfrUGB7~q-hcXhtJKT=4w8Hy4g@z2Ifg?%&PP+`
z^U#!I%_q}*8vGF(ruMO>dy5iiN^<R-hjAXH0n0=pSQIQ{mZd?$(u9jBNpfFg&aC=>
zaA~0_;SVz<bfk+Z5=wV5K|&qlyNZa=%}k5}Ez-}8ycQnyW&Y-`znzp<x-S*g^se>Y
z(Y?AM;)$?pMLlI$Xym2z@Tgt-2YE+nm;Onir3aOJE;~`Ruk~$<hQkA_Wo1Y+HFt*g
z@AZ*FRrjNhP5vPsTZ9={;Dg?Ipi%>W0Fd<F)C05z#<W-t`CTh`N<8Sz++)p83z`Rh
zhkIq5JZhA7-(g=B)J)k7dz2ui=*MNBn^yT62SXqW=!tPoYAbqksQ>`oVpLgS)AN<p
zX!HN$%8Fil81pKRf`A2~@L3dQKFi`DWXsIwdE}>&ACD+2-&R($agifkOjA~WBva=U
zWpySt(m8QLDUtIuNgpZ@hsARRvP^s88%fMV_xJUF*on#k>2gs!^8uoFU139u@1ofj
z4d2-;n_bpC+WrD!1dy9hDWoIP{k9N)Z86oW?h(-UvKe8Z)AM(@D(OZOq<R(ta<uvX
z*_uT3!oyJ1DX&siCKbF8!jNTuNnEm&mxYL;q7aEQsXbf<wn)#0L5_4WO{7Vp%_$;H
zvr)Re2y{yeCLyhkFSqXJ0^QHGCVddzhenziU&YSA1f+;z4KVQeVREHG4`|W~#9G*}
z0zxN{D|oa3OKUkegWURlRPW-$*DtS)j_5Nn)WAIs@=3AYlm0{7Sn82~mT%WhVXA*C
z#bZb?peV4^DBFrdnL<#7az~`D@t5AC6dh87Jhw79-C~0Jn8ofn+WZ9y6=-s3t1vjB
zN=UxXD$DCYWGqe7j73opu_E^6Qznbcq~>{2<cV9AgtjV~4agknVwx%;IW(uJl4sWf
zcTU++3!HBEmHz?UQ{VW1b`NqRZ`acmxw~2>Uj#sh^h4vj%KKK{wBj@;!#l_5o!&S#
zXs;%Kw?Nt|QlRCgw)`7ZJ6U*}rjqZ1mDUt!l5k|PsMq38<Q!A{E_Nc9obhU{K$M%6
zA_6nU#31HEXoTn10jFC`&<L~WJV%>9gU-{aQKl=tvhRE^Z8U-oActNvud*y!W;F}b
z0IHWBLIWCqNEg!-07>FGMFEiGyL}l{v%VlI{Y)UCZZBC3l~4oJ*y`=?RSl#$qVr;Z
z5B>)OsfO?P26PnEH~gyp>2v>2;Iz~cSe4j*aslv78>n0)rG5c=puAU++{0EG9}m)^
zfDOQKrWs9DKGmy(f^KNxttf;9y+-G=<7_k`Hl3phC0>X^^xS6$wU@m@10{cM4c*A~
zy(s@!uTEZ|ZyjCqFL|voh*0gdqYn*{-L1Ysfa^42_l=|d_|t=|PW}rZ^(cyPM>{J8
z`)|!w;{)Wc{!lQx-!!Xc&j+I@qD~jvp~oSk1$2`MGBc~vH$Ad4VR^;inqyH`hb#|L
z`D!jRdCjR?&V6VT`_PhQucv<>+Hq{$_@Q+c`kruTsrKWC*0BM^aiv<w3#PAd*Pquz
zi-|9aB1s?6g`pSVJ;B>X`R#iUp4A1uBo%8C*q%3E`Z#yH+8?Of|7XW+9f$sGC>=JP
zbLgp&mD!fW3=}qt;;@DU+=5kkA{DmM*X~1~+J~M(vpnO_k5`QzKlFc8AG%}-dDzc|
z(a|lx?l`bBs~Jnn?#=BNm%=7NfaWY$t5zkzK&Fd4GLOnv(k%=hQ+iOnPp6<PKRd>9
znmT7AwXo@&6HJy+Mr$H3SRLjSi}JW)c~qvX%yK_3xnC#l+GOD}vrjOEwRpw}9_N)C
zKfzQV{fCw>`DXp?<kx?_ada?#lpQ-joLU-IgaOq7MCZRz_u`>7mycs5KRbGNp3}3z
zI@om1IVFn$`!N?Wc+Gei0qQ?yJQh9+{4g)7v?!MTh^Ec$b4no&o^ejcDb2>uDb>g1
zb4qnEeoo1u-70pJU9B?!P99QCwR&Up@E5IziNkvaFB#ov!r_0Nfu#AxF>;+2c`TL*
z6MifYuLw8;WD5(j0FW)gGWMMXTteT*vG`O3divodyLiUoCHwg8qo;_6VLrF2<lX7x
zOLj4Od>w;3PA}Q&rv^xbA)Wr+VO4bqGsJ4H0XGlsmES&|KBZ)@u2V`j8b77}3<$+9
zj*){z;i?z_tK@$RE`xgORnDRy07yfa`AfGc;M)KOpQKcpeoDsy1mmZa>f;%wl<H#q
zl+u(<`yF3+?!!toe*csA=Ef_`<QMX&;^_tV-+N8-<*|Rg+yBM;T@fOi1Zdd|JXXXp
zJ_j>EHkxpZXJ7_?af}><3UR{#awFelaE$9ZWxPrujGupoq3@2g`F7CWrviFb{l*_v
zk<Z=KV@(E<uT`Sl7vd<>!S^nBL!98V!}erLh_;P{>dCg9xBW*=x9fccOIHQtue<bH
zmHR6G1fm1a5Lv0xwbh|i0Wl(0PY(TS7pO=2kkVpI1`d1ypg$aU4WU6DNMBcd4(~k%
z;IN0k0$6{~`^N#Ekpij#3eUj*<va7CY30HU;Q){`0-$FBRd7sEn|rx1g%xPYeSGg&
z%mf*mMK45;T=2BwKxmxjv6QjgkEB79MJ%rJJS~eb_d~Ze?%UC9pNg5ykTEjoIwE6K
zyKxz#TaL*X8P;}67a7!U<jLZi&1T{03dG(As3L#3W9qJu`&h0IXn_xkr4Z8eobS^?
z;JC@FhXlrMR1-u}P!#U1aa!GM6fckdIdTc9N(;x+Znb^JD~1qaMSEuwepRQh+Fooo
zVh^c+{IV;3tA$Ygw69R5puY=H3u0R>bcTNOpi%%8^#&Bxfh@ttZF#?Iwpcb>k8I|7
z>HU9>vG#rlpe%*rne7AL4hlzT0PoWk>S~*Xs>rGMTRLT;+FrD;O<6593POqdKX&`N
zYLT}Za~?Z>6$E7~#S4ooOC$-!wZW1fAm8fr)G(`PjTMK~#vi28UYkFxTH{~qC#|PP
zXt?u%0{$#+BzojH;XweogLRZIS(Hdqf>(c4#RSiIn5JbV3MYYD=-c6Xp9=NO&~PO0
z(1?bkS%=0n9NltE!;#CsJvGap94)>!CNA#rI}REBS`>7eG$QPDRk@EQ{3fknWOs)E
zh&jUxP1Y_2;1Lh$cSA|`nXeRTj*8j6d*%l<9LAcosaGR*h~KP6*YwkPBuF}zq9uR3
z9M+n_WF={37}jL0(T6(ABsFs2PCGz;lyQ15y!Gl2mB-9?`}=<!q={ov54wB<?zPSO
zpmGXPK|ghwcafciT$!aHFiNx+4>rZ~DZXa!{Z{8M;I9$s^lH7fxK>myME9Zk)CaAP
zk@gz2xS^ZuKi<RO<5BwNe8_=6i@<+~9yv?=q6mtT`4N|oZ=OioDy}kC<viq78TgqP
zd9~Ovf8QN!KTF?GU5@D+I&MFvZ_bYR(=Fe=xgLA9jLlb3ZCU9!T;&x*w$Z?f0D0KL
zi$&eBjZTSzzsB-YSQQ#59Rxf-^l_(7?D+wIe_p_!961V;Vwr?7D~l**k%)ig6FXUk
zEDR!EimWXCVC06h1OC1{(tg&7rMetDv2@UW?8KfO?tjwKyRwcX8QDi2X!Ien#q}o%
zlfgM4)Wn)NRObiO{doa(a%4X%<stG@whR(^sOqR-JW4nV^N`nR9r|hDPNMSdfVw{t
z$v)>$k+t?l4iy>O|KeSbJi&i%9L>j17P$x4l<h^e0RGz26cx2u1kg{im9~J?XuHmP
zuB@20GsoVja<qg0@h((_V)=@DJ?SY*mkC_8!wwMN2#JvJT9YQht8S!Mmmay4o^hld
zTNaXWt2dg|=RMf#)Zyx0P8>jl?X!%P^FagtJkS6+a-8wJ4APwCWfXs~s3;PaSId$m
zaU3T>loVk&BBeHHz#oa$pChGImt#^&M(?Ld>DjOWdJjk`rCLx&n-Iifp;5;4!<07=
zT@de-EUF45SdUn}8gzN;!T$`KE#&)QuX4m!+iws+ZfR5B>odTr16GyM4}^u`HAL*Q
zVog>3L&b9xN_bgGx$b}cI9vHd65ZQUm7p;9>g`{DmBQX4A${kM(Q-W^%ID)M{CT(v
za^yG(c~q6Dd~&1_i!u=9AmFU>^JVTQJV~P5Ey^~o!XE)NoFmFqmt&$#LOiC4^4Z9W
zCoKo29MvsI?NC@1NMFCpHTf|(JZ;t@+uNa~`e$H=hN6+h<D`EJm8L@(booS_4bg!X
zm=T>~Nu*00d#7o)gx-PK;2iM|ek$9;o)%EiVx<a4DfpBkiNs)ylIG(9jFSfV;Z5CR
z%ijt@uRX1Xg3i3yy!U%URgINy+6@>SN>3=-SH2eJdu}*<#TKaOWcMpjBJeTS;3Ii3
z1UGy1kyySLQ^tR3fiFj`utc@mDLOj+4UU#%hAb^l{Q41VZ@`Qy4c}dD;Q#@Jf6uQ&
z>96ylHU2zk4LNdF^Qsm>%F;?mQzQ!umhm!VaZqrc7ipX>-KI!jLu&%E{@U64i|lel
zf06B`=`XVRsQ#k&0FYq=rkDvqV6wMU3J>xrG0hQElcawVDaCGUO2D8wuFB!Ijg-i)
z4kw`xn=Pxvrt=qe?#pKczR1a=h0{4oF|n$P!l2b)_%^+Z`_<h&SQ1}8f5Me~`TFVg
z!W8X;uu6-X0GEvcX8n8lccPZ^xYz#DW0ML)GduAL_~}ot(6)$rQtK|DUMp>>%Zqy#
zhb=0h9an$Vhmm+@BXtbyr71Ls?<sR7y;cR%P1ZRt%jN*p0U<}gnynn*-IrVM;+<%u
z$f!*8y*V_mFTFR!_kkULIBY>nt!lMcbuLbLq_ujKo$2vato`QZ16aMoZ8OwB>c-I5
zhlznHuIx)C>0q?tMI)D>sJ`t4dsVT>IH95Ps@Q++AH6>S6>zN!E`5db3A7(jpJ)dR
z9>Z36epM+)p(*@;*i;olz+z3O6)|}*#}#of4?RYX9Oay6%RFFJ38@f8Ua_nwQWh3L
z!egGKqTp^tY@^2lvaa0uiueW4WMm)j`Kd~DH;xwLdf2%IN(B=-mumU@jz4%e;@c-p
zexZMvXLPYRDFIS|D|BzG2uxEE$*lC;WZRC&SJxjo7P)~u+F|YosM=v7-A8k4(ZqS|
zYl48L?M)w}G*C=&^7<EDunmi@H)~3u&d0F@^SE!unomta#bi^#VC}4gbY%wLfk-_i
zmmBkZnF?R9FajyAgP4J*hgD%9q&V|Z8dQI7DYn6L!OMf^$S$8F#Z(`(6rT;Cd(zT=
z4U*m7AP4e7-U{Eux_MA?)1?`E-}ri^iLJqH0TEU!=8Cl;I)5V`K8Cd`P&gF44Q1^C
z8F9%w=6u*$Fptk=tod~I2F>WA-lpog)a<ByY;wVV9Ot~qeHMozV^O}$7#BgtiY$LB
z!>~w-G;`BH1vc6(czLuN+2wPDg6e}7in9@KPg)Lyf`slV@*{9-+yU#NVnY0m=H?#g
zC6yEuht(QToP#T&Eq6fMap`r~)As}3KM%<puYoqcC#3H~0fdB{4_gZ6@tce_pDrOi
zcY)%IVWv<tQ`B}XQ^m3<nIUV-6?uOx;xc0XGRh%eYsqq+1uQ7TD2=M+vi3*b<u-mQ
zaKmkWTkZDXV3KO{kA3stq&*?KdTXF6*Bw+vJ<uoQDqTDJy;jswgbbaHsUln69tu@0
zOuee{)eeaUZ+^QW%te|}1)hN5a|08rD}I1AA>P<oiMJo#D729Eo(CR(_!xh!_i!kr
z>be&lZ!$5JcdqaJ+f8Q*LT0)^e;t-)!`C+uAFY6raix4*yaX<WR;6`#svI7_+X<lx
z+W!vDvK@FT;R(A})Jc2&de8IA{Qr8&jE-K;lgG^r^Xr!nt#U378f#{j7F?dd6ALf>
zZ@P;OusdxP92J#LYkfWSidKIx%Hk0_F++be?c~<W*J_7u>-ov_q+0!$A1XV0dM1>i
zVx_tYiL$KKqZXj9@|(8xqj$G%3OPFXDA=GA?Gr#{Nsz;k-<Hn!C!0)Au=8+Q<j67B
z$l=l~_I;_>iW<y-TGg2-(<(2k(oJ&_*f_1gjnjITUL)~YGxZwPuUmhwosHe1x5QFp
zV@^l15AgJ~9=M{OEPrr@6=$qeIzNN7euip|gvO$VdNqiMyh6gZwRyg3PPa;Vk~-u7
zs)h$F4GA%mj<ll-alY{&Y9fExO-uFg+ecj<=Sdq=z_Kgt3Er*ubw8#W4wj2?4i#TO
ze0QNZLKZsc(G+W_1X_Q~S$<bust*2s)k8NC*(QHnuK?U;bPFc`%7K5n{m|U4{?vS0
z*K!+#hQ)V-LB!XJ!Ibg=qpZFi9)8Wr4R^p6e%{!m*|58nDACW>05}y(rJkIps-bu3
zna}i@OYIEb>G%uT6n(cVOl8*R<wBmw*D!(J(~MuFw;R>RF$I4+AqxR&_O05D0-$iH
zMkJM}sxKgyp=y?D-XNyFp!fFrMjreJ<;}nVph{obJjkv9IK11h%5@j5dWD)zTDQ$B
zNL@N?wz_12JP2m{cVdn6d5{wHgXc09>vjz-uFx0%ux}Y$!t%BRcc$J4W-z|Y!uS$b
z09nz}kzz<Tns9#!%!59XBLlGu6cJ)|UieULlrx@ZITR8RX;Nf)Dn`5{HuN!YLm!`Y
z36PM-nU?_7ulo`>8xBct3C5sEOO~u^C;$n$7pH+SLuETj>y!Je3W=Mf!d`V8e?^dL
zrNt1e4^b-Z^TEh9ID4Ai9^SYZqLs7e>glVi#HrBkU=@GxZ->p$%+|$`)uJ!G|7;Ez
zf&Q*LZq2@6m1n#`wo;qfyQB<A0J!n~=SSBMx3=$Tbf(L&RDrxv7C~}zNup7*#RL^G
z56DW6>@QV{Bold_uqY8e6j>};#4DbsWf@k!8yy|kK-RzwWPO&3AOWm1RRmqw(4`{I
z#<kL0f+~OF+Nmd;L{V^y7GfC2RrragR-xytQ1{L;)Q=z$eLvdlP~G)rhyBJ<ylWS4
z{)R@!@BuFNV2-?2)!_M`s&G<2f543xhU34P{5)+A{s6X+H4z=URIy1zLfl(b?E~5%
zeS=&5u7$tp@U2)8u|wXx`5PeZ%mi+gc?q_eN#%c1K00OEf_u7zYHzzfq`!x%&3&K<
zsp~W>urqWOd_XP_R33ERjeqHVRMnio*usnp_!W>k%TKAzrYH84G12fJcB{78c4T>`
z^=-F3xFs;Y+nQ1}5B1xhnYaIy{gS41;<L*_(oH5P#d)}4a^xW9MG(X#OX^6l$WJns
z*HwQdt!JL`sKBgBw^Fom!+{$&{4AwN;)Q1_MXF!7Qal?*Om7J&MN?|Q?F}TmP;Y0f
zK-j;O@tLN|EPyoG$^c%agi>^WIW<qC5)W<Xj6z+}YaZFZl2Z7SP_M66mt4}%-mL(1
z2gj^M0Py!Zq}@wH1`scoNOCO&ShsBYjLLsP*bXsJ{-5PD6LU>_3z3r8bBNc-MiXRq
z9zd8JIVuysF2kCYKFF-#2`iFZunaO2g}}^2x6IlA;lK?LewNIVz~GrOOZDrP*|YJ&
z^g6V-DwN#>KR(ILwgbBz4ES{eR=s?Av{2qc+&vP9dU&Z5LQD+@bzz77YQgMnkSBj;
z4Wj?H{gu5qGEy#)`5Y^^w^-d^wKe{cel;tN;xa!nZz-!E_2^k+ad>0q$?-LtQloHq
z3jpa|efj)J$KC6$AAE!LIt4o8nhjp3Y5(@o`*e%tB7g8M{MQDIh>3ZF2mtcn>EbUX
z@;WNhPC0AjUci%!b~_;rj&Wuo4zGWIf<b4O-bL^l(i^;iPVKd|UHk^a6J{z;XKB5S
zr6G3_zV@!wsyODix*O<$)==xOb3n<zyOIaw(^lM=D9i>3cRId~R_q~vwzZ7NW~(zZ
zzMH7Yr3Y{$rLX&nd4u{b3dZ<N7vh0KDUS=jwh;`V+?C+^yHgc12Bt8EjkJI9X*`+Q
z@i+i7DZr9u&8Mz|bEpi-MiZ`sd3bAb<hbH-mV`MgdB|CmCqB#aWx;|xNy0J~{?b`9
zHw<mKb?Am$Kj$_eyPA0$ko}sN8{pbbUkPN>(JO)87kt)E4}_2%b#$HYnzdYn_kIJa
z8Q*S3uiCGY(>DOw`}<lu<-LCu^lR~rch#<sp3%~jJL&n-kf!}Ta?L>DPG0UcR=3j(
zAbiLlF?a~V+pg^%)R$Th>Py^vhdCOLUF`PA*z9$ySwa7<9gf4TRaoOKlxJ+$0iHXU
zG=^jQ_)FP5fGf=VtQ`Chdic%_)p{Rursl1aTufxv#DA4tOe3W==@5V3e-AqVNMT>F
zbSy#A1;ZiT?heO9{N~B9)M<@Jo(|HDN46MOci}u#GdXfq1!7sn6-!gU0#CnSQspgK
z2~psPN8FFx;oi_jHIvgjL*G$d&DD1#ZRfbYI~(du?~BvjPc`%Y+^m0SA9yML?SDZ@
zO)vodmwCS);lBQrZytaC;=LJWfOiY^2*pRjz-t{q)tC?EU>XdFvCU@7<is{B$UEo?
zfGYN^1)?jSAV_respH<d^uRr0H@0BYbb0Tc7at6&?%~_NXfJ`5x$|(=5U9LYIl4M+
z@5#hl9hK#{m)Z;x-}w3f@x)6N)!+y$RWaqBcWDr+fM$x=tpk6o41&G`6pDeh+B;%W
z^W<5U>QyQ>IW9bIFpZGVN9XXHl8q*)q<Q?NWV^Zw!#v7zmX$tayk!N;%Y?HyE$bqQ
zqA2#=5Ax84Xoqfy_OnzH$!j`OC6Pr>Nz>=X(P~^9kz1m*(U{RiwpSWRh3@dFW1V^J
z-s&0iJ}VFf?$m!LC`ci2|1kJYJjuzC;k0s{nj!ngTEgZnc7)jAj}VCjm1(n+X>f`9
zUecDTs+CD7UBClb7$#R^=13)^@Eo88#Gf2sru}<Q{@qWoHpNTaUflv=B{~7PerZER
zLx_Or%`lVI^Mv2PD{rH<TZbW8>o+K72+B!;lhP|!yYhdqQHAW#-KTX=2`q?<!KP@a
z3y#sHngF6$$0$@oy~x(P7_9EFUpLJkvj3v_6Lb0i-%=s+=QX92s4wPJO6Mc<!+C_T
z<j6^u@?x0+%W@IRXQ7B0&yyt!!!W9=IxEW&GN{mo$cJu-{Iir2i6)<^l%7x8dgEv{
zu9V1iXfJ=^ATf8UrlL1TVd%B5$WjDD$Ke?&imVyC!-DJ}^C*yOcy84;mkBB=lZo2B
z5~YS&?VvL1UOea*40q{SaM)EQ^;2nF1jMO;tF57wtRHK(g|5M>reo~@I<$^AK@BgJ
zY9WU4h)b|Jcg@2N^J_a`Sm$SY0>lMU-GN3vxiwmsLw6tXx;3E`=l4@nN4G3`3DG^O
zdjAQpid)FVhGO=Jd;@d#07<K|shPzuVlP)|e!k@o(hA)x>+iEp2^>rf!|P95Ucl9b
z9g}L5I#o_JdVcywIFEIf9G9kA10H{@iSXsJCdjVls!=kF!Kp^i&YGaNWTM6-+bf-8
zB&rjm&LG<L<bgw^v3A6pcNoZk0*4)T4^2xX;F9x@#tp8*Dm~ec+o>6y{@aI5j-{~I
zwJ^0xTVlov>p-CG58nS{mi(FTK~sAF;{U%tc)xJufl&wT)E4wp8JdVE6%2py2Uv|4
zr<BAs`scnV-=)RWh#XHCWa|DFD%<KQUHt9KEy8I4629yI-Awu79sGN*m(*Ctv8fMV
zZk4+a<7-S)^>m-q-dt%bZySuzTxmb+!=RS0dC*^azkK@o;}66AKw9^1SLCndz*lkw
zS8|pLIgPXMm&>njy*1y-1sH$MVS&ZOG-^gSLpQ4a0gU+cQwH)=p2BR)p_Ne#uGfyu
zxWB~)9@PG{bO@T>hj^iaQqk*U9tj}yvPL`w{(-yc2MDtLYG1|uHC!IuWv4P$suRg9
zkj@0DH@5%8vLMWt-K%BdN7P6q6?MDC0Hbw^nl7COaY>qt$RyREv=4t0XwZ49C1PQh
zC{&LoJO=iKi!k^nzvvDMcJKj@gZk&;nOLBFnaTB_DG2oaevidLd%5kuV5_m9){Cz{
zyibo(D38)7_-d`#1E<HG6u77U>7y*NJ|GBl8z`o$?wMvOBNfi<BM48rf~TPvPQ2B;
z*yE<3+Q^mE*+8X_0>FP(7=Z49{e*pTPGM}a(FFTsUiK3?a$cu#l$JhAqoiU{87C}D
zGR{&zio&?4mU%T2{<E{6!k5c_BD<PvpHTg}?US>!pXe>I0bCR86nX}jP;Or<C!$39
zkw@4bRNtVr6vE_5my6-M<oH6hZb-w;YDFSXs)`>_Yn`~6RXu-@E;xuX+Zt79IN9VK
ztnbHr>k`zle#{z@C&dI8H{et<Sw?*b4WEs2Zp_w?mKJm??!`c@;!jUzN2#6ZeC(*|
zUv=o0S5L7t8X<gSgPipL6UyqGEFH4Z1Z6cZONSgetfD%M!<3ailnhO(lI6)VU@1?1
zQ43$HD|bD+(9VC-312QthwN&uvLe%8oXYC#EFF4FCO)R9_Ljwd#22Ow_G7W%pG3VA
z>WdilbkvZT1|rzIA$u^|(L)a0$+mx8`)K~A?5)o9#@{|@gARX(YN_oqc`&gLma4~p
z^@MfpkJYw1(J|ONM)%zbX(Y+#iGEmm-+~i1cL&o)MB0B-_(F$+;=PJH`l*%wDEk?v
z2ds3pgAOxsc`C&Ev*T>gfOoRV1Qj$d3y2)qUsjRG(wJ4TR6LO%1&pV8%<7;>L|unb
zow->sLOTm6e7P(jva7i&i0ap^g3itYqSs+er4BJQK_Ai6u#BdG*WuZ=lZ#t_#C96`
zMBn`K(`$by@dGaw?WSL~_VZ2t0R9Hz^jn=hhy$Qqpk-AXJoO}tOXIT!@K?+W1ni@U
z2ii^m9n3?|414OC@h+~ve0e<~VMehyZN*+b=NN`5uk6{{_7_ulTlOFXkb+)%*M}YW
z86Zpv8`80c7>~Mbgl(~;oZ6c5(LlZ|Fze}Ttc8CvwlH*v$Yb?`9%(F<o{B~245v4L
zLnr)NUNs6OA}96@Qne?g51rTzRg7lf#9*M5nd+6{P{@2jC|l}OIxW8Q^NYfH`9<W&
zK^O&jRirEkGM`0ZDxaruSu%yyD*Q|;V7I!p^NYfl%P%6kqH_wa9j$E8CI!Z#+V+%S
zghqcQS53mO$f5}ye-Kbc3;;leV4}-+Tx};MUemK1WJ0S)leDOyq?#)Kp@9T<YU>cy
zc?IOKn(kr0SHXG}2K;#Y{y%zX*c<#uuNEAEPzqSN->nL}Vt|c;mwLDc&DrsJ*fx<G
zLEaLb$^-#N%xBlF@{sTEn~FqNQXAp0kIsKjE(+%*7m*`pNx_3mnnr#U=PX+K5mY@3
zStjCenU`fz<!&N{&`vH2UoN?b?8+^$RI4chOSK&pSaQ{*z>=9e?S8e<bO7G=uqosj
zmL|L{Gp)MTjr<y42O+Iw(u0Xk4ZH3TH$AA)#4q|=_|q*M*4E$%A?$9lMHbf2?&L7b
z=>dV51I2^0?`UbXE4VTo<6s#e@qf8KR64E0+}b!tN*d3}?jRdYkjHu19puQD>R<yJ
zf7L)DJG~=%x%3XQE2lh?ttQAL*>?0zLNA*VNU}wLgDL}3o_&3DVd^<bA(-G`z)$BS
zm^|FO1LOyMx*hOASvefTr~D7z?}{?g^OxSY_Okn<LisJck9_xs*ekmi{{7m{5jibb
z<WyaPMK&52tY}^y0Xedtm)x(Dip8NHe@np<G0UQYvoNZnIEzIPjL?BZb{;|Wa(M(~
zS8l<gT1^qGv(p5~meZ1<$mX|wLa1Uq)N#bRBNwC3=)3W+@$o1b%4C+~OSRHSj7Db>
z_7@lwtNQ_OpzY}#poJo>Rgb?)^{zSB!A2eYBP67Dpn0`PimB4hjg=#61YMtde|j_~
zasQE9K<4_8Ehfn5JYYRJa?Ar>6+y{D5rixXl7azS1uJ<J2|vk`dL+0R*}(ef<$(2M
zS8f@lT1}DBah7#LM9Ec?cb}UBU9qAnPG?=KW3pV5H1Eghi9@=>2a_Agw-$HbU<w%e
z+X9eMF!85+wPEdR^NfQW#bzh3e@FNiRe(g1cB!YIzV=kg<yWzJ05ZPLmQ}|?{UgF~
z1=iRy6H#e<gSikQNv)n1$@5|5(L7i=IdWc9X;CbF7Sw6MqC6HX11haJ5&`F7oClfP
zp%dA#^62GY<z!cGk)&Ep5y^3mcS0n|Rg)q~Qo#=e=SXf!AgLc*D1-FUf1Xnny(Hgz
zu6DamLX@c)eN{QQ5W<Iyk3Y7E%oz@=0G4`I`Wa|~bN2gF&tvu9ruHP@0(J=1QcF|R
zH+VglaB*v*C_?_ufh3cSCWzoXNHRHcC5?O$l?C%FQ8M`kOjy1wLskPHj3|mQ;Uku-
z4M~n(4w6iE<rYDz)f5pte;am8FPoG>8sLk*2~|D}E{?r%hk&ocKuAt_JH5k01s90E
zHV8qZhBY0xdtQPiX}MKFq=(+mCs7u-y_g=qV}N{AP#+{+f(nFP*~VkS7O3>LZZz>N
zy=IkJuXbmA{gl`~pQW5^GC^qP;q=InMHQF%66*F;K4+1XZh3E(e;leJ`gtA%p`Rsg
zp|x>((aYiV$gbQ%OSPIJv{c*AeYs0QXh{s++c(#av~;rFj~c|KVIdl5p|_9e?PH%F
z_A7G<v9C?DCM1;@<ur^13l>8CD+ch}dk#=+xpC$V+8dZF6(I(n>7((h+LxY+Wr7%S
zcqqTpvxQ&v-k(J$f1bf|87W)($uT)f#J~9M=KX7L*Q~{>J_=ejWqT9^Jt|AG6Pso)
z^#3qjbAp-T2UokQW#6h5JG%cF%*z71zz2cdF-CY}eS_B9DEgp2h=e=9)DE0ZtS6KU
zbuwt1{CrqlG!Irsj+_O#2y1Bz1b!x;$w`(nzVuU;@}P+Ge<&_09=Uak4XcY@4pv8Y
z<<>1!t0}sLYCCF^ldB&0Vo^<d=k2QYJ{p<nVeQ6Pf8eV6CtTa3o?>b+`4Z?l)~Vk1
z{i`D<_Vqikr|V|Dh8Mv7aj9s$oGZm_(L>lK6W+Hfk>=6^@c`^w**xeU%2{F&8B<A1
z<;(P-|AE9~e?q{kzv64+rv~5PUv#-;1l__?UnwBYr>)f7K>q*AQUx7c*CG_E4y9pQ
z0|&Uu2HGBHwznoVRoP9DZ?P9T?ExzA>;POSE^X?xO1bS6YS~5<enF)O5p2@hc{bHH
z*<yl1ng_BYM;2ifie(nDC`c11HC3>pT>307$~y3Ke-ZH!LX5};*+nl0vLm~4D<rDb
z6oo_*TaOw$<g!UKhiXA6qOXE)+Viv!3G(YTimDEB%ud@rEjVha7?U~lJRPHoYFv7^
zNGPjT)#t#eM}`G(S+zRJ>g3Z#ITq}fi|X*`m2>`chT1w>z|V(uMe|@?<j6&wWoaIV
zEUtope?@7Q0hj)g6-iPiX(8e~c9U>LHmoapIan9jm0Q4Pz`Dq`<1UD2<GSb;Bonkj
zYjoMiYrefZI9&9ONnxDKbZE*F?eDD!nduzm2eGaC0w1aX6ZV4gMjavxqF<{n7FPj+
z-MIhYEpr5U=}4&5JaA?zXo!Jws43ac2I~|<f4-=Su=V;zadhd5>=tCUYbgzbKXAU?
zQ_4q9!KOUGQhG(zJ;=tKkktOt;(tC!ESd)rBS%ilFih&OU|A3V<!B~YR#rYslC<*u
zcv;nvyRvv>gT$hj1BsDcxy7Hv3Y`EQ5?X*{dLF&z=_w=0^!W3G>flCI+k(h(Cv8XR
ze<fEc*^akQj9x-J5M!NoalFU-6|%Vz;Xb%#VOGa^zg^PHl}WZ~ble|51jr%?zY6sk
z%=@BijXFT89QkxOz+0nZx?4YX3Co2*;sj|_U^;m5*yRDezxw21Sz=WPM@Rjzlx5p%
z&td+!2Cp4cHGF)3`yb%1(HK@NZrLq=e^9<mJy=e2tngNoteUY@S<Q|l6dp99%l-zI
zY+U80t19e4j=;U(wDaQ}j2zi$f;yUqkt0XWm&+{7A}slsvZyRVCLb6j^Aqk@P!+7s
zYo|JjZH!#}au_+XE2lalTTNF-WEZ3Ah+aKql#nfSj?P0rWap5xVt%lw)5?bIfB5~D
z2>dO)@0OdQmV<*wp(h`hFcs|u)<G0_kBC3_!^q=N{X^oSr@x{@xX4E1!WGZM$&n)m
zkuMFSQa~xaP@4K_0gQ4XOJkoG0WbZUyD>PijgyOC4kt%;<rXe-f2Io;jan-YJJQ@I
zn*mm?3t)^~_Vl9h*=oRYHvj(ve?0x$c6iG1f+fVxxkLT6W=whv6;_I3#~uqJ7|5TC
z!rJH1;`RO59A0T2BDf6^Qe^rcQ~|W^Nh>u@6=t?0oD1v{idbn{7*#?5IW`B|0fkwM
z1{ny3`MMD3V5;hbp0_D)eF0xb)q&`jAusFi-d9oHZ<}><_o(><9^1Xxe|Q(aeEsS6
z^<X!2tpv3LgvL0B4wq~+L1WBA?U5rViSXkpsu;lcSX31O<Dm#x7$ijv#isZOLw9VW
z_TraA?U7x%H3mrtI$dMX1GlF<Y(Kh|P2R)Kc^cyx#V6cV4BUN>192nN0o85aNe8q0
zChc3<JtlMX4s&~a<8(VJe}HTO2sOBFFXiZAZ{iWg>(;;A!SMiQzR`HvD}j`-(8%T)
zYQAs9juN_OgYw806C`dPD32VusKO*DIcK~`p#-|0%R8FO=eeJUL7CTOUX4hc4a$pO
z4wOfB<(4=Ss5M>U&c)`@iznrdYH_0+%>$@ScL5uDB!ten1J)f3f4CkfH(}2I$+2u9
zm(S%!`NR6ynDK~HB0^1u7LoHobMZXT9654PWZ5!IYZi;7U{PI2GgeeFTZTZNRYp-N
z+`JF54VsHz4m3x0<rWc=zHGXPoQ<8MS5L|aJr=$Z8zq$h*+vVhBTOO0!@;%L>@+?b
zYDJ-eH{23W?a9Kse>166DtI#}B#RlsCMU5+(Omhy_al_Adf2U6Ogkq34f83Pwmgr}
zH$W`G_w<!?4mBOwXoASigS?R=2Z<kKJoQ<<tbG=hyo9Vp!D_#XMHU7k3fxiP*oM5t
zF9&%eyK;*hNjzuq=@6oJHsXzJ>8v|QwmOY>dndL5Bt<<he`k>#<P(<lG>n@tlI$C3
z-UfNfowxMVh(v4_oW?lW{o_N25`&(hAMi8d+gClpRS0(jW~i7{<eXfOQ|!)1gT?dE
zVC2XmO2RORBNqBu%%UatS>XpuR#b5ka=*+(KH{*k(O~h*p~1+m++s&ksEvyq)pT6!
z9B42?<mkl>e^QM;e*EHH;N<|virXM2EFpO(_6A`D&!=YKvjnzR`I%a=BSey#1dO`V
zBPoB(21iH#=2kzO29<*4RM5$y7?5;%N0hT#aS&;g1FT7<b4Vdo1V8Whnhdzv{n0AA
zdPt3aSo6oDVdY>w8s*384zJXAO#{jO*Y|Qx;!@5^e|T~^e@G$z^~(pG!N#f`P6_j~
zVN_&`36eYyMn#UyD^V7Kv{|b%T1rW-W5!D!u;nse)>6m|zjWvR$2N>AemNKw+0{?Y
zK?8aTVJ7icQa_iVwV@0ml$jwUn#OODjufhi`vx6{Qh^lpcNgAB>WU&{liYrblm__1
z0M4}5fAr%3$HK3pE7Ti7)PYA}+d^TK1E2niydAnpFFkuW9k>Lj1ze`z8(c>FLtiIY
z6^4LX-k09*$UtB%R2Ace#4)L!9v5o%e+VpB1in{!d{;R1fa1f#PC#>Mk*q3Js|-Z_
zB;e~Q*lV&Lpmv>39wD1dPz3YfR^-T8lw@Tbe{+_mamk`Y2*%?gV+pUaEQ(4I7Vf0W
z*oIrhF9)|GyBbvlBu;ChBB0ujU+q*&w>}_Rod!M-tUWzWswdU5xH|~FLCqH^S@DY2
z(gx)C@^o_5qphX-8Jrqd<F1Td-qqb!In(eGmr~E$A>WUJVd<h4hNH0KY*tTeY4zXp
ze_f?{v}zr!ZM_TA<Gatlc8)74&fDg-O&8PwtjoPsqwoNz@FPU&g(l{Q3S@WpsAOLK
z_@{ga02O2VYT>=o<p+M37Kzks@HaP5NgCV^@F%e^FJCKd)@$@HH=p~W*WH{egm~|I
ztIe$7HDb$Jjq0a9K&N{V-|=0@pUVF=e=1Zb>zPkss96ymN9ecbla7&1Cg`_$crtS2
zNaR_R$I{RVOKIrvI$)f~IWV(^VIK1^;BL~f*v6B^FNY^1yBgJRB&utoemj?Yj9xsc
z+UPazdP87n=`0M`(qd?_YPQ2q2yI5A-L~~=x9N*4_Zp+aIQ5urt6sb{>`F`2e*vB%
z?Y?Q0g`v0rwL79O{K2hiUncq7Fv)}H{R5O3rmno{#$Bn$QzdFH6`xTLlx$LKrQaau
zW2@qM*eY`5BFu^`jSI&8vSv}Rj2O?CJ_~s)g;hjpR25FqOl)jb@^aWJva2!CBpXf?
zO|t!{=|Qial1;}VciJv@Nhab1e=$$H;BrkRJk}M7<!R}pw+7KAih>MY3mwmJWz}`i
zIK>6ZsRCk3$!q{2(lN5YWLQ5LzP@Xu*>b<3?00fTqzsWQ#$_m(2caTIE{iHlvVco_
zy^!WRpd#|R;>@p#I;=_{@^i<Y5*tF5yc~pz>}phoNEp&Y8KT;c%g_kpe;6T0^g>BF
z0-%tJkwSp=o=dY2ADr@r+InFiAEG-dd`k}Zbzlr)50GXATnl2MZXk?*y^=#eZp-^!
zvo#462F$A}iJM09LH{EZ_f~A;_$W3|Ww4*2A1Q-S6RBOnzwoVS4((bR{U7-s8q)|^
z3?tBBv>TRid4cMZEZy~Jf4LF}c|8ZiL^hfrvhy%Z<j6&s2GSzUS(Ha1i(;sw8}gh9
ze_7W_7{ztqPN`083{&!Q7$&l-QIRDvNE1bttoiLkJ<>}b#X6ErPbD^3(%WdHJfi#n
zsq1MH0{M))dGk&I`K(ObjxQP$Bm^cwVpb6$+>RCXJS!a_1I<&of9r5MFpe4;LeW^p
zL4S0MF57ztOu2fpHsNjWxud3h>D@Gn`AoecORmIPcYtqd*%q}K`1|lLv{<*N$HH=r
zyA~*&I;4qCq3*iD#0k-Nq-}Vd9=_L4W_%gqZSxO06@xMbsC}oOx@40Hie(;DiyT?n
z(@~L%iuq+#fnpJie+Om7%B+g2I4(**8c{4ZR4aKos217PsA3^8UK16|*%i3SmOpOy
zJ8mkCkTwC?`n31%iGW&l#dKi`02^B_Hht)=5EsnLdw=8Y<uj9ttCRCm%xdUlU#~VR
z6#96%JT);pEy*y-=#&O5?FwF{6Vti?+e?^iq&GLO^+Z+Lf20~z_i7A~%DZTVILg(A
zcpVO;o%63%9>yu;CnfCXaJ7+*CW!ky*cmx;p891O@rV_E4XH_f!1AS7GM`s@k}b1(
zxh&n{Zo|%!mxG;=U5$!6iC3E_?q|c!=+%=VPPG^p@wOL~C-OzeEjc~AS8#?S5k4@H
zfS>A=`101Sf0T=*$PUGN)!v(Edv8@(IR-zd>?f0Fh&liQ@0Bu_bQjhmCSDHHEzpZ+
z%?9U52`IH%`eA-PLM@qxP$NgKd0q!u9<wM7<z*b^1>;2~Sj^+H&Vw?oM~b^AHbO0V
zIfNS7)u?om(6))vd3K#tvgI@?aI*Pn$eKx4u21@?e<{nI+*QNTXs#!HtrNY2iChY$
z9OQc$%KPnmo;DOsor7fC-CZeDZ?!=fj9e2WE47-9ZP)M(O0-T$ZkzQ%`Jdl!6_=`7
zeOK+YFa9oN`ChCaj;d7SW4<fk!OX<4UMbrB8-&KeJh!U6vVJGwFOH{UCplxO>~BYf
z6!Gz3e^Eg+T8qHyZoYWB#v$qGdo~dp*<yk|nFqZiM-H>X&v}usWdga9c`k4JFppRq
z=gTY$b3YLyx4jL$OI{9oM|L%;Pe@qXM168L1dnX#cJz^@Qx97Nq@g$5Bwb@*o=ww@
zlg3G7+iK%9wr$&L8taN}+cuh{vD4VLZM)z7yx;%%vAeTpW_Nb>oS}Kr%BjRSZqLbf
zYw!~Bp9sZbdL+b7&jwAk5R4|-c*XmY{J<vnaV+8MU*i2Uy=1k}Z%BUPmB^6EGgs!H
zri7`pNfN0<Py5p9nf)-%W=JI92R5R?%{CPxRt1K7hKNl6z#*=UO+=Orz8b&17vzEV
zxYG|5ONkf;?=6&y0%NP*REAr~-do|(>awr(QL}WY-UG;W{;nfq;1|O+;s>r&(?E=^
zfITdi<=Bud7<vV4>8{cY-k8oJhW7xh)f53!^OkzMxeWPY`KR7FrC)`AW@jmkim0R~
zcKnf~++G^d4HR?h(@+79a<!_THnQhdRi%1kM_)v<G0Lm8|I}%}{yi^sSvW>^#o(h*
zymwsYY25T3n&SvB6o{m*LmHvGiW6NOx`}Oxe3(`~F)KWdx|MnVAfpvG6dfNtwSxd6
z1{5!aEy%WqANM%V8a@6FV?i4C7WT~^r=qz)eg!&D!j|I1QAdOPBt{QUaU4<Q8NLcm
zhBb>$NvKlZp{nf<n=v`GQ(%ruh%S7W*CfK^|LTEpM>E;T;&P-<$x%S(!7U0pzLa&0
zi>k(7{5=S^K4}&$SMPRB&Pp<)P3F&|K93sYG^3sPt_FL9?Shh}zx3lTSGP<en$`6_
zV+l|}QVSgq(g(FQ4?=hI#40(i2#L->uflo88@A}Aa{)9gIs2Q;)FRFY7XHNgLui&J
z+#`lyAkk2^Plf2lgX(>kyu+B>PH4rv<06wOE9e#a#kVz)vsoj5&9cnJNOIFIQI)Jk
zYGzXdbwS7;VOqKN>=cHo9i9A0hHKm80z7e&^*uk5_GcL}#>_((*)h^=I>MX7+N`Jf
zMJsTI%a!A3gJY>Wlw<TZaBU9))$QP)pDE-TEdD4DaE3Tr^#2=>$V1{@NvZg3Yv9e~
zGdOc`{=B?AY`RdRS*ihG&rUyhJ?)&T{>p#S=CzlcpA#+rC0H#D&R8eWU<k8i1DKXh
zcyVw**Moh2lz#Y%2S=>%JX78=Zz>%M7j337<De3zCL_a>vEH8lwp&J!zg)^$qrai)
z81cU#PTjZSUWqw}Tp)edx5Q0FD)CtbukG5FwJ700Itv|FctFp+PAGObX^kUPkG4vP
zeHD@oVVBDD6q)jzCs|sneR~I}_7bS;7(&bZ8R&Qd1IOC#>%~D&k*_Lm_%W_K+{)6L
zn3+t_+rcS!!o=4f>`@%RwOlN+-DThG4i)#uz!%z<78chx$DS?_+|xS0i~L|c1n!M!
zj-g5lEWNMU`+Nj|aXD*BB(%<4F#}^m;<mKge)lH8K)^liY+2$oh<O1ZkR~+q%R|~4
z?k;Aq7p#bq?0>*AOK@c5tsU+h49A17j6xFCx9##f`Ytfkj%I=XZjv2id!lbS`q6ab
zbTS6AsS$U<4^PdkS}P+Oa#?E}=^n<)FobqkMYli}ch?|<%GNrqJt;z3az+$kdg}V=
z5h=qBL0@=P|G;G31q;AFS|i+N4cf@HMIWMrWLa#$Pwo3Ahs85Ap`}$*bM1@sA^%-X
zG_SH(o<0<R?vI8KA@SAB4thFLZr!espvZ=Xv#YkHCD{{+C0X)k;zrqi6Jk2*ofwX<
zA8^SUV3-mcFW{obL79W+YB$+?a2+c~;*>E!wikD0r%R<+w*?w>mHDE^4jM;#hp|v&
zcW-^$V16D${J32;d<&t?IQF-*J(hJ3|HJ(2>a;R8PA4H9k(tI_!BShAU|iI8O{^5p
z*|_v$S1}f>?h)-{q_g_>*E;ps_uCI|>`gxTw`Z4t9gbmXhwX1$UQ}$4&XCx==Me|v
zsk6S*VgmBHjl{s4-fT~f`IEF7N<Z8h3$ge^zQ&@()+2MW%vH6!?LPAJjWYIUoKA=P
zt(YMSJaq2TSt;9>2SQ71UJz>sT{^58xdhCVmnsyuOrmZb&Hk4<TMI<ptD%i!bxMvT
zMjvh(d{A(pBh9x>RQs|Jh>xMboHI{uitxZM)a^&5jsuu8Ev;G)%|(VWjiLxa+?`*7
z!4&Ypok<MdDc@7}_f#krECzP;w*Jwlfy=1LbSaKA6NFkf_}oDCrVc^P>UH2L`=Qni
zyHoR#>@dPknmr}n0166lN4ymH+)kQ7U-A|;N5=xh$VPFPw}+T3*=ix<i_6<PEUn2`
zW>ZBP;sL#Acxo*pRoesl^Ld#!P!q<xJ@u08D8)iwM1)-v>~xp&>dxDIg={eAjFs&D
zk0(S-27(%6cJY4&`pe{e!9jt<D(qUCFAE&q;9V7C?1n9IG}i4BZ&1`e%v)Wq#vC1~
zwBHKNul_(yNw^o^q3Z7sE0OHx#VBJv|M!oI9_VE>sG~#nMib*5Zp}=fZ9>yO86)lZ
z59?7?%_m8$=oaiDDEXift+@M4L@)npmE;#CtoXi6105vFeOT}uq56_u<5iiLG8#HC
z`L7^Ciwybq$^#rKAxt9hlRBfF5cmUhB+Wh(7T87BM5~nzDdOSr-4L?!GrR;>qNM_o
zRPu2$PCQAIp{B)mBwG8!(6xOSr|<(tS`9Re&|?)zAht^u`45`W)=W2&CQ_}FF`)*~
z=%Ayk$WAbRH~MRuj#>HHHni?SDB?eXsEv=RCm{3Uv`BnhQE?!8@XmtxNy$lIypNIN
zS}mM-v7qX(bB-GeG&JpnJ#4|n3V>E&-1mY7fzWcP`t`nVadPrWCffNcQV|=Cl{^Wc
z@V?F)2MX`aQT=p@vF!}Cf`<`t2f=Xrtg*0G*|)m;_INMzFj~c+$}d^FCyMsnZz$b%
zb4LtxQqimP(HK*i?6l`hUadsaxPh>8i5PDi@DSrz?mvGcZ|#fZsGu*j0kv;hfoq4m
zhiyI^scQZn%Q;wPhv_7bnu?L@8~6&ybFl@Rzdpz>j9Khn8b5uW4jpQ%XUFw)C8!yG
z-(I%2_e0q0@ck{sW05e{{hGYc)9wP99rgor3S4_2^Grxl!o=y(`vdl!xeBiR?Yfu#
zN(0oQ(*FoiNJimnjDx`M2M}`N!=xdC8yooHHI6y9&@>5O)ZcLk5XYoU1{TJXr}_>+
zD?rN_$JdvQa*wsrX)-6!$VQmqwXsJcNq_=L3@DHkXbt1a&M_P{c*P^h4Y68@Bp!2D
zOTE(H&(+ej{arP6s(RC+B<s#{-n{N&E6PH0kAAhRk<K9a-1VgdTI@771@Mr&6uKY(
z5J(oD!$rvjOQ{@tf@u|#%<ms^7hiiDYVn|GipONBiV-aR9KD6|Gc&^ZroX^VKSmPu
zUPXt#m3<hu($jE$;AaMUuA(inV3C3!IW$q0<RC~CZpcTrIK_Y4I8wNXW7rD7@qS%^
zhwjx|jvPV-^oW~*;yxCVvkxn)VsmG0?b=vr;tGVPeDLoMW;WQjF0X&pIs@JmiIiS^
z^)4`7JgQTR^B73-v^nbWPJ2kjM@U<Jn7AqMqsNRmP~bo#d=)}xE(`#l{W=>XGL*WK
z5G;hZuap5fJ;xZzfy&^;O@gzs5Jr%|nno3>dZ)xqL23w?I7z0)unqRe+1p_!AGcaZ
z1oCbQmM<LKj3hE%{E7XyBQ*29PWy`yc}ojbwHpRr&1sf~>hRu3RW7^M5B7jQolL-e
zbU-fbl=}}AsLw$uJJg0u0y%(WCml|!V;?Qj9k-#X3>~CE&b-H^JJf~Wn7;C-<ov)<
z&QycEKzb4|%qYu|fDq?ky)x1ugI@W=s&`PXpRb?_%`GRSAZyH}mU4d;%{w9JTzX0N
z5JxVWvVN!%P=<z<O}n9B%R)Uqk-W8%k<un5rzDbTvS_gDt%Gnj-<vBRc`9n{?PMj7
z#z(xHG!e)ZPadkIo&2-GRM9p<%vX<964TUIS4{}$tTK*o8!2SP-%aWy7zjVN78M=A
z{f_|bB`hrFr&au})NVb`jVh-Wis129f-5gzd9!)(3{sQZ4c_<f-AmjagFL!S<-C$N
ztL!d3@?2f@xvSPvvnEUP%r`e?LA+(!Z1y7AhYIQB<iyj-2cNaJPdlxfX}L+n|J3FV
z-3OwWH`jFwb?o7(v8@PmMbiIcoSnLJ6bJPXV7`#adLO1zvfN?ZCc~FU#&=g0RTEh7
z{t^ji#kT+rcQOn#+#Jww6OZml#7$Yrr|RCPqIpYVRd{Di-Cn8sgfS*AW8A!(P&(|o
zIosh;e^q9G{vc2gN{Awd>C7K2)H?>=hPh>izrV1b8X5dGb_4HlRey4frQgHb4)b0T
zGlE?i^f@v5Q(+WxC@rDDWF1`{15b>J)qOn2pzro7C&I$?UmG^Os>_z;mY2ptXr;Aa
z+UHg#JL=`^%D=Ni<V&9i6om1j_mhe4wQ(;xo83PsYSJ5VU+`r1=CMWkNc{niw7UIH
zY^Kf#fl*(FV(x~+AH%VA!aM!6D=ag#g_dlmnfSjfhFgIK<YbI_gO=Mb&NnAZOV(zR
z6{|j9!WfxCKpb%|Dji6g6@EDDeYMrirz~Sq%kgN=&Q;uG;x0ZLLZNcik+Z};@5zfu
zhl*OTrKm22jXSah`b*j8eLMhONe}@Mp4dl2vM}{qf$Lvyma0Us1)q4`5UdgNxBIv_
z>gvIN%iw-#L2q%pQvE(44$aE~k2)Sucl7WrS<+P}nY;|vf?3}!mvkDlH&Fyjgve!#
zjwweKlNYxp;mX3Wp6I0Es-82)4}uk^`3?$;^@Yt&=wEhj-;GIEKav4;N~%{F)#KPT
z<<5beRh<Ddk%>NZrHcR|&Dgcwxkvpue3zlMUp5WfOmzh(CiOZ-v%0PJ$P3%PcEu39
zMvSKrlzD{Bg5~QHf(q+_*<w;**LP@Mpj#XnFG{^c48fbP{(QQj7NG@01i4{Mxs!Ut
ztU^MAc8Px`H&r8=*9tI3`UpyAqG?d>a@=E_G05VG(iK|Fy(Sz*g`yQ$L~D*Bfl`?D
zxqYhd8uj!+@3?+SS4NNzYjxZ&6|Y+p@LYIEsbr)N``CCHX{&y!9DVXEP_-?UoyTA;
z)mbtK7QlR<*Nt<-{wf>v-)VU<$i&*E+h+)Ew42Bw#;S6>P~d&~RIf71vHItAc?~1>
z_%9f^x)tk3w@x>X`+{G3wA=ia-ArOqpBe1zHuW6%6zep48jpW4q`|WT%|JANib8jF
zQJ~tn++14(G`$H;kUnKzl>6lA_v=)#lyDa3C1Avs!Q|0NQ@o)P4O7$v{jI_~=$0FQ
zQnI;&55uk%BpSaf@)wm}7<*<xQ>yK8GU!-_C?9R6H$CsWvdx6}5+hX-0ykt}CZ4m|
zP>8p>bJPkZNsiD#*K|Xzacx>lB}!Dh#=Bd+Fq7Y<1=1{>6_<*@YuXoA+r=#P!@u1S
zfALCR1c$SKEmIx^GB$b`$~f&8VTcikkw$)ym@5%MF#xe-BvFhJ6vMkL2joJA__pbt
z1j`8^Skq2hjwlrivJ=)ziYuo4zMfMNvsffaM>crap!Xdxbl=pN28qsDsX@ouTfaS4
zpWEss%d>UdCdWdqOQddEh*g-OZJj7F*pxmPnl+daUpMWwQN^$=!(b-hrMNVAfawV=
zSuUQ-0nX2}?Tb(uHks}N+8cvw+l<G-E&kr<KlNfNGFkU`i5g#wz^h`u$zCp$V~)P8
zUp=8*plE0~Nw}_!MbG?5odwk>uZ3!UpPFPmy-MRbbY46HR~|E;_$5rW|BCSg(hGaq
z>S@>?-e;>oo6_2v$SIMaH7sw~<gk$~Mg{99&~3h=Y+cQQ_~-hrBccG!p(A>ITpzhr
z3Y6AM%FMscV=Op}%4J8c6miNNybJ4pkGp^9nlgFig}*<@qguDJ&YWBbJp}vP&-#t`
zfk-dE7VHHnp~8psHly36jW=qqi5g!p?yx+tep>VgNcCjKB){e1M~Mb2LNym>fWul2
zaGU358PK_)whq}jS1Zi8J+O)?L&jk1-`#YmNW^D#P+Q{_!DUm_t8+Hf&%mm3rGA0y
zJy#kiU=lD8!YtklHnDQ0J4ct@5P{#|@bR6m#whGt5*G2e-so{L*?3^$>_#XxjLNp>
zTjW@=ks6fa?S(p=OOSQgRJSqQgAejC@ZUqB{}kj$0{N21js*XdX3kG5i;!E~jL`CT
z6FTMYeXBtgH!?l@K;OGmkd<C5CfACsuK$mW7+(I76ce5-ebb8#V>?t=1dfH$YPX+W
zZzoL=!&-FS-^@p?N>v<MvKC+NLjxJ`$laabwKI=lw-d296#5+Vv?i^~!F+)>AGwap
zoG#H^&w7?6i`qZdj7yq-(bgoc&)2Fg43_+LXH$alLSC_6Pt@rw`g5p>yPsoH7g<GH
z)tgjBfAm&LOhGv#ktp+b<7)<Ee$~yYu{8fVDyh~L$X#KWP4E&%b#--J#+g1^_e5`a
z9@w=onYAdpU+QcHIxPG#A3Xwk^G4$Lcxn@EN3?oVXMaZpWMPVBOFyU<kIlz^?RLFe
zKjc8<0l0D4KqnXTf(*H7Syh!5D=Ci5fJzV;(WtCmSN3Fa_xi+0C@1hGV!(=%o1RwO
z<K+9<=DAk)I<9@y&Gn7~^=0QcS68mS^Q!@+`kB<um&QFm+-!e6u>nbmv_~V+1-TKR
z?Rm?KLN6D?;GP4u9;-G{NK?+WXQkD^g3?DK6+sfVVSl+kBz?pjnoQM>7jKcF@>4bE
zq{Jj;2u?Kv%c5dO2by(eisk$EySVg1bjQGh%WslV8cpilymC@%r|K0Po%)(|I$h<N
z+kg8_-^J!JqgL<v+5k;qyj;0=$>ubYs5`|OP;WTlPl0eBbyY<R&0$!u*oLI!WSRno
zo5=43-`?z0oj;w*EE_6gZ?kE-JB+yhEvq$?7A2nlUAP{aab(yCvn>--VeX+UR7Fwz
zx@%Q}TuY)Nm=Sq;VRP%E9l1VK*Rb+wD9k_zVmKaN<lBF{_yp?Ie0QjKUoY>dO-$*x
zWVckcMhIuf-6f#TarO~TN$PaJsOD+X^RN2<TC2K&y&_~eu99{qt@>6j%=$?}+0)m~
z=(f#9`vSST=p^MeXxJnu+_C265h>tE^9AJvO<U|ZFIAPf`xnXAUCq5+<qCMRFQ-xv
z^Qd+&W2LnMpVPqL+7)+I*F(nD8o$AcEutBM;#T+~|B=a`I}aRt&{yu5Tdpv8EGk9c
zl1J{bTd<1C5K4tco*H<!lArb<qtt%KL_I!@x44feE8>csvd4V9fOr9+2gQke>&ZFQ
zXL8c>u_%u+`~gBCZW(0OGK|5K%lIbDERt73<X6WD89){P)IuE@Zl06SdB7&wts}sB
zAKb254R@ivv+L8{#p^@LK1<n3W672I^y}!vxz({8qdMK92va83>RoTm3vV4gw-Zi?
z5|THVFK*B+-=zfueL@<v76F9^24ke<fN34bXv|-4q$Y>{x2b@Munao^=4yO;JCy5h
zl7_Ar;K#oiL0`@q%FbWT|JtK-1Y#J<NU=%!1F5f6(sY<>;N^hZLKLZ-k*CKwYL3MO
zp{Z<>ueMFXi>7S<ZfpPTN}L$9jS+sPeH0@YZy`>D4e3Y*cWgPx%_D~5{BgYK<Ce&g
zrJ)N~5K++<#f&v4oSsCR+6<dmkUnX^vpk*-1^(FAc2yo>{)lj{v`Em~dZ6?Iq5Qxt
zf1Zk#h)Ln_1!vEjXbAMV>dVV_`k<+VgYU*lX#Pj!Aods-BmG}Y-dovJacekx?*}YH
zrW#WVS)e&)+}Y+RHXJlz*d459<%y0|pGTS^`M80#UzJsoN{;01GMuYW=OmqoL__ZY
zNONB@I6rJ;y7apm(T7-X6a^UsoDoZ?&cRgkqM!7B9h0x|rWABxS8jlXRmzg>fB#<o
z1y;|~lLZ=1IQ6N3rz-#0pfay7?k!}{Y)2EbV-TnAN$Xlb^`@)M{5ce&23qaQ1sL!8
zbmKMH2ZEjp(p!azX9%6g<Lh0mX7uWBpkMcWu@c!GuU*J_OPSDzRTrzI<RLL;V)kI}
z+RtTnUqqHJkf`*9Mm6i8aa~$A>C{fr(Lm+&gy8)fsEfceBUFG&LjHq=zQJ(h-Au7T
z^7#wBD9t|_^!VZ)O9t`z#Aty@17twf^+ESR^pUkBN77o!gCDMQ-}<{2^Gx<Jpeg{Z
z1pX#Pbf<$MN4q-F92lR)KdE}33Z;;lBk;gi8>|}SM?23JRi;4l15Azy5&7(uB4YBS
zZtZk@!o<upZ!p8B`hlq^s!KhKKr=w1*<(H}-K+k@1uLapgK&u*-u3BD1Fsvr8s?>u
za5rSN8n#jAddsPHzbw0=<;7<n;8yPuc)s|5)<Y4r+C(3d;jV7BuCXhN4)r8s4-Op$
z&|8LjI;<g;M9dz~O`vui&$S8G!dS!&uY6Ggnw8ptloFP`si8e&8Yn@r{0GL$|G<cu
z(44$TH+hiB`=LJw>TRwKRs2T5v)VztQ-uN!n`cu*a}%+_Sq!wG9q?_{tRiW{KEcAh
z`EET*AB_|yPV>!+>SrtR*V^utZS-_QLLrT2tg^%WuD=CCsXUzCHDE(QQ7#Cr-G-oM
z#1I#GV)#L&9>N3TTfQt^hirI+?BEJdMr{x~`(5bh2JGl>dxAe*DIU?!=^uGsNi|TA
zQfB^7p32>JD1?B9y#q|edaQb{6ppDgX<?XZNNNQ|v>FULRW!GOwfaZGykVeML9m+{
zEt`46%9?G<qhN`66B$C>mDh_GDxvMtB@$~sJQN9m!`il9{$=#P*v^)V7<`FY(SPt)
zlj*cCx<b2eGEXb*5-I0&xsPj_H5Dr#FbR1{d#c|#)2#rVk27pEFv)$HI9cURKH|%j
z6(*TcFhMFZ)G+tmaDK3{6~aZSaI`}QB9@FS?h*H_p@7EkGQ5&?t+VepNgleNtY0D-
z7+?y_I9PbRxDDC3=UWeB2`q-+<8>Q<zmV%x{qwlHnQeV@cZech*l2oa^^{Q@@u(U_
z(I0(Fo;wGKh(sIh8ix&9FN>XT5l9)fv{e6;c3Ty?Ai$k4)@>xT8kBpP%*_u5I7D*`
zBZoFKSH9FB(TgqVU~y5pDpZ`#nQwZxSTm;6-D*pIXb|Ng-|`u@2UMe9XlrPGXkJ`4
zPQN_lozcI)6Lv45B^|tuVXr~_42WnH#lu_3J)8%A^pqsM0HfWfhmC35fh~-%jRgE8
z`Sn~y7(R(vP!OqGswi4Eh7a&@>T=!^w%@umlX%=CMWdP5`vKaVG!G@&<lB#3+ZV{e
z6VXeJRb_bz5{o<3;r;RWRP2s`lqD&Kf7I1nW4GfbS_I;};rRl|YZkO3OTr}mD9om`
zC;7l+V-nxqy^gfDBT20wf;BledYoV^IbVpFp0!0~9gpvN(iV2KYPRby8;mUEo?Nyd
zk*#!Gm9FXoRyKGgCD$L+rJ12{j_NJ=&T#cNwqE7^5yAap{`8=nXF~T+YJpf%;z-K+
zC3m|vO?=i%IJF`xrnZeGGr9K|(K47h9|<sqcuNSd*5_$@d8{KhCuNSQAU|w76LKwo
zo8wrU<46A(rI{$DgkdKZE4AV0`*rSNhFc09>7Ld&9qXME!D7lg>aPAgYl_hcw>AA>
zI{|zPV&<D~%}|J8EqeLN9Sf_mS$dvCBMcUoWG4VnEp>bJAQRYh1;fR7(q?>CU;}W1
z3a)D*zvFSn!2oBA!*0!yq0XX?IrD>f!@s6i15*#^2=m04TZ5mBXp>JCo%+9FvLr<>
ze`y_)I7Q0cuiH$$jRkqmKDrLCx_s-*7%Qx@<`mMxo{%x$W?Rd>Yk%Es>kKzI%6;nI
z+G_z6$N!z^L!UCWHSc)2sF>(Wx&hgp>QfVKS?5h0iIuR6yfO-J;VbEB8gSi?{N(S(
zmELm-?RJ6K&&f^f(JL2^mW^?>!r<NVJjM#_7zs_uc22(yu;@c*5)F_!Ti7dJ<lH3u
zgbAD7cb5~yFPr2hA|*z16i5b2g2mJBwMZO1%{gVgyZ8AMA9XUENmeJky8+{6Jg%c+
zICti3<>S|8Dd1ZiCusesvOy3kQW*3`Vd|VJnKL|#iIe4e;#s10Xhg{y>$XYM{DN#K
z)fc2<0uU0_%a9$XFtxMmQv>tv(PB*KQ9`tdja$3Lg_^34)1@w*$~58C0Wm(<^lVbI
z0$*=OJ*7u5VV~|sR#>utCLIA=t_HgEP{g&mv`f2+yM(j7fg{WpbgXD|J+@TSqON(d
z`Vy#g5!QzV^pL=(q8kSHwv%&z<Hdb0Hm)KR<4Oa>X04FL>T4Loh|9p&2{oBK9pV0B
z#j7Me9_({@nJ5<N#-7Xj@nCv~c%c+lv|e`BN#zua+YrKiv%_M*h$JB|wOGIza*d`F
zXE~ebRJV`~?OYxK`87Rhy9|n&akC)+NOj|IIY=N1@s60dtMp$~zR&A+Q6hw!35?cc
za(UZr>l1eE53e2VEB12F$_m19UBatHsdy~yK~7kPwTQKR9O%~y7eX|^6<6C!-VJc^
z%C)Yyic0Ts?D`HM9XD>{3nVminNH-+8%7rpr50qQsN1u4^^$QNquVh~`+n~emo>yH
z1-UR>tIXN+aQ3SeT2TO|7OD&@8a2aRKtQWK2DQ;;I0M0-n2_dl_iw5^AP<@wlhI{k
z5wLx2R6P0Z4vT%Y4iSlCx_v3-%Uby%uR>L1hgVC^T?KT-jlTJJL|0thvKoW$|MGsB
zUT8|wS-5y}a~En=74(PkgGlw`3w9vh)|6b08jo6&kh`qD`n~p=8P}3jYuvblirYYX
z^g3CXl{xse4-Mm8Mvvdw>N0VefAPS@q^0EY^^Z=i?c1MnH<Vb{5Hyf>WBb|K4?f)d
zkNuL<xldr^+7%<a@MC_QH>!b55`qd{N&4c+I0eR|XE)43pDaQ*sPmvaAAe=_pYgS;
zXW6eNfUE;FuX$f-$D&7-T?6(aOJ+Q1n!FTiw50o$5e!^Dac0F-u<cH?iSmpSgSReL
z27IMB>i*7Je5ea@uW6xU7U91}6ubd;-FnD>M1TzMMmCr4V>5u&eFnHI*i<19>rN&c
zMQa`<Y}-672iN)PImZ#U)j~!R9LnQM#meweE7nVT6Z8l2C4SuO7NsKM$&c2cU$B_F
z>IQm8unVDVjPMWMTP*?Y^0Rv5QsrTWq1=Ot@d`duRlP~bhF5P@k@Jw|=Qv9lIbYIl
zCg8GCSTzGR%*Dvohc^)rHOCsMD{7=fRaNEP+s8JA%N!6^tdC*lk>jC6@>;EAt5b*_
z7&Rx7Z4({xm$Yg|b@+KZ$)_aDyk*GdMdj)GBfaLXE6k1FRLtI)9C?%Xklp=669ExR
zG5qA=2e6pw;GqZ1RoTwYX>v}s*AAam0kV{^6y(msVxb280E`10lIqrV0$qH(I=Dy&
z)$pbv!LFel1xH_3SDEZ8vD;hX*9`ei=>&{GEZqE~#=52Z@t=ySY6qCg?S)an>1CSQ
z;<{}_X1FP2VF<O@l(=o-)kn-Boh6|>8dITvN$<VsFxeQnXD{*wnrc!JKI;-ffv)@9
zHHbH9o7~=b=eYE-J$cj9VVi8M)_+?|D3eI0EiH=On-I!y_`+3J1j})}cbSmT!R!~c
zBJA+%Z_O{twuttJUm&8I3cyu@=HJeJadyS}{KP}mDl9<#F@$Ygug&?9%XK@mB?&ef
z^3h+^%fiB4-AN)Fs~*;dCix@s0Y?|n;2xxn+&h@IzLi<|!PFtR0-;Llu%a?}A`gqC
zDLRsgW&1OkqiVkhv1max9I*G>E=~Q#;yd%ka`0GZ1j{g&PR)3velO>ODXDbC8}S+L
zp~wvGhlGIxwaEz7(PuFnmdoOAk+ZW3<Q~xxUu(DAi<@sezlHr5W`}G5cY;3m8H`zx
zAsfR{v~0HHZ?ev6R`vF!#qIpRNdyn}_bgP03%5^0z`n`pITvJw%5`oqDRc)KoTz0r
ztMrr!J!4yccl75$WFN3it|a9{`g+D?R2d~vLR`ZcUgI?Tnz*$5rT=}Pc~)O)Z;N-4
zy`<=-c3k*8u1(%I*Qbpiz@3UJ_~o3Pv4S$AhBhwK5D=`CQm^}mGO__mH(40!)2}dL
zrR~$$-5i8H7aw;5;U%l->$n;e*_ETBtYAX^^Sr|Jnyf7-1M4CD!G=gze?<%HdRNku
zksXD7>fiWaTVsW<s2U^!Dr>$@#Jbr;#8d_g$NGX%FneXxG<OfcoSx?Oo{R+V4Yc~t
z4bWSqOSlFVf$6`5eK>CI`h^GPKkmWPZ&X2_9V6`(*GRrlGk#-N0Uf=vd8q#-wGb^Z
zeNS^{xlWRwChC-8!$tIp4YHy{Y;y@Qf?+X&wN}@*V6{(9VERsFv5fB@zZui0+?U9?
zED?@r|NY4y#ghjzVVsKiVhH8@Yjm1vo^XuN!|J~e%7nys=znYVD}~m@uWEm>k`ZFu
z{%z-}k<CrZW^7k^7r6n`<bB2M91Qx%hId?`HUeBvW4~Rg>);TN9Jf11zGH1Ssca;l
zq;8gu-MjIZjcxKuGI9UXf;era(@J=wMHnM9)4~vAc+>*~YC!^QA02-A79viase$_m
zB1osV6us?4y;Ips635@AY$MGWKRQb-Pvn6ogIr(KBM2DZ;^#V+(xpeGtubqKX&GO&
zX4_wMl-7TGp0Fr$G1x2-KuWZY|8Ccq+&<-qIsli;r3cO%nI)A9{iR#`E>tA&rP-hr
zSia4J^$vi1@~v1Yuwtq5v<dK7Kj_XP*`bm*y`{XjzH!DV;Y10Rn$#`&88>J&>Q3+i
zl3z5mq98kb)gpklqAO?+@Y-IXk-a)lOxsrs)aI4Cu90wj7A>KGjWM{jD_4<W$E%-e
zuCWYqs8W%3QCpwm7j_B9Rmg4ede~@nHU=1^p#UQ1ZR-=P+PF0h{*#AH=EYK3FQ@u|
zYrQvaAMjMS{pwbGHK#gaU0=^eol|O7U7yrRb-@@{wFbKhk`_3>aJ3s*q8bXYW(CI5
zJ=9JQE>Wk$*{8&Yd*Q>QSsi4AEl8rWC^KH<JvzkMDC!SuE09rYKPhODD-Qm*$bi21
zTh2?5jBn-B`ZbyibNhpEe&78nTdY4GV!f6S%IgM4t(zm``gMgi#>D}yjmRf#e*XR3
zWpWG6@7#RK)g#OAgl0|Jy)#Vg>U6AG_g*olW@l(=spYrGlY@WX3=I5T^&#y>N<Lqr
zu$_+UPKO23f6c1C(GTA=h0sApJp)h7SIlY)p{K9~8IkjAZGtQbL=DA+%jMFhWxuWJ
zFf5c9nyIV`v@kg2nOa)juaeixhZ7KfN@YfO`0P&^vbZU<*`W>4PwQIq2+oD?VbEV0
zt)cV}Sj@asru<orE6-_(Sk=`rNmJnO@*Zt@fGJ2caJxmXSB=v0I`r;n`3699N;zy8
zHFBVEf*g%$l=3V#5>Sw|8Ir2OAhYf_NQVBC=&%5B)VI-mj|#MOa-gNlXp#zW;|u8D
zgn3ymLMx=$EECcCWkwEgtOxGQGpQL%ui&ol_q594FurR2miOcT{pbMDRSUh`30)A#
z+GdDD^d>Avg^v(pO|o|Y=(a6d-z{(457yIQ1Vae^P`V~og!9~V07niwj^~W_m%^We
zI0)}ZOyRu=`m?5rTVIeo^PX<&dedN=C@f+M$#%q;G;t2N5yZ~F>zCkGddE{qC4~5L
z8M4@x6+byC$~ct?1%CVA&g?-c7`POLek)~m5gf_sVv@ZMy9Nee8}mG()l&db3hdz{
zZaMeTF0H$&NqoB{0*XPOgf@rJOH{>W&8fWg7-BLv_4l`3p`$DOY(HC{5^;?%)e??@
zy63MI+|VA9SD8i!S)sfX7V-gH;jM651Qvq2Ny1QZsZpU_SFn8u%C)&M{f+UVn`5LX
zBl$4NzY@0fVu5Wxr-Zv~H>rI87)kM>VT0_gtFAm^WaJL+$aYk%#<AiUWq-&7ktcUc
z!Y9^Z$qdOO%K{%)V&^<|OocV%`L4cgd?Dv%6~>g=Jl&%)?VNo(L&bEAiF72!L-0sP
z0%C?D1Eq@;xI%T^)uwPc5;@qqn)FQ~iAQOHu`b9)OMvZfrW6NRf1)(|rzJC|J7&Fp
z;-PTh4uk7Y_JVZzZmHf(==CTJ#x;yrKOg3>I_Y^0*+qxhcDH4U2}r2~RtewjVxp=2
z4YDr>|3qggpw$M^nG(pD0x1w*e~RZICEV*HQ%E7RTP9F_*?fRQHeh*GjQ@>RP;_bS
ztVR009vhJQ<9vCw^@C1nCK+u*DCeD(x$BD~LEdv4pLVR80zJG@Bh02QcIvmCxk9@5
z#MezRMt76te)pvmIMnIWmIxU2jL=2z-<skNWc#d5RPsh>+dE6AJJ=ijXI$euXUZEA
zYFgruY%=XbAu{_NzuTfeb;lIof{3%nGxw)#m}&tdYa^1)nyL%Nhy%LNS`j5lZC(3A
zqhhIQL^LLM#aoZ&fYj8*H<b|G<mQ&SlTh|jf9-5v6L*2{o5=-oYf`x=UE3vgH`eQo
zzjl8FNfo&&P7zx3JkDl@c2Za{MQA2L*Ga>dS;g+AnUURTDZLo!dKeMhd}g>#4e5I_
zhjs!Kp?JT;6QQm=p+dhlC7E{1QS2n!;T!LD6C7xaGSRLDq#8jk2~ye3-^8L!er)+t
zpKocEjV6i<^;4@ZVce%M@C?u4=3nx-t)R&ogF$<+6&ZoOm?4Rg38ux8Tz*xQ@2{^!
z9Gi_#9T}X{FPw*LU^hIrJ91A*0n>7Pnl%N$?i7vI%x~N%o~Z9Xb+uP=2)U~s?+nvG
z6$ET*E7gIjUEHF${eRcW`ZL0u)d2$v0d>c<$`7_UB~MN)vLJ9Z<x>2YQXPL34)8l*
zZ5?Pm`PRQKDqCgZuYzr75H!j)S4;=z6d-6iEB<W(qe&^HDLr-_=H68E5?Ke_f$9*e
z#3px@USy(*naX9HaW_b$Nx2_=V;?wUGuq7j-5$kFav#NG33-&$*Ec?1zg!BQFlxr&
zbQ0)J`qyr@d^jw;`g4OmzcciNwmA{Wg$+`NSiosB+$Kj8NJwi|#d<+t!`U0Z$|N-0
z>iPOMO86i#Up3G(aJ2M3RuiNx0SF>a8$bKI3f|*ruNAa)LgZ$7pQ*VUY2J&XW~0pX
z$&liSQyCcPbJf(&+q!h1nXW>CSC02NfE#2rA19UZzw^X#cwEAV;aBDJo@+@T`^+p~
z4u4d!^`+nCXf(-wGKp5c5$sxd-%Aiqt@=elj5BGc1p=W4c~TBQC-8yDS-N$_Z$Nl&
zGPtTyIEDJ23<Le3!GkjG2xW8F+S)h*o_4FapDd=|>~~F;dKS7_yM9V!v5eRqR_aOL
zc0lu8gh8OiNkjuIo&5?SoOZ{keh?MoID`Jcw+6xBa7V_O$?sO%hyJfsu0}@pEH6_B
z;U23{mZb@Z8HWju1;DF>DgNf++ND_@_531KEZ1rt?eX+aq-*=I`|P7<oZ~swVK@C?
zHn0-Q)P<>)_B9H>+AVNsA~!UY(qhtw69jvc;<FJObxbdYCoYThsWA$K(W;79Zhvol
zl(TLEq7;IPzi+J<I=$daJVx78<F6$S>a%r9=seFp6}`Xd066+>xd7;IjBId~?DrIU
z*l{H`t=W~~kEBe?SF^$wnw_T1AT24Fh8&m%sSFI!hvK0+&P|vxv(!{3Y`Gb2r3s7Y
z!=nNr6Gn~MWpED&W`}BZy{Bz{Dr)qt17bHuG$zEp)Sk7OF0uESpcj|e;(t{$&6cIL
zqQbtTFtS2(K!Py2Z4WQ#R>JxeAPEIh#9%;UK<o%GlfrHMJ#2FM)^XkNsTk={X!VgQ
zG6zb2%V5%o<V7uzox4{h6K^FFwxY8cNehP9U8_uf2kxc2aL;>R4L<$66xXtGAz}0C
zgQQ4|N*FPJWjew9EAND~tSunbCCKE(Z7uNkGqBwU*d;Rj`KS)*)%Z3;WLWf?geOrH
z-3<>Rg}w4fv|TRdqA25ayvVO;GWGns`Ui>KuJlI)jOBcpo5jB7>f_h!pIwk+z_a>2
z($4+bfR~gI>Vz0-;RtkzWHjCygEm4L_K|?mmx@PQG$aa3&EkIQ7>GrOYf<k(PxFWh
zwdx@Q^i9D_hEaUpMQjWM-9J(xZ$NX@4Afs7|F&p|mz0VTxLg_2e7rn1vGqw(1@ZEz
z8m2;&yOl@2bf~2kL>SEW_kpJHs5S8`oBSAjL><pYy1qi?A9rwe6Qz%e4n+&~@n{*I
z#ffAoRq(>s9mwSxs7<BSx2Wi}U^OZHIcYs$eZBK%+MQ>;4|6ACy+^T=6Krl9w$9P+
z<wWOuQHgtZsEx!^xCWgtg#$^CpDT`Qy?DYB8KDYK*v0ZsIu%K%<oDCsrzZy<dGb!k
zB+dsb%1e&zE0@|nFjt<2fBIixtqKnyn533E;;Dx|yEQqP64wG;7Ma4x7jH9A&7)TV
z0#n`eBpjoKLnHT*^o<I{_i;JRltbwK6_ueeGUN4VgdBGx9MKP2*R7%JSLV<i%22#I
zYYIiDDz!|Ot4yN$pX(w;e-4RW=?Dp?A1Sx0BmPcaztgGnmqd#%e+PAw)wkj{+ufH|
zrD*awji3C^#&oU|rrX_>(nI>aw|xx@Sa#LBd|nuIu)NslJAkVdc@oeG3p|UwYDm1`
zV=+!+t$cRvZPdi8BQKI)$muzBGlH2WjRD-JxfO^&Bf3m;k_H}$t#}K{_eU=)=7~Jy
zTm$2k!9bX|FGo!Tmkk>!1_FR1Q`gu(HCJ@M7?kHc!mm(f@FkA<pnYG}%j*Y#t|h2<
zVSl9tZ+R0rbH0yiVFlkps0JA&6zgZbeP~f_!5qIb!%qJ<ZJ4BGOB)uX5}AmH!&Iqq
zNb+la`ij%$swB+SXc_@gb~$cWkJZdDiDlRXmj`!k6IVn2FjKPImL>#E!g(?3rh^`q
z#(JE%%|V*}YwOx9f%=JKd!U{{Eq;eo#V|GfvPc$8d{xYlWKU)cz3fxpoH0o{Q75$P
zw=C?#>z!cd{<uDBvQUN@!#HGYun}%uha~;st5t?OZ&-tqV7{GV?LVhH&^-@4m}-Rh
zFWo(xCG*FA(f33goj_ZMwURSQ!`>wwJ=J!0|86`lToV=r$!}3UeE`R@Wre*g`@V4f
zay}R4US0~h1LPScpni^nqt9}(_mQI&HifxNv;9*krH7$omfnHLX1n7Jzh`5gITy=O
zNNEb{%Skgg3tb1nGGg#gF&F4(y63OWo2nfF)204LO;q1uLJ1&wDuVF9oxJ*0=)5^#
zQj&1;d+%84_Q!e0M}a;B^pqm7cR1nl-Y(~b;#*ITgJl0q6jLob#HxQzIGUgdAyFy0
zo3Ok0bvV4{WX&7mIjxl`<6xTD^hU$nYwspMgx4-nNDy&9wo9k(8ec1u)aileFtvLW
z^=%XQC9E43D82P}Z*_C{3j{YpP5)&^qQGU*FXQ^7zMPLZ2jtp)7v3UnOA=ZugTvJ4
zWLKI(YWaL5Oe24qn0ipQzll}@r@4S)P?M`s)VEfC`=E(2sY6^ZB1T*vJGJuTK!s5$
z7PEY0k${l?(yjloO|OQujw@j$1SVF(8`asIKjgL=SNad5L|)l4=pii>i_$_Keh0hw
zs)21(1WUbq3Q!inWQZwX`(msV@u!<H)1god6lf#=3qmLfYCrQ*dy`%^@A<x2vD19H
zH<m+1!N68bfC+JI)F0bJF?Mip8+%0Jm>k@gsI7(jI{QQEMso>I-HiRsy+Wq`oM*)v
zf*6u*`m|iN3ev;>aKzz><Sb9#=HQ9>W^!wWklcX_h%x(zj^I0gweypC%|qzs<*O_2
zncqc-lET6{_`6^*DOXo{atVuo=6o_cf7%$KrUjgvv`vtWo;7knXZ%BtA3Y@eFT&Dk
zhkmwiarBk=$zO)-p*I4Rs7&F(X=vH{g2qL15?Dj~Vn+us8HT;Bg!|}BJqR?aq9PlT
z1a26<0Izak(Yy}^$R5(j?1sXU&!FbO^pGEvgF~hQR#6N}*^!xTj58Ofy6p{Vd{yYZ
zI>M80rNe7p0ToYmH4k2nU!M1mE~&^JsN1B!yvO<voEA%=<3QN}NX&hlYF05+5Q@i9
zALIrV>|t7!i_?#nE~MmNl#>XIwRCb}oc}Em0;Vqf8~97RaZIM&J#ZuFi2L_Oe>u0y
z;(|Z#FV7qC=6dr#c^zrE8?PH05c}d@(uZ-`Le17wTW~JL^wADHX!?B5MGXT*0#hMF
z6GR?#kd$qQt!2}%<hH)5GzTQrSqjb1*f)KL7A$m{`a$LseXq|j7-(7f?1hf7KLD)S
z0YN=SG-nIUI!EAaf=%z!H8A6L+ytRHFsGcuwLPazGhk&^iM3ta#~M(?-n&~t*3Onn
z0mlUWU21g|E^az?3JBlHB>AZc(I~`1Fj>=JZ7D1c?UfFNi0T#h`QKy5ib|Yd>IDUE
zly``0jupSz8Irele2L&jT9)k2BOT0w0j!F0pB(^QP~!4s&K@yt)U;XBfc=C$l^X7K
zf$`(wbVz-WZ({jt!LQ^w<06tOkdU1{auUm?B{8c|)i>Y3{x$_Ht39BzpiH`fi5)Ko
z3n5DWP`n~Rs++rP_RgR`QgEDknsmq4wo+?8(YW?$36gHqt#lqET;BmtT0%hqf;Z6s
z^wSi7K6(DFuJ$1N1mg$4;E!ujcI9Tqb~h~zYJBW+vtyhg<H{PB<v6WhiKqK}KBQ{T
zsZvm2p3sPAX8+7?pkh)D>u^epX{!8tX+=1obEV*;S<LRP(~GiFM+Hj44VAzNz=Mfd
za}L1oJctg=)CRN`bJyW)z0I!yr)SV19$bZ^Y4H6&q=j|Hf6@~}>Kx<l)S00du(}n`
zhnjs{3&Mz(qkWNANffq{Xx8Cv={!W^?%HB4J45=7CR1}Zs{qUmah(iXk#1iw#QW80
zk-!kj!OV<>S4bCkpYu~@Ax9z}_L7aHw`O{LQ!vIdFCP=uZ)12$Oai{_SP1PLh@rlG
zNL%)k1*Qgyfv``rGoNy*a_BWjUXpx0c9yxuk3=9Sto{B}vEdN?!a6|;75L+}f{sUZ
zUuDbWb5&qxS13EF!nC1N)VakZI4B7lNpYofQ7=_~gCkk((~sBl0P(b<CS}>$vgMrq
z$fmk2Mf(Z%T*GuC2Iy;(s^qCtu&46S`RhHnb(Y+-?JqsYgbHKYWWCs#JMmn6hn$%O
zE??FztLyFiw6l=>9*uEy>fc>`N-U#PQNf!$x(@$Y6o52=cR0rWi0=Wh80HYfR4-vS
z$q{hI6zg8ivmF`=yV&ITTAUU(0Nv55@fzJDv)PWQblJDU1xP3x2c>6({-Us$<UaC1
zryQ3NIibJiHM7D>sv52!qwnNZfO*A-;+XvA&YeZhJ@1#Eu{!HB>h0h;ATIh%YK7T#
zzM(qPwt03;U5anWZSAjT<MR(&Gx}t~G%91F0wH63lo_ch4zdOqJLMK?nl)vF)yU@`
z>URla9MG$qA;9@$Y>W8AX9wiM4>()ALDfUBuZ8$}BgT9+L#gCOIO6zjl}yma=1Xc7
zMcv<^3nbyA756<*#hea#zw)|7CbfQJql-Ts`x6Fv_=0w1wBsaj!90#=8)kg%1TrcE
z7o$2MUu)<0gqUnsS#{yG+vMakUcJg|O2_z(kNErG2q3PTJYj?tt^L&)xOTsIJTw^E
z!U=Cf-&90tJ>B~lxt6I>tq~9*ZRx{ojeZ`MB_`)Ir}xD<%`ngf#Nc7b*>|Ppc*_Fq
zd74rCGrX7vV>}<4+D=gvX&(6}nPhlg=;Fllji#H{NbtRXUHNUHyX$ndc2$x_5mK<Q
zQ%^3i0v!M8Oa3(%ueV&J{RTeuP{JfyZn)+;8d9Lt?G(dF_J<+j;yAPsA|fVca=(oK
zN%-GqOhJDhX5JKwT&On8U0%xm_${95kd|_T>UBbJ!M#>WYOyod?&w}H@r%czLz-=w
z+4cXbP~iQd;UCQP<(OFMERu61DfeF!Q!M=e8cYrWg25^I7E>r$%*dvnexw27b-&(M
zSp#|hRey^w?`t#DYql*q;-GSGVaKE0NT}AN$HC?gv|d?d>e|!+_qG;Wx8Zq*E%u*R
zd9>bkE;D68p_7_Cf6F;~Egt)xsxitw{K0Evg{w+7jE?pQi3x#Ei`zk<oInsU3B8UC
zFo8v$z(E&Lz^+&xbBC&6CzVy$!i=IfZwk&=FWWpw@%^pk6Oq19!Sx-#!>ux$X}AVw
zW}*q(m9nDd6Jmqq9x`qmZil>1>xh}nphXn|rTNA2K)3|fv0wBUT2xIT2)V(u&Y$!F
zeg{8uitID)r0*f4Ao0m?ItWDL2r3K!yI1V#QjWwE3Mr{UDz{&6W~#Tbcw(?~{@X}e
zkbXI)lqnp(M8k8ci3AI?_#WFN7%+L(Dv36DzWv2t(*ooR4S)-;JEt$i=agl<hF&jh
zJ7T(2sQ&o3g?%MK5XjVlABjgR;)Z3TH8=_Sm&#v>aeosfR7z#n06l%g*f!e$i~uD<
z=+B!!s9Rzyhwnd}WInI!(D2ZM!&_a;iMKZBzWQ^4kt78P3xjVmEQ)Ml6F7XuHn_Yp
zNQbaxGo|@50Z%I2GVJyWe}9=6IFLrLepHfq{CIaoF|ci0Aq~Q|P&zCQs7{%{Hoh0o
zC@F|$q_4^_Q5c7*g&}_Xm;(je_>tQ}!hq5zA}D?0Cw)SDW9XciJgz2>`1GBWhek`G
z*c5f{`@D*Ool%x3e@V33tgdHcj6iW1WR$8@r6&t{xB2IU`ed-T@}Ad<{3xk^)x~wT
z0W;kaZFO3hyX`3CXD+^djZ&|xOveFjC;=Zm-QWTC!|4ze?1vR9D=Cm5+w?j<>eonu
z?2$yxdsMKshGgfb_v{3+Dbr`f*X*fFiHAhA#^rm+ONlSw(+<fuh|X>8{K-Tj*r9ph
zclj~2I#nynX@e+K8Hju<ioj(RsS<l@Gv&E2>M};r_mn16-R$jX-2_Dxth;Bf1nC5$
z$Z%M6R6!l1HKKkq30T*~lj^E|I5WKZ*d`ivq6%}5JUr1-)3Q}%?eNACg0AIz%QB5g
z#XrZjG>eK=<rQ)Q#ng)GB~_NLP?SSChMBy%K~}2WPLIrnK~A$(z9OSi&GST3GqT9j
zv(!(t72NQ#eHl*(CkIC7cY;6+|4M!SrG)VpBr1c42u)EyqXAajn4SkN$CEd(gSF;Q
zwCbBb>|ywl<IlUB3wn{?w(tQD&vdBK`rdP$!LFFAq{sI2PBdfxma;Bxdxp*;pJ^lX
zbP^yb0`-Dk!xo&ceEA*us0}Eh7b(TWaS}XGIh_u<kiW)Lexd&*sZ+{p=2vDUg`=vE
zZmxy<SZE^*;O}B}5e!5VRBXj5Dz|t~AYAYAGan2l>}ydSz}6n$7ozB(W^_$&GqGjt
zc|_AP_n!t+=zE!-i?d2hKPWcl$eRNkhMF6S&&;>+MJcy(C-1JIC}lufcXvMz@0^Op
zr}sgJmOupc`Iw?H|M;}$Zw8ap$*Zx85LPiS*X0J_Hq7xa1;hl!^>WC(tx`FLMz}Z3
zR0x9B=0mbxJfI=CtK$*5b<|L*yta=$f5t8wIvaeK=e$2IbnYQ`DuwCRihz9-R$K$8
z)zg_|A$C%#HB)=ekp%Jz&3|5LP*FBX&Q2g!f8>woMT1vp_#~w1_=)9od;>+JB**1h
z1>6r+epbCPqw*;5-}rk5hI}3jwE9@VF618zs_gYlWvpMp1BMkgsZ=A}%9fe6Q#AFz
z?K9wmexSG@rD<~cAB;q^duf=Hwu86<t~Pd3y&?UfXqmHYppNS~%v(05Dj=_jm%iAV
zQhI2Qc}YU<L$zVf&%-E!$|gU*l#s9V0UnYZPUcEOt*J@eG9NU?MmTQ_PpyVzQ3ZZu
zZ(^wTp-aN}BOnhY{O2KQMP-v}C`tiaN>3gK6fHP(q|&y%@@Frd83=F9lADNDveZa;
z!WFwEnZyQo3eLQBzbRLG`GY_au+7Vq0_jzhF`Jt1zzV<0tw*kM4dMKsjxRv;DfCj`
z9xC47YL`rBVFb-4^#(9ly{#zuJjJBQnGob&i)H+tp$3LrX1Ot^Z9eXsRX@w73#`Ck
z4!;JK?E3+86^D#w8%$o!)+PAAFMBQRXaD|>qHB(-^y|W5vOU@6WZSlD(#=h-x#?!t
zWZU><+va4~WZV4ix7PdTS?fLfJm>6v&c?I-trq=@f5F}+n_8J*P3y2$0)Frvw-qaH
ziGQ|+ZdWx=SdH^%Z|`Pe<C|uK4*Tv#(?23p>vB_>TsGrE)Ku9{Dngl1CpaIa)TMmL
zZcPX7`cs3B;=z}D+Io=(*)z#8G&tc=8PaBDs<*tzoEB%_HXfyWq96D28UkF+dN1(n
zlGT_LA#Wss?AYx$gzvX(#H%cm%10MJpf632H8*oLWk+1IJ#&S(gR+J}GdAwq6qF5y
z!`gcPj<16bP_d#R>dd1SxjtLA<XHDfe(Am?Dxf&xsz3~t-&IA*oi`17?~355%&FNb
z`GT)H{PYf=S}hzpN?+O?rG}pc)yS_eqtV9YhKvO11G}<>G8-v|fgfkxT~c9cC5qE8
zL}5jv@QEB~zh$P0CKS{`39k?aqfofR&V%)H$;N70A!<a2ztT}G#O-&$TCf+a1^p5w
zFyUf3`I6piB_uU)x%bSf79e)!TRvJl0EU-M0d|fm44rh=8-X|ujf6udr>Wh7R38_9
zHFzs8wi>A&;)}FR*7_Y!>H!Z6MyWhT(#Z6FC0J>2N|WwMO&1_K#bb&wd%3e+H+W-S
zv_P5ZEEnT(jvf;^SQCo)VWy}=e<?YPklUYX7!N#h@D9kv&o18u!ILs7D!N~y;&gJU
z`SlubB_kFt3#_zzqFqUZI#b7nA8mVfdwP7t$-?{X*_S}{28FgxvL>zZcB138JO5XH
zk!lHc*FE|$>?i2700!q|MXtp~Qz-9Qz=!Hia!SA3)~ZF^_DAqW5Q*(s#E7Lg3=oBv
z;W<rtgn(qPLyEFST6Q7SB4}oM=xn`%wPx*|?$KC49D^i^i~l1&3h=R4Q3DWLWHNO$
zvTGR8Zy2%lQ9i>Ps?c>TFFSs@s0O<uVF4uk@mX#E^@ED;C!$|$PV3m75L0A|M<lUb
zL=*}Xk);Ie-OQd{jwQjO28qjoEu+nT$o)JjAtu4!GQzK83q#M<kR^o*jKpU>CeM{X
z2i8Ymo$lB+bUpEuV*aA)Ru8LRw@cE*e+fl#41#(rV2d;^d~O=>l%lt&Do{E)0EY{-
zw@~~9-DAwrhI-(*b+dRl{WuOn%_S|!5-0foHFq8OUDV}}vuw8)1?%ulyq0ZDKIK5I
zFOc_olWua4>FS6W#R1s_42LLqj!nfyuZt-OP@oLe)st`$^@WO1v8EL_i`D|c&L$FL
zeFW+vZyQqa==Ik8OMj{(4cE~q$DPkt0+5}Jme-E#liNQ=Y-E-t;(O6}JhDXm<-ENr
zLDK_JHzW+-tsmEIMO|aXGmc{W1+7Ki-!)hG-O=xPo4DVUH$~`@i?^g^_ymZRzfT8Y
zC2(})gaZjuZcUgOaYMz%=9q%KAXsna)JfVXPPJA>L$Rb;;b^JCPPKH^D|Afd%0Xfy
zzShYe7!a$A|5<r0m^6_7%UJD=4Qn=ybbcrMp;sfR!{?zNGB$RZR6vq6;U+3poYd>r
zu==<V^QhgX6-Gbus8)TThkOnB*V&SRNPCO;vb|Ng;nCxuTsIHtTR)<sE<}Dx=SW(R
z{=ej?k@nJ3yccb20F6{=GG7Lq2o=bRB?$fUUtlqen<ZY3pzj{9rQ8mT)UmWP<|8x$
z1)<;fE~5AUUlh~n%l!a3(R@Xuzpv3tq<(ZSXb(-e%6VO;0qR}lw9}FEn--p1f}oqr
zNDMB@?4FX%QGWBnAGSSSi;12$sPML~(qEC#HI!9$;T&_r-4zeR$%U}m{RKf7m6bQ*
z`vG3#9QOjMuv|{g<5Giaa<a|p;t%sy#oyHeP?S;JSADfEoQ5UT*-Fe8zL}~`kB}!&
zP%@1R5>fEEQh|M0^WgxggjzOqgo%$8^E%RfIn0|$h1Wf=_!x<3W7IHN)I~=%x^llL
zc6?u1`B-SG_}#1a&`fUYX^>^F_T`nvM;CL^z@H@Ma9z*)&%K}q92NEX)^}oK*9auu
zrnLEdVQ)QwvK>ewvi6;gMrt*r`aVpR_f;Tz?{-@VgXkb@Z`?7&v3;f?E8TAL26dcX
zSn1iP%U8=bP8=i)!Kqf3pLC+k-fhOV2SQ_<9B~1X`SY<)Z^c3TIf!;Z##(^Rh_41G
zAKrsi?TR=d%!{cFHz4aj2TX~8JOgR6&Vp4w)gjTcng1B!l2_P#AckhQ<gbAh`uc)!
zOB*w+wq`LVhC^QKY#&J4y=lm~QGrGY9SKa@RMgVnn}KNxE{7YeLfcWiSUGt0Y)6n2
z;|yjtRFU;`4V^?gFrX;=Nx;1ecvP9+fHe4=b7Pjv!7?1v5;t2W9fK>g3x#|;1XR||
zBkC3QYaK7Qe1WcS51XZbbiQu>bydW1hv<3}84|G}PRxBHnaqmY-EQ&~i*1Ns3;c9>
zOa0k+;I`%VcSw2apTsWhar&4G!Ql^Ug|(79_im^U)WjTXP+@Yd(>@#S3K8N5fersz
z^ACjkh!%OJ=tW03-X?DAtk;da%@s&DtaA;|CIOc3V)_)Zh%FBB%5l*l?&WF6TI=IT
z+9ogtea#ayH{#uAn-!|~+BQop0!W@Kq6xSE$(Bs#=+c87f#0T}-N2_4xQ{ECNRq7c
z%A^<=cwm|is?&WnY%>7l{6u}$=Fa0Nh|^<MDAwlKKY%Df?*CNX^RWf;XB$`dt>^rB
z#h;R``<H2O6&%c0VBzQ3`=TpUOU;W&cw?0F7U}q&scU500%MN&ObCu7noMh^N-J<c
z`iuCoo<QMT=-l|l2eFEuU(rYV7R`o#2%%xhPG=o~{LpbCCMf=mbx7dqFyR4)evc1O
zFw3hUOHta(nn?EfPj7B7@E)BzVt#nI9(6uCMqCKtW68=tIyfd6S52h$^_6-u?e1W6
zSL;JnQKbR@bBu$V*B|-je!@Dtei@Sw6#(F&IJ|&_sT^s_^vn8=r*V*HzVcIb8P6Ov
z5Q*0hx+nia*z|&s{pKFn>!MgTgKZ4H=LNq`2DQX<$oxVNk%Qdy#_H>*h|LcnwTjSb
zOV)vBWqBj?kmT-Urof+?)+Dvfa$N}fX8uqyW8p(czgj9xMWYM``3=SL=dXb-LSm{^
zZ1yC97EjU$V*U`%7;J(%iKBq-(R64G(Gxk)Xe1{>Z*N%ikxS+)!0@*k4$yCDh74yl
zuO{5$gWokweJ`s)LQYWo3N<_Wi-P*igD&DOV9<_m!*FNan|n|J;!WQ$qEf*+qjq-k
z&^l)wqK`TWC?r}VU)v4NwY2*;QmU{1xzvEoPr*j)j6Eem1QtsyB~tg5minF%Ndfe)
zj%ic~7q44~27l(ZwI`6g9zzBrB#zgUM+5xl%(2+~3~_xecz&LwpUPusS9Td|$YY^j
z&!XoJm@FaTB=E-$9wpw8bDvjgQ0|a@#hs?C*+>!zp@8Ys=|`EEw&3QLFsN(eel#Qe
z*{!%)BL9s~jb4GGS$LE*xGi$4SkNY$B1cX=!@UBKTnT1kt{;G)61edM94##R32lF^
zEU7M%T@DG}0oD+!%PvK*iY2$;MPL$G<->kEb_g~L$NT!@6GZ$^aH*SIBdozXBilK%
z!yk0l$w0#MV0+^k8Mfb&)8_qj>t?9HiMA|0&4ihg0vOfXK|IN%lInE<i72EUjTzXS
z<B7w!c(RUgS5wox<V>$m?DJZk16-oxz0;FOHztZKW{hb7vkHBdih<={ZU@Qjd4a7v
z@e+>?YU<X%qlWKh3HB%DQe^b>5w&sDV5`*0KXsBOpImt4Hp!}CZE4I1t1uFMWUPLv
zfp<$Y-R3m<F39r%E0q>>(N%y)RaQ9qBeccl>U@x!`i2l-^ZoK_vLA)jtl>Z<qr9UM
zf6f4pk}&PZ`Rb^~>rK2kCHJjh90Z?hRv1tVR`rb#f<sKbR`Zh;ONz+bZ=BrhZ%@2K
zoTwsA*UZK!c<Jo-x0HdDJnUS<*V32S*(;+-$dXM>9b|Z&4xFGNnmUeBwzD{KN{_=%
zCRV<Nh{U?Q+aejlh$KKad^&5KYiamg=a(|xy53eRt<kF{k7v!ur6O1i4;rpvyB*;#
z`_`EVW;rXfu;%?)MluiT^qfzx`A{FE|D1e7{h{j^OQ}9(^D#PHjCcQJ@gYm@>*!Lc
zjR$S36n6zfm4euBg|xN@-|RBY1a9yWB^j(P$MIy}<IN$C9sV39t)wM#_y;)#tfVEa
zc*{<is{l4-iBNOCLY{4tk#vqaccs*sJCLKxsw2Hx;txIY#e&z2%E)UWvML5Ig>&J8
zvGMC#j;KFI(-kl*I-Ot?5UuC6aPcP!c+DcNUQ5_|Kp@9;xt_G5f4r`aJ)(1eh|JHo
za<V=NeUJvXXlOU8+MjD<X*gjI)o+>MypWD|w@I2o4_P|s*l(TXDi?*@UNk37WAhCT
zH=Xu`d>nC7!GiF`)Q{#UZp`MXQpUYOyp!xaB(2e_tIe%pYXAQ8eS=!%c8RWgOSx?3
zY;+9Uf&yuepl7BgIG{AxvOP(uvA(zI+0%Onxs;)4|JU~tK*<a9v&FiInx>yT8%35?
z7I=3n@Y8|WpVv|gVrPLXTlWfk4~0f6n!CwR*C8O&78TN5km>AQ^YFH%yZFgw`Cidf
zkW~Y$Xz$p2AFW3*FldTRY|>qZfh3X$Nu@Ud8lb*u>|u+Ee2%6w81|6;@8(T*F4Ioe
z%=b2UV|ag?*lnIzf2lgT!9P&ob1xCC<@K8>Le*_PYC{cwQ)JWsaQiPI*i!MNUlQ!s
zi3aM)xEwA-1+q^uq*zj0OOw<x;R#O&UD9eLSW(=)at%!L4-270OwUE*jq)d$M=wT?
z>48T2T14q!=pS{L=g9lHhfqjF6wW#OYfIbuzj$tqc5xodSzv~ad2K_ldRgl29$|+#
zE%!J(b}>$Aw|r6^eMeGLA)2*F0|j~vr)Cs1{<xoXhU!DKwZAd{MBL|9d-#_5N)@u;
z2>la3UwwW)?WU8HhR;=dtdIsp<4{JtA_;`o-kW{NArhgEfdu)K=$BkSpXRLc<4cd>
z0m?=Z3>5<xUku+fE_`x9LvBS=dN%>#;k~>tqzNR#1G#JBTshRp_!vs2%HO&d>k1Lq
zpK!80S(QI5Mqd3BwhLK!?I%OBiL1wvhtS|UTrR_V3`wR6bV^Peb0_-)g47yfj6j!=
zXe<r_Cj4xTeup1#gfC=2?T*x#mOXR^aaR$@UCU(a`4d?Qf)zz~#7DT5nKa-Sd40H4
z+vmE2GH0%^>orIgWov%Fvm1-F;H0~-&^tvaH&R$_+UL|&h|7;ba+mhhPnoq9$v2%C
z&3fLd%&3msu`hrlzlxH&UV#UEoFEs(is%Eaj9T#Zi0~P>tMkD#JvgmOYXO&cH;K(R
zjc*xAw8zETeX(>a8VJ<`*Do7C7bI<KvZYXZ7wwIdJnG!I*uLsux5Lg%#Kq>kmN-Ck
zO2D&c%89{}fg)aXFzPgOPUO5*j#5zAb4Oh!qFUIZz#g~)pCI8IXsWQM4l0gnK8Q53
zf}cF|el8DERo(P^nzLm|eU|YiDf=f`052uf<)d9z5hUyqESy+Vu97R4Z|bXTS#-CJ
z7WJfMw0l)u90tGAWM}P6d1Q8r!-`n)Q+)uJe`+kRO4ikPts-uQG+0mDB4nhKj85-Z
z2Vu|j@(0O5F`-WKNQ2)IEvQZm20=-{DMt$ksS3$A%v;Hhugu2gXr%>jE*@dG(oXr+
zQ8poFE{<}CGp*a|MrKZ7T}5N4j#%;e?S{_AkmyFkPwKeLT9lPjLu-W7=W-6dPt{tW
zXy~5_!vbQ=Uz>FOzYM0^(hg9!Rv}^>)3aY&V*Hpjk7<a1vrrBCazUu2(s=pBj(ZpC
z=X^X+)%-hyjTqb?RO845>XnzSwimjB^$a-L64Nbf!nOfJh%l(M^9KtLh-4ofD1i17
z2wt#iEwO|3-}|V2u07GeyD)dHdf%N^9dit&FYz1KSL3+V-4|0GnslcGYB6%;0{jRX
zsA3CvZzfjm-U>-0KruveqbwR$`jvR1v2o_n4cdu6D539A^%-Ar0zFZk5k4Tw=0~rl
z!9`x1c#Sy6qX2!puv(jeMC!RgL4#9dX)-4?zjCAaJ;LlqX97T}KC$CRY8c8K^>;Xg
zU-})iQg|=OH0A^45MM*7+nGAYJn_mnOK`-$wY>QP7zg-}Kxkg)&13F}7I9pERW$-P
zVKx3{Xe?9R9z3p<oS^4ezy=?ICHvhXZ<?1*fn-6{{B3>VmKC|%syW^<gI!}`KGif1
zI2(lK<y^-$Q9O^UP|84myMR{6_BiODUT-RiFm~;92b|@Mzejq7a>88pU8nu+4O01@
zZ<>Z_8stR+ienS_c*k!MWv=bxAl-^5*9`DTZkbIY_Nx7!85Dq2{KqGXJRUZrRq$<D
zaWM!&L7>^XrYVV&*o90e)(v~5+0r|v%ZY6sQOD{V*9yr;!lr!HdE06vZBgjq^snMI
zQ<5o50%$QI?RDLjcovLX5wZ{@$Ly>jTP@HCX-(D_sJxJ_)HPn^B7Onz1Fv10rlz>b
z*oJ#{32AVVZE><+Ul^cP(pv*Y85aQie)>`SJ69?`1q8`yDdWinP)6MN^WQ(arOTnS
zufMW;#^GPxDo%d#Qo@g&DQu6M^|Dwr^{N>e;zdj-A8A?v;ZmA3!1TvEXBuv9CUOJU
z7&b1DMdp9x8WPH0o_8s1Tmvf{{R{VkWTv*Sgt<*(CRl3mwot5<*e=k5XQ6D2M_q!=
zpaS-jiYUhS1*13mQg4OnbrcZh3cfggnisRS;sx%BIQE}82X!?1D)}zWX4nP8DFiK>
zDO^1V9GMhU`~e?aDWviyjTI`eK>7mEx{n|~-3{xDAi)VwJ_bfV=jFWUPDd-hb0AZ>
zZv1F{!jPYCeVk4pz&QQKKk81Vf(50}0vc{xW^x1Nm|1>#54S=nar!amWS##INP0oE
znr`eqF-e1mxVPDcrvfnfwMnfAdDn$@;lH|OhvAo2Hek3Wq4w?nPU$dL)Iu{4GC6~S
zZG(spW&_aulSkCLeLn7WY%8keEEPOz0!wB$<eCZ?ht%`<`X<8T-tgK*Pnt1mL^cEz
zK9PG?)4ai5j$H&ht+61Yx4n#2YeH4RcBt>je(z5fr)oOmSVY71a;3ZE0s?gEWUtxL
z+u)&c9vSmd`V>ZK6e*M960$3U7g|A8@1ZF@XYr&<VhJwLZnJ~1#}bK{Ux@#@ScpyT
z+5`((Oh+#|PDQL*&2rQ#^^4c8nqlQDkui)1Qzw?nhm-bFYJxjiC2s2j@nB=<7dr~4
zd+5>m)vZMZgdf9kO>+=u6!uFzTyax?W3AzaDf?2I&TV%bH9cJ7X68GXnC>7hGjEN0
z*A`E-3j2k}oam6k?ctuD?e(qHSbjIJdC-E%;p-x<i3CiZZOxWP@RE`7GLZnCjs1FY
z;#D&Z+-H>Sh#M86oI7$ZF@((7fHqaH>Fg#<$512vK=MNDJklzq^&E3*ap=EjE)rR`
zE9xz)n^eNeUO^t451bJfBSBCj0}yUYjCA2Zd`s@&?AOE}oR*!^<U+@bo=u-l=S#KJ
zi+1;OZpKAjFP9gyV#@@)wYMSd#&snY_{e3`BBktQsjeke_@={)Ju{7ZuI<qaM4eVr
zbV-gWjGIeGFz0_#vHj3XRibP>#?djd?7uhD8?`3`oLRg|SZGN74?PgvkO^}WC5J}}
zK6Ocf^#bA8-YC*Xo{0_i3)B5X)(u^>t|kOV0V60K`MW6LX<A%Yy!3Zbd5>zyqG4h?
z2wDjeIk`P^tddxZP#`vA)kXX3YOKXqP4kQ-IHWg+O{7*^=0@V-V%=7z#3N;%fy$-P
zRI(hyjC?QprM_CxQwe%y92MM&wjG4ww6rBh3?-|UtZc+2mODYz@5QmUUJTV)y3PX7
zd9B3mb{~X?CI5?on#I_8RK>MK)ItV7>xU<Mb-PJ%MHoYu(lMWJ)4Gh(8kfE+bJWdA
zORY^KSEyY@xNa*=1U68iFyanNO|mZ|>8V*5YfH{y<9xuRg7rVV(x|pNB@-I8!18Te
z(ho}J84C+K`qj<L?RQDcC)S5wj4atA!np-Q-s?}s2LQ1x=5y1>H4!rVcH<uwK-(mM
z`Ve0ft%;A!N`sHjbxTf@5F^@llyf}9zlDXB6D2PlpNOJFgG~W>y}^$on~TiLL}-QN
znP)UZa#Q{3E0By-WHcKShid#)*w7ntR6Vk|F9P8+W_2;o1VNAK_A=uzVTqtAC&S~&
z{@G8TRGDFYlhANBiUonOwoL5mOtzYF!!q>A??-c4gVlJ!&N=O3`%eV%3&VCL7JFr;
zl;Y#loD}=5lrix1BG!_!W7FYf!upy>RXOET5679mJwV-*?D8#kvz{s9_IU%$KGLrk
z>PS3hNT@^7PbKO&3WrdO3(P5PNu<8Uj$H8aaJSv}_xYbyR@qb<6!bs-D?Ab0r2v=w
z%s?+sP^5VGR`ktB-tgX}=N|fzcsUOz`k5Uq41X`Na4f^f5H-8Aw1wij)KyB0=BA<+
zP<q}g<OMzOZ#}|;aLruZc8EyXXr}WB)9q>u-uHLfjCPYVT89SQJ39`xyM&1liEpI6
zcTGUa2C?7!3jv(BmtP9=JVeDt8rQ$U?`fD!nKH@gbLr%xHuaYG(d5sHD5KQYky~Db
zwoaxf_N!7qWd~hD`DS^7d=siH`;tJly;!Z<F%Sfwdc8*N)-f6VSG8^WOfod>;=N^;
z$CepL4eP+pRUJ<5Kmn#{@%MrPG)sW^Dpn!>b2Xobu$|xh1yn{(A1i19`jX;>=w6PK
zm?&i$It(Qu*Bynqc4=<s0*69&kH5(MpWO*hzkubRvp_xPfWx)r@a5C=u|iU@fdBk4
z4?t79*!asMIXv31V*3YL{bnX^XnUBqQ*vYD6>&1Q;68IJxsJ*XqI&$$s?y`rT28hb
zb%?_01(8YTXd&@tq>C3dC@`z!H&t{bIuG@Jzngh?ltB5hj#}rb^Ckr^Eriii8f$V@
zq1}^z(b)dWxr@`5*u^T8lz}`-jlhh*q6giWvm~q3(z$4yEVcib7^kz)Qw_PDb(d&4
zmI0P<-!o)Gc2NM17^uOx6=x~VNXf^#*wLGo?X>#RUK!G?ns2O2T-`yzf{NX-*_~9a
zDVn|;MD|0ozO+}W_mOjzsedYT6b`=no$3AjQ?CrCTYLuro`F?S%tF2%q~QYs2!kO;
z@H@Df%ONb?7|&3lk2g#a{5oO_$6~UVhBLOe76A<t-CcNy7R*L$^#p}6tW;c>*d$z*
z1z|(-bgzAUz3XB!f#-ki%Axk)cHAwENau5cMf>n^7n=%~6^9u#^3Xq)3oW7<*5@jI
zyOSB4q&5HLx-J{M!07UFf~f5H2b%DB;+u^}-P$B2U1PHsU@z(Fjr#dt_wx1*TH5F<
zpv|5`?s{A)o?w)L>e$K{zBj{h?cZ6lP@}8bDvymWSxG^jLSM&B8U@I=^!8GUnM=7H
zRfp}*u#bGQpA-<$x6v*5CO!Pat48vRktTag#^r+!2e4BwA1sU%RBL9F0J35Nn=`1k
za;LY%>2eeX1uOq?+0{1fg4FF8w1mL8+X3wYJWXluHBRQN=^~T(d9jluhWFVW)X!c>
z><dwTOL}ZNEW3k%5~wr2TBhb9Gxb~v*SZxBKH>?~9RmWZmSlzJj?+j4yEx<C+(6Js
z^=^gj?kE2sTe9y8*Yo={Xv$8OWnyM?V|z>BtA_Gxc|VoYt+<-mm=w%vxPLvRKuk{}
zmnVPasZ96brrqiW%eVnHA)w!wt5zjGd%B0u3Hgi=jc~4<hrns1hq?J)_b9`RVyakI
z+;*E$mzh851}Qc$U*pfcMgy?WB^<r}MdyYM3kuOZ{Y*-*&<P13Xv+vp?@CB}>1_k+
zoa8r$7V1E41NPVyE*Wo_iY?>RXhVKDVu7s;mF)_Z0bK{7NPI*Y(bB!!(WkPfI;Zhg
zI+Lvqm8ag_b}f9HBfpl}Vmr_%uzBvWGx62?=QTj5XnR_ACGW1!1srxH<V0iQp%Pw%
zb>>8Mni}K?xLE|brso3t$O#jM^3QZ~Mk2+H%fx%&zdu!`;r!^`*T|8P6S1ZKKhrgG
zClS5Cvh=<Bx7b>Y#2c5Q{ZE)u5iC)&OKiVFT$EsfX#R^fxE-bU--g(KgxJtq^Em&6
z{v4q~Lw84_k)=L*tdwDKXIv_!ElX~paVrvml*P4pti1vmct5Z)XQ4zHw6ess=od6a
z3mX{wNO0DHD@z3PY+w{bQ1fCD>|BH&$mrSoGbV$EP$Ite9L0h|`Xau#T3>X&s@{9B
z<|np4X|2B6Qogv5;=cxqN57N}kQH$|wUAzycYbC4rOfxj!E<IoJRFG_=?Al2V>=Ib
z&Q58l6#+myXcp4;Wybu_6*A+~TwYyNv6RtU7G)&#d`mlOw?AVr)R_RHsEz+BLknx1
zyD$JKo6_0x2P^{pwJCIx>#}6%`b$GCOVhH@o>?E9f}{*MYkq_KqKh?n%@;Vc<xh<`
zA&bW5V}G|O{$BRc{O}V2G*82A##2yEE(y+V#yx|gBcC6?*RdEJdP?vx^oz%JMo689
zP(<lw4I&`99-pV)#(^t!CB;;4d9VH)TX3VYW(EvU0<84mT{hxz1CvM_(Tgm;79+4Z
zq~wX|poj^K2EV;JR*U8(8O41wOlxvuAkz;r9@NM7|LYpda;>Zpj>ASH0n^=&K-sx_
zd<XzFU=dKn7q;gO0H3-T&3{K*>6~-#;EX}W{PFDU^sP}zel#z}QcGXxfg+=;j88tl
zet~~m=tx#xr&YID5eD3q;e-u-MWk}x7XQ}5q%uyZ)1<;d3K_vi+X##ZADQz;*qFS!
zvX5KU9kqwWO-KS02b4LF=ogOZ%Bt7j>1=@}p!d0cLj7B!pF3_53i2t-yg=aiG0tu1
zU+(2DFXqnNFtAQ^-!U^w;!;@Vn`iPO>rU*Tvtvqh#|f)SQKNgH4u~wnNL3(KV%hoD
z?IK*|4^yuv_}>mgGlM4SvosDHow~$6<@l7Q9it<l-k_cLPDRSaAF*CXsDdS`Bpe46
zS?G2^^X><Fj`F^%`=IUoTEEiNuJoM8@UY{L<;WbV<fZ!jSt%dsqarAGmxnBf`#WNy
zzxGy-BpD%!^3R(d4zARqicr#O*}OgMX%bkzaj<+D^<!lk>bFc9((12zgIBl4R4uT>
z`Ni3B`Zc-}@`-VNj+Hd|KE5>(s-W(Zm05cdZa3L?rUU3=v(tmopAA}FW^^<Aw2UVp
z<vE_y#ovO6T~znFNwAPem4X(A-(c=07!aUYV<Sy=D9nRI8}P|g)jg`aAM(GC9IsoT
z)6w%e#picaXlG=I1vM`+@2za761r3VoU#lf=?Qd{MQD=|rEEgAl~!S*5(j~Sdyn?X
zR&io}zM*roT~Q3_3s2c``g){9?}tVI{<f?dtC;=Y5v2k+YCbN6rpHg^M{>Qs<B{f3
zw1TxzQ!}{5^Si`FqoxEtu>ii(Un_^Oj_o#|)`Lnn1@2b@oDDXbzZ?glV#X9iVnV%Z
za!1SZ8T>&GG7U8~IWQ=#5fpnCGV2QNqdIsKRMWhY3-dct)ck3Y;H_F0d!O5DaD()G
zJ#aWLT^e5X+*y&=scnRJwzHldThqIYTgX+iWoN-oDg1RL?C^F}lIRl=h;7`I8uqI^
zX^NM0M?NyT7XMCvK7pfjt~jQF!sHi4k$hyoIZ#UsUhP?qC3{^S8I;w+ZNixe`JEbY
zRAJ#5wT8jKhtDQ2zjpe3@Gw<1UHy3zpsI*@t1rOV=9+^mV!(n5Ts~({9KG(88FMcC
zrZc@AtSb=Kew;Vl*n}?+V!8-!EGF=%b3P@lG(VtlJM=N6p=TGjvUIxbBE|hW%57Mv
zq<8rz4P;5XvMlaw1X)(!Zw~}h%MrYqo&cTaR0z^mpQr6%yAzYLD;GF!vWwnp)l~*O
z6U@FEs72>vFKoh^ZPe0fjf{)dR;%I|*9QxhGGC8&5k4bZZK-x(T)wz~1xltcR3XyG
zM}qJNanEc<(gVxO4lBp)zCZs1e@aE@1hPUt2XEC!?JSI-O;wUgmOuC^?9<~#bV$n+
z1MD$xT(hC<mK=G}U|WTfg#e&B2;+)NXf%}%##JwHhza^vBjSOp^n1B+Uhg8u#UBsq
z7XduyIDu}NR-kPQ3x<q^A3z_G#0idx;q5j$`Uz3!zK~mnN!^;5$?{#FrTGsbxu&A=
ze{mvDCN^`R+@Jj=BmcfVUih0XaXn%{Zq<$)!Rq?NTdBpvGo-cpP?sbqdj660i*x^w
zI99gL%y#Lmd(KEb5T6IyLDMwZ!w^fxbsAKxR-jjW#n~)L3N1o;Q&(1sjgab%@;s4U
z4B@ttkXu4XT3aAq`(%N!=%1Y$utAOZx+BIoU9<o>V@4K1%uq(@9T$@*aBKs9X@}&4
zn?|#JQ>gu$v5MSC1Gaj|(~@=xw*!{7shhPOX6Pxksryd34FMihL<ez1QrrBfVG2W^
zaF*8U-%LaxuE#6rT57oV5$PX9NOk2RqgB6vLfPQd^SGx6BDye46Um$T$l^9P_I`?S
zEDTVv-1ysA3p*ih+LS*G_=Ggs(J;j&kuFu6>h4T2<H#0TfR-aHT{_I>@Fz;QHjVgt
z7>F6|BrmGO{$gJ(A#DA{y(vXd4)+BKv;P4{JFbqn5NNDo<$HG3!0iwYow}4HQc99d
zB67c(Vw5;<^;}UdLv{3_X*>xr3pj4i?}1|1pBmq1yGyA@vKSg0S6>Ja)fOiJAJ7Uw
z#X$s!=XTQtHO}!JRhB;u(iywB(&C?0^RPW%Avqh*jiWomGJj7#xALAv&~BxAk~(+9
zF53dzw5VA-4Y8x~a_(Ou*;s`xag0?T&Wfzg_T5JDm<4obkHosIUre)$s76XWjzJiq
zwV8-15z)*3qC?9M1lC^mS7#q5wqHHX$Li0=iGemOMUQ?zll)gs$G`j%J*Dp-kfVyk
zg2u7b#x+H`zB#a<H%K|-aoR$~B8!_?@1tbY!(!3hSm$Frn&2kcs=nvipp|h&ut(o9
z$?6`$1cp?n*8dmon*yuX>&hc5i4D46hu&_6n|Ib|JU8@aL*tQ}KwF2Fck#(45ehwB
zD)FN9u*t#7L)GNi{nV-KAu87S(Orlszob;nMTJru*r#(n+OyuX#KrJNrzqY;>-M`i
zM7rz|Id5qsC%uw4QVLUglDQ%)Bwn*%!Cm7}`Zi<4w`MdD@&m#CBRw{#0025Voe?C$
zW)}HRB+*G#$m~rC)7?sZk-g2{v&tr;%=!oC$50cW*0xWZP9P)i+^H66bzfeB(hSVY
z32T9y-=4uW?4V_r9_OKE_w(&~=F_*lG`|94KsvII_+P%G9g$G=E2(L*1d*D^dDVTG
ziGl<$Z`rpAXc2P?xes={VnR?Gw4bx}*^S#M78sj9V_fk^Ge&<FY9CP>4j*!T_9r`V
zU>U21!%HSI-b>4iG*Lnnjy^w?kGzy!*T*TZpQt$%QfqE9_5LQiHn{IUE`0nG-ZY;|
zb;n*BS!m+!Xt!ZbM4~ekIsGqI=qT@H103OyKbVnb{!2lL?T5>}od<f3UQ@i#$SOZr
z$aG3%x~nL%a84>_V&X^znC^_Z8oYMa5hg=kRbhs2j4s`t&@t$HRHr1`oi5&%uh8qe
z{FkC}>)$f_YPqZQo1(>cv`!;yY2e~cpRA<fLI!R~IPTjb3T7Vf8$N8COA+^R&%kyb
z{>_tDTae`+c%8{Q8B7qe{bzJV&(S=0Duf%Xeb{)A$*?YP@-3Hx%D5sH(#KyUz;(5a
z9<gqLSUcGvum|66?mOkTD~MG{6j1KwE5e>DQeLN8@Z+;Wn_FYxp%4?n<o@X5D3=FS
zzV2NUZC?FCnn@AU+-e$|zD2N9MhF5Swg{f<Eu9M1<A>Zs?<z>Bu7rNo^GdK#vMZX3
zPM#$)kQ#tl&&I4Vyg3W7A@Hh;6P8PP^e777SmBnRS2F=`(?ZGW@?|=uA-}%~<}q_*
zW4XS1ydLj=3bsvh?e8pZo4tcyFMff;O?GGe;6!Zw-|{0ukTj@y#kg=GVkN|!`I=i}
zhYMUo+<J5Hf*?B!1_0c2$yK40^h$u<N`u%9h_|C<h|XDYiAR=7tfy^sVuLLPYZyzX
zwsx0gVxYn-ApB!eWuW!k(HyHS!hy2{df9rlO*+U>qvmfKqD~?82mwlaKy4rJ%-EhE
z)wyg7Pu9cg?|@-WYfakrCL;r4Yh$N)HVk82lrJG<3#h1>W5XAP<eT()#!%vWTs?ox
z%H<O7zZ#Y+b(9LFrYFD=Q1p=CJM*<1Y7XQ^3;`+bi8C_C4^x@xP!I4fIv+*02D=Z^
zg^ZtzHF>oyfKY;-KPK8z*+oW$SbirAuZq62Ha$4;yF{jR!BqRJoK?NgeZ_L;%<{;8
zZa>ezf@&%|^{@z*d06vph5i6f&|Mt8_kUsA6bG`Lz^XhMbg#0P*QaHw|APQ7acSnG
z3wb#vIk0cQOC8zE*&a^*k*|?QI`q=&6=y+<U{X8?$v8@$=!#5rW<}E5w|q>=Lggs{
zjQo<5_p?@boKmotlmF(zb<s@34^<|%MSq8g4Z_=jUF(XNDpo<;i1+MsXlZ&34ch(u
ztX62aUNj!T1r{<juS9pQLcJMjFr6BW5G{=wR2K|c&$rsaJLf~&{2ElP41;v?7N<kx
z6#4S-^mOw3&>htXWt3!pWCDTAcPO<n@e?{T1PQW?v1$iOjVQ2RHXmqvNui#BUF!v<
zAhItL0@k0+g7b{_Qfr}~gQst18Z~aD3|vWqvA7ky<9>2UYZ^ZZ78N2>zUSXH<Z0he
zM(E&H8zeCyvs<g6;%_ibrlEC>Ng1~Gi4u%A<ZEvsm*LP0s2|C_KxSWMKQ&G#QXCx%
z@{PuH)|P*aic&tc-(3D|W5KpGYtdVd0sRK#Gin|%#rB_nzXj7vTvf-yz50vQ2Q6*O
zzv(yqwC__(Y{3VbFEsUMBUta8zKp=(sGl`nqJRl~R*m_b3s^cm{z@PFalpWPA^{iU
zuP$G3($HTd$t=b9hJDh8Pv<O5w6Jltf2%BzD|P=;H;{`kb$GCRAS<?-o}(%c1ksuJ
zB>|bRZKmhQ9@64G+w(AskGwu;8?AzBJMqbw)E|jGqUL$H;dQu6f0eaRN|P-l8#dB;
z5Z)$8M_ssBZ<!<Np)z_RY!*v<Q})cGP}!-j0Kv7Nk}(>;ibDQ_Ls`w#+lpnQvyOYZ
z{+zs0F7!PC%<_<{TMU-uz_}1$f<%IZTcb+T@CI{8a+>Gn%9x$njSxT1wZ^*GQ-vM%
zEHIEJ*Z@S4`s_enmzKyVy33i%-`pu<nE?O_z)0odEPSwjeAJ~5qr5%5>;`2S=W)ZX
z(_UJ&(H)%oZUDpB7pn?FbV5Om^%in-rp)h~`mJQ|Vw&5$K#`TMW7aKGP$&$3A#V=|
zU?|I6^|rEHI#zIe@MQD?j?c97M6uYa`l#nDc0N}R>EShK@~sp?HEuq}J8yK3)_0Ys
z2A8NiG9(@4;L%`UiP1oC9rXW(VQip6+T~>(4;Y7-kyZk7sA?3Q|5hR<2$<D$`TLO}
zAAw@a(57e}a$t0os8;6<Dpz=0V5`7_YlP9iIk@vs<D6zLOFP90{&EvmutLpRP$-T0
zIGo9tQuDpsJ`i5}CAz{%)rR7@$gH}_;COj|@%(u>;5`nP1r<gSB5i$v%)0>A28p8w
zZ6mISu%cgaQq&XTKw})6Lo2DvHaR{g<JB}uN7%#gB;pzv2}*R3z9>ukPb9iJF=nz<
zpghu=haNJEM)94*ez1C{(L$zFM`=FFQcX`!(3D7LdO6O+ufr2nQb&>nE7|vu*gQ=V
zF*A)(${ex3FVLE_Y0X(_UM9tDhL=H52slMsIy*9kl73V@J7nKde^?4)3g314<57&c
z&XDqk+l$8WK%+~7#$$E*@-g6XsPHyx0tbrZf)NuYz?PP*slXT~Ya<L(>WlSQ)u#ki
z>lzB-BcFsD-2E=4(?X6wf@*+KH|1NFmRL^5FI5~p5e<|5)fF5^SdS2}Xd+<IUM0Yi
zfxwb|;G58$uC=Xtx#b~wFv>n-yLe0NHQ_+%xtI8ZR8tY|B^qbLvFu2`S;)Tk97jlT
z-~ya6qawk6<UIQZ3&AHLpuJQ)A?~mE*RGgFiWykH-yHs=U{qrW!Km_rQ6-RxxJb7A
zyg(Db@DgB>$6?<{&$C(aRm>4>^EpFtGZ;#BvZ*{AF*sU#$z0hNzic^sn<3qPe;sSH
z23=#(^=PA@9i%^<brC&fH(;VYc;u_;Ls`4wPR%oxZXl@M4mCRmPqSW@;?*KFOl_KL
zM=w`@wMK4C(x)KlCZirnxN>!fQI$OGXv1IO>9&&Q<^Fg0p_;vei(*N_WfLw3Q4p79
zGg_c})x2Dw_${bYr{D`uQQTvWDvKSq0yM-L<jpRS{{3y`uJiv~LPz9xn8%pJR^$_T
z`GR<I=}F|X&a@x6eW7{3Imqb1Qb)0ILYZQWN<A5Tlef>3$}9Q;MX_yDDE94wbEtfx
zfx1L4hpn=A6gA?ZoVljwma|tAfPhiVsoT{F*6%=W+>y+HA#%XT*&+Do{z?EvT`nuh
z+s}&7q_!R5wM<`^W@c~POX~=<eCI{<|FEcG{IOr>Io0g9))U-sbu&dAeRG1^exD8<
zuy(c(=>7ESh8)R*79>86Y~Q4YuM=%mcdyuxHqn(MJ*iO1CN-Yhm^#IM>wp|70v#ki
z9=mlGM47d9c3<HA#81!NxO@Tv<g`OW@$cQ^QjMIf2Num<<K7=ZGLEJLF=?dG+nAUK
zpx~2{QeZmG#Bh^<eThZzaLsur|6N-_Fv_mp7&sBs1{%A4;TGkiLmR|l+S>uv22lrT
zCg&A?9twOeem4$+_xUfg%J%v0VDp3UAVV<yq82C~<V~+s;k0FwyJi83yW)cPWzCda
zF?3n%BJ|@w?$3p6e_r8mjo&wv1P;j?1DF)e{s5$~8yN29Clxq!wvb+VI#GbvR-z=}
z84&sr><55n5Soh!B!e+6z4V6B4PJYNX{R0D{pY;?c&z%qT}p<jda-JsZ`%m`Myc$u
zPY(~PZapZSGg2r%4Pp`}&;BN284@mT({`730L*IW+%-;0wMj<4Mt|X^=*<m)Cj*Q)
z?%RYzc>Vn#1Ts+g8`I1gebr-Vw?02C&lnYBrrATlrzvD@otF4g`E>j0?HCP+a0QQi
zKZ)|>d8+vj3E+)3jL;_%_FSf`cN`c%j#HE;WY3@K^9D}`?*DaGMC^QYwg&|qU4Vo#
zVh?C1#q)Dzg=z5z9>_wx`s~gIrgQqq`PqZ`u5pVFxrqa~iF{)iAZDW@1mGb}NS%pJ
zt)b*sOCd<XDtlZQ?OAl12#|i&=Kps>JvBrN@}FJ#O+4vsxJ;b^)yEI}ZCK%F4u3T8
zJ_h8%`sCq(Hfzo`0?_W+RW`AUnz00&5cLDV8LH4$O&SGOhY^`L&P3uJs(s=r!Aw|U
zqq{|uhOCD+hA7WU9$VYF@lUjXk*i)CAPBrP0#3GDxyFYPdxw5uXzwW!(Hp3O6@UDh
zFYGH>J{gnsqzDl|e844TSt2+GL)}e1-@K8hzq5iAtf>8XcM(SKg9}=OxIhZ$g@=LC
zNE24`!QxFiYbUk8x(vwMbUk7EDpI{*D72l!5`+?7P3lpU(Pf<GDlSJy{5w;2_a!ex
z6cIJMMf@Ft4?3SMcWZVdSW_I}4ii-rh=ny&F~I?{#oRuK+d3=D<w`+T6$acQ>e@OP
zCjdy^3^%3Vnms2q;Cnd6N*oLb)*>M3V^#~Ftff`FX~i8jn3@cagUoxG@=fjsPcE(x
zhlhHiV!*{qTS~`s5)in~kumG<a--3$QVS`=YJ)PsVo!VtI^KTm4(JvVA|BtF31UZ%
z$W3jrr-#?0oJu!&I1H$9bJ%hpZCA$&Ee0`7vbe3jvE}<O*g>s5Ej$FcBUR*fvIR8o
zm{TC`=Nn>!oA~O8687!Ph_c1iC*s5zPJ+v2E#PpR7K(gnIS>Ze^z5vV)R1^@_9y)P
zHoR#uZuwdS(|-T0w;aw~dGb<gt_s<Qk?mfnBHwDXtspaMO(O7{dwH(1Dt0TzrcZ4?
zfkp!<ERrQ_5x)2ZupR2Zq8{8mBv6i_LyvFSh16Tkk?$-!@Fg$I2{lpcT8?^J*#7t~
zx~P}to#m`kVVf=mz{W)&TYS@648?us$b%_5x6q=-;}F-PUlr3L=CaAHz=Y-%$xQ*-
zEOnxPee_fvETg4Ae?5M6g?as?t8WT}+r|T-bT=3<Yi0|*hudp)DCtyM^KDirp>sRd
z!UfXMX}@$)7WMeDj!c~8raI`|Qs27q2MgzJZij(MU}rcI-ocS$+UBRV`I)=lEMuOg
z6*Av<*7fKpashm3=sP*m{cyj%d$!hUp+T_c{z=*Ywd|WoA2U-6l(iJnEDE#yB}oI3
z?8oeCzixMUO$7XK2`VGT@!uy5o<2Xzb{}wO8BEsfsKPeV-&X<o#H}%EwOvTJ^Yk-{
z6V6=nOGZV{4&$>0KMm{-lvY9=c@&SdlJhKQ3lxad9X*|*vkzECC+VxR4rwOUGSIW1
zd}>$U`v_Sd5j&Acri%n`qSyyZvO$B$#m1Gj6uf>6*vgHgmLIgrdB<wFKv+AzT$TOt
zZ;+r{Pvv>~c|(ibnZ}0d@%&%*71GUsi)AtkPuj+kJ)gtrKM#>47z?80226DSf0<Sk
z&*CgeMO|dnp<EnkVbf$*ERwo68#TJ$zujsw6h_~KTQSiI@mz-xhIi&Ru+{zr;qTuL
z+k<ZZmi+os>%<;>EVY1Z`I2Ri-qMI5+BX8c_&S9N{H5E!4Ud2RgVw`YG2y;!fca1=
zlwoU98}O&%?ozEn4mCm;Se$f}L07ZmD^Y5&<-s#Y-xS-k!aa6v9ZOz%qW^cx@6!nI
z?a!OznIN?kyi_;F>vt+CX}WbmkOe%w&OQz+n6fUJw4LexF4DP1Q4dGklw6X?TMCrM
z0j|;QLk15L&|4iHidN;8_fTDxR$B91n)OeV<_gyAnA?2|VQSbhu-=W1|5T1>GzjAZ
z$U4^8yU!=({wD2sd0uK8+)9jH!Ci>GvWu5Ie?CD^Fd;!0j(d)-9iIn56&kHw1)-wc
zA|k;Ms!o{_Wd8W@nrSbOuTdE6_cUiU70ViC+SeMbr@GTkwiFvwVEHrt39n$XXB>#%
zil^>TpOFxSpI?%6o|mB>_>-rz0yo4fEr$GlbJ-{Zm_*c!QkPa;o$+BaK|1>;amrJc
z^Sg|P->_Q-q1d|Mn&JtBcl2P^_OAbv-*fhlW0d2&c<kQ<oA+*g`=5|)T6nH)&l~DJ
zkZRe62;m^S2`>~-YVIdummEtT3BjlP$%bw)|8=I$ThHsgIZSTCz-K94Gik9cdW)1-
z&;7nK*eqC@8*3Dh-+%-iabC{zuLBnnpG3>{&GJY1COWAs{IWnHVp_$jql=Ev_PmO0
z(5MpQ`rHs6S7G{>g9IyA2#d7d-#53iZGC~ul<cw_N-D!qjvY<f?p+q*U1Prl%-Xo!
zbs~Q`=l-m#qBucEu+?^r)S$h5x$p%i-BfV=xigpbp@`@f2Hd!3?@o*CXY+IL%6GGp
z7O<jwNBnrijPwVI-G`VyOXZGyoLZWL0`XT!)gKMrDKioNo^rSCq0!smDM1BQ7(YOO
z82GXRVQhLHHIJ%OAhmu_gA#Jq)N}l9TRdw%w53?J!b_l$^{j|P%`%t+x3zsX1(zVk
zt5c_krnVgspBEWhUw*ytm|6+O8|qDP>7%a1G)3F4&NqYbHP399U5OxV4|=(*$qR1P
z8HuxH{%hJ_`E%^Al+MPap~?@oAoJ{K#S+s*t-?=?KpT|2Hp@{;pfAd9I1avBc`VZ9
z8+087VKLUE=t*4t5yQzfZ*YaO)Zx9*!)$<TLt@$QnO!-PtySRe`mP!$v+<i|!&CE#
zk<PJ%!#3zHb0Us{lKTpocN+Y9k?29j{Q2r4xPyRHSZ@Z@8k)RI5T!~cwJZ?%z+Hh)
zHG%C9NfPqBL;WLRzcu!uD=YVwb+SEZA(KMTUbZ)-@WkK$WRi{SfINJeTm9Bnk->SB
z7)0xOlEj;K672VM@Q`gwTY2&9{C4-c5GPZ$I0Y&XAr&}X{ngai+j=qsLuQgXQvv7w
zq$pFVYPfg)xtWb0Y0IwwI`E|(b8A#$Lv!Gu`c$#!SLjZnpu^0;V^I(+OGBMcE7l|X
zIzVK780U=)4DiWAsX?&pwUb?Sy%+?qMK*6wl;ZZC{+5-BYFLhjfOUzhD}DD*M{;P>
z3XrCjysy?W2rq+}h~G)nk@~kn)2YiWY=}qY)-cCD|MC8o8@eLfpOe6>^ssatZK+Xq
zvSu`2);K%{R#S1!U$~Z9xWgYzoB=3&2$rJC;9ox7Uh@tb=OA*B!;Fvusa`_bmGC2Z
zCX484ka!brt=uz?WrxL+EhIipgfF7jKr>g6$gjE+Sf{7QJdqrQHtVdJ(<UYLRX?<9
z<W-*rtdVxsToEy2jf{v7SAMLTro2bR2zIz^Ib=Wls*F0vrf%YEKe#9#+^VfQFLu*L
zszzI}5_I6%^+rh*)cOG*f>UYb=Awn@ti#eg^5+%_8_~>_OT4BO-5dO3(DWv$1HtjR
z=CrDv579?;AxBO^=iZEhv$PJ|eo9MeOMVQg=c5=PSoLblu5xI35Av33WnvSlJE+%Q
zaLrdP7d>B9F?@8hh^e^+LSvWsr<P~QmX8W(2C{^-4$M@tMG8*D1t1ro_O|3{7_EpQ
zWb2tj5b%|_#rG=P4-TMaz*ql+0>L+FmnQrBEegqtBBC&g@j`dr`suzi@!V#j+rg4o
z6spo_IQ9t6#8drL(DfSa9sq|IZu{xG#+VMNk>+QW7~>({lzT$gMl+mX>qC=-bR@uJ
z>zr;386{WcVU3Akv;%QDk<aXa&{gc~I2RfX-C<ajJ9ehayhfczq|b~XttBgQ`s>Q-
zp^y;n#PJ@C2?Awh-mc}D)LAs>Ykr0&T?ffK>-lQcaRs68C+P{8l$@T%<{9KSaz(MQ
zl&_kOAzB#jC2Q&m@|;3h3oC+F`Qb*x6G<G)1z~48284xJ)4j*wGg-mRr<@DsyxqxL
zdlYOE)cgAQh`Ut3-5di|90*ht#6A|Jw1_;6>~U{7$TTY0w@*F#TZ8*%^w>y<%QGM7
z$MAOtl3^(S0w9qU&N^ElGgn<u0&743L1_8KQuHw}mW{q7h}N<`+RC@(oBw_JcT&Af
z3vS|sNvWdXBLZWT8wyN97I8|q3073|oM5rTlZ2KD;`WgBf<Wchr0VD!=YLzQU6NP@
z!rx?RU#4cNbh%2BaXcymb-dhP9R-dxVZyi_^JG<$E*@IDo&)VJk7EwNpW*w>zho&3
z%8^TtlA8%;eI3~!P)#wjIX(S{1SS3lb9LUb!U&6DGFu4-^8lG%q+{rau2z$O9m$QN
z6Gzk6L_$;mkan4l9IYEzT}uN<q`?xHg{0OKm_5L=b~jc<u{p+%wZJzYDr$&#(f@40
zHRIE?3kBfT2_hn;=vIZiDn-Q5AzG0|f{&dN0^f8Tef~E%CAk@mD-3*Od@Qr9dFssU
z<$PG3W!K^_n%ZK{pE-I+3;Qt;d64zl=W?gK$;}|awJQjHzNsRU)awS)+eBr`W;W$Q
z;gASpq|;jMf!kXQ7ln}a1<lTQ`L?puwQmTb@}{Xa{UnOy=wPRhZZL4Rl>A0G%D-nm
zPOLi~m)IC3(bZvJVEr7i*S+BqRW=WH%<7NZ6$P#-z)CliNrAG@r_xicCw85!#0fS!
zA_*j<Gcx8J>XwB`v~ZJC+N>^1I)v-fD}r$<TF%FXZGB(WURa1%E%cZ|CX04?{P#j2
z<Rr#^+ICN+QI`TITX@u90%<7u4k2$uVG+aFuf&iO%;4vt?N$HF0@XHlbH0OYaBDM=
zf8~Dw1ws10rvQyep%IEa18DSqSllSG)X_&cd7(D`fBEo;kFIq>5U&L`2L_WSRGQgq
z{m$Vd^0hPl+Tq95VvYY%UjWlz0JFb<>zuRowU-9L5d%tV4X76w=`IlehrPFLZd+H<
zMgNLwrfODFWhCM|IlJbb^0J+m+DTR>$y%$<+`2UdlAz5US<;A-9q(U%&<%iuWHlg>
zJ9p;8f2o>TJGRvTNTC~z?x&w-F(8NIFfCXSH4V$HE)Z^OVB@9Y33w?|_FQW~j^nci
zWARd?;E6GMO8m2OyQPEwU(&mWQ&{=uMx7B-tWhC-ZMQI7miq?=7Mp^iJSn%{{yaqM
z(Jy!!ZvSR%H5Qb#%=(fRO0&n1B9THTX!bM|e-=4&1|>C6P?JJIP2A*CB@$jUtf|qM
zd$&s1D6Dt_3X7CIS0%`Cd@4Z+ejaXwgif4JF62`WR|6#>Z@i{bdat%~gEww-Tp<Rd
z-_6e|I{}5*z;5|Fk_=fTahMHT0T1kA^=OQ*mH{=iJ}PhGs>!qtz!6GvJ`)isa)OFX
zf5S%k#LeM%E3L+^#Ip{c{k41%aI)bK>??jN9Ug4IZ{e-C@|wHd2=N-4$-KUNfHFh&
zL7!~j#8Gwl<aiOOZXv-MUZgCp<bQab=Pa>WNVqlD#zVyu@KB`exf)B3<I`A5(2JWS
zB`?2z+1FDKGM`?;PMuX>MAt%>AgM`TfA9`!-5dLY@cj^#VWC`ZfhgL0*uA)t$Jq{&
zSl2zAU;E4Q&GqY-|B#m}xrk~d_2}uPz8!1&lOxNhMbj=7VW#4izO1?8R(WHJL5FM_
zWdX*tC?bVUumRK9i+ti|)W4~C)}vS~Sbwh-wN*z;s6F-UaWLm~C7s{8jHTL#e{sWj
zTE%Rhh^iJ@QYE2qtGx{!izh(GNZE7Mo*c)g_T!o*xt>`n2d0d~!goOX8z*h=fVI{X
z#DTu-6~GPLwPwmbA=QV8bppHXhCdz4q8XqiUS2V%BtO5t1MbfXxqj7BAh@+z?QZW@
zJ7sQ4Q!Bez-L}=U`?0)?36kNKfBx278a*Db6;ES8@`;}nt(Mo+CF?)KI{p2z!7&;U
zo~B++t|>qnq`c&fHHf8WE+SS~6rfIpPi#P0G67IV%ATq4^f(@cCk1_%Ro7FWgnlLm
z&=3-Si*QgtN0!oU)^+YRXe;U#GGO2KgaC3!$t$hJ9%yK}HK26ZNIKnpe-D-M?LGJn
ze7OZ`Y#p$kflr{ldVMQym(uzHH--yFO@9Xt^(BS;>YGeMn)$@fQeU}S7f*i|4Brn^
z+~Ta<)wg16vexjY(GV8$H6>XQLTZ{-JcLrGhBF@Uk~N~Jlcb)<RphSIOKjv>G68u;
z%ATvr)Hv?D^7UxR8;9g+e~~9r9L`$cz2C4uJ`OS8A&1-yL1r-dU5jXJJFrRV+S$M`
zQsM+fn?{jD&ODFHTqGi4K~$A2F2j)VCJkA_b5S)_Gmj$AF=WH9k_qrDQuf@vOO4~-
zyOgB&zDY_xyKfSk*AKwjyWQFQ7pvgp2ImIrFZe=U`1CEaZaa>}e{vfmY9Rb3@_H<F
zLTvak@F-H~ggrkE9_16C0EX<;o%_u5gL)J5Oln}AL@cTy<P+67%QL}Q8U<yR)jW~6
zezy+Vpr>R4=!uj)R|lza{5m*J^2Yt#r-pmTF>ZcTi(QSCJxZ+%`AO3*#NI_s{E)ZQ
zEmjvuU+#9p<?j(fe<U5e_MzSEka=1jDzo=X7*pRH?}1i+QA;0_qkCz?l;k*axO-qt
zz??}R(CJt4Ah+IXqr$j=qfoJ9sDc&JE-d<bTLF)Oh$Ywq2SvP^q@mx-o%%Sg@bwD+
z`1)TK+rM;e{V%uMzr2=rAy~lirz0%L7``M@=mZNgt$7zYe={%3lsC{>H4iHmS53h3
zs3}<#77cIeK#0WM(mJuRMacwg5h;7F#!}<>HFlijjr+NM2PP%jBZY@7^sL!Qt?hLM
z>VPnWqSOUA+V}X3q#8GHU@9U!gz@aDiPf!Mem%>TJeGrbI1khLjLoj4r+}xdJbtx4
z4f9b-K|KrYe@BkT0wvR$iIFo`^DqOxKGwwZ82GyiRz^|HqM}a2ga>hvx~p#z8;O%l
zK;n?H=V}Bsj$b3jN#3}h`{Xl>8smU+M{mzd)6L6_x>s;>`Ss&V1;3LjWLSKLD27UL
z>~w2MPr8u)VqC_5JX$81hL-V(pOY-8@8yr+h95%TfBIOF{Dbl>&-5v&*VELzDT5|q
zkq|=qlu68ZUKOksWgdi?C@W7sA+fPA$pkD6DSNIydY~l^eH<rw<9_Z_3TsIDH~R9`
z=kX28f?@FD{Q;&jhFBP*lFt~9yaQ4`<OXZ`?Glpu$2~?%zyH)F9GIx=V9`%f!T<d7
zQln=Tf4CN|kq>;aLl4&KH?AN8YBE@;nZlHqo6}A)8_oW-9La$#9+3?4k^lUn=bY6$
zyu@}GS_O`luEWwD#P=$+!dmd}Sck3->~?!$<ygxNJP}@P!FIt15b6uDz^)~a+%fPT
zQs@LzG_B{EPuyjS{>Itg)|&M9FkPv=de(B@I=!~`4--HWi&<^L>`<>FimIg6z1Slb
zH}jg6buwq^JeW6iC92S8c5J*+G68Qy%ARX>#*sH&J0!iA;rs&>f2W~`eB$Tj8CB|-
zVRtBT-*$NX@A(CA#W%4gXkTjH_nF=S^}g!7XzC)bSr`fFt(Wnf@gfxR{#utslqQLf
zSun9dM#%(_5h-gR;ony4)naw4S^ygi`NMIgyK;;NoSC)0oe}y<K86!_K#Ki&`Q~}Y
zPb8Xt`zN8e)KK6qe;~86=$`>p^4+&@pI>83+)hz^+Qgo3`Bpsgr`bcO;!+kSNv_Ps
zFTkJs#-YHmFP3onQ@tU`RXPvP@t~h%8tBI-eqNO<R3B-sab_?;r455;O}mlreX$@A
zK;(;n5*Fx9#-KTwB9DR+7KYuDG+nP-Cv5~!G64ZZ%8u1Ze`>tzPhSaD9LpX>3ie6F
z<8!`oh`v{6-$7yOFC7d8OflvUOJFH%I|vC$*Oe~;D4^ZjK9&UMD_VmK<j4l-fP958
z5WGrzq|T69K%MN9ArZwyX2UI3M)*D#hAcy&3I<LqQ0CQgA;sm-%7x~S_{&CP3i{#D
zFw}}QA4C;Ae{cq;4m#hj>;fM7c=B>0pAe>KfdgDKpFYSRR}ci&5%I@6_@#a<U?rAM
zs-F(u&|$1i<09Ive7*e<rvMilfldj&E9rT4iXclKpbrX_B>+?Pv=&J51MH7&1r$Cc
z#Gm}Won~x2(kYpSbn=N$$Yw2jH0kS@nLoj|gy9JVe^4Wg8TC3EUewXNtXNRy(wK?3
zWMxw~EG_3jRz!JO2zP)ywb4!K1auQAJJOhu<B`UUl<*ld*JEGI{*VvgFlVGNTmlAi
zR8S{X0w9&CR&B+1ZFi@t5$w*UFFMoKv>tkE0ANY1t@az}OY}d#RLLP6YXwB!sx)8x
zsDy$Vf45dapA}X#8LoCSTRkrEQU5Z7l3SRseE>w&u<&~z-b1Tf3U3oR^0m0Mp58-V
ztxu-`q<rH4Em}{$4j$%7-efro=1D1U|4GQoj2A2^=S>_(MHWY;TkCBgR5}3&MaquV
zda@tdQ@Lr6efQT6Aupc9_2@?PFRzZZHF)C?fBvwlxT>7LU93u=(3b<v)<SG_Ko60J
zmGv?dc6cLnS)PzaW1~8sZ&n;B&-be22RY*p==R)JmC>Q9bJ()oK(}Xl2;CBP@txxV
zojN=odzDTj<?@M-WYl<&3e5DEcV1Y4d=;kuDuWInES{$UD<a^$<V_3(gplBK>#q$4
ze@iET!ARM$`b&0qbLsCmB-xE?`F~tG+T)R8@3-b+p<8Mwmss}&f%}0RxL3NvI2;md
z$={j!p?~@3Af5k3Mdt_&JHHto{m6d(nuhc8i5vZrcbJZ^QLP|r-@OjAC<uZ%p(NDv
zKyf*ArDD*Qip3nR=vf^zs4h2Tc5WrHf6-d$1hf_@J61_Zo+6i$jHRg}1^@W-@{<Xi
zk!Ktw4BqV@`o1a0vG^eELr2~tm*Vk49#5NF)h<V$h}tQ_i>s7@oYhi@{=k&x7y!Zt
zXQVp8_6{yZfj-1{XGlbeVB*=I%DIJxu=*TT9S<I{i2_ciIveb;yr7e3^lojYe+E$3
zX0_WI<g%uaw(0?4X462SSpgF@P}^?hulc6#kKjJ>XuTH7WgY|CqW7lX984py@`?L<
zV;XL|N4~WG&3GwaJYg-U$CZ|$tg<>}RTKj&Z75jY1hqU;MO5X2H&x|1Qf;JIIsqw0
z%8s=bWcxOkwHV7pMXz3;sLCxSf2@TUEjDy{HtaAaXoUwUob=u7g`BH<*&nk;)iJ=<
zHa)LAd<vcBT?d_<@yBN}8(c1a4z#{+d<%Wh6(4**3=(4j!TX;OOp~hpORu)*x9e#K
z8!!U`mnD3ct)|C;u`Y}?z+ff<Mt|vM^0HqeWMJUb02fpG4rpTbN{02lfBewoP-bHc
z%N6}K`_0BQmMfq5xn4T3l=VzETh(}#HNd=pxjnGq=dxy!FK1qfx(u3>aREJ4im+sP
z8DuP%9(<F`%OI^iM#cu;r4zt+r0iHDLyhM&GGnQ*=+%RfvHTK;siB6jof1`n)*Zhx
zcWdavpsYhPq!*YJWZ=Dne|NAp%Kc)w>OBVSC`hZbVWzm>xC;O8@7G`cKd?Gz!gTQ=
z|Iyy>?t6=;tBBXTEzS!oVA~bLAc5Y%d##|1g}mF9a63unv)lHTm#tj)T426%wUqYn
zeKQ2*F8XxE5EL+tp7w$fz*VBtAM&3VIy?|V2TNK6<mg0is+7Nae{5@Mp%(3ZyH(g-
z!ZwY8BGS9VZ=0q;5q;uk*(UjQA$<w%v))4WsGzeUh~#T&cva2wDrJHf35(M>U`0^X
ztl{%QBw57k(oMjb+7QHa0tAti9cz`S@!o%)K@mA&mdGb?;tNQzKBeifMkMlaSIQ%P
zCfBRzcnv`ibllWPe?)k%J!DWvAFPxdrCH}UFQmU6zg|tl)%nEF(yLm)i)8JZ@w(ms
zj&XU5l(r*az2qy=1VA|h_5c<Ge?SiW0l=9Jl-WQY;MOS{Uzbk6*O9Vgb&49#ty5z$
zcBJ5dv2&;uB|J1uLoQoTBTzB5AK=b?{bdFpP<e6VTqE7&f7fG?j(3i^911laCYMfw
z$@#?3r;0V_(>^|qz}AotuK6?y1{Crvu4>NmESWRlhX#7+x=1`nk&SmtC*a*k*|BOv
zjptSyO3JG?&VGXqjUi!q539D;6)E7(E#!UsKy5Z0fhMZ9(PWnK^`JIwNrVSEsY7+f
z!_?AgFg2g}e}CUuL;}|03c1u7kg2nHp4F^~!h``KvjMZYmC6RJr4s;ar0iIwBB5YT
zr5X!bb3MAr_Bu<x$N~PmYx|UHy^>1QmyN&$3mH;|%xf(c;ud+Ox?Q;xTixMP&5uDY
z=yiSgDZIalA1x5sn2%eLX}eqftJ&ptEAF9$Wtg5re<XhPuv+ZoJ?^nxEM^UF7Z3-7
zWx~bqex-1$%j5GCa}g$C4CssAUVfu64fN#`_s6n(tcSF#42speBflErRDEROJQG2^
zpi~4&EF#Vzv&`Z!4<SS)SU67uLrv>65t$7G%O=3UNZFAlf*kKXKq{9<&%tZgBRKDX
zq}Uq`e>Qd`l}Xv58pMnOYIzH%ut^TBcH0sWswV!UTadQ;Aum+<w1T0xOZC~R$BAk*
z=Z$pSUjGTSwPqN(>$WP;^P*KqRJ##_iH1u9w0(J8kI9E}=`p<ryn38XgK_!9&!{C;
zWdIg>>onJxeD*r$*lLYIuQec^l&5%*W(+uJe}RIwDpEK3NM>WUvI&?iQg*D0Qsa44
zlzarYic(@$83<kZK}sL1=zz!nQ<Qtv9=!_RK?Cj~0IDI_$A&=wNH^p1|DgA;*mPJp
z`s1lj5<kjGRB?&?P<IDVOdS9Qa#=ur1N)_pTOXN1g?nMC*KM~}y&aTEP!ZkjUAw6n
ze<ZMmuE)f|O}-$f!jH#%Wz#TUK5?V);E(mFlzLTlufP8O`SWjIzWwLbZ=b&1eERmf
zYhOoE8Wu^B%+ptQ+xrEf;M7z_z|%y;b5@FC4qX-_Ry0|}nn=`Tlh;)gdd^@Q)Rj#D
zb&;}T6`X`ixfPsz1h;}an=I~?c)i)If0o<p6;L&x_LDFca!l)NhOuTan9_SF-7>XW
zSpT3<n;M{ES9KkOrC<TIKBx7uZ5`LxXKgRfLTTd|CNTQz_iN)cgqTnK{NvXy_%aoF
z)X7Udwu#p=h)zL+vP`<kY099-p=n;`R!kd6mQ4VXk+NeIlN!&XnB*h471K%lf8|z8
z$B9gh`i*~=x7PZBFSo!ruxjYDxL4G^(UGOij~1H4ZaH+I@W)PWrT0h(J(PeBbd|FY
ztLnSF?>`<t_pz3$5`Zx={y5(5u~g%54U_>Gg9)Rznco0R!-V<7e_9RbS=VUt{g@Cn
zgOD4GtGs}&s3n6IhNcCY+fvvdf3j=>h>VmSYbmJlJeGod1h=K2#0DSz!;06x@&!Pm
zHg5YsjRi+HH?DK9e2sO*28KMv@^17GZ2=ZNiXZEh!g%amv|r6Gm&#{e^@UUNBM=^I
zw+fbp17fna)awVl2mYyN8B$fActt38@(wQVj>F0-zE(vkV6hhM_v7W{f2#wx-85UK
z48<4}7`@B<hGH5D%qRXo#88m^5P6NAofx!sVsRb>tO%okL02?`TX!1@8wi$70D_US
zV+{p0p2tv(reY%{Pl2bC!v7bZ{tt(zlkeJTVa8**vT0Z@pZGtfqBEGY{l7Kf(Xo1U
zlr!j)<AsPUs)ckjSlUF;f0!nax0EDInFx3q2BNC#+Rf;c*(k1T0*Z^29cxlZ6qnni
zjDvBJVxLt(^M`i%-2$GVaZw}@yR|3%M-KgM;735FUb&~fW2>m$&|z7ZQ^WKML<;xY
z#gpl`yk79FYTO86Lc{hnI26iHz@dJXMri0pWiks3=!2ntfcmr9e+Rfe8LG**Vj1rJ
z^$o9pm(Fy@*oapL>%3Xk>y<oM(SGnnw^Aw1e&xMOWx|pgW-o^`5k`B>2g^0Ddzk&(
z!EoqhVU80Ue%u{dnP$)FUzS|agIM&HuKP`b_6_@mH0*74XTCK^fM}Ocx4pzVT!r21
zT|>ewj-j}tRm^V|f2Tq5eBz_v4~D6iY0?0uHZ`D{HMf@D5@)(!B>P>JL@AF13rc_)
zi9BOPQgId}qAuesOoGad&dY3cUN!-pN6L=1mE>B)Exch)umxN@MEx!pC8?3Ggf*mz
z|Gq<KO+$jE`)A4>u>g36R9LHmMtVO+jWu;TG?s;e9-DXPf3V2*`qz(N-R-r=#nF%?
z`m6No<TNy&PyFn5dCg8L7H*eC$7-ahFO7p@1JK9nCH1C&Q42c4GiV9V;xY(X-eeU6
zN-YCXaO<TF|H~%8|47-fdP#HEdG&G}-JR>{_roWIdeU7*_taAzZ+jhVJL^gT6V1#_
zSSDvKA}T6!e=RT874+bPBKO%BA-C0X_Tu{MmzO|61D*H87H=spZa~lBUvCyGzE#-6
zmkNor5%Tsf`ldlDN@LcwA8I)$lr!ajxZ*ph+ib5<@4=_Fi5biXWj)3)@6lV%Z$G9%
z8hzq^+S+F)JG^wJUOIM?mv>kkrLV9X0dOQ=5ES@Bf9rS#z2jLNM*%C+DrZpPA17rg
z(s|)F8#cf(n*eYmWyhKgy2Yl~Y>ey9Ns66N#X`#dZyiSfh2JNhRZG#W`CeRpefv_?
z!G3)^+rUOr>>0>#XUgAtA?+mU8cyt#G8FKha`eySe4U>AfHe>&#v6;O0n{W{W^PLF
z$DkJJe?8;Z`)Q~}pZG|^8v{}_FN@(DKG#Pep^BQ{hCvJ!ls#g3ECLqgL6C$|03lST
zvgbBbF`occBxOe`JG~aKvXi1--`({BT)IxrxZo8Q2{cD_5LItrx&dvJj{3lJr@RIg
z3_$-v7v4j`DLC~V{Lqu@5PC>1j`rT^FVm}qfB7`bp-<e89j>4)IODZSIa$4}yGmY;
zHtni|9#F4ExA^-Zg7^tbOe^=^{N#8&=6q#<Ph@c<3RYxUjsV3pNHc&Zy4BH!CFT=g
ziKOgUb)@lyUUeMZT+{Ue2t}kMfQuS-#QhMq8a!mk9UQ1;cLDCM-FZgoB0voRruYOg
zf5u7?@+*r@Y2O$KApPz6^=}#k&?kO64~_91<XOl}qUN8W4rM87hHU*(9ieRl=v@C=
zS^rw~K}l#JwLSy>l^U2QEDrJpx}9YV>rZv_YPSa3xWRk^Zjh86tAR8C(5r!?DdAi%
zfY3lU8{DVgzFBN=aH1)6f$p&a@72!Vf9sp@a83>$>#UO>+x9N*kQY<{By8z4`*j7x
z3h3bWNkBjWFT@to1sj2Nt)f*Rg<%K;96I|#k<aNkRmVdK^J!2*pZNcbQ<Zu>L0;u$
z8dNM#5^!?o2`f`+M8Y(UlSIT#e7JoNb=rm;<`W=?r0iIorm=%wou)*IzVSEie<wHj
zJG$#UDUFJ)=%Dtf&+nj3{9eP)p@+F)hJOM2tZuo_{9>d;hcCs@vhTUZLx!xUT!DV1
zc$V*xvXr9YaMji>c(*GdZ@+D&BY-{Em17O$&RqvUfSy?9AcqFRdR=gPS4F+j#C+)+
zMkznRlp(@ObktqB4n0r4nE<kXe`^j=e9z^;8)75B8;3C(4{OY)!5V$y|1*pciE2!f
zD$jBZ$j40D9>I#R&ZWPRMMadxMbvm43>(#$Pe3)2vSW=A4NvqMqtV?|T`%C2z&t7c
zzR~))A9F|h@S$Dqe#~xnP~5jtWzL|u%FIZ|ANv)fSpdCMpEg<x3VScMe~P;9Rl9zO
zUu~=Pe`1@8Ex%uPGZm%>^`2AeN|F%L>N*}=m`?*2`ozxz7xu~RJI<tzqIwE0A3*Bm
zQ(c}H79(FuJP&!1$0@6mAW@Xi9C&Z5I-1YrJwPg{CoE<o3iAnwLQ;0Dl9FrjD=97N
zih;YH-We04<V+XIFYmwJf4siA`fBIOF8Wi_9N%qsK;y290YKZz1@wH_!wsT-n^rQ2
zOjg|?^cifmhR~M-bMgW)`CcCy{LPE*rDn5Sspf-ff@jfpbyuCe`1JMd%L|o+S45Qe
z_q(Mz&{vw|T29itM5=|QCb3f_m&?I<A<V}Z>>#}n{RU(LcJPy9f95=sf6I!DB}o#n
zxK1KgmYF=*i&%&lDhpyazfEp~^zsQHJyNzO!H_%hM!Ja5Kj`RDcI6o4U*xgymu1<l
z3B9D`9G<+3U9Csokyms|`ippI#UpOgz2@Sx5{I-i*?)W_177EIsgWWl?9B-Pu1}7c
zn<fdOw5(ZOHLy3se-asDnDp_YNHld5C!Q0;21Vr)KvAUZS$mTj#J4wT&M<OsPV56p
z%A4J}*95dL2pPJ8UTB<ok7ST@QhSv|UAZjjcxY2T0owG*F>}S6T7-o(opavEn@Lr(
zJgeqx-h@R_r%^K(xqG+TP@#MRREU&4YqwH^_;%}9f-u(;fBUv8C91b80%xsGwc6c4
z`}$P{K|Yv9cs;K*wO!Ar1|vmI*sK$9G@l$Z=V6_dc`aBSfoYBToaNEHWKk}{x!kBB
zuiULDavPwMPXMTpvS)2pY7pOM9ZS4L3Z8cOQ__0B>W=89>&j3BtggX-eALdstlL85
z>XvR*NY3Omf3D;4ANd6Q$0x_kRUSrp7I7AqqGE9sa#p5!%y>|VoQr%e-2vx*Eo_WM
zF#%&i%AT`d$w55()jv70UtLcuH|oEC@Dz%W@|K0w0p8~&9Xh%D?;lJmDVzr>v0=%H
zTpN}Y@^9E;0#xFYW9G1kqcW{?7SvGyMU@5Pwa8eOe~YvX(>f?pcZjmEQ3%BZ6ap!G
z)`q19@oiY|<kW_x1Wz)sr1X*Py4$Yq5yY=Xg|649T(QV0oEvpKrl6RBDfr}=xy(b6
zCi8}+Sz5C=04~lVu31w>QN@#3RDrwjx3H7-#e`%%DSOsNr3UeBRPW@}Mm;+_PfGN7
z@;^6lf4}MrOyq8a9r+RJ!l1$)(c~(yj=A#PJ@jAw-o5xEAV}}XDQTyb6!C1;PY%&2
z&Z@AkD(Dgj$(wo1@_Ci8G=!!j0q1GxImPWHaxo!^Ov?7jl4F8b4ng1k@=i!)XIzg-
zY%r3529hm%<pjXgWH4Bip&LWkLJFN==q6+~e?K{9E{ik?!m5$xErt7ekg>8Tfe$}O
z>oVXW_b?n3cG9qzkTfJ^y_=5`^liS;sX^Cc5}S{bxP<fo<k{g3-SExg=}+MGn_Ws9
zr?_|lh6H~EaFE=Wbm2ZZhjUAg&)yZ&vUfi5(<%L+J=bd8A+KLHpJ$Pa*N=SQqN%f{
zf2m_u^FaEh1+;&PGHHuz;PZ^DBnUia*v`xq6Ebt8tXC5#L7yg!X7zAACZP$Ggcai7
zuRX!b5!9EMi+^XJcM2q{&V0n@{d)QNBWA!i0@7Er*I&P0zP`HrMrq8LbQLLdg2qgv
zy6}mUjaldOd6;KK8bpLnP>&>!f*_vDf72m`YR@>2YQ}jTvOJ%MRV<=v9%OEvu=8NW
zggh82>(z;oxi9~Oq)s><Q%4n?aa&T}Xvh#USPyHl(hOQ7uC6|Qr8fQ;G6PcR1mBku
zO~a;a=1tC$pq9RGAp*wbK4oQ@)J?{tq{-bC{)L^)DkdbeNLlX&8=1iJPe^XCe^GV(
zq!jwUhm{9Z?`sA9gW~-j{s%w2`1Jns`%iCQQu}R8Hj5NG!O%`C)c1*#hBgT1^CC=N
z-w<j*JyDco^P=V%YpSefv1o+UfN;)2Q3Oexm047H)WFV?6%(>#q^wsBMrOwR6Ow8$
zJ~c*)9^wqT?XGTD(g&B`IO%tff2krTg-+Pq)3RUW%!Me*GOltaiYS(wFfJJnqKc(W
zR%KO`i!ye1JuU3)S1}>`Map_N;mC}ae?oE-Iv$hQd!D(5&37mG0x)CnvO0aJ!yo?h
z%BDN`&yVf0RiB|Y=$LdDDRjaHotEw*XKn&sguF~xk<1Ggmr2I*v}ss5f9JJ`(xCLP
zF{X1X-3334-JlLx4ZFLTy~VyC=$R?}<h|~DeRSv2BM##n-Mapz9No9Hn9GNtrQWOd
zLQpI9XS=LdkIFwVnc0D{`NF12ywKH5iis7m^EM8$yXct>AuR#viQm^X_E;LqH7WrF
zB11A*XD+~3QM8IkDt!Q@f1d4d963R|tQI?@XYUb{s<8s0O!O;oC=)H@RVEZ2@5*?^
zPw05mztGp}t+C<lzlO~TC+1O2rXM@V>!zuih=p-pv3MR8jHg+}YEk7P;^6grG&!&}
zd3+wwAv;==sS&-JJgQNO^XUmKCi8&EG^)xE`-~vgIT_vf?d#VWf4aJT@e=%bBjol0
z+EZZWk<yj?th_KRp6L`S{GHtMP5T3W!b%3+ooLqH-%Az39%hx%Uqj1|G=Wyd6{Vab
z(vP&z3CcOCq}eNOlv9_b_LmK@e0~4K^lx8(U#=b(qP`W_&ir*x=Yii7TZ+ey4u{eY
zKhKLK$bvb`3h0b0e-B>9>#}0=w9a@um)DY{bgO7+tLXR)s6%$Nic%wbRdiIV6X(-o
zM2OH+O6<+R>N^C3hQqRMJD}QA+B*b`^wG!bd+9KCTa`lPRkhkJx4k;|8m}uG_okTD
z$XRSYr)6KwZk7Yj7}vb&@<Y0&>FB&0X(_g<UQsinVhN<0f2I@-D2{p#gH2pXkrtBO
zuIHfa0`(?8td1RB?;R2+7=;NH(VrYM2W4JHMJ%A@pS+)O$W0Vc#G)iClQ0r|&YeMm
zbRO9nIX+M9kR7d&)QDb<9M$8*`SdQ0q{ObZ%KcdXXLVn9cVe*sUc5d1YXk=}M*B0G
z6cea`tq=B;e|XQ_R;b!R>RmO#d+2b$XKQKbRoU>S?Y@I6JaBJG-<Aqo&`(3+A83&i
z)M8R?u2-Cl$wl*^2#bP<$<a@g@GRwXsb7_-<!w`lh7~-H7?kxFX$rI*&f5NT9^2|R
zJ~Qr+9j$JT5jSFc4AgUd!a4|DBgG&Ua{1RkbnV3{f85;kU^mNZ^R(WYRN#J<kUCeo
zfd+pE-fI83B}bxtp@#t1Q&e|LtbTkoyR4-SA<k+c-?VO|%lj@vmg27ZOD-Id-+;n@
z&5;uT$+&NZ@n3wqzIpk~!9`MW`2OU?GwdXbKMCu2#m||dCs+h>cI%Z>L|gP*b7=Z#
zU;v6vf6?>_WxZ!r;X{@0;_sZ9ZPGL05tf2_BUO_owa5hvB8W>t_pvg`3Sa>#s|tFL
zxodjUd170N@yG#(>}X5j7|~%VMiunZVuO)z8wXO}Ca1Uc+~TD+SR3`(FPf2m_7Q^}
zitVCW@UCmCS*HimPN#0mD}C8tz>zlocl~Pif2;PY2kpiQwX)92Cm_w_yTw*H@AZC5
zkX79_PfE60)kytg^MDy@Uh3f}TQCCjKntB<4JLseyyEBe_fRhf6kWb9RQ$8*`sw$;
z170?ws9BQKa~8){#CTi;tf<PMjOqZoin(n-YTJPENC}7RXdB=d(P0Bd_4RN*I(iF)
zf9g|WL+8)Gil^Bhplrx*vt4bpUUup!ln!r1t$gWYPxa0*kK-gAT|<nbQ*`Ga*#tsG
zeVKk+46gQ?YW}-;Vh`|Q&(tOAy;Pzo>!>W*yaG^21Q{Puh73UWLU0}>g|kW|ooBW#
zjR%D|WJl|gV?>88`PM<`5?S!vpQm4bf4#gqXzKZOS3)O&HTBiKaSW`e^bY8@KKyp|
zSBq`xOW*8f4Ln@k4&y(~&ZeeE73Gb%-9Z;Cek=E){OE4UciX$wrv1AdxVq!ZThYCm
z8P;m;3CnX_eit|=@MPjX*4nM8s#m(}jJ#a4&U#kqR(Gw*vns9)oJiAa>fWO-f36e@
z$857&2m<dyzaQrrI~wnTqEqa|KcX>(u@llI(RRUfHPQ*A&6(zb>^>0|A{5dxgh3Xu
zIL%U^&`DWZ1Z7-A*t5@V9&+0}j0ej&WJj9^$A}K|Fsk*0^U)7%0)6h1@EvHR-L?IV
zdpLa`TTO0*4V!8KjF<Rw*1OH^f1qf+V-8KUv9Fzc0dO|2mUdfiaNE@w^=wuCP5zb)
zca6a5&_X9D<)m&8Uh)6t!<%|9VHifD5;+T?EleB*Im>wxvmlFsyDn<V*y9Knwsww3
z5jkW>Yo}vGhjxzY@IZ?>4sSw7sgZu=oodL`b5ZGBtVUmK<oUaR^vaW_f3q~NXQrDu
zbh8&GSp8c3Q2%&2W3y`j;or;IW{*Q_sLw{Rdlp=L06a)Blm!>xqssKo@eB^Xdo+Rx
zMW?9lKcZoSYV>r_)oFlUu-ks`o~gOiYY|Zu)=d_(C`c0~Z?K&4Qp_1J$A|Nxj*Gdo
z045D=cvUa~UPa4})m+zzf3)U$*Ku5PNwI6ufK$A&qu$Pd7CF+NQ0&^1xee_P%?x-f
z_8k;8y_*HCx)^+PAehw<s3Y-bDT*L(6F~<*T<{t>YoVJiS`7%B=?}b`y-`hQ(Zxp5
z2RX?K81D|Yr>fW;W>@2>d5I&Od>^zGAVvIEAeaWd@`)QO0J#QDf5*3dI<yAK>&<Qn
z_5e94?eHI4Et&M9UiSj5)?Ypo`ip1xwP1259F=`kIK9^;XY1Ed5rkoyAGa9fE97yO
zWqB-*`5H>*(ky319X5<7X_chBj`P@^kq&GaS1<v_Maz!17>*Gg7GoTSixe9yhJD~u
z&bVWkg}6mzm9FRjf9!<5<Erx)o$|lQU$9ngtM*<PScX(|!n|BTmW5JOY9$Uu9S_3_
zropg$;%9l<s%<WNxZm@#dr+2wtDbjalW!((L>6XI%&Is~SzPjv@p)abc~S%>DdpBb
z8>1CWz-ZC3qxH`*qC@}20km9??$S3(Oy?PN%4gX(k}sbSf824aQ5|pz-rlvFnyvX}
z`((i-k-}YHm31R#Q=zrT+$tULub-}7qCQ@~zkDlylwa1{-`~HK#^TMDN=$wI{ORWH
zZ}^#a-@bkRN~rAF7%5WX1dW~4HNq?IPZ66}{o3xK`g%y7F@tRWXZv>zri{=;s&AA~
zSQ5e&&5Nq4e`=Owg*-LWv}C-JS_>IslR<JTtPSA`CP27o+0hE?7}24y<M3OqM|UYK
ziQiIbSco<Cr=7lR)wA#7NfFGhH|?@&*L-28kmUxd6g&h0SJ-Vq^jyvRgP_N&@7Uzg
zIf7Y)7CJ!{r{S`E;{Uy2D)POUJQ9OwGK)h|Gad#Re~Z#Ag=jJaliiwVqq~9$=q_4z
zv?h*1cX`)AXri-C0<DRZ*zedT=~>WtE%v|<__KAN#h*9gmWDl$6FNN7@ertB8U)HG
z{@<)rWOD<ZePIv;X0d=4YC#z=)$TKiAqMPLDjNtDOaMaBvZIx16cEb04nnD%oegNE
zqQt(f1Wd#hpO?2E1R;Mt$6UM`(3S_iL6wtx@bQaTw?atN{jO652Yi9yWhnj=+q+fW
z%@*x<(bK*FIO^-yclZpH1)$!J!vc(lJq6QXPd@RHJ%6FakhTZYOaO_4Dyt%m;#yuw
zV<1ix1>;FHXCjZ|SOlp&bt|_CuyIhq1RNACJK6+{Kr~&C6T5$LiP`uJD=<XZ1hR*N
zK{#Ll2y4e`6ZA30;suQR5<k!x!ukP3-K|&ORok+DIhd?{ShYA(TjRCL++5j4ERa%E
zBR2>wJs)62ikzUO(*RaJ@iCF3ee8rjuQw&H&eTxqrI=I>gXk@bvpi;bTn9`w0S+4o
z-nuo^Mpp$B&{co5>}U-gfs?u(CwAiy`}D`9*2~WuWcT~fF257%Ng}Db6==)s`s077
zGgl5Ob#Sw~$FR``JA@6ryP@gOR$yyjW$I1RRV@H2@xNb~!(IMi@npOJ-KY@t-Hg_&
zc)tw^Wu;c{P}cD%r(hb&$tQk7Dg36oYXNuyKVaJ@fo*?+tzUPq>-)d=L11b5nEd&F
zZF$-K8@M~1D8nV+ib<m|i1o^QY8J7gih-XK8V1)DgnHfDYJ;7E31BB$cC@yRfGu5*
z6T5MUX~qj*DwYzz+Hb}^Buk)`r*yU!kAQ7}-{3!b)jBNxG3~`ncWR~UQogO))vi-{
zQK`Z;45NQkSykF@?>2&ys3&sWbXa#h<SCd2dGd)H4MlA{(9m+Rx_zwxq>wFzm#^PF
zla_SXr#;p2`m7Z=p_bIE5J4E1Jc?P}q&bTdQM0m=zAoaH0k#~KiCZmglv6MP<wVPl
zR?881rR#BGHx9AA)F+{nlq?j;iw6O{mk_%9C^mn9FCJincu*c!+oKQ)O1Y>7(8@I)
zloU(@CHcfhcFXLs2E)r`00DjuOE}YirCwAb$`C367=&<H93=(I^RQru2?j`Tnx#(F
z3vHNEI02?a%Z^n&?}*1$Z;aTD``I1+Gif>FvmWaiz1LgPpow~SR-p*R7Q#6FFD<61
zKKmJ20+&qJ8Pt(!g>AQ~yxWzB9j&49T3g*gm+K+~9Dm&m3Kis;BgD|1cmJ-e&mdSr
zt6oz*Jn4E@$`{qY1;W~p@16FxNfE!f38$f-eB$TT?fsDFdVe?8FC9K`mPsLBMxOB^
zjH{T1Nfoj<C>qAYX3mPV%Br{#aT2;u^U%gIg%fa0wCre;G6IowJx=V#A@=9x8^=LT
zioIEFdVj584X;q|?HbrV2>hm9ZQ2XzFJnkb`PVhj!?fj2nxqBv+CEGo*=T355DQ?I
zlhdi)H^4C#(wA5uv~e^0fCRW%|HplfI=+YJ_*0a#OKZM2a<WG-TQB76cxif0EU=Z?
zP#^V?Z@!D|dcmn~d-Urf-40UX1UoPdT;&r#FMmV^en;CpF;(F&T@JWsAHbn|sC54t
z&omR%QsW}1cp%M0RLcu_99Ggo)Oo^6py4TsA}QwXoN;Kwt-=X#D_VB6nHT|_x*jKX
z<9_y@y4R8DBIUoWblH$WP3`x&?pY%B6n#v)zakFmT-~i!oiIiAqQ$#5pKVqvAf4Q7
zrGLs);OszEz9Fu%e*a2pzv06hu-1md1IIiZin_v+PwPU2kU}SD{4{WuPkiJ>Lu+-<
za*v>9@B_fKchtT9Jk6)xS<zHQoRkHdCn3bldBgH>4(gvKVI$^YQ@La2p^e)LDNxE6
z`F(a!AKNZkWMQv7W`G*#*DFQO{)JF>7k}~7?9yt5L})$z0Mf>gk~a>?%d2B+edCb0
zQF@NOnxsn(Fg|!?LzlWMxd#OPjPLc;@n4%nbhkg!wvVK1M?)XcpLJ_7c)d5^n5;J~
zScw*EA1<E_f|G$c!Gmbl%6XQn8j7G`+jr7MX)ugzilpq9Kl_gr!~ylp9fzW01%Gjw
zz2DB{tG;g`A>JvNsV2gO$N!JnYPZGMKG1`~WoZFX5G)00W{sQyrh-Rkm(@m5cjARh
z+68b=_L^a>8cjh0k3w0f^O?j*krV9Gq+VF`%u<*0Buony$MaJDrxa4bBf;i*9EVw2
z$7Su&avKvCQYe|TwVWErr{ylh(|;*iPCtN8%SlX_E5c4nUG+IF-00Ga@8rvZ)QckR
zSrVEJwMy8tdY^|!>7-%fK_U=PgxS5gUu~r4B+q!R)nm7mYP(#*Rb4BM)Q0=rV%y47
zNh>n?3S2={R0a))mVN_J0c}?6H825vGkNjFs_RRwu%J?G1@MZgCEL%2MSss7dJ7P$
zfQya%bGxd6foRFs-Q8-7^%?DwskP&%I?IRrCM_ab70by!XAz~yBYKF@LMN#51f1L_
z$IN9FWVuvVmhgGX;)-WXDsjY;Km<iyM^d2+w<_C6w2<yub*3s)1Nl_h1zkEtmFWlY
zsWOQ~bE+~W1?bMVV#S6N@_%4oVp>co0io4ukINtbt|<Ae)Amui=wfzjjW55F7Eavl
zaM>m{{uov)Qs{(@KLH;0$uYAivoOrVh-ExTSR7Od<7F&Z+yr?LM|ma^&lzUpuR^*N
z)tMWg8pyZtU1*?FHa`6TzKu^wUVf!KRT62{pI;cdelS~f2n@mQHh-R_`z(`A=Gz0|
z7M#3$0jR3ByGI$hg6~*h^tb{|!7P|(+>6=vX$_?9Qlq*x$C^`=H$V_@Jde*VPr>#U
z4oL`}EtCt6-Yrv7NQl>|wtN-%m{0ONlp~ub2IpCy%KdVX5WtGn>-hfRi<8GTpFQ#?
zb+KLp=Lnq1(x<HzYJcVtng)0MDJZ@5doB-3oK2mSC~3R_Gq#l;kV}@9#K=(R=7@%B
zw9pCWV*+mNlVfI{S7BNeC5u8XUErjIyted+i<}2hBBChEJ?Ewk4hu>CDRtM`R5R6Z
zi7*<J_?y*EU*rj^K?z>*HLu`O^Le3mIAJv?c~9GG#{+LF!hdLxQ!PcWx(0<cyOmn7
z?$kzAMMS7<t7W<38{Ngk)ah@v>K>W*tz+J6(a7I`6TCO6Jf}B1L^!ERD7ejH;RQ5{
zH{T{Rls#q@9{3o!2*<T?Bz)|XLo~?~5d=ZVin7k2jCRiQuz^O%v1n2;kE7bnHy7F%
ztB}HsoVe*JaewcoCjm+)Zu+r}*l5X{<#r=|HG1<?g5Th>qu*DB+|1W<vscJOqez}+
z5dGNpu^E6JD+iL;X=AvbNTCz#^Q0ba^vtSgEelvKQYc%SCoIpxgk@<VVklY@dG6k-
zHtr}SDTYqlsx<t@vsEd<w_*tqC}M+BQeLY}B9r!!^ndg|CCP`l3Y_(9!P*1aSO&Tj
zSo3)c*LodkK)w_Y%i>$dwBOK$gYbajY<f01Fe!C91TjqguLH{I)w`#1)7Fp`+5v2M
z_`}<s=(c+e<}Qwip<mWM9QU5zx!xFU*~cTJ!buJ1=$UIFPr0}(Sx^fI2v#X8nkr(A
zAtFsZM1Q1_4K<1=_`zw~MvD8ijTCfh8!2_QI(o^waXlcVSfs=|j9hQ|?JYVr(Bwtj
z+QI!}-Uez~jsDBAjq;YBZ}#JU@vrjMQ;C23r?u2481SF|pUZ{3*1-H&p~fwmG`!#l
zRrS_~AD^vup9%HVU?t=yJI!gRqkGa;$m{ddY=5!BoMO9`cN5ijt#4ij(GDrueV3y5
zH9Cf`X2-RUe61utfRyknUo-(H^vN-EmDW)fMFC5bN_u6yDp?uF@;@S-7j;%Np>Q8{
zkqycrmv^G_(Et^X@{!%(oXST@`HnjJF-a995j$`%epcMsv(uO2xh4`yN6qjaF8hmx
zx_`;*T9)C;uT!`)ehb%(AyKCo3-4FhwE9tOjx?OqtCntKUy^Dyw1eOX@(U}VB0%vv
z@F$O&wRev7(`Okea)LTdfZKd>%&eHY;)*3f3MuTQl4lt&SW*@#uk$>fd$@uk8@v)x
zner3WiSBIXQ75u<n^T=ADX%(_k4dT%Eq@^fpRlh6X_X47J^g$mo0AQ8tJ?h<EjuU<
zp>rfa21Dd~6)AftI34xUN@vaUYW5XaukWF6Ti>#go5oZdQ39BSH>wxwAU0^;3Kfq~
zF>1LE6&sIliKaDZBWI3~jH}G$ZLH+-a+WtN58{Ls^B_u-I?6@jY@nS+HcBKSp??ym
zsTd{hRWY&^n^VO`Lqh21Bz25r$g#nn3XVA(8g?9;*oEh#7)X&5cHuM>137ao?<rZ8
z7c3|$xeJ3PWn~fuEa4&vuxP1v)1yZ=iXoyhtS9b5O5D2(DZ$@1w|v?Dof5rvh<XEA
zq~xiA0&)NyRmFtDULaMyMysE-^nZg~QPa1MNgyoHRnqy<U9BO2JiIIwC9`Hy!Q_km
zNQBCX90Z(+qzAbW`kFBwDG*IV3Xn55MOBq`p0YelQ+drOE5^e#W=+9^qHLm~F5KAv
z$VLi8?haI5b)m%HV^^A^CiKcRE7Ca-YBG+Rh7{AmUQJO-Y6!X14w8tP5r14Yhcy|D
z+2u91lYOl+5t^d{v<G)H+)l`#0HH$EDzu)eRbaP}J`JcmvDeR%G5jDIV?H@(+69jA
zi%!7y7o3m!g42fuF71xCzd(@T7Zq<a{ROE{DhAipZUNCosn1Xn)q;xm@2IyeLz#gy
zU(+L{3C$mamLP>rQ2uFX34d~Cqu>k<O?fG*awfH2S^#-!*7DGVGt;g7Hd-PgAp@r=
zKPB!_esWfq@{i-BA;nCl2WZV{-FE;a>{?tynb@l5ZZ-GJVedO_2M&lTR7KE094CHo
z0NKHYcHBRxmC+~J_}qOoEq71OY@9m=`Aq5f1p&*8vSwMy=Rw$Hkbll}Z)Q7pA5F{M
zlj5GuOo@H5E~&(p9-Fi$1rNMFUpA9|V@oQRxs?W3+GQj;la_lZ2vZT~?Q9`9@VqSd
zX_kmX%{%{Iw<|NL>QHL|UI1s_pSx;>gw~v&z9&UaP@4(tFP|JUM+vWrC=6K`iGamX
zK4*CnMr@u3yogoX8h^Li*xCPRTK1n5_oxjec7ocBV^bl;PILn)aqWPqa&2(>y4j1%
zJ^!zJIlF`Gkh1=A(`xj~**+k(gx}SyP#N}FPNo9hE(h+n9)6>owku#$g0j=zHyc)o
z*`vm>vUiS^IlZg#V1;NJSb>~5iiF5`oia$}Nbf3&Se_;o%YS%Pia0JIljGJb8>|pb
z11pf?9?cp@hB8L%#vyj1R#D==>s*H>uwGytgF0K}uO8ZkxFxeU^pZ@ZZ3UoDUMnpb
z?rutZr9$Y75&|u4=$e9hLr4ZB+YRapp%T<8oGLLMQ4mc-6p%BU#3h4t42$D1W;_W}
z`D0S04KE-Y<9}3%*hUn@(+~xuxLYMiF}F&L5xa4Sou(3`_&fPV<wfHO@78UFOnHjj
zy|bE;9l|S*U7CGROZr>FA==8;%f30{Nv91SE{AAPzGYp-LC23BITrH~VoSe%{zX1Q
zV}BSR-QaRUd-A?KaVz*ev?GHu!wp|xXVf9Ia9nH2Cx3ToEh*&J+ISiift=aoM;T;z
zq>C7rjAzihA<UaFh!aTgxV6@XBE-|62&A}2Ysc|`j1jwWh@GglB*6usJ`c_rum5Lm
zHc+PkN^%gvBea%ULLaQ)7_l^cT=aTC0nbxk%@%Y3w?@j53s||$&DnoQp^vCU7P)q(
z-i^mB#DCK;3*^iuY04l-&*HMqS&@e+OL<vAkRD?6ZoRWH3-L6}0xAA+2(Uu#<YUiJ
zKq#Vr96}Yxq8R8Id!h|e5h>BWOrW!|c?veLHm!e;zk|1qVF99UjWjd_??6xRSR=Ol
z7>*25=!7jl4MRZAoXRUxQOmO>sX}14OQnMtmwzcMN-lMQ^E&bHr^hyiAfARHAjQw!
z^8Rs%El&x0w>&wcf6F_11d&^Qx2^$3M(lQKM7Wj>#FM|{7+~^+zFHY3IR_{XC{CX`
zIX~O3pg9$#9_K?FNRbniV;Z!9oVm(!5!9JH08;4uo@5m(;zHh@;wlk!o|Jjwu1<?>
zXn#XI4cb78pQ{}HaR}ugAre02a6Y(c`F?_?c+d_9ngR`?mz_c)`0#7w&|mg=d_V&<
z)W_;E{e<P=e5vS>HI5oSy<JH^3iCti)7RqRw{<sTv-Tdzxs^)wEe!S;U}m-4@f2+W
z{T;eapYdRbcp4ajoVm)fC@MwBc)&vzXMbhJii8&|C`HgjdEPXUN5O0`L_7@)L5iQN
zVE%Ck1)~JL3P#T8*C`J&fz&DY3FP8qFbY!1F>W^;>ZcWv!jO(a@>ab7Gu6Q{xL6E}
zQH%>3dWSU<&!(Uh>HHo&q{s<sG!0fj&Ky@^S;uL_s<JFuT;(ai3V?~BECL>j+JDzc
zJ+@&5@ibTgDSoaR`NtvDh!XUw5jmq@jZTCb=vRo_6T4wp7w%4MVe=|HHhCfdaNC(@
z@_l{7+;?KJp7n%xmS<Rs4*0csB{fKcA)cd*JdhpwWx9^2@hFFQ8p?s38K`=*Dk`MY
zR|hN(=JK%Ol~gb;=7C6g9@lP^Lw{_e9O7vx2U7f8-6F?v30^w{y}IR@(WP4+QQV)q
z<wkUCP__qsTOpF2<Y*3yKORI7PXiH<Ge=pOmRUZR7N0jP7OA|Mq)E<-THaFhj&<)!
z8$=LK0}+to=k7{!9N(^_1iib`Gox!)(ue{Cmh#y^9Xhx!SOx|i5yf`XR)5OWFIKne
z60n?oSji(|$rn#s_#-mCLy;)4lgFg(Nud+=^0c%)IWrhmX;v#H%_?WHw5z~2z@bZ+
zNa`le>d@o8*lGKCTH2lzKX)&a<M{USSk?jGjIO=x%HvDdTJZ%NLStQs-|yRvs03Ku
zy$`|-VJUvBRTxQk;4_I44}VPy{Uol9JwEv!PfNa&GZ$f=2W3#PIsw-~Br)S*k+P%^
zQIX_Lo#pOw{=`ncC)1Mer1+T|n;yrru}MMS#`ewV*x01#?|lTvb|R{tv|P2jvI^nv
zT~GJUwMfUFC58NZHkp=sCTGrzs)&*#VQDQr-MDN7E0Q#3<-E?Ln14rco_Y4HoqA5D
zrJhOgbN4L$mOOiQY+bx>M%SJt6Ty&!#efK3hz&AVD#Uv8<jO@uP#++-zijm#)G9)U
zPguq9Y7`>+Pwe|Ksb5m)gnd6P^-Iod91R9WTVC_ZfN^QISs<-87;UiG?tO2kev@gb
zUsC+seLt?r0x9O*^?&0Nzoh73sR^V-A3ibl<vKFCm&`@K+YvNzPOlSXAD@RlbTmbI
zJPL@h6pu#)t`u4Ni?ymwe>rP*%Ss(B;7ScSI34TUFQRgycgdxbwIrm(3F<d34NcC>
zMOamNTrs%V%3~+XSuU@(tdTd{SYB-5Uh7srI}M#oOGA_5pMUyBP=vmX61;W@dNuCs
zVs=uZ5BOIW+ZJ3@?^aglFx_~>jX)&lfQsSg5T#2@E<d)51wsHtgN0N>Cl!rS)HNjv
z!q{Q+0Mp3qy=mvRw{~^hz5Dj<^VivnZ&#mZNN5qq(Mv*;&QDs?-?(3urX{V(nGJ&^
z1MWT+7h%S7c`l!3A^^ldJHMPK^DIn&y3egjcG5bTmb50ty{a@y@Y*5hRVDICNmZgG
z-UFG~db9fRWS1N^1R8%7L$~gFV63p$c>xUm`!r(M*KA-D*ng_J-at`|QnX+A->Z8C
z6jAd)Mneg_+HDrU;8WwhN;Mb(?y-d?bRp7n<g+@x%kg>cWLln^oY_!iGARC%IvIs5
z4<o^XD4)-hFoN1Iw@%u5?qph?n-urz<S4;whoDy{DM72x{l$Om<_B=-bzfFUE&0di
zPcA=`WIRwhtGd^}fPC`7+48bKT!v15_5UJtl$yn-qe><9(*Y^d_apYgIt{<>orX4L
zp#4(7H<ho&dH_P*#+2F9yTY$-)AHfu%%+TzK}8s}&yv@=Dy<pv`vJWluiTCE5<4HB
zOv{Ip;$C$dC3t`B5Oibc>E|SsiIVsee7U~+<UwbvvM+XN;nq|ucT(SfygQxJIBF@!
zSD|^uO0j<~4^(7$u{`F0UZ9Td^ZNCx`^HuJ{<R$I_b(rQ87gH6g>$u=Ak=MqiaeQ?
zA}41ywUrF2%~;%og7GYa4me?40sUX*=>d}1De`1mikyEG_o~|{!E1-0N8Qfm?k6R#
zxbmp_y^ifYz)@42GG!0ClKWgm7;31&GNov^ZKcfn&&H*LK2w;pA+(KJ3F5m37}o(5
z(x{jw@ssNRU%>vX{ti@Wy9M7Yo=gyA2uYfz?^FncS`Hlo8K2Tmrls`BnN2w+gX%A6
z374}n%0hpJ6o0_*7v_yyi|mwsGA*S~ihH$al;E{P(4$4<bCOy_N@!?%M>KOC=+hKj
zalPug_IQJ*w~lFs?mS<IASO)uZNrxxhA33eXY=5*7vDa7ec8wAgI6J;1=Ng=!(==f
zAen{+AZIr9jSPyhSe%Q56-`kwBuxX(G+ufR6B|<vkW51Zkm6o77$tb^5cH@4CAN1_
zIw1^CvKDBDKT0L+;Jn$_7Cu+^6jhy@W-l6jP`$?Jz-x2u0*~rgZ0@b=i`)kSzd*SC
zVg)?u21g^d)hm|@IRqVl>Wz$g3MynlEtEcs#v>P!X~+d~W>f6QfUu0kMO^^0EM`db
z2|S-c<E9NrZRA2a4Y@#yk8VCrj_89HdzW%tJKZn9)R2%$Ns9k|P=|v1w#W1G+0dhY
zcE75Ha=`8s#ov(Sb!M07SLFx^kV5_)ole6wkTV0e3=q2vAiL6kyQ-nrZWA-e`5K&#
zdq>;2hIAUPffOIVqy0z;Vn>ffIMA<v+{WGtcNIrAQL%%t0qk9Ah;QM>F#GN6!JmoU
zI|iLV3Z1Zfr=b(bnV~p0N@IDsE}>m?2?4E~a|YG9rbyAfdu?<=It`sbijUvDV@uRY
zLGSK$z5>5Rro?Z59{6Hs?ykt>h2h&>CojS?Y;`o->vbeA5ewi>rS|WbDsxikg#9}$
zy-&^z^|MJ<#nP34W)N|eFzL?A|Kv$wY5?8)*G})J)6)B-`1t+nss1LteNxc7f5+FG
zlcEP^SjB&4+YPU<w<`v3%nt_8d(VOOdudY^6FZq)uxlrOkI$~B)3WR2%&>u>`kO)d
zx4fPv1;jcd20IvvShF(A+&kIMuBX$o>!kSjolMt3`-mOAiy?OM*=cuD;(0rU<z5#C
zRmi4GGGNEvi!H}aynGEDBG5eV3IDKilm5SREyA^*$7iO~X_;wqW`L#x#E}8UQJQBF
zF`ncN18ll~!2-MYvz?hvr)8!|@$viFG2%v$TX`H+J^l1fnrc#PxZVx)(&$czjjpuV
z2MW3hL*F^(ac<f1+1+$nc9)zvC=x7eW>DEIx9q%T03T$4A2fAw?k#I)chhOvT~d7f
zmUWEi*s|ktzNDB<u>Mt=Ou5NiTbN7)YYt9KtX7qOSZ^^gv}hY?q}zL8kmnsf8yIc0
z!9WstJPt_Cbl|=4S$DVEY}ulH=zH;8ULO)5^2MxLVCMq00E#AnoRto(lOiW5&a^x&
zIWv@Wl#Pg4lE%_^nFGC9%pu60g@y;ptvGg`Hl3EICB?@pj$=fJ;*87Q(ogTU_0HKe
z#7^OVj=l@3|L9j2lAT^yk8XmIp}!%27+Bcrw)=iD5J9!r^j$hdTNNWzN(CR1pQ$!a
z6fOKa#{!(k%=mn4IxQbd&TPDSmT-C2#H9#W8Ra<xP8vhF;no&AADd3g$CBdXwPi%U
z^?IDxjqCAAO`!?j^&W*BtlXpuM#}9DHFnE?9`QpiY->FJ=Y0kVEuv=saAdXvj%htQ
z&PQSWj(1;F%|i*bIzPKhikzTS)3Uqd%({}QU{L<bVtL76T;4JmTr<q^<W?#>yPHnS
z?vmo;m1-P&`xvns*W;5)MJ6YEo?Cvu+Nr7|#ix$Qw_`ds5aPOnKW`n=eiZj5lD0R0
z79xCq8bwcgpfA?aHqZyOCzbEulc-G>D&e~poBOuwOb;K!y3?D2hnDxabXXnb0FEh1
zCxuSXziEkGa%S-SpputCDK9#HtdO1`1J}<a8Jzl;*@@k3T4I+JAFY4h5s&NN7_l3N
zn6GmWDR_8^QLPbyDn!wm^*u;VXjw&n>|}Co*G?vd{5v_Dme3_<hD;c6)G{EcWpNT!
zjAyxEkP0*D2KP?36S~>7gf1yQekYHkPah+8;}E+R4O9WS@(HBu4PIAfW(eG%1{!22
z{OpF)>IS6Y2>`TNta#m-(nBbICyp0#1rR{noBl@QNNv8(%Rlf7xw-x_>sE_@ok64O
zyN?fgO3v+6r|}u)Y+8nyoEa`TK)T6*b(6*Nj>8Ih$zgEI0an2(Pu*RqGCRYZP0KKo
z;^Wn6TqXP%u^ZRplS<^_J=aC<ovOyejoBG^sPu0Rpc3##FjZ$Unh@J}OoEvd@@(Hv
z4pHDSgIaF}#ojEgp^Z5&LIy;CW`-cjz5nbCaW*YOOp1@+f4&ik{Wn7F#`XB*{&P`=
zOGCYSWMDH(>7jpT3+bHiQ7=3~l-B}b>S|Mc5f**L=Q$nI-Z>WK+??Zc#@V!-F*&ob
zpA0e=EH2AJIxVqaK+9@~58Qj(&KYO!oblIx|8V{5fE~ZO6V-S4!e%djK5Om?V$V~<
z{(5!&h1k^YmGns~VsDSj7t`yM_HMVnfER#y3u2>_&D!;O|Fqi4eU4+zFgJ|1%pvHB
z>JCX{jH5ynwGoS_ff2;@)NdX0-&h>{)*4iEs38!`Z#k&djBmH{@7=4}H;C1Cci4>C
zV3w`b>YKG0%yMkZNQ+f}hZk@>L-0C*oFuPiZ{U)zYI63u7xZWsd#?$40~pq2sq{}~
z5q<Dj4Y6MEEp%XG<^}^V@zv~quXboP_@a|$<!-g=bYlV>!+L~1y`wNyVq*{VYW9Aq
zg4Y%A#C|yY*yjzf8~*u#=~e7-(5=iL^qkn_p1Mzs0RoUhCm5-JX+QvS<}^#2v`7Lr
zkEErF3n7ivJg-?5MLaFSs^F>TK4k*|GB*%lw2`8Qbr>m91ixFtHjM)Sc;?c!NvBf@
z`$P>flnwQ-aCR*fujHLw-KQ0uFh1UIWf*b?HGuFN-3wmYjJxG(u~H<amEt06cEH)9
zZHtf}dzw88@%>_d=;J1hiP0kU_aJ0pJd^ecTEl5ab=h%MRu6R>d!J5VvS2QK+~sa7
zq@nn=Cy2S&UoV>EPTQj8>{hJUM%24y4P6#G^~%A2DF;e4Y28$~M8)m-Y|VAQE<g)W
z`aT9lK?<Fq@6%8e<jf*Wf;>zisa0aHEBIFwur$h=GOU|_Jc``qhMA3`$lNH3(fUpe
z>(F;n#HH`!&=a1yPSST8fPvAI{e5iCBfXuEoaS&kE(X9GZx`_Xv7Z8H1|0T;Z6KfJ
z|38gGm&2apV(%2zLz+pdrz5mBx`UCymegjkrhy&YVziVggvMBu#hhVe{-Syz*+^H#
z(){d`7<WZ~yV&fu@V<>ngif`T9iiSgStmwHoM1$zAxg-Zo4m@ZnujbBH8iShO2&gZ
zG&HZPItck(c+z>9jVQ_7h?3Dpge;q19a8uAMudcEsCI}~`r@mu{&HiG(S&Q)U~c0=
ziv9Zs!j`zI@()(7bIlld1wFoy8@yd^<^Suf13Zs^ollTTRtwFkh}0dBsF>N`j8R&`
zzR;};paNpG>(mUOoNH;*&~=bXRkfRHcmJR<TI#De(J<)_hz7Q<S{4G+RjCCIrOac!
zL*K$sTLHO&a!ZhM03Q?L7ry{a0xGqB#8)$neGE$eteX=UzOUO|-L8~@(+z0kbxb$S
zRLhiqx01dl560+O-`h%)`#_l~RI7Ha^obsJi>27`vPEV{_^7m9`d$Vd37633kTNP`
zus5X833g=~_J*7}t9a4O=P9d0Ua&Y#LME>!6{|%qVqPU8OWhoHnT@^4+}NAZc7^N!
z02|{PqO$12qLElY_g2G>P8gkk<apPP@jP~ahZH024kdxzHE{>`mzRTQ`4@h_{>#DB
z*lvx27D!vO1%`Q0MZ&sJOL)J;SO5k%_Ghsxzh|F!8?*!(s=D3?d3^zYVufLpSF_)s
z=RDLD827~Y5Urlr8W~8%<O?xFngQh7S?unY+DqEAeJf>=_us&)nL*W>&e|AAwLda{
zyA%AOU4ZAd7R$Ob0az0Rxv;6uRg6d3NGO$8*D@$x!{b4EN<vq)_4N@7e*uqp$2Yec
z#VgmOmZ#sulkO#{A5NEK)DJM}uwc0l8JJh;x=BmAHED0X0pLw`m00pkyOQQ!9kY-V
zm+mM=t%jR#y{8~eyTqp9Y7GZpO(UOw4l?O{LwaX4{)_U?#)GZ0X<#dI<~p7S$-F38
zn1<4d#(B&No;8d&^ExbmqRGQ3li6Ua%ni00ZAGbJQOQ2?jwaa{D|+n^_1H#IjI@oe
z)*ALYmDLmI=<JqqTi>lV*z|t6S~7%0X{}QQO9}}BJ9%Y?djYiTq@{7JhZ{wImV-3%
zwzO0DN}CH5?lUl{QtE?=_sp9L?HG(EpLJ_dfd<-US3ff5fYf7cpVmUTM-U_CTdDHb
zPfLC;<?!$K`duvmuGSqIJ@G?6J6^w@`cJkv3%tV~Bc|bF#L&<btvmir4Dg$SiA#uf
z%j^2!fND&GVhVvs*`3s>`(1T^HxxYVji7u{Aw4`yHvj<cUjESDuX(jK*4y^R7eEn2
z8LzV`NJxnjjMp@z8aZ<j6+u%ca~4F20DO;N#hhoX3V0Ybd0th48-AVJNVVLJR2yr&
z$YBlY<hbFYS7T1cZ-{r9eeO@e<7SK;$Zf{F%f6W1!1jN)D?1GO9Jg(M<S_b}R-PZ+
zeWU`=k2ZU8`R((|eLjcd#*2Pj>69H#a4q)7$1d^EY?LeIQN;TC8&}>7N_2w@ws#k6
zwPoT<>2NIIzRC^JxU|jYmMD!9XgOE0^LF_+y#}4HQ|Q&@uG>LeT--@7P2K?4@~>jE
z?7*`V&^l~bfdW2(4OOduJNA4Xx_IDftCj*K1_1ejVH8X?3jq@)Z}=)?A=f)Jd)xy^
zUC9TlFXV-|l@FoQiPFzp2oB^M4?xy;%X|9{X1s3I&)rt6yMf`)n0vK;!cdXlCyi+*
zMf{d3pN2#vXO2Y@)>+iBq>eHchk3)wh=)w1MUja-N{Y;lsm*OlBx3GHB969HK7=1(
zseEEqiPCX9aqSqyW2O9{L=|6`R;t>xYl<%6jbkVsWhb=3^;~bKk7|O|o%H~-g>(Zj
zHnpEkUoFcO-_)1UMg$grPph5sRR-FIXR}}6$b&`eu?_n<$7OB(`lHUOzX!|@qM~fr
z!jRzK!Xo5V4Obw402a_%TG4ukk12giSfN4yyqdjNKR$BhEZ*~_`k03CD>F4LbZ^d!
zej55U!!zi&A-FYE55rJX56?l^F=`_??AUk+Xg&=BO3qw2O`gSndBF-%Ll<cw?O0uN
zmZu^QgRl%a58QUlhJfa72<T`#<^W2%?3hpNBs(?^4eFg++c8buLRc_r5c#^+u<!Zc
z%;-+I2(~fNwEOjT0e^w(g#3-)G=bMZqzcKkct@3vSnp*$^P^fcH8tLFq(L)Y5?VYf
zD0as;_swnr9+i-PPo-L?s+$>>`>hwNc5B<cOMH}Lxk5SetpEpatAA2GXfRE=+H4g=
zIhc;U$APHZYC++F$d}`=1>*^u@@a%k<jfV1;;^Y3R)+vtjKhqT!8~D2C9h=CPVl*K
zH>}8QIBxES<Bqlkj#fr4TR@5Zv6p$d1QzU$<{l%5@mK?Y-=a^l1`ZA<9cZT>X7=Kb
z%a;%yt@~c{8xvL4fgX~0>g|bN<v|K-m|KN{G>TA#yUnfaq3v2N&@QD)BL=cJY0|0K
zN`K%Fa$s{+v93VsMuL$Qsjm-W7_IHPoxaV9<sG^!I9-4In@>s)MD^u>s1W)C;DzXp
zp?p?b0VI@v6U&Eovs&Vk6iKv!4}ggVP*ht1%n*tu5ucB@v3n#RQcD0U*{^fG>cF9+
zEY11tsz{L&EX_1<G&wU*gL%M3#*!$mSe)=uIvh<cuTXK7B!Y)Q<*_t2I6D71;AnDK
zkENl+&a^b+kkZ~oyFxoO511k8*H&ZIoM&qGY>d8t&KM8I_$y8OgRnj%*wzuwuxt!v
zKH#&ce$VeYox|!tHon_89V!IU_o6%&K(Yf-u=nH}H1BA*Cz&QA{o6x3rot`4J-)g2
z^n()SgL;<^^D!Q_oKJ%-lQUO&l{7&RLZj9>i<>NCMVQ7c4~nFWt2zz1yS5^?Vaxf?
zfi07N!``^KRIXg>QN0Ro491=?9OGcjv>0hF$gWyVpUGX`T1k)3@87G$2Ud65=`C~-
z0FZAbiY{j54v14R=`_4El?Kw51b{Is?C7(V&N;gD7kz?UrBCWrUlVco{#4pUlkmvj
zF8ISyPS&?)d?!c8gbNCXaIIZ#fl+crQd04M^`Oni7Ha33+9i`Fvl55pDVw&sLtKG1
z#eeOjeyZ!xDa#!Cz{pqEiM>}Xmw+W<_?52ig<ih?E0EeQ081u*Yz;URv0~hm_zE@2
zK5ys@J_DGm6Vi|-%3PtrRgM-oXGpj!4J9u2I3<jMHYlsDUkax56nIN|cd80!Ig|T;
zPj%<L=Ud=zxrJp7RV^CWKv~x@FmY1o1p7J-CQi<rCUu7Vkind%ES?uJE7L4uMbkw2
zyr_!M!*`n7F!B87z{JU6z4n!6lRL0Agn=E08>e3b((QRc<D~qz0Xaq4+Cw-2z>E51
z4f+jwV_Vi!)m)wOPTo2e_ovm&Z4cvr{bY*25JlZRNi_$`3)`w8SX`qHG^`uUkXqO`
zT|vU+u(}`)30)zgi?v`_gZd1!0PQ|14vyB7<#Z{)fGIrdUyXq=p|R|%TkIvOLbmIb
zvWm0Y7R)G&j27iqt`RHgEQ#LMKPiLr?fS-~-t?yibp2Xxh7QalmeL)X@S%Ty-T|(l
z?Uui66)-|Yvj)?AJgTn&_=n;A3#i9IP}{wb&-3(J?Vls3iQaz-M>lM{eu7KeDtEIN
z*S}tNFIB1-ops!s^7l|}%mH(OAA7u8;Ws4j%5u}L6r@7>sWz$ue1tu`25xXQ_QAJd
z3YQUnXU5hiMDNa1mi=ttJ}Gg3f?1yi+$U$Q=20brC}kq56BdggV`UR2Ow@(Ebc;Bj
z*B*3*4cyOv4sf3w)@#-&LDgc5qv|5~%4^`qVfRU~(+h(f508rOc$C=-X-Qs!>H99$
zTb<xKw!z*yr%@I9rB(i8&#4eshjS|Q)B%9E505o1bR#sSO0aD=x;-F&fHxOCcuVRy
z{0U6mfMYoDacgl{<6QR#ioBw)s@ATDJYH(3*7FPBBFoY*7iisAyRE)^*hKf5=FEa%
zQRabqp^j_ycmRGr4S-M1T%|$Gt5{kEQ8v=;gF3-E4_F+Dd6kxln9pmseXs%e`Og91
zlf!!L10{IAeHe$ar^TFq<OQS{fJu)PxXW|&>f>Ku9$_b#y^yoKH2HSC5w%Mwk^?_s
z+rNfNp{aZCW$)kwg^*frVYLYxLxS@g(~wQ8alO-7Kt<1Qaho^lar#0=&{X{~o2=jF
z;=I5lKb8z$>37rnHGdu64O}Mu#`JlFP;OaGMfmL9nxd-N3#=o5KvGc1K$?yH^408v
zS=!z`_t8K!RI@rHezWtsR>gwy6NjjW^qCDh-)sPrXhF}EuvXMp<GiMhhq~v}pzh?%
zp{UC^fDQ&t60<m~D#r67U`dsSRoH}q2;FTAavSQN{~V}0Ijq-SQG!&<P{LS^1HIE?
zWH^w1P^m}IjSldC&Aa>Aw+~<YzNY$wUC3h__)Sa`VZx-4Z{$w&=;;$1s&-<l5L6J;
z>h=NLnu<gzn-P%42o^3^+p61A@8Ik(U+^A^2@MQijiOrV+#P@N{vtbYB*Cir;-c^F
z_b4`BrEj&kFt~dCm#Yu&Db1$dki!odj{?u9p}@(Rvn+{!%XFTwBm=(SvMN~~1`$ib
zDk|z+<e^8e3mXMq{2UZGIqZAI&Us9)uDq+ctneCtEiFFWfeD=^2XX5(DW<7QN!2C=
z`va}-wE#D9cz&x_tZq7K*m#d*+m5R{IqT3O<?wY$2S+dD<<XT0c+dsL2{ei7ljU%z
z;$MU;?aP{f3K+PT$ba>9WXdyHRXf#s6XN{P?ZQFCN<Ne8=p}{xDq2i~Ka(?8MVXhW
zyd{M4VgQ92H7n!!oYkV>am16jsNE6b!iGN=KL`Fy4(m}-4=wCzDmo7SOo|OE>Ol#S
zBU~x=9zL`~?v+;2ZDW*k`?%7XIbKyj3a$zDA*_0TByxxa?c7kh5_(KCwGI?vW)<D6
zgJ!m{r8|qq+rAcn(v>S%>zy!6;g3r|Hke})us>LgkH1%OzPf%by=Z{k+-v^v?dr9r
znbpI*nmvC<YJ96D$Mt@S$$C8pFXNT@o(|u$p8u|0_ko7p{+qy}*rC!y0TW4+GKP$n
z6gt6wq)bC1lQV}!9?nDQ$Om-*-h7rbE{Zv8nwX1{C-a!QqmzY=L@s^~5}6#<V^TcS
zxTl$vaY$rR%zNt7h+pZ>nlkI1s<U77u6tZ<>b|V|+2L!`loN)6Ug<!SSYzn}+>nvX
zr0)y>@xS(VDd&DplYTL95!Ip|sE812vs-F^su0!mKybMW>;?j6+zXV)W>w0oxxe2n
z`v(L=vd5RG>&C2yHZ$5ga6l{*$~}gvmlQfdxu-#k$(idW;`2fXHjhf_F9b!-@-)hr
zRP}&YP11z9yIiWUp~c0|ffkd)dX$@FtTp+xej^f!Jq}b%i|Kgc#Z0UCmtQZh<ZrHj
zj<Kh`alKC5`bX=44z*0Rty=B2rF0tV;RIIsHA3IX2T-al2mIZm*`|=k{^C^`l`%hf
z7gwb3D%aTS=L_-b_SIn+?`5A3Fg-&DA|6G4u>!=(Z%YK=V75e6P7Rj=+j!{u0|=#p
z&4I=vx;g1;A(X9T>J>2)Wi`E3OcL6EezaC+W+CN_rT5*PHcIZd!~rPT&F<v`w(Esu
zqmWBrtAmb<KH5mtJdxiRnFb{#POwGOz{ljwX^|H}P{b^mXVTFS(VXQCbXXTn6;(+-
zFXrx6l7$UEE`AR9m>kw)i%6zpeLhnrXdK#@6!ZEPG^TfqZ-GgF!pKlF{ciUy3YJbc
zAS7;eRnYzn=sXC(mjMK!JGQj$)$Fr#mG?qgm0Fbq@Y$o_-xXT<UYB@M1R;OOpH%!p
zlR<(pV30Q5Ux&JBn6^rmZF@C)BmccIZS0XdL%@6;yqtOkOmWIZ8m=ii6Jou&zF*V+
ztS{h8Qe&{cty*QJur*q@Kjury@Qfi`CWTJ0J=2iO<ji><=2;zcmX~GD;xwK!Udx-#
zJZh34O5%Dx_gr#p<Z|(IkjsDMupdNyOO-v4LcPy$-O8&jQSCrVd+d(`wCsUekfK9$
z@ydqMs%Iave0})8#>eXVAfZKerC+>G^mUpHRh_VewW3x9DULhd^;9xCV}iXIOzN~>
z(n76ufWhtkRV^5+oHhcfc$ONug#}k=kfcMS2SIpX_iPHAaupMp$k~62t9j(zP+|FM
z_E!B<5x5^L0=XHXKB`rKZw<`@(#GWjly7wwN*Z7AR=)?)_m9I#HILe(z&8wWUin#h
z`9kRME64ZQ!WTDmBvyD}Q5$~DcH0xjcDh`&Cw%N{_07}TjRG{F`EZw*rRdp*st|h9
zAo=94@Q~FV*kCRCd9#0lFABLxt;c%DH#HWC7*Mx56x!{%`}0CM&5!Z~K$fD-b_m|<
z2c&HE7!))qbb_s(hJq$%o{Kz*qI@p>#1cAqRMKG&o0=t678OC2C!%s!nG`k(y7)OL
zXmVJmt)_%dv(@A9&+ZrSd9`S(r&BO;<T&q}{q1QY*r4O6y`-0vR0JA-WScDwUupJ(
zauwg--|rM=-Tc}BY5u{M`rE+Gx8(pq*3}>iE3DoHf(b7ys#C@C3q`*2nUKE#N@H+y
z4{#z)@kw&Ikvqz1LB|7*i)nyka%SELXe$u0BB`YX<yFBT*vF!%4)QVzMN_!Td<z?J
zT>KosF*&T$f>J{7@h(IWqH#z$kL`5Og8R%RDO%l$dY3&_1Q$5TR4CBT`qukm?UGn?
z5#ArxSVH;NN1#FK|6mFx`Vj>D4}|2*7?#2=`*I4@y*(2Ng(H@MJo@;Tj8y~~f83C~
z-zo+qtY%y9Ob9`nL_Cse>O4@vgr3QFgJ{Lx=Hscd|3L2>&A^K@)n=A@1vMd9)P{do
z57VE2@T<M2hb9vG^_YGVnx;i)yWN+1$Qh*Bh2sQYx-KqMvc!hcW?7zC?Gg))I%z7a
z)(qYDw0x9-97B0d3Y}mery;J%f0>)Sj++MPmN>6iTvaJ6v#?}U9#mzXhDjWHLXkG&
zy7)PWYjRkpfjnF2+9Bkzj%SmXlM+&U5S6*Q-SD-vF|cQ)o;^2Bs${v6|HhR6Ufr^`
zZ^kXrecBWak*4k@EG7w2A563vwYPmr>sW6B_lk*))iY*g;2PL_OoTN7f45S%9nvLh
zzER0jLvD$%1b{q1rUyS#LO2mry8rCZ%FfsZusg@hgMJ=Ey{jrmtn%>XljhF^*3Qkd
z!Y>H<UT6xK{kAN}YRxYCbn)I_FAi(a`oB<yXAE?j6gt81OoL97GlxkUHF1$M0q$8G
z3eF0Vl`KhuEYAZzPkHDze>^sHy7)QJX>wSn;h}`S2*ngnn4WPkX<CdlJ(R@2>Gq7u
zZ6IM4notE=DA`vt-fSTSX!$*OaUskMNuiF71GLwKSH-8b@-xh^7n<IiZ=M(8gH_Qh
zv-}d1PF<`zqo%rJBa9-g=R)-Nq23E(3^(?Bxv?43Ww=&<xuH8if6p(2Jpiy>UHe}<
zL%k$``mv<5nbdo5D)V@}bTJJtP0pOp<EBayXrl~u5P2N3BB%nE1(CdDHAPX(oywfe
zExa`R@Dr4o9`?iP_LgG%cPvKtjX0{!w3t(yJ&%5Jh>9M^1~MH%RhWmu5Q{FwG(4t?
zF9R7&k81S^-`kOie~^%@v$)J2FtCKQi1IzDo65azfu>-IP(x|lilgziSHtk?a0lbC
z19~O^FIX3(9^i=8W)Ry3(vaJ`ts;Yi@=&lR>S8dkaQD}QO8382*OI{*k>;cVW^HgA
zx*Y&1wsyE%UfC9giAvfpA#Wk_e}|>s3$Zo*Q2<jubWO24e^CydOLTN+V55TpHQxP&
zCL6gh*F3xf)hgPKAu0raAhjiM`O2%7P;H`?P{gi_X6=h%XD+|@{7Lsjfv*GHquB!(
zN)-$=UzMp$Ib>4VFL)WkSLUHGVcXkV)uI8$tp*A&T~n)JyDG6f6s;V$x%4h|*j!r3
zYjaU_yv?O&e~#yQD59WdQPN18%j1IO$vk6q6l7sl715lhZkrp}Hut9h;OSxAHkVwC
z+vbi!ygS6e%xWBo)tJB((`#_G&l1yk`qL~is1Q06P*V=qj<wQTBsJ>&l};>_k%7=g
z*P__~ogpkWv8dUP`^CR@YhH<e`zO;P<)5798&{{pf8JoPw*vh|@dG*w01|!QGRxN|
zzxmlEw4IZlmo$E>&3Bv-OeMbLnS9I8VQ;2h&wfq+7WzJI?T1ua-*+vy-ppQS2bF|8
z@+1ck$tR1~S0y*}`f=c`>ca_$+IDM)*QEtm)jcK-!FGEnyzT1nR%j~w`x9+=roIK>
zVExo%f1AaCX=Loi@NxBDhBS`@BcWlIf*g`MY#4hrBWxnArpHlrw8RMpaT0u=p1CN~
zxU7;nE7LiU2Sf=gn~bwCui|{3)=e3E3}R>-#GeA+r-yYLL~=21gE$JW?+`<SXtiju
zTOgcl5KqC_A2T_|R|5lrUFa6t<f+~wJpxR@f4OV}MHoS9A>Vq4ys4k*{ltZu8#zO_
zm^0AMsQUaqxA2}XX}1Ajsttg0byb*pe+J{o*<2-v!gy4TT6%D^T+98cMrFe&{{ds2
z>KRq5YX7|{491rO#mS+uw#+N<_A3SsjsW~JUK|*C(#Bs57M_6F(O-(wI~!eYfTB~3
ze-SlvQ`J$N&2yG#5LXvX#W-(LmSjB6nk-G@*qM0D=8<iTeoDCkJ*?Xpk)ZkaHy>Yr
z{q6D?$p6|U=e9=9A_G??A}xBp?}a^jHS9rqU79T1<^kzuu6OX(v7$FR!w5lVoYku5
zfwh_0hHv@3WgEZ(D%JWpR4KlIwJ094e_rUfO?4;G2LZ85jY`lXd@)hK7w`ZtU(M{-
z1ou*S6Pkt`BWcfXXKKN~RjkW44_itdT%)1)y1WQNwC`5)Az+x@aA2x_5Q>Gk-c^ta
zTtHZIrP$^=-9;Um7^{zU;PS|+R=eA~!yXLEX4dM}f)Rup?S;JK3Uo~SoC3|le@1_Q
zPV+Rn0s%#*m?vuHrbtB)W`Y$-7DDwjXJr&7tZDLsi=s)(*x5lno5!|!`Y9C%^ssL8
zL>3Zw%+sg>1c#X4Jkhlar+Y%0Z}GTo@>wHl0sjN7(ZxVL)I+S$z1hNzSodGoZR={&
zqpthEHtdKE8&SzX3!PxYCRH-fe>2BHGLOn8XIX^Uu3*l1Q#34TvZfMc5+|v%&u}(R
zY#a7dDjDcu-8PJ@D)88_QAG^2*a_`89l{5ihvZ^=nMJkrL5nH?F~RQTrPyHfqz{bT
z_PIpr9_M@L*>5HUGP?p3xdD@M^>Vfq{N7+AD$Tn98Gs70><3BE7xKSPf8}cR9ha$E
z!u22NULH%5-naS(D|tCQ?9hHnVE~lg4(+K-n@$1<KtHxqjYosrQFMwLQ!@vJsIsca
zSe2v^aKhFs51Tnl;yM*o5Q;4ExFV^o#y<t*P7nJ@Y~gxKYcfsstvHDuD5NGW>QQD&
z?DM95kh}3iyZr7_XG&amf7kuIE9DNJJwUyo8c_Npl}>u~Pc&2;V%&6L;<reUz20Cq
z5x_ATN_}{TixoePN}|`)_m(v3d%%D)>*-Z&ezSw_a04T_W^TcR76y6Lvx;TCUbWyN
z+^L?p*feTkkPy7OQ;jVRIi(g`s;wcnmik$}rk4jzDOJ;ey?56me=eJLBOW1{x7jUp
zy6&qcSG>_{8b*^&g`G!R>n~?-WCX+Gj96E`Pm2X1Gz<gjh4&dXJ(8IcbjAMSUq0Ij
zgxml_!*rs~V(yj;?2uq(Pc<XB=HrFD=W7M5P(U}{trTnfkcU-#lqTfeZmo_Ehs)>?
zE^3WEL%N@yA_K-Ve;pn65Od1w!!|q=po8A2B>kPkwD?W(B-A`Tb6BNyl%$*mSq?-v
zNy&H|R!o}XJgcj`D%|vU**vpN@=rm{)5CgAG9`F|Ngf5Br^WV6@*%{7u+P+3e-&cg
zE7g%(<5jQiv(FkYpr{x6E0D#$fP4LK@=`_ZzPFB*y#M(5f448+E<b(yS8GyD&#iQ^
zx2R~4jM{$QtbX(n=fOB>c!TaFtZd8SK;51((+zolw3_gOh+u<n_Q;=1EWAgBELSz$
z>aG^8qP&IfobaO1frYdjkR(|XQnrAsJ|L57qw(P=I>i)FGbc$_MwLid$>EX}7Aec?
zBxF3S<2Wm;e;^BTw<*YNQ}9#p;q<UxQ$PuxU<yVd#s3d`Z`<QGvaAXI749tN+6I(1
z-(T*9vFo<mZsXY9H7>Usd(YgxNRr7a9jio*DA}&Y!T$Ei$QLrHQe;wO+q+oImv&c`
zf=N;lk&zKkJYf+V*V1tN$Jxilaq9)p$!cvkiJ(5Hf0~h`z|<9P9?e{<K}afh!GEJh
zxz)(94jq;tZUKjoL#wlzL89Z7PK}#WfezHk#RI?(rb!P8C=+u1;1j0<w?#rnaqnon
zQ9s|ik4yXeg7evDjXdaa<N^#e(0rM7eKqn)y-i8`V~zn44o)n1mgHvTeFm>B?m)kP
zewE)|f4|0j3ifg>@x^THw-8<8RIrtsIOqFR)sQ&$VGKxKlcKJD5~NiU`5~+Q+yNIY
zOsDc)u;2J)olXT4{7rLHy_7^th+~<B1Gl_|tGDmRReRL6V3!cR{}7SGyb3`M-_vY;
z`1$&y$CnVDa@`2})9=lQpKyL{gU5l0o${#se=9#EtTzY3%~5xuNM1e3p}nPo#ZY4b
zz|jaWKz~c(Zu|REL!0gx)p5Tm*=K@BcVckGyjHw@o#xAa2WL<3#SZ3vylii_av+j+
z!bb7C|Nl4pb-fz6A!JJ~T#vud_hY`%^;UKGZA4aHJPGiA0`<-t=%L|v$@)W~ayWel
zf4TnR<aENC^~3SbI`}>klK9rmXlTG41J2NOcPGE>hJPP|vq$0TQBSu%hfXLTXx3;j
zfeiL~yLqj*i4Sld#$4nKOufa}-A-~5rXF9pDx)xqX+~I-)+A0Fh`e|p7W1>2U*&bp
za%Odsfr+UPz7M7zy{yYgqJq<$Br0xqf0DSE6H$+fa*gl3p-%azfM7Hg<gES=`I^&f
z$SFk9C`72CfR5V#oiSU@->0nSyxVoZ_>-)Y3~}_6aa#xGh10~Eg_2nf(bJ<)_z6|?
z+2|R>O8x{UDqNoP(m-Y-oAlV-?qDD{Pf@4fVTMu3;GhI-cHPO_fRLAM*JxG;e|={*
zmx7yy)1?H<AmixDG)dFCj%pGGF(WZ8Vp2p|P69uy;;_!cGO{1$0uwSGd>_a-dReDS
z!34+INyMSd!;Yh3daGJ_r)l?<_lZA=0~&x{_ibZMyDOrZo=#>|_8z8voaRJz4DxBc
zKR{hey=wjI;b8`|R390>;5UL=f4m<yghYMLFR9NKuRE31uZ>B*$C5iDPn^ci-!kN)
zA?6vHZALI~@9x-%xkWO4T+6JvN&u-QKzK>o-LdVL^}gN8uIl03`RnzYXD_bbti0b}
zeOUDlb7cYxM6y`n$S}7ugE!q`9&Wd?40w&M9L8x?=TS(S1css0#wSIUf5oJtMM)Ve
z^E|b32xNf?ybit(@EX0W)2(2FlibQY1h#9<6K8_>5R@tYVNv8kO=s{V{WxBk6%v&l
zv!FF{K#0*}cOo*nw5}!1(}SBD(mN|%RO3!YXG!|pj1g<d!L#C2F&ZM-H~bRPA0og)
zzbNmaOJ0O{JGxb+K%J2xf8-V8Va7>WPmv}QcvIrYqdRcSRX?^mnRZ_Mp`%twDf^n3
zL&4rNo*lx?!tG9$L8sA`BkJdV&KO}dqa@B~Ny@rnqzHYQQixIV!0t{==ydRXpwsAO
zo$dq^oa9dCL8x78PID(HH~mHKL{8i08>p~9f$KR6@(;eBf>q1oe+H29+{uyFqR-*&
z6}XAL;O-FvOAtrn_*PD%mB;)(Bqs62Fec%_hhD&k6#i}txoH(U$gU0uNQ}tgVYyiV
z|5SDZn?%KRu&?^}b@<`g<uhYeKL?YHzbUufFT*6GEAuG9PXLq5@+u~A9P-nN&l(am
zeqB*N4CBV06%I^He{%4BFv;j;opz7%qEE5=dDvuB?B{O)7w$gr&6K$fAAOV3l+T)0
zXV}(BLcz3$p>i@D_D_ev8wMe)4KaQ6E+1a-u~_D9Z`A7!`ti+!#z|ZtYuA#Au}>z;
zdw*)W4w<(&wC$!F2EOPHU1+rus1^YxIbFg0)SlhQA{k^~e|0YDpbF1WPnxjg0Bjyz
z4Tv(;(nKvy4lOzPm05j<zFb3HylTC#j_ZSX4i$;<ZxbTJ?$#`d57TcI?gy5(D$DA0
zOX$CNtwBKV^iX>Q@Jb*Ef;fs4<7eA9$*K3EGI3_HZWvUdr&=H$b`D}1_Y`gqy9_an
zt{mh+7_lZMf0Rd3Bu-dF@~mMbYvLqs(xfgjJFX`%5!1o<K}@5Ub$VD#aCBTj9PB*c
zwEY!~=vplP6}t!oR_IA<h^YGV%qceToUMqwZGTibn?k{2EBn`da*>BOBYRZ1PXh19
z9qv&M&X%S4uT<Xd;7QKlY#xlS8uG$|8v&B%0NqiEf36QqT|wiAM72+#c@)M#c~-?;
zVnPD%+FHUp*PTLz4rzOVVTEyfk|k~=$Nyijy{x~Wz65)XmNVLX&~~s4w2iKuBtf3V
zaYWKQ2}#_PH7SZJB^8VOC@HdvX7=8Tzyxgv-v_jfUe@VJPzdz|Pcjd+jf=S}Qx-b%
zDgMLEe?Uk)o*w-4nV)vH{QRMY#?-Yjw9bkFLT~BgdGqZfL{-QKmjI_LaU=H+Pk++%
zR703K22b5-1w(M5C0>|(Z?I5VUMtjjCmFnlOEV*W;(?9`1P$c4iqchpgc<h?+H8xO
zy3KnT02p1FW)X|R8k$0ZTc}8VQYNe-VH1ZGe;|QP<VeAo0N~*J0D#fUI?Wq}<4!Q|
zc?e)!%x&H%%yx=-OL|dR7~aU_q|N@s32h}pbzLu2WEHK%2tt-s{RZ+9@NvWiV7L8;
zv6~KQ&oe9X>z|w)f&GHXU|&wTR|dY@Lo=0_hj$Cxa5q$cL?4#m&mOVRD)ww>2N9PM
ze`Bjo9`0mu(WN<NX!Tw|^$2cVaMXR(-6#Smd<QU{q3A50RQ#bo=BfC@VD43|U~mmd
zm#yQX0Vf~^{q~Om)N^0fwKy(eKIvi@GHzIIhqMfajIPXl?s0&<KT4{c#AU<djXX^V
ztAXsNsnRTURIW`Ja`1g%$mnIA4ha*Sf8vnl;gIdGVCu;QyNKe!IvtJqFcWjqVTHI7
z^j^PrY6rp<*FEd{kEY8U%0H{V+N>$VcyQH^?9|hc9zf*;hz=+p!GS1hM<^o6(8wJ9
zH@*?&x8>VbEgt5>X}YjeF`ati{tgBYZz!Gzxg33r+l1SfEJGioE0=j3C25k9e;|$+
zi36JRvr8C~G^nGPJCrO5?9@Dgi9Qa#5BeCrtkajE?9LN>$vo&WF6M9_I8pXEX|ZlD
z@F6DZ4)G`GS7z}iKfvl0B&`y?sAu7VvUo-vIrsAkc99^BqB!gmq=!AfQIU)}sj=au
zChW~w9Kd{JZLkbki>~Y^SzU)Pe*ioSQxa2}^3zS>lc33iI%JU_hxXG=Xd-LF?}MyG
zFMBmiAV6*TrA7W-TYWCuZ|6M#DrNToxER)JfJ&$~b5RM9;X_|XP<M{BZ);WOmN<}L
zLOu>oMM$0ky^Hs4XEJB5bdREp&-r2M2(xZ(+g9=~%M74&17{XjM9U>nfAeR6|Ff1M
z(!;96fRr7G>RT9rC>Zad_;M$GlV-k`!!gbvj?cch;r4W5L(f1`mFEV?SRW8H?}x8N
zq*J~yiQ4~%NYR?NY#wXm^dWc#-Qzj%=F6KOZU=g<I|IWzy6EcM7v4`-d+?x=HTH|@
za2P+9$}KH;p!2@bVsOYge+!jxyT))CLKs~+%F2|LenXNZs!5#Z4asRvNmUkQQ)ChU
zg*~qunh4?W`yhnT%T9HTsQl2`hq%XiC}CU-b&pe6qh*I7m1I@xo2?qz2q}uY<DIAS
zHjUQbErWl!@yXp^kjgVTY<s=;{?V3RqdS@qZ;9O$9Ful?AkNusf5gdT!zdgj^w%NB
zg>~j#%bGBxIApS<RXJAidGX1u@Cdq1Vsx(u+I{AJ<(HFzJOi!2ARQ5aK)D(m29=YR
zd6_XNSSE?UO>9NbH&FBFF(ji)_iP*WzTFuqo>5muUsCoy!i0m-fS~s4R(x~Y+B0sy
zZ&u(=e0?W!Q!@EOf4{VA7^C(@Fd=<|ZxI^HhCWoxBhA4Vqe2s$(lUH8x^mL6B+P?`
zG=5Xa=^`}ELz0)Y3G%Yeqrgt=9Gdvz@cZD4(aTPCN~pZkDb2$eqhgBj9`{XC2%KyF
z%D6)~NU)qP&WPe`Y51!FrBd;bMY8O5vdL1oF}is`qb{A<f5UJ9@mVMcTJpVvjXy41
zzTWShw#n<OU%Mv;TTNH-NU*PbN#92A#9&|3yJ}~p9gWDTD38j6pckUb%w5v<cvr$i
zvBo<9Jv0>D<N~m+v8=4lfgfSChL0-`0K7^3qv|d36Q}UHf~}B$=(yc8nej4S98eVQ
zx$B_dMptnDe;kG=0jHtC0sWPg<L`_Ip9cX<<gOM5vB0-0y5!Yh5xgodP}KMOi6GjA
zY`RL9%M>^~hvI<hOus9FM)Ba|i-_#E&Z6_30P2$u-y-G@aqe|2LYt3{4ws>$(Ur3@
zDU$^HKr?8zC_<l<tjGu}`C+ySlawabnc!JyqN76xe>(bpOLzQ>QHQeL86qwayI9Y^
z*BM>Sh#SPNA*XI29uO1yz&2|+iV$;x7cci37dk&Z<7at_eZyKcIRu%(fZmFAx1JB<
z4VS@q(UqH;1~p|NsjGr(X&vW$x2`f$1c2gg(ke;qAhXbf@rDi<?_~;#UF;GC#jf#+
zefe#Ne{Ip2kXu1dCB0{cB4U?)tEVBDd<F6b!ClvEw`uRa_j>Ozy4=n^z%Q1Stjakb
z0U0hsK%y(>1xu2=EJ&2q0Bp!&QU*al!n&+82q#09*_G2oK!y$k<Ymf<UF;I&#IErQ
zA&f-@+=_WBIZ{mIvgbYIPcL76Fq3-fwe8kBe+Kd$<}fcu(xD;~G;$e|4qdq{V%DUL
zZ{=AXa(7Aj;U*7D5>$0shfNZfVPV%u6G<03kaU-6BzCb&G!nZ8s*yPVs7oVHB}W>G
zT^5iZ{|+Jb2UZ_zF}JDLyY*Iq=R2Ki6yuh@(Deptsr+~dl9<c9oC*>ZnV_D_kYMP_
ze_2|vh^7SzSe}zO$|<2ml#(>fSP)gdpQH|lX(GWw2NLWu^~5fAiF#t!u<quVkXuDh
zB}XcXT=u-vd?^`kuLaYYLMQRl)vI^!ylcp|-SuNMJ1RJlyf^Cuf3y8$A4F>}Mhl@5
z6O?utS_oY^E(2D?F(q+QfYN4+lo_o_e+s;&Wt1k)Gm?oG3LR*n%aj(o*d<Df!ftFz
ziwU`v_Ed7DwAf`uYqut{5mD&%j_yBuTq~HMQ6F*bwZi}}`C(AjJ|aM$>le!n;0ik*
zk`gY1q@XKjv?^K5eQU{JesWc3gf<}~d6uPll;l;CID!BZk`g)~DVHfM%4T<gf5O^e
z1Ll5;s4k8ZajEX9<Vba~%R)%-ipiP2wYP)TIz;#8P>rEN6Vz`RAOc-E%aST(tRP95
z10bU2NA@_b2#ZQ+w=eT7DXr=knShAM0f@Lr{m_eDpnm8zuox5-a4OsbNmJp_%L;|l
z#UX(1NN}<M=RG(VomWNl+BQ{0e}&wt7%eM6qbt*(YC=CQNZ|(&SH+|zMa5#0#dTSg
zb)M#-9h?`L1!(m4W~m}}u}f4DyT&w6h>E)v^Hg%AnAl}OF(o~);OM^+UB&|DZb8`n
zV!5DI8|POZqh*yxR4%1uMMD}BNNU32oNvi>#r<R*=T%x|kkhnlqgi>3e;k#^%d`=@
z*d^MCUBebgqC##RL<^O+{ufjVl=JPj+0*W@KUN1hw9BL3OX%GMM!=1jz0(5JYR`6z
z%8oCY{Iujc(FLu_JHJvCEvpovE9+!Cfutut3gsoCQC5qrCkuiAa-MeOH7iBYUs)+a
zFLsIYV%M1HN@v%M9!QQ{e<@nUF%LU?Mp$>-w>od{`}g;5y*=B2{fq6=Hocr*Ac__g
zh~BxyZx4rE_pi^MZ5Z8epWbO4;M1zTdqzR0o{4fWBeILT-QPb`bPZ(P*Y1h<B<ZOh
zo<W-$Xdq%M*xS&#e*)=P5;rM#^f9-Uu%=;=hb3fV?Y3eTts;BTe+oi9?==<AG}U1K
zg31+ojh}eL>0PNFI?U_Ou3$Zo9GMF`;!~3vy#DwCMi;DM7)N#QU8yN-MqF&ZPQ-HN
zRIgB>36`_0dWEh`%OWVEup&jngOIomxJS?PfJ9l7u(a~4vanM^M`raZvRAL>Xz5>2
z!ou(BB<+sq>Fk2me*?*po?@4UAmmRdAHZzSEnYtmuo(@4R*$lFl@QQX@e%?mGC^yX
zRk+ZVS>i`YoK*xS#=x|PkQ70b6Pks--vkw{Qb!zOR=6U2g=>!1{sm<&^ct$@{&pBF
zfavY)vKK08gRo#i=W7izA*Rs-3dJHYUmxE0k#^T7Zf}p}f3p$fz#OZ9X!;!D1XO5(
zt}iQ>p(_`x3F?&PBnlzs4q3!?J*Y??<YhqpvPuGbYf)sD%OZQZY>uuwI1{{&?XKOl
zH?ncwF$L+R`+A77&n}>$lAqoqihfa1Z3xn#ON1X91q@Q+6|dQ*A-_m4q+!n9ha-<g
z@0j=LeJ6>jf91F##kz*5JN6h>b)R2oi<TAI(3M#n(IBS<sp^miBt_MbGAjd;)ny(g
zNs@*R%Erhnv_<wp+Z=UwbmU*G?vCpr>OQ;lhDzd1wWtWD+b|m8sDBV78K;zl{Pp$<
zE$59&1a2!Uc+{)f-92EBh4iPMq1`kD#17D#wb{Y^fBIdttbT{COc{%lG@_)b^N7Sz
z!QFmdh9nK^w62mS30zrgvwj!Z>vwbP0K4KFI4`TF7cpHH?HG7zxr#fwnO(ud-^JfP
zAqIfnWuu7U{>JXVh$)#yTq3y>uHU@?J?=liRh$R)Y!9tGwN!6vO)R~!uP?6f;?-;K
zsy`#Zf3kc%?~_<?V1CgiR=1EJI@~I%&B1Pap{Itt7+b7aEjvZQ2lqboSsnx%P9<or
z8fY_DO_7L&Vo!sX*HMWH=DDoCiLM+bagjG^4MQv=0NPPP<ESK6TCt$cC@o6+HWi!o
z%@{4U-9z`oG>b$pa>1bky~dP;4l3+4NmLT;e;7g~hAhv9eG?<KWwq(NF5)lVvRj}+
zZgq^8)i}|Wqdc!77AAz{KFrIg`GL4@BGN>4N?G71erd<l#b%8&MsM#Db^Hrzo9Hzr
zspIU*CMt=mBPP+S<HH1vYFC%Rj36ggO;TKG5pA`VdJ$cnUjdDmRY1{|YZg&j2aIr)
zf6YnEs)7`0nvyKi=+D>=4T;SPXpENDF45J$pz?`cW0J1Uu7IMFxUQl-Yg$(!93&#s
zI7~1Q^bLH!?}$2vzWOjQFCgkVr|O9cO;FfnRZnzfiTsQcQdCjKLvg6-)M>y&af$pa
zg3O*HkIkxQY_EFuffu5wnDh{KBkG9>f4=IA*Ivm)i@jY_XBRn9Ntyjyd1(BNO1`Fd
zd_fA+kwqZfu}vd$hH%R4U*)6j<k1wtNvF8nK%IM9Bu&pkdj?D(x?D-#j@`aJ=<z|N
zx^0Ms`GNlipUQ>azr}CQFS5qVy717I(>ls%#ADnf3Mv@&7mz#)C@IsT&iy!UfBe{C
z24+Dswih&AW`GtRUyASJEDZ0ZMb517V><lGBJb9I^m$)?u&F*KcF_S%G|Auc-)&^#
zvEk1t*jK?;)F5&yynCOMnQmItjBMaax^7ir{GsSWSvQ9H#nX6M@f2M-D`{LuxlgjP
zfZ>+_hw-b3gmup1q6&gMa~uNAf8uFuFP^$A0+V)GgsmVr#Uf@`NAc%HjRBMRs75V{
z1{Iw({LEjN%(+kzW~(emt(9Jq@ZV^*7BRh}<GTP?-Ti(4mxE$w2om4p76GhQU+F#f
z{>OuPAwfNG!`cAlKpMXrn45hs6Par<!AVX6sE>PXBF6oxZW>nY8L(PSw>hyH8Gqp!
zW@y+8vl`m`dT+d}-ixjrWKEf;G$gEyp$0}{h{a-(gk=%ZkOq0|Ff_B?8{6x>E<;0$
zqYgu}HSbL^wAtlc`}1mIUfk-?LiABg>(QG@A2KO|S$<&X`L0LgNLuT~C`7@e^hl6f
z!VvfyNwLoi>(vY|;y^-cBDf~SG=GhHd;^ylP`?A-9M`pFP7nI<RtuV6MUIzMk<pdY
zAWrkJq9kQL58fJXJVoP21lrdcZbb!+92R6&kz;!m*=0d!snT`C#sq(YEWD1^*W06x
zM1bR1RhlaJwlUM1T|CBL#NR$~le*@i-Sx5TL`S7OR_Mcy6`+h>_7BYm4}XUb@3`Yz
z)?g@Y2~2~l{%}Lp&a#5ftiT>Cwm-la4th}YNaY!3prw??R<~cbo0dxMH+fZYy{*T#
z)&71bMv`vYQgP+O{|;7MGyM@g@<NYf7qd%m81S`8*feZnYU;bX%t}0*V7t{#E8;d`
z1-_lOqvt){ex>qt#``vgOMmx!^CezFy&f6V%G+`Ii#cU@RA_>~SXPEdS1uU$3Vt1u
zDD+bjS4B+97-pw7e#TN7REckIAB@d1d~7enyZi-Se|Go_OmL~cm|cCxU&OWb6o`qv
zHD+B6xe1TnP$2n&4Osx2=?1L-jskadd*tCG+b}taPsO4t1YH?ZA%EcDNW=%_X>xbm
z-!OBLhEeE{5QK)~fE%-o%emfBkqMTutT2zR9M+8=CuKk?ze%C;7m<P%B@C--(xNER
z+?56~3-htPFz>Pqv|H3=8JOTw%a~o2$6tiqGB7dIjT@?58#5f`u@KH^{MUl*0D@8=
zxm&k_9k1~Dwzh$sAb-&I-d}V=GtI}fXIxwmM<phh#j=7px^h)Ev`9;zpUL8a#4K${
zArQJg%L=|(WPWb%YfH?6cw%q(b(jSz?J^5gaG_bC*L9i&{vyCEoSAb}{PzKaawgyr
z6SL)6&4hx~EmMQ(73v(6UZ*v9aHgd1WZ1^T#l-i$9b`}VtACMno4{@<!%-cZj>A$F
zZa(#18~_D;P#6^*h)odX+Z<$XI*G;+LF<0s^26cVe!_yD^(2YQgo(mP6R|Z;zEi}Q
z(Kn77Gb-UW=42V109~2oX;RcdKr-e7gA_OGJkBeAT1?`gE@_#%jM;<}B=(kRmocLc
z=Q3s#Jh0H1XMf`g@E0-7m@)COg~B<kI_`l2cXL0G*7G2-H&StOgwxys1_cZ!DzFz1
z0Byjz-Jc2J-9WNZTY}8r2vg9;(Df5al%=k>bw5PxyB@gEmx9~dd`LvH3=)B^94A$n
zu&{vLvJq!2La84UzsajKuF9(NW4pbXkch<I6z;M&w0~;vvNsd}vC!UTV<Yev0rvJY
z%&_|9Savp(Ln*XRPeUh@bp)e<#D<DIKZKVmd7{P+>mgbq3$kfpHrTm~ax-m(3_rsS
zc3v`IZibLm4ir8=H|We2foNVNP+^#m5@-RdYsRbmg6eN#*Hm-Q_+f7=KJ9&3Q}5-w
zw=3_e{eQ~#*SBmV&X-rfFTcU;bPgB<6`EkG%fKM$%6=0hY3!FI3ZNaQW+}-Nnvpu>
zn`78ezo;X-shVJr1V>Xylh8x2JN3mofK2H1E&wuF?y0XgA(lED8}dNX?36?=`;zWx
z1>R)0q1!FknlY@VZzkv)6a@acJ2rgFS_`-fH-Db5>zZ#vjhNFifSp7=d<&z)*LR|1
zI1sGAy!xH{F-Uv-3%%R@8#uAg-r;_yXHn>Cg(7e72ROhIy6Avd$mJ*zRAhpEEJKN)
zD_3P!)4Xc<2A1;Bkp>B&agmU;rbSj)5e*%sy2M0@Bskt;o_+iUP4AX_a@ogh^av^`
zc7L)@@6|9PS<6GVGVBt+pPBGz4)7NByFCx}D!v8D4?<%a-S-=ds;NW015s@o>;_To
z`EZY98QcS1InBy2O7e{O2~hWNcTXs{anjJ7#(7@Vta3zYCfp;zffMso`!DE}x7?FU
zwP(XXP)V%+5*2vG#3*(hO^RJX4){18+J8IUblF#aI~cyTRU^E(M$105eiF}mTWyYT
zaFW8XEp&<*RW!}i$4X3OhQY5qirvXm(fUpf{_1Z68aWZ8m;=s0g(jHAGH?dEa-N1|
z6_phU;*ycL%o<Wazj9raQOT+>%pC;ii3!d~aG1k9v-k^I@zHCDzPYPDx<*W6Hh*yA
zf#fJE!Y-?(Lx48E`|ai5xJup~4?0T+x-QQ8ohsf+Pv03<BS`|e9l)VN6m(_cykw24
z$FBFH&rKY3*tgvpBS}GT(W>F|!4t_c@C3SY9AzbR=##ok5}@+o$MZCZNEF3o%>(`_
zj2w>N1WzP5+F+iB{{^Jg=ryKk_<wBt!~@BZhGUmi8vf|T<}1DL2zX{dxk^QSWaxN*
z^5sW^K7@frWI#6{T?^={R;8U^!B3V|@X?inqAt@Q%t;WYTxtEd<bgO;@QaB0xgUp_
zV+ufGR`3(N<ULPm{{qr#%RLF+{j-tqE32GKT`@^3ng^8<Xr2mK*Fix~-+!chk=zsC
zwyhd)CAt_oxt0O5Rv9AQcDvVSV8KZER9{CIZ8j~pf)xN_#2zuC8sgUiV5`96D1e@^
z6DWY5Oc=rae9-`O!_MGx05)hvbyd|`5mTGftB(pzFtufn0CeRzEAlc(a*~%(0MnnL
zRfv@&iQ_m4qJ)N_BLXrZ0e^{QhPmb}lWlE?X<_m&+q>QIfb<8UQlH*?*H8uLYI&C4
z@|E?DT?U1(ir5k+pralYtylfDOi1j|^<Jl7Z{c^fH+m}2Q}t%gtop{X>I-~1^9X(1
z-ZHv5+}`&e>(9@3JE+n~`a#fKRr}y)mkMU}X%snFmV_t3)V>E7Q-4r6iRBT`#XpK=
zVlRdppb`^IZW-JFU0I9@3H*elSyGWWU<E0XGA2opM_JQklx6k`Wop6=QoKGt$>dOZ
ztI45KpVs>W94p_`>UMpe%I%f)rX5y?O6n3MW__0D+yc~7^CxOPuhzR`?4b9g{#BaW
zlfk;k&*10H4_($A4}UsZnQuwQ17Ge>re<;P_G@}za!m1XPwoDOZr6W`c;itw;TFHB
zZ{|*YGu~r<(@zjXLvI_;dZ8k2OG}qw0nnA>I?rO7#e8#1Qxb=DO88#q6Cj{TQ^|s1
zw=@$AkmAMjX_kh`+bs=~nrLaWEB^Sxn1$JR)33Nf^0)}XtAF1&hdmX=2dSQ1#p|Oi
z@!@8K(i+H$|69F<L3&r#F7=An*RO_EUqQ)3PX|)*I{)nTeRp7Y;;%9nCeDuPM^VV9
zd%8U^S(*{Wn3LB(qRSEh9Nm3Y6i<u)idfm@qzI_U1S?yH06<sH{UogOoRO@kc?g-6
z87ayzBs8IE#(y%Jv)Z0wNKFJlikHl%Ss5m8w=zs>qLt0A^WzI+R_2&D{a$s`4$2FY
zlY5=VEzFL*=z~+i_R)7Fc76A*v}fIvt9uZKdW^sd7_EeI+`Bk>^_Xu7-ytH6Cz9Qe
z-oth%?0zk_GruICE-T5SEAvAai}ETWO$f8Og0Liclz&E~Y8n<~MVS<ZV}~+J@+n@#
zo@P5}wc2VsnAAkunO%9u7k)1WwmUkNQ1Mr-0Hx^B+#lK9PS(nW5%u(A5V<M*3Um+d
z<Uj?0sWAY>oXh;Yv8)Qq@VnjLD^sFEqg1LIR_<=w{ec|V{;toX@O@?rqsRgH*&TXF
zj_#t`!GC8O==@!I-B-HP|IaT51T&IdN>J9;<x}yp;K5F>24;M6Z%}F4z#Mi!p=uD2
z?r9X~J|=1O1Wu^)M3o9MH9cVmX4P|8{ZXL_cD)QrfUeB^Iw`UUSe`3JVqhuH6*qa>
zWK~@Gu07F&5~O(XeVSck@^-t%q$b++Y{US*Fn@prfOEob*G?AwGlW)s{!tOvYNm2Y
zbj97ky)a0Xh&-!KZ>%qxK<-j=idOQyue2erG|MQrAIZw1y5#$Q56N%=1zz*sApyGT
z(=M8w7od0hJ>)wDH4c9o$vyf&6y00rkX)cb6RdC<>H%GuB|)6Tc}+sewO*x?YrV`R
z*MB+-QhUEsYN8%e949c%3Nd-R6`~k}X;wHJ+<-5PMW&d*>vr#rnE&f`)QWM&9Mw#A
zX^ec68GQuF=DxAq0vtj66B)NOZRQWID~4|hW+i!+<eOi;=D`?1(!EAfa&U7y?rQi%
z-NI&vn$aAT1S&MajFzD!(3KOK<w>13gnt!jMdBi*+=6nL%-P71h*h53&B#Paq&TKv
zni*m8b~D1HCYsS~AOtF@;BSa6p;BMkHTU+%txBsK$rD{12A%C&A<i!F#<qYs?y1%b
z=#AJM);rNtAuF3rAIs^gn@&p(b~4I9K7MH4s|VSWp`fvPXp<{F@^O7&eW~#YVt;d&
z&lyKWCRp4u)CRh8TGFuc!+;xG!T%G)loU0OCRvijbybyhk=YC2sfpT1ag4(>i^JsY
z7KaWem}YUaff=ae066`0jhG!K`npe}gZGCc7i1SZfDG_W;_)x{{Ln-`J-fQSUqcP+
z*{AnkdARsQVoNvtTlw(ux3O6qdw=NaNUafTbxevkub}!LI)NJp1R;ORJn-%B;&K1M
zk1(j=H_>^x{=#pzkAa6Ly}d8@>smZysT;CHVO_SvK-b|Z_`C-xR&*!7r!^jEV$Wr<
z*7<OibQxR)T{)y_SyeP7WzqnbTEGZxqMFo&n2ecKd0`)OlA3Up6o+_Bvwv1h-fpev
zY=vpoIvbaQFN|%Cm;l6heOtu`F~o!pd)7k?m5fD|QJN|KN?io8MU<K2UR55>-h`xw
zfy4>p+oZ5K;DQp_(|$$dPFFIC3fI<0!tr5_N3z|HRk8}NLT$|CE}jsNN=&f0WvCT&
z<+9Go(how?WMx6(g!!akL4QJW7BLzXMOcN7w5f?&Nf)A4P<gw>q4<$$7B?HXf=b#W
zQheM6z`(fe{f}dNpyE{Z>VwYzYv3)kBN=pOww{YOmbHGmA1pywFXU&p45-^6IjQbI
zW=`c@i8dy&sZGDB!BnY;wqYXau7!l?ntv_51@b+xJM5`|9M}4uOjQj3z7?Eux_t`J
zXRr+5^%2`dIZ<o}#`y@BbQ!`0U74jU^wXpy5zSJ*AvQ6gDGy{>UPJ}0X`H6^`JtJK
zaLE=TTu^zdd7@I&%+qqy4)eqpMl2Jz7={Ex1Aj!j5Mpt&Q9qY2_u3+)3~tol)b}x-
znxWz!sZYn1DSVr)K8oIed*wbE)t6n)odxN(Yww_>>(Rr3UrpGcBw!X9A-yAtg+#pu
zh9ZlzsLBQl%Qmve!xar~J(xbO0%^=H=U|FZp$VqB3{!-zT*h(9B7W4PVb+j1=T=!3
zL4QeD;PbOy<3}{Nb8TfNrYKv8DMID#riqTzv6<#<B+=!|y|xIwz1wXhK2$(_$gu;2
z=<#sd?p0Tzks2DBB2_m>2cyv?L_kd$glwxCqBD>l+nVU#SZ>Z-^-+i4p@upDc@nwV
zOFDFQL$cT+h0yz2K~qfo6)aW3C3GSQQhzmH)*E)iWJj2KaLA{r+W<>8N%tPSyVD6J
z=<yMI4ftL=AF`A!gDjydhgBV?QB{(%ta1|5DkQXEC8>&##!*d!nmUe;CS)mF2w6hq
z?FNkw>9HB~Y@m{3IS0%gl^!hnt)x%d47uGN;-g4rL}q8)gk|n^qDM<6evVtM;D6l2
z?%G<iC+mcX+V~JNx1*OH-etchLkYI7*NQ`SL+>S#rSLwG+bK`$!OG-h7YuMP*E$%M
zd>;cLh<pS{bnpA^`!rJK8$1{}H)k0$E8Z!YaO!Bo05npoY>|8ea-TmFFNoU%es?O_
z;o+@88vy_Kx|6gcbi3XiH+_?U@qa9s<G@}l?l|V7r?O?}DRkwqs`5ODGvcRy20?lS
z1k#Ma*smn7>p00Bj>AMxWed?$sJz{AU{bFb<T4S*F&i_5N}fklytdw;ARa8I@?1};
z2cZD84WoOJKN4%6qcNCwAE(Ggw*9i+w_DL?CQVi`B6gas<X)ef`>5Y60DrGkvRKag
zQ`}I(fVZjzyfg?zSI}zr6^NwyztVZ!56ALO5c>AF-D<d{nk0DOp#i(W5t8W3#1WFH
z$OIc-hSx$@&O(-iEJ{fb)HUH2U6F#uB|nIV0gEG=<kXI5&P=>kwh*s{%G+%mld{_Q
zY?RgmNt0d<z3i~}?}r6WCx3|d#LjeI-L652q0bsIW}LKW;4d*j!{#Lg5~~)kNAv7b
zZmZQ%^wk)5_|)rJSl0RpBs7a}+T_q~7+^EKI|ejf>+X(Q=upYl4RHN;zk@AyF9Q=*
z?~yfeer^5^AcD}%<udz5zYU)`TRR$|LrkxLSuOU~ELJ-o#+5CDaetvJS7B5XRa}#-
zO!>}S``l`iBq3?ogk{9yB#rDf+1!M2<qKh4sJzu`QK?t#%Wr1`)>qbBbyzJbDPV;k
zetPlp{Qiu}8NvLv+4DVce-yR_d(BH2B>VU+eJP>)ALwpfpMK2VSAZ`|U!D%W74WGI
z1h5`IU9%on`EY9n@_*u$0lL^ofb#lqRF{%XwIiNk-ANDsPdXmduVIsX${$Bqr96Xh
zb6k%fZ_gwLAq<?@_OJ<snOJ$^G2{pc!Ga;q_p)V*onS}D7e?$FeP6ch8!F_s?0gwu
z3thQkVU*QSjDi$goK_LZ>x}XfdzmGfAIAlCShfk+$`=B*P=9&5Wuq@eWQ(K<Aoe{Q
zuZ2pYkvA%F#jQl){oAfn_d6IxIYKn5zY2Oj#FXums#@sH>qgg66#2%0S;g+s0WMO^
zju81h!+y@(?zs8qfin;ju{$<iSPynG&}ar7%vlf?UzmH68}1uKr(loC!VGl|ED9Bx
zV5rMrQRvEmhJR|ZIw4tFP!h8wCA6eqtufVr4ZES5u&8_?EDDwXRk9Z#hH8TvY2|st
z^$i%25rdtLj<PNO<`2YVQS_JWN<VksI=U6{=J9Ue)RbTizH@~F*e4na`acRofReB%
zBDG()2<848%T4`sue#+0PGfuS?%X%Wzdi|)7BgT3!GGDPUEbjSl<_gQ!6VFJ<eT>X
zj@xIo-dD#v^`Vn(Tlg8lt=q^jyuTRNIJg7wOrqk)FMB7adrQWO{zlbpZR?HPxB0Od
zX5j$R5|~r@KK^z1Fbw2ok~f=y8&f#|0fwd3tta4RkiHaC=HxhpZUhHY;r%JnTNBPh
zoI&q4kbkFO-yk*E&teb}5!4(|$24b_6mEBJ$FvMBhOS&hRhEW%N}`M={6rt{vq9;{
zgvCveCvlW#EU`N#6D^i6M2n&FcE^NCUEr8zgT`!&zxl(F`$vVfhZ1}KIZyB<6nc8f
zoUN!h5Z8lJRzY4p^sfK*yN)k95wdJNT7TizMSpeitk1H6o%X}Gg<nub`G;rk(V?E5
zJBpvi?A~wuq4*&}cqg^Wz}N#3)nT|{?hsC1g2ru&ieQJi(t*MX{CT(IAL}_19x@$Z
zUf}Y1S-6V3eZVqY8@h7E>L5(3n)p%3gOesHN!|d*PLb0jN>~(Sc3zO&#I@xMac!u)
z-G2w5)2W0Bz23L{i+<I%=LVm>vfi}I{xM0hB(mabi(H>U8@fCW{XTiu&m-`<c5~DR
zW`0=y$8oFZLqzwZ`>EgH_uzfI+x#mxiHbe{FT1^HerEsW!J9P7dp!mDS<(Qb?b#>?
ztWPom^t7p>WU7bkxb1_Lr`|8^SMW_Mvwu~yUsbhgiqK=vM47IHu%hH!d!qq!j}P}d
zbwUb#lKLvy&^?h8Gb_;1VfqXYJt{dQ*6>(*k~3dR;ebR&0+d>O^ueprfe0K0xmUf}
zGx;SxzJB-OiJSoqgn&>^;Wr^-rajw;P>_Gm(B;Noh;cn2YUxhk?GGv`54vogdVh!;
zyBH*h8>!oiEdvRnD;F7yf-22Oo#qux$f2YNX+VM^E|RoPVf3Hfi<uz7d?82>mA88_
zbgtO1=a^1jS?|;3xKOMeq&VO6vkZ@1Rvuq@<$aXyM{?3)4h_3rpCHjQ&<t)7NwlCY
zuQ+e_;=_Dh{d>fDp$NzOaq;2g>VHEMsZNY?byH=0O@;!D4)O&EbC$yn&W0{*TdQeR
z3Oh7n*R8odR)hD3gCmS~gQ^C=1GKPoJbeyRpL2$(Z@T)?^@mHHXi*MW&N^|QX0+FQ
znC$I4^{`L}d)>H?n2%P>m!TEWl{F%f0LqB~&WX^ntVm9)uqapwASb(zFn`gC`9icJ
zDsT4@=p;DQN6dyQqLRW#2nx^htG>3#4y6#V@z-NlAa_pq!_|KMg$h0-z5{+i+hfpW
zKDHizJZ?E~k)B6Q+S^b$?8_e}7Zfbt;{^=RpsaLm<oyBmP(@(MsHTG+dShFG>p7X*
z&Ao&g9ASGKaO3@fMN`Fiqkkk4Bz*K3q~S_Cb)|iOB}GbV^1j`iP~B|%$L?LX@OO%n
z$|&0QG#$TQPprjUjGDyl#_d>^p(fFlH8PR_3W~&e5R<}BeUeo{RZ*V-2+HnQOw?q)
z5H*R)+Z~H_0G}g&G8;UJN^<XlI2KF-`qWJ`7U;nnb>6QwM^R`nz<<vVyU+#NS6MOX
zlO6T>hN?G?TM=XK?RPVzl1=y2nf?jPjDJcHLY8zRb1W*JP=>26itgNVrU~LI<hHS8
z07G<T-RVQ1=YYg4D*3)0W~9l>f)zmtEeCcRGXaMALVzJEZ?`c_>gR88(C$98=ZS1y
zS#Q{7Vlx+gZ4=cyVt=1{R3jtG_8^bTfE$43RK<ub^M_pP+dJczBJh>F9qd@<4V^#2
zB6esUZzv-R^V+cOKI-6@(C!aZrT`_r>HMmYb6jt$b`R|NikqT;@N*A+?qT(~+e&m6
z%E`|C4nBHvQG{6^40O~1Vv4OSsw!-<*k$#5<oEx64c?$_4u7j5WKsPP<LE}qK)PTj
z;;>uVonHy_D07A;;s)dPD9hlC=*pGPvMS7LQWa4O)6_GP`(a6%CQj10^y|VgR5v%_
zjQK)1BPwtAC@8Sc?NMff8c|8z@i4)&V3#mV)@~i6@rHZ;Cs8<+Nq^Y^pc9H<4<*+6
z@y2p59}TJ(wSO#(?>KI1UBu*}vf!f`7c#}5R0;d<#STzi-ZNSYrsV_u%w%WNx*0Lb
z=+DFc&pn3b{`%?76?7cz*X0p9hk@OE+ic|U`2N}9tRcKu-+S=z4H&O);IG8&d=8Ht
zuEuUVUj~3gSEf-?R8bZYmH})z4N{UvG$LtC3qNBeWq+}~z)_e0$YLP?5|y{wIV$D0
zbIT1o>>QOmXXh*L)77sl@8$WCIj=2O>q{QP*|l3A7&){A{)OuTPLgUB?sHlrzn~Ac
zJH}w+J8$afJzR&^Vx3|4(?oLu;zao$x&!HLX4Rj0`(`DxATzFPY|lC{9pZ~qyL5Q^
zCd9+)lYjPb4A*1<{Y{D?b(-f!9`T1+BM^`Q7vIA|f_XQH>7(xnJ(c5X?X>%189WkQ
znLFDgs`!baW+CIJa!Ls;ql9EZ5*M^AfIq-)_a;2DSO||q<?VKlNxg#;;ZO2Jcs4oq
z%6iK#%eO77S4GSm71eWlz&fsZ++9Q09Tf4wpnu2DBX@O;6dLm9#+(Eb%#Rp5&dR42
zA1!JEAh@+%zk31J3v(Zf|0>g6;$*--D9d;Tz-V+>fObH-mzg|x)Sqa_Z~nnjnB~oZ
zJmR|LHoj$$M|9;Z%i}b!69QvLNSwgXR#v1u)=p`i=P^tju^XQWc`Oz}9#MI_@!^DE
z6Mu|vHrNrBgrNr$3=k6shD0-w1XPHX-h1T^M7<ME#0HAaY^&OS`iT5bf#w}H8@1=b
zR>(h$m?Lsu=ivrF-S-7LUFRR&y9Prd_bW2%uxX0Rox5M4gBH*sbs?34dwT`F%CJ8^
z^<H#*O?WHa0HXv6g*XyJgZfeEDgh$7qkm=J0{s7QJ${+4t=6IfD%KR(1^s@-y&kzc
z`NAZ~Qf2PNTKy1B1w1&Z7YLvy_T8-dIf4&ZcSRy$$ou~(hq{cvOK;b<8x8p!eFGSr
zz+yF6>@Xh~Su6uaqATlxNCalMkht<glE+0sf*__z9aS*G#qPdLU}Uin7>UZ;-G3L(
zx;DXm&4xr;m({EG5Cg=Ap<H}yqv;{{d@~j-)Q7feH>(j#E-*gtztD}W-$BKk2fHGn
zCOixeqalii7Q@?4*V0Q7J@2?fWSz`RiVkP+KI6^%7l{YB0ue0q!0!JKd0kD7sh|a7
z^#}dWqg8dOaFn!cTF7^tHiix*j(@&lDXVoAbb&FAZGiPPra>EfkLkvulZ%P`aMg9&
z_A<aDy0RX<L}20zx9y6Oyi6LxXu!%Qs$t-Z-L_4@W3dqMh|1e-8<qO>0<-AZAV=F`
zi2b7Mgc8}To~<7sCLp@9ncy)z!4ugB$dAx9z~_4K@2Htk*b6{yM~Gd-Ab+tN5(ZfT
z;kFJlgf$to+Cx?X?yPUS)&^PakClP|_Q8|@D2sc4WNg+(<1u$l>spTaRO2rcT}h=2
z5s;KG8NatL?4WzNv{Vm*<~O9)5e-`X`;s|I?*7_7gE4NC1i^>zvIh`>`@Grr4VmJ3
zF^_<~SR4b5tCQO$EJF{XD}U!@5af9okt(Ht45}ERNgP8*1Ph9=j^fzPV^)~x!D1nL
z5S6#P1a#8p)vu2Fz2$~ouEDaXfCwS}0Yy5Roe$=X%aGlZV;_k82iSj@wW2S(5Bgf&
zFdlf6>N~sJy|LWo2xl|tE{7~$z3x;VUr3%5^ZO`XSM^uMU<#8AVt-WRGv>IBa)Xd7
zgqc1jRf3=>>L+4gRy~KG5La8bT`xoYp(__*7DPpvlQ0N;5{Gq3%9K&k1OZE%JdRl6
z$U>NizhWWc50$suH9GUuZP&A*f3`&tlg1<f40AeZ;cvh9A@*4_5;iS6ij3wVqr13o
zEf!an2|2Ceh%saLcYiwD0`85S(xSlKX_FMq*1OyLP62)4wl?j}gSKmx5uklOU>Lk;
zAm#)Q2^Z}_`T`|j^e2t?>7K8w!%O?8^#SQk#cBV{>%v?B_P(qxU_LglScc6*S8n1g
z4C{iQ->ZN}`$1KcA`BXm#AR5NMa`nZ4*D%jY+ixElm2+|ntz9ptopoJpDlpBvdI3{
zQ%fSoXjydS{k-LS2x60VtQ?cFp4bZxVs{iBMm=uiq^7j;j$08Q!d@o3i@gfiz*HTa
zA1cL2mUBHR^6G-qK`w{t-5k6cDl|dw7U0$1xy5e}hh6ut&z`|++CIJ0D4nPLOz=#M
zo#QY28IKT-{C~whlU7gq7f!mW-SK})ey-m=3yJ8}h7)>C1_z-&gqQ{PVlux9k|Hli
zm4zwa839=5*AWThGK;dLEJEKt?X)oAbOnmQnqU@~tkWzki`vb?HhWa^j(n6R@nUGg
z==;urj%s8jJ@iVM)7w|xN4tt&JiHT?n4sSa&{OZ+;(s>%X7D<mnOtJeOb;NafXUF)
zNY=pktLl5t5Pim8L>l=;kz^&w!+?@FssqBEdqJ|MY65_DWwD(kzA(XD1qx4^pwF1B
zQ=cu1B8rSj{N9hHeg|37+ZIM%fd?LG_xqupv@b|>^p0^2MpgH6N;Fhtg6=Lr1if>M
z+jN)0+kbnu>EGTn9#nBBeCVD@<{YKMhV~9!SBUCj?;*=s5EM}iW8x`{!L3Qonv77&
zk|fI;pH+=bb#vdqC&3SMRTq~<P(44}mpiMpxWrqLjP`EUBCzPOv_0!Lt)UT40Oy6@
zm0!Win87|M`+4=n*GAPB7jdeu5S_2SPVtM>_kXtiN)GL_c3Zam@IW*=`K+qq&z#hG
z$kMtYX_E##YG`;^9kP%_K@`?u5tYmismcAoR8{QBrl=|k?oh1Kh`L&ql+1prvF-X;
zcGZ5p!~FGY%e8)nfv9j^6&DowpN*pF;@^ldo2=Tj$67PX1L74v`P93HfKD6?<q$QU
z9Dg$W^_zVQG}Z8#(Vb#?kKL+8?`LC5gy<5zcZl2cUi|KvsOvrJ+kpFkn%v#o@pxHj
z$oUWhfAA>gZaGY1QiWMf;y7f`K1z86on%3h2uPV-`9o9rvC{Jt<wu7F+Lhn3B%<P&
z#BbZpy>PsO8eu#};c(Bj_YX)!h!LQ-0DmCRQ~m@pdo%nDp9Q3a=z==-HJBl!Rv$#v
z8oND<TF=HB2+<{K?GSgXwLT{DNMpm-A|)Wph;CISk`()JPsB^bv>SW=AY@rn<Pm9j
zD9yDy<F37~Q&Ln(nN(pKhK-d9D)%E(yU_yp1ntI)|5oj`ENMFq;)1=B-$-u@F@K13
z$U9)`=sMYT`=YK#X}ICjpvwK3u!XCMzX9l<s{b`9UF4uI=>6ZwPJy-HYQ?hj_>Egq
zCAiQ816WXyf9DpT>euBf8`K@rAu>wDbRK);xJ-+Z))9#)1wwO{6Po6X1a+3CX~v_P
z(u(rQ{n*rbw8lI^=g|>)cAd8@seg2SC1c~OcC)U|UFEgqDmsukli_&TZu^NIFJy?m
zgC*7q#{%#=F||jWECp7l8*<SGwLcoNTwGYjMJA~Bg2M7UxA=754y?;$h+Kv<52=PX
z?ofB^H6#(s3qPlXg}{-M#}(lrdrHbI_w%x7SW-FEJu%fCE4oclcTCoy?thjg5!J?L
z+DX-x38{uwhxWldD4QM+JWo?}8M_OMF3&Ee3ehFH>=2)>%W}LJ0pBX<X9&DQa@SBy
zaj|C({J5xNKO(dUVFF|nlOnEt;`>2PtCSYZo~+LO)KpxoR5V3#F<FP=T9&lOCYYeb
zHDBqGXSMfM?UClu@$uE$_kV(PjCH`VxbAMfKiR(ZL|s8m2^Mf=C~FGLb3a23Q|}q2
zLR@Hqf-fi)zH^IDS8$PK;Xa!5Z>S!^k|DCg)E#>Ra%57JkR)$-Sd#Hjyig#9Agr4(
zW6a^FGgIB?mn?Bvhq})!SmJ_j8!?YS4$9@a$~{SSD@)ohB+BNMAb;C}3goL6050Bj
zKk}zlwo%JJ=mXQrV_)dzC}DU^_U#<j!^{vkr$Rj)Q17T`pHZ#Eg(j%}qH3j6e7fon
zA<FH2xnCQ4|8>2s+pnECm$E&k`zXzaibDwad=hi7PYUk!NyMFg#(h4xe7o-FrtZ(L
zOX9K)-FH_d?cjI(3V&}EEc2|_-?TT~P{!fLa^M@p9jQbSZlhuqweHjLkK?v^)d(Xq
zW}@?Be}oPheq5D67ddTb0Fmoq)e07Svld`Ab0k<NfC7-~+)CiRgxAW^K8zj4<dw!s
z6-*>G#|NuPewa1RV5Y!@CRpR5+Nx9BU0c;g_iXq&i0mnVgn$2`B^t@Az=&X<peQmD
zliQaP6~9M}6?;QL)%ayzQ<C{5WJGyLR>ZU+d0iA$Q{@F^j<~Eajdgy}6_<4w>!l@E
zTw>t01IDyFw!e|^E*VS#DrV2<XL7Tl5L?NtrkdQT`1NH)@vG=JSLxABTYYYi2Ta{B
zF2>>_6O?^XF@M%6{==d!><tt-4C5#&l4TL&QCH2Qt{~+*56#kq7D2`Wdl@z`%do+M
zGAt@<S7zIi{mz39ufoM&wPL2z@q}NkyBAZ~dsP<jf`|K(m@*~Proz3S1CeP$L|G)$
ztq_VuRqPC%x5lghy>FY-M}^#W5G<?ey2Pj3f$S6+RDWOBwMZw&QDOxy^x31tk203#
zq=+E)s)B@+Q5KLe%#$E);;L>O7GPF)g9X)HRMueu*6Ob1+<^-YbVO%#+ng+LwQs)(
zw5`A|a3g6COtJ175QfosQt7Lpk4P|nT&b9?2VBChb=!cb9td**+~zQPhG`rGW*sy5
z1aP4V)_<|A_UjVAy!LCpa>Bj|@@1VsC3-8tECn6tl+*!>SxVrjPGWvoCj~#OlbWB^
zV}4YJle*nf%u;Z$pcIVCIxNMq<jVW>D?3l(gUboZOYinrigHZ1Yd<rCo^IFj=u-CI
z=wJ3ExQf9``gu9U^LXbq8}?0|#WBsEF@pyent!0#%gVnl@u`~K!zqb+lVr@Zi>Wg9
z;4CjoT4jP3hpTcy`8OCO5s{?=s1)S(WK&?)eS-ycUsM)HpP?eZetNO;UUP-|%A*KH
zW3M70xfhI?tGK=k{whT29dmlRTfz6Dz7IjR)Tfvv)#C$p%b~r?>@1PojcR;^x_LM{
zXn!o6Za@|3DtWLc+~j&@2XzNey|>NK?75PSpb{`XBDcm2>*BFCmhZuBR?CXYF7b=-
z_apb!+t&!dj93@;{8?S6{16cl8l^D-!Z}i~iV_y*tgI6rQe}3)Twqq1g9R04RMxRk
zSS!r0UbW}>-*Gv)QGj6I1<p16?Ugw<a$?udjNtmeJC=L{H;7aee~S@&ZB*srPkdMt
zenS?mo?lN6merG8;!`&ZRe>8k)5OgJd+-1z&BC170OrhcbuLK}X8;$<3!3|JSm*Za
zY+zQ9g9R02RMyqnXkB&XVUz|Imw}`NRR`MZx)13wUzgvc1bKhmTGQovZ9O(x>bf$!
zVydB3PwG7jGsuoN>u(|$08eRt%<GON_p+GMVoTymJHIR&EGx^p#J{J~zPCL1K$!PW
zXxE31`1>7u{`}E!3u>Etrj8(*?EVp#-~rt~pjCfeujDt?JqLy^wuh;JPt~vZ=kC5h
z@04&;{qGD}_1k}6p)u{b{>alU|55+xO6th)M`IZkGpdjL(}N69zmojzJGQ+!+=4id
zC=ZX#Kdrn+&mKMbd+;Cq3oviyx%Wuuqg2Oh@s~%#8UQE&R-*&I^y4!N{>$d@Z_m9j
zd%{J46@(uZ<pcMEh>yX(t|BOl8pezl0pr_gUBM*Jpdo(^&A9hT(m1WGGw|}jtepo7
zYUilz7289Klb-LA``Ny#KB!}~GPv+-Bk^P&=eiSK%W?in<*guUQyn<EAzlqg64>xf
zTk@m#$q`)BP<Q=aEhfqF?HC@RQ*2S&p36>NQJ}J*$5_nG#vI$6A~z~D!M80da=XMQ
z=e<;_R^mNj_dqtFihV@AdwtBoaIxq+sH&VFd3Xex`dI}O5fy=<O+@0b>LkgV!frQa
z89P`|#ztiwy~EZ;9dHv=ml3A~WPi7<dM<x^Ub)e$sAH9+&TS>v&(@25-y78~WU8rW
z@KH%rp!ll$_6P9l+!)IH9Y8zaUbOf3U;-ic_Ky?ae<G<!Z-)}c_IOwFD3;ra4081>
zbtw12+~WER#4sH{_kCH@@mcS2;PWdYmV`dD&5}?dw<U$k3gRyDACSR)Z-06I^D(dp
z{w77icVAR+YXqh0W6G6Y=}_UHJi5HQ<0te#`!N<02K3w$|2}>qCQ;Q$h&d90;L?i|
z|1`LC#Fpr5kh78)bd01ai4$lKj7pz0ahk?uP#1A*rBTX56B`gNzy_eQZkJ+(2V8Ss
z%cBXzkDyZxz{2H5*PF9Aa({KAHZT6yI|ve9?jyK=!HjlJogNjMV6@BX^e*uqWVG1w
z7aUy0Hzd9w)Lhl~X_}|_)yoTv(-07*8KoDSCfb)?b900dW~?YP9=@`Yly%dPDB$~j
z%6&i?*i%cP2}TGPfDuqxw`tDABcO7>tKRgE9R#()qZcyUKFktP5PzMMgWDs?OK8p>
zFn4sUx`f^bUR^>(CK&HBD1uA;2N^H+{6BQZH4{zhJBH+rk*WI6^Rg-fHQs@pLS|+P
z6!O#PW2%vsKk3K)kv&2D0QTOhEUn6fhJ=<ZBtgJxLK_+oKa4|K1tAX^9e%(>a)b+z
z9H^{4#cW%0!cakrJb#!p5BDGK*_m;ms&#198$CbpzIfTO3S$3uU&}$gY+LQ`cZY$n
zSMK^7de8O*W^GGWO*7qNwm<+8I4ri8jdky@fBso=cGqiqv!{1J+Wi#{0P9XKrP#L{
zt|pk*nL_}83Qh1k%di?Q@e8>UPmawpLB!-2E8aD7Y(`%|&42tlDYA%EbzG6S4g*5{
zJSRbvH3>_rxN027W)rLtE&ywwvJL~X(*c~8BM~dYF7jH?xoFg$^vv2&y6q#;_@H?6
zA48^yeWUQ@tQ2}2F}o+a+GEr%$K9!KuV9J8al2)kPEO6VP5#4d1$!*3t;|P&gv$^h
zF7eBOuzG8D(0?DHkId@G59*YWJcDt13I9)#1_7z6B<I@>KLjRr%xh?3Kf(pr4^-A+
z9ai86T2w&A)DY}#D|B*0cRNsVW8jk*YIVMLAT|NBn_|;ex>ZhWQmn@G_;M}*RAhn{
zFXIw$iGOF%EBfG&(g&<I0kAfSL$1boST{tpRx2hXyMHd5z>{zR@C220=(1%=M2&6y
z>?3fU=&BaHUV3oZMr)_Hr`sFF@S@$Wn6)IzwvRu&e(428kfWK&IYa@d&;;#Wh9z-{
ze^2dwZ+Y;g2PBoBP+#vgcqx8*IkfdXKhvzM#}CWr;xkVki1vkdr|h^6&$=h(Ic;<!
z4}ag+?tk@JO`g2q#HRIf)%VN@VnhK9=t&XZLP>pH@A-WqXn@fnPJHx^9=PEGgZT~n
z=KY_K{_n?u|KI=n(|-n8$p3j9{5>VbfBZB2yAS_FfA@p`cq0B>z@LLO=l^~3=!ti7
z!0gwNH-tDX>}!vJnGJZ^Lf~bKiz*>BsX`*C*%TC&mECEX5TbAagb0;&miKL|TJx6z
ztOS?{wjz;UTw})tm!hl$S^^z$m;S5-gMV1yQ7b`ZCtArUCv=(%S`X%;K||7>wk_ZK
zMaB4rFT(c&eg^ND+0*H5)}Pq}N;K2x;KSPRKEMrqk@XFURDi$2+N?9_T3hi6^A`1z
zY>#b1=o_-x7%Jqpv1l0z$tAu7f?sbtqOv7|ihhIlkDxCgRvefl0yeZbsv=TkaeqyG
zg9FoUZ6^K(eatD=hRM1%B-^4kQ$x8xfG36;9DQRZ0TDMzydF28_1<g0ZiU|VJH`iY
zU%zk(e&gHg+jVnzqDSW{X8ZMCK=arhEK#VuvR_Q+QIrtYbAn1tQ21pC9+&teg|GP8
zp%au$B=h})?;~1`EfTPl=26W^Qh&1urjP|d@fwpnNc~KaY}mEhgswyjpev}XQ>*RB
zmG`=70oQNr0zYr%?DivfBv3Z!4#uqJ!I=ZCj2crWDU%efjHphp8&=&{n;wlV{d?8I
z{7BtXrPCgFlppA~Ob?$lCs>{m3?S-%IS2+7nV|p6Krk-x?;2F0kDV&+SAPN(3V!a$
zGLpxIm}=H@zuFDL#Bf9lFdV3?BdD@sIDX=%Sgyf{Az-3IBZ86_6tJSTovVA_N27-7
zICOLlWC9hMpry+o6E5*3VM!@pCZ?j;Gcy*@DoFxT#dQL+(i>9xQ9^2;Mpfe1dFDt%
zM<z-lT7Z&3WgRMNMM+3+ZGTr(8@I(+QHA%Ey?@@bFoj53<eIVOF7(n?^_-7Vh?b!g
zT;ktJJ>OfN`G57Sx_VZHhAIV}+q9Zq+O&#(Un!$y!OE0mX;_jtPZ-G=%}J0@n$#ur
z%i3|UF<~Xq0$2$u>u@J_SjjMaMdcJ;@7wL+Rg1Obp_dz+i@1UZmwyn49C);T_KF~s
zg)!rOXR5)ga~6pLVc>dO3eM$UK7PD<cHIvUS1qY@M6iQ-t~s0}sL%w@wG5f!62FjP
z$6zBOHQTHqM~`i+=#+~(qqN|b5NAA~1WFwOoH_(Zby!x^K~`Ev*yfQ5N{JSLQczik
zC0N-|#+I<#z4^m!3xDVZ2U^avCLw=m(sRBUkcGEwv(r|gHJ*Qes-JsgO?@(Zxc*b`
zU0Z$jYRD#7m*K}O23a@_7#0kka$>>hB@v6dn05t~m|#xJpfWD;?`TdaT%rs^noz#6
zFyN}nSxt&E@(GLbDr&+a4?;V+P-Ma-q6KgXRMufmGqDo59Di617gp#)NGp3lKECe&
zMB9E7L<eGLP|0We*03_tYj;DgK<yPoRBTRZ5kxw>y<uYQep&%opG@BIpY8#ruQ#o&
zoHoE?t+rFMKR`fZ&M?cl9FKvDOfa2gcnp{Lcg9Gf4<1HoRI!GUAS-xamJ|gknO_q?
z$OAyW4g-h%n140=Xh97hm37$91S%1nzz~%l;;=I$hF4<}!|uU;bJepMzUTp$Jnr7L
zYf&tcMr3B?^yvgs^~-DhsK^9WUsmgPiGOEWL-fJ@JQqD41e!buw0V$%B|caBIIF@q
z&RCV&Ro$%iM+>U`sH_vNVp|o_a7^M#({J8F$7HJ$%712d&1;Vbxi9GOMmJB<9<<Ua
z8hWo}jbvD0-f_pjOK{|38V3ANbqlDMr`~Tcv1xZ;qKP{4S6=9c32ZS9J#G%edWuY4
zQb~VRTaYTXt~bzt1!H3R+Np@TU|=o}=nh(VbgzS)=*UBX_vq`gSlWEZK(q`p;1a(m
zG1K?OO@B^rW6xdsQC#@}-%|pg?<r|SNg1V#$7E5QvLtK5(2fg>P0T>N05gEf+V>RO
zlD6Fhm4o5I&;qz^y92i()vhe|jSjd;#2&L}8v%k5GoCart{@JTy9)o)IhNeVLYV(*
zpzSd>C=48f-YTx=sEAw7<7H)gm-u(yQP2l3gMTUyY1EJ~3i&=#H<aW>7LtszI1i&L
zFCu$ZD>lpZ@q%(aD(g^mYq1{6n$EGp=p}m0wt}@#dEmY`#>9aB*KB)l#7n(i|I7a#
zr2fCv0^Gu#`(X{tsI8}3slE5AjQP~_AXH=Ds?AYM>V~n~y_v|94zQ{+*d+R)GyKu8
zP=5=39*bejFYm|8%KI+ynHzvi&C9O~vk8=^qDpA)=QXL)0)Ul4OejBMkSe2PMw7s2
zvAuyXHjDl7f?_`^>+D~!tqN76>NB9ICwAJR7X!T=bNhD6-LLQH{@yr*_ZTgu?R>3H
zPLmnt_m$$VdZ91)NDcIcY&l$1Xo8L}D}Uj;#20X|O>QPfpFT>8DuPL3ndsID(vTE1
zO2rHSex87Rz+TCZ%}Rc}ppuWuI?oigRi_X#;PQ%)L1bKe_RW#XSL=Os1oAW<y!4+?
z5X7NdR_1Jfdc(Je!(qQJ1yK)R6?cdAohIr*n!?{$Zt(w7W0wSO@|r-908p?UQ-33p
zMWw7a!mq5K3(mE5b7U}@Ngs@il<ycsx#}6=nj??r1o|KB_2g;RTY2(=gtMlQz!x$>
zn!Rs8tbGm?0u`EI?aQDLF7Y2??by?+d~!%2X+~m5o8^!;ONv6XO4z~Bu?dQZ7l0yA
zS@+)dSFlH*7rADep6wQ_#k>C7?|(f6&Aj-t5s7_CI~kyr+*rP@YiJ7qYM<d@M#Ez<
zRi6W^K!ql#`Z8FBOZ>a5`g_aM_W+BF+w}C8`bbL}m<RQ@kK$VYkN4=yZu`iSjZkMl
z!k06Z=1~t|;A*8{7bbAy^HHHM_@6(n+5X|5`Ty)!p1e4+>RFJ4zTp4H{eSf1M?cYS
zT|HWPkFF0~P3gXV^khaCo&!sPel;p9?-R&pk{B|YC1f<KrjA(Ri*%;l3z=Aocmb9I
zmBnXy*_JzXKgd;HTdra@3XiCuj$6Uf%4#A8StCIRq!HJWGj=a1y1{J?K1p2mAII(h
zPN7rS@rvIi=8!ID@jyi;xPPN%SP7T-kKk>3Z+QV1K)%dn^p}gFpAIdggZGcYJ2doe
zy}5rP-5ldF7^^{B9?902;d9_c<fkA+-8{OG;}Lzt%ny??jziL<tl(#eCM9JMG^8q$
zEG~l74^sPR*4V^`#0#(?sI0}ZFPM^Jv1}9$0VQmWcz*}4UBnhVl7AlAvVdgN$4Y(<
zY!f~rLTjxFD`n#SZw4Y~O@PuJce{3f=;X&9BB@6AfEhpbBo^bJkL-w-Av;{+Kg#$o
zBSSfB{04U6k#{Br8UB7g#yG)v-f-9d{J`}HG{mF`7;`@=NKo)}T|ZfA#X=-O-QaV4
zrGK;#Q2Yh1P2cjFm4D4U;@<1|;K8`2_n#j<_H%gZ)hT0&zJhpX?|RQS@a6WOe||^5
zJ??)}oVkcI#J=(-W?2!Yl&~sFc$kwiLgOGLNnHn75T#|E+KDb>6WJ3lK=z=r?$nAE
z+%qAyg2}6yq*P!v33xmnhw|^~-1t#FOH?^ER*xMT=Dx6{t$&B9`S_Z68NS9P{zDE^
zPSTVAb(k^_Q_#fEw~o$x^y1$i%{V~80`6lJihPoYkCX%v%xcR*ALb}kgaxT4LA0~O
z#U}D8UVwZ;W!=dfEBI-Gf3b~HLS}al$Dvyu$Us{;%+v^c?@hTAdEA;ih)Ptl1OHjz
z`$YUf#8Wbndw+%>6mvpzrXZn06P(a8<daMMha@ktr_Vx`ge>Cv4x^9aBri!p<B|kP
z5U@C+Nlxu#C$R~CiWk72P+7OWTiH$~=sPM8r3#>q2METtx;NPwR^s?~%U}A<?e2KM
zGw|Nsv4gRl-i=@%8(YT8W3totHSG>pP-z&Z$($xf`+uFgCutN(3#d<EhBAli1QnWK
zD9eCLF7Y2?DA?0iVOSJZT$8L!fECEENRcE7Ny8>ABNiuVWFLZ(nDC`!0elISbq1cc
zRV{gaR1B)lC!yvjfp1K@EBD-fZ{-YRHGN^Az3olqu?%PE7rNenSztIN^p0$bjS9IH
zJ6VQQa({_0X_e&h9Z@eF2|&^3p4~3l$Dij;(x=hoCkR08S++9)<`W|hq<=ohrMcoe
z^qJ#2&!QrWNnXM%qp*f#TGEgt2x*$cMc$<L4(7xJXC({3S*WbrjP3X=)QmAPFypZW
ziyj=<aJ$i#_LvHCp=a_RFlF@%*su7%sJYG=aDRjfO)%GG_$in8cQn^uEziw^vox)n
zoK#H?7%Ezj5~h8m39EuQ%Zs3}qe>DJLzOJRP@%GT9@w_r^gJ+nm422qHr%6I!z_<8
zpOFdMzSyIhj6??iB*m*?xsX1_@+0UC;^|#fWP+YA!%(@ze?+{6K7AJCRT)PaDgD$Z
zVSkbrB+rwSgskAF5`IFDB6|x`Vq&P01sEz+){dgJEji^>g3H6HL<4`;UAvLhiP0H*
zIF65wESmiasudmEQRsr;264hTx^1_{Z%jrzc~Y;}O~W_+)5M~-p{L&4gY2si-A_<9
zWwHP(Z<gPlLS}h&dndMd!Hv7wurF(%rhnVE>+YUx0a#T+xVY}n7AW*3S$CHCIHqJ7
zj>#qdLo5z^`rMC2yE%b=a}sA|Mv5{F2{h6|A8pR+*luwqjwxAyV?t$Jgj}{oPj?yX
zU}W?{dK~f?qASlUB4iV~%(Z)?hCiu2r#!AV2eRI3K~GA)<r@>g2Ql@YgIz*}CV!~+
zGVGE|{D-JF_Vi`si}r5<cs&vaVM+2RjR^F)LYphV_3Y|x0%Vc}02x%)sot(BHoaD_
zbkoltVweG@<u<;NmjlMtoB?h^$-QArwdNNw#(u9n)=8Si&3!)`%{)%@Yz>(9&!H7T
zg(hhKGN_D8{D){iI`yV((!8z;5`TpWBQZY&ld{Qk(&S+fvnFIoZLgaqCWs_i03tzU
z-RIuPSQ13tZDVlGW4}bIb%=LPAt9aOu9j!#3hS*v7q%+$eAq{_4EEs?{}EMF^y&ZK
z!F*KT-qz10@Z;@l;0Gf41ArfI5#Yx=rN?LQOVLVSNlK~x)%cG2hqd$*6Mr-Ewl-6B
z@VXwXc7hH$ZVx~2_20VZqlwDT;R4vOo)bwi`{KD5BC}IbjnWu>0uWjl2*v}0JP(L5
z`7yG)MiWw!EP#}tvToNn8B$_P5Mmbr{|G}TAdLn8${Zngemv|IGZ|0tb^=Q$V6!s#
zr5^l)bopRDa}Lr36`J5PmwzEmT;e}yzA5?wswQe!npC7=l~3X#p@g63DpI6b68e4<
z(%KRInz)8!0j>d+bu0M<QkQEUj?x<}0KhKrR-(IU4-BV@6JHF6*H9_t)Fp4?%DbbV
z0Y0UH<+?hnCdN~>*HAIT0#owK8C+122`at-$MD{=@?S=~IY#mb6kTIrUELCmZJUjo
z#&*6qjcwa@PT1JCZQE>YqjA#MNuzh)ulw(AtuwP`&7RrAz$^x}{DZUcgh$^|23C%O
z`u_PFoIzKIRj$!rBEfRb>!y$_${erawwKv+yAR)?%;3|rdlI1C^fN_MllJ)Z1NoVf
zM1lY6)QHSC&`9*XEYIG35Y~VWIuxznll@)AxQwfg*Z-jC1HTV}f6b=zObp&?+b%9E
z=4er&9+`LyXom7vR^us1R>EMziSM4EEpQv>`WMZK-2!=xiMg2gy}uc>xdvSLi^li{
zQTm6r9i}DTaxs{lGmDk;a8&n8s?ET%V1i$u3;OO?#X1&ZV4&0sNi*#irH4G%Ph8Cx
z1m{Jz5iF%16r^qs#+sOxE*<)EKhx3zThunnR%H^PI8qg|xj)NoB1MubOsD@WJDGu;
zOR(Pn)h^2GY;qj{?U}weemKZI6+xh1Krcy?%u&opY0t$EYmp>S{PJ3G!z{5P3UxAr
z)hwlsrPd255;4mewbF5up@2vsT~p$}I`7%O^n(p1=Kt)N)!S`!{t=0D`>PS=cLW6P
z=`3JWeO#)+#yyLycjVsc`#^06&P{)~^5%*^3L28K(cyG4%_xz}KQXD%Qu)txoizS2
z2OWaY&EjZX;b_4F_1|xL0lc8^M8-i2Tge3$eonzg`f#X+YxQ>Z@{?g3F)~!+CnlZX
z=h<Tw&7U%=pN%UQh>3|3>|q*XS93c9<bZ44S>3bp?i+p4lF!fClK>S^O^kOhQuaQ^
z7rA#V<4%1%j2T8kGo1~FhLyy`w-d?f;u%k<<NLWu{bmKZaG6f9!k~%HM_*QD=y`7<
zqM~0Z+56te`<9Ly!rl<Pj#?Pn16QwVuT3ocxG_5<BvbkS&#&Q&j(}`iGI7o-kc4A~
z_bplVd#n_Z*?anYG4c)Js8-Tw=<XU%jWT9I;t%2S{Knd#Lc4ibtN#)V8q}xfCwrDi
zHV^r*qJLq$4&+z0@-SBAVMtXWA(pPW<dcEI^JRS)Xs3uTwB^xULF>k#<z59*A^Hwd
zCJg2J(qk5%_!sG<x%>u?&|+#V;F}&8H0Z?i$XnHB&o~Pg*3_aCW~9#ItJrjL6OV70
zu$Vw)6ykPqbhkwPu%PQJ5ozFppf6S|qM=M-Fx<v|DV|jh0#8goX{!!m5Fj?y(t=t(
z)8SDw#=J@R0p<$=FO@sFAX?4HaPo?KHED7|V2H4~zroe&qqJ_r4g?VXUwJjGV+mx@
zW8@d~OCkr$UMmKYU7WXKAxYdkaXzxx*UR|1b_N4!Mv(j|lGUMpZ%ySv?*Sn=wrtNT
z!Z%N3Sv=N1+(X9K;KW6Npi;3C=$ixsMuv0rIw)%MMDDnkJ(ddmh(UVVNakOG8SVm{
z1%zi1r!e$3l7kzmx?VutEB+0`wk?`ms}biCGqxMJ;vONb<kN=Bgo;0_h%vO3M&U1=
zQ!U&ga$K~W_n%!uO+uO;c;iniS;0sHq;+PajoZ6(H8AgV?Ti`+kSl0`f+<vRd8n|`
zX#*l4<tD=d-_KDmi$>Ui>g69i@<Dp|r=8{QjA)o%y4#zp$TmO%3jLv}OF6uc{9evR
zCX;TZQD)=x?n_PuAInLQ-HrJoL%o;_<hOahWIfQ5CSU{dIzwV7kwe;}PoPuSzI_=5
ztQ`+%`^xf!9~YK^o(GBP7j$VV+dTMnC3!G)g~u1o{YeJ9vB+^g8hy7@wf<{cikWXW
z<}mD)n6qe11s6!^A^y0(MZT1`XQ|vS+71T~spgb`A$oCO(aD8W1;sv^_pJFK<=#h!
z?dcDEjI1Ru&72!b%xUr*JyL{aXK3!`M%(>r3AHe}9+)CX*IKa^r{Q+z`RUHhjT%}>
zyiM9_d#$J9ZI@ml<M$M7>h0pgB;k3{<KnZd(U~Hr064~?Z<BjZy$;=Se7IZNCZx+5
z&IXU^-5VjFv3kR#y*zWmT?{OKlg{tR7WUu?{B#yQ;H4?_!|v1=+7L{q=BQdb3!>+w
zKWB!sf%jQEm^(W?g(iDq8y)uY;T8?*ofy9``ZFdpgqrT_6Q9=y4Z#g2H7-#;(AZwu
zrq(ro4?yaFwQ2NK)(Bs_Iae6X7&@34=i^6fhFMuZk51PU&R;uW1ox`3l+)b07*lW5
z^Bb$BtrmcKo0zv$qg-Nq<(fb4-2K4~NO6704~DId*%q6z?Xuw*J*xPwr3dfk`I*ho
zpP(lNA0a4)wkn=*A_xyYL~8M!hCSRk@fUm5Jy1+<3_D207InHFM8QjM^Nid|rI$rT
z?{h5W2`!a+K&+WVp<UqCqmDi1e{Jh&IW@xE^&jr=B?`9Fre13`$`vR_?WM;NR2iMk
zi7<RM2m96QUKTM1Wh(D?mWEMZ*rpHdp957*E~kX$OCxWsoVrA_HRG$!A{1rv=D0Ie
z4eVGTRz8<k4{cP3prhCfnTE|h3?B>b3@WKyIA%@%lbE9WgFuyUz?8p4**dGiyeB!;
zM1bUsrxByIe`Mkb@(!u(`O04)kNV6J8tnP8f7ut-hJpjm^k(eRZ=Z*)w)2f=*Us9K
zYO*l#&@JWWKwFKSs>E#S;sYZ?>u?qaz<O2E3ggjact>%mSACw%8rsy*Snc_oUHmsG
z`vj7>Y7EpHK@!*X2dvM{wT-J|k@12is-Cy^bN|av2&1%Hqc|m;76UHfD}z<$+GJ8V
z7d(fYLy>qGfBe(}0lCDC{9s$~Q?L{_JW_3^uZKZ?Z2x};BX#uaJOxdVJ(c-DwdyqZ
zc}=@2jf^2>b#X2!%}Q|?Wc+)aj<D-drBE9(6w%xlouloYHq9|=>yCoq(s}pXyG;6s
zNt{W;%d6BcTkyoa9<!sbx~EV)T<+Baa)NK$F%)-YsHAya-v9k8gKhD#eFzJ$AU}Xf
zNC9PN<J9x^Rw48pr=Q-d_+Kvog?CVsi`ajcNi@N2oh930aa$@ie7()5jdNTd0Sa=y
zszR-n=XeBahGHq!sytsQ@)V3X27kA4A4l?Ynlv!BSCADNuKIELNzGXuH+k@8o`q%&
zgm1Bg{>@4%d|rKp5lxY0!1mqn@iw=ODU+XtxRAIWSIcDd>g>$PC}9Wzs^1P)vU%N(
zn-V`~E)qf|jUUI<yJ5+c(me9LO(l0Tz4HF8{)^pnGTLQjTD71SvzT2+6foeLHYpIj
zu=i+BLmu82SQ@}QcvTQA1-^#6(LVsPa@Cpkw)@TMm#zB~$FxQRDM0`8Dv%zvs)JK&
z%4wc<@?daQDq(1;ml+X&E0GhAq>V_Vwn)j_G^);k2PSa-A6w!!&bF3!OmBFoT~O5i
z9s#@5slcHecmMmzd9A&AHRW2pW~A}qc#wp=lzta;nd%~}Qa%^*;f!xNLG_t~h;kZi
zA)<Vuq<T-8lb6H|-|_j@Od*0lY?Siqq`ZM|&xXmA!q_ic&<M!av<;TP)OgG=NiaS5
z`#~mMPXCVWDec`7KI&5Dfaw2K@9>VF7odfNFWo?2`g^U>;W}T;X(y?tWn512*sPcf
zBs$kjtpztxJZ8}|O8=aUA9l;Y_{<6t)5?b0iolgSP&CJ6PhkX;D`<>$S@<@WjNBQi
zFOodlZDE99A_rtWa_xD=WJvVX{tbsxTA3922?D)<9*nUw2=vXv2ErC5LX?a=Xfc^9
z0&FPDKxbkk>-)T>1hRz&>6r<)$_?@64w1cx?(o%do@dBswB+dkU`YIMGV`BQv8Vm-
z6a94k36dCp9V5*$Cq-uEQu6qIL|tEXOd(o=Oe*nYz#_IY3!Y~ZM|eh2i>7$3^>1<x
zIwsJNrV@R0RVGYpJa`K~8m*&n?)N9}PQNuP#`*zM(nm{E=r!rxObAguR>Kwyi&}!U
zd2S;1Sn1fX2}Gadt?@Z0sd_^^wE@IK`N6<?WNe=o{wW6a(C9hp8mS8n^5296cc;wL
zkfRGgcuFiqdc^Dm&Yvcbpzv3RT>GgAjT#~AY?Gm;&zJH@XxvUsRC#G@;PSRMSxox<
znze)$30h@~hteK2RAd*}e~(pWW__hzs;S`cS><F-B81A+Y9h`gL26Ek_2sS4<7U+1
zbUI+hAbmvJ1Vj>Xehyj^{OjC#S9sd#lLqXGeq+4TH|u2muwo>?g_VL>ROc*Bt?X>p
zQ$9~#UUq3}ZH0j_G>@jBbPi5XuCTild>a6d50ol_L~87M&dah=k<QqI3ibsfn%&N0
zphK~)_r}f;A|-STV0$|Ls4}QkaGw5JZXEBbQ!g;V8g{g*H&945>G`FFY>VE~0Rte^
zQN<W37UAD$r^zO>8eDbfxW4ANaF7VY*m{X=4k^-S39c4fmh(7-my#7)@+ICkULbE!
zDKv)}8A+h%BqRiHPzRC_awxq<pn5wZu&lzw9AEfw6O3J|^J|V0oK6ahtoTF4c9{F8
zyS>ma=8ZfJP`M4&jk2C4*f}5Js{`6w)=QR7ZJ|HAlv1w5pH|GeH*B<9gvSZ^FGB6a
zOw2wD-tN^}c|NcD>KiQq2MdbB+D*;4o`OH_*S6RHX2>3ArkL+*;@3k3qt`A(V-}jC
zY9{eyGQRH3asMH0R5B)ipXOA?ol8+r9Yv<2wQ|*W)rH?!aXJYO#pkvahXGKmvvTzq
z5*-yc9YW4?XMn7Y=#RU54y@a4$$R9v`I}$?YgWh}hDO^RNr_s^A<G>W<wInSTFIiA
z)d51$uEIjE`P9l-29hRbxzHLZ6%o6|^a%4xUB18-A%6amU!QmlFnNzrSFESlP9``8
zClv@fQ6`&G7rnX8<$mZ$iohGC7qGSK@a<S9zo@X|t9%6Mrdmqfixj_OKl`Mx9FED_
zGHT6*LPjm2lTNLQK)Q=F*L+}*9kG>S8lpumn1+=e0&i-6*|18U8k$~HLOygrWBo(@
zq8qDqDQlMVf(=JDH~dcH`T2nQQ_hYhsDvsLrF<TVyJpc<D#M^T36Q6k^hZTTAi*Fm
zo`an`?R9A3=_LfqvTIgmJab)6DlG{8Zl*z(>8L!^POXE!DrR?3>}fl$MMZTA?eF+@
zP;_~(I?K`<lkN%WeM_sIHb%bQ$!$8}i=!Q*<A;Z&J+dp6buz|3#vI`%C;uj6Qv#1W
zT2;hj5|Vc8pf@JI4J`3oi|dvIhAK(6Qv40yC@qX_5cyAaR6)`5)WL$&iqOTka)128
z)^=_WMGWWni6|eJyELcH3p%q=l&gpF+oJ<GA0mqn(%M>&IMLt{x^(LgiVW7Tw?Trp
z%;WaN#m-W(4B~{j-s|vu-6U<!>IInPpH!(E%%9`x!=y@^-+<~O^l>4$*Rws60ao)@
z_hgR-2om9R`GPU{uv8pz$8bGd55_cDqV>)IlZkg_JRF{wezdnt<Ykz?4(gPt>G`nb
zOjnpxG3({0=F&#YTU|dKnCi920Bq~5wcDb3dj6M~4KD<ByI(^?A5PVmG=B#EN_Mgb
z$hGzQJC>}3DFH%{LVB%rF{Tk?yk<iY?Jcs+<9E1EUk1m5C2O@y>u={m+Vy;m6`NN_
zWzsfeF3$%!mbO}>y(XYu4kVk#=f*m8_Z<-wG@-O#?Y}igpYL{wus?e~xLK9zuj?wi
z6=Tec8QtV8EA~z`q$q4wViuroBQSootwrA8SZAfv&I4;JVME7FPUQYO7lPCC^<qp<
z6A9o7(+ECuh$BNH$_G0!HrW_%eY*iG0VzxH(2JvSFQ!|#>r8D~<Xwwnn?1M6g4bLV
zI11OlV$6c<dYaALNIPqmGo9gI*NC(*r2dOBpGtHyhN8O%e&rMVyBy<uhRU?eI-m@L
zTCXL~7X$JmJHtpeZh0_Z?$;s>NkEgLR1yywHxC-Sci$zJjC*U)Ey=?Nf2vWGV<Ksl
z95<D+&@4ERz<D_m;cfjPmB#u-^Zn+UVwbc^_XV&}|1m```MVeB^d`#%u!})<c;WSk
z@%uE5FK6n|5-MhK?$o&VdqvefJKe66$*(;Z;JlIuW&iwZYs0tFOJWzuJBoK{5emTZ
zc;>*<N5ar@tH+hx%vK(S4*YDce_&o{(M>44+^A%bwNxO~bMwU0I%1%xD!21p7MUhd
z>(05Hci1u5{M%NB`|Tl7$T*Wy;d1SVF%$(&@bck;=qnU<-U6-+OD=XZ{>kI2hU2;q
zK)R#0Ps{p2D3$9O`8~@!`sF%h0JmwL-s+;J%O*{j?=vMy__Z-`NfkFN;K`^~CH!39
z&;NcrGD0wY%{{I!|1k6SYN)=-@fT4U-p8lOss%)k%k;0=Z+m{f;Ta}st1}U_Pe#l1
z@!XFX25ZahjQ@(8)b2KqM7@HYme_JW0xWE^9^4zvf1k3N|I)dTcWxF@{^|O^&FeTH
zMxIOf`U*K#6}{(T9563s{j#^&)M-sKXDh0!WC~TRfvFX!gTt1=SOJq$O-`w_r1M0d
zt^8vYl3f=bU(_0LMvNRMdCY2l^8OmksS_v5(fVzg7Mbtg)sLZ9)$ONqt&g)q;F&bE
zWXmpgUTf3V_S4|UeL&_^`WFMm$u$L~0rS^b#P#lNj9kG;WyqL<Uo-00rnkK(UEN`k
zy!+Sv)L+|J9f~1s{4Z0~ybLpsYav_4U8FHB36X|_Do48p+z!EUEnKI#N1Zp+u#fI8
zyrZM7nz$T~W52-LMf>58z5Q!sfRohDPgrx!*AFX<%iBWmeB;yppT&UB`;N4Q=7gp1
z)-LdDpdb_=>G1^l_I(C`ct#Myk18pfIBzO*{JZP<WYVSI=eGDY|HRJNxhuryhj=P%
zt00KVx7l-g&4Qo3y-tplg)`gtB?uS`z4o^C;N<oC6?ahZ_C<-F)v}%dOzJ^+siigR
zg0Av+y;Y&N@QBp=HPxQ!_(K||qxr27a+DkQ!&Wi*cN66-o`L3dFX|j_{J~zYrq}km
z>!$&nW2E;6H$(>h@Yth}HAinX+@iS(Pqy!77V(9TKQ;-Xhj1R+K4!YTZB?`qMS=;Y
z*VI?c=8C7jP+%#buGcgGb2PL7M`6f4FnSvaF~+F`I0}e-HQgrev)@D6_`MVsFfDR_
z1a@G}EDSjYcZmL?ubHf-8#<^UKuE7h>&!Ens!tK_q<W!paf0y|^3Y--f?xiCyZBm4
z(6Vk{y_6F0^jfBywe9)}%B@cQcAPK4Mm^9uoSpnCWRGEJfFBYDh<Kz2+%Ol&RlsS8
z%Y8rET}o~e92f|d=Jgd%1o`H4sCg{nIREGPPx{znlKAh$54?iFRAP$|1n_vjwq3cJ
zkLXr)t=s;B8@H+v54dbe@p0IPWI$wXgF(Xtzhy_+;J0sP=kC4>nHLZ*{|GPe^Xf%0
zNUKX?H9)^3FaiL2)`5UHKcD6EM(Y%6=uinwaY}e5RoRd~dIuS2+&4q)B)t?duq|?&
z?9nj<0#qjMf}zIVGqrkqx9S(HxhE?6L-F`D*q?4G6=4;(O?)WVZ`I?|7A73=r!PuG
zObRc1=NSIV$1FsfYZsG}YOGA8bsNK1C5P@`p|-KZxi~=l(5sm>WVkP`HwAnI=W}6S
zo|oW&7+T=1vj#*WqGAZKY`sIO27j4&m6RUcL8;P+w8mqy)M#a6o%PPV=O+v*X3k5b
z7|jxAiUTg;(iu6$JysLs$#+H05E!)7SdwTOvzc9=O^s)+n|01H#*k82uQgZBy59=R
z12aoE1Z6;OXZ=c{iih;JfHk|x-`YtznT*-ppj<^5e2Yiih9P&-i>SrICA(StihnT9
zMblbYDF_?P6P;CN>&a%i_CaCN(!S!#7}i<Uq7gB?mA?C9mzv8x+>pnY|5-c}?hcQ&
z!UPG7Vb-m04?S6SE#(krP1D#n+x7m5+bZagHNpTm8Rm2^s-2XX**RfTO-TwQ*pB-<
zr;3tawF9&97s1}HI4%ix;KeItgzuDUBI1!LH$08y7Ms<SMvh)Q(>;bY4v7m|BNoT1
z<!Q&U`fWwl-RT$JBvPNg(O;sFn@n~x)RjHkDg5v-<*Mq-kUs6~72^Wq$P7Glqmu^t
zBu4-h;~~m`gfi44C<H-azt+f;5=#!^aenf!Y@W|Stp-7k!wO+TIPHhHrykovRVyRi
zwI;qo5=ZW~75$)4s=W9XryEIREWvG)V;8A#P=6WdVYPFYdZw85fPFFtE@mn_rXEIa
zh1S!R?6;I(<6|%cGohpe+s$Ps6#je(9pL~W)kz_To*-`0@z>1<^w-q^iKwLkWS2PK
zV9RZ1xgkfIoz5AjcF^cO1=QmmJMI>zlY2M{ueVmi9osuZSt+kc!un=HStD^RWI5#6
zxe(+SY?ERj1XQ)g*vE%|S6_p*p2+alSq-YBlkbf+N#28o)Q4dH(a}qcgi#;2!YGhg
z8|XLqo(JY*d)i2s*@(etWjzqV!*4VAFA}5lt+BMx7CQ#v+f6r;Q6K*YWSd;w(Jd01
zFXI@S@aP@c<cT}1OJfH#URPg^>6ga|ng5#BB|fA*o56QJzQ62ly!@t{-I6uTjwWr`
z(9iqd&}=$kw!Z%8ld|>4_&vAUPEP<ehzm~KY~htu6ijq<GPR&CW{t`4k|hWOJ^Vjo
zHcJPHV^o2po^Ub&oCbe4Il=HEMz!Gkd#Nko&%#@o>5QFf(3^a_%{&lVrd~V#RlugJ
zj>1cB%3Z(z4LA?#0T;%|)4o(QhhFeyUs>u9tF6hdp3)D~T(034MxKJ4!w|q_BD~V|
z2mOGR0_G<IazhXQH_)gJ#4$3GIQCOlOMn#vZ_lG0-=5SrdtIr2w~2le+^9+Sr4Nzw
z5n)BR<&SnbcdI=Crmjc_h!E55^GMNk2<$Y|U+{Qiy*^q^r6wFyX3L^U4ZUR1kwLWD
z4D@PR*j^9^ZsE5_=oVX?F~IG3Ib0`8ltyjIKdoFZj^hl%zBi=m*7XvB#J}60d&fBR
zyuW<FCtu<tW{sO#a;(tc45}XkvZlapD%YGAKnG`d(Ulc!Qscdy)LB!^ql%LlK1xJS
z=u*o5Rb`_tcK^$BCj?BNglE*QsMySPyjh;z{<DcQ9*yguVnJ_+2!IgTKQyNtaeu>>
zn(#L{zqRA=CBrQ6IL^87KyxP{jDBJ0=AfC4(K-|2<6tAK4N<i>;^TW$x5qnWN^KmI
zGY{|=&wuqZJ=Aty8L$1;U5;>y_XCchf@jxi;w=+Lw6fe1e|8hidD0}m-44Qe9`1BZ
zsM}ir*3<Gr35>*^1VEyA3ad-C$Fox8Ny%6jWD^<49!d>8I4+jBDiZTKrLomGmh#CQ
zM;^%z8W~Uo;YYt*3<9%6QBNdNog+lu3{v|KRYgg@>MC;G8<au6s3&8b#C|Khr}%#f
z;PthQHcfF8L&qdVTmI3ymto)!JzPU}Q2$BF2Coy<@dZQB0&)Bo(^+o&7n~KNjD{w=
zBKNm-wT{jqL~|p@s;zAD7ci;qB3IY9(DowC7+jfw18Uy;FXLuf_(H#=7qCmz5ZSt{
zb8v@W!Z?;wPAjQ1<3?Oaj2*pb(c0t;nF$bnGTB>#%|KY#HlTf%p<J<_mWQD`RtJCm
zG$e21&}mpj2NwH&*Vq|aBX@q>w)eU8k=BwqnN|;u+_*I;gWI!0>M;xkT~ktOR38!`
z>_?Uwnuprp?NO8!+lgmnQMzxBh<ACSOSDB|&oeG@#@4RIr`0*0F3Yok_qBHLBQoed
z9Jy0E3=z2a;av=x89sZltpzmycZjw%FzJ9J7$pE@2b{(j@fx;^6WESKwy(a8k2hD+
zZ=_+l{xak%fkro@k<x2*TX&SX=hv1pnG&t93Fj?ng|8Pkk^fzS!~yH-hMIMmVC$ZA
zaCLC_?9<e!b%*{J-aU)2oMJO>fW-w2#w%ZkvEB`V7|WncF$sT8i^?u0ZtG0FC36r1
z+Af@61PE7TrE%N--AmVQP9blPYjjwuiQXY%hdDPe<;yd{Roi<FC15c>_~VieOVf+m
zRnCv@gZGI5r$O!+jQr=xHsmtI!Wf~|3^MGADNoSIXqc#yep}WK7=(wW!-){J!%bFd
z##&8i(ALbe%LIP#@)~oWns=2$bz^FmX#Ma;FTj56Pab?&KC*p7@iu?PLK<rJp|H&9
z05s$=uNYh&5;T8~%03$SWmjp`!)FT-aml#bpeX40WiIs~VmqK%WDWc|`fHb45t#e2
zF*+n5pv_cWX0MkF(L4L;Na>!{7jq8giw=FMRv&68U5w0;*??7zK|dy0>pi16X`{U2
z2+%UbOi~amCw61T9NLxf)E&r*;GNK`4|gbT4lAP}JL_FE8fv_)rxN!M^ST-Hx)_P3
zy~@)Hc+-tH*y_USMr3~UWOcw!w&!*&vY}d?PD`?M@QbQfhsXECMI$u}R^d?zOJ!V2
zyN6^bBo*3=DJ|f<lyg%Ly{I-&2!?J@1I+ly@+AU<Q}1@DdfC~U3t&+hobi1A0w=k)
zvujmo+4ah~iSW9g)Jw?&KTOpXHNWg1iD4?K$my0WVaiuRi<OUYOKl-6eu5ZHJ{-SW
z$gpIeJu(Ju=c%+femQp<$KFD_Ze(hvTTXmLFIzWUk>W@sEtYkbuyga(?fx=0&_%$F
zx=NYfl;`*B1Gw<;p5Q{cy&}edn;%Tkt+~e9OMDv|FuyQx{idt<5KcH9@EX~_41y`+
z`9x#6%z_dvmxJ>hvIe#is1{j<y(ZBqu?22OVkEL29W=&PC+LSHbWLASGdo-GW@8ck
z?MlebbQe05TH)oBq}Uvt7GNyr8;&s-w$kH<Bi2Hw5wGQ;BfE{jsiZ0V!J(8rS;-_j
z|G<t?!c3%E4F?OtK5flk)u^no{6ol-=dd1Z-W^To;WtL8*}Zy<YU$Cy_bb+Jzc6rn
z=>Ry6Oz?I$a0*w`o%vErgeC!ZJJ^5y+05jGO*(&T8UIF7d6V5y07z)q3=m@FcJy%s
z96!-8=eMjM3Tq>ggVv4}`Ag;hBaNNH+1W@&ChO#HyG}9ub!*%EfpCK42Rt0E(b1nZ
z<@ui1CS>{@3xe(Ly{c^?_B8tS|G|Xy3%LvN6CT+fnEzMaB(jURnQq#t^I+Qa?LCBG
zTKJ_>yS><}GkLQl4tUY{hoOH~E)NFK%+LhU#QbErsN&L3Oq#2mfL~7GxyowEz7bAj
z6C4?Q(P*If1VN^3Z3`~_b!_b1Q^)+>Sm@on%YWlHyZHS_NvWvi{U+FMoV?M(Uw7a6
z%~{?zYyF2Cis0AIjxHa^k1SY#WA|_mG5hBC&VmIjBNqDxkgKc57bRrHRpS0e%rZM}
zmL7bKDAc~m0BQL~xn>y>lZ`fe)1i;~??x;C^ZE#!d&zY4U0W?JjXlq2JZqwaWceV0
zjv~O7V5HBdhEUq9PO8L)ZNO4)Z`fk1OntJHj-Gm>{Y&o`dB3wb99oN<T>V<U#(Lc~
ziCp99N~pdK@EzvgeM=lg9DcaRU^k{qsn64S*U5?ABC8ph8~?e=->W_Gry;55e-eSH
zV?DbMJFk;Hf?bK8iuo0ES9+f%c7|seTta)o!FDgd0$cf(-I<d0u%=YqJ8*S2ckP%h
z!mC#Yadva`HfJ2~pNlfGJGmAy&p6S&bQAngIAmsr0B1cp{fT$yf{KR56i^{OF{ZQ1
z3-0qCqfBL^o$y@`WzLihMo3$sUX&;PFNsO)0;MHR9{2-juj}};)Y`$f$)3j^-QKYQ
zj<`P9-}LE%9@;yR+ve>}KH~;le9*UKYsMg9hs2-lAQx+!1&*nr4kXA3d+Pb=P4Hh<
z3ar5bGF#p*p71EQCo!LQ4(3Uuz0X$t9tu52&k5I;MXXd6YAP5T!W#cAAAbv<7^ZAC
z!z*Ca5VHg+XF&%gZg@c^0%2eBa63XoVKED3X!7kP-MnO%jW;?`6h2<#b-Eh5Ab|#!
zlJIRO@hE1Bj?!$g#oSI^;H(^~w{e!rj!++1xgCsVMdD6nfQT)(!&sk>FM75$KLg)S
zYaC4Peb_Y^c${2Altsl)GpS6GxB0hsAlA^u&#qa^kSm)pi>u1(CPK12*V|qe@rt$P
z@x<~wQ#g^oAfB3u48#?sM-^tw@RGl4Kv97vY+q#byPcF2(@}uwx@|C}m#?krz75dc
zAedR?wu(hTgFd}uHtF~=mCkCgT;WsfhZbUNuyOM42DN3NxWXw2dFa70`lUAd0e#IC
zJIB1HSqsNm*eV?&F%;tzVqCgQp=$fM$4!N5#^rr-jldtoj6dgx_TNQfIJq@DWW%}4
zHpo(@c1l<ALY}nv+;egSQvPU|MFb9GMj^P71}*2aJnZ1BTj!YJ)-Y+k*(MpWs0NG)
z!yNH?zH5jvfu<i)bUVo%qO_>fb1(n*TxSzXM05IwWe#+SR3A|YlonkT7p^iH&Qe|R
zWeoGrfeIx{+Ai$8z|h@J`{tn`f$Di}xjQ%J|E7A@WOW7?t1km@Zs^7hK@A(q&_hX`
zl*fij=MtspKrtXfjk2X&rU84X@S=$j<7-)%Wb$Ws-<YT5!{oEJT4Svb1wpxoxt&~y
zVx(#zrrNAeN!9Qad~nNAq#+|H4D^VNA+W<EY2cqG;$qrT%YRrj7m)i+QJdGktVGyo
z0fh7q0KVNb{xnxtK;FkYaQpAIBBc2~4Xt)yaBbOQPLjdD0iV?*mYk$Zsre49B^~@(
zt+G`5KI+d^k;ah!o1v0@F0~VCVu1RL;}UFBh7`9+p)2XrH&>eUi^;?}ZHR4}>CgFP
zM!J$Ez2#f=zn&;I_@gnCAoYETGq)U#@Q!elI0L)^uOawz8gj`2kW<o>5`3(RWy}<$
z(taFc+RvZ;{fsH{dCpfx!Toc&+61Qn&K0_B>-+s}6QU8OiF61qM<xr`3N~ILWt`iB
z*nKJ?YN=hstA%7`>kl!F$XcmG=47LQ7F~2haXU=S=x6TU@Bf0;3B47z0!*wQZdI#K
z4rgDaW-$-mSy*Qd0MVvv7$L+N*n5#Ia+f3s<NvOvcvn_pMd<oQvxr6e+P$1oKGtn9
zMWRpXlW{#sPA#*c_-dRFG+Di_iR$hnjzcbHq~x=hpg0^4em1#Ur2jN6dDtnCOo48!
zYM+n(-SVS5i#4z1wmRy&(XL*E#A*wV{(mfd&HNW|kjpQn^Z+5Pd6@Ro=|k<{jeQG6
zchp8H3T=bP^kMJksRd7AMa*U%_2%O-9JG`@SKC^%5G;PT%cBix4sqi=?6?G}p)wP(
zzG>f9&|EiTdS+x2%EmM=afoRTRGUx_nG1N&$C|Ei%z{gSHm<Q;hQVQom(t1DI?B_9
zpzxFQAmo3fLx5BO#@Yv5=to`f$E+=ov;J{$jGKpJ)Q|nq=u$ee5MX0F_p%4sl1&Y@
zuBDf88;^brqx<T=cIEO%C?k#_-@t5H1ihT-oi{V4mks8EDo_K&OX^pl|F4K%EJAxz
z`m2>eeUq6&FJgjcU=R_OfKdJBOpUpQ@?XPpq~dpLAZys29qaAy=Vu(yGvUwfKY2S%
za(^^u)2%%5eRtoyjWkwKhPP8n(E#Bc!<QvXVwLpC!vddUA{%W>TS)!Qfh%uRV0cF!
z<{6XrxErC`kMI!Jya-$_cL;}7kzDZ1JMLvz;7v+TV(ZotZO_L#1L!JE1u^BDfi2aI
z^X(#laBSq#%_#}L$wu#n%gkTPS9ELBZ@*d-e?f5?H5~9*s~*e+J5XNfqzy+?%^)rc
zBIuJz(D%qr6W8OEGgc2Z`eQAQhu0!EQ)!9!LeMDc;mzmczjsszQ-6{)zMu#^XFx3;
zZHI@PeHxfLTugCi3B~{PHc@HY8;vFKy(j|kcieNEJYZ!RA3`0ApvNd|-5KE(i$E&O
zYA2Z6#Cs6s1n9-WlVO|i&ImIivoS=}Pe#K<L?19a1(#7mm-SLxxRORn3MRY?ONI<<
zuODjsIGUmJf33xv30h(n(Hh97lm9K&jenOJtN1GJGw;(L#c?mE?6z24mYEEGnzsh-
zxi(b?Y|-)b8v-f12JS4~T7GEfu=ag_;v%jf785$FJ7nWmKq|6yvenmIXN2g~$xj`I
zx1gfQ&xeALQ5)JHX;8zft5qMaQrd))I2dW5l`u)LZaJ%QeY$1Q)?>eVI5&JHW&5r>
zXODr+>|oCYw>o4IZ+z}U6PrhpFFOc0Ro@17{GkSed7;{~2Vv)MHMC3RSQeAred1(j
zTI8#1924(REB|H|36@^Nk}WSn(ASIF<!<{6#tOfjPAOLD{p$UhsgI9g!vF1fX^7^1
zOUF&W`$K>0?BdPV;`6?*>1)fueZ6d2-mh=@16_3kb-n3!Crk=g>fUh6r2zmoe31Xa
z4vf^1Y>(U{1$aLdIlkLIA|s)Cc<h5kDwKtN8Tyc|J3cm@Xg#~l2)t6ukV@LH(d5~|
zY>J*;49?ayzW?>DK3Oy&gV3#QG7wzPJ<A}4A<+4}I(~Vp_Uvq-ie*nwVGxF;xaKIx
z!5HR7!5&9foI|OyM8`#_8U)?Hv=&!}w$9SDI7tl|!_m7SAf?vo7`qD0QC7D^c{fu0
zkGJz@*jw0;9GU20x^z{U5p?okBIxE8N0;}e4XwdpRBf|tBLygf%y8LR9S%}<S33H8
z-Phq6LL|u;VukgI&^y(JS3-rg!j0#1fo_C*@=EMiv~oL$hk4WRd%)Qk>%kMc3%c^g
z`sO)o`ea&tR~WrvfcAUvidujx%&lYhHfc9=s+`EmT<u~v1tDu|(qMPVp7jH%?z@aA
zwWb69KchqfOr55e%v}Mbd=zh9n+=Dg9zPSCxOuCF;t67qwPsu~QvgZc4T})VhEHDk
zP!suZW`$%#1j8G~0A@Ldm8LNhoC;MXb_E6~L82}8ON<)ad{5=jmt+pU&PaE;V}j2z
znA?hX&2R6sfNk<CBO{MaGEdjYJoPmLBIWlU-n5_aHFM;}Q3vXB=ijGfFQj#ENs?cE
zdBGoocSHoBS55dJq)S4a^)W|XWNdNzG&<w{6POw<S2s1z2U_9FC4Y(K$Er6eB<>q?
znSZojapKJX$r3*4mPBmRij7m+`XS9A9Ao~+T~AwN;yus#n=h#sgvl?qKu7v-H!cgy
zWakViA+8kRr4s0}Lx&KZ6dhnKF_fH~hiXp)p7=0oLJsbEwT%Y5=O)80B6SbJi*lD^
zy+dH@4X(bnDZpQ8M@up<huAntxQ3msf#5tII#5SjOzz0+>=(2bjwysUbW?=<XZ$RP
zawTtsIk$CCDvwHJHOXN=kHsmD`CEgYB18u2=>Z-aEZpHVy0$9BUjvRnsO*LeF<-$D
zEofJ9b#Rc3k2;?XaXqB)81!NqPK5_1BWXs;8hPcf0wg?|u6!n6m@E2Y|9GDX_4xFC
zVveSu%F1!FKD_*Pk9fqo=!Bm|CfkSsf*7W$p1SD7dm%i<pNua#p$vN$^)s_z!L^Hi
zd+5$`;T8NqC}`1={E+ib@;M1JTNm^^Vk3PBy@a%Y4Qg{qeg-3)nqd8dX<B{1eHS8I
zyEvL%VA-GdSzcM=W-*MW6ElQvrfYy7J}ZG|-qnRQdtN7ICgcbo%2f|WWWrZ1^x%*p
zMy*4Uozpzl5EI-7%LD@@FaV>#Pbn(`%tw6rrh!t@mm;JB%2k~H|7(VGg15nXYuIqQ
zWz6%cn@xiGvnyh_^SKF~zzoF{F%L4bXx+dMi9FV?FjnT%RT6v;2qdZkGn?2FWDl&P
zwKVeB6=qfi4Y6a8Y12MP@ERxefBa{H)Q0Y5Gk*0!p&J%>#k@>>)px=F+cQM>4_`S$
zn_nv*aWdn-cLQ#mH8t%s$Yc)h>wEDhci*tGV`yRLe^0e0W!2O6+WU+>bx&Q_u^E7q
z|I`udjn`h`TUb#byzax}rN7W=Q>&CchS}WN@+IxAIhVqKHlCBU7(@?@hk^#rJC>LI
z{8=0SSwO8UuT;iYQ|#s`Cf=(&#832sV@nYz2R>tl_@1r*e5rrE!n%ro{(mPTCht%c
zo6>79hcI8+t~kms%FaEioUP^vBLN5>FKckUH0^lSuQG5#9|+a)QX6e6eli!@e7{-v
z#cC?Ook;b+t>>yik_eE!uHyZ;EplLd1UD@w=1?2y<n3Y#BUut^iIUm@Z%SCALM#1l
zu;vzF`(DyuAf6U@;s(Bz{3`BAqR@N=FM|9})kd8C6g&S);OS#*B_9f<1vt*G!bcxH
zqFFh4<}r0*4@=PPq)3d~pq?X&0X3uN`r%#VgPaQ!<Zz*!i$h$~v^v*FL3lk$WC~j)
z^Lo{7jK*Km6itpaw^r}jND0cC&YVNk(cMq};s4B}{j&7qiicl%zM3~KA0-)DLrGN3
ziu_LmBt0UB3lP2>hH_U90m9$)(8EDYu{?IA+TfS9F8j7Lk<chear$lWw3lpfZ^WRR
zINfslOrC|po!jv;YEKq)eYB_1`Qts4wGVC=^+wgMj_ul&Kj>9cS6V*fC*DE>tTIO-
zBeYrZwU6D3Lnh|VLh4~*)%`DZx9t%I0ZY8F5{CVHko`TIk9?T~;$vYf^K|=IvQf)2
zH|T<ISo;lXpJFnnz}`FC?Izy8u>Lf_F0?jR`#^d!@@ejh%ZGpzW|{HU%HrgRg;HLm
zgB6Cs_HsL-n+Ec{Q4Z@pr;i~#H{<}@&u8`UbEh7O_(*+xNqXx<3G1F8-I=TgDvP|H
zX+s!CH^WGVT>X-;vFLVF4HBejVV6+Ez);m=<PE)bR=*W{H}8nrfh?<c0*g0-3}+F2
zJ`XL5L0C~QA3TZ>4n0rO0Mw_6_M*{r>p3sXBUOPi$aSx+hRUcMr_GbWB4<EuejuZp
z6leZSuny|j!#kW$x0<e$IZuUK7WQCQ6QS?E?X+1(Shtc9hqyDEYSu?*1Dyd7A2<4Q
zmJI=|+eE|j5&?}ypsC^XkdV0iqoS)$?j$G0Ho(YVS`iBbtXDUYd62IY5&-kV>AWhK
zYoei21e)#e_NY>de`L1Sm=%c^HaHMVh@WFCfkJlhM@!YE|A^HpL~0CR#|3r<8(ru>
zJSuwBF&u3$zuEof_-)H=)dy_9)T-sGHuQLMcIB@=x?lfSRZDAiAeO~TtiJ$TAsE~`
zJ>*Eg_KW!N-zDmGqs1avz|hb(o!-Emg^2r|N~o}qc(3=cnKnsrjRus}uDFEY6zwfS
zv$tf!Sz4LC@vhvXs==?AiQX{RRUawmg&{<ZpnO!t8IF|_xzvM%zl;DL@$=>fuAgVC
z((G6xM|*bNPapSrJCrhyXXm@~UP8vb{q-8W#_Q3D+ZCYVPZrs;Wh!b@Ge4mN=S!)A
zCO<&(wZO)3l-tSb`Ka*z{^dHY8@n`BaEj?Rgm*5pU=8!2D=%FZT{OqCvP4yNuRNlH
zdd@6kP#3-cx-GEGMgWw=g(xZxd9KR(Of_MT%`H06^mVo@TCB^1<K9<7Re}ei5WB&o
z!nU7dgI_%-Bt)%bmm_Q>_Et;}$Q)(6=6sh{Alyhx`Qa9HTRGJ4+(S_xy+PfNiTr)6
zzv)}^#Q@un-=o3Fd7U2)xW*RJNcf<0%yIk3nom&Eg40ipTmqDv<4L~3F^K<H+3C>L
zcp6n3XW_PDbkVAh-UWikTEwV*(KMct$}B}k?uC8InVwK`L)d;fcWeP<m-8@{Hc4E~
z>WGQTF)lHyFR4#n_;oJMtpXySvf*y`Btwnm@2LTN495G>>>?ePc0&$3&9Rb;s`m1q
z#1h8m*a@0ToIv2T=QqyCX|Y4KSXLB^<$aT=2uWr)h*VDOsce$b%9};1>fwcXD&kYP
zN+#6FLTWa}p4xLZUS}m2@?xIy#?rs=(EHgbjWk|AWLFS(B6Y`<uq8x6|E;*hSptPa
zxKveP{9Ch}&a^sPxn?w^QhMu1od_$zrz-}9Y}8Kt0vN<RxFK^8DH0s-o5&UT+sL!_
zqhY-V59XkyYVUQ~Yp=BmQS8>kYYmGdBe2iSXfgRUsB&4>C1{?>;PB@%&xsgTC~FzA
zcGe;c`yHK(lFfl7j+rq+2>F7ycsN#zoP1!1UPgjdKt`UkyU6E1N9OQuj>!WY$7`LI
z$ReAACScp6e?XW^3#v}`ubNU3ez+d`vo9&WR!cTcB*KDwj24TH`N~Xde({CYtf~Eq
z3bul--5{7r6GcDh;@BSyLRT1F#e351olZ59_ZxTah-O=N=eK;aG$<+X@U!mbsQ~v=
zQFU(DY&>JdB6j0U?AtLAi0*%+d2KEgUstWj0yRg(>=joNGJji7?>y&4Fn|5a#4ZqA
z;*3bQtiSHoMxqRzx9K-OkLvMfkIl5%6TEDJ^{ex{L8a}4SCM%(|L+FDHg=_lt?FyE
zS`)_)t~52|6~tQ7wb74#K+9N4Tsf8!_FU#TF5a+Nz?PHLWHMU~Prc`_t(yyJXf_uI
zz9YBD8PkJ06_HI1uGR|gCco9J1?GW)b#7iipnIxj;h^TXBdA68-S?3SaO(WN%juYK
zqHMc*nOiSqgq^!hA_!heq$L39P09>~mY}rJWF+>_n@o1|99DltS$LB<+0dizq8JSN
z1fInZmMU}cDTEd|QEPbzO(>o8vveYWGr|^i-7UYd27p}p8M$h)rwPTBCK(RO+*oR%
zlY4{K&`fW^jw{A04G&$YPs<p{Q>9bNm#IP`DLX#T#lY<i+N#v?d^jm)MASsZRWBsc
zb+<#5+{OjTh6Zi7B2zYqc&eZLp!rdpr+d1ZuG|#jVzbFNa>7<&#A;HZ0r%SUGpcF~
z#Iw(qqSU=w1H(nF(&677A|f+;Nupv$)ys3O`!@fx`4(TF*pF_h7(UWUbg_{@Wy-U;
zQ*E+2pK#u(VYca3Y!~uP^(M%5!E@aFXfAp=$G)>2$_caaavGtPxFv=yvw@tl8q@me
zzd7=y$p<}yFJF0tz&I0|4`4|}?YK31<$cmZko(i?ZFyBmi!h~Q=1!sKB9DR#H*m$d
zu~$oEr7td8*J&f2Qe85V0Od?3Rjj_1Ce*x<RxHgWm)kki)T=4zyCf)uC4;C)@n;ap
z@2;+<z84bqHUA6O)x^afk!Uq<J)6KW|IsBa`k)KDTO{9^2QoHu3J93sg&`u=x^HA2
zD@k1vFr{kMMOSZ&;gL=eeYD%L%m|Pf58z_Ja|Ah*6xuK1V43I-|3dx6$Lelq-c5uh
za3AEY*zKMjuzOf9rej)w8zBTrEG)W{bJFVET(3yl^-!Czd2YtDj~|vw;U1RlOOpOz
z^+w{!Yn4VfE1u0BP<I>!5d(JINy0*$I=iQv449#5qc2CHkU@L(OFK4D!pV59wsAo#
ztj9ZEa%xg*5D!FR`x|3fBqXmgYIW#2=(OxPDSzOf$!sV6N@2WqRv#Dqk+AqH+Nmpu
zMZ!+S-_driY%fT=e;)#Q`#~Pr<XXWe9%lX^N99Hll@A*DZECL5__3-Rsg(}*!EQV!
zViGPAvk-2z$})O7?lqLzIAfzs|06$-n<|^&x!qK4^QfcTvQV%E8UMf?+5}|m(b>{i
zB>rGhMioc~v65Ur4NU6jTp}K<Y-JQJS$vtCi}7*2fb$zPDa35CK;%*_F@vzke_n3n
zdf5FpvJp_{I3w7>4=dd-w(&Vwo{Qy>QPfwv^)x3`9=b%Z2B|EZMR73%@GSY}@!-$L
z2PrWM8@gz1Z>N0s#!UyKo{THIZgTB<V1t}?8LXpm22bnb2hn#T!WWL8LHEG#TEIUv
zz#5(>nqV4inb#SQxMNYYjiWr30s1m%;+LxcJJ4qBvr-wk(rmMzkMMiX9hxV4qf`VN
zAA11P{C3pMhD$bj@n-jWioR)+sD_J3SlkyUtER8w!og?!^;B<C$pwioK&k`cB0%Uc
zJ|y2V;)xKnJn?fW6IauNf8~W%v`X#<2M8ElTH>BLQ9JK($Lu704*xB*>xmE)wOV0`
z11?=AHP%X#5zh^73_~41+pmRe_^nUH!~PuH`CFF%Mslq_h?-BxpjTV9G@sdBsQxZK
z5MC||U-KV<h|j@y4S3fOU(iW2N!Tr(hF1kqZRcuwG@_cE5~A!+*ve@+sN))A;!85U
zGLZuAod$#0;~Tn?E~5)iP4YHYQPzP4z>wr>#?h2>SFDzVWNC{1U98H2`$8mGa(?I%
z=C%iqnj96a?8_{9(^jovs?uih7m>zZka2S!Nv9D?X+6Vh`Kx@_lQf9=*;=-l{|4hw
z&YFbdUF0mAL}IVx?Hpjk+olO5Hyj-O@cM!lS#YN4(3AXDMA_6hPKff_5UCyltTcYB
zX5y~U(OWDmG=Gb<&}$=4*s3K<RN6!>^9U8Do1iMY4bJ$l`JN%!=_+pQG8y9(w><u3
zU0}-%hHLb92Db$n0<4{2NC^3yND;%lvwMdgjZX?|U%7RER34gBAO5&M>=%{DB}I@S
z`%qU%CAJIPg}4p>b2i~@js`J0ptn6<nB?{RlEE+GIPTEK@M5>b8S^LV4W$4_<YBp8
z({cQMv)E?As=Hb;p7`+zmKJOK_32nt4uyY|`nypl$Yp}*kGU36dgyIyxGg5gMC=ef
z8!{YeW3Ds@VSDYk(Kn?0`svXXbOt)1n~wAg3C8yUhq=w%tt(i^IR{+;@_GOlqbogQ
z<9vV~H)=Ni>92Ui5zbPipGVTXS@0U+aU7#jKWG#(?XiF&N;d0kmU*}0<M^7jbv!~F
zX|vY3(!FLQUJ?@%a>yBV=0D|j3r%q`|JcJ7qbgjaq=X+^6=Gw;Y<-Ejs@d?^=c2~)
z0|`nB23C}|PshdUGX4UV$ixdeqU7PD-$Hq#8>_Xbd<yQl*+na}YVtdkHrd%%oVLqf
zH*;jIsQq8-Kge?kTs?81toy;~k<R!C8;Dmk2CV7m7*uf^m0{eSj$9s|3Z-;rqMF>g
zxp|%ES(ceaq!*?7ahVSXv(Xu9cuLs0xT96lzaNgQBj^*g$Wa1zu@DLCiaX>|LsMUd
zoE1#*+NMM#%wP65mlNnxhN}aw)Jvu?WGhY^r{m3M_v&ic^8)n=Sm`vDW9!YVCpFdB
zNlvrrq1l`|16H69N?3QwstCvEDT6WVV`Yp7F&>T(0iRPH4poQm$E=%#oH>{ov0Y58
z?xEjwX7@M09Tz}UZ4+ZBHRz`Ej4<cfEQ#i+JigVO!O~`l^9*uKLO_S7wviO|_~O$%
zj;gg#<KN^`NxwdMu&l6faog7&LzHY7ibo4(DH;-^beKepdA=oaPfYCA3iK*ATP}*p
zF<C9BX^07my4<>B6AMS?EmWkaH)v<ulr}wQ6m6weRR9cdB=Zwg75fG!JxaeazJ!mz
zHYK}nt%<XL{)Hdo@Csv*Pg>cu#<ogGrXqMB9A`Eo&rWM~{kp5|4whn=H5)S98HFVK
zUR<+|utCrwM+P-(+j>3;mF!dzVLn%+ao^74M)a6yCwO`B|9kC%u()e(|9PFdd%H%!
zN>vJV-Vj%-{A7P#ekQc?|5&J2@p$U3pSG2@fCt5PQ!7qs<!?|#z^tSRdD*nO;|9o4
znR~{%%pE>iO_3`O)t(j{Gx1B)>2N=0F*c`UVpK}fYUR#dxn&JJ{dVTdj%tMSVZs|s
zt=|EaKZMjwR!B(NYiqX@nikv21~V(kELgdmCW<bpHZHug$`drkyO=X@TP$$~)<?lx
zEbUL5*S8pv>dyWHoP>PL7+BHpbbnk1f}-RB-eWvsEskt>XtygWlVeY+X$keiQJbs3
zt*V9lE#W5x4e>nY4C$cc6Lv@pa%4Z4+!#zxqTCmUBAOeI1*tIG-9PpJ`0UaijH(js
zFu{>XWi5?B%N1RjA3PoJ(4tY*IT_~W>d~S$MNuYTOwa}<v*~I7M3DA-Ng>{2H#1vj
ziAved;fEku`y;5V$3Q(;?dCFIM}cF7KSW&=RapW>LSO6LLMPbg8IM-|1MUKh`gBG*
zDgkqYIqrz)x<X4(&9aL)y`1U;(K~KPK)DhD;7j}*9s7OSs`@+->9FUu$PC#C8Vl6R
z(oJ>6P8>Mc#6s<`=ne9buuFQ$T0G<r5}JAs9+=))c@b`{=IQ$C#Q($X?&qtR<@dBf
zHcLK+(2oK}$G!GkyGVU_$)JH2l6OAeP(-Ue!*K7`&C2Uc$)MC~eo60Xqu$V%5c1qZ
zR(;k|i8vxo!I2u)&1x{f0OEjHdf)%Y(KQ9e)otOJjcwaT)5dIU+jirLZQHhO+qN6q
zyz}3uc{y{=#@dVDxAu^qW+r*T2f!a<&Aeu(+v^jml-QFrz@%j7cN)Zl(&4y*I=xxS
zE3YdKL0h?n-e@Q5A1Q@&jN&p_AgJ2U$tnCg@oa*Y(Qs1OHLXTJMPZ{A2_Fv?RMeT6
zYQjhrJtN3m<Dj;Yr;>qPLbSJz90eB$--vdJ1P*XzHe5-!&yfVC>OK4h5R5ldVs|EM
zu5(Pk_Zk=p93XW;GpxOKWflt2Ng^VP#a#{fIO;q$@b8H(g)F>|H0i1sjijQ8S#U)>
z{B_N=k^_#zcn9?lu$Rn)@xxw_7C^Vf7ZnE;6fWD#hG6UZw<Yx>t2)o4$Zgi3%hSJ}
z?)ESJ&zQ2$W2Sc?v>4#s5w=%&ZM;yp_tQ+z`rj?6l)7N|P<Yw3T)qNKe{$^f|HYdu
zYc6ieR-~f6X6iLUXt^u4uwuf$w3vD_txJ{u2qL7AO;3;)IPO5vU=d_YE9H;zO2+p9
zHOQY8@&wu3{dhAkGx~8!Og{#nOd%V5YKLS~cZ2lJVGAMwxKq8eykfvbuD(~Dk4Bk$
zn$(xzKwhVv+(|t=mdN?X$_O<iECyWSL}1o3m{gb)yPtmekWr$XMf_IJr#m=>^<|j7
zL;Ct~@4O3x{Rd<~p8b!)C9V;yH3^(6qUiCaD$pfNbL65BLHur^>{SP*XRVzBZzlk}
z)Q_jT=XZd?Dz;IeftVd$38q2<j+@p9Qvq3ulobM=;fT{HRbmm3V-iA~v`TDMjZ^kb
zm9S4*%`R}WA-40=2}&K2EisR6BQ2L^w9^_ZLVUiEun>i=8T>1c3OV$|H4Dg|r5}>^
z6Vb~9tzS8*B00NW1BAO2Bqw<H?1F$#2x=BI17M9si*m^<nM+CN&22}N)`r7@7Z;K?
z$|DSacp_m$5^5@0QFhP^u01xgle}mMS^k&hZH!(7Y8!WwN*}k4{`JBNu)9ERl&-5J
z+du24>dsA*_h@A{-*w1>C>z-R`@+A+(LG!M-@v;7AxlP8KxFltxp+5R@6WlQKOv0)
z1vzOf)}C}&tU)rYi^?Aba>AaO$`9!Iq%FQx5-17i*_o$?e4=8E6WWS2xby7DVpbW^
z&L(D?kM)=g3o<)(sZ!Z(jwt&UERqCuGR8E+;-b3&8m&u5Z(qB027ktgm6n#bLSDmm
zLk8OKF>+m#F8`YT47dsIn@rh=>IC+yA@;amtCSa9?~2*$8U4!n4A}aS7rm@a@t*NJ
zb>g}w_2_E4h{hyqO}!x_VA%jMW6cN&s)%d$li__JA!qf+m8lo*6Q+Kgj<A}wgFRkV
zn(>={H)(4;p83p$t=V_2ijs+&o2Ymack&W!OV{iD1ix*r5IY(w#$*_usn=W-0DCHx
z+=}~UbTrDaofeV|<Ddx50ge4yBJNp6{Jof|zyokRZo(~z>2!m#@jxDS?E1a$`#Nnq
z7$OpHdT6*aoulNJ0gmlF*%+^@%4RmNjHDuWam%URyTxNX2}ol!f=5HA|Mzvp26$(Z
zgUy%ARw8{Sf;^t5_GQxnm$p6xbSDr@1(9dgXUfk}&yQuJCO70)`fbq}_K`Rp(Lx;W
zQwt1o0{ickbCM3Dv3ULrtFk&WII1w7wm*#_Rk};WuJj+5B)k}}Iryu2(Yd<-JJGM^
z)_;pjjuiRFfN;uS;TMFreovB_d)%jE2T$E^_+(3nnG|S7QZcrhPD*<e08ZOAd>-DM
zkfEiZdCkv$6@}RLxN?SfAq9ep5H7W1l58yC!_5|ade|MI>Z=WN+gY7|H9)QQ1N$11
zP&WWfNJ=7+roDzTsidrqI}^?RC#E|tv5M&_g#{`|S=)5WxZfOhs1w=*{e}*yq=p&6
zLyA?`p{J`UpBqb4?H02Dj$O;dH^OImi{JO8o>t3AcsJw?YAZFHB?D*+s}An0Z^n?i
zlhoO0&iR?hme)`3awql9?#N_@?BD<^f9$xp4c-#qO}X=jDhQ2i=2Btnw6DoR<CHOQ
zl<9O_Bwv`&EWp8k=wOe8s%u+0QMU3car=5t^v#&~zZS5AMN9w=P*DnSYSqzFLL;?L
zqFGhgN^cVft!1E4+*8n0T-y}e&z#cKlh=_kBY;nCu+uaCkP)HxN(o27EI~{&)QqFt
zfm-w-ywa}Uy&l~9ypAF(re7$j6ya{p)i)x`=SPXasntN!4UL@C(nL2MBh~?T_e;`H
z<PM>Q9X`{2PzI>+Eo+Zyrv=q&;OmC278^JjKzR;=WoGtH1-01485P_>x1nsz<v`n-
z*jGfZxkOhl+p(?gt}L#B^*)il)8$T~3@_U?D=KrDZoS<<KDzPzFiQDT@!y_U%T$uE
z)}IyeVBl$&)i+frS?CX=Ta?l(>xHR~LMTlNr!quy07R_Oq#byd?UQu)of*>z4Dx`$
z=8=#l-7a^hEE=aowv5!3r1i4_HloFJ#8BO^?Gfs3p`#Uc)(=N2>kQTN2$Io$Tk?Kv
zrbvO#m{irG;-YF?MRe5u(@HYwLxMP$I4ez9^92k@F_d8Ba10WNMNY)X)!5_G@AJn6
zZh<Kw0RE4Rf@g;k>AETAvVacK3OUUkekrt{7DlbC{2Oe`G=`Z%Dl^&zQs;$QF`p}c
zRWbHFdc1uj__zpv(i<2R)RZU$`b4e11>zPt1g7KGq&jFEn`(@ajCEP(fsMQfRC4+_
z*nLqQysM)GBZgz-fdgHzf`|jCQc-M@?+?vufb~)K(3I>%K|s_Hmc*Q#k0MO2<nN=7
zEQHF9<EieFmm2~w$P3pSNJx$}P>9LJ)^?#%p#)VSaCZit!+-3BR_B~0iST`fMgNY+
zNq*^8=8gc312Utue2h9@a@!3|t$~C(j+lL<+iGN5X}_7M^cvS%L(Wd;oBgM;g2y2g
zAittl2<qK?P`P}*5^VhigMga83=zWBN-A9_Md-Y|x<Xw~-03LRpHWqQw$x_-NG~;%
zu&&l@N9_!e9BOkCazx+j$ZiSxx&4w4dVR%`#p>W_+gD)T_`dR|`EA&y^$@du4FGm8
z0(Z*o)4ZHVO{F5YPje}aU*J8oEE%m2&=JpR`oxy)_DN!-RjChbYd?4{N0&lOEpcX(
zL9zS!*n>ut<o~w^$AasKrzNY(p4T^ad1J1Q9lqDBA`njxgc0K?I(5?RJJmvmW|;jz
z1f$9Z+8}dGaZ!Z5$`*2^{A#}>lC;n?0%MWhGQ;iLLGn_srlvjy;P!~y2eM8Bn47Yx
zb#AxRfHrtzxr3!ro7K4YAm2v%@IpvSPTgn;{39A=+UYQ<e4?#ZwJ4I(2}$r6?X03B
z^w@QxxsAc6scl$|AD=e_#|q2`cixshxg44lY|?d_WKbElg_7Xej$k*XU33)OpI^9M
zbBOGEfzBhyhkMshBxbkzn2mM-^n_CL#n`rgnbPvA-joNTiohzW9B)M=9~D}@X>#f8
zxbUeu+g0PUW)Hy)qX9qh-m30m*jzw=ZUpj@T_Kl!R}4<_0(FIUbACO!cAX#yM-J-!
zuaK`&EIT-%w5WTM$#)EF1=Me>Xl(^00f)FxS|v-3!-gU*v3a(mjl2^;P2$;ea^D>*
z#2E%jddL-l@j+>s0V2un&Fdc{^2J_A{5D(>^67ffO#A#?@DuqZhVgQe5-n3DlGyHR
z{^BHbERrjxn2T=vUpdz_zq4yeCnSq~A8g=*`wnMi;w`rZiemH-+&D^;4E5TOcvRe<
z)U}Pi9B?G)lbE-Mc;;*XDu2NDzmFh6I|3(WF$H|bMkoA2W`F<?>)ANyeHcs{tDb&!
zA*~j>dNQj098}IhCZLI$%P^&>DA5nMd_;Qf+Ym`w{-bT&5mGH|eYj$WELgYVU(LRG
z@NYMoG9sT2uJ?f(6vqu9V1U0<?hq<h?b%A!?H4j7o7xX<SUEMo)!)HzQ6$FOuSObo
z9JW8=ppv&b0%k8eB#Y=CdfXp3&`H{H@=9AxqKxIqqq3NR$1XO}CFA&VZc8xBE>#x?
zbc#5RiAQkJs7*5a&?Xnz{V^^Egnrc3fmk>On=SQrdL1TQBMU$D&CB0z9b(5OK-Ek`
zDm`<$ejH?7QW^6De$xEQ`$9wijaur(H}G_di6X!_COVwsjT@g@wua#%`9814rYRUx
zUoAo7Mk6(6Idrg>!fO0y0>hfdG9!?DoGd?9I)J&abQ;p2HMwdi7Zisk%ns?N%`8lJ
zGIIS(fb;?U6l`%2JEEE_?z&nmy;_1SCr6ox8s0y8rg6$Tz+q6Jb(?>zC@}g7FM$Av
zcrkDOkW$Nv{w4B=j|I(lk>oyvsnhY9YHsmc<Iw%;_m#Hu2_J*4EcMThc)tmx9`8)@
z$~;*Hfn7GIhAaGMd`T_=JKlN)#(xe93+-jR<%K*oVawc_l~yn{w1Ubcj=Jpm7UqU3
zaPFIqkTDVKfMFz?I+B0{@5Fi08iP!?*^^Ccjzk(+>B|nKqAyc)$~(f2pSx@QVszU)
z5eVGg<1TG8*_XMWwQ6$kuux8kn}9jEz2LcPl)gnrTWk)S$uc6uPYBsh;$G+x!7a4&
zxp(?N?qVU^R_#6nV0<7wbr5`z+Fu<9lISL%Q6LBnFsAL>;CBd*$qP1uM_;5zMoG=R
z;6O|`3S_mUExQe&rRJ+FhkCe%?|;vy=p4&K>^ab3IADf_J#vK114cUfs1%7=;)I|Q
zg?{<Kn{AT`V@(2QvM$XzKge@`0}3{8);73)KMQ2_Cs09;Ll$=SJ$C5*7JxkX+GT!X
z@79e1U@))Az4!UM&=q!+ZEeHT_BlS1dOjV}LP@e^fOkhS<aGh_Q!qo)T2RWx`i0i*
z^VZQaq9QpNLDFy<P9q9~D7f?6M{w(S!1Tn!KE2-JzL~u#J#^D`0~OeI>@KQU;}j@^
zkVe6PNOJB`B8TO8;#HA`yM#t59J;Ag|9v-r%w`*Is_Dd>Fvcp8#6+h$w-Ts=;dLc6
z3S4V+f<j6vY<vgW*ad|G+?N(~A@<--RBW~Ndeq$sos2fxqd8&Vk_$J13e4X3cv6+(
zT5EbTY^)jn936!Nzo_umNMN*Fp5+J&Xh3=y)sR<#ISyznDJgOK$Qiob6C<<QGyu`@
z%J|<ekJa#jrwY))IYS6cPy;MKvo8+*78Kd<hUb;<FML;=4wo>7<4A4BSrnFZKhQ)+
z)$+o|Ly^B#8W(>|H{(>%3mJ{KT$C5OL$N&7NRG6tax)b+xS<S%p{%6`DFkak+TKVL
zaHU%^da}s1{3|iQ<77MNsc!I#WdQ+e4SGA?TzoT#NIy@+t%UdG+%e<^z`H2C3It^4
zcLijufIP56$hmsv?s95$1DgU#J3dw97A3`zUw*WQ33K*i`1bS@?okL~zMz*x+{XO9
z;ooY=q<9tgIxBEmsF?UlUfJ-*!k_+~I}{J}mh1-zM#T&@>&*${nPQryj{vk-f}JA~
z_$BuCQk5b@9mmNeVUK1_!I}K#FfM!ykJ^QAai&nTq}9F}wkdOKIIZQ$X38~z*#&Ei
zx0d(M-6te15zvf5St31YpkcwV%R3nAjoh%m-p|=m;~zy+{AFbD{SrjnuaZVK(Zwwg
z6x>5#JR;bmZ!D=Xy^>#?4?r)cGZt0WNc${C`DI|j5SFWqg;3*Jw10}KGP<Hl_o4}`
z&9riBMTkx+G^q7@ttOfW1YCX%qngL^y@o!oUhq2Y%cG@Eza@~iLUc)!mqOfRa?(Mt
zq&PJJ^Xr59#q0R>WfySy&f>6;jyYrHRQ0**nJVSMYOqKYhn5u>0Bs=1T0lCzB5F9C
zbfDc*fT&l{w*kQYTWFdK<+eo7AC)9#)<{llndK}`*1C0Pbn45%&7G?G%1)INHijZ^
zhp8Qh(ac_9A>OLghEcN5H{Ga;nBGo{biDew@hUOb0jdQKXVVfg00@DJ#Wb-e8XB{~
zV#;v5J)R=eYN~|?;M&1d;_Dz$Ov{h#4J47Bn|{3w*b(UoAr6;v{CgXbDf5LPOg{Vq
ziujFhnkvSniruE3hAO%g^dHjnc5)jX&dmAF0-a2%GNE$dwk_p1!}1lDY93aNkY|ai
zclhL6{(6Rt@b3#8>T5u%`Lfi4=Ixs(!AhuzqiX{LtN{QI`YqKtx^mxQzV(4DKwkp{
zlC4U)$VrS&u^GX60E(1?i5PV&1#;zhx3Gg-UTC;cvo96+k=#PGpq&%l>&1kc{gF|~
zPU(KSN1S+Mm8S@mXf8E8wFt9o&Rn9V>zD;(*A2&U-2H@6U7a4EuM_*O8)a{I@!rt6
zADy}BFaSl@aE{DG1n0_FR9uwVY#4=`>YCPlmws48*i}nNP~fuNpr&X;b$0SfK+v*S
zKmeXzU)H;CtTLSS34V-9%?b=`T};KeV(IsVBu&pZ{dlqc>v>>fXT99NmMf<>_&4Xn
z(zQmi=LhUzt{yX7!_fz$rBs<U1=~AT3fRNYBw&4zu7Ms_C#4Y$LuJku0_er|XjSe0
z1$wcQifdzPYmeWbY+wz6i2W%KZG`>52f*=HZ8p#;q74-@Lv%NgmXA1J$W%uj)?Dvl
z5#JA?rcH?Bo@qX~tu2mi8}zn6ZazexF76*Ip3QoGuP3*IuorpGqKxbYd9x^EKsBZM
z0T?C|m)fZ#fKc!Dt$9W!nDeO}x2n9TpH<E{HGzdBcG7A$z#1aHRvn4L(n~7Np`r{E
zzgwNsT@pql65w7EKp<<vl1ucxb~cjpNa%(OablB8EWj{NEFdGQa$nDYJr~7Dva?Fh
zVX_b}X1>neIU6~IB+Y&path}ItiSmJh}UnCTw)a(Ry^^(f4=-0dAe6>E*^WHaVY;z
z7@RTDooZG3RmXLDc?>mcSo1RQs2AG=-gUdW{2%WL(Nq(D%t9l%a2~SI2D432HVI7?
zMm8cD(*=%)<Qh2g=~5d-3}81u|BN<XxP8KptO2N6L#}YH+UH2asyn(-{B6M1lCu8y
z#X&`jUGct@=SM%XJr6=;I?$mu7v|q;5o(HOFSiuL_!0PN@+a`3k%!-<ee3`>mA%mK
z6b=_Sfu3(}v>!^313n#bdQmBc$v#feqVj$^|5#{!obwY8Te-d)WK5dYDD@%KY;x8D
z$vyX%hvk|a%P@Zh;QijPh=PynI*}2vugkm;l}X7#g~S1n2C$QRp2F1wad8Kv)6cqO
zs57M+FyP3p9T?5KgZ1C0SLgrnh&kW&klqV!UhQkcq;nE|<XDNiSYpP`n5j1~$C^`u
zpzKvwcS=eOewmVSVf&3bCS!7_L_QapGFWIqi8?N3TEZPT*J^Th?YfL)1pdRRZ*+$I
z1LO*@egTXENOybbh3wrB5p`c~i8+5_;l1s>?Qn65yn<|oYrs7XV?kC4s68A<SucMv
zhx-QL+fu#}T5{)vGLw#dp2&!GMH~$>SZY>;pSGXDA~OWiE+Z>&9wX6+uFVs=C3A}i
z?I%|g+X5LdBKwP%7EXdU{%QPesi6*dDA0H`^?=y6AaXUx&(f)i5DMY<1ZHb<Vz_@v
z_Q2zu{zGQHks08ZP|E;o50CC;UeaUS(bbRIFy|T7Z^{!DksiH>cky$WCN2_fxQJME
zr?j2ca#v=*7S=+$-G5lrM(;X@{gvc*=07Rq10u3vC7$&t4bI7NLt+$mYyA5op=<Dx
zSwQGF&!$-F+@&X)FIfbLF{~XhbOV7g<&8ImSVd}hOf85wQU24;$TZ%4>H851PJU=}
z3b&2f6a_*)wI&AQkJG~&S$HY9fy;vN5ao6w$^7owKyUq3OyHY|k6aEPrVr8qnt7u>
zU7BA^)*$Np$_!!-PwHGCnYJRT#mRt71aJTejHK1+D+MaK{)7EUjYY$KUj55woV)JK
z^V(PIY0ATYQ&$OO4V&kPTI*eZMLwER2t;+?;^{RO&4)clq{UeyK<o^fLx81E);|J6
z;hl^X_~sEOo;AYF4Z3}<K#EgY%xbAzkH;dZyc<r0rfib;F;gtqbpkOcen2Z804vNc
zeUNW}{d>0Wb^*#V-sirw>?}RsJR+W*kE<lAvp^(N3I*on7-P`Wg0E341l_F5e;?RJ
zitRV2aV!x5(se%8?cSF853FYxe6_Fh4rNMQUN36`AmTX}l&z?eE<=$+WW1fKk+T&!
z*R(gyHW4c%vVf$J;T)rp0%!^W!n`_|v%XMv3h%^jp0P@Bv-WViZ{)};Fg^sh$>vDF
zmLs#iY0)AapqvTv27H2ZrQwY#D(p?xev`o0kh7d)kOKoaUejTyC<p<0wjRRHwa|>L
z+egm%Y<wN1Y?_Y8`bwa-9~G<3OcRm8Ilq^Z7nLfT6q{9^fBDKHuLKxS)QD2K$ECiJ
zuxZrjQz~p6PRLT_QwIG3a!Bg3z%P8h@3&i@e%5_@1j<U+*gh~O7x8(nGfAQWjTbR+
zhMKq9um_KSPN)SaC_1fp=j(-B^H-vz?H64n1eWPwB!G|_h{+pzO9%fUqQH*_d!!oy
z`M6vv@M6i!qktJ%KywoC9z{np@w8Uz6DekYh-VU05HnbYFrXA7O8sH2Hs6Blw~2`l
zZ>iqV)0N7@C2>|De~O4ru2h?iFSY6Slt}q{A0j)IA6Ar3*e=|}TeP;;>m`0B@Ia}V
zL>955gG)M6CbujXw8b6_#t21FqJaQyGcbG%?qamTrzODvXw>AA0<Dj7zOykHe(EJ%
zi3U68HMks^FIXal?@%mk5&kW@Fsi>Vg*F)wjR2Zj1~F$4i+?5Hn5rrx*UH%usY39S
z-{1fdsBP5cZzW=b1|xABH98?aHMpyIgWm_Df&A96`kR{vNk1(!^dw9jzk?o+7=%CQ
znxy1v2ZkEJh?OZSV=4f~mXtdI3N}E@0Wq%vd3x7PtZKAs6*5eMQXlgO_XG^61@;Yr
zKfXo1`F$hA!?>GeVNYy3b0^B>pN`g!hwry(L>hC!|I#)s_bd@*w_*JQCtOT{B?bwB
z2Bxm;L_sifnL2-zxQI+=LA45M)b!XGYt@^$Qh*IUED-uC24;Cn{qO3rgWqIEH|DI5
zak7xOZGH)P)eCzg#&}`F3;Q$bkHf6t>UB0kYA}HZRUHEuhg1Ow2jtpqei4I0y)DcX
zUIni$Vu=ca%3dPDJ~d3+m?<Pz7?6)eS||8#Q7r#ScTO~HuX!UPphEGXtMu^8*CI5i
z2$0xK#|-8_k)e=B$wmy6bb<>Qc1qI3KQfaFjl@-F>KZHPZ>U2g$f)sCa6-VSTZmXj
za+t(-%@ZaS%UTZ1umWke4w3SG_4mD-Rc6@6r)pb{+^?&xkb<_>=MuLF4ZGhT6z^M8
zx6kz7SWXi;cJ+VXYymGGZ)rNNyLvWX049lE@J~V%5e6y_g@s}x<#Wxr?B?)UMTdTD
zwrnvHU<(x;r8og)2}@2o2^pX;m!g-Y2`Q73+%I}#$fK5zLt3_*de$-hy7;teI&VG}
zY<lbw;IBNm9Hx{Dr6KVGE2Nur%@w|J<Y5X=pX`M<9nVNV59bOz!WAjZeGEDTV3cLF
ztGKT{dgqUp!n)6yLNbM~Q{JK;i5|#HlH0tALaRpSRve#_?;q@}$!S`Xuq^;KIVO1|
z;YeXx`AE=!NJbFlmqgdLeGCd9=mW`eBG|e8NQ6U&flh%VkqR04E^i9%H!xX6O3dJm
zE3+qdsTadUuqHYj8=4S@E8qqAseJtuAnO=_X6y4}jYz})%NbLugbdj~fdYaWDDX6?
z7Av8$rQ?;zLQBIkN%8j8@cHTs>^3Sb^|IWRB%te+!~#IurkI?xSYT@RE-e_Kb8Ta~
z^B^AZX&_zyvT|`5>-|+)g{$G(uA<JY+rMY}k)&2Uv+Y5&Y+@L7iVYz2`VP*8>`-A}
zfCG{xF(wna7?PS)1DCQilr3#@=T(z5G{&ouO*Wcr3>9EuXH6kNf$NipS|nhT>g^f@
z<55MEqn4B6@j?tok3=j2P3`ghPw(QNm;32KO!U|2i`=ey(`VYpp#(Z|Mjuw%M3W5g
zOtkh%Lo)H|JYe{_0je|%At-cck`Pv1b*M<R@kV4MGC1kXm4I8F0fYkbqE@vI7eTyr
z2@hYoE)WbF96)~ORc{?%X^vq=kOn}$>z!vj;T?cvX=W1F03_#r0@n<rw6u&$2)06M
z^pKHbPeuXxG@bfUAZ`d0IlgcTE*`iUV8ohFzlRME&P4(FZ(C@m&+mQn1Rkl4OWw$?
zFhiG6D;O5v_KjuU?_btcz*0(WU0PO#xQv5<mnAfbUTI*@&UFg}Bcjgt<jGSyOmcFe
zH!xnQ4NQwxrrlHYL*=}dFzeJ*gm{ob|6?Q3&`f8py2u$+w3<s(gt+*G2ODI3#QJgY
zWc7EIItKt#JgwMEVn&bt;l}v|!r&I{5fJdzIj4ur3)%IG9STI6hRQ2#U}Y|208<a5
z<>6>z8sgTZB!?)=qF&;b!pY4#ee*ygi(F-Fq3~`Z;IUaU<$cF@ep2Wi3KZD5pAq@S
zJaG}}LQ3?bq!d#24K^xOq(bv>={S-qrOEJwfEhMhVbT^I!9(Cn5(`7MA@G4I!>rBU
zr4h4reuxKnYA(k`nEsAM1#AA5?zJkPL*8e~(Sf_hlG8x8FE~}|>8fcq%(Cz!-C^cg
zGK$6YvdU7KB01c@jo54(wb=$BDVxf|<LN>lT~D(%A`3Ns%SF3}77t#i*QtL^!zmwt
z#$K$2bEG+fZ6@W3)ip-#k(|&}Y5{6<mbOohwVoO640|$1QP(CGYe_E3XS*3}Y}4Ui
zDQa`zaIhNN5O_8VPrnh)m!E8km-iP9a@Y|OivyCVsG3gDV~kcphCNkZM-q&PqOLL!
z-?qbl0GM`bhp$r@F+u|i7kMlHiIxSBoj7nezqP<2V1C<9VXH4Kd*(&=+s6>nq6p1Z
z5eKUw+sh1&wC?ba6SY~m{>4gr*Ub`<V;z0xn$h*@rn%4{d#*!WV9?>6DLdMnydC`H
z<xo-OaN5fiv~O-z)wtP9du!jb^QrZ;Q^Viw`MUEk_oHfPYvOx0<lyV52KNi_wLcW`
z?Wb=lX-f-SPqtKxstm+>WY|Iyp?X-zEXadM0b9+44MsPI$-qV6Fw%j;NDWh)Fv4Xh
zT^rkI4PN69D_`vtxuNJ@(n@2euJVW}k>2FkhPzE{_)t28$|qKzZpbhG<;)XE7}DD!
zh*XyDTuB?|-^e~HWfa!U0<akc3aA@UKoR^S!c-Ugy8$V`46O`4e|GP{HTbORI;}ex
zzklH)F3>t9h0S=1#|Qwn3$TA9)HZDX8r6ES(?&w>V#)Ltmod!+V<Ui71)IcSk2Dam
zFOwK^D^Xbhb-)xCmFRA!8&v~h(ZX9#sN31~O+gUcj<`IK@-R{WJo}0X4W4y8t-bIN
zfGNy^K*1>7K9)U+>)&>W?>dKG?SZWSc{(6d(vOYQpz9OXh>eum=920rUQ&9$@kBx3
zX_T7%S%Di16B_mQFd@#cdz5k<^wf2WpKF(?nA?|w@C*jQ%Ip1+|B1NQuvAkCp9esb
z$9}BQi0i5S{sz>WSMDg>+=<TB-ini10dV{DjxADipTn5YN+og0OHbVj?W=anZUtb~
z{L!@d8KS-|HfOjcgrpLyaz%icGKu-j6Ze6j=bmn%-T++-BfhyC(lw%%_vuPPq9*1H
zq1C_i7pp$O<?jQ>h|B0&GF(;665u)|8+(YA!pFSR!hm->Zm5c1&JjJo)a%-^W|*)$
z#y0fpmb?Vx;byO~wQ_&}@Yw<B5hVmr(kOW;5}csNWJ#lTliq@%JgmD)Ysi`K_2N7%
z3QZ$uokd69mybQZkLMWf594dy&%L*!^UtlVn%Iz=yR6^oaa?yprhE{eS3T@5Ix0PY
zI1)3G2Y{!@USnposEqh{5=et7J|R>VQ6T4++?tf$AXbQy#7I4cGq92qtdt%TWeCUi
zjIoD^9Fsqu#~S$@6p4q964Lr?l`uHQ{vej0t3F*1j4~3=q&O|0b!+{nJ>;8C&)@cQ
zVKh{m{Y`*^n;VK+rNBpy4wgMQpke8^s*|M-Py;Xrzu`B4U)Fm3a9%u_(3>vIFV<OU
z=25l+lMyoCaS<_h;%$b^==Nv&x)Y{Ms?t|f*m#(bD;glR`#sNawy4duNb^J*m&S0`
zc=z(<by4ztS|w)zzO_Qk31mM-%Ln<n6RaZSl|=%3<BH_sSNt1<v8R-uV2Em&;Ha|z
zNW~V3Ot@jf!t($JX(Vc+MAEUE3xmlVK@=6U%M-1%#!yQ%{EDq~IJC%2_9Ef>tRHKb
zxvd;U$;<w=oYGKOS{Aba*YBZ;YT5ax^f382hDDYRHA7%Dz8-@fSTgWBr;$`RTrx6U
ztsv@}NWc!gtYC#3w|TxxxCSlc-w*~gCN}R7<MVmp34^DE-rKv@3JL^lu_LA*Rnl6X
z4K%c^u{!F@X~M$JWJ2t%4W5!4tE|DPVl>J49~&xSG`-v^$CoVe7;o}Vc007JrGZ~P
zZSp&p=+HFdc1o!oMRYzzn20Jw;M5Ql$!OUI{eq$PM7Hb{A&ty{Ib$Xm<;Mp6CC$E=
z7Fq|2vkWlyu<B`TBx(xnd>S*T1-6pbnTFjNc;DHuy%<nv9hXTtBgAqQxCRA$PVgu#
zE{-g)gK8iNMdiS>=_RhZX&QKkv{o`B@hEls1L;soHT;|>KiV7@@dy0voOgpJkvuB+
z;s5w#U*aqW;s0U#<zn(^<ORs8v2y(Rbxf}{x}uU+bNO?cq`#bB)Rqtu#WD^G#q#XH
zAza|A<Ce=(MnolD<`6w5B1G41wCoNe6G-%eP{>pq(sax-wG;nK+TqRYGqMT-%De3U
zqgQtGwey+C=N%@sb&H4-fL5}sEg#kr<ft<-8nJi2dhB*FafL+pGyr%;f;NBqx-;n2
z_urxf79u{VEX)7UxK~jdphlN4FiB8}%D#y$%S^RapTFEDhI~-z^#OpUGPMvAd^+tf
zJ`W4Wf)YPxM@8?R^Q<Yy?PHtV?ob5s7W_t<8T}>4^gmhKAE;X%><Uk|EW#$Um&AL|
z0`fuLkoYPS7V?YEiGXxpYoXOX;*GA9NC?56R&r7#3;Aw;D4;?s)hrGSPw$%RdL6S6
zXRX0g1Vcdo$T#XtK~T0@H&z5hu3gl(>^FhOYt(hi9#2O+n)D;`H0Rz^WM^^f+iVGb
z44)%_Fd6;qNsYK9yy8vC1p(Q%edOGboB0vfFWB=dy8FnB4q(YkNsT&cN`_v467{o4
z0$C<<B-4Gg<qpG(&N4$p&sZM9tu*M8@N`j<zM1m*G*g#_=?z#WPSE>-Y=_@xc&{u1
z#ere!`C(FkR5)s@ef~s8m&e&I0nP2%^LFD}J4Kj#9nrJ?bEgN-Cqw|M!w#QyLPK-W
zdD4blU?EmX2=IvxX)W6MO^l?W+3jBhoVNd0or3tBe~4{t$keakP9h^U2LzeCfFd<&
z5QxlK<C&E~V0}`xy_fgE6A#vP+i8~P`7~&hU~~9KFiGbU&FdT3rR+n*ASnnC$!2X(
zOx7XpJH;}ALVY68-c?;3tKW}?^s3wKe+|?}tLYm6A6kWwa6L23cFqnqdx9aV&sOVS
z=33AdC<3z)CeH29B@F6t&>4TI$gnlzjexnCUSwcy#v7uPL<oLbf{ItnAI1<&n8b5Z
zt#+i;23I&v0i`ilvjGaB8Ivrwb2VM(bdmv=fHoG~WlFrb>*8%HV`UdbV+R^l1D}Um
z$MymscvJ^wfry;wXw&8A{KS~XgWyY*Gj<71ev-xKQ3!+aDWt&1K$Wbp5GP9B%Yg#7
zwn1QQ2Q4_}md%e8X437i4#Z-+wWn%`F;GrPa2tDb<~r!4^@yhV4WoS`%^WHZ3U1><
zYZ4m7c^ng1l_K&8RKY++QaHi_S4Tg0(Fvfpn8i-j;%{{T6Q+%(z$T`Nn8h(sZ=tb&
zh^aW^1^Ec15coN;JV$E2C}r6EZDlJMcPR5MSO#bBdAD(Tw&!Y|$VAQdhuDI}LK_Qp
z@BicI3M`;u_e!gz{dFO;ns;sIMEs+J9QS<uFkP;>Tp6d+`BE_o{)O{ZhYsFqvk&+{
zCt%kV4A00u84$pDxB(H7&AtD7RnNCwnEM*`o$K)1`V0J{@^4lqxXgU*!E?iD`ivh)
zE0>xOZ{Z#nQ6I8x;vllECbh<5ek{42l}zdJFM~#85vj7XWHp-wQ6-OvP8gQPOrK#J
zB@3oGg}H4klnSMP9e)8nb_5y*Gc15?&L^wT*A@Nc#47IatZn`u!@{tIU;u9}<C#eJ
zCpNEjMsEJDujh-N1-==H<I#(N_VLLKKcWwMMEj5IJBRO)g?A*M1#?nv+jxPgoXpdk
z&u^7H$==-(yGf7tz}Fdz`;CKJpO=*sCcz=k=Y8ACes7ZJzgK2V*H3WAmlJ@~KGa*T
z_Y%_X6p%?Z!{S{#Jw4LV5wR2wI~zITvhn^_Rrf!ww@ngAu=<VXDn<Ey8>CFahfHRR
z4jb%uWCf(9;tYg&gql6r*SO=RpNi1t&59F@UM=7kvf(aoEo6=O!<;f+n=tlRsM`R?
zVk_SaW;yU@U3|Nc6eV5h&}D#MZv*eeU~((rHd-+YgwaeNTrta9LMLkEZ2g6Vct$vP
zA3MpP=>k|wQQaUI-RbRvW*Q=9-g1o&{!VfI$h5A@U!joLa*r6@7;{_4!*;i7Y4YE&
zVHV2>Ue6PHlZIbhRIBbFrbh3N7H9ZGJnc?QrZWyo8*P!Q;Q~r@vw?tE5#L=loBLwB
zqDu=5z&pFw`^1{lCg<l9Q_+kA{3y3?>a~XG)T*TMM_y7$4sZIeiu(_pzjkz{lZ<S9
z{6&px<7qUr&>g=owgEwe5Y<%maxVDKRuFXX@fi*UIO=`UE=se-rr`oabT@ZW{lLOQ
zbdu=ax;lkwIPc)N<2nGpMdsQCcxo%j4@s;M$1Nmp;@$h}K~#tFwmV#y9=1$<xo=+D
zFAYGPc}im1DAh`k_>?@~L1(1bq%C447D_-_u<SsIqVc9c5KL*Ebx*_so^bG)CbCg=
zlTEv5(&#HIy>O-i8SW?{rW}6*KNdi__4)%s$4J}l5O<gL70|r;X1?wHbO0rrmZ1dg
za*kOR_AXX*TV1TJ+2W}oss?JH``st$!4kO{cAzk-)uC#GXzIP8*+gF3$5{i($79Pr
zfMk{YZUCg~ZP-HL)5>v(L<dbuu8hYsQ@BIIJ(&;|iAHoH<h5m*j@T^BMw(jWnDr0d
zrY&MO7q+t20Ms@64?5YGhQf3ha+mb*&~(JOmcpW=k)!{Z?s1`st_mH0$W1#V^vmxP
zyb-ZCk`c$rQDY=wsg^reC?~9lVoaSdI%1Mq^V~*n6r*5X9=gKzqw)@68t|t-o(Awd
zfy590p7#_l`wiQw1bMat>H=@>zG)71w#vI`Kqfo`3CQM3_uc$$JP0$tltf;y(k?Fz
zGbg%$7oHhXsx^If&}^~DFu&J3RgAV}&v#PLX2TJDJDm`ADLCDP%1-pE+F}NyY!1Bm
zSugo%?P5N3ncBw;<;;*|<D1H?9ZGX`)J1DCal=w|)>i&UC!qRAV|)4C*@uEThCywv
zItsmj4Ip7Q97r)Kmyc*G1+&-w{;<3dgCRM)<m^~j2WONva>M<7!mxWIC^LTpx`1&b
zC|(?2Uu=bLkQE<z%t0me#8B2`nqTTTt<L`4O5M*bSVt=ByI#D97KKLc=n9Bjoq<$p
z;o3M@Go|K&ey!zk!Ch}#nsB?t)G;$2z7!5=1w5Wai4r&S(aKkb!ga<(PM#-M6tmEw
zb8#2g%%ROmfX>NGpKBf|4|Da9k{?E31o8o$adq|)Z>T|eg`-F0hN#Uf)F`z4TU}hJ
z@(CPIAi<<mmH7!M4S&Wl%;aM<%KT@`E5ndQCCyjN%kP4hVy;hEN`<03)%)Ur920qf
zsF<jJ;8QC2j~~P?++j%s&syHKnM=7b0&yOXSZbn2`RRF~k)0SFc-NIV5yR418Z06@
zo3DsmX?~@a1o^dbNsFCFDrU<RCvppEJ-0%Czll8U2JpnA3t_*L20Q=K!6F}he5Lxa
z*l%n#&$+f3czSGabq)EZjU`&@lrO3PRL83N_I%!1{EaCql=~`auP!{@>UyslDO6%7
zD`8l%ZwJxnF=Z0r`kdn06tLn5{>Jd_Ulmp+M6B@?InU~$A@b5dRdXIftLUG*^sL*z
z!rpY+9nBa0>uL?5%X}fwz5+Mu`DJMB3DZ%C&lI-*Y+JWkntLWg%whDfg&A-MSeYDI
zVvg{{FTP%!f%0iTi#t{528pcmlavqlas=nsJcJRI{X|bYjIO2&EMn~~8pjh<76zj+
zmh_{!sV*~{4~fe{59NyoE4+v#?eKfxTuocH<Q3Pa;XpKk^QHbprR-@6)@_4@*Ad0>
zaIRPasx5mPnT`CYnsg33;r34*5G-smGfDGNDdMf1oQ?xm1^PO^&K|_43hQ2py<rwo
z9J^dq?<z%lCm|VI&qjMbE#CPht@ewzSbMX)eqd+!Pan9}X&@s)JYI&Bn(nwAqB#W7
zfpA+%OEgV)^x`jh-LMb4z9Q|@q^t}1S6C3c9Yd5+uDk*-+@h{6di2Q-fX`cl#zKxm
zko^Rq8chfSVe-aCkan%Vn3rc~|Lv61@2g)WYa@GhmT1t7e$iYRdz7ikKD*}ai8UWm
zD)3}cILC6#6<}7l5YuCzq<oQSIJahB&-~9;uK=%?`*Wo0KDX<mMUgs!Pep>_zdqv>
zcYoSq*;*vihg9ZkNkbC<0J6~|%`^tnD`A!5g5x^#+hk^B+e8RyuoPW~A2utwZ5IlZ
z=%?OJ1?yV!g-$g)#dN3MJnINgYYG{VDa8?F&MsCjwaXdskz4)y48V=Nlr>IdZUz!8
zD9d6bEu{zSBJR@}10^;=5@qF%rOIiG(;h3qWesDwk8M_Suu)900g+3-It%-XOduT{
zyYM=o;MZV2eJM|RDIb!RG#x*wFht=94BUOns2z`MZ3ilC3@Ld}x;HR+=r-65Z8C!l
z779hPrnR{*l$8(T!bwfc=x4G*G$mI)fsyz?#R?<;)X?siLdBA2q5CR5`n(qO%thd<
zt_{B)Vfb2iR@xLb;MUNr8C2KL7y6}9hf&XK9r5prv>(_jO`$}?V7n9^g2c(ySm#aS
zC`$Ty$~3T_J{$-2q=_h`;6c8ux=IVn!7MB`b%O{-JI9KwnJD2Yy`rm_Q&t=OiwCR?
z#kul>x9b{s2A{oxFQSEJe6`+&%}g$=-|U%iDGdk03!h~;K#hUf2EqPka6Yt-Ax&1Z
zY83>VzUhYOTUCco#~|m^ZhacE0Z4d_7Kzto4=nkv-#;@B=xaH;*RIvg$4hk`*^{T!
zS9Zlin60OYk~p>%QglfgxnHF}OfAUmW?aB_wIt>(b(u?SM_hk1JdKvb)!S~l%D7)t
zOGn>Y3YdMW02+d~m|v)TzHg`=6V@<SehCy6YWho&WPZ3#VFctBH3*PYxcs@Q^BD04
zTW0?EB~xt$toX3QABHH<wJeA3QL^Q<d-QzaOLur(mpgd;Q~yzQT{zm=J>ml^;CNg}
zFR~n(Eb6c=&`51Sam}haVvwMwGIqbHVUIoJ3dZ~-0RV}wXM4L!ji0rZGF;48>G5d4
zZs{d$(&lYBTdRASR%ap<Xcz_E;em2?Zz-Hb@i<C(Bs0U5R8&<VImBE?pB?)l@z9=m
z%XjSfEK^}kS%|iw(X&c+E<QeelJxTk`kgvYH!)WstZwER4G*_%qH#f$T25bTu2f;E
zuIry;BcKag6$=kMbgm=ksvT~nTCHYVx??A5@rCNwdtj*VB1g4a(!CLTY49|LoP6E)
zXZ46yw#HkQJUFtZx5s=OI*(AvXMFVGWE<amM&L-Ll~LJ(3%$AqCP{=Fx|sum$i~z~
zlIuLnlLRktp1hZp<8zIjM3@zJihU$?ceYwc07fo@;w4{1on4GD=nRg-rj4{?NxOd`
z-k3y-v<!0Bnwt!@B*A&um=#ZXdJ;`UG}M!<&NJvjdUA3W@uc_i-inQ~mUHAb<LwY{
ze=%eR%OTo@O*OEvIzt2POB@Y<QsH<Wl1r}P1UVg(H?etWi-q7@a>>1(-HT6lg{qKE
z0+N@@+U>0Z$kAg8;k6h>KIb5+1-6F6q{%mPb^e+SSgBTU{}~>fIrrfZ>wchot4)aJ
zeIecEQ9XS?o}N(}_HmbTJPr)8SZsogpp$r0Hklf4r9X117;{hN%AZzjaolhpUnP^1
z9G|9cVUx2+!~>g^?FV<n&XTmo`fy!BN(o|vBqewYf%op{c$uA`nYun4IhvW*+nu1&
zj=M@;fpODL8DxVr1PrF(e_GUG?i5j8yb|?%k|I{^Q;pcyH0{%?Hg!J5P<5{9I2>^L
zfJzIgqkP8Fj`BIWl*{9pKM$yWwXEgHk1YMjd9+nDp&=Y%b^Dg2eFy=uXEZ!ygJmR<
zdY(vW>4Sl0W&(m#Oy-%ejt}1pi@7-7YwSI0m$ZmCa1R5x03n&lf1^WO)<<78CRdpv
zB&YGkZE%|$hWl%i%_P<BRn_E8;)3r2!zyY^H<^!DrwxY*HKc(`R4h|NdV&=uBX<xM
z!y%acc$l~HG9sFlk9x9~UaCUn?=Z{`&+_i##J!VOonCZIW}C%9z5faB!@7xuR!Ze$
zed3V=G=hd7AZ<;@7ITBAdzEbDKiMu~8)<1UTFCC8J0DhK4?mcg0VwcXIZQNhP_=$Q
zKyGe$zTks;k(8(sc0Ey5I)s*GqI5WgFG}Q*IWI9)h)-{F%%XEk;vfeKgHLDPQl4YW
z^NgfD%yhJcW@Rl!{Hpf=+SBTGy2V};02#0TXE8XRgJnxG2P7>xz${qSY7c2+pvukM
z;)V@r={Ip0IrCiQVw(Xi?L|E_v$G7N<H?5CA33}apPr9{n_j%zJ0zs`jWePLTjL*6
zzbCM#aHA&Dbv^o@#%=wd32a$sFCZhj->>OZhWsuy_X?1^wgl>`2u&mR`>B58MsIGR
z#(G3Fz85zKe3jB307M1u?)#9s_A`8$+my5>7Er}kGsKIp2RdJFKh|PNO)&B5#Cpcn
zmZeX?WW=RwkrQh2=-pE8@(mT#ROw~PH9bNs`ogu_!7R{3HFR5}c4U825?Y7@x9TO!
zVnpMBst`$QFQ%O*$kvykYG$>yEy(}WTjzesmn#-Yeg{1j@Ccov$M4l9q$kLwOo&+a
zsx`vam5h~sIgTINwCV+24egW5DoSvFJZxl#zv_#TEv?XXiCgG-$yL1vWzX%)pvPc}
z%>q4+V+oP@uXSaYhiL>pKSRE%Avt<f=B6oU9bmm20rkQF)!^&dw|7BQJl+tes(Wb>
zl7sSz{}JsBV5!i}G&0d{H`qB^d{TScgFk}EOwgnVie63RQ>-959*WsXRIZM3*k*OF
ztb~TTj^6s4x$akLHk~eULtmkheh-%p=32?vrZ1`$+9(@QIc>&R=BmhbD{%%?Q9qF>
zD5GH0Z%?lxpG+I|@(hFzPAcFutln0cB0+147I;+wBDr|=z5XP<xRnr@$eH`Rxx@UO
zSo=CqGALT!e=2y)eOGQm)b!BzL47u$a*j}!e!e=69Br5R{*X`W#(t`1E{<xoP~%3d
z$P;bH+sbm@Tne>B!c`WSl>im7>mvK`abl6aCAm<lwzB48F4!mRqhP|?38dBEDzjX3
zpQ?=ll)mF}tHV2o+yAM5I>;b?f%g#v8H2LiHPg4f9IaZS48)+1$P$g0o#WAPRy+x1
z7$uANGSK~4efm*+?XLn?s3XC-<XT@A#n;57z?5H^(LPbgzZi-S_g8exEfrXt8PAux
zub;Y4a|_K{l;ewkE4-NO776R}aC^C1y|@ww)cAbaY$iG%WZ`IPyoJ?b*fK@QZ@1Uv
zX!OhWD+*>lSvq1MJsA_Yh4bI@-KdhaG=)78anDay^~=wU6F@*GJ-_~GL(++{Sg51#
ze;ZvwC(90H1^L&(8|y~Fsjy##ywaW}<8-$_EL+Jd0OYUURb=G<TK<_7F-SdqVA!<=
z7&mJdH+3LTWbx`g=7<TJK|`5Zyj>TW$!iwL!KI~ip=#kVKP%;ON*V;M_qBQq&;H@y
zr*o7K!&eDCpc~74nA>8Cu$ht~LEOcrlYX&shl0oun4<ZUyAC58e4ZF6MsU9baQ_pd
z=i%XDDa9%xtUn|@rVa4F>&j@;*1-W~T=I$T86i4Dcg5ox;~S{v!kU=HGTKxsN=a=E
zB$kP*`f-Ec^g`p)7k-Vajn6bx(py-UKBG=}#2lOu(T6K+*8aB}@+<H`E|hRHJM(0`
ze9RBA$eFx6zgLD+U~;QSJ9LDrdk9cgXyGcO?hI>bosll;a_9k;4kx@}O9lX?BOVAP
zl_orA#BT6QyQ81x21>Y~TW}b3wzhU)?nv9?!iEd{^ywh)k1~277Dpv1xe27=tF6#N
zNB^k^PDUSq`gmKeDPWE{K_zw4>;8dw^abhhLx<30RZGlRV{E=!N*$x5moZC30llTE
zGl++QugQV63|clg(M7A(3Lq84L<G-vJRo?ekBe)1hF`nT9wtq%8Y7SB@Dl^nf^BXg
zpQ4fkn*~PzP%$m%K5f)tG(;BC)15d_eWXS^Ge+~*Z=~4P;VqY}=MF{>%~#@%Cwt@i
zD!ovyakE)9#?+$uCgfb-nL%u|M*Hhs4zrZt_g^$GpDz&vKrd(42jIz-!S+_jEUDD@
zwDP({GhVz~SAe9c$>@w=-164FEIs_38&Pag8T%h$79>k9o!PZ<NDJznXd6D1qPY*7
z<gc@L{>ca;&%f(kRKHkWb=nU`4$1Br!$s!=Pg)ZQg;1kyf@x1lMPxEYYz^NQp#+Nv
ziK!J`O~38u!};k{c>sn;c~D+m8{{VjHLfZct+X-#+hS}Zd(wNB)q-n?JEaixFNUsm
zqXk*aok;>$?)iwgpMDN|24xW>Zax00#D)XQ0%}ozJXC8cA_nw510~k5=Z1eC<RScf
z^)IA$J;qJcYe)!yv)uNo$cxsAA-Rrp?Jgf_jR~i=`Zl>HkORQ$^bQq5Q@`V`A)?s)
zai=as<Zem2KP6D?QLS;>|JHa$zC%#fK6GEQH!lbKod2WG7-p0_s?$?>PAx0+H<`9c
z(5?*nBq}j$%_Nf@tw9Tp;+HMW2~jSCfk@EPN!20@<^>W`zJ~KpD0*avdZ=uBuyo0)
zkk%4`A7H;AmB0YztlY7g!F(}}R;~<;C(TwW>MQ3Z0fwrfNS)sgsaMrYUs1Z;_}?`<
zJ+JuM-MV)MzEE+N;)Zr_p6*0&zPftd6%}!9iH%22y}m$)w)tY^(^dB4;i_d=*!a2S
z8P9Z6cRWy%7Le^?uq{eYC)%&rhc;Z%YT!Tzha&F2JPBBoDB{FqdF&;PuWz_vU8xK_
zn*TvKdnTdaJg#+4`C`$bm}Pt2%K-JQ54%c!Xm+mVsr^}Q`aTh&7jvR7%;?w606Y)o
zHAK8|nLJSm^?wG!hx|k27fIyOm}@j9D`+js<L~<k!lZ1R4bS{!$xZ$({WEqZrMU%N
zj}!8GPXe@)(jMOTNT@**^fh7oxz{>H%jT8yWLGD(_gk!P)9oU=6nXtq4;PM_9%(P~
zQRi|r)lD+M2_mt&S1wmj1JP4SZjfL%APm;gHD+7Ez&lU&(BG0+bLZe~OJby9c|+oJ
zW0>*t^HzP4bGJ2=lG!XTZx*|H35A5D@>si1UI$oBlNbTjlsp<gE0p7L<#+|BG(>`0
zN_3F{F#Rvu7hX8V8fPrJJcX~yNlW`EAR1SHZ@EudF@jH=$C!BdK5bhO<t%+2;xqRA
zl3mS$^qbRK?er&|!{foj-0s~{3Q>*!NZ@SA!q|#r99iR7OtWt$4};riTWp4G*>rWN
z3P2QtMS;SCPDIhT3~w)f9VTTFd=IGYtP(N+TSYQ#2)0bR3_bTHBrh&523$m<K1D~4
zcM*s91F2Xl{Bn`A^J=8*q3K(Bg8zic6#4x@9gj;x6Iv5#7m`$<r`gO@sJ%}MW#`-J
z$`u=J-@X=yNec<pArxJ812XZ!r={^|0B>PTyBGB?5NW1d;6j-QFaqE%w*EEeRFPZ6
zw8-{W??ehbw>nuH)ye7aH?RTxcsDEm<LDa0<LbI-Y}>ZcaMIXnY&5nePLoX3*tTso
zZqnFjY};0YZ{F|6{F~?AbNAWz+;!GoYoCUuMJ=NQgiLeb=v316o1)vP48G_TIEN#e
z=q#nMky5p&tSmNDt0SU{mDlKEPcxEcrXb452*0a6YU2lA#a+rF`cX4)%e3m_pNfFQ
z2OH<pTamx3YB*>t25kj@zkYp>T5{3=CVTFBj4#!63||~GCx62hlw|F%kT|juRPWLA
z1s--N?+GCv7>Y3Km9rr05)Nle$>Gpi7)Exv;>%lk#B$z^aDo%MGtF+XUtUr^TK;}+
zNxK(NK_+tl&gX~QX~>FUT#nA$HwmH(^I(Ky{8C4dLC(x0;7Y<Hhv2Jh2oL@_K4&K?
zf4Tj07CB40IC;LWdYB+YWpRYtpCR%Z$hXyk9ulOID9`Y0wag@3^TV63?0!2NEb(#+
zA$x9+P2$G4NGkT$Y-Fe_P!{+`fS>bS)o?*q^A}aNixU^1E6+RRNp8jaE67>;d35Nc
zcp05;5nhrzY5{K-;G8Vv6yyKWf5w+rCyi4)6;FNpja2<Mz~Hyf6`MExlGwk|;t|Zq
zeeG-IDFbuLIy0jtj*5M`{<~C7UH$sfYSYa{Rh<dOL{jr9p`eN4^DZiZm8=|MBw8CM
zhPtcg!;7-Ie71N#_g}&k!ys2j_M_og?w(~%fhM=_-f81zr8_oEPTy>%yy#5vh7tK*
zBwDqW8}=rsJru!dIXK#2rY7EALa^9Bt1tqI6e*ZUGFSn91n<w?^M_r)RYw$xiAjfE
zgxZ~ACz{@SaF?rAk}{DYZhbx>gY<b)2&xA>9<*$dXIfg}$C*r8&~wXa&p31Sy%go&
z;y}jAZ|v%R9*8yk?PzJq{Nl84L0$V3az=PU$ys8(MX@CoKi_Nk6_RL_JNa3QMkd>`
zR>U?Zs7DmWrm8~Bw8UwT+XYh`;5GmJJIfJz^;8K5U1<jq-u_g&Hk|LI1viNZDICBE
z4_x#$3Sm+`E6_Z710gsa;_uK})h6jkX3MBW6^4{}6Erm@quH}~l7_Fj+mN(tj>cYF
zl3^Nw-<p(cOrx?bF*zul#cP~^t5*x^Py9lPcq@%xlz$FjMWWs5`=u9rP!zV0In8OG
z(#^_UFmY0o3_|b91x1##USNNWW=QGLt5RR}HOTIF&wF4pgG$o+D(QBF_FPnlxOcDs
z%URwqKfsA$0i2L$z@&BYsMMFBrmKt|CJ=Xzi(sBqV(WK77ZkD0dXaJ%&G4o)1?xcA
z4151B-Xz~})#~EOIOy=nk%nD<@wAk2;EpS2WdziT(}y|8MLfZc<E$fgCqJ1Qd~v79
z!FC5@{2544PdT%ID-M2!toLA~AbeRV<R8tsM#b=Q`|--LM}48o6H!MQL)W-+W=232
zbgk}W#{QJB;33%tX%`7I8^QvN-;z_q7)?#~p2-1aSy3yxnz@lXu&0ehz%}uP$(AcT
zzqwr~uu?Bq)MPlb+4@X=-+^Y`Wo12f{E*B=SIq;#$UWOdw`@!$twS1C6lOh8KP~M;
z8rD={A7xcAB|Oo$R5Fa;5g$Gr5<ydd6izXcq=4DKzyNs2X0ykJ#h4VP!o)}N-EG=y
zND^h>QfYHA1(2MzR<OQKoeWNjv&bg>T=ld{8CYe|K1~-%RZdQ&q)e#h-$p-aF$u5y
z8A7*^=Z!bkNV2UGwj=lm*B%N^0dDwY^~HngkukW_J$<c+@TL~)+YSs1Z5PiCF-P!!
z;wU)5L1j~>sc*8QWVD?RSra4l3-bw3yf4zR5ymH_3tf(SJE~t!m+WU|_INXjT;CKM
zm<EwyAbc>w0>ZrFa0JDB-^7RaCzSruQJpajQRi>4C55D*PV3I|x)ThRgzt{keD^r!
ze?lNlYP>@_L?P|OoxlYMms6-?5Z3By$&5B>B&e|2YBn4D`I87dMNublFIC8Pv`rR=
z!K5{{V9eafZSFR;V8OC?s<ahkwUf$BeFg1~6jygzFY=TKY{a)mtFUTIG)8P8b7oyf
z!vC!v?7cX=nE3uL*<>&NPh?5hpqdCkKa@s?FOZg3O~4f<`gC8WbD6nL<(#^5@RYxU
zt>cp|RiQ=40S3>gnF!XL^q^FUw%RiDWjre{_%}D`m0Ef%|C2Mti*hSw&lcQPS_t$M
zm661qCO4MFB&HMo-G*A;hD~)Mu|B?aM#CpLff$gy#(B3+ZK*sql^)f^nQ5aTWXHp%
zRTY;hcKKUse(AmnH?{FGX$pgPpD2_3YuibiplY~?x_QyT5!3w%j5>HlM7l_Wps-4<
z4cSI?(p?{5Rgj|mihOe1NVlWJ+5t*l>dQ%HJBJb7Nr0fR*g(3-yhTu=8;p1-C#WE9
z*n}VrS{Fiu!hO|s#<1tLvDw(n$EYVPqic@K4qOxlXZ1g%9ug=4SM3(L1<34D2H>?F
zwHA-+Kx5%ZCIMmIhTj%4AWX$;A47J9@WPc2<1rk{P}>1WVF(~Z`PMJJ4nmI%(Gi4{
z-Q+|#X*XpJkcyWor+EpGLAU?=#Ofwh=BCvBD8^h<qz#)B?6s{k)o$#~cm5AeE3oWV
zQ94wM1Dyr!BFN+K4sX}W&RbK*Mt+?uGanG^MohTv3{4hHYcu=X-~bQ%{W`d`?#j<s
zeY(GCo0O>{#eG3y1eh^Tfk?)L(L3gJ$`dy4b=s{A+>820u;?GOpKkO}Bzru8>*z(>
z^~RdE>A9tJh&toH0Ij?v&jvMPh`1*3iBfXJ9U*X1yPjz6{UUHqAI~BmVVRhruUEz*
z{;yZs$-umRfCLh0!MgtmDbR95n<b>%^g+OH5DD;G-K*FW9FhZ&$DxPEo2__R1*Dsm
zJ*T}FYnq=GpeGN7R0vP}N@Wn6NSQ9t13o~1hs{~t;fjPkjyp<B&^O1$2V1c%oUa%C
z#;)RmTF36Q1<<k-QbQg^k=5y6K;#zvr0H%bb^D%x+GD(T`uJX{-MRn5evN-C|K|BM
zXM4Fenxn=QiC7j?K&?2=PAolTAf?&gFKDTRBf~PuMEUit*-|sH*-)#v(8h8K6+o=z
zW!?`S@0=h2S6cq`a6r~^XqaqJ>p7%8H{(VlY0r=h`D@srrqSu$&Y$F^j+hXnX#ye-
z_jFPGltm3JW)D<1Uot%O@V><yHvao(f=3_Ly4QyHiw_V}v^Z6t+;Jc!e)*#BbcqGk
zB-4zNswGhH0G$ySlJHFXHj=TkoDilwwqKAWk(80?g7%qsq^#lcS1SfktG<lb(?`7n
zChG_yxYxpt&`qe5w~3X25sI_Jq-;khJii9tPR`2kZ$Ep=mB(*eLAbxTs_~7DKp|Oh
z$8Cq3%^<>2zHkgagC&MqeM!_uLsOxj(O;FiayZt^wSY_&5vw8ffB&4tL6#QB5Bmz_
z|GGyv<!Kop8qR%{jDNyBWfed<d`q_4NxP-73gwMgTBoV*i%u5$uEU5<fH!(an>dV|
z&E^=~pq~3vW-KW=hm*jndye1Ud^tQ(m<mF$<u8b$I^2L@cUfr~XZ|!JBiH7Q|Ch$i
zQx34uZL6#Te_XlHj2_RT_GG%Krc`dc2^Nw`^g6Zi=UhdWYy!1?FFQbC%D#(XQR{Xy
zk&eg8eGZs9ugi3*GryC~y1cT|M-2ck_sc=tJa+awJgPa$@}MBL?ror`UBrVZ6QT+H
zKB#a8ZT@@Ik8Kw|zEjNO$5lll2<?q}T@gcg^m-z94He{q=6g3E25|9%^<n%zk-HT)
zu8E6HN27&PVNL6D*#xtxdW0ErViYqk;@4`%W*_w&_>R^U+;dgG?imb{%pgU{9jRN~
zi=gaPDLlK-e+!*y`@Ya@;M;zd!hP=8fX=0DfNEM{!D99Se{nGp7Ln-4%on1u+;kxR
z7@XcW!DejE#{{G`B(tH`4=6jPo+v`DwZTb_kWU^!h8MsuY&rHRME|DGU*NSr?i@!}
zjQZ(m+~Ys1L~&01`*pHE(TO6m8r0QZfO0`1%%XOTpnf-wmBcN<TclW+EM{jg0&*~q
z9uDG`wMyrxU7J5=aoI_rrL(Y7yhvxcaVeE%|2{o0jS3iCJpNnq?KWWM*$<gmf6DZJ
zH1l4hKU?t!?Ofvk!NRHTxvhPB<1&iriYlI~GAR)l?G8Sd6pUt2mZ{R%Oy;Llbtyx1
z_0$01<WRARJ@gc9$_f<XzI<Uk1GNySou_RX8N!RiR6kA=qmi}{1G|h{vpTlqW7f{j
zIS&p?DW*+|D8u|6d_b7$1g#Y(S9WIbxBMI_zn*o>vhgH_ECU))6UXKY2Hy@QkC5BK
zjtAl%Aa1#dag!5=bA3U3lttNqJFb%I&}Mx&I7@S3XU=jDi7=%wUsSd^P(jb3?i}Mg
z@OXa$WAUc~U$8#kwOVs^Dn1q*A68rZ$XR$NS822Bafu9C4mf{Fxt2QY1OW~nEC66*
zP-3v%!VY997tCXB{44jVznQ0M*xfO}xD~pR?@M)tj{=6Y^yI(k)g11Pry<yA?(vlQ
zZ>!6XN=U53%ak8CY1+o1;MUt;zDM6WkQsHNQ-T^M28Gk>D<B^G`-Gu<YXFsf#)Q7Z
z>iU6Cd9^X_rn1#|;R*xipEwK>wfX(*4rRRvUTwsI@SA!DqSq$pWUG<z=kq1X{l6W>
zo(kLdnE6w0cIXHK5qDQu&2G5LsnEroUy#H-v}mrqwQ0W|+>6hER<w59yz1GnGaGtN
z`h!)rf=~y1KTu7B6NrOE0yNOD1Qgds-n#d~WGJj0^<p8>;4slrL+h_bnCXH6bOxLU
zuyZja%nm~0CxJ2)7FLg>^kgPhtuEee`y5x=-SEGPiqOgCqx!iqj_#E$HT-UyE^CU2
zGlaP-{J(na5rMox*j<ET0zQ4ecu*W2ox_<;V-^QcZZ_@QZTJ{|9Bft=r{mg|p<T=o
zB7ir_io@s^qEjSzoYIB_A%;3ckayCFK)4Z82t2;R>>Ce<W{HzP5AY}y!?3u$6uuPX
zEvkLnx_^y)eynq4tHXwbln@W73l@8t&)^`p?fP~`hENWI@*m%cufNS6%2%usFp~qN
zjM*+_q;qTLH7y!f7wM4qv>ACJ-_pE}^oWh@w~sTCI}Yi8{mqpIF3R1!*CXstR3hpR
z5Q-iYL;{i`^AO+=%poYEs9e+`lX>w9?*CAM3;K~)15`Rza0R=`&&<v|8nf!Ph9!Gv
zW$<jIil-oF3IzvxQuRn!K%;bS24!!r!Q&*~%q5=eb(uL+3)q9NW|neskw-I}LsnlV
zA|j0NE=(#d3dXxz{v1$1%Y}mK3POq_UA=LAUBebc=;$Uyq>hKRP|Rd94k&P$xF?4L
zYW=V91F-2w=1s)$%7I6x4(ny>Q@9TZ+(!MX5R{d!a^E!6XApmIO@J=xenahcoeeYx
zuN18JBa<Mv36>2e)KG%E-@Tu+U#w?70bVaX!BG_zdG`ZG0pmPfD(olX{yJ~nn5S4Q
zabQ`ZFQLI0@-#FKWBAVDp6P?Tz+0(`)TdkL%bdc?SY5F}X8=ZpkUsv!1A`&~<}Y6a
zP$u*Tc}JTC%j9XYW|tD7<fKyejDsX^bN+n*9yoT=ZXW8iYFI5MvJJky?-?98^3T6+
zx;>-be7exS6=gz*^|#J&xn4ERdZsDIy;)+Cgr1PS=qINJ0XzKNqu!NsgP(8ujWw{R
z>uybjD3~L>!+H-o*^PU?Gdse*z}#nogb-ZF-cY++t~{d-m9?o+#8`XIA%SDm((pF|
zuZ};hbR6`8;wVUe>GVB*lc9>IlF{jg$J!|}v$WVt`@YX^OvZJCER@WC(7Of4ZVZPH
ztZEBLbNJlVi|u%Sr)ulS+(M{VJ+8ZT@9}NdbsDVDhuA=2?r(&Hb4O*V=?h%|c`tIw
zLKBqd{y?tB#4Uj@3<6VzP}$)~o&$;Cj+Se1dp1w{-gbZ4NQXM=*+=T~dN7Egc?#Lm
zAh_R!(Hze)hSt9F)@h2{M^g5omK(D>;xl)$3+NSX^0RS{mAwWccXN7Qg<ZTBXlFqy
zy1HZg{$&kK$al5Xh|VJ`gU}BHg=9Xzi&4k_8KJ!QaP}CR{}$#7e#rC=^6cPj!hlK@
zlHPnlD3{9W>bCCz8a&%Vtr5%4v9r)qVqic%GJ0NDJg{^@bV(Z@*%9XD#(c_JYKizG
zpU}>8&=bXhnqKwh8dmyht!7uAix<*s#^juMIt?-#XlA}b5F#*?`D+^#JXCf&8Opb{
zJ+<gk@$1L7I`zuqwaY{CG}-($xgGQ_>6cI0anal`yW25$A1PrlCL;Cv&MGWu`7sRW
zlxN;d*M2Xen@B9P7*6XSwIX|<pwk|vsAs#1)g3z(#6y`0hU+}wwI=?e<`W<d25`Y1
zLDHKe(BBuPG#?Yp%3DFgv4zTA7CjEoE&s+}>bDuyb&3d|o)fnew6!mhBcohg=~=zG
z4dnDg@^`O=;6qVyw6v04<n1Xjo|?Q2!msE)X-W?6^$7gF+ltlSiEcWwq@E6wc_t6$
z1>;fvjIH+;X+{uel4IvYD3)L@k6fUdCKM$=l?a>DU?OH!^UeoJ$?CRN#G9tye%z>5
z=c{kmCmk+Q-t#%VN;qzQixrD8?Rj}n$T!<^c8(#Ddkqg7{#k*Rg(}d2<Qli4qGNmw
zjprkz=-OMs=paE~IpLsO7K!&n;Sg>O7MmNeIa2n71jn4&KL?vS>QPhyqU&*dQOg`R
zoObe!6sU=VpU^?K2Ds1K%j*XkW8%RVwgCHsBU_hYa(s-mtsJ<UC~@!RUZ<!BIN`S_
zu}0B7l>_|wT@|D8{aw1Z)Rd+f*tjL^!UN}1QHvWyX1X54G~78NKD)sba_67fE9M>f
zb}d5JeN?8R1^odM!!wC(HOp|d8f1TP!FABcoPBfvqB+Q+4<{s-#D-iPeR4h5j@G1M
z|F#SA-iI*Ghfw<HrmYZ;1KTmw>N$$@UzLtDuHxNpoyf=a!TS>V=i>=Gx$xV?`>?hX
z=xwd8=l%J`sptK6ZwYyfcZ%`{n7yq>6>)|IM?aKvgrWY+4(b<xBH_#p!7NUz!}50I
z7_@=d7-(ua)J(n)j>H<i%}&lQII=SaP8_m<yx^$}-8}ZsyQP#Nx>z`;Z38`QkFir)
zxOHNOZ`Fw`!-7y)WgvLR&h!2Ud4Hm`Frv34q~unQ>b<tn;yA&^JXoK{;adCv(g^%H
z(wO6<Eyzp`sr~1lT<aHAj3}9R*m`G{9(ld73%al|XMqV*tbODmYgK6PRQ|xYr!#IP
z+WL?d8uNr0+%*e>lxLnc5dc5VjJ$|Bq(BqntR==jQ;c_0O<YZs3iL0Mi!~{{jrq5t
z|E-sL-oPtqHK;_XHTaej!tyB{Kk7Pch3<}xzCcjSl=s%X!U0*_1TjqZf&l(`%pW)q
zPqZX-8@27LcSYSI(tdL*u=a<_yhK&|raoFpOIbfG7-lCgqO*xk*&~$@YQ%GuQ(BO`
zmVYOa-DBR6x9f*xLT`g$1QazZw*_!dibZy}aEIfMWs#i0548k`ZfeAW#L8KCAlKV-
zgVt)+b+kkCp$}iJgF?iD150ew8f-zAmjXto@ee31I<GsM0*4-#l}FTwOg&5>;32Pa
zq?RP3g6$tW9+!dBAXlvg@60e8J*{=a5v`Sq=P_#BZ(zkoIX7;PtCXu<6?JQEv*w0l
zF7<d>x5_<?6Djuj2pm&VDD9IcN&XS~nx0S9Kb@CBjIO1hNcOB=uJDlgS(u<`o*HHP
z6`x5AiVG;B&RF|FOFdYmGhE{pul`QZvSX<@Pfnf$OV8M#;rNz)m?+Wt*PvmyHJxCP
zMug}u-`_fYnab0X|JD8y$rT_3T+@aeR3n2l9W?5b@e%i2CUl4Hpwe5U0MK?7=h+?y
z33Fg@Z9keZ_wk={Y?^=_w81MCQ>NhhO1qr0x&OCkqj1c&@2iC~{$wILhJCY6!et5a
z?_y<Gt|aDeXkXZ%7qvk2DccWz7o?uox0{uLB}lw1S#^~<n9+9CC%#G4SZEv94UYp$
z7L&P??q4Q2A;X|<l<0W1IFudYZi!^M<vD?`Dku1SPOAQl&cH(&5RTkmnxH{V%!V(O
z2TEVQ5z&PpL{&~z0zbK0oK!uKx^86ylN!144$Qx#b6Gla7sCBD`5diTk)xsXkf4u!
zT!`k#SvjnNFHQU>G<579?!SzNE{M#FCt~KZWV#%f8SnpjB47vJJq<qW!BbdWW>z!p
zmZp&5s<=qHk9ZN%fvS(W5|(T>esPCzrsSN~2&w%Bi$Zn<)qgv>=g9RK<$sK9DB2JF
zq=MIf<S9v<|85M)PYG{oOQ9~rzaDoG_mxhcGj`((GDU#ce#onD6<ta4b@mq~@CJnF
zwM2C^qlsg5wlG28N>7wKSjfu40H`HtvMd!7e!Ex^>SA4@3fc*CU5HP0uPkttZzY;7
z46VAv`AQ>$?B8Sj;o`L&<Mk2-f5H&;Q1smIW)<(LI}#@xv{mDEF;n8r%kA9n>fP3l
zRBb=Q^PxHi2Oq`xn?JOUQ;CrUzTdi4=@b>``_q$}Yl#y#;U9MjaOK!dwQfC~ry}Q#
zsdj<3tXHxG64Xgy0!#jV4-Jh7^}UZ&S^{~J2sJX->C63u9R9Bi24uV_#mfz<1Ziv@
z)bTOF0~=Bc)nhloU5>_>!?$W$R)E=;SVlzs0=r{G^$fS<dVJu?oa_&1n>cTC4MNYW
z6K<l%78TDuz3_$N$(9lVRVmkwMl=ZShwx$nU#OWgde8<2SpBN`D9<&^U4}R<Z^XkA
zJ1&3uDK}ocWKhp*f6Jn9*A|r{H^d+9peZaeDmy+^-q;kh_WLsl=XU=?q-uU3{?i>n
z(Zf|5Eg4U+57-6Fzn_SZon_fUv>OvLu}P7z6rR>uKU7L~*TvCpUjt&T0jH(|XB)Xw
z_lm1LLHcO4mEVFfpJ8B2!$HEQK5}vYY*@)Olj48->1h|;z9ZIBDk8o0&?z>N&MP(R
zSC_Ctc)Y4w)C`$?uPL8<*TYOG-@*o$epq=~fgxx=EEG>Nnu?jEHjx&GTp)epF{@0y
zu_v?mZKEnHy)G4n2Tg3xu3re%^*p4*HoC4oKsBd`CUQQ@F2kvS11-+(wpy5`egl@l
z8jXWa{}ofzMOX}0uECC`)U_)ltsezrdX)Vln_{I1MTJ*}>v6?@q&-u7`pfEYf943V
z*FwjruQz36ZO>sbVNo<!PDe!9tRsgn+TR5EvgfD8y|;?U5jzdIa(_t@mp8r2sgN?!
z0zqQL0T=LF#q|!MHYLkSx5$-*%fFn##bz7;QT|lk=RZ8Ck*$p)nt^92>p`Aij{C?k
zQ*<iE-DbVMnE|$HOnQ}t9ZQz3Sd-WF(!6CdH;<zfyuv)5hj6mK>T*t&-%g!<ccFGf
zQ4m_(hOyw++BrYPF=-!=<n~|R?{v@x5xuaW65>6GvwaV%`FIJmKp`q@T;{Zfc5ftI
z|3N{@!HeIqX#O38kCeWh>?WzLlqY>mnH_(Y6p#^_izm>>(3LoUKM^lvmzCVak26D1
zC8tBG4I5P`DBsu?>K3rZ09<33`ldDqM)Es~YMn8CVt75Xh8RP$N87+z)#pLb!Y`lv
ziu%SJBynPIhxnzvmY!kOx7!EyI^hp5p1$>`IP|{c?D3|R_?OF&UfO07-J2gSuq{9S
z45~AK`qS4V!Q;hc9MzF`cl`-_$6o)L&rJGuLe?P;@A-!LZ6xesXup2ztuc67BpI~;
zEjcM^7A&%D*-J?-wF>>Bt1C|rs<)e!UyT*gJT11-C0Q_34UuDO%&^unS(|#1v(fVy
z@|a?4E|n5txx}CSY}-4-9K%3~TEq2-LSpObdIi!h9A~L47>+f&X~X>VD`FrzW?UfT
z)jjpBN4LQqhc)+1hzo=Vn)1|XUPk|g5aPTXxP`<I$!3V^Va9j<O;Dc&TAWXl+;oSd
zY7(oP_7)KVa7Pyk+bZG7EZMNG7F)#c2HZ>ckI}H|teJZgq;-W0($m|Lq_*hg<q?AC
zd44s6(4&ec2Yo1)pVt7}+EvksK@o}kgc4Jo<S`y%@B7ve`oy~*<$Lb0XHSM{s9n)#
zfV5Q#BnsZXc!78`#mO=#JDaXlDi+)aYu3`ovNHdr#Bip%ryl>chi*uGfrmYG!K1x-
zJd5Y&?7)#LPbx2QuKI0}vzL+4h!fYVzOM^uIfxct`ybEWz)prte^{!-5B*ealoiog
zmN?xNOIAC{WGQ#rNM6^+gUJ3d-u*l7gXZ&SO7i~Vs}?J(x(7^<OP~bo)mD1as3h{e
zm>2<9#wguz&andEqx?0!FD00tHO#K0{TdUSgF^9f-{TZKeRO9jYGqb<@x0TkskDa6
z@_w*w#_OdlSaM`iN=dkvp^Gl&W%JZ=$%2e$i`q-cNc)~T3Uck}LFmL2cr2;Ac;hBp
zcX5I1YM1!Xi%1|6EhQhyV<Oai)6?DhOCCs+A@4feVWFXRkJYrzS`%cA0@~p7)NwtY
zDEJc`n^lQ`Ry~EeG$6!2qKbXDKNnyAk1n}zo=2Vp5%ztjmurVM#2LSVk{Hhq8+vV{
z)nFu>s&3CU-1QUfOdgoOD%6?*2H|vn`>GK6eL~KpyV*f$XVOTMIy3BOs<J_4nARXQ
zxvi>w+HC^`tp&NPCEdSnF#u`Y6~x;SYO()nAOTI)PwA{#WRPy!FI=-3VIjfC6j;%S
zNC@kjm2TN@dp|d|7lah^&d#&EW(Ur1xd&>pGC%5nJTmcf07Bvw=lBP*Pql#Q<tUpJ
z*aqw|JD}O-^v*^Ac_CJnaKyI`Adss<jPt85?cFsEWIGC5O<@nLnJ6)z8~?L*c|VLG
zzYV#Hw$PVZO;uRQHO-=l?#;eQGHM$Sv9M!N2;&B&#$W|Xl=J&+5k@YMsFc3|2xvKS
zCPTH0qLz-5m|kr=mQAafo9dn`1~=!B<1r<23mSO=!;3|^h~KX-t$zjosttcgI_kS?
zAYZ|IJgI}vNT@MKA)|yRq4z^Es9Z#yc6&o|n4BL|rSrpT*&YvcmlrYoXMH_4m=YN(
zN9&7}8Z{|RR)C<fMY+<3_~FwEq0u{};%+@<I~e@%UJD8gj8wKKvW7*|$qu8Ja4XnE
z109A=#CavNX|Q}KccVA2|GNM-L0tC*gQYr<2c~yIRfBw44~3yVNf!Y%{Vwb?#V*f!
zPC@LmnDNGt$qj#6X|?(N;5)xsUA^#m<BfY4yEdw{o4j;AK2@PR)`rowge0vT+ayr8
zz@T&V%M4F^iY+O^Ec%P#{?iq*i9Alb1<|4rBiOHKPf3uMjL;qY{IwPSFKlw|z=TtI
zij^Fqt^vQyNM=;qqMj5b@rVW2d;F9)R`+j<D$x?<{?tZiS<Jt1A!l;1dhk*X>#6^;
zJ&9Yy0=-0fqbgQ?s!yi>$5s}rRT<;zfT_FMVypqQL6UKX9`x~5>8+h#{<h+VI>;F^
ziy(x3KeY6tpD&W(VYl|vzkn3x0)U|lrT7imOP1m;=-q`BVxMF+%E(my_IjtFl_+Vy
zXNakQd2CpO)Jr^)q+#nB^4mxTYFmgHZ<ZJ;<DMZ=6I|uq7+r{Y%UZbow%k6X5T%7x
z^fAnK#Ov&d@@#BxX=k6w0%1iexL1AEWgot?2u6<x%NM1HT}crGWSMX8O#J*4!Z4lz
zygCqNdeNFv>A+(?voeSUGu0ZsDnS-9ADT!xwO{UOho3O@lC(UA*!2gC)D#x{I7zo*
zVsj?ZMz9@R@om0X#6SNH@{l~1ZVHgCdut1mqhY=Dih+l^A1sEHUE+{52CDL4&_U63
zQNh7)*XI~aK!uMG+NJ<QP+HP8$AJ1AU9`X)oTd&nVRgGce%aT6{-S6kK)#YSnT)>Q
zO=E@i*?kQ@4mqKbBU)^P8KrJ-Q&!z>ICtvLRxMn7b-rkQ$aM~4ibo(~Mb%erJC%*q
z2R+md`_ZLVFR4Sb;ASgysnGAWWl;xe%5WU@SH7qT0%MO;`O^8|z3W$zc|?IGu~ZJ(
zf^qfg<l67_s2Irq5=(!gbgVtv&&%xx3W9@bKfO`1J&@*a3A+gb(6{WBzd`ZzX=oJt
zB#^6RCG6c<-P{v%jT(#@qsF*hE=BpzQ0D*W-gWlWOfw(kD2w1z)VWk~ookI9{Otrw
z0j8HS`jn5f+~ZcVjJ!qhigEon3(DIOH$97%z#oVX`izUU)p}N)`GY1;cfXOYTFt{D
z5_EMq7oyYCKLC(cH-3Is@i0t<h*ccYE3Kg8>k+gL6?-nUk7d%0WjuC>2Z*w2uGmy}
zbQ~@c&5mzcjAZ3FW(4~8e_T=}_HUOF87h?2Y$K-CB1`U0=<3(wNQF4_zh{^IT^62x
z(2+9f*~nClSiX}KN|syf`SUP)cFvU6&|hDh)`I+cyg)r_er(;YFU|4Yp;>}_O9bKN
zwLeZID5d>e3)p#?7z@8L`HH5$NOPVLJIcr7d-?StVI#cN@nL)zey^UqXCE-ANS9Z7
z%o)zw#(!1iByN}dPCrC*dDHu<ECX$_H^UfvrAEq2WLAOkWrpSN{=FE1G|DrzF^kew
z#zlYQkt_(gHUGMA-*dnI`0j=^fxP=?wg6jUarJn*lqx|}^A2hi3_eS=B-<E{?e0cv
z?($IU0NFF1+M>hXT1NCWHpT)k7;lPcB`={AU+Ef3)RbJ(n`^rbs)#D?(jh!_vqa>#
z-wkuOMYf;$=mPm35;TF0G7e5ahE6i<{o(D7f@=`C6~GY9b`VTW$-c<huX)SCXe!xi
zju#d-P$EvI_Q`VGOdwcgwp(7ao5+JnqNbG9z=d@yKfM>JT_amLmV+7R&?SE!s1434
zjaPGVcs0{o@)EAA&BYizTiI7helL=~E7q^funK|gCf`!g7J<xlvgjl_CVaBNJzS(T
zk05R8dYkqgaRUh`Y46(Yukv}%SCPNx0-|5c$*>2OA)zR@vei$f!vY8VIWT~SwXCOY
z_6L_a<{3i^L%+JzM?t0T%i{RBt+Q(!@ypO~V6_{=`^!9f^0A^HxiEa{(~b%I1A;-A
zosu9I<N_vq!G-icSfOLQdO2(lF)F=iL{PvJbSr^3cQRiT;DvOXH>P%6gC@uo71S4F
zAZ2%O0HgX8Ns1wVAk#X$ZjS>cFZczaQ^j5FX<1CK8ct{m1@=Y9jz_rC8=cxfl`M>a
zV<@_oBJ1nix3_{%<@A}1`Uqo^LOH!fmt2I@R)?usjwqc`?3cRA^V^m~2el5nJbY6?
z2Kf(~JFpRk*g28^STyMHz>Nq-Annu^Ru$@MIPI$)>=V?#udTfHum+HzQA37AUp43N
zffJqq^24mXdTF5rdUa>g?z}3hCzuZ1YusW@?IaY_$d0Wfk$+(pQX&>1hn0cC;uMb(
z2=UzX4!FDq1JyQTi6yFP^;}m-iy=yrfCQNnlztt1Y8X@W5HKy%l*C_3!;2wrx+==y
z{9yVwX3?xFGY64&Cu$!=qa1errs#j3HcD^Bw#GY&q{=zM#NkcMu1hFI8AZIgAA~H+
z)b`LnwLeUj;R`M$h$uUld{ZEqi95Vz^UjV`x#QQ|e?tMDr-{*7@e0u9mqzHUYH>bO
z@<e6wMo}k-#c$S7dB6!gj!=NV@Jv8nbzw$9?6NPI_#1jME)byV*M+&?rycdgVZGEd
z;fn4?nIbhCCb=6&H#E?h^W1SURMK^y7nvgKup%EH^~p$$Xl#CV3CR;0w)b`TIz%vm
z+25XpH5_IJdwS!u9<&S?jb@HinC49M++{P3@&_wKS2j;FjKIvp_}$38zuUxH90mCb
zJLKA@o{)UY$Ps9yDKd(MS=W$O)HPEp+KS2)EW`#IiG`xGfA8)MOzF^*5!$IeHpQcd
z@}v#W?Pj`LVpB@V=#vP5$o4R=1C4pO!V!)O9KF!ucXdk&44M6p(o<U?)yy~HuzKb>
z1YFhA3gP^frtS!^`Ur!4km+);r347dE~}hP%R)yFNI^w_<nyje{uPw<4vC1^jyt?Q
zy3bp}qFtw*9!qSVn<K!ByIHPgfrSB)tB?0rFz-F|e4r^OfNAN@x*M-q|F_t1Tvrq4
zb~9<nhFHp5)zXne%=AbTJFbffEJNZfYq_MOMf<@d5;#oxm9A=Don94CL4)Df)k45<
zfcjAs3nG0h{#4vQ9Ch#XH3FA=NN=gr=&fP_xd%$A+?%DhtJ$Hq=U7q`ku(moTy@?C
z9WRR50QL;8eOj;#ja2a0FfXgg&sk~U&m*S4NGFAC=u+id0z)3QLoaf*1MH(xQ|r7Y
zT0fPBZ>w={`&c&8nW~8v=N+^(TymEtCoWCtLG4&^H2C1564D>F%OY+#Z%5hk!$S(~
zo{7*0g8i5`5C3TEM>4z(ib=!3wBBf4k1e<NL<pl@B3(^kWkr$C5NQLpPJ|3pRI<Bq
zsG+(Mya*KSV&{dJ_<J5nAE;p(34m2o)wMtAPXFC$P%ZwqdChY_x?hIVi4EdBQD^|@
zMh@zQ!5P~xx%JkBK70M58lD*+;t<7(ELHk`OS^IwLSN&LOdzFY)1Q_CIxmslg;K-6
zK3-D3=JXIFaZHbsITL@rJnujVn^?{BN%r~3Mo>pjP`^KbO(2d<-UJ`dyRf`<T^WvD
zw?vixPrKbtlv2-7I?T&ZSO@`Q@nO86dULed922D;wX0nAj7Wkm3YJ_SRM;a!oG5W4
zBXye_L$+di-DVcYsy3z~L0dh~kS`6cE)g<pvB^0NURG?5Q@h_P|9!b{5t{i@Qe+bM
zrD^uI8>&t?h+O!Z{)8|6;Qt09)%!ytVnK|*HFH|OS}9Q=oiq2!;56Mj2yZ}cBjxqB
z53rq>0kq<0!%PnO<1vonur-w>)2`UQ7d-u)2sp0@opL8f?fAYbFxed;rq$B(of8E-
zgx2SM=IfKIB*=Tc^1gWt-Zx;mW>9Bl_Wd@CPh{_Ftw)K=S@3Rh*~wblQOyi@t%q*F
z0vuc#JkUz8>@XEa(A4#Iq+H7{9bd%XRgJ_y`Yx5SBf1ya{E4*8gX%P6t!;c(uvRBQ
z8%QtT)|DFqGz$tXP)gbN)@tibjK~>R5CVFG0k5)T#3*UO8D30>YW0(I(jMAFHc7;C
z+Aa{59}+i>*cEmG#K4)gIlG!N6Zd+tXF!wYi?K{ms&?`@Gj{G$CT1*p=`fsTnx|t*
z+GbZBk#k>62S=W_)ZgDylFD%~M)X_idr86|warDxT$qEJP<!t(Ob603zaM7(@0$24
zAK%L@JUi=AJm3Av9N!?ywzrEtXLs;BRpEq5>HYh&VLNIa)Nt?_854T)l>V~dWZQ=5
z?=^cS_y@xIID+rJMxJc#OYgsstR(EQ8v>FO#A+Go7eCl}l=a&kR0r#(^Va)XAGC9D
ziNRF+A>gYoI9Qw0-2a$}IV)>cRPvTJxJ4bx=80v!60L;nbb5)mz2p>z&Uk~FMhj0(
zRq+NV-seI=#x!Kt$Y56mz`c+C(O1ay$_;nv3Nm=%m+XxWmcfgYVbp2`REt3|_zZ3c
z4Y7Lta%gCXGP<cRG4(f%9-KP=rkZk|lMXy%^ha^(#Ia#H2HLL7bY1NNW}-Bi$$$Ms
zwK%<FA{$h5M+$xS`+*K)9vN)hu)Z}Kn8LK$lfl*pio8#(Kc4Hw0gLb+&ml{nIoSQX
zz9Rn&4|L3r3eDK?=CYBUN%~83`Z7+#oT=y|;Z3O|I2p3e+1Oz&;55#qM4T}1$RKGe
zL8*q$0K<6JV!4zIF#7A%6Fw<x^kcbtw82fwWMykJ2$zZ{46zdIjxk+kaU32G^qR6+
zyADGI-5zcsBaAWR(g_g7`$Feh*R#lcJQAVt4Kf76x<1QcykvN8@qc)E;Zu@--zxPi
zC9bL%UT5}z33eB<{boYTyY=s(^|#bIOkQ4{x`^E$C#NM*8#Ji~WdF|70|i?TqG)Q`
zKpV#jUfJIYy1qSWho~lPh!QSLtHng3MRR=KAhm&5v2Oe{bWx<qE5Zu+=Y6m@sDZC)
zLw_DSX)70StSAgbMIo2c;wIxERVY%~EU4r#NBp){jA@h5^6N)dy()VJ{OM0{L6|N(
zKJD8~n?JQMi`Evnx7L6br$So3&>=j}t&TIFj^FEJ3|25ksa%b?ZLCKbjRvyl0TT2e
z2)+S1Te`BoHS(2lW`T$xYsZoiJ1?k`nlR`|^pR0}q}X$I-DOgs@v{qwrCk-12O`c7
zUtC5L?Sk#!ctQ}yEUuPWY(<{<WR{bA50)j2IZbAxekEdXhqd*U#nrp=xMZY>^@AD1
zB!-;QI^&4bR(oDHx|00Yd^xbO>$B++gtJdP;<a&|UZ&VgLa|{`-)O^>`pafz-(6Lz
zhIk-;6{BJvno4SH%AQ^MG$LaShEeE}R_7@uw0TX!c1x$!4G9ieIw;kT4QDV={G5y)
zvh@Rr&rQI$RVV5S_;apiGr8v~OK-+uiGU>jOndrg@s1yTn75+mlFjE3M(fBO=;PrZ
zUtaL|l7cXb!ZWg?<atcx-P^j;PNf^HbhRH>U-)!yXo9#5K?6MR`F~TR+?$-rt4z_^
z^LvY9Z$_;};VVD7)Ml~w&=?XyVxyWMqTJucVkU^q@OazSi`ALtdFV{(u_>r{gC;Cq
z1-WSc<-G3hpv=%gAfwi#`n58M%<(^8fjIuOSP}R($A#oXG1&qUI4ew1g>Ym4A~RFE
zs&t_@wq}bX$Hol5<*izSuNVWqB6Dz4N^s8mkM|4}G}{nW0VCbzqitg!gavtc$<4Iu
zTiC4K<9*D|FPwurhI$t3D5Ww+(^{4KbB;sGssl9xPus(ui>h37pxbR(F(k@-Q-jLw
zb9(FL`rkcho3c_rb$TkvUZIv1yB&ksMLuC$?aAH@g=y6nUTgekv$o-_JrK;s2oE;W
znK6=U<F#BUVLevC%B}*Z7Ca`bXpJ~g;s9!FhHtl7`4Up#H(Tof{+8P6vas4wlB7Yt
zIJ=~vTvsz0whBTFL^kZLI%Qt3M!cWq6YvJM-&BF+>pBU@>+r7y?&$Xp^TH+0kf)9F
zpIR&NhSlN>V*;!QVDqrXU|a=wr-Eh&jWfLumo0_M+=&&itDBVKZ8%)g`7UEy)USr_
zMgYbROqXmh#=_G-=I0UeQVj-kHY0_-sIP(`#*&8J=FC7#fE+*dY^A*Xg7YE*PPJo2
ztWHiIa*WIQwLu`X??r2&RZWJg!{NL=-O?$rj&H>71wF*J!XWKu$g(c#ZL1RC;Q$Ar
z6U`{A?Vo;lr=6`=1LT%ho7#OBa9}~prCGPLl1?Rouj|LLLnky0v@t0~GypU+fJN*s
z5f~5o<r!oaSv?kTbM;Tggp|_9IY&Gl4mLDoA;}U(%Xk3!PKsa?-x`%Bf2nRvjDlxF
zc}w`+@ga$VU-^T*QRI)0B*2oz30K3uCnflF_E*xwruWsnjjNy(G$U{TZ&&88C>UX>
z4i(Xv!<s|SRt85xZPu3tMg|p+oLL?=H<%b!z#~^jCFg93XZw-FuBM&%z@Ec){<EA&
zPh0%~E5*2eK?uS5G^ghy?Bv6RtQhlsVPA+j5RyUI*;KR*H>+BAhCZ7;0I_bkRmK+<
z9TIf+LGH8p@h5G&2P+Jc5j3+OZ?uBsS6CNY;pmR_$2Tw|{+f1#Fvrr%-%;RhgcYnD
z@=fG~u=91;M7DurXFq@~`D9y68-l5I?h@;{jgq(+_IIh~#FblIFdP!kr-8Zjq}wp^
zZZwxmq%Evj8`-#}Xu6xqklD;g&QW!;+628IJe2O!KNwxvuu5ubjqEiiX~I$e!T8jB
zWxHLA&sse2_<5pRkEt&9><N>WK?zq`CD6`RhMAq0HTmWR7|E#m5^=}BTdi0bRN_tN
zm(m!mtHo!Ly7co{-qYLPl3s>8Zl3{M$NoO$4|QDC_Fb*`S!A#Dd0m3=k5oqdPz|Un
z`)L`{7Z+ts&k=vMDYfIN9&cmUv%KgtZyR3XPyean8<jHRf*}2ZJXr9oM^>?jez*H6
z$`|Hy*bn$Oo;C~+$V5=~E4tD@*|dL!{KvfN>#Vo?UbX}%s0E>ZUJN~kI>%>8bspU+
z7Jb%jZ~bsiQPyddE<GWC`bJX|!4Ar+fs*b9neRTq3kz@dZmpo_Kh1oT&WR|i-%KEs
z6u$e#8!Y?b=V*Vo@*F-LxnV)vdsC&}6A#VWaS7zCex0=KG%z|HR2(Nd>RSC=T@WH4
zIMvE*GKkkmj!8{(JdcX10>yk>R2r`s?@@mIfewD31KyRTiDmbtI$PJKiG9z#bVZyJ
z7@>JrUNSe)#$#dZk1ugSx=4!5jNm;h<ieN2wzx#ygcC9+3xEehj$rz^jh^2`QOKH7
zlu*YHsh<}5=#xG-qEe>*!00zPK6iC|kLOgR6aDVZ>U|G3e6F;55NrrCF2%`%GheSA
zr14dnNB}G+s2OXTe3~ph=D%p>@4es;bC268<_<edtumZJKw)sB#nQLbpGs!q)BtMp
zR;&{ypjpAhfxVoveEEMGnw&2n;0WaRkfQI`Q7yhOX+Z*xZa=KbMF@uylfV5-_q1qg
z!90zTDu`pS5Qf(j2T$FEKa8yFE<Mv-^H)xRBT(izs>_-vT;8npX>TV(bv`b-U1X)D
z4Sq>=w0`fcpk06$w}S*<B}bDOYX*Ed_**@x(QZjQpONVGHSrO`-^qF(jqO1N`-<Q;
zyMleq6!r$w`NskJEpdU{1BoyRc;99Cu-Bh~{RzJrRc=*EW%T)j?(N^>%cS-2;IECd
zQIP(U@$cn!5<}QA{k)fSU-GJ@w?IDU@XtBcj`1>|fqDJ##Oh16&H7r~l7>Uo;Zv$Q
zT^32&#QNCXAtlYsm1}T7guwwJt|AsLH29A7p&(B@{1l&7l3zXT(i_r{8!QGEmT+i^
zRHh5ufbtvErr+ZDwA@gV#cm%mMcy4i5l`RlesFYB2ritK4<p{yk5&m;=o(nDu$G+M
z)K=?egg3{oaVe;Isz*=2xtf!GM*~ZHPF$%3Ji=QnZ=d#M)omV=6SRlvgi>v+;qjSk
zG@ds$A`XIGaDvw?jK=}Q>jK8U4UW<M(5)(RydCjwsMCSb@!~Q%_2jIh+0P=NRUVqG
zUK~wgT=(8YK{&w=l#vCgUN6SgW@Yh&WXAz{OKL4H^Z~G!q3Fr6E3)S4bv;8JM4uEs
zrmpuI$I}XrMq>jD$aJdc5^p$Pj_x8>GTVe9e?24)La8WF!t7y0*3vNvIMeIL2z5n^
z{)r>l=lu38ayan$H&o)Q*DNGR-=5{Yk>;DuD#A&rl+@s9b)_CA)W>vA#+U<+(q&*F
zm@M1)vQ)j)%NDU`Vn!(w&?JtIag2E$ES3lT10G^oeoJ)PdNBW|i=YL62v^eGT(}F^
zG?L;fGB62#Je`zLc&F87o4s;N6J2Q*rN~%KDyL#KPY0?-j>*}+nlTWsEbS9SMSSBW
z_aB}Ef?&|Y8nJj7<H=KwBYA8m^ZjF^{4l=kX1?39crEln|3F=UI{ekvx&2-q1r+%_
zL^AKXA4g+hpTTZ<<&k&Ku>6xW$`<dtgfk=g!Rd5}Sp2&ML$|ZqF2axNBF%Jckz6g4
zViQa1-XOo>-fVaa+<DNs9P2x|YHH*;7p}vQ7l|j!x4D+8tm<e9&$7w&p_YBJWjyeV
zGp%PM<!6S7sRSAK-Vh}Gs=Dw)T}RrGHNq%Qo&S2D`BS#OEBWDRM9%sk6@|8XvzrA<
z;Xt3%;_EE0V?v15y26uuR>dm*!q2~^)7iiDPVEKYCBViJ6D5%U8=UKI*&XrnRd}zV
z-`9rAxKQZ~+y}D0@*Sx;uyeUFxx{9@F>~p*(D1H{!8Cy<0??JR7M{Bf{Z|6aDyI<t
zb?uYNB9R+zpHUpL3#w#qbtIdOXA`bzAd>Nyz+XoECw{<LBJrTDdbK?HZAhB$jrh+b
z8O2Du5k;`O*)hl;X9?qe7EeX8{Ecr+sC)rnP<N*)+76F&Tx52bq>_rzX?M{1$!0sw
zKk;bg=*qh)<>%gW{o@AfI(6w4|7tBQ>QV3g-+1eVLhx`G+CEgz1(jJdFH^}Y1gM+W
zqSl!A_Ft1owamOlCEw$4t*RIad8i1rwUn8bGcDe!xfO_%{icpDD)sdbJzHE*8d6H*
zKm4D{4Fw#2tvX0A^2PAXTgO`*tDY66{=vx@Y4D-lXnkh^wAy>t*vCf){JUt655S|6
z-(4!jAs0W9IE{AKylwR77Zxs~w4CCXuNYwWsFcSmlkxj$CNxuYU<bu&WXE-A43~di
z+5;V-4S*o@0Aw(YxFv8R^qBE+)FOm+8%Q#AyH<%`718Vc2`7M=JsB!6l0mXI_regq
z9@id}Eikdi%Zz;jYKfT7Re8;GA6Ca3vcQSxkO%IdDID?QQ9k`&6ur7PKs8}AP7(~;
z=c+fT{}Y$={nR^zC|UX;Ko6{9ts*`#L3{EAQRlUyUcQ<XAsJ`_@EOpcHKr^P7g}43
z?POUe3Ji{luz(`9$iPEIH?^O@sXmUAfQ=q=izQhQi^I6arG}DFzhTx|eZV?2p6HlA
z@HY1CIM>~%hhc{=^Wa)}1o?%Og!R|Vc>=K;7M>sjL^?}}7J`#NzTaz|?53g(_AeCB
z>y*E+J;hT1s;}F`dUI8gTF|X4`~8a$SojRT74y=ojN);4Ch^P`aDd|vuIS(18&~Vy
z{Mg!w!v~m+7X2WSdWX~%iY1pp5BziFbPLUn&-_Qt$VcRGu=i(RFhg4CkLBklfN+-t
z>>JE0yv~k<XlUmN^-xNZLK^W7NFNE*9{;-xMEKUqvyGB+#A|<bCD5X&lJ;V}&@^6A
zUo(DyyNh;#S?kFWb=~wpYk0-_^14DzHt{kR*0G-TX@OC(zcc04>6n|mp7De3LBZBh
z$4ZE?U-~k@aB{ZLQHS&wtX-C}n_TX-5YYARkawHv3Bn-0@h-uae%sWMxVRG}!pdp0
z_H;3&W&O8X`GWcUZ9%pR5d|;&c5W9hhP_2R_$e@;xBJIp*)Ei|Em{8FG?Js{{Gm5m
zVlbGw_`EkuqOh83>_V7R<4BO(P%!h>Eze{zbEjMVVz*a{xDm0u4o9(11_8F7e{gu1
zVjMQlzyiFU_Nu_mQg2Lx0wzJq(X;z9s%zEigd;PY6wlQF+yaaF-DB!k-*T}_NS^28
z^cRuabHRVs{td3YR}vtP=@!s$e&;sBw>7YM49Qo^5T$1fzU{fS3IYIYPhNc7PAxhE
zkK;g}%~5+zM1{O)hW)7Y+n0>i5Ysclt)W0wGNY_|OmZl)`ZBSw$_}L3sf!OJwodo~
z!797*qCOPyE4?n2_JH2}FMC~gEI&NNCemi#O1-)`vH@A82kh%y1$TMs7HcyZtoI+g
z+3B092DIUa3ttGyOUQu#1{(tGvO3r)dXZzlTDmyo?ix-5FaXB;ztj<nND*F5seG5;
ziI@?(6{rdtHq1I?0ew3IA0s-fYdBCNL^jS<H_PON>=~hBLd}YVUJT0!kg43u)JQt*
zx(u5<CzOkYhI1oInUYO3<72g<APHi%dD3xRWj!oHcRo<@Cv4YP9g<D(CT13jCnP83
z&T}_s0#f6q3jUi|C*4m5pEXKyo;3A3<q<0{1>=%QA=F&p2x|OLBv0@3Z0-;J*6q8g
zsjDuh;1tDgVv`2cN|_a4i{e+_)fiFgRVvn5ZcFZiP6J~NqHgRAE~|^=Yhp;&aeGso
z@n3_(E0h8Ue>7K-s?aIl_}z)x;P)UNzim%C{tH6|>X=<=AG3TH6z}hLMo!S0qmXnY
zP=_S=g__+z1Oh{{223weHGh{0l9ZHfO|quqF=pqjnS?!-JqN;6rFFLofUL^0b$lN*
zs`yw3^i3_}5l;eEsH@DSoc$d4a_06ir7|%L%$P`UlV!gcMssAQ{eyigyPNOACAI!=
zR95UUcBKsKstZ(3+$O^tfyzjRSwcwHA<y_M6aeZAs5;tK7Fw!HNs2gP5mkc8zDsf^
zFb%Bf#hH#sOIH_?CkTcD`>mif13vu&^*>E(qErz{->B-s-hGMy8^nH9d33s(!+vo(
z;S2m6n^>NsAB;JGFcL7(5I=i+Rf*@8p**q~0^l8Z56?Cyv@WoX>gKd&2qm<yU#|}+
z|I7jXViRgy{2xiz9AD@2bfX(Jw%eq!ZQHid*miCjJ85j&Xl$oxe8a}J?e~6v@BjOG
zcAweZvoq(+&VuFWMV_WbS6wNDQ^7Fp6X4cb=z{^``DgWU6D44jgnx{;XXWaE@R&a@
zw~JCDPMNHC4_vfBe=!BkeBz{yCS9G%+u61<aldA)vwFuQW%9|<<EG<E+7K+v$nGU|
zQHJ(9X#GZ1i1BoC4)^6dQyR%*<HyWY+KB}+FFZ!9XNcx`Suh5m@_Gve2YerdLLaVq
z=CAN9J8TAD%DJ0js#BOE(lS{~RTwNJXymm{fjl<-d&9l&j_x6`-oZzY>tWb=HD(L$
z%;(Ty%L!^Ifk@`^$AMkdE6%Pxs&1Zq6$Hr9!uea104XMoJ#Wrb9{6%i*4xqBpA2A8
z;ekr_B7IbJYKe1B6K&+aL_Ym$b=+yk@meHUt475kITitHQ(1m4!Npe-D%=l!>`P<Y
zlz|o`(*ZSH6l;wq6!YC2@9zToT<cWi&5Yp=IeB+<Z;1hW6V}63jnTH01l2u5x#B7#
zE+nDucrD(klOdev#YWq|?!KE_x&i-E?Mfj|A8W2V+MVDR$;l3G#nUq7b9@0Ul^Z&x
zKM<;xl<#w^pS+P9ZA*zLO%as<;uAT|S>j6$4M%8pGv4wT>6)sib~<D&QH1!W)xGvI
zz?TqGTqrXR)W=gyRNX9u34z)*58n-Ea`iqfUS~|H4LFoL0Z|S6NgoWHvp`67f%y!)
zIlSVRf3*!6BL^tFeWcs7Ggslk_Tk`~ZWmpAxp`@{Z%_MwGFA)i|CQEiFKec__3riB
zOxccPk<p3HMishj63g)!srl^Lg6|r@c9do>2&+D6tisL^Qff0^;1aG=NA}1BY&=uv
z#th;$CPal91UH<2OAWHavH%hTA-7=BM0vFoeiV;IvlBqQBA|GpA$lj!&Y4AF>q!zX
z%HL$@XUZT>+FBg{ntUE+aW&X?PEW><&eW`Dr{&X>m}}ZKA0O<Z-E|mAp*s%|J^rN(
z-aqUhsvKd2uMXZ7+?yABv*E94^Qq>(Xy+v@Q!08Td2oj%_gONAv_QszH<c_EvEiEe
zOW&vRMFp$fmOuqh==0D$($6+4jjvDFZHEaV3BGMl{!KWKqO|<As-*C6!#I(x1jwvv
zT~RZv$FDisC&sr9!|V$?>3*Av!$Ly7Dlg_tV;Q$CGB=dbI@FG=^yj?&wEcWIRE3eI
zTS2z#E75aPhRGx=U%*d!N?sGIVf<5+IbvilRp@?t?}rJvzbF@VSABJm0CpardM@Y7
zH_cLCpd5`ZFyw0zg0N3E8o&3RXvrfpuuqsOnBo0tPCQ}-JK4mya_R|ee_xrE{wdcd
zlp)9^>2H`1=x!vfavq4XlVM(nmdz=uCzC`Xf_okH!@$1F1}=+zASk_@pR6KE8!&$E
z8`VNpu+g%|m;;g|S1P$(PDvin)o179*qp3viCe|8t;3U=wyVDEWrseyt00vW9~N_h
z3AMX<re={TqOdM&Im3o7TGnHjVq!WFt*JA^4SDrAZN>VJ^pc!^)B>u6V5G_ARU?dh
zkSgA4dVL@TE*1dShO_i>{jb5eGD8<{Hww;T%AJfpkc+bCd`8a#>nIT&O~9wZh+BI~
zzc+^=$(nJ3UB?GJ;40y+Ma>5!d_FW9dH!VY8osvR#n{$W>(`f9#`XE#^GA(Fsm8x5
zb}=A<&v%y>ywqZPcxv?L{UHOIaq0PLEN=w&WF8>hX}OuivW9!Qy9B8Hlv<7tTf?Wg
z5WI(qJWC66LD}eh5FF#}#}GC}P6vQ74eqn|H+r?>G;=abMgWt<a_P+-nrg`jxrzQ&
zW{Jk!z6|!lv3zR9?<V;Ysnkd?wM65Y`lmqRN9)D<1Z4@)jI{@s>off^PobL9q;aCH
zEAVLXnWt=y=}>%X0@T8A%W0ys<lJtMf?RdW|3l&XfGF>ZIp<-~GPuq6Lve7)#MCT^
zr{!~-F!(1lk#W)zzM*8%<LP5>3a}3SemzF#57wcLswqE*ZEn8y+lbO?PnL+Khy$V<
znDnxsdSwV3>g_YB9sd?mug~PpDe9*JNh0O`V^dr}6nqclvQCseN<?9wX@Hk$QVmLQ
z6}8W|#C$N4%{l+lz^C)ZXkxFW9l4dQub11QoK&qSVY}$bfng9x%m>e_Plrw{@rew4
zF7{p-QQK#)<m<FdU!tg#Rj(0LYBrDjcl4W<9}>he=hIcm*Y%8hpAp=cWI)CJnx%^O
zl$^jCevJC!YQ0wjH4;r<)t%1)E1`Bx)_+Q}6Q|nyX|mu_DV5+9n?_RuICBJz2^|BD
zYzcF{k*iPlodcxWGj*H&U$PWnK%K~tbw8`W^ZWeyD_~CVNeTHmDgNXinoPm><OQa8
znW^kz?D$4XQ=PREdWFI$4Pb%#YH@XA%eeR;Uu&!G%JKC0_xJzmd{#Ai{Vl1k9jLMN
zqQ2?+{KUbN5DZa6o}Nz748T`)Ip~V4Y=I^@=C}DK_D`Av>3h4cq&r2OQUO0`-NwpN
znl2uRhK5gT`XqC{CL;Npe%3!gufhEsf}L>L)dor>+tp|enU<_T8c;xHUP|#)J?Azl
zHN|KyF}s}(L_Og>VM<!ZVm(1f>3NskEJLtgcr2dP-l?GOG1qt_tqZO&RJp76O9C-3
zU(h#!B5g4nB$fg`@onD_!HPCW@``;zR8!r0N)@HKC}m8Cctpj3Tp@9o?JzgzzLLMu
zu=woL<kCKCjWf{=INKZK%jqE%chsmXtWjXYMMT(0uE+a*MfcA`_6if#3GzC>X_9_W
z@){=Bg=23DAW*zD1CYqk34T&xs8(uyQaorcxO#$W6Z}fygs(po>yQ03Yf!M|8p`eu
zwNgO68<DI~<xsxs<cO;J5z^6~d8_hdB}R~r3dZ77$5%aiATozI?-XHwC@yQxx+>@_
zb$raBps{I2=AbohCWB4D%j0~AeTPoPb@D<P{DJws{Tk)T#Ou^n=AD0<{dMTb-#aR}
zw-@C!WDQ?v1=frdZZ&DYJBE%=6<P$iQv_l1>)gBP!dcjVT;i|(?8zYiR;LtF(FIGV
z-ZWdHRf-{=CXo#I3hZ1)|7mVhO}6$JzKhZ^*w&1P|DtEFw1puy!BGJX?ssUf1Vwq0
z!M>|TOr25(Q?VBUy|B4qXl}7Nmt$(GdQ$^5|8rcLIKPoiUxd~D>c!Levorow;KxT;
zY(($-p67P&*8tIPAqLms(q^Gb?Rg_ye|RASV_Ncd(<hxNfHF_}VnUpR9%FVMz-(wt
zgnG=8hSe<WHL_yLw@U)f`Ma1ErMv*~oG065Kk#UT4;r4!Ek?V3iLw``ETUQDe2)T9
z_1L6XA>GA~liMn%VRC*AXv0Zpv%^S`Npao4Wqc#?DnU^M{UOgcq4nL%CPBX|8|-s#
zdbNh3aNC6k4uo2uV@cFWq1CoKH`~fN4JM=X_|=<;uU?t0--M;r9!yb5#lzZiOU&Hs
z3o!Bp=ZDC`aHbC#1>erE*F4H;J*BJ*!qB;;qj%+I){vD-w??@4W9PezwvFMBjggHw
zPwGar*yWI?EX34T-jMd$+Nv&Ov&vMBob16ybX1oD$J%o7M$Ih~oUM(}7+FL{1WSh-
zkah9M7)iLoqO*TS(8m!h>GKr<TI-*(0pS?{yQ6<Lg`tZYa_x5VjnQR{r!-`>hvm*I
z_~PX1WD$Mjf+%YJB&Y;pJ@0f87WzjqmqO82BOGblbPhG>#q2m_UMn!<>I@An4II@W
z6>Bj-31iUZr%xe%S`I>bqAWU$F$UUq<ahiZM0K`Hr_;NcuOuY#atJ%D<4!(q>-FlF
z_2uP4DutMYP)^H*ctJieidxJwZ8P{z<EHt}lOym8ebufuc*R|Aa)nG)vbLdf|M+t0
zB`V|uLqYdQ?2LS7iWs!$%#(N8M8UZO_U^sF^NIVSZcaJkkHt=sFQ=$~79a{0jQV&|
z3~OI=N<SXCf4sJ|J%(qNSA1{MsY`<&XLK0qlbGt$#?gqiby&?@Qoa!9Idhyf#8}W(
z{JqzKQ;XA~h%#Ft$1=Qpug<~9XWNJ&i=J$P!9-euLgSG>r~h=0Q>~D_O^mFG%Z#%_
z>_`oF9*C&_HrcshD)K((v8}}P=#?}Rk;1TzVVUNe2KWwnnwFOaVEyX5wEXFCx${GA
z*VD+qm%_f>B(CmUNf1U$OL-D(fwZeM02xVbS*G(!J3vsT=2jh<^37#!>f=YqtxuEQ
znpo@Mc^Y#%fbd%u<nQnW3T2Jo8=D*0pAAOK)4R=j-P*OzNQNSYyP}q9w&?(J$fdM|
zbig-Q#1lMRUg)%zbO0kTcLa*onO(HVnx*4Qj}mwH4u-b2kDw0um++1EfOfqhbuni7
zq$zIWjDk8!{U6>Ds7l`vx^u7+l?%MdXZaEF7xXzqX{~8y86HDq%Jc8%k`ieMr?@I(
zWi>Gt++;~XNQn3;IU=f!Yp?gT=?E~&>05HBqFchad4k=(zX{5KWr!DMk*6k<x58ZU
zG~S1(LIdqEQ;X8y_$~4WXPX58$y|}Xa)qZp1epi3GvyW=FS<_O;nQYhH@$G_Q|%GT
z3Q-I-82;iDWGY%)Wr~OuHL@LbGzt>p#t_ab{t)eFtZ_RFy$rL5y{hW<y0s=&26e7(
z%?s6;ri}ipO)ComPH`cuTM38DW<%!i_Yf?s+4Lj1#?7y3hNM)J{u>AqxX=a3s_`bB
z-BleY*OlV?anSO$YBE(||3sdO9gVF)3mE3;9qzohzbb`J+@ax0lpk$kqLf5V#(l1(
z`;ggm{3v<4yEw$dU~HKUGr8)&fTW67{>65cH0oKDX$!IfGG<eCRgZ76G)1NVBQVwY
z-bEklWO`tnb+gVMd?{&uc<suv9V;92N|%bx*?)+S$o3M@h9?2Qwb7<|<XR3uDO()}
zIKGf(lDt!N{fHUb0^s>D=01mjw|OqV58;A-XDNM&v-pr*B#kXub1L(c-cs1DWYk{y
zYNq0`eWnP|v8eI(s6BmKk^;px&;8n^^Md!LA$+nbUZOP^XM6PnqG_8v);@K&4Ht<#
z?G{u%hX3u)ZkfvDJTLLuAzEm^swIwMDO%`4jMFS4gP)qrFU5*E8X*O?Cu?;N5^~q3
zAVL2Icx~oCtqj$VhP7YAR1mh+eO7DI8XPC;dgxn#r`Xwo{$Ciy&7xPA%}ERqM_0;7
zrEXrH=5|)1mFjwFdgkFX8A*`;`=L^PSi%K*I@yxeY%jR1jOqmOhA@n;`ouNGrKO4&
z(BKK`FU3dVq~%LHm!^>r4w31)-PVI|SX5rU9|u135a~cN2r+s%K2Wwmp0^l+YZPAJ
zoC9yu>U>0XTR%MNT5CN6;|vo81itJm?2sh(FW&QWOzu{wOd?kiY}k-MJ+Z>*wOkJ+
z%c2pWRO`0n-mp%h&(SC;uzA_2KOFv%{kPPs*Q-xvU9ogbDBKq!^Hy)jIGE*k>B$?S
z_?UIXD3xp%tOlYIHEvYp-uw3Jb%y~eIU4XNy+vl3W|0k`1u_N6bkGu%XFJ9Dd%cqM
zBT)u8d5=K&7nz_x+pKjE)oKR{AX2UN9HOK}PY31<JiN`i`92q2i*PBGpAc#bd%^jO
zLsOuY>C`wnst^!%AH$&4Q8ieTM8?{9RBNi!%2Zbcbth6T)0t3PSO3D^jR9qJ>2gps
zR3TvyrgXzZ04oUFXg2D!qKQ+D#U#SV6JHJSsuxZ2ccSy4=SO%ghbATKqIY4iGe%`n
zq*RJBn>{&pn^F3;)P6x^MwLqrPQX!B@8_myWFl0SV!5Y?s1!BgZj;MsqjI;?2%an8
z4pc~!dpf7^2N5TaT%1bW%{jiVcUIjqDzYFbs?k$K0o|nxX3x)we-{I|h>?~Cm-h?K
z9j*aE@5WK0#)n0p4uMD!KtvB4>BR>>wI8Kn$01zd(GKr5M#IyT#-8ZS#G9JeD?;LV
zinxyft)a5#gVmMSP);iW<mz4K<vz#xwEeH#N>QoKSOmpB57LNu?|~So{rB=dDWk<j
znW2alK$hjdXv8yUwwZ`imuOVU9o2XXQ#^Tgt2I?LNrvXk$K_`ds3M74N`!K5R?<w^
z`5!BFqD~02gT;Lg)!nYq4xN`@s|L<@<*GNVe0jwKl9baSX72sK-!Ci5EU{34UUf!F
zf)t+DE(~0yZN?qYT4PCLOsFgcx9Bee+X@It%~MB?{7v4?-qh5ASu$9R3+rxVWw~Z^
zfcPH%i==nGeL#BFg{Qv>^P4k&)9doi)(0tkXXywLHZQc9cQ#+8&eFftan>EWWh^pz
z87!nhmKfiE)G9A`r3oFGE*BcGhjHVEAq{teu<WJ6`x_7Uoudtu>m~sPt>Gu-+FC%a
zHZNu*4|tImN@oF0aw3$`g5$Tr)tz@z7Uc6DiR`y8a2B6YSEXA0dPu1#Q!Y&?*MCj1
zzwyccK!S8OB5m8abXdCj+n`?GiC>BouEdb<>4~B2h;fNG$z6zHna>q}E5*?|(me4m
z%IoX53H|R8zd0ysckFGEFgtRu*~+qkz?A-HupJ5>O<%sI1ZLl_N+ofQ;=?vPwB@b%
zXFGHC*?)6+Wf}UrZH`{(Z~b+`V(ldtS8$?P^2*)22LhW1+SvOUO5L?)wF9XisRGLu
zUTqFdhET@Myxn5JXAp$s$T5kljt_3aX@LAoHKV#&1OTZsYC?OBI2=7{Ck-st+dviI
zbu{57gP};ufHnU7IAb|HzgdHzb%Axcae*$k(7c^XA-!@>Ff!G6N^|g%Ag?2w<Y`_j
z?zFG8cE}$eL(Xr+%_xn&g()98W%6l{Un$}fsv!xewHIccXvfR6=m>{Me<e}qI12aL
z2$N<DK~%hCN78)uX@x&LSqGxIGiqkNJ28$FKHht*)-_%9h(0<wk0}e^p{d!uSI6#%
z@v8tKM)2cqwozsw37>rBgzsL?#8T4yg*n)!b!mCNr-ay_tnn6FQ$#eIE4cqfR;b&m
zuCjh87#|bNZ*0OIr>TKwM2`fiwWAuJ2ZI79P?_-wUl2@6EsQoul!08?>G1lD)1vug
zmVFdVUw+!)sLBr8D*6RtnW%CM&CjFFa?j#Tr<BhDa2D9VsF?pCRbGjv|2N!xUOpuC
zX};b2ki(6pJ_7T!b=(`8Zj8HvwC<B!-^MQx7?u4qq3aH!62B2@&WpOg0Frc3noOsj
zDFFwMW}95}#M&o+N*ag?9wRJ8$vr#0a-_*JUf+PybXVkpm){&QEhL<1ArmA&`%i!q
zE-A#?<=a*alLMTQZI38gw+xYS`51rSNmmzCWrnJT93|0N^zZsZIrL*<WUnfsltO?F
z2Xei&A!K*AD@53zDd@8uNZRtDRbOq;3~HR=d%q(qD(Id{7+CKS-3uu+qh-=pw?tUY
zzNa8+AGISIIt8IXf*L;_tIr21m{L#K#xue!1H;k6nF^JY2|Jk_UdQI;1wQN8Wp3U<
z4#*DYlX$(rUZMMxkA${~QwKcFuR*@X?cWStKS;uUKKk{eEEi)N+nNVI>()H3*DJbN
zUZQj&@&P;V30nQpyqGPr&P|aaPg;jj`&;7(#YT+o0p{^(IfVcQ$osUvg#a2LuGV@H
z#wMJcmuFpT9$Xe&%-KhelA&V!pYMY2f&QMte)LTj0JF8H8<wh9xPKEdyuNCkh68M_
zhiO^dU)hP?zj*GP84)cN+%4ru;`9<3J)YV$WT`sCXEQlM3QJ5uxEk_8Elk9Ms>1|S
z>;svTk}<I9`F^F$W^;C7&`!1j7eH>}IltnB%@6zioWDTOUOzxZxD7X<_P+h|XOj^n
zvh{KQWKY-<P3#Z#d-xmvxGC?1UBmFZx7pZblm%uJ=iRW9B_2}1jk(UH@wg(d60?@G
zTYJqNsu%T<y}FFxLDkCd55k8Cx&6((cO)+p(@z@<bDCyHB5VFOB6<j2AOcmSbIbmk
zHj@=ElZw(UhP$L8R7y_x_3$5f^_~57AAvLOW4;2PMi>asw{=C&yj}*uzU;uK!vY(}
zr(I3HUWe5|<!Fc9?oNd8?znXZ=lf+eN@QymFUA+5%S)>q2%k}eB5(i1!YMh`{LJq8
z-wqn^ErbAdHdk?tLQ++3pb7y+wT(Q1J&0T)=T|Y<46`2B^Tg^q$Y+@|*M8wb_iR0J
zFW;-71QFq<{y6j!*xm&i#~JSBpq7WQl(J0n`QxKaMhhOfKu2)>@qD0k&XdXV@E0wb
zlCuJLr<z@vh>kDnWE^c0U&K+Y`nyoyN><0k&(lB&lfYe46gq`E$392Kx|_zZ>n%dq
z-s17vguA~8YFbn*v6}F4iS$Uglct`XpVk>R4X*?s0GvAAzhLai*v|G<Z4yi_&0Bn=
zEMRhWG00Obzg0ynKR_#>Eerk5KV{vhie8aJ`rD4Ej;>aZW$;iz4bfdv7BVFVZfe*Y
zMt$d=7G<^vWK=kP5fqK=ybC;A>gR#_3YUFGBK&o*SMt;PY)w4DWfFoI98p*AQQ#_1
zuGx(612M&2P<=zHc+&~L`q_w?ASNwzDLj(YTf6);C&yJ@k(*PhAmm0SR5z6tx~I7m
zyd$*OrPmzJ(w1m33@|*4T74goz@;ul<s`(L4uH$$sczhequ9Cr>J$+Bbn@bn0lE^s
zqy;dkTag&jGc^a=geivV0+cy2Zy=bcjJ-msfHRfK{a%#Qpg&HW3Jmoz^H8*Wwo$6O
zm>0;joNZh=n@8HHgdm-MY?7SKGDZ|--K)%gJwvz9-f%i&Ec#0B$edF)BzmU7KpO|$
z@r*k6E1wX=<zLtcv%ORt*y@X-oE`E_ns%8c#`yTKU=ZLtZs5ri+`!tjef91YVGf~7
z1C;{sA+6HRO95m+HLh;l)+0AuzK@q^p%{C(!RpNbcqzLrC<=Jj(4J57<hp6f`Yt=D
z%65c<x|B-Fz9A@A4a`6PXjK~uYiZCLtf`fn5a_>W1&&XNJ@42-Q95@}9x1QPdUrQ_
zhI3-4N3X>Cev$9<DDK`_yY9?Q0!JPIRkDx`wu|W^GRu4*ReX;W2c1K5;PrH3e}uCU
zA(;ZPANvY?5#6e$YnYSlW)sp2Ns2<+-%@q5nSOFZM)xI=M?=T)9i;ZH?0aG#E{S?u
zVI^dlzh)xm;qRP2t|P5i6!JdTeb~VjJ5$3ol}^L2gFD2=+q+PQRCT-$o#Fz6XRm|)
zLsiQkis2_f1DHJA)-U-OmVIpTso;@l%;~yH*_`5=AP4XBjiA%~C<*1%oW8=cll|L-
zq)U>L^Yd^xo1gaDXSoe?wmn>(y6yF=(c3cgKB#PI+K8cJ8l)0=jq3kLn!CRD^K=?0
zS?|JA6&IBanaZz8yfC3#R>8(lk)y^u7zd~ys_6#KuQ*8~j)Kg;+l^N?A!!n)<Uq>#
zD54P{8=FG&UH|P=nr#aIwd)b60E5m>IvBW#W`$xR@^(K%;ljql9Pbp|B2XUto#~-f
zI5BkdlUutBqRkRAZc`ld{$kx%`d}@*kIcG+(UBMoqQZtGpg5ZYS>LG=(#o(7yHawM
zTvebbou$5+n@pA4DMS|QIeoCT6quw*D_#)__}rm@5|Br6nfV4gsxLIdQOj`V>A+7r
zjOYL87>&Cv-)V3UkjOfR3W{CE!1e4G7r`?MNN+-YFY3Im92K45>kU+SmHV{%_GxNI
zB5dsC?fak4f^@6xukLDwbz2kIKL9Z}4m>q}RhK|&R(z`5n<)OH!)bo616vh8KGk=%
zvjL&LGqxj@<-w2T7zHuLi1RTNDehoAD>~!Vsw*5R?)Hg$apZyAZ}0bPfo~d3rakdt
z$8p}%G^-cvv)#jG-fZ{_!ld<*i64Iy$825OYIgmY+lJhbd(NZhD>LHfTJ56+0+5Yh
z@qJ?U-2-y~1F2(4ep3p3wmKSGKrU1hfQjB9YDBXbb9m9;$R;&th1Xa(DAPF`pb4nI
zWAtDma7zJ2hSxz}NdBw$zFw~jRV(dVLfcwhr$ly^0E+!76DyAYzxAQBcJ2ZDwo~pW
zG1PU<nW*MX`S6W9zzK6WAEQ_hFoit&LQoJXdKqn5RLQMXXIX;&^^7V_m=7n$_@pZ2
zLwJp7!(*t;!zggVV=xElkx$W#;I9Z;y3vN?Pw=X`=}LyLY&Qw>8Rm97rGxMmi*aOk
z9zfI*JJBeE6Th;S4Y4d1S6*QsQ=>h6wBFsR>&)TYcDVG3Zo8iebWMK%_P~!F8Q;FN
z*%MM4b}X}_CQ0O5SfPW+SH}!S)W=(gui+!&h3j_$@V+`<dV1O}5esa$neaS~(H(6V
ztxGzvXy$g1+89-PbbJjedaQr8gcCbQVW)KI9JSnIFP&BTZr-6%;H`e!C683O!bwW~
zNRMZ?>+J-r`7Yaxecfm+74kz=S1|a*nljAthbb6)G5jkCg^gpSvn{^Ix1Dur2eZ{*
z$t@8ctTNa^KQby}2@#C-q~Gn&q(9JbmXZ#U`@FW5h)YbRO;iEsA&1kRs{kaxlR+u&
z%FV9#tDRxwI|5?fudnD7(M&Uckh|kaeF!X4(%0+FocBp5=2oAA9Nf&ywpaR7760+Y
z!J^3w<U8{GTsT!@=4S!~+bk*!)?DR6WRcWYnn1&u4ZZwRFHIFLEo<Oa=)a1=LZamh
zUWmSB0(;hI55jvSAV)D)d{Jj0G$31`oBgE-mLLIT_zTy&aG>w<I64an%F<SF$3Ch2
ziPANg3|{%s6ldvBf4C~~$YXWX(QH5zc}wkbCudY=*H*+`dp5NhygKs$ZToc-WO6FS
zJ)9Q3ns4$PX!4l(Q?+~s$p<JK5$8<+Wyez;xnCdJFV(T8yBkQaH0TJ-9Nfm|AyW5%
z4ZuBgQjQez?WLjYf4n-6+ee$B+!GCH)OWlXy^k{6BX%7gp03&#I|DzUt0QO*fm3zd
zEaD{uW5x^fj{4~Q)k@y74r&~#8r8HcS<n=gIl-Xk7!n-Rn5LI6^%NU=k?CLu4p*g?
zmlh6H$m$}#VdVV;FCpL{+YNL18PX8r)L=e_ShSKn8rVT1Gqyx9a`cRVBiTnrofL5H
zq3U`G9F@4b3wYd3oN-bdJ-xF}Gt;<Hn71&C;ynrJCRJgMx<4M+XR*Xjz>D7Aj*s8=
z1)a8qW=3iVS<W;3<9594E1I$s5EV);p6q1RxKk5N_L*`kVF#*AErnEUQA2?gX^*QB
zP4(4}Ay@q}Pq*>gNx())_@j@ie0UfFT9yciv<5$7=h(N$s6FD*8@mN>B!HG7fLDfh
z>?gE#0Uu-L{<d7bf%&j44PcK2GSbsa-V}Yd5yhKWeGg^<zdolorY&_qqfbK#H{wMC
zxys>>S3ZMp3>*}v1Nn>qzL&bO64lf9#r=WcRPo);rsm0M2msxoOiN#a!Na)I3kQq#
zdUo~x95JqIEQ6oM@d<+r4Ufc+-ZVn$0^JPMJvw6mKc#(`W(3uR!t~PewC})jK!)1P
z(}A2g^%z`esxbt9_0+nsBf2UjtX<U~u_=&p+ujKsi0)^QdnW=$d|b*(+x}!bfHNfw
zN_A?k)u^qhy_tY}>>}?v(ny&OVeYSH5p&C#6uY6mr10{!Xze5ZQdB9Uo-bpFn^(%V
z@eoWds~+9gKxrgV*(;^>r_<+Wx}$Z98E1dZ&_i<#<w;17<OU~20-YO(TH{_fI&9|_
z7I%A~U&%32EbC<DRZKM^Egy9456yk(dK|t_hlZCJWBLXk(`Bp9<2uOK2CmcL8BGBh
z`A0qJaJO4+9_~K)xVGVXIH!HjnWdlk$2WHX@R^Z$GlyG#P-#tA)I~P`gl656P;_gr
zkX)SNEI+?ktdNpk$|NrN0+pgrL{oB8`a}xU4yp5L@1hBK{gbEqCbolE_j;3Q3NdbK
z9ymtqoAvs2<ozr-iQSGTGO|&{6YJ@IVRR#TSn#b!^vctU^-G+fTfiF1J|}uz#Ji{?
zmJ|^!E3l)W@Sm)Gh3XLD)<`*um2)Mz=IgjFjrDplu{+BoazqR`Am@Y5h;D)`ANmD+
z`f3MgJG#1crkFI=LZLsKe<1o|1%ak)%%M|79M@(}^Z?=Ou(&!VPW0FO<>lpLbGJGm
zT?FuJ*FOSon-UGrAXfo=UI(IgWER-lS;tb=9QNPTZ^hUi;%&!jX^8zaQ|R0>%|t=N
zKZa0$pr9B1^lthRf3{g4)e5eH2A>O5wT*k7-C^OXzyB2#KWR2-{0@=m#JO={c0GP>
zK^PcfHz=7>9K@h*^$~&Lt<PWCZmnaUwI#+iC%Pf6HIpwJNsEnbXm$Lf14~K1-RoEX
zFqpx9plo+Dv9lfFT*#jjL!p7SXA<l>SLi>war6IK=FM%b<K~taq=YOWB7guCf_bF!
zu!%j8LXCWAh}%n#AQ+W@)SyTp>Y&;2J9bu^oMz5`vFOnJ(VMB=yn#gKNAvQ5d2sSl
zi}Y(L<)=;Q@9OH7Ac#u>6a}WB&nem+?}f(FLgCI*5q|SK3D_dAcM$kwD)}`f{Yk?%
z;#Kp#{Q=9jECHvCKS5K>>S+(>-t}rgaRvU`tkjx+)Kc=a$dS=nzb@^2BY+#Djgx7)
zcYkp6ZF}EL9ZhaeGd|6}5g-7YNe@Bm7M51u2q1@x4yP`_U|LFBZ3M7mQrYe2bqu=W
z#6M(y%kKy~2RjI9WK94vn(pFE26t%qA?8Ri!t=6U1ipI&7kB69GnDMrKe~nN<VAaK
zqb+F)!0L*96M&MDtV@3__@^xY@RujeQ-N$*|8r!#q}8q8@Ah4-8bW*jYPF1Be00ws
z2H1Dn+H=$Tn*cOaxZ4Li6|&_+Rf89tPEI?|tjAkl<){1ibNAr=@1hb`D9Ss;t-J)%
z(0>EifFOxQ-~*}|^`l*Tm^Vc{bf07X+E>_!wN0^4`LkpeXJ_k>8D&9G?=Q#b9f>c8
zI-gq1DtYgN3A$$~Yi}lli>q4OKHE1v)6!Bt9&H6Z?^_njp~b#x+z)s|4_Q}2kFT%k
znY#4v_VTKLJR(Y*2Z<dY0GqC4?vq|I7SVfk+Td@13Xs9jPlqW#(e5<DptE5ADnTJH
z*=DFp0W%wTce(2^(Bnzh5{f$99Ih8J{8j0~xUKG0s6G%rglSp`%<u?v*JVL2&?7n8
z*#fq+`%R6N#M~f5ZMznmQwlZ71T0E2N|`caz?i@Xy?s|tgVlK}R@!nZEicad@;GVA
zH-Og%Jdcz5L>HP-L3wDX6S--4BV3NYl`*}m#YpcE1kLW5^D0ly!5i|JAnY@srdMLA
z@Lw#UZ}V4Gj<nx-4O?U$Td}edm!D<OG$cE~Xr;px4|zmSzf&Tl<3V&cC>I=+61u;{
zoj%?AxOfWS!}gE15Uv~IWrgP--Kax@ktzy!ql#Q^ajt8`F@kAS5mui#AkS}z4ozxb
zBu}$HvCXT%!H!=64$4MY4YF;7DFTl8M8h0rx83*^m$H8#_1Wv!eF%rdMurcce8$91
zcILF?1^eP1RwX$7ekp8P9j0_~n*LZSQ`%g^!qj3*Z<#_Vk>N#$EV?9x>^Z$fP%s1v
zLM}|usv&;yhly1Up*i}%W%xd`#zpA@+R8e>%#85^hnmnm(W{6UQ69{jPIh^xbV4Iy
zF1^mXr0tP>$&x+p?aX@J21tX7FXNvk>14?;)mq%q@f$KwqD!d$HaB5{1(}4_as^qL
zN0mX>;Zd0Tp_FqvrB$rUoO)%X><U0gc6=HzC}H4GxI<gA!{qNUp{(D;hh6qTWkh5I
zmO$|IcE_84yiRQrWu2Q1JzJr%r2pyZp+1OX4m1#4Mfe|K+LWU_>BOi?05$DI3#D)<
zV0X?;`jR}=np#mRTLztJ&71#68ZN)_utVn$sge^qjQUYRS&=KpLv)`Vkm#zQV|fn}
z>5s`3GdUS95Kju6be%6m;bRG(S>GwWAFf=$c9opQD9q9MuOlim72;Da{VE&J1P=ky
z>)cBR`aNp|#BMP2qxg&RitBZ9^{dhrLegtMM`k^A0FvDzCAZ?2raLZR#G5f!YG|g;
zkyU4~!o5HdY>hOj*P0k6kVU=-p$<ZP<hOTqP*7Y)|Mlabs;DptRM%fZNU+9coR(%U
z%n^?dfP!H)LAHn9DW}MFIXr2B`QS$Gv~DT*GsX%2u>r;vbf@&%<i4*Pk!ay$#~T6X
zLAzf^Ly$kz>2nBW`8rI}lzYweA30<Ou`*=BL2c^wpX=YuE*JfQ7wn5W575FG7MGdk
zXkcgL>F-~?{LIlc7)Z`E<_)|;cD4{!U0zMPZ>~vCNuaLKi7~zWM#~+hl2`UEWdw+9
z#*6#QU+0(6@2~h_!!|%i;}Q+N+SItt;_rbYB08IKT&sG6j32wq@&4#=1ff^kIN)~=
zJ?oj6Pg?b+<X1(3m)xPeVB*7_mB~HOrc_j0ixYd+-f0CdG*(JgrqG-C%%DECQU)&F
zC6hM+ADnmbka+YB45D{e3s~XU<ZzoLi^UB3n~Y1(2F27t0{n45&#C%K!`gdg%H>TD
zeWnZ#oFB>$!gSZU86xdD<lParOZKABheJTLM5WD&twg{v8cQZNZeR5Wva{@_1OiC(
z4uEfk76?Y2{yswbnc=}q66f>Ie3P6p3ugRYyldk7j>@DvMMwp$BDs^6yqbu*Ig#^}
zZAFINnHu6VjdCft$+sPqmFPeh7Q%ShyV$PFjqXoxkN~CXeL!o^S1o!b+?rNYk7Fu;
znbXa1HE=inS9$s#F}f5&cO-dcE!Cbm32D3yr~HV(<B&F@)eS5>gGiSfB2L(9)D*X@
zny8@#+D-Xcd)(ac1ejDHC_RPJ_X#H~4;^O3F-78sq7m$RI*lJrLs`WA4$+>?Dg|~6
zq)5!;Y!-D>D{JY0ZG@@)Q4w<kB^L*&vYK?w0&PZ?<!M|qL^8ml1%6gEf}8qIAUZQm
z633ue!UC~Jd925e^r1I*^c`T}Tw6ukV<Ra-dOhb-a$k|CWgktvpcIF1zm3Uw*!%zh
zF2fb?tQdS}zQbaqdHf$fm8ERnU!)hJlx}!MnHT<*&7V<mZ5{Z*p9MP<i5c<n<$?`s
zK%egDL21)32X6U?liW?{BfQqOkK58Qn1vTU7k8yrX|GrDSDnBYxPEVg&o5BDwo&^k
z1#DYsQng^^S+ayJD6z6Y<Ep`1CYdFMy+gB^(OgH%T2of>k9&qlE%=xEFL!i()pv|1
z$p$D>=4ZQ6j{Y%uCLL3bdMk*P!(xsAFWwpPSYSk!W{%5e{5k=&x-^T_*3{dvNI2z%
zQC5`n*I{g$uDY%qW<N{)+9tLJ!BhLq$@v*<dx!21{iAhKTUKXJH|{Ps{&gHWJUT9U
zy>nz)BU=L0*1>#U>S@B;K}hx)2v}Rr9jA#6MP&72qjgyK4`z&ydZVLyB~)NPh{F~h
zj4|}8Bua5MwFD!y8ic0e6a|8Hq?xX=)X4*0D=vRPDLyXaNq>=Y|FdNruGW4LMv^tO
zS_1z@Rzn*cM#W=)oR^(h&44tIDb6uLDIr)(6Y-Yks%%eWZvCeRwP$uU6YNUiUKLRg
z1N98QW`-eRGwxP}R7#ivRKRU6R?i(lqP<2(Jnio3rB9Y(N)v^mWsiqR85JzblnTp$
zNRigwWuI+X5Ra5qtHooEv?iBdu}tX~ENV<!PMk;n*4Adl_z|8PAo%;qa}ZX1wN>@e
z_sj?P^%u`^H2gO`IE%7d6{yT&bT@-RCGfJzr;E>%<nXnmw(t4|jGcirs0n;u%0xeI
z*X*jPv?+boQFyja=~pUhw8W60S%<H8iXE(92d>t6`ixVN97(}or!9qmsX$}0_$WyZ
zzKszm3{%@9HYW_&O&B4{mKblF<ZU(_OIe93BwB)$?y;RMke%uDL}#<d<|)MxXf?}p
zEzt`a^kd_DpA0rIZg4-ybIqvkXz{PVqjMn;X^Cj3W)&^%=PNN^&hFn`B&&qDRUP+w
zy9Vf9qe?F;oip#?)uDb*<nUO;9LPa_6vBn-Y$jq)<cbQjnG01+i3*BD&eDaNhM3au
zo(h`q8dh#Qbq^0JcUih12DjadHq0t7mi73L%TsJ5B`Y|f{1Js4{KFLb#DiB$FiqR`
zXP7<$y#Z<+o{xU72$~zupIET&l*gY4?uNm=FqOjEoO>aiCC&=K;WGaUL8l>`H1)Hb
z=1&c)v;&yB6~bj(EgyO$O?^Qu!V&%EZpB6sy<obeL}~+Fo<CC){O8XWM8EC(Wq>X2
zpmv>^>j}_Q!)|+e-L&<qmD6%4daI8A&j#7Q=13bGwLqGShtgBur*D&lC}>~)`TUN9
zP7JEzILm}4^g3PoQM9{J{b4Q*hx4MD6n5eBqQ5_TSbmV%8Z_85kf_-|^UOKqlgcIT
zbZko_yFVO*%2_h40qY+(J_UWhgU?<*)c-m+{C636dDAdDUKP*WLuY*7BE)VFFW8@r
z%}fkCrEtdI)fGepKH$l{$+;@=CHcHcWq0go@&)@a2gSwO=z^1zvYRqMPO>glNQs1C
zivQ2>1SjqF)aiL;+ZRU^`7sY?UqVPs{d<4mA*;X4gU-(r9_o8Y;(H5$MVTBWf<!lv
z=wU#PkVs?B<VEBHh41N({JXsC9Tlb7t>ar=Dl6XN`toi?81ZQ6@nq2bU2$x<cl6|p
zb<>hyOcf`&jInV@VVi3XQ?4A4A(IvR?HM;e!BZgdWSgQGTuyUY&FW<do)HY(q{;Fj
z=h(An5;my#zoR|>36tOB)g?JjQ&swZ03|}o8IZnU^y6#ROQo)qV$G$|u5b*DBUB)P
zixQ&hd!UfW)KG2zlzSt1je7BJscJ(<;B<w<Lo%~Bg8*332>P@diFngBjvz1n+=0f;
z7?#57Ci&WCF&vvx(kjl3{Wl12HnvLo2}ptDu9}7KH$x-%zf3G|KmBp0T?`?hI29)U
z%=yvJ4Xmj_&H-*VsqiJo*Qi)Dv|*kGW<ASqmM@0QJ^1`6>vz+ypFacsY=cwx-LJBa
zot7IC2*myk7s)&QVoOMs;M>itS;%Z|A**5Q$7tvvn@bP-9gB;k+1BYc$Us*`Ggn)d
z<GkWsOkrC9JU(oAaII|R8b)0O2BvG-7CXWB;^9?L>jg3!TejUWL-AeMZPq?2H*&t2
zAXTQFqTs+hc!|%rv6#gEmq9~60M7htuJO=CH2s^2QF@Y@-r`*Rn_ip!puLbbw$vx8
z^c2BX--ARU4M%<#1FrQjyyTNOlVtZu9Ej-ch><2!PYq5>`!-e>?K}w#(n{14?YCoM
zrh%obUCd2RY^X$!%ed3F)@-DK2Ukf1j~Pv07IzneX0z2XQeg9axS4!nXd%Q2Yf=Qh
zw7q!XAE!3_d3#t$5UH#z0(5*^U8Q8D8)Z(4UsS>=f(dvSq-hufZ9|Zx@qXD1Zo;Sm
zPI;7{ANy7D@btCcjDgMtY=OTd`gSsHZN$wa#N@eY;dj;1b;dKLM~Ks6IhtizX{xc*
zjP;fJb{cQ{q^IAWZmD31)0bC0^c|Pt8<4c9KN_`p(pkN~=|^*&Iy{=BbGSN1b~?vW
zok5Ev1Xm1OT<(Ci3d-ojVGdhNBshCOg*ovV!ebouUx9h61z;GWrFMpX^ys(+V%8~*
zj{ZaN=7^*VJx}g@)Hhh-J#_vBq27RdGF7@)jcWGT;M$1Quy2+egP>j95f*0-8bS$I
z=AVg;DfBt^JSr6Oi`dLMT0XKiRzZR19+k3+i{>TSraL~WIB5d&irFtDhGi*a34P=c
z7<G4)Bh-R%&cH~TA(Mp1A2~ch5pq;+yBL<=$fA>mIkZG&w<{CVwf`WneQ|@A&c|ts
zZSG5@0?kybtBLDR{{b5#T+T%oHlVGzGLTgK9V`+-rV3`WIQ3K)ynjnahC#-4tp}%?
zI*n}^Z&I;8_B>vg?DoE1C_S1<zOU|XuLu!MhtIZn0NXF~KX;UdKM7m8M9pVj1idVM
zn(2Dza^3SDH!pAk2pJzlnAY-o5b9jNXiq_&eqW#59)`D>l_7M?{;fim#Hmiu>?Vs1
zLaM||$&s*^wKe_yg%NjhrEvAa4Bh(rePbOZYs$?0#$r9q;U3GR8rN-RtGTZ#+1a2x
zQjFq&1*mZAWv1R#0xk~SB5t*TW}zpCWftRfQc-Jw3>^hB&bS$259R`=(Df%0)xGcR
zSD+n*hkz$PU8M%K^C#)RiO1@471sr_ptyk)6nA!tvx9R(8!FBgd25XEv5O5J7(V5_
z=b0<pTae`&Yh{XfsH$DEtq8hoG*ySa83?C=Abyk_)j{@P0!edp&^2!jBlu;oJ4g6Z
zlxW|wj38&_vqOP1_@f<V+w@8+NIPduoi%(9tCQ&cD|k2N_cr{FT-Z`?cJTL8Qjn)w
zNas>XNkC8s-cX>TwkzFHlU(aPd28cL5$K{uggyO<&q9pekqZFvgha&RtKwaN_Zo2S
z^3C-S6;CI$*Emr4k2x0FlG*@!Jcc9(n^x!I(N+gFb#;>PJHoN_>AyJ+jlbePCzM5M
zvgsDe1Lby5XbA2Id4#yZnp4mv&`Ad`lc~|zNSh)33O=3DwTRieLIF?Myg~hRK%TaI
zc;(t<*~l+BKU4T!@D_-su&D>;hhTto=rQ4TP@4L3#>~uYT{Q3V7g>sbOfp4Kz$32K
zpFk|aaE#xJWi)(dng;$P+Cd8wUw*@?9tpqq(ee8S7~=o@t>=hll|R8|BUXDDW=+Bs
zV^b@ycC1REIxvoBkrT);!*N}bkh$7o^Ctg|eLu_^mMdnQl8_~d_A7F*B0doNjKFFB
z&J6HkD_;3D-T!r^c0dQDK#33sPXIla6tb5UQdum}o=a4UzjyT-a?tCV-Fu{Yx^B~}
zFL=sDF#@Rl*M5I8=&{b2dWGqS>b&tV$hE6Kv!WHi=N9DmxbD#Th}#Hvl%=J~c8ovK
zajS8)O@}AGPr(wV>As>pxe9a>4OPr=&g_o?Q+BA6!@s>m(dB2CpGVb#O~u4FU(nJV
zv9n4HpL?{h-|h|vyR@BVqma)&B}mffD4n)ME%_PoyPm=0iW#NoBf>F<FdTIc5OP?0
zot%{2e9d}V@#pf#auB13Ib3?;=I;^5^6?{X6W8Z?&e?FdAN(|Y!CE-KxX|gk;TpU3
zNuc>S_IP9h2&8?E02qMLP4MMIUk(w4MUb4ngE+mpw}Ru?y6+FUYZn1)Vot&2Bq|hb
zN-qAgKMzW<lqWl8f2Z^#sEqV?M3s`tw)D^F%1VHo^qw<>Ju_AF@o4~HCZFio4@$PB
z<OTt_w^GQ4aXrUo%>_5I_dARW0a?b?$3OL_g@(^=CJ&dq)o@zXC|K=g=XR1%j%EHS
z5;B}rB3CvWXvi803yxQjHAsZwZ4PL?j1r<ARKxK~9W?53kz>B6D#EWzZ_mjb+l)_Z
z;lJ^N1)s3!=nj=gt@p9+tr%>B%Z&Rs-#v+MmLTluKDdZriQIUqiQE2d?seu^+rbP^
zu!oYq$8uS2fs2BASPmplf&7@)?DxaNt}g^&*2KL2o@35nz0`oc1$$C`dzJ5r2=*+<
zAYY;lhj9H(kVfLHC7jmBJ{4ZgQg1D8Y$%iTIzuIgwSKMTdKLd7SWosp*JZ@N#$g>+
z<mk8LAcOH^d}Ctju1H+}Tb<bmPOm!!e>eZY^nf^poBVwQXmAg{I`!9w$1b{y4~>+0
zxCz;L!~h)vb7^THS~Q_iyVFE^u!);>Pw2si(6HC9&u)5{klgtfn{u+$LQ$rI4j(u#
zL!VcgR8FGUHEgEQxeHy^m&H|Fq2h%$xDu=!E4w)#bJDUfbkCDMK&st-a0gorrEcmR
zsWz>KBeP-yj}=5^=En7vrnS89_$ybqB)OVvW&ZRR*qh_)>&;>qa!k#a+#61AnaP69
zefOWa<3q+_Zlj_UL`+8`5xTFv5f%W!G6+Izj`=)R;Q9^9E-Y&Cve}To_)AF^&T8%^
znxc|9g1tpb$t4jLv1)9XuyJb@lj0VVE9zL&eSqLaLnc!y$X!dKxlhWSkyAQrX4WM;
zH24>~GpuiifRO|oYT<i_{wuer>e{hCjfB5on3#%y*3=cX#?RKRN~y3&U@0l8LgFO=
zCy-0J9GhmFh4qnXR0}v&NI25%T$o71ib0Qc2y730`_}H24$J5QD}M82seZf3W5BkZ
z1%&%EILbXUwfS$K%<s&R_~;ZT4acF-afpu~tp!s%nuyF#4Nx78HgvC|kF26kaH_V`
zHvTP6Wd*;Q3RkqWJ`SPB;QY-#FK7i0)vuZGOS$RZ!_IKkj*cTyzkm=wR<N=c@qw2S
zOEm#Fm;MFc?&d#;VY*YIqHQKL2GUFb8?qeydY7~MP7WYk86xJfDQIzg5dg!6*6B(#
zSG2)U;3+f?I8MjZ-!agCE<10#*6Vy7wkbyp;RWri)NKB;PM4APLxw%Gm39KB)EFQB
z+A6m&XzsBIg1k$y%MVb;)Nz$A_Fm!~XQlzY=iVp7)UknEa>o8j9`DE6zyf~l1zz8<
z8!KOr!a8>oADob!le$cDMcS6u|3sWLE1D`AQkmS)D-{Q@Im8BsqKBoIT8|=2yL)-e
zK~ta5P{eI)@GQ5*VJKCciTsM7RWWh;f_mmTtz+-sy2@y`whNyYYu#e}$8k6D!mI{0
zDD7{CGk633-ecJ<&o;B4JOz$m{8JKdnc39h2#*}Al~)qCxKGBfV@r1iFAN453;u2O
zf*@w1!@+;pj;~wW1zxjxLYRd%Kx&jPl>1C#w}&d<xZ$1ssa+5YGLupdd;+?rc1Kkv
z!C^igR}#yJIWvD3i#(h5Q3BE0*a?l0q2<*sSO@jMpjG39#e6k60#X{)Xu))yoipQD
zxA!1#TZ$t;F<y`AB<Qns!GM<@x%VA7%17ob!LB5qpYP9MAe3Uqs*TpPSs$BQ@Hybl
zoZEDVeUAm}AA21(?&@a?h0(i95Y#g@^)R0}Cl&Rs2L!qQu?6t>{Ey(N|KukbxX(M{
zdtx?1%G=k_$O9gAXQ{e~twzl!(+*^YVOXb7j{J^Mp|w5+QQX}p7uB(G`+zMmgqt>7
zgu#SL91xA5@+mafifu=-!f+9fJ?p;}*7ss+N|M424e}lWD@Qp0(&z9^q2b|eGeX<>
zC@NMv>{4p8xsKNq1Sk$pk-#l;`Xv(6zwR)vjZl;WpE2=%KK&gazcc9`Mq8q~<tj%c
zqFidab0?9Dw`rN+fFukGndzd4=}fdTa53$+vlk;&dX6b#H$Of_O8qbSMkcXj^!jH+
z&W7Wi8{;&05**6-u70jr@b&qt5|iR3^S~vp)a3n;e-4)uVBw6W#)epw&0vYcWP`cT
z8ru&@eR<lV+N^ONbI88md5Y8njx$9joBg<G;ZZoT+U-#%0ZJG{FMTdzPd#^?V#;9<
z`~OeB(0RLq$}RqJCZB};(q-3hQkE5qVNX1Y0$+orGf2wC)KQYz<qc++G`Bp&D*g@o
zy=mp`DNP)}LF-?x?{mGon#L8X7k*_2)N=Ez-xsTUIgP7|uxlj6()b1Q_x{W|XOyHU
zv&LC<RTlHyM7##&Q+2{xG{@T3vY>=}{b{uHjODL!yvmABeerKfMRN5s4b*7qvyj_^
zNv2*uYQfsaUxa?!M9<#tn4jFGzseAr^8)-{L7(8tAL~JUuGE>?DD2B9X>;4Ez~x2U
zw*x0hbnFZ%+`n6SU|0I{eHA*X`=@8;`oZvZ5=l>!qjC0CDC=lgza~?soSD?!ZJ;3F
zoKT8j8tM0Mr^3(_7y|5(oBKNu=l-q^>{qZBH#H|`EkW{o{^(jrQ7>lN03I%txeu9y
zrZ-rq5VL9KZ<#y`t=q_8qEv4YFq5#T#x{nmrP_;mcpQDwK!Wxnq=A3gDNV3-B{{$n
z|BjEA&oL?q>CFv}6e?vt1dq9xdAR@B9{$^=zY#ykpkc#qvA*3F4{n3$%&?AMw4@Lb
z!{gqkCC9w}{1P+sbIQZL)v&hr<$S)r_9fhbepg4ar(Fr``@=NvayeTA6;NMFV;r&_
zVyI-Vw_0hJ|0>H#wy9O-De6%zbue=(kk-dwLD6Q#Ijhn-Mr{TWiwO(qS#2Js8GhV7
z99So~X8Yb*J8I4(L2lo0cR@KDs)Wi!d;1Ii+~3Dkp43<%U;@`GHX+4v@RL)Qv93=a
zQJ&;k8Yo6*o207$PkRCK1*iWI+!otBeg<pd+5bn;HHO!*MbX$!V>Pzf*lKL6L1Q(>
z#I~KrW@9$CZKJV`ci;c{=AL`@nX|RlUO}j?=(Xv6oT5SJT&EIeud6mbe&dVn$GGoJ
z%NIuJ%MPQ&2xPGkO4f6KoJkr!e(BA4+FV>tAO<vAt6+nQ`&wi46H=UOtBa#_GC{0$
zu&rbX6=*cd=7Wd7ITni>gvNfqE3Z7yJ)0boB)fYw8=wMG_5L&8dbqIq(v@veyriv&
zUlK@~iHL2qpL}@eF7lKJv}YnJ6tfnWEMT-G&9{9-Zvlg*(-B&M4_u+o-}DN?txw*A
zn;}fPBHtSDc}U(=nbsTxA^Qp|D`|_8+1Y!>IC^^6FbGS}ysr|*9Vu*VO#I$RVvg;u
zo9lAfaz+5wvi9Jjnz7KnXP?UccOS>@Zf1>FFHD7d7eq*nACY>5Z+`qZILxp85|i#s
zH!7s1hs6twRo-H<16I8{;O%e_zv)Wo&FIC><@&fXLG1-eIw(-3XnuhFmr{7*Ch__s
zc@`M2NuTTW_%m12;UcBEAhW&B|Gjh>gA2$7LZE|xQm!a$W)f4w8hNaWvaaz?V?i{G
zD*M%FZXI@P*aw8mFfd?y1ec^9P|3glAlD1=|GIx3Dh2+~qkK9d>yw4Yo>64+*9oG@
z@8Aq@Ly#7tvV*|Q(%RsVvqipsdeEo|QCYiEC77&1D+vAc%dc@eJy0W>*9h5S{+jsb
z9x%Lj!h3XLZljqc;*a>Tz^zA#a)%^TY5xLlbgFN7O;mY$74cKlMbrC!%<S6cIu!Oa
z(?0U*THvK&)Ax9n>B>RM6GQ#}(L=RT)8XFTqQU`ov)!GK%DeXcFt3Otxo<kS>zuM9
z9cPCfWk`r2>)#^1mU4Id9G`UX(8Laj9{>$g-jeJ0_B0muSYSN-Z?U%{)mKNA1mfay
z2bnQI?EV;k+nI>)t|s#8A~3hR`6C|QzpQMpywHWuWd|`Ty30KWjm|NIXk;uhFT>Jy
zEFm(a)<`g5sh4Las=`PrW0iXop3eL!*wP@%Y=1y$#RK(Y*B3!;7t@_KUWI_H3m}h+
zs501ik+K{6Gl25ft3AedtW9gsE{gUSRcUWb!I&n&|MfH)<{u$e<}MCuvWs!$PAq@q
zw8;W1M6+;F=@RV(_U5ASriRn<>i_N06y0!yD20~@yv_Uzwj4*>yf@yqr1`BWj*LLZ
z8Vi-Pr0;Ka7;Q<v+91wD51$AQ1th#ga3pZ|6qXv<&F+;vab)(f*MBQLtNhHE&A5_P
zs-s4J74w)3?bK#s&`M*i4ktIS6=l9V;o+@TJi6-mg;JiLzM6*Ldw@oVIT%o<w5i-%
zW#d7qt{ur?++XsKFeiQzgr|wkOwxeDWheg_8h=vy^XH7a{bh?Z9CMu$6Ug!&K14bV
zLA71Ih87$4-YQur*(3mWI@o>!VGD}qAV9ub(<2+Z)LeB;1%ClU-j-l8Hv#=zR@SPj
zeARQ2C6%i4nM1ypeU_s1jK7+RSTabK(1QK*ZZ~yz2yM%I0d@Pe=8^BuX3aV?SoARt
zEG(s+^(i{f8M@?Or)v{1Ky4SPaKA`OX<`xIfSrWUfQ}z2$U)pw9n)ZG2UV?1<%UD0
z_#b*sJh6z`QM}XjUs5%)3r<h1f3FT0$YZ1-xSTM+jxfTeoqg<G>U}R!p9D|K8;DHC
z({>C;re-_ap_hBK?csr<_UF#P5<DCkatJ#}b`(KYi=4lxs5n0hU}c`;hn*UB27PB2
zwoXtpirt;UMuFk)wOXR?x64*Y^8LW;4)atW7HJmA(a`{(SJq8SsQ5F=;RD%pEC1O4
zh{voB2H5iFZiX>d&NC6LarDa}{kA;!)7dE4mlUh3t%m%<>qWFfym8mi^-z~+YkKAh
zy;AN8_p7KVSkV1@%K)Me$M)Fdi{WH$W&+ncwmYE=*AsdEFR>jO6dgvq=YMzeVtY89
z(?Cre;-HRfxYEP!+dzl%6URTtZX1sq!+U`<OAIJ@pT@ZpBoQQ2I0Ey65F?(R+av!X
zqxY~oyk2+6S!6c2Qw8JQACXd%oUwBHuC&;|3-$sD#DE63SvGSY+gU>5+~O#A$x*oE
zY!5Q#Nt`^4?Ww4~zfx#K3i)FwzsGLHL8Qhh{Y?jYHRnO+rAUK->$$1bGiBGAJ-2e}
z#xyUdX%sT+D%EJRMsyej7Wt$dO8=h5J+0ZhMD~gN>nH|%I=<U|ia$S(Y@d3n9oyh-
zb#nBQ)c^@Gtz>mhjt4R96SFYd^A{xntV=M-ae3E1av#g%R~cfrr4n`bO(RCNTR_NF
zh*FT~G_xsSuv0epvvv?6KYK|$65BkQkGx+FNl>2mI;s#8^gGK%e07svXSLQHF^0kp
zwA5n_!~(LY18rNPZ<WAwj#RL;FT8pp&tUZwz<k}Yuu^*X86e^!y|P@ZcFLxRyfHzl
z|D&ip%sJ%YkDwa)7k~7nz1>QRs{syqDz;hEQXBjy+T<e$l1`W>JIrwsI_jalAI&J!
zbxIsyxU06D-wL&_GeN|*Fd>N2;WzTHHyGBX=F24->OIZPr2Q}`<z(eShZdW&j%I53
z0N-4H#;|l{UOoGAYl{>@@^R|N-ztdE_k~QElKDS|TcSP4;=4p9m@}tTV2(aa^7{v~
zN)xrjmG#NwUH<Z3Y7Wb|RPbl81WO><Mb?R;@F+ddMni^~8qViIofW&^TSc!VsF@@8
z8>w1u5pb4Kc&cp1`t4`T<I??tk-J$1@|7k?LNUrNwsi-8+<mq?Eo?S=JzR97eZCem
z%Of)9>ebbpdY*QzRrxdOZakdccfDiyu039M_}owY7+T)4cSW6&6nWbF)b8tN+3!@)
z57|-k_$V6sd$otR2IbZLl&l+A(t%imNW8qC5_|bEkJ#P%&;DU%h~w>KCe-;2*f?-=
zz8z9@YFTeae4OBxSSQ%(-VGOWE{32e=6RmI?4tjG66wp0yAP!?Fs>uA#uqU~%xq^Y
z>XEYI@t<(rv-{JaomuQ8AxVdmoXu*DbL6NTUQ#4}Rd>1|wgr+{Ioo25J=&FH1UZSF
z(c$?n#h)McefL`-r=OC2!8_`J7FAUK^t%RE5G&prD>YPES*1@=QI+`vZn&kH|8OaT
zu$cwY(tsIsY5!P>YUrTns+X1*v_iY9;cwXyEP>uoA+gIfUrrS0Rw1M$iSc#L187hf
zl)_Zg0k&|KyuY3tB`ieQ5JQ_E%vx9vqN!N^ERiF(&@uSRHVVRX<Z=UDTVW36ac3?%
z|KzWIJ9W+$hutC7?szB^nF9~}nF6~^g>b_`LcV?V4SqDzbs;S^w;wHw#qI=P?q1CV
zu-d5d$?v*<dwa*eqkzC1f0MYK&=(jonr24%dgbNet*!BTdz+|aXGi^>>uuY>H05q@
z$;gF3A##AF?=cw!<u72<#0GEeW$j(XJ{5J(#_G{*rmDH*D}+|$w?0!6?sC+}Kh=s8
zksUE&YR>xHQGLFg*3eqHS0qKy)apfy>INw$=G_@-#jz5SFQED~^tj6&j&hxU0Bp7J
zrJJ=$&$Z=`0xfiY=xEK3ywrYlN1s`(eNLSG4C|`Qgh-6EA{YRTH2k`eJU^kWs<rHF
zj?Xh9%u+|qv`_++TZk887SNEf)N#KcD#ZjsgOj+~bgkLjHLoIfPUObkxjdclI+ze&
z-t$-9b%bjSeO3nwopiT?4>}2rqu?5I8?@eg;*4WK@Z7~*i=DoBmknEsiE(<-B_GJ5
zFQvq=R1@T9Ap$7zHG!BElvSB`U|Osba1l{aU+MTFTO!-1mBJ182;UsXPumBqKE1X`
z*uIi29_UC1LQM~Z4Eu7Bw5(q7Vl-#R)<`-ydl;aB3gO%yJ{G0sGh8X!eo;p~EAULN
zVXbtMJPk}-4Jnev-*Yo8MXN@nOY`cTTV!YjqCs??O-yNdFU;2%a^cargFeH~&$oHe
z?9|pZXioMvp4JdqLX*cev_H0F-dS4=OQ>`H*{lOxWR_=^rv(pJFR$-T&2XjZ={S*_
z5GM@(!}>_qp&0-+^ibaKrOTKPuy1&9)g~inCu1*vLXS^CsWk+;94t!wsj7p#fg67L
z3TJ+q4W%^sC_<VDZekH$UX&)Xob?`mCs9FqF-JyJ5)2(5VtiyGekqh1nq7)#Bf>}Y
zCx*3S?)YV(jL$&iHaJdA6aHz6WKAsj-V32r;!<>oRW(p%-LM$K(E<J$Oq(yy6Xt$y
z3fGxjAfNGUU7Y2Z*n?M4|7W-*jZ>1+0GfwkDRY?tX#aqKRMWsdX*HHlI;Z!$aA6_Y
z5Pa#_5g3qtIfk%*slEWCgM@Z+m^(c;_LKhQD)^zrKL?`Wmt4u)x;$M|41H2LhQc==
zdg`=}6adMff=zPOT<uDn3Zz*Ia=fHF1h~3tGu2<G!819_1FAp`P*U9Ea_u0f1`$9<
z5R-B5V{eFJ<n9F~whn}S-QBh2FYU+k8$Oj3<NTy{EeKY;+vC8|d=uJGuy@n9fq$EO
zP5peG{b0Y7=V&aWpWp<~C!iAbGHEG;x3#uBO&#5UMq^HV<GQdnHc4E0>rvf$@%_C}
zn1o@q^A|%h=A?#svpaBpHUFNdNflW=d9*SQG<X7j6Pg;A$u35e(idLw`C_^g-HS7>
z=F<e5Aem<`ReBSepWrfr(%ry_v@LXDddLS>dvU}Ny-<%I3K>-SNX^}ZW<%?Y`7-6?
zvv&W1@r$QVamz1tXA}A>fmNQpCU^p(uJ;Y!@lRB{&pl&n+BB2YL1RyWRKhI~p?-;4
z!k}a!dytZjwJHKC*Mbx2fw?Vt^Ou|Tc$o-uSO8dZ8m#~LUb*r_z_)Tr%zjN3Oc<XE
z*(FZXQ;7-2gSLE2G`Uu*^d9wsdgms(qA&iv44NCZz1$dqZ(XvODme6C3veEDehGHa
zF=Yrggnxx=O^cJHoD`NOCXKdg(gU1TuOpPEwBX|Y9;sK8HLBEF%)$MeZB_e5S!f1B
z3Mws;?emJ_WAXikDm~8gYm!3TrbxqhZDo07gen;pq`aHuVXHpMGc%xvD}TQ1_Ba!d
zy(y3|S!L?A=)U1<fn|-|K%M0IydTQ`p;=iWDFnCXFe$N+Kqn4G%CYUJ8v&5l8@CzH
z!m;jMjnI-Zv%`6)xjvxFTr9}&dY2v_56L5Lq1-34((ou7J|hu!^Gtf+FkU)c<8f71
z2Cips{b)=%7T89jr*j&FOqSXz$bfFBpx=no(C9&BpT%TkWMIZ_tZp%nDEWT0pVXC#
zcP9Y4UJ4@rfiOdJc0`&XZNSy1=QGQN7f;I(ny6k-zTw;KmYvJ%+r3KQ(dWo%Rc9ZX
z%QuTy5J;mGY4YR${I@gQV9TxU+-#67mU)bQ_-DDO^*@F=sFa{kzrlHN_yx34WLtN$
zjz@OEF%ET7b``ABv$McoKG6Jhy!iX6B)-vGlbs;hcajJ+G3HQP0AjE51u8w%P@v}^
zAJlKb_Xs{OJ*-O$@Czh}s;V)PprLFi6DLoy50<V8NK)N3G)Ma^J!6ne=m+r0QyJD;
zNgQrt`%bcW#{O)@p_v?l=q+l>7)(p5pKP%&Qk<$pleX22%9Z7Cfg|v%V+puA3q^$)
z>={fa392WC=1QLc=w*6Wj#k%So_x19zSQIe?M`e40Sd~$RR1~>%5gzZpUoDGJcH_V
z4^yN(H?L_L2uBYl!K>*cn5o{cZ%3@iLIy4~STD=H?5@`X&=h@RR35L@Ey0t$8yl{j
zYrzGu<)OWt_Ad+MuAPQ$CU|ZNHIeUDe}a>l+O_`Lzhwg-^?s=2S*2nwKX}M@ELZFY
zn=uWrQYAgx=Y?sZhkcPW#dNH%QJL=D^>T^gJyy`w*bDR)8<z?ftErF<rPGS5;jz{i
zSMd!e@3KZLUB%5!rIc1yhRC(|gouKPrPe3$mira*et6uoTsKAE+V9}Rnr{*_UKS*G
z^cfxaRVga4#CrYN%>Q!0c{>G)@TZegl|?v1`&!kiH40rapn+=3Fmo*O7?l}my9$jd
zrG>eui1Fc45DENPcIrv=8x2P$hTN}OcdBY}d`1JuBajz|#sz;#rP%|GttrV1kR>EA
zB%K0R$DetPJq?a=A>3YaA+SeR4KN^z4ONc!Fe>f%1zW!2fF0_Hkv53umnUXaT8@S*
zYxunV9(bDzGsv-#$2JQ>ATzKqDY*T{sOf{{(f7jc_;as-x`N_!x!0h8gnF!*$btom
zd%}jl+k>#3O0j-{idqiWis2|sg8nN%xp<zow@T1i<?TzO?m$i@GR)NT2M-O`GPJL>
z-u69R%3zF_2I>;+1%&LIRcCkSDJx_s+S$idEk+?A@YGA-EyP>SZmd|HO0f@3%fQ4m
zAVnDiJJBuyN8a-%I1r{cSK`g`kA9|cpoxP?sNioNAp-D`g9bqm{5jQQA6g9XWHLB#
zyaomN7)*lRDY?5A-&oF5?VyD(4U!iTFZkngddV!!!ntD5^UD3qez<V{v67dk1<mFt
z15JJTs^E0;6DcI3GwS}cc8?uHDE1Y*XE>UDJaS&d-H{#)L?Ldv)d5$U_~cx^kQ8%d
zY^hsI<!ns0p)(0a*yeHx!zlu6M5k#=XB61Y%ww)CnS{;uAwY!)2g8m~m}FeWJA!2v
z2*aKFC$#*&g1nGCrwXwJ!hlojFaXrg_<4l>S$e2pT`qST?!=$9$)fpvDFt03d0}2H
zW>RgqjP|;Q4fLQZF#!(FdjUr1Dzz3@ga43oyI<GZ&%-t&M0>K%RzSBVvS@SDvvfC@
zr0sS4I@|n3S^shyV$HuHHnT~dLgq5y5y!XtTi5xq1xlcN8(R4?pO)e=x7&xHd-qrx
z<#D#MR$K#A>~gy!g?r1syzxWb%VXY>GcFQJtiQjLzX?IsvJZfKL=6yW5`)^V2!|BE
zo%?2*(;dufs9)5Hff-OEb9F8PPu}WKr?+LlU&|tp-CEC9&N4eaJheo;d-UrIs46(L
z(`G4Hy1drZ5*q95hC_^Cka7T~Eudr<>G&}Ei~bEo?l@7w%)K~E*Y6WenD6^iK6g+%
z%98UdUF@0^=aNcF5$aAHh<w62jip=#zgcwD_9cg1x#-mjm`_^M#9J4n<3lYy9rjT>
z(+cIUee08aO3Qk8Y<GC?ZVOC=_x<!SiNP(0mm0mV>>B-XuRIYkwwhA)H9x86dqrP&
z19nJDlYbswc_CH$4<yAyblR)FM(G~2qqv0m2y$qgz<;n~F2X~u-8$g1i{u-SmbRT4
z`0)je;m#Nlz*WWT0D=^9HI^7M6KiA!ji-Q>!$eA|8joe5y}f$(k}%zQ_)n{?6x%hG
z<OXID?}&_3S^xy>;ncK^8yd*5i32$FDO27%0`fzT$vd^(F!=(Pf_Fw8YW1>_!}7lw
ziDVL`)ez_`6&9)7Re7!UX*{Q7v{?l+&rJ$4SI}w!)l)Fr^|wZ?zw-E*!2P#p!imdm
zYcD@dL`iVIL4vjzx#bXvj9j4fZG7iS(Y!A=D-o@vx29clrycj<wu`vCfCt;yiTw9V
zyInK#)Xg7v0)PxSu|Lp#y3Wj`c0RLkt=-8b__E4H#m^(!vyW#-qujv;MQ0n$rZ-vw
z9iRx1WO=@9>*d0Mwu>ao6cx(OOf@lF;}pvSBV@CmNi57bvRMdtnm^iom3H&)&F>Ug
zthl!sbNIW}HyARp>M|7?N6@=9V8?N+4;)z95FVk&&hF80wuq_`?QQrC;9}yqy`t5V
zd_T>$cZmyYBFV5HvTRfmIBIXd$FTJ269STgI9qs~F(sU1AUT{>bqrNEF=Xj+2dSXq
z)oH^_Y|Ykm*fpsl1wBTJOS=S}1IH!{c=KGe!jkCD`wzf3-B2^B#pRX^t=DPcls;Wr
z*F=Xn!Mr*}i3_>m<y&AKT~eqc4uxUn^ytS5Yl+PR8c4IS)Ez+5@@n{fx=S<{=9&Rt
z1cS%#JupBfWgFoiDFM8=Ve#ZX22x$Z^g&ceaNYUy-QN9$hSLwK)k3DG51!6BB}K3c
z%j>g&Etu?DT$atgF&DRPl*9SUvwu{?Z;}{<98AApQse$XQviZO{$rDYbSsr{gL8Nj
z2twjGR(eye&PdjSLO#ncuUFZST{&VLx2oOe_EznF^8)(R*Hn&}G7S3JQ=qe>)ytt7
zr9PS&qLz%5qk~*g*U}io9b#!-TFCINFD!N9%lD-tc83)Y21?kwlDeQKEPgw050_!w
zj;BXE2<l@nT;R~;QGxeKrYGdzuKlU{rFG{kPXnbm&PnsV6L8sW*e~e+C~}tjnUB-%
z;Qmp&?Ao5{gCpO~LB?}oh|O})*&OpOf?wSkTs-*k(x>+bkf`4U!Vh}=6TP}xo`57p
zn$~O}2EjnUc<IUgty3CzRla|x0~c!*%~Akq&(>980a5HC);a3|W8c3)-`(TE>tSdA
zNKi|?VEHRy*wbpcG<HxMVAXE;z`jWmyF?0VDiyyT9ZjVg*lTVn1a7<@;Tx=erXtD1
zP5CSZ$GPOCZaDK~j3`5cV?jyU_-a3?cCBXipHuC)x^$667$7#g-R|y%;t1talWdx|
z*Y41I1Dp1(mywq_<fVg~zctpS^N8XTf~Un^GD^$+ccE4s3d(FMOcCjs7rrbkl}I?O
zK$Ryx$6YqQcWizAJxH-9k4+U3QiF_dQc04pc17|?59`HZa;gq?q%@6GcI-;@5n^-`
z;R~yGj3j4nCh0H{Rgth5fT{T%S6I2Z2TDgw5B~}Sq((`hb<Dvo%Fae!%7BuR)He53
zgwo(Sb@UWk5137lQzVhPW!r<HQj5K3960wp4;Tm+0D`aEYc^{l?7+Wgb_Dlb>}(hM
z=khEUJF3mU=SL!Xq1cwqxxm8pRv(xB4W1O%GQfsjU`U#&w&R$I5o0g44SSf6mxP;{
z@2HEST&v;9Hdp>Bi4C1B|CM1yKK^c)WoGyB^+0II9LTu*7%Fx{c>Ban8FtCc3*@;W
zW^Fl+xQEH$eH2-M7?r*t?LiDBqz_!$YVt+=r@Q@Q&ooIts|0dQ_eVF%Kk7$fgJxtZ
zM=YWqt@gYAZ-m?UqNv=RFkg7i{Q|TZNDwN#v`%Y0y%<hWADe<Bm|Hwlgljk}QJqeW
z%-weWeFMTa{Z7B7Gzw#hbv$TYKvdv*1@P4ii_GN*3iEr{T?{_HQ@8VVp1NT&wu`Kj
z1ou1!jo}O33BY_OVP3Af+#_@&*c9Y1oNh4jX3&dDWzH$PAtA9Xdgkhg7b|po;)vML
zsA<EEA8fAmBZb@92}yBKc_ZpP9`bAhc-DIoy8$$dW@r=9YAyCy#B5_xwi}1b!+|3q
zJpy7=r!08caTE9h_v^=v+heT3LrVw}s()vm&TPaVwAZv@A$S+r6nfuLUeyTlLDOUn
zEz2tgIZUYj7S63>PYm1U)x$fdC|LDaJQ)*B7KOG#Vzy5%i<d@D_<AA6a^e=tcbFSG
zdH|*JbUDFN76+Y(v97tM^*gj&wE_2$u^?sEzU@IVEa$#y#~-vohPk@=c&$aC<4xY%
z?fd>>%i`GHd5ykdXsmYA?fYzZf4KEw_4%@w`-obydy<P`FR#3393c?j6)cf8j)BL=
zWn~>uGwUE@p|E3l6JbtKqqG8Llc-&B3+VByS@XN^<w00XDiIJ`bM8sUqUS~Ol<njq
z;uJ(UW(<pUliIt>xBH!)zt9r~2QtGQnQ&vc1gc7-F&NIQ27v%|2T_Gf?H<>9)*GMx
z6p?s<tT&jb7;+ho_;+l#r*9@!J8&-L2?<tK>vE>-6P+_r>jZR}!rpD){&|Z<1A4HI
zqEhzMY1=$Q=2%LnF<J(w+b~L7cQ%nk?Kygvp4od4$V*;!Db{lWhD<v4BxkdVdDFSL
z{luQqtf)sBS;U}LF?(YCoEJB9&g=Ny?X9$f!-$Cs&gKY;Oy*nC(-*?=hXpnC9(8vI
ztATJkeX$H#I&$kYyNpTZSxet|z<eJ^d8I!vQI6r`f!IS1t!yrK<h3t@Mu6ctrXU}t
z^kLw=yORWiQ%o-C?_&lB8K^GneLEWl!e`-NS$+R|jDbDQq}+3cfm2zHDv4ubhtD?0
zK{g>xo?j0?OmQ39-3gf3$0NSSwM@Hq<F^GGnTl2p7%-tCvio{%WgBw<p(C?9E6r{@
zHygJiZ_gWnD@=s&DH&;KvCWZ0@Z1QhBbv>hZTIJHJ?EP*H9JV}yCi2DAMAQ}BoKO#
zYOdlnVV?qA@|y|Fj}%k_G9(2kIK<5OO7bw-6oPPTGVUFIVR%R?QTtM%LQisY-0;;Z
zBsHNH6biZ8=P4yG1-^1j-YJmxpCA;L(W%K-u}!a1O8~Fh2T_$_Ye4ZYiAF<D>f$XZ
zUK(uHPXw0$5m_g%KqV}TSbZ^K5%G@(Qj(Cjdt-~jM6Or;Tz)!(j^}$XFo!7)TjQT3
zg|9w!gn2Fl?Cn8ydsB*n2G@$8ZF9x1c3wxR1n&;7u?ydyN<6gO`h*OJZhdYd>qH+x
z<JGCIJ*Y%{d~%Y_?}K+h&HonWVCp0>g^HUDnj$)gMD?H=*&bjnIwVU0^EU@Mc*H1`
zaJHOZzMxDw3B$5x$&U+C(G~yhnUmK6C)Q$-HM81NF}EEh-)Eb~oCYekUQ{yNb|-ns
zFQB%W03O~9=zFq=`x9#9e51%_haCWUbL>eDCs{J>_`TC43wIF9xZW<zl0e@3M{otQ
zwY#SkX-%>A3LQXBA33@Ur%*<qR~VbCQjPBEZ@AZDDWq25O}O*sI{xp|`5JNgI4_e=
zp&e-x3irTwmb8PP7l)OS^(-TFr2mU_YMVRUmW$gQj_Sa;Y;%kLfMZyNKDfvn=>$YE
z$K+3BoR6#B8lhf{e-4maIldgz+)17sN_o#x1*2o1`5C|`@UYq0YD=+#^G3Jq^`rQ_
zg^u8IC_PPpRM&OQ?G1lyqtk+$iwmJNpx-iLn^bxwLlL0=Q|_1F&k)x?KKZ;SnZ<4^
zBliW&T;pIbwc7?^`-eQe#uA(6W&m20rtP??_7{ot!=hoT`Pr(^LH3jG!b&MdMYHY#
zO2L{G)F$9s^aw0km*uP$_}H6xP?W9eVl+_3<G(pEDB|fhC77aLNua;&u)`-_Vo-M-
zngtD3hl%K?!?axaBCjp+fh2sEVzY-wsjISB@P*o~BOW7_5ef@U$cSM|jsbP(U-r&0
z^_QKjUIN-*L1g154F#HZC#8(y8Z2;hTIIb6gP^8BPf!FM8<v`|+>Rzx^D@>Hjca^8
zu>?=vvKcR2=^O|Z5U7kriOU1~#XoP9QXWrksE7HU=DHxV?;T)59fbQtaUT`hGn|+D
z7`|Ktdfi0;Y+(p*4__Gciaewv!mfE`-u18%O6fr_o^SCvms^}U7gJ!~t*YJVg1Cs!
z7eGg`gKscX&eFR?wT+ksOdi~Kb(UVM-yTVH*fMG~5b<GKU)CXX_zV0bM?K|wbcGAZ
z&{R&=7@zcdK5Oe7eiN235@yObtJ*EF`?gms7$$x`y?lI|y|xE)!TYj95`v08>ZAZ4
z1sdM1eR%H^PrnwIbWNrS`!iFt1z$!ZMFxOIG6D0sp^wz{im;f^k=Bl_cehq7te-|a
z|Fc?3uV)yT=o5Mi1a|}yIrrWBQH9B^Q8s%xi^@-yy?|uSN=G^rn4AuZ%Oup*K$(1G
z(ddDRUaMXdeQbp~3eJ<RFQ+3t<8_oQBJHVi;vblaITK-KqZMnUy7k`_7nL;zv;c-0
zdF}?X8Sd3|ZSYEiz#grcI3s=PI+_g1O-RS+FJEM;9L+#dO}l(vE2x;maU%|ksDf{l
zs(cEVqxs?AcZwLtO`2gar%HR`>WR&GlM`c7o|ZTG($-y?!St0fexY`rj*IqiHU{oB
z3A`qsX5kl69VNknBn9S8B|WzL8h|IE(jURze>tkmRHU*7By{T=s*N-&C?Sy&e)a{W
z)^&qEa`iBGNvwdR`=15P2;l#!|AEHZtaRR9;fElKL43EceRhJUAuY(o)_x(wjX$>X
z`qh&0b-|2Vl1|-40of0<^Ug;LV8h7-@nkyD3&?UMc1D4TC+n4DIaH$A>42U>X_78v
zn8iF8Xzyh`QpmrACAhcia(bp9B6i9CP3H8htfGeFqmEYuY5PIkVmzzv9>KPH>1NzQ
z?wv|}UanO?-;(S$yTjib?vkA_p9C_0EULzF+zfEaYfD<9*Yh(Zb>na%@8ykaCmm|j
zif1IxqV~$I;|sGDzzC1d0{CaT7qu{n7}YS{Fn67H;(j6;V}X8tZaI<9YH43GG<HlS
zd*AySS`>q?-I$l?$WG*m!w?&{DwtIzWHts%DFOoq?C8@eZSyC8-ca^SB&oTS@ek5O
zY13Kt(2e+SNgmp!Q?X?VBT(2~<a*Eln7_VT@3wD+SE8V8D@n!o28|nD%h5(S%k8>Q
z`_=aEBA}7CVBsD>&>`>5n|=|+spz^5McnucktKJ6lmFVKLl-N8@RjUPc<vYE`BNk(
zl2@W+B}gx#865gwi=Vw^-D-sn<Hhd`vjD<7{158xBN$!N%aU#-rhd@@p)hT*wbg(M
zKL%yDY(J_ioGY!-V4!tHga>*q#|WC89IwLKWGQW1R;W7f*Jk_Bxn%j)meW@SSNncj
z2XaEp)h2H$AKzArbY-Sz7Dhqa*~5Wu!rFlGI0bg7r!i!+p7{hz^dT?{bF??wRB6*n
zwH*>k0MtnN`f#fYlBSk1|6&C)F?6n8DJi91-+N?|bv6qwU?ZZve;CKxd8;>D5qP9&
zmEggsqPjaoOb=;b&m*wBF|m<yU%vuw`K>5y|Cl_{$Vffmh+!fkE!lCSo@?T!0YxIY
z@T0o4pYaPNJAwr0az$4p^4yR2(-2EMZt!3b%i(S?;?=#wF6iKcLRex0Q^2Xy{`x?S
zmS1}xlUf%DB-9dHPI)&=&HR4A5pF>(iPCc}yq@bz=Y;uL#r3w0XZTI6CPkR!WA?;<
zTO1|G+oq;2%WzEQaKULfIkD0zfj_<yjSQBmJ58O?yziEd!F0k*<;D72xbB#Y`MeY8
z4>#rTdWWafu2B&#!X+Q{AdjESw*BSYl(bL;$95(ML=2e&3@n#UM80voPv%dYtwVyz
zI}{yHU`w34%!Dc}6%zV8j|vt}qkD4JoQYK<5nafu!qFh4uqY+4=a@oA);H|BV3~!}
zyn7y`_$1(&k$^mbX3hazCt3RYMZhDt_*gOCF7-!tUv)!EqR@N0tE=N3&4c3O<eSar
zXSF!M0B_X1I!bcfbhCXAkUYq5R8sT)4AER&6sp7zJtowadp6;lEw*BQA&X<SGk|(g
z=qd{~&>Nuy+_8g=pZKTW&rX;pobn!yafHUsDfOOK6dm%*A@7S%lg3bvjuoeR3`2PV
z)J~<74-yB0kRo5-B3FHvEi1Q!G4tmA2Xw%C^K@lbE5@(1cN+?-3(H;dY3wR&S*6C;
zk@^yBvYMVaZe|g+#@LQIU~3z86KvQW{%ZeThtA&OjnII=pk#ghzBX)iZRhqRY$X8P
zT9)uW(k}2)KbxTK+PCEyCwC#80^o46C3rw*kM1-$>BjzAbtaMPY0}*D>&0QX6At+3
z^9EaVN`kmVhC`jlw7Fj!>darG+2G2ncE$^%Cbnr*8X%CyZ%qcP1c^o#54d0y_pp;*
zE}V86+VDc^xC?GG+s(%`R?JX~f|P~_wTgjnm4o<=z2*~(8B}o|RI@W0+Z!E|%#u{M
z5%K$@>be^Fv{o=>UMW;`zqcJ{>Vf*|!gJyWdjmUGwshqv3NwMs)Mni9Th`5Us{_YQ
z^_SYt6Pj6+8(tb}UL#q=u5+$9w<RiTnRxqlz61M>;m6g%>?<4^mZpr60?vZwrBg(T
zLE-yX`Nhva75+U03`g0mC>g8f7KxD3;~nw3S{bm8X)sfQE=pKnys=0AtiU?+1`ba)
z9~k?lEXpR4`C^;|q-oLbm~H3s-=IUM!(W3STWx~~j^tD|+V~w&<Ip${V!zm5kG@dn
zUFS?gBoR+t33TEHHWeB~T$qLZt1k&egUcdY=-wLFY?TN6u+6O7N}m>g!sj4fjp6iU
zLhrH(Yr9z&c`TZB;C_HW!7IOnh?%b7uta@K1DBc-`;%QO+BdpA2}64ROaUI%mUi=`
zaEQIoU&lO#QeTcWhiV0X4hSq|F}ln4mKC6Hd%~r?2zPQ!jBxWf;yxS9YsY-!<gus8
z7Ah(H4ssZ`x4d1$$+rLeL_|}I)b;DxB1Ewxb@mgQ<EHLUJ9Mq(0rPns8SU6fFOcK$
zuCFhTd@G%o?gqOU#7K*%%_edc7bTr6O9H8^(DZl6(zZI0CYFw<6DFj}kIiNsRqiYI
zmp6<$#cKxteA`e7*QJ#=SCa+3PBcr8wg^YWok?X+^l+6o{5Vi-4t@}AJ0(VmbidBC
z$vtm!W9(~W!uAm`KtHxs;hM>*DI$ACsr;&WXL~JsX(UD^A%RakkMEIbaL(HempQ(d
zN}+jJ_r+0pNN!szi)*(s>QCB&C|r6fKO-VA`^}{y?Ozlf743KHRQuMx)dOu))ZrO|
zrt9sO7c11spRI!nRE41=XQ6bV$-#OHB@Cb>zrOJHC2|-@4i18cQ=Z6x0x=ziwe`Ow
z47AEg3?}Mu`A$ooEaJ}LaY};h%W$-WE2E5?#EK@t6&9>v93E-LAtydzy99~8DN2oJ
zlnJrP|JzL48iTj`z2*>m71TkuwjENd_r&wI{h9<8#tz<#fI;UVL)Q0wvq|%Ol6j=)
zmN#uUITKLpMa$2SfZunK$nKf14p8?96AKg1ls{9pGiJzE#w9lsusWj5?&$cCEhW?@
z3WSFh4te?6w$|AG<6m)eFp3o@V}H9jZJu&(v)#uXv9nKh2AmP~Z<fQ$I&4H^CuuAG
z7jB>FfT3|Zph~e#3=cSnm(IgvGFQi4tW-eE0o348K~sO@r8n9%cnhi}Mm_I_*T4?8
zx@cxjrF56N|GlEv@paZLhvN$Yof?_)1zC1oq-X;B_y$DZx-*g{E2!e>BPpt9^XasS
zBq+asKft?=Dq*lU%`URckeC&sVsWXE`4?q{L3=tApI9N2)NdStEbuK5`VmGyn%|u+
z25458X}OpFYh7S{Xa5R^nU)a})gZeEmUx?8v%|Bt);WLV53g<!x?zpk|9$_5m&@f_
zgeq^%u6VWH0GU5J6N4p!%jCc)X$?Y79fMUpuUyg1<h#t;d=*a-JDmc^9X@tMONQuq
zFnfJ({y95l9kA_5ZC7XqHGTEX=3{An07wzTg$wdJ_tSoW)lU(nGTwgFFu;#$6_XuW
zG_%$qkvu_eAxtt15waC-4u8Y+m@=T`?{<ottRRe|uc)eHFkNJ!%}*=xAlFLo&uY{r
zYL+)pKY(hKIMG0v#Y=_+9i5=fQSf1TqU3q#%{RXkJ$W{NZTINWWg%hC@*jk^kTE3l
zsXL$0n7{}H?P!EZS45G#K`k#c!Qvr*tj8CTw$U1HyK2Gg_zG$>0nfc$-UEA@$I9ka
zySAd0ERK?J+(G7wid`11-$J_1=l$(JzjEIqU++RlF{$YMQh3M&MW2y}X5AynwxWq5
z2C_u{5)-m{gmoR!?q4ie3ya=#_RYKJ@K)?q7J&i@YKv|e_zC3V#7ya_P`t}A&fU|R
zCGXo;_wu}l;dph}F&16@TK_hFHRYtCrn$9w7=`)+$RepDiV2YV(cMpj*(|-4VkW%8
zN?eL6T>FF!PUT@UW$9t9=lfy#j1u;QLy$RQ6%;b&B7fTd#Kmte5ovjaTVc{bjILC-
z1EvMG7~1q}RL_zUvJziG+E7Xf9<BCHW|{S-aYg|vvfuVtNCk0RQW}-PpDAk+OzkfC
zGUH#V%q%Id8ISm?q+6L!rdtm>%`V$~wXQjv3N|(v{iM**1g5GDKW_*X*@T-Rh*Bky
zZj6u%DIXBRc!E4R8t8u&yLJF8W5yluKu%0haXk0w9EZwJow<4sA5l;g2GNGz!k7-p
zr~JC?1kTFoe?XPHawvsI(QVXKX{1gJKkjR0tR;3aR<ma}Dwr8x53&*Oh5U-xX|>c8
zt@h6(yq8}h$v72N>o%^Zj3yHwiwnc5)C)sk$1u6QG_y)!3y47<J+#*M`d<$LTO%=L
zA@a4X?`j}YPr5h<V?(7bz9?T&C~{xn?_j8xNa;)->IzU6V2pW-Z(H2|8O|lbXzARE
zl;C5v#Y{JNN@HTCJtRM<I(+|Z+gn9#%6<Z0SUE)1aSs(S9h~%X;*<wIstXzf?RKOF
z{=cT0odK4g-io;+Ug6q&b1pC#MJ?ZR(=whIU=e3~3%uH4ea%#c{%R($)zyq3?E7j8
z4mMlU?JI7tcwFEOT~M0x#D3=J7I(EQjoVP<BP#lBQsy%e<R^wYW&~7sKl|mwJ<T(>
z&EouiSdy|27KLeLag)iJpgePT>$C-j+DPvBC*7AGKvAyr{}NE~js?ol6->;p9!ks2
zFYq;H&{Yk;)BG?8YQtW!h>NvME(18;AoJRfl2AcQ|K+w>nnQaH<X@;v+1&ObCHS$p
zcbRr5eTuH*|6O#t7-BHD+ab$TZUL>n%?n#B!y<1XrDDr=JicvJEH)6+Qm4y!3yWpN
z_|=G7T$KA!R?rUsEWK(=Gx%G(G%cr?xlM1)59GpgOB;&k@CS8EIk`Kw>|BveyJ;qh
zh}X@F@hFHFsuAUD_*0Nr9l^q_3&O94t6WXl%ZUolG|iIqoVzg*&a{)24C+Vo=3?pw
z!i~a_WnjxsB#Isuyt=e9GJA%hC26DHb&{Ng86OpFFN2DK9K-G5LoA-*<hjxV{)B)9
z2?EjiuUaefSw;L+y>jL*`Y(<x>AKs)=3jWES1i@PrKd+Hv6Lrd71A+x+Zzqv6!vDR
zPJpz~mC`*Hkem)g)wDMwBCsgq^pY(H%iFB9F{v!Iu<B?Erfb;jILR}WC%&4Ms2}d<
z!_Z!XE0JykCHie`*FXh%O(+@eBwrsJpA8+1XCc<$32q+Kd_d0o!CQg^SB<Gibyjiy
z$ZCtZUh6A^x`NQ2UP>iGW?^(@TnQ%6=QyLbDZ4Co;aNkyduV}P7uDaG!e!lcZo6Nc
zL^L)~hTsE_QeCt9^)Tn)oNQ^AU=p*qUa`D{FCKw_8S=7Ewd3C}EDsF7+OJPasz#>%
z`Omdw6z3cK%$rrEhN-0h>ur29q1;FH3-Jq_h2^eqU%9$J&##L_$M;ki2m;-8Qb+1?
z!^!G2Iuv=lAH7Y{S~@t;E#Em+?bLMP;zwF;3ih0uO%kR`)8gtAc~5i~3JMCBo0<F$
zZ`PuL2+2>o;i)K3B(r7_p`wewfrJejlylP!x`<U4#o8#MekHTnDQ_=_FS-uT2c6jZ
zmoK`S7|hTlf)2rbt1^NaihMG8mgnO~jnr}U)bhzCW_avO1P9}h9A@g7kj7=Jnr6C7
z`46Fat-7bf7W2Fy8=l{#@ORm|uQ6rB!g&JZ3AFoIzIaw%hiv|>F~n2R!(aj-2+xEx
zX5UKQgh8<!!)*q_aPpYksH`QD^`AoJu5?~I>vRdZL$(8c+EuQ59Kg95E^dkjBCdXJ
zbhiqckW)6ZBPeBXyk8TZhnt_O@uTCy4vg)$w~upWS7_&%#P70uY@ccJRZZ1H+5<oo
zL(heE{f4mLf6_}>1Q-1%<LD>k^mmt+k168vACZ);*2-=QUOt7x=vF*6_#)MM^K1xv
z`KH=4rI^V_==4Q$TH0oMi&Zvk7mC9BcAR9n%F&<`wlJ-m!~@|XV_+19yZN>}ip=A`
z_4Q<aT5q_4QG-voVmptXQydemodwVxFcuIG>+vrF9vI%oz=o~cCSbnBEsh%QPwT8g
zR|UPmRksJ(F$)M1Xi*^_stPmM)Lh}DRUk8bBM5V{o0nB$l~fDTx;w4bL^a1BNIH-f
zx7Gh$W5r``w-Cs>?Nb+~D%w58T)KbzLOYynZ2(uDl%<}$sy9a`Yn)^`$_6N_OQ=$-
zCq0efx9TnqTO@IUEcE`M!TpvYub}_W@6o*AeE@NKgR)}>b@;Yt)vhe`4*}Pe@mEgH
z;uDK070;<Ih)(Z<)RpC7Seev2VVR<Uy>jn!b36Ci`8)ClJEQNZ4|@<Mk0=|fL(Lng
z;UpmpR2}}rWNTfe%rB}!89)?5C(qjznR~QY3Jl~lNhjP(cFfMNWjFM%QVA`>#&!P|
zGY)M~FD{=Bd#i0OF?mw4Va&@?k8KS{J$cULjNIy|zX|5m%cCh>?rEH}k?&yP*QfX_
z3Wa78YkHt}*k_Z3K3XlC^-P5>f$^&z-`P(TH;cfPyliUddULt&Hv(VgtBez0>rab(
zuK5~`na)wA$pZti1~a*urOud+Qaf%uh}ic>wI}y@=$#jf)rV*Kqj7OWSw_Ae^kPNF
zVJ4b7H(w=9(eTID&$UN3e~5F1C74)QC@*#nV4j9BYiM<I(<Y@br^uEt+idO^AfxrL
zL#hUV&7Pocr<&6HLjY&sSo>ZUa=VCzezViGvAF_|Za?|z;nRJa2iezqxK5=+EN1wT
zX{?(65VDOb7^^%>UZhu$>Zp{^L$u2s$UB#VSEUb{R)Mi1``}0B^pP7vjSXBLAJH|t
zdcEfIxil11L5M`-NkIyhM{eu}-tm+a8rrz&VV=Ud4b6;0I04bRzx9kG-I0fZ+9Any
z_F?`ij}p%^As_J5&!8k_UQ)_Oi(@?~@|w;S#CU21SEUK<BVUixPUhJ9`&;_p=Z--N
zC$q1_rF(70$_RUi9!$nTW+UPQm`oWwbkt#vPR(kmQ#1>p&1t$gSA2Onxw%gg5@EJg
zhZNQ;5Y!3~2H?sc6cnciu-r#pZ2Yrm;VfC8X`GwqWhmg8YLq!;bth{U4{pm{_DBEX
zpdHE#X7C2X1KK_A)h2Hg3LfNR#o@c*i9J<|2khl8pzF6OORtKYa&ynX=n;C^C(9n|
z0oDk|faxINDPXFm>fqMOdVf@TrIeY2P7C)4Pwt=sz*BUd1Y2Lhw#C4z>(=ISv$lSY
zTE(a3dx!Rt!kj7lDT_2p2^q5-oQ-Rm%j=qQ!f(i#0qBtAzi%V!k#VG-zf-#prfxlp
z)et@%NlB2-cm6AbyMT5`+poVws?oigtDRM3hPY8q%B?>m&hmi2`_WToyYBom4nNZf
z#r<m_FlVFkSdx`|w1jc%(J1b8P`R&;iGx*<!C`Kxe^iNK+;_tO(qx`EH4XS+ce4(E
zj?y8c<+CL`TELKDl`VjK2P!L8gLO#uo>kl&mZ4a(`ZC#OXqTGn9&>%_5Dz%*I9ZQP
zT(%f57i8pl-Q%d|AnB6!Dm3ucMb8xdl$729$@b{zRzY(oZr*Ki2x(Rol(H>k^x)!O
z4JE_(hQ7*Ni{w9M(7*|tGira|(q}(+$WpgDrBL%@$>$MHK;Xmm1nj1<qpKTZ9q>=7
ze*P-yt@?${PM2MHRtWv9Az;H_2!%V<HF50EK}Cb1gNNQ?oL@1NSIk=Nc0wTG)cCRk
zr0oTDkSg&XB`8*w8?G~^c>lO}?QJ0HyV4#=W5g#m9$)|E9$Q>+To-<B_)oOiMXcZ2
zNG0R;3w!@+DKWDV`F`^Jpw?KYIOcMW3~Lp4BwrUEg*wZ(J0{X+PXKnPic7Py8;q#w
zUGVZLkiGOLcoUK#l`BcjL2>XQ*l#BvpxX&@t1F)Vn4t6Tbk7-q3d2`h!3&~T;t{45
z9$M)lvBm~=1P&XoItb{1V$pVQ=UVuWPATo;=6DkWnGC&Fo7SIZdbOg$k(TN6mHYC&
z^(}`T<%pF3gu)P;DfGu_WD@J=*5D|^hbB@LY!OhK#(y|#U>Y-cjEKD=UD1<W0x(aJ
zM(xq-$FroRC{KQ++QYt4&#Dv!)J=KuT5vz|NX?u@^RqiV__sp$m0-zDLMoYa(%&Iq
zFgQ?q*a_$IeIM^Zna=CW`Ry$tVJ;ZSWmn%;68P?qAFLzZ2JZ?@qex9uQg_RFEUG_!
zMNtj|6^~yaC$vQV4E)isR|(PP2Hcx;^Um#`+&WOtk~>t3kuPWK;|nnD6$6e!)0Jz3
zXIpg}!D=G}UbS6&G-+Mw!RMx<X8B>e7W=kPJ9h5vf*1A|qt-<_dE$cE+Y{QBU9)~W
zpzG=T95WMlH*uC;i)KWxo~?2np&-x>AQG|pjfK4OMG5*{J3c70;`?9P19BZ@r=_;m
zuV`;5Si&}gn%y5TFJ+q;>r`uCV77(`_nK1!)82P!%x5I?32skPR-b$%X3FDY+Hv$H
zSVv}B19BWiK_fi@$u9b}g)z=K*Mu;4Pme-4pl5`&K@q`gZf=j`I#f6aIlgt};y`&R
zRO2GBHr>S$!Wlw8rTY$G&wB8#t%ZxV|C`FeVoDv$i~I8Herw)wT}b0zfX`t}Th{S4
zxay}sTQjlZ9qg&54aJ$mo{W7o)&!*erniao+1_2eoeb^GGf%Y1rgRhSHRh|@_KNnO
zGuMEgN8w*3aj}^@a23+^6ws%Zdr=}<s6JyV>FD-JpWDsEID{&|I9MoXnTyUh{9G!#
zvc3D`h>i4{V`j~ZFMLSde=381>!LM?st=U?@gs_sAy$J3nF~>p;Y@;b@vY*!qg~)9
zF;N~r)y~Ec@-->K6RQv-J1=rGog;bvtDLe!$dE$GLQ;Y7eb7v=zD+KZqU^Sf=6wP=
zIP#3f{3{>G(;oo*=^$kvcjzApXbC9WE!~0K1zBa6#}719fuGflb(@SSeuS%QWUuCs
zS@+BV;Fov4H5Kxx89vBAdEuBj9e$1nVq|#wwsxg0<?&Mbb`-}XGTM_^9ni97Gpq^L
zUPdN6-Fp?U)X{7d8Hi|WR*h#QNf<{+@5HHhL}{;6SjGbpELkS240`LrtdQKoqY9_h
zINVo~MDw9AKRWK=cHwsHT>5?^Y7wnG>i=NF?Ec<(&LvG$WI3?S-SU1TsX1`HMAxNk
zICaybqyjW-*<5XU+xCP?bdr7x8X>q9i3DZn^WFwUpbxcrkHR`4&Ww$2elo4OG9}-v
zW8YGhOBj$jJfde_mvvz+P>~;1uwELGFDmRG^5OL^pyj47#zS5pE`>1gp@LM>vhd~5
zZbeB`uYJ7+D-sNdoWQF43n`M&%EZJ*RX}WrLoPmjjss@57<s(hbP!DxNXvNmD+~s{
zQ6RJ@5fr4`9wm>DB>!O<Q4uFC35J510!^A4(FV{Pt%Ph$lN248vF%1W(v;b#&AOw$
z35(h)GNmVC)R3BXBhLFmuVuZwG{gS&1^bR*VCX}}v6m&Np>hm20h;_qt*Ky|U<R+K
zt%}W(NT-NblkC|~W}ja<k>7G7W{=RkXfR&d2)cy`R!4j)3;X#@t#E%kyEh4FNuL)l
zVFIB{pejRe(xxLHK4EsGFzVM%Kg;a;i?%IT7+;eFSPy!Vw#y*wY{Mj`L#!gu`U~mI
zswYLzsZX@N2=_n*(%w?Vh$~;0Prhem1?wg;nSUvgS+Qii!7ie$2X$;2dm;Scq0DQo
zS~v<lAKQ;63bpUcD8;*a*x5(aoX-u7fPYI59lPrm`nH{aM;BSjye|`g&|+)Zl}Sqt
z%HWvkW)Dg|rvrYuIhEG?O8Fl>v-wGtbeVBj9nvQ}hqSrFIZ1Z#%~{I5lxEcT6U`^a
z`s9?=yrm>4XtST>PjrtSmU6-U*-(NMu!Oh*>UbVU+G{1>KvmGgq}y`W{n7eufF&gU
z4+WH9LB5O@ktTE`*}=+@Bcy8RTLvhc9K}=TQ*qUC=C8oW5R=*VXhxOtk48`wK0NoL
zX8xxhb~}c9(7^`N>ZH7&t&T9VN(GtmyT#aL6%Jd<MJvfTp*g)<yWtn;p(r*OTD~f@
zO|}qfLtz911mmw#shU0NZbNy1(r><ryk(%o@nVu6>iaMl@qN9u_ZOD^e1nN^-F8Zo
zr<W9(lcx=K5@fjInrPabm1>`3g$OldSo$Ik2TO$9!G@F4J0SCBI6EQaCJDbl_*_6O
z&B{r%@IoDU9koVi!cHnqr`~#g1r@`t#uKp9QrW+{gqw|;r0*-wb7%wFuS8q36G^G;
zYzLtD2_-9wmYQ<Yx1F$_X+rGEY=q=14B4-3LMKVkX(LKoDwC|vqGF5GHG6Vopi4V1
zeDLSBN*mslHm8kMf7@FE2Mx}e9OeNnhj&{$c^X`Hm-RmYNI|#06_mpSr2#*-WevJU
zH692u(KwN*RiW|*2vpi(J_ekBI0kP+5hjwiLemA1B1fpvywozevXDu|n^3Z%iAxnj
zHx;Y0JYz*1#&z4KS)Tf-t4lYvT+T=>ld{ulbaHB$UTf!&+zdo?omPwi`S9$IH`_l&
z!E=a*zihfgU)ej)BHo?m{4{PkFO5sC9EvJQd6KIACC-`JcM4XEJY-pal<*`^t18SV
zd{sA%Th2)1lCsk(;+@AtV*g38VY|VGSN0V*m*6+xmLov?<fT43QIBS)>)n2NoTS=g
zNdmwyP`2RWp08}Xsz&H`_lsW117c<z!aA0Ahu&`k(9wjlLvIRP<7U~_#I$Mp)_sb6
ze%861mvtsruDM7`;10-tlBNM}R>?|Ha>jX`WJQ#w6`$Da+^lmsBkN4cPAl?x9bTl^
zmAc2xqTbmSU_`BeF2G4iXfk!JYv4F|-Su}}KfpAthB+BU8?<T4?WfvLDB(GSq)4G7
zlyF|snq0YzvP6_s%gRcC64nW;Y8kUS;&IUybtNYl?@BjmUCu~<T9dNVN_g@-DN^F~
zZ3lc38nuF(>N5B)mrI7EPEzQp)cqDc`@2raCAGgEvw|H)<z5t1;A1Z{&J*47B>>RP
zhqf>?wq5+VP!VR|V<P+&Kq+D7-j**VcH1N1a=YnPH-!FD_vdjJ&rgAu^HSjC%2lg2
z&@wGqoJpm<Q5v#;x=CUd7g;HDDZ!WYYH#JHz^fT4a8h<sdwr{3nEmVO)nPp*Wet1r
zwTT^czr4V10e}V^)>-muAJzE`XY?U52iu4+aB!IR)E5Jn8g9T>uPpgRZzCG^_^w9c
zibofF5nK^}xp=aQxie{|=b9Ub;a*FQ7Iv{$DY|ft@4^g!Rv28C>kpUeLB4gttz53v
z)t&-93^#|{!Mo_O#s!g`ZGL)sn<kp$@YU=La|ynK%P;RW&_f+XNO$n`WxTQgB<zn+
z0=g9#YaD#Dd4Las)D9ZN4t`~u#d1l_U!t|ZbFz^_(|bcTugF2J%+o@qB9g4Gi%P`_
zZN=)gELdKD$tX<Xx`<nUoKU$%j%r4cgOr`#8@z0pmH^T25fe>G<i*TpaXFCE=nE4k
z8+n<>D!$KCr4gdFzA{7#qkqRoZAFaIJzw^^OK{}Lv4Vhhf=g-O0Vq1xGsg@Sozq1J
z9^QVP`BB_F(zL71YPrNey6Ye-Bn%q`@`$a}EJ0&`>yO#SC^I^zG(-v=VMg=Dm`#Zv
zk7+ejZ%n=7MZ+vJ?}%*OKCIQJ2xBHknyI+HshWsINdj|o+k)}5ju_8s5$0_h@oM6r
zcMDY2i~<!YJ8jHIu$dB;OGz5MSfKv9=)|PuQkTKTKJaF3ho0%nGS;B~gk(_4O5_jq
zZtyUFHkh8VRS!OQVTIsQXs9?maBc6<TDYBIG<4Z*q_Ma9VPx>(maTW}KC>KJTgmSp
zFOA3G(Ei7VTXEOiNbsR8y%p|4=1KIPbH{(Ev-i&VoW6I&ORj{j`N1HY?X3}5tWe<b
zVzw!H1!%h6L2jXUo-f6_Pn=%}tmZWkO^F|W+d!m!zj0Sk-we~lebm-KJu=T_og{6}
z!Z1@YfT&_t#bwTlJj?PT7I_r=BiPEVKvpv<kfiMN*5GBBeSFRnn*=>=4;(*;GY#i4
zn$o&cipmx%hTWLP_~3whbc_>Q$@F4{vg`-Pioo`g@X;^Lar-n_Fz2`-&m2r^IHPZW
zboZcj0>Fvi-RXf;4`8VqPNgBAef_0>j=lluI3ObSk>{|NxqRW0^FDP=po<w>bZsID
zOFo+WMCYM!6D2+HbLzsR&=Fh0yvD65@#9?wjnHBZB9obJ<3gS`2H!K=s5edR4%E|&
zG^wJJm#h&`P^xO>nB>ZFD4M#A(=5$@BRR1<xV7nOMs1pu{p_0-^v1uaa``X65c`3j
zFZZ=vVSg6P4!Qg?wDtGFv&+}l*Uz!(+-?RKtZGA1hxr|P@*u?3S-55zv}wos0-6)0
zlufG(nd_*7lWjXDu?^S|2;jwVD2^No3I?Nx=k#u+?+p9Gd)*_pTcI95UCp+CwHwx7
zo!ae{i-7I@Eo>HiIP@2*Rd;VVPyWM1&WB4G4$<IH1X&m$Yuy1mm(;`ogI9!i1I{m`
z<Hp;kO#PhlKPhyCsn6?tn-ce#y4sSJqqMqt5-4apZ%`ju&)00w#h3rC`?CKG9W8h2
zTM(q3eDb`OG>=2ksL)?lsoDd78d<V3jdRu}GMAYsYEk+p;#Mv;p_+kBAY~`_0B<uK
zy$AS7YKM%RjkA^hg3h`ebm}bopbokpsO7)uuEZDksjJ~rL+U`;*V_%hlQ@=iVc56j
zikbHMZqoqE$7XDhA4iYtH38Gz1NpN~#SQs8SWm9*7n^Q{w?&!LIURO?q|g!OG;eC;
zl(;pg8+H2aYP2H!;$DK4j8p@JIZ%(KG(MA6C0HJ(DwgK0WK|?8CZmFjCM&~YDwcLJ
z7S#-l1t~l2Fnft+X?vi=Y#_~__{D~7Wr!8k86$R@u-U0&Z_)2WS;Hd(ha+5}-Ehlx
zawh>1h*$ag?em|grM3@$Ym+luteWKx&NH2<Qnw&Cn{K0=V!4!Pt$Hwo9=c@OD6U?8
zybhN90e-WwjxW3tu&t3?oiLztKq92j5e765Btot%qN2^)q+&pm&eD>rpfHJAmPsxW
zS<58h{s!pE1&LHMKq92<w2pg0BHnxvCHYMne(`#oelzNw(n8FCZs1q;Fm$3mpyCdC
zYnhPr@t_AF^kz&o<cF-kh82u0Ur7}sK`o>OcXQ-1qIU3ez#XK}gaUr@h&E|m$|x$7
z-h?$vMJ*VYS;&gI$y%<ItD2acTe;|rY6d!kl%3Wf5*qQ>4;Ok%7zxde8mB~F(Ynzi
zg*%d#@r@Yr<+a>@ewT9fh`&>FeVY2!Pg`tsej*A5G0aaq!Vf9sQ$7LI$Aeq=JT{Dt
zKK*zzL)~G86nuwnWUtp+6Z8(;M0)&(9%TY?iQ)ViYksvY$*nl{kKiWUO5opDw~4I#
z>YZaf7HWJ*1RQ+ENf_YTyu18#8C+`uET?TrPn-fyxVsvEW|wK&wcr{?hJH0>t8NHs
zUce5!x@)?%DP!t;-rg=Yf~`4_bb%}W9kLWH9t={)a8BhCPYud2Pai@`iX3q+%z(Rm
zm=-@OPSJ@<O|Qdj8I_G?R5r4A*iDVu&6G-0P;aEpvnY*|hLu?svosbp<5`-qtf{lG
z3Dqx)iQUG3h2c~)U^t}g^lszr9i@FTQtVc)j8&N~oTp=TAs64=E~GNKCw-;59Dt0y
zSmTFDGzJ4OYypogK+~=C!;lHA6PjP@J>l;f#0@D_Tv1;U>Bfe7qUBT&X#M+?rt2kd
zq{G{UyUr=Mq1i`wE6~wBj#Ria^hBYQ31>NF$>;Q!yB!7ze}`%DlX4CY;g0(9n5!;K
z?TVOwu(_pPXC_WeLQwCC^EfO;!&y<LElcwzXH^)btZAyKYBFW=jkiG}4;`oy{BW*?
z)3Q?*?p@V*5pRC1mCpBHfmQn=`1Q*n=7_hRD_u*N@Va*yu-=uPk<)A3T(@G_BHqhk
z*p_7lM%<hFf1<#Dcrg3MQ|iotJN$ClcQ}a-MkFth4+YO}bydCd>_5-2kMwej@t3+)
z^^E_-J3MH@^y?!JV_Ia=fKl{(1D+K38L+lMslNoIYJaJ`GuFpFyI-#u@0s@O(0JXC
zsn@@_S6lO1V&?jwvC{9P=3&u<VZovn=58fY1(IBue{CK{Nt)MXm}K6me(H0sv7V0|
zqGhLz)r%dve65W2@-M#<=1H$=J?h_8TzHQl0W+A{xVeqoY?Us-XVj6X6n!IslvACY
zN}_+nmk&gn7P=<XM<3S13>Tft_-dK>2|J+flj04bC5|wIS<Tn<$|A0lFsd?EN6<dW
z%a-xHe~4LJ)^VLidBqDaomL*kuCkqvZJ}kSmCer~i-g$_ZvOg79$NdY=L%n>+&tMp
zpKh2o4qPeEP95OJTa!O<Qtt(ZJVcZQ;nEm|UA=mIDRkg^<H5mxG7`Za9E}F-)Sk;x
zs(c0xgcdqNn`bqI(<_Hr8%3c~<TwkJpA$lRe^$&RR_8^^RWKt(?Pb}@!^G9*^Whk@
z?6fv};TWjMzAOnXZ$|CyhDqhh94^=E;4O@S9<m)nuK7_d=0ZcM4Blv<d><#H>|M>m
zv+Q2_#gOW37ciT^%zK$|GswBc<o0?t3IRpuco{QL2v5R<2Aec2cu`llO`TF%v5M3f
ze-7?ux9f(vbp9`6gJ^0Wm^#l8eZpWUk9zV$>=U0nZ%iaf7S(ORav-Toa{*<VLNL)b
z>YM-q+SFU7$-~q&r1OyrwCuDYo!V7TOMKFf`4A1e*|)81Zdcv1yLoUJ>~@B*+Zm9%
z5C6p)&AUrX15yS+-Hpf3KD#)NqH`?Ze;-+#_vE(zA%Qaeo{Bi<O1~w`vanR{PzbZV
zvXoUxo2v68OvA>D*vZ4p)%)|S^|b7?-h0dS9w&$#daD%o^?T(G+tjUfh93JW&*0+E
zjTt~b9pJFaP`2QK!`HXu>k&(fmo!ip^)KVR5cl`abAKLtIJ>%zqI2xw$m;qLe@S4y
z^|t^by2JWuueSGIZS1v$ukcNCyMRf)@Ph@tpJ)-(o6561YRj}>iKt-|WDEQ%VaPHr
zk|wFsB<B+@Rqk5E`2~AgcG@Dm1$zt-e*Ng9X`-(HHIluO2<-Y}=?5}9Pg1KI#BEgm
z#Ut?slR>@d`a)wFPMg(D07#_`e_syY^1yZe>&GG4Gh7*y*x>WQAiLk;55u%$n->P<
zu#k0-)o`0Hype#k8>gptEBDgDv(}Ao;07_V3`C0WzhGhM)s?PRHJ#FIbqc<KbqugZ
zna*?S(4$_o$H>n_0DRD*{{>4m^dp6FR!WhCtd%f(GD%xj7Inq4vaKLpe^koQTdK*!
z!nMZpp#`+;v^9F61yreq7JF^;qKI*Rgq+s!Qd4@gL(U<&x|A9MgY95ukd+y1J|JJH
z&!Jf^_Dp+hnuh9YAMCd37XGg1yTCoDQ|&j&!T7-f;5XMVQw-AG&AZ3v4=!IpNk)C{
z^7{34@IM0ezcyQJ3aee`f3#_X$ZxU^t`_|oMjcRPRQeTqjO%Rb3KX4lf=-D4(@QTg
zvmnu@GEe<d17|cR@{?<xb{JDHy-dQesg?N`d0w+LEK^oTan3>^$`<}r@d@{|bj|;K
zTnH^YZT?=?4%+;EbD6J=y<pD50yLb8$?)|fPH5=s9QvN^>>6z8e=<1J3;PcXoOo+L
z{aSw-t~G#I?WOPvc!*v+IZL~JM1(eC4bOQ0`5M@hwz`fJT<;bJi2kcuXRB=dy|R;Q
z7~MFupbaY$wtg~Xf)+W#)@MN`CdJRSb&f^|;R)`&jISO<eWGJbGH&N-7`IWxnnpR|
zY1|}?$8FA<9Ke4if3LG*qNZB8ws<~jf|i}O#R<mksZ=8+ZVHQLtg6-6y^{_OMm?jH
zu1|tb+uz!5Xq%lxcoSH;&a&^rPA|;(in}}L`f?Tw)X@kfR%{J*UGzO5?SN-MR4g}5
zUJlXs(0{$<&F=`?(vGnPgxK*J^y2`$i!j)eNl|E#BMf#He=cHD{GabQ6Gn^+{~@{j
zL;P0#-+|@TZ~w;G-`48C_D0k{@mAD-&$}5|EP1PM=nu)&ar+91)o8iQYuT_kFCvy!
zT-{ESS1d}yx|B^RlGvYmja;loGy|(a%1-VpzEzK@VUY6Qtg&nE2I%76@Kw+8*nGK>
zqJzm0L92@pe<O{;&{}HtBIxv9cFpgDJ*$o6X&J+IhU%Ke@DW?g(7#@|dz^%6CWm(`
zxZ9TqSl+uy++V<Nv92PqJ&>=2-X2Ji>Fpt!hq{;&pV6u{Y}bx|ZhtrBgdes<@-^`$
zk5XA>EHCncr8O|smpo-vl_gn{2%h`rtLBjl#E519e=$heX-o71F-UKl6tn2&v5JTX
zv_U_EomsCLlz)t0;YePqLlOdMJQdfn0i;IoB(@qx3qz-u24rD9@`<zVa--Nz(kFo8
z$LsEU3)aA`r_$^;8$D#r`YcaxZ{Lg2Eo2ChCLqoJI{?Op4rv-5KOeOZkb?y1ec*i9
zNi>Vte`QkqU+CA9FC}V=q=<@&m9l7ADkIK#5;ja`JXfc25>~O788eSuL`*aT5ktyO
zTfG+%gXixDwIROZOQ0M$#K`v6bCHiQIQ^+P9%X~iU`u#@$Pi3tPr!$=()%wk-(aJA
zsG)u5iHQWpe&JyP`!u!;t6X!j)JbXTip!-*f2cKZqPz$`uYi6A=G=h`ziRXhs$L^9
zHJb`He%E%XwUZ*>8}|Gn_)T}!p&~vSrFZLenE<NVv{vZx^zP-KUE7cCKjHOXexVZR
z<hSP8AI=BzM6(E8CdL0t!K>-_#EY^{L=v$iDngc~ZOrOS6fDmo9#?JJG_AMCJC9u0
ze^E38c0|ffZy8?L(Gj}^$s6Jj7b;g;y?xBWDN|I2r5PB6EiZj=wV%*$Y8{V$pN|WQ
z=HY^-#81+1&|9Woj`}rQbt{JQOntIduGCp7O%9;uSsE2-#IiC;SlZSp<1$e}sc4Hd
ziSn#TCVXEP02Ivt0FkoODt$5lh?ICGe_PW5XfScwCw=N2F7{?i>w2e>P+tQmy-{<+
z%!A-#1be~Qb#;W?ffM=tR+<`*T?#|Qfe&ThSC)vafSU2+33Sx?a5}1p6gk3v=AnwF
z#81Q3*+Mrn?f|=k_N|rN`vy<6AL`XKY0)%ko3J(tGnQsCj3&w?tLh{y>ZHu_e+eK_
z<N}GJ89*XZcG`ZXhhUo|F&RcuS1?%A?=Z<7sB)pl8!Thre2@ayVajvMt=8LgeM<w5
zu;iG4S$*2qcCpvk)<1VU^)x;9kOV$3EplymihljrUpz6z$G_5pAO}}-yj99JPe(YB
zB1hQftT8I|%B6CE@~TN#SV*P%f3k^K-L{ZGk#SKgSE!W}M~90Tie?~&NZD!C_acTI
z)&KhH@-?CR)FrOEV5PpCyTy;8t5P}tV~GJt$M%{lAM4qR;4f0HgU9L~pi&MHQ>~(o
z0YLphUv{wxy6>x}`b((g>6jc+<OsE#!OHPrTKr#sWKgfBsb!eewPbNve+d;uRH5?r
z(t;I5nZ~JzqP+0ZhUAfp?TKb!dq~-7yE%14I4$uX11p1ZgATht{Q$-}=pbQV@@|Dh
zY&QO0Z@M3gJNPTY){sOBC>_`2zI+BR2rYDk3Cu&zOo>nTJgQLn<q#^r9Nrfj-WMB^
zw1kpV58uXd7=>ZTM3}0>e<9>K<3+`pC>qg(QJsp?JMBD=Tm(xr1HnSdPAj<=!9vWb
z_DETjrsW@e>Q&gRk);P-?e1y-lmH?Px*!G42i5uI-CAH-+y2Uq0eIAtwrJgG1{n)=
zG5dRG4+?DQe{?g)-^;V@?M6zS>XR$vfqHan%JEx*Ug6~=5~9Lof7Trmv;vR8?L!Z2
zRLHNQ$wM>%PrVY0IX4p@u*q}XeV2yDeY4Y^8a5l*DXFlc-XoMEuYj5rIo^~euNtZO
zlr8x*^;8R--=lrVkvFDMZ|+8!<Q6zyAczBE1~P+xIx>e8IbtuFhs>E0|JNU<)T^oT
zB9%o0=Vz6(G%6!je^znG!m3TvxXRLGs(R<*bD|me98z|Ar}5%*j2lWvUtV&P{a!%&
zObqnd`Xucz_6A;P)(<fEvqG}{i0rx3M&&xe<Q-CGb~>Jh6gk4oW(^slSLRX$P&M>t
z7tqlfmn|!6bzY`TRu?i!i<0}v0Ad#n63;+`kg}6n>|51Tf1{{jZM5t!rXEA81=eN|
zX#M``MewuMWziv61BSC1GJpfTJ_FFhH-4SIGg`k$k!k&kXAP>MSI$J-@+@yymU9R?
z%9NF5D_Id2N!p}kUQg+li*bl&U>r!<Y5nqI9Hw?jQrc>msm!$<OrJ#1uZ_0>M`(zm
zpTy#}EPC-YfBkEyn&3*v2S99K<c)b0?EFf9Jg?F}CH^n0^ph{8Zg^5hp=4p(s#t`}
zhVdp+zCx4MBH~dKC9Plg-AaEvqtZ{xPV2t6(my1s2-T;Ar%*8(@Pg!MfbD_f`|1_6
zGrI@&WB9wVh(8Uu9r);-2EZ(of!r?y)aXYn{yXK)f1`Ua3>Y&w8@0JBnHE~IhXKV@
zV_dHn;Mi#mwyc61%HYmn!61c>Fu8ff^C|IvrO8n*MT#`9tE6C6lt>l+M<uJ8JZ5E5
zCA<!kLS~8I<lIVmJfl)h%1)b{w^BX{nkU6IrMYJIA5*mlYK*AKgje3_zdWfzV05dK
z!j6AEf7ogd1O;HmxBTAywE?p3Lt6;zIb(1LEp&wS%qY!&@~qtESuTq-V`0<QEX|aj
zmSI@3FjLMqkE5naCREg|e8)2?-=yrcik>yKgBE+l*l%d^^~4)7XoqF+*KLiaeetC|
zAl`hv)`Bb8ox7E<%w{1~mT6Lb`l}SdJHCY@e@$-In?-LAm}g(#z4<_)p~xrlD&_h0
z?s#6kdrJIYxuuho8EsysvTj(F2^E*dnPhbmS4<XVENUsjES&J7+)8&mqtZ>vPTPxr
z!i9G`Cl}qVFfZb8_FHyx^-tSFV8_s2UtgK@?O}Q*wXgrOguzl*i~e_eM=yfQZJ>0)
zfAFe*zD5+bv%hyw*_T|_JIh{MOK6RHGKC7c+JUtF`okq<U#C~BNs%M0YaS=Zl=zIU
z1anZHXj0Uh2#czU+Cs2At4f$E7qTi%B6S!kUnvhWk#IkrFm@~G@r(*ODLZXaQ$sSQ
z?23|yx}ec;8+_w|GYn%wnsuZ3IPVj@fBu2Y9e}t{NibBAdgP<J$csSfpZPod4F<p5
zcgr1&B|vaUjl{=rVf$w^wmsKKMf-Z(nn`kE*+n~E`=7HM0~!DcN8E2f)D>Jdja-^>
z8+tc@zghe3t=YpnK#~wk<Kgl-W3plaox+-J5Pzv|9rqpk9u_^OY1Q4p^xc7ze+Ti{
zdjh)DgIRiN4>%njK#Cl(2h4*9Oo^Xb8@*NgH@m;nguA;t*7t(lN2hHA)XON6MsV3Q
ztPn-Y(o&R+hiS;lGL3Snj@+vBb92TnARwLr2q0yrw*fEN$H>j;-wP(GKU^2|sXO^3
z0|(oJyDQjQ$R7FO@Fl+pt~)0fe;P6jLuqwvFNB>1z&%czp#?5H8l0ey;mslE*WD?U
z?L8Q55M_R+lX{RMN0{F{Xu_2EKb<DdX&QV=;W6DSNWQr&s=~C)3&x93vb5zPtJAh+
ziOl0FF4J60@aV=at|6X*YanH(ZFP#7W6De^`KtljW*E**Jo(t5o*@~Af75e&aljR}
zzq{6bhu{xCM=JrltL45`f&)JAtzUO=RAPpsU)(KV<U7&>$?b0K5L_8_ww@VeTaGTq
zBNhkNu7RoJ{>d}IxrzfTb<eS7;vy{fbRYmJa)jm100MmStQ_$s7D~lgQ`H6VVC1ak
zQOV+@j=1DSnO76}61UDCf6u71ld`Y7gCcMI%Ndm?gx`9E%|t?74L6+6*IT~XGG#xQ
zyVhZ!+Um(cy!6$*sf+U~*zvpyHo0;YXCi9LhJ{g^u#~GkvPw%8IPtm-dDL=|`}qtK
zw}PF_s9=+_w0@8xgKC&5R+DL8@=EXZ#seLQ;F7pAXRP0EE<ADte?Y)9?1Q#N@cQ~{
zOxWu2?*k333M!f{4s+_aKx)x93z!}~>|SQ*sZ(=VLtX)$85<M<I381c?t*~Aw?DtT
zx_Y#;e_yEmSC6{ZGoL<O+H$H>@qvnrp*I5u%w|dOX_pA;djImXJ4G8JBlQP6Q0HP`
zLR;bJiy`0Q4(+@!f0t4l^+H3X-IqkzAo-<{9Mq)5v;ijbO8n%?MI@RqYy?Y_3dTD@
zxur@g7Q<{OnKxlFk<d=u5<hu+#~2_b>oGt|<a7h1u5<|_n^8F!n8)5ImVICRnXWeO
zHtVjJ&z-uY?i<0YFgJ^K{g+?HnBtLgV$$N#d?jrPgAFdWf8b9jH&=xcrc-9L#~xym
zUq9*;$7lj?nAY%%Ar`@f#&pNCA!G8+qAITz$_G~O?g2;Bt0w|6n;f*ZY^PT#`$aT0
zqD3QWxHSE`Y126$ypYVBjzP**Wl^+AmasUhB9_XsW@S=FOe$wTX{Ct5XyWX05dz5!
zga9dfEgKc~e^M^JZ%N&}qO4|D1Do)gN>RM^T;`2>r!ZWZ<Fx`6naL$;yfeF8!w5k`
zoppdT)(mDgFhe~KRR4~ET#>gyJItiW5lS_$JU=CV0!7vs=-L;=?r!e3%F^|BPq4_6
z&)y0iiCTGMqNy^LinLT=YXe1j(eSX%n=JR|mlL-Nf1k{#!jrNSYV9q-Pa(cYX{*g&
zH1~s^q_^fbdiMvlR{yVdOiU%A6NB>>whwyl7UIB`-A?RbT-Bxxe{hF#J$sMYUu=Wt
z{QCJYC|OIJfnFWa0Z-n(FEAj5j<ADyJ@8ZFXH{M7iyzs}$Hb1V$UH%q@3yy$H;rX=
z+jL99e`=^Vm8vr!N{fuiq>=y(2;q7S6ID?qd0sbS0xFrfz<^{1Fo2Yuuo^EaVA5(R
z>GyVbQUSqdtM1oIulE~vHPI=s8?X5CVY_Jh;5DebraZ=f249qu0nXD!@X9doLH<-T
zvgptKReh)14G3Gl*VpN59V(bPomVD=y1xAQe}VE%&Orr`LPuE83{=1;&&ov>@;c%*
z3lr!VtTLfOYqgIzWffOV9fgIM*vH+{dorW+PRdSbq`&S?sv_A|en=Gu>TL#|wg|q<
zn$XO*i*B<R6bmS|fBxnDI9}POQPdrIHR}9IcrvdNJ|+GS+LKGQC(BKv&O8QfRyP3p
zf3zbjFn!8|jXd@NDuf+S?<<KjF0(jOUvQFwKa(?_$(Y4a!W&uCbretR%x=9rnNcq%
zWhd-ls#s3g0VVdYvjggmymoN@0Egrs+3ig$a(<#Bx9|c9C8i#>l695}E?80K5Nk#a
ztBQoPHmU0{OxmWJU<^szYHu>5+Dpn#e<<;Ja~()AOEtMTq|A>L(jBk>pF+Agpjlrb
z;>lz;37tKsyPFg`V(*?;LY)%-FS>Wr4dGQ@<g#U<QgCR!5RBJxq&Dy@3)3cS%Ggh%
zp16h6WJckXl$}uf>8dF?>Xwwnp$1BiEz1q4JF=0hy|`A7-oqdf3}!A|`}p)ae|Q=E
zMQ&=TzVw&ZUp~G0`E&5B$4{XATF)3zyZ_JE>bmcPmAvV;3j;Nf(8s*!@16%@hhwN0
z+dhz{FtMKs#W_B1^R&HVbjAO#7g<=TXm$a2wLg@%ai_IlqyTRhsNZg2RElW`)y(jV
z9!nOco77egP)MybW!BWY^_umWfA!T5TJ--1yQ~h{<spmI(`y*SPOMuIW=TD7oJ3{B
zdCH;!1`Xv^$|{)s#bqH1kpc%?;WtaSs+-KH>XNb(W;tEirOlF({oiIe-z?85Ym-7p
zoVN4I+T_Z4Q`Sx0rVJ^2(mbqy96V%+tO~=}<0mpn-LiH%qpVHJ`VGXlf27A<BgOV(
zj=?wke7RGaXANfb(x4{~8fy1O;z0Fj*KfPK{lEl1i&pjM8lSI#SKn@pgu;<G>{B>W
zXj<XYd1YL3WuSk`MBXx9<;qd2a;_Av%ve;mX^Gw1rJo)ub<4Qvj501MJE3srQPGoP
z2ZLNFY!Z4vejz?RIKL*Df6l8(k}LBfEt(_?St-&6Xu?#SnDCY*RU+z!7e$j!=z&|4
zOlQ<2N!bZKIHqNpRtHLYzyc3>V2B-UfkvIM_xM-46IqnWZP#x#0rA)O*KhQJd1t?x
z%^mJQ7iy1@!F%Iw+2YT&f&A?ypQ%mgoYrDe=m_PTQM>%)S-B}{e=f7SWrDXAON%^W
zRg>kct>UtZ$|_VYqhI;l%3(UAa!ATfD4(}-NNXJ>2I{hZR$+t5a9SC5(Z$W}c3?Zz
z9CU|DjL^x^Z=oZkzlB|m(x!7NfTYk7+BC1#mRwn;QXO4!&KjAeYAdUAR@ZsW>Xt`Y
zEy}i-=mt;Sids6Of1*apPH5AtiW(`c*>Qi`NGHGb>f4tQC=GiU6xgh<ZPd<=P=L?B
zw>uyBU+_;;j<&njv-g+R&#4iK=)plkN3NXe+{7hyNp9GEN2hIj3+N~fwKlGr9kgn8
zRG1V2RE~J#m)A;g3s@$O>^=_%c5ztA)Z%*>=;+=Kyai=NfBnez24_L9QI>|LWe1TO
z&W6HEJz0P<ymJbNq|gzDH?MF=uAEg>9EE`WsLGI~Z3Fo>Wqnzk@{DJB*i6hWOx?m^
zI-_t%%1#*Gd4)q#?4U2HOpZ{4bE<u$&=G1dkExklnHOQz<ar8nD^v^{$&^(xNm*Wq
zDvWYo=Iz93f9}@J(iwF#Qg%WOj-hF$wSg?39oT=bcet6o<&a==6DIm2u(^zzjlus5
zz0csL0z+QZ2VVrg>0ZnI?e79MDDV`x5Wz}*59A$?fk;g<b!h#ehucoGRnhc=r4ZE=
z&pVTj>UJw6Z5W-@;4`A|K*T|@YS|}JA8o2KNb(Ghe;z$D=PANt=&e1_{RWEyq1Jb3
zb7eJeez$oedB+#aVJy$Vr=@n|bBc|m&=F=hqxJNYXXP+zqo^)a2v-W=_{+elE^?L%
z*+dnuMIt96I=Awd&Zzv6vY$0&*<pa_8~>s<+X{N{rBmwia1`d0yreWJJ^4dD2iV@n
z5o`Lhe`fxJRTi%8_*Z-9S<S0U=NAFfc}2h}@zaV81EmV<VZ=1+HaC2=_&a{#FH<&R
zc^P7LnTzDz`!J#S)N2BA!7_}2*Z|<wQCh(HQ!$w(>R@UbK-T#c->v<nGiraN?4;r!
z(KC63u2WaBIR_X>tU^fG;nf!a6O;CKUZgl1fB1CJ({>g`SNy(Ph=B-MdBEz6+*$%3
z2doWg{iU+3gD37g&z;f`Y*OS1E15@LJS9He?2mw4#)Y2y!P<>_ztAH5Qk|9J;pLKJ
zTR8)Yt(O|6$kYMIUk*5JWgUCwLi81r@5lm68DRZbTEjHLP??CRGLfZC0Z>1`iMVyR
ze{@D2j+C7=5q~A_2<sp&5d64X{#(E1jr{X}TdOw?MXLYye|~`88E9B>uZ&Z9VQ&j|
ztA%bLgCCI+V7D3j4jjKu^BW^er+Xn_m38{c0;ycOYjwT4`*AU}_*@|CPe7Q^>BPjO
z$Pp$qZ_xLY_?i6QdnR!jYYzD?EaH^`e;kmdGK*PN^91pLWhP@l1A0v*b1QP$jEWp7
zJ7p@qMNNy_w7HNMd80en|8v)EIS|lnu!gMjEPR87+<jGd;+Ei<e4#Xbt3;Phi~X-3
zmBDP}ID}*G3eOK40C|J70gxio29V7gWj!T6eTHbz)Y!R$hwbL&c<7o>?0Hote^bVA
zKmuV2<V&%bSJoCyrJSoaRDM+ivzQXjldOuTFjbjbD$Hh-3Q5^XOYkg8s68bCV;%mA
zIuFPS1TTDjbNvl}8s@Uvnbyixx?iaHdvuGmy_k8{y1RMEV!qx_0zkiJtHO5(UHRsL
z2wTY;B|9TYi6gXsUKNsDxshqhf9qI<t4X3ZTai_aXS`yGh{7b6VIpfk-$~|HA+s4(
zNK$rE#k_UMV>essBJW$rg8&Eo04wXo6W*?0KmOF~nMLDx1ytE#$L*l67(S}E@mr;t
zHKgfPJfOB~DPF)`!%!7Iur-^6_{j3*?lkbEfo&Ncr=Gn2@{7*rKb@vzf2s^r&pi1?
zJiGh(h0bhVp_5#>sar0hqGoNJhAfTimhniGtWDdrkuuMt#-EeP+(KtIqtHppPU^R3
zQ9_yN#>igJL(t#6LxBZ#7|CH+V~?r7QBjRYfK?YL0Igh=Hk>@@Jzsu$8(iS%g+Oi_
zN~=yE`%8)(p;hx*9;d`-f5e@43rq(XmjT#0Rlou8Pr!y+GIVBM?@4|&`MP8-<1mj3
zmgHs5Qr@PlDyoRJWtC)HaCHLsL(t5v(q=QNw505$DR}F&-}L-sokraF7=Os?3_+(I
z9AbLgxBLbj2PBpNsO3$!F}bq6hIicrkAC*Q1+Ny%<+tu4xB{O1e=XX}Gj)xjCGr;)
z!aj%c#u$Y@`!Wzq01bw^6A-_b%We&SSD*d{+^^4|mk0iJ5nMVg%J7@#`@j19eFdLV
zm;IY;wx5*xQO^81B~eo72-BR$uskLH&+p17pFNdPQbx*62kbRVBhFbB6)B7JDoxt9
z1n9Nj&fKDGHlrv@f67i$$oW>i2ww5#_uZN>Es{xCF4q<yt%+3jnNtR&=~#l(>)2C@
zI#EuiE+$2eP}_M8n^WRv@+O*71Yg%7y2Qs_^e3ij$oCaPU<zSrj$x^aOBn>F3?ox>
z-uPABEj(v43eTkMw5lIFBG}7HL|*0n-h9RbjNk*WkR}8Bf2_O!nCqy1d-W<F%wwF_
zXzH-e9*@y$zeUu;im&_I4&Z6sGI)0R_sa%;^&BFXE&pA*<p$&rGjhF=0|GB2qlt-!
zSpoXK#(CRMg62UEj>G|=qk<B3qTgae0!P;6M}%R7QJ+&1CWVeL>v<(%a^)n9dEBa?
zBY{a2DbG~+f05)FYbqE_ls7z%C&FvDB%IAC36rvuKG%8eprn|ILAHxKiS?G?j&Iey
z_XAMv&}glJ$9{zTQkru*jV>v2gx<_3|9<kUoW>$4V&y*YgcmH$L<_Uma~4HKA`2DE
zRui+=Gq<9e&8Vo7veO%@x1@?2E1^0h|13`Z(^CP*e>v-q2T@``>khCoQ%D{S&ebCX
z?I^0NudlB35EN<v+}@~@;gU~gTiI<IKlWs3mcto}iJl(|z!xna^boA^nV#H*rmSPv
z@2~8os8K28+w*Rn=ht?#d9~ds@qgi{6!N7sNmKB;30V<A3s0)TX%$1Oe}ytCBcc4I
zWFjx`e-?AI8O2;umS$q~E$5Ay>7|SxV5j^DdH-??iAvj>p$kf@uKT+*)N;UO3jEDr
zagZCigSk~E=H9Kme7fX)&}sMctFGC+u0wKVo>q})o0L_+N|?q`qI~A4U{bbWl~!$)
z=Ki+a+^uouGiscq?37>NTXY(;NlF`k*>XN$f392i62cy=f<)XtO`N#UJwVWFvETiw
zRp|p@ZEicYCBJy`8{M_o4}*Iw@wY{e_qM}B3mP8L0buUV4s~$rSa`xzslDZ&T$I6!
z;QcmO@3scSuIbB$0ddM0aK_0Xd!c-yhMN=R0gsoByzjt`*NA+;X|5j7m(of8omgz2
ze?H1j0K`Y`^us1aei^<agA|&!s(fB+CAo54gjpWtCCj4<x|))h@hnPNBkDR9SyMHc
z9|xVg_0oJsy_A%lv?_0NB{cw)l=@{*;9u4P)YBwKK~3=yw6CJfXNRgcru}#Lc^#gr
z%^NugAew`=Iy<Wq$d}FFIBj;lx~4jbf5AF8@@5Cj{A=*;0WeLd-Z|Zzq|gznH*Y-d
zl=w;B%I{LH8HD~%(lboIeQ}z<LcW$%MA&uAU`VuzCX~}s;h5+$4a-*IjA*}IxJBN4
zMv<44owN&Yk(WMZ==F@#;Q$1%SA_R4`eC@6eR84?uthg~EnTegvk&|uf39Kie>Oyg
zUyb~q4(0$xP0M8mM+F>L>xT;<3xyK0E+e!X+26X2t(4tR4@P=Hq{I<MGmk-cN_@t=
zwvD{&w$ed1pJ*}EJ1Gn;gff=8W~t0W#zo0l=+Hv=EygVy=QGO2r0k@{Om)br|M}~O
zi{N9oS{&x6ee1c%c(54xu_1fxe`Qp$uKDBBVN3&k`Ne_BxYxg2zi}q7BZJ*vKUkA^
zKFo-7l8}(792*~}Zf%&raBY5N4@Sz|&gs-8g^sYed4=mK@mXaC^PK`-`X66vAm3SJ
zXnR=(odu~>VN+Q(4Qm|QUcW`U)$4pl^_rBOv`9*D43?ZB2!6XHM+(EVe^T(%-u&3g
zRd4yOk<uC->&4-}?SRf24lmvV_+5%2E*c^p@D2m><=RPt!LwgKK6g5V)wM_M*qbS=
z({oTgz(I<}`P8r}+i?a%R-K^>cTy7stMF*pKHOYi1A`Ngup4fCw^F;n@?kXoCl5)P
zHuWm$gfS^{gkjGsdryg<e+lE(mMd4c@ZyDQ;nKcEJBjT?bEe)@Y&efu4P6kas4`Y(
zX~PPK^Vo0BZjn5nQ6wj2C(YSgBX`>52oom64|hY1=dHe`j?1*w**t=_H?><Y(0(=&
zDtFkcx+iJU0><9WiHoyGbw8fl2*$pvPr_t1xK8g(D0OOwYkgTRe_&#&ojKgXFys40
zw={+?q3n;7i3lq^rxlwNI>HX;)$ymqeRhbyGuRWpQTr&o8m89TsCTy6H2}h6V+2CL
zPsnG_42v?$uxTO{DXYp%ve;o!_FI-)lh0?=<Vo2{%bK1!Y);1usHKAk@*5Trsne3W
z9$3|D9i^cUX#B;Yf5qBdJTO;xJz6_P$DUI5BpnLmIwAL{Hl^Iz7r|%1kuCKkFZCI*
z=+{e_duSFLugt;JaO%|<hVFT`)RA^h^_&zs!kFgG@|_a5#-!}z7S0@K{d#zOxMeR*
z`2n3$x2uw=ZA@)-FU>oLkEqwq%xi}qSBo|NM}Gm#d;!e;e*#|CoULC*Ws*GUWgRS%
zdV!fC;bbYmz|uIcSe3LbD;*L}zeTzrfP4lBfRvrING}Kg(J^ESh7$dveLdw>{-<&&
zabhkyh1QbnG;lbkh88AinQ8X-OYHXm9evQgr2Bas5eLWO!~WpCand-zZ-W7TOBvNU
zo#mv^5k@r+e_BAUTmbwRz`r?wf77;9+L&>{5dUkii+*i%p#}L2XaOnvWsCv{b^M2P
zYm-+&oPdgOY@g6xo5cnrEW1f#opVs6CruWBYH8t%`a3pjJIHxVz~i_%7&d1wr)9tb
zoR6x=OHUp$Ne@ClPw(g^MUK$Uc~$=@al7T;D1+VAf4IZrv%gd?0`_zKfnDRb(&Kji
z%NE}HLWMQkjg&8eJon}0J#-_m4`x6ACJ$=jC(nz>4O=H`d6l!YQUAk5S+dMw>+~Co
zTj|edRQgHTNgR%ERXe)f2W_NR-s#QxtLzuRMXdDqE5;m7oG^4m?I!{(XUu8~JZF=;
z`?J?-fB)V=%KU1;LmJ;q9o)nHU+fQOe{P~7)7E<6HiT>!D@|{ssnIS4*FCduZKuYV
zyQl2#93o^==m^W3*9bl(egbe_XAQo~<&q6?j1*3j3t?>3v!_wWMWY-oQK!n-;<RNv
zZ&DU!vJtY#nk<%HV=G)xL@@&tLCX4Rtb9w_e`5&~)N(nI-y^Ry5}a*sf#=C0>Op7s
z5cDJ4lU;I1e-8;UQ?gq0<DU-Y>@AE3gB1+q)#ul@z}nLwJC?qc-j2WPcG~1?+vu|F
zZWhgxct|<llH`OUUx3f5NTF$~D&}>UPl=zDms4TMiVdG(z4`vw=n|Zsh$CN3X~=sR
ze<avdgc7C79h3>H9P%E&(Yct3Vg_b{l${Dre2e-JZKRwj)$$v}8JY3YOVb*LgSb(n
zk*Q6iQ4yZJ0X8&;g2d9t8Klzq^_h~^9W;{-Q-OiP&7|f6I1P;#X#$|dN^LyQvgw1y
zkq_iGn)AUF#XK;@l=w+T!(kfX-zAQIf9{#)z+?4J+{mr1OySV<b4$hKYs!i$hVm0@
zcnnbOmNO2s{90LwEE8ecBz}m0;esoQ8Q=<1b~2vwt$IW?iWG<Q1=tZc?AMQDUTdrn
zwPPX;wz+<RAUijCLuvZS@CQ=j2sNMAn@+AArgbSZnXxEoYL?b<%y^r}EaRnYf7+%E
zlVoD+bwLKj43GgSI~iQ~R<*%}ldmQ8XBuU&=h(X{gn)XbW89)BC0{CE-vk(9(R0Mz
zZ>*>VN7^jYp$sjdbLU_HNTDOtZXO0;N_+<D#*C6baRa5^L|7;z5Lv<!0Wo$WN>&z<
zvpk9Fq7Xb&0iWLt+{%72qq0xRe@<_p-o|w8`TJsQQvS^km@tiKWv$S*UAA2;<(_9Q
zf2i1Gi`Y%&M%<_%tk>0X<y$Q77n>b2r>Pw^7^haNE8YPU;Zi8~hNEZWR^Zij)aCA=
z*AFwZLliyS#l8B{yN%9RL9tS&$)J@*DvMkWO*0Z61B>zS_8)cPnAXBUe~WtkalFHq
z9scp<AD7!d^$YRGo9&-oD(4q&;PBHCwtG%@J1KO8?am|oCRgTlo%0q(g_JQ&*=r+K
zCT-1<xN3PTA}KTfw4%Z-n-??6=A`Vjt(?dCO^OW=u(7}sv^!-lgO&om8KYILsKD;G
z*L$uEsD(p9lX75{dQU-}e-U8n#8|0-JBY$KjPo#H!Ie59@nlg)j?v_CJxU#^XQADf
z^Gn^uJl1h?<tB^^;0|GJ8m7Q=P_a5m1WPKB#~F{(D)*y`3%Af*%qTRIveUXaU1|33
z+m!sH=4hiBmzLz)UUd&ge0lxxxyE%U<+c6RW6-E`sXH@*VWJv9f8LmP!#lqOT+Ay0
zPl=zBl@xdCM{xQcV=9KwT>U|NGADX4)az*lZ|kVdSR$oV9!!=pUN#jIvM!^zkaaVa
zxO5A=#f$<kDLZWm)6C!3fBisM0VVs^IN3vi%(e(xmIFR)+PWx!C|_OG!Mw{YkcJ?C
z!h+wdpjvj=KXEMUe>a0i#acuUVZwtlt>3;rH-IROmx6HNo-cRkFF7NkbnQ(q1~+P#
zuuWQahu1CW!EcV+GLjHtiBLWAZ(q%tf!JZN(qj$@+IssQamWbS(q+K4<iBGlmp-Hx
z+Y6_RQg7giFoc0!13rN0El7Iw3-Xvbr({hE9kB__BSW7OfA?(yf8*?LYeTyAxFTVE
zNVed-f9dEClRy`Rg)73~saKICO(x9vtc0a)C|E7BkmX?%wxW?uJZ1214ZWCALnmb?
zlcwGh`mupKb&>yCf&1x|aZ=<6BbZkipAtW<lAw!24C$=p-J-{{Z|_iqn9hdvFw(=m
z?-P$k>V1i_e`-Zl3Kl0)If-=|GG4_}1uUYjl03_%2v7>QfL_cfpp&u_H9ddz+#QB-
zxnBSL8(}EENyNP#(JP!l;@!7zUtZ!^mR>XexO_i9^R4{OAA<W>2mVf_9o~ae5yY9q
zc8CVhI?5FscogL)d6(Yv;`~x}F|U+8C4O3$3t*@XfAt=-mF?OE60&x&QSW`ZB<kAa
zivS=lke4%HFW1ff0K{d;?Q9sdyf#p}b?tISU7M7hIxT#Q4*0)|;Of)$Vf`oN-|OxE
zQD4bVJzNTUjqM*+K&P_kA@~kpj5gHaj8ip4?Zcor%}@uGIi>$_A+Q7YO1<sPgf^E4
z%Q1wNe~Okn^f7SGEN#!HF4~P;1Yl3yYN^E4&)RY0-|?5NDcKE|L)#RZ#}Py|?j-1N
zfU=T&;i8b$<0+R|Js~Wy0A@TxjC8Ml>>$x)vVPxh;g{yIfG<ovsd+klLyxl>rtG-b
zs@FU0>bjn}k$4W{yIL+VB?7s?jk;xo8b|;Ne>|)uHi-jG&7y%Oa1ty@e&4>GgcO?I
zNy>TU`zi4mx$@NjQ+k;)`zQF8FdWsWi^KZ~`8rx&i6pEW7S*NNPh<*{Hbu+wI*f`c
zDeFr5lYpgLvM*<p>`B?l{bXu}wAxfY$*pfk@lhU(L`tC18dRzDS?EDiJDAFf_)d2K
zf5@}mPX7=i;VP8m<=Ww7#S?Y-`MJ(P<F#;_nr?2BKN_iFWDBP;z{%v;MEYVAbl+F_
zsDBEeeFoNB+yiD{ym38r7B;?GPLk4-uf=P4=R*L>c@Tgp@qdlskt4g~GArAnWKo#a
zD(uT*Ru{ZtSsk`%np8!a)PBQrOa0}He^NgwJ6W*xt-5D<m#@DPmPgm#8?L+1ZkAmQ
z{Eq5E!CK0V$)q5*#hkp0dqB4!CTt@O#$PI<-RPNEn~ozX;9kesC})pEGq}mYO+Pj@
z4l2`+oF$gn`G%e$M?Rp}hR(+ql=J8nro_+e3B6Ya#LSm>S};hy3Oloe0W~a3e?yo$
zo&a4BZ&T<-fNFx@eq6vqIRo%O%1-7<eXAP#`Sj~0VL6oS`>pkD$B~<GUTM-;a8cDY
z_a-^J*$<>gP`|U-=s*7VC=dUnb0UO>pU%QhiX5Te^MDLf;#R+v8{P9Ysx_48`j>H$
zL{StHN=iKsG-&}<Hv_J2mU0Nxe+rQ@=+d&ZAburv;RxjnI07j<>0Noz2*3Vz`N_`m
zB=>mg3gBJ+YC;Zm9f#S*-E>tbv69~})b_l&(OkynL@<Xk#x6<*lI1HYhXX@xM*sqQ
zbVleMd~f5{#DQa0D?mye1dKU@dF?r(**U)>;U_MqSvYqH;Ox~IwOiYze*wE-M=Flb
zwsLw6U}a18*>*r82mDxD^=rNn!x1!8Je=1;xoqcP6G)*W%yAwC!Ib#)Pz=iu@|~~T
ze=}aI7f)C#^|;D1>!uJfYmyYGtzyZ_HWKPckx5fZ-Zss|k>Ua(${BzNQg+f>y?6-i
zjL}ERBr0N@USu1LZOQ=8e-Jq7`rw&bpnpD`FxJX2y|HKqHb(dq`fIx$CKTb1Ph>WD
z&-ghoxMA1~jMUOBio<1)-vDS4e}hzpnbkesuw8aEzW{oGR~^8wO@}pH>%tl$rjihn
z^iv<GI8R`iaO@2Q??xS)Xx)3AKqe%6Z0(fAo<mkZ3LRmw^T-OOf5cC95P@uBXqMjU
zp)0I~HbyKa!1j46?GO2K!bXZZYIDXVQ0-Q6&B{6|SgD-HHVf-07ZdjFf=tR8AQMt{
z(!NPl#jlrpr}1F#gsD^4anEB7Z|@IBOZ^(SL$!6bV{(-#K?aT^9E@vgT+deBa9El%
z5=P21+cRfR$^Yk<f2*(mFIYWpA*Qo||5)7Z?uH%5GzP7ATU;0JfNeX5@u5+mJ;rXk
zL*4FbaE!AsxLMq&uvXnS%x&$JO0CrX^WGWKcQGVu$9T~4aqq>U(0FT-zv`cuwRt3l
zzJ;<#Bp5<RqE^59z7T4Mz&VZ@BS!2E=KybL6`9@}<^gY}f5cDP8`Rf@y|}1n!wxZ2
z;!g(LkguiXO%s+)&LpogmgcDnB%?;KmWP$hiiC^W&mL5|fSYm#;D(g-R~3CrPVgy^
zqF;8kI@^NxUkr(tZ8L`v90qm+CNkh-OvLF_0w|R}eWU^@a)d(91CdOLpQO-c6!>Dz
zxDXov?W}H)e+cUg^ceX{OdEO0pc9X!(2G|>FCMVn0offi;`x=?1(TFBz$B#X<PkRo
zCLvUr5*sPyk^c%*7t~sR2M}9beGT9Px&&rDIi$xqxYj$*S{@}n9|Tg)1A$D5pH44j
zH{*Tu2T{o;AKdhVRtyLiS=tEB$|4IHFu4Jd8%(qJf2*pC<|t>NIY`+_RrM@NXelLe
zdEYIB0r-Nyuv7unBURmStmEqT2wOEm2Lm;DOBYa2A1+Ud9HFlBfEZKa|GGVwgk+=*
zG7U1I8f0l$2v#L=#(+4@!Zo~#T)B{pY6c{Ol$}y!-=a2c;Ki=f7r0#vg%Z&z^&L>S
z;5%byf9+UL5ppSSkOiRM)hoF*(?0b2m_N`{koP}@uDSfNfCgy$aVOvA4oG_uTyD4W
z4iLfP@*MJu!F{*f-NA&~<uYjbVhJe*xJ~f+?>dc%S{+`WSnIGcl5fiA)00Be=2*=`
zGfaseJL+D&C$*z7=rrpO{Ax@A3_;^b#!0>)e;6hRBkmd0i&z?$F+~58;q+R=UgbAV
z7vE6Lz&DVxe(&D5<b~2S4I?A0a(a}5y#Uz54IDf+*Q_G)8Zl2crZ&S!5Q($`gT&S+
zjV)ZP^k<s^d1UZGZ<K%V@;BhMvX@a`_f`kb&lVcn<Z^`C44<<6Eiqh{d?>F0osUYW
zf99bQro>O^M$y<#2aIr>2Sz@-C^>S_Ga#V{jvRGxMR~!1qzX8ynkx4<%T_J~p_&0f
zAY~_PV;X<p!O@b^hw!nW%rGd~{o7zWw=jNc%;p$0-J#21A+=XQwK{bG5Vz^E^W?|F
zQ0)1x7ST{$^`ZV2AU$?sdUv-55FfDff0!iPfhBbA3U2jk(XTbvsJ6w<jLuwa1cPk&
zICzLUs?NbK6kP>FR9zDm5Ku{_TYW{kyG1~xyIHzn0qMR<N(<86-JMIb(#_J{-L))y
z`~87?&Y3$iXXZK2%>196u^@cZ9oJOPefA~zpkgoOY5SVZ5aRRnaQy6zxSwj|%Y?Ka
zk+A*!6kS?2*!|ddd~-7X^e}K)rqO#TU+|&SoTz&#Bv1n!Q^gyTV=p)H>Abgi)1RP(
z3|M=q>egNJsE+OZ{TgOCBT%=mxmX%?aQvQamr~L(=ml#w7^icW7#ww`5_!kb2O>%I
zE6NK8DeWk8TE;o^ei(W*$VsUA>1;)g^w7*k)Gfxck5{$*L1l{>s0T^e)Qdamq>_(c
z#tb@_7Sg)n(B+m-_%KLbs*Jo4|5HQI53B`!5e6?N@nRnMuR501H0_qM)a|&k`0il$
zbKuJh5nnAc{Ay7ji;g%Nf1MA;37zlnkBRw8cQ?+{QTqJ^zJ7_bzKUc7l)2uq+e=s-
zZhB`$oKRw;Aybx#ksfyW(B~;ZX+^9*MYpDEVC+d!X7Jz}i|lFa;Lq9*?j5czKvswi
z#@;U^!A6m7Yh41`#{>ynK=hyDs3!jUFHEn|PWf&&H1#L5Bp0P_x-`6J<<-6E^1jKQ
z!PV8rCVgw5jG}Yd;@g%<={cH*ICI7H&Qmsf7(kvf=F0V|CG%PlU6b)W>1o-zZRAQ2
z$fWrW;kc=F`;WHHG?IQ(7&%B9KwboCmuqj3mMj(VH?5-+UDcXvZPLP;OsXvG?{5^e
zwm#yA$SEmibuN6YyrWP5W*QHEy!d+Y=9%Kl9Udlr?CFB->aGNCiRYgHWY8l&CQVp_
z=%`=oVgE7L1>f@gQ1d-d9g}Hj@ugMhf7@7=KSuN3kZykG{rU>11-AWhfD$qzG*!2a
zI@-5rEwH^Flk3(1QO@-bb;>8RYCJCwCRh7U#J3Jq4R=oejUy{Kc}p>?+Azq(?`nLi
zOe1IIATwwm-(Q+6K0}?=X`(%fwFV!g-#Mnzf>2+VKA~itcVV7Qvz(8PIT4*Au317<
z((w{fT)BoL8gB0`XlK&}0i|)r`<hc1kXh4Z*WapSYP10T&>y;W&STN`Fv!V|Ylmpo
zkWqAE*+1Z$o6hv)o0E0(Vxbmfv!>S;nIv9-bi1<9K~8i1D)}epNIJ8ATchx(;3RD7
zx79T15<*{*c@E8pL<G_oYqV2Zd`|HbEr=&qb_llXD(Ve2z#RAvOq$7z5)9;!GhWs(
zYsd4XNhK4y>h|hP--&;U$NE@o@$);9NL|?z{_)&D=levo(dB<){$x|xkZ@Xct@vX8
zITP14Jv7d`Aa+5FtWkThyUo$mQZ1TFg#OOf$V9ylG8M8-!W2nH^7TZ&w5l=U6l68X
zfBy5aroplX3r83Rd@SNaH^XATi0B&TN|;p{9&E58tzwyble_v+zf6_~trW?_r(87H
zdCT|xvz@=$<y_<I_S92_!hI?j5%HTN+20F|xRp`9mFjoXopC5ue8>?R*Psf2OD&jT
zrUV!FF!7z?R=e$A3W3-HxR!^_?vZ-(>-<itz4;8Dcy*F_U>clvLN0V^&TJpo6rVgy
z%ayPC{DAiU<9GhQ4ll{F_jQDJ<=ka*&^~pG{DdyAuejpr``&}OEA9+e(Ix%%IL#pk
zIk&C6?7H6cZ<nj@&f4jfGq;ZM8sARx`7OxYZB4a<Xu!nDM`^P3%6q7}poE`Xw4xw^
z!+~$aB<Zf<K!#T?x~6O{<+~@#yv<JZFs)+~E^gx1Y>s?XR&O;S;?spb+@*4c$E5Ow
zk8;pZAj!5=+ihA?x^Va)w{y!+xbu1HuL(Dg?nMb))ECX4&9DveRC@Atc=1%L_3l+G
zMPBjvzds=W{(;he61(F~)X-Gn#3Pqd_EktGJkLW8Na3f7Y#n;#n;l?$a!DLQV${1)
zHJ;Z;J8@6U#~^w+dHqL~i<wxC$!9s?x0ZR6=}1mAV@k4_Vtra)f`i20?jKy6&B-H5
zWnDFDA-xkih2_|a-fFW9k<PxF@V}EZr#jL?ujsl><74a#k31?5&6k&b!`&4(_J7bk
zJ2ovu0?aRb1w7<?Ka%V{=MW~#obOZC3i2+Qm`@2z)mEs$1=G6SQ;$W7AN*EM9G=`#
ztZx{WIR|`wI`PLFDQ*afr>v7=%Pm)Q6ECcT6C5^!-#bYpWl9B@7vdN*#$Y79co!bO
zw^7?9^6)Zhw>sOwf?CUGmgko!vA{{$`-1-7Iv_=9;+L9xeq?JS=_H(tfk}H0b;K~P
zhLgeX9<giOfqe?_Hf28R**&?CcvnFelDhCs(kF|KL(I)X%#Zmnv*1?0f|;wc;EG&*
z%Ywvz8=05I_fy3q4<W;@fL{hyLi#MC_#@?)Tj-&~<KvKF%>%_b%SzuHxD!O>`O-=s
zP!fi=uX~8<9```0aWP9w)3UMF3tN^;9U9I>jRh5{{NEHC8^iJ2vs!tV9j*C5|IYa(
zXS2w4rf0TAs{Wzh)X}3@s6IYNq`zdrbFVMOu1ua1q%M9l!bmWzMVeb@Kcky|a8}Gy
zyp*y-H)y0Y{^EG?eE&NO{hS02UW|MR(E6;zhy#gM82gSFV=7&djlY>V5eq@ZK?`wf
zk|2_F!WU{;!gKdA4gXsQ#OQTu=q0`_en2y{JEusk0(b8u3jTJ5HfjF@cSL_^?@`zx
zDD)vb>CnonJBd|dKj8~0SzBJ=*N^(Wn&<x6ZE-uBd7E7vn{Fww72>e;PsL>r2>q2g
z^3T@DO;+(8=z?5ZUvum9oct%5z&F@v%a)}&v$pS0o0a~YY5CP8JsXT5wPe%~?UKu>
z>gcM#>xU|?2hsa`*x|~nA|?*9?da52sF>y{wHn3oNxxcM!e~S0HPt$vLSU;BUctNa
ztp?w{H-SFw&Cgj7zoOIU|Kd%20eXki+tN`uDY)bduRrAKcjWMBgiMZ{-BztdKjl~T
z)1f&f?s-YQU>f|0bu~56zVnyxoHr_7h1j;-FwjUNC-H0vg%06*CmFM8_pXuCP*Nst
zfH|GM_Y{lCH%i>^9(xhzJJ*X2nE?EP<rr7c?oE$<{d}hS_oGYR+zc%~pgN5~#zQ87
zhmcY6H5jx$<u^1?l5tZwZk!v+^ZY%2^NP>#q~icNGPO1M&GJj7v@oiuGRWio@vWiA
z;a6)=cKYHXwAJ`|;pY0#gl&EO<#_$}UU;C3l+Q_&HxK&~nG73Jqo+WBt}ZVB4UgIs
zmN&}VjwFZqo|Oy+`wo`^4I27-#osE`7rS?EIK*0C4n<MEmmbo_X23Cx(G%`Xz3C}H
zB*g`BAL?pY&k0LjFDi{UI=b$^VRrfz#r$3J&eLq?TG!dSB$%gqJ=I1so|UoIvF=X|
zh|e~kZY7%)7IWX_%Pf@hUuO2iD{8axca!E@f3&>q_%6znNQDF60H)8*SzPRiMn@x@
zLPnXAiB>o%&8#p5CLfP@!fioH`NLoVJ(4nQtW%2rU{Z(u_5HiLTw*Vx%;`>=q7}Vj
z7T(_*fK|V$&&C$4Vobqzz|b5q-0f$)>#aWv`k-o*aQ!T9EYyCn=;0$tQzlqlS<Jac
z?x4Sbj=Fq{CZV{ogrrWirdYjjbngXvj5fVcKDX)LozzLs_+OLlgI736HcBhBRG2FD
z@kXsfto#NqW_`7b`n5+v^({7XR1z8F{l@)e;<W(=J#e12(ecEeff2r4dn<nm_DZQ*
zkk)#-hIZvLzp?)_I^6U<I*4^V8C|72Q`&;qU|^6t>ipY<hgx@SjWtVc1y4LX&aK6g
zVfW<=N<;jg0mydMT;xEi&&V3;lM;7<EqIO>kyU*<MQdru-&a&I99?>j{-YlGsfskK
zNY>e5KzoY4&$OJnlDwfJzf7)tAtl<Ns9G3L`y3sGiC(Cf>A%0Ih%fI#KD7XgeO#v>
z;(6#L)x$DPPTbps6IA!8;nWGoV2`zG#K0+>4cOcbcUeQW3C9SNw;CGzFGqD=m)n&p
z^`#_Wlbyt5GZOJT$k0=VoTEB@>n#!FeGaNQKnE%|t@Yo<sU(peqnELca9<7iC(MZ;
zgZ-!;M=$6oS{BG?zWC;>QW?;d`kQ^JW>BkI^&_7`pPWk6YJRP-d+8;*y(_&?IacjL
zx@k4Z#1KiYM2tFw#howniA57zr~OssuMi3N-d!|D5~T~e0cDSKM9F~9EuZ1eQ^vav
zpiTRG*+)qGYGK%i2Kq9}Vp4yg%8<{k-JZ}^mKv8sRI@mNx2+;YJ4bpZ<ua5{<78n6
zOMg+>O;@O}ZSjjxjP_2w_d*trc^>Xs9nB<N3t_H(sjL9;YTMm)VZ$LJC5285fZz08
zCbB*G*Lg(Ik-h<C^@Uf6DTej9eU?%IURk!UzuRMYkXer((0IF&!)OqqtjJr&OwpCb
zBw4PjL$VZgXnkUWTyz+@s1kJXuk=@n>zCs9;>OW;@$RH!4@B;79xk?(9Ac<Pn{I-G
zSoy_2sQfoO)1oa@;7OpU4B0Njw&^L6<+Ih3ZFkFc?_wTX?(_N8N;;@0b~+EZcU4&l
z%BC0a<`l?+GNjsGxc#gD4cuMq!a5*N_wdR;xWngE64_WQQsJ!L3Sm9&Z+E5EgFK&D
zlohVR^BRI2WGU8IjM8ji;Bi?M_6e_w`0}zVf|6u--aTq2cU-#WNRXm6JwSfGASTS4
z3g#aT3ZN419%(8H3}RJoG6(!D`D-0~HHsIiXXR$DxmlXal64jrW+&_8$&W9MrB2+5
zu^va2-BdaHEvP&V6%;(wf8T;V3I2nhV;;eA7@m57wqb{61XL-tRpFK_i`%iEBmdXe
zDcS!LJTumZZ4JCsG*di5cRxcGI4x&wHHplpWP3_ORhcxmGAye*F9B?GsIy#uK`%st
z{<?(;puCKK20O#-#N1M0_{sdURNe`RqMoysgzoi`s>Gm-k2Qc>k>)$9*a?n%82t0h
zPtnizv*5NePwe0;(IE(fJAik@-C=v3)c=~m?&Kg9sy=u6M}9KCE0A0miie9d<u&t0
z^MYQsqJKWx<Gag1N%iJ|ShUJ%lk1C1@meQX8SGk@Gh2T|{euWoWVz1NY(>1e@Mpy&
zrISDsth6&_w{D*u(63)64ywx;toKiAK}ya20h&)2H^+?WKXG68o@cs)JshilE4KlZ
zd53573P(ZSB_jjVE0|zCho|3wY-ptK{npIR4KKYziM;`Um%tTwEmtpAQ)X#K?5zKU
zj5cev-Qq1|eb~dFRQuPl7gj_%5WNo_zEAMwn@xqqHd{5k(%q2Kzxx8!tv8!~z0GKV
z&wATV0?F{hTs-X&SD9T&3Q<9IK4Z7FM)ZwW!^ddB-{>ls^g_mzQ;{}kSEyLxHLFym
zYE+^3P2vD|s&855#QaE15gg__zZCpeCM;Z<%^c)Fb4raH>{3-PTA3+dZKHZzzV6(9
z1S@qojdH~vga{fQsm}JPkBzp5A5XX1At2+*Eic9u)ann5YL-t)RllM>cP#dPeQDZ(
zrt?X6fTnTR09GmeiIp9S&iBKQIyqUZBG#b38XExk(-J43`}t<Sb{JXA^oY0l>qCV<
z{YM;VmUR@!5@G1_%i?FR!L`>D6ah>(jy(B#I}?P1@be8D&6#aufdV!*f*~Dq8sX_?
z4=2&E<l15%b-u1c?X(*G<&axlcQy0I`Df}eeW)#B9Uoog?GriWY5+27-KaTyueLGH
z1$@9d3A+8qg#yH|mNSHBO}j3>Ot4zyxy+AcURl5B?_G@9Bx#nUwt0v3RYBS9D>PeM
z)=+>usV%R9g8FE&)$4Zu$@pw$YIx~{wnc1~)h8k(r)T%!q!KJ9DZGxotS{!<?ltjp
z83#b}<wPk2o8v-E{v~(W;Smzt26Xhc0O7ahEl=@pnti<~pNBfy9&SqMc8k>iur6pM
zdBp1`=ZV$N8^nt8eIkdl#T>L>uTrk8g_QD|7+>aEo9J+ZWglxnO=0eG_D`BM;tIHZ
zEI)&Ch>Bs~_{wd`5@T*mjW51DiW=0H9SA1SW;V%uyl_m_#<vfsAs`l{wxy_-20qE!
zyxu8@C*q<o>0Y*6y+S9{5~KZjbn<SNuiDbAec=}EIwS@1pFBSk!c@2jXSa3daE1?2
zd~Bs`-Mu2JIa8?ZRp8U+xrZBq!;;<tHsRa(r00<8k}pun%pRBURSY+IHSNoL!j{e#
ziRh?>y_KZ_3oMFt<yHCvvlXqK=m0Ex%e>y+x2MkjO@TU#PO-33`V`~*nYM$^($U3U
zwl=;<AhKM8k6h5_oUH@puY?KoiR5|GPZvQPFTA|qJ9pyc{R+?6y(y&4Hua>*&3+vq
zO|~?fN&=*$m`maX82sW#-Kd#oD>Y%lZKYUu-tbW0-&o%HxVf&ydWJkTK#8^r^mkDN
z>t@3{<^tRXFc~}|vM@DF_#-2+q-6F{AZ~Q9#H!Eb#<q-Fcw@9iS)E6;=3#3LN2?7f
z-R%wVxV_zB2Af@_96VcrVj<wrz{x{sTbNNznA0-EJ0hrj$bJ1hBwBPOJ{s>7P3@Tl
zTfajIhqJ=~$9(j`S#u7k>Bf!UiIB30J-EV{nc-c$xpqY3toFUp>&XUpkeU3q%+k-T
zVwhUs(0RT+bmF&Z)7WmU!c0;zw&%tvmcW$I=Y$k0=SUU&rhtE1?*uW@%Ea<cbC(c8
z1ZMx%Rc<z@O;CwWVIf=@mstG!sYz<*mr?b5d~9<%W+(19@)W>uCksY@mg#ODVy9CD
z8o9Gs&{2^p%MWcxzyqly!=cNqx&Abxe$}?Bj2tuu)juc}R<?bUHU_FFa&^F^&qPne
zf_OW<$=T!R{Z&Qpck=FlbJ3t#saGEsTU;ZcPW7@*Q2k<}P0b(2dHPy5k7cx%^iBHs
z=pi+mnjE~_$(p_gZ91Le5QbY2c&8`mM$~N*%HVEX+8nAlujKnWX|a=#A-a^!rP&af
zZ!Tsu0xr+zGhyWheJ(wV?28AR)v{NW0W4HDy!kYLZX&h_e)BtP0sv{^suhMDuwr^!
z0)i6E*&{&!>9EExxbdV>_0J(crf?mtXvSd{|NNiFqM)7H*u{90nLo17C*uC&YkIM%
zQpu94Zpd)sC^Ji*j*q~E82G~KMP&+`K0SPpuZi4dRGiLf9dt@-r>IONIns0#`BvuO
z=k!xQfs&n8RNK%c;ijIOS~Oi3$o7MHw}rbU$u@6|5;nA(u6Le2zVA$VTCZ&Y&W;+a
z)xxixYiL^KV|O(MPBP`jg4l7j86VK|YpOxuxrvk{dWSMo$Xi=Y8#P-s-ofJYyO?1D
zoGpJzG^8&to>H)FZ3kB|85LM1Y596zWDgsKvESTH9`o%l-F9>vRw)1;X{n2DuM9BI
z&@2#~EtWCAvK%-~-d|3=+^XUJ#c*DV>+Jh?7_V{bz593ay?4nKOWEUtO|G^*VoaJ$
zmPsYDU4uErI@uyLZS$L6nY;M^&;?#1UEt~N%zU6pdt!|{=_=KNt45|O;T4GHDZ)p>
zn;OrW8^qQq+Oq1pO!f}hDK$CUaoihzIaC=-)#ioRfS*B)G*_RmueG{VJG|$S_}A0J
zW#j5|tSG^v1q8jo$@L|TtiBP$kd3uss1no#IfgN#@z}%9rM>n8?5JZKIfM*%_sZrV
zgPxr*$>@FfoK=JI!b6oDsakan?(91W!GLGaCFP5kXwC1tULZ*-q=O!<I$JM(npC!|
z$@Jd#EVhfu^Ob%{2VLjFmv<^wmJ<0q*XV?sTEcS+B7Um>su3Z)$_dE(t1+hRSeoRV
zNcaY1ggW#Nv!M6cc7Ud0Xf4QMf}=mqibAtr(RosvfXZ}&jn^K<^Wm5NAHNq!n=-me
zVQTm}L0qAPFuVm=UK16FS+>PKE!BHS9{Bi1P>1Pf4G)=IAz{<LL2O&m8(e*2gpPcD
zb)Y~c|Dmq@-W+;-G?O!RaU#~oYow@?3vESBBEQuD^SJg!6$6Hegf!utTa~9*1}9z^
zZsNUnInm4Rs&5oBW@(<C?k<xji=&l#;tXk=e<<pzx&U+~f1}0pjvE=g0C>}>6WdVg
z7FT%l^KlOxJjKUNX@A_$|FqaBmbdzI7_WTv_x(up_>lSA2Zr-x1p|}v^%c^@c^d3_
zt$IFHo?k-hWl56{KNo6@%GG4+mjcTRs2e+k&Dcl+kC0vx5xIIJa&d!htjIq*^g%G`
zl@M(-AAqKT7yMwJwo`ib3o$j@28SP?f{xF6+`pqF;w>tWTTkU(UjC%FgRSHViuz6y
zXd?$=y-?ml#nMT@Ls}B%i1kwSYLT0Uj-fS`l?uixd$>JAL7Cccad2(LX}Gp@<#dzl
z*1!uVan2V=AUtZq?57!3UhU~vNBfHc6s{LHz+zExsg@YRyAc-n!T$+azZyE?UaWgt
zt)a>+@i;Cj#Jwm4Tfd#JDs~m|gD+QBPG{PINso;TFo|9SJGts9Ad}^6=I~LaP(w#F
z=EL}VVIqHfHHW05%G<Hj#SSWA{q^#m?#$<137z9-%EtS5OTT`Va^6|!xR{|MUz_g%
z-M$N<YB_l|X|dU+{4H^>=J((6kV<0C{XMhfRYb7HpF6pQyS=@iku0COSNtwHt_QGz
zzfYT46NSnDlmvHa39v3wy=r}z+&Q9*1QaL>YO_wFhI-&2y>26s$CWvA9x+w6M5%+q
zUd*2F-yBUyXGU(8FIiXVzlm;a+}e)GbYmTz<9F}5#nFKifAVDITQw_dFc8_!B13ev
z94%LV-TdL2B<;^kA~raTc%!B0U7qwp_Bf_$ib1Sdc5QEog@OwUwoBp1&_pYH41a7m
z^q|gDnb`?ayb4XcvBwAoR>AI==4OW#Xw1zaPG|PMjq@kGW8DKs;{v`EBJOyt3fH77
zFN-Dai){tR6vBf&379Mb_gg~zux(ZXk1s#d_8w`96_lvmoJH5&e3Qw^d7jnGqgi)1
zu8BSepPOq(RR*VI^A$_pbNql8I^BB1|9E}>2$vWNa$mSFMzPTWY&zraT%SUkX6$D(
zwcV>(j%wcKDaOKZL%|{DZIgl%x(s87v6zQ(3h!BwC0<F9$bvzw^7h*WlFhg8<LR)9
z&<9YF0li=$7Ved6^|!WN$3Go*@U)!|CrXQNs2Int)F{(jG4c6RR1toy%Z)v>wU920
z<^^zL^`DWG4@I^B)$OeZ6PO<R4*~(}x(Jq~fgUxjFIbUZy3oJ0IfF&@X(I2%*#_oz
zB*AW{xuLO0qPQ<En79#gr@Q>0SL^7(c*?!&aeRd^Q{C^;PN$JH`kZ|-mRazJ+3O}Q
z<?Uol8}S{KINzxiyN89b&a?i%cm@!Zg5X}r@e%V(GA>Zqne^%%6D_svXb1LKmIB~M
zaK&v0vV8XX&3e559S@VwxMSdEajMcc{=&omiPwJcwsr3K#`tfIl%X)$Cxrwr`~Ji;
z8-ktYMP3e&P|5O>jQb6VC(bdj`prR3>=F{e_p2rA{NTEWvF!Hv^S9<3P>!nM664b&
zU<jt6i3K(}HBEl+UZ%ckXYh1u*9{@tP(P<brd=Q{Li+Uc08oE<GU3Ha1)QnsyfBNe
z_gab~>mT}Qh`DRq`fyi58gV}qqgmrFvjhj@vz{h@ejra|Ny=-cp<0S*|04`~A+Y(T
zYa8_OxAN6?mvIImOWOO}^;GE&dv|L%uD0fI1)x~|dr#zO^mFjy-2PV^_1+n<ck6Oc
zt=Zh>pn(X@>BF~8%zT^$54gu=)oX|Cl|PdPI&ME!Qzgb$njHE|*IJJezHP6c5<jfD
z)-Kb;_CzC7p=(2dXYl^FNzvnk7{$$O!N*IB#a@a%_ie-z;^u>SgZ+v2?ebKS@2d~X
zwZL-TQqf5ROM7h;wzXopGrh|%29|%1{|DDfc4pC?ja!(p)m*K0*gp<%J2X3xlVJ}=
zr>bV?WfN~{ewnvcOEG+f64vjNeY(gZbb?Rk6_a+F{tmVDz=iqo+yO)sYuC7+0&O4a
z$D`Qze8P_>J&qd2SICG$*z)B(fu|&p3uufd>V7?7M@G?np<7#{%A#g_(iA(|;I%=O
zK}S@CE`yGQEYADoP}-#EXqU*GJpej~<q&aXITCffE&qH($579QT{ywIg0R_A0|&^c
zwnKq)o#HV=HBZbwx8QRjytipg6EE|`RG>R+0uJX~ekXGw5ywOAGdf1?_G_dSXp)hH
z_9?i(lrLnOMb6QB53f)MVBQ=@n8sV{B+wqc4kjvyVvAs6Go5$h&VF|gxb$dY>04Dx
zG>OS(2H~i>0!i!>DSY(^uk{N*3&!W?>5<uELK&wyoRDg+Xsf%yu2@X6I)~xn17zaP
zzG^Naxjvj<8dU7tmq*|8R$dF>@FG$)TZz{{(3Cy=d=n{rD9-ZF>u1f>ju0nPmHwx5
zQwpUmWB0ogHZ~KE0CrnO%;!Ue`{D(AV9bh+DE^@$!c}9`x02?Y1=&o@ee)|D9jG$D
zvySIUevwYzhKEk6NxpNMOzUiUad^wc=B<W0^{E!t1_CKm>2DV3g8sm#jhKx<!Bf85
z<B<YO=+nr2yQSBhNI>!z%L)gQH&U$QN#^E@>%--&d79N0RjLWav#)oWUCQcm=x2r7
zv`6mxaMGc@*ZxWTap}`Z)jA<gp1VAlG8Iov?e}VPHitK3hD)alTVEeP7EhJl^swDp
zPaSyQ(?TCpGd1zRFA6ZXoW3VFt%f9CyI?4i2?pk>&fl&FP6e4Srt-jzTca^EV97ge
zo{9Rd7~+5pH%3@3Sr(;gjyCzuk2?uL6TD>9fJK+7%ts-pb=le#<Z;{${TYa!81(W6
zuAH8TFR3%ED3zN8T!)cf>`h~tD??hdonC$<^L)#XScd(c@L>&qvWcXES=*654-t}d
z=+%{f5;YQXYMQ8`#@-UIh8>FH9T_et?N3TTfNEEm=E~FE$C8nCG!9jgsg#f6yy?6+
ziiwwoaQONC)GIav-^Pb)$F%S%YKLShIZa&hWxIe4KQE8WInUH&8Mo#g`qf|Fz!WE>
zjL&t~O=JfmRcYx`?Un&kfHiXrV_|O`$o*5^K(*D@{6;y-Tz6p)M)gQgsKQu`D^srl
zOzMmER_1E1W_l0#qU-n3t9g+Q21m=?E$E%}%XaJMx!&J;TC1d1ooTjBNDziroA`}C
zm)x$+{F@P7EkgM|(LjifTth-6gPy@&4!Og(qD$pJ2KaCMk;4esIhmAEKmAbl=UN{a
z-CsKXJKznoBoWu*N<-(OC2am8ks!qntPLwL4b`l(V1;dL9IK4AaRloOn1cuxw0SaK
z<zBuDF~DC(YA!h^C(}6oryt{gv_PRjGsWJ?{APyjI#eYNXtc=$(LcYE6b;mPyi7}O
zG$>ZJ-m$grnJ=j?v%$u*WYUqzl^Z*5s+HY6f7Sk;8U;Di&y1UzL;V11$^7XF0C`ea
zu$V^9xXjICk_sn838$$&aWrr&NS}Hg@e}%9!l4ho!{9w9_g3a_u?Ck%TftkkqE6}g
za4iJv1S_yTT&C{}QDw)$D=AjxUh@oB{#xri7IS{6)xcp@uIFglHf?EygMRjOi!wo2
zlK1R2>X;x>6?!L_g4hfoWK+P`Pu?@0cbhvqpVJynQy{*|@^Zi5=I1q}vQ|UJj>vvr
zI<e4M^A-O-`w$kc?i?jYg9K{RhV&mCE%f3`Vk(Rp!d#_fwW@21XbB>1<0}Q+-8P2P
zTd%HB6Gf5hjGn8uDzn9Cx2@qD8ZvNrJ1RX=Pv_^3a8kA4PIMbQw*cOir@=zh=PB;Q
z;*?L@#zaD0B4tginvEdKnCR`oGesYtf0(jlmZuBgtQGiereL&8B3Z^eIjxb+6K<KK
zI@VsEgG_^o`D&E?$29T|q=uv$636}Ia&E0iV?eiMB3g##hgrVtt1D`wml{YXhk5?R
zq#gFpdWkgc`)VCFfQ1bQ>T#VUn1WY1*OQS^A`QqU{ta$@N!Of`jw;$K`ybp??@vXB
z_!NjrkX+R(Ukgma$VAZ)$?&qVdR1DYqm!q_XO3h=#6Bes&D|h*J(@<%f}Xp4*g}W-
z<)~c~r{Xj%7x=9r$zc}M5A<C##1tw>U&po`$hljMU;CaIKt*;(CX>OKIc`;r`ASW~
zTih-7Ie{l!w9SJMB(f5sb*;kGD!4m_E4^F;<cfx8%Iq8JY&_NG0n4Fo^fd%4mol}f
z$Iw=nb2{3)0+lHbcTbwMR4~!VN6McYfJM5?!uo%U&=3zHUdY~Gox+Gg?X{cgLykm)
z6$DX>Uy>yNEfKCJ>~VupB~M}-Q_RP%dbb>3kz8M7yoRE}LPYk-{~je43Te3-S`PB>
zzKqL40t(H{SuZVb!0cT)Z{@?{BKC<&<5&Wci5qxmD_uD<)J-pb#_HfJBQ3CBfLysd
z73<w$sxlzI{|>5&CIOEwV^$nC6p9o44t}+P83Ldw0iy$@VOQ>HO5W6F2<(=OaOll@
zOs+3s9==ri^iIFXS+TgflBEbp)wI%P`W7UiEoP7_qDzPY#cBHwf|oWI?0<FeEs(3(
z@UsoS?7JXQFW?)gE|CYuqYF>6WpsrXuZs6n@O<AI%<)a!zV%M?Z8;cDKRlRTJUdv!
z1>%~%U?!rwuMNA_v$hw9ISy)80|h!<nePI^W*^ST>w+kh@OV8Pq0FyNkg)+3W&3xY
z{iuKqKm>zr>?rlTVM4+kGHUvJq~Z8tC}g;1`mU+4+XFNAFXY(m+3{dp>h08@zo<u3
z)*?lY^XWFh|KW-(Ulk@)YOzt9JWWW@085lNmspZLSi;?>5UkCD+A;ga<$POpU#~}m
zTZhs_IjPj~(Yk1ZRx}$Tyn~^Jl2k7sflKV8MS@iC+Hg770<`<CfyE^B(MUqESupLa
zenUY+(_+x+;&+k`{@Z|>sRS-B0h<M<Km0r)9&Qyh?&qqjBZVL6e7+N`QY*pFftOGC
zuXu&f3tcXrAS>sTG%TEgni&%bzAC4<TJEjRZmwBBM?eGxz7Z(R&s!3l5oBMtGiZjn
zhWtGpE%I%%_0~5<s}y%lG!ueM`W9xs&1ir~Hhm%T)Wcj@{+`GyxmmiB$rt{Cei09)
zu>Xo8^6YT`^-bQn0ps{`{t#se;J1tT+qe%RXKVf}-}d@+p;BuX1BZ8_ejjJ|Bv(b_
z7|z)i+Dcu8fP3vxy4kIJS@e4Fus1uG+`O-f)Pi4_j#Z<B7w~fA?>zXkR$W19qIQEb
zLo|kBdI<8;Z|w?Hlbf!|>Ls{jeQA5NNVt<VL5gjCxG%+)fUQTCT1_8Fon<eS8zNVM
zhVPoMQwZ3TcwS91|2FuFY?etHX^=yxML%OG#70BY(71lBPg8*{1#@kl$60t5eF72m
z8@5LlUd}Aut*lU0IHoCK2Gl}2r?zprXplU^?U5e15*<mhzd~Su8hhZ&dYPC9cb}Go
z72*GQ3<W!1g`^h-T-yUFxV}@T3q5aS&Y)}Q#(s0t%vh=2$>1UL5v-Aj8CR{mxkFiw
z<Mg`2dKNvQA4dZ{1s39Sgvi#lomO)${5N0ZzD$N(#HOp+H!)U$mK(r^0vAQ6b))0w
z3zH6F>2fdb{md2|xP0ljpur`0#w~N->)Y@cfsVzvb0<E8;v%rzdSQRr=u-CpMW7p=
z%iIsK^(1~f)?SBE|Ckw$hNhUGYxCFIq-o@93~ThW(~|cvR-o}XtB_A^OGnxIQb+S(
zZB!$F^C4YH2`ZST)q+Q#6sP1ImKp*|9^AlFP*feu^f>5b#2M;wqkDq&l!~l)?M12e
zL^!NM1V<kj0pd-ij4VgO`)y^lXK+bz=2QKDfiARF&!&R^ZZ*zT_4)I$pJz*Nl+tY~
z4ctf!_-G!IPClp}Az)9>7~}wghy&>&`q{$!yOTlLQk(iic0ctC?97uZ1C8=oBf;SP
z1&g#7cGQveSUJdTs%}Cp`pEI}A4rase7_E>#84-`1u$Fy5xsT<jD{|!!ZAW?u{Zks
zvy_Y9V}5)4X$ulEw+kL3ICtStA1yk(dCERY56~#f^|;{!#5ir!KKm?cf7~(pcK%hS
zdzb(6$#+eL7!Idq^bfpsu*-0wmzkQn#D5Ek&fJ%CI2B8{?E#=+PR|dfnfaOacDyq%
z>*@_WAu50+WqQCp{G|^;YtA>Vz0N}kPRWfx-WgJP^mtSINmkX-iep)Q=oCRsmB6_=
zGM$NJ2`}tUUd)+T8T3eRvQG}vng9VP%Vps50~4Fdf1AZ_;=)A8E{=0|$e!yDE`vWP
z0%-ZAE3mFee!KO|jIMimxktWF+A1`o49O7d90$gy*&2^5yxXuznS@39Uxp&bgO^8L
z+hkG=zTcf_VD;omdNI%+L2{Hy^~bZRgIq+j6*SB!3u^DK+-JoReH-LGnnn?bynDm7
zi5G&n8dI3c^?M}UyCA&F=<q>Tk|RC)eu-9IJY;1|HV7Hsz0J)Ad3b$QtyW}ZXdkze
z0n&~ltX<f~SJ=CU5`8{BME_*Ts{E5Og+q6zEnCRfOt;z3=WB>5<oh{(nC#%48w<4>
zPXqk3U(S5L!i$otG?Q%P+VKX&48dH7oHz3vwzFPpT-yp{b@L1b2lZu=M5EfHk)<xw
z3=LQx`;f|-50$fr_;TgIzF$d|<iHw%bAxz+JKR3y+$YLzZA-d4KRf?G%n()C5F20-
z;yUx-xI)U9hI5jhJNiy(G*L<6c%I-wM9?}@q&`|S-u2pzVES3XP~w0o>lv2V9r%&N
z>bb^>EluENv>5B{_c{2Pn0|aUp~Z+USVIk_v3cw<m^6~x?j~MGf*ch1>`@7fDZ+bz
zN4JXn3-|vnR;ly@if0sNNk2e@J0927_|0lpGoBxwranLX%Y433v%9&_Ao<b$n(1nX
ztwWhe#7+DYBL*|3Zzb1%SJ~wfL_<Z#>yB=B#D>(OcZu5en~8C()%W9muEK>>z&>1Q
z#(pY~MhEBD@!h-MjfA}J(Ht7U$Bt_fDO}HSSI<?EG8|EC5Wq$lrf(!L^mV||LM5dn
z3Y5*%9;Kz@F*I0jr@iT#s}Hv2n}{6T$u?_!ABSyT$g+Fjovr*aL);+P(h%ytpQ`?@
zKo|l&T>k9&6IV|f&^(Cz&s}F0@xJr(_~WY2fk?4sM{o6l7ezx<-aQnkaOjCxOBFq&
zRQYj)LbKN;mR5Ij3tpC541Ngua=l)!OUM}Tj>PJz#)u=W*~U(TNWZGS+~-JGgMHO$
zM4xF<)r-xBW8G^opwCUb3i*O>`=q`<5<@`n&UYC$XMi|`9!n%Eu2rsJKMj|F3a6Xg
zp8u@!><cYtuw36G{^<j&K7uye*|#GgiqjEEOr>WW!Be%{a@GCqtDKHUIjWHYhmT$)
z4FO;mMzDVnW!VR}X<77Z8r+lI6F=RK?cQ0U^RG&EmHg7fjlZV?aWLiw(l`^5DygPJ
ztP#xBSU?msLG(AD$M~-{lV*zJxJ`PZ=uIB4MVop2NbaDUxH>?FY%n`$rB0^%I`+Yq
zqy-1_{1$B2KJLOG2N(6;6Fsm4uEu=+bP5|mC#Skv({dqn(s1R^4&#eY2W;j0<TRHj
z4Pp!G$T+XF=lX`2Uushe{nzFUABZm<bk7=etO%K!XzHHcuA;+{8;>U%Y<(66#aWh~
zmGd^HcI1EE1yT_w=N`W-oKyXj9l|WJ5Yb6AWomC4i|?z!t;`KLmb{T=aWk}2u5D;)
zP{wCSiMFl!6u;r`*~mn<YEQdG*56=>dFw@rNN}_e*tl^VvMR3}z6fqZb(YU2P0PdF
zIMEg!irFjFcRel+@n#X&d?81L)hMk##+Z-i>~nt#IIQ^b#JN+vVZ0U6dXtYGFSVz`
z3DWU%>hnuqaxqR_n8sUHIeEptAEtYR%ok}K2KVIs+PvrTQwu|e5TL#1tA}xAoLyzl
zmQxp+aII&Y$CA^{F><fXAQHKF1G06tE+vK3b8C@<S`x@J9p|n9UokRuCT?eT!?UEW
z3gZD>`;v7RgFS79ne@Q=8nUpW^9NVf=;c=QYHxZW>j~3ZMQv`vNHEMlq0+!Lw1RK(
z;Z~UBHde@<Zu#|3qD_aY==gad>Ggp|ei)(YHKe_Hl_uxTG2}q^y;-Whpl1Jj`@7yB
zJwgef%8zLMxjP?<slh+a3OiYFk(DBWdI`)gUs$@e5cv-UOMNnB{6gl8GMI!XZ-E*s
z^^t<_xA5yumhY&@Bou>Vh0t|6@l!CyEkF*?FgfDUdUL(k*$7D`E9{?$InUC$&lWZJ
zjgT^1BT34*Uo+t6Pa0d7^lV&R@skHlP*ZnX4RE%|t%sh6fd5m76P~KxbL>uDfh8QV
zTux9)53}0znJggI@pOjL_C%4fl2L-x?fS6B(Fq+IOI&wFvQw8P;~3NI#mBX7pyf|K
zMWxo}#U4Zte>nuXH|H)9M<e#{7uVy*by%&non@^_#c;pYLkD@YVW917!gA||#bIiD
zy5hv-%H~=lHHxnRZ$Ps%sh<F?Md$fPbjLdWg+8X|jXjJ=aj!#p*XSg0?bd6y{we%s
zDntPjPu%PbFE#ZBv}iteD<%vG%05)SJ!T3AL_w`nj3W4w6%cM*T2}U2bL*E#m&G^u
zuf;?|L#SX-w`#JHsI;9v-cEKUj^KT4;oBy3Yvg;`!Z2$Kx2T_@gaqaB@%8bsX`-p{
z_`eS?GAn{_{Tx$PGET7=;O%H|Xsh_KiBcVSYWXeA&!*K+KhGm~iG=|~LI{EhBOt|M
z%5bG!hH4`h&3KQ-F#TJBm&Be^3ZBB3%^wx5ScZx29EKG(@JxI}SZj}_yVopMsxf!F
zk=b%_C7b1p0O8GcOJw#I1R0Q_E@yaHI4BshB}CA-`V;(^G5KhH=W%qMnnvrM3Wugj
zAj!IVe*_GD6{wL<alq)16UEwaPDT3WU`;n6FE!VphXTaB`XSX#A-67-eOI`#i{&5q
z|CpPwmx3rdpW4o4X{NX?KINL#u(;dxGCue5B;EtH%sP!9j^6iVRhOH^RJ^%?p9P^T
zJ0Y`U|1GD76xnBF5Eh;uF2o{i6N!%t;C??Sj#4J@#1{i@fik5lGM`<g1x9Mn>6l67
z@4t*F)neahwkUKWr(b*gyBBitecVyYr1FN8no;gUXsq2y_hrJ5{hF8$H&4!L@x)Im
z0v!@R$AfT1BnN;f-1}?R$BSiCszZ+t;T?j7Xvj034><|04flK=$=MHa=F}R-+_dDK
z^P`d%(|u|J`gR4V?8Ox^<I)@M&eL$GJ*dO_#?|dLtTDYw)Y*tViXEuc+USIc#c+i4
zosAsSk6!rwpgdzGg)<iS_uVzh7-z>7$8@mV6ppO*6skVhYpmoc-}F@IhvfDcNh7k(
zItA(Y(2!8a#gG%%+HgQepwu@rM&*yrzuwIYelei{NI5=kG!5=Hli7>gV<3T!`-!E9
zOu!pOojSDr!2a{&QsXRnY@z8->nWn(J5KDD=Mp9(LfmYHh#p)m4=c}=JOoGn-z^=q
zzL1XpG}DSrd%e!E3W!m3^dFi)y$%T#BE97%b4dqh7g14vT<Q)FN%LwgA5NZ=j`ejE
z*73H1k%Ik-r>kNO1WMhBH-6<xVzrL=ojuJ$NC@O#|NHo*2NimsY`=^O;`1tl)5d5%
z@hyuE5%tKNeLa=4echAAi<{5(W1h(VFt;B~+adBOgw37miTO^Q$)LVwXANd9eZ~U$
z<r>w}GsEJMw(sB_r~;4Dwj-9RK-N)RvB5I%npjr&nAqoU6sy=vmWXBlUyQ>8s7M%$
zzNd!y1wWS|%mfsICcBvMIl=9!%qh|`-!4_x5tb6#MxAMia)++-0vU{x^;?KkVk>XJ
zszM535+$hToRmNh1#3b2a<A^_E{I4hA|k{PTiHyP<gw-je_C_d8`B{{yH(NI@)DrU
zSW)(^!{-VR$eH2(Zkr_&vlHR}0twj82F2+7VtpTK2p<)YrjHCe9~shm-%g6#+hNeY
zR4;KkizH`#aF+0Cf3POt%e*lQSrD#kgvUP$Hn>F6=5}kA)QkmRT9=VM?L)u|u7-0}
z@K&deXf1;4^Bxqn){#5Jj$a2S6aYL(9EzYgoGY2Dl}P#(>-ncNpoe}MF@tv)l^H4y
zfA|2GHX?JjuS9YL?M!usDMy#$f}QnVSv(5b#UIL6*TmucJzl7wZ7j&J(%-pEYBt2@
zLb}lg4stFUEZ;8!R}f}QC4-;vEbUW4F=;!0GG9!F*Z8eU04bU8*0I1>v6Q1kslV&P
zE1LRR6=weMSO$%6&+QGvK_nH*k@)?JZ6cReHHP>K!T-lD$rVJ^dtS<Ny5&C1VIRPt
z%OMJIjzpzM3>{#Z7lRnHPryv0Vi1JzBajd(X8CeaP90X9#@&H7$XR&Gh<w&COhCt8
zAFi;ssTfL`3Bti_Y{1!dXT{PK+-+-s)LWQ1526M8iFe{7d-o5`_-bWKR<f~~erlI{
z?RhS##;S_P-Bsi@jQ8c<9EG00_OhV9jXoJHOEG$_B7z)PM5+~87VprOS=7IO`63QU
z)<r@&2S2X2b?GNcrTPDTqiUKjTYOOSoiZqR=PXNzl&89hP9W;2{y?x?ww&ghw=1Ns
zM|<PM)rvnBxfS$UoDTR?rRg92U!fz-G8Cx{vYi<v>9W`}*OTU>SaHTtr_@Nh#vbyy
zMM9VWADGs*Cx?r^N?{~`v#y#+=g0~9_KQWX6};qrN^*CSeN@M(uUt+-j~;szzmaPC
z<2foV*UQH_)N9z9>kX2t8EyV#!hgAjVKyPw8;7$Sp?aUNKbZPe_U*F7=0OZR9DxdO
zAU6_Sis)0`*y4UbtVzi*o*xFv4xf`tWCO^<B*REYg+0)8T*BG=z+GwQhg&3}_Az@z
zWNNRq%nUZ~LYf(WnHQ>?xXjivqR?srODm7ofZ^<MW=GR%{#UYN5@=I*2iU!%GGOpX
z%Q7AncpF%zZKC>L?4D0#Cl{V5JMr>+6dfj#C}LqsZVjFK_=X8A&Wg9fu;2F(z?502
z{4MMus=9YTZsYjRn0uETDxTm)Y$p=Y?){j^km2d*RlPU*YA#!$H!9ZinE!T0(2J{I
z<Lee9$Etald7*}hnP%3z?;Db|sz3LkXUTVAP2X88)Z2TJAL#oi_WutURqxfm@|F(#
z(^4hhSYFx0oHJ#j&tg_Ve2D<^wB2-Bkgqm2znBc%3gvT9meGfjhA7lHR_abo&exL;
z;lwK_cgAK>Dmcl<Px3i(+%HFjo659Z^aIi8*tD%vW9Lh*4N^Zpu=MjtZj*DaB0|jz
zdA4+K=@LknbUrb<m$0X{&fIc*n~zu9UtmUINnXD~Zp~`oV<BCJ=NX`1y*KpxI**4*
z?n6?=h;DsQXhp;imWk$sVRtVR<oxmG+5J#jKd^iCq$0n~(lMVeTNq8x{Nc`L$kzuU
zRI|(bVqxiCv4~-gk`J|r3>lZu;H+d!Y2t9)D90BuJeNM8+PJfKmmpm(-KZ&|&#*uD
zeo9D*f5;8JHNCa0+5@V``HR2SHk%e#Y5>h!zR8nwYF%-36GB=1u+I*rp;&bmF}8$b
z!X9nfSKhr5^iUriBIf-5-r=Od=+6$V-8;Hmt31fRP`{%Kqfg+cm-DjpX$5{8&%@TK
zE>A@M-IJ1Gm2}w^TD=41U|8*R)%N97{%6M)TU*0`Bd7D819)u)ifmwV3>um-f~XM=
zDVBEqEBk_Dl-=xGi2_d=h1i<#s$7IZumR6n-$uq%)=1K#-g=(#s$O))>VI#;EUAU{
zm<5GQHp)!$k!^>qX*dog;&a6bwC?n2cZ9xHAJxg~AHM2)r$TG6+D936Tp@RVzirC=
z{Ei!q9!0(@D3K->13+;|%#6j5cmrE@YY){P)I42CJc`AT1`cm5oEv^zy8pM)K6Lon
z%}sjTWtfyPW(j)EcZTBx7Nk#T`l6O_FR?xxz!xqRf}vJ{y{ky!786%DVYo&Hi(8@@
zB)OA7T5v%G-%Rp!-0R)F#T$!}2e}6loBsNE6XYRMs)sS(SW>rXGYhgLF`5sR=sG4`
z@H`v}Z>Gcm@GtkMH1x<TCE`4o>u(B24EjR};%o?!$EmMp`BF|F=|q;&9e26}`odhS
z<?3C9?Pi(HZLV&$`r|*iyI-K6C?W~?*suamlhA6nu+;19IhV5QMWWzn9u|oF@oQ6G
z?@6o1QjdwBH`{kYomkA;Tc`+~ox4CT67UDuukQeAVbKewuNa8pG-J*0mHO2;ONw?}
z&6|JO9DR`RB%*oY{537)HH8eLBcWn`NWiPbC3Fu3*ks5g9o&UVBq8p%Im)w@`?baD
zvaT4lp$T+!I@9^`%%e@6M0!uQv@c<tL-g_hru{kp&~imfH|(}lH4$0mm_|=7M%l^m
zX9_^vu-5+#;~6;}8aX-R$Sd8ujoLf#Ib}B7Ne|+JNwJibk!uo~^9w^MwES3R?Ld0f
z6-}Gvvzsj`-j?^Mr_4yn&6Kv+DsOBnM`Y`_M`%dTr7Ef!v<s{Z2(3oHrXQFI!bKKc
z$<_=TVp%3^FT`t5@JcRft_STfm*yo7b4_zFC@g%f+kDc^fZN`q0xU>B8at6e#CCGJ
z>R0ru=KTQdu#Hi@O{>vsxt=33zg*NV(KsH13LSo|Rf?Aw5RdWgmHjICAn(IzW8y?S
z2H~rxyCL<~zck+xkK-`}P+*C42^cXzKWOkjOltajcd@fh2hJRY%jHp%<V7;%h27Wk
zr^Xz|UCL*hbZ1DlT9*u_POD|omX}G;yr{$MC?qj&h<n}nixZR{ghi_uyW`bp65;A#
zq7b3pwP8#WK8W5mGXxtmgvc&V%MfjEG8C`y?v~1|pRyCL`y)f8an4ijw0YpwP&0#n
z|6NkH9uac<%phmG{oom|sx8;sM*L=X-OjRUI+Ywg@Iy!9f4bKr|9(oBAEc76X5f8;
zP?DKme1n$0UEfdKD&9KqEa)Cj7Ac%u{?`(1z3Fq?q`gBO!o^nZLV|nP%-j9-g>(H|
z9FIue91a5<p2F3&DCWv<TZKfg-pOP*^gk~DPHa!a$U&iOG)lq%P*EBi*HSPHP=N1F
zH6^TZk9P6R>)0N*nKY8BL;l|#clzR+U8yA}GlhP?#BBTOuul5d3yYTSnpjrxfF&*s
zL`NC*>Y7ki{;=49Sk9k|t%9K9QX5IQtNz5l#^WVOE=N8yHNXCeUZA{?02antqKk{!
zRU#l3o0ljRyEYtNns6u_n`b;;pa6V+M%EMfe<@7(LN<ZF+9r>iR7*>35cRL`a5e9h
zfO5~gcrIP+{Qv<j+`TMXw1xYN+HOerRgL4@G|wNtF6klR+!4e26~$J+85F3Pl-xrL
zMsaaOVm_t30Y;zsn5v^iF^q^VH?_QU9^Z_%HN9&c-P9rv4r6V6<3VfH&G-jc%Gcx&
z(!7?8)kY`3aZda~g+P3v+Lf-ns@Wq#E-~VsE?vouO$e%ps`|PXDEP5iZsvzu-W%B{
zBEz7s!0kq9E*9pMhu<rCHmqM=$s}5-Fwa-=JyvRk(2kP^8eaI>&2Kzw?F*IiZ)l3v
z*V^$AxjHYmv%}C&o&!0?&ryKJiF6{y-tnVHk^wPZ08)}pm6sk#!CHTI4p@$ExUw5f
zLC&lbi}N2U>0%`ve)x8GsJS90f>3mY#8e9sr3U{m&BH@s)q-{8<RV?H@MQ(7V{NGx
zxjHvD_M^~G6AK+$6uA?tcyZ2tj>tVm{eO?wFi%JM9{y?lZAk!4kzrR`D@!iU*-aZ;
zHj3KuIoi6AyT$Pfve;qts%D%FDFk<vzagX85vn88HvDVha0!`zGo=zAS}qxJF=dWX
zMoW3(k`G+ZB-w%OZk6XKFwUAgshsA|uTv?u3FuR6!_JH3!mAw)iy@>@54+EAmv>je
z_9pd*pjKQ)JK*_h)=i1o>n%;}A)@v8q`~L=pX%q;W$04oic^;wyFFs(yg<P<<M~kv
zE-mjA`he&=@N1m!A36n|K0co9L|-57j2TK2M`$HcI}8F(7c`I`&xoD%%qMtj2=EZ%
z@Tm2?d4I;X-dZ5eMy^kZ0W&&dgYXO8T-J6tZiE2;ojzS5nrRFg`S>btx4eT$MtPG5
zd4-{0K-(khsbNQ{e&@@H2ALRqLL7jXt)lDa0u5ialZ(p4lm8WW=J8OjZ5)5bY?jj)
zMzqKh6_Qd>GsZFsMOjOQqLniu%PU#(plMa9EYnezG0C*dP?4pRCMl#rlxa~>GgMlQ
zBO~(O&z!B(`)WINjz8|t&+q<Tzw5g1=bz_e`Al~&eBsW82XO=3pQF~FEAT9^ULR9?
zSFqflecLw;?pYT@T9I)sa`C2nasJH4Y@8N+XV9=hceS5+tau6d3#b#|m%4r2X5XJH
z&cU&LhD(Dto!5TXefM7Qxw@g#;J+X@1YbS(pjnCicCqOqIM!$&d+2b>>LGaW(ySq!
zcWUpdHM58>;fJs9T1t~%sm5yC-`o1;@k=QjxuF79sJ?$M+nlDnv0!Xg%d;Mm)mz5w
zw+irzHQM_-tt-zYb0pd-w;g(<$u-aPItCmT^{T|Y)1$oIVKJnVvbidIXop}4Z}!mW
z)8(B^W@lGj!_>kWjf2^~EB6;nv%XL@-gi}8+#b7%D+2@LlVbNvrHj?2MiNP#arfGe
zPT?|9mvMc;nHu4;!@mBsp1uJ}U2NuMX+*k|*^z^rIJ#SAh!KNQC+Rv_qx5Kiaw0ZU
z%$&f&>1#*CWiGC$e=4(XN+VjNloJ4|JtQ5Vbj4=gWCpOnMOs~`r}+ABj?0XwsP7-3
z9E#2SMH*o)rF2QU*4L<SipyO1zkYW_OQ-O*sB1kKu2y&(43|=HhJ2yk+}A%mE;Fd2
zzGHxLH#SosjW{bh8Tx@Er5pm$l8Cb)qN7V`eM7++f$(;guRoJX%*BnGAaae2%UoVj
z-#b7#7n}K98nIDIIVb6Q)*Z1CREWEtfu;@2g}GpMQBQ1K=H`m}7Xy^Hv6+L?h+Zir
zCVmoFFa}cFn0N!biY6@^$Nf`_@dw>SfzMGKHR-CDcq6-tJ6e24S^&1qkrsu8oM=1p
zpc;4LIzxUg$#_9vSg!}eTe0vNhR}Tc@SxgCrkpXAR#jx;Z*A9?2RXUem~!iGyX-H9
z9SS$uCiy)#oGRxhN*#ro9(Hv%G=`jKAHU~tm>%TdT&t3!m;X$@ZNEn}rmsf9It<!(
zn5d7Juf?v7DC}j7C-dhy&pv?OCt~Q6ZRR^KJ%BzaVoW6S=R0pYfX)#y49GT)&Ib>m
zIU<G;neXUadH`K0+7<1{ze74Jf=pmC%Zc#n0I5O*O(W|rAP`eXS47ZsGHU^0S_-LN
z1kEJtE+n|7kXl5LIhnPP5Rwx3G+!>zWk(8HBw~=s@y^bi6!bF@!-5RCIM<}0dqfON
za=eT4;}rCOh+$2JT%F}p(HJp<Mviw4<}isTE!$lQHmM|4F=R)ESGp1WQb}XPkOR5h
zjS!zo8ZU<ClUKSEa#Be~V#tZy?oQyRlBSEHg=KkGUf{^iWWI-UUn<&0%y1>!EOH)|
zhMp&8xRd#doM)$@UB!$=WShm#OViLx#SBj}f3fqXG_;?1Z*<MYJEV1D$cxPKBowBR
zg2j*zSr=YHXiOt*6hkY>tR;k3X{0zY<VV(BN+70_wuzxtWY$u`v~<#5F|>xPyNuwP
zPD&R;>&UESgphPnmKX}aqPz$@Jc+qt=tnHgi*V4BcvKA0u?b!TjwkWB7z)H*^dgjc
z5_u!z1F`L1s1GFk|LtL11EOQ8XO61@$l1bL^W1HAY6#Z`<yKiNw{@<9P*F{7g3n~v
zrKwl!-277Q?cD-;^vxApvg{pDLd7xKSf9xO47Ct$j;TApIMIGSVot&#?h!TSyCb-<
zOhO(`>EB%BVg2<JAfaRV@%X?A%NO&DyG64SQ>XQhMF|~cOXUl>5U&0+6To~#jz<8a
z$``63Tp&?Gqg>xV<a@5I7;zUNKnCN7QqR!x<FoyqE2KH`i+8z}VSG-=&qw6GqG2Uw
z`P9PRM4rad7^VsbXE$?#T=U7*sfr6Ed)=l_6Hx7+@F$g38|WT9Y3ZnNR9bCdcyOH#
zyT~tN%Wl;zKdMi69C0+NhDpoEk(gHbIQ7q5RODA$DU^Dubfm~iVU???@qr^*3lQ%M
zBne^7@)q!mGu$V(c`Y;~g>WaP9)pB*+n*GFm#Vs+09xsWE%hX+FaBLNTb%k`lGI_u
z-btJca^~(B34%&JQM{Xsz<)}@U)zr5RM4|+N_ns2%Uiig1wH9g%KIH(-p;Knm^3Ts
z`Y%gP_db?0J|C3C<2SuM`&iZZd}tEyVv|J)IBmNZavwb8;O$=Ud-~sy@P`9^;~`pz
z$U#RSXa1|aDRW1_i2a)$PBw<Q{0a{Td@^Bp07hmT@g0IcGZ!BI_#8foJ8`Qc^?I~B
zr-sBe*m{+EJ;R;TNa7l8b+pX9k!E{2tL6?n%%$k8no-}}6HcrHE=3h;ZC-OqJ<&Wf
zMxfbeNcc<OuVf!RIi6TNsp>dNIL7wmm=Lb+dlE*pm&~5<p>#YMA2?;D8@jYbRo(34
zvgzrij|0Ocz@G>nuI^iv!Jl)wZ#qO1y&7B<H*)u`(apQ6O*n^5xly|n$21?W<{UBQ
z#_ZlTCVP<;F3=@Vn_YROsNd8$XhDnC$XOGO>8??$neAMh2W;wzOuY)Z1Kr`J3IdFi
z0skX+o*Kh1-W$Tjf}b`Dy*@{px1fG!;V-HC4lMk66Mu)!zcz-y;MzWKhyZ_W@C<r;
zX?tP<BDHUnZ|{9W6T}2;*S=A)y|<4xA~t}jeWSATNQ3gym^)8keDQ16`8Yp4?bE%5
zY0Ar{g4#k3@+gy#NBN<oBCk1F$ZJkzu6hVp&zSBOqb-w@jOi$0^oKG(RiU)S<0{6d
z%g|bm_X|UNT$`6m-*wa<5=L}Uml3c7>VZsrXAj<^{#Y1%O|ZkMMGCefa#PLl@;?A5
zc)S4<C|g`gFCnM}QZ>AUKS_LF0RG5qpYB}bF$tV5CIVb-Q5|@7gPZ(GCoP{BflE(m
zK8yD0vK-vw_Z%#p!YmC@>2p_hcH-fZaZh_Z_MuDWaN`ui;D;MILKoWJR)X1E!+8VM
ztYB*_Im6<{i+mmb@a_GBYWf(F>m^XtKJICsN8=nSUFy;3L469=)l_=FM`JkkX}`xl
zn|*VFV8!VB4x3>`RmCvQYZqD>6!Fe*-oa{Ci#1k^zwtId2TI5oQcKlweUqKYh}NVJ
zdAK&k!y|&`7gk?PKdXP|QHY0kuBebZW#^mOw{E4&5!MGeDd5dZ@^+x_-c`Nwy70o3
z1Wo0!t*TdFb1ntZDy_7NOQ*<#&k25XRwqF_Iipowzx$CJ^KK#|j!F;rCgLQVh9H{G
zHMV^TmNhMza!(y|iAs;~CK4nZVGzyc8hc#{7S=UQE(bf8sq{#1qPm3hAc*F7jlB(&
zm?l&1t7EFE^eAtlmW0z8M2o-1K3am+ot|6{HfpK#7;oZ43Fl=HE$15h3aFT#OnIP=
zsiV?2dlOA0oHs!<{xx<7sF;yl4mJc-I_ym}mvDxHXl>WnxKb=@2AoW3Q^zz==?UIM
zD+vc5OoIgMiKSTGnaSl~<2seT#hYj^;V1{wbOdaBP%<-_(yoqarqZ{16P+a-jbNIM
zfV~b>m?f8kjhj^Zc5kAmgrgly^AoVQfeN!^%0qSi1tK@6*2Jov)TcYW_u1@sSQx6L
zYS;~PCI{1O?X-$7PmvFezM)Z~Q}e`ab!+0>Eb7zU-uoI;9JrxMwuM^1T$v(Y8GS>u
zMCXStx5(B+MmCk6?7goq#bGd1DX~h+tY(TlDdvW5iH_?tw<I6uoLhPuJ21N}SNVTj
z!k;AmAD~Zb0`ZJYWbfAPzawS+e~YltZj(05?<e<Y%3DUR;7hWbd%_>jC&s-Pi0`!a
zf701_Mh9~*O0EH}Z*E}a(?*p`uvtTz`Pp+C=3MVgn3gfQpGtHHx68)M{m6SPvC$Wd
z+^i*^SC-p=J~eYmPn6EVj$KyDbDMpdI}<`O0s-t2z7Pg9o%cjyGgn{+=woF^8_=d^
zLO^pmG5~!Op$ld7lJGeI4h#m-YXl<z%q?SqXtP-WF74O`U}0-xXTqzDu^`%42Cqk8
zhF}VSPnG3?Wb+aL*L0)<_;za(7#cq04QT&xClDPJ4CXi@ql*#xlzAkeZ*}Yi^xal)
z#E?T40NxPp0N~&kAi7F04n&ugu|f1K1b!@o@3kUBABq8RWVj1}H@pDJB7r4<&zI$c
z<XLY3+}Dw11uM^efY7gGG@O)ZrHpCI&1pcZlp25r@+OKPWQ)vh&&}!DZQ!H!pG=i)
zNr}7}4@2A<BkXldW-s@j`!KON!rs87ua?5@y!eEoH%j9$Z$@tD#bfvNG&K%eDOWv8
z1Wn?7LO|MnCFg9sZI~{IUtj`bz)V-Sf`)EoL@<-F2AH5qYzr=u?;{WBpOk2T4oB$q
zCJ0==^+*Hydf7ezQ#B^F?&<S!ebKR_0V@vP`xO%Y%DQh=2LGMmzrhgj$F40)cCSAo
z_xh)FN8|)C;>zUO(9`v8QS+`gYrZZs=G@n_Vy2!WKMbE=cIa~?{3Y<;VWTSVA!7$8
zfU#ew{~_V`^uHnD4+r{(hk*aQim&V3w5h}<*2FMdsjBlpciCSg&j4|EA?~me{v`2z
z0r(@cImw2fiwytWB>WHb_*e@VoGubMU04Zn(Bb9P%#$;swNmpZJPfys@)~co<ZnwM
zk^qM<MABsX8%Tjm%V<mGs~1#XmmM9Ltdbr0DG7g)cn|0zy|atux%6qgF0*R)t?KM&
zz_J#KNVgM2q}!KD_$%s$Hr(5o!rr+*bIGR3BTV?qLm$1vwzbUjNG_5alUuG(w;Xd0
zgYr7>bQFA&G=D}NMsAt(a&4^yXC&yf8#*fe`SF99*&2g~IwZMpGqd~xZgdIn0`9mv
zdT_N~iFXUmqE@DU%EnisWoiW*kH;d48Nk7J$Sk*G_$HLhns@^LL}sa;#Jl`zt>NM=
z6ac<VptW|l0+YkVo6FF4E`BWPEpw2IAFqvUA6wH5F$Fk?cis>h1^xLIpKyg~#luh1
zMWD=gMX13V2-@PS0O|e7K=G)Q792CM1*gwE&cpv8Yf#3+k40b4#xrercr|7h53eG#
zhk%VrXO1nvYs$W-6yV2FayWR%H*D?t@Tn%q>gt4&Q$wqP2J#Tn*3;EGpM!!RBQyjl
z|E29tW^w^uOBPfJf>0}%*9!24vIFI{k6o$_iu^DTMEXmSBU7yqKM|L~#RL1lnJ6^u

delta 418945
zcmY&<V_c@|7jCv~H(}C*X|iqGnr!2VQ%!bFZnACLHQ6=UHQAka|IhjD+2>Oq-aaf|
z*R|HVpOD`q-CHEciZYN;SYTjaaA2-l1aZjS@Ss0hH9ZU(h;a)fz=TyF3tF%N^@H75
zEiq>Bj);yIEeDp>*CRQ}^!~Xgp_T33v$E!B%voU}+=+3&wlVcyRwJVJFD5-kuzs$p
z9e1)zwl0G8k!Z{)In4^f!m!R38QXZBb_xu***>ULGPCitf=paaPB4RRAH*@0zvEkW
z=?XyPlT8OfL}g6}1M${4J#_CDJ%{5XKQH#@Sdd0yV_I0ysV^q3Prmr9S;puhh8;^I
zd?0dQuk>RjQI|_qPyfDlI6wC$0oH;bhnK}*^E2W)c~hW1Mk%uZKT3tb;v_kl!Jy9g
z+R>cxxJuB>wCUuH634MMysow&F+^jRvmY_1vUktxye2KU4R6*dbMvm4F-8x7{Qm+~
z2L~|>1Mdb3)oVKMuwue894#OjPyL`#&1arDqx~)Z0me()w<um(jUZW-LQBuKuEW^`
zoGdmRU1}FCKc9hcb<^)RIv6}l-)~9((hVLR>pCWC;&V9vtsseh?{nZy`J7+PUHG)3
zD*d+cY4&`N^!)DmSzvul^(b@c@>tB1xp5{rr44y=Ou)T~(<}?O!~;+%42@bkx6fE+
zXkHHI*u>pyZ2fp%CUE#w#8~Z~r-zLrctSgL<<j^$wChF7_s-Fx!0ZG6Wt7KbD7KHW
zjEd({RYXPX;Bocx<$9mHv7VpjBkVKk1nk)Mom~}w^W#|d#bbqL_^ZK1LD0)}Vf0Ii
zfJI2VzjXA<O8CnjsXnj_XmcsCsK_7Z7$E*BuzFoBJs)KjIQ@P~<LTw;do|6cpl-}K
z(=j~v==X7Kf_~4MYvb#}(>0{-jWz)1&PO+<fOe$^W3<bqiiU@n^8U!6AJM@3q(;kp
zByfA!E07_Mnso+n2KkiPRkTkAYizr=yy?W9UF=G|8=6rZgaWs3H(EX~Hd=m<N^_hH
z9_S^r`FpL(@AkgGLRYV@ZxqkQ<jznzz2CtWk6wCKuyk%mz5%x9UaOqqzGo|oCBB)?
z21A~|TPMdGh_jKl7lhg+gbu+U8mfSELT_fDO~gDj0l*nDkXzh=r0-ULscwlFjiOv6
zIOg1lg<VuN6bK^;3DbuP;6(H~H^ro^H0eM1)a&nuWIo}{!WP+meQG399TPLVb71+P
zVa$n|{CYUjn;rhs`C70?pmlO%tE%tr2U!e>jQ1VI_rPfq7xD>6D*-QIGrTJrC!|^4
zpLah)+5LJAe+<p}y=3s4u}u5~{XBWdJY-42X3@`i0uXgAcSqgaJN+bA=s6_pJOCcA
zD_@Myx^-Yef%c#;Gm8nNyTD^o6>8p-{U#UCIr4sWFvTtEyW4e0xwmdf{J66m$I1Hk
zhsw#&ziaYz;HZ;Ws0F|KqXeoTioTz&&2Q@Fm5cnASjx@!J;tiLu2YYvk@zajlX?5l
z%xe8jApB;wwfGL`Tpn}o4Hz=&T==t9M80EtYYWv!IDW}z?x922?%apk&?CV45{ADq
zuW{sVS7+Ti5q<Qzjjw5$Z$nxmd-qpJ`yi4%OW%F!?}~_Z%<;=g6l@o!bvC_L>sFVl
zgBiZp;ANu|_}Qbtr+^FrC$x2e4aTbX9&ct+fR|jQq0>Sx)Wc=OK6a{0f**+Rd4s%q
zjJcgAUALNYDf6AJxRY&KaoK(OgU4;q^T*HcpbT<d0+saYk#P6=B5rE)cq&MO6aMif
z^KI=&ciTPS$o!!&-H6-i&BG=$9i7Nt+<y&e_nLF~V3RVt3pqADz~_xwGK1^taq7t#
z7~<#j=|@5wukJ_s7?kVG+4uDNy9@7Wr!mIB|A(pMCfuXzeTQ%-rO#$qX>*b@0oNE?
z0L1SOZmQH1!roi^stxV?0j~*nn1hRw>+kCpTmuzImG<z91(IV?8S3U%+%|BRkiJ7R
zdX6z3?~>6kbxYXKut6t0qpnl;u(Q<f0OGArG2&-FV&~p#Uplr#<Mb4m&1^V>v_q^_
zV{dB*UxT*6uoF}sKfr<!#n_@%ft2>5tJB-W;aRJ#h3zI?%8cLK;YIRGCsR~cJG3jm
zrYp+>BVCuVv%QNhdbB|2F}Ld_U1?p+mY9MUp`~GOr(@>yTYpp9%Sy$&l3hpxfR&B-
zXCPQ6$k>+#9Kv`ccHx;~JxML?qT-_InYd}Aqs9+ir*l2s52GslQUT%a8{FM>$I{UN
z2WBGr<nhY~BFdLHZFt1<YLa(-WPQ1hpMA#ce;4v4hMLFMU?#nYK<qcTE>()D1^jB=
z$qpH)aAACqCvo!Dy!LJJt~QO`rC01h(54o6n-ZzP^e5$hGU{MX<=4CIh04x!Y{KL_
z{)n#SxRmOEe*K`BkcmPFWZ4<m{1`e7@i|&MwH9q(PFxo9L*z_rHb_A|eK@P8XS~=0
zFdpsNx*V5`(!=!{QWOMcLwgq$NlgRip8|KT5#Odi@shZFk+BtsHctK~-_1*dti?K}
zyYC@&_{|T4hix^un7f?KJ5kf<8??Em@wcR&Y4A!9IEMjTs7j$4U=R`){mrsl4C(}y
zsTUubsTbA%q(c~;&*5ZV$j?HTxngtkLON?h>-h?4=<?)qpkibI+Nb7h=~?$Tl;_`y
zaKXqXBnpCLy-lbAP-|_3oiZ2SJ0$O~q&h4ixp`ELhvuR*!ln>B+xzJoE*wpSGw?(*
znn@iY+;N8dQmcn+0Iut`adWAR0fzC}wP<sB46j^xM`I*MmOcnJhEIK?hKFP*4C%A6
zkP>=G&flO3QMpxLigHn~D@fgF?XlcxCBU+tD*IAgHAai{_SlKpy#Sx53g!WQieH)4
z^quHeKPD7s`D_WTi@{%MLyd$93CFhRnuS7Hs~C5{LY>Y<03sC57jxhC-<*~$Nh1@T
ztpPtvVLY@`DLY4pexhB`Vs5dgJm5LD;)uj!!mmc_#dtb0kPqSFM~ITJPKI2BD)D1l
z+688CSAsh$jzKgqD2<Jp9&JbS!MUHxY)|GGVmgF|y?g1Auv)8CqSEs{G=CJpWu^Wc
zh=M)JEAyUprQP@Yn}bhEnbd-9?gy=VpQg?4nFF&}g=(x_zn8@)Vdh%fM;&gMh2*D^
zSj=EZ2%$-gztUbBb~#{pROgOck4bKkXJkY1y6@pOGTV>ZDqrah-dqelFm%{6B_N}d
zL)vXkC453>C0YWT;D`;~?K$={<G_}MlyhzFVs`g#sHZIL;7$P0aR9=3N;Fu)k@m(&
z(G2d>pK|&4Q3L+)@&X?mhQ`d(9JKbSKV8@API}ccm`KH6ueq&dq-$s#H-C`rW<Z>)
z6=nRGP!IusPA2QX91b58DAx@|@utEOfDmHT3)W?gC;`*!OMMsWjTkt*iqv(#FHXmu
zm$f>Fg!N^g{p{2Gr5<n-st^fju+Z?S5#n)m2!^eSkrH?gzD`JX+dI=0c=@17Z*Mm+
zley*H6EEWSaW|WuQ>k#Ff2g^0Mz<8)b<J<iF>}d%S2greiQtn06xR;^y%y0Z6m_IA
z=d~~8aWn0)VKTIpR$g+_$cz}VJ=(EHifE=#&xafobb~>(wr4;OoXvkV6K%NijF27$
zfh%}ZfqJSl!P7s(`{F4ll=t;Bv)ym?5rf(n>>}=(Skep6RuGY$xM@iHfV50zqQOM!
zPHw6QQVy(hdrfK(vbnyFxN&soJ|W4|*!>gmD70G?PGdpB8>O;O?KW=A1E)pQMv+ck
zxwE`)&>8x61$_Fqdfu*Hg}Qv+<GWr!_Ptz%KLi1fqC__-3J<TfJ7fgEv;;5gv*Dm3
z%G3O%;B<ux?64JPud3$-UXZ&M>tdbU$C?K05eO>j%T_K>tVAGClwrfpDs`*o>-Q?r
zc$Vrtsyo-Pk1~_4DqLw6?ztmMwp?`gIDzoDz;TD|pAN#hn4jJM3>m|Jj`y_152p@h
z>(F*ej;nrh+c=D|(_Z}*$o6=a>YkfE#zvO18Kc{nV9shbqD2HJvCoh-vAa8B7Hxgt
zufyM@Lh1BK>tysd>Xn9QPS7c$l_0OkaM1x4Cv-=w*HPKX=d7!OLO^<#`qGrKJU`L!
zYCq`*nO4=s!@2s`7q46Ad$zPO+Tf?RBwh<hW$p^Cs=Xkvw&Hoqds;?!p1AW0@0wMx
z-2J-mY6~BkCpaPFVc6`TY3<M#=M!L{O>z+l$3Zn6%+%}2>r(Q#h+O5rH+r+(_A>R&
z?8@yuLD9hH`cG%M1z<gpJaSQyRnRk+Ru%OHH|GoP&5rJ<Ma!l6=Q`r7Pt3zAIDZtY
zX&sC?5g<qo0?-d2unt)M&Dpl@7r297neDZIIzBo~0Pi5|%hzw8yDwI>iQ_4sn~#Hd
zDSjBE?yH~VZG=s6c6B>B9AJT2@x&1;`+s^|ReT2aR-MMqW7^RQlJ&;YC~HlL@-D?9
z(Pi3tYnDQyO#i7S+~2Y$8Xx#C_A+7D8<*yvRXLJt<XRZ-_M+#9@EmDH9cfR8$OR^L
z)*^iNgV9eTXqX}>hfH#_2c!~B!%07g6Co%O_5N*Ek)W?*chsI^eV}H|?E%L37H?5L
z1W1VTV#N$zB_CmaE)yAY<h*V)FQi2;Y_Ll_cBPc*HjcwLQJnn5frn%=s2u$(Zv2cc
z-(=MDYR)dfNxdf;ysQg?aysW_yK<nKYJg3^m5s~(W^er0m~*<==M+IqF`+C83}2t?
zeiSpjpZ`_{^ba9+z~niecgLvb1K5ON;UB>q^6gwfw(hD)7t=S&&5$ckj_paX4M*oD
z{`1jx&BfU^_thyga?A|r#d}4rDN8Qti5m~+-}C6DWat=IAr;>Pig$-s(7eCW(xnk_
ze^WNG966NSzr!+S-Qy)GkpHNFP%=7|^NwloR?;Z)xwKP(60pi8+N<3A<FS(#JI(H_
z$>QwP;W(udZXlEjQ%CmQnTIVt(KfLlQX8k(EL>atgG|%c9<st(XQ{%gYQr6+i0|*J
zb9viF#T@-r7JlOTFz-}Yn2Pc<@+tZD8?Qg?v0sL{dXQxi7&shL`PEKPN|6=k9MJup
z1~Jk=LCmBR1<XeuOH>+QLYGo_IxWQJ$7fPm>!!q9x2)CAP_>K*rk?j%Nkvo^uRQXF
z3l(zHr!;p9oc3`%KFhRgb=xq@to4tbu4Sj?j0la47n=oWCl{NU)w<+bqNOdjP^Ecl
zR>Mz=_5-Z!QKsxFey;QlFX!{tl<er|_DJo*8`Uu2K(K$Ofw|LNqrQNqF8{N41JWev
z#GN4&jt!-jm+xJ3q<&Q#(DJc@N5A3AtTw{k)BI!bFC+_Efgdl0(;?0l3?c-?<7;WX
zv4t7TEeEh^xUENvy4m2PaHH(Fxum@ms;9&Fxwu>zVp0Tb<WA_je%ldq9K!h0Y2u9k
zqYnVYABbi_w6l}cbhE0}?rAUd5wAfToihU2n0-@l`jC_a0pBmrR#zx}kr6i*7s?jL
zNWdsZ7FgM&1DGqozN(lTGopW&!PAk!;s%#1mCPwnFB@SNBYy1F4tUevT$aXFP*N^z
zbUKA4<2+h6JAfGf5)xlp^0CK-Xi`(1gBwU}VGB`{<GRmHd^+9Fy0|DMRC^T8Ri#X`
zNMD`EQoDsT&sXH8bzCJ6Tdl+mU;D$C%xyHtJB1!e18-3R#jtvBlGQK1-57+?r1UQ;
zP|T8TH#$pgf5x_fVpW3L8ImICfBQqejGZ<gp+gnY3flx{;Il9BrI$4c@Vhrx&xJJz
zlYXl&?byN}hyAGcB3Y<A@R{-aQCs2mLC9R|>e6doH!$^W`?#+RccCj8RxDH5Z0iPM
zVKGm6+C1#BWvhtiX=wFTK<6V^o3Zt)>W2C)&4JxQYda%Lh6va09G{S*9YYWi@hB)!
zWJMWAHnNL2=33y9aZdMuVv!L(4<7;t^KVV|-7kn7fuy6P?r?9-G{2ZfDAT2?ozo6h
zQ6ij}4gWAy&(1~vT+_Tev4Gu+`A-{n3B5QT#J@PwFTq_B;{AfN54LA+|0U}RwE;Jj
z-Q=VUhp1yE?E#~O%3AfL)A9_39aef%$*?#?EEM7ZoXl=Iln2*qWXr%`DV86qi}7|K
zUHX=j5+!QNN0C71)zmw=&^lWnRAe|6VpfU|QFLxp?WJk<mQk2ZwB-l<ge~lZb>0ZU
zSRxMWw&S4~-x)UZ+?q7qz~&}PO_)v?T{b+1icTPeKShx?l=#0j_fN_31;L$8Qp2AD
zs@3SzY%F=`UT~ZGhq)zJa5ret5{E7Gb!=PK$M8ffY!Ri(Z0sj$AL<x1IdHGo(mXSx
zVf?wwMX5z+DUvDdkF=tlyN`v;Z3xR^XS+FW6g~Xsj{GK6>V9kr9UaZN-j=IJnHB#G
zO5;(%J5Icw_B5P`;toVBmp>8{X2Zw@f?Yz%^1Y?dXn38|#sZ3uBEtTVVT@1qlEDct
zx?xU*iPDl2H!vuUVKkJ>CNp6mQ{?lcQ01%ih?D*54il&PA;?4OqQjqjLg9P3dQ7=|
z;Ken{6632k%7ao8m!UcDeoP_{iz%FhW{aJ3#=htSYhdmA<01U)z*ys0&6RBz$QgIC
z8vjbdo~#j#Vs<Y3J4t1-@0x7M#jNPINaYVsa#m-)KAQ0IHcAi9y&n2NT^QSMQMzji
zX0w`fC<geST8aHFmnv*<xi*e-wStT?bG58mtz_(BjOV)XjPlTg;KHB|77DvOgC_rx
z61|0TRO~2$3pUPG&Y3Ya{3Hki)aK?2203+?2;~W~B}4ts2J!%q4FTd6W{5D4-)7K1
zHJ{leIJ1@Jtl5Wd`K_`sPqwFxd7L(n%jm@n=zlh;OC$cnzE#7bLG7q`&S|BUlT2-;
zmByf_ir@e0#x(L;7#Jm(6o4L8Ec|enH;U%wK7~VgR9Qo<1}(8T0N7K^27}k&H2E;U
zuY@1#%Qt<`*F1qfFWj~+(`+b+An6ls=4G9=7C(6^dy?~0TP%$tkX^JQ2;dc~!=0<t
zjmp6oB`9J-6)UKzcl=+W+GaSBaBt3hoRpia3!?vB&I23ddZeQnwjulnj!iZ9^iSo0
zpc{h6u6eITngcNaujYnSyA`(F!!Z6bj+4bQx<{1A7yU2Y;FiMF3}wpH4wV>E=2#hu
zQmUeNb|`W*qHvsr$+z>Lf1e5orgvNsw6VVscz!s4brxh$I`gb$D&;xhtbttcc-@<e
zq;77ya#uYw3X+9or$iq`Dyq!2IJ02jA_5^dkS2^$lo4tniA+$lBR3&0BP7aKu)mE&
zCK}sg%Y6BB{5Fkr5C6J%+Q>0ObiBrPb;OAVtCts1WMu0v-RP7dQv|i8Pz9;<WT6O)
zQ2r1MyVCpa+M~vA+)qCGx_HmQ3=d63-@CaxS2pRnwcj~26VExJUwvB`3@o&jMq{WF
z$0k7PF(&Jr)Miy5)!Joy)>KxB`iiM#`UsguTv*Gl0CW`wn;OWzQXe!}aq`vX5l{3`
z2zVn-B&{9SJ;tuDZSRpj8tognF*ik7%|&%zeXMUl4zWB`+&{<S=h}NQmF3xd<rLC%
zW{e>(xBeukIiY1-o!8&)0pNUM$_Oin%Xn*%0z;Jk0OzbU^W|?1!4ZlQxHC%;6a_~4
zSA%K@P5j|*PbvRmHZ56oSY^QXRWB27)9aOB-`NwMLuD)dfr`Y6Fm~8=Kn}5a{}iY6
zBS`{1vPNs$FNOCV1sb(+5`q++JzTXnw~u!@ZkA`mdO-I6x4jz3fR}35^(eNkE(1<$
z!{eX03m><>Es%K<?de}e!7NH#YYA@WF=5TRsIc}?NvjmuF=xHxhKWK@ORKmSP0!IC
z{1(*Gn3<bW5eW&b5~)f!!^rxfgt=Gb&KNV4{4BIZ-D&8!>$or0nc@2_cT6;uD}eY5
z6KYhQ0xqyu^cTs+CWKyG?&DuvKuA89(XCMA<E`XuvuEej-GXsti|s5WPrSF2zM=If
zpGTGaz@f+d+k;PSqCPiwPgiG~&46?lHJ^#Mp(O=Ry~xt65>E9MLlAc_Pi1iyQru+u
z@X!#HjL+PAyhM@m&jIe=ZGC=x8wGH+)%{AajHFM;!-B77^a4{hY@R-8_F3rfPiT&t
zgtnBNgy??`qV}Pr$ZdD|3o&8rVJYYO@hKpP36KOq47w%6b;gx%)km1y36YXG`+MO+
zUGJTlC4%A2p%pi|g@NOwH*Wm0q07AIBBmG(6<mfbo63-aMc@fM^R6u@a@2hfJb6Nz
zv8Vimw1*Rkde!i)#8_X%1pA?0PoiFVok6I+ZVy3tOa;3v3hj9^OYm8iPPV8)RGY@x
z`{8`F0-sWegy(U73y&*#BpSv1T;8ZwWzr>~1qQ)hev_;X)2E{=2tnf+!)xrQNLIlc
zoa6WMjAw@YDez-k<FW-^SjnwTrh4^^J)2r-Q0t3~;7WoN+^xrC9z*mjZ<H}pWLq}V
zsNH|~D>rEA?3{Y}3`AdO+yU$Ik9Wd{nr=K?TOY{%#aJI>)+?3@Q76W+pN>b5#%SEy
z_N^$q=_7o)Ftd9q>_YFL3p<hLef0{nfl<iX!EegTCAoRlHYO#f|LYifp1qgnQ^IE2
zv~}v?Qx@w)=fT7guAhck8SKIwZfWHsmOrOVc(594&N3q6m;a-CCdgRZyro!qK)Po}
zk?2?=JR03OjCKwM!Zk*{qYXCre)+uT5xaw_NhfWaod;%KpA%TDpgKQQ6?dcQnlbM&
z(Cd{`SJk~OO1M^BS_N1{(4=)~?76d0qNpoD6xyZ|c9M9FIYZ8;68t&!()Fvp<tyxJ
z$~`q4?F2QBZsOoM2Kya*9i&F{rv%MiHs-kZ?|oFJLPV{+BfVNUg!fE(iG%-v)*zT)
zOTfC!%n}G&S-wI<WnP_4xE&&#`|2`}zRHy}BB<4rCfgKxEfwa?KMQfJ`0{4*GQU&&
zv24Tf^6j#;))*O~-o!3ono(SjP{oD~xnjKyuB=6%5)h_4pEJAlpVf@#;ZAMg3E7qB
zLY<0b%^l4rO~^Cv3Z|P$X%_oTrDWbF1F)>>0sG%5!Zc5Nh1IQ|85~8@x#V|O_0J2m
z>?WfW&3XQUkuE{MjXU#*4G4_73*g7yMw@U`23c3>B$D7Q<*LCQ^&9T)Kyy+RD$BdF
zo)@)ClDATm{a21-J}ya*QmN9AjO`w$*&*}Q8l#HdAyn5~=mK<AfDC4nF3|zZjcOSA
zBs>ehPO*{K^*3KCM>2EFKV|%TOl4A`3U2l-IrX6xmj3u@=}&IfQ`#TIz3Dcn&`$Df
zR<h7f%%i$E&q|ZEEH3R|!u<)&`<W9(V*XNC7mVZKx{T8yD9o1;VGk-1pX{W|Hx<FX
zgd#72*V~}OGDzu`?C%An7cwF?#r=$Hajh=B>y^A~#~hEXHndIrxNWZiRTZcWuxr1(
z$$Myi9~FuBI=f5i&%MfFJ2!j;D-FN5<rhu&x95Z82c9n1kW6WNvRZ9i9IY67NI<GL
zQ@FY)0~X6?xxjruzgT;gbNeGKuZdi*_YV%>iea|6aUyl&hJylMy5>R~sZ7=K+}kaY
zW!2r>=^Ne$492=xu{g;L+8AAp)Fv#Y?|gp~LPaQA17e37P(lP*OHsarn__z0<ySFv
z_}O;+crUexpxSg56m#<(!e&0r2UF(pt!Aarwp>!eaY2U0J(uCKkX-<_LvCLqR&h(c
zlW(u%=I3Mk_qThVl1LYxP4+w<DCSDJedxBJ5%MVOdXY?Md9qu(vwUnAct}Cio!L8C
zlwnC06wa&SRQ};ennR(biC@i`3#Omq;UO($nfIE{{F=&4-)4xxF)+5J<%BCO-J>Qg
z<|5C>=U*TNxWo34w|Bf#c6UJJ9j&P<icwPx<{KvVnAa`J1;LW0Ds-{I>5=~tOMuD!
zC9Ns~DHU_*D5v%32?@TjJBzJH?ziy12+m~Mf2u`}d{kvpWMOLcN!S?nqH~Gmv4Ph3
z`-f2BkW`Zi#n)db&uQ)UcD*Kw$J(-(y=lzx>_&i5#?rX6aLmAwEJYq>p%O(i?!X{F
zC&_5_f51*U2=8u#8vjnU+U#29sb%2ilQBB_A><}|$ol;Yj$2oxKYM_2%p*ycf0OD>
zSLs9xvvEfwtC|IIv8>gSnimbJT|?x?XmF{B7wkuQn))Xc0%4yu@FMYzx+ma=2AS+G
zPw<Tt^08})c|e<bCf_UaqR48Quy2$q9F+LPMH;Zp{P}jWjUO+XBl5R|71C1VG~t-b
zMOJl?i%ROb+|m&8I$;F38XSz*=-%mgidOU`6uY-1R0QN>5vh}ayY4wuO$}C2DC_iJ
zq|6&7gK2e_g5d^1<(E?40>Kt^#Shg}MOiP5*g3xhFQBTV55GMd?pbfxnW^D6S~nQN
zo*$@B&Tm;%cd2xIMd7h#<c~;TrQrZN*We!@a`%tNQWoYdC5uLTZ7o$@Zw-?5{jKES
zRWrR$3Va|{y$wD16POo{A33nh0AJYA;1sgm_!2zHJbjy1zbexYG;xL+B_c7ugc_=u
zntiVH`Rg9+hDhIh8FwRg&X+%(I-kUxyb5&H^WL&b!~`JB-#PcaJ_)W@iBBi&({KrT
zT{WrttK5f6Z!G4&JmFbS5sZupL`;ZN<Ys{Oq&NmfgC!`7R`w6^<INEm^Cd!eTj!d2
z+#qP=3@HXd<9dPttvrxmppyyl6Hg%GyC+1(Pthmz?P4YcE90h*G9q`d5CeU$zAdYL
zC!Q*H3N@-iGhPFVzPT2WOl+*V^{&TOUa^)8j>Mp*NEg;E%IG3z%{6t6AuHqbGKU#=
z*$?S84?hu;ZRiPL`jTaG-0@r&8bALx8K7~!wiR%fs^tbHgH=gvR?75;qHE^W>)T03
z2CnMZRW<J7LON=h^~qva$CHEYFL-pVsg9l^*=|;DRoHU)U((nMjMIw61W3r~dZdPd
zWjtSp$E|B}ZmlPRV<};J`x;7zpvP{eNpI)V#SLGD<ZH{5Dp%iR^>?nV%Y4_>wNGb6
zYJe{FuNtF{rv#s2cxi?_6Y#GTfAG2nd6C&O$dUZdv4npd+s$3`h}jyHkm}9N#SJ?C
zGQJ}<PO*tCo22{g`&gWXeyv2ypTEMK+#Zc{qm7C)3*j@-6|FW8yeFo|9~FhSWQ1w5
z)y7jpJldF$bEr6_v=n?mT2YyYBaeg@U&cxTmhHYUc7@L3N9^<plT8EX{5r1}7d%Oi
z_WS#x@sC@Zabf&{t*WtapNge=cz+i$G+L0T6cpsvx*QW|;gO7P{q5a|tRTD>Q18B|
zR{uVfio1}y$>`nyW=6ctt02qfJ|4wv&t~7fo!ou`2I@8DnE${DlzlLo^YQ-ZSq)|5
zT>SK%<`}<Pe@xG}j4&mOFIM_A*OnswDEGzp*w}l^lL7b#2-ABvi!z?KJW=P@R3nZG
z3pGTX%)f+>!_Cn;Zc>Il%Ow%PB%P<>BElOAzsV$}eWRZ(Atp3Jq(1+vd_yX<h5CIj
z;`@E+mmHSz4)3UJ<hD)}_#SoWyK5>2DXESNy<}}u2@WcGz@6pQP`2f1u(8peVv^dl
z%`W!92hKGYFP|Pd6$V@_Fe-}5TeiFhR?#4S2IeIC9=9e0e3aACr2#jCu+6&iWvqLw
zQ>)EIe1<$(bWX)#XLv+@pQFewT`6$te1ta7P&Ah531Kp@D%JK{-)oZ2;WBM1wM%}h
z(?1o+l_f6N$PBieR?kBW-jZwyJ6Cf>`_`QBk%15sVBBAWqh0_h{?J7@T>MxvL(~K<
zhEKph$-aDT<UT!aA)2G`)%DWqn`twk>hBH+w4XCxM(^e(dH1Bf*Yy_6qXMXT)wpJr
zTq?#SMNAgeHOTe+(6BaF<#{P}U71UeHRcAk;o}67GylPQ1)~F%NlF^$OlW3GNsh&9
zy!=)iOd*+sYP_2u^Q@g+hP!zG61xgux_qAV1lu?9>wg46J`DQVs|?0jiD946F<sJb
z6d6Z=iNYhn6(gl8GTHVRA;g|HHOYJuVX0SU%4VPNseA!1>p>v>&-86h+Gbr#qugmh
z_wD{7U1Q8swcZts&7+KCb&ibBc_`YLSp=NPRF5W}S0E+(hLr{I?!5#<pkZu>$c980
zET#ri)U4L3!~tv%IX*9y1KmTY6yU@;_-HMu7H#km&IWJrX4@xTfcT}*<HO%R>ajp0
z-Rz<w%?9<6PvO;{5isAa>qHP@4JnT|JS@S9Vu`#j88ht6>nR6*hh^CpH~+-iz$NG|
z<_DBI>1t?y!zW<DQI+V|e)Q?jiCVh&UhieZ_fbC#ci|)k=t$1C9nH*$G#9%aDcud|
zttY(+icx+nIXRRH9aMh&)ieG|r|LKQD0QTGjSUZz=LTc#A*JOfOa{*ge}Nf%`|b0n
zf6oAKN+`pf=eVk;(qe>vw^=Y%V)Z{#7x=$hYutDk^aW7J7eFB=x1=}9M4E<`3ci^3
z32UuOa-DMbP7Nwa{@gmwJ>?Q|YhCt5jlYq#CdD%*&ryw78j``hUNl(4>w>2&sOQ(b
zT3xEyWQ3wP4~HK+Gr^dJL@4Wh(d9DTL9VA#hy7rwcdj4O#Auvs92#<53~;sV8#uKw
zosU-yp5r0gpGO;>W~HojpY}Nrb=2Z7P9X9JJ)FK#Kc0ecVv8+lN*?AAGP~%{@~=Q7
z)eQHR0-h4VlknRWY1O1MS;jr02=$ECt?~$kyrZau#y0A#r-sJm!huhL0hV6uSr>D9
zq?U!PbehgjxWIz9W{^OIOQw33A$nQ7iog+^SS#7fj#8s}lvrI)(ZP3fNzsy<Ik~fu
z;X&o2{~K(t(Z|(4(!Pn(7nrI~-(LIut-ITo$IUZ}z;|j=mt7^SDQWXmz5dlutvO%9
zq%REOr4^tFQNF8`+?e|FD^mG{nwwJD1NtIJUGv>eP@*0KoFPn;tSoGSIpZ!?aC~sA
z$!Y&giV8-B|43|3uksI&qN64SrfgwoSU0nXy~C>vrM4}bBnu}NKv$ss^YLcZ7^K;c
z7gCJo9GKA9BliVc(?|KY_2AcBKOLz>Ord_&i6cmk>2CxB{^#AiJgGHbuGxUX?>P&|
zwNa_xoc8`Qp79D<Wji2M$qOR9Lb<)s1n?&oTY8NwgiCdZMFh=dh?Vlji!)ahm^W!#
z#uAsvDx;vwH)$i?`)lQpPA}Q=8NH-MR7R2owYKDv46n}j9;8^>&8*f^5`UtxrhnL@
z=<<y2fZv~?5lDNXJ|nR!-A7Cm)T{tZd>OpE`WP-u)u9e}C1=yNqWgGhq*4!-S!0~}
zvc=e9XxR88g1VPt=Owrf{`Q~JSG0q*E~<kJQ2&Jt3pUZd#a4E#JJY&LmPHPW#INPv
zX78Kzx=#<M&WEghZS~i_n(1&=B~T+(0R*8RR$bFB8?qGVK59ug*8h0ts3^Y;NVY0~
zJozIxVIHoEI$@UsQLm%4asKd1Jj`3pDV8-xI^W1sDIH|&#$M=7WaTHdReUGrMd4He
zL03`8k7E;Ep+=!7)D&f|B8VxP&Q-2f+RPg6Z#AuWs;^%<?mN0p;)KBk$ff@<1iE)(
zhfyu|IS5bZOnxC1(F$Zel}?Mb*PMEQwuJx!PnOeL<AA?UBF+V7y~j|tSsbJD3au2>
z_0_P&pYbNG?z1q7XcNTE_Sn#w?Y{}6I3d#pB~bgH1lGm}IG9rFJ;x=rl9m;qYr;2i
zA~18f9qX*n5gTCJP<z;+ocQ*z7rKI}bDxA*8#*2_C&aMg0A8C0t)nW%n8RGF=$t}~
ziGti(xV4fO(zJ=R<Z|1_;1ko)WX02`)o1Kr;K5a7zN+)roXq82rDsSt(sMk<dP#aW
zyqy@LmVC#xg)EQ#!%3lI0k+?5XBT)>n#4JhRnK~3DqKzyNbfz3UhqA71B?8+)UsWy
z{X6`BUuN>d0d};fO6D~Cm!IIkI#%XIaZnX|z-~Qmb_Y$MAwj#MH>@78y_cxpMA+0W
zpf#4+5S{xqt+^eMaKdW8d3ZL|IIbHOR3jnx8m;ZUk`lz<sq70WmGmVuopeqha;P&a
z8p=VwwLk{t`4HiIGPh7iy{3he7B0FqIuNJt!h5DB$XM$&CMs-2%}us6<|+aWKF8vX
zW?D`K1`-z86!1A2U7rGTwEZgwa-fT?-vot+(^9^%lGpn_0=#kWuFzN`EEI61(1QP7
z7J|rn$QT73q!_`l%Z~=HBkb-<HoMQfK7U{*m+$~KcbNzIZ4=*1T)zSEN-!C(p<Q}9
z_U?Ob?}ZHRg*I{D{}jriasc_IWol(5P5N3@_>>dWZUh)T8+2bvO(o6JfwH7{byoww
zc*z1fnzKQBfnn2QMEev*m7pfW8)k+RgA*9L2`1asTRFCGH}d(}3t|PV+<Ga5PSR=V
zM?99IZRfUMe-gU}In)D)gU9gGJ>x-iUV$G@O#;kJJR?Q*B8+%AT%4JmoC=?oyztrU
z_SQ^tFN4TX&EpdAa9<%3FaJa1;V|fLK{6O`C5Ah(VH7!}7#)dF0(_KMa%Ar+ozu1x
zaQs1|=bOYB^R&XquS*uTn`^`m;iTzR^Te&C-?o8VR%+|ME}Znf!O_L-G90xZVzKLg
zTonEBEKw06%^pDe9#|E;H_*w1anYo*?>K#G7vJ4!w4G<GJ!=04lAuWJvzQ)QWJv6x
z2kWenZXvg9JwhOU01Wm0Us(sbFz>!?#qavjFMY`&51bJcffD?T)LHc6A~OUS2>2bU
z!<Ls(bS8bd45?aNTnIHVxK-RJuA3{fm?sX!*DM>~3g1_^nY|VA709FyY2t1wnZwfo
z8k{n{B9leg4R7rRP{h3%k`qd^c&tBw|5*~PCFuceru~#X3{Dyt`DTMo1ZuV-t3yj+
zhnWer9#IFaV5f6I5nllxeFUUd0w$ji!~Cc$7zNd!z;h|!>SWdY&DM~4_y2ed8pk<(
zXqTi)yC~55+L|T+Tl^jD?-}S0Ss5KFMHOAKXV8e0L)fa7Q%F(pvC~tfGSXlC;fM&a
zJqFn_pyL@Gr|-8TlZ)C>#e#*5L#qIl(+sr4B?F`fCPEHStzQqfoAVvqs-1Q>QVl6b
z1Qc&9NKm|aW#sB(SRmsA$USlB3E<#<`Jc6f6X!G4)x|<CP%+%~;$OGZ?*AHht{rZ!
z$I8hA|I37$Y?AC~y2|W=(1f8JqKe#86a`2fWAnRWuTP_JoWZM`=g~6L4i@R`MM;39
z)O5>guP?p-We!`8bvS?NElj>p)RaZd#OS)3**eL0B$qAoe4+4%IYsY%7nAS@5GeFu
zQTSmlRM!S!>_G<7G83UYa_t#clCF#g(T`WRj?Y~=kql@N5O|+K(JGPrjTagc#VBkF
z)u>9(AUHUBB1|BBz9%r+#53#Fpj)yWg^m{{d65{XG~ZokI@(e3y(4M(nVL%9Wnamm
z;tU^)iq!qg+d&(;RsG|DtB}%OyRs8Cn_`ZSx7DFQQen|=J(gsfm}pZHS@Km7lmCFi
zCW|zFjz7w*B3{!g95CFEgsOldMLWGy^$19(hL@Rv``kt}*$hZ3<M6CGv)Nhb;vpJ9
z)3*KR%!h_-+yt9q+VqdT=pcLZ;AP!MHLBhu!B~w^e>2obT!=LY2?xP8*=3+<%6k4$
zlM5h&v?PUjLP_gLC5JXER-x=AGh^T*CLZBU6;=QZj*R(83~;DVnJVNDDa<-%TPO9v
zb)mjo*?W1Vws00j+rp;9ZLQjV$D1Tc)8lymqWA3@setw4LUt+62j+AU{jaXEZzn(f
z8s!HUERXTse2103&AGiu%}2qybG>f}Sf^K3l%<y)08Q^_9*`?Ro|bwg2buzdAI(}=
zWiqqy<%@OrxXHt^SPePtPY}<OSd}&bEgKp~9P@4qG}e>xnP9P&%({%wD~>H#{aAt)
zC2)F*znF@67bFVRLoEiSTJ314;MgfuO#|UG7qw-yVczfE+cEgOD2~9e_tMy4wxr(#
z;+#QBu7<X2&5JL+^@))Fs(Qy=eg<<^fpvSHC;D)PGO9y~IQo=8Y(uZBDu*-Rjm0~c
zuep_abt8Yz&e~<9IK%IX>Sf+!V)^{Pid*5|<MkL)cCKd~Xiu`w_HD5qwVyN4s2erk
zw}z$-5Fmqlu_O>{q$&E<!yubxQAD@HhR#wkF`k3bP{XR_kMZ!Aw)0lVAOHs`2mx#x
zBA^sq$WoOO0xg*FyLZJ{Fg|&d!|RD-o(`<ih?Q>wH^(rT;VvQx24j-UX+U>ngd(Sd
z8h9J2z2Pdc46KWI!dOtvu9FMPwIM<a=;A1kJOOpHW`iAJ=Z18`45e&Hxt0TU4LUWV
zhS)9DVAjpan_?uHgGZdMS?F&IlB@q71lHOO!Z61F8rM5P7U=09703lLZcVXZR;oEo
zoU3T9t<0TPCL&C^YK?Ahr*Ll1wK179U5j`yd4sy#IsN2Y23bsELIwnxN})_Fx>T_=
z$$5)xm7$>AzG=XMxViMy%kt@CO{0s*=?cl`@Qm*=ShH-dN|@aQfSS@B{s&dX@Ezx#
zwz2T3)3nI1gItLa3hVJC8H6$cAQ_2TsJKOUuo;3cG`&87`B)ci$EWf*ap3iB<A>H_
z=)Ay5jGWh-fz$W)<xAp3<jU;!dfsBG>ZgmkgXyx;;aE?nA!zgA<b$b6i{V#H({256
z(Nyj@Nv%`i1SbI(Ky&v4Te3IkIOc}qofW=#<Ls~e{x=$i-e1C=NcH2NK%ze6OjQwM
zwFC^RQRSSk!Io|@8_dd;-=klxfk0zqvtRywcIBgI9F#Tujrh%JRzXzO+@s?S(vb2o
zXq@PyO9YJ*_kvUVGfdS;rJY*019{C_0<g9~hAL@?AB1!x5tevs&n!!Pt1)LnGwq+a
z@GtOtE;>{UBUc$MjpP21;lts!Yo8GQKaCSfL?sRPKaCUBH(ZhjMGqDdN9hWmxM^Vh
zs<duD)9O_)LdTPJAXe%<U@HwDZ!zYt(Tb@u8v&`i%2k<0zep?#z)DDbCWaf5#sE=L
zA6-1u=%c%kk}z=Dwx4tM`txbopD%p@X09vU_av&oPF|Y3fiq)E=&iwd>7!naxc(7y
zTTso*3+(ZJfl=%Ses?^D;659|r?CAsbG9L84=Wxg7;_j?)%JkDcYs*faL!(t@0`Vk
zJ78(YfK|1eJL-Ly+Z*!UdJ~|K)xtr;Da`u2$|D4I@3(Z)nh#Z{$IsGnJ<?na%?pE$
zN>K!Bj6J5=B$43GC(3B&OsJ~IprucqO^oY=^&KH9jiboAYTVeRZDt(?zVEMyC%Cag
zI4^EPoa(L`egPrjc~<gjxa^aAF_V$6#jHWC04X2WjixOOcdF+Xv2-CW0r*!^#>Qhg
z(%fw5+uPLNq}Ue0!Cxpb>&9b5QVP;iSecz|1}&8OZ8*n$(ew3x5aQ~HsAl}fy;YcS
zHjsO4Aor@H;G_*#p)6rM_s?0&(nzJC1Ncr7+SQ84kiV&|e*EfSc2o(VF0d^<p&M|$
zz*SaMylDLlduTV}YQRfEK#0L!-t-MtIYqtNulk5cPwu)SxaqzmRC<lY7MW{>dR*#l
zXj8rcNj%P*k$0byk*z=4Jfi0vffrglLrIlLLg8%Th69Ha5^b2p{LYMGlU`6lI$}B@
zW3%}g0=M+$|KaNYUS8=2C6fH6P9gyTYqyxI)<ZFrruf{CX{x}hGqWYdN!OA*+Y&UB
ziHnQh=UMC~ttm-ql0WUVTg)&_KSLLfMThJ~L(fmp2GR2s|H{MMtKmj<p}ltaJ{jcn
zR=DztmJ}ZxoS1)9KbaHy>6!?hH7;Rq96sdIMnVwLgc6v^QO5YI93<H!r7`rCrG-Jt
zfjtrCC#>a%FiBbi7yRhUAhYIZB()@hKufJ4*6Iu;Yh`yIZyk4hJLP1Er)b*I^SZs&
z#bn~uI8Vwiq6Or0Xx>*THOFWmY;^d}9SoYUmac-;kxbM#kM+WyYBYP=hP>#m*ML)_
zF*ARQ7`nyd)Poq^7*pGsrm=OL`Rh9hLkqGP0fDOyQul<fSqBonRFkW+`C^R;JEC~I
znb^Xvhu<z{c|3#mWHfym-Y&}C57PLav)``=faP4u_v`UD@9u5jnfc&??IGs*KJC?h
zDv1lGj#%{SJ==h<X;Pgz=HM43E5Jm8vFSUzmL=qD`G_FpJNP<h6tJ_~nF1wf$=b=M
z_=@`PNVDEFME0uSA@z!iZL_u-r2OlqoexeU5J|q}Co@`a)%wF5FK30tyg?3JwNGpv
z#+$S|ggy}q{z8HJ_uHU`Z-c)MbokUPaO~EXz^|-?sD<aYe&xFY<>GL}qo4{x&&%jK
zi!e(RKYV{@PCg&mygr^)5}M<>dCDhaZRc7!2in))>&#$Hw8>njmYB)%Iu#f9c(29!
za|pj&pE8&_q6LpPtoM)kl1bt7oPR6!hx=D}ov#|l`qQ@O`-dTXKDQNuI`h_%J&_b{
zSwtk<2aX>TuhVPw6|t8_#Vzub%whF}C2)NOnCT3p1V!9lm5fk1gl{@n)E9zK%t++p
zZWSl{%=pH$JQb9$f{Wv6s1kYQX6>ePL&wK>L#dVGS!m_plHhY8>d^HSssF}K&jUYy
z7oNFfH#aaU2$$k3X}j#qrQ!yG9<brVg7AyZVrds$=MgDIXTG>-Qff=CRR70`NS&F_
zu}i&v85E9N_DS#MSuHN<NdpQkL~#T;=}+1UO7=Cq2%UKcjoWv{J=Lkn`*QC5tLf2J
z<<%1Aocg+#PrV9%5TvY?!qHq2z0_p~rGr6pRv#S(`RJn#1YRlfu{H^6sT>{ZRE~M6
zXw9(6nkyy_l@WVHJl>BWLU5#cnB2c_WUGZ%axUXn$UqYe*iTgsJ}~j-yUGEKPKk%!
zCciK^$WP^U*Up_g2|B`rz`0M|h@P<6941w74>E)BX6&tn-21O~x9Z*&u>#lSl_FJ%
z`p~5e<<nRw6l_!_&T3fjq3@ypvu&Gv)KmH~#zv>cD_5W6R?oyt@P{><A^E(xNUvRn
zCmW1hPuf8tQ-lb!N!{{zv<HEpf&(Q^o;Jb19n7r>;33b<h^EZVDE5dOkz?1xBGN6s
znMPlo%k9%1%y&rU-kznjo(*Uzd2vwAQAonu4@}Z`*<hCv)m0RTc99l@wtqW2t{lFf
z3J~_tw2*_0G%mV{HirFD0#+ifK}q2{v?@+@EFEhl`b(1og*)DpT`Wq33pMa(J?|;~
z{IAdupl;dET-g790-AR)qjDe?2=|w;`+&!OW}cO>A{!VpM8T69l9nwrWrw*hTKpOM
z-!f&|N17=F8D99$JcWW@kLnDk0pU!mH2Tc_-s{Fu47O>X#2!Ps+lEEUF|QvZE_WtR
z7dvjT6&qDw;Dqt0*tEZpctC**9Er5@<9wUeQqn%JJ=TP-SpKtgc_WXKTlz~@SZUoQ
zQlM1XKA2i{Q&^9-aRxhTz6msQNvPZ~CSG%9(0<l11)~?PLqFVRXM(&#xvpg~jl-p3
zaI#r-t0fxd5zi6kApE-#3$Thcr)<qP4?_5iQXH0ZVTBWc4wQVL{Y<-g;SmyBvZ-8I
zWX$1;21coO==17O8mxBQXw<P4fIwCJX{)aMYq=l<h(3N$#O7oajn`uMzE3O#SW!?2
zW0D6?sBAWA9h>oA2eMm?jNfW~-mycNC>LQfqZH;q|7$_b&tIYs%)R`V&H1!}AS-yo
zfSiu4PeK?%j|*MTSyUE+tKXS|i-SdQOY7}2z>;mS*!pz8Fbh+|&!u_$o0L<5|IYv^
z(1r!y0c|wsT_rV%e!Mj6^r?qLCym2H+f4mf1`$fZI1Y*dDI?f3j#-n+qu(amSwQB2
zVI(rb44ocV=-;(V#8J>LK=F%uj{-zxvGOBgPh`G<`oUMPt7T1#1n~m@Jdpg#ktKGI
zQJhMXC~zB~#wnFG-Wob9$f2G_JDR<JK*5u2V0+8NN-t}OpktG8MJDq4Fvd)3uP(Q+
zJg2vp`9XYN1Fn=am#ORkn^oO05XGECPANliQsLBi&I)7Thqx91`Um>Y;czwZH;mgg
z{dCNU&SqbA`g82jg9gPYBH4Ikg(>B8jWPdinbt2Hk~SE6$~OOyo=W0UK5Eg2VmVra
zD3w-@M*PZ1NingICrDQjYfQr<RJo2y>ZP^tTi+lpWRj6=X+7oEAXkZFiMCI73T96u
zqlWK5&OJL%9KsT|?J;4Z4%e#sk2DGLD38!m!{YRyGt$VU?i@-`y-~4%>J5^oo>N-X
zk`iO+H-Cy$n!lZG+^}XwGuwwXT32V9Xq%y>d^+KV|D?OeF7`7;YyRhdQhiEmD@wW~
z_ccQJ@fcY)oJ?GnG6TC%3fR<+L!?3qC-3$ETLvE0)Ot0v)a2$570N1gRx{IQNrW;j
zJ`M2mRHau9lkQb09;gR%P+uf06?3ZW8K5d&6-YhoE}}9yZEMgoBp1V?M9oY^S{FkF
zwF(`=^lQSya3_LVK2V4YP=Oc6$~hEwcqHa@P>Dk{53R{?dU6~GFg}gpCF%rNeM~b+
z|AoAF^>+~@)+D6+b{Mbw&mzd>XY-5iA?P7r-YVG#frZE9D}Fg9<aK)ix3*37n3?*R
zq0h}#(N88d6X#>XjvMT)4NX$%91LtQxh}vly&@8U%suGj5mPw*N_Swtg32ij|Bf#7
zkS!Jml<xNDBw_{`%QN7-$>zo37DgY0P#{O*1!KJZ9W0Ee$$9}7sosBPKp3UqcYY)a
zA9x}3eZLo+4P}~#CHCpgAl6(nk%q7K_S$<!RcuA(UJG-jI}+e=#!hgaeHd{k!q2_j
zYhwm*K6E4U4)cPX9gxs7h$ja?MFYmYcdqo8wmR#vG%kKBBQAmR`=V<{y)7m5_kk2{
zsj`x`0fOW85hQzHce_;Ur);&MaI1X=j|tyniBr5}OY%A2i6Dt1r_wOtM>N5IoP>j-
zJ)k-3BKnAnLgkl(5CHmAqBuV7q<~GwT<=cSTrXfuYa2#*l1`5q%@0WBiB=NA&qesp
zLMV(=k{nG>nf#xHkVm3$4(gu|l2Eh;?3;P#Uz1CeQ&($OWIW0uXv)S*12@R&5m&<-
zW++D5^2w!6(xcgUEn5Z5^@~QCrxNR44(D!)lX}xQq}TtrfrTBf27*s(`tko$6d~CP
zT)=7ufVj8k&IkilJ3IW_Zjxv*E=@hz8D}83PnfBF*m0KDZ9*rCmYMWl*hhgF2=aLR
zL+$yfTCD^p3VkL*HVXQjk=7t*xH0)$&QLVuOY&QBh?p*O&DgWD5VV#g0G7&H<NH<a
zHroGs2&fHO7O;@kr<%?61=kysDFZ4qY&)vxYM2=i&C|B6TlrP#+32q@{f_3@4n3I2
zDr)J`kOcSdPrR=gYP^+f`}3G^Man%GLP$X}EKB%zQHDgJ?2o#<E+a}!j+AS>@>ZNa
z44>ocuQ+B5$i}fDt0X%C>9y>;Qp3L9A9zjhC-A6m{#H12nGg{C_7ETZPl;FOEp4NY
zRI>1m+0!cIaii~TFup$%D+mbv!puiv!A9E3R{>HqT)k9n9?o+cHvF)d7s#j-G<$xn
z&76MBxudaSk)UaAFy9j5dYbcaEEVBRE&$zpNfeBZR3<UG`B4~zH*{0MgW+mBPliee
zTLVK%#eWcg0T}ixUvOhAawW;_S>ta_63hRyEDnZ=yWNqAzXdIe1;gN0AccczYQ)7_
zR9>-Z-wV3}jj4zTP2FQ@8QqS+z1T;&mi~lkv-+0)F5^Ppd?iaLdG*tvD$T_DT6S?i
zP-saLf{jrm{#fPYKYgtf-l2hH&YTn54&Xk8Z+++Ugc@c(23N62$*JatgTEY_Z^B{D
zD|_kWcgr3}b+RiReFaO-(o?RPAM@@W{kkH&MPv1GET-AE8B##mJqOl)Xq3QMbpcHw
zjze*>3vwe5A~Y54%iJ77Xb%eYwP6fvAfL2Abh;nfAU(k+dWXMTstB>BpdbAGDRZ14
z8S$GDy&l#cUV;9oO>_#DeptFZ2~FB~0;QACn&bUM$#0pzPp-^Ygu1R(T7eeR6R`^m
zKk+eOQl;o)0+lQ^z>B02Wg*k9xay}=^OoXz`{?IwcI4zbD6)IBg1S1d6i!Auq%H7E
z-Oz`7jupZ3tpKfU$Q<<Qv!Nh}(t@Lu_=o?yT&Hffp6^f@MMrC6rMmZ{$F-i@t&ixR
z5q%}7+t)d&MEoE<<NY3fM~LTs%dD2(>=HTS9d9sfv7BUR;QxIw>5GblA=aOQB?j`S
z1GX3i^}*Z!(&zs$_0?fjeb3j5fGA3bba!`mcOys%(%lV*?(XjH?(PQZ?vU=T_v+{O
z)%V|fpZna|v)8OyGkc#o8p?ShTP{Q8k6^r6EkxNh<VX%p$yjwocufN;eYcnrJ=(=}
z6UPe<UinE}4$c$>6|Z>hw!EuFWu#F<nMqn73RXQ^9_J6XRBGRWqL)+Xn3wI9x^zH?
zfBg*nTK!RdQ~>b&FnB{`I&+%#mV3`tp#&%G5H&PH0X4Ey!9I8RdurG_%sG+HD|5H&
z9O|}dJ3oeg8P0KSCtRJ~bI$L9W_y&O&lADN-}T=&!mG*Qz5iQCX_#UWZU@kiZD)9e
zb}Qo>!qy?Ak=7x&zpIRuCwddxSm=0x$k{>O4#X+k!z7V!2-=HYTX}?81|%)9v=<(t
z>xQQ@u1tgtW79)7f}W#Ah@R07pD|3OOV~h-)r!!9gKYnCjS9MWaE|m00lGrlaay2E
zD12vTwN_3kfbCwDe0jvsc~R<W)V@5t2b)%6Z+B;|w)XApM>}cN-rVTBK*z2hANvOx
zp1DOnh+RWyQjbP_HZTttZR62QTgAITwdQQIS)kb{Dj$E0WrUyRdfdM|VY|-Z!G5*w
zZs+EBQM%1#X$uQDjrNvSe#;%bC`}C*h~>BDyd&z}!Dy)}(|isuh973N1T&`dkHRow
z20BbxHW4;b(Sofx^txb@Gz<Hfed)+q`2WeOGw*HTbD|w#kg9@`5!1BvA>k|(a_dSJ
zbnI$h>TXo{d{aYeL()!5D(co>AIDYgE_yN(W=u@Ssx+<QV*dkbTwfAxI)&dNI$Xva
zh=)*oG<%q!t_MnI?@qS8-CP`i`K=>x6M}Y?iM!>ZG)Ik&raB*L{>QklkKr9%5$1#4
zT;)X~F7f>_H}kDZrH1bux<j-I%mbQEu%FP2G5Oy!gy)m`lkTm(ZI^wP1wAEaTDa9?
zb)ZKn>1r6sD4}}v$PJycET+D3?>QU_-1#2(|9?+w&*47Hx{5u+ffBL1961VRJCuxZ
zmgMypzIiwwj0lzSygsZ&Z=ZxbThprO`Hw56O8wbVWOBRHf-eEz$FCTJfZbm7i6KhF
z1DIlOmTU~Co*%yappNl5QYPFEXRdrsN>J4U2R*^(Oh|MMstZ;vfVs3aZQKv={b2Jt
zmY~i5)WT%3)6TW{ioct!=n_TwafS6tC1yaZa8I}5?e5-4Jr?$zCgzT3WsrHuP{u#Q
z-xQ|ge&Un2oA1qt31R*yF<8Kw5LE`A6!ij?66NlZuR*GWT#QRm%1*Y%P}W4Y^6T|Y
z-YgC;H$d`g(l=UtS??K*i5`|RWQSzCxs}M0XSFWo3`ksYYR+s49*^k0`NH$ji!xj#
zNd#A8lTHF*qoM<~@Yq+*v|o6J7jfQ$w!z3VIj+G-k1;iK1ov$;`;iyvB^9Bh?lgA{
zo_b}g{iM~rJ_p*ah9*P&r$fcFtYu{(VuMJ(AHY@JUF5W4{FQu2bam*Juoz78)h<^=
zwYEK<k!~~m4l6>GESbU&bZD_xOS-A^Mad4qfkb`|al~=ZWCLjZk@M^Xp-3EBksj*X
zDO^j99~<Sw74QkNe2C`XHuGYC+CoZt3rZbSK!Z)yM=(XoJ$e}N!y-&3e)~x9uAsI;
zI0#Ts-1#<T#}0jxUwc2suR4|Y`4>lQ!=CJuusffDRD1nS-L+UVU7lv$co1j2P4uPP
zD&&c#%IQs0N>~v$q@;8vTc&e`wPWq~p`oGBq`(f<duJ*f_+OTdRKW+HW*e0f-<j1F
zML$$ktIhcK{VXEbVMoA}Tag2;DD2g8=O+MK(z>W&cvfP*u_^<p{%8yB2h|i-7;p9p
zSx9DtL<2|>MOU9>lm?@~WM$zgG*%dS+`?{ZsIWDDZ$aVXcOqT2?Xj5qtD`Hc@k=@u
z)D}|0MQ-CYd(JzOQW`U*QM@(O?o)6@42|2eCATH>%wcgit|U`j6Poy<K0)EXtbiNb
zpDOq8+-Xif(1QhEEg>dB28jw5XdyV{eUxH|5TGBoM?h)x9L~_Eh%tp=%0Ua1y@xjc
zww_01{tZpaK$KDRT{cWJE`l30@+Y)f*g&YS9|H^GP|<l5Ng@vO1n1W7xLXmSa6cP<
zzIe#lF+ckdRcX%#ZIb<2{H0XQvjaG))WmPA6U=SCD$6X`d<l+N`0lcQsM3V<mRu1*
zU@ZbW1Dztcv!B62@`tCfHBQ7nuWubV8v_@1YWg-`OfH=bmKH6|M~%2`xt@!GO0Gzb
zuJMrN6%YstWa&Qq4+M(d;6%ScFjF5969EE2kR?(4R5~s-9RYv{zb+S;wlx{6!<s_u
zx`z+X6>A!|tzbizRz2lF=l?|&XE$WVYyEdjR3<PqV)fgO+^@-higI_0Z=DW`aL7i+
z3)nl&fO7ID<##UvAp5M8bZ#3(dqr0EOl~VVbet@=o?EDho#Ja9bT{m|*q0Jbw<}hF
zb`#SXiR;d4;2ZM=0vK*`&tBRrj)f9x+g@I()<vVSaR4n`0>gNvo<5ckv$y!RYyjrf
z&MqoS5p$;$^m0v)6h-#_kuQ^|brwwXI`pAhfb>9t8%>E(72+fyTL@48v8A?1hvxes
z{7W&5&klu{^tr@680(x6`Divm!eJnH{W_1R6zR4U;P+8};O9;2V4t}B+4%^@)I7@q
zxYAIsPiX%z1JQ&JBmU@$I=K6gb>vtA>SKx!zJw~KPa8w>4$OE&B6m?}$6sqcg+qQI
zoYqF|$+p0Y#Ld3hfZq_`{FzZkNx`<iTQ3SJbshbah~lnt5n_&Lx}+5!d2X?uy%hNQ
zY*k+R`4!x`A@7@TH@R|H(<F5cA|^Kr3n43pGHST6y|!E!!B41IVaB{lL&f*@<L}ye
zlG>d1cFUY43S06RZG^i$<Bnrw>Y6!u+LdMcXwC#{8RP}3_oh7U^i7WzmYp!mlb-Gs
zDn~WTgxbCmy(u-2*uoOL0uFi(5>J8U_9@5dox<T`^-m+8b!VXgHwTyU)gGKf1DuP)
z+1w40LdGVnT9<x~K^klb>LV(xuR%=8ic8(jD>hd)glfdd4D_f{Qvp`gtd~9&sxf{k
z=OdA-wgZ<j7!<yYo}m^biVWWW$BeD1ko)=|54m!<LGOTq<@8vv0f@55CkZf^Xq(nW
zB1qnED!W_w#$$f7Tikq6F~&<B%{8!Q68Tc-6dX8SfkYT>vPv!WQMG<?dyS=Rl2i+|
zK5K(#kl|NP#W8Vr0X~u4tl6{TMTy<XL0B<0w=)(e*{wrr-JG>fDN0wSsBQAOliB(8
z3k(vUL66M3Knl{YN1#e@wYWgX-(7a%_CTc<hC2yF1dp1jxQmV7<HA2Wj7f&SPq>d9
z{XwJ4H-fe68#$~q4o^8|%>u<acP^j(rs;!ekDOxj|CYG%3->t;ME<M~R7jj4^2bcg
z+rWF?*Ruv)nSJL^WD#ly+{z;J?#J}I6@?MSNfrYi$P>#wC2m(d-t_BnM~cOafK#HT
z4bje#A%n>l^!T>~wfP2A;^Vk-UiLAfWD&D~Cxyuvs%0=lds?jD$#Gv2#Pv9JwBU}a
zYzm?UZzZNY?Nv{Y!n^V#)BR0JcISiGc|nylMM0Taq1`0p#<1LSWk}rGFa7140F_e^
zx@Q}OEe=lNJFz<_wUf59)TVq3!6~qt1qX{YPJdI8;iT%ks1|dYY-6g!Q}|gir5WT}
ziOkGj1LM;Xx_%iaDjaZv8p5#P3)#K&zZ`c%jR?WzR@>i!GtKFHWR&fn|FYh&<T%$r
z*%s?-VT4lM6iE?sM;Rj9lN@6j{XSxg5kHcV2k}3u;_D`4xDg^^P^^iBW7MP<XpDlp
z0^bRt6UqXcMtyD2<!_yx&f%W0eCKW}Lx4W*tFNo*6bQD1Vf%hTD6cXI&80>M5^J=D
zF0?lnXwk`QjFwUr0fgo6Y9W@G^<(fiTg@*r>>a+&v@21_fycCtjyG;yzjRbS+qG(W
ze}|)%$`qc9#|n+h%lN~1q*vkbdGig7y~H_W=GcAs$)gDjHi(H>z1+b<X_dHj&xz@e
z%VVLr#Yr8)NL{&P1^<_(K7NkQn@5e!ll>{2HQ@*tecTa8s>FXDH>4nafYV-$nN@yK
z$5HCw*x^TT!exh3TW{}JTEwjLmG*^e>4YGic6>O~uXzK3HU4`c$w14S-aZIYW<1_=
ztgl`n$<>5sX1fcjeOao;4EL2-eqyHieUJAxi1Ps~4R0WrsH~=j4B5MrwZV`cv%rwZ
z7Xi^0G#cJab+MLAbJ(gGk^7l93W35Otz)2v7v@r%(y9ZMDk0<o`B9-`%w0OGO^j3p
zMq8Uy51EyY;mgA&x6H6w76qt^cgHD;$(hn~y}ym3tOkZ#UC~TkRTS$w_s$fqvhb+R
z95Q+OXE~59_aReFhdvZCav7b*tclKd?*NoHglrOs^SqvwR*8X91Csb@kenzC`oSIy
zG}a7pcZuK2q8F`>93!#5JkGLshFbazOUh0mu#|@6F|eW&GgQ)$Gk~D$Lx6v<q(ef2
zby$lQ0kyZ<1%WvB6lV)rR@T-k^`#?AEn^>Bd%Z$t=p7?DmnZT%U**cMw+Br<m1g}>
zzn1&GV|5hH!4EavH!C|=E}F*{FT_R9g=$8XtB1Wg2EN1?G0kdiW`gZ@cHn^`E;-~e
zp~GJbhWp~9g@eCN`~;;26`w>(O;50b87T<Z#P3Y{!;fRzWDXZ5(Z^~c0Ow^bWNP?M
zlPFGE>5fCW=GHVh`7aYCnfcAx<0i>4qO>qxhjQu3uI8dPFr&hC)Sq$pvv^5NdCJ$w
zt;|ZDDG;K{^qAm09PyIdH$|AM(1)?&tGLb0E9b}BqYlo5zSMy&@H%ToMIXT-iKrka
zOb--@V3mnyH<eL?BH1#y0hKV?Q*})&#rOtx&2&iu7WT^GV$E2SPTTUYX?e10Z-eB9
zWZ>6(XHcfUPO{`<mDch8(G-~u*02#`6T!ulru=#vHZ-2(r=Nye1a=(891mC}V-@_2
zhZaWWrD{Hy`e>@_c_#g*arsVZV}0G^Vj+;t2(RQnV>xF6@s=n4tLFyp671>9M>0pF
zE^SMovy5+6ZN}Qhqq+qpG`%m<()8i;cWD;)rJSoV5bhgl8U?V*JBo=VMd~<VGx179
z6liGk$oYb`v99=U{Dv6{poR1EvS-jh^+Tu;rL&Z|2Hl6&i8^Eh;%=0j(?{8@RK7?D
zNWE3G+o}Md5WP>fYkm-n!Fhwyb-JcQN@BT&K51;i<O}p#8!2>p5Hmt+K*94bA=cY$
z)QzXz?t{exe_DJnNl&H5O=mvS_rViysGYqY9A7BH2f=9tug@JO`VnIonq1dDKoU{L
z8a2j|r9<pFHalKsN>?RO%BLTwpzVSOzKM(jk=g}toyqjYs#shrRjPMwM!`yA*yNVC
zk2Q7mlP7C*T9fwOwi9DC_J73G@j>zd`a3RPG~fkQ2I}dRU{lboDeIaQ$If?yXF6vt
z_~Fb<U0vk5y2EUWQN;~PRJKxvWgGTklKOA?;_EEibD^+uj^OizatX5OZG`~8R}1{N
zTw0eeTcG7`{a$W$V8L^O6zlDen>&VfqSVh6aX5SgcJpu0XGgsp<B*x4ZxcLry}D_T
zyFp{fWJ00(yMNZW*)smlGq5zPY1w5WY8I2sw7%;bJLt9{9o>12IZ*?%<0Dh(qtU1l
zi`66bLSq-KVS2j<29#pJU5MCIa-iY}|2Xt0X~5w}*(orVKSXqpmBAqSbzNQYE3XiS
zzn9{)CQ?p{i=1Uw;#$;LzSAul%8T{;;52dq_3~h~N-19=pj`au{v(v_L0v2S()-x5
zI*+O};cUsclL&Swu}~BtQG=SIH-9`SI6z#XEl^MQ{9_$3DgS+qq|KiON%m7)KMDUA
zJ9vEQ?B#IX-8eqq?g=TCm|X5HBlNuwdx0b)5ZRdO@g7Nks|ugbQ$(z&GejV|=Klg;
zi_-<Q=MIGd?AGTneAGT&bydfrGeMHyV1H*U%PJo_i<Xi7TMmmd@fpx^#hXwc;=BX=
zXqN?u`kfVLTjx2!dX*z1UtWy1dkL+WhcA{5#NwPrB&q|1A_o$17VN)|Bam2)Jd(js
z2l4)sk4XN3_$k3b_yvXpe31c*ut5swfwE&whBM`W%k_pz(?JctlbPGybu1cnA+&sO
zaFdQ)r4r}1_|Fd<7uQ;V36&2!$J!|yBg%eEi?NDFKU25DFaqh9;;UlzSv1ObkSsfO
z;d@RqS55*EU%slz&IJ>k8<s+_|JFOfJuqnu2>kx98i(I&!4izW6&e@YYEwSXUBt&L
zQk87YbR#~OD8WL1>`z1P0d>x%vlloM^TUy~03!PfGFFZo4o#p_BJ1Vq{&EUqH|*=M
z*7j0v!FHjNQlb7txU*%EK=QD%UWv4CqxHTj>MlKyE2>T19p7}X4$v8*t%iT|RZT6+
zDtKe5iOmtBd|}XN(MtQeg30S9b%Fi-ICI%P{&L)io_%8ds2XOdwTcz>?YvO4Am5<x
zPPBHd-kEnUjvMIQdSA%Ic#%ktS*(^<2Yu2-6nGRbzvBP-^+7T`gSuhqes*!ol-peR
zQ#^E|Fvqf0ueuUF1EjO+_C3QjRN(0I3*T1)<y*Y!^!l>bql(?jy<<<tSFrwvNR!af
z6!gL^%{Cvog9pRW^M`7Y@QZy@K^?&kREO??U<15h0#tx~*pGROQ%3dZp)6elKUGK{
zx!L=$=5G|RON99C*Q5j=)PVLEkpSNq&|xeMgxh%`#iBRhpVk<ws^hLHx@`#K!r-HI
z)<9MAUiq0Pn^kM9Vtah77K^NLNVfZ9Rg?H+ZpV9b0}l<R>@=$^+aG!_WY!@QBvpXC
zO13dwx4D>9#rN^{Y(6y<HP4jRD<MuBlsajrq7_N!F$;mmY(}h?Pd>?bALH#a|4A;n
z?i`IVp<IpMl1oVN*uTJN#TRlV-Oqg)RzXoMZPWh!)ej}Utxw9D<({-Dv*2(OJOSkw
z*H4(VM>VB|!k!&4)MY?c-?jNWaO6wq*VGH_K+cAqp+v&Utd@4Vi*<5pe_5+Q)`T6S
z2-<KG&?zqA_lxL+#>~AXdaj^LOg?P&Uf+MQc=1WWiVaoCO75pHJ}g;JlM<tI2Q0&b
zq@1<fnDb5njxFS`#s<4BaBFk?i_PL86UBut25@75SYF?@GgfK(&6!^E&mr>vcua+u
zw3xcW!@V(#_nAUKA<mOMcd+#4sF}`fdVFDUp8fMUeFnv>Kc+#MS$}%ZjXm)G#JD%h
z3<PoWvb5Kg7nTy~CL?61M4V*l`$=mr5yT%l?2@hqVbKt2SkQ6c^rKhwN_B)I^CMw^
z4faDNhOa(Kinqk-zg-u2(vD);%Zg$lUli?0$9Kw3DdY$9Hjj|L95Ix+Kecy-w!>3G
zS3M;EKD31F$>pJ3UlVsh>eM}Z*o2h(jcoR6iy`_&)+Sa0xpIDxQ~7D{ZBVl(?y;;k
z#Y+QoNK;bV{h6WJ7xpwK093VHH0Y9GUtf4s(XXJsUotfMbOF|Rtqqe28=OLlTuAU`
z+&jjpdRkj<42z8f245|p1354;e|P<X_FuZRG)~|iX)NFl0p*YUykFg<1_=42ZmKfx
zv4>FUCmnDwDk2vOo&@&tzUjS{B3IBhgH0B!hm5vw1r!QpKl7ofcL;^%!|Dl}G)(+1
zrd47(IgVHxI)?DTm8(NU%%kQ<23HcC=*Cqy^XY=Oa~Q8(wHgu|`?9^EOa3|S@g5dY
zg$)&11q6YYr+laqQiF@V@H?FLkos-1Z?#ixNQaa=%_Z_HJSEP@8ZSlK<PW<*cd?f8
z+_yop(N~Sik9Dv`YhqKHg25{|(rHpug!c!Ey)}BDKA~DFA=*K>HPC*W^9eIpP3YU~
z0@qM@oxV=+nT{UPZ!O`EihvTq<EM{t)<oZC=sfDMN$7u<Y{eltPidc`&M$}FJaF-a
z8jb%SZTtF(`K1Jl1Ad^mmNN{}4X`Gb3pfbR93D=JhC5j1Siv+R%ItnnIk}0ubMA)?
zLIeZ%3=RA2pos-Wv5hb?t(ki_GWTA?;GLvY=aK%BTs#ZH#2emP0|eJ<$Uyz6<1625
z>BB`O$(d!;?Y!owd<XtH6jjt@9l#9vk>^EWdwzq5V&2CZzz-_Og`7q|fyAcz)v0Jo
zh&fcup8<!;80paT{-cOQ(trCw`lKI~m(P#48lGc9e<atGnVK6WIpCViK(k$zlDL2k
z-7_M+8RC)|KGJWw0%!ccHkSset^dB?a_|9Ym0KARL5tA7F$@sCh|(`{w(ipiGbMRI
zi+N2<`%{hAWc00D$m0nc$9I9x?^kFoMNGW^h-c9PBQOm8AEAS1Tc=6b=~LHU1Ia}2
z)drp<20uI_5Gz@~Yw9$wj=-djIE3)HqkdifR}<cB;p8<~(G)d+YJjJ68M$TIvF-45
z#iOH)$8m@Eh@Bf$`!K*EotB_ZE`4}oELpgw??w@6Vv3$#Mm<|xOF^;c+v=hX>Eq!?
ze4#w86&nX_k1r_7U*A9HPLg^YnlFnrB@<VCfH-Tz(1?BuvB{cdwWL>hoIi4TnP5d?
zlZeBrngCH4@1q|W7%Ty*Oa4#SunTx<BOu;pAs~Wc8wp6jr^`$cL*ji>Gojz+Dp4dW
z`|(cDF*5z5xR%<jNt+S{1?U=r6NU%%!n8h@Rh;I^8jDSu2vgxGu7?SC0sO5b=km`Y
zSld5k{(EBEc}K=`);f>ke9Y1y!4h*roiw`!7#KEiCk{9#>>yk{1dZ*I?os|YC>8_0
z^@YM{fY^LD5%s%zN=xWJD&77>V9|_9WT60(HDgE@%sb1&Qduec>}rZWr`NWdrgc{2
z)-z9F&PhfMtP4r(E;uzI#A?}p3f~EOPg6IaI7KgaqD<e{zODsRo@Bf?UJAt;Uf-}>
z8Yu*cRYn?zTU3!M=ObUmqY{8ePo7{K^OK~F&1vI*eDX&3OYLGSX>AgSPk8fWi^&YU
zzDYIWJbGVuLkVfE4mkzmD<>Q8?vEcZ%urN+v~T*{YpzrUI<9lMLn{IsQ)_d-EA35r
zi~PZhpY=8gowIG8F3CPLOdk}wIuqcF*U@xPB&yBegNwk}Wa8c<_OLF>a0{o*ms_3A
zC&mDEJUr5&2tr5_)$G67&X2EKboN9@Y!;O5zA)x0LGDOu!)?5P4uY{xMmq!=+Dsng
z3SU@w_1Ub8!!t5TDfA~g$Y!Pkf96L13^4}Xp9INc2I|fNb8SDaOUscC4uuAADV8(9
zM=(3_yE!{_0_wdN5rTjUc@^!gD~(h`V_#(Ol&#!f)O3evGiuysF=~KNGm?=|mr_3B
zNS8|iu@h2<kb`N$E~%{8-2L3PpV#rdS19Fr4Giw*T8D@RjYjDSe`xsYL@X<kLwvde
zTd6c5dhDI0$qoPWslIYN@F)wKs;zzP%}>-CpHeb>HC5T{o!hTK^ME@DGq#s&4wiNl
zqJNq7N4R#_WlF>5=lNdW_9Q)Iv%JRdGPElCC&PaxxoQH>WchtnHXy(^>@0B)N=2kj
zA?`tLlF^%%0A2c*&_Ck)=?Cw;5{%$nXh;Abx(RG&1u*9>ymOk>I9DA@btkV&AL(HB
z7**@9z#XtF9oYblui_@#FXm`NO#Cnh7t?v)G9B=MVlRB@^z%=qNNF^c@w*|nBA)ea
zAvI0>VgTI?uJ*-w;0``q^?<blMVc$lCvZF?P;#oMGlYs&?F$o?<^Qz^OwsyK0DGDt
zl)S9a9+aT7U>)d<`EV*9oBGcTfsE5`vufjc)1t@HgCsB53FOv!8SJVna|MKT3vQ~s
zb6;lcD^>;?*>b3juDTv}$_h$C=htEr1uLos6b*dMlt}B+jq@@RT>N!Q(Tfj)jG%lr
zrhgpBKjNA)UVr)1pYg5uFuespGdY`=je_fg?|=C=boZ9AcPJ~u$^27paFhq1OybCm
z&6<704t|Pl$iMJR_)LHW3QsIhczU7rt_XFSiid*@p`|~-hgl3A&$Ox9aVOU>!Oen^
z%?!}&`Cntl#O2VpyWCI@g_tR<hwWbdx0_!WJf~cM#{KyMbBNjDSEh=wwT#WsSqYoc
zR`(Tmi7?o#8*@h`4n=Ia;=5~t`{(mOM)Ldd@TQZY!{8z%w#vEl#&7ZS$9LWB<*_h8
z!W3v~#;2Nx9qMSBo$X9JXU#-MIh=v=acF}y)ZP>!hKO`sIl`$$)*to>KIWUO%X_=j
zKd8rmM&bWKqwtaV%+IQ<HQ2hW&~R%NTv72#ikI!C?E|Snuj}2}VX?HhgsF}^-I~ry
zi{yTpzLCIVh4^(OGH0<}m7Uw?+HZ#BbIrb10`rgGUZc*r>U+K#5-VR)@}_3VOr*_H
z_&Jh4&v<1zQx#rn9q#IAeI#YbCd&qvUgKNq&8(M{Z`|5H7Mri=J;rPVjO&()uUK;;
z(!_5fON>Y#q&eVz7_$^1*#FfzmUH9ZZWs|Eiaxr_yS&%Z*le#ybcy2u$Mj6{=4GPQ
zNjZAEPS=c0uW_xNt2O_N-JbC7kS7yuSeQW}(eU1vnFnClMiOA}Hf^Lq8_NX(5=gRQ
zpxptyZBsTfm2XaD66!R!PXjc9dR?f%3|2BHLacH_O<(Q^>1R%B^d#(&pge_ERcAsm
ze?+vBUod?wQHINFV1^8tz<vD!0g1=K)Am67;g;A=O;G!=ksVtw3$xydR=x#u-3%_6
z2{{(lsJuj-vbVziw})2-sRckk>3{?`9W==UCwYnoux+{XHOecXDY;;!`SCVmrOV(g
z4RoB~8S&Ef(<CfsTGQ^9*IRexH-Bw1by`&Q{61R^rf3mYC#f8hVR|1Ig{1hymciS2
z-c%pcCuNJtDP#I^+j%JkW)cHc>Y>o2YiG@+ahE0;o1`oO;ILb~m(RvHA>CZMV*@ju
zZ?I5H$LAHPo{lQD*s3J}^I8KuElj%2UxTm}nXyaeJzh#{A2i!(px>_Dy4Znj_nRBP
zm=~w96sNk*h?mjXpK(Ml9xrJrQ=Nw8i-ocmwyrs(e<+GRl9fEjX)Il<f3=>M!tkYT
zTmGamqnPLn)QdkajUqevqXOoJ)yklkMqI;JA@VE-mOicEC?R+?Ij`Jf1Exj9WYtsk
zkNsa?w;tX#*tOymxcq$m5Q6NUWkRj~k@f1ND|uMU<h1{Q?Xl1*uCr$IqT=cN`dZ;>
zYvW3$mdJLM-z4XtZ`do-Eq-MswX17$G@OU})1?OvK+(qbQTNVb1l9$ANTVL9F+Gm*
zJR`3FO6Pta6}qnAB4U^+A^EK5siI$IKV$M^{A@!ET5e~z`yyHD_gMvYklSHhE;2q}
zSG4csz|4FB<`qO-dxSgWs_ichkz_68V?_;%Ml2SSUs#r}R_aSxabeA$VqlnjDp#-$
z71)0Pj&a|r+-%1c5jL8dv!z0~xHwbGTsU{lu%4Esc~h3iT5tn|;425N5gXkDxZ)_u
z<B_{U1%sm!sUUdjy~Qcizir9u$3Vu>A1_PO9yVeXu}DbZIp<RO9(^B?59k{e9(#l}
zsV;{r)g}<3#!y7}6scS|d`OLVvw-omnjU@t>Vu4slRrPvn7%xnNsXELwU;!6eCFxI
zGv2F3v2nWeoxdqLxPz=Dd-?)<9oT0&^neS?o|YSDYG$1G@PQzCLf^X!_8Pn=GYy<p
z*+YfEL&Y0k@(Zj}2U7pyh2fts|9Z`nPl{t2am2a6|6p`7!@M+w*MSz$myISTDTued
zRWpLrPfwEN;Jc4uhjk>Pz<M?~VWfaKqeCXTIMs6d70hBsZ+S~BQ6#WFyeNfmf&}K*
z`15qHXxD9>=($V(_Vdzc-#ENny2VIsNjO60ma6gKY^^z~xNWq_Mt>04rV9M~yiWmD
zZvv`tFT~^G%m<JZQGEG;Bt`u!+>UVM%>V7Jr->AYGSY~1NdU;o+JPy)7?Tz2mH^}B
zCgsb)m-YNjxr8Y-d92z(WTd%EhL+e@z1xX-6{3u|(`-lMF!<+L^br@<W7i_+9X(ie
zXXRF|E*4i)_i{dsT%JP2X`uF%t~c#$i+|exOEt;iJ3!#qZv@olC&PZqL@K!{G?AC@
zDFl80)=s?uAq^+qYfwpf42*?b<sgo3i*qy^B?L5*&RreqF9W0)FIr`OpWWgIK~Y*L
z?IANI=+}2DW~TAO&&JAvF0N{UhVyB@El+M7GH@#SB5ih)y_?p&=f942K8e1}0c!c2
z!NY0M&Z;%Vm=1V=Lk>Q#M>=j6B&$B>EJ?t`Ic2S`2`5VmuDt6rthZ?$&!;^hNhzC!
ztrLu58Oh_A<Y#|Yma8oG`Cn<SsPKj_((Wk@0z8JxE??KKz{~eG!r>MY@{36C_VF#Z
zqI})SPz(7ItCq{blnDb*mE03{0nhspJ&*KY{#<10QY$hB@pp)+_SEDF*Xl?!$+>|D
zt#vecsXVL65jh-HT#>F`EiLy=Jkg)E^%l{Z73$HR!>rK;VQW*$v34jwqm*15y?g&L
ztT%IPX5oBRD11n;*{$Oo{Vp$Q|NU;!T_&;d$d58(w}KB?;~)|)V_(W71_ZEp%^KG3
zP!b0>_7WeWJartn;J+GmJ&}7Msq>8>lvAq4plD;GXl^_02HCuIPy6uK@sfs%PI=#F
zFC{^aCl*Yl%#!@o$Nq8qddF9U`7&@;%JXMgBxjlplby-QGaqM7`6somekXPd>DrXX
zYnGiI3r?u-gV%tcd%crQR&=o>T2;0GDD_?wqs!i8fWd}HP5~^-uIj9R&YwLvRDCt`
zh0R+;(LBqbapS3@9mr<fBf4~hF`yIZbc83898fYu5~@6XXk4f}>t-pa>B?oI))OwY
zP}`{KX4xq5w<uUWG7Ub6t)eP={w0m(WVNH3En;2(P`j^Ul{t;_)QU9HsC_%85UZfB
zHOsr%+KI<Q&DLpO;DVKzn?6>1%hn(D;y;r1AaKA2&$I|n^073$G2?fTO$HXszP2JS
zUiT-#TKJbEWwsn{**nPlV>SEysE0dmZW4@7>$4+fdTID1@fF-l$Q-T`S5iFAPrIv#
zKCBhM9Yus4JVxB~x0E&Vl`v5s3YqMn$j9pXV8G=gaIL=|D_EZM6*OL_mHpyjo<G{y
z5mv8cQC-{E_r8|l=am2aeWqhcC)LK+dr0N*BA*`Rms03A61lHefLOT#d~y%$FWD`u
zYOzBC_W$BcEbAKdN(L!_zT2l1<VR+Ji|hv<a#!;xu0f&bTWpE0nt&f#J-dqIc<$Ta
z|NmA;MqADjko?(dtcMKA07Ds5`^fmO3U!rPZi=uK(?@$YFF9KBT^~A5(2)W{ZXCY1
zOK{g@I%04(%RHo=6rC&}iG-dwZsyylb)L$ce=78VF|<mC19-yu-J<A{tGFY*ek&BU
z<fQ5{-&m;)A}W5cxLbUd3s>xF(rq&6WtEDYi+6DWL(tw`!NVOX#gskTPKw_)Ceh>R
zvl%N2jVfGODJW&G^^Fve%A^;Nex{{R$jyoDi6c=1gXcx-!A~9ay#({pmlpB4x$5LM
zl6x&m*L=AEni!x!>PzjK5`044Cf<rG-V<Wkmxg|ufTqfD^T%gQ*=*$6%eum>`Zx#)
zZb!Y=`h@Cn`4xk`&k5(gsI+qu!$Rv2X<u=nSum?b{)RC_lHY=VwayL5WBP)gCoyR7
z$6^fli?A0Yr0pFSB(iRW`wD$+XVJC}9)O%K$Bw9=%VcE1VfGY3*2a5{iLr$<byJnG
z@GLgHF&y*~cUHQlyto76_YEogKh@+a*bZHbS(5W0AJPP7$$FwKRnpL35=d0LFaB73
zox^ruzPv5Q%7lY3-GWLim*(^K(zWp$^yZMBScir(q&6B-?p`xA=!eGGvC6>z^qmnp
z6V90U=x=?8&|9jICRjtl71+dmAT~Y91$H<+PQG(kBA>6Zrn3zM>vO1^I_&w2h&DJZ
z+ayq8mEWJhZ*|f+8iyF3L`|T3iTsgJ$IEXzLE}YP!Eg|uT)*{bs|E)7R%%t?T0{3`
zGiu8r<XyaW(*jnbBA)~>J^wjxDbcUPzZ(Bc(E<n0?g0fahI@JTDa@2x8eOsxUdukY
ziMIAN(eyPq;>RAW^Ip^bARB*^)VVCGYqb+(UPh4;9<GvKzJjQv=}!8SIdsC4T54SN
z{>D@t_l))GRc+y1*`1;2NKdBV1h#vA-vn?6C$d#2<DDGI^d&q@9|S@MV-99Q`Hw%A
ziJ=BKC?^TYt;2K6POET3SS4C;^&_Ds$v>%U#_U!d;lVg%|4p1ylHM)ds(2PfEJMWR
zM(!faIQ4;KELk5$>&G7QZ*fNS`RFDwb?!DOvmG4_i4D+^$*9rnIzNR0smmRqIHb^p
zGly(5WxXU07#o&M!*Zi=0v(0s);$En_$Eade<(XHVm;1-V9sr@A~4D_Jic*wxgkVl
z-35M2X}hvwoe#H*^mC*$D_)rTKck2w1<JZrBTYa?A^e|F;6;_{j7a{@<vJIo0@8#5
zz{yECNn=|<csPL-AYWcHqrF0cmJrdrUlINDrl;QeV;0O36Qb`{nYQzGIS-3dYpv9q
zBAX};&Y?HHg*}z?$3FwXrIi)Z^+#Ar290ewC8!o2go7R-$2f0^x`qAshG%}rS1eyE
z*4j31LZMOzQ?PvU8Mon~$7%X(wTt!_f7fmVNqw9m)%4?vpsDlA)4w<T03+JGCqPd2
zn5X!=#q68$760}df06qYUPz)g|CKrKs=!e7yc(jZUaekXYNl@jgAOG3Zp=-#l}$~A
zH!LpvfGw9y24omDHNHs~+V9dME-ZtCnbj-qQ`kg&TYFx*W1$BpFlN3@Y)uSLM7a~}
z(MxxWVubF)Cg052HK_TQU@U!%bS)Su79_5P*}AAkPX~6l!g!h77bLw7PKJKg+63%c
z#udGJI<BO~Zq60%*(e|efuwC##11>lD)NVcERQQor>wgtD|pzgJV8Hsy2z|44SNDe
zM}7vA0ou!nqWR#a&DI~?Wu4w4UHaw<uhXCGr1)xLI?JJh2m7+!n)oQx|1YT-eTSPW
zSTa;Th&u?S4^T^5iyZC$tTPn)#m47@u9<ro3yHD?O|t*-Lc+837%tMwTh+0;Yed5E
zRU?!H3q{otk<QBdH`0Uh*<E|@W<x01fh3R}-B{y`*c(^If)mA!0mCZbw8&>VD4-(H
zQI%5V%dQY|W1(mR+LvHUXXL+Gq00@u6@65^T)tIq!(HN%qw3zVK_T?<@@?!!1q;=e
z1usGi>q~K@v@=u@mHPL)SFRiHBvB5YJ~_HocSDs+-#%Fu1z-B%Bmq+1yS{}w+Rb`}
z$+3OiJ2!ZBbVdnH9pG%dY%yD!NK9w-qhZ1dWk&@clf`PM8_SmT6b$$YX1o>KyPVpi
z*Jb)0U{bJrhfLJrZRU<b)7=%?@zi)I)Hpw$udGVAysH`J@4RXPf|H6_!!Kan2+Hi$
znf%cX1S}4SIAmE=bAgkB@X>x0y*)^lVs=e#W*;2aw3Q7{i^KL>@9y_x_nD05mrub@
z)WSE`_$D5#U2ivk5qqdOm|7cS9*08J%#}|P22Mpd;T^qovEJ#+rq>Tn5fMV)!<Q1M
zR@gG6AuqKw3YAEdLub8atYJw)KF)Q{PI-vib<n-E%Fjb@w*+>CZEu5z+#$p2xp;Oq
z-}omuQ#78Kk0a9fYL?(NcP!>5tJjEIP+n)eiGPuvsNvdx>US@cVc8{^ou~OzjJOeY
zxPia7CIB0-n-Yq+6YE&#s!lmaW|NSgGcf;RH3zNZIBI$Wk2xUpH$UMdLT(FJgEcBz
z!~o&TlfQ%Qgh0W(C&3Etm`4d_jhkghGyIHg+o6(+>sE^_xPAL+!)#9W`=S+B@U(85
z$5SP3W%Lw$f+S}UNe`6eY#jP=0=!Cf-G3?5D-l7VevsPZQM*^)ff~(KLw}5_>wGbw
z!$g1-l5{!fo)2F|)(KAny0MA!9Uw#KG#1RtIQKEcvIXTYyfF3AH8Dnm=0Na*vH1h9
zhHlwVEmj4*CU0c<ywE%cfCkOBiF>-NX<hQo)imKidq-pMiKT2}w`SFF2x9&8eE(5@
zQln7+?_&O0@QxEaUz@<oFEo1jQhn`*(;EnuETJ(+*$1GcB#QjT2`Sz;(J0Uo{htNu
zI_RG<M#Z~97EoJZe3oFsaR|gPQYm^apgIbw4mv)haWz~MKfZWXe2;`adtD_|y*4~6
zdbbrq!PHlIR-dQ-^LP1x@xr=;z7b<0C|d@B>O~_sq|Ta-*`U|!`0Immp3%nFG@w75
zoYtR5x-sj2sf6!NCR;sQmF#N~3;B~pwtC_2)&@_iHIqNjPj||vrD~?fZkVF(u0(W4
z)LPF=ri#l2r<+sqy_sRoO=KMe)?0Cqq>8TC)%^4SCZG?Bh@!>dmQ9l0M`D1^vLpK0
zpr07^KG5KUZmBsPfi!s315~M(P5D2DL6~ZoGgLl_1u@KrEYQO_*yWnjMGAz*Ok}U@
zx~3_(UL$>cw)ff&j7%-*(`Qk4`=!)uQ?kapg0i;Z52WYCw-A_6CdM%BQ8)M>-8lm<
zVlSr}UExUfo`pfDudP6$``yx3aU@e)5J>a^L`!G==SozGUFlt4r;4t!MX5h6>vnog
z467!^(@AvWhHv#|1>oxvyzT!g_kSW;p66-H=+2mvqD}nz=Ki9F!H;L*NuF%r%YmW|
z{?t-WF~+KBxYAa(vl&8YH+(~A1EIqbuLgw@i6B-FgkWy2){=aN$g{cq<)?B6pyy>;
zhidMU&WzYAkNg?J$7SUSEaYKy={yv4`~1Dob01#{?#52pyPuq$#YzR4lsA}TPZ}b@
z4f3ztSL%T+=M5CSvrtsOBau=g&{zt!%m@ae9)RZQSo5MzgLoZFaw8@T;MU?!=zMsX
zycG!6fxi@tp&W2Ca_f@$5<kq2A4gmk@8Z6V+NG|G*T<&uH|tci8KszWQsjfOjw;Sf
zN(DDa4!TX3su-jeN{_$N-xEY5du;*Z`tKMYS8KvIpOR|d$Jp}6kx;*G?`XI`Kkl*6
z>M0C&LZ(sZk)|)If6!pwO|>a!YuxQW9lsbh*AGr#I^n)@-rTF=W`kH`X*BxIoIjW_
z3zg~oe9mDjBX!Qqp-EmHhq8p(8^a*WHo0{#=A5-o4(nWQvD0#~CNs$>L}UhB`ZN$o
zD@Nbi=z1BBDrW!bJm6RiaF~|el~C|h<oo9%%H6W{RURjF)TtSBd~ZV)p(Kq?+3CgC
z#WG%ENhSz0`=?jfq`T|3R4dIudId9Zx7{9wT3vx6A=KLVYk-`*lOInqRivRkSIaey
zOKpWI%Oq|t2|znfVp;WmPYfyCRShS7`spy-Sq<#y(^R$A!SOxK-tD+CpmFUp|0zu_
z;VDemv=1Fh_zxwFE=R~UsQRbPuyiK*4{p4lC-!JReH9ri3FoOxEKVC?Quu+%7WQGg
zfhdd%B`&hxi&RYITOaf+Uf8I=fDR^`@PA|qfQt6`L_f^_YW#i>n-0T`YHiXhH1n(b
ziGL4i7>QBuylfabab=&)ZO9s0DO`9I@N9q$gO6TY33ycb(esBe?b0!--mjf-vld_?
zW>`m3X6e8ajs#z*j9Co@?eM*Ak*y{5Vij+lNXcdB<J0?#56g6;3~PXsqCoOmxDj?H
zMdb~`C|Q4^{dK)`vdI-JE%de!&J5~&gtY47O}6F<j=g&8LA*qfL}GkhlNWi0hvP?S
z!e|`h9)*%X-9Ng`d1zFyYOJ#`el{N6^+@fK3D<-eQzGmGWh2)u9Q{CfKiEJ;KVG-y
z-txPu+^`>mzX=2QU1%GvlT1}?J1SEq9)w;X7O`!R2-*zE<Y}xN;Rvdo!M5%?WVniV
zLt^!OT@P@SD*&^zj)LsxnRy9K$wl&i01sqK-6HUJPGd)d)FEdzkaVwtSE$?#`H#QI
zS+;LdwOJrV5`Tc{fnHMfF|Mz0+>3P#jm9RuH**-U3EwLlk4*d+M*j~+)sg~<TdH#U
zAQ-6@?D|y0jglFF{8C7=S9sE4nv=?@wf5XyczN0OY|~F~&EC$%zq^*-vTAL{_iTP<
zn?}W07$kB%>BN<CpUHXVOrTbrVJ<c_HdtyA&JjDG&lUP}8+}H7rdE*p=?TEd`Pc$_
zAenJu8p%owvp>(ABJPr;PQMZ~LkiS9iWD?)rgGSkQ|ZpGh!eSg`$DL)SA0r+y1qlp
zqSX1~dS61kM)<`NJCK%gD~iuqp|NXNBaYWgVJ#T9wQ$JX_(m$_?Z3)sEv3(+znXp>
z1T+iz(GP2cNeVz4+wp;ZG~uHAB1*Ci*;S6XQ@@_y4e1>u0-U>96*9JxIJ`yy;tf;A
zWD{}o)evl3*p|7C-}oiWugOiB>+DEqMgNuPgUiYI7Q8nk9ZB*^HuL;=XaPmXVrJ`u
z<;`!$X*BE{ZFO+4{6_{cxaj$6{6_w4%%QvBVLU1Tcx(oScGs>Eo3!!j1_eYPxecCm
zm5EIr(G3g?fej1};gKBTli?B+iw_vrv8U+%TTF4Xa8-YG)DdVgGjgLJiV67ctcsKE
z?W$+s&1z??d^1=?zA4c~@17kvK+ef)lv+F&R~7{eXcUhZ^o*M2NBIA8<P6>dhytsd
zz~WMBdA8e77Z6V?na=+lcBs+de+zetoUig<-WDA-e@m&hbGc6X<qd|U8~nv>0=4|5
zz(^9!#=!R1)n6rCGvMtG9;+jee${tw`;X%aez7<{PDFDJoCemN7}Y&e&?t?;xO<$`
z-aYEE_<gFb|BJzC7N9~GJve=2Xj7pT9#WVYhlRF?P5V1yxj7?k(eaA;;{hRwJgxWU
z8j{vWN-jz<8@6Hjz@EAb88yxs5!@Ay%gVhiG2W~i8MS+w7T3cw>-w)^n=o)9k5VQ-
zf^bJ2{EzhzAO;80I841R3lB7i9&KM$H?m==a*6Uy*a@!H&VZk044cE$nujrV3<$Jp
z9fqSX^X&v&0HForNq8WWOZe};iUg4JZHi)sSRnA>8(y)N-MS2zCftCpapnbhwSV>1
zFv0ix2u1P44Ze;XboCiSkB2SvPZcz1`j%2nuIYS`W*M?O?R+q1JmNZSP>Nt?*>8zi
zBg6k|zXPEDJ0xr9fQ&xTMd2#xyOz*_{3HcPRuCxPrKFImc^9<5@zi2kz}Zk^t2-RN
z8ArE5#xx)i;n^gg<>mOJUp00hGoG98XRl{|ye5P%uvtd6f)1xH7*(rnAgA-xA0a+S
z;4PUe5<96<Di&!}+pH6E{8QCHKVuYEVytdHNLFt#N2MA|v-Q^$ho>)RvfsZWCRBSH
z4Y)h{p}TKhXjXDrbqDJ>_<g2Pk(rh{Sdn^!c>1jM=1%IeHHHb8KMAwe*$QZvw&sFD
z#7&5=b;En{ez&#F_2nGL<U8h{3jD?99WD1JPt$>+%P$WNb1u-^8i3Bhb06G(CakeH
zCoxkAjJh8PW3ICZ1BX=fqM4H6rNjQQ5}Fi2f3)hL6^NBWK&*teA{;E!(zM`BOt9sQ
zK2;XD7&1BLJzwYTy(7m`&x0eD9<lDhdT%6b+KUb+@+W7NF24y_vLHw-h3M}^1Vfz@
zWqk)s20=vpVD`nVmK{MdP6RX5t3$y={TF2>iGIN()tj53D65qn{b17g89v?7uDTY^
z?36=oGW9uqbz@89MTxaB;u6=LbI1v9`&&eCo<2r%H)TO<hEDxLfPTEXSwg+`PoAwg
z-p>c~SanmW>rbpsJi;S`NjM_FAH&#II>NO^3b{m{SZq)|H4W+Jw>VB|Vo;bDI^i#T
zcn6|ssh(`#HvUi-r6;kDqfx(4uS~hf!5bf*f10K0gtz`*JTY447(qGFQ}9cJD(y)#
zD7Kjt>l~x6EF1_wm8lw%2#9g8?{6~k-f)|Fl6fQzq4I*R(2lyi_l(_Zv6$1baG_bs
z5Du`e%zk6zRlDQ_tHup><BlCe(5WsSCS+GSN%w>w51R6hd7xT0+r(xZQ>sz!sQR30
z56dsz2NRIKam4P#BJwnnr177-(^opm0G0&=;FzU(7-sUitXkf6<(N*S8}G))W1d3p
zLFkJz5F%3foe#l3<g!Yad%RIASBcD3H_TVy=&zbyH=M$~(NzveJqWd~S;Dn1V%ssC
zDw8%4%wTUai5R|32b{|zJS60PjU7Rk{ObCw{wtTD<Ty!?Ze^5c_6lMm+Quo+=4}!B
z>$`J`a+Y``nxZedg}-D)&bF#ALyLhD+I}yK9=pjnp5zPKgy+xwzXn}6HZ5kqaQz9c
zXES`^a>~OMZ*`2cONZ;S^uwTi!Tr&ub11}yXjao5O!G^YO=DKxbhtNMdwdDO0o6Gd
z;`_!%gnLF^23D9sqB))c>f0;mFcbfPTrBnOSG4L|XAqEQ0P}ah3U_0QrJ9=-28bsv
zTBXQ#5MetM+T367pOgK9Pi3+iqH-}}bzl>@XCzDflJrl<VJ{wSU2jY4&m@EW!oA;K
zWA$+pIO<4c{wE%_%`+x?L8IyWj+_rxao#iMxDQ+fZoNvx_AHrBYsD=1SfX=f8rt^w
zMCCALvI4@AQ29UqR~Sro_~iZkHCV#PK7*mhFL=o@-*9g|pPCekQH==iR<g5IBIc_*
zCK*=SzWkIvD6z~^OS&=sJdmV^(bCwSW8MTON((&fcds-J4%F;<pzPaW)4Oz{SzN4!
zI|egth5qSLTO>xGn;S%yl!Qmr+~Wf6F<>p*iTmY36*s-RqGW{6s#0nE-`6VFp=BB%
zf>%g&_y*kK;*|zajKGBEvKq*(tMk|AS^g53;}GK!M<ViLo^v**uOauKLIAg@4Bp~v
z4m0m)HAa?^0cufWsg%~}<7+hg*<1{xF|%sw6hlmo+cW&6|I4@?u>0iAbNsshR5i9r
z$|65p*K+K|(*G<jcYX<ZHxm8LbkHc$H0%y>%uOL3oWng{MPTjMchH#|Q$9w<>FG$J
z6k!Q!S4q=J0I>HpfNq1;L5qGOgiYonYdC@r1Yrb)dfcw|NJ|!6V|u<7-pGtDBIe%z
zDPIP0w;$s9z{c`^2`kGChPI^QC2Ed+Ruei^FF%tXXY#Z@!c4#2=Nn5D>-%Z0h7uMD
z=vek=`KnTOH*W_E?>Q@Ws@>D{a&>uc;e)BZC+lkIIdY4OITx(N(c)J!=UpN9xw~!h
zTED74a${es>4!ifBo$gq4h`B(&eGF+$sDU8Fdo3~l1y*xN&4koc6<&iTIk<HVNLqb
z5NQLVY*137Nep6^IYY=QwxYp9ZznaNagzDgCkk0Fy{|no;o|nnTt_3RacrzDMN=MD
z8h=f*K)lSw9$L$%xdypxZgZ)L@Ugy{j13j>6nnMR&OH{fO4?n^k>;+J`)C>scw$Kv
za7y+0fKecx8yB`&?snN!VG(aJQ|l6VJ<X=W+Liw-pF4kuO<y)m#Z<=gDg=-aa2tk3
z-qI}Ib|%wW7hOX~KsM_#JVYlh$7Ku-Gn;@>AX4XBsH2;0_7MfMt0In=2TyJPqm#NR
z!wXyGq!bXHsAV|;%}I)#_2&8~`o*oEDe{ww1J&x{UhgWHF(`j_&RkSI5MGHmwdrhH
znzr5ht}WT_o4H?RXU9{AX*RL;^PApht`-V1GU>*6YE)(GVCS@I*z2&1jW#awW30hT
zSnZ}fC5em-C9(ZSh^nK5DW}OiKee&m3k6_j;`ZMK0SvvJmoaa~?Si-<tA$WHT<QGp
zvr?#ct?LSigZ0<CI&J=P`&p^cx)VEvBZ%AYQGU8sS*!?WMBfq$92tYT!6cTp4UwVm
zEfCQS-zra+`kjqgwFP+Ne<9bjSVv8XPMPbx&D>Sa7qL1*mE{eA%AX!QHR}l|Ap`9G
zlrHE$KgT#<F2eTa8;^yXmcRVeA-aICUc#Koo6ioRp54SVF1I^)Q3<L(BI~R=ta1CK
zuSV%{uMBfZ#kOL-V=5t4H)8Hv{r{1+@|4Prt#aIN(x%9|*R5~*Y@DAIezc+>MRQ3p
zyQthOvUZKGbP*2J(|kfJS=lKca+*@>=ZX1L)x>$IAHS@q@6yF)cM*(UNn#?6^+!G2
zFuu>{UfXpI`f*6+S$eqa@Tp2z?6QzE&XL=|S2Sq(+Eo-?j~NG3?O*o3O!O<wuhuyP
zW$$}g?}bymSc}hV%?ozs@8$}3ftFX*GT`v$F&t>IbLT#)%WuZ=5{XRDp={1~qgj%F
zqY4&CT|OQ2PO<T*3Ax~EuYH@!p7}c6xwimvr=x&fRcOuO8xSMWYVmZR`h<WphT%TX
zTc~iyp8R9b>}}Vk91_4B`z%cYV-%aoa(5bJk>hsaU|kC~s~U6zLCwt3U1@&+17ya&
z$eR@Wce7`gg=CsKUBFmr{(dsqIsf84yBxNTGwVVcg04#xiV&&#|0C)u!>a6-C`h-2
zba!{Bl%#Y@gLHTE(w)*Rok~e}gOoH#cS(2OBi>K{@|=e=XZFO}Gizoi+Y=@@c<=7e
zOFe#4C6!kmLu!Rhw_p4C574D7vsVjbCR%~;oNNp(qPa(X)uGBcB5kxy@AjATSND1M
z^e}`)*rD@L$cw*fqPYMGAi;Gs)6Arbz;jZn2=`n7ZcamRaA+v|IBk3nqhMs3*B1Wu
zd3UPonY_uzBh!(VKUwC<Mv_2i?uQWOuogWr-5Dn5_k?5T>Of9CqIDl`@N6_lFKws@
z@~BN`GA2V|h0RDN;%1fCSW-Ae5xML;p;Gp*K&`XioihMLjaszD1<xLp?oe)xYH56U
zi&CKeZRwZK)oi;2o@=FYDPZ@h8@)v<5GO(K>3DbJ*-puHLF&|jrAAxjwaSFN%L>Md
zvqgpp5PR-x_)$E}@n}k+U%NNW@sH1yEp{|2-v;w(;<~}v%Ei|B(;$B<g8Y$1g~}99
zt{(x2z14(gGBJ;(qDOW-qD-uZ?V9>U!~G-rZy?NKMKY5&h5A{t+$Ru(`yEogs{Kje
zXTt%_)axy=?fJFQl~+$@D0Ua(#!9QbMm4mSg8ohsmWBqc&JhjJa+S&fIF3k`{(nsP
zD+^WUSM5A!BbP^34aVr$b1dKt3~N0N51kD)L;qN2CB|j#PEq3y4&6_$>Mi3$3VUKG
zMJ3@7!jU*QD@!Mw%imzY9A^&c$xGKMcgbl(Dz<TNZSS_Mcb4)%ll4BLtXT`%UVbHJ
z>v($_Yy3zWo4&W^yt!-GU}Fz5u0V}fLJ?mq{ZZ)&kDt~OXzS#3x4X;0g=-r$iptK*
z`^|jO-0m5xSXE*pi38sLqVqxx4O%UC*Squ4Xlerwz-XdB$xA2*OJ+qySczJMWZg|;
zfHWQX4?-x7iEQTDg$EVurH_aVEcej|TJevI*x>XCcnb|<iqt9hR_>Rgg;?&DMWnLN
zD*;~}Ow}c*rmR1ef|cJot0yZgIeJ=^QL#%wb6zTYOSOCQ6YQ@~rCxn|`goDoIoIqX
z=0orGH81T051JsTX7~#~%*r}F##O6sI+!YTa_igx`J2r+XuVM%0~0N>#7=vLZOp5Q
zWB%jb7@@W%<ioV6eYeq=-W)Y>2d_&#1!+L^X=JedO;AY7{((@7L-i;CG~F|4NIX+n
zojL=@%C~jbp3h0>Tssn`bkCsw_PjW)wKL|S_0)hmZSD%~vQ<lX4_bJz(@&H+nzD6h
zeiVIIglp+}_(2zi7vRJ0#e;bo^%UCIU1@X&>p!1F7n%YBn)lLyq_~^BylT`|zz3p{
zk1|p!^NKpN)`mg!&e?l0iz|J$HF~AR8PoQD*2A$8DYE;Wm3+&EmjK6E-b49_@lzGg
z<2eyZ5x{$d*S)gPKG@EciIP=d{<@l&iATm;?`tO=lcWyU83Y%Lz^PMzFcl%=e{B^0
zQ_9Rxg?7#j^sy)WE|_ZIbdzcsDTJhO2}K7H&HDj0)5|Y!gqH8zj_}JGhjUVC3E#r@
z6b}($&n2u{_gd0EDy)|88I7yIX5B9bfCqDdUqY3rpk|09rP7ozEg<WG-e`<}p&R1n
zg_^cKk{a-2TyruMa_5677>oE|Ju1qCEC9W?i$k7os@+2o0f@&!wqc2Kdel(m>_FT7
zWpTt)X5xXw%%ehWjq*ercdMqFM_KpjBHqk4QBHH|i4T?YS*9UcbGYhQtK7+X`d}M)
zfqy&8$a&JC?r71l@!;jLIJhT#UW%d18yb*tI`~$>R5;PJGt;e%>gPyY;j1$r)%}LI
zYzV+gMD8{o&j|HGd(ddJ+GT2nylZJO!}f<=npbC&(Tz!mG_SmVH)We<GKyez_do2G
z`1yV0KAf8A*N?5wf`W6^{7?WVv(A3e#p?g<(qvXd9%=QzP6UVz#>?^9$NJqYsRy1b
zL+<Iv*=nNSj=-Fk`;$XrY(WeMP?z5$46&Md)H;o_&8Tb8P5-)+F@&R1p?P3ZboH^>
zN$9rbObUABl-=RPi+Qx|UW150;XT6=i~#Rv3a#tZ=iLsZW~kjNU%!h-Zs#CG=*A<>
zSdq&}C)COwdH+gDbV+C1I<gB5u)h{CH=b_<zCUa7jV!m`o(~|M?2-RQb}zg*c@0rR
zW^s~?U*=UdX&8F8&RYo?Ph`do{%JC8GNu0Wq7Y9Oi*41`)9LTN%mIU=!!uU{{P%m5
z{9}pY2qR{0GB~I%rKAu)1Wk7Mff8^D@{zCpXHO0PCli^k(#E?1mzHcz@Z$>&Wv`>C
zn!_K7kAT6x_Ghh(WnR5aLuu$orpv3bI4Im(cNPDxQo)XICV7G?TAttM!<9j^V*&y+
zbz45_qVMklJ`DP8Xah4CsQ0CMi*?jPU<lxoO6~sK7~$LTL?4H9tk%3<PK|de!_LQ(
zb*~B1vK@bB@&1_hXL?-hPzcBT8{z$f$)AV-vQ%})<yQNtB=dkYxD?H5Wd8hD1tp^7
z|9HE<EYM0SKu6e2T6MwFOo}UCM+Z_?d=!(p&rb%5sj^U?r@Rp(H=ftpZ_UlxZrgNA
zt6=*m5Mo*oY?~(wO~^{-RUJkpieu)I#4*6?OAxzbPu$gYuBT9+MfN=ID1oS(WCop>
znBVN3=d^&YvroNiLw8!(Yzh~SLJ%G?DOm77K^pEaMX_b${y6CG4@3XPpl71;jDKv$
zu5ZFhm)a~w=076m_8ZU}J#uMTzpNK?Li^$g_M!8Aem)Yfw8#B;e8=CBv3s}vr7Bu^
zgem*D8bWtJ74_i);2)r#A-`=hVOb;u5swQFnp)Bd<FS#U7hTCLY4td2oyZct&wl!X
zHzKu#V)<4N)4e<sMYLDUn-i0TEa3-{B(zAo!0-rIoRRQW@I<6OFI3QW&Zrl?R}D^1
zpx|GlOHrI)$>U-1s;;+Z1L=@64^PAE&PV@A6!_L`8PDb_k5za7W<<g~`~rV9V^DWA
zt>>~^ZO3|iGca&C>}OmWTqXAf-z~Ix;euhrwn%6|+*MRR?l1NC3{fyp_rFPoHU5uG
zUO~ZV4-kXQ8|J85&?;yMhDTN8?;$X^DNwvtV5kSJSgAYz>54MmMb<=47RUxE>*IFk
zh3!j*VvbMs-8(;q%WK`ujt_o5$`Dt3UIMENHTv8j$dk*`UkP>f$NaIMcYGg*LRfjA
z!GBqb#euW+ykbJuL@PjIPl#xM{5bFno4WGvm)%9LF@B9+8<pMyK^$J_X}40NMdnb?
zJD+d2faoa{+H^OSD#DLj=pif~sX>(Frh;bMg``6sVZk3%a}JJmtdfr7G@d`V!Gf$U
zYRPFqPwkASryXa=^Wx`ETlJ_nAXbW_L{Sj9S{rm88VeMB?sus7c6J~<`0{Ji?~BT=
zldIrhXn>p$|B;KtI34cN%&8x#z{uI*{Wt&QZUC}WvNrN3)oK<OKBL7buRw#R07Aaa
zuTZF_87jyZ_Mo|+%E9w{+ntLYwgv+|R^NCAlb+QrAp{3PmaIM=<=Ug1sn+b29eGA%
z$A2{rJeR9)OPXQUrS<k)8DVp62CuI#9y|DB&8};-{f$>qU$NG?9`7uS0*pVL4GWTW
zpT7&P*x@@cm$x;}<;{KN2>(+oa7;z-ZR^ywqiqK9?Yexi6bXBwhP)Z6G*lC-#Rh6W
zw1v8BhjNd}oR<MuMb-adkckfMmgvUea9xnP(}x(sW{zzduLR~bS_#>jzXx9YqWrGe
zF${NP&J{xq+zbTF!6&MPU!%!?V;V?vNl9GwV&@oUp{v@?d$~DVQaGNC-yx|vTIPt{
z7Z5_C>#3$H*Tk)U{wCu)0lo<zB%5=B76BC`i9MzhQ}VcV1z9&QX{Uhuw-q1RbBqlt
zsjyEkG{h}_x_vlGvRs+02baFnS#B}~-t)-RR4K?_>z(ZU9F<<Bzfhkeo}uAs_dH&<
zVzG5ufPsc9#xMTtE+BR_YTn$;ZXLpDHa)YF5YfJqnX#DBc9>y`W8~nhp+2hSYj6rt
z7v6PizF!mF7|$W}M}@9Ue%Vj9?hwc8h_y1zQ{ef2zT~e@f+L_vG3lMjfaH?*`&XOg
z^Cfn{|3uE9-Q}Jx|NL8I<)u%Te?*RIhS^@>b<IVqL@~OeMY~a>&O7S9t(?!4kw6){
zt>(*0(78O&>a<Zho)cWB<K}xGg)l^whx?%kUQVu=D{fNdAbG@{(UxTBiq8Pbi)uD?
ztnF3~crDs_YM$Itgk|@gaC8o4Khm3+O4xkAN%qj7zF&7F*nea4@7-OW+Mr*-#5f-W
z#gVp>0=Hf3wePcR9?(Qn``(@B6g-Tp73@!iyR_{_rloRw1zC|+@^OrRu-i?=C9z?c
z8DQi6&DHs0EVp@!s0UN2YRo5u18_$&;`e=ZM|d6InPZyloAnslPl$r1rkWUgP^RBG
z!5up9zq3XP|G+#PwKwS8|L*t4RQ~YhDbbx}P1LGW_dyZFMvB<Sb*T1uuaAiZ=hF|)
zkq^ufJTBE&y45EwJ(hNFQ*o(}IA+{fUqom%k>ht4tmwosP6qT7Hn>l^q&=dj9a5%G
zpf>!mBJW#5z1ykb9cdt!s>Utt-r*#^%nkU>I$;~Ts=fRDeU_np3A2m-ltxiZ*O#W%
z&od%Nmx|@lrUTE<kWeQ-HQ@~5xv6AzaJir?rLkY8Mhcm!DENz^ovmis;gN#17+Q0n
znI*DgfNswBc1m*;k_JrFlhoH(^bSE8K9D{=4O$rGkz%!yXQYu3n*ykE@c&$!!b#G=
zRZS@cBnBEt42s29u*y+Pe9ar^G3Kq@Jo$xl97Gb!(;Mff<XLGSR!>&CyY^a_bltAK
zQX4yl#YS{rCwJ!PI~0@g)yyaW%r9kDZxcD{25wmH!Nz$3=C5Pls)kZIgRQHGZ34);
zy$5{}L&A;`P}y|fK_TQ$gggW>Ms$&Gi!=KBlKuX`U;9|)B=|U&`39#DgtqW<S++Rq
zW4lx~p7!3?OuyFgGNaw$Hue+|rcya1GPF=S<~_`jO9VPBCpzVNZ0vGV9(u@JjNW7X
zx!>AslZTtSqXruFff`y>;g$Xq@7|pIy1}he8<b#S&^zUEBS%P{V9eL|vKak$DVuV|
zsR+RFtTF6UvCU%?<)GBw4t{a<4#P!*;%y?{LVJ%u)9qTskMVhBa|FnSdDXi>@$Brd
z;_Fiz<>ZdeU3Ih(x&seS4$|9$!<=BsS$l5>_%<lk#!2G{N?<F*!&Oihfwr@S2Gquy
zclT}tgFIW?^B`3jC(2|uDtzc7g5mmXYC6>_JZqN4ffxCkjVZ%6NpRmCEu=?2%!iEr
zN$L1Pui-&?p3sj~=*iAK`YjN>&k1o+Z=}O3B+^tMkPr8|-}R0jpZxPo>Nh5aOSwfV
zGpC={E-O82&N^-5VRbppoXJ-QSV-q?k2N=I)l*&tS|U56WJ0_ZPP^U~LMl7)#6}6r
zjE~#3gjPH8xF1^F*`9K!wy!uZ5&1BJv!Am^&sv#HZwsHG-LWa8K6wK4m~btw+K}{2
zTl75gpQtZB*{vmR^HUQd2miIW&hs*eV9y%=H5J>9F{WIW%ZH{Qm?GR5{w5pZuJpjg
z_Y~m*$<Op3Zc0b$oJa(=^w=e&eUPDl08Vo?D_I=(FL7`oBqTzJ-;S`E2}iBXeiNQ6
zRP#-cKNPS<YV5A-Rt}&0`OIq#Zj&QB<b3Y0LA{<NAY4dK><1ZC%-(|AFTAhb@|=WW
z=B$StIFlYCB<i)j*|$d($wBO+`pTks2<Dd1f4HV3hifEJ@#BQT?~=2Il*i~aHBPYQ
zY8;Z>_zitDdK-7tY;;rEp4_-`82?pVNtQ_RS~UmFO6yN!+oB@d)_z`p+;E{A#Gevd
zSRTLjthKmzi?=ACg4S~>tT>IYNiIN#01Ed6veLCJN6DT`&raz24$|nFTi=Xs$(5i$
zr!tIP7J4nP>g*Q^3^r2JFQiXd2Q!5eh4<t7a+DDJ_(FV{lISdYnBk^-iAqcQav8M>
zgM2tEtWU&6H?qd3o4sVL-Tj@@Z6CqZ<167eG19iCU+vf4lE}Dys!2gWP0$5!ZUtY#
zt*+AkSCHRtj#>d%f7I+$E#*R}&uQ}VTTswJwF%%jZa{M9vfRQiD9*P#O*z_rdn~7C
zGb`o8TcdYTF?Wt&!8~^_wt|Z-4g(^b73e5@p_=c_$|hX1Ce5!=3$dIN^)@_vV%5+m
zxC*(01-+nnbTzQ-`vkZ_@9fG1w}K1V1yEOLv`C7~;Ys4eoX4t~t9Vpl4b}$F^LXLo
zi2Y^m?d%c<Je3a+Pp3yYzSe2$;juA5J09FV$X*7RkN7@ayY<L7h234QIUAGjLn7xd
zVy1@^jH#+()iQb^%{MHR5^cN7rx)F4p6iZ&gtXEFL}-sEHw;{T+*FRah}#dpS`1Rb
z2&OsCS;y{0$0+(glM3-!=*<j}zR*<<Eu)=k>ld)(B(5mBS?S&=HiTl8!zy>a(lDTK
ze^b@v{76j=ab$lk7#1@b_tyyZ^$2(;vJ<28J!-0$a)*-VW*Kg_1b(*gou<YDO-X!2
zf{!O_qw}+#;2s;=_ajI1w>?4wwc{mU-Nv_@Fh`mY5x0QMbbs;YQcZOZ>#T3a9C|86
zh;Y@D>l^G89CvY<m@8?8VlREjh2gaEI;oIHr{#?OR&6ckV>Uh_k~bo{ScWS~ICssx
z^sq%d-u~N8c?z33lA44!en5sWMMgmvLJA&L+;OASX5;p+I6*nbzg#>&C}%S{KrJnP
zf27Yplu^%6xPCSF+U)!*6sr2oHwMlfrBQj%uF=te=tDkDV}UbHry`kNxhFy)Ue7%#
ztOdmd0lQ6DT|!dKfbPtx-9GxhwBtXL_6`ra5{_yCGamfPD+tQ<ck2|PiK{I|@+Vml
z{>ko2J@h4?hZQN3jp14#X_utoecE7igXX2}meK#>vhw_H&%2tlEEQW$H4&#<G`dEL
z$wPtphwCx7L$Xo^S;w!c0#1j>l5QuUvJ@!9CCH{leD5GN<*t48wn-u=W@jBW11M77
z?{;U%ZlJ;;8buHJ$gmD8Qy#!xw4uld@qHs*H}xQo>^)Lx0WoHfW6@NI=ykHU<q^h9
zLWXvRaHXwtFm!ap;Utof_kJbd462VZP9)gRs@fKaCM8Ra2GS*Kk|IIOvIUR}MrZv~
zs*v*!WkBsBVSfbZ%LZw6UA~@tw3RCTdO|5pCwzD9gK(7IG0Jd|uh{&zmCltD0>rDh
zw1U)S*(RHNCuODYzUl<TR{@TtQ^n(tgqE^z2!=ruO-BJnrGn8VcaVkOMdj(k*$wOy
zis)Anm_td86_2*~EBIruwmm+AKJiZu1}A`76;P8+1f4EsD5J4*)%>9<^P`e_t{WpK
zrEMFTXRbE5`LYgJoLkvXrM1@>{U)iC2@n?XozoVE<Dco0hu;_c9DW>y(4SV}%+^Ub
z=2Z;?GX_4@i#B!l<MPacHe=IW;+*h=a?FIkj22*}Kv-J4cw64&&YAbOVOAah5yRYe
zPSaFBrgPDJHoNbOnUiMLDZqy!m<{<)7Jpy~uQ3i|N5$lo{qrUU0;lQhH#!9%Z^FzS
z!qNcU53G;Jw{<K@zMh=h)WofTyE+W$=CDfBw(0QmmrchgF&$^Y-!Aa4(C7<d6)Agu
z7vJSlOgBZEM$D83KE#=~ZwGuUaXp;f`IVMBZcIaAy?dI$Cp1Jt>=MZKZEEM;4*3ii
z!;AkfnT@tI9DZeP@wI5PAI~o<-+bR!=VLEDOGUjzdgWh957Ac^Sfjt@n6&9W{K-kN
zfuE5!E6rxRqRA+aZ!Lk5_Ro-;>%KzMQ+Wa-D24%is5)&OnW0(KuDMk@XC_G#==nT{
zW9cJM^M`knd2_!qg@Wc>quz~phfB11zn0jM!e5n*@j^bvf5eJufJ44e+Q46csDt+S
zbJd{+agq+f%Y=?xOpRlcsvnU(Y|~fEJ|3!v;ULSs0SzQTNA?G;F2CB34+1eTJI|_t
zGYyO)1Jwi{#q9xTM7cMAbGF}_Q?VhSR+<7b4Lh?^x6-vm=r=|q&B3C=z5VE8T$iV)
zvPJF&`D&{BObslUdt}K-;yXa*!Mc1=>9fDm#WB~)&AH-qlKS*EUvA#GVTyDsFE0<%
z)8a3}&%3Rw4s~RJl<60Kpja8h4iPm2WkQ`0KQZ^|%N?n&Yw*hAl>EN6#%V)hd`Xn{
z<knm+5=?x_0?W4Lj2Y`6ylE}R-srBze0hVd*|;X@04i>?>taY~L!##IZda<)YoHZ4
zkf<jWJfz3U)Gua4{OFJS_!s8YmwpZ)hp8bQRIvpx)x@3WYfH;BO|Ub=_e1Sy%ia4+
zis>FmLrSYr7sCv@7tjZ@J;wAjL_1#%-CEZ#XeX<V)Ssa9N3HN4&t_+?1YWQ`zS`%q
z=RSefu|bj6z>l@_`I(ttLf|4l(Z#qDZ|EaymDi%#FF+3Q6y6d1m_A;^yf2t@FXzWW
z9~BM!hIkNpAKC{xrbd<B)wF4>-Xd+AJis2aiM!gE)NwzWBVo=aBVwv2h<_-gp*zpj
z2Tw-mWdABcxjun{&cm`%W&5oG%(Up=)p?!wmlHD`-}_4wBl{~&mE(cFgfAo`&2{gz
z*Cy3Gj&hPuwHTJbs5a9BR=3!IkI<vWH3$<BmTlD=i*_MjY0?b#r`sSB9tWh9AHkN0
z_BXPn1F{YdU9M{zTk}#BfD3OTQbFt^(V3|~*D-H1m;Kv2_$MW;D>_@HW-d-hsk@H2
zw2Uz*f8;%Rt25G9fsEng+djILq>%zAq%j3q)S5~s89R!b?+_f-42!{Fa{kF4!AtDK
z3>WD0yro=Uc$R{P`sf{~BB6ETGCV43G?x5&#DL5c@D0C&I%Cb+k3P$#;o2FJlY5u7
z(j{<b<wYV7A}x}%J8uq4$$cg)c(m$xxGr^!zpJtU`1iJdoW8%vU1_o9{Lx<(w)f$1
zhh3Icoda%l?=pZ^mKc}sZ6OM`u`JR@`kpT|MlVg(;D(qGZn<Y@jK_4QaB=*g^3sPC
zD4&FCr?}){ti~NIQkQdaLuC7mr@w;*0k4mLw0Dx<T|<$`T}T9RkKDCU_t<WD1B2-h
z9AT7ww~!C@dp)<e9Yj+ksdSH?uRX`r^a4LIVxcP(aUCRmF|U^2-QfJrI85p5*fK@k
zFWZr}`G>&|2iX9(8fyKPxQ?IRpIPs%dpEzKpZZ{J0NxgTNjPbYTSg(mxp^*_gw;Q7
zLh^=MGs9JR`@vzqepIA<%l_Q55U%`K53lVww-P-5sU89;-lv8QoIAd{Mi0nzyR4$(
zAN)~@IOh672P+jZr<6NUP)G4N#R_y*ZjpL2t*9*F`D~AogbUyH#w@BU_jk96GlPsj
z!`^~}xLB1iIf7inPK{i=;}vyZpN!($)?{WmF+zI(Dg06H+VH<ExwXX{wE(H9eT1&m
z-57XN+7N2gQJ~(h1ieBKb5sn)8pOh&+FuXfk9&XwrVF@FaUFQGrm7#Dm|HJzxEs`j
z5)PHCpl8TwUP3_tj(jifYOLwow^>pNO>eHzF#~fG*c`Z@wuJ>a6%)*r?hI&#VLg0B
zv;O9g*TVz@Y$=fLZNw>IPsRF$C!(Y&fb9l1m995^N*JNwH{(8Ma7rD^Ln*=H%ynY*
zxwqWHU_<?NJc0Hu@lD)M>~)k}<Kw@l8#>?!JGj~BLDN(w*lGn>J3J9&$Q66a$y-50
zY`3p5rO>uXzZ*G%ZTukr4`Aa$+QFnDQVPd2!RqI>%kK|g?=>1|t0Vz;a%0<{3oE6l
zomz!{{iL1W9-zF#eqScLoVRssJ$PL8BP*%k@?t=qw@M@FaYE<{8Ns3W%d6qMuPZY=
z5f!>mLYDm1H1L(~HkR*0q2+mx*Ho)%aD|YA=dPg_ddmGc9z$PJu&t!MZ3j(n+r=Zt
zBYP;Odny}O;H-u58o-j(^TttJsey3}%RKy7<3<AMe<JUDiq7R=bW0_yJK27|t2qfS
z(ZPN1XTfg)uVVBarT9t@S2W<-w3%wocTxg;suWMRs+BSE)cQuP#lCI2sDB1^c?Bo0
z8R*n?QZ^FK<NNjw;zfBlOCU;%ljY#+CD0Y!5(uAi++dH=)DS-#Br2ki>Ebq&+B&Tc
z$BLsK9w%7$CHzksTrpRe9|%<79!#M&@ESFtM`1c?dG|@Qdn!h(O<`9jxQ8CO4<BgV
zVQy&&*OWWa^^7|kD_sxy#O>|cej!uY1RIIqx8(J)SBs&18RvU(^gbS4GC-hbtv=Rw
zMT7)`e}IQ>B1m7D^f_+e*$DLdNRgr<!`b&1F%<h7q`&ZUy#=B@h^^aJ1>m%oE5OWD
z;f~rj=3gyJP#{8Z%Y6(9@by)5zrPN_eR^E0<U3xNTpx*(4Lz&4tQxh<M8fc?w%v6)
z_Ymwc;I@!7I<*0ix?k27a4y?pGxiuX#QLt4iUry$z;06@@L0-61a4&&Yb3bYr!k?`
z7Z0y`hj!cjv*%+1Y{m?n;Jmv$!*sJJ^!NP=I<FTTHj#vlJVXdCv)xXMq@k1tZ`2TO
zGRam4*3_!bbNOv$7;Tvsk6UhaU|nk?LV)Pojn#?A$~u@;5lb-S7siG`6oefKaz_vb
z7#2lb26D(SoiZcQhJD8bv9oc)y?vX8olxk=V2dceujqdlw1CPZFuS#3F#KtvH#1`A
zGzQ*y7o2;+u`PJh2t7CLxA7V752IWTk6(teMc0dqs0N^BpEM2^IQRft+TMhWZ<Y@u
z_-out?|eAOP;K7V|4~VoeG@~^UR~_x1x%kK4+ETPerd->;%nuk{zUCW7<aTpeo60@
zjCSIlJ<k7<JbUN~@)G8#Y`x;6BB~twGaRy5*CwG!#pP9b(Sxz~=DrG`b%v*ziQZbV
zC7Qr>t`9g~D09(4Y^vH<nC+tLJhbp}yH*E83BFyF?dy$46x>l6k}u|5`r3FGGg`HZ
zS1YL)da$=JI&M2hGV8~v^{Mc9;^Nt*T5mZ$6P#*wpu(vKryP#^#k_bS<T`@5!LiUF
zwHX^iRgq$<6Gm6dKA4;l32Rf>@4*<vN|=~ZcEEA}72Ylw860a=wgV*m=v(&oah%X)
zDbvq3YMd7FHI2~#rUrQV>exMt3^5#^PCv|37m0hh94~_rzj`ZQ$daay*JR|y#^-0B
zSoGvRy<tr@=Up=p<qgR`qXfaekTE}{X@c%tlAInc0`|KLMP!I>=O#Y!y6{$SNlYO3
z=+xh37{Z~hDNS}Jh0*&l@b<a4V`suJB<1UO0YK@Be&IoJ^nh8GgWfKb(D=}nuhtU%
zl{?MOxg3QMxpKCW?fPT?9oA)7#5Q_&MVE~p$<%QvxtUju@PyF?%s7hs{sON1S1m`k
zm-!DQkBsigPc*x5$V?~V-v%aqdwD)Wo;UV$Gtp6&dZ8x7jRio?FL(3s|6e~q9y{zE
zatPMw@ES-#!t%yK7%-~i##-#god#<W{YOim+ef{dvabgBDk(i~iLq9kX`K8;jzHYz
zw`jI1U<jE3BC0gd4TYesp>Gm1R?6^ope$^OPGfGE?uM|#%q@NXSU-z^=~c&_IS||S
z{ie<2{($IBz?U~SYv`81F^^>%iDMHUi0h~;V&|!l)vzf(u&#kYU+nh%Q_r=*2Ju(S
zoO)R0k7TGjSO0A`P+F16MXtvh89r2eMAa4H07{Y-9#M~xD3=HhxvurLitc84grYT2
zrVTvPT<BK4Mv&!3JFhzPGMe}@+ixh>qFUr~GNpAE{33w*qmSP*pQb(QM3E3>4hc1t
zy<a$u7x+t6281~jqQ5{$f4$QYOEFE2o(2Nv)L^YD-$5C(j}%c`Xke%(W1qIGMDVY%
zg+3xrV~xmOf^=CWzjf$o{!9LN4F5sd28Cyy*mM4vYpm31YVTX)#|8^544pYsPr&E9
zasF{B-4cS=isFDCE889F=yjal8^NK_@>{_dlYjSsUvhatpC>@@3O$@`!Ft+iWA7~4
zGD}&ETO1n|Bj=#eUG;{h%q^ovKkgm9{A0!`e<VB?6K3P7%~L5K=N-HpYVM!q1}BNg
z;@Bgys7jBDZ6c@vOqYp!z+<X+P?JD$qQc_pWzWj(w}6;&8_r_&sL>-YTx_XUfh_$L
ziJgT!vkrqqUX6Aa=1Ex8Xw*+DQ=wlpi~?UwuJ#Q+S)^SgGbwWyKMI{tq{DV{i=i+g
z9vWyOdW%JVv6mFolL{6KGz$C|WKRepnbUB{^6!AWS6Q@=j}yMx%h^1u);S`j2KWA_
z)SPcT7YWt~UgfW;LZP>ns3VSKGP$ldcvH-xKG2cRTHd@Wn)?+UE*#h}tCd)pW3U_&
zX*V4E(Dtrt8JF#)Dq=mikzx>N6pZSJLn#c}wmznrA`<>ZI}={oaC@j%6r(^m0rtG)
zGXUF<_!s37|KdwAU}rOtyp#wMP%Uikwf89tqPZU?m<PX{@M|G5%a8{{Xom>bzqbdZ
z-T@4v5n@cyuRqm$lY4wY75Q^mpg+9h2JKLW&Cv?W9}b8;4Z^Ddi@qfn2b(SyV3K{v
zT{kp{*2O3Je;JO9O*&xrkT`IB7?uPS=3B`(XEA8C%IY_^>w}$$#K7bmDK6p{+rj}R
zg_<ER3*V!F6A0GFr5j<P(nom*&L<=^=Yd*or?dSz6=KnuCGJ%T9av+4)UpNTrLY1X
zvEhvxeJu{Tj3qWr%IKXP27l59M*W%gy#@wW1Uq9FD^095C;sujoa1}A>ODT}Mg$V3
zQtTX2t>js$OvSMhScW}`tA~i1C>hq(a_XvFJo0<gCV7zHQDQgs4m9$bGCNVI>$~~!
zg5<t)_hGGJ>xt=m9p%Euo2^w@C>GFDZ=@7d^=sn3Qzget#A1kT<c>c57aplyncK`v
zB4hTCSJoj9#CPhKeCp=~*fS18mR!pAds6|jUl8+j<DH<RXpDQe78J5{<y0T=&3!Y^
z{ngLeMd#@fh}Kv2dL_>m*|YDJhL5zL_93<#`ZWbD-Wt`|SSF#oB;mN28m|wm;)0!L
zy*cUdLUCm$<b%eW_uw*l)TVJ*1rEG~VdUbZM5ed@1)2%sGd_AfcD5lv;?fl7_KN28
z$j01Dp7Tk^=W`V^)ev<V!Nqo!&&`LSOUNG|S${O1dwO$cZb@scRL|Od;o5HKa~HIL
zG_toIIscP>zn*%zePHe7=$w9I{JNB!*FJ$!<8_Eas9{{UW{Z=en0Zy`h`vvtqw{~h
zQbIIqA5s<pm~QVEKmA%y+jnOFYHJ1(!DjvL6I8NChVoLaeVg_1L;<2ny86y#drge3
zzUO<@GVUzL+lWJ#1=O>Rth5>r3+8Bi(8Co$34p?9CdBXjBgZkNrU+BM5>_O2?~eX7
zw-K6*0vOB&^$~u9NXAY7IVAL$EuXz=;<#rC$sul2@g8NawFv+F?La=3=*7Q>=f~g_
z+w5kt8NEL?foVhI>M6S6S#58G5W6A6*aDQ)19FwnxkEF!KLw3l<C(jN0QFJ)O=?t$
zjyQgc45MiMsLdDM%%Gkmc(Nc5^@1J%>GdOWWHQkGB_*+{+v%W~P`=8K7~T_~o0=JB
zuYvp*H{$0&4E3^gJE#Cj(fZj;$45zhpw_zZMpkKt7LjUg1k;Wendpa=<ZF$Ij+g+#
z`%W2c#HCsw;!72m6FZ2=6wDai+RJ@~i9V-=Qvk=5Q<<MkP7e#u)9Q+qQQ(g4NpU?H
zn?5$$!+jO}_rjI4(7C*xTE$h`F0<w#*k~uf(<39lJ<!UKPU!B;?h+OZ;$~KqneM=w
zaKX8>{b~yny`tt!KYGuL8R8Msq8ede4n*Ph&Y{oaT8jQIG+S$IXlO+mS+n@nGHjAH
zMs`ERA6!Ta#zjD>ghp$Uh*iN#4>;KRRA6ps;QhtzfzB|N5vF}Vi=V8z?ye#|RIpUc
z&_@O}dB&f<SC^Sz&8G2X*G>BkZQV5bZl*>OX;#toHeb!u*IO!ZRs%fY2n(J>oXw7V
zEljt%ORL!^4^r$XUc1j&?%f9d&q5>;D6-(3Cwp<U&Mc!7ibR&ftmT@#FY)aI^yow{
zw+t3Kz0Mkyfi5^_yxJL&Jz7;y5c|*E;q%Y1MnZ2XPq}46{^~1f++c4#Rg<?=2yf`K
z(#8AANMJ$whti1D&}W-)#LG<SKoqzemqd``1U}yXa$-El)ZR$=lG<VabclL{)6!m+
zwkdM5l`t#4xZTm8!((A*<Y$XC^2eJ_?9CYaavDKv{Byf@bm>iDZE%Mg{juKAf1w@y
zRE%c4n?xf~eb~#*{!bjg6+d8mJvE1?R4BcJs%DDh{qaDdN{2EROq5gZ8WqpIt&Q>h
z4|PxMY@ZuDn2OzLLP7qYWl^U;?)rtFAGzz~6S1^voL&-Nlu<@Ognbetr3SAMB5l3K
z%~{o<#~BS_5IvmxV0bSn@>z8`{|ZMxNQZxYMHt^z188zHNs8XL{Wx?0A&|n99qU%x
zzW<m|Mmo;BRhlc6IQemk1_O8Yi~1~svC(oQ=$bAkWN}FMy>Dg?|K*yVhuObvh@Tz-
zXT=!vN(f1bh_EFC%3!O8U3yEpHM}bWVT}RpBWSAD@xLHq{<@aHiZKf(J?{=L<^y2C
zY&P{%@6zYHYFu%q!}LMpkEG~E7JvJPDBMvENUaUqKR-_&9{@o~f4GN{4MpuHzp+Iq
z@=RJxhkg8e!iZ1epWZo;=r9aRNE+b-|I!ES(W>p~@D1MdiW{VIfH2t&W|wuBY8)&j
zZr#0M#muYk@&m+xP2v7Y_+5$MwC`8G_NP<9``n`nLb4WYr$wlb`KS+0UR!oJ>%E0M
zG<y8u>+(Bzu_v)DbtUL1Oylgl0gJgY0i9Q(D_OA-U*LFNj51hIZoqsH;|`L9ifYD>
zNR0%+4Xnh{z4Ppcqb5$Hjl!lus=lWQH_89405oTKmy_)T+xXE$1au7S7lWPpIY77S
zagp{k{+)`bc*W4p>5;<o(mU^>?WysTD=T%Lb`gYrPbwpTD*M*LQ5MRXiz|?&;l6th
zii=|+ZdI<FhwHZ_n$Yz}bFUXautK`(-94olG=xSF%VWosi9x&KfX^I#2V}z8!<K;F
zT*;`;%+-v4{tW3F;wWRXy;%Iz7m#lDkh3fl4uQ5(|HEoi=k124h?GX+7dYwG?2Hwk
zL1N;mq&ktwo;q&+<F$;IJ1xO)d_fAX>mBv|cNe4MH$z8WN~+80;m5w<VH<HoStRv6
z=IXyVM~*&>FXk2AKOVUO<;F&A8%e8?c$bX|vXoVni!W*W0E&ApX*Ezw<h6}1O`z|d
zcNQb@d)c)r4B80{sXfs<sVd14PfIwthQG$_hvfuY|Iwr?YTtGdftpr!TFO=l%ur<*
z38JCsxbN&b&Q)LK;7D^ij~dyxs@=w7f}?k5xp)I8DWxR{^z!Vprpd}&xpgPQD{)d7
zYvRv*wbi@b_@$uC+OUGY8~>4;Tmp$O#>Y|;`31|2$A~(>ArDeOlB-j+oDH$-+w2Lm
z4!CuGA}-w&QsRmdWjYZ#hX-w3<oO53pODFuhY<%AAEP9M#v8s!Sbyzya|J-$l)=8K
z1KU!8VYoCn@4czyu~VH?x7!syYN5$@PdV@N#`))SJeIchY>;j7lk=dtIj8IUwqBAX
z-YPd^@@j*&$f|?={#lEx17`n;8&(@a|BP}Uonj)Wb)lUS^NpOF@n6URU+&!clxojY
z+I|W~g<GEh)blhQGW|vo8;@hGb=RPwiyu^K#cjkB?P1!-?Ik7Nszg0pZS&j}TZzlu
zjdD`pGQQWDEBAAh<=BMATrhmdO^QZ6*;_LycrVRrQG)(OG<-)H*x`|LOmT%1(4I@M
zWBY`f#UWA3>@|KlF_kSTD`aPU$N#%2XwN`^!m+;1Ao(!E0@2U*rVX<U<xJ-%i{rit
zS})>eTw(3vLX{bu^2aU0XDj>Jt93BV&nj^PHYPZ8aRCw+Y=KW&ruB*Fj$mrWh=6B#
zghX*H)qcg9!Lk(Me3qu?&O>{1P1=lT6vlkSc|G^Qk?YFl@M;Oq)zPLy*eX9h5V&hn
z9a|O@;1mVJlkT?j@bMw)ZVs{Vy>PvszGHQ~Hr<J6&Bxd*D&#Y=u0C-F<bD_K=JUc9
zm5zg}xfT<v6he+~*RJhPCso0BxX4V*+q)a9Cf5u@gyS;hr~)q$Aq_Knmx4PtSs_$6
z6?SC<?mT`fzA!N<5+)*}F#@3d9za{#f}!cV8v3skmZAnTE<;J;q5MAL`|edv=jn_|
zcCG@y&YpvS+TN%Apl{_g;<kXLc3x^V!7^|16z?|9P{i>m$EDW>c%vO?qT5Pr#@c82
zu}}|Qt2JVG*gY*u%A5RpBI<j(W*1`dBjRDp`AIiNJW4fSA7<n?1%rQ%Y)Sw61(z=S
z8Tr9QLs3FvYHW!U(z|s|5NlTYN>B_%(CQD8+PA)5g_@1LrsT#9{hL;o$2(ueOKGgC
z9Dm+liT3OdY_S`?mje~?To+S5#<Y+S$>xDJn_Zh9;E#cP9xP`8@=<H&zIowDS{IO8
zIL|9h{!(iGy|M4=qAn9w0Itm%;an#(xIU3()fyIK(JOeOt4K7Hu6tGC&9)hJ-{a`*
zVO3k(+uD?alqKkXoRVgaZO$2PvX^x9`w!^&rn0aZRi)aDq=ce{#K};J1DYS27!mSv
zBU`^SKp1@OPh90D`-5Kq&<dl5_b{filxva7OToL5c6hm$V)Y~*BumidD>~Y!$qLQ6
z&D)6sGxi2gcJ_hG<*zj5R(nXDx2lM1DKTH#b9njORmBv_v1mPps&A@LBp^!pLl6ZK
zVz&JBSajd{pkWDDg~rl=%hCVs&<e-8g!X<!tK#MWB*RAEq0D&^r`PY*R65<NII{8=
z=`8b;q|D4P!zeU^r!RG%e)0M)>hN`l_j7Ff`RFZqb{k5i!CK4MGFSW35_MuHQ|p0~
z^+geF7emE_KeEM}+)<RR=B4bpZoGb+L3z$~g#VP|4c?Da`|%9wm1$(RxPsf0zc>OQ
z1UWirYCf=rt%&d5LY*sa)%RO}e~B61dXjwHM!ayQ8M_E7rh!ZfBW$^=Z>F<Yq07B@
z8s8%;W@MbVsSh9*&W{{gj-J(5utuKFAGcv;PbEsMv(-|fy=Vw08&neZvKV}w{Tt0U
zk)nKJmHnJ0-nl6Yd<fnq)vKHs!ZN0Luux3NUZ9a9|EDJ}m(U(3v^Z`K!LZTdoBYor
zw1Qz*AH7Hqn@^>**L}*8+IR)i8`+7&9?l}$%ENM`FK<f*n@>@mzC9OdcO-|uqt1K`
zwjGI?!{~=C=``pqRkjR&{nA!HjZhAxkwXOvA;nYr{0_c{P!EwwR;>+%Sfz>F4U@ys
z=|XkM3phTkW03qsx;?fbq_R|sfyx`nyOH5~@L*PT)x%XX-zbc*%vYjx*3l{{kA5i%
z!<L??_6H)1k8pXgAurPtrfbnsbr(^tczdgSwzn^y=1dE}aUCUkeTJl&4{)}s5ZuGu
zVmxyUIk`%H-smB|l<Lcxo*5>7v1cO!Q)uN399cM%%5r#JRn`U>CbcmO`92S&YHI4m
z>NEFY1U99F^<m<FLVASY$WpNcv;%6j@zqP)iz2TajOz)I?#*wqaTuC%P6_7S5*SGF
zvd<~I39yxCw00hkHHWZq)R$Fk8AKkQju;)kFQF$-9@Qa&_8RHdgPj_~wAp-rSKqP5
zwmI4s3DxuE+jxaF4U*%<##<5&r34n~FZLo%>_ZV3Iu}p=GTBV=;bT&e@jN$Q<7dV)
zAY{L|#ykCpCaONMY9}|w8`viX<1ccKJgEHYyiB;9wcDI=<gEMb5Klbr0j?aMJ}w2Y
z%HhbLKgTq<T7O!2H{<*)-78p?v<2I_4%PDI&5rEAlC?}TeN_0x0J>@a6WAwxR|Zw}
z%hHHnS$aV1YJsK-WxU~GI69kw%p>PpjG<dJFrtqhtn6d!+$6avg#(i2;xaT0#>MQR
z>xAM-vbh5$Vl0!#ZWv>>UPGLOF@{Hg3$x-d`>{}%kjXO!k|lCgvyE^<b&f(E=lO+?
zWm4DSPSDQDtg|_8q+p0Sd=ws$Kz!E7=eRsg(A%`_?D{j(8V{_#nybn7<r`uNHVFtg
zw~e6!Z(!fN<5db{49J*!C<JFy`Y^5}ErUagv|bOBLJ<#EgL67`!AIDBj<-@R9M!*(
zY`#cX7{n|G_;?0LuuKj%-|fL4V#PEo*<$i!*jdWwcUV?T=FlN6EZ$e(<oA%c)R+lI
z;tkEQxpES{i;gFn#00A0_L>?89y<a^ZD?aYExr#G`v!*u#7%@JDSh~^ut#s=y#w{+
zFQi9iGVjxGc=f5T-fE*N#TZXMOtTIhuly>%+?&W-1E26Gnf`W3v%t)Ps>|(yihIzK
zE%glSo182s@G#3mLCkO;l&>o&1}<h!unUDXA}NGp)$wge1|NXCA5ts9CvQbWxMP-j
zu0Q*T#-;RDz!|*hjXvq7{b8WH<?fH^Xvz0ZBqd4hTf&4=uynv{7f%xYFqCxEF4^`C
z68`p6h6OkNK+PvhX;{aMpUi=-mkS>sbnBTi^i#E;p$CMlTzaw45A0$eLz*7;O&%M9
zPlU`6DzU-cFf_!04L>=5lV32OO=j!XhMB3PYUH}QGI|Dh;Se05$><>ZQ9i1Kib$X5
z&s0&N%?9u%+H9%V<b=QWR;nk+Gmta<_<xz0uRRO|;mFcaw?Q%)2>y|2c;3rFxy$Q=
z67PVVat3n$(uQIC0{adNO7BsL4)L{1&psl6eWkIjiL1r$E9DzWfJ@Nfc*^3zJ|x%m
zD&=E0NC<t#Z0%GPIZY|lK4X%PXhEd%Dx|BcAC<%ne!bb{iKsJT_m$#|d^s!g*Bw4g
zz7^fURgavhc_%e0To0h3{BGP&((4c13=5r9t@UBr^-wcU(L^0Ph$y<qmVE5CK+2UT
zo5%XN_Qk#g7s779@>E5V7IO=-w@yVqg7H&MbOa0=RliYMPuCpkB#QtRLY_p8Re`&t
z*(?ht=z&Pi*w+tQ>NYsL8ek%nV5Dqg*7dKe@OGjd9Eb-_DyarpKKy6FUAk9YPrRGh
z3rtv7_-X7Oui~u*b@iiwcAAqpo8S|V)7#1Z*@))$tYQAUSdmW&v)1G1LQ_?4KX!%R
zU*V2)x2_y_iM2Fp9Di{Nh&in5dPqt=oOP$sqdbkd#AZ-`RZ#-$w*IhTPhi1`JX)kQ
zF)6M=GW`iT80n05wM&&+CD+C8YtZLJ*cg3ArnnhImyZrf$~g2EDDFW~1<?@{QDb~Q
z;p7#(VJP^PkTcN%;hzPg9fD(Yzs2u6MAzrmA+D-=o9?g;zO(jx+s%%U@-Dfgw_eeb
zrp5(}fc~=#&yw%jQZAv|k(QyysdKB42*s>~q)vTp`@)sHE!Nv<cyMF7(egdx(1z^T
zVcchq7^}OHf|=b@fSwP|5#!T`1M*=-Y>Sa{!f#Y`6*S5QL-ihhO#F#%-<9JS(Gw(W
z`Q8x(<<FSW6civPLPw)r;cxLy;Vv-kP~&U&a(@>$)|%g5#m&so@JwANnGCHfA)LsT
z(zYP!BMUUm%x#bCJoJNHzd5$*A>4jtf8myt88{CC*W-+40-$K$aqVI9szk#YZ;5_Q
ze!D4-4Xd~1r>quz5Y!VG0J(1VUm&auDK<r!1z(@@;qhGk)R0O=u!kh8HHz23_sL`i
z-3~<`_Zhs_*y`?`r({8)nXj*>wc*syZkJg~N7nW|-e~1#kJiMSZz}>N_gLxN2ZKHL
zOL}|jK${eRq<P|rdG<ZB*~j{X%;TLi^Tl~bc5Dg?%6%gwfk2uum4Sggnp0+Akbvk9
zsGRJf>d-)yICg{V5Ykg`3TbtoFuYRcgr0I=^4-6(!rnJvUCom0&iMdA85LTFA;-bi
z%c^!>(^-8zX4MOWkE_rfXLicE*nl1Ts==wbZB`c^QZGHP+E;ZU{UtSDTTbi)Ecm(y
zs9!{~o?$m<TG=l5d8zm<tWU2>)_y70J$Xvi&i{IvqLAJ}5*%sd8qPnr>P}sLI|15-
z;0__R<BYbAgqVrdq>FeA57k1?4z1X60HXuf%rlQ~+uQ1wfBv7O0Q*UB{tnV?&N)b}
zwke@=Rm*nZrTv^)+eorhku1f^je=>^Ax`M8dzln|{9rYUxw&`}wWfA!h&LnRbKzaw
z@%O$k1081&AKaBQ8s-t=oVw(p6w$u+jSuxloJP`;MM?4;2=T)+auj&}MXAb||Dx#5
z+R;^q;58tvPc+Mfex!X~vL;wd#J)K1$tFEhGqR#SG6ZHrYsWl})b3iRRQa~eKiBo3
zny_d6(b}=D){DpPyt+n#?CyQQukPdQ&nbO2dY({E9PQSQQcTN-$TLoyrNuC{O9bFd
z<?2d847xcr@Z4JM%gU4C=l71=Y>Qv;<}K|^&qILC-^R#|MB}|n-eW#mU<-rS`<A>!
z!_D9*Ra{~hL6yhEP_dX)a(_0vc(Q>Vkd&tTAZ<<~THrT%aU*&y{XjCyw8M^0A~Ivn
z=!ZJ*+0BiV%!rKngefzpim<6ch#!8O-8>nBn)ai>T*L-{^P(g3J^H7YB>av2{q6+7
zo-_0#(7vRsYZyLoCrL1&@k(r6r7<)^a!;&Go0psY*91EW&6oc>p725*+!Eb*pmw|V
z4>_?{^PgKG88&g{KOos<E>6v-;g$b5>$y~WdrbWWZpG#Z#i>#)1oSWf)f=R*kmflu
zOLd)O>3xWe2GIhsrUAh(zZ~f0M8a)iH``_XY_R7k^@gHq0D&8cXs18{yaj=J_)bq+
z$WG>)mGc4%?gG1+r1T$1a!6>ls|&}zdADWgX-LTf+TbxD*}sCf?KjL8QU_b_J&{%v
z9A_P#*4idyJ>_$5<^N!|K}b0BU9en_Bj-L(V0-f6m(kT2kwGwEdmQ+472)oDJfr{e
z*QdHRK0HqH{+eIp^k2<CRVG$8Y)f`kU*un)<(v=5eruhh-y_=!?_lufPyV3B_yOhX
zA$F8y8aa7ELK3SAZjW;exl@H0n!}@my#PxbKHe-AdA<=|cNxG~M}<+L8X+PIlYZH*
z8?Jgi+Lf*_=A3yCyi!{^VRWid-ZD7dKMx^77Gk_AI>f}B<Xg8EBHU)D9f(TJN*Q|x
zH8>86ln4&EZ=B3kei$os5+g?}%4p{xaA7Dl7KG+0M9`LK@0I4#vsa}RDhmGvPW~++
z@J;F>P>nu~#MvoiHm4R^WME>Eda)MK?HoM|p1{{kce9nw;X4#>ZWmRYvdcdHc<amH
z<ttCeXu>n&hv<IVs5Sd;Y)|sBzLSAdkPH!OxZRHCh-1dgE!3xZ)J)QG_o!2Him{lS
zu7PUC*cM#Wk4o#~(nfCi-*W$`Ma&YV+p!{W&HmA0oR<XxAL|Pi`KJxr_c}_;f<OXb
zZqc!^Hso|6aUENbRf<{dcYeNw8~rL(v*GE$+_ku9n-h+GxP9cyO-We`yfOM0h}|aE
zTuo!4=_3ELoo!M{`@6a`qkH#Ne!q4mEO`qQoWk_A*YWOYKQ@lQ9uu-hc3v>&HXeKS
z&V*Oi(24tZW#c2vHfn(t*)35(HEa$6J|}<5CIwPeb3MdeCvA-EZx-b8@XGR}5R5rU
zK9361+~HnnAa*AJEQ^cyXOWjH7GytBW^groMl8IoF6&&lyyRTTwCb77I{75o#CLNZ
z)taJLq~K$hYJ=koBlv#TK06HgVLp(M=XXT+lSlVpe81ZWAm$XQ<`~B{=T0?ZprtG}
zoX{yYC|M@n8?2*Sx~2X2D+}?7XCO!x5s)kh4}*crZmW8)cI~6?HwBNteoY_TF~uyA
zK+-?C7HxEZwecW@0#cg`SAKAF*51vI3c}N2-IGlk$8sTDF&4_t<~e<mPv`RPHdu?e
z1o)Z;!+lpTN6UtYyI@H%%#3X{Cc{1z&%R6#93-<v4$dt%7-)+e+D8ciQ~f4>ei_7V
ztxKq!UB-y~b9EfH2&(JEWX_H!MZHeLM8{9kD;=8aCgxz5#vQUhG2XgaO$HKjl~&DV
zjqJv4{6_x^?0K`&8dhwPS;s@A<!I^{Sxh;_kyI+!Zlv%n%yAQg#&RuzMK}T=BL-gJ
ze`bH(tkFda9gBx{yR4Pt2vy(Jl+BMh6I&z}nAM-t={K#k(M+Mb-TfUftU1=Umu2#{
z&o|>)4K-7QPhP-Mn<s#D?>|y;beOxk^#0nFeR)j66Z3cx1}DtbmXk&z+H_t@vL${Z
zL{4P=QCnoa^`aJCM$b)A1D*z0>uuTS8gKdTh|Z8$=E%M*ke2Z8NR~bGGh8W@q7RZI
zt_SlM1?U4;yq?}dK2YT2d)ltD_>|GLGK2**X`{Sfo2}ncZ$RH#zlM2hC!2lPeLo%I
zT(v^rGF{aitAjcvo<5CL>z2Os!0lGWbr6*$k>|2lgdK4Y%vTcdWP$9(UcTFf5NW|3
z(JC23T({4Fw1rv4WLz(W$BUdUCn0?^F*`xZ_xQ@4-AdxW3?aODt<QHXT}d#@gmoQn
zz(;w+<aapdS;MsZMrihbOkHJERNvQ@?nXMKQIIZ4Y3WizhVCxuxJY+Omox$rl0$bl
zNOyNg_dDwUhwqm;YcZE~_v|{)u5$>|F9wZ0-3(y3D+0|Ah)CoY%-`A{9$4K(Bw8Oo
zRD62TB}P_VKL{LpSt)F!YvCRldX^ngrw?Ym_584hR*Qo^;m*<Az3`c}K5_8qk64ZI
zIhwad@6x-E-Iei_uu_bKmFd-b`Uak3FUjJ3LFZ3m(22*Ee8!)=^u)jxCbzqEXBsbv
zPFIBX-jNyLCmg%)H-0t~slGw02{nT=1RmFQ=%MWap4OB$&N6T=@2iRn=8Iv+>*-&H
z&iLVxL2EZk%-U9yI?J!K%bbmsN-%V8n$cz8*f%?mYMg~0DqYSw-EU811Dr7t+&A+l
z;&`nh{NzS>UR?GD*PT``K(5)<Xi;tB_c4ajL^?$bfD3~;a4X3OYVi9=3|<SV1=s*-
zXf6NQ=%$O2k8iBH3nWJvU%dPak*VAmzdF<4MM0cHP%q<)HLQd(@BK!oNSFG%Fn8GT
z>Aah5N-%z|R#zm<I?O(U&e`b-&H1IW5Ob3VCi8<|NxD;D`z-(UNl;#|kaen|*f9KK
zPwQ_7Yf5x?YI;0u&?2+}AOz!s%SSRVUPyj*eQ?*K7Rfatpe>0o@W@`uZWVfR^OSW6
z53Xv^kF{Rlpmfv+RxD4X>+VHjbI+E_`k9$__FH2S4DphI!scQbxwb%Ffw;GO<nju(
zjE{T?4+m_|lCJg!Z^*J1FI*DteO<nevrt_2c5U8Q=m8@3{E%Rb#5({<fQa^tAdy8;
zoKj#Ir^$)JEMboT;g}Sw{#CR!^@6wkGa_2*C&vlp#**nwlL+CBgLm&BerY<_E@E#J
z5{9muw48c@M<a!mcd1<HT#GYa?gxc3?lK+G?YZ8o*8@kFb^KN`aFS-^=O=n<PDTKe
zPOi<;l2e@Pei01iSF^52VyfU9mkL55``<xgTaxh|fAYyGLD%rqhn&6wOuZdRk((yh
zuL$DQ@1reVo`M3=)5H3+3IB1b4cvX@s-}Mj;goIqd@7m=Qwll$kc#z4{(`X<KX>T~
zJA0Mt<@DB#|A7_3I?!Bj-gWnu#Ch|PxQDc0(2#^lHK7GGol0=Akullbd3sn`I=HNe
zp<n(p`Na)?^7fj9RN%E`RwT*bkJvJn{9wUI+8h3WZH6^<Ub~IZp3ngmO}z4VZ6G9O
zCw?{f;I%$X42R_HCyRJ7;4YToOq2E7%b)fR&HyYXZu;%1^}-swKiY>m4kfFQMmv3f
zd;`BOw@4pwtLIw~Vtlx*<SV3YM<1B3Ut&y#^S=J+e!4OHv1Vh{$x{)5$2(&e+Irj}
z<rtntn19ubKJpg!Q^&Bxub$t4BGiSb*Mf#|m5{nLEVggljyj7zAcX7(Zm@;wuAQP^
z93bt(j}+X<P1O63#8vlq5Tm7rkQjOeAu$L-q4L3x%fJvvE)*SRVO6xfw|8Wh=8fM^
z?&|k5EZnEJV405wecjZW0s=i%inGlO$2Z9E0KwwWz|L$Wp>eGb!r?F0i_z0RTzV92
zod}XooErPO{XvJ~06*Gp6*k@pY61QiuVR>H>|<J;9yWCUUm~ZGS&G`!3@*`;l8|Sf
z@-_Uc_hbcII*{89Z;U9t+#Hxz!Rd)X8J_?*c2|x&u>6Q*qxsgpxlN|$-ZPA-i4qP4
z_vtoYggWcRiPnu~(|g0w$M3<O*{vUSv*WH|AgvG;FJ1R`VD83LAHmay(v+E-*FnP|
z?^_lsrsd(T%Rk$u9h5R8ixY&BDzk)ME$*lrV}o}lo*KmS@{4Uz8L9`j_vL8;$`wb`
zlV|>na&|26D1Ai+!S2wpDHTjDXP*pKks}|G&?KQV;4YJqi7z)@t;w!wfm(8%AEwna
zPB)=WM0Hq$!+K)(pj7|a>Lk8n#r$9a>nnpy!IWvLKZte0On(^iw+xDlj{_1d?oRBT
z&YqdS*sxs>Yqg(m94C`vI3`d3ljDSYM>;^G|6A40A#zmQ8XJ$!6wF+CS5Q%@gR*~6
z^&QZYQCK8j!Qpg2P<&kN<u9Ci9IJZ%w)oPu;pN?T1sKP9#BZ0o50=RhBm)q2SIjfx
z&B)vF2*|TABY<L_mZO&}QRJOybAaal)rPnjo4QG0es7=24}L@3mvH=Pe<2e($!w}o
zBXGwt_G|Sw^>Q8HgXC*3O`GNkL|M{CKJ|R==F@UxbEruz{E79HyoK7<aDiwO7@I%3
z;m?ZJ08x!D)Z<A?7U;#86vEoA;A!q*V<D%smQzxfSh6jGcjx{7C+nM*1ndHKMwK(f
zV&cCl*}zeQd2+W8%As9%P%*<?X5}v?F?P#6{kY%Pd$N~ZO<5P|kRDI13WkI2vZ<Vh
z?`Kkp-^6-t2?5QZ7Yf!x(bgb^wPAxiyM%80GkTIK83$bJvj*bEfRfRvVe-TVE<w3c
zyES6>x5If;e*v>avi7N&+n~udC*hX%c3dWX$X9GO7Oax5lvdb#WdpHek<xeH6BWiS
zo)9x6kkCFY6)S}xX1jaRGa{U+1jBY<jcBfxjBmHgafENTnz@c2H!xw%dJxO0zZ`@&
z#nI7)X3tn+Vqp1)JDr^2<<}fto9qOdGU>?6Gk))lsNbvKQ2z4dMh!u<<>D_f3k(19
zUq-R^P|xxqj)kj4hpD6)#=v0p=11F){rgO4$i(bE`;F80!<u>+V8YyoTO;zOmK(4<
zo${Re=8(}fR@*u<zCWW*^as@H$rzXkhUZ?R#^ZIztubgIm(mY%@SUM#{%XLqBXF1c
z`is&oxSKUR_djzr!>kry9Bjsp?}7;Gz**N!cA8DVPOqPXd@`ilAaQ41RmjR|*h%Yd
z?$GN5a4O;&rj5Y}t+{mLi&wJW%}(qZs?7`+2r=<B`TL_e(9$6)F^=j&>zKroJ4Txq
zO0Xy*6TPm-lr{a@{=-h$3q_R-_~C!K?Hw|gO&uiuHAo<N!`H%2o5u_@T)VljdL1Tt
zt?^t(UctpffojZ+LmJE=56H1erEt|HfY@rLc3hrkS4YkCd`zi%mMpd=A!H0yA;s}$
zuVnP59sP&|X&@8}ja7z^#tz1RE^;G99W&<WzxKQkHEyg#W}wRq`-%BmcrV<klN+#u
zAv{ojHg#ug0<9;<(QK3w$@CrEb)U~uVbkRZ7i#ImJ6^mkXdyJdUsA_mHgUZ?M48qI
z_bI1;rjqbCM5Kt8mnP>$3O;k#nQJvapo!kw%sPWn=n;9z{yElpmlC+ypiC2Q?4r7l
zA+g(ky#kZE*9x6?0ZTvO<PGP-oJtYRUdhAwUSpE6FOhgzN!HhJez_~lh3lQfZ+xtd
zJN_amN0_bG+fZEj`6g6aD1Qj)X#+Y#v?;q$=`a3Kqvfm5VaN1&!fa2VB&!x7rkCNf
zAtYOXTY(Eqx!~%=oP;;hbm*s8Tn6$^1Sjq$jM>U-0v}RTw5Unn;@~t!?UsvnUfe9w
zI&#~g1|bWeFdy)y^WW2$rG^o6fXiu3P7T+8r+dUX24kg?>0(h8RNq!Pkh)WT5~x5_
zi)OITw-?V0DJw2YTVuDCIyHQ<D6vmKBwei9YVU7^Wc<1KB&Z3N(!d7k`6!6b0l`X)
zJIq-#{CjV?t$G9Rgx|CbR2O&Xg`_RV0AuH+W70Y~ey2ncFT-g+5ox3`5#t)XtmLU>
zaoC?--ZZcLhiY3^Qh)ZQ`$xA~?$Ld`C<hw6KBb7B&=$wavpC|lx%HSXpzojBZIY?d
zmiop04u}Uhwz95c&dl~-XJ#dlo@)HaO~L5zEF#u?n7=C)3{etss^o3|Ay-v4XPu6}
z*O&KkWU091@*}C!oLV6H343x(USDly#9*a~gV7%w5N8{VlS*cYMO8DV9rGvdefLEi
z6M4svHU^+lOMc_5_{Ca_k1*0Onc?3?5aSL?YQR?OI={6KLX0#lajg;elVlrDo%wxM
z^bH#RR4dxLVqpH+3dPblPpyT5JO$Z;!{8Vs6Pm;@hIt{9lLad&cEkCeZIcsApT9go
z%tK<6!ZD1Y=t=Ijq71<{o|FPI#mP2Hg8KL`eBK6>&^k4k`h-0>AjCr~!(Y;{gpg3B
z734tcle7tfRj9vt2g^>%fn{l3xDcaC+$co0EBQT%GV$Amv7HBt%x>U9UNKN2znS!%
zF&es=KN<RD$NwX@!mYxi`rYmQiIBn8(tu0zBD3Ij_rk+9uwinMi2;PB0_{q6Qtc-5
z2)Sr_Ty7E(#xqih6eHV7Iiu{oUrqGLWWM_<zh`^pf7U0~VP`oxXRQRETLkkBQS|HR
zzk(EMW?*_RL#7F+IhDe8kWjQXj622U97{AYp8k8N7xB7nLtUA?UQJ`l7WcrQ)xc!v
z0l<W1U&6h)7v=+K(z8>zsLzeh6v|}JUQ21omp?$C*ycxb9vY0S2oh^hN&Zei&6^p@
zjrAlOMpaRxVjs|D29c5`Rn;cJ7EqpuW5O%#xVV16a>SqxFaGCE4+RY6w2?F*?yN1%
zV#x2-D0Q}@DAJE_T-dpZrC;!JWinZ}Wb!h<@sJ$aY)GGJ(X8q-huL7MjSRj1Sgrt#
z@d-y>S9nCk>P!^To7lEPK|qHo1iUGWt0R#o*Kp&<kq=VfwmQbf`4vyXjd22EMt8Hw
z*eXnG=1vHBZ&p8kaiu(Qbyx(hIFbif`6b-D@GqLthBsnS@!3=){dJF&>BeIpA-FR@
zs$Vp&XpCFI;sd<MjW|V&SbbJlJ4@Kzi&xP4Tj9oIf2;+7R3JZ*od`!tp_Fvw*xj>X
z4Reu4x|F=ZIl(EF7peiHFRFzq@8vr^qQ;PO)?8U!7^;v#)ZAVFRtWD1Bee9JtCQ&B
zmxRoAm^-xn>YB0cx~#ob&k6=LIxVwdC+?+%rI7+5@?(t&hYWw|LhONn@jo#blIw3s
z_pS%XkePlj5F`Fo1`7e~+Jg{`blr0~7`xc7wIS|`yMl4;9Wef6)`-_+sdykHc?kPO
z(#-^kDryoqn+;N6ycYR&nm0!5FcRYl(ezIlIbGWm+p}*V*}nbV+qEU2rg`c;Ch>!L
zy}ZpM@?A=`5JS_1%@oF_g9-+4=N&Lx8~IlL*mvd~@t;k$T!G38D!dX7bu15?d&+tP
zg-73*>{2>po<Z8Zi*fiAT0U{*_cKqfufq$&45h@c65?&jhdH+NA7eJ1@8mMmf63O<
zw#`Y_X(W?VXssBh9sMMu#I<Jof>jlaAu}CRBd@zU13b(f)_<^IpBmAc#N+of3kbj0
z-+trHlA`|?at4`&y#D&K+B<Xlqq1B_69ST)!0VV1M{%rryTbzHD|~*)15Z1h?~6kv
z%hovh-!LNxV&RxNkgKPxv@>v1%HD19nrGEze#me_sK*>V-{W+V<~Hf9g8}r9Ur*Qh
z(6%W^rZ||Xr3st@ALqYY!B>@x=&B@6pCOV?h)ZTT)rWfz$w}He&e0traKLqYbyIn<
zr1<_JaR9><y(ErBNSCKJ-VsMi$xWn7is={Ifd8EPb;K>yVC$3hEF%b@Gu2`vbf5QM
zLyf1N`pP6P0Vmu>jCv?jS1J1KmT!cw`r93vbQ0v)5`HnByj=I(N#Fr~K6n?4AYR8@
zUeveiR3mT*cYBpmk+GzF{rh?tQy-?UNOj&6+x)pz%rH9iXx;suLRjTt4tnFf!m9Z#
zG_)5S!v8`8gfqmtWocMQ(q;=P;RRs(TZh&Vh7Z@u!PA>pZ%?7UbfLDSXqPuY_ov2D
zE>Yt_q_;DYJ|0|#fAU!BQR7isZ$+J;U}k8vmqn$ylnOg!@9qn53!|EPLd)nE*reb4
z<m;fC_C!26-xo*1POWh-_#k5GVa{B)X14I^Uc!A<o#b=`)O2pX_foS>G5PUep`}J{
zR)}#KLP|1tx4?BYc>1XHIJu4X;K(v@%94>$^*S+p=x>H^lY<w3WE<4-)gc{~)GY5r
zr1SX%y>GD<Z-{twVBh8Gn2OlRsJFz{KhrrS<HZLdrTz9?ci0yP7e6+g$E~GP0K5R8
zjJ>hZ(6G3^G8d&fK88;Jv6D6#-+FMozCM4Ufbp9J*^$=yd5Jb5*&T;Ow^t@rs}OO{
zU+ugyi(>jJT;~n7GyhKV6%)=1{Q=@P0Yt9@q!b0{F)3VRp$WW^7o<<+jn*ZY9Uq3z
zpCEwcn0-)EK6e4o9=nQYrm$Q^ED3b2xavYT&Wqt8A9sE4ur%@R{V@FAUxaT?R1Art
z3kl26Rkwtf8I&OHP2VzP-*$uP+=?7lqvd@apR7^L5u+HT1a{Ky{=vf`W%Xo$GY7k9
z;fEYJxow<D;Mab7{Pg$50Km0((z<on3+R>bwVMy>qIBXS_$%LzF<lUY9#+4%-Jo(k
zZqx&)r{KMaln{PnE?0Rb<l+Bb#2YzXhS24&2EA76)f==y<fU>&gr;4B&*U;Q$EJ#z
zYH>HTsW)$lSF_Wf;}UJrcz}N!0IqOzZ8WwBnRQ^06J|}J5eNjnbJD*y)l8^UZ;!n>
ztDJkVI%)oK)}HeCEpl`0qd?O&aQ;y1eyY))0XaB7|1n(R@p@!9E93S()hPLp@%kU`
z1bhAQrDqwC@R(~v58W&scHPy-U>my+A*GYYFcOKBSrzLcL?DOo%|Gba+}-1^2Dxjr
z)@x_mgh)QjD-WOR20X_`bT7M>!08N+v3B7*v6G=Iem`geB5^z^Td;Dv9A17lD05mD
zc`2>ee&xs#cKR+oqvLg|T*F_j?BzJY8|%>Q!L*4}0Y@!LJ>#Ux(S)ar^i=o~^#&fh
zyTdw6k`40k|9U^nFna}n)z=N!Ctc?<5Ikh7PtD#~7Co>KKl;v?XzpDJM)I7Gfn24a
z)fd-P(Z+KB64wMRN3!V!(Z_QU&xM~yeG0ZgTBJ=Rx_u8WugI2{6zbdc(rk{C+}^F(
z&i6=Vai*fR|Luoa;y}e8V*&NF*uFld_4dJ17RD~fq4&q91Heq}Brgc~o6HFQ+3VF|
zE98_ZU7ivh-ln7goVAo4|8Seb>aZ^Eae`Ii)eG$-?>D89$x}##ka9?4Y49hWOyj(R
zT((S|YVtaEn8y3M#iQzVzS2|HRD=_cfY+&mWq%pe#nBFF%OP+8&lAbZJ?qh@okwBA
z3?B0j@)SBr{uTRpK>##=B49_O3t$~bA?}*DB1ALDWA!UH5veE~sB?4o>*#S;XCqI?
z{jxuFexk4-+n8cmRC)ld`I!5aqYYpLZPDE}b6cCLZCJ0~uLs!OX5$5Uf<?yB$c{P6
zx;!y&z6lVk{Re(PuXF6GqFR5>%Gp4@3yqR07FRA51E!^Y{m(v|wzj8r{ru-WF3C#p
zw2{=-ZgShx%y?MmleDL8w_GZk(_e^;FYF+8kG!}N^77(aeI^S4#oQ_4&EuV=DO%QK
zo8MH8v(ol%5Y5u+?dttu2Xt1#9hZpGFZLu|I_9$I7huRAp;K;F&fUv>Y4p%T8v!s&
zgB63bW}<3h^P&)A^`M3-yA)3watoQcuk3q-yJr^fVr}Q;2vQ(t7_9u!{!@%(KNK@;
zCc}5NPAJ;X7^rf-*m?_;Ff!uo(Zj!ozl41Kgv48f+^9h=G}w@W!UaZ&UOl;I#a!~^
ztinW*eF^!baIGB+z&urZv4D3!yp<0sDVJ-$I=<N29~?Y9IbkPp_dFFQAB>yoRM>N>
ze^`1fWkK|K6aqeC)?aY&bbF4lswJZR_0OBg96b1A%b*@_hu0)@&$6(TJ87u>Cfi1}
z-*a$k*s6VP{bz}wOoSnb7ul-yGE-Y70^}Xx^2jHj*V@^Zv{c%d(@atb@H|XzW++A;
zut8TNNJtY3amM=j_?d_h1+Pi);!RdW^ZW^m+ma<#A%8<5q%P@P+$EA`3w+(AywMh~
zWFAtvtS3kH<hY3Z95I4XO8q+Q?#J{7Ia7%yWrZx&9oClHlFftwyh#&Djh`3iD2!7L
z0ltPu#uCjmKSVQhZutYYU~E?`pGA;BI;+YE@}O!}+w>EmmVfbwK+d0pwVCuU{sp4f
zf^Wl9GVlAb%qk0G`=6^M>afM|Mk$4DfxMA*0P@Cm{4v}8@J#&#vrDqtYTBt30Y>CE
zw9h{HSBfaJAk<XFdk0%AwQ+Jk(pcBW7G66<nm$%4NxnmoD{eQFjv!`@d-p0eyeHcC
zcd=`ngA!8gl643I!L%W|bfbTWRfim#+k60gKHxKM*xp2&8@5s-w6x<n9Q<-hhGADi
zzPXO<o)Uz(HG8j*H#&HGl0al~yg6SyG{;d^*!45hcC5dYkxYU1!C~;Z3NLw!2BU*P
zw*H%Bw1z(~#O}{I%Z!au7ffg(wRBjQ4X%wzk21m){n_4jmn~qQcl^dl3<j|I_uK6;
zTtZ7=8|?1oBa9+|6r%ow++YJ6oag<re6Ql??kf}Y*UMBE?RP^5ORn^bs^7jsyhSec
zCapZcavBJA(;4!RqY6E!Aa$LGGu4i`eV>Ce5U}wFLpwkb#fO@zGwJI>j@3#s*xW>K
z@Q+09K~4%<1ZLPhGzGHs{-2tCMd%k-^Vz8NqN{(#-Gt6tPg->2+V9jc(=rfd2ddZ6
zepR{sYaVI0IZ@+w&8^;x<HWOCPPN&SVM3yP^P`qMTBLDu_!_*V#Hl66-*lvD-e_%*
z#2O`fcqq1}E$D5h9R<!3&Z}>_F^9mW;@C7}_la03R(RJxe?KU|!BmG$)P2tPCK-Gp
z7qQu|++Du*H7m)C8+&l!l?TE*k}m>3LmveXEWs0;y6k-H;YyC4dAz54rdVsI(W#Q0
z?C;nLO=9iWb${n5IOX~v*{GkWFQ-yvN1<Oup%C^U#<aZCQ^*5qorJYll;mRVpX4Cs
z82Kf%M6B<(9L%jfVzY04z}m(hs-&>^pxWi(yz0<l{*<z)0d-M5suQ=dG(>yoRR8_;
zz=St5=0Rb7J4)!t&pr*okh~aQFkI+uxqW3bx?mfan<XRSEMP{R^i3k9h`9LHz!59_
zr#LF0I+g1963#G)v*_wA%7(i!?W6r9T;K{7QPDqVMC_)n^@*l9V$b;px9!@V$WC5h
z%F3awhB=QDHCN~DFZM%Z*|p09ea{nHwxXL(By5qyt?TN_st+~0<x=?WmukqZ4`p+u
zj~}{k@$W71&&**yOfy;)p%0_f0|iH~IIH+BE)p{2Z}S&~o8OQIUFG-k96Cgu2oZ-;
zA^eViAIun;vdU|NT30L8aHSNbvG9-MUrU3c@%ykosKe@E((xi5*H~hOcm5OLqW~jB
zfOx+J_y9ifl)Tf4=Zvrrd|@TI;Jt&)a+~X=?NL=lyblbJE!L4%x}I?xO=Dt|<!fWy
zNVOUptF<1Cdo{kE?9$rp6_wnYWRFZRj9H>CX2stDsOMjrevG&c%TXDS_@90w6UBv^
zzGu=`1Xt6tQz!U*fHjQx9-@90G3QsSGEzYDge&DoMK`h-GVMXlv1vZUOU^t%r%~|M
zbhM%jLVQxufP!{BEUh1f-4~=IV|!bc6)68S%cfdmcA!zKL5;iWO=41~!&JlKnZ>L2
zpVqn-LXDXY>ZFKzH4FST8`@Bm)5YXdw%IlL-3@{jD0!7L+k^U33w0T`l9|E+hZj*1
zY$;=Z7&@S2D$ShrvN0(044CCmg=X7AL^3l!<$o!DB!=PT1NrKA#r<!;ElIBAj<{OZ
z8N?j<khz<VY;p4#hLmcf6(iazZ(%^0FK4agvTwz<c)Wv`BWHv<kGk{@Enc*w_o|`v
zNLWqMHJ6@i*M_=}pDCQ*5g8LMY_^kWzizreBP-svohY;f+>1^T4!;MuL!sT-k%yi6
z%v6&9(NOKT<6htWT%km7tB`)c>cXwkBv?7~(kTlb!f_n@3zG29Oq;i*E6Jyh44Id^
zro`ppk0xw!mb;V@D9f3hyQ_!guQR7hGm<?Ba$d45sH>=pZhZUkk`!g-P9N<eH<Jah
z@R_R4D_*FWpILJ{r(Iil4~cQ<X2^nfMDAy^1oqswBkN>xf~z~Ud^Qol3cNmWk`-8g
zOQB&t5{Q~e?8xvGmZOwV>z|W2z61wR9DTp2hvDl8pb5u}`LA_&o_>`~gg^(0V*Mt~
z9C!bUmH>_quZx~`A$w6aH0<P;D#&L1PQOv0A~gFZEAYe1lwVcnu<f5}_jZ-H>U_|m
z7G*bd$8T_R7*a8A2A<arv#%nbSQ144-rq3QUgTn=`PH_8&kl6sI-ux*rQVX3aGMYY
zTZ0vl9&K<>l`q!Z{8S_FIB^9k&z!Dl4ebDi?oQca6C>G=xjEu#&9Zt#+pOlin7Tte
z|5*`yxwCd*J)TfokkD=?gEv9SVEFhZ;%#cEzJpH#3iEB63%DpT4;QS!zlm8PEdIAB
z>;pLxjp%(Cp<;O_kN`V^DI$_LM8f8HA&;{%;|lraUpbh<?W?{Ajbb#!m59p1KbIu&
zAx7E4WTy}>S&-|eZkO>d?Si*NN@=fY(mSkeX4b1I(^+3Fe$_aOkFl4{6mjg>XwF4S
zA#+J)?}U>nPZc&l(k<f2)%osEX1ZV;*8q@J31gLHRke=7pJi77Ui-g~z<U*BfJHMF
zo4e(&6xRF=l8A_Yig*=|l)_Hp=p{;)dNT!+^huB$tr<ZD!_)*|r$Ihs#7~W!RP?jm
zZyMBjNbw_gOV8JK%Du#GU8MF#We%sr-JJ1H4q8t$Qzg&uJb)9+kZ2O%H|QwHd)Wm^
z1Se+_$PD-TmLZCL*=u3EgHfZ;5Aio6z!fIJd!vL&mG@HO$;`6qBw4%EvIxLlbdu+W
zA$HV-%rFGtP0MJ85?_4Tos(R)pAWFMpOZGZg@_sN17%>=P!E`s#Tx`HQH6>o+{X9O
zw!izQPv9&AA;vSho5-bgf`A`>qCy^>TrD&j^N$*nj_1awp??y?VCX^SE{<jb_PZ=i
zJnOIXB0Nf8{U@Yo^mkq<;ffQA1(W-~NylT!yB2>U50u%>+@-dP5B3r&KDwmRZV4~s
z4(<$JZmaYL-42sW$a>2_Ar>7#?j->Nn;}QxyY($D2C!O^9c<bloEC5&eyetK=1uJM
zyj33MY2U&K>|_}CI3d2PPD5y@zusB}q`EbN#N`AJ`=?N*%7w1v4pu(sC5#^dI5?ik
zpmo9LNmv}|;Y^Tj#p)P^13VA!gQ2RVw-lt0kW&YF$TH9$Pc{c7itaD+yQ`_krWHC5
z%O7S^y0wr>?(=RX{B9ENO<wK`lzdatL%k~9;_e|xK!t^R157a+h|U+N6W6iSyx@D*
z=ac9piozy?I8Ec1r8T$?Ropqh(yis0rH>-<<7zqw@h3ofe({!>(X=p{nBai2qFe&f
zd7zrSM=5KuD4srXvT~fqXS!Gu;p?5!uv8eX=oB+Wh^j}&VL`}VY*ez)7a1ze(-h)=
z)&N>(I}?xI0$j0*+GMc#6{KY=;-7Z^X{pGnu+ol?_V;W~ZI#w-{bDrMv?SZTRvO3Z
z8+)Bw3gmW@dPL2oL_$g<;tBQB^B)qE`KvGCVsgJc!u2Zdmvja$J?hcEc^tbC-yqWl
ztkdmESo6RV7cztz@dFaXy}vv6G~-81A(oOI&g#pxDZct@C&3s`@l`>uCgSt<=-nQq
zq5|7c(269J0g=^{>AvuGH#P8}sf^xBK+?_Q#BU){>xDa(4T-iukbJeWKd#Ysl4tw&
zQWR$v?`6T!T~Ujj;JN}=W^EDzxtE7jsy<Grb0C$jFbqnp&|>m+$M`6~sG3ZLzn~0@
z;Y_4u*xVLvn<2*>^QSNDkfU*0TD_M2EDK$W5Z>;kG@)1-%1Us@IZkwU`W~-#W?z(x
z_V^j))4sa0n2o>2Fd7Q!3afQ!&`aCHh&)G$#r@&z7jkZv>vlk~laT+z^QX-?dCN}T
z{o!cWcdZs+xBDDwNU&<foSRta;r=o~r~cb`=BMW4!uc5;Qx}+&ixJo<;bu_OwC7hT
zv5Qa=q?;LP%0E3=!V0lL-~HeOL@8e#)bdUkdmXl;AeF{Yp75XcT&}haE@Ywd^Fw`<
zjSc!wuDlpGIg*sLYLr-DFPooA;m_Q;fxDJkBcUlM{5#OC@ueLJ-#Tx(`?GTau2Vdm
zrcj;9V@mynW9VZ_sL5-iK*BazvU_E1XQ}aB&XyBBD+`3e3w#-e{yp}@Mt0O)m-m|z
zZJ+cSxt$$OE#H`q!|On&0$<tPmj(BN1gI;b#UOrKH5t-B<P^s9j)4N*o{3@{2zdL7
z`7@;i5&GM2ZCI}FT_~ACJ22W_{31z}k~TGe@{uqIJ4&IwaRuTfI*Y=!pUcth^=5QS
z1nj5XCS+<4-71icj2~(C^>^$Qw+jRp-X~ChE;|}huF=$*q~opMxuTgzGrfx<K1d`U
z=)!<#pQc#}@ra+k2o4Z}BuTFthboeUk}vB)k^4&=dn+B$lQhm~8@41eUs={v<R1;(
z+gKsJafrWZK!ea=ZL7DVS8{(@2Q{TNjON8Ue6O&3^-M{p`6E4keX@ec;7YFP=mxs5
zO6WWtfkV*D#BaGV3_2nbS<0H0vFf!*2z>#hR{cJ%7oM%ORARd><7Wj)AH<g{zv{-2
zqUD(W*Ig}o*3z{utxGjkdR-xihhaMcHr}&KS(fOY?eKpdHUkwFC%8f6%#4V>FldTS
zlxkvKaRi6%W*|sMT}+JkdH=&3UPkThjXdo(wF=OTp7Z5Y>($VLHzDsepv;yu$ot!;
zje(fI+V%K#QQ*J_qEd241%Ee#Jy+}}a3YQ!a}hqg1z*^!VOby$1wI*L3yK?$p*;;r
z%${==zHPQa<8m8Y&;B!d;$_61V6JDQsrMInY)oEN&ygSf+P+18<VGJA+6(ID8)UUN
z$XWZdVHyK7(hh5B@T53IpJWL}l<?TlPs?!awDClEg(=@FiBpb1W&n<;?ZW8HWlTq&
zB;o6F^f{t8?yY3WQt*k_%i|u$maf~&pTc=r88YKMtT(4=8my_`F+$Fpc%bk!@MV7-
zQSZq~TOgQ}GLg%_DffN17Czr&rjQuU4gCG-3SVQnX*nDdStj(b#iR%WjM1YA45Fen
zk)Gor%fF+R!u%4!7<B$jj`Tk`WwwkYu*(95oSk#dH;TiQivdPgSGZaX3$LYPX}lvp
z_CuhL22ClI_7`yTq4}YVxKMJd&cYe51w-n^-#Mn>wmZU*&`@Ym0Y>$n99ez(hSh|U
zs3v^GT#!N!|HO|^Z9H#<wwC51l<>dm2`m3?u}3-6ZC#fxdogt+h7S>aU5kGlMD&Vw
z!<7||gBZr!p+B_N$(@NCYfxK-$)Vnu7k-&Co7#iHyw~6A^qpPg=JVU?9Gv=~660U?
zESc6YQ0`-kB@iD4sT#*^etZ^AOv_=N$Wp7Pu}v*~H_v~K!j9E5n1QXf)i&<WP^FrQ
zeq0fa6i)oa0bMA8d6pzUVi7H6Bi!lmI-Qj6pQn`Lon{ygL#*Vwyf(Kj?HOj4I)Wav
zM-j<=8xHQh&knCN9eh8y-}{r-BDwLHzFh=n&#5d=_L_AAF)&tx)wZ1{O6QGrXttXR
z&o|Xoq=a6}7C7Bv?1?sRjXbz54Bm`7RTS+u*SN-48{0#FBd}4H;qeaC8#;|3<*;I|
znCU!~NuQJPh;AHlF<{WUXj=|{rC>=(1C{i}k8y#-)L8N=T43q@^EY-R6qzT#fzRKL
zUbOw(KyKRD<1X+;n-M2T6@K0cwR@6~cfDCno=la5D;kQxMRAwYq_IcdA-^@xI8(O#
z#*JwxFZbK^sdGIog|cM<f31{;9Mk;|3D*&=4F(9J#J!eezwTnTBw|2@)EsOx(uvV5
zJ=C~geLQ5czF_n05b&5W<Gr#6(yFo1tRW9b{nsbUP8B_b!iEGiB}bQ~MG_*-x%fnb
z*u423Cg*bug^?cm$|iiDcbf!Z)T4hpvW@MT;eXguK`WKTeCg2K>_)#jpuK%rvduS9
zdS$t%*1(qiP#$SCNlmj3)YpKuo3{f}OtBl2;LOurG64^oe87+98M`*kIP2oPxz6#;
zPt9EIB^dZ#*EiV*&G(f$2pQFBr{1axE?;%Eb3@iv@;m!Sq8}f$lja@`wDh-h6;j%A
zdVgiG<oQ-ly)O$8_=NiHA?0Rj$;tf`aJ-ruv^i>3CLhcl9k@K2)|4U4vf}B-L`c{t
z)@K-G?<iTbK?BNTn>af@`w?U@!!VzqVEMoG4)CIWk6D|Ah%9NoQ!C}2P7Im0LXG}!
zPzFZylY0P9@Ut|FAkb=;l4xpMlzjjX@XYz{J0YhS-WB7;u!5w!^uXdUZHA{E+vZt;
zm6;WsCVN+kEmi7mXO+fxWCL23q#tWMVLU2<alk~=_4w-6miRY@vdO7%JuFWjO($|p
z*^$ZHYEHOFmRO7G?|UM`S(m{W7nBFC(--MyKsKMf4PiVjog#ao)3fE#b1P13Q1YAH
z>(8@iKf~Q7-P_Pi*vqPSWQC{+ry<ZRkQ!!ADv_KGwKz6GUJ);S<O5-1oH1@l?Uxez
zMxezmL_`8C#{FY9LJ9H@>i-+3A$JoHO6_PFIv345wG%QVYOXoI7<l%=Z)wu?yKd_3
z0{msywJ+F!IA5r_vAln9DwK~MHq7tA{{Xfy%F|S&>H5<i@2J{obsa!ptY|H3rC4Y*
z#;KX2k)d_^>{7Jd<mS_?<)Q~KDL{sI%!=>m7JS2_Q(kU_aN|mE>#P?bJY2OoR^cm?
z?%q#xW;w;W`I=gQFRH207$l`BCnko3$)R)@O3f^g3EB{5{j5%heh7I$M&`d^pqeWI
zn<TN}p>sU+Owx0_2!VTTn<Sw`zUmVWo0Ty?F88^Vw4{n@{eWWtDdl4>*IEE46yJB3
z*@ExZZ6w^!H}%VY6fvJwdw^_KWIk{y=&5M6Fv|72@#A$^<+IvWU|>Kl1M}mgW0akn
z`h`;Vva$NKa>-ez@^u~RrT9AXWNkQ&!0uXm$^I_ciabZ`LKT_`FIMj%WQ(JtoLP`>
zOAXR<b~rE<;=*|k6sS?=>}^tBQZ!;<-YLb@ONCkcR*`1Qi~XqoJ4*^f7b8HI+;KSM
zNQu5o3i$x;wds<7|CsWsjINLuH@0-Ehv%)<_>HeGSW4CJ>fJnUhHq>RVB0;o*x^{?
zp;oLNf)|c{P8#FxT=(8s>?yHmYSdir1SeszX72%uY*}4KD6NxgN8uAql$NC*Z3dQd
zLK8H`tr>&&`JCQWQVr&YA|&uT=g4fYmKY2~zpHb3K|vR~`VPUL$$!ruu3_a=ytwe~
zdb*0A6n2qf*2{6ot|3XeqyIlmqJk5UOcui*cBDpUC4+qQ-fK(#CjWtpwSqDaaK%5E
zTe!HkbM{d_=!)&i6U1?UZz9m-3Qhi^-m}|@ulklPfsPDxHV?<N5?mj_ivPlO_4C;Q
zXVp=+6t)>V&C7uX>Q_`e2AIgt-TEAHl3=g)z|{s5aPQI+|Bk^fL+cI0(VlcTXnFgF
zNJ2hro2TG5F*YNb<-$-{fWf)Mg}wX*s9!lkp`v<Zvm5<)ZH#Xag>-L9)EIovRl(zd
z2N>NKJo@apWfsi+@UIt}8a<Pg?+o{Mz=ZAnC$zdU2L*ff3Kt)A&~>`m-+#I})idD^
zox?c(x`%FinuNqU7r_2K&@T}J`Oc#-9q9BX+usgkYW%`&`X%<k4d`;SR|w^aAX#}e
zh0*}p`$0+jg1STYNt4gT1oo0(S%<60A`Ho@$e0|qFFy|7wa%A^A3ZyFckaU|)uX#8
z;@w@EoMXOoLeq35`$bXB{B2*g=p)JHThE01vDdY9a(j0vHD}?MiB&R?!b#bLnNTd)
z@VZiy7}y2OA*V*qOul5aGe`=SfRGyQFP6=>Gly$g3CWwYOf8QU-+-C!ltcOwnv%+J
zOWxg;;kshJ*Uq6-v%r<L<de|yT~9arJBM0=bqQJvnP;E7uC-tZZ=U01(*2shkVlro
zWBz=pQ@mMDNIhK<Msj+9u&_={)&|~Z4&DLCY_{QE;K=bDL^U4OD#;C=C1Ko}s!XXh
z(&GIgN;Jql(wJ|(`AWg0mIm3j$)KCJT06O49D~X2@O6Uis8)C4eH7^It%#G{7pjHA
zGyjBVLx~;Wphg}%u#Vp=M3giH>>Bcz(7dNke6N`Fdr)+!F&}vidESXlJ#gzT<4kaQ
zJrZZ%mbL}WpKNuf935hpX0~k)R=u2CXzjStEB_`$dH8zYgqKNPAqu%<uS{U<Lvtus
z%|T$oc~Y7qsh25NB*4P$+-L<DdoA286emq=&P2%k+{+MY4_siBwsKo)YPgy`Yf4I>
z)byqkk?&)FR{lEs!^Cj-At0{d5Y`~20+(Jp6}W(8e)2sMq468yy0KHl$GJ~=!O^l#
z41=7kF};V>104jke5z~_p~@)lSSWH5@XsymxTlofyJn(ul>eekvixtjIxQt}&fv#_
z1=|d0E1R~9)4CrV_Q~G87x8eqD`OC|EN+r{ukm3VmSNWj1mq8LjNIj?9m&sGOO4CF
z+Xv-qA+~ZV1+ED>4eoKc3my>L+NS5nUOTfkSf1A1UX?AS9g@TEFG~PFQ#x-IHpd^U
zy<yDiico7^;FyPnjGLM2a3~KJuCcr(lmmn+ak>@GH|CgY(usW|7e&jDeXp<Js-@k#
zz1FcF?M<jAfGvE1Q|3!bzq$j0lTuZYyFJj&MRK~Pbj=y`3J*BR?@cteD|FIHjzONW
z_No|CGC}?U!71}oPUfyCP_ceWtN=XJeIIJZKiJHqR{-u3-D<lJp=v#8A$7Ijtdg7$
zo_uZ;9;H02?_*@Z5GL1TAj!5#Six$L&;^7ogt9=^FfAf>C&GbR`bM75Qww^BM8ou_
z>K(!_#J4}Bk9~xPN;j`LAUH=QVyFE(#OES`!R}NVOz4mn=?*{cl57HM!*dAFckO~5
zQnT7QRh{`oehv<__8P<3=qyrDoLW0WYz`!UzXq>(M8?^lt!>i*C%G8spau|CM9pxN
z%Zzs%ivL-d<Z$Xy<v`ENkLa3k?G9Uid_(nr<s%JSlHl@Lb~VIB?Qo2P^(o}X8_Nz}
zuo&wAZLQ(8aikklB)sT=Obl_3eJ?qy7OQ~2Z@U=TzpV6}PK!-R5dB^zsS<XLa`!L=
zxnjOpp0u*7h(1{1E`B&*lur{SxcTwc(9#g*Xbj^ZrpP#C?)#2Y@lwNMGFO-LK0$&A
z9uzH5p&Kq!@k>eSuy-VyO+E+-RSq-uzy5$_K>?rXMq1$kN5Mlu*|p)u$E=K$Q}K?X
zwK*9H`|c$w^TRe)@cFGd&d<FuRU|?QrbFs+H>)KB{Q4ig>!<m=XC+1$G;hDHZRSq4
zywFCD_9>m;E!{-FzenOBoyOyGAn<_9-x1GGlNfWI?~P5A%GlL6k3z=O+8BLg2pD11
z>ickPyXIvTv2_aQ&&08Buu@qAsWxlHN8U02W7w#u+kypU<8Owway$rz*7|K39bp+^
z$?~Z$rlxn;(Y-KV=^Vh4Mk3Q@<}!B&pkrOo_UG*&=Z~F#I|9s0$v6l45pNT1#np!r
z8CrL&3)D<es16IY<32C)40Ik1J|}N|S;pE(h8l7lo}>|I)t*!$tkTBRdHo<E1L;S0
zK!b;}j+IB`!Fpk+ON$4#z~d3$xk)dC=E3x?hYx@DkDEjSu+wRA%2%G6&`n;EuBTr^
znTdfl+FECpgsbaKywE!0rp#AOsp+-}wTyAc9Wtj?fzuJmv!dXG(jh$bBL&M{1Wng%
zi;D}Y2GQ!r0JXMI^G1KhoC7}XdBHrb$voWsMT?pVlq+e0uL-*}j;%l46!WR5IpK=R
zea#Dr?<;GIbO^uCIZjs#(ipk<p)ZGzCv*bi)-_lo;GKe^A3^SDr&wK^^cAhT3GluP
zp)J1`Eh1DWLKdFjwmu#OYLEO+;_CD?$O>=T9I^@-8(4zoNw}$rP-&l>ag>{G86QLa
z$t5AS1JZ0%ZGaW8PNLEG8an%mjUTw(cRbqjNZd4ejf1c!7h9+v`9pw;$02;}21}Zk
zI{xi~o*HTW;_f{b{}p&h!Uy1L*c&@8ahK9wD=}caGHaSLx>_s@`tbav8g4Y5|HVK<
zj_sOqkBDnJG6QpA5GU&3<x?n$c_+{`mDX{ojdwRdv%S1UB#-8mN6vKxwyT6pmEDIO
z<jkbC_>iXqM=YW|iMc*<+;A9|U3AAsTi;wOl;5s6&hym{!&;;|DHu@fT6S+f9+>#Q
zR7r^QT>7Hj9&RKEma!?T=n{#oKNMfLo?|s;<N&)fQQYRwhOUi#^V4w)R#eLJD<XM)
zS7z@pJbbUXf`9-@o~L<Yl)Bq`319GhBQT(zC^OR4#+ho)C@WN4ZhIN@3p;Nizp+Hu
z-2~>FYVr4Ju(%DOUTFTp;-YsXM`*weifbvZ)1c0^I~NP;nub4H1<@&?rSaJJo5D$A
zmwdna4iAp_uvd#TrW})vh~ZXzT_7I`gJBv&_MEd<256s?Y;faj`wB6IF`tXjW&$be
z!AjJu_g_cV|MS3U^?p;L28~jt`{GQkT0WnUs#nAkmTy)-K8=!oGPVbY=>D?>#!Y4J
z6goQbXpjr%ORRN4qMQ{NRT^I}_th?vkM#I*8<Te)%(C~(X*9oMk%-OACt-rZWjL1v
zsAZO{pstR7OmRNfN}=8vr0m*TQgmJk;9O-|w6s0H%Q87!)q*XlCZ#$YlMbp+mFZbc
zKp=)<2NJ$67(r*cs!kDH;^pB_YS!{`ROhS^wdYB=JLo-D7L9<KZD*$>VXS^~75sXC
z)S0z}bjUfdVH0LFEkA})Ro+;CO?QZXiuJ*UD{FT&sL&bf&mu`xNakCh>h<LvPyasO
zX9nq9l9k#IOnoBel6*f<vk{#Uh?IUy4fs0}N$M6<$c?1bI6w-K+F=Vv>NYwETXTpM
zLd`BZ&a<C4co`|aoNz8>fac77L1^HCbwxc8K+{?2hyq|F4_PJU)m3OuE(}Lr?2*p|
zdUk8;4+t5bej^*qcf&vVvv6eWvU(JfOMF<5FF&U6Raqu_d<Uxd0-W^EGyC?uM8+S^
zIT-bL_2m8@M%PptrPf!C9$G;@7m-LadURI^2?g<|7>DTLHwfd?H<D@bON{Wduiv?g
z)oAo^AnYdli(N*~sS7rAq4^S@K}xB9;yt~Lz7e~}on$;-{Le9tkMb8*%JR70)RuII
z>2pc%j?x3)oUwkd-z2kh$b4hW4_pd4E|$COsDI6?QAQe3$hJ$v_ep&cCx8o&c``y>
zT!AkWDSk29#<&ACrrC*6WR5;cERAIntqYk-*}6na`_(^h9^T`Nv1RCMirnYgXls{g
z#7_%bXQcE|dTYGB_)IiN&`{T!rY8uHK`ts16(GVmXOc$V8-@KQiIYPn8pZ3MAPK37
zzHCqzD_23TDfU=#%hfUe_9f(a;2D`*)DtDkr~*C{DPmFDo2U><OcJB6KKZaiC>d&j
zP-3!7G?kRL1bp1jl;vp1Re!wfJ(QfKJTYu}=yO7=z!^@I{Q&GVzD`t%SB&?vb732L
zCSDW?>>8)3=xiL%#^~NK!z~^D>;4i};y&@RZ?C;qk_m4FW$wV&BwWuJH_niJlXS>g
z6rV8`AmThXotQ9C9B)%;n()WfUcD9BEyFZg2^4XUK&Oh^nk}_;&s0+R&mtkoBp@)^
zZAwxOEHiS!Mj^Qe>kf|M-I!gvKZn&zIh2=Nct%Dp)J$qek|$K=ufttG&q%6l!TKF*
zK936OZqGUV^bWe6#7fR6llQaIQo!%_uS9~GQ|1K@q(_Au0kAuaN3ei@&2)+k%<h8=
z@3b@-jbW~pLsF#%>;UW@Vn3}WAc**Ci7e=n^Hd6QA6xM5C^f`_{w$KQ1!SUGo64%L
z1t`&K{tO<^EtEF<aQvmS`lPUH&TKgrv!&iY{gS&v$t<@iIwi2o{8<~!<!h#?T{jH>
zdTlG`&{Ck`9x-QPHBC-4UT<sLW(HkoN1$Qa&$RV*m>KXm6XC<bn0KC(kmx!JIanr3
z{U~(&rWW&fX7?yZd=2SxwQ1`6!R35SGILuz&%C9j-Pd+3Y<g0%UG_%ZkBuwSd|IW=
z+Oyc>nb*Zd+$oOdrjtMGgZ?bp8fuYxT5)QL{vS4w=nB6aJ3<D#Sgcjz`aXM9yJEZ4
zHjWen3{Mt!F=n9ExK~j!PvhdQ$Ga`GZO5m_t9!7{2hXC<Fn-vc<-Vb8g2T2FMvOR4
zDqGZo>=uXPta$<}C5diab>27I7FjKpbdNpPzk0|*u6}L|Qv^ZG&VixcKdTJ}NKJLm
zK_c1+fnBKcBRF7W+|<q2;sjE!fma`1s(lcC{-#446|MN6UZV@>{;U@)>(laaMqrX+
z*h43I(+6&MM%C>g<%ypt7JdLF#G_o}$LYoI<p`AC);5)f+6n(e^E3^y-sf`4bN~sN
zn<7Rinpezw_%*LDoI}a5<M1~8c){(%nw>aUoUU^=PtT;UItN6sW`9lk>3}rz;TuU!
z&>g5YJ<Kngl7?~zSET-<tCaSu3|&=$WR0gC4y<$~VEnULumVCFCvpkQBz-M9Pxe(h
z)QCju*^jF|yHj!}$@9kt@{zPf;OFDo<F#jLp}E#4KI{T_+qGL5Y+sU;^hty{LPox1
zG&CLn2b8bw*?5KHb?%i<(aunO&*d2p%ZYxtO4YS8+@&<k>}E{zAkJex$Er{A-H)If
z>{l%G{t%owNhzPh;K4m2QluPAIcB}#IyNkW&xxMVr6l#=xkoG!WD&bM<dPdqt;7i9
zP&OnWk@rJ9O$N`Xx>y%ctVv96F=_z|+ok0#%Q7i_XBuAe8M5?UPo#OgO@{)*?O)Yz
z9SR=ANeUGl3Iqo;Z%_kwRi!Y^2@xxxUy3VIe?ESGN2TVv-W81V!NtueV^i_z#by3v
zfx9{xqL3HQL65iAt1M0!_oO@NAet<XrP~j+RF<lA#zwGYp6i#tgp<#Hcwu5=X~(_H
z)+=Iy=6UhFuI8uTT*83KJ@cZAJrrCJ`RFsCTRY(+C6pxKjI>Cch)(MYGmfx_2I3lD
zDPB3xstz5_5L|U?{d85to4oUQx@y~3L$uXd%fvQU>8|%NvC~gOkAu|Yee=<@S9h^4
zm-y~D?l%DI&!V7`BPbdTUvA&<&OPf_w)FbvPkyL<Z%tns>=c1qDbn-0^Is}InK@AW
zRWkZ!D*qi==2*4mLv@BeoGf|qbC!eVCFEL<q71=mrO?}F&T5xL>d0^~>hs)9V_)Lk
zSh&NglAZTyx)}Ai1b4@;3IMD>i^5vApl@V6q;mY0woMA8bHyti#@rF1=&yDYjkC+r
z;(&Y0At?P{y8AQD*)gE>cymP$VFGq7Y`hBN=N;cF*u48oP3Sp2UTdUzEi1;%6-pu)
zb(M7QeDn<_He=+9Oofa9!TZp!zZXxUn=`^~c61}NNmOtU2{*1duE+%`H+E)GAxr76
z9%j3~*8EI`r(Y|ZiQsuN6$k-^$9XNEj>(4Pfn|((&1%*?c-dQ}mRJi9=jKw2*^*!t
zY7oNFfSUQ|{0p*A^?}CWx=SJ?1KSTj<6JDf->3L#Fo&fyY2SG=2v%*2-X=qDF@jse
zG&(GY#`53DJW~EyGBz1K11cDi73!_igXrzFu;ThSWr7JV@C!xMlqloc7>ceqOn|54
z|7Y<t9+}6RR2m2~C=<~iwsuZlF5UkeAoWs3(AT_=KL|cY;erfIT?Cnw^-7XEM-`VU
z7`NYwR@UoW+h9mfGhG<whn8A=z*(xlS0aS@oPbRW(t~Mx7@8t>cN*l8xllN%U#QAa
zHnBAzWRIGm&Q*y0@*ocUSq0^kZ&0NO!MtH82cgs#m584(k-OzUrx;Uq?{~IYIxym|
zIHdkj`uXgg^y3ZnZ%W@LqBpg_WfFS@zVL+krbbp9e(apXw{@eFFL`B&S$FO%3^eJ?
zL>#!IvV=XFTN8e&XBxx@m+X>&&e>p<o!<g3q<s3fdI-6ywp)n`8aEX$`%gpD`MSlw
z7(uQXB;hb}W%6_%EDLd5Wl(sRR8Kj)pzOjrAk_Eba<EdY6Ds`^M4M%v<eQo;sR2=D
zMu>ceT0b3=4%tyy_f{RHuAK%(?;wmzsfBMUF=%GLZH0yI`F3`pqIm_JdklHcA*RHA
zy8Kxyp(*Ti(sd^+VExtEA(LC<;xJ_<M9%K+{3MX<<4<gLW?u>?q0RQB2TPvQyR5AT
zd#uzMCrDI}W|A(mq|L52=G^y!3x&vRlL~TOl#riL(sjt%I&W|2vrBxUp{Lp@xVeWc
z^<^oBiG70ZJ>b9hY{{{~XwJ^MZIPJo9&)W5o!9P4FuM4sD~7ohA??}AVaHGR?G*QQ
z5*sohBi-XpTI44@jM_<@{gJllN2V$s{DLA-z1V!dml34>K^i?XZ#S>ShX+KoVGSYR
z+;~(vNF!ASQ7gK`E~+E$_`R}luDJp=7}Y<_U<clR2=K(<Mv;O^`maxbC{Y}v=gSlV
z8-#_%t)Jc|clwjiy4y$$`t*nJZg?Y1^*)ZmkcFz<c&!}ucgD`nfdkE&7nx+onf;6g
z0y#G<)m6sI@){5)zi<@4G*ee$D>KIaKc=oSD$b<o28ZAl90CLg5+q0_xVt+E?(S|6
zF2UX1-Q6X)yKC?uLBn9*?C!hS?^iSD^kHhMZ{4o0s;&+QM02E2CU(!A(PmWMiWhX#
z-nkb@{@o82nW+Y-|7_QZ)BfyxH+nK>SnWo(#gs+_c+jaoI|v%We+}Rf-)sdr&F7J>
zeIK;c=V+oevsTjXw~|a<jc043C9qcFlGtk1qe^dQ2pEG|+78i-q4^RdK@gzgQ}h_e
z*7P58Wv-iL+`O#g+F)(4r4gb#p#fc(HF`!^j+Wb94SH%+67{pi#KdalrobwV!nBin
zgH>EfyC#j6)G@M)wkI-7mn#yFd6uN)2uDf6qj)^>j95`lD#!=;qj)2712Np(DG}Po
z{ODY|F!_L*xQ9sWmYm)gSqaLFKl*JJMn8&Q6yt>Gm$Ao@892kjt4-H@n4l8f$7MiE
z73A(>(OWrS%F?aFdd;2Jb49;uRrsm;>vaCx2^aLR0ff1@Bd}SQYDZGtD-T{iGf&F6
zwwdHlW5!%m<IW>tOR^Gm8L^NLea`UK1gZC5Y4uNCDU`p2&M+0E$QRQ&8tkGAo6AEc
z{ZAl3nb1`z>NI}QgbO0kMz<sL8ER5|!U5r3cn(~FtxNL95b$=y>Z`jC38%<Q&X{^o
z$jwYuzqN+%UlpaJ+DZ~`#p6Mx$HIfCARpkj<~oZEF-3cski~E+nF7ByXCk&M1{uYa
zalbW&W9$C24gx>!Udg(7`NXvW{T>hYS>N2PJ#Qn(Nw1`5e<dGOB2RlavD3S8&n@Gm
zc7H7$&waWGQ!Da!b1utW%4i&fd6U;A+f2|XF43V?y~?+`^3!Sh_V%OPjmLDyhsp9g
z*AdP$P6KV`w7Gb;5?Uq-b}AWj$<(=cloE}-!0^&`EVr0|T*Xi(M}lMtKp^G^=XKb}
z_ZL@LvDEB;cKi!J(h}M#Idl6Y{5xoCPe{cX8_6B?S!+0+ZB~o9woYe<R(zXS!$zm}
z;c3nXRYy~~^0}Ki^e_ZC+K!ty#@ForBISh1C*Ji;^l6{4svRy?Pgmvk<I<ljOYT}W
z&JnYc(G5qI`3r%3UuieYXj-$kN;CY0hCXB5@2}p6z6}=63<IeR&^XE?ot`Wq?SLe)
zb{b$&4gd2ev3cGqX_F28U}QPNUi&TT>1W0X`NN4IOE<NTUYsbmkrZ60EElHsfmdb>
zuNf+1>__+7AhiNjKi8NbT2-6F4m*#?PuwxmV7fia;!6mdO#_(95H=IxLsj{U&FU^P
z#Cy+@Sm>eXfF%4VZ-@@2`7pKn^RlX{cnP1dKT4zJZIY(E70e<UH_GA5a*3~V8-!4I
z@Uuv}!79reFx$B+BRO{i!(aUlWB55w-bdEkj(&WjeRdCNpYrJ%DIj#8<X?3=l7a=I
zTu>?}xgh#R^{V_O{<!h?eK*$Ko=G-f&@BM1fbsg-G)kG|#5~u@8qcB3qRUhj465oz
zecY$Cq%a&On(!ZIzB_PNdSkAW+Lb~DX)2?RCO_5p=ID2B7M{MHLy};fT-O#tOLJJ{
zk{ENE4|msLiWe*%X0+8{h*v$9KG^|Qt@TtO9s(U+q)mDrN{4W_VGjf4nj$WcsS}S?
z)r>g>`|b}}-A+@!^*_OmUZWZ~^*7_TCWABru8F8{V5`EP$=cl5qV7#F`Gk6+4|0+S
zD}?l96vCO&<(pOzSkAo75PD701BE;5!87<}4c~?NX*Uf)^A3`kPBTL>Eo5m9`FqGt
z8Sv2~G^%_Qrc;yq9e9qs7!w%Mz!a!fs<=l-`wel^5Hk5sRSXRFAxlKhO^WCl)-H87
z8|f$C`-t<UfmvyvGJZ7bi)Q);s>rl;81Bc<AM0g_44(297e{ZC7(YO90MaO)35Yt>
zio(7YV}hbaM+pk}iN8;Vd_)QUT^%;tVA2tMO){guz=o!o`dz^#dGmLq756v^C>&ez
zXU7Mb{*`9!bhKkqF}$w4qWuixP0Ed=tXJNRPS7r^<E%KWYO8_wXm@w+U%6eZwD$&#
zIzt{JIJ3`%H){YG0@iQKYzF+Z;XNXM4^T3!@F?T>76c*%YN1PZ`4^)zn4vmBy$Y>U
zq0SCf6ybh_|B1%@jdUDeGs_qvnl;XDL<%mCH5mgO$e2uX+R=a@!Xw;L$=2nEZkSW$
zC-4TWb1;Xe{8t0Y+v2&_C+HBD#5G*Nd-*htV35-BwT+CgLx0z4qpWV)XytQ-+%0ia
zMT)BrF3R;USg{5)1dsSxQt_hqwAP*m)~sn!D5kt0n?wE{vhRm{wkb)(xZDg2sZ?Su
z6aphDcY5!HvysIH6N*No)$6A`|AUV8>@KDM$yE#lI_t*mz%PcTmVjhP?@9-vv&d>|
zNO=h%K7#oAE4_(UbcgRcgypHlN{`PlEoqk!FKX<w@l^uUxEeg(ufGR29Rg<00&J<O
zcmb;XGJQ;s7@SHX*xoWhEqGrBFFe2qYs!=A4`?T*cj+PDoB;Xe41@Mx3<u2tZNLvg
zV99E6a6R)AdSTY)Lev1^7&NT8@!K$5@!wNA5#5P!<;svF)$z<ppWUx|weNOXhl|ER
zcFYdw6?o&pEDP8Br=sUk0S;qDEdI-E#{9F%kahfPfRZtQM~O&j7Kp(!dY3NGDR`iu
z$NlbFSn=K)2d)4uL@5I@BNq6R!yx7%WNqe+7}nBX`#eB2X&))|Ugp-DC8%c|x$fgD
z_Z3co5_-zj4-@~k(#(7k^O$%&Cal5gHb0{=?k4|G2e|+MXySNSomU9zL_Us0?w=cf
z*YDD+i>>jeD`DN%lruPENt;G76=iJ>`FqGFFdp~OW24kk8KEVPX^x?BEH4OYmk(v8
zbEw$SltP$XAe##R&qX<#HemBVVTHtpwW)WS0p{_xmwr3dliYn5ONX>wYn`d0-esc4
z&#X;NU4(8bn+~(|k(PEm&`=AGNj=O^6u|eWd){A69lnzljViaW!wPultLw%tT|s{P
z2YBDPG{_i|ZczdUJ4<iiwQn%KzQ3xO*5%-E_nvkTYDFZ11c*^W2SgzO;=aaMZS{o6
z_c^I{M>I8%)=pSPdpIq(f^y$o3w(SAME@8rb3Q2tp(Ys-<lIVtHJc8w=0k3h%e3)j
zIj1@OdUT)Gf!jV~JF@0mKC@*_^~q~|D49ZXow80l*LIEGR=eL3H(9M=(iu6~a37LQ
zZXMpqIr3L08xL0SUuHgrIGLz>6!;CN_^ddDqC82R9fc>UDbhIif)6ax4p?f<GZEvO
zG-&j=w9G_n@}~F+@v6W-WfccOShu=!7hq;O7o-9C=Kb&-&AG?OF1`RK+tZobiV<Tq
z&mJ`<O}y$TaB(9|oh$9ltnnR6Q+1&P`mL>blLE48HD8-9&+@d+>9e)Ml7B@ZnaW%!
zXxzp8>NnQcdej2*PoDCudR_J_(!I;3e+fGFt{qXviVF}O%TK^y{hWlsIxV0W;7t+B
zJtG(>%LtwEyEiJf*;Yjb4%P*0#`M3St?`VIQr}5l$r=@iRWH@S*k0m_>-kyUxR<4*
z=#*mf^gWs07bRZk6sDEF8kt&I){Mg^NtdC5HC&p@z$vb0E+RYs<#2Ox*3xYe$N;dG
zl8+Y$q2v*&X_E^T2<NP=J?62AW`7fQt<+Hs%xh=vb}oG0a1L*U8ZVCh=l;uD_F!?)
zqKR^gl&y6)+riq_Up*6^d@B~3Mkkx8E&|84OKf)VGJoCXpsk`EJ9_%eQUxg44%s}c
zGmy#-u)Ha%NHJD_?E6@9YZ=Da5k5X;#Au{S{!-c{)=VwU$$+O1h?Vs@e2vZL;a^nN
zZt8k;T;V%K1CJm1*d#@;LgM+Ix=3b?kj497NsQW2O~v-jvg#QY6SC!+N;9S+6Rpj1
zVS1i45vXIk$I+)N!W_fdq3;x}q?T+l$hAhNZ+Qvz-Tr(qq)E!ViAg({mx9L1^}PEF
z5wF1M@ui}qcY$GQpR%57e&0Rp0s|9WDRR#@-oFI+1ixgRndku9x}=XE?4MCLt&D7b
zhAfT^7zhzYp)&RUJ(zKG7+$EKx{c7s!EO)<O@A-Okj<yVOsswH&=jw@)BQz!x8{%Q
z?J9#Fg<2IgXrHvz9z?VqvdAp+xhjR@0<$Vb)u7`FgXqSoyccco=vQcY<badb(~A|&
z)jhCi%kct!VYzD@x7(G>JXh2E8Mb<c*vH6=U01`k-Do(x>)aG}eU#aD&W{xjV#Ga}
z^Izl4@`j2orznx8mTBDIh*;)rd=d2fuK0}P!}ktS7>)YoR~6Jm7d+^N5aZDzx+=Z*
z_A_!ivkAEzGIg^>onXGeM2Gx7w6`1f)+0bqS7ApxPyibb?>w`u<DYb(Q^NS3E2q-7
zUpAyLK0~_g0+TC;K99qwlk;3B&0Ke(0*8p5#XN}7J;mUwRw31pVJPQzCl8lZ6Q-CI
znbmJK7yGjFz}DF7VX&t0!?8TBSU=r9OjVEN7JIkvqAunI;a0bW4@?ylRQrm?Kp!x-
zH#RIdOw2UpA30^D*Iy@C82E!%lk|PJubT3gUBz%Ir1z-hxiIbUOz7>3TJov_)2S2>
z&MQ5t0&E54`jQIMtq&7i+Wxtk8_&I@ACFigIxY$*G#7D^vP$Eem`HDGs*)OJ!Ql(Y
znl=UNXW=WIy(9wS&%Zt0#89|KJTU-{WYk`G5F!x+v>ps`0IDqp$6Nj-T=aBZTtn&B
zk|NQ!eyn_mmed`&L-RU30Gxj{6k6|JPnPOyO7fd+y(huoaCO5-JodB4Iev7j!6s;=
zPd1l!8;NgYO(Dw3Wv>oiQlm+jTO0-w_m_<5lUDty*&R!zyc!isdfb*wL&z9;C0b@f
zhJ;Gwl-rUPM8APe*>_1=+kLo`H6~TP)sj{?ptLESBnPW1e#Dd3dYLV}M^j=j;HGQ8
zTnVQRa8grgNiaipYmQFR{RD*vY=$tlq=i;^YgmrpGMBALmaWW->7C1pc^O<AB@Skx
zsor?4w)xs*TeKAb{-W(>95Acr_2)8S_)8qjKV(2Kt4XikcZIy>x^^&b3mo(e77LeR
zkJTtJuj~(Fa1b<n=g(SQTt85NpM)h(=&BU#i>jUJThN-_9%|}Mg?0xITn0Ru5kPbO
zT1o2wx`y*I86RmQmwD8C4`B!{p7zA^gE<=$qCC5aICVQNJ<#kAiHS3gi2b^@gOTsP
zl-kX$^VDKTw+m1<vZOhlx~w!sh~!%k;n$+3JDy5)!ww}1^zVHOOi6_+@K$F2B<--j
zCorPKwWo2|)94#l2@wqVTe9O-(Is-Nz9bs05=O+;?9`Vp>kWhWo{58ADLuPHbST?o
z*nGmfWT9Y6&GkbVTqL)&waQrvjn0y@vndCI5(~K>3zna7PSY~?FDHo-C;Rd&BF5J;
z6<PJoMHO3D)oyB-IYYpl<t|@q+&D{Z1fy!5XXXTa@$83Jfp2ZHAfix+=nfgSm{_au
z@R~&luNIG_x;;KKe&ZemA#-QeabK#2<CRPXq*df&L6Zt*UEM)+&-q8K&9Vrgs5+#f
z5VdLsoAS;(CFay%^TG1^=0bB1C|ZsH5*F8j)`!Su$&2Qr@n$^n2wD^O?dBE<-;E9c
z(w{I_dP}w(C`3EVmd%JksCM`q{d!B$K6-r&xEk>-V{t9IEm;=g+E28|iaPlv@`bOM
ziUU9>VUiY_-|T3i3VhKWb(b#o^wdj{M-W2xmArHbaHQB5tL#jfvWLGsW#$t|c60D2
z#;{8<@l^|`zZ9h84z)LFHS<MJg>{Vsg`MCcJ)#u3uAsW3MT{byK9OsSkl8A7*{&ei
zr&P|&6Rt-2J|rd+5uD!)$`d`rZCmtdCS}~gn6Z$_3T6>fER0myY}GMnPlTP^Pm)do
z%ZN^d9vxe+JO)2LCbWNc@3nU$f81+YT)5G3-?s}Xn^lngf<g}VIbf5?>ev8UY1DPl
z5=4KiAIClAGHPZSEfU0Qn$HRiTq)gJPVdt!ne4|^ZChTl_YW`HV%`(({ICd#t0EWZ
z<V=yr#<s5Gc7b`riDqJkA#7<>wf1)O<EK%*zb603MV^I1ok2`;oe(bK6=Ea1NijO4
zpKrIJyEZjii2$m<dEMA*w3wQQr#Ia=tFdRYl2?~ukN_1E$gQp&qNpXz9py8uO_3e#
z$BV)x*IxXI;`;_Q+m;L*{WVLrm~V)7)Gb2{YRG-R+n<#;pSCcl<HjzxtF!RgYP~7&
z##oWXFN9`1!{1S7_(R*;vpxEKNrU<j+O7h~Q={C+KQcP+Bt$ij*1uX<)^0Tj5jhid
zT(iS7BKxUshUfNViI`VtzROK?4<)8)z(G#56JXgK5{+sn$kC6q9R1c%iSg+@BI|x|
z%jjHjzOIOQ(bxx7ihBR<IJovUP(PB!A6nMT6B>f3VhEy&N|r9a6WnFk<k|?bq;oDP
zO3bLC{NUdxI(O!W)3KHr_Y-wVl-y8XfU2Q^_zvl|YfO(6wc7<^#%VYnjDzgbDYQp%
z84dWLIjtBL7|P!dqGqkWb*2vHk|f+3!Lxd5#zsz@?OqsZV7bD}8Olei^_eD*et%=3
zW^%Ocps=@V7{Rte#J#9Uh@Y+%3CaUTYXuF<)$d0l>@k_uMpSS{O!p3k`VoU|fj=0#
z$VLkw>f{cPauRUEn0}0!1YTF?Ug9pt+h?2M@$T>o`{<-?hn2V~e`~XH0`;D^TMwx(
zvbQ-qp&8`zCO4TL*kRr7AUX%!A6kHjydW0u5+HI2AuD@WVy{!F$p@UwlLG7Gy53)u
zjo-MljNI_6xyQozfj8d$YD4)5V*i2NHUJF_0XrB1_RrAM?VTJ;n2B~(j+06Y`k`;1
z)EdsuqzUR<-+l2?2R)*$9nrpSU_UoL?l@=qre2jlbmnwn&sE#VN#>4fB2@Jx`w&!v
z=xzlg6yz&Z<%QHeIWtd(+N>Kx&zd+qrI(2Zh`%w6q*qN5S0iTBCEJ<$v-^XCFrBg&
z5BGA^O2drpa9B}FTa1}4j^8b-Z0a6l>xXB$3T#mH(}g%+;OsY<1MNVXax2QJ_EQtD
zyWG>!nYKpoP0rfrdFxrOq`gblSFW01x%*~vrUyymf|L&>FI;DV8#1Q2X}~epA)0bE
zrb~!%U&)iK#~H>4Kc&@fAFg_=Ei^AAeA%VS^MaUE)uk9ivu*mY3pLuXOU-eP_Jkkg
znnrJXx0U~ZZ!HI=NR$b^2m-z{ezvS1Xu{!kF3B3T3Fa;z=6tr~c<5YjrWrU7>CDDo
zQ+rm!;r>d$0D}OME3C$6@We@O1#-RjZ0fj$!+!tGDqlr?k2w5pSgnWe(kuVgb{6E6
z@di=QBH@RfFO=yP5w?}=6wRu^VdAc>!e0vMA@6o}YtkUjtpz-MAGs+Avm6Mst;9`O
zXvW!9gqDOsKC-Qt9(AZt#)}Wc7^l$~`dFOME>W`)dN&Agd1?!aOu?yjB@KEc+%1e3
zN~+WjxPN)Yg@nnF_`*$VGbQGv1y6o_DUBYHGM5}oF#q#|F;&XiH!ls1$Q#M5;UYnA
zAy0kYX2NlJHA-U5h&R4vm}r%vpk_kMtx{<RH3I`_L+c6d;I{CGGEEtYTJB43o!@9E
z@gkt+Z;}?k|5#qmv3ve-uSW&K@-!j)ai01F-I5#cPO*zc#>kaC%uv$c>|}tAGN`^z
zqC)Oup699$8myOJQQZ%J1wTueG?W5h-DYL4t;A;5hN&@&MD4fiYg3(td*`{Ii4LHH
z+ZA1e?#G1O9`7TbMWzvAZK4)j)}>Heyek23$Rp0YvxMWu5WSj3yn&P^Ow@~lW(hH+
zEfn&-_f7l?-1;>XmdtbGf*8XB&i9^2R9?t7{IIvB|3DS~&79tsyd;w^5XM8MNChml
z<$5=S*hnE6)jN1rlGlM9v(m*4Wpl(k^H3>E7%b24MSvzPlbjz71UZ1`G$jtZpX76#
zSA%nrvWz{ix33bwt4}yCDoshu67hz-5Hm7a6r@jx8B%hgx=n}o*}*}hdMMJK+6}W-
z*?ohqN$um<_8m23)*ml08cfp9=I+)Xf9xmem3!}cj2$tkl-2sFZGAi|>1f#Eq_1;@
zw2IEwU?mtBChMmYHr}W@b55J)EEDE0ho0`Hn25u_A!p?I^66$Nmljn6sMqvjYu>`R
zSsqw3;4mlLE;g%2WRI|&W9wCz4dIuex=WXiK#$i#%wY(?v)to?+AYC0Y+?HBBDBO~
zJBRZJhj)kBh0~*Xg%BKiV2tmARbVUu(kqsE3-Chtg!(>n;p73)4e`Jj><YG7Dcy^U
zAt!4E|H;eCKEoBuoGC{T;WoZ`J)%&AEed-t%Unpeyb-==Zw!G{2e+Z~S-=>2NBD9k
z9()N&z-MC~P!I%N{{z>JBlFzh9*Z&rT<(dw#mIy@aS<=_YP`g?KESFsJHe#|)um3q
zDA}*-PeQOf`z@`d7ze5TRo>jmKB`{2iKKBq%M9uyD(SA<jq*097y5FebQod|z!ZDi
zo0ww>tx#3h8#|+jMbFY1Uvv2C5;FO&$+Fm`?8m$twZC8HxW~UN;ApYxhS@hXWw<VE
z#~&+bwtU~zSdUc$?E_!xdgc)k)bd2O%me)Ywj9`ILfAt0C&}@8#R<zK<U}JvrP0%L
z55YH?FiJEK)B3Z_TVF_Q+1=f26Clq1hg?V{{J4#$%qEd#wQ&8cSST{R8d5?^&akx(
zZz7Rf(aDHOAzFDSS@8aTC;0MA&X7ImP|Ri(U}e|Rn>%f|`K|4L<55RE`*^r<QQ34p
z2?USp|6>;q8Mov5n6oSJL1WM+Umj+zcpWCk;apV5;xq;VXj(3jCQW*`6{3fSCbV3O
zWCB<#{&<ebBEe=6+L>k$&vDGp^tl0wp4S?^4eW-t3Xf^L#!=iBuuKj=jkYVVJGL7X
zUSw6Q9bEAVToV2BmjK{Wz9%<Qv+5|7^hOv;4glgG@_2<GCS9g*p1)c0rM?&*lrB2g
z&N6uVdGmjtzPDf${sInkQEG?zp{VDd&3R~FvU$GuOFIHhSvew`cJs4VYnRQpDsyHT
zbg~KL!HOv6y1PXmI@n8lDeZZPWi9(ybj@a#T!{EUwoK*(RcPq~CZ6-z572|RJV|@*
z0D{(jAjcICW;L@DMN|>g;Dt*h%wG=vKPQi5Nd((HCiG?q_ZJGX(a0Dftw}m>q`tPK
z0=RZ0MIK-9?Ftxe#)OS2D~ZK4?<x8dc0=d~G1X+>R=T}^&4;Kqwt#TCw>GH}jT|iE
zhEaY=k>DKNOYKMb?^giwgvsIvc6&@wknec3CXE|6O9*bt!(a9Q`<>+37+F)Lyc)&P
ziDBu~jO-7r2sGsbks;jR(}h33a)0Sm$v6+?Jsz0T59A37G2LJ?<6>@DTV)9aZPxmq
z#gvfhoX|}L4|rdH{Yk^B`8hq+zb$e|yBo+X&12>(4J##Sy#uy2g`L5oy2rcWZZnqY
ziMyZ=Isvox#6^1`*-@l)4oK<1TJ>d$v{sgzU)z`tQdUce1+q45BS|-x3n+5-Kgddu
zq$hT9%St)@^3N33y1<d6(2ve!+be7cevB#lDnD&*LDw{!VfNZgic_iOlwelDQwcDW
zZ6P+5#j+}tK{vjteXX7m)g^9}b5-~GT=UKzWOSDVh(gH&{?9^?|Mx<!AN|aVU0bj+
zFY6#rU?AH(RKztA&|SzjOqIFhi6@6(L0|A$oaXeV><)pp4?9s*V~&bSP3`=HU3F;%
zA@LE+3)+os1?nOx($en;ZxtuyigDV4svmi43x;ETW)2K4;ESs9qwIY%_Mp5w{I^&2
z_t8vQsQ30svSLsI0NM4sW4|I-EKGmMAB4<uxzPr3M-OBd6ck$?xH)5KYQs?@w)S44
zTiY!{B}~7d9~%)07r(|{n@Y>I_VczevAgF1<k}>%T&O!{n`|djAthrbz`f;d((X?t
zo&IP0^rt=0!zj}2r;s^mI&|p$;Iilz4!M-e*mS!=GzUz;Zt&ouQzWvk>;FMB_-T)6
z@)-h~>=JoA?(fPW_>g1PqEE`}KnfxyHw+*Fy(su-LQuFPHV~Wyo^ncHYF)d@Nonht
zr<bw<f>wEw6Vi%~^UGBE5+BUJl0D4hOL;lOFdZbe$FpFk$o#TT-`NX$uN|q>P7D;e
zeiry;Tp3re=8_WbhfANHFxX7?Ix&zN-O^+a7E1G-?=BA0pOXUhOpfdQs8YK!9-k@2
z9Gn~rCI!41g_Ok@7Sur0F%<lp>K5q_?5h=D+W4%Fk8iD@9-k>DY)1+#L>iNvN;P<&
zYy#hZ8mE(U0M#xXbs(8@0)?WYRTC`0g3+T3U97OQ8E^imiBKzXu;V?2c+ze(;~=?~
zEPtzBDnjQ46|&Nk=%|Z*Vv%As1@gBk+)V8Iiv{RNq1OL&r-(2EG3%qhbVvI^z`JT_
zKc7tD^lmRtvPoz3v<Xu#^-cerobOW*qHQMi(RK)+O;-7B-%1fX^$7Xr8K`tDN&aQb
z=7yZ-^b_>zcTef0$pJ?Qou2Ar7Ouhv{e&KL{EJRo825gJ`ib;njv)yK2U4JF93ych
zWYXLFF2O|}{V^R~JQC@oF7Cp=Ovkwf7TiIR7U#@@y+rk}t`-IFH{J3OOb%F7@OgXP
z5w*Leely;nb<)1mgs0GOKx;F-qnTGe7uc9TkC6UQd?k6lsCbsLZtdY|m0nas(lKaf
z(D87o&}G3%Trjk1nw2&V^~Jx!nD_OVNnSU^hgYpbgtLYbQuWX4hWNxOOSSKR)0uP*
z2~mG!H+fAwX%Hz-8Mij>*#`Kyz}gbSi59Rkes7NVQJge?oQH#30KE0e$lHGVF}-gu
zB08rkvk*KP^<4`@!5o#Low4_i_PGAww{9fZ<pSO(`5|g7#w=hxgim&3k@m4oZ59pt
zr$@^&{sv>hf#R}!Yn<;d$4@dQ1rOP?)~!u5?T&m1-kE16M{cd?`3HbkCHK+mqAdpd
zc~?J#7~NaRA`ipW;}=*L?&vBD7?`6-ssH%|0<EhVj)0wb(ocQv^^yVXnG8gM!iV^;
zbL47UYek1&>~P#m_{o&xcuJsrTKfuU<+90cDyY~rP|-deo|H?`{k&-@a4CuasXov=
zEfk#6Ti_=s9`^u#+6!>#{p1e>4&Pedon_B<Dlw4TP5P1-@k^}vUbo8~akY>v@$PE8
z!Cw%5N-Tsz=26?v`B4V#@H)Q#`~S2y(@mQWF(y!`lrzg2j`A*&tiXaXRk~lRNb=|K
zCZSTX1(Wj>HHy_)q0**HoP7mA=ZNwit>`+3+Z>qnS=SdN`9jiJaBrc#&|cm!6Y;7n
zdOcQQuw9Q4lk2el991f0$w7CBNS?y^Ez}9NY--uPU^n+9WAawas31A$>%AK(EH}D8
z?hfjE%&>p8<@>3b#KzT*BJrpG8d328cDpa4fIEy+7_-gWhYpL$<)3ZcjU!Iu?|>)O
z9n3Uo`KG->GbWA!V^N#w4+Pc>kd8CO{<06lU9e(22tl!A-xUxbu+JDmRTJ6z$R$O&
zFRq4)sjAoWakI&vZL3qw=izasTlX>#ME5t0X5QX+$X<4VA|;(!G9Mud8I}up8<(Ze
zLt{0RVoNX{y3J`a9u|`Oxf+n1Bx36bC4h1Y8{^!8JYA5|^q^-F+_Z4;5z@516x8X<
z*ZX04Hd$=!yAVRgEss7DsXH2q8|=4Ww0F8b7>0V?ZbNGci0Y~K!4<?zCV^_UO&7>~
z{oK&sh3x)~1zjL^?P4-T2FGea-Wr0yObmluJSsbTB9v4h0Jv9~<5GVvh`C@4Ln4Af
z4NA>(zd35D@_0B(wSRIkzo^;#R*~ASj&3dtjVszr)kfeD*y4Er!3jOXHWvgZYW(*T
zf8m60C&n?%@BX8>23^6pAH`+LE{-CnZ^rPeA6%>5+4R|-H2-L(8`m$Az8$nF0fEYE
z<y`=&k{>s?KvR!&{BzFc{*hNv;T@L+J?Xn&JHCj&Z?qQ_=B|aRaQi={I>>LPE&r_A
z6ddZ>Vme9;=Sh5a7#<TSdb-vTG|q$(I*N)-fjM%^x*v)BDL78hoC(SgOsefo;+1;x
zD-wC1PZJ{mC273#Z`?WhS&!yPCmk4j*M=_#l>Q31rV)%jl3S->cnWn^I~Y~%bJ2(g
zFd+-q_GUlAz<_pHoA8?e@tA1z0w!Zq=`BpnXXQk&?9DCv4a{CnM|{x1f;EIOA-6}^
zGR*MavqD;DoI)E>PhuJ3!Lqi{skYRO5bq<W)lDH?BO{u8SLMFU=hgQ+0JbncTIo(P
z${S<-6A#zLQy65_PEUb|)r5@2lz-}nD6j$t0d8BesLPjqs(v?xoJtyVEO*Mx?%v!_
zhKEg&1{sZed~&U44~a)dy`n#z-M{I3JzgF*BqX17>hUF`ili2@KD`R0fLyXA%a;G4
z;rHm{L(xa^fmlZ1HK3;9JNXoCB>P?+qjGKNPDr6UFcPw0kcsd9w_xb5gXr4C-yj0r
z!C+D6KlvaEfT5<JH48|b1I;iFx^cn96hD!Kx5RK;mf2Eyo#+A^Ah(TM1D5Em@Pl`?
zN$Wfexj2{SAtg`+_z(zp=plV~g+Lfak_7@`pgdYcujgjCxs&AMU?Lp7=B7!YL6z{?
za%GY~jsX$=HGI5&|34vV5C8QX{L`c&{1Qgd4qr=Y4;TXd^q4{$%$?WRD;mQ^fO-`n
zw1O8(%lLfJt5LMr?Tt;fg#DBkTmQxVE}iR_-?C3hRf#vHkanj=Uh@Uax_H@~1b`is
z2glmddHn(OEk$z;DoQgyJrv_ql1~$wcC-jLqI!=S8uIH+Bkk=V%Z6|5@}ih`tV?i~
z#MZ)pxDSrgHt*@umU8}kGcrRk(J)3lvV0Sw161kdaf(Q>S$?bLIHIqoP|)0b%uOr*
zQw2}F%lIu~PL$c_WV0clrc@g8t^{ephLXZ3d4Snth{;oUT$HV#+5SXj!Fmn6_oPz3
z_@Q$Y)tKt)NX&!d$#nNRuOq~}-VQuHa3q$NO{T?Vzix`lLL&~hn_|H_iS|12Av2`8
zy015w_uw3YElFE2X2RdO7F{Y5@U*uZIObS?O)_ydN;%{Xz;)eTj3eBsLn(FAgo*Od
z3ee2jfVGKeC*OU{<IRxuSG+q$UU>QXrZqXhskurvP4hvigSJk9!J*D*#IcxU$98VD
zHuB*$Yta2+9uJXMz1{V+b^z}R2yD80m?x7R6&M#}y^lLK-r>_CJCKrv$8k0Lo~d?i
zPaBamV+tM~h=39!Q}`!)HZUbXcA6wcR>C+Cq4yaq9+W+RKled$2h#)J2BmKL9OCR<
z{)Ww)oV#HglqWs^KK;9|!!_Qx`Yk%RA!v>8?MghBcg1s|w|d*aJ<V!Q0C<|~hA7X)
zoUW>c4qXsiU6p~gV`#Yy_BGLnXZlQLgwhH~7BFM#rL`h1s<%s@p|+Jg3mpp+9ua2r
z+J8e~C{q8W#5ee>c*><MZl$hJkDcV7&>2dBztRd*l#-%WIMIlGdhBa~4;Haah*wy-
z>qctsLQGD-sOe+Op_Pmf*xRP!mCWg`jqTg;9%^eD9@<rUgSAZB9eylHcGxNcZ{)@c
zC-!BIZ|yU{(2g$%CjxjxK@o<$4rY_aj8^F_^>{2v921%=AO|z-u>!4&H7SRz<xFFS
zba67nv;yhE$O<-g-k7OHum=%78&-OY@IU7}e2L(edY#Oc{8s!=v3p}wxPEN0Zg8Ly
zXIn;{*9ONh$k!4vg|BUHfNCY6lnINV3PWv~q>61&=9p#3j%mcI<Jvys(L`hMl!t8k
zsdX8-^rgXUZf>cpVn3(7O>O&|;60i0>=mjd`;~yK2gi`v?%Sdc#2@u`(X#^rvT3hA
zvwOuHU#1uG%ETb}8C8PI4n!141E=ZmbR#-Am`&M1L!pv?=P7{dRJ0+pF76=-Cl>pK
z8IRguHyo>cr`3IwN!MPG(16!MPn#UjEy}uq&yfnGpLBV~$}N!X)SETNBz<)@;cyzc
zIuIcaZr<N#3pkh_0XLjlI2`-_q}%*4yX~pl&{91J?v=(&Kem0ZRGql}!HvZr^J5xX
zgB|Cbws7zYhy*a-bu5;d%Gsu)pW&WVKienWb;hY-9-}Zep}?(;7TM})PKub#`Qu=_
zN(Q4f=wzZ5wBq04d<%WYZREYVc-_HrP*e^C@&uZepTZ1TExjK~(+#4=3&>lcpkY1A
zRms>*v)4k;Ga$P!q1|XPx<P_VyZn0a@#^vdsDN~+{Vw9=eR48?Gig(<7B$?q>3*re
zbV=HvwO2dE8&G~UK_hdzoL>?VS9nV?GdCciL_{NF<;ON|iMi}s)=oWw+&J>igu)T-
zN|BKQbFXDI=57FF_Wxr^;z|#D5=y0Eb|>V7N(-!A=N7H!UDy0SFix-miZuW9sUB2J
zNmQ(37Qb6~hxW9wTP(eiV%?Q_#ym83no_a%GU5jKJC5yDw|iavM&0_NGzca8ysgZp
zN>B1?S8K*#`S?-2_Zd&W4hifF<IbLZc}#f6zcE?HWctsR-%_MDprW{;$=2N#9C(S|
zO9}_t)V+7{GQMIkNl_99_9YgZGAM5RFu3PRP*L0=^K$>mSaTN%)vYke)j>?m1I;P%
zNe67nrX}3Qhy}wn`AFYfc#hGi&bon?DZ~zg=k}~To}f{r<#j8e^cvxoqBQYXw2r!q
zCaIXqZtM*8Y9sO4l40-j<G0A{Yn>m3?X%b=;ES^#WYvAZn2G*$cs>cdiT<gGv?V0@
zfS(@vSMuTd+j}QfcZOZWuU$%X$?wNfBW#suhFEL9=?3?tsQ*g@HzWf`%rz6EtToDb
zd1ylH&&^)S2Dg{8*)VBv>pF6#?L4Kx%2rirC}Q$-@+{18+U9M}=%v<zW?a-_mR?>?
zC7^-s9$@yuasQ-+(h7xZ(2ttFY-tGz>=1#%mLM7BE%*x9W&s^&ZPuca4dW~pCY_4p
zH2bW;Mk3}Tkas8DBZKYsIxE`5z@Jms7CZ^Zf}0yhB822o_dj)hnfaaC$?7iaK!wc1
z>~q`hl}!;&B=B4;kh%tTuL7E;OCue<&>RaATbCw>?-eW1M^rX!N|l~hz&$mPjqXZ9
z-Gl?_Wb0jdT?nN72Wz26LOuAc9`dAw+R?YVu>%eVO)ZwCDAlpyf;6`nCM83Q2!BX>
z%YWlc_+r5UPTH9P5PSI)c^^@g$kv(ZY*H-Pqa5Ap)mPLHBnft&PpWw8Wo1`ZFruw>
zrY^`jGQw+;*%~t6I}~gw6X!?TO+7fA?3(iF;GS<ADVJWc6eULtaDoU=7z7PSh$EbA
z*%rvBme@ue25%_#_vwdg-^!$P?4V)yj@o~P6(H?a5rE7R`Lkcsa+;Q3U79k?i;xiC
z0!X<>!S+mDVdL;$tlKHRMiG4<`vN(r9j;Ey<(Trq{zQuFEg7qPxi|)&X7P13PP~90
z5=*8>h1{Zpvm&yNfX8N@k*CIG6;EsAwqDQ9`IPY{PSEBt!_HTdbQ>qz&Uy0R3%a<*
z&eWjMz*}fDhkbe>-H#1MIPerwRIZ5%01>_;T)K_OKdjv>7;FR4mJLK(4sf}&+pm=~
zCKc3@B^qQq4W*vMyvU8s<cT9~Uf6Cr?gYCW=RLGWG%5OGiE87jRIs0JpMV8_L{@2e
z_~?0*)78FN4u3CQ-pu2%0VNV*Ij1+<C1{aFoS@8Oc~^7Nz_nkji52NUe4q$p$^~&&
zVC(}$R69Q?1bxeu?oYgfcdADzBWX|xvL$=^m~wji5G<!dD-EalyFpD)7#?r{Wejga
z`TA011Daz~K10hey_qXEZ97rzD)cJoZRGkoww67&8MmZv&Pd*LjG)e%0dkzMur_AB
z(F+O0X(c{_0#YQ$5TrAfeM<ac3MVMK=X#)&5D=tEpqX#{-aGM}u@)h|lY-G<{uB%6
zpoH1%oLWK)hvNSkr28MgX*j-8I@p7P@Ec3r+f+s4nrhMaZVt?KZ&x~Ov_(?ukeXVI
zB2ngmX=Jz+i80+Sx6VH8j|e&uH?)C88NhAQ#G4lI&%4C#-wfz?UJdJuWmU+|k@xr|
ztVEPfw&8Oc0Wq8)(c>-r5+U9E6334z50R<X<rIl+0^PL~V@o4fAJe3QAL#LATx`St
zOB@^=>gG?38ssbE8B9RRY|;&uS<bJ=d(!<GEZjk7qd)BfT9?1f5SIYfXbk3(!33Q<
zKBQ)%H&-<q-Bn$!T6Ob7r7Lv_=uSq}ja5P&DtEP2E>+&w?S47^gZ4UBG6XS|HQm}D
zvyh#P9dghn0y)E)<q-}9Nz##>5E<FVSYz(VO+*U!KX?zYsxFBPxtgz%GQFm8h@nNE
z2>g#Js7M%rIX5@P_+$MsDM+bO62`a$Q;s#-J{8WnI=jbi>AFJ8P?zDx^2_Tsc+6j=
z$DQDEhjp;#)9tx!<>UcN#xl2Y*Q|FX(+<mOw|wO;x3La1{zdOqoyv$tv|CB42@Y+T
z-<XN7lKAFVIOjLLCfFcQROr7+4uMJ+S83p2&rP~CtVXj4v2P+y=E*l@^HRtS*5W{O
zdV4_DqpR>7HxZ13w!)u?E*L@mT&w+*d05WU2Peg|0tDS=Z%98ey9Zo2f<_Q5D9PCE
zRqAP4U4o#iDaQ_IGL|0=yJkBn8Fpw^yQ3+$9u0M%jj{Apmz=k2=bYbNorbVZSOJhK
zDDC2w7dn@Z0m;4h68{l<&*??n+2~cAG9G0lKl_t_*xSAcE@-zZ46*DLs#fo$rGtfS
zkCL+I)QmGan@D!QXg;g&LMa(4Q)I=wJB<vw9XZ~0Eslj<%Z2Du1jSR76I&C;w2)9*
zdXHAWVxupVi78b#0T{rl<~+iS<?5s+`l)=rq|U<b3OUSIr1#3)NXazACx_L=|KU=Q
zP;h~xPG$kbr*nYMJ&NM&>;0DZW4yQA*VLu*zF-m0-G*Eb?=7Z6-RE-cT6vwxoJX}b
zwA2P3c7%lD!p$vvd}SH~Z)TzxM?2vetpM>>5XF)9PDsAg+t^q<0aEkiFYcsqkweKS
z$P@WQOCs?i-s;^B2zX-e{>%9Lqfs1na#KK@wS5HPS+W}#I${>ZWH)2Z`7_lBtg)w4
z+$G-%-HBf(`zJMLtJ=3o!&*>A<YgVr{wvxsR<sV;0>g`MHeL|G1}D83zvfMp_;X1&
zb*Pi%w4to=wVjl-_1RvA-`)s)cFXdtM>{sFj3VZoPg>B1(gTLeGGiYMqdD)YMmj3(
z?tk4~wehn*l#t$7b|rQq-YB)qZDCr%y!%<wJ1omr!ccmKNnK4dMnkf`oSzpK7kNf8
zGyPpc43CBc(uctjS?srlLNx;x6tboqb6d62ep~HU%SkaU)D9BpDCA#+`qDUxi{0%>
zh(V|Ykjtjii*$pYPP`1Dbz&2H@@c&V|9TlbD3eoFX#Ac*9S*(EA9?;=Rjl#@KPoy0
zjTfjJO5;s(6k}`Mv<RLU-nz(PZdhIzV<clMZ0mdEJ*Y~nx+!{!#u+C3TK@9nq;Cu;
zKNB3G@!g&695MeSAn6aY!_G$Y!ju6#166+9YT`QR+z&=@aU(jB8c^SvwAl^(vz+hb
zf<I!X^+;|AC5&ceKETup^IzX~W)dBy_*GxlzW<@E6te%}we(wg%s~`A4&ZR-F{dqr
z&(ZFA>ifM=(iXZ%=_KozJ#~7vu30~is(4micO-ODaOZ)TZ3GDK0R8Xf2mY!mVh%t9
z4m-I4aVHjIMB!Nlp|>lFLCkvt^$B=|GNkW=su_taO2td@ooZlz+(2U<Yj)~<DU`M1
z%XiDTA3VrHYgIqB=>pjKlKeYP{E?&Xjt5t|j`6Z*9>3m>ubj@Oi`FT*>t887p6%k+
zRiNv1eS9dAC0Sd!?c7KLzMe=GLH!iG8WwlqAXtW!+zEya4MEDj1VIGLNv~dW+UBlZ
z&HZ@Spcamx*Y8Trs_I(CeBhZNh3?iC8W;1&h??bt!y!f#{+AJvf1@RK$T7ly=QVFK
zX-2=R?TO?}UV3P3A||BNVWe|<Tac;v_-mO{(rH!(Xc*~~V^aa^HBq!aep`)t?GbH^
zKifQ7Ho51mbM$1uw<vqn+L*LC`!YjM9{TxHC+}v>bA@Rt(ZdlKS5R&2fO&nH7{ZpF
zFAO`(5I%a@B8IS~s(7#9n@X}8`TTUZ%B``x^zhHJ7_Dn}8S}3R;I@gW|J{he&%mw|
zNcw#5GlVQLUvg3-@6qQIFR~;)6)FMdp0L6q4{t|gl#uq-t@1Sn@Co1)wu4j`0!#+K
zq4rv2O+Qy-I{Aho(55|Uc5Kh8ju3Bjh-i(3*tpiwj(ZpJY+k%kNVU@K{`3XuBBB$v
z!z#wix(c)lH>p8-AG=(lRK2G48K7Sc<;HWHJ>HK0BNcq-bPiibQW4u<?t%Xf=AfrP
z1vk=Wvf_pP936G~+Vfcxx-ngzi|3h>KnM)sMNlUNE(7)|cxWF?Vxd*?kp9$4e}U|U
z`nA_nel`u&+#OVW^Z}Zkhj{MVR(_U}Uxq6o#-Ql))$31&kpKzeKIEOZ$P1A-wxq&P
z+zG#I<+1;miPWJ_>c%_yE4&*KjzEO1a>#>PU(j0vpq+o5dwiU+a&xii@KBBtjiCVT
z;t~YV(fBs-ZSJ8P;*rrQA)5n7N1Bk=a_Wu+)_vMrC=V!m2F@?XvnMB#yrr}!)NdyS
zsHabW`#DL6I=n$@9^$lXM9YsDEqHEaArb_fW5`-jNK7c|bm_%Ib-f4lrgEc@s0*`)
zoh8;kQJ3fr63dyi0GZfjE&_#jbx9#?A3Q?e8bUf&wk=CJ+BxwKP*+^LWxJ1bmRw6=
zIM6L>A4}SO?dUEhZT4_e!*d-OK%R2P2h3chv?tZU6VznWCx6K@i$_DolkRzqc&PyI
z%}8m++O$P*_3;K@6<sqJ&R3ju8&<n#`zfAOmiNzwAKgiEIh`iV8+*i+^6}m5Uy^v?
zky=GIoEM%)ZG6(&Sm!nk<Q>th1p{MT(yX$o8s0YRR;9{Dc1#5Ty3<1+(J1ln68N?G
zqhhf|mBftO;Kjn<lG;`PXX<j}vai|5{8z=Q2a;=+H#ah$l)%($X$R<!4j({9AJb?o
z)NIJhr1~`iTXz#i_HM%~N5aYHAi+uXUU!gHBvl#HN^9Kwy7terajvg5lV?(1Jf&@)
z3LiT<!%u)ixyPS?QYSp)Xt}^X7<a_QiKJ+}(9Fqn)JQw)c3yVjjmG9e)A;)O=qSNt
z($iayl&rZav6O>7_f)Q`sv}QY_r(%Z?|H-3qt&b6*$3^Dqo^K<OYr#QXJrMI!S&8H
z((SuxQh4u;*siYzs@#yLpQ{d(=*JuMiG^=$G3F`xmD7rVz#lD>kDhz9^v<ju4H<RP
zOC@ouk*CP667zim|J78LH^bz*;~X#l=wmAK#~mG1^e%cMNPU&%q|$<^MosaQ8@A-V
zd{RCdO=7N$I1^X2PU7USHIJElU!`aid^?1$v#HTE@?)kH3{S%-YO)cV5l(ex`30vV
z6OgN5`($VLWv<UmAu3zM?J#sot*?mLwjdRH4{g^uJ4l%Vg?mCRM|dO974+eccPy~u
zY^o5&o$@G#?eZ~Sf|?Q2Omc^jA^h{Nv*NTo(&zJ>-5TC#mWk!naFmnz$QPxfJeH9i
z?vW*Kr^p4LxU|E=GHR~QBy(LLoAkk4xK1U?%j;Oj=0|?8gCOca=htDT1yycwn9MIJ
zyprNs@0+Vg$M^-9z8CxY5i}ik0n<d@a_Fj;M`SnR(~wjxY&p+;-ZPHP^-}Tk{n`1v
zKlf`^mbqQl52f1Z$C1RxNBSLHjie|?F_Mi{Xbthh6?)ofR@b>6FfT@cwXO#~h3v4B
ziwydT-eMZ+fIA5P<O8$;4{`X7E%O3pxB6m4zN2T7k#jQZq|+QM{}W$gkhkdrDIRU_
zkOv6=zxv!0r*8EqZmuUWEt`)~lC7keN201fOSutcJjyJ}4p^%1W7s*6uF{<2%&(;M
zcTmw)OdazI0m>Cm-X`OzjF<Z0rY6?PT<<32)wf!gb#?`dNiGh-k&8V1YPwS^{;lh+
z?o+eNla+KvAHT8^SfY%84<s^wtQs`X*DVZ%Yjk|}__4hzL2$m06r@;uLPiuaF6zKT
zJbv>gr-d|f-yM{Cf@xZLzK_X7F=5Xoor32^yK8;S3Sb6^B-^Jv&|Xp_i8=i7$g1<v
zQcn~vPSC&37*ZtGzoVEzSI5E(t<N|6bfhnFm>rHdSChx-Z_<W29b=z2TB@#kel*=z
z7o@I0nxHnId%cY49vzoCA~P`;f>2MZwWItn<0ikH<g!z&llj#cshqw1S-zaWjXe)w
z=&&qU+&YdsOOR0wG>Ug_`DvMkNXwdaabt|#3CXw`H-=n5swRztusgkw)Y0hH-e0LQ
zV#n+<GdXY@8Ef>Y29l)Q?bPxQsDZZsTZ<GYM4c$^!Y8qD%a7_(sRWp2BjvG(0<BB+
zZ3dc_j?(N0n(iH@Ytrw4lLr;Do|!Yv&c*Zhk#`TrjxJqXBsxT!_qn4*q(qlwjV%)5
zE_W7uN5}Fz+=7yK^Pg_6<p&(AjD6E4h^rZMO&?8GE$xm6So%JkDj4?{7$?hp(9&e`
zi~4@l#IC>YVO=11Lxf;t(`T`EN`I4P=W39G<aCGYtD#g?BRE|mr(R{U%$e-Xcr4Yr
zrfpS}fn?()U{k(&+;)2oz6pt><p>@j9x~|+JWzYq>e8Z(BDAzLKCUL3Jjm!+Zg+re
z{6tJU8IX;iXt&)#$9*H|hZz(LAhw?T8nhl!B96V5{92&pSAU!ThY6+eDzfkU`N0~-
zw={P@i=Xp?T)%3>-?$#9eDXtEJuhl<l+)@J|MF00XL#+-+b}a$Zw&)uwl2y4<&H`>
zdJoP!zAPt!Y&hLbz?5}jHso_-hy7(QQvP*!{jD7_!M}T^fBo4OFvP3jb1gRO{t-^P
zkR3t|U$DuC>NA~Prs}CvU0jG9Z5(-Y=63T>x<0m8pj98CFkC;=wQP2K5PPB=c2F@P
zY8Bm@?0!F-_cSkPp^e=A&KrsMfTL|WnjJ!sB(X`Gd=Q8h=9n`0{z{3@!E-Q?H+=`B
z9saL-E$|I+xzNwzmU$La^5is=E&xF!_{Q`joMwZBH40qIL^iMVd(r;E%2QDU&Pyjt
zwTK2|y$$fjyoDTF5e+u%{2B<#fn~Kpx-yQ1GMB7H9d8b%w(B3I5%wM9E-EESx%1VX
zEo&2espQX<oWvuJlzI$<gHR^NN)f1-#xN6yH^5(VKl{Q=@S=epV7GpT`V?`yq>PFb
zJ_-d%!zxVt<i3XCb5xc6hJtC^{YP^!FNd!tc-@8`qriiX3n`cA6f-z4>f)So?OcZ#
zzCSnC<gH#mp&PtObV;JSQ@zjr+_NvD>~%{FD)gx%J;*Jg?;k{|D>1z`=S@PjgyI3j
z9K1Q-%ItANe*FYfe;(x5vmJy&?i-GzQW|%BVqJyT+t^19ZBI&JU{AE<*JaO?r`BCE
zv7;HOXvMzyngf0uZFlPmVnEyCXLR~*Aosk?&*;vR^~J0bd5ga?3Z{h@>PO>G(%E9<
ztNdNo%w_UXEiq9+M48rZMjx1#;(FkJC1K6{2tzk7)^C$u|At|#CLSsfjAmpe7|QTz
zl<!GpH6Di#4!+E$kFA#OlAGp2A)Tm$W%Xx10Xq$(C3ro-7hlOVz)H9^Tly<2$S7TW
z;Qpx4&7ynU7ry-65(U2_6S93RGTNdn4YKHFb^Clhj4(q9bZZYu9!dbT@?(-(t&c5U
z!!;rk!~9!{G1JY+iC_KVV$iMJO;#PYhtG`bS06Tv&uobyd^MWg)9!VuS1wXFSo8pw
zo`MW&VQIZiY>%$_ktx%byLeTSuuuI-whatAJ;tuL2#aEgFk)u9QVkCq(v#hH^-aS~
z9r1}HD$;@wspLO5CdALsPLE&K>*;YX5Mt9p*r;0Y^eeH?(NfohuTGpdHwLCo@VX_l
zU`rTf_9DRt_7>|I{o0mM?(y=c^TbfH*5R}5R7n`tkdmtNLeUZ*zUUR<eA<!@47?0i
zm#I1G)GVD-9ZANQV0Tv+)#ugKmt#I&8osZAIH_2i^{=Acs_DPG-|bPRpW+We9KF@5
zc^A;KiBiJh_rD-I9I2F00ZYXtpwd{5Hf!^of_K#6-kG|7AYj_2Nd|3HwPiS1@^5wu
zc#j&}A*2EZKB-8+J^C8z$f_uk4;f}jt3Xc1Y>QMw8;{OU^WalQny5rVZ=kHER}zoW
z4P<4J+{%k`OrTIP&cDvZek3*#f9A3&=d?32rJNP<GY9W4ofdLN{%pXCKZdPcyyTL`
zel<p)8)A3FRem8jIDEwq^UAh#cL*T;b80Ceb&T%VIv2ey_L)`6_{K&)UxJ}r3b7OQ
zQl)XGD?6<cQzgl#$O-BG`BzW!sd>24_xgR;$qigj_S#IRCtby4<w>{yN7Yw_#knl)
z0s(@%y99Ta;O_3h-GaLf!QEkS4est1+(TgS;1WEz!<n`BUdewh=IWd0sqVL=yQ}N1
zzA;+45K6y(K|G`qbdRM}zcJ>X3pbo8)ymAc`)o{h{t15cspq<D2It7+aZ2z?4Uo%m
z=F-ou9Hxu5_c$b&eg`>yUGV4H|BkqX<-RjRh~L;_Wx)G3*WRzVmDIm{L$Cj-vNlb>
z?`D4W3-x12L*eqFQx(Z>F33I1<v7dFwng<&*Sq`OPu_l2!T!b<b*79MM{dPF_wSL@
zTR-t<?qr+fUk~KOa-z!sQR_F|^_kkp1PtsqF_q_^Uc3z#t%QD&f~XeaJ77gHrS_4X
z@&Vhf<#!&ML-oEKhMx`(ty``Syt`i@US?h0A!&KtiZ=R2G*veUxwqjhi{c>T_+g_}
zq$_S-F4{gmudcQd(%r7|pq?7|7Y(P}^mhA~UCv37te<h4PK@6IW(Or+RUG7B8p011
z$M&<(38~q;dG?r`nDS;wF&gxOs$;}dy(o4k7djmTxxSc|{}#i6O>F9(Y<Yn&<cD`^
z!T5KHcvpE^m)gHErS$`Hq$<r?V9fTw=sy7IoqD-0oz`eBoJ?8Ly>ve3>({tz<Wz?b
zZ}%Lj0)TWckCk3YzLhU{3zfCKN1E6i>)<^QKAG3!PvnQ$^}GYeju8!#UU`G6>2Yq$
zs>Nj{ZS90rp^b)FI#Lyq+~tjX8ZQo<vwYF|@XICrm<-3GFP1>E@|<oV&x6ImhK;JD
zV}(lThvCNxyAjacgVP!?BS6s4nq^ZIp<BQo&}PqN$56tljCRkF`7&@5CMw?7ip%3-
zQBoFj)bTX*n%PH%R>op)|NCQ>7P6BbmySfGT6L)~)Z}7GW$mtl;P&17l5<91TIlUN
zUPMAP#;Uw!wflhaE)m+^I|_e@%ml_s@xx-nU!{=xCp>++e=dWNpL+(r!2$q0i1P1=
zu6zqGM%EZ{K~ydq8R3ujgU_~OH~PxmAHyP4J+!baw2Y=-o3Y<6&-~A63&C70t*O+l
z_b{5S5B2n)HrBN1Z9owv{B(q8C(fW7v=+4uOh}x}wgR6oq|)H%av|Cn?ol^;e-cpJ
z{F}M{mY!y+cVDZDxv7Wv1|Lv&gL^BRStRuc(=wgfl!^OvP&XB@y&sX}I~%ZZ^RCZW
zJlvJxWupF^>(%SI92ExNY$0#I%(rUBodeiK*DL#iW+$EC^HX|}@O0fim?*QO%7<As
z^P<<A#Em4(k@1*x-_GamOl}bsyCiL?yQisTO+wIWc~KeS#g3f}SO>Uxd-j>`w|C*|
z8{0ERZ&zq8c>&PG-G#Sq8x23RZ0Lcei*+(uqbE+3T#Y`(rc$E95T&8O>F~=nHvI;D
z7fyamm1Cx))^h0g!V6tPEEIs-#P|V;B46~c5C2yA)%T-+16h6!a)bl{%RpeKfc4F%
zrgS~Wp#b5A2ylNb?JBYF02Ht+nt`Ht&HE{+T$_iV@SpO9E}=n5!o<3j=Fo<2^^WO*
zp_Iwdn`P_Os;n}raXZ0#LA-$u-1yTDNnf%Ub_Yxi`zr16S0nH<u1p5Bd<>o)K`#%|
z0X;<W1$j__^gUApZ!^0?=c}TnUl~ItyG;n&>tqwO(%m!*7O#bfURm43ilD<QEGd6!
zAjV40$4X`pma`w@-AMAVhNMR=(B2J_mTous(SV)jXslxXbmP-aRG96BqJ!cr^74yu
zN1UF&n)a1`)!oG5P(?Se+YOQm(X2i32$=5=Em$uPJaq%VQFgw6eHdtlN`_#OcL9+J
z5L{G0S9*g?$^IeU0`6pfcY0#JOD=I;V1!X-^foZd|JJfNLEs~*mHE5wOZ*6NMo>Ck
z&~54T=$re;^cDo{@SmrW<;Qmw?-!hnK36?@1rOr^`1KVqeOCMr6=>zG*(OqmepnUc
z<kf~(t$<ppe*&7;_K%cyAN#)(bazO`yO@pfcsd>_BGqR7kQkpp&0&Fd)!UXA*%~sw
zEeVF$a6@BUaT96IJ!`zI{VC->q~=V^u|QJdT)(n2r(|mPa(^2ZxU{YU-BKG}%zF5Q
zeuZ$xe&&^3oM^Y&l3eNyr_G1@`xN<aHqRbl<tzT%)6p^iU0ge3=$7{CrL~e^7_mF}
zT3-D;#Cd+7f8P3)2mWUms(F(ghguUiC<ov1@M6pRuzgKve4xI|ZUJKwJ$^Vc(;;^G
z<i_@D$gHB%C%r7JapY1o?=cBD@|b5-UPsVB@BU-vAUA#1M4i}gu}cPY0}Kcw&bkM1
z&crqVENltt_~^oG^wOjrif{}+9XMZWk@RXmIqr-5Jr{QQxu%q)m%X<0Xgxo>T9{hN
zO+<Efc6V{eOMBCuwWM}<X0R2!hznXSdfus?OdPrW63Wk%7Ila80~b~=cN^BTP25=N
z@2R=YOd58?BP}%^oKwSFf`7k%egO0r{`{bETwclff}KHA(sOtLY`E7-4P2_AKv+#Q
zDcBgnvE@Cf5wMt7s(Bp%c`Z#}_Bk6D4YyY0|Laf2^EuV@{Ttnyp(wnT^AbB7NA^;&
zKK}u5@M@d8O&1e=qcxiJ#&o=fPLy(n%KBPQ?lbjFPTkL<8Uui*ryS3C*0iB^E8FoM
zkdkpTr+ko0Db(_ZE4oT!0`rQzTG}cz(l112)CFn(ppXu=lHs-G?)Ey@i<}7>+<nd;
zW-seI&tYvs>_kqt2e@A|k8txYRpRG;p<`2{PCn^<wjkVz?WjQcte#Q){D}OSgMxJJ
za3VC#r@crmUacF@T}DS3ThlPZ!bv*0&W^SDDJ)3xQ&`!;n?WVv{q5JlrQE?#B&b~Y
zeaRnYxe<P8{BZ;NH*Rr1<~{VyeboXTmBs$t3{QVtO%Cey^~E4|nw*XtPRW@$fATrX
z5xF2Jd|2+BidbAq)kPZtLh^Hl^UWXBCF|;53jowI)y#eCB_H-KD#g-xuQ3|%pU(C?
z-HUOrB{*UTRLaAT{p}i~=GGbCSI(#bqzvK>S<VB%<#{)?ZBHyyd&iKcPx0FIH%Bj0
zL@0#Sc*j=SpkNhK{haHhiJ2A7p(Qbx3(1&_{gY~K@FBaT-TD|C<a3mN7ev*<L2>JJ
z2XHb!HAlUW^Yhd;g7WZ$@6~|`t)6J_m`wg=5%dw?)dgQ}1m$^B(ok}{vs2|yN$B|W
zS&gw8{0+my{S(Ugu+b<4fO8l0<THiVB4bMml%si}{xw}8i@HQh<H!(P?J^!K()q@E
z!7)z?u^J~i)Mk$^JLCD4oM#%qQ1MIKT|R6C_|fY8@W^xdE<w__W2Nu=I*OmNHu#`h
zIvJXScv#1%zC*@x<;FJ5X`Yy4VM-M|i3m=N-sdv^xpBi3I5{~)h-4Bp4^oFL`M`^9
zrWT|w8UdZ>Mk$5i_h`kM9@7<!&qhBf>{i?|psM`q=!0;0BVYxlDeLlHbOs5OFaC0I
zo1*tvYdo&rT|h@Vy*>>(Zvb9y6`tyYH;Q|o;AI~E*(h?l7Sg8TBZd%{rQp)93eK4I
zFn#9AbQRp#G9C}V_xLj+WVN2g9EK0v4d3aMq0>_?HP~)t>4e+41+p*I9R_v4y!m$K
zcEHNM`Bl2I6qB*fl5aP}hoOOf_6Y&lkamUw-6JM^oSB<t!t_UjTUY;C*b;8ml;it=
z!X9XW^~Ueclp_`eb)cP}(|*)y%IuC7uB)y^Dvzv2B->Ase>63EGaXQvu+$`Sz>jXM
zR->-DOtbg6OL5^;quh>e)~*C-dUIK^uWDPrn5!b_A5%P|Sl&1^@|!9w51B7*Nbf9C
zZ4x_AIwT2b<$2)@M@BqGbgSBATBgdqZ)~j&xo=5znr%r1kL&(^I4NOChr(+g8h<AJ
zI3mS6AhVGck#{H2sY|58VK6aVpr;=C-<@Ib;JG~`d^s_)Iba(TlA20LQ^{X#Te;>8
zh2}MdkS*<A<H?7su^pKyMgzdU1X-rYeW2^tsFHaj-WmXL@c68Vuyvw{K;9!uuHPhE
zfQ)4EvB!+;g9lQGn&8R+tCeU<Mz=Xiw1g#xq0`6FcO?7hF&LruaghJo3UWhtBl!R6
z#{8>*NQmSHe<2W{`RfJO%DtbkaKgogc6(Ejf=E`n<LH9Xkt-%A&#UI1UCput>pT-a
z0)Sv9tW}(79R;_4^|LXpuya2Dhd|pz+;+?gtGcEl71SOW%((M94Y*v`L>)<VcBGLn
zwtoa)HonschnAH)paE+m0E2A>a4F*ypj6X@VnzF-E2}^P)kygH!jQ!=Lm_srhTobD
zHA77O{@McJg^@A48BA8Zm*&laMsddA)t7*3{ZjCC=wU5k)3rS!YSdW`XDo$-rB$8!
zTb;2InLqwlcI+i_?1R6_KA9DiJVGT3mXV}1I958FNW2}{kAU`dzU(HMD~BH#f?d6}
zocEZO;VT#V7Ubf>=g7o$K1((+ze+SNP~2~Ahv$uzJN<8r*u~R&Bl@giXG+Axvk{PS
zRSUo{1Uox%eCV56W6+;LR!?hp$Y<9fmD1xakTd%v*DmLMB>tZ!3+es5ZU3v>8{I@{
z!^dC+;OF!wLp`fS`lG;jDZ}2=4+Y;?P)<t8@P^X>xx!uXY}Tht2>MTOjM$E+oX(Qm
ze$DcqGOJdF*Bj`ynhW@q31mSdIb*Pb;b{3%kUezRm5_f`sE^a07d~0<8t>gwL(`>a
z!KfE%(_bvpjqUeKI%3ZI&-%Y>4+x(|gini{UY3O%b^*geZWRfqF-<Ym$tPdr`7>Ma
z*XgG82Rk~r-?X>VTzTEV2OG0>qoRI?F=Ml1<wn`2fYO(*1`>tM|EPkkz6Tm9bxM__
zXXKj<O*QV(!{-Dx8iY0bX8IEava3%-nBxDg6=XIa({<XgFtY$S#*8+R5SU3G_+(*R
z=hRHI;v71!>b>JHUMZ+)%X08EOuE|7mt|bFVe-W1hH1Xw%Z&orD<*tQV)B{c-bcY(
zOi%Pz5NsF*?nv(=m}GDq%<qyHIXaa=^O9X$Bd7l{`h-?LQZuvvUOQsP=--(i(KyWa
z_ZAl40~VVgC?n-z@-cx?A|IF+x{}*8P$SpUDcP%qg#$o0tT%Rqte?w8a&8|(&%Gyp
zVfiIT#m1!-Ei-EOP8hyQMeEdXvnKRbL+?6*gSC~V{0z3o;G~qxOr!?&gn)4Y@lhj>
z-v;6)zC%c({=d=*b{)g_qS6}l=b!*Fdo1XicAB3jYr;DD;kU31VO>n7I_VUyzb7Q^
z;QEM%wcF#>I_kP2l)$4{olaK#n6;;6_*PJ5jh=$NrJ@xgu8R(7fgP9d<H~<Oio(or
zx5KvSM3T`hXdeq1dOXUB7V%He`Fbj%JF7-(rx#fNwb;7k5nn>U697cl)%lP0yBY3u
zbuxflFXMw#&3&DMyss!{Ijt_p;_pBu9l@SvYe`#DB^|T&b@bo*E3DCVu(ymgLxMHY
zA+`9{E)33!88`Q<6A0PK+2h-7T(P7A?b9Qi>Ja`2-#rb~oK>r{1q<J$g8Btaf1=E6
zo^S%tS9$Z;MUvDEZV7=%QK!`kZ=O1k&iEphS6_=CneTf2nr`=tC?EJqW1}pKRMF$4
zB%{BV!ATcU5XDB(a*kgF&8sVG3#-T;dwWl}(TMF|F(T>nOc9$5JVX_#{sr9beQZ=(
zq3Rq|%pL=J;HY*XS86RMfus>2ujWjvmg=wq?I;7ziaF9LgNsgJkO|+EQQB$;EKXW7
z`ga-J2v}Tv6s^EGyd<7i(1m8j9kmSbLPl=iiKlUH4S5Y|-GXS#3+vy+4J_YEe^Ftv
z*L)L%8J`?9nTs1fQ7G5>KJ5@7H9UDK<?RRDT*=u{547U~02%-IpB!zSON@YOq=?xv
ze^zvq6EnTuprj-(F7}qbhJ=%<*w+Hm72DqvHw#cTuY*@HjTAfWIVIq%pVLbU+(F^r
z#clxw7n^CXumt8_?d+>oLI{;98hj^G%(qNW%(N~cb)DfVhc|K_P1wdM9`k%*H#|Wj
zD1R{HI0#Y`Kx06aq|aaoD*?8?_K&e<D_nVaN}rD2Ezap&r8A9pGw;TPcTx>(v3Ob*
zsi4P+Nk*%H)lfh|6dDDGRY66Q9w0x_^-W7%8@-(o7{L6KY>vfdYjQ}H_D}3*Zw(fc
zlvgdYfsB|emMt2~=tPPJkBkFonxU}|cy*!YX?I@(dV0FV$0U@qmM|_SQ;{CeonIG7
zDfYP%P>Nepu;-369+m|FUjz&#q`@IaVEC}C2bwGvS*HJbRj*`YksbXWeIjQx-kjtY
zu-S=Z$L+65yw?iADscm=M1n;9_blq}1-lx8-TIW-k?B-@w-2D>>8<DK`S>AuU`%1~
zN3FeLiWw-kK8+w64?s2(Qe3!Pr_nnSK*ADKywayavQwvF1SRzYS*8CPQGZ`nIrggo
zxE{vE;LIyA0DySFh9duO%B(zZr0bphMR6Ti@{YH{(ES&I5;1h|7_ReOHc;?%cNV~p
z^P`s(Abd_8%AzB}G9x39-Ldk9bhQ7G3E$tGJbEUq^fBl5GJ_?kbfr&3s1+k&#vjbn
zVY2JL{%GL8)KZ!|p|6<Y%Ck#xb<JSFn#YHt{I6`Agc)M5D3;LD5*V_}jED=$hpw1H
zFyvPmJxi9W{n`(8t7TSn0(~XhoB)m!Gs4~GW=vnO$9F8m25d3B{b=?@9kptw`iM92
zYuOxoWQ@KiqH3F0cgVRR3e#K@(U|pR0q9*`%D#dskmln};zKdd;=dI$JVyUl=N;l&
z7scivFzQmtG@Z&bzbqoK7rL@$B~af~i)9cnk+ZN`UgcrD0H2BD9^rtGBCzdqBPR}t
z?5(Zl=5BG5R%V(+BNg`)RZ%-S*dz7yO2(Q@QT^AQ#`~f4HZVrT3N>E|rPPkJ`<?c;
zb+G?9V8&{H#l2dUtsVr0E8Xp{_w1hdmS7LGWcIJWF(GzeF&KM)BP_$5d{C98KV2f#
zMFpUY69iZdXc2{1-%~6_?bKn9m@p{yX)#rSVK&`=C>XbjM@)0c>hvDIVKC*5c3%1$
z+8EFJwEXDoxtJglhs?`M4|ThcdcY_*rqg#(-4?Gyg?wP1eXNjb9S&Mc68(K}YQGz`
zGm32#qVG)9zRl}01ixDW1K>&z5Uk2=l`P3^Ww){<tX&^E4rO&2a^C$bN8yxA+mFuW
zA35a`F-j$dV?RrL#89t`DO4lnFm*Igfrvy#aV6Vso@e{O^qpgESJaBVMmEMcGaWzl
zupwup=p8&98rG_`pT>_|^~|S?*GJe^mcq5`(+r7#ZEm8Gy1$WR6D4d2XsR;@g@&(?
zW|x`WKas!)j?}@jALR4Oe&XnaCIbb^7VM#?D_#uW&fDFt>TO+?iR@qwem@7xKiKm}
z@3`R@Nm!{?k4!tUOaJT!Sxk{oP00JxRKBRYh8;f4cdC)-_|qEtcFb*63k{<I%DY}3
zo^{FZ$ja){NKGF1IIpy9hP^E1uRQpFWJTt{tq%`6(<A-6oV>gHrDEboht16du|+ah
z&N?obCTgN{RpW~$IFIWk1VU*+r5HZUx9f1+EmBc__PFRYBYCV+|8UQQ?>8x8DQ-#>
zK6p<d6SI?mH$u*)Bw`9+68Uz$YQwd63zdcwXKWc>ziv#_&bmJ4Eb~Wbu*8{&sUO`3
zu+YTOIdV4oL?D|fc=4oA&+}|u)s8n+XK~3$7ET=FK`+bjYaNIRSj*`s&Drt~b9a^Z
z;7D6+ET{+Xm%0q0V^yo)vXllt3zP1WL+3AiV^9F}qA!L^-Yf8~nOGJzt{-Gme&pvx
zDf{Eeo8-hIu`Dq2U{4k>=g*h&9%UCowp+hJD-0)mp5mEpU_-{t=Z-pZ%09x9IQgf<
zyZGkg>Bk`o#%g4wSO_P^Y8J@l)qHw|-j{{iX{cfG5i`rx#`T+%y-_iUxZ(o9|FRk7
z!0!H|pyESemhtsSNU26(3>%;Cn9R;{G<UE0`QXgcR@2m^?%h3FV9dPv6<NO0@jd^8
zEtpG;9v>htC5@*(=b*)o>T^Qv$}lBw*>Dq`d+7J7GxK6fCfHkt6Jqk1^YO}sOE)5<
zJc`)sF{d+N59L9U5brktQUBjwd(Yp_?uW!qKAS>(V<|CnOfh0CT>rjr&`ai{lINx#
ze_ek>$zvX4DQw+2DXcXX5);aFmj!-X5>j#%d}qgoR$V&t-h;5-0vCYxAl}Y|D&1~n
z<sfRW<6nYfib*TalK_!rT}D`9bi~1;0>BXaI(hQ4@TnKjj(nzP^DdbCOM~10n&@OX
z@pIQF6ldWD*1^+<Ju2nJS->{;P<&Ef5ZQJ$M?Ec7Uv~o6-YhJ3uLZfskIF2=RD;-7
z0yid}m4dRm$0F|C`oLU9ELzz`IoH@AYr&tilRBam&y&lCWZ(?B9cM$h7+FoAi_g2m
z2d-uS7U~=X<W<+ag}@CA$EV3G_RTtm{A?2De|sa=Y<lRMkeBkXL4eEJW1O{hLiP)$
zI%`C(jp_XWKci2wYDyjDLgLuonG0~~tQ_6NQYY1r`&CtqxJu#~48d?mEGOjJ@XwK{
z$ke9p6F|@U9AOn1Xjg@!9`O{c@Js+A!K8A}M}r+LdydF9*l`$?uLrm*7?KL&h#d;f
zeO@hkY>nOB<)SE^;BS9epqm7SBV0HxUohXH)v)Ctek~!2t`lkUUKAbnt$X!ZdR{f5
zVSng-4PS?&yo<jCJUbr$%vp}FS;QU8DF~~u4W5*ai2qI(#!qqtNJHYXq;!S<CR*xG
zs4Iq+RQ={_sFDqK5K`#srAq|`GsH~yC>^X&2Fn%@57&2-HxV1jza}$qem^3n=L|L(
z;a6t8#2AT(_p%I0f^ODBS^n-p3`2>k9n>c4Hd?mx1=_rMp{+d|6V=VYH-S`N)*{ET
z>F*%GbUV^c{zy+aqY2*F!knPQYq7&umqZPs@fe#t77ngQ-qi>`a#&}ylr$n42<ll@
zMTIMjNyO8HNKTjZ<?kC<=HbN9#Z=D!W{8{;@^{D(ZN?%Y;od)VTFbIy?2*lfKcqmM
z3MHH}qs^D9R}7C}cq7Zf9`R04{kR7xwo?TcqOb$=h_07B6R4g)Ec+apmk2w1n;wP5
zv3w~^*cE{aBSsb;;v_3j7=YKwe2>nd`7TrJcb!ds!iPU*QiATGU`GCdj}5|vz?`e&
z5rlh!c|~Yc6x+Fj6cyzM^lMI12rMm6sO}y0S3M=Isw}Nm>D|%t1vD>cdyClmt|y6(
zlu)|zje_++sq;-Vsk#)E>S#rZk)t?S&#gmEuKTrJSu)HEYWx$}LbMkzRTRu{6@qbN
zq}!(yets!g5;%dUb&UMOBd3udR@NE)q=Y2m1%+<5h6!fWND+Dpeu;6Es@H0?jYLv&
z80F2IY6MJW;+&<S@N6Tx@{NOK8|i#g1<OW3%LJ19bmC8NgXpZ<c}*R~RIFXdAUUF7
zt4%XYjdN#G(V=atjK}dfu}@7XMG9p9m_$sVXN)m9=RZI|@ABoFNwM}`+%#3bseK+t
zvVHqvPg;rowy>#24X4kzYx&Izz^nJjv$B%6bDHT@a<udm&$aIl<2!6$2<9Un;?t^v
z`N)F7)-MC{Sp!UZb$0o6`yxI8qD;m^oQD12R#ys3Hq#2rAten$Cj_)rf2QAKw?wQn
zXNX{@gvfeEU>-9u!Sa<I3O`6EurJdy3|#}&2z&?5?ZWY>3ve7|oeHpP44})6p)m((
z;cxVGo)VC#snplQy!YkKUp}utK)$6ANwyXINyrSh@S@(q^6^}t2e{hx7{EG_?t<DW
z`2-2s`b&O>rGBp}eV932yX@_&M<%;^M*-alYDZ{nQRbiHP@Cj?P!q5)6TG}Th~gX*
z;+p{&t^H!T&pM!|EEgaaaN7a2vr%7oFqyBnVHX@YmzePF&DV@)EIGjy_}wPxMY7GW
z&R(78&{bI5eIyev7azD!M9uFif*U`R34LkI1XnPnSdTL7gJ^uc$mgtlS=Gr3`J^Cj
z;j=-1iN7@bRVCdiplqDL-|!6pip_N8NymT2@HnWUaz*-nR|DdaWUt*KQ0(Q^tjZ7(
zAD)<Ja+v)y(L@ujNruKT=^bqSYWah%pojToZP9R*o<ml%0*omFZ-otJnI)nYo1!u+
z3z)uMT&W<s=x;s!Ay5%gn(I&H7i%a=g$;`&S1F8Ft8iK<AQRzRu1Iopm@P?$HDeK1
z{l0-+zL4b=WOe+ivx4hUc=sBI`88|aM3a?k2KThZN_3k-#m#kwBs1#X&s+99YaV|#
z4)s*eB^5|%w$D&Q_Re%Ak#OBl3_q+s?@wYSS}XAe8h}6jk?$0W5(SpeRtkgX36nVp
z_^NM$|0R;^yaQ@>0I1$UhkEBOyL0s9p&sdXqQ3F0GN@qia44!*c$4cQk3_dGo_=c&
zH#bbK;ENt2+nlQ+WLs;AE}cPqW3+1|hRU);p8TnvrLy&)J#_TSC!u~y*HAD5<I(-e
z?=?Rm6phnzLY{3(nw3Sp2yvP?K7#-QFjat17rM#$w>TN+M*-VuG3P$`*n%TAke(9C
z7|aSr1(Dq6{?zTA!_N-#Pc2#|6gnRh{W<nPQ?ICOLM`dCx+{%z@`R;~r;;gDpiFM~
zSYhiXwHB3>b$TC-H-0_Yv*$=M9<tGKoDkE@7-N!|X2OWcd~{J)0NJ|}SYF*f?3OQt
zZliL(bh>;@eQku_jj8rvCj#ZFycdznpyIbxzolb=8r<JuZjG!NQ?uF3P*Z=-PH)0R
zPyW1luxC1rky48_za%23@DAxQCMCPLfF`{hewJte;(!5#>u))4EpgebAp#fJH*;$N
zZd=myM!4915?P*CslT>bS@O2*i}QzXmtXd-;`iv$ai>7bDn+s4v9}auV4nLPJqqCp
zwEdEc#EmX(uD-0lN2_@WtGMeDRCXn={T~X1XpM)lxG$YOFH@ga4F);&E<O5}aZLig
zuRiyZBykJCZdfh$7|i<uG=NW}(RpPJCa^2I)%?Ex;lci~Zo@|S3+`+<IJ@}8S*DH!
zvQ0Von)QX+NYK80DkRHla$d!H+BgssFC6-hRmp6ke6VH-g)WD1pSxnA&hD3pNgUQT
zH>3Ba3#wT;O6C`pNU(h><@4-pAUVQ&LpiufA=@iJR&xNH=kvCj6E*$9csy1rWkG>j
zi5BSt=e2uys~3T}cgyVD3cbdQp{k&@1w=~AD16TMtbK>kb3Xrul%vwxxq_SQ;wBPo
zW4T8)HmNzFt-@E9g|4fUVjmd^@=n5_5z>L{@anV4vAp;n9j|uU#Mih9oacbP!D5Oy
z0f2YTa<*aboZ%6FG%uLroX}AX{ng>0lv;E*>kENCat`7rQg<vib?JP*7YGG|_tFP{
z4l6Q0QTPuSB@fCVlGT8Pb5iP_x+db_!-{)3MNEf-w~N4@isjFQDdAT6nuXUU!C%S9
zlXT__TZc|5s8e5YUtk@^?w0^Diy5)sZ+uU{UC%?}Yz4PM)5wi7RmWEq-8}<HYu+X=
z>#JwM1t3V5uuwp|L)`r=N@W4<I$8ujOL}O|_w;@1fjch$f&qSU<~`6gZQDg7P<CAe
z-KJ>04jMQ>;F<H~HLwEl{&r2FhyO*(m+|cYm(|TO*#$*u9KaVX)6UI$y*u2_6~4Kk
zhY)&rH+eM1BslD!T4>1-;Hm+cox|H2_NVyI!=sJMimp`(COsubBIe@c!^|A<gi@wX
z)^A8nT<o+QiR0sHZ@IkS>xH(Kc6W6WM`gO~dI{_6NI}9+u1@w-x*^r7)igj%dr_>C
zj+JP@fHQzy1)*|!fCukC-^uHm(-=%1-5WC_JF_o1Hz!Yq9F;`CF?3|%5Afg^+Op3$
zv;YQP;R{8Zl;Rg_0S5$$oqM3?c|TW^Y<COKbVoT!F`X?u;rpTV)F=Pu*6U^!We*CB
zBg{rsuJ_WQY{@bL(Bqyz0Lp5PC`i#R60^j}mE)x_>tYmj()X;3@8O?SL-9}IxQ~Y4
zKC>}Ju?R}x5*}fL;0FFOaFZ=Bzr2aGU3?hr7ECr9?BJ|Lgvdqd*t~d(cT9Y_)#$26
zf3p{v>WAdALeH0K4p<gfCdyWGg_EnM`jj3}Je`6H4TwSPF}36faGi%dLF6s|gYy>_
zH(D+$408{m!cw8QcieCkKUmI@`~9&87DSpBY7?tG;|td!n%0av_sVGNb!`V$jEYV>
zx!F$3c6Pd(ZjUnKfxezb8Qc14LJ0%xZpFo~AR_Br+jj}!!8dOa;XmJ+l8gY3c0mAe
zRk(Ra5V~1wvIDg}PU8a?xW2LZhkj$<1K0b5MWP_1D<U5HE^MnfEC$64IchD@aiaeA
ztP7b4w9K)Wby!#q{DVc6|2BfiSle36mc3v8sz6PFo}ti`n?5Fi#hz@F5PP((T^_LG
zPE~z2r1w_3BB$QsS&K^9!BKhuu+Ocs^eizX^J>-{qd4L|sx8TkTW)FK;Ca;<f0=QT
zGSgo^{hEbfb!|V6+@1MPHGPru_*6d~Pk8<sbi7t#w_d%#Zw)D2lTnG1;ggn0t$tfg
z=z{Y;{8)8|KYn5E7VhFoEoz(0o*C3O%#mp=$W|0dYc4g{1|S55Dh;p$edTq|LFt!$
zrpbLruAjp9HN6dfNyU<AvO6M;gP(~aS2jkX?4+tSx9<}ov=jdi&tOW2$j*+6)(pOC
z>Hu;^yT)A29Og<Zci@%9_k3lIx5hs56??dcV?+}@?2}*efy7Tjki{b9T6~g5=hJjH
zU;VoeqMu3u=CYJ>ny18=SF0=-WFL~G*lm7r<(-9hcdpWX5RuVQfUvW$tcj^K6Gj!^
z3U}67;oBuqvJ+QyU2E!7l&>srG$m}}c0{ZG{5^_F0G+`Dg3hilib{PJogpnV_NT+c
zlt;p4uKi<qmED_|i2u@fyOWUSYP0^gP)hC%t*2910L6j4jKJ0?_Dfwy@C`C)YIm-S
z*?P9{QI}6=m-ne(<L6Bww_$L2G=q0qw}v9(&-`RY(D~gNDw}N?hhH=h(Nt(he^lGG
zF!(dD*!hS(@llj~cbX3=VTUstB0O`y&E`v1nwGk6!4oo6wr~Ulk9mQ5?jtTg$Y)8c
zv`YmMkduw<SD>!w$Q?E2apCcjBdj%jo`pzOjNp!~T?TAM>Yc%4@~sHeY=qSR{^qZD
zlD8<+ae9lV7wtRxtcTkwoJkQLx4)1s#q6-N)X)|?*3h;}jfhNr>&KE<*{-1WfP<Ue
z=%&>%IrB`$U?ziTvgrK8D~ZB2<va()!&F@YnBI0!*?ktpY8Q>p`YpkD26<!up3$M<
z8*_bIIkZza(@D~4W!Cn?1vd1~)E;8(FHnI?%LWfSt#%D@?!oHLzSExHvM_&LXIkDe
zVwu|VON5f)YFO}&C9<?#xG#C@;brv4zWVI7h6&itW_R>}Ur1fZ@H?(c1&BacnC!p<
zfHK7<{s^~9U%RtVe=MTq+TFJ`GiM=8Mj6S$q%s+uv!MVSto8%T+wbcm?apO3aalNR
zHa1-DA_e`iSMQy7V81}^9cKTk>}{C%_ygOc$W5{3gG`go)v#su(UxD=LYGc*rS_Gz
zaqNU*`zGplm5o@sx+*Wavp7GaUqx3q9)R7|Zvo^7W+%<@ySz^eSJvFb{JH<AIM<mw
zC%*B}FGvw+@dY=uG27cjzm9CilJR1bWYW_>cnkwQmE*~0c-igmpcY(%6%UeS$IiGJ
zMt44Mk5m}WO?Ubx0t{;DSCgJIu6+%4rfW;}!f%HZy=>`NPNTDb14McrZN`Z~LpG_s
zZ<h-Xw2S96tEY>P3SA%jZ&RbumxYr2@2b~k2l?FuT8BA3_8#xYhv*!IM7^)p*7C3o
zN5|QtbycK@%&jlqp4E2Qomh4Tr`7J9#|dpScS>L!^z;;SQdjf49?a945*a+5&NyB6
zFmeO-9~O6}d(7#?0EErvBOWgS#_9*X{h#ix0-ox`nM?d*)NT_`3LS^yO4<r`+PO;V
z8Mynj8I^>t;4gKvcLUIh;a!U+%|wYFVxrYpdE^^e6%pA6xaWBvkp5WKbkygB89#Qq
z<x%X9yqfs!rtr%C3~APKH9AqAE&BTW{u5~g9b163c}>nOj8DY;RrH3$gN91(C~i&C
z2cVhr8r)jVILS7uN~@ZF7vNR9_tTi4?Cnr|;;>NCyP=sMQtC_JXV(bkmWoNY<w*~K
z4_Lj7*%y;L_*oC-NR8eab)1Z*X*A^{(UUntOFu>)EdJ^#Eg;xvKN){iiunc5?>#nJ
ztbDQHllCgnvHYuM1J%C5XyN?qVQb)krLJzzw*33&7cfoc_Ne$r(@j^0bmRE<i+{x4
zL^p!_@o4U2R<Um&dgG57e>@QFgF=^x3IAr6dvK-yL3iKBBcLq4aa?7Nh=<8(?uYGB
z)dp<kBn?MWtbT9sRZ8M9kRH$+<-AfmR<iq8ENi*@T<*#w$*&3{lVeLG;oyrJ@ax{T
zcKTw-;AIwx?Y{=#zKz62Y8CMSEpCr<Ai(%DJ=FoOa_%7JNp-wyP+pSJkH_V7jL0vW
zJnT>Kv2y3eGZm8cB53D_@14=f2`PQp|Ew(Ft=K{X1kg?q6m{HdN{yg+_Bga`EEcw5
zMs*s<a}OGIp1$^Jq5ejFDjbqE)fh=%nIN4)6Mye&r(mYdIE}_Zy&6S@XBv<)=tsR#
z$mS`J^Pzm^N7W|dZ+{lrZZc<s&WP0!eAB<EYuN{r@1vSVaM>XG^T;O4m}(q<Sp-aA
z%9`$mTsujR*2uSa3)+K%G+SlvE)xT*{3)#7TszV2S)z7IHnW1S49t~^rsL)&(`pTW
z;Agj=`*3hIOM?u54+hS{2xroTp@75SFtb-Souxtxj56yG`vxZSL5==#%}kK>e*FhJ
zn5*4NLK$j{&1J-_M_%>+S}Ne5Ab1;uN}y10jHYhC8C05m!{SwOQwO8$U4SFNM{e7H
zN8+u@{K~vBlXtf*8rEeil=lAN&B+XDCHiRm!G(ps;BBBh?xUCIN6?pze!^}&N7Pi?
zp?G!@?U)}5$i*EEHFvkhddE2gR>~SAG5hiV@ux)jb>0?6Z?gsf<3r1#O&-OlA5T2*
zRS3(*h2&v_ghQ%s=2Ld~S~TWNKr_+iGuu44#S!9KQ&T3td`~|qBJ9OT81sWH7JJ1_
zAC+*Tn3NLSYg}n&9F7g>ar_7xYeRr6&+p0?S`Ts>fslRnHdH7RGwh#bVwl-28xv<U
zyDo4u<U+@bVjLid^A&9pC=hsAh>s}Pnr_ja=grY6!qCTO@>g>>KEaqcNZTRE2EWwt
zbk9fkdvh=ESAe{;+4|d@<%->)r%M8LAtC(kURRd;N2l{$rwEhyZ||~yOHOOdeDdbp
zLL{E4W{Wkb;@x8CgExW{y?5#6#e!7U&6WhzZA|+Q&vh9WpgE|0upw|+b$xXp`h?4%
zbT9V58AmsZ-Xnx*o)Wd`lxl4FNprv5v<X!$LAs!fjW!*4#kfc?f3j7Bh2GgkQ|feb
zr-GS{@;fKl)c(1yR7rfBT-)E%<*bFrMe?jD@COBle^CI0Jdi8@6bK>Qr${3A%p6Pb
z)oKukh-SoA-9q?C!}$Nh;Q0>>3_W~K&gv3nuL)V!f~>o_qwgqbzS8VcXXY9WC|kJ$
zNEQ+r8z4%fkTay7*hv(z#HIi77$BPx7NS$3jtJV2M9S`v!fp(ZZ<m?@13=w6K^2{B
zJsh1f6NLm{=3I#PH*j05kww7_AQ+?Q4`Z=a0Ps<b8IW~`F~>~64#Q|xc<B2|_O$l|
z5)R$>`Z>WOp^5zExTeJ|$<6?0!yeT|*}$<p=a|x-hUg57D|NDG*jWmXOX5U808bI_
zzitc!Hxh$GbP@xP>Koaz4n`<n7FED#P@kesT6xr}#gWSc!OZiIo<V1^|1&76b+Qnc
zfeJko{q1CzIMwR+%omX#SY5<?(s*aD$1ogwa;N(5Y&kghhsR9BEr0YRNvjY1H&Ca>
zs1HD86X2lD*ZpAW`hg9Zyu}5;nvCH~KISq1mK?n_QG_8+jJG+@`q$hU+C`BO!$6%x
zZAmnHL`8b2`eT@f#^Cu^nHSpRz-~E~a>4<QOGHJ~$((L(Yf#ZOE=8Y?hQ}=CHy=?Z
zrIIK97p!BGC!n(RanN=f1g6E>hYh$9i&9`Lw(0>**Mey?4YX)BLKEVI75~`YB99WY
z`2TG0xKorF5zgnw)xw>zREGbTWTNWVxzk8Sb{G1vYzI`|kcE&MZV+Sxv^Lkz6H5QH
z*tw}u$ZN)(*%*%hhHLzt7!I=rCbJ;tVRAuH9VteXWPRqHCgXA^J_ayf)fAAJLf3i#
zgX}bn|9|yvoDIV=##@xFI^m@Ql6S*b-px!@XEVn~^@Sc_o2&Qm-|v2B0pcl`*IE5h
zH?_H<`)b$BkEdnB@otc2dH0NjmQFGJy(;<9#O?hGga~r?dk86x@Be{92ci$(df5CO
zM9`PCkx&-EH+G9PMJk97Ju^w!(vwV=_WM4OPTlh;5WMe@|E%TQ5FyC0diP04oa6YA
z5E`yf5M}#V5DDsR5D>JaB0`PKn;eM9D8n;1-Xo%+?iZ~i3wqD<b@h!cPMqk-#FJp(
z*MAtUx7Z_0w%BV`Olxcrxi8iZaWO&}0USy)>LhtnO$<<Avnh{f)EzJ)I8zY(#Ugcs
ztT2>CR-!2TW`4s<n!9KJJ&G($pdAx#tp7zkX&<s6_RToJ_bJ>Tgn4QL+K7@qKn>6*
zbvvWDN7km;K-^Un94vkfV~l&)pXJqVhRv+HiA9ri-{Z_Yy<K&z1c*6Mw#nsb%zcX1
zq%o-Amnq|X&Fvbn(oPM@xyh{NeqVr5j?>K8buq`ccHTPD=?kv7oS8WORN7e1M~KZO
z()T(nRsA9}jpkE@7e@^W<t=B<mZ(5<Rx^l5J`xMk0Nz8+s2j;Dz#zIL%6xYb+@CQ8
zhJPW1sWD(9+5XBu5BL+<^Fd@F@I))X6Ai}EJaL7yR-}`WQ<6m1<H;Jxy)(w$f(?|K
zxJNipCwCS(Wo^mF-6+$eUcJg}rd$q0x!+_as#j}`@nJC!#SG@6GzrCHMqwyA1duDe
zA=1pgiDkdyZeRB%<iCx5j^7kwNeBAEAWATL0z@6K8rBZHsmBAYzSRuCJ3o^C!Jb&h
z=KI?>;MX_R=|_{$3N?Octr872s?wmS(1=?Z#_K&`adPyFXblE_8C+*(m>=sNf=I!G
zrn~+?&b|!<9BhmQd{~ig5cxC)5=}j{cs3Q@He-K+F?^crRw-54=N;alWHbP<xc#_+
zHEv)HQveCvzyp$39_^3Wp}=zL1Z~MTK+{>h;E8A&5C=i3Ba|kotD5y)rfWU~G!MkN
zttaOmbs#C-=nxOSJJD)eN!WF2QjJtB#>DEY^?mD0EPW9XJ~h5ma_<$aL8M6rRNG07
zPW=E@tIK>{IZ8qYq%JvYvKD5E^c<a85>S1(HXQppqefOduAHJ&Pp>KC;#9HkS22!N
z`V2pvgJgR`KM=pWbC>-ytO!1lTqy#H2Ax7Y8x4OuWHf<HLaGZc$vBOb+;lYi;C;+{
z=TY`EYKz2F6aL1<3^-@84}Xyzv_+#B0Dh2A157`nM_0V@L)Vw2I8l`rN>#D=8jiDy
zoO35o>L2O0&`)&nePhE@>!Xx=)^RN0)~K)OSxJmC=gQpIY?XldS{k0aw{P**7Ho!-
zdeI>mM9{P8nxPa}%OFc~)|#3ib9>Ysf_;JeKJ&JhfAQ^6_%-|tUH@f~r8nTUwiZ1C
zA7Et8O{6%A<Sb^%8<_x}$0Qn!c^EXgx`YWi2Af$xhGha=r?E|n7h{xHnkx&!I2PZB
zVfc){djql((NQF$qy$;M<8Zvfi^ENbfHB9bwGYi}j*A{`_`>OgK6;r}EFLN30%hun
zv6L0>W)>=sdb~L=bxD`b+yS9kMMzZK;g4R6aeP>qO{cKaj;rNLZc76oHWs$8H%FCx
z=>fi{*;Jnvr)SnbMher&dfe%EtX;i_q`D#dpf>h&^;FHzzs_HpY~f$$*Jh--KktL;
z-}kGdv!}J%+c`iDuym&VR@I3~blE~?%p;Uz!kgJhu$>KZ!m#2R<O5WaPwOJXPum`q
z@a0*MOc=~qh^8Z?wTTX^ZLo~9qDbUYUSLh@O8!YWyz@Yww!Kfv2KR~*UP6z}L-yEt
z?<%g0i0omGBSmXYL2mp+rn+Aztd-MA^RWu~3c*6Sqxj`0*G16cm_Mb#&959%QJmDb
z47J>SjjB`u@ak)j`IQ%B>g-XOBS#BUZmuOVwOkWbK>~Xs+<PTAWR>86onOX*@D4)`
zo56OZZwF)+u!+I0y=qo07e;x{)k5aPo0&+s9kb?yLCG_S-%dU~iVQEsEMd(qgqR*P
zLxD325$lZdMlH_CvsWnNx@(JMwOd%i=b*P)QVg00h}ObV^7zS0G4EB8c1H})NY!2h
zw-=O#O0j%<w<{N3#fD!C<^p@!2Z`rcJ1`XG-x&$LeRyltXoLg2sGAd92I%!XVWU(-
z_#>QF1`$|Sd|$?)pmLAUJa`V-heGMw6ebu^EA5*i%UQzeJRMI_{rE2TMDCk7vcsl`
z$2sjcfGIPjPEQS1+-FZy%A9#3shy9&xUH?-QZ!o1eT49a*{WR+;Ah&bK{@WY&njV!
zNvkEL{$WFmqupy(<rGxo=`mF7)MhnEWBT}sq9T^z?AfU?e-1wH#|f%-e^cp>r8EZ6
z7RezC<Bkub?uX^3ec^cx$%5p0^;HFo5ff0amGa-K7q72;uC#?=_5Awe8zfl@Df9b5
z<A``mE?jf?+#<^Y)N#vUb)kF+Ly*Vl2d(l6&XA0jt7X!aH<SP8SwpN^a@pK)J#w+r
zk=v?yJ8M;INR><@)VP3a+8&Hm01hn0l?3;I3PPz;(I4og%F9G^0C9#%{EB?Xl5`ap
zuBx`*j2(X2ut5iTM)#COyIeiA8CF(f0>k`6ne`dORHwPbY=D*T4{O<_4{1cNKh8Bj
zYn^L>Oy0Z>PmC4#yS{~)jiA~J&<02p!7rUMf4WCkq%bBN!Fgt-Mhs|DRDNPqI}44(
z<=~+cz`+WQaj~o)0es_?3ymn8-}Cq;8iHA;`sb*+DIFY0-2DME%Vi;+RD)#dG)E4A
z_**oBl{#i8EH|+Qst8wT)ENScI~kLB@6iu!+Q+xlL-sNwr<JfLAmt;AZ@Req1xL2v
z=W$TZbO_YPBGaLB?p3*t6qB(nvbQQ|qF87BZ_BNK6<$qNu`(k7T7s%9)MT;=pZ@uh
z3*=Q@nlJmIkLx;34dKS>z@ab4f!guSt#5IM-KgRur-*5Z<L_~6)S2?Q2SK-|iwWS2
zZ4L9M()&l2PA*}HqQcjiN(ShgVcdy0Dc3g2>;YoMZ6|5o@Q>g4*3kR6U;{L_J0T|w
zc%WMVnxkzryzhci3pkgYQ4gH{s;9pjHvFTHED8_UG49If=V$u5=`<W%q;kLb?(*`t
zdFuU|fe>myZI53mpI0_$Qx8$b3j$xSxV-?NR*!-`QuhlZow8_v;g-IKRVb-CKsdix
zWo*LO{U~W(ZGp@|?0BaduMk(j5M>Ypih1P{Dtn}U!Lu+5Uqw`vd0z{=8~jJVEq&*|
zJK^7;%_wP>F>LSwbpUtvp2t}Q_efBwrZi?V%>Fr?NbFt9dhP9Yr+yYNPPA#`)ypoN
zjXw13BH?qq%c0|uRaJcJ%*oVMbtdt^D8e}bLyL^GB>?CMAZ33i&#uA#uuJT9iRmb+
zN*fbgk^4P!wjAQ*d@&l4cf8`zCUzttkMCEf2tLO6GCz#*qm`wlMoV=g1lMmAl_|f?
zLN$nZvgLcd!&&QL-w=-VBH5TbIIAvc-W@>-ymJxPKumX7=_3{M3S(Wo_edzsn+o6;
zW(8Lb!GBc+{4qE(-QWw7?hiXTV1qN4*fEje4!u<3T9AQ-!VI9vl%ZbS#h(^B*WS1n
zeQsD;TFN^gGd$v&Bp#~Am@b{6U*P+aAdwZmQ?hO^+H{+99xb;uX}BFd5G@wQjP1g#
zeDk_-lw+k>&5yb>-%F%?t7B$_yM>j2575yV-dGQC78*UgpC<iMtocqSn0!H`)^Z89
ztr@pHVJpL}WyjZ_G`|XI9HS!BAZp?9@TwS6-u;CZ9TR#wstM4OqJhnMs$Tlug+8#2
z2~{jK*w-0y5q_M|%`k#Eq}siT_MjlwmKYHAoa;ztt%>Ss`Idz^$B|3Q;2u$S4!|Hf
z0DWpB`MlO~cFj`eysYQxor~tqoG(lD+gLu`lJA>uJ1XwuCu{nSyntZeo_0*_77A+8
zu{^jmI0^zL$_OWXQBGMYv@P}^I3T)2NDLWETStSjlU08Zeiy9T85?g_NYPl~=*jj7
z_<R1J;Ny+VX%0OrKMsJSwR)+AEWD^&?8734<ii#JlKcD0hJ($I>N)GTyT$qYNW)Lh
zx-Vm)YaZv?a?Pp+dI^e9DuTEN!iIc{G_vYHw|cguy3NR%K$2+)uK1Noa>pU5fnL<r
zvFpKhVTQp5K_LzA*j-oA?VIGtziA@Oen=Gysl=ktFGfSB57h;nl*?nnwo)@X70f4*
zI>Ba8kf};AW0=dwRbu_kn~~{=7o&B5mHPs=4P&rvz;R1vif{$=0>3+Tho0Ws7`+~>
z-W}j+y<QFEd8iN;>OxpK$?J&;6RXsV<8L*m#qvGJiLcF*^$|FIobR*@wgt#-T2n8x
zn^*#feYhE8e>KI)fXYmK%$;r--Vks}lzBjx=udZZW*mmnMWA=+H6#(#<?ku<1<|&S
zzC@^?n%9&zd}oyrf7gC24lmYYoS+T$LoQ;e6<8YKbOZ5sn}=pw_P!9PfvPh7C>mic
zfD}?913TJYRxbsKiZ8D^ZOrl&fM18<!)YhvyXM@EDiuUSZ*k-O^LPjaUB0@EGtPvx
zYkl7c(mCq%PBGZ1^Jf*QqI@I;0d{BNLftO})7;XnRASd*m)D}%>^HcBXX#|#H}vU;
zc&BNAgwyL!S`9i|yxlSrQEL4(s?Zs-_|SICW;2xO2kAe%nP31P@-*N&DH{OZ&g`Sb
zhMP=d6$<m=Quln}d+17K3!IvHf(%Yz8?|lp;T0;IXaBf|fYak^;cMlezOTwQO<<J2
zOiM>AnjiS9_M8{MY1i}9h7gIm9{ltGAs*ViSG#YO1qw}1-Bs_=cyIVfj??<H<H5E`
z>Uk@uML>TH8Jz#GYpe?Rk?cn<%=pR==l`3&NQ$=Ye%QNt)zLFSSw=&<w}#tj0Ys`d
zcEjQs4)CSyZCGqDs1G`}#c!#Jnou{JxO$Nif<_Z2t3(NI;%9_w3@q+~!($bmys02=
zaS9OrtBobw-%mxr-8*&gaV8q9jh2#xN5EJ+Z@8RC8$sXx`-TOzAu10)3jHn)D~{8Y
z+)wV7{<oi%E?k-44Bdr0f%%Q${@Fj+=pWOcD{Yww$In`_I&X@&MB^TRtHH=QiFcH1
z*idj(PFKcHuuLolChKvdh{@w4RRqi%X{0>71f*^(W(3gFBnwX<SP#(5CSfpw4giky
zK@$?hb2%FFK6M_W#0(G-Qiu>M1}%`DNf3R!Es)Ipmy6#Y5$bNH2nibu%Mxx=k+KjE
zrU(zjD6V1rbf<*%<!VQInX?ybZJxV@i9A5(m&ZO=;0<V$6$Q%$XP@qu6A`2z@9N2N
z_86nT1wq;j!O5JCM%&^1*Si4Vw6ray<Jxz|L6&me{OlVF7LXU(r4n90vLG(?L`Khb
zb0N##&J3ty6ePJbP|u&<Byfa*#$9zDV8mFRpzu(gj0PzZAna~}hSt@xGble*^3kaN
zo6V9(Z^x(d%I|agH?Ln2Q={<~z|He<pj<5QV6V>FHa>GPiu2UgX72%%cIlh9eO}5E
z)o%)f{EwhiaF)EbYYmv%p}az~WbMv95{ju|V3xg_<iI`Z5zTjG>EU;lpc;nFm$zHM
zI~r)Nj~@t46F$pCF6$<_^ovY8xD{#*MmeWK|JD1TZP|xypoT2i3(^14dwt0-%F*^d
zyHQoeUI5XZ6Dtf-%ll15EQ*ixLDj^$aE{S&$vBV1=GvLv^=kUb+hulh_z_UWUNFy5
zAW_#tvbB#FWJp38Ud$VahM;lx0N&rv3`9Ru^@C)j(;W10KHawktkc9Jx;!y`4Vw2F
zo(PVS3?5AUvPHt@T}1sZym*!(3=fxWFj)eLjTvAX0bl$re#8FQ2-N&g;cx^M&Th~6
z(BWhGTUsz~>zd8juZ|4yU7AI%F_{LJDd)$O?Qe*GHw7vyXoiC<bX{P@iPOz`;iV`g
z>L<9Wz6UI_KQ3d*RLG1+zJ})d{Yr4`7Q{iZdrRz~B%V_pC|%Cz-9~i*G9?0Zw2y?=
z<WB@NYN;Okk?n3$C=dL8_Wd0Ge@tCvSe;9+#R?RMBE{X^9f}n#?oM%cmyNr-Q{3I%
z-MzR&ad*4>^n9ni|KI)0>?D(9l9e@&Bezl>3N!An&kQdtOX^NK?8+<F7GJz?yN<c{
z+*UHFga|)#YnvlSEvWZ3Ef8hq)d$;_i-eogeit;?`(+IG8ILA7H{Osa^s|`$H%cV#
z?_28sZ{NZ5Q|ds2tN#H=za?IfG@&K?Cygn?9FZx;VHJ6N0ybYAtU5x*w{{q7jgJdj
z7#QqdpKD^q?=@S?5T-W=P`~O2)d=VuhIGU9I(aFFL^~be5jw@YDAg{HZE25FYw&(C
zR|tUqJaT+{gfL_>vSeDvxpCNH#?(;6TlQf?=p@B53aR3Z^a7Calaw1%3&t=2NyI5%
zZkE$3a$e4h?$iCt3QREZsZ~6W@-NGV>p?SsH)2|rWPJi+PVSD>PcfUoCTHb5)*@C%
zgz?c@ioOZU=`nK%wLx?K?dj#H&x>Atadr5N6|cdzr=n6O{BX39pq2q2YJVEa@`nh3
zk}AOWN0v3+fwNNn*N8=^VXMQxlr-Z9#^a$Ul;x<8#7)@;+mwfm(mK9BR^4YB34uNV
z46tZ6Xn(nH-P-P*rg7Q$zVi5r4U&Pj1<V5v0<BgDYlxOR%wxaO-$-T6oP4Q(HnAzu
zp?7bt%KcbQpvuqXEQ%RwA%%?m>r%zO_;mNk?tHcW=k7hCChkUwd@NG@CgM{Jj(`ph
zQ)=_ZSzQEfT=FyUR>O^g!wt>nvGr(62w3%g#1w<FpEOh(<CLtW2sRRk&RfkyW*m6D
z_*)dH%Iyw{g1X$w3c^)Ty;R(JazWu;PwojS#A-y)a~JS4syCmSB2SX}R2fgM#IQad
zWbEafDpSlfzF|K!S;K8~thD}(qP8Sm#!(u-0fVPA$i1;N4)ua(AQfQNT>fcC(gg)T
z>1EWaK`Xv`L=|1gyc)E2X*1!dTFau;gFQaf77yT5juf7RBGvL=W!`L87B=T9!t>%)
z<t~cY8yL)OzC5K{iDnDIw#Hc@fR~BfVB<Zlg=-^{79N}FiBRj(&$6A|q1lzA`JNdJ
z7W2@@F^%)Tq7<OKfGv*{KF5_Q*yN2yELZbR5NrMcT+_{Bv)wA7?xW{MbOZ)}r{^MN
z!5X4vd@onTPbc^b<shCTgWV#A+zR4S+jAnFYnX~fY_u`Fh5*$SeUg&njXr1DOOR@@
z?cjQA{khlDxzaG5EC;}0QJ*SG%+1XO@r3}WFT!KO6*vILDVx(<rSK$(b;;g(WUq&W
z2RHCLq%I=Dy+NB&*b0pKoYYO9*{}(pTk9-(6=~eVuYu|hKf{N?EG%bd`Cd~lc2+UQ
zB=wU%SnXG{T-lTPC-<A87lho_T{!RjgtYjpL+|o#Q5nd~=`1J<1=T}EeVCsG7t_Un
zfxtJ>ADCPDMz|TyYP8DP@-=fbJ!f2v#GjQ;x)h7*9Vl|~M374`1?Q`m=lg~f*h~`;
zZItSF*@rlhSy5ORB))zc{FKg-DMb`X&SA@AYx_bV_R|orpgIY|E)7bFf7N2Zh3Q&N
zGmvP+w~QvbMBt-z&)2{C3MW21iW5_?|0~Z+vS5D!mX46pW8=nynN}9xik<-sMw-Pc
z6kc!gG=>@OXi_UjFszo4ZF_wU0e^JkSSzRw7-(S<O$TTks77N~2k0IIV8L#Y&|8q>
zNyG;89)#1h9^IMB{)YUmlz1Z(u~cGDpe7f3OF4tb$L`K5cQWH{r6oKrhgp-$`T5kg
zkPaSumHL6X?fRBCLp+)Ys&QC_yE&yaj7-SQcL3x#*HQKg=HdIp+cZutZ;>BGHPklx
z%e}-~f{IQlwWy`n{FF2~;QnAr<ebhqwRy{6rMKOFwQKmLfQ~Kq#=X!D%8tMhS<tcO
z1Gb{UC}-w<X5@Z*A;&pyfAVqXW`T|j8Fnmko)bX@6rFc+*2t?t&!-{1=qi@$Fbde6
zwz1PBA4+Mn|Ci|*z{|ToUFA8A81ly=M+_1yp$2l#gS$WnCKdF7J^~&VPmM^)3$Z_F
zb6H!zSM^fRe*Gnn+oDMs5(l4{3^Pdc+|QNg_TiHuXyzge$Ty>J5SD{t5Q&M?T$OZ3
z@Ki60{pOy$l-XO;YLy63nDHg)jOASPDic}v)JRY`QuWDDyo)UaTldeWGDjmhs6j7y
z4IPnv1ELD%B9k#W6)Avs#qL81W~H;eG74EwjtWHTDT0$e<+mM_7I(pxouFQ?1Odnj
z{SQ$EdM$JXC1m#_Y9mwXUdYiuVLO;Pd#>4S3qmMN!QZKJHI|~_o>Wp5X|ft0X&18@
zDz#RoQy*}*OnBAfqPJ819b(A{`&mCy67slY$4Mt3=oWkBG;RZ`2NKw?B#RJiL>72%
z>pW4Z0qrH;Hjh=@JRLRcJ0=@fpmX9!{q{1#As?B|;2<H)(SwV0)wWz|=wR3{YA`QK
zPtO@Ni+%poo(^yqWX<yEE9ZV_-gWjCq3&S~PL1YKqD1(3t{l$tTGRGek_+W#UbfJG
zFvMDK1fZZanv3nUnTm;)9$Y{b$8;^7XvA$DB%NxF->h({Ln-rdVO%VGb3;ACOuuhJ
zX`Q@ndp*DAL?#}8!6F=?=&11)4Z#1@7ITM?hu$3b{v;tsa!P-SwF-ayET1pt9+9pP
zJ|CQy%SuF9fh<mLDlD%_9J`Gb6F(LF85bJdjfdIKp(Z@ZXV7kFDtVV#mwlxgZZY`p
zeX+YH@GFU@YXtOO4gP5Gfd2L+B@uFoEp8zHr#0xLr9sd!fGy&}l3wJ6Gt9QSfuX0=
zBZT`2$5+o>CmnK&VpNa$`QkLO+(<^pt;HuEGzN)ztd^Q5#STSeZ*t?3mXQ)r0Y|(N
z`jH#P;SBF9TBxG_pNnGnSoXY-4|3@PW_9l79i0k6l^(Nnt!pj}qzUeAs+ESu1U1hS
z_clsFT_lXH08a)^b*Y)NI{3J_J`!NmBC}-_U%9E1A^xoQWjK*gkEpRRzfU3|ZDtZy
z*I-2t1tae7-}4y`Oa}fv#*e_iM;0=muWJ|D<!{DAM}ngs`vt3G!C9Mi?icaMzBD4}
z=o{U|?0lrNcMEq@oxB_Y5~*_w0<mTR0QkbOrH=G`{3K)@XtY46W>H9aSoLWDsK81?
z8^Y&PBoQeMeBlW6usUu_p*fQ3U|S163Qd|BHnl#YdIEpY%CrwT7i#De9tBK>PXcgt
zR@}l{-;w{Mdg@4MlM~;OAMP;%DP|1ug<~Q%Jf9BN>fu8Q9NdN2$z%aRc#X7z3I_`C
zZxaFGnhpqPN-4JVPAg{lXEjQ1AknpEA}JI<&1R9}IG(CBbgVQm+TjPe{H$I=`C=#i
zdVS2eU=S|;LAG#kaBzCTK#|WXaQsTnyfa0`frAdDu@S<oe%K2~%MRABg!a}k@dF2@
z;ZRL~09l)WF3Ya&uu^WZq*t3SEM8uHOolw{2KuQHLM<HRX0z<@4TfG+OaN-UciDhQ
z?O}eU=ARd@W*YPNrif-lp-(TGDpuvAvB}&si%yz9jB)KEHTgiRAP3d(TQ1KCZYnCW
zJA&S=UP~&{W%f+T7jVpXswN<KB9IER)!c6l2IwpSKU|8Jq{)78&5}%3Xlod$pOXvt
zk~{l!S(o9eI(zLZepdl4*%Ct)F{B+}K^Kuz8yz+fk`w%;_xUH>Py`M1D&{B{zoA}F
z9FDxX(cKmJKsB0(TsGAI>f{1)l|DK2bT<TAce%g9V0jCG>6XRI*bbu`0}4dPd_Cnk
zfbeqo@R#UWrSeM7x(3>bR~k6QPXSx+Is@W|OwiLx*OCv1xpN|vI6`RBYlCsjCHut-
z<Q&ei7xzFyAt-cKoIQJc7f2T0SLHKUrJlH65zq93N8wvKIbO0GxO?zYdrK=5`nl|k
z5v&guDX*X$h}4c+F#fn*n*AVX2RCwS0L#mSYwWk8P_1U=BNIo{%O7|a8VeXLAg8SK
zzgk~HaLht#l-CWSTJn9IFMio%3`;4vMYi51mJ(%AyDxxWrS&j6mk|}r8e-cQQhb+=
zv`h}8`pyNcw!2jyldEkrE@rsW47pCocYjE0CPEPhp`0x@wgd{vUQPt=A0YvN-Gpw<
zPM>D_ieN&mJN>gT>hHg$#6x12U!a<?Y%dC#eF1MeP^-R7QGgKBT_o?sm8=Mw)(5Yh
zA@0Eda0j)`B=f#LLS+<Wlo2spoKh3Yb(oh@fjO1&M=zXctdL%u%m0u*sWj0m_h#OZ
z)RlWY4oyN0_9*Q6ykCt1NRTeHyh)Ky-P-*b$X67aukW^OjO1<=<Mwe>EBN7x$RLDT
z5Z#7;&y?_mr9QSgLZABS2NnANaHM{G0^pw7n*D+;C!$#xD%Db$lkiI}&`(Ho6VFB=
z+^6=Q;AoD4@%FfzdRQxniW|u;AHIUbM6Rk<L<OvVzv2ZT0idSbDezb}N8=a;%9{Am
zsMf)mzn!n>Ew-&yz7<oar^Um*gc}_A!xky}r}y)DU{RwVIxG(qQhtw#)5qq^{vHzv
z1Ogc%8*9rCB@ZF?a@~3-B}fec;A_-k9(?Mn{A?}y$rWjQ{|A7)ptRVW4GR+i9=C^^
z?e8&^fSqPSY{c$DaV5;T>W-1f;s$oRh+d<^8oGNs>EfJS6xNz~Zo;#8>R`u{Ara3@
z$UNOer~~sWP8IBC@z)A{ym~|KgG6~=<@bUdqVb5I!%eUQ<)u%8f_Jk{lj+T-q-m=|
zlo5dwc2M##%^%hksRR|DRXE^SQm&*CEsS>Z0O*Ox1v$nP5=<VDA-%x|Z-&on2zL6c
z=oxq`1VP0lUfth1Go{!daznWw#P>xybmioPX_5ozB%A2pX}^sW4Y_QQFO)d}Evj3#
z805cWS5@SrOHYReJa)vNr(NKDzeOWPM+6!1{1Cl-8$AHbKfO;}PV~E_UDpG)zbmx_
z!g(~T(;d>ZsejW|cJ<7IICv36B_j;ws;>cZFtL1tRFDRZo%4wW&9<hl2-2q`!^&k1
zvc}+gf9$X3y1ET039*VtOc>@ZDKb@=m^@%%9J#eVpQl{kHhRqe%0cSB61K3e$T)%(
zXSer)J7a+xiLC^6fWlU3NAv-(A(?z_lnFRw*;f?tDTFwsA_or+8%I3dx;f_3${N}L
z(v~#7+=$b=D6{o4^cDQHR9V>A5w&Z%w6CjX3Y1Q=M9Lu2=iqGEqM_3Nl}t0YPIPn4
zGm&Bwrh2BsX}pT4zYi%eQfq+zB=UVwO>w|G?LTlal<^MaL<gWL+{a-ls+OKkKba{L
zyXF$fKmSPu`Z>S#D=FAVPhxd?ql4@7QJHsojY<QG+q*UT&%@yQqW}`9nMO>U(e=T>
z-#8_Xk#+tQ3(0id^FqT|bk}sojY$Yt9w3`tKWSL4VxAS*>WpY2@T0*$IeBeg+yDx|
z7I4RRSOW<86!EO!B7OL5^ivbA#V-%XbEU$;n|Nd3h-At2{`tErk?-;%-L1*3vm&@)
zzE+1@<AyTYvu9^ZoJMm1CmvXKO?vO5BPldy$d@PGLR2oj>QKyZn#0y1f|=r@r)*$P
zem-Ec+kh`At>M;5V?M1blpnfb{xt=*2f)?qUS8tsqs65Y@Us~5yy4l*)<5$o7V+2#
zkJdmzR0;|&I-GRcxy2%P9u?(vxEj7(7R7V$rfyO*-Yc~UZ#49a)%^>Pe)_@3o#wOx
zqEY!I4aWqaIRZc9{m&dr>wJ{yrE|!EQ2=e6-dedr(RMh3PWF2xr89sR81Ec*_@;=K
zwR`n${a$jpkY<bppz3o?8QP`iRdm@EhCD~QDPR!q-3e`_@!`8Wz$H)beDK6;t%us`
z-X`!%?Kd1PF(3;~-AbFm8Uj`=OZsq)M4jH+`1Itng0vQ$tF?7FM{7S_PupL+e+(vP
zrG%n<0lm{5V_5z2>k&|bL|WCSO|8~kf=2kt%4fURX6_Jv8^g=>J-=ZHzCgnh5=s?u
zu`KQDaTbiN9Yn8eKZR3`@p$p(d<oYz5ZGWCXi*r&MHwJ#s7lxvDtJ85Wab0VZ>iYD
zkK{tK+?6t=?`=_z%8xCzcixT8lZ8InwK5oonYSSs%4LGk#{$4!6~S#8)cEia3SERb
zB-(FP^T?o}H+hZ47KN+vjWTP84#A&%KnMEWe}3>kzYBk5B^0>X(FW&Zw*-5oxPwf<
zulJ7_@uCZtGX=EQ#NO(tWPUC{_>$FQh;z>$meeoieVwjdbP$Dw`Hg293b4e{KyP4F
z1E4zrv%SeY3SS0vN^mc9*jO69kmHHuq-!1&O%UGEmMSexS?@pjxv?HQ#D}v{SQv_=
zSJ*V84Ssh$8D!Mxh-Y-R>4lmqd-n@Q6HEQNtEk;CPYZV@soej<!W(Q;Tf=5owS4!j
zOcG@EM+^mG+^Q%?lhZH&*$1IWLo#>u5woj*+o)xykmGBfuBqI6H2}*_o^j6}7ptKG
z@W{}Q7!bu>tF@<*OKu5^`S5Hj<2&GaWvA;M#qd6+b`xu=Dsb}{qRl^r4mZj3*O2c(
zS;0F&ZYAD1j)Y1O-8)*Ht=^W)_psKuD+`Q1&RI@~13=zi1xZi+j$0?qlyA;AxB0vF
z^Z=-pj>Qj!Tq7l97R7fFrWUB-Rn{g&;$PTV&P=#k!e*z}#2p+k3Ugb5o>Ek?;gHPv
z#H&0vjxko|QvfA~UUC)9ZT667G!q_7Qgelhfk^sg%JI?`j`7srMyby=q~E%yD<&lG
z-qpQ5QMWdMm#Ev5g%gcq0ugtrf)Zh4=^SVhC?JPk!94Rj?R~i`731Th^0Q+3&LIk2
zpTJvb#^BEPI$+oDz?0gQWgPuqu;?(y_(H#F1D!xE?Uh>c#8s?_9-(UVkf#%uq<x~X
z$mc?BR71|IfdSKozcmYGJ3pi24xaHuyT|YZDHnNz@X6;>0rI74dXpXiRPztYSc?r`
zGR_vNls=S_Gfh|m{+}we6Y2SGzclJ|Q)+*?SVfqgl=P?6(oLj0e%z<I-~O@Nl{7BV
zY&J_2k9<#~+nfbeoVK5mM)+)$&KdUCnC97%YtIPwPa>$?A1{;Vj~6=B3mJ@x2mH`~
zp)S+RtA6uI2Y{{|U+^wHosX+Fi&vIh=T@*;(y8x|DWD~SS>BjgYl+|&O(4@cAB3%)
z0-a(&k-AiI4J%c`Ae{Wsm)%N~e9KO2hjqrE$E8t%gq6K!?N%2v6GUhBWz)%ES}aw=
zmO}hT9#E6CGb>BY8EHnHodg}UQW7E8&Eh|L#T(B^05i1nPj5CqmENCbWz4(p(@L-F
zg*!Z_0MCbd8X%UB<P`qB%3bMxjYX^9dCJ(X`f12nHmq*gdl#j2U|$U|M=J}1>IkX3
zuOc|<wPgBeB*8<<3`tZ``aWET&Pje^x4#D43fZL5`Ez688d}zUZ1Gd==#6%SX-xu{
z@j$B;PPrBjK-5GIOL>B02`3!Edi5a=27U7GVJbJXc&<4}lNgTl+KRI4)X(g3z1>UN
zGj|MBJIE`F-U(;aKlV6JsNF&o^emYfu0|v;Z=%Yrp*(_((e&Pw&n_Fer-wRhQeiF^
z9N&#R9eJ!tm@2|=mq+;~hW9=5NZ<k>;iRRNT4z!?*3O!`GGKsWUlyL(6JBntySfy7
zUURUo_+F!Ejkr`?pVSgoav4#tQK|w*lJ3p}AV+LNa*VptKhBxXca!UqL%W0goPo{r
zl`-7w<7S?wGYVyr8Se|}k5VM&3D^RN7Px{W-gq1VkMye*HZ`X%ZA{3Nq#6!63DWIn
zp6?!HIv^oQ7d*GQ6yc}7UKoWhf5A9kJt_qrZz1Kppa}W)N-!>q2Z&XLJ`LClu_bb7
zCYEX<>H!Ytdc3aHf8~uU;t(f=E`eHu?j=1ffldJiA_UQrCh$8O*5P>R!F$RDckPMp
zFvg#~o=}v=sC6iNKeh8S`?Stxb+5gF9cN)a!=5Y_rrd8?W<%ML3GTBpm6mx$Tx~@p
ztv&XRKeeGOPEMK#FCSEbuTx<ceRcAB;#Yp|m6IN?<mpV3k>#v>d#HEwJZ$3!_FFt;
z-E{y?{QER}Ve)UC9CMHE4WT%ilPZpTFE6T5qw?lmcYQ&p8T%Ne7?X#3%aw)KiD9Lm
zcNL+tFNaDz?~PRt*~>g!6lnQ$tfPL7TC|yUW0$L6*v$K~i`Rdt$LlC%tYmhQ-@(}D
zy&IYk4~%a7ToG-OmKiy9;Dvg{V9Yp~-69W&X2?V%Bngg~o%tk=vm#T^qe=MxiZQec
zvSKcNs3^Vb-xcDK6?Yh|t0_mIOKhpt)ZRld_F&FXxQ0n@w!-KP5qOtuvo2Pozpeem
z&`kY>r3m4>Ccq~$m9~gBcMLK6r28w!?8jSN<JQ4|(GJA!0e%>m*c4?tV7;Ac$4O7#
ztc)$dV-sxiC7#HMwj-pTxZ<p0j{EKb#E|)ZWk)&*lY`@aruvPR<=u|YVb*c-)P+m=
zU^8NY)1_&mJ1x)thdQFDLUuk4obUrDv-Je?53qXdX2J^|9LbNag4;p1cq6o5P$j>>
z3lf6zj-jAm5{df~V0alN0mxmNctHOmCllFrKduwF_At<7#Qw}OdpUNhodFHQWiKST
zEW~=hOpBhj=LJLI91aBuC9PgxUjywcKBC-r@Th+zE9pHtb66!Xb18X-gd2H8K!HV@
z@bjK^)Jm6jD@})C8oeq3mAtA<LTWs;!>1C@dm>?J-UIBZRJ_e1%uT*%)p7CW@ADzE
zld2z0dz1=oMNII`V~!-$x^OK&h2VNQH)1#+nG~yDwvH=HD^+wEz5lqEEJ5vdTl4rd
zPw#u0l7Bri7T3Zndr$pz^##;E|BmgT91Lt^=NQ=~_X8dt-NgmjM<551kc`E0A#;?J
zS7W<#JszL}?-Ke}3^G7@n?ZkdToS#h*89?dO`i`Dh95%!2Q>vZ#P$~YZ%>fKsz|g=
z;3!5<j3<8xbUt|qn?3s+yQcc<_9WA8Jj2DP*>!^OPWB%BjhA~NZ&s{O33N?h^w~>k
zoPPN>tNiAtqC@l}vCefdp*2+QsYoh-?-Zuw-LE;y*tu#hc5tpm{;A<Ks)J9c>Pb5W
zOal|=u38iM&vWV#?o-Z01X0g)!kz?H;1_2$20~2`0jaQ5w>EK-I|e-Osg~?LF0ziz
z6K!ebT$WQoXpV5}DSOupDzY;+)Elt{Ah{#8-szIz^wU7Axo~L;98AmG%2o%wXK^KU
z-3sDmW5Bp3+DAc2q2e&H+jPhB$f&78h~pXB9-%wkRR<jh{6AEMixB-T{0uC-&;_L-
zLD2xJuMFkm7gn;(R1;5M^Mq23?07DWL8oVUry#Cz-ubda^uXy4dM6;fUt4d;aq>o_
zN9MIXl6H9TJAgb2ds-~^BRkp|TO);2GUVWj2_SE?2i5}ab>p4M>TFDAp7)1tTWxNQ
z`%3kYVLfh6<qBbR4Wb+huJ9ac=kzBWoZ8@f5er{jfgCt#c|JMni13z^>B6<sdWg=5
zP(}?_&^+5r)KSrDmnp$l1Tbo`g7B3LG1(RP7-KT}(F!F14`?TsK11cdxxi*MVeJ*<
za9LpYPS|iMg$zIVrzd-@{aHw)#XMMvIDvX{f;bb;8FAp)9Xd)+*@AiXFn&f9lg+bh
z>#NxykEWW)?P3sOZi3S9tbm4ZbA$>}McLKA2KbIwiran*XI^YLbK(V)e)DP(x(^_$
zMci!C>TGL->TduHYs@aYf}|`Bq+Q2QP?XDj<F;T%&*4DVeA_(@bI$n@nx5ngYZoQa
z#8JN47y$u^z>~HNdfK1CrRx{HRkv7IdGr=}5)-~}fjQl~)f8l&bXw5+I3x0feY@5E
zx*FLbqevIYqqs#`7Q+=#exAaA-tXrhDtVwT2pNsxP*FxICivK4lh_DQ(Svt>qs&S;
zBsmg!Z3A9xH4ec&M)2_ae9RNXGKkf5YD`#%vQduZEs^g9b<9dzMx)2ITpK*8@rSKH
zbUI^}3!6JHeQg$(VA=T@XxD^NZV4={90sb<@g(IFZPFx%gy#cnQEE|{_*}G6$v^YM
zsN`h-K^h4(2cnF-bCP219br<4x?rK?Akm4%r;$kIs`v6j(JW&jfj~${{{Y5S5MqJi
zsfz`vd4nJ>spFd%oNqcH%<Ap|kq7?_E}cT?EH|N+0GBRgAC-y?l7(c*POHh2A{Z7*
z4iX2%8)|PaC$Z552>!j8)?v$2obTny#+Mq?SoX|9Rp)PG^nf?l6q~BeT*7W`U#A|I
za=N4*EA<OZk>gVb_3HIHxR**cd+sZJcxNdgh#czXi*6UpE<9;c$4`bMJnKtDD>!IB
zY_6ELD@Hsze%O|O3yY;NUC{6YzMg><S2FC1;Gmsh4M(5h90+~|%0ck-s~rW3!^`Km
zU!q!BIW4!MbqQMHsD`2S^~h)RvK~U#1_y#@C^5TY*k(#p&*q{tA$Z7vlsisvN8k-W
z3|5-4=#W^eKtWgKI_C&>T)9Jj?U-!FW_J>>D!6XRg8wxEJE0v`yZmMtpv2pF8%H6R
z`~pzo039F>{p5TpEt!V^3_4rFVryKFyg0`7s#WE#qQ3Rj^YCrcf+av)t#B4e9#f=c
zaHM3$GFjLhrL)l4J~KMFIjNYW*j=}M;z9IDZ&WUgs4uJLk^i4;7km0OaBdjDS^R0w
zj3Y-O(?qzC2Ot|PEe#v-D;{=e?3Q_xEuE=zrE-pL%5~)j-0_$uYtiES55^22&$dKS
z#X99;7y{p%nvFn&D^C&Eu)8t525%9_@=r7~GW+V+4$f1`Z{0>e53Ck1B6=;i-D$;q
zcR#j)m1sB5H|E|Sz>~6ca94yX98I;99acwLgkZ=`I0K9{-b2lI*GzXkJ@<-A{js8M
z`RVqeZ0hAObMYgOd(9fHOkD}1dW)-)y_jAR%&y?KI$5{&>Kd)vg2y5%C9+K36Ff*d
z%QL?$<I`%GIWPNa0b(tNIU2eu7}aze|1o$H5B9KaUlCif`ysuf8j=Kx^iTtIbUmzt
z;GVfb0ITp{*Q48*O?agvEhOCR26=*#`6O`d_Wc>VhS#UjVEAKj^UYy<iL#^isS{3r
zn1rm>E$#C372Ln$LetwKq#hVLb^ZoK<04yM+jIlcglQ;@({1T(FlA=rML*K-{FMH7
zVLSX6-jX4*5-s%r@FV#Y!OmfDp<bM%K(DcBJY&DM`dG7Oxwyhj8yL-<2cP%!5GePV
zqVoLS4t7t|y78_pNb#Dv>Zi(e^m?{EDRdpZsRXv&#P=H#QzVjk?^vWR#pueN63SyP
z{)auvmZpafe2z^fY)ont6^eB!$B1Vt^D4o94h9fo>S&^dfRYi;=$2Fjg9nhg58Pe4
zFg{Vce)phbCjDT)FV3(GE{2f!i^vcDkw4PMUE<Mw`)gIfq)wp1d*4NfpoQoUM5s;%
z&G{;T&u9KO+YinFkL$x9OwR|S3q45;8i;jnb%1&ceTu{^V(ZPy_wC(%=H1v641t`q
z&<8;EBYNvyT^cmKuxN!=YYT*KR5|o{c(H7kGg)VE<@Kz79p+`8t(dC6vY}*g(P_IR
zYI>SKR{y-$d-}%ZxA4)ywS)1jua?snL6~*YGx&CQUR<)a2M4Vtz}fZrWQ=IUB(g3k
z=#vljL=HzRgVK_m{JS47|EF~Ta3&q8pgZaw>T*YvaExK#*&aC%t5UNGe>d!oTNK0y
zCdTW_0sdPZ6rJ!Wwj)=CFGiDmrOY{Ytu}w$^|)UvH@CxP0D95c^ACNNZ`i-DzyXoN
zET`2|0#%hz2@xe9pZHl@+GlktsBnSUxOWAIQ9e#<EW_@KlFC794uGRCbFm6W;L>H3
z^?HB4{Us0(d0}0-Qt<>UCO3%|=#}grJxKkDdA}t`w{4d$&DCenelcy_$SI%zIHCNv
zUa_g|r*ww+Jt3;6U61GTU>k4iHi?!#J?jx`LLz2u1r_Wm`pn%8Aj4G!MsQM*+DD4!
zK-nJt<_1tljKEpmbfhdIy!F{Ok!Jf>>!B`MFj=}H{ICrRb`#9Zdlb6uu8z_CXXoGF
zN4)3F_bN*|$HNw#2#CI7LG#npG8r&aP~wrK3>wUlI(uZF2X#=?^wjUcJ*{yxfFVz8
zeEr{8-j}&e>u0}*m0a)O3m%kU3L_Q(ys+Y9m^J~{lqWxuT-(Jbq*Lw(u*Gw1rN!!e
zd(b9%#gTT3$g4rxjfKicY*I8(7G_H2_u}2<0g(X9cbiZS)(gHStZ&GozpJ2IFonTD
znuJwyifz+P_m~5_#0S$cUkbR-GAL02YMK6W=wVFNg_rlXp&b89DFN!=a6L?9`(6c5
zFXbM-xZs5#&bbuBV<}1IV&Dc3s2{G@ej{FfXGe4ASxZ!^qUSznpzO11_w<L;$1dbD
zx|&zZVw2qbc`DNU1Y2|YF2jKx=<Wb)dAezL*m_-oano(?@fI=OZ}phSv;G!s7_9Iy
zeq$rC%hDae;dmNgi@UXjqUue+gK9VPtg0L#+9O{LyUFVE@VXTpbZ5i(-FAKzjEY>P
zG^ciw+x=Z<0$`;FcnG&$B)WOxZ|&B474o_^K;3-Y!u|v}eK@=<1DNxDd3}4aPzJw3
zjo@UG-euNVC>=_08fkniW8bXJ;kB5(xS2oX2R5v0Jn8`@Y%9I{P1>C$Q1*BW#gmI`
zm0I`LVLw;JS)##X`QwGww9nQ6EiSL;XMnbKt5lub^2ECSrOq<M_q%~hurH_@I@akF
zzZMe6q(20s$;G>JP{$=d4qFU>(GRH|4Pt&0QEd??*<OV|rPt6b{#(X7FkF$Pdhm+}
zz~pK-_#ed3YnZjojV79Gyw{Lo9VeasJ1189(E`xnsnh9Ap8-V1uOuBLTmj10YbIvT
z^K6x2o*+B;Eq0%k?vyhytx&+;+~(9oYs=wQGNN=kJiO{X;M*D_Dw5<<!tgl)i|7HL
zg`XBIaF1RQvJ{he0{32AsxchN043wNC|3#_dc>0rMq=jyBj7oidif$p&Vqb7ILP6`
z(u^-3Gu;#L4IQ$FrjIT2hx=|n%hcv?BRt-ZA41Vws(7Br4KN*-PmGnQj@#_3vUbP}
z-7B`X+O2<lAX_X2q{d;dsLXuMl5kyq@M+}bFFQL!GrqXjh~7CwJ=>?^2e><IntL<n
z)O%!oeAAVo5cy`QW5S{y5A28IVtqr&mn{cqn)pj<FO!Y>e2W!{Q4ub)=|v%-2Qn&C
zOU5x#NdUoJJ`A@u!?1tuNEyz;LRZ^}v2EdQqDYyd9mGYK^5?;nXud@Qi;FAyxGy1r
zKdg2TSlDYz6kGrx6brYJiWMzK@f~OO?5=TNC&*A6tR9f-1|VSYhY9bq$4$B+{<U1T
zIO@r|sr?rxy_!+pr1M&Rgd+?HJDYD`R}8X2n`;%D@+Yr2##LooKqcD*t0-XYC$HCj
zBrnZEJT#Gk|GDC_?LxqR`^q2|#|UXhF$vfq2*RNU<y3SJWe=~nM)E15ThD+o@geCP
zG1MjY$)@u)gi*VMQaTk5G$@5%wdkVLcneBr;&uUc<9(o5Gx08<zs|l*|I_~#yZE90
zUM1VlGi_hl^2Tl}^uBe-3FMqv=YiwMq6JP5OmmG)&oNx-+bOf1KSUlNVZD!L0G3zz
zt>2}`1CE2#FfY;*ObLCM>?9NW<py{N<+mo87DrE655P4={?;U*D6pwQb)!SSqspRW
zih_}{YQs>F!_Yw9AY$J(o}(`iM3`AQ{c4E#F@bu;@)(NCVSD(2HIQ!;hqnF8Zzttr
zZ)X@@-6dYc?!{vRDEXn`N4#<VxWm72v^(>HOE6`d72@3|G@he|moL{PNDr$PE%tfW
zFt)l6Ltr0G{1;R)E~u?I%pY~*LRg5&`{I*{XY)h}cbUebmbjkp$D5T+Ql+86$e^Hc
z;~-F+PtT|Qibjd-Qv~fyDB(6JIxvGd?{_nHss~K0xusp!bCtcAE^(NZIkgdLSQ>$U
zxvK`PV9mzMMU)dY|Mu_vv2cbauKoxgTh|^9D50^>cNeSl{;^4(s1H25G!Y_WE<~XO
z*Ty|ECvMFkNwt3w8lZ)N>7);OcIYG5Vm7H%#@RSGy`QF=TobNv;&WC70n6y)ofcj3
z5@J>%J0z<0ASFIh>Jp2-4f6$C*CUUHX#k~RFowl~VE^Hi3WcgK=<$Kr+#Oq7SY}{P
z7nXIAkiR2te`C`8G!Mpx4db^j!KN=WlAjjip1<*5sYSy!zdG#18|tN^e}`o9;#Q&V
z>Sy_z@LiMx2n#-XB_{`7@t|x#S2{lKbA1Cr@j>PrqWx9HxGCf!)8gG!dQCA-P#Rgx
z)r|_W%(hWc+7g-9LN@;^kN|<MGaE9POdjTInDy^jdDS*owaan)OGx?%BqXB5Ht4G!
zduBFCl%x+{nl*~T&BB>A7a|<6Jp>Iq@O0k=zS#r*>tnOSBTHWN3e&_N#JC7WB!w3i
zn5Yh|zc-!b=E{!qCm@}lP~+xV_)7$tQ&D`5u_*;R$)}>Wuh`0Ya^ll!?5LjnqG-!B
zgl#|t?`Nz<=~>=Z!XsPA1YbaNR$tVC*T8*{;8C&o9)(+DV+(g%*J)unY|K~eL<~TN
zRT+SYi)U0k-cr(%lBVgFzST-4w+L16-$d80B_Lp-_abw4ClYr^x%q-hxRa?;LjfJi
zG}_yjw#3ofi9M*i+QUj;^e<ZyR3lbu(q@pUHpL{dZ5S4Ph=u|Qz2Xku5Rtl<5AFhG
z)bRd8v;cDQm7<OaDY}Z`n?ng;dj4z0N2RqEfmn@s(y}9V*Ia^@bzy`a_7H7n@9#i%
z_4^ps=p!V7ENJ$U>bR!RKI5jkz|_JHATZ1n{$Ic3EPQ;RVr(i+$4y#4wbAnt26?l$
zp9hq1Kc$&7>Uzdd4+oM4y3N;+XH+%zk|L59d7saYKP1fcpNb0LUxF799ig#LFAR)`
zd#)rG$lArTkCf_oC6~1_2Oj~qhWR};v)Kt1-BTP;aVE}}u9bE?Bb5g|G1)#%Qyyx~
z_Ad$s<<{rzpflj_F!J5Fn$PDd(a@m>1x#6VuoRvcU`!v5BdC1!n&5)ncs!yw)gk<U
zb9xYc)>Z=$ekPq2s2h`rP#dbeZ5_h;Y^)8~|5-!nKiwI+@!;nIUa~*>gqRh|Ub-#+
z{(N<O86n53!)52KvyzkYBw7im@AQ70$s5+j+m*?E+*;Pp*ncW{td_i8IeuhFPRPtp
ztSyRRfuJn6ZIfFlRr2xNWKPQN!lqR<)u^+{FOCH)C6?AlD-f|?+kJh{uCUiRlw6Z&
zK&qsvpwC#!?|oS$w>IXTN{bsz?0Hc#pIO)Zg*DY5&>`fNZ*=g@zPiI}Ez^Y8?=DS$
z+jt-VgTyqpW-LpD3)~dO6do3tB=cfajkEST6<qV#_s=!-U~O)y1A<@bS<n^l5nx5s
zCVyT)IfGGR`#crv!7Ru8ZrLhd7h+K_=jt=ZKFvGLlN3&R{*@u1N7RnuLBpU<8w__G
z$V}iFM)IHmp~6!4jcp=W#Xp4Jc{_k!<xT3WuQnFSVxP2vx@Im4q6f1Z4gT+eSN0N`
zMtWfo0pD}o9U*U%r-lQB{?L=%c#y#VVaCzOegzr<2B7_=CmIcE781p7UD*m+*={zN
z?U-Qs&;vt><zxM!7-OqetLqCA7>2lPu4wM&G|Wc_1|Y=~I^KmD4q>*O%kYJb!_Bh-
z^~-6==<?Q1r;h6OVA%V^J?!nVdhoj|>ikxihj-Y!3%rUQ)RK<{*8;dEceizuW40~U
z7U`-b3jl8gZwOfj)cKX^P9lrckRrF41V$ArG`e3;`N=lLkf>IL_oHpf|0{}qwi*)d
z!6*9!i~#<6J=7T}NmpM6?7+WHrJ*I+*(6rH-rbFgXM?IC`g^cp`qXD4OAsEGsk?8E
zAF5N@6^o6cEc-3v0@4vPrt55zJ_9J+5HKSXt$yVGLm<_4ywfEaOr9Ate<|K`_DObx
z_WXRX7px<Pop#t#ztyrs{FV~VNTUMe#%OZ(P+lf&V3j(I;JaM(c(O)(x?#1-kPEYT
z4vSbWQG+oSoNe*{+jh9Qm<Vv&Xuxgvar985nW2n_%-AXduANtorkV`<VTa@*K@Kui
z7|s-7tjzI1sXDrEVaLoH*)(kxr7R^yI4t5qOC^eoyR&WTN+5n4ML-Wokf8h`BN62M
zJm@X_$}fVt(_K!1UwT@sLW2X7*=X)ZFffzm(1@01_-tb?5X*cjbvw+LXctWI*NR|v
z$nJcwBLMGO7Rv95eVGUDKG8od>HYA4{M~<xgAc3G3;z64>O!t~A(Q?pFj*n{sC=Ks
z(Ny9%5C}9ifvuE$wb%UWN~jK_Qe94HgDXqIiu5deb3Cq>gM6xC5cX|E5K&*1()#qx
z@2%V%C;>`MM~d6JM;;~3oqig?LL8tJYjqM65_xDqiFHosE`vG}ec{J%GOr&IN$DSL
z+a<+*X|0l=@kH?K7s|n4tJl}>(d>#aN!roVgYO!FEw=u@=o=TfPWqzfh5?Me41{g+
zx=bRcOhwi>BEbtt8^ahZ+!mN^g@k=VIb5VziAFzL+4ktD0MFin*_ul5DuW^8abgv{
z!A7CJvmyH9bJe|&6*AeGFi|&OOBMbNcT-)ko&HVABqVi2nHR=9JD9M39C|+32Q;?K
zKlYp3poO<Wd+1_eZOi|k+NVrRfNC%JN9_<1rs~KguKXr&huBc?IrS|e4_A9hd=H>e
z0JxmXXk6GW!DBfGN{G?GJ(#>oDr5P3Cix)5)urq44DVUu-vc~Og8sFS#mL*Xy(Vn@
zzghmmz&O%2k}W8{R6VwnNCt@UB)Ynek>J@R?wR)F2nrh}U#Vdckz;VA;s41=5nxz;
zzHA}tUn^va=5(>J@y`R=@IM3(2+4ZeT<$e>Gj3{5p_3t4nGpywkYg4^OK36dsVDb9
zN-Q}W@f6_>9?=)>nis*;mMc>ci|O%2fkI8(72?4_MNV4)99aHw4jeWOos3J~e!9=@
zhhx;SJjPa#BqIdy*(6TgMD&|#Jk&d7!6#ilwXgrX(gT3wUErc~y3eBg;iodLcu+X;
zDqtK%`|Vu<tX>ry8CNQUC`RtlmavY`9i^bzs5o{;n2yvx0?@4L1b-qxof6h<dSl_j
zKuw!W{414@P{4Tt1mHXYlx3VDJF@ZWt#5d<wq{k=C{f~5=HLqnWzX1XO<P?YA#u8N
zL@MzgkP-rx!_lvx>0-)B;w@dQj8wCAL@41MP+N$-B%3EtZ-~4U@~)(tCs11e@GyKT
z*mWwzLhSYjjn~p@z5~&Kq^5ItL{ORNdD&~CMm>x;mOzmeb$V5Oua|W+cvKnso{)xO
zQj&RW+lhf)<k6bMjiMw|J@P0`0OC9A0esA`xjXplC(qycy()BfNJmVR5OjAa?KTnp
z6^&sn(Kj`uA;2id<mbs920&(rU|;boByo>g^<R%qkk=g=;q{q15t!i#7F2&P-hV|B
zWWfU?oO1xO142a}x!qRHU?i?&K8K4O=bG8eWmxf%%9p`BTH9nF774pSWh6?zg8HjX
ziRFxC6dh9?sfX6b!cwS8J0h}|a5o1wN;uf4^6F0c&H{{zgU<XCr~B0YEla7}Y+Imi
zP6;A$)v{a}d7&_|(?h_n<{1=Yi<yXn@rBLwQCIK4rB8+YiHuO{SpE~gf{?j@vd%Wd
z%8modns)Xu-5>U#GU&EbnL9I#9k6mLLVCB+w{es+ac^h;g9y5LbumDRtilhF^l4R5
z1>uAO3&7c!G?Y72NXa3OM0`f_g||!8+@{%~W8)og(ykG=!qHOjtm0DN%1tCUeyw+x
zK+Sw=SF~yvGe7UXFb;zR!OWT;Z|7i>@Vtol1x6xtU{uC;mzSE%NW_75r4mGN%!5B2
z&qMW>-lSFa$;AYH7~N-hBPmUQ&<`_I()U%%-7rPuQgg$sfoxdCp!}uY!<)CKr~0Sc
z#~n2~#IB!*AE5YM?uG&m<&FlK(3;Z^<$h+S#Ap&@6o@KFMHN8srm_)9h@dd>%hnb*
zS&~wdSgU;&NA`ar`ZXXORgjDqFoPpWnn+d35~>OA#`0=)L!nfwzuOWCz{?Mn5v?fw
zC0BAYNH;4CY-E-@GPtnfEb7J2_+e88^9<k426pn9dyi`NEp7zmqb|_h^uyzFF4K2s
z#_N=;lvS$ZNgrD3B7~s|<<2Dukk2U?8=<lp8Idf?`lL*wGUrluhktdQ$Q?);JFxBB
zrWjY<S|kihCEJyUNfC25Kv)ERBAcpT+$V3C@HP8;S9rlj1ZKXO6CBziW3J-mp{%X6
zmo1UD?4$~rcAZWu<*e83v&4qO{o?yWRHy66&Fk^`Ok;b1zaGtDlRVGTQCv^vSc!#D
z`c74z`^@0v6G0eO((oH74S+5+9fO9pMtHnnJ8{nzxvDDBbQi-FdA^x<N_P%b!k#8U
zwWMr@VhT=n_NFzvKyf_MC(w-EcA87ci)$vmH`NKlbvbt|KfU;rY5cqq*8ftWWXlC(
z2$MgcJOy)@l}YzyPK>=dR@WPp|CXQY$;vm0{v>)E5Z$z86WT60OvUgbnUCqMr`_H9
zHc02}Sqka+a!?idjx&GRTk!73=WN0Gfb%PEk{qoxDeE1SkXY+#Am9~*`IZ=FMRVV$
zOpR_<ll)d%O&f}K^rfNbHE&$lJZa}0loV{UBmo|b991$?vNL2}_gl#iSyAMj*hLz;
z9JT~8Fjnxr_x%KKFgifN@GRMP@fAB(gP{+lvvbCRV*FuP{4!m6biIA_@%yS&)rxBQ
zat@!7I+vV@y^2$DbHV4eskk)#UgQJlF_~l?ziECmhQ)5+KKcUDrAj|fh69>jt^G6g
zA3FpYaAWped+od*e%*N9wX(^=xiwd|X9bV&4G)luscs6n9S7Kb>w5VbOkjCMGkSU;
z%N!moWEz=|BAK9sbxQ^=%=2s&%mFk?Yr*=Yqi+>@eZ@U<s&Qt|EJGg#GT-xqE8u4L
z=Nhwq`VFPK+W$6wZtAf#<7D<p=yje*b-FkrJ<cdW^dOOL7j?1yMmdUY5@p+gj-CX)
zb)4VI1^lDkE;yI#lh(_9pmsrl+C|f?0G%lAQS?rsJM*{C#yo#d(Nqc4b3QU=M(a%1
zbN;=~4o2V_GhC}N#L3y9&y8zbZ5e{%i$qwmZRf-sz#v%+b0B47`Ja!nSq9}p@<*s5
zwiiL1COfcCq~}jQcNX2rUmjxtb44`1j@NsG*Z13B<!}l|z_W6rydPfFJ1`c$i-p7h
zETIYW5+mK_P~^}I!7em#?dTxeDP#E75?Ei!zE?&vxqs;j=K7<iFP{mHmYjv=fNBB<
z1FDHYv$segpcoYX_5?de!^Z9QoxC?euOi(ILtzKexB{oa7yvwyHh#@laQ1tc-3g+$
z-G0IlG#^)z`{iV-dQ^PKN5X&;JCrW4=q3y*2>G0e5;RK6rl?ksnyz<iO?D+lgEm6-
zNigh--g}CARIBMRNe^kgEjGS4owsvVfid<+8qyz7jE{f|0oVEBTYL?taDXY0QAk9Q
z+93W}20R;3Y@ZDlf?tFzC5z!W_n-%T2hZsEcOfyzIp9J?_P~X{08IdfMA&t^2BL%m
zO`>RlJz|mOVb-jDt+;yVuF5laymL=S+Di5d=+|}$7X5A#j`<48YwozsDqd#d=2ZN+
zO-!<GW?u;FYmN&Ayc${b*nUC`DL}-Y{DQD;w8ZoXS;)!$APL8R!i;%@B5}D}6SFBX
z621OZk0L5vv>ksxDbQVrm=R6?;_)7ZFem*JPiS4yzQE!<+_m=(s4_G6a98YMBX=<R
z$bjAItOpwE?f8Dp4Qbh-_<66-b7~|xBoJ{>;TV66oMy?(8^d@5p1#1$sqQtwg;6Q<
zidUSxGG21;Y9bf-I9$$t__~&;A92KaN@0>R1Q;HmTFevOnCZK%Jj9cQ!1xuJcnyoV
zVd@IwHk^Lne?C)sJPVOw`=wQ{PjTF8ztD{I$)kj0%d_NR=y|sN9W#No$+@%du26=n
zns+|<<I2H=2ZP1rm{?>3JDP@tHA&d14C&~h4~J=-a!NZ=cIsN8+L#ME84WTM{fjBj
zrQt6P%Pf7q&;Pl{p*wIsj&~~$2Bq5E)5=}H;;Z=cNizRaY4YsN%Yfjb-gkO?=I@cV
z`bR6$0jS2CpMRS}w6D(&PZwc;zp$s;oZg81Av;YXk+CZZ)EFZ1)^nR>Y?9swFfxGL
zb{(iv$a>h6-p)0s%3|Rs=U8^5R$a=hrYd3dP1i9?dH9s8Hs;2UE6mKXr3Z|SDf(8-
z<W1vjLwUg-tj592tO2rQ#_5Z`AwMkDF^waTbU*tvf1?<$R{UOEBSAcg*fjpqYMTZ;
z`<b1wD|sU_XWa4u`0sOVdkvcBw~qk7Uf0}>ISi%u*B8Xr_u{re+{qta)5o{k?OC9e
z<!d_jm#wM#7VW1kqD1rjUbhR>yy{4T9cLZwwDrV<H2QI;9omP1W+aMl!#djYNV!7f
zZ*ra>urZtk6vdUSXy4K)C4T#p+>Zqm_EK{D5F$%`z_L7xz9pR*dRT!TK!ipCy+I^(
z{wdLSwc{~aKNRIZu~VeNQH;E_%EbfsKE2x#-wh0mx^@$_mowlA94fgVG+rB^oN=w6
zr>69v$kX#Yu>}!XA0$9-2nO3omYP1^a}&q?J{v9g#BrQo$?U;W#!`z+J=-DWE`s~b
zF1ngz0TIgp63G`b2`tQ?Yf&-cf24Mg7(M*bN*D)R`K%Kq1t_%@d{jJ!ImOp^&-O**
zhP%;$IO^)hk{0)!qu!93-iNN^32zHo_DDV9k`EWFwrAl)Jq!Pw7yWRe{m&v}A5mip
zO^+MDO$c`DqX%UhxXym136CY1@M8dc;;CEtoE!X~Wq)PE`w{%;EQAd7ah4vWp<)SH
z4U7>)%g@$1t6eM4XS)lX2A)?F8~78|;4=Dj(QZt4b<Akc8vhtaAtPF{J{1FbQCCs1
zYibdrD_(!ZQEEb~D+$LA<$)eHiL3I8{q%k^jQ@X$(bY}TM`$oikrL#yujCvLhl@J=
z$Lp%^?;}=9QkQZvDOjT13LgJD7&HYB&VmO!-|g!Jd=0t6vC4q;<xytCl`2C)10o3+
z<Usf&6KF7U#;MYiAh@iPX!Y4o$G7Kh-C8O4n|rglAuT%VMKQMxD?Z$CO^q)icwbl6
zB$khjXm66bpuva$CB)%svV&L~2eilNb1*u=b(@-OA+I<<{!zX^S~*9Q?RaU;_5f;S
zy%S|GcSOc{?#IQ{;{hp%rv}-5D!fkFjkHJY`2=zYUGvNn=Z)adPBGrz!y@17RMm}L
z`zgue!S|I6W3QOOlMlU^kH>E9bwLnt4{{qHsH0XhF8O|kb#SnO=Wqj9Xo&U2204_&
zJ_v!C1)6;(V-aeUfop$J(@#m^AHf&^o)^;ieJf{*{PgVDYf+_y-Fg&NN}vMmuo>j0
zr2=XForbef9~=sN#sw?<Eu9|pZdN}TD|{3D2nl2CjrdQhD5{?pN;|+7+yAq0rg0M0
z6&<R)GDfR?41G5yHDYn(K#uU0ChVxK0lT#e1pklMu7(29xm*L`lLNYKeVvaNa(m?N
zZi+4@<~eVJMz+b3_)!<f=j|~oDri!9_cX4#+(%a6>DCw{Q)#yy$Gx`)H}o(2`R@Wl
z{Qb;2yv6I9?c$Wr?GJpPH13naVZaChY2;p?3Te&b$n<S-4ay?zyIm5WsRaAHpq<8H
zq}BxfOJ4eYKpj;)*pDJhmKYH<#n<Ha_(#7Tu(-27i6v&OvlmKi;1jgOMcB-rSL!&2
zVR#<&&)R8S=idjFMID3oGE{4H)?`HDnnh2x$aNpD+&6Ozr|<bLhUKHUbw9<wyS?9>
zyiUFfzE~YuJtpzN0;7V0fVQwe$pF%-wOU!!>w!3SmA9xG#Y>YZHqsY{9;iQ|`wJvA
zP(Da}z=#TBN7^HrKn@N~!H*+}6!nYA-{L_69+!<vbWml_KI28_+j-Javq^JhR~OE0
zALTh0xczTacf$a;{{XoU1C|U6o8jGTGVh>m40yzl>$ze;R8@TtPb8JAFspJ0e)Z?j
zuH%B(_dA2{7p3C1yBjV8AEUb=@s{Qmn}1(uPm^xl*I)&x(BHYXuN{sJk3WfI<xPKF
zZ*A@x^=j5|U@1Ggf(qGXl`4!QE0stbTmx@CWuz3XcOJQ$$iw+3Y*jQ2CaJ@L!2vWO
z!W%;jY%6L#hc%h_>HM+opxWq8pzdI$M*e7K$?MAq+D1ft?(cw`hoj`Rd?&m$m~a$&
z>gSoW+de093zMm$#P2SsQ$KaYPS@^*agjgTSFbE|cP5bqZfGpM%6j#n!mGIm3vFb5
zf!d}({1h?XhyRt92LKO$76Jlm{Dkm3z)g7{wt~$%e-PLpEf1f`lU9p8*63zhDysG|
zQA5d-%ltp4t~x5p@99$#(jc7z0t(V4jWiO{Al=f4bUlQEbg3XIA<`g-3oMP4q;xIa
zvE&j93-5|w`MrO5j>ogdJI~xZGoSg)%)MutP;_{C%Q4-*!>jp{a>%>GJ8uuECfW86
z$8^XfLtuyy3(K!4$?uJ;7;By)2FDy^qXyFK)eayuu9G}#^gixQTpvGLo^OX@0MHku
zDL*o!2=mA@Ud$i-IBWYf6c&rjL&i>1hd6k0^oib>_KwuXrH9K$VjJ#sQ7tnObE>EP
za5<WGb-1{5_YUjv=YME5K#KABZYT`yi}+3i*LUBJw0jt2#`QxC+#eYg)UX$%$e;qw
zj2woLq3kv7cN|u}u@M#oBD?5PT6UTWaKyKWKNx%U4OCNad7om?nwbj^3yWR2E?-0O
zRLck#dw0h#fV1B1>up`B>)~B;P9ey16iO=efb|A7aB}8>#EqlLj5%mTTlT*bvM2A^
znfyJG^FTJc!=AQElthqJ{^PINiV@a3Vg50Dw_BTHMS#W#yk09j?S%PnD@-9wP#_L<
z)FjRqBgNOI71qMWW`Y3^;JkPY0X<OkmM+Rpv2~N_z@3<-)<3~$%PMAxs%Om#ts^?E
z@ARnN!aibgJm{zUz-w0d?mSWDD)E~B-$A@&Mu9P!;_NqxVRsk$y$VLRlA}OX9l5hJ
zysd3KfPu6oL9#$oY>U|8(KizT2cf>ki+(?_jg9L<#PAICxa_G0V*f?qVvzS#M4cAJ
zBw3jIdIKNWBva<e&1dgM$vk16+EEF14|(bHaqaPPPIi?+Y`P)60`Ie7q1B?kHt`yU
zR}XpE{~7h>&+@u!%wL;Q^FPb2<$+|c2hXx?^sC6*%B_82)WzIwLj0`JK~9YYV6;=W
z*E!U(z-)PniMoFsylS#k->-Dm?04S8AcY3xgT+>!-@XYQ&vX|k-VX@Wm$>S`u$*Z)
z=W!SuTDNO-OdkY?s!MkLNp1VryP}$5=bG^Gb>__(yEO}<6)hH3A^TpyGI6c+U3IXs
zp!}NrK$vKhvm_E!2E_gIKr2V)3$M|VMd#NAhJ*~PMw$=cDPt~vxy2XpKr>KDgDC#)
zRe5FvQf=lg3R*l*u47o22|AZ=6t$TpjD~1j)IZa0oKd>U#r1;-Z{8Q4`}I{~UI5W|
z?(Fw?=M)-53Dm5N_6+P8>5u;IO$bCr{gnF`UhkbuStmi91l9SgI2`%e9NczEV?l{k
z(y<kJ4IgBdjDC}8e;Y&oy!~&g)<8?ppi1<NFrW*V<vf-LeYvbk0DMkIK1zz^rJrur
zwpw`$XpY3gZBqwnxJI9kiDm~dmM~tpJrCM&1`dhKW?wQwMqI0)^D7#ASLNZeX_gfe
z+w;5XZxg7_m1fuLnQUtXkx2>s9+RzN&zd$G@3UkcjkfR4+a1gbuSb)})L1@ccl~O$
zC!L6OUV%jyO>SwwOSSmRhDgR@N<P@gj}BBB^$yX9Obc3BIz^N~vgI^~v&-Xy0Kisr
zuX#HTX68UX3t8KSWar13l>T&|H_5puzg*c}>D{hsc2<G)f4E0ecl796Pz|?N><hOo
zH@kaf99tW&-sK|Q#WIn+n2Jz5Df<gk0p+BLJJD6Fmah^!N(n-P->N~ZGe9!zWxgwF
z9eVMy_wfHxNQXY+`ywGsCOg2Z+$LOc^-+P<SGnw)2i5d}>y2Pg8D;}pul^w1y;j4$
z3$_iL+jQDDsxbU+(%eYnHPa<hDPbLTrR@4t>Z&f8CKGBn@eT5jV{(^(SfDCW+sj*i
z$j#qY!M#RIZYVCPABqvGNAc}_qz?Z^DURVRvY6`oyjohop7gu2aRe}qutjbrlt|{k
z&D_bt+fiSTr<lns+(QGC3aU+Iva3vIF3lDn4y12QL>^|t;*Q!aOEMk_Z#71FVnKCm
z&;7qqi#CDk=31M&w}>7xrwiM7>gVHukXfvLiERE3`&6kqqmAK<?!xDJ-ey}RrR^E~
zrg9ITC6^xL0n@I__l|dn9=87jkyU=8m7*b}CQhD6&6FZFW8<02Ztppv*eq53vYB&y
z!=-WNlS_WUF2z9BxqDHNs%7MlTty8LSmjYoxrwGCp{zJE#?goSOlns7rna;%iN1^y
zS>sf>ySk`U@!m$hT`N(DIDR;ltp?IgL<rojd*~*#&m%)(va?uSq4q#R^}v>tzKMWT
z?C7_5F<`Py<^ujSSZrl(+ZaDq_MX83_RD)m*1msN;d*o&D6M~OW#W*!S}%Eg?r_y)
zDrk(4Pp{v<?U!SV=J4`)llI^f$rBU6_4{g_RN`RfU6S&Zsg0bkGE3CJ;f}$#$4b(N
zPArC^ex}F^5uuGPNd{ld1}RfS10B=8_`bJhQf^75PqH)k$MDH8F<{`JY1fM=5y4D|
zSlHh?GbtG>ey)>(BR<JrOn&xmgvT|_%T#xvze`OVY}?){e@Ergk5o$d+jmo%Ra76P
z`-VA*Bi}!Hwj~Z&!1pP%GaJnLiqYxUJhL9?{p{0m66BQYtNfeswUeW_lYAcT2$#69
z)ETbSL8dAOVDE~&f$l>GNf%)*&GPgJ$MKyrK_OeNIq#Oe<3x({)2r*v{{42TfVG*j
ztCZv~KH#zYSqeW0j38th?SI_i*cOon(qu|VeE@30Eunqp%tp2K0Awx2{l3*l1vQfi
zCXFK^1G**qf8VTLMvu4uJ=pvMSB<Fd{JGv&2lyze@yYxVR+WIwtKv(!Q&qAtyIRa%
z`>ws5@co77<L7&A{<^!v?QVi}2Ibk}f?pUU9hpH6&p%IWdA={Ycomv<d5ysS3D9lU
z)lgr!hTB~8;3CFzB&ME<e<#c+0*ypuy@_9VwAHWUgu|dv^(I~$>9<)M$mP4OSZU}h
zYZo1KxZhBVyb~d{&s+_u+-t!~^$YuVhVL?<Z$19Z#n>nikkOx+xES^nRM3v4nTE$8
zfTAd2d5^WYf@6leD?(EOV3QDqVY``EbF6PD^_Abz|K^BlJAsD$8wR*D@KcnCTI!sL
z-K(UD7)8VOT&C!BM(pFJI!I!w$?an9E5RnX1HWeUesx|%?uoB{)rB>@455jvmlT3~
z?VA7@o0&roJCu#G48K4=$SoGhPFXK<nYCx?U!6hcfVnd5htu%O(#zDubI)pn$PNy(
zlSpds;tLb*F|5(&h$8epkm+M1gb}xgW_8g?`DF)bZzKKHjH?1QGISi2QyMSCwB7&$
z2j7_1JCtF#*m&hV))^g|Emb<6jjtf1rRqs(IG-@z_SG@eoWN>OtlVya?nef|+^yB{
z)A+!5am|$I)xpwXmvas-g$KCp_a0mKa1pkHBU}m_^vg|l;g_7EHMvcA=Wd>h=^sLp
zd7%n5C}LAoUST%}s)y1GmuH8ZsL}{I>q%Su#D}_oD*EWV#alB9PBMADUM7vuHox6(
z$k<?w2bTF88`SArT!2<X--!VaKIH1j$km}M9PXuwZ`m?b-(RNiRT!FRhtt;@_TxiG
zW6o_5@_x;Gjy>rq9mN_&K@C+t(~wk`ycdFkCSC<I=6^gcOt@eMO%-$p1JaqU7nT2*
za<DzTqi7UxK>O%sW?kl##9GO!kBsk#*iE6okO=6WN3VY@!qGbY>56sB{owSI?ldA$
zo=>of=ZVPIN|~u*z}G)d6leH4!4kAPQt0gMkkq(cJkfr_9sMOB2~pW7B@6f3xR|Wd
zFk%>S(b0a@1?{W<yB`64^><P|ak0lA59Eof$h97RFE^wmN7c3==?r5WAfY02wv+<s
zsLjXm|8XSUXXxWdVFIT=b+T=_^Ijo^i3Q|~1*&-L1MV{I#Lll8ZSk`THul4icU~SD
zsSfpB=w++f*Ow%bL+*+Q=R9=<y=sG{#^+5x8Cw)PdUcZk!Re1)p{^~Xg~lJ%5#>JQ
z(~~nSE?CR`UGfU&$QPhHoQ{tQpP`ySIeK+_E}9tjU$q)iWMpmn=W<cZXCqJUslKtT
z3c2Lj6=X*kyo(&n{kF9yKh$Zq3p25U7gq=QU3DEz`>#3Z%*Sp}7{%6cy!Jky{1K6^
zbu1$YTZcYIt8Tw^@YrVUgZ9<6-jI)8eRX$If!Da$17*rftfaoJZMmA60Sk7e>bcKj
zp*Ga4p<UlFGR4<sZ&7}q<iadk=!g359XS&&Td8Ul@Kj{mh%MXQ<V<l*(~8bOq4twb
zv8HqoMXs2iMB~KFoS!a~2wQ;S6s}iELy7{jl8bYIyr0Ru|Kx_ng2deikl=MzUB=y)
zshuZ=l0uZ(-K6AxU_K|e&oHJv4a>LhbBX4Ue$>;+x<9|EEhNrhB^bMne<-x8NAx{=
z?%ht?9oikDIu75j{Bf{IXx(aGP5KtlHd`AgIf3apk(;C)?q;5v;`d!I^sZ)}R(S92
zi9@QyTrD-@eH1|A^T2wnrr;;MQQ-P)O3d0>d^YyduY0jj5yy-?9g@Y}IJRg~q8yaM
zp%M}EyD0-?_SmyUkYSU-rYS6oz0fsBHZF~u_H|u}X2*iqOc-AHQK2gy=rD6id@}V<
zNdwRJD8@RP=U#eO-goSy1Twy4PJ*!atG@YH$p=E}{Pf?S0Fx8#PW1m$x)E$rg2{#i
z^J1<@9vu@G;_zbFfe(L(;K1_^wq?9W;?hpt6t%`d{((_KH6n9exuI{oL?$91X9-Oo
z&#c3OrcBDV5b)Q6O#wOj`oNSg!oEHT^S8;*&$*q8?Nx&vE)4b=LU0!B=kr)xbm0T<
z=$!fiB#o=tqT>{arcfmp^2f(3C`0x|q6{cOsL{*DvHT>k2}Z&v8ljv7+Wz;jc`g5?
z5%%})V7@c)8Gl=9rx3zlVcy7dm#8Mlc$0K#csw7gYTpBo@ve7RWKTLp&!f3;lCX3N
zaAX*C*^^upB3*a6)d<~QwY-?c2kxmOFEdJ@m*ym>SR6>6(SJz(NZLbj8=RgodEfb%
zQTIV=<eSvfyr$ltsw^G~S2u1ZmWc8km-mo@q}z=4B51&-Qvmy?z}@_C>>_ht$f$GD
zXc~HzB6iH>ZK@~#4)u^?j_5pZ%RPqZ9!!|(etFJSVVmDnFtE2W7(KRUo&UK>uB76H
znd^m^z9;t3sqn_jp|{bmh&K6uH=PWg>e#@)r0JilRr2x^1xnFQ2VwJ4DAfc$;uA>@
zxiNADOjXSAR6IN!zM&yNHB8=Nhp4kuy<G<(=&aSuC7^E|kC%#fOB6=oq4V)H+^13+
z16C=i*hSp<_>9r9lIGVz-rkM&QWd&pS1{+qHhQ{3?%|WkmXjgYy_%A-9hH+K0x}eG
z4hfNs0>Z3Azs5OlP{XO~q7Uc@`f2Z~3YN8^k{yu%Cta400=IYnOhz<xlscw9+FH(O
zbJgS4Io6t|$3R{WqE%u3s9Quf8Y#IIa~&oX-s5n}7kD@?e+NgZ$`WwKk+k|`jh7Nc
zGvX!5@e`adhULirV-52d`Gd*ZX`V*wn8eA17s7b3MO4RkbJnQ+4oZbb6{-B4a%y||
zt)79BUeUS-T<#ncY+9!LqC?{$lEKb|=b6hB+rXh|3Sr3i((lrvu>pH*?CjZWx;-;Y
z;pd`K3~MwIyrERIsS}<CKQ=1Toe69RvC@Bdhp{wweV09TXlfg?^4xmM)~^$AhZrq6
zaTJtFEhSQ&c(Vna*nJA&sj+xCLc?y)RgXwH2jm8P3<OFEE=!ejpD&Z1P=-t?-F^op
zuQ_u&O-dy_8WliLru|%L)vN2`g9^0q80Imd?lKP1>oD>g>?oe&{s@;0fko?FSLzP{
zH1{tXg8YWFbz~!i_W)yO|0tC~0|Km48QPXo7TBGArPfdH-~0*4f_Kfe_<rVFD<vdh
zCRnDGn7^V7FI{+A)leSBbI2d7JDG>V`ryA}AMhwPw<Y*Jo~x3ImZu5Poq_Tm`a9(h
zudt&DK_W#HKjzEK>ix^#=U{<J9GrmKteLZ*(+0!6Y}G6t*kHsnIrzm7@P+4(?bRz3
zC#Tb=9r0zSz6XzB{2<`EauT*WZblvp=N&Vf4^m;oFb_?FztEONwF@P=VVxL*aee_r
zr0?&`Jg0VvvOf;#kWZ~{NT5o#NWk=c?{L^kkHI5@^Di5}hk=P<<0BiIRJ<L^=;oz%
z!sw=UplA?4iSdqYgFg-~`gqT?5yG|gMLf%KRI_!3<9Rz88C!i`Y&29wRf1;Y0=7$7
zZ#S<zH%mpEd#$<AD=`gQlc$OZ1@&P8h(2E!$R%;uSh0B*^n?(cLF1cZ&WOf@V}YId
zh0{`=5|k3nh{g|0AX~){z}!i~C}<{BU<9?=?DL?;C&G6R6xUhQvppSb6bpGh!l^B+
z{-l6>;ncC#)qI`|E}4Sj6lGgW+G8EPj251=EHT0j-PFWAJZK!Dln(za)5Br)C5oVe
z@Ehu)`T-E1?ucF8ZwRfK;mEv%vEdc*M+T2Wrcvhac4iZ5pbc(NM3`!CN3W%@!LRLP
z@=`O?Q?V!An1zTGv-@a|0J+XfIZRIV==Wm|xj$cI9T}|TCbl)fC@h4CZ}CPSx)5*u
z{dA=<&yY`%X-fQNx_=f)`{eU84?d<dApT<XBKrcS9{bHRd{A}`Z9!8NOKULWu#le)
z`=)@U$V*3QA<DzFA)OfB^e!L=vsbICcHo7c+ox*mg2Ft#D4xDADa1@@G{C(SMc?D%
z!}!X}p}f(@ErAXp7frpRxXvFIo@Me$dp2a(K9?w_y)2n?8UeIi3zCnYSo@|u`#G~S
zmTt7?4KF=3+ADo_QvGsI-aq%r96UA@1rxQ1`_9BTvmGAMk3YQ{M8Ui**jB;BA*gFq
z6=9sqrA5i19nLTKvoMLHbAejt%Ut67wds;=l#KtvohCM=dGK$1Ug_d;+@~$N6c9<I
zk`p<vXV|u9KRqhwT3q8?Y~7mkI&j^!YNRhnj^R94!0%WsHges|F>4$c=T2<o!oqd+
zd*JdlEH%xcLM&!o`J{`?u}<qiF?LtC(4f=<^LH8iT+qD+(49XWDA6S{d}vp!g&3)i
z$i|>)h4Fr|BP;ueXlPjx8P;{LSlt>c%hGuqi(!G87d-l`&7zYE<F7UMnG^A}F`CN-
z2h02(wI^ER+<>l}SY;p7u5r3BZLSA-KLAM}e?#<dW7+%gq+5`U>WsP*cP!S5!CnAE
zIp;NYFQFp!C|#FCgk5e=^-3?Kn$3e1wtN3h(cFsBJE+ocg{H%|O=LS?ti0peV_iaB
zw|q=0Qd-6+7xShgO?G4U{}PW5G5hkAi_zF`xXYs(2uK1m*tK2<43K6Xe7052T9+r<
zWWhGS3MT$vrAMET2x!^}$7VoEQ{J?t0*T=0l}cLuib7YsBXvP1B;mMG73$htd<9=k
zsE~Fo-_9~I?9AZaStIsC-BZ@S^1D|#>7j@%ny}YAwVy#z#7}<`Kk4ws?we)ASm4np
z5QK4niXJdZ(SFcMHGh+j2uhj<aJQYA$}RZ&CJJdj{|dkd24jk@ntB}!cox_BT$5RQ
z_%Fy9i91hk(dAM*%6zoTyFE>$4`e8>k2qcY_2;-&POxb+xPb96{1zm;1$Q3*K)gjo
z6fr>QPDVAnXXX)#&8UohWf)yW@6x1R&YBfBmuR5ITZzOw2%gmPXJFlw^166|3<?Vo
zZl;9>Rr04oGR1yZ3bCkFI#u<BvgB9|?Cx3Cv}N}#MF{`xU-vS)2zUMc3`L}2c2(4W
zy^-bE=+o3NM<ZJ=oePO(^ADOPi1Uf%*Li453*_^)Z=+LZ_HQx&ZCw!0Mx%eAZgL3M
zNU$VScxD1Z{8W&M*x>L5m)eWaU2_>NtQeCNLPQO3A7jANlqbH;!$u_AAN*2&K0p?*
zKiyH4MRjmU#MOIUu0X=4lvb-OKx$6NL3w(c@ZRM>pG67>MG7ZlaNmKc{g>`4L(d_p
zKB1O;Kb<@}!Pzc}H2x86B7W=523)w|S@0YkEHTS3aON#FQ2M@PychAT`SVbjoR=U<
zyH#Ag!}h3GKL0PQKOO}@*2I6=v81o#ydUI|RINrw*e|weu;30eInzwN^k{+l#vI<l
zD&L^sLwRAj^TK+r{Yzb8G^xKnQk`PJ{6ygTsNS$tI2!Uadt|2k!al^kctOPsBte}2
zI<v`{`w?MtDM(CE-@wE1T|IR_#^aRwFs#l_9e`o%`DC(~b|4aIG1t{oYX>S+)unw#
z-fV$kac_ll!M?QMj$z*+OT5A8IB!ZKb~?E#5zp8^P`Wufb`ZQ3?WzRR^vv9IC@zQ$
zt0SDa7bLzHsG4#1^;gQF{XFEECHb9c#Fm>ANUHg(cDgGF65G;?AT`?H7X!or?&F-y
zpnKQD_|vB|?KW6gb1&b^EI{$4x0W!aGOjeOFnAjrX054H%}Laoe=E0qZsNR4`HlYx
zHVsmFRxLbaMrh%QoT$q>RXdO5WYVGvZF4_LMkl{m$34Iu|2gaGlVoG)qDW$?O7Qew
z@$XIy>J!TO1ls(qdPZ}gmW?@}wqTzbA=%Oc9Ogizo90h}u)D_t=E6aWcBkN+>ttj8
z*IHf1IqnIb-9xzV5Yx<V;tIq?da_+&uixFMO_cuiJKi-St58|IWmddlPCI4N9}ZR7
z`KpL`jxLVu)v~_!zASEuPFkjao;YzCi`FtgmLL%*-bU*p6+~>e{G6l%9=v(?i%<b^
zEDUKh@o>LB&(3^hw$kf&G?sy}-?YDKI*2J6d3}E3TSOZ2cts^(j6ZCVzI|rrGlP1-
z@AS}!BAEyp4|Zk|HX^Ib1h^<^^3^1j^qbv31lR?obPR7WB`Jy}=aP7tZ?}6hG3QBg
z=qixgZ@^^371quDrgD$ClT!L$WEMEQLXnPf#b!i8q=mrT0{cBPWd<#z4?{cj6p9Ub
zV=BB|ulNqkD=l0-@ihcKt)Yi@K_caoeYWSoG?WP)%NBCWRi~&-n%T88v7&e;lq4Lz
zEQMIuBzx!3B@9MvFVw~Apsw0bzN&q*>)B|qD-M%|vN120VhkE*Kh)7JO!0e&#sH`#
zk!hwC_sHd0s%AWpTozv_b+P%)qD=Y|4ev3J5B4oiGR0i52$0=RK;oqRrx0;*D%0|O
z0?qTqp->h3$xJ;F1-ysezk0c+&k(5#zKw>LMpzO2ig!{u@?Y@T7}-@3{lRAXGnQ36
zoz@nr32&LW+MbT0mM{ZqWO5d5wRlhaiR51`Z_7!0nTm8;-@n~OXDn;vvQ@}s(Pl^l
z)n-mqN)sLd&2!T)5Lujs7i+fPAUhW&DqDd^9t+s{tudIw`Av}2$!vD0=tddawNCYQ
zoWuqpez%lou_f%>f}(sL{~byyZGM^*8EVFq%w$T+BQ!z)+i;Yx*l<@k_OKDIo%mf4
z_sh^%vM2E*VkksbUjGY$Xn2#YXW=`4LLhN)p}i=YF%CiQVS8M<&zmV6an`50vS+(4
zd6)-cy{|&bd_MNi9UuQ{fwv6u(xpnqh!{|!bavJ<j*UOG5<?HW0r=E3=wZB=n1B@;
zCEihGLXMLG9p<O4>5&++24}-GG8sCGL<Rqy&d!!wfRXqOtHnG();yuu(cEbXQ>RMT
z?98(0wN)<J6-S7S4zm7oH*CbW!GkIO0%4nHL7SNbhM#A4HRPV<D0wXP*PJdRWTzIz
zIRu}BjL4IHbVv(0ktMt3zx;_I-f{<JXEY9F#Ru`1TSAs<+AN$dOBt^+qe0lzf(owu
zf<5XxA3Jz%v-?CFEFRMUS;~0i_VjAW%~-U;Wn3sUPK+>%9w|+P9?DK=#ZOk$b40`|
zI)UTHGwO7&=U{c-kVuH6?4Se4kXsD5*YrCWpj`IUNoM@YAlB|#`KK`CN7?SFfaLmv
zx3`!QgC3!OT+!;!dk{~_{j{}Bp@8prBtK3X6ul_=FZW?4BwVOJ3wNVK?hHMvgJ@T~
z{-LMN`IVL>#*X$EDVGVln4>jlIR(9+QL;xp|9CnyTDSVF>ZM0$@SpZ1d|#104X9x(
zEF>u88Y|@+CmJ&l>-(ZodJV3S6Iz|t_3+t<DrO?~B}>i78{Pt(e=Uuf;oq#KNm+&S
zagf-W&`L)wp%-9`)>`a6|GhWJ3I7Nm%ttk4xEh6~xJJtScv^mD`wf~xES_oiSvE3z
zD0c0uh7{H3=lJRSUQ2jaH(Rjbto^NHMxn|FxX`Kc5z~;H{uTNqSIMxCMzH^#RqJ#i
z!8SXEZ`Qb;D;wqIZTLJqLAiY9f_;U=84J$21z1hXrd`8R2(^1`2(=Nwdrs%6S#fCm
zF3L5(vOmSla@2L^6y^egL}@}NJ{nn>l{hoPcbINxTy6Hf-tj`A)52g-0p|1>8Y5zx
zg3bN01rZVT7+BOs3fts3;dhI?dB~n;)IGi7yU_2h-6icKW5v+#mR*dHF|KSQwCpDn
zDkb8xFr3BK6qeTuo?XCMyZcXLv1q@7IaFP`$^N8;&kI*V<fQLMC8NG&#Vt}a;KJW1
z$J^+_ieP!`3J7D+65wv(cSs?J<{aGf3NRYhjFQiHQrq2p=Fj(8QT8Ayu-pU5=1hUh
zGAa9)@ffLm`AyS0EN%sO7JrD_SmZyb^4O#jy|;LQ+uAN_>-R9ZLk&`uYk&8nz$-4k
z#O)8N{wyu;Z(WTh3+40h9{h*0#pQ!*OF(q{9kCPCeF?+C6;meN)Y|(fWDJ<7OE{<7
zP}YQ4eeTo4Jq?<oHTX7{C*yno?6_b_{d_Vw$mC<y2OTM@y7!p}o~*6<OXcwxM*%uV
zLr+3}Qmy^%Md+Yhd&bk3Ld0W6t6;$i>o*H|&P9+Hd=UH<lGDc6!yK4D1hoY4j&4Co
zoe#><1K~GFP%_|kAjr<3o9fQ1cBrW#QeTU8+T`nP3V2TtKL4FgVYCNXv)_eC9fNQ<
z{T`jopriZIn%BecQ;eG2$7DiLKrcc*^%%@gaTD4dF<OkxL+e`JETHv=SQHTAREdxg
zFXw*j)7W|u9t7kJVox)ptfAfR98*g$E^_DYXnCs9{sOb%&J%(*cjlVc9L#lmHUe_5
zKE1DCGX&yk;{Dn!#XRb>qP=~8j??dTE><{7V47{1+<pDXz!PyX@fF|oc&XJZe)y7w
z@;Hwg5A=Z4u8;6fzNIf~)yLhMYWCD3C_)##Q8gP?ht4;RS5S@6us2zU<>7=P%5HdP
z>i>G3a<Ed(+-3XXiyfzj<QDnycCXG9;Sx?5b8p1+cHvttgbjTl6t{*dBZ;^kGJWj}
z+mx?7$QGvflOoCbHO@gqIF8gqwBNRH>uks{<^HWXRUM=3BhBed(^JhT4cS6Ol3r0^
zZhh_6U(H~#Xo00RihK;JsQcT&?`rR?*~kK;=h}1?>NDII6=U<&Gu<EeQoxei*OsRg
zjn);~0o}S*!~QQ*PCs-n<5Jn)TPvvnsL7m0D;FFIue=BO=%n7^q~6bO5~BSfhW_RT
z>x5(A5wTJ-s$vHZ(XQCQMY3#zz#cgnZw;5Wmwn&@SrRPf!T*a%EO;nwE8!^jbtgQO
z81Dk6u7YWn@mNs8p#1rk9H9A#-nyjUUTW@{Zr=Ho25zG;NDt6#(;3^%gEW_QF{~|Y
zc>;!RLlfTmxSOslSUGFXYRwu{JgGnPT2VWRiuU+w?(N|*wf&*jsd0JUy<{=sWR#YB
zz4dXEKZuh{uB?Lar2)~~NXg}|@n=(3sF=jJ=f$!WMNZWPn+bVdy3p$P6`(s5$EF7h
zif{m*)~Xde<$A&+J-UB&e0gP&vRj$A_v-%2iMd-K+tAXpYyZa0lqZCzJ`5E*K@d(o
z%Y$Op3#<YS;a;%@y1my@DwD_HOOvexDewAe&upH1aulT6(xWX8F^VcA$pka%r2cl4
zVy;~wxoT>RQ#%3#Um#aPM@<Z6#aKR&TZC+8nSQ~5`&|*g5An~;L}RHpgD;-Bb|aAc
zu7F>>zv6dIrV;e!EtYmv_12ySO4FT?W%wmwXCLCx=am`Aer<*N*zZ+*flL5&Z*q^u
zY5dpIU%QX=0t`97G#M*xkzSMf`+s$oI1qsevWjPk9sz$s{u94hK*#BzHj$HF>I3o*
z?Y0g49b>c&yP-)0YHzNNRdbo-{g*JGsB@{?;1*AK)_fd(iOhAscOk12^v$dj47z6t
z@b!VbsyA7Nns(O7i$?;kb_m$QZh6<9Y2dZ^-fxfnmdVt1W+OohCp!Yd8}wymMZn!b
zYYM2i`K%dK%vI^jUK!lgTMsceF*VO57wO)KzI?d0f1AC=NG$9R)42QSn2dBbv3{9H
zDuV@AV*uX6h8tA-_$;AGo3NpIC&eLmE;*RGeY11@V@(Jbb^r`6*i_!o6jLje_}zs2
zlvF~bbElBJ{q6NARn<)<4UDZ(Rz2gjP9aIilyOU)`=W2^`a<ugW=p+OljtW`E#!kn
z_hh|pD@Q^M(q5bR_r;3K?bFR<$4w4a6zlh!=A!zSU<sTwU!Y%#pUlF08WlWKbHRHh
z;4iYVO&23Ui2fG8NrI8HH1Wn~x?28-dB;FTw;@S$znB$3vrK{GqKH2U>raM*%np-M
zELpf8B#5I!cp4K2mpFS3i97MP56`zen#7fNv$~Z2hj-SoluT7t?MCE4)LibF)32Db
z#<K4iSX?KT?kGwy>Q?K4HzBxE32$+T;vZerPCGkAu+1euxGuVQxx3bRAzQJCXfgmi
zQ{2+C481Ra-;T%djEbs*%&N+Pm1fvh`>73BkRLd?f?J&}&qLJ(GErY%=Q4#2L$Ajl
z?C*t>xYs1pkZJyS^r#TEogskv!uPrwF1P{Y&OkeZZGZo$dL}aLGR|$nhhABlVwoE6
zN9fbCpn7z}u~3Wi^ru*+aX)woG>KqWl`4^p|7x&#wKCzbk?@xDm?m+wr~q?k{k4|r
z{{qjQc+~zBts)55U3xj2k=FLceRRXryYvFRiV`yTYh%sFO%eu2Sgu5(-)+o}+2_yn
z0;`%kx)y4q$DSSq^j0)>fzz@^2UXW`^q4WMU#cEys&$5Y6#(bvj>rHlC{S>YT<i-*
zKZTIyD28X}Fq1ZaaPDIRlb;SxhsGVu*Cukhjlem){r_@dd+Uuq@;roa@d;>7eb2ek
zv`lfoqJi5>n_Otl2i-l6<Dp9%NcXBmQMp(Y_<4nEozDw8TbS(pb;q{YG5zurb(A@P
z{CroT6OUoc+{xN5{BPu8whHI&z%x_f2@uB%{XF2vDpwr8ge-62Ykb;|{urT|g&{~e
zZWaDNHl-Uqocjw&qlvY3Zk0VVm?DS~S6hM~AK4QvLe<>s603IF2(JuiM!o(8lc^)c
zJ+-r$4<7@+rPuUt2DYx(8`;6T4R%*HBKwjUQDPOk)hIBl$+^v4(bui-SkFyIMNARf
z$;ML7XWK_leR^wnyuCcv-N*gL+)nY9(AUnp%|1j52HNG{*!2W<NMh4H=D>#`$MTwt
zM+R@-R4S7O8rtQsUOD&rB-jP*eznk?e2rE>xp@=ffSZXoBJ_OjFB@giOc<I|9&g;Z
zFQv%~m@wESV~BK)YMWlV1{$<bT<p4(*)A6|Fqmd|uM28zWS+MZXF@xoDiGZZ!KWK_
zB7m-`{_mER&GTIC!yQmo6dxGc?R-jPX~@9rzd{(;wmr~If7769+SQ$v=w!;4(AcIy
z68b%kuhW-qL)$xp4E{p$J{nnyx(FIKkg3tmxw4u5dXy!AV{D~?e>;9LKF~C#9apma
zvT=8yd3Ouq_#I$A?rG2nI0DZW^?(yv)+wu)fdx`Y@9>?!_4+5_J2BQrPf(|7l#{<0
zV{#tBdNO~gQC2t(OiS;p!qyE<XL$d=e^C$2!e<1>ER}Ns2TydTJhIX*kW}J-)cEc(
za}(zZ1A6e9*{`vkOyAeVGYkT4q=Q<QO~y{%Yoc=<<I)ZAH*t~y;DBefSgeO%)kJv(
z$6kme4rY83{nO1z``G!>4})nX@@Ls9AIptwpKhrNha8XbWcH>Vl*XkpeCK;iLQnQh
z;y^7N`1HSg<{4pXeGF4MSJkm@-43*Z^V-ekT+txtrTr3d*m=VbnACXmuKpf_mf=^Z
zbQ)yo!=6VH2mZ(}Za;VAGq#SbXAp&{rPUA7nVan(GmzN%Val$3nuJ97UJq?`sjIhy
z0<@6(jmaL~>|grT4{z3nvKHvYUQj1jrrc+-xIeMIZ^2|Rr;rrM?n-0!Qw^8o#E!D|
z79qJKP-=S%IqfLwu8QBhKGpvS)K*<Gb4qzgD6elGFC%<rMad^5cXQ6U-HX<zA{wh*
zEXye_;TM%b`$4mN4Yp<Ro8`?LHDESaemiO-LM0aAdEG2R6tUE@LkVUEpgyx%Pr|%!
zQsim6FmEc%JwCJs-0fVVn!W0$_!EZ4qYq2Mq$`D1oD<0{wo|G^(H;Z!E`(4wlsGz7
zlWRiQIJw!%_=O|vh<m2lvv+OVCA+No@%GBHvE9$@ap-Z^d{I0oyz~iI^X7~%ywsrn
zsq00<95+qHM^oo<3@rUUnCGVl4ef3V>dBJ8Mh#k%gfZdaVf|b&gPZr!;NlkaH~HtL
zm!C_l&%h{__yve=vw9%XU>Wc7CW)hV<k?TLSm0(3ZjSk?*%#P@rYYd?QWGoYHF4D&
zHqDQq5M<kotSA-c)orY`>_<84b-}sR{E+x<t@w}-snIv95#PdnepZN%=?SB5Kt~a_
zk#qh6DQ@nWE$utobjHnlL_v*QL-Ltik{e?oV4&R)(xj?i(^T$Xtto{^R!q>kwCgrM
zGmwXg1HvZl=4nw3)DRzZ!#un3zWA7w3%xuoDViu|TF)N(_P$8G$9Yoyw4Wct&VHE1
zkn$+)^@TGn73SHkh@q`03rG?7ks`J(+=|#5tYS6^sb<as&i%GO)rFWciqN*2o!CF|
zVzqX{EQwg(-L;{dWClKxBI@|7ZV1_ux4cy;7S`N(35`FHSo%(Bx0Rr`65>5sWT_!!
z{B5^m;4%5}I_1>uX{*{tnd)_k+|m4?mNi|MyWcMO774_2UKd>kWWKI>crEKPK34&x
zHy##3!!E3jk*_1la+Fy3OuXK1c(Lv>U`IKcm-f!z-0t~bUw>iwoV)$AsY0-yFXd`m
zy!*#qQELZt`l<#O5^{<lt|$=#d6e-}-opQdoq5#46bQ*^-lOy%75<A6j(4S!-X3&{
zn;bgtl<6NFKbZk(9s{_*ZUuCd-(!r8L3ABG2<R&<yKI^jw#~fWuO9mJeI;8=f@H!e
z?o&|-@={Oez{PGbRAAtMu}S&oDN|j+$;asVRi55Ki^bN<%2V(<%=Ta}5|5TD99~Ef
zW);ald_(&?a<(d&g(o(}NW-Ielma&|IQyehJ3^u!$g=`tW?}h}HrjG+ShA=w$Nx|*
zbw?8FFjDwUr0{VMpl=z<A6{bP5=NlOA+j&1>OrOwW#Cq@aS!BvQ8<15sh-Q6mR+=G
zUe{q7ne>rM%u1rv_ecvc5-a_o(o6JtlaNfhJ`M{vi44iAXCH~6wB4&rw$ivUc0e+&
z?Zpqz_ha7>`D)>b;<xCvf*_$`=c5w6?$mdEWW+YsJ|iZl_xn%?RAx#^${pp3j>lz5
zt-8(o9dY496}Hq(^J-00O2;NFdTQvY#dlKzK+y7^nhcBSYr)&a<(J#M53=cvH^BV)
zvmw~Q77|-xOHI>MV`0Ee)7UlT7=Kd#HAZpD_t37$1l8|3rr{Kl%l7QYF9L|i#qTb)
zWm${07v2Io?dx@P9q#4_#frK@o7Wt7|A?2!dAU#MUms9Bi!gsv;d*$KR?{@vX>^d%
z{y->j3;ZfP(?xo2e{4i60t<HB{#F>4a~XHd1;EOiyS&A?g0KP+_S@<i>VmYQ65gzT
zt<9spXmZJe*)SvMk)fYowy@`-FlRh<U?dXuCw@gfYcT#}INqjnms2AS=YKV>uY}l5
zmme`0kcu0*RowBh4q|Vj_lqCcHu=gY1u+uz+at4PE(-vx{4tcAvaN>WE@c)IeV~2Q
zH@;{~qi=dOwWb$moC}v`O3uDrj#{4c<F6u5QY=o6yY%Gv@k_Ikjsv`ox2Jt&5Y;hd
zKB*?}(FogMqnW99bV~cLI7p#z;p$@PiyaqFj<YOIrK966X7PYciK~b2Icq?!q2s`M
zD$;Xfv6k-jL2g!d2<(Hbrh<EMpyfrn>&D+h$vi(}E(Vn(Yf&_XZ)?-{h&#RwB+9aa
z65N)k;OJ1U<_F%2x?Tk^*XO<MhBcFAdwNI?X1|iem3$HTcJ4p`8;sKAP+e=l&NX_w
z3y;zdd+zZRH@MFS0LygZ*#zUyLxnD&5xJ5z@&SQyydubHbX6$cf9;F`c&)3Hp}jcR
zTpGFWK$@*dm1>3=qYszgzB8a7y{};@i1>Ko$o?9y_11c*0F>5M(3^$AUjqVH_zu1z
zCFJ0PL3W>Yx+?V<W)#mlSK)Q~jLNC21)!1Ua<`K2E9POqZ?zVf?W{t7wZGLo4EX)@
z^i+~y2iD=^4j$9jYc5v4wwy5u&XEZyF#RC#Tb}z0rfSkmb~+3sUh!_*WWNHLa>Bx7
zuv<51&u0X9{oKOWZ;%Z>6J=H}uXqaSenxllXXm9<n_PSyqKBg*OpCmZBO-uu8t3Aj
zG!b*3TYa*>!&|7k{J2l6`zg@eDV_yXytQ~)yu$|7JXrjm{pREfq)x@-q9{lkPm^IG
zb~AhNINkzG+wS!Qb>>{HG$7NB{BE<&t4>EfEQs&L=SBNDxo@uPHm~t!ZWUx0gffFv
z&~72{i|gBES+So;^CNR#>W;ju&wDM)7ZCW{^mI<b-ZS(|+q#!u&K`X{d~62w)2%o!
z*c^T-XcDyBG_qITI@%tpzWJ3j%%3m#fVV*Lia_=FWB~bk*`L{_@vhINaWah=D6l9Y
zN8e7|Rb=N~EzC;L=y`HP?qln$2ZoF^7d76}PcUJ(v8q%G1$Jl@>ZfCqVsNdeE0JMF
zRw<e39Pih5(XnWJRnVKHf3*6_z8U1<UDUB?3Pw2Qai<W-q6q?sdNM7cN8~?~I^-uS
z>tB+7r0}I@dAzQ97Y(go_xArsYYYC->#97X`N4#Q$VGRo{aiOBSh_K%Xzb0=FR#`m
z!~T;G2ZY$=b2$^T{;~@M1e0E;HpfyV3+{cJn)q$Yfp#j$SmgD->DA_-0o>!g6DBK>
zIDJiBHh}TOaf!$7+rF$`1Uzp0W3SLanrLzkq=mBeHXQQpqqO$AMlK*1w_GsNg}DXk
zwzQ1Wr19}+o?P)@ry!K|16ks@R|_Kc^|v9ph-tgJi8@#u7}4&};h_@O|1{8Bg5AIg
z<X^YT)xO07nW9ZVbgWs+TGaU%rpU;l(UIG4i#YkTO^f5|P-MxKCPYS|h&$7erFh7p
ziQ*j(1${F)rRYCt$dpW}mqTL#n!2CTkE$wsqmI}%+Sr~QG-S6DBq4kg!|y+rfrfkn
z^<R_w72Rjgj>o@6i>sbp`j-^b4^-SeOTpYLWIMj_a^-NC=gP^fE&@$4xa14q9DS&%
z2N(8NB3Q^K%s&UMOB|^&j|aNWAx3B}y@zAUPtD4+$#c!t{1-WZ%<8?e)z2f`JS0k2
zp^NIxZVG6B8DI`d98Mk*10to*N^(rH{i_pjrMQLA1Ey2M^jBPH^d*{MfuEXNlx}M)
zn#NR&AsvqsrHiWu!=mZwjbKJ)5#POnPi=K2jI};UR1PVh7b*@J`Je2)PA_Xj8wu8F
zKQI8=KHa%#sTey-y~D|aYe2+lzC9shBwQyc&SB8E{ceo!C8cZC=wMo9nbFMYWrvOv
zOxzYV=im6XLCexdPDb6S2U*R!x`Zh@HmBm5pW^*~c5x|(OM31(>o%8*2i-k@c!I_}
ztxy8jGY5()N=sRHqS+)~QhwRi1t85EU9|0CS8#e`bQ1T>B5es<ZuoBdVwtGz!tXND
ztn?yK3(I{N<kh4bD~`pV)El2Bm4%Z>*?@?};xl|v`e!JaW~po6@{``Y(CSf&AmT&4
z?rwDw@>G`FQsrG5^rXt#2g*viUdofTf8`{kkvn$)&57-^8BLv9Phk}mP;qZDL@eeG
z{+uxDst)pn><K&=l3E!s>dB<1qO}N~J6g7hBoLk4RDKsl6su!aex5?Eh#Xj}d&zIe
z#u?-Lb4k@YrdQlb=6QbZLoKO+)<<{NFmCz8r$2*9IbC{iw2(H(^vC8N=uXLE;NR7X
z7kP>TnQkr0zOIt^`KEok*}I<g-1edsW&~%2bo?@M^~m&7`TaO7HNF_wbEqr>8YXZl
zfx{GiHMYjpyLMeb_O5*vk4ase65UW~mWV3z94M`T^lslntv&pBm5e9yH=a?JVC^1m
z-$QbYuk5}_Kbz(&e{@rmvt?9^;yRFbSWr$l6L+)zh@kCzcv}U3n}Pb(;Q16()L#dF
z4}3a;P^`#~nn5S{kV<$mhg8_$pc%+vxam94b+4F*Ogn?-Dk}(Zc%Q@eh(j>sNepMh
z1eCV*K2~kkf&gyj+hETgv@9%!OGg-V!rR*vR$hN}buhzrE)4#{8=_R>;y}Bo%6P-m
zIyk5@lBY^@DxvY>MAfnzBt=L@BS!6f=TumI=-4#5q6$#8@l_db<pe(YNi&jT*m*@3
z6?p_|7qI?PPfvTK`YFv1>-3BJ`1|TeBu<!__ir%2fUU|yh2SMV#`A-q-H&AY+X~Ys
zFC=4%B|S^Um<&XiLvK<xQF7+cI|>-MXv9wZi&&AzhU53BqT9tSYxcg1u2Z<$(2Yk{
zJ_z|^2%ek@7&$3?%1Bav>=Ze&9rR_o1$-|6Tv1Wq4!N3pd{UMMb%)5BHJCnb-g@@r
z1g;+UV}|*%{o?G@tbyABqnsZNQ3ItuJaq}ax&!N?#Lu4=S#_}!`CD!Fwh9_j67nX!
zG*4euru#{ZE6-?1`}HA*gW#|W^`{AOa;o(fNGik4A-^F-+)slUII)>_NW8V}j|*ni
zKFC8^e`#(WLS`<rIQ@+WQql-#>5|+cvKA_gUp5Py2t(*lC1*ij*LoB^f15SDei?FV
z7~8j-)mh6h*7i_CY&qygAAZ!NA;@ZG8Y9~4taIf=R?+k(YAeO3+&kObLL;4nxPoit
zjsVZAPPto8M5;k?MMGS89l)%StgGge#^rb_U>LW5Oy(S<@e$D*w)1gbhpn{p_qOCZ
z%&ft#NjJ0F*fXZwv_%{4QpP<oTiV<$%K-VZX?y~{7TpfY-iY4(=99wJ()0puF<Ow*
z+Ou}m@B?8W<+YkI8~cX^O=kzklL6b%yyG&kB68Xs&v&-KBBy>sAjTjAQ*ya3X4Gtk
zRSm)7xRY|Kg1j{c6f|ABmp$!y0dG_Wr}K?F3%lyk&sR8|D@w*}A#3gYZzjk*1vuX9
zBd<8n!(OC&kZy>BU7-|cNKs=gQ!+RWVtU@b&2C=y68$$hUzCl5F!HCB|3+{7s0sR1
zo*Sg3ekgPpF4Zx#9^Xa*b4(-m;NqLEN#Rh*Ffiwm<61kpb>%g+%hR*w;sKhS`RqRe
z$tto3=YjC$`7dkBLD!{_t%L?<8cF2r+6lpbvuh{NKeKC<-oCl40~RJc^sfR*;;~B0
zM}qIzGtK<a3py=Rv`5bMmB^kD{GIEo@)M{Ol~Fgb^vo?*F40C_ZB+q208XNWn!lQ5
zo>mz=Ha+2<PLpX?FStVXX?t(mK$;sKZF|ujzY>^p&&ew8+M3>VID0H?1}75&f4xtx
z_`~hjNVz$!%O7l$6>dI@oM}r#Sx(FNs=UosT7=Mvuc7&f6>I(}t?7`};YbL@${D-U
z;$LTtuPD7wnhF-+9r863waUMq^YGYnXy)&+*d4j}@*XT)?Q+5q$PMwcG9c-1B#hrF
z1jhBXwxi}wO4yoPBdU#l<70V{G-fr8O-b}y`g=2D3P1C;I{V0wUIm$0`yNzAh?d^g
zB}Dj4Jy5fk;ym(_$*o}T*KBN-4|QO<1vHLqCYR6}fGQ-}91dY5M)BZ3%hlocF4AF+
zVzn~<E`EThCvJkhkkI}n2$x>_Plr*GJ&f?@6g8$qf$xf0^9b*lc`8ddgN(%!Y<e``
zz6Q@H+W<v<*3w~I#!o7Lr%d8AQUprP*)|%h7<mN~=3!;TQDp3W+l>+xC1-L}+?)vm
zPHs?>7mLq#MiLoz*#SA?BGjOf!ny!T1<r$N)<l_c@-{!L@S;fv#qPZS21mVAvAi0n
z;uZ7+?G?Ae#~zBAM&z0Nh9W)j#g_1xT_weN?q1Qf(iq#8p-(nNdoo9(*to}caHr9#
z!n~&Qu<PXIzQyrRZ9sIy4nR&N0#D({9h7*KKZu;jY{Llb9AQuRMBTFPtGDrf3cn;U
zi}%w#3%&Iql8ABR^8(9~xAz0X|6c55C_-a!W_wI!I3^XRD6qp-02QiPuSGJ*NfM9n
zv!`~S1<uEx5<Lm4ohlsHjuu_EMXnb8bQZZ9`P*9LxS!#Bpr!v!c6jbX5pDGOv<_!_
z-txh3<hdt#Ldx<)MyQ&|@y}c$;s3@zInxL^{rG2NN~5aSHEE6Bvn#zArAqb(T&7xa
z_#j~FIXovv8Hbo4#RYQ({h{Bv2~=V#KQy^8+K`_GU=Xp^K`}qTe3A+^T}b3PPvr-a
z3W%HmT023)yWnd^qVRtWLMzRd3(e`M7S_7&uM0WkbFRz7+RV>EVa9ef&KuuGbohV0
z3KZH<m@f(P!Jh-0?SU6}Eo+ilC5*GlhR6E|^Mo>{hp8^NqC}}lL(LT2cg60XdA@g=
zd(cuL{Yl`Ne4BNuEu7Z7<?w~s7kW4lVg?e&ap!4xyFl^rzdO3L_b}1-Icn+7<aOnJ
zQXUaBJ|oL-i2g;`;J>DS6a-&y$C(rq91|})`WZdCJoL+Xq3>nupIfG0${|}W-YHa3
z9_YYNJ{5Uc{2bfS3VZR28C_2x=x17~=0J><RMD;i9#7t#e;*52|3u9rn~nROTbvuC
zbgxT+<!+J!%dhJKYDr&*(9%{sn|OYWCJ0v+d?d!0LHz1$YFVv1ai**Qq~~fs^W)+L
ztUvG(Y(6OHl<;C!phbXU?0e*upj$!RO{P~PSWt(i`uYw={|AtL@`_sPD5uWUizsQT
zh8~a3)$eP*G%0D%(KrEZT&HV;ou5Zqh9i#oUb`m)jvl$Pu*LaCuZp7wJ-gLVFMX{Y
zax;N?&z%^oj1)*6<v=dA@T#$$2<}ZiaNSabqs2{6y4BEvGg)b?x1XuU((Fyl*P67k
zaQU?f<z3Jxn9>{MfSoa(-G2ji19UBht-A}H#gBf~0Xm_NH)c6d9~WO*>#N$yjX1qA
zfP%pE9RZ86O|x>$B;4DQMN_|`;U5;n)YLps%_}GTQaR1c-Blem`!o6K_{;9xkV-wg
zWn|_rI6l8Dd$FRt{A{iF1sh%uZYMvCp?S3~!E@-WEO1k#<vaOpPgoDucRe?;7eI7z
z6yFm~+Vo2m%jic^_U^e(=lh!wHx92rKj~M3Fcrxd2dNqk*pDG5_XRv*B-I_4WJ64)
zl8rprkvczkq)6<O?{Gd$OX!ffPZ=MYuv$f2)ED(Me_Xo*X|ANabr^rm^~oz~t~(&+
zl)_?mwk%ZcsZ1XeAs&Mu5xVEB^amxg&{Qu7Va3eCz4x<ajoblsL*5adtUC=U7FuYG
zRNXwV2PviFSmaCMeUyaBp*BVD?MH>gU3XH_w2+tDXzd8Q>8Rej+D&e(V2SdKNDjKt
z@ys)Z*wd5T+3uq|4HO-8fo*Do@JE;XY08gC=RT?WN<?1nVtF`=UF8eMBS&T-Bp*+I
zhX(_UH1O@$6M2pezGASSAF8S@k30i|(>(jmcazV9KNu8bi6gsqh)YnI^-x3egF1)5
z=2=Gr<oBd(Xe{iesF<DlG;VWx`Dj!r<l)Xn9`4*bA1=2S8BWY!J&=_Dpm-3<e&U$T
zVx7v)BI<%S&%kTFTDQBHkCH}~Oh|oZV#f=tnW-}rQ;fi(j7}>=4JTc4j&KDZg_mc&
zFSUhf&<KJ-wg;Dy$XnWXGryIguvr<QqE-AArdq=D*-N@F&cmJ4>r~Oc>;_riiE+22
zt(khmR8tnUk;naeFV|;kse0wl8VYW+ev)&1@A~3p9v4&j#O>la+!QiIYr8m85}leJ
z7?d~Yt?5VzJqrwc!XD4uIa6s7MDL!h_{#Xqy!mdm@oi4pL|19tx@*8yT-;jtjb`E`
z#o;N9_Nl`OZjTp-nI|1PLVn-#v-Q;0Rf+}>aqxOM(Ae1<Vkl+g&L}~+G2Y?na{c8}
z8`05F2}O8<-g)WA;?ymrcThVayJ}-Dvq%w@{Aidn{78oyM0sSQP<8%k0h}c5PCxOm
z1Q$Z6$oIT`PoYvEDxH15`bGZucA#p9o|IJ+uF9WFDLuB<-CDfgf|kLB#au`Hy23N>
zvx}<UWcP6ME!rIho_L>o$*vIJLB1PUx$e2%BkzsV6;$FpbIn39*mUG!Ub_v2>DrK|
zho{KsqHzE(Nx4Kg?oL&SBvAFX3s}l8QIx^Wbh=J1neN;Ey5%+cq|AS{&G6dj=u)I*
z|0))=xhiqN{L<Y0{yeg(_*zeBYX{h9j<+N7W&=Z>oy&6(HlEzC@e+2K@1F3Sj}#8D
zn`uSfmC;_*1tG2;qT&s^X^dT^<i!PeEy+pV85(WCYE-Lo)zAaink_ujSven0^QbSe
zzGS*ckoftI>ej-0vECW_i2aNy-g=rsTBBB<!Tzi+1J0z)CAIy3OkH(U9J<rR-DPnp
zP@uTGySr1|y`{J<F2##maa-J5+$j`yr?|WOx9$7AzV9Cn9ClA8$>iQUlS$&+?(2TK
zlHm77dMu-lt8MSOb(J(nwViOac2kfR=zZ%IqU5s6KlH5jH995?UyHKiP6FjaC~)SV
zV|I}ETF9*B0IX^~qOgdy&*=>gST;Hp#;#if403A1N}G-EL{?)ldTjqX2&*wfSx8gR
z40sNrAaPpyxkt#B)BA4%7!+V34>G_%2(uE5JggpHkWq>^tse0&t<9Hce2#|m!8uSc
z+%TaPDoYPqssW+6<b!xN_;_R2tN{Wll;?aZN{Um}BO3)Jhuwa?l)csebzT;}8r=E$
z-<?lT<CrOsjp$C4Ep=kEP(u=a>@OIQtgU1GOu$jQjSX-u8voO;V_Vh|fT;>2l}Llw
zv?5Wctq;jzkRJG&oj0GOEJ6sqih%+SJ&WyixTY%qoeb`SR$*)<DUs6Tw8`?Wy>rSA
zHHTAY<bA(!w`n<{6EPZgn11CUm2f0gRL#ZdezJD>JVplJ+GNOVMB1swS-9$RT;~Z2
za2Gzm86ra;C~DCj2iG2~cC4-}WyOecgFN>HEcX<?gE=<lO9haoA3;AHvoTI&K6ve{
zpi)zL`5}5WOG!6gzU#`tS*+KDB*fSRh0^}-z>|`a+piyEaDnJd-P7q#woLMrhI$-*
zh%}GZiyy}fCWklMIKvKYhx1aMkKJBDc%7~2-dSjuFI3P_Yc@Xiam#g|KHVnNJ`xmP
z<fS74pN~+|{+Kc{hR=q~Y7S6~OJj2)k_to=9@SlT=6oKhOMe?szQlJEDFEx&ANSvM
zWW&dSr{hNy2o%QLta{yJ`m<$iSq;f|s^+@crdF&hi}Z(SV#Hwas^{tN3pIYJjC$je
zgyk85;6}<H4WD0Ti`|8_xKmE7)-{YYmd^Z=*;(QA!6Db-IFY!;o6sRKD7woT23|Dt
zUcLQ832|Pl@7bXYNEzg|!3aJkDa5)^Yy?^A%C9!`T#<9@Vz+unk5kD8JU;7@GfK}X
zR=QB6c$V*}36P&?RTIpGjd^38XJ^@D^7~`WQ!>Hd1s01{mz%j}4z7O+YoTZ<M_lnd
zFsG>7*`HD-k$cM=gyss@^Jhcw*pZdrk}4wt(XAZSa|k+1yDsTn<mNXMPA6OH16nyr
zraC@IdV^Gwf76gIwj0)+F_KMY10^5?Z1uh|?sH94&)`0IQlYwvBZDUL=droad|2TA
z=#N*u^7L!6XVQz01m0Eh`$U;|$4fqoUck!|UYepJJ-!-$5?*zaKh;r-iyHPd4e<<(
zLP-n>+dPqZc}WbYAqN>|Cw0xElmO0;bW7x@k<|^0eBB!Of8nA6UPH%)pDqgYx%S!<
zf1bCoo$VT*PWb9NEgC3DTssTBlW;lr6mfWc;5T?UvI!-|LM9a}aLtrdfC@fvU{L>w
zbsyJ2(n~V+>NCqeE@pxDES%!vP^M)2s3e&@=WCLHg(xxJN9+&V_TFK{CX>j2H!QwG
zPtrG&?1L32@2x=nA@Qyn=fc<r;V-aVY}cNrXVTxl0FO6NzSRAMzbl33JI+5q=+V>A
zFXA({()mY%5t-@GcUNmkbn1D=0Wh6>lM5cS@JGe_gQ!f0mPHLY9JVfp9nDbe{&Mqz
z2ZWtuQ&0m~j1Xb>F;|}_mG-OLo4_jwh&f>iSGF^7fsgA5ySy^=ovM+g+bRKn$?3D<
z+-r?Gnkv|;j-<2Iu$TTLyCPVJaZOU`DU2)M<JeGZ8fC(#RVAz*GSGVV<k7}JO-R__
zENXwFK>75y?KBUFPvEw{gWJXix6N|yN;{`pwRP$B9itKd>?^~oN!@CPmoMxA_nj_5
zfiRP&41E#M=(5`AL?_PO*EBG!PwF7Upu_8M1lx%5WyKf0{pzNy&ses_uu^l_x_Rbw
zZmzI4`xcbl6xY+nSZX@Z-f~l+Z>!(Y3R-;lwZquB)b=&)w8^{uz2D5`?S=YW=GdX|
zR*_fo&qA8l#Jr`O1G`tGqLWm?e8U-y@sE~cU~B|}vz>gYf{`rV0L&v@;(fbZ&yiY=
zBnBodqiEu%I15h_D@lw(w#Mw8C>C$HfAu|%3*3>e3;zw+qmcL{&XEI0lWqmUmHzS2
z=i$J%mO1mGH&G1NlZ&HEGFfW{W8XPatIFb`*G^}d`3yX)&cq$DxA(K&J9HsG0)NwC
z+R9~#<Y+K~{n!z$E>~yH)jsV)rW}SP+qNo^YpHUr6t8Az`48+-H3D2k?4262Kvp5@
z;lHGu$wxk%w}fe_p$TImg{uur=G&a_s=2Wx{b5_O6{>MRFym-O1l>*}e-jb+g6HJ4
zw8a&3<n4#szc9~!0-O)jr|K&9HZ}Za;MP#JJO$X_=e>2bxA%w9DKtwe$far#tReG*
zJQKx<mQbTzc{DX$e!)v1|M^OV@Df*wRFoyh>?LFk?X-=Po5(FCT&X#A+oPv+J=frV
z*Iw~;O9SYxCRn~j*-l7!lxVu_F75R^Li8!59z*J9b=P9+5l|r|U{m+z%V7`!+_)IN
z2r?!_^dqiWu2BLA$y6+ejobn-O+~xOQwpFkgy|e2M#%}7L`rtnp^KXAJ)wjE6O?~w
zNcT~UCU1t#EgnFyCuYFg(-?D9=P0W+%ZjpW_qw3-OjIayI}%bG+YL6FbkUo<S&K9!
zH4?;G*=TwSRB{dk&Na+k+%;EPq%V*@Dv|H>LO|QiZ+9Z!jCK<8q;Hd_k)E?e1G+i%
z!pE&m;;2*;k+2?ACH5#3WlI}_scaG_Km|!>0k{yUQqYCC4BOQj_=OR>(j0mo{Di2;
zA&UL+J-c2n7PN#ecODcmnI;~I>`omfw)EHW72GR8??%7Cxr+|hBzBvhaQ%*C)Wyy9
zdGw9|a9ID#IyuO^mLe+S`pe*F1V=5lu1!he1P&x$F`Ge|L3Ys1r^IpwyXGImZ!yI1
zx&Lb$SNa>6k(N=ALj?V5yo}f@?!;zM+TMu#v~;=i6)vxO=qlA-c(5vmQ%B1J>Ry8%
zFz-0YaCLdk`ngh*l>m*dhA-I@YMo)i-(&sD18l+tvqC!9gboCo<j*`mtToE$ERuXI
zV(7X{a;P*VC4wXx@;Gi65ltph61A!md(=!4nV#jP3kcdsY(hiCNDJrJ*`Fgrx}GA@
zp}+E&4ZJ*)KMa`-mvOaVlUW1RP<`hvB9;JTWG{wF{w)qfE9!R&sa~%F$LUjb>@Hrs
zi^#=hcu+#crR-U7F_sJRF;0`d#^Q8)Z^h}pC1$FLnk&HK6itcPz{>M7;7ZwiL6UMI
zY$M46dxaY0qJpy_oyVJWI1=G>EwkdgfrNRtmTC<HR^E!8;`KqF-D6;5#_4nD{&kHJ
z+#2_x)vV9!_a&zX*Ct*;anev;PJ8R>uq<BA4;()Yov&GjOI1_V^AU=<dU|$z^>B8k
z|F*iZj#(__G*D`i%YsfBHg<i6tZ%&0Q!OyMOLCZW;Yb(e<QChe+h*mdX;`|NehohA
zoQ`}wazOJ8%sEBAs|%W)dDXTbqr1j^gh1OfVat(kG82>%ZQ|dw2RlLA)`1(oRX)q8
z6lP|$=H!%3dK_QnyIf?z7dAz43P2(avL5qOHAf3c|H6L;-C&MNIfd1k<W{cwM8jrc
zZ<9s`GDPKaBP@goUc!|{cmfHGVb33d%S+jWGl}pXi9I<)Tqr*yxn1E_I?oxr2WM7U
z_N2t;SMm3#@kb8Ka~qwDg5f3?w)66+5b*qn&sC}?-|NM7=Md3W7{3cE?50&b5`<dW
zI~L()NGv>_)xR>XUYJ83eLxfN5O|c@c&!!kTeiWvhEIL3)UXBs64$dYSv4jCK|7D_
zS*buf{in>Iq3MjsW~TGw_Q|gOz5f_d%R((>q7X%qI!}S~QRDJ6OpW8lI=fn}2nOID
z5p_S$T-CUdAu8fOP^hI;h+0L%?h#vHJY1B$gthX8ClzR90K7ICNl86*HPvMyvK!4K
z*pIqcwu74hf;*bV0stShh@#NZ0ZfI%Q)u~V;3{-~PGpTm7?U6|cg3BYbXfzQLK9^n
znwjMM@o(x;ViS`qHywPy(22s_Xc{vQxO()Lw`wFKw_~VJEa}sdp0DoWjC2+HX4?Yk
zoYCCKV0E;70EO?qZ=JhIKQc)~U(09|9?w?`AoF)GJj+(vVGq^dbGbuFnV#TyYfSmm
zNe*fPd9~V{$Q&%$4S11zLnL;?och2*;$)<Jj`Nf7^Smar)@l{EQ&TF;J%ii2c4%}`
zVa@nEr)~L?xMXvp)Ae3LN02AW;{;NI);x>-jf-W)KO_2;B}USOIFf<~z^wZo4%n`I
zV2g=Cn0z6~S*oV?_)+KHhA<TJ%sS*FgNk048k&5FYWn=AV6zEbp4n6H8eg+pYAhPO
zur@t)RU`RT9~OQb#PbXuw)?S1Paq6l=5C(Or2Oeid9NiU`57S+Cl`}*<88}`)arSp
ziFfQ!H>$qV;@q4Rak=}piF302Phc~a?sVD@DCxSRx7t13<66vVD3K!i4ADazmYD_b
zDi9SVWopS05gDhb=+d%h+tbpDSn6Tr=yirnN?GKvdt!1J`H&aWP39M1yQK<UM%pDQ
ze3w~Ip1Zm1^#l5|_)`h`CB^nhu-#WPl*xvZ(5g4r+~|8&gM5DYnXR=6@&idF>yFP*
zap%;@K0jb(!8_Hx<Sid-ie-7_`x+s+#uevQk34u*IQL{Vsk(!XPN%aL*{%ynpDCrh
z>%4t9*80K*$C=eb?B22+pa28%!Axcc^1rV(WGh4pM&INZe&Udq?VGXtq=$6B`2K;a
zbV%d++h?Ek40YJyu-{G#{6l3Hpl~T49gax!9(7oNl^>{+LYLohd5jF<E45`zZz@H#
z*;<3jkCKMy+NawU*>?R`Ca3FWI~_Z}koG9Qb<?BXoJdNmdSv2}+7x1gWq7V{-%?PR
z+7nUGeY(U6L!!dzRN1c>$aTAYuwVr$K{7vXt=S7nx~%bND}eu7yYB_WTJm(Q=TPv*
zcA8c2%qS;U-jASt<qs!7>ldk0Ur1hcaHm0KG+kqOWoaQS)0joLuD5h3TihI7I*B=a
zXmQ6m($&5M7;U4fKfWuYkqlvJuy?a>zlD8Fqbtp!#SBT;;7j$H2hK5`EIPV9y0Kfg
zj25BUG;1`%x{HrX34E?-mt-p|zg`&C-uJ~^<0rh<CC+et8}tK1xdoLBs-${p>eD+K
zGTR@Db#_-m%x{cNEo6Y;dWwo$DrI{mWtN7}6;U2RUUj?Qc$xCq5`5z?z#da2`{QUx
znqH)_E$YA2M7?h#Q6X7Z(m=3p!&MtvRP1TM&?Vcy955`S%Dh+1d#RHa-fpd+*=5i6
z?wBYmv^B`Oy^?<Y{5qGnfp>h9=9yBk(z1~|s?>xs@c1~Y^v|4^wV5a|2C_CFbWN*C
zB@}F2jEGhMm(@GUWwf-~>zl&OFeNgb*>y;}QVIVbT6Rz8>Eg_wc#nm4sd$^k%UwH>
z?Z}<(##)5-7>zSv^Sc!@OSp_(IFgvG9c@JhEizNTI+Rt+Bw4HbXKuKtLu-<{-nOnG
z2+~;hy;u|&xDacR48Ma2T^RovB8(*g9AzN_0}S(bYDj#`NaIvSF=H+On<^~sTZ)`F
zxgWoi>*8y((MWVF*Lu7OzNZw0>9PL{FtSjTsf_8cbt5uRb@YX~vJjEMGy&hu(&AyN
zm!K;+P2v4Yu6?qq7B=17c|cS-Hz|X7=)BogcACbDu2;5rcqeey4Zx-P?$!avh}!I@
zrVbk3%!%WfrRf7p8t6g1z{s_NO!^Xc+_rs}wj^FjNe5wz`V1ZS;>}H^XNxJn70j>~
z@q$)Qwl?B`B5KUxRg)$dTQ&f=<oA~`m<`hnjn9|@yIK$+PY=G#)q|iYf`?fXX;@{;
z#%Tn?51JWlhQ*9SfY5NKf9ddxq0}z}4&>I1ctcA(EAc60to@!w$NBa7Oi(`I;`6xS
zSf=exjGYvy>z&|{y)EUT`I9ZW{2XNcF;2<UXrBY~;%x-KCZ3kP6e=vbLk(UCET?I{
z71?twY;`;0rtkdtIyZ{dH}u~N@cjyUk1r<5El?6+8LyV_Jp$<$@_fWxT|Ll7^*a+$
zTvkHuyr|)pc}o0~|0LU^^ampj<dckbKdRB7#f_SoBxTncN+O2fnEj2O%!Mmv(U<C=
z^;)O-_@QU39p!;@rmCXnm<4K?6W{Tpc+hyWATjKw*B5dc40*_MvQ7wcE)L-Q%IF;#
zPdeBGnu+>fDezw-F`i;WCjyykMTCaM@9ojIvURXvL0bylc|WT1CYQP12A&K5#r$vH
z!LO2aXB`A5QuJlHKA3<F1O04#j;rO_Joc{}Jh(icsvSsfp1*(I8Y}<e8KSwCq?+V*
z$K?CCoSyD!)Y#$#)Ia^$v<||4!(SW3GxY9JuboW5)d+re>A5sxtw~XvP!n43<#s*8
z8m+1=7G&{F&q3ob`~g-z$upT5Gy5u|%ezmYRQt>2v5&(j4ohUXfk5WFOj(IPQfvf=
zB?7;T$}~7GTw{DunNluLW5zF<PAQeFw*Uml9XlwwvIAbmd`F<h6#Xj<-$_xKx=><a
zMt<tkhv=Uxb$7nMDJ$;X$qbO_9O@7oh{X<h##zlC%XoF0uakSaUb}HNt<=JKJ<b$d
zJcVP^l)3aXDB}aazI&-&$1f-}$T2>0Gx8GBC2`ds@Zt)G-8J!BHFdD0&dXE3QWyhG
zGmC5hA()sZ<h$oK$#HB~@>nziN^+PMtmBJs0=p#s4)vWo47C(D6m|{Ir>|E$J?<Lx
zR<LET^#UIJ6qsNJW%U|4aBI-ioEd6AnVziJ@l`qWdvHb@-xg3%`e37_&B5X<1^rLs
z<t&8Y#_K4ob10yIQ)(ZuQrbD}G>fPTFBZz;I!SrhGH|7!{~eM2$?|gq)F`K5IMa_i
z!uB;X*<<K$nGUYqP?e@@Wah>3`24oCk8o~ngOB-w@Rg^fm1lqMdk&(J+)VjZKDytu
zzQ&s98YrH%?Oxxw;H;P~J=AzBJM{`H9~K!5a`ORSolEdW2P&al{Eniq1AkLv{^esQ
z-0tm{uKSe9*xjpV1_c|2tn9bAxfZGM8Xt_P1N|Ru-qSk{>^<T4BmQfq&Bha^68;(j
zP4CA0bswt9flAf@pNm0RI-Fh7=%5EuW`eM+4RQY7+?4L#tu^@BjvhC(Ltv>B&@#-7
zGWDgoaY-EZBPlgahYK4U(@*dffoW~f1HaV<bI*|hN}W4v_v*C|iE1KRZiJ5olYIJ@
zdFHa}av#|J)Hd*c|3c#VMR;4JQ}3$D$I3G{to@bH($o27opcZTUdq;0aF}x(rRi_i
zVg2mPH_uO(lS0J|+|w2O)px)6EpBro>?UYY)fai~b0jI<!8^lRvl*dI&CP;|W1ca%
zn-Q;KA*|M$)l<S#S)tglj%Ibud}cGyNC(Kj9;s66*R<U7{lLPV)zT+-mUuY<FSa+*
z&XXZqx6vh%QxMswW~rFHj>(Leyy}7AXbp^x;l^?-q3^nY__;9NSaGy!GVMw*xPuZR
zviK>HEK&5ZNNL!Z3W$OKhS5}*(X?H6Qi<e%-Om!iGrb98yTw*;Nd+C!&^i0?P9uEY
zQ7iVM=Yqw%fNQd`$FX}cm+#@|1TyZ9Ht5r3w@%Cixn%8^Dfy2S$}LMJ#5Yu2-XZt~
zZa^SO+i<xZV^hP?O#J3{??lGZn&#3EOnze}W)@)h3hP~TUz!liZ{0Vy1vM4MszBC{
z;ESJ>Il+R0P+=jLTY8$nfa3cFu8?j77xtqi9E@qI5X`^vwX8G2MA&)so;brO?qDA&
zqRuB_W%OZ0cmmS&4`=D#^Y4V-15GxAZV#q*JIMS9O~NW_^siK`7${C@_h%UmeP6DY
zlqpXS2|kOl*>WoGTZ*!Yz7ttjU>e%W*Ox;T&Uuk~OGe;8e3Sv2sdzDrDfJz+RUMRa
zoyJ&xf@KS3l{ivb*kK)|qWD9wMTDsmQ6^ZdQZf?FIt2<;nN(tJDyqOVm)g|gf-OxF
zNsG6pYYG(oED;F*3fBY;b_&c*qWEx~OnNm`t#c({PT5yCJ2Sm+;8C}Mr9rDvZ}nX~
zMmx^TjYr>mDa(_C*zMr2?MaziEq1*wOlt8$$|~{dJ2~*OR`Q%j*1X=!rYTyIK0Ub9
zvw^2B6PR%f0^VUS9^&*+QMk#TN%W*i{26NP+a4-Yl!S0rF^bQL_a<3|RElhUbgD|V
z<VrGxmmaE?ACunhd|75yp!n+_z0Z_btnHW);eFq`pJfVeZ4K5v76X}CneBy<NrbtC
zrLId~P8B-xXk}acdg*Oa<XgNBf)H((fs(IL6iHXzy$R!r?psEszUZ4|>b+`Bw8Jf#
zwM~ZOJ?8Z($?jFk`25hH|2VF#7rsiAi3qC{gk-!$d^V#-Msy<G5iKP{r5u*I-!Ey_
zOJ7?@UXmVvioY64K^O{WlL+#&PNvanBkY|b$<}I~^sCz<@mv8WFt!;@MP0BWR;=#P
za;c*lmC;MtU&v$r<FOFpsjfkk4~sWmpUMNN`>`aHJTwb?coxwj4-P+N&>xL)V1Q2$
zWn#`E71t#btV^PrT@3;uZ0m~Yr1ln+dk|1h1SUZ^<MjL>|7%MtzZl#m(VHM0;@*}Y
z6J*RlkXIUNWUvToBylV*I4||eA|f5F@>Wq#U|qI)<XpDhNZY7+;h}(9Py1omXEtn5
zmwDw#4x@h*=FK0{UL>GK@E$a`3MOa3GwIhImc{u9`?iokmVh~;L&gIK4ztV*LeU>l
z>@SVXdrDyRb5kJH@Puc@=W7FtvwXBUm+nHIt#UU9rX1>9*F{$fXl^vCdOn^jqmn(V
zqwBTNl!esIwts(8e?_ZI9|j!+S!Q>ik#i9*6)X^t!Tf>A;_f?R=CsVuzk*czXmK@M
zV*mj@>S$v32!MC*<b@INZ2IyR-|Mo3o{Ro#NwbSBTQ@u~foMHQCzGI@8L)Bsx}S9L
z_|UGZ+2}9H#_$8To*Bn>%j5~fdAxMeZZkLAvK@Fm`>5$Oyynne9=p0}GZKaxZQrq0
z65V23>d=-HyVefUabFMXItpuKE1ft@F>5*F<Fb#O!?rTUARYsUJ#DM-Tpn#HD25%0
zD9k@Jv4X+t&!hWE#w%-J@-UtpbYhGVVnac3*`5gl2lpShTw}7NE+gRgZp>#7%}=mX
zFX$i~?MJO5{Hnm`uk@xDx>DRYbX2V}noe&gD62X?uxi$<zV5;vqk|GTq+;O;j~?E!
zwzB_Y!g~@_vmnGMRB8mS)M-BnpyZFOpU#=3t1gfx6qr<3X2PhO945$@@YgW?|IdIu
zOfIkiM7<m2F;X$@+JY%n_6DA@Qj&@>D?|l{RDLf5Q=yy}vIbw7D=;05Z0=i~W^Kt{
zijH}Fmp${c#tvW2jTXG7P}}*H)*@c2wvKX4;oGv5U!N?2b6mxzXPbJYjAqeIX9sIn
zMrfNgXD?jbzUsr3iNA6gnZKzc$2zc@xnf<WT*FYq)DW5f<Q)wr|AT2e#Hknx#$qhs
za|RNlqz4?x5qX}|Dc5lY^=KTU*kQR<#-yJ{0}%htdHPl+=9|>za13xqc;R`Q@9u!$
z^fea^0ToKR`3Eix-Vg#-LN^%F;0Gxd97w@R$xml!$}Ll&W&N{BFXSCF)<%z>N(SE+
z23exQR$xCwGkpv_@BAaE23Vp}I#~<@J3VwYELk^gTgWTIGbIzL7{%{*vZ+4~27=IX
zzC)vI{+9w8pu}hXjtPtk>-%1$hYpY*qe8l;GHAm6HuBX^wnKmKS4}QBQNn%nLFKx4
zNxH3dr^mC`{j1MO+37Ax39$0l<^J?uU!dCb0oh#%-#4!*ys^SxplbJ)&0lH0@lLM?
zcm=e4nt?tK>bqEZ4+8Kv4E>wqsvx(559j$|gMEgUr~^>I2zH<rJQ_G%St$$Me}IKw
zCXZ3h^b_FsgF>lWPDKoR2(e5~X_5z3XL#r{<k~*?1Al`7*-3m8*TLv&K88_ES?GxC
zljR>;i&S_b?jj6Pf)2mzSB6a*bvIr19%go(NcEuc`dYHLBd1b68W}Ry6QOQL_A|e3
z-WDzZdss-qP?7vD_@_SpNg~>srpCw{^D&9;@#uZpxvZsrvrCYRSv=V*D>*s5o0Pdc
zAi(CtrC`j5_BU3hCY|^=7`?{>wuD;B)Ymc9%gxh@Jwx&7i=OYEZ$L8a1R?N2_W9l{
zH|1`tW3A}msA8mY@v}?HTm?GtpyNc&X*JpqdelZ#6H6Nw@kho~{zE47>q~A1>yO?u
zxuWRoE5+Blb8gr%q3p)lVgZyX6Fhh;1gk`}KY<iGOw{CC7P%C1T7yJZOi3HrS{2Q+
zJY6}q^~YXxkHLg5j8C2K519j0`Tj+obn|dbxs+vu!k&%yz@#_TteUp)<%<A!d$%15
zLmdQfw@#H-qt#Z<V)!kQ24yLd@}i5ebc$pf5u?bb$VmQ`s<pP8)gPXZn{LZ*zcEhx
z^6Z@=U5KR7rHeN;dZ;+S$M{Zv3i(1)<0#-+*LxOp%)MBNlf$do`HR#o_XFqy_3a;*
z<<#ulGK2yqcq59PytR;$Btfptq0@v39Q2d`#7$OtFa%0U$g>|LbZ(LUWe>H!@MU>N
zi4(BAl*5%_Xp1@{;@_*Nq0?jXc#K}j<cj-nQx8cj;K!aia<uQ+br1V%GyyTc4QVCd
zTMNP|EvWcd&!KJ#Imph>@A_0oWRGkO=#<);;XFIhE}eM2ud<H|t+`iH0n@zV5TU^O
zGz|w>syei6a=4}YiSJdnx*oAV8_rivjV+<CsQO&9kTn#2@V;>h*dWaLxB@B1$RZiO
zLb22YXBG1g)FmJfW8Qpu_nn+L*Qehqur}4aUBy?qN29&e{7u9r52l|EBM>m2fi#Ty
zS4U8NkK*axk|KTs*ad9`_C7onq->sqJhaYoKT7f?nXn!czzKSQ?;7OFAC0)p1L!ji
zuS8XQ0ELI{yE-0hp?yo*#Xd8!ERVhY_OK+*?Xl7m=L#F4*|0I?x2)U17)G7mh*36d
zY~LazaEQ`4Tlf=bH}kSpZKQ2yKw0R}T|x&aV;Vlb`9;<q?)BVv*xP%jea*kKBGY_+
z(~<ADmdnfCwMFID@yjNbog4A@K0{?1;tsX<U}74EBU^4EGaF&)sBGGh0^&Q#ZiLvf
z)G*sID0X*sd1FVcf0qjryE@+n^%T*^1f5JfHXt@YUfJ6@moDn&b?0>MV(lp)%_ybX
zW44^*5YBheVK!<1?so6|6ir&oaW<^jZFS=Pd%!8v&!sZ#@+D7<&F0+rgNzb4?5b-;
z2adj6VT_KOQEbMnx~=!JE^TvP`_63!(04gAHWP-)4udkuJu_BrRMi2^G03OwW93cK
zvp_Cm3!3&>qU^a0$UTTqZzbD)Di=>>rY{(7EezNN(**l}_<ew58lI~l*O09sSAKus
zlNK14M7Qfpa4>W0H>iFd_=j`IZY1{G;HFKfAW>%h4TogKDGS)!FefAW(gK{!-n_It
z+*W;^GP0jZuc6gGTT&^R0A}DhbFpW99K~|ThPj8T2N11}+L3M}$7Z6PSLoUBjxjG%
zFr>_YMpC7a#J|qBLDCSGvTyt|^k`w2V>nU*>M-Z#y0}yVWeBK4YOeNMR23Tvi<z(-
zl|3vY!$$Ab@z4JT1Q9*b;Z|Ohz1WeTW+cqe&hATrx<Jhpd5!v}9_TrHulmk>hdl5C
zYUI_rt9ce-PY1Z*rg4k4v$*_ZB4JrbwkM)S-3>iKzs+{Orn@){Q+8TiF2$-554dey
zGWF&Mx%oERwdjCk1HUwhRgBb1y>{jr84*<Nqp8QLRt#MFbSXF$v9v|3VDqH$)Mfm}
zTi{l@g0UNW$ifJY3AgSS2~7qV)w2`@>L~1FH90!WWKn{m&(CZ$*r_XjJ0Z(PP?NDA
zJ+BDH+d-I!>&g|ZH@hTjI+RzRH2a>G>ql8>aH7x}sBtp)B?g9-38CgbxHc7w`<lPg
z^i90kbnKvYt|?S3!e05d@7V#gb76$N?mnYpc4ud(Zgir~ICZG&e^%;{{xPUhC*%`v
z#Y5~i^AP2`FFqPcdD@sn9Ph~TO7(T7Or>q91muunrdH~xT}stAmvNmh(6hrIXKY-8
z(<0r-jb&AiLp<gj=O=?jX0qQT%C?OjOmO^NC69+iOdJr;Rvrx31p)!Lkf7Oj(NhUv
z{|0R@_^kQ+(W$E7?%n?;wx<!O3XSN#+Fev)lD-Y*ka_R?Q^qXD$76F46a$`7pJmfr
zN<M#!E1CWk0PXblc&CMlhLN!&&F@OrX`p7NtJv{fii7*o>DYyG>xxBf(!S_U{yNK)
zEVB?C<N^>fRJw*AQdt=M>@zrN1hx_mA63zWgF|v$rK`6auZH{`s<~8nV7j^NFYK?d
zHrr)mU6^r1#vC~Ru4n4+Cc&Xa++yN2JlflE^^fd$z#$A7Ee}KjBocv9q<PvU(@L+P
z0qy(GIY;fPF#;%u5qQD(D*X*=M!eI?K=gO!6-?ijL@KFa9WonfeT_Qym9i@)^%bso
z-Iq>8e07kMokm?+6iAyZGq9N1M-9AVq@RfrzDu@apSv1FO6|rcOA+i4?w~;Bm(3g0
zjWB1fYkm;;-4Tpb1w|7!PRSn{MiPmz1e64LZ*q0DF#9s%$+tBDQmQ!c$e+-F0fQQU
zd2uTaGcA2JT%m8{eUi9JLH#QYa7~aga@B$C;j{Hl{RNhm>ui>-aMiLWd3vbieR)$_
z)PwF1g-?m<i4W7(Kjp>g!wVEy&34IpRWB*6TC&S}t}9&hQWe`1ONb|a8um4Mnd!GE
z)b1OZYY<q^oZVF8B>@*}@`TBM$`EEAc3h;YBMdj1rZ~yJ8FiuO`3l}sS3`)ZEMjR+
zr`WSqnGKX;eY+i4e1RJ>WG<$jCbpr{n>i5q1HR}DOEc2nm>GvnOnZtbw@fFqObuZc
zs(G!kQ2hA~DE|O+s_iD@(}28;*50r4M3@SG-DA=w;K7V25FzVG=@C?A+zPMQ(VVFs
ztT$-)wIy+~z6=w-=AN#u=S;k+ZA|%)G=z++wN{UGP;zNP&&l?1&cb5es%u)TQV-6?
zRdL)K6f0H7<+tUR`hMTS>%+FLy46=);t}UKg+a(rO?7-NMNFNf5Y~}NKI&HU_taq;
z82$NiKn+bb#B7=<)=vg|IH8(<Lyj-RQq{IzlsdSPpER92`=>_}=#l4QLaMExw~Re5
z{88Vh)Eo@n__1D)vj@3YYtN#|5T|35xp|*M*Hv0ycMv~xNO@Zt#+*;C{5Ugl=Z7x*
zBkmp`Vc_JzYz2Xl!x4p*t#%&>R4s~>p@!g<G<HqLG<<7;pG;vabjFDbC-<Kz5K<yG
zUX(dFU{jz(OrI5rHB|>pJi*5@4aMS2;SZI+OP_yido~?~@klxGdM-IRYLDKEU<B8(
z7@Vd~i~?4ui`J?p@!Ix=D_5bn=tEwLY8_4^7A{#p5vVx8n^tzvKXCpvOm)PN&68A=
zGpImmNWr|9IYimIg4|g(j7t7FXNv=^49jD$r-b@nHDur=M3kGp5Um0RLe8%PrXv>u
zfZhYoqhG>X7$>c_7yA#<4hmB-x7OkA$4c5&b(dcHbX*{(!^xL{ns|1vd%iVAr$u1O
z^9}c8wm#X}?PF^eU@uw4p(avT)55lKf|HG`C98_BEOi$urKjx&@_drN=bKNKG~gsE
z{2<E|eBm10pz(t|_}3~mt$ST5iBcK(Y}t-Wdr>;-K#-ieu);8X1ObZFUv1NSMaja}
zf{7o|_kHL}rrZ(yTuTP9BkMk+A~v{IpA4R|=FSSvnctkQ4Lu8W4Y1JX{c{`qR6&O(
zf$p)YHm6ey$$@iv$Heo-{Qh0N-Iey>rQ>WPjN#+1FJ(K3wS;=*AfcCiS>wsXSvKXy
z9hRQmsv7H$|J{U@4x$uMvj?X~9Tw<myrpai-(t`1*J$7S1eD8@Fc;mRpB!vOO6>v{
z(fr+}7tW)uBT@y6l%|#*)llA{u*r@b^l+yM+H6;K9jf7HMYu~xEu70uQeKr~v$ZCP
zdWv^Mxm}V58xP|*v2ju<rx>v`ZLe1!*M68A>lpx3GY=-qPBdxQt(-CcgyJ;k1PV-+
zK$h>RZ?;U;rgG%eM8DLl;d3BsNF!#OM-InI4y%1lr&lv)`TjQ{hAkfZqwh#+ivp|;
zckhXZRNNJ9$h1$JQw)E_zhGHn@_%z8s(b3OcepxhoXylbBx5QDh6&eO*bJTahw)B1
zJ-4)}BsuGQ)I1gxlb#|OmP-LYg`Px=H7jaAQ;)M-tTZlct|Y5S3axqC%B<p@8&FPl
zbi}isEFv`>AN{H)QKVW-3nS2OZbeSf9cU1<+=*iQld`rO4X_z7WZNbVcDs6(RH>n(
zMsoOaia|kbAqP#7ms2GBi@tU+^ONx+=3my}wUXes<jw<<{H6`!^7Bg;))ZjNl8~1Z
z(|gNN0p?uN+@JwwY}#Dja_kb!NC*D4Y-$8`zH!t&nUO2Jsh`;c&Jb5OxtHSv`6p{m
zTP{Tv0~SgoEc@XGZ4TWV!+e3i>!s{2{6GFc>3_ox6Lu6YotH|TS3=#*#w3$!p*fPE
z_C|4M3kbOx_n%xNr6dMBC>q#7={(76rcv6Bd_?H9jB}58p&ddh#vHzajH|cM>9O+(
zv5#ARSQH}h=Fa=Prr`Uv8pTh;Qa0jo(rm2>)QzCS(oVM{6}k00y2ZvG+q8Z@)>I#R
z15y${Zk4s9*EE*LUYWF83KB>o1@@Zw;%mQ<HJX(-C4D`CD211zns~IA6&wwx`ojQP
zT*eY?L70OmqEy}}Uuef8R0#X1=<zZO-dMa*l<(tByF`kT`MboZs-iFkkEFt>zz)*N
zmSCQkfZ2ZX{!CWJ&L#3Ddr1&wN8%Do4vWu2fLC;*W5r<x7!y%Pv~W*&lW(_oYZCQy
zX78%obLvF*QAm&e*wh#MC~|RP7Ep8VwP^oHN`Bb*l57%qk<x=9EmTNEZKX(45^&bD
zb-`2@#Q&ViI~Dt<5^4yI<vF$M$}Ds|R&c$95Nc3YI(e3A^DU)-LI_0`&Yt-w_yhm*
zX&{SS!VyazSsl?tESRxsp|K8o`Z`Rj9P(fpHrMheDrqqwLkO+HbZ^yHf9ApCGtKhH
z9G%yc&Fdr0$TZQPAp#5hZ6xezRlYwD6G*|p|4x*rAf##!8ym8Ud-Q#krTVP@1>Kv@
zh+@b^G%v1LH_H-9pKXa?2lpR*2ZD>COm{J>Qdh#Y!CNO5R#dY|Zc=#$W>)0W^P_bq
zy9=YXrN-`R*tc%k^<E0XwGK@p@51UW#tw3gjvI}Zyp%eLN%}Er-UKwd6=8IB{odS~
zWeEZAFX>a_n0{gC){zM8eanc5D?nvYk02|NFobT?O`lV40jD1R+wXvXN>ysE!^MUj
zCEl2RtgPk4I`kVMZQ|!0s6bmCxDlMQx27894DHXb9wTe;;+<1JP_?T#i5Fxzj=mv4
zc$RWH>GAZOl;>`N3Qc1-M)(tyxrIXZ7_u!8K%(G@4q<gvMx1Ff!U%5^pd7-k$IE>2
zS2qgw&ob%6NYn!UuN3X*h#6qjt@1j+h!PF|Fz$C_YsA=+1=+Dsl<0Jx`mmI9yWSpj
zL?A=5o@>v%$qsL-cO{O_iD#?-`Se-uwQNM`dZYD8>@0!qS4p~=kZ>7RW3x_0efvR1
zY3rJUwPV#@!){yY3{1P`jQDHho!`fwCsHG=qqiEs5WHhIsu50CXj^2tRnN7rvj_50
z{NMM=qz;h2UA%r(9!pO(bn4BwEN+_d>cBL}<!#h_miF#EXsF3tz8Z~Az<ogusMYi?
zP;ah9vF5dQL_8#Z7>IJ6^;6JQAGva<1LYMI1W%~7>E0o$O|np`4o%V_OqQc4;ypfM
zEX36V85W1~wgD9^c2m9EvDkACEV2UQxayb!I`CSwK>dWZ=V6r({bDhVX1MI5m0aSk
zux75C=!&dYZ@)H!;*U>7435Z->UrC5R()0~G;Kmd6Kn@s<Q{vJKoeZ@Bo3_(8v}(B
z1R^doRj$&xm2A^2Fl`?{u?0H59}~{O7lDHUcF8}%>9WPqd)W|-JCA3wV<1?6<urrq
z#u#Cf12un^#hK8Vz!fsd1wCMdFqBX744az0PQ0n*g${@-lKjc2XEIwvK#OmcvlN%^
zk#op~fu-R2W-Z!!*By8=hZ?T)3o>3Hc!i1ua>UVe_2>#u7S*lPZvRvKkjm53s*4g7
z5TqZUo?oBQ8Nwt|ETli$S5Xv{K?OH(k$4<m83EZV06)UZ>YuZ#%T5gkbFJ``2g&0-
zrZ9*y4L>l-JU%nMfFhZFkz9u7HlP=x_A9`_V!}C6E49JK6k#A@ovW9I)Edwe9hL_F
zam|wFbSDJT8OpgJPbB7$S=v_+l#pr*Jk15wmEcibyTjWYHwJ4wuC+`U>j#Q5hH-`Y
zrS0mDvihSyV5Qu#FcNeoeXsvL#iIley-Z{2tkC4Y-flJ^d{M)|G)K%u&K@ik#fek%
zMV75~jxQSji6~>JSD*Cn5c$WjcRJk33yiy}2l3Vy&>8nG)s8t>XamXdTK!vtV}+_>
zH>^C?W`TnE@V@wziMDAHN^V7QV#=oABhWLqlf0z5*V`X<_YI3A+9MH8RX7jZb|?*>
ztyG^}cB7NEwm3FaT={zm?ochjHzb>{>nPO<PIBt{$8G2E(ja5h3E1_U2lyv*(Bge8
zL{g;Im9j2s4(a233j(tEb=bkk0LX1@CbR&IP1Yg08Pt*1nGB9S`Wpe2@&K7?<s%)z
z>yT_EZ>Hj3<CBNT{_=Nwks1MC!5d88;?LmoOIEKB<1uZ8dDEPzTa%UsT;;m%j8aQ-
z@yDb}ZSwX_A)WpE{?wuF_U~6o_ia5e9EdrrdV-!db=e6?-vG%I>h*dV5D}4~iqf&A
zsjyio-&N5f1DtnMLj2c7VJ7n`81x(`km|TNeFV6k97JRUFjgPoVm~So`nSYy?gBZp
zJk5TM>a#<kMAtK&)c6!M-6S`rEQoT9HP3GDlb?+Ge!D7;oJvQ(R|h^=yL;GO5DdYR
z4}{0geL;TDD+T=NpB%K4i7c{sUQX}{vYQ`-2eZcPOJRhLBl`wMb{iQgVv8uSgdTjX
zB;K8vBI6UJjDTMKavrXwLpt)8k4)cCZ^GfzTeMhc6h^*oQ>Am>%mfml?5(u2h_H1w
zr(|oxKbTg5N~`r?c=nJg4zNoNq4vC1r`i171xmff^E-gYS^$lYx^1lx=8zb%z3@nz
z!^bt1o)E!QV8=)IPu<dG-+_cl+%oBd?kJBCD?^Bulo<L}P=F(_H9?_ajvEIrqW0ey
zjX>}7pf87}^g@q}K+B{WU1{7ek0bto<i;Ov@ig%#W;tZjV3qpFLy9w<vjgvae^Ujd
zR&*Ekp^Hl(P%9l$vemkx!arp}(0u%k`Bd<*TEf(RL8AefAS%CtbJ0v~*LT2St0}1i
z*+WtxV>I_x{a~~Bu+78>t%sKW2?R0mv(8ch7r|!%I$6R*KbYE&u`bvMb6q+!>{?7!
zUjziPFCW=hYyDl4et3~X(|l9oBM}@B8=Zq&a~Sc`ekIW}qoy?j&vK6%tpKH-wD9D0
zWYMO(#$*O>gsGk$x_Ml}y(Y{po!kfmhrDZXWZmF(MU}uN&FpKh<=V4>yTWz79k<1v
zsj5Sr($6EPExz-^no*|r3rauZe$OzQNb6-efjZpmQA-d{L|zd>^p`K@QOUsG;+McF
z7WHwQI5v^)slVPPOYo9<apffGX&PWzgu<ZkD5-|0z)>8jAGHad+Z~1glG0k3%dZRB
zgdz6w!Y7Lc@xM#o2v-!u40c2n>G<Zjj{~DUR$|+-T#2v9+`d}xV%e>9c=x1BOM0Iw
z#VQ{sJDt)mmEQv~dNb*m;Qi9*sv~O)k=C-xV8ZH&Ip#Db!ng`Q8?qOEmLFkh3E%w8
z{KdbTj~+3JAh4Q49x+mkw+bPFL*Bm%vpu8?rr}?lDK#C|d}!LBs}bqxCLayRH&a{s
zszbRu{e8ZCiP@*WyG}dGw%_?Jj@^?D6u*%-d;`<Zus+HA*4O48hnc$|o`cv}=l)!7
zzr8XI$0nowo~vQ(e9HV<!W9yuKX#?S$ABM4LyI4gYWfwKldNCgU9K1{)Q|V9zaFWR
zV;2<@ZNuU<XS<W{RSmU9Viju_GsB9Yh9+f5z@jaJ_EK-M#47jPqe<Gihd#B3oz0(;
zX&>u){XInL%1Dax0YEs>G#)M_Mj0wfoFa-5uOSMXc+WZ*_yv0uR-QmHVMr$MSxABl
z__!=a8Tbz>T;Hckfv1VmG@$aF7wf>#=h+v1!Rv%&XP(d@RdDlV-;$L~_=Q^9XOOIB
z>SHk<&wlZvr9tF@cLQd=7}5cW$f={pI5)7q1JYycmT~$Gmr~i>%6IV(GCxH>-86^r
zUokG{#(oHUt7z6yE~ci{e$h;e3)IEHj=zWsQP2oLZ{2+aoM24<3!PrR!zAGGN2?L}
zw03C~tXj9UHoe4bd`lFy1$LXxDWWpScWcecL)*t}*$<B2R_(92@^2{LoC~$xlcBH9
z1>Npnu0a~<Lx>(dodtHBq9FwSUR!l#jQ%-JkTAY580HKH=0FpbcnuBbqS5Cs)l|B1
zB1y*K@~X8cUV-56sp#wegH8trtmJ!ZNEp3P2A43>V!GMCK83OFA__sH_l|P&=m-|S
zdYT?&>D_<R_i(~nA3(RdPE%=52kN^cn7@lz3x3LQ!&G)4uNLTLv?k|LIiy@BLHpwY
zR(1NoUm|Nz@DB*Yw5Ejp+Z1n1hULZbWn6Q|OluK(;*wiOK}cSVO`QQb|1S3FBQu`y
z4qW1J*yjEtnG)}r&%RAzw`^miKZys-`d;nHZmWYHH9pJ%dk)?3?XGs6L8~W}AXxr`
z{)%SBUbB2Xam4l+NnFAjOrxdtt8ySn>0(Bt=^M~iHlM$0HFJw>Ywh{*6;oOj{{=pd
zl>y?77rQ+{56PQ92Jc3hh$8qRi|tV&n1Ju6OsP>0>_tb2&W9Zw`tl_>ME3_^p8^Gf
zw6lpk_^-hnW>J`8uUZIi0DI|C0m0qu{Ue{>cGocNAn4>D`T=8d5;{v3(+!Ig5P#M4
z#-z7>Z5eQvzww@}w)&W;4&Av05W*nJnAtk<A?GRB)_ttmD3yFXE+-&~>I8~PB``4h
zV!bW(*@5?y!jGn>7z&?cx#*z{`g#wzL;veZd>$yT_f3JX)gp5|_=q9=9w$0GJow?R
z>&9C^A2RnAW>S7MoYOtjtU&_7DfO4@Mq8LENwEiMH~lA>u{+$}+g^>rcuU3yM$ySj
z5XysLJ45wBX*QzEaLl~W&{Rax8f{XCr?vi%J&wFZIq3aPF$hyUTSfR2l;0-j@Csit
zq8L{Zu)}pjz#$fj0+I`&f;2RVWf3ANvVnKDPBk)zw9)>Hl<gsq|Dg|o*)YUIlPN@v
z$ecM!dET3JR!1#=%ox{r*0{^)#qMZdADo#fw~BBR1GZ;f-%6)Bw9$9@v-}9&Snysu
z`Xz$)_F4%o>fXP81Gc?0a>JaRRDzjr_EfM{Qc1X}Gs1Rca6$Q~3~*oFh?N&<5K_T0
z_eSJj$rmvg#M*$j{CTkl%AkQ2ANeLQ8SyeGLlK=skW0`l^u4A!&e44{`ll3C=8CAS
z3Cr!yED-c>tktH!%~jMo;Y>(k=Ij9(N{?bnu3)5pkkZj)|I!C}nIA>B*KfbwDK-=E
zKdBD1Q>TwDZT_XDK?2zOyvqqVFjyNY2Lz^+KS1f+gi4U$9Cml!T&5v|{A}Z!bH(-b
z-;eWaIJm!UV3%HDYshmy|K;d@_paYa@E5umS?&Whq)lh{vdQgWI^1#^{~zd4f(Gm`
zRkOH5b}tVC9on<QQ>j=JY;t1E(%|sl0!zbn05hT(sorF$@gu*#8}JVpDngs>Fnz=Q
z6b74q?@NkY$9EiqQla4$*#)N6{#H;d*>^#iTW&*dK}ra#U#<|s`ty881!wN}omu73
z@ZgcK;@1Ds+$lB-i=aD@uXp<Mt!4?5|AmI@r{t>5=H%wHpXE_GVa*}Ha_GN=<4Bs|
z+Ewv`k71k>-IZ#3fMj!(*`AW-@r>#zG<YTRyuJr>B<ps^!Eg7vFhbb(4z>C*ip~Fl
z?<Z5W`@DnF@$*#VCpwoVt=AthVinK(Qqs>3=UfNY*Lzi|nX-GJ>t?F?@0Vhax@Qv?
zQpTd!)yUOKu)t+i!GA`H6rjOeo#O==cwq6K!J`)&>md_#(Di1}r-Pz2JCU>O=jR7x
za!(x<!N0JWF3?|M=-(i|>U-lSm~_(`(0jLC@#5~44gK8|PIss6erT5HFqx1c%C~rk
zpQp30oQ!u+I=68}80plsbM<xEL6g55*nCO1R3Zd-ywpnf`Rd@VfG>sAOT*n@KYLHF
z<Ozmn3F>g<d!c{TiizL{k>5Ph06UA!P;Kbn<&`wH$zl-4msIDimz-IxfO~Nk66ZDs
zut6mM763c@->|lm_IN?gZo9`+#p9<|S!twZY}!$woE#F^lX{f`yUo@#thx<+9o58U
zm#%9ZoDF}Lsg$K$Bt6yniE0bezu+h~XvN-MJeD*JdL44g36;kdJMy_M?;|u@htcg7
zrku}I?d@xjE&`xzonkUev<~bY0Q-+s+AT!}wBv=+WPLG53(W+6C?zDMIuIg9jyg1O
zClLPt0}Tc;5CUHZq7woVqNgN=(x||E9p2fL{2;hMGck@wPBOJWQlWR8FaQ?fKVU#K
zM}dGtnB=4nAZM+HVasP&$%F|^rs>5(ScD-E9y~i4Yi()<Ijwr#3EiR{Bm{fd)4Xcd
z&Bg+iuW7U{f!2mjx#v5}+?}l_45U0cKrlXK%yn<T0szb+Is!9Ds^j*e9u46$mi(e}
zgfvte&V*U#9G_`9%9^S@{$l!cs~Lc~lMil;l^F|~o!R;B{UwFThs)8Nlj;N?obm-P
z<qNGcX~#N0pJ^#S%cTSt+t;Ho(t1FF<ESE3<^kGtz#l4BXB-9^7@M3x1%EedXWlCN
z;$ka{EoOF~I)X1Bo=wGy8<B$vo$dky*g^Xb%Uy?;VG$%bf0oLi443{`|CIGPxGRe<
zsIo`Nd0j)WP|FBqd-%SDBvN-Kuw~@Cyuap(3HKk@X#~N#9dhPtV$N5LdZb-6Q?+Lg
z5&%E8(jsDKCd4_D*6DyC{RiLx^QeCt({n{>fwflUUh!6Y5%<n-w9p}m4DKf8&zC(R
z9su`vU^Hi`Ist{=Qkx+a@}%K|{ihTBUxx0VQHg)Y|0{O6^Iju+hQX$0oY!XQa8xlp
za@R<)vinx?nRruly1k`3=0FjPrB1P$f8o#$`!>|<Go!>=G5vC6h}d!@iO^J=4*qnT
zihqrFO~R8wN|B=r?_dRuB0XxE!QxHV6!QGy@I~mwlooC>_~4ljv$Ctr8gJ9E{n~gI
z__^WVko<U)t9WzFncxeCWOq<W`D93mi~@VxeI{1&nLqHytHsCt%fuvqUvcE`aJKZ3
z{|M1ze(E_f82#q{b{X2?c6PqX(HdsGc+|R66d6?hLGQMWg5>;kKi-4U&B?Bo(`H6D
zZ|Q5Msq0y9A%~b|U$@)7?-f#OHyvtEL)zz`9)X|)$y+>cH=dFXf|@e%5MEkLoxKKL
zZZa7Jn3E$yo}BHR6v{O4jVAv#kKL7Ofc)`?ts8}im`Q{&oF^v@W)6vEjf6kU-Ewua
zp*Caf)UxL(k!R$I`}nF0L#Ef(A;#Cwx#g=_IYEJhD|5E)Y9S1Kxvwe>3nabk^M&Z0
zPk?EMQB?Th)0pOeyzic|MBiF;MGVFj`5^sca(}^>6Cec#vbfqTB2DDyp?gSN)g3E;
z@TZ7M{>II(_^!y9ru$PTAAIa3Y98hZ*1R97K+G8pm<vy^=pL{ap&<{F&r`4Fkb<Y@
z_#R9mP(S#gzmY<3J<MI*5}g;HY-!RKtR#w)7EMqy`9Zn@n$@lTQ1p=*vMWFjSW<_P
zJGwzDlTV(E?RiiZ=AoMq6&A>#CKp7tQ@=HCzbcmX*HzTXVoU2V))OjkS+ULt$;>#G
zh{-w<C3~Pcg}x$}5F{@xR<diCe+vP?pb~{|n;ggF{L}A2Mg%=;(Qz>tQT@A*nll%?
zBNDwhdU{_N6xD$<!9rM~aRmhR3k>z-*8i>dEi)L#UcDwmhl{0|=pL~VwtM+54h9H&
z=dI4JExgm4=mYE-#<2$PVLwkhpC-@LuO=Huc;hCy{3LK_HsCbRY9siM5Hw^~zG3Fg
zg3s7$L%iI%@!9b%@u5_On6Z-ubUi3{_9Q^PJ(j=pa&XK_0-y+wf2vz-{XeFzI<Cs+
z>Czz`(%ndhgp_o5gLFwFC=CzN-AGF}(%s!1(%s!%?^VA)egC>2;JNJH*_ktE&g|}e
z6yq0fkwzfge)s6uy&kEs{gk+&?)an+mGYvLiTKK{+%X_!lb8JEQEYkHhd1@j#<ojq
z1p||69InaP9uq`aqaRggkAX{M<D~KGFOkB^5kVG9>th9KMt{e95y6=n+BlT+DhhyB
zJ2pGmU2iP%j@D<nfq@<O-_k!MP$8g6^-mwx7G3!Jx+c!)Nu>*dGY;{$N*<yN2J3!%
zO4B_%8y=gt_E4d-aho0yRFA-6$@O|Ni#vW;n^}At$n7j|Az{Uvt*&|9KsYV`4(Vy8
z#7Y2LC3$jf*4ACmmhUIfY`eJkT8J^6HSpMViK9v-rHSBP?fLvOZlevQ;!#?uar#o_
zM_o5!3#9Aa`*<GJhg_7BWVLGTt>e#bbROY4UzA>==WWqEhNV~0iRER!KhYQ)pXH?>
z*{BefNFlFUHd@!7@XY_*=8F!~4<H{G=-6sSNZkDVn&@dGfajzPIC#!yvMOS&tBsmm
zo%uGA+`8UMd=NTFh>6IMu7As_z+C0!odJ!Bh^A1sE|{e19aDFSA>@*X?spc=l@Cb;
z6~{TJvVV93(lp_<-wP`I(KIEU5nuVk0ozHwQDrj}1{701vtcw~By%m8WWEp|D6}^z
z8qmTAw4MU50Ix53O%6ifthDHO5^Ssv{USd&E?blm&ut`PoW66Zl>!rcnR*H1_5LSK
zN5`{ys~0_j%`awc1kHL*D=N|TlW!qao%GfCer&Dm5?lJ~`Ol|Md0wm5%fKwwB%^xb
z<d1A@$hRLse<AkOb2~A1zY^X*I8##*Z>~14R4)Iy06gvG_qOm5P7^muf4kG>L|3_~
zp>wV{{!Zqh7k$=igj>2;kVLzWJJzFeg|J23Xx4eQaO_@miE_D+y_HZ{P2iwM{S=U9
z1MA4_5&!)9Wl5{Dj0e)yWnL1?6BlwmfWy=P0n)Vq7ia7ZQYU>j1?URaF|VQlT18nh
zfj;j*Q=kBBrivbs=C9WccNoF2cQu^9GhJJV6X+5e9_V0#7R~^})|~Z3zest~Jrr#m
z{WK$MGxrgq6feIN-@`%0@4~v-a|$|I8#Cvrb?s!~Gg+lOHLx!cCrv1Efi;EM=<<_&
z4LR9c_?Oa@RMwW;Y$}5RXQgGzD+6$WHXgmsMpsYC<~6WDaD2Z3onsCo`;)$m_V1J=
zF+L+EEBUG)zH(whpiA=>!{x&|xthe6L(rhFdh-TrH6?S17Q8vZ#6b732U&$TIAxCc
zDtFp>Yn#H;(`srX6{QwR<EkOleb4Z)m;+ncX&aMZ!hY<7&SC%uP+vDA!`L$A$!i@g
zrm9dGC}NWBsAw;Rqm!MDB^l{kl_~ilNk@iZ=-+g{oF#DQR2EWZGWKMC*f6BPI$n=g
z%G;gx;t)fARJe(-Em>)vvVQ7y9duej-f12?_t>_3oGNKZ0iX8qtfW;vV9P2c$~8;V
zAjF;P1yc7oA2RsHrgyNiV_Ohub3iXzkxIcNImMwJeWga|xuoRm=qbjk6e?dg$}Wv`
zC!kNOa<Q^8|1ySq_t4l0%`H^LG$X}dDhk34_s;`$_6g%rMEV4OU8LO$+}qvrr6>I6
z`h%+JCzQ)1nzgVLPuubi*eQrWz;MSu^>8Er)bIo;6)_C%G}WgWm}|nCk&Mo&;uP8{
zLRTc~*)o3eLer(io9rXrICd3&DA0c^2sxsQjL&McB2)crT1O*}tjmTtpU$m>UNf^g
zvZP0u#d0>8xrMnQ<X(T>dnJCfpP%BsP;y{^=ecfFrA5AJ<OJ~l+U7Kt;$gKWT;PY2
z14oS4WsY~DFDSKSPa-ANktuWYy5Ngm)EkJxctr%_SAXe(2k*A<UNKBZendIV%q>n)
zOx+KBM=p*$sjD^RAMVS?p+DwN&NT9K$`2qI!U*!|mjFox=_C2!<7|G8oz|zvyXN!y
zeW}mDoV(SnJ$T)sP@rK}d5d8qTjrkv_A>&x6hkPDD9(7KYL3QObgWQAswpo;@pj=`
z!RT!E^u?PD*cv~yf0hs<X3PAnCT}pc%S5LVNa)$h&wTY(E<8giZQ4uKfgbVMCTuB`
zto1_Q!HC`bisIIM@>*@K7PtWX{0X|(@>|~Xf9EKk1M`KeK24tuGI$@_Fq!^4a~v8X
zAW1Q>({z6vt9!F$=^zqK|BVs3)61B$R8mV-5a*uOjOD$L5(3gc<LL0_3hot~w&#cF
zsWG7PxNkek&?6ojhAuSGzipvEZlZJgXlSMoad!O;kasdYzVE&M2$`2s$b9mtl5Q@S
zfr~$uPJPghkY^bK`n_Y>YSyg&4|x|Suis&la^V9_l7r<HO9obuM(@p42s)xLo#Ew&
z+pm!t`R+1?BuDaFtb%75SoYs!&MpuNuJkU1N#vq)@D;jY!00dvQ@7xFGC2P#z#?`D
z_FC~Bf6xgY>ARHc2c0Y_xYFAAN@r(r4nLYUy)#nH;Ui?K-`G)E&!A5xy4uOsef9Fi
zZ7+P~X1x@68g$TmxVySb7HyO}cUXY(ziFD$+ss%W&Dz#>8a=;?wT=L;eg+&J*YR0%
zlwJ?Z$t{IjesX3&Ss)TPas-m)hf6>$!nGIOM}g8_)RO0`7YfMpYKt%Ggw1bT@iXxl
zUu<tF#UuwH1Y$~wKGDK4kV{oCYejmQ3Ze$E_d)C$rTLZqtChGdhSVoCH;Iz6B55?j
zg^<&dvvj2tGdUrL6#Kru5vM&YxxMwz9|&c|D9~<DwjKb6!}N)A1*vgA_7FmzNAN_$
zBL8Yq-Sv8JUf~&!;BOP0lr9%_#!p%%n&aUfVrXBqen^&z9H-(}4^uH*XDYP0Vl}Fw
z;J?C7@z;zs9ox@=M*laP0%Jt@2~C}-ah3B5yr|hV2jzZg#rO1H7I~)H(+T4Qcb<U9
zN4bVCnKy$$0>K*w3Co90){r@D2ox_G2Q5hYgV}@1auY~u!|0E!YjW41TVy~0UQ-_F
z(QN7-C)n3AfHF~qNQYiYLt0fx7p*8IxrvbG$D6&%foMVc@K4*R&0?9uUh+Nc%p_Uv
zK~CGVrbpbjzBJA64&wxDW!2A!1nz~8Qs<jhms>y^N{NZ4+y>TW-H9igJCCnJ_#gtZ
zp5tHWi9h$ue=$AKL*ARXcd%)gdx+vef%|2wlI0WO<fau%suMj6f0L0nL7nu-k{y{6
z?JsBso)mgmSe{s-21$W%`C1s7&hP(`y(bnFoF%{)wkuPAxfiv~g_y34x$dSsdEBG8
z?&6iXsJSo+Jc+^7g-&x{wC89?dBjfheVWUe^33}?no400p~hShEJRfNpzf7p0+L?^
z1^2^32e=p(GP4lZ`w@*EZ)d?m1!f`DmstBK3W`FyR%DHae5rIxDdROT!T;%AKtXFS
zf&OO<WYiGvJA4LM?!!;u`xC2Z%$AK6!0gu>i+zTsBOB@c821n>r=>8*BZ8(*$)kJz
zd}!~^)Og@|$!(gN_2lAS)44VNh4RurHSN-RNFWSYpR{4X=(-d4dQ}<aN7_}=9u2cd
zD)hT51*ubk%oXo_(IC*i#R2k(`YdR{#M!i?a0s~6s;hZqxdtB?!Kg?<Py7pDq)^h1
zT`E*kEKw(NK;gxz7R>L#Q5Tg2zK-zDW;yB`w&S7QFpl+=w{jLITLek*@}r(y&gV<P
zcsG6gYLDCe>n+0hqb~O!Y6#Osk9#C|yOOr;2<4>SOu$(bk1kxe8OZ06YghfEpqWBZ
zo66*T3S~qkCoD*bFJ<KRG}A4nOcd#Hq+LY6#^3gNV|)Lv>#iISaR!=~GbxtI_f9h?
zaDrpU%|;jTc>;bPGF}y{EU6#vF}BM*j8)d%Vg%iz9}vTrrJyTH{qVa+P!?tg@t}Hv
zN|12&pq1X<2Z1C8$1dU0cMu&%F{olWp%Rx6sw`)r%jAqc#g3eQV~4;F_c!|-@%Y1J
zCBOI4h;_M6MT06UU5Gl_CN!@E2@?X}yRMsF%TLElSeh9(t6t^3Sv%5nm^#?8us&X!
zT$xsL|5CZ)xDo><t_>$-1xRp&lGvNUwUaWy4$n<t`7>8A`=WKA<_0M|`Qy@Vb*l5n
zOo}8W&17qJg?>}4KvnRG@9RMQX9491T#yA2e_5aaWC59@KNgS)`(nv&TVu4`e0zUk
zrn*}508uRa%z4MG#vY_jkkbk<hBxx*8zTUR0Z5RZ?2R#=zc$}&gL2Itwx&cY9O;uc
zEBq`OL%;Vuf)E{1j8&AM2>p7js45`^#O)=ari8%1Kw4+n14Z{`XJ!gg@r>6i#Z<ft
zi=W!OvkS;Z%%(nWkIsX0E5mi9_ZW!{bZL&~e6yHad_-F^k2Q+y4M1b8?f9_TNd1*|
z<t$O`vUW>_&Q<4SC`Np%*L}!hfxvI6kfXuxJ_MEGxMwOX@oK}p_K3T6M&>E^<{o>A
z(R<{sf5w`P|9PgBC^@DsdaM0dP>m(&6*svgIq1?AsEm~Kz}VOvV&9N#Lq(+Y!6;~i
ze*g&&ScgK3akfK%NCYK21y0gf<VKY5b}-C(UK|sag{FQLne*ws>CGZXM6{>H=A}qn
z_3I;bf$GPbi?zn8$x2=6(`)-@h-Oa>93d;?pYGdoXn$BPf2D$N^K~mpT0d`gOH;n@
zMCBOD@Nre^LWS9<Jb(wNMjMJJ1;q#ONhQ$2X`bk1Aj#k31>iJ%aCUdiA%B6Qm|DX*
zSs{*iS-TSer$w%3_;e&*0Oxl<5Y>;V4xNn|MDmqbT$M(zOGEZ6rdj*zzldTUjK2{)
zE^8-BKk$VX*$*ZPGa$~qDv#^X--{NRC(=PaQ39A9b6=-%D**ELDNoYouys0;2aB`5
zNq!9$i{DA2U{{x7vCqS7KcfeAv6D4vx^?5V3PFv-|C+yD6K4rZp|(P_hKeN>>{y7E
z?2b)K6T3*|(ZRFh_sQERk(r+GlZ>`3U5#rGxpyKclNdTlc=*27-_RQ|0)Mls{R950
z{+VXe^Q)Ze4fCx0Y?eV9N$ikV1uAqUD(~oMDn(p%^Zvp4!-H8NlK=TSNVwOFfbY7c
zf+EA(dZ(8aR*$Af-b>!%$RHm0y=K4B>@#9H>&48Zn4FikqXm*jLnuQisiRs^z!L3$
z9l<g`)=-96gHQ#3MK!e~dURUlZuET_{$vd9vv6giUV2F*<W<pfKh}T#K}4kNe<n*K
z46-E=Am(O4P9zpC&KtVn@3h>U@3;RIvd%?pyuIW~h!gYVhx?6{o2tVn72A{m-MJIw
z2LDOkT5Sa(D-|`+CQ#o$qKhMf434&b2hLZ}84z1s1!6YxYR|qm(WYdSAzUF@%(9}U
z#W`1?y+wzh2jMJ!H`}L<j1rhz;AMb7(fW}in$>_h!UGm-r$$RYp~JRM;A<Dh={Lmu
ziR*ka8?q?}QgA)Tzs?te($T_CA-EnaA!ac+K|DL|#u8}w4t5H5O*kdS$553u?-}sn
ziaJEF1ueLLeMgH07E+uQU(~M54`$l2^TJjk)v+}TKdZM%9QA=(YOkZ4bNJ#`u&Ty8
zF*gX^f;j!9SDQPY8HYPIb8}S*56pafT?->&1x8MusJ{itVe2(mBLo2)@<)=J4POTV
zO2LBDl{X4U?yRaYG`XKr{mpyO+ZM4rQU8`RNp3?ZJ)CQ>pny!or(32j6nl^FX-Z(_
zzyUaNUQW!OqqHs0)?e{2I{s*EhN;G{ZSIslTYB(G<><Y3_<lcdQ**oeWoExRV83wn
z{ZjdC2c{uprCiHWqR{`4gf^5x#vqj0FAC0uFef%p>h=0+Vv2u&iOfLo;7bHnCSrPj
ztsm__9{>@1zcbkcApqnAV!e1~+F{|uR&4JaIS<8p;X55`J;znSUZ#pcJIqEoj^-1e
z{a5&_PBu51ZMxPZr!jsu!%U+b<&-+^$IO^sEV)%{0%*$u^2JdCt#`<L+YB^h9J+%>
z%c-JJzk4`0+8SN69b`RlAsUQABcKz>vG%Hk<iipJE|S2bXh#;sNJ3zS9|uCnzg)B=
zV2ZYpTo$Mid$1T$>5FyK3MV3R;=lCNH@*>X+f(mZmB#ZLnOl&6?l{PL+I?or6--@w
zOxTLxXI=x3E8K6jtfeMB;FICmTkp-FY-7njp^CsM@v?V1k)P3KC|;rK`iDpbA_C{t
z(Eb0v$wBUNCL75MvPw%&)Vq*Uy{?T6r_N)`&E5XYd4u6ANARl@py=mpLtbqj7O|Z8
zxYIF2sI|dq+1EBYn`1Dd-#*$n53zccG(HXIM^&hzAP89jM@u=ygq<z35oqj*8q6MI
zNCc5?ZIv<h-WvFCcUVDDFQ%3|#w(-{`_!UO!9(l&*rXqKmv8`#$~%1MJx1Oo@hN^!
z9@I3iR0b$KN8JO5c|xJzy+Si_ZIUWows&}Raq&U)g_eSbBOXGDX^|>d1J|k!`^8Gl
zcBG(3*#D-s^<87c3`)+gV`VhNmjL<ht<J-pYz~jGAz#H#4?7P&&-}5~WeJU0>jDuz
zhU+bnfUd{>@t9Sq2X9ft%=h_bI-DEF>NV)4!;?WaoqK$I=tsxYx~z}C%ewtz5C$%R
za)deL7+mB@IDw}kA@xhceDN03HKh6uPjM;3P>4>%s%PY`F=pQ$bQm!B-ZYzwT(j|<
z*k51!xXXL=uP{3q%HFdRoxJLxfteS|&PEj(rQ0=@;RHP>F*{o;el~l2$W53w_2u)H
z=VjqbGUv^5k>hp7H@JYQX+jDBS>sWfK828jV&Rhf)6QYrFDAk*sL9m`Ww2+HoIZq)
ziF*<~S=}H1r3`dk`v3Mj8nbVM#U$H#fkrg`HDahP6lA6ow6vH8!s^w<{cicSSpK=;
zqf7JAt8iM=KDR5HaN|cEZ`3C?1+0owU{<48voH1K_p<EJ8?U{fBfP|uJQ5>Vpi$Uo
zl6tc%#(CpPc1j$TVKm8AMCTUl83M#)$vS||+ROVt8{Hb*hh8W-*IvqK<QUU%G3@R_
zNZwzTATqXIoP*AvLN|r$w0CzI%@n`9O>_dwAkNL8t`U>7tghxE{^RpCHK$*L{7__2
z`4s|#O+P6_y`isnPd$}ZqLP&L)(|0M6i)ms-1ZZ+8{jWEfiBD)f~DeIgDj_!tND(L
zQFawVB6wLcRCyJ8?+uCOyxV|D6h7SWuCNyFwZ=(zOw73WRjH>695i#IA66HPk>;*l
z9&|hSFRHhXrNvx6<_#}~F!3(5Bb&@KKMDK%4cQ!-1f29^1D0n$Hrgdr?U?sp4nDPS
zq{Unhz%vAjeyX@1O7NQ26F~x5JUNfNw>7@xxoTtCPS3NBy1_!z>Efgr`0V#G3fniM
z{Pf^Ob&TbRil1@?e=>snr;t8kIMg>ZfW`17-2AF>8b~ej<$|m*4ZHu*&wW)~QWBRz
zm5r(G8uYGzAKh~ZnTpc@00FaH4anSOPa!x$mnHf&;^Dx`Ib?&VmllLo0^{b1wPVD=
zk)XD2bJ4+z2%${|Wceoz!s8LxKLd9%xa%9PL1Or#6mL~Fg;zqK4cd|F4P(e96uu#t
zp*50hSS9t@KK=hjf9L+!=E!LPXrXUIxIjkNM-~rPe+n9qb<<NNJPp$dRo+TW@2~fR
z=^8QlQqF_)XOS6e#z6NsJU*2^Aonk<%!ywexK2LRr0l~P#w##R<X;|m`L?8?B~kE8
z7KKJt6w_WkP3gg<H+?eviuI3CRp1JT^vkA;(g!O86^XbQ5*$q4*yD}fl=z#swVnK{
zS8&FUC+Ea1DLRo^`_xm|BGv-%VBCEWjE2HsARi?B06GOqz`g@z436zK%oX;&t()1@
zq<)pMAUh2Hhq-74yG~>oGWM4q2u3L|aXI=`vcJ;jmus94GB%)pq?nSz$40e!2w;PU
z?&`Fsg!zQPm=%e7+%;_+lvHcnq>f5a>U}piw3!id4dUtiQ&DZ#Fo!mqvUBz@D}9#`
z@1^J;NE!=df-?#UR3ZCO)FtmrELa4F<&XAvkrQ|b*+TbZL0{k!98wQLxMUE*+1Ol`
zkZg;E-#oi7KXL-i4KFi5OzEw~@|)))LppEPOM#!-Ef0>MZCD>4xC<Z8Zne*P*tDO|
zALGCEmLOHR?;~^k78i@Q9>%B!Z<6}Y<CE4Vzn{R8O26soV5U%sjb#?l=o1JkL#`+r
zu+Y~eseb?ey#Cxsg1H%<;+NAuf`Sb={MdEQ<O@~4G2M~&25JJ)uZ4OcY}N~=aMT6=
z(<Oa8h=Z(kZ7{V#Dm(F_{*rl9tZmvMl~)WMpjs~ux^6UuByp&}7M?0cvoa`mK&0jJ
z<|2GI_8MlmCH!mk>N}iPX<P3V1I1^m@cp?>kL4q$<Rv3ZCvGQTX&<I~b%dP$kg3pZ
zRF^4Sy{B~k#u>2+iP<&a`XK=L%-7OBQLho1Vbzu#fMR>X+j3DeAs#^ebC)CIp1>Y&
z<<Qu(xEQHN2_YyTti!_D2_5D4ERk$U&p^M6C!^3+J&#odCzpwRogwo~o0Wo=7XPJ>
zZdw}kqin1eAi?`LJ6YVa1jR4=c6Daf;Ss^}44z6LE}oX;+?7F|XsaKfT%SKb-``zO
zGp(eumt6QeoIhO4g*;K^oQZk0^10tG08(4!iptp;3S)KFc9VXFtW!1!mydD`BE%e?
zIOmc}F8qJw0%WZ3Ori<R3$<(&*Q|i+JE9xgk=DUuy>9vMDag7mL-p;7!yEyYtup$x
zqH*YEWNQ>?RVvL8WF6~oC=0(i>lNYjg<!@0bF%GjmVtz2D3h+tx@}R4!{VmEu3L&E
z*BM^OI1EsoD6Fq5g6uA!)x*VPu**)n0>>#-KFA7LQ!Dq30m}*`L+f>k>8IY-L5BWj
z)F}(}U`7_;ILc7^GE!=1*+UZ5aAe$P{aglUC=#e=b;V?OrUb5&<zS)zkaX3^i=`R9
z4dhdAxzHWIwMXIHcEN(aRr&rLyG9W=vz*<ayMx9~b67`(*klCnxcTlj<R+M~Y00yd
z2aw1kcG6;+GthBq`~lXMJLS!2XjCR+ve+*Ar{&)W{Xqte>#RpPG3(LkNtS)1eyHY2
zeC1?tIrKRdQ%_EyfAYHZz>?G4XhyBVw=x?OBsO$k4(0j!(Ndy~R)E@)LnvP-1`D8@
z{xQ%!3q;*qPH?7jni62|6+91}PIF*eSNOBAZX$#DFvG^|@^&roV8^Kwv~|$%tw+gZ
zNp4F`)j~DR=>B<pY(Esbr>n;}HM_1e;g89x>6uL}zOpDo^&omTU=~<l>r6mr1m#QC
zoO*Ce(n_a^Dt4`-+ciV?{F_1vac9DwtiH@g`rx92ajXdiVdq1Mu7keuA2R~g9=-e}
zwR#QH8v48^XMq;M6Wtff)_0z@KcQ!D!Xm%fLd`I31I5W3LDu)!F&XJYcVN}!4NtjO
zLFF9>L{%F$B}bK5eXp@LF&e=vOYFq?e~BUSCv_0SfQjBYF6b}c(Emczb})-{;<9hf
zFYkFpaad~WCG(XaptWnrfcE9~l9Pl*AM@i8p9iQx&Irl92x04ilOE~_&v|>HQ)1uM
z`1lgNGr{JgMDSMsF75~C>1$q@Ugk4CR{o-sB}wVu6~cA1U)AB;tP`{erMG|#!T~+0
zd9>mZQ<yPJ%nL5)`X)2b^-W_0?Lu1rt4l4FS0W?_FR8LAvAU;kaIEh3hHbqrqCi}#
z@tUp&+5Mqv;fp0!j%#_8Eu`+vz`+qGbv3Nz?kCr|aua8_NPubObDFBEBr=1U2AGVM
z@3$>PCkTw+)srltEh)3x5%BUH-p?xbl6KEYKiWOTbg>VOSbTS$8Bf~)x`OjRRxFt`
z&@=SW5yKQSWIZ9btjsQ{BV0rvOCLNk4&n2re_TlCy`IMfZnH|pP14&B&r{nEWyPNu
z`EGXZ?=BCm<wtW;N)Ih;TQ?e*{EkO$<aFb+8f0{51J^d=>MOH<6V{}r`?1{3Y0F&P
z!5q`uOQp(r6cHgT02c}V$3|qfO0Kt8B}tL@L}|KiX`&zHzs5*`{!p|jr-3BMdkeri
zCD&BE2!iq;W@?6a6J!VD<umW?*X*_|m!wAAx<!BRDEJ}hJ4S1ADOs^&`7|p38QRJY
zK{QE|W&$xo!Y4iaBd&3_@ds2qRxv5PY#{rUvZ9FrK`%U5h#6M!zrGlryG)cRXNCl5
zSeV{f>Dg7L!nHucFuvU#vaAQkjA-}U&9K%n<iW6`V5p1Dq5vU3s1q~rQp~VibnpA_
zDgd^g7#DPd@8{H4%?nno0?v)wQPz!84(F{F+-KLDB5p;aH%I2RxBzJF@}hxOwL>@Z
zmh$24)A@(TD*jzz<j%pL^}0F1nXK{m5lgAh0c9(M3tDmZa+6QK-|NbJZe*=EmW!@X
zB+v3@zBh$na~^e4yZDYE?}sC$InRGu2Ej{kiFi#MIjZ-;T5P7?Ow`PD>WAucD>{|I
z5EpXWYIobH(yxbQz(V0w<^~2&p{(1!_?B(>r;<K?olN(0p79NX<qShvN|i7s?x-S>
z2fqEwV#bdQD{q+$^Jm5ls_z!GbUny#3(&Fm^k5FLGpFcntB8&gSKIZ@0GQR>^dUl`
z5&BcRYgT8j%C^o#Xrd8R=UJ4ZZn9tuArselTYGl0P_aT{zz#iF<a9RTYs3WT8JNF~
zK^IR%6f@4R0U-0c5Ec2r@7%?cb?$nA$MC8Ns5IA`YvexEeXgmWDLcxlbB=SX<}aK&
zubVuv=dsNydJGTaJLiqvXYgX?&>9pOB}9e!RUGd?>4W=Ljzxo&`LAZUyJ(O3LV=G0
zaB;S_6mg}tzP(SFWl&nM##mBVf6;=<i-j_I$v3(?vyKXk;_$?6{M!U<Am*X7al=k<
zuOX~l@~eHnl%?7qy6QGFY2b9)ff}Gam062~0nooFn;EsX-RzKerzspVKBWoat)#4>
zZjNv6L{|Y5M0B<y8S!=^;666v6~n+q|Cc>{ImZbYw(;&XRQ!+{>MNQWN)S;xwEBe)
zoXx0Pf{6#-G5Jy;bzrzb3FXE!QMDE}z~YNB*7<9EFe@vk)7QVdp<&kGdX;^KR!{^v
zCK}%|?vI7Y&8^;~O(w4L2NhO@d$Vi%vUvF!W7%O&0sq^)j^~CLZpsNR4l;O8Px|P^
zBc>e(I#^oaMh*|S89D45(@^UG2G^zMr?AV)l%NoS*Yn377?iY$hKpBZ{rUKb&tH!*
zh8!AOZJQVcr*1~p;)wcQVbx&bH-+K%FU~3b*|Ld<Rl{CcmV?{z?VCY^#9%Si5KwBt
z?WCvBaoa&nI_O=7&YnTAD#nVS{jV8`(V4(7Y}4@#WDg8TvB1nAaCk3jn5K2=NF39)
z?4#zVh2+s?NS<KZ!$z%di>cvT$5mTtakW>`sZA1bkRr)K;YdXX)ddq9otMQJwdCa9
zJ7C8jX+Y}1%jog~sDU3wx91J`@nG!K@YLvsP~86Hy#H?3SZEb-SVLLgxFKWJ1ta0D
ziYJ{Jt~*fjT-NFlwJNP>W$F!Wetal46n|Wyln6%48x-#zIX6(8A*UdW;f<G+ke{K6
zcl$vsv@ydsDT_PAWWBQOCaz63T9SZ7fjU1U-%6}++t-SP9ykzgmPV3g6heBdS?<@+
zUW~iHV=od`3hUP(h?eg8REK6+oq$c(cd*bU@L6B*$KIfh?hm*w;rgL8A+)mV_?46H
zPbheBoA8GD1!kL2w(^LgjqKJYKl7;rGs3J;uV4&6(wmS8>3ijsod=NLQy}Q{WGOTp
zi`1<_C9lF8(g1Ig(JHt}wGjvJ^H0!)V?t1cW!0<{ZPUar?&*(`(IPG%EZ?A7j<x8N
ztbTm@JW*0)`Q-A@OJ_m|;qm&V@OXz-{xecMIm#<UVTz90C!$L)TUjL8!-9;D0l7bh
z@UEfWRz*F<D+@Q$aZXPu;<kK?tYs*zwBwDZvT$W39(e<ZtXD{w(r!fe(#w8jPTEq`
zb!L?t4}=iJ5H(>F;-EGTF_<fuw5KLaqIukK&oikq+^GsRmCXARemxwB?Q=_)WhhO6
zHd6D>$^GfBnfyT8Qr-G>d8-lzyBR4)vVY*$+ag^QxyQJ2r!FDUgLxPFCh18v)4g)7
zNl2oixF=iSTtnE!zec()fyPPIak$4vRnvQ)C*1Z;B_PSku3J6K0ab^`7{+T=Oe;xy
zag(-#I=1|B%R6K4-i?c5$O(tO#T@stnZcB(z{5jjOk|c~HX$D{hZD9%IukT#>T4y}
zht*lpa`3sa<O01)E9<rPjCq>b)o;@>!F)-D0Yqn4raw1wAQ?5*xQ#@Y%qWeD&YzoC
z=l<~Nx~mEsnipJmpI5t1TP2~J-r>qJ$ou$#fPYXPIWFXr4CBaYwDC6+7j()Y`A*EA
zzTTAP%m%Di#_!H9KKORV2jUHOG9puBZTz>sj3WmPb<(IIVQN-7DSUjlzb64OiRESa
z)n3%ANH>wv)r!$|;_f!?%{K)l@78X~@|H4c!WJ)b3cb~;DM0&7jHz<D&Jy=tVk97D
z;-+EBA@usrvbyAlWfyHeXsU15LFw~)r6kHe40KSD^$oAY*a_vn0Plbhl|5|&=<vYx
z1}{?Q8ryTvd6{KbeO(>MI>0aUSY9@koS}dC@XI_O*Q+N=#&sV|yFzex@Q~DOE>YFo
zcJnIc^Nx?lX=~pxorDbFwoJ$(SK7G!xN7>&aG+*6f6trpWudRwgJ`6|+T_LUde8?M
zwH~?znAowAMUuzpa*6E@>OJTEQk0n~iAiN)iRUj#<xGEfTA&LUxy*8}@fv*i?P{7U
z+-D^Y4N&s4AG?2Y&t15ej!v}To*DLVQ~SK0&2xNIN-oaS^e2?^8%1O!2UkGhX`e@c
za6VbNUO1|!6;6ZWG?At4;rSJSHm~w9Yb(Cq8p(5@0*Ki=E-k(l`m|ldeBWf!y%iMd
z4Ax-EF9Rfif;6qc&h%c|?qAjb8H0b<hjEulkd{NM9J;x^82s{jp40S5KzC*ROgyWG
zis;>d|2C>ej5&4Cb;!zcr;ZHQ+KQ1hN{Wn?RZ?5k+hm-Rv8p&tBRn&V+6qA#{Mjyu
z*{_N5Y`BsryCUGq#NG7h(AZISAzZjEb4waTJplU%RgZ~-Pz}zvD;7dW77uui^6_AX
z+#}^a-LxDJqn|dmPI}xkGn6n#Xeowcj##oKha*R;y3dkOOI)<Gv+rC|3}s*S{KlNy
z9?A9}h@GcREgH?XqvDqw8!s-~9KuHw&%$Bz*Wa%fbX*p7t-G{ztx1_qN0%m}c<Q-<
z_cg1zxd9V;0?c<F+BzTA^-eU3ZG2is0sdIj^rgk-u@&dLbp9VosI9HfXP0*3CA9&)
z*kNRFFIg(&yU^#wOAM-@-2_((VHNjj)Dig{?;+(iQ;$CEP^MfHfVFMqPHyGp5#O&z
zsH>XE>ncBu_Yb<<AKo?B-yb9w4>x}RwgsMd^ZDE^!j?U4jUoH$XIIsM=eav@<Q7ky
zr0>96lm&`m=!ne7ZogjA)`FtzNX0f*`Ct+W7n<m`5c;sKwF20kqW^`Mviwx4D`UGl
zr&f8Y>meJS9>|1j>)q*el0JqnxwN6W<u1i<R0~)h2p6!{KYTVy#sRQ(=;lY5xv-m~
zG)I5E#68_0UaYVUy`-7qbe18p5#<IU&{k5TZSblkC-WjEp7gX_iln%#+37a)oS!24
z=*6`Cw|r&^bv&IP){}h4gO3o68mI(EnL)lou8a7t69;qUvIv*cMfRsXP&&#a@(jjF
z<dA2NS&aik?+|gy=5)SQCB3(9#csaqd(QOzS)Cev8iF1+<SNy{Bvn<>E{xPE3ZK{|
z7%9)?gLxkr$zebyqr7cWvI7(3g?JBld=`RU_rHvGu))8#{)~=I8LHMt0c|UGX$W08
zsbAlCz^2{GasbeC4hl<7-LYypPv&x>o&pq+tUm?>a&twfl}E(eU2?ooj5nGu44EjM
zyDjcEn$$hlk6RcEC#gnDh~Rkox@;wJ9;672wN|3reur5?udQTNh2RkWF|My7T9C*#
zy@W^nSw}?TDMA`$`9Tg5%2P4Uh|>hf)p<Qf!QzME=L|J|b~Y_Eo2}|@e*X&e2g6@b
zJ#k)H*f2BoUnL%`ggPVG>AFCowHplKKa|D{9d9muqI4|kz4zQWcr>V2=OSuj<$@mm
zo+Gt(nZ)N;Qy{$yGg;j#>ve55KVTKLlt3ipNRBUbU0}5e6GeR1hRr`%foke-l_uf~
ze!&}69~4S$;9b0~;|&urVCoC}7xfj5?9Ml2?9MT-$t#fV#f;M?pN9i$y<|72x|4RH
zPUHztC<pabm3Cz+!sm@&UAEYd+M`tat9_c9S6&={meEdpYXKkJcz~Y&mbuY`G*c2)
zj-(6++`{Oalz>?Vc1Q<`5);1rto)BHgDLbO8<jt3M_jD~nAW<Xnb!6PqgBIrkXwwJ
zznFGuzgM(WaHl5ndaW?pW#>DcEyr(j;z(9{An5Kv22Xo<XyEX}wTYfonVmw(^K3M0
zw!qxw$~ni(_D&}sn+#}zP--t{44$m>@3ANC7JPCJR3^Dy>Io21-z(v3#6S9lPj1lO
zOGmE0>dZi7QVu?~W+VkY6BYNy*FcTv9g8eRk817+qnQY*Ky?y{;lEtzz|D`bV6GXi
zV9vOE_ch|ZSgD=d11I@1#Qtl<;5O=8SKm`)ue(lrheur#{Njuv<yhmkS1QYbJA?t4
zXVaR5?hy<#>m^Sd5O&@JR{O-@c5ZLjfcXq_x=I)>K@&$0h*cOvI}H)sQLqJ8g#|kz
zA#~P=O0bFm@e<-Z7JIX4%E0!2bAfD<Ms#EnLgdh7fmlqpg}UYb?K(7VvJ~1IRV%|V
zx|Dd(5+`nx&z!Wa*E{Y|$552Bv)Tm5*RlFl!XOTU<m8Qhhz`W+&%B3s%n-6hm0z`p
zo=<km&@V`!pr>0T8Hgd<RP=32O^3>=z$Hz_sOT;$M!8|6oNb1qoHg!-bMk3HJKm`R
z*wz`+?KmBqkn@%pP`1=Ic;gpT@8Ir4)dxAAG~AkgZWEM1nD0LvZ0wh*oZ6gJk~33l
zbmZ!;yScbUGXwK!pwBPHEr{+2A6;fi0x!Q9G+)w48Z(i`d^`}D^XZTU*Eu@id-9G!
zXnG0>{J*J0oHI&-rXmTNN}xSxDqH_eg@)7dk>Vrr3EIfmm%_MV;XBn1Qda>6Xb2;3
zWUGA`WFt35=HG+*v$R7y0>ThIFdZgDeo^r*q#+$au%B^gXqdPhTvkOz-)xZJNX^|B
zRP!PldD{gI{3gr?opsW6pP7W}*fm)?X47qb&;B!fC{l1Fr$Hlna@f4*AZ#in6_4n3
zX&DjVp;CE%B}byl=Q?~zVkKSk`KbTfN8lGZ?SPt_0K(wl@NukLlEsArV?_m_7A(Ir
zM-^^4t?qmx+n{iYnm-NOGJwMf<@jI7bm)jByP=6CgCeFw3@ZV=<G+uM%0Z(`w^%ap
zqol<_o&SBa@D-}X@#{IknRy@RY6Xn*=ls!;ltbMe_DON`g~HuHA>dU#_$nGOprd^v
zf6~2Un~J?&Wap`nFbjV*Dmb#e;3@7V*LI59RkHAX#ozJc{6KLtSi7yIv5#(Bm+c_6
zC}XC#OG&bjMPy*NISp<~y0~Z5d0#J;z4wYg2v`2VN(=Vx`NCqz>4J<}sBT*y3Y+s+
zHe8#YS}#{{AF`B8GmAJtr=$qCQS|5ms~VZP7Ht=u{jKug?W6UmlJEl?h{p6$YFLCF
zwvxn`-Vbl<BsE_EhbV?lvj?%m0`Be?fB>6Y>6s>(z!e`F9L(jr9#Jw)ylj341c8yq
z4p>LRb#pj1!oL-U>-V06iv6aLvV9pfneRQ>w&(0-K=m*G)d&6Ltn(9`3x3CyM>Ed$
z*!bGZ?WxRrto;#adcFm(I~x=_M(G1@GY`pI?w!I9#ygpd*&Ab&)lU2YX(5Bcoi4^v
z^_eT~sd~=;)gTG_s54eRl8CO122o(&sDs3t5U_djzR&+JcpId1FBpY#*)#zbh<h2<
zCCxv<n~oH$H?{cXV<q+ehafmP_~R51>y2BTbJ!XCjj<A---z4o@IpG37<4cP<`(IA
zav0FYgFCqNZ7gn}%80+0vfELZ3yu7fW?;?Zd3JPsdCV#dq4p9N>nrD5anG<6BJnWu
zlx$LM--@MS0VyMD1Ql*(&}LxFJIBPFUlJqS>c%Ic$Reo{Y;zgcB5SByGM*A^SS=+m
zx;P_9T3le(wL3iwP^FbGN<M3n<&-|t3gh+?`A(qzdO(GP-1rZfBVD3wals~SNi4=8
z^`JUCD!#TIy5E*Ir$RuO#Vzp*_bVM}^r&`-rx}4j1XqrKI|2~}T)l?rwt0s+>)mNj
zXm8H-5H@>!BK<i+R$*Pndi`UyS=XPLRH27*Md)|Az=(b5b5QT%HJ%88-ca~Sg4Tjk
zJ1r#8xA@+f(Ob<ME#R*o@@qAQa-EQca)HvDR#;bsV3khV-1%_bw}LwldUBgq)w(gk
z>Nmh360;`fdl&5z$_44GAD!od{5b<6=`v%>GCJ)UR`PCtTvCDRqb-r3+XZ4(Ej_B>
zJ~WX7<xVI97oD_y#GPdH8Lw0)mpEgQGt?1M+%Vi+N+g57i3g37x$Uy(M_Vd7F&g|i
zBbwMzil#90MDKHrdHkmKcakc8AKNN`r1;8GIoHLbC<0vD2ZqZr%R$GB!#SHjXweL{
zFwDk0&q!c_&qx=&vz03;bgg7O_zqmD{sF8uvasXRMyp=l^*}&~KTgM&+?yy-K~!Je
z_NG|r9v9RKiY@LCaz-+uJcGdRtf+_r{}zf*Eq)E;Bx`0BfZ?SE%#-UuSZ)h<(NpsH
zk#dP;ieJnSmUS+^hcQ>=-Zpd!N4~5;ENsB*L5n+8p`W5TPD~LRKk*~dA(I+{*uL_*
z@ss>cXpZ(!#AD>QUf;i>;0V#Ci-;5lHp?7w81{>#$R;QxBdtMuQ-eq2cY+@I7Zp^H
zErYO^j2*BbXoXk?<+R5{_qM1bWiL(*4Fdhm4uah6zUhs$_>(aRS0HRKKftY??Jk^r
zA+KqX3t=RAv~};S>Dz(*%`O4T;Pm<EzL<e#m6hqCgx{(F9?yH0$V1x5kMSVjo!3Fb
z>=WatGiFhEm5ktn7_L4QE$T||M`mcV>8F^`M}~+2H3XG|`gi&Gm>+bcG5|EG3=mrz
zqVm8<7=3H;V*2?3DnS-&8GG16=t*eh@&0*0a|Y}Mf7Mxgd*oqsnlgv{gZAuCT1fv-
z9`nnzC1LWy@q`l)*x;7&Zzmwcu?c2X@=ey_CZQkV93Y)wR|qFFux!Ky;-e=Z^dXQ6
z;x8v4oK)?NAJj)mTU$$XrUH~UTLWL0@%gjfFDHe)fjx_Lm03O_35lAgD>~wGPmfU2
zefcGgESXkX&2g$u=mNLhigM}2$I|qk9#5h_OdWCbI;jH_djjHHCn02jHZB{AW0;Xm
z({QV_`KW}tL<`xhpRWph;afE6xNek+G3Vnr^DB@KLd8TeK8*J(<WH^fi>bPEu1C?>
zEmTsE|3bgFb@12O@@3Q>kZ!C>lMS(oecsHHxY&vvBB+wz2Ad=nKd-ys+ApqR97_K4
zxb`Iz`Fm`@Kt8D$r`>wYcF>%3mY<C{<BT#rlB0qn8IPnb+t)Jae$}q}0~3loHuhS!
zL2Dc?hX97Vlrrq;slTm!zQ}L(4MqhQ$1j+FiR3%Lz6w$v2B<v0(}97QcMvuU=eO@e
z%Ge`FXkZw=QvU`AU!+vI$0k)t0*Z0Kt;RUPZ)MbSKqG^3&@AUiy{fe1A$+;eAQF+y
z!?dhl30@0uU8r5^{E?w!zhAv0pQ)1sg2GMoN6EBR`FogWV~3>C)sK;%1W;ut7LC5|
z49fIiaN&wXN}p0I{)J(2n|OgeJzoLy3PX_+!4=;{Hpy73C%{#)X__j(ySja3SZs%4
z;^L^qXtG}Y<G18<XD2-ae5{oRnc{3^B9!TywM&`Ge6$n{c4_6>z`MEcW<kI6v7+25
z{Zr)o`mYYNDMxHvvdT084uIa~&}h>Ku@;m7bGQNc5z@ce@1Eww9{DN64p~+$l!kLR
z8Bp+~+8Vn>SJ1$(B;`N=9m#{O|7yglq2Jklt@L8qNT;khJY!g0I0@O=Es8h<l{Pko
z3o&%<F7$^zntIFcVz>*fv{BPLN6C}$e59E0IxDl&#Pj#=r-&zmhh!8wqzPTc$o$70
zw;9vMTH(^hK-|$310Rr=)g#j>8QZU;f=nw?@#wSePDVQc@2(U)t8K^~NlxO1n|ps{
z6-sD}HYK2}y@|K*{V~AN9K=Jwr6XVP<^b9|`6n%eC(G%n7UH!2H8wsG)_!B0&FJol
zD_o}N&>;35dKum={RtUoQgL2{_BG-E33{3<m7lrYfoD-JcMu+r8jf+gVflbpnw1Z0
zeN=MKV#8v5DOL{qjs@Yh1>UrfhY%CkNZRL?i=56`=<c>n^qV|hzlCxrje457Px4@U
zJNpj5Q@N`p+2zw_IlWA5rR0-u5Lb8toDk>h`c=u`BT2aMf9v2n;_t-m|40T92*<pR
zsbty1PYvt$8lS^if!wx|2_9zM)~VNihR^cca%a34vFK4movYe=?VmbqPM$Z?GX-v8
z-FbxT_Z!H5uCV6@Jj#;e&xfWAz;KWY)k$heeB1mwAG(P#;+yvATb(4;;?$rHeH;We
zj^96^&8i!u*#xi+FhK#RXk~bbt7yfnFIH|{BNSuk2B~e8o*tRx<|v)dlBo{wRvlY6
zL6It~`Hrr<F(#58{<&N)<aIRE@YE)3S!L0l*UGn|xEPC`(Wi4{8wu;QWk3F%eCe>`
z)F+lkr&S6EH>R0=SZ(uXgD*H_6*48O;<5FWQLqws>41zb_nsoPrfc!MV$8N&@Vsq~
z-NC>d{FcZY{Q5(Qc0a+qV@E^CFF*Z(d8h5XZWNh1KEFr|Od(IA-!F0saP?n>aNzb_
zd0!9hxU@T?!qN|)hxStpKe4A8y99S}aS4)&{9AMJFSNdoWSBxRud^apcauGU*mkcu
z@i{6>cG?!El(&fUoz3=2?Z&JH9s&8>u!Fhtd(V5g;9bd{XRl8`fz-3w{HA~?^)C2{
z^n%e{xxfWBm_K#zK70=eHIC0>8_wm1Giy|azL4C99_kJw$tctPw66)itg9IT6d$*s
zjQ-^lk0~cyAK;NJR1m~R_GR69$oG+8hVp9}jIEU1r7lz)V8Gi0DjM+59BYS)TCb1V
zVN!;EK!4AR!eAFvHnZbeaDe(Vb_#qr2{o7ZVjG%__v|Q@XkUlqA=`0Lt1q1LH*7Q&
zei<s8;6=z)DDnR{HkT8(_ahmBAOIRW1?k?D3m-9I%}N@BomR-aO0|HbiN}TmY^%Zr
z+YVM@cqn!6)_nP==oG=#xNChzy6hONEMaGc^(c|ZZ+bpPHS3e2k75t$#*9E^lhBJh
z*g<cwhy;m6EmXmLZo)zv+#y?*n52*L|6t&V(JfNXmk;<@Vdz^UxPoZy1I|`u4ev|U
zZG%3&9Ng$yJ7X6ne=@uh_b?JF`$1$As(fsUm|*<6Sg1+>RJewH^j7VIS0m*td&S21
z)OY2fR`*H6L<yT!ehOky)}s_|3ySYGg~tE$ck+h8H=Ec7uR-pPW}SJZ>g0yTj*k>O
z{E;J`%%&8Zyo^I59(DnO26%~79kZQbuy%wdIHDsQd#cCh@ii8X9BAl&pDj~Nym|9u
zL@B#cfz)K`{dL8nUXk8|^z?YLDdujWd20CkNr4j-o~=c_U7N=?&-{jS^yj;cIEQ&v
z(6KD`W_}4v%$$K7KX{cdNJ{aPU*lQ(EMuw6QG0y~==iI@1?b=jW&k4pNohJ-@k0Gf
zLKz?;)WGh;e>8zOU>a{~s*v<yKJb1h*}l`2)R!*xfp8sV<Uu|Sd-^HojnsG@U$d#p
zfT4mP$3beSYqogZY89X=E=%&coR>W$)5D}5e+JCx$MvT#8aC=m+GDZ@8h+lT;bvSn
zy*zXMjPZj)GyoDGX1Yvw39m|HerL1Ae#-{~mlE#wd-i6|4$*~5{&8eb%C8Qg(nw3u
z_prw}aEO*%L3*{_unff^NgC2D*@v#{tht8pT|RP(0rbSbH9r9wise1ge&+QDkG~{n
zq-DQw$Df(I!<xPrm4Q9)JbzjUu|KAZ0pv87euC*;F6@{26tb+k3?SK4Zd$jt6XheN
zw%1BtcPadF0CR7g`92sH>s9T0$({}77=^iVeRp(MdbxA2`cFwPqC}K};i=~6?$ZC#
zKFiXU_Ib!D11R|=aGWtn%A^fev$yyl=S~w>qQI5Oni36|90Trg_6W-N&tMo%sn_|s
zoqBr(9;GpT+v_B&`>#`CxtMfc=4wixQ#|VImt!Bk6sS?2N0RR8%RfwZKH=hG)$_??
z98G}KCE>JH&=-da?&8lzNTNaW4t&5mqY1z(wRneO)J_)fARytu*<a2k@BI|`w?ZMh
z^kIAeSnA*&#*Mq7JYx9aJz^@*?t7f{Q$}R5-rc>ny~1)+G^1{CeFtkTlICRpLmyUm
z^)&(T>{{dmzVrpGEW&?fYr#`b4$XF-+V8gQJ8jUfWNC%A0ult>L4x38fz>Y9SGOP;
z@@<#$!8&5vE?CVTZyL~@>Nbb=*@X`8nJIz)$64ItX>mXJ(*EKsO+mDhWX~VIWuFly
zpxF)p&Pj?_4U{A;&o>^hmyv}E9tF)RKWdLH_()O&24$<CUYJWSsP}cAPPX>zzO~YS
z5$cSPI?5C1I!~`bs2yB-KFyUHZ7AaHDRI|0o|aem!Cv^or=r<M<pPL%vd`m0ds${z
zeBEPlU$GLr+z&}(U=u*2WbLY%y--dq@P~la3P%z{dOzae^hK1XL6rxxZTl(6@L%y!
zO^_IBM)~osW*opmeByz+L;K6&J!&T@1z>t!jX(HYNLpLX$ljlF-mpG2Xd$Z=-<$Zh
z$6+RK09c;{vhovTT~)UG-dzRhMw)F|P_ixcE`9RT!63e93v|NEn4|I*U5sh(x*Buv
za@gg&eOfD9db!+>bB%8t9<(7ae3EKYFM6qXcd$-ZzcM&%K&$qkep)!IjDeV>zXjRF
z07D&D`=op0-iO<d4e9oVay|#7e_fNpTx~BM0Gx|%Hw#Ow%HQv%<%CG`lRoMpv0t3+
z!NV*?eT}1yCJ7Ucs^r?n=rP)>><U?ZRwsZiu-oVm9uR?oqQm(2QJtntOkl*6)*P0i
z`bqY}5eHfW4-e9huj;4;ABW(E>0qrNep-?GIBjRodkaBq8V?&2rg@P^Y{V0-LL5QZ
zUB)A=LEwSs#nY@oxC4im7X)8H{{{|mAdBFu4*W^-r=(%~<<AY=`+{=RFB`hD4@e;>
zZ!}BJUAIaf!N#IX=7lAqOe|c0e291^y_T*vc{@>AK8kkRQLI0`;Z^F{OhE~+mG^#^
zlafRa1jov~V9(5E=J`J%4e*SKHUp)~qUpf}{eCBJ;8zP)llW2Rjj{ev!0m_AWW?xI
zPMQdamq2QvHUXiF0hi{4h%2z|4>4cf!R?gLgYPwTgv1PVa?)~+c)ECTnZUq$M##6V
zu=8gizqLxavPWSF&g)PxY}9#MO^Dk19u-seiR#IlPZaHU>^?wyXX2n@cDKD(M2u0{
z^aLmp`XFhhV?|{oIL#Ds{G*6PaCand1H95{{vW<!H-O&JX6DwS$Bawy<Q=8swA17-
zG!9Dx*Q(5KIGJnUb4l@0?dsr@eDG}uT2d|!q;<z#i|$i4&&x%tRgr_m9n*_+t2xc7
zf~xVP_A5fjC7vy;eO5x%5J0+buFRh&-A<y9TCRouRlN`X_cmj!qXk!20U21<w3eGo
zqAxw)bnCJl`4>{pKM>+a{@el+{Jyn6-Y>G1-Njk%CY4)sU*q$cbIfJ?{ZT{j`R-=U
z{0l)Wla*>INy5Ztq}Rgkykm^EA*EA5FkVTJUSSU9<0V;R{9Rmeg#$o*>?c?MqouiY
zdMk!iM7hoC&4C4%#aRy0@nAJng+wk9@dw82OSznp(wt!)rs)2aOP~G|!)Bd+V!c9G
zbI6IK1v_M(^0@=%22Wo~OmNi_JgGyL9q&&WlaALf^VjLr1}-%Yk?>zhYLj5zag)wo
zX#cJ(uYC0tIA1st0SL|_8)U(2vu}**bb(auI}hsj3cB&~MyJ|k9%?qQgk!yVy#y&<
zi0<>u>*gdE3D9K7pl>3DioNw5$fo|VCTfnES#IMkAMzJ!pP{C<CSh_flSjXM$-wl(
z_lbltOuHh~OY?3^M#7u=ZmYhwDS4-_6^VEFwp$YLt>imCZX54VDWA?Q8q%}=iL&Eo
zZ;DUruw_+*z?OJkG!RoVZK0};Ijn!7#iUg}Oe<LY_A2g@`?^c3>Q}S>$N_ObZ1nE>
zXhHg|8DV(A)bn;Sm+=h%+`3%YTt^%d+vfH5W{kb`=Cz=_L&xBmk<HP*WeG9KP^*9+
z)c}eyNFOu{9q|=W8)v1y>F@mWx*drQMjlS~)3<3y5}`1(;)Y7!i8<x!7nVbY`z29j
z$o`M1caE=nYu<)q+qP}nY24UoY&+RelQd|I#<p$Sw(X>0<9DBPe(%%!|Ghsm-!-~s
z*32v`ZGZLg&<;WFvgzpSt6kUy1E=T;$Kj4ZV`$S-FPkM>sMpO~M}YhT&-8eb@5*+0
zl49dksR8&pY7)iPBR<~)X_2BbK!~ED`0QV|t4nP1RoG+GnMZ6?uGWN1cUjIWnaHJt
zT=2pr&4Tcjx45p`ol9np!|D69X_oxLm9`9)g?7cqZ9a#5zGpmXu{CKgveaKde(d_(
zo6CxN;^Oxc=w4jp1$JNeNtwIt_*f|i;-Wkm2I5w%wtfPxeFuYiiIU3?v&Y<;Byb08
zP~>%0BMX*mEY|)D2Gz#O%};nruNj&z61z&HKk=Xa${!2aELH_K&W8k`f$x$gA#PH}
ziw=n+r9kuUgJ$%2sSLgG>^(!&<-<}Wc*`jJ{*8N21o{yUo>mdnvm~dy2xBN|fUU8P
zeIDoIr<m95jEIKNLzY&er;KoV+`)_Y_x%xZ?|j~OiWd^tsb6OdBYe1J-bcgk$PEjS
zOMtQz3+7!lxnr@=YOZbC<k<6^H>hF52P>hB@0aQP5D&FN;=WkD7o38Sr}Y=VI{zz8
zSwx#Yu2s3xfs)^8`TKhJi2|6-j6Ooa&}zqGf21BqjgwfE5+6-WqBH;0-!0<pBZPxJ
zV*Z=s8<dT|Au><CapF;QCW^Kavw3KYi<!s#QUnjmUXSvU8IX)7gNzYwW?d1_gP3%>
zZ(DfEw{{mj_Z(Y84}@+jI~mYcoujIr8XC?}S$;GqEN263c3W@TVtX#inQQCnAoB(x
z!G5hfO^QdF%1Vs-HytO;5PjE!rsgJ7@9r1fs69L~5Ih8J9e?_L$_m|?5eSjl9`CYC
zg@E%l>Q%N!B2Jp&c8?<Z9R%iUcnZ19%-^ikr<DnouY&`2%`*1h8S0RE59y~Zsv*F9
z(!Xh;gVRQAjKAb-^-c<}b?TB;_JMb~z}QtS-)tGdJn}=X=F5p*_lNUcu&QK3V(?kU
zm;TkeBS+*~@q59pOONtnv#A})u*VL|{|wR$#=uqPCQlrkxh+?KEk}x#=v5gqY#8pr
zn5mxv+#DmwI|w`a|NI32*b;Hp-f?m>*I}8^dv0jZxn)lnzJ}cQG>L=Gm#s2SJ^-yX
zpU=qYFqxLEnP-A_a5{=Epzok#9}u#W_#M1hfYSy9g1_}_GakgSMz24~ZdKtS03ur~
z2+Qt_>lFIJYW6?LBcn8&#O6qbLFu^m`<se<HxYOur;;E7un3RmX|?gP<e~_R%;f!#
zrh@D1xO!UYG>nq`37pQh5;htWFMk_pQ;YmSyo9ZIo=r|`HlK`fYsLp&DE~O*t_>E5
zR&0E;i>-RjhW;g5T1FSR-|1QMMRqhVz_oNtzXY;B*G7JMbl#^&-$1i@rm=Wo`|R!!
zaQ6L{v<(V-WsM-2e*}lRt~wl<bY*b}y2v+NupRHen28dkPl$GLHq%pOpBj&_!Vm?`
zW<iF+3Lno9;VTTu2EQi`<Iee4ON9!?tB{x{tGI9p_Qj*9hAJp4WS72il<(`l$P5@2
z`G*XFmV~_=tLzrh1_73_iqElof?X~gdU`_X)%nKZ%a;kp3SDVex&Z@XauD@v3pR7q
zE9~X}hK)uglGH`g-U=kdiL=m-p@7uB7TrJc19e9JeeBGWyf<G_vPD?R|K}88_08Qp
zt;`!ocW|<e*hrVt%zT-f{-6eP#;kq4TLSJ#PFEyO%DyN1+To97^1H!lhA7t^M|lLl
z%=~2FQmG5HpHDQ6^C5bmP0$MK-^2JONL8a4tEFTHuxr{)VI>J+$!dXnQ0D&@4|{5+
zjo^y{aSrhV^DkJd@Q|(8EtIXG3eNU0gW`Bye)euv(QscO_!zQ1cl!X;Y#<xxwGcg-
z!mLTh={RteUBjG2^V$zy?O?P!R~CQpVH-ZMOko{ezyH2cyy8^<paioG`ekjM4bddX
zj`=T3;OR2Yz=SE#jwFeTf(gnOafqF$jv|yq6y?W2BwLORNe`7w;a@`p<v)x6k}sF=
zMFA=s9AKNkh_>=A%NA$l8;7x(aFliMqhr)v{vS9?jbPn{KL%HsTvJ+$rSI?GGAnBh
zhLOQP8lF{q(utzLd`*?e|3!RF0S@xWpj~l@pdV^nDDV}nng}JxQA&EFXs9m9<0L8m
zso;0UI5()hCx7cT#5ej<7OqxOfa1}edJu;%gJ0tGs)hv#g1l@DinZ&Dm>G712nU)$
zJFW-uq0i>+k<&Pm#>1T3J(|WVA>IWE&MJ4?B;2S`{1f<riSg{~tKGvFRA><vF$F(L
z!T>>XjDJstAB615S^|Zg9Gta2my^{9l4S>y1r-W*zEqXOB?6m#S;l}YDD}tx!wy~G
zCur>Xa_H>9qd5eTFV#{&>Pd^{m6~^iUNbczMV@lf&DA#Cs0;_&B!I>gR)q#78nA~Q
zNbx5AH2I||pil|+>N`2EM=shMzN3})BI})UdI2T{DCO%Ih1WtS0(z0?wEl5_Bc#Rk
zm&Z7N>klaN9u1;oXqi%16p`i7^3o^g#>G;QM?SR{J<Z`imzQiMS*gUNq>h)oXAx`<
zdApQN4kSF0Ma^P-2tHF}|0WmiI1*%w;X5c&P)Nr8I3^<0%HyFS<!0jXY?*qH&gG`K
z&HykRR06TT$ugl-ia3sbnz$v~ABHgFGGPa2oTUmexk=snqFpe?Ad?_;OY2yPT0v@*
ze-AM~bq7KUf|`ZR5e&ZzIXFOw;0ZK>e9AQxPDVK{hlYwL@ULzGOOLQoOp~x2xV~5s
zh)w>eKArqh02bRxID&ku@V#_--&J)l>VuD*rTg*sPV$Tfe*&#h?vU*SJ(<{T>hXie
zoMupUbBackl}%CiTz*h)@rQ{mJm7G`w)d<^4oG1gA{<?QPW=WrE{uW&Dr%J2d_ugz
zK$c4QzoDuVrk5rPM#|XK2!kt%xMlVi8_{=A^dEq9w#+QBI#mh+V=QTi{QoJIG0&M{
zNTrx#q#+26N8;Gxc7${0J4PLi>eCJ+;7n||3WN*E@)+YcSCRNt$SMAyx>RtxL${}v
z$qYsHm8`FD9N2nZHgxz9*#H$q;&4lGg?>B``7Z_`!8jX9#DbH9^VX08URjJ_S%?P4
zSRt%!a@eIs_QK^!)KAER2>uoby7*7x!GT5z{*UG%Av7Ue^`sG5{sZIQ8rsqEN&X1f
z!MQf<yrN%1*GY+#)Z~3GEK5qZ=`kXU+aKF?&k_wyle|hknhO6*KH4eh0vpw|dqm{X
zMn(vL00SO1oFK38{N0pq7`(s}hKwRoUn2JX?^W`!XUYY(e%gfvP$i=9ZQp~aK7csL
z6lS3E)L&|nu9rHi=EQDW3c1!o`H{?LjObs@lVT8E1vU(Xb1FaLJt75%3-23HEod0R
z6x|Vuw1MLqQNKZ$Ap<=j;Qww(2i$3WW(#S3sDh`(E>fpXB}QH;Lv?NTvI>tXweQ}G
zeqJpKdYs7*@S)ypD%$>}uT^!qNqUj?+9<nh(JAKUcIPswtjAq=4l9!rob(dGymV<2
z(|#)753+VPJnEsLA!@{dtN4=?zhUejYy^>(6?2dO7zLCE;2)IE4I^blj(?92C1oTI
zW+H-Nw4vaVd{DI@A6URt8}tV;2=%WpvbMw9qk8_#MTsQz9{-6}$;^Kr!a?u%@Bez|
z9%7zk_N5&*{Mv@PZkwrl%p0<scG(0n#a{<6pi6Uu;(auO&n%R@TYT$Y(7DEAEk^YM
zkp3cLEZjs5{U6M};4T7=Ta1L(0O;^xkQd&Fq3%H%6OhG{u?)ssi2~dD##kP|{jY8a
zJ+>bJxj6uGV_^)CKSo$-K7!V<-b&+Kx9o;`S0r+mdnVCPX9J~eR*Hl*f^<N-Me>t%
zc&&Uu@rQb4ZUR_*=Kg!J6@q@zooe(s2=!>#e`$;|Z6P2JP9?C*nn{{dl@vshVf2~%
z|E_alZkS$~yEtB_O>eYexL4XXM<0XuLmh3vc5o)?j~~)`!CZ9wQa|q?EkDTsDC%BF
zjU&}7B9c#{fHGl*+zi+Qlof*I(v99`r7nQS;YG}<Ai<&Gc$kv1W#ybtJ{P>$gZc5q
zA>kXC^($y(#Fv-c4%P9nW!*nrNT_c~-_&Nq7nDa1gY}YhcUWxT4>dG|smJIdVDa)!
zzb9OcWQG1`@SCWj;!&`8Cbl`GToa^F0}$a9p$tD3=ESM-OXw{~uEKLjf%z2R|GJxi
zn@%|f{>*Vm0MD_NJeZM9Wi^#roFI-9+DRg8_x7erjz-K;t_D=0GPb4B0{p-9V*|~$
zC)Egi2#U)H&0Ln|Hgzzg+)QG(m_hM9)y#>YsBfGqE7A@FhKuAc0BX6c1KpRa2L;;l
z_jMOE0K!i%Hi+gWHIaIAzwae*r{^R>1Q=BsO19aLD>;fr(bp(25jmyg6b+ZOLI0vf
zyfp|(7Al&c+CZ{Y3iOmn5(|GQ?jZ6k_PAbBqeM?K`FeRz8J(Ea9GJi9BJw4ZBuf|Y
zZA;S{9mIT2q3u-0*w*UmVL>!Nkkxrep!p=;{9W<zb#h@)g#mw@UnQF7#n{7RjrW4v
zD^eTHV&@8iCWYs^Lp$_u_CG$gf&k=yy}x+I&h;P!fSK#&$&>VZdNJhPoq(~xNNbR1
zVl9u;9fMmW4RVb*NKp6xv||7#**gEsy$L4tw&LzV!2{F@Lzl1pUm@*>&gos$-MCUA
zKDF#`Z`X;wYU}gfd2kbRSYp*9hx6AQ{fVBfaQ4qUk|4eqtz6x@(%RfCwTJ7+A|QHN
zpWpvEV)Ie6LHN^TaEYv4^XRGC`a$z4=G6XI{k}n+n!RbQ0L!9&Yar*)wnyC`?aqPB
zx1zV%U|+z*Rg7WpNw@i-6zO}<K<MbTwMYqbeHiCFJ-WtXdl@3P)Z$pkq8*#xRqc5q
zj$kXsrZZ;B;HbFR>5sBdRU~PmPl2-QY80~hmcWAkD!x~fOwG&u5CJO(HFS@|tJ&uq
z!w_3$rB1JiGa;nt9gm|>*<tJHkSJIxQ(q!<HYz}BENgE_6r%hH2`U@Rej=>!)NZ`m
z1lp<B#KRp&%$)0<H{_lcEEUCH4f@$Q9umbo8Nz`}u&bq@Kj)cBZ`z3-X1&qxE=F3@
zm6B0~Vt<etCb@A^vhaiWOWfyI^>}F}J^TxV>{g9s;xn@Bwv5|H&yooH#XC8Gil&YR
z5jCKK>031(z-ZS&z53_2A!3^p<IAgP!E3gM;}IRv^~X_Xpz!>#v*D*#{yDL$kg{E=
zArx)UP1C22_josZOGd3=%7685AKIXCTy(vum7c?>If~c>Wj5|`%Ka=123fQiGXo~^
zQ-wZ~2UKQBN8bN{IN+b2*r%`hOcuUYOhCK`!)#XL=(Ay(`T{Ijis{V)OO`M(3`C(!
z=NoB^3}rsLx`!iY{MxZA`i%Yr+%NbHr;li5*_x%9Hgu^UY+&|5k5*@Ju=YM{)c=Md
zC~nbLThrhjt{EXojEJDfSjwuX+%xe$2__!+ewO&EY(Q%Q$mk;xdV|tm4Ai?>=r@#7
z<d=r<6QubEPni^d{M>{01~};oQBn@-_`dnl*2SVdWi=Y-$si<!syke*K~>q?M3_&p
zR;m71x8Gvh3qe8q>2uosHNqR^k}wvc<w3PgFhfP9DHI2nxat3y@hy3I<UT#1rdYLM
zDqH?tOZq)*tx{+)4ez8MSk}UKWrQ-f#4xRr_w4yfM6shomW&l=#5UHqq2z@D6M~C}
zKB4@VV?DV!vrwuO^UySeH2rZGhK@3O<?Gp1Ak*YX{OPP|53@7AtQSu5RQ~1GV9Nv1
zUi&Uv+?YWC=dP6GCol=n{pR&2uy9a_{i_?{6pLptXMk%Im4BMmoWDNEr)WyPU@4|F
z_KeRu_eTE<uIt=DmSV)epsH4JMixCtF%9RW05LlXlso7*Nz^YC{|V=;fxvr#94Qhl
z>XU-M2=H5{9JK<I0yQTtL7-dk_rZ%`7e*wo_)@DcAYf)T8mBmuwHR#qjFZ<qDOxXJ
zgvbD`F$ZB_H^|s0%K7EzLQ2RB7$c}bO5F>XC15s6Ya<v}-nTW(EaeWsMZsVJZ}xlP
zNW!Ag#UT9kTUo(}@X<A3;b158MZhC(bbF1Nw1xUsCyh^XZ!2r^-wTooC#4!*^q|RK
zI4c>5*b$(`VwdVXHwAj5dn-x-s-TH*5Kj>4|5IDv@L0_lEnLl@3MO|1IMm!gRz>Bg
zMX(}=^lb2@7s}q1-V#F4K`Rn-CUyIi=*;$N9vWDTJ5$3QOB3Q&`Ug87SM*X{m~o*o
zAx3O|b1^K62#L7Z(k800r0mV&5JEV_yjV^6uOL8=axofWq(lYvXeyp(A`+%t9vD(j
z@%@&!mKal#A^<Va695?`_&>Rc=1CoOf?Ped0+h5TWH4l~W(}3n&sl=F+cndpQOT3k
z;9GS5Vjrs+-YZfcsG7ERgWbZru7I~E&7XR77Bx1_0w$_X<OR+Q^V@0s)ME}K*AHAW
z*}(#h0X%R)KdgKy##C0=S^vwj^GQ-uqiq2*DmbaBh?Eha-GRT=oT=v2>SB+*GBAi{
z@KK~iSy=z3*&Z1BROZfBR7ImZ9WKscJaDRow*8W8tT7=i5h{A}_2oFCl!CllC{x9g
z<w}yXIRqxZ*7bi8b7poV@E@n&qB!E!Z8L{CbaY%cZ;8L*N=yu7h5v8|{L>ABs#Guq
zwC-?jR0^9qG;lQVeQm884p{agRWp&IsJ`JTKG>kYj#Cl!T7eHj_Rp{+sso3mM8|9p
z=<j?YE0o{)9FyVPX}A&s?a4NN4qae=>GTPg*D+xoZyG9uT!*2nFF^*~ioSuh(;>_=
zZSGwl*K-YkB<+`=rTYM8OEd7U9O_q_dPL11pwWT9e;oHwmc!1sa*{Mk4TOEm0FGlB
z2K*hzVs>or+UYBh%I`((GLoPg^P`G=&C1V$ae^f0n4LL<xlFj=5yRDC$bz#xPNH9d
z?S!83V2Vgulge>8v+EuuYPpn+&{@XX0Px7x#%TxRQ`0upi8|uTL?FJ0gC>Y7+>5;r
z!jHOYAj*`X9`v79<Bj+449Q0P{}VnfolGsv@?Sad2tcn;lj><5*PYR%t;)Ro`Fu}%
zORD4!6tTTumfp7oMRl_wOw0E_Kz^{6s|H}7Pg#M=?>%n?CZdjK{-nIJ0W8v$L#5((
zxh|e-PD8HLqXTEL;Coho0B5lvcP<7rxK6+jE(RtPHW`owj>ZDmnL0v#P^3&KNpQuf
z91T7@B6a{LvHtnP|8dp@f78yi({~{OJQyY;iB;P%$dy|(J5Gn}-!pU13<G(cB#4xi
z?k_*l3P8TrfSv%vOQVan7TXrE*?|uqUP9$WAld#jDV&XA262SSubrlNsl<)){HNs)
z@0};OHVH9rJMnW4xu4{gYC<kD$cZR~L6(|V&X?(pWb|!@xCnwHIczqD9mnba@{#*H
zrWfW3Bj7;=exP#J(B7}3p#!;@OuH-$@kZ?K*2UKC@of~QzMJp3)V(%d$@*2|X2%-E
zj*kC}Gt|l4gdTsOCh!-|q1Q=h)^rGQA3_z^@eg^(1b>F}hJ_U*LJO+Bzi@gtCvq2_
z9X%RK+Gxe7Hzei!6O0WsD2WK%5TKH#iL~}ux!N~;3#uooaW=QG?hMQC)~E+S8D0!L
zm54rrfA`w<`rTf_R%4XznXzkeg?30>f$RV8w|m1HDLd$eyJHJtgTWH?XuEo0rq=h2
z1_`bjw)c3^y)R%+L`J0k<_MhcQDbYq+3!gGL-rWzK+lyNmI<kdHDJc{Uq^4I<boR(
zHWfS`;!j5`DEKsz3je3-{)!!ym=K;Q6<DG`Ok4R|p1!3NYEbY-fIm%r_UF;2HTv0S
zI4Y%zq3<*CYj5S|a4|Rgi7rA$A4BA~6lruU#k?pd?(x*rk=RxNggt>{Q3mvZ=A8^N
zz5mxp>?b$(z=(Z>0VI3F2nA2IZ6Zh8u-M@zm6GJ(MPBDqvg3z>w6Lg6>UHeH<uf&y
zg%1=$CIEg45xCKC>M)8T`lVh|*QsTD*+XVfRi)TjlOG<6_vk0|=-L;v6?ceYvPV<!
z`}~oI1dhklb47t67n&V%$=naxezK!3gjo4|U<1B%pepMBDTSc)u6t?tRbgp3Rj|3V
zah;JP#<wiX6_u#jg88DTYktot=Oq5uV89CDBf<*2WBhafTZ>bKeye+vHFsXxb1$tm
zCTQ!Nfkr8Q_m5%v_xFm4hwo53bYg9kBW$3B!p4#H@l)C3m8uNJ#CL^?=77R|ire-8
z)g}6t4o5x09B)bPuzhF5Rze%1kS*f(bWapFr??{Fw9l4_tMY-Tod={E+BK1wC4iZ~
z-sroWCqtt}JHOb98?b+}VTWMMS$(@^EJk~>yM#!yc;MvWcTQx=7JSRExl5Vj1?=^p
z%nyR%sik{Wm8qphYQz81Q45=|-2Ce=9;)<h3bh^JDeb`at;4}CP<*K?l<hTvg;)pR
z1q;E0L{<v5!9)Of9+#(Aj|l+Vx)7FGHbD;z(sZS{4WjXXLg@Bdp?h0OkvkAt-BkV~
zQEP?EhJ}A6Dwion=sNjm-I;is)J}@geW`op6~?}jUM1-Bf6x*-_+_O~3qRXNQ_t3~
zS)*Ukd^j^Lj|E#4MFLoIz0~Ok`6hy4EFcgrfaPP=3r7?pka^I9E~*D1it_&^dbPJD
zU15Ry&u@LY9C{d{9pO^TM)8$1r8j!m)$L)Egqsr}z<EJIJ5weh!G{4SdQ-RymAayX
z?Ux#5n2+;M4R)TH&cHZCZtWj@U2gRV!UQqL!1MhjXXEq<X)tnkQrPX|keZWu{QB2M
z(_-}Q@p`Ep?Fl#MlY3p(^WDB8yTICykHWi{7x)<s3+0op%jO!ofUpw(ddh=975w!V
z`Py$#ir7T2A#=eYI(~r9g`YPR$`>8LY}dOJd0b!HBKfseA>O0d_lR{7-pVgJiSd4P
z=tF%SZ(I$&opJr@K&MqiW0Oa8gE|y!&QHf#r8wz~_X^#nb=Q}5$D8G<e6sr{FKEz;
z44pek<RNF%BBkKeM84y=U1?$t=IO^AXt^o|LnGX#&j3J3^$?J(-0Fo=PF`W~u+%Da
ztFp45Tz;$QHOgPRQPSLEl`W>}Rr;0b{kzQ~??QqH|HyNdgO(iU2uSrFOM|+P^!-nQ
z<z$Ent3vOomLVPc6Ip~*cxyciT68Nc_BbzDvU!AX`1_VCXL$W6(Z@HZXl*>!DiyqR
zD?Qat=^@TS=R?2--KTd8lUyT9r;5#TfBQGS2C7y{1S|Abwp^-N=3zo*ud-E^6v!Ev
z%va~iCKr#}cf*xI>n1@0*U;L!lAc@d_Rb)satKJk$o=-1E1+`&9Aj(I{hpzTpR4$$
zt!ZD8D938o6aA{=Pa{O$tf=60jG`d5Ka+6(TziPX`4ix4&yfl=wlUj68{6>G@=9=m
zNS!I2BK@LEKuF_8jSo)9>EaadRtt$5b$o*%m_<<H)QZH-%Y$hs&08pzMUFfm<ZH9M
zNS=2L$d9j9Uy|HGzURQy&q>a92oT-VY?q?~N^A<tB{eveAIgx0d`~yjV4Faghb!^k
zCY$!k-p2vY9rWG82B(nDS>@Fi4R(!+^Ny+@s)WLgR|-^9kxKK#4+8a?a(b4^hC90U
z$u_lRSdZ3m`i%K^(6ziLhjuEJj4A4u?1*wS4+sgV-dLOuyk&N&J6w)a`TG_%X#+-K
zowUF$LV8_55g}dFB;)VF2j_6_%i`6qxKU4x&jSP!^8!-25!;zYFN1nx*z<@^23bi%
ztI`eeU!p;#$eLK=D|AF)?rTEU&jH#FoYG0144j*tFl<JZCiuw&P5($fU{J>%1_y!c
zN7Qkw44I2+5p!a{pYtx|eZVDK@eIkp9W;Zv)j+_Y8n&{Y33O6otg+k!5pL78S}Ua*
zz<)m9ZQFfrHKJei>TFH<fzpPDGlcAMN)uSkN{7v1Apys<`AJZc>|62=DG^CImc?0H
zsNW1joj7#tFQoGx*}G@#*VqYHh-%g28^2kQ`s$(StVacuRn#*mUF=R?ZfGdg5ef*z
znn|C|BgMTp^D-HtGz9%)9HT<7wN(J)3nLOq6Xf&!!6dizv(6NL-0=As-<>o>e)Yr-
z_PJ^IC6G+?Q;e}^6aCWP3J!C-ekMn+=P)rfDZ3vjX!{u@|7DPaO+{Zn8XV3>T{7s*
z$}sy#EFRtu4-q;;N!!}!fR8zud6Da`5xu4B&iz@=Otjjzc~7OXNch#d^1>gW{qeOj
zdA;R8G4J}8a8|)NRkx0$2x!s$1oP-w6P+{<T317)``_ucE+C2I?gUbd89WKh?pdyf
zt~w(JuT<p7LwSq7Am1HJU&&(5vkbc_CATVP^I^AdXfsqPq1F0TO${2WJ^_2~(2ph}
zufsJ)RcwewpQa*n@)?iW_MHGFSPj3BPiHrN7+GP+9(|8L4!lwQ<#k_jDK*m>DLDfq
zAjMepC1&k-cp6BcL=yb8Cb^Qs4JkK&%|xH~eEwpeugcBv>agf`!tF-xfDeDx>Ab|a
zV>QycK6z7|a<J2RJB&K?i#zjRlj1k1<*f7IUc>>KUJ5Y+(RKwSAHeHPn}>lXp&jr3
z+`fOwqm$5#<SmDh?5-38EcMqh*);6HUTu&5^R2<Y^O8c;ej?Svu=l&*^MbLYJ8xF*
zXum`lkV1f{;JJSBW!qI5$w?ibdN$zW-umNERsCIAh_I0O%H#0&mA{XGn)YMn;Y@!A
z`HL8m<!eB(hd~dz9f0@FG!D{hK#coXxp@BDsA+s%qI92<FY9hX5Yfyg@K?0~)Yd@l
z9a1apYjRzV163$Z9bzkLKY6~%?l~+od-Buf)xxQ(Uho9)8w#k0iw>12+@PuBu}V$D
z8{{z_cct9W{LnsYW8JUSp^p@C#4=|?<T(zc*Y}Qc4^G(v3<jkDzv~-@YGLNp9eGMY
zgjEz-+tky;S@FAu>FqIKb*V7v^AMnK^Es9g##jDh%2EsKlI?jET5cpE4|`lV)1b^s
zF*1o*xR0~I!2}*Y3Z1*EtGY{F)u^qB5CVcLP+H9j0%i(cAdivS;L7ESa$-6UW$IKc
zS%S<cFdY(b8Y0)|RPc+|fcxe|pW!B42M-iX-tBh_>bf9Q5HPKkO`<>k)~Zb;1##`f
z-j-3EKy=5iUHDO273hvbt3Id%jiYvhsGwb5j;&T9+=yg|6;reRMt41~jzsMbC)k4s
ze1xx-HrKSiVgj_i67v#7T?Pc@lAZVM5<Fnb3sfW-2|NKHUAD8RMcX-PtXX9pRv}%O
zQ2x81$xm6v?y+|@`AdcnpRUR!VS9>gn=3pIvvwaQ@sDW3^d6Ej4wJVmY#a$)doczC
zq>{xT@-NyM<qsZOEqxDQ$Wz6mzt26ugFgnrf=ejx{z$5i{+4t1^L!K1JOl>4RkZ`+
z@H&CP8bb$wn{~{f#zmJ<CB^+ol49->p5u|GQ_NXjum~sg8On?`KktZU%m|MZzeMym
zwNZhe?{|ISmg5Qt-+SXYgT-yA*o4h~@uRXuP-JM$@3-JfNwhz`IoT3RNvNMXy}hyQ
zxv1OICRsyv2vs4;HLmj$_O87i)oIx$FG5;1-us~d+ReN+G;5`7W7i-+RSHpq?>k6H
z%9caqaR^x0r`}^>m!Gs#i$#@NP&1h4gB$Q6?wPS5Bp9P{3M^4#2@0l>!T$ZE=Zd0N
z9~yqcMdzyavSh^b#<Y(Z{Fbaclix?p#1D92Rp&xqYRly~c-Avb*N1|-dSLEVM<l*3
zsR3qH>#L0^D>fdxbW)7IZBUtp(?#R#AFF?3Esg1%tFFG1TOw_vNAA+;Tb-S;`!M`r
zVNb@6pxD0nRbWILt*uq)3W+KK1F7B0)h#&bV=yQQsL>~VYS8d;`uN__Adx>+O(>_8
zIb}NL&3Pc-7`UNZ*9jN#gE6N7iKidbIRJ5SN({~cV83q;M2lCc>s(=%Kne5J0?GJ8
zB`=T0!n(qPgA61?b<UTw{yIMH*%gzo+c2R56R*y03&M)3lC0~D52R7xrXC}jAz-sq
z;Xml2LH4}9tH_^y{ty|+YW+dO$}^`quLp6uq@ObAbY>Q~<Cv!eUW+gEz>Fm%$%q&Y
zLRJ(3_WL<b_3L+#6g*ULF+iypf&fPgENbSq@EN6_L1h}(A<|Ui?)J{=@(q*+TQL5t
z_ijv-T>1<ZPz&|4P}km!G(MGF2Upm+S;?WO&!eQ-jKq$Z?)n(A|6~OOyWyd3=9B?y
zbLgzCAjnwMF;J&tisR|jHU98rgouF8Z@c-iG5Bd^l8NS<>aQ*^02ni&NRxULVLz5A
zWLHiWBa0l9kh0$p1EUpKFx2rt)9<XsQWrkaje`YU&}~c{JEmKR2jwNsm?zbs^So(J
z&e8n25zY-65F&y0j4zM*ee#aHrT~sLZpS)3SULOhjC11XK#ao{=gc*iW&OapK1_}H
zg$KiZA5P&G^$|@0Fhvq|_`OMKZ&1klEL-!cr{F`rL!eN@sBAKGh1h)<0V$bv#t3;U
zq#b7fV?hsG_AZ3_*HI_<Wv3(J>$UyO(s2JT4@ch;|DEq4<Lpy<LJWu8<gP3}*=fFf
zKF8nE!HIfN%=a^cvhQ9*88peh>$Sq<&Ct|2tCH!HrE!C&0qpj=b^B}yRd4XF@{br!
z5?f_&*;Ep~EE;cCZBbtrjAY-!8%MI8QIcrY#;m^_58BNpx9Y;|j%5_8um%cRPwg>a
zM!{#vgW(of$s6+Dwmaz($H=T9YD{doK+&6jJ1~+29~tUhTNc2rNL}@=d6~wmsP4K<
zhPEQA<LcE>16U2@2r_F$HW3`kqF{OT<>A214G0*?reQFo|M88NFd%A2cb>VmuSwqD
zl`9vGT=N;qk+h4#ZzySVn)#5d=eJa;CpOhzes=S4{b<+mya+TSF_yQv!s1y<o6|*H
zHBUrF*1F|HK-N?n6wrJ2V%2Uio4RA5=}3faTr}0Q1MvJpVKX14xPxa-hp}&28*OLR
z{wYm+8A@+{&D)Pz|63zD6CQfRNK(9is5io@%b%Utz$729c`ac}eSmQ!J1J7((Gyb1
zz-+CYHrkC*EwgEA9#_#wSuJgm74UwWv~Qq63(qY~aE9((nsSBdCwhcLVNL4-^U-uI
zW4O8e0vK0d>IVNrO|JAgR!sKbukAE6SNH~FVk<UKG6yq}flVf*J9R62ptKNg`W1s|
z-wLCbjL*#4NngT?NQOCA`=$e*?8tLw0f{}e^VkTgo)wPWvS2M7R~~&Bq3Cy^D~a*Z
zd)3AX{A}8l7UFX9)6AZvhF2H~od)9N%g;}zbb#i5mm(?z{$jUvO48Ar`R_rm_h-Mt
zHo>dw_Ovw&U#}jpAgpvF_A(AI#^X&TN!`bKiUZ&_0aEtH!wFssSyZt_Mb7IHGKITD
zq2k@mSmt5!TzAXf3qfec)Myn;QSxc22BS1X_dJ?p?M1tTdvx`W%0j&b^RwY)Y=!!-
z|GfNXKyaD?+}F|wJCpZ?9O~MuS$;NoUt~-o+DHS!zewZG+ADFa$BZpe4@Q^{PO(1F
zlUsi5_et*N&ftZh#f=FUi5%$yv$|jD87=ufHliKgFmqZpE>o<ASq@@`=Ym9G<uvXw
zTFH&KmumERcgMxk&YdBjdR*b**6O*OGC=(|1?P#|uBMs15+b3so?8U$8>t_8&DdRc
zun(#A;=O~<4kv?ViN~<F;swz~aO+!#5!0G;;unuSNmlqg`N|N9lRB+0*@LnqraB`G
zDECfe*HA9Jcoi9bjzUb=XNhZ=TqqLCRAm=hERdSu#y1tOh{gv`F;ildR461yI_TMl
zRRJ?+RQPipr0e83k0nd#&MBr?;IDvT+NU6^Uz_k-M27|}jHy)Td?03+SnA|zpfGhG
z{5GJtH)fehWwc(gWwd`F6yZuUxuxpfx6t&TorT-z+x%f2(U!-kIqX%4f4Kf`a-b)?
zpkRr{+)5n0=+X;9_EgI+fL-AIwicQs0t#z~Jl5HR*7nsXEMD{wTyUq1YS|m0jSz(C
zs?f@7bda)Mwjz=aeM&X?gbZ4qg8T3pacFNS7+G`?<yU(hjxAR;2b|4&>%d>N9Cz-6
zRD&>bx+-ThkAqK^P#H0~`aR*+Ps4T)w5v}CBF!uw^Ms!GW7Z#xQ_PG?q;bL@%!0UK
z+;Pm<=xq7YcXdNnVKMfzX(BMi00(>@z}g_qi`6ijG(vHT=PDc8c2A^shrbcsO_?@>
ziF*bz+7(eOps%r{Xb!{gW=zRwI11f5XNW>yk_6RSQ5JRkB2dXxP~L6$ZlZHeq^DGr
z>$9wuRKnI!GHrdWap*H2iTwTUDy1w!jSmxK4{RHCTHY4*f|u+~;3v$Qa~75;fNhil
zK3I>9XdG59g5sNY+8xVdpK?KHY4<ql?n&dz?~?-gC@E^|5DDrcGpXWSLAcD+GrP_|
z%lpc~*I$U479=ZNtF$wD!<9%v>I}snLi96JWf1LKSGjw5c9TkE>vRa06L5np@AX~L
zFnjHN9~1<xvXfuc{ap3&#QaLR0i);6MqX|h21O!1YLUnzM*eJ(=bQ?#gDYoAlj8{%
znC<hMl635T>UzO#fxekrIsOA}650>eEq7+ma-EKAy+wQ9?|4flA{%^Tg}HoEhq>z3
zAJAWPumnV!$G!E)?St}YNbUQwlKQ8=9p*5OD-Q^yfR4jov1hfzqK}ob&~iKP3ykRF
zVz{EvozyvlarpFFa*L+noKrcHC#H)uM%jZc3dkCY^T4MZ;ekH_0PkAuAh$B*QyUuC
zw;O##x|Im_i(;b7_<r?#XFG?lh^B~|`kqd&N1bVS@PBR&N^*YToX0{r8;J;!q`u@4
z{eDR~LajcRwv7Dcn)5p6HIJx&!t<pwbNW0w$ROd~k1*5(Ujq~9i-wPD%Vv`GtHY^e
zFY3weIoH>NwM<3;@dEO}6Yzr7In1F@`Wos1M;$mZ-^K<k33MrUq#GxAhB&16aIUZH
zTQ85IN*~L-?W$7>6|#=4m$XF`zjj6$+LQDZ78N~J3kedwk&=+>LccDnueEIi!nPW)
zI%KU`UUs|Mb1983rCSzm1)j&_h`hXXCE+quj_-@wt)V&sj0MSxWPIQ>9El*|?S2&-
z$HTSQGlry*fx~JZnv8A;!1c4->I<{W$LYgq1ehNaBQpY-v(#3H1scLkABP*aa7sC4
zth2Nc!ez5S2GJYM9}xP?Q@U(#XqbNDrCiPv5Lo;XzkGVMMVo~$p_AXV_CEuX%<C;}
z`DzxC3xRt)Xa^4JMqPBKofQ^3J(LZr6W3w!vQA4kTC#8qmo#OMF84VVxLEtoKt<JG
zlX9^Pf`CX=PE#68A#Nzogz0pT#OR`B_ExWZ>V5vK{lSoVcT=-*NGVJ29ju${`l&(s
z<(Z!oZ(+S!^L_E?JyA%R`Sqbz%5OX8v&T>|It~EuaUo675ii)x#1o?%)+7Mi7hW7_
zDoaohH5|B>ARRYNVH)HjKCMK~*GBBx>ISMKVBDdZCm;3rMMIK6nXz88uRbfvS<15C
z(Y?WNDd*B6L4S!j(#@q81Zip~Kf#l4FIX9`V5++M9f}~9JDTZ9#>d;^?R7Y1$}Xwh
zx830Dp4qIg0sU5ofv=OlE{}mr!Jid3w+D~J{+aDwlqcUdqB1rxr{md&nPl*|7Sw@J
zzbbQpL5YG(ycg<tEA>7HrZ&Ocukm0eeP*8QD(N(wXdZD;Xb7hzS3y-DjFd(qa1qdl
zlt&`)Tu{xFRN(9s08^Gp-1vL^>V2(q=hQqsPfO<-BD#2!U8fZ|6xBu#f7}P`ayM(N
zakO<++Zsel3`pXY-P0Hi2*l3f#QOWkNqG?9GPH~DR+-6#v)B!}aN#Q$x&59np^)w>
zdwI}Zs=DPk89Z=Mw?%<6Ks%|t(#XK^=-58qQy_GQ0kND3P*2B`tu2{`gGisK8Qed{
zcZyI3Tl1nE@rGR+lyq@5_WZ6Xi)kyus6T#L=KD6T51onLbfIT1ScH$Wr<?=I#?-K=
znH}0J<TPs`lXksI`9(}Kv#4589mAwm_#*ifbw>GE*qN*5)5q!kyju9Io)r?!4<^5w
zwhY;oc$c#oP-<q#$Gmd|NwC`^g?#1K>kIj()9;Q5&->lIMEOW}@4K(YxjJlZT11w9
zQo+cBZka=JhUfR@vh?)`=B>=^^@HYdzkTNWcGFGlRo2%wIJhM7B^7RC)gDN7yj_|p
za<5!QZUjWAT7$-lNxx(Wr`}tdThDk(l(RxY$&>?3K!(ySnL?C122DMb2gVXCKzXuk
zh58J0ra;yj+)MK}VjbT?nN%%PIO)}u``KsO04cD;0J=p<N#6Oviy;HRWL#uFV^HE$
zWssA_RjyguR1dw9QC>-ETCt_JtL77)aGIiMZmq>~JQ=;B??=Am1uDE4qmUHyo^%_e
z?v1DbIIci>Ep29L1s`a7l8>M=+UyuKL$BEyO?r%zK4fyIzXbo#vUfI$St7q+?!5}0
zxZ*x6>+k`_ITHUie{k-1*RCMCiYhFrPi7Z~^#iV-1(6?^L#r(|{9+|&+oM@4EykLS
zn?m23JDEJ5t~Od~LF0{*hUjXg5-+OWAFzJ`KxCA^1~Jr5Z9UiU+v$3ej>sR3Cn)V@
zBu}Zq%xSce!Pw0IVSi6c_v0Kq0q_|`5wM9KPJl<n(c>S$1UGO*CVN3uK$7Z8S)sth
ziD;~qI-}vUBu_v`@fN3+IgiL%CW#~As`FM6W-oCagqI^x+YKBLznZsqKXq~QXVL@%
z;5ja29MZnvA-=wXAr*!i%Brrl+Xq~Q$^o}wssNzDXKB0DODgL*VOw4J5i6e%Fpt1q
z8ts~u%ZzV@-`%6(EFT^Kd;~X<=Wg+NQb@Sijiy8ak$S5E{5S=rhoAeH<K$D?n2{Co
z?4a7#%_XZKRi;7#<Gh2WD*04S;cKe^Q`G|*vwLEG@CKN#?74UA+@|b@lH%iU9yJrY
z*8FCR<=$b4$wk?9i`X+J^&v~?#Jwn8qWmrG`yUE;Fh0g;qTXbl2|JXw_SiGy?(>v@
zsI;C1=hvRxnAss7T9<<i3JUh^eq-2^zKcS2R#4>edH8eXoM9SI#A{*kU?~<rW@4Li
z93Lij;xz0!XG|lgHJoh=Xy*V^#}odf-Yj8Z-|8xTFWVSPEf(9@@Nd3Ae~C8N^{ZyZ
zcBszee1RM~m0+4^XhY>=rmx=7iG(`UnaGxMN1$sXNr-i!qIv0(Dya2j(+8j9dmZxg
zD7PE-o#x<c@y`KV#~29@Ykw#JA@2P6^HR*bX^!M!)^D;Y^xnz}LD$4HZYl=v?#gd6
z67bX+!+jj-@c@@fY&|V&v~7~Pdo@9W#ni1EPNV$HenhhFvU@0&;ilkX6=OezsbVaa
z`oyoS8x9DlikxqE8rEgkzJ46-@A><XG^>SE`{FKV^}g3QtfH>RphqKsB*eE6(IEmI
zwm%gx`B6XkqVm~fNR6+s^zm6zCZH#PYQ)gCpMa9buNW^Sa|I(YP1(Aj%-A|6vqd|A
z&&DQt9pA;Z9`pk>NRIL5Xm;M{{<~Fzp4$$eOTy`cS`9G*h9vGdcZ^^)0+K<bw-!o7
zFA}ZAc5dMw-jWV{#Z4ce^ATowHzMMo*Pz++{zKOm|66Qnc30wO@Ch5kb|}EXP+#V}
zM?<QAUKHJGS70jTdK=8uK)tHZ60tf#Cr6D{J`=Se3l5Ras;=a??#nkUBT$+5roJOK
zo31wLei_aArU3k*Npav%ElZhu=PUJt9(D;mWHlBZOvNv(LR?e8R@fUm#J2zqXkx98
zgl8LlK{<btZXO|&FidBmF{WQ(b>x~{EksZ&AgB76yyNl8H3Ej_0f-=$0lG=6H0`EB
zV^ct7R_79e%^e$}y@OFd(u$igG96|*2{jJjGeXEo+WvMbidR?|BeVXf;=lj&&P;12
zRe$q93yrc#PDcb_;HkazL=+|AvgANlmw1XiZza@*cAkM4{S}rBBprYYbqc`x(PHXV
z6QyM!=|6G@Quk>;T084J>f4av5-}RjE(A-;yU?RD>NK|=jSprT%!)#OK0D}Mu5yE;
zx83KK`}+pP(gvkp2!-QIs*Gh$6&wGJ!}b}~cA@b(hYA3W*Pve;xrg_JQkUIT<8#ai
zcS5e<ipn~&A<0ijhw)dK2Dv6v9Z5uffob2d7@QW38GYiXy16LK^Cw66rr#wxer586
zbooDeVg%F^Fn6wgeBL?Os$6b5_btIs7mz_Ud5iPK&N34%c$#1=d?NwYPs=@V9bynX
zbY|u+fU%L`_v1J=G*21bfaCn-c&`&qXEV!CEbQAyxLXo)l~m~{YTlG5t=J<kT*yHf
zP!AK}kDgCBf%Y?K>x(8fF-0XqF5Na5g;z+Z9pWZzM5O1R_$8Spj<oq>nw(8Zx+qSZ
zDttn~6tC4;<5?YVm{l%_CQeZmgN=xqls*qoCQqIvwVFDzGSXlw#5M^OW*lyI2+FT|
ztL~9F`#9Xw<i~3t5W@{4BQ#}Go18|gvd%9sgbQ$VpM~}$zMv^{D2Sr6c+Uf$0`XFI
zaa^F&((aUZvHAyNvN*SNJ95dduof!uBki>1yyeMcGVG*50t7!4S4Mztu<jo>2oS{w
zQfsKk?Eq2}&FAlYsDVUbR@iY0py=zNfWy+R6%n2ljv)~wtdT(aMIw6#B6l$6uM+B{
z>^S5VS4X4hH$-lAh`Gv!T+W7VcI9656~88N3Yq~Z4?0<NDqcp}gPvMTNZuJ*nR}t!
z3*T-c-~DO_QpNYDq8`Tq_in)Ns%<@eFU{^Z--qRMZum`06Z*7E#;_~N_ic>V#kQ}%
z1Q(TIR?IxoI*F+$3Su|5gkvz`bqfk(3D}svp9(Obx7HbASZRg);J^;76{>_Ea#5*m
zf!U{-%rT(xkjsrW`*Qs4SB9#5a^G)R7+QksZE2a@gr5<KV%7`LQMw`kk9J+Jxpw}$
zQIAtVERCfn_!8w?Md$h$b0!K^Jlt8fbn4V@2pO~jO0gFTp7Y@ZaOZ2nPfhLRAW47P
z>SmtlUnME(6Z17?Qt_Ilh`F-I;+8;SSk!I%+oIK8Vr6>!uwH2r@P$?cvcL2A;me?4
z9=Tsdb;8p%EX}1x*1!PgtM>4nd-T`*_ribP_u+%WW`Bo3yAZhPc|N}mKPK5f8U3;H
z|18-RfN={pju-@M$%lhLcTX_EFXr#6Qb(N=e*9X5Nr&CK*Hpf~I7AkC7fYg3JT&gt
zZgb^U3x0pf;1&o$5SRgqC;b+XS^3+RMIk0JNo$hivwA-i`aTm70l|o%^1bb0Sf;_>
zDTDA7JD!{h<^us_D(v^JNBgGu>-^!N&due~Ue|dSsrn%$G;aIB$mFzq#PRQ21JKfy
zGBAifdrF<qZd2V^uGdOeT_#W>k?=p&Kj%@5zrL6q)pO{7F>GY|lAJOQM^@&aETN5Q
zY9G|L00miiCn`DxprxWGZ_C}|Fgw6gq9I>KN%_bfdSJ}@tpf03XeuA0(r-Hk&_RBO
z3#fkbtA_LvkwJwQC8JEq%TMo(#}*Uk9qpOG+B#uG(B2-*E-cIHLv(e_wRcnC`pyT(
zQ!c+h^9^GcCj6%FRY^=bmRj~K{4S31RKOIz)tRo0;$c1tAW9S`N)_j{>p~@gGf0XZ
zE9E+#A8jjpOs@Nn(n#0QlOd3s-smaA^Um0r&l@GIW0Li^9g*G~T=RC%3SCe4Am+;y
z;yHBpE<iWa8M=~YqUz6O7INLVS$gTxN7^5zaDQrz11#G+JHW6BATJht*f>49ZN&HY
zXJ$ZrM7aTzk5}y)>2T_*pwR+aSbq*LcmjF;4E`2T^m+Fkk>>+vyEFD}IbR#<Ztrj)
zp_wa_%lI83XsfwhNNc*e5mO;NEhomQOl>p+j^LdAl@o(?UzDhZXM%jhPwZ^I63_NT
zk&n1-Kf|QXI)}=sG}J|f|3IYKI!Ed>;P$)@!zK`b!M#;owj|NaF9ICTp}g&>D#ify
zA}d}#<!d#%8_{q(GLVBcyY;_{Fq9WByQZ(&8iB8YS<%m5(-f(Hef2@W-1u$x9jkM%
zXnC=jzU-8~RbM*l+;>Hh54lOa%9aHjp{{`8%YN$NkB-0uGPrskSW?+DEGGP>gsHGg
zp5jyhgWduK({3Ir$DzNR#(7-7NJEt*FdS({6Y+M{2e%7--*mN9Gcbnbj%C{prZ^cQ
zVKGNU3|YtuYyoFB{zgjdj;1PEss{OofA~Yu7JjAli=}Z>oJYw<)*JK9$&6EQ4Y#{+
zLVWx7h3*POavujt3q6v)Q6a?Evd{Aqzl;iic8%9S>>E2WFX^F%CO<v$#{Hrdqd)FK
z^qcDmGOuY+$yC6HFAlMgKe6!5roPW=l9>AxTYGosHtU_0@-oZA4isH4$>ew*-44UJ
zpH&gHY@!8c7(=zL>dHvItI+L;;9%gB#0e}~a6RTb6O5l|G+}3yEW)hEbCdrncBLFZ
zf2Kg6P;x-<vt2S--9&S66PXo3JorL^r@-SUC8j9bMyj0)bH}t%4ta^PNBK2RzGgZh
z86U(#dS+E@{|i@YAqp^mg@ap~skE<+jdoDysNVkkUaWPi(c}4JkO`-#pS>pvkA@-@
z{}*o!xvB?2VzMXS+7BR#mzxmb_rn1Y3vF75Z3$FpVhzor>QY^nSwmLGSO5CjpE#BC
zvo}WwhoYhIln5ir#h`{m@tt9e_n>~0uRqkF@Ge*Liniz!0Xk`+WQqsh=WvZDm)4Sq
zEit}o7bU`WyWnBpM+{Nm@Z>;!D+`G6ugL1l&g{blOpf@Pd7KZPx)0}0w^9I>13BbK
zkX1(JBi)X)pp*~Rm|u3Xw>aW}9PU`;R0%~PXEWVcg2)K#^PSB>uQefn30!m?CAz9k
z+s4u$pdB*6MaCWq95KkAgP|S9QhUfXM?ZZz-tXK{l~1sjF7H)26~ey(@<zHzk&@EJ
z<a1W~6Sj=E?X%M8&WG~H6W|TCK=w<ezNQongf%=$3%|kE3JG8F{3n=up4LW^c@0;o
zi?`r)vF={_u3$A0tj`#MAX*_>77{Uen7lG9`_4Dwp)jQf4Ec?!NJlPR!m4_7hvpq!
zGFkjW>XP7*h&iSDJQK5t6oxNfrksT%v~XVgrpxJ~$eNF1S1p@tg#c-jf`b%-qKd4d
zO0nOD1)!I^l*(b92e3iPL@)IKCOw6PXG8oELT`hU_J);s=V8G;-M7z4NnN_9b@S@$
zS4ty>N=IGWiDNYbR5j^8vS6M$s@JiCA@G+9KN%QJI3~v*lbFI6Ilfhy;?uDHoHs!N
zG5NtcfSC)bm-04`>;Mq1GI^BduHa{}3JQ1Ie2NZ*@}S$BeF{-mj9etwm`BN4QazBJ
z@s1#1t17O;1!+g#@Bb`jLpXpv$dd^sxzkQ{Hf*EyAHB^BPYt&gzRM?(qi-fnSQY8E
z6`GkA9OQtM1Y4(~DXHgIYU5J0q;U?>B5&7PhQL%qaD?z!K?b;L&p5M0Qv^zXtK2Js
z@^`sg-uC9nQrzO4OdFGmUw`)YW=c4KU|i<(mRy;RV|CFg>E5p7)A%W_30s*~71_uK
zvP7mH9&8TNS6DKjK7|!iv@8Zl0c?aP99nks5N+hDObz3hv$KT$Bd28=9JORVNdvj^
zcu@@82vYAt09Xk--G!(SV6>i1W-J5K7=(k+sn=7Viea4nDy$Z!e_`@_)~d{~t<c;o
z@N4|U*!&e{s5zD#2X>q;(v_(f!kPVSYp9RVkIuRhh@bI7<iFEY3wL!1)CItNXRX_D
zSjzlp%E!7gT*t4$1_4%?ed;j@T+%i9{;YCho+?lS=C7{YEHY5Q-tX;G4q{=!1d;i9
zxO~g#*<E#sehH{~oW%Pc2w>(KQk6;(f}~qv-NZk8Wiltwjm|qugxUodaS@Z8WSOKP
zBwVslkKD927$5YU8#)mDK=Q8EXMPr6n_)7`F^R!%0R7|C1NzKTTfJY!-2;1C<Zj#}
zEA8P3Sblj~#=n5s)5n?Z{F6H)jg3E>pX4;0<Yve%%!R$hJc%55Z$OvnQUf@N`95ug
zXC_YaaM^A6X}$JMmN;Bj;jsk&^E6Ql$U2+}l;chRpPN%|Ay@1z*rJ<FD8-EtfQr+M
zU9a31O=Tr!Ps%b9S}pZw+{k!u+9XAk{}0?iBfm4h$ba*kCmF9ZH$o}1!Hd~^@S=N)
zX}W^$B{{Au&V?|N14sIukmK|vd?Z3J-=Jp}A^r|*qE3BEV*&#i!wy_h`btf6u9VPs
z5PC)830%2@&a;QRqvZ7*Tp>AVg2c|l6^;#`dZp`h1t>>`7;Xj%l@d|vam$>ibr$%n
z$OQDKEq|qm@-$^4h(%PzTyQ>eo!cP7Y(9w4J;gK;rKY&<Ks|(fo{J+S2ad_-2$Jwf
zK8=*fo4nmaM<DDa(sNzIC9iny)>N#JTJq~1@*J&pFWNy{BZY)I+KK`pnGNARZG)T#
zTY><foOP{Pzts(_I?|h>BRvlU0`_aZ@VMgNMt=xng<Ut1)?#&giyb>u_n?*H#=P);
zYn3(`{5#qb5SG+ES?WDTB(!G(q)qqOni?Dj?yY(G?QrA6Rwt{CVGjh7cf2i8%c+2^
zbue%k#>`MVkycq-a(SLz9YptQN~t{^MM(~spwecbC_ju3e{vx6u-=JKYSaT)Wh8<q
zOn+EWgrT%Ms+47M?XxsbmO_YSkryLzOB=kI%?EF~r<kVHNG7ofcE{PIYp#tGDvexg
zji$XycD@6$eJM1b_uGd?m-xH^83z?{wUsg@#l_pLAOIkRlEPj*>0JM(uooxSHW^#p
z>jdWQy2^C`YhxOztA^4HPX}$1Lndg3d4HhIvEkD-LyyF|!?LqJmZ9B8rl78ruAq*f
z%%o>pMiol~0D6b=|7G#AW<|P8xyS`CB6m08%!Y4f^WmHBDW>U)8SqVV>}Y=$*TxB5
zL5+CBTO}jt`hWTS>GI3hPtt-|SdD&HwfA~2Z{n`G7<LI9G!*H+86j<i_fVU>fPe04
zn~ue?M|lIbS~X(qTK`G|yV<zCk9Uq|z(lFsAnP`W%|qHQH8QN1RQ8oh>&RWLbO&%y
zFWm%kV}MMuklxsB<j6`y%k1cHkyJr-MprRh)e-6fkMU@ippPm6U8EGmw1vZjzBTrl
z$<0~yU~+r6qG4wHKzH746u8a70)L{E+S4(n<d6wUZ63ySZ1~fW=tC98R-Cs?S0pf9
zk<jToO2JXbA*wLQmub!bZo;B8D_Bv+oGp`*r+yRx+QhBkY^-TEA8YEKVw!@Rfi)$^
zjyicyhMJNiEKvHDj@Et$$Ko0VuCtPc70?fzR#<pD;3)f7e*f?nsPtYTOMlYplvn%C
zv5P)f)0raZbXh&DQ2+9NWz$mNC^X}Jp)lr9OxEgtEF1M7l_=%cY-}s!Tf-hSkkILJ
z*Vd|((s(jCAUR@!&X@;N9UK01onf6%%b@ai+vCxh0fbP>f;xw|3W6ld5>|!F0;md0
zmZybaaUT2mvd+RR8u6TL=znT9AG+$EVw$p;0bM1>jw*{MBUkBd+7?THY9Gb!u90@l
zH99KbnP_>se&gK$4a9-c@Z=4%flg|kx@{KH!0C`A57_P*s!5I(Ae71&&bG%_s1DLf
zt=u)>?cs_XtLHH=WHq4by5<$e8$^SS(g4&hoT1<IfvMR%VCvZL=@Q<MvdnrP$P}+J
z#Hor~(n_G7mwYz^8Glf`4g^29v8efcEUJ5oNrF#KF+uRjv7>H~YvZRSpWf$M$4X0S
zp(9jk+hElvhFd!cxg6fmg5RUC2^~XTZC3XfpOja`cCXsGS1SKv=EaU@JE<Xr%Kq}Y
z2F=i|0Bwg>o4tHyLLHEg@VW-74DfMKvL1DCMK>zyc%bB#3V-RE7<3q#4t#qH!E+c3
z(UTH_#jx29>7jqDO%nC{LGNboJ!qE!CjQ}n>PX=%u@mo;j`A1BQMz;*IcQv`<?}$S
zW5Xw~TUpVwOYtWM3x~C(*zoPDx$N8?URBD@*;K4*Ad!Ds#gRu5r+JvBMailn1oBv)
zGmglWnpa68{C~KL+~l#jjb_c~qgmZkOjB{x6l19_a^RR@<JvT#-l!2e$%O)rr~|NC
z@bX791yLfpOa|fyJG*=a^Diiy*c<lK21Bf%yEN^TRA)eOakBLNonuq4t;L)AR2)Tz
za-qGomigmdLBBbLl{dJTepadXe*1bw2>;X3rsR+bqJKXRZ8|o5T=W570uWPS&}dLw
zyOV!ALSIKdb0j6YD*Td#RS>c$NH{BkAZ8_xBH<@_TvsD9ZX-<d`3O_@6w_p!nqpMO
z&xMz|HciMl-Ga80@%9+FzFw;noGs;qkdx1$;%oqkUt8N)ZCogFBlp<9du14G2m6(x
ztrEkkZhuAZ)xxtWm2|CjLQ8A|t91VB1JvXA|D{u9|8@1*|F5g}|MmKYvKyX`YbA$F
zP#yD{(vmAzf|nvH3+7jVM~TXW<;yZ;b?HY!6h)ZiZoa$RhL`5^;ic{=rU@{K^c)l5
zbFro5Kqs#iIqGe*^}b&J?ES3itNQ-VWwYIi_J5&K0f<s;ck-Ko*ne-O+r?*H0p0H(
z?FtY(XQMka0<&ce-%tnemg_(-6hhLet^WZsDz(pxJ|uxik-jJPwgKBy^_u;<<(n45
z7t&ckg!|8%a{H+4`<L<rUb(B|G)e`Ydcy(2U^cB|APdcuJ9=g(iu9gzNR*18PRZ$7
zoPUpP&F7I~k}GFHE<zzn7Wf(9JF=AV<uYX{4~jUC;-cd2rj@ykE6wNQO5IaTQxYVK
zaU@W2E~b<m_=cC?_75&SL8D6b*IpmBbUnhAOY6Al+OV3BTwjGv@pt6QdWq9v<;lJ3
z#w-=ceOnd%yssAC4`J1WL8h|Yt{%{kxPJ$bnSyxiH{Mr<gjo2m9Y<Cr0FPy^e`ltb
ze#wW=sx1XAj1_tVO1KL=TZ;n7m<xsxP;6V>YueHQ_-mDt9_j?JH}+dlS8@UQj6klf
z>ALlKqrw5r@Ixy?j}J7VCJ#EQ^HoajbMr%NZ|=leagtrXdHoe?1ns|HuZk_lu79J7
z+_2;S<?RXzdDY86l#HPeMboHr_^`1R-|o7+dmlO0u^CF6QSXCH|BxdlsIqzecgdB*
zFpTP|&Y53=!xH%!%ZemsK^g~19!1L{D%`5f#^2`i@we_Nrl~TrneB)wI~RWI+B2cT
zMu4|nPbgD5qvg}YC$X~i0U}n)(tpQjp#n-+u}B>rnEX+{b8HL^8D(FbNUb2DfQl@t
z*7O|+!@HEacvGs7t9csKMW@223;QX%Uf69ZbtzX-Smk$N7FWv4uD4m#1Q*`5dT1OB
zD=$pc^#7kT{l#&n4$tUJEbXt3p(3n8vCJYC25G{gDgq$J(r0l|)`6dkh<}d&F>)J~
zn$Jh2x~G^X>NE?cThys>qoV#~Kq@)nE8q_71nB^ZA-}qh@71km?sY<9srhYH0-vj$
zQGk9L8eiY;A@Wt%dnvUBc0r&lkhRnn|6zk4^7|)WlFRHrA2XWI>+wsjT*O(H=5fFP
zr2uAs#_}p$vLZ>!I4uN#6o1?TWJ5Lc`A|*w6w?HVglfX89+RT8v6`-(6JkV-xH2Ug
z;!jcTcU^5M5ZU&~MS|WEK6DU6fH$a^*Z}Y-Eok`=z*9|KmoD6(DTOiIJ91z3ep7J>
zxbSsXC3<pW4{N>yXuJ|%;L(t`Y#$w1KlVVSzQ2}*$hq*|>W9#`?SI2|b<ek`R}`=m
z{;+8(1>!^#UG4?`Li!}~t!o~Q?pze54h9i`#8lmaTXDNzbLkVwtN#wHZPR>5HO^Bg
zPGI2p^FhTpno{`-rNI5eZEWva8yF`~!~{nvCG&IyCplz-ikXMt92-6%X^8+UdG0Ie
z;$5zr+YXZf|II2_WPk5h$D<pN6$3y9i^?Kk(kv*MpK!lgrU~FN+&a!iYv%LOn(is4
z={ORtIYr0O7|JmnN5cbo^@guu!`p>7g<Y7O>V54U0;lizcfd4?jSW9vcxY{WRBF+v
z22^(N2M7yjdVPh3><op{wn;h;U@iV;>C0NrK`2SO({yXBX;prV_0+9z4|Os0#)Um}
zrGYw(U^S=yv66ZPEAQ@CyVb3s{@JctEU~kn50x9LKx;gl1kQokKt$yurrjDhQ0<*6
z?wXTPO6uv%rsR+bN@`v|X>w(k;64K%e^X4;5hVI?ijFv&V3gjuX-G%w1R5G@8U?C3
zJZl&DsU8-;O(Xdu*TZmM*Yx8a^8unV6&N6M?>~LMQR?Mx3q`&Udx9H>T*DzB=c6g}
zd1%V9;ge}T4gQD?OZ!;U`Jx1xl6-c~!#EGpfMp^PEDDw}%hDiWX~IR6B)Km#e`i&F
zxU|re@Q0ZaIx@u+38kl)Afb-+T}?#jVQ7hdZsc|FxbR;8_4kE0mbIYgQdv#!O5Yuw
z*9{p@gk3A@DZ@e|FQtb^9n#;+J4%Q2PYNx)s62ByiRyi=Z(B4R9^jc)hBQ-iXXyA|
zpD9#*Kl<F{H}Tja%)kO4^uYsFe;NRQr1z#DptUfT#d4_cT7fI^pbvG2JwGjI9>g8)
zlyUN?QQG~4eOFMkWwY!-ftaEnmvi2?D%Lny0$D&$taDOZ(T7VV0O%2;$_j^`udGIg
z{~uRY^s|RCukt7eSP%-IMPcT%EDl1p%zU0lej54lh_do+Wi=ZYIWomGe`Q57bxu)M
zXJR9r8z+<!xldE{p%QV}JXavgv?sok#60wTU+;#Ks2Y&27PT`UAbZy}HnjLInoZI0
zt<AF8Rn4RAFCa$%wF#9%IwIX~3;EX;OTFqI0evTj5e7QFe@Cd29yCF!XCWX*hyS1L
zNkl(*7>YXORm#ew0uLb!e_58qB};i(h$t!wkvNOm!)0KL^lTX9$Q08=nk3qsBGNP)
zr8|m1k9_^*#<Dub+y#1`D^2<!ybp~uGro$gfeA<v!yaG|^TXmwgC5YN6^OO4VFiRv
zpjLkKXaSbia&ZQ=_5G^e%MV|_yfQkXuf$Lb_c+L-X1yolhqkfQe<Lm5tee7g|5l2}
zkYGSlV5w0y6^Ay3pbF)QNL}MEy+<iJqy~9vXK;GN1obhC-E(yKGc+pD<j_`Qa6*-k
ze4ka8*MZ1bnx+|xq99^L>`PZBi_4_uc~azwTa|>iDwz$)9GPO8Dj_*Er>K%A_X2kh
zap??_Ws`pc?y2v5f3pL*k+<vVj@(@@lP?0GL)y{!q3XU>G_5$z$?(pxdZ#x|E!wLI
z;4P50iWF#hs4f2v-A)$XeN#!lV5Kz$nj{=qEb6uR6FJ8ezl&YSC3n19D-h-VN)dq>
zV`7kVAvD5M`+(CUCTN6Nbe^NbpFrnn)F{&(U)c}7lQtSbe~?2zGq18NT4ps1(*U{|
zMJ3~DQZOE5%fOG~eCa#Emf<q86~Jt;<;WD%6aY!$IYj}G>$_ta)UfepsPx!pZH7vy
z0cvgK`+HRbWsVrU*xf<=!9c3vJ-!AV1^o@bs(<?2{}Ti)bp}=ywx4_ec&80?E|OBe
z06kFNsZ8#EE~AW(2We5j0bn}Qtfo4j>ZgN-ZfN1HD1-$4j83=XY&0Pboueh5i9+;T
zw}X0@C_@7!e{T%k$km-FzpYm%FWxtfDSA&{YYZY)d*zrzLu9wB?~ve<n<CT&HGbUn
zaI=b@Uh%DKoK=GTw`Qa90rFSh6wK~-&8pe+!6=HT)6I71b;xW1J!FE+%<A+_udGa1
zUNN}lSd`Tv%Y#&U&1EL9Id#jqKib6pXesd06F%B;e{9_NN9%0#J>jFJ#*crrjsqY*
zS89a3VEPVs{r9?WvG7GvB<T-yVdw>TPw;lH;`TiV&zb@~NyVB3w&(SiKF{5*c6;jf
z|HZLe$47rQln#f^`RJ*YmD!fW3=}qt;;@DS+=5kkA{DmM*Y1x#wLf|a&GLkge!Oe+
z_(xC8f1z8JkRSWGFgnMIH(yXeFQB9hc$(GTPt~cubxhMmfvZ)k3SgkpMSe1mDpt}x
z7&=pWDUV+37spyoQ|D}?77m^B1(Pk5(VEB$R)=}TqCBox9+fF8v)s>1?$?RCH(9vM
z>@S$YT0G$k9_N)C|AMJG`WG!d`DXq7<lDV=e@rm`DLYPp_-bib5hhdz5S{-<-HRWs
zxqKW?@{413=XZKGSO<sB`A*4Zz<$g{3{f*4Mu7T{8IOg}0zb@)DlLkoKcZ=K`#Yr&
z2T%A;$0^Omzf)?C$=@k8!T5JdF0EBA@v)Awt91sz$&XZ1tzH{F{6*_w;^RGomy8}X
zf8pbufu#A>v2vXjc`TL*6Mif|UJ-Bx$QBl40U%p~W$Zf}xP-oqWAUjB^z@IHoZ<-|
zFFD8WA3a4p4EwoJE$>c$zT_06pRZ$a$Ja}adfNbrFqG53+pnq)VTM@EHQ?qUyz=|U
z(_bk$tLrNz2aSKF{tO7kua1?2MB%C!e*mkb2bV#=^(tpk5CEhh%>1R>6!2{TgHKW_
zP5(;A0R-b;DK*CvzEWz6@voF#T${B&Z+2Twe5};q_iw$|*Ir>ZzmT6Qe!UR>d#`D}
zJoc}*yT5pUC_-dY04;|>#ESTg&%q3kgC=~&GcW_cI#v!sg}7k=xsg5@e8zR1e==UB
zkj78L(06Crd^>6HlX>gDf8)=p$>(<JXH6!OuT-Jj7vfW<lkZ*fhWLWdPTP|sb;?a;
zoQV&ZOd*?S`_Gzg*ZT^Vu1d&Xb>+9J_Er1|L<gQBvQn*Ut9_{wVnnW<T>7^zQIGT?
zrNx*G9QXo2f4J@%QiD2?zOMQjf8IMxz~Kyk1+bp?k3G1N0=fYT&%pnspZU<V^1%$@
z0FW~Rpl1PHa7<I1JNaM=E6|eX_}=j_6J%@_y%4=}!PANZp>dwaQpR#Wk_Jr{vAD|f
zv@F8h58c+dZ)dZ8DrYuB#>k}Wh>TI=#$}8iIVNLdCf+GsWKz44Ul!MFe>MwGcOdpY
zKo`L+Q+I_t$8x<#3w+Qlg^;GFyq^vN$4y;56fkzHnk15fqHu4G+v;|sczN{CkxNK*
zS~%QxtL-yhF@z8++B;M5t0sNX_F{W4c2Ek)FS^#ZS_suo`wmqK`nv$NAU4%PSLinn
zssvC`Z$MKWs1khKly}=^e}iqa^~z?S7v3M3Ywwo;%2H^a**@^ipmBr-@E$**?zUN|
zj+~0WrBfzq?929*X{)7HK`3$m$L?HLE%H`l&11)}f}m`rc;Vs75=lbw+2D~Mpx)~A
z*08E*jU9*7!SAKgUYkFxS`%OEH?6lvXt?u%0{$#+BzomI;Xweke}i?DFIkjGQ-W7j
z#RSiIn5JbV3MYYD=-cUfpGx)3&~PO0(1?bkS%=0n96fSO!;z1Fb844w9V5OrCNJ*s
zTMiZdS`>7dG$QPDSGkWS{U)toWOs)Ii1~&Wnyg(4z$1R7KMW<=XTDOXIVxxO?ujqd
za2RXSre2NMDSq=bf4Zli#v?(|u@o&i<*?Tb7Ar|B!>}e}k3Q5{rl^qvciJB6qfF3y
z;jLHSR2?(l?(Y7vmnM!WJ?QEUxYsu8y{aih1$`Vc?=m|J`DB)Yz%0>DJlGV^r}&z^
z_ZwZmfWJnh(~I@m;#yI)5Z#OFOCPj8M%ru8;)ZUre|Zmsf0sw;oAV(D{wx9`dgUzf
ziy|mW=0{vQ-#n4FRa|AP%6Z7EGVn7o;<ea0f8U*KKTF?GQ;z8yI&VLwZ_dv6lOsEP
z@s~HRPf-WIov>d;wPls#a8*|f)kXs=0_0%>9*eqT8(k6we~s;@uq!lBItXw-^yf}}
zvF9iJ{doz0e{$t0Op0X^#;h!&m_;I%E_SjESr|mT6j@pN!N?71C;WYPrv0ohmYQ<x
zi=~tHV_)pq>HedU-lg?Pl9_$ffkq!9TU`GoVKF!dgqm0rAJzE@b$?z$om|<^O8F7_
zDO(1K{HW@vU_44V3-gfIX&w4$;4Y%_?S#5NlF2^jf1@IM?Tvg?WN!b9cQxXIT|0)4
ze_7-iTv4_cH3Il+OVd=;W)Z+R$wt}&Qlo9V=()0D+Rhw%t=iEJ{>OW%IuuJU?$sn$
zlx`EaYKIdbz7Yx`!CR9i!HaIC7Z)D+C_UpyJN8&e#;trbsn2_`*Qt-I^PD(<2-_za
zE9Zj-fBbo%0dnOy<9QjRIm^o^U{O&dEU%U&OX4_Af+#7%a70RN(11UZtv^RfsVT>#
zl+4~wlhU(c1N0e?Qc8`WK5aq}4~0e<(+^X8Ai5#mDOpq<NU$HV@)~q|>cRgEhb^T4
zuv0bStIc;vAh)!s@AVa6)gHUbXa`|ocnuNzf2>$j)%?)$9EB1*D=F7~9A_h4B+>bn
zss)9)S8x9Mn-umI3F*6djF#&WQ9d76;m^ZWkSoVY$fK%ErOS~<EXqKXgMhQj&zHHM
z@Fa<Hw<z1V3V#I9aE>TbQ;vx;3GtXF%4Z`hjz$hlIci#v+M%#2kiPcIHTf|FJZ;t@
ze>>WtrTQ0OhlZw+#p9$4m8L@(OnD^EhUh>G%!p30B+@00ebBUfgg$`T;2!Y~K9=p_
zObh5}u~Lnr6nsjNL}Ic=N%P?XCP)MP@TTvv6>kNh*O693L1#QR@BPkDRb!`{_8trl
zr6&~aD_;xqKJPia#TKaO<n$|0BJeWTe-I;iFa$R{jFDKe7t_XRfu5sQSfW~O6&;;^
z2M3R2mMpDE{Q41lZ@`W!4c}dD-~$2*|DIom(qHF8Yy5f88gk{V=2b0%l%<uBrbreR
zEaPR!;-KI>FVZ+&x=oS5hSmg5qLj1r7dhpK{vyXs(_iH9QT;`ZR4HG?hYfgRf1GJ5
za<)?n59%qg%n?hIq!KB`c4Jz=pgFGE;kJ#G$gU43p%0r4tHga5FYLmXPe^=`n@0<$
z3zTAERhNZ9tHJPXdN1!*w|8JkeEIwdpXAHePp=lHX&<CjTGRyi*qC6}zn6a}YAKI9
z9WOmJsW3IO6)%9F{`3>t7Ew=Xf88b2Yo#r9dvWjOeuGMA%T@PbB%ZmKItI?tG#W&I
z%3MjWRD*O=b<WGO*+X|gs1dMsD;Ie8<;HvYPBc<vR3-Y(d^E2vyw}A0ffIh%Z$L|}
zYW1+{yEqY%*6LACrq@@w_Ur2pVD%1<%}@iW8$(|oCI_atvM-dRgVBl?e~o+uMfGhL
z*sG33CI}6kSH*Vs=zRlJz?E*e^cB8Op#6aUL|b6+7>>g4SG95!n!*o=O;sZVY}RyI
z5tAS0xFQbbp~uLTqnz_>nFp*Yp%kLXE0z^S%EBT@c+8Vj6x^+dZS+_`_LVzd5kCW(
zjGW^=KNU{Cc8nO;!_Fg6f6AB8xzxx%w*0}n7T-T<@(ay8qnpJ^36KI@VR&0*V48|3
zW~KKg$96=%y8p<b$PMJtPIEs%*AA2EKG<7}CeCBu69hDEZ~7RefntiA*T3kJZP;|Z
zSyKXaK8`Jz$9*$4d}<LY7MltN&(2CHS7z`Yh|*K?abun@Q{f91e?}n1br3U%^sp)n
zgcN69N`uNR#Wr{@cz*C4IptHNn3{u@;<EvCM<Z=-kev1!Igl6fR`@Q~&4ZGguFTl`
z&etnVYz<)x$go;DSL_YZ#T)VCW7xX_g+syHP}Uxh5tqDU&WD`^^Y~oGhEHd2(2Oq1
zH&yOZv!&{>$p`l1e>mqw?z1=)8H@5|#<&PFR%B5bhDB1OnVSYGu+eV8^P}C!DW4(~
z)Eu->oQ-%p8aWUO61u0zk07jZ3#^NZ3GoM-n>(PFR8mmvS8G6V4z7f@+yZUKh1X$E
z-w$~IJS1<t0^0bVkiJg^5E61eY$=$>Z!$J~x`g!H1&S|*f0;(nOi|mlOf}1*WQOc5
zSLC&b%ZT~QD2IBjCChmhu%Ha1G^&=%+8^=DZTwW=hTHtU+U_90B-Q4(UGw0iJt3!h
zW1uQm9aKd*=o4y{t{n4TDe5RfhR()Rkt3nDKso8ZUrXnFU#Q+;L>&LEW2S2XE+E9*
zz{KjBA7D?2f7f<Z;?0NG3N2*$^T6W|FQfGy_JvekccSA>hMf_1CHbCzzwS&ys7x0a
zufx`C=zRn6(F!OTS1QKEOW<N?Rau9p+Trortq`iA{T~o4+d`xgT-cqWPTFbjJ<l)l
z|Ld3;9iyBlKR2_?Z(lyND!4cpteII_2zdfeEO`3gfAtji!0xnBa8y(}t@XZ?7p-8F
z#UoB)mi}nQ$)lIvYKLy?`N{OATJ6jam7Tpklgd!JQr(3_S=P#_1*ofhr)~Y{-L9KL
zt`0E@Hkd@m1W;KL<S^vBr7Ql)ArlnrJe(G}a*RE4xHOA>U+T4@1~Z^meJ0AZ%FC*B
z(_92Le@-iK<FuZn*GPQUOua_U>(*;$W4FkWonGreT&LB@Ti3Bdq^I>D6m|6YgKt=I
z#!9903rOo{=+;PRENZD2gN(=vBy3w7_f>PcRVtFyAqP-3JYZ``$eDDc9bJm^wFg-f
z`O9uwYKGrG>h?HCV@w0fuC*sbx8B$Nnrb<Ce_YISsQd!ry9>n;vd~G7rdUHK&|2>D
zhl)~l@b}9ex{1g(`Qv&8;5MUMu=rOl{PyNUbG!Oe^J!hlV-Ok^-z^3iUn>VwN(V++
zeOvtaH7hsV0UP*vW0PjX=~kk|I9mhYRBV-ca-XV)-i2pg(`PQVGrXt6H)K=v-K?;b
ze_4MoFXh+x3O3M3n(>YFcB6VZreP;kAwbW*ReP@hC>**GNhPZK3&_V%Jxeuj5L0i^
zdvkRyKl%q1&A<epDqp&PkW&G0c)MGb>n>aM0yUeoZkrcSy0pLF=#~ZYLomm`6>Hqj
zgA}8mJeRRpw`&-2iLv;HUCZDSmbWE@e>3$tFoW@B7RHyj0?3Y*juJz1(1c519`uo1
z8Hin=i4d#v!iR37obf!%p^=D4lOoGgF%l)Qp^t$Z`uL<vfP_5GyacFu-Iu`Ga7g+{
zv|&r=eX^^e03_s2oCd}WmF*<0PoA@CByNfdd)0CH7D1|&7DKQ;WT|w_2Q$|Yf9z?t
zJMeKaMJspBmFug!#HrNo;3?qW_V+_GTQ^5m4}IbNXS2r)^bb98Yt99`JmU?rk=o2Y
zC1pSYz>W7mKe&Flb$rL!nXbZ8CGtjD1j)lCiAKp06I8@JAS=1Dzf>iXOyqgOqD1)6
zWU*usuXvu8Wmx%cbaY??SpzqafAvW!f&{S6R1tJzLzjv;8`nx7395)Ir=D;UMZqmv
zh+!I6;U|u*LeJTu?ww<)pFtw}d9>M~rt8fP+s9J8YcF5_4ULYW11@%8j=WOc;Q61b
zaZ<m3z>OG&<G-2uJZ%pC1h$a15uLhJxk*Dp+*?)c1KJ?{fE(@C!ryfGe^%^>*dcFT
z{|%6KW&=0Myae0Klya#Uoic49JY7P!w{4%&-$B>rK2e0!bs84f8M+ESARiA@9!%b?
zf8l*p-JHPK!io#{6_7g1SE<dWBYVo2X!sA?RoiSjvOF{TraK-y5?J4DO{t!T+V^M1
z_rJ6~X-X$Pxh*6;WP(zhe}@|;R}Nxc1VLP~q>coO{3K&}T~*S0<{6I)tg3V?MH@F9
zxN*ZzQi>#Ac&1XM=5;H@vth*K$j*5-ofc@_NS><lov{O9?<u33rrIokG}+1kyi!6b
zy5F4Iqfv?bwhKm~uIM$7oL@;P{7ES9tJN)+wA;H8fbQT}wFm(Ie_n^QJ88%O;^hKK
zuB8C$kxgGwSqM8I2Fm}lbThHmw6_o`i9LsSjT|&VX6FHf$(5rr@#`|IS?Pn!3ZAec
z$py=xGEoSuOmxev4G<380O2ReEC~#rDYMkPZkatBFH9c^#P30HE#RFJ4MK8BZniDh
z?O?#K8?fr7=g~rYe+zN@NPN`8OPvs6YB}fxJDgVwW^aQWnKg+1+w@oV;=o9`K<0Do
z+}>h$gVn~wNBXB(X%v_Fk@2Ohd6d($#^&(G%#-VDHl;@4@D>2lyZrL`lg_)>-8|@n
z^*RM6<C+a#mudh0(ff3R?IM5jUiz;L7!eEe1{nb4!PCuOe@f(aRHmH@*2uE}mx~TN
zAq|cRW+4u*cfnw?3-4v{3d$S2fllqUwcY#%(-USZ$GfzAV`<2}3}1Oy>Zv%^x4H-D
zh1SsPuM0rQzq^zl$fu3CHd&Z^Al&KrI$E)V`q|bpBAbn_%=lrlCKn#Sjg-FbJLV1g
zw<s9ncio5we?Ch2xuCa=U;q`agwWru>X0!og)wcUjZYKF)PctVkVyfSG;2O}9h^gD
zNDi8C9n8a9lPkv+kFzAqS;<4rqCD|gmM;qy<Vg~ivGAA9p1EOY!>vO%-1;fE0Xfyo
z+kl+c<lF$)cKS*nhmKwe<VZX9q3#Cb?Vi38$cZ|-f6jN!T0VsL{vK2_`ff(A+Fr@&
z8-SeseXWD?-U{Zm_{O_#*9UI2H04f4zBHt1cZXav(72PAJB`)tGy@19@<$9DLGbO`
z&Y`~0dQe~D-aD+(c<gew2gYWvTg?;ne(i7_Zasyy-a<vjwjJQPgGpmLw$Hzm%>#tO
zyw57Ye-EjLAKXx__c>>3-@3@fWM)nNSJ}lhQd*M^;r;ip1%MRJ1&@v`NV;S=l-u3n
znuy;#nU*@O@yM@(4C9d_#?@Uo57kVrTvdTsR&mAB)UP1YFPKz$OIAV_IN}laBX_zt
zv{B9E_Ri3E)Kqiz9ZB0cuJ6u<I@9Ok4EIyRf4o2M*FUunycGZTzo4Zi7y$pv_^$`J
zuYcwD4}bAq4=cdC2lWWWN5a5soj}!?4;5e<EQq<yX2ayh?pIKE&@}*6>{$y$R~#Wo
zboZ&l*}C$;9bz{&VAFJU?_Crh464rY?LFEHpk?kNoHZmW?^KPhF55fWc&oFr9M4jl
ze?j6qU+*EGc%iZy9D$`Or`+={4N?^_OcA?vfR#bgcYs1MuvYs-Olh9{mZf@?icPKy
z&JC6k68h*Iep7PL1eG+8-;^9zS7De(S<bT3hl;nXV0oEv7N=!hBvBN_zS|)WZHRX0
zhG;)YC6T<QGgT7V^pq?-yLOBk*GA-#e@sK4(BqW`QmH$1b*yh*hqrphyw3_mfhY9|
z8d3;6KTN(8E;+d}e63uUX2|)mm$3204iFps5i*gWGHrG;4K7jdOWIOZwK4^z3viHy
zVRAKQj#NSl&jDIM{K)}k+WUL*@7}_*DPH3C@&*ViF$lo5rwttqAp@ch!)#XXe-nNK
zUf#XdZXJeXt$k3e5R{vOAf;EXw&ng_HL}BSpVmDkupll5hoYe_xJFlM0*GRrqfi6&
zL$=<_!PD(`>!$f8=P#N+v8E63EfpevUQtSkdSgzdbUrdaoJR;tuAF2kFP15=EElnK
z3q{O$o-A1yhEZMBSy_&dL4`I%e?D|W<e#LJNHqCOrSx>t)@#S8aiuh}-XOAnT%}8B
zD*A8~hF-^tEJZL39G;<~$eyuVY{(8Wj{>;{cdNF!Oi)poO4QCvlp1EWh0dru@t{2z
z?$Wamu&Yezr_#6xh*JqyTSF;XKh$gs-Gfza$2tKFXdNDcT3#yELJac}e-~hLZkvZK
z*4K8xurAJY1jGeW-GN3vc{CTpa3A5_npBGO{i&^ESQev%7#>x#zs0NK25PaPnLQ%k
zz?|Jf(W)G3cJZs&$)_|w-|z=%h3=H~_gR+&4z`Br_2ZE*;p)PPNi|A+RZcZ}e)&c?
zk9C$@xh|tT4a$;*WhHI9mjqh_5`U_R@cF7H$f@S4QL+iFQ;nWoH9;TAMB9!WuXK))
zs7{PJgJ|262M&?OIuLLCFpvQS4%=@ZnwBWQCHEnX8@vFl)|36Zotn|*zkS-|Pzrlp
z3tOwSC1$L!4g}i%<o!S9kw5btXiD#2{QvhS?^ljIFzQ1)bp-uZh9=@k1%Ctl0oLHf
zDJ5}*@wqQ5c4;v+BF7UZnYzD)&bE3>FaP%C2H`XS3E%erZnpgL9sGN*m(*H^xv39d
zZdAAr^J`2~^>nY)K3r)lZyL<dT<SRM!=RV1ap*6+Uq5~Q`KRG|Agz0MD)QHI;Y;}h
zmvWa1IgPvUm&>njyfxp-2Y)b}!vdR$Y1E7!hGA6w16c9+RR;1^p2BR)rIk?(q1TSh
zxWB~)5!C)`=@2x14DqE(N=2^@c_e_)%Ubai_y_K$pCHNhn|&4c*Km1omz}CusZJEL
zKsghX-q`UI%Yra(cBdW_U!q1TsjS-#CK#=+sOidi5SOIMh)hupN`L#HfChuNS|S#9
zi$diz;b&l9xCnzk`bGDl-~=D=b5Q?0{3aGCUuJVXXbKX2f81en&|Yr)H`r<{sO9nX
zAMf#}6v|KO6TG!n?10nbRtns4eEOh@tWOBS-Uf>4vUAfcWu(%XeFouZDsT<OaO17!
z#U3~P)IqMK&IT%d6n_A=!US{=>?iD#a~fllgC^J~^Qxc7mGe4{qqOu{8YLBr$~a+J
zl5v*$Q542SwalxL^q*b*6h2?|6FJpf`(%Vkny^pKu70AAWMH3+qPQG8z=Cr7S~-y=
z(oP;>dr)(O)=~(QqbV0dzvS>jwQfkm&1z*LPpXQaP-~sInSWJ3kS;lhGTRzeXgJyA
z9jx!iJL?kExqhq~l3$8RF5W{>$y6EjDKvB&<=&XBA1y8DR@{q$TE(B9td3GA)5X|P
z)xYS_FE5U<G#Vj%V1t~D{}amUoGKl1&;(^QuS$npIjo{OjKh?bKC}!?s*>f&GGHlB
zeNhWvsw;OtyMNHG(g~lhN{5_kuCgM_U!2P7>?$4lNG3W{)OgEcKi~_~2K%Ad?@prL
z3H3#+dOB-JYy%PO-I6^R?ZA<PaIzg=*D;#EDSN9kz45mX+MvVVp;~IYN**ligGbft
zzc^xD`?lItCng4a$LPLWA&n&Io@mF?`yQOIxjUFXB7f43;R_uOiuWq+;HOsoqnu}0
z9<b8g4m!-l#i<nQFOF}62E3C)Ca9o!RY2s*{<4Zhmd31#rQ(VFC}2FzV^#-6BI-Jf
z>dei85!zKi;qz4ikyFi8LDal%6?AqL(Aau*IJ`5ONVF8a4a;a6L>-=NJGr>^M{K8I
zO!W1yZ+~Awiy!b<beMkC+U}eD0sIZ*={LH15EnqZK+CE&c<M<Om&Rue;ICL02-ruH
z543{-I+=%&8Fn0*@m^ki`SNN)!Hi;Y+K8QW=NP6bFYVph_7_ulTlOFXkb+)#SNko*
z86Zsw2hy>In25S<gl({;oI0BF(LlZ|Fze}Rtbc_vwlH;w$Yb?`9%(F<p2|h&3a8h9
z!yx=xUNs6OA~*IOO0_4I51lv-)r@8k#9*M5nVOa1QpkKlC|l~QbXt7p*B6EJ>Wj#g
zgD?v6sz_N7WIl_+RJx~eSu%yyD*Q|;V7I!p>x;tYt1lv_qH7AS9HVT|CI!Z##`ct8
zgnvdQpPDq|$fgM$e-Kbc3;;leV4|ycTx}*5Uemi9R6;AKNm^9UQcbo0&_IG)b##d8
zyaaMsP4}?dsbsxM1Ae@D{~tXx>^1(QR|}3nC<UzCZC8ceF~CN_OFdkJ=Ir=9Y@0}}
zAa99IWrBbs=ChktMaXw|O+}(Bse^FXM}OxR7lreRi^!F;q~Jj&O(Q>wa~3WA2)dqy
zEE93K%*(Q<ayOAeXcrfS&sSVTPURL@YSa{grN)j5tfPL25LmKur`@gYH64Jr+20rP
z8<r-#Ei<jU){Xp{SO+1kWYL4kP7SB-5H~%j(c~}sTlmure5|d(5klJCREsREpEBJ_
z&*=eym;=RwyYFaebSSto9OGaaAn|{>-dDP;!`#}qM@kycsqP>LO_0ZV)g9!@mpWks
z8h_nDBD=gJdcN`waw?}hlA|WbBRO`|C!rsk5=e4He}gImQhxjT=EBl*ltM7U!GNF6
zNicc2cYCN0_;fSigR*KkhOYci-XDrG(({+z_x7UuqeA&DypMeQP3)B23;%v)*NB`J
zEOM(Z!6FBZ3sy9*j(}X*&r9ytNyXyOkAJ0LiI`<k!C4qpQJlph2uA2YBD;<tdcHaW
zaw@lAQKO~^*4bqO<VYxl8V@&;!*BY6P{nwt^N4jvE=GT&@5bN8$Ae-hQ(2ClYNe4F
zjjkf>FED6U_Y>Ygo6|Kw3q@M1oWDxVt~uAiMjiYk6r^^bd392XsnV{El`ColU4LJD
zdax#O|B**P*7}emCdlYKU_H5V%mZE(LCHc9ge(e@f&p6vD|r+NKgpANB)J*c!20O<
zfc4~5ZW*OUO_9-YmUTiz$)_fz(#?UcSWy+Hv+mU~SuRPM_rvnUA>HAFsg2|ti@R^I
z1x)>I07xmA_)~gq*!$YJaZsb!Y=7nT2>+rQkSNkF<@)JsPnBGL755K7#@E@h>hn<l
zh%j7%J+{n7RN3BOFN8=^Pfv^F`LOb69;}>PIWMZTD3(48>a<`{9t)NMl~x>yfb%fU
zgUlV!iELPT^n9>#aw@k-QlqAb<T%GWA(G@%lOjn{!4C!JKyFGPsUKV@gMaeUo>LX0
zBtLqtc6&}jl&KwkRW-Pf!iS2FZyQAB43|{^OT8=Y2AbrY?SJZhtp3~do&;RL7NJ_|
z(G>L!Ue6_5+?ptgkiT;v$>g93A~+9{Os-r>BVR;i!Td^;O!|Nc%a>)yYT$zrMG+=^
z#B#ME$<gyclF6yuB1nyzB7cHs!;b04CS{NY_+o5AwGV@fV`su45bH1yk`vKRZ~sui
z1){GFLeQvX&BX1FmtaX+VO0?6Vf6DT%L2C-)9ZH(kdF%LgQQE)fv{`acu3d+o!-`s
zCcdSgSyk4n(;0t$N^GCbQcez;Ahh#vdgRKYipzWneS0dOvq(y}yni=K4qXxbJP(4<
z&l0!L+Bm)F`EYvVRBoZAMoke~YV7B}-6bKkB!=$I>noR^NsaqigSa#-L<24K@iBdT
z?9;<;WiBE1wQ1Ibq!O!~hOuD7Lg;_R0DgPN0g5dT&iJ6cfw@u{Vu+bOnz*Wc>8V^M
zh!F=z`Gwvs{Hl-sEPp!j43^7C+0sX!$w49h%ipixzw)-tTD<79pjA`02T9O_wj^6|
z-|U3`AEtXwFw^|ta$B|Rd$nQ*_dkPuSzs4<A#ggz2yd)+(0ccZKB!M3;R!Hx0;db>
z3FSh48MIA)KCCX92dg7j&VpQowX_8SKa*~9lBJ9<{gkCVD1YKSii?UzZrx(T>Z0d^
z)sa)Vbqh6Wif*CCj@slSNIjQ!p@#Os+g0s-G&0k}+KsXPz*YB8xVA?l#nfWb6X+(^
zrQY`at1~C|^*gYq>t?+M58&>wRWx4Cm14H&A#9Tg?^{(!bK!w_0QRkH9`q08F0qM>
z>7=FVWqQ#6K!4(~AmGJc(VKYNpb!2<w_8TgEj;QA1;qKZk(wLG|6f?Dpo8mLghJK6
zG)!v{09VyOo5RZX)|93yy9w$oc0!juKnI>JfD6TiO`TS$u$@9J+laz1s1zZCO<Fro
zrrIV)Oi)PkKz8KHBCJBO%pw*AX#%aL3RaX$pT$L42Y-GpB0fTh5!oQS==nf)<Wz2j
zM2(uFkVs<dQDcXEY*G<XBM3$GRq*@vJS{|m6?=`Mx`Q0D)3(PAM=cd&Du<q?V^mX(
z3-1OAWz|#lHE_zwumCQrRu@^FbZt~%!S-C#ga=;E`R)vLbhLn<59^BN!Mezmi#W^D
zJPui01%CmH(kufm{Us}sq)gI6#Chx{;ficnSM+?aE^;cjfX{$+kz>b05KqQ+(IZGE
zXoJ@1s*l%vbGvth=pCEFJeir$v?bczSs5}jIm!=WTlED#Q~@UK1?`PGL>6SfR$VTx
z0tCAW|A8-a0D0+1sMJ1iXDVrkiE`*E+3yDX6n{g#sLHVQ`bKed>5l9cWVRbA4TEpE
z-_DitkyEfK_wXpaqUs#7u^=RMzO?wC4-$*!fyBs_(=rT`IxJWg1VA~O36_<W&ypmq
zd_P`Rb>!|W9@!wV==nfm<Wz3)C$T~&K!=1DAeo*=uX%dQU=mMoKd1?=Rktn39Cy-o
zP=8)>sfz7*dt~$y+JRW>bco|U-mg&2jR^O_H4D2sto!YXUM@|sO{4Sv_#!|SLHJdw
z&tTpc-DuPSQsqe3VGq7W$8@)T><X3(fy4>YsK9dY;<2j(dVl%J!?wh#5suFKVJpkF
z*Pg@raSdKOq-yy1{^ma*UZXLr*xa&v{C`3FGUc$G=2+paCRsIWskWLONhmlpqO1M}
zmTY{=`>w072Q>nBg44l|b1-t`pb6?|9!8E_IbSZbFpIF|W6Gkk2$^&+O6Dirub?Yf
zo!3rv6x$fN`1vq$<Wx>|M2?!Sj>suS)e-&ll>Q+{=o+1ee#tH%XXX6hp-w9sa)09Y
z8zS+y@P1ffidrrX5rv+7V8T{(6j&!wz#kER?uMDigZ_uaMNhv)hj5XD#)T`Mhm#{$
z4kBL~Mx}sOdZ9G+(*hXfLYBrpF9KfrHFslhVjCwHKOatxoXRa+<oQe&E*iB~?zg15
zPYxSk<wi0Y^h2ZDYQS<f|NjHH{(o&d{L1lyCB)8oLjAR7OnOWeR*GWBUJEi9$e)YC
z+SkzH_5IlFUuYg8xD63fWab}q0krN(t29nEX0|h&3!D;~SZP`q)j|L{HV4N6jaiEZ
z83=~;x{&B#s_TT_w`p(v5?+ex1JOT*ysUqCUqyMhY1Yl{qvjKMY<J?`dw==s*S9yX
z2B)EWC8!f1G{!k}xa6P-8e<-6k6bxPgdbN?#Q?s?qN)fO4@JPjASr5SHpNF6x?>x)
z7e60rkDSV_F-Stt=^BGxxIGnN``Pu_q-t>P(-_YvKH;`v5bk>%h#R2}sA>C2I+)#e
zY2V7}v6!O|nA_`{pxZ$MWPb}lsKIqRDMt@GlaDY_x88Gyzyp~1M&s$I1X9AnAe(2X
z`LPjOO6Z;p$|FZikhpoEJaXlt3X`DZobe)s7U+I1?`SUFb3YG*GOx?L8j&~~lovlA
zD36@VEpa4JYr4dpi_N1So|HRk#I*`E51=;P1#IMz5IW}xSa&esdViqZg!%qYu4N0k
zbe9_y59@PdCL&IW2(=knM9v4z#q&UO<jO^nWy>(FSuB!*MRg&~SW(4n83KJ)8AYjZ
z^FG8jXfA#}&>T6HTSQ3uvgsmnHg=AFdQwK{wa`awlvDy_8!f1gFoh5g2iIn^)%a}a
z6@>=g@JKv$CJXP@lz&pG<jtUwELI4cn#3MObLsou&(OZ=VY_Ov?3nyFtfyq!@;pG_
z0I>w$(O1$r)O6&a2_iQS@<y&4Bz}<b)Mxdw_E}W&5~>yjtNkh#Sr~{YaA$#I8}b%E
zALNak$}Msv@tnn{Lx|ehh&OU1cA6r^?P++ocVZJjQPk6F7Jtb_K4Du=!?+16$+>~%
zZBVD&MN3buNaSWAXpEcPJw9|OF_;<VfjBezzRC$#DcpN7L&c;f=j8J^#qNAGSUe96
zMy@QPBn*Q%VxgbKELw7(6@IW}MHMF@_sdM=BLN#54HiEi8jPIEEp{X@Yh3K8q2ppl
zJ~b(F^urBGjekCV{NlaD%K<(sZiASxh2*W+8H5qIPt71^32d+OHML?(h$OWMSaqvc
zQt_C3Tpi<^8|^j?It9zEV30*IAnEpwC}*|eAkruYcqUcOA%#>C{Jh_3GT>(WtyOgO
zP#XQP=8p%<%Efv#%Fop;Ua9Yz28#Qy?&O}th1`|!<bUIQlS2I4mk+pud#iUiCCpET
zQIR7iNb)=w6}d96L|FvVX06I-DJ8j%883OjmdkuuOCc}((p~!>+c2v5`CwG!RBxNT
z2J{lbOyaMkel9_4LmNbBGebx;jo%^zDbx`64LS~`0x9b6F1(S{6-CG<dHfbB4e*5l
zoN2A;$A1Big>Of9s5gSB6OX{Qg~BKoKK&MXI}DRvc=mESaS2chxJ-XE_!#X^eV<^}
z7y^2EUwD5Y1A+CRsu?d7j!E_OxKO+QCa_%*#9rm+yTYXh6dx9L0)|VAWL2qNWgzM&
z0bj>pugQ9VI(52ugd8$K5zK>Ikt=6Wl9h4HS$~?wC5sXv7>|pLCA`YAC@Mu*xQi}h
z8*UXpAKZ$ZYE%)BIIW3_fEqu3wNoSA`hXa98u&o4_VhTZo>a@??jZCAwO^oQ#VcA%
z8<6A6uam18Z7tRB;MBSrcV+DIuJ5+0nFdc>N<D9fd_M|?rJGt9j>3+!S-IBI>c8XL
zN`Lcc)jC<*dN0k4?>_(51+JtxZ<<#&T~G(GE_YUs!abnE4-lm<H8DSQAiKRoCG+Cv
zKcyc4RE+J5h4(_YANWIBBvP}%-&{i{X$U*OpTw@bc%`&iuhG9;f9{)JcYCf7;=S#y
zHuD6p5L?!2R6q3sI^B!-jvqq)RQ|6~p?|tq&%6pl&5GzaLccwobc`G_LBGwzlaVV&
zBF~~cmWEDPN<)X&0pmQ*ftfW7^O%PLcax6AHl8egK0FyY)u?_WQC$=D+qv9h^uv>?
zjef>$ZwL%6orM8gS_~~#&vy6;q0MNt+ooP^@B1dpy~gM;PCcgE>KAV<yV4T12Y*+j
z-8GG}FccS{4oCEjKe*NH%M_m*CV3FOe}EFh(v{cUx+~>8Rifrn@fr0%$tLxzv=4GV
zwkn>7ts+-0!mP;BxM18bYZe8|i1B>svyjJ9SVfdZRpAuP#Ku-7&xfrdry3JYa^OVK
zB*%}M9`w^wvgvrpt+vZul8HD$tbfxkxO}D(oOMNFd0IN@qd|0uq96lrq2n2@tiBE!
zr?@~lRX|KBnGGOBIz|@Q4C^<;*SC!{Tkh^D`<>hoDMRFlaT!YHL8!=;%c9DXEa1{!
zFQoYnsEE9-IP<Hb4yzJ~{M@;x#D-8M&j+C*ry7+Z5{5KUhN$u5GUP&0(SLG8KPV|j
z02ER=Qb@4gacTCU!zpj5jTZ*e5#3VhTXMOt17i?pfHEWCS`Z6$17ZH_g<Se^Q{HWx
zjVYioU|!Wp+zgTq{m;<cTd|3wQ*5BhU_Zk=QU;+XQoDkG;TzHH+qE?MKk{!H(+F4$
zBhX;98<uc+f$Ekl-SudN5`PGJJqN=?4w@jc^Ds>0%0-w4(jv`Slt&?pV(6nA@|+2O
zS=UJz#dY8=sZMMRQ}TQmCUUA#ktH!m6GfKn`RznK(!)jz8_1!j3L7lxZ8TCIQGS5b
z^)v~AbmOjHzf(Xys}i^4i^c*8fklv5RYVB41DVzHtaN}3G*98K!+-6-I%;W1MPnNW
z{n9PEZ0{W~<?7AagtvX<j@t5tcikxFGv!5=T#2=w0DWpX7PT3~`|vNcShuIw!gh_@
z7AT!Mq=_z}?xw-Q3DHlaZFt-s`s*hvz6|lU`3GH!L74*7xznyLIb?!jnFrM(SC;m4
zRHUL}epywZSOnuiS%0xItD-87i_(uq6pIbjN}dm@MNT!USV)Z5M8$G;2X1oY&zs$r
zV_OlIdLc)jj@}&!sMS|YH>Lovu@z#|AH9|0f_-`Kuf3ggGpW2fxi7`6hC%lA>VAbn
zA1{}uHfEP48Acgh(txd9A*ys@TQ9-(5~dpI_4O;gQB^jn7Jt>V8Uv*AUbaFU)M`V%
z4j0nF`B$nA;}r6f683Yr+Q>l@#C;y@j9fWS{j!XB#0tNL(j-4%`BE&I&#OGimRY@A
zmTqykVQ0zn!OqC3M#Y`Pt4$R5vteiS(~}}jjTjg4wilEm`6A?&+@3uv1jCUCADBoW
zPIXFrd24sd#eY_0`(nLn?@YG6w<@d}gP&COlc_UA9RP{<N|{S~3d@O!m&0-kjN)0l
z!F^H!N<A&@n4gbOOXeZe$dzlJ*Fl!YEJ{Op8Hahnc##Pf^SG?@piJwL=I)7&P)nW<
zp+-(MDxD;>ZK8CZ-6xeCIgJXO9DW+IX3CZ8lQC+_a(^dJ)o?VL>q%eh#Oz=qmqIBA
z=`TZjzg^GMhN7u!kZilVYh~)K?hytfp9zYUTFu6`ZTLM(v@S?)oAqABpWkm3m#TXD
zuG?wf{9VfOomf8{bg4#XzH8vY%*L=^Dcb$_2#te%Zd7|^?I+<c4!2_$Ib$4MV|ZL$
z7md}}wr$(CZKJU>Nn_i#tu|(3tBo;98r%Bj{r=DM%)WP>t#kKYtM>c~HXd`qx2cL0
zfL|}Qd(zPF(=|qh_s^dljR3SUEu0P83#xHjhvs~fo2($(Q+%0S-dGcL36G~3zqyN`
zQFQhq^@5(xPX=^URAhBGBm>>Jp%MvCknfZ0HJ%8d%FH-7e=n2O&Z$ijQXCs~f-RN)
z3|}o_PD1(h?!vDflF`f@ukJ>f?~M$2wTQjBfj#N1?Ko|!0H3#AF)LzUcR7-ob0t&q
zMLcm;5uP{=0-$uYz$697aFvK}aDzHgy(VThn9MIQ@aNm@h^Bt>k;fAyG0?CM(2ICJ
z!BFqHk3>^ybnyp^9uW4&VR)K>8jU$#xfbbj6p<<9ManVcda_3R<b`4p5g#CE6FF<~
zD;3oky$04~w6ugPqqENLISScsj*yvqM`y!Yf?~D$#ps+WxF#gGw-QDJROMkNAImx&
zBoW_0vHW^kFTqtW)%>B)?6+1|tKHf&gyA%Te7^#*b^4)vFGy1rjhSCF`Y4thkQ8~E
zG=GQoeL@h5@K;NZ{I~u(bZr21JLeij6`gWwUUU-8FBafo&M&-3bOP{9K@x}rQ2rIS
zA>SRpIp8@<^&J~WgESuu{k@0_Sgqg`?S;#x1Xt|+6;EjahRxA>61SEljk+EtDmi&{
ziu)Z^*%3qZGO9yzPDYdJ4pj>{X~pc)O^G!vBe}w^tV@g~jNyxUM+=y3W%XP$rs6K4
z_Z61J0wuJbX-UoGgR#SK{F4sJYPEjP{Jb<Px^&?pn)8^^H7mLq_7&J09Z!_Jpa$;*
z&(9=kipAXt14U0U<8LJmH3omq;ixX}nH86`kO;V#blGmWlIHxhPG6W8oFg2jPBH&R
z*TR!PLN_r}o!}wT;R96Vy$TV3k%LP6E#D*tw?lGy->k?yrdBGCUim{KoN~U@S*tv2
zDN-Xv?-<&4GM$q<v4-*L-<Fw#KJCV2ppo<APiab{Mk0<ld6tj&G~gly=9G2hDi>y!
zLr*k!RG0m{uw)HxRkeB&U3emOiF$&@7QW+QsJ0WrvyUeAUjT<8-9CXtm;2n8B+Yz8
zo}>H<z(}uPCZX}c-Q(u+@~Hhn%XX~+06Vub=6l~d(M~MzQW<=i)6(kRgu>UR@{P+^
zw80P+wAbFS<jcwmYE8xii6gK)&h{A5#U^|*UKA5#PumPLM&Xo<?1u*yk3&QLJ9}L4
zkhzR&HjsmW@nn%Ncwxi0a<R&ZM}C~`t3m*kWr3g)mD0Y7-M=3j*0NMn>AY0zVNu=J
zrlEMrbe&F*8|u2T_HD4X*dt2!%S7^jJn7O~yvT+Oo?K0R<0-fg@b?yxP_4c09v!u1
z#jAe|)blliKDNtkHv$oU?{L<4-y`GvR)BVGGKd@i1a3KAV~Fkt`Cjs>GqVQ>ZE3@N
zyI&Unkfi^Kg!f34p{JV*#vZQp@+b8R@pbi#RN$Vwbpy;6-)(+<;N^wa7Mp$9-=(3U
zpYRqMKc`t-1Ig3rcq5djW=fED%L~~!0W|c|IWs(!%mCSv4l8KxIU2b8UZZE6&If7h
zkey)%xYW5E_qIPcTs#K-NF)A~8=ZwmuTza9?yQ3*6_8B9If$^`Ms-OTcikWW2h+N2
zvLr>&aDf|Pco}$ni=F8Pr7bODan@V+f(-Ge7HQrcyOHyRJ4XS`zP%3mUpG7r1+1Mp
zmaUpmP*-vU@_YYUuKh+`jSkLhdMznF&;3t;JkHr@dVoTwSP&}_^{VQLxmuTN4DCVy
zI|nW(5*p5i<|Z>(#Gdg+>lMUiNx5pX5?5e-_Zp)<y~t1?aLy1W*^C2uDYM+qzm~ts
ztZ_4^Xi`IyDM(314?jGh_vfj+fbD}`NE)0AkQ;yIv#-%zO^&u#bV$fLDLL?rRd)d@
zw)*mh)0U1KQkD1~W|bGNv@~FKfsz0>7m5q0^A(Dnfc~9u@5l||du7%w7_Ac|-n&3c
zaSN5Jy&sVp%|Bk$*Ppsh#!jxzk3Z8mn=1eIscsFk4s+K<s=5E8IjeQ?S2-N=rywTq
zg$U|dju!!<u_SE6<%t#V-o3uiDTxDmVfmp{KqM@n8t(6SI@v8Tme}kfB@QEkF9hQT
zUg&%`JWrQaG?JA<A<85unbpY4(r#F4iO=l9j4q+5oT9mf-KwxM7e!-5q))YX<lLM|
zN#bBdl7{#`dVoPLpoKk@?)%ccW|*03(W;$^ZKE0*vS30fJ<W7!j<b_OTmo3WoZ<Vh
zB;aOud5D(tPj^DUuYFE-0&|jPX(;}VqhW-(6Q{%*@-YrUsX8zoS`Ct;S;gUeKgiU|
z0qr?1E^irgwkJED+>!kSCI9f$b5?rp#cu+Kb|wPS@jDklj#PHJ_@)+f0wVA>mVB>&
zh5Gr`*VO#+(Lu-C#XrJ_wE%Ui|AbD%dl%U#3HP(?$A@YfJ6@3HYnj)Ax5P`TW{@v1
zHt+NA122XguQTb`O1-XrLe0tel;5Em11Hr;_lpwLv7fbOOGp{W7)_e!kps}AK)U9+
zDRk{<#vrSDKvo^bop+q1aiH69MW7THW~a5@eC9lvj~z<flAWpo+6SfSNGT_qaYl8@
z*5^Ey43OG2g(#IjaaN|$U5jQqWP<;3X1&K6ENnWz3~wETr~M{Lax(C+sFUW3Se*YC
zO`>~aHo;;T{~Tqx2lXO58@%|EROdlV8Eg1!S1U{0B!rhy0lU21R4?7_w=df7Y7!|v
z?>po&Zc2tgVOeZGz)Dq7vJqwe4=--iSVBIeBqd}WL$K4`&t?~|o_1d_O!jYObIK4B
z5V{umtkjlJBf%(J@a#{@$ZJ2K9)~ajweAr%l&Yebiex!;XhTifUXPo&=rRbN5rIh<
z7g^f2UMc2Jz=i~16g)c*iltOT9@9b7WSM*BA=bDdT1yWqAjIR&Cux;#PU^BES;Z+y
z>otIs!L8=0h)YFbAl(5LmJUt)e)jTQHsReUNIl~^n_o&DMlLSP&8@5v8aIY$b(dH;
z&6~-Ioz7OLCUydUh?}Lcaa{+*+wdoW$WG0=K+Zgos(pN^_YuhcK|fh|mfw~c>NHjO
z@VRx?-`k=O;PCb(GHRNi?7n)$Civ-ePmJO>Kp5q!<e?q<Z<R}t+*wN)))uX?5k`(E
ze&X-V1JARG4|(3@Fl=LwLH*!X!~wLl6z%&6Cw32*fD5-GD;~s1A2^qG=ANCJeK^0x
zu~U#RAyYoA42UWABkEfLLdFQWg<86MhWkpBF{N4-0CS4d!vUKh0Tf9H<MZq#TayH`
zD)eTpp2%Sn?9tJMD!JqU;X$uRQXono#aU00YAIl5>L9^(XGB_eNR?XQjFwdDu*qgU
zu-R#<TV{Ch>7<i56VfV;D5Uv>)eheXg|rqkEJskV60-n>QQ;VTYCJu)ChCA+S+4-B
zi4hS%@w=Aa#tJVixll`Lzk7<1oj^B3h@|Pi`<n23WNJAwz5qppi4Y5QS>)vt#XyVx
zxA$tIltTm5P?dhYYSN$I{1<Td8_zx}G;v`pdqtS)mlKo~&Q`?EBs}+oIYp1^9WTWF
zDtDOAur?!aG15QJ>?^CL96odrCLthdtS|uG#mErmX@n_b$0?w(-JgWkcfqE>$!ZeH
z8+LkJQla8=Udw=NCOzCTG2(JQFrh6sTgbtdW5^$%Trp1eE7Z<S7KtQX0v&>zI@04z
zb_sEFdDTlVx}dh=&(s_NZF?8L@Qam#z~uqJXTA-wPFwuX_(8qg8Busdt?)5c`YnKW
z{UMdxAyZn_$KeiTOmQ=;svy+iKTg#Z-=EZOhoo@m1<^^P3dGG(nPgKj^k(AEH|z<+
zR_EPpx!Lg!lLaVilFD4<H9+Kw=u=-xQy?pxR6GI${0RH+lJ^=NTnsHa<)wLySX||H
zst<pPerwV$4ew+(AY3w4;!7H-JwQ^@M*fL_;2hq;{m{Roqug12X?gxA>ml>!&gu}q
z=XK>$34bzvVE|`kQ~`?X<dIn3c=|AH{Uom*JLo2syuSf24S`*xp{B@KyIFP%xR8zH
z3NmW{Kch<iGm4fgKvHt-XPfK|<&AE>PfczeEa`n;S^gY}eov=CAK>ppy-%@^>23ge
zfG_Ii$L;G@wf%$ly|IcxcVj<Kt-KSI0?V>8VuaZCXs#D*Sl&R>)2qG(1E;9|1(E{M
z<%3gz$FNEDZqnw>)Y_U3Zbt6Vgp~f+v8r`)DE0WAU>@2pH&v-VIE=y<EBI-_@O$-Q
z54PLP^tSYaI2&hLSAg|FT+8t=-hXg%fZ)6hARdV#_QDN_aDUzesf#aA9a10>Hls<k
z_8t<MTtK>Pkj!*IjBMJ27%ei@k|;5v25oI`Y<XUV;bzfW6#L@+c-M;m^g<a6IQab>
zOLs;3F4=d{(iD2S-}k_3xY8uyUT#5&)Bao9CL9Gnw*MS3#c1sLswBb6-1Fu5h@k1Y
z_V17X+Dc@tv#9RpPA*r{<>JcM*%9_--~-CHy0U<`*Bz%LAuTRf-bnj$=W(d`a@W&%
zvc04MenlT(J`QtljL4*~OBr9wkwH~rlltB;(_hvFx>{S#(=!KmoAF*ii!eQ1Rlif&
zxBJ^Am&Rp4Dp|Gt6E$h)Pu!Lwu_KimZqr%_bJuVE9qUzzdd@?$ai&EUGiYozZ)eEV
zj`mw=pSy>RZO*JD=?{CDCC(mPd34KX6{#A!g%NgSktFdYL4QFU!tQF77RI=ba>18<
zvdj{(maTlBvg0iEqhEg@g0sTjlJ@0>1INiQE=zm?P5hukK7LD{_Gye(Nfmp_Zsto!
zHH{;TA_bzH^*&}|C(zCmBB=wlB0y$xZ`KQD{#>F2LOy%r6oE^>tL@-l9YWd7s27*&
zwdkpVko5OsO4WkR7XGn69jlCV$!jE7;m%wQ0@k-3{7Ppf{hbxDHWkioUv(XIbUAez
zasvTeKTQm(!Bli(yTssaBau|;pYY}}o=k1j(8=FDMu<Td7jSbD=gACXeT6ul)VkVZ
zc(MC%Sr#>U=_U86Wpx>LyVeO4jw8m80Z~G3HE3wm;Kmw#hYn*<6fjhLj`TSpdBurc
z>k$O_iZ#(6m=*i|F-~N_Ij}fCSlFt-;Uhqq&O?7L)^|>PW-0O02_8;Pws!Dp$FO=+
zIAa$bfdz19gI}50eIE;Oms1BbDRUKcyb)gX_*ntH8HFrGSZMvWLqj<=uHz{6@A_6@
z4)LK4T^)u^vv{NfM^%4!9{&EFk7f2K4}L59=t8G@aadih8{KwP{a)%}^!GrW7TN=V
zoRJJFk)daX*;5!|IhD@nvFqZB(frbb+4uQsrv^;0^{9vDx4x)ao8$i8nc+=TOKYOW
z%bj=MqD>w<@>1}rThu&C893`yKrd7=mvlF$cwFSeFLVluQ<Q{qh}o2_u18)PDAMA%
z!NTxxWlh#0J=EdiwhD*}hD-()TbTe3jhmfy0Ibr+H#?&UzreZ*xnwEI_7p!(EvWw#
z>$&S^lYAmTIOH8clBvv^W#*xDOdo|XO{Ax)W4dC7Gd_l9N%^8S3C0AocF?Af#tx??
zQieD+Sv>}rDuB=^7cHfdNr&L_7$Gl?h({3V)k3sJiaD9Dz3O>J3*EDG5d&nR|Ebr)
z66~tJ*yseU*lY1ETu<t-A;Xav`4nPRXGjH9>NMBouZGg3QoMyV=C5)2mJPC1r7btr
zw_-v6JNhNwYHiapjI*6iJ#V-%Lb1Bk8-URR-g`}*#EiCfQPm|R!E{NMOTs;HiaQL{
z%l8xiRoK0CS^RNwt6nhf<qmLlxt|Sh>tW{WNm8hP%{uDsOZ#o$(*3a`VBGc<Q9gAB
zILR<Q(lFi9Ps{Q1bI^7hhvMQw`6bt2C^-*gyVJuTql^7%(&|Xpu8j+0`0Q&ewIIv6
zE$wVQ7r9AUiLa)y+yrkQgU?@5F+1wG7+G!~RLqPg`}+Flm@JSO`W4`&is8)Fu7q<c
z;U0W2#=$1^KrB(r0``KGQe#1Oo73+aA*i_9PD3D?bX1LEQ5@~nrBt$HQQX;1vQ(QL
zuATSv!)3kTwg|=cNAHT~CS>oDNVs1x#$1Cg`raV+vw;K3VTb|)z;i`oM2`U}pk4;0
zc3QFDz|;C#IS~gi1OteMG>Ibw&uJC;S)s*mg~bEhT;~uvH;dv+!zMavu)G&XI~vSf
z+=`^Z*4XuXi=UDiZh%7tZZx2t!fl}z292Vgz7fu|fEX<y3SnQVbQ<o45(5gF1rHWy
z5z7g3BCFpm=+*mycB2~JWJb=RL3hWHA1NBYuz2|#4MPMX5&*n~z;QMrWf9AZEmId%
zFG%i{%J`?-qoXB;^yF5}XY=W_C9%qFXTJKo6C7AAPU&kPb{qEs@@}%slQu3gh;Wbz
zYhWW+C(PUXJepXhxoOp=@~3_MyzUs<hRyZ)M!k*6TD0L}MmTZAE4H6MMS82*T<R>#
z>&>EH1mjvw1|Y_k!RO&$c31<rr2JENNM)1TkJu%m8AfHi>dDR~ne@6;29kN;2T`7%
zMm3^MKg4h0EQ9=MyBWzo`AlojM3qBD05M{YAz#BC|3pR}RsfyS6z#a4+H$p~idL86
z2k(so&zzI<aM9gys935-ye+l;AE+5gB+uLoU=!U>dB9i>ky%Pbp-^2K8<`=L`eKi3
z!i8tDD~1?9(vs@gzo@&RH>qq-BSb$orJaAK{Zr4Hclo#6D*rY|gS{{3k1p+KX*6b2
zVWqlbK-6@%f+!414U9eoP@9QbbEUM^ya#rAEvzU*q;fH&QCnu0o4@6c=OWXoEAf+U
zax`2u3jim@78x*HZkl=3AugEHlHF#OLoe-VH4eVfXJ@uzZE8(@0Y54tHpkPgEgVO?
ztZQ85q^7=-JK3d{vEtUJg<hM&IEAyHlL^_xaF2^iK!JgOKM4J;uBvFRDG3=Yu_Y}%
zowfwD6wgk`_U5GN@flEM>sFJvsFLQg-IND72k>v8F3Qaw;QL(Q@@hMCcHF`1FmplP
zhw(Nn?_p^o$hxb&^i>#FwvRg@GUO7WP>(DQ8rfwyZYlKboIes^;RvIzc^8V{Q5cL`
zzZOr*Uq%s=@ssZs6&b72gdC=d!p5}kml8pB&TxDJdm&-+wcv?|@MGyY4^Y%07<+Qv
z0N=z?Q$&iKm`Lm@aqF;UqrBZ|Ty9{Inf8i>#cSd6?^8|>QIIXg3H=QXWwpdG#fY#(
zkrp!ggI-_nRE+vQ5{8#Ljqfa$));a_iygsFg%;M20}#E1QHGTo2*=cjVbunQpw{P>
zg>CeRMZH&=fOgtrT6+zgvrdTKAntBwfLl$aJ&9WZ+l2%Y;fnCGXw!oLl4LEhJ+H?M
zA9J_}>QLWIR%DmhCVE;ckUdmcEw6xB&wvcB<m3B%q=RwEx~fR4y=YPYi7B~pZPx)-
z8U>22L;Y;k_RPx4*i>$<%I$8Ne0NWajas8Bv9*eXi(j+)FXG!~yJ8`d^PD+IKz9m5
zq#5qY0PJq28109vh=pGA2;=xZ=|rimo+JfzD3aGqA<DVD@`GkE)iEB1zWr|1e8TxA
zRZ}Ta@`LB*Xd=w5|CJwz5d7q;Y2hw18@e3`Vd=AbOFX>k=c;A<n#vL=d#m`mF~-dO
zm@+t?e}L-PF8*lA`E}d)wJ&o5FzK2i`po($S1>n0nFpiRmo4wvaZy}F%)|}*e({?R
zHd)b@KDwdUj;SO^rWM)tc-&?u_H8PC(TZz+-VD)o%lK3E5=&s*gMnw_^6E9OwRLa$
zwpZ0Y6%$2=@-86GRT#xWu^}%kARBAQX2K1xxhjhEHW{Z5Ih3`L52x=6z>G2O6z2+p
z!s0(9ltD<$_;Rbz^4-pF>-p%Y|AD8HC$`$5binO~{1Yf+gd`^qLu9j;$A43%NMg?<
z>yjlm-*eK-bkh57N>yibTO6z#^bc22X&t;ul;A4zXkMnn*HJ2vMtcJsRVQ0=+{#iO
z<FV`E-t=2i81t26JHSL@sb5<xy!a6*cWTH+>l)jAVB2P}zxpW9bLJWa+VEQq#yYXj
zPc!R1@K>CQQ<z7iv3q2#oAZ_9ohE{IyvX+FdYy|KhjZ)&cLmS;t?znS1*<X`xiXmz
zd&F;Lax#kap~RIhw3-Ent%CB5X{S!Ia3&h3Cxq{8pqTBK0~IMkt&^D$3!*+NL;)y*
zV1AIC<)|o-wO?4GKeQQ3qB)`RGcr1@B&9bMnV5Trk<y6qYCSQftQ4`Ke^cN&T;%|q
z+8BSUh6C5Avcpv?6!iqlG0Y-d{gA`VUkd78NY9O&92bq{decAaO=EwRcXc!UM$C7l
zW?_9f64=<<wAGvQvq7z?yAaSn|BQsoRaJO_%Cl@Il(qEZE5n9L=R&i0=Bl*M0{T64
zC&)P{>SBh7^M;>~r{erg;UF>qKy5EYmqF7y3X+DfP4@+}1`$CtV2D&f*FuU|tM%65
z&K*e7<0Wfr6<}KJNy8j*2lD}h!8rI<G};mP=CZWO><sMc*;{Ou`T^Iai}ax_f#Rb{
z|7;ILhB}3z2!k7vOGX&H*3!0nX|JBGSGG$%zjsEqT_q}kmOAp3#h+9Od|ky~dYa-(
zABjJSNNwj=moM3h;?rTj*X0Dp0u}@XWuuAx2BDqxY2zXa^pq6^@lJ7{%gq@Eg@cWF
zd;Zc#<=qpPTm2Y300+z_dNV<4DRJ?-vI-RWr!_!9%4vl>`KiBkyd^Mn@<3``$kgsq
zBGPvysY%ige_KiUZ4U{b`#XoFz4kMC**w(01iHTk6QASnxnqZcKiN{LeloP|m+>dD
zB<xtbz_4N!Iyl_e2B(ismH#lbsjpk4ryGbvj0Xi*sUh!3Z~}lnsFz+TO!+56{p05R
z%i_wY^I$cZb3tc<qqnQGH-Ypns9N9MdLpB@Q|D!MweNmfBnhhAu`-2kLeamrAP5ya
zSkf56GNq>a({=TJxuXmb%#s`;B#NcaR5<fXv6MY=GQ>6;DQ>n9^pD7%)h`rdc<cbm
zHAbh;aqKg|CLo{%t~If459g(GIH;tv@G>t5C;s!2Uc`s$N+;F}0AN`+%9Q#{KQorM
z=|>&9HIfYX|IFpq?+i=YM&Dq{eoOD->2T6uewodp0Dk}X+LCj%-lTrtYZanl{#8{Y
z>~u8qbT*q(P2O0(3^)WoCEXF~VE99~(B~PxlDKjy4EUCBlGxQZG`Dl(Pb8+-(68Ri
zfJRfrt58;~_F*^M3+X7Y_g?v4>nt1#FYL47#yYhJiH;vDA-}*gAxHZCMd=}_9Y(tm
z%x-1Gdj$I+R;s$RQ+D}zNa(%tHaQz-RFiH;C6=hak~e?+L*8KW1P&NL43VA3_ZXY9
zHh;^n1OR?na@qJMzcH$mWL3i7SKb<Cu-`I5vA<s{W`IaT*%eN3$DHWw219xvn5y!I
zn}ebJ2v67;bL9mL%2#d<Dqi~>%TGOW4N7-Cz&`892w!KXvu>U03yRdDVp=x%__hQk
zgIl{cN+hD<ZMqeRv>6Fm5Dbg0ABZ$w5^Fw10sQ=l>Qi4}fKkpAVbm`5Lyv&1$iH=n
z(k`M70q{ns7=JP`HSg>fvRqIE%rkEHtN6{GUx_Vsx<s711+FL-8sioN^vzZ8)I7S5
zmN;noOtj>*Te4)JV}J0PW=E0#KFB+^B2|(;k$jdeaB=u-B?~wyW?l(!%Ojg99QPIc
z32@77(I|lf7gg^Ve$O`idL$P3?)Z#M&U;#J`^rFr8eDL$gtI7Z&I<Xyke~f!PDOx{
zavRIckO(C}?N9T$S=S``A$DU#xQ)IS09ZVeau|q~1d?TjBa?gok=*e=d;?^ws;qAz
z>vb|$=(u~PXkE}$<+KFOBIYGvGX`mx01W$iZqD8hE;|L@9}{C<M0To0w_^L8p2fD7
zvv3woY)q<;tpk-G)45a6{8xqLRNj*RW@lx>_3H+RJ&!8CR1`jSW3ya4I5^<9Zd@&R
z(V2up1m$~<5EIZ+p3!drZAF;Y5Y?zfh+Lc<H1Bdh6Trgx9bd+qsp2;sHX<@n0BJ&n
zqESlU;#p5xMYr##jniPnMj@#$Iyp~7+j3#WW}3LZ4>F*+(d4TGp*!RN+(|q_%jMMh
zgf`=4Dx(1?%v)AVc1@ltveek#{A)BWtxrW${dTFk-;hn^hQc%~zW4>r3nk~7j2;Pk
zls|2+@na1saYNOqkDEpnRGO=H0Y!<q*7d6B0?<Tn%&WF3WdLem`a@m{1M+2MYpWTr
zL;tTGH%l#EL_9Auwyh1#V=A7?=sAa5Dn^5uE?eda*}&>pb0v88NbA!xEJWBVxdXjx
zkEOqmqjeLmw%=v1MwR<<9a|CW4fc=*Fh5`)a%*)&JHsLrinr;yJ?Q@A12S;U(yT+a
zPO=qLw#kQkOvxi0tW#|2#t)GM7;84?N>s~=Q_Dqe#W!e$2>#>~pQ@K~qMa*$Lw?Op
z+ok<U$F$x21CZ&>?Rl6&91#$6u{0I3s(xS8f3HRaw-6eyTkr9<U-4VqYdE@ba;V(j
zCnqlq*J}rV4qEF?!W35S91!X*%ISZ!S2sc$(TG@Db0hCM*ww4jyV>zu(UjLD8|Gf`
zI=)cWfUxCA#lA^fEm1*D38W{1w_}b*=n>t4Z7YIjMnTOQyChCAJ;JETFXVn0TZhOo
zI4P)DmMyEE@n$w5$fCShbuC4VWGF+ip(sc||KC$^u%V@co+1Yjtykrt-xC@8<QyV}
z$o~C_vOoL5tdb66kvo1ZnNZtA_V7b=TYAO&1-cpRmai}9{7iqk{&Xht$w%y$x@ZV?
zFoaI9P`C@puCDBQ+;m(wtkPxuRa^H_Zc=BO$*9*98M~##>_ff`AJ3Fb7zOQfW>>(!
z#Z8%Jf7=?J`mG#5*VTb@Z_Czj$KM^1KX}rA)Lpjw{oHG5DB21)HJL985nW^!_|{cs
zrb~HQhB+<CvC@}=M9lPb!x*D|FDpwJC4r18@jZW5KW#!gmn4j8J}~w!+IEW`HGWXE
z7ovY@NyH$Rs0BluR$+_D6=MG)FCF^_eToj&(^(><!|~AyI1?CdL4)>X-+b#5n<s05
zB?=>^@W7WIqWJT;aTx4hHo>EyLDNe3QK{XCX9{~Q`1%w@Gc=NA{+o8x3wA4PzSgC~
zDD+u^0YcrU>cGZrc=1a=jSyWWN+5}3LWugSsKzHT3nZ4VnKKMyf{Kjk6Wp~KTI>2e
znfxREiqpRrVBY}0swqO1(YrUKFJS$rA7@%#-X;!91u>L=QG%{tFH>j|Unw{agm2vf
z<2bKSE3G79y4GY3KPuy7%#R!PIK87WS7XdyB#}c-@#q`)LIjq1AbcG-1(D6-E5v`p
zR(fQU%iq^`Wr#eYT+MnIJxcYMP%yaF61ZMJ7TW>_6vp&Tn}X#P8v!>mtsmN)Gdwes
z)I#w}-9BFoxBLtm6W|kYL~aXvYuAN?1WMmlczR0YEz7h9P#fV}I&mX;^$DWmn;Kc@
zQy<?h_JCm(8jUHGqeW8E|6Ul+xrE%&Gdzvn%9k&BZPb|UGql(;8)USk(&17Uy-O%5
zSlR&(?|+-t?o~5SU#@w>3RKE}R8Yxu5vBcHeXyUnTDzUk{B+kbHF3D$;7uWBclTV6
zRwVMxUm}0{iaZK(h5UO#wA|<&j5!p6de#laO*!}eC@W^B6nUl^4}sF>)Q4^mn(G?|
zW>IQ8fJyd1)=d)OlgwJQVwV0Yhu`9r$eaM^bNWZl?fA2;{%}2A!{P@Py?F@{@%Vln
z{zpf1Yoa-=VWBG7cZsJ?pKnHcjwezxI=|sc#A*qm%Bm2EeQna_=t*b(IGxpw3V>t9
z;)m3*f;}Gww)fQ4j&59ZfD0}Xh)Ou-9OgLUUe3d3rn2Mh$CtRr;c&ShRaTFk{YXax
zq}{~QT5isvW7}vYjo#v?m-TJ<Sasa^aYy|ZXn#BS5Dxh)U@l7hj-~7thION4#D!;F
z1D7oy?aI%%e4P&gOHWNKR3l4FsU?6I;q+XHb|dbXaqi^*LJq3Xaotu1FNN7NshSvo
zK4n`*ZPjXsxaU-?JBX`iC(aJywLu3M9hN=Nn3&NZ-eGLW`BTLM-sU;8QhxWde`}UF
z<^L6K*d>fN7gyr$k)OjCHLry>t#X$l<yz1x?t>M3hiRCu9yS<UnzGUL>F8taSEb+?
z=tC&JW;cJG)PSORqJ9(GG(1M+!MU`uk29!~b0gh+USdSLoULDHB<tt(%<%$%zknHd
zx-AkO!5W`i?kL=XT{|9&oLEEZ!a*$^<UPfk4EXS1VSK(>5f{9r(stbn?D6*v*P$i^
zUZ=F7y0y7go|$~VK`4Gwg8T4I_14-Wc!w(i*V%#g4b2uMQv~HTq*kz=`{|&J7qe5U
zI_0S-Ih`W&Ur~X!6;wnaa6|y`N;?p1W#d->n6X=x3eo#V4@el^=M0sw4Y~|y20mQ5
z<MMhMaaR#ScoJ+OqfvC0!89o(odsoHr+AZMM(MJu*s$*kzXo&W9JH;j`i<8mcY6&-
z86jS``}EzdUy4b@2ib@W#WN44%U0`_MCd+t7^jX&G1&4xuuH1X+Xrx<>238|-tCdS
zZ5`TmJ{Jm1;n2Y<az2YGmr81`qUXpMbDd5Z_!grt>AHUe9Tz~5awbATnMr7`nn?q{
z%@5UoZ%k4=McK^sSfVba0OGike|q(Qe!UN6G#<ES!6Lyvy6+M`h1F9Mx0`63%y613
zmqfyO9xMTJ{D8RtlLV9pJ{E#>w_*XQuvaEH-nmD)&(&9SD~|ZSJSH(2!47sq=cU9~
zZqC~n#~;fzVk-*T59=aA=dp#eN#8MO*k91|^aY8+Pv#`dQaCd8(2wNO*a}9#J<=HT
zuw%1)#R^8uGNOOF*`NdvgrA6zAf$o}kNv;lkt&wA&0Bym7P<;$rWM-};f>c4w7zy_
zx)rS((KomiDr-T&Hu17I&SLaOa~-PBd}wXCL65Yv$xBk>c2K*p)p}|ySJ+k8+{w3}
zJrq~dp0ydFAG^0p8z1r_*?Xtm`sYwU+cm5WE=0Fjuq@q772uvcgsG7|A5rALxnVNU
zYZgn=P6v=Q7bR`GX~GC!iykr_%cU)=WgQB7)|SUh+!vxm$|7@BWu!v65dBb=_SaX$
z``8u;s_Y~wF1>FNV8NtUG|4_<Qw=5SaQG+Izk@YH+z@VHyf)R+Eok91{zb}}7PKCE
ziyi*R(Iy#5s8mr}r_I2-UjAF&DkAlBK&|&w5CU+=uC;A;v%j=8$08<R0`4@?@p1>x
z0-QJVB>S?QmD9LrBpqwy)WkC#=@0z)US1=tDT2CUSoW8T>PPZ@64Awgu@<>Rxl(L7
z@08mw4mpgOk|rZeH~*<G<Ei`@#$TwJZGXqRWj-Nb+`p<eu*G^HX38rdIrDjEn{SCb
zKUe{Z0oeKd_R+OS*{8m>RWt2e5ih`lsmg#gM>77GGh<_N?HIPRfxN^g?uuRNlX?Ni
z)uTP?iR?4>$)%z?U0v<PjqBK)!)lxs$q{n85^+tlLv9Cd=S6_<CMDl;kzOw4f4=m{
zJw8T#1)nxz;7RMy;0T<H@Mq0iPnTDu0|<oX67qJ!mr9AmuENhp&VCXpmvdG5@Ym#r
zMk_7JlIo&wu(7=y4E@Sj`*G390K-Jwh{IC>o<s(F8MRerU!p8XwEfbJO$ZyC+noep
z`wamIRWNTVJLbe&_7)E%{?{w$$a*BkG?AV9Q_)us4trE;kUZHZPDgL{RMgTg2Vkv+
ziiC?uU=KQ+%PEBR^QMaEJ)UsL&thqR>Z{DYeyYQ!oxhw7K_$Ye1h9U~S+jL|k&$!@
z2`IP=^FGbxn(OkZy;z5kb0sOi+$a`+!t7Y(pzS<}q{Vjl4D@Zhd#YC!^%B;oWstPj
zATZZ`hhNG2Az1b_)8sZQL7c)-2{22cHk4$Pb0cM*B!w7f_+3g0C%zY%eN}OA?F20T
z3K*Ags}eiR`~PcHRZhuyY*9c!@{nXFm-_5_zIbGK-P;|=ZT*Ro-2NthN{hu?WbNb5
z-<I%}txl;_=FYxA){VkHpA%E*0Bdhzc5Ot;@2|$9vslzauN^Nq(LDetVyDaDAkd$N
z#NOi+)|Kxs*=|IYuK(FafRQVjgKTQV(JQ2Uo*tAT0c-u&K7l9IQ8I!i-Tr;S$oZPy
zyq9_=9A;SWeBWM@BR?qhN2kJ1JUaajx_j_QV^p*Bs>ZCkow9bTKa?|&aw!~RV*hM}
z=MJ~X<AGlzi<IG>GwRHMMfU0;PJ}I9iX9la*E!e}%1C@px&M3IFb*OPeTo-0ZS@9>
zk#>|Kp(J_(wzoG4Hoe+HCfb&G!TUFse)#W%MbBLV`YKu~3<zeeFx!SCnQVJYsr1RM
zuiG+AJ`R6|eReY7Q0GrOV_>v%B4-0Ubfq82fgGOH%4TT0djOu(z08l{Gv4W&GxaSQ
zEj{UPoC<HN5ek?+EnV@Szmf}4;Y9dzdFTqb4ULDFheUe}^wtb8r?e7GB1@9mer`?=
z%ctrSkQ-hX0q@SC8XM}KDiMFtJ6%;Qp*Sc*w)21dz7DeNVUWu0$P^|C7<5|OU-@a1
zIpPhMDtkdXMg*|ue_Sk#?4`6}o|4q0YLZ8&vP(=2J0wTZ)q_=2e^Wzu_g3n5v0(W)
z9yU&qKw2M>`_YL!xF^X(b<z<{+0)`6;rO1J`YyjhV<m9S?zjsxUKY>)`RVHV)VTxq
z=8aZ!Tc<XE4Zp$#-AfgVd>bHL)jw<W0F{a>Dn^WChYJu5S`kf#Lp`F1dP7WG`hHG7
z+@e1|1-!i}QaeTai_d!R<t`|%5X|@!){Z^cx2nmh`&}UA4Z{yWS6^o#gIxO|h)d1q
zeokYDoe5v-i%duPBGQwh(>6YJ%8IneO24I5(}y$+3Z)Tppiuhwe_$ayIZ_m`U2KS^
zyGjB7`co>GZ@UGdMHtt1;9^DN|56!f{S!x7hGq1tIuHQEoYF|s@DKnJUY&)KT?+SU
z4|`1L_f(t0qOAPWazr}n4u?6eAlh3oi#xQeXX)z+tZrBOD4$CyqME<Hk??m9ta!p~
zn1VA%p+6b!zS#k=+4xV9g#Y%`4My=i6wC&o#;PFBp|<G)9SHam(wcNhp5T~KH%IO>
zDXk7coK%m&ulUB>S|+-V&Y@cdeC&-Zh!dW3NN*{(5)}g?c20QQa(BCh!08giMfzE{
zjJIk|Nip^2x*ACBwdiALV<Nvzq%TCrXPfJQYZbRDvQ$o`>s2z|f6?=a7f`uL<}!c?
znN#;Q;C(E780~&vheEt)HI!kF;+;m_1VlQUk?I@)wHuQ5s3yq=-zS8U-`g6G$?nnp
z#zp2?X;7W+oBciBkN(A?qEGo_aQp<*89^RzZay##;+US6@hNOnV@$V?`L}d~tpmi|
zJ)N6B=aT(|Qr1z2$J);S@JU;b0?7buRDz5hxIZ9_+{*>0J@=*rgQ8<`M1AY~(wExi
z6lP59h;g<PZn8<0+qhKmJaM3K<F!H;a|8uU8nmR}Z;KW?)|*y)-oD68zQ64}1esbB
zyif7mj3As0t|+wdXKrFLA4s2V6}f&p+B2KTjvY{-c=^&je7Vihq7h~YnAHOiU(?SF
z(>FTs(5RXon1vn>52r}*^%U|nU=h03W575M)wvk8s(Ul4i^KNMab;;kn^E=1HIY_?
z!<e;46qH>-EIu-Ie&bpo8-ac^(yt<_%{*VpzFZYuT@vS(OZ`#Rw~YJvd&9K-^lovb
zg-L*+<^^%*^Oxg-?o@i4muLZCV9KCYYfb29;zaa__sdwIOxU;3YpiQ84;M55r&-XJ
z#fb<(8`JtpZBkNU3%JI7TiHAu0V|4<!tC@1E4Eoy3!@5jta!hruRawcLu?o<ILpT-
zkv+U4r_*(St-f0oIDu%iS=jxIXyfyS-Cdt&RJ^QyY774P&{{WD6X6v=ix3<T0IVhX
zj&j<?VX+IwnZXKAIo(!jeyKjYE8^)5cA?c47Hg3T5&`49zKpH!Ig;i0J}?qcUo+PI
z9loM=b^HY!0cAQs)D{I(@~kf~r<u~t!R3(1s+(oO+vn!(;w|$wQ8)E!q{DW9NhgBg
zW#tkaAskQiE$zg21zr{)Bi0M?+nYPoGm^=Cr<TeLWjs&@##k;HZPk=GDl_lb^#^B^
z23+Ur0D9J2oQ&SMx$zNM#du=iyM=>ks88rI<P9h)=|a*t9N{{!B26m9h@C&MBDmjm
z?!ecI_6cF_r;Q!+{2Ol%RL3%-A)9d(n*8VMd<b<>VgW6sn|}#VY^>BW><P|kt_spJ
zuHs=h`b|Z2_P9=26Rh^}4DP4{aYefo_*;5<sHQCbq|A78v(Kn$^z865^qzg>v3zoZ
zDDYJI9Gk^?XL~}$KITc_r`LU<Pc^yZEer&r?U)&k1Enw1B3pSWXfUsmJzP?CqVdzu
z`>ErYb5TIlSECTHw(s@r)A)-X(X^80%{zxz7Nnm3UCwXRz}KAcGxp(t{TGw2%f%3-
zHBlqH*=p5{*za_?Xf$mn;)u+=zqPfj<GpEzdTQbYLKZ#r7QcJTfS_4NvvcKUSndcO
zA7MlmzU5#oijWkG`t>m19sZHut|-a-IsX52PIiMk8lQszM#A?I$2QH#tWKOm8EP7Y
z@iQ|`Mx`QF?IW)t7Rr@pbw#0A>S&pXr}jlek<k5-M+DuY{U5O;<p8D}qM{hhL<y;X
zuz>N;F4fNnsc&r(9sO56oet&cp%1eDOPt*<3Sf9xw<g~nRJ0=cjbgD3CK!-Vxl1=-
z@!mq)GObksk#mhr=ljN?A0zwigqJlNppT3%KYebDJ{wz7!904#U@x*sX*F2Gzold1
zn;{*6drV{xhm8r!IcQ`4>bcQ$9lYgD!6{;oSroiWCI4=d4M9*uAV?w#YETC7Rn1H5
z2RXBt>5isZQq^UocSE%`SDf_d7}^Nbf}-qm+)i%+9z1A;O(>LSrzdT{&j$ifCnSL`
zHaJcERf)>>Qz2&77Hp)wv1$=}E5<CJ1Kg!=hc)U_5o3xWf!1A_?BKX|I3Xc%jf@IK
zum0KXs`N_EM6ZkNM9T!zkPj&wZ)S$!dIhajaDmuTTH`V7wb?k9dZ!?=j9T#U4zb?B
zyAVIXL@^9z4kduFc7Ca-_dYdsQqkNIsioH;w}B#rYUkWT?P3<{6aU;QZcvbHl=TsQ
z!?d=#iw&f}K58DhuNfDrpU{KksQoV2Y+>p%SeA(5Z%rnwV_F&<X{80;dad8s6KETJ
zcj*G=o!TE@I0P*vgh5%>eKb&Y?Pkh>`5Ozcg0-tNNYeaJv5yrdjMQVxnasuu#GO~8
zT82v!z%5YUi)Cvn8-YVAhzy~!IZ`uD56Wucgxr<El|w=<t7T4KW3lf?=rt#uvbQh=
zMb80{H`=mB4-wQ3VjKmY`MIfw+KoHa%A0A%)kE^&&pU+ctjhHLO(OIK{<(56iUGt9
zDufJpLHl%_9w#G&x`WBP#YRhCpnQ2ftwVic&Z3Kwh_okJ4)_%B@9JAbvMU0-Cg1`A
z|1@BXO35{Sww5J@K$L~u-lhqgod9QTw^)~Y1W`L0(`tLS@LToN^(z@y!cePS>JQUh
zV{H}4wh-1VdM5GKNIrB``R9jMSb#~b{q8oe{5J?%_CqtmHYBdTr3}H3N><Ml(2dua
zU>hx;yM9bj9Yms)D_V2aEJOx$wy7MUja^ohJmqDFV@NzUQUMB+JTjN5kgWD-h%t=D
zk^h;W`J%ll`oGZ}Qes->B1$C0J?qxwF_Mw(?F*eP0!JJcXP2NLxh&LUNx-4RlC5s~
z%K1Ta^+?T?Wi5OF;=E{WrFt_l5ITpZf2*`El)pZGr+-KQpyD0Zv&Wn9p}_d8)*m_6
zdwK*tdYt&@rVh4)Kw3zv74{kuD`NM#Vl`*z-BxXF_1Tp9$uysAldc}E!LytX4q18?
z60!l2cG@#fydP<4M6{vK4xmMi+l_UPBAuN?2UP^hEg0-5zVfq#(WDLPDov~?W$@9b
zQCM>7t@L!Y@}DDjoF2KT1itu!B)4fG4+~4W?k2-vNAi}BiJu5s#MLX|$KmnRDcM;2
z^=QQgt4sBxGc4~3Ma|<0O6$tZ=nQ2S{d$7sLrHpD*&`kOnFKN#u)>f^$qJ|Kjl?p<
zqh*&s4WarkZkWQPhAT?1c6I*o)02z>UOkP_LQkL&#^dW)$kJ1I2XAdZiy7E705^e-
z2)qxP>)fqM3je&n^w5hx*_}5f=1t4fd-l}|R~z|Zh>4gp%uYORfcRw59~VoGo=hNs
zw!S-m{W4GtRCTTeh{Yi3#navOdJ3^wG04KlVoMTTXftSlane8a&@8UWULDGB#x}(4
zB<qsWd=5KPKncsN)B)C+F2x`<r%*2J2R1W?UC-@`f<oW%>x^-bf+zW3PB%(}q^<{L
zK9#DZBeAKXX4we!p=<TM`yt=jC@Fpb-51fs)Gc+{hJ6PB(r(t5=~`&mY_XDP17ALh
z_VhNW-w@SBFa~d860nwFxKpNbi?Wu2<L|%Wt54e{N$b~zGQVFu)sE)hQ%zmCl?s`J
zAAS0)<a>u9YlNO5g1I{P>2dk53=tN-D4s~|AQ^qidU;V-iY!<X$%(WgXiTjV_XQs`
z)aV5J>IT39RKpUCa7TjMAZLgd!Tc|rrz(FLzk@Ts4&u2;Fw{?Se<1W->8RRi+ooTF
zmc<2wZ(sL{=LPl?#kbg-#wId(t{RJS%XD`v%tQp$LerdTKaIE_{{EJ-$K#J^-mG>Y
z;<jAfEaQLi(UHgcv_l6EHU=N|`wP$${&7Hs%NS7&z(sH{`#zbZG-v~IIK{t$0n~KI
zHn)j-^ty%+GNO2tamP~Q5XK`?TA6YM-Khk{@pFiUD21S6-gL5}Bdd^o$6zf0rtw;v
zzh%=^giMClDLd@nbRgA(*~;clYKWS><d3E0GS#l+3+y?gMqkMUl1Ic-e@Lg%n6s|?
zyPY-wn=-$fK7tP&10|_rW|Wvrs@T0-NsanR=9T);Nz?duV#bubY=4kO0jHT-fiL5J
z`dAF<OctsbaYm3@gzK)hH~}`EFbN~5br*%N?9lwrpvXUKYdkK}w!2{Hi~IdL7eNHm
zg?7kfSr%lCH6=1q!d=97Hcw$w{+{YJDS(Mf^o5-SEOd2aPEjiqeQzVCoQCSUTUg)%
zgN>?=XZwh<#G91~OOTW1n)=yi@JCGDUo~AGJ1yA9zcZ9BXIYKU{;k-!f~t1wR71ga
z+B02Gt$6+VJ!8~1!5F737@&^i>-kpyQ#!`|VPI!<CNaHAQ>#GU>Jkc|IT+yu3An?;
ze~T9cCm7)o&-|0hZDTO#nJLqwO>{Fn40)!{`=PEVxewj*EAuseKtcE?qT1!qD6fpV
zd02K%q&ui-1hK&5S5D87pD<jLTj&vM*G-?XH@=t1!oCuOanG^^2<K6NDv<1)^~J!+
z02d;2iju6da~%Quzbi@|0w-3rfHLBPw=IcQqferamUMYiMGQ8S1=8l&$bV%vIB0)^
zxvMuY(wwTHi6q}~wC_@CnW5LWBF<+MUE)qZT))+LWB%ccsh$R>mhS9I8TB)aXOS6V
zjpM#t3q%;1Zm89i16UwPCS&3kkKd8T0H>vxeU8%c?$B*D$yYL6lf$M_0Oqr$iw9yy
z%+rWYQRdG9s8XPkS&I6EqPtu86)g7Yxb4hqy$57?C^0OZEf4O$$vF}8{3QY8sO`}i
zV&^4+QUVs?zHT*LgK8=wwNT`aejoR{mOFV>HTZh(66(Q(alK_qo{x0VNcaxjF|{as
zFN$|#XqrTgqT_}a{7hXywE7?+|Mx{~sb$eERGS}ZaDM+b<491H3eyecN#JtnMWQO9
zyR@d-Z)4huRb`Q%?^FzkbbcCd-do~uSFf54xVJjVtI_@G$ZsjOU2epwBtSF79`(An
zXoiVND3}G72|tB@elSTziZKLFu_{ICN8A-<0H<&9HK}~{n-#ACF;XQ6y2hI69=s{*
z$5yDYQkUF{+{^3%!c|lt;LJ)!J~RJtBg87=mf4{yyhh6@aEhiO<dP)pS4#C;LMf(C
z#k&TR{g7^Qe?QL>EBIQ?8rL-2YH8r-UQ{5!=-I)GPjjA7cEpVPRw&l)c!9k`SO+HD
zPJPKG^clJ+dP)b#$LA%Y$D0k6PvL+Kx$+k~Y~DO*cSDLPlGW1=Z-=|nlyoi<x22#O
zK9-PAkvK^MF9uvfo3arV2d4o^31;Tyjhw-$YUp!ATEd(<P(2w?^aIuBZdxs5s{`qW
z6Mcn4u^0ugg?C4xq16QGw#saxj!4IJoin8XU<D~_YM@ORXmVME`1u@PR53SeUuP-u
zx$@QTXic=Cvj8jH7IM19=_v%`Z#)CMZDc?8?!=%biZ|^KjDr=NsF&nYQevbVbP9M(
zjPNDnOF~aXuOsTfMO9j`83;sBfOa4WWc!nN!SARDkgDy~6I@9BdyDXjV#f=OBHi0P
zhC?#`@bmzbKSshzK4_WnlDiS_Rc&;|!NU`#UqIguEZmwFhKRDv?!^%qnEFVdy?SLX
zNz--YA<WOgxrre&Lt(~IZ#7T8uY%2#ogJ6(2uU;Z27}YeCzrHnQ9>|Od2zC0Fc<8z
z;w$-t&S)Hyt4re?2uDs!TKE|RGVxBv$5({=&pQA_G#lT~IVX{YT$cW1)X>;!dQf`-
zV?}J5l*gysS|uw#YYr|ICZ*R}7e%3c<cc}9;g3%Zna~8fv@Aqnl|??}roDs?Ko>Z%
z;J=sz3hzmL^TNY`btvlvO1w&AEU3#=zogo2*Ee$##h|#163NwSGLT2SxBBx%y}4XF
z_5s!mVPPp7J56wMKd|RJ>+McU3wM3Qf~}=@uTh%y)#$mQO=Up%wD^JvxE;ZP3Fu|9
zk}VpxzfRXCwX#P07?$<y4qaSGa}O~42?rDLrD;sTV6)a)0l`A`x!X)5Gm=Y?nTF>Z
zf6w*&((4HZyK(D<?Rp|`5b5XKs$+wy2O#s0V=(QNG0h20&LupIN9QDf=zmx<^_^aJ
zmrvmY<$wLYXaNTz7U@pQ&1tC+wx;Co=dYMjNc^mNJ<+{?`$IkKM;7Lma^_7(L&sT{
zw;-5A#K(b>GBS4?XC*hJr)iz8sccdZYGq^{J<iVZ9k!Z+z!FD@WITazvOez;8W5+d
zoU`I0%eTeUE>lIzB`Q;RuCD2hSrEo`m9aQA{O36NGcTaUMnWiV1RY<o@06=Ks?QQ7
zZbbPWRq(+F#@EKsm7w|&5@njBac^{{(whZop@j}^^`KUi)9=RV3%g6pHnON+ZK{~@
z%f!873X-6a<v*F$?i4~&ymN|W08L#5?9*My8Q%-JT^lnU`%uz!=+9&h8o9I>K_xvc
z(RKa<JV;3-h0><SCEB^#@%V;l$0&pQ08}0~+D@|Kvh8ammciJ!mJ}R?6r1cclAaQj
z`ZX&t+gI_>?s?mUN~DS&#9EvbAEKmYf*C@wHHjHN;p~smU^7pNy?)s#0Bw7kOYJC2
zXQ$4Ginn*CZlsOh>11IejtdXUKH3|*W)=!Z8!^$;pOyX273Zn!5+MO+Jzw#k7U&_?
z=su1T_8oOvF}32tp)|wcj90Id4deX`q&Eb<u_C~hO7#sO4)7koLgJ*vSC!xGi1p@!
z{jNO5e={`JeVScGk`WjL_<h%c(9+|<(2Z0cTYw@jgM6s%C2wEXqH#MsDV$-Rr0SFM
za3#AJ->NE_NFy3;KeV7x&SU(5vjqs5_q~lyTqfYWXR(>RU=XN6hK9|-hYeZ<2CY3q
zY8Z8M%FRZLZv+HNN0)mpX_5xG?r;W2hhyj#Z0fdpJ7KrDV0B&t28n`3J5gnmZq08H
z!2RlC|6U-so({Z?c|s8A$r1D15-&pVg*ZcVwS!~6_z^J=dQcj0qD)B7GS-w`FV&dp
zp^h=eqy%Gu<0wkH61w^J!%2AiFtsE*F8sF~TD+<KBL&}qiuT2ffvw3nGn{ncdyPOr
zOusi4(?FyZeq$DZ!R>zl2toJ0wXD&R-SxdRDXTzo1Ii8fWVhl}J~#y6?QSWmr2V+O
z=GAvl6>#;t9w*IOC^QZ(zg4~9I(QsH<G8hMlTPRWtJX@E;GpZ9(HRtqaxuElA@~dj
z1K3!W)zg(}Sq{7>XI>i+t#;jFu+RojcB+$}*lwF`+jXsi2dfTR;eRZC|K;}8f55Y9
zz*0X0`O2^}unFg@m({VD9QE8%CT}T!+`#YFyVVnAoi1<jO^S@LPV?Y-<jg_Mt0X8Y
z7JFXAqBty>bX6mkL{*jqBCTUS5c#m-dC~L1^T?sx)`{#-J<>W+^233Tf%Uqq6UjcP
zqUT*)U+zs4Jx2_^(tp%mjcryw!Zwj#5JU<OJp^SabmKSp<#9T)TbP~BJ75Mpz|g6>
zKdF!l-&?%@{N)bhG=5I2`wkhI<uZ243dhGEtoE2-1c)75u3zDQo4xcx?%;-XIJwmD
zcKHZUoTk{Rn8ZO#yhr}$@=-cUovCk^e@7>!%fIS&=Bnx6dVl{|$X_(IK|i0E(QB1!
zMI&=u9BJc-yOK+=fBm<&>@mue$+?{4kQ5nVa^?Z=$e9y)NlLQ-U<-N3q9ln~UU||h
zs_Q6DqQa~4flP=Eyo;U>ct;N9HaR45;7F50$qze3G-Y8sF4js706u-!kGo&S)j=D$
z?)Id@i-N{2Sbxz*yHT93esSd?>2LRYv&7C<+osx=sy?Yh)7rh4O01{uyS(W#Vo32b
zoxnV5Vy>gCT}NR;7fEJIS{J87@S=GTJaXoY^GcriB};Pv6NxNgd6I@KPRlrw|BB1l
z-6SEhF?iAQVerVI+`33f>8(j<;N)K2^aJ009i@OHx_@?mhCL~;E=7TW7B4>EzI*c$
z&I`P|U`dXBfro7mZKJ9E^fNv2`DmqT5^DqTdPei(FLl|0igfIxUpcBCQ2ZS~l6j(b
zBVYAmzeZ{?gxrH3YU_!|W_Ja74LB<Jm`=wU9^>0(E3ZaK)P`h(Pm33?-`swE+2u#E
z_u2`H@PAaS)#;BytePL!u9gLLyMn#-N}D~_nLXCvb6USB*X3qMMMW=fcTI|nFevlT
ziR8>x9i>%J<t)fDpGAdVvLdd0CgO+(c^c<pDB5A86Qk!tCz3<C4GJaYHYn4`3x}5I
zG9)yjQ8)h4$+-Tq3$2$_BPQ`@x!Pk3wu9K`i+|->{vMF+Xl6>ShVuUX;?I{0<ua=z
zDWnR|mW%xCSlPz|EbzfH>jrA)6nXf-B2SHs$)7$z`oz$#g3dSP9xeth=<wws$|<CQ
zq|gYporeJ=XU@Vp3B4#~K_CQ+(!64M5tl4X!oZ88BFPIk?`ULW0Hf!_0Fpzw)s~WS
ztA8ye1^zUlveOZNq^MO5gKDwu$#6w=d}}?vv=T~4&GqF3V%)_Ibq6FlpPEBnd_(W&
z*H}xd(gP>Drwd=9U~swVp$Ce*0GZ6V1|9F@2`m5e4JgQw_p6mxjg?i!uVB($KOqB+
z)}BL{#Kr*acOY=?{z0iM^)4Le>~uI`G=C3HNY3o}BH>w7$%D13Srmm8%kmuR0sPd@
zDtY9J*r~9w4JVAB4^Bu9<y2Tw%BirV)S%-&w8|d)@91jgm>xCQ>_@m}wy@)&ZJ1&l
zKT1qCYtdJZomXLUvRkF7N98g-P*5o)u-|NVj=E82m0NwBa_k=El{||9J|KF|On-&L
zD*D4+7uRXl-o88)3v_`%Sm6yzAk>og7;{i7ymI-_IC^@KZ-rK7Qe;?}<9YBya^@<G
z;2thmRzhcX;mgxENfMTZepp6coTQN(ND$lb!}$5&hvZOhWu~Ou$~+l!IJ8Q~Axyt3
zj4yRn@$y`fo;zll>|BynCPQc~HGlq_!2vr|kF9ppwflNu4R|~V=D7~=K|t(tNI1CN
zEAJjCv#6`R73ekx^OeR2NrkT((E?qlsk9k>W%`is;(?tLa<$kaF9%;gEz0FqnuB%+
z@ka$VI5*T)|5bIv84pRpm`+g>ghja=he(Qyuqg9zh~&(%$g{Y}VwRU_%73Czq^t-M
zpCv(9q-o4^KXu3TVjG7TKOYW}9LjA`C@Hr^nT$RpCC34hNb&c5!%Z7BXER_c_xG{+
z-WAf}N2(4)tUG%D{&BGrk5bdP{2g9%i3>QjnDe1Nds%y^-~k*Uy5QWjB~c5q!4i-B
zX>l)rzjFswfQVm!A<+TQ*?%^<UQonqxl16k4o}zr<?e64DIfz}G}Nm&|BNP&#^p7?
z>k?=olX^rK#_-YkfK|(N*-wU#&~;F{Uc6R>BG|n|y?00+>apZn1ah)=Nel&o?ihja
zie~3P6$7C@v#uAY#D?JmD25JJg3nVo(&8;(&2D~C6Ke$HDmJ^8>3?6a62@fsTomk*
z+?8apA}KM#u+76<k~0@U<p+MunehFHMFkI8Uez(nVo_FQl^4|jFIa42F5~CJT#`e%
z4I3rpHf$tPlMGZ0Ezf1mNXEmSG^0Cx`#Vq9V~Mg$<gjmV-+z7k=GXV1KVARF#}BGP
z+7x0PaBy+JD6A?Icz-Z+LW+Oi^#wW2MrsTC)0@Biq%G&-Z696i)f_$~{scWUSx&<|
z25m{ZbiU44px<HA6J4|t7LFXo0-HmjUn5Ot(={f6KJiwmiLv_K0O!^QjZ>dmv>SVX
zZi0R4uXd*eBS=fcQQ>wS(g~8Wur3u7z3y6h!3wNkE7*4VIe%WtcfDViD#I$x+Es7i
zjvGi)o)yW|>4=q*LL*GjJU}Novsc7k$#dyZ`BlK8G%Q&WRXIzf&sBJJ?g!O?Z)F2I
zV+xtou~cd`LtYMG${_3yHO}Xbr*q-t8hqmz!_8<$iVfe~oD&k}h?4oO1?OXZ&sN|l
zY{hqZ?km3WZ+~KarQH^cDd2AuYhQ^uQ(YP@%>)4c^u44HRCHg(hh+i22(iDXF!qr`
zBlh<^NFX_LQ3PRJrXGuhFYgX{QnNx-HRBnN%B-wJITVesA%QUk1G;p7Q{!B+ze)7l
z&F$iK@P^pllQDs$q-%SV^lE*+3=TfMV-W|ZuyOSYXn!Ta%wv6nJeW2*Ca6n)f!_9D
z3>65h`Vld24=7kYuHE$G%($2;2OY!yg1WvK`y1B06s8aPpU|xbfJ9Iy2rS2h`b^=K
zBZWq&&pdb=IdklVag>(Oy*CvsDw70S_;Hr{wO9M4@RQ2jup_qNZ86DccA@%E<6NRX
zBpA!7K7W((ZKR}2eMn54V$hcM8_d4kh6gt~NG>U4C||s}{Y320DZFc>(1;y65A;RO
z9EuQ1Pa;-kX$S^BV!V*sG^mo&kL%bEayNriY=gdHlJ)Dt9ZHRJ$qps)Sk4_f8UIB}
zx^^gu^MS-`7u;Op+j}y^O91;?UW@B1XqvFp%zx%+p1T0S6_k11L$6A(zD3h~>)^-d
zT2lVvSPC5xn2tD#=OK>Bnd30eL?Zo@3i_2rmGD^}7CuYLz^~Gr=SAYKV2EwRQA{Bu
zF5S)4IG5~ZvSX;GkX99fiyO)>r{stCH6;o0PuJci;Zlg`fq>q2Z@L#C?f(HKP#+Ln
z$$uO6YVpF5q+yx!)nfOf!CXSu+d~0(ui%Hi4Cr7;XbwPb|0&=dQfPz*%meR`GbdgY
zWjW7S9R-!VkY<AAS?RHqr(qEUJmPWc)&Lv46O+_W7is`C&LtW^_O%?T0h6h`NJ-c3
zCp(8?AHA(m4DsUsk#DdkoX6TXWa?Nf+kbX%+~z*u-#)F&hi$W7{+;3>`Nc7}b1zTF
zwZ!vqE#%B1<yloloQ0l{zDZh!tO)Xy`M$iBCP68L@SJ-&v2iU4$@g^GUM9!6U@wzn
zjNHql{NP?DB^`U2ltC{An=uKd{?nIN>VgX5f=3SN+M=Y;@D@$xp*6^v)4YiDtbY=$
zF5?_pr9%9#tXSX|UYdDfQV-NjBsN+jA^DCj+@jPtmuykGogu{kZktCgPue?0FGx^F
zkz)*RQ|Ii&HYM>JRb?3NZ_UCDFJimnkD95wuNl%?7b6>(F?4L?DgF3Jp%EK-9!P+k
zIVqx|u0p8&4S|^;Em<c2mx(e-{C^<h5V3G?WE&)qkV)?gH!?NOB^#OUb2ok?Q)3Ko
zWasR}My6ySs;%7xx!_%^DK?3nIfYq=6dJKJ=Vf`xnN6IGg|#m|+E`>P4@ATQft)*K
zoE7dnU1Dc>6GyuAv1xB#kKLKnIG5~9YK+&weg4I8pA%b>&cqIF$)Q(3?0-r!J^kxV
z7xFE!!u1IP4#cjUlK3NqM(oOYi9d4YC=_u}W06E95B?yN_7V!5syOgfeG_-rHYIlA
zFCmFkF5H#RkoY6V0MOe3%_*@lCuaZ$-vY5QDX|Zbn#Z2Xx{){>JpT*v)hZXR&UwX)
zq*`_v7*SJ~&3-G*?NWmXwST+NKwtqlRf*kwIS&XaGGcGfOZt&BS0c=L=?RvW(59;@
zbC$<R%+kOMOkuuzZ`(<~grwoPaBn|D(vKWt?B1T7{u_J?#NH+++^_riu#P6Q2If-n
z9S3@g#fyKt-~H8Jyo8|Gmu+)yAN}H(#A%bKXWNo_**0=!Ad8527=KAi93&d(S|uKf
z{g8)Al;>VDa2d0+ZHa?X;i7%}4B0kvjIsNc?zS|vZ^=9#)Wi&IUP`tz%&NiMS4F+>
z$9B1+*!9SvK3cJc#Sa`|QSwcPMp|Ja9Mai<^n#Q(ufFs3&H{*IRs{e~ebb4}UNPQa
zQpIRf$A#4uxT)q4Fn`AVswvK8E`M<?-KAaAGlj{#Od&aQ!K)D4qajB`lvaXeRmK_T
zMHr`0p2i1G1v^uikS&KU)UId96p~|%)vn1oLsD{#c9DD$eJhi0|KbJ(M~6@^l3`=R
z*Loc$f!J+(D*<ByCK#=LJXJ|TGp2N5B85h1#=NW}IdkU6VSkn7HOuk}G@}SvUWkAd
zJ`d75Epn0jZq2Z>j)|io(M6i^3|U8VjIo+AIqNw176_#v#U7eQIz-r}xW(gVg`Gwi
z_B2=c|5m<Byuv;<m7o|MN6qjZ*hTj3!JwGNY!~gme1Q6ix8LPk-}4oyx&9E``Q>W<
zyfXDzSBuwB3x6P2cemp!fgC5Qo?zRYrI7k%;433kYI+(onU}^SXU=PR)MQb{f>=nE
z@*@wp(*qWyaV8QW;C|v(DLajsIEwi%QmJQ1W0GTxRjJ8o%)z%ns1%+3RISbQ)z~nn
z*YXJf3rMIBnVXbO6*yLl!m#<2J)4iF`ZM=+fb`3`T7N@!tPd#pJ?etP)?C=x@v6*F
z{CKeI#VzrdtCLyu%2b{9qggm`Flx53s{`P{m2C%12Zqkiy!&t?ALQ3&@gP<kyDMUc
z?1YdxR3urQ$(JocCLnO3V;g6dse=_9z8WZ9>E6N3m-h<UDUWKTS3G?gub;Y#OgWbn
zxI!mdk$<ypw@+AAA*JL1+w))9cDY(nrP}l^aGm_qGt|kv3^h43k5Um;zF<WGjhw<d
zXGNW*EXjrMg+Y-9wfn}I+8OGU>;QC`nIgxzz)X>2yyoS%{YD;0P~dk@7%5VE&`1r;
zYgJsjtrj_swpus)T?1UE<w6Zioc81}$GXPNcz+m8go|d25NSCw+%tPeocC&j=;-f!
z1?msf=-rZxAU1;JP@iDf(zsOVvTM0w*BJuy`T>6GC=}Fm-@UY&s}=syo(F0;ktjk@
zPp_U7s_LkZ9HGzTYjWu`DKxCl>5O##hhcG7)g}J!mGlq+yY>oN+{n3@e8tO>>6g^9
zrGHLyGH5H(zB+GJ$mb8EJTLRoXMPw~EDGwB@u=__kBiDn>e}bI+xbatP(e!54qRqc
zo&i)qjxo-vOokH-%sXgIC~*y2U&#M1n`+RQP{aHRXDnPgkTDUoRue8M1yz57c$73Q
z3-PD?iqKKffL>^(s*Y*++?5f6q0n|ni+{txRHzjiqth|9qE*7ajoJhhPYQ!(oT2}{
zhjb)f?J*UiIURO_KORqwE<#7&#=E81b8ZD(b-;<~B5e9elo>RnR{iJH+Oc?KT`8=F
zoNv8*&;rXf3LH<S%c+|+K>GJv%5+TuaF9YHOxFwm$A@9@VbitYyNC9b@{4;zC4ave
zrkMIEYemh-6H$a=oiNXf<yEc91C|F_!qOy;lQgIjKX6AsQX4svl3k`Qv{ui693jUT
zXRRh<Mh4~`v{v*h1n(T;68Zs9r;*>CE!PaYFK8>!lgo524q?-VCrhP?d9u_Qj6moe
z{ZhLkr#Cw7<Fv|7bvoYpFZWxdOMfs965O=*kBTnx2~5V8Qvv=LUw>;~qTfV1RahT%
z<W(Ky1g;I|EIjC`+a}j3kU`c&Lrn>G7feNKPF<78m+Q1m(;+<R3<%GMVe#>9mBK(X
zMHa|7Yzek)<X;$k&ulB-G-al!r>~+g_n`+L^x|SsUPz}ckxo@w7FiI*QGeo#0W)R8
zh*FY5;pWSrX(EXx^abE7uKSHk@Xg&FVT6WZN`wt^JRo6q-254DfLdUSXFj|mL#P7n
zD&Ig;cId%kYz_u4ls@tuhD2Hv;_~d@FjWr%EbZ8$z0p$AbjX49IMPvIyM`S!_QJtT
zD_ors)L?t`OZIEEvZr<@9)FP<nlJWi)eiGyHq#gg>an`Ux~+7HkpBTGTzKc?EZ6Ji
zJN|gR_@6q8ay}RN*d0lI7IUd<WQs;w>$PSB?Yux-4O7i5tmRV{WeWU?6dGYsX27pL
z42!!ginRPopfNkSt0{9*;(lZ;->_~kzWN`nH14JN?}r5E=TzjA<A1e8N#IpwmNJn?
z($th9V_6g=tPVvY;wmkw%+1G{+Sss^Y;`rl)Q}y*hD;4P>Fv!s!qg07&j?fFctFC`
zxEr5!L0}V6k!k`js}gbpJn4oo>%|9oZ2yVMq^mBj@l&_mrxyKNTD;rxM}eIol!0kB
zV$IZUkuF5}Al)YQkblyuG%ICmK+V;hP?gs1kkwXkWa*GG%x6)wkXk#1O@b5}p|vxB
zWgmvcjn>}FvwUBmvf>x_3Y3w%cIGF?V@bt|MV?nI38IQcycR6?tDFfx<y9GHUOE&t
zu~BO&*}`dr)={#f8x;^rNsg<$VomS>{yU+fli_Qmq-t()^MB<^-zf-%rNm7Dg`ZqQ
zbnAsKMzF!=E~sG^AZLeezG_j09cUqDi6hio>?ns0gaE8Oj`H=_&wr(+>YHSCWcMm)
z3eBBVE4oUo1ez1Pj0m}Zp$n958}a(%-D1U`;5S=y&rq*Mj)xa*0)X+0;{`c2d^!X#
zod>}qXRiFTPJik!XFLS1$&3dq5B-|Of>)s^L>ThSt%NoNFD08WjZi{LcCHdq<96~}
zTK?7{Kdgf!6mOgkQsTctc&|?f*nBQes7n}f`>y)W8LpTo)T&OY4!f;^(kerQ7xC4q
zbE+}rxZ`Uf@5_+9tl@=0V@mbzsPk_MgpL#%(2h?I(SI^3GU5BF+|*vdqN=DE7qQ3E
zqKs=UcYf}>TO*`41}-I0S0lDJB|CR}J5Xh#w)bQ#9Q`&-#t*kRZuTx2`0pQx%}xzw
zu3udNHdFwr_Uc_nXx-&?!?A;s#<pE8iv7;yz<*Nhm`+3?sgB{ZBj9Lr+=>J^4EnoZ
zznCs%xPO+~aeg5O1Wmf-veYn~vB3ig=DouEEdFw96_^($t-t12u8W6OE$_g4=!3di
z$~&oir(OB6;uie8Ug%r<FE^iV7I&!2cHKI5o0V!TJ-K4JRx`;9?cH)Gy6q+x1jXwx
z(zYp@ve{@Tgj)0NVY#i?hHvF|g)7_-2%?$hh<|wZx6luG%2KxC^43YD$cS@v2Bh%A
zu=uF^tqSOib&G)jt^TZsVz7?dkr_M7j1p5(H0q5MN$f{KSh6gR0~Q5U!FU|SEG~fv
z(UZSS2MnMMbxg@7M<Wa%B|FyuQsa&_fRiDQq@+3D2~$Th!#s$!)^=U}Y)7*HSJ!8v
ze1BL9X$np#SX4R>J2`Y*)TW!FF-^yssan(P#uf&8pns`s)!$Y96=WW8Mm6FR8Z&he
z1w#;5p;cOoo}_dQE#OKtv}(gEYk0{r6g_NDao=&o!^-eR0q6*DdngMtg(`*=8ewB*
zU@Siji(eE&>rDxKdCcA}Oj>IUr<qu3tA8SG7Y5a+_r!VNWmU;pnng8>k}_er=SQq8
zb3ZR*X^KjB!DVVALQ}F=(+JB$$<DPrBxTG<%QG1nN=m-{6RF$3Hv65>t`|CCzkfML
zi}%j;Ugc#$-Yx6_586K<Y`R%9WO-_pWm3gC%ST{*N7%D`eDJrPv^}ei--~gP0Ds}s
zHrVM+dRKgfq?0?{J4#u^!zb(Po9>eXOO?;~4_qN(S}yNLMT(3tEHhA%ABM$UhDBKh
zp}vGId<n0lH_O_fW#2bz##^R5VKgfC$K>l@ewRnaMqq}BFe21DDY%!Go|iJe&ON9Q
z%o*p>oFtwfMoE!*VH`M(NM_?TGk>yi)UXjDWoH@@a@>(dgp?mNBBW$*HdG%is)d$g
zYI8mMCY~1G5gDc1HRwA_DYnqz7Cs~W2&sizu>*%<t9w(aiY0S_YMTzrT*;3<ZFU+2
zr2~0i9et>OajcVMN+czQbu^ntTtv=X1x4ujdCUqQST%T7GoGXY3$h|8B7Z;0dFm#1
z&TNcfMs{5qp$Q~5Z>A<t<BrvY$!J4T^7l_-*B_&V7SLEju{}9(P7fFpXV8tzwbw2F
z<lwno;gy=W#lv;HzvbV)J{}4k@m71{V1Jccju^s|Wwi3{|5NK4j?%6vcsx>Qgo4c@
zR3c~g;@bB;sarwpNq^PDu76A1XGM}mTwaz%Rk*32GaD9{k*$(OC>RMRo2g*bxMLM;
zGC+=$?2j6{)5<%C{QJ6NK35K$RM?x%X7LXDi<&53my<e5Dqkt6t;VBX8E^>{%AOg`
zz<15D^F{NU?v~K>41W2e8E_ZL=b%rb>EN(z9yn}B{Gw}UiM5snZ-1{4K^oT~tqb2s
zzY*Rsd)SoBiVL)_0*!dBpO`%Q5fsQuC{f-n&yjI`a=fuB3}e5jQ<eaudz4g=Z%!*#
z)ulXA!y+jncfL8Z0cF_?Kp81JSHY=q$13<_iYiia;Or!UO6vC4g@Wvm_)e4$>t@y5
zKUo~`roT|nw<-?HX@4-${L2l-<|*x@RzqLr=m!{9&v{6zA@PY(qLYC0^F)cr_ml<+
zm&zwt9DA8`YrTZ!RUENAtRs2odXZPUQJ$F%y~<`luSnUsN=c17Rw*abbCHsx+*(Q)
zDmdP}mv=6c>@n``vG@4`rg^D#6f$s7Xd<;3TZ+O1ulS~~Qh&iAHK<blOS_{m1fi^#
zGk1|9Bb0R>z-mbRg0zu3G;4sXJ|aS;l?P)hkHo?NCHb~|kZ-Sq6k%84cA>gbZz_os
zzs{nRg;f!=sIGzA(eqf$tFR1<C`|Z(lWb$QvKg2yQg*JoQsa(Q*U6AAQWALkdq>&9
zLrRVS+1`WXu77H-X`(a`b3IAMsIo1siq}WtC5CBRT?3Cw+#S*D`vqWiw|v#@z6Ero
zgLn7)$1V)pjf`n8@Zy*2@69*(117S5TCKWF61;L#qz1AI3HpVX0<h-WZun+x550I%
z+c#-gAf}?AOTqgum?D3DtMcw;BQ;LC4%aY`#(YYZet$`M3NBhY!uU+Yetl4){}q$Y
z<Rf`OoQW#*SS_M}MPXF4EG=>tXLSyN+)Q}xq;qD2%CZ@tGE#P~m2mRA@j+4$QhwM<
z41vlB(?FBs=}Zb1IUSWwslpEp?%?+vK+y|G$E<_`Wn!&7&{SYO2bRTlSWN13XfBoq
zCZ}iF0e^f;yV&pK68^5bV!|4v7x0JR-?6K>s+zca6=9glKI~e2{>9B}NG{9I-Q2yo
zTl~KZ`M)N=q@gQKWAXZc$RDDBZ(iz1`9K0yoZmU2^wU}4vKg#!ABM&M;Ys9xnevTO
znbS*#t^m*;%*mLSIWN>p&qB{D3u%_pBq><rWq%PX{2*aoRb@5&E9V1u4I2!Y%>V<E
zvUAOnlNfJ=S(*$6BqayT5+(Ld1K5ndchEd5_uFkt1g&;t935+p_6k(Jy)GHKS{!xk
zcxOKSMtvH_>grL<P&fiQ9aks5M{|gUQ^rLB^WJ~H0~Xhv%1AHn_Dfy5_Pd;CCvDGr
zseiwBC13SL`rV9#4Z0jGM~aNFLG!?JL*i3y5J%$x*GxPU7+*hC#f29fvLRU#c|q;_
ztSse)DhkSw@t{svnE*^a<3*ghQ7f5^m&<10<w)7NHo{2}IKoCu#><hChZh`oCV<4;
zDf~twS_m~5bvkelz?=B-uq+=OFc7$)w0{qVU&ka55OoVCNG0bEt4FSME7r$HsFk-S
zTu6TckSxgTVc)k7>R~!K8y2^4T^et-MC%xRcD($CXkvBCQFuVp3YLBxKphj-<Z|jk
zQe=cRnFos-6932Ff(Q$P6aQ;?^RK}>`G04om%sf_&i->F|7#W^|A|YH|DCoNn13vM
zrxx_D;q5r1M?&>#E|Nl&EJ#wHMLCztDU+P}kym7*%&IUL$c)%fy=(?lkCdHj^qeG)
zBaGf;s2(Xf*5Fa{zZxT?SjvDLXv^0vM_=RBR#Xji8(q{Yci9t$bwnZBMgoD*swuy9
zc19Yw)9k0=`B16Q?jt4#s(!t+ZGW$TPQB-?D6IAsmK+@{673#r665z%X6tg$9Vs%x
zY|R7R4T;aFi0_UO>#}8jH*}*SECk7$SSEfX@|Y!QlCr3P&VCt>Sf0mW9EKH73U@>&
zw{dv+3>+RQJJUjt<Bqftr2L?TASK;bCsNE5DfOTTbZB%D6X?IW0)bNYL4Oi(VK&mK
zfM^YR5gSngMsIO)fnT(xSOa4+RNyO|Fv2TNZeBJ!p&=4EsS7%u_t3jChR1kz<$eoZ
zksQ$Yc&E!d^!ik3KUO*sl}YXu06|%UtYpW}N7yIlRyuE=NReUtl+UA991{O0Ued^y
z;@4@I`f1KGk=85{K4(1iN`EF|o=EQ{^zy*n*&w&EkogQOBq=-B8d2kpwMLV%kfdbq
zuY8aP$ZNg=!mV?p(eE6Cd~Dj?88b1;HoO2+_41s8>RRRn?{d)Zzd(D)t)ljUg5?v{
zU1+-k53?{&V*n-cidC&tridDGwbIe#5>DXj#pgA!K(@>KHC)BkrGM%J->L!zMQVtA
zM1`4ZW96+(c1ss${-H<?P(co=N7ZG~6tO~al&;)_-yaVD;?8{R@Con!_8XPea&9`p
zZcWE==JR+Jhs6JDRY{TWiKkf+R-w;AKlNA?)d4HwDrHIR^B}LIvaH?IL%EGQ&1axa
zN!hukj2d^WDVvNsC4VI^GG!#CpGEvG??rNJU>sW7390ppwX8A;=?}JQ63XX#O@#7I
z$A;$fu%ScZ7bzbo6;m%q{+g|uHA8tOKUquvbCSMMug2$b<foC(;w%hVR2LEBA}m=@
z)oB#^NnC~l7a1D_n$G}%lCpF4&4pqdqi>Tzprqu$MTYLGT7PS51`XO)w~SMNUvAW`
zd^OuWdi)B$AtmG<0gco;s2M%6kO<MpSMoFRbw0wi;Kzf|sbMn}1|vFx!^7K;KnNQ^
zVC-K*IWl#!UXCm!MMfz1JY?yR_+`LvgWF-+kz$WfzrGd+-{6JHO}&~jO3N~;Lst7<
z%%V7ep4hQqd4CalX%S{|G5{vcZ7^v*158TF&Q)$_uh$XEJsC_&N{&XSkt66Ljvsuz
z!~QJ5Qv@1&sMgqb#iAg$(Ie*mVBZ!r2F)}=fMSnR!hx#;#)0;wO`)LLLv`ty6S{>(
zv(bd8zkh76PE5q{uaHOKWp{b#mrB`;%K@&W$OxM;uYWZyIddjm+9WSS=A}Zaq$qt>
z)HQ?<MUWQKxvj;(d20hk^BI6qQg*INI$P9^P|3-FQBo3A61DN`>zg-PJ6(!NLSCE2
zTJD_3<)0lFhrDa{nMq`LKA_|{R)Xur--OsKj&*T?8q?KgDE+at6VjGy*yVQ7{8*nV
z7ojtk<9{+qkr6sGgOl&Wu=qd!oTXk(SqLvK3c&&|ujHjQ_oV+Gr7TUeD2OWGPf|B&
zU~c0(^BMR~Qg*IV&%}3<^216!4c|$M{m+g7O*^*d9on`-WuA3;k!okZMy_lVi`s0P
zKbMd2SHx8#0WXmIZ^#pE3M(KfG(tb;K`4jBhkxlZTE2PJg^gZy?~8Tsi*<<<LIbIX
zuY<tzJ<ns67s+GQ;|b$w&RLa~Rq6RfRAq@<18pc{J_E`~%FflmnNUVjepmx3N!!yU
zw2%_*Y8(uI{i(BP!n>xO&U*h?0K5=z(?Fn6HNZlx5>)$5g*YPfE7MZ&h&y0e+m~l#
zynk2dp&yMoVv$1YXffm0@?!U}6+*@2#Txl@kCrC=`4wz>98O^04j5+BU>_0S4SRTM
zfyEbj78Qx0f{DvlVk*gW_ekUi*)%_d?!>m;D+e5luX$B1HJ!IMU{cH0&_M*ryQP|~
zOQHG?nPyGYQ!TMqvbq}d{E?-6bNA9-?0<mk5n={Fghr+SFUM(;A|njlJe=l`_&?tf
zp<Yd%q>)HV@I3N_MSkY9EDt>9<#iMVc^rj9uml^ena@CLlCpEn;7qh8DL-rmhu96>
zcM2!T;UQ-O?MN(?Lvj**>p2{*6#E~Tp-B;d!vMfbtD@Y#){rZt)c<l|B`GpO{eS26
zbS7u!Lf+R4pd3np5hciKmKD;;h|0J~MHr<Scav}BHY_lo0ShE$=W5qXSRg4stX;#f
zz?(N;3EiS(f76L(a=T*E8Ox{M-(D|%RytNSh}zqLqAA|3GrXf6;!hKt5c~deWF9Fp
zV&Bhe5=_n<S3%9=q-1fz;d+}zEDy_S!O|cNqcX~p!oBZf&zBzB10a7lt5x#@OL<Jh
z2>|%IVbn=9%HUA0PP0au;uc0i{;l%{-~B?*ZhTr~aO0!sbboJ9{GSK;qF+i;^04qd
z!MwVb7hWz(#!FxNd}UNrKKDyMtlc{4+d4TN@<q$e)ya8~FIs+BCrSFdk*OVegdyyv
zf@LD(H6T#&b-f0f9@~HW`f$G5|F0do6h8W>V46#*z2BD=Ah!DQzhC5?5q&+wB5BZ|
z@<fy}HBb#fn+wEjQQQTsnt&sN5EvSHgQl#(1WG(wXoNkO1*IAk|7Y3*YE7bwk|GaN
zmiwV#k>_VDFOz^}VIK0r3sVt?ZhH{e_Fy`0ik6*g59Z;fX!(C(dq7E!uhXN)P~F;8
zZ^S;$a|YCbYDV1u8ugcx^eV=8R6@zR$#sUL1y(Tl3Lf}(``5Zg<q(BQsP=>oue8tz
z)t&*=`sA3oPU1wQQOvxuE?5*xCCWT6V_qz;c|7pTJRH!U(AJ;nI4D|nuKvu!LDBNV
z`ZEa!<q$h;lBj<>6RMWURkv$R(?ms!q3JJPnN#)c*E=P+h9j+6yKoH#m27%0$WMP2
z)#4Yv10O(aH``@vPURP0e|h_X02I?t<W!c)z$X-)a}NGvDD|G@93=Vk>LiOqQL;R)
zIE#W<up$g{CekdZ3Q>8nH{cgXwjNK1Jkhdq^_W}}dH#RgI;4iRm+VzK^5i3D-mfuO
zX*EVPUDo73O(msjC|oV>?rwFi=RCKqJOY1PL9=xE8o!wpT`z8S3%NaYf4I+gSo38a
zh0Q5-t<A1(TFVpy3fE6Mt7FeOXg+uM;f7NAi&0Co$Owg>MawrRKBG2M`xF;yIrS#I
zG|&Aytyq5&=NXHt++%qZ`tsbCK5yd1Rmh!H0<jm{T0R{`Ma$0Ba&k>hEuV^=q9w;_
zIVBHx3$1S^-h?M|*M}TC#c4g<J#7SHs=9u3Q0xOqP~9K_inE_!kn4ri2K{&V8#E*S
z-mLb}>=EIL1@=gSfz6*$^$&d7_6mT`fbCFu5X^rVE06i`bB4rA)iHn%@CR@%FK)_G
ztaOJ}Wt-q{#+tOo2*Eo*c0j}5XSaUB_}mgGZxo?D{!%U-t)O`i%N8>^ay4>|JxM6m
zd>sg=EHx$=DT{P5CX5ytVUcEG!Un}J#hg6I(}aD0R6TI^kF0Gg_T9hCC{ZsX4a<s)
zvSfd0l}0Ses*G_j@>rHdej=n#l4s726tS1sMrk?<jFz2il*lzXjnY)?7cDu~C=HVQ
z*_VY=$Nwby4fe@4PbP1BK&apCw(G@RV_m1a09pr6>A5Gs!~wL_;-E0dw4)}J$~)Pf
zyQbJCOB#VEjZCHNz{T`^w8#iMFbjJ&DE@yBXZN-kB~Hou28kr-Hy8W47iCGxc<Koj
z)!bu6RM#vNNstFwlvM6EHnEr5Mq@f~jh3BjGzQw@5=LVxT#c3-Yc%Kv!UpH9d$H*_
z#Ibt6K(afF9_H%IeZ~ClPEk?7rR62+ELed;9NGxDC3T(Q?i%nQFk;s(ALWOX)oFjl
zZojbze|346YEW&ey{~%D12WgZXn{|1^bFu`H2APck7JmL2|IEzw2KxQVMk^_yFNK)
z_IVjpQsG#c7b)=EC9L3n#)7c$x!`G*<OA`)%+|x{$SGR(4R8f~-t6R;{&%$TguYSo
z|HdCTe_a>tx%TR}1M?E9<`Qv5_DFvyl_ITF&?VjA>2AljJ0?{Yb5klDAkVs%Dioqe
zcShMJ!;MgM&X%NR&V#t}>#Ss+UxzH>@{q`*OkSvYQG494d6hU>$YL+Ix8!uV5iL7*
zOH%SfThcWzu_Y;yt_G;<#!d|K&N0Y)WnO{e0^C5mH?g_&>EV0wF1YP>*4}?`P~6?!
z_GuQrKIqsYZ<OT@n~}FWV83h2WwY;@!&-UERkRpg8g~OBE_5KxjTmb6FaT~(2t|SB
z=U;AbkIt_jOL@w0g-FJp<sWVge8fs3Ly}jMM}yOA0(SVcD}*AyfAtyghX8)w?04uX
z$Um6I%U2!G^cq`{cA-D9{=R?QHf!C7N)08Cqopd2vR@LV_SBa~^^&3`M(F%3s1-eP
z>Q|-bl@*J^9NLpZ1~-p#7C>)uk(6FIkcRSYsFgnhYDLP9)Ok{VK<AzFp4WL&<Px1H
z2f2|KHnkraXyidR-oq=`3x%23Z#PXVURvl1RXK~JFgu2P_qX5rtK)x>K46gSsP(tf
zzE16zJ8;zGZARW0b**r30$R9w{{B&g)OxLZ%al@GbyrTDs1L8b=puB#m;!{`rM&9M
zH~91tOo)6U5Hq21V?In{b!jrNDhdlL{734LCSNzHt)#@Tw)(SrkkT{fS(?^i9I_zJ
zeHMwVU|E>?OvpQ3Sc`wk_k8yW?b{$Me+CGPlzorg;`EIT!j<j08|s@8BM|CJE?SiP
zEqO_!#r6d>?=gieJ<v)O?-II8jrLZ4r&~zYpzz|csl*C3PPvg5vK}<#U}kwc!l0l*
z-oyJdzdMiirI$h9gh-JQn|dC|X-ND6`rtmEVqOq?ynozDOQV0b!1;D5^t0C$_p3ts
zyj7XUEUKc6aVToZ<>AP^Iw|ACo!#+mER#P2%S6hKSF52B2(=;??N%$tvpNBbq@dBD
zFN(vBW4d<3@70M1swDrvJS8wnioT+GGuUn(;l-<FUmcX1$b$<0VE3Yb@g6fQ$QZ@>
z-Am&_YH8iazBzwS7DX@Lb>$<4M(Exwx~M_%NqJWD;`<h7eauqjU{4Cr_PYnhaq}X}
z_O@9Ono7N?NS=Fsl*UYixd7CZ2ji8j%F{edlA^2zDg%5QHRaDhO_8$WHFanNLQ}~_
zyEWDEtZq#umual9yz6~7Dt0Gz>5v*mb>e`wKx@8w+AV*}cJT&OO!W%Fe=fdAXAYdy
zt3?<4EuJ)+qx#&x%YC%lg0N{w@+NwtZh`7nd2_38$9Fd$KTtm46gU(qG(u}<z@a`l
zW=>;|7d|hT7Xtl59#<@n<at$Qd61Wd@1@nid1Ygc{27=dQg*x+42?i&0l8?m7C4^O
ztp(&V&uM=_*Di~}WvW{I5Cx$W@0QJW+3jg)gZ1-o?_u)~Z)R#m&dod>>f_IY`V5Ib
z(-D-(BS>sZdBig)I=_eN1k;uiQxB{%m&-#?AfbZP`wD}Yi#Uko7aT_5GA4}2B4B|Z
z@=~Nl;Rgc;kqrp)X8?jo+3_kkGy<W5<f7dw=y-otw+fQW{HLiPwIZhqPVPgAqW>3k
zD7jFFYIuQ!{!kB_iz1FHUa>SwAd=yiEKftu>aZw0FRaVl%@i2>Hg?6Ifn6bG$Lr6~
z2!#HSi+1ae<5}JMGr&;Pw{x@g=tvjrR*>*1<o1TfYik6u>P!KlE)(d7XrU1&);tKv
zkobRp(G!biEXtEK5jFFqZb8{*#ds0;^4N-FFDkt<3!IJBV&4XS_%nbXr0jT&8ybPo
zIC9Z$jdMI}7c9K_+wX+hIXf&$6*AnJplR5BOrAi6eCsWATg8`fWvk|=H;Y$`zlm)j
z<bHc~_vO>upFb~NwD<{>->8O%^341BPL6;3ez6w!&2FhtS^{WvmhI!qMYR{8<jY;V
z5IVnjm|nmp%r<wASutL_{^L6K@<q8?!m4yQADXM#4I(kE2e(3azrezM5B+2{?}zFH
zw`?)<s7XUi0uY7dOhXohdbduCG7${&L5cofFbVltlW@)$s20Br?#b+IV(gRSd4qq@
z&wS1!=BLmlI>{rJLqmBk(kiVYpyN*67Qu#~_%k3Vr0jT$Ff;;T5y(ZmErR1&M_2?(
z`v12G^DV*@EDk9&!pE40#UW=-%B(1hI$}uk86{p0{k}XFiagaUpH6<k*tfAb{tPS*
zDLY;_hejZDlU%f0HyzLF_K(SB9{7L7oiqITW-m9r(be89295$?KRM`140-H*yK5c~
zFQM>Rd~-)*e7=P)eda)*_Byp-=U$(VLGkBdP{^5qtv0Tbn(;i5o@t(Nx!1Fp`B@!h
zNcodF*=*y$#-Ic<Fes$#=)FET!uh>UFWR}+UC-*=>+~|u-2nleaefPu<G6peASpDw
z1%r9O3UX$iMrj$w9?Pnz1VZJK<sq+Gn1@wS@-!`@fh}kQD}ouo3Q~6b7MupGpcn1l
zf{tf(Z$V11tCi^zI}n>NPcMC$@Ay|^cnu=(p=o!j;m_CicW;$z@@Tfh_7M&4l{Beh
z@m~AXCWCyZLFfnBB*NyBt9E~G`01dFU<T;olVj#GEx3q_npM2cS(GL|%gZ=nbsl87
zpXHvs7q~aP4S5J=Kpsfh@f&^`<bhtad&5tKJdlF0QxClYEJE%40^Jj1dH=BMdUPoM
z?{g3dsP=4kP&L{<fDxxQ@)QIEDKugu&*M=cXBLr=PC}5dQpAz8+(m!FiXtgkQFA{o
zs;o{2c!&ZU5fIEk1dy`hH}W(@0KI7UMxKfYpqGhs*FSBA6)t}L>zBS#2~0Ks1k5E)
zZ*|i?5<cI(Eby-3pBlnrjP#55H+L_s3uSi?#tFechxn*iTj+v;Ar+*cJ8XKFeD?q-
zT2<?$9r4Al4@=}BQwM(tbjbwjeq8v?ofO;w=9MD>=+l`)3ue;zCHb+#<-l8zn%njS
z+Hmx>ssKPUChj2wfPKVqsFMjOWuF3kAcaOK`#j(SIdh!nf$srEFV8#{)g^?lrN+lW
z#A6;OUYWXM*ntgv2xb5uNZIkqJ`MOlFWRl_Q-KfkGSA%<q_%$(J8%kGffO3C1822U
zqG#r*mzPNrLAy}FB40!-7h%Mbw8}j{;aO4-_)T`+KbVpCCuPU)z-f7ZdeQD3I5qE2
zFZ0ZCbGOF_e#aq3ZU-LKN5Gc$wpADZRm!ZQ4TXNb@`KllKNRJ~p|!sPdkoGPud2mb
z{8)%bAk!0y-u8do{2j56nhP2&te#903e{d|ufw{{evRZ}{S^eOUYa$CSj8Pm_C)HV
z$u=y)B!-h#bw@r0<aHD$XKMdpQlRqv0c<0z;N>?He-)2>x#~JFpM6^D@R@>=AcaP#
z{tO0?PmY;AzxMqity!2=z{VcKl_^bFREg5hc~OO8AVz;+Ll%M=kOflqV_#)}+~Nw=
zV%HfEmVjK$fb6Y9_OoJcJ}>xo?4*W^9k%C}M(*Ns=H;DZG@$|I;!pWL!3LbXqzw$a
zv~}41(7(980oR_M4rK`DK^ca`FUwnY6ojmm=1j0=d(YRpHt$u$`cfB$r7X-YbUFAi
zp@7tD0@{D~%nN{Z3#y;|D21~(XCe;ep<I>#0(UE*jbI37AQ(v5$qGm=W`qJ#vV#gZ
zYEnm8Jvo4hu*oA1q84!C$(I5BxDQSu<a6$LF!7>g&5Sp(@6EF6S_{bwkbJ2-L%eC#
zR6)9MB{lr4^YM#grF5kfDKbJ^XSD+w6d&fG!Ww@T#w*nzmDOAMet|INmGm8|r&lYE
zBtr}+dtWJ(J(CUrf7O*!Ni984TY_bVd`G4hg8@{XMTO59_oS*;d0fR&nF3PXt*SP(
zAeaFyAY~`3D!G^us!GWYs_LjoU8+h9u=w+F^_O<TOYz_T+eUu<kct0q|KA6w_k|)`
zdw75FebL}A_Uompvxgs%t!lsRYZWc0TeS(o<_-2h&;-RQzh4OHZ{NxBissL&t}OWq
zc{&$_K40A5hZY&3&oh$zABM#zw)Z;F&&zl&$#-F@M;PGSStR0s<pmEB;GV@I0C>Aw
zZ*AB?Favf#%1+i>axo+HmXaORTPHinSlxf626?NvmHzj>*>PZu+#+g61t9qrp)-ei
zXWeiYFT}M}yPXtWS>#W@f0WuQRk`a%dN9IELK`pcIz)?%(8d`sgb%~w!>6kP=k}$?
zxFNT%dUr&B;=u3KA!LTl7%8=+UW%zGVRc&O(*3PH>G}H5&O78hjPqa!yBpdFiEw`g
zLV}c?s+RO(hSidk9a772lR8wA901x|{yXX;;Or2}_Vw-EulN%NUQ8GVJA5{a?@RH+
za%Pn-x0u}4Y&l)(;mu(v3&=R?#aciBhHsyU;0w7>lJ<g>7}m^i9y)`ZxfD^&i=bvv
z7|K(rigU(ep0lv>y)Y17C<-@cVQ7D&GsxwQ+5Y6CP2K*ZcqxeOPst8$e^<Yu(JDZ~
zOlr&TgFD=rMj=-xjKsfx{Hax4uKV7Ss6XA&)BuAGd{mux4^mAENc71or99U}bq!00
zPPe@4ZlqIcJ%6!nlCR*fGvqXVE7~_-ep4C2)Bf8!Pe~C%k#B@P21$_-$~J!w8A8gH
zMa?TeEm$2y9*csaX56nbR!4PI3Xvp!=?-&-HZmlffeayKCo3Ddm=VfG$qp*ps7YOl
zMpI?9sv)G>l@{MGWSIruK@(?;^!G}n-8#%ELwb8{tDC0$#QWIIr+14h>^-><yOP@R
zt`<qej-L)83Fnbu42jPOt2}=$G1{g5KIqUOudq<C0o5F)u^H2^_oAB``MN|R0x$7X
z7A9H3B3?%<PjjEuSsuo`;_|3;M_57|_Y%&)y^yk#)s$S!2sNc-2i24k)YPJ9auUC8
zd0j6{^_b_%@!mOx?LsW3tE*;z+VOkz{*d|&sweK7tqzwTP(mr1D7=5j{blibxmx|&
zTrF;)AKwn&_zO8kN2c-HdbxWEN!C8*^5RQJ{RVV(NLF_%*R*Oj@OSy?U!gb23#f;N
ze_btZEJ7Xl&CA1Ieg3hAPsw5bQ<S?;QZ<O%BE4T6xf4=ogxQ$alxRr&AJ1DwK6@nm
zF!SX-5GuJ?<a5q)KaGD_kmONV*BKOYxov<AhY4rEVMtla2Egw9*vOsO0Q)_m`eYBI
zH@D}SG2c2w28p{}4}4{odbN1X%WwO0<dN?jL;NCE8&h|s=oSz86}u{u9+9BtF{e0n
z;$Gg~hZGs1I`cR`hQue5=<8D!U)MSA{A1p!3xlKN`wAfX0<nLW1Y<9e2pL3Q7=~Z;
zdF)m<8~YQ^!2Xc3m#Q1tOo&#u$sK>_2R3A>oyv7Qst#BXIh=w8X}|Vd=dO+cRWT)h
zmY&*5&Mtp@`#R`U^h$+jdccr%)?p~7-68mG%{T2s1EB0?wRmy!_nQ)a^%8ErJN`}B
z8BZiv)^e?u19pF7Eu&iYbZrLJy1Mn8Mu0jwa1A<$sJzrlN9O@+EjjihI$~2M49gUh
z4k<Lkw9G^4kTZu~z=K*|T0>~A8Sz+NU&AD3We#1cladF)K&;3{>4Y;-I;8BSN;*6a
zp{i4nIj*Pfw3N_FN>pD~cgshCdFRC=-<1!d?eN;?n!SH_P4D_bA8Pwv-du(h8L@e1
zz;Qk~W{!d?Oatl5@sOu1imRFxb)7KZPeYN`L6i%3`Yp5(F5wJ>3n_c)<{ch~*u0bb
zvA7=FI%8Z%3)zvSfiCKJ^U}SJ@I6>3Ll=Xw`={%EuBs+Y{K>(Sxmr{>nCXOm`}Os$
zYA37h_-TLp^XA-;C#}`Zsf8aq>Dg|zw7|IOpG!c%uAWp6_WqepR-w4Y+1>kFGZfWy
zmj23JC&_fQO*jv2GbH{`Y&uK6lrk(+UX&h7eW;j@vV>)MDF5XNKl7_3j>Ca`pbf7H
zXTWPn*-P!j@Hm8>xV(#uQ$#zS?n90qKs#urb8~+szQ5W*2EtUSs+9V=Y5p!WJ2-UU
zfZj^*mKxRNpbHA^*UrW><T~i&-gFR5IFIRqoS8?tU)5#Aav-*k0zZ@&DnDgH)LtIt
zbsi;d7Mjq8oP;wVC#3A9dwF;qVlPjHnYf;M<dH{`U#Q!Zp?JegnqsnmBdK^&r-_ba
zELDF=Hq@UU(!Qwu`~kqA4~;ybu1|iWI5XO={j%u{W-8lSQ}wC@bw7-*0IoZyAmP~8
z)nSeulO1NsKiSB$>&5%sVzb}rB0EJ%ZH{hvd#bQEY$tmqoz;@-1NI3|+pYNCz$H&r
z3_@YW`U#y}l|tNC%iZat`~-!9*j$a!>nVT49;DC+)t*P}LC##HUYz(z#u7h=BJ(g{
zJoY12Rz(q1ahaE~yI3l+VJp!L*a|6op=ys9=e%l@f<vlJ3U)CP=TSw9|JJF}Z<`7f
zMW-=9VM=(J%88VUyhkPIQ;2)~yb7bpvkV!?AnE{o3p&+>9hA_SH3p!SV@ekZ?8JXo
z-0z`@;07*$P-}Hw3FuetPy$kDSP7yT;FS-<;upD*--OsO2vMDcGMRe&)n$$(`C6jN
zNA?|71vQr!PU%hN39nd`MP62m6xes%8fqhJq8Z2<Qua~}9Uh0!(5Yw|*HaH^Cq1Wj
z1TAP7*4OeDT4i=CI;3X(04G+-H^P6eaeDEAf8;M!S)U1|z_0oi7Z%z~D*slj8aO%O
z^xiyOK|c(@>!{pgy%p_)O}j!VFZE!gXG%(p(A;^AX@<lnkvbZT=wq`JRz=i>YD+CC
z)%0*uV~c`CBJminGR{1U9?q?{Hby6!fzcslFI8J|9GBp&LvT=Sojfj`&wPLP?;i-=
zrR4jQRS(ir74@_ijlBJ-Kc2Sn?mD7fVbg7P07Sd{?e1+C5>jd@muS@SB?O6Zaw}T^
z8HJuBV`ynzAIUrYE8`hZsy>BCh7=m1?ekDTL*lb?l8@bH{RiYF$#>@Kt~e})YRE{)
zYjl>EB`dA2IBsiTLxG|hP#}L&_EKv=jx%Hprow+n!DBbud5b1T`MQU=k93mX{<#zD
z*0i$1ZdLF~uh0K&51p#u(B>@^>4~bl9(NaCaLpHbV=eT?TD<uE<4cRkMvmR@OyieZ
zw62h11Zo?hJ%5GGHB14k)xz!}`6yH$9(hadOqU%2FQE@4_Tqwt@7I6Q0<E5U!*lYG
zlv$x(C7sYAMMfBvc^IJ~@re~)%4&%91HAakwl2cFMJC@O*qRGX3H7D|-CBqhP^}qN
zdCZD9Dp_i^7IK>s8&MR^KopU(mzolCoFP*}2@aZ)aj>F6MgwY`^Cg?T*P+H#*K?)+
zCa|S6U!GY@)a0!IpaBH3og7G)f%F3te~VV^V4PNc3KP8+)M2BB<<$e^mP&Q0sd+1v
za@nl32@-&m!Y<Q<J(xluL<)_t2=ky%L*g!rfWOm_LB5q19bOHSb8Y22+wM!ib+i5s
zNT3GEXODI7A{Jw1XH-Qj&tky>t9OxG$88u>0QNu$zcd5JM9N;O<K#F)I!*}=>bR54
zsDIP(Phtl?;2#Kepke^jP@vIo)EynYaP6^o1VMW6g&y6$Q<&b!=BzgUM296((dnbS
zwY*SVFFphGc%?eR%g<EHcC+G7i?yDtADM%iWB2qv2yt+?pbqvaKqFFUgd)!X8hscR
zH;OEE^Z`y@sEvO*KH}q7Iw6SH0-FPaNq-Y6&Fm}v&fz2SwKM(N;m7rIga1)q0MlOp
zv%i2>1!tRAeinu&3@Dv7pk83CyFjoAki$`s<SY;Cnq^iO2)8w`@lw$Yyc8*WsWl+S
z8L|db@lvGV$QV5({^kF$_x{ao<4U^lS7Gf|?Icx3EdD0<)V{YowkMN1NhX_QW`FAL
zTW@WFBxv(Q7PX>e$LG^ubORtESq)0$$-Dc<t=gRv+iHM>(2Yj-(@!h6TRQmvCB1t%
zg_VD9)EObg8Wqylb_>I0xqo0_u_-9ZvvTY0&qK5x{etJ=_HV{kV?jxa*O#<VnmvUS
zi4;0Pv*)3($eB|pseyu;1PW@RI)9TY5%Y>+O^wFfyH&zQVMQ}gSfuQ^DnX7jrV^Ck
zr{P9O=)~#dLSyRTYM><Kjn`C4@6~p0@WyS9E5u;*yZJ?BC!i2(*e!oYk|C=k4zpn`
z@W3wHCu4lI45*>?QF#+rO{R4Kj!=^GnTSY{6I5g#Hfl`V9DaAwYU~O;>woawFXckO
z$%a3$FZiu=c(DDxg;j6lHFvua;u4z4TwXmwnIU_xPqwe(s5*RfEJUJPNU)mc35!bk
zA6{h{i>($CZjH6^P|*xL6e)YI#**WVX)Gl;ikl=QufBXfjDcy$KB2JWBka^!^;vWc
zbP1B0^cnA<*1fSW2;UD;8Gjba)fR}NM-RJK*YY^qK@#hxhx2QHS*~3F{PG|2awQ+4
zY^5GOzt*>7O@DIaF)C3vD@B;8xTUWuuDDfxF~y)mHjT0XQ(6>}LMPaOdF(}F;%C&q
zsd(0tST0$AuN9S5M@y(Z_3n|s;8iJ|->QhD+6Ph1cv41e5sR`CX@6YCfpDw64IPVS
zK*vbgbJd<4XH4y<HA`}cLAFRNPdcE-8z*h=fwk5Y#DTu-6~GPLwPxNvA=QV8bppHT
zhCdz4q8XqiUS2V%BtO5t2ky@jxqj87KyYi*?(Xi}oiaCtsg+%}cTM@?ek?Czf@HX*
zzcrUePseLT^B9oE#DC9<R?BPZiuIpio&NsV;22E^Pg6^iX$nvVDKB|r^&{z-i;(3O
z1*lWuV;fKw&j6H>vS%thJ<f>2lY(QHRZ{R&^fNhthLG?(go6S)vXE}Gu5+(ITT!==
z0sF2e1duyQUTH1%Kts!|0j0x6(&_F8sEltOz;EEIEl^|YfPb|IK7sb?^{u#BN$UsP
z7%mt!{T(>emlPUT-*_I<Y)t$t^_9DI`TTdmaDABK7H7q-x)WQIwT3@UhOm&!6sLIr
zscBa707{)|&bZGDR*Srf<7yF=p}S5mwvlJ?4CEOpd#)-|<GAn2H<KlA9g?R-o=9;x
zYk~KE!~Xa%#D9E;9CAGbnZe|D4WhB_z$T?@X9L4Xi4zoU9z_y4^CBuT5sR4lVOg-K
z2m;3IBw#VmL|K>hA`C~4Asc=b&wyW%vghtyYMk-COG%F2H%ZAC_f2B+jsvjvZg=+n
z#VR<t!MVZu3%-;WK7GrqnvP?!+{TC+2)~KE9!s4N8-IQZJc<-LVb9NlM~#Wk07G`_
z&VA<jL9N6hl^R&ZAqy)A`Gi%*vQ%)Egnp5x6_4eu->ri-=qa87dLm`d)j?{UaUGl{
zdFy`fQ^P&v7`NZc<*vfY9;H@>{G@J{V(+3RzRO$c7OM-SFL$@$^7jZKk`7+;*lc#l
zJS`6u?|<D2#?<%52cVT-R?^4h=w8||B{_~9?g3a6FlW*Sbo!@wlv}Ues4y<zC{*ki
zs$hk*3(LOVR={f@VhQ%ZK@qPeY3TQIr#_BPc-i6~FaKq^{Y%$W|8lqe%cZ;v!2=wB
zJHmoY;Y%WgPOu>Jns<>i^P)(24V_i9pkz^5`+qD8>w<+rUh}&0g^1lPtz#Qo6wkmG
zk+SD%EH%!!#!i#Gb-(x6fk}z>NZ}z1?bSP}wY{!D9T0|4l)3;%`yQW>RO1>BOhtr;
zFrGa%vAWgEuV>ZDW7%H>iy&Ee%)61E0-mz+_|^I}%tt8&^)9p@IUNfW&ub<|&Ri~n
z6o2^oSRE}Q;P1*=5r!2D^C}5q?nimzuD*$FBu+d7i9^bss}a;V;~Ftd^49&{C!b-|
z7zdO)dV5}(ZeC{8y@H#oFCShj_?=WC!{ReUF;t3Ur&~*oqzmaU#%27cqh;cGXqhqb
zbCLzsgZvTP@I&ZZA1ji7P`>4vJ|(q0b$`X{!mnc%3L&IV8Aps~WzH&5WPXr}q8!O5
z#5NWto`HoSWzW^e5on1+AE!y)y5IYh!WvTk7k&Ba^Z15k!7zC7{s2=MLoAF@$!82l
z-UBHga)UMeZUssG;~t}>-+$^74op;b@Z`@@!T<dHTBBzbxE8LFk9@g957z28u74l`
zYBG3GGleNJH>aIqHuC<o9La$#9+3?4mH+&#=k%%_USc~8tpZ0&*J0@n;(HZZVJ-MK
ztV34^cC)>(a;(J$-UzR@V7uT02=#?nVAqgG?i6?rDRhD<n%DDeOx$IP{>Itg)|&M9
zFkPv=de(5>U0VBx2_S>TtTthGsDGsh!!oXPFZPf{^`c@$6)#w_@E3JeiZU28J2u`Z
zo`E+aWzRJ`)5x1{9Fn7H4NCCTXc8s=KP#GaK6;20IY9&Gp@+uA&&xBa)G@>EP~xHK
z@c7^J3*d@xVolJ#)U5ZJ-T}2<RhHLPo>eReh4j{oXu)_M2zh_4iabo>cz=vpFt$NP
z@eGg=DQh6%U)y!NZ0}SHV1prlJg#)tj`4sqv(mRSLSM<(aN-U~u|KbVL0ajzf1cX-
zlN<`%1!Pth{X2k4{`&Rnr%P;!+bN1qo7nR$--;*x>^%l5E@feo<dfO>1^9E{I21Vc
z#R^V;sy77rl+MF*I_M{!2Y>n*6F;v?7OIal*Elm6pu&d1v%1;Hbzd$C1Q59pP{IPe
z$rv;zQ{+)l!osjylBVl*>!ghUif15zNZF}6NsV{&@e84fQ`w_PK}aIX=^VW&NYQud
z>^mq-{i%cTfGNiOVFfIOO$Q+%>ALb200p#r+sBgNd_^;$xVQm2Ab*z-27;xuN9qiz
z1=Ptt8xm1WWY*kbWrXi@X~;4Zs$k%>0%dMjODQgYRxUJu!e7=JQ_v5GhM`id`5>y`
zfgYSX=zPDi3wY$~$;*j+Lztog4sgwU`Y3;FAqcD^;!pSROZ{5FN-W=0za6g7VXRH#
zBATsS-u{SFfQyYlr+)<3N_t+MBFK^l=%Yeq3BXi6uLV;40Q+N80)-C=@h87;rx}}$
zbc*L8oyNpxWV2R1n)EVa=1=e~VR%9T)CglnEl17sDqIvL^NUOxGZ7W6sH>VK#llbX
zFe`H54v;4{x+$4~ZX#tT8Z&Y{(wLDFW5$dW{6jwbm^mYb;eQe^kfVY+sS*IGOqFUY
zzH7RBRgGYGHhtBZwx-q4TLS<~Vr{kGKwqN&`L#+8;aDvYd8^WV@x2rZYTQ@_eO6e}
zWVo7**FLR0c;CNxP;v|NHIIO(8Xo)si1*Oy7GkuC9Jwqmt*7_UsMaU*08(S(|1DZi
zE(Z^?IIGi)`G1SJkhlLhU`5Jv78i>;io!gN!oscfHV`VA0fZuDr)oXf5AC_wG{?UC
z8;8&+o`jTCny+pX*T>o#{NfOP-<Die&fhKD0x0z5Xx>_gjSlD`^02fPLt%$ELYL(U
zX*4#f^ZBObNO`_jB|pd+e?YhAwyKN{Rh`3@?FPC%(|<$gj<AcrI$qGJ!_%=>$vjf7
zG4Y9v8jn(enf~(53k#4-VfwE!=m5f^MdGtO1kOudM^Hcr2|l;}+F-C`1{jQ#ovOcN
zcQ=>*PD7I2x?lam`}oHdp}CaUyRErc=$0DFCDwgG;C>*-?3L~?4u`~A@^_|w=wJTX
zPZobs(SJEY!_IGpM}K4E`ZW*dH70KKOWt8RzDBiztbKPGq@nNo3qnb#_krSa=t{+)
zEftG6T+!1iVo+Uf$n4xoVxzT^8E7q1cB+z)JVh=gnMzYd3jXou)yL5@juHm%_78pE
zl;c=@koKV??~yC<bRmzY&7EqOqfbQb6ye2H%6~x4Y9&N}U`lfg0O5l(Qk`IX2bZEi
zAL6?n5>X<U*!xpCx6lw)pQEbd!4o!7!0A+HgB_L^bn=Yet<BT`>e{rstwAnp3Tdkz
z5N0+F6zUe3sDavcD}T*5ReuEciAQT$D3^H(Xp7#P<K|!<fz_D!cyCO@ZTG}i_P-e~
z<bT2w)`EInX&H(#tpZkt5wOw*f@QT|$s<*SWhQuCmLo^1jTB2}AjL@8sn&vQ-{!Iw
zQ<<npLCYhi&(%@1*wE$Ku)~<36&|E;(s$k~IYIZjKW2@pV}PxxdtQ0?6gthj4mvsG
zk1u34=zQbnK<oR)x6lV&@xk}QATbsYynp`*!8EDbKlN&he!HG_umK(rxUAs2Y&1O%
zjCEnG0R}S>F#1#H$;*C)kb!|y16)k$JD`c#D;d`J@<WqDnT;tdSM(+wHyiU<uExaA
z_0oZ*tY^B}s`jd^2Id9K?STzHmo<}IoJA?B!mks?1@utKgMwv+pR!DP@O8W>{C}hx
zF)}vzE|~$oBW0%=8EQPIk(o+`MGEd4nF|kG6vEVyLs(9UszB?GUzxi#bYW1|p&rr;
zObRma-oZOq8|8krYI~1CI||b3Y?vwTH?G3}`}@u3{|~GVnlN2_$iFuayNBN5=_=y&
zZj1B66R>T|Fi4;`@Lnq@V<GQ%1%KR5;)QqD-0`B3&%G9yuWVP+{=KV*pxi~Dt{8#>
zrqR=0Fao$rboxX76GMjwV(4H=i+~)R=uH*!S5HkPE!47kXtoNwOW39<P(*rfkK3ks
zP{c9uvuu<6x{$sE_gQbDdQ{Na5JYlWYF?I$tW22TdCa0D@>%Ye6|4Co7k_aY@~UtX
za3(ecF_{5DBxR>sC2G8PpFAicC(IK022OkdDc09Tg60s`h(tc_3VFnP@_7{<uOSG6
zj++{Z2<zHI26gnoO36{0b$;_g`r8@Tt9iJ(G4ZqXsuHk}tXVT&RU5!DuI`Z1b^@%I
zToO$HlrdlrU=i>KWWXN)oPXIsnGNItZk@96b;%5T9Vt6ir>ODVIyDtzM+&N=-XQG=
zwW5TFrfJA!3u*)^ruGBexo<vu@Bx(<H_kQEO@28R>G;(#mqVeZ!{m~AFu5`D^QmIZ
z`LvIZBd|5(i)%iOoB@SAi^__#ER7co_@RLwy2|5`qsYd)B{T4Dq<`#GwV}pys|_VJ
zsy38h?;#T!L&EYN+osYLDd5g6<$e1=Z8jW%CaSj4WR`JxP@A?S!h@XDp*quHYRNp9
z+L-u%-&sTg)}j)*)ESVevuKf4EDwX20U@&iv$>VZ2COAB0BfY|RHY)JU{0l)3R)ut
zt!t;V<cl2O&-<oNsee|jRHD9Y1TI*}kTPUmE3p)J$Sc+Dij~;v4xj2FFvtbHt`9$j
z_c!sq0U{goaVs)ycdLKnU2V7G0ZLeg={ZE=y~lRBllQo%X1Vlg-Yg*w29F6B!-rPk
zR#(U8C*~qd!W7UKy}ibb!aUH|nD}@syT^J+yUL(gy*u)&A%9NQM;6XA5!3=D!jB^n
zat4`Y76n-VAu7RwMdBN3TBnIfZ5UWO0|rLQPBanZc<%sGxjK3wyK%jO^A6~G^9#A*
z72^1~aUf-fY7jF3sO24;!X`P??zROYR89Oxw;*lwOJ1n*X$3=XR_e25j}z5s&RglY
zUH%EQwPqN(>wmT?(DSNMNL0HKgNcSq1GIg8T#w0@a_KR>2S)Wcod@F@6F;MtRFwf(
z=&jRSWAfdrjAN@c2EEpRcv7C?ev&fapalxrGEdy(BdLwqN@rlUNZF|>N{u(7qU0;M
zRg@AtC<7ssl#)JH(E+djrzrNSJ$e<shX&k308~S;kADq=0Fch(^8cXsuh?{0IQsp$
zPZB@LNmOx({7`ofP)r>F269<IegpfZj$0p@LWO(bQE!@Vt$I5slb|BH+xuoyF-Twy
zU5|-_n_M8L!cWJ1rSmXfW8y~P!5`~UDOFo`mtTJW^y#<HU;p#^w~t?MKYqRJn#(Xu
zf;`USMSt?<e*19D%zt#eYwq(T7SVzgB40q4#gOH78nQYRRZ(YE83rR~unp=;XMnm$
z*{KRn!lm2_PQHR$!6~s{HtlMA(?TIQ>iS`=mjlK^j%l6EFuDiBE4_!(EmNz7^$!ZQ
zsR1f>Ro5|C3Kmf7b6OwU)^Uw}*7ou&lr~Ob0)L~w{&8)bhY%YRKmYi(3%*Q69(D3k
zuWjPB45Cxepe&Vca*{CUacG*CxfRm}lBF|%WTfm=#iYg?QB3j`+=@ww9al_s5|7qm
zlB0g*-{h^edgQAuFb=deeHQnM+BZ6~wE4+GbJ#714ix^_$*uGr389A)(1EVfd*7Dd
z<bQqt>G-*iwN#}5jEV8b@pg};8i&t78GtF6FnXJf8-RJ3urcu;Rs(w0HJV%>6QX7i
za$`}M<<J$iV9>(Qv_NxP3L8Y0&H#~-vQsSuHQtD&AYZ|4DJZcQrP}XXUj59MfQ%wY
z7Ra&S=;p?C?v<~$uGqkkr&!*N{-G_vqJKy6ecdXI$KFNzjd!(DK6Bd_PRWlzc&ynf
zSQZY5$=X6cIN&|-Pd&?!s`A7uLa~!~aCvteo~-0+Rg?l2YuS7|UQXT~xb3FdGG!>H
zpup%|Hf|{9p}@w(|A!a~vL7O^u(K0`)=n(Se4ph(=ribwW^n6nLtz8K(iuQ7Qh#=;
zp`gYaF%*-j*htA!;OV6B|AnXj!{O=VT01SwbSzgo56d+s{*S5X^cQUZZ#8&ytZI*P
z27Poah)BaqNH>EebqI}Ve0fWWgM<m6CxI`@s;b<KPN|LJN@t+BNZF|-g+y_=P0BPF
z7b&Kbe0>)uFf5-`k@Ndz^-U2)?0?oSYeNnFb>K%pre3+HzTqUhp~JE+r-rE%h!pO(
z%V*PXdA;OY)wmJDgof>Da43|YfJ6N(jnMEOCbO`FJ{al;s6X@G!}ZBfO}-VYVDGQL
z@Dh0GOm~cpcysWax2tO1%7Yc{2VZurN@?~_-n&#LEU97kayS!Vw4eFlaZJrp53_$g
z7!JKG%yDAFkNYD}rrC4)#gb3-D3*Pt>wc4<eZzhs4SQ4Gn{N#gAlfC=Z7;D7S7G;h
z*N`xaQz-6e6&p8;^PqTR;**!H3IrHS8HWiE1@jAl8Hp@qd0cYl$D%5tG>HAujm}GL
zbY40Gokz+}wUy+vh&xzePOt^sI7G)?FcPEp!Ies(iT}PqXH7$brTb^f9kB$L5DNqu
zf9B^8U)=4r$cLjLN%U7au9Nf7d}HEgx67+{Qn7HmEIU>qO?_b;6dQm(RWGTP0!A(9
z2+yD;Jc|lHU|F4(3@Eh>M8U0>HvBK00skXqr|KomSvRVe)9CJ8Z+}wUgzhT3r=IF~
z+v{N4Syu{}$TKrxnVh+ZsHn(|yjYjee}fN-+`Z32ZmX5|>gLPm*FZr7o%h5RZz->C
zLC@h|zbsq6RoKJV3W>B4^7bzJra>x7W1ee2)N)WLXUhNZiSMOuv%N;W2cOm^W-uR=
z^_arEM{l`t`!NsFI3_+$Tl?Z<hec;<(Xo@fyu;!seTCfwfFrp;P~Z=(;~Dghe`iq?
z`Ycb%j6sEe6c>d^7P;GO*Z{|L2EdV&ooY7dUYVn2V_J7kQtX5(7E<<q>o@`^{66ul
zdKBH7@72|px35(l?3cIR1~!sn&p?JdQ~uTqX(v(FaAK#Fp@8?4qu-PBb$adt)<B#X
zZ!D??P?KDlxhcJ$f?A~a%(&jqe?u*fiBBZFF(5^=SPWPATpxjiDr$Zk1~F7n_K;<f
z@L8DoejJ28gixKzp4m{vYz9=3l%1&T^s|gAJ1IKqyOWY5g#z@9OI~7;Kz&pPQS}C<
z8_-7Ss1H1M%4<-;0Q4_(;XM?bf>YnY4?VdKp@-zd(cU}#WsYiLHV<<+e<nVT9WJ3Q
zIOCN{Ia$4}yHZ|`Hci_>52#DgE&qOqAb!RY)6%^+KRTAjoUaV<i7X05&hj+P5TKa&
zNeb{pw>sLe#B2sEk(8aPjx@e-R2?Tb*K{oap@@_Oa8bjKco@P~gNF>cg9Fv<F2LQj
zJI^Rx1gIgv6rUl+SSmt(e`V1r?VADtq`$p!{hJ2?91}mChsO90@+@Q~QS;AGhq4kC
zL$-dYj?lINbgo}k)-S6*C<zUup3i`Pr3Pj(i~OvHZf7aO`cvJ!+O2^$ZZMmH8zg0?
zY9I{&9M!<dlyI&EAT-d;2KVu|uNE5|oM;MNpnI&qy4v}BeG?wef62jP^*Z^nZSUd^
zc|iq0!j?|n&n*xupo7~d0RaWP6kA9aYy{S|ibjDHh9MAe=<EwczNh0<oem|;=0OR^
z#Q$fUs?_rMS(z1yU$QKY!O303tVpC036dm=V-eNS;r2b$X&Z8w&43(|vQu@M#tx3^
zG$jgM<OyXax$B0Ce?3C_7l$+|wxWaDqdvcfHt~B6KZhRXh8g}9=(D=zzVM5Y5*@x2
zL(9JB8V?z=o^l2Hk>XjtN6J!&lEYP7yWriffV};-k&XcNTvv`YkUMuB00DYpnS&e}
z2<zv9+q)|2l_utM-!Mw~38oAYo<v98mFv*+<eLc~`?uy0f5jiU9E^t8$nVBsjHbgH
zvw5(_G4cNy#)w2UCUKdi83yDdCT)*kc~E82-$=teOrkujM;r_r)tJpdHIlMZjS&q`
z95qIhyQ#Vs;FQ2TDgUn4`nVr+NBi);S?#`icRMKVYgL&uD6TRy((%WB#b_2lFV&}w
z)`G%5h^?Zoe|yucAEP(ha{Zs!reez<)}5!q^q}4gN?l13LRwv?gA22H;KDKS^T36D
za{Hb$siUZ#g3A|>dih)x=Y_?{MTr&x&$B3DRqV%#5}E_=ZCQnjg}etyB^?Qi*@(hy
z2BMIZovNhdvy3Y#E$WJalVW2rF-p#Kk^KDb%kAaufAtqTS9Z~#lIHksx&s<_T?_!)
zRxF|C!yaxB_1m<PL1eP(4x!Irt2Kna9GH_Ah{^Z*(BN-gb+0v>WviMGstI01-_>2!
zd-d_l+t(K=39pDKA0BoqbD+1H<XTSByF{vmr6#dcB$unfc_GZl6zm|q5yuV44D8@X
z$IMwOfB%-|DU0LSXHgZ0tSC}>u;-Bw5mXjLZho802I*xpKzgKXPl6$L<gIiOp?}cP
zqwLx-$iK*A;V-MATN8Ro$vHgvQFb+j2_rO<lKw0n8}Wpjbg#L%SKw%NCi{;MWWeiu
zE;Ul*guOWf!1d8Fb6v-Nm=qPO${O}&P#{ALf0I657>c^8qj=;5u|ZMU3{Vs)d)D5h
z1{vF%G-nvOH)r+%CFRZT+-m~b7laJmKrb}Tyhk#~IjOx$qOM$)bUL&tn*nY5=$N_W
zbtQsan$88U<;|q5SeBLxwy1+VuadA{h|IlPZKzN-11dzyp0!)4LB@9LRDv+q8;@;Q
ze@awuR|L*loocnaf%f%_3WB^hjqrM2YihfmPYp(joUmDE;AlQNX3l~tEwW0mDg@IS
z@deAmMZv;M1Pi%Q175mYQDiniC7S_IA!X0ntkfW5n{_Jj7Abhz;ZI5H{i-{no31NE
z5wN-j|M5XP175d<$kiR)s*s$?X<Vn{e?PJr_>Yf{naeB)voz!^C`8GkGT^L8vWRiN
z6d4!ULb?Oa{hHeti+l#gf|NaHzmkKD?AP(hiT&z&W4nap-`^kKv823ZVReA_Wl4ul
z?*99GlS&E}enM<maw6A;C56T}Y(4`j@zF7JkVj#WR2lQD(1)VRobgJeEX_nxe*{V8
z=ZQN+ncFCYd<F`Els#+1QiF_b*wM+U4NLa1JH^0~(nq%IZreT}h+ho|U9V5MVv$og
zH|lguK|TXh@X;}Ikp&`&7d1=Lq+*c|T%37SvAPVylE;xKeRtt+ZYS&W8OeH5_N<Lc
z4KlV-M<=H?>e<<OQliI`|G9zte^p;#B6lO~$PZ8#1{L;*CRc%V%$4sRp#SQ(?$sYY
zL3&3{Njt5i$jDax=nxH~v<#}Ugf4-QyjesnTa+<N0%$tobDjhvr?{O&&SxZ%N!dPG
za!l~rAvm_bMkl1QGp^SpHW*1j1Id=Xasps#G8in%&`lw1A%#vbbTcxWe;*w)7kLu<
zL0L=lmcaeoPg#){z=!WARpIl1k1!nMcG57Pku)S_M>iiOIJWsFrv_cGNo+n!;tJ9O
zkY|S#y5*bY^Pj-$=Uqt~r?_|lh6H~EaFE=Wbm2ZZhjU9#&)((pvUg+Rr&Ibtd#-lf
zA+KM$Sfrtg*N=SRyspx^f36}{abNnTIkbNYQ)!DU;PZ^i*!M@wu$`I9XJqC`*-=fP
z1jjUCGOLH{H3?0iB&-nse(ecfj-bB8T>Lu&y;C4rb><^J@8_#eA20*H5s<#}F28)a
zy1c&nN@>iLbQLLdg2v3Fx)>8D8?!DJiy%w$#19Fbpk7HH1%9-Uf2TtP)t*rnR*ds1
zU|F^Z%1DIe!cW~gVduf}8F?^Lc2p-O=Dx-!Bz3~^ntjOD6;&8Zf(;>q_3$iKnn7#C
z_4S7@)W)AeW<Uy^;QLadNl+K{qRv?CSJL;*h0nO$r>rRAs!n+r*O|M*Kev-v`HW;1
zDLcBsCMK}PCnPu6f22BoQVRXw!^#7y_qBrlLGgYM|AQZ1eSG)n-N(1Dsr@!3n?(wp
zU})zR>W_(&hSv8Ni#$j!ZwWP^-YAUIMPBig)n!_-NYp}VK(Jte$o)7<i!{tf)WFV?
z<ukHmr0l2~Ow5dpPe`i4^wbzBdWbXVw!5lnr4KH>ankRee^NzG3Z1aI=ViahnRAgB
zMO0=?<Y6Q?VN@{ghb2quv`ot|6Gi0idYaqWuY5-Ki<BMRgcCDf;}epb(D9nY-W!=~
z*nIbbF99<Ki`D5v9scm2*EZe3e|~6Ijrt6=L8qj<NTCxp=)80nIdkpvJm5vl@_3Q6
zsEAXRC3Ve;e+92ZnE1sA8)LGt(p~Vw)D7y8)v&t@?=ANIK+jC!Cm(d*>!UlD9&s4w
z=++&7l%xBW7IXO!wA4G*UI=QX{%lrN`=tB>lbIbDn=fpd#0y=`q?lL{J8$D4yNjOL
z5YiHmp7?!TVUMMuT%!~~ATlI_b>;$m6-BFvq|ygae`;@s<H!k`Rk_?DJ$sLsRE-q~
zWulkBp-i;Us4}7GbXR6n{Dh82{eoVqRb#{IU&7{u6Z5Dh)35DkRb7{L$bu*<S+odq
z#*?&Ul_)b2a`5^`G}*T`d3qkuAv;-<sS!stc~YYk=i3unOy&WRX;hUT_8CE}b27T|
z+m|mMf4aJT@e=%bBjol0+EZZWk<z97th_KRU+5Gn{Jq@sb@Ls5!b%3+oycn*9;6Ck
z53|zfuc2i}nn0`Kic-!A=|@`V1m&Dn(mX0|lv9_b_LmK@x_o$M`nQ+gR_)VLRCfZ~
znP2vF9{4@6m3Zpta47xqi!6`*)L*bPht9b2f8b@jDoVCUs+30yc`b<xw~7X~icZgf
zI%FrSC^h1!icV^E;(U8L5JZdpGO+p%!Jy%=teOs}_LTMx!6JS1@#;Z3jNMkHP<dIl
zyVbT==U(G=W#iryUWJ^+=5t#1jd!~mc*eNqRhJ*qHBCq7-AGHZRrQLR85K())ii~u
ze?f87dl+nDD@7VecDvq#vJ2EozHg5mUGE$cCm4kp7119ZGy6qWgn1;O<)6HtamY>N
zVaUQbE#e>)e8HVTf@Bfe8aX{r?2w(Tk<^Hz8ab)QiSzAU8cB)WXqEfE{?GEE>h8sI
z3A}iF`d14MWQ_J_G$|%f0b3vJDe+#of2~lpgVeiff_Kp2fO~6c=vCS9rs=+cD?D&-
zN#B+VT+nYr;vZ;{6Vzf>ZSJTz8IubaejemG5tF0eDCTLx7gE1UQOVn;5H-tr6f!95
z&yxgbJDj!s$s)4VZF*+hAv;;!93yVT_86$==7i@Ubd412$)f-I#~ysmrGeC7f48f0
z^Ss`gRN#J<kUCeofd+pE-fI836-T0dp@#t1Q<V2BtbTmsT~$(t5NEZNE3F&p^1jQE
zrMPW>$%P~GD^U2aIdTFZ8Tail{;RJyx36C~xJW7v-=Cb=!%njJldz6g{G2Izf`>rP
zZvEsG(H6aG4o#m73_#I2nm(hffA_2^e5mqW{+%<kO?oCg!ctHxQr1aaiA*p*gt!!R
zA1mTC2NsZ`ETQ+9yQVi;#I~iFjvR2vPPP<|5gnFdQbDit)h#@>G#7+%pyc<+>1{o?
zc&QE6Mt%0PX5{xiV6a26U6f1SbxrAYdLZp|>bAVnm;DJGY2$xaZ@izie^)(dH%_RP
z)hnKXG?VX^Tjji0`z=A*s;QrqY}r;w{bTch8ERhY<tSS)0rWr%onQ@SfgVQ1&+G4@
z76%kvE*C2PS#|yNI&hyCwa6<L$JK&GQ5iBG<vz>H!Y{(ghpu978<5yGU^-I5Av@Uy
zI7W2XfJuEloUiUueM)TTfBgAZ@$CHp%7*+l+jgV%vQuxNba*2w<x3xXt6v@SI8M^Z
zHN+@7M|b{_O(0a%m+94FaJAP|^WVfXdxV8OQ<tc9DMemXVNtL}380V=GCraR7=Z4D
z;5>|TXO&2@NNru34hnI|PSz#Ihz?yEdk#XE$bx5dxOW9~3|MPYe@WD@&p%&Xk2mwA
z2Ub*i2XtHSf4lyx#WwZ1Z+5c=9<FYO@t=BUQ`4i0@><;Opo<m1lY3EqbhqNW?R~px
z{w@bD@A>LZbZ<PvTCF`{d5+8P0_OytOx(v>yA@S+tGmv~%Qfq)HIQy~*O)x3;@ZH8
zG`*(oJ^Jcev2b{se|9MdybHZP&NFs0-UUVH*ol8cV+vy@q)Vdhg6V3c6Gode%>&te
zBFIG`q-6;FG-OedCP1N+uq5}3C=an`pW8fSwt1KimT|~VHV=*w9p+(D>j~$pA9ma(
z&s`F}1C6x1roV9yr|(mv$!)M<Qzd}$5*KH^+uRL`);s3Ve?%Mm+Q|igv$<W_ZMng1
zS7TIOTl`J_mJD}I!0FIJCn)8tZV#j4|ILRtwJt#rgrXD~^Pw$F6#5y<cpNc5jexr@
ztcz&G5zcMxoQ@)L$WGQy$A}K?oYdjL`RWJSsZVWEN2!s1=ACND)N@hkT&zZ4Y~=a7
zg!Ia@rn5B5f8*(94xRVP1gkH_clD3g9`kMhg#RFC^PYy*P@jxq_bj;h;CPT?C<`vW
zN0sSU$2&Ou?#T!y6rH2G|A>YSs?pOySEm7b!S4FKd#2`6%Ob)usOmIgp`XM|-e5W7
zg;+3Pjt>@j73B+O0ZiiC@G5@>yo#2cs=2NaY0Vvde~#mtON;F_rMwX}xX2ra=8_}*
z3B|5GncL9*(2R-4V&6eg)4N&Fs*Ax#2ZC7*fjSa@mZAvqHW762!v(L9vlhDPqSb(~
znf|~V?-$jC7F}!<eUy{5z<77CJypf-FuNL0%}X5N<a*FnfD{?G0{%Sc)tI=k0+4Ia
zbbQ<Ae?w~!Uv73Qum{LVX@~z<yJFIdy6gp5rN4Y8^cT+_D#7GVI4b+3aC(;oXY0!_
z_k$qGj#~_J33-&JX%@+2zJijuB+Xb}1vTSwQpO3dqAYS}q<tI4<<Ed|(Xx{*hGRsB
z#h8ZSBE<$9VPDTlb3qTY6nBWM(iI(mozQn&e|7$%Q~o#k3)aYO)jS9T%aDprn3rqF
zvQUajJ&8k6r^B%Pc`&Ro@v}T_)i#$sKJ0nfJt#}TRnI%I$(6}!kp^iPu`<dM78N{T
zd{LEb5$C>1O1bsV#%TF7Fj}<iWc_oD=+M7u04>+6yY!6`(|HD+@>%tb<cntncid@I
ze+OKGxA)DaVr#zHK3i}}q;S_)W!;F`RA}unw@L^6%g5{2sE;@AuHMQY<(KvL_jj+Q
zvH0a$C8oZ7`gr^HH~h@6U%!6(La6N77%5WX1dW~5HDXkJJVk7l`qJ*9dO0M|m_auG
zv;DgoQ$}ba)i+8gED7NX7kOEh6^qkcf1a92QZQaht%VG+$soBE)`oETGay{F>|}*?
zjOb9<Y4|PItGg7I#BZrIEX11n(@tNuD({<kRs^%_O|vSSHDB5(WVwM#1rI^M6?R(?
zJy-MoAn5VxJ2rWAPGA<Hg-%e#dAO`G@&Dd16}c`ZkHjFF%%VV4j0b+o!X!-~f0_)z
zWVa^T=q`T-x{H>btcjD*U8B!IXri-C0<DRZ*zedT=|#|ZE%v|<__KAN#h*9gj)pyu
z6FNN7=@2M?9t3Jk{J&YL$mRw*`@$dy%pw6T)cnF{s@-QCK@8ZfR5lRGp8<rTWhX1u
zBp}r2a}Y}91VYhDMTvcFO~e-8mLLQnf4#(9ycy7z2faa+lY8*-3$JSt67{g_RKWpX
zVt5&f|HSsbtvYYnd=owG3xK1(eEAjMfwBP9>NqUGbl8(W5B4-BKC$O7v>4L%V4eve
zaZp8>Ct*~{D`^D8i6Un_4i`*hQ4|S3k*99yHUTyc%AbLQqGczWfC-4En`vUVe=acs
zw?WthvWJ5~IA8z>YsV@R^fAWb6^#2DKhPP%`T<1Ut=n&^ZCU>~n5=zl8yu;r@LFYV
zu52TgNGYn38-$jg53nLdPSDbM0IM<aDUqXn?1VnAHw7=x)KF?sOe%*#^p-_w7O^a<
ze5RTJ2Q>t5-5P46tNa=0Dq423e}+!LN!?5nyLG?&h4=A~s|)Yb2HE}IH>+=idXh-0
zt_5xJZa(~nI&<ZCQU^Ef1BQ(@*dc7_-3?8LwgOuND^qWhuId4x693zUIo#zRme0lu
z(2WXF-_2;fiuc=)P*&>c9m+Z#<>b#pIgN>*Pzt{(?;8M~zz^8=Nno2`f9u!XW%cm)
zJ_sx=ACo`-uPraSe*<@i6J@yMs+cqigIKS;r=}sx%Lw>6p<!@ULa5iRtv1-np8<BF
zWhZOv1lZEeG_hNUSkIlU)3b!4QsUS9&A5kT3AFN*&erk?unq7V{70`^hs8gpy_o4v
zt#n<=H)YfAI+YidDqO)Ze@c~ArS0~9BRGkABA=TM>rRI}`ST!8W8y|bQ5z35v{<%x
zmkK}%*-}`1z4lC6(p{hSRLAR!R^WtMQcEHHAS!qmv8qlo7R91sMJat<#4Q7CIV@tg
zTG}Wle+J5lmYuAY6Yxqm)5LDw?>=B82%V&4p+H_d3h2Fr(A_7oU;%vb02{=E^0?X_
zg-}q+MLhtmT+=~G{yb39nE1qQnLXBESX>4W;Fqw3GyPX;p<+=4Pzk^wgv+8Z&RLcP
zIYUe^K!TGrajITm!<2#<FeO@cs_Ko7cwF_Sh}}BG+?V_!1R#F^mrU0g)RAe0ZMUhs
z-xY@)t)cN+Q{F>ug6_$waK(s1##^j4{$V$4-SJY@^TQ8P_TV#}2Zajq%n@Sf&bxnC
z)@KkrLZg<c8s2ohE964;t3X&Aa@}cfn-m#0H^Dsg)0p^qb$j3Cx!&K6^`gTE&N3<F
zVq_`LgQ$#H5SM=ei~PK1Jg65ePs+56Y7xbO`!o-198)j@$3)9cHYpPjNjKBPZXIHO
zUj5>-D3sVQ?WWfXR`U||-mZb|gTTKu?WVbq{xXK7lz&|TJxo*Vq)A#rukFJml8tr-
z3$X-dIXRu$eFGe0DSe40LK`>UdnCY3`#<h;)bTw$$De<q@UE=+evy+sf!TT`m*chR
zIkCi6W<!0{2fq0xw(BLQy6w@+MY<iN#0hp_9=K{u{Janu_#I9C%v6QHbUEOjeE^5<
zq0;>_o@pkiM~!m7<i0c$VI?o*QBX<?QDreJfQBc}^Eh9)bH;%Uw+d#!t!UZFW?}+x
z>SmhQt^0r7EsAt9(M8ICZFSj@K~3%Vx$apa^%Q+fyT2k1>RjHpZ6{2Ty=d^R&Am<A
z0_o&tD^;chX9ueC4RMwA`!`bi4IkcswKg0cIOgF{)D@n5TNfgP6golU=Yg}v#3x=f
zv{v^l_XuhRKLAX7N8Rhs(|l^p^195UxX9Te4j_MK&TEzh3sC<g4r;Lo>e3xE4{Y34
zK!H*|%kQ&;`q*aKAPajrVg{&ze!f=p?4Jo`cM(5%S5_+|LhI=lkT!;tymd%kT_1ba
zUmOy*O3$%ZlXS@e#s^C_bg8?RdqCjNxUO%G|Jo#?yZw>2eI#8w8v2O-q+5%@^4@}D
zvfh6*U?m!?eYkot2u=p(1P>ywk@KwD3W}g$+jr7MsWFUfilpqt_x_`WIG~=n<4|<0
zATHj!ttXfIp@D>Wr(mX<2p3-eKfHFg#n?X3gTZBK2~iL%1*yGS&Hz)vD>SQeqo_Oa
z!X@njxF>tfu-aNvkie@@7V3N^F;e6N`!s*67ZyFU)a5J=lAJ}+qLBY7gjDcQutgR{
zL7G%iQH^N1jR^}Vl+4*$P7O4s<u1h2DOygyz?hbgFn$r5PDx$&IW64i(u?opVnOOf
zk@l<z&4yYf>{-3f!=rT4u<;-f2q=R0ARgL{^qk}w&$W8&R#I(OE4Zp_rIFh3uv>p_
z8+j^eMMhtND~O89pyANcZvZNwO}kzL6VO+a7hkqrUuuN~m0~M^S4=&!{cc$F+@ZGs
zp$fRz$Uir21q?(hzV7bZE!Jl=E2f?uN7Y$A<Tq&$(W+QZ_Bo3vMV`<@j21dUm1p4O
zK00PDN<Yn{y0Vxr5*C#_Wm1Vl7W;p~&#Nkw3Z1)E*+!xTbkC|YRhb%SOqE^GrBhUy
zet|JnCXr}PRi>l>-T79uY&ang_9dpploAkHt@gP5@$ZU~&pK_Nq>C=RJ8OLTl{9eT
zZimY@vGJ#{Vv#~8Z2TGUu#b+JMUe(U7KAM2e#|1jj2SN?!J^vF{3y&)5s!bIVK)9M
zpj%O$x$&ui#x}kS4Rp%Jr(a-f<5QAXUnozNL|XOd7ly7M%@!R3L$JGzXX!r6q?7sf
zK)3-X??C{ns_7n3Mn1teEHHX%K~pdbHZtyow|!m%X}i>@Zq2dg6y*&N1RT%fv&&Pk
zxr0Lzf@e$Rf}?lKloS%;b*g_YUkN_uvpf&w$mWf~dDf?L|2RkpV8!ZneE)Fa<gv}Y
zC;qH1)@$G#fiqe9w3R~5JVDdou0I8(xBkH8L5Z`elM*G3H(<uL(gX65r6n;k)VVpK
zp&Bi8g87(%Tl?sknP+8?lzG9zfJ+xRE+DThJ>op$ei(}|OtX=5(*}Qs1tkBJy6bF8
zPc>X3j0PqCOS{t-dBSQ?g4cY_OSsg0TB;pRSPe>kr0uoig*PQ(G{~t|qE}sm!t(B<
z7OXq9QB@HUDqFiMTE5X;OiZ2rR;%ujdEYwby%Dwi4LHGjlge{?vqOZFs)T~uEEZls
zvv~7uGDF#8o?-+(Mm~Rp<Jve8KK9We8fUTaeLrA%QKe8uyI@&RLnGu!)QMO`VddtV
z3v7&4Kw(Bs-1L<A=%yzDN+)jmsg2kiZ@eilAWE{~#O9|2zrtlluUCoO%r|ngm&in;
zNS-{1er)^L48V?+14-<(Dcnz_&<XZ=R*yD%W>vJ7`YaO(l&ya)VwR;r%+e$m5frV7
zEOT#F8+Q~?7>g6PDh<CG*{YP_Td{%&6tO`msZpy;LX7s2^t6#C$%nWKob_zM+5_2G
z2D%Vf^LYo?dL3y%z7%_I!bVfmenl4!!UKx4>BZ#0q}1sU#4z>04k)KLzdje6rh=@{
z4q(H>AKvanx7~khFn4i84E?g^@woT=t82w*%RU_$70hZlN6%addCEma!Td@<K(I_$
zUY8-O4H0QFLPQ$cP@|B7ADpIbr1+S&k%CTbBc-m}qnEr}*9%gLMN0gNk?SqLyF;f2
zn!JcRJGg($+dxgL(0@6$QQp$?dEXzF|0-`irTDjhT1$U@f&u^O|G8SqYYohg6>8j~
zNy7_{P*rbz`0>Tl?lYmj8LWi-WT!a|b#zbK3VD5g_LeQ?6q~KQo2b5Pee*hqc1X$Y
zn-qPh&@p`D9oIf`SxI~VDKV~m;S8M6N5{-%QiW+4`Yee{>6P)aU_}(k|A=IfS7}}c
z!hO_*HYk6Ge7qBtj|QlWC?DAk&Z&Hq)Ywr+zb2`IBw`2d#V?9Gdv^LlywpTO>8Kgr
z!DWBBR5y8D%Q9T~bqd$xcW})Z5_O8P@S(+~)lXt`q~WA~YUwuiC8<_JI|z;-zpw%-
z0u-+UfAXkV`_=LM^jSuVoS;rK;5Hu}Gb^U9sAPY!pFj#bF6CLqa~2nQ!mBKc79(6i
zp$%RMsZ9Ba>O^-o8&M~+bDLA0D5+6(B43kKCt5-bK4D)C(kK;Bd-~-@HYXeGR<-*z
zT6RzzLgz?;42H<}DpK}Pa60OxmCl;yjrRpuuOFaqTi>#go5oZdQ2>~Q*QyumAU0@T
zi;90os2KIQ4i%e@Zwco$Xd`D1k&LUz<ZZ0r@^Y5dEc2t7<qJPd;wsEU>};T&gf>bf
zB%u<gsTd_bs$yg-Hm8bBhJ?`XN$MEMkYj^C6&!OoH0(Gwu?x>fF_0oB?812{26E;~
z-c!;t%bA~-au@n_!iqTXS<FT3W6@IOrbmAdZ4^UDWmr$#g_QW{E~Es1+uZS0^LI-0
z#vwWy$RZ_A4HS?A=%^|t6!rqCY8kD5*3u7hMNQv2CV{X(S4!tcceRE9@~~JcN@mTZ
zg2@;AkqDI&IS4otNe}Wt=xfGwq(C?iDL~F#=Ve(`S;Dd)N#r%7C>aluh}Ajw^P+za
z^D1{^|3e!o5V|{1jj9VJ{tmm+95tcWu33@Jfl!la)HL*5eX!R>M?s5skVMps;Ho*S
z$zXU_H`q@0Qe`4EM+ImP?q;~1kU;@Lg{Y^{da9lRyM^>=K;?;DzDUOKgJg{P<e+I6
zIKodl0oz}2KIjWh9~QW>JKFvPL56>yRJ_gf7o<L^7+l-k5~7V#pP?kG0Tu7psJAUc
znSnE3(<7w`&7XpnAcam){&{E#a%Q983=U0sDJnB2wO(2Pd1_Yj(1bJ7t^77xA|xRL
zrzt-rKBD~OtS;rB#z{lZWhp<2+9#zCO6Uz`Vx!)>(cCkKz3;RgI3TJ}6+wRkah&+h
z0b~ao+HwD&o{T=prswX%dAWOXX5-v3$Y)B&&-YoD7ZpnjzVL%Og><HSGuyfQa9-}7
z6d&2ll-OtMl1gmpsY!cM@TJ%1%x2OnwxV*GTWNr$T}F~KX}O1jFcop$dP~89=Vi4|
zvqT(fqx0`|yE2oi4z(8G1#o}n{kf~2kkFd*)Ayvv32HNg{pF)$<}l`E9tHsmLgBM0
z%oZ$*gODvUpXZTkTjN$6JNqBb%l?z%BWgp5ouD?;*i`5l6-E7+u2ACI0aNAL;PiFg
ztE)Z#uY2v?Lv~16f4ONj`sHjNka~pQ)vQn%_DN2r0^TkM?zbL(qnv-XYhY7?veVu-
z8=exgN44Y0esw&V)4Q4uRtV>T708*xP>7UQ34>IQ^sd5?Wl3DJl$V8wq5?8GZq2g6
z3gJAk0x3SCS<}c+rik4-#7@*IO8j@7>(B(&ORQs1XN&yRW3v=@WcG#{^LAw-Z7qO4
zd8M>uxVtIsl?tIRN(g_nw4rMX>J1?okZd-nD}+i=PvKOF>4<`G9-@Gp*(5F*q+?hV
z1rg)1pU5BMGO2kE*%+rvL^h%znujPL#oa1Fin&!{irB3~>@<}i#ebD6DlZz(c(-m!
zWXe<I?w!?)>=0gg?9x02wWPl#9HJ?0z3iJKo^;ya;c|!u<y(K&l^k^Z*pXu~A0f8%
z%cq~@E7bOf0n!aFC$uN;%M-VPKR`P&C^OvfC3Z#~LJP;WmV9%U){;WwS{u!SB9Jqi
z{3wGAk8}~Eg7Fl3Hw0N7_)!cA9=F!oP=sh66oC{U(b{P|AXCI{9bzYHElF?zsLz9Q
zX4L;PHyfx^040Aph~N=gOFcp#tl${2G<{t3^MC@Lr@opk=m2hwlp`1L<Tf{F{~?7w
zq7qr;vpe-}I%Xl7hgl$JHc3+kL3$PyRmSoxNLa#)5`y#)qj&3_jai81VHQa74?}<z
zawi{ph5|wn$HyU5aVm;|esNGk{k()CQlfpCKxbp~6l{NBZCd{xUxT-fVF99UjWjd_
z??6xRSR=Ol6pjp1=!7jl4?{rCoX9IvUdgj1E(2h<OQeGs6$#4=E_H$PDjwlak8BJ<
zG!H{Sil4jX$HyVIJS8}~<sG1cu`TcD5kzkJ-MRu88L```5#d@k5KsP&V}QvQ`f6pE
z<Q$+lpg4bh?&SPz+d^|HN<GepHjpAGD91c#137b<X2P#hc>pBP`8`fcmPfg~Jw;_K
zsw^(D*j=3#+0ce)9<+fJKUX=%$03x1gh-4j2l?Wba_qI3CNyOP?Qoze&>(u%DI~%e
zevKUZ^B#{6Xn=<LSUsknu{@lw6g{%WQNyRVt@MARFh8U|eIp)!TX!Dwng=B3Rw~uE
zFxX>&@hZ9FDcS`3J9M2s)4>qYJTL?~bD5@LScrgep9d^Ti<IRt&zWBczYepkuEP-p
zv%wJ2JTL?)ey)Ozk3%RJB{-^JPK<>6^cg`WkUHf)fn0nHMnOtB#@&WP{j?%d7}8Nl
z-l~5ez)W>;3@(?$!zjiD4ZXt}i5F8)igbRD9#Z54HJS%2AZL!sps1oGWMxqlEGn}E
zU<JU$P~<+3L^ak)J+fg1(L7iIDSoaRjgLd95hXaPMozSWTa8YH8t5g&?TOtmtP6K1
zwy=2>9-BN70J!bUGmU+H!`$~`x%PU(JIjAFEJO$V+Pst+q`?p`QAQ(>9s28Y9Z}O!
z4$(Z6135EL^`>Q*OQ)~$S>!L|VZ}?SU|cMGk?<_4+$e|0Mma?DP!6Q{xw=J;;}X1a
z2#)HOgQ;Llw?-Zo_vdc45#1V;?NQ%Wh-4=@n#1Bx2N6W`Km_E>VOk_bnk}To=QV$e
zL?Uk{Nu05~lD8DSW8J&b1`$N_Km?@txx11aXKYtef}^|A$t2+3l{BINfu-CVs6z+W
z1<SyoBcj-Dno^niWqYSC0W0r)E02g3Up{Z)kI3{6MWVz`o|3jFg-+PZ^V0U@%wSlh
zSuL3~tDHsBt^(Tthc00vuIebQf)Ri3#ZKEt^V0UD__=$T9A|7VPh}mTUwnKoyYl$b
zwN`w=hR|3S;`jS@BT4~QckhF6Ls*ILYZXS)9r#RQWQ3-LUOU&uo}PS<<|W_Bne!ma
z{K79;6@%*_;)wAePgtCbFpsmkN;7vke{3h;<9W$<QvA$~O^-9Ou}Q(PjZJ^Q_~^za
zMSt%jIJOf}_N3*i-IY}c|KNJNUtP=M*t4Y2_@0gDrJl)|v%Jj1IF4CTNl!N_YQge2
ziCD3yvM}Odl%*qk)=oXg^HR^G__=$QUZs&eJGCyJe(~`=OD2LL2a5p_z7!i|u2hKi
z`q`C>hM+z`ZhzY9JE&EJ4xfLpis98LMD(B7_ft~8q|gcbeqQRAoY^=U42-tC<`q8U
z(rhzdT5T}eV6)x(-cJ3-^HRU0___OjT9XA*Y;@O8PyCXigQX^r7Jc}{)R*hX<X$ot
z{ccCl#5uiAlzn&^`q0r7<?$#W#!5UL5x7=l>95wRI{md*?^dNcTEKsm8gg(t*12Cq
z<wWn2k51N-kP;`T-@G(5IWreQS!Pkm;9@I}oit;ayxOu_-fSazv4wlBTm9@bbUZH&
zO^Sc)8$l8JHc9ZtAvmgWXBV@R5`DlVU2}Y0&(n@=HMVU#xoO;3jh!@ZtQ#kd8r!yQ
z+qP{x>3hGw_wTcxvoo_hbN0;6JWqGSO4ClB=eAB}zw<si4@7JRBz=g1ctRCx>&F6P
zG8{M-7mf;YrW&WLGH^M87S1Ge5>lR`-mNHeeXG8F|7y9~K*Z-(->38IfGih)6<iIk
zz%OE@0Nmd%<7BZ?n6km8#B+GArA1Xq8hz))>?PMP5JOt<u~V;$U%Krm;Gz>QlZ}V6
zCk)6hI~Y;HER&S!fMl<IEc*Pic?iCiFn?}`+EpAfCwXsA1u8LX@(CB}&T!_SNi<(s
z8&=e0-$USjJX;OaRIm0>*Zk8^Z}iW@EwmK5?M_BTpv^n-j|{<ZuU}^b_B9WAC0esW
zY?#O?oQM}3kGQ#bCePn*+;#}^@YUyznJRryxv(Q?;RFS|8Z~JRh`}`)*kv~S{{WDT
z@gNz2AR+l>;J18X*E+6#N7%%j=$}p9U)SD#kYo#E@XN6i(`Kq~o*Re>zwX$0Y?3fb
z&~%>x(fMU3*^BaJsUFM0=;oU#p8EKayDu_BxXp4p#dp%juxs`Gl$z<xo*t@jHJd$N
z9h}TnrABkek=86mf9a*FA-#V3ZT(HY8u9?vW}^N*KJ1sdRdz|Ibl*pFHaR(crbHE$
z-TQHK_;wW!n^_s&wNmK+Q?+nI#^)d2=4rx^@?WP9I?ie>vZv`o|8OLhq+!At#D!TO
z{qC>RE~mt<?gW$1uh-8X5`{>)4ppw0L2U{@VnGgaa4=ES6ere*7jY)anpHFdP7?-{
z&G{$y-P3QtHC!+&nVe?u`=V{!PLza$<mS}T6%AEY>s`rPXY{2|kFsh8I{>vU?p+sv
zOJCB<UTE23TR74FW2i7tST&`dtRc!1W55lWwF;89K$%Tpk7n^-x8JAsCsE0qt6Z11
za60J-S{$dsb}1U%Bd;@@si&++R`MK>#)A7W1*xn%he~%SoD~^Y<paFmAZF2ysZRCn
zwj)6pv`&Ek?IjAGgOMFf9Z6YBORw*ozll!fv2-0bUG;u<^v?er=9F;DVv#_@r2cH%
zEk}{SDm$+CaJ*hzem2m5uJ!z<0D^<%%HL;AjfM$3&IKPyRq&w*G-kvxGa)zk$V^6(
znfK#}`bH7@C+dICrEitFQvO>FLS;ycJK(kT0ZM;-1$5f(Uln)(Ui+uU;ORvnfci1@
zwR$CLnOr1_ZrZPJ?rOuvzwPx{T2P^UgB{+@5Cu<RzEd<E5+sZAK@kDx3Gg0q)J6h4
zmEIWBqIJWL$-aTasHK4HW5+pEM;WOLBb%kU@qTMe=O(R<MI0480G%vbUwQfVa2wno
zl%s#qbb{q%=DV;Iyj;V&(6-on39>wg5I=57{DeRB+hhpuCL2GWV4jsbgoBR}-xuId
z4gE!G0b_$l>WU}oS_pJg7pvanH;%dI;w5^HZgNB(71V{K6ZZN3mx3ycNC<mZlm-0I
zJr)BN*8>w<0FIz%D>38+#SUr9-T>uG{$h*n1PXK>+7v*|6rDmEY&F6d9d`l0%tM5;
zG|S*9nc@P3Uv2)%$Bgp;jq`rH%GAkIM2No9r%^H5AXnXM27>y(Iovc&@A_^otKz>I
zq5dTD@al{{pfZNvC|&r<R5AOn;t6<M_&l1L>&vY;F5QMPgG5emLcQtnn$0++fSlv?
zZ|(HcRNpfjE4vFg>UodujYr4Z1}t7qkI#cO*BS(NT!tjCtYZiA9Kk}K`0Vt&b=J{E
z{K=GOj{QXg{4rfcb6<CUFj3>5`<5>D+T4*f#5ce%0V9ALt~F1tuqm)Q^}i7XFAtgW
z%VK}g1)_zKYU8IB+v71<*4ZjNo3;dg>s>m_z+9}r)*i0>Nv`&nfJ!?S+9%QBIsI2%
z73y$#e42V{s&Af_ftPa%=4k5Ym~f;W6gjLt2?k8Js{w(n*;o|Cd!$-{EadAN*@Awc
zktL=6qg#j{8%u$Uj$8K{#?#7~W<W|)=K>O1FF3cG|H#p9^>lU9RNoc!Rhl+ov@us&
zWo*94GX^6u^&{bQalB&sW#Ja@v8o4pXA<aka;0wGsq10=C)Bw?!DvGIL}T!%WX;hI
zaA3e%JNyv`Q)0X*Nvh2Q4aQ?@x7~kMiU5hye|X>TKpu7r@wx5Ywcc#}sP=mBx65y7
zzma79)`2PLGjQ58FeeTE21QWzg7^Ne;b1~(PI-ac*bzf!+YJ1{96glO3m=!5ws~*G
zW6e}QD+w#RiWgLN5YEBmCD+}#z9e7)oJSJ~7I>pB`N}uYm3DpW^>oIJMEXR2-S6qs
z=h|$J@P{kwExMkgTPwrORiS^0`H*k*D6-rIx(NE+r=({6RX92{8BLAinKovgPAfqZ
zX6R!y>5(yk<Jnj<J~oN>c-2zzZflYsY2Nzp&aPAV^iUNe1Q!2yjZ-{5E?qNFU}1&H
zYryT*@aO(*_XUTvB|6vpJ4HQ_gZ%ldqcFm`TgQ8zHL+~T;w#9M2T+A+$(vLbONnZH
zfp?lXqjE6&cS*fFX-3gB%_^(^zaAhZ)#g{$i^DeC^t09I+4)xQH||1Ri_4<1viZrk
zqfb{v!_HB@I$Y%6#RP#^(rfxZ!)`vUu!JuCyR`l``3vU=m3qTwOWL+6!EZON2y*IK
zc)s8+Wo}^!a(4_D_Jhu#I|*^lDko5%>B%cp7BJJO^d5K#cX|86PN%PI4xjRIy`{j?
z%oT-WDp#4?(KjCcJy5#<x$C*-CwiNe%FPW%z77S1dRQLUxfd`dW2P>AW%OX9DpMXI
z>iWQ0UpzSjkKL$8dEBoc3E-&3o@E{&Mn6$NupzLjcv5ta(e|Gw2u2C}fPOE}AB||X
z!|-MO!@MErydstp_3?R1{9*7AMA~;7+Q6;cA;4^tn5y|zJ>dqg2X4iM!J%fJin<qh
zRnn{P&rm<afp(xCPQCUGJkGMN_eilHqpg`|oI?E>Q{$}h9Q{<V(mZ%Ic6HKQj#|tt
zd`NbDJ@i`Uf7%(;tu0dKJ@CvyYs;@t9+dr`az0~h6jaXYRm@J;YFxy26H`4Bg}~on
ziGJ9<YMFzU;x^lK@a8I(rtiMaVGw`u7Cbp<pUi>E(6$pE#H^(398k(vpB5Hjpw}9M
zeCCUQAa(_aIba7WBEAy&X4b;FaES?-t}TuFN$^wl*!!>NE__}G4xFlH`dLKH34`$T
zY06Xier`tkZ_g>-%w!H~3+|_Qv7-P0AXcuJ3IoYf8~N5B#469XzmUoCb$5Mj?@L^>
z4_toE`+zY>c|MCj$|8Ld<hqz%=E?q}aOoQ-Yz4Tuw0br6oC7uH?SeY3w(NYs%SCOR
z>$Ka2ud~-PH;#EDLtBkH%uvLBsJTg#n-F5>l{9JzqehZeHT#~Y{9D@FY0eVk3dM)0
z{fG|K@$ha>1YU2s8<1(NZ<=tJ2WmHE0X4QOCJmEJOr&(0i1d4Ik$TUeoZ>oeef{OS
z%0^d@^=I<+E|@SMU|1{0RZg=fB_4WBxCT5&n`iu^QVEb4_Xw_m%>oVh-m5b8PTNhH
zcJh8ETGcbfZdgUKHW&U|?$;Xh?s|8M7oqikeYU{bceDSd=nta6>izo4IUb;X1}^wm
zBcS<V@%KtkLPErF&{(O^cwE#2XqnU#5UmPuv<Jsn4`hfF_<l%TsdA%{x<G<c6VO>}
zg~pNtZrZ7A<~hN7Mszi(6Ptc4ph>JMbq8%lsdWUnxw>R)IQP9o`ZDy#2$X;aZJ+4h
z%z>aq*UZYL<>dwe8rOdHfOQ-)pvcpO5d7_>@yR}Q)Sp@MM>i2eu>%<|=*r!O{I;_e
z`ts1WsLmh5tf}2G!dKSK*mFuB8<+#S7a}Za2a4-?iEcDHP3Vhu>SD>kij@K{EQ6wd
zs4LSEl1o~Io|kl=&mkJn3a?d_ut5J1Z^Ebmu_?xYmFWPeI34Jxwg6x-P*|?7fjOXT
zs&7WmE@h22d?6|?rQ&*_2E~U4p!+6_EX2mXEc2#_oSRSc{=Sm&-BW;sZ*tdJ7sZcf
zi_z$_HXFhchVUuKmUR2@pGcHMa(~vo@io?xM4HUlF+~G+TVQN&lG>4x0;E98pe3Cu
zTvRP>1YiHi2jEe>F19KhSok_f!*&(!TDxUy)EOlcq}Z51l)IE(fk{E7$Vz^XMs+aZ
zqETcv2#FJpfUmv;z5fM)pQdSc2<uHIHRn+pMJuxz7B?yt#F%c6TKeuqA>PNSCNS{J
z=T==4*vd9y*%$STwb_wuQ2OUy*_epCQ|7Os9)^?K;EkP0YleRYKntQBp9}8*wK`c#
zML@xopJcEFkVDD}{$0G8*$*Mib-5Hzly7;iDEFK+vCM}1@M>4tq+vnRKF?^52#w1|
z?@<d*Ub7H~H-Y`{B8m^9ge~*|%ovl{7`V4Wn861WCw$4m8}_z4?mKS62Y`o$)!X2|
zit0rFd1T827kM7wq}pFPdnz9V;>g+hE}lZ_XMc9p5{*mzQ%s?&B!=2uK;T5ojj~ny
zLnjhHMpe!vnVDLVp*^Td`eID*0-5i(&RvH-BZdaFpoKC9th~O0ti~UC$&N@sS_|KW
z3V~OATP;ugCBiB=821peq}gmJfTA|&sxpKqla>G9$gLfaa6f8=NF}mCAOXsCd4Ooc
zKp$o6(BP&2jRn@;q@4>vhtzfw2lq$}8~$8esIMJ+2!gezRwP32_0ng}b_T<;<jj-e
z;1T-c4^BU=eaCjrvETw0?z8Cy6~0g{7kf<jC^VZy8u-B(qZ=y2CDr9>mxlJiC${@O
zo?7K;MU+2K?VVz)bLa0QhG27}mU<?9Pa5e+u!2jKvEZ1LcqxeAN$eJ%7zB-o(N<Pj
z{a5J)(S6XXt971M|5g6%_CZ$gTtDvZ&{;<65iTADmGPMj@}6Fg$4aJ|`m&M-tin_?
z9DAFylJog2B{-wS`8%66*M@hw5OireHaD{7w8IT>apCTgG=7Swz)fnuoA%m<e}z61
zwu#)LDleFX<t_kPhP2W$0l;`{HR;}25<p0sCWULJLSU2F)~gX;Nz27ZzY4oGOG%&#
zuqVu;Xo|(6u+1-T4Ef9$JA-$2c4cU-yk1A<?lfp*2#KMsbSX2GArmvCX?AV-Cfcs3
zgFg(scgP=ciqY9haz!w(`t9H614FGY>%)4R<)NBO6gYdJ-;6_LnPcnv$Y6pZ-MRGS
z!Ia<y#b(@<NDsX4*h5u8`S+ExYz^<wcr|nK=lX8*_U&;4Sl6p<i0l=a67m;aLPE9S
z>V=1`#~y{6nRJb*`aBS_j14)Q4vO6DS)~|A?0WdAbW_6<a0du}xMAG{18aeOmAJ1t
zI$YASUnekt0HB$5Ocjxmf!tC5KF0cB!XxF~1)C*>WC-F$DBut=t8VUCOv^%B`_1mf
z#hhZ1okzvC?3O&#Mbx}X?}v%vaCMm5t?*;<jw6Q@$^o}Y!3vYjn}HjE$Iq9rmI3I5
z>m$!Fjd~@l0)C=-udnCx`QVv7z1wn|XQ0V%7K*tM_IX<?C&)=~DC>b$+x0b+_#A+-
zxf5`?If!qY`Xb9uDA!W$B*DpSTi;40n-8TkrGC+&{iz@lIJHdoaAv)HNy^N8RhUd|
z@AvCfvsT+>XBFO(h+EJfLf9W!{RhzP;*;O`wr5d;2^s+j?2f9RHpLnTf?9U#MtwwF
z_<H8T5tY=1$)KVw=G&fBSCAr&tjKRV-WYp92<>g6>q~)@+cISlx1Y6FFd-r)SBv+U
zA>kjwR`LRL>~^Jf9@3IdN74ggi6LAO<*a7PF^d&&9zBwA$EBdE^dFlkYZE{za&tS%
zJySUVvVd{v&_D%7;lAtM5Zg#tBKcr}KRplf8y<~L8G0mnE^^hgrvOk5v*N1a`8H_|
zxo2g;m%CFBn`v9^X;b=Hbg9<TIZf?h)sJ3bf#fo-iD~*$@s%FZwm)K(#o?eg?{NjR
zE%(dnd_To37PrBVV3n1*ZGcA7H}<<^2kOY#qF-Q)If)H<izo)FZ%H>n2;etEUd6uN
zdt=((I}DF($orb+*6uT%d@OHPCuSjTGv#D0TxzKON~);WVk>Oc6ucKJ&Ty98s1UMK
zx{EGJQrc5a%3|NF$S$?i9h0cY5kGR^c%L_2Cqn$p?ch#K1&+XE+kh7<DJwFrHu(4n
zSo54r#oDaaXsx=xR-U~b%$;d;q1IC@*ZMu%gSvZM#J|ipIQ^GJ3lL7f;S;Fy8+Rr@
z_WiY<Sx|HDkA<0Zm$AI9$XOBE7F=kja#s`YO0>=_voqJaYSwR>Tx#;te4!t93U)dW
z07u!<_*dXLW0+RAX#>QT;7f__T=p;d*<NrXda%c9)9c(<WJ7F($@hD-pB4n6qz*2M
zlTT_E+#RN^H^z|Kfay)Pfy}^85S`w-+Y)c<pPv{zj-zA@yfD+R@`G;AZyg>nlB(#1
z(_FAx>gnArfV^B7cd!0x@kHL8ExYFGW>Z!tIwAX0yp{E$P7Exl329ZQmClD#Z&}|M
zBTlcHg_x8r<1{Aqil@#DuY7?0B8BDF#6CwTu%pD)j(vNh4Vg`=T0dRS(Avyz514-(
z?tU$J5LGik2}8&g0n-n=!X4`zLm<t~&=TTKcMbkqAf1Qo4JOa&mzRcN7^1}a=f%4t
zN{I9|#uKV0?i2XCY8{1;e{3#eyDA)uuXk<&@_RhT{eZ!XZUG}oejI>}rJ!F~^9}(!
z(UH-8Cz&E?2<E$m2n?YDih!{dZ7m1WBxk|Hi9|aR(j=t0^jqVi<@vq*WLDJdGTweK
zF0jz93v($HYMs9iFDWW_0@fR6@%m7x__r3($dKE6kpwVU^i4lu7(&{W6yYgLSFB#D
zUucvQ?^F}@G6kU-?)l|tZ5~xN1=X5~=*WcMhA$oVC$$B0J$sdph@Vs?BF>`K*d6H~
zt)pW{^hEW&-)^=5^ZulI63Cy_p`9*{rMm4|-yi8)xNyDt9OMJp=8X$lN!zU#eW=}B
zEU1KpJH3F#7$jPoR>jRT05H+6MB28Sa3Zu~<2frWjzpNbBq%>NCfA2m*<(Vzw+Lae
zsyQ0<^<_!Is%+VIOAO-Ibt<6X*y!6+<n_Txii6lLT2<pX6RT{MG>EXCxZ!mraILk-
ze6V1YanQ(PtcdO!UDHtE)<B>%`;6at%ml^9@BldHVr*Y}NMR_0>sxpkIP<sqA3{Ns
zTu<De>z|M)fC^k5sxEPbx@m&5UJJ0_F5>uelBsf>En~9~$4KyQg}DQvLW=MvImlzy
z=YZaXEC_p<Yen_l3c=QYYHnMwUC>ua0`3*LWdKM5+H-zrYEUx6(BQatU^F$pMK+dX
z&H#851c(qc2E>IhR-d!}JTN1Uyva1@mKS_yV|8>|QGS=LA0=AB@9R<QkD4C`<FeV$
zaa8#__sht$xg^T~+X490!F<AW)-s)!T30D*$2UiZzRz19HHF^#at|7W<y~bJra>MC
z+b*IpRw={cFCm*t3$1ACiS-@Sw2`8~>jBB~A{q^~0^cC&!7hbmQKFaX51r|H{OAPF
zlZSdzX0)CbnVu-h#GBGJv;o&u;2a1P`GD5=>99oSBuV@8?8M$z&)>gP?B7%&+kBba
zBw>%x<xWu)US>qD!8B)_%d?vhaC7st1FeLK7ni|4`W?QY7xqa@F2zQkJ-XE1kAWjr
zdC%E>v&idJ**jxRW0@degX8k6Mp^9q`e-lJFXFN&K11dklONAaz7ls;j6AmGq}X#m
z8kLE5C@yxn90JR0QM-^;TOw}+IGTjXJl(SDE-WCQW&U7Jyb10I^ZjmxliLl2$27vO
zmwusRI3qRB8#^rgDY=@5FQ&QD^9j5d274Yg`aa1|Rib0#sHO*H5QYB&qB2ssc<3V?
z9?#Dc&>!@oVjBI$>a#uIS&peY%)RpSn6pg0yJie{!H2zf=Aamy#SeD#v|HQeZx>Xg
z2H$ik)eH-Db5sXwFGCb6;$KSOfCMXSM}_h$qx?%WR`a3B=E8GizcA#?!xy;s(^UKI
z6r$3ref_LGRKdC0YKjpK$BeiH+C{g#81kmx1I*j$i2asAUuup%EHBB9WC5PJWjarZ
zajYP0&{(<kG7!0E+7}5do6vPZSSjFmJ=6-<%TsIyoYEG83dV5G1p4ZZu=DF?dHMSa
ze21n}*)sKZG*6y6G{9+x#s>IqMvI-+_N@PeqNoH{`iP^EUc*Mo+s%!<+JLVqkO{5!
z@PX6pQK?_dVhW|ONK!xgX3IQ<D1T=%y3?qizE%BtUc>E>O2|{hLJ{ONZcX3!?bomH
zvJOqH?|ub2G5(wc?~er6ogNLHURUw{mL=vc(jVr>E|uZXhcqb4sHZ><0_Uz(FzVTW
zEIOmglIkH3g-jHe=_9et(Nsuf>{wJHq%&S)Wu2r*i`MBqcEqt96mRsFbzD>K1)+B~
zB{z_Zcmd#5m?Yp$xR4(dBVt{{eU(eU&qSfzOt!;bpTD#C7^wR6F(1|<e^3|wVKq`2
z!EXH~<oPxbQkJ<w4+X>?XlU~RYc3*J9y5n3U<-gv{;^)Nu5!I|!D?`W5)O}yWDu37
zbGktSy#FE>aG>l}y*~tOZ(hsTbV+Ypdl)%9zOgJ{Z!4!MRL1n9rba_dgCJi<Q|CFO
z!%flad7-;@@))&nUdSQ>*(b{7O?$)ikGT;9|FO|JIIXyaX9Dk2^!5G<Ppbb}ej%{B
z-9?c<;p7YZSuDdgf9J1at5PE}^QMpJfEoJS>^XQ=6dw}xEZub3(iUHj!lZ(dEXU9L
zCZ<o~g8|OcHo)sot?bi8h@$=x5mV@+tqKnLjPY9C6)o>UZQH6^$wM}Uy2(r^S#coH
z8m+HlsSCLGxB*&#HWy1Bd2Dl#s6JATQob>uL90ggKoG%$@Gwz8JY)Ul_+z*y8{{Ht
z&Ota&oY<K#K<YuyoSBlUIAk7dFI18>vS-=ylP0#YRv&8@^XO!%n1Em6K5*s4e+Z4m
z1b7mvf{5qkD<J_X9^q5xIjKxGr&D{kP1Vpj&H%(|peGBG>dQPr4DwM5)CDTe{{FRk
zMs*o;;Wy-%bl6FeE?X9^$qM45sAs3Bg%=IE==4vl_(nn4h}$9O0|8wNp?^O0SCGi<
zpNTzrE4g!$;FvP;?7@*qpoBufgamm!2doDUBgE;*dm`$VcN!b>9d!A5SVX{ZL|A)%
zd~1{>a0-ZokxJ+~P!OrKpJlF6L>4Pkt1Kr@;ae#1YplYpY|3}C{i<|R%}4t=qJO!F
zjs^+(vj9@TIJgkiK|+c>zKa8F;9pvMV#Yg_!rNdEK<$rp4!L;6q+MaDxY|5q?;&#y
z0bGhBixP3VI$ibAu2J)u0UFXMu|ZxHLB0MOaKiGs2fS9E_8F^8AC%HN%z|a2wx~Lb
zVR0f`A!jV;-Z{n_k7G4cS@h9gawIanaw^>j!8sOz(UC_H$lIW7Sw5J5i;|{&;#6Ym
zL_quT@o~S{*dePA6z(-6h3%^ZHlUm+jjOGfxi&Ku%qt<&)QnZ5zbSS#tJw1GTvMb0
zZ4o>!So9N>@$LiN906}tPEnn{T^ROPTZAFE`p>6e^Bm5kd&&pjm`F8zf0BX0)>D-^
zS+`)V3`s1Lh|*%)pl}k;PRgtoDmBHGQW;Z^S$meJP&Ry8M@>zLkKxH(w|m(pY?Kdx
z)2@1;-a)57&ebW8P}MAo4V#hJ7FcHiN9-fz1LH7gR`NV{Oq`A=r=7N^DR5X+PA$V6
zdh77{D<ayE#(94pAi6P(ZorU$H1`H+ZX6+9Wa1;NN^Ob1mV!mV#m8CX7H;n^1MC}7
z;`p?CMo3cRA*H->R-gGoIuV5HNd||?6?n4TB)E>hry~h!piiWS-`R@a*@nW>c@;};
zQ2{l!3}mZ+h{uZsuo=d1Zvs(V=2>kM8P}hN-T_};CTlAcZXtfJ{8|}h&_%q5<jBid
zneeq5RoBZ6BIgV*aSON?_O|&ISWQyrPs82{cv*Bo<DisJlLfI;Y6jnU0AnTjR9)VP
zR)Qqr5QE3Oc96?OsG}Ma4n;B{L2Jf8+yizX--Va*rm`7ofzma{2IpOwoSHz)9K};8
z7D2F1OrC`E?OMoOnHx!+x6ey=-}2cTX)eIE@S8r(8^1zGnW9#oj`9y^x@fPhM>TeS
zlYmY<`LhOKL80doI85`i=3|f6VFSAKVEx<(6Jv{bASDsL5L_Q*`#05<gz}Ug$tew>
zcN)zWGIo-ENAp>Bc+ck!Sxh?mSw24W%hHS>sjaS%_^XCRZh@nJvnP?{wg?K%qM-E;
z2u<9*j=TE1yWp8!p6Kg(e-^tF>57}4Job;2$tIfUOXpV0A1^D*XX(w21kjeE_q)t&
zfAcIz%EV6;0uSOv`sI?I4FelbiWLxn23St9I@OO1+iF^r#-f{NN|sH>SJQ}xoFb!`
zVA|o_>tycL1~GMus!B8eS=N&nAuYp$td19{KKKC>@nlC?HdLsD0Vmli<=qS?VouL2
zZk_hzV>l;g)F`tl4TFDD<43<p`?np{cAK$dRaU11-s`i^ODpn~oc)r{g3IJ3H4ws+
zO*#{@ff0AG6ZW={;02cX=EoYC)mLxQ+j-Aq^C6hn(jqAWL&XwAZ_qcK#Zu$fU~+?3
z#SsIrLbjGxSl-y87s}R+5u(F}oO$r!SHT`OK8|YW25dNOV$HdLJ9Z1S3lk%)S8a5d
zys1sIu2y7TQ25zNAzZQ&qsw)3|3;2B%UiG!c1bxnG)YCLvlU^T3{;2u#=ELUJ9GW!
z>TGlwr}Z0si)2Yl{B@ZoN9^pMAp-RqI@AYh(7^<5QeV}Z6T(8L5GH&uMUubZ+gtLK
zI!LFvn2vRN7|IIspV#tmV(F5Car9?`O1(i@qi%tggIh=YrFH+rudOG0A~@8|lgfhA
z&={@zyUUYLr$t^Cx7H;v;X4J3vV)4O(AVsq3yGaztXy|_djZRX!Lms!N^6YcnC03=
zy~;ESW~(W==~+pC*<(~`r)6?6kq!h0xcGp-Gu4&#AU83NsUpVMjR5#q6%!wIBXOkB
z0kKL2Q7s@7?4^NBKst@n<_H(1HC#VBE(2dG6gFma&F#%(i*%t~YQdrqPp{2<*v)p>
zt=U|0neHg(oXri8C@5`*kB|{xfW@?xy0p!n<6lbe=`=Prd5qM?Yk_&v$23yt0ah;9
zhB}X?*{j_x#QY>@1Sds}Iqm(6g{BCVcqJmxP{+{(elf*%pR+xzbX_)vUM}eUSn<l?
z-}w7J?*>u4>suOxc{kH|txkP}uwKXWazsCV!xu}!ZYo43H3*nP@IGh$U_vY-$R)u-
z-p>mMI-p*+06M}%WRg9b1%tQ+8Tc1D6QrZ_e>%F;=1z;V4Pq8q;LE4sP$-~Mu{pGL
z<~R{ZYXwuQ`QykwEk-W?lm^%FMb+1Z<B(7(G1&*Z<l0rg^{D(n;<yMddOk`|4t_CI
ze~8!i{UcM%ygpS@dbI+VFMZyM_32ac9Dv&&^{HrQGvtg{wP;{>f-(cVA2&n=v(a4s
zSe{a1fzR<}Jh7o}L{T)$icX$7-Yo>x&;Znu9g%Dka#6@5Ad=n-r&UA}k}LS9?}JrS
z=YxZjLr8r6*ysDZ?60qAn}EapCtc{@8&h$9Ti=hAXA|b-4cGe1e^<gjDr6nVlVd~v
zTe>$c3NxRt<J0%-YDx~Iq&#P2uK$k2NXC?>OXH&IF~c;2#fWZA8}-wXbL+_*SD)z0
zkkD0h8fpjnJYWHmuyzf}cwH3V$*o)6)Io_D;Ym^t2?potD^2O_tNBcaotI)RBcZ1P
z*-oMvl5}th#ciBneU4RG=AG(*N%HIZrUX^oMgfS`lYpwHdZ7qRkT}L5+QeHqF%*q*
z0~U@-F;8%zUW+D%H<^SX^pZ&1!s~Y3l~JjsmtbSnp66-58?U5}Uqb?ygp_yA!JbFF
zpd?BI{Ey1n6X`<b>EEGQBwofku&8akyvlVrds+@fcME@6bJ=K8C57fC?sF$^6{4ie
zAx5p~VrAO>K1~JY18~A-s<m*J=Z@}ZEwnqNwXxr<l#)DJcK)m%y){jKl7YE<YBf(%
zkqp`XrXkxRG9H>B7T;Fj>s)O1YZ~DE`D~Shs|J?|UqTo9Ygp%$DGvYfOO_^SY(&&D
z|JRI--xOL>nmg_Fd;gt5I~U7f_h-CS?A;H=`=}qq{ac2>>Sl;fz%3C!A{d6xHv4#D
z+;)c>wC!=hF;$d7`)dehK<U8a!$E*}sL&6lX<vnZIB&wXm&s~6+ipzF8s^pYfwJPn
z9`TT22la#J<#7aWuZ}yFXZ`SDYv#W~mkXgS%ZV{V4cmpVwwi=Gu+zrAz9b2@O6|dU
zwL~7*j*NPMob0Z@URvH*B+`ccV`o_9#8702xFb7n;nJncPaV~Wm>dJdGN8AMEv6zU
z>BroA!%e{tz>Oxt`41UK#%O<1s_RKoz_8UI@1go%&-b?>lfSas1@gjIU!$FWPJL>?
z1^NgMl4b?eikLe^R>QzRwa+j$j;eM7JfTtoey_p+!&w6s0=+NE?uvYio-vcH?GBJO
zji*Ef^3U$yH~PG~3N~T<O1Z(t7S)Z;KJg+cEPf}FBJ9g>S)cY!-f0uBAtWN_f51k%
zlv$`1mVG`KvEmw_V9|sQt+7{ktXJdm@<QB<ySo@3$PfV8wA>-gzXRzMuWg)K!NaH6
zq!uQCF51D$Z6jJq;<|bZRQnx@S{Zk=mGhLKZr43Fy`UzxH?l*RhZ;K*$$+EnP2ZM}
zyY<CdoKqfVzGg0bGv;CiWGc_D>tG>It_v|Qy)?#+Bk)tfW&92o!C4mmemF6UjK#8J
ze+!O!<n23wac)0owX#Q}5*2Ug={)xl&)jVw_hF|f3DiIpC%xF;n^nnA{a(Zl-~H8b
zsAm-|cm;{**oNe0j>n!J^@?$B)St3My7{@!Z5?pp4cChIWQHl54u)mEXyL&vYl$%k
zy5d@O>NdYKukuh7A{U4G9Xt-yF0Zb>YG4EFQWJG_SOXmLJ7e5*{iCh2Rdcjg2-9bQ
zW?9slq&X*q_mY#k$A4}D)oKJ4AxpB3D&PWBKzYjFvCA^(d;%rK5hL6`L<%7MiI;4%
zM#KZq?>S4s{BZ<&1!o%(i@n6t>~C9a@$01)AU{wWq`pBuDxubjKbs@+7;gggnk&oY
z|F&KITdSeqwh^a-1T`8Vr>l>OP7}TYZ^;?YA`8ik+drW9UG(c)6wg(#9I<Gog!@m)
zn`~E5OHFe^UDjFa$_xiW6zGj}1{K?;XBqF`(?So7y;1><k75zBU~Iithrug`4+W@^
z8;`A$XT&^Db6fV*P<wiTe>VJNT755Vp@FO`VJi2`qA)p<jPGI?4~ZYwzh|3(+c#|L
zaxGsJo98AnbD>iI45?T`lZn=T&>{KFt>+3QTFuLVfuAh9mff1h2!u~5n^>EJE}V6a
z=ot1Xp%hob&BQtl9o4Av9w1|fD5|85%WqM^Tj%?Iv3|B}&85k!`Y<TweMcyjiHN4<
zpn9^J7aZGs>C*Q3UCKdK)qd^^T*G#P_4=!1UjmcxC0!b?|4D$n7=p{Am-fPhVOq_z
zq5$O(8KOe6<gj|TUqbno`nDA(<%5c=)RCn>c*G-cg2KZZ@aqUi-qI-MduO?p`gs%h
zw_W|mfx#kWxxk>E!%k}(s}Z`!6<J&4*2aZt>r{Ob&O$W>$fu>M@48EqKq)~ncKiCD
zXU?176sp|Iv#oFy__1AyZ7aJoI%Cn1{&E=Wy$Uno1kJD_6_9jHmz>5<B;+tWef#$|
zs7QJMgNt8;>4NjSS;sgOiovT4ua}F2<v@r9yG9&*(|wtK>4^-r{DoFwq<vL~hzNxw
zU!tXit0~l3L<j&AX~EBb0VF$0SPr#yrxk_mRF!!X2(`lF8Ld~kf0z(URWr(PI4Z_N
z+Z}-3S5{)Timq><uV;6g-!6<;;2sr$;`)IqU>!%-iz$Ccc_YZwWD)mFMqJ=iH1t-E
zcCKF<y@6ltW&12_)!~<?e^M=q^A2(K*gYzT-T1!6pLMVq`lH+D3+VZHd)}=RZ|!MU
z7|{s;1ez{9%@=)ceb0d1FW5zHi?69;3Wap>8j|NZ_}sGWLnIGC?pnnJa@XDvW7k<T
zv@Ghe5CA+7H~EZmXZ(X32xBO<F;$xUDuhYnt>bTZY59k-lsJYRb%F}Rw0n2sun*wJ
z%Xke1OY&%$WJMl1fX#FxHmWxgH@got`9*#hg1uPs;^6`VPpZ}pU-K9H?x0e1e(m~o
zTk?`=ev1NHR)vtCo*V|w6qH2mG2OG38}xbFp^kEJ^*6v3uXW<)STlv2Y6lCpW$v7Y
z*DoiQNWJDwSAyZID#zB%6|bW!K%BhBsTP&B<ftnb%2V?Xpj20kOd@$a`TEwNaaTio
z8J2upcvxhl`yM=@I7;P|HO!xARemlzMQDB{ns2CJA}Q2DlsWPvkAXijP&RPji3U6K
zZ>2uHuZ5W}uMwv#vbpYZhGP*~7ew#PmL3;JXdbz#F8}huNb>U5?r6uQCqCnKG_^p2
zN*&dGy*}~pfpjb5jRW86Yq!On|ETtA*zILptEx-vt%S0XdMJdqJ;}sq$Q*=LJpG2%
zZD7qDbL;ipPj=zQmcQYdRCrXuU?Ph)!$H}&!>QWp%GOF9W+wCeM@Am%fgM2DRlNFk
zbN~4LFAEv}VH^5G@pd}8$nM7)%wI@!fkWk2O<!p(dmu_sdj6GoY=>u@gqIw2MD7rT
zUp~5_-&fMW=F@Xw2=^vi*}ku8-89tStAU+xk4pD<{>kJ|l&P$(2%?Ek_th<%Ls81h
zpr}2!fB)>C&ONytBu0{STZn<V*TdfV=apwS>tPig?if3tP-mGuGZOvRagU+mhYoKj
zPM?FLr@$bt^U(cFmm42S%G=8H*%?0pn2g->D@ET`<bT3Y7JvH|^Rw)HP%@Q-XDVh5
zA@D99UGH`5F-btMIISaiDV`Cv?U@JU@<Lrs>QY8H^N}^Ql`<LJXdbtsj7Jt6-DBrz
zhZAR%keI3@-X!uup4!RrlF-F`GHM%Fl#XmPc|c<9L;P(oiOf4?@Lo&$5$#WsJFep8
z7}c-><uD})aH7V40wzsq-9NOaJ(|ybZ)vn?@b*q<_M1>95R3nCAyU=j=M{g?y}>Ly
zsh{NtOZ<SBS8EYGF7%&};y$fy-|Q8&%gR&i?MKRw>lK4vxoC@T1}9@#ubQnud7H9f
zh6eH=7t6sXi4DyrTE!K)5G_(77)u%J3>1XbWkC6A4H{*Jnwg4BKvSCvz6i%SKGZ2D
z2f#<y$A?Lzh7x@r6uxce@{9F6*72CHyE$>$=3Z)OCr>*)HI*{EHd-6DQdAoz&0czk
zTxeV<U+N~l@@18KjNL`_r6?JEH<FNEI0k;iz1iHhscL_&r5t!Mwo=>;SY3QDNigFZ
zXXUP%LqR@YMQ5h`q?{jaoJcE&im`?WN-o$WTKCnyUa!0;Bc96a*6;Rs+IyQEd;eSv
zRljD{q^=RAjKGdY`pv-MKF@Tt>&h_hw|p{Yl%e5599$q{h|6#5t)iwaPp^}ZPzz+A
zR%Hkk#YyQo-+2eCo*n1kM4;v!t(=fB%r~B^lz$+jRsHDC8wpIC+L3v4>|kf0q!%z3
z`*q-lmOp$YY3gjHCzn<X%fnURrqNb1lo>e{_t1(*u@n<%F<5HMDOqR#LRBCl=@;y)
zyd{y`0e9=_TrTU+Pa!eFFw`FzUkA)0SD?Nr8i@Vwwv$rsYvaOx+3_Ory)sVaiHj{X
zpwmK7ASgX}J(Dp|F`wc4!t`ebTc4$rOvY?ng3F*Z`Wt5<TK<9mW@gIF>CU@o@qhBe
zgXGVg2n1y-zqMi}q<@jSkr&(EBde`s_dF6pzrt?+=q)>Rgp~HUI*|SaoISpILf9D4
zcX$r-rwYq=^kyiY9W(JI!H9n`#*M$(kzm=8KmaxeZ#0AxnQFp9QA!=$)NC;N0qNWQ
z74r7@S2RE0`9E$h?o!#xvjb&@wiDK`l8xeK6Fm}kX#8Z%J+R|>QC?36ERf;xyQ@k_
zLL5z|5n!pQ`Cf!mOdsliitXP$W{X!o1#Q^rsV~2d?ZNP`gm0J@(_Tfl3pfw!ix%;k
zT;h~iFO5nvkU~G_$!<c#;C@NSlXQ-Ue)DEb@>nN$Yzy@DzRz*Q_%^cEXli^BKYF*7
zomM4r#DroC;$HJ-X_NS-QwdcD@RL#0WEE+&;Hi^_S=G#x<1gt0axBDCGxC9@f7gV}
zlW*iymW!8=Q}i{{*v@5HR>G>*xh~&-Bh8Wk7=Nq>jnuSrMeOxI{0x5gFRUD^<KM)1
zW6}SGHX|UkKn&i20T)0TO+NUt`lR4=)>$H-p<O`$qkd9~6Be2om@*_3yxz|&A)n6x
z>wzX!@dy4e7V8ft5GPjf7w%{p@1Jze(uj%Zb9ngy=Nlii`4h8DVjN6DB26?{0aV_o
za2Z$u<k>)dC<um!0xn54ACDs}0{1Bm$*m@lvJ8b>!`j5pbK%yJ{`6QO`VAWY=Y5oC
zT3Cy5l@CpNd$$`(3kPo0Ax&ftquwa6(cgYoC6ddqMO8VsK#9CHni)X^lN=DD7Bd@}
zznd-7ZsxgSu6SreXHQLEi_j<rPu%`LmKFUa10{oiPN{J`TVYE9EtoYaO~p9U={;U@
ztE?bOyRkGZKw?}tz&8O)8^Gap4KNI73cQ9~lVUl4prj4*44_F3T^kzQNTfp~dd2!@
zWKK#+`~%e&_%`uF;HU4Gl7z|G8m^ATAXskm!)?dw6M7!~L7<%9d}2%NduXwUm1h~*
z1YsbEEjWOzWd?&qzKchzgs~d?tRo(2tG_T6UF25uJ5&ISlP=&C#LXS)1!LO;P}n@`
zL;{PflCKW~7$Ga<_Asdx2-9I|#Mb<gK#1v~b}BFg%7Z!F_<;3*%zYHq=SY+CEC|KQ
ze8g>!WiBw-LDgBph-7c-G-nRn3u?m1ZL3PAuM5{Oh9Vm;^M&+)f8pJOs9FE&Ur`8c
zI8McWef*&q-Q(M9TEkMj!2r2^nVTv*(cd0y+d@z#l7}jHWARtZ65ETrAuwz_tX7={
z)vXTLaxzEA(csCF;|bNw%zM^#W`_li)diU{rR0qBgZ^uV<X-K=i1oQlgS923V0_7O
z)(;ac(D!{9?5vgLT!%23HQSjD36F=dSwaU!LQ2zI_?fq7i-byDaj$OoRw|1+Xi@ZO
zUd<|rpMIGd3FLIFAg5Cd4T4v6l)iTuDFLnkXue&Lhr^yba~}1}PsoH~@5#<opL-R%
zl7d<V>Z|@)woT-I)Ss14rm;uDYJQF=3L&3@t10@O_}!rshUK{ik;frLP0RxK36y<*
zcG)iO83|_;Aqrs6m(pBa8{XW6?0LkD&knaJwD^p&Kd`kqr4ECD*XZE)!eV)I_<$nq
zL1Z$4{Nb$<qj5colb9(d`#bMBe?fuF2Y&2Ius3-kkQfw+lXtElX~u|Yn3g7?g$E=z
z$-baI#~8m3V6{2}3e@wyJu>QoXb(#$j(vrDnK25Ku|j<U9%_zx=;PRExVSqOK&ZtL
zkSTvFkdw%M%_e?QmY<`+_*odq0*z%=ecR}~F*rSxLK*M&XMEe>6-;ekd}10;%&J4+
zp-Py#8%DZ+l~0?!Uv|KX7G4m8ee1U&NmQ~u%EKV-5ABN1xgxaMUMibnawP2y@+Qm(
zj}e6S{C2%QWjdvMN({iuzVBZ^H{aZ7syr}A!V^7(nPRL8OOnewng;u40c4UW2vz?B
zPA7l{Y9WMBX5EswJyd+7p7dr3HOUYo%=U5YzdRiX$?`9tpGJ<U6(+UZLN$nxF7`IU
zX#9s7o5y9pD!4RqDsh9<HvD^MGMPtY1LZ;24JO3Rd3Ldtr6arQX-ACe*TuKRT~=Sl
z#Gg7hqQ^e@gF7+5ap-qlqky~YL9A^~35j$JpCOboYVo|&1ab2jab=8SMI+>2h+g_U
zoalYK&th=-$(d*P%CEWgsE&W{mHJw6&xng_q{dMs=ts+zcz$x#p{roI4Ga7@w8gLN
z{t5HXVL!gTn>5kFY30fD`ZJ%YQ_78#Yzw2Ej+grKNi?H=JuH4SL>b5{dr~bCjd(uM
zp2TG&?Kom8Q|?r;cfS|^a~It?ec(hNwc&l@bBu)s(gQ{ZD8^3?=I_MCi$qVubkA<0
zR3ne!pS}{FW1n+0Ya%U`e6`Ab=F`rhBA8zl*;R1i69f;N4=#4OT={a;)M&BcyIs+f
z`SPZCP-J=+>T9*kDh0fZFcg1-*(T>qLI#m^e@_c!kqV~fEi`*Ec0MdHl1YI@w)!ZF
znFm;=g;KIuVIG)ee)rE@;p4m=+<or-_McG_lst-6(?Z##2C+tkuF{Lpc$YsC9YY;r
z4Egjj&<B_2ZZsif3-`z(OjplM;|m>3obUal^!V#Tcft1Rfl6o%2VSrQK;0(q&TRqP
z_+`y**B?ktX;pi%h6b;3T~S+qdb^6;7N=wd@MBe#i4$SPSR@lu+Y2sltAhR*N4bG{
zTGF<RLL2ItXlrLeiu73`lV}oyxyQeJU;Md8qqyq={gdq9jAOe6`@UHRZw~Fo?`5&x
zsH&Y0J|txbMW93=<QoIS@HQT*Fe*gKh#nJ?vA?~h^JsZ5xx2c4PRaEnrdR{ws&gW9
zGM$4v${_e+s;?$g)L!rKH}qBeOu(@K_yP?{7hr;9Z{u7m2n5nV#4PbWpTWXRg&O|B
z-+abKIY^jJI~HBzuHOcmnogmDqqlxW@_Q(X^TTJ-74YR-K8jf<homm4Yi$;=nxicZ
zohM9BVroNFkd*qt-*(9fi|h!BMgNM6+1b}~X!;K8J*3gv4vsw#yc7G}PKacPfI09s
zkAa5^*?LS|MH6~?j(_UaPS30W4s39}Ks|0v%sdx<ADM`CYa9!!eT51kTyG!y{cas)
zJ&%p785ocy>p6`C7+`+a_#wgiig17&&|bA_H^1d|{kUc1+?wg-XTZpyo%mZAf?YSn
zPf~LVF^SScJBGF#d?jYE04cyP$VJ-%O)-SAo}u`U9}*GV$an%KXr8e@pn1e`BM@4!
z@70_NQbx?Cy+*S2yWR|`9~XYDSGpk`2uv6O^`i?U0MwQT?36@pPTB(%GI-l#_524{
zad-U+#7UGTXALOnl+68oRk74@%+92z%=6M0#>tkHuE=T>j$g{jQdzRmoEYtlq#|EL
z;%BH8!b`?>s?~1il@QZz{L8dMOg_2i$O|g3w`i1X$sT;zl=SRkLdj&kGl}&LhUf}F
zM2s3i8pi}x@d#QftF&6uGH($XB9wW_fM68L6|=KHdKVav164+wlOSV-gXU7hYQ69%
zepO-L(nl=f2v*!HF4w%?@>q_sZ9gBjbX9X8_po1r{W5<a6%Jd{kHitDqNcrMZ$N8v
z(uJuAGm+gZ04totrQ^_v$8uK~rv)lxSWsdzVe!w1C(|*x*2*Q|1aGb+;9xp2T$Ub4
zTh)$-FWD)WQsm8?6Kw*YS~OV2@`d--euaYT-}UEI_(=K*FS8^OfDi+PDXDZ}WW+S5
zEY<5$-k0KfKMu;K;B3XE?il6nX-CT`9ihOfDXE-ARhU(^5+<)8f*X5bCV-z<%6fz}
zdn%i%qp@ek$-yx@*zp`bzwBWvUBa#=bMYmDsY|xmMWNc9lBm?jw8Y}rVMQe;|6Vxi
zqT?ja*clvYtLQAUu!Ez=LZUgwzU6*v7yX?1WynTLzoXUy8&}kqn~aT693cU=8M|W&
zKIP@W%wHXT(r8;2hR~|crUTUQlhP~_TMY8mjp;)ruL_q@2oE2mj5x2OKNp;o5a4BD
zN1QpioKyjTR=tGWHOeXr4cm?32xJ?!+VKEmSx>{>Ss+zgB=p2)K+XH0lUO<TRJEYg
zIQ`!eUD@&Q5Kiitg`j@E?YQ&s_fh_-@`f?eVyk7T`a4`c`oGCmKnjq}8_?TBm|`S@
zH~3Fd7`%knqh<Y_x;DAJ)`*^l&qzaEJr=y+JJWmMTF~p=bo_KKSEH3zZ>i$5lXPj?
za@0MJHN*4F63Ly-GHqyL9uB_ec2IJTS;sz_ilK>4%~y4p7t(@44B%vtSy}%AA5-u2
zB5f9OG?oES&U*wjvY3WDw|mz(zV!L`wN=?{K~Mv%)mtk{zDJat4S<*xXnwietvUaC
zT&+jWf4`g;h=TOiX>^;WJz3yTMlqLkb!>irw+OHDuXtY*LeHiYTI}brRE0#Aw1M^_
z;D7!>N+h>OeHbl#)P%9b$#_>2WK*%JF_EWk%AzAya@+|l+Dk3MpD<8r6|cU<{L9<P
zuqYAg@wtj!0UJm0TkN~HwMyVJi9ydv02k7J$yFx<SMX$5#N_fHt*MMNY<kXKrzG|2
znM5mXC;*m5fu%bd#xnTxi3f2E?JtZZ4PSK}SJ{)13Vp!S*&-p+C!(y@i(Y2ICc03j
z-i#+H-<&G&q7E(S1O5;)<+63~92SB*Uu@<~d8rBmqK#f(Toe=;F6$7!wXw^6(Eh0p
z?-{^Nc|waL4|5W)pLtHt$x}ZIlbArzG_7`+oL%eAnF!XGz~0<O34})L%+z}lr?N%E
zkw5XS6r&#C^c2n2f;u|ye;1y+dK<XBto7y&AWQ+8V52EyOJw*VD9k*X9kM$g25^aG
z)@4YN4Q!A_v{b=jj|O%il^AHq7}_(1PdI6tvLsK=y1-flJlAeErawt>PYD!}b~+oN
zDnG44bE@6Vdr8i+(3c^L@jL&yk;wNGlkM2!TIW3Y1|PyXvHI?CP<ujjFWh-e$<|27
zQ=kQ0Mspb^?k~H#N3@--6DMe6kD$OmXdqQ5y7Mb2!B;Ui6Rm5T=%<vKn-N>ZO$}}u
z(YFL8jH07IA{I9tg(NpElDCv(PAULc#F)L#1X2`)kEj8Z`w4L|-CO#(haJj)dTh<0
z|9Yyox5Hl4#(XVsG^B_4t$=&ha|@&xbVmS_7O!U#=}a8sq!Kt?h+}!_Th^z?V+xEi
zm(=Gd{TY7QE?tv*ecDA68ESe%9-A#bkQa^T5kayrX*z!Asb_G1X@6O#833DUx4~lD
z*k1Yk#zr+CCP(Sk_t^d|XZRDgCHy`o>oPa7IO$BG@=qbp)8inveuw9!-lGMSR#G+a
z*arg<WrAgG;0)(ZBJ?Mqk#EJ8<zXS_n@I#$xmhvo%g$D)@OYqMe<{?YI;8DU868Hg
z(uLK`9X~x=uVC^b&un5pCG#D1rBRp}l&FBLC1GNLECbF0ULnA0yU4h{3opO0$?L>7
z#XR-|z|8BMvz!t)BNm)V{YN&BNTLKd5Cfv7v^Oqjs^HFC27C<ubVXDfsf@m@!>0iq
z3y;+Y`hsdULOt-fM9`KMB-2V1=@35#ST0lARw^8aPA>KGqJd(zn4LqEE*W~Ol2nc^
z1C*XF-YGfCmuKuL=m!I3GT{tNd6i8nEP3Vk3^})T2()cZljO4Je&|(oe1Cx2>M`UB
zs&N4PPrUV9vRZBMsM)zSs<yXpYQnR><mVPwv6a*?mem_96wc{`0wqoHL*Zcpy8N%7
ziIj(DG)X}0m6CeLYC_7n@CfY{XMd^~W3wH_!$CJ?v?yGe{K)RK%(2;knAP70wc3x7
zm+I5PH{zVw@x*<0l0s~~nm)kWHHK8n+U8$p7vwbbboD?6)TnOd(dCC|7HK2?I=CQ#
zCM(k^G{w}<a_@yq!8CH-Q><iylHWff3Qn~xr~Tk1lNm<WYuB4$g@jAgnvrW+MQ*lt
zR9k1>L2>I9u;i}&jkwK8=R01Mdt|z#7<B#@M4SaUm6^^$E6H#ai2!h-htYEADWGT^
zX{K*q?$#$Gc(=1*Bo*6NKGZ<_U~}!S@bx$<_u}vXGk?w>>eruN?NRcA+#h_<@ANC-
z_>zjjZr8ur=M^H-Vv%)amMiHaMX-Em&xcsM-SJr%vho-#sG`nkpJg;~SU)g!Sbec$
zYo@ey)x=^fq9t;)1*3qMgR02@!#U=N{{zTCH@~nI1gBWU?CL1~yr?l?5+Bv5MbV(5
zvxcAf3zIn)D#C1)<*2pNOA`JY&DJ8OcXWIg;Hta7@Bea8><mHTd)y*`)#@v~=idK#
zFfSyi2X0t<19P+QWg>GeCOFAS0QGUNO~klA)lI{yJp)#&={6@eBO^S+e+&(KVOB$%
zU+;~V)qByEgRCj@l!k<rG1S0l46#^DlCUg78qy$-9foGsdt-aO*JWsEanxaGw&uMl
zhBmvLYkyu%$%|VZT8KW1X+3%~=|d((Fv|}NJ>T_+97$`v7=<X9lpYCkOBe!wBPsTo
zVZEB+MI1<IO$67Zn5I#We{bLt1L}9co8!8+%;`ZN-fBVftH|-PDl)oq8pLTHR+Oa7
z=fPXUji+e*h(P;V!>y>Gk;8(_DspVEBD*XIEmgXX*qGo?kcHRL`g(iRkqB@ct4dP^
z-!^7ivx~>5WKY7+&1&UcAIna3Rm!8qi)$Y8*{~GoW&hB8@NoF>e~vr8WetYXmcTT)
z>JK+m?JO(!%nIzWV*3M(;h+aKk5ryv23ksKY<2r}yJ@N9ev?-f*V}q*TkY?6VkGIN
zEfrTj{O@4JHPau_BQNwwb}_s3h5=ujgiXUHrl!8D%dEu13AS6^v?6X3R^Z!dJ9^&J
z?N=&aXS{1;xOBfae_!Gy)a#K!t-KwVznD{oM};Q%i)Ceabmf9^ui)1qi9$amaaF{m
zjA3?a<7X_TL6!LS_QBXJ!^ieAyvtwU^=F5_zyz22i`mt8{6$<_Pl1@&TVvMMkel%6
z4F!@f*pLOVnQp-P?<jCbw?`g6vJI1y_*5*aLeP~l6#@>9e?)vxo+fw4{S7l0X&8kL
z2|;K$4!AMfxSZ=96`5ce%L?=8%3<C3aZ(1P@|zSYe-SBYQNpmQCM}90&0T2_voIgq
z3-d0^K)Xd<mVpT_wT#(SdHhA#EdvuX-MFF3wK2m{9t+`&#(yo?4j?E6lDl;)*zpRV
zZ)+RK2?A~JfBi)#G}C-sd&b2Daa3Z0Su87vqbpZsLyNTZ`I#&(NX*iP6at~^v#j8o
zMds)BzP7|Hh$r@jUx!(s(k`<=1s9qHdR?bk;4fl`AuZ;CivK=fP|gHAVq&&DtC>)c
zx@BrGy+WOX((AMa56+bIoebM}xS069w}b2ne>IYBe-qd(WjLy1({Wg;!p*1Nivys5
z4+^8A1F;FBe4B&pO()SfB52+3TYflv+fP`~vz{bznJ`fpX(G19$#;qvGy29+V@4(1
z#+)pJ6QC=zJWYx^2uQ|!V36WwoyU2_Pm4($)Fmxbmob}gg2di3?J{Qc;atXyf(I5F
z^K4uJfBqt-88aq6woo{SRmVM0;BM{*(s~{w_C_jBj&Pbgz@UKPL<RQZ0iX>yxBD|8
zyc<YXYD<v$8(|9C7`lE!iL%u7w(f_Beb)mQ`ciOvn-7UdmO&!WmE)ue6BZV*TQ=g1
zMJV-S;x~Df##LEWer&fl6B3cwo5Ef8hF0xefA)p~AQsx&Y-|MnBEa5$h8b4B9LvsT
zawvuN>1pU>vW{Rhkl0X>=ZEl8B~R4YVLe1kWI;A9%mzDmQEsNKkl|;z!Olwt%*_z8
z%7Mb?=LVg*A`s1s1S$*@QUWbtb<KE{Ur_x`?3!xs89(f8#izY5YwEpx_jcu7wO`r(
zfBKef#QE|H_~kd4oz4M+ph6Q&br~20UD<DfB#r%&L;<wp)GQ@=LNii_d~*yN>KAon
zH&qi1lHh0xX%c$qb*H{~2apN9-UUD=%RTk=Cd5)_V?!QDnw^s9Wna=At-zb?HgvlM
zTQi2$^vwi)gMz?6cgKcrS!)4z;l}fIe_iu!s1b8o2C$Q;hi_qY`1($i3<rYsmsh`Y
zKL%-!f1!7~e*-7>**o0t^ehTptx)9c{Qw78LKhtn3%ML6f{IMAk7XzkbmgkdYMNIK
z-@sBHI?^B^G%ga7*0jj#Dx#sIRF{}2kp#zE%(IWbpy}OmPcHkIjUGWIKfPDwe*~kJ
zhiqloC4N6M;n5u6E$VlB9_m$m3z8p%#x%O`Hx^Y>hZ{ju+XlNqRC_+$BUuLbKvzz)
zGK`WuBYpzZJ>1<B%59u9G^cT%S2e2~QJM+&NO0i9Jk|aSI^`|*<WlX~Fc4G{>%T+=
zUNJF>T}P8*SC9ifj)(S6H(mCXf8P#<Z*A2GFRszD53QfXv))#lBOIKhFl-B*Vn!8B
zGxf0&6PaP~E01D#@>I0GlY_tdn}9}6#3<%~Gf<%kX0Z&Mfv%jVVOd3GMS{3wBrdat
z6wt3+7iCnkDhzW60eWJBGZGx;FwZRhf>wO=8lrFRs*kP_)0hq1cpy27e~Pfns_77*
zjqiSY`8TeTcgKUy(t)mvvwo+Fx6;#hhSf-tKyC+cs1OBRnK&<5qw2Biz36ij2Oaip
zx5h|P&|9=>_<Zn0vJ5<dt{g{M2_5>RE|UbPeE9J^4I&anaar?#zX~IV<2S(*363_H
zr{RAAX*GI{X&OEoKk-0vf285qWtE0Mda?OR?>hpX8BnfLQ6CvP-k*H=(V!1upb;6+
z4M^7lx~f%a=U4EPWfgpM<)Em`GzfDNgeg~AKQ4J74i)?&qJHkjVdj_ukeC(x1TT5d
zQ`*0PwAyk{f_MLHB>c)M=TcWp(n>doN(nSi1+43!pr>zAzDVwge{b7X4Y(3r44qud
zfLW^yk#4))>oc%mBz&r`ql-41mRrFJ05M{Z7*P%JYXPuT;Bgc{&)5kRKu;!&;C{Yn
z0J>pka5(@Qw4%DIYORQ=&FR%gg(jHVGDrZra-0=;86-K$%P4^9&(JEwN|MBJoCHxq
z!_W}{nUH|QGQ(VRf0oI%HpH|r`Iqh8?s!1@gHWkY@4aiNf^)SzOK<tgddDt<!dFFX
z2@}v!kBZi-ep)6ZcIbMqQ?R%2yV@H)73isYvu9R)V_EeDzMOf4K5lOr-5hT3`;YbK
z=er$LX(at1Xs)V#@Uu$=v-&iO94t%16JToJgNrFBoW$~of9K*K#WJxM!wpc02`0A;
zZh)>VMuh}^Leea$NF1<&6iFGAq{ySJX)?+(dxbJJ;RY#QpPyuMsJzwWP^nMr{Q-`Z
z?`d_rK2PQL%6iidtHT$5Z^xxto^uOOPtBjG`Mg^1j<JK@lloU_Zchg5B0qzlH$QY)
zb3Ev1WxgdHe-C`QKbe}vz1y$pfypt&!#%b88@gTpDdLSs-Gp2GqQ03s_04#X`At7T
z3=O?)JnMyuxGgPRh6O-Zj_W*&X%_R%Elo)r)+yn8olk&(CQT&^hTYOkEI^7E&!<@$
zCU3ViOlqQ~&93<43nTj*Dgas9E3S|{E`spt_swBXe?{>@swY?R`Y20$xEZ0e2D0M+
zR&QaD-j%gWz2f!tt6|kwQ1Z~zfmFQCKYM-O9oU`ttIUOov!nV^6!PhwZVybBW<)XO
z<n@o}vIGD}cV897)8fA(R(3fl0xB}W%9bGj(3NvP3F|y(Br9qjLS|(~iZTodO=z02
zjOMJif2SBy69JIoCG%-khRNHl43nB@WwY!2_`;Z#Ip$5jSKYLO^1|fgUgvQOvm-D1
z;8d`E^c{&^-@PmCSvTeC9>k#@Bd`KSE1?|sE{<M3=3Bydh)Cm!WH+SuupJ7!UyJR`
zFUhCNO7iH+{LsasyoyK@!fdV}EJ+@v5viJne+5}lCPm@cq0EweiWjk`*$!H*w%QIR
zHPLovSKjf3c`Vp>F`;B4sQ9Z^fKv2m?vLzlCu`-xh<f@lh};x@1-b`!a-agh)EIzb
z&SieySXPB)_$}}6l_^o7Q7TmpD|ff;{y+|Ff7j<x_&&3RQRD#p><&F7M|V-};4=+$
zfBvq#?knBt|K}G2f*Hv!B`9m_@~L=Z@L;D`12aCkH>fmiU=BN=P&Eih_cV%gACokC
z0w>gYqDlpsnx3!&v+6ml{;1FdyIuw*Kv!mdofKIFEYB4qF|d^9ikm!bvMR28*PduX
z2~xcHKFzK%dAnVsh5KoCJsUBAFARtQf8d<3<}6Wh8=+O7e^kV^nyFk8U2!*XFAP#8
zBG0PR8|#ZEkh|2JqLqB_D{aUt%`(dEN3yc0F8RLSLo!@If!DluNPw>Tw2Nlv1?b&=
z5BW|(jl-Wta*sX`MfcV@Bp0aA1S?#IdO%lZNf0M-UXxIAtyih!S}$|Swa$Xnf8Otu
zny7~q#|cccLQLLng(${gnib9lH{c6nktrtdy4`yt=Ks1KwPKtxM>UgO8YACiMjt`4
zxo<4D07uaNM8+*moB4z5is74rSxKHH`Q}%zc`yc$bgz+=9NgTFyBa=Gx3JlvW;6#S
zfeKA9qh%-wbmfF*c~YkhVMSVzf4E2~x1by*b2f4$VwLB1Gcr*UDUK<aW=5F2-Hb4)
ziDon#2!Ssw;ctj7p}ZGg+BNs~$E`}M8_5%090r~3TOrOG>l@nw;<%?;FQ7MKb6D?0
zPlc>(HhnCot8O|iIoQc41Nr!&d9NO1PlkfV>Y+`p^vK8cf%T=vCy32me?Dg%6`5dh
z%TOEW%4tc%$`1o>Yz6;M5K~grJep)l7S~l()<tG7fTt#EBgHWe(<}~?w_6-KoM4*8
z%?4)R3-^H2PuGaqVWO}5G&*>HIC4RDu>;5e-y|OYa?cM<<kPdO+xs=tu%3N-|CNV}
zPb9W<!@rdeAAcL0#j%I3e~#1|u~x^Vc=HOX|DhAOaX=9Ax6A|I{w^N(AN&Y|8h#U<
zhwCr=X8Ra;c+%VZa=)&{LzcQBOBB{+I}CIko`TPNkYYu5@_Sn2fhP7`7HgdkS4o$_
zRnV0~nwC{XLsBLUaH$21&?c%$U5Lq;S(O*|F(;`BS4nY*$24ojf8_1fiq2M;X05Yv
zDfq%zn28BMjMukSd=NuS=&)x!#8AmtR2ik2;;+<25L-l<Iqp^E;p|OFdKgHYFuqL+
zivunwkv;8KMDBDYlc;cQeIy(o=6EFA?N}wN@G8{COzz?d@u<WEi(7_TL02y8tStQ?
zBu!QpBu<!53Kk?Je`gV+QBj0d=t!HIsFidfY6X?ITO5iXnPzdbfh+jJ)`%1zcL6Xk
zZhQaZ*dC}jRlWM4^Zy!n3++e--I=ZD;*DjkpY8`s5Y`L%*)0R=Hb_pYJCK=Ec~_#1
zNo;D<Z)z}ADxz(eNV;nwA-d*YOK*XE59|(mDj>(Tz9$pIRKITpr<`t|0`wUy19*MJ
zHc?I#+ktUD!X;gXa6wmQDGU8HDM>`Lly8VlOlZmjS(X=3L2DYPseOKEW+Gg&g$Nf^
z-fEtx)HL(7+_b|y@r98M5w}~01VaOVux6)M)?0O1+{Meiwg@SM8}&E!eT=7OsQ5?f
z({W`A-)5_iqBr1Pxlcy*WtVejLAveQJ1FUT^l;!;6E-Lbm_<fN?}%a{QLlla$l@%j
zvcbZ#jV$tTMT1)prjM&Y8neqem?BhYf@v<p6rn4Zaa^*9AN6RMH6+ftRhC76P!bmS
z{H)jb5zXyfTbYR|$`)dZP<gv)qT_UIra2o)bop|xEkbYab{mNg6%ZeC>;NHpJlwW>
z)m3PuhK8m{)y>htXmkk?P*VmW+p31>45Y`lCi*v)n=@B^)Zurip$<TvL~izy4qe@l
zEVf7?^uAWm6w`hMOI2_Qok)UzRLz(5hTSmP5vCp-@@eWez>-bUy$A2^bV3Pwe8gS@
zzSqu&EM?0eOX$jBRmW*mm82}IoW!&W2`yMjsv@LuRMViQj^m>VS;`hdmQZ=SL8C)@
zYz93WsN`7A0dq&C2g`md>611?ZnuZ{D3TeG*%>!snR}h+(UOUu<5nwwI5)AowwCP4
zI$@$VKE%xJ=%t5u+3(3vg01Vd;*j0Ydr4#|ybt7d%F}wVGCA1=102k?4u&P)$3O@o
z9|02G`+oaAjg<KY4@S<-S;owYcS<IlI@&M*jnpbzB;SDC=g-6o;`V^wol16icx%uG
zz(2n3B<%>@u6M^x-y~pvJPYPHuosIvj``@RY#DkAT{*0(JP+cG_^F>kkX`|SG$Szf
zE6M9RPI8CiFws-lLi7|WZ+9G+)GG$LOvG`_#!R7-D0;(kgMxUloXT@Or5=O=&^C<j
zMgB;vd5*?l-hG@R7uoj9df#qEpP4jS#faExwvu~&ZtkOgvjDt*QpsXD>rZh*2?O4$
z7Vy#_5M4p5-B%!z=Ko6PaX%c(J3;8%-*&6vmTHpVfrkd{21iJuFB3;dq9PM)d>LK~
zT{#O`60#^IK~UF(TXaPV8khVa9tJFqXp&Pqo;fq|TG>Lp7AkMIaZJi;<Fip(4<t=`
zIrOr_-oGCfIGrGW-V;01eRaDAC5Aq0#F%l?qJh7}1Pz;)6iBREydKT7OS!F9N6}Yf
z+~HHNXJJ|ECy>xAzG;&~yJ3LM^zInYc&)oTZlOaZTQ|V<-~A4@*u4x)RJ}*m#QC-P
zJAep6H<!!o8~rwX=4|a~gbp#i0%o<?TeDd0d>B`@4910ju3UvtQB-kFvNGj6bM14h
zO_GG9VH1`Si<306*JN`O#+5IGaiQ{7t3{<=u`j=!4Om}UZ`EP7sHA`ue)#Fd%k%p)
zDrW@q+h))A!2MC!7VI@IVUX<OxAdii?th@Wb$$9VdtU**EPZ)8_*THDHW0vi{B+HF
zT;;>98OV!&R|e=}BLT|m!%<yIHr0-JhIJ=B{6Fb<P``#v@+p5DVU_X>!p(6#e!M-C
z9E31%V%x(e6lP-OiN}y5AOs7BIN!^bDRzP#9bXu+YxI5DvTvx6+p_azfGu?8hJ{g9
zLoo_caB*5iB(F2dPwZuuWPThM)M42sU@Kn;*h1xh?Us$c6p<~GDuCGcY`hjKiALV2
z#1*#^h4*i}PTlWd6y*rfsQxPG`4CgKPpWF6H?JFAM^WS(17;PwO9!|}F*`!!_YC_v
zbGzf_p9juBOvLWkcws%*$v~qSbTDT@SbSmbNp84r5S@ZOCJQsvIj|^HXo8_GgGHe$
z0~)G-$?Ak;X+cTMl9bSrg0;p}12*i2YQm!Og|H}8{#VIffEcO`YNVCt4c9kdL`DpD
zHag0-_?tfvlSR>AvMc@Eee38}#GA*vfm2h0HTcdI3SggTDCqwv3;{~QqKMRf-6E9x
zZ!9<U)4l4J7dVaWxw~`U9RK<xNLtK*5d>#{qjq_N`%}ip+y;*@hmmjE`#Wx*)p}nY
z@6?A*wr$~O1h;M@!|?uMT;t#lz%z-8AHVFKobD|dEBYH%x3#S|a^L31W|)NoNK0T&
z<@@;8;lnVHn@Qem25wB{00bD8R=1vjmqGecOqrA85V{c@OojKSNN-Iz4{-*)+d!Uw
zf_;P3U_XmNL_|<?KpoSZSyH&&xgFCov>3W_5mi|l<|&CXn(z~Sz|RJy9}^ZgL7v1>
zp0UL4m`t=-z7Q>j%G(_iCUt>hnhhGWE&k>YNA4dL)*edi`R6>rmr&^GDRZ`>;y_#v
zN?8SY_0YTi+wVHQ=tRh}@o4>pTNl-T#j`%k26oyH-xhvB73CkEy+?<7cJ3&C8nb)9
z@rUAv2;rU7Dg$E=L{x|2hPgvHc?lY~Eh>T?=1K<&EAZ#tj(@D@NO;I}fO&z-=Vjq4
z?)Cx8aBb+y6{~|Vt!m;&ArDTPq$GI*96Lo$lPF<Pl-YSfaue5<FT}N>@^&A8fJsRc
zdcAM?7yYVj&ka6%WxZ*a{bQ11No2*>7P&ryHgtI$`hD`QpGV+z?dGTt%>1zYkK<O+
zhluV+_fx;Y@4@?axA|9Y5*2&?Uv_)Z{LKE#gEwiE_j(HQv!nq=+p|#)Sf6AB=xI|$
z$y5*7aoYzgPrYB-ui%?jW~*j@zp8506rsnSi85UYVMWQe_C^Ed9v|*^>Vy>fB=uFY
zp?e}HW>%o1!}J**dQ@^qtl_crBxk;s!U2hl1Sqxm=z~|K0}(h1a<6)`XYxyYeEsgl
z6FCDK2mzs-!f!&vOnbHwp&<XBq05cG5aW74)Y6^6+aFX?9(36}^$<6Ib}>j0H&VA3
zTLuzDS1vLZ1y!1nI?XGXkV8ok(trd-TqJ3o!stJ{7c)VE`9hE&DsT5<=v=X1&oQ06
zvfii5aiLf{NOAH7SKfPmpyA=m%KIqYkL0Aq92$1LK0%^qpc&jEl4wC)UUA;;#fSL~
z=-(sG3q?5IkBbi{S09>xNOfYAtD7q0YcdpIbdb+3%vlaQI2*dKZLOwNDeTaQUAN};
zSPkAA4vsL|4XPRd575HW@$@-Nea;!CzUk^m*B>r*qD47iIqSrIn$ceKVY0XH)Wbp@
z>~-TlVm?|iUxrphSJsF`0w^Z}I445OvLZRH!lGa$fSl|;!bB^7<_pn^sJz`rpp)QG
zA2A!Mh)NDV;>AlWVd_RKf{ni(y8^j$!XK{o>n~LBA@LpX3)&uoF7vVV_~UWQfs6D!
zYSP|@%3)vrFu9;$`5rG|fCgoyb0hB$u!kxFQ${r%^w1mI3S7_0+-~kA)Zhr)+khMI
z4=kE0#v3J(AmO8b#~=+?+Nmq;`zt9@Qj_=X=7j2I+dp>ix`n?}oK!~9wx{X%^?G70
z=3>+&ZZ~envJ5qeuB?%f1W-^U&V!f~e(IB~3aX0w3_wtJ$6}%;^M$BMRNn4btONKQ
z`IFh;NmLSdESLoJshegj(1SPXykBjOqR?P~pC5Li3$(9)vSQLFJL>ZdRc{=(BF5a?
z?`B9Po9?MI{S%lO|CAtvEa^t(SX4Zr3|Czg-MQyX6U0@>ZDY#-hUm(=(}zIM0f|{u
z@_jqZNRyWZD}oYQ4(v8&0u1wo07F#XZey6#&)?vn-F;}!6WP47-muHWW-j{LCaQPD
zKJ}<ZMwIP;K^~U@HvrA4iV<7p54qO2cg8P8;461K*s;tTI)8*k?9e*iP(~K!wPD+R
z)WI>K-5;n-0ZM$+`Bfq3xZYOn9@z60H%0&8=N|gp!|HLjmFO&#lb!n=eDvg^2(vyI
z=%@q46kAzTRoG;)%j);Y@BjT8yg}O>Rzt|5`XR=D(T$dYbiq!<VYjq9zY^wA<_t~5
z4aV(Jmcbd(l`EfRRhZYLDxwsosb?hj!;&;joTPE-*M(!KZf?RE^M!CmRNn4UP+*_i
zqs#_1PFmDH#|^!NVX}7X7>zgF^FN8gsZ9FI4gj4{1bZm4dwFBImyZV3i&_@OcN{mh
zE@JY3P+9QNj0>4!P^yIe_hJXAF7Fww1=I3@erB?>Y2Az%W%TD^|K}b<bASEx<_bCv
z_UrNpox{LxzHK&gczpltaMloBtnWQ|_y&yEH}F?tc0Py44p(Ehoi77GqASxVDXJ)o
z2+IJroCYb$BN~x3riGuelCs!d;3!N0WU&x`0Ex<5?HrYI+qvb29d<rxQElfd?`7NZ
z-RINQujfr3y;@)L7|yQU`oPGcCGam?5pa@Jt8kyw8u<l%u-!2R8{c_TNAKY}ycX*W
zyPqbS6A&lL|Ii&sZ!@d@%-c6BnFX0~Wn+8Rf$0!moZ6+s(>Ea=R-d$oW4I;@=x<Vg
z45`yRH}Z%-%o>4!47m6n781<6K};WgPw1%}S8J!;7t7$0=*ryLCQ-#t3^fZGKb2ET
zXc;9W3zE2?WdZyFcDpy>k;OuIBr0#WdrayboCtrCC&IJIu~*hxc3Hk{S-mP^=BTKi
z+XL2d&ExJGy6&Ke4+cGc9=WS)q|lImKR4zim|%Xy*l|`qwfJaJ69B=j?fTsduwIz^
zSo~L+?h+>h{y|yBGXO@T!veGe(!I>&!K3~}JAU&ImclG=4&)KnEw}M4gFK=uXIUPn
zd7Tg#J3`_FhPJXI<*{~3>pYKP>WJO=Ovq!g5b}u1+l>z=1e;)dv%!w2BrrRFPcT4C
z92gSKL=sRTR(kK1I}r6wI1w8tI<u{6`{^U{KLwh1*lg6E2U{WkFk+6#eVvCJ{B++J
z=yaWbbnhAriQKQqtiz@$E_d#Jfeu<ght!2s3hwO{^eV&t_|$vR@ipPCbOVeMBoyLE
z3=Qf>p{oRl<c^ko3-JHL_4s9fy0%)23aD69U>EfJ7594N?&J%TAWN0G7i;xHG!^jR
zq+TF^p4fM@>gNbPVBHmogdy+$ryS}s{w}>;+io=EbMy^hZ~}|fV6nq|U}Uij7>TZ|
z2O<%e;X>ld4@n*u1qp(fCUsQ72p7BiGJ%oBLSQ5+Z+Blf>)HhOH5(FtX<b&Y+M^2)
zABJ-Av5lsO-1E&?uuvb`s@<$cEV;n=y#GQsvVI2@a~|x9gqrX$JdB1Y9$E}<J6%gJ
zMfAMm4v}>-GbuWp!TXFi?_VSy;0i>r&;z^wKjd{aHKu|Vh}9qTKaW<`rNU9tvS}gT
zaoQL<lsNi|rL5Lf&;`bSG`0cO*O&%v>^-I%i%u>k^21fvZQIKLkLb#J^b&!IFWj~(
zO7b#k2%`Zjo2Z6?FLv8D0guH(z#}Sew{2AF(+kX^XM-GViy`)lvJ*;VvwF6EfS7>j
z%4UMc@B~j}A0R(M*8rdE!M~$sMqw`iwH+aL5rf2TNEl=VgxflQ%n;UO&}t7^3AnSq
z?OGdTwLex00@w#r0-!AJ{gJU*8;!@@HLYto=2MNoP;@1gE<`|5zGVE~zOaMt;nGq)
z2%6uJT1PZ!_3umOD7pJ<`wYgoO%enjzRMm!1n%=@-#286=fyk%_F{1iG_Fo=m#_>y
zh_0NML6GNVM5>g30y3y#geGwe9T6-j!a9m$JC9jmq6dqG=s{H8?h?>RpI5&+>i3o#
zcDV)=MhF9b@mwH^bTm63%o~>>yC=s!5cv<V|1fJsUv?k#wYp(E@F>-HcDH+DxyupG
zX3|{_S-g7PsXV@rJSpb)QM|6|uZ+PICK<%2$Y;!P8|4OnAy)`9eN3tZK~dCC#K5e2
z4nHBTwr;y#hWJBQF2XE`iZUl*5cnhx>ynfyqofG}mNt1DvBZ&uFcE*nLc|{`Z?|i7
z^r+jeXG8yNiy|hCNdOq;bkf4#e(yu<vt}f0T6Po}%|k|aao<`jt}GLBTE!7##_sQQ
zwguc9JEcW`fxFWtDVnW!xA&a_`oe8(+M5S$*D51G`+UGKc+o)22_6zI+Jp23O2Ft(
z8t>CRUs;Ej_D|~r(wmCY{+ZW>xd7~aSzW+<Y+kVpn}@F4#90{D1wX%60gv{BswPDk
zG$e`3uqca~MTH&oTbS6q0)r?0@!~ZPBU$x%!~HvdVvU&WZ#}gnVvLqWSKiNCzK0+-
zX~)VjDeH;7;2?HK(P7l%Mowx<EAO}!@geMGvb)%;fDKI5!TF(5jAS|2lOnG!I3472
zsNT)NtD!;@^lkxO?VVfv_HfvB|N871yr%8bJB`wL%FhJP#Mn9hvY+t?;mBX?Gimjt
zf8nHmtJ)p^r{w4Q-LsI0UTrv`*JN-I>O+WGU@s=~s~{=zf>c?U@|_WYb$%U@FfOww
zOUfej?bA*R6HZs42&@Tafyp|}!m_B{ENrt!CGW^bX%a7nCXBxC9O$S<R?<VSlsUb9
z<$biP_{GCJQHcrqy#PJ+&Mj`!Zw9a9naL%8_RRDEf(n=nJ&j}yjK8YB_YBcz>_w!J
zUld7Jk~|D3iK99o+_@JdYpNyySXUO?N#Y9=%vGT9qzU?r$vXAfvM8d+n8fe>Sn79>
zCB1E7<P~_}k#@fy+DZF@L`Ux!*I-n2FQ-I9MJDL(0z}X|x42DrDZIUBoBr)R<3SaF
zcfyD6nPkpUDr{))&~=5VF7_U>oCQG<#V{tG!Wi6|<gCdEr7TIZyzyDp*i<+74SW*(
zFjsYPS%CJORa)zEXO$M0cq@|8-pyJB7Cn}>XZ@x%G{Onsyzsm7D_9vb*au}lufF)&
zsQTg}PW2U{^VQcWev$g#wqMDieb#P&%a$J=h(;%$RaN|%lR6JsS~nzZ(tt+|4G*hB
z7Lq84!a6LXlG!0OxgVISiapsBRYk!aid7m>SId&3n@!UDt-R}F*;V`X4)fQqE!X-P
z2BN}wRa{Hte>RGyi+>}=Y_e+89&61k4~SRz<Wuh&0y=Rplta{Xa>(%4Z}u&J&{V@`
zMt6$oJ$9=Wy`POK5u!`<-XU(&d-1zxqOSL>Zv*ZFYI1jT$Kz$CA?HI3{K2D`yX7#6
zNfl-_iQ|w#`zYlRbdm*0A|PdU<qu8e$4bvrlph@yXjgvAl8B0962EOX_rmcCYJ~9^
zg~L79-ajA_Ax41S0)RkI`4h;0?9K2qd=`)vq6_NS*I<T_T73{vYwY$cYCRikAVim_
zwL{#k*7}&pBaIDTi<E#YBf3?UNK)*>JrOSz({AkfgOFuSkw>KAp)}X-jJx)_PDxQE
zWm1J{7&cZasN9cC?M4gW6SNyI{#&)%vZU=ehzs^gej~jt#30fk?|`j;qw8eX?Tfk|
zrQwE8gDUrD!WOP3{sy3bs{YrcbdiI;p!a_xI|bH)s};-A<2P<emEb}X3}8V){+(NV
zs$Z9{Y*2SdhsY=q(|PQX<1#HuT1O<J6bQ{(PH37l64Y6mrWucFN-N4I_hVD%(Hipv
zokvIH*>&Es<Vps`SM6qh4Xju;1HdQk$w1~zhT~<s?I(J?kRkdGR$40@3&88d)E;rN
z6j+^Z$VD5}{%FW@abX!3nV{MW3d`@@;?sRQur8A!av9D%q#EA1L*230kVGsm{G1XN
z0!L0BSA>V`DJiqu&&#4=N##)Y#8h{z=r%>&F<FPYTb4vr8=q-^CskV}q#9Zs+6VKX
zY<fKKJWbJM>@F<2JiC}GM3?BYLwvd}%kg3ae5;_JA@B~#T|+U&#hy9v<D!oJh|nU0
z36N1tin#WP?*}=pQd%&3vO4!uQ*p6U(G<nSWF3lYS<>#BF+q!KzS1MlYVWPuBh91Z
z<Eyvt1?d>;fMaog-Q9YBvVH4`x`LV#Ea1ve))biMeuf&R-ZM&txX=UzUr;K1=N6x?
z;3CVyeKhIcP(6etLu7}kJN5?T$fPJCN#5|VB;%oYp+F2lST|wDn8QzJrn=8BS>mz|
zb)Q+V#0B3rVjh7Ul*@IMdy?u_mb70;l+7zawgnZ)S1ka4T)gXk<WH+?qn3Zr2d0(B
zzR=B4!tj{v+c~U<nIUjag?c)m-cip!qgsgzO;G(s)k>%Mbk!e1l-v7qzc%##>v~(a
zUpsLwWqVBbQJN1GhY;}jB<5b96x{2Rh&%m^`+RWucHPfS-Jf5V#AO}2Z>>u9oO(7R
zz^?FC!7|T(di_m%(+y=DZY&4BLEMo_6yY{1R#D489sf9Pn^%o6GGit>KlVrHkm1Kw
z33QRub_Ni+9#*Yju{Uc0Rx?L}bpj{=xz4Qw-b;9`9PPu{VN70WtW?27QgeK;n&gLB
z;|yjBTxfzdE~>3M#oe`4ZFJ9uuY<^*0!a8DTB4DEyb6p6_6dq2BQd#sDN*rz#8|O6
z6jY60<~1dmUqVKdhh#-e8<N*WQ8iUwQ09os3e#BU7hQ2#hp}E-a>XSEUOQk+yJPzs
z3Gb4@6rf`EjD99J8w#<N%xbF1or+&yRusRAesh%`-L%!`_ISY5{o-OQE;2#c7Zqcj
z;y)~Z>cZYYk;5>Kq9R!qF&=f*Jn9NkzVpy5O=uBhEU=eh1G5YpEGWaGvUX**EvYsf
z%kU~({8cMvIvr2=)w+8zg}qm00WWyCFNrBrGHoi{`#BJqCPb7)GTjQHSX9N%(0Oaj
z3efwuIek>fZ3n@!s;*0Xx*f<)kwNu!U5j*oavUXA;6k50O8h8eX-<j=Vy`MlNEu}T
z3Bx=I;wG-@#$f?wbvIa0-9=>`7GSOJT0$;daG)bPqub_WfvbJ{O`vTBet{cFdti!n
z*MKmL#*<241${(<@#9LxY(3x-ey!UEMD;+J3*a_~(KAfrATaBg!6$$VO|Xt-wO^Ni
z_~o@<^OY0!O^`3^1S-*631%tiK&PY*Sj<uaM|BeO!#XMWVV%_ctRC~DI-Jz)mSUEI
zg9W8vRMufBD96CB?6C6C@CTI>l$YM^u@vQ)Zr6Th20h)b<<X_=ztO+!NpKZ|m-O>;
zis$jpYc}kgI*VhPJ!1wBE;K>2mz95iUE)(UyN6Q}^(M)fXBSgt?7>-HmbA(QEe==Z
zg7R-LNFpLj1yCu-?a8LVtosHF>b|Hfjy^+0q#A#^`gL`}{3v#U*Id)S^6)~DSpWLz
zg?)E$%<1WF1>cMMJ_OlPpJI|!j}O=_hxRVBvqW+?s__x(9^vSqv2eNpRivwb<iVbB
zlk1rs)Ezwa-Zn$C=Snt$O2GJt+!`~ii^tmFA`{GNSy9;~ei8nD<i2|Q8UdIQ>%yKt
ztLu~>A|gVgG$ueeM+#O^!s48jb;3ic%nq0f%nEa`pu&vGIyMSxh56O1_8jZ{Ym1!R
zC_u390_Ph3_R5?ax$9>}aQ)w09ZSA}8$>FKzr~2XHmY**CqAqRzafiO&#xy3%j(H4
z@u{1Is=y7NY2s#qJ$L|<W?{~30CQ%!I+vt~Gk^=_1<n09taE#IHZUv5!Ga1hD(h-(
zw5}@l0z{!vm&&9BRSBZy*@r=g2u5C)CZz;<e;pI+PmDJ0w$ycHcEwafsh-q(7G{tg
zZ`R*LFaVy?{Fv7rOYUVcrNx%Sm3DqvHdt1cb%}pZrG0OC@PRPzpU|!k9r5=&_Wb#y
z;TF_3_e>o@G}-+lF2Mu3e?Y7Lx?ag|s(TI$U2G3i0iUX0@z33Tf!-<MruyF*vg)_L
ze?nv0bN!L0TmGZ|)0Nbb;g7~LDrQt4`KJdNpnfI!+jnexbGQX@9#I}1n}1q)kDfhx
z^7r6B`WIl{%yaLN&_}6`*WxdahBW|C0IWs_e(A?&7W|jZ;oqKnVfKWJ04oSTD#{1$
z1rZ;EeO*OR7B!3+F9OE5)4GC5o<Tzzf0}XclcaH4S!dwofmu5b7SzsB*(<h(6em63
zCHJ#M(sVP(Y#3blwUKx-k8|A#ujM#@rSet~wW$sq-4L$^BnfQzrY-r=`{W3&X{ft?
zuNIT!_;w7>(J8j5ZO>&VuP9Ji&|@s-W@C<RPLUfGn&8`(6}esFlk;9GRV(qZJbNG;
zP{lr?-n~BNV7OTH9aL4$k32jAP5rC_iinE9&?X{rSap)*O<}hivy2@qC}X3tj^1JG
zqIRxDT$fp=1Z00lCC?qLxKf^1ZuBbZSS6`*Tgmma^<v-mMzsr>YU&w$R1y^^zUsdH
z0lYdlhVp&~&<?m4?fpHNK*+uQ<HYx$NGj6Xp~SI0-jzIx<#r;2Ts=!2%6%}mxc&k$
zOvlfCU)FSd)_WZI{ECPrq0elyBvi<4N#U}BxJ&#8WN?4qTb}=X3@n1bNm20K7ZuzZ
zL8<zfa-~-~RQM;4F7NL63H{H0jD>^&J@>@FkDrK1R5cP}jzl21^y0)n4K5wACHflV
ztRw~<BWX(F1lj|m(kD%vrg0h6MI2jcl=9HT280W+0jR9orC8ws*WB0gXaeyg=u`u+
zaJkX-<}81XT%D-Ri~scwf`pg*2<~4nqn%TyM};OB?Xo((OZ*2JEw=mx2Uqb8i7yB>
zSM`0G<|%&l@&e;D1cYfu>BXjr_NCX{9AShRE6R+AudF0x-83W$_<o;qA5aGN)KX}I
z5yAyv1XR{-nlteTsNC<WH@#yAL9OuUh0L}OvqXOsMCat-_DJ#)nzIMY9UZGKq4$AT
zmr#)j#=8uP;1d5q#*01w58ZLiM3efCA-Q8@s{Zr5tja)*cVMTGnVABG{51NQYNX{)
z`f-0`PY^$Vy|*e$t1_V>p(P7R5U`rih6cnB<B(QC$U{blA25*|;Q}NFDr-+Mqhb$2
ze#CznSXuXZxc_L+&Wr<9twXEc==p*7#mkOW5c{|LS`O-E+iHKmI}C)qa@XI`d$uPq
zYg@8vn&}?11p<h`VX?hztb2d`^UspAyI#|qJ-q|c?yqnFSa*6U#lGEeHNm{j90CAT
zXoBBahShM1U&xhsa%`3fA|}6B@vf0$Gx~o5YUbBTkwv7c<BG&}7!c~`ISHbyNmyFN
zRpU4|n_!J_0ayc-br=xZ$bYsRiC7VKk=KIGMWgnlXV!+&Z6Aro2gRHJ7&1ld8-*`t
zrO@Mu**($K9;0?S?oNGs1xp-`+b!F4a%!e+@*id^*kf63Wj+EVT!sK~iC+$c)mwkF
zgZ>D8WL8IhP^XOK8I03Q_<xEt2uM{WIp22pAuzFHUPBZ65iY=fpt26@umV5Oq5>+W
zhG1`7p_3cB+kuK31E0iDtMj!3u?d*n6q~lvt#V?MVl}46mvafAA``TD8JB=d{5ykQ
z(Fcc=K47&8fVD{+ay8Dwx*?*qS}}hi*>%|jo`eg4C#bALmn};oYHZ_YAA##cSGC~v
z(u2!3T06Zx-QFmM7wvY%tR+#lef;6|OD`yb9L-G5Aqqf+CTQ<6EQw3}dus1{%Y!dH
zAgTO>`g*UyOYzgop{?)vnPy!*epo&ipLy~?v@g6nWyf`R);%%LX`>r?`1^mpcCXKB
z^5g|4Hm#SdzGp@dBMM+ZPm1^!O6u!+&+ijK1B?!F;-h!;zzr7|%x~B?@Be)Ce?JcV
z|Nh^f{xirz{?Fs!?<pz%<DcQ*efTH(yC3|=6Y=K){v4z^|L>DWPrQ=@X1|WSA;f86
zUwZ`1Y{1JF0xw%!R0*L;6%rOf&8DcV>`u#s5QPgMM5wH@ypKw{@|Q@g1egfMBwt*A
zuz4z%=&S@<0*!B%M6Cpae>y|aq!21Q(Mm=+q0?N@dN3Ca8j|+3ZTZ$OD#kZ_5xyVr
zGkC|$o=$JG{>&awqM1eqAJ&HV0dDAvtZzu90{j)$W}Qjb+KNw@x2Tt7du$Uz-;mA5
zP$9RCMaxh~F7YK0{Ce9Fl`Roe^c%c?1bqRq;=m*ku%X3K6_Fx~e{13!9GG@%Gx0a*
zV@|O)OxCp_*%q~INT}E~@WfDqqi@V4AmS#8*W(7X-h1uWt<c+k$N0eQ>lZG;Z+v@w
zyKW9o^ypm0Y`@+MXdc^xB?^^S_KWE}iW0(lPEd&n3cn1&;}V~w@D)Ehbb^wJWWIm!
zeMGCVMFN)6JgON<e`*%N6tVy)USpC6sh=s54ZBvG(3NNbbOn`lYBh>nd9NyMVkf~N
zs^|rN-pbkSNA5_VY|tHyS<Qnp2U;05rc6>MDOwp(onAMry011p8e97Js)hNHx~EE~
zJ?<z!&~KR@K50&{JS7-F)c<l23@S1~|CfPaT;ks~s6rn*e^uPC1S%B#+>vD@j|(x?
ztml5U8-$7Bh!$WtP+3P%g^B&d53nLri=LcO(V-DRT|`j8iq>|n?tLGP8mi;a(K(O_
zRA_>hE`v<C#FvC6rF@x~iek^qSU{^J2}l*!3Cv1wNa;rjseKw%iC^cLBMlvyD2ZqR
zN&=O2s3<08f2yd}W81hb#)>Mur|kXno`oqy(jwQ4HFu$xwyNiRltQ!&rQj0(PU`vI
z^34CMXVulSDl}9n=-j5&^wOqP^!rK~EelqrBum4R#CgI<&S*}8gwmugsbAKPgN+F*
zi59?0P+5mNvBOHt87!~&?e_4h1^#C|vw&T0a4zC9e;!;%9CF~%`q?XjP!`6F_noN*
zug+N{3WR~{Z7DdHfBE?F>e+QaKwPz?(h<Q9=DFr@lAuBpJl8U0ic9=Lh8=^Ah}3Me
zh8#V%v7%Eh>WtEYTSA=ifD$Nm2yp5UAk|@6Q3qLR9bubCCMYFZ07^k+9hP97a`9rf
zd-Dfoe-MZ*pcfoyInSDe{H00H`DQ>C-m=Y3TZPtm{{5+b?vXY1$?W0!PrY|-_1UW-
zn_yjrAF~)_;WS`aFnG#|1*expEb3y~6;xt^IW2?AxWvDsIiYZgG7M=#`NqP4t14$T
zDayzvEXu2>35z@k?c_p{373c#z$H*whdIr}e@fuD3Rc6#6#5X-${vu9?>hj|w%-KN
zf!G;T^4Y#Mtc>*9-H<C#dj$~{n^Rf@k<M;!m{_}?Rshx~lXv{5dqC;yO=~Ns4e(g2
z?bPfK5YU)2%yKTrW1u1vOlKJ$!zKQmF_P$mhfx|;tYIX`3LcmxML|mD*8~vq0FbZ4
zf52fsW(_}DP{T)M9riPUN(3h`M5Tu~><o$F)tJPvd$8YJ^=yVOdcY-*yLatc6pN%0
znOQk~I>A)^@>)MCGC|ds)%soH-<j4BeQ-a|MUMx8CJzE_9;9H2&y_yTsxXc-R;6}T
zH>>^8f@(i1>x8S=Rz)-%lep6Ko43$0f7$AUvYB1;+T%g)3p%{f%~P}ot#pcp-YZ!n
z85Wp#-0|-c9J!c=0sm9o0_x?d_Zv)X+8vl^qK^EP7y4lWTTDZbo5Qf4B2$-C(qGjU
zq)M&p4K!fEn3%qHDxxkJn9BpYgBBj$>mVmO@=)MC`noKZHXkw&ErSfW#4k$BfAoEE
zlhfPSbC-S;SAM|vl)&eEN*Ym8Mk(VlSrn%%$(k^<<HBMSGY~Jp44|_1J;k=9Z8t&X
zV0bXJ0B+mvz^zEND~o-j18x$r$L!fgfMCRoC(Vm1h(qPB!vA!RCHJuq=D!+fdyEYV
z1IM7Zit9Nl;@0zcS=rtt{+)LefAqo2pvprUH6)BezK_%mC3%sBB%>_O!>G!O$ez`T
z&2oLbpj?m2Iusof>&u$PK_1b0>=Hd@TfthWJaFF|V`4!6Yqq^N;-y}%|K)!VQvcs-
z0dC>W{jdgR)Yen2)ZTkl#(e5|5UR0n)#fNBb;H>0-c0042Ut}ZY!dy@e;M!7do0vK
zpT}Yt^UM43vhu!5eC7rqQ}goc!fXQNsi+c~`*}^Ov;bgb5EIIe7^KQ*nb9QhS!{10
zjLl+yyr9^R$~yZOP{}hLwm;G8GhnLGPFwV1ptoag-%h#v^&Q>c8;9^7qouT+uhq$E
zGQ<47Qrt%`^aUTOf!>fUe}{_-P0;aWC486o0uHvx&E)9QM@dmdFi9*E-8w-Ul7dF5
zm;u1g6R;21EBUcm$&VLQ@=;mmnF5uZNXUTSwIXB?8P}eDbENXsdS4xZJdFo0{U;Oz
zap;znIoqG!@a^Gn*sn`L)B{+>-C=#FiF%Nx@Hdtl{J+%LC4rl~e<lzl02FM;)QDtJ
zDeH~!E9>Wib8X!m8H{Gq2O}fpI|fm%dPcbB$m2PI{s((Kd7AZBp1dI8tSKb$g-noU
z?;8+np96(Jg(g`0GAM*g{D)XO_Vg;B91=*Hkr>iuIi$^!qR^}ob})2of+FGtpa@jf
zy|?`p>=EciuGyw%f4c>1@vi^&dk;Y~S9mreu`g*S1GJJG%hz=cZ2>^-Gd#>_cr2#s
zb6^#y&;(Uq2CHz1e|J@XZ+ZG2U~zGqp8irFX-Na~p#JtzT<ibw9(~zuA9=D7>g-4O
za;DNe>H!Q~trYCS1a5pjD)a^a^T##YKm0TQpZ&^{7e`h-e+!b(7yRG2pML!4C)%y6
zM=S5q^?|D?-Pezv%;>^%U@6eAMrGxF0{Ki5Lq@ZNjAqr;5leiL&a`_W6H5^<z*3;H
z_$)6}<c#}4uJYP;6{AsjL<M!+3YJz@6EVmd2|^%^xR#u;dqL3+Zfo#K;<EoZb_Z|@
zox+Y+{4Ozve{?yE2P!hb9WBF3xWs=1Z_|6r3%CICWiF$?TnznmXdxZEe+=HCp?B-e
z{S)ct7>~hN4chWZw#E#f11};!1tIF@(S;n3=p$x+n3QoGk|t#ZKSMMrDTAOPRgq+I
z5u|>Q+DEg-CN?BqfDJ)qEtY-3lpKp?qi_f)VQa+ue>-^XBDUa>^vIS4B%?l7@^fID
z@DUMOYfV@w6YqaB5IJiCl<v6OwfjRSKlTtwHM$4P_^~Ik82@}^N4yN#;S&E*#(x<Z
z%30$#unUj8Gcm~U_wzBv3C8n=yZ+|~u1BCDCPl!Q`%yuHf~V{H$x160A_?jSpW`e2
zqlJLte=l%t`j*eEY~B&~Ue5;)#x=eF{OGZt!&9$L8B_EX#5;S}d%l4$xBvX}JNoT$
z|C8d(MVuk_l{YcViZG>wRZ+sjoRkq72O&x7I>>@3E$h@ybQzn-o_GPW2bFcFR!~Bd
ziK!J#Ud<$>0;@^D<MB9@e^2MekLp>X%Bit>f9%jO_k}HOJxtBV*Tl>4H7@ZVa+q?G
zp8T)FlzEtfCVswkbl#&E|Ndyk0SXpyAEQv@lSF)^B#2;ETNe5-N2ww#NHqzfogFSV
zkx%gg<P$3EPUc{eQ~ir=loB$#dpHi=@<0aK%3-EP;CpY%oyg<X+(A^Lk{$TZ0^cX%
ze-9#_l8M|i{GgZ<nll9n6`J6LmLZ>9;y)yLi9LN5vLs{?*LN6w6eoE}3L2LrNP>XH
z5lwPxCp(Ev_*1+9{)Ec9^&OL(s_*DsL#YC&;{k%Pt?o^BhLt$}-SU@ybGthp@C>|n
zckEznr*|XR$Htbi@|f)OeNDT=6;v9Ae`zwO$<co2?nxR&(gNxen4!$!Izfdd7|Jr>
zl1u!D7z+0ERTvgU71tyy6JQ1MD^es$Lej7a%ZSBE8rg@SBqn?*SpZ)`Wu1YiZB<KN
z9~FbD^GT>VO5hul?#ey4-&;8YSxsLUXm5K{c`U;j`h~7HU=|oo3B4nmVxvNCf5lFg
zA(dR>OIjs)d`Hv^M*>jvxo5Xa_VMSrlk{nH`3VA0dzS4?fceCT1L>a+a%ryk4t?gh
z&a<e<Vv?6I%P6cNnU*vp2|}7CagjHvy@NS1!CA=ya26`-He)N93U0=j7?|<cf<+Gw
zY`EQMOM6TOxzIED516w01?*S+e_zyG=L|SPg(jHmGW?WF{5zWKua@WL!C9KtO-`yN
z2MiT0ND0$E(u7q(oaIGO*ij{kiJ?jsV5m@8JP(YDT$Be!uhP$w#)f-zYnbJ6<})&3
z+ZTIOlaa{apQLy-EEm$pSbhY(K|H;SicHY+Wf&@#_>YLU(5KIWyei`;e<P)z`Xo&9
zg5-IUl8_brRKic_QDkpHN=yt@vH(Mc%Gy!1sMy3)34Y6PD$&57b=PiWbz*eJ9**Oq
zBa3Fgf@(#_b`-iGxIvsSj&9qn@f(xTPM*~3b<^-o|1`0vZRn}@_8|KzME4VvO_?mf
z%A4i4r;u4*-QI~UUU1`Xe>UvP8mQ^E?Yg@sTL4y-5H7Aev;_)%N!FcZK8`6_hGTMx
z{}7AAo<8?u(QZzl-<-r*nUSIlLjsMo&_|oII<{M!iDOC@;FwTZ7a<oacxIQe4n{^V
zq{ktTA-eLsB0@Hy%UruRYWS1dbIRj-b0F)j7WAa#TfQ*?d=OLbe>vDCRA_>FFT*am
z#D9o-V^3d3zG(j@fY&2&5SAp5(uhExE3~-+T+goFCO{@x0FXgto$76+8&Rq$_(fK_
z>E{nI%mCAJ8{f#w0pn`U05_rJ-Y}+G^NSc`zgHgXBu(SyzMqX|9w&OX22A_s(2Af!
z6SRLBRK_L#L$n{Ae|l3kX<k<aiNb`Dm>+^k+2lEC@-T>56SAbX*G&@>M3O83k)X2f
zbMIs<38L<{F*xV3Un12y#5<>ukWO(|%d>NZ^;Vz@TNQae>?2tQ`*4Z>h^i_2^#AW*
zKB{kT>*o^q@pd-w1Cjgzz>l{G@Z+7*<FogrXr-?trPTgve|*RM!&>@@i5YoYo2fc@
zT@O|}L5Cc-hoATQZ{73JMCIpj0c=>$iKLi)@!SiM*{P^TX^cJr2rUc*<AFh*2gI2C
z7};H;2`NbyKuS<qw`-gXDX}F8v5SCzgrO6V#)5xkj*vS)9`=fvj3;<Ifu$3$SsDCN
z5B@>Ad@!Fme+OxT3Qh2t%aA56@gFqb6n!*Z1y@~7kPHNZySux)yYu1h1ShylkQ<!f
z?ry>1;qLD4P67mb5Zw3e*|UG(&OI|dQ{7c9P}*2L%*u=l^%HciiE0D0?l=q!%m@L!
z2;VLu1C@=W8a}Q5nCM9Lhpw39L6iGC-7a};KMA{|=)rdpw6EoQ5WRmz$XJ@w@mtx*
z*ZY>M?-zHyk*>}1kWb}3A)~e4SH(bq5G07-JdC%8zhemKyieNljmnb-J?ak({WMWg
zdb(^CPA<9`SM(1c+qdWAo90r=9fVsx3P^KtFX4*6#r^Q@uE}@Sb4M2m*f~T?pX$X#
zLK-IS?%fX@I{Z0GB7z*s#;z3kal1IJ^0>!TT7V9XA0G}Vp5Gp6k2?D|i5=<&!TBlk
z<<e8sbY1|ijUfMLgqFg?jI=)0N=CXAPDS$(=p<bNnkLjI+5GvkBCkGwb8~|v*bH2)
zm5Vc43j=2Vq7#{!wEuJ}SC{w;&xC6TW7RlSm1SOZFR<3}`0=ja^0Smd==hPLV2S8|
zVs6JCgC0R)b>w^^no1bUXMKHss|y=?ot>q@8*+d(;l#a*kU7&IiAs4MailK&Uq-$j
z5SBS-Mxh<k?eO#K-CRpXdQZ+998Tt5X?l<?1R5C8`%T1ie?zex#FW6IDCGRXU@*_1
zGv-sz8d1mB_4;9DcVN2!%TK7a@-3(Q_mDIU>uzJQ&(<nr4A=|m7a^Zl_x#Qtt3O8A
zEC&FJ6-p8oEbCnUpx(4{owZ9IQOCrE!_$fK2DA&Lk;%hf&Y0N$Uga!z=YFvbQais=
z(^<`z^kthSb57Z7U<dB~iZzvqmHMl^q|ounGZ<nRI}MCQN2r(u`723d5q{3Khjp88
zx*d4fNOc*s8vd_~XS%9=s{dtJ)~w@E)5HR{sC9AMh20@iCnk%g;L@H4ZP|*4jJ#Q>
zUyzG>>rcQx47sSc#D-mF6ettal;1R0sB0HuQWR$5vlMc#;irxZ)4Of+v(QsLprj$3
z#o3c(31ZP5Kff#rlfdvD;n4hEQ_wAp$6f<<Q}Fgp)jt~xA6CL{5#bC88Cv=mP9PK#
zMMuyJ3D(iEOt8z-SLhKZ@=rW+6e|$z@x?UK#v=8C+zm=;C25R*s7Y8E!^&u(*QIZU
z7Z;@aRfx2Vd(-2i(EJOL&~<b-&=I3a&>_H80v(G>KuW7CyO9wOFh3|NV?_d%EMcnx
z@<Ri)+{8?%OTH>kTilahC({;602W|G1!a2qj!%fe6M~(RYUAz<u12MxDtxNk#03gn
zn>JSJ>3vgrlP!|gs0~uh1A!lCkoOXk?Xy3`U5v!EP|Xj;Slue8u*!mAkL;ptH-!!T
z5FBf0fUjI^b*mhr-J>%8^eAq%t>{3;9zqkS#!=c#at3E*OHPrHx|{w2cm`nVR=0jS
zKxaIIGWy$R+kF5)^;jw^wbj5#Z5ETJl#g0?z}bGD7Zd&0p>s4LS5|-}C`H(w?p$@+
z27Z(kAJzajLnD|BVumC0&(yE^iI3VAU}8CZgYy5aJ2~-vh$-l2CiM(eppTNBY*9U8
z6lILr*D~XH<rCSCPaQ!Mz(!(y3ytoMec+c@MLr_wWXB8?9wiy$Pg;*(CK9{vbN;2|
zD<$YbEu@z3<9=TmwjG0&rW0GdygEl)A^FnKeRo7Ibv0_A337Pg^QeLX5S=EMAAj&j
z7pPhx3>*(iELgdqr$2fh>C2KCtsWuF86xxqN)GbV76C*Xt&MYL0G{=>sIgirB>MLX
z`uQzZXMQ{)-=s^JATQJ}@H~r6=AlCF&bA(FQ=NG#1i|xk<;k=oBtuK|)9VtAhmjNc
zkd-i7c@D)B+UFr&w3P$H2?=gIkvo$}N0|G}Y>{nJJ`XWM8?Vtdv!QD^fw{a|eLm}y
z2a{>ubJ^haCnst#U<zDMAd=TnetvP1AMb4I?G~+mL3$yJOm5lC!MWE5M6drNE`WwK
z%F0TI!hx`6n^_<@Ra+y;MS-ANcU$RSp*m*r(u*v&TPr=ey{tS?h<~AfKr^1zTTdp<
z7^5bWpw37Y+Q~gcux$FRrkD^}S8C+Hk!S8~?L=dc`hm9qle<(Wt3|9F3u*62QulWk
zf92j>LPKh6thJjx*HwQ#sg9Vuewz1g6llLIZUszRR=PQ3m4e=!xwe^~wx(g1%k?d2
zWeU@bUL6Hdu@i#G0}UlvF_-m-=g{ac1QrKfBE%FDrdF2s>{k#<7fz{1WNda98jAQ6
zwI$WkSA8R3akFy!<O!<oW3$S1S*PGZuziW$roNSvV-8uidXT%>@6dWJ_T+*8r^Ie0
z{!;Rz00)+%9x14D@@%er45raQC&CLN0XBYzNPtLvih|$g`aiFXI8oZPY&R1g{?kgU
zt_>9w24-;f##l>2rO7BG&x*#}^Fx2^$8)7&5lRCb3Q}3iz8W~7&-+Q4GPe#A7$m99
zFJCs3SX+Ng<OyJ!KqdY0fz$aFsbgzgr#%eX6(S-fbmy45oP%}kl#<!<N@uAG=^SEn
zHqnhOV5IsL3k?#w?eDGI{&v6tm8og^TnbZtQllGWN(W^xuZa!2`!hK!h2{>Sl`CI+
zYW4tF6V2h{s(M%tJ{5tS8ZVPs=->wXIt8}~s6D>bWeHno%et`#!yU0r65(VOiT*C~
z;s!_Q5#y%%O9=6ZwnduH6F#YyWiSnE`BHCd^=p9gKDkM+&kK0JCPb!hvS*FBe$z%K
zl}};DJDbp8yrG=h*O=zDO$SF=;Tr*$UoRkSjr-IHD-#G2%~8{6a*w`NT;}sdwAR(u
z`n~1<x=T+#S5HJR=&iN{V}9(spxy87uAc144wryPJ8o|;gRV1S23QXVNsF27dYyi3
z_12mhF^HibvF`|uhmfPZaxzQ#Wl?iUz^y~iK{1}Oiz+Gcy81sK4%Y?Xjed<`!~&kr
ze&I#xo9p7Fq*e-i?Z$y!S4ruU)l(1=Q(;y?gCl<;YlUQtY6DJ0@cacIntN-%n^mUB
z9J=%S%2$00pHkVQM@dJ`uWu5O*P*Eg{U#?qOfQf)SY2vIrMTrgh-7}Nl8K6X--X|*
zqS-yHouFZ8N{ygUGC|Z@vKrCBIsmp~FYDq-*Z1Fg{-arj5b@n6o$427&;L5n$l8Ay
zc>8~ww<>gghRV-+EDv;;U*X`c?2BYvE_Zup%9S=??pf+&JB^kQvZ<r)s3FQT-wx9B
z5uLK!YjJ1K0RwrxKMoiIZ}a2xUbjEc1TrKz(E|6qJ#3xhOC=W&j)hOA^np~)fYz?U
z)FSG@a`}-O0ngJZ8=AM=bt<Izq0{&pA2jhIR<QWpSX>X!jp$w79m(L~Ko4XV@vKth
zOkN}2_a3LLQOU5i?MoLnqR3&t@({X_n|yzzkN2OxRL>vcY85%I&d06#*X_r%`>a;I
z3GZF6+n=>bb=(~rG7gK>(}2;i{6xx#iU2cQbj9o_Y;{Z;<rzk?)<HcktoIa_A7X_K
ztd{wX^IR`X4OQlNuF9-mY<Cr#@g-U`A6k7^JG^YlEQV1#Pa}x(9STNLoE=(oK4(Fq
zsq^$naZT21u#t;6nJ`k4V0=*)+27ZkA%(HK-CsBe6Xd8>Q}M|QGk{BWrcZ?flnEk4
zZ|EjrwbGd*$%@yQt#<y}&@HeIT3v#43-i~ll>M}Zejh7#h{YaFLB+5#%1vN+e?gK$
zKjYWXirbDb(G_zG@#wo#3H)4iN&+=YX?}hqNNQu%8~`*E=%bT=2wfL_Bc5;wE^B}-
zV9;7|RT&tHvG$HY1vU#bAz21x>?=+B09M{=#<!)j$~bv+t8U_<P)NYGXhlw&{`jEs
z-z%&K?>*N-(&zc|Z`)jlYHz=oD(DBvVy%{3yzUZ3!?|F0K^N2exI;4MPVYbEPG)^V
zNnhbsB!EldQ0b`SH2=%6zoqB%C#^W)o`i6)R91x02wi={fDO-eNKv7_hP3Zdd1q!q
zqXX1$<Wx_|D95U}d-<WNuLo@RZc(7EH*9zrC4SNV4A--7-Dt0xJCk0G>al?bwroge
zbU;$?xlRAXbri~vfg$;DT!Zy_;R#{~TnK6?unbza52d54o;e3?De$AW6q=*uNB9m`
zCSYuo;QV|87^!`wq)181eEakWK?~|IT-W;R(EgC<Sto!=dQy=jBx=C=`CjpiZCCyY
z&CM`10h`C$#jlHrMji8`Q;7jlsvp~XCXxu^lN_-2slD0huh)GeO|=pqpk<UdnhQ@+
z&`!vS_^O>l&0KjQ;+BbEK7soK5-YZ@=;_F$z$OFiS>Zjke4a87o^+3l!k(f>6HxtY
zAC_R_?B63G=KfyEO;Byh2s9=cIf942LAIiXj-8^$Hyr)S9a18q&rs|GhNPDq?+F^;
zEM7M8@IL*$QZxFYqVvap{gSg3dq09a7p`x(y-pWw`sx<IxcX{Z6V>%(&E$a$%VC6n
z-iigdjjgg*K|1mCu8RNV`Ne^Zm?d6k1(IfX^gq1NO5Y{W9fY!sXNkA<!&kIgJkG*K
z;W<W`$Ck!+lyfsl>o)8B{qvrkIcCfZiPBBYA?XC9j&+xGE#X}&In``dEbwxPI^xoa
zBUhyt;!mKJ&`cI&QJYDole1tt^n4QBv9AkAW!)C=w%;Nf8f>kU&mTCUBzj3{ci5~G
z;a%I+eXD|%T-tMDa-bqKJR<85GqtK3Bzs3<ioTEcqLn=FxVu{;LUekVxvvEyYl5ec
zxm3fZSZ^mIr&+O6@{Aqyhtv??U#3}ag>0)@)Ec-q<&DL4Mb!zoN(xHmedk?iYz=|Y
zSTtPOy?R&-etKS!PF$G%f;BMWstD-^ZwtZ8p9>!9>utG1l)3q<5D~=8z8zR~UN9Av
zZj%`|7@y%^IN@UP{K)AZN};j(e3$Ki+M`UQjqFNcEby8Vpl>sKP^>MyXZdk2@-&Fp
zD7<I7+g5W-2P4cqGa5L&c%v<eYyQMS!)h<o_zCxL*YEY+rV3Ln;&L(;AL>Ie|Cr&^
zDJEe^08;Dz0d}Mo@+s)yvT-Z|917%cA5g14odqnTo~+8xe%<vq0|$QwhYDTO>P;K@
zG+~54Y?t5&<=4(F^U(j??F0)75IhWY7AatRZRtp=h@V8b<$dHm5+r+n$UX#AO<!-L
zuQ?Q_+9~|1%Hu|1v1I5}oDWSTeCAn)?xl^21)>i?6m+F21$aIe_oHx|#|-%vK184c
zl#}6Nhg@)k<>YGu!y|PIVdM8!J_nrMMBZ66-#AxHKP8nHMf*|&yphUc0gKS|BWL4L
zne8P3uuPZYXQb{phoDuA;j*qckVHs_0D^T<ZEx&)NzLpvD2D2xu}~sH2wk5xA8(@_
z0R7jnK7iJTkX_P=apv3$d&>NH&S7rxfXe}Y>_@%M8E=XB9$(6HpK;WdwAfK5ok@~7
z*8`3$FiJMytzHOUR-#GUnEM#ReI!$NNLrb1KmjoS-CUFIbB6nKrFes2g~i!PjN_@$
zYM7(0&^uY33}(Ff8>~=Av0pU^aRp+5Ids3NaJ#`>qh!USqmw~9WkIR`D4Xs43^dn&
z`c#V|k?1%C4I&QHdif*scJyN)n)9>uS1t#7cZnglzrir;y%n&cxGdJxkr`FqIhE%>
z=d*6Ces35W6tsFtcCk;lP5d)^{vkFSAP+LGXna@&S}eWIHCuNkW-V%hrnch&z9Ntn
zf#1kjgYa(aaN1Lg##KcS<u63__cK~4!rdFdUE?wS{%}mXKhIR#w~%mJ-taVQPGfMs
zE<t*wnn)3Ah)(fj#~f+Pke-)Aoqdh!&y47~j%kd<wO8{~%oORlIa?0?)mn8uTz9<>
zf67vuHx)s#^tQ9Entfl|5&{xXhC+7T-!|J|>ZJQ}u0rP2I->a0V9by$+`V2`jp=Yx
zT2twFzS6Rif;2XIG)62(h?vFxUm6aTd_NE$Y<IGV=6H#~J<mHThYHnTELDIR#CS^j
z-FEa?{$$DmDaRM`S90unc3k~$zS(4`A;WL=My2@#P!EoUSti7*aFKweyqsR)p)Bs>
zlZs%=ltOy&2P)EQ=h%%!CejCZXevzMFa3IaybapWVO?-NBfN@WZ<n$@Xa3c^UYur~
zoT3O};@y>|?y;Fh&*2Eno~C`}x!1wwhtZ}_<+lPdV9G7BedDqK*ZYA5-{hR8;q)t8
zT#G<y3=;I)H?zNHCH6o&rOaltwr<*79&g9#)m-BQo{x^Yga5LG8Cue2wLgx-bfQP=
z7)@dpRs6-;j0KF0%6$uMI_?Bq`C~#)J@%o#<mMMA6jnd*cBdk-bQutqL}x-dIYLVH
zp2+D#dsdV5#d+Ge6K3PO&Ilo;jtO4bGZ5aE>_{-I?Q;2;FCM7QIKji(gp?9~pZ+~*
zRLAfLw!ki)74rz7ofBGhcvQmNNzbV-I-jVlDDZUhKMixz?diLSGRM+HyAZ$fLD`dc
z7rxct&3aDA1bYMZX3H1eX3G}8B|Tc@<odk*usMU;C!>f8s6IZRrYn9NfenI{k*(eb
zH(FX9*kY|^O#y9F#6klU13wcC#uVymsLXPDChd8RD@s!Bekn8o(>)3~(9gfI{h0T{
zQSSGzD%mxoVT6W>*7PVsYnQA8Pbu5?f0;i#nqJTb6fb#4PO2Swc|X|LZhlD8PJO`U
z-FPP^vSoY>4n2S$N5bdK^#=xjiEglcy!bo$FtGg&Q31R@Zje2BM{5$y)JH_u2W)8f
zFW(|q{w=?=BVbbt^}w&<`X!#_=6GN{GzZ3i)NiVEMi+MFblw%-%rwE_i(bfXU9tu`
z_4zkFL7AD~+)139{EdC8wtwk7&4&SB%jpUZD#{M7z8#`{+}(bDJe>*r+8ce7-`72$
z8gBWQ;|6#>H{`!_7JdO4*X_3b{rKufh__9apOXhIh`yOT>uS-7_eMn<GMGy;Q2*`v
zc9iT!?mn5!Z`1zzdQ&cospzJYKIM|p{oR}fdvKwNXES0(VaL0fo!6{ix+@h2jmqLN
zcnlvqdyV@5R{kLDPMuvZ$hz*a$L`eS%gvwU?smY{s{8W>F)#)6yZOKKRI`&V8T6P&
ze;#^*Gz2pB3TH5IZfM@;caVToQyeW@WKZP46Jm3l8S3LoBnN+dMwN!&1<6_Op?~rg
z|9tt0(Oy=XWhxO~7+S5W&DwQ7If8@BUt$V5O8JT;1lFJL*HhK`-3U8!p@>&(;yrH(
zIXy5gxT52Ml*w|0;yl?EL3H+sbd8ugDlF6s59SUyA7kd(+WVeB>hHVEG2_tv7L`|h
z1aky|oaC?iUsVv_XR~3}sHFDI%7v5)uGkBeE8ulyl&gR5E~PYz7WRip2>MGTphhVx
zK_la;KtIsD852*5ko%&Zc>2F);MfDuZ@}rr+;-)v8s4eSu7LM7TV5R-`TJ3Ql9$~U
zJQu7^wg@%;`Sx*+>Ezt@$nERt2glC~+lyfQ&EwItE30criZpcks`!g$5`wJ%`Csk2
z$x7`kY-~a^oLK5EH5QCu?^xZk!y&XmpT}T!QtWI8+ek{yUzW(nQuHI>^=2mFEg(vH
z<i<b7e$8e?J`6CnI_2jL^cvlF%*Sbea$ttTBoUi9e1a15*Y8tBBs~P(O^X5vG&isN
zmCENPicYPj<EP^1-=G9?Om!STG3<ur$x9Yacb|~a<*C+FMi%(AGX;&oG7rSjtR?@!
znf*4;sG&QN@lDHhL0g0-2~>Gr1!Q@1llJxxiqrLw&mjz#9bBjtRPlz-Y9hmp=&P-x
z6N>8ze0OGMaDU&~=;`PUo^BDW?&s-F@6@(A%zD+@-pnL4Ib71jTQTrBof+?xlfWvw
zY*;J7_J78`mA6VT(*baZ93J{fb8t(Y{AT2r`Ot|RXEv&}=EBuij9Dhj0OrF#v_AML
zLwGPWg=?0$h*8A)BtnpC^UGlZ4(IsXZD)ThvQ0wxdt$aOYwyv!ey<84A>M4&E!$21
zezJC{HY77lUdB12^J-TOc5Ys{BWcpY0tEN3`oGl?dz!>&LcjeG@l);$_m)ho#6<Vk
zvZu5hjO0zzTjX}s*1C4{2ZUpU4v-Gw)Eo|OF)l(eXOYA~YU^G~3oo_I7Zv4ALZQek
zXSMz!-C#ercB)SOw`nEG)jI*t&uVipDr`s!iv1tsBJy)^y<2jKU>H}Nyr|Cb%h-Bb
zOf9nR>R0aX$2FDOg%z~Q5=18prSNt3vfr0mX#S8e9hx<aGzcln0FR?v6_Jn<9SUNC
z)<%~tdwPkz!M2*9JDRoha9eRuaw}6tQcL;{VGLcihyBc(V#u)tEXwf!8jAJCp*u!z
z?wHY##CW@H;mxr*=DX^y>6H!HJ-Xxz;S$RRMs4h}3~W`q!=_^EJT`Y89!14*MEl;_
z&^i>{7ag7IA8>&|ikh0a6yxX91)A%qt5C}lhj;lwhavjq1<)|nx)B#|UftcG<qqih
z_Nvw%vB<%B-J8eiUWt<jRAshNXKuxpbyrT@j?jCAN3eK0una>C;L7j$5-bD;KElN*
z*Zr}DkvC@<r4kRnC9gX65^`^7hb8Rn&7F96o>B1MTHD|X-?Hw}^YkiTT>5*J;CM*d
zJTMl!t&_6V7$VN>fzbXj-YrU-K;(Dd;xIi?gS6nv&lOooL&?U#pjhi>u+Wf#AXSPu
zF0!i}Yq9uyBq3e~V54-6ev~;M2vio03{ln&xw#>~6n`xODNbkZRL?M->^2Gh(6jX1
z39JE(J?+^Z^Gg5q1ztf3pdIpI{<(KhZ3<)EzZYvr8x(f3n60J9<D4ZjKTpe<Q*j#*
zu#(mm#7o_4`i0;Z7QU4SP8tDyb1F9ZJ2Vixukx0@QnY9f?6zRVNgs@~myofp|BAd}
z=XXY~!;kUd|1Qzo(_HoH$wrP(a`=cW$Ay~JcP$flME&Z$$A5orHJuf=oRXrAq&)H*
z%+82dWLs0NWu^TaA#Rmo^w=-Q)gkLJQ60m}A`-8*^jSa0muD!GsPiSJx@EmoB<Xbe
z-p3t@faJvwfSP<1#WEeTa}-)6$L?uc`HY$=z9-Xj2w8`m{r>!DPp``4p~Q*l8)|A8
zbrDCz#7GXq^v7uy&U_n19v?-}v0t34gH}@vYGy4~?BK4Q6oM;P4&ye@6a~6s&Q^7a
zUR`gH{Cb^(XwP&w+Jy8;tS{XrN?UHk7piwe=c#eP-Ad<~tu`yuQ&*C{wLUjDfQc{W
z7B9VFlmbh>w{QMcl+%qxz}`|9(?ko_0~s$gbtwnT{U<;fi9)-{mSA=>!R;oXfS*^Q
zy`pryt|1=yevL^%dg_PW7m;0THstj%J%JK}%s9%;wP`~upW(jM;9-<ondrwhkNb?U
znJNG*<k7lGaTI@T;aZYRpF?6v?2~5D(oHDRMk&-@7iYOjTGCLfJPTh9kYxKx(S77c
z<?0Y@GXHPa=C*_PrF^UAl4Jbh*VwWNxUlEJ4j|f}>!0|_J90Kt|7n5B+wjKP*wu?j
z>kzlT5M1!|$d}G9poaR}+?{a~pUMmNzbzBM349If6wZYSr@XgU^!?y*%u1g?C|qFy
zr?dvw+G|;mEfR!gU&%DDt;|gteJuQY&tI23PT7V16j2FWS^jwj)5aEr&aC)()oEJg
z3&l|j^uM<m4JXGIb5l8`560D&pbA)z%|SE2<G|kD;J!o(B)r4b;Z#JIF&Hlv7o;8_
zKE?=?WG^4dlogzbQ)?C)os-mpW91aL=84C)F&sVDsm*-lRJg|9X)a~bGf=22^aS&|
zadg1!uwPWy%H&IQlySDb!)g@nWvb(Mmf#h$1?PSB+8H+MhGs_e-9nFqoj8%!5Yz|0
z6XoQrsf@a(2@{m6&s_+PY``jE-RuAy_)C3Bl}kA46C9AbROopnT5KiGertpe1Q~C;
zHj5@KTXS!9=f4Kp>+mv(N{aSdd&22kZuSdUqxPwhp6DPs<VwN~uQEU!N5N=C!$T_X
z4(*z<dT9xwB3TZ~lqm&c?*?bY+RVu4O_`H+23#K}HHTn9dS;{4t|pYS_YhzhNmaX_
z?Sckd&sWwfHh|$x@E#Kvr0orZSJrqbVHdP8%JgjpMaafdAZYkGVxXwYiLV>#i&Op1
z44|^J=gq<eGDJdh6WW~Bo>|)@BsywUth<Y?ss2-o&J1c{i)}ZJBp0xCZ3WWaexGuX
zg=)X4uJbwvg7Vo<oW0yGnt}Hj#k+XXsb!`$n3-N;K1DBkR8{+ctfg*uoH{R??Eanf
zs#e#s@bCAa*f76my8ts0&$BM<E8)%U*tP0Fq7^6~bl3~+`mnEYzffS6^$>A!7)Rx5
zzt8AR+H0)1&@;u3QxYyGbz#N+cKjt!cle*g$uT4DW4oGzIYT6}z#w4RUwgk&M$$JV
z=xHv<WhR;Yq(U#E$1nzR(1SCI%6jY0ZWpR*%gbKGLi=_yEhiwbE2YDHmCzj@gWMom
zg-=5+pLwC+6`HA<T;wFJzJPmM&QB-xp#|y_3p2;ciAf_+HRQ#ARYo(;F#?r{Fk5e^
zU0z)n`89}G)JeJxC<4BSv@X}#37TIz6Z9p_-a41P@hgtnN+58l!Q!q^x`!9;5NxgV
z`@5eOOpmAZkQ`ZSI3|6^iGmD)mMg3MKq*H%HVe<0AO%){jSt56!YEi1dhG14|8B#_
zG<9^(?Y;^dp@q)uJj1_ytU2A{I}`ugCZgUe3S(+F+MOSyX$3lSW7m35<oT)oV!$aE
zJVB2xzl@EsoJ};8D=w(Z^Etbf6V);neP3x!wKbqQq_oHAh>e1EqJpfk#o3C17_Z^L
z6rV=-3$5$cZK&l%^=#c+rEngzr#C{Q5kA%WH_1T(f|kJ%s-#?+q<x~j3L?CJQP}Cv
z^8b{vj~h-WH2`jrSWN~GI2@!c35fBR%H-O)`ot*ixCZuaZb*(Y8A4qLqRhDSSHsvR
zagYOTG0tLNL$eRbB_*)nTc;#K<EDf*u$9ePMr$t$MA_+-#zxN5I_#r6%zu(bcEOWK
z4@1LYL@5ue7x#gpM~M|E^M=2uIJnc3O8zQDle5Nh1{}w}z#E%vKBRuVA6)l;Lzy9X
ze%~7gCF?H8i9M|thj70P1$=UP|Es-)*xeA&w}&MZ@Z&brk$iZ&fBw0kvAYMag=5^O
z^<>;S?gar>`RikmQ5&^z?!?7_+$&Q6YMn>9$|rzshBnxlFw=akn6HPLuFyCYtCGom
zi_czQACOR(dBjF~GaZKhz>88=0acLJgQyyx{*KyP+L__`y;WU2f1_JGnSNL$!YZ70
z{v0UAAEsc~dRS!w%&+s^6g|vxX4F-6b{3!Qc0K6cD3kUKAmlsL__r)dN)%trFEuwl
zHhO8=HEyHdkhH_Q*9Yvwc^g{6I|497vGsXazyXfvs=Xw*2Y%_jdkZQ85(d`E`1&e5
zE=lcVu-=iA#mA6Bl`PV~pEo;Er*>1O)=t9|^MqmLbL1PaWS5m^*dE?{6Lfr<gk=@S
z&d&Nuf3?_oqf~&vi~YTZg5acXbthU_ntTW0MrA7Va{QOK>TGA3)r8uq%gV1Mls9HS
zKxC}DM}6<Q{w{k*2xw2Y(Z!U5<>49bj_z$jVebBSL`S^zbrbj{zL{&+jWfZDXwBHU
z7TtUSZsD_utX>_U-OV-LoN>8%2+7Rp;9JD{%Zu^ULHR<As5m?5rmtdx80cGALD87H
zwY^1x`KRm(?%|R}v9iIj;J2TgVCE_{;NmRPiF?iI5u1i&R7}q+fG{80<(+uqh3)yT
z?c-u+!-RFm;y7z`S8ALwL)6<~Cu-Ubuz5)6t>Z;}m8c)?GIosXwa(wkW$duP&Pz6p
z2&Pr@(GN66%!BmkyGNpN>RuOt3wfMW1m5@>$HBm@S)X@&_n(Kv<9n0Lq@_xL0l~4L
zs?g3I)5q$7bc6GDE)7YziJo`-D|a*N#Gc;lK7bz5Iyx9wdOIG5<;1||CEv;Xx>7Wi
z2mZ&DPP1CN_hD&mG0URAGnT`t!E0>4V!fOkr#Q#-Vzkh*Z$+XyMK2X$(cZToX`Vb4
z*Fh|IXe%iq{;JW!UZ(o?pz8v>akdOhNR9l)cQ0M!dAo8g+R6nJGN;qbmhLSgG3IuV
zqb<+%bU0%*GSu7Li;icBCkPj!)3T8(iC!s;sLoiOq%h<0(?GbqR`pg(?ryTM!2BI&
zB;DuBE!NrHm4y|Tyb&39k010B$DIU|R!$?>{_4LjCGI8gqePnGpUwdIj9xYU%{657
z-DUh2U4k3D>Ro;*DI3TyuS0$rId=hpz>NOOTVA1gjduix4}Ir65up1OBeeg=WeC2-
zu@AEP9Lxyof1dyKvnhEdx11v9tX@uUF2TgL4F#I2?byoy7^IJ(?e<+v>$5{b2@w|w
zD&cF~lGMOtZgEA7*a0Tpf*vr3X&H#`Oh*`EB%SX@h$`5e9kF1{?7bw;nB`@jt>~yz
zQXB4$BoT&^p2M2DG46}q?dZ8vwxiez2I`FYHr}pDS8QuW{&})XO?9vRXV|}3eIc>G
zpPbw;xTi{mD0ZMnf|f1mE?i1)JAiGVRmg+TYl|qM9DmXFJ0Iu~F1k&>5GfNXLff_1
z9`CsPX-mGF+026>$)NF5MN0&nT8qg==dqH8l+#Sln+YZ+;@Myq4i=s!=40E^Ccj&h
z6^ZSqtj%w$DQ=m~dwn{*)4nGot7{aC?0gZkb`~=c6DdvbddD2#(Zla}KELb7?bW;B
z`aFsszfGUz`vah)oeNOcUZj4d?C=9G2X=}Yq-8rNx3MLO*W|oOfTye}_hWue1g!BD
z3iVr>riHFx{ucdqA7AUFz)*Tw8P}>YYN0nd=WN7!MO3`zQvi)fg!9leM|y)Hbh=AS
z0odOTNM2Q#dO9rJGR#$q`Qr!$u=eD`{8I%R;q<>{Oap?_7*Pead-&N_qJdr%4(3zW
zS4EJ3)IvX)LhxS#oiev`JLv01S_a@%Vs|F#QF;<3jVwhVs5c3Vs)L=qN4at66aD}<
z&3l{HMlrf}a>!viJDzu)mnS#!<ZhW0@zYxD{EeBPY)Z%xk^+IfN91O+Lec8wqWHwK
zbB_MJ4oo*zo!41s!~09?n)wF(k|2rI>{l^tca_iV@(y2pl6DU}pOID}VuKNI8B}U?
zv%y!g{O@nKR6HZsL@fl{lI=77_+ay!u9<I`&1P$*i_bQQ>nJiw3`o5~C6*t{7>VSq
zBaH4(ZfhkUoSOT(qs=wpu(5qM9BRc5c$!^bfo~1Qb*KqHetWr3D!;hXhj^R3ZTQ(d
ztbhG%8G^#D!?rCp8Q2~sdBbaFr=+s+jql83FX@h^?d>mYCeq2p=n*vJr3<smjOKyu
z9fQA-$t9B&T5EhEEmFnA#ee2OhNchNj#pdz5M2A1x?j!Qo^=Ym{)QoFG#`=6$#NuU
z1XzTOppntL<)B+yoJ}A{#IW=3O*{;G<$rz|_g_MPW32Lu5<l8&h2mYC!3Q1ln?SCc
zIh%V|*<SC%U+8X(-bzhq8pSD$Vm1UOCW(R=7_G#yOeGf~k6|4oBM{^ryBI65F7568
zxY@01$dB1}^JyL)Vz?z_OW~YsZCiH$9^m9@NR+6@*kA(?NT<T*?>aBG^`&Du>0nw{
z(AMA2mXFQQK&{FBZ!kFSCNQ?UU!F48Z3}2;olr2!_wqfu<^1>Z-V}|cxAwo{@B7(h
z0-a@P4~C6b{aacatDSOuanYM+2MGv`_L(<)u)R}a6qgsGu4&cCX5~k4L%l+PgO1tm
zr$ddE4*E!RtxS^QVB%iIL=*3vbQxn_WpkY{r#-tMBK%=m8=SoQ4h~K6IyiT`jn^n6
zWswYNo$%*~S?UZ{@E2OkK`G%$ll4qjUVuE~b|l<sFqVXSZ4HjA>q6KDjGAU}g0wG-
z6eqKGo^@CtD}i;i$_eL*7}yVBSg|Q&9uGkVr(sRvPpIJSytMvMW;;i+^~>Vg$(ZD|
zlA=!~!SL;umoXgInsl!?=;>p;)zL-jTBhe^l^P1?);wj)PtZ@f*ZhzHCPnp!alOhv
zciF5iD^BL#@7Ue&ZEE#9VBnjAf+#!t{hd9Vrwnt0O^;rP;+Nuz^6vn?f3Q8OF~zoS
z4kl|2hA^j263x^q{7eEth>B|B6?S^U0xgJd%gfLJPn5C?cOG%H8~0I#PSsA@jHs|>
z)y+t5APMt_RA`v{Myw3%RQBe1*x7z#y7`449cn&gMtbOA!r^E4e&tUwSMFQe^tRA{
z(%U;VuiBvqiT)h!m(>Fw#=nX1PaDM#@(EBYjS8pzWuLB|^fQym-uY6}f^snbU=Nec
z03WXrjV0%Nbt)qM1GC-g$K#ve;oO<PDc&Qo522UY3%le16UU`^`)#rU#TQmT&MnAX
zJlF+)j!Qofu;GXD4A(zgN4hn<h#dL-zS!l};Tq*U-rL(84hP6rF@2xE7jL*crBiLZ
z+)VNNr<@{+YRg5JUwz*awy++SZ({Yd{G_KkS{DS*-aZrfWb0Q(7l?1`@D!0fNY;38
zy^_YiD6QfMB}o6z1Z#sqB4%GrLI4`Ed63ay2q{e4OiiYlyc~L%c4fVSVIL%e*Etda
zs@{^i=~H1av;|Pl&C0_)ToO?qMz@vKLdO`ATk^tL3b4zBA!%6a%bO-rPt>L!rMXx*
zLBX`uO_N2G8dpHAYmkW7I)Wj5yto!|P#Zs`M^)rBQcx56aFNJ|56*~`7SaI)B+$E^
z{|cYYB7B5VTr$eF#-bip_XX%R4A8H+L!rhXiW}gx1(adoZO}&tFT9SCEY{I2Q7#}o
zMH^Txgczm_H%w9PLvBnJB4N&IBzwvJi~ZTG?>`NW^D9UFE@;2;Yka4xp?&nEDI@t$
zTrjOtwADNo!=sqDK><%j05N?KH@##gJ$%F$5brvSn=)bA8q$E;PdkZn7zn={J(e&=
z-G?qJ4a|%}<vtQVYv)#U1@T5&D8qHKZIKBzzUKG8DhWL9A#ycN&0=e1Zjlv%&`wBX
zGeyMi3k}k?^MXe+YWRM)eT)*UfvI+-iVX~h;>6V$3UgLNuX8YohQUnRqZOpG=2}RU
z9FUzjO{Bo6EM7miP;dni6a^Z26HVIID;Kx}J0W44%%c(X&c~rR5T3lt7*{7D_=8n$
z;33iZYorV9o=VuKK$Q-{iDyL`iX8Z^3iXi%_O>6a@T}q>*O8)nRq$PZ)jnBFjal0r
zM8YEm8O<?udwFWU6oT2+yyQv93`)Oa5EIJpWFH<v8C5?xt?k*=rktfqAP`68<lF-2
zk33U|FBq1H1rG$-(Dd{ouqO?+!Px$Bi+7gUkKl~9I(BSOt|oLQ+Q}-1G%9*zHdRwO
z%<o=1XefRuuAh(o@WqHH!R64{*%@f_8NnQJGekF!mXWadpZ<%O5VfT5crlh;DOP{6
zsLwWg(r&vF!rEECS$7q~X3%$xQKtf&M>%^FSh+~kK?t05j8L%38RU~im>O5nw2?o+
zuY7N|ZPWT?>7LJD8$WmAoD@N;+rU6$!>0yg)}Don6QveT%lLbRx*~W;7(quVPsRCY
z4N&XDb&pgP`rIkZx;8b7<oWBqTyF`bbp+>=lKoXd59fEjKgzDh$ShXkqZt4Qx|dIs
zGRP#v(`C?0_M$n7<*>euO@x(zDBNJO;n#FIVD`~n=rK0%nls_+b+u5)1l@+{B=Hr+
z@j@{R)`p}b)9Yp1$tFqgcF!^&o`r2cy_4`CUG(N+Ay`}ylZhZ^_3c@SK4ZV;SN0Xe
zi_l-fU@J;at`Pr6bV)r?$R-8k)D+s}v0hCTufZ5{WS|gvr35^2jBLvL+DBf#F&ae#
zIq@BlIQ2Spjrsi0+Y=gNY7J-+A}L{cel+FBUDG!BOH#t~{p?2n-r6VP*AXna+w*;`
z)UWDgYomjjuDTY8h?>a}IQ56K-gm!f^RRyohV}WM7i20=V~e~Krqvwqclm;TSB@`!
z#sJ^dK^nUI3tzmAz$@|7PSK)s;2e}Ot_Q>%O-3DWiSTb#pcOF+k8CAioQ2G}5(3&I
z9+i*}(N2ONKSNIc=gk3{nqGD7#dYE%!2_Yz{mosc42b&#Mdqi7Skn(yBo>GS%x7+~
z`w6GvZ<Y=r(ikzK?JnRxz-_OP-ddE}aUqyGmna#*X1sSL141yDBk4(0Y^O(8DjI!N
zmeNjwYyQ+Kr4A1%Wvmrq7b2cG7C<$^<_?;jByNM$KKPTWG+hz}6W?;IM%k9@{>XY*
zyFsgg7`ffFfG!th%(!axG}vP7zyVdH-6Mz&Z<uzC`0jVl0?_?s(Oly*?5&0gE(vQ|
zcW4^Ux{K)%d1tFO!)~q(a&V~!E=MQ^ArUT`mox>|N!QeMR<Nn;@&2mxQ{9U9X99%)
zaF0RE^4cnUQwa4^_<>q^zeC)Yp*$4-E6JSYLaH=Ym!YCHn5yDw7d8u?4TM!b1;4Sg
z-j|f#^FfB5BVf>=jXc}l0xZQ%Vk@lq6uT`Rx_h%-=aKmW@u(tq<sNk$>$sdfgbSV$
zj1*K7mGBoqY$bNmhKLjLyAK=HyWDhLr7Ytzy2mIrrybEY-{<Dg{=<7TQ+EjdJ0E<Q
z&OzciC)yEcA-tRKW;Y5yFbNO%HakPux~s|87KX<UYlZ;}Q~Aw>hD((F=JT%scmfy(
z@|28_2?<FWv>Mr`bFqeOE{8>H{QDMCqBHi``@V1AuR6X+^M3eI4c*n7P$|jO#c<(-
zm1II@u+)|9{pV)zu=BfKQo!FLyq;-}3ND`4TCdnNefk2DyRuz%2mQbZ5f?qO{5<uv
zFisD^8@{TANz-aLbHvyWyZ3Mb-i-XO^=jk#1WI#aBRnK44xP0YTKR{JG7?y0JyY6{
zy{8R1=axpTZsn6k&a>nEUWs5GZjmAvP{vcmSYt@3^?7?<3%2lT<h0g`$?_KiB)Kj^
zbn$!8EcP%hKu>m;nJ0%$?mt?4wLn82cQ+MYk_<i-cU0XDaO4M<eEl4A<DOFl@e+>H
z1!Od@cEyB0y|H?1OBLCuDki+!Zn6*j$EaY;?PxeD8!c_ID|j2Vg49(6;f?Ovbg_+;
zII=8G(xKeZTI<hqG(L=N>sS!lTA-46|72ON<Te=tb^fc2Y?W&!!d1$1XWzT;YPHi-
zn%rcv1xZX6gerQ(9kUPLQ|eKK#_qCL!3}hWpZW&3w;7E3Pi-VT{#pDK7n36uG3T82
zURXiOX#!JHfoV&8V4J^3m@m$%b`J&O-&FKm>N37y3>bqc#uUK$?btBgAs)39Y>v{X
za+Q3*CqakR&ARUomZf>9-|Srk@-y#$7j16k??6gxYG2I62ZkFBL9>DQv?D|xYW>ON
z54LG&jZMM?PP{$~a_Fl0BV^yr%eE|Zzf`>^=6~eRWKJgL2&4oQIpJFvD;P|R=S?#F
zP2s>69Legi^famTIWZ&o{`U;l<U4k@o=EW%a03d%`aIHUvSE=o%^#i@Nc1#alPfym
z<<XX*OEX7^eln+S@wF$U(`0Wikc^<+cKT;!0n6X)4dQC88HLsHq}!&#0R6ujbl7!*
z9?Yvq#FLPn&nveOkj)dQwNlM9Q{crddEIgZx)X%l{l_53=$&@wEGwsDMd72*sPP{#
zFX@v&UX6`XaoTe+QN-3EO1i8c(X;tI2#h;S+lF<w{frs~@5f%Qn`or!)jDxoOExhl
z<yy`k2m0LUHbk8Tj;~37ve3MWMkVNp??xN)-o?G%#q}!b%j=qCs<9oP>L-9^xf#hR
zHgs?M%HyavT6$jPqn;^vJG6o%459~k`=`t4cxR?VkF`;)h-VsxBXF_MY)=vOHq_YN
zzvDLysHWG`q@l8&h|B2(v>W1vDSf?bsGU6-lbH@nI4YRPs-(jXb=R55``ym0&*sDA
zMq;CVf>49!BdP9CiHVOWoT@b(3{s<)uFjFH3I9<EYMZQCW1wvHBHEVXa54mjScN$*
z<Nx8>Ex}#ut|!A8^FFlv=itS5?`P3m^|n}bGvt_#7x@qD*2)0MZtJyjTEzC3T{$h~
z=sy|66VUXW5x|fsocb2Ba?}JB>mQ}Dw1J-`lbHcs7~N#DM=1juXJBt;;^IVMe`K)6
zn=l1?g(tRJ`x<=)2UO{}x;O&<E1Rg?_$Rc{SDq?8j1XvCgAJU0NKDk8{8m^_?zozP
z(`apd;eez#k$0zbWG$k7-M38Z!On|B97E45lfG7fbrL*a+WGyg<=<We--~8q+OlkI
zJfgXRIQFOf8TTq=+fi1_Fsad>9A98d2^N{J#Cqama=hE8Hp^%OOq+q8C4(J_<kQ;f
z5~pa^csdg9!m2v`y;CWW!iaQk!121d-e0#{!us`R%ewrS!XtyWc)tskU3>8B=bui$
zQx>|{(fwh0>CSdCmjNps=1I{|P4_K-h?)JuZF}00lf`W=X%@glH}Q-WsJPGakXgi7
z`EQ-4=#Oyxs;;f1sR7W~mmY4OoD+o{#SSm^xP^0)?beG+RFCyT+<P-t^hccC;6V_!
zu372<*((?>dfK|-^=qx0-gvW+s7K4UNz~Ivg;;gFI6R2XP_P8ewgDl^8_Z#`x@cqd
zf5nh2X$;`sYM2RtZHq${rDwPcXDjvh8YMvripqacqFs<eP=S6ki^PinFA}Zwm0oE3
zk*HOhOTAFGbiYWoF_;$SD|Cpcz-*Apm4!r^SrQto#+H&+kh9FPNHWb3-$=7`k_}5J
z5~bWg!$~iRiM+3Xx#CH>CFe!b9^$P3H$-pUz*B16I+WZ!#Rme*l#?kw9+oRtMR+(|
zvJJd&RhV&l01f<&0ppC8HWNwwgRLY@kAA^W@fx+vQLD5}AzMUAaUo7+`UbdVju1gn
zPhk$8TPt$7h4_3Uk;bxTV~1IDb3XB`L)U84v&1o!TI(v<V?l4s`p;a<a;{T{52Od5
z)@C-WolsOPQx=GVsuBy)kHiE1&g!|gZZ|Jl^6TLmU?g^@m)5Ra%=7Ut5lsa!0d9P?
zaEm!t_1{71Z|=X3D3`L>R``&Ho*_2Lq(bCAbSketNMSsl1ix}$GN*(acH%aJC0DD)
z?2H@v2lDpRct9zJ8sX2ueQY3~39%=5KLZkcyf!U;u5UkME1*6bh<Wz&_Zapwg)*iy
z?a>34(AsGXdnaRA>0tt_%_Wx<jG#YJ^&O5=3YFNE&Ns4?Fxrx^UHSz-AkLt6QM))t
z<<JsX?jMiw?1W)LqhpYuTAjousB@J`?VbE`nD~!3Tu|hXlLYle>mG+~W_#|RaYpuo
zxElm#>Bnm0i?97tABhudJY9(aJ9h|+v`autHf$D0lybt+!M||&gVI=1(W-uz#!XW2
zgP9qh;e}(fX*=qWTIWRC%!cE#Iw?DoO`Lg5Fl~ZWrg==<7MF3WmYqh!mV>Mj=R#@+
z9SW1-&Y$XpfG!9<#W->SJ&ZqGcD}b(5Wfg3({})kvVALi5wVkhPmUrJ&sQ59AqY5O
z!z5=qj^CTQQ&^jk-yX(Dz{URGRb|zTnNPe4=dsFNEzvR(7jsqQ=Q(m6uWXrgSD%*-
zwEO=BXbHHqIb=_;u%Zj)f;n-)&nJ_Hn;Uo|)$Lqz6>RULE0JE-R~XEujjAXc9Flng
z3+#{#<~*wfc0o52Pe4Y$D$4@}93!FWy3pJWva=l}q@k~?Y!holDc$!9;*K#-o<6ZC
zmNi1AN2c5}3FvBgS0F+<@FEMaF>&zHBd8kQ=&VI(br)YNW3d=|+&|+b^2jOlM~4^6
z5j%V}Z8&RXL)Vzbh=6cZ8Z1~5^NB(%9)?oOZlwjrYU>HLK*W)b<E(-9e3qATj#eT6
z7Aty$x<i&0Bu_xpEK;}Duv6dM2<78qq?$8(x!+(AN_z+oWbl$b5x6NiB?mT$%d%KQ
zjY?tKLtT@KQ-F^?S_+hsz|w0{;+B=;EsJN&3dgj1;Hf3A&(;oIZ9kd*uvIzix#7i*
z-GnWI9D5@`Pq;~9uN_S(w>^4Pb3Qv6`tsg5QWS3D0WZc1jtG~et+&WDiHV!is_2mA
za(_>=wqih(l{QwiC0T&qAhKvztfyLv-h}=BzaOJA!D0S(Kh%*NfN!+xg05?AKk>b>
z1D$A$UvC_Ed0bh3!(^3M84=9lN^8mYY))ITWdYbd9!~_hO!b}8875E0niiCITopG|
zHYh*QEJ>dJyzI=WEW=EpIX_m@cfzBGfcrNwRp-uILe9lNQ7`#*q+7)u`=0sQfQ9dV
zpNTeV^f?O%D`Kre1s8eC>;WDfPme<@_5w6$sj<-57q1r_vju;Oc4J!VVyec5F(TA!
zP`bt=3??9F+*+6b+4>~)^N7Vx$#U%Fq(ytoFL2JseDa4|q^M^c)N^cVg;$LNJD%Zu
zBVz<SHt2{C8~*UFQUxKhx<yZ?Zk^TV+K7SbD?iu*C5PVZR9lE1*$~|DFuoLH?9f=&
zWJrBwGq7ks-qO45I*mLzmBr1S>WtVOm--U%>;-g+@5+L{eKFnghL?fa(X}w|r<iq4
zu2uL2Y9LkfDsSzLke-iqc4l3&?X$2OATA|>RVKgUEF~goKRfNI%#PDiygh1zGh|rJ
zsxQN-9=oa4{8_`T)v*by$QPx&cx(<Ll6ef-HL3G+>)Z|r3OpqA0S8cmZZa!sb~Y!5
z4*;al?&qQ*H<ab50Po~}%g?(+*74KoeGr?)WYO%KPbA<O$v6?zaF5hEua1vxF5xt^
zU3A%CCwTyY)SzsTuwAgTo6aqYMO7%VIlNF2V9R&z$3gE2sk4XSo?nW;e80x$QB%tz
zbjVzajWfE<s)$>eqv)o=&aqX}7#pOY1hTXn@C4&EsZu)Dp(}`n%PK%hXR`awysRae
zkADX5BRrN11{=xcKgX#R{<mv3^j**9z9lWGA?#FAdt#2&<cYYun||@=?7$(DH7?G`
zLy1R8ZGju}5f-tX-DXJ9UWH*A1?>=%7Rl4KMI28K^sP+B^SUr~K7tR7US@VB24pIq
zGKJz2guv~Iod<Nfg<`IGx^yFiDUlCxDie`p@&@cwR#JAr@gxQRgSp_();a1*Z8qn0
zB4|`wv_|4~#LlK28qVU4f-jzR*f@XSoyiQ5*3%sev_jf9vmgBfnxVIZR!<vWfjDhD
ztJUNGEgXx`X*IL#J2Jr6W%tbc0;asa=JAMD_ATNqvLFQ_e%@2<`^6dJRa3{oK-)*k
zVB^2e7U|G_?Z~xosEIr8lXc9j#DZJPDmjw;+;qf*5Q%r5(-&e5HAuBg*32X$QxZnn
zDOV%J)maVu))sc$hX}Y~|9B0_ogs3_6gnaikrHKSzso!OA6%kUo&|5918bcwpXqI<
z6;iYwLeA4V2UUce$!6GS)xaazpfyLtw_4)p<219uQ{w%H#K*vwm5B9*_wtijp~E!p
z*a|&wKRWUeKJ<-Pd2&XSs&w6vulp(g>3=Ox^^J7kx{p_ErLU_ff7TptzhZ(Z%HQ|4
z8f(pq2)e<#3$M@Z`oAtw&qd6$*K=ktA%4?z+PCzx7f2FXyqra0*)*>01_V^OkZ~8z
zUjkb>D$R6nwQg1k{$nr{ysP4AN+tYU3CF0PJ9p_>)qRot$BX~iii0V;T_MKIUCSBb
zbC^w<SI#G9r|Hzt6EJKpuq&k`d2A4Ol%VsZR&)2pM29mk<*Y+b6AaVhdx7?1C{1ea
zdHK#m&h!DXa~n1X*)NhIlmGb@Bp^`hl@S+HRfTgElFxQqP7&9YtdB))=}jANrzvW6
z;a>A|<1&sq1i8hSYpSfR6~Lp+xj2;THk|gt;z%1$t;3ZQ_y$xJ=C&X`*RPMY{QNW$
zFVFx1qP_&H1_%&2tspF~2yl!jJEtLJN-@Ny$pbZ3Dmc_vLuh-#DPd30`Vb(+$0YI?
z&_@i*-_r7;3VLpGo?*g?7SSSKm~Dt>Eq+UV|EFv5nqyOKvr-22dGoHxr!dq}87d6-
zvdJ)V@7YXQypy|T9|S_SzOA)*m6G`Oer>hECD_3I3seiok??R7pT-l4ldx2%y{fL?
z3gE;#YYH#rJwabUHs=X1HE;2CaE}bxxrKKW?tdt{#=yARCH%#<*|@Q7v$1X4&WUZa
zv27=f&BktQqfvAB{@>mAowIX>&ofhGKC}M$+XiK<5w!ZPwryQ*h<}Vw_dgGm)Zh^R
z8(w?Stv(kxk-we9M0}G)uU)K$Wpu^lTutcawkvhP?G{*c1TtQ`2!q)M)m=(@6r!fy
z6?6|!U96x$@^oK?ka}N@brN8bMvZ&EpLxir7lv>8&Z_0{_EanaN_XoBOGo_NvzSyf
z7Luy7pTnl<noBTCwT-j08+339xVg&zDpdB>>`TOYS1>+6owG*AZT@N`MN<)naWVIv
zjy5Sqt+gR6<BaGG3$KLbIffK1E`U4KDx)qY_e84YKEk5M37+q&hXouvKw}Teu0vPM
zXVKFYE2tl!qCpo-JlNmBy9-kIgK8@O&s;o<93S*`acwI6V)Be4YjqJimBaZ;rR)a`
z+v;R?ddnUbD!Kd$qEWGhOeWMgPyvP-RP!y`8(3YL|NK)NuEsQ!rmBd!E2C!#e7?tA
zpsf7E-E{od)H@dqY_;dC<)8DdGh2HdUshl7_eEf8Q16<=R5~h36r+aEpyh$gb2tM=
z-a^uhgLrjU{mg5O=u&TDN%d54MH%&UR<8!VIb=i;n;{7=D0Uno6C*>6;h+sL*2uV;
z)r8`kQrZ@B3FS(^GXzUYn?oFFvw&*$XgE^9-3xQFiZ22{L7tOUR#9xc-l{j9^;o2p
zuLXArzLP!HvEvUH*OEC`JSON7F^McDrBskyVj#JYjU!1r5Q1%{l|M4tS8r9G`&eeE
zeiL-QdpIKCheL&sIwQ(f*CWq0iLh=FqfEBe230Z4lgQq@n7knE4<qY#>c11;RKM$1
z3>z^4K>zlQCUh+I^r`*9A{i+4Y&U;n<#nlSS!p2k;E(VU)y^i@Tt}TygIajwJ%QWg
zUCMX`_Xnx!U+miTAPr<uW8=$FrP{YBxfGArdBv}@u#kD*7-ri(tC@@_kR=wt@Gs@2
z45KC0>6?KomUsNOm*}Xr*rc$gTWB?d6S)F_tXho~&1ob8BGh2;u?K%ztsTq5P+};y
zMhMH-jwp0-`N~@M1fyJ{hXA8IEN~pT0kU2p=}{Y};|xrpwcmEy8aU6Y0=Y>Q#Or-a
zH<LYhkM$WIJ}7K9foU@(NCHzOzi~Qh=f5ZY-_u6M)dLj_-MMf#JsvJJ`985GB>^E8
z)3s-fS#$UtGcDD-IYGoLW2FVt*yt_rHZlnk8bO{@J3$Fa#wk4&8vI4}JxSY~csFy)
z>8B=ahTrnLjaq5^u192tzwMHEgXP6(Mx`W9LrAyIUHtnWwi+tUP%CX7u801LHw+nX
zze1~ZPqq;>=LPu=IUQeI$?k|^paQ*bCK?qampkvb`Q~49&sJPw<Ha1B69K>ZTwkv=
zo42+*nM-Tf2y8u?fAhu~v-w`mHatRi^_v4ej~Lax-FV-^d!cpAR_C#FFSjIZEi!hp
zq##vYpsupEuj~?RIV{2>G~HC9RJHa0v}pqV|4y(d!Yo9Kpj^oe+4@c;g#iqz33Mb7
z(zH0UPIf?g#Oo}&11{UMWc<CX*#CFNf)8*!Y0fQUVS9^a=aVdM+6_1l`&n}B>!UVC
zO@F&I*`3Q*4bCCQb(?OX?6sT8Z7lQAdKxBn41wCp6AS;FamUKZA~N7|eIxh)nw*76
z@^;EY>GGv)GW!J1eTr^k0+7GtU0N|x{7F3ujh0MOcusA|#WF`aH$Zbm&Z5&KWwG=H
zBU@u<QSCJX5xN?<OdH*6`D^{sr}3CRmCX=;qWkKK9H|jsPSziIg2;CR<ro=ZbGM-f
z9I5=wRAH|+9@W>lk3pY({8P=B8Jo*8Pg#v><bHiy&S+rrdk^SifP~p$A5*A<I06VQ
zTG)FHB1MRtOIEdAB1pK?f7{W^3itbY)e&j*+plll6HR2Td0{25hf5pGc7J@JISqXi
zVDeNI7sjw^9F|AJ>%1}74f1Th;f1A{ky~7-icq-0vW@%9=87_}L$+qwlt&vVvu0^u
z@r2}kH2(^4Z??b(+>ko(W&KfnE7<eB(|cJiCXuv~*JCblu7CfDvOewL4;I`6XR^So
zhwCcJ-LtuA+nhUXa_ht(2haZ1PpJ?)K5n0<s;vQ<6;uVij%OnqwV`p(5SA)W%#dkS
zw-x%4b2SXQ{73hE0-A`Ptt(ZBP_@&4@9D+)F^~^Z)}h!y#ycfh0bGmLenw=h-f29m
zI@|bN>ad-BIGT3`hPp?mO4qq-mR9;kB6jm9I+|TJHcl568SHMUNx?{^SQ)Nn$wFI@
zjnEh$4*g#kXU{Jw(@2`?M;cu+LS3bX#-t)4v|-2%dS@na$zuiv_-3=jx}c6<lk_yX
zV(E~k?o2*F6&<l{omt(q=*F}MlX!#mh92$!u}EMNMrP;jGlOdlPQZ6f6M?mdg4)Y%
zT2qg_kf|r#tJ(+KOFJ+#-}FzSwPQ$ATdqwNH7<+ow~MDIC!Sc-j0}yaK&pAWsCrV?
zrt?xBECPedrq*gzYpYRA>k4``!zhjMP?c%1?3rhPL%ad5l>5rIW3nzG55Yo8ts<Xn
z_0FLdr`|x{a+2_9n(FvMw)W{d%F`weM%*xJ=bgGw<am{v^}~hSE=R*QhID$+fuaa^
z?oqfWLAYAww~8hb4Lsbn+X@=hef)UWI7cmH%ULvfF|0o92sjRSbQ}gbX9>?a&=rsi
zLro8wtsmfi%Xy7U)3%YYJfNSvY*~BrEi@|6#<YW7Xp?P4eVDtm>Su>!+KO~L_ItT!
z8|~nehks}cKL<7+y|Gwv{g`&BproC@sE9Rjp^_;U8{^a#Jsl5ZX9k1W9xg%T@+jl=
z%$J$pH#*T(k;Y%{fhHLIU2BekWTGgq85ur+DccLZBc~2Ap*?+n0p_RG_b^EOsq&A8
z#(4M5p7j^Z-LF6;ux=th5fM_1$Uu>}N>D|G-I|g;aWz@YPeH7!&B0Z+6O}&Q$DxjJ
z@?Zqqn{b3G(#bf`2lB3AI?OWAU2JfYIni`)$R<)8OOVziwr}ERkN?yD&{MI@SrP#d
zSqILBb@_r;p;oF5)zV1EThUO$OWmNWx`^3@siWzxKk~+#O&5Xg)+ih-*%*}p7?b!w
z8qf7HEfJ;SI<es(hWttESN^tj(e^-SW~dvZO+fbo4Nno5`F&d<X712};o0}{X%5X#
zc|LSCAw1hvy%iq6Mm_Hp!sZ*xvI`mDrMWmd9WaVfFQjG{0~O5>E#LFc>Ij{^h!Pwz
zBk*PQOQA;-e&^FBaXWQ&i<5K68YZk|2Qj=<`@g<5*^WD?y~Uy}wDHiF1d$6_mNLBW
zRaW+Vu%<uKi>QjM-RU|s+;N1=F$>vs=@TuK?e;&%<ZOVhzDdD<XCrc<5LV@YI9EH^
z*?E;YQO6m~-1l6)!rAP4sr{>8OslBYQCa@3EozwTf8tD)3SISERWS7LvCk_!ORCS&
zn{Fgl@9Xv!4$)nYln@!PBMYfH??#JT>&cl2mJR+eY;vPjOI$X8UhNfgrue%$dE{+h
z`y-)o8w#I6OON!eqN^zC^|KuU+jD3?K+ncAK}2E<-XJY8n7U9c&HJUuoToCoZ$*C9
zlPH05JBKbJ+OkpjPP{S7^Ba>!UglNB<Xhr@eJAI|<vn-8ux&x_kRNX_uFvmwnc$%4
zu|tKpP4Z`WN<~`VG?VZI_;0YniPD8tv~kE}BPI0{b$MMGic*G02Szx6Nj7qa>8*#U
zBvIZZ2=-~lB&aXS1cM?fTv6(8Qe=KOs`###d%Hf$w#LzO05c5u`$AaWx>0a*EZX6W
zAwCgN&=0Q%E3f8#|2iK~v~B4*sY?yb$PJbuc(WOv#(MpoPIRJCi-f0WO`Nj(Zv~4p
zTuATwyX&3<%%}1<L-cS!bswkUE4Q~{)wY}v(ExLd@Cp%zX8PN_f(XCCzMzX3n(Q=^
zr^h@L87D96s(+!)3~XdNq?ufEI%aZ1uzTk?-#mSBEUj2=lU{*((VEw@FC@1H?fc`O
zULNZYA4kscPbpZNhoe$Imi+#hkWMZN&i{J53|$AOM2%V5Gzw$@uTGb4(l)Kf9jKjr
zPD;bk=}Bc0l@HW$ynmjN>|r}N3PPC421!a4*BfLw>T+h^5kw!lILB1Y<G=UVKwfld
zJl|neB63W+1W87jq<n~&rVZ%e$vnaWg1tH8g`rh6O*e+!>Rb`O5uL22-|hku7bd|}
zEkbI14gK&&`8E}S@c@sS+=vau#J|!c4|lPf<+|dqJm0bLK!t7!XpZh8Mr*@2J4xO7
z;u<;?c!Ow_7M;6}_fo{=MVBC*Xp@vw@gZQ2`t@v^5<y#3IZt-bi2*cvNQ_kleV5o{
zs{k!v2F(l<KnE1E474PU?oG;wy~76|*(^?!QKg;QnC1dU66+M{JxYlTIIvA1%vimb
z^sUq|^pJ64*ZKKch~}KNbHR{7mZsf$>pF5!`f-ZH&y(weS@DS3-}}eIP0e(8T|NJv
z4zvdG@0Y-#1zET*W}Ow2oFE>{$O(@8h;YJI<d>BxXT0TGM(0iR#k@ePKH!rciqPc6
zFsfB54$=VxH$6-Op_Y+we#+Dll)tAOv1lk9yqdO1*3rc(@7Jl7{rK=0-Z9%mw{|AQ
z3_CnBNZkID?wxZ#?Fv2{>VIOxBZ5}?eO6%=Ar;S|{aNy}#|`5=UP6fo051=q{sl88
zvW;Q8@J=1dT`p?hp;v$e$`Q(oHg3fgj8~;mWeI`hbE7q|B-z_%#q52tsy|!7@HXj@
zu<}Yz_~jFRB6wl4HkXC)=qS}yL2oZmfBYBFcMcOHcJJ!aowGxOT{?x8BpczfhjVDa
zg~$RZFh9#)%IlUEA<XgqxLWdMy9>dM&l%Ei`8^+}B?u^ee>t28bU~&;=?Hk4f*Cj3
zx+Vn1h)-5yNFk`+y}R4Z^byV+Y?_~-(u_KN(gnQTutEy5mXQrdkH>dFQMVY2)s*lg
zW^AgwX7)^DW#p-AbD|8X?KOKe2)4W4tw-Vu5>AXM{$2vjaUio1f2nPb*x5@gQ0{br
z6Q(87EDjk%JNQ^`g*ugHTdw&&u}KL_4alT{n|qIM@up*6Eh_fjs#gwAcJCB!0-1Uo
ze$^&PXD0pdh>YsmkfAJg5#bQ;<pTrAYxq-jhaZOhTHZvi=9^u}xS>$4q7EP}BQ9WR
zR-brJXLB`ax*Ft_5J!@tvA)EmHdC+AI>G_j$zO~(uxp@<BLqQCRtk0W7|RKGY-C%T
zMtQJ3;sc0QP1^riz&bY&21y97N$f=dGm5nlzrQX&pZbNu^hX`^P2%v#GjL8L1F4+;
zOUq58rD5P%(6_~YPsVdC!Gfwp(Do!+ZeiM=*ionE(L|uI#3VTR51!yDGgT(o0L<h`
zf{H_UwR%^9Qa88)ODsvDoBBJ@Ksc%pvYw)N6R;*U<1vQxSlr5ZH&zopb{4dQ-ltrU
z$j+l=HG{vN)<Xi?NUMPrMpk3beik<ZKXR42<SbVJ|75nL&l*PfU}9h@MrJ1b4s+eS
z+OYpc1fPVo{#s`nCJ%=YPa`-BRa6)tvU5Y|jSVI5HH6!8q`v8)lJy&qM(7LxFFNSX
zwJOY(#A&TktC5TEbfKQpKseOK%<&pp5Jl<x6|WB#aPRJ%_!4hmnY*xt*;bWhFW&@S
zUcOHISpTxwyD4Oc4rPZ<;P1tm?hshxB}Zh4IGu^~GW)ge{}95jQe`Q9`Rykpzg`+o
z(^d?TnbqG-5f8#gFmgFy(ytdgELx?aE)h%F-26F5@-Z~6l_FS0pS|ZgEjmI@t<XT1
zVcr&$`#L$dVn1XSH{cZbttDCwg*-iv!ds#8zY4!-+4H*YE0Jf-zNL`$g!*Jfs=}S}
zIB39{GOpSvk3)_cDcK{ht9d{vcNK>Qcg&eBV`wYc&(f+7Rfhs$=r*m(;I*JGG%m)n
zjno&K0+F9q2GS`JH>`8p*bv0A-w7I!OHqM(A1Lr_W`<Nud_VmBLf5%L{4#elyzx1c
zE<flmbNV2`HS`M42+z<NzIB|8iCDt30zY`)Mp<-eqi~@Bhp*{Wtu#=JP2B;~z7{W4
z5&HZ6<!S~=0pK!t6dyb_<$`ns@1DD-+eK-6+R*Up?T%;I2(k58@2i6a6ZOwf?wTQ}
z%7%j5Qe{=|WBPBhsVI?G3w>dU()yz5PwFwz)jqEbmMln+N{}Fb6O(O{+KK7T=m)o+
zQq(S5nY1twztf}q^z*v&+~l3d>hbeq>BMhIrfbLmKBYW8F5X^`{yK(IyJD(>PNBwa
zQAwM{tCe2ooJS%EP3`$l(ajKBFDE4BdS4t4>$gpi323N+xC{(@|6=bBHT_Sp-aw|5
zTT%ZY67jT86S}dSYNYCs6i>Q}Z>?7-2dEyKE@>RYmPx%G0k4k(e|(NB-|piB(dHrh
z3OLY!l1ofmZW@A9EmBH$vH}56)kfdYdE_D#jS#+J8652Y;-E8i_M|i}Q)=K3<ogTu
zwJ?2bKoe;}Kop^~k2`VcJ`~SD>D@Y%Hajth^=;0qXl>FFv^sH~9^l+<fA7!QwyiM?
z=XRNgiCwho>x&VkNvk!p_}W(y_GfA4yaOib<wRF0uf!$PTL^+WT`F!g5FYh0a|*O+
zd0%O}|Ml;ZvCA!q{LL0z4cW8=LLs{CbBcyVVzEvNSDzQMx59zp6&C*{1OM<L!OkF8
zywve`!T`cHcGvcGrg{S*|8#*@m(Tsr^?H=HQbttyGvf0|)5k$##9H_eGAdAK7--VL
zF;{k86lvGpID#_neI=;pXmKu2V?4-8WM7Iq1K-9S8STU(K(EFB79v8w{P#WthY#9t
zJ^1dAqu_<(yQ&W2Qo@(X#aR9mu~#nSseJ*3Fq$=bfs*oaj~#-fTd`au7pI*3dP@mf
zHYXAjyXhSS2GWypm+&``-#{1V1O652;==oOw*KqS+jX@Q5;Awq_WL5#d;;k2T(i{K
zF4Yn)<$Zd)z}nX6`uhG6G<g(o5pQOLIBLg6^E%QBQ%w|Uj3jo=<4CSmxecODIxQ^~
zs?%`pmR-W0l8qBpN{z~BJ3nfRNv;QW)@uXlJc_-beCL#E)B{3TBieO20ID^i*T4HS
z)hwNh#Qn_BdW;aoiEuaH>`%+zH7YccCDj?!ph5=!HBpLsY~<$iZXe$L_XB_Oms=2G
ztjX^ip*qMRwa*6q`a>?$(#+D`TvId+qgC(m=zKk8S(ml!ul2H~4Lc0x;HkDbJK<yj
zXIs<q4VTJv0bee^wgr3)Utl38^46qpEk+c}l-<%_Vxy_HV2*>l=M0iY+W@=e*jwa4
z0@|ATc@fHlDO&ykT&%C-pA{BYD6}dqy|8h+t}%u}&70$K-;P}ZSNr-GuLH{9*w6qK
zYk<m|z=Yr9sGocra!8YXlAW)%)qj=<@9($lHDh*%(Bzm|^@~MHBY>Bo%}R2cc_M|>
zOl29fBuusWZv+F+9vQ8lg|c!u6(Bwk*4;M(Oj4L|*oi+J++Keo^0e%89Z#R0`s-_A
z?qN5gwc*=FvBPwN7|&)x?3VroP=g~MIk7FgBo4hsMxeo6OF6RI=uhJ~C|lLimR(eR
zCuu>g(h?J2&lD=bGza8-=e74S;lgygggYb}Wuk{mH-8@o-$I25b!A2x6QJ>3&@`oX
zhLLDOeOAm=M^K8rr!d=DDPhiP4)*GbESp&^mW90{<c8YI2I>~<i4lBqY}#RAXU6T=
zrgA=*>tXUrJ2u?l7K^hg;ARA4`WK&9Rfup!{iaHFJ_E<Y83FpX1mV5&0&~d<QM>l;
zYZaxsS*F6ZwGk<U!{fwy^sM~%(DCntA_(BgyZjx&na$9Grx)x&zCPG!UWA>zARx1L
zj8I>^TxZeUTlv`@W?w3oq|iYQ=d_KQQ#28mLIxG_!-OlcjnCe7SZ$tb|1`v??ZrY{
z>$8j~NRNl41z@BY1iOTG8ZhlEiWY@2j|sdthMmV2Kb1^jt&eH5(?J#7hlIsa?-Eu9
zAtMJ4_9L}1S!{?Jp5I};^JiOi{aGwA?m^(+%VGMLuAy{~n><wDYAT+L$zLIr9zOea
zhvk&S0&SjQ`dKMGRNVruLMv(2JT1fy&Hu)|!ea#iSW>{up?^Xnc)HU}APa_P5>uI?
zX`cIl65aDhrARbox(=7v@1|l=Y{&*q_x@T#gq7^_!>jA7V%jSwho2m`BzdO7D${@?
z@AiNLOmW>F7fSmzIMTV)oPr0+Yu<itTfH#`!`+_6f_htIPCBpUo|V$<ZhzN!1B0m=
zz(Q1jl{EQEd@}QG3>^Xk*b0kZSq`a8$at1w)VeDOW^y2|Cj>NKBk6gM#9h#X$M-SR
zg3pPdix6Qw^1tSGnX113ftq3v&_tm&;5Jl+gId8w%2?LbRaQ3Z!I}U65t9`J@gJBu
zycVO-aSQ)t&|mr7+E6-hj;`p+_`0~sdyfLAD^o?B^NnN#1AgY{VXP}BX$8@#Dp_#_
zl_iazd@@=?vIa2<_hc+jV&+W-1wV?`4yQ%~4-OS!ii=jg%=uu}KL1^<WIhu#{__Y_
z_`&4xNQGU>@4YbxhXKMZW(JB>YVd0gYJH;f!Yj$Z-DJnN)FkGex|3tzyA#1DK7j*Z
zAO=`gAXqKK?RQe4Z#N;)oHCtoy+7MAAxdTJj~1l9Z%#*$=yWz8#Oq+XQQ}GmZ=zyE
zvPq?ji(o{COeV+D>9hwsZ5Eg8*IvA2WT;d~!s=s2eUhb8UO+WbM9XWTC@Zt-@h3x@
z(+{&-%TLxC&rCi;A)4$K;@l0wiaY{sMQT}05=BZ#N8yEQ4Z$WuYVaZjTg;75;r{v?
z-0Gq<O$H<qAQY>55n3sni_scRoyEd@4+?!;Abeu_f06!FsV;-6u`;j_$5wHm7#)JS
zBD82o$)zJCd8oz4XRvkM+-}*}(2a98P|3Ci2lN@vfk3ZVY8#^h=0;CaFF?U4kQ(+=
zq9&m(7pCGzUF4~Z7GW1X0a>76*bQm<^)4(8BNKOwD3ua;h-}3a7*u%S5^8E4t#rl<
zR3k^Y|J6J<rRY<mL4hFXj+BfV-;^Qgq0*6dU|0_K;^kZN|Hey}t6iOlrI7C?%zcbw
z+k0hCv|=-!?3v|}{OIVJ1?WLN2T1m}#nlwnAAvfmHAdoxWZ(7YmuV+Msg}rdpnNEz
z<Jd?!4-b9_qoJ5w8}z-)Js%z^39NNyVM1zl5rPw-n7${~_z<8J_p{M>=v=nveD|#h
zC-V8;$N&yisvRg=c<HsUm`<(D6?z<3%j<w#uFjzThn8<x8`UOd1^~B5A1Om7YZNIb
zlv3`gKP?*m*R~m*H>L8}TXE<Sv5bnKO5?9-6bhNaRV+%1K^-U(f$RZ^kAXH>N_9-F
zlc?cdQ)3J7AGMDO3pHU8L;}jfF(WN*6$}0gf5BvCTKfq(taDRfO7!Eo(Es?)3NA+b
zW~+<PH{Y#p6e&~Z8$j_NcJq$kU)|^bQ%bb|F&!)PZ<*aZZhO33J+gIQ{_5ZOFhq@j
zc_T!VoWbExw))Ld<z6eTs4HPr$!#2qCs&+Ur4d$FDa}la$&mw9L=`R1N=s{_V5CMy
z^04HOrG>7MhER2ueKpee*zi(ctKZIPsHXdc@HoV~RcCh_3gAKvN{Mz2+ez_);Aj^`
zpcc9zGqs~l9o-IUx-B&sR4o%lz4Z1{?c`M54Tg-Qd_@c=f}1jC&f!!lq<<)FRDpc|
z>90vNw`Kl3@g5K%M>~c?+~O^vJDjIHIT#j#5oH{N-Np^X7A)1T^OA_Fs8|o#Xd=yX
z;8B*>oRU=okdEM>Lw&58g;7A>2fAd_L_(}X`D5x&DS7w!9=fx6$+MClU(L=H4AB%)
ze2@3%2%!oHl9Dc4PL4X5!UIkX>g{48Zg3P~RI$>9Dz&nxmQv(i1XHiD%j+)J)?h%}
zQU`J(Kq_J8m`(Pi`d~hn&0(^yJ*`+g>jUg--@*Zs7+_}SvYF{yYprB@o&y$k?1@tc
zUciyuyrp9g(gj&#xD%pcA0W0CyiJR59Y#i_1Ql{$R@$@zLXWY<$j%_CZ-7pgTgNK0
z>u!^$r!D+%gC12FM2e-wy=Cc_wF#1ev>NmkkbAmSz|<lxKqYE8{WJs`^B>MiQG|Hc
z0P-Or5!2;o%ll>w<$^WDzHvQ+P0X+#dq~h&J*RF9nvfr@7Ex%aZl$2PxSQ^Ike>Fr
zT!nTU^ojDIGq{pO&^#z~oRQ?<9(^MsH=n9DqqZk;J|cQN2)b?M+O)9o7}vgZHd_qw
zAWoO|A-z9clXpPQ6TCn|z86(iOI;M8@T`P$j1HDw6|aPeqE`r1qOiw~ETQI<3AEaH
z-^+`u$BDZ1WGdNpe9^d`e{XE-@*KP#+V}8X#j^J0Uz_i<2ijIZ^tXCDvy*cXRYGdP
zR<H~vv%y`*c3W_qh&sT+%~u{Y{BTeZbS$IsyofBN9&JVF4BsMNbvkBH4}gB8LNHl#
z1)ha9Qr3Y<z>akpX3|erm^iH$4r~Qnc+ed|3@mBGau3IbK?(gt6cWbxNxExP-e2>m
zDXt*mC@4vWnM#EQ-|9bLt&dhns#j9QZJg>p42>>IXskc%S;DDiy$MAND(fa&70Sl!
zpP-!?=X1VHJX92`UWt8t0RLPMXN%~wm=24StfHZmOT^(E+CYPd#HDpa*vKp4mt6)9
zoJZ}c58Dtz^*~A_(}PJTi;VbeLB1;Gj>e}kZ|rx}H0xIxMxuXa)JB4U(pJ^qshGEz
zg!*$jiU;I^yn;m{I3L6th?@*akJZ{^rCr<Vsua@5lDK!n@9nw);h!MA|M?@;a%c!`
z7BmB}JkZP&X|;OtEg1Da*UMui_f$OY?l|0~HY9;f-4~~Kg4*{urj@!Skn`z>b25Ux
zf>ame^J(&$7C9_OGTAkkgIHsmKFLbaTE{Lo=V8e&wny-XHnO>j&IQTSZSg1;!y$=6
zqv9oZN@*r-sKO{99HWL##;BMgJxyuI9>)rlpK5!Oa-KWciApEI8oFB+{kHbzMwt<0
zD29;SefN{V4)duNLz6ZjZBY+~)p4h2;6)#`t{87azyy^G0&bF&lV0LT1KL<7FWjHc
z53J?qcx$<g@sKvJ4%|fBIv-bBPf~R4<K<x5Xegv~TNVKqsOsUnfbQ4!%YH+^@8zTa
zECf#{ru*cp&@<xdK@tDozsvRJuOKH21-t*lmhljEF3Liv#lejuQSC$vXM<TJNjPgK
z>~VUyEk&(ClFt;av0Kig{<ez4#`I|7tTTR2kWjbNBU?k?UDd_2RoXZgFkp3F^&%fO
zJ)WIQ0th0LjrwMzMSV|QU<Hsx97BjzIL@@x(V>j3QPW1z{Y^KNEbVblYp6NpgJZ%p
zFpYQnV~86&8~zdP)`w{e+12x0u{YTR3K7m}os+{EwJA~sLN_9pLN~^ioqUtJe;s>>
zNqkH@-r_+JKkyJ_a5}IfMEp@^vJSNpv!35oz?m?2Ofwm#;U?5R9SGY8j>HqkgoKM&
z0apJZ={V53PbQ^j<>JAl!FS>Xc2d7?lFD4848bEwd^VG@?9d&Rt9T+^_J6-WKd#0U
zgPzzseJpG{7zT<pN6Q}1nw6m&lvvFXC{#hJD{QwkW+)gPm|>WWv+*+O64>V~D*`-y
z+5t=j!jk1EhON7#el2fl9Hfu+;ONEwIOy&zpTF{P;#&FO4Fu`%IX|qFt`y1tPVp;X
zJPO{KgNK#K1dB$HhuK0Y#zDz;py#fASX*Bzng)!@pvxB71yMws{H74$n7JXK@A-Np
zBQxH6>1R#1^6I>tyRf&^NJ!Ahlm|#J`LI3ggiMz|9o%7Tqi4zpG;vFU>Z&*YAlJN4
zyXQtc?>ZrB=$>K&-OVG%oPvEur&Nx4BW=eB=xTw2rvGnzVN`&2H>)Cnk;W;>lH!84
zpvahZnHLm~RN|c1*agjkZm|>tU)vbM7)^*G2=ID-eX=17t#{*qT5$gW7hlg8xP8>0
z{l8(@?qvmaks=C&J~GPcs?QVVSP$t#1*K9I9*(p?c}yK-Du?MU^XUgkOCvC;@kY_d
zohQnZ&X8ydLXs*d3wStj9Zcaszu^6eM@8wGG&aX|M8IRCRw3Nqsh3B``8`h%m2A>C
z3Cc1kmrLyyk!y^g@}2+^+utWoBQj`JpsP-Tu38caU%S9TrA)e~ESMXH9XYcs<NgF=
zIzGq3HxE5ECM*@#_wg!A3xCzsHbbh5VTLaHUPmsP^Se=g?GexKF5??*rCm@m=!cku
zu#jVVUZvYBR9&|l6dIY(v(`%#bcuKK6Fwh>dY@SA3f{5*0v3WbBVbL;%+(Oxr0l6^
z5<iR}s~UaeV*@R~JGU0Ky7e#!${>|xTVkb>8k9`U5!gZ0dzbYQXo-$M(g0S@;8kt~
z>-K^G+yhhCBplPB*gf*~?FHr$+}=t;c{i(%+Br=b<%*Zz@Pj@&=r%QS<A>?T2?L6B
z=sCg_$xTqS08O-f-;<gq_2IH9^W`$i%26e5<W)5*W~#2^k>xIgG|(7fMPuJD!tM2!
zGd!FT?cmR)QAi?mw{<T2gStBA`F3;XI;)G4q7EF`TrTAG`tTWrn)*7pI@So4jB8^>
zG+6*|>7li|0^SQsv*T7R=W$@SU^~jTwPtiHboHV+@Jd$yx!+VoZ8B&pW&S&TbC4L4
z))&>LMw~1*3wGI<m-@?SI?Aho55ZiuO_&ozv{(&rwh@Ys?0H@=YJe)UcjwXkOT6>7
z;$gb`Ep%$jt?>G85cyPKuO8^Lh!*V?lE<LF5UFUyAbpNOzfh#Bxk6>4n--f%Wt#t?
zY<K<yj6vrq3BiY%>fOd6`;k868C)<8M(11lhI5ccEd5~8Uw>l}oLlASBnoiFW;lGP
znl^opca=6?&L`(eNQRXtkqHGIqJS0&a6L=bMpei*N9BGvJFg<3aH#hQtAczB`bam6
zF+-=)TFyZ3xI@C|H7-7h@R$xYL<5?q;5G31RR1jq6qIhCb2;10KxKK^O0Tv?_pE`|
zQV^o}uYVek1pNKi5mI(Dm*5*qwPwH1o>dPNDe22j*h;{qIPu$ii}2F8EOIqD*o?aC
zk0q4zFA2SZe`1VKSqFP4zZrP9qZxC%nk@fN{9L=N1CRLK%UK;YH|HP9)CarJ+W_Qw
zhc6kJ`Z*j<GB4Ch6`S2)v$Y_05mES&g{rTS@6}{8g%r&fE<uW83?f4>T=$w$IK7R?
zk=-jnA0e3iKdf8sk*%P<OuL>@RNzbY-bO{Ys@TIJGVQG)(ftjb@@6`1lhTXEM3gig
z{bV1?N4HWA$9KFII(y>fwohz(0U(b!`t^d%o7<h>xHit*)wzPf3-3MY)Hh%K%_A*!
znlB$)=Q4DZC=?4M3$o%AC5_(6RE>t*8Sa?NitwQ`ENCxUqj)C^AsZG$Yx6CsRxs)0
z$W}bLkM>>wK{E3`Od`DwAh8L`$ymoLnKuuZ=z7T|JPvf)4cF0aLZVtifaaGN6vyYb
zb%;m*J5Aq{ch8|4)Jdb4I8}>2*%;A?HA!$*Bp#@x1cP51!|y2fN~K2#YC52j!Ra>w
zcWND{%V(GNuCdG))l1sCLK?S*M=bb2u<xAf4;(Cfztb4>jpFWVpCI`zcusTQ|B4<W
zJBUFJ3HB_r{Cx}F$U6-g2KfI2d5?DH(}HU>CD&;eNGvy!Ed$MBIcDRi2p=ZHf)|iK
zZ7*xfmpv@pU(Fh>TRx7}gSpcd`k{-mu`*x-iTOCf%DWx1fK4CfOCa~1oG=^1GzNre
zgAGA8`37bkIUmfn7!{xND<pGIse%}U6a*pIU8z}V2eDgLYK%jGnGsl7gPNH-Hw$b~
z$eRk`J|i{Sd-=9poneHgy$J)Zoy*N_;BYE()Cq2kyqD@?-z(zwOqIoh6iAsr@q`Bc
zsDLey92zaCl&bg;W{$~Q5eeBsB}(ek9ddg0iv};@;iRx(8V42xX`d;NNi)Y}S&0o5
zTfq^-Url@UO~(Ul_!qx!YjUI4CUi}Ory%H66nl)3)=Bxsu?8Yp%JslOBnCt^pX->e
zl;cAUCwoNFBwI3@QR%6|W(#dj2D#iV(X%Y3#GfD+fQw^0M?ILoVb?trho_D#2SwN#
zKmT#Py1aeoV3olG%?}0EMb0Fdgw`B-GJFY|bVB&6pbD7o?n>gY=F=w#DP@ct_jUEL
zRA;bV8E5?Yp?(<j5AiE=3XCv^TSx*XF2iZ4@cS!s1$-A@a3aRiD<79Ov4hI|$1pID
z`;GG-SinlR!mNn=V#C2p%3Zdi$bTJNnxecVf4IK=K}D8zfsMeH#crjhnAp_8sPb0C
zWq?dlsp<kieIU1m#2qpwQRJD7d}lk_ODL(gU=Y%7-dDiA&-Z2ZWhD{onef2ev_Cu(
zxSGjs!iH&F*gV+Lq86$ArFiqajsY>ZGgy8V{O~XZ%>Cn=d5ASrnBJ+Zp6<c>JD}Sb
za`1wi@GeBW3*6>NLJT-d2Xg?<^PdS{nqkmjAwXUq>%|rMZM*ef(1OtZuho;e!swUd
z_3gy4_a6>7TXR2m?XjjePY!V8h8>?3CH$DcGV6zb3>fwcNM$C(G1~5I{1jG63uCFh
zPj@o4O(F*WWwlx@E0NbOVGur@Ute*s#{NKFOjaX>hN6X1YZ&W}WZfK43BkFkGBxYp
z4hCGuV_iJf!&vde+GqdmK--_i?D^U+kc-R-ERXVKLT-OQG1dDqz9JBGW7CdiyYJ(b
zkUNSS>yOfAgr6cXK{o))Fct6CQW;5?No6+S%`RL!UY$7bu<T2i(*#yrY+#-**dt{X
zJFxTka~S-WX+W5xgj;*po$iM^h!iAhlnrn|?0(*JHD`Vu!+Tr{uWJFmdc0#&@z-0;
z%dUhrd>IR}XjV2*9HbOzO1D{U-oM)ypIf5){qg%gU(b2s<@-P7j$8@B&|vl+1g0wR
zc%u-7T8{pV#ak$z^8>5fo3VJ!Q<wQaMK|n@r%z8q^uKxB^oyZ@uVSo6@FKr+3<7C*
z12f!K;F`=84)7aGKhRE1p)?F+yg)69#wKb#g6d&e<p{kjrksPdM*|!@tUt0v{Go9o
zJPdGsW<MKf0~rpGZnm>=-W*zCgl=!Uu8jXXcZvVzDqpAY&8w*G8Nwi|DQQuOOg<la
z_(u<(4>xkQFg_x!o5881*cBVMK{_Bn*+W0$qspqi)^u;qj@~w&lgR$?<V2W5g%r+z
zQ$+B4klYiQD#bCT7Ug)`QmA$>wUgIfsof$8ztypYeP<b0?!tpfcR@WcXBBXw@5S}G
z9{xjeSgT*H!PneZYu`%o%P40RF^>>NzF{c))ng6B+-u7Li<nkL`e{n)x(Kv3QT&iG
z5P^DUO_(f_*a=_CWoicL49CLauic2D;n%Dh7CQ-NbA!f~;4yETst1g2Jz-tI9@Y(S
zT20f<t-z_r3_E~LIebQK_Wyc=8xDUn|5Z>(6omd7s-pZlD4XVxW^><FQG~WFF)JEA
zgR|pomu+n2{YMTjy+YLvz<W;7&KJxyMPar+CGT}lJ}(aCGcWiDp~WSZJ_e!~jiomt
z6X5wU-u5g&PF{(L$CBvl%aG}oB8-Hhf_kKd<KE+4uT_Ha^34t!M974kKTn?{@&q$C
zH9`n(_%qjt5B2Co9+GY@o-adaTfRFcD9XK?cvzRLPzP9|otcyY8(%mu`l1YWhg}Rd
zllGi+OAbniH9#F=Ygg6%@@w%Dt*9jkHl`hDlCl&X_r_hVG_0lp##6W3hueh~9OKhF
zd)@LJiZFyrT#n*{!0oRjoh|sEzVJ6UGg=zkE=jZ%8W}4CS2DBRWF1?oXxfuliGzd~
zvPTR|gbzqiN|g^xlnSA;7J^-1Of1=hMzglzO)e`CYnCgB5w!c@(d{%{{Fv?#@QBn-
z*wG3#dFTZn0k8iB`VV^?I&JWqMV*J(Hn0WI;xPBN4}0p=70mq}=tM>Ov`EH_*Vsp>
z#yZF`#bRig$}{Z`uW1)LMA>&_hos#*O%g<@5<z{;FF}B{sYK5i`ZY6+7PfXW8&)|r
z)FZBp)=}&8Hl8?{c4<5Y3ZExhK82Q*R+PMDjL^vlr4)J0#603k=cdM@brmL2+W!eB
zL*l3>+ZYYcn~sxfM@xtapUuN!1lQg9gpZIlNO_r6(wLmC(tE0UwnlC~zl;qy2)mZ9
zG#B|2dIomFx#9_BF#gd+dEaQDlT5yTvOt*bwRPJUUpWjtKlXI{#(=S<&@6YURaVy|
z>xK+{KAS>L{LrWj)>hwIf4MaY+P0RfBFWN5Gh^P5`X0L1Ilfg9Galb9MeOXUvNADp
znS0Oc_4LM8s7fIexkNFJQuS-)BB1rpJ;t8*?j%quH|Oh&qRD;7*RcgN8sIy;_KfNw
z!()Ixa<gsHsVuUbBWyEz+RXrcRG*blZH)cG{bRQ>AL+wwnf!OL9~iDFL`nhX>mhVN
z%Q#we?i&s31d+ZbteknETpCw!ML49&crv)^p1$f_2?{wM4XQT<l=M2Dga^c#r`M@W
zZ5iMSnXYocT=rk&qN`}DCDq=hM`PormRLWdJN~aD%(+uIWk>bSpAE5|@#frW&(pbs
zbFxcP=9O86^Z1GNHS((CrfG>|(T)BdR`Ax_w6^6GWC^K|G<?NP4u1bG=G>NxO(#cc
zY56{o`Y`z$(iBb?Nje)V-Hu8>jsqocSp<PpU!RN2{R`=Bh@-UeFKoTZG=udC<h1<%
zK<HEKAU_P=$#Uh5%^A^wo{Ms!9F9*sP1yEJ=QNkKJ>$+^{c$KdtKs%BI>KH4lY<@C
zY=6RkWt`4?=%-%Icn-nVXE5<)a<7y1YOTzRna2Mhn`s-$MD}tCNd|{9v(SKJ;0ti=
zPyZT=5bFPTOC0-RpdgRAxxln+>~m7CN7kQ;z~h=zqOC`XMCT&ic_=gBl`c^OT7-^e
zjXOb?z4>^VDtDOVLTYaLV{Rt;fKz~XWU(fn7}J-IHnncV_HenTALk<JpX>&>u?s~p
zPieDhyK7~elkgrqbOciDow9i$*8qT`Se8{HNL9&#)Xy+$+l5Nz457p;kVRKnm1(ik
zj0{?Lwx8K<448;#8Z&D^c*w`d_5OEx9n9ngh1i4e7s_x0(7*rQSax}xtA<JA7JBqr
zS~Q+D)P>aC7L|2c@a~{{SY!7)veg+oTs{Tco!9kGgQ{|p6m4{BUL!wi$P+MBy-J0I
z^89ij>vI<h)rGqyWYg-Cz>bm=ChBvsmzBr7TYYshCC0MZ&en`aX>d8s`HK$qmN36<
z>L^BW^ABU-2?FN0BB?|+<%;@-m9VI%;&E8HMEty7zZ*6Wn^J{{F(Vx<EIy9=U{zNf
zUWCFg;VjCk`PxnoUb=f}%Os$QE&Jl~6wZ*Tu+}Uux^Irr*C+*s5q_RjUT*Qpw)+Z?
zofK8aAC{xE3@l$t{;mqDtQO2+OzE*ej=uEwN>!Q>^t4^KbiezmW5(Jju^uM|8KUr=
zJ6&k~Csz<8|LsT3@!qF3Wj{_%cOOyp6x_C;K)z%&Vc}-LE4$0FPAEV|b5seFHb5VD
zc-5)!pC1Bfm;=J`5@>%#`3UhVyUI%KW*yCwMoqi9&fElx0n%wrzs*Vm0rc1K&9{Fg
z0j!(*T`(1?YH~_6p((p{ohGO)ZrIdjtqv0c8aEw^zwnQ@`X}7u8mmGqf<BmSj#ltl
zw#<%IHE&k)L##7y^f>^98^V~vr##H8)t5CUFzMOc)Ua{<g(m7*f=F!2nnV53b8fr)
zDq8QKya>p}YYP9362l3rcu4LNsiJSl%f#xmoNFq+d}3>rq|2RX2=HO=;$4hDSYh+*
z@r?yC-lSvliq?NL1sqP3$xK$!hHi=Gfb(X7MHytU{T$P~?z0BcW<uRe_%3jK%|1bf
zq1UD9jZaTUWxir~?c_ZQDQ?Sr!<sJjJ9DYkQpNe&jw{cG0b+Gb9N6&bwxXwgnC)t{
zreoRmjik*-%1?h$ap7}(Q0?@U1z%0<B>H>B+E>8p0mB^qr$Pl7Y^|WcnKbCp{|=Cm
zayi!f`6)kWx&pK|E}ijW*U-l#O7KTFcVHJ?Sv<?~o#FaY5Xr3L<#}ivS?TPc#4K~U
zI)_|NcH8@BR)-TSsDifsK^Y`@HE4?&bmv+BeDnxdv%C|jUA%v+8`%aYFu{#BZnXLK
z7N+)|6g)^T_VR=D@#!&@iiQ<s`MbnL3AX%VS&du)pb0F9*T@#|nWeis55!2rdeVMx
zb4_lPQb<nCQ|9(mSX4Or@sp;|ZtRH0(End#Cr+bH==vhBI*x;VV(5O7n{o9~hfww}
ztcp$Uq^MAWmWyjUuNfOG%Zbdt-rMz~;~6{R-#iwTVGM`)#%S}12VcD>*O(M#W^-?u
z<GMJFouR(V<X6>b<7JfgIB@XH-AgWMpKCbqDdPDa(tyN2@;Ig`A6;i7WzJ}1gQ5p}
z%GhCpA^;Q4cw>Vy0Yd3l-X!eYa=pf0{#rL;@0PltK8qr~=+MoYs888`c@5@lV{thg
z;QSH~#ackA44x*}EQfCm@({8+0&+g#-1TN|wQs1@)AyC>LtgSrL;=|UPRJw$Q})n{
z-1_~z31Xf8dyuT#)1>-zF;?hPwDD1G{(>)u(d~t5sudCR0$j(fy-&Qf%HwkLM`Ayl
zG7qPnm&%k0Ea?$#z0*UXEZw2hv8|~UGdtj8CXr0zujnl<lSU}aE$xQ0Mp|k@8sKDe
zmC!7uO&w~6Hu_Gfhe8Gsr;A#2+%02o^GuNxdijOMaNdvpj%Vd?GSWrXiPY<-x4BP%
z07Kfup7V)VKxWqVkws(PL5zTlU&&>x0dJXKfGI`l?=<%VI{cBlqm%v$!k3Ptjcg3P
zfMD?JD*?aw|N0VD=@JayF;=*T)n+5Nc_eH~=Fz&&GnUCMuko$mb4w6m2MfV0XT4I~
z5i4>Je!QJ*>kZG&o{tb~3xHlb%{*-Zx1rrgWUYQUh;tT~_AL%5S_nV~5$jLH)gJZ6
z_tJqmezo^NisWD7%_=A1l@$$B#J}b_I>!qg9~cDeZ{I)f6NVrhho^-2PaUd(`R*hZ
z>Q`Y?c3XBvTc0zyO}cKl9nX#l;bt8Ax9k3TH7uAm+pq-DM-PaRHlIwEXoUQ~R@^S0
za>C~fi`O|D$Zy3}u{Z$O#2k#!W3(gq;Gu#&gQ6Uvu_JL-AIii2*n_25bgH)9F#ad4
zp*C9~0y`1Qfas6D@TNWe$(U#feeFi}N}DsHGAKHiGx!pDOmpu)oB@1SnO-ITfBg>f
zWe#U>g-HF^;DMzX8aD_#YyZ*F83xQBHy7FU&^<wZfp2BMY5<{*kGDTlSa0xMh4)U<
zGrPP$&suxt?KF>tYetUwoCIzm(rC^zxwwdZ4}L+{+?qw7+pm&r+x9ynaRm;6*}dAZ
z3`O!N%_@=a@sIUF&w2A0pl*lS<h8nqI|SE%F8woYHemnd$dU=Qg@A1N#jO4_uI1iF
zk?$k+^kmPoBnHra+9#wtSVVefEN|;yL@}iPzL&d1OXD_Nc9^8|$;=e+QC8yOAN!C#
zVQMbG?B#jccd&#kF5tQ%9&D*SvzV(nkJ(`AJ^@9yAzI?DW9BaCD$|<M6(yyTk(#$2
zWYw5Qbc$bt(DiWU5m&{2fGQZjRz0rsdn~{h(TgE(r4b+l-%f<WMg&_iqTCDJ!(0X9
z`1hw5^@i0ddhJ|SXGR2~CtRrKtq2w6c9ZijeMW`BKn5S<ivpBc;N;^-gJ&3v{jhxZ
zptBYd!{YYob;&`Uq?+%10eG+^Jc-W*(Vv%`7~^OZ<9ru=)9xTVtQS~D@6NweYG4-%
z>Ql3};r4*|_U^9%odVTR-Q?D9yO0Bhw+P_UoJtTv5U#dT4z--5HAdQ(^vQ0~vlB%r
zqEdDu#M+Pl*N!$zW`CR-6_P8_rpmSydHcgk|0o|c^X(;ls?S2nL!}Nn+0mgAQ*~u*
z_3RA$pL4@vmn8xFNlV|&EuSfM>^3skUFkLE3;`I7`sbmcjIq&Pq9n!8S|?xY(EAnt
z&uMfI^mO?B7R{7uuZHgzzf?c6PJ-I;J8R`zzJ4WHIADeQXk3$USM<yoPWqqv{K$zn
zM_ZAqE5p4LPX*)NT@D(iYm7p74C`3Avdd1v;qow921{N@O4*&lylUL3)T5AeCdRp#
z(EtR03$VsqBu4*v;HdYe_xl-XRTjTW<%8Tx`L?9QQpwjjBcdwRn^jGLoCu{?t@&sc
ziEv4aBe7>JfcqRAN($4<VY}DYBMyF+ceZHOpPt}kMcT8pF%VUIOPB}^QX`F1u*JV1
zHR|Ew<kU#E`Rvewf91&0zm1YtpI9Q626}^vrZ@R7Y16sXXH|C6g$Wj$nC<s@E3>Pn
z^N^H_hoNIAh>g%xJS<R3MvyOq_~LS&6r?lel1;_-qyq$osBrs{+<TR@EKP>nA0v@b
z5Cte8%N641TJI>qt*XZzRueBArG{Ih!EK9saBJYVA$%{tPvz?nb}5*+uc>*1rrW5g
zUqR=E+z7wxz9Q?arAi97i;hI+Y~~2>gtXt!IKD+lU>NoHozaohemtVPsT{%*ya-qL
zW#S0!jE>x($noGTT{7WYG{L82IsPPu#QQ4z**{f`=sOijPp7@14p+U8xmKD&9lhU{
z-p*VeR?ewF_4I2ZvB?3!GxBP?4;WQJ`mf|0r?m?+5)zv`@|yLwI2Cra6m>*LUUXnf
z)+yWq`U+}nCSpOq`bjzeN#l0oe$tSk;iU2EJzd(#VQTj;Q`L5E|M?_C@6dWUVTxD6
zxhqdk`Ni)#4!YG+&Fs2=huoRFu*okq8NWWiBP=23cf$z^0Y%|LMmYunzCbs2yH{be
ztlBTPl^0cp335ZGg2astmM3KM*1tV!@+0nqFyuD0v91ZT!MO8j&7Ms|x^S;WddLto
z?EP6K#802!jz<!D`L1?SerA3!Zr_>SCwb$H6rGZ|ZONdJ!i{l?rMaOMmCcxPvH07B
z6sVw}V$$$61M?=n?_<b_8=xME5=7sQJ^EvVW_K05URs$Dmuf5vchW2F<$@>pYo!?c
zSGvJ=qxJU~$75tZ!n2X_yk8x+4ND`aJ%%E5sEx+91=XXJ0@bU_BgPE^qDFSHRtI@^
z^WhJEA}W}Cu1J&h>k}eS9FBd<N@I0niJp>thRdc~QWB}HUrjIZ<v<wYp2;Fas(+ka
zL}XhjKc)&y?&jp{BXXr-^(xQZSB)?1D>N<ReUA+{yLwQ-86|VZFpJz_o#Bc*=J!HA
zxwMUf_9ci%$;sJE)|NFi(7-UCEtPp8Vco$<_^SooN;LYlZ^Yuwryht}B>QGa{C^<X
zQ*=<A6@zdgec-FQ?19NWVHf;+{>j?)){cVBI(1|H`h4VQZBoJ8f4@z;x;5UpeEv9n
z^ap$$yE?u4Ohka;i&qgv^`6}v`BVSr<NsP$CwZ*0m_7#vkt`~;)@1my$#eI+dlw%i
zX?u6aG1J+X27{{d!+Ryn8>g`b6HX3F5x0Ine596IobX7SO%)(d+t3<bf{2lxoE@Cf
zYer9(WAhTOCYM;CajebRE5DL;@9KqU$NdPQG)hU#uQj}KeyYyCV)_;!P!xjH3HjFc
z0~D9`2Aqn!9J4D-G9uAoBM^%!NAQ~u_E@mgSCv%C&LVhH(6%l_Rl@KlrRHhorz}L3
z48vGS!QWkJo&(VpiF03M`b2J!t0s`g1G7B5VO7UoT^i@`<;K4CfnrN(_j#r?$Q-=i
zF4EtOx5u-*)x*s(!)s<#D<$>8{M5B)$reJraXq|~X7n`eYIM(o+{w*PmQN2gx=Mym
zg>Ls+`C*`+wf_hmbw<%}I9FF~;CCL7V`Ju?n$PLl)B`*bu|c3nU;bkpcRZ_^wtj;d
z?T3LrZ+f^jq69V+T{6{_crunYm#fx#Ma2>Xmc-<2H5{e2i*HMpQt}O7cP-~4OYgTg
z%H0Fsu2KHKYYqCPH#Nh{3BRR6rZf!$df<sMMDrEC8-54nbyPwd;4a54d!#3#4!otj
z-DDbA>cFsgT1hRcOj4;ssGJSCo(f7R0u5iiJjGu#jT{U7ErTANfD=Wr+l%u-2f^qM
z*{P#LoQbG#7N)9z|1ouqfptDlH?|rzww=amY};<^q;Z-jw(T^w)7WZkHMVW%e}C_%
z_rv{q_u1Xq*_pHF%;ezY71fAYqH(l~22O@b6#7Cz?u{#dp?0EGFQ%_R$+DO%S9+P1
z&MtJ-R4cMvzk4r>7MBvJg)2PkfZ^eR$s)9so>2sRz%5d%$cNe6anW{cg~0GiT`+v~
z1&z;Ol>Pm5S3ko>!!J+P-2Tk3g(~8_{qyUN$^O%H6CpNDktpky6Le^iuPWFE2HN{Q
z=`0Rb`V6JoMsyzf+om7#dK9iJoK9*}SwU_v-1oy^iS^xWI6lBnMVTXfZE(T1^){u?
zFLXdk(NKpzn18-?K|S^x5meyPrD2C}K|(<XMze00{epnKq+y;<#x$ult^y&i;9UC4
z!cHRFk}KY!HqGUW_Kb*`_V6h80fS6F4ehDQUUs_@Z-Yxzx?~K<)Yd!o8i+K=R7}+J
zbGy0_Hl**L@-DlNE0)i#{hvgB)qb((<N+FGS*7wk2Z!IZ%0|+6OQl7&TuyjFKj;3#
zq@Vfmum+k*7q#~0)Un@U_r8F31}8?lCXm?U*6vk^29B~UC;$kl+L>!hb$5|Los?#a
z6OlafCyr$2aZ%=!&d{Wcyumw3x(#xgfyZ7@&sJBb@56nhYUqDWm-NU@%3gv5WM<d7
zvoT+L2VVRv&FfY~d|+b|4y$IE0gv~C+l8=zd0c0)k1|skqPPmp%XP}jJzh(}bW9$R
z_&0=&k@QH0J=bv?Y^r2_E02wOIvd2rB=zxCUW7;<@%q5=bji4M(21j<_HJ+y&7(L+
z-oGc@?0CP!nuoqAu3m)Q^OywA_urPC4!-hHS)`yaTsnJ>v-8XEpVLm@PKk~0aBowA
zSgr_sZdslKG1C7$tGIdG<YZ`?G5fu=yx@6+gq0-|3b<Xj-g+DkzCKY}pdd;Ki9?_6
zSrnpBWL;C#Xz2|l(}<z($7k|>Yk=%dm)rtHg-ia4kllp?e~EM&pf&-GcX!X=<SrVD
z40aar`(v~6DW*Iu>ZR=jbji{n!?@Heo{_PDP-iw8kNLXB%Gz!$3#)_ytFI+yn60?(
zY<$C+o=~2kFH3eDmnnr3&@8Dx|Bc`QbS6rEq99yfzRR$PcGbdnMS3;w&67naCE-A@
zPG?L-Dp6VsG}2`gZvzu=WF33suIQ0rw^G*1Nww^#rWz@;{?Yr@kWTGP(d5l^|GsRD
zllRGj4t_#n=HjutQUX{o2S4;yyYIi@&tMw3JzRA=I7iQ3RMYj5TID}P{pj3YNZKO;
z2RPPxP{I2YsoVVJlc*2ozP$#{=JAWt^TX|q4Ct-QfAj}rj)9`ua%t`<551&oxt0Nx
z2Xmrc0~I%ebb<zS88PXs?32amuyDFv))1w2(;XR?#4*RUz{%JZb6;g$XLExvt-a_D
zSxv`ASAMgOD4Uc)W&A~XmA`p>6WRZiSI5b%|NH9c5o2AIozC8G(Cz`u`<*yn<q4$@
z#q_1~$ba@Q11B<*1cTyKDh74=lf7kDV2%ro3>ai|tM%pe@7S^4ym70_OKapOGNY3x
zV6;|dgzFZGrWZ5oy<>Gd0ZQ`I?(f(Ya<ij6L>ffSyk4&);s@%~kC9^uY}B|l`BZ^$
zGMQr-rRDqZm~NHQkxkWN8xnnlpt7zlwijPgDa{VmVL}tK<h2r0ZzQ0FpoV+SD^oco
zp-n(jpQQgn`79TX;<Uzuf(D6J?#zpn1~PliH<8x8asAmLeF_yS)I2qN?w+HZ>!@&?
zu=UK2NP2e~u4d8JR!N%w><lZx`KLzet|YVqASQj$GT8Q(rbNm6tui9zoDBi54>EZ2
zH~GNjfrIkh6O${Cpj6f?bofX*&+n{yCJS*5P9@^adKs~-KjMi?!8Gj=?WZWtd{SB7
zP~jkRb9EZ$Euo_5%+|oLhc&w+JOTeU6KhiRtoJhw$AtMNx8KAR9l54*`P!S-*&Fr?
zAm}Yb@>GI(MzABGas&r`i%6Kr#wDH^R#|})>*v-khpxfNZ=t+8Z;Y8r7D3+}@Goz7
zjr^zF=p=m_+s`u%7R|G#-vM&MKU&PS2`Q&k#6?<5)n|O~pPlyBm}BH7^-9Q&cQ_M?
z(Df!)M1-cOJtL=9WH39<M7Bfh58McNfX6WM#QKYTZ57+YH1GRchal@#yaf3-gRp-=
zn*3qrj41Y84i+%0B}n+8P#O#Z3@I=F{(Yn9ZG&g1iyuuVH&UY(Tp2X*3^pNFX4LpQ
z<2v*1UZ+<-XiZ*wmA^nka!SKxM`z42H*UD`MsSw>JV(r`0`neQHh}nSPoNoj3z#0X
z8jfdWwaTe%sKNJ%K*{1O%eaJ_qyz<b1Q*X1M6E67t;M7t60y3dxDDwISDQ4oropTg
zF0^P>eYb{beZ*EaoU75$8eLK36<v<AvGl#$D&9R2BmIzzk50+0m@dJPizkz$X*7iJ
z%hGN`51{TabHZq5zzV)&C@dJu0D`#w9H|%}x~sI+Vt@rpLii=Q(zDaLt$ip)V7v;l
zsBoEdg7ZSPdZI(o-8F2HEZfe`wsi`V8nG$JTN3j?R{bg*?s&lR<$-cOsJ2Zkhvb%5
z-rHJ|sI<-xGZT;JVEy*J{k7|>8%o~QFlk&p+lo7g<rn)cZd&wP?r&@AKw#TyIqX$9
z9!-`SY=jSnR6w&5x)!b;E}4S(>d2q*r7O7lD5-j6>APi->s|S87c^9YF`h^I%aC82
zy>wS<IU~c<2nYUydHT~#ylWv`d|7}-Gya{c{l0_(+4o^s_jPd4X|^3?jux5pX;IW1
zvL;H_*PVJiraNPo*^ZYW1whErei*^%_jev+hIuImugW#H>b4o<AK{5F6|WwQF!`H&
zJQtzLj>|Q49CC`PiBOgME7`jEC_dF1pyDRAkR$np$oe9IWY>J5Yum(uT)-Rgr|1Nn
z==)<0vEch7y-e%Wb~b5njFNr#9STpw1wFQiVcknsmq~E;1}*<Azy|`EoQdOCoxYhR
zLLN;nn=D`HFuhK?`3mCldN2fS<V8@kXUS2VqkuK{>2DRUZ15NmSzrhLeB#}`qe^r9
z;t)W*v!t>rS-bdQ=WbgAuPcZx%<29v!f}LiS#i=9vG+=j@7q1JaQ>=Z<2G_@xW&Ae
z{B-HX+gqoPYpin!U~+;k=Cl+;&Zw-`i1Lt7*YOOR7_AI-5w9n!iE;|7_DU)7x$!J~
zH_pnd;gI-xwqjQ|x~Qc2iSYQfs91rBsw;S70k+*Ts=w|0*j^|T6&>@3{r<EyuK4g+
zIjrnwCoKL<bX8>(8fSP%Py7r-Xu(x{`i@7}tY`N+2KT1G>*~8YPOw-|;xwcvlTy`l
zj_jCNhWhW!{PDe?qr{-3lKfisDW0vrjvO^RX+)Gdl!}dGm*9hPD!X(izY5P?ucQ{k
zH(0VSHYuAG{cqBRODMWefizRR^h-<sepX&_Q<~tf_dAh~&#wzs+8+-!`5GbjJ7cG@
zj&opyOKX_`C;2nXmz|JPyg}E<(%vrFsFJw4lJI5>^UQG>1xgO(Of*hBk9XFdB+Q#M
zX4uA*58=w86s_H5)m*rn?;@R)p}kqTHw<qoIeX*NF!kY?LF#Go39v}?`{4a#o?T)$
z9{zKKb}VkA4Odd03H59+yW{SY&_dG3<Pg72@saz0h~Z$;nDsk3;i{bU<Mg3eRaq=x
zla^ZM@mGdd-5CY1n~Cy4#s~k3bw(q<E*hvUsROMpcXnGiCQl#sTYbac_)w&Y9pxpX
zm5Pf77o&xAc2RzeIN{{Kfb48W{(4Z8jVMNL)rJ}az%7>~>5lqn2ayRh3oX>b1T;4x
zCIsMI2)U^RmdM?ufXLszW}*<>aRE8=e$Mp@tU_55`VX3ntYS$h87M|q>6T;WanZfz
zrr!+^H^XmewA+s%#AY3f=s@quBDhZ1s>nWO<p0(Q8Zm_^`Ir!&yM;Z)0BkyRHOy|k
z6igR$nDA1RdFlnr@VoS5@Je@CFW`aK4k%}2B`s_lq2U|-6o(4<6A%uo%~1eFhz-V)
z%KL6BT+HQ4zV$D4wg^0Bd1T^SHmwo<k{{f2K`TEP>)r2{Re6u_x<{zSl@R1#?w<Zu
zbypXsONwpqLB9$#yFImTkj3KfW4XAJ^0NCw#SsXNt$npkoXv;LlcbZrSw<taMgvjT
zT8=QsNEkz|nHkxXO#Jl&pb3-_CR2VNoj-y;OJ6B9E?LGCXuFdpLc{BJFg6|2j{2^h
z_+gQjXjSt=Ck3ZKM<7x^no$!wQ<#Bo)MT<ulsq`57N?t?ori6YJ%XYNx6wIy3EuCq
z+4V0;nXyT~LL}`u`_JR}5Gu2EY(O+Z7!_?y%@^<ad?v{E`Fz2+o%HXkYkS#i)qG3m
zB$2AUJ;DtEC!X`sQt{(g)?la1jE^o(H<DOLRqe=gg&}Unkf;eTQ+$f#GSSHAvCOHj
zj;J&6#HZkU7Myf6l(7QOAw!}PJnjcrGTO*i%}7Y&!#-OkO6MUcnJCYAdO)!#!bGOR
zajGb_MMy1^UK{ROn}2G)*`JO$mX`RQU@-&9wPe<!Y*A(b=OfU{94ncO{u~<eo|3mH
zSw}IJoZr%M_3$f0^6#WB{D^AXT-Kl8=6{)7I`=z4Mz$&5Ko5#nzWr!$JCu9ubOPTU
zcc#2g<ZSwtC^E+C76!cS0}D%ARX)(0&xscz2-v1YMhq@>s8qIee($xlv0#R$G38g9
zFq_x&8e8urHm2D)=oQdA=&Y}T(4%qmM_00|RxA)i7ZO|k&DdYjd~n)Bn|8qYT+8Mh
zYjmeOEiaxBV$6J6;3bR#Jlw{#I*`hTMbY%S0^+i<;C(jKr4@NP0koe@>fD4xXNVo<
zXAUn{B=gNikgT~t;Ih$P$QCL|a-bMWBD&-mpRWh#hAZC3*)l@gHnM_yjp;D?)?(U+
zrE0*kK3q3DM4m+C0R;l%HhB<YS-Sg``a2AtiRNQszI!M!qf7~9&GDrx-;YeSHOE-P
zy{r|!+%HGlyzR>aSLRUrNAOFFEG@0Qq}5>@Iv8vN-ZcwF>%Y&Ey(<zxb;PoH8x<``
zD8yq}2n8D<d0eyxa9oYi+>EWD#_^>`aY-V<wbsI%hgSd0pcKKb_=Ef)A-Y6uO8Ij!
ztfKo*Pj|22vCpn|dSfXCC@3UI@GcbdWmStlpVI5^Ro*1PZ-ghtP*6D^7rel4RR>X&
z@9K0F`W7aWYQH9RfVvoyUvE2J+sVU;N93O{q=|=26+SJv4)=GXdLY+4_}EVt$5ugQ
z`^5q*Ih5`~j?R}1ha?W%k0D|}9$INdD`*xnQfPFNrpt8HbP@r56s$T##%uIX#ZRC2
zyPl#zX+jj>N7;FysZ5=b<l-<J8wGdTSl2Vm$~px6N0Qtir?rlXb!C0$d*WWp9OT2@
z;a}Li&60jNsd)0cRa6O~$x7ZN4i3mYepwq&`ie15V?QTOVc}-qRhEERND0uuM~}+l
z{Vff@PWFr4Ez@$d8ph7u>U7o|F2CG=_yziHh;sp~c}Et}!L1}?+pI)kCp(fyTRi*2
zpywN%qxj6vqcrU{bvz{21Mk4kBCF}&pYB&T0PI&)Rl(!%POwxPk356f;J4bRU*z+Y
zT10k2yHDR*lD_7^(x{;IPy8J`Idy)L&x`mtcDpS}y-7BdZgm4ERq<?MS~*otV<EGC
zMq>wH-voa;jcH{p&{lY4ehbUU<jz|Sv$YgH24^HOvxqu6E0!swu<egCc@B7GGp0$p
zvf2H0iT!-<L6{@K0Ui+IkY{$VVNrC+luh(JLB@?VCvekD!w9|q^Zf+-HJcyydN;JY
zlq$z?f6zln1N{~yaLnDX%ePl!4dDj<h{F>=+u?u0Uvuf&WX#~xk7j}T^HvW#OdE?s
zIB<B>j+JBl#|r*?z|VOT_*Fr|aG?kS<7XnNpxBu7<Y>cyc+i91@Bs6bQdbfzfZySR
zt2bP=17Xng9%;jK^6(hBbz<#H-XoFMJ-YOMvv1ysRbmhRldTeI3=e0XqqY$NU*iza
z9wR|E`t5bW*dw8qL==VqIzot!WOP}-qAX_y>+M)_+`5ySvCn6XD-mA<-d>&&>sXb@
zPn_Xd<}P=)hER+<)=h79C<lsh$kzN`?swek>R%HII8LH>(F=UaiCebt6CZt-tBJk-
z@bs{2a`k>)H^G7DEs+>}I(9;+b(I22!#9c9A>gA3L>yo(O61;ua>LR(2bI0{@(ibg
zmm&;)K`JLlD;XV)K!lM}hn#fD3`0Jo5!fOC`NHt5@edgppY`f(1BkLx?=Z>c{0$T9
zlv>z~IyX(9ztfz~=vb(RMt5E7bk!857=EyXLtWQCxIMI75-HKbX{MFhh~EKAAG%Fj
zk6YvmTf$VGcG&M633jN&nu;%H!pNU>oFp5<x3P^#d!8*+HF_nQdx>O{%l@#7I|Zf(
zKu1GG<4&~af}nLDgQt$04^NiQfikLzvnvwB>CHu2QDwDhFPMO3t*(7wlQ4M^tYr|$
zH5?TPkvr@O*IJj2es@N?Uj!trTz42>?eJ^Y4JSjP71R6hCR+Zcz8SQ&IU6eJMP>3?
zjbv`itdK!rg&y*-*#54q&yP|yLG*9Q9o!Z1;d-W~Wh`0hJAzb249JGPaWkz`6MSeX
zVE7<tgaa{0CSLQzhtuV~!i7l)b%fO`u{|fj`YdsHvx-&zS;mh-G6Eu_ZSujGs<aLm
ztiY>g_JQwh@uxH4+Y^n(v~U~^DK#ud#QVV#vwzI5{$37eieqvFqOS*nww!xMbmIc%
zqQ+&ts9HzYEECWr#f`|>rQe!)vgvfz0vk#5{cRteTU&zP&`~(68@5p+TCMymFIf6i
zt~j#VT)Tq<y%?iyk$?@sVHfo+Lt~dzRa!*kri%00<lKruLO@SQ&(|GqfEi(b2Bw>F
z5&!9m8D<0`S~S^EDN@vvF)=dpN>^i2<SV~{VpvLl8D#Pxb!FNcm7azi!i28VKCB+8
z1!p?bQ3fMwM{O96(h<wnG;1S;J$;iueKM?LFo-E*!sTct2vGV-dG-A)i+>=!n;t)J
z)j-FV?fT*X)@d+QU=T9n$zNRxJ|2|0jr(CT{y~?b3_aKJbQ&w@<N102xBJ)2SSTvs
z{dv8xO8oh7>LBR*vFgzM_H-XmAMG+sBn8TR`cd_SCv6jqk-i}?$a_Feps2$9<PTvV
zw8Q6Y$-e>91VA}i({@@yEja87_=S$j=I<T*0)Hi;Gs&a(W5{%J$8K%qB~dh!D4jFu
z-pi#`O0tYXrcG;JbQzARJZlnAUL!Af1;Nu$W@+L`Yh2cmBGp}Ci|h3R@86b&Jbs6g
zr{7l)17zW+oOCG_W!`BQagog?nH9uL$@BRePBEDe(Cp!jhl|)tnpp8G`tP~QMRlSe
zROiT2)lhTym)ILZp}MDKW53x^7cCUfbQ)(-wS^{aBN}lBx^Tq0wbaG2L{A`*<6Uiv
zq8Up0<DfyOQX^-rJwD0r$IOGjofk|wo5m*6Qg1?yeY4}1VS&pA*SkvVU-DZRa0}N-
zXm4_$Rv4Ll2J9j%!`I-X;tvGRc~#aa5$650b@gM4XxaI(BRJ@yE4mLvjAP3bv4X)W
zM6#B`4gF4s13UX9(>%N4=sya{^xqv<mFU`&en28_xQaV~xGx`b4{5q8Eb2h_x0^(5
z5!_7cJ9M*dYh5*xFzopK3>17I45aK_p$V|Cw(im~PkM@LTX)yr=`w!4ramQ!uI8)$
zu{Um)g;^D*k}~hNWW5u%0DV|le#?$J*I3!o9#>VbdYvpumjhyyC|M+bPVSFaRmH5e
z&1$%|d&V&2zKG0VbhygZlH-@k;iar?I{D=Y+S(jfU6}5F6}>X}N>}@5Yl0BU&mNFq
zS#0FZ{&C77>eq;9dB$6hm1%`VQ>p1=1|k7}7`LY*Ed2CEse7aQ>dpu>5JFhhKEe^r
z*_k4LC{sc#+}xYM+wcl-DS|ErSziWl5CDbOEKZA{@khB=#egE}FRKOa6r#}z_Bm2z
zQN7DbvZO*L$n+@_Ufx4BYmn!P0NO>KfSUvY#ngj4*;@L}kpiGyJb59=dvuE_gOZqJ
z*|LsoUG}S&bT+~dDor2QCj_Y5A_(HFg*T@iOc2bo+Ynv@$-o(3{Cfj2!KL8BAp@TP
zcJ`p{d~`yquXyg4O+O7>?57Vd4rvh)ZXcIVC{1E*iHq0oS!Vl<{5O>?U~gQSCLv!M
zDzbvi#7b=}(=vx$4(<y!2$A0ZFtgpvKg0CckB0!gO*4$L7MaOjB;oRep}Z=By3>=v
z*WvRzHP)C19glMw3a})v9kNQ)h~D+Pc}#29);-}ywqy6B%m>}QDo$yG95+ohu^<?a
z%hC_^FI-i3rG63Q<)TBt7>luZYIujjX>~SfRN0xD!+!h;rI`ih66<~zHAkXvr_g(R
zd-`%1qBu&^8ESFI1~1GjLJvF-nkr=aPVcra18~OrFT&}pSQ`u+iHv&wP?v+YDCn?I
z8H9VxPcui$OlAd3r(j2~@y<bH;O_Cz?<O>mA@nm@izPKHa6|#3^w9`{Srs9Tm8!_u
zs%;B#*c^JUB}b$@I{%+mA|<I^Njykg%oo@(CgOYd<;{N3CX{KSA>AK8XRM!4!^kYK
z`Z_j)lUpn5c#zd6+DgWl2S=jaPQ~FjSbKMB2K}$h5ik&L?BZPz>9s#pDSf`D=~TtU
zgA7p7AumJ2(?5aXyE{%>9(}!F!PBu^v{btDDaf->Xe*r%)2`L};e3f5&Yn?frKPb*
zt9VKiDN-``B{bfS{m_EZ>K|@_lbrN2g1)F?+Gt@xP-mQMuEYwyl=nD!!Dx%OV(v_B
zb8s8}l1L?$T@&MA7+nU4%mbEICP^`|jRE)>2p)$_lS!7=YbM0!@W^{;+>{$T>1jBB
zD(X;m9t8X`PPEX@_^W>=_if17w&LblT0+N7BAHNi^8Aw`n7{RNijISI4<Lj{T+fP!
zECQu|1T_RS0xo0;?6Mwx8Q&DOboS%Yr`WKYJu%Gmu?N*Jnz9C(vTj{|H=af9a|6X$
z4Foc3xiI8c@Cb5WK7Hoz6Nnz?bok4uNWEVht0nedG4w>!FrNVVG;_YvOv`31SzWNR
zyMj@j=>8rZ<&xJwWMs<S)QwMjI<`7{aD)$|X|rq=(&`Z%Se4Pc5KkoJ8iO}f8C*{D
z*y`%nYw11_{qu|4w`|3r;ZgW(fVwKYg~YyuyV~6tM)%Pw6CWpic=OO!tq9$+QTO-y
zK@dfSMCV6@s|928CKkhuNb(<%5TGMa?u&%@W_t^<w14yk-F=9nAw2@0i-8_2UP+4u
z8&_`$r5c5hrFt&L*SVIjXjT7qpq~wdn2BE<fCSEsutRf8s^Fx74L;RKpsx~wglNB<
z**>^&9J(W1LB3ls!$-+#5t)E(Y#+x@{aE-^w}`(f5n~9%MdmzBW+}FqY-jh+!atpD
zF}6}h&`6GM)Ha}qlas2jJy;vD%@hzcmK&Q~KKlo6s&m(1lA*kxz0|uSv4)f4QP~SW
z>R8$LZ-KVYIXv9_t!2a=SgmHi(Z>76a1yN7gQEL>3ps|vE@oC|It_F3gRkXLh}X!L
z>1WkQ4~admg0sL5wUfLJOLDdWQz4(*H!J~0=OASd%Ch5hQqM(BS_>zd->e#mwY=2`
z*y659Kb(+{!J3u#nv}D03yVR)d|!H@8-8#ggKtqgNmS8P?|xwca1~i$b1$T7Y{rKb
z#CfwqQuEgih}C`CKQ%P?^>%F?)Otxw97M~LYSBP?yAB^HYspi;^SFax`{);0qVe&r
zV1$LjK*Tm>2nq@OQD3QB5QQ~)pXLO92BTa&k>|vru11d-cR!oK<^nYMB7`*5)J0bD
z<hFn5Y2~Motm^B5Bn6|T!sJFm&+>Wcxq9yM_I$WRy&r5dm3>Xww~4bLD>={7x0H|c
z)mmdN{B-)eM4m*7gWXJjhK;4?>v_K~Q$E9$SKgjvbzBXH@G7CqKCN2LW?MghX+%6r
zm4Y~YK}HOTx;J2LP_c$v0PbP37QPS31jnO{4QMiLd9eaUTvcVv;T@+)V&;JcxwpQ)
zZss`RzveR-VyfqK8l}fb2EmV`Lz1O+YMVxGSeQJ&xGE^jb2Hfe`7X!?+UL@H)^uZ$
zs$(CPhk?57453U@FHvKaCn?nMw4K^eC>+>VPG6&oOT^>H%E4|?Pi!>UzD-u%3M8Xi
zlCKC@`Otv$--A7NR?t3Tdna?wv8h5&FrNpQzXx|te{!&5msfkTRyK_l>2FlhCQ*IQ
zt*C4Kca@bu9Nd3<BjTGlv$+#_D)dg@+Okp;j<O~`b4QOBf45oRVKNMpVD33S%4wrb
zp3hKDuiTj4z^qB2(L|b?OIu=Qf%Kdv*BU9DO9X)HB1eZI5|Da)4rR$v>HJ1T=!+YX
z<K(#zGhDfrT=<JwO)y}^qenjx9Gm6`Zd^~@tXcws0<>$Acm*2#8a)@A7>@fiPUw5y
zcR0=BrEX}fGb$aq8e_=$iikW5=cToqyV{C7B*a#Y87cR_!+p19(X9m?ZidibQ-Uzg
zvOudL66BW<?^7MPHVMemv^MTaZ+WmlrwyAy)>x<N?1!Ren`H=f%Mp_H{d$dw9bsPa
zj0d!>s>Rv6A_6c^P@B@4+;QY1A_sJn=wI@CQ;5&H-+l1yA$}4&S?y*6D<jFN55GlL
z$}iX5pxs}R&5?!K=cTYnzUE6eURguL5CPk5@t0%!ZSf*(*mselm<d}}P%F7=vyXJ1
z@Z3uY>aMc~t{Uw6yD`e*ZUOu^QgMm(Y*brm&Syx6KYNe92)QRSlV^KMafhLh^``yy
z>p8EI`8y(LaP&)kqW`XSvMZcgew;~AbgixI7`5G^CIGTQ6mEn)T6Db3o-#CibPGWK
z)_XsT!z3TsO5c79Y9Muz_*6(wO`V8`IhUyZ4OJ06Zft9o?nRdcrqM|>G!O{pmHQo-
z_yF!YC`zu6r7qN{&oO#-%D8sMnqdC*XBZ0971k;RUkhemkHXY*BH1mh+Ft4{2wUs$
zr68Lm2_7K{A1N;$*H+oL(murf!2+x=S{=TT$7TuA@|k8Ard<~qyuYn}e{JmVB>T&U
zw!E$=EoIu6!0Hi1;FxvC>R6`3#XomV-^ig#FPVNPy&S*{yGZ-~^Sq!}@v9~s9#!%c
ztrim}zGo1b(y!1TyHro7>kvxN_@WDWJQY}|i;wLe&@gnobymNzxQ(2Ma*%+TU@yKj
z{BMFg%56$@Pkhhcr=2gG$0i_p5K;31KbWM*iQ7u-P20styc78*$R?D(okEF2+cur>
zT~d-lzR*fT5SuA_+joR#4_Tdun|s;}hw+mmBKslxw=0`9-&<OVGM3R5%nLv^yNu4?
zgG5Zo_6e)c_C@OzTK&x8x)7kvHylmnwk4@GGvq=2l|+`A^mWmf{DPQMF*S6Mo2S_a
ztYgR^%ZrfGFuB)_MJlI3ZI7{HmD^l=Rl-UyG>*^xGKcem{HEs@D3NKWraf2|I6TTZ
zR(>qsO=`HBx!QO%ANyw&!C9x3o%Dx%32bRkvv?8grM>J;hnR+2^%20->!E_#Mr_S1
z`@D)Klj&?Z?KZT86@En#O97jkgCIg5?l1!MV8M7oAM#Vv68L>Qj;e+zo@?r4jv{WZ
z6=8GY$Ry9We0wmQ%^{hL<0j0NL`OYRhbsL~TI%6R)6Y4{@IBBy!4yGR5IHZThlp!}
z8xrR_7D~mW)SswfEx`3_m*1=Z)4Oq=l?*2J%eD@;*NJ9tukizE3uI$21owhTC0$>V
zXg4k&bSY7!^@7fV@%1#hvRp!WRXh79wI3y2*>Q#+V>1yrZGT=`k|0tBis>EQbh7`z
ze&RCC8gun_E!X|z_10wj&9h_NFe-}3q%8?ClFAl?U8b7BA3(I%q%<Nhzh!tmfHuaK
zTWSv+7Nk947=edP7j!r0fpSwBKaqKstAgJpIfg`u{YH1@$C>9zV0S+_R-9io*KDBV
z^TVT+hnp%U_y_cqeOCneq!#vuj=G-QI*UEDW52E6@)%`d^@CoOu&d3I4aZSErQzld
zR(dS*Y>og<fM{zDQ;IAPZck6wEr-|v%_?6Yo<BBk-@}^{_1-v)b{|PFlVY7pTR=9u
z5W|^l2KKij`_%?z>Uh`_5S&pbKz*_|pW12;y#ciEmVfB8%324Nl}g={2^Mma|2>@A
zIp+G2(3;eZhj+YI^Y#6=sL-R&;Pyp1(@2D|0)|6c?ONVJu>)bG_a=f+oS`6FaQ0-?
z2~h)A=ZznO6#ZL=sIm)2$E8Hgph1zV;<wf2KgPPXrDGPCCogfH`W55RJVeDvJM8ld
z{_a4f53`V`bS%6IFiC`UC;M~lZVI+m%zz*EZk%d&f`l6G{6j>eM0&73Ar%>uaM3;|
zkh^{cKOWXA5CqGpQ+w^k#fsrD@N}v*N=}%&!D`*lV5Jg`<S(s<dX8PZz+lF*@O%~f
zLHU#+oH5>IC{zYNw6rBM4dZoZ(G30Sdky#&z3BNI-dK_TLgsR{uVzJ4)_<H06^VK|
z5HYk>QxWr4d-7wsjW(I(T1z5fzIqA5qC$HzbRc<a@6pOUHVkW3VNK3B<BR3$Wxgvg
z;dBn~QHYXW+YP+Wj)CbL%2OrSEaJ6gA5tN;{H>ioavaDKg>xm@rIoS4wi;>%s=0z~
zFT5Q*aye`~bGWNZCg=l_Iq8W>Yp1eC=Chbv_2X;6Gil+3>m||7541Z7)I~dl3tTZ4
zR<7pjs}eQotB72~-3aAmUU|?xN9l;-(FySFY%jHmqib5oMKcl&QG9*!HZ9qgT=)<s
zb{0Ahk%BObUD?=Eauc8$j_q|7-3FqU@S~)Apy737M}S3}vWW;>@i;Bx8*RN03R?D>
z**fAp5O%IJpsYJcX+y?cn89gkMzNQi^B1c|CtfX?kDO@LBY7FJMr3rd^ll^wrEp+R
zP{wSdvkISaKJG5u@rpZWQ`buaAqB#vKZk*^a$mzBo`}1)&pr+YFyoav18O9U=A8S3
zTSB0sZuEM+lfGYXVtJQ<<KB+&Q-#$*LWy+ol+5O$LWaK^k$}=<-Fc^fqw9Pl-=Zs`
zZ9Gd7KIKkpgPG{;i<*r|>R^#T#;yEvTSiPXlm7DE2gE<>?>9L4(t@&-@$&~nIXQ~R
zYV-r5$26l+BGp-dSJDg=(DUlA8`Xg}nmL&LhT@nhv1CSv-rE`?xGhng|L4XzpwxR1
z1+M6(VAa%~69Jr(5HCo-l()?LjD%4GlE@+?z^C#L9`Qm)=$C4mSWzS#QwhzuiJW8V
zk7<Bf?nrKVfEi_mg7K7F5o&Ce)50oEymBx6O;g>?Q}>pWcKwecR$caZtU$su2!TN+
z5Zz%R!?rqO5=f=CfmVj78BF!EfqsNQL2Gugh1LTHx>zx#zteKp3LWqX744=NRmt`%
zRV}#|@Zy)2-i2{)o~Qr*r-u@E2!c#d1}y_lM#WD3OsRQ@Nzq<Op@!2Fn-K7sOcvSA
zMrLVfwbI?8ZTgB2vWE+Ph8Qz6eSxTh74ZX6?4=1*(edFZS?x%0TD<CxBu?wpCnkdu
zuEd=I^b%1wUn;?evAsmLRJ%;`;8L6)SZN*6sg+Uraf8SX&b`nSSZgoF7B{A`a^FG1
zL*kOA+7e2XBS{yJRDK2VQqL?pXI~hehcS{ww#+Par8zMMy9%7QxD0Xm%)$6!5~)j#
zFMNRn-aq0%f(I;~Oxj$`>~PhLut@u=0&Xx6wd>^Az*T=ax_|47rC2d9^F;3A1<TaM
ztw#d5{7L#>i7y39pKcSx7Xicopd|yX4V&8aM@q(=j^kwskpVeCXp-88xSaE7XVYkS
z!i&BdlljPnCi$49ikCv3d3s0fx9#Pf95V>V-uL|BCCF?3AsH8Ymg;v7FcMMf?zsSa
z+JoXL$(7aUzj@^8huFT<(L}6*q{2iJlLpsLCKi<#u~8hfuiC?~{TZ?*7)}$s4dHS5
z1&lFSg0a_dPdznwxMEOuN?iP~QrDHU)74nrE^@M~V6@*HAj1u<)3RF2WR)SisSZ7n
z;J2fMJE0RN!}AHER3Fv3>s0&qZeoBLLK!y$_bgi&`}I6A$#qXe<3!*&O8L6^%CI3k
z<LNg0t&Mf6eEJ(xG*4$o4v5@j`gT)Zm<89+hV3*=w`@6Ey<bU(;CU&%+ZdhSLBqzC
zMpAcM9xiE+3?etBsp`5XqK673=l1Nz5hbdhlqHsCtD%Q|H_$~&x`Fvr{tKY^&H_}<
zw|i~+-<d%uHOh1RSR&hB!l@goF<b{#Pdf!sPq%O~bMXXDtMny)rgfj<@a$AM{+k34
zLlh-@#WXXeR>X?Dwa+ElGWe%*YAD(KC4ng)$L<@2=1%G!nT35OOGRI?splesr*VqC
z9F_*M%?T%cIrr45xw(5?BA^#8nGgy3)TqQ;y}}@S?kjPQtUxfL>-*fq9<tz=r<Zqh
zt-W!6rr8+LmGX<dCBr}I{N{a09MXvz$_w+#0=qHG@RbAP{^Fx;%>C80Aljur`sw-u
zN#2Jd%69j%MKEFbqPoG&K^sPGvkC36LA}P?c4*gl^Iap9HL_?A@I>M7gV_@PeN^|k
z7DM5}Z80zz5zHlo4ON!><&s|A%8!w5tDpz1LEC6m38N!-%X+TbQlNwEdp!o&o+Q@m
zfr7aa-kT#>ZY|phKAEvV;lLM(gZPgZkeH$QA3qY{a}ANHxgp18;EAl>?d`PL97pB@
zUWsK34i6<{HY|z{Xnlh{o~$i4EOVbql@muYK*Lt-3<<bpiV!Ddt|@DLV){Cp$e@GW
ztge@=Ovq8iCz7$;+A=`?RdRGvtAp(;m&G;p!Y@28T_Vej*_m3&3~eh<Lw`-;UR2_z
z#5?@)o4~Oe;w~C5muO_du%kt*ij`Hg5HRkEYt=wH-t{OCfcJ-*)}NPvb+{h%ynEAR
z&gp##uDk$^h1tVa_^yYHZG9+&UqS1IceiVZ-)SHe^hH=T$WQbSrZbS(-Hg9onA^n!
zUmH<&DJFG1B?$WT>dPy5IbsV88vW92pKZApb{d_#vs=5>IKtIzXXvqp3><@OWy@A|
zkwqY^<MI44uk(F8lDM0P7DaH#a|}&?XbZajHAa>1%l)|Bnwb@$X5}z_D+Z;Wfucw&
zt8o8xvCIuW{hHCpz~nw9Q7b>_g^W7CJ(`>!or|KC@8^2Ha&zSUpNp-|z{>R1RD2g`
zZgBWiH5cdwK&p-~fV0!;{b2@8Z}LoLFR%xOHCg5}RKq-$5BUYc*@3SM^K}6Iv`61m
z{;ZIigZ1gDgNUe!@lOz~=Hd|}1bs9Ek+jWH_IKOFoe|_As%iC}q2oxubGu-lrCpcL
zCM{9frY&-Zi#-ga-hBt+(2CP7YWZK0a3iPhvCxKlKn&xjrY*Z%_uugvU)6s3tNuiT
zC2$x&QN@m92lbofV)zZ}wX7_qn7><6ibew8Mlb1qn{TC{I#`NknspbsFSr<?f?i_V
z%VE#9`#YYleRKY4{tHvKn+SOsD9!-4<}2C|>PzI`)$T{w0Q)Pe^Ua_cS4|pQ{cB`B
zjrm0`C-6pg?Pmze3s%c8d|59ts!wp7;llXN!2=imNL_28lXtl?T9+U!JI7Z?7l124
z_uA*7Ac19NaL=*#4UMe~8lCe^x$P*XY;xFBs&*jAWA>o!cEy@aRDp{yYgGBnV{;~z
zO;vbc$}Z62JUpHYpvBRm_zpS))UX=mmY?Qr037|SY+t@2tSTr+SZ;t#+xc%64-A-O
zFm3)!c;;@0BZZ{GiV}&Xhs=qUmfwz%_k-Dw*)g2|4xc3KcQB5z+li^P=b@D$2TKY3
zMgzr48Pau|zF+Xq;iKpOurYn%NtvW$cwN=46)8Mm5l$XFQAWxfJon&1o8qy<|EL9o
zH{QI#g>eVxC?p{h9C|R2Q}%~94f?l>aVTqzPz2%01aB|!{}Q8KlI=mBt=>)kH08KY
z^B#;bs*RC6r>z_~@b3O-Y7WcXy1jKhu|R%0KgXk)$fI%Vb<phek)BWpbSk7^nP6Oi
zDRZZdynLMPAVuObrcn^jRD-nq`9cLKMl7=qKknRsOXWQakl%yl{wEH4F#qEn>1A@W
z>H?cRB3bRfT`+7tR8VYcg*nQnh84oFZI#JR#yH#L=77O@LU}LL`QHXYQJULf<o^Ek
zF5#n9*)`#S)$kL3)YMnWGzQu|aG}IulZF+}IAfl!@W9etM&u8eS~ZK34}jL*V^xUY
zT~V3~p<m@+hijkm?V7ffH-Xdx^+&FAu$&k51mRK^`Ri0gPXa!cIONr`JLylg{ppMP
zZUS03Qhj5NgR~dg`Hp9eM|xukA&Gq2_M!}y(#VhpgNKdFM!7<q5DmeQS)};+f$V^{
zhwRsp=jp<E$c#H<gEzrb1wgpVKWYg%)^k*B419J1nm)7GL_0G@-r%eHe48**8FIXg
z0EtTB+4#dwVNTkrtodrR(K;92tUYSkFVpl{S{w!(c%6q<B}`a^I`1r~wHNxe>HVv9
z6UMGFEQMw-)sHR*YvE>nQ%9j{LxHaeA&=Pv2dwM*CGYs6Yh+WeOTgu(4+@hZ^D_&>
zHgn6DI<E4`TbJ(Oidih2x`z=s^6#+t5+F|00MT;of4V(hXjPpRZvV572jBiEQQ3b?
z_gnm!o{0yz^z=qjqcX=76yjqE<zOD<BIWB%HllMXsFrxNe27BM6Ee#Tl&m{Oz{?AQ
zH6Hd@krszyFP~=%@IL*x38&8w8x0yJFVfc%B#x(0`BA|Tfk$&mZ>@1tZI1jCkWHkc
zqjwkhWnD0%g31p1#~P#y4U`(eDTkwZxB};n`r4`9?mM*dWR$QD=Iwn%&cT@xayKiJ
zi2nA*(H2~}*p8ekwdUgWsO<bO-SEra*vra-A98!W@c{s)h|pk*TJJx_=~`oNfUqMz
z0-?@VUEmJ7Hr;0(#?bcz(f%L*Q@f8$arwROdm&dZ>hu}fP!ii{JF6xMjXr7BjtIgT
z=&i9{bkmkmjRL2P$e$BTl1eFOk4rc-0>nb897WxeoLm#vUJv6oNtWV~6;*C1r$N*J
z58#iv%?GkZjEXpineV}#<LhrV_S2GU$-cIr-ie+P9j%uBlG%osH!J(BswZvN3RX&T
z(Ln<-F-s$eRY7?Q!6FPz&ImGhB%OvECD>pC75!~njI8@>?7T#15z!F~hzPGvGooqu
zoj7%sLh`9`kM815<E|Iq^DC564u5ebQTxX68IZYS`vQe*Mm!i6FJh6f99{P8=UB4A
zl!Cuy(~TuyGm&M(R$|W9s*&p5DQqwXkf_P-w=qx*Oj^fv+pUx_mk2GpUabtQZ;Gtx
ztM*4CKMnOK=N~4MS2slzOsuGL_(ybXuZudY5|ZFNoq!pyJqJ>yESKUV1R?$IC06~R
z4!}eKn}P_Za5I6Yn0@RtEEJVF?BumCWCm%>eOFyVHYDJkzUn9tWyfwW56A8mxlp}M
zH$eP5_#*iVtEp$jZ<E(50=3lY?8?VU?-GT~Ia)l>nm3^dM!+~9G=+a7;vl6b!H?4*
zRKvUq;Xqcyq!2gYVk?P8K9vzL(l0!NeZv+JsgBu5rSgV8gXViRA5TyH>H{rKlXVo6
zyEuF7IVZ}LcD5}VW3;fxPwx*-^WD)zs0AytQhS;@i(RQ9qdC|I8WkKUWBPvA@$S#u
z3+Q7|NsbV+^Au_}iR2ztn3n5iL$MedQBnB7J4=+{=H%*5@;i@#Fs|GmNIiIlnU5kF
zy<@VT!pGf__eHG!^aKvmHE%mguXTn5Hge(#uCA$dXf*Ktui4VgnmG*G2|vOuPdS~N
z`G?OsTn^&hsmv_qSJMG^5YLqMS-Nw{TL)1&8S94o{6}&x9Lqp=N>}6?=U%aEtG=-p
zw(Wo#+6Q5;nR%H1iM2xYm=)CFp*fr228#0mo%{}e3^#pZxsg?lv|$m0Y083p`o1e^
z+pK<0?!S?ladIAzih%})(tNvEj|h?SW2%Mr`=b(!qcT;Y6FtCuDBuQW2;JY5vKstQ
zS#%*#Dc<}<cyjbf{nU$gRm+Rf9i}SsXHxnPNM~1?B3XV9y5<C@C-QQhuO>fk_OBIU
zr~*_sk6ty}xH5fvJ|Z}Yvr;@hkM9*qPYwHl_PS0|f<5z@i&p-*qfh#$M<Tr<jK!*W
ztCzp;7}7R7V}M14U;HI;`qR6AY^?j0`vc^Wz+IxU#SU$y`wy7-DW9qdk^~?Zf7OTc
z`%Z(2`#%ZCx08A1J)y|zc0HsD--Z<?P)|J8x%wfVnul&Tjw#r>w&VkbuM}8j1^Y$#
zuRA*@hM-sH6U~Puk1)Zj9;463wYOt4w31p%f{atMID?W`y#N=KZ_?d!9NNpt(6XZ}
zKdiDuUJLWh^C#L$$HiyF(!B$l!BNv;w?OQ>e_OPye|mv`i=qt%{6{?xjhlwB-ER-0
z|Kd{!o{{ZOikZ%?7_nxXeLA&A&h;kQQm+8$AVgA<<9kQ0UK{Yuja0x7niT*AK7Siv
z&3FG>%Oj7E!RzrGyu?GN%m&U;UO%vbsKDKD#!B8Vpt=(=rxu(#6t_Z=po>yBArbv#
zBJ)FudLoy=84PEe2InoGk+`?WC<cFh1NTHRq>f^L?)!oMze>9xFH_|sa+&lg;bf5G
zp=lrnpUrv-ALX}Gl$&e?4xB~TIOBRt*fYGYm=NeK2m3Sf%e7a;Y3X-0YC9(JNH*kF
zr=#h{ZIxsXz^y@$A)9)&HoR*wg+XkgfZrxQUTdJN!2AGT2*1V2Sd*5p57e5$bKsi<
zjlMuAYA8rosQLcncrftk|44R{UKY0WnFIgX^~;xS#mUL;(d!0Syw_xQW0KVLzge{S
zPPO^>gag<@CfND>8F_J2M#OrLoljBGp2SsIp<`9)IbYW{Y=e!c98OVL(Bh<;Y|iOJ
zaqAZwSARQnlID5`7<PWh;V`XViSl%Xb}&Gj{fa@Pin=F2f&e9dbuY?;<Kdr>(aByQ
zPE}pL>2IWjnkC@v*g>`f$k+`02R&1!At|7c7AkMBPdm25YidO+AM0*5F)CK*x|X7y
z(3WZPgENi%7R&{-0SdVoBXy$998}lvw*?XzG7TkB9lV^|b#kJ7Em~GZeU}#s48&0d
zIBQI=IvfACCZBgAT}=syT7qTjXMziDJWzfFVe<9`yaSffpv9S~CjEz0T)I+PikLFb
zI(=;+RLz7iBs){=iXKt;lU(B)eqDkmi3SK;?sVT#A6IsXc;QPIQ_Gp11u9zw97&|<
zmuGxr_pu_({+jQtTjJePJxz0MqWzFUwu^X@*RJhDfYe*U3t`D}F=7B2T*&U<Pgd%W
zSWbcypf?d^*~IiXmD00sRzix4k&aHoLVY0u?FzUUSF<m$bVkKQrsX>=ZZ%)0w&%BH
z*n@Kf3ECk90)DX^xfor7f$1LOAK_NvG_oj^AcZQKJNx3XDnyJ|IA4Ueq+@)-R(yNj
zlF#I{BUoTy7z-<so~e`Bi&i_SmKVb=*4AkO)c?Vh?Gce+sVx42X(>+1{B&^0a&l97
z`BkzSx_g1p*;zSz4V}P6L)a8|D)h{9O}|yy`^v?)`a~Vp1IqzcgzQcnRawfC%3Xfq
zxp7%H+xexxS^g7EZ<M<2h0Pf42Y?&FoR!4gNAzZibubWHqK;#g_D`zTXw!-1P*@up
z;P6(F{gg~9B5Riu&txU~OE@;ycz!}fzdOBd#nxQM*b3Y9ABhWrt0bVGgr>J<%Oh%d
zW#OR<#y;4df*DRt_Jqi5LWDxgVD!a%kD}38HUwS6!4TWO=%y;Bp2!NnSxSWdqR6{w
zLhU^Aq|dU>Vp50EwJ9qw52O{Tr4j^u13_x#XXG>YfvxJU9IZ!5(Sq>^FI40CtNdfK
z6fEu0S$2Ev2^-IuYEJ{qy5Wog!i`ZoF~tl2BhXnKA7$OQ;zD+&AUqUd!>xfY?^<i~
zloD-wY8<i#IU#)`>NCXTzey+yhT@&3T!Ogx>sJn7T;6^phhF|ji_v+n%7C8ew5+bs
zm%N)zn%mzRmyVs2lHmJ9G`~UAPel=Jva{;s%a8U_#$A@x+}4SImS67|-uo^GWqWiD
zP7OO844GDJ?k|})o0yS_Zh7Mn-<l$$W>!j*P9Wc&SCU#m`oPPnk6I$-)Uu6b;&usW
zCm)=TsNY!8+P%qIrHR?D9l${M27}HCWNr&Tf&rb{=!GFB?_fyZ-MR_w9(_DfrB4CS
zZ@F0%@r<k@qDO@D!V6aenW7h6ApbizbvKM}d1)*=_2EV&9=+)+-GE29!(ow~vZiJ`
zvreb5Np}HeR3tZJg^B@EB8#TF2^J>oA2LQ$P~n}gZ4D!>$c`fdU;q;+F84hwyj`|<
z%w4^a8isYo8FQ#GsHB29e8=AtbL7N7AhB?^RXi*paTYv4a6Vv(U9FTW{QO6y;w^Fv
zED|be<D@E6oY0K~^D$(vY6Y$R9~Ig%79*0SgwX{F8*a)9%K=N{=Uv6&7i%TF1xV}8
z7X3>5!cd;I+h`wPgR|u{G@8y){ao)iH<A)hCZ*cuMnW~|AC^$(>{yxM_ZFt%bha63
ztWh4s{z6E%&xB-s^7pz%M%7kTj%y@$JNteJXH+dP+Sid0zMBH?MbG#ApiRq^em+v>
zJ$J{(d65Q5`)O&dqu*dg^+`IU9s7O{$K7O}Y(?_(-;Vfz*XLUQHAv2@8CI9M>KGaL
z(W%bq!`my7P68jU16V%R<@6fV?RKyf)hGR)`_Va|&U*0jSE!)DSrldLg%##K?2l`1
zUjhLrh}`ZG)DFE$Fj>#z_q4CDUtv)4_3$o?cQ-Geu28V9Fph|gf>FV7FN$MvG!>Zi
z?Snq;X!k^bhnx?ytIb6}Hnp79+RpC7Wes8d13-O>sid!oDOEF!uTipPqnDv?YBBX^
zXY<~vMXU$QAwBVlv%^QKaA86y-|l&vr;4-1MfyB*S*vmObs-XdE2JBTY-F3U>pXU)
z9q$atwcQR+Ok}S5MXo_Q3Xe`o-emhlw%WyAd^7?Bg?5|Ge7bq!ue^V1YHu~kuc=tH
zNJbSSb=kX?5kS3AAYfiEv~wd6f0uds#R$^3s4Hh4@<^em9EH8l#mWa{@r>P&$;tML
zQMocl@0;aW*GDa+Th3KRXHxy7HgUoCi}MCUllu4EzZ@={HYf7+Y->HXX5%b(C=?!o
zlaCdUNhB7xYfvyF5&i48)o`H}l%gD25PNi+2h$2WzXjs|ehxRBo)tU~PX6maeg7x0
z`f<P0v+Z{6@ag4Gcctyh`bI~*wX<0bafVs@D=z;q227Y(sWIEJucgl>j6o|_ewpk3
z#xv=s_!{NxV2H#Qvz&T53|#v9Hra^kYVmWxTz}Z^xA+BkBZ=9eA};l!NtaGaQf{1h
zcgG9w4gr`4y$7O2zXCj?qi5*~){$b#<Zm6{=4mg?J@6W7Q0M5syaY?lx8P{4uweg@
zl`%%IbCN@252!mk44X5ju80gTexEU*&UM(oVVZUDiTcw9Q;XaVA66m|x!Ywl@K*t%
z*nbEuT)#Bmcrc80$W(MNu2Gr<M>o>&$6*(q5tO0OKD80cVO_D#^X_pQ36&@xM^W&&
z%_YF}kuE2=#d4Ian|yx((?r=%jh8L5i^5EAuIqzLzn)>e)s`$K<5Dp$YnU2e7gpe5
z;~MMzeq4EJdswO_hE@XKCyIYUbvgyy`L}vY^4UJ^jUDPIb0jz3HHBfMxY1gu(`N71
zhwV}*1g~MPiA4lQ%hK{Y(iWaoZu7;{vJtV;zDWp;eapldbhf*8a+6ZvaZGONI}wEw
zRLF+8=;ii%$M9%a{V)zBSX_R^;zdl0nXYAC6DeF^hl|G_QUjB)gFLLQixUAPZJ~(b
zk_-vhB+V#2lK(Q4-5{)S{oLao^Uw`3!{E|CK|#ml#4EfK3XH425bCfQ^^`9R+FpzI
zMqj-{YNF!y3Y&ug_rICis{H4O233_$r7N&{j!0<u=XH4TdZ(EDCFn#s(k)Bquz(9e
z5C+rvK#PL3#&e>+u_p!$nZ5wPn-%)vpgJRw@7f=SfX}S#u|)|AGyccXHHOF8bm7>x
zjb>xpX>6N~Z8h20Xw;2u+h!XzXl&bNzkR>|bDf!ab`S6SoEdT7r9H$+#2U@-U#iO!
z!`<#P*<S3^Ju}yofbaWtX4bcPto$Usby_B;z2Le<jc3k{7S}dx)CiP6nx>QiyS5pD
zJ`o)7Fos{gnKubveK#Ap9QPet6x_6r9O+cPvG5A<HfWex*B}EEtGU6ri|2IpL-wND
zU}qxb&sTCj?}7l3#G9!7Yqi`!13Y?Tf-_I|i?qO>GWt5XB<j>(tiDRqBp^>(DZ(ZJ
zCnUNBIpg)r%5T1mw=7jYx|W=uSvlP-Ldi>Dj0)?8rcQ3BZVk6a0(+0taD8VJ?Jecz
z2<1=MVTup6;sa3F+`Dv!J~tzFD^z*&PyW`gdNC<idl8k>jT2u-FeSL>Zo(dn8E6r-
zS<cs&M^r28TZ(lqHwr2H8ig6DwOyi3gy$@=2;HuNH{0Y-SuGPo`JHsHY&G55>CC?Q
znE&v*8Hw$~3J;!R4Vxoru5|w79ejo6--*+C+57-IAlZoRRAIY~9?=qiRkE%z%y{F}
zX?tzfbWS?M`Mv2*5*c{rS@UmtURk6+B;gk5ith0wPEa<7H|I-!8iUML#u6I_^IKa(
zp7Q|`>Su1pi!XA0gRCbq)7jeHfUb6{!hutTb2%JKrXw}oNV6>K6-AqQ<yTxXIZ^OH
zvbOIWz`)|`Y^Q~f(b8P@&SEZ<&+=O+{U)}6_*2+O+dfLI82tpvl4+G&+(4Xr@Xx7#
z{l!)T?@rh6(lVPP_xHb(MvjS7rrIix!|SFy#c-M2XfU2xv4?PsnC51gj*~+;GfJ*q
z^$~^Ne6-lNBGODCuY>y6DcIcMr5G5i<N=`tME9hN;DW2@ZMAnOZRiL^bCLDo;(FgP
zUEA?aXc4?hI65jp5)JeP7XoauS}PdwTD535SYPTg?=o*nf5oUa7nZMkkIhXlrINi6
zfd?)I*D_dh|G)`cXob9wK>Qi|HX_X{U+A2i=PeRLzsDBAR9tAbWa=OoRYE}=t~X`^
zglLBh`!TJBO~`Od6(7+b7&1f}CP7vlbDwTL@>4C6JLNka$SPUlE>q9%n|q+^q@j*4
z37zF=VJR+C{CI*^(*3zl#w}ajczc%XfxKXWsvivwSbwJO<>*xhBMpoJ(`|yj_dB1o
zEtV@}QvMY+?tisUjs|>fKdh2LF|lkw;9sl1s;-O=Z)75sp4hAH%%<}jV*ZrAzeHK|
z7vKYhF8OIF_sLiSx2i{aejp`QX(9}YH+<c#kq({2siSIEd<~@kDX`paz^>H7N4M3c
zar5VoacbZSvfE*|V{-RzbG-2^6ooG3dim>wk!YJjg7$5F@5jRCCj1ha$B@(<pxXDb
z)UZ|!tWM;3TMgDgAX~6Wk6@*0&fi{x*{#}_AyS?%^A21wUC^(tp2+13qaNX%ZRfx0
zUU4-fkx`p;=Lw|UYG^v+Qu!pt-m!4^CvQb2Q+RNg_H75}Xh7Z>^*^8XTjM)0;(vv8
z%~UjF<Ce%2g14Pz&y#``rhoha1P-PIcD=Sjse>kfFQ6*1(>Nql3%!A2wN?O_=N=gV
zqs7&-heEQdKX!p(y}GmS@O%ozZ*3N6gd@pt!e4<39ws3Cpy2p}Gm_GIHCczLE=ExR
z(spdTIY!qoRtT}GQQnT1(8{)qM?Uc{9N5y7U4E{5a6+nIuLQhdoXr45FL#w{V|#tT
z#O>oWnby4`3#&heU+-u~c(UH3rsnfmr8ZVXzpD+u@L-Ds@|qWETgKn;`p5NM#Je_W
z|AT;;fkeQXIW)OMVIueb=JLFT{vi!=I=y*(1FTT59DLy!J<0tS$RB{BppFNV8ujkB
zTZ>~!W2YU{9VRfIo#qMr+dy?*DKObtc(U%9T9Ok35LQ<Mo03^U4YfbE(@~^BL<j30
z5G`tacToEPlE=WnpB48L97&v@5D=AvhOZw&g}P@l8;j4>9N^@(IOf!YZbEZauXK)j
zLJG`qNEMve=ac#6w9%EJB+s8ef9`a6t2gH^RhFAMK(ll>Qv<wnS1vJ`j?T^~b2K<~
z9Bi!JbL#?t8@7CZWlD#Ido)fsOv^NY*T_tRReQFk2qDP2t%{IpTM~vLGW8Ne1F1x`
z>?jRfue%?kuDb{OU0_4zJATz~AWRivg()`(O$!T`X|&hD5$T=Iad@!Rwy>Kyw$MY;
zUtZ8v&yNPkBDa!(I<5pd=X?J$knt?yO7LldcPtvInSmo<{_jp9B$=~JZtSbJW%a(?
z<Xn3t!5_wfL6+z&E`^ex)9r6wSk3pcA>fAVQ~p18iskf_KH5L>+_pde5nYJVLxO?0
zf{#E%U2xPMFZF9J8P}7hMYK+Rbg1*kKk8k@D84jcn{nBrju%wxt!#gCqtk`AlCSQC
zT=YNWqK|$3-!`HQ>~$7tCV;f;j>^j7sPPz2(o|Yac5BZC7rZn_!l8dl(OI1BjT#l;
z9t|)iJ<HB(&DJwCclQA={VM0YBg(z6B2sBDNdxYm(eAsa=XX!m78=itvUCMCazz8Q
z!_|R~DUIW+0BqE&^-Vj=GEv6FdwTG{w0e4%8PwQ`)Rwzb@ayjLpMfdP3x+bckf@~o
zi>2)Ej61r@RWzUCyYgTZTj~Y2xcy7Qg|u#w@LNUis)8KK8X=D2;&VgcDtq-dD)kT-
zM?3s?uLTAAddQqXf5GzUesb>^Lxu;#M;f3SIe(3Y=d_BxcA%UBc(#LL5!(@aY<Tx*
zF}rj6`mFmRoo#AtDYoO`C6C&Q+{8Gwt=#x@WrE6AJcjQf;O@1bhWhTx=vrVkthr(A
zr?OTi9++oC)>A9tSK$AfpiO1%Ng(5y#Pu(-r_IrAO?K|<Kcvf*<rb1z%YvXvi3Oko
zAJ3{^gNJluOY#MOlZo<Q;!fXTx(*nI4tl5ctw2U(h-fEoJlVzb;g@>ME;3JEY{X>r
zMvlDiRleNrmr6~>0P3^w@##W16;RC}?*(W+XB@!`3*<tdj@Liu`sJe>KXjUwSV64-
zJ3j@qA;DcGk6`sxPIvDt(4m3rF9z_0&lv{a_?L&5f>M(KfVvATO9EacRyb%n`$W$0
zFmXPLRcea1OA;(VH3ifr!L2ZAusIlIZvfjT%@ucCx*KM|s>R@YQg!bF<eoC9i0j4$
z2*zf<OyY)M3+X-h=)+q%eqIr-1@~sqP_U|mRdmBKYBtT5=#*kfJ<nl+VpCyBfSt>j
z!IpN_RO?TXduW|Q?JWd^uf&dd{j?G33hMCXGl)^Y6-e_l4OV>&BFhyU>9PYMsif>J
zqDyM*h3&I*^!lnw!JTPI0%Dfd?NEy6ZF%pPmCqMLDmo)oTa@rK0ftwU|9I_J>KS_z
zxU`>B-)z69RAWQ@vU%fASRv6#28NkzK3O!GMNV2hjq$T3LHG~ydHFYmWJUfB`)4#1
zk(tZ>b~2w>jtxZ2N<_+m_$9<czHpw-s~#26JV!KG?Jm`@J*-oM6(9Vmmhlbs)NSx^
z2pt541yX|IsBoKp8w}rquKPP+E06)hrD&O$Jr5o7dBWzhe*Vc7g4O8?1Kg2lLWn5@
zQ6ns^x39L)wwuYrn}{s46*@jQIQb4K=(r!H6v>2gXHy-!)slg7#8o9|p@<cC>jr#J
zotEB87~jX8u0nAICJ~HPrnE6NiVcQ4w~=N9C=K^vzJ0^oYqw&SGH6v!9=DU$)q26$
zZsD%5Q_d*XvhZ|+mNL@T0Dd!6j@xVG{KePCiU3Nduppn`U4~;u!L&{!9{Q>*CWR*x
zZ(o};8)BgQeL7@l5{k#ek$YC+tg^(Ahi+v=1N4A{33C72evU$g1;CUt#UhWaFhz%t
zr`-C4mEvUa7<|h6%C(m{agE!yh@eh{jM?n~g;n`ecWs$Sdr;G96i8Kn@&x3cjhmQ;
zQIsn|fMP?8N{aYI;Ye6&IeR#AoeDrtj4Xk1CA8!d?sU?v^w!n<oA+fl8WobyK@CM*
z7^)1Jz{c<xhR>3HrrpXS%+7R?pBqKpxRZ7kq*c-)VS7QU^0V+SZQkIC8ypcRhn*fV
z4I$mik10W1Wv8`s3+Q$DI%}L&f(AS@N(_I9+_!_6EoI%#mS<i1P}cb8Ptq8mvHl{d
z^!IPlO7)TgjHNZN`8E~3DN}6aD0iFVl>Ha)LXyWe8`fw$W_o=$BV-+9Bl^hWza{DB
z=WdnY4Y~CYOAyA{qVa#IN8$)7+OoWRAurNRUnjs-Arm0qkn*O6dWpfZd>$G(H{=J}
zc3rEmKKZ1~M5QtBV9|qmL9o=26QErXEC;#Y((*qi=e=(Vd)_7ieYB3{W(jo{Dk3mC
z_^MOwGl(G0bXY1qma<IOl@3@DxtcpoRJwQb_32NWusgpdgLUz?qbWDX`^IM?sM=Xj
zCY58`<`2?-bUGy&gBJeYq$<ef$OT$et>(?Gb-aHaCd+^JS`2!0Yh6){#f<kP=s~sV
zur&0bl%@7_AvkP(%x&7pK*xv5SdF})0sQ>=M9ugvRhO$bs8a%b0Z7nGIxGuNBpz0C
z*CtGQ-rNKKd!CEm2yK1+{r5&$JhYy!54X0ciU`wmx*XSj4oMTG_FuOc<RbAj_g?C<
z65)qQQg>gzX}T{UR1}v;wXI{*6@)A*sK}Q(@NJdz0QBTE=NZBkIl)W3;N*V0UFlSr
z(qV|1g|G@C1VbBrf4#pPu*(MK0@`C~Ya=rzp*Ms|_j5$w5st9<45)*ze*~k+EIl&h
zcgw9CU>SktXSfn0q`B`FmqLie+rzY9N4rcL92EF)J+CY6^rmNKJme+kQHY4ra>SRy
zA6D8;*P|Y#=y1;G<j0JkotCX2`d(vs^A;hwd%94SKkfk9zSS3gFPgxa7rFvs)MM3X
zu>Bp=DatfpPB)uQ%3O=7Pv({~(5)Xcve&njw@%Ip<j%QW;0mpiwme!qrEQ_AALzJg
zZ@?X_Yd>uBY3oJY^bk`QI*?92@p&8>E)Tw?+VULfJMNn5!^_+JAdws#;aO!v5m^@A
z-p2&EK?UAEJ88N*5&@^e@4`S@ghEzeyI>$$Z5IYA!Bn0kanR_^vbx?VKNkv|rt4OV
zb_I@b4AMOdNt#J-q2m{oZ%d#u9(=;B{n_y_=-5`;l9?~+3j@U^5p+XH{#oJ7b4kLU
zNs)0b%CuifE#XRtN@r%bR4QJ?8udL}b=j0nBJnhsXXsJl1RgtTdXWiRbFP;Un_V=q
z7&|N($%s7G`@S?Bd(BXNpC>ov$u4e~awB;P3Eux6NQBD|N#py@Rhgk*7Wzg~$fkQb
zIrtl=us#!$MZX~28Ne{dpe1lnW(y}8KRz7_lY&A&QO3%%_=D1PfM%<;e$&6Bmt2}Q
zOyk6{&3Lqz9oYBUxLm8_@_NtQjuFr7WDfH6VIZ;2iy--3wWknky_9DhVDP;HlPgD<
z2mzlTQpp#Er&3QlRo<EZ291YPk22aEl~$x(KwnNtDQ6vCd!8XwiIc!V(~D&-Nj)YA
zA;srts13usrl9q#<ln73Un7)$pyB!Exsn6)s$)+tG;m;dWbKI6_%W>6>0`>++2{&_
zw1?*Ho+*_#+FusV0Ce}4E3r(Po44A|r^**$dji8@WfWTjAa27~Z@1z%KEWj;TPDOk
zwOygMl1I;IYx3dr;TBz7VqD@30f|j_<JV&t!TYj#<$;iM$unz|@MQ(AtW+he|67U6
zFLA1;S43v0)TSp{u(bk}WP@L<`x7GPmM^~#l*s?wx$uYKOn)9YAcVe;kNCP@<$C7U
zZVvhQCEMXGSJ03}1lkK}?M`O?;sAXV-blExvd$E8hxr~8HB~Izs-?F>+}7c~6kDu2
zd$`n>hNp6+L0_$crlA(;Q9jeOF07!qL0UVGQ`!2~ZXtEJmP6J-^O1xCSn9N0>C<P-
z?4=umic1Pmxb!ot*N+U2SrUaWkN2F8%8EC}A43FiB&Glo3#Ga3uk1$cNki&NsUW#<
z)#4*E(3N#3gc+;2ur-w!P645X(w2V)<&x{kT(ERTOmOoaOOe?Z;O;t%=~;OH#vYe!
zJ$8BPoEc@CV`Z1>%Hx~?6FLjm)(mXqkevhwYTp_rB-b`}kzw8jaKihiW&UkI5Munp
zIsf~k`r@VZmm=ysVjUX(#w&4OOrBEzC6%3EZ_#d3U!q73%jLTha@uO7p4J}hcH@U^
zxzB{^!<@KQ$dhX>4)fj@F4>3kBpkL^NLsRxiHv(dqMQsjGVY`~upUGykWabDg`2%a
zsr<!LkG(R-U1X)zKu3eFXWVp7ZKa7Ugr+W+=jZXv4`YDXN0Ui7c%poyT=0gj{}JAX
z*OsVS_}Umqw`cb81mi_X!VF3bba$dfmX~1nGm{(DVT@f74noZ$8p^5auQ7s&>zHAu
zSY_tzi56U5!gww$Fn_;0nJb8Gwk0~cV}Jk^Z9{d2*xI5k5ZU`Lb#)g2ZtXC#<0Nni
zA8v?zjI%3|8SRohq+Y>p5*+@q{T%Bk%Ji)1sbQk-4N;;TOqCj7BN=Khi^nQaaYm}B
zVmLCkbh#`)*CSB4vJkUC(!6vu>GLPCpCdh7^7JoHi1G9UhQ`7VnMPt1J7X<bd>!0z
zA<3K;?PlI2$C{tHG#LKf=VJO;hv4jo+dX1>vdzSMhSA5Q4cRy(HHv}pgd1}9acPCx
zN1_1RRb@8r^86Rd&szoRRB4yAh)_mz7v}!Z^|SnNvHho>0p=BSScW}JQfuk3R<~ok
znZy!j;9=?=u#STdsQJirpR4q*2<t~v;G5~(A>R<iBH0u8ww#x6?Wj^tq7gp)-AoeA
ztQVmxaRys=gOMGJ2))yP@bjtYA(&WAg6wKN4M3FXlxgOuX7WT-w$#zJOiPNo&OVtt
zHKi{h0BVz<@zN?vbwElBPdNp}8J{ApaY1|FuLvn%=fTHJ(H&j{wS+21hAqV7)gLnV
z&FMd=V9^xxth_;XR@|&cgit2%FSOd>z>^3asoT!kY>f$}&b89aL%7PgbqIj}Pg?;&
zl^}WWP;}5+x^U;i{OQioDjdyFc5H!dX%~7>$JuOgY+%%pQWTeD`S!i?kZD?7TdYg%
zCK^!f$h>6*{m7ij&&0XyL*VR^(E}Yn5(QQYoqc5S&*~SEVeAKPwrQ7Cbnhs%<^C-L
zs6vo6d1d!GbY+I`qWW*b3K|EEqeV<5M)7K9`$_{R8$VcUBc&#EE$K(dw454MW!tYV
z(Xv9qX>SmVB7CU7-XT&N3i2?l>>dv;AU%OY(b4?}?@TaY7iD<ch*54uS)$o}I1Dd~
zNv9>LsDz3cj~#zw7!5EoRa0uh(2~Z3N)w(a%rRO^kpF&fg7;~^6%8$JsThQw`)Lq`
z=#?}zQzL^Idp8eV{tFS|w*q>8CYUP|ABjamgkc^}lMMR?WgDD?rA$?vTMB;~cMpUB
z2->Tv>*qzl0@zWAp>>~6GI$$^&{aAmX}85>?`eY~>FOaasbGTMa>%o9My9syr*ses
zd846Ga5La_b3i&`+!~d3zr#WUlJFkCGf?#uK{}@usW*$&ltS`MG3K{<BlWYb_y*+&
zi@~P(_`};1y$;M)i9RbG26leJAOIJgZg{uhUjZo34@62D-E!qhYKGwaCja-|j#@{O
zJ$-)})*=k=7y(^${^;VUdcMYde#Y&!Cmebr*xSL?g(qUZp}#q$lRnzE!QtbJV|iuh
zY_L^}z&!Q4iFY5qlcGRhy@Zg~%Q5yZj>Fxx=wEf2<s46Ml6m2JeOjG46TVVhn@;kq
zjSxZoy^2{HXiFfL95s1>wL}MP6v8q?9)OUGU>ShcIvYh;qA&_R{$*`>@LBM2=byDI
z#>$DmsYO150=&h(Gc{epTC6|sQdYgeuTI7Z_-k|-4|2MnfwK6>xkx^cpN3cZ_-Z9j
z>ICDN0{MHv?+BXnmh58i<!wO)#biSqc6-27W)PR@q52oDLYUDp&;oS5s2Gd*9erpu
zGo67|WhYSr)TF`SJHMRcL1^w?5MrFfSd$07w7hvGhw&}mpMKg>4208!BEOu2(69P(
zwgLJEHbDD<{R9hyUdGoRO$#z;zhhJNgKzU1qFVHZj(!d8XE1@}m$tep+~*}T&&k;D
zp|Y#{6L(mi#>P+!ljG`kTYPgqF8sO>%|I+=tUZT`jt1iy597kzL)z20ZWw?d`d(8C
zX8CaJ+JoP+>zud5!#6~T%jd3~OA(;X_aJ`An?I5Zo7ZDCUV$5}kp*}gqyFBwX#S*K
z2D_&Xl!`=i=GTVz{F_^|0+9C!*wS~mG+%Q-#bVt46}B6d7!JHh<yMDLl~R($F2F)A
zdEJF{uGLbx7y)WI@MkExIIj>aA0}SrF4%iP1D;xcCw-97h5e3$k)5&;$h~+BIY83$
z%Ya-J(L&K8)BBZ!A`?Gg<^T@EIr-{bX;&nL=i)X@ItMfZ-mZjCi<X)rY`Y(Ch)l*_
zw#4RZ$4qMD{_|yLE*;ltTo@eSi{P3-%AB8;Vc&C<n4{IxjTzrSDAXSb$>eI{rzOf`
zu`Y&sE+K#`6iBxORv5T=c5unlo3WGauh}G$S}Iy|r6ggpyWc5PqIy(<qdG+?p{0y0
z<C8uAt%OQlP|{|F&sfK>%{<~yRw>SDTq+d!%Vsy-A(RhSX^|8LRP{;aZNTCa?~eXk
zuM2gD5kccy5e^cG0LFjLFLy*!93(>ufHg+<w*pIkX2(LDFOV*3pX?Dq$CHg$<oR#J
zAP!xXZ`P%->HI#_ge*&b<56**I`1`?gK9M8$KSH<w;AX3_$FOkXLH;YzZc&IMyE$)
ze53qyk!1%{p*Loq!}@VQ!JkoM!2TER-Kw)S%iIWjKOF|20*Sk8bKeSBO->KMUqDdh
zY%07DKjaXj5HMIf9BGu(H&;2L$<{8|vKUWwMNcDjF4M(XwPB#=<Xw8qZ#jJ$srLH#
zUBt^ZXf9+4W%IU>@txEVvdC0zMDE-$*UZ$H5Khy5UVZv|P3RJ}W`9DpY}BW4MMZui
zUgNA~W{dee3iQM;w*1Ds<pG*H(Et*4WKo+p-#&4+Fc4-LED@wBh^Y*g3Rs%88EfFt
z8A}TM7`Ym24K-VI77e53aS6r>>yX$2VvU2Wv2~4kAQ#qQ?v~`WuuaW_J1V2UIpS96
zsx9F}Epw%ot-$<DQWCQ~D){cj1DWE}Nq4NeGV9yZ(iX{sn;yFo?~kn5?^WEhyMD8l
zoAP{rNyLCDaYguaqy|n2fGILtMVYv~^8L@&zfFhR>rj(Q(L^#G!e-MPtN11PO0M+a
z0uskdCoDApn8&7AtUo)?^8M?0EnOoFU8Y~rda9_Fx%0~+iVqs{ABO^od-(SZp0Vh9
ze70i-G+mE&wYA!JH_UF(>aSgc?}~It-;4@#%^p8?M0T|tfMt>oK$eg{O>3~=Y->A1
zW}+xF4PaZ-LEZ8YS06EOOS%_@(>NzVTxIQp#8Yyh2geLHs{MBk%4BIi+z#u}$Lo>+
zob`{yCDBK*m-~~2J5cQ9ork9RyQB#R7TP)a=j&Y_W_9+T$|5RoKWd_u40qF_?Wv-I
z-4V`Yy#*wbt34~wlZPaE@Wx{WA*=C}DO5|w(z-vH>0_)2QqjSbKG64x!S9jHZ5^#X
znj(bm8^JX()D$ICR3BNVR4pC+A*RzzD}0OVz8?^pM(_C}F?0ku$RBU}*^x`_YO^Qu
z+q4k^Q?mBy`y!;~KFt0B`$f4`ZS#>KQK4P=gq1wj0Rt_t*=>|t8q_S`hE~roKh2Tu
z1x}8A<uX6^(3e;-j?LVDgu=1&9li$Fx;mQmx$lWHfS<<$>KI0HURW*Q<2be=Bk-6j
z7_P%&!<v16F`E{-PrMwhB12|({(zFcVEqUUevfVNg$Ukxxqt+FT((Jz2eqkqwaGRp
zIAmxP#yVi=g$6DdtKO+f=1ifpUP)cBCae|#2tp4v`9rHlQ^%4!uHLA21E46nbf2;5
zu{wgkB8%@`*g?`_&3>4)7p-x_wA~zJSw=C(n6ke$Ei}JPOFN^UhQDp5F8F<g3ft)I
zyZ%OE5a(%8@YTC&uRO_TM|SNcu>Z@ud)H<b?Ih4f_lZ;HX-x@1f$i9sBY+%N0J7UR
z16H%iF6>qjx$sLI`%g-QS)Q;KiKtNxT|OaiKNU`7ChDf3@#!FZeE)j(54M2)66cR`
z;SQ}G&t12^OFUPnN51BozF)fcw%*uHN4p4ZJGFb;=)xWb;*5)doTPs9_~k<+m+dHs
z+Q~qs&aP)RCUZ$sWZ~HjD>M9t^QJsQs0&@Tkcv92SMXpM-3>DK+6{b)rVSVRp^t?5
z^iekqn8Twd18@WwB*aP^V&{}zV9buT@roq2iLpnllwCi#@WXH61QPRmCe{ui1EwYq
z>TT-yOTcRTbCpw>Qv2H4CY6&g*EUIM4=WIg0}O_VIITrQgIIW`hQ48z6Y39h{pN84
zv8UY{xe7t;Qe#xNlaI=*zieErddjHqIq9N_+#+>8>F_2Q#HE!vMXlmj<y=N?9}7Et
zt_-MlLB~h0U)~V<63ri%C2?$&&j?le8q>ioIAmd@`s1Or-Uzk#En=3e#`vsoNl0^0
zGUtguaA6N|a<G@5^GEmoMWv{hrpdLUPHaE#(hcRTzgAcxKFnfvfPP|8#t|j@)ti1l
zGL!zuz*9;&Oyl>~ULy5X8H7>|ez0o=#9s|d2D}}T;j07>t#=6sfbEfvoE{65`n`+n
z;U;-y5tSREM{C7<u50Lv&~(q!n@?=CV(a5oUy|~ePy{KJ%yw*`Z2EAEgYrjVAV1S{
z-i5K7zP}W{+HSdjfS{q5C#{0^$BAvVvId(FHEihkwCTh7J2Kz~5GIV#F?PT9Loq^i
z9ViBAt->1rSsn~mEO|4iC5o|)*6Jn|7dgcJobTj|kn*bW-FHicXQg^CgZTW#Yc>Fl
zsME<2UuIV*hU8;ThmrX5O9ErpgZDO1^GE+`<detpE2i?z!7iPR?xw|Z&$oOW09WW{
z9#)}6ZUlq@n!P!{gV}WwOWPtJ#l-w|7Vyx;M;Z-2Ehl(ug`Y%o_s^ztjNG;G_bv;5
zm}bNdi~^>mtS;A{T>{@RL)V)-J704Dbtt!=iG)ETc7Bc+o9F}SXyX4qjMm|a=2xnM
z8X?X?mo?<c*`Nu2O>f=*7mcwi{<SwzXBA4SM(W?yQqa^;+ts9Hh7FAVBj%793EUy{
zB>-CybL%5B)#!o|db+5-Fl@~Frm(s;!C`3h+la`+T)r)A<ADA>Dj&bTH&;0uzOp^f
z*Vc&!zze{xiTx|7=iug#F9aj69y_<`O(?Q)BiGksk=H$^p6g;$!<BiQr+ALpZQk2z
z)~#d(<nnWeM(Kc821<Eh>rVAd;Flx&K}{E&U|ae$4{ca>mdg7eN0F(A>o`MnuwnV-
zQF}xnTXyVyPt`ZfbywWRYwCv2WYM)H?Gjc;7Bxv0rxEATOYY<iGuj{!=%9Ut_~ud!
zl{qSkkB3M7G7B_J7-MTr8X(Ab+GGA!O?`(`i<1IvA(R+&kt~9uc??qzG%HNA72XTM
z)DR#<)5S9#`v#F!-s7U2nmw)CXX_VfUF@y8LRg<8jEt1_e0=e01uJ8`uSk~0`yCMz
z0R>$IkA0Z>DXQUQ)8d!~#=81$f)&y@5<fua-K~qjJt=aPWCKp_=uKR$0bm~Iv&*Hn
zF|r^(WLO~*t|yjq&C?zQ1gD-VuVCwtkBq(0Vk+Mn!iNn7udSfcyvN<p+K}5RZJ*-=
zw>Mvn`sdebek13xJdZg|H9nm;DRR!({m$`(H>BPUF`3;3=Jr>owOZa!^k{Ke#K8IZ
zzTCXNkWC{fQjoQlkFhrF0*R>%A@Wgi5-s{R(xXC~I;J(T#?mNICv$q{%X~G`pI?<=
z@!RsXxz7;QBh!5b)gsgc3e~v;JgZKx_Wgn9Q-18tS}IucA9!<=8$#M>Xlx<WPVDE9
zhA*V|o)k6$q5;7%*+He<_pp^6cB`Xb>JYd^q%xWJkG~sW)7n~+V7GAFYS5ORASWgD
zidoLvNQ?x&{k{T5ysw{`;`g2&Xhe>l4dWU=9B_|7q>hY3Bndw9Jc-7=t-#aUF1ul2
zTNW*Txjvgn>|uxvcn%2PzMA=lM-p)S-cC5~NM(%q7QXo<flu?>r-$U%mb6v%k|^H(
zcr{XR8?jvVV_J*)T&JAisd*+b24M#z`2WsfZT+9ex&ewVBe~4(9PP<x4%Cw9E>~Re
z<IO-&<oDY(Y73IMPVk*WKCV}{B}Mc7oVb5@_~;wc`(O)2q8jVMKp#}1U=t9{`cKKI
zJ-8*;mgk6+^#6n&m<<pvO|uUY*HuP9jb(ZbjBt@saLhrLpCjvrecoB&ldbfb;X2pN
zbz%yY02fJ~ibgD)OwXus$+N~H23{d)b{x7_#&*-Prg$I_S0ds8a<B&FGw+zRx9vXQ
zAhL0sXCTt4IJ`TlHeWmqOA7$#o|*gY!H}Eoc0&~!3yw+7mE2ASmlxlUwlJ#myT9jw
zhcmA|M7H%X5E$jwvR-pNsp#X8<`i#hNUEp;RR+-qKClH_r0<F%rQUR9+!UqaElS@i
zv1HMVa9w-v+ba&O36ul4jTjqEl&bZe;V^q~0{$Vod;01`{5l&4C(QcV+6Ll5-l&nK
z_ya&|+?#GYJq@*dqj`#4j#sMCS@40xzVj3%$}7HCat{YoeH!}5^_2a<D--&mEonpW
zeEi^kJ*d2baAQ$wD>P;;eOBbmVr$3>GHZn8!>Z?DUG6*h*m~bNu+YR%*w;n}RW-s2
z!zD9806aoKmyNJA@J*3l3b0rgL4-}PT-Ykh<IbH!o_OewnH2e*VHYyt${^DwSSkkL
zvP@=AXoO+5Xi4IWvLqt^ZKBKjsi_${uIg_+f)0ujy?0I43<Y37rm6{+j)kc^dm}Vh
zUT75gS^G>lTRz|dl^`W+yZOVhyG=`Uf3;S}<ke6A9Ac1bx4k19^sfn)0nvKr@Vr94
ze0T!H-V93$$q!O#hUEm7#a912zZz4$TyaCalP7}<+LGuHMZxIk3jNGjX0X`ZokJ)n
z_+AR6-ohR6L_X5{r^BX}_wn&V|2)m`!)$1A4YcF8bKCnzR>se(y`cAF+ip3$*k6P1
zkzn{S>sr+Ntt&lKpXozMQ5`mqgbwfV>#iRxr@nOVvtTg}$wxH^vISNR$XMG~jjt-#
z>N#AyG2`a*t5ijvdv~D}aa#2C$yLy7s|$B+FmiWwh<SK7QO28XeQASSR}5zG=!jf3
z37aB&X)4GLFM_wVCB$Xgl)b);vNLFq+xTo%UJcA*Zkkh^$5)bmg#tS<7dH@B!o~}w
z#+oM$9Tn-vn^gm;8Ok=$Ypm#B6#4NN__yUHiWl8a)bo)O8g@S&L`9?A6PsHO(sC<X
zn7Zuxu-l*Tidr#W$ezxkTynLv_6+^H%{iw$xCk@QG#`gkb>(?O7!{$^&AUd90#jfV
zQGzyg%T+z*;{^i7Jl}nVJGydFLbol};+<IIrX*E80xKcGki%D?Zv~uYlUGe0(Oz_&
zrlhW%868<&RPc{hwbE3#LzkRVqRco=Xn>$a#<VhbK33gZ!jA$24?fbwd2V__Xcyw8
zDp3qGi(RvZS5XU#JEyXXqiwR$7XS@OP4Dr!S3@+(degs$lleBCk>LfD(wZho+hk>_
z{$qdHpsU;O5-A{{iWqm(c<P`8xp)zd8B*uJuM-GdPvFpt>$&tLjE*|*zX0{>yfq}O
zkaUulWbNp6Jn`noy7Rh^tkW)9Ns_Y>%cQn5{!o2N?=6s^6oD4<40n3B$U8Y`=0Gwp
zv%5g0{7`yT{kW8_v(ogvU{}hwAll>SNhM0_)S@kdk_He$Ng4?vO*rza+(tj*$3yw^
zLxI8Pz%{8Z1vWc&Jr2cDn|H$`aO<VYqA4Jbj~s;xj&o%Re`FmKuKvziu;9PSsB<fJ
zCE@f}dC6@;<*)fC-H|n<bW(Y9FN+)tnkOD&oJ#OqgeMT1kD9!UwB)hmn5qSmxe3z?
z%dAjMuE74tQ}YyfHk!zRp&wC(?`9-m4r}OV>TwRG&EO?f8o5Nca=(UgC&a?J-5J16
zAL^aeY|!02%!~$RyJgQ3_1>9CW!^(PC5c7MQe{L#UL>4e@iOwnZV>I6y<RVCn~!;N
z&g6sgHgrQ5&(5l#=mL*t;VF)&nJRqS6<ukV4H!??4TV8Cf7pP8Byb8hwuP>M2<eM(
zJ?#u5_EkB^$hZ}9LC6XR0pnK~cQa~K(NCZ8oT@df=RL0T(v=80>b0QpT%@kl_aQ<B
zgwJc`Fg_f)r$>8yl7D=34%cPoC+n)Kv#4ERucUjOb#g>tY(XG<v?S!?3Xagf>(aff
z0f^T|4w1~}4`K=x1K-rdcoS+t=#UPfz9Z~r6r&`AGIe&YK_4<BYdA0akolYRCb%w&
z31rw%fksP%=s($2{zta**}L4AXQo^I=nbc>-?C?S(ykx?WkZtsu;J6x!+pLhigve*
z@0zcMK<-4r3g-|122~W;buih?e4n5JESC&FRHMHGvn{LuVV;&6m>Y1Qc(r98nlzfs
zrGZUY`-)7DAcnFE=#2kp7Js7A)Omx%&`p$Fb;aGTFU*uy2Olona<;z4P%RJb5iAEn
zIoPGYWrdB?c(ELvTasBP+Buak#Lp)$YY%CHFpTAE3Dgw%Y6i{p&palAv)zD?9HC7z
zU@%8Hc|e7wK>DjF(}P`RP)rFKCPUvy;N-7e(SQ}+=n1-DH-1dkyC|@qGeR`0jKM}+
z$DP;2&?1z{zSFm(BYsPl2t-L`z+~kFFL`9j&z>4B!U~|i>hit<ZhD|cYxZo_T#e#R
zOng1N=rMYg8z9L3&VKf60i*%Y`N|BdNjOtQmrfx1X2|?1%0x|Z{Ugl&6DqSCQbGZP
zH76u|r?rqXVJ`Ith%ihD;9ptf!NZv--yL$&2?5&NfwMDfhzloxP85qlUjlwKJkJfh
zn!`{WX&i!6<?CNXlWJ4?6Y2|Tv~z1N0DikDr_5wcRe8ENUi~QoU>1WV3+ESi@R=>#
zd4dz<N!Xz1EE}zS5E?s&&{}2_P*T$SSR~%jRf%|UpNx5EAh8z@ld*ij5h~xo>`}QD
zt1h$R$`AeaZ3=g^(415XOQWU9c5OYuy?w<K_YCp8qDJch2Dv<XJxEQD;e`c)cXV9V
zq{;6-QV-Dwi)Tha5@{?0wlZkpy3veywnaIEE_505Yz)se_cEQYUF(s+u&s{?QN-!9
zR};)<BXy?#XfS<3Zlnu_oPZq6R87>Hki;p4!Z@?y*_KLAhKWx3CUrOY+6fdl(llY@
zK<lN|A}n}&JWQU7;)F|2v8BL{EJa@aX?r3G?sPV<BX8h96eU7un6gax;Tp5*tbBvC
zoFt<2w|X&LEh$d3Xx{9G%=yeJLS(LkAxk*&|Ddekriml9Xm2n-MB)lfFD1IGXlSQo
z@1#|CK)1te)y`S<Re#>6ofK|C+;=mb94$W>j!m}-Gt%PG%Pybl<CL!aE;8vl@<Spr
zzz-pp1*j((gp^~NbnD{=W*o3-SFB=C0}vm4QNiGgL;=p|#7~9X+P^6pxrSEP`(TL6
zMW_ovo|djioF1~jvl%x+`a`w{-D}u_*dAAU9J5Il#0Jik5fR2MI@PAq!a5c<u_(wx
zBgwKED-6D(SmOMW*(OUtP}e9mummr3=qv})mfYG-=3|i;)Nh`3-AVY~yD`w@OWet-
z`kr%E`hH7CRE-YfR>pQTP)aT5I*5TxNtYf>4bUb$=LGmCFw1Q~gv2%-?gEcbjwEA&
zybfZ`0gRq~W3}E5<moBBQ4o!urd|T%wE1#G;!CveTmTQK&f8~O%_i@Nxl!af1XAG4
z0@5<DhA=7Deq^n((ke4=AvI5%5WLc#N-cFR9s+rZ4`uD+>BFzA?E7wTpp>d>pb{S#
z#i6?`x6y3cb7Z2RY>g0srZ>A*y0$Q%NH3En6tQqE)odQmF9f5SOla~<K%cij*@r#@
z`=?N23B{gx1*{aMZ^yU;UBL>lz^nE??b#a8+vcv+KLSm(n?<FliT;m-oavhbS2!-&
zv5RT}-PYycEmkd|W~RsP0j1sTuCO8LaOEH~vdDNl?P*X#SH$1H>^9yN(S?7p<cQ}_
z7j>oQCAa>j4rvpT@Bjq6QUpqH2k<&wz1O3)3{{?r{*C#;4q>lCV*4SI0z-P-VVZ<<
zFHDh~p8F_upcIyd7$eA*oH1c?RNTM?zis-&eJ~!akW+3cr%$NNZ52nYFCI_wAkr_N
zHdpLUVJGiag_2C1mNWKeWs(PQBN<iFJ6Il$AxpZd_}jc?`9ULU6$0?Z<IL2JgHP;Q
z|6kYE>ImE7*>ZNLF0R2d(7kQ>0-lJ(%WT+D+r+eb&W$j%t?kStX07Msl}tqTE&_Tu
zq?N2@FQ|Ci4z=sBA8zxRd*!&Dw+cu&7aZQZP+ZWJEu!Ol&tKVbShHPUS6{5f=FyAV
zkb8iNY51xiqwdST7pipPp7x(9xDylhheHLpUiW(3P(5~iKW_lu-crY1A?fy<peqrF
zsIXbXDn<soV+*4HsiTnjsth4V_B-A#Viqm8BAL$ssT}=!m~9s0a-8CT=E&iYD?51|
z5V{X$u86zwG{wtz-}!X`oQATXu^Wxn*QNSlbOOjR*jG6wU9v@+NWtM2rZ4w)xs_4{
zdgOPpFf&v$s&pV~iKnE^Ji;OIpLXRor%HyS8V){ZFm(je8hfLB7+Pw$=$9B<-QFau
zFmm+WSrfR}Op!Du2<Foq#Cg<ErdGNnN6lee<WO_FE8Adx>X*z@*o_NTp==VS<wOpz
zeB%VT8dCdrj>Yxwy*IG_-yTz^sZDiSYO?8JQraN{heD)WB5==>EL$1E?@Q#p;_KZc
z0ALp1AT%f^R7U+Q<+`6XFh1bxhtQhVdK64n2Q*4VLo0g_R5K2F&str6H?H1Z#F^Ml
zaO~tRb&PQWx?$7q==hugReFr2c---*7R`GfR)j#s6pF|(4mn6;3QVCAnLYryMla3&
zhCv5<2>Rvggx}T2vrSLV?mVpZnp49_xhgYFE)xFA=+&ulhD(&>{kZ!C=9{=Zk4Sry
zzFP^9crg`^{_uMIf(<766<f|uw_Dk_Sk=_Xo+;K#Ro6ywl~OwH!G_{qvTV3ajN8RD
zPuN-;dXd@w);~6R^{xKMKE2So@gv5#bBhP!pzYv8Q{!49W5AuG=#WX9j^$jeJ&?&S
zMu^6VKe%lSg!GdoB4kd}Rl9=g{Hb4c_cE(m7nBvm9rQE?HI1<6c@k28!p4pYfu9<k
z)l`}F;5Un(m@Yb553x1e-G1yge%&fKVNX!LSE0O8+T}pRg9TH>VDvoLYxS<>Z{>ks
z(l21?M*4>rR#VhDw7Cb_Q^**n<auBR4m{Xd1kpp>Ps|Oe4&EM_8_K%++JA;+w5MYv
z6!IesaDg;+*Wi!~gqMD(vPsD?m~CS|X)Va6O&2#Mt6;kEQ-WEA)cb}K1Ry?&{our=
zaJ1tA^vn5u(Qcm?%-|7N7$z1EC^ldtg07*vQoK#IO%$RGtXVdIN<k0%cl%yrL#ehL
zU3i)~QrrZhF8J#aoMey#Kg05&vHjN)&Mscrf9@cSnBXzOYtW&G+22@gT!^4FS)sAG
z^48vj1yCTkv9&Cp8yW7xEPqpLY`1a@*~zb=XsHer-r2;o?1&_)SykOZVFaew-{`I=
znz{4S#!duYuPw_a(2k|(V-Dws3Wb!t9_g^wQMWXjjL6UP9mljgBDiUD3JC|AkznJe
zG^%mIV}D^V_&vAs6I*NWn-OG+XGvLc1RcV%Q(5KyHzVzF209jcOV<_2i(!qep{ize
z7_4*{vE7o*VS<q{b{6(<J`~_>ZZ)S2hU;aR6Zoi7-&`Bp59MVU47ISZ8Trkug3%xm
z|3bAj;4R;NBg#y(i;0@x*E96`bdkIKGmH+>#AORB&)YP@Ha!_4gg%-eT15|85u0)0
zfsc*NhKNK#dkm0pzw*Dj<o$fR>gyopJl!Hi|MR)yBNErzG7$j(fe+lm`RBa8iI66K
z*0r5;vQYcn>$4cJ32ZZXc5GjU?{V4sPHcRHSDy{NDAQRr6pQ({Fooxs&$dX4&as@!
z?j#jZN~p;WW*+NnatP}qfMO3FW*wgzqMD!0uACy2jv6?8n=TdF{9@P^kp*n7^|!Ug
z+gbh&7hv6`m-=?IR{~e&<mELCsJNUFnrdic*roX%G?!{4AV+NL6@4u-2Z+H&(^M{D
zsW<RO6X9Nf^0AfFO7m>U$uz3IbA#vcG~PcHU2Q1|0?pbo+rW_NG6dEq*+9D9LxejH
zT>L2&vLje9T!W+2TPmK-#@6On=0Y{*W~|ul{uzH{OBShI0W`}LM=feJ6~(|Qky59l
z|N1Y&^t8U+JClI`ek5>nC?SXittFx&2CpB_I&CD!EV8s$7cEf?em*g)V8YfkQwADr
z3iVdD9f+wM33u6<O>^nlgkzBFJV_2Sq^DEiN(s5x09j(wEAOm;8~bzPnE}Hvo1QDF
zE6^D8$F!(7@G~e$>lqmiA=OYC(v_c9@$QS6CZ~IgeLPxiY{;Mh;@`X<3C*?4Mj9=O
z#br($0wrO#aI|sbbP!3Zpz97-cAEnsRRK2J+AW6;-GOT*g7xCIuH(x7iif>OlLBgj
z?pyp&<QRy9keXC5O;z_db)?$Vj$tsBqLN}g)_~71Af4$*3k)1I=TO$%pZ(sGRFYD{
zeej9<$5*P^05^}ao5#Cgg55j*FG@5s*{~^<0lV+Ib)b<lBeBUlm97W4V7PIiBA$IW
zr}RVDq4L9Vt~8bsO4{l;vqi*ZC?jkWq>2v5s?k3%5*kkFRxU&34vm<c6&$NcFVQp4
zU}pq88AH0?O#*znU(2*sxh#65$c0dcj0WAyN!%()XwBssDx=M#xIG6*+->nsn|M?`
zIJKCt<UM3z?Lp~WtouEfbvfZHJR|l-@;SeKuDP-tpELFm3yAmr3vAnX<6MEhpJJ@a
zxJR+tcmX_L<DwMaCKE_jbvjfZItmm>luZKprc6iGRx%<F9rT3?5K3*%--jy18z>8%
z1EMC{Vy4vVzHe0_1-{;y88fxpjKDqqqe`5B#pZJ<z$OEsY`%l_Yjh9G6fKqmqHa&1
zkG$>d<It|;>Rs#oyf;q-iI);D<j(#(37Ih!l5jVgAysYmyRmcI>nD))<J8LgjS1cO
z#bDo8_!rJUx2CtH5D}2X7%cc5j3zKD-{KCNPXX7SWSb>KaxFfVvH9vwqH_jyN!c!r
zl~|6oPTwI^B6g<^rY~&Rtd4Joec3ZL`Z|w6yJl*`TvBM;Uh}S)FQ~*Y^M9ltI>AE(
zl6Fn~B~0|zVU{r3=Om-K3fkhfIf54vRnFbd_h+z`mfv0`Kd++A2<UPQ3~AfCY{%pi
znL&jj#L6gua;2gDe&Z0S7Wi^$`o0TQW>jqlhyzv?NX^qbwFZp2*b;OFC_Sjd73fQ<
z7(`7hukXswQHZ8lPNiv$AE}>0IJG@`tQYUDlJJAGm2`xl$tlqAd_{8E{=i4>okZ9g
z5>I!7qrHBbL|+;1E*Bp@86a&1%5_;Q(&12f5H54Njpce-TEy>E-#U(TZ*ZBI4*vqA
zXcKFjzPWepCAj}eR+k(nBG`V*Dl%Zx^Xb`R!}MMJ)Jd&IZqJSX%=n<;vfS#@e#z~3
zRND^*uS!IbDoo04_Z^_`iBj6RvDHGVXB~&`e{#94Ij_oxDNlHTmzDo!oDCNz%nbG~
zf)Rolavh^Monj%<+k5ehaY9l@R#7F1az~OV|8*>_UB4a(Tlr6KQbfmQ2Neock}Wul
zuktgK?97QH=>e#6IKzI%@5QUG#%564$uH;-Y6=4cLkpV}+SH<LPfE}l(9<)Y#t5aT
zTi>T8K$#nx&Oa)Evd&oY$=Zi*e!b&GM`}~O?41>!O7duEj*JuAt1&;XD_u)jYM$)i
z$Th$#@{iP32*1;4(#`RgFXPa7Wv9;&=i#dwv8AV84{g9@hDHz>!_ZoDK9mn5V*Iu^
zRh!zB|07f-tH+s+|4rV!cw1_=@=@J&=alP2S1IEa5Ly8Qmxn2mznzBeotkNpg`}+5
z5()E+R!IqU^VQoUFtP0Hg1L!5l61=B?OMkfH(PU~wl@dQ<M>QVXj6X<RJ7=4*ufEM
z2y~9;7lDuVjYhMSE^Q~I;i=<DJ$6%jcw^`XN(9^w&$lq-(4hTuGotoi;DhbusZ9Zo
zJf^~&$$&KI<a=U*Kx<I!bwi(Lew{(KL3?yB=9P`%s<J7wThz4@Zas?x#*&OHx0I`G
zwMz6JAe2wq(z-rZHDgqO?%Av5jyC|wid^V=!HFq9CTZ>AVPaR$nPfm%R0t<j)ra)Z
z$Aqn#2pkT*5<1+zg&p>>-sdT6+VS>(8m3$D0ymxm8+d~krXUaXF)A44HJKi<kYak~
z*z(l3wcubAz!Zk}b$0sp;jZ>ul{MGBHZSkk1yx)G&(e`5;y&tmwv->wL@3LkAKT!B
zw11j<037w&1uVcoA2Y6qeU#HR9{!NMt948@Q!jlJK4U;Mwg#_sAfjeS3uWjAh<pNF
zK6Y*U^LNovcl`t>7lc<O_cOulO+_<k+{`iQ9GU2%%$_#IXe6t3B6wtK6n3Tg1mYj3
z*XPCXs(&@)NqTxT>RkzGbJh7%A839ABZeCInD+Tk+nsf7c$w{y$+Vj*Ho+<cVuL)$
z?E^5nv;V|_)i0kmkx=G<#NOVR_a|^Bkg75Kv$v98QOe8GkBXzJY|<xZAg-v9(?*VC
z53vjhH*ANGe6iMN4Icez#1r_b7*+XEz{ixH+J`cgClkC)G5k>Qiy_QTSwC~)<whWp
z9IV-P1QzRxqXeLV>+4arDboT;Hy7%vvUjlHM6lpxxpGA|o$}?gf~@br7Guoo#<n5d
z;)7SZuslre?XF>RYjL;V*I3}<%a8rpt@1;j<y7tRWK|7#?^XwrS=DwH{R&TN1)Z~u
zJsWx865%~B7^qC1s9aEM0L8K-m_X-?wGCpu8<dv~PG>0iIDzF*e7j!1!p{76=7X>V
zEWFwt>LwGJh^-Wv^#}5n>_@cXRxoIVaih}C0hHow35zu6=E@X~&lqG(tX=NG1}^Fk
zOOXt%F^RxC9(Lg;Fv6K}S*X!qos_Zgtsgb`VP*I~wpQs~l&_{cb2EDh=P(=w#v%u@
zySKc0o97C^h~IgxBg;>Ia)}VUQZO|31?x2xIW7M%uO9(8Y=TEufPTgt(JqqFC$6>4
z){$LO2X2AZY_hCHT*jaYJ7hLnPm?-J#y+#OCtmd#w<alJP%yEs|L<Um$xOn5a8%|h
zSG;~gAnWYk(C`PYEPomXo)16D&dR(AcAjF34&8Qpr-|D`>>g9KThIzJYR@v+oC#)|
zkwj9TJb?xktCe1(?wPk6o^V@W(trM;dM`093_NkndTZoihzz26fN2Nicazr*$}f^Z
zZiw^oNI5}i-JQ0YoQ}luo<p+CnE<{oC6v-cavonZJVMfH<^DuhmleC_h!YhxHn}6I
z>xU+-I0U{c6owF`iD<GI{d;~K(b`$06k5aGU<Nw8%v61L?g6N>91y;0(G0lp`x_oL
zjFns2Xa8-Tlkz7}s~YOVanDq>UR~9*VNmA%Y+&%8<XE=Q^ul9esENi##PwepqQVl~
z>GlPqzvMBAX94?gbve|cb+x<XV_dgf1&{NI&cIib9adfg7i+YyDf7W_Ydh)!hDd9#
zA;2w?=`V#;cgN<0?|1)M2cW-cBk#3W+nOP{=*f=Y8{Q~l9)r6Bfx|<iAg`B{DEhI+
zOs{M4&7_zDGQGa8T)vtalZlF`qlQSX<@HVZ`8iWhs`kFPLOj{Oz2=eU^>7zcMCkSH
zq+7vfY5{iSp6}y0MH2KvOuqMml^yJ>z|PSx<`XgS8r3AT>srOT$^;XksNN^;SxP6~
zKgIjNad9c%?|zjhbShOjr6@>ABn^`6%?OCw4fGMt4cxOSE7Yv62-oe8!OMqnYE3{T
zg_#bk^_m{s+NVgt%awzU_u0W~)s`~qStamzlq2_l6kStbB})*EZJQh0*x1$v8*5{8
z<GZnK+qP}nwr#)rKIf;Wrn{#Lea@-FgY@?Y_ir1epFZfvOAk4AfU%RI(;>G!3}l~j
zzfOe4KLI}r-%cA`94q0C=P`f~Khm7KQygf_cZQUjf!{w=uTH9lKIX!+xAgdt9HX3~
z1uiGyJXlF|h=Mgprs&F;Em)YQscJgBz{*<7wDu_`%9!Z~`hY6!v^0oV^EhQZ$66`u
zMn$hc5S${APKe?U2qi>uf=mpZxqh{+eT(RUZiiW!5atzIv8~q|=&GJvf*!H%43C<%
z3%^843Pmiw$R)X>25IEv|M@I@t~iWYIehfB)j{&R{fCJ!aAP)h%z3HSSK3ro#EIdc
zd&ba_wZi$LnV4E5$r#(nyw@YF5hrE}W=@-aDTiV=pFi3Ie&FL|qFeuB$-o^nZ4E9s
z%4K>rT;J_Y3fvCP-$R0HjK!>Mc^k0sb~pWJ@&{^*iv4@pq@5^pZa@0=9=UA~BB6fT
z?84@x4l_Zt-1oj$@URZ?n2lL(Y%EPhi-!%pLk^vQp1c<bGKFSJIoLqW#3A_(CU4XJ
zu(>FXFmsdxoY@+lp5J}h`w-JP0Q5I5ufrC<rUHI>Z}$CLTp`1T79^P-TpbqxmIboH
zJ5*uHS}j~;>9%83YSU`edl>ydO2$rQR>zcn&eu#9m7*lY!U>xkgStGy5UTD;+aX`Q
zgDQX!)*80E9eLqvJDsDkWgl}f0O1ZjKbW3<Es^v9L}o=Q1LnuD<&8myOK~e&9_5y#
zV)0YnH5OO?CI<pQ@C6exdb*oCw`}Ord$c_+lwV9UF%iTHv}7d}-J^r)gn3dH=r}M7
zNUHzd{3Z0p;(*?>GjLX9XlWHP+|1>{k+2q&y=Lzdh{OK@jp5y?%T#=p)5QAW1Dcvq
z`CSG`9&btZoE49~+EFGb@7kqx$T52{^j<^;(Y}5QyEf1b)(}H4Yu_u^XACzB7v%fB
z?V}M8ecfC9_#}$`*Ejg*TzpAc_jI{Yr(gN-Pwl{;H(P`2EW7@fT*wTcB?Li?4>nA@
zlRClE+yvh>_C?y&2I8Mr>enQgL|nlD5G))($(|3`T|X1~R&)?)u{Qj@-kXKIH%v>n
zKUV_`(xSiBziAiynQq3uc4VKgtv6^&h@zsX^0=kTg+L}|&bJG95n!n0`h$rn$g-%B
zL6#A(&+ipR4}M>at;&zk!gAY<sw8C>yU3j-DHdDQ<e2}Z{+&iCRB@+JOvWbUB}xcD
z+vMT0Pu#*Vjr9}cdXo2z;oJzfouz0dH3#lz)Rex>|LBJNjtJbc)Wu$98cor%vEB(*
zlTd^zI0qxX61ld=2t_tiK62xrv7+ewgt20l02#ik-Dm|SIpd(4DrE5NATST{g`6C;
zd#N4wP0SM0t(2xbdD(#aIA&ZSl2Smm6uCRPTo~LDCBILYVm%KZc{&iP^;S(&30n<;
z>A6rNm~ia1l786d7l^x`#%%;e_aIUomA`-Ij5IBKoRgMX8d*xJgOtl^NRI=5NJz0U
zmZYJQ*eHcA;gvSEi+f6->iX0oZ6W@Tg>4To5rNF{bKIxC{F^Y2yH}U3cN7q8Jym1-
zGE+pT&m1uE*IUc`tP_<)11Sm_tW1`dK`9sAK5^N?*OIf5zEGKAcA;tag9dlDs-R%0
ztgO-u(aB;iU2*;gAGy5W*wp^ng`rr<fCJ~f;&L~JV9?7^c^C9HpmRI*(dW<y)Lg8a
zo15A}TRXbPFq#>-U$Mb+&;V2<6iobnmQ71HX|FpsD!Yax0pxS#X*X?1fE<~`I3Orb
zKKdr&0fzQxbV5BeQZAZ9_3Wq2c3`~uZzPt15|$TuXq6jRPtOA21^*QeV_)wfpnI`*
zR$LM#*E0U-@Qx39dfX`|t?*d}UdkGWyNN_qMO~>6Z<mIF1M?6FuTDMUag)dbPt0_%
zizg59dAr2(MWlT4s13L|%3Z`s3;BL}W18;AB+Vc`J|6t(nR3_SFZPOb^h7qpBRCF3
z{D5S1&_kEK5+@y|;63HQ9fdsaGj1w%xY!PXd&_dX*l8)xxmm&7Bbc^}UiG&PH6|vT
zGA^W>^0`S20blA4z(S*q9X8;c%?+2op411pX}^%ldbybAe34gU!ZM{O{H$?1F}5Ei
zpj15xfF`x00xNsH{vhE~du-8sXuo>5J-F>XvBC<D_^z2gLLQ7R4kxlC_Wk4Su`@c4
zjX%ub_WaZ@X%N?DH|<S!dxgtLb4<$@yj%MROkx<CE6DsBP+&6gwpPHyCm@e|8<BuY
z`}1BbE0altq9+?S*f*MlH$&{0Q0VwL6o`Y!YVX)pFFA@huEOSr-d7Z~s+U~VjNbmG
zTRylE@9&DDX_aY-Q5wl??`M&Rzyym>MK~N+l$~LL6>0WoR%tbrifUEZc`b<e0#A`E
zSAIOcJg&?f08?I97Bu8DBGL)NQm9K@R-EUE!@{+S82wO~drjrOp_`??>+avEH2M9x
z@|p1BTw%8chxbg2`PGj{7vidi&Y+dTaTS5W#`3~`I=~jEP;xP0%+-wXo-mBmK2-h!
z36bnrCwJbP@2p?(&M+|j27T$i5O|QR#1U$Iarc1+nAXmWwETibC=(qU3M$k(cDFpS
zMLNZ!Qxnf%Ysh}g#mj|>Xd%Kjqwr-avS5vkr4%)p?@=t}!+bg6==qy&@TJ7VLqy!}
z@-Hed542~-wtSRyGHm-HJwW6GRY?4Z7&JEdw<t%yKw}wPS0^GVr@a!UG6lQfeNq%%
z{@h9`fO1Jp!U!=jvv+EhU!_E>`vKY(ll!82OOCfN>+=l@&Xxr28YMkMj|((p+{uEB
zDLKe8=+PjtlHeB6dM)3te~4MyKyal6*nly_f>Hj@!5q+I2pJe5%l1@-B{MBcjbV0*
z9W?smSkqp5=2Iq$MUTCs#^}W1i30DIr1i7`7-g^fN@R<KUgK^NUjXc?wRY#}txfDb
z!1hC-#qMD|-II&1-R5&UM~z8&x=-iUU;RE{2`ICfsoVPm=e>RM>T8u62Jj(hm4Xx0
zv0OUNoIyL?{eXkx!)KUoaE;yVY;}|Hch{vCJbmNtc2n@N&#w9{-TQ_GvD@QjmjD3x
z`?aa_c^gl__`KQY{ceN$JoH@cb}*e$0uoA-<#qbJjlC^2bAwp-g)&G--()OL9%60i
z)Lh8^B85m*vue9xlf-E?uUa)Cb(mMjW_o$S$4GnIk^m#%+Szv9e%&AZ`Sa*DBePVT
zLV;NaH+Ah9cJkY%<!jykbKAUyxdRR`9-xfTwmlZaOzAIp6hOj}*jU}rusA_P&QeK_
zf}03gauKo1+g<^Z=yvONHuGB%NP4R7u~@!>SEXsqlYF@`JMmtx9?B*88|+&blG<L-
z0fNcfJ9n6fos-rXm(d=FdQu#)#3J6n9Hg40o<N6qnP71sHx4f*;SNgsem?|w#z)Pf
z{o$FY?xEJ9Uyaqy!MX*4$&WNTKW^ZjGoHh=iY$>=13Fwo&p-mFQbBrk-XU1kNV5e6
zvbAwFB)la0%j6rYrsn1&4jhP@XFiP75#tCivT3-Bvj6p~Z%r$xrlvA9u7TB{%Q~I0
z2Xp?TV`O9+m=_qxAnD3Yh>HRs^#_t_E4x>j9$no9r;1$lu{J&4F~mTuSj<u`_9Y&7
zeU=VO-D8&>LM*G!gB(_>O)Ejp(ZBK=b_&WG3dhD(CN4D4=O1cEq=<pT{%f`VAfx3}
zy6M3@`Lva%=N7QB#-Q^n&bbZadWhpDV^qWo?>G`sb*gmv<){o+zW@Ls`@z!XDyFK^
z%)yoD?IjtF$|4^g7STWrtagXA4p95S$X!H!fhFu42=@#Vre8m$r&qd)+T9<MdlPoG
zA!Vcld-5aG@mJ?9-gckwM8DZp|Et|Vt_PP`iPW&|+=6rp1VQRF{+Maw)2F>#n^Bs~
zk}+vj8E7mdk2nvaJ_h)S9-Qw$NK2nn@`I?$vH6jalZT8=kzHLdva9Ybb3+3N?%!-{
z*S@!&gAqbPTw1Z_NI;!yN$ZFwp{qDMq6Tb^_sdZ?GP1FO!0sM-y=~kw&4x%5ERub9
zdsn}3LZhlMRHVvq#LB|h)45{PG$kumG|Q3;0$UZC>>)&277V+BqRvq7VN{aC+q>QB
zEr5@8ZdUU9IwS`h@6XmC83Lo{bd-7<GOvtn`sL?&-%OT4PBM!Ni}U=ao45ZZ24G53
zQ?bLhz|QFZ$L<+#K+*#og-C%<M$s$8H)bR)VHEY{Oy|=?dF8`uX)t2Ugxq3`ioG1}
zn-(Re%OOQ|i6oKKbOum{a!IBEta=>Gm67)kt`VkbbLOlncqJF~Vp9s1IcQ44Et+SG
zv@cv=vK52g?A^$ekC@B7;EZ~<97_z5dc=}Lhdfb~)%b{uI)Gox=9P#RZs1?=zr@n*
zQEt~pQ9S4*)7kHr<#_ff{n>!kqgV${s|cA61pD7rT(z2Crk{{dB^C4wPW@@r>lz@N
zrv?IT-Vg5mo?(d(vyfX4x|^V?P;du3Ma%2`Ah9PGULUn?MS|yh={NE=E-$yzQQz`=
zNa(hchYgPLk^nkj&4y09*sz|o5NeDbpDgkQ0<5gaR{q~%#A@o?m^@Tv#MqSI`NghR
z2?T^1CjrNK`&Ji0&&?A^P|G)p@WAT28<1iH61yB3WckH(ApxI#GHk(E^#W+i+`4L8
zL3^2e$Nqlb_+opIXKyT}o8$n^!>1JSG-@e@wXw1|2NtX$QJ9XC;7DhN1}N)a{foOE
zKZVMrX($%@d?_Lb7WJ#QyZsl|@*WABej%zQj#cCWwI^h^AgOSsY@<Xdd|(w{uVy+?
zJvm~kzpb(G6S;Sj!?qy#@a@7W-1H1c+uj#vhP~l6mqztb3o`g25EHpUlXtfuS!FY$
zFs2>7=O4e&oVoiIxBa-bj+KMQvG=X_`<ZRrb_>GtPnO2{<9@!gIFNTUINv(v+Np!a
z!E1Zn{X8*8w*Brmw4zBdN**%w;7Qio2J-2b6vKe3jh=YPB?Aq#XkJ;1%q!g|>K^l(
zRV>9&og{EzszyW*tkLBX9PmdaNpdLq((*VDm9)CcF_qXH%?amWMZ(O7WhPJ>z{19A
zS%L}#T)mD<Gwik$!reQqyp(RmzX-hz_qo@bvKI5V8A?Br18WgH;OCIK2e6l|Iszu;
z2kAukjY);TvNc-67G!#}<jD(Uk5vv6Vv=wJ*nvkx%s7mN>IDdTPF^tB8WF?4cmtV>
z<Gzb#lnk=>gc;fWk(P|$B=<^^lB4eLqgpDD1Y&x$c~?|{_r&I2{t)*IAN!%xYQZal
zb^~3GH{q2aC&scQRZ=pTT+rxs6#zjj;yhx!L<nxMq5=>#B|HK=;-aNQP9yq*!=ijP
z8g4F?^l|<DsLtrJefP14d9L#gbr}WvgA!e0+8;eDme4w(GYrMW72I;}PJr~mf37Zt
z_;X{lFNP8xd4++8gLzAs%W}8Qrx_V@&#eAkz*?|_GpBd7jMrM_{+JRr;7gzBde|Eo
z`k6o^q+aPET>mY-(l)zW%kt(!@PE!4PTth<1rRKNlGwZ2t!Vx=oPP4Ci@mOAN`L=S
z$LAkWMB9)w#VT(g?FM5mC!e5%n7c6(q%q_vxL+^#3zL;x4VV`TNF{6Z<mcrJ``qp>
zzg%v-wm&{~!LU3yu22G)r^*y#++P;abr@-#`|@KoR-!D4!f9Z*TY6XC;M4<DMABv0
zMPAiI9%!X_D85XfZh@RLqaV^A#Vn3fb(!s;T;F^ZQ=#>I?})IZrV7=w!k84hjy#V{
z_ay*Tw#D6zqcya_vM}b9jGRvT&|EcLnKGXI(>z9=Lf}}B(SWh3K1kwXEJa`9r%g4`
zV%wSt=of^@`|6y!y~!;;m(%4?*=Wk+V?~1%!Qh>dYhx{%jP-C#OEVuiox98X>|yo~
zw?%P{6Jz-4l|gLm7zC#DgUj|kC|>x#&Fhc0*il3!L~zR;XByEfk3OeiCL27Rj8Em0
zSn6#TMxfod&49OYFoAgcJfy|Q-H3o<lWyE?1vfPvywgh+@InldcNQH)i^@U4mW6!>
zcUQ3^6G^4X2uICjy?CwmH0Bg?!?ZR^ReNnKD=(gTC(7bg)YMo)VG}dr=s%I)iru=3
zS)s2C?I(+1l+lNa{R8WqQ{933d@1gp4IRkpcS!z;;7Uyby?j@b9^onp$rFOWh)qaC
zPXfqfKsr`w)rwuR!1`z{B280^;Fb|5Z>`kg7gbYaqh%$}2j*gVR<=XfVC3xSXx0uj
zZj@DGcno?D=gErukT{@s$>#e&?HWZ<$V6_=E|DzoGWNV@;$?WkbMBt%bIvWYB8X02
zBIJCs`yM6tQzX^;U3#SbAIy<#AfmxNN@}Fc30-%+@6gABh!GZTq9z4Dfs9atjLa(`
z3cWyN`?e=~H?#9hqB_F2sbPyu9HN<ON<&&;B8d{4yd}gDol67?on5oDr-)9d;{{ef
zYi)ni+pS1$l(waWdx{9GDx!`)4B0DL*T8ou=<F=gCJjY-sv|Gc*n-P^Sax=|Ub27(
zqg;I5)Swjr_+R?)y##s7*bEgJlm8q*($G&a4oXr)K~J`ehhX>C2l_+xWs84U)a#}j
z`Wx9B1q<YG3*v*0zBUK|!ClF%2auuwM@GFvhue}P01P&<z_{XVJweKoQ!`l3-)fn2
z$iG=qiiWWbbz=C#AxdgJb+v72nvF$83Bdc71?5$D6e=DUb|}$7y@5Bt$}MhacCdH2
z!NCyjk@y)2UppoU@F-h%uLJ=Oj?mOTtE2;Gd+}r<Z$ptD_B$7>MV@d^oCc7N!VYKI
zFfW&yYV4H;uY}tQ0>lMvm|f=zQ%JynLUBg)XtdA^1f1NMml&38oGEbx@4TVy{ZIW{
za~}{aYh6sEo%hHiKrZH*Se$D#5mPqd;7H78!*sNi`6x%&1J>JyhgQYEO9pbEV3QDS
zc5XKqbFMklS{YaR%BAeCfc$2o(q=BAGPm8}D@HdjMYhk9s=xNWmqKg9^6Qjw1<k$h
z@ZH-4+pZ66!M&8aFlrYJ6;u!D+5qg1ZIcPKhbd}$DJ?(Ai%o7cKApQV=J(&9p4;a<
z2vEVpJwmNQwTKEAUEM+V@!e5$$aYO0kWOebt-B}da@_UF=%2LFfD=g$r%Q{$2ucno
z216Z3ql)_8RE{dnqK2u7f$?8?`X(r!B^Mw2_N(l~suwoe8@<D=?TE;bOyiFKDu}3?
z2e~~>+Aw{fDIb)JS^0iVG4udnaxx38X7T%UgU4IF6NfK>GCnlpbHVmf?`TOlCt)Q^
z5Z7}~x^UB}C3D^!0L!t<as*r8G(j%_>ut2I6{1AHzYNK}Ci=cwbX&gkH+x4Ry1yA&
zBoP(^$PXRW^$%;`N=ye$Y{u15l*e`o7kBlw;6-)Tdu9;SRN^OCf~f98FkW_53U=z8
zq@*neWBtN=AN&t_bBx>dD?upEW3PN0n)Ku&M`qUscwof=FN>Q-f%#C&VYyJrDdO@N
zodg^$rsJ}-84bP7&1KtGB#BRA?2UHgO*W-6Ysn-6;**C7f{Z_-)51AN_Kl)BM+8%<
z(8hiAL}o=FVz(;VLo<8N`|M4)e=|-&iOmw!<V+$>EF)H0&8g75E%9F(mV3#{>o)c!
zTbN}hFJjOGlFh*FSKVte+Lefs{|Vikh#@a>t~>)cbEARamVXslP&!Ufv9Uy|K6~~r
zlJ&dU8SyB^ebw#ByX`nn_g#41`P^8Bj^sIS@3zf|(|7f5_}ejdZ`!X&J|9nKvjp#{
zgw`*|P=QU6u*gwL%<e(>G8okezB1bR2+4O2zB~H>=;AB^?qn(v`_)%ys#S1b?bU@p
zc|bZWQDCk{?Kq0j%HHKPvA|>Ni@+RVc8$4R^rI#JIxE4=-<n#(de_Z+(u1IzzqR;?
z9?Safc=*Ha1Njf!GKf_uYQt_^1}sAZgO>sU7sGQN$J&HH@-Bmq)*ZAMRHt9BTsy_I
zwr`LD6o!b5QyXHl8T%lU8wpFx3C#g>a6z@O!hh7@@_uWtHZ4sgj^-)q)zOqOO>gYf
z-Ipks6Jn7ea%97Fu(<zwzWh8wMV)_K#`_BgwgAw*YMOCC?9r=^fj*TNLBA5#$v6zn
z<B92IUmjznsR&Lbv4JrY$J~$~hD{v0S>g!OZBHc$R3vqB&w@zK43=Y6bSy#ndbqwu
z88Nt9)?XrZ{k-^uvIaJXgOAskuX-;xk8fLf+ka3H<p*sk9;`p_Cd3E^e7(1q?+v!K
zYePGo{e3#6B>Ip*BVY$2zmmsJA%6h)1bxS+{ApJ!VmO7V*y%c=7#CWyF3)h5A^>kS
zkAHW6LVNKCn;#YXtZy&4f|kBJXAYzf$p5Hyb`T&BJ2HTs*I`kovBOhQV|BCSs2JK?
zLfgVAO3jU{J3t`U<NQUhn>F2Ia$K80Fq1umwx)hlb9;D5YHa^Wya}N&1Ii4T7`)1K
zzKQokoFCj?D&Jc6cy=(C4PjicJ3suI`mPD_2D|oO$^Od220{|L^sL)A!@I(Z^zl#$
zo|)iN?zXgtzeo_5w?uv!13nF_-T@J`Z@m!vozA3gZYM{+C{QQxTF5}82uNmPY!An{
zmP2VFMdH6)9a06VwVR-oB{;xPY7U2@ZSP@W2H4wO1O#LF6pM73Y_t7t9@Fkd!}+1(
zZ{fyGrgz+H<l*y}^-bIP&(qiY!sYeFzw-vqSFJ(GPu~=x=zUJxE~I~SPfVT(qD&oC
zg@qt}QPY8<Ej0R<@_VlF_U+vIsNzh4>+SBhxBcP7v-!w&^|~uJ7y^Ln=8fmUztgCy
z#&$|{wgod$Qlla#q~7wXi$V^5)-AKDO=@+4iOH5>XXEo^E!JR*qh2G(Yd%|cC`!h0
zx0LYc;{D4|h%8IU%Cs-h?}`5WIJJ+o|D34JgH)Z{kpQC1?!w*Rz}2R#XC-ej9a59F
z>J2TYK*%XsHvp?7WyEs}HFj4=qjyfj&BaYcRmFmqmD!vp5vI_4ONO|B)B!NZo+}au
zt1oVKOtkpIE*g8wI@Ig68#ovx>l=Ptl|Pr~Y4^-g+U?e~3vyfRP$4y05Ma7ApX~Kz
ziE5uYZ-V;Oz<baFR{$j`SzMR{-lU-%U%p{~2Eh_PkKd&LRfL_xj^23miB6$d6C*8F
zT-XF1M%MM$4}Mm;hL=y<S3vQK-2LbG%7cRMH*r5&t1X)|isTkK6t-^dme8+bff6kt
z+)=_GZo4tYCO2>EOLnB*@Ltv#5q07B&IX=V7t5rd2V4E;O}#&=^2l+ll8JbN!F5DW
zc8iw(ffW-fF^3;|8@eD{eX7|-n|$tWH7VUfaw)={GzL8i+Y(M(Far4ap=asr`G@PU
zN{m95iN<veFpU-MC9$Z@wVY8xf|-_dU%S5l{4M|cX`5%l74n|X{E}s_xgXp$Y;d{{
z+5V`Tv2WYI9vqC3rXCR;7=C*<$fovn?_bHj9mwSv@_>{rQM-PohD|>Af`!ElLCUu=
zgQgJHosa#gr1-2D{1f2zfW3FoBqTQiX?5g~i!LW6L3Fj*@$wOD)$cDC#U>o8NuNu=
z^ws4_)Y-SfC%@DGBU9HdD<T*m;{}&z801L>yByaquozU*#yOyoc2>p`nF7mv%HAx_
z=BQm_-Iq}quXTg#^E=q-)aR;apo)zX^~|V#d#lG7F~|bFdKIXUKx7#oX0|)4>3-dp
zze$y9?G}buVeq-P-w}Aj+;XclxWVka@f&V8`8dg3!uAwsTgXkdezy;{+=i{4m)Nrg
zPU451ewTjd>vQ*7_t(qu=jShnN5#<QqLN$Y!7QomJ~9Q<&<H~OMvh($i<Sbm;v05%
zake;(5^J!gQ9#9_1tU=z2T{kZk}sQC31U=ZnnS^G$c%W#!cB4CV2M!%rQ^2U2)^Dt
zBZ+7G7o6no4t!thN~GB44h9;;ICcZ)t_YO@5Bce%tsdX9)-!-))MzLhjriY;lIR)a
zY}_EBPgIH)w@7ALK|vZG7y7E4lN~$xbI=$iO17;6FJM!Nd|5bSW_BHxl6$IF6LO)A
zJZTxc1$04!f8A)fifXxCuee31|1m55aLsu-Iecl|v;E;0^#c`DZ7`9_M1Sj#;$XPU
zn~6UM4_lMr#{z7hAAD#8I(5G{gZ|cu&QS_d2tY#DdvmCX*<%uAXgTC*FUJ(cjg8<H
zr5D|YI|I`63vge>RXJ~W49L1Wqa#4>Qb<%31u3tQt@0jf4t_?3;pMDhKYu^@NG%|+
zpn`47&V>NsE;p01<auejI;tfMp!u@DncKx6>t%In+5~WPYg#Qv<mN-z$s<F?C`tT7
z5n|l`*u}zkD(INE>mzOoGqaK|88IaX2jX^jUIP@E)B69M-dwD&+rM7Dl6-wUZCPVS
zLCDI>g$%C`Mg`ypmL8O+1J>W3-gjK>K9}u-d~TngT)%M{-xNWsKxu#GX$*W5rBm9C
zB>zN<&nk#k4u+4$Ml7N9S3n~UxctGVCp3TnMI&*S-%spSbeayKQ5wD6&xTe!UEw-j
z{Kk^+Bj=R_{s_=_b}%?MA`#v4EU^HfR(XT}qTe1=>>*Zf=uKX_C*R~BYSxVd6$esU
zA#Z_ou2F=OiyRKsFAGrtgxB-_DJd$Or*;8%Rh{nFM`#fHX?7b!bK-(`?^=RfmtMB^
zfZF}(Y_E>J>@S;Q`RC84B_^)7ucPd8>>EX=?yDd`SJ?6U0k(1ARebPA`oM82#N(m6
zdfFm(kd<x3UKd7|5)x14m{ndv8H}7dY8NdeK#>d2kyrlTTm%F)Z8``?n<wRIe8F3<
zpSKI|5fNDe;R}9cmo`1NF<yf%RJ(vPHn5GwwEDTU6&d*liC-;U@*goEwreIn7S)@J
z$p?(b6NZ!O`^Ua1DK|-U6_=lZGaO;_0^Lxkp$;nLc~DBz>;RW~%UVrPaWU4NWm;k-
zfVHl!gg(kZ^<an0*V;ZofXw9f1kxvRzvxpb^3EaPex0TGyLb<~W>%EzZ-y&w2Q2g0
zXMw1jyECJajL`}Qa(pOF45Nz!ao71(8B<YMYND;f{dfKI)np{Obk>eW@0HeHlQr4|
zH^HJxJGs=cvawSydD?Qz<Eg1BFd-o$0JgY2j7sX6V)rf)s*qBiWQ^GJ<43J2n=Vag
z6o}9>@K)gCn65xn#|9iGZHN`#x^QHcmg(d5Owh-VbnXs{5jh>|Rfut(B=DmMb-MgJ
zj*biRrnU&P+$vVqF4qRPx-BKNjyjBWa-8$Nq)_)e(rf`Btr@J9HRdBJ>!rm2AeP?`
z90Rp%HrO!y{uo}r%r4OK*6k=_bvszhlyUGG<;>EkqtG~V-(=^j(xknNDpc04$D>9o
zuaF-vG9ROLGy^ee|ARkGy&6}CRLI@BADPf{MpE+c1=QFb*!7uP;hIBIAQ$EsV@oQR
z9K#SRpRm*Mm!$5jDWrdnUm<G+z(6Mmvm#MhoYEgIgk~em0K0t;caTwKDHnz@Ry3A>
zwNFSN)?XQy!kil#!#8(~!Wma?u(x`F`ZhnjzaPMeJOuL%=Qbv|uYVx<HFCWS=yMbH
z#u5Vaa`%BkEzd<bCg@U8=G_RHqJSBK=H`jby4J_cx|#;@YEAC8&}GH~+->s6?|#7P
z@>Rcw>#PP$A&8(RjTr<i3IT;>>ElL}AjnXgX;vT`+$2CF6I@cjDE1<Rq)My*?l?hy
z&kywZI%hQ5TXTLYw5c(@Y*r-!<iGaE+moe+yFnLBlmY-af@0L;JQU18@o$sV<!A9K
zYY~;9a2=u?UASG#AHOvLl$gvRpbw*!^sbjQS<0SdCWK=mp)HAldgj@S5|&ewh}^5s
z+~3WZ&o#!jEqF5!u@=n-ly(XwqdaQFz(F}umq*2`HrQRXG1Vq|c8yA%TXB*ZvG?cp
z&kFh>zml}&FJxr-^5;axcoz;Tgzp=0X5ew2@Z{;aXhZqWtzrOS5Q`(&&&Ie=eC*bS
zOE%MPG8W4HV-%cXasC~o#jKh7{-MW<1|x~-B~fWul1`?~X>3EY8GfUL#jxVD119GM
z3=>A}Q0UVoy)ku2CcKI9QAsZ|g1=KXT)IJYW6~Z#I?pGBdNCXQ51Tq)63a923Mr2h
zpn;oV;g5v-PA5SB<9eZ1M8F_ziL8`-YA=sYQ%j?!e9;dSs`RoiAi1`k3};;}#7zRz
zFTur}oPxEe{UZ@(xX$x<7ZCwF2qI~0?d}jwNkmH!vF?F2CFaD@v!Nx8WYL6Ef>zB%
z0r4NOy`IzYA_(vUIK><A%JEYaHhZ9`4q7$E`Q)|SO#zO($~5gzDAOgNK>HIN=_RRA
zC~o&{7fUo5>0ih|G?q$go1#cAGQ<Rc4f5b7WDnj4rjZ?=o7m5xhnB;4^_#u#j|B$=
z_b3hkq2VLlBglGRE;%F?2jNy}brEx9f82jd0hlcDhD2lQsVD2}Z00L4Y*9>&mO<ih
zIY3mB080kTj=>x$2{jxqh&k74<X{MOT0{^K9~UhtvVqd1-EdTFXjj*tdyJSv+nrkD
zA?7pgBwJ&jdOoSFGG|;`6u21luG+l_7U(V#@l2$Qc?D&%rz{eN6LU?rniSkO>meO<
z^J0I93WSV~zeXkbB?uL#KiiY;|B*@0@^`B40Gzs3ktUQ3zHdyZ^5^9N#1)6Q4AtMF
zGZv^wflIP#6>metOse4U_N=4&4WG@6Djo=VkYq+k?DEYsQQg1$Yq)X;@w(b-@Rees
z;9ruk$~(&z_lU|gc}Ik+ceh`_msiM~1p5P>NwHYJgeSmOmaudn|Ae+(Yny|02MotC
z0wykz`e;&~Am~nTM}O;D{RNT<7WOS=jypX!Yy&<%38DA?yh~g_arLp}+Kijb9Vg4i
z;U304`#5w<pJRVp4#2U>^G>4dFmWb8{*o;cCjie#6~3X;&EqsKMEGWYD>u1;uFYQe
zyA+XU%~ui~<E4K&5J99d#J|!H_+1{*3owVDBjXBQI5iul$mDhNDWptYCObqIeEN-h
z>#={@du4asY>hIBBsESW{zH=Z6au_Fj?c_OeV`)ZJj%r)sn}&jUHa@QOy)vF8TbOR
zF<y+@g<MG_SaXhrP=)y6xdV4&_@YK}JC?C_$sBtIupMU$F8F~ha1o5Aty5N0fD+mg
z`DCiyGqvTy7Z}X*ZUU-R6uXZlcYPm7<zWzU#|~Zi*&@nGzdkPqO2&w9O!Ost(!CYW
zXonV3t7Dv+d>oY@rcF9{y#53&QvI$wCRW}N8O>&6#z58K4>n7lf(lV>MZzvI*%TXe
zB&&e2yB#c37aH9iIJ^A1Vvz7w0A@}#b}vbz)gv`wx}n*Osp%EyKgt%>2h;GpqqY;#
z5i6Cb9v+kbkDAUjjVDr#Af)Fa8ZBzLBxa>JwyZyp;dKprE|@0L+HH?xjPF0##sq+`
ztR@&o^$=%$--Nyf3rTWe8$kZR57xDCVDfp<IK0?9QNG9~s(4-XdeH@h;h^>SG-7Vg
z+8p+#f3sYrmuXgC=HlvEuHUp+(&st-VL1%H6iYAbI0+Zh+0uhLQ|KBCWUL;H6YL7<
zWA?%=@o{}kHf@dZd^l7z@`S|pxdqQCxfANV^gONW=XvXwy;;tk5)@)e==hf02r?|q
z)*IK=*lOO;eXUz%Xmtk+q#;{2aVL?Jl+AGaVr|3mk$;$YiCLE>ceh|agP3VxB9EAt
z2Wv1lkMD53_;P`;>VfgOcVf-0rwRlw2QAZZK7-SfJ-fbi@EJ83^n{^Fe&ucNcqShQ
zS#}WHeci?L#Sc77RLJ)W7!}nn%YH3`6cl!r{HorxVa^mFa!dyF0#1;7w31YIIze}R
zz5FVH@>UuT_@(Q-3yqB6w*&d5SYvMB(&Wux{}#Vne>JqI_p!UphC#o25M!n5`D5ut
zy@YGG8edvIgra=++A=5M>P42<N>tTo);H$C{)q~8ZouT`s=g189qlms(dxLEsJ4#5
z;lIEyi;k;w({cj%t*O!HjNHz})Q*!nK`jwi7d1Jq8S$Y^+xyfOta-^zyML_f?e;?B
zP1qr}4*pB)#--V}qn%Y#G|X#xTNZGx-tmjmHn3aBw^mJ#D3hqOQ%|3S1*&Y@F7K<k
z3ku4vCL{aNWoCi%XFP$B(NW||-yB~^KfBv)ZEzXLjC%(Fp<&nOO0fTQ13cwc!T#oo
zxju*<kAzO^3`U?BP6pVVWbnQ$=U}V|rH5phR=2&uz=Q~kRmc`^q*0`7v2xHAlRZ@#
zlEQ>gOD<F@u+`n%`O;#+R3xx8e1-O-aN9<C@E?{*d3(u=x)p2|{LT3I&Lx-wZcase
z;{xA4t6l`)8&1IP?K&FUEug9LV+5+&hB8$4GU;zO;E@}_A3OW&PGxpuL=*)p0A48R
zK8tB_mMPlMWu^&P$DwJ52DUg#<X<_d!5#Rc3K!M(-hknOXRH~|(ZWtguJcz$93#+Y
zOiiD^kZEuhf<wXTCaJrOj#0yDZY<d_x<S9{G*1E68<+k_R3;|4oOBrTi1c<Qs;M1F
z7D~K9+H)oKs0LhK)R3dWIVcn+038|Wk($hCB7CfvJmY>$hc$1~5uX`FG?{v#T2iyS
zT0>;JHf=3k;b?>m4b8byNIYHP0~yS;xTVgB4n7sCx4k)UFAmto94u`BpE?s(^4&%!
zTpfTK)<>&@^P|(TS<?x(03sW`6(FvUUA>6JX{z$4U{|Ozw)u3S>OQ<?l+Q=n(S#_R
zlkqI2ksGTxoSSZ+-qdBiiHylz3+t-D$x?%59#>6HC25Hf=+YX;Ye$G;jAyL(dnYF!
zi85yGBgf^X5CvC|)sX1mTgzlMrAWK$3IO+S;UkIKpy()hX&kUZ1o<)bZPXCqPO(k6
zik7o2!uX}S#&Tv0IKY^-E<@k=hq$5AkQBx$36@6-j5U3}DVgQf8)(Q47VRj=I>yZr
zD8sl`?2N-9faC8>6Z?p+)z8AX!|@#}#9RoW3?vlw7$sj>G+e#ArcBGfKGKYt%Ya_7
zs*M7$Ae2RV8ItPtC0w~n+TV%6+yNz*tkXm$*h6!;fh@pi)b)>GToDI_YE(s3ZvZ%o
zH|yr*&{nPL{JIEaqrL#Z<MHsEif@zCDC|%3-?`TAPJc%Ci-80^&RogkghgPq^I)zA
zj?wCf9$q!N=69%^E<&XPgcVn40y44qO3{dla`DMx*IX){C3M4qTOl_7a=O!7Igd-R
zsS2R{Ot|rAsn3GW;q&H5&Xq2~yXhrL;xWRJ!RzS5L6fN=Po`lT-y#!U_QwSyk)EN@
zY=AARt^?I2smKBg_Bo|zp^CDQtxOttE=wv@Q7WSa({L^vAYk#CJ9FFtc1F3kxW(s}
z$U&+jt7f||$mI+y@mS|%BEjXRxVnP&t?i!UvY{ze6A7ED<x!Yoqc0aa@97jyJHpUg
z9Wk3>BkT>Oe~maXCLy`2-9(ru$1fVv7W}<ZSSxZJq{&ov00y*e$7r*ojPkV?@*8u@
zDiFPoRh^h+s6xHRHLv;r2W)&KLlP9C1aQ+8VpUDJ)BxXYZ4V3PBP1HapXrsFJ~*XZ
zJB~^|xZe$+o0NBo2mC)1Z$8F^d8-|Ts_2`C>QFTM#qbB|C)1M>r6)9#7af)l)YLpm
z7*yIFW2Q<7fKeTVbEr9mGjZYq<d#oxl8!j5uclkz*ovSKW|=Vn?>>rHRZI<D#cpbJ
zF<wOSWU@ntALv;_f6$DD33r7R%InqeGT|>B@<qF22)B(@a=BIsWX6_LnGkyHqp^61
zawPl=&{&u6UPzDMW49Q-9l!J7M!-6mUee*Y<-{AA@)GT6>4^<bz{-sOqy%>T%X43~
zb2N#c`4f{ICusmsuCGgs`n@I27gmomr((-cSHFE4alu7%K9d(;zg-Zp2lZ=IzTmh&
z;&~D8_L0k~>(!fgQOR>)pv>PSrIL0<NSCOLdd_&g)W#B=YV|I5F5fBc2-v{bgPqAj
zp~_k%89_xIAx=GlOL{Vm`XG-Q;!nkf#~-T6d0c5H;JyY(Qc+EwiYIWfBSo&ylWcfv
z%`&LN2UaB7&VX;zzisBITqMM0#J>YASBi6Q{onGsKQRV=t1>+M%%lQ#=k(`!V0W?#
z6r&d#e>usY<;Uh^_AnfNBuTYS-_5k{`x{=jx$E3=H05t@GyRi9Md4?%-TJsgQ)Crt
z2Fl8b01)mB5DO@d;6k_qJlGrP9@<<x0ITH=9k5wZ0Y$M~=X2~TBh?nG9Rj4;FSY+{
zA#CAIdle1@nskKZ<PBO!%{X6`p+=cfnAYoPqqQb{ObmaEUX54oyN(H@$JPNCiB}=?
zf@KlaLt#`Te`2K=zO3W7&7f($wjHX~({h&tAd8n&5K4&a1w$e>O{7AP<N;YhGyj^w
zXiI_<<CU#$a#hTQU@-$$Y+hu%Eti!2m&XdX9GsR^PIpK{s8ih=aHcs~s%M9&zK|PW
zEv4guP0}yo-+h!>^dwQ~#(8a7vqY+<ZO~o$Nz;`TNlXYig+sYvb)`y~II;0^Itsf0
z=pKI+F#pd|u8-6}M-t_+l7-vkecml5+~zRoqsRGZ+@MxDpPTJ8K<jYTKvb4)FMp9;
z*=5s%2)#WnBcEJ0o>A-fQkPMDA$V@^|KQ^UgR-H?j!}won)?RYHpXJ-9Ig04+(M%~
zZH?A}fM!q6AU4!uPL6dfk59=G`~gVUX1MGV<;=ek0%nMFqS8mHRgz)XEF68(6YN_=
zYHHKE{j|JBXI7vl6Bo!(4&8nI7_t}MF+l(l=jV(&P@sdmn!;b)2ez?3V|<*TWSSs>
zh4DX@9fE&l8mI)dW;nK;Ffzqvtiuh22X41^GnN7#EG?VXk4*{U(sKR>05^AR+adnb
zCKlySYvRcOsgonUP{|u6d1NfLc&g>Uw3n}kLDpLp1lcd4GUY!j4LbsLoce<=O_zn9
z!sm3(dgV>ig!h!M+GZZcjC)bgp<`MY?*b%U8_Cm^FG)<grScEL-ZPa9hRXu(;?$55
zT_X?`AY`qjc$L(W6E`%70WU_Sc2MNlIEBoQR?1VLjT_UBo>c6QA7GN4)jh&h84`rY
zvF4h(&ZJ_940P#f^$EplDWMfrvRp`9_3#9%5n#|X=NgIesjE`3m9(SMWp`)mP(k#b
zm`53wP{7F<n<zJpp~JRGJk-^$&4Y+5XPx}5ra@@c_XDw<%yyg_;9MS|J2_&i$|j}R
zJ(i)fKtizvP7CqTK&Q?1W#@i?s07jPZuZ+WSYBK-I-w7TkbEIfYo@k4L%(k1D3N|7
zalXN(j<E_i`AR^xaDJK_o1(mr@^p{#pcMKzdzB*GT4K~M;gK%fcrkqEY!X|<Sjv@s
zgUeQpgOJ)<s|(B#aE<I$*!G8G4czh%^EPN$0m~E7Blp8S);M0x`^L^c8iNbX64(7j
zWbMrCU*N@R9P$#KGa`jW3K0g<AOUo*gJqc8pm<<NV<;P8U#|Vjf5V69CCpEFFwub-
z17W5H3#mp@u6b<0-3xp>qmhL!#t!46T${4)Y*T6o9TzVnpqY;HH6jd_=6q3kxeSSr
zVzBE8ls$Rd<`4TDm%LBWqA`7Y<Qt7DG|@p$BJF8V(Po>PM^XAA34|NtCfz8Lon04{
zM)o$%?4xZ<J;klc%`UhGcSYtwerrQK#+{X!KsCRw4v$3{AH#Tx!>p89m;5hv7ao+P
zF>f_zm(8Us05f~D72#`y7H}Dt70i<RmJzSp#P30c?Zj9EJNlT6Z4~t>XO@-sTTyXy
zhLlLN!3*h+6NrHxJ;6lp7ig<vDy*_}q@ivS`y5yNunj|9NT^Oh29@}7;nkj<EjH*K
zt~l_gt)`DsizWcN5)o-*)4gzz41A(^8Nk*<GY9}TrmIUpeY;oB6_?twa}Wg~<Vh{T
zU8OY!LPHOsnGfC}=Z;7TMPi_Jk7o_!K_#o}n^VZey7tFkhO;S)>Szoe5yWFP@{z=F
zEipr#1bR9=_q;nkqe2u|y7GwdHgx%+P1ul)Dv1NOGSq?!eZ=UL$vt(EGce<Uo2Pem
z>mC5?2b^-T-;qd>P3;<}79_H6E=k(ImB3Y6taDNk1SI;;c;i!j2_e0CJI)c`hNLgD
z;H5c%6Nm*#`%MaG&(hn~9@bKpY=(ipBRGI>>sn7-y)X5#dKCnwv6y&6xZx)9U9WR~
zN&|s!NhSP)8prTNrWZ3*2NRTo%*pdBWFo*zPY|-zaWXtfmcmSpf@`@UOa;dzt*)Z7
zEUz@4R%XK_a)Z(8fNcy9Xni+f`5SwBM%x_t^`yjWICf6EtXuze?6JSgrwXFkvh~is
zkfo*EqGD9xLY6n8$E!L+JxeTd9Al|(oC;*I+UwfX#*IPgiR8p)PZHzAuy)9%C&1Y%
zd+Ujr(g&w5<p#<lMD9JW?F7014=d}#-c7&B4OB3FBvg)o2P(o(%>L4vYcipzf+w&*
zpubmVH}kXyjC0vdjvWd3I$7izCRv8|J``3A_bWiVVtdBTqsy#AfW8V`9Wb(?>gAHs
ztz!4fwwzidj_>H2eR6kcOftgz00cUqc2Y%(0p(nsh$7sF&rNH4^}XcP;<B4~oUKgn
z!YSC@@%Tq`AOF}{xqlnBS$KO6TsiuT(q%8Rh*o7B@<r9Nn(1l<(ofEZ+&0;y?i4!j
zh81CEN!PXN0%?{QSyGzcS0ZTDJosYLEUooY=UaQBF5}pA72D?+GQ-%ifYNzvO1ryW
zh>)FBUm9T$iwEc%**tV1(5Dc%yUJzC+f*hYi<5+5#j0W68p70oi5l&FTwBBR#r&N5
zl58l9#%)|AT#I7nQZMqS2{m+v(RoZ?-L|_T?!|vga)x#4|5AbkA_seRW10L8_x?UO
z6>7J4zE5ZJt<9?Y=14^6%YhOv4%yx+d!+qhrEmIK72=}hIjlSZW)!KN^V=}o4RHie
zGc3`{Ho{lwRt%LZ;0=2I{Vze8mXzYj>_i6wy}EM?K9&m3RcTPu43Inq3q=4h2rwC4
z3#00=*(-TK**|bCWz1GCBRBbMy86R8pEV$UbNIN3-*<Le7-<O-Vl@XXiUK3NxOEEK
z)&j<)naL2t21yE81Y&ZPOdI;6=Wwx1!eab&vCT`bF-iyb1+0&6^!Kk~=3OQ_oN1GY
z>;W1(u~l~E3m)7HOI?9{Ey*#!TjSw@B_Yi%(lb~+Q_q#LcX^E<Nc)W=P0|3imyZoY
zwuUyjM%0*uPp)!rANRBYt^TB2niJH{RMkmbNyz3TaOJee%@&q`D~EmYdoeMrXdp+2
zbuYwbB~;>R)Yyz>`d%&nrFfB)H)5*?QzU+M3*d+C^%^ONH0KL&R|Q~*Y^JA$8R&xq
zOEU)R-M2vsM$moQ<HkgjeI}TEn@`H-5W_3jTxN;-FDyVf^?>7Mnr5~M9#-&mC#6i6
zQ^e7kQB<e3l>A;SV39rNHB-aqq@S*%kDl*P;Csk!)s>wv18Qe!b~|Kf$o?3ljwE~d
zF0G=)w)BoTmfh?%L<jWPBiYGF7VB&dZ2_JJ84H$M)CO|G7e%|hVyHMycZ9R#5KCgB
zs&!19;cEp!MTB4R4>>vC-cm+4Oa7t5lB|b1N`2WzP-7J4^N8Di-Gw*Qg5rh`!Te5-
zANHH7c0RhN%{&;>%(`i?fjc$Fnh}D*!WhnIRK`?Sp1S9AQ3U*@y^t|u$)A%R^I#Zh
zJTu%UrRZ^cvXMY6m=#toPeAp>=WX-Av$WiQ)AY%gs!|sua>|I|f(SFyy-QU?1hzwt
zvy0gBkXvU(NLG_u&AUY{nvjovF8LXjmA3Mg$f&B#CDwsQS;(!(B3cn~b_zx*q6cdd
z(YPYZ?t6KPF%R&lZ#hm^R)LB)zDA3yMt-*6pmiF2gP$=>zrN2B)bbC*G8n%xF?zn$
zvgS2M0-;_0OZW4J5U<v+YZe}X@S%%z4YFXexO0D$Je2~U4wA;D1j|&y*UyGYJx6Fp
z)jY`#iL<xci8>sBPji%5Fq$|X)tnguuih|Yq(#X==MIRkp|9epJ`<5?L*DCSl*VS0
znJcIO;OG7rc3UjFH<*K)&YkYuU_jEnlN_c%zGUmE4(Y((Ve-4=G|HC=&f(nw&od=`
zXE{=gjmTOFqBJ6n2pme7gbj7QJG%8Eju+*R2*IuIax+DO$B~-hgJQCm3;)<mo(@aC
z9A8#sVglHEfq8X&LjmHULZTxFe|);X{+yL&TR9_`{S_>tnEMLKlY%Uedx^~c3vv=;
znzvEf!gO<I&^EBCdw2Urphn|PFO9Q9wqGJjp@RojkH}P_7fa^c_7JRx_Gyo57Fu7d
zUAvJPQQm4ncE^hU<Ff}}?^^x0{MEw<;X*jLCO4pyZZzDc7#0q@_wn(4ckk3n+rNo1
zV5{V@%Es|3Cnm2`l@z?ix~04S1RRIhj0iIy_2sK*AiX1Mqp2yn_gV>bz|`yYygDcQ
zj-l744iRMLsZa^9sDm&l8U5O~tIX&g4Jdf(zE{Q?<Vyg$E-eSWAhn6LA`E7p784U)
zYyf@feuf!eFev}k=d^?-2AdKVaQeTU^5{Q232C}^&v&%=ytK+anu@$F*sTzfvzk8`
z3hq^#n(dG=aRH7M_KiAGfdx6$-?Y*DyQO8<tG>EZabZ8{<;2fNI}zRT1o66!$PI$i
z6+Db9%!%CY-_VVXh>N2iWMyKfhb=Jf0TOku1Bw^Fe9g=z>$V#ax}fuZ26}BENd6Z0
zqoDb%h;4?@=W(KqH5cJV{t4auxUv&t1jQYY@TfgKdcPtSY6Tk4#&l5iLXz~Ub$ZSH
zF;#=+XDd7dr-oTR1?I|5;jRRWqku0$p{9hi@Y;AbQ>=RL6(Y`3ZMI0|^D!X94+v5Z
z6dRMh9xW2Q^UbI4=lM-9YapPGnG_M;^2a5WQ(EQNMY$~<9}a(2c|yoFrq1V(FO@ky
z!41(k4kZq0r={DMi#)T`?&L{o+W)(%p>~TQ=^w$`I$5wOc*bLLZ^&Pd=H<mAsL3u+
zcEW&UIBxbsVOV+oZXNxJbEU^nVnB82{GajmVJ#0CIg0V7=!<nD3f)g%8drLmzoi;V
zOKMbglqSk4WGdW$Fqw?8xTLiTY;fLEIN|ZRlqPx*f%a^=RCu6vBtk#t_TmWgLO2B2
zcek0$K+;EF1b5A*hHeLLxZ)Q?sWcef;BWZ2=a=ohSmADuRGYn)(3A?M0PHy3io2V3
zKJ&I>2>K2pTXP11iI}B8wTgU|&ay)shxiC9DyE~^#836`CgY9+i(i~V(nm*hOcydP
zEcq((V{eV;2Sq9>d;J20T}uh;n7<-|9FY@1t9j!=sVi6o!zy$jfzkn=_Wx9fdk5db
ze((5_Nb6%`r^YEOR)?dK0ZyJM{-rOH(KcPW84nr2`STFw3yauH8{YiiVtL)2!pZTF
zUak&9dBlSBUoV@PiH@VXSmp*YKI$RS)nFfED)7KKD!4eNftD({9Hnql*+UGtc=p|>
zHb{@x|9%2lK{k-?O+SwgFwK}B{=YzrdvAGpFcvCRN54yBH3kMSRXL>DZ&ZzLnM|iX
zucNNom`U%eYQ$!<yafISqCZ=s6BAx=Q}HBD2(oOVp;X#&ff`%zDF#h5g?~4qBqWc?
zl)$B!477?%-oKt>eX~;zgtx}tzwmR#kFg8G-Nh|{=9kLEjyu&vqPx>K3H3tw)7(==
zt>x{hWw!J1zysQ;btkB0;_G}E@_uCgAuU*lhJlBmL`mr_+nI|w+q}+NjyF9lPC|Kw
zVtV-TYp@aETc|&OALf*;*7yiUr@dcr*D3pjm{vt&^0Qbo5tx~8A0^t4Cf+m4%bqUP
zGe&ABVHFyvtp-%=h^q{<D7I30s;p6LI7+}KCp?~|TLBjP+azRko|Oa%NDIChUdW!@
zEt~@fvLFN~q3Ln>)o@=|Ynx=9fYnc6v$-<YgR#6F=AhX69}oihdD6cLH6X*uPFIf|
zz<&jAq#0{mj^V2P1SSwXQEIT0xj$|?)`RnVBm${OoSr)4lbvY?UQHq#^>F=lT1(C<
zXtjIWC;{MUIW2}RYYp^KXEoIQKdxE-)|*=-vy9=IAOHtKnPLqh*B65O4>3W`zFxJh
zh8$g82iN^QheCnsG>2mUy~4R$^AHRn19;TSzHw2&kc&Ds=lr@sIj_HyTsg1Px@(h`
zL39O?Rl`d8zf8#RDw5F^1Xpg&u~Ycvj1)d8>(`u<Q}}<R1kx9%b0@eFdMd*8At>L^
zj;lCz;QR!AIj;wjT-gNAEa`xGIRjFcSfnf#NghQ_la;mG@h$C4c{w9fPRjaq;N(m>
zDe>dit1;`+JO-ba{1IXxLI=(vXC#G=(1CfKYUIjkBC@!Xh9Adm1+$&xK2S#uYqK~K
zS;}J>|G0m3z|J_AGcwMktX~Hls}eduNj#;3vY4P0;K#JALD#6l13@MlCo*+1RNerA
zN;l5OfD=dKZ79M-@>XcN08-=#HJX=NCRc7nQt>7ftZ3p=#?Vd0sw~e~5r=Wzb!nET
zZtCjNPA!)+Qp=>QUyV*qEz@i5ERvg%h^|+PF(Q8-Ui|TP`==;)3GwjfO@HVs``NLG
zbEi2!ja$x3<B}_fZIz@vN#*_$=S=Q91*_XUWLcE(Bu}d<%ssxUoyIL^q;W}Ezlu0k
zbzuKVv2nY>hFA6lH<#cy;Fcpm{N$xRSW%B+ryJ~kd7Pv=U`YbNFi^JO?E_z#c2$MY
z?H_*@gOmrv%rt~`D(#NF-x{E!2xZ6K6u8FivagA0)AX&o6#4wDb2%^TOs-t>HYtHS
zAWNDCxLE}&+mbWR>m)0pG_AO2ud}nx<&3N|DeG6{^E$jpv1@scn?=1dEx?Fc0bPKT
zlF(%8S~tLP@TMQ``(cD>8V$2DiY91Nl-qyLwVzPJa|TI~LPsd!yrea`av5bwTUH$_
zs}_{7PFPionAH)Fi>|0E;bFWh?WA=%BWX>_`jznHc~Ydro4X$PBot}|H`QhEO)QrT
zNu5Nircw`E^z85ZRxGLg^_UgRFe>|^m;#@AnQ@ZnjxPa(u0OPenX%pC`-O}!hXH>R
z;jaNo2{ZS$d?~Qo9s!rzO~1M&^q0Cnhr4)w3cQ?`0w-6lI=O+CY02VDNbQZ%kkw5R
zv$)7gkqZI7q*Hq<I|W|NNP&~GUhQ?QdZG8P>(__%n3UD*#Wy;3Q2p{Pb_)PB;IPh;
zSNkB(XE>t|kvW(~gpq?ox2Il?Txx%~0bjp1<QId9XxP)cnusf&T<kKqCjN5qY!!WH
zLQl`tHx9$SmK-hYVy{wkVH@9t9;`6BEI043<b!<egFCTY%d0&HdT4GAyMuQzV2ukR
zJJbC1{5Ewo$Kk8lY334q2UnlpDWHcuijeN$`OA2107%#$Aq7+`FxEKuX7hgt9|Wl#
zG>9Gi$~KGTlA6CnYk}irBZd5XLp86+L9WcxLZodZSX~#Dj1#(w)m>Szyb@8E#B~vO
z?l_^ciyYOAA_pn!-y584nNJ81y_*GfF}+z_jifZ{!o<l&UgoKa@AFhCglMg<43Wa*
z-|<OX5u^0LmxJmOoOp7KAfSJp;8F^B0E*7l%rQ+xXLZqmhqqs6eiAoNH0^S;S}yUA
z_BzN43ByK#JYp*pOVHH%qqi~2jLs<ykwQn9(Y!HcKJnu*t(xkM$ydB+m|^CfkgeOt
zwfq!e%;ZQj8P_*e6R{{sU~X<#FrL;C<5}H?dDlg}@*MPbfvTEOpdx=|{l<I*n<-(r
zl%&Rs1@ga(zV%uzbs22z18>%J=;^*JZ4K&ANCqXXM0}U;1`lJ6>6u#f;Byy72rh+&
zio*lf<_?X8n;Ax9m)%Bad#fKO1|M$NdZ+F)!=bem{Ql|Ecnps1e|)?Zd(DjiAKK7c
z;Vz_~MD02E{JT7R@2!8&se4Df<f>IQKNw`Qz0(4V6$(6E%rqsh08O_$$Sw4<<4bYw
z6XzEKt9cDXKJjB4h?MU)?F#anVT!nq+8U@w=DDboq{~?tW-<n7tC&@BnX@9#vb>1f
zJc`{BY-Lv<s~HtYQr5pUI98p`dC&1qv($p)2XUt6JVsMm_fmgR*<!`88&ew}9B@yL
zabhd+FIGs)ezdFzY%d9){8Asc&w~Yhj%)JF(X_@h`c`!h8Ycjp_}#r4Nc9Moy5UqB
z^2L{5hL`9Ykd6Z)VxM>pdzs5io1FK#YXV)&*rIC^Nm%kx+$Smzg_|hpfuB<sCWVgJ
z66Q5-`NWTR9Ta~;i#3Q$W~z+~dD<9!&uk;#G_^ZWPv53V6_vbXO$!C3s+NvPE**!W
zsmnOc(mWEL-NCL+S2JqUr0gfxw4k@{MWyq9^_kcY+<duj#0vYfV0OsW=drDS2wq&h
zxw(0XP3LAaz+hDwiagBk(US)uF3-X>Q=m;V))&y6C?$VwT3$$BM;@GP+cSY}z?wh+
zFNQ;L#8^<!7(G0vcPn*g*cU#i9<kjD_4xT}rmbDG{;JgOAYBA(@9$u<;NzjcSgra8
z&3W=4I&wZ-%CLwA$0Eo=16k`H*tvuv4j8>6yc=+SAssi}K4t3Xl>bSgBTRi>=bKO5
zW$JQEmX3eY>h@WnpzORsePjb)vr!jc{j2KB{xfv6+{<sFCGF&+<F%xD9JY-N{Y90^
zJ)jXKE7Le<T_SRkwME^Q?uodSjZLU#U=v7L?;hZ6hNJfYH%aZ7ku!0&)L+n9n}bfC
zW$)!d_Z_wTH`SGRiJ!V2KQ*Qfq<#Ik;r9Z^k}iKV`?gpy-Co~s8esX@ObznW=yA0s
zV7dn&e^#luF@Fc^iPghm)35NhD04ce!;Ta>!kp$!jr55dbGntM->yb0!Y}R>Sjj{+
zK$rvdSW@FNQB^I=<5b4dyc4X7+KP#&;BAwYVd0CVZHz@V17ktT`W<FB(JW~Xl$Z&m
z`7?jNSd*=cv7$U<+MOb7w(8hh^gB^j^T@#A2v_Jf+_0V83qS<oRla=v^e1Ym?c-YK
z%oeL=xr6geWvb*Yh|Q+oNT*mV1zM{b455ZD={Ab%*B@?zC4Yq9Y>eXzuLNvsB3CC2
z=p2v;DRhJZ%>#*$E4NY6<y}%Sph;(G$z^{~m_!}R1aA{jizMOh2I$HLiBvN{BBZQe
z$DJS%XTFG%{3<lRcs)(One<L-A!ax5D|;L}Q6EupN4+&nNa}b{0}uv1rW*1?#$Uq<
z#+I*yjFF%g(t*1<@fcA%_&MMXQplr#A047iT9+b<3aK|?&C<4R85dc|in_@<E|q_)
z@=VUHY;;C71D!$2`Zb7zMwp6$*)BD)*;rBd_xFTmQCBo>^hDu~q-A{5j`{LhY`+Py
zdcxnSxIT6L>W3{hIzJPIf*9r}p5TY1@=2cn>f^y3d>$LdCZB$~nX&G$LJGb^H?r4j
ztq6KYZXz}QLya<lxI}aQOf|pSl;nR_9Q#Lb6Yd1?@5|dn)_wU-u^tOGJ|qGTKH($`
zaBY6R`gj%GC;}|2ZAnd>0#3O58fKR%+O^;YMuvXTW-D(9X<on%`?_!XwJu|-d*0qH
zHZ5CoAn5{E{2OE`Iy@MJis7uvC7v3TVV*vOloUDQT$llOdG8lLDo#;}N=1LK!%P{K
zO=VOzv3HnFjhW4qN>fm8q|UP_jgy9zSr)T2ZfnM~G-Fv)XJHe{UlyL-#)jckGhjHR
ztbez05*pJ!87X!rR@$m`7tZssx{!-+?iNCt+_Sz?RSrPLUaaxMBpQtY7`K3@7NF=>
zhH=OQ)(Q15)t>M-1>%MjDy|)<u84GFV?EJuDzs?*`;?~ZC2xeq+l0H$DYv26m)IQ!
z9)Ekk_(?eji*QGNdCXQ9CU-?lKbYLopfVFDCLyTz#CaT+ZNphnrX5T3CTCR`rL1YH
zsA@84@{O}WA`dO768vzkh10S=3#TRDeqT#XAHD#WwoR1!>*qtv5kESvbR%HGYhYgx
ztaqhm<O~Wo*RL41h!0{Mwq;m>5%(s)D1Y!D9`(NQoH}#l4!>FsJx-#75y?yBL&5V~
zURCWp`%gCRBZJst{3UNyKI1>|4iB0z{rbqmm=^IGFp8dUz+Q2e0V@j>>PtYX_E*w7
zV?#W!hxLl_fho@pjo1E|eEo|Dxizl^X08t!EB#Jt9u`d)7A)#u?p7jXAjzfK=6_+7
zq<LM2N#>mDCqHK!>-pFrTGnr@PVCUt8{jei%ddoa(yJPe`ga)@J|IXy4`$YGZX-5Z
zsY~z~c_d0j-v}V(lqaW@7@qLu1JR~|uC?-`kLz)Ui^^quF--h~9Z>g4@rKY6N0`B^
z=4*Q8Hm;K}sxnqb&_2n_j`6&RS$|yCah*na#S15$RvyN-vYn4@p=JHbMoIqqQS4D?
zQ*I!Ah0j84o^7DdH%t=;uB2xt4{+_RiSIb6_X0y6BFchrX^O(GUq8JRI&g#b;9x(Q
zh+q$nMgw+g$K@zhJ_83r3mu`&vl_zbmBXxyqEISwoQ2ZQ386hJ<`Jv&B7fyFm=SI5
zWZBBY#Mb8X;TW{6Uz?q93{01}rlQjFdeq)-oK!BY<7&MQeuOd5W42?=H9x7vTqr1&
z#v6^4@6%+Iy{j2`mf1@`Yf_!<0%jBFc`qI}gPdDTZm(yf5KwfEmoWo{@GMMdut~#!
z7gdE@*D0kH%Sesk;BI!eZhx3f=l?3!h^Fq5$@2`+Ck%%2$R|I<KJn4<#@ZywqPi<s
z4kUGH-a?tCXj$7e@|*wy+SFO5$-~q(r1Oyrw5;EdPVK6vB|a+0e2j+e?Aul}cdLHc
z-#%Ilb~{bjZ4JoXhyP-Y=I1L+15yS+-HpS~KD#)NqH`?Z?^&F8<bSsQE`c)ro{Bi<
zQojYuvapoyPzbZVvXoUxm&)@aOvA>B*vZ4p*8B6T^|Y*C?<vXA9U`=!9C|Ai_su)$
z4x7}iafY7yDlcG#m)Z;<pAK+XX((Ipz~Sp#^7VwJ#Y<|ai~N^%Uf>dhJ)BH3K#Lq<
z53{Q4Uhxx>z-sI70DnYukM+|*ZtsKK*lPn{;hW}e0h4^;2LpOP(ITifm1lX>m1)6}
zwuVuV9q_A!A<KB1G)bK%Irq3!xor{W7wl<SzeP}znpjYW2Q*C+eFdnI?3F}d*Plv1
zklA^bT2&x!t@4*o#2ZWo4Z7<Kjb%J-R<{8ll{S1ie#;}*`G2n;#$?ZUWlUm&&j*9-
zeuqDd(~eDE7?i_6)<IUmZ9elx0Mc%np5CwQO9wAHJHCM%#KbZXDZcxRg{9Zms#?|b
zQnTeLcnRxhV2w1Lm(-z0y=aG#pNRl?uSEX~mTKrn3gfI4Z4$Ch!0gE+?O0jV70b%5
zf^<<SLT9Na4}S~W8qbFo(6WAObV3X07@g!2HhEFRI6py7D|o3cJ(?lskX&5~1%bhK
zFg?gh4>li>FVyGIEEjvGJvB{3^>qk#TX_qAQ}bQm9^|R^o8VylU;*%(n^!3Y>GtM5
z;PVGpuc0I(KX-NW<|g=`f&5>SE!KtAzPH-6LF6}42Y=U#VGW}Ws4^=33LVCEHgyGx
z&N)Fn;{Wi{OUw*N^tsG)zf{8+^@;rKnx`Gc)JrduFl=gR{zabGEDg())lr<Yux-l@
z{#9|0ds^D&e?BgRmi3#zleL33f7e{*8*ML`voHV+t70;K{fHA9`#Q(IXEVD7Te>vP
z^uqkZ0DmWbG@pK>J`L9zL9FIdcm+H}FP@#H{XQZ>8L@(Ay!&(m>`7Zy#|dtB3k^j7
zRj#v@HvUf9$qkHd99z)F6$x8E88ShO9AWFTAQN8kb8VfY5kh!^doSaw$F@GvF(w(e
z^E8aRC}K?`9q}}762{{$XH5>^zmnHk;i;)swtp?2kD8!m{kG^~-1em!DREs`)MHhR
z#_pYTa4@PFrF4A~eA?m8bVHl$B*L4(%2k$qA9i}7$5-6nL)VwJU?7i1D6wK|sO_Tf
z0cl4(1EONNZt}8-zQ_LSEpL8D*p_mP6(Gcn&!8U%;9Z2lo=l2DiyUFFvv3h!@qfJI
zOn(?LF8qh&>JRac^8XGjFMs=2&i=ZV|1~!v|B1IE|9jrez+%ad>W2Q1TpzcukXVh5
zi@X*Mi}NC4X~pI3G<n6MG^|U}lx-5bQ?HSY)re+bHAq?SzT#T-m>LEt|J4|~;%<O0
z?hRiJ9FNUc8`1VK86xOZ5n`fI7+XvAUVj9g-pjuEeY9t}kvuPBn9fjD(-=QuiW%zH
z3ww_fFwNxfZUuMy3IWS|H;MZT_$|g&B(?|gmC)M*DdOKAqIswbpZJVct#P}y{B!d=
zpA&xA63N%Zn><QIm9f0Y3zpWvRA2IxRaKT`Nz(G%Jzq7CY#>H71BgM&`Yq83#D5^Y
zZBopjo2M!w9?%;740dL`W>EeqeuX1>Ee}Zur14Z-iw2My!L!(E94!o;UJ8(f^~h(=
zy3LJZI!T`ail45#?=2VuH=atf+icX3HRH29zrB4gMzxS3M4Es!yYB!P8+xQ^c=~+Q
zK0po<p!b3EVJFcnVi&LYKhduzUw=x}6-f~l6)Q#2u~bBy@g!`R$apSK<0PzNCo^Uq
z*@&2E1|o)(^;^A@?FG-@_i{sg&6hwqaEOuZN5@4zz~J=f=6IA1zJM*^<sn1Rojm~`
z%S!J)!+e8{>Y;}Aoo6NzX#0hS3Cz=&GOTpX+oeiMQ&(IrbwaIy6Xi1aw0{En8JKei
zF8r!dGpGiI$W&}9*!W$WrPfx8d~ewEW$>HoszXJ5GD`2x>M{XTwQj9Y<LT|ozqm0U
z+ke8Fzx+Za(8+Jju|J#-<cVexx_HI^OTnw@_r!~`PTC}5NmPU^O}m)YSzE9?i+Egh
zY14Gh9`8J|VMoyn*byn~-+wZku%jb(3z9d)A}*A!w0!%Rg_EWz4NEaFw5GiD-qwCX
zzo~T``h7kwD4K^0@`<0M-=Mcly&U;#w(3_5<(d3sCtaztRGJ(>&9gKr(uieclCZR^
zQ^rLigVMGu(j>~WCh_>bHUKD^0RSRp{VIJj0Em=$Ejrx+s4;QMCx3nJ9WM4}ORIXP
zl#pKoD7{v5&CG+~V+4D_*mZe?+=CPO?M~<#k68*s#E}nW-&Yoht$>>G(+PCc`EWX_
zh!i=(e&(TyeB!6!>P(@VX?K9#L;KcB?0thL+7I<=nzU$|v`bhQg&9k;7)BFif>m`A
z7Iji)xd%uT*+8Ob27i!<l=a&W2_*VpH}5)N6XX>%7WErUatEqh=<x>2*f$@fz_pn2
z>~gE|Hf`ThgCh(%CSX>d_qAQ@HMR{e?M^*Kk3A-V4@`?(Yo4NCKMWVoO!4Wj)F8;w
z)tqjXvdz;GPNc{YwmEBz3cYeE9iY5w5*8Lhs=jC<R(BmFP=7>R)Y28|gy-n65kt`o
z#1JX#SA8#H2(|tq`11Pd4WawgC9eBmCBK~e#rLtRQab-ri2+H+_L?i7>e*%R7a`Wc
zQ*{qeDMyH@Qc=qQp#GpPyVwN%x7Bm~CDihCOb#h>gj&vE<#_KG|K}eW)T?P~5oUEQ
zSR7WZj3TN~dVhOq!HS|x<Ft*Uyl~Qn<dKc-iDqDXNLjz#oH`<$miUj6l|j2fhuxoH
z1mhfZkgzX#w?ZN|6MwHa{rAN^{1stqNFoK4j%#vXK7$v87COQN<{@W%;{KjT87jXT
zL*-ZF`(oq!Vq=n)P;%<wyEqP`Fbr86rt)wIdCquIaevkpP1}S~owlWO+Ib$?2$pCD
zf`ydzD>)_Unp5q#SA)_t{DaTE3X?T5^uVj#eGPyTK%_wzWQ+4bRepK5Zn3Ower3i0
zJn2bWbapg@jD@P0{jE0#1-A4*xtZhd<;C`HBZNxzi52odJ-IdM_$@)N@NxnPQQ<P{
z9tm23$A94NaR4?d<X2JTAqs#eUx~q->xmE8<hky@2~Fd^*(pyAn~ltrR9I2%5mJ#?
zK+TFAZ&H(2jZl2bhJ2cOss+yPQ9k6v8`H=)cPmYD3mh*H!~rn_nZZ9DnL~;kv6sw4
z=J>?_`Nt{sYO1_QMbW_dS>-H^%7~R!9I~+L(tk9rvNZ8k?`(WdGy|VQ%KCR2AFGKw
z`f`$+?DqoFXJVkv)@NylsW<RKv3`KLpB0krM`SOpHY(c*Chw3kv(xc3q{tCwHfzWb
zy)qXvfU2QCyMT_?xa?S2%kwgAvbqpST9n*P1`yk5kaz|fgp~Dav1?UB07eXJqh){5
z^?w*rEwDC&K<jtcm%&d;m)jn}8ZewqlK~vy^%;R4uJP;iozeP5ium;_o;9e3UO8*y
zj%RtpvYbQEQKqacJHd*$NYW-P^V+9hHpU^IfpH*Z{rcs@I5>AnQrc*kuFQ2kOrJ#1
zuZgz-N2rOSpT**)EPC-g{i~^(;7Z5`K!0pt<c&EL?EFf9Jg?I46aObx`pK74H$17M
zP_VG;WGuo(!*~-(U!h6sHsVneC7oOM?Mi<<qtZ{x`gNb=zSv7t5vorK`%p0o@Pg!M
zfbD_f`}#GsGusFDQ~0~Kh(C?E9r)<I0>CV!fjlf)sL@YY{GX*ekM6-ZU`*p|<bUQa
zWjbid9tRXtjd6oofMcgM*s=_6D1$qP1%nhi!sO-^&wb+mOp~KtifGfku9AXPQ6gmc
zAC;_X@|cxLmGC-D3Xvslld~)3@r+72DeE^mO7b|+JSnay%@wo%l&U>YV?<3Ryz*ZC
z<yjR1qg#~}w*2eSRtF#`05iVh4}bQrHIQ{5+Co^*8G}P;p(CtkMrr<|W92T-a#5ri
z3!AQHX(siw48xLznRLE+95q$qQBk|{9nYwIld^slJ!@(QE%t=5U(@8Pi8t-29frYQ
zwKeMY#aHHlc>Co>39evw?pLldn}Jjrrb+qfFQN^8=36+<#Adx&4Ca7&@qgv#x9=%5
z6!}C>r98jh9nY(G`^5j5TRKUZ(dA_->V{QWE925Q6Rb|+iix6(+gh|?7J9rWyV4!c
zsC1LEetU6GxNvUg<f6M3=0z;de#1^K|7m&%%oy66n`@oEJxtFe_w`?vFj(q(G5l`s
z=rXw422vL^ullDOL}6R|dw>6&eaU9MGwijsfYzvIQ>c)u9Z1`6-d|Dnb$Z2`6gk4W
z=5ccP#AkFR=!5b^lcL^4SX5Qi6)nrNs)VU>A*<3Pl82G>mGUra6Yj<n#&!igo>4(3
zW&I}Q8<OF(D@q>ff?C5(@Qnw~IE)Et*0tv2yif4@M>2N+;zA`sQ-4LOk&p5smx0tj
z{df2q41Rg&mpd3sfZ&iCiI3sJ=Fezsd#;g;_SLvGo#e!_i*mg7KW8`w6aW&AxZi-N
zE4XSJvDD)>)NTNOGxj?evxj$pBq4^z!{&3wWW@qHg%#T%{!-pL?mOl^ECx)|%DaK-
zyCWwL;<5JxRH+BE^ncVIa5_AI6ggrKm<JE=iJw{<y_5Sld$?DGySsZf3@v+zPTK~k
zmr*25%SF?$qAgOEmTk#+n1-w@(<m46$gN5@H)m`E0^%8f08-Y!4N#KExO41Y;HCbs
zUC`(5<g*MMYzy|TU}_<I<cH&zd>P#IRxmVX7{=1-)LsZX3x9xntTsafTzE1#K^?=J
zL(Z?gQ%Ku;)Yu@({7xtJAVrQazj@FEpZGtVCeCUad`{uv?-eB9TozSfTIL1gMJQO>
z@sQPN*Re$8aTS+o-g<a+V;k2H&%ia1vVL3jF?0CLl#;(5v2B{+T*s474eAAwVOTx4
z7YAHn^Sc|>cYg@}@JqB3u)A99TO~N)Bj5T>4@V_tIEKaj0!F?gJ&@S$))v8)MrW&;
zL8j&CVme}RVC@>1Iv$=q1DvZkuu}CL8zwHoa!&^WkRnG|?hGKnN5{$$Z{k*}IBTl9
z03M8-)jTR$oYWB)yeRX^lP|IB?D32`J1P67KPd9nBY!fTPlUdc^cRX@MpeT#=kv{$
zZ?;U@59Y2_*eADoau6?lb!Y10{0eqFuYygkT*X-%b!EfCs7qMN<sMn3r3{>S-Gw~r
zc$>TV3=+G7oy@3Uld`makRsy{t1;=TG=@|b@=EX2#seLQ;F8!gXN=#k7n`^OAmADI
zLDM35bANL^C2ZCB_mPHH1{KW~hdB*fAhj5p1x$|~cP~Bk)T+6xA+LbWj0uVW9FHkJ
zdqF_qo1cHazJ9W^e_P1?SB<(>GoRjHnR2RC@qvnrrZ)oz%w$RMX_pA;diUy+Jw+QL
zBl!n2Q0HP~LR;bJi!t9~5AD3rmy#RxLP4eNmw!aqAo-<{9Mq(Q-vE<&C4O?{B5Ip3
zY+9Bk6^wU+a!Zv~EQZ-mB5%UPlh97=5<hu+#~2_b>o7n{<a7h1u5<+>n^8F!n8)5I
zmVICRg{n60HtT*6FRi+y>KnnUFguHO^Os+ynBs|YV$$Ntd?jTHqYW;$;7>?5SB4V0
zQ-5Z%#{puJUq7f6$7BL;nbPo!F&4pvrgX=PF=O(xK~-Kaqz^3L=Od1$mrn#@COK$q
z*-WpJ_KRq0M2kk$aB2E=)24Gicp;fL9fOps%A)9!EMak0MJyF%&B~;Vn2^qX(up<-
zBhT4oBLtEe2mw;|Ml>?)rCfT~lB#({T7S&01~%a}m7@63ahbRBox*Tsj@JrgWG0rV
z@z(5e1tSCvwblXBSUs3o!wl6pQ1v?kaz)+-?J$!fM<~_2^1M&{1d6OF&^0fJ-QV7C
zrKPLyo?wwBpS^2&)Yj4)Ynv)#X`7ZZY;B+@-!?q#@+QmO`Q^l}!Y4DT@T9Cqt$+P9
zG90iMQrc+qXT|-XCh4vDt=j!Tt>ypA9TQVY=)~Z>h3%u7yM;KgWxs3pFs^dbhCkRt
zxn8`(>@T*#bAI!39F(l2^+2zl=zu40-xU~;LPyxaydHR;_*qpK^WrDA^C_{TDl*Ry
z=DY13<4t2&-8TJ_uo~)3rSc4j(tjdjBB=xb146i7!`iB-l02`Q)&rGHY+yh#0~kQc
zdaTBW3UFHuCH>CqPBI|)WYqme>h*rZt|B@GcH<RaK5iGy5WE3(SCq&2&)~CkGQfGd
z2wrOjKFFUcMi%wCf0y6sb_2qO@AXakMuiG`PUp1_p>D1|yr+DVb5H@K(0>sYGy@gz
z(Xn!og}jb<&B6pa2CJ-<p|#w{o3e_lrjEj*_3Yzz={=cIdM9N)8tJaPlde43R(?no
zN9t_`o^~626E&fkKQ8*sVpJ@k)c)z0chh)fmqt-{<kYD1E8)q!O1Mw_@3beEa!(eU
zMxJ>L+N^E?^l3&`VEUA`CV%qS2dEHsK)tUd&bY|pOn$*h3jR#acqU>NM+t94QP)xI
z*_rKnc`~D3PRe@hz*j6M?0^#c=h*>uM@~C9e}F^s_w4qj6*)gqkvn*Sgc4H^TZuYL
zTi&vw%pul{8denvXI)a)VVHDH<zWm->}qc^quNW#dX)IQxelb5p?{iO98%^d3TY2m
zfKMS^9MG(<5b>n5n}p7u)7?!99kF-ME1~+t|BLS3bVGQR7rE$IC>0!9FIvXyIFcK9
zmW62(Hf8LlQBUl`X)>d5O3HfF-d{B(N8OULIMhJuv0=FZbw@UGxfj>+(FYhLg2Bv%
zZ66=s1h0a>h)pfzmw*21=JUt5KYa>b4EPC@U#l4da`*q~Mqc+_uoAcZcA=pL0{WO2
z!~M&k-QgJO#dZjUE==sFLUE3d-8^mX7+vxIb(w{gjAj>bSNlVG8+%#{MhftDf%@$h
zMy2S6P{j<t7_elayGc#u0EOgAKC`CYt<$W}tgpUTqW?eGWq)<hE)Q9xnqI>oc4GaC
zFiYxr<0L90&Qlf@FlZ>RQdYt2FD{C<Xj9;TE8J#jS9OyaRb5inW0wBbY1%9)+5cmf
z^Ud;{vNkDn#A!RPtWB<*H)Y+_UCNNMC(XkO$iYLFh^o+xJ#HeC)GlkMGs@betlL0b
zOFG;&Qfxow7=L}UPggssdB$KSFAaL~prLkeBo0)ccEh&6-w#aSvuIUMuJP#_c=gTJ
zNGKe6!!Cs*h5QPa&MV`RD+B#g*5)1KRW2Q+D(6z+%8W&2mzLPAUApO^QoD?s&M4!O
zvL1yykBXiYI~e3bVUy4U@(Xe4!TB}GbY4x8T$vYX(SIaa$jUZtfF?}Fi3#smQYCHO
z@S<o^j~>`H$#h0dl9cu6fuEe*k%lIvM=bD|2Zq?u6lmlL`+$EnJCQ+|-1Wm&5fFcQ
zck@;qnD^$Z+1%p}bRqW`5xmpxmMQ++Xvp7Q@|oI%&S@<sg^p0Z8MVugj+L9D<|3;*
z*7B}mX@8MNtZK5HbyZweQCWr3Wppc_T{%o=R1Qg5kMj8{hlJKqVxTVjXB9S>jHi`m
z7hT-mZAZ3K#X)zd#0Z@n!xlP1hCA5RC~Z2Y0!RuSp-uBzZON5ID&)}>=d2M~Dz~ya
zXLX&|tnPS})os}oo^J5euBfFmDr%&xN1J9<)PG26#g6;KMp*f+*Iz$RKxx>+pulE)
zZLM}@gaUm2o!R-o|AK$&a<tjCUc9@yc}a~(L=O%UI$~v2=RB8GCAo3;ot(Dq9iXEW
z)LOf0X3(nMQDIU9P&wj_U)@N-Ent~Avim$9*u`NbU5g)Jprd^|@D`*M4HMfNoCSkI
zS$}GpmK{WDI2#Ht^=tvk@Xje5l0ruq-n_ygxpG!jaTEgfqbfs|b`9j)r1fQS$}^tj
zVdI%ynA(NIbVlKjl=T?id4)q#?4U0xO^#55bE<u$&=G1dkExklnHOQz<ar8nD`X5C
ziIi0$Nm*XBRT$;G%sbC%Zr9Dy8Fe#K)_<c0{w7n`{!5n64(z`-JKW5E<d9&q6DH~-
zu(?c|jmH1CYM;SP1%|xH4_*epsb0(d?e79MDDV_`+XgG~EfDuW1|k&6)S>mq9&R(u
zRz}m0hC)<PJnwWms^6`Uv|(~mgHMRU0}%_ws$`!@eK4uYAjva0deq3A=LnCnw}19P
z_Zut<gj(OA&6U->`Q7A=#64du$FV#IpO)H<&nY&NLPwb4jMmeSj+Mixi=w)aAzax4
z$6p3cb&<2Q6-`v}x=n;9qO&W1>5R%BDf>xLmK_F&zI88ZvaO&8pL?k;k4Irn$x8~2
z(i7k1bAauAn6RclDds;|WntTndw;c`9jiHY>HH#KI<E-m6F;rkFjA_p0Y*%-esjxL
zi@)I){wie?mX{$`m)S_(y$=(LPrW7}7c9dVhz$T<9i;`FKNS;MA`hmf0c4$9@$K4Q
zI-~YS%6b+5h@QzKbe+12$vMD4Vi`ih4llm|n3%M;^CHFB$ftvzwzVj_;(rhQq8*8l
zr3Wm($gLspvB27p)?Z4?I(Xv#?6^}Jf=!AXVI}j(i+$q$W`6|aGTy4WAFSKR_X{n;
zujE<TKE7IVY%6C#vGq#96q!5#`KuA9Ev;kET!_A6@*NpqDFdt@OKX@$7)ldqtE|n^
zrU0m)+eGX-Tsor;N6LCl#D86hJHk4M3k2Wqm;W-Xc_aS(-`DbuLy_vg|6lK+cLo|(
z>?`9`UfA1$-D;s4$lyn$1lVn+z5~mzQ~bur(rI4^SY@rgvOq|e?nYj(?!RA*Ej|~>
z`V$Z)bUHCHDRP7f%^URX6F-yxd(R|JW6dGog+aVBfCI8rWHGC1o_`=7u*^gZXh5f_
zWOhX^n^BP?WqqbX3Qp95esdu&@>X@Q|L3mXav-4DU=3O2S@;GEx%;Ya#Vx@LaVa%@
zD@B)9i~X-3q`_>&G=yXC3NH^E0C|J70gxho1IXr$vi6Dl&kzNgnmTvzu-&|x4qg3;
zJ+De<$`}qvAS{7=DSrm@%DSSdq;u7U(yxkO7E{7`l2x$}Q<d4J!fZyVkd*aWf@4ua
z?I{Tu>+tWW^MI^C@WPk3H(&9maW1QwX)Rr)hlPy4C$~u1i=Jn#x|_!==9~Q_0Q75i
zGJJ>7m2V!2u$8<~vNMvDI70j9RUyfh8<BRrj%B!-ByzKDvww>5j8`maqcDj@n26fV
zcaqsv$ZSRxl9ctTn3p>Fn9Y{D$h*$+Aix1Xz{+~@jJNC84?hfQX3;cW0abR~aeL@1
zhL5Uk{7!0S4QYBA56JCWw3l$#FjR$)Y|T0$KCyh+I}J2Y2c~6sntJl)^Dio&|9qN~
zt};+P^W+<G?0@d(7do?fg-&wirtWwf6*cSPG-PR9cZ^4E$-1;l8zJ&MYTP-Q%r10h
zGYXxgtXIDsixSFAH%1O>9)kMjEeb5C!w3$;8V5}MO^T{L0<5|~0cd5bwC3bN@A>NE
zkHH0wUI@gtp|tAsvA?9q5n45`<<TcTBksIkU^+m%41d7RDFY6Ge*!ktkfAgEdQbAJ
z$=4-v5r=tHup}>YmhvuTRZ&H(E2|{qEte;NI|R+_Ds48SN=wRmO@R`$Xnww`DatCD
zNDR3quQLXnW^jn^ZQt@+bR3Xa0-%<+{YK}?_8Q(*6FmCa{}Q}jESF#Vi{Kh~^0#O&
zFXT1GmVd}!WC;5bDjQQ2`r`9QECD24NQ`kU?`heu;qUU(UxEAe1@!X3zb=9+t3?@p
z^K$=JpT4c&Q}VKZ70vdeR6oj@Kc^&03LRmZ^B9(W;{W)reDc{-5hZ0L-E_cSvozwI
zRZ)?$IIq&A>q>xLyY0*_%4Rc)vZSn+Le917MSt*`H^1-JglUmX!eY5L0BJ>}vd^3{
zB2A|foLa}6Qq+lZI(0EAa)jE>YuNOOpUIo3PZ4}whv*WYcF~`hsv+N341p<xr8$PB
zGA?Bhm@<q^^?Bn~b-VDK%_uyRvVK+fjtCwpiX1g)@+$B4<})5(1Rr^Y6dBkj=>@=C
zM}PU->(}vU9@D%=U5B;yc#K|$EutP)d_COt08i_e!HcWET{ZBlmk_yZ`R~FmHz0qQ
zmK(Gj5O`@BMNB--3Q+eo&D(w!G>>v{B#r<b8I;Hq{SF%vII=E3Aq*po`kaz5DRhKc
z&npR&D<@&h<4y)02~46$c_zb;B+pn=!GB<)yy0=|39s#va5kePOv-wFuJhVKNiiLR
zY!~+e>n*`O-^zO*MxffE(OM&q{RH`?H0N|0T~g!-y_r$|{peUZjoYM%rTf4WUa&N4
zJD9zmvnVPOQOH=f^2}b(?22kOqoPX6`Zrc*N!7KNlKitc^-oO&oaU@Q9Yl!%t$#hh
zN>3qqGB{U_5HzExuD`s#Rzpyz0dRYxPR2_<n{8#bY5dr;p;;DZC?<NoF92V(d{jfQ
zre}I~7mBiu-MqUtm!d|ckZ;eqb)H|_&F0m1ed7PbQ7Pn0X_BVkbrZ58f)<`shSM^J
zmj4PxR7S1zml982-Y({5Gm5#SEPu_!=oE3xy>`fHKfp}+X~n~<EhH*UZ-y!;t@{3N
zLQ~5DmnrZ!gT+B^<R0c$>6m-Ba`Net_d%!K&#$^>^STbnm3dl4ZP%o%0#?E_juPoJ
zM+Fn23#+v1sx)`E<>q#cGoMl8BxQYmfooAeW|NfG{<7hGz+AWLC4@a#27igTed;)I
zp?ZLz*J8i>RjJZ@z}npPa!bB^_8Zl;IE;gP4Dq)?jt{28LkVgg(Gg&7&knV4>sWZg
zRH?b;A8eGtW$<nrtan=tVpsHK<A6A63^?Otl)aEXQN#6#@`%UFMm+T3#w$cV;51i{
z=u4?2|E^tZpFheE0K`Y`^nb%9MSdBsBZCz3TU9=<wUS)9F2XF2@{;9I1zk-^%y<^1
ztZC~yZnLIpGB*x7x9g?(jCv_4>$NIMP)DPLHMwTrDh2*!-GX}Rv?!=4K7#U9r1|Vn
z^`^A{4nMELQ@ME~2LVKL&{k(=bprXa9vr94ZjjfMCox#(M%?aznSXx`-aP=O3DrBN
zo0AkeLiOg2$MuPy<gNTJ#F|0q|13Sj)Z1@Q^H<2%lC}|c9WxjbEu#tPv{X1Ix=h2e
z6F4K<Z5MWtH=j}DC1t&K;cGS}41-=zI~^840DDFF0HYtqyV)lvdJkK4!`H&bD!+Ko
zKk%0d7H>jS_|?S!X@6l3VAQl&_Hb0dakYND0J2ahA*(V%w-Ljg-PlUm4fSB87eq=N
zVKnm?bbaD8=Cy6aeZLhJviU@dq25WMX(6Ps)HO>*9x~pRoP`!Ggxg~5vT;76Y)r~}
zEymBS`=MVgq<YGq{{1~+Kh#C0gGFCtYRH~?8D*@i|M+|u(|<@`esN$j?#(YZZ>`De
z$YA&H?~O^k9B0H?Nk~XkPK}SgTN@`Z+~{AKgOM_~b2@cNp(8AAUg6p&KC8^2zf-_V
z|NTo1<U5NrZ7<89vmg~RY$~g!VU0!G>$XU{dY#XxUX!w3izG{|#tx^FgD-p{M+(EV
zQt;E>e&34KV1M|ok<uC->+<m5c0gwhhZi3J{4UxtE*c{q@D2n0<(f%?!HZu%ytF!m
z<+Ug6*qbS=(sNKfz(I=I`Bbne({TnvR;{56_d*c_%kXI2KI~jy1A`Ngup4fCx01WS
z@^Lc$XAeo4HuWm$gfS^{gkjGsd;7%CgmEj&6{|aV@qevt;ljK{Gl}g)bEe)@tT~Ta
z4P6jvTV<@y(uNfl=ds(I?IL+TqexE5dd=BcBe&Y*2oom64|hXM=dHS?ip!MMnLL8B
zH@RCc(0(=oDtFkcx+kgA0@~j7iHoyGRX?8H2*$q2Pr_t1xXxfrD79*bYjs)P!o*ZF
zbGU<H#(xiseyI&#K-nKB6A@N;PAfJkbc7wwtK<8`U3Q4S)7TTfk^3mT8Yb7;$al8c
zH2}h6Qv^c5PsnG_G>bCJuxTP~Q&yFkV6nxb?6xesCZEr!$&<2P%ksB_k4NT5u>}w0
zH!LC&a4+(DU{!Bal!iW__7}$%Ykl!RU)}a-&3_mjb4r<$bS#jogxr(blyqk=gHM1X
zTdGN3@-yvXSTAAjp<ZmdG6z$`saI1Ny64$aN7^~nb5iICW12V1*C%d_N!rOBoH@|?
z_4xE~%U<d713IO4S0$6%nB3}K>30qvk*}TU*A73f7Hj;E`U05#0+{^;ys9}{zlzEv
zd4JZ+I$9+40y9m*$x?uUrEy-dD(N~_S|prqi?l%i`3w*MDeJXJO3?OL3FD(gKPz8P
zdX@hvT}qsoi%y}jBr^>hj;XPQNf>6D{rwXAJwQhvl`m<39!JE%vG}+@cyF3C4)EJx
zgx^v|bxvnFDRhKU&4U(@D;EI&1@LbU;D6t=E2TDOyk&_0)!0S1HrmjFd<L|Dl>IzK
z0fajKUAnc&s~}E5MmVNVXs^v;gAtb5q_NI9D$=ti3qZAW@J0O%o3$<EJSO0A+#C#>
zGnZ2`U;)-gW#pwM59y=_p`WLBbdw@SXy?4Dzfat3`M1(wcQx+t`0TIbi-7$ce}7;%
z_^k}Mo&U0hx4w{J&2}TiD<IE(b@c$<2<*My&%cU;n)uQ2B67{v$vR%;EN$ff@U|>j
zX0dg;jm56?=QAq(q^uW*LrPks+g;<J>6LeCbN(WR1#l5d{r!S5hZQG`9Z~y<0K*xx
z+5*p+cXxmBM(*D`NSR-ccu4J=$$x{}LTK&{XMd@qA>Gz`;5J&(Emn%&Mp2_(wOsYg
z{%ATirrbSccjpixlR`&W-n>R|pZE#Dd6hNzCYDP!#xbI`np_BDqn<sDLf$sg(Q4~d
z8e5!pjOR_t!b~)+D6%Gth11vy8x&E@07a0pZW=3x7^J1e($4N_7yhu#k$+d32+p>5
z!1H7f^`NtR2>OZb$t*smzsH1_E?F&x=}(7p_6Ej-!3qZQ^7HFEVC`v;9ZTKHV8-9|
zJ7w~<X>?ikw~OXkJS3fOL2^QoFTiD0q>$gLih14TKJk<CaxyGgvGFr((BB`MT!PaR
zapbEhHF*z%1iOq-qExzrB7b3(Mc(5!IvX=l%)m^LvcBMi6!ak4NI6}q<+q44(&MF<
zx-|?3aic~fQ=3AgB0PBmY-kn*iJ_0vNTuoP(<QBYXeJw{0t1DcPR#{y8fq_62SAIJ
z+<2g6(*=zqAINDm=YuJVd0+~k_(?{?VH)Az1de_lnBu@=^{%}YTYpoT!lCKsmWs*O
zloeGB<tNtg7@*o6XB=kvb)ssstPRs9aYOtI8(dM$09TN*-gt_X9K(C}X+?>{`2y^S
z8}{pmDX%qEh`K3}2HV`QK#-lCyrDGxWcULqafF)B>rE$D4%506naEg_G&M`>IA*-d
zW0vt!G+on$N#fahZGVtKF#}{k%6fwfQql@8{N9cqWw7Vi+bV>BdZ}aFpeO}jN?%_G
z80})<h`ZkyQ3H-NS*Al7T0-Z}!2pm#N2uLA41iC32I@wSl0R_+rQSqXNF!*oge5J+
z*hyQmvJjl*NmLg_%QG49xy`_?>=!dC`=qRY1N9S#J7a88{(tRvm@tiKWu?%jUA9{+
z#hzy_zRTETi`Y%+M%>CEY*5v4>02xw7MmS1r^y{Pn5I_CE8YVW;j)$P4M)$$uE5Ld
z$jjYBuODV+$0&NdiwF6o_ZyY5f?}mglR+zskQTWdn`Q(&1{UMt?LX<n(XEA}77gm-
zc!#fg{Nt-XE`PUw8W!yzZ?}JXC7oZmfx}Nn*zP&q?WE8VwmXmTn_QXKb<R5&6;j49
zWv`1^nRGQv;;Q3a8wruQrxg`;*}RxhHYa8MwsIclHz_tkz@`FE(CwtXj9Lo#W{g&q
zq5`|$UhlaypbicRMaqFy>OBRuMu5o^V<iLbAPVC!&VR#z1=sS3#FIrHIa-sa^(b|u
zo`rT_&M$Qr^H|5pm76dwfIEbBX_x}fLB;AMX<1UWd7SYmt#UW2xUdV&#f(BTDeKoo
zf2G;IZ&UJ5nxnO1Tp5yYbJaZ@@zu?TmkQS*mDluJPeG%~rS9|y22VAByfNp7cYX=D
zm{$V!iGQDxm2B_jkKpt@#Z-);x%`9jWKQ&8sMpiAysM)wV~G$#dN5hac-d5}6?GZK
zg{T`};?geg7BdRGq^#c({LJ4ZN|==WQ9IdVfy}fB8kPe-ZrZ9SfGA&8)xo^W9gv0~
zf5L*_uAo|W*gvr>>o<)@#ahGwVZx&{t>3=9)PH~|g_nYG;ejuA=r36#qEzioEe1Dg
zmM~3PW`|cT=)rH6+cJ?5Vu?^b@^4@CnnAn6U}eA@614RW1LBYovZcy^Yr%iVPA+vw
zEw&d{8KvI96JZDgy9Rs!(OZ!87#8F)b56;c6gpxPm`8^06L)O_f9342YfZZKv?8H>
zNPo8Ae0XK)4--HXg@r4^;Hg)UBu&=p@mUE=yRc<-n}sY7qp)im(ZoK3w`=Idj2b#A
z>rI+cf+q#;)J6Vl1@5O;#z~PQj9^}6+$VloB|#O37}8mb`^A7~-`=4JF`WtPVWfw7
z-zOf8)cb17s%xvVWpN^;lUS!A<5etVz<<)#Rg!0!j{v2x3+Tm+0y-({sp&ac&#%_&
zpME<6>`Pt+PRK!x=xwb);^(hlKfl7UEQ4bHvH5;};#={JKL!u63jD1~JG=+0B8W4I
z%@7TsbrdT&@F>bp@-Cg{#rdV|VqPiRCw^L&3t*@<^&T^o?b-$svTm`F?|r!>>VMkg
zivS=lke4%HFIUa}0K{d;?W`HJoHkI}b?tISU7M8koff3vSRlCmc;g7(N%?nbyMNMG
z^1}evgI;6vhZWGNECvX^0~n(XbvW%*jZynJC{8idL1j+rKU@gxz`oL8dNZNT<<W2q
zVWpzu7JUqyGfUI+sfu<J7XjE)zkgavarv`y-1s;AWv5Ga<K@scTgBrDq6&8s^f*9S
zN?zJ1Wchf~C6-SJODupHPZJ|O$RB%1bm^?$w>$Wyek|Y%lTWIj4&TtztcET-F1GUZ
zj=Q?5XKn<Z!}zY23rvYXE^s4n8KDLOfC7(eflcB-Q?qEG37iB=lHa#$Cx0P@{5wfG
zuYB(lpOGtHjWDHGDKme9ZwbRug}OMrpOCMk<5io4b;F{%l>3QDVbW&XvAhnWqDsoT
z67D2mX_xHF86|sC*1MmOGzTBW_P8CzMR_n0DS<{SP^Hx8Rt=ik!BkenciIC$UJPdX
zM>`R&LP=h%ElyTEQOBQOs(&0bUJIwGspdBEy%7pVwy+ultW1tcq%Sr>|7{h(L;op&
z_8C}j@c@{C>BiO2S=jh$;U%RfUyIZ5&W8Y$^B@2|@qdotkt4g~GAp~HWKo#aGVIG@
zRu{ZtSsiw1np8!a)NaGGOa0}HQa>r{E!dKhmgT8AZ*RU3mPgm#8-K34&~BG~4g8Ms
zlEGStjn1SXwnd-3iw8irASP@hG{#>@qur>PSeu?BDd1km*(7I<L_N64!c9LlH4Z8>
zOq?Z#*!h;8AxA!-(}vE+7nJkp6@21n_Jlr217iBiJ1rO_Uxk@j!hjl<r6EimPk^q6
zcPVruKsCW_KQ`c@oPPm$AZ5LIQrD{5az6fgMOY3c`)+G|+iBz`oL7o87F<+$&Amy^
zcJ>455#;X-Hu{hMBg(@+shkL*;it3klOjjx_dFnjPu%FYbfX8pMzw|#-S8?dk|>Ho
zLP@FTfhH}W>Sn;z%~B45TG6Hqy0i=}h+9c*I6^rCjzG$Ky?-l8@Ymn2J|4HnQ&#}*
z>Q^0d$ctIbHuk0~Ly496b|JUt&8^}x)+d5KlreUZGLS4^2{9fRaytSL*po9t?cjSG
zw;~RlvRVOB>L6gu8q90X5yj5=4GBMSImN=cLjdO>&#2wnEDhKNGg5JSww2Xu04p1^
z&#ng&IpD|I%70(;O*<YzW5vUIEtJc44mN=lI>H?1Q4sjV{X;PfL&!J2vj5F^Enhrg
zt<>X6%dDHCjaieVKy4KZR(4S<j}(zKrQluDc#aes5K+zmM3AyxYo!D&kBmN2yr_t2
zdXZ@`HYo!<L*S$vf){du;pKS37%Ri{#-bb97~xasuYc_Zm{5d2K9kv?--n+AgByp<
zz(_5{qBvd#`3-;;@i$0i=vm#<4Vz^r^9!H{c+~^^T6b8(wJwYyVk!wCNk0sMjPqJ7
z6HdLM;N8e$6Rmr%6G(?-PpzG@*mKAVNTDMvb{<)QPyAE|5y&RSX6daOx57GTW5i+t
zY@esn{(q1!Cu~GpM_tai0IJ<8u31?}1uLcV*kxfI<*moQZIDSh17t$VdhMGWFo5>`
z^h~BroxF~99xHhJa5!2T*1#RAth1Yvt4s<qa2(-aTpQzhvFgXeQlF79Ql6QfIde+>
zKfhdm`G3LcaSPF%4gCA!es@3aIJz-tz1!ltaDNAE+cS(0wF2!icAFjQZdZe2oQ1*d
z;#P*W^1fki>mXHXCHJ3q){wr7F<CpsgNBcLFAjyqTb=xs|HQ1#6EXBHq(vgZ5IPdI
z{MENbD|ZN-<ESuV#NKcY@P-sRVsDrSyzz;jv^U7F3wv=<&&C~Mti+!TxFKIl$D1ZB
zn}3`MUS%xJQyEA`P0KnSRw64B-qvpRpwb51lrsP~q^!HDNQ(LS6iCs}yIP)Y!Mo3z
z#LKjq!w3!yy8#m!@i98$v?>9VN}oPbffPAHq33}}eBvi5v>pY%STo+X8vyOBZjlJ<
z4D=ZJN^~1}$)FRDrO=C4LN6Y$-2vGhG=Ji`mDvW9lrz92q^$Rd^MOeSRi?xyN_phJ
z0@VezR^I`{R@Yww_<$;b8BY%Bac&Mpv_Cu6awzfnAdqq%2*f9TI=z(HjQ7zWL?xSi
zaNQ4DF(6!IY14967Fo!E$qk6yV4A&KRc$m!IRni>%6e7Ru_&RXB!9v~zi2hU7k~VP
zr3|Q^sOpAe9aptSn5q#v7^uNpx`2B6aCuVX2z8wY#PEs#^Y&a4l94vZG{}HzkfmYK
zvMPx)2E=IwuHjVV%7$cAGawnHtWS|iLA#LS!miVIeYY43C2cR&cSPZW?~I+bQ$3{>
zOL2=V0K=|ciLIXYp>6{62WkrP{(q;?H5cC(&;V^dZsptT0cn@P)pjfH0TDbc&mq4U
zJoL-mJxr)wE`yFQmXKnA+XSEgzE_y2)#3GtwGJC2`KDYxJt^cj$7&v$!6$y~sC)UI
z<c`Lm(`-2Kt0@IA28|~fC;5V4m>`U}XHYL<X<Wt-{R@WEYc+e7+c<4}Lw_{`-$2T`
zy?fV^7gEy{jEt~K|0oA@0kDT#ICxC1Sw`eFVxCM)t%s2y5@`hniLFlxTeuWmWmuG5
z6P8xeSGuL77LaZbP>>Yqke2Rl9tG(X>F#Ff+NE2%JEUXjhGpT~@Bd!snKL_Q&Yb(6
z&?y}kV7U0a6||=C{BPE=)7G4mq2r_yJIe?})cAMzB|o`@^}W7nGw5Db1x<uDQFT;?
z>8|(7zU<cp6`Uxi3@lj*UwxPD9Lo>V00EWo#lMJ)KoogmCk=kh6NjWqyO+}ZXn{!Y
zXxAe=D79t%_g`{?#IINk^AM@OH|w&?EkWn%>H>242lxh<IHf_jWjm#4Kbl8>WHPVQ
z4w#M$wuA*94iVsazBu3}oQA{sf871Zlw;n&2j#kGJC!2~J}R4K6FF{t+;&Z;0iMB-
zFF~Ot`G-_TsL0oO;b;%%U2k;ZPb?lS&*gS<!_~)&`^#c3qvsC6Y>5DW_&KcH<eW|Z
zqIswcG{SY-cpG{%9~)y?NuOm&kEhE~_Ig)>vEne|mwUJs3~ZOqc#|O_Ae5ViqVm>U
zJZb0SJDu0=-stuZvo{c|r*F0BfRf>uNZ3Cfly7p26hFrCmZ&!Jv5^BEpaPr-Re4fq
z)>Ur7I19{9I_bXcBZoQ4-UJ`=)uYoX<`(qj@v5#rq#`{F^)MxuW_df4?BnByal_7)
zrHrlw44Ksv0ZdBtucI%d;%aHkoZj$=IWAY*1-{2R3^a1CaDjJf>syV&0MUmL@@O;0
zlt$2gx+ZEvX;wDbVlJV=BE_3J<!A=NV3o6W$AIMDD@{Fnl-(VaD8ag0XC^Bl6LZD4
zAIMjQ$uN;fOn!Q(3G$Hih{&nn#FgBdsoCRBk%8=ouq|?Da6{gaJ$N>`FXe>VVDA4+
zxYjB5bqlN=yA^jdx@1ZK&REk6IML*Y1RWMj&N7JwQFOyhh4@5bZ$jJt+k`{3`zG4<
z4|tmOSb+-Ku2mn|ZPW5IG%qO-c;=x$_k9FFkv^`;`x26Ut%9k=^ETzAV#79gE!e=c
z<qqMrrTyH?#Ag=GvL%KE{($62GA{pNOPoK`_sfqN{o_!x=KTjuSs<B&iikg9C}^!+
zB#`K7S&#<rYaAq~v8|v$gZGxP>I``C3-EkFcMs0I@t4@nNy8FGZr0yNA}{Xvxe|>w
zq#=~LH8zHnKB9p5!r0t9`2~kFqyGkIEHw_rj4HgyUf;70Fb~2jBR57<n{!=?H%3#M
zirrqcn#<OF1}5Qshn};tE&9-r49L}dsqgC+$aeC*C?`*}#vD6Fbpk56)LpF~au;)o
z?V4!xZ!b-ko{L>IsAIiK=cgWu_ulJHF~wDv(Y~OdZN>Vs`ug;dQR{ro2-tpKb~&k9
z=g^-zxht^_UUKIeC*=FqPUWLXN`C5h#i&#y*Yj2zIOgM6g6uIj*&1HgKg=^H%j}`z
zFbxX$dj1=8^S!;R-KG`~+gU)b8^>wu$Tu9McAs2Hb;OHrSt6X;;;;TBC#57C8@3QT
zmP<{CtbLE&rISU5Uz%J4so{|9Sk^+!ne=!16Ku|T^HMzVe7f<MAFE43hFV#0w9N4=
zzrI@nL^w7<HY;!AhcJI5Ym<?ez&b345s|~9c7?X^*c+QO;5K+_`f66wnvJAUhvu&T
z2cJD%R18W<-73LT{pIe%btt7^vaq+S8%H)WS(ai~>I?Gz8OPf9P%G>r+D`hbR}fY)
znrbJ5Hs0{^P#I+rHA>9v{bf|4J5gONI|U|Shf~zO-}sWUTy3<oEUq@oZ27O4%SSh*
zTJNLfUrVF6Mbo%RFl-zQ3#O09&yE*sjl<EDe=iYit!pi!H^PC5UYI_Oma!n+#<4r=
z0*CRIOA8f=ubYrE9Yw9bTEGL&TV8qe$Y&)U_3663HNn-S-WQ+0e?;vF`_Sw3?-)53
zQM0pH#DhF+epJhG`3!WbWz_C-dsFU3E^<S%55WSrKMGK2KUU47{HBE{rB*@q5n#Ni
zIU0qJo*)T7F6<d*Z+MUWudC>6k2ezcZjSSE>7U+-7QewJf^=FXGyPKv|DrwSQ~SH`
zljUk&@tW1o#3`20U(e(RLQX$7HK7Z*Ky;sjl~U=C;kB8VKBz|xnx`$cq(yn-;FR+w
z?d}p=5_N+nNLKWre|lNhtPkx`Qk+#*J)fxxayl*e_U@t&dfI--+1m<tXo!rhhDxPj
zN8@_mVdXyY@wnkf!<<|Hy8cyZ!oEC)w|t3cDhQvRY=%ZnkcyD)N;o=up~!*&d>m!H
zZ*MXko&Rj|av2b?^7ok5)OXL@hkI#;h|Yl?O7c?WcQuA}?d}EmSg8bgv(gtIdnrJo
z?w@<(>jO}#d4!IYb&L7Nu62*UC;+XN)W>f#UdC$5LNaT&+Q7-~p0^xp!r{dO{*OHy
zHiES;u6F)${}=f!=Q&dC`@6nkz;)zs!6`CPc~5B^B6|#T!d|y;gzN0Xy`dfV%hpAU
z#csolx92D_AJ!cf)OD1KO%xilyloAJipllbqbUOi@k|0p@RBkGeocO)utWU}(#ne*
z-@Mr;6v`S1X-`G=d)A#tf6&=(t_w_|Ae^?5_=KghnkaCxX8QTmvY^5k$i?9Uz77o)
z-0j?Ehaz}dpBMiHJUQ0fPa7O{(b$?{%7nQq<TuhLB~m9ftW*6s$;Y6m?F~E;9VPOF
z=_sw$x?vSMV)BFGJoAWqZ%!Q#z1!jlrx&ZVRUPNk<G|lT$KEC{Qud?ads)PIzO(o_
z)osYuy;TDNt*;PONsKcP!uc!v(4(q-u^;~HK*;?iTR}+hvCLKA$&y=7;i?<mz}9Qs
zAe--BwUci<=}8x+^Uzb|&!2fc-qee&%z}AZEmUA$1#EofO7D$KqNX64w(ey;#d8HN
zwrSZcLFQ(pe8#fXDuePIEbn_^zv<%T-EW`e3%dwv4#*GaT#g0-ej?LH9=$2;9Fu<&
z_?{(!pYcuQlHnUMj&{!RH(V|_%{DL|dQIS8Bu9W5VWaZGqZ(Gt2^lF)%keFDfoJny
zzs-c$Zp3Xw!kodytA50dDsk&FW$5sK=jm5ty$(>ZghHx!VH>~TF7vn1l)@1z!rW(d
z<lcBADu3nk6b;dU$l-`baYMBC3<LX1y2+1G5g6r;sie_3z7>gv6gxXUrs}izw#EUn
z_(_>-8ghSJ-XWrOo<<>psD}zlviCi^C+D%V@PQdwDD<4Dvas&h(qHaQhH&F#I;iv`
zdy73S1eMOn@kFw$iuMrx{JBtvc4!%nD7%!9O=pXX&fx;YO&RKV&EogpP~KOha)-X2
z4duBZR2G;_+Q33LyPMI_exRDjE0IoEW9^|Bb=SVEj0$czlqLBj<b*k#aweRz!n0f4
zW4!oke$DGXCY+G@4ULFdtN-Q6^4@y8pByv@KfSwJ-~NV~_zk>uv}A8q8Dy#O#xUL-
zFE~P7T3;Kut6z7iEh|Q_x-D3lj!LTS2q8w3;Z+aFp{U?oX~8bSV$)EDaxTE<c2#>E
zqN=BDwRdxK?y%6&=#PLbD0&H@xY-Lo(9;?Gmkr%A#KZNJox&l3bh?o;wmtIk)YUCn
z!#Jk(T#HO;Tgz%qXfMm`iRZP-CfR2jt6Tg>#sSW*S_Z5^#UUMBYsOCLiPw(HvFSIr
z1)u`m`7(w49lA0j;8%NaxuUl5ZydMpQuN(l7<jAZ(-hVDE5h;CH5kg=zNQA}2PYgu
zblJtv@!eZuMhH&K7XPEZ$BmXfdmEG#$H@@dx?~3ZZRy|rk4}ROo{g6IvjyGEF=-J6
z&Imw0+D?qPw>ao+^pqE{%x@U$363m6jQjMw*2!8p^#sBE67y;IC{7?z=K+7WsmK}3
zzqdAj-sIIL@gW3K){sSWBnT6hXP|^RbY}N30#9cfwNUr<`zPz~7R(g-Ek)+hQB@S0
zBqM+GOs5+1UScy0`P4s@?szjMafS6tFY>V#{tOINwziWDoN61o!s`stgASC7QKvsX
zm~}{2-VprWSnr{E<yBO3i;ElwN#6c;^L{#6zzCBCn8bmHDk;yrAQ-khO<h~Q;xlQ8
z1wX<Fg5-3GR^Dc&I{&7@G05S?$@?W4JpyWtPqe1mirzji`ekW8t!H6i%Vt7xGTPkn
zYY#=J{p|}Zb7pr;lBte;{vaG=X=n<#!DRUgt-t+Ca)$o~Q9gu665LPPI~zce+TxPO
z57FTT%#?eGVjFx~Z5AL&wVVw$wh}(M{TE`!eWd6WIY$NHC?)JGG<mA{{U>|U@zzj{
zxt!NuSp%Y4*3U0=6mor!e03U|HhvD=Fn1hxJSJvyP5mtH#Uf+j$>orY4pT6<ot$yE
zd-EDm8f*$K;pe3%3D_~W?(Ox6m(#cl48u+UGTjPeMzOO5TMeni^BD`d*ZgVeF9)wI
zzYX+Blcqf7dF*-Z4pEMNYQx8Lr0;ebW;5zj2w&kN=K3TYkUVy=QaMK2Jezw|&pBe_
z8PjL@k;^Cw|C8E%<I1YvLz52o_iOrAOd9;-{4L3TW0whHFK66w?y`56tLuKLa9@Q-
z;KG!yCgScUAe${@A+Oq{!1U!)SHSARHRNjrtG7_^olc?N(iz0YG@M4$c8qyVqs2Cz
z%gJ75(fT;U<_CT~VYs;=v=~oMUH0&W3Y^YAPm%kuu`I#td^FN1zz(`rRqB0l>3M1>
z2HbCQeU9Ao3e26r&}-d)*eVdRvs5Djf}Q3lIe%v5WfK{uek0!CDBE;@x%0hesP?~+
z7U`L?ME9=a=B!;#i}ubwT=U{<w|a5!(;jk$dRD>9|2i)4w{$x;RiupCAJ3_$ddTP3
zswXg*Sr~14A$p{?1ALC%uZEg35~b{QG!HE76-(zGt~gV6TA(RhPNXu62YcdhfRl_w
zS*~<?Ms`M{bhs{zv=hID<eb3h>1sDwP}2XFc<QHcyBUjH7u0Ifyh`5rj&rk>rS<)I
z2S!<V!0(yHGi7VER*We1V+fueEA~6R@rK&O!~ki2*K9tce}6)1r^{L<Sn+ngFc`u^
z2Q2FF23nk|gXEgYNfVKhVmFNdr?{3kl~rt-qH{i_kgOu6WPV;-{bfB!qguYdM8zOt
z%=G6v`H%`*|3U@BX?f|ZSnTs$4oB1Pl21SUJLvj=yV&G=j;7~3XV<0!3A6;vF`*(p
zRVzK~UY>E@4DV4zt|0~9DjeD~RsG!&pV6{BJ3VVJ{;xKD5i6G<60a;E_sGlP6%ou+
zIOqN6LuKtJp<VXp<z4XN)0(}Z%=b+l&m&#Khi%>LuPd_x3c7CI5ra>Qxq9+$pJfNO
zjZV`w&>m8nb(_v>ce%-?;2?O>3PQYk`Vl;9M!~F9-BRvIqi)h6!y~VaNoaFMB`HJ%
z`4E)6nw0vcBZvOdL@FEbEbosge-@K%+nPfe!5SShs56|m{rk&>Up@G$g0Im+Ss$vE
zbe<w)BGE!<2y*I{S$uVw>WP6F(WdO~3)zMTkxJ}P5a``sLOsjfP(>JD4*+Wo8(n?$
z(&takao`?H!5Y$&QUPXl`0IN6wtI#rRwjX)oj=;?%gZ^fr4YbdTxU#mj%)U5ur}+r
z?uhffOfJrd>7r&D>v<RGL6JO^*UI<y@rDrgd~@&UxxDVUwCkVlqa!Z)EmLVce6^wD
zR4zmGY=Csk*1@~0BGy2+TcT&Es7%*{LcfeYL+jeA%98z}BnbIn{!vTV&%IhgGR2eN
z?_Z(f&bYgUISJU^)C9;{3d-f37~Pt?QmVXT<)mp#aBuT(^%WwU>Y96K4dCf3lW%AW
z8NaSIs%mc&o#SSKANtiO>XNF9i=J{es-M<g!=+^oP(KJN&w}%ZJUYxizk2of96*Tk
zUlaoW`)?~IU?I!bpo9E(b0-z)O7A_=s~ff`_{{e6JOUd|hO)H9$?+Iz<@Is)x(Qn|
z?=Iq^bY92*tR-xGuZKsHj`GHL7Isg2`}}oX08Vf`stodwN(fj@s;Q8FN^Ngd0$C>d
zpQ-L`{=H|h7%RH?x{B^->OAD)PP=Bis+_oL@vJZAN?mmwDns<~)19r8A3?;ooXBBt
zkW#qJ_%8s|OuEJ}j{f)wQeOlLRGYUa)XB4-A4yiI^$H!PBy^OEG1`9PT_O*9$uG6|
ziaOM^pj|&HPPFLWs@n1NaJ3j7+NJ%4*A<$)|D*#w<EDwg&xS!e8WFG0fAPAxBCf6v
zKM}eiX_1Q3JG=dDHJS)IOUycPRizbzr#CRpH6Z!mL7Q#+=Ggg>>lr!fp(-mQUrh>P
zrERjQX=5J$G-Kf_|F9BgMb+`K>~;=t^$MZ|FNFn<#ukN}Pu8=Zk9%yet#P#6>;J{%
z7ba?YK@y==U`V-I4>tcMyA&Jz7wsJGHCtN-(@FB%d>200V{a<ej5nmBv+q@5U!YA$
z0x&h8yG{>9q~dXJoYXnOQ6tJ}2|svvzJjGM@FE))!hb%<D6jwbE+g@Yn`S2D(%=%=
zlJsfDgRg|o#F4iAP#q+$F0m%&7TOb%q_QedL+Kh{*`y4a%FreuQ&7yM4IOb*dHWjM
z!1%{7>QD8}`B|xB66Pf>9q@PCd4qp}FhKR9R<EhuL{AVyy)3ChBdd7KI?>LnLQulN
z!~04V6h<Sx_^OT)kGlOX+34qAx*D_RNWfaMG9X$Z%i&nU&a+MYS7^29ip*MrvgbF^
zrnB|f5#Czsk&ZlilG&jQq7DU1Q34W}cDXIh+APLnC8AfNKe$aTbP_UCSw*3%2~?Dr
zebkUmcGiDIqK>uP80FvJKdt<U=09Q_`aD$+=}@^Mu>-U7n{-mH9)}B^K846zs|Lf^
zs71{lp_ZoSo^h^cCTQc+jcUlPgyH_W<hukz$z4tKKbi@!8-y9i&Y+zjR?_e49PH<J
z_d4al(d6HQj7{AAwGE5wTy|Y|5<u)x!e<HM`J+)RSORWbY^(~Uj0-=mTc^OchmXFd
zJaFJH3V&GQ^GA!}GV-{k)P^1_N1C=c`O7x_xv%+F14<HQ3P`jLS#1*R%UyFhbzC#B
z{#`9nd{$`{#EtF1q~4$A#j)^y%e$~u>C@E!2M+;yB*sr;7EzPm`CpAqe*<2TKe_i8
zgsnS-oo1Z#@BOEZ=9QT;%=Cvt!6hSztrNu8E&|Jr1%B4V6oRUSW<2}T3kjw3?+ekB
z6^*mc*Z@u@mh0w->OQKOj>c<OwZ{&xY-t$%uQ>Zvk$$rlJ*E~j@Jxhrd9#Nan4Ldh
zF5a8y8)sOc%%XESS^C9@gr@r%=-=D*1UOjWazomeR`g&i0a`t~^0D}+xE+1O-Z&y*
zV3riJQq@k?YCpa#33<M=>C>t*g>2ZT*k8kI6t1{}IH+v|3Qsd`qP7Xcgj}_N4%%co
zYfMFePMY`b#IOP8MTExs$*aH%XInLVLkA9!aUQ=2y+QG}4*}ghA9>+M^~F8BMUZ3Z
zy;c@>3Bq|#bG=k6f1PMbko>)J^3^2p4>k(}U(1X1F-^vr#M^_ko%2XmHIufER=rkR
zjhg~t+@}7Qf6%sTw|^j=_CsD>eO2N4*#R(veSNvQWl-OvF~sCqRDDd1gB7xeg)(<V
zklla?vTRaL*Q?0>gJ>IO^fpX9dTP1)_Hye-VV;pH8|CtB2z6z6_(i|SE@h2Hp+JLx
zd42{(EbU*h$q$^L`H-$WDWVrsbSM+XKuJkcWcx)Tfn4doei|bP;$0^EN&60`@f8s3
z>bi{IHEe9$Sz#o53*vcwr7Vm4Js|DJx1@LPnF3}_z>e|v=SfuC`0{85^wWu=M0(^+
z4)%AJeKtF|>YA)Nx_tcX^?N~rzTZwSsZd+qhQ1h5*+;aBq^nlks@>pkL1m!eL-mNj
z_S2s1-;P$}TXfMyu$?)%TPRpmMj8-g<t4)RISuf+*Q^cFb~N-OeIgq<gm$#wvn}kw
zk~8(;t6Y-)@YV4H-WvN|QDZi3xwG6}jHKF%q}_x&HziA*!#(fim_509QA(H5C;cZ+
z*tU~ORnbW}s?5(<n6+Wi7L-Mm1khjH#OyF*4(<ZpyX*lxrZ4Z~aNgkN909*_qngq`
z;lE(HDZ|P7=qK5_3h!~N!=72xl!UC?pB#?*d;h@-=ng7}3fT<3{7lTUEF;Aw@>xXp
z8W*D}LfBIt87jW3200rmJa!~KZa{Ditw^ZNl)@WL%#Zk(qxmPfNf4%6Byq*GgBS-`
zsvg~_{rV7T95VZjhnZ*hbs%2V<iWL{{b1Z6Qm$ZZeqcX$5M!tnBrD1EWK=Oyy=!*b
zX+D|Vr$MQhav4zv?)w#EpnBiTv-jJl<*gclIdg*dq1I7~EW=`l9hRWR{C1UMMC>Q>
zi+N8UE>CeZ=v!02$$=A5*5G$vV6lMk<Gs?s%s{cpP*rS;5HklW1R$LKJCI#@vrN?1
z;lJY9lDwmQk=nQNe6!KhctA;k-{fIN^}Gr_op$`N8>(g5`?xE&zf=1Xk#L8cx>Pgg
z<QO%4L=bXRzC>A?)=AB#rDW~@!Ctp|j<rzFp<7EmcG-xgHW^3y2D$MkS(zKGp>~#$
zR|7u6AF&8cinq@#fSkiF)sCoXzeI^@U@6TL=s;AKQwQAPv;MnqhRQS8r?~~tybeBI
zO4k@Dj`cysX_26P5%JBKZukPFsCO?%I9e2$ybNZ8u~(vT4E>|DnB?e7aE}n4b(*{O
z{|~mGNYNA{MvgoVn8@QW$DM{7SFu%WWE7{>-pOZ-*%<&(^1ELj4gjY&Y3~guo>y-K
zYVJ8TVG@lB5$0jEOO~M)zI!5%5|jcB-~q=D_;upLpGv%Z>JeBDYNsmLp*;K(=lcZn
z$$Qpw9ETs~Z9Lh<(i8TFcz+PrPu{NZrl3&vR(GAd%V$59azyr)fKj06dnZlIbx>qX
z#S11a9wVS!CxF=_-1=~TfTAfu>@ycB`a$l|ufn%AX2d^hDim3s;sqo`M2yXF!mFFs
zAG035hjhq4J5TISD{V7pUdD%G+$*;&N}NE+<f=2?;ZN(TdJgPt^nf``s%Ziok80Cs
zOOuD`uhln$Oc)u2xT6j&;7{JkjzkQ!&gbw3%Z<+%H(oDI+(d`|G%9vdOsLg=D=ABe
z;J4jMnL?Q?7on<Dv(Qxn{Yj*0z)Zy2n+^OYmO$MUQo~wIAEhd=_A-*XM}7KY7IAZ%
zT<(Awh#NX^SnsV0a%nG>>`fMS#0&wdnxH{EweIsMNh>nKUQLFMjnL6LCmvBZm37(i
z)gA|R@eo0&L)C!8v@zG|Jd?HF2yzq1NiJ<rnxF~1RsIz>be5p>FhTs0p|b63e93-C
z1Mz{}oruznub;jjdD2#SuEoAG+t&c4m8Y5&#GFI{P5j`~gv&;zM}W-_y(EAF>BKUh
z=^Pr;ubJlz>~NrV=%s(Q8)QtEO~|Y2RqC~dE+N}pBIbl)is2$;7F&Gfo0_(#Z8v>h
z=%07~qS{E+zDUTd9y<s`3l;I7@WscvA8s7CrrCU|ubjxeP?GHH()E1tGoN*qwsF~C
z^cxS1(k`id)q@ge@rWi6G6y&Vu}xDU-7gl`0cwzA$(8d+3?(?ai2F;ZbPgtPtYb%v
zjC<^dr*MjTEwgNWBSjMQl&r0sVUbm{;(1N53jE4cqj|%Fp*rcveO%D|NH~33)}-kw
ziK#)XD4J%LcMi#Snh%Rj$D>762wYr8vHO2J`o=b&kCw;A)G`m80PLvnw>4^;HM@_)
zXShpOdreYbdgk13szUdtvSO~BoCt5y?K;E}Q`)St%=?a8MSdNTs}8gRtom1df25|q
zm+o2ky{Zy0$%5JwPB-K)9cQ~)0>9@co^I{08n1XyhrI|(a44$Q#45Ud)*Va}Y}c9C
zuKOxC$DeO!Z_eq20Zucf5HE?2@QL(z%lUHm6gm}RpnDg*=KksD6gjdgcO^}p?(`Va
zfl3Kr`^bDVsz-_Vb{3$cH9$E=W%t+G#Lq5HKlr(H$=JBoJXl>pXS$>;wYpXeD#bDA
z@S}EGOTcizcO>@ZCnFlFUHQrGS1z>e-d8Y><i^t<=6y$pz)VEgTF;4{X>)WYXMyae
zZ>x<>%LYP<A>!bp*~@dVBVT~(QciSJtRO-9nbrv&>v5tv>1~_v)loFuq7}P+d2M|l
z{U1P%YACpjpc8&v7<kZqPP|-Ca$r23b|63Cqbci=bZk^^{TZOWb}DH{t7ZY)jd5QW
zk6sFWJte*jC=W#+IxJ6#!Up4ZXGB7gaLH8QNNl#O1=z;H;5}*4aQA!7<RlD+c%{oE
zc+u~!oX2L?ofcvnDF=*%Oo77t;MX};Bcu=D)!Hq5=RDHC_iL<l)nzIJ-L%hh$PzP;
zbg=gd-0rcO&S5j=(g~d-$IG?s&4*kZB1heP1tC{JUzaW;ZX~JZH+vO7JNqn8!)^@w
zfn7QC+J?8<PrW#e7v{yp1oHT8FMm#LjHUFzMZIAX_-rn}E=mk~{#ra5(BKQNXTEgY
zq}ytYK0r-J*vG$G|JRg2kAMr<*tkHxM8WN@&kiJ#7;q`tI=H4eeltpb)ZOaZdpt5B
zU1*I3(m%R=TXB=?bc2{?YOuYmJyp2&Y$NRncr8m4;4Id94V~J66_mTC`qp|{XK{X8
zXdD8M+M}1lz32o^<TsRN-RKV1&7RW{CZsQm`#QI?A&ZbqdU<^4#(R(5|L}~2buQip
z-9!s(t|IT@U1&upOGb-Z!~2G+6e4q>zymfwwyHaP1RAfns$jj^+y2{9yaYp+K-FW(
zPtF1(DUvb3YAamq2*2w2f}Vu;WnGcWS;tC3cG>YwQ<R6=*V1`p@r28XufHVEa7oO_
z_$Sq2k&y1x;UQP9Pown21H*d6?3r6iOAQXn1~ZAY9aVW3ULAU`PeW^`MR<7FC;npu
z{);7Ip7HKzadZ?A7rk*DI}xAmIUyfG7jgB6s<OEJ><6(g<6Ano(=|l!2PM`jHK@EF
zFElG8{#3KO(Pz`o<*+aI4ouqHn|oByA2lkn)=MA{erj&JS6{G!-HaQpoGxukKhl>@
zm)~rS-&#)}`rb1QJTB8}6WG5f+IIPjp4z+~oGj{&sX{LHD_?E#cH`G{u=#R2KRf^$
zi<Kpqy4&iXoac@y1z<N)Q>#(@u;`ll_aWTWI%Qyk;2=!=J2tKZazOjVDOGVz;B@GP
z*)s9tGlwiY>=-dQd~ZAA>y_vHVPkiO8)?}rE46clPP?`Ci2}9XVg2$&1q56?+OI4=
znx*Mg@sn;{e{-Xmp2jitQT5Q<knQn#ABWYqRsk2QM!wYw0Y!rQ{y77E@7tcp5`j>H
z-p>X~wh`!yZcBVZ24leSY5(3AhE}g@pX=cbA<|;;H6GEV3MxLxB4!`r>Wr@DQh@i*
zk;~}UcC_24B6B}o$HTE>pAr8^!|{F7V`Qrdu&Y@LDOvAqavU;xoU5*g63WoE+F4yf
zKLe#3<2AAZx~1RyY}A`tYs?SI!{;4oY>|@MBMpTDd~$@%6!X$&`l%-Tzb0@y_rwq3
zc_*Z~DO7`q&@Ge3W^0Ml8o(?m5&kdz>yqp^DAgNVCqD77MXB!PzHNI;gl=A(X#8C(
z2mSMA4!ULcpUml&W#&J(;Bn4Cu!Rtgg#ywHLI6;tQ)g<rR+4#-J_%7@-*SGIw;66-
z{4j*2zQ#uEKiR$i@Y~*YqnH=-e@CuGhg^%U3i1Z0T>X~Ed9d9FDx$HDsldZbgA&ZC
z`p5kIr4X-Un_A)2$oy1Dou;ksEE&z1R&Bg&a@Ml5W#ZV@e?C%Ts6#5{fA_@)aup;c
z05iJt`5pU|hA4imX%kCY<1-zR3n!KPfrWl6+BR6tmg?2$DJ_hEyD4{g^|+Qy-e<J#
z4`uxL!=QW8iP5zYl<W14#5-a%&DN(f2BMY^|0R3RZHyHCZcNyqLXwz0F}uR9Ny!yF
z?ask!Fll8L(-Yl!95EQu6#g54;dJ-`qD8@<Z^|yuPSexVotD~dA8w?$Ip|~);+GsC
zy$=#~mT$*~8!`%33+TH;Svb{3g*p9M+<v-nx*qhT+H01{LIM}r=7?Dh`iAn7l=#4!
z?Yk?B;k=$FQ}a0A9+00A9#A}%Zu@9@9w_7IU)X!pC4R22nj9lA?6xoR5yuxmz)srQ
zX-~X*ZP#?so$r!EHILA5t2ZG!s~(x30=OiDJvX;xBvglleAgY&uGfIO8E+-X$XS98
z#D>PRSl+bQoeuo<`6^;82JiFU-ppOFH0l0hZ4P=y>azQe6044W>AnP~rWgZD(WjkH
ztO_SH&130eEG8uAOh^QOEEX8`vG%qW>MtLdne_AOqq(`#5PwjIWbmyp3H_ZtB08hf
zqFAI|4s^T5O*=W9n2eiZZ?l1_>MmB>E73JaBP1vuFu;>LJ?&>t&eH`{&6h*Cz+(!J
zOs=)Lz_2NulSNOWa~@}^b)*wS2TS}0CS5B+B|0aS>(9!ZARHT<0$|j<W)ZC%IlEa?
zT@%<pljn|o@>tWk!+TEAL2|=qn_u0oy=V<*<tmR3GbBZ++=ri{A3y=`3ITIu-F5tv
zJM&WRpo-Tx^QZ%|pG9G$Bx{#obXq@j82)d?uH1@b;|0+(FRWl1pLS6~qIbFG{8RRb
zh`B~TYE!I1Y|GUJa8fmK-6JNdwG&=Q)(AZrOt5&lJec&jHf>+rQIdSCBt+6IaU?&V
z^1VZBwWSO$qTVmeoP!?B`F_kCg-NK+G3XUZw6R*jccm(wLOb%2`szwn@5;#Y0*XIa
z2_u0&-XL$&u}MXDFIOp3f5O9cbx3c`Z0E!i1A8Rl<ve~NfUiawc-OVjIi2l#QAUrT
z-kZ+C(v=JX?`_tI4|d_k(Hk0Jks?vSkl}76CyPn+{uyFR_Zor88qQQM|Gw6$`F>x=
z74)BJVk6&4ex>Fd)l-b&@JiJ@Vk90YyH>DG(_U?r`dY=4j0^a)`OL@|{UW_lzVh#-
zvCIaGxb8s!k!yigk!Ca|&WSGbE@~lHgGxn5Bsg2Ed6aEEH&Wc2lh=Tp+GxMgKOLk@
zv%-xND2g;{EIBSUWyn^}ol$JpFfTG<vA>$gthyvKt+R(dUeMKn_$5wC->-G;7dS#!
zB{M|azV`BM7rcPG=@GDf^C(W+2$T6Dh$!8G%>t33DZtePmS8C25q0tmHTDd8+TDC`
zRJUyJc|f6=O#^hSo~paC%YGI0ZH_&j-BNtsbc_ID_0Q$(jKqeen*YZw<O++rsd?XS
zAE`qxxe%ug#%K1c^ioeuOs&ljqqiXW*o)N4PLyFxS|b&s$|zk{CTzf<b;k43dhiu3
zFxA^MFdZQFQxZLJRHchGv$dnjQ*1ykGAbs~vfkWi2HG>bdXiy4&0_32|I3=z?8AxV
zeH^Y?h-%9o*5yd8F-?Z<f!@B>T{A(&bW2L2d9F^4N5fZl&G|mBY_31Zp9C7yBxGux
zOu`h_18|3K{5wmz5wZ-AE<S<c)~(3^wwvbxPiWb?_w%;BPjbH^_!XgJH}nQJ+aeXD
z>}K!N(*n2B(1hpWI&Olo?4H|cL_(?co3qHd4e^vtGRnkX+HK9YKQ6f1Nu}Qeu@Fko
z;O~1HkQT?LyIfy{3XW@a^p<@+RSUiHGI*C*CL_zu?DHy^vpUjzQc=jYW_Jnb9j=Za
zAet}YA32z+m7O`?^wzzTjamLg)5eFBmyEoKIODdhBG?lSt1^>g36_`7e82?SA$c&!
z$`R)A^Xq4@F5+S9&_FD+YOU|~=ENy@%TI(X;~FE2)A8k#*DaEdp^@+tX&EH4qo>LU
zq+={mj+p7#nr^t-B`>|7LIGrjj>M=dJg43E(*x#dv_1z)VxHn&_7qv@E)b2`>2ul|
zT3J+pq4a%*+7Z^L1qN02i%a2VUuXpQak`6;;-SWE=eBQ`Jin2r9a8jAY1t_2^l)Ep
z^xqlGZ=V*C8L(CCc=F;z*@phM?ijtw9HF8tllXOD$}oE&QSyjz0Mz@3SFc3vJx_<B
zqw7<XhqSk(etpb4TphSZ6b)v<M!vn8yplAwNquG;BW2E7iCWy+<UI*ixaH0GGb5j@
zm6B<N!PnkmbD*#R=|$_x?2<C<djF%eStk>|l71sc8V_@}NJ&0nd2wK~6s?>OM6jHB
zw~kwN;|0qVRl(y0+I?>ig<$16QIg()-Cwu&WRww}r9}Y`^D(cd5<8z_58ke8_bEDW
zB=9`iRxL?-l(qRR8hEYx9hpHwKiAwE!JjFu9<Q}~a|SUeIzSXSmL9<*(XJeIC@!hB
ziRSHZ0uv#8jSYpi>CULt-h6YMVg1sJ^3kF3`4j|&52VK^vB?SmrVn6_C%2A(5qv10
zB&%u+r`=MH*nhlJ^z~hL7d%i{#7$=2JTNWE_&R@#kXaPPD%X)aKXQC>_&z73d^c3{
zailA1GdTX&xbrR|wDS+>=2lz-{nhFEg4m8~d{OZp9lal|<aF}d+Oy#r!80}c5b{g@
zNdb_WMGd23;z-FOH=y21jd`8p&6)C11cgB^S{1?H*WrXq8fNc_HDX%ip`V4JjqJ|U
zU%m`>@Aj%AgCK!MP!_hOL!_)P`<DAA#GK9WlP3bht*)`5EV8tXKDKxX<6MJ9)ZXkY
zaLw3^HPfYj2#?C_2=W2=X(jmWm<n9%IsY<HK0u-0dH)^_7r;|SxC}cq4h;XO>7F)I
zid!IXj52FO0x>*;-u0D=Yq;+|)N*fOz%8-9)0|Yv#?CsB)<vjkSDo2H6obBe+{ohH
z!=yu|WYH%Ddu)tU?kcd)zn?Uyu2S~wYIj-1fG4G&Pk={dpdM0Iq(dtD=<!sN;&i1t
z%*hFcR*j4*fJZ+cgw)EBY-2}J;tfKslVn2s^XNecp&zJlI(_Aj^HzF$RZynHABA09
z_g7Go*iwpRe?rMgyRCOGG<{TRRFN@>0#_taPpUgP{3wOrwyiYvq6l~Ch)DffPb&}G
z613N^DH2PxjPctPdEHKZzPO7Au!bC@CrL{q4A=VsU(MZrqC_&$53VoG5DyF!dO}j&
zK{Bj`G7TN}>ku1%AxB)|G0fYsua@D=d&9*=H%G7TX)^1_vzFwthaf&puMVFZtLUzY
zC!S%7Cep~Z{eW&g=@^yo-c0aI#v}hbTJVq#cAZ6KV_7Mz?A$}ld}Mdh5c+lr$Go_K
zR(=;)qJ7$%cjZVliXH5bXvS18Pp{yX_VW(7M-)2^T69P}@AMQaU;UPRz8+XO+9~JU
z^dZ#RKQ;;|V)Ho){H%eiga2S?DZ4MDAIg^Wb-8Eb=!~OX%<qh=W~G0e)xh+!265=6
zBKkB%kX^P~BrjP@fx3Lo^xBct?u5py>|+1`<BFiV$bnt7`|42okwKmeS%_LXU6O+1
zH%9XKG^wG|+CJ1(wP#6*wu{yMFxi%+Ifp#T#8H{Q9#Skw3R-_`_EtLgqgYTY?s$95
z=~PoGqms8@>^xNY;steM%u~e-rQAtv1zhTfa?X9n{fw{LctE&W!?l1NwftqQ!8#B^
z-X-WiC!DvrfF>~!1PEClpDsfp8}Y7jejfJNHn3=5B5&wN^Da{%*V%<Kwq|2n{rd&)
zGUN80v=*(#!YjiW)9&j8tjOa)WA22^xyRC}^zkuTE5q2Z_5)kHs;Aqnn_MO4Gi^sK
zz+x7xZu1Qa44$T4Wjc&!jkQyz0<iQia+P9N?Jc%jZK?bJ4mzav{14kT+1fG;uac3a
zyNg%KA5XhIs-sm3m8;`|_<LjYN^_oiy8LHWzrdO@79jM7`{6gldtvt^&S}+MZ$(qp
zci$i(Cbr?cA*bEB`n>lL)7tuXc5iI^6bSM4Dlex7vS#|Dnks6&H5NI;05)XSgnDWi
z8ydTm8gMM#wDI;SH@cEEjnmwE-I8EcF7r6{DV5+&3f7U1kBC>Y>&)%8746VAp3l4y
zqLANU%WQ4+MlRh3e)rm|d2J1~*y^$DtyAkm5v-_=eZ9DP^{=N0g?0*r>ZZWt6{J?$
z`!>5c^1_a|eRkL5vPokf@T*%Fr{S8gbC@PLR6e)Meg5w<$X#JWfM2rFKDn>)|4)j<
zTF7@ujHmIT&d$0vv2C;s#U9Qi<a~-#Al7~vqsAWTZG7`RqX#k@tM#qc9p9Do9Sa!#
z6fRQ5RhdF__5@|^e7;f#LvCh}1JN>^e-y?9FEf-`CQgM4w?6{6O{eV?Lr^@7M0h59
zuv*9v{S_z`43cay?ND)mR4dybhMur^qNlih;_#?hnu!%OcY7zfCVn(EI^DDL#CZky
z_*<2PxR!{mdO~9R%AYX<W<Ad>@!HP2BMTL(qRx{46&H=()ze%r;;cUtre0>G&meiR
zNJA26C@+CdACLywRI0S^Y30vKtP}vV723{tAw-e~PF4dK#1k^>_iJ>SK@<`FjkZ$5
z+EtK`^Xc{o{j5meztl~CPS86e&IK0+hK@4x&$jh5Y$IwOCe~I?3BLL@%eZsAu2trw
zW;c5+=(pLtK|KuC{*AKr^)gN)wo&L#{T~SyQxRS_2S^e12e0TVc9(e%eLOdDPE^Ya
z^AW6fyeNO^e@9b(%tHT1!ie%=(K?7M)qN=0ECllw@M-V?$xtiYSbV7MB@pCQiOy%(
zlB&Cq@gI61iyZ9adM|$2)#l{%KD#IU!l9!LA@2Uk*Xw0I)9^lLFmpd`V>I8_3#Ea)
zo>!JWM*6i)BXXWp+|Ux@NbB2B$?qJld2pnDf^<n%LwU7ppxL<fs@PDAAq@Reu_~S6
z$R9WWOghP-)i8QEAMPOKMmwZJIf8N9`LpZoUqP9sY0jfD)VdSXqLa{La0mBq?&tGv
zx$NJ|O|8nw>QG4JWcjSNy~x^v1fxER8O0aeeG9~Z_*00?peyzEBHTb*DEC=9GpL0y
za2=*Q|G>5Mg;s!C4E=YPq=UoKt$nh|`tupE&vMWqTVDlwx_3KPDZl#gy5(U?D51G?
zB&qPf&eTt<EDW#+P0iyJHrp<Rb*+k<JdIjbZ*`R)pR;8Dkre!gR3<NUf9mc|7!S|6
zzDckN`5=lp|G*IX!Vf~R2Jf==@oncSIJ(6@qCLfIh!me}RQ8nfd$Aet=S9C@mi`%V
zrB8EHMTTpWrVM!BzH<+Y#s8HH__<T0B3rr-TTAevL=Uu_aQYdn_4&1w9Rt!=>?ip8
zs|UJVb|I5jfxq30+uJiV_f!{>VFDrX@Ulk)wwv!}Y8$_Qn+{Lj5w=RNW@LE5##YU|
zqf63?{RyojJ~CI=QEJ!kn%|qn`6nREHEjQbHxl9z!#<3yzTh=dvBiI%)OYB(#2-E7
z(4BF)g4y)831vtnoi|=g*2@TS<xoJ!Pxa4g#N@{;jLvGQkoHPEzFYF~O=BES;r>yR
zAZ^Vb6lFsF5rWEWIfy91*HtlbR+aVn1}6ACC&!ZVEn-t(fj^%%uo3H2HyhaJy&KD}
z*A#=SW%n8W$E=BJ3Pec^3f5AT5}w6fdhS2mjTTFY-uP+%6`JywoH}_w^@n5`;iNk^
zu)1MM8@OWdYMoP=4NBz`7XM5{eE~DL+kp;<%$-Y<0PZSS$Uky3dB?3YHB>q6(=@@}
zcW??p|F~T>LL?=i{?R#d9B>s`3CzGpI-T?Uo#C2Hh8nW8p-Q%6<I|wSK2)yjQL~8K
z?*p5~Ka1V)kD?=}JGo-e)-cSBm}Z;Fo&{Jz2|WB4O?^-G<bHP=3hR|a=|n>T3yCl%
zH?pG=S|S>qy=@C5oU0L_>wuZzeU@B37^Z}w@SRhYULWhT9U6ly@R3UUUQDouV{jCS
zhqFoQu^^BH*Na3s(<(^%E6MB1hLG(8GUFw;V7hkPpp%Y6Y_eb(E5fbn9%353EJ15P
z>44FD?!)=UX&ABPAz2O0V_@m04<yOReyiu{g|-Ap4ql*0q_s7lfsy+7K?L*QD776f
zX(6hurG97TU1tqI$|e16G=UeDaGKt70&_d9*X_##HygQJwcMYXngWQhjY_hM%Rh-#
z%!eLtDZg%6bR^Ksw|dYb@`EJ78(Z7LmtEI<obTEOb*i}3Um*FkS@TjVCkt)olW)Ys
zxXBT$>P;0hY>(PDyj*JO_s;60>cT658vj>#nYL$OF!1IJ6l1+0fB04k$E?XX2ivvw
zMa~4qP&EkW#n{MvgU<ZMkEzDO@Iq?w@^4$Ztjk3tD-9O(RRepvF9M`UknD~|NDZ=U
z6<Wd_)6vGkbzIqpR@{O0vyez@WLj3zrMGt9EyLCZDH>7g97YG|1->O`dG|ss{&G{S
zdpVn93h+m*H$B`|d;Xh(M1c439*R@P+ZXue#qK6Zm=5RjW^%jh*nbN7rhb<f#GkoB
z(9Wy0xjc_2TCc$fL|hA9yCI@EJpGGrt&Ba*(lSCJfLb5YAOF>aU31a0=bmp4_t|Y-
z;26SXw}3EcSsy45f4JNDQMzjJXyV#ol)5F^3d9P|Y+;h0j-P7Zz%-M+-i&pa5FI`p
zhPn@o_vZK`;t&kgQNm60$XLCx24sQ6niYClIM8_ms2hje3w3mdLjHQ#&&TVlf8pc2
z^d4E^3QI+X0Lx_2sj<NlIp2MZl7g7II{lGser7g<Kvz_IPy%|`YVkU<?)2g&gI4*&
z&2ZjdCksb*FuOKSm;c`cw)|&9{oQUH?Go9SX3T3@-h7K(VegP@;*m$cqb)N*Wg>@u
z^|!;k9^N|HDnf`S$3<i60zQ;zkwKeOwQSlu;HT>F+{_u0xA$5EeHtoh>nP@_)1FA4
zEQf0tH3VrHg8cL5qleugLHf%fm!ioS?3u2H`s;eUHNrb6G97P?Um|lbcMjXjRrBVP
zley#93V*eF<*|~MVx<{ti0@+MJl4J-%2@QC)-y~P5h%pldnlm+miVH|W#@(j*S=_M
zU3tG4;(GZ(YSH?-`N4%FVSko^>U%!^irt(&qO{$bOFdkeDFUfawi=K$iY54aPvHa;
zd+<xgC=m}gt4N*VX8W`v4g+ELj8O)n0I6U9hgo|ED?Tt8f0<Qb3OV#S;Mv0%dOzSv
zfP`v8%-em1>MDWs#`p%4NphlvqFpKSrG-S0hp@fh6-G3>%n9@s$L|&i_K?f^-{#u|
zG5QwX?dq&_Fzl7ktbfa+ab1d%&c&HAOYI;V6Kh7%y&~W??-9<|Xg7yk6ve51yq#$F
z*?uzZ=rls+rp|8J0Ne>e!qEYOUSH!C9(i)#xVHAI?gOZaI=lQKyaa0>NLJ~Uob}&Z
zK8oCb%F}1``P8q`O`JL}^kf27FkWO$B+I<6Q1}o&OWPy}EUhQI!}qvOJWEw&;eFiT
zGsopsM_3LId{(!x(+Hi8Jt<`-j8Vjh;cO&`AnKFg=MQs3!TA^jSjw7O_J#IWfl;>T
z<NT)WrvTZoifwO0yBWy&BHl}I`_kYnzB4GMl@XbN%2qRI9$`t7VF-foqIy^n*5rRT
z6dm(#h*^trPJG>>FyfhNx@et9mP%ZL9xwDYoXGfr&hK42J*QeExh7Z51cpt`;1}cq
zR5~CZj_$Sp=n6PN)AlfS&dB|GGHsmH@;*OFfHf&oEAqGQPrZK;$*Zh?tUh>l@$6po
zYeY32!*%?Gb|2b<JYTfarkZKUSU@HJ?7zX2;w9i@C!r?Y==_VLwN&)I(WY&_C_Et2
z8SiUL$cQI^lnJk84iV0T=}8hkl*u-->u_xl_0?lX10taKLD51;94VS!?chPUC5;%M
z4SL`)6}KK8QhQlsTc>4jlE-fLP0<a^beWljEHzOCyZe}i8!Z`B)Dy-~c*2#}BR4~x
zZXhk;RdG)-FBbg*K;!?N-!iyH*$mosSiUjHqqExW`rVfo#6b1o`>2@FJcy~a*DrZ4
zDrw6t_%HwW_H{y}#s{qcNDZ7<=L*oV%FxJNT&bCvFYEYrk*j2VRBAl*XP;U%!}d>8
zO)rLC-5@_whhm1H2XRx`1he)E>?AcaQwyaXxj#(?Ca#sKrxbm)$nt|qTOviO1g19L
z_EpK=>ZA0t81HA4ZNI1}j9KGGb-r-UuV{Ri{}xRr=l^RY{j0l}5K;(=O99Yp!LrN5
z&D}dT@7Gx)kcRqy#ssr^Vx@ilhrg2LIzM+h%l${AkdD^HcB4e)WLaE|%_RyeolT_S
zZoll~CCK6+$)x6X)~cCWjwq~;O}Wk;n#>7j_XEGVq|QZZkO}Pm%QU>?jpK<a{(#4P
z;p5|@FX;IV9~ujaQde-YaXcn~Vw?Og9#aN8dDWvWTxUq@bUB&h52hS2d}HC-=zIzL
z?|g0N8eJ61U?pOKoA~);>yGjcvqgZKNby?^>+oZ)({5LKU!F`5t9FQMF&^}@!qPt1
zS(L593BeA|V=nRptIH0bDA^AEa=kL}t+PNdA#nJ&mK3;=n;6yEMGNL7Fa(igk|-tC
znrm_hDc(~c+_RiV2Lb;azn=s|Ln^lYR)s0nqbY-^{<8s(_W^3;;7Z;=rvE#U6BVJ$
ze;KC81l7VN5gGy8Bp&_;IQ!O698~lk)sq<se1_Ogi`De%i1v*>sM?9lJse~A45X15
z6(L7@w2NEUFKf11eSo_>Qvbss0lEBq0=fEir$#o$!9FkoKh-sU5Yq)cX^g#RFVF_-
z_&P8*rmmd-B^8oDCiOpkJHGq%X8l(*Be4*6@l=o0FZ&bJ)*{;jnS($6kQf?8h2Gj9
zKt0r_?$n`@HkPZ#%<^!&#oJ5Fuq=|nt#H;<ai1*P`&tq7XX={wl%1mw*_v<|S>&if
z6iti&k7)1!2=Gl_lJ85~z1^|!yd#^^yz-TEb8q)d;<_B`PKD)>XldcGNAOT(ZAG(p
zkk~eYD|NJ2&b4692BU3tem^})hE!mOvunC6=PoS$s$j$ZGKM4jV%DlPn$zvf(*g8^
z?L%oSWHAYo?rv2u@3719P#GR&o_+b5v}=;)l%j>kVM@X~d%7iOfMXod;P<lwxgh(i
zct2<0`NS;Rx8L}$Agq;5qgA`fXS#tqy08+NmbwhxPd)JA>W%n{@ZVU_zkYg}*xOm&
zlG8S7_qsjSE{{#_OT?6Av|D#PETE%pG{CBWdkLr92nZ8>f}idjBP1)=5NDSf&_Abg
z$y`a8!YIkf)=8MZ0b|X(QZ#~uM<}h=KSA=zqI(C+nvr8%ONSv-gU^e#AyE2u7u-wp
zQk}{u+p>6eZo{eZ@Ref_NpoiI(RirOzYnS4vF_kE%<`^n`rQ2x!J2onWya^#k)L(~
z{~hk6?{OIw+8-7~T%0FpIHq6D7MyvKMLJ0#(+R9nJt@ZQfL}W+L{escBNLSo@tVr!
zsfL2)UX-N`sbTtIE2136T8DpFCYJ>e>%;$5K3IJ3%-6bBj&>Z!Vlaw{;`YwpnhiU<
zQoPV`xfWA5*&oSLKXCZII#BQ2?)weo8rzeatOdadz5YgNLieL(DGak!mJ*4AhNMk9
zI?E+#Gh9q#V+pI#QngzBPD;VdL!oKPPr(FGQ9PR%(lHHDfNHN54NU`<`$aa_9`dsj
zNy)H+B#htxMk3i=VPatglAf<$;d=$Ib#uSFCQ(p1<VeVv(Pt5cst8g2cgUKMGN;}K
zN<z0Z{KoukuZ9uPVkYm@X?x|ym&8|AT-PJ7>Z13B8BA=T(LjYCsOcKOD9;ti*p*7E
z%`xxIDBqK#45TYPRoyD1|5V}l$&*Ld?wv~Y-cnJlmFjooe24shE;%7}L9$;MFaI!8
z-JI&s`ny^GC>kRmJuu&(7rNYh*cTxnwI)k#`KCVkT0KofE9>Nqawau}54}7e@l(dL
zqn0VHKW-=6?m*R5?HzH3w=<JR=0Fu6F0p|F@tMNJFHPWWi(;jzN5x?{V+}Un(H`ed
zkq7usk+E3A1M^9C<R{WjMPd!D$ygxYs7-=9U%7vDNiN$u`b?Z~#8w@M#_{F>N@_%H
zAe1w3DP!!T`x1AowRx#^Ovac(HeE#g$-D{CycpUf=l8iMKGuex!bzcgpzO*ZZ?-PT
z=nLatMG^oH?pfg?3E}(TxHr&qRqI8D6f)5_bD)Q>HIPr+(WEK+RU0)d%{6>&4BuP)
zH=|D^jPNP53>M3YJF#^Co2Lz=hKW?afzjS?9=s~n(OEs6BL`{Q0k$cFyoS0UlP`?n
zb5CtcWYJFnIT@EhW<I)3|Ch0>V=TywqCXedWn)H4B|HE@HOR~OUvXz159Qkb@fpi3
z)S<GJCJkXI+tWj39j2sGF%{X0%JVqcnr=-f++*mZMN}9u_87$s9ogDQekV(oYNC)7
zjY=ewWy<oq?m54n)9IW}b)M7j_~U+ke6IKR^Zj1e%pbScYur<OW2Xc3hVc$wZ<cfW
zkff^xd0#H;P!o7JT$W8T-}i6Nc%NLS8)%Qth3hE1?F(dXr*7T5VvUa+Z96yf)|SFZ
z5>vE9`NZ2GKVMYk4d)*v6p~xri*=JQ-f11J-J+?L9hNmTK6yI!nI(L+;>bN-&;V?j
zS2TIoti$5MGn>#gys@^9hyJ2C;;!k+%dr*Yt36DPXXjh+7f{Lz^J&qs(b%Nk*(2|c
z-J1+3j$u8Tp0F8z+_<oRd1HEIwC>zOLyNBX>4~T0(4MJxjW@`XV`FmDZ{!}07f#(2
zKK7^%+7P+jsC>l?-t}&e(7pR#_IbmP!J{gtn<k%M4kTX**b~t8vTjVqfbG9D!9Vy!
z#HIR_8_N|RET4Qb!b(fWEH_&QAMoBt*UEJa+dMd2$Qm3Tg)7_P`%_cCA;SCnJ-FN9
z&e2n4DVLj87gsKxe%3gub;T&?RsPVWFn^YO2KX}LpC)y#sqOMy7Wx!?+I%v9;8oCT
zH%?`6V9@mV(5|A+p#$WJr)8HP?q^N^YhF*|qt5uC${gj@WBEJtrpC97lc!C%H>alG
z9^Nx$J)tuZYhtd}HC@wFc5qnvvF5ni@k_F=Za*5H9_$L8o_*r#WwJk0^<|flIrqVH
zQs^jt@8}%(O0A`OGaTi;klII9|1tKNaN)@ZwzovFc`p}@PT1}nofR~-Nb6lRd3sh#
zq5Iyce|piI4GfywSm_>~Ck+h2!?n~sc7%r?vAI?=F`;rSG)5${Q4*;Oh55R}j)Fdx
zOK-!i=ECCIHW#*s_sPQI6_riQXRk%{M3Lz+VZW}BwKNk$ocCnHv>`P0sn~8nY<gl}
zo6AY%pIE+`7>$J?;i-<-nqEwp=7*-<6VaVSruoAD0wLWAK&O`rS-eb)s-|gWlc|Sy
zSa>S^TGQJJ)Be!Z5fOcv$h2SB?>9_u?Q44wr#HlUorzI~3&2EmZ4bairwfZsDx0)C
zyaU5i{jW6%CQLg*QyWF}Qjuv2sH=17`N$E{mw_ZfzaNNbY<rOA;hj=gY*E>y@8Nwg
zJayZ(rqK!0%b}?QBKm%jX@{`?Wo_o*N6s)z-w!gL_P=Z@EN*Cfkm})`URZ2a*<|VA
z9Tc7#cC86iybDczD58&wOfQ3sy62(~oOi$x(nnGD!}L*{!|<U|6!mCmjs+uL-NQ%D
zFsHVyUD82k_<u%Gjz>dFEEoyQ7MZF9=CBMZktuJ7j>{p!w>B|sNX|*Ey)QYqG6nFT
zxP)9slXp7R`qIw9%;??Qn!=9`*`X8D7&~2A#p&w4v7WD^l&-gL-Y!*DtMd;Duip51
zXd`G{3~Ii~)77XG>{E-ZY&SlbRkeuo1~+taPIxbhXri{}JNZ+x^)EaJ@HP<RB%7vz
zCD!5BLX1;vxJUzQScl&LF;26GG_Y26cq+t*XB%o_9qRCo5F>$2)5Ln#DUQT5N=SZn
zXm^OhB6Mq#LhI0;5G9E~)FK_PLwiA#GXzg961xulJw!<+WN48J>d<}=C56zf)yB7%
zZcURXVQcH~fe<Q{?LflbufqpHs5EvQOu{~^!yklD>FgE~cDxP`L#Pb4yfzkBkB@{<
znVk*>YR(6%GYJfBl14rHC{&$AsM01G)uT^9)!77;4rx_A`V>@smSCkr+ER~BgsO80
z3>}hJJvte(3%dxmoC+~G>>(X2qaL3LG4j}ki?MO__#B9Fj!jz(V>9aU=OD&;cF|&N
zQ9YguG4k0%i?LPp3r6B1OGvls(H9{Km*BaC)LD-%hbTNk#uC!Ydh`{DQb_1tLYk;Y
zS3#5_0#TPVqXAt5Q7#ZXbxDK<bS*^rk&vNF(rrNBf+)p=Ze5aj1G+^<0z7`4OI+1}
zz9YlDNKi8564y7N`7#nE1P3m0O9Q%9hFL;jUC06V=nlkq8rLe*p}Ir@v$C!|o2LEP
zH9{gQ%2!(E$ZVdXw)VPmr;H-)m}6O0+A+toTAr=-Qz)>AIU&JQG_sT_cWS}ubh}#b
zI?M2tjyZ*x8xeC2VwO9hc#0tCk0ktA;@bl7myP+&hJb%_Kx^->L-7*!IilOvT{_S3
zeOk9iN@vHL<r2IE@g?dZIM22Bw*lr4qzwW%Mm^N*b_G&`=eVj;<GuXAjjErI5P9x^
zFv8EHai8pSyxu-%F^l1=m<h42=V3Hp{H5)l1Jc_JibkW(BJdhl0RMTpPAb>srnX{|
zU_rK*XL88#I}!F!ER|yDaxi}OdSNVelVPLP>fP6ku=6xAcXhqurBv1n<5(9sn5C>n
z4o2zo7aXoSbT*Bvev5=uDZueM=(fd_Gl=ySQVU^y)}3Ma8t1I9DoNg?)$O`Ldo!AM
zFKVgcd#OPwK(+Z)XUWjGTDs@o%iN%yp!B^91ADfb6UaFtzXSx)xDxL9__oFWUlRV4
z?I^76&u6;r8%XH7V598uT+eOaNJ3Y!4a>tmpgpU<&}-nfwDW-urEL*8WB#`_oe%UV
zZHvqa3P5&Vf}DqYK5`x<GVllb?~w4v1O3HAs399w5%2le5{<YjG?)wQ|I?q4nNQQi
z5h}D#0H00x0{|9J@eP8%Fc<#hY}5#n>js&G;H;6e4kt;jRGEa3EaM!9Op>dkOu_-v
zb4v~#wK!Q~`!wx)f1NEuN1Rv`&GhfXbgD{zpm8zozPL7@FOlH=_vP@PV}H8qDD7(>
z?I_7Jj&e5cc3t_QTmbA6v2BOgAIf-VH0vLQ7;UMXdxynp9g9|ok^Qz8893+O33QvQ
z>#Mnn|IAg4rJC$=70y*O%5{vTuHEH2HdoQu@?7YQ*0fg3)rVqskL+@8Pb#oj9I)P*
zpE3MXl+Da;S374u3T)(0O8Dctodp;gSF^?k)#gh1v|NM$refeXa`rA`hVO#MuCnE=
zvv?(+k+7KXFOd8a__JwW55QkG=GO;*VJ`f+1NyH!-)^!5uff1Tq{>*!pk*FiZs1j9
z@>t7v<h(Gsf!A=P%6N-DIqy*O+Vq7*qZjYW`Sh$jI9avY(raMHl7&BR2emt>$V;h&
zO!~15L2gGZ#J3|hdfl$J&it%V%P2(JJM$%YBfpV4b7)*nJifejbGVdyKb{PmR+Xd;
zWlJLZKXP}QBXC>Tz?Ghi0rxxqx!@yAz>33ZgqK6)P~4~G^A%Mk+iyR@wTdrkw8ID*
z1k4X4{DJ;EB>eF}|J4w?IUB+5MqhxV-ObuiRWfz9S<Crg`)+XPB#u9}y!GJQ`PbXQ
zrMb|;pmuLZ=4zNMZL-IV|C~d_1{`*sROqc4a41Y?5-Jw>jBbt_k6rmNTm~`<%6n*U
z-6Z&K<eknMTy5qLpy-Af|1~G$a4>(Elfen*3pp7#gZXbb8GXV05e_kec({E^;mwuU
zw^Irl3cU_J=}ZXyVq$ZgVeCpSEK@I+H)d~*mN1@%b+oNB2FcR+krn(YPR3dEeDJu#
z*hoG9wHI$b&MjS4x5LeC_N%=`7xbhF_uCU^f9DrqHw#-@rg^+)2ka(cqPnbHGros<
zxPuuLX701sO<rX<@20=C1X<O%LT^p)&20TLY5Zg`Ur<V%A)uyrFs+hoV*+F;J5=eH
z^l(3f!2B1bM1p`?*ui8Z**1ceovQT9dbpz@{J~P9u7FzE!K_NMow-MrvP+eIMGto(
zgg;zLG#5~tJD8|5wj02Lmn!|L9_~~Kf3%diUO;^Wnw+tX0So_9rC-y-C5G_dmJ;0s
z)K{R#8QVs%@NZRmr5-Lhgg*tB68!|!Y0%`1?M#|1#aoqLrH4xk;Y*YeLj_d1P9`eZ
zb^}=WUX^}b50@3f2OmQ@E}$;#WLhQL#(;(0s`P3-Ty6+ori{oIPz^enjAYwJu;8Og
zzoCaaAHx5xj94I`k~^7I$+k21%2Iq)={0(5l4`RP%cbEXb3*uY%7_u_vB^)AG&c28
zw{|k4j+*-%bCZAaCeI+iI__@vPvz1_%tQF|%7~eySl1q<C{K$QF>dlvBY7qP)^l64
z2g{}L<Pg4U8SynK_HB=n)Da7xI5&B%(Y%!b)*1J+l`7a)7i?eN!YdrCY5KK<f8YK}
zcP;ZQQelR~7Zrbv6!-r`U65s!F#YtKz-K1%2L`V&`pBH;eJ!Vn6P+S-Gu(8iIn&!3
zcS$IfHqGXwue6Ue+}9^-K5ep*d^qiJR<q;|qpfd3h$jR`E#;){xZeiPIZj^k)?9vF
zpiMe<=WgCJp_O5yVi>F%om-LHEcw`|4bW+VWI*%X@AgGRC;I|=Q{V<b`|zF%tsEMS
z!&IZsBk&Gm1m+2T0B~z(OJ787@_Ych2Cf9KZvcp<HO>SuuObs98!rd&H8Ff2fpIBr
z0NxpB2Vg%q07S<%>H+%4iX0HVtPIdif<zGA-gyU1Ev9|MwErN8E^1r=;L?h05WOr2
zz+Hk90PgGrTZ~RI1JO{REr<r+T`#n15yO`%I3RiX7=Q-_X#no(1UsxvIr!EbmOl_^
z59mFEV2+_i3lMz`p&yIsDJAJJRa}*gbvjm^Mg_CWyDNYYj51<Z+gP{Fqn2wwGhH-8
zS$dmy&Eu?${^M5ev`bCVHPW2^;|}gar|GMkBk$5z8|tsv=Dn(ix%sN?3jGzJ$xUg{
z1YOY$gE)0%wxwKDF9qZ$x#PeF;$=a@EJzJ(z*%1k&<%$&nk6GD<N>@?nF(M40^b+I
zY}vH{4pam42kUPvpZ~fdqqA{Vx@`SJ!WT&RYv6Cd!e2J#H|YFxWB4o1D#KiSu6L1h
z{Y9Qdq+LDYie<wSuhi?pxOk4qlRy`TtG1!~IzfRoeW#%1zbE0}x4*qR9CaBP8-6GO
z=I+#!2m0@j@ZZ+?=f?0~zWvt$5##QgES001HJ=9lT2c{LQS82#Fd*LRzeB<w5A+8^
zu*B>UWZ=I{!hdPn*N4H#>+#W+1{0Bu1|aUIWrCTD_ZxF<d%K#xqr(?hh4TKKgg>m)
zLDG`NX@8YWFZkyH)p%I*N#F+2R&~p^k0t#3_7}ROiDTpL=|cuj0>i2+qnk(Y)8ZD2
z;%;h4x6euU&l2#xX}7Y6z2EQj>Qn4m7b#2I+F1^x%Z=~w7jYRs<ONhi%GdR+8BVWG
zol~M&4&7QBVdWIQ7aG12v6OYY5@TB?ti+sGlHBj2QkKz*F{=}+u5@g*q*!HVW3keR
zVsZ1Z0<o2N4tobJwtVxk&&Af(0<1k+k`AbIT&x)$2$u`jb+^j02DsQ|3z1)s$?vvH
z#-LCVYADnk)Gt2_^dyVI!>TU?EnFs3%xfJQF(}?u9n{=k7!)I-mKDjvl760phn+9E
zu@%EAYQ<=<Uh%Lq#P$?oA5X`!2Gg<gmN?j<B@`qTKn4zlBrjt&Z+RqzLh0$CP%}SF
zMpIdyg;;_(0xrbPN4v373b88gNRg8RnUjY`p%zP`P;$R2T6GSK3idMy+5`FS+_T45
vKiJ>z<Bs{;A^nS>C`JN>Qu$T!Jl3ottd6*&MG@#I&2lNiYGE9?Sb+U6z<F9=

diff --git a/spreadsheet/macrofree/virtualmachines_sg_checklist.en.xlsx b/spreadsheet/macrofree/virtualmachines_sg_checklist.en.xlsx
index e7921586af80a50a97df93e96ebea04958197920..f6a5aff7554947893409d65ae1c832a527369de2 100644
GIT binary patch
delta 627
zcmbPzm~rM|M&1B#W)=|!1_lm>AIZuSc@J;`smMRJ^>a8TUX!bj_daYOa&-Tx7uB<t
z-EC`I$FF7A!FsUiQMAXqZAqWopLlK0&kx&u&gkIrImPeZ&nxhLxnql5+@8`08(TM6
zyg0|AcUSGEvXx)vgz5`QOAHei?c5s2-Q&N1vEK>*jm)#sZ_dhcSjfUv#Ux}dI9YJz
zla`YBebNkGK`$Jd4?0AidQq?1{h;(maYDheCyHBwSH1teMZYa3=g5odzkjTzsITSJ
z=xJG^HTB7*W{20S)uj^xk8e9R?aTDIzSs3E0o^-V9$!4DW@(*&^sn>h86lO^j3*gR
zS}(Qj+0icjd^^82H~+A%Sev!|ZT%6|lX;$DCOXeqXA7TiSk*KAwabAjk#~Kc-;2iF
zZZ@+o`-&P$n>m>durUL}Y4aJ5X&zukYT#UEFoQKzfEC1;ED`k#EWj9jju9+yDdr_u
zU|+01L_i?k8WGr&L*mWA%6j9a8GlV)8LtH9or{-d+RHK7FhO)uf}lJoYW6fe?Z{$g
zV3^Fsz#svPHyCJW44Z6_pbpj*l^|{NErfxgB1gZtq%tS9Sg#^CC%~JLNrV|5)sfrX
zUw0h<>K0>SVBm(C0;C%lIVW#Skb+pBAkFw`@~Z?nFpoP?n(1)N<cBdb+USNYeJC9v
Z&&a@#z{0>FjAGdO$@z(DZ2#jxf&jzG_38is

delta 630
zcmbPvm~r-DM&1B#W)=|!1_lm>{79*ZyazaeROHD?ANFufye3zFHtVo~Kui45A9~)K
zgoRrkJ4aV(n2Ka&y!7>$edNk7$DqPb-$G-KcV;eJ(4CgH|8A;w;!Fd+xH%giII-JV
zu8ONxdt+wXk|233PR5~d{?V4cXXh-AI{(>ayDg^XlkI~!6NI!mVm=-CDB1DG$47mM
zi1DSmopmf8jSJaXttxzs>$}$9WbpfG&+V4(Cs%8}ye;uWThf`Mof>ud^Wu*`3|wCO
zAj%;sJjmc-1N-Aw>W>vOA8ol6^22TYvTycGCsfQ5AEqSEj+?Xn(Z7YYKCkCI5fSYA
zRO;;=w&rHm=fX7ISL+>8Q?|eUr@T(!=7K#rnyDW}pR`plUJ2b3bG|l1?cqD|Eiuox
z+h(0kzJ4DioHnyF9bjVyhScU$9Me3&jO4(%%wPs{r~oU7F<C6?8Cc+d)Hz15z=fEX
zV1Yfc{tyAacxyy(PY#MV11sx}muCDkd3n4Nn0F>#nrT1BWc>uu$^YU7<w3Etr|D@&
z7Bd6GWG)5<31HO0Ktp51WW5CSD3F@42`@rkurM%a7%(vK!W01M2F4#D3=9=H`o$%c
zIjO~Z6}dS9-i%Bl%<wc2x!wJB*8!kXF(w8EZWOKDlh-FmL0pv}&G=>Viv&3^k26u4
e>1fR4`!O>7XogJ=Oq6EaI5{^_jg2uLWEKFXS?F&7

diff --git a/spreadsheet/macrofree/virtualmachines_sg_checklist.es.xlsx b/spreadsheet/macrofree/virtualmachines_sg_checklist.es.xlsx
index 369504c8080bbd05fa2e049c06303a6349a369c1..cb3e949e3afea4115ebbf10bfd6eb2777e85a0f9 100644
GIT binary patch
delta 630
zcmeA^!Ps?zkvG7bnMH(wfq{eJd$RIG-UFOKD)Jkz>k+Pr*W~Ksy$>6R9Nq8rvU=8%
zw_R=P__gdhSPwQmiuQQ7E$MT+%B8orXJ1`+JK%%i^EtnFtKW%=Q0r+HPuJOTq1pdi
z)`fYTyZy=)Bic5KTL;`pH(a=Qr=j0Rf%$pey5jR|xGmI|9O7b{Zc|XhqO@D!vZUtG
zrY-S#GZ=yrBpe#~<SzF-sxLNc2>y4z@nqzr>ihaD3uQKMoKdt<@aX%upI?W_eZ9rL
zj&+HzE~_wKg~7T?Be_Xt+paD<CSGN`{=cAuS|KMlJNN4^Pxgp@=f9hL>xs(pj({oa
zt)ez29X&O>U-@;`Kb{b`Z?pf|Cv~3CRdRJN4hski6F(xnVCCbdZ10?{xy#$dU%&se
zP5te!8)wZ?!f7)X(*ZVSU`TB~%kj|*%s3dlkr~V=4HsYqF(!A!JOc|9#-3vY3pmBU
z1PkaT_(KF560H%zJ^4tY8CcohL}|u9lO>asz&yJoX{P-glNTn5PA*6iln2F*<;3Hw
z>zElB&Tug>NC2Y_1{xYSPhOCu4%T)mN!lhooPnVtN58nFGAFfIuOc@mz?+dtgc%;&
zk=xy0cO3xg7Gq*y;D(t3q#GEkCMzaOLF`YKW=x(Ol`IG5RVPa`nZ!>HjF-_yH*D!c
c=?Hm728IL{1_ogi!xSdpPgY|qNCXK20M|wBl>h($

delta 643
zcmeA=!PtF*kvG7bnMH(wfq{deFj8tF?*UFA6{&1c&dojXnq2+atiuKZE%B;9@=kA(
z6>fR#99^YhDw37)(${15kt@F(Z#{bQcJ+=v;mb~r;%Cp)?LHlL$S6@}k45sqME1JU
zkiFl0Zse9YZ0Qlu=UcGD-^q!+IDO6|iG6wgI^y$d_*J|wPttJEvn(oNJ65LVCLGiy
znYlm4o@t4~g=VJSc^6vhCuNHr)cl`*@Wq*vi{C%HV!(59LjO(!LDlzXKfku9xs%x+
z!`<=9i%U(Wz+_#WkzAPXjIh~VcV1k*^3R=NCzr3pJe{1y-Jhr3x8KqqICrUJZ?IJQ
z>uJ+;;x{LKE=<#Xwca5$W&7)Y%3_7PIyY}xI;C~GxcL$81?vtyt$Md{X3K7g%SChV
ze_Ns3A6w6i5>T5tnGUcq1A}Vw8IF%$V8(&qjm%(1Nw@$jh%vc6<{4O^Aod(1Simv<
zC0IZ=!5<<}pJ<H;@5zS~&A`h3BuX>>oh*^01m@W$Ni!Ybn7klKbn*udR_y?9MkWzv
zc#K6_PCUN4j+ues3>O1~1TY?9prLWg<oQYJU?WZ@N!w(EGcZ)-=ogn%=A;(uRpjQN
z8?@d1b=Lu)ZZReX25y)sK)Qjkda^>Y6vQpb(u^sSBa`L8ysBhrCe!%I0r4^zu3Gv~
bIzpb2fgyo~fk7C>FvZFDlGWG>6G4Ii=dIwz

diff --git a/spreadsheet/macrofree/virtualmachines_sg_checklist.ja.xlsx b/spreadsheet/macrofree/virtualmachines_sg_checklist.ja.xlsx
index e4826e79003d69a94909243f96220f7c3881a20c..10798600feea4b16729ee8564f9b8ecc4ce42f26 100644
GIT binary patch
delta 478
zcmdmVnQ_x)M&1B#W)=|!1_lm>ugS_2c@GEzsmQh?vo~`w0!5h^7z8Ibri;|KPK@_H
zY#?%Uzt_v^*-KuwwXNgVvg=?y*z_pc<K4ET&+RIg-rk;lbzOAe2gB!ce(zSl;}xOS
z(=48@v*SXeKi{hB^Eh{VepifWn;>2taOb(<!o@pH{XPoJ&uiBapI^hi;y^{O2#a3j
zgBL7k-uU>aFA*`mRJXH^#iMZnJF8WNOMOw3-c1I-pZ4r->3(uG=F8g>Pq14(OHyvS
zH~abZjWyRY<#&ipxHeV9$Kt`k9luUic+9#HHk&K<<<%|!+!<ybQPq*r&AGJsv)g<5
zTgSKP6*wCCY)ZO1$#k)H*u9!L5#2wz10-+e?*8AA+LmwZ6CGsW72&zQBi$kP=;^O_
z+S7z2-}Rk-|7V+fZsnU_(kMZ;nUm=N8#6G_HlN`T3ji~oMwqaG88Wc~tRTi@{iJ7L
z0g2>uj9`J6DKEhSS5y5V0_y439I%j|oRw}4R<$JE4op8ycLvki84$WK!vf4-lVJvt
Q&#(g1N|~-;IxEuy0M=d5;s5{u

delta 478
zcmdmVnQ_x)M&1B#W)=|!1_lm>{79*Zyaxn<ROHD?ANFuD0!5h^7z8Ibri;|KPCT1+
z*g&8q{^$=q?@hwOEsvd}t29hSvNB%!ddxm@<(Fen;iqq*F~>VI7cS^dOWS`pRXcH}
z0bksljSrmI?JQTtRja)*vu#O`JQgS8P&of+OW(6|7Dt``?6Tb!Q}fC8!JG*~+8i;T
z4t$jCc;n-vzC^_MQr*rv7LUe-?5tK5^*+X3>u)mn{j}$HOZStjHDBJAc%m)o%+XGb
zy8L<Z#~%hRuYC~Z5EUL|@UVgX@hkPmikXkL+zR>Owtm?+d!`dAW{D3|5@*NF+5YI?
z!djo#bDoF@c6}=K_6}QfGwX9<n(nLh4yh^IU;k5HCvbDYo*d28kD^c7Dj2VX?uj{H
zo1rH8@ZFY}=i6<wPA6Z#j}l~?IhhWyF#`i_^BE4Y05Icegb53nArmXW3SvywPkIIx
zkVrnq2o`vm@)9g?HPs&?pq_5c0So!bS?T6rRZG(C!1U8}XE3du0ig>sEWrFV8D<dq
P3@b3Ll<5klvobvZa)`#+

diff --git a/spreadsheet/macrofree/virtualmachines_sg_checklist.ko.xlsx b/spreadsheet/macrofree/virtualmachines_sg_checklist.ko.xlsx
index 3e174f3fd723c6b1b7d6ed9cf0c0b64e395598cb..3c42db1f24b6f9f917b51b583957e543ce65bef5 100644
GIT binary patch
delta 677
zcmbPomT~G?M&1B#W)=|!1_lm>AIZuSc@J;`smQc2wHWS+*W~Ksy$>6R9Nq8rvU=8%
zw{6_9@*y<>+)b=Uw@<i}d-NH<=aSpo%~!{6H#~TJPVu|<^9r;RXBzOu&E5FGiQVqz
z>bPpPH&%CB6C{tty>Td<f3&6V*)fZw&NaJqx5d<a)O|2#f@+w+jwg+el?86joZ;u8
znYQF_*<X$cOwRmVB_C#_iPX>E%sA&$JzvkcId^{N`SBi}z<YE?cdy33jJSKpKCQTH
zSD>q~R$FsM!GY$&ubV$kFxj})OmyFc)tP_SGZ=MxM_5EeELVTNx1u6v{v|7QOV^e~
zH5V_bYKyJe^V??Ax@YGdQd73S{HHvvV~v1j)U3@-n~F*uZ5Ur^#jSg8XEM2<USh|;
zb8Bt0t{-1l&wvt8n>m>durULJYV#Qm1z#}ZeJBqLnDH-CfEC1;EExX`EbuG-93xoZ
zbmB{}!1g46hyZ7bH6pwx`=*%5gF^qHxWK+iYzz#?6c`wUfl&hk4UB&$FG^8T0I6ZL
z(O`V*!@!`?!Nec|QvjqJ8V_(xzRe*u`CkeT*iPP5X{N`almCTEX$N>SGKnz5BReu|
z!i$g>EI>017#Mhw&0zdAIX_hfti3N)nvr$#s#K{Mkgeh&>_tl$85q==85sCcbi9ja
zV5rE^FV8Q^PRh^E)~m?PLAP#oT#?=upr&3X1_mh<&HE=Sq-lb!^GTCtTs=7>O^xk$
HGDryk@V583

delta 676
zcmbPwmT}5iM&1B#W)=|!1_lm>{79*ZyazaeROHD?ANFufye3zFHtVo~Kui45A9~)K
zgoRrkJ4aV(n2Ka&y!7>$edNk7$DqPb-$G-KcV;eJ(4CgH|8A;w;!Fd+xH%giII-JV
zu8ONxdt+wXk|233PR5~d{?V4cXXh-AI{(>ayDg^XlkI~!6NI!mVm=-CDB1DG$47mM
zi1DSmopmf8jSJaXttxzs>$}$9WbpfG&+V4(Cs%8}ye;uWThf`Mof>ud^Wu*`3|wCO
zAj%;sJjmc-1N-Aw>W>vOA8ol6^22TYvTycGCsfQ5AEqSEj+?Xn(Z7YYKCkCI5fSYA
zRO;;=w&rHm=fX7ISL+>8Q?|eUr@T(!=7K#rnyDW}pR`plUJ2b3bG|l1?cqD|Eiuox
z+h(0kzJ4DioHlbY9bjVyhScV>916Z*#)nWI7BJ&~qyQ_3F<B`78Cc+V{5eLjz?sCC
zV1XS;{tyAK6l+9qPxebOlLrO<L2-e7lh_y-jwvuO2m@mV1{xUuOkSL#qySRGXrsaS
z)`x*Xql1Y-0;T{+H#F|&nEXFfbn>qhL9m^CsnSf3LV-e3+5z5-Od`zixQ+~)@FL^|
z3(yP$1_oYaGZ;TkE=ZLDYwu5$W@MSXI#ntLWUF`xd(jd`1_pIz1_pi<9dF|q7%Fn~
z%kzt}lk)Sk^(u06(5+h?SERQEsHvBUfk6sI^S;T7X_{c`eAA>ES53}LQ)By;3{nCB
DBjD{m

diff --git a/spreadsheet/macrofree/virtualmachines_sg_checklist.pt.xlsx b/spreadsheet/macrofree/virtualmachines_sg_checklist.pt.xlsx
index 79c274c3a3143abccd9ccb567cbc7bd89610e7a8..06385b8c499cf8f0084737c328314f39a75ff5ce 100644
GIT binary patch
delta 466
zcmZ2>oN?K4M&1B#W)=|!1_lm>@5#y&c@J;^smO1<u16+bm9LNYK5QUzbidcj>RC(P
zcD1eJ*RtziJ=pXp+T-1}q|fatm)_o<eRbXKfDeYx=ltHSekUqIt*2Q$U1!IIX8&(l
z7v^#9_A6J6Xxk`m9dIYzaN**ehJGIf=I3?miqEg%woqSkh>K~uO+gKd(r$svlA1@G
zw#4VnU<gW(aA@R{yWI1rzSyiG_}}@)laZ6E@9VEDl-ay-M$tyWqwn8-ejOtB^%na&
z)+N5WtipU12J0$~<R+PIySnU{c$Mw?|AG!`g`C{%+^@ep*(3U$|8DZFCo0Q30;a6D
zirScT^wjKr<=0vNctYI1&HiVf)OkWz$<@6$EFdgQ{D|;^m5-mYy>qtaE^ilq{r=B3
z^|!xnoHa)Yrp=s82iTZ_0k!!IN4FQ45f!|d8O#s}7hnZ3CM(B00}JrPo?`?H+>Lt)
z7C0I24-t?~w1$WF<hVq0u&Nn}c3}EuqBEG5PlC{?Nfu!Kf+RDDe3BKI7E5*o({afj
E01OJt`v3p{

delta 466
zcmZ2>oN?K4M&1B#W)=|!1_lm>yhy2uyazadRAla_DH0Q}%GaOGI&2`&5`XlE-swrg
z!Yz-TqpLJbMY1wp`g+Vha^;s}P~oR<p)tohGZ!xCPD|T=H&r`vrU75voQ)5h*zGJ=
z#Z{}lF|%z+kUSPA<4`#NXiML-a~4OP|Ln5e7E|-dHeuFt)i8k_PZ}Q^3*4MJ!_PxA
zZOPxFzZ?^oocXy*KFmm|XNlj;IOkKnSkJjRHox-xcn?qDJvyUXSn$t1oBe%<7yJD_
zu(e^!x+MvR82OJ~^*`o(=}6|*l^=TJeBaiyOz_M(bm-(Ev%MDiNB=tio^j1&Im=U)
zi>2OPVQX$?eJ)JXeYM^pHD&wjf6D6u_Bn3J;Y|E^G5Qf}K={WZ+wTi!w(PzvUNraq
zw-vhmvGvR-!L*r^=>QuuFrYS{;pp}PGopewGlLld;R386#$@G~XJ7%I*mI0vfxB@p
z!2&1a{UHL<iPrGYo*b8G4pucI(GE=COmqg*@<|XnHOT_ZUyx)5kx#M$(_+c4U^*_@
F0|0(m#lZjo

diff --git a/spreadsheet/macrofree/virtualmachines_sg_checklist.zh-Hant.xlsx b/spreadsheet/macrofree/virtualmachines_sg_checklist.zh-Hant.xlsx
index 469f3c879d3a14d1cc845416c505ba52eb2f1590..69614fd20ce0f83bc09344c755e2122f2e49b635 100644
GIT binary patch
delta 466
zcmX?ilJVS0M&1B#W)=|!1_lm>Z^_CNc@J;^sYuD~_v0sCm9M|+eb_+c=>MsgzMFX3
zx3#U~*RtziJ=pXp+T-1}q|c5*FTdTNeRbXKfDeYx=ltHSekUqIt*2Q$U1!IIX8&(l
z7v^#9_A6J6Xxk`m9dIYzaN**ehJGIf=I3?miqEg%wop%L6=l(@eDH(ArA%>|aZnd)
z=Kebdj7ts}G%(59ER#H1|2&6b`JegBlQ*k;-xnYB*di_2@M)5A*ZteiudlRuwUs}H
z+hcYVmzvCngqY7MHY&L}t9^U*zf{HjS8nimBqYWscJ1ZKO6_;@yN+);>FFo9P-DH-
zt|Zr^r)Kvnzs~x{6XN!5_CNci&J(&yuI|NQ0bya{M}!xweEgK{owGG}dAs=Q_kXsj
zzx{RNtT{?BZRTV;z{U&=sLf|M>b$`W-;fu~V1`A604s<w**o?bSimIi93xnOHQ^;#
z;A4V6M8G-88Xnq{+mg(|stzRCfoaBMXE5y!rF)Yt!2A=*W)S%lD==-B;tHnQQak{4
CNy@?i

delta 466
zcmX?ilJVS0M&1B#W)=|!1_lm>{79*ZyazadROHD?ANEYVDqnv#>#%`9OZ?FvdfuCa
zg<BpwM^|Z>iezQH^!1p1<jOC{pu$hzLSv41W-eUNotC!$ZmM?TOas2SIU651vD;a$
zimO(8V`kfuAbBiK#-VWj(U!hv=PZso|Jh}`EvDv^?SnZJgtR$gJ{|Zd+4085M}3Ki
z@uj+*bu1o@3)xw%DtwIVyVl=i@cU`c?UwE*S8Kk!E%8KK(wU>38g=>e;*UQJTwePi
z${{K|$lzfE`{P&Yj}<c?ZMhZl!)^VtZ}v<lRLl||rX<deo3s7VzlF6vujf1w5$yU@
z>g^r2=4RIC!Zh7i>m5>4w!i+TyiVZef;~B!sUJn3v{f)(3EdNOzBWVc;XCmyG0(T#
zW}QyHejg>6Hghr^U}FXb)aElBb>3ixZ^#Q~FvB83fEC1;>>c|IEMO9Mju9-tn(z`V
z@G-$3BH)~44G-<fZAs=}RR@ynz%*mBGnjUV(!I$RVE&0@Gl+bO6_~b5aRt+DDINgz
Cx5SD7

diff --git a/spreadsheet/macrofree/waf_checklist.en.xlsx b/spreadsheet/macrofree/waf_checklist.en.xlsx
index 5b576fafc8e796ada4f1603aa3234908a6ddcdf9..3cc4d4970cb4c77fa2b9cf7691e9cfede435e462 100644
GIT binary patch
delta 510
zcmeBP#?!rwhd02RnMH(wfq{eJZ?f`4-UA#!Dl)v(#%JPH`TBV8!v-Qp_j|ppp0y;l
zojX=Oq(*?diS_9A33qajKI8XXa(lb^>e%gu2anGwe)oP}fp+3d1HQPq8y`5a+ud9p
zSFQHO>TYX-<gvIn4u$iNw)8zaW^vTHW|!`^n3|8e59Ulz4HMY$r17z`z|EO6{5&+%
zmi#UI%Q1n;nV+lV!;CbM`uUp~=X|Q?>p3^)&hI=w-oq1kkIv}s)%ceYckkGz6_@P_
zbQRWWYtAS*&|LU+^T!D$8`qkN?z^x$^Y3~FqfYM#i-?Hj>d*I9ROHORWTkHD+OlX*
z&dW)ns?m39<s!pBr!O$tbi3rgpm@g`0nMmco0~Qjl{(rmzS4?Y_uS58azVYsj(_LY
z+GbrpzOJ4DC7d>MF&$@P28LAg6^`~R9E{tqa4^+w1_^8r*~28@24<x*G4E#vvozV5
zIaoog=_cIF&%i>mJj@pv!9pK-nO}m1?(#AFLxl7Nn62UQFuh2C*&M8LjR3P9nDJJC
t*%{0*7G(AVGg<_pBBunIEx;nILd<4hhMf?z6_`;i#Ow-Y92R2s002Ev(`f(z

delta 510
zcmeBP#?!rwhd02RnMH(wfq{deEK+JB?*R@V6}jc6VfDnT^7Uu44jTxx#H;?uJH1I(
zxaF~Pbd`pwNLI#6Uys>GuKaSm_2|jl)jRrxFFQGkpFLBz`*heLqePiK7Rd(_+3QL}
z_I~rZkz3-hrAI)YZ@~_KCnxse^f`|t_T~BOh|jO#SMk0)Ny9<UvZ#pdSecrea8Q?I
z=KdIarX>m&nwfg%U1+JFlr45p^MCrm7iUf`e*f%>0nf<^{W}c=Ro|ce{Mw@CPG)}$
zcgHI)E;X3~lXZ1Qa$&wR!e)2fd2#j1KX-<mT)q<XbaEDVf1Y;VeoKGg+@+Ge!BXk3
zr%ls|-<<ThFirQ>dWY1M?XUkSixuwb+`MV&l-6(&^CR2~)*X6U^={+LmfaGUi{{?{
zwnDc*ww@U!oHlbY9cN<(hE($vj`k}YjN7kpFx74b32YD9!zADaW~DPR?`H<HG})Lr
zSV64mCfv-=z(TS-%oiEKLLYgVUxJ11@-h2Eg!BcNt>N)7y-0xB9ISGU0J9yK@m7G@
s8O$&iWcC9yS_GjYrv#ZTz#^<d%w}MQoe;AXm{Bdn><VTa7Gm}Q0CM!jr2qf`

diff --git a/spreadsheet/macrofree/waf_checklist.es.xlsx b/spreadsheet/macrofree/waf_checklist.es.xlsx
index b53210c1465320534c34bdacdc31d4aaca773bf7..44197dfefdb3a8f13fc51cfd7721dc90d346090e 100644
GIT binary patch
delta 509
zcmdn<g?rBzZr%WIW)=|!1_llWh7{$AyazadROI1E^&=Cn%GclZK5QUz^#9aL-%aH2
zwzaL}*RtziJ=pXp+T-1}q|c5*FTdTNeRbXKfDeYx=ltHSe#gs7Z*9AHzU+@1jwinD
zGH>+Wey-fms;_W@^#vsn&BRGNH^z0(m{-?5cf$N6?iqrc4oNKvP~xg#Q8E|)%(?PO
zPf7efc}B0K7mm%HjF+1p)fbyJU4MAK@#4(Mzb~9!nJCe<P^NgL;L-PIKfjKUD^+tz
zRC!XmRAsuH%a(n0n;18#Z8hC?NW98)?SDas)J)EPcJ|kQp6r?Wo&Rleobe$IC6SG(
z-r;*<J{>)Kd}66-JzLi5UB2Jt3mZ@9Dy4c$>PxCWX{unl61po!-zi7!;kyFyzjN<@
zTM;Y2`yU%hFm2{!I?l!n45;SI9PO7m7`I>MV4A!LB(ObmH4~p5m{s+X=`J&v74?>h
zgB8S@p8ARD8Cb~gGt)&zu#nPMrk7wLzHdza5TS(cOxEydn7;TslQ~%B-S13blc&r5
uU~&eFr2Js=12eY5M1KEZvH**i{bVu&GxC2jS%DdAelod&8DD-fc>n;RY0p;x

delta 509
zcmdn<g?rBzZr%WIW)=|!1_lm>vPh|kyazadRHWXfjNKEj%GaOHI&2`|T7R@c|MaJB
z1sVNYmt0pa3~=@?cbcWL>>9J@(UbSX3uV=pwKkdU`hISv<g#aNMY#`;W-(v;{$SB!
znJJ6!<UDTv-j?*{2ct@{r^kwfcUz{OX<vUg`S1_*+sx-KZ8;=lBYeiVhD~X+z+*|x
zA5A9lWiuF>k|i9PKJiU%seh1tt$FIZ^GzosC%IqOUs)(K*>HYQqEgfS+t06OR$S43
zKJ$@)`PK(hq7&k7Kl8NixMi^RlIgySuXq0KXHequU12YI<Cyq!-Tn11<Q}Ve8#e_t
zZQ7(Pde%EC$L`#k(7&P@TVIs_tv|xFRC-FNtfI-DMSB$E7<^^*%nhF3j@)4_zV`ah
zT>o3YZk#no38u}QOvl-nfdSQgnWOzO2jlk3988lJfdsZ^u4dx11GB1LGTmhcv!dQI
zaj=3|(^Ee&Jp&8*eP+7I2o_TM%JdQ}#P^NKA0m|Soyi&=4bvBYXEFz?y!)LAZ1Qxu
uA56|*k(3`yeqhE{n8@!ROcr1fv!6_6U`GB=CMz&w%}*v*FyqTlCJz9xkJ}gk

diff --git a/spreadsheet/macrofree/waf_checklist.ja.xlsx b/spreadsheet/macrofree/waf_checklist.ja.xlsx
index 58d5eada4fb87f27f95b723cdf87aeff67e276a6..b282b25af5d3224879987a6168e76f0afa1f4ea9 100644
GIT binary patch
delta 707
zcmaFU&-=Qcmp8zhnMH(wfq{d8Aw_v2?*UFA6&Yz%$HF!7nq2)|@52TnNB>W~^xZ`M
zZd=<rel5EW)`LxtqCMViOZx06^zz&N*;m)y4)|dBe9rIP>UX@X^wzeE=ga=M;dtWP
zF7rn3?dQr3t@;WlSYJ>Q(M+7Qb7NfhjCpn4b0^GC;+`S6>5$Z-041&(7A14x&zvit
z^pwQ!lV|iwdg0jI$#}WxQGKyl)Afhv8!yhB{QJV$m5CBv3uTH|3Lbrb_Veoqxl%Qk
zM3pC{OI4=Jxop{2w~29++E&wThs3K)*ZvoDNX_KzXJ>!?=gFR_-}&Dr#~B~eP!idg
z>K(o(=F`!$$0wGW*0W`;-sSsUzOeCxu2QPEq`sv3m!=A)E1|n$^qq3l9=<CO|2y~o
zw-vGSyZ^DFgwtj&rsHhPz>sRb!qI+(gK_&64yGq>Kmyx$e`R{%0A?*SV@_lNv$(98
zIaoog>7owI&%i?e9GEXMf`u+QF~0;0?Q>@KhX@I{GFv0!VS0!wvl&=vuPd`O<Dcm(
zU73}@{Bt1wvFWc|nbqY%(YETvxrS8^3=E<lm>86SaS8(sjBBSGxG@`n6|pZf{jbNu
zz#z}Zz#sur0i+umXH0K&V^#;7yxNUfI`WSdGebp=esM`<PHM4UMQ%=jHzSh>Gd#6K
zZg+p(bpWVUjERAP8`&sEc3=?17p3MD>+69?G>y~c-GL7OFx}dnSq^Mn42XYZdWAc)
iCfJQjA4*5aGcqtF0Np8!V(^CP2i%#}*ce=yfx-a5Sn9_B

delta 724
zcmaFe&-<pImp8zhnMH(wfq{deJW^^R?*UFA6?u^3lLGg|YjX8xvkn^ww8X3a$UD7B
zR=DM{b99x4sYq7FOJ9%KN3Q&Gy!GhG+toYzgfBZeil04GxBGP1A)`c@Jr>Ca6WQxZ
zL-v02xshAqu%$;ppKrkqe<vsQ;`BL>B=+U`>xj><;aBm#JW0br&$6h9?O2(bn{ZH<
zWaj=Dd!{7{7n+%R=Ur&2pOh_jQ1gHK!53#vE`I;)iUH5b3H>__1XbUk{ruXZ=1yjR
z40p#XFD^Bi0+V%hMsi`kGs0$f-Fb2K%0G98om{>W^K^0+cYmIC-+oJf;M}E>y}?rH
zucuAZiQk;`xiC%l)q022l<lwoDT@{E>fF3(>6F&+DdtDG7pyz<wCdf)nJv2|E*H(c
z|80eCe{4N7N<eMqWIE2q4+^RiCsyv>_=bsr$wzGZMl)uK>Hl4sS)2cGwEy8?-2R7y
zY4;mupt9||zB0XV0JD~wF(<NsS)A6)9IPPLbP)&UXJDbf4$K!B!9o|Em|ud0_Bu2B
zLxlKUnXM7gGd<Xq*$k|-$CX){@$d8%uFOhc{#g+J`1F^q%<A$WC$4&Nu3?n}1B2)X
zCI)3-RKq|6<GShkZp=ntMeNH=|Ld_ZFv#;UFi5~u0O^LtnbRBGnAO21uX1CSw)tzt
z%utb|UtCg|lUl4-k((3X&B!Fe3{OOn+udJx9RO+-V`5<7MmCC(V>+WdvlQ4UId`BV
zKTfxDXO;u=qk(+pqfX4zA38BhYoi;v^r3WwJR<``0?>uRC`N9azTcf$jg8Tj87K?@
DwQBj2

diff --git a/spreadsheet/macrofree/waf_checklist.ko.xlsx b/spreadsheet/macrofree/waf_checklist.ko.xlsx
index ff37ee1aec5b0237911546942804baaaf2bf1d2c..c19e4eeb7594243236ded763bb8289342c820993 100644
GIT binary patch
delta 723
zcmdmeooCl|9^L?NW)=|!1_llW#uVj=yazaeROGgfC-b=`UX!c8>wVZj<mmsYm%f|G
z-)(DK$FF7A!FsUiQMAXqZAqUUg<gKUKl|#s+W{X8pU?TdTm6ogmEPKR@qF1IHylrV
z+hyM9z5QIdp;ceu1nUb*BASVlc5aO8o-wbkd+vn!N!&98Hyx5%6rjXa!=hv^{F!s*
zlb(|Jee#T6NiQ6mI~gxGJ*qD@Yr6jMeB;HLlYd`0yE0LtYoSc>O2MP=&whR#Ay=yA
zlBn{ebg9a8IhQT_>NYWMQrl{}?T~nt>DvE-4yl=({p{?o|2)|<^*jID<T&F)8cHG?
zQ@z9Y#C$q>_V~n7(|We7)w_JZ%NI7D&{azHmeiM2f74XKbR~3GjJ{Kj+QWAR;(zDf
z|F$Ale)m5%lyKV2#dMsF9~4qv{|r_fyTruc_*P{4LMdj6>E|_>S)2cIwEyK`-2Rt?
z>B1#upt9{3ZZjRS1GA<|F*~w=SvTdFIaoog=}(lIpMizWsxV(<1Pd)xV}1!1>Q!g<
zhX~!*V75lY&U9r>W;3wT7)@qr#y`_5G?|sa{J9|hvFSTCnbqY%PAo6r`P*X0z##g8
zi9s0{(=gD$cxd{6O=csoqDCXlWqd3Q3~{^+3=%LEK)Ru^eR_ZvvpU%1DlKMdo6~a4
z3>7*0#U+(Fsl|E~xj6yej7%cT@H7;;-Tigf0iaefCI$v>WTP0bO~0tcECn{|9ndJo
z{nNR$ndQKIZEa?0=E-Wz(>JOyOKYPWx%8oQggheyLjur+!YD@8Pw&@eR%1J_!3-1z
E035LL=>Px#

delta 726
zcmdmWooDxT9^L?NW)=|!1_lm>@<^$PyazaeRAhAW>Id8tugTTNXEz&&9NpjbLoWHs
zE}=F2w{IMtVK8IE#_bdCY%}`Yu5$R>ZT-?~VOA1PRG-iJz59EScAmy{vADHn3AOBc
zRwv>tPn}h}SDmkMtna;}(e#!Uu4iG<Cu@G(k~Qn8-zfV)$Jblupz%SQ!|Dn~#)k7I
zG@bYOocmi)!J<u0MdQ7JXFbQh6x)cG|8ykgT2>a^og>wzDEY}yTutf6;>t?tcK5kO
z^ECMiV>$hHvOe3ocK+7p6`Yr~VjpVnoptL!m%^e8Ex#5w`qq@)``mu~o94RBCdwMB
z8qr&qEcw|b_WHbVc3?fDm+r3I@A4ZRUP`5=dUNou-?3Y19%HGf-gV>Wvpsi6*y~;2
zxz#<l^35-Hlz`gI$#k5J9~4wx{|r_fyTruc_*P{40x4#R=I<Qs-#Hk!f9GJjdWjjR
zV*B~qOo!~itSM5=jx1o-4LN2GRuF6YV`b)NV4*WA%oiEKLJQQGUxI~t)S3MuLiaS7
ztr0OZT}hMK46HO-lUbVa@APs_W+gCx4v^1$oP%L{pcb>p^mCfbg7P3omKX5+ZLwou
z5dFZ!pbU&`7-(QTJpG?0vk_QPqmkw^J{AUsI9>(@3785X-O$)E-Cv7Y9c)3R7PGX?
z898Q#iX8polFFRaV!evooB(e|CJ|<MGK$>p{<`Y`P^%ad0|Pg*QH<B8U(jNf0vq)f
zXcXgt>73fka$vreHqh-;)R?DlP-B+XMmKWlL+J>4Mh1oipbLdjjBJ?Rr_HR!c0q#~
GC=37?8TBpz

diff --git a/spreadsheet/macrofree/waf_checklist.pt.xlsx b/spreadsheet/macrofree/waf_checklist.pt.xlsx
index 4c785cd155fc39c1d5c651de2690da2de3f9bd2d..fdddbe4718718aa4b034c748479d95afbaa701be 100644
GIT binary patch
delta 711
zcmezOkNf{WZr%WIW)=|!1_llW#uVj=yazaeROGgfC-b=`UX!c8>wVZj<mmsYm%f|G
z-)(DK$FF7A!FsUiQMAXqZAqUUg<gKUKl|#s+W{X8pU?TdTm6ogmEPKR@qF1IHylrV
z+hyM9z5QIdp;ceu1nUb*BASVlc5aO8o-wbkd+vn!N!&98Hyx5%6rjXa!=hv^{F!s*
zlb(|Jee#T6NiQ6mI~gxGJ*qD@Yr6jMeB;HLlYd`0yE0LtYoSc>O2MP=&whR#Ay=yA
zlBn{ebg9a8IhQT_>NYWMQrl{}?T~nt>DvE-4yl=({p{?o|2)|<^*jID<T&F)8cHG?
zQ@z9Y#C$q>_V~n7(|We7)w_JZ%NI7D&{azHmeiM2f74XKbR~3GjJ{Kj+QWAR;(zDf
z|F$Ale)m5%lyKV2!E~IB85mN{mpIxlaWHPb#KE+7DM(;@(>f+I2QX{*JEnWgVAh;Z
zOdPBr*7W7ynVx}#Cj4N!$Osln`Ni}SEEMpY$sZ!L=ns=MA|9qc`@>`gRx1CONt*G`
zbnCxNN??8hkk53CWAZ}|DeVAnMkWzvcuYn<zV!Om4|@g%(GN@v%E0)Afd<C1>4*L@
z87YF|dA+Fjt<}s745r)+3=%LEK)RuE{X3@Vr{6J2PS^X#!~?d>_8-vl3DYD0G0E6~
z^lo>5-E{z{R*Z>(0jM1g8W?APXJUviO3f+O*8`DgE}Om)WKhfWv;Uanzy`kq@gt^l
x{b$kyJ8J1e=?Hm728IL{1_oicu|P*Ly8LFEp75JVWO~MbCIPl7e}FbK003}Z0Mq~g

delta 698
zcmezWkNe+0Zr%WIW)=|!1_lm>ib$!6yazaeROD%k6BV2jugTS4%x*RiIQC!kqwTQ_
zZPf_*Z5!JS6AcoR^A&e)GfH+UI{a;a{Hrx{*BG4e-uHg@{kw%rx5P-X>z|7#xY5+#
zx9hd-^fGCA0o~<SPBUjboIK%0^G;(wZl3t<%fn9iZ)BgfG}F;^K>!o0EpzAG&W|l2
zMQ*qBulF*jYL+Zm=<XkRsQ!g%_k%6_BMq#IKfSnZY0Bel^dwo&=g5odzkjUw{BPY`
z{6h6e=t`C8d@NGowvzmTvdiB3de*;udgY%xgJ`RojKA2nk4Gy{zn7nNe8;IvJrk!)
z%(=Uv>3R0PTQzecyMJj1NMC(->wky#q&$x>lb(+s#Ex(;&^r9o>fy$DExRuliOt>r
zZG~=sY%McNFm2{!I?l!n45;SI9PO7m7`I>MU|PErB(S}C9g~>@n6>8}(>-P|Ywjl|
z4ptCr`ik#N&%i<xe=uES1Pi79VtNS{3jEFF4-s1Yhshcd4bz|hVKM_NRrt#!&G>t|
z&0i)ZFh3E*KRUhkFO#}FDApcddVTAMJp+U22POt(V3fi@17qp*!+)8K6hVsCi+bN$
z&CI}H%FVza0aF2_8yeTWW14>E9h2mA{eMh6U<>U20WIjC9`%n&2F$Mn@~vilXJUvi
zO3f+O*8`CO-i%Bl%<vQxS@dFB)^bJ$1}&f+{K)1rHcvnIk4X+}(0h=<;nTVQGiiby
nwe+EMggj7F0t*9!Fp4JU-%QgJe=~_p&-~9Mz&8006Hpca60ryL

diff --git a/spreadsheet/macrofree/waf_checklist.zh-Hant.xlsx b/spreadsheet/macrofree/waf_checklist.zh-Hant.xlsx
index fbe3b04037582f5bcb3169d986acdfdf3e867d6b..cc39885c9d8fd6ca904904a6c597592f115cff3d 100644
GIT binary patch
delta 719
zcmeyfnCI_e9^L?NW)=|!1_llW#uVj=yazaeRHV-1z42TVugTTNdmlCsIlABLW%aBj
zH{06Q@oU+2upVrB6z%bDThixtl}m4L&%V0ucEAV2=W~AVR=?wArMI?SJYV+54aXDT
zc9}PNZ$DRVXw_FZ!TN%dh-TuXog3r2XUwbXo;zWF688?3lvY!hg)SmLI9&47o(Tt?
zlzh3b#-3@)kqgai!pzH9kJdlWVOf88KJ#K@_3sO32Ls*0EM2@(@aX%qpI=AFm8!WU
zsyr!Osxn>9Wy`+0O^ln=wwi7`Bwl5@_P?M*Y9?ntJNxTDPxfs5-TuvRy?0QMi-y*8
z-PpoyPr7IKE5FYA$8#mDboM*@M@$o=T_U`_&w2UXVExFlVs**RxRx6}hweTU|7E@Z
zZQyRZvcIU|w3&nHI2$uligNQMj`m9&jN319FiCF*32gtcpNZcQ%wl3>7G(jmq*$3b
zSV64ms$9&^z(Rc7%oiEKLXUWuUxJ0s@iO}}G6REux&lA5H6k9Sr|>hIfyL+YGfOl6
znZA>sSqZH59+1y;jAQac4k_&bZ$>5&W=Ko|ZHf#~WVv<Gfq_Bv0~3QXFn(d6f$_<7
z2LWayd61&nuX$%bVrF2F=V4%wfT;k|4UONXPZVHQ2ivk+fLS_{kCmCBB1gZtq%tS9
zSg#^C2i?By?ytKJ0JVxSF)(l=8^tKe#mo?2l$ukluLmO0G)~tS1bT{Ty0;*+9N4-X
r5dYfr4nby3up5^?l#Y;RWMD{OVPFtOG5FB*3xdpQY(o4%A20v_pNHfg

delta 684
zcmeynnCH)89^L?NW)=|!1_lm>ib$!6yazaeROD%k6BV2jugTS4%x*RiIQC!kqwTQ_
zZPf_*Z5!JS6AcoR^A&e)GfH+UI{a;a{Hrx{*BG4e-uHg@{kw%rx5P-X>z|7#xY5+#
zx9hd-^fGCA0o~<SPBUjboIK%0^G;(wZl3t<%fn9iZ)BgfG}F;^K>!o0EpzAG&W|l2
zMQ*qBulF*jYL+Zm=<XkRsQ!g%_k%6_BMq#IKfSnZY0Bel^dwo&=g5odzkjUw{BPY`
z{6h6e=t`C8d@NGowvzmTvdiB3de*;udgY%xgJ`RojKA2nk4Gy{zn7nNe8;IvJrk!)
z%(=Uv>3R0PTQzecyMJj1NMC(->wky#q&$x>lb(+s#Ex(;&^r9o>fy$DExRuliOt>r
zZG~=sY%McNFm2{!I?l!n45;SI9PO7m7`I>MV3OVr64?H6KNG(rn8nP<EXo3ANwYF@
zu!30A)wr0Sfra?FnJ+Seg&y-TzXS`N=VkVX2r2S2TO*=jdMZD&8CdB&er9RL-_v*T
zGb@4l_d)!l(|_|btILC8EkKdw)<p*f2GI{p49dVLg@Fdf$I~4Jn2o@SX20g0{fL=?
zL7s<!K?0@%NH;Woojyr`SsiTh9s!`qywh(8Fw5A0Oy2JPy6XT?kr)#L12?iJMhPxv
zhWMh?oML@F5E<aj$RxrHPfybg1c3%IPWKUHmIE7{3*uj$-YLke33koWhtd)9j0_A3
XEDQ|7C<Y&#eo>HFjZKgr=vD>*TD0iM

diff --git a/spreadsheet/macrofree/wafsg_checklist.en.xlsx b/spreadsheet/macrofree/wafsg_checklist.en.xlsx
index 5363115d692aed64c425a6ac1f97728bb89b7907..f61eb5b3016c2dab944db49e885c9982ad8c7326 100644
GIT binary patch
delta 665
zcmaF4fc^ObcHRJQW)=|!1_lm>AIZuSc@J;`smMRJ^>a8TUX!bj_daYOa&-Tx7uB<t
z-EC`I$FF7A!FsUiQMAXqZAqWopLlK0&kx&u&gkIrImPeZ&nxhLxnql5+@8`08(TM6
zyg0|AcUSGEvXx)vgz5`QOAHei?c5s2-Q&N1vEK>*jm)#sZ_dhcSjfUv#Ux}dI9YJz
zla`YBebNkGK`$Jd4?0AidQq?1{h;(maYDheCyHBwSH1teMZYa3=g5odzkjTzsITSJ
z=xJG^HTB7*W{20S)uj^xk8e9R?aTDIzSs3E0o^-V9$!4DW@(*&^sn>h86lO^j3*gR
zS}(Qj+0icjd^^82H~+A%Sev!|ZT%6|lX;$DCOXeqXA7TiSk*KAwabAjk#~Kc-;2iF
zZZ@+o`-&P$n>m>durUL}srd}Y_A?xeDceDu?ZyWf=Q4v?mk%=vu!30ApPgWQ1{OMh
zlJOiPSZKj%#+P8Bo->U85TSc#8LbiFK3(Y?qZwFf^f^Xp#$VIR&oL^2`E!7L=Di#Y
z)6O%BO#Z;ZsvY3X$RxrHkG{w~O;0<rm>C!*b1^VT03#I!8X8rm|2xO19tDcrun8|h
zUa&AQXc#as@WNC8=?2ClhZz|va`cN!Dsxhc^(u06(9PfO{<`Y`P^lOb0|PgT*6Y*j
z&ofFvTzMYo>I2hvoM)5+^KSzA%o9&DPTz2vQJNpk$mxm~fU0Y!+g@N)V>^465ojm?
DZ_5Ty

delta 642
zcmaF9fc@nHcHRJQW)=|!1_lm>{79*ZyazaeRAlhal{H)wugTS)%{pu#&=P<2N8ag8
z!on?&oujKXOhvLXUix~>K62%k<E=+e-mc!!Cw$q-QT*(gy4|P44jCoN?6F8bn8<Et
zwJNS!?Twk8LX=yFID5dI<%$cNcN+T@^2BdfpVsZak9|^lq^F3&bQw!aW?^gL$DEo+
zd$z={lV=PPc;VRS=AYqJf6}!3!Ib}-6H1;vxmaGDCDB%*aV%y=$E5GiewNDEz1-ry
zj`c{XDyuM`g;cn`B!8grva8FK%&Sbd{ugv`TgZ8Ma%*l);k~Zk?cWU7eb!m-={C9M
z?xjhh+1qZ_%!%y&r5zx7^X;zx9jjGtt5n_$I(10<1@A|u6{`z&&a2K*d-zU#OU(1_
zwppi>uir-rr_Jn42iTZ_A=P|}WBVx%#+2<K&UV8CjB}a6tc!;k1z16>=}%5DJ_8G#
zJ;`{E5iB(CG~-LKP}dnoe~8eXvy9e=ke{w_j?oOPH1ZsyG~=J?rRNxx!2DT2KGS}V
z=?(`NMW>%R$0!IEeE<|?Ry)8r-SGgUq*s79Ba;X-JWeCSCcFrF!NS0xVZgw^3yf(P
zXka{cn316(N58nFGAFfIuOc@GP3!c;^FZrwPOm-BC<U<|#6L8B+j&MgMNm3f9ap5c
y1!!I`69a=3%v>Pdz&QCd<Mef>8KtKSTwvq@>y^I%)LTE@`U0aG+xfGMKve(&OzsE(

diff --git a/spreadsheet/macrofree/wafsg_checklist.es.xlsx b/spreadsheet/macrofree/wafsg_checklist.es.xlsx
index e8503f044757fa7ed49c825d7cadf57cfe93aac2..3760ab84176ac2bed7517465548d8d05c829aed2 100644
GIT binary patch
delta 685
zcmca|hyC&$cHRJQW)=|!1_lm>Z^_CNc@J;`sYuD~_v5)HUX!c8>wVZj<mmsYm%f{L
z+PAf><JYq5U_IFMDB9!QwxrLFLNCAFpM7=R?SK!4&*%K!t$rseLanD+JY8qUg=YV6
zSr_JU?)EEJjA+{^ZXIwZ-EiUJorZoN1?J~<>x$2>;kHmuX%%JBt9<Z-!=+4dnQ>4T
zYv%qt28>G%7&I`++ANbiTK_zUVfml=%#$~(eBT!z^w=UT+3;zSa@YOa&#$kvd9{^4
zhTCIy6qlOJhlH5VDK;v(Ijenp^}kfb{a0@Ac_bvpCwA@S$x7{a^1F_2IqB&qxKLxg
z)vhGhqo-!~E5FYA#}nfAZT3I=q|Ot%O0Mq3VF6)b;zxuRtbF{G?VYnVcX_+`>-T@Q
zslWYo<E%MKIBn))I>5#Z45{X`9NW)wFj`#&akg{aW8BCLX6<{(D8LG0O~3ez@flcX
z*K@{mj9{Vemy9pLLglX*{UJgpUo%=GLVh~$8%8sEP(&OQ7uYw6je+5q0t16EFqUAT
zf$`7uq&JL83Lr(sU;D(_uQD=JW^gb_z*GR~hQ|FIlkadyP2cy1kq2z^**A>RK%Fn&
zFsg%%51a5J<OK@@gN6YE123{p#tqZ;-!jU8HTk^-YC1eU>n)>H49Gh15cZ-aj0_Cw
z%nS_tD4NzhXJn|z(J#+0%1+A9&(^ER%?a>kWD;S9C$PxXaYcGtfSP)l7#O5bG}lgl
b@Rm^%Y$MM*ppBW+HQq6*vF&^fw2A=$^oIZu

delta 714
zcmcb7hyBVOcHRJQW)=|!1_lm>!bqu!yazaeRHU*&IXCyjYjX8xvkn^ww8X3a$UD7B
zR=DM{b99x4sYq7FOJ9%KN3Q&Gy!GhG+toYzgfBZeil04GxBGP1A)`c@Jr>Ca6WQxZ
zL-v02xshAqu%$;ppKrkqe<vsQ;`BL>B=+U`>xj><;aBm#JW0br&$6h9?O2(bn{ZH<
zWaj=Dd!{7{7n+%R=Ur&2pOh_jQ1gHK!53#vE`I;)iUH5b3H>__1XbUk{ruXZ=1yjR
z40p#XFD^Bi0+V%hMsi`kGs0$f-Fb2K%0G98om{>W^K^0+cYmIC-+oJf;M}E>y}?rH
zucuAZiQk;`xiC%l)q022l<lwoDT@{E>fF3(>6F&#;^s%V7pyz<wCdf)nJv2|E*H(c
z|80eCe{4N7N<eMqWIDjc3=FE~GaTE`a4=e31#z}>-ecUz3})?p$SA-HVoksBjPV&*
zXy<drbBti2u9u82!9r!P82uqaCtfpJBZ7W9&l^TFc~DFo6c^YxiH(8bm;wWXFff{6
zpn>u4^u#xeN(vxF#$Wry*{?D(RAz86NWfG8>4wGw9FuQzNKN1ShLHzs^O-k{(m<Ur
z-Y}|zjSrjfBIE@N1A~SE0|PIzPR5PX_1-edfHnEPWt6Tz@{Exoz9==PSYHoB26!_v
zi7>+xPNaAUd(jd`1_pIz1_pi<gVsK0WT?o|FV8Q^PRh^E)~m?PLD#%Gu1IeSP*X1x
o1A`Qb=DL?)&GALkpTA{P1iOa&9ncF|)79TGs<G{Q4YZO00I!z%7ytkO

diff --git a/spreadsheet/macrofree/wafsg_checklist.ja.xlsx b/spreadsheet/macrofree/wafsg_checklist.ja.xlsx
index 208708053e90a1be9600c50ba3ae11442e797c70..aefc69220479932b1992b920b9840d0dab3bd35e 100644
GIT binary patch
delta 490
zcmdnCjC0#EPTl}-W)=|!1_lm>@5#y&c@J;^smO1<u16+bm9LNYK5QUzbidcj>RC(P
zcD1eJ*RtziJ=pXp+T-1}q|fatm)_o<eRbXKfDeYx=ltHSekUqIt*2Q$U1!IIX8&(l
z7v^#9_A6J6Xxk`m9dIYzaN**ehJGIf=I3?miqEg%woqSkh>K~uO+gKd(r$svlA1@G
zw#4VnU<gW(aA@R{yWI1rzSyiG_}}@)laZ6E@9VEDl-ay-M$tyWqwn8-ejOtB^%na&
z)+N5WtipU12J0$~<R+PIySnU{c$Mw?|AG!`g`C{%+^@ep*(3U$|8DZFCo0Q30;a6D
zirScT^wjKr<=0vNctYI1&HiVf)OkWz$<@6$EFdgQ{D|;^m5-mYy>qtaE^ilq{r=B3
z^|!xnoHa)Yrp=s82iTZ_0o8nlqx}pA<MuNgOtUOO0^2j4m`qr}tOagN0<0j`^v&K(
z&%i=+e3;HLf`xMZm|lW~BK?{CAwsJIn5^M}KmA<*lQ~$WMj(?Nn2{OC<P2u4hcUhe
dGFgB{41$=<AZmh`tiX(AK}@b-#=9UU4*<YJ&-VZT

delta 490
zcmdnCjC0#EPTl}-W)=|!1_lm>f=H=}yazadROB9K<L48v%GaOGI&2`&5`XlE-swrg
z!Yz-TqpLJbMY1wp`g+Vha^;s}P~oR<p)tohGZ!xCPD|T=H&r`vrU75voQ)5h*zGJ=
z#Z{}lF|%z+kUSPA<4`#NXiML-a~4OP|Ln5e7E|-dHeuFt)i8k_PZ}Q^3*4MJ!_PxA
zZOPxFzZ?^oocXy*KFmm|XNlj;IOkKnSkJjRHox-xcn?qDJvyUXSn$t1oBe%<7yJD_
zu(e^!x+MvR82OJ~^*`o(=}6|*l^=TJeBaiyOz_M(bm-(Ev%MDiNB=tio^j1&Im=U)
zi>2OPVQX$?eJ)JXeYM^pHD&wjf6D6u_Bn3J;Y|D}`lYRc@k;2PnDez6Y7gIuZ;5%n
z-8SoV^7Z>D!L*r^=>QuuFrb>xaI~M{VBCI&gK3r}NML)W6O#!Gn6<!-Nq`l^n!eea
z=^0pPjt|p0MzBz>AJa>)P^3STKSXGC0FyO5@Tb2EU@`}*)Cgp<12ZxMnVi9l^)SZQ
eKqd>Yh(QpO8AMGGlNFe;EQrY!%y<{X<N*Mpd&+14

diff --git a/spreadsheet/macrofree/wafsg_checklist.ko.xlsx b/spreadsheet/macrofree/wafsg_checklist.ko.xlsx
index 578aab857d0cea7d69477d87c87d7a6c1326c941..16d27a82eb270394d70a12612832bc9f1176a7d5 100644
GIT binary patch
delta 703
zcmbPwkz>k54&DH7W)=|!1_lm>Z^_CNc@J;`smSI#ZS%P%UX!bj_daYOa&*7f%j#K6
z-nO-^<JYq5U_IFMDB9!QwxrMPDwp2go_%#)bl?ZW=W~AVR=?vFq1MwZp02awLZd(5
zs_XMOcYA(UjA+{^UL9~J-EiUJou+;t1?K0q>x$2>VYg6E=@n(st9<Z-#idMbnQ%~-
zWaj=Dd!{7^E;KXA+ANbiT0cF9Vfml=%!`fH`S;BZK5UTUZ1^lmx$FMy=hrvdyxPJa
z!|n0fi%U)BLqg2o6dM)aoYlUq>%U}0{a0@Ac_bv(Cua8YW~KH!`CG@gob&V(T&NMh
zwd8D<sCK@c-<qR;SXcDC*><=7h|t7nm#%5g)+|_~v%VwUA@=C$uXozhgx>XupML*m
zn|p5Mn_to>;k22H=>QuuFr=E#a<rf2VBCI|gGqrOB(VL1I1>*GnDt+pNq`l^nl7Zs
z^b9QYTaoD;BUtE+GSf@2&<+(Qe~1v58k035^r!o&F`3DOBIBUAz`jXr3=GE<7#M_s
zF$Dt+jDMytR%23904cgMNq5;>J|+g?SG)`oFcm<$p>aRQ^#9^aqSJq=F$sdL=2K^q
zW_~2jG);m@Qaiw#kx7IZo&X}lCcFrF!NS0xVZgw^i);?#$LR&?Ofp~-`hg}evP@sC
z&LkBBvRpiby=Vy|1A{s<0|P&brnibr3>7*0<@rU~N%{HNdKI}j=r*p7E7IEn)YQww
iz#xU9dEazJ4JJ*njlLQ{8&^%w)L>F$`=tt0$p8Se81x$e

delta 704
zcmbPokz?vb4&DH7W)=|!1_lm>yhy2uyazaeROI)WXK!#%ye3zFHtVo~Kui45A9|-J
z2~Xxa-oEWiK$gap3zue3Fza0TwRy>-CvR8p=$kyj$x;05nY!Jl!wwlG%IvX9KG@1v
zvnhP<H=i4&ySNV;_3XXT_{grCQ}%3cVORT)(&(I>KORLNFgfqNMxo#&^Ko~DO~!_E
zCj_1G`2F^mpaN@~oXCp@h9~Pe?9!Pnp8nU7m}|N7``tNGZHm%ehT`f<KNeS3O1Hbu
z{nnVxm>KJNu!UK!XZ8Hv_9dN{vw|OT@11q)KbOMf8!fHPt)*2(_qyAUf74u>>Bo7B
zbJ6K(Q`SUmI{NDKiCwGgnWs*?yX<%W4u_vy7dNT49Cd%M*P-qZd-U|zJMC#g?<DxI
zzrJ&8aarw~U+gFWwV9LY02?zfsG84kw4dQ%+<u0GNr4|Eu>HL_6AufR^-r2ffEC1=
zE~v=#3@r3Zk?9;GSm?Ae(@U_>b`>Unh!Ce5lQkmvr~9fgnaP7<<Dj^}zDaBh49650
z7=(dQ1p^I?f2S`}V^UH8DY`OAciCG$CI;bGybKaB6+pV7@c_r<+Z<BU|EV$YfNkbg
zXOd=qEY39jzc`bmc7Qh{lL#|B1w@8TcoFh~g@HlCfPsM**&N1C)AQAtWWYxB0gYf}
zoxVz)Nh$_pxp)YB(Go@m26biz27VMx?-ZFBDsuG8^NX^R^7FIxDspqsZCo8!q_+jA
lsh5d?K?+6l{^<%DOqyUDeKdeJuAZKu!KB9aTNS910RYw1^jZJ_

diff --git a/spreadsheet/macrofree/wafsg_checklist.pt.xlsx b/spreadsheet/macrofree/wafsg_checklist.pt.xlsx
index ab4e58320af0e637099ff7c05de27144a8045b40..c7bd5ae904ecbcd04da2ae57e6fe53cd4554e7cd 100644
GIT binary patch
delta 485
zcmZp>$KH02oj1UnnMH(wfq{eJTe9**-UA#!Dzf=b+x&@F<?G|U4;zRa-S73Xde)M+
zZEfrLwd^`r4>moD_IS4~>2tfvrMI_dUtJd+_`&e`oZq|E?|4P1^)!p8>+HDD=+C$6
z`aI6vp5GNC+BS+;2i!?FT)23rsozI|`FZWS;`3|RE!0zbMOpMJAN*i(DN|b}9MmP5
zxj)99X~}^L%}la3%OsE1PtRdk{%1b(Vq<mweY1lP8>BcJK1)*Wx<C8*^^G>Kw(!Sr
zd%X7IQj__R5c4<1M#VR0wQuYCFIiFll^c8>35oTInZ3MOsr^p=*6}UpJpBY0YQ%3X
zIol<wop0y2=I9^R6+LgZ-K{?&G%?zxYud9l3)bkY??`uuJ$m}<o%S@LcYWfg-~ZX>
zo?H3mmo!Q+ZRTV;z{U&=sOB>q+s|+?zP<|LY~OW{aWgZRRq%*WfEC1=-u#^L8CWRi
z1>-qJu#oL5#+P6r&DV_n5TWWfjMnggpT6%6qd8dRk2j2VV20&eMrSai9>zHOmeB$v
aGVL9s8AQoDMk_F*>>Z;kn6d92qXz)=9@#1Y

delta 485
zcmZp>$KH02oj1UnnMH(wfq{b|KT>KU?*R@V6?t;fhdmRo%GaOGI&2`&5`XlEp7$nU
z;g-kF(N!9zB3T(PeLZF$x$?^~sPNOb(3s<$nF|+mr={(`o2s2S(||8-&c+8$>~@x`
z;;Pl&nAx@@NFIxmaVVUBw59LaIg6vte|Fh!i>di!`(VxlA#IMBPX|6qcD(WNQC}ir
ze5r0{9g9cfLUvZG3LoS8uJtz={C?VVyQTZd)tWDFOFYq*bmnNMMqU2A_~Q=)m)Aas
za)=5KGI-d){`i&pW5vuzTW*E?a9h9Zn?2JB6|=;LDT%Y==4^lTZ(*&^>p4$E1iL<!
zdV7bhxtaC3FirQ>dWY1M?XUkSuM@brU{8)_>POKhZ551HLifa+ugy?<_)dIF%=7KG
zS*Me)-$x0i&74dJ*qDI<)qI9y`xy?#*H=ND?Yr(VZe|9v3LY^Eu!30Ao1Zg20}JK6
zU_8eN7P5WC_!2Cn`I^xmB2@i`(Hb7`)Azk$GzY8v@rKb3%&>gR=nQ7m!x%^3GFpH{
aroCe{gD82&Xa#1Jy<>C*Gxoh>^Z)=>yU_Fi

diff --git a/spreadsheet/macrofree/wafsg_checklist.zh-Hant.xlsx b/spreadsheet/macrofree/wafsg_checklist.zh-Hant.xlsx
index a39622bda33e28aecc967ec33b3f08559206e0f2..c05c25dd1ab49eacbc512ab33420a70144991536 100644
GIT binary patch
delta 486
zcmZ28kz>t74&DH7W)=|!1_lm>ugS_2c@J;^smQh?vo}w?DqkP(eb_+c=zg!4)w7qp
zY-?M`uVvT4da&tHw8y(`NuS$QF1@`y`|7&rzz>Gc=ltHSe#a|9t*2Q$U1!IIMt{Cl
z*XMEW_WZ6G(KbQ6I^fQ8!-b1?n)-bdn4j0KBR;=|eZ_%_UJ(|($_Fo4&b;yQQC}ir
ze5r0{9g9cf0(Mrb3YVg$dcB(ren0Km-O~N!YRs3nC7xindX}WzbZ_?a>l<sXWy<dm
zn{aKah>yjCgFAkmtniq1BWyNT?8~cL{<$;EJff;2qnmSS^JlmB^0$s}(JOE?^4XMh
zb&}~~?XY__b0WHbatBD>%-#LJBegBx*e5#3z$?OYeMh=O?9tO-@3f~0z3US{{r=B3
z_uR@izob!uX)`C&0XAk}KsBG?*nWnCG3Gspvt9cK;|pdmOY9G$04s<!U6YaN8CXb&
ziRm08Sm-e`(@U_>c@`#rh>#*1lQlfxr>C$nnS)i%V`H)dGw!o7IfEIh>`+EFJCg-i
aWEne?8AJ^`lNFdD!@=YVW~6X1c>n;LAI(Mp

delta 486
zcmZ28kz>t74&DH7W)=|!1_lm>f=H=}yazadROB9K<L48v%GaOGI&2`&5`XlE-swrg
z!Yz-TqpLJbMY1wp`g+Vha^;s}P~oR<p)tohGZ!xCPD|T=H&r`vrU75voQ)5h*zGJ=
z#Z{}lF|%z+kUSPA<4`#NXiML-a~4OP|Ln5e7E|-dHeuFt)i8k_PZ}Q^3*4MJ!_PxA
zZOPxFzZ?^oocXy*KFmm|XNlj;IOkKnSkJjRHox-xcn?qDJvyUXSn$t1oBe%<7yJD_
zu(e^!x+MvR82OJ~^*`o(=}6|*l^=TJeBaiyOz_M(bm-(Ev%MDiNB=tio^j1&Im=U)
zi>2OPVQX$?eJ)JXeYM^pHD&wjf6D6u_Bn3J;Y|D}`lYRc@k;2PnDez6Y7gIuZ;5%n
z-8SoV^7Z>D!L*r^=>QuuFrb>xaBM%r!5H%%#M!R>gYgA3m?idyQGgZ1ny$&n^b9N{
z#Kd%t5iInWndv21=sXLPKSW58jma7w@Y7S+n9RW{=dm%_ff@JNn4G~3Rdy&No1Mu5
aEV7K9$qb@~oyiK!kl|o*1v64Om^=WAv&8xU

diff --git a/workbooks/alz_checklist.en_network_counters.json b/workbooks/alz_checklist.en_network_counters.json
index f771fcb20..1c4c8266e 100644
--- a/workbooks/alz_checklist.en_network_counters.json
+++ b/workbooks/alz_checklist.en_network_counters.json
@@ -777,7 +777,7 @@
                                 "criteriaContext": {
                                     "operator": "Default",
                                     "resultValType": "expression",
-                                    "resultVal": "{Query19Stats:$.Success}+{Query21Stats:$.Success}+{Query22Stats:$.Success}+{Query23Stats:$.Success}"
+                                    "resultVal": "{Query6Stats:$.Success}"
                                 }
                             }
                         ]
@@ -796,7 +796,7 @@
                                 "criteriaContext": {
                                     "operator": "Default",
                                     "resultValType": "expression",
-                                    "resultVal": "{Query19Stats:$.Total}+{Query21Stats:$.Total}+{Query22Stats:$.Total}+{Query23Stats:$.Total}"
+                                    "resultVal": "{Query6Stats:$.Total}"
                                 }
                             }
                         ]
@@ -834,7 +834,7 @@
                                 "criteriaContext": {
                                     "operator": "Default",
                                     "resultValType": "expression",
-                                    "resultVal": "{Query0Stats:$.Success}+{Query1Stats:$.Success}+{Query2Stats:$.Success}+{Query3Stats:$.Success}"
+                                    "resultVal": "{Query24Stats:$.Success}"
                                 }
                             }
                         ]
@@ -853,7 +853,7 @@
                                 "criteriaContext": {
                                     "operator": "Default",
                                     "resultValType": "expression",
-                                    "resultVal": "{Query0Stats:$.Total}+{Query1Stats:$.Total}+{Query2Stats:$.Total}+{Query3Stats:$.Total}"
+                                    "resultVal": "{Query24Stats:$.Total}"
                                 }
                             }
                         ]
@@ -891,7 +891,7 @@
                                 "criteriaContext": {
                                     "operator": "Default",
                                     "resultValType": "expression",
-                                    "resultVal": "{Query7Stats:$.Success}+{Query8Stats:$.Success}+{Query9Stats:$.Success}+{Query10Stats:$.Success}+{Query11Stats:$.Success}+{Query12Stats:$.Success}+{Query13Stats:$.Success}"
+                                    "resultVal": "{Query0Stats:$.Success}+{Query1Stats:$.Success}+{Query2Stats:$.Success}+{Query3Stats:$.Success}"
                                 }
                             }
                         ]
@@ -910,7 +910,7 @@
                                 "criteriaContext": {
                                     "operator": "Default",
                                     "resultValType": "expression",
-                                    "resultVal": "{Query7Stats:$.Total}+{Query8Stats:$.Total}+{Query9Stats:$.Total}+{Query10Stats:$.Total}+{Query11Stats:$.Total}+{Query12Stats:$.Total}+{Query13Stats:$.Total}"
+                                    "resultVal": "{Query0Stats:$.Total}+{Query1Stats:$.Total}+{Query2Stats:$.Total}+{Query3Stats:$.Total}"
                                 }
                             }
                         ]
@@ -948,7 +948,7 @@
                                 "criteriaContext": {
                                     "operator": "Default",
                                     "resultValType": "expression",
-                                    "resultVal": "{Query20Stats:$.Success}"
+                                    "resultVal": "{Query19Stats:$.Success}+{Query21Stats:$.Success}+{Query22Stats:$.Success}+{Query23Stats:$.Success}"
                                 }
                             }
                         ]
@@ -967,7 +967,7 @@
                                 "criteriaContext": {
                                     "operator": "Default",
                                     "resultValType": "expression",
-                                    "resultVal": "{Query20Stats:$.Total}"
+                                    "resultVal": "{Query19Stats:$.Total}+{Query21Stats:$.Total}+{Query22Stats:$.Total}+{Query23Stats:$.Total}"
                                 }
                             }
                         ]
@@ -1062,7 +1062,7 @@
                                 "criteriaContext": {
                                     "operator": "Default",
                                     "resultValType": "expression",
-                                    "resultVal": "{Query4Stats:$.Success}+{Query5Stats:$.Success}"
+                                    "resultVal": "{Query7Stats:$.Success}+{Query8Stats:$.Success}+{Query9Stats:$.Success}+{Query10Stats:$.Success}+{Query11Stats:$.Success}+{Query12Stats:$.Success}+{Query13Stats:$.Success}"
                                 }
                             }
                         ]
@@ -1081,7 +1081,7 @@
                                 "criteriaContext": {
                                     "operator": "Default",
                                     "resultValType": "expression",
-                                    "resultVal": "{Query4Stats:$.Total}+{Query5Stats:$.Total}"
+                                    "resultVal": "{Query7Stats:$.Total}+{Query8Stats:$.Total}+{Query9Stats:$.Total}+{Query10Stats:$.Total}+{Query11Stats:$.Total}+{Query12Stats:$.Total}+{Query13Stats:$.Total}"
                                 }
                             }
                         ]
@@ -1119,7 +1119,7 @@
                                 "criteriaContext": {
                                     "operator": "Default",
                                     "resultValType": "expression",
-                                    "resultVal": "{Query24Stats:$.Success}"
+                                    "resultVal": "{Query4Stats:$.Success}+{Query5Stats:$.Success}"
                                 }
                             }
                         ]
@@ -1138,7 +1138,7 @@
                                 "criteriaContext": {
                                     "operator": "Default",
                                     "resultValType": "expression",
-                                    "resultVal": "{Query24Stats:$.Total}"
+                                    "resultVal": "{Query4Stats:$.Total}+{Query5Stats:$.Total}"
                                 }
                             }
                         ]
@@ -1176,7 +1176,7 @@
                                 "criteriaContext": {
                                     "operator": "Default",
                                     "resultValType": "expression",
-                                    "resultVal": "{Query6Stats:$.Success}"
+                                    "resultVal": "{Query20Stats:$.Success}"
                                 }
                             }
                         ]
@@ -1195,7 +1195,7 @@
                                 "criteriaContext": {
                                     "operator": "Default",
                                     "resultValType": "expression",
-                                    "resultVal": "{Query6Stats:$.Total}"
+                                    "resultVal": "{Query20Stats:$.Total}"
                                 }
                             }
                         ]
@@ -1233,7 +1233,7 @@
                                 "criteriaContext": {
                                     "operator": "Default",
                                     "resultValType": "expression",
-                                    "resultVal": "{Query19Stats:$.Total}+{Query21Stats:$.Total}+{Query22Stats:$.Total}+{Query23Stats:$.Total}+{Query0Stats:$.Total}+{Query1Stats:$.Total}+{Query2Stats:$.Total}+{Query3Stats:$.Total}+{Query7Stats:$.Total}+{Query8Stats:$.Total}+{Query9Stats:$.Total}+{Query10Stats:$.Total}+{Query11Stats:$.Total}+{Query12Stats:$.Total}+{Query13Stats:$.Total}+{Query20Stats:$.Total}+{Query14Stats:$.Total}+{Query15Stats:$.Total}+{Query16Stats:$.Total}+{Query17Stats:$.Total}+{Query18Stats:$.Total}+{Query4Stats:$.Total}+{Query5Stats:$.Total}+{Query24Stats:$.Total}+{Query6Stats:$.Total}"
+                                    "resultVal": "{Query6Stats:$.Total}+{Query24Stats:$.Total}+{Query0Stats:$.Total}+{Query1Stats:$.Total}+{Query2Stats:$.Total}+{Query3Stats:$.Total}+{Query19Stats:$.Total}+{Query21Stats:$.Total}+{Query22Stats:$.Total}+{Query23Stats:$.Total}+{Query14Stats:$.Total}+{Query15Stats:$.Total}+{Query16Stats:$.Total}+{Query17Stats:$.Total}+{Query18Stats:$.Total}+{Query7Stats:$.Total}+{Query8Stats:$.Total}+{Query9Stats:$.Total}+{Query10Stats:$.Total}+{Query11Stats:$.Total}+{Query12Stats:$.Total}+{Query13Stats:$.Total}+{Query4Stats:$.Total}+{Query5Stats:$.Total}+{Query20Stats:$.Total}"
                                 }
                             }
                         ]
@@ -1252,7 +1252,7 @@
                                 "criteriaContext": {
                                     "operator": "Default",
                                     "resultValType": "expression",
-                                    "resultVal": "{Query19Stats:$.Success}+{Query21Stats:$.Success}+{Query22Stats:$.Success}+{Query23Stats:$.Success}+{Query0Stats:$.Success}+{Query1Stats:$.Success}+{Query2Stats:$.Success}+{Query3Stats:$.Success}+{Query7Stats:$.Success}+{Query8Stats:$.Success}+{Query9Stats:$.Success}+{Query10Stats:$.Success}+{Query11Stats:$.Success}+{Query12Stats:$.Success}+{Query13Stats:$.Success}+{Query20Stats:$.Success}+{Query14Stats:$.Success}+{Query15Stats:$.Success}+{Query16Stats:$.Success}+{Query17Stats:$.Success}+{Query18Stats:$.Success}+{Query4Stats:$.Success}+{Query5Stats:$.Success}+{Query24Stats:$.Success}+{Query6Stats:$.Success}"
+                                    "resultVal": "{Query6Stats:$.Success}+{Query24Stats:$.Success}+{Query0Stats:$.Success}+{Query1Stats:$.Success}+{Query2Stats:$.Success}+{Query3Stats:$.Success}+{Query19Stats:$.Success}+{Query21Stats:$.Success}+{Query22Stats:$.Success}+{Query23Stats:$.Success}+{Query14Stats:$.Success}+{Query15Stats:$.Success}+{Query16Stats:$.Success}+{Query17Stats:$.Success}+{Query18Stats:$.Success}+{Query7Stats:$.Success}+{Query8Stats:$.Success}+{Query9Stats:$.Success}+{Query10Stats:$.Success}+{Query11Stats:$.Success}+{Query12Stats:$.Success}+{Query13Stats:$.Success}+{Query4Stats:$.Success}+{Query5Stats:$.Success}+{Query20Stats:$.Success}"
                                 }
                             }
                         ]
@@ -1326,43 +1326,43 @@
                 "style": "tabs",
                 "links": [
                     {
-                        "id": "4c29458a-55af-431a-bc4a-96afe9e5aafa",
+                        "id": "6aaa8018-1abf-471d-87d5-5de92a400c7f",
                         "cellValue": "VisibleTab",
                         "linkTarget": "parameter",
-                        "linkLabel": "Segmentation ({Tab0Success:value}/{Tab0Total:value})",
+                        "linkLabel": "Internet ({Tab0Success:value}/{Tab0Total:value})",
                         "subTarget": "tab0",
-                        "preText": "Segmentation",
+                        "preText": "Internet",
                         "style": "primary"
                     },
                     {
-                        "id": "954152cb-0786-4b39-98b4-217151a3813d",
+                        "id": "af3541e0-aa69-4b4f-88f8-aea9ed520cf1",
                         "cellValue": "VisibleTab",
                         "linkTarget": "parameter",
-                        "linkLabel": "Hub and spoke ({Tab1Success:value}/{Tab1Total:value})",
+                        "linkLabel": "Virtual WAN ({Tab1Success:value}/{Tab1Total:value})",
                         "subTarget": "tab1",
-                        "preText": "Hub and spoke",
+                        "preText": "Virtual WAN",
                         "style": "primary"
                     },
                     {
-                        "id": "96f86ce5-b109-454e-90d3-82dd670c4306",
+                        "id": "d6f46db2-d3a9-4910-b85e-5b684c280596",
                         "cellValue": "VisibleTab",
                         "linkTarget": "parameter",
-                        "linkLabel": "Hybrid ({Tab2Success:value}/{Tab2Total:value})",
+                        "linkLabel": "Hub and spoke ({Tab2Success:value}/{Tab2Total:value})",
                         "subTarget": "tab2",
-                        "preText": "Hybrid",
+                        "preText": "Hub and spoke",
                         "style": "primary"
                     },
                     {
-                        "id": "32911051-f8f1-4590-b8ed-6dba23023b46",
+                        "id": "e805293d-07eb-47d5-84a0-7b31a2290570",
                         "cellValue": "VisibleTab",
                         "linkTarget": "parameter",
-                        "linkLabel": "PaaS ({Tab3Success:value}/{Tab3Total:value})",
+                        "linkLabel": "Segmentation ({Tab3Success:value}/{Tab3Total:value})",
                         "subTarget": "tab3",
-                        "preText": "PaaS",
+                        "preText": "Segmentation",
                         "style": "primary"
                     },
                     {
-                        "id": "19863aff-319c-4dcc-96b5-d2fc9cd7108a",
+                        "id": "b3bf17a7-a879-4b2c-846d-684e9482913a",
                         "cellValue": "VisibleTab",
                         "linkTarget": "parameter",
                         "linkLabel": "Firewall ({Tab4Success:value}/{Tab4Total:value})",
@@ -1371,30 +1371,30 @@
                         "style": "primary"
                     },
                     {
-                        "id": "470e54f2-1648-4bb2-8d27-a8ac5b8fd23d",
+                        "id": "5691820b-1cdd-4bf2-864c-9954128dd90e",
                         "cellValue": "VisibleTab",
                         "linkTarget": "parameter",
-                        "linkLabel": "IP plan ({Tab5Success:value}/{Tab5Total:value})",
+                        "linkLabel": "Hybrid ({Tab5Success:value}/{Tab5Total:value})",
                         "subTarget": "tab5",
-                        "preText": "IP plan",
+                        "preText": "Hybrid",
                         "style": "primary"
                     },
                     {
-                        "id": "128e1e5f-dccc-4048-8ea6-8bdc23645328",
+                        "id": "ee7c0450-a6e7-4bc5-b34e-6dee6c8e43fb",
                         "cellValue": "VisibleTab",
                         "linkTarget": "parameter",
-                        "linkLabel": "Virtual WAN ({Tab6Success:value}/{Tab6Total:value})",
+                        "linkLabel": "IP plan ({Tab6Success:value}/{Tab6Total:value})",
                         "subTarget": "tab6",
-                        "preText": "Virtual WAN",
+                        "preText": "IP plan",
                         "style": "primary"
                     },
                     {
-                        "id": "43b07657-c7b1-4943-adbe-dee2d91f1fdb",
+                        "id": "79138959-9786-447b-91b1-3ee7eba18f20",
                         "cellValue": "VisibleTab",
                         "linkTarget": "parameter",
-                        "linkLabel": "Internet ({Tab7Success:value}/{Tab7Total:value})",
+                        "linkLabel": "PaaS ({Tab7Success:value}/{Tab7Total:value})",
                         "subTarget": "tab7",
-                        "preText": "Internet",
+                        "preText": "PaaS",
                         "style": "primary"
                     }
                 ]
@@ -1410,22 +1410,22 @@
                     {
                         "type": 1,
                         "content": {
-                            "json": "## Segmentation"
+                            "json": "## Internet"
                         },
                         "name": "tab0title"
                     },
                     {
                         "type": 1,
                         "content": {
-                            "json": "Use a /26 prefix for your Azure Firewall subnets. Check [this link](https://learn.microsoft.com/azure/firewall/firewall-faq#why-does-azure-firewall-need-a--26-subnet-size) for further information.. [This training](https://learn.microsoft.com/training/modules/introduction-azure-firewall/) can help to educate yourself on this."
+                            "json": "Use Azure Bastion in a subnet /26 or larger. Check [this link](https://learn.microsoft.com/azure/bastion/bastion-faq#subnet) for further information.. [This training](https://learn.microsoft.com/training/modules/intro-to-azure-bastion/) can help to educate yourself on this."
                         },
-                        "name": "querytext19"
+                        "name": "querytext6"
                     },
                     {
                         "type": 3,
                         "content": {
                             "version": "KqlItem/1.0",
-                            "query": "resources | where type=='microsoft.network/virtualnetworks' | project id,subnets=properties.subnets | mv-expand subnets | project id, subnetName = subnets.name, subnetPrefix = subnets.properties.addressPrefix | extend subnetPrefixLength = split(subnetPrefix, '/')[1] | where subnetName == 'AzureFirewallSubnet' | extend compliant = (subnetPrefixLength == 26) | distinct id, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
+                            "query": "resources | where type=='microsoft.network/virtualnetworks' | project id,subnets=properties.subnets | mv-expand subnets | project id, subnetName = subnets.name, subnetPrefix = subnets.properties.addressPrefix | extend subnetPrefixLength = split(subnetPrefix, '/')[1] | where subnetName == 'AzureBastionSubnet' | extend compliant = (subnetPrefixLength <= 26) | distinct id, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
                             "size": 4,
                             "queryType": 1,
                             "resourceType": "microsoft.resourcegraph/resources",
@@ -1474,20 +1474,42 @@
                                 ]
                             }
                         },
-                        "name": "query19"
+                        "name": "query6"
+                    }
+                ]
+            },
+            "conditionalVisibility": {
+                "parameterName": "VisibleTab",
+                "comparison": "isEqualTo",
+                "value": "tab0"
+            },
+            "name": "tab0"
+        },
+        {
+            "type": 12,
+            "content": {
+                "version": "NotebookGroup/1.0",
+                "groupType": "editable",
+                "items": [
+                    {
+                        "type": 1,
+                        "content": {
+                            "json": "## Virtual WAN"
+                        },
+                        "name": "tab1title"
                     },
                     {
                         "type": 1,
                         "content": {
-                            "json": "Use at least a /27 prefix for your Gateway subnets. Check [this link](https://learn.microsoft.com/azure/expressroute/expressroute-howto-add-gateway-resource-manager#add-a-gateway) for further information."
+                            "json": "For outbound Internet traffic protection and filtering, deploy Azure Firewall in secured hubs. Check [this link](https://learn.microsoft.com/azure/virtual-wan/howto-firewall) for further information.. [This training](https://learn.microsoft.com/learn/paths/secure-networking-infrastructure/) can help to educate yourself on this."
                         },
-                        "name": "querytext21"
+                        "name": "querytext24"
                     },
                     {
                         "type": 3,
                         "content": {
                             "version": "KqlItem/1.0",
-                            "query": "resources | where type=='microsoft.network/virtualnetworks' | project id,subnets=properties.subnets | mv-expand subnets | project id, subnetName = subnets.name, subnetPrefix = subnets.properties.addressPrefix | extend subnetPrefixLength = split(subnetPrefix, '/')[1] | where subnetName == 'GatewaySubnet' | extend compliant = (subnetPrefixLength <= 27) | distinct id, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
+                            "query": "resources | where type=='microsoft.network/virtualhubs' | extend compliant = isnotnull(properties.azureFirewall.id) | project id, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
                             "size": 4,
                             "queryType": 1,
                             "resourceType": "microsoft.resourcegraph/resources",
@@ -1536,20 +1558,42 @@
                                 ]
                             }
                         },
-                        "name": "query21"
+                        "name": "query24"
+                    }
+                ]
+            },
+            "conditionalVisibility": {
+                "parameterName": "VisibleTab",
+                "comparison": "isEqualTo",
+                "value": "tab1"
+            },
+            "name": "tab1"
+        },
+        {
+            "type": 12,
+            "content": {
+                "version": "NotebookGroup/1.0",
+                "groupType": "editable",
+                "items": [
+                    {
+                        "type": 1,
+                        "content": {
+                            "json": "## Hub and spoke"
+                        },
+                        "name": "tab2title"
                     },
                     {
                         "type": 1,
                         "content": {
-                            "json": "Don't rely on the NSG inbound default rules using the VirtualNetwork service tag to limit connectivity. Check [this link](https://learn.microsoft.com/azure/virtual-network/service-tags-overview#available-service-tags) for further information."
+                            "json": "If using Route Server, use a /27 prefix for the Route Server subnet. Check [this link](https://learn.microsoft.com/azure/route-server/quickstart-configure-route-server-portal#create-a-route-server-1) for further information.. [This training](https://learn.microsoft.com/training/modules/intro-to-azure-route-server/) can help to educate yourself on this."
                         },
-                        "name": "querytext22"
+                        "name": "querytext0"
                     },
                     {
                         "type": 3,
                         "content": {
                             "version": "KqlItem/1.0",
-                            "query": "resources | where type=='microsoft.network/networksecuritygroups' | mvexpand properties.securityRules | project id,name,ruleAction=properties_securityRules.properties.access,rulePriority=properties_securityRules.properties.priority,ruleDst=properties_securityRules.properties.destinationAddressPrefix,ruleSrc=properties_securityRules.properties.sourceAddressPrefix,ruleProt=properties_securityRules.properties.protocol,ruleDirection=properties_securityRules.properties.direction,rulePort=properties_securityRules.properties.destinationPortRange | summarize StarDenies=countif(ruleAction=='Deny' and ruleDst=='*' and ruleSrc=='*' and ruleProt=='*' and rulePort=='*') by id,tostring(ruleDirection) | where ruleDirection == 'Inbound' | project id,compliant=(StarDenies>0) | union (resources | where type=='microsoft.network/networksecuritygroups' | where array_length(properties.securityRules)==0 | extend compliant=false | project id,compliant) | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
+                            "query": "resources | where type=='microsoft.network/virtualnetworks' | project id,subnets=properties.subnets | mv-expand subnets | project id, subnetName = subnets.name, subnetPrefix = subnets.properties.addressPrefix | extend subnetPrefixLength = split(subnetPrefix, '/')[1] | where subnetName == 'RouteServerSubnet' | extend compliant = (subnetPrefixLength <= 27) | distinct id, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
                             "size": 4,
                             "queryType": 1,
                             "resourceType": "microsoft.resourcegraph/resources",
@@ -1598,20 +1642,20 @@
                                 ]
                             }
                         },
-                        "name": "query22"
+                        "name": "query0"
                     },
                     {
                         "type": 1,
                         "content": {
-                            "json": "Do not implement more than 900 NSG rules per NSG, due to the limit of 1000 rules. Check [this link](https://learn.microsoft.com/azure/azure-resource-manager/management/azure-subscription-service-limits) for further information.. [This training](https://learn.microsoft.com/azure/virtual-network/network-security-group-how-it-works) can help to educate yourself on this."
+                            "json": "If you have more than 400 spoke networks in a region, deploy an additional hub to bypass VNet peering limits (500) and the maximum number of prefixes that can be advertised via ExpressRoute (1000). Check [this link](https://learn.microsoft.com/azure/azure-resource-manager/management/azure-subscription-service-limits?toc=/azure/virtual-network/toc.json#azure-resource-manager-virtual-networking-limits) for further information.. [This training](https://learn.microsoft.com/training/modules/hub-and-spoke-network-architecture/) can help to educate yourself on this."
                         },
-                        "name": "querytext23"
+                        "name": "querytext1"
                     },
                     {
                         "type": 3,
                         "content": {
                             "version": "KqlItem/1.0",
-                            "query": "resources | where type == 'microsoft.network/networksecuritygroups' | project id, rules = array_length(properties.securityRules) | project id, compliant = (rules < 900) | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
+                            "query": "resources | where type == 'microsoft.network/virtualnetworks' | mvexpand properties.virtualNetworkPeerings | summarize peeringcount = count() by id | extend compliant = (peeringcount < 450) | distinct id,compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
                             "size": 4,
                             "queryType": 1,
                             "resourceType": "microsoft.resourcegraph/resources",
@@ -1660,42 +1704,20 @@
                                 ]
                             }
                         },
-                        "name": "query23"
-                    }
-                ]
-            },
-            "conditionalVisibility": {
-                "parameterName": "VisibleTab",
-                "comparison": "isEqualTo",
-                "value": "tab0"
-            },
-            "name": "tab0"
-        },
-        {
-            "type": 12,
-            "content": {
-                "version": "NotebookGroup/1.0",
-                "groupType": "editable",
-                "items": [
-                    {
-                        "type": 1,
-                        "content": {
-                            "json": "## Hub and spoke"
-                        },
-                        "name": "tab1title"
+                        "name": "query1"
                     },
                     {
                         "type": 1,
                         "content": {
-                            "json": "If using Route Server, use a /27 prefix for the Route Server subnet. Check [this link](https://learn.microsoft.com/azure/route-server/quickstart-configure-route-server-portal#create-a-route-server-1) for further information.. [This training](https://learn.microsoft.com/training/modules/intro-to-azure-route-server/) can help to educate yourself on this."
+                            "json": "Limit the number of routes per route table to 400. Check [this link](https://learn.microsoft.com/azure/azure-resource-manager/management/azure-subscription-service-limits?toc=/azure/virtual-network/toc.json#azure-resource-manager-virtual-networking-limits) for further information.. [This training](https://learn.microsoft.com/training/modules/hub-and-spoke-network-architecture/) can help to educate yourself on this."
                         },
-                        "name": "querytext0"
+                        "name": "querytext2"
                     },
                     {
                         "type": 3,
                         "content": {
                             "version": "KqlItem/1.0",
-                            "query": "resources | where type=='microsoft.network/virtualnetworks' | project id,subnets=properties.subnets | mv-expand subnets | project id, subnetName = subnets.name, subnetPrefix = subnets.properties.addressPrefix | extend subnetPrefixLength = split(subnetPrefix, '/')[1] | where subnetName == 'RouteServerSubnet' | extend compliant = (subnetPrefixLength <= 27) | distinct id, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
+                            "query": "resources | where type=='microsoft.network/routetables' | mvexpand properties.routes | summarize routeCount = count() by id | extend compliant = (routeCount < 360) | distinct id,compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
                             "size": 4,
                             "queryType": 1,
                             "resourceType": "microsoft.resourcegraph/resources",
@@ -1744,20 +1766,20 @@
                                 ]
                             }
                         },
-                        "name": "query0"
+                        "name": "query2"
                     },
                     {
                         "type": 1,
                         "content": {
-                            "json": "If you have more than 400 spoke networks in a region, deploy an additional hub to bypass VNet peering limits (500) and the maximum number of prefixes that can be advertised via ExpressRoute (1000). Check [this link](https://learn.microsoft.com/azure/azure-resource-manager/management/azure-subscription-service-limits?toc=/azure/virtual-network/toc.json#azure-resource-manager-virtual-networking-limits) for further information.. [This training](https://learn.microsoft.com/training/modules/hub-and-spoke-network-architecture/) can help to educate yourself on this."
+                            "json": "Use the setting 'Allow traffic to remote virtual network' when configuring VNet peerings. Check [this link](https://learn.microsoft.com/azure/virtual-network/virtual-network-manage-peering) for further information.. [This training](https://learn.microsoft.com/training/modules/hub-and-spoke-network-architecture/) can help to educate yourself on this."
                         },
-                        "name": "querytext1"
+                        "name": "querytext3"
                     },
                     {
                         "type": 3,
                         "content": {
                             "version": "KqlItem/1.0",
-                            "query": "resources | where type == 'microsoft.network/virtualnetworks' | mvexpand properties.virtualNetworkPeerings | summarize peeringcount = count() by id | extend compliant = (peeringcount < 450) | distinct id,compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
+                            "query": "resources | where type == 'microsoft.network/virtualnetworks' | mvexpand properties.virtualNetworkPeerings | project id, peeringName=properties_virtualNetworkPeerings.name, compliant = (properties_virtualNetworkPeerings.properties.allowVirtualNetworkAccess == True) | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
                             "size": 4,
                             "queryType": 1,
                             "resourceType": "microsoft.resourcegraph/resources",
@@ -1806,20 +1828,42 @@
                                 ]
                             }
                         },
-                        "name": "query1"
+                        "name": "query3"
+                    }
+                ]
+            },
+            "conditionalVisibility": {
+                "parameterName": "VisibleTab",
+                "comparison": "isEqualTo",
+                "value": "tab2"
+            },
+            "name": "tab2"
+        },
+        {
+            "type": 12,
+            "content": {
+                "version": "NotebookGroup/1.0",
+                "groupType": "editable",
+                "items": [
+                    {
+                        "type": 1,
+                        "content": {
+                            "json": "## Segmentation"
+                        },
+                        "name": "tab3title"
                     },
                     {
                         "type": 1,
                         "content": {
-                            "json": "Limit the number of routes per route table to 400. Check [this link](https://learn.microsoft.com/azure/azure-resource-manager/management/azure-subscription-service-limits?toc=/azure/virtual-network/toc.json#azure-resource-manager-virtual-networking-limits) for further information.. [This training](https://learn.microsoft.com/training/modules/hub-and-spoke-network-architecture/) can help to educate yourself on this."
+                            "json": "Use a /26 prefix for your Azure Firewall subnets. Check [this link](https://learn.microsoft.com/azure/firewall/firewall-faq#why-does-azure-firewall-need-a--26-subnet-size) for further information.. [This training](https://learn.microsoft.com/training/modules/introduction-azure-firewall/) can help to educate yourself on this."
                         },
-                        "name": "querytext2"
+                        "name": "querytext19"
                     },
                     {
                         "type": 3,
                         "content": {
                             "version": "KqlItem/1.0",
-                            "query": "resources | where type=='microsoft.network/routetables' | mvexpand properties.routes | summarize routeCount = count() by id | extend compliant = (routeCount < 360) | distinct id,compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
+                            "query": "resources | where type=='microsoft.network/virtualnetworks' | project id,subnets=properties.subnets | mv-expand subnets | project id, subnetName = subnets.name, subnetPrefix = subnets.properties.addressPrefix | extend subnetPrefixLength = split(subnetPrefix, '/')[1] | where subnetName == 'AzureFirewallSubnet' | extend compliant = (subnetPrefixLength == 26) | distinct id, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
                             "size": 4,
                             "queryType": 1,
                             "resourceType": "microsoft.resourcegraph/resources",
@@ -1868,20 +1912,20 @@
                                 ]
                             }
                         },
-                        "name": "query2"
+                        "name": "query19"
                     },
                     {
                         "type": 1,
                         "content": {
-                            "json": "Use the setting 'Allow traffic to remote virtual network' when configuring VNet peerings. Check [this link](https://learn.microsoft.com/azure/virtual-network/virtual-network-manage-peering) for further information.. [This training](https://learn.microsoft.com/training/modules/hub-and-spoke-network-architecture/) can help to educate yourself on this."
+                            "json": "Use at least a /27 prefix for your Gateway subnets. Check [this link](https://learn.microsoft.com/azure/expressroute/expressroute-howto-add-gateway-resource-manager#add-a-gateway) for further information."
                         },
-                        "name": "querytext3"
+                        "name": "querytext21"
                     },
                     {
                         "type": 3,
                         "content": {
                             "version": "KqlItem/1.0",
-                            "query": "resources | where type == 'microsoft.network/virtualnetworks' | mvexpand properties.virtualNetworkPeerings | project id, peeringName=properties_virtualNetworkPeerings.name, compliant = (properties_virtualNetworkPeerings.properties.allowVirtualNetworkAccess == True) | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
+                            "query": "resources | where type=='microsoft.network/virtualnetworks' | project id,subnets=properties.subnets | mv-expand subnets | project id, subnetName = subnets.name, subnetPrefix = subnets.properties.addressPrefix | extend subnetPrefixLength = split(subnetPrefix, '/')[1] | where subnetName == 'GatewaySubnet' | extend compliant = (subnetPrefixLength <= 27) | distinct id, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
                             "size": 4,
                             "queryType": 1,
                             "resourceType": "microsoft.resourcegraph/resources",
@@ -1930,42 +1974,20 @@
                                 ]
                             }
                         },
-                        "name": "query3"
-                    }
-                ]
-            },
-            "conditionalVisibility": {
-                "parameterName": "VisibleTab",
-                "comparison": "isEqualTo",
-                "value": "tab1"
-            },
-            "name": "tab1"
-        },
-        {
-            "type": 12,
-            "content": {
-                "version": "NotebookGroup/1.0",
-                "groupType": "editable",
-                "items": [
-                    {
-                        "type": 1,
-                        "content": {
-                            "json": "## Hybrid"
-                        },
-                        "name": "tab2title"
+                        "name": "query21"
                     },
                     {
                         "type": 1,
                         "content": {
-                            "json": "Select the right SKU for the ExpressRoute/VPN gateways based on bandwidth and performance requirements. Check [this link](https://learn.microsoft.com/azure/expressroute/expressroute-about-virtual-network-gateways?source=recommendations#gwsku) for further information.. [This training](https://learn.microsoft.com/learn/modules/design-implement-azure-expressroute/) can help to educate yourself on this."
+                            "json": "Don't rely on the NSG inbound default rules using the VirtualNetwork service tag to limit connectivity. Check [this link](https://learn.microsoft.com/azure/virtual-network/service-tags-overview#available-service-tags) for further information."
                         },
-                        "name": "querytext7"
+                        "name": "querytext22"
                     },
                     {
                         "type": 3,
                         "content": {
                             "version": "KqlItem/1.0",
-                            "query": "resources| where type == 'microsoft.network/virtualnetworkgateways'| where properties.gatewayType =~ 'vpn' or properties.gatewayType == 'ExpressRoute'| extend SKUName = properties.sku.name, SKUTier = properties.sku.tier, Type = properties.gatewayType| extend compliant = SKUTier !in ('Basic', 'Standard')| project name, id, subscriptionId, resourceGroup, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
+                            "query": "resources | where type=='microsoft.network/networksecuritygroups' | mvexpand properties.securityRules | project id,name,ruleAction=properties_securityRules.properties.access,rulePriority=properties_securityRules.properties.priority,ruleDst=properties_securityRules.properties.destinationAddressPrefix,ruleSrc=properties_securityRules.properties.sourceAddressPrefix,ruleProt=properties_securityRules.properties.protocol,ruleDirection=properties_securityRules.properties.direction,rulePort=properties_securityRules.properties.destinationPortRange | summarize StarDenies=countif(ruleAction=='Deny' and ruleDst=='*' and ruleSrc=='*' and ruleProt=='*' and rulePort=='*') by id,tostring(ruleDirection) | where ruleDirection == 'Inbound' | project id,compliant=(StarDenies>0) | union (resources | where type=='microsoft.network/networksecuritygroups' | where array_length(properties.securityRules)==0 | extend compliant=false | project id,compliant) | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
                             "size": 4,
                             "queryType": 1,
                             "resourceType": "microsoft.resourcegraph/resources",
@@ -2014,20 +2036,20 @@
                                 ]
                             }
                         },
-                        "name": "query7"
+                        "name": "query22"
                     },
                     {
                         "type": 1,
                         "content": {
-                            "json": "Ensure that you're using unlimited-data ExpressRoute circuits only if you reach the bandwidth that justifies their cost. Check [this link](https://learn.microsoft.com/azure/expressroute/plan-manage-cost) for further information.. [This training](https://learn.microsoft.com/training/modules/design-implement-azure-expressroute/) can help to educate yourself on this."
+                            "json": "Do not implement more than 900 NSG rules per NSG, due to the limit of 1000 rules. Check [this link](https://learn.microsoft.com/azure/azure-resource-manager/management/azure-subscription-service-limits) for further information.. [This training](https://learn.microsoft.com/azure/virtual-network/network-security-group-how-it-works) can help to educate yourself on this."
                         },
-                        "name": "querytext8"
+                        "name": "querytext23"
                     },
                     {
                         "type": 3,
                         "content": {
                             "version": "KqlItem/1.0",
-                            "query": "resources | where type=='microsoft.network/expressroutecircuits' | extend compliant = (tolower(sku.family) == 'metereddata' or tolower(sku.tier) == 'local') | distinct id,compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
+                            "query": "resources | where type == 'microsoft.network/networksecuritygroups' | project id, rules = array_length(properties.securityRules) | project id, compliant = (rules < 900) | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
                             "size": 4,
                             "queryType": 1,
                             "resourceType": "microsoft.resourcegraph/resources",
@@ -2076,20 +2098,42 @@
                                 ]
                             }
                         },
-                        "name": "query8"
+                        "name": "query23"
+                    }
+                ]
+            },
+            "conditionalVisibility": {
+                "parameterName": "VisibleTab",
+                "comparison": "isEqualTo",
+                "value": "tab3"
+            },
+            "name": "tab3"
+        },
+        {
+            "type": 12,
+            "content": {
+                "version": "NotebookGroup/1.0",
+                "groupType": "editable",
+                "items": [
+                    {
+                        "type": 1,
+                        "content": {
+                            "json": "## Firewall"
+                        },
+                        "name": "tab4title"
                     },
                     {
                         "type": 1,
                         "content": {
-                            "json": "Leverage the Local SKU of ExpressRoute to reduce the cost of your circuits, if your circuit peering location supports your Azure regions for the Local SKU. Check [this link](https://learn.microsoft.com/azure/expressroute/expressroute-faqs#expressroute-local) for further information.. [This training](https://learn.microsoft.com/training/modules/design-implement-azure-expressroute/) can help to educate yourself on this."
+                            "json": "Use application rules to filter outbound traffic on destination host name for supported protocols.  Use FQDN-based network rules and Azure Firewall with DNS proxy to filter egress traffic to the Internet over other protocols. Check [this link](https://learn.microsoft.com/azure/firewall/fqdn-filtering-network-rules) for further information.. [This training](https://learn.microsoft.com/learn/paths/secure-networking-infrastructure/) can help to educate yourself on this."
                         },
-                        "name": "querytext9"
+                        "name": "querytext14"
                     },
                     {
                         "type": 3,
                         "content": {
                             "version": "KqlItem/1.0",
-                            "query": "resources | where type=='microsoft.network/connections' | where properties.connectionType == 'ExpressRoute' | project id, gwid=tostring(properties.virtualNetworkGateway1.id), circuitid=tostring(properties.peer.id) | join (resources | where type=='microsoft.network/expressroutecircuits' | project circuitid=tostring(id), circuitsku=sku.tier) on circuitid | project id=gwid, compliant = (circuitsku == 'Local') | summarize compliant=max(compliant) by id | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
+                            "query": "resources | where type=='microsoft.network/firewallpolicies' | extend compliant = (properties.dnsSettings.enableProxy == true) | distinct id,compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
                             "size": 4,
                             "queryType": 1,
                             "resourceType": "microsoft.resourcegraph/resources",
@@ -2138,20 +2182,20 @@
                                 ]
                             }
                         },
-                        "name": "query9"
+                        "name": "query14"
                     },
                     {
                         "type": 1,
                         "content": {
-                            "json": "Deploy a zone-redundant ExpressRoute gateway in the supported Azure regions. Check [this link](https://learn.microsoft.com/azure/expressroute/expressroute-about-virtual-network-gateways) for further information.. [This training](https://learn.microsoft.com/learn/modules/design-implement-azure-expressroute/) can help to educate yourself on this."
+                            "json": "Use Azure Firewall Premium to enable additional security features. Check [this link](https://learn.microsoft.com/azure/firewall/premium-features) for further information.. [This training](https://learn.microsoft.com/training/modules/introduction-azure-firewall/) can help to educate yourself on this."
                         },
-                        "name": "querytext10"
+                        "name": "querytext15"
                     },
                     {
                         "type": 3,
                         "content": {
                             "version": "KqlItem/1.0",
-                            "query": "resources| where type == 'microsoft.network/virtualnetworkgateways'| where properties.gatewayType =~ 'vpn' or properties.gatewayType == 'ExpressRoute'| extend SKUName = properties.sku.name, SKUTier = properties.sku.tier, Type = properties.gatewayType| extend compliant = SKUTier contains 'AZ'| project name, id, subscriptionId, resourceGroup, Type, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
+                            "query": "resources | where type=='microsoft.network/firewallpolicies' | extend compliant = (properties.sku.tier == 'Premium') | distinct id,compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
                             "size": 4,
                             "queryType": 1,
                             "resourceType": "microsoft.resourcegraph/resources",
@@ -2200,20 +2244,20 @@
                                 ]
                             }
                         },
-                        "name": "query10"
+                        "name": "query15"
                     },
                     {
                         "type": 1,
                         "content": {
-                            "json": "Use zone-redundant VPN gateways to connect branches or remote locations to Azure (where available). Check [this link](https://learn.microsoft.com/azure/vpn-gateway/create-zone-redundant-vnet-gateway) for further information.. [This training](https://learn.microsoft.com/training/modules/intro-to-azure-vpn-gateway/) can help to educate yourself on this."
+                            "json": "Configure Azure Firewall Threat Intelligence mode to Alert and Deny for additional protection. Check [this link](https://learn.microsoft.com/azure/firewall/premium-features#idps-signature-rules) for further information."
                         },
-                        "name": "querytext11"
+                        "name": "querytext16"
                     },
                     {
                         "type": 3,
                         "content": {
                             "version": "KqlItem/1.0",
-                            "query": "resources | where type=='microsoft.network/virtualnetworkgateways' | where properties.gatewayType == 'Vpn' | extend compliant = (tolower(properties.sku.name) contains 'az') | distinct id, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
+                            "query": "resources | where type=='microsoft.network/firewallpolicies' | extend compliant = (properties.threatIntelMode == 'Deny') | distinct id,compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
                             "size": 4,
                             "queryType": 1,
                             "resourceType": "microsoft.resourcegraph/resources",
@@ -2262,20 +2306,20 @@
                                 ]
                             }
                         },
-                        "name": "query11"
+                        "name": "query16"
                     },
                     {
                         "type": 1,
                         "content": {
-                            "json": "Use ExpressRoute circuits from different peering locations for redundancy. Check [this link](https://learn.microsoft.com/azure/expressroute/designing-for-disaster-recovery-with-expressroute-privatepeering#need-for-redundant-connectivity-solution) for further information.. [This training](https://learn.microsoft.com/learn/modules/design-implement-azure-expressroute/) can help to educate yourself on this."
+                            "json": "Configure Azure Firewall IDPS mode to Deny for additional protection. Check [this link](https://learn.microsoft.com/azure/firewall/premium-features#idps) for further information.. [This training](https://learn.microsoft.com/training/modules/introduction-azure-firewall/) can help to educate yourself on this."
                         },
-                        "name": "querytext12"
+                        "name": "querytext17"
                     },
                     {
                         "type": 3,
                         "content": {
                             "version": "KqlItem/1.0",
-                            "query": "resources | where type=='microsoft.network/connections' | where properties.connectionType == 'ExpressRoute' | project cxId=id, gwId=tostring(properties.virtualNetworkGateway1.id), circuitId=tostring(properties.peer.id) | join (resources | where type=='microsoft.network/expressroutecircuits' | project circuitId=tostring(id), circuitLocation=tostring(properties.serviceProviderProperties.peeringLocation)) on circuitId | distinct gwId, circuitLocation | summarize countErLocations=count() by id=gwId | extend compliant = (countErLocations >= 2) | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
+                            "query": "resources | where type=='microsoft.network/firewallpolicies' | extend compliant = (properties.intrusionDetection.mode == 'Deny') | project id, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
                             "size": 4,
                             "queryType": 1,
                             "resourceType": "microsoft.resourcegraph/resources",
@@ -2324,20 +2368,20 @@
                                 ]
                             }
                         },
-                        "name": "query12"
+                        "name": "query17"
                     },
                     {
                         "type": 1,
                         "content": {
-                            "json": "If you are using a route table in the GatewaySubnet, make sure that gateway routes are propagated. Check [this link](https://learn.microsoft.com/azure/vpn-gateway/vpn-gateway-about-vpn-gateway-settings#gwsub) for further information."
+                            "json": "For subnets in VNets not connected to Virtual WAN, attach a route table so that Internet traffic is redirected to Azure Firewall or a Network Virtual Appliance. Check [this link](https://learn.microsoft.com/azure/virtual-network/virtual-networks-udr-overview) for further information."
                         },
-                        "name": "querytext13"
+                        "name": "querytext18"
                     },
                     {
                         "type": 3,
                         "content": {
                             "version": "KqlItem/1.0",
-                            "query": "resources | where type=='microsoft.network/virtualnetworks' | project id,resourceGroup,name,subnets=properties.subnets | mv-expand subnets | project id,resourceGroup,name,subnetName=tostring(subnets.name),routeTableId=tostring(subnets.properties.routeTable.id) | where subnetName == 'GatewaySubnet' | join kind=leftouter (Resources | where type == 'microsoft.network/routetables' | project routeTableName=name,routeTableId=id, disableBgpRoutePropagation=properties.disableBgpRoutePropagation) on routeTableId | project id,compliant = (disableBgpRoutePropagation == False or isnull(disableBgpRoutePropagation)) | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
+                            "query": "resources | where type=='microsoft.network/virtualnetworks' | project id,resourceGroup,name,subnets=properties.subnets | mv-expand subnets | project id,name,subnetId=tostring(subnets.id), subnetName=tostring(subnets.name),subnetRT=subnets.properties.routeTable.id | where not (subnetName in ('GatewaySubnet', 'AzureFirewallSubnet', 'RouteServerSubnet', 'AzureBastionSubnet')) | extend hasRT = isnotnull(subnetRT) | distinct id, hasRT, subnetId | join kind=fullouter (resources | where type == 'microsoft.network/virtualnetworks' | mvexpand properties.virtualNetworkPeerings | extend isVWAN=(tolower(split(properties_virtualNetworkPeerings.name, '_')[0]) == 'remotevnettohubpeering') | mv-expand properties.subnets | project id, isVWAN, name, subnetId=tostring(properties_subnets.id), subnetName=tostring(properties_subnets.name) | summarize PeeredToVWAN=max(isVWAN) by id, subnetId | project id, subnetId, isVWANpeer = (PeeredToVWAN == true)) on subnetId | project id=iff(isnotempty(id), id, id1), subnetId=iff(isnotempty(subnetId), subnetId, subnetId1), hasRT, isVWANpeer | extend compliant = (hasRT==true or isVWANpeer==true) | distinct id, subnetId, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
                             "size": 4,
                             "queryType": 1,
                             "resourceType": "microsoft.resourcegraph/resources",
@@ -2386,16 +2430,16 @@
                                 ]
                             }
                         },
-                        "name": "query13"
+                        "name": "query18"
                     }
                 ]
             },
             "conditionalVisibility": {
                 "parameterName": "VisibleTab",
                 "comparison": "isEqualTo",
-                "value": "tab2"
+                "value": "tab4"
             },
-            "name": "tab2"
+            "name": "tab4"
         },
         {
             "type": 12,
@@ -2406,22 +2450,22 @@
                     {
                         "type": 1,
                         "content": {
-                            "json": "## PaaS"
+                            "json": "## Hybrid"
                         },
-                        "name": "tab3title"
+                        "name": "tab5title"
                     },
                     {
                         "type": 1,
                         "content": {
-                            "json": "Don't enable virtual network service endpoints by default on all subnets. Check [this link](https://learn.microsoft.com/azure/virtual-network/virtual-network-service-endpoints-overview) for further information.. [This training](https://learn.microsoft.com/learn/paths/implement-network-security/?source=learn) can help to educate yourself on this."
+                            "json": "Select the right SKU for the ExpressRoute/VPN gateways based on bandwidth and performance requirements. Check [this link](https://learn.microsoft.com/azure/expressroute/expressroute-about-virtual-network-gateways?source=recommendations#gwsku) for further information.. [This training](https://learn.microsoft.com/learn/modules/design-implement-azure-expressroute/) can help to educate yourself on this."
                         },
-                        "name": "querytext20"
+                        "name": "querytext7"
                     },
                     {
                         "type": 3,
                         "content": {
                             "version": "KqlItem/1.0",
-                            "query": "resources | where type =~ 'microsoft.network/virtualnetworks' | project id,resourceGroup,name,subnets = properties.subnets | mv-expand subnets | project id = subnets.id, resourceGroup, VNet = name, serviceEndpoints = subnets.properties.serviceEndpoints, compliant = (isnull(subnets.properties.serviceEndpoints) or array_length(subnets.properties.serviceEndpoints) == 0) | order by compliant asc | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
+                            "query": "resources| where type == 'microsoft.network/virtualnetworkgateways'| where properties.gatewayType =~ 'vpn' or properties.gatewayType == 'ExpressRoute'| extend SKUName = properties.sku.name, SKUTier = properties.sku.tier, Type = properties.gatewayType| extend compliant = SKUTier !in ('Basic', 'Standard')| project name, id, subscriptionId, resourceGroup, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
                             "size": 4,
                             "queryType": 1,
                             "resourceType": "microsoft.resourcegraph/resources",
@@ -2470,42 +2514,20 @@
                                 ]
                             }
                         },
-                        "name": "query20"
-                    }
-                ]
-            },
-            "conditionalVisibility": {
-                "parameterName": "VisibleTab",
-                "comparison": "isEqualTo",
-                "value": "tab3"
-            },
-            "name": "tab3"
-        },
-        {
-            "type": 12,
-            "content": {
-                "version": "NotebookGroup/1.0",
-                "groupType": "editable",
-                "items": [
-                    {
-                        "type": 1,
-                        "content": {
-                            "json": "## Firewall"
-                        },
-                        "name": "tab4title"
+                        "name": "query7"
                     },
                     {
                         "type": 1,
                         "content": {
-                            "json": "Use application rules to filter outbound traffic on destination host name for supported protocols.  Use FQDN-based network rules and Azure Firewall with DNS proxy to filter egress traffic to the Internet over other protocols. Check [this link](https://learn.microsoft.com/azure/firewall/fqdn-filtering-network-rules) for further information.. [This training](https://learn.microsoft.com/learn/paths/secure-networking-infrastructure/) can help to educate yourself on this."
+                            "json": "Ensure that you're using unlimited-data ExpressRoute circuits only if you reach the bandwidth that justifies their cost. Check [this link](https://learn.microsoft.com/azure/expressroute/plan-manage-cost) for further information.. [This training](https://learn.microsoft.com/training/modules/design-implement-azure-expressroute/) can help to educate yourself on this."
                         },
-                        "name": "querytext14"
+                        "name": "querytext8"
                     },
                     {
                         "type": 3,
                         "content": {
                             "version": "KqlItem/1.0",
-                            "query": "resources | where type=='microsoft.network/firewallpolicies' | extend compliant = (properties.dnsSettings.enableProxy == true) | distinct id,compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
+                            "query": "resources | where type=='microsoft.network/expressroutecircuits' | extend compliant = (tolower(sku.family) == 'metereddata' or tolower(sku.tier) == 'local') | distinct id,compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
                             "size": 4,
                             "queryType": 1,
                             "resourceType": "microsoft.resourcegraph/resources",
@@ -2554,20 +2576,20 @@
                                 ]
                             }
                         },
-                        "name": "query14"
+                        "name": "query8"
                     },
                     {
                         "type": 1,
                         "content": {
-                            "json": "Use Azure Firewall Premium to enable additional security features. Check [this link](https://learn.microsoft.com/azure/firewall/premium-features) for further information.. [This training](https://learn.microsoft.com/training/modules/introduction-azure-firewall/) can help to educate yourself on this."
+                            "json": "Leverage the Local SKU of ExpressRoute to reduce the cost of your circuits, if your circuit peering location supports your Azure regions for the Local SKU. Check [this link](https://learn.microsoft.com/azure/expressroute/expressroute-faqs#expressroute-local) for further information.. [This training](https://learn.microsoft.com/training/modules/design-implement-azure-expressroute/) can help to educate yourself on this."
                         },
-                        "name": "querytext15"
+                        "name": "querytext9"
                     },
                     {
                         "type": 3,
                         "content": {
                             "version": "KqlItem/1.0",
-                            "query": "resources | where type=='microsoft.network/firewallpolicies' | extend compliant = (properties.sku.tier == 'Premium') | distinct id,compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
+                            "query": "resources | where type=='microsoft.network/connections' | where properties.connectionType == 'ExpressRoute' | project id, gwid=tostring(properties.virtualNetworkGateway1.id), circuitid=tostring(properties.peer.id) | join (resources | where type=='microsoft.network/expressroutecircuits' | project circuitid=tostring(id), circuitsku=sku.tier) on circuitid | project id=gwid, compliant = (circuitsku == 'Local') | summarize compliant=max(compliant) by id | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
                             "size": 4,
                             "queryType": 1,
                             "resourceType": "microsoft.resourcegraph/resources",
@@ -2616,20 +2638,20 @@
                                 ]
                             }
                         },
-                        "name": "query15"
+                        "name": "query9"
                     },
                     {
                         "type": 1,
                         "content": {
-                            "json": "Configure Azure Firewall Threat Intelligence mode to Alert and Deny for additional protection. Check [this link](https://learn.microsoft.com/azure/firewall/premium-features#idps-signature-rules) for further information."
+                            "json": "Deploy a zone-redundant ExpressRoute gateway in the supported Azure regions. Check [this link](https://learn.microsoft.com/azure/expressroute/expressroute-about-virtual-network-gateways) for further information.. [This training](https://learn.microsoft.com/learn/modules/design-implement-azure-expressroute/) can help to educate yourself on this."
                         },
-                        "name": "querytext16"
+                        "name": "querytext10"
                     },
                     {
                         "type": 3,
                         "content": {
                             "version": "KqlItem/1.0",
-                            "query": "resources | where type=='microsoft.network/firewallpolicies' | extend compliant = (properties.threatIntelMode == 'Deny') | distinct id,compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
+                            "query": "resources| where type == 'microsoft.network/virtualnetworkgateways'| where properties.gatewayType =~ 'vpn' or properties.gatewayType == 'ExpressRoute'| extend SKUName = properties.sku.name, SKUTier = properties.sku.tier, Type = properties.gatewayType| extend compliant = SKUTier contains 'AZ'| project name, id, subscriptionId, resourceGroup, Type, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
                             "size": 4,
                             "queryType": 1,
                             "resourceType": "microsoft.resourcegraph/resources",
@@ -2678,20 +2700,20 @@
                                 ]
                             }
                         },
-                        "name": "query16"
+                        "name": "query10"
                     },
                     {
                         "type": 1,
                         "content": {
-                            "json": "Configure Azure Firewall IDPS mode to Deny for additional protection. Check [this link](https://learn.microsoft.com/azure/firewall/premium-features#idps) for further information.. [This training](https://learn.microsoft.com/training/modules/introduction-azure-firewall/) can help to educate yourself on this."
+                            "json": "Use zone-redundant VPN gateways to connect branches or remote locations to Azure (where available). Check [this link](https://learn.microsoft.com/azure/vpn-gateway/create-zone-redundant-vnet-gateway) for further information.. [This training](https://learn.microsoft.com/training/modules/intro-to-azure-vpn-gateway/) can help to educate yourself on this."
                         },
-                        "name": "querytext17"
+                        "name": "querytext11"
                     },
                     {
                         "type": 3,
                         "content": {
                             "version": "KqlItem/1.0",
-                            "query": "resources | where type=='microsoft.network/firewallpolicies' | extend compliant = (properties.intrusionDetection.mode == 'Deny') | project id, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
+                            "query": "resources | where type=='microsoft.network/virtualnetworkgateways' | where properties.gatewayType == 'Vpn' | extend compliant = (tolower(properties.sku.name) contains 'az') | distinct id, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
                             "size": 4,
                             "queryType": 1,
                             "resourceType": "microsoft.resourcegraph/resources",
@@ -2740,20 +2762,20 @@
                                 ]
                             }
                         },
-                        "name": "query17"
+                        "name": "query11"
                     },
                     {
                         "type": 1,
                         "content": {
-                            "json": "For subnets in VNets not connected to Virtual WAN, attach a route table so that Internet traffic is redirected to Azure Firewall or a Network Virtual Appliance. Check [this link](https://learn.microsoft.com/azure/virtual-network/virtual-networks-udr-overview) for further information."
+                            "json": "Use ExpressRoute circuits from different peering locations for redundancy. Check [this link](https://learn.microsoft.com/azure/expressroute/designing-for-disaster-recovery-with-expressroute-privatepeering#need-for-redundant-connectivity-solution) for further information.. [This training](https://learn.microsoft.com/learn/modules/design-implement-azure-expressroute/) can help to educate yourself on this."
                         },
-                        "name": "querytext18"
+                        "name": "querytext12"
                     },
                     {
                         "type": 3,
                         "content": {
                             "version": "KqlItem/1.0",
-                            "query": "resources | where type=='microsoft.network/virtualnetworks' | project id,resourceGroup,name,subnets=properties.subnets | mv-expand subnets | project id,name,subnetId=tostring(subnets.id), subnetName=tostring(subnets.name),subnetRT=subnets.properties.routeTable.id | where not (subnetName in ('GatewaySubnet', 'AzureFirewallSubnet', 'RouteServerSubnet', 'AzureBastionSubnet')) | extend hasRT = isnotnull(subnetRT) | distinct id, hasRT, subnetId | join kind=fullouter (resources | where type == 'microsoft.network/virtualnetworks' | mvexpand properties.virtualNetworkPeerings | extend isVWAN=(tolower(split(properties_virtualNetworkPeerings.name, '_')[0]) == 'remotevnettohubpeering') | mv-expand properties.subnets | project id, isVWAN, name, subnetId=tostring(properties_subnets.id), subnetName=tostring(properties_subnets.name) | summarize PeeredToVWAN=max(isVWAN) by id, subnetId | project id, subnetId, isVWANpeer = (PeeredToVWAN == true)) on subnetId | project id=iff(isnotempty(id), id, id1), subnetId=iff(isnotempty(subnetId), subnetId, subnetId1), hasRT, isVWANpeer | extend compliant = (hasRT==true or isVWANpeer==true) | distinct id, subnetId, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
+                            "query": "resources | where type=='microsoft.network/connections' | where properties.connectionType == 'ExpressRoute' | project cxId=id, gwId=tostring(properties.virtualNetworkGateway1.id), circuitId=tostring(properties.peer.id) | join (resources | where type=='microsoft.network/expressroutecircuits' | project circuitId=tostring(id), circuitLocation=tostring(properties.serviceProviderProperties.peeringLocation)) on circuitId | distinct gwId, circuitLocation | summarize countErLocations=count() by id=gwId | extend compliant = (countErLocations >= 2) | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
                             "size": 4,
                             "queryType": 1,
                             "resourceType": "microsoft.resourcegraph/resources",
@@ -2802,42 +2824,20 @@
                                 ]
                             }
                         },
-                        "name": "query18"
-                    }
-                ]
-            },
-            "conditionalVisibility": {
-                "parameterName": "VisibleTab",
-                "comparison": "isEqualTo",
-                "value": "tab4"
-            },
-            "name": "tab4"
-        },
-        {
-            "type": 12,
-            "content": {
-                "version": "NotebookGroup/1.0",
-                "groupType": "editable",
-                "items": [
-                    {
-                        "type": 1,
-                        "content": {
-                            "json": "## IP plan"
-                        },
-                        "name": "tab5title"
+                        "name": "query12"
                     },
                     {
                         "type": 1,
                         "content": {
-                            "json": "Use IP addresses from the address allocation ranges for private internets (RFC 1918). Check [this link](https://learn.microsoft.com/azure/cloud-adoption-framework/ready/azure-best-practices/plan-for-ip-addressing) for further information.. [This training](https://learn.microsoft.com/learn/paths/architect-network-infrastructure/) can help to educate yourself on this."
+                            "json": "If you are using a route table in the GatewaySubnet, make sure that gateway routes are propagated. Check [this link](https://learn.microsoft.com/azure/vpn-gateway/vpn-gateway-about-vpn-gateway-settings#gwsub) for further information."
                         },
-                        "name": "querytext4"
+                        "name": "querytext13"
                     },
                     {
                         "type": 3,
                         "content": {
                             "version": "KqlItem/1.0",
-                            "query": "resources | where type == 'microsoft.network/virtualnetworks' | extend addressSpace = todynamic(properties.addressSpace) | extend addressPrefix = todynamic(properties.addressSpace.addressPrefixes) | mvexpand addressSpace | mvexpand addressPrefix | project name, id, location, resourceGroup, subscriptionId, cidr = addressPrefix | extend compliant = (cidr matches regex @'^(10\\.|172\\.(1[6-9]|2[0-9]|3[01])\\.|192\\.168\\.)')  | project id, compliant, cidr | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
+                            "query": "resources | where type=='microsoft.network/virtualnetworks' | project id,resourceGroup,name,subnets=properties.subnets | mv-expand subnets | project id,resourceGroup,name,subnetName=tostring(subnets.name),routeTableId=tostring(subnets.properties.routeTable.id) | where subnetName == 'GatewaySubnet' | join kind=leftouter (Resources | where type == 'microsoft.network/routetables' | project routeTableName=name,routeTableId=id, disableBgpRoutePropagation=properties.disableBgpRoutePropagation) on routeTableId | project id,compliant = (disableBgpRoutePropagation == False or isnull(disableBgpRoutePropagation)) | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
                             "size": 4,
                             "queryType": 1,
                             "resourceType": "microsoft.resourcegraph/resources",
@@ -2886,20 +2886,42 @@
                                 ]
                             }
                         },
-                        "name": "query4"
+                        "name": "query13"
+                    }
+                ]
+            },
+            "conditionalVisibility": {
+                "parameterName": "VisibleTab",
+                "comparison": "isEqualTo",
+                "value": "tab5"
+            },
+            "name": "tab5"
+        },
+        {
+            "type": 12,
+            "content": {
+                "version": "NotebookGroup/1.0",
+                "groupType": "editable",
+                "items": [
+                    {
+                        "type": 1,
+                        "content": {
+                            "json": "## IP plan"
+                        },
+                        "name": "tab6title"
                     },
                     {
                         "type": 1,
                         "content": {
-                            "json": "Ensure that IP address space isn't wasted, don't create unnecessarily large virtual networks (for example /16). Check [this link](https://learn.microsoft.com/azure/cloud-adoption-framework/ready/azure-best-practices/plan-for-ip-addressing) for further information.. [This training](https://learn.microsoft.com/learn/paths/architect-network-infrastructure/) can help to educate yourself on this."
+                            "json": "Use IP addresses from the address allocation ranges for private internets (RFC 1918). Check [this link](https://learn.microsoft.com/azure/cloud-adoption-framework/ready/azure-best-practices/plan-for-ip-addressing) for further information.. [This training](https://learn.microsoft.com/learn/paths/architect-network-infrastructure/) can help to educate yourself on this."
                         },
-                        "name": "querytext5"
+                        "name": "querytext4"
                     },
                     {
                         "type": 3,
                         "content": {
                             "version": "KqlItem/1.0",
-                            "query": "resources | where type == 'microsoft.network/virtualnetworks' | extend addressSpace = todynamic(properties.addressSpace) | extend addressPrefix = todynamic(properties.addressSpace.addressPrefixes) | mvexpand addressSpace | mvexpand addressPrefix | extend addressMask = split(addressPrefix,'/')[1] | extend compliant = addressMask > 16 | project name, id, subscriptionId, resourceGroup, addressPrefix, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
+                            "query": "resources | where type == 'microsoft.network/virtualnetworks' | extend addressSpace = todynamic(properties.addressSpace) | extend addressPrefix = todynamic(properties.addressSpace.addressPrefixes) | mvexpand addressSpace | mvexpand addressPrefix | project name, id, location, resourceGroup, subscriptionId, cidr = addressPrefix | extend compliant = (cidr matches regex @'^(10\\.|172\\.(1[6-9]|2[0-9]|3[01])\\.|192\\.168\\.)')  | project id, compliant, cidr | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
                             "size": 4,
                             "queryType": 1,
                             "resourceType": "microsoft.resourcegraph/resources",
@@ -2948,42 +2970,20 @@
                                 ]
                             }
                         },
-                        "name": "query5"
-                    }
-                ]
-            },
-            "conditionalVisibility": {
-                "parameterName": "VisibleTab",
-                "comparison": "isEqualTo",
-                "value": "tab5"
-            },
-            "name": "tab5"
-        },
-        {
-            "type": 12,
-            "content": {
-                "version": "NotebookGroup/1.0",
-                "groupType": "editable",
-                "items": [
-                    {
-                        "type": 1,
-                        "content": {
-                            "json": "## Virtual WAN"
-                        },
-                        "name": "tab6title"
+                        "name": "query4"
                     },
                     {
                         "type": 1,
                         "content": {
-                            "json": "For outbound Internet traffic protection and filtering, deploy Azure Firewall in secured hubs. Check [this link](https://learn.microsoft.com/azure/virtual-wan/howto-firewall) for further information.. [This training](https://learn.microsoft.com/learn/paths/secure-networking-infrastructure/) can help to educate yourself on this."
+                            "json": "Ensure that IP address space isn't wasted, don't create unnecessarily large virtual networks (for example /16). Check [this link](https://learn.microsoft.com/azure/cloud-adoption-framework/ready/azure-best-practices/plan-for-ip-addressing) for further information.. [This training](https://learn.microsoft.com/learn/paths/architect-network-infrastructure/) can help to educate yourself on this."
                         },
-                        "name": "querytext24"
+                        "name": "querytext5"
                     },
                     {
                         "type": 3,
                         "content": {
                             "version": "KqlItem/1.0",
-                            "query": "resources | where type=='microsoft.network/virtualhubs' | extend compliant = isnotnull(properties.azureFirewall.id) | project id, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
+                            "query": "resources | where type == 'microsoft.network/virtualnetworks' | extend addressSpace = todynamic(properties.addressSpace) | extend addressPrefix = todynamic(properties.addressSpace.addressPrefixes) | mvexpand addressSpace | mvexpand addressPrefix | extend addressMask = split(addressPrefix,'/')[1] | extend compliant = addressMask > 16 | project name, id, subscriptionId, resourceGroup, addressPrefix, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
                             "size": 4,
                             "queryType": 1,
                             "resourceType": "microsoft.resourcegraph/resources",
@@ -3032,7 +3032,7 @@
                                 ]
                             }
                         },
-                        "name": "query24"
+                        "name": "query5"
                     }
                 ]
             },
@@ -3052,22 +3052,22 @@
                     {
                         "type": 1,
                         "content": {
-                            "json": "## Internet"
+                            "json": "## PaaS"
                         },
                         "name": "tab7title"
                     },
                     {
                         "type": 1,
                         "content": {
-                            "json": "Use Azure Bastion in a subnet /26 or larger. Check [this link](https://learn.microsoft.com/azure/bastion/bastion-faq#subnet) for further information.. [This training](https://learn.microsoft.com/training/modules/intro-to-azure-bastion/) can help to educate yourself on this."
+                            "json": "Don't enable virtual network service endpoints by default on all subnets. Check [this link](https://learn.microsoft.com/azure/virtual-network/virtual-network-service-endpoints-overview) for further information.. [This training](https://learn.microsoft.com/learn/paths/implement-network-security/?source=learn) can help to educate yourself on this."
                         },
-                        "name": "querytext6"
+                        "name": "querytext20"
                     },
                     {
                         "type": 3,
                         "content": {
                             "version": "KqlItem/1.0",
-                            "query": "resources | where type=='microsoft.network/virtualnetworks' | project id,subnets=properties.subnets | mv-expand subnets | project id, subnetName = subnets.name, subnetPrefix = subnets.properties.addressPrefix | extend subnetPrefixLength = split(subnetPrefix, '/')[1] | where subnetName == 'AzureBastionSubnet' | extend compliant = (subnetPrefixLength <= 26) | distinct id, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
+                            "query": "resources | where type =~ 'microsoft.network/virtualnetworks' | project id,resourceGroup,name,subnets = properties.subnets | mv-expand subnets | project id = subnets.id, resourceGroup, VNet = name, serviceEndpoints = subnets.properties.serviceEndpoints, compliant = (isnull(subnets.properties.serviceEndpoints) or array_length(subnets.properties.serviceEndpoints) == 0) | order by compliant asc | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
                             "size": 4,
                             "queryType": 1,
                             "resourceType": "microsoft.resourcegraph/resources",
@@ -3116,7 +3116,7 @@
                                 ]
                             }
                         },
-                        "name": "query6"
+                        "name": "query20"
                     }
                 ]
             },
diff --git a/workbooks/alz_checklist.en_network_counters_template.json b/workbooks/alz_checklist.en_network_counters_template.json
index 147017eb0..e3acdc5a9 100644
--- a/workbooks/alz_checklist.en_network_counters_template.json
+++ b/workbooks/alz_checklist.en_network_counters_template.json
@@ -41,7 +41,7 @@
             "dependsOn": [],
             "properties": {
                 "displayName": "[parameters('workbookDisplayName')]",
-                "serializedData": "{\n    \"version\": \"Notebook/1.0\",\n    \"items\": [\n        {\n            \"type\": 9,\n            \"content\": {\n                \"version\": \"KqlParameterItem/1.0\",\n                \"parameters\": [\n                    {\n                        \"id\": \"497a107e-dde8-433e-b263-35ac8e8f7834\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Subscription\",\n                        \"type\": 6,\n                        \"multiSelect\": true,\n                        \"quote\": \"'\",\n                        \"delimiter\": \",\",\n                        \"typeSettings\": {\n                            \"additionalResourceOptions\": [\n                                \"value::all\"\n                            ],\n                            \"includeAll\": true,\n                            \"showDefault\": false\n                        },\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"value\": [\n                            \"value::all\"\n                        ]\n                    },\n                    {\n                        \"id\": \"844e4f4e-df51-4e3c-8eaf-0dc78b92c721\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"OnlyFailed\",\n                        \"label\": \"Only show failed\",\n                        \"type\": 2,\n                        \"typeSettings\": {\n                            \"additionalResourceOptions\": [],\n                            \"showDefault\": false\n                        },\n                        \"jsonData\": \"[\\r\\n    { \\\"value\\\":true, \\\"label\\\":\\\"True\\\" },\\r\\n    { \\\"value\\\":false, \\\"label\\\":\\\"False\\\", \\\"selected\\\":true }\\r\\n]\"\n                    }\n                ],\n                \"style\": \"pills\",\n                \"queryType\": 0,\n                \"resourceType\": \"microsoft.operationalinsights/workspaces\"\n            },\n            \"name\": \"WorkbookSelectors\"\n        },\n        {\n            \"type\": 1,\n            \"content\": {\n                \"json\": \"If you set \\\"Only show failed\\\" to \\\"Yes\\\", the different queries will only show items that have failed their compliance checks.\",\n                \"style\": \"info\"\n            },\n            \"name\": \"InfoBox\"\n        },\n        {\n            \"type\": 9,\n            \"content\": {\n                \"version\": \"KqlParameterItem/1.0\",\n                \"crossComponentResources\": [\n                    \"value::all\"\n                ],\n                \"parameters\": [\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query0Stats\",\n                        \"type\": 1,\n                        \"query\": \"resources | where type=='microsoft.network/virtualnetworks' | project id,subnets=properties.subnets | mv-expand subnets | project id, subnetName = subnets.name, subnetPrefix = subnets.properties.addressPrefix | extend subnetPrefixLength = split(subnetPrefix, '/')[1] | where subnetName == 'RouteServerSubnet' | extend compliant = (subnetPrefixLength <= 27) | distinct id, compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                        \"crossComponentResources\": [\n                            \"{Subscription}\"\n                        ],\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 1,\n                        \"resourceType\": \"microsoft.resourcegraph/resources\"\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query0FullyCompliant\",\n                        \"type\": 1,\n                        \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query0Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 8\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query1Stats\",\n                        \"type\": 1,\n                        \"query\": \"resources | where type == 'microsoft.network/virtualnetworks' | mvexpand properties.virtualNetworkPeerings | summarize peeringcount = count() by id | extend compliant = (peeringcount < 450) | distinct id,compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                        \"crossComponentResources\": [\n                            \"{Subscription}\"\n                        ],\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 1,\n                        \"resourceType\": \"microsoft.resourcegraph/resources\"\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query1FullyCompliant\",\n                        \"type\": 1,\n                        \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query1Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 8\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query2Stats\",\n                        \"type\": 1,\n                        \"query\": \"resources | where type=='microsoft.network/routetables' | mvexpand properties.routes | summarize routeCount = count() by id | extend compliant = (routeCount < 360) | distinct id,compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                        \"crossComponentResources\": [\n                            \"{Subscription}\"\n                        ],\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 1,\n                        \"resourceType\": \"microsoft.resourcegraph/resources\"\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query2FullyCompliant\",\n                        \"type\": 1,\n                        \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query2Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 8\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query3Stats\",\n                        \"type\": 1,\n                        \"query\": \"resources | where type == 'microsoft.network/virtualnetworks' | mvexpand properties.virtualNetworkPeerings | project id, peeringName=properties_virtualNetworkPeerings.name, compliant = (properties_virtualNetworkPeerings.properties.allowVirtualNetworkAccess == True)| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                        \"crossComponentResources\": [\n                            \"{Subscription}\"\n                        ],\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 1,\n                        \"resourceType\": \"microsoft.resourcegraph/resources\"\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query3FullyCompliant\",\n                        \"type\": 1,\n                        \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query3Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 8\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query4Stats\",\n                        \"type\": 1,\n                        \"query\": \"resources | where type == 'microsoft.network/virtualnetworks' | extend addressSpace = todynamic(properties.addressSpace) | extend addressPrefix = todynamic(properties.addressSpace.addressPrefixes) | mvexpand addressSpace | mvexpand addressPrefix | project name, id, location, resourceGroup, subscriptionId, cidr = addressPrefix | extend compliant = (cidr matches regex @'^(10\\\\.|172\\\\.(1[6-9]|2[0-9]|3[01])\\\\.|192\\\\.168\\\\.)')  | project id, compliant, cidr| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                        \"crossComponentResources\": [\n                            \"{Subscription}\"\n                        ],\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 1,\n                        \"resourceType\": \"microsoft.resourcegraph/resources\"\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query4FullyCompliant\",\n                        \"type\": 1,\n                        \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query4Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 8\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query5Stats\",\n                        \"type\": 1,\n                        \"query\": \"resources | where type == 'microsoft.network/virtualnetworks' | extend addressSpace = todynamic(properties.addressSpace) | extend addressPrefix = todynamic(properties.addressSpace.addressPrefixes) | mvexpand addressSpace | mvexpand addressPrefix | extend addressMask = split(addressPrefix,'/')[1] | extend compliant = addressMask > 16 | project name, id, subscriptionId, resourceGroup, addressPrefix, compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                        \"crossComponentResources\": [\n                            \"{Subscription}\"\n                        ],\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 1,\n                        \"resourceType\": \"microsoft.resourcegraph/resources\"\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query5FullyCompliant\",\n                        \"type\": 1,\n                        \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query5Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 8\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query6Stats\",\n                        \"type\": 1,\n                        \"query\": \"resources | where type=='microsoft.network/virtualnetworks' | project id,subnets=properties.subnets | mv-expand subnets | project id, subnetName = subnets.name, subnetPrefix = subnets.properties.addressPrefix | extend subnetPrefixLength = split(subnetPrefix, '/')[1] | where subnetName == 'AzureBastionSubnet' | extend compliant = (subnetPrefixLength <= 26) | distinct id, compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                        \"crossComponentResources\": [\n                            \"{Subscription}\"\n                        ],\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 1,\n                        \"resourceType\": \"microsoft.resourcegraph/resources\"\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query6FullyCompliant\",\n                        \"type\": 1,\n                        \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query6Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 8\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query7Stats\",\n                        \"type\": 1,\n                        \"query\": \"resources| where type == 'microsoft.network/virtualnetworkgateways'| where properties.gatewayType =~ 'vpn' or properties.gatewayType == 'ExpressRoute'| extend SKUName = properties.sku.name, SKUTier = properties.sku.tier, Type = properties.gatewayType| extend compliant = SKUTier !in ('Basic', 'Standard')| project name, id, subscriptionId, resourceGroup, compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                        \"crossComponentResources\": [\n                            \"{Subscription}\"\n                        ],\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 1,\n                        \"resourceType\": \"microsoft.resourcegraph/resources\"\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query7FullyCompliant\",\n                        \"type\": 1,\n                        \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query7Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 8\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query8Stats\",\n                        \"type\": 1,\n                        \"query\": \"resources | where type=='microsoft.network/expressroutecircuits' | extend compliant = (tolower(sku.family) == 'metereddata' or tolower(sku.tier) == 'local') | distinct id,compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                        \"crossComponentResources\": [\n                            \"{Subscription}\"\n                        ],\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 1,\n                        \"resourceType\": \"microsoft.resourcegraph/resources\"\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query8FullyCompliant\",\n                        \"type\": 1,\n                        \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query8Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 8\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query9Stats\",\n                        \"type\": 1,\n                        \"query\": \"resources | where type=='microsoft.network/connections' | where properties.connectionType == 'ExpressRoute' | project id, gwid=tostring(properties.virtualNetworkGateway1.id), circuitid=tostring(properties.peer.id) | join (resources | where type=='microsoft.network/expressroutecircuits' | project circuitid=tostring(id), circuitsku=sku.tier) on circuitid | project id=gwid, compliant = (circuitsku == 'Local') | summarize compliant=max(compliant) by id| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                        \"crossComponentResources\": [\n                            \"{Subscription}\"\n                        ],\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 1,\n                        \"resourceType\": \"microsoft.resourcegraph/resources\"\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query9FullyCompliant\",\n                        \"type\": 1,\n                        \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query9Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 8\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query10Stats\",\n                        \"type\": 1,\n                        \"query\": \"resources| where type == 'microsoft.network/virtualnetworkgateways'| where properties.gatewayType =~ 'vpn' or properties.gatewayType == 'ExpressRoute'| extend SKUName = properties.sku.name, SKUTier = properties.sku.tier, Type = properties.gatewayType| extend compliant = SKUTier contains 'AZ'| project name, id, subscriptionId, resourceGroup, Type, compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                        \"crossComponentResources\": [\n                            \"{Subscription}\"\n                        ],\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 1,\n                        \"resourceType\": \"microsoft.resourcegraph/resources\"\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query10FullyCompliant\",\n                        \"type\": 1,\n                        \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query10Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 8\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query11Stats\",\n                        \"type\": 1,\n                        \"query\": \"resources | where type=='microsoft.network/virtualnetworkgateways' | where properties.gatewayType == 'Vpn' | extend compliant = (tolower(properties.sku.name) contains 'az') | distinct id, compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                        \"crossComponentResources\": [\n                            \"{Subscription}\"\n                        ],\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 1,\n                        \"resourceType\": \"microsoft.resourcegraph/resources\"\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query11FullyCompliant\",\n                        \"type\": 1,\n                        \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query11Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 8\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query12Stats\",\n                        \"type\": 1,\n                        \"query\": \"resources | where type=='microsoft.network/connections' | where properties.connectionType == 'ExpressRoute' | project cxId=id, gwId=tostring(properties.virtualNetworkGateway1.id), circuitId=tostring(properties.peer.id) | join (resources | where type=='microsoft.network/expressroutecircuits' | project circuitId=tostring(id), circuitLocation=tostring(properties.serviceProviderProperties.peeringLocation)) on circuitId | distinct gwId, circuitLocation | summarize countErLocations=count() by id=gwId | extend compliant = (countErLocations >= 2)| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                        \"crossComponentResources\": [\n                            \"{Subscription}\"\n                        ],\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 1,\n                        \"resourceType\": \"microsoft.resourcegraph/resources\"\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query12FullyCompliant\",\n                        \"type\": 1,\n                        \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query12Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 8\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query13Stats\",\n                        \"type\": 1,\n                        \"query\": \"resources | where type=='microsoft.network/virtualnetworks' | project id,resourceGroup,name,subnets=properties.subnets | mv-expand subnets | project id,resourceGroup,name,subnetName=tostring(subnets.name),routeTableId=tostring(subnets.properties.routeTable.id) | where subnetName == 'GatewaySubnet' | join kind=leftouter (Resources | where type == 'microsoft.network/routetables' | project routeTableName=name,routeTableId=id, disableBgpRoutePropagation=properties.disableBgpRoutePropagation) on routeTableId | project id,compliant = (disableBgpRoutePropagation == False or isnull(disableBgpRoutePropagation))| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                        \"crossComponentResources\": [\n                            \"{Subscription}\"\n                        ],\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 1,\n                        \"resourceType\": \"microsoft.resourcegraph/resources\"\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query13FullyCompliant\",\n                        \"type\": 1,\n                        \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query13Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 8\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query14Stats\",\n                        \"type\": 1,\n                        \"query\": \"resources | where type=='microsoft.network/firewallpolicies' | extend compliant = (properties.dnsSettings.enableProxy == true) | distinct id,compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                        \"crossComponentResources\": [\n                            \"{Subscription}\"\n                        ],\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 1,\n                        \"resourceType\": \"microsoft.resourcegraph/resources\"\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query14FullyCompliant\",\n                        \"type\": 1,\n                        \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query14Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 8\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query15Stats\",\n                        \"type\": 1,\n                        \"query\": \"resources | where type=='microsoft.network/firewallpolicies' | extend compliant = (properties.sku.tier == 'Premium') | distinct id,compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                        \"crossComponentResources\": [\n                            \"{Subscription}\"\n                        ],\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 1,\n                        \"resourceType\": \"microsoft.resourcegraph/resources\"\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query15FullyCompliant\",\n                        \"type\": 1,\n                        \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query15Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 8\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query16Stats\",\n                        \"type\": 1,\n                        \"query\": \"resources | where type=='microsoft.network/firewallpolicies' | extend compliant = (properties.threatIntelMode == 'Deny') | distinct id,compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                        \"crossComponentResources\": [\n                            \"{Subscription}\"\n                        ],\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 1,\n                        \"resourceType\": \"microsoft.resourcegraph/resources\"\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query16FullyCompliant\",\n                        \"type\": 1,\n                        \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query16Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 8\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query17Stats\",\n                        \"type\": 1,\n                        \"query\": \"resources | where type=='microsoft.network/firewallpolicies' | extend compliant = (properties.intrusionDetection.mode == 'Deny') | project id, compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                        \"crossComponentResources\": [\n                            \"{Subscription}\"\n                        ],\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 1,\n                        \"resourceType\": \"microsoft.resourcegraph/resources\"\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query17FullyCompliant\",\n                        \"type\": 1,\n                        \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query17Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 8\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query18Stats\",\n                        \"type\": 1,\n                        \"query\": \"resources | where type=='microsoft.network/virtualnetworks' | project id,resourceGroup,name,subnets=properties.subnets | mv-expand subnets | project id,name,subnetId=tostring(subnets.id), subnetName=tostring(subnets.name),subnetRT=subnets.properties.routeTable.id | where not (subnetName in ('GatewaySubnet', 'AzureFirewallSubnet', 'RouteServerSubnet', 'AzureBastionSubnet')) | extend hasRT = isnotnull(subnetRT) | distinct id, hasRT, subnetId | join kind=fullouter (resources | where type == 'microsoft.network/virtualnetworks' | mvexpand properties.virtualNetworkPeerings | extend isVWAN=(tolower(split(properties_virtualNetworkPeerings.name, '_')[0]) == 'remotevnettohubpeering') | mv-expand properties.subnets | project id, isVWAN, name, subnetId=tostring(properties_subnets.id), subnetName=tostring(properties_subnets.name) | summarize PeeredToVWAN=max(isVWAN) by id, subnetId | project id, subnetId, isVWANpeer = (PeeredToVWAN == true)) on subnetId | project id=iff(isnotempty(id), id, id1), subnetId=iff(isnotempty(subnetId), subnetId, subnetId1), hasRT, isVWANpeer | extend compliant = (hasRT==true or isVWANpeer==true) | distinct id, subnetId, compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                        \"crossComponentResources\": [\n                            \"{Subscription}\"\n                        ],\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 1,\n                        \"resourceType\": \"microsoft.resourcegraph/resources\"\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query18FullyCompliant\",\n                        \"type\": 1,\n                        \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query18Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 8\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query19Stats\",\n                        \"type\": 1,\n                        \"query\": \"resources | where type=='microsoft.network/virtualnetworks' | project id,subnets=properties.subnets | mv-expand subnets | project id, subnetName = subnets.name, subnetPrefix = subnets.properties.addressPrefix | extend subnetPrefixLength = split(subnetPrefix, '/')[1] | where subnetName == 'AzureFirewallSubnet' | extend compliant = (subnetPrefixLength == 26) | distinct id, compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                        \"crossComponentResources\": [\n                            \"{Subscription}\"\n                        ],\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 1,\n                        \"resourceType\": \"microsoft.resourcegraph/resources\"\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query19FullyCompliant\",\n                        \"type\": 1,\n                        \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query19Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 8\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query20Stats\",\n                        \"type\": 1,\n                        \"query\": \"resources | where type =~ 'microsoft.network/virtualnetworks' | project id,resourceGroup,name,subnets = properties.subnets | mv-expand subnets | project id = subnets.id, resourceGroup, VNet = name, serviceEndpoints = subnets.properties.serviceEndpoints, compliant = (isnull(subnets.properties.serviceEndpoints) or array_length(subnets.properties.serviceEndpoints) == 0) | order by compliant asc| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                        \"crossComponentResources\": [\n                            \"{Subscription}\"\n                        ],\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 1,\n                        \"resourceType\": \"microsoft.resourcegraph/resources\"\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query20FullyCompliant\",\n                        \"type\": 1,\n                        \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query20Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 8\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query21Stats\",\n                        \"type\": 1,\n                        \"query\": \"resources | where type=='microsoft.network/virtualnetworks' | project id,subnets=properties.subnets | mv-expand subnets | project id, subnetName = subnets.name, subnetPrefix = subnets.properties.addressPrefix | extend subnetPrefixLength = split(subnetPrefix, '/')[1] | where subnetName == 'GatewaySubnet' | extend compliant = (subnetPrefixLength <= 27) | distinct id, compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                        \"crossComponentResources\": [\n                            \"{Subscription}\"\n                        ],\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 1,\n                        \"resourceType\": \"microsoft.resourcegraph/resources\"\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query21FullyCompliant\",\n                        \"type\": 1,\n                        \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query21Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 8\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query22Stats\",\n                        \"type\": 1,\n                        \"query\": \"resources | where type=='microsoft.network/networksecuritygroups' | mvexpand properties.securityRules | project id,name,ruleAction=properties_securityRules.properties.access,rulePriority=properties_securityRules.properties.priority,ruleDst=properties_securityRules.properties.destinationAddressPrefix,ruleSrc=properties_securityRules.properties.sourceAddressPrefix,ruleProt=properties_securityRules.properties.protocol,ruleDirection=properties_securityRules.properties.direction,rulePort=properties_securityRules.properties.destinationPortRange | summarize StarDenies=countif(ruleAction=='Deny' and ruleDst=='*' and ruleSrc=='*' and ruleProt=='*' and rulePort=='*') by id,tostring(ruleDirection) | where ruleDirection == 'Inbound' | project id,compliant=(StarDenies>0) | union (resources | where type=='microsoft.network/networksecuritygroups' | where array_length(properties.securityRules)==0 | extend compliant=false | project id,compliant)| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                        \"crossComponentResources\": [\n                            \"{Subscription}\"\n                        ],\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 1,\n                        \"resourceType\": \"microsoft.resourcegraph/resources\"\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query22FullyCompliant\",\n                        \"type\": 1,\n                        \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query22Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 8\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query23Stats\",\n                        \"type\": 1,\n                        \"query\": \"resources | where type == 'microsoft.network/networksecuritygroups' | project id, rules = array_length(properties.securityRules) | project id, compliant = (rules < 900)| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                        \"crossComponentResources\": [\n                            \"{Subscription}\"\n                        ],\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 1,\n                        \"resourceType\": \"microsoft.resourcegraph/resources\"\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query23FullyCompliant\",\n                        \"type\": 1,\n                        \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query23Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 8\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query24Stats\",\n                        \"type\": 1,\n                        \"query\": \"resources | where type=='microsoft.network/virtualhubs' | extend compliant = isnotnull(properties.azureFirewall.id) | project id, compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                        \"crossComponentResources\": [\n                            \"{Subscription}\"\n                        ],\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 1,\n                        \"resourceType\": \"microsoft.resourcegraph/resources\"\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query24FullyCompliant\",\n                        \"type\": 1,\n                        \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query24Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 8\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Tab0Success\",\n                        \"type\": 1,\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"criteriaData\": [\n                            {\n                                \"criteriaContext\": {\n                                    \"operator\": \"Default\",\n                                    \"resultValType\": \"expression\",\n                                    \"resultVal\": \"{Query19Stats:$.Success}+{Query21Stats:$.Success}+{Query22Stats:$.Success}+{Query23Stats:$.Success}\"\n                                }\n                            }\n                        ]\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Tab0Total\",\n                        \"type\": 1,\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"criteriaData\": [\n                            {\n                                \"criteriaContext\": {\n                                    \"operator\": \"Default\",\n                                    \"resultValType\": \"expression\",\n                                    \"resultVal\": \"{Query19Stats:$.Total}+{Query21Stats:$.Total}+{Query22Stats:$.Total}+{Query23Stats:$.Total}\"\n                                }\n                            }\n                        ]\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Tab0Percent\",\n                        \"type\": 1,\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"criteriaData\": [\n                            {\n                                \"criteriaContext\": {\n                                    \"operator\": \"Default\",\n                                    \"resultValType\": \"expression\",\n                                    \"resultVal\": \"round(100*{Tab0Success}/{Tab0Total})\"\n                                }\n                            }\n                        ]\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Tab1Success\",\n                        \"type\": 1,\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"criteriaData\": [\n                            {\n                                \"criteriaContext\": {\n                                    \"operator\": \"Default\",\n                                    \"resultValType\": \"expression\",\n                                    \"resultVal\": \"{Query0Stats:$.Success}+{Query1Stats:$.Success}+{Query2Stats:$.Success}+{Query3Stats:$.Success}\"\n                                }\n                            }\n                        ]\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Tab1Total\",\n                        \"type\": 1,\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"criteriaData\": [\n                            {\n                                \"criteriaContext\": {\n                                    \"operator\": \"Default\",\n                                    \"resultValType\": \"expression\",\n                                    \"resultVal\": \"{Query0Stats:$.Total}+{Query1Stats:$.Total}+{Query2Stats:$.Total}+{Query3Stats:$.Total}\"\n                                }\n                            }\n                        ]\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Tab1Percent\",\n                        \"type\": 1,\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"criteriaData\": [\n                            {\n                                \"criteriaContext\": {\n                                    \"operator\": \"Default\",\n                                    \"resultValType\": \"expression\",\n                                    \"resultVal\": \"round(100*{Tab1Success}/{Tab1Total})\"\n                                }\n                            }\n                        ]\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Tab2Success\",\n                        \"type\": 1,\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"criteriaData\": [\n                            {\n                                \"criteriaContext\": {\n                                    \"operator\": \"Default\",\n                                    \"resultValType\": \"expression\",\n                                    \"resultVal\": \"{Query7Stats:$.Success}+{Query8Stats:$.Success}+{Query9Stats:$.Success}+{Query10Stats:$.Success}+{Query11Stats:$.Success}+{Query12Stats:$.Success}+{Query13Stats:$.Success}\"\n                                }\n                            }\n                        ]\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Tab2Total\",\n                        \"type\": 1,\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"criteriaData\": [\n                            {\n                                \"criteriaContext\": {\n                                    \"operator\": \"Default\",\n                                    \"resultValType\": \"expression\",\n                                    \"resultVal\": \"{Query7Stats:$.Total}+{Query8Stats:$.Total}+{Query9Stats:$.Total}+{Query10Stats:$.Total}+{Query11Stats:$.Total}+{Query12Stats:$.Total}+{Query13Stats:$.Total}\"\n                                }\n                            }\n                        ]\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Tab2Percent\",\n                        \"type\": 1,\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"criteriaData\": [\n                            {\n                                \"criteriaContext\": {\n                                    \"operator\": \"Default\",\n                                    \"resultValType\": \"expression\",\n                                    \"resultVal\": \"round(100*{Tab2Success}/{Tab2Total})\"\n                                }\n                            }\n                        ]\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Tab3Success\",\n                        \"type\": 1,\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"criteriaData\": [\n                            {\n                                \"criteriaContext\": {\n                                    \"operator\": \"Default\",\n                                    \"resultValType\": \"expression\",\n                                    \"resultVal\": \"{Query20Stats:$.Success}\"\n                                }\n                            }\n                        ]\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Tab3Total\",\n                        \"type\": 1,\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"criteriaData\": [\n                            {\n                                \"criteriaContext\": {\n                                    \"operator\": \"Default\",\n                                    \"resultValType\": \"expression\",\n                                    \"resultVal\": \"{Query20Stats:$.Total}\"\n                                }\n                            }\n                        ]\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Tab3Percent\",\n                        \"type\": 1,\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"criteriaData\": [\n                            {\n                                \"criteriaContext\": {\n                                    \"operator\": \"Default\",\n                                    \"resultValType\": \"expression\",\n                                    \"resultVal\": \"round(100*{Tab3Success}/{Tab3Total})\"\n                                }\n                            }\n                        ]\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Tab4Success\",\n                        \"type\": 1,\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"criteriaData\": [\n                            {\n                                \"criteriaContext\": {\n                                    \"operator\": \"Default\",\n                                    \"resultValType\": \"expression\",\n                                    \"resultVal\": \"{Query14Stats:$.Success}+{Query15Stats:$.Success}+{Query16Stats:$.Success}+{Query17Stats:$.Success}+{Query18Stats:$.Success}\"\n                                }\n                            }\n                        ]\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Tab4Total\",\n                        \"type\": 1,\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"criteriaData\": [\n                            {\n                                \"criteriaContext\": {\n                                    \"operator\": \"Default\",\n                                    \"resultValType\": \"expression\",\n                                    \"resultVal\": \"{Query14Stats:$.Total}+{Query15Stats:$.Total}+{Query16Stats:$.Total}+{Query17Stats:$.Total}+{Query18Stats:$.Total}\"\n                                }\n                            }\n                        ]\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Tab4Percent\",\n                        \"type\": 1,\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"criteriaData\": [\n                            {\n                                \"criteriaContext\": {\n                                    \"operator\": \"Default\",\n                                    \"resultValType\": \"expression\",\n                                    \"resultVal\": \"round(100*{Tab4Success}/{Tab4Total})\"\n                                }\n                            }\n                        ]\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Tab5Success\",\n                        \"type\": 1,\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"criteriaData\": [\n                            {\n                                \"criteriaContext\": {\n                                    \"operator\": \"Default\",\n                                    \"resultValType\": \"expression\",\n                                    \"resultVal\": \"{Query4Stats:$.Success}+{Query5Stats:$.Success}\"\n                                }\n                            }\n                        ]\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Tab5Total\",\n                        \"type\": 1,\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"criteriaData\": [\n                            {\n                                \"criteriaContext\": {\n                                    \"operator\": \"Default\",\n                                    \"resultValType\": \"expression\",\n                                    \"resultVal\": \"{Query4Stats:$.Total}+{Query5Stats:$.Total}\"\n                                }\n                            }\n                        ]\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Tab5Percent\",\n                        \"type\": 1,\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"criteriaData\": [\n                            {\n                                \"criteriaContext\": {\n                                    \"operator\": \"Default\",\n                                    \"resultValType\": \"expression\",\n                                    \"resultVal\": \"round(100*{Tab5Success}/{Tab5Total})\"\n                                }\n                            }\n                        ]\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Tab6Success\",\n                        \"type\": 1,\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"criteriaData\": [\n                            {\n                                \"criteriaContext\": {\n                                    \"operator\": \"Default\",\n                                    \"resultValType\": \"expression\",\n                                    \"resultVal\": \"{Query24Stats:$.Success}\"\n                                }\n                            }\n                        ]\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Tab6Total\",\n                        \"type\": 1,\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"criteriaData\": [\n                            {\n                                \"criteriaContext\": {\n                                    \"operator\": \"Default\",\n                                    \"resultValType\": \"expression\",\n                                    \"resultVal\": \"{Query24Stats:$.Total}\"\n                                }\n                            }\n                        ]\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Tab6Percent\",\n                        \"type\": 1,\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"criteriaData\": [\n                            {\n                                \"criteriaContext\": {\n                                    \"operator\": \"Default\",\n                                    \"resultValType\": \"expression\",\n                                    \"resultVal\": \"round(100*{Tab6Success}/{Tab6Total})\"\n                                }\n                            }\n                        ]\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Tab7Success\",\n                        \"type\": 1,\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"criteriaData\": [\n                            {\n                                \"criteriaContext\": {\n                                    \"operator\": \"Default\",\n                                    \"resultValType\": \"expression\",\n                                    \"resultVal\": \"{Query6Stats:$.Success}\"\n                                }\n                            }\n                        ]\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Tab7Total\",\n                        \"type\": 1,\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"criteriaData\": [\n                            {\n                                \"criteriaContext\": {\n                                    \"operator\": \"Default\",\n                                    \"resultValType\": \"expression\",\n                                    \"resultVal\": \"{Query6Stats:$.Total}\"\n                                }\n                            }\n                        ]\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Tab7Percent\",\n                        \"type\": 1,\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"criteriaData\": [\n                            {\n                                \"criteriaContext\": {\n                                    \"operator\": \"Default\",\n                                    \"resultValType\": \"expression\",\n                                    \"resultVal\": \"round(100*{Tab7Success}/{Tab7Total})\"\n                                }\n                            }\n                        ]\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"WorkbookTotal\",\n                        \"type\": 1,\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"criteriaData\": [\n                            {\n                                \"criteriaContext\": {\n                                    \"operator\": \"Default\",\n                                    \"resultValType\": \"expression\",\n                                    \"resultVal\": \"{Query19Stats:$.Total}+{Query21Stats:$.Total}+{Query22Stats:$.Total}+{Query23Stats:$.Total}+{Query0Stats:$.Total}+{Query1Stats:$.Total}+{Query2Stats:$.Total}+{Query3Stats:$.Total}+{Query7Stats:$.Total}+{Query8Stats:$.Total}+{Query9Stats:$.Total}+{Query10Stats:$.Total}+{Query11Stats:$.Total}+{Query12Stats:$.Total}+{Query13Stats:$.Total}+{Query20Stats:$.Total}+{Query14Stats:$.Total}+{Query15Stats:$.Total}+{Query16Stats:$.Total}+{Query17Stats:$.Total}+{Query18Stats:$.Total}+{Query4Stats:$.Total}+{Query5Stats:$.Total}+{Query24Stats:$.Total}+{Query6Stats:$.Total}\"\n                                }\n                            }\n                        ]\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"WorkbookSuccess\",\n                        \"type\": 1,\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"criteriaData\": [\n                            {\n                                \"criteriaContext\": {\n                                    \"operator\": \"Default\",\n                                    \"resultValType\": \"expression\",\n                                    \"resultVal\": \"{Query19Stats:$.Success}+{Query21Stats:$.Success}+{Query22Stats:$.Success}+{Query23Stats:$.Success}+{Query0Stats:$.Success}+{Query1Stats:$.Success}+{Query2Stats:$.Success}+{Query3Stats:$.Success}+{Query7Stats:$.Success}+{Query8Stats:$.Success}+{Query9Stats:$.Success}+{Query10Stats:$.Success}+{Query11Stats:$.Success}+{Query12Stats:$.Success}+{Query13Stats:$.Success}+{Query20Stats:$.Success}+{Query14Stats:$.Success}+{Query15Stats:$.Success}+{Query16Stats:$.Success}+{Query17Stats:$.Success}+{Query18Stats:$.Success}+{Query4Stats:$.Success}+{Query5Stats:$.Success}+{Query24Stats:$.Success}+{Query6Stats:$.Success}\"\n                                }\n                            }\n                        ]\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"WorkbookPercent\",\n                        \"type\": 1,\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"criteriaData\": [\n                            {\n                                \"criteriaContext\": {\n                                    \"operator\": \"Default\",\n                                    \"resultValType\": \"expression\",\n                                    \"resultVal\": \"round(100*{WorkbookSuccess}/{WorkbookTotal})\"\n                                }\n                            }\n                        ]\n                    }\n                ],\n                \"style\": \"pills\",\n                \"queryType\": 1,\n                \"resourceType\": \"microsoft.resourcegraph/resources\"\n            },\n            \"name\": \"InvisibleParameters\"\n        },\n        {\n            \"type\": 1,\n            \"content\": {\n                \"json\": \"## Azure Landing Zone Review - Network\\n\\n---\\n\\nThis workbook has been automatically generated out of the checklists in the [Azure Review Checklists repo](https://github.com/Azure/review-checklists). This repo contains best practices and recommendations around generic Landing Zones as well as specific services such as Azure Virtual Desktop, Azure Kubernetes Service or Azure VMware Solution, to name a few. This repository of best practices is curated by Azure engineers, but open to anybody to contribute.\\n\\nIf you see a problem in the queries that are part of this workbook, please open a Github issue [here](https://github.com/Azure/review-checklists/issues/new).\"\n            },\n            \"customWidth\": \"50\",\n            \"name\": \"MarkdownHeader\"\n        },\n        {\n            \"type\": 3,\n            \"content\": {\n                \"version\": \"KqlItem/1.0\",\n                \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"WorkbookPercent\\\\\\\": \\\\\\\"{WorkbookPercent}\\\\\\\", \\\\\\\"SubTitle\\\\\\\": \\\\\\\"Percent of successful checks\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                \"size\": 4,\n                \"queryType\": 8,\n                \"visualization\": \"tiles\",\n                \"tileSettings\": {\n                    \"titleContent\": {\n                        \"columnMatch\": \"WorkbookPercent\",\n                        \"formatter\": 4,\n                        \"formatOptions\": {\n                            \"min\": 0,\n                            \"max\": 100,\n                            \"palette\": \"redGreen\"\n                        }\n                    },\n                    \"subtitleContent\": {\n                        \"columnMatch\": \"SubTitle\",\n                        \"formatter\": 1\n                    },\n                    \"showBorder\": true\n                }\n            },\n            \"customWidth\": \"50\",\n            \"name\": \"ProgressTile\"\n        },\n        {\n            \"type\": 11,\n            \"content\": {\n                \"version\": \"LinkItem/1.0\",\n                \"style\": \"tabs\",\n                \"links\": [\n                    {\n                        \"id\": \"4c29458a-55af-431a-bc4a-96afe9e5aafa\",\n                        \"cellValue\": \"VisibleTab\",\n                        \"linkTarget\": \"parameter\",\n                        \"linkLabel\": \"Segmentation ({Tab0Success:value}/{Tab0Total:value})\",\n                        \"subTarget\": \"tab0\",\n                        \"preText\": \"Segmentation\",\n                        \"style\": \"primary\"\n                    },\n                    {\n                        \"id\": \"954152cb-0786-4b39-98b4-217151a3813d\",\n                        \"cellValue\": \"VisibleTab\",\n                        \"linkTarget\": \"parameter\",\n                        \"linkLabel\": \"Hub and spoke ({Tab1Success:value}/{Tab1Total:value})\",\n                        \"subTarget\": \"tab1\",\n                        \"preText\": \"Hub and spoke\",\n                        \"style\": \"primary\"\n                    },\n                    {\n                        \"id\": \"96f86ce5-b109-454e-90d3-82dd670c4306\",\n                        \"cellValue\": \"VisibleTab\",\n                        \"linkTarget\": \"parameter\",\n                        \"linkLabel\": \"Hybrid ({Tab2Success:value}/{Tab2Total:value})\",\n                        \"subTarget\": \"tab2\",\n                        \"preText\": \"Hybrid\",\n                        \"style\": \"primary\"\n                    },\n                    {\n                        \"id\": \"32911051-f8f1-4590-b8ed-6dba23023b46\",\n                        \"cellValue\": \"VisibleTab\",\n                        \"linkTarget\": \"parameter\",\n                        \"linkLabel\": \"PaaS ({Tab3Success:value}/{Tab3Total:value})\",\n                        \"subTarget\": \"tab3\",\n                        \"preText\": \"PaaS\",\n                        \"style\": \"primary\"\n                    },\n                    {\n                        \"id\": \"19863aff-319c-4dcc-96b5-d2fc9cd7108a\",\n                        \"cellValue\": \"VisibleTab\",\n                        \"linkTarget\": \"parameter\",\n                        \"linkLabel\": \"Firewall ({Tab4Success:value}/{Tab4Total:value})\",\n                        \"subTarget\": \"tab4\",\n                        \"preText\": \"Firewall\",\n                        \"style\": \"primary\"\n                    },\n                    {\n                        \"id\": \"470e54f2-1648-4bb2-8d27-a8ac5b8fd23d\",\n                        \"cellValue\": \"VisibleTab\",\n                        \"linkTarget\": \"parameter\",\n                        \"linkLabel\": \"IP plan ({Tab5Success:value}/{Tab5Total:value})\",\n                        \"subTarget\": \"tab5\",\n                        \"preText\": \"IP plan\",\n                        \"style\": \"primary\"\n                    },\n                    {\n                        \"id\": \"128e1e5f-dccc-4048-8ea6-8bdc23645328\",\n                        \"cellValue\": \"VisibleTab\",\n                        \"linkTarget\": \"parameter\",\n                        \"linkLabel\": \"Virtual WAN ({Tab6Success:value}/{Tab6Total:value})\",\n                        \"subTarget\": \"tab6\",\n                        \"preText\": \"Virtual WAN\",\n                        \"style\": \"primary\"\n                    },\n                    {\n                        \"id\": \"43b07657-c7b1-4943-adbe-dee2d91f1fdb\",\n                        \"cellValue\": \"VisibleTab\",\n                        \"linkTarget\": \"parameter\",\n                        \"linkLabel\": \"Internet ({Tab7Success:value}/{Tab7Total:value})\",\n                        \"subTarget\": \"tab7\",\n                        \"preText\": \"Internet\",\n                        \"style\": \"primary\"\n                    }\n                ]\n            },\n            \"name\": \"Tabs\"\n        },\n        {\n            \"type\": 12,\n            \"content\": {\n                \"version\": \"NotebookGroup/1.0\",\n                \"groupType\": \"editable\",\n                \"items\": [\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"## Segmentation\"\n                        },\n                        \"name\": \"tab0title\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Use a /26 prefix for your Azure Firewall subnets. Check [this link](https://learn.microsoft.com/azure/firewall/firewall-faq#why-does-azure-firewall-need-a--26-subnet-size) for further information.. [This training](https://learn.microsoft.com/training/modules/introduction-azure-firewall/) can help to educate yourself on this.\"\n                        },\n                        \"name\": \"querytext19\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/virtualnetworks' | project id,subnets=properties.subnets | mv-expand subnets | project id, subnetName = subnets.name, subnetPrefix = subnets.properties.addressPrefix | extend subnetPrefixLength = split(subnetPrefix, '/')[1] | where subnetName == 'AzureFirewallSubnet' | extend compliant = (subnetPrefixLength == 26) | distinct id, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query19\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Use at least a /27 prefix for your Gateway subnets. Check [this link](https://learn.microsoft.com/azure/expressroute/expressroute-howto-add-gateway-resource-manager#add-a-gateway) for further information.\"\n                        },\n                        \"name\": \"querytext21\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/virtualnetworks' | project id,subnets=properties.subnets | mv-expand subnets | project id, subnetName = subnets.name, subnetPrefix = subnets.properties.addressPrefix | extend subnetPrefixLength = split(subnetPrefix, '/')[1] | where subnetName == 'GatewaySubnet' | extend compliant = (subnetPrefixLength <= 27) | distinct id, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query21\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Don't rely on the NSG inbound default rules using the VirtualNetwork service tag to limit connectivity. Check [this link](https://learn.microsoft.com/azure/virtual-network/service-tags-overview#available-service-tags) for further information.\"\n                        },\n                        \"name\": \"querytext22\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/networksecuritygroups' | mvexpand properties.securityRules | project id,name,ruleAction=properties_securityRules.properties.access,rulePriority=properties_securityRules.properties.priority,ruleDst=properties_securityRules.properties.destinationAddressPrefix,ruleSrc=properties_securityRules.properties.sourceAddressPrefix,ruleProt=properties_securityRules.properties.protocol,ruleDirection=properties_securityRules.properties.direction,rulePort=properties_securityRules.properties.destinationPortRange | summarize StarDenies=countif(ruleAction=='Deny' and ruleDst=='*' and ruleSrc=='*' and ruleProt=='*' and rulePort=='*') by id,tostring(ruleDirection) | where ruleDirection == 'Inbound' | project id,compliant=(StarDenies>0) | union (resources | where type=='microsoft.network/networksecuritygroups' | where array_length(properties.securityRules)==0 | extend compliant=false | project id,compliant) | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query22\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Do not implement more than 900 NSG rules per NSG, due to the limit of 1000 rules. Check [this link](https://learn.microsoft.com/azure/azure-resource-manager/management/azure-subscription-service-limits) for further information.. [This training](https://learn.microsoft.com/azure/virtual-network/network-security-group-how-it-works) can help to educate yourself on this.\"\n                        },\n                        \"name\": \"querytext23\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type == 'microsoft.network/networksecuritygroups' | project id, rules = array_length(properties.securityRules) | project id, compliant = (rules < 900) | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query23\"\n                    }\n                ]\n            },\n            \"conditionalVisibility\": {\n                \"parameterName\": \"VisibleTab\",\n                \"comparison\": \"isEqualTo\",\n                \"value\": \"tab0\"\n            },\n            \"name\": \"tab0\"\n        },\n        {\n            \"type\": 12,\n            \"content\": {\n                \"version\": \"NotebookGroup/1.0\",\n                \"groupType\": \"editable\",\n                \"items\": [\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"## Hub and spoke\"\n                        },\n                        \"name\": \"tab1title\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"If using Route Server, use a /27 prefix for the Route Server subnet. Check [this link](https://learn.microsoft.com/azure/route-server/quickstart-configure-route-server-portal#create-a-route-server-1) for further information.. [This training](https://learn.microsoft.com/training/modules/intro-to-azure-route-server/) can help to educate yourself on this.\"\n                        },\n                        \"name\": \"querytext0\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/virtualnetworks' | project id,subnets=properties.subnets | mv-expand subnets | project id, subnetName = subnets.name, subnetPrefix = subnets.properties.addressPrefix | extend subnetPrefixLength = split(subnetPrefix, '/')[1] | where subnetName == 'RouteServerSubnet' | extend compliant = (subnetPrefixLength <= 27) | distinct id, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query0\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"If you have more than 400 spoke networks in a region, deploy an additional hub to bypass VNet peering limits (500) and the maximum number of prefixes that can be advertised via ExpressRoute (1000). Check [this link](https://learn.microsoft.com/azure/azure-resource-manager/management/azure-subscription-service-limits?toc=/azure/virtual-network/toc.json#azure-resource-manager-virtual-networking-limits) for further information.. [This training](https://learn.microsoft.com/training/modules/hub-and-spoke-network-architecture/) can help to educate yourself on this.\"\n                        },\n                        \"name\": \"querytext1\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type == 'microsoft.network/virtualnetworks' | mvexpand properties.virtualNetworkPeerings | summarize peeringcount = count() by id | extend compliant = (peeringcount < 450) | distinct id,compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query1\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Limit the number of routes per route table to 400. Check [this link](https://learn.microsoft.com/azure/azure-resource-manager/management/azure-subscription-service-limits?toc=/azure/virtual-network/toc.json#azure-resource-manager-virtual-networking-limits) for further information.. [This training](https://learn.microsoft.com/training/modules/hub-and-spoke-network-architecture/) can help to educate yourself on this.\"\n                        },\n                        \"name\": \"querytext2\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/routetables' | mvexpand properties.routes | summarize routeCount = count() by id | extend compliant = (routeCount < 360) | distinct id,compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query2\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Use the setting 'Allow traffic to remote virtual network' when configuring VNet peerings. Check [this link](https://learn.microsoft.com/azure/virtual-network/virtual-network-manage-peering) for further information.. [This training](https://learn.microsoft.com/training/modules/hub-and-spoke-network-architecture/) can help to educate yourself on this.\"\n                        },\n                        \"name\": \"querytext3\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type == 'microsoft.network/virtualnetworks' | mvexpand properties.virtualNetworkPeerings | project id, peeringName=properties_virtualNetworkPeerings.name, compliant = (properties_virtualNetworkPeerings.properties.allowVirtualNetworkAccess == True) | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query3\"\n                    }\n                ]\n            },\n            \"conditionalVisibility\": {\n                \"parameterName\": \"VisibleTab\",\n                \"comparison\": \"isEqualTo\",\n                \"value\": \"tab1\"\n            },\n            \"name\": \"tab1\"\n        },\n        {\n            \"type\": 12,\n            \"content\": {\n                \"version\": \"NotebookGroup/1.0\",\n                \"groupType\": \"editable\",\n                \"items\": [\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"## Hybrid\"\n                        },\n                        \"name\": \"tab2title\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Select the right SKU for the ExpressRoute/VPN gateways based on bandwidth and performance requirements. Check [this link](https://learn.microsoft.com/azure/expressroute/expressroute-about-virtual-network-gateways?source=recommendations#gwsku) for further information.. [This training](https://learn.microsoft.com/learn/modules/design-implement-azure-expressroute/) can help to educate yourself on this.\"\n                        },\n                        \"name\": \"querytext7\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources| where type == 'microsoft.network/virtualnetworkgateways'| where properties.gatewayType =~ 'vpn' or properties.gatewayType == 'ExpressRoute'| extend SKUName = properties.sku.name, SKUTier = properties.sku.tier, Type = properties.gatewayType| extend compliant = SKUTier !in ('Basic', 'Standard')| project name, id, subscriptionId, resourceGroup, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query7\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Ensure that you're using unlimited-data ExpressRoute circuits only if you reach the bandwidth that justifies their cost. Check [this link](https://learn.microsoft.com/azure/expressroute/plan-manage-cost) for further information.. [This training](https://learn.microsoft.com/training/modules/design-implement-azure-expressroute/) can help to educate yourself on this.\"\n                        },\n                        \"name\": \"querytext8\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/expressroutecircuits' | extend compliant = (tolower(sku.family) == 'metereddata' or tolower(sku.tier) == 'local') | distinct id,compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query8\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Leverage the Local SKU of ExpressRoute to reduce the cost of your circuits, if your circuit peering location supports your Azure regions for the Local SKU. Check [this link](https://learn.microsoft.com/azure/expressroute/expressroute-faqs#expressroute-local) for further information.. [This training](https://learn.microsoft.com/training/modules/design-implement-azure-expressroute/) can help to educate yourself on this.\"\n                        },\n                        \"name\": \"querytext9\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/connections' | where properties.connectionType == 'ExpressRoute' | project id, gwid=tostring(properties.virtualNetworkGateway1.id), circuitid=tostring(properties.peer.id) | join (resources | where type=='microsoft.network/expressroutecircuits' | project circuitid=tostring(id), circuitsku=sku.tier) on circuitid | project id=gwid, compliant = (circuitsku == 'Local') | summarize compliant=max(compliant) by id | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query9\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Deploy a zone-redundant ExpressRoute gateway in the supported Azure regions. Check [this link](https://learn.microsoft.com/azure/expressroute/expressroute-about-virtual-network-gateways) for further information.. [This training](https://learn.microsoft.com/learn/modules/design-implement-azure-expressroute/) can help to educate yourself on this.\"\n                        },\n                        \"name\": \"querytext10\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources| where type == 'microsoft.network/virtualnetworkgateways'| where properties.gatewayType =~ 'vpn' or properties.gatewayType == 'ExpressRoute'| extend SKUName = properties.sku.name, SKUTier = properties.sku.tier, Type = properties.gatewayType| extend compliant = SKUTier contains 'AZ'| project name, id, subscriptionId, resourceGroup, Type, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query10\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Use zone-redundant VPN gateways to connect branches or remote locations to Azure (where available). Check [this link](https://learn.microsoft.com/azure/vpn-gateway/create-zone-redundant-vnet-gateway) for further information.. [This training](https://learn.microsoft.com/training/modules/intro-to-azure-vpn-gateway/) can help to educate yourself on this.\"\n                        },\n                        \"name\": \"querytext11\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/virtualnetworkgateways' | where properties.gatewayType == 'Vpn' | extend compliant = (tolower(properties.sku.name) contains 'az') | distinct id, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query11\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Use ExpressRoute circuits from different peering locations for redundancy. Check [this link](https://learn.microsoft.com/azure/expressroute/designing-for-disaster-recovery-with-expressroute-privatepeering#need-for-redundant-connectivity-solution) for further information.. [This training](https://learn.microsoft.com/learn/modules/design-implement-azure-expressroute/) can help to educate yourself on this.\"\n                        },\n                        \"name\": \"querytext12\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/connections' | where properties.connectionType == 'ExpressRoute' | project cxId=id, gwId=tostring(properties.virtualNetworkGateway1.id), circuitId=tostring(properties.peer.id) | join (resources | where type=='microsoft.network/expressroutecircuits' | project circuitId=tostring(id), circuitLocation=tostring(properties.serviceProviderProperties.peeringLocation)) on circuitId | distinct gwId, circuitLocation | summarize countErLocations=count() by id=gwId | extend compliant = (countErLocations >= 2) | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query12\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"If you are using a route table in the GatewaySubnet, make sure that gateway routes are propagated. Check [this link](https://learn.microsoft.com/azure/vpn-gateway/vpn-gateway-about-vpn-gateway-settings#gwsub) for further information.\"\n                        },\n                        \"name\": \"querytext13\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/virtualnetworks' | project id,resourceGroup,name,subnets=properties.subnets | mv-expand subnets | project id,resourceGroup,name,subnetName=tostring(subnets.name),routeTableId=tostring(subnets.properties.routeTable.id) | where subnetName == 'GatewaySubnet' | join kind=leftouter (Resources | where type == 'microsoft.network/routetables' | project routeTableName=name,routeTableId=id, disableBgpRoutePropagation=properties.disableBgpRoutePropagation) on routeTableId | project id,compliant = (disableBgpRoutePropagation == False or isnull(disableBgpRoutePropagation)) | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query13\"\n                    }\n                ]\n            },\n            \"conditionalVisibility\": {\n                \"parameterName\": \"VisibleTab\",\n                \"comparison\": \"isEqualTo\",\n                \"value\": \"tab2\"\n            },\n            \"name\": \"tab2\"\n        },\n        {\n            \"type\": 12,\n            \"content\": {\n                \"version\": \"NotebookGroup/1.0\",\n                \"groupType\": \"editable\",\n                \"items\": [\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"## PaaS\"\n                        },\n                        \"name\": \"tab3title\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Don't enable virtual network service endpoints by default on all subnets. Check [this link](https://learn.microsoft.com/azure/virtual-network/virtual-network-service-endpoints-overview) for further information.. [This training](https://learn.microsoft.com/learn/paths/implement-network-security/?source=learn) can help to educate yourself on this.\"\n                        },\n                        \"name\": \"querytext20\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type =~ 'microsoft.network/virtualnetworks' | project id,resourceGroup,name,subnets = properties.subnets | mv-expand subnets | project id = subnets.id, resourceGroup, VNet = name, serviceEndpoints = subnets.properties.serviceEndpoints, compliant = (isnull(subnets.properties.serviceEndpoints) or array_length(subnets.properties.serviceEndpoints) == 0) | order by compliant asc | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query20\"\n                    }\n                ]\n            },\n            \"conditionalVisibility\": {\n                \"parameterName\": \"VisibleTab\",\n                \"comparison\": \"isEqualTo\",\n                \"value\": \"tab3\"\n            },\n            \"name\": \"tab3\"\n        },\n        {\n            \"type\": 12,\n            \"content\": {\n                \"version\": \"NotebookGroup/1.0\",\n                \"groupType\": \"editable\",\n                \"items\": [\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"## Firewall\"\n                        },\n                        \"name\": \"tab4title\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Use application rules to filter outbound traffic on destination host name for supported protocols.  Use FQDN-based network rules and Azure Firewall with DNS proxy to filter egress traffic to the Internet over other protocols. Check [this link](https://learn.microsoft.com/azure/firewall/fqdn-filtering-network-rules) for further information.. [This training](https://learn.microsoft.com/learn/paths/secure-networking-infrastructure/) can help to educate yourself on this.\"\n                        },\n                        \"name\": \"querytext14\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/firewallpolicies' | extend compliant = (properties.dnsSettings.enableProxy == true) | distinct id,compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query14\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Use Azure Firewall Premium to enable additional security features. Check [this link](https://learn.microsoft.com/azure/firewall/premium-features) for further information.. [This training](https://learn.microsoft.com/training/modules/introduction-azure-firewall/) can help to educate yourself on this.\"\n                        },\n                        \"name\": \"querytext15\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/firewallpolicies' | extend compliant = (properties.sku.tier == 'Premium') | distinct id,compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query15\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Configure Azure Firewall Threat Intelligence mode to Alert and Deny for additional protection. Check [this link](https://learn.microsoft.com/azure/firewall/premium-features#idps-signature-rules) for further information.\"\n                        },\n                        \"name\": \"querytext16\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/firewallpolicies' | extend compliant = (properties.threatIntelMode == 'Deny') | distinct id,compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query16\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Configure Azure Firewall IDPS mode to Deny for additional protection. Check [this link](https://learn.microsoft.com/azure/firewall/premium-features#idps) for further information.. [This training](https://learn.microsoft.com/training/modules/introduction-azure-firewall/) can help to educate yourself on this.\"\n                        },\n                        \"name\": \"querytext17\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/firewallpolicies' | extend compliant = (properties.intrusionDetection.mode == 'Deny') | project id, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query17\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"For subnets in VNets not connected to Virtual WAN, attach a route table so that Internet traffic is redirected to Azure Firewall or a Network Virtual Appliance. Check [this link](https://learn.microsoft.com/azure/virtual-network/virtual-networks-udr-overview) for further information.\"\n                        },\n                        \"name\": \"querytext18\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/virtualnetworks' | project id,resourceGroup,name,subnets=properties.subnets | mv-expand subnets | project id,name,subnetId=tostring(subnets.id), subnetName=tostring(subnets.name),subnetRT=subnets.properties.routeTable.id | where not (subnetName in ('GatewaySubnet', 'AzureFirewallSubnet', 'RouteServerSubnet', 'AzureBastionSubnet')) | extend hasRT = isnotnull(subnetRT) | distinct id, hasRT, subnetId | join kind=fullouter (resources | where type == 'microsoft.network/virtualnetworks' | mvexpand properties.virtualNetworkPeerings | extend isVWAN=(tolower(split(properties_virtualNetworkPeerings.name, '_')[0]) == 'remotevnettohubpeering') | mv-expand properties.subnets | project id, isVWAN, name, subnetId=tostring(properties_subnets.id), subnetName=tostring(properties_subnets.name) | summarize PeeredToVWAN=max(isVWAN) by id, subnetId | project id, subnetId, isVWANpeer = (PeeredToVWAN == true)) on subnetId | project id=iff(isnotempty(id), id, id1), subnetId=iff(isnotempty(subnetId), subnetId, subnetId1), hasRT, isVWANpeer | extend compliant = (hasRT==true or isVWANpeer==true) | distinct id, subnetId, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query18\"\n                    }\n                ]\n            },\n            \"conditionalVisibility\": {\n                \"parameterName\": \"VisibleTab\",\n                \"comparison\": \"isEqualTo\",\n                \"value\": \"tab4\"\n            },\n            \"name\": \"tab4\"\n        },\n        {\n            \"type\": 12,\n            \"content\": {\n                \"version\": \"NotebookGroup/1.0\",\n                \"groupType\": \"editable\",\n                \"items\": [\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"## IP plan\"\n                        },\n                        \"name\": \"tab5title\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Use IP addresses from the address allocation ranges for private internets (RFC 1918). Check [this link](https://learn.microsoft.com/azure/cloud-adoption-framework/ready/azure-best-practices/plan-for-ip-addressing) for further information.. [This training](https://learn.microsoft.com/learn/paths/architect-network-infrastructure/) can help to educate yourself on this.\"\n                        },\n                        \"name\": \"querytext4\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type == 'microsoft.network/virtualnetworks' | extend addressSpace = todynamic(properties.addressSpace) | extend addressPrefix = todynamic(properties.addressSpace.addressPrefixes) | mvexpand addressSpace | mvexpand addressPrefix | project name, id, location, resourceGroup, subscriptionId, cidr = addressPrefix | extend compliant = (cidr matches regex @'^(10\\\\.|172\\\\.(1[6-9]|2[0-9]|3[01])\\\\.|192\\\\.168\\\\.)')  | project id, compliant, cidr | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query4\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Ensure that IP address space isn't wasted, don't create unnecessarily large virtual networks (for example /16). Check [this link](https://learn.microsoft.com/azure/cloud-adoption-framework/ready/azure-best-practices/plan-for-ip-addressing) for further information.. [This training](https://learn.microsoft.com/learn/paths/architect-network-infrastructure/) can help to educate yourself on this.\"\n                        },\n                        \"name\": \"querytext5\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type == 'microsoft.network/virtualnetworks' | extend addressSpace = todynamic(properties.addressSpace) | extend addressPrefix = todynamic(properties.addressSpace.addressPrefixes) | mvexpand addressSpace | mvexpand addressPrefix | extend addressMask = split(addressPrefix,'/')[1] | extend compliant = addressMask > 16 | project name, id, subscriptionId, resourceGroup, addressPrefix, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query5\"\n                    }\n                ]\n            },\n            \"conditionalVisibility\": {\n                \"parameterName\": \"VisibleTab\",\n                \"comparison\": \"isEqualTo\",\n                \"value\": \"tab5\"\n            },\n            \"name\": \"tab5\"\n        },\n        {\n            \"type\": 12,\n            \"content\": {\n                \"version\": \"NotebookGroup/1.0\",\n                \"groupType\": \"editable\",\n                \"items\": [\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"## Virtual WAN\"\n                        },\n                        \"name\": \"tab6title\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"For outbound Internet traffic protection and filtering, deploy Azure Firewall in secured hubs. Check [this link](https://learn.microsoft.com/azure/virtual-wan/howto-firewall) for further information.. [This training](https://learn.microsoft.com/learn/paths/secure-networking-infrastructure/) can help to educate yourself on this.\"\n                        },\n                        \"name\": \"querytext24\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/virtualhubs' | extend compliant = isnotnull(properties.azureFirewall.id) | project id, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query24\"\n                    }\n                ]\n            },\n            \"conditionalVisibility\": {\n                \"parameterName\": \"VisibleTab\",\n                \"comparison\": \"isEqualTo\",\n                \"value\": \"tab6\"\n            },\n            \"name\": \"tab6\"\n        },\n        {\n            \"type\": 12,\n            \"content\": {\n                \"version\": \"NotebookGroup/1.0\",\n                \"groupType\": \"editable\",\n                \"items\": [\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"## Internet\"\n                        },\n                        \"name\": \"tab7title\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Use Azure Bastion in a subnet /26 or larger. Check [this link](https://learn.microsoft.com/azure/bastion/bastion-faq#subnet) for further information.. [This training](https://learn.microsoft.com/training/modules/intro-to-azure-bastion/) can help to educate yourself on this.\"\n                        },\n                        \"name\": \"querytext6\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/virtualnetworks' | project id,subnets=properties.subnets | mv-expand subnets | project id, subnetName = subnets.name, subnetPrefix = subnets.properties.addressPrefix | extend subnetPrefixLength = split(subnetPrefix, '/')[1] | where subnetName == 'AzureBastionSubnet' | extend compliant = (subnetPrefixLength <= 26) | distinct id, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query6\"\n                    }\n                ]\n            },\n            \"conditionalVisibility\": {\n                \"parameterName\": \"VisibleTab\",\n                \"comparison\": \"isEqualTo\",\n                \"value\": \"tab7\"\n            },\n            \"name\": \"tab7\"\n        }\n    ],\n    \"$schema\": \"https://github.com/Microsoft/Application-Insights-Workbooks/blob/master/schema/workbook.json\"\n}",
+                "serializedData": "{\n    \"version\": \"Notebook/1.0\",\n    \"items\": [\n        {\n            \"type\": 9,\n            \"content\": {\n                \"version\": \"KqlParameterItem/1.0\",\n                \"parameters\": [\n                    {\n                        \"id\": \"497a107e-dde8-433e-b263-35ac8e8f7834\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Subscription\",\n                        \"type\": 6,\n                        \"multiSelect\": true,\n                        \"quote\": \"'\",\n                        \"delimiter\": \",\",\n                        \"typeSettings\": {\n                            \"additionalResourceOptions\": [\n                                \"value::all\"\n                            ],\n                            \"includeAll\": true,\n                            \"showDefault\": false\n                        },\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"value\": [\n                            \"value::all\"\n                        ]\n                    },\n                    {\n                        \"id\": \"844e4f4e-df51-4e3c-8eaf-0dc78b92c721\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"OnlyFailed\",\n                        \"label\": \"Only show failed\",\n                        \"type\": 2,\n                        \"typeSettings\": {\n                            \"additionalResourceOptions\": [],\n                            \"showDefault\": false\n                        },\n                        \"jsonData\": \"[\\r\\n    { \\\"value\\\":true, \\\"label\\\":\\\"True\\\" },\\r\\n    { \\\"value\\\":false, \\\"label\\\":\\\"False\\\", \\\"selected\\\":true }\\r\\n]\"\n                    }\n                ],\n                \"style\": \"pills\",\n                \"queryType\": 0,\n                \"resourceType\": \"microsoft.operationalinsights/workspaces\"\n            },\n            \"name\": \"WorkbookSelectors\"\n        },\n        {\n            \"type\": 1,\n            \"content\": {\n                \"json\": \"If you set \\\"Only show failed\\\" to \\\"Yes\\\", the different queries will only show items that have failed their compliance checks.\",\n                \"style\": \"info\"\n            },\n            \"name\": \"InfoBox\"\n        },\n        {\n            \"type\": 9,\n            \"content\": {\n                \"version\": \"KqlParameterItem/1.0\",\n                \"crossComponentResources\": [\n                    \"value::all\"\n                ],\n                \"parameters\": [\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query0Stats\",\n                        \"type\": 1,\n                        \"query\": \"resources | where type=='microsoft.network/virtualnetworks' | project id,subnets=properties.subnets | mv-expand subnets | project id, subnetName = subnets.name, subnetPrefix = subnets.properties.addressPrefix | extend subnetPrefixLength = split(subnetPrefix, '/')[1] | where subnetName == 'RouteServerSubnet' | extend compliant = (subnetPrefixLength <= 27) | distinct id, compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                        \"crossComponentResources\": [\n                            \"{Subscription}\"\n                        ],\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 1,\n                        \"resourceType\": \"microsoft.resourcegraph/resources\"\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query0FullyCompliant\",\n                        \"type\": 1,\n                        \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query0Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 8\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query1Stats\",\n                        \"type\": 1,\n                        \"query\": \"resources | where type == 'microsoft.network/virtualnetworks' | mvexpand properties.virtualNetworkPeerings | summarize peeringcount = count() by id | extend compliant = (peeringcount < 450) | distinct id,compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                        \"crossComponentResources\": [\n                            \"{Subscription}\"\n                        ],\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 1,\n                        \"resourceType\": \"microsoft.resourcegraph/resources\"\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query1FullyCompliant\",\n                        \"type\": 1,\n                        \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query1Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 8\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query2Stats\",\n                        \"type\": 1,\n                        \"query\": \"resources | where type=='microsoft.network/routetables' | mvexpand properties.routes | summarize routeCount = count() by id | extend compliant = (routeCount < 360) | distinct id,compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                        \"crossComponentResources\": [\n                            \"{Subscription}\"\n                        ],\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 1,\n                        \"resourceType\": \"microsoft.resourcegraph/resources\"\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query2FullyCompliant\",\n                        \"type\": 1,\n                        \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query2Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 8\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query3Stats\",\n                        \"type\": 1,\n                        \"query\": \"resources | where type == 'microsoft.network/virtualnetworks' | mvexpand properties.virtualNetworkPeerings | project id, peeringName=properties_virtualNetworkPeerings.name, compliant = (properties_virtualNetworkPeerings.properties.allowVirtualNetworkAccess == True)| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                        \"crossComponentResources\": [\n                            \"{Subscription}\"\n                        ],\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 1,\n                        \"resourceType\": \"microsoft.resourcegraph/resources\"\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query3FullyCompliant\",\n                        \"type\": 1,\n                        \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query3Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 8\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query4Stats\",\n                        \"type\": 1,\n                        \"query\": \"resources | where type == 'microsoft.network/virtualnetworks' | extend addressSpace = todynamic(properties.addressSpace) | extend addressPrefix = todynamic(properties.addressSpace.addressPrefixes) | mvexpand addressSpace | mvexpand addressPrefix | project name, id, location, resourceGroup, subscriptionId, cidr = addressPrefix | extend compliant = (cidr matches regex @'^(10\\\\.|172\\\\.(1[6-9]|2[0-9]|3[01])\\\\.|192\\\\.168\\\\.)')  | project id, compliant, cidr| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                        \"crossComponentResources\": [\n                            \"{Subscription}\"\n                        ],\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 1,\n                        \"resourceType\": \"microsoft.resourcegraph/resources\"\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query4FullyCompliant\",\n                        \"type\": 1,\n                        \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query4Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 8\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query5Stats\",\n                        \"type\": 1,\n                        \"query\": \"resources | where type == 'microsoft.network/virtualnetworks' | extend addressSpace = todynamic(properties.addressSpace) | extend addressPrefix = todynamic(properties.addressSpace.addressPrefixes) | mvexpand addressSpace | mvexpand addressPrefix | extend addressMask = split(addressPrefix,'/')[1] | extend compliant = addressMask > 16 | project name, id, subscriptionId, resourceGroup, addressPrefix, compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                        \"crossComponentResources\": [\n                            \"{Subscription}\"\n                        ],\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 1,\n                        \"resourceType\": \"microsoft.resourcegraph/resources\"\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query5FullyCompliant\",\n                        \"type\": 1,\n                        \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query5Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 8\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query6Stats\",\n                        \"type\": 1,\n                        \"query\": \"resources | where type=='microsoft.network/virtualnetworks' | project id,subnets=properties.subnets | mv-expand subnets | project id, subnetName = subnets.name, subnetPrefix = subnets.properties.addressPrefix | extend subnetPrefixLength = split(subnetPrefix, '/')[1] | where subnetName == 'AzureBastionSubnet' | extend compliant = (subnetPrefixLength <= 26) | distinct id, compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                        \"crossComponentResources\": [\n                            \"{Subscription}\"\n                        ],\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 1,\n                        \"resourceType\": \"microsoft.resourcegraph/resources\"\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query6FullyCompliant\",\n                        \"type\": 1,\n                        \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query6Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 8\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query7Stats\",\n                        \"type\": 1,\n                        \"query\": \"resources| where type == 'microsoft.network/virtualnetworkgateways'| where properties.gatewayType =~ 'vpn' or properties.gatewayType == 'ExpressRoute'| extend SKUName = properties.sku.name, SKUTier = properties.sku.tier, Type = properties.gatewayType| extend compliant = SKUTier !in ('Basic', 'Standard')| project name, id, subscriptionId, resourceGroup, compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                        \"crossComponentResources\": [\n                            \"{Subscription}\"\n                        ],\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 1,\n                        \"resourceType\": \"microsoft.resourcegraph/resources\"\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query7FullyCompliant\",\n                        \"type\": 1,\n                        \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query7Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 8\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query8Stats\",\n                        \"type\": 1,\n                        \"query\": \"resources | where type=='microsoft.network/expressroutecircuits' | extend compliant = (tolower(sku.family) == 'metereddata' or tolower(sku.tier) == 'local') | distinct id,compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                        \"crossComponentResources\": [\n                            \"{Subscription}\"\n                        ],\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 1,\n                        \"resourceType\": \"microsoft.resourcegraph/resources\"\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query8FullyCompliant\",\n                        \"type\": 1,\n                        \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query8Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 8\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query9Stats\",\n                        \"type\": 1,\n                        \"query\": \"resources | where type=='microsoft.network/connections' | where properties.connectionType == 'ExpressRoute' | project id, gwid=tostring(properties.virtualNetworkGateway1.id), circuitid=tostring(properties.peer.id) | join (resources | where type=='microsoft.network/expressroutecircuits' | project circuitid=tostring(id), circuitsku=sku.tier) on circuitid | project id=gwid, compliant = (circuitsku == 'Local') | summarize compliant=max(compliant) by id| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                        \"crossComponentResources\": [\n                            \"{Subscription}\"\n                        ],\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 1,\n                        \"resourceType\": \"microsoft.resourcegraph/resources\"\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query9FullyCompliant\",\n                        \"type\": 1,\n                        \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query9Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 8\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query10Stats\",\n                        \"type\": 1,\n                        \"query\": \"resources| where type == 'microsoft.network/virtualnetworkgateways'| where properties.gatewayType =~ 'vpn' or properties.gatewayType == 'ExpressRoute'| extend SKUName = properties.sku.name, SKUTier = properties.sku.tier, Type = properties.gatewayType| extend compliant = SKUTier contains 'AZ'| project name, id, subscriptionId, resourceGroup, Type, compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                        \"crossComponentResources\": [\n                            \"{Subscription}\"\n                        ],\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 1,\n                        \"resourceType\": \"microsoft.resourcegraph/resources\"\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query10FullyCompliant\",\n                        \"type\": 1,\n                        \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query10Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 8\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query11Stats\",\n                        \"type\": 1,\n                        \"query\": \"resources | where type=='microsoft.network/virtualnetworkgateways' | where properties.gatewayType == 'Vpn' | extend compliant = (tolower(properties.sku.name) contains 'az') | distinct id, compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                        \"crossComponentResources\": [\n                            \"{Subscription}\"\n                        ],\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 1,\n                        \"resourceType\": \"microsoft.resourcegraph/resources\"\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query11FullyCompliant\",\n                        \"type\": 1,\n                        \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query11Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 8\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query12Stats\",\n                        \"type\": 1,\n                        \"query\": \"resources | where type=='microsoft.network/connections' | where properties.connectionType == 'ExpressRoute' | project cxId=id, gwId=tostring(properties.virtualNetworkGateway1.id), circuitId=tostring(properties.peer.id) | join (resources | where type=='microsoft.network/expressroutecircuits' | project circuitId=tostring(id), circuitLocation=tostring(properties.serviceProviderProperties.peeringLocation)) on circuitId | distinct gwId, circuitLocation | summarize countErLocations=count() by id=gwId | extend compliant = (countErLocations >= 2)| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                        \"crossComponentResources\": [\n                            \"{Subscription}\"\n                        ],\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 1,\n                        \"resourceType\": \"microsoft.resourcegraph/resources\"\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query12FullyCompliant\",\n                        \"type\": 1,\n                        \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query12Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 8\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query13Stats\",\n                        \"type\": 1,\n                        \"query\": \"resources | where type=='microsoft.network/virtualnetworks' | project id,resourceGroup,name,subnets=properties.subnets | mv-expand subnets | project id,resourceGroup,name,subnetName=tostring(subnets.name),routeTableId=tostring(subnets.properties.routeTable.id) | where subnetName == 'GatewaySubnet' | join kind=leftouter (Resources | where type == 'microsoft.network/routetables' | project routeTableName=name,routeTableId=id, disableBgpRoutePropagation=properties.disableBgpRoutePropagation) on routeTableId | project id,compliant = (disableBgpRoutePropagation == False or isnull(disableBgpRoutePropagation))| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                        \"crossComponentResources\": [\n                            \"{Subscription}\"\n                        ],\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 1,\n                        \"resourceType\": \"microsoft.resourcegraph/resources\"\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query13FullyCompliant\",\n                        \"type\": 1,\n                        \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query13Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 8\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query14Stats\",\n                        \"type\": 1,\n                        \"query\": \"resources | where type=='microsoft.network/firewallpolicies' | extend compliant = (properties.dnsSettings.enableProxy == true) | distinct id,compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                        \"crossComponentResources\": [\n                            \"{Subscription}\"\n                        ],\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 1,\n                        \"resourceType\": \"microsoft.resourcegraph/resources\"\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query14FullyCompliant\",\n                        \"type\": 1,\n                        \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query14Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 8\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query15Stats\",\n                        \"type\": 1,\n                        \"query\": \"resources | where type=='microsoft.network/firewallpolicies' | extend compliant = (properties.sku.tier == 'Premium') | distinct id,compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                        \"crossComponentResources\": [\n                            \"{Subscription}\"\n                        ],\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 1,\n                        \"resourceType\": \"microsoft.resourcegraph/resources\"\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query15FullyCompliant\",\n                        \"type\": 1,\n                        \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query15Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 8\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query16Stats\",\n                        \"type\": 1,\n                        \"query\": \"resources | where type=='microsoft.network/firewallpolicies' | extend compliant = (properties.threatIntelMode == 'Deny') | distinct id,compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                        \"crossComponentResources\": [\n                            \"{Subscription}\"\n                        ],\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 1,\n                        \"resourceType\": \"microsoft.resourcegraph/resources\"\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query16FullyCompliant\",\n                        \"type\": 1,\n                        \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query16Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 8\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query17Stats\",\n                        \"type\": 1,\n                        \"query\": \"resources | where type=='microsoft.network/firewallpolicies' | extend compliant = (properties.intrusionDetection.mode == 'Deny') | project id, compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                        \"crossComponentResources\": [\n                            \"{Subscription}\"\n                        ],\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 1,\n                        \"resourceType\": \"microsoft.resourcegraph/resources\"\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query17FullyCompliant\",\n                        \"type\": 1,\n                        \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query17Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 8\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query18Stats\",\n                        \"type\": 1,\n                        \"query\": \"resources | where type=='microsoft.network/virtualnetworks' | project id,resourceGroup,name,subnets=properties.subnets | mv-expand subnets | project id,name,subnetId=tostring(subnets.id), subnetName=tostring(subnets.name),subnetRT=subnets.properties.routeTable.id | where not (subnetName in ('GatewaySubnet', 'AzureFirewallSubnet', 'RouteServerSubnet', 'AzureBastionSubnet')) | extend hasRT = isnotnull(subnetRT) | distinct id, hasRT, subnetId | join kind=fullouter (resources | where type == 'microsoft.network/virtualnetworks' | mvexpand properties.virtualNetworkPeerings | extend isVWAN=(tolower(split(properties_virtualNetworkPeerings.name, '_')[0]) == 'remotevnettohubpeering') | mv-expand properties.subnets | project id, isVWAN, name, subnetId=tostring(properties_subnets.id), subnetName=tostring(properties_subnets.name) | summarize PeeredToVWAN=max(isVWAN) by id, subnetId | project id, subnetId, isVWANpeer = (PeeredToVWAN == true)) on subnetId | project id=iff(isnotempty(id), id, id1), subnetId=iff(isnotempty(subnetId), subnetId, subnetId1), hasRT, isVWANpeer | extend compliant = (hasRT==true or isVWANpeer==true) | distinct id, subnetId, compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                        \"crossComponentResources\": [\n                            \"{Subscription}\"\n                        ],\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 1,\n                        \"resourceType\": \"microsoft.resourcegraph/resources\"\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query18FullyCompliant\",\n                        \"type\": 1,\n                        \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query18Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 8\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query19Stats\",\n                        \"type\": 1,\n                        \"query\": \"resources | where type=='microsoft.network/virtualnetworks' | project id,subnets=properties.subnets | mv-expand subnets | project id, subnetName = subnets.name, subnetPrefix = subnets.properties.addressPrefix | extend subnetPrefixLength = split(subnetPrefix, '/')[1] | where subnetName == 'AzureFirewallSubnet' | extend compliant = (subnetPrefixLength == 26) | distinct id, compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                        \"crossComponentResources\": [\n                            \"{Subscription}\"\n                        ],\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 1,\n                        \"resourceType\": \"microsoft.resourcegraph/resources\"\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query19FullyCompliant\",\n                        \"type\": 1,\n                        \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query19Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 8\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query20Stats\",\n                        \"type\": 1,\n                        \"query\": \"resources | where type =~ 'microsoft.network/virtualnetworks' | project id,resourceGroup,name,subnets = properties.subnets | mv-expand subnets | project id = subnets.id, resourceGroup, VNet = name, serviceEndpoints = subnets.properties.serviceEndpoints, compliant = (isnull(subnets.properties.serviceEndpoints) or array_length(subnets.properties.serviceEndpoints) == 0) | order by compliant asc| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                        \"crossComponentResources\": [\n                            \"{Subscription}\"\n                        ],\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 1,\n                        \"resourceType\": \"microsoft.resourcegraph/resources\"\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query20FullyCompliant\",\n                        \"type\": 1,\n                        \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query20Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 8\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query21Stats\",\n                        \"type\": 1,\n                        \"query\": \"resources | where type=='microsoft.network/virtualnetworks' | project id,subnets=properties.subnets | mv-expand subnets | project id, subnetName = subnets.name, subnetPrefix = subnets.properties.addressPrefix | extend subnetPrefixLength = split(subnetPrefix, '/')[1] | where subnetName == 'GatewaySubnet' | extend compliant = (subnetPrefixLength <= 27) | distinct id, compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                        \"crossComponentResources\": [\n                            \"{Subscription}\"\n                        ],\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 1,\n                        \"resourceType\": \"microsoft.resourcegraph/resources\"\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query21FullyCompliant\",\n                        \"type\": 1,\n                        \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query21Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 8\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query22Stats\",\n                        \"type\": 1,\n                        \"query\": \"resources | where type=='microsoft.network/networksecuritygroups' | mvexpand properties.securityRules | project id,name,ruleAction=properties_securityRules.properties.access,rulePriority=properties_securityRules.properties.priority,ruleDst=properties_securityRules.properties.destinationAddressPrefix,ruleSrc=properties_securityRules.properties.sourceAddressPrefix,ruleProt=properties_securityRules.properties.protocol,ruleDirection=properties_securityRules.properties.direction,rulePort=properties_securityRules.properties.destinationPortRange | summarize StarDenies=countif(ruleAction=='Deny' and ruleDst=='*' and ruleSrc=='*' and ruleProt=='*' and rulePort=='*') by id,tostring(ruleDirection) | where ruleDirection == 'Inbound' | project id,compliant=(StarDenies>0) | union (resources | where type=='microsoft.network/networksecuritygroups' | where array_length(properties.securityRules)==0 | extend compliant=false | project id,compliant)| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                        \"crossComponentResources\": [\n                            \"{Subscription}\"\n                        ],\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 1,\n                        \"resourceType\": \"microsoft.resourcegraph/resources\"\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query22FullyCompliant\",\n                        \"type\": 1,\n                        \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query22Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 8\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query23Stats\",\n                        \"type\": 1,\n                        \"query\": \"resources | where type == 'microsoft.network/networksecuritygroups' | project id, rules = array_length(properties.securityRules) | project id, compliant = (rules < 900)| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                        \"crossComponentResources\": [\n                            \"{Subscription}\"\n                        ],\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 1,\n                        \"resourceType\": \"microsoft.resourcegraph/resources\"\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query23FullyCompliant\",\n                        \"type\": 1,\n                        \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query23Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 8\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query24Stats\",\n                        \"type\": 1,\n                        \"query\": \"resources | where type=='microsoft.network/virtualhubs' | extend compliant = isnotnull(properties.azureFirewall.id) | project id, compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                        \"crossComponentResources\": [\n                            \"{Subscription}\"\n                        ],\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 1,\n                        \"resourceType\": \"microsoft.resourcegraph/resources\"\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query24FullyCompliant\",\n                        \"type\": 1,\n                        \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query24Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 8\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Tab0Success\",\n                        \"type\": 1,\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"criteriaData\": [\n                            {\n                                \"criteriaContext\": {\n                                    \"operator\": \"Default\",\n                                    \"resultValType\": \"expression\",\n                                    \"resultVal\": \"{Query6Stats:$.Success}\"\n                                }\n                            }\n                        ]\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Tab0Total\",\n                        \"type\": 1,\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"criteriaData\": [\n                            {\n                                \"criteriaContext\": {\n                                    \"operator\": \"Default\",\n                                    \"resultValType\": \"expression\",\n                                    \"resultVal\": \"{Query6Stats:$.Total}\"\n                                }\n                            }\n                        ]\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Tab0Percent\",\n                        \"type\": 1,\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"criteriaData\": [\n                            {\n                                \"criteriaContext\": {\n                                    \"operator\": \"Default\",\n                                    \"resultValType\": \"expression\",\n                                    \"resultVal\": \"round(100*{Tab0Success}/{Tab0Total})\"\n                                }\n                            }\n                        ]\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Tab1Success\",\n                        \"type\": 1,\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"criteriaData\": [\n                            {\n                                \"criteriaContext\": {\n                                    \"operator\": \"Default\",\n                                    \"resultValType\": \"expression\",\n                                    \"resultVal\": \"{Query24Stats:$.Success}\"\n                                }\n                            }\n                        ]\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Tab1Total\",\n                        \"type\": 1,\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"criteriaData\": [\n                            {\n                                \"criteriaContext\": {\n                                    \"operator\": \"Default\",\n                                    \"resultValType\": \"expression\",\n                                    \"resultVal\": \"{Query24Stats:$.Total}\"\n                                }\n                            }\n                        ]\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Tab1Percent\",\n                        \"type\": 1,\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"criteriaData\": [\n                            {\n                                \"criteriaContext\": {\n                                    \"operator\": \"Default\",\n                                    \"resultValType\": \"expression\",\n                                    \"resultVal\": \"round(100*{Tab1Success}/{Tab1Total})\"\n                                }\n                            }\n                        ]\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Tab2Success\",\n                        \"type\": 1,\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"criteriaData\": [\n                            {\n                                \"criteriaContext\": {\n                                    \"operator\": \"Default\",\n                                    \"resultValType\": \"expression\",\n                                    \"resultVal\": \"{Query0Stats:$.Success}+{Query1Stats:$.Success}+{Query2Stats:$.Success}+{Query3Stats:$.Success}\"\n                                }\n                            }\n                        ]\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Tab2Total\",\n                        \"type\": 1,\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"criteriaData\": [\n                            {\n                                \"criteriaContext\": {\n                                    \"operator\": \"Default\",\n                                    \"resultValType\": \"expression\",\n                                    \"resultVal\": \"{Query0Stats:$.Total}+{Query1Stats:$.Total}+{Query2Stats:$.Total}+{Query3Stats:$.Total}\"\n                                }\n                            }\n                        ]\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Tab2Percent\",\n                        \"type\": 1,\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"criteriaData\": [\n                            {\n                                \"criteriaContext\": {\n                                    \"operator\": \"Default\",\n                                    \"resultValType\": \"expression\",\n                                    \"resultVal\": \"round(100*{Tab2Success}/{Tab2Total})\"\n                                }\n                            }\n                        ]\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Tab3Success\",\n                        \"type\": 1,\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"criteriaData\": [\n                            {\n                                \"criteriaContext\": {\n                                    \"operator\": \"Default\",\n                                    \"resultValType\": \"expression\",\n                                    \"resultVal\": \"{Query19Stats:$.Success}+{Query21Stats:$.Success}+{Query22Stats:$.Success}+{Query23Stats:$.Success}\"\n                                }\n                            }\n                        ]\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Tab3Total\",\n                        \"type\": 1,\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"criteriaData\": [\n                            {\n                                \"criteriaContext\": {\n                                    \"operator\": \"Default\",\n                                    \"resultValType\": \"expression\",\n                                    \"resultVal\": \"{Query19Stats:$.Total}+{Query21Stats:$.Total}+{Query22Stats:$.Total}+{Query23Stats:$.Total}\"\n                                }\n                            }\n                        ]\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Tab3Percent\",\n                        \"type\": 1,\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"criteriaData\": [\n                            {\n                                \"criteriaContext\": {\n                                    \"operator\": \"Default\",\n                                    \"resultValType\": \"expression\",\n                                    \"resultVal\": \"round(100*{Tab3Success}/{Tab3Total})\"\n                                }\n                            }\n                        ]\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Tab4Success\",\n                        \"type\": 1,\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"criteriaData\": [\n                            {\n                                \"criteriaContext\": {\n                                    \"operator\": \"Default\",\n                                    \"resultValType\": \"expression\",\n                                    \"resultVal\": \"{Query14Stats:$.Success}+{Query15Stats:$.Success}+{Query16Stats:$.Success}+{Query17Stats:$.Success}+{Query18Stats:$.Success}\"\n                                }\n                            }\n                        ]\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Tab4Total\",\n                        \"type\": 1,\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"criteriaData\": [\n                            {\n                                \"criteriaContext\": {\n                                    \"operator\": \"Default\",\n                                    \"resultValType\": \"expression\",\n                                    \"resultVal\": \"{Query14Stats:$.Total}+{Query15Stats:$.Total}+{Query16Stats:$.Total}+{Query17Stats:$.Total}+{Query18Stats:$.Total}\"\n                                }\n                            }\n                        ]\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Tab4Percent\",\n                        \"type\": 1,\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"criteriaData\": [\n                            {\n                                \"criteriaContext\": {\n                                    \"operator\": \"Default\",\n                                    \"resultValType\": \"expression\",\n                                    \"resultVal\": \"round(100*{Tab4Success}/{Tab4Total})\"\n                                }\n                            }\n                        ]\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Tab5Success\",\n                        \"type\": 1,\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"criteriaData\": [\n                            {\n                                \"criteriaContext\": {\n                                    \"operator\": \"Default\",\n                                    \"resultValType\": \"expression\",\n                                    \"resultVal\": \"{Query7Stats:$.Success}+{Query8Stats:$.Success}+{Query9Stats:$.Success}+{Query10Stats:$.Success}+{Query11Stats:$.Success}+{Query12Stats:$.Success}+{Query13Stats:$.Success}\"\n                                }\n                            }\n                        ]\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Tab5Total\",\n                        \"type\": 1,\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"criteriaData\": [\n                            {\n                                \"criteriaContext\": {\n                                    \"operator\": \"Default\",\n                                    \"resultValType\": \"expression\",\n                                    \"resultVal\": \"{Query7Stats:$.Total}+{Query8Stats:$.Total}+{Query9Stats:$.Total}+{Query10Stats:$.Total}+{Query11Stats:$.Total}+{Query12Stats:$.Total}+{Query13Stats:$.Total}\"\n                                }\n                            }\n                        ]\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Tab5Percent\",\n                        \"type\": 1,\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"criteriaData\": [\n                            {\n                                \"criteriaContext\": {\n                                    \"operator\": \"Default\",\n                                    \"resultValType\": \"expression\",\n                                    \"resultVal\": \"round(100*{Tab5Success}/{Tab5Total})\"\n                                }\n                            }\n                        ]\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Tab6Success\",\n                        \"type\": 1,\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"criteriaData\": [\n                            {\n                                \"criteriaContext\": {\n                                    \"operator\": \"Default\",\n                                    \"resultValType\": \"expression\",\n                                    \"resultVal\": \"{Query4Stats:$.Success}+{Query5Stats:$.Success}\"\n                                }\n                            }\n                        ]\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Tab6Total\",\n                        \"type\": 1,\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"criteriaData\": [\n                            {\n                                \"criteriaContext\": {\n                                    \"operator\": \"Default\",\n                                    \"resultValType\": \"expression\",\n                                    \"resultVal\": \"{Query4Stats:$.Total}+{Query5Stats:$.Total}\"\n                                }\n                            }\n                        ]\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Tab6Percent\",\n                        \"type\": 1,\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"criteriaData\": [\n                            {\n                                \"criteriaContext\": {\n                                    \"operator\": \"Default\",\n                                    \"resultValType\": \"expression\",\n                                    \"resultVal\": \"round(100*{Tab6Success}/{Tab6Total})\"\n                                }\n                            }\n                        ]\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Tab7Success\",\n                        \"type\": 1,\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"criteriaData\": [\n                            {\n                                \"criteriaContext\": {\n                                    \"operator\": \"Default\",\n                                    \"resultValType\": \"expression\",\n                                    \"resultVal\": \"{Query20Stats:$.Success}\"\n                                }\n                            }\n                        ]\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Tab7Total\",\n                        \"type\": 1,\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"criteriaData\": [\n                            {\n                                \"criteriaContext\": {\n                                    \"operator\": \"Default\",\n                                    \"resultValType\": \"expression\",\n                                    \"resultVal\": \"{Query20Stats:$.Total}\"\n                                }\n                            }\n                        ]\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Tab7Percent\",\n                        \"type\": 1,\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"criteriaData\": [\n                            {\n                                \"criteriaContext\": {\n                                    \"operator\": \"Default\",\n                                    \"resultValType\": \"expression\",\n                                    \"resultVal\": \"round(100*{Tab7Success}/{Tab7Total})\"\n                                }\n                            }\n                        ]\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"WorkbookTotal\",\n                        \"type\": 1,\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"criteriaData\": [\n                            {\n                                \"criteriaContext\": {\n                                    \"operator\": \"Default\",\n                                    \"resultValType\": \"expression\",\n                                    \"resultVal\": \"{Query6Stats:$.Total}+{Query24Stats:$.Total}+{Query0Stats:$.Total}+{Query1Stats:$.Total}+{Query2Stats:$.Total}+{Query3Stats:$.Total}+{Query19Stats:$.Total}+{Query21Stats:$.Total}+{Query22Stats:$.Total}+{Query23Stats:$.Total}+{Query14Stats:$.Total}+{Query15Stats:$.Total}+{Query16Stats:$.Total}+{Query17Stats:$.Total}+{Query18Stats:$.Total}+{Query7Stats:$.Total}+{Query8Stats:$.Total}+{Query9Stats:$.Total}+{Query10Stats:$.Total}+{Query11Stats:$.Total}+{Query12Stats:$.Total}+{Query13Stats:$.Total}+{Query4Stats:$.Total}+{Query5Stats:$.Total}+{Query20Stats:$.Total}\"\n                                }\n                            }\n                        ]\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"WorkbookSuccess\",\n                        \"type\": 1,\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"criteriaData\": [\n                            {\n                                \"criteriaContext\": {\n                                    \"operator\": \"Default\",\n                                    \"resultValType\": \"expression\",\n                                    \"resultVal\": \"{Query6Stats:$.Success}+{Query24Stats:$.Success}+{Query0Stats:$.Success}+{Query1Stats:$.Success}+{Query2Stats:$.Success}+{Query3Stats:$.Success}+{Query19Stats:$.Success}+{Query21Stats:$.Success}+{Query22Stats:$.Success}+{Query23Stats:$.Success}+{Query14Stats:$.Success}+{Query15Stats:$.Success}+{Query16Stats:$.Success}+{Query17Stats:$.Success}+{Query18Stats:$.Success}+{Query7Stats:$.Success}+{Query8Stats:$.Success}+{Query9Stats:$.Success}+{Query10Stats:$.Success}+{Query11Stats:$.Success}+{Query12Stats:$.Success}+{Query13Stats:$.Success}+{Query4Stats:$.Success}+{Query5Stats:$.Success}+{Query20Stats:$.Success}\"\n                                }\n                            }\n                        ]\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"WorkbookPercent\",\n                        \"type\": 1,\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"criteriaData\": [\n                            {\n                                \"criteriaContext\": {\n                                    \"operator\": \"Default\",\n                                    \"resultValType\": \"expression\",\n                                    \"resultVal\": \"round(100*{WorkbookSuccess}/{WorkbookTotal})\"\n                                }\n                            }\n                        ]\n                    }\n                ],\n                \"style\": \"pills\",\n                \"queryType\": 1,\n                \"resourceType\": \"microsoft.resourcegraph/resources\"\n            },\n            \"name\": \"InvisibleParameters\"\n        },\n        {\n            \"type\": 1,\n            \"content\": {\n                \"json\": \"## Azure Landing Zone Review - Network\\n\\n---\\n\\nThis workbook has been automatically generated out of the checklists in the [Azure Review Checklists repo](https://github.com/Azure/review-checklists). This repo contains best practices and recommendations around generic Landing Zones as well as specific services such as Azure Virtual Desktop, Azure Kubernetes Service or Azure VMware Solution, to name a few. This repository of best practices is curated by Azure engineers, but open to anybody to contribute.\\n\\nIf you see a problem in the queries that are part of this workbook, please open a Github issue [here](https://github.com/Azure/review-checklists/issues/new).\"\n            },\n            \"customWidth\": \"50\",\n            \"name\": \"MarkdownHeader\"\n        },\n        {\n            \"type\": 3,\n            \"content\": {\n                \"version\": \"KqlItem/1.0\",\n                \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"WorkbookPercent\\\\\\\": \\\\\\\"{WorkbookPercent}\\\\\\\", \\\\\\\"SubTitle\\\\\\\": \\\\\\\"Percent of successful checks\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                \"size\": 4,\n                \"queryType\": 8,\n                \"visualization\": \"tiles\",\n                \"tileSettings\": {\n                    \"titleContent\": {\n                        \"columnMatch\": \"WorkbookPercent\",\n                        \"formatter\": 4,\n                        \"formatOptions\": {\n                            \"min\": 0,\n                            \"max\": 100,\n                            \"palette\": \"redGreen\"\n                        }\n                    },\n                    \"subtitleContent\": {\n                        \"columnMatch\": \"SubTitle\",\n                        \"formatter\": 1\n                    },\n                    \"showBorder\": true\n                }\n            },\n            \"customWidth\": \"50\",\n            \"name\": \"ProgressTile\"\n        },\n        {\n            \"type\": 11,\n            \"content\": {\n                \"version\": \"LinkItem/1.0\",\n                \"style\": \"tabs\",\n                \"links\": [\n                    {\n                        \"id\": \"6aaa8018-1abf-471d-87d5-5de92a400c7f\",\n                        \"cellValue\": \"VisibleTab\",\n                        \"linkTarget\": \"parameter\",\n                        \"linkLabel\": \"Internet ({Tab0Success:value}/{Tab0Total:value})\",\n                        \"subTarget\": \"tab0\",\n                        \"preText\": \"Internet\",\n                        \"style\": \"primary\"\n                    },\n                    {\n                        \"id\": \"af3541e0-aa69-4b4f-88f8-aea9ed520cf1\",\n                        \"cellValue\": \"VisibleTab\",\n                        \"linkTarget\": \"parameter\",\n                        \"linkLabel\": \"Virtual WAN ({Tab1Success:value}/{Tab1Total:value})\",\n                        \"subTarget\": \"tab1\",\n                        \"preText\": \"Virtual WAN\",\n                        \"style\": \"primary\"\n                    },\n                    {\n                        \"id\": \"d6f46db2-d3a9-4910-b85e-5b684c280596\",\n                        \"cellValue\": \"VisibleTab\",\n                        \"linkTarget\": \"parameter\",\n                        \"linkLabel\": \"Hub and spoke ({Tab2Success:value}/{Tab2Total:value})\",\n                        \"subTarget\": \"tab2\",\n                        \"preText\": \"Hub and spoke\",\n                        \"style\": \"primary\"\n                    },\n                    {\n                        \"id\": \"e805293d-07eb-47d5-84a0-7b31a2290570\",\n                        \"cellValue\": \"VisibleTab\",\n                        \"linkTarget\": \"parameter\",\n                        \"linkLabel\": \"Segmentation ({Tab3Success:value}/{Tab3Total:value})\",\n                        \"subTarget\": \"tab3\",\n                        \"preText\": \"Segmentation\",\n                        \"style\": \"primary\"\n                    },\n                    {\n                        \"id\": \"b3bf17a7-a879-4b2c-846d-684e9482913a\",\n                        \"cellValue\": \"VisibleTab\",\n                        \"linkTarget\": \"parameter\",\n                        \"linkLabel\": \"Firewall ({Tab4Success:value}/{Tab4Total:value})\",\n                        \"subTarget\": \"tab4\",\n                        \"preText\": \"Firewall\",\n                        \"style\": \"primary\"\n                    },\n                    {\n                        \"id\": \"5691820b-1cdd-4bf2-864c-9954128dd90e\",\n                        \"cellValue\": \"VisibleTab\",\n                        \"linkTarget\": \"parameter\",\n                        \"linkLabel\": \"Hybrid ({Tab5Success:value}/{Tab5Total:value})\",\n                        \"subTarget\": \"tab5\",\n                        \"preText\": \"Hybrid\",\n                        \"style\": \"primary\"\n                    },\n                    {\n                        \"id\": \"ee7c0450-a6e7-4bc5-b34e-6dee6c8e43fb\",\n                        \"cellValue\": \"VisibleTab\",\n                        \"linkTarget\": \"parameter\",\n                        \"linkLabel\": \"IP plan ({Tab6Success:value}/{Tab6Total:value})\",\n                        \"subTarget\": \"tab6\",\n                        \"preText\": \"IP plan\",\n                        \"style\": \"primary\"\n                    },\n                    {\n                        \"id\": \"79138959-9786-447b-91b1-3ee7eba18f20\",\n                        \"cellValue\": \"VisibleTab\",\n                        \"linkTarget\": \"parameter\",\n                        \"linkLabel\": \"PaaS ({Tab7Success:value}/{Tab7Total:value})\",\n                        \"subTarget\": \"tab7\",\n                        \"preText\": \"PaaS\",\n                        \"style\": \"primary\"\n                    }\n                ]\n            },\n            \"name\": \"Tabs\"\n        },\n        {\n            \"type\": 12,\n            \"content\": {\n                \"version\": \"NotebookGroup/1.0\",\n                \"groupType\": \"editable\",\n                \"items\": [\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"## Internet\"\n                        },\n                        \"name\": \"tab0title\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Use Azure Bastion in a subnet /26 or larger. Check [this link](https://learn.microsoft.com/azure/bastion/bastion-faq#subnet) for further information.. [This training](https://learn.microsoft.com/training/modules/intro-to-azure-bastion/) can help to educate yourself on this.\"\n                        },\n                        \"name\": \"querytext6\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/virtualnetworks' | project id,subnets=properties.subnets | mv-expand subnets | project id, subnetName = subnets.name, subnetPrefix = subnets.properties.addressPrefix | extend subnetPrefixLength = split(subnetPrefix, '/')[1] | where subnetName == 'AzureBastionSubnet' | extend compliant = (subnetPrefixLength <= 26) | distinct id, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query6\"\n                    }\n                ]\n            },\n            \"conditionalVisibility\": {\n                \"parameterName\": \"VisibleTab\",\n                \"comparison\": \"isEqualTo\",\n                \"value\": \"tab0\"\n            },\n            \"name\": \"tab0\"\n        },\n        {\n            \"type\": 12,\n            \"content\": {\n                \"version\": \"NotebookGroup/1.0\",\n                \"groupType\": \"editable\",\n                \"items\": [\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"## Virtual WAN\"\n                        },\n                        \"name\": \"tab1title\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"For outbound Internet traffic protection and filtering, deploy Azure Firewall in secured hubs. Check [this link](https://learn.microsoft.com/azure/virtual-wan/howto-firewall) for further information.. [This training](https://learn.microsoft.com/learn/paths/secure-networking-infrastructure/) can help to educate yourself on this.\"\n                        },\n                        \"name\": \"querytext24\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/virtualhubs' | extend compliant = isnotnull(properties.azureFirewall.id) | project id, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query24\"\n                    }\n                ]\n            },\n            \"conditionalVisibility\": {\n                \"parameterName\": \"VisibleTab\",\n                \"comparison\": \"isEqualTo\",\n                \"value\": \"tab1\"\n            },\n            \"name\": \"tab1\"\n        },\n        {\n            \"type\": 12,\n            \"content\": {\n                \"version\": \"NotebookGroup/1.0\",\n                \"groupType\": \"editable\",\n                \"items\": [\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"## Hub and spoke\"\n                        },\n                        \"name\": \"tab2title\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"If using Route Server, use a /27 prefix for the Route Server subnet. Check [this link](https://learn.microsoft.com/azure/route-server/quickstart-configure-route-server-portal#create-a-route-server-1) for further information.. [This training](https://learn.microsoft.com/training/modules/intro-to-azure-route-server/) can help to educate yourself on this.\"\n                        },\n                        \"name\": \"querytext0\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/virtualnetworks' | project id,subnets=properties.subnets | mv-expand subnets | project id, subnetName = subnets.name, subnetPrefix = subnets.properties.addressPrefix | extend subnetPrefixLength = split(subnetPrefix, '/')[1] | where subnetName == 'RouteServerSubnet' | extend compliant = (subnetPrefixLength <= 27) | distinct id, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query0\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"If you have more than 400 spoke networks in a region, deploy an additional hub to bypass VNet peering limits (500) and the maximum number of prefixes that can be advertised via ExpressRoute (1000). Check [this link](https://learn.microsoft.com/azure/azure-resource-manager/management/azure-subscription-service-limits?toc=/azure/virtual-network/toc.json#azure-resource-manager-virtual-networking-limits) for further information.. [This training](https://learn.microsoft.com/training/modules/hub-and-spoke-network-architecture/) can help to educate yourself on this.\"\n                        },\n                        \"name\": \"querytext1\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type == 'microsoft.network/virtualnetworks' | mvexpand properties.virtualNetworkPeerings | summarize peeringcount = count() by id | extend compliant = (peeringcount < 450) | distinct id,compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query1\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Limit the number of routes per route table to 400. Check [this link](https://learn.microsoft.com/azure/azure-resource-manager/management/azure-subscription-service-limits?toc=/azure/virtual-network/toc.json#azure-resource-manager-virtual-networking-limits) for further information.. [This training](https://learn.microsoft.com/training/modules/hub-and-spoke-network-architecture/) can help to educate yourself on this.\"\n                        },\n                        \"name\": \"querytext2\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/routetables' | mvexpand properties.routes | summarize routeCount = count() by id | extend compliant = (routeCount < 360) | distinct id,compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query2\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Use the setting 'Allow traffic to remote virtual network' when configuring VNet peerings. Check [this link](https://learn.microsoft.com/azure/virtual-network/virtual-network-manage-peering) for further information.. [This training](https://learn.microsoft.com/training/modules/hub-and-spoke-network-architecture/) can help to educate yourself on this.\"\n                        },\n                        \"name\": \"querytext3\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type == 'microsoft.network/virtualnetworks' | mvexpand properties.virtualNetworkPeerings | project id, peeringName=properties_virtualNetworkPeerings.name, compliant = (properties_virtualNetworkPeerings.properties.allowVirtualNetworkAccess == True) | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query3\"\n                    }\n                ]\n            },\n            \"conditionalVisibility\": {\n                \"parameterName\": \"VisibleTab\",\n                \"comparison\": \"isEqualTo\",\n                \"value\": \"tab2\"\n            },\n            \"name\": \"tab2\"\n        },\n        {\n            \"type\": 12,\n            \"content\": {\n                \"version\": \"NotebookGroup/1.0\",\n                \"groupType\": \"editable\",\n                \"items\": [\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"## Segmentation\"\n                        },\n                        \"name\": \"tab3title\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Use a /26 prefix for your Azure Firewall subnets. Check [this link](https://learn.microsoft.com/azure/firewall/firewall-faq#why-does-azure-firewall-need-a--26-subnet-size) for further information.. [This training](https://learn.microsoft.com/training/modules/introduction-azure-firewall/) can help to educate yourself on this.\"\n                        },\n                        \"name\": \"querytext19\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/virtualnetworks' | project id,subnets=properties.subnets | mv-expand subnets | project id, subnetName = subnets.name, subnetPrefix = subnets.properties.addressPrefix | extend subnetPrefixLength = split(subnetPrefix, '/')[1] | where subnetName == 'AzureFirewallSubnet' | extend compliant = (subnetPrefixLength == 26) | distinct id, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query19\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Use at least a /27 prefix for your Gateway subnets. Check [this link](https://learn.microsoft.com/azure/expressroute/expressroute-howto-add-gateway-resource-manager#add-a-gateway) for further information.\"\n                        },\n                        \"name\": \"querytext21\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/virtualnetworks' | project id,subnets=properties.subnets | mv-expand subnets | project id, subnetName = subnets.name, subnetPrefix = subnets.properties.addressPrefix | extend subnetPrefixLength = split(subnetPrefix, '/')[1] | where subnetName == 'GatewaySubnet' | extend compliant = (subnetPrefixLength <= 27) | distinct id, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query21\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Don't rely on the NSG inbound default rules using the VirtualNetwork service tag to limit connectivity. Check [this link](https://learn.microsoft.com/azure/virtual-network/service-tags-overview#available-service-tags) for further information.\"\n                        },\n                        \"name\": \"querytext22\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/networksecuritygroups' | mvexpand properties.securityRules | project id,name,ruleAction=properties_securityRules.properties.access,rulePriority=properties_securityRules.properties.priority,ruleDst=properties_securityRules.properties.destinationAddressPrefix,ruleSrc=properties_securityRules.properties.sourceAddressPrefix,ruleProt=properties_securityRules.properties.protocol,ruleDirection=properties_securityRules.properties.direction,rulePort=properties_securityRules.properties.destinationPortRange | summarize StarDenies=countif(ruleAction=='Deny' and ruleDst=='*' and ruleSrc=='*' and ruleProt=='*' and rulePort=='*') by id,tostring(ruleDirection) | where ruleDirection == 'Inbound' | project id,compliant=(StarDenies>0) | union (resources | where type=='microsoft.network/networksecuritygroups' | where array_length(properties.securityRules)==0 | extend compliant=false | project id,compliant) | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query22\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Do not implement more than 900 NSG rules per NSG, due to the limit of 1000 rules. Check [this link](https://learn.microsoft.com/azure/azure-resource-manager/management/azure-subscription-service-limits) for further information.. [This training](https://learn.microsoft.com/azure/virtual-network/network-security-group-how-it-works) can help to educate yourself on this.\"\n                        },\n                        \"name\": \"querytext23\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type == 'microsoft.network/networksecuritygroups' | project id, rules = array_length(properties.securityRules) | project id, compliant = (rules < 900) | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query23\"\n                    }\n                ]\n            },\n            \"conditionalVisibility\": {\n                \"parameterName\": \"VisibleTab\",\n                \"comparison\": \"isEqualTo\",\n                \"value\": \"tab3\"\n            },\n            \"name\": \"tab3\"\n        },\n        {\n            \"type\": 12,\n            \"content\": {\n                \"version\": \"NotebookGroup/1.0\",\n                \"groupType\": \"editable\",\n                \"items\": [\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"## Firewall\"\n                        },\n                        \"name\": \"tab4title\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Use application rules to filter outbound traffic on destination host name for supported protocols.  Use FQDN-based network rules and Azure Firewall with DNS proxy to filter egress traffic to the Internet over other protocols. Check [this link](https://learn.microsoft.com/azure/firewall/fqdn-filtering-network-rules) for further information.. [This training](https://learn.microsoft.com/learn/paths/secure-networking-infrastructure/) can help to educate yourself on this.\"\n                        },\n                        \"name\": \"querytext14\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/firewallpolicies' | extend compliant = (properties.dnsSettings.enableProxy == true) | distinct id,compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query14\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Use Azure Firewall Premium to enable additional security features. Check [this link](https://learn.microsoft.com/azure/firewall/premium-features) for further information.. [This training](https://learn.microsoft.com/training/modules/introduction-azure-firewall/) can help to educate yourself on this.\"\n                        },\n                        \"name\": \"querytext15\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/firewallpolicies' | extend compliant = (properties.sku.tier == 'Premium') | distinct id,compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query15\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Configure Azure Firewall Threat Intelligence mode to Alert and Deny for additional protection. Check [this link](https://learn.microsoft.com/azure/firewall/premium-features#idps-signature-rules) for further information.\"\n                        },\n                        \"name\": \"querytext16\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/firewallpolicies' | extend compliant = (properties.threatIntelMode == 'Deny') | distinct id,compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query16\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Configure Azure Firewall IDPS mode to Deny for additional protection. Check [this link](https://learn.microsoft.com/azure/firewall/premium-features#idps) for further information.. [This training](https://learn.microsoft.com/training/modules/introduction-azure-firewall/) can help to educate yourself on this.\"\n                        },\n                        \"name\": \"querytext17\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/firewallpolicies' | extend compliant = (properties.intrusionDetection.mode == 'Deny') | project id, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query17\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"For subnets in VNets not connected to Virtual WAN, attach a route table so that Internet traffic is redirected to Azure Firewall or a Network Virtual Appliance. Check [this link](https://learn.microsoft.com/azure/virtual-network/virtual-networks-udr-overview) for further information.\"\n                        },\n                        \"name\": \"querytext18\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/virtualnetworks' | project id,resourceGroup,name,subnets=properties.subnets | mv-expand subnets | project id,name,subnetId=tostring(subnets.id), subnetName=tostring(subnets.name),subnetRT=subnets.properties.routeTable.id | where not (subnetName in ('GatewaySubnet', 'AzureFirewallSubnet', 'RouteServerSubnet', 'AzureBastionSubnet')) | extend hasRT = isnotnull(subnetRT) | distinct id, hasRT, subnetId | join kind=fullouter (resources | where type == 'microsoft.network/virtualnetworks' | mvexpand properties.virtualNetworkPeerings | extend isVWAN=(tolower(split(properties_virtualNetworkPeerings.name, '_')[0]) == 'remotevnettohubpeering') | mv-expand properties.subnets | project id, isVWAN, name, subnetId=tostring(properties_subnets.id), subnetName=tostring(properties_subnets.name) | summarize PeeredToVWAN=max(isVWAN) by id, subnetId | project id, subnetId, isVWANpeer = (PeeredToVWAN == true)) on subnetId | project id=iff(isnotempty(id), id, id1), subnetId=iff(isnotempty(subnetId), subnetId, subnetId1), hasRT, isVWANpeer | extend compliant = (hasRT==true or isVWANpeer==true) | distinct id, subnetId, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query18\"\n                    }\n                ]\n            },\n            \"conditionalVisibility\": {\n                \"parameterName\": \"VisibleTab\",\n                \"comparison\": \"isEqualTo\",\n                \"value\": \"tab4\"\n            },\n            \"name\": \"tab4\"\n        },\n        {\n            \"type\": 12,\n            \"content\": {\n                \"version\": \"NotebookGroup/1.0\",\n                \"groupType\": \"editable\",\n                \"items\": [\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"## Hybrid\"\n                        },\n                        \"name\": \"tab5title\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Select the right SKU for the ExpressRoute/VPN gateways based on bandwidth and performance requirements. Check [this link](https://learn.microsoft.com/azure/expressroute/expressroute-about-virtual-network-gateways?source=recommendations#gwsku) for further information.. [This training](https://learn.microsoft.com/learn/modules/design-implement-azure-expressroute/) can help to educate yourself on this.\"\n                        },\n                        \"name\": \"querytext7\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources| where type == 'microsoft.network/virtualnetworkgateways'| where properties.gatewayType =~ 'vpn' or properties.gatewayType == 'ExpressRoute'| extend SKUName = properties.sku.name, SKUTier = properties.sku.tier, Type = properties.gatewayType| extend compliant = SKUTier !in ('Basic', 'Standard')| project name, id, subscriptionId, resourceGroup, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query7\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Ensure that you're using unlimited-data ExpressRoute circuits only if you reach the bandwidth that justifies their cost. Check [this link](https://learn.microsoft.com/azure/expressroute/plan-manage-cost) for further information.. [This training](https://learn.microsoft.com/training/modules/design-implement-azure-expressroute/) can help to educate yourself on this.\"\n                        },\n                        \"name\": \"querytext8\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/expressroutecircuits' | extend compliant = (tolower(sku.family) == 'metereddata' or tolower(sku.tier) == 'local') | distinct id,compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query8\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Leverage the Local SKU of ExpressRoute to reduce the cost of your circuits, if your circuit peering location supports your Azure regions for the Local SKU. Check [this link](https://learn.microsoft.com/azure/expressroute/expressroute-faqs#expressroute-local) for further information.. [This training](https://learn.microsoft.com/training/modules/design-implement-azure-expressroute/) can help to educate yourself on this.\"\n                        },\n                        \"name\": \"querytext9\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/connections' | where properties.connectionType == 'ExpressRoute' | project id, gwid=tostring(properties.virtualNetworkGateway1.id), circuitid=tostring(properties.peer.id) | join (resources | where type=='microsoft.network/expressroutecircuits' | project circuitid=tostring(id), circuitsku=sku.tier) on circuitid | project id=gwid, compliant = (circuitsku == 'Local') | summarize compliant=max(compliant) by id | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query9\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Deploy a zone-redundant ExpressRoute gateway in the supported Azure regions. Check [this link](https://learn.microsoft.com/azure/expressroute/expressroute-about-virtual-network-gateways) for further information.. [This training](https://learn.microsoft.com/learn/modules/design-implement-azure-expressroute/) can help to educate yourself on this.\"\n                        },\n                        \"name\": \"querytext10\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources| where type == 'microsoft.network/virtualnetworkgateways'| where properties.gatewayType =~ 'vpn' or properties.gatewayType == 'ExpressRoute'| extend SKUName = properties.sku.name, SKUTier = properties.sku.tier, Type = properties.gatewayType| extend compliant = SKUTier contains 'AZ'| project name, id, subscriptionId, resourceGroup, Type, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query10\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Use zone-redundant VPN gateways to connect branches or remote locations to Azure (where available). Check [this link](https://learn.microsoft.com/azure/vpn-gateway/create-zone-redundant-vnet-gateway) for further information.. [This training](https://learn.microsoft.com/training/modules/intro-to-azure-vpn-gateway/) can help to educate yourself on this.\"\n                        },\n                        \"name\": \"querytext11\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/virtualnetworkgateways' | where properties.gatewayType == 'Vpn' | extend compliant = (tolower(properties.sku.name) contains 'az') | distinct id, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query11\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Use ExpressRoute circuits from different peering locations for redundancy. Check [this link](https://learn.microsoft.com/azure/expressroute/designing-for-disaster-recovery-with-expressroute-privatepeering#need-for-redundant-connectivity-solution) for further information.. [This training](https://learn.microsoft.com/learn/modules/design-implement-azure-expressroute/) can help to educate yourself on this.\"\n                        },\n                        \"name\": \"querytext12\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/connections' | where properties.connectionType == 'ExpressRoute' | project cxId=id, gwId=tostring(properties.virtualNetworkGateway1.id), circuitId=tostring(properties.peer.id) | join (resources | where type=='microsoft.network/expressroutecircuits' | project circuitId=tostring(id), circuitLocation=tostring(properties.serviceProviderProperties.peeringLocation)) on circuitId | distinct gwId, circuitLocation | summarize countErLocations=count() by id=gwId | extend compliant = (countErLocations >= 2) | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query12\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"If you are using a route table in the GatewaySubnet, make sure that gateway routes are propagated. Check [this link](https://learn.microsoft.com/azure/vpn-gateway/vpn-gateway-about-vpn-gateway-settings#gwsub) for further information.\"\n                        },\n                        \"name\": \"querytext13\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/virtualnetworks' | project id,resourceGroup,name,subnets=properties.subnets | mv-expand subnets | project id,resourceGroup,name,subnetName=tostring(subnets.name),routeTableId=tostring(subnets.properties.routeTable.id) | where subnetName == 'GatewaySubnet' | join kind=leftouter (Resources | where type == 'microsoft.network/routetables' | project routeTableName=name,routeTableId=id, disableBgpRoutePropagation=properties.disableBgpRoutePropagation) on routeTableId | project id,compliant = (disableBgpRoutePropagation == False or isnull(disableBgpRoutePropagation)) | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query13\"\n                    }\n                ]\n            },\n            \"conditionalVisibility\": {\n                \"parameterName\": \"VisibleTab\",\n                \"comparison\": \"isEqualTo\",\n                \"value\": \"tab5\"\n            },\n            \"name\": \"tab5\"\n        },\n        {\n            \"type\": 12,\n            \"content\": {\n                \"version\": \"NotebookGroup/1.0\",\n                \"groupType\": \"editable\",\n                \"items\": [\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"## IP plan\"\n                        },\n                        \"name\": \"tab6title\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Use IP addresses from the address allocation ranges for private internets (RFC 1918). Check [this link](https://learn.microsoft.com/azure/cloud-adoption-framework/ready/azure-best-practices/plan-for-ip-addressing) for further information.. [This training](https://learn.microsoft.com/learn/paths/architect-network-infrastructure/) can help to educate yourself on this.\"\n                        },\n                        \"name\": \"querytext4\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type == 'microsoft.network/virtualnetworks' | extend addressSpace = todynamic(properties.addressSpace) | extend addressPrefix = todynamic(properties.addressSpace.addressPrefixes) | mvexpand addressSpace | mvexpand addressPrefix | project name, id, location, resourceGroup, subscriptionId, cidr = addressPrefix | extend compliant = (cidr matches regex @'^(10\\\\.|172\\\\.(1[6-9]|2[0-9]|3[01])\\\\.|192\\\\.168\\\\.)')  | project id, compliant, cidr | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query4\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Ensure that IP address space isn't wasted, don't create unnecessarily large virtual networks (for example /16). Check [this link](https://learn.microsoft.com/azure/cloud-adoption-framework/ready/azure-best-practices/plan-for-ip-addressing) for further information.. [This training](https://learn.microsoft.com/learn/paths/architect-network-infrastructure/) can help to educate yourself on this.\"\n                        },\n                        \"name\": \"querytext5\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type == 'microsoft.network/virtualnetworks' | extend addressSpace = todynamic(properties.addressSpace) | extend addressPrefix = todynamic(properties.addressSpace.addressPrefixes) | mvexpand addressSpace | mvexpand addressPrefix | extend addressMask = split(addressPrefix,'/')[1] | extend compliant = addressMask > 16 | project name, id, subscriptionId, resourceGroup, addressPrefix, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query5\"\n                    }\n                ]\n            },\n            \"conditionalVisibility\": {\n                \"parameterName\": \"VisibleTab\",\n                \"comparison\": \"isEqualTo\",\n                \"value\": \"tab6\"\n            },\n            \"name\": \"tab6\"\n        },\n        {\n            \"type\": 12,\n            \"content\": {\n                \"version\": \"NotebookGroup/1.0\",\n                \"groupType\": \"editable\",\n                \"items\": [\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"## PaaS\"\n                        },\n                        \"name\": \"tab7title\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Don't enable virtual network service endpoints by default on all subnets. Check [this link](https://learn.microsoft.com/azure/virtual-network/virtual-network-service-endpoints-overview) for further information.. [This training](https://learn.microsoft.com/learn/paths/implement-network-security/?source=learn) can help to educate yourself on this.\"\n                        },\n                        \"name\": \"querytext20\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type =~ 'microsoft.network/virtualnetworks' | project id,resourceGroup,name,subnets = properties.subnets | mv-expand subnets | project id = subnets.id, resourceGroup, VNet = name, serviceEndpoints = subnets.properties.serviceEndpoints, compliant = (isnull(subnets.properties.serviceEndpoints) or array_length(subnets.properties.serviceEndpoints) == 0) | order by compliant asc | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query20\"\n                    }\n                ]\n            },\n            \"conditionalVisibility\": {\n                \"parameterName\": \"VisibleTab\",\n                \"comparison\": \"isEqualTo\",\n                \"value\": \"tab7\"\n            },\n            \"name\": \"tab7\"\n        }\n    ],\n    \"$schema\": \"https://github.com/Microsoft/Application-Insights-Workbooks/blob/master/schema/workbook.json\"\n}",
                 "version": "1.0",
                 "sourceId": "[parameters('workbookSourceId')]",
                 "category": "[parameters('workbookType')]"
diff --git a/workbooks/alz_checklist.en_network_tabcounters.json b/workbooks/alz_checklist.en_network_tabcounters.json
index bc43561db..09e638315 100644
--- a/workbooks/alz_checklist.en_network_tabcounters.json
+++ b/workbooks/alz_checklist.en_network_tabcounters.json
@@ -70,61 +70,61 @@
                 "style": "tabs",
                 "links": [
                     {
-                        "id": "74934320-3f24-4d5f-a3b5-e4ccc28a5589",
+                        "id": "151c62e1-f733-479b-8cd9-70159a437548",
                         "cellValue": "VisibleTab",
                         "linkTarget": "parameter",
-                        "linkLabel": "Hybrid",
+                        "linkLabel": "Hub and spoke",
                         "subTarget": "tab0",
-                        "preText": "Hybrid",
+                        "preText": "Hub and spoke",
                         "style": "primary"
                     },
                     {
-                        "id": "f950c545-1bf2-4030-93fd-450e70eefe9f",
+                        "id": "8986bf27-9e6a-4fb2-821c-07305b4fd275",
                         "cellValue": "VisibleTab",
                         "linkTarget": "parameter",
-                        "linkLabel": "Segmentation",
+                        "linkLabel": "Internet",
                         "subTarget": "tab1",
-                        "preText": "Segmentation",
+                        "preText": "Internet",
                         "style": "primary"
                     },
                     {
-                        "id": "b43b6321-96e6-4cf3-96e8-c946a60a91be",
+                        "id": "b99bc449-2184-4df9-a03e-da8672e74d49",
                         "cellValue": "VisibleTab",
                         "linkTarget": "parameter",
-                        "linkLabel": "Hub and spoke",
+                        "linkLabel": "Hybrid",
                         "subTarget": "tab2",
-                        "preText": "Hub and spoke",
+                        "preText": "Hybrid",
                         "style": "primary"
                     },
                     {
-                        "id": "0956f5cd-b019-44e8-a378-949a34e46a74",
+                        "id": "777c88ca-f7ec-4e70-9cec-b8f2dbb8e216",
                         "cellValue": "VisibleTab",
                         "linkTarget": "parameter",
-                        "linkLabel": "PaaS",
+                        "linkLabel": "Segmentation",
                         "subTarget": "tab3",
-                        "preText": "PaaS",
+                        "preText": "Segmentation",
                         "style": "primary"
                     },
                     {
-                        "id": "dfddbd45-b72f-4a39-a3e4-0d40c2dd117b",
+                        "id": "3a8456b2-3426-4467-8665-4f86428ae9e3",
                         "cellValue": "VisibleTab",
                         "linkTarget": "parameter",
-                        "linkLabel": "Internet",
+                        "linkLabel": "IP plan",
                         "subTarget": "tab4",
-                        "preText": "Internet",
+                        "preText": "IP plan",
                         "style": "primary"
                     },
                     {
-                        "id": "d26b78ff-ce18-4c36-827b-359bf66398dc",
+                        "id": "67121aef-1c86-4821-96eb-563c4a9b4fa6",
                         "cellValue": "VisibleTab",
                         "linkTarget": "parameter",
-                        "linkLabel": "IP plan",
+                        "linkLabel": "PaaS",
                         "subTarget": "tab5",
-                        "preText": "IP plan",
+                        "preText": "PaaS",
                         "style": "primary"
                     },
                     {
-                        "id": "2895a29d-2021-43eb-ae14-d15c1d1bbf98",
+                        "id": "5cade58f-fde6-49a6-9813-d0cda478dd9b",
                         "cellValue": "VisibleTab",
                         "linkTarget": "parameter",
                         "linkLabel": "Virtual WAN",
@@ -133,7 +133,7 @@
                         "style": "primary"
                     },
                     {
-                        "id": "fff72e18-03b6-4031-9e3b-603d049b452a",
+                        "id": "6f83534d-e651-4fa4-8c01-2e12259e5ae6",
                         "cellValue": "VisibleTab",
                         "linkTarget": "parameter",
                         "linkLabel": "Firewall",
@@ -162,93 +162,9 @@
                                 {
                                     "id": "daf05c62-1d5b-4325-b241-d7ee468f23eb",
                                     "version": "KqlParameterItem/1.0",
-                                    "name": "Query7Stats",
-                                    "type": 1,
-                                    "query": "resources| where type == 'microsoft.network/virtualnetworkgateways'| where properties.gatewayType =~ 'vpn' or properties.gatewayType == 'ExpressRoute'| extend SKUName = properties.sku.name, SKUTier = properties.sku.tier, Type = properties.gatewayType| extend compliant = SKUTier !in ('Basic', 'Standard')| project name, id, subscriptionId, resourceGroup, compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())",
-                                    "crossComponentResources": [
-                                        "{Subscription}"
-                                    ],
-                                    "isHiddenWhenLocked": true,
-                                    "timeContext": {
-                                        "durationMs": 86400000
-                                    },
-                                    "queryType": 1,
-                                    "resourceType": "microsoft.resourcegraph/resources"
-                                },
-                                {
-                                    "id": "daf05c62-1d5b-4325-b241-d7ee468f23eb",
-                                    "version": "KqlParameterItem/1.0",
-                                    "name": "Query7FullyCompliant",
-                                    "type": 1,
-                                    "query": "{\"version\":\"1.0.0\",\"content\":\"{\\\"value\\\": \\\"{Query7Stats:$.FullyCompliant}\\\"}\",\"transformers\":null}",
-                                    "isHiddenWhenLocked": true,
-                                    "timeContext": {
-                                        "durationMs": 86400000
-                                    },
-                                    "queryType": 8
-                                },
-                                {
-                                    "id": "daf05c62-1d5b-4325-b241-d7ee468f23eb",
-                                    "version": "KqlParameterItem/1.0",
-                                    "name": "Query8Stats",
-                                    "type": 1,
-                                    "query": "resources | where type=='microsoft.network/expressroutecircuits' | extend compliant = (tolower(sku.family) == 'metereddata' or tolower(sku.tier) == 'local') | distinct id,compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())",
-                                    "crossComponentResources": [
-                                        "{Subscription}"
-                                    ],
-                                    "isHiddenWhenLocked": true,
-                                    "timeContext": {
-                                        "durationMs": 86400000
-                                    },
-                                    "queryType": 1,
-                                    "resourceType": "microsoft.resourcegraph/resources"
-                                },
-                                {
-                                    "id": "daf05c62-1d5b-4325-b241-d7ee468f23eb",
-                                    "version": "KqlParameterItem/1.0",
-                                    "name": "Query8FullyCompliant",
-                                    "type": 1,
-                                    "query": "{\"version\":\"1.0.0\",\"content\":\"{\\\"value\\\": \\\"{Query8Stats:$.FullyCompliant}\\\"}\",\"transformers\":null}",
-                                    "isHiddenWhenLocked": true,
-                                    "timeContext": {
-                                        "durationMs": 86400000
-                                    },
-                                    "queryType": 8
-                                },
-                                {
-                                    "id": "daf05c62-1d5b-4325-b241-d7ee468f23eb",
-                                    "version": "KqlParameterItem/1.0",
-                                    "name": "Query9Stats",
-                                    "type": 1,
-                                    "query": "resources | where type=='microsoft.network/connections' | where properties.connectionType == 'ExpressRoute' | project id, gwid=tostring(properties.virtualNetworkGateway1.id), circuitid=tostring(properties.peer.id) | join (resources | where type=='microsoft.network/expressroutecircuits' | project circuitid=tostring(id), circuitsku=sku.tier) on circuitid | project id=gwid, compliant = (circuitsku == 'Local') | summarize compliant=max(compliant) by id| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())",
-                                    "crossComponentResources": [
-                                        "{Subscription}"
-                                    ],
-                                    "isHiddenWhenLocked": true,
-                                    "timeContext": {
-                                        "durationMs": 86400000
-                                    },
-                                    "queryType": 1,
-                                    "resourceType": "microsoft.resourcegraph/resources"
-                                },
-                                {
-                                    "id": "daf05c62-1d5b-4325-b241-d7ee468f23eb",
-                                    "version": "KqlParameterItem/1.0",
-                                    "name": "Query9FullyCompliant",
-                                    "type": 1,
-                                    "query": "{\"version\":\"1.0.0\",\"content\":\"{\\\"value\\\": \\\"{Query9Stats:$.FullyCompliant}\\\"}\",\"transformers\":null}",
-                                    "isHiddenWhenLocked": true,
-                                    "timeContext": {
-                                        "durationMs": 86400000
-                                    },
-                                    "queryType": 8
-                                },
-                                {
-                                    "id": "daf05c62-1d5b-4325-b241-d7ee468f23eb",
-                                    "version": "KqlParameterItem/1.0",
-                                    "name": "Query10Stats",
+                                    "name": "Query0Stats",
                                     "type": 1,
-                                    "query": "resources| where type == 'microsoft.network/virtualnetworkgateways'| where properties.gatewayType =~ 'vpn' or properties.gatewayType == 'ExpressRoute'| extend SKUName = properties.sku.name, SKUTier = properties.sku.tier, Type = properties.gatewayType| extend compliant = SKUTier contains 'AZ'| project name, id, subscriptionId, resourceGroup, Type, compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())",
+                                    "query": "resources | where type=='microsoft.network/virtualnetworks' | project id,subnets=properties.subnets | mv-expand subnets | project id, subnetName = subnets.name, subnetPrefix = subnets.properties.addressPrefix | extend subnetPrefixLength = split(subnetPrefix, '/')[1] | where subnetName == 'RouteServerSubnet' | extend compliant = (subnetPrefixLength <= 27) | distinct id, compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())",
                                     "crossComponentResources": [
                                         "{Subscription}"
                                     ],
@@ -262,9 +178,9 @@
                                 {
                                     "id": "daf05c62-1d5b-4325-b241-d7ee468f23eb",
                                     "version": "KqlParameterItem/1.0",
-                                    "name": "Query10FullyCompliant",
+                                    "name": "Query0FullyCompliant",
                                     "type": 1,
-                                    "query": "{\"version\":\"1.0.0\",\"content\":\"{\\\"value\\\": \\\"{Query10Stats:$.FullyCompliant}\\\"}\",\"transformers\":null}",
+                                    "query": "{\"version\":\"1.0.0\",\"content\":\"{\\\"value\\\": \\\"{Query0Stats:$.FullyCompliant}\\\"}\",\"transformers\":null}",
                                     "isHiddenWhenLocked": true,
                                     "timeContext": {
                                         "durationMs": 86400000
@@ -274,9 +190,9 @@
                                 {
                                     "id": "daf05c62-1d5b-4325-b241-d7ee468f23eb",
                                     "version": "KqlParameterItem/1.0",
-                                    "name": "Query11Stats",
+                                    "name": "Query1Stats",
                                     "type": 1,
-                                    "query": "resources | where type=='microsoft.network/virtualnetworkgateways' | where properties.gatewayType == 'Vpn' | extend compliant = (tolower(properties.sku.name) contains 'az') | distinct id, compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())",
+                                    "query": "resources | where type == 'microsoft.network/virtualnetworks' | mvexpand properties.virtualNetworkPeerings | summarize peeringcount = count() by id | extend compliant = (peeringcount < 450) | distinct id,compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())",
                                     "crossComponentResources": [
                                         "{Subscription}"
                                     ],
@@ -290,9 +206,9 @@
                                 {
                                     "id": "daf05c62-1d5b-4325-b241-d7ee468f23eb",
                                     "version": "KqlParameterItem/1.0",
-                                    "name": "Query11FullyCompliant",
+                                    "name": "Query1FullyCompliant",
                                     "type": 1,
-                                    "query": "{\"version\":\"1.0.0\",\"content\":\"{\\\"value\\\": \\\"{Query11Stats:$.FullyCompliant}\\\"}\",\"transformers\":null}",
+                                    "query": "{\"version\":\"1.0.0\",\"content\":\"{\\\"value\\\": \\\"{Query1Stats:$.FullyCompliant}\\\"}\",\"transformers\":null}",
                                     "isHiddenWhenLocked": true,
                                     "timeContext": {
                                         "durationMs": 86400000
@@ -302,9 +218,9 @@
                                 {
                                     "id": "daf05c62-1d5b-4325-b241-d7ee468f23eb",
                                     "version": "KqlParameterItem/1.0",
-                                    "name": "Query12Stats",
+                                    "name": "Query2Stats",
                                     "type": 1,
-                                    "query": "resources | where type=='microsoft.network/connections' | where properties.connectionType == 'ExpressRoute' | project cxId=id, gwId=tostring(properties.virtualNetworkGateway1.id), circuitId=tostring(properties.peer.id) | join (resources | where type=='microsoft.network/expressroutecircuits' | project circuitId=tostring(id), circuitLocation=tostring(properties.serviceProviderProperties.peeringLocation)) on circuitId | distinct gwId, circuitLocation | summarize countErLocations=count() by id=gwId | extend compliant = (countErLocations >= 2)| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())",
+                                    "query": "resources | where type=='microsoft.network/routetables' | mvexpand properties.routes | summarize routeCount = count() by id | extend compliant = (routeCount < 360) | distinct id,compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())",
                                     "crossComponentResources": [
                                         "{Subscription}"
                                     ],
@@ -318,9 +234,9 @@
                                 {
                                     "id": "daf05c62-1d5b-4325-b241-d7ee468f23eb",
                                     "version": "KqlParameterItem/1.0",
-                                    "name": "Query12FullyCompliant",
+                                    "name": "Query2FullyCompliant",
                                     "type": 1,
-                                    "query": "{\"version\":\"1.0.0\",\"content\":\"{\\\"value\\\": \\\"{Query12Stats:$.FullyCompliant}\\\"}\",\"transformers\":null}",
+                                    "query": "{\"version\":\"1.0.0\",\"content\":\"{\\\"value\\\": \\\"{Query2Stats:$.FullyCompliant}\\\"}\",\"transformers\":null}",
                                     "isHiddenWhenLocked": true,
                                     "timeContext": {
                                         "durationMs": 86400000
@@ -330,9 +246,9 @@
                                 {
                                     "id": "daf05c62-1d5b-4325-b241-d7ee468f23eb",
                                     "version": "KqlParameterItem/1.0",
-                                    "name": "Query13Stats",
+                                    "name": "Query3Stats",
                                     "type": 1,
-                                    "query": "resources | where type=='microsoft.network/virtualnetworks' | project id,resourceGroup,name,subnets=properties.subnets | mv-expand subnets | project id,resourceGroup,name,subnetName=tostring(subnets.name),routeTableId=tostring(subnets.properties.routeTable.id) | where subnetName == 'GatewaySubnet' | join kind=leftouter (Resources | where type == 'microsoft.network/routetables' | project routeTableName=name,routeTableId=id, disableBgpRoutePropagation=properties.disableBgpRoutePropagation) on routeTableId | project id,compliant = (disableBgpRoutePropagation == False or isnull(disableBgpRoutePropagation))| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())",
+                                    "query": "resources | where type == 'microsoft.network/virtualnetworks' | mvexpand properties.virtualNetworkPeerings | project id, peeringName=properties_virtualNetworkPeerings.name, compliant = (properties_virtualNetworkPeerings.properties.allowVirtualNetworkAccess == True)| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())",
                                     "crossComponentResources": [
                                         "{Subscription}"
                                     ],
@@ -346,9 +262,9 @@
                                 {
                                     "id": "daf05c62-1d5b-4325-b241-d7ee468f23eb",
                                     "version": "KqlParameterItem/1.0",
-                                    "name": "Query13FullyCompliant",
+                                    "name": "Query3FullyCompliant",
                                     "type": 1,
-                                    "query": "{\"version\":\"1.0.0\",\"content\":\"{\\\"value\\\": \\\"{Query13Stats:$.FullyCompliant}\\\"}\",\"transformers\":null}",
+                                    "query": "{\"version\":\"1.0.0\",\"content\":\"{\\\"value\\\": \\\"{Query3Stats:$.FullyCompliant}\\\"}\",\"transformers\":null}",
                                     "isHiddenWhenLocked": true,
                                     "timeContext": {
                                         "durationMs": 86400000
@@ -369,7 +285,7 @@
                                             "criteriaContext": {
                                                 "operator": "Default",
                                                 "resultValType": "expression",
-                                                "resultVal": "{Query7Stats:$.Success}+{Query8Stats:$.Success}+{Query9Stats:$.Success}+{Query10Stats:$.Success}+{Query11Stats:$.Success}+{Query12Stats:$.Success}+{Query13Stats:$.Success}"
+                                                "resultVal": "{Query0Stats:$.Success}+{Query1Stats:$.Success}+{Query2Stats:$.Success}+{Query3Stats:$.Success}"
                                             }
                                         }
                                     ]
@@ -388,7 +304,7 @@
                                             "criteriaContext": {
                                                 "operator": "Default",
                                                 "resultValType": "expression",
-                                                "resultVal": "{Query7Stats:$.Total}+{Query8Stats:$.Total}+{Query9Stats:$.Total}+{Query10Stats:$.Total}+{Query11Stats:$.Total}+{Query12Stats:$.Total}+{Query13Stats:$.Total}"
+                                                "resultVal": "{Query0Stats:$.Total}+{Query1Stats:$.Total}+{Query2Stats:$.Total}+{Query3Stats:$.Total}"
                                             }
                                         }
                                     ]
@@ -422,7 +338,7 @@
                     {
                         "type": 1,
                         "content": {
-                            "json": "## Hybrid"
+                            "json": "## Hub and spoke"
                         },
                         "customWidth": "50",
                         "name": "tab0title"
@@ -463,15 +379,15 @@
                     {
                         "type": 1,
                         "content": {
-                            "json": "Select the right SKU for the ExpressRoute/VPN gateways based on bandwidth and performance requirements. Check [this link](https://learn.microsoft.com/azure/expressroute/expressroute-about-virtual-network-gateways?source=recommendations#gwsku) for further information.. [This training](https://learn.microsoft.com/learn/modules/design-implement-azure-expressroute/) can help to educate yourself on this."
+                            "json": "If using Route Server, use a /27 prefix for the Route Server subnet. Check [this link](https://learn.microsoft.com/azure/route-server/quickstart-configure-route-server-portal#create-a-route-server-1) for further information.. [This training](https://learn.microsoft.com/training/modules/intro-to-azure-route-server/) can help to educate yourself on this."
                         },
-                        "name": "querytext7"
+                        "name": "querytext0"
                     },
                     {
                         "type": 3,
                         "content": {
                             "version": "KqlItem/1.0",
-                            "query": "resources| where type == 'microsoft.network/virtualnetworkgateways'| where properties.gatewayType =~ 'vpn' or properties.gatewayType == 'ExpressRoute'| extend SKUName = properties.sku.name, SKUTier = properties.sku.tier, Type = properties.gatewayType| extend compliant = SKUTier !in ('Basic', 'Standard')| project name, id, subscriptionId, resourceGroup, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
+                            "query": "resources | where type=='microsoft.network/virtualnetworks' | project id,subnets=properties.subnets | mv-expand subnets | project id, subnetName = subnets.name, subnetPrefix = subnets.properties.addressPrefix | extend subnetPrefixLength = split(subnetPrefix, '/')[1] | where subnetName == 'RouteServerSubnet' | extend compliant = (subnetPrefixLength <= 27) | distinct id, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
                             "size": 4,
                             "queryType": 1,
                             "resourceType": "microsoft.resourcegraph/resources",
@@ -520,20 +436,20 @@
                                 ]
                             }
                         },
-                        "name": "query7"
+                        "name": "query0"
                     },
                     {
                         "type": 1,
                         "content": {
-                            "json": "Ensure that you're using unlimited-data ExpressRoute circuits only if you reach the bandwidth that justifies their cost. Check [this link](https://learn.microsoft.com/azure/expressroute/plan-manage-cost) for further information.. [This training](https://learn.microsoft.com/training/modules/design-implement-azure-expressroute/) can help to educate yourself on this."
+                            "json": "If you have more than 400 spoke networks in a region, deploy an additional hub to bypass VNet peering limits (500) and the maximum number of prefixes that can be advertised via ExpressRoute (1000). Check [this link](https://learn.microsoft.com/azure/azure-resource-manager/management/azure-subscription-service-limits?toc=/azure/virtual-network/toc.json#azure-resource-manager-virtual-networking-limits) for further information.. [This training](https://learn.microsoft.com/training/modules/hub-and-spoke-network-architecture/) can help to educate yourself on this."
                         },
-                        "name": "querytext8"
+                        "name": "querytext1"
                     },
                     {
                         "type": 3,
                         "content": {
                             "version": "KqlItem/1.0",
-                            "query": "resources | where type=='microsoft.network/expressroutecircuits' | extend compliant = (tolower(sku.family) == 'metereddata' or tolower(sku.tier) == 'local') | distinct id,compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
+                            "query": "resources | where type == 'microsoft.network/virtualnetworks' | mvexpand properties.virtualNetworkPeerings | summarize peeringcount = count() by id | extend compliant = (peeringcount < 450) | distinct id,compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
                             "size": 4,
                             "queryType": 1,
                             "resourceType": "microsoft.resourcegraph/resources",
@@ -582,20 +498,20 @@
                                 ]
                             }
                         },
-                        "name": "query8"
+                        "name": "query1"
                     },
                     {
                         "type": 1,
                         "content": {
-                            "json": "Leverage the Local SKU of ExpressRoute to reduce the cost of your circuits, if your circuit peering location supports your Azure regions for the Local SKU. Check [this link](https://learn.microsoft.com/azure/expressroute/expressroute-faqs#expressroute-local) for further information.. [This training](https://learn.microsoft.com/training/modules/design-implement-azure-expressroute/) can help to educate yourself on this."
+                            "json": "Limit the number of routes per route table to 400. Check [this link](https://learn.microsoft.com/azure/azure-resource-manager/management/azure-subscription-service-limits?toc=/azure/virtual-network/toc.json#azure-resource-manager-virtual-networking-limits) for further information.. [This training](https://learn.microsoft.com/training/modules/hub-and-spoke-network-architecture/) can help to educate yourself on this."
                         },
-                        "name": "querytext9"
+                        "name": "querytext2"
                     },
                     {
                         "type": 3,
                         "content": {
                             "version": "KqlItem/1.0",
-                            "query": "resources | where type=='microsoft.network/connections' | where properties.connectionType == 'ExpressRoute' | project id, gwid=tostring(properties.virtualNetworkGateway1.id), circuitid=tostring(properties.peer.id) | join (resources | where type=='microsoft.network/expressroutecircuits' | project circuitid=tostring(id), circuitsku=sku.tier) on circuitid | project id=gwid, compliant = (circuitsku == 'Local') | summarize compliant=max(compliant) by id | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
+                            "query": "resources | where type=='microsoft.network/routetables' | mvexpand properties.routes | summarize routeCount = count() by id | extend compliant = (routeCount < 360) | distinct id,compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
                             "size": 4,
                             "queryType": 1,
                             "resourceType": "microsoft.resourcegraph/resources",
@@ -644,20 +560,20 @@
                                 ]
                             }
                         },
-                        "name": "query9"
+                        "name": "query2"
                     },
                     {
                         "type": 1,
                         "content": {
-                            "json": "Deploy a zone-redundant ExpressRoute gateway in the supported Azure regions. Check [this link](https://learn.microsoft.com/azure/expressroute/expressroute-about-virtual-network-gateways) for further information.. [This training](https://learn.microsoft.com/learn/modules/design-implement-azure-expressroute/) can help to educate yourself on this."
+                            "json": "Use the setting 'Allow traffic to remote virtual network' when configuring VNet peerings. Check [this link](https://learn.microsoft.com/azure/virtual-network/virtual-network-manage-peering) for further information.. [This training](https://learn.microsoft.com/training/modules/hub-and-spoke-network-architecture/) can help to educate yourself on this."
                         },
-                        "name": "querytext10"
+                        "name": "querytext3"
                     },
                     {
                         "type": 3,
                         "content": {
                             "version": "KqlItem/1.0",
-                            "query": "resources| where type == 'microsoft.network/virtualnetworkgateways'| where properties.gatewayType =~ 'vpn' or properties.gatewayType == 'ExpressRoute'| extend SKUName = properties.sku.name, SKUTier = properties.sku.tier, Type = properties.gatewayType| extend compliant = SKUTier contains 'AZ'| project name, id, subscriptionId, resourceGroup, Type, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
+                            "query": "resources | where type == 'microsoft.network/virtualnetworks' | mvexpand properties.virtualNetworkPeerings | project id, peeringName=properties_virtualNetworkPeerings.name, compliant = (properties_virtualNetworkPeerings.properties.allowVirtualNetworkAccess == True) | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
                             "size": 4,
                             "queryType": 1,
                             "resourceType": "microsoft.resourcegraph/resources",
@@ -706,144 +622,176 @@
                                 ]
                             }
                         },
-                        "name": "query10"
-                    },
-                    {
-                        "type": 1,
-                        "content": {
-                            "json": "Use zone-redundant VPN gateways to connect branches or remote locations to Azure (where available). Check [this link](https://learn.microsoft.com/azure/vpn-gateway/create-zone-redundant-vnet-gateway) for further information.. [This training](https://learn.microsoft.com/training/modules/intro-to-azure-vpn-gateway/) can help to educate yourself on this."
-                        },
-                        "name": "querytext11"
-                    },
+                        "name": "query3"
+                    }
+                ]
+            },
+            "conditionalVisibility": {
+                "parameterName": "VisibleTab",
+                "comparison": "isEqualTo",
+                "value": "tab0"
+            },
+            "name": "tab0"
+        },
+        {
+            "type": 12,
+            "content": {
+                "version": "NotebookGroup/1.0",
+                "groupType": "editable",
+                "items": [
                     {
-                        "type": 3,
+                        "type": 9,
                         "content": {
-                            "version": "KqlItem/1.0",
-                            "query": "resources | where type=='microsoft.network/virtualnetworkgateways' | where properties.gatewayType == 'Vpn' | extend compliant = (tolower(properties.sku.name) contains 'az') | distinct id, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
-                            "size": 4,
-                            "queryType": 1,
-                            "resourceType": "microsoft.resourcegraph/resources",
+                            "version": "KqlParameterItem/1.0",
                             "crossComponentResources": [
                                 "{Subscription}"
                             ],
-                            "gridSettings": {
-                                "formatters": [
-                                    {
-                                        "columnMatch": "id",
-                                        "formatter": 0,
-                                        "numberFormat": {
-                                            "unit": 0,
-                                            "options": {
-                                                "style": "decimal"
-                                            }
-                                        }
+                            "parameters": [
+                                {
+                                    "id": "daf05c62-1d5b-4325-b241-d7ee468f23eb",
+                                    "version": "KqlParameterItem/1.0",
+                                    "name": "Query6Stats",
+                                    "type": 1,
+                                    "query": "resources | where type=='microsoft.network/virtualnetworks' | project id,subnets=properties.subnets | mv-expand subnets | project id, subnetName = subnets.name, subnetPrefix = subnets.properties.addressPrefix | extend subnetPrefixLength = split(subnetPrefix, '/')[1] | where subnetName == 'AzureBastionSubnet' | extend compliant = (subnetPrefixLength <= 26) | distinct id, compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())",
+                                    "crossComponentResources": [
+                                        "{Subscription}"
+                                    ],
+                                    "isHiddenWhenLocked": true,
+                                    "timeContext": {
+                                        "durationMs": 86400000
                                     },
-                                    {
-                                        "columnMatch": "compliant",
-                                        "formatter": 18,
-                                        "formatOptions": {
-                                            "thresholdsOptions": "icons",
-                                            "thresholdsGrid": [
-                                                {
-                                                    "operator": "==",
-                                                    "thresholdValue": "1",
-                                                    "representation": "success",
-                                                    "text": "Success"
-                                                },
-                                                {
-                                                    "operator": "==",
-                                                    "thresholdValue": "0",
-                                                    "representation": "failed",
-                                                    "text": "Failed"
-                                                },
-                                                {
-                                                    "operator": "Default",
-                                                    "thresholdValue": null,
-                                                    "representation": "unknown",
-                                                    "text": "Unknown"
-                                                }
-                                            ]
+                                    "queryType": 1,
+                                    "resourceType": "microsoft.resourcegraph/resources"
+                                },
+                                {
+                                    "id": "daf05c62-1d5b-4325-b241-d7ee468f23eb",
+                                    "version": "KqlParameterItem/1.0",
+                                    "name": "Query6FullyCompliant",
+                                    "type": 1,
+                                    "query": "{\"version\":\"1.0.0\",\"content\":\"{\\\"value\\\": \\\"{Query6Stats:$.FullyCompliant}\\\"}\",\"transformers\":null}",
+                                    "isHiddenWhenLocked": true,
+                                    "timeContext": {
+                                        "durationMs": 86400000
+                                    },
+                                    "queryType": 8
+                                },
+                                {
+                                    "id": "daf05c62-1d5b-4325-b241-d7ee468f23eb",
+                                    "version": "KqlParameterItem/1.0",
+                                    "name": "Tab1Success",
+                                    "type": 1,
+                                    "isHiddenWhenLocked": true,
+                                    "timeContext": {
+                                        "durationMs": 86400000
+                                    },
+                                    "criteriaData": [
+                                        {
+                                            "criteriaContext": {
+                                                "operator": "Default",
+                                                "resultValType": "expression",
+                                                "resultVal": "{Query6Stats:$.Success}"
+                                            }
                                         }
-                                    }
-                                ]
-                            }
+                                    ]
+                                },
+                                {
+                                    "id": "daf05c62-1d5b-4325-b241-d7ee468f23eb",
+                                    "version": "KqlParameterItem/1.0",
+                                    "name": "Tab1Total",
+                                    "type": 1,
+                                    "isHiddenWhenLocked": true,
+                                    "timeContext": {
+                                        "durationMs": 86400000
+                                    },
+                                    "criteriaData": [
+                                        {
+                                            "criteriaContext": {
+                                                "operator": "Default",
+                                                "resultValType": "expression",
+                                                "resultVal": "{Query6Stats:$.Total}"
+                                            }
+                                        }
+                                    ]
+                                },
+                                {
+                                    "id": "daf05c62-1d5b-4325-b241-d7ee468f23eb",
+                                    "version": "KqlParameterItem/1.0",
+                                    "name": "Tab1Percent",
+                                    "type": 1,
+                                    "isHiddenWhenLocked": true,
+                                    "timeContext": {
+                                        "durationMs": 86400000
+                                    },
+                                    "criteriaData": [
+                                        {
+                                            "criteriaContext": {
+                                                "operator": "Default",
+                                                "resultValType": "expression",
+                                                "resultVal": "round(100*{Tab1Success}/{Tab1Total})"
+                                            }
+                                        }
+                                    ]
+                                }
+                            ],
+                            "style": "pills",
+                            "queryType": 1,
+                            "resourceType": "microsoft.resourcegraph/resources"
                         },
-                        "name": "query11"
+                        "name": "TabInvisibleParameters"
                     },
                     {
                         "type": 1,
                         "content": {
-                            "json": "Use ExpressRoute circuits from different peering locations for redundancy. Check [this link](https://learn.microsoft.com/azure/expressroute/designing-for-disaster-recovery-with-expressroute-privatepeering#need-for-redundant-connectivity-solution) for further information.. [This training](https://learn.microsoft.com/learn/modules/design-implement-azure-expressroute/) can help to educate yourself on this."
+                            "json": "## Internet"
                         },
-                        "name": "querytext12"
+                        "customWidth": "50",
+                        "name": "tab1title"
                     },
                     {
                         "type": 3,
                         "content": {
                             "version": "KqlItem/1.0",
-                            "query": "resources | where type=='microsoft.network/connections' | where properties.connectionType == 'ExpressRoute' | project cxId=id, gwId=tostring(properties.virtualNetworkGateway1.id), circuitId=tostring(properties.peer.id) | join (resources | where type=='microsoft.network/expressroutecircuits' | project circuitId=tostring(id), circuitLocation=tostring(properties.serviceProviderProperties.peeringLocation)) on circuitId | distinct gwId, circuitLocation | summarize countErLocations=count() by id=gwId | extend compliant = (countErLocations >= 2) | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
-                            "size": 4,
-                            "queryType": 1,
-                            "resourceType": "microsoft.resourcegraph/resources",
-                            "crossComponentResources": [
-                                "{Subscription}"
-                            ],
-                            "gridSettings": {
-                                "formatters": [
-                                    {
-                                        "columnMatch": "id",
-                                        "formatter": 0,
-                                        "numberFormat": {
-                                            "unit": 0,
-                                            "options": {
-                                                "style": "decimal"
-                                            }
-                                        }
+                            "query": "{\"version\":\"1.0.0\",\"content\":\"{\\\"Column1\\\": \\\"{Tab1Percent}\\\", \\\"Column2\\\": \\\"Percent of successful checks\\\"}\",\"transformers\":null}",
+                            "size": 3,
+                            "queryType": 8,
+                            "visualization": "tiles",
+                            "tileSettings": {
+                                "titleContent": {
+                                    "columnMatch": "Column1",
+                                    "formatter": 4,
+                                    "formatOptions": {
+                                        "min": 0,
+                                        "max": 100,
+                                        "palette": "redGreen"
                                     },
-                                    {
-                                        "columnMatch": "compliant",
-                                        "formatter": 18,
-                                        "formatOptions": {
-                                            "thresholdsOptions": "icons",
-                                            "thresholdsGrid": [
-                                                {
-                                                    "operator": "==",
-                                                    "thresholdValue": "1",
-                                                    "representation": "success",
-                                                    "text": "Success"
-                                                },
-                                                {
-                                                    "operator": "==",
-                                                    "thresholdValue": "0",
-                                                    "representation": "failed",
-                                                    "text": "Failed"
-                                                },
-                                                {
-                                                    "operator": "Default",
-                                                    "thresholdValue": null,
-                                                    "representation": "unknown",
-                                                    "text": "Unknown"
-                                                }
-                                            ]
+                                    "numberFormat": {
+                                        "unit": 0,
+                                        "options": {
+                                            "style": "decimal"
                                         }
                                     }
-                                ]
+                                },
+                                "subtitleContent": {
+                                    "columnMatch": "Column2"
+                                },
+                                "showBorder": true
                             }
                         },
-                        "name": "query12"
+                        "customWidth": "50",
+                        "name": "TabPercentTile"
                     },
                     {
                         "type": 1,
                         "content": {
-                            "json": "If you are using a route table in the GatewaySubnet, make sure that gateway routes are propagated. Check [this link](https://learn.microsoft.com/azure/vpn-gateway/vpn-gateway-about-vpn-gateway-settings#gwsub) for further information."
+                            "json": "Use Azure Bastion in a subnet /26 or larger. Check [this link](https://learn.microsoft.com/azure/bastion/bastion-faq#subnet) for further information.. [This training](https://learn.microsoft.com/training/modules/intro-to-azure-bastion/) can help to educate yourself on this."
                         },
-                        "name": "querytext13"
+                        "name": "querytext6"
                     },
                     {
                         "type": 3,
                         "content": {
                             "version": "KqlItem/1.0",
-                            "query": "resources | where type=='microsoft.network/virtualnetworks' | project id,resourceGroup,name,subnets=properties.subnets | mv-expand subnets | project id,resourceGroup,name,subnetName=tostring(subnets.name),routeTableId=tostring(subnets.properties.routeTable.id) | where subnetName == 'GatewaySubnet' | join kind=leftouter (Resources | where type == 'microsoft.network/routetables' | project routeTableName=name,routeTableId=id, disableBgpRoutePropagation=properties.disableBgpRoutePropagation) on routeTableId | project id,compliant = (disableBgpRoutePropagation == False or isnull(disableBgpRoutePropagation)) | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
+                            "query": "resources | where type=='microsoft.network/virtualnetworks' | project id,subnets=properties.subnets | mv-expand subnets | project id, subnetName = subnets.name, subnetPrefix = subnets.properties.addressPrefix | extend subnetPrefixLength = split(subnetPrefix, '/')[1] | where subnetName == 'AzureBastionSubnet' | extend compliant = (subnetPrefixLength <= 26) | distinct id, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
                             "size": 4,
                             "queryType": 1,
                             "resourceType": "microsoft.resourcegraph/resources",
@@ -892,16 +840,16 @@
                                 ]
                             }
                         },
-                        "name": "query13"
+                        "name": "query6"
                     }
                 ]
             },
             "conditionalVisibility": {
                 "parameterName": "VisibleTab",
                 "comparison": "isEqualTo",
-                "value": "tab0"
+                "value": "tab1"
             },
-            "name": "tab0"
+            "name": "tab1"
         },
         {
             "type": 12,
@@ -920,9 +868,9 @@
                                 {
                                     "id": "daf05c62-1d5b-4325-b241-d7ee468f23eb",
                                     "version": "KqlParameterItem/1.0",
-                                    "name": "Query19Stats",
+                                    "name": "Query7Stats",
                                     "type": 1,
-                                    "query": "resources | where type=='microsoft.network/virtualnetworks' | project id,subnets=properties.subnets | mv-expand subnets | project id, subnetName = subnets.name, subnetPrefix = subnets.properties.addressPrefix | extend subnetPrefixLength = split(subnetPrefix, '/')[1] | where subnetName == 'AzureFirewallSubnet' | extend compliant = (subnetPrefixLength == 26) | distinct id, compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())",
+                                    "query": "resources| where type == 'microsoft.network/virtualnetworkgateways'| where properties.gatewayType =~ 'vpn' or properties.gatewayType == 'ExpressRoute'| extend SKUName = properties.sku.name, SKUTier = properties.sku.tier, Type = properties.gatewayType| extend compliant = SKUTier !in ('Basic', 'Standard')| project name, id, subscriptionId, resourceGroup, compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())",
                                     "crossComponentResources": [
                                         "{Subscription}"
                                     ],
@@ -936,9 +884,9 @@
                                 {
                                     "id": "daf05c62-1d5b-4325-b241-d7ee468f23eb",
                                     "version": "KqlParameterItem/1.0",
-                                    "name": "Query19FullyCompliant",
+                                    "name": "Query7FullyCompliant",
                                     "type": 1,
-                                    "query": "{\"version\":\"1.0.0\",\"content\":\"{\\\"value\\\": \\\"{Query19Stats:$.FullyCompliant}\\\"}\",\"transformers\":null}",
+                                    "query": "{\"version\":\"1.0.0\",\"content\":\"{\\\"value\\\": \\\"{Query7Stats:$.FullyCompliant}\\\"}\",\"transformers\":null}",
                                     "isHiddenWhenLocked": true,
                                     "timeContext": {
                                         "durationMs": 86400000
@@ -948,9 +896,9 @@
                                 {
                                     "id": "daf05c62-1d5b-4325-b241-d7ee468f23eb",
                                     "version": "KqlParameterItem/1.0",
-                                    "name": "Query21Stats",
+                                    "name": "Query8Stats",
                                     "type": 1,
-                                    "query": "resources | where type=='microsoft.network/virtualnetworks' | project id,subnets=properties.subnets | mv-expand subnets | project id, subnetName = subnets.name, subnetPrefix = subnets.properties.addressPrefix | extend subnetPrefixLength = split(subnetPrefix, '/')[1] | where subnetName == 'GatewaySubnet' | extend compliant = (subnetPrefixLength <= 27) | distinct id, compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())",
+                                    "query": "resources | where type=='microsoft.network/expressroutecircuits' | extend compliant = (tolower(sku.family) == 'metereddata' or tolower(sku.tier) == 'local') | distinct id,compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())",
                                     "crossComponentResources": [
                                         "{Subscription}"
                                     ],
@@ -964,9 +912,9 @@
                                 {
                                     "id": "daf05c62-1d5b-4325-b241-d7ee468f23eb",
                                     "version": "KqlParameterItem/1.0",
-                                    "name": "Query21FullyCompliant",
+                                    "name": "Query8FullyCompliant",
                                     "type": 1,
-                                    "query": "{\"version\":\"1.0.0\",\"content\":\"{\\\"value\\\": \\\"{Query21Stats:$.FullyCompliant}\\\"}\",\"transformers\":null}",
+                                    "query": "{\"version\":\"1.0.0\",\"content\":\"{\\\"value\\\": \\\"{Query8Stats:$.FullyCompliant}\\\"}\",\"transformers\":null}",
                                     "isHiddenWhenLocked": true,
                                     "timeContext": {
                                         "durationMs": 86400000
@@ -976,9 +924,9 @@
                                 {
                                     "id": "daf05c62-1d5b-4325-b241-d7ee468f23eb",
                                     "version": "KqlParameterItem/1.0",
-                                    "name": "Query22Stats",
+                                    "name": "Query9Stats",
                                     "type": 1,
-                                    "query": "resources | where type=='microsoft.network/networksecuritygroups' | mvexpand properties.securityRules | project id,name,ruleAction=properties_securityRules.properties.access,rulePriority=properties_securityRules.properties.priority,ruleDst=properties_securityRules.properties.destinationAddressPrefix,ruleSrc=properties_securityRules.properties.sourceAddressPrefix,ruleProt=properties_securityRules.properties.protocol,ruleDirection=properties_securityRules.properties.direction,rulePort=properties_securityRules.properties.destinationPortRange | summarize StarDenies=countif(ruleAction=='Deny' and ruleDst=='*' and ruleSrc=='*' and ruleProt=='*' and rulePort=='*') by id,tostring(ruleDirection) | where ruleDirection == 'Inbound' | project id,compliant=(StarDenies>0) | union (resources | where type=='microsoft.network/networksecuritygroups' | where array_length(properties.securityRules)==0 | extend compliant=false | project id,compliant)| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())",
+                                    "query": "resources | where type=='microsoft.network/connections' | where properties.connectionType == 'ExpressRoute' | project id, gwid=tostring(properties.virtualNetworkGateway1.id), circuitid=tostring(properties.peer.id) | join (resources | where type=='microsoft.network/expressroutecircuits' | project circuitid=tostring(id), circuitsku=sku.tier) on circuitid | project id=gwid, compliant = (circuitsku == 'Local') | summarize compliant=max(compliant) by id| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())",
                                     "crossComponentResources": [
                                         "{Subscription}"
                                     ],
@@ -992,9 +940,9 @@
                                 {
                                     "id": "daf05c62-1d5b-4325-b241-d7ee468f23eb",
                                     "version": "KqlParameterItem/1.0",
-                                    "name": "Query22FullyCompliant",
+                                    "name": "Query9FullyCompliant",
                                     "type": 1,
-                                    "query": "{\"version\":\"1.0.0\",\"content\":\"{\\\"value\\\": \\\"{Query22Stats:$.FullyCompliant}\\\"}\",\"transformers\":null}",
+                                    "query": "{\"version\":\"1.0.0\",\"content\":\"{\\\"value\\\": \\\"{Query9Stats:$.FullyCompliant}\\\"}\",\"transformers\":null}",
                                     "isHiddenWhenLocked": true,
                                     "timeContext": {
                                         "durationMs": 86400000
@@ -1004,9 +952,9 @@
                                 {
                                     "id": "daf05c62-1d5b-4325-b241-d7ee468f23eb",
                                     "version": "KqlParameterItem/1.0",
-                                    "name": "Query23Stats",
+                                    "name": "Query10Stats",
                                     "type": 1,
-                                    "query": "resources | where type == 'microsoft.network/networksecuritygroups' | project id, rules = array_length(properties.securityRules) | project id, compliant = (rules < 900)| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())",
+                                    "query": "resources| where type == 'microsoft.network/virtualnetworkgateways'| where properties.gatewayType =~ 'vpn' or properties.gatewayType == 'ExpressRoute'| extend SKUName = properties.sku.name, SKUTier = properties.sku.tier, Type = properties.gatewayType| extend compliant = SKUTier contains 'AZ'| project name, id, subscriptionId, resourceGroup, Type, compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())",
                                     "crossComponentResources": [
                                         "{Subscription}"
                                     ],
@@ -1020,9 +968,9 @@
                                 {
                                     "id": "daf05c62-1d5b-4325-b241-d7ee468f23eb",
                                     "version": "KqlParameterItem/1.0",
-                                    "name": "Query23FullyCompliant",
+                                    "name": "Query10FullyCompliant",
                                     "type": 1,
-                                    "query": "{\"version\":\"1.0.0\",\"content\":\"{\\\"value\\\": \\\"{Query23Stats:$.FullyCompliant}\\\"}\",\"transformers\":null}",
+                                    "query": "{\"version\":\"1.0.0\",\"content\":\"{\\\"value\\\": \\\"{Query10Stats:$.FullyCompliant}\\\"}\",\"transformers\":null}",
                                     "isHiddenWhenLocked": true,
                                     "timeContext": {
                                         "durationMs": 86400000
@@ -1032,80 +980,164 @@
                                 {
                                     "id": "daf05c62-1d5b-4325-b241-d7ee468f23eb",
                                     "version": "KqlParameterItem/1.0",
-                                    "name": "Tab1Success",
+                                    "name": "Query11Stats",
                                     "type": 1,
+                                    "query": "resources | where type=='microsoft.network/virtualnetworkgateways' | where properties.gatewayType == 'Vpn' | extend compliant = (tolower(properties.sku.name) contains 'az') | distinct id, compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())",
+                                    "crossComponentResources": [
+                                        "{Subscription}"
+                                    ],
                                     "isHiddenWhenLocked": true,
                                     "timeContext": {
                                         "durationMs": 86400000
                                     },
-                                    "criteriaData": [
-                                        {
-                                            "criteriaContext": {
-                                                "operator": "Default",
-                                                "resultValType": "expression",
-                                                "resultVal": "{Query19Stats:$.Success}+{Query21Stats:$.Success}+{Query22Stats:$.Success}+{Query23Stats:$.Success}"
-                                            }
-                                        }
-                                    ]
+                                    "queryType": 1,
+                                    "resourceType": "microsoft.resourcegraph/resources"
                                 },
                                 {
                                     "id": "daf05c62-1d5b-4325-b241-d7ee468f23eb",
                                     "version": "KqlParameterItem/1.0",
-                                    "name": "Tab1Total",
+                                    "name": "Query11FullyCompliant",
                                     "type": 1,
+                                    "query": "{\"version\":\"1.0.0\",\"content\":\"{\\\"value\\\": \\\"{Query11Stats:$.FullyCompliant}\\\"}\",\"transformers\":null}",
                                     "isHiddenWhenLocked": true,
                                     "timeContext": {
                                         "durationMs": 86400000
                                     },
-                                    "criteriaData": [
-                                        {
-                                            "criteriaContext": {
-                                                "operator": "Default",
-                                                "resultValType": "expression",
-                                                "resultVal": "{Query19Stats:$.Total}+{Query21Stats:$.Total}+{Query22Stats:$.Total}+{Query23Stats:$.Total}"
-                                            }
-                                        }
-                                    ]
+                                    "queryType": 8
                                 },
                                 {
                                     "id": "daf05c62-1d5b-4325-b241-d7ee468f23eb",
                                     "version": "KqlParameterItem/1.0",
-                                    "name": "Tab1Percent",
+                                    "name": "Query12Stats",
                                     "type": 1,
+                                    "query": "resources | where type=='microsoft.network/connections' | where properties.connectionType == 'ExpressRoute' | project cxId=id, gwId=tostring(properties.virtualNetworkGateway1.id), circuitId=tostring(properties.peer.id) | join (resources | where type=='microsoft.network/expressroutecircuits' | project circuitId=tostring(id), circuitLocation=tostring(properties.serviceProviderProperties.peeringLocation)) on circuitId | distinct gwId, circuitLocation | summarize countErLocations=count() by id=gwId | extend compliant = (countErLocations >= 2)| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())",
+                                    "crossComponentResources": [
+                                        "{Subscription}"
+                                    ],
                                     "isHiddenWhenLocked": true,
                                     "timeContext": {
                                         "durationMs": 86400000
                                     },
-                                    "criteriaData": [
-                                        {
-                                            "criteriaContext": {
-                                                "operator": "Default",
-                                                "resultValType": "expression",
-                                                "resultVal": "round(100*{Tab1Success}/{Tab1Total})"
-                                            }
-                                        }
-                                    ]
-                                }
-                            ],
-                            "style": "pills",
-                            "queryType": 1,
-                            "resourceType": "microsoft.resourcegraph/resources"
-                        },
-                        "name": "TabInvisibleParameters"
-                    },
-                    {
-                        "type": 1,
-                        "content": {
-                            "json": "## Segmentation"
+                                    "queryType": 1,
+                                    "resourceType": "microsoft.resourcegraph/resources"
+                                },
+                                {
+                                    "id": "daf05c62-1d5b-4325-b241-d7ee468f23eb",
+                                    "version": "KqlParameterItem/1.0",
+                                    "name": "Query12FullyCompliant",
+                                    "type": 1,
+                                    "query": "{\"version\":\"1.0.0\",\"content\":\"{\\\"value\\\": \\\"{Query12Stats:$.FullyCompliant}\\\"}\",\"transformers\":null}",
+                                    "isHiddenWhenLocked": true,
+                                    "timeContext": {
+                                        "durationMs": 86400000
+                                    },
+                                    "queryType": 8
+                                },
+                                {
+                                    "id": "daf05c62-1d5b-4325-b241-d7ee468f23eb",
+                                    "version": "KqlParameterItem/1.0",
+                                    "name": "Query13Stats",
+                                    "type": 1,
+                                    "query": "resources | where type=='microsoft.network/virtualnetworks' | project id,resourceGroup,name,subnets=properties.subnets | mv-expand subnets | project id,resourceGroup,name,subnetName=tostring(subnets.name),routeTableId=tostring(subnets.properties.routeTable.id) | where subnetName == 'GatewaySubnet' | join kind=leftouter (Resources | where type == 'microsoft.network/routetables' | project routeTableName=name,routeTableId=id, disableBgpRoutePropagation=properties.disableBgpRoutePropagation) on routeTableId | project id,compliant = (disableBgpRoutePropagation == False or isnull(disableBgpRoutePropagation))| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())",
+                                    "crossComponentResources": [
+                                        "{Subscription}"
+                                    ],
+                                    "isHiddenWhenLocked": true,
+                                    "timeContext": {
+                                        "durationMs": 86400000
+                                    },
+                                    "queryType": 1,
+                                    "resourceType": "microsoft.resourcegraph/resources"
+                                },
+                                {
+                                    "id": "daf05c62-1d5b-4325-b241-d7ee468f23eb",
+                                    "version": "KqlParameterItem/1.0",
+                                    "name": "Query13FullyCompliant",
+                                    "type": 1,
+                                    "query": "{\"version\":\"1.0.0\",\"content\":\"{\\\"value\\\": \\\"{Query13Stats:$.FullyCompliant}\\\"}\",\"transformers\":null}",
+                                    "isHiddenWhenLocked": true,
+                                    "timeContext": {
+                                        "durationMs": 86400000
+                                    },
+                                    "queryType": 8
+                                },
+                                {
+                                    "id": "daf05c62-1d5b-4325-b241-d7ee468f23eb",
+                                    "version": "KqlParameterItem/1.0",
+                                    "name": "Tab2Success",
+                                    "type": 1,
+                                    "isHiddenWhenLocked": true,
+                                    "timeContext": {
+                                        "durationMs": 86400000
+                                    },
+                                    "criteriaData": [
+                                        {
+                                            "criteriaContext": {
+                                                "operator": "Default",
+                                                "resultValType": "expression",
+                                                "resultVal": "{Query7Stats:$.Success}+{Query8Stats:$.Success}+{Query9Stats:$.Success}+{Query10Stats:$.Success}+{Query11Stats:$.Success}+{Query12Stats:$.Success}+{Query13Stats:$.Success}"
+                                            }
+                                        }
+                                    ]
+                                },
+                                {
+                                    "id": "daf05c62-1d5b-4325-b241-d7ee468f23eb",
+                                    "version": "KqlParameterItem/1.0",
+                                    "name": "Tab2Total",
+                                    "type": 1,
+                                    "isHiddenWhenLocked": true,
+                                    "timeContext": {
+                                        "durationMs": 86400000
+                                    },
+                                    "criteriaData": [
+                                        {
+                                            "criteriaContext": {
+                                                "operator": "Default",
+                                                "resultValType": "expression",
+                                                "resultVal": "{Query7Stats:$.Total}+{Query8Stats:$.Total}+{Query9Stats:$.Total}+{Query10Stats:$.Total}+{Query11Stats:$.Total}+{Query12Stats:$.Total}+{Query13Stats:$.Total}"
+                                            }
+                                        }
+                                    ]
+                                },
+                                {
+                                    "id": "daf05c62-1d5b-4325-b241-d7ee468f23eb",
+                                    "version": "KqlParameterItem/1.0",
+                                    "name": "Tab2Percent",
+                                    "type": 1,
+                                    "isHiddenWhenLocked": true,
+                                    "timeContext": {
+                                        "durationMs": 86400000
+                                    },
+                                    "criteriaData": [
+                                        {
+                                            "criteriaContext": {
+                                                "operator": "Default",
+                                                "resultValType": "expression",
+                                                "resultVal": "round(100*{Tab2Success}/{Tab2Total})"
+                                            }
+                                        }
+                                    ]
+                                }
+                            ],
+                            "style": "pills",
+                            "queryType": 1,
+                            "resourceType": "microsoft.resourcegraph/resources"
+                        },
+                        "name": "TabInvisibleParameters"
+                    },
+                    {
+                        "type": 1,
+                        "content": {
+                            "json": "## Hybrid"
                         },
                         "customWidth": "50",
-                        "name": "tab1title"
+                        "name": "tab2title"
                     },
                     {
                         "type": 3,
                         "content": {
                             "version": "KqlItem/1.0",
-                            "query": "{\"version\":\"1.0.0\",\"content\":\"{\\\"Column1\\\": \\\"{Tab1Percent}\\\", \\\"Column2\\\": \\\"Percent of successful checks\\\"}\",\"transformers\":null}",
+                            "query": "{\"version\":\"1.0.0\",\"content\":\"{\\\"Column1\\\": \\\"{Tab2Percent}\\\", \\\"Column2\\\": \\\"Percent of successful checks\\\"}\",\"transformers\":null}",
                             "size": 3,
                             "queryType": 8,
                             "visualization": "tiles",
@@ -1137,15 +1169,15 @@
                     {
                         "type": 1,
                         "content": {
-                            "json": "Use a /26 prefix for your Azure Firewall subnets. Check [this link](https://learn.microsoft.com/azure/firewall/firewall-faq#why-does-azure-firewall-need-a--26-subnet-size) for further information.. [This training](https://learn.microsoft.com/training/modules/introduction-azure-firewall/) can help to educate yourself on this."
+                            "json": "Select the right SKU for the ExpressRoute/VPN gateways based on bandwidth and performance requirements. Check [this link](https://learn.microsoft.com/azure/expressroute/expressroute-about-virtual-network-gateways?source=recommendations#gwsku) for further information.. [This training](https://learn.microsoft.com/learn/modules/design-implement-azure-expressroute/) can help to educate yourself on this."
                         },
-                        "name": "querytext19"
+                        "name": "querytext7"
                     },
                     {
                         "type": 3,
                         "content": {
                             "version": "KqlItem/1.0",
-                            "query": "resources | where type=='microsoft.network/virtualnetworks' | project id,subnets=properties.subnets | mv-expand subnets | project id, subnetName = subnets.name, subnetPrefix = subnets.properties.addressPrefix | extend subnetPrefixLength = split(subnetPrefix, '/')[1] | where subnetName == 'AzureFirewallSubnet' | extend compliant = (subnetPrefixLength == 26) | distinct id, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
+                            "query": "resources| where type == 'microsoft.network/virtualnetworkgateways'| where properties.gatewayType =~ 'vpn' or properties.gatewayType == 'ExpressRoute'| extend SKUName = properties.sku.name, SKUTier = properties.sku.tier, Type = properties.gatewayType| extend compliant = SKUTier !in ('Basic', 'Standard')| project name, id, subscriptionId, resourceGroup, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
                             "size": 4,
                             "queryType": 1,
                             "resourceType": "microsoft.resourcegraph/resources",
@@ -1194,20 +1226,20 @@
                                 ]
                             }
                         },
-                        "name": "query19"
+                        "name": "query7"
                     },
                     {
                         "type": 1,
                         "content": {
-                            "json": "Use at least a /27 prefix for your Gateway subnets. Check [this link](https://learn.microsoft.com/azure/expressroute/expressroute-howto-add-gateway-resource-manager#add-a-gateway) for further information."
+                            "json": "Ensure that you're using unlimited-data ExpressRoute circuits only if you reach the bandwidth that justifies their cost. Check [this link](https://learn.microsoft.com/azure/expressroute/plan-manage-cost) for further information.. [This training](https://learn.microsoft.com/training/modules/design-implement-azure-expressroute/) can help to educate yourself on this."
                         },
-                        "name": "querytext21"
+                        "name": "querytext8"
                     },
                     {
                         "type": 3,
                         "content": {
                             "version": "KqlItem/1.0",
-                            "query": "resources | where type=='microsoft.network/virtualnetworks' | project id,subnets=properties.subnets | mv-expand subnets | project id, subnetName = subnets.name, subnetPrefix = subnets.properties.addressPrefix | extend subnetPrefixLength = split(subnetPrefix, '/')[1] | where subnetName == 'GatewaySubnet' | extend compliant = (subnetPrefixLength <= 27) | distinct id, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
+                            "query": "resources | where type=='microsoft.network/expressroutecircuits' | extend compliant = (tolower(sku.family) == 'metereddata' or tolower(sku.tier) == 'local') | distinct id,compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
                             "size": 4,
                             "queryType": 1,
                             "resourceType": "microsoft.resourcegraph/resources",
@@ -1256,20 +1288,20 @@
                                 ]
                             }
                         },
-                        "name": "query21"
+                        "name": "query8"
                     },
                     {
                         "type": 1,
                         "content": {
-                            "json": "Don't rely on the NSG inbound default rules using the VirtualNetwork service tag to limit connectivity. Check [this link](https://learn.microsoft.com/azure/virtual-network/service-tags-overview#available-service-tags) for further information."
+                            "json": "Leverage the Local SKU of ExpressRoute to reduce the cost of your circuits, if your circuit peering location supports your Azure regions for the Local SKU. Check [this link](https://learn.microsoft.com/azure/expressroute/expressroute-faqs#expressroute-local) for further information.. [This training](https://learn.microsoft.com/training/modules/design-implement-azure-expressroute/) can help to educate yourself on this."
                         },
-                        "name": "querytext22"
+                        "name": "querytext9"
                     },
                     {
                         "type": 3,
                         "content": {
                             "version": "KqlItem/1.0",
-                            "query": "resources | where type=='microsoft.network/networksecuritygroups' | mvexpand properties.securityRules | project id,name,ruleAction=properties_securityRules.properties.access,rulePriority=properties_securityRules.properties.priority,ruleDst=properties_securityRules.properties.destinationAddressPrefix,ruleSrc=properties_securityRules.properties.sourceAddressPrefix,ruleProt=properties_securityRules.properties.protocol,ruleDirection=properties_securityRules.properties.direction,rulePort=properties_securityRules.properties.destinationPortRange | summarize StarDenies=countif(ruleAction=='Deny' and ruleDst=='*' and ruleSrc=='*' and ruleProt=='*' and rulePort=='*') by id,tostring(ruleDirection) | where ruleDirection == 'Inbound' | project id,compliant=(StarDenies>0) | union (resources | where type=='microsoft.network/networksecuritygroups' | where array_length(properties.securityRules)==0 | extend compliant=false | project id,compliant) | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
+                            "query": "resources | where type=='microsoft.network/connections' | where properties.connectionType == 'ExpressRoute' | project id, gwid=tostring(properties.virtualNetworkGateway1.id), circuitid=tostring(properties.peer.id) | join (resources | where type=='microsoft.network/expressroutecircuits' | project circuitid=tostring(id), circuitsku=sku.tier) on circuitid | project id=gwid, compliant = (circuitsku == 'Local') | summarize compliant=max(compliant) by id | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
                             "size": 4,
                             "queryType": 1,
                             "resourceType": "microsoft.resourcegraph/resources",
@@ -1318,20 +1350,20 @@
                                 ]
                             }
                         },
-                        "name": "query22"
+                        "name": "query9"
                     },
                     {
                         "type": 1,
                         "content": {
-                            "json": "Do not implement more than 900 NSG rules per NSG, due to the limit of 1000 rules. Check [this link](https://learn.microsoft.com/azure/azure-resource-manager/management/azure-subscription-service-limits) for further information.. [This training](https://learn.microsoft.com/azure/virtual-network/network-security-group-how-it-works) can help to educate yourself on this."
+                            "json": "Deploy a zone-redundant ExpressRoute gateway in the supported Azure regions. Check [this link](https://learn.microsoft.com/azure/expressroute/expressroute-about-virtual-network-gateways) for further information.. [This training](https://learn.microsoft.com/learn/modules/design-implement-azure-expressroute/) can help to educate yourself on this."
                         },
-                        "name": "querytext23"
+                        "name": "querytext10"
                     },
                     {
                         "type": 3,
                         "content": {
                             "version": "KqlItem/1.0",
-                            "query": "resources | where type == 'microsoft.network/networksecuritygroups' | project id, rules = array_length(properties.securityRules) | project id, compliant = (rules < 900) | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
+                            "query": "resources| where type == 'microsoft.network/virtualnetworkgateways'| where properties.gatewayType =~ 'vpn' or properties.gatewayType == 'ExpressRoute'| extend SKUName = properties.sku.name, SKUTier = properties.sku.tier, Type = properties.gatewayType| extend compliant = SKUTier contains 'AZ'| project name, id, subscriptionId, resourceGroup, Type, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
                             "size": 4,
                             "queryType": 1,
                             "resourceType": "microsoft.resourcegraph/resources",
@@ -1380,96 +1412,226 @@
                                 ]
                             }
                         },
-                        "name": "query23"
-                    }
-                ]
-            },
-            "conditionalVisibility": {
-                "parameterName": "VisibleTab",
-                "comparison": "isEqualTo",
-                "value": "tab1"
-            },
-            "name": "tab1"
-        },
-        {
-            "type": 12,
-            "content": {
-                "version": "NotebookGroup/1.0",
-                "groupType": "editable",
-                "items": [
+                        "name": "query10"
+                    },
                     {
-                        "type": 9,
+                        "type": 1,
                         "content": {
-                            "version": "KqlParameterItem/1.0",
+                            "json": "Use zone-redundant VPN gateways to connect branches or remote locations to Azure (where available). Check [this link](https://learn.microsoft.com/azure/vpn-gateway/create-zone-redundant-vnet-gateway) for further information.. [This training](https://learn.microsoft.com/training/modules/intro-to-azure-vpn-gateway/) can help to educate yourself on this."
+                        },
+                        "name": "querytext11"
+                    },
+                    {
+                        "type": 3,
+                        "content": {
+                            "version": "KqlItem/1.0",
+                            "query": "resources | where type=='microsoft.network/virtualnetworkgateways' | where properties.gatewayType == 'Vpn' | extend compliant = (tolower(properties.sku.name) contains 'az') | distinct id, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
+                            "size": 4,
+                            "queryType": 1,
+                            "resourceType": "microsoft.resourcegraph/resources",
                             "crossComponentResources": [
                                 "{Subscription}"
                             ],
-                            "parameters": [
-                                {
-                                    "id": "daf05c62-1d5b-4325-b241-d7ee468f23eb",
-                                    "version": "KqlParameterItem/1.0",
-                                    "name": "Query0Stats",
-                                    "type": 1,
-                                    "query": "resources | where type=='microsoft.network/virtualnetworks' | project id,subnets=properties.subnets | mv-expand subnets | project id, subnetName = subnets.name, subnetPrefix = subnets.properties.addressPrefix | extend subnetPrefixLength = split(subnetPrefix, '/')[1] | where subnetName == 'RouteServerSubnet' | extend compliant = (subnetPrefixLength <= 27) | distinct id, compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())",
-                                    "crossComponentResources": [
-                                        "{Subscription}"
-                                    ],
-                                    "isHiddenWhenLocked": true,
-                                    "timeContext": {
-                                        "durationMs": 86400000
-                                    },
-                                    "queryType": 1,
-                                    "resourceType": "microsoft.resourcegraph/resources"
-                                },
-                                {
-                                    "id": "daf05c62-1d5b-4325-b241-d7ee468f23eb",
-                                    "version": "KqlParameterItem/1.0",
-                                    "name": "Query0FullyCompliant",
-                                    "type": 1,
-                                    "query": "{\"version\":\"1.0.0\",\"content\":\"{\\\"value\\\": \\\"{Query0Stats:$.FullyCompliant}\\\"}\",\"transformers\":null}",
-                                    "isHiddenWhenLocked": true,
-                                    "timeContext": {
-                                        "durationMs": 86400000
-                                    },
-                                    "queryType": 8
-                                },
-                                {
-                                    "id": "daf05c62-1d5b-4325-b241-d7ee468f23eb",
-                                    "version": "KqlParameterItem/1.0",
-                                    "name": "Query1Stats",
-                                    "type": 1,
-                                    "query": "resources | where type == 'microsoft.network/virtualnetworks' | mvexpand properties.virtualNetworkPeerings | summarize peeringcount = count() by id | extend compliant = (peeringcount < 450) | distinct id,compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())",
-                                    "crossComponentResources": [
-                                        "{Subscription}"
-                                    ],
-                                    "isHiddenWhenLocked": true,
-                                    "timeContext": {
-                                        "durationMs": 86400000
-                                    },
-                                    "queryType": 1,
-                                    "resourceType": "microsoft.resourcegraph/resources"
-                                },
-                                {
-                                    "id": "daf05c62-1d5b-4325-b241-d7ee468f23eb",
-                                    "version": "KqlParameterItem/1.0",
-                                    "name": "Query1FullyCompliant",
-                                    "type": 1,
-                                    "query": "{\"version\":\"1.0.0\",\"content\":\"{\\\"value\\\": \\\"{Query1Stats:$.FullyCompliant}\\\"}\",\"transformers\":null}",
-                                    "isHiddenWhenLocked": true,
-                                    "timeContext": {
-                                        "durationMs": 86400000
+                            "gridSettings": {
+                                "formatters": [
+                                    {
+                                        "columnMatch": "id",
+                                        "formatter": 0,
+                                        "numberFormat": {
+                                            "unit": 0,
+                                            "options": {
+                                                "style": "decimal"
+                                            }
+                                        }
                                     },
-                                    "queryType": 8
-                                },
-                                {
-                                    "id": "daf05c62-1d5b-4325-b241-d7ee468f23eb",
-                                    "version": "KqlParameterItem/1.0",
-                                    "name": "Query2Stats",
-                                    "type": 1,
-                                    "query": "resources | where type=='microsoft.network/routetables' | mvexpand properties.routes | summarize routeCount = count() by id | extend compliant = (routeCount < 360) | distinct id,compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())",
-                                    "crossComponentResources": [
-                                        "{Subscription}"
-                                    ],
+                                    {
+                                        "columnMatch": "compliant",
+                                        "formatter": 18,
+                                        "formatOptions": {
+                                            "thresholdsOptions": "icons",
+                                            "thresholdsGrid": [
+                                                {
+                                                    "operator": "==",
+                                                    "thresholdValue": "1",
+                                                    "representation": "success",
+                                                    "text": "Success"
+                                                },
+                                                {
+                                                    "operator": "==",
+                                                    "thresholdValue": "0",
+                                                    "representation": "failed",
+                                                    "text": "Failed"
+                                                },
+                                                {
+                                                    "operator": "Default",
+                                                    "thresholdValue": null,
+                                                    "representation": "unknown",
+                                                    "text": "Unknown"
+                                                }
+                                            ]
+                                        }
+                                    }
+                                ]
+                            }
+                        },
+                        "name": "query11"
+                    },
+                    {
+                        "type": 1,
+                        "content": {
+                            "json": "Use ExpressRoute circuits from different peering locations for redundancy. Check [this link](https://learn.microsoft.com/azure/expressroute/designing-for-disaster-recovery-with-expressroute-privatepeering#need-for-redundant-connectivity-solution) for further information.. [This training](https://learn.microsoft.com/learn/modules/design-implement-azure-expressroute/) can help to educate yourself on this."
+                        },
+                        "name": "querytext12"
+                    },
+                    {
+                        "type": 3,
+                        "content": {
+                            "version": "KqlItem/1.0",
+                            "query": "resources | where type=='microsoft.network/connections' | where properties.connectionType == 'ExpressRoute' | project cxId=id, gwId=tostring(properties.virtualNetworkGateway1.id), circuitId=tostring(properties.peer.id) | join (resources | where type=='microsoft.network/expressroutecircuits' | project circuitId=tostring(id), circuitLocation=tostring(properties.serviceProviderProperties.peeringLocation)) on circuitId | distinct gwId, circuitLocation | summarize countErLocations=count() by id=gwId | extend compliant = (countErLocations >= 2) | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
+                            "size": 4,
+                            "queryType": 1,
+                            "resourceType": "microsoft.resourcegraph/resources",
+                            "crossComponentResources": [
+                                "{Subscription}"
+                            ],
+                            "gridSettings": {
+                                "formatters": [
+                                    {
+                                        "columnMatch": "id",
+                                        "formatter": 0,
+                                        "numberFormat": {
+                                            "unit": 0,
+                                            "options": {
+                                                "style": "decimal"
+                                            }
+                                        }
+                                    },
+                                    {
+                                        "columnMatch": "compliant",
+                                        "formatter": 18,
+                                        "formatOptions": {
+                                            "thresholdsOptions": "icons",
+                                            "thresholdsGrid": [
+                                                {
+                                                    "operator": "==",
+                                                    "thresholdValue": "1",
+                                                    "representation": "success",
+                                                    "text": "Success"
+                                                },
+                                                {
+                                                    "operator": "==",
+                                                    "thresholdValue": "0",
+                                                    "representation": "failed",
+                                                    "text": "Failed"
+                                                },
+                                                {
+                                                    "operator": "Default",
+                                                    "thresholdValue": null,
+                                                    "representation": "unknown",
+                                                    "text": "Unknown"
+                                                }
+                                            ]
+                                        }
+                                    }
+                                ]
+                            }
+                        },
+                        "name": "query12"
+                    },
+                    {
+                        "type": 1,
+                        "content": {
+                            "json": "If you are using a route table in the GatewaySubnet, make sure that gateway routes are propagated. Check [this link](https://learn.microsoft.com/azure/vpn-gateway/vpn-gateway-about-vpn-gateway-settings#gwsub) for further information."
+                        },
+                        "name": "querytext13"
+                    },
+                    {
+                        "type": 3,
+                        "content": {
+                            "version": "KqlItem/1.0",
+                            "query": "resources | where type=='microsoft.network/virtualnetworks' | project id,resourceGroup,name,subnets=properties.subnets | mv-expand subnets | project id,resourceGroup,name,subnetName=tostring(subnets.name),routeTableId=tostring(subnets.properties.routeTable.id) | where subnetName == 'GatewaySubnet' | join kind=leftouter (Resources | where type == 'microsoft.network/routetables' | project routeTableName=name,routeTableId=id, disableBgpRoutePropagation=properties.disableBgpRoutePropagation) on routeTableId | project id,compliant = (disableBgpRoutePropagation == False or isnull(disableBgpRoutePropagation)) | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
+                            "size": 4,
+                            "queryType": 1,
+                            "resourceType": "microsoft.resourcegraph/resources",
+                            "crossComponentResources": [
+                                "{Subscription}"
+                            ],
+                            "gridSettings": {
+                                "formatters": [
+                                    {
+                                        "columnMatch": "id",
+                                        "formatter": 0,
+                                        "numberFormat": {
+                                            "unit": 0,
+                                            "options": {
+                                                "style": "decimal"
+                                            }
+                                        }
+                                    },
+                                    {
+                                        "columnMatch": "compliant",
+                                        "formatter": 18,
+                                        "formatOptions": {
+                                            "thresholdsOptions": "icons",
+                                            "thresholdsGrid": [
+                                                {
+                                                    "operator": "==",
+                                                    "thresholdValue": "1",
+                                                    "representation": "success",
+                                                    "text": "Success"
+                                                },
+                                                {
+                                                    "operator": "==",
+                                                    "thresholdValue": "0",
+                                                    "representation": "failed",
+                                                    "text": "Failed"
+                                                },
+                                                {
+                                                    "operator": "Default",
+                                                    "thresholdValue": null,
+                                                    "representation": "unknown",
+                                                    "text": "Unknown"
+                                                }
+                                            ]
+                                        }
+                                    }
+                                ]
+                            }
+                        },
+                        "name": "query13"
+                    }
+                ]
+            },
+            "conditionalVisibility": {
+                "parameterName": "VisibleTab",
+                "comparison": "isEqualTo",
+                "value": "tab2"
+            },
+            "name": "tab2"
+        },
+        {
+            "type": 12,
+            "content": {
+                "version": "NotebookGroup/1.0",
+                "groupType": "editable",
+                "items": [
+                    {
+                        "type": 9,
+                        "content": {
+                            "version": "KqlParameterItem/1.0",
+                            "crossComponentResources": [
+                                "{Subscription}"
+                            ],
+                            "parameters": [
+                                {
+                                    "id": "daf05c62-1d5b-4325-b241-d7ee468f23eb",
+                                    "version": "KqlParameterItem/1.0",
+                                    "name": "Query19Stats",
+                                    "type": 1,
+                                    "query": "resources | where type=='microsoft.network/virtualnetworks' | project id,subnets=properties.subnets | mv-expand subnets | project id, subnetName = subnets.name, subnetPrefix = subnets.properties.addressPrefix | extend subnetPrefixLength = split(subnetPrefix, '/')[1] | where subnetName == 'AzureFirewallSubnet' | extend compliant = (subnetPrefixLength == 26) | distinct id, compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())",
+                                    "crossComponentResources": [
+                                        "{Subscription}"
+                                    ],
                                     "isHiddenWhenLocked": true,
                                     "timeContext": {
                                         "durationMs": 86400000
@@ -1480,9 +1642,9 @@
                                 {
                                     "id": "daf05c62-1d5b-4325-b241-d7ee468f23eb",
                                     "version": "KqlParameterItem/1.0",
-                                    "name": "Query2FullyCompliant",
+                                    "name": "Query19FullyCompliant",
                                     "type": 1,
-                                    "query": "{\"version\":\"1.0.0\",\"content\":\"{\\\"value\\\": \\\"{Query2Stats:$.FullyCompliant}\\\"}\",\"transformers\":null}",
+                                    "query": "{\"version\":\"1.0.0\",\"content\":\"{\\\"value\\\": \\\"{Query19Stats:$.FullyCompliant}\\\"}\",\"transformers\":null}",
                                     "isHiddenWhenLocked": true,
                                     "timeContext": {
                                         "durationMs": 86400000
@@ -1492,9 +1654,9 @@
                                 {
                                     "id": "daf05c62-1d5b-4325-b241-d7ee468f23eb",
                                     "version": "KqlParameterItem/1.0",
-                                    "name": "Query3Stats",
+                                    "name": "Query21Stats",
                                     "type": 1,
-                                    "query": "resources | where type == 'microsoft.network/virtualnetworks' | mvexpand properties.virtualNetworkPeerings | project id, peeringName=properties_virtualNetworkPeerings.name, compliant = (properties_virtualNetworkPeerings.properties.allowVirtualNetworkAccess == True)| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())",
+                                    "query": "resources | where type=='microsoft.network/virtualnetworks' | project id,subnets=properties.subnets | mv-expand subnets | project id, subnetName = subnets.name, subnetPrefix = subnets.properties.addressPrefix | extend subnetPrefixLength = split(subnetPrefix, '/')[1] | where subnetName == 'GatewaySubnet' | extend compliant = (subnetPrefixLength <= 27) | distinct id, compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())",
                                     "crossComponentResources": [
                                         "{Subscription}"
                                     ],
@@ -1508,9 +1670,9 @@
                                 {
                                     "id": "daf05c62-1d5b-4325-b241-d7ee468f23eb",
                                     "version": "KqlParameterItem/1.0",
-                                    "name": "Query3FullyCompliant",
+                                    "name": "Query21FullyCompliant",
                                     "type": 1,
-                                    "query": "{\"version\":\"1.0.0\",\"content\":\"{\\\"value\\\": \\\"{Query3Stats:$.FullyCompliant}\\\"}\",\"transformers\":null}",
+                                    "query": "{\"version\":\"1.0.0\",\"content\":\"{\\\"value\\\": \\\"{Query21Stats:$.FullyCompliant}\\\"}\",\"transformers\":null}",
                                     "isHiddenWhenLocked": true,
                                     "timeContext": {
                                         "durationMs": 86400000
@@ -1520,7 +1682,63 @@
                                 {
                                     "id": "daf05c62-1d5b-4325-b241-d7ee468f23eb",
                                     "version": "KqlParameterItem/1.0",
-                                    "name": "Tab2Success",
+                                    "name": "Query22Stats",
+                                    "type": 1,
+                                    "query": "resources | where type=='microsoft.network/networksecuritygroups' | mvexpand properties.securityRules | project id,name,ruleAction=properties_securityRules.properties.access,rulePriority=properties_securityRules.properties.priority,ruleDst=properties_securityRules.properties.destinationAddressPrefix,ruleSrc=properties_securityRules.properties.sourceAddressPrefix,ruleProt=properties_securityRules.properties.protocol,ruleDirection=properties_securityRules.properties.direction,rulePort=properties_securityRules.properties.destinationPortRange | summarize StarDenies=countif(ruleAction=='Deny' and ruleDst=='*' and ruleSrc=='*' and ruleProt=='*' and rulePort=='*') by id,tostring(ruleDirection) | where ruleDirection == 'Inbound' | project id,compliant=(StarDenies>0) | union (resources | where type=='microsoft.network/networksecuritygroups' | where array_length(properties.securityRules)==0 | extend compliant=false | project id,compliant)| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())",
+                                    "crossComponentResources": [
+                                        "{Subscription}"
+                                    ],
+                                    "isHiddenWhenLocked": true,
+                                    "timeContext": {
+                                        "durationMs": 86400000
+                                    },
+                                    "queryType": 1,
+                                    "resourceType": "microsoft.resourcegraph/resources"
+                                },
+                                {
+                                    "id": "daf05c62-1d5b-4325-b241-d7ee468f23eb",
+                                    "version": "KqlParameterItem/1.0",
+                                    "name": "Query22FullyCompliant",
+                                    "type": 1,
+                                    "query": "{\"version\":\"1.0.0\",\"content\":\"{\\\"value\\\": \\\"{Query22Stats:$.FullyCompliant}\\\"}\",\"transformers\":null}",
+                                    "isHiddenWhenLocked": true,
+                                    "timeContext": {
+                                        "durationMs": 86400000
+                                    },
+                                    "queryType": 8
+                                },
+                                {
+                                    "id": "daf05c62-1d5b-4325-b241-d7ee468f23eb",
+                                    "version": "KqlParameterItem/1.0",
+                                    "name": "Query23Stats",
+                                    "type": 1,
+                                    "query": "resources | where type == 'microsoft.network/networksecuritygroups' | project id, rules = array_length(properties.securityRules) | project id, compliant = (rules < 900)| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())",
+                                    "crossComponentResources": [
+                                        "{Subscription}"
+                                    ],
+                                    "isHiddenWhenLocked": true,
+                                    "timeContext": {
+                                        "durationMs": 86400000
+                                    },
+                                    "queryType": 1,
+                                    "resourceType": "microsoft.resourcegraph/resources"
+                                },
+                                {
+                                    "id": "daf05c62-1d5b-4325-b241-d7ee468f23eb",
+                                    "version": "KqlParameterItem/1.0",
+                                    "name": "Query23FullyCompliant",
+                                    "type": 1,
+                                    "query": "{\"version\":\"1.0.0\",\"content\":\"{\\\"value\\\": \\\"{Query23Stats:$.FullyCompliant}\\\"}\",\"transformers\":null}",
+                                    "isHiddenWhenLocked": true,
+                                    "timeContext": {
+                                        "durationMs": 86400000
+                                    },
+                                    "queryType": 8
+                                },
+                                {
+                                    "id": "daf05c62-1d5b-4325-b241-d7ee468f23eb",
+                                    "version": "KqlParameterItem/1.0",
+                                    "name": "Tab3Success",
                                     "type": 1,
                                     "isHiddenWhenLocked": true,
                                     "timeContext": {
@@ -1531,7 +1749,7 @@
                                             "criteriaContext": {
                                                 "operator": "Default",
                                                 "resultValType": "expression",
-                                                "resultVal": "{Query0Stats:$.Success}+{Query1Stats:$.Success}+{Query2Stats:$.Success}+{Query3Stats:$.Success}"
+                                                "resultVal": "{Query19Stats:$.Success}+{Query21Stats:$.Success}+{Query22Stats:$.Success}+{Query23Stats:$.Success}"
                                             }
                                         }
                                     ]
@@ -1539,7 +1757,7 @@
                                 {
                                     "id": "daf05c62-1d5b-4325-b241-d7ee468f23eb",
                                     "version": "KqlParameterItem/1.0",
-                                    "name": "Tab2Total",
+                                    "name": "Tab3Total",
                                     "type": 1,
                                     "isHiddenWhenLocked": true,
                                     "timeContext": {
@@ -1550,7 +1768,7 @@
                                             "criteriaContext": {
                                                 "operator": "Default",
                                                 "resultValType": "expression",
-                                                "resultVal": "{Query0Stats:$.Total}+{Query1Stats:$.Total}+{Query2Stats:$.Total}+{Query3Stats:$.Total}"
+                                                "resultVal": "{Query19Stats:$.Total}+{Query21Stats:$.Total}+{Query22Stats:$.Total}+{Query23Stats:$.Total}"
                                             }
                                         }
                                     ]
@@ -1558,7 +1776,7 @@
                                 {
                                     "id": "daf05c62-1d5b-4325-b241-d7ee468f23eb",
                                     "version": "KqlParameterItem/1.0",
-                                    "name": "Tab2Percent",
+                                    "name": "Tab3Percent",
                                     "type": 1,
                                     "isHiddenWhenLocked": true,
                                     "timeContext": {
@@ -1569,7 +1787,7 @@
                                             "criteriaContext": {
                                                 "operator": "Default",
                                                 "resultValType": "expression",
-                                                "resultVal": "round(100*{Tab2Success}/{Tab2Total})"
+                                                "resultVal": "round(100*{Tab3Success}/{Tab3Total})"
                                             }
                                         }
                                     ]
@@ -1584,16 +1802,16 @@
                     {
                         "type": 1,
                         "content": {
-                            "json": "## Hub and spoke"
+                            "json": "## Segmentation"
                         },
                         "customWidth": "50",
-                        "name": "tab2title"
+                        "name": "tab3title"
                     },
                     {
                         "type": 3,
                         "content": {
                             "version": "KqlItem/1.0",
-                            "query": "{\"version\":\"1.0.0\",\"content\":\"{\\\"Column1\\\": \\\"{Tab2Percent}\\\", \\\"Column2\\\": \\\"Percent of successful checks\\\"}\",\"transformers\":null}",
+                            "query": "{\"version\":\"1.0.0\",\"content\":\"{\\\"Column1\\\": \\\"{Tab3Percent}\\\", \\\"Column2\\\": \\\"Percent of successful checks\\\"}\",\"transformers\":null}",
                             "size": 3,
                             "queryType": 8,
                             "visualization": "tiles",
@@ -1625,77 +1843,15 @@
                     {
                         "type": 1,
                         "content": {
-                            "json": "If using Route Server, use a /27 prefix for the Route Server subnet. Check [this link](https://learn.microsoft.com/azure/route-server/quickstart-configure-route-server-portal#create-a-route-server-1) for further information.. [This training](https://learn.microsoft.com/training/modules/intro-to-azure-route-server/) can help to educate yourself on this."
-                        },
-                        "name": "querytext0"
-                    },
-                    {
-                        "type": 3,
-                        "content": {
-                            "version": "KqlItem/1.0",
-                            "query": "resources | where type=='microsoft.network/virtualnetworks' | project id,subnets=properties.subnets | mv-expand subnets | project id, subnetName = subnets.name, subnetPrefix = subnets.properties.addressPrefix | extend subnetPrefixLength = split(subnetPrefix, '/')[1] | where subnetName == 'RouteServerSubnet' | extend compliant = (subnetPrefixLength <= 27) | distinct id, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
-                            "size": 4,
-                            "queryType": 1,
-                            "resourceType": "microsoft.resourcegraph/resources",
-                            "crossComponentResources": [
-                                "{Subscription}"
-                            ],
-                            "gridSettings": {
-                                "formatters": [
-                                    {
-                                        "columnMatch": "id",
-                                        "formatter": 0,
-                                        "numberFormat": {
-                                            "unit": 0,
-                                            "options": {
-                                                "style": "decimal"
-                                            }
-                                        }
-                                    },
-                                    {
-                                        "columnMatch": "compliant",
-                                        "formatter": 18,
-                                        "formatOptions": {
-                                            "thresholdsOptions": "icons",
-                                            "thresholdsGrid": [
-                                                {
-                                                    "operator": "==",
-                                                    "thresholdValue": "1",
-                                                    "representation": "success",
-                                                    "text": "Success"
-                                                },
-                                                {
-                                                    "operator": "==",
-                                                    "thresholdValue": "0",
-                                                    "representation": "failed",
-                                                    "text": "Failed"
-                                                },
-                                                {
-                                                    "operator": "Default",
-                                                    "thresholdValue": null,
-                                                    "representation": "unknown",
-                                                    "text": "Unknown"
-                                                }
-                                            ]
-                                        }
-                                    }
-                                ]
-                            }
-                        },
-                        "name": "query0"
-                    },
-                    {
-                        "type": 1,
-                        "content": {
-                            "json": "If you have more than 400 spoke networks in a region, deploy an additional hub to bypass VNet peering limits (500) and the maximum number of prefixes that can be advertised via ExpressRoute (1000). Check [this link](https://learn.microsoft.com/azure/azure-resource-manager/management/azure-subscription-service-limits?toc=/azure/virtual-network/toc.json#azure-resource-manager-virtual-networking-limits) for further information.. [This training](https://learn.microsoft.com/training/modules/hub-and-spoke-network-architecture/) can help to educate yourself on this."
+                            "json": "Use a /26 prefix for your Azure Firewall subnets. Check [this link](https://learn.microsoft.com/azure/firewall/firewall-faq#why-does-azure-firewall-need-a--26-subnet-size) for further information.. [This training](https://learn.microsoft.com/training/modules/introduction-azure-firewall/) can help to educate yourself on this."
                         },
-                        "name": "querytext1"
+                        "name": "querytext19"
                     },
                     {
                         "type": 3,
                         "content": {
                             "version": "KqlItem/1.0",
-                            "query": "resources | where type == 'microsoft.network/virtualnetworks' | mvexpand properties.virtualNetworkPeerings | summarize peeringcount = count() by id | extend compliant = (peeringcount < 450) | distinct id,compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
+                            "query": "resources | where type=='microsoft.network/virtualnetworks' | project id,subnets=properties.subnets | mv-expand subnets | project id, subnetName = subnets.name, subnetPrefix = subnets.properties.addressPrefix | extend subnetPrefixLength = split(subnetPrefix, '/')[1] | where subnetName == 'AzureFirewallSubnet' | extend compliant = (subnetPrefixLength == 26) | distinct id, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
                             "size": 4,
                             "queryType": 1,
                             "resourceType": "microsoft.resourcegraph/resources",
@@ -1744,20 +1900,20 @@
                                 ]
                             }
                         },
-                        "name": "query1"
+                        "name": "query19"
                     },
                     {
                         "type": 1,
                         "content": {
-                            "json": "Limit the number of routes per route table to 400. Check [this link](https://learn.microsoft.com/azure/azure-resource-manager/management/azure-subscription-service-limits?toc=/azure/virtual-network/toc.json#azure-resource-manager-virtual-networking-limits) for further information.. [This training](https://learn.microsoft.com/training/modules/hub-and-spoke-network-architecture/) can help to educate yourself on this."
+                            "json": "Use at least a /27 prefix for your Gateway subnets. Check [this link](https://learn.microsoft.com/azure/expressroute/expressroute-howto-add-gateway-resource-manager#add-a-gateway) for further information."
                         },
-                        "name": "querytext2"
+                        "name": "querytext21"
                     },
                     {
                         "type": 3,
                         "content": {
                             "version": "KqlItem/1.0",
-                            "query": "resources | where type=='microsoft.network/routetables' | mvexpand properties.routes | summarize routeCount = count() by id | extend compliant = (routeCount < 360) | distinct id,compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
+                            "query": "resources | where type=='microsoft.network/virtualnetworks' | project id,subnets=properties.subnets | mv-expand subnets | project id, subnetName = subnets.name, subnetPrefix = subnets.properties.addressPrefix | extend subnetPrefixLength = split(subnetPrefix, '/')[1] | where subnetName == 'GatewaySubnet' | extend compliant = (subnetPrefixLength <= 27) | distinct id, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
                             "size": 4,
                             "queryType": 1,
                             "resourceType": "microsoft.resourcegraph/resources",
@@ -1806,20 +1962,20 @@
                                 ]
                             }
                         },
-                        "name": "query2"
+                        "name": "query21"
                     },
                     {
                         "type": 1,
                         "content": {
-                            "json": "Use the setting 'Allow traffic to remote virtual network' when configuring VNet peerings. Check [this link](https://learn.microsoft.com/azure/virtual-network/virtual-network-manage-peering) for further information.. [This training](https://learn.microsoft.com/training/modules/hub-and-spoke-network-architecture/) can help to educate yourself on this."
+                            "json": "Don't rely on the NSG inbound default rules using the VirtualNetwork service tag to limit connectivity. Check [this link](https://learn.microsoft.com/azure/virtual-network/service-tags-overview#available-service-tags) for further information."
                         },
-                        "name": "querytext3"
+                        "name": "querytext22"
                     },
                     {
                         "type": 3,
                         "content": {
                             "version": "KqlItem/1.0",
-                            "query": "resources | where type == 'microsoft.network/virtualnetworks' | mvexpand properties.virtualNetworkPeerings | project id, peeringName=properties_virtualNetworkPeerings.name, compliant = (properties_virtualNetworkPeerings.properties.allowVirtualNetworkAccess == True) | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
+                            "query": "resources | where type=='microsoft.network/networksecuritygroups' | mvexpand properties.securityRules | project id,name,ruleAction=properties_securityRules.properties.access,rulePriority=properties_securityRules.properties.priority,ruleDst=properties_securityRules.properties.destinationAddressPrefix,ruleSrc=properties_securityRules.properties.sourceAddressPrefix,ruleProt=properties_securityRules.properties.protocol,ruleDirection=properties_securityRules.properties.direction,rulePort=properties_securityRules.properties.destinationPortRange | summarize StarDenies=countif(ruleAction=='Deny' and ruleDst=='*' and ruleSrc=='*' and ruleProt=='*' and rulePort=='*') by id,tostring(ruleDirection) | where ruleDirection == 'Inbound' | project id,compliant=(StarDenies>0) | union (resources | where type=='microsoft.network/networksecuritygroups' | where array_length(properties.securityRules)==0 | extend compliant=false | project id,compliant) | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
                             "size": 4,
                             "queryType": 1,
                             "resourceType": "microsoft.resourcegraph/resources",
@@ -1848,196 +2004,40 @@
                                                     "operator": "==",
                                                     "thresholdValue": "1",
                                                     "representation": "success",
-                                                    "text": "Success"
-                                                },
-                                                {
-                                                    "operator": "==",
-                                                    "thresholdValue": "0",
-                                                    "representation": "failed",
-                                                    "text": "Failed"
-                                                },
-                                                {
-                                                    "operator": "Default",
-                                                    "thresholdValue": null,
-                                                    "representation": "unknown",
-                                                    "text": "Unknown"
-                                                }
-                                            ]
-                                        }
-                                    }
-                                ]
-                            }
-                        },
-                        "name": "query3"
-                    }
-                ]
-            },
-            "conditionalVisibility": {
-                "parameterName": "VisibleTab",
-                "comparison": "isEqualTo",
-                "value": "tab2"
-            },
-            "name": "tab2"
-        },
-        {
-            "type": 12,
-            "content": {
-                "version": "NotebookGroup/1.0",
-                "groupType": "editable",
-                "items": [
-                    {
-                        "type": 9,
-                        "content": {
-                            "version": "KqlParameterItem/1.0",
-                            "crossComponentResources": [
-                                "{Subscription}"
-                            ],
-                            "parameters": [
-                                {
-                                    "id": "daf05c62-1d5b-4325-b241-d7ee468f23eb",
-                                    "version": "KqlParameterItem/1.0",
-                                    "name": "Query20Stats",
-                                    "type": 1,
-                                    "query": "resources | where type =~ 'microsoft.network/virtualnetworks' | project id,resourceGroup,name,subnets = properties.subnets | mv-expand subnets | project id = subnets.id, resourceGroup, VNet = name, serviceEndpoints = subnets.properties.serviceEndpoints, compliant = (isnull(subnets.properties.serviceEndpoints) or array_length(subnets.properties.serviceEndpoints) == 0) | order by compliant asc| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())",
-                                    "crossComponentResources": [
-                                        "{Subscription}"
-                                    ],
-                                    "isHiddenWhenLocked": true,
-                                    "timeContext": {
-                                        "durationMs": 86400000
-                                    },
-                                    "queryType": 1,
-                                    "resourceType": "microsoft.resourcegraph/resources"
-                                },
-                                {
-                                    "id": "daf05c62-1d5b-4325-b241-d7ee468f23eb",
-                                    "version": "KqlParameterItem/1.0",
-                                    "name": "Query20FullyCompliant",
-                                    "type": 1,
-                                    "query": "{\"version\":\"1.0.0\",\"content\":\"{\\\"value\\\": \\\"{Query20Stats:$.FullyCompliant}\\\"}\",\"transformers\":null}",
-                                    "isHiddenWhenLocked": true,
-                                    "timeContext": {
-                                        "durationMs": 86400000
-                                    },
-                                    "queryType": 8
-                                },
-                                {
-                                    "id": "daf05c62-1d5b-4325-b241-d7ee468f23eb",
-                                    "version": "KqlParameterItem/1.0",
-                                    "name": "Tab3Success",
-                                    "type": 1,
-                                    "isHiddenWhenLocked": true,
-                                    "timeContext": {
-                                        "durationMs": 86400000
-                                    },
-                                    "criteriaData": [
-                                        {
-                                            "criteriaContext": {
-                                                "operator": "Default",
-                                                "resultValType": "expression",
-                                                "resultVal": "{Query20Stats:$.Success}"
-                                            }
-                                        }
-                                    ]
-                                },
-                                {
-                                    "id": "daf05c62-1d5b-4325-b241-d7ee468f23eb",
-                                    "version": "KqlParameterItem/1.0",
-                                    "name": "Tab3Total",
-                                    "type": 1,
-                                    "isHiddenWhenLocked": true,
-                                    "timeContext": {
-                                        "durationMs": 86400000
-                                    },
-                                    "criteriaData": [
-                                        {
-                                            "criteriaContext": {
-                                                "operator": "Default",
-                                                "resultValType": "expression",
-                                                "resultVal": "{Query20Stats:$.Total}"
-                                            }
-                                        }
-                                    ]
-                                },
-                                {
-                                    "id": "daf05c62-1d5b-4325-b241-d7ee468f23eb",
-                                    "version": "KqlParameterItem/1.0",
-                                    "name": "Tab3Percent",
-                                    "type": 1,
-                                    "isHiddenWhenLocked": true,
-                                    "timeContext": {
-                                        "durationMs": 86400000
-                                    },
-                                    "criteriaData": [
-                                        {
-                                            "criteriaContext": {
-                                                "operator": "Default",
-                                                "resultValType": "expression",
-                                                "resultVal": "round(100*{Tab3Success}/{Tab3Total})"
-                                            }
-                                        }
-                                    ]
-                                }
-                            ],
-                            "style": "pills",
-                            "queryType": 1,
-                            "resourceType": "microsoft.resourcegraph/resources"
-                        },
-                        "name": "TabInvisibleParameters"
-                    },
-                    {
-                        "type": 1,
-                        "content": {
-                            "json": "## PaaS"
-                        },
-                        "customWidth": "50",
-                        "name": "tab3title"
-                    },
-                    {
-                        "type": 3,
-                        "content": {
-                            "version": "KqlItem/1.0",
-                            "query": "{\"version\":\"1.0.0\",\"content\":\"{\\\"Column1\\\": \\\"{Tab3Percent}\\\", \\\"Column2\\\": \\\"Percent of successful checks\\\"}\",\"transformers\":null}",
-                            "size": 3,
-                            "queryType": 8,
-                            "visualization": "tiles",
-                            "tileSettings": {
-                                "titleContent": {
-                                    "columnMatch": "Column1",
-                                    "formatter": 4,
-                                    "formatOptions": {
-                                        "min": 0,
-                                        "max": 100,
-                                        "palette": "redGreen"
-                                    },
-                                    "numberFormat": {
-                                        "unit": 0,
-                                        "options": {
-                                            "style": "decimal"
+                                                    "text": "Success"
+                                                },
+                                                {
+                                                    "operator": "==",
+                                                    "thresholdValue": "0",
+                                                    "representation": "failed",
+                                                    "text": "Failed"
+                                                },
+                                                {
+                                                    "operator": "Default",
+                                                    "thresholdValue": null,
+                                                    "representation": "unknown",
+                                                    "text": "Unknown"
+                                                }
+                                            ]
                                         }
                                     }
-                                },
-                                "subtitleContent": {
-                                    "columnMatch": "Column2"
-                                },
-                                "showBorder": true
+                                ]
                             }
                         },
-                        "customWidth": "50",
-                        "name": "TabPercentTile"
+                        "name": "query22"
                     },
                     {
                         "type": 1,
                         "content": {
-                            "json": "Don't enable virtual network service endpoints by default on all subnets. Check [this link](https://learn.microsoft.com/azure/virtual-network/virtual-network-service-endpoints-overview) for further information.. [This training](https://learn.microsoft.com/learn/paths/implement-network-security/?source=learn) can help to educate yourself on this."
+                            "json": "Do not implement more than 900 NSG rules per NSG, due to the limit of 1000 rules. Check [this link](https://learn.microsoft.com/azure/azure-resource-manager/management/azure-subscription-service-limits) for further information.. [This training](https://learn.microsoft.com/azure/virtual-network/network-security-group-how-it-works) can help to educate yourself on this."
                         },
-                        "name": "querytext20"
+                        "name": "querytext23"
                     },
                     {
                         "type": 3,
                         "content": {
                             "version": "KqlItem/1.0",
-                            "query": "resources | where type =~ 'microsoft.network/virtualnetworks' | project id,resourceGroup,name,subnets = properties.subnets | mv-expand subnets | project id = subnets.id, resourceGroup, VNet = name, serviceEndpoints = subnets.properties.serviceEndpoints, compliant = (isnull(subnets.properties.serviceEndpoints) or array_length(subnets.properties.serviceEndpoints) == 0) | order by compliant asc | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
+                            "query": "resources | where type == 'microsoft.network/networksecuritygroups' | project id, rules = array_length(properties.securityRules) | project id, compliant = (rules < 900) | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
                             "size": 4,
                             "queryType": 1,
                             "resourceType": "microsoft.resourcegraph/resources",
@@ -2086,7 +2086,7 @@
                                 ]
                             }
                         },
-                        "name": "query20"
+                        "name": "query23"
                     }
                 ]
             },
@@ -2114,9 +2114,9 @@
                                 {
                                     "id": "daf05c62-1d5b-4325-b241-d7ee468f23eb",
                                     "version": "KqlParameterItem/1.0",
-                                    "name": "Query6Stats",
+                                    "name": "Query4Stats",
                                     "type": 1,
-                                    "query": "resources | where type=='microsoft.network/virtualnetworks' | project id,subnets=properties.subnets | mv-expand subnets | project id, subnetName = subnets.name, subnetPrefix = subnets.properties.addressPrefix | extend subnetPrefixLength = split(subnetPrefix, '/')[1] | where subnetName == 'AzureBastionSubnet' | extend compliant = (subnetPrefixLength <= 26) | distinct id, compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())",
+                                    "query": "resources | where type == 'microsoft.network/virtualnetworks' | extend addressSpace = todynamic(properties.addressSpace) | extend addressPrefix = todynamic(properties.addressSpace.addressPrefixes) | mvexpand addressSpace | mvexpand addressPrefix | project name, id, location, resourceGroup, subscriptionId, cidr = addressPrefix | extend compliant = (cidr matches regex @'^(10\\.|172\\.(1[6-9]|2[0-9]|3[01])\\.|192\\.168\\.)')  | project id, compliant, cidr| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())",
                                     "crossComponentResources": [
                                         "{Subscription}"
                                     ],
@@ -2130,9 +2130,37 @@
                                 {
                                     "id": "daf05c62-1d5b-4325-b241-d7ee468f23eb",
                                     "version": "KqlParameterItem/1.0",
-                                    "name": "Query6FullyCompliant",
+                                    "name": "Query4FullyCompliant",
                                     "type": 1,
-                                    "query": "{\"version\":\"1.0.0\",\"content\":\"{\\\"value\\\": \\\"{Query6Stats:$.FullyCompliant}\\\"}\",\"transformers\":null}",
+                                    "query": "{\"version\":\"1.0.0\",\"content\":\"{\\\"value\\\": \\\"{Query4Stats:$.FullyCompliant}\\\"}\",\"transformers\":null}",
+                                    "isHiddenWhenLocked": true,
+                                    "timeContext": {
+                                        "durationMs": 86400000
+                                    },
+                                    "queryType": 8
+                                },
+                                {
+                                    "id": "daf05c62-1d5b-4325-b241-d7ee468f23eb",
+                                    "version": "KqlParameterItem/1.0",
+                                    "name": "Query5Stats",
+                                    "type": 1,
+                                    "query": "resources | where type == 'microsoft.network/virtualnetworks' | extend addressSpace = todynamic(properties.addressSpace) | extend addressPrefix = todynamic(properties.addressSpace.addressPrefixes) | mvexpand addressSpace | mvexpand addressPrefix | extend addressMask = split(addressPrefix,'/')[1] | extend compliant = addressMask > 16 | project name, id, subscriptionId, resourceGroup, addressPrefix, compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())",
+                                    "crossComponentResources": [
+                                        "{Subscription}"
+                                    ],
+                                    "isHiddenWhenLocked": true,
+                                    "timeContext": {
+                                        "durationMs": 86400000
+                                    },
+                                    "queryType": 1,
+                                    "resourceType": "microsoft.resourcegraph/resources"
+                                },
+                                {
+                                    "id": "daf05c62-1d5b-4325-b241-d7ee468f23eb",
+                                    "version": "KqlParameterItem/1.0",
+                                    "name": "Query5FullyCompliant",
+                                    "type": 1,
+                                    "query": "{\"version\":\"1.0.0\",\"content\":\"{\\\"value\\\": \\\"{Query5Stats:$.FullyCompliant}\\\"}\",\"transformers\":null}",
                                     "isHiddenWhenLocked": true,
                                     "timeContext": {
                                         "durationMs": 86400000
@@ -2153,7 +2181,7 @@
                                             "criteriaContext": {
                                                 "operator": "Default",
                                                 "resultValType": "expression",
-                                                "resultVal": "{Query6Stats:$.Success}"
+                                                "resultVal": "{Query4Stats:$.Success}+{Query5Stats:$.Success}"
                                             }
                                         }
                                     ]
@@ -2172,7 +2200,7 @@
                                             "criteriaContext": {
                                                 "operator": "Default",
                                                 "resultValType": "expression",
-                                                "resultVal": "{Query6Stats:$.Total}"
+                                                "resultVal": "{Query4Stats:$.Total}+{Query5Stats:$.Total}"
                                             }
                                         }
                                     ]
@@ -2206,7 +2234,7 @@
                     {
                         "type": 1,
                         "content": {
-                            "json": "## Internet"
+                            "json": "## IP plan"
                         },
                         "customWidth": "50",
                         "name": "tab4title"
@@ -2247,15 +2275,15 @@
                     {
                         "type": 1,
                         "content": {
-                            "json": "Use Azure Bastion in a subnet /26 or larger. Check [this link](https://learn.microsoft.com/azure/bastion/bastion-faq#subnet) for further information.. [This training](https://learn.microsoft.com/training/modules/intro-to-azure-bastion/) can help to educate yourself on this."
+                            "json": "Use IP addresses from the address allocation ranges for private internets (RFC 1918). Check [this link](https://learn.microsoft.com/azure/cloud-adoption-framework/ready/azure-best-practices/plan-for-ip-addressing) for further information.. [This training](https://learn.microsoft.com/learn/paths/architect-network-infrastructure/) can help to educate yourself on this."
                         },
-                        "name": "querytext6"
+                        "name": "querytext4"
                     },
                     {
                         "type": 3,
                         "content": {
                             "version": "KqlItem/1.0",
-                            "query": "resources | where type=='microsoft.network/virtualnetworks' | project id,subnets=properties.subnets | mv-expand subnets | project id, subnetName = subnets.name, subnetPrefix = subnets.properties.addressPrefix | extend subnetPrefixLength = split(subnetPrefix, '/')[1] | where subnetName == 'AzureBastionSubnet' | extend compliant = (subnetPrefixLength <= 26) | distinct id, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
+                            "query": "resources | where type == 'microsoft.network/virtualnetworks' | extend addressSpace = todynamic(properties.addressSpace) | extend addressPrefix = todynamic(properties.addressSpace.addressPrefixes) | mvexpand addressSpace | mvexpand addressPrefix | project name, id, location, resourceGroup, subscriptionId, cidr = addressPrefix | extend compliant = (cidr matches regex @'^(10\\.|172\\.(1[6-9]|2[0-9]|3[01])\\.|192\\.168\\.)')  | project id, compliant, cidr | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
                             "size": 4,
                             "queryType": 1,
                             "resourceType": "microsoft.resourcegraph/resources",
@@ -2304,7 +2332,69 @@
                                 ]
                             }
                         },
-                        "name": "query6"
+                        "name": "query4"
+                    },
+                    {
+                        "type": 1,
+                        "content": {
+                            "json": "Ensure that IP address space isn't wasted, don't create unnecessarily large virtual networks (for example /16). Check [this link](https://learn.microsoft.com/azure/cloud-adoption-framework/ready/azure-best-practices/plan-for-ip-addressing) for further information.. [This training](https://learn.microsoft.com/learn/paths/architect-network-infrastructure/) can help to educate yourself on this."
+                        },
+                        "name": "querytext5"
+                    },
+                    {
+                        "type": 3,
+                        "content": {
+                            "version": "KqlItem/1.0",
+                            "query": "resources | where type == 'microsoft.network/virtualnetworks' | extend addressSpace = todynamic(properties.addressSpace) | extend addressPrefix = todynamic(properties.addressSpace.addressPrefixes) | mvexpand addressSpace | mvexpand addressPrefix | extend addressMask = split(addressPrefix,'/')[1] | extend compliant = addressMask > 16 | project name, id, subscriptionId, resourceGroup, addressPrefix, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
+                            "size": 4,
+                            "queryType": 1,
+                            "resourceType": "microsoft.resourcegraph/resources",
+                            "crossComponentResources": [
+                                "{Subscription}"
+                            ],
+                            "gridSettings": {
+                                "formatters": [
+                                    {
+                                        "columnMatch": "id",
+                                        "formatter": 0,
+                                        "numberFormat": {
+                                            "unit": 0,
+                                            "options": {
+                                                "style": "decimal"
+                                            }
+                                        }
+                                    },
+                                    {
+                                        "columnMatch": "compliant",
+                                        "formatter": 18,
+                                        "formatOptions": {
+                                            "thresholdsOptions": "icons",
+                                            "thresholdsGrid": [
+                                                {
+                                                    "operator": "==",
+                                                    "thresholdValue": "1",
+                                                    "representation": "success",
+                                                    "text": "Success"
+                                                },
+                                                {
+                                                    "operator": "==",
+                                                    "thresholdValue": "0",
+                                                    "representation": "failed",
+                                                    "text": "Failed"
+                                                },
+                                                {
+                                                    "operator": "Default",
+                                                    "thresholdValue": null,
+                                                    "representation": "unknown",
+                                                    "text": "Unknown"
+                                                }
+                                            ]
+                                        }
+                                    }
+                                ]
+                            }
+                        },
+                        "name": "query5"
                     }
                 ]
             },
@@ -2332,37 +2422,9 @@
                                 {
                                     "id": "daf05c62-1d5b-4325-b241-d7ee468f23eb",
                                     "version": "KqlParameterItem/1.0",
-                                    "name": "Query4Stats",
-                                    "type": 1,
-                                    "query": "resources | where type == 'microsoft.network/virtualnetworks' | extend addressSpace = todynamic(properties.addressSpace) | extend addressPrefix = todynamic(properties.addressSpace.addressPrefixes) | mvexpand addressSpace | mvexpand addressPrefix | project name, id, location, resourceGroup, subscriptionId, cidr = addressPrefix | extend compliant = (cidr matches regex @'^(10\\.|172\\.(1[6-9]|2[0-9]|3[01])\\.|192\\.168\\.)')  | project id, compliant, cidr| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())",
-                                    "crossComponentResources": [
-                                        "{Subscription}"
-                                    ],
-                                    "isHiddenWhenLocked": true,
-                                    "timeContext": {
-                                        "durationMs": 86400000
-                                    },
-                                    "queryType": 1,
-                                    "resourceType": "microsoft.resourcegraph/resources"
-                                },
-                                {
-                                    "id": "daf05c62-1d5b-4325-b241-d7ee468f23eb",
-                                    "version": "KqlParameterItem/1.0",
-                                    "name": "Query4FullyCompliant",
-                                    "type": 1,
-                                    "query": "{\"version\":\"1.0.0\",\"content\":\"{\\\"value\\\": \\\"{Query4Stats:$.FullyCompliant}\\\"}\",\"transformers\":null}",
-                                    "isHiddenWhenLocked": true,
-                                    "timeContext": {
-                                        "durationMs": 86400000
-                                    },
-                                    "queryType": 8
-                                },
-                                {
-                                    "id": "daf05c62-1d5b-4325-b241-d7ee468f23eb",
-                                    "version": "KqlParameterItem/1.0",
-                                    "name": "Query5Stats",
+                                    "name": "Query20Stats",
                                     "type": 1,
-                                    "query": "resources | where type == 'microsoft.network/virtualnetworks' | extend addressSpace = todynamic(properties.addressSpace) | extend addressPrefix = todynamic(properties.addressSpace.addressPrefixes) | mvexpand addressSpace | mvexpand addressPrefix | extend addressMask = split(addressPrefix,'/')[1] | extend compliant = addressMask > 16 | project name, id, subscriptionId, resourceGroup, addressPrefix, compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())",
+                                    "query": "resources | where type =~ 'microsoft.network/virtualnetworks' | project id,resourceGroup,name,subnets = properties.subnets | mv-expand subnets | project id = subnets.id, resourceGroup, VNet = name, serviceEndpoints = subnets.properties.serviceEndpoints, compliant = (isnull(subnets.properties.serviceEndpoints) or array_length(subnets.properties.serviceEndpoints) == 0) | order by compliant asc| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())",
                                     "crossComponentResources": [
                                         "{Subscription}"
                                     ],
@@ -2376,9 +2438,9 @@
                                 {
                                     "id": "daf05c62-1d5b-4325-b241-d7ee468f23eb",
                                     "version": "KqlParameterItem/1.0",
-                                    "name": "Query5FullyCompliant",
+                                    "name": "Query20FullyCompliant",
                                     "type": 1,
-                                    "query": "{\"version\":\"1.0.0\",\"content\":\"{\\\"value\\\": \\\"{Query5Stats:$.FullyCompliant}\\\"}\",\"transformers\":null}",
+                                    "query": "{\"version\":\"1.0.0\",\"content\":\"{\\\"value\\\": \\\"{Query20Stats:$.FullyCompliant}\\\"}\",\"transformers\":null}",
                                     "isHiddenWhenLocked": true,
                                     "timeContext": {
                                         "durationMs": 86400000
@@ -2399,7 +2461,7 @@
                                             "criteriaContext": {
                                                 "operator": "Default",
                                                 "resultValType": "expression",
-                                                "resultVal": "{Query4Stats:$.Success}+{Query5Stats:$.Success}"
+                                                "resultVal": "{Query20Stats:$.Success}"
                                             }
                                         }
                                     ]
@@ -2418,7 +2480,7 @@
                                             "criteriaContext": {
                                                 "operator": "Default",
                                                 "resultValType": "expression",
-                                                "resultVal": "{Query4Stats:$.Total}+{Query5Stats:$.Total}"
+                                                "resultVal": "{Query20Stats:$.Total}"
                                             }
                                         }
                                     ]
@@ -2452,7 +2514,7 @@
                     {
                         "type": 1,
                         "content": {
-                            "json": "## IP plan"
+                            "json": "## PaaS"
                         },
                         "customWidth": "50",
                         "name": "tab5title"
@@ -2493,77 +2555,15 @@
                     {
                         "type": 1,
                         "content": {
-                            "json": "Use IP addresses from the address allocation ranges for private internets (RFC 1918). Check [this link](https://learn.microsoft.com/azure/cloud-adoption-framework/ready/azure-best-practices/plan-for-ip-addressing) for further information.. [This training](https://learn.microsoft.com/learn/paths/architect-network-infrastructure/) can help to educate yourself on this."
-                        },
-                        "name": "querytext4"
-                    },
-                    {
-                        "type": 3,
-                        "content": {
-                            "version": "KqlItem/1.0",
-                            "query": "resources | where type == 'microsoft.network/virtualnetworks' | extend addressSpace = todynamic(properties.addressSpace) | extend addressPrefix = todynamic(properties.addressSpace.addressPrefixes) | mvexpand addressSpace | mvexpand addressPrefix | project name, id, location, resourceGroup, subscriptionId, cidr = addressPrefix | extend compliant = (cidr matches regex @'^(10\\.|172\\.(1[6-9]|2[0-9]|3[01])\\.|192\\.168\\.)')  | project id, compliant, cidr | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
-                            "size": 4,
-                            "queryType": 1,
-                            "resourceType": "microsoft.resourcegraph/resources",
-                            "crossComponentResources": [
-                                "{Subscription}"
-                            ],
-                            "gridSettings": {
-                                "formatters": [
-                                    {
-                                        "columnMatch": "id",
-                                        "formatter": 0,
-                                        "numberFormat": {
-                                            "unit": 0,
-                                            "options": {
-                                                "style": "decimal"
-                                            }
-                                        }
-                                    },
-                                    {
-                                        "columnMatch": "compliant",
-                                        "formatter": 18,
-                                        "formatOptions": {
-                                            "thresholdsOptions": "icons",
-                                            "thresholdsGrid": [
-                                                {
-                                                    "operator": "==",
-                                                    "thresholdValue": "1",
-                                                    "representation": "success",
-                                                    "text": "Success"
-                                                },
-                                                {
-                                                    "operator": "==",
-                                                    "thresholdValue": "0",
-                                                    "representation": "failed",
-                                                    "text": "Failed"
-                                                },
-                                                {
-                                                    "operator": "Default",
-                                                    "thresholdValue": null,
-                                                    "representation": "unknown",
-                                                    "text": "Unknown"
-                                                }
-                                            ]
-                                        }
-                                    }
-                                ]
-                            }
-                        },
-                        "name": "query4"
-                    },
-                    {
-                        "type": 1,
-                        "content": {
-                            "json": "Ensure that IP address space isn't wasted, don't create unnecessarily large virtual networks (for example /16). Check [this link](https://learn.microsoft.com/azure/cloud-adoption-framework/ready/azure-best-practices/plan-for-ip-addressing) for further information.. [This training](https://learn.microsoft.com/learn/paths/architect-network-infrastructure/) can help to educate yourself on this."
+                            "json": "Don't enable virtual network service endpoints by default on all subnets. Check [this link](https://learn.microsoft.com/azure/virtual-network/virtual-network-service-endpoints-overview) for further information.. [This training](https://learn.microsoft.com/learn/paths/implement-network-security/?source=learn) can help to educate yourself on this."
                         },
-                        "name": "querytext5"
+                        "name": "querytext20"
                     },
                     {
                         "type": 3,
                         "content": {
                             "version": "KqlItem/1.0",
-                            "query": "resources | where type == 'microsoft.network/virtualnetworks' | extend addressSpace = todynamic(properties.addressSpace) | extend addressPrefix = todynamic(properties.addressSpace.addressPrefixes) | mvexpand addressSpace | mvexpand addressPrefix | extend addressMask = split(addressPrefix,'/')[1] | extend compliant = addressMask > 16 | project name, id, subscriptionId, resourceGroup, addressPrefix, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
+                            "query": "resources | where type =~ 'microsoft.network/virtualnetworks' | project id,resourceGroup,name,subnets = properties.subnets | mv-expand subnets | project id = subnets.id, resourceGroup, VNet = name, serviceEndpoints = subnets.properties.serviceEndpoints, compliant = (isnull(subnets.properties.serviceEndpoints) or array_length(subnets.properties.serviceEndpoints) == 0) | order by compliant asc | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
                             "size": 4,
                             "queryType": 1,
                             "resourceType": "microsoft.resourcegraph/resources",
@@ -2612,7 +2612,7 @@
                                 ]
                             }
                         },
-                        "name": "query5"
+                        "name": "query20"
                     }
                 ]
             },
diff --git a/workbooks/alz_checklist.en_network_tabcounters_template.json b/workbooks/alz_checklist.en_network_tabcounters_template.json
index 41d1031a3..23ecd226b 100644
--- a/workbooks/alz_checklist.en_network_tabcounters_template.json
+++ b/workbooks/alz_checklist.en_network_tabcounters_template.json
@@ -41,7 +41,7 @@
             "dependsOn": [],
             "properties": {
                 "displayName": "[parameters('workbookDisplayName')]",
-                "serializedData": "{\n    \"version\": \"Notebook/1.0\",\n    \"items\": [\n        {\n            \"type\": 9,\n            \"content\": {\n                \"version\": \"KqlParameterItem/1.0\",\n                \"parameters\": [\n                    {\n                        \"id\": \"497a107e-dde8-433e-b263-35ac8e8f7834\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Subscription\",\n                        \"type\": 6,\n                        \"multiSelect\": true,\n                        \"quote\": \"'\",\n                        \"delimiter\": \",\",\n                        \"typeSettings\": {\n                            \"additionalResourceOptions\": [\n                                \"value::all\"\n                            ],\n                            \"includeAll\": true,\n                            \"showDefault\": false\n                        },\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"value\": [\n                            \"value::all\"\n                        ]\n                    },\n                    {\n                        \"id\": \"844e4f4e-df51-4e3c-8eaf-0dc78b92c721\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"OnlyFailed\",\n                        \"label\": \"Only show failed\",\n                        \"type\": 2,\n                        \"typeSettings\": {\n                            \"additionalResourceOptions\": [],\n                            \"showDefault\": false\n                        },\n                        \"jsonData\": \"[\\r\\n    { \\\"value\\\":true, \\\"label\\\":\\\"True\\\" },\\r\\n    { \\\"value\\\":false, \\\"label\\\":\\\"False\\\", \\\"selected\\\":true }\\r\\n]\"\n                    }\n                ],\n                \"style\": \"pills\",\n                \"queryType\": 0,\n                \"resourceType\": \"microsoft.operationalinsights/workspaces\"\n            },\n            \"name\": \"WorkbookSelectors\"\n        },\n        {\n            \"type\": 1,\n            \"content\": {\n                \"json\": \"If you set \\\"Only show failed\\\" to \\\"Yes\\\", the different queries will only show items that have failed their compliance checks.\",\n                \"style\": \"info\"\n            },\n            \"name\": \"InfoBox\"\n        },\n        {\n            \"type\": 1,\n            \"content\": {\n                \"json\": \"## Azure Landing Zone Review - Network\\n\\n---\\n\\nThis workbook has been automatically generated out of the checklists in the [Azure Review Checklists repo](https://github.com/Azure/review-checklists). This repo contains best practices and recommendations around generic Landing Zones as well as specific services such as Azure Virtual Desktop, Azure Kubernetes Service or Azure VMware Solution, to name a few. This repository of best practices is curated by Azure engineers, but open to anybody to contribute.\\n\\nIf you see a problem in the queries that are part of this workbook, please open a Github issue [here](https://github.com/Azure/review-checklists/issues/new).\"\n            },\n            \"customWidth\": \"100\",\n            \"name\": \"MarkdownHeader\"\n        },\n        {\n            \"type\": 11,\n            \"content\": {\n                \"version\": \"LinkItem/1.0\",\n                \"style\": \"tabs\",\n                \"links\": [\n                    {\n                        \"id\": \"74934320-3f24-4d5f-a3b5-e4ccc28a5589\",\n                        \"cellValue\": \"VisibleTab\",\n                        \"linkTarget\": \"parameter\",\n                        \"linkLabel\": \"Hybrid\",\n                        \"subTarget\": \"tab0\",\n                        \"preText\": \"Hybrid\",\n                        \"style\": \"primary\"\n                    },\n                    {\n                        \"id\": \"f950c545-1bf2-4030-93fd-450e70eefe9f\",\n                        \"cellValue\": \"VisibleTab\",\n                        \"linkTarget\": \"parameter\",\n                        \"linkLabel\": \"Segmentation\",\n                        \"subTarget\": \"tab1\",\n                        \"preText\": \"Segmentation\",\n                        \"style\": \"primary\"\n                    },\n                    {\n                        \"id\": \"b43b6321-96e6-4cf3-96e8-c946a60a91be\",\n                        \"cellValue\": \"VisibleTab\",\n                        \"linkTarget\": \"parameter\",\n                        \"linkLabel\": \"Hub and spoke\",\n                        \"subTarget\": \"tab2\",\n                        \"preText\": \"Hub and spoke\",\n                        \"style\": \"primary\"\n                    },\n                    {\n                        \"id\": \"0956f5cd-b019-44e8-a378-949a34e46a74\",\n                        \"cellValue\": \"VisibleTab\",\n                        \"linkTarget\": \"parameter\",\n                        \"linkLabel\": \"PaaS\",\n                        \"subTarget\": \"tab3\",\n                        \"preText\": \"PaaS\",\n                        \"style\": \"primary\"\n                    },\n                    {\n                        \"id\": \"dfddbd45-b72f-4a39-a3e4-0d40c2dd117b\",\n                        \"cellValue\": \"VisibleTab\",\n                        \"linkTarget\": \"parameter\",\n                        \"linkLabel\": \"Internet\",\n                        \"subTarget\": \"tab4\",\n                        \"preText\": \"Internet\",\n                        \"style\": \"primary\"\n                    },\n                    {\n                        \"id\": \"d26b78ff-ce18-4c36-827b-359bf66398dc\",\n                        \"cellValue\": \"VisibleTab\",\n                        \"linkTarget\": \"parameter\",\n                        \"linkLabel\": \"IP plan\",\n                        \"subTarget\": \"tab5\",\n                        \"preText\": \"IP plan\",\n                        \"style\": \"primary\"\n                    },\n                    {\n                        \"id\": \"2895a29d-2021-43eb-ae14-d15c1d1bbf98\",\n                        \"cellValue\": \"VisibleTab\",\n                        \"linkTarget\": \"parameter\",\n                        \"linkLabel\": \"Virtual WAN\",\n                        \"subTarget\": \"tab6\",\n                        \"preText\": \"Virtual WAN\",\n                        \"style\": \"primary\"\n                    },\n                    {\n                        \"id\": \"fff72e18-03b6-4031-9e3b-603d049b452a\",\n                        \"cellValue\": \"VisibleTab\",\n                        \"linkTarget\": \"parameter\",\n                        \"linkLabel\": \"Firewall\",\n                        \"subTarget\": \"tab7\",\n                        \"preText\": \"Firewall\",\n                        \"style\": \"primary\"\n                    }\n                ]\n            },\n            \"name\": \"Tabs\"\n        },\n        {\n            \"type\": 12,\n            \"content\": {\n                \"version\": \"NotebookGroup/1.0\",\n                \"groupType\": \"editable\",\n                \"items\": [\n                    {\n                        \"type\": 9,\n                        \"content\": {\n                            \"version\": \"KqlParameterItem/1.0\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"parameters\": [\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query7Stats\",\n                                    \"type\": 1,\n                                    \"query\": \"resources| where type == 'microsoft.network/virtualnetworkgateways'| where properties.gatewayType =~ 'vpn' or properties.gatewayType == 'ExpressRoute'| extend SKUName = properties.sku.name, SKUTier = properties.sku.tier, Type = properties.gatewayType| extend compliant = SKUTier !in ('Basic', 'Standard')| project name, id, subscriptionId, resourceGroup, compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                                    \"crossComponentResources\": [\n                                        \"{Subscription}\"\n                                    ],\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 1,\n                                    \"resourceType\": \"microsoft.resourcegraph/resources\"\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query7FullyCompliant\",\n                                    \"type\": 1,\n                                    \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query7Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 8\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query8Stats\",\n                                    \"type\": 1,\n                                    \"query\": \"resources | where type=='microsoft.network/expressroutecircuits' | extend compliant = (tolower(sku.family) == 'metereddata' or tolower(sku.tier) == 'local') | distinct id,compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                                    \"crossComponentResources\": [\n                                        \"{Subscription}\"\n                                    ],\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 1,\n                                    \"resourceType\": \"microsoft.resourcegraph/resources\"\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query8FullyCompliant\",\n                                    \"type\": 1,\n                                    \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query8Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 8\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query9Stats\",\n                                    \"type\": 1,\n                                    \"query\": \"resources | where type=='microsoft.network/connections' | where properties.connectionType == 'ExpressRoute' | project id, gwid=tostring(properties.virtualNetworkGateway1.id), circuitid=tostring(properties.peer.id) | join (resources | where type=='microsoft.network/expressroutecircuits' | project circuitid=tostring(id), circuitsku=sku.tier) on circuitid | project id=gwid, compliant = (circuitsku == 'Local') | summarize compliant=max(compliant) by id| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                                    \"crossComponentResources\": [\n                                        \"{Subscription}\"\n                                    ],\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 1,\n                                    \"resourceType\": \"microsoft.resourcegraph/resources\"\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query9FullyCompliant\",\n                                    \"type\": 1,\n                                    \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query9Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 8\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query10Stats\",\n                                    \"type\": 1,\n                                    \"query\": \"resources| where type == 'microsoft.network/virtualnetworkgateways'| where properties.gatewayType =~ 'vpn' or properties.gatewayType == 'ExpressRoute'| extend SKUName = properties.sku.name, SKUTier = properties.sku.tier, Type = properties.gatewayType| extend compliant = SKUTier contains 'AZ'| project name, id, subscriptionId, resourceGroup, Type, compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                                    \"crossComponentResources\": [\n                                        \"{Subscription}\"\n                                    ],\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 1,\n                                    \"resourceType\": \"microsoft.resourcegraph/resources\"\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query10FullyCompliant\",\n                                    \"type\": 1,\n                                    \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query10Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 8\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query11Stats\",\n                                    \"type\": 1,\n                                    \"query\": \"resources | where type=='microsoft.network/virtualnetworkgateways' | where properties.gatewayType == 'Vpn' | extend compliant = (tolower(properties.sku.name) contains 'az') | distinct id, compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                                    \"crossComponentResources\": [\n                                        \"{Subscription}\"\n                                    ],\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 1,\n                                    \"resourceType\": \"microsoft.resourcegraph/resources\"\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query11FullyCompliant\",\n                                    \"type\": 1,\n                                    \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query11Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 8\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query12Stats\",\n                                    \"type\": 1,\n                                    \"query\": \"resources | where type=='microsoft.network/connections' | where properties.connectionType == 'ExpressRoute' | project cxId=id, gwId=tostring(properties.virtualNetworkGateway1.id), circuitId=tostring(properties.peer.id) | join (resources | where type=='microsoft.network/expressroutecircuits' | project circuitId=tostring(id), circuitLocation=tostring(properties.serviceProviderProperties.peeringLocation)) on circuitId | distinct gwId, circuitLocation | summarize countErLocations=count() by id=gwId | extend compliant = (countErLocations >= 2)| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                                    \"crossComponentResources\": [\n                                        \"{Subscription}\"\n                                    ],\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 1,\n                                    \"resourceType\": \"microsoft.resourcegraph/resources\"\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query12FullyCompliant\",\n                                    \"type\": 1,\n                                    \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query12Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 8\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query13Stats\",\n                                    \"type\": 1,\n                                    \"query\": \"resources | where type=='microsoft.network/virtualnetworks' | project id,resourceGroup,name,subnets=properties.subnets | mv-expand subnets | project id,resourceGroup,name,subnetName=tostring(subnets.name),routeTableId=tostring(subnets.properties.routeTable.id) | where subnetName == 'GatewaySubnet' | join kind=leftouter (Resources | where type == 'microsoft.network/routetables' | project routeTableName=name,routeTableId=id, disableBgpRoutePropagation=properties.disableBgpRoutePropagation) on routeTableId | project id,compliant = (disableBgpRoutePropagation == False or isnull(disableBgpRoutePropagation))| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                                    \"crossComponentResources\": [\n                                        \"{Subscription}\"\n                                    ],\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 1,\n                                    \"resourceType\": \"microsoft.resourcegraph/resources\"\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query13FullyCompliant\",\n                                    \"type\": 1,\n                                    \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query13Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 8\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Tab0Success\",\n                                    \"type\": 1,\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"criteriaData\": [\n                                        {\n                                            \"criteriaContext\": {\n                                                \"operator\": \"Default\",\n                                                \"resultValType\": \"expression\",\n                                                \"resultVal\": \"{Query7Stats:$.Success}+{Query8Stats:$.Success}+{Query9Stats:$.Success}+{Query10Stats:$.Success}+{Query11Stats:$.Success}+{Query12Stats:$.Success}+{Query13Stats:$.Success}\"\n                                            }\n                                        }\n                                    ]\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Tab0Total\",\n                                    \"type\": 1,\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"criteriaData\": [\n                                        {\n                                            \"criteriaContext\": {\n                                                \"operator\": \"Default\",\n                                                \"resultValType\": \"expression\",\n                                                \"resultVal\": \"{Query7Stats:$.Total}+{Query8Stats:$.Total}+{Query9Stats:$.Total}+{Query10Stats:$.Total}+{Query11Stats:$.Total}+{Query12Stats:$.Total}+{Query13Stats:$.Total}\"\n                                            }\n                                        }\n                                    ]\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Tab0Percent\",\n                                    \"type\": 1,\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"criteriaData\": [\n                                        {\n                                            \"criteriaContext\": {\n                                                \"operator\": \"Default\",\n                                                \"resultValType\": \"expression\",\n                                                \"resultVal\": \"round(100*{Tab0Success}/{Tab0Total})\"\n                                            }\n                                        }\n                                    ]\n                                }\n                            ],\n                            \"style\": \"pills\",\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\"\n                        },\n                        \"name\": \"TabInvisibleParameters\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"## Hybrid\"\n                        },\n                        \"customWidth\": \"50\",\n                        \"name\": \"tab0title\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"Column1\\\\\\\": \\\\\\\"{Tab0Percent}\\\\\\\", \\\\\\\"Column2\\\\\\\": \\\\\\\"Percent of successful checks\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                            \"size\": 3,\n                            \"queryType\": 8,\n                            \"visualization\": \"tiles\",\n                            \"tileSettings\": {\n                                \"titleContent\": {\n                                    \"columnMatch\": \"Column1\",\n                                    \"formatter\": 4,\n                                    \"formatOptions\": {\n                                        \"min\": 0,\n                                        \"max\": 100,\n                                        \"palette\": \"redGreen\"\n                                    },\n                                    \"numberFormat\": {\n                                        \"unit\": 0,\n                                        \"options\": {\n                                            \"style\": \"decimal\"\n                                        }\n                                    }\n                                },\n                                \"subtitleContent\": {\n                                    \"columnMatch\": \"Column2\"\n                                },\n                                \"showBorder\": true\n                            }\n                        },\n                        \"customWidth\": \"50\",\n                        \"name\": \"TabPercentTile\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Select the right SKU for the ExpressRoute/VPN gateways based on bandwidth and performance requirements. Check [this link](https://learn.microsoft.com/azure/expressroute/expressroute-about-virtual-network-gateways?source=recommendations#gwsku) for further information.. [This training](https://learn.microsoft.com/learn/modules/design-implement-azure-expressroute/) can help to educate yourself on this.\"\n                        },\n                        \"name\": \"querytext7\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources| where type == 'microsoft.network/virtualnetworkgateways'| where properties.gatewayType =~ 'vpn' or properties.gatewayType == 'ExpressRoute'| extend SKUName = properties.sku.name, SKUTier = properties.sku.tier, Type = properties.gatewayType| extend compliant = SKUTier !in ('Basic', 'Standard')| project name, id, subscriptionId, resourceGroup, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query7\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Ensure that you're using unlimited-data ExpressRoute circuits only if you reach the bandwidth that justifies their cost. Check [this link](https://learn.microsoft.com/azure/expressroute/plan-manage-cost) for further information.. [This training](https://learn.microsoft.com/training/modules/design-implement-azure-expressroute/) can help to educate yourself on this.\"\n                        },\n                        \"name\": \"querytext8\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/expressroutecircuits' | extend compliant = (tolower(sku.family) == 'metereddata' or tolower(sku.tier) == 'local') | distinct id,compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query8\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Leverage the Local SKU of ExpressRoute to reduce the cost of your circuits, if your circuit peering location supports your Azure regions for the Local SKU. Check [this link](https://learn.microsoft.com/azure/expressroute/expressroute-faqs#expressroute-local) for further information.. [This training](https://learn.microsoft.com/training/modules/design-implement-azure-expressroute/) can help to educate yourself on this.\"\n                        },\n                        \"name\": \"querytext9\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/connections' | where properties.connectionType == 'ExpressRoute' | project id, gwid=tostring(properties.virtualNetworkGateway1.id), circuitid=tostring(properties.peer.id) | join (resources | where type=='microsoft.network/expressroutecircuits' | project circuitid=tostring(id), circuitsku=sku.tier) on circuitid | project id=gwid, compliant = (circuitsku == 'Local') | summarize compliant=max(compliant) by id | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query9\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Deploy a zone-redundant ExpressRoute gateway in the supported Azure regions. Check [this link](https://learn.microsoft.com/azure/expressroute/expressroute-about-virtual-network-gateways) for further information.. [This training](https://learn.microsoft.com/learn/modules/design-implement-azure-expressroute/) can help to educate yourself on this.\"\n                        },\n                        \"name\": \"querytext10\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources| where type == 'microsoft.network/virtualnetworkgateways'| where properties.gatewayType =~ 'vpn' or properties.gatewayType == 'ExpressRoute'| extend SKUName = properties.sku.name, SKUTier = properties.sku.tier, Type = properties.gatewayType| extend compliant = SKUTier contains 'AZ'| project name, id, subscriptionId, resourceGroup, Type, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query10\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Use zone-redundant VPN gateways to connect branches or remote locations to Azure (where available). Check [this link](https://learn.microsoft.com/azure/vpn-gateway/create-zone-redundant-vnet-gateway) for further information.. [This training](https://learn.microsoft.com/training/modules/intro-to-azure-vpn-gateway/) can help to educate yourself on this.\"\n                        },\n                        \"name\": \"querytext11\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/virtualnetworkgateways' | where properties.gatewayType == 'Vpn' | extend compliant = (tolower(properties.sku.name) contains 'az') | distinct id, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query11\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Use ExpressRoute circuits from different peering locations for redundancy. Check [this link](https://learn.microsoft.com/azure/expressroute/designing-for-disaster-recovery-with-expressroute-privatepeering#need-for-redundant-connectivity-solution) for further information.. [This training](https://learn.microsoft.com/learn/modules/design-implement-azure-expressroute/) can help to educate yourself on this.\"\n                        },\n                        \"name\": \"querytext12\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/connections' | where properties.connectionType == 'ExpressRoute' | project cxId=id, gwId=tostring(properties.virtualNetworkGateway1.id), circuitId=tostring(properties.peer.id) | join (resources | where type=='microsoft.network/expressroutecircuits' | project circuitId=tostring(id), circuitLocation=tostring(properties.serviceProviderProperties.peeringLocation)) on circuitId | distinct gwId, circuitLocation | summarize countErLocations=count() by id=gwId | extend compliant = (countErLocations >= 2) | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query12\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"If you are using a route table in the GatewaySubnet, make sure that gateway routes are propagated. Check [this link](https://learn.microsoft.com/azure/vpn-gateway/vpn-gateway-about-vpn-gateway-settings#gwsub) for further information.\"\n                        },\n                        \"name\": \"querytext13\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/virtualnetworks' | project id,resourceGroup,name,subnets=properties.subnets | mv-expand subnets | project id,resourceGroup,name,subnetName=tostring(subnets.name),routeTableId=tostring(subnets.properties.routeTable.id) | where subnetName == 'GatewaySubnet' | join kind=leftouter (Resources | where type == 'microsoft.network/routetables' | project routeTableName=name,routeTableId=id, disableBgpRoutePropagation=properties.disableBgpRoutePropagation) on routeTableId | project id,compliant = (disableBgpRoutePropagation == False or isnull(disableBgpRoutePropagation)) | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query13\"\n                    }\n                ]\n            },\n            \"conditionalVisibility\": {\n                \"parameterName\": \"VisibleTab\",\n                \"comparison\": \"isEqualTo\",\n                \"value\": \"tab0\"\n            },\n            \"name\": \"tab0\"\n        },\n        {\n            \"type\": 12,\n            \"content\": {\n                \"version\": \"NotebookGroup/1.0\",\n                \"groupType\": \"editable\",\n                \"items\": [\n                    {\n                        \"type\": 9,\n                        \"content\": {\n                            \"version\": \"KqlParameterItem/1.0\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"parameters\": [\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query19Stats\",\n                                    \"type\": 1,\n                                    \"query\": \"resources | where type=='microsoft.network/virtualnetworks' | project id,subnets=properties.subnets | mv-expand subnets | project id, subnetName = subnets.name, subnetPrefix = subnets.properties.addressPrefix | extend subnetPrefixLength = split(subnetPrefix, '/')[1] | where subnetName == 'AzureFirewallSubnet' | extend compliant = (subnetPrefixLength == 26) | distinct id, compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                                    \"crossComponentResources\": [\n                                        \"{Subscription}\"\n                                    ],\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 1,\n                                    \"resourceType\": \"microsoft.resourcegraph/resources\"\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query19FullyCompliant\",\n                                    \"type\": 1,\n                                    \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query19Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 8\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query21Stats\",\n                                    \"type\": 1,\n                                    \"query\": \"resources | where type=='microsoft.network/virtualnetworks' | project id,subnets=properties.subnets | mv-expand subnets | project id, subnetName = subnets.name, subnetPrefix = subnets.properties.addressPrefix | extend subnetPrefixLength = split(subnetPrefix, '/')[1] | where subnetName == 'GatewaySubnet' | extend compliant = (subnetPrefixLength <= 27) | distinct id, compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                                    \"crossComponentResources\": [\n                                        \"{Subscription}\"\n                                    ],\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 1,\n                                    \"resourceType\": \"microsoft.resourcegraph/resources\"\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query21FullyCompliant\",\n                                    \"type\": 1,\n                                    \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query21Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 8\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query22Stats\",\n                                    \"type\": 1,\n                                    \"query\": \"resources | where type=='microsoft.network/networksecuritygroups' | mvexpand properties.securityRules | project id,name,ruleAction=properties_securityRules.properties.access,rulePriority=properties_securityRules.properties.priority,ruleDst=properties_securityRules.properties.destinationAddressPrefix,ruleSrc=properties_securityRules.properties.sourceAddressPrefix,ruleProt=properties_securityRules.properties.protocol,ruleDirection=properties_securityRules.properties.direction,rulePort=properties_securityRules.properties.destinationPortRange | summarize StarDenies=countif(ruleAction=='Deny' and ruleDst=='*' and ruleSrc=='*' and ruleProt=='*' and rulePort=='*') by id,tostring(ruleDirection) | where ruleDirection == 'Inbound' | project id,compliant=(StarDenies>0) | union (resources | where type=='microsoft.network/networksecuritygroups' | where array_length(properties.securityRules)==0 | extend compliant=false | project id,compliant)| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                                    \"crossComponentResources\": [\n                                        \"{Subscription}\"\n                                    ],\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 1,\n                                    \"resourceType\": \"microsoft.resourcegraph/resources\"\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query22FullyCompliant\",\n                                    \"type\": 1,\n                                    \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query22Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 8\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query23Stats\",\n                                    \"type\": 1,\n                                    \"query\": \"resources | where type == 'microsoft.network/networksecuritygroups' | project id, rules = array_length(properties.securityRules) | project id, compliant = (rules < 900)| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                                    \"crossComponentResources\": [\n                                        \"{Subscription}\"\n                                    ],\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 1,\n                                    \"resourceType\": \"microsoft.resourcegraph/resources\"\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query23FullyCompliant\",\n                                    \"type\": 1,\n                                    \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query23Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 8\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Tab1Success\",\n                                    \"type\": 1,\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"criteriaData\": [\n                                        {\n                                            \"criteriaContext\": {\n                                                \"operator\": \"Default\",\n                                                \"resultValType\": \"expression\",\n                                                \"resultVal\": \"{Query19Stats:$.Success}+{Query21Stats:$.Success}+{Query22Stats:$.Success}+{Query23Stats:$.Success}\"\n                                            }\n                                        }\n                                    ]\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Tab1Total\",\n                                    \"type\": 1,\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"criteriaData\": [\n                                        {\n                                            \"criteriaContext\": {\n                                                \"operator\": \"Default\",\n                                                \"resultValType\": \"expression\",\n                                                \"resultVal\": \"{Query19Stats:$.Total}+{Query21Stats:$.Total}+{Query22Stats:$.Total}+{Query23Stats:$.Total}\"\n                                            }\n                                        }\n                                    ]\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Tab1Percent\",\n                                    \"type\": 1,\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"criteriaData\": [\n                                        {\n                                            \"criteriaContext\": {\n                                                \"operator\": \"Default\",\n                                                \"resultValType\": \"expression\",\n                                                \"resultVal\": \"round(100*{Tab1Success}/{Tab1Total})\"\n                                            }\n                                        }\n                                    ]\n                                }\n                            ],\n                            \"style\": \"pills\",\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\"\n                        },\n                        \"name\": \"TabInvisibleParameters\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"## Segmentation\"\n                        },\n                        \"customWidth\": \"50\",\n                        \"name\": \"tab1title\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"Column1\\\\\\\": \\\\\\\"{Tab1Percent}\\\\\\\", \\\\\\\"Column2\\\\\\\": \\\\\\\"Percent of successful checks\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                            \"size\": 3,\n                            \"queryType\": 8,\n                            \"visualization\": \"tiles\",\n                            \"tileSettings\": {\n                                \"titleContent\": {\n                                    \"columnMatch\": \"Column1\",\n                                    \"formatter\": 4,\n                                    \"formatOptions\": {\n                                        \"min\": 0,\n                                        \"max\": 100,\n                                        \"palette\": \"redGreen\"\n                                    },\n                                    \"numberFormat\": {\n                                        \"unit\": 0,\n                                        \"options\": {\n                                            \"style\": \"decimal\"\n                                        }\n                                    }\n                                },\n                                \"subtitleContent\": {\n                                    \"columnMatch\": \"Column2\"\n                                },\n                                \"showBorder\": true\n                            }\n                        },\n                        \"customWidth\": \"50\",\n                        \"name\": \"TabPercentTile\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Use a /26 prefix for your Azure Firewall subnets. Check [this link](https://learn.microsoft.com/azure/firewall/firewall-faq#why-does-azure-firewall-need-a--26-subnet-size) for further information.. [This training](https://learn.microsoft.com/training/modules/introduction-azure-firewall/) can help to educate yourself on this.\"\n                        },\n                        \"name\": \"querytext19\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/virtualnetworks' | project id,subnets=properties.subnets | mv-expand subnets | project id, subnetName = subnets.name, subnetPrefix = subnets.properties.addressPrefix | extend subnetPrefixLength = split(subnetPrefix, '/')[1] | where subnetName == 'AzureFirewallSubnet' | extend compliant = (subnetPrefixLength == 26) | distinct id, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query19\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Use at least a /27 prefix for your Gateway subnets. Check [this link](https://learn.microsoft.com/azure/expressroute/expressroute-howto-add-gateway-resource-manager#add-a-gateway) for further information.\"\n                        },\n                        \"name\": \"querytext21\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/virtualnetworks' | project id,subnets=properties.subnets | mv-expand subnets | project id, subnetName = subnets.name, subnetPrefix = subnets.properties.addressPrefix | extend subnetPrefixLength = split(subnetPrefix, '/')[1] | where subnetName == 'GatewaySubnet' | extend compliant = (subnetPrefixLength <= 27) | distinct id, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query21\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Don't rely on the NSG inbound default rules using the VirtualNetwork service tag to limit connectivity. Check [this link](https://learn.microsoft.com/azure/virtual-network/service-tags-overview#available-service-tags) for further information.\"\n                        },\n                        \"name\": \"querytext22\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/networksecuritygroups' | mvexpand properties.securityRules | project id,name,ruleAction=properties_securityRules.properties.access,rulePriority=properties_securityRules.properties.priority,ruleDst=properties_securityRules.properties.destinationAddressPrefix,ruleSrc=properties_securityRules.properties.sourceAddressPrefix,ruleProt=properties_securityRules.properties.protocol,ruleDirection=properties_securityRules.properties.direction,rulePort=properties_securityRules.properties.destinationPortRange | summarize StarDenies=countif(ruleAction=='Deny' and ruleDst=='*' and ruleSrc=='*' and ruleProt=='*' and rulePort=='*') by id,tostring(ruleDirection) | where ruleDirection == 'Inbound' | project id,compliant=(StarDenies>0) | union (resources | where type=='microsoft.network/networksecuritygroups' | where array_length(properties.securityRules)==0 | extend compliant=false | project id,compliant) | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query22\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Do not implement more than 900 NSG rules per NSG, due to the limit of 1000 rules. Check [this link](https://learn.microsoft.com/azure/azure-resource-manager/management/azure-subscription-service-limits) for further information.. [This training](https://learn.microsoft.com/azure/virtual-network/network-security-group-how-it-works) can help to educate yourself on this.\"\n                        },\n                        \"name\": \"querytext23\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type == 'microsoft.network/networksecuritygroups' | project id, rules = array_length(properties.securityRules) | project id, compliant = (rules < 900) | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query23\"\n                    }\n                ]\n            },\n            \"conditionalVisibility\": {\n                \"parameterName\": \"VisibleTab\",\n                \"comparison\": \"isEqualTo\",\n                \"value\": \"tab1\"\n            },\n            \"name\": \"tab1\"\n        },\n        {\n            \"type\": 12,\n            \"content\": {\n                \"version\": \"NotebookGroup/1.0\",\n                \"groupType\": \"editable\",\n                \"items\": [\n                    {\n                        \"type\": 9,\n                        \"content\": {\n                            \"version\": \"KqlParameterItem/1.0\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"parameters\": [\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query0Stats\",\n                                    \"type\": 1,\n                                    \"query\": \"resources | where type=='microsoft.network/virtualnetworks' | project id,subnets=properties.subnets | mv-expand subnets | project id, subnetName = subnets.name, subnetPrefix = subnets.properties.addressPrefix | extend subnetPrefixLength = split(subnetPrefix, '/')[1] | where subnetName == 'RouteServerSubnet' | extend compliant = (subnetPrefixLength <= 27) | distinct id, compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                                    \"crossComponentResources\": [\n                                        \"{Subscription}\"\n                                    ],\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 1,\n                                    \"resourceType\": \"microsoft.resourcegraph/resources\"\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query0FullyCompliant\",\n                                    \"type\": 1,\n                                    \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query0Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 8\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query1Stats\",\n                                    \"type\": 1,\n                                    \"query\": \"resources | where type == 'microsoft.network/virtualnetworks' | mvexpand properties.virtualNetworkPeerings | summarize peeringcount = count() by id | extend compliant = (peeringcount < 450) | distinct id,compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                                    \"crossComponentResources\": [\n                                        \"{Subscription}\"\n                                    ],\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 1,\n                                    \"resourceType\": \"microsoft.resourcegraph/resources\"\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query1FullyCompliant\",\n                                    \"type\": 1,\n                                    \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query1Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 8\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query2Stats\",\n                                    \"type\": 1,\n                                    \"query\": \"resources | where type=='microsoft.network/routetables' | mvexpand properties.routes | summarize routeCount = count() by id | extend compliant = (routeCount < 360) | distinct id,compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                                    \"crossComponentResources\": [\n                                        \"{Subscription}\"\n                                    ],\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 1,\n                                    \"resourceType\": \"microsoft.resourcegraph/resources\"\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query2FullyCompliant\",\n                                    \"type\": 1,\n                                    \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query2Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 8\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query3Stats\",\n                                    \"type\": 1,\n                                    \"query\": \"resources | where type == 'microsoft.network/virtualnetworks' | mvexpand properties.virtualNetworkPeerings | project id, peeringName=properties_virtualNetworkPeerings.name, compliant = (properties_virtualNetworkPeerings.properties.allowVirtualNetworkAccess == True)| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                                    \"crossComponentResources\": [\n                                        \"{Subscription}\"\n                                    ],\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 1,\n                                    \"resourceType\": \"microsoft.resourcegraph/resources\"\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query3FullyCompliant\",\n                                    \"type\": 1,\n                                    \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query3Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 8\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Tab2Success\",\n                                    \"type\": 1,\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"criteriaData\": [\n                                        {\n                                            \"criteriaContext\": {\n                                                \"operator\": \"Default\",\n                                                \"resultValType\": \"expression\",\n                                                \"resultVal\": \"{Query0Stats:$.Success}+{Query1Stats:$.Success}+{Query2Stats:$.Success}+{Query3Stats:$.Success}\"\n                                            }\n                                        }\n                                    ]\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Tab2Total\",\n                                    \"type\": 1,\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"criteriaData\": [\n                                        {\n                                            \"criteriaContext\": {\n                                                \"operator\": \"Default\",\n                                                \"resultValType\": \"expression\",\n                                                \"resultVal\": \"{Query0Stats:$.Total}+{Query1Stats:$.Total}+{Query2Stats:$.Total}+{Query3Stats:$.Total}\"\n                                            }\n                                        }\n                                    ]\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Tab2Percent\",\n                                    \"type\": 1,\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"criteriaData\": [\n                                        {\n                                            \"criteriaContext\": {\n                                                \"operator\": \"Default\",\n                                                \"resultValType\": \"expression\",\n                                                \"resultVal\": \"round(100*{Tab2Success}/{Tab2Total})\"\n                                            }\n                                        }\n                                    ]\n                                }\n                            ],\n                            \"style\": \"pills\",\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\"\n                        },\n                        \"name\": \"TabInvisibleParameters\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"## Hub and spoke\"\n                        },\n                        \"customWidth\": \"50\",\n                        \"name\": \"tab2title\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"Column1\\\\\\\": \\\\\\\"{Tab2Percent}\\\\\\\", \\\\\\\"Column2\\\\\\\": \\\\\\\"Percent of successful checks\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                            \"size\": 3,\n                            \"queryType\": 8,\n                            \"visualization\": \"tiles\",\n                            \"tileSettings\": {\n                                \"titleContent\": {\n                                    \"columnMatch\": \"Column1\",\n                                    \"formatter\": 4,\n                                    \"formatOptions\": {\n                                        \"min\": 0,\n                                        \"max\": 100,\n                                        \"palette\": \"redGreen\"\n                                    },\n                                    \"numberFormat\": {\n                                        \"unit\": 0,\n                                        \"options\": {\n                                            \"style\": \"decimal\"\n                                        }\n                                    }\n                                },\n                                \"subtitleContent\": {\n                                    \"columnMatch\": \"Column2\"\n                                },\n                                \"showBorder\": true\n                            }\n                        },\n                        \"customWidth\": \"50\",\n                        \"name\": \"TabPercentTile\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"If using Route Server, use a /27 prefix for the Route Server subnet. Check [this link](https://learn.microsoft.com/azure/route-server/quickstart-configure-route-server-portal#create-a-route-server-1) for further information.. [This training](https://learn.microsoft.com/training/modules/intro-to-azure-route-server/) can help to educate yourself on this.\"\n                        },\n                        \"name\": \"querytext0\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/virtualnetworks' | project id,subnets=properties.subnets | mv-expand subnets | project id, subnetName = subnets.name, subnetPrefix = subnets.properties.addressPrefix | extend subnetPrefixLength = split(subnetPrefix, '/')[1] | where subnetName == 'RouteServerSubnet' | extend compliant = (subnetPrefixLength <= 27) | distinct id, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query0\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"If you have more than 400 spoke networks in a region, deploy an additional hub to bypass VNet peering limits (500) and the maximum number of prefixes that can be advertised via ExpressRoute (1000). Check [this link](https://learn.microsoft.com/azure/azure-resource-manager/management/azure-subscription-service-limits?toc=/azure/virtual-network/toc.json#azure-resource-manager-virtual-networking-limits) for further information.. [This training](https://learn.microsoft.com/training/modules/hub-and-spoke-network-architecture/) can help to educate yourself on this.\"\n                        },\n                        \"name\": \"querytext1\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type == 'microsoft.network/virtualnetworks' | mvexpand properties.virtualNetworkPeerings | summarize peeringcount = count() by id | extend compliant = (peeringcount < 450) | distinct id,compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query1\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Limit the number of routes per route table to 400. Check [this link](https://learn.microsoft.com/azure/azure-resource-manager/management/azure-subscription-service-limits?toc=/azure/virtual-network/toc.json#azure-resource-manager-virtual-networking-limits) for further information.. [This training](https://learn.microsoft.com/training/modules/hub-and-spoke-network-architecture/) can help to educate yourself on this.\"\n                        },\n                        \"name\": \"querytext2\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/routetables' | mvexpand properties.routes | summarize routeCount = count() by id | extend compliant = (routeCount < 360) | distinct id,compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query2\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Use the setting 'Allow traffic to remote virtual network' when configuring VNet peerings. Check [this link](https://learn.microsoft.com/azure/virtual-network/virtual-network-manage-peering) for further information.. [This training](https://learn.microsoft.com/training/modules/hub-and-spoke-network-architecture/) can help to educate yourself on this.\"\n                        },\n                        \"name\": \"querytext3\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type == 'microsoft.network/virtualnetworks' | mvexpand properties.virtualNetworkPeerings | project id, peeringName=properties_virtualNetworkPeerings.name, compliant = (properties_virtualNetworkPeerings.properties.allowVirtualNetworkAccess == True) | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query3\"\n                    }\n                ]\n            },\n            \"conditionalVisibility\": {\n                \"parameterName\": \"VisibleTab\",\n                \"comparison\": \"isEqualTo\",\n                \"value\": \"tab2\"\n            },\n            \"name\": \"tab2\"\n        },\n        {\n            \"type\": 12,\n            \"content\": {\n                \"version\": \"NotebookGroup/1.0\",\n                \"groupType\": \"editable\",\n                \"items\": [\n                    {\n                        \"type\": 9,\n                        \"content\": {\n                            \"version\": \"KqlParameterItem/1.0\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"parameters\": [\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query20Stats\",\n                                    \"type\": 1,\n                                    \"query\": \"resources | where type =~ 'microsoft.network/virtualnetworks' | project id,resourceGroup,name,subnets = properties.subnets | mv-expand subnets | project id = subnets.id, resourceGroup, VNet = name, serviceEndpoints = subnets.properties.serviceEndpoints, compliant = (isnull(subnets.properties.serviceEndpoints) or array_length(subnets.properties.serviceEndpoints) == 0) | order by compliant asc| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                                    \"crossComponentResources\": [\n                                        \"{Subscription}\"\n                                    ],\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 1,\n                                    \"resourceType\": \"microsoft.resourcegraph/resources\"\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query20FullyCompliant\",\n                                    \"type\": 1,\n                                    \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query20Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 8\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Tab3Success\",\n                                    \"type\": 1,\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"criteriaData\": [\n                                        {\n                                            \"criteriaContext\": {\n                                                \"operator\": \"Default\",\n                                                \"resultValType\": \"expression\",\n                                                \"resultVal\": \"{Query20Stats:$.Success}\"\n                                            }\n                                        }\n                                    ]\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Tab3Total\",\n                                    \"type\": 1,\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"criteriaData\": [\n                                        {\n                                            \"criteriaContext\": {\n                                                \"operator\": \"Default\",\n                                                \"resultValType\": \"expression\",\n                                                \"resultVal\": \"{Query20Stats:$.Total}\"\n                                            }\n                                        }\n                                    ]\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Tab3Percent\",\n                                    \"type\": 1,\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"criteriaData\": [\n                                        {\n                                            \"criteriaContext\": {\n                                                \"operator\": \"Default\",\n                                                \"resultValType\": \"expression\",\n                                                \"resultVal\": \"round(100*{Tab3Success}/{Tab3Total})\"\n                                            }\n                                        }\n                                    ]\n                                }\n                            ],\n                            \"style\": \"pills\",\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\"\n                        },\n                        \"name\": \"TabInvisibleParameters\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"## PaaS\"\n                        },\n                        \"customWidth\": \"50\",\n                        \"name\": \"tab3title\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"Column1\\\\\\\": \\\\\\\"{Tab3Percent}\\\\\\\", \\\\\\\"Column2\\\\\\\": \\\\\\\"Percent of successful checks\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                            \"size\": 3,\n                            \"queryType\": 8,\n                            \"visualization\": \"tiles\",\n                            \"tileSettings\": {\n                                \"titleContent\": {\n                                    \"columnMatch\": \"Column1\",\n                                    \"formatter\": 4,\n                                    \"formatOptions\": {\n                                        \"min\": 0,\n                                        \"max\": 100,\n                                        \"palette\": \"redGreen\"\n                                    },\n                                    \"numberFormat\": {\n                                        \"unit\": 0,\n                                        \"options\": {\n                                            \"style\": \"decimal\"\n                                        }\n                                    }\n                                },\n                                \"subtitleContent\": {\n                                    \"columnMatch\": \"Column2\"\n                                },\n                                \"showBorder\": true\n                            }\n                        },\n                        \"customWidth\": \"50\",\n                        \"name\": \"TabPercentTile\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Don't enable virtual network service endpoints by default on all subnets. Check [this link](https://learn.microsoft.com/azure/virtual-network/virtual-network-service-endpoints-overview) for further information.. [This training](https://learn.microsoft.com/learn/paths/implement-network-security/?source=learn) can help to educate yourself on this.\"\n                        },\n                        \"name\": \"querytext20\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type =~ 'microsoft.network/virtualnetworks' | project id,resourceGroup,name,subnets = properties.subnets | mv-expand subnets | project id = subnets.id, resourceGroup, VNet = name, serviceEndpoints = subnets.properties.serviceEndpoints, compliant = (isnull(subnets.properties.serviceEndpoints) or array_length(subnets.properties.serviceEndpoints) == 0) | order by compliant asc | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query20\"\n                    }\n                ]\n            },\n            \"conditionalVisibility\": {\n                \"parameterName\": \"VisibleTab\",\n                \"comparison\": \"isEqualTo\",\n                \"value\": \"tab3\"\n            },\n            \"name\": \"tab3\"\n        },\n        {\n            \"type\": 12,\n            \"content\": {\n                \"version\": \"NotebookGroup/1.0\",\n                \"groupType\": \"editable\",\n                \"items\": [\n                    {\n                        \"type\": 9,\n                        \"content\": {\n                            \"version\": \"KqlParameterItem/1.0\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"parameters\": [\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query6Stats\",\n                                    \"type\": 1,\n                                    \"query\": \"resources | where type=='microsoft.network/virtualnetworks' | project id,subnets=properties.subnets | mv-expand subnets | project id, subnetName = subnets.name, subnetPrefix = subnets.properties.addressPrefix | extend subnetPrefixLength = split(subnetPrefix, '/')[1] | where subnetName == 'AzureBastionSubnet' | extend compliant = (subnetPrefixLength <= 26) | distinct id, compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                                    \"crossComponentResources\": [\n                                        \"{Subscription}\"\n                                    ],\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 1,\n                                    \"resourceType\": \"microsoft.resourcegraph/resources\"\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query6FullyCompliant\",\n                                    \"type\": 1,\n                                    \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query6Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 8\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Tab4Success\",\n                                    \"type\": 1,\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"criteriaData\": [\n                                        {\n                                            \"criteriaContext\": {\n                                                \"operator\": \"Default\",\n                                                \"resultValType\": \"expression\",\n                                                \"resultVal\": \"{Query6Stats:$.Success}\"\n                                            }\n                                        }\n                                    ]\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Tab4Total\",\n                                    \"type\": 1,\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"criteriaData\": [\n                                        {\n                                            \"criteriaContext\": {\n                                                \"operator\": \"Default\",\n                                                \"resultValType\": \"expression\",\n                                                \"resultVal\": \"{Query6Stats:$.Total}\"\n                                            }\n                                        }\n                                    ]\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Tab4Percent\",\n                                    \"type\": 1,\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"criteriaData\": [\n                                        {\n                                            \"criteriaContext\": {\n                                                \"operator\": \"Default\",\n                                                \"resultValType\": \"expression\",\n                                                \"resultVal\": \"round(100*{Tab4Success}/{Tab4Total})\"\n                                            }\n                                        }\n                                    ]\n                                }\n                            ],\n                            \"style\": \"pills\",\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\"\n                        },\n                        \"name\": \"TabInvisibleParameters\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"## Internet\"\n                        },\n                        \"customWidth\": \"50\",\n                        \"name\": \"tab4title\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"Column1\\\\\\\": \\\\\\\"{Tab4Percent}\\\\\\\", \\\\\\\"Column2\\\\\\\": \\\\\\\"Percent of successful checks\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                            \"size\": 3,\n                            \"queryType\": 8,\n                            \"visualization\": \"tiles\",\n                            \"tileSettings\": {\n                                \"titleContent\": {\n                                    \"columnMatch\": \"Column1\",\n                                    \"formatter\": 4,\n                                    \"formatOptions\": {\n                                        \"min\": 0,\n                                        \"max\": 100,\n                                        \"palette\": \"redGreen\"\n                                    },\n                                    \"numberFormat\": {\n                                        \"unit\": 0,\n                                        \"options\": {\n                                            \"style\": \"decimal\"\n                                        }\n                                    }\n                                },\n                                \"subtitleContent\": {\n                                    \"columnMatch\": \"Column2\"\n                                },\n                                \"showBorder\": true\n                            }\n                        },\n                        \"customWidth\": \"50\",\n                        \"name\": \"TabPercentTile\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Use Azure Bastion in a subnet /26 or larger. Check [this link](https://learn.microsoft.com/azure/bastion/bastion-faq#subnet) for further information.. [This training](https://learn.microsoft.com/training/modules/intro-to-azure-bastion/) can help to educate yourself on this.\"\n                        },\n                        \"name\": \"querytext6\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/virtualnetworks' | project id,subnets=properties.subnets | mv-expand subnets | project id, subnetName = subnets.name, subnetPrefix = subnets.properties.addressPrefix | extend subnetPrefixLength = split(subnetPrefix, '/')[1] | where subnetName == 'AzureBastionSubnet' | extend compliant = (subnetPrefixLength <= 26) | distinct id, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query6\"\n                    }\n                ]\n            },\n            \"conditionalVisibility\": {\n                \"parameterName\": \"VisibleTab\",\n                \"comparison\": \"isEqualTo\",\n                \"value\": \"tab4\"\n            },\n            \"name\": \"tab4\"\n        },\n        {\n            \"type\": 12,\n            \"content\": {\n                \"version\": \"NotebookGroup/1.0\",\n                \"groupType\": \"editable\",\n                \"items\": [\n                    {\n                        \"type\": 9,\n                        \"content\": {\n                            \"version\": \"KqlParameterItem/1.0\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"parameters\": [\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query4Stats\",\n                                    \"type\": 1,\n                                    \"query\": \"resources | where type == 'microsoft.network/virtualnetworks' | extend addressSpace = todynamic(properties.addressSpace) | extend addressPrefix = todynamic(properties.addressSpace.addressPrefixes) | mvexpand addressSpace | mvexpand addressPrefix | project name, id, location, resourceGroup, subscriptionId, cidr = addressPrefix | extend compliant = (cidr matches regex @'^(10\\\\.|172\\\\.(1[6-9]|2[0-9]|3[01])\\\\.|192\\\\.168\\\\.)')  | project id, compliant, cidr| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                                    \"crossComponentResources\": [\n                                        \"{Subscription}\"\n                                    ],\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 1,\n                                    \"resourceType\": \"microsoft.resourcegraph/resources\"\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query4FullyCompliant\",\n                                    \"type\": 1,\n                                    \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query4Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 8\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query5Stats\",\n                                    \"type\": 1,\n                                    \"query\": \"resources | where type == 'microsoft.network/virtualnetworks' | extend addressSpace = todynamic(properties.addressSpace) | extend addressPrefix = todynamic(properties.addressSpace.addressPrefixes) | mvexpand addressSpace | mvexpand addressPrefix | extend addressMask = split(addressPrefix,'/')[1] | extend compliant = addressMask > 16 | project name, id, subscriptionId, resourceGroup, addressPrefix, compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                                    \"crossComponentResources\": [\n                                        \"{Subscription}\"\n                                    ],\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 1,\n                                    \"resourceType\": \"microsoft.resourcegraph/resources\"\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query5FullyCompliant\",\n                                    \"type\": 1,\n                                    \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query5Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 8\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Tab5Success\",\n                                    \"type\": 1,\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"criteriaData\": [\n                                        {\n                                            \"criteriaContext\": {\n                                                \"operator\": \"Default\",\n                                                \"resultValType\": \"expression\",\n                                                \"resultVal\": \"{Query4Stats:$.Success}+{Query5Stats:$.Success}\"\n                                            }\n                                        }\n                                    ]\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Tab5Total\",\n                                    \"type\": 1,\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"criteriaData\": [\n                                        {\n                                            \"criteriaContext\": {\n                                                \"operator\": \"Default\",\n                                                \"resultValType\": \"expression\",\n                                                \"resultVal\": \"{Query4Stats:$.Total}+{Query5Stats:$.Total}\"\n                                            }\n                                        }\n                                    ]\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Tab5Percent\",\n                                    \"type\": 1,\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"criteriaData\": [\n                                        {\n                                            \"criteriaContext\": {\n                                                \"operator\": \"Default\",\n                                                \"resultValType\": \"expression\",\n                                                \"resultVal\": \"round(100*{Tab5Success}/{Tab5Total})\"\n                                            }\n                                        }\n                                    ]\n                                }\n                            ],\n                            \"style\": \"pills\",\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\"\n                        },\n                        \"name\": \"TabInvisibleParameters\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"## IP plan\"\n                        },\n                        \"customWidth\": \"50\",\n                        \"name\": \"tab5title\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"Column1\\\\\\\": \\\\\\\"{Tab5Percent}\\\\\\\", \\\\\\\"Column2\\\\\\\": \\\\\\\"Percent of successful checks\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                            \"size\": 3,\n                            \"queryType\": 8,\n                            \"visualization\": \"tiles\",\n                            \"tileSettings\": {\n                                \"titleContent\": {\n                                    \"columnMatch\": \"Column1\",\n                                    \"formatter\": 4,\n                                    \"formatOptions\": {\n                                        \"min\": 0,\n                                        \"max\": 100,\n                                        \"palette\": \"redGreen\"\n                                    },\n                                    \"numberFormat\": {\n                                        \"unit\": 0,\n                                        \"options\": {\n                                            \"style\": \"decimal\"\n                                        }\n                                    }\n                                },\n                                \"subtitleContent\": {\n                                    \"columnMatch\": \"Column2\"\n                                },\n                                \"showBorder\": true\n                            }\n                        },\n                        \"customWidth\": \"50\",\n                        \"name\": \"TabPercentTile\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Use IP addresses from the address allocation ranges for private internets (RFC 1918). Check [this link](https://learn.microsoft.com/azure/cloud-adoption-framework/ready/azure-best-practices/plan-for-ip-addressing) for further information.. [This training](https://learn.microsoft.com/learn/paths/architect-network-infrastructure/) can help to educate yourself on this.\"\n                        },\n                        \"name\": \"querytext4\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type == 'microsoft.network/virtualnetworks' | extend addressSpace = todynamic(properties.addressSpace) | extend addressPrefix = todynamic(properties.addressSpace.addressPrefixes) | mvexpand addressSpace | mvexpand addressPrefix | project name, id, location, resourceGroup, subscriptionId, cidr = addressPrefix | extend compliant = (cidr matches regex @'^(10\\\\.|172\\\\.(1[6-9]|2[0-9]|3[01])\\\\.|192\\\\.168\\\\.)')  | project id, compliant, cidr | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query4\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Ensure that IP address space isn't wasted, don't create unnecessarily large virtual networks (for example /16). Check [this link](https://learn.microsoft.com/azure/cloud-adoption-framework/ready/azure-best-practices/plan-for-ip-addressing) for further information.. [This training](https://learn.microsoft.com/learn/paths/architect-network-infrastructure/) can help to educate yourself on this.\"\n                        },\n                        \"name\": \"querytext5\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type == 'microsoft.network/virtualnetworks' | extend addressSpace = todynamic(properties.addressSpace) | extend addressPrefix = todynamic(properties.addressSpace.addressPrefixes) | mvexpand addressSpace | mvexpand addressPrefix | extend addressMask = split(addressPrefix,'/')[1] | extend compliant = addressMask > 16 | project name, id, subscriptionId, resourceGroup, addressPrefix, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query5\"\n                    }\n                ]\n            },\n            \"conditionalVisibility\": {\n                \"parameterName\": \"VisibleTab\",\n                \"comparison\": \"isEqualTo\",\n                \"value\": \"tab5\"\n            },\n            \"name\": \"tab5\"\n        },\n        {\n            \"type\": 12,\n            \"content\": {\n                \"version\": \"NotebookGroup/1.0\",\n                \"groupType\": \"editable\",\n                \"items\": [\n                    {\n                        \"type\": 9,\n                        \"content\": {\n                            \"version\": \"KqlParameterItem/1.0\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"parameters\": [\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query24Stats\",\n                                    \"type\": 1,\n                                    \"query\": \"resources | where type=='microsoft.network/virtualhubs' | extend compliant = isnotnull(properties.azureFirewall.id) | project id, compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                                    \"crossComponentResources\": [\n                                        \"{Subscription}\"\n                                    ],\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 1,\n                                    \"resourceType\": \"microsoft.resourcegraph/resources\"\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query24FullyCompliant\",\n                                    \"type\": 1,\n                                    \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query24Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 8\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Tab6Success\",\n                                    \"type\": 1,\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"criteriaData\": [\n                                        {\n                                            \"criteriaContext\": {\n                                                \"operator\": \"Default\",\n                                                \"resultValType\": \"expression\",\n                                                \"resultVal\": \"{Query24Stats:$.Success}\"\n                                            }\n                                        }\n                                    ]\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Tab6Total\",\n                                    \"type\": 1,\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"criteriaData\": [\n                                        {\n                                            \"criteriaContext\": {\n                                                \"operator\": \"Default\",\n                                                \"resultValType\": \"expression\",\n                                                \"resultVal\": \"{Query24Stats:$.Total}\"\n                                            }\n                                        }\n                                    ]\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Tab6Percent\",\n                                    \"type\": 1,\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"criteriaData\": [\n                                        {\n                                            \"criteriaContext\": {\n                                                \"operator\": \"Default\",\n                                                \"resultValType\": \"expression\",\n                                                \"resultVal\": \"round(100*{Tab6Success}/{Tab6Total})\"\n                                            }\n                                        }\n                                    ]\n                                }\n                            ],\n                            \"style\": \"pills\",\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\"\n                        },\n                        \"name\": \"TabInvisibleParameters\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"## Virtual WAN\"\n                        },\n                        \"customWidth\": \"50\",\n                        \"name\": \"tab6title\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"Column1\\\\\\\": \\\\\\\"{Tab6Percent}\\\\\\\", \\\\\\\"Column2\\\\\\\": \\\\\\\"Percent of successful checks\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                            \"size\": 3,\n                            \"queryType\": 8,\n                            \"visualization\": \"tiles\",\n                            \"tileSettings\": {\n                                \"titleContent\": {\n                                    \"columnMatch\": \"Column1\",\n                                    \"formatter\": 4,\n                                    \"formatOptions\": {\n                                        \"min\": 0,\n                                        \"max\": 100,\n                                        \"palette\": \"redGreen\"\n                                    },\n                                    \"numberFormat\": {\n                                        \"unit\": 0,\n                                        \"options\": {\n                                            \"style\": \"decimal\"\n                                        }\n                                    }\n                                },\n                                \"subtitleContent\": {\n                                    \"columnMatch\": \"Column2\"\n                                },\n                                \"showBorder\": true\n                            }\n                        },\n                        \"customWidth\": \"50\",\n                        \"name\": \"TabPercentTile\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"For outbound Internet traffic protection and filtering, deploy Azure Firewall in secured hubs. Check [this link](https://learn.microsoft.com/azure/virtual-wan/howto-firewall) for further information.. [This training](https://learn.microsoft.com/learn/paths/secure-networking-infrastructure/) can help to educate yourself on this.\"\n                        },\n                        \"name\": \"querytext24\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/virtualhubs' | extend compliant = isnotnull(properties.azureFirewall.id) | project id, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query24\"\n                    }\n                ]\n            },\n            \"conditionalVisibility\": {\n                \"parameterName\": \"VisibleTab\",\n                \"comparison\": \"isEqualTo\",\n                \"value\": \"tab6\"\n            },\n            \"name\": \"tab6\"\n        },\n        {\n            \"type\": 12,\n            \"content\": {\n                \"version\": \"NotebookGroup/1.0\",\n                \"groupType\": \"editable\",\n                \"items\": [\n                    {\n                        \"type\": 9,\n                        \"content\": {\n                            \"version\": \"KqlParameterItem/1.0\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"parameters\": [\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query14Stats\",\n                                    \"type\": 1,\n                                    \"query\": \"resources | where type=='microsoft.network/firewallpolicies' | extend compliant = (properties.dnsSettings.enableProxy == true) | distinct id,compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                                    \"crossComponentResources\": [\n                                        \"{Subscription}\"\n                                    ],\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 1,\n                                    \"resourceType\": \"microsoft.resourcegraph/resources\"\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query14FullyCompliant\",\n                                    \"type\": 1,\n                                    \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query14Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 8\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query15Stats\",\n                                    \"type\": 1,\n                                    \"query\": \"resources | where type=='microsoft.network/firewallpolicies' | extend compliant = (properties.sku.tier == 'Premium') | distinct id,compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                                    \"crossComponentResources\": [\n                                        \"{Subscription}\"\n                                    ],\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 1,\n                                    \"resourceType\": \"microsoft.resourcegraph/resources\"\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query15FullyCompliant\",\n                                    \"type\": 1,\n                                    \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query15Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 8\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query16Stats\",\n                                    \"type\": 1,\n                                    \"query\": \"resources | where type=='microsoft.network/firewallpolicies' | extend compliant = (properties.threatIntelMode == 'Deny') | distinct id,compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                                    \"crossComponentResources\": [\n                                        \"{Subscription}\"\n                                    ],\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 1,\n                                    \"resourceType\": \"microsoft.resourcegraph/resources\"\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query16FullyCompliant\",\n                                    \"type\": 1,\n                                    \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query16Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 8\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query17Stats\",\n                                    \"type\": 1,\n                                    \"query\": \"resources | where type=='microsoft.network/firewallpolicies' | extend compliant = (properties.intrusionDetection.mode == 'Deny') | project id, compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                                    \"crossComponentResources\": [\n                                        \"{Subscription}\"\n                                    ],\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 1,\n                                    \"resourceType\": \"microsoft.resourcegraph/resources\"\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query17FullyCompliant\",\n                                    \"type\": 1,\n                                    \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query17Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 8\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query18Stats\",\n                                    \"type\": 1,\n                                    \"query\": \"resources | where type=='microsoft.network/virtualnetworks' | project id,resourceGroup,name,subnets=properties.subnets | mv-expand subnets | project id,name,subnetId=tostring(subnets.id), subnetName=tostring(subnets.name),subnetRT=subnets.properties.routeTable.id | where not (subnetName in ('GatewaySubnet', 'AzureFirewallSubnet', 'RouteServerSubnet', 'AzureBastionSubnet')) | extend hasRT = isnotnull(subnetRT) | distinct id, hasRT, subnetId | join kind=fullouter (resources | where type == 'microsoft.network/virtualnetworks' | mvexpand properties.virtualNetworkPeerings | extend isVWAN=(tolower(split(properties_virtualNetworkPeerings.name, '_')[0]) == 'remotevnettohubpeering') | mv-expand properties.subnets | project id, isVWAN, name, subnetId=tostring(properties_subnets.id), subnetName=tostring(properties_subnets.name) | summarize PeeredToVWAN=max(isVWAN) by id, subnetId | project id, subnetId, isVWANpeer = (PeeredToVWAN == true)) on subnetId | project id=iff(isnotempty(id), id, id1), subnetId=iff(isnotempty(subnetId), subnetId, subnetId1), hasRT, isVWANpeer | extend compliant = (hasRT==true or isVWANpeer==true) | distinct id, subnetId, compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                                    \"crossComponentResources\": [\n                                        \"{Subscription}\"\n                                    ],\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 1,\n                                    \"resourceType\": \"microsoft.resourcegraph/resources\"\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query18FullyCompliant\",\n                                    \"type\": 1,\n                                    \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query18Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 8\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Tab7Success\",\n                                    \"type\": 1,\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"criteriaData\": [\n                                        {\n                                            \"criteriaContext\": {\n                                                \"operator\": \"Default\",\n                                                \"resultValType\": \"expression\",\n                                                \"resultVal\": \"{Query14Stats:$.Success}+{Query15Stats:$.Success}+{Query16Stats:$.Success}+{Query17Stats:$.Success}+{Query18Stats:$.Success}\"\n                                            }\n                                        }\n                                    ]\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Tab7Total\",\n                                    \"type\": 1,\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"criteriaData\": [\n                                        {\n                                            \"criteriaContext\": {\n                                                \"operator\": \"Default\",\n                                                \"resultValType\": \"expression\",\n                                                \"resultVal\": \"{Query14Stats:$.Total}+{Query15Stats:$.Total}+{Query16Stats:$.Total}+{Query17Stats:$.Total}+{Query18Stats:$.Total}\"\n                                            }\n                                        }\n                                    ]\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Tab7Percent\",\n                                    \"type\": 1,\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"criteriaData\": [\n                                        {\n                                            \"criteriaContext\": {\n                                                \"operator\": \"Default\",\n                                                \"resultValType\": \"expression\",\n                                                \"resultVal\": \"round(100*{Tab7Success}/{Tab7Total})\"\n                                            }\n                                        }\n                                    ]\n                                }\n                            ],\n                            \"style\": \"pills\",\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\"\n                        },\n                        \"name\": \"TabInvisibleParameters\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"## Firewall\"\n                        },\n                        \"customWidth\": \"50\",\n                        \"name\": \"tab7title\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"Column1\\\\\\\": \\\\\\\"{Tab7Percent}\\\\\\\", \\\\\\\"Column2\\\\\\\": \\\\\\\"Percent of successful checks\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                            \"size\": 3,\n                            \"queryType\": 8,\n                            \"visualization\": \"tiles\",\n                            \"tileSettings\": {\n                                \"titleContent\": {\n                                    \"columnMatch\": \"Column1\",\n                                    \"formatter\": 4,\n                                    \"formatOptions\": {\n                                        \"min\": 0,\n                                        \"max\": 100,\n                                        \"palette\": \"redGreen\"\n                                    },\n                                    \"numberFormat\": {\n                                        \"unit\": 0,\n                                        \"options\": {\n                                            \"style\": \"decimal\"\n                                        }\n                                    }\n                                },\n                                \"subtitleContent\": {\n                                    \"columnMatch\": \"Column2\"\n                                },\n                                \"showBorder\": true\n                            }\n                        },\n                        \"customWidth\": \"50\",\n                        \"name\": \"TabPercentTile\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Use application rules to filter outbound traffic on destination host name for supported protocols.  Use FQDN-based network rules and Azure Firewall with DNS proxy to filter egress traffic to the Internet over other protocols. Check [this link](https://learn.microsoft.com/azure/firewall/fqdn-filtering-network-rules) for further information.. [This training](https://learn.microsoft.com/learn/paths/secure-networking-infrastructure/) can help to educate yourself on this.\"\n                        },\n                        \"name\": \"querytext14\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/firewallpolicies' | extend compliant = (properties.dnsSettings.enableProxy == true) | distinct id,compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query14\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Use Azure Firewall Premium to enable additional security features. Check [this link](https://learn.microsoft.com/azure/firewall/premium-features) for further information.. [This training](https://learn.microsoft.com/training/modules/introduction-azure-firewall/) can help to educate yourself on this.\"\n                        },\n                        \"name\": \"querytext15\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/firewallpolicies' | extend compliant = (properties.sku.tier == 'Premium') | distinct id,compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query15\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Configure Azure Firewall Threat Intelligence mode to Alert and Deny for additional protection. Check [this link](https://learn.microsoft.com/azure/firewall/premium-features#idps-signature-rules) for further information.\"\n                        },\n                        \"name\": \"querytext16\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/firewallpolicies' | extend compliant = (properties.threatIntelMode == 'Deny') | distinct id,compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query16\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Configure Azure Firewall IDPS mode to Deny for additional protection. Check [this link](https://learn.microsoft.com/azure/firewall/premium-features#idps) for further information.. [This training](https://learn.microsoft.com/training/modules/introduction-azure-firewall/) can help to educate yourself on this.\"\n                        },\n                        \"name\": \"querytext17\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/firewallpolicies' | extend compliant = (properties.intrusionDetection.mode == 'Deny') | project id, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query17\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"For subnets in VNets not connected to Virtual WAN, attach a route table so that Internet traffic is redirected to Azure Firewall or a Network Virtual Appliance. Check [this link](https://learn.microsoft.com/azure/virtual-network/virtual-networks-udr-overview) for further information.\"\n                        },\n                        \"name\": \"querytext18\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/virtualnetworks' | project id,resourceGroup,name,subnets=properties.subnets | mv-expand subnets | project id,name,subnetId=tostring(subnets.id), subnetName=tostring(subnets.name),subnetRT=subnets.properties.routeTable.id | where not (subnetName in ('GatewaySubnet', 'AzureFirewallSubnet', 'RouteServerSubnet', 'AzureBastionSubnet')) | extend hasRT = isnotnull(subnetRT) | distinct id, hasRT, subnetId | join kind=fullouter (resources | where type == 'microsoft.network/virtualnetworks' | mvexpand properties.virtualNetworkPeerings | extend isVWAN=(tolower(split(properties_virtualNetworkPeerings.name, '_')[0]) == 'remotevnettohubpeering') | mv-expand properties.subnets | project id, isVWAN, name, subnetId=tostring(properties_subnets.id), subnetName=tostring(properties_subnets.name) | summarize PeeredToVWAN=max(isVWAN) by id, subnetId | project id, subnetId, isVWANpeer = (PeeredToVWAN == true)) on subnetId | project id=iff(isnotempty(id), id, id1), subnetId=iff(isnotempty(subnetId), subnetId, subnetId1), hasRT, isVWANpeer | extend compliant = (hasRT==true or isVWANpeer==true) | distinct id, subnetId, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query18\"\n                    }\n                ]\n            },\n            \"conditionalVisibility\": {\n                \"parameterName\": \"VisibleTab\",\n                \"comparison\": \"isEqualTo\",\n                \"value\": \"tab7\"\n            },\n            \"name\": \"tab7\"\n        }\n    ],\n    \"$schema\": \"https://github.com/Microsoft/Application-Insights-Workbooks/blob/master/schema/workbook.json\"\n}",
+                "serializedData": "{\n    \"version\": \"Notebook/1.0\",\n    \"items\": [\n        {\n            \"type\": 9,\n            \"content\": {\n                \"version\": \"KqlParameterItem/1.0\",\n                \"parameters\": [\n                    {\n                        \"id\": \"497a107e-dde8-433e-b263-35ac8e8f7834\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Subscription\",\n                        \"type\": 6,\n                        \"multiSelect\": true,\n                        \"quote\": \"'\",\n                        \"delimiter\": \",\",\n                        \"typeSettings\": {\n                            \"additionalResourceOptions\": [\n                                \"value::all\"\n                            ],\n                            \"includeAll\": true,\n                            \"showDefault\": false\n                        },\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"value\": [\n                            \"value::all\"\n                        ]\n                    },\n                    {\n                        \"id\": \"844e4f4e-df51-4e3c-8eaf-0dc78b92c721\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"OnlyFailed\",\n                        \"label\": \"Only show failed\",\n                        \"type\": 2,\n                        \"typeSettings\": {\n                            \"additionalResourceOptions\": [],\n                            \"showDefault\": false\n                        },\n                        \"jsonData\": \"[\\r\\n    { \\\"value\\\":true, \\\"label\\\":\\\"True\\\" },\\r\\n    { \\\"value\\\":false, \\\"label\\\":\\\"False\\\", \\\"selected\\\":true }\\r\\n]\"\n                    }\n                ],\n                \"style\": \"pills\",\n                \"queryType\": 0,\n                \"resourceType\": \"microsoft.operationalinsights/workspaces\"\n            },\n            \"name\": \"WorkbookSelectors\"\n        },\n        {\n            \"type\": 1,\n            \"content\": {\n                \"json\": \"If you set \\\"Only show failed\\\" to \\\"Yes\\\", the different queries will only show items that have failed their compliance checks.\",\n                \"style\": \"info\"\n            },\n            \"name\": \"InfoBox\"\n        },\n        {\n            \"type\": 1,\n            \"content\": {\n                \"json\": \"## Azure Landing Zone Review - Network\\n\\n---\\n\\nThis workbook has been automatically generated out of the checklists in the [Azure Review Checklists repo](https://github.com/Azure/review-checklists). This repo contains best practices and recommendations around generic Landing Zones as well as specific services such as Azure Virtual Desktop, Azure Kubernetes Service or Azure VMware Solution, to name a few. This repository of best practices is curated by Azure engineers, but open to anybody to contribute.\\n\\nIf you see a problem in the queries that are part of this workbook, please open a Github issue [here](https://github.com/Azure/review-checklists/issues/new).\"\n            },\n            \"customWidth\": \"100\",\n            \"name\": \"MarkdownHeader\"\n        },\n        {\n            \"type\": 11,\n            \"content\": {\n                \"version\": \"LinkItem/1.0\",\n                \"style\": \"tabs\",\n                \"links\": [\n                    {\n                        \"id\": \"151c62e1-f733-479b-8cd9-70159a437548\",\n                        \"cellValue\": \"VisibleTab\",\n                        \"linkTarget\": \"parameter\",\n                        \"linkLabel\": \"Hub and spoke\",\n                        \"subTarget\": \"tab0\",\n                        \"preText\": \"Hub and spoke\",\n                        \"style\": \"primary\"\n                    },\n                    {\n                        \"id\": \"8986bf27-9e6a-4fb2-821c-07305b4fd275\",\n                        \"cellValue\": \"VisibleTab\",\n                        \"linkTarget\": \"parameter\",\n                        \"linkLabel\": \"Internet\",\n                        \"subTarget\": \"tab1\",\n                        \"preText\": \"Internet\",\n                        \"style\": \"primary\"\n                    },\n                    {\n                        \"id\": \"b99bc449-2184-4df9-a03e-da8672e74d49\",\n                        \"cellValue\": \"VisibleTab\",\n                        \"linkTarget\": \"parameter\",\n                        \"linkLabel\": \"Hybrid\",\n                        \"subTarget\": \"tab2\",\n                        \"preText\": \"Hybrid\",\n                        \"style\": \"primary\"\n                    },\n                    {\n                        \"id\": \"777c88ca-f7ec-4e70-9cec-b8f2dbb8e216\",\n                        \"cellValue\": \"VisibleTab\",\n                        \"linkTarget\": \"parameter\",\n                        \"linkLabel\": \"Segmentation\",\n                        \"subTarget\": \"tab3\",\n                        \"preText\": \"Segmentation\",\n                        \"style\": \"primary\"\n                    },\n                    {\n                        \"id\": \"3a8456b2-3426-4467-8665-4f86428ae9e3\",\n                        \"cellValue\": \"VisibleTab\",\n                        \"linkTarget\": \"parameter\",\n                        \"linkLabel\": \"IP plan\",\n                        \"subTarget\": \"tab4\",\n                        \"preText\": \"IP plan\",\n                        \"style\": \"primary\"\n                    },\n                    {\n                        \"id\": \"67121aef-1c86-4821-96eb-563c4a9b4fa6\",\n                        \"cellValue\": \"VisibleTab\",\n                        \"linkTarget\": \"parameter\",\n                        \"linkLabel\": \"PaaS\",\n                        \"subTarget\": \"tab5\",\n                        \"preText\": \"PaaS\",\n                        \"style\": \"primary\"\n                    },\n                    {\n                        \"id\": \"5cade58f-fde6-49a6-9813-d0cda478dd9b\",\n                        \"cellValue\": \"VisibleTab\",\n                        \"linkTarget\": \"parameter\",\n                        \"linkLabel\": \"Virtual WAN\",\n                        \"subTarget\": \"tab6\",\n                        \"preText\": \"Virtual WAN\",\n                        \"style\": \"primary\"\n                    },\n                    {\n                        \"id\": \"6f83534d-e651-4fa4-8c01-2e12259e5ae6\",\n                        \"cellValue\": \"VisibleTab\",\n                        \"linkTarget\": \"parameter\",\n                        \"linkLabel\": \"Firewall\",\n                        \"subTarget\": \"tab7\",\n                        \"preText\": \"Firewall\",\n                        \"style\": \"primary\"\n                    }\n                ]\n            },\n            \"name\": \"Tabs\"\n        },\n        {\n            \"type\": 12,\n            \"content\": {\n                \"version\": \"NotebookGroup/1.0\",\n                \"groupType\": \"editable\",\n                \"items\": [\n                    {\n                        \"type\": 9,\n                        \"content\": {\n                            \"version\": \"KqlParameterItem/1.0\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"parameters\": [\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query0Stats\",\n                                    \"type\": 1,\n                                    \"query\": \"resources | where type=='microsoft.network/virtualnetworks' | project id,subnets=properties.subnets | mv-expand subnets | project id, subnetName = subnets.name, subnetPrefix = subnets.properties.addressPrefix | extend subnetPrefixLength = split(subnetPrefix, '/')[1] | where subnetName == 'RouteServerSubnet' | extend compliant = (subnetPrefixLength <= 27) | distinct id, compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                                    \"crossComponentResources\": [\n                                        \"{Subscription}\"\n                                    ],\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 1,\n                                    \"resourceType\": \"microsoft.resourcegraph/resources\"\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query0FullyCompliant\",\n                                    \"type\": 1,\n                                    \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query0Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 8\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query1Stats\",\n                                    \"type\": 1,\n                                    \"query\": \"resources | where type == 'microsoft.network/virtualnetworks' | mvexpand properties.virtualNetworkPeerings | summarize peeringcount = count() by id | extend compliant = (peeringcount < 450) | distinct id,compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                                    \"crossComponentResources\": [\n                                        \"{Subscription}\"\n                                    ],\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 1,\n                                    \"resourceType\": \"microsoft.resourcegraph/resources\"\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query1FullyCompliant\",\n                                    \"type\": 1,\n                                    \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query1Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 8\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query2Stats\",\n                                    \"type\": 1,\n                                    \"query\": \"resources | where type=='microsoft.network/routetables' | mvexpand properties.routes | summarize routeCount = count() by id | extend compliant = (routeCount < 360) | distinct id,compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                                    \"crossComponentResources\": [\n                                        \"{Subscription}\"\n                                    ],\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 1,\n                                    \"resourceType\": \"microsoft.resourcegraph/resources\"\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query2FullyCompliant\",\n                                    \"type\": 1,\n                                    \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query2Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 8\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query3Stats\",\n                                    \"type\": 1,\n                                    \"query\": \"resources | where type == 'microsoft.network/virtualnetworks' | mvexpand properties.virtualNetworkPeerings | project id, peeringName=properties_virtualNetworkPeerings.name, compliant = (properties_virtualNetworkPeerings.properties.allowVirtualNetworkAccess == True)| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                                    \"crossComponentResources\": [\n                                        \"{Subscription}\"\n                                    ],\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 1,\n                                    \"resourceType\": \"microsoft.resourcegraph/resources\"\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query3FullyCompliant\",\n                                    \"type\": 1,\n                                    \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query3Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 8\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Tab0Success\",\n                                    \"type\": 1,\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"criteriaData\": [\n                                        {\n                                            \"criteriaContext\": {\n                                                \"operator\": \"Default\",\n                                                \"resultValType\": \"expression\",\n                                                \"resultVal\": \"{Query0Stats:$.Success}+{Query1Stats:$.Success}+{Query2Stats:$.Success}+{Query3Stats:$.Success}\"\n                                            }\n                                        }\n                                    ]\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Tab0Total\",\n                                    \"type\": 1,\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"criteriaData\": [\n                                        {\n                                            \"criteriaContext\": {\n                                                \"operator\": \"Default\",\n                                                \"resultValType\": \"expression\",\n                                                \"resultVal\": \"{Query0Stats:$.Total}+{Query1Stats:$.Total}+{Query2Stats:$.Total}+{Query3Stats:$.Total}\"\n                                            }\n                                        }\n                                    ]\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Tab0Percent\",\n                                    \"type\": 1,\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"criteriaData\": [\n                                        {\n                                            \"criteriaContext\": {\n                                                \"operator\": \"Default\",\n                                                \"resultValType\": \"expression\",\n                                                \"resultVal\": \"round(100*{Tab0Success}/{Tab0Total})\"\n                                            }\n                                        }\n                                    ]\n                                }\n                            ],\n                            \"style\": \"pills\",\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\"\n                        },\n                        \"name\": \"TabInvisibleParameters\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"## Hub and spoke\"\n                        },\n                        \"customWidth\": \"50\",\n                        \"name\": \"tab0title\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"Column1\\\\\\\": \\\\\\\"{Tab0Percent}\\\\\\\", \\\\\\\"Column2\\\\\\\": \\\\\\\"Percent of successful checks\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                            \"size\": 3,\n                            \"queryType\": 8,\n                            \"visualization\": \"tiles\",\n                            \"tileSettings\": {\n                                \"titleContent\": {\n                                    \"columnMatch\": \"Column1\",\n                                    \"formatter\": 4,\n                                    \"formatOptions\": {\n                                        \"min\": 0,\n                                        \"max\": 100,\n                                        \"palette\": \"redGreen\"\n                                    },\n                                    \"numberFormat\": {\n                                        \"unit\": 0,\n                                        \"options\": {\n                                            \"style\": \"decimal\"\n                                        }\n                                    }\n                                },\n                                \"subtitleContent\": {\n                                    \"columnMatch\": \"Column2\"\n                                },\n                                \"showBorder\": true\n                            }\n                        },\n                        \"customWidth\": \"50\",\n                        \"name\": \"TabPercentTile\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"If using Route Server, use a /27 prefix for the Route Server subnet. Check [this link](https://learn.microsoft.com/azure/route-server/quickstart-configure-route-server-portal#create-a-route-server-1) for further information.. [This training](https://learn.microsoft.com/training/modules/intro-to-azure-route-server/) can help to educate yourself on this.\"\n                        },\n                        \"name\": \"querytext0\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/virtualnetworks' | project id,subnets=properties.subnets | mv-expand subnets | project id, subnetName = subnets.name, subnetPrefix = subnets.properties.addressPrefix | extend subnetPrefixLength = split(subnetPrefix, '/')[1] | where subnetName == 'RouteServerSubnet' | extend compliant = (subnetPrefixLength <= 27) | distinct id, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query0\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"If you have more than 400 spoke networks in a region, deploy an additional hub to bypass VNet peering limits (500) and the maximum number of prefixes that can be advertised via ExpressRoute (1000). Check [this link](https://learn.microsoft.com/azure/azure-resource-manager/management/azure-subscription-service-limits?toc=/azure/virtual-network/toc.json#azure-resource-manager-virtual-networking-limits) for further information.. [This training](https://learn.microsoft.com/training/modules/hub-and-spoke-network-architecture/) can help to educate yourself on this.\"\n                        },\n                        \"name\": \"querytext1\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type == 'microsoft.network/virtualnetworks' | mvexpand properties.virtualNetworkPeerings | summarize peeringcount = count() by id | extend compliant = (peeringcount < 450) | distinct id,compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query1\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Limit the number of routes per route table to 400. Check [this link](https://learn.microsoft.com/azure/azure-resource-manager/management/azure-subscription-service-limits?toc=/azure/virtual-network/toc.json#azure-resource-manager-virtual-networking-limits) for further information.. [This training](https://learn.microsoft.com/training/modules/hub-and-spoke-network-architecture/) can help to educate yourself on this.\"\n                        },\n                        \"name\": \"querytext2\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/routetables' | mvexpand properties.routes | summarize routeCount = count() by id | extend compliant = (routeCount < 360) | distinct id,compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query2\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Use the setting 'Allow traffic to remote virtual network' when configuring VNet peerings. Check [this link](https://learn.microsoft.com/azure/virtual-network/virtual-network-manage-peering) for further information.. [This training](https://learn.microsoft.com/training/modules/hub-and-spoke-network-architecture/) can help to educate yourself on this.\"\n                        },\n                        \"name\": \"querytext3\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type == 'microsoft.network/virtualnetworks' | mvexpand properties.virtualNetworkPeerings | project id, peeringName=properties_virtualNetworkPeerings.name, compliant = (properties_virtualNetworkPeerings.properties.allowVirtualNetworkAccess == True) | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query3\"\n                    }\n                ]\n            },\n            \"conditionalVisibility\": {\n                \"parameterName\": \"VisibleTab\",\n                \"comparison\": \"isEqualTo\",\n                \"value\": \"tab0\"\n            },\n            \"name\": \"tab0\"\n        },\n        {\n            \"type\": 12,\n            \"content\": {\n                \"version\": \"NotebookGroup/1.0\",\n                \"groupType\": \"editable\",\n                \"items\": [\n                    {\n                        \"type\": 9,\n                        \"content\": {\n                            \"version\": \"KqlParameterItem/1.0\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"parameters\": [\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query6Stats\",\n                                    \"type\": 1,\n                                    \"query\": \"resources | where type=='microsoft.network/virtualnetworks' | project id,subnets=properties.subnets | mv-expand subnets | project id, subnetName = subnets.name, subnetPrefix = subnets.properties.addressPrefix | extend subnetPrefixLength = split(subnetPrefix, '/')[1] | where subnetName == 'AzureBastionSubnet' | extend compliant = (subnetPrefixLength <= 26) | distinct id, compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                                    \"crossComponentResources\": [\n                                        \"{Subscription}\"\n                                    ],\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 1,\n                                    \"resourceType\": \"microsoft.resourcegraph/resources\"\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query6FullyCompliant\",\n                                    \"type\": 1,\n                                    \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query6Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 8\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Tab1Success\",\n                                    \"type\": 1,\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"criteriaData\": [\n                                        {\n                                            \"criteriaContext\": {\n                                                \"operator\": \"Default\",\n                                                \"resultValType\": \"expression\",\n                                                \"resultVal\": \"{Query6Stats:$.Success}\"\n                                            }\n                                        }\n                                    ]\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Tab1Total\",\n                                    \"type\": 1,\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"criteriaData\": [\n                                        {\n                                            \"criteriaContext\": {\n                                                \"operator\": \"Default\",\n                                                \"resultValType\": \"expression\",\n                                                \"resultVal\": \"{Query6Stats:$.Total}\"\n                                            }\n                                        }\n                                    ]\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Tab1Percent\",\n                                    \"type\": 1,\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"criteriaData\": [\n                                        {\n                                            \"criteriaContext\": {\n                                                \"operator\": \"Default\",\n                                                \"resultValType\": \"expression\",\n                                                \"resultVal\": \"round(100*{Tab1Success}/{Tab1Total})\"\n                                            }\n                                        }\n                                    ]\n                                }\n                            ],\n                            \"style\": \"pills\",\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\"\n                        },\n                        \"name\": \"TabInvisibleParameters\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"## Internet\"\n                        },\n                        \"customWidth\": \"50\",\n                        \"name\": \"tab1title\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"Column1\\\\\\\": \\\\\\\"{Tab1Percent}\\\\\\\", \\\\\\\"Column2\\\\\\\": \\\\\\\"Percent of successful checks\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                            \"size\": 3,\n                            \"queryType\": 8,\n                            \"visualization\": \"tiles\",\n                            \"tileSettings\": {\n                                \"titleContent\": {\n                                    \"columnMatch\": \"Column1\",\n                                    \"formatter\": 4,\n                                    \"formatOptions\": {\n                                        \"min\": 0,\n                                        \"max\": 100,\n                                        \"palette\": \"redGreen\"\n                                    },\n                                    \"numberFormat\": {\n                                        \"unit\": 0,\n                                        \"options\": {\n                                            \"style\": \"decimal\"\n                                        }\n                                    }\n                                },\n                                \"subtitleContent\": {\n                                    \"columnMatch\": \"Column2\"\n                                },\n                                \"showBorder\": true\n                            }\n                        },\n                        \"customWidth\": \"50\",\n                        \"name\": \"TabPercentTile\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Use Azure Bastion in a subnet /26 or larger. Check [this link](https://learn.microsoft.com/azure/bastion/bastion-faq#subnet) for further information.. [This training](https://learn.microsoft.com/training/modules/intro-to-azure-bastion/) can help to educate yourself on this.\"\n                        },\n                        \"name\": \"querytext6\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/virtualnetworks' | project id,subnets=properties.subnets | mv-expand subnets | project id, subnetName = subnets.name, subnetPrefix = subnets.properties.addressPrefix | extend subnetPrefixLength = split(subnetPrefix, '/')[1] | where subnetName == 'AzureBastionSubnet' | extend compliant = (subnetPrefixLength <= 26) | distinct id, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query6\"\n                    }\n                ]\n            },\n            \"conditionalVisibility\": {\n                \"parameterName\": \"VisibleTab\",\n                \"comparison\": \"isEqualTo\",\n                \"value\": \"tab1\"\n            },\n            \"name\": \"tab1\"\n        },\n        {\n            \"type\": 12,\n            \"content\": {\n                \"version\": \"NotebookGroup/1.0\",\n                \"groupType\": \"editable\",\n                \"items\": [\n                    {\n                        \"type\": 9,\n                        \"content\": {\n                            \"version\": \"KqlParameterItem/1.0\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"parameters\": [\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query7Stats\",\n                                    \"type\": 1,\n                                    \"query\": \"resources| where type == 'microsoft.network/virtualnetworkgateways'| where properties.gatewayType =~ 'vpn' or properties.gatewayType == 'ExpressRoute'| extend SKUName = properties.sku.name, SKUTier = properties.sku.tier, Type = properties.gatewayType| extend compliant = SKUTier !in ('Basic', 'Standard')| project name, id, subscriptionId, resourceGroup, compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                                    \"crossComponentResources\": [\n                                        \"{Subscription}\"\n                                    ],\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 1,\n                                    \"resourceType\": \"microsoft.resourcegraph/resources\"\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query7FullyCompliant\",\n                                    \"type\": 1,\n                                    \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query7Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 8\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query8Stats\",\n                                    \"type\": 1,\n                                    \"query\": \"resources | where type=='microsoft.network/expressroutecircuits' | extend compliant = (tolower(sku.family) == 'metereddata' or tolower(sku.tier) == 'local') | distinct id,compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                                    \"crossComponentResources\": [\n                                        \"{Subscription}\"\n                                    ],\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 1,\n                                    \"resourceType\": \"microsoft.resourcegraph/resources\"\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query8FullyCompliant\",\n                                    \"type\": 1,\n                                    \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query8Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 8\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query9Stats\",\n                                    \"type\": 1,\n                                    \"query\": \"resources | where type=='microsoft.network/connections' | where properties.connectionType == 'ExpressRoute' | project id, gwid=tostring(properties.virtualNetworkGateway1.id), circuitid=tostring(properties.peer.id) | join (resources | where type=='microsoft.network/expressroutecircuits' | project circuitid=tostring(id), circuitsku=sku.tier) on circuitid | project id=gwid, compliant = (circuitsku == 'Local') | summarize compliant=max(compliant) by id| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                                    \"crossComponentResources\": [\n                                        \"{Subscription}\"\n                                    ],\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 1,\n                                    \"resourceType\": \"microsoft.resourcegraph/resources\"\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query9FullyCompliant\",\n                                    \"type\": 1,\n                                    \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query9Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 8\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query10Stats\",\n                                    \"type\": 1,\n                                    \"query\": \"resources| where type == 'microsoft.network/virtualnetworkgateways'| where properties.gatewayType =~ 'vpn' or properties.gatewayType == 'ExpressRoute'| extend SKUName = properties.sku.name, SKUTier = properties.sku.tier, Type = properties.gatewayType| extend compliant = SKUTier contains 'AZ'| project name, id, subscriptionId, resourceGroup, Type, compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                                    \"crossComponentResources\": [\n                                        \"{Subscription}\"\n                                    ],\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 1,\n                                    \"resourceType\": \"microsoft.resourcegraph/resources\"\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query10FullyCompliant\",\n                                    \"type\": 1,\n                                    \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query10Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 8\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query11Stats\",\n                                    \"type\": 1,\n                                    \"query\": \"resources | where type=='microsoft.network/virtualnetworkgateways' | where properties.gatewayType == 'Vpn' | extend compliant = (tolower(properties.sku.name) contains 'az') | distinct id, compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                                    \"crossComponentResources\": [\n                                        \"{Subscription}\"\n                                    ],\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 1,\n                                    \"resourceType\": \"microsoft.resourcegraph/resources\"\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query11FullyCompliant\",\n                                    \"type\": 1,\n                                    \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query11Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 8\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query12Stats\",\n                                    \"type\": 1,\n                                    \"query\": \"resources | where type=='microsoft.network/connections' | where properties.connectionType == 'ExpressRoute' | project cxId=id, gwId=tostring(properties.virtualNetworkGateway1.id), circuitId=tostring(properties.peer.id) | join (resources | where type=='microsoft.network/expressroutecircuits' | project circuitId=tostring(id), circuitLocation=tostring(properties.serviceProviderProperties.peeringLocation)) on circuitId | distinct gwId, circuitLocation | summarize countErLocations=count() by id=gwId | extend compliant = (countErLocations >= 2)| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                                    \"crossComponentResources\": [\n                                        \"{Subscription}\"\n                                    ],\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 1,\n                                    \"resourceType\": \"microsoft.resourcegraph/resources\"\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query12FullyCompliant\",\n                                    \"type\": 1,\n                                    \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query12Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 8\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query13Stats\",\n                                    \"type\": 1,\n                                    \"query\": \"resources | where type=='microsoft.network/virtualnetworks' | project id,resourceGroup,name,subnets=properties.subnets | mv-expand subnets | project id,resourceGroup,name,subnetName=tostring(subnets.name),routeTableId=tostring(subnets.properties.routeTable.id) | where subnetName == 'GatewaySubnet' | join kind=leftouter (Resources | where type == 'microsoft.network/routetables' | project routeTableName=name,routeTableId=id, disableBgpRoutePropagation=properties.disableBgpRoutePropagation) on routeTableId | project id,compliant = (disableBgpRoutePropagation == False or isnull(disableBgpRoutePropagation))| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                                    \"crossComponentResources\": [\n                                        \"{Subscription}\"\n                                    ],\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 1,\n                                    \"resourceType\": \"microsoft.resourcegraph/resources\"\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query13FullyCompliant\",\n                                    \"type\": 1,\n                                    \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query13Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 8\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Tab2Success\",\n                                    \"type\": 1,\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"criteriaData\": [\n                                        {\n                                            \"criteriaContext\": {\n                                                \"operator\": \"Default\",\n                                                \"resultValType\": \"expression\",\n                                                \"resultVal\": \"{Query7Stats:$.Success}+{Query8Stats:$.Success}+{Query9Stats:$.Success}+{Query10Stats:$.Success}+{Query11Stats:$.Success}+{Query12Stats:$.Success}+{Query13Stats:$.Success}\"\n                                            }\n                                        }\n                                    ]\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Tab2Total\",\n                                    \"type\": 1,\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"criteriaData\": [\n                                        {\n                                            \"criteriaContext\": {\n                                                \"operator\": \"Default\",\n                                                \"resultValType\": \"expression\",\n                                                \"resultVal\": \"{Query7Stats:$.Total}+{Query8Stats:$.Total}+{Query9Stats:$.Total}+{Query10Stats:$.Total}+{Query11Stats:$.Total}+{Query12Stats:$.Total}+{Query13Stats:$.Total}\"\n                                            }\n                                        }\n                                    ]\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Tab2Percent\",\n                                    \"type\": 1,\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"criteriaData\": [\n                                        {\n                                            \"criteriaContext\": {\n                                                \"operator\": \"Default\",\n                                                \"resultValType\": \"expression\",\n                                                \"resultVal\": \"round(100*{Tab2Success}/{Tab2Total})\"\n                                            }\n                                        }\n                                    ]\n                                }\n                            ],\n                            \"style\": \"pills\",\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\"\n                        },\n                        \"name\": \"TabInvisibleParameters\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"## Hybrid\"\n                        },\n                        \"customWidth\": \"50\",\n                        \"name\": \"tab2title\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"Column1\\\\\\\": \\\\\\\"{Tab2Percent}\\\\\\\", \\\\\\\"Column2\\\\\\\": \\\\\\\"Percent of successful checks\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                            \"size\": 3,\n                            \"queryType\": 8,\n                            \"visualization\": \"tiles\",\n                            \"tileSettings\": {\n                                \"titleContent\": {\n                                    \"columnMatch\": \"Column1\",\n                                    \"formatter\": 4,\n                                    \"formatOptions\": {\n                                        \"min\": 0,\n                                        \"max\": 100,\n                                        \"palette\": \"redGreen\"\n                                    },\n                                    \"numberFormat\": {\n                                        \"unit\": 0,\n                                        \"options\": {\n                                            \"style\": \"decimal\"\n                                        }\n                                    }\n                                },\n                                \"subtitleContent\": {\n                                    \"columnMatch\": \"Column2\"\n                                },\n                                \"showBorder\": true\n                            }\n                        },\n                        \"customWidth\": \"50\",\n                        \"name\": \"TabPercentTile\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Select the right SKU for the ExpressRoute/VPN gateways based on bandwidth and performance requirements. Check [this link](https://learn.microsoft.com/azure/expressroute/expressroute-about-virtual-network-gateways?source=recommendations#gwsku) for further information.. [This training](https://learn.microsoft.com/learn/modules/design-implement-azure-expressroute/) can help to educate yourself on this.\"\n                        },\n                        \"name\": \"querytext7\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources| where type == 'microsoft.network/virtualnetworkgateways'| where properties.gatewayType =~ 'vpn' or properties.gatewayType == 'ExpressRoute'| extend SKUName = properties.sku.name, SKUTier = properties.sku.tier, Type = properties.gatewayType| extend compliant = SKUTier !in ('Basic', 'Standard')| project name, id, subscriptionId, resourceGroup, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query7\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Ensure that you're using unlimited-data ExpressRoute circuits only if you reach the bandwidth that justifies their cost. Check [this link](https://learn.microsoft.com/azure/expressroute/plan-manage-cost) for further information.. [This training](https://learn.microsoft.com/training/modules/design-implement-azure-expressroute/) can help to educate yourself on this.\"\n                        },\n                        \"name\": \"querytext8\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/expressroutecircuits' | extend compliant = (tolower(sku.family) == 'metereddata' or tolower(sku.tier) == 'local') | distinct id,compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query8\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Leverage the Local SKU of ExpressRoute to reduce the cost of your circuits, if your circuit peering location supports your Azure regions for the Local SKU. Check [this link](https://learn.microsoft.com/azure/expressroute/expressroute-faqs#expressroute-local) for further information.. [This training](https://learn.microsoft.com/training/modules/design-implement-azure-expressroute/) can help to educate yourself on this.\"\n                        },\n                        \"name\": \"querytext9\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/connections' | where properties.connectionType == 'ExpressRoute' | project id, gwid=tostring(properties.virtualNetworkGateway1.id), circuitid=tostring(properties.peer.id) | join (resources | where type=='microsoft.network/expressroutecircuits' | project circuitid=tostring(id), circuitsku=sku.tier) on circuitid | project id=gwid, compliant = (circuitsku == 'Local') | summarize compliant=max(compliant) by id | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query9\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Deploy a zone-redundant ExpressRoute gateway in the supported Azure regions. Check [this link](https://learn.microsoft.com/azure/expressroute/expressroute-about-virtual-network-gateways) for further information.. [This training](https://learn.microsoft.com/learn/modules/design-implement-azure-expressroute/) can help to educate yourself on this.\"\n                        },\n                        \"name\": \"querytext10\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources| where type == 'microsoft.network/virtualnetworkgateways'| where properties.gatewayType =~ 'vpn' or properties.gatewayType == 'ExpressRoute'| extend SKUName = properties.sku.name, SKUTier = properties.sku.tier, Type = properties.gatewayType| extend compliant = SKUTier contains 'AZ'| project name, id, subscriptionId, resourceGroup, Type, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query10\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Use zone-redundant VPN gateways to connect branches or remote locations to Azure (where available). Check [this link](https://learn.microsoft.com/azure/vpn-gateway/create-zone-redundant-vnet-gateway) for further information.. [This training](https://learn.microsoft.com/training/modules/intro-to-azure-vpn-gateway/) can help to educate yourself on this.\"\n                        },\n                        \"name\": \"querytext11\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/virtualnetworkgateways' | where properties.gatewayType == 'Vpn' | extend compliant = (tolower(properties.sku.name) contains 'az') | distinct id, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query11\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Use ExpressRoute circuits from different peering locations for redundancy. Check [this link](https://learn.microsoft.com/azure/expressroute/designing-for-disaster-recovery-with-expressroute-privatepeering#need-for-redundant-connectivity-solution) for further information.. [This training](https://learn.microsoft.com/learn/modules/design-implement-azure-expressroute/) can help to educate yourself on this.\"\n                        },\n                        \"name\": \"querytext12\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/connections' | where properties.connectionType == 'ExpressRoute' | project cxId=id, gwId=tostring(properties.virtualNetworkGateway1.id), circuitId=tostring(properties.peer.id) | join (resources | where type=='microsoft.network/expressroutecircuits' | project circuitId=tostring(id), circuitLocation=tostring(properties.serviceProviderProperties.peeringLocation)) on circuitId | distinct gwId, circuitLocation | summarize countErLocations=count() by id=gwId | extend compliant = (countErLocations >= 2) | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query12\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"If you are using a route table in the GatewaySubnet, make sure that gateway routes are propagated. Check [this link](https://learn.microsoft.com/azure/vpn-gateway/vpn-gateway-about-vpn-gateway-settings#gwsub) for further information.\"\n                        },\n                        \"name\": \"querytext13\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/virtualnetworks' | project id,resourceGroup,name,subnets=properties.subnets | mv-expand subnets | project id,resourceGroup,name,subnetName=tostring(subnets.name),routeTableId=tostring(subnets.properties.routeTable.id) | where subnetName == 'GatewaySubnet' | join kind=leftouter (Resources | where type == 'microsoft.network/routetables' | project routeTableName=name,routeTableId=id, disableBgpRoutePropagation=properties.disableBgpRoutePropagation) on routeTableId | project id,compliant = (disableBgpRoutePropagation == False or isnull(disableBgpRoutePropagation)) | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query13\"\n                    }\n                ]\n            },\n            \"conditionalVisibility\": {\n                \"parameterName\": \"VisibleTab\",\n                \"comparison\": \"isEqualTo\",\n                \"value\": \"tab2\"\n            },\n            \"name\": \"tab2\"\n        },\n        {\n            \"type\": 12,\n            \"content\": {\n                \"version\": \"NotebookGroup/1.0\",\n                \"groupType\": \"editable\",\n                \"items\": [\n                    {\n                        \"type\": 9,\n                        \"content\": {\n                            \"version\": \"KqlParameterItem/1.0\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"parameters\": [\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query19Stats\",\n                                    \"type\": 1,\n                                    \"query\": \"resources | where type=='microsoft.network/virtualnetworks' | project id,subnets=properties.subnets | mv-expand subnets | project id, subnetName = subnets.name, subnetPrefix = subnets.properties.addressPrefix | extend subnetPrefixLength = split(subnetPrefix, '/')[1] | where subnetName == 'AzureFirewallSubnet' | extend compliant = (subnetPrefixLength == 26) | distinct id, compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                                    \"crossComponentResources\": [\n                                        \"{Subscription}\"\n                                    ],\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 1,\n                                    \"resourceType\": \"microsoft.resourcegraph/resources\"\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query19FullyCompliant\",\n                                    \"type\": 1,\n                                    \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query19Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 8\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query21Stats\",\n                                    \"type\": 1,\n                                    \"query\": \"resources | where type=='microsoft.network/virtualnetworks' | project id,subnets=properties.subnets | mv-expand subnets | project id, subnetName = subnets.name, subnetPrefix = subnets.properties.addressPrefix | extend subnetPrefixLength = split(subnetPrefix, '/')[1] | where subnetName == 'GatewaySubnet' | extend compliant = (subnetPrefixLength <= 27) | distinct id, compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                                    \"crossComponentResources\": [\n                                        \"{Subscription}\"\n                                    ],\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 1,\n                                    \"resourceType\": \"microsoft.resourcegraph/resources\"\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query21FullyCompliant\",\n                                    \"type\": 1,\n                                    \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query21Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 8\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query22Stats\",\n                                    \"type\": 1,\n                                    \"query\": \"resources | where type=='microsoft.network/networksecuritygroups' | mvexpand properties.securityRules | project id,name,ruleAction=properties_securityRules.properties.access,rulePriority=properties_securityRules.properties.priority,ruleDst=properties_securityRules.properties.destinationAddressPrefix,ruleSrc=properties_securityRules.properties.sourceAddressPrefix,ruleProt=properties_securityRules.properties.protocol,ruleDirection=properties_securityRules.properties.direction,rulePort=properties_securityRules.properties.destinationPortRange | summarize StarDenies=countif(ruleAction=='Deny' and ruleDst=='*' and ruleSrc=='*' and ruleProt=='*' and rulePort=='*') by id,tostring(ruleDirection) | where ruleDirection == 'Inbound' | project id,compliant=(StarDenies>0) | union (resources | where type=='microsoft.network/networksecuritygroups' | where array_length(properties.securityRules)==0 | extend compliant=false | project id,compliant)| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                                    \"crossComponentResources\": [\n                                        \"{Subscription}\"\n                                    ],\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 1,\n                                    \"resourceType\": \"microsoft.resourcegraph/resources\"\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query22FullyCompliant\",\n                                    \"type\": 1,\n                                    \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query22Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 8\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query23Stats\",\n                                    \"type\": 1,\n                                    \"query\": \"resources | where type == 'microsoft.network/networksecuritygroups' | project id, rules = array_length(properties.securityRules) | project id, compliant = (rules < 900)| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                                    \"crossComponentResources\": [\n                                        \"{Subscription}\"\n                                    ],\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 1,\n                                    \"resourceType\": \"microsoft.resourcegraph/resources\"\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query23FullyCompliant\",\n                                    \"type\": 1,\n                                    \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query23Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 8\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Tab3Success\",\n                                    \"type\": 1,\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"criteriaData\": [\n                                        {\n                                            \"criteriaContext\": {\n                                                \"operator\": \"Default\",\n                                                \"resultValType\": \"expression\",\n                                                \"resultVal\": \"{Query19Stats:$.Success}+{Query21Stats:$.Success}+{Query22Stats:$.Success}+{Query23Stats:$.Success}\"\n                                            }\n                                        }\n                                    ]\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Tab3Total\",\n                                    \"type\": 1,\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"criteriaData\": [\n                                        {\n                                            \"criteriaContext\": {\n                                                \"operator\": \"Default\",\n                                                \"resultValType\": \"expression\",\n                                                \"resultVal\": \"{Query19Stats:$.Total}+{Query21Stats:$.Total}+{Query22Stats:$.Total}+{Query23Stats:$.Total}\"\n                                            }\n                                        }\n                                    ]\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Tab3Percent\",\n                                    \"type\": 1,\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"criteriaData\": [\n                                        {\n                                            \"criteriaContext\": {\n                                                \"operator\": \"Default\",\n                                                \"resultValType\": \"expression\",\n                                                \"resultVal\": \"round(100*{Tab3Success}/{Tab3Total})\"\n                                            }\n                                        }\n                                    ]\n                                }\n                            ],\n                            \"style\": \"pills\",\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\"\n                        },\n                        \"name\": \"TabInvisibleParameters\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"## Segmentation\"\n                        },\n                        \"customWidth\": \"50\",\n                        \"name\": \"tab3title\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"Column1\\\\\\\": \\\\\\\"{Tab3Percent}\\\\\\\", \\\\\\\"Column2\\\\\\\": \\\\\\\"Percent of successful checks\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                            \"size\": 3,\n                            \"queryType\": 8,\n                            \"visualization\": \"tiles\",\n                            \"tileSettings\": {\n                                \"titleContent\": {\n                                    \"columnMatch\": \"Column1\",\n                                    \"formatter\": 4,\n                                    \"formatOptions\": {\n                                        \"min\": 0,\n                                        \"max\": 100,\n                                        \"palette\": \"redGreen\"\n                                    },\n                                    \"numberFormat\": {\n                                        \"unit\": 0,\n                                        \"options\": {\n                                            \"style\": \"decimal\"\n                                        }\n                                    }\n                                },\n                                \"subtitleContent\": {\n                                    \"columnMatch\": \"Column2\"\n                                },\n                                \"showBorder\": true\n                            }\n                        },\n                        \"customWidth\": \"50\",\n                        \"name\": \"TabPercentTile\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Use a /26 prefix for your Azure Firewall subnets. Check [this link](https://learn.microsoft.com/azure/firewall/firewall-faq#why-does-azure-firewall-need-a--26-subnet-size) for further information.. [This training](https://learn.microsoft.com/training/modules/introduction-azure-firewall/) can help to educate yourself on this.\"\n                        },\n                        \"name\": \"querytext19\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/virtualnetworks' | project id,subnets=properties.subnets | mv-expand subnets | project id, subnetName = subnets.name, subnetPrefix = subnets.properties.addressPrefix | extend subnetPrefixLength = split(subnetPrefix, '/')[1] | where subnetName == 'AzureFirewallSubnet' | extend compliant = (subnetPrefixLength == 26) | distinct id, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query19\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Use at least a /27 prefix for your Gateway subnets. Check [this link](https://learn.microsoft.com/azure/expressroute/expressroute-howto-add-gateway-resource-manager#add-a-gateway) for further information.\"\n                        },\n                        \"name\": \"querytext21\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/virtualnetworks' | project id,subnets=properties.subnets | mv-expand subnets | project id, subnetName = subnets.name, subnetPrefix = subnets.properties.addressPrefix | extend subnetPrefixLength = split(subnetPrefix, '/')[1] | where subnetName == 'GatewaySubnet' | extend compliant = (subnetPrefixLength <= 27) | distinct id, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query21\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Don't rely on the NSG inbound default rules using the VirtualNetwork service tag to limit connectivity. Check [this link](https://learn.microsoft.com/azure/virtual-network/service-tags-overview#available-service-tags) for further information.\"\n                        },\n                        \"name\": \"querytext22\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/networksecuritygroups' | mvexpand properties.securityRules | project id,name,ruleAction=properties_securityRules.properties.access,rulePriority=properties_securityRules.properties.priority,ruleDst=properties_securityRules.properties.destinationAddressPrefix,ruleSrc=properties_securityRules.properties.sourceAddressPrefix,ruleProt=properties_securityRules.properties.protocol,ruleDirection=properties_securityRules.properties.direction,rulePort=properties_securityRules.properties.destinationPortRange | summarize StarDenies=countif(ruleAction=='Deny' and ruleDst=='*' and ruleSrc=='*' and ruleProt=='*' and rulePort=='*') by id,tostring(ruleDirection) | where ruleDirection == 'Inbound' | project id,compliant=(StarDenies>0) | union (resources | where type=='microsoft.network/networksecuritygroups' | where array_length(properties.securityRules)==0 | extend compliant=false | project id,compliant) | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query22\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Do not implement more than 900 NSG rules per NSG, due to the limit of 1000 rules. Check [this link](https://learn.microsoft.com/azure/azure-resource-manager/management/azure-subscription-service-limits) for further information.. [This training](https://learn.microsoft.com/azure/virtual-network/network-security-group-how-it-works) can help to educate yourself on this.\"\n                        },\n                        \"name\": \"querytext23\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type == 'microsoft.network/networksecuritygroups' | project id, rules = array_length(properties.securityRules) | project id, compliant = (rules < 900) | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query23\"\n                    }\n                ]\n            },\n            \"conditionalVisibility\": {\n                \"parameterName\": \"VisibleTab\",\n                \"comparison\": \"isEqualTo\",\n                \"value\": \"tab3\"\n            },\n            \"name\": \"tab3\"\n        },\n        {\n            \"type\": 12,\n            \"content\": {\n                \"version\": \"NotebookGroup/1.0\",\n                \"groupType\": \"editable\",\n                \"items\": [\n                    {\n                        \"type\": 9,\n                        \"content\": {\n                            \"version\": \"KqlParameterItem/1.0\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"parameters\": [\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query4Stats\",\n                                    \"type\": 1,\n                                    \"query\": \"resources | where type == 'microsoft.network/virtualnetworks' | extend addressSpace = todynamic(properties.addressSpace) | extend addressPrefix = todynamic(properties.addressSpace.addressPrefixes) | mvexpand addressSpace | mvexpand addressPrefix | project name, id, location, resourceGroup, subscriptionId, cidr = addressPrefix | extend compliant = (cidr matches regex @'^(10\\\\.|172\\\\.(1[6-9]|2[0-9]|3[01])\\\\.|192\\\\.168\\\\.)')  | project id, compliant, cidr| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                                    \"crossComponentResources\": [\n                                        \"{Subscription}\"\n                                    ],\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 1,\n                                    \"resourceType\": \"microsoft.resourcegraph/resources\"\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query4FullyCompliant\",\n                                    \"type\": 1,\n                                    \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query4Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 8\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query5Stats\",\n                                    \"type\": 1,\n                                    \"query\": \"resources | where type == 'microsoft.network/virtualnetworks' | extend addressSpace = todynamic(properties.addressSpace) | extend addressPrefix = todynamic(properties.addressSpace.addressPrefixes) | mvexpand addressSpace | mvexpand addressPrefix | extend addressMask = split(addressPrefix,'/')[1] | extend compliant = addressMask > 16 | project name, id, subscriptionId, resourceGroup, addressPrefix, compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                                    \"crossComponentResources\": [\n                                        \"{Subscription}\"\n                                    ],\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 1,\n                                    \"resourceType\": \"microsoft.resourcegraph/resources\"\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query5FullyCompliant\",\n                                    \"type\": 1,\n                                    \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query5Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 8\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Tab4Success\",\n                                    \"type\": 1,\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"criteriaData\": [\n                                        {\n                                            \"criteriaContext\": {\n                                                \"operator\": \"Default\",\n                                                \"resultValType\": \"expression\",\n                                                \"resultVal\": \"{Query4Stats:$.Success}+{Query5Stats:$.Success}\"\n                                            }\n                                        }\n                                    ]\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Tab4Total\",\n                                    \"type\": 1,\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"criteriaData\": [\n                                        {\n                                            \"criteriaContext\": {\n                                                \"operator\": \"Default\",\n                                                \"resultValType\": \"expression\",\n                                                \"resultVal\": \"{Query4Stats:$.Total}+{Query5Stats:$.Total}\"\n                                            }\n                                        }\n                                    ]\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Tab4Percent\",\n                                    \"type\": 1,\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"criteriaData\": [\n                                        {\n                                            \"criteriaContext\": {\n                                                \"operator\": \"Default\",\n                                                \"resultValType\": \"expression\",\n                                                \"resultVal\": \"round(100*{Tab4Success}/{Tab4Total})\"\n                                            }\n                                        }\n                                    ]\n                                }\n                            ],\n                            \"style\": \"pills\",\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\"\n                        },\n                        \"name\": \"TabInvisibleParameters\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"## IP plan\"\n                        },\n                        \"customWidth\": \"50\",\n                        \"name\": \"tab4title\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"Column1\\\\\\\": \\\\\\\"{Tab4Percent}\\\\\\\", \\\\\\\"Column2\\\\\\\": \\\\\\\"Percent of successful checks\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                            \"size\": 3,\n                            \"queryType\": 8,\n                            \"visualization\": \"tiles\",\n                            \"tileSettings\": {\n                                \"titleContent\": {\n                                    \"columnMatch\": \"Column1\",\n                                    \"formatter\": 4,\n                                    \"formatOptions\": {\n                                        \"min\": 0,\n                                        \"max\": 100,\n                                        \"palette\": \"redGreen\"\n                                    },\n                                    \"numberFormat\": {\n                                        \"unit\": 0,\n                                        \"options\": {\n                                            \"style\": \"decimal\"\n                                        }\n                                    }\n                                },\n                                \"subtitleContent\": {\n                                    \"columnMatch\": \"Column2\"\n                                },\n                                \"showBorder\": true\n                            }\n                        },\n                        \"customWidth\": \"50\",\n                        \"name\": \"TabPercentTile\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Use IP addresses from the address allocation ranges for private internets (RFC 1918). Check [this link](https://learn.microsoft.com/azure/cloud-adoption-framework/ready/azure-best-practices/plan-for-ip-addressing) for further information.. [This training](https://learn.microsoft.com/learn/paths/architect-network-infrastructure/) can help to educate yourself on this.\"\n                        },\n                        \"name\": \"querytext4\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type == 'microsoft.network/virtualnetworks' | extend addressSpace = todynamic(properties.addressSpace) | extend addressPrefix = todynamic(properties.addressSpace.addressPrefixes) | mvexpand addressSpace | mvexpand addressPrefix | project name, id, location, resourceGroup, subscriptionId, cidr = addressPrefix | extend compliant = (cidr matches regex @'^(10\\\\.|172\\\\.(1[6-9]|2[0-9]|3[01])\\\\.|192\\\\.168\\\\.)')  | project id, compliant, cidr | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query4\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Ensure that IP address space isn't wasted, don't create unnecessarily large virtual networks (for example /16). Check [this link](https://learn.microsoft.com/azure/cloud-adoption-framework/ready/azure-best-practices/plan-for-ip-addressing) for further information.. [This training](https://learn.microsoft.com/learn/paths/architect-network-infrastructure/) can help to educate yourself on this.\"\n                        },\n                        \"name\": \"querytext5\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type == 'microsoft.network/virtualnetworks' | extend addressSpace = todynamic(properties.addressSpace) | extend addressPrefix = todynamic(properties.addressSpace.addressPrefixes) | mvexpand addressSpace | mvexpand addressPrefix | extend addressMask = split(addressPrefix,'/')[1] | extend compliant = addressMask > 16 | project name, id, subscriptionId, resourceGroup, addressPrefix, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query5\"\n                    }\n                ]\n            },\n            \"conditionalVisibility\": {\n                \"parameterName\": \"VisibleTab\",\n                \"comparison\": \"isEqualTo\",\n                \"value\": \"tab4\"\n            },\n            \"name\": \"tab4\"\n        },\n        {\n            \"type\": 12,\n            \"content\": {\n                \"version\": \"NotebookGroup/1.0\",\n                \"groupType\": \"editable\",\n                \"items\": [\n                    {\n                        \"type\": 9,\n                        \"content\": {\n                            \"version\": \"KqlParameterItem/1.0\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"parameters\": [\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query20Stats\",\n                                    \"type\": 1,\n                                    \"query\": \"resources | where type =~ 'microsoft.network/virtualnetworks' | project id,resourceGroup,name,subnets = properties.subnets | mv-expand subnets | project id = subnets.id, resourceGroup, VNet = name, serviceEndpoints = subnets.properties.serviceEndpoints, compliant = (isnull(subnets.properties.serviceEndpoints) or array_length(subnets.properties.serviceEndpoints) == 0) | order by compliant asc| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                                    \"crossComponentResources\": [\n                                        \"{Subscription}\"\n                                    ],\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 1,\n                                    \"resourceType\": \"microsoft.resourcegraph/resources\"\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query20FullyCompliant\",\n                                    \"type\": 1,\n                                    \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query20Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 8\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Tab5Success\",\n                                    \"type\": 1,\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"criteriaData\": [\n                                        {\n                                            \"criteriaContext\": {\n                                                \"operator\": \"Default\",\n                                                \"resultValType\": \"expression\",\n                                                \"resultVal\": \"{Query20Stats:$.Success}\"\n                                            }\n                                        }\n                                    ]\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Tab5Total\",\n                                    \"type\": 1,\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"criteriaData\": [\n                                        {\n                                            \"criteriaContext\": {\n                                                \"operator\": \"Default\",\n                                                \"resultValType\": \"expression\",\n                                                \"resultVal\": \"{Query20Stats:$.Total}\"\n                                            }\n                                        }\n                                    ]\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Tab5Percent\",\n                                    \"type\": 1,\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"criteriaData\": [\n                                        {\n                                            \"criteriaContext\": {\n                                                \"operator\": \"Default\",\n                                                \"resultValType\": \"expression\",\n                                                \"resultVal\": \"round(100*{Tab5Success}/{Tab5Total})\"\n                                            }\n                                        }\n                                    ]\n                                }\n                            ],\n                            \"style\": \"pills\",\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\"\n                        },\n                        \"name\": \"TabInvisibleParameters\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"## PaaS\"\n                        },\n                        \"customWidth\": \"50\",\n                        \"name\": \"tab5title\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"Column1\\\\\\\": \\\\\\\"{Tab5Percent}\\\\\\\", \\\\\\\"Column2\\\\\\\": \\\\\\\"Percent of successful checks\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                            \"size\": 3,\n                            \"queryType\": 8,\n                            \"visualization\": \"tiles\",\n                            \"tileSettings\": {\n                                \"titleContent\": {\n                                    \"columnMatch\": \"Column1\",\n                                    \"formatter\": 4,\n                                    \"formatOptions\": {\n                                        \"min\": 0,\n                                        \"max\": 100,\n                                        \"palette\": \"redGreen\"\n                                    },\n                                    \"numberFormat\": {\n                                        \"unit\": 0,\n                                        \"options\": {\n                                            \"style\": \"decimal\"\n                                        }\n                                    }\n                                },\n                                \"subtitleContent\": {\n                                    \"columnMatch\": \"Column2\"\n                                },\n                                \"showBorder\": true\n                            }\n                        },\n                        \"customWidth\": \"50\",\n                        \"name\": \"TabPercentTile\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Don't enable virtual network service endpoints by default on all subnets. Check [this link](https://learn.microsoft.com/azure/virtual-network/virtual-network-service-endpoints-overview) for further information.. [This training](https://learn.microsoft.com/learn/paths/implement-network-security/?source=learn) can help to educate yourself on this.\"\n                        },\n                        \"name\": \"querytext20\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type =~ 'microsoft.network/virtualnetworks' | project id,resourceGroup,name,subnets = properties.subnets | mv-expand subnets | project id = subnets.id, resourceGroup, VNet = name, serviceEndpoints = subnets.properties.serviceEndpoints, compliant = (isnull(subnets.properties.serviceEndpoints) or array_length(subnets.properties.serviceEndpoints) == 0) | order by compliant asc | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query20\"\n                    }\n                ]\n            },\n            \"conditionalVisibility\": {\n                \"parameterName\": \"VisibleTab\",\n                \"comparison\": \"isEqualTo\",\n                \"value\": \"tab5\"\n            },\n            \"name\": \"tab5\"\n        },\n        {\n            \"type\": 12,\n            \"content\": {\n                \"version\": \"NotebookGroup/1.0\",\n                \"groupType\": \"editable\",\n                \"items\": [\n                    {\n                        \"type\": 9,\n                        \"content\": {\n                            \"version\": \"KqlParameterItem/1.0\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"parameters\": [\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query24Stats\",\n                                    \"type\": 1,\n                                    \"query\": \"resources | where type=='microsoft.network/virtualhubs' | extend compliant = isnotnull(properties.azureFirewall.id) | project id, compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                                    \"crossComponentResources\": [\n                                        \"{Subscription}\"\n                                    ],\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 1,\n                                    \"resourceType\": \"microsoft.resourcegraph/resources\"\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query24FullyCompliant\",\n                                    \"type\": 1,\n                                    \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query24Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 8\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Tab6Success\",\n                                    \"type\": 1,\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"criteriaData\": [\n                                        {\n                                            \"criteriaContext\": {\n                                                \"operator\": \"Default\",\n                                                \"resultValType\": \"expression\",\n                                                \"resultVal\": \"{Query24Stats:$.Success}\"\n                                            }\n                                        }\n                                    ]\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Tab6Total\",\n                                    \"type\": 1,\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"criteriaData\": [\n                                        {\n                                            \"criteriaContext\": {\n                                                \"operator\": \"Default\",\n                                                \"resultValType\": \"expression\",\n                                                \"resultVal\": \"{Query24Stats:$.Total}\"\n                                            }\n                                        }\n                                    ]\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Tab6Percent\",\n                                    \"type\": 1,\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"criteriaData\": [\n                                        {\n                                            \"criteriaContext\": {\n                                                \"operator\": \"Default\",\n                                                \"resultValType\": \"expression\",\n                                                \"resultVal\": \"round(100*{Tab6Success}/{Tab6Total})\"\n                                            }\n                                        }\n                                    ]\n                                }\n                            ],\n                            \"style\": \"pills\",\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\"\n                        },\n                        \"name\": \"TabInvisibleParameters\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"## Virtual WAN\"\n                        },\n                        \"customWidth\": \"50\",\n                        \"name\": \"tab6title\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"Column1\\\\\\\": \\\\\\\"{Tab6Percent}\\\\\\\", \\\\\\\"Column2\\\\\\\": \\\\\\\"Percent of successful checks\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                            \"size\": 3,\n                            \"queryType\": 8,\n                            \"visualization\": \"tiles\",\n                            \"tileSettings\": {\n                                \"titleContent\": {\n                                    \"columnMatch\": \"Column1\",\n                                    \"formatter\": 4,\n                                    \"formatOptions\": {\n                                        \"min\": 0,\n                                        \"max\": 100,\n                                        \"palette\": \"redGreen\"\n                                    },\n                                    \"numberFormat\": {\n                                        \"unit\": 0,\n                                        \"options\": {\n                                            \"style\": \"decimal\"\n                                        }\n                                    }\n                                },\n                                \"subtitleContent\": {\n                                    \"columnMatch\": \"Column2\"\n                                },\n                                \"showBorder\": true\n                            }\n                        },\n                        \"customWidth\": \"50\",\n                        \"name\": \"TabPercentTile\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"For outbound Internet traffic protection and filtering, deploy Azure Firewall in secured hubs. Check [this link](https://learn.microsoft.com/azure/virtual-wan/howto-firewall) for further information.. [This training](https://learn.microsoft.com/learn/paths/secure-networking-infrastructure/) can help to educate yourself on this.\"\n                        },\n                        \"name\": \"querytext24\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/virtualhubs' | extend compliant = isnotnull(properties.azureFirewall.id) | project id, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query24\"\n                    }\n                ]\n            },\n            \"conditionalVisibility\": {\n                \"parameterName\": \"VisibleTab\",\n                \"comparison\": \"isEqualTo\",\n                \"value\": \"tab6\"\n            },\n            \"name\": \"tab6\"\n        },\n        {\n            \"type\": 12,\n            \"content\": {\n                \"version\": \"NotebookGroup/1.0\",\n                \"groupType\": \"editable\",\n                \"items\": [\n                    {\n                        \"type\": 9,\n                        \"content\": {\n                            \"version\": \"KqlParameterItem/1.0\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"parameters\": [\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query14Stats\",\n                                    \"type\": 1,\n                                    \"query\": \"resources | where type=='microsoft.network/firewallpolicies' | extend compliant = (properties.dnsSettings.enableProxy == true) | distinct id,compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                                    \"crossComponentResources\": [\n                                        \"{Subscription}\"\n                                    ],\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 1,\n                                    \"resourceType\": \"microsoft.resourcegraph/resources\"\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query14FullyCompliant\",\n                                    \"type\": 1,\n                                    \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query14Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 8\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query15Stats\",\n                                    \"type\": 1,\n                                    \"query\": \"resources | where type=='microsoft.network/firewallpolicies' | extend compliant = (properties.sku.tier == 'Premium') | distinct id,compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                                    \"crossComponentResources\": [\n                                        \"{Subscription}\"\n                                    ],\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 1,\n                                    \"resourceType\": \"microsoft.resourcegraph/resources\"\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query15FullyCompliant\",\n                                    \"type\": 1,\n                                    \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query15Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 8\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query16Stats\",\n                                    \"type\": 1,\n                                    \"query\": \"resources | where type=='microsoft.network/firewallpolicies' | extend compliant = (properties.threatIntelMode == 'Deny') | distinct id,compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                                    \"crossComponentResources\": [\n                                        \"{Subscription}\"\n                                    ],\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 1,\n                                    \"resourceType\": \"microsoft.resourcegraph/resources\"\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query16FullyCompliant\",\n                                    \"type\": 1,\n                                    \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query16Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 8\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query17Stats\",\n                                    \"type\": 1,\n                                    \"query\": \"resources | where type=='microsoft.network/firewallpolicies' | extend compliant = (properties.intrusionDetection.mode == 'Deny') | project id, compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                                    \"crossComponentResources\": [\n                                        \"{Subscription}\"\n                                    ],\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 1,\n                                    \"resourceType\": \"microsoft.resourcegraph/resources\"\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query17FullyCompliant\",\n                                    \"type\": 1,\n                                    \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query17Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 8\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query18Stats\",\n                                    \"type\": 1,\n                                    \"query\": \"resources | where type=='microsoft.network/virtualnetworks' | project id,resourceGroup,name,subnets=properties.subnets | mv-expand subnets | project id,name,subnetId=tostring(subnets.id), subnetName=tostring(subnets.name),subnetRT=subnets.properties.routeTable.id | where not (subnetName in ('GatewaySubnet', 'AzureFirewallSubnet', 'RouteServerSubnet', 'AzureBastionSubnet')) | extend hasRT = isnotnull(subnetRT) | distinct id, hasRT, subnetId | join kind=fullouter (resources | where type == 'microsoft.network/virtualnetworks' | mvexpand properties.virtualNetworkPeerings | extend isVWAN=(tolower(split(properties_virtualNetworkPeerings.name, '_')[0]) == 'remotevnettohubpeering') | mv-expand properties.subnets | project id, isVWAN, name, subnetId=tostring(properties_subnets.id), subnetName=tostring(properties_subnets.name) | summarize PeeredToVWAN=max(isVWAN) by id, subnetId | project id, subnetId, isVWANpeer = (PeeredToVWAN == true)) on subnetId | project id=iff(isnotempty(id), id, id1), subnetId=iff(isnotempty(subnetId), subnetId, subnetId1), hasRT, isVWANpeer | extend compliant = (hasRT==true or isVWANpeer==true) | distinct id, subnetId, compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                                    \"crossComponentResources\": [\n                                        \"{Subscription}\"\n                                    ],\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 1,\n                                    \"resourceType\": \"microsoft.resourcegraph/resources\"\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query18FullyCompliant\",\n                                    \"type\": 1,\n                                    \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query18Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 8\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Tab7Success\",\n                                    \"type\": 1,\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"criteriaData\": [\n                                        {\n                                            \"criteriaContext\": {\n                                                \"operator\": \"Default\",\n                                                \"resultValType\": \"expression\",\n                                                \"resultVal\": \"{Query14Stats:$.Success}+{Query15Stats:$.Success}+{Query16Stats:$.Success}+{Query17Stats:$.Success}+{Query18Stats:$.Success}\"\n                                            }\n                                        }\n                                    ]\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Tab7Total\",\n                                    \"type\": 1,\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"criteriaData\": [\n                                        {\n                                            \"criteriaContext\": {\n                                                \"operator\": \"Default\",\n                                                \"resultValType\": \"expression\",\n                                                \"resultVal\": \"{Query14Stats:$.Total}+{Query15Stats:$.Total}+{Query16Stats:$.Total}+{Query17Stats:$.Total}+{Query18Stats:$.Total}\"\n                                            }\n                                        }\n                                    ]\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Tab7Percent\",\n                                    \"type\": 1,\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"criteriaData\": [\n                                        {\n                                            \"criteriaContext\": {\n                                                \"operator\": \"Default\",\n                                                \"resultValType\": \"expression\",\n                                                \"resultVal\": \"round(100*{Tab7Success}/{Tab7Total})\"\n                                            }\n                                        }\n                                    ]\n                                }\n                            ],\n                            \"style\": \"pills\",\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\"\n                        },\n                        \"name\": \"TabInvisibleParameters\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"## Firewall\"\n                        },\n                        \"customWidth\": \"50\",\n                        \"name\": \"tab7title\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"Column1\\\\\\\": \\\\\\\"{Tab7Percent}\\\\\\\", \\\\\\\"Column2\\\\\\\": \\\\\\\"Percent of successful checks\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                            \"size\": 3,\n                            \"queryType\": 8,\n                            \"visualization\": \"tiles\",\n                            \"tileSettings\": {\n                                \"titleContent\": {\n                                    \"columnMatch\": \"Column1\",\n                                    \"formatter\": 4,\n                                    \"formatOptions\": {\n                                        \"min\": 0,\n                                        \"max\": 100,\n                                        \"palette\": \"redGreen\"\n                                    },\n                                    \"numberFormat\": {\n                                        \"unit\": 0,\n                                        \"options\": {\n                                            \"style\": \"decimal\"\n                                        }\n                                    }\n                                },\n                                \"subtitleContent\": {\n                                    \"columnMatch\": \"Column2\"\n                                },\n                                \"showBorder\": true\n                            }\n                        },\n                        \"customWidth\": \"50\",\n                        \"name\": \"TabPercentTile\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Use application rules to filter outbound traffic on destination host name for supported protocols.  Use FQDN-based network rules and Azure Firewall with DNS proxy to filter egress traffic to the Internet over other protocols. Check [this link](https://learn.microsoft.com/azure/firewall/fqdn-filtering-network-rules) for further information.. [This training](https://learn.microsoft.com/learn/paths/secure-networking-infrastructure/) can help to educate yourself on this.\"\n                        },\n                        \"name\": \"querytext14\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/firewallpolicies' | extend compliant = (properties.dnsSettings.enableProxy == true) | distinct id,compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query14\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Use Azure Firewall Premium to enable additional security features. Check [this link](https://learn.microsoft.com/azure/firewall/premium-features) for further information.. [This training](https://learn.microsoft.com/training/modules/introduction-azure-firewall/) can help to educate yourself on this.\"\n                        },\n                        \"name\": \"querytext15\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/firewallpolicies' | extend compliant = (properties.sku.tier == 'Premium') | distinct id,compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query15\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Configure Azure Firewall Threat Intelligence mode to Alert and Deny for additional protection. Check [this link](https://learn.microsoft.com/azure/firewall/premium-features#idps-signature-rules) for further information.\"\n                        },\n                        \"name\": \"querytext16\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/firewallpolicies' | extend compliant = (properties.threatIntelMode == 'Deny') | distinct id,compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query16\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Configure Azure Firewall IDPS mode to Deny for additional protection. Check [this link](https://learn.microsoft.com/azure/firewall/premium-features#idps) for further information.. [This training](https://learn.microsoft.com/training/modules/introduction-azure-firewall/) can help to educate yourself on this.\"\n                        },\n                        \"name\": \"querytext17\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/firewallpolicies' | extend compliant = (properties.intrusionDetection.mode == 'Deny') | project id, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query17\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"For subnets in VNets not connected to Virtual WAN, attach a route table so that Internet traffic is redirected to Azure Firewall or a Network Virtual Appliance. Check [this link](https://learn.microsoft.com/azure/virtual-network/virtual-networks-udr-overview) for further information.\"\n                        },\n                        \"name\": \"querytext18\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/virtualnetworks' | project id,resourceGroup,name,subnets=properties.subnets | mv-expand subnets | project id,name,subnetId=tostring(subnets.id), subnetName=tostring(subnets.name),subnetRT=subnets.properties.routeTable.id | where not (subnetName in ('GatewaySubnet', 'AzureFirewallSubnet', 'RouteServerSubnet', 'AzureBastionSubnet')) | extend hasRT = isnotnull(subnetRT) | distinct id, hasRT, subnetId | join kind=fullouter (resources | where type == 'microsoft.network/virtualnetworks' | mvexpand properties.virtualNetworkPeerings | extend isVWAN=(tolower(split(properties_virtualNetworkPeerings.name, '_')[0]) == 'remotevnettohubpeering') | mv-expand properties.subnets | project id, isVWAN, name, subnetId=tostring(properties_subnets.id), subnetName=tostring(properties_subnets.name) | summarize PeeredToVWAN=max(isVWAN) by id, subnetId | project id, subnetId, isVWANpeer = (PeeredToVWAN == true)) on subnetId | project id=iff(isnotempty(id), id, id1), subnetId=iff(isnotempty(subnetId), subnetId, subnetId1), hasRT, isVWANpeer | extend compliant = (hasRT==true or isVWANpeer==true) | distinct id, subnetId, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query18\"\n                    }\n                ]\n            },\n            \"conditionalVisibility\": {\n                \"parameterName\": \"VisibleTab\",\n                \"comparison\": \"isEqualTo\",\n                \"value\": \"tab7\"\n            },\n            \"name\": \"tab7\"\n        }\n    ],\n    \"$schema\": \"https://github.com/Microsoft/Application-Insights-Workbooks/blob/master/schema/workbook.json\"\n}",
                 "version": "1.0",
                 "sourceId": "[parameters('workbookSourceId')]",
                 "category": "[parameters('workbookType')]"
diff --git a/workbooks/alz_checklist.en_network_workbook.json b/workbooks/alz_checklist.en_network_workbook.json
index 9beeb03fc..9c60f1484 100644
--- a/workbooks/alz_checklist.en_network_workbook.json
+++ b/workbooks/alz_checklist.en_network_workbook.json
@@ -70,75 +70,75 @@
                 "style": "tabs",
                 "links": [
                     {
-                        "id": "ed16216c-bd43-4d2d-8686-470ea28e511d",
+                        "id": "6a916b89-e6c9-4f47-b398-f44ddfb863f0",
                         "cellValue": "VisibleTab",
                         "linkTarget": "parameter",
-                        "linkLabel": "Firewall",
+                        "linkLabel": "Segmentation",
                         "subTarget": "tab0",
-                        "preText": "Firewall",
+                        "preText": "Segmentation",
                         "style": "primary"
                     },
                     {
-                        "id": "32277772-9a8d-42ce-9d09-aac5991e7095",
+                        "id": "e6e4fc2f-d66c-4056-b368-fec55231ac0f",
                         "cellValue": "VisibleTab",
                         "linkTarget": "parameter",
-                        "linkLabel": "Virtual WAN",
+                        "linkLabel": "Hybrid",
                         "subTarget": "tab1",
-                        "preText": "Virtual WAN",
+                        "preText": "Hybrid",
                         "style": "primary"
                     },
                     {
-                        "id": "768c42e4-b038-4981-902b-77e3716aac75",
+                        "id": "3bbbaac6-e130-4718-a452-349eef2483f0",
                         "cellValue": "VisibleTab",
                         "linkTarget": "parameter",
-                        "linkLabel": "Segmentation",
+                        "linkLabel": "Hub and spoke",
                         "subTarget": "tab2",
-                        "preText": "Segmentation",
+                        "preText": "Hub and spoke",
                         "style": "primary"
                     },
                     {
-                        "id": "82e8e1f1-a9a7-47b8-94c7-b41b377a3732",
+                        "id": "887c5cc9-3b6c-4cf3-aae6-9195990b1d78",
                         "cellValue": "VisibleTab",
                         "linkTarget": "parameter",
-                        "linkLabel": "Hub and spoke",
+                        "linkLabel": "IP plan",
                         "subTarget": "tab3",
-                        "preText": "Hub and spoke",
+                        "preText": "IP plan",
                         "style": "primary"
                     },
                     {
-                        "id": "3d86fe51-a31f-4675-b246-1922d4868b14",
+                        "id": "726b7422-de53-4faf-9980-baf2abfaff59",
                         "cellValue": "VisibleTab",
                         "linkTarget": "parameter",
-                        "linkLabel": "Internet",
+                        "linkLabel": "Firewall",
                         "subTarget": "tab4",
-                        "preText": "Internet",
+                        "preText": "Firewall",
                         "style": "primary"
                     },
                     {
-                        "id": "22ce8b24-d150-4e36-a888-99b2b43f5f14",
+                        "id": "2759f1a4-95a5-4e6e-84fd-b33a11c5aca6",
                         "cellValue": "VisibleTab",
                         "linkTarget": "parameter",
-                        "linkLabel": "IP plan",
+                        "linkLabel": "Internet",
                         "subTarget": "tab5",
-                        "preText": "IP plan",
+                        "preText": "Internet",
                         "style": "primary"
                     },
                     {
-                        "id": "ec111c11-c936-4f9f-8649-61acc1f242ed",
+                        "id": "4299e06c-7502-4d49-bd39-9fb05d512a73",
                         "cellValue": "VisibleTab",
                         "linkTarget": "parameter",
-                        "linkLabel": "Hybrid",
+                        "linkLabel": "PaaS",
                         "subTarget": "tab6",
-                        "preText": "Hybrid",
+                        "preText": "PaaS",
                         "style": "primary"
                     },
                     {
-                        "id": "9ec67510-ade1-4009-9a87-11168ee9d1b9",
+                        "id": "0c7b96cf-15bd-46b4-8f57-5b594e40c154",
                         "cellValue": "VisibleTab",
                         "linkTarget": "parameter",
-                        "linkLabel": "PaaS",
+                        "linkLabel": "Virtual WAN",
                         "subTarget": "tab7",
-                        "preText": "PaaS",
+                        "preText": "Virtual WAN",
                         "style": "primary"
                     }
                 ]
@@ -154,22 +154,22 @@
                     {
                         "type": 1,
                         "content": {
-                            "json": "## Firewall"
+                            "json": "## Segmentation"
                         },
                         "name": "tab0title"
                     },
                     {
                         "type": 1,
                         "content": {
-                            "json": "Use application rules to filter outbound traffic on destination host name for supported protocols.  Use FQDN-based network rules and Azure Firewall with DNS proxy to filter egress traffic to the Internet over other protocols. Check [this link](https://learn.microsoft.com/azure/firewall/fqdn-filtering-network-rules) for further information.. [This training](https://learn.microsoft.com/learn/paths/secure-networking-infrastructure/) can help to educate yourself on this."
+                            "json": "Use a /26 prefix for your Azure Firewall subnets. Check [this link](https://learn.microsoft.com/azure/firewall/firewall-faq#why-does-azure-firewall-need-a--26-subnet-size) for further information.. [This training](https://learn.microsoft.com/training/modules/introduction-azure-firewall/) can help to educate yourself on this."
                         },
-                        "name": "querytext14"
+                        "name": "querytext19"
                     },
                     {
                         "type": 3,
                         "content": {
                             "version": "KqlItem/1.0",
-                            "query": "resources | where type=='microsoft.network/firewallpolicies' | extend compliant = (properties.dnsSettings.enableProxy == true) | distinct id,compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
+                            "query": "resources | where type=='microsoft.network/virtualnetworks' | project id,subnets=properties.subnets | mv-expand subnets | project id, subnetName = subnets.name, subnetPrefix = subnets.properties.addressPrefix | extend subnetPrefixLength = split(subnetPrefix, '/')[1] | where subnetName == 'AzureFirewallSubnet' | extend compliant = (subnetPrefixLength == 26) | distinct id, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
                             "size": 0,
                             "queryType": 1,
                             "resourceType": "microsoft.resourcegraph/resources",
@@ -218,20 +218,20 @@
                                 ]
                             }
                         },
-                        "name": "query14"
+                        "name": "query19"
                     },
                     {
                         "type": 1,
                         "content": {
-                            "json": "Use Azure Firewall Premium to enable additional security features. Check [this link](https://learn.microsoft.com/azure/firewall/premium-features) for further information.. [This training](https://learn.microsoft.com/training/modules/introduction-azure-firewall/) can help to educate yourself on this."
+                            "json": "Use at least a /27 prefix for your Gateway subnets. Check [this link](https://learn.microsoft.com/azure/expressroute/expressroute-howto-add-gateway-resource-manager#add-a-gateway) for further information."
                         },
-                        "name": "querytext15"
+                        "name": "querytext21"
                     },
                     {
                         "type": 3,
                         "content": {
                             "version": "KqlItem/1.0",
-                            "query": "resources | where type=='microsoft.network/firewallpolicies' | extend compliant = (properties.sku.tier == 'Premium') | distinct id,compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
+                            "query": "resources | where type=='microsoft.network/virtualnetworks' | project id,subnets=properties.subnets | mv-expand subnets | project id, subnetName = subnets.name, subnetPrefix = subnets.properties.addressPrefix | extend subnetPrefixLength = split(subnetPrefix, '/')[1] | where subnetName == 'GatewaySubnet' | extend compliant = (subnetPrefixLength <= 27) | distinct id, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
                             "size": 0,
                             "queryType": 1,
                             "resourceType": "microsoft.resourcegraph/resources",
@@ -280,20 +280,20 @@
                                 ]
                             }
                         },
-                        "name": "query15"
+                        "name": "query21"
                     },
                     {
                         "type": 1,
                         "content": {
-                            "json": "Configure Azure Firewall Threat Intelligence mode to Alert and Deny for additional protection. Check [this link](https://learn.microsoft.com/azure/firewall/premium-features#idps-signature-rules) for further information."
+                            "json": "Don't rely on the NSG inbound default rules using the VirtualNetwork service tag to limit connectivity. Check [this link](https://learn.microsoft.com/azure/virtual-network/service-tags-overview#available-service-tags) for further information."
                         },
-                        "name": "querytext16"
+                        "name": "querytext22"
                     },
                     {
                         "type": 3,
                         "content": {
                             "version": "KqlItem/1.0",
-                            "query": "resources | where type=='microsoft.network/firewallpolicies' | extend compliant = (properties.threatIntelMode == 'Deny') | distinct id,compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
+                            "query": "resources | where type=='microsoft.network/networksecuritygroups' | mvexpand properties.securityRules | project id,name,ruleAction=properties_securityRules.properties.access,rulePriority=properties_securityRules.properties.priority,ruleDst=properties_securityRules.properties.destinationAddressPrefix,ruleSrc=properties_securityRules.properties.sourceAddressPrefix,ruleProt=properties_securityRules.properties.protocol,ruleDirection=properties_securityRules.properties.direction,rulePort=properties_securityRules.properties.destinationPortRange | summarize StarDenies=countif(ruleAction=='Deny' and ruleDst=='*' and ruleSrc=='*' and ruleProt=='*' and rulePort=='*') by id,tostring(ruleDirection) | where ruleDirection == 'Inbound' | project id,compliant=(StarDenies>0) | union (resources | where type=='microsoft.network/networksecuritygroups' | where array_length(properties.securityRules)==0 | extend compliant=false | project id,compliant) | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
                             "size": 0,
                             "queryType": 1,
                             "resourceType": "microsoft.resourcegraph/resources",
@@ -342,20 +342,20 @@
                                 ]
                             }
                         },
-                        "name": "query16"
+                        "name": "query22"
                     },
                     {
                         "type": 1,
                         "content": {
-                            "json": "Configure Azure Firewall IDPS mode to Deny for additional protection. Check [this link](https://learn.microsoft.com/azure/firewall/premium-features#idps) for further information.. [This training](https://learn.microsoft.com/training/modules/introduction-azure-firewall/) can help to educate yourself on this."
+                            "json": "Do not implement more than 900 NSG rules per NSG, due to the limit of 1000 rules. Check [this link](https://learn.microsoft.com/azure/azure-resource-manager/management/azure-subscription-service-limits) for further information.. [This training](https://learn.microsoft.com/azure/virtual-network/network-security-group-how-it-works) can help to educate yourself on this."
                         },
-                        "name": "querytext17"
+                        "name": "querytext23"
                     },
                     {
                         "type": 3,
                         "content": {
                             "version": "KqlItem/1.0",
-                            "query": "resources | where type=='microsoft.network/firewallpolicies' | extend compliant = (properties.intrusionDetection.mode == 'Deny') | project id, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
+                            "query": "resources | where type == 'microsoft.network/networksecuritygroups' | project id, rules = array_length(properties.securityRules) | project id, compliant = (rules < 900) | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
                             "size": 0,
                             "queryType": 1,
                             "resourceType": "microsoft.resourcegraph/resources",
@@ -404,20 +404,42 @@
                                 ]
                             }
                         },
-                        "name": "query17"
+                        "name": "query23"
+                    }
+                ]
+            },
+            "conditionalVisibility": {
+                "parameterName": "VisibleTab",
+                "comparison": "isEqualTo",
+                "value": "tab0"
+            },
+            "name": "tab0"
+        },
+        {
+            "type": 12,
+            "content": {
+                "version": "NotebookGroup/1.0",
+                "groupType": "editable",
+                "items": [
+                    {
+                        "type": 1,
+                        "content": {
+                            "json": "## Hybrid"
+                        },
+                        "name": "tab1title"
                     },
                     {
                         "type": 1,
                         "content": {
-                            "json": "For subnets in VNets not connected to Virtual WAN, attach a route table so that Internet traffic is redirected to Azure Firewall or a Network Virtual Appliance. Check [this link](https://learn.microsoft.com/azure/virtual-network/virtual-networks-udr-overview) for further information."
+                            "json": "Select the right SKU for the ExpressRoute/VPN gateways based on bandwidth and performance requirements. Check [this link](https://learn.microsoft.com/azure/expressroute/expressroute-about-virtual-network-gateways?source=recommendations#gwsku) for further information.. [This training](https://learn.microsoft.com/learn/modules/design-implement-azure-expressroute/) can help to educate yourself on this."
                         },
-                        "name": "querytext18"
+                        "name": "querytext7"
                     },
                     {
                         "type": 3,
                         "content": {
                             "version": "KqlItem/1.0",
-                            "query": "resources | where type=='microsoft.network/virtualnetworks' | project id,resourceGroup,name,subnets=properties.subnets | mv-expand subnets | project id,name,subnetId=tostring(subnets.id), subnetName=tostring(subnets.name),subnetRT=subnets.properties.routeTable.id | where not (subnetName in ('GatewaySubnet', 'AzureFirewallSubnet', 'RouteServerSubnet', 'AzureBastionSubnet')) | extend hasRT = isnotnull(subnetRT) | distinct id, hasRT, subnetId | join kind=fullouter (resources | where type == 'microsoft.network/virtualnetworks' | mvexpand properties.virtualNetworkPeerings | extend isVWAN=(tolower(split(properties_virtualNetworkPeerings.name, '_')[0]) == 'remotevnettohubpeering') | mv-expand properties.subnets | project id, isVWAN, name, subnetId=tostring(properties_subnets.id), subnetName=tostring(properties_subnets.name) | summarize PeeredToVWAN=max(isVWAN) by id, subnetId | project id, subnetId, isVWANpeer = (PeeredToVWAN == true)) on subnetId | project id=iff(isnotempty(id), id, id1), subnetId=iff(isnotempty(subnetId), subnetId, subnetId1), hasRT, isVWANpeer | extend compliant = (hasRT==true or isVWANpeer==true) | distinct id, subnetId, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
+                            "query": "resources| where type == 'microsoft.network/virtualnetworkgateways'| where properties.gatewayType =~ 'vpn' or properties.gatewayType == 'ExpressRoute'| extend SKUName = properties.sku.name, SKUTier = properties.sku.tier, Type = properties.gatewayType| extend compliant = SKUTier !in ('Basic', 'Standard')| project name, id, subscriptionId, resourceGroup, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
                             "size": 0,
                             "queryType": 1,
                             "resourceType": "microsoft.resourcegraph/resources",
@@ -466,42 +488,20 @@
                                 ]
                             }
                         },
-                        "name": "query18"
-                    }
-                ]
-            },
-            "conditionalVisibility": {
-                "parameterName": "VisibleTab",
-                "comparison": "isEqualTo",
-                "value": "tab0"
-            },
-            "name": "tab0"
-        },
-        {
-            "type": 12,
-            "content": {
-                "version": "NotebookGroup/1.0",
-                "groupType": "editable",
-                "items": [
-                    {
-                        "type": 1,
-                        "content": {
-                            "json": "## Virtual WAN"
-                        },
-                        "name": "tab1title"
+                        "name": "query7"
                     },
                     {
                         "type": 1,
                         "content": {
-                            "json": "For outbound Internet traffic protection and filtering, deploy Azure Firewall in secured hubs. Check [this link](https://learn.microsoft.com/azure/virtual-wan/howto-firewall) for further information.. [This training](https://learn.microsoft.com/learn/paths/secure-networking-infrastructure/) can help to educate yourself on this."
+                            "json": "Ensure that you're using unlimited-data ExpressRoute circuits only if you reach the bandwidth that justifies their cost. Check [this link](https://learn.microsoft.com/azure/expressroute/plan-manage-cost) for further information.. [This training](https://learn.microsoft.com/training/modules/design-implement-azure-expressroute/) can help to educate yourself on this."
                         },
-                        "name": "querytext24"
+                        "name": "querytext8"
                     },
                     {
                         "type": 3,
                         "content": {
                             "version": "KqlItem/1.0",
-                            "query": "resources | where type=='microsoft.network/virtualhubs' | extend compliant = isnotnull(properties.azureFirewall.id) | project id, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
+                            "query": "resources | where type=='microsoft.network/expressroutecircuits' | extend compliant = (tolower(sku.family) == 'metereddata' or tolower(sku.tier) == 'local') | distinct id,compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
                             "size": 0,
                             "queryType": 1,
                             "resourceType": "microsoft.resourcegraph/resources",
@@ -550,42 +550,20 @@
                                 ]
                             }
                         },
-                        "name": "query24"
-                    }
-                ]
-            },
-            "conditionalVisibility": {
-                "parameterName": "VisibleTab",
-                "comparison": "isEqualTo",
-                "value": "tab1"
-            },
-            "name": "tab1"
-        },
-        {
-            "type": 12,
-            "content": {
-                "version": "NotebookGroup/1.0",
-                "groupType": "editable",
-                "items": [
-                    {
-                        "type": 1,
-                        "content": {
-                            "json": "## Segmentation"
-                        },
-                        "name": "tab2title"
+                        "name": "query8"
                     },
                     {
                         "type": 1,
                         "content": {
-                            "json": "Use a /26 prefix for your Azure Firewall subnets. Check [this link](https://learn.microsoft.com/azure/firewall/firewall-faq#why-does-azure-firewall-need-a--26-subnet-size) for further information.. [This training](https://learn.microsoft.com/training/modules/introduction-azure-firewall/) can help to educate yourself on this."
+                            "json": "Leverage the Local SKU of ExpressRoute to reduce the cost of your circuits, if your circuit peering location supports your Azure regions for the Local SKU. Check [this link](https://learn.microsoft.com/azure/expressroute/expressroute-faqs#expressroute-local) for further information.. [This training](https://learn.microsoft.com/training/modules/design-implement-azure-expressroute/) can help to educate yourself on this."
                         },
-                        "name": "querytext19"
+                        "name": "querytext9"
                     },
                     {
                         "type": 3,
                         "content": {
                             "version": "KqlItem/1.0",
-                            "query": "resources | where type=='microsoft.network/virtualnetworks' | project id,subnets=properties.subnets | mv-expand subnets | project id, subnetName = subnets.name, subnetPrefix = subnets.properties.addressPrefix | extend subnetPrefixLength = split(subnetPrefix, '/')[1] | where subnetName == 'AzureFirewallSubnet' | extend compliant = (subnetPrefixLength == 26) | distinct id, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
+                            "query": "resources | where type=='microsoft.network/connections' | where properties.connectionType == 'ExpressRoute' | project id, gwid=tostring(properties.virtualNetworkGateway1.id), circuitid=tostring(properties.peer.id) | join (resources | where type=='microsoft.network/expressroutecircuits' | project circuitid=tostring(id), circuitsku=sku.tier) on circuitid | project id=gwid, compliant = (circuitsku == 'Local') | summarize compliant=max(compliant) by id | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
                             "size": 0,
                             "queryType": 1,
                             "resourceType": "microsoft.resourcegraph/resources",
@@ -634,20 +612,20 @@
                                 ]
                             }
                         },
-                        "name": "query19"
+                        "name": "query9"
                     },
                     {
                         "type": 1,
                         "content": {
-                            "json": "Use at least a /27 prefix for your Gateway subnets. Check [this link](https://learn.microsoft.com/azure/expressroute/expressroute-howto-add-gateway-resource-manager#add-a-gateway) for further information."
+                            "json": "Deploy a zone-redundant ExpressRoute gateway in the supported Azure regions. Check [this link](https://learn.microsoft.com/azure/expressroute/expressroute-about-virtual-network-gateways) for further information.. [This training](https://learn.microsoft.com/learn/modules/design-implement-azure-expressroute/) can help to educate yourself on this."
                         },
-                        "name": "querytext21"
+                        "name": "querytext10"
                     },
                     {
                         "type": 3,
                         "content": {
                             "version": "KqlItem/1.0",
-                            "query": "resources | where type=='microsoft.network/virtualnetworks' | project id,subnets=properties.subnets | mv-expand subnets | project id, subnetName = subnets.name, subnetPrefix = subnets.properties.addressPrefix | extend subnetPrefixLength = split(subnetPrefix, '/')[1] | where subnetName == 'GatewaySubnet' | extend compliant = (subnetPrefixLength <= 27) | distinct id, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
+                            "query": "resources| where type == 'microsoft.network/virtualnetworkgateways'| where properties.gatewayType =~ 'vpn' or properties.gatewayType == 'ExpressRoute'| extend SKUName = properties.sku.name, SKUTier = properties.sku.tier, Type = properties.gatewayType| extend compliant = SKUTier contains 'AZ'| project name, id, subscriptionId, resourceGroup, Type, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
                             "size": 0,
                             "queryType": 1,
                             "resourceType": "microsoft.resourcegraph/resources",
@@ -696,20 +674,20 @@
                                 ]
                             }
                         },
-                        "name": "query21"
+                        "name": "query10"
                     },
                     {
                         "type": 1,
                         "content": {
-                            "json": "Don't rely on the NSG inbound default rules using the VirtualNetwork service tag to limit connectivity. Check [this link](https://learn.microsoft.com/azure/virtual-network/service-tags-overview#available-service-tags) for further information."
+                            "json": "Use zone-redundant VPN gateways to connect branches or remote locations to Azure (where available). Check [this link](https://learn.microsoft.com/azure/vpn-gateway/create-zone-redundant-vnet-gateway) for further information.. [This training](https://learn.microsoft.com/training/modules/intro-to-azure-vpn-gateway/) can help to educate yourself on this."
                         },
-                        "name": "querytext22"
+                        "name": "querytext11"
                     },
                     {
                         "type": 3,
                         "content": {
                             "version": "KqlItem/1.0",
-                            "query": "resources | where type=='microsoft.network/networksecuritygroups' | mvexpand properties.securityRules | project id,name,ruleAction=properties_securityRules.properties.access,rulePriority=properties_securityRules.properties.priority,ruleDst=properties_securityRules.properties.destinationAddressPrefix,ruleSrc=properties_securityRules.properties.sourceAddressPrefix,ruleProt=properties_securityRules.properties.protocol,ruleDirection=properties_securityRules.properties.direction,rulePort=properties_securityRules.properties.destinationPortRange | summarize StarDenies=countif(ruleAction=='Deny' and ruleDst=='*' and ruleSrc=='*' and ruleProt=='*' and rulePort=='*') by id,tostring(ruleDirection) | where ruleDirection == 'Inbound' | project id,compliant=(StarDenies>0) | union (resources | where type=='microsoft.network/networksecuritygroups' | where array_length(properties.securityRules)==0 | extend compliant=false | project id,compliant) | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
+                            "query": "resources | where type=='microsoft.network/virtualnetworkgateways' | where properties.gatewayType == 'Vpn' | extend compliant = (tolower(properties.sku.name) contains 'az') | distinct id, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
                             "size": 0,
                             "queryType": 1,
                             "resourceType": "microsoft.resourcegraph/resources",
@@ -758,20 +736,20 @@
                                 ]
                             }
                         },
-                        "name": "query22"
+                        "name": "query11"
                     },
                     {
                         "type": 1,
                         "content": {
-                            "json": "Do not implement more than 900 NSG rules per NSG, due to the limit of 1000 rules. Check [this link](https://learn.microsoft.com/azure/azure-resource-manager/management/azure-subscription-service-limits) for further information.. [This training](https://learn.microsoft.com/azure/virtual-network/network-security-group-how-it-works) can help to educate yourself on this."
+                            "json": "Use ExpressRoute circuits from different peering locations for redundancy. Check [this link](https://learn.microsoft.com/azure/expressroute/designing-for-disaster-recovery-with-expressroute-privatepeering#need-for-redundant-connectivity-solution) for further information.. [This training](https://learn.microsoft.com/learn/modules/design-implement-azure-expressroute/) can help to educate yourself on this."
                         },
-                        "name": "querytext23"
+                        "name": "querytext12"
                     },
                     {
                         "type": 3,
                         "content": {
                             "version": "KqlItem/1.0",
-                            "query": "resources | where type == 'microsoft.network/networksecuritygroups' | project id, rules = array_length(properties.securityRules) | project id, compliant = (rules < 900) | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
+                            "query": "resources | where type=='microsoft.network/connections' | where properties.connectionType == 'ExpressRoute' | project cxId=id, gwId=tostring(properties.virtualNetworkGateway1.id), circuitId=tostring(properties.peer.id) | join (resources | where type=='microsoft.network/expressroutecircuits' | project circuitId=tostring(id), circuitLocation=tostring(properties.serviceProviderProperties.peeringLocation)) on circuitId | distinct gwId, circuitLocation | summarize countErLocations=count() by id=gwId | extend compliant = (countErLocations >= 2) | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
                             "size": 0,
                             "queryType": 1,
                             "resourceType": "microsoft.resourcegraph/resources",
@@ -820,42 +798,20 @@
                                 ]
                             }
                         },
-                        "name": "query23"
-                    }
-                ]
-            },
-            "conditionalVisibility": {
-                "parameterName": "VisibleTab",
-                "comparison": "isEqualTo",
-                "value": "tab2"
-            },
-            "name": "tab2"
-        },
-        {
-            "type": 12,
-            "content": {
-                "version": "NotebookGroup/1.0",
-                "groupType": "editable",
-                "items": [
-                    {
-                        "type": 1,
-                        "content": {
-                            "json": "## Hub and spoke"
-                        },
-                        "name": "tab3title"
+                        "name": "query12"
                     },
                     {
                         "type": 1,
                         "content": {
-                            "json": "If using Route Server, use a /27 prefix for the Route Server subnet. Check [this link](https://learn.microsoft.com/azure/route-server/quickstart-configure-route-server-portal#create-a-route-server-1) for further information.. [This training](https://learn.microsoft.com/training/modules/intro-to-azure-route-server/) can help to educate yourself on this."
+                            "json": "If you are using a route table in the GatewaySubnet, make sure that gateway routes are propagated. Check [this link](https://learn.microsoft.com/azure/vpn-gateway/vpn-gateway-about-vpn-gateway-settings#gwsub) for further information."
                         },
-                        "name": "querytext0"
+                        "name": "querytext13"
                     },
                     {
                         "type": 3,
                         "content": {
                             "version": "KqlItem/1.0",
-                            "query": "resources | where type=='microsoft.network/virtualnetworks' | project id,subnets=properties.subnets | mv-expand subnets | project id, subnetName = subnets.name, subnetPrefix = subnets.properties.addressPrefix | extend subnetPrefixLength = split(subnetPrefix, '/')[1] | where subnetName == 'RouteServerSubnet' | extend compliant = (subnetPrefixLength <= 27) | distinct id, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
+                            "query": "resources | where type=='microsoft.network/virtualnetworks' | project id,resourceGroup,name,subnets=properties.subnets | mv-expand subnets | project id,resourceGroup,name,subnetName=tostring(subnets.name),routeTableId=tostring(subnets.properties.routeTable.id) | where subnetName == 'GatewaySubnet' | join kind=leftouter (Resources | where type == 'microsoft.network/routetables' | project routeTableName=name,routeTableId=id, disableBgpRoutePropagation=properties.disableBgpRoutePropagation) on routeTableId | project id,compliant = (disableBgpRoutePropagation == False or isnull(disableBgpRoutePropagation)) | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
                             "size": 0,
                             "queryType": 1,
                             "resourceType": "microsoft.resourcegraph/resources",
@@ -904,20 +860,42 @@
                                 ]
                             }
                         },
-                        "name": "query0"
+                        "name": "query13"
+                    }
+                ]
+            },
+            "conditionalVisibility": {
+                "parameterName": "VisibleTab",
+                "comparison": "isEqualTo",
+                "value": "tab1"
+            },
+            "name": "tab1"
+        },
+        {
+            "type": 12,
+            "content": {
+                "version": "NotebookGroup/1.0",
+                "groupType": "editable",
+                "items": [
+                    {
+                        "type": 1,
+                        "content": {
+                            "json": "## Hub and spoke"
+                        },
+                        "name": "tab2title"
                     },
                     {
                         "type": 1,
                         "content": {
-                            "json": "If you have more than 400 spoke networks in a region, deploy an additional hub to bypass VNet peering limits (500) and the maximum number of prefixes that can be advertised via ExpressRoute (1000). Check [this link](https://learn.microsoft.com/azure/azure-resource-manager/management/azure-subscription-service-limits?toc=/azure/virtual-network/toc.json#azure-resource-manager-virtual-networking-limits) for further information.. [This training](https://learn.microsoft.com/training/modules/hub-and-spoke-network-architecture/) can help to educate yourself on this."
+                            "json": "If using Route Server, use a /27 prefix for the Route Server subnet. Check [this link](https://learn.microsoft.com/azure/route-server/quickstart-configure-route-server-portal#create-a-route-server-1) for further information.. [This training](https://learn.microsoft.com/training/modules/intro-to-azure-route-server/) can help to educate yourself on this."
                         },
-                        "name": "querytext1"
+                        "name": "querytext0"
                     },
                     {
                         "type": 3,
                         "content": {
                             "version": "KqlItem/1.0",
-                            "query": "resources | where type == 'microsoft.network/virtualnetworks' | mvexpand properties.virtualNetworkPeerings | summarize peeringcount = count() by id | extend compliant = (peeringcount < 450) | distinct id,compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
+                            "query": "resources | where type=='microsoft.network/virtualnetworks' | project id,subnets=properties.subnets | mv-expand subnets | project id, subnetName = subnets.name, subnetPrefix = subnets.properties.addressPrefix | extend subnetPrefixLength = split(subnetPrefix, '/')[1] | where subnetName == 'RouteServerSubnet' | extend compliant = (subnetPrefixLength <= 27) | distinct id, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
                             "size": 0,
                             "queryType": 1,
                             "resourceType": "microsoft.resourcegraph/resources",
@@ -966,20 +944,20 @@
                                 ]
                             }
                         },
-                        "name": "query1"
+                        "name": "query0"
                     },
                     {
                         "type": 1,
                         "content": {
-                            "json": "Limit the number of routes per route table to 400. Check [this link](https://learn.microsoft.com/azure/azure-resource-manager/management/azure-subscription-service-limits?toc=/azure/virtual-network/toc.json#azure-resource-manager-virtual-networking-limits) for further information.. [This training](https://learn.microsoft.com/training/modules/hub-and-spoke-network-architecture/) can help to educate yourself on this."
+                            "json": "If you have more than 400 spoke networks in a region, deploy an additional hub to bypass VNet peering limits (500) and the maximum number of prefixes that can be advertised via ExpressRoute (1000). Check [this link](https://learn.microsoft.com/azure/azure-resource-manager/management/azure-subscription-service-limits?toc=/azure/virtual-network/toc.json#azure-resource-manager-virtual-networking-limits) for further information.. [This training](https://learn.microsoft.com/training/modules/hub-and-spoke-network-architecture/) can help to educate yourself on this."
                         },
-                        "name": "querytext2"
+                        "name": "querytext1"
                     },
                     {
                         "type": 3,
                         "content": {
                             "version": "KqlItem/1.0",
-                            "query": "resources | where type=='microsoft.network/routetables' | mvexpand properties.routes | summarize routeCount = count() by id | extend compliant = (routeCount < 360) | distinct id,compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
+                            "query": "resources | where type == 'microsoft.network/virtualnetworks' | mvexpand properties.virtualNetworkPeerings | summarize peeringcount = count() by id | extend compliant = (peeringcount < 450) | distinct id,compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
                             "size": 0,
                             "queryType": 1,
                             "resourceType": "microsoft.resourcegraph/resources",
@@ -1028,20 +1006,20 @@
                                 ]
                             }
                         },
-                        "name": "query2"
+                        "name": "query1"
                     },
                     {
                         "type": 1,
                         "content": {
-                            "json": "Use the setting 'Allow traffic to remote virtual network' when configuring VNet peerings. Check [this link](https://learn.microsoft.com/azure/virtual-network/virtual-network-manage-peering) for further information.. [This training](https://learn.microsoft.com/training/modules/hub-and-spoke-network-architecture/) can help to educate yourself on this."
+                            "json": "Limit the number of routes per route table to 400. Check [this link](https://learn.microsoft.com/azure/azure-resource-manager/management/azure-subscription-service-limits?toc=/azure/virtual-network/toc.json#azure-resource-manager-virtual-networking-limits) for further information.. [This training](https://learn.microsoft.com/training/modules/hub-and-spoke-network-architecture/) can help to educate yourself on this."
                         },
-                        "name": "querytext3"
+                        "name": "querytext2"
                     },
                     {
                         "type": 3,
                         "content": {
                             "version": "KqlItem/1.0",
-                            "query": "resources | where type == 'microsoft.network/virtualnetworks' | mvexpand properties.virtualNetworkPeerings | project id, peeringName=properties_virtualNetworkPeerings.name, compliant = (properties_virtualNetworkPeerings.properties.allowVirtualNetworkAccess == True) | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
+                            "query": "resources | where type=='microsoft.network/routetables' | mvexpand properties.routes | summarize routeCount = count() by id | extend compliant = (routeCount < 360) | distinct id,compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
                             "size": 0,
                             "queryType": 1,
                             "resourceType": "microsoft.resourcegraph/resources",
@@ -1090,42 +1068,20 @@
                                 ]
                             }
                         },
-                        "name": "query3"
-                    }
-                ]
-            },
-            "conditionalVisibility": {
-                "parameterName": "VisibleTab",
-                "comparison": "isEqualTo",
-                "value": "tab3"
-            },
-            "name": "tab3"
-        },
-        {
-            "type": 12,
-            "content": {
-                "version": "NotebookGroup/1.0",
-                "groupType": "editable",
-                "items": [
-                    {
-                        "type": 1,
-                        "content": {
-                            "json": "## Internet"
-                        },
-                        "name": "tab4title"
+                        "name": "query2"
                     },
                     {
                         "type": 1,
                         "content": {
-                            "json": "Use Azure Bastion in a subnet /26 or larger. Check [this link](https://learn.microsoft.com/azure/bastion/bastion-faq#subnet) for further information.. [This training](https://learn.microsoft.com/training/modules/intro-to-azure-bastion/) can help to educate yourself on this."
+                            "json": "Use the setting 'Allow traffic to remote virtual network' when configuring VNet peerings. Check [this link](https://learn.microsoft.com/azure/virtual-network/virtual-network-manage-peering) for further information.. [This training](https://learn.microsoft.com/training/modules/hub-and-spoke-network-architecture/) can help to educate yourself on this."
                         },
-                        "name": "querytext6"
+                        "name": "querytext3"
                     },
                     {
                         "type": 3,
                         "content": {
                             "version": "KqlItem/1.0",
-                            "query": "resources | where type=='microsoft.network/virtualnetworks' | project id,subnets=properties.subnets | mv-expand subnets | project id, subnetName = subnets.name, subnetPrefix = subnets.properties.addressPrefix | extend subnetPrefixLength = split(subnetPrefix, '/')[1] | where subnetName == 'AzureBastionSubnet' | extend compliant = (subnetPrefixLength <= 26) | distinct id, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
+                            "query": "resources | where type == 'microsoft.network/virtualnetworks' | mvexpand properties.virtualNetworkPeerings | project id, peeringName=properties_virtualNetworkPeerings.name, compliant = (properties_virtualNetworkPeerings.properties.allowVirtualNetworkAccess == True) | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
                             "size": 0,
                             "queryType": 1,
                             "resourceType": "microsoft.resourcegraph/resources",
@@ -1174,16 +1130,16 @@
                                 ]
                             }
                         },
-                        "name": "query6"
+                        "name": "query3"
                     }
                 ]
             },
             "conditionalVisibility": {
                 "parameterName": "VisibleTab",
                 "comparison": "isEqualTo",
-                "value": "tab4"
+                "value": "tab2"
             },
-            "name": "tab4"
+            "name": "tab2"
         },
         {
             "type": 12,
@@ -1196,7 +1152,7 @@
                         "content": {
                             "json": "## IP plan"
                         },
-                        "name": "tab5title"
+                        "name": "tab3title"
                     },
                     {
                         "type": 1,
@@ -1327,9 +1283,9 @@
             "conditionalVisibility": {
                 "parameterName": "VisibleTab",
                 "comparison": "isEqualTo",
-                "value": "tab5"
+                "value": "tab3"
             },
-            "name": "tab5"
+            "name": "tab3"
         },
         {
             "type": 12,
@@ -1340,22 +1296,22 @@
                     {
                         "type": 1,
                         "content": {
-                            "json": "## Hybrid"
+                            "json": "## Firewall"
                         },
-                        "name": "tab6title"
+                        "name": "tab4title"
                     },
                     {
                         "type": 1,
                         "content": {
-                            "json": "Select the right SKU for the ExpressRoute/VPN gateways based on bandwidth and performance requirements. Check [this link](https://learn.microsoft.com/azure/expressroute/expressroute-about-virtual-network-gateways?source=recommendations#gwsku) for further information.. [This training](https://learn.microsoft.com/learn/modules/design-implement-azure-expressroute/) can help to educate yourself on this."
+                            "json": "Use application rules to filter outbound traffic on destination host name for supported protocols.  Use FQDN-based network rules and Azure Firewall with DNS proxy to filter egress traffic to the Internet over other protocols. Check [this link](https://learn.microsoft.com/azure/firewall/fqdn-filtering-network-rules) for further information.. [This training](https://learn.microsoft.com/learn/paths/secure-networking-infrastructure/) can help to educate yourself on this."
                         },
-                        "name": "querytext7"
+                        "name": "querytext14"
                     },
                     {
                         "type": 3,
                         "content": {
                             "version": "KqlItem/1.0",
-                            "query": "resources| where type == 'microsoft.network/virtualnetworkgateways'| where properties.gatewayType =~ 'vpn' or properties.gatewayType == 'ExpressRoute'| extend SKUName = properties.sku.name, SKUTier = properties.sku.tier, Type = properties.gatewayType| extend compliant = SKUTier !in ('Basic', 'Standard')| project name, id, subscriptionId, resourceGroup, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
+                            "query": "resources | where type=='microsoft.network/firewallpolicies' | extend compliant = (properties.dnsSettings.enableProxy == true) | distinct id,compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
                             "size": 0,
                             "queryType": 1,
                             "resourceType": "microsoft.resourcegraph/resources",
@@ -1404,20 +1360,20 @@
                                 ]
                             }
                         },
-                        "name": "query7"
+                        "name": "query14"
                     },
                     {
                         "type": 1,
                         "content": {
-                            "json": "Ensure that you're using unlimited-data ExpressRoute circuits only if you reach the bandwidth that justifies their cost. Check [this link](https://learn.microsoft.com/azure/expressroute/plan-manage-cost) for further information.. [This training](https://learn.microsoft.com/training/modules/design-implement-azure-expressroute/) can help to educate yourself on this."
+                            "json": "Use Azure Firewall Premium to enable additional security features. Check [this link](https://learn.microsoft.com/azure/firewall/premium-features) for further information.. [This training](https://learn.microsoft.com/training/modules/introduction-azure-firewall/) can help to educate yourself on this."
                         },
-                        "name": "querytext8"
+                        "name": "querytext15"
                     },
                     {
                         "type": 3,
                         "content": {
                             "version": "KqlItem/1.0",
-                            "query": "resources | where type=='microsoft.network/expressroutecircuits' | extend compliant = (tolower(sku.family) == 'metereddata' or tolower(sku.tier) == 'local') | distinct id,compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
+                            "query": "resources | where type=='microsoft.network/firewallpolicies' | extend compliant = (properties.sku.tier == 'Premium') | distinct id,compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
                             "size": 0,
                             "queryType": 1,
                             "resourceType": "microsoft.resourcegraph/resources",
@@ -1466,20 +1422,20 @@
                                 ]
                             }
                         },
-                        "name": "query8"
+                        "name": "query15"
                     },
                     {
                         "type": 1,
                         "content": {
-                            "json": "Leverage the Local SKU of ExpressRoute to reduce the cost of your circuits, if your circuit peering location supports your Azure regions for the Local SKU. Check [this link](https://learn.microsoft.com/azure/expressroute/expressroute-faqs#expressroute-local) for further information.. [This training](https://learn.microsoft.com/training/modules/design-implement-azure-expressroute/) can help to educate yourself on this."
+                            "json": "Configure Azure Firewall Threat Intelligence mode to Alert and Deny for additional protection. Check [this link](https://learn.microsoft.com/azure/firewall/premium-features#idps-signature-rules) for further information."
                         },
-                        "name": "querytext9"
+                        "name": "querytext16"
                     },
                     {
                         "type": 3,
                         "content": {
                             "version": "KqlItem/1.0",
-                            "query": "resources | where type=='microsoft.network/connections' | where properties.connectionType == 'ExpressRoute' | project id, gwid=tostring(properties.virtualNetworkGateway1.id), circuitid=tostring(properties.peer.id) | join (resources | where type=='microsoft.network/expressroutecircuits' | project circuitid=tostring(id), circuitsku=sku.tier) on circuitid | project id=gwid, compliant = (circuitsku == 'Local') | summarize compliant=max(compliant) by id | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
+                            "query": "resources | where type=='microsoft.network/firewallpolicies' | extend compliant = (properties.threatIntelMode == 'Deny') | distinct id,compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
                             "size": 0,
                             "queryType": 1,
                             "resourceType": "microsoft.resourcegraph/resources",
@@ -1528,20 +1484,20 @@
                                 ]
                             }
                         },
-                        "name": "query9"
+                        "name": "query16"
                     },
                     {
                         "type": 1,
                         "content": {
-                            "json": "Deploy a zone-redundant ExpressRoute gateway in the supported Azure regions. Check [this link](https://learn.microsoft.com/azure/expressroute/expressroute-about-virtual-network-gateways) for further information.. [This training](https://learn.microsoft.com/learn/modules/design-implement-azure-expressroute/) can help to educate yourself on this."
+                            "json": "Configure Azure Firewall IDPS mode to Deny for additional protection. Check [this link](https://learn.microsoft.com/azure/firewall/premium-features#idps) for further information.. [This training](https://learn.microsoft.com/training/modules/introduction-azure-firewall/) can help to educate yourself on this."
                         },
-                        "name": "querytext10"
+                        "name": "querytext17"
                     },
                     {
                         "type": 3,
                         "content": {
                             "version": "KqlItem/1.0",
-                            "query": "resources| where type == 'microsoft.network/virtualnetworkgateways'| where properties.gatewayType =~ 'vpn' or properties.gatewayType == 'ExpressRoute'| extend SKUName = properties.sku.name, SKUTier = properties.sku.tier, Type = properties.gatewayType| extend compliant = SKUTier contains 'AZ'| project name, id, subscriptionId, resourceGroup, Type, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
+                            "query": "resources | where type=='microsoft.network/firewallpolicies' | extend compliant = (properties.intrusionDetection.mode == 'Deny') | project id, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
                             "size": 0,
                             "queryType": 1,
                             "resourceType": "microsoft.resourcegraph/resources",
@@ -1590,20 +1546,20 @@
                                 ]
                             }
                         },
-                        "name": "query10"
+                        "name": "query17"
                     },
                     {
                         "type": 1,
                         "content": {
-                            "json": "Use zone-redundant VPN gateways to connect branches or remote locations to Azure (where available). Check [this link](https://learn.microsoft.com/azure/vpn-gateway/create-zone-redundant-vnet-gateway) for further information.. [This training](https://learn.microsoft.com/training/modules/intro-to-azure-vpn-gateway/) can help to educate yourself on this."
+                            "json": "For subnets in VNets not connected to Virtual WAN, attach a route table so that Internet traffic is redirected to Azure Firewall or a Network Virtual Appliance. Check [this link](https://learn.microsoft.com/azure/virtual-network/virtual-networks-udr-overview) for further information."
                         },
-                        "name": "querytext11"
+                        "name": "querytext18"
                     },
                     {
                         "type": 3,
                         "content": {
                             "version": "KqlItem/1.0",
-                            "query": "resources | where type=='microsoft.network/virtualnetworkgateways' | where properties.gatewayType == 'Vpn' | extend compliant = (tolower(properties.sku.name) contains 'az') | distinct id, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
+                            "query": "resources | where type=='microsoft.network/virtualnetworks' | project id,resourceGroup,name,subnets=properties.subnets | mv-expand subnets | project id,name,subnetId=tostring(subnets.id), subnetName=tostring(subnets.name),subnetRT=subnets.properties.routeTable.id | where not (subnetName in ('GatewaySubnet', 'AzureFirewallSubnet', 'RouteServerSubnet', 'AzureBastionSubnet')) | extend hasRT = isnotnull(subnetRT) | distinct id, hasRT, subnetId | join kind=fullouter (resources | where type == 'microsoft.network/virtualnetworks' | mvexpand properties.virtualNetworkPeerings | extend isVWAN=(tolower(split(properties_virtualNetworkPeerings.name, '_')[0]) == 'remotevnettohubpeering') | mv-expand properties.subnets | project id, isVWAN, name, subnetId=tostring(properties_subnets.id), subnetName=tostring(properties_subnets.name) | summarize PeeredToVWAN=max(isVWAN) by id, subnetId | project id, subnetId, isVWANpeer = (PeeredToVWAN == true)) on subnetId | project id=iff(isnotempty(id), id, id1), subnetId=iff(isnotempty(subnetId), subnetId, subnetId1), hasRT, isVWANpeer | extend compliant = (hasRT==true or isVWANpeer==true) | distinct id, subnetId, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
                             "size": 0,
                             "queryType": 1,
                             "resourceType": "microsoft.resourcegraph/resources",
@@ -1652,20 +1608,42 @@
                                 ]
                             }
                         },
-                        "name": "query11"
+                        "name": "query18"
+                    }
+                ]
+            },
+            "conditionalVisibility": {
+                "parameterName": "VisibleTab",
+                "comparison": "isEqualTo",
+                "value": "tab4"
+            },
+            "name": "tab4"
+        },
+        {
+            "type": 12,
+            "content": {
+                "version": "NotebookGroup/1.0",
+                "groupType": "editable",
+                "items": [
+                    {
+                        "type": 1,
+                        "content": {
+                            "json": "## Internet"
+                        },
+                        "name": "tab5title"
                     },
                     {
                         "type": 1,
                         "content": {
-                            "json": "Use ExpressRoute circuits from different peering locations for redundancy. Check [this link](https://learn.microsoft.com/azure/expressroute/designing-for-disaster-recovery-with-expressroute-privatepeering#need-for-redundant-connectivity-solution) for further information.. [This training](https://learn.microsoft.com/learn/modules/design-implement-azure-expressroute/) can help to educate yourself on this."
+                            "json": "Use Azure Bastion in a subnet /26 or larger. Check [this link](https://learn.microsoft.com/azure/bastion/bastion-faq#subnet) for further information.. [This training](https://learn.microsoft.com/training/modules/intro-to-azure-bastion/) can help to educate yourself on this."
                         },
-                        "name": "querytext12"
+                        "name": "querytext6"
                     },
                     {
                         "type": 3,
                         "content": {
                             "version": "KqlItem/1.0",
-                            "query": "resources | where type=='microsoft.network/connections' | where properties.connectionType == 'ExpressRoute' | project cxId=id, gwId=tostring(properties.virtualNetworkGateway1.id), circuitId=tostring(properties.peer.id) | join (resources | where type=='microsoft.network/expressroutecircuits' | project circuitId=tostring(id), circuitLocation=tostring(properties.serviceProviderProperties.peeringLocation)) on circuitId | distinct gwId, circuitLocation | summarize countErLocations=count() by id=gwId | extend compliant = (countErLocations >= 2) | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
+                            "query": "resources | where type=='microsoft.network/virtualnetworks' | project id,subnets=properties.subnets | mv-expand subnets | project id, subnetName = subnets.name, subnetPrefix = subnets.properties.addressPrefix | extend subnetPrefixLength = split(subnetPrefix, '/')[1] | where subnetName == 'AzureBastionSubnet' | extend compliant = (subnetPrefixLength <= 26) | distinct id, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
                             "size": 0,
                             "queryType": 1,
                             "resourceType": "microsoft.resourcegraph/resources",
@@ -1714,20 +1692,42 @@
                                 ]
                             }
                         },
-                        "name": "query12"
+                        "name": "query6"
+                    }
+                ]
+            },
+            "conditionalVisibility": {
+                "parameterName": "VisibleTab",
+                "comparison": "isEqualTo",
+                "value": "tab5"
+            },
+            "name": "tab5"
+        },
+        {
+            "type": 12,
+            "content": {
+                "version": "NotebookGroup/1.0",
+                "groupType": "editable",
+                "items": [
+                    {
+                        "type": 1,
+                        "content": {
+                            "json": "## PaaS"
+                        },
+                        "name": "tab6title"
                     },
                     {
                         "type": 1,
                         "content": {
-                            "json": "If you are using a route table in the GatewaySubnet, make sure that gateway routes are propagated. Check [this link](https://learn.microsoft.com/azure/vpn-gateway/vpn-gateway-about-vpn-gateway-settings#gwsub) for further information."
+                            "json": "Don't enable virtual network service endpoints by default on all subnets. Check [this link](https://learn.microsoft.com/azure/virtual-network/virtual-network-service-endpoints-overview) for further information.. [This training](https://learn.microsoft.com/learn/paths/implement-network-security/?source=learn) can help to educate yourself on this."
                         },
-                        "name": "querytext13"
+                        "name": "querytext20"
                     },
                     {
                         "type": 3,
                         "content": {
                             "version": "KqlItem/1.0",
-                            "query": "resources | where type=='microsoft.network/virtualnetworks' | project id,resourceGroup,name,subnets=properties.subnets | mv-expand subnets | project id,resourceGroup,name,subnetName=tostring(subnets.name),routeTableId=tostring(subnets.properties.routeTable.id) | where subnetName == 'GatewaySubnet' | join kind=leftouter (Resources | where type == 'microsoft.network/routetables' | project routeTableName=name,routeTableId=id, disableBgpRoutePropagation=properties.disableBgpRoutePropagation) on routeTableId | project id,compliant = (disableBgpRoutePropagation == False or isnull(disableBgpRoutePropagation)) | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
+                            "query": "resources | where type =~ 'microsoft.network/virtualnetworks' | project id,resourceGroup,name,subnets = properties.subnets | mv-expand subnets | project id = subnets.id, resourceGroup, VNet = name, serviceEndpoints = subnets.properties.serviceEndpoints, compliant = (isnull(subnets.properties.serviceEndpoints) or array_length(subnets.properties.serviceEndpoints) == 0) | order by compliant asc | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
                             "size": 0,
                             "queryType": 1,
                             "resourceType": "microsoft.resourcegraph/resources",
@@ -1776,7 +1776,7 @@
                                 ]
                             }
                         },
-                        "name": "query13"
+                        "name": "query20"
                     }
                 ]
             },
@@ -1796,22 +1796,22 @@
                     {
                         "type": 1,
                         "content": {
-                            "json": "## PaaS"
+                            "json": "## Virtual WAN"
                         },
                         "name": "tab7title"
                     },
                     {
                         "type": 1,
                         "content": {
-                            "json": "Don't enable virtual network service endpoints by default on all subnets. Check [this link](https://learn.microsoft.com/azure/virtual-network/virtual-network-service-endpoints-overview) for further information.. [This training](https://learn.microsoft.com/learn/paths/implement-network-security/?source=learn) can help to educate yourself on this."
+                            "json": "For outbound Internet traffic protection and filtering, deploy Azure Firewall in secured hubs. Check [this link](https://learn.microsoft.com/azure/virtual-wan/howto-firewall) for further information.. [This training](https://learn.microsoft.com/learn/paths/secure-networking-infrastructure/) can help to educate yourself on this."
                         },
-                        "name": "querytext20"
+                        "name": "querytext24"
                     },
                     {
                         "type": 3,
                         "content": {
                             "version": "KqlItem/1.0",
-                            "query": "resources | where type =~ 'microsoft.network/virtualnetworks' | project id,resourceGroup,name,subnets = properties.subnets | mv-expand subnets | project id = subnets.id, resourceGroup, VNet = name, serviceEndpoints = subnets.properties.serviceEndpoints, compliant = (isnull(subnets.properties.serviceEndpoints) or array_length(subnets.properties.serviceEndpoints) == 0) | order by compliant asc | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
+                            "query": "resources | where type=='microsoft.network/virtualhubs' | extend compliant = isnotnull(properties.azureFirewall.id) | project id, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
                             "size": 0,
                             "queryType": 1,
                             "resourceType": "microsoft.resourcegraph/resources",
@@ -1860,7 +1860,7 @@
                                 ]
                             }
                         },
-                        "name": "query20"
+                        "name": "query24"
                     }
                 ]
             },
diff --git a/workbooks/alz_checklist.en_network_workbook_template.json b/workbooks/alz_checklist.en_network_workbook_template.json
index d00ca8c73..823e4cc02 100644
--- a/workbooks/alz_checklist.en_network_workbook_template.json
+++ b/workbooks/alz_checklist.en_network_workbook_template.json
@@ -41,7 +41,7 @@
             "dependsOn": [],
             "properties": {
                 "displayName": "[parameters('workbookDisplayName')]",
-                "serializedData": "{\n    \"version\": \"Notebook/1.0\",\n    \"items\": [\n        {\n            \"type\": 9,\n            \"content\": {\n                \"version\": \"KqlParameterItem/1.0\",\n                \"parameters\": [\n                    {\n                        \"id\": \"497a107e-dde8-433e-b263-35ac8e8f7834\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Subscription\",\n                        \"type\": 6,\n                        \"multiSelect\": true,\n                        \"quote\": \"'\",\n                        \"delimiter\": \",\",\n                        \"typeSettings\": {\n                            \"additionalResourceOptions\": [\n                                \"value::all\"\n                            ],\n                            \"includeAll\": true,\n                            \"showDefault\": false\n                        },\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"value\": [\n                            \"value::all\"\n                        ]\n                    },\n                    {\n                        \"id\": \"844e4f4e-df51-4e3c-8eaf-0dc78b92c721\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"OnlyFailed\",\n                        \"label\": \"Only show failed\",\n                        \"type\": 2,\n                        \"typeSettings\": {\n                            \"additionalResourceOptions\": [],\n                            \"showDefault\": false\n                        },\n                        \"jsonData\": \"[\\r\\n    { \\\"value\\\":true, \\\"label\\\":\\\"True\\\" },\\r\\n    { \\\"value\\\":false, \\\"label\\\":\\\"False\\\", \\\"selected\\\":true }\\r\\n]\"\n                    }\n                ],\n                \"style\": \"pills\",\n                \"queryType\": 0,\n                \"resourceType\": \"microsoft.operationalinsights/workspaces\"\n            },\n            \"name\": \"WorkbookSelectors\"\n        },\n        {\n            \"type\": 1,\n            \"content\": {\n                \"json\": \"If you set \\\"Only show failed\\\" to \\\"Yes\\\", the different queries will only show items that have failed their compliance checks.\",\n                \"style\": \"info\"\n            },\n            \"name\": \"InfoBox\"\n        },\n        {\n            \"type\": 1,\n            \"content\": {\n                \"json\": \"## Azure Landing Zone Review - Network\\n\\n---\\n\\nThis workbook has been automatically generated out of the checklists in the [Azure Review Checklists repo](https://github.com/Azure/review-checklists). This repo contains best practices and recommendations around generic Landing Zones as well as specific services such as Azure Virtual Desktop, Azure Kubernetes Service or Azure VMware Solution, to name a few. This repository of best practices is curated by Azure engineers, but open to anybody to contribute.\\n\\nIf you see a problem in the queries that are part of this workbook, please open a Github issue [here](https://github.com/Azure/review-checklists/issues/new).\"\n            },\n            \"customWidth\": \"100\",\n            \"name\": \"MarkdownHeader\"\n        },\n        {\n            \"type\": 11,\n            \"content\": {\n                \"version\": \"LinkItem/1.0\",\n                \"style\": \"tabs\",\n                \"links\": [\n                    {\n                        \"id\": \"ed16216c-bd43-4d2d-8686-470ea28e511d\",\n                        \"cellValue\": \"VisibleTab\",\n                        \"linkTarget\": \"parameter\",\n                        \"linkLabel\": \"Firewall\",\n                        \"subTarget\": \"tab0\",\n                        \"preText\": \"Firewall\",\n                        \"style\": \"primary\"\n                    },\n                    {\n                        \"id\": \"32277772-9a8d-42ce-9d09-aac5991e7095\",\n                        \"cellValue\": \"VisibleTab\",\n                        \"linkTarget\": \"parameter\",\n                        \"linkLabel\": \"Virtual WAN\",\n                        \"subTarget\": \"tab1\",\n                        \"preText\": \"Virtual WAN\",\n                        \"style\": \"primary\"\n                    },\n                    {\n                        \"id\": \"768c42e4-b038-4981-902b-77e3716aac75\",\n                        \"cellValue\": \"VisibleTab\",\n                        \"linkTarget\": \"parameter\",\n                        \"linkLabel\": \"Segmentation\",\n                        \"subTarget\": \"tab2\",\n                        \"preText\": \"Segmentation\",\n                        \"style\": \"primary\"\n                    },\n                    {\n                        \"id\": \"82e8e1f1-a9a7-47b8-94c7-b41b377a3732\",\n                        \"cellValue\": \"VisibleTab\",\n                        \"linkTarget\": \"parameter\",\n                        \"linkLabel\": \"Hub and spoke\",\n                        \"subTarget\": \"tab3\",\n                        \"preText\": \"Hub and spoke\",\n                        \"style\": \"primary\"\n                    },\n                    {\n                        \"id\": \"3d86fe51-a31f-4675-b246-1922d4868b14\",\n                        \"cellValue\": \"VisibleTab\",\n                        \"linkTarget\": \"parameter\",\n                        \"linkLabel\": \"Internet\",\n                        \"subTarget\": \"tab4\",\n                        \"preText\": \"Internet\",\n                        \"style\": \"primary\"\n                    },\n                    {\n                        \"id\": \"22ce8b24-d150-4e36-a888-99b2b43f5f14\",\n                        \"cellValue\": \"VisibleTab\",\n                        \"linkTarget\": \"parameter\",\n                        \"linkLabel\": \"IP plan\",\n                        \"subTarget\": \"tab5\",\n                        \"preText\": \"IP plan\",\n                        \"style\": \"primary\"\n                    },\n                    {\n                        \"id\": \"ec111c11-c936-4f9f-8649-61acc1f242ed\",\n                        \"cellValue\": \"VisibleTab\",\n                        \"linkTarget\": \"parameter\",\n                        \"linkLabel\": \"Hybrid\",\n                        \"subTarget\": \"tab6\",\n                        \"preText\": \"Hybrid\",\n                        \"style\": \"primary\"\n                    },\n                    {\n                        \"id\": \"9ec67510-ade1-4009-9a87-11168ee9d1b9\",\n                        \"cellValue\": \"VisibleTab\",\n                        \"linkTarget\": \"parameter\",\n                        \"linkLabel\": \"PaaS\",\n                        \"subTarget\": \"tab7\",\n                        \"preText\": \"PaaS\",\n                        \"style\": \"primary\"\n                    }\n                ]\n            },\n            \"name\": \"Tabs\"\n        },\n        {\n            \"type\": 12,\n            \"content\": {\n                \"version\": \"NotebookGroup/1.0\",\n                \"groupType\": \"editable\",\n                \"items\": [\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"## Firewall\"\n                        },\n                        \"name\": \"tab0title\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Use application rules to filter outbound traffic on destination host name for supported protocols.  Use FQDN-based network rules and Azure Firewall with DNS proxy to filter egress traffic to the Internet over other protocols. Check [this link](https://learn.microsoft.com/azure/firewall/fqdn-filtering-network-rules) for further information.. [This training](https://learn.microsoft.com/learn/paths/secure-networking-infrastructure/) can help to educate yourself on this.\"\n                        },\n                        \"name\": \"querytext14\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/firewallpolicies' | extend compliant = (properties.dnsSettings.enableProxy == true) | distinct id,compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 0,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query14\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Use Azure Firewall Premium to enable additional security features. Check [this link](https://learn.microsoft.com/azure/firewall/premium-features) for further information.. [This training](https://learn.microsoft.com/training/modules/introduction-azure-firewall/) can help to educate yourself on this.\"\n                        },\n                        \"name\": \"querytext15\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/firewallpolicies' | extend compliant = (properties.sku.tier == 'Premium') | distinct id,compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 0,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query15\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Configure Azure Firewall Threat Intelligence mode to Alert and Deny for additional protection. Check [this link](https://learn.microsoft.com/azure/firewall/premium-features#idps-signature-rules) for further information.\"\n                        },\n                        \"name\": \"querytext16\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/firewallpolicies' | extend compliant = (properties.threatIntelMode == 'Deny') | distinct id,compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 0,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query16\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Configure Azure Firewall IDPS mode to Deny for additional protection. Check [this link](https://learn.microsoft.com/azure/firewall/premium-features#idps) for further information.. [This training](https://learn.microsoft.com/training/modules/introduction-azure-firewall/) can help to educate yourself on this.\"\n                        },\n                        \"name\": \"querytext17\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/firewallpolicies' | extend compliant = (properties.intrusionDetection.mode == 'Deny') | project id, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 0,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query17\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"For subnets in VNets not connected to Virtual WAN, attach a route table so that Internet traffic is redirected to Azure Firewall or a Network Virtual Appliance. Check [this link](https://learn.microsoft.com/azure/virtual-network/virtual-networks-udr-overview) for further information.\"\n                        },\n                        \"name\": \"querytext18\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/virtualnetworks' | project id,resourceGroup,name,subnets=properties.subnets | mv-expand subnets | project id,name,subnetId=tostring(subnets.id), subnetName=tostring(subnets.name),subnetRT=subnets.properties.routeTable.id | where not (subnetName in ('GatewaySubnet', 'AzureFirewallSubnet', 'RouteServerSubnet', 'AzureBastionSubnet')) | extend hasRT = isnotnull(subnetRT) | distinct id, hasRT, subnetId | join kind=fullouter (resources | where type == 'microsoft.network/virtualnetworks' | mvexpand properties.virtualNetworkPeerings | extend isVWAN=(tolower(split(properties_virtualNetworkPeerings.name, '_')[0]) == 'remotevnettohubpeering') | mv-expand properties.subnets | project id, isVWAN, name, subnetId=tostring(properties_subnets.id), subnetName=tostring(properties_subnets.name) | summarize PeeredToVWAN=max(isVWAN) by id, subnetId | project id, subnetId, isVWANpeer = (PeeredToVWAN == true)) on subnetId | project id=iff(isnotempty(id), id, id1), subnetId=iff(isnotempty(subnetId), subnetId, subnetId1), hasRT, isVWANpeer | extend compliant = (hasRT==true or isVWANpeer==true) | distinct id, subnetId, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 0,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query18\"\n                    }\n                ]\n            },\n            \"conditionalVisibility\": {\n                \"parameterName\": \"VisibleTab\",\n                \"comparison\": \"isEqualTo\",\n                \"value\": \"tab0\"\n            },\n            \"name\": \"tab0\"\n        },\n        {\n            \"type\": 12,\n            \"content\": {\n                \"version\": \"NotebookGroup/1.0\",\n                \"groupType\": \"editable\",\n                \"items\": [\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"## Virtual WAN\"\n                        },\n                        \"name\": \"tab1title\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"For outbound Internet traffic protection and filtering, deploy Azure Firewall in secured hubs. Check [this link](https://learn.microsoft.com/azure/virtual-wan/howto-firewall) for further information.. [This training](https://learn.microsoft.com/learn/paths/secure-networking-infrastructure/) can help to educate yourself on this.\"\n                        },\n                        \"name\": \"querytext24\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/virtualhubs' | extend compliant = isnotnull(properties.azureFirewall.id) | project id, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 0,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query24\"\n                    }\n                ]\n            },\n            \"conditionalVisibility\": {\n                \"parameterName\": \"VisibleTab\",\n                \"comparison\": \"isEqualTo\",\n                \"value\": \"tab1\"\n            },\n            \"name\": \"tab1\"\n        },\n        {\n            \"type\": 12,\n            \"content\": {\n                \"version\": \"NotebookGroup/1.0\",\n                \"groupType\": \"editable\",\n                \"items\": [\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"## Segmentation\"\n                        },\n                        \"name\": \"tab2title\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Use a /26 prefix for your Azure Firewall subnets. Check [this link](https://learn.microsoft.com/azure/firewall/firewall-faq#why-does-azure-firewall-need-a--26-subnet-size) for further information.. [This training](https://learn.microsoft.com/training/modules/introduction-azure-firewall/) can help to educate yourself on this.\"\n                        },\n                        \"name\": \"querytext19\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/virtualnetworks' | project id,subnets=properties.subnets | mv-expand subnets | project id, subnetName = subnets.name, subnetPrefix = subnets.properties.addressPrefix | extend subnetPrefixLength = split(subnetPrefix, '/')[1] | where subnetName == 'AzureFirewallSubnet' | extend compliant = (subnetPrefixLength == 26) | distinct id, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 0,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query19\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Use at least a /27 prefix for your Gateway subnets. Check [this link](https://learn.microsoft.com/azure/expressroute/expressroute-howto-add-gateway-resource-manager#add-a-gateway) for further information.\"\n                        },\n                        \"name\": \"querytext21\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/virtualnetworks' | project id,subnets=properties.subnets | mv-expand subnets | project id, subnetName = subnets.name, subnetPrefix = subnets.properties.addressPrefix | extend subnetPrefixLength = split(subnetPrefix, '/')[1] | where subnetName == 'GatewaySubnet' | extend compliant = (subnetPrefixLength <= 27) | distinct id, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 0,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query21\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Don't rely on the NSG inbound default rules using the VirtualNetwork service tag to limit connectivity. Check [this link](https://learn.microsoft.com/azure/virtual-network/service-tags-overview#available-service-tags) for further information.\"\n                        },\n                        \"name\": \"querytext22\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/networksecuritygroups' | mvexpand properties.securityRules | project id,name,ruleAction=properties_securityRules.properties.access,rulePriority=properties_securityRules.properties.priority,ruleDst=properties_securityRules.properties.destinationAddressPrefix,ruleSrc=properties_securityRules.properties.sourceAddressPrefix,ruleProt=properties_securityRules.properties.protocol,ruleDirection=properties_securityRules.properties.direction,rulePort=properties_securityRules.properties.destinationPortRange | summarize StarDenies=countif(ruleAction=='Deny' and ruleDst=='*' and ruleSrc=='*' and ruleProt=='*' and rulePort=='*') by id,tostring(ruleDirection) | where ruleDirection == 'Inbound' | project id,compliant=(StarDenies>0) | union (resources | where type=='microsoft.network/networksecuritygroups' | where array_length(properties.securityRules)==0 | extend compliant=false | project id,compliant) | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 0,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query22\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Do not implement more than 900 NSG rules per NSG, due to the limit of 1000 rules. Check [this link](https://learn.microsoft.com/azure/azure-resource-manager/management/azure-subscription-service-limits) for further information.. [This training](https://learn.microsoft.com/azure/virtual-network/network-security-group-how-it-works) can help to educate yourself on this.\"\n                        },\n                        \"name\": \"querytext23\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type == 'microsoft.network/networksecuritygroups' | project id, rules = array_length(properties.securityRules) | project id, compliant = (rules < 900) | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 0,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query23\"\n                    }\n                ]\n            },\n            \"conditionalVisibility\": {\n                \"parameterName\": \"VisibleTab\",\n                \"comparison\": \"isEqualTo\",\n                \"value\": \"tab2\"\n            },\n            \"name\": \"tab2\"\n        },\n        {\n            \"type\": 12,\n            \"content\": {\n                \"version\": \"NotebookGroup/1.0\",\n                \"groupType\": \"editable\",\n                \"items\": [\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"## Hub and spoke\"\n                        },\n                        \"name\": \"tab3title\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"If using Route Server, use a /27 prefix for the Route Server subnet. Check [this link](https://learn.microsoft.com/azure/route-server/quickstart-configure-route-server-portal#create-a-route-server-1) for further information.. [This training](https://learn.microsoft.com/training/modules/intro-to-azure-route-server/) can help to educate yourself on this.\"\n                        },\n                        \"name\": \"querytext0\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/virtualnetworks' | project id,subnets=properties.subnets | mv-expand subnets | project id, subnetName = subnets.name, subnetPrefix = subnets.properties.addressPrefix | extend subnetPrefixLength = split(subnetPrefix, '/')[1] | where subnetName == 'RouteServerSubnet' | extend compliant = (subnetPrefixLength <= 27) | distinct id, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 0,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query0\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"If you have more than 400 spoke networks in a region, deploy an additional hub to bypass VNet peering limits (500) and the maximum number of prefixes that can be advertised via ExpressRoute (1000). Check [this link](https://learn.microsoft.com/azure/azure-resource-manager/management/azure-subscription-service-limits?toc=/azure/virtual-network/toc.json#azure-resource-manager-virtual-networking-limits) for further information.. [This training](https://learn.microsoft.com/training/modules/hub-and-spoke-network-architecture/) can help to educate yourself on this.\"\n                        },\n                        \"name\": \"querytext1\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type == 'microsoft.network/virtualnetworks' | mvexpand properties.virtualNetworkPeerings | summarize peeringcount = count() by id | extend compliant = (peeringcount < 450) | distinct id,compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 0,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query1\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Limit the number of routes per route table to 400. Check [this link](https://learn.microsoft.com/azure/azure-resource-manager/management/azure-subscription-service-limits?toc=/azure/virtual-network/toc.json#azure-resource-manager-virtual-networking-limits) for further information.. [This training](https://learn.microsoft.com/training/modules/hub-and-spoke-network-architecture/) can help to educate yourself on this.\"\n                        },\n                        \"name\": \"querytext2\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/routetables' | mvexpand properties.routes | summarize routeCount = count() by id | extend compliant = (routeCount < 360) | distinct id,compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 0,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query2\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Use the setting 'Allow traffic to remote virtual network' when configuring VNet peerings. Check [this link](https://learn.microsoft.com/azure/virtual-network/virtual-network-manage-peering) for further information.. [This training](https://learn.microsoft.com/training/modules/hub-and-spoke-network-architecture/) can help to educate yourself on this.\"\n                        },\n                        \"name\": \"querytext3\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type == 'microsoft.network/virtualnetworks' | mvexpand properties.virtualNetworkPeerings | project id, peeringName=properties_virtualNetworkPeerings.name, compliant = (properties_virtualNetworkPeerings.properties.allowVirtualNetworkAccess == True) | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 0,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query3\"\n                    }\n                ]\n            },\n            \"conditionalVisibility\": {\n                \"parameterName\": \"VisibleTab\",\n                \"comparison\": \"isEqualTo\",\n                \"value\": \"tab3\"\n            },\n            \"name\": \"tab3\"\n        },\n        {\n            \"type\": 12,\n            \"content\": {\n                \"version\": \"NotebookGroup/1.0\",\n                \"groupType\": \"editable\",\n                \"items\": [\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"## Internet\"\n                        },\n                        \"name\": \"tab4title\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Use Azure Bastion in a subnet /26 or larger. Check [this link](https://learn.microsoft.com/azure/bastion/bastion-faq#subnet) for further information.. [This training](https://learn.microsoft.com/training/modules/intro-to-azure-bastion/) can help to educate yourself on this.\"\n                        },\n                        \"name\": \"querytext6\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/virtualnetworks' | project id,subnets=properties.subnets | mv-expand subnets | project id, subnetName = subnets.name, subnetPrefix = subnets.properties.addressPrefix | extend subnetPrefixLength = split(subnetPrefix, '/')[1] | where subnetName == 'AzureBastionSubnet' | extend compliant = (subnetPrefixLength <= 26) | distinct id, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 0,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query6\"\n                    }\n                ]\n            },\n            \"conditionalVisibility\": {\n                \"parameterName\": \"VisibleTab\",\n                \"comparison\": \"isEqualTo\",\n                \"value\": \"tab4\"\n            },\n            \"name\": \"tab4\"\n        },\n        {\n            \"type\": 12,\n            \"content\": {\n                \"version\": \"NotebookGroup/1.0\",\n                \"groupType\": \"editable\",\n                \"items\": [\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"## IP plan\"\n                        },\n                        \"name\": \"tab5title\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Use IP addresses from the address allocation ranges for private internets (RFC 1918). Check [this link](https://learn.microsoft.com/azure/cloud-adoption-framework/ready/azure-best-practices/plan-for-ip-addressing) for further information.. [This training](https://learn.microsoft.com/learn/paths/architect-network-infrastructure/) can help to educate yourself on this.\"\n                        },\n                        \"name\": \"querytext4\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type == 'microsoft.network/virtualnetworks' | extend addressSpace = todynamic(properties.addressSpace) | extend addressPrefix = todynamic(properties.addressSpace.addressPrefixes) | mvexpand addressSpace | mvexpand addressPrefix | project name, id, location, resourceGroup, subscriptionId, cidr = addressPrefix | extend compliant = (cidr matches regex @'^(10\\\\.|172\\\\.(1[6-9]|2[0-9]|3[01])\\\\.|192\\\\.168\\\\.)')  | project id, compliant, cidr | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 0,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query4\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Ensure that IP address space isn't wasted, don't create unnecessarily large virtual networks (for example /16). Check [this link](https://learn.microsoft.com/azure/cloud-adoption-framework/ready/azure-best-practices/plan-for-ip-addressing) for further information.. [This training](https://learn.microsoft.com/learn/paths/architect-network-infrastructure/) can help to educate yourself on this.\"\n                        },\n                        \"name\": \"querytext5\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type == 'microsoft.network/virtualnetworks' | extend addressSpace = todynamic(properties.addressSpace) | extend addressPrefix = todynamic(properties.addressSpace.addressPrefixes) | mvexpand addressSpace | mvexpand addressPrefix | extend addressMask = split(addressPrefix,'/')[1] | extend compliant = addressMask > 16 | project name, id, subscriptionId, resourceGroup, addressPrefix, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 0,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query5\"\n                    }\n                ]\n            },\n            \"conditionalVisibility\": {\n                \"parameterName\": \"VisibleTab\",\n                \"comparison\": \"isEqualTo\",\n                \"value\": \"tab5\"\n            },\n            \"name\": \"tab5\"\n        },\n        {\n            \"type\": 12,\n            \"content\": {\n                \"version\": \"NotebookGroup/1.0\",\n                \"groupType\": \"editable\",\n                \"items\": [\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"## Hybrid\"\n                        },\n                        \"name\": \"tab6title\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Select the right SKU for the ExpressRoute/VPN gateways based on bandwidth and performance requirements. Check [this link](https://learn.microsoft.com/azure/expressroute/expressroute-about-virtual-network-gateways?source=recommendations#gwsku) for further information.. [This training](https://learn.microsoft.com/learn/modules/design-implement-azure-expressroute/) can help to educate yourself on this.\"\n                        },\n                        \"name\": \"querytext7\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources| where type == 'microsoft.network/virtualnetworkgateways'| where properties.gatewayType =~ 'vpn' or properties.gatewayType == 'ExpressRoute'| extend SKUName = properties.sku.name, SKUTier = properties.sku.tier, Type = properties.gatewayType| extend compliant = SKUTier !in ('Basic', 'Standard')| project name, id, subscriptionId, resourceGroup, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 0,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query7\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Ensure that you're using unlimited-data ExpressRoute circuits only if you reach the bandwidth that justifies their cost. Check [this link](https://learn.microsoft.com/azure/expressroute/plan-manage-cost) for further information.. [This training](https://learn.microsoft.com/training/modules/design-implement-azure-expressroute/) can help to educate yourself on this.\"\n                        },\n                        \"name\": \"querytext8\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/expressroutecircuits' | extend compliant = (tolower(sku.family) == 'metereddata' or tolower(sku.tier) == 'local') | distinct id,compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 0,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query8\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Leverage the Local SKU of ExpressRoute to reduce the cost of your circuits, if your circuit peering location supports your Azure regions for the Local SKU. Check [this link](https://learn.microsoft.com/azure/expressroute/expressroute-faqs#expressroute-local) for further information.. [This training](https://learn.microsoft.com/training/modules/design-implement-azure-expressroute/) can help to educate yourself on this.\"\n                        },\n                        \"name\": \"querytext9\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/connections' | where properties.connectionType == 'ExpressRoute' | project id, gwid=tostring(properties.virtualNetworkGateway1.id), circuitid=tostring(properties.peer.id) | join (resources | where type=='microsoft.network/expressroutecircuits' | project circuitid=tostring(id), circuitsku=sku.tier) on circuitid | project id=gwid, compliant = (circuitsku == 'Local') | summarize compliant=max(compliant) by id | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 0,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query9\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Deploy a zone-redundant ExpressRoute gateway in the supported Azure regions. Check [this link](https://learn.microsoft.com/azure/expressroute/expressroute-about-virtual-network-gateways) for further information.. [This training](https://learn.microsoft.com/learn/modules/design-implement-azure-expressroute/) can help to educate yourself on this.\"\n                        },\n                        \"name\": \"querytext10\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources| where type == 'microsoft.network/virtualnetworkgateways'| where properties.gatewayType =~ 'vpn' or properties.gatewayType == 'ExpressRoute'| extend SKUName = properties.sku.name, SKUTier = properties.sku.tier, Type = properties.gatewayType| extend compliant = SKUTier contains 'AZ'| project name, id, subscriptionId, resourceGroup, Type, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 0,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query10\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Use zone-redundant VPN gateways to connect branches or remote locations to Azure (where available). Check [this link](https://learn.microsoft.com/azure/vpn-gateway/create-zone-redundant-vnet-gateway) for further information.. [This training](https://learn.microsoft.com/training/modules/intro-to-azure-vpn-gateway/) can help to educate yourself on this.\"\n                        },\n                        \"name\": \"querytext11\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/virtualnetworkgateways' | where properties.gatewayType == 'Vpn' | extend compliant = (tolower(properties.sku.name) contains 'az') | distinct id, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 0,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query11\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Use ExpressRoute circuits from different peering locations for redundancy. Check [this link](https://learn.microsoft.com/azure/expressroute/designing-for-disaster-recovery-with-expressroute-privatepeering#need-for-redundant-connectivity-solution) for further information.. [This training](https://learn.microsoft.com/learn/modules/design-implement-azure-expressroute/) can help to educate yourself on this.\"\n                        },\n                        \"name\": \"querytext12\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/connections' | where properties.connectionType == 'ExpressRoute' | project cxId=id, gwId=tostring(properties.virtualNetworkGateway1.id), circuitId=tostring(properties.peer.id) | join (resources | where type=='microsoft.network/expressroutecircuits' | project circuitId=tostring(id), circuitLocation=tostring(properties.serviceProviderProperties.peeringLocation)) on circuitId | distinct gwId, circuitLocation | summarize countErLocations=count() by id=gwId | extend compliant = (countErLocations >= 2) | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 0,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query12\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"If you are using a route table in the GatewaySubnet, make sure that gateway routes are propagated. Check [this link](https://learn.microsoft.com/azure/vpn-gateway/vpn-gateway-about-vpn-gateway-settings#gwsub) for further information.\"\n                        },\n                        \"name\": \"querytext13\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/virtualnetworks' | project id,resourceGroup,name,subnets=properties.subnets | mv-expand subnets | project id,resourceGroup,name,subnetName=tostring(subnets.name),routeTableId=tostring(subnets.properties.routeTable.id) | where subnetName == 'GatewaySubnet' | join kind=leftouter (Resources | where type == 'microsoft.network/routetables' | project routeTableName=name,routeTableId=id, disableBgpRoutePropagation=properties.disableBgpRoutePropagation) on routeTableId | project id,compliant = (disableBgpRoutePropagation == False or isnull(disableBgpRoutePropagation)) | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 0,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query13\"\n                    }\n                ]\n            },\n            \"conditionalVisibility\": {\n                \"parameterName\": \"VisibleTab\",\n                \"comparison\": \"isEqualTo\",\n                \"value\": \"tab6\"\n            },\n            \"name\": \"tab6\"\n        },\n        {\n            \"type\": 12,\n            \"content\": {\n                \"version\": \"NotebookGroup/1.0\",\n                \"groupType\": \"editable\",\n                \"items\": [\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"## PaaS\"\n                        },\n                        \"name\": \"tab7title\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Don't enable virtual network service endpoints by default on all subnets. Check [this link](https://learn.microsoft.com/azure/virtual-network/virtual-network-service-endpoints-overview) for further information.. [This training](https://learn.microsoft.com/learn/paths/implement-network-security/?source=learn) can help to educate yourself on this.\"\n                        },\n                        \"name\": \"querytext20\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type =~ 'microsoft.network/virtualnetworks' | project id,resourceGroup,name,subnets = properties.subnets | mv-expand subnets | project id = subnets.id, resourceGroup, VNet = name, serviceEndpoints = subnets.properties.serviceEndpoints, compliant = (isnull(subnets.properties.serviceEndpoints) or array_length(subnets.properties.serviceEndpoints) == 0) | order by compliant asc | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 0,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query20\"\n                    }\n                ]\n            },\n            \"conditionalVisibility\": {\n                \"parameterName\": \"VisibleTab\",\n                \"comparison\": \"isEqualTo\",\n                \"value\": \"tab7\"\n            },\n            \"name\": \"tab7\"\n        }\n    ],\n    \"$schema\": \"https://github.com/Microsoft/Application-Insights-Workbooks/blob/master/schema/workbook.json\"\n}",
+                "serializedData": "{\n    \"version\": \"Notebook/1.0\",\n    \"items\": [\n        {\n            \"type\": 9,\n            \"content\": {\n                \"version\": \"KqlParameterItem/1.0\",\n                \"parameters\": [\n                    {\n                        \"id\": \"497a107e-dde8-433e-b263-35ac8e8f7834\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Subscription\",\n                        \"type\": 6,\n                        \"multiSelect\": true,\n                        \"quote\": \"'\",\n                        \"delimiter\": \",\",\n                        \"typeSettings\": {\n                            \"additionalResourceOptions\": [\n                                \"value::all\"\n                            ],\n                            \"includeAll\": true,\n                            \"showDefault\": false\n                        },\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"value\": [\n                            \"value::all\"\n                        ]\n                    },\n                    {\n                        \"id\": \"844e4f4e-df51-4e3c-8eaf-0dc78b92c721\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"OnlyFailed\",\n                        \"label\": \"Only show failed\",\n                        \"type\": 2,\n                        \"typeSettings\": {\n                            \"additionalResourceOptions\": [],\n                            \"showDefault\": false\n                        },\n                        \"jsonData\": \"[\\r\\n    { \\\"value\\\":true, \\\"label\\\":\\\"True\\\" },\\r\\n    { \\\"value\\\":false, \\\"label\\\":\\\"False\\\", \\\"selected\\\":true }\\r\\n]\"\n                    }\n                ],\n                \"style\": \"pills\",\n                \"queryType\": 0,\n                \"resourceType\": \"microsoft.operationalinsights/workspaces\"\n            },\n            \"name\": \"WorkbookSelectors\"\n        },\n        {\n            \"type\": 1,\n            \"content\": {\n                \"json\": \"If you set \\\"Only show failed\\\" to \\\"Yes\\\", the different queries will only show items that have failed their compliance checks.\",\n                \"style\": \"info\"\n            },\n            \"name\": \"InfoBox\"\n        },\n        {\n            \"type\": 1,\n            \"content\": {\n                \"json\": \"## Azure Landing Zone Review - Network\\n\\n---\\n\\nThis workbook has been automatically generated out of the checklists in the [Azure Review Checklists repo](https://github.com/Azure/review-checklists). This repo contains best practices and recommendations around generic Landing Zones as well as specific services such as Azure Virtual Desktop, Azure Kubernetes Service or Azure VMware Solution, to name a few. This repository of best practices is curated by Azure engineers, but open to anybody to contribute.\\n\\nIf you see a problem in the queries that are part of this workbook, please open a Github issue [here](https://github.com/Azure/review-checklists/issues/new).\"\n            },\n            \"customWidth\": \"100\",\n            \"name\": \"MarkdownHeader\"\n        },\n        {\n            \"type\": 11,\n            \"content\": {\n                \"version\": \"LinkItem/1.0\",\n                \"style\": \"tabs\",\n                \"links\": [\n                    {\n                        \"id\": \"6a916b89-e6c9-4f47-b398-f44ddfb863f0\",\n                        \"cellValue\": \"VisibleTab\",\n                        \"linkTarget\": \"parameter\",\n                        \"linkLabel\": \"Segmentation\",\n                        \"subTarget\": \"tab0\",\n                        \"preText\": \"Segmentation\",\n                        \"style\": \"primary\"\n                    },\n                    {\n                        \"id\": \"e6e4fc2f-d66c-4056-b368-fec55231ac0f\",\n                        \"cellValue\": \"VisibleTab\",\n                        \"linkTarget\": \"parameter\",\n                        \"linkLabel\": \"Hybrid\",\n                        \"subTarget\": \"tab1\",\n                        \"preText\": \"Hybrid\",\n                        \"style\": \"primary\"\n                    },\n                    {\n                        \"id\": \"3bbbaac6-e130-4718-a452-349eef2483f0\",\n                        \"cellValue\": \"VisibleTab\",\n                        \"linkTarget\": \"parameter\",\n                        \"linkLabel\": \"Hub and spoke\",\n                        \"subTarget\": \"tab2\",\n                        \"preText\": \"Hub and spoke\",\n                        \"style\": \"primary\"\n                    },\n                    {\n                        \"id\": \"887c5cc9-3b6c-4cf3-aae6-9195990b1d78\",\n                        \"cellValue\": \"VisibleTab\",\n                        \"linkTarget\": \"parameter\",\n                        \"linkLabel\": \"IP plan\",\n                        \"subTarget\": \"tab3\",\n                        \"preText\": \"IP plan\",\n                        \"style\": \"primary\"\n                    },\n                    {\n                        \"id\": \"726b7422-de53-4faf-9980-baf2abfaff59\",\n                        \"cellValue\": \"VisibleTab\",\n                        \"linkTarget\": \"parameter\",\n                        \"linkLabel\": \"Firewall\",\n                        \"subTarget\": \"tab4\",\n                        \"preText\": \"Firewall\",\n                        \"style\": \"primary\"\n                    },\n                    {\n                        \"id\": \"2759f1a4-95a5-4e6e-84fd-b33a11c5aca6\",\n                        \"cellValue\": \"VisibleTab\",\n                        \"linkTarget\": \"parameter\",\n                        \"linkLabel\": \"Internet\",\n                        \"subTarget\": \"tab5\",\n                        \"preText\": \"Internet\",\n                        \"style\": \"primary\"\n                    },\n                    {\n                        \"id\": \"4299e06c-7502-4d49-bd39-9fb05d512a73\",\n                        \"cellValue\": \"VisibleTab\",\n                        \"linkTarget\": \"parameter\",\n                        \"linkLabel\": \"PaaS\",\n                        \"subTarget\": \"tab6\",\n                        \"preText\": \"PaaS\",\n                        \"style\": \"primary\"\n                    },\n                    {\n                        \"id\": \"0c7b96cf-15bd-46b4-8f57-5b594e40c154\",\n                        \"cellValue\": \"VisibleTab\",\n                        \"linkTarget\": \"parameter\",\n                        \"linkLabel\": \"Virtual WAN\",\n                        \"subTarget\": \"tab7\",\n                        \"preText\": \"Virtual WAN\",\n                        \"style\": \"primary\"\n                    }\n                ]\n            },\n            \"name\": \"Tabs\"\n        },\n        {\n            \"type\": 12,\n            \"content\": {\n                \"version\": \"NotebookGroup/1.0\",\n                \"groupType\": \"editable\",\n                \"items\": [\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"## Segmentation\"\n                        },\n                        \"name\": \"tab0title\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Use a /26 prefix for your Azure Firewall subnets. Check [this link](https://learn.microsoft.com/azure/firewall/firewall-faq#why-does-azure-firewall-need-a--26-subnet-size) for further information.. [This training](https://learn.microsoft.com/training/modules/introduction-azure-firewall/) can help to educate yourself on this.\"\n                        },\n                        \"name\": \"querytext19\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/virtualnetworks' | project id,subnets=properties.subnets | mv-expand subnets | project id, subnetName = subnets.name, subnetPrefix = subnets.properties.addressPrefix | extend subnetPrefixLength = split(subnetPrefix, '/')[1] | where subnetName == 'AzureFirewallSubnet' | extend compliant = (subnetPrefixLength == 26) | distinct id, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 0,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query19\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Use at least a /27 prefix for your Gateway subnets. Check [this link](https://learn.microsoft.com/azure/expressroute/expressroute-howto-add-gateway-resource-manager#add-a-gateway) for further information.\"\n                        },\n                        \"name\": \"querytext21\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/virtualnetworks' | project id,subnets=properties.subnets | mv-expand subnets | project id, subnetName = subnets.name, subnetPrefix = subnets.properties.addressPrefix | extend subnetPrefixLength = split(subnetPrefix, '/')[1] | where subnetName == 'GatewaySubnet' | extend compliant = (subnetPrefixLength <= 27) | distinct id, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 0,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query21\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Don't rely on the NSG inbound default rules using the VirtualNetwork service tag to limit connectivity. Check [this link](https://learn.microsoft.com/azure/virtual-network/service-tags-overview#available-service-tags) for further information.\"\n                        },\n                        \"name\": \"querytext22\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/networksecuritygroups' | mvexpand properties.securityRules | project id,name,ruleAction=properties_securityRules.properties.access,rulePriority=properties_securityRules.properties.priority,ruleDst=properties_securityRules.properties.destinationAddressPrefix,ruleSrc=properties_securityRules.properties.sourceAddressPrefix,ruleProt=properties_securityRules.properties.protocol,ruleDirection=properties_securityRules.properties.direction,rulePort=properties_securityRules.properties.destinationPortRange | summarize StarDenies=countif(ruleAction=='Deny' and ruleDst=='*' and ruleSrc=='*' and ruleProt=='*' and rulePort=='*') by id,tostring(ruleDirection) | where ruleDirection == 'Inbound' | project id,compliant=(StarDenies>0) | union (resources | where type=='microsoft.network/networksecuritygroups' | where array_length(properties.securityRules)==0 | extend compliant=false | project id,compliant) | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 0,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query22\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Do not implement more than 900 NSG rules per NSG, due to the limit of 1000 rules. Check [this link](https://learn.microsoft.com/azure/azure-resource-manager/management/azure-subscription-service-limits) for further information.. [This training](https://learn.microsoft.com/azure/virtual-network/network-security-group-how-it-works) can help to educate yourself on this.\"\n                        },\n                        \"name\": \"querytext23\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type == 'microsoft.network/networksecuritygroups' | project id, rules = array_length(properties.securityRules) | project id, compliant = (rules < 900) | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 0,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query23\"\n                    }\n                ]\n            },\n            \"conditionalVisibility\": {\n                \"parameterName\": \"VisibleTab\",\n                \"comparison\": \"isEqualTo\",\n                \"value\": \"tab0\"\n            },\n            \"name\": \"tab0\"\n        },\n        {\n            \"type\": 12,\n            \"content\": {\n                \"version\": \"NotebookGroup/1.0\",\n                \"groupType\": \"editable\",\n                \"items\": [\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"## Hybrid\"\n                        },\n                        \"name\": \"tab1title\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Select the right SKU for the ExpressRoute/VPN gateways based on bandwidth and performance requirements. Check [this link](https://learn.microsoft.com/azure/expressroute/expressroute-about-virtual-network-gateways?source=recommendations#gwsku) for further information.. [This training](https://learn.microsoft.com/learn/modules/design-implement-azure-expressroute/) can help to educate yourself on this.\"\n                        },\n                        \"name\": \"querytext7\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources| where type == 'microsoft.network/virtualnetworkgateways'| where properties.gatewayType =~ 'vpn' or properties.gatewayType == 'ExpressRoute'| extend SKUName = properties.sku.name, SKUTier = properties.sku.tier, Type = properties.gatewayType| extend compliant = SKUTier !in ('Basic', 'Standard')| project name, id, subscriptionId, resourceGroup, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 0,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query7\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Ensure that you're using unlimited-data ExpressRoute circuits only if you reach the bandwidth that justifies their cost. Check [this link](https://learn.microsoft.com/azure/expressroute/plan-manage-cost) for further information.. [This training](https://learn.microsoft.com/training/modules/design-implement-azure-expressroute/) can help to educate yourself on this.\"\n                        },\n                        \"name\": \"querytext8\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/expressroutecircuits' | extend compliant = (tolower(sku.family) == 'metereddata' or tolower(sku.tier) == 'local') | distinct id,compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 0,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query8\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Leverage the Local SKU of ExpressRoute to reduce the cost of your circuits, if your circuit peering location supports your Azure regions for the Local SKU. Check [this link](https://learn.microsoft.com/azure/expressroute/expressroute-faqs#expressroute-local) for further information.. [This training](https://learn.microsoft.com/training/modules/design-implement-azure-expressroute/) can help to educate yourself on this.\"\n                        },\n                        \"name\": \"querytext9\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/connections' | where properties.connectionType == 'ExpressRoute' | project id, gwid=tostring(properties.virtualNetworkGateway1.id), circuitid=tostring(properties.peer.id) | join (resources | where type=='microsoft.network/expressroutecircuits' | project circuitid=tostring(id), circuitsku=sku.tier) on circuitid | project id=gwid, compliant = (circuitsku == 'Local') | summarize compliant=max(compliant) by id | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 0,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query9\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Deploy a zone-redundant ExpressRoute gateway in the supported Azure regions. Check [this link](https://learn.microsoft.com/azure/expressroute/expressroute-about-virtual-network-gateways) for further information.. [This training](https://learn.microsoft.com/learn/modules/design-implement-azure-expressroute/) can help to educate yourself on this.\"\n                        },\n                        \"name\": \"querytext10\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources| where type == 'microsoft.network/virtualnetworkgateways'| where properties.gatewayType =~ 'vpn' or properties.gatewayType == 'ExpressRoute'| extend SKUName = properties.sku.name, SKUTier = properties.sku.tier, Type = properties.gatewayType| extend compliant = SKUTier contains 'AZ'| project name, id, subscriptionId, resourceGroup, Type, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 0,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query10\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Use zone-redundant VPN gateways to connect branches or remote locations to Azure (where available). Check [this link](https://learn.microsoft.com/azure/vpn-gateway/create-zone-redundant-vnet-gateway) for further information.. [This training](https://learn.microsoft.com/training/modules/intro-to-azure-vpn-gateway/) can help to educate yourself on this.\"\n                        },\n                        \"name\": \"querytext11\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/virtualnetworkgateways' | where properties.gatewayType == 'Vpn' | extend compliant = (tolower(properties.sku.name) contains 'az') | distinct id, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 0,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query11\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Use ExpressRoute circuits from different peering locations for redundancy. Check [this link](https://learn.microsoft.com/azure/expressroute/designing-for-disaster-recovery-with-expressroute-privatepeering#need-for-redundant-connectivity-solution) for further information.. [This training](https://learn.microsoft.com/learn/modules/design-implement-azure-expressroute/) can help to educate yourself on this.\"\n                        },\n                        \"name\": \"querytext12\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/connections' | where properties.connectionType == 'ExpressRoute' | project cxId=id, gwId=tostring(properties.virtualNetworkGateway1.id), circuitId=tostring(properties.peer.id) | join (resources | where type=='microsoft.network/expressroutecircuits' | project circuitId=tostring(id), circuitLocation=tostring(properties.serviceProviderProperties.peeringLocation)) on circuitId | distinct gwId, circuitLocation | summarize countErLocations=count() by id=gwId | extend compliant = (countErLocations >= 2) | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 0,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query12\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"If you are using a route table in the GatewaySubnet, make sure that gateway routes are propagated. Check [this link](https://learn.microsoft.com/azure/vpn-gateway/vpn-gateway-about-vpn-gateway-settings#gwsub) for further information.\"\n                        },\n                        \"name\": \"querytext13\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/virtualnetworks' | project id,resourceGroup,name,subnets=properties.subnets | mv-expand subnets | project id,resourceGroup,name,subnetName=tostring(subnets.name),routeTableId=tostring(subnets.properties.routeTable.id) | where subnetName == 'GatewaySubnet' | join kind=leftouter (Resources | where type == 'microsoft.network/routetables' | project routeTableName=name,routeTableId=id, disableBgpRoutePropagation=properties.disableBgpRoutePropagation) on routeTableId | project id,compliant = (disableBgpRoutePropagation == False or isnull(disableBgpRoutePropagation)) | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 0,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query13\"\n                    }\n                ]\n            },\n            \"conditionalVisibility\": {\n                \"parameterName\": \"VisibleTab\",\n                \"comparison\": \"isEqualTo\",\n                \"value\": \"tab1\"\n            },\n            \"name\": \"tab1\"\n        },\n        {\n            \"type\": 12,\n            \"content\": {\n                \"version\": \"NotebookGroup/1.0\",\n                \"groupType\": \"editable\",\n                \"items\": [\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"## Hub and spoke\"\n                        },\n                        \"name\": \"tab2title\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"If using Route Server, use a /27 prefix for the Route Server subnet. Check [this link](https://learn.microsoft.com/azure/route-server/quickstart-configure-route-server-portal#create-a-route-server-1) for further information.. [This training](https://learn.microsoft.com/training/modules/intro-to-azure-route-server/) can help to educate yourself on this.\"\n                        },\n                        \"name\": \"querytext0\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/virtualnetworks' | project id,subnets=properties.subnets | mv-expand subnets | project id, subnetName = subnets.name, subnetPrefix = subnets.properties.addressPrefix | extend subnetPrefixLength = split(subnetPrefix, '/')[1] | where subnetName == 'RouteServerSubnet' | extend compliant = (subnetPrefixLength <= 27) | distinct id, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 0,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query0\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"If you have more than 400 spoke networks in a region, deploy an additional hub to bypass VNet peering limits (500) and the maximum number of prefixes that can be advertised via ExpressRoute (1000). Check [this link](https://learn.microsoft.com/azure/azure-resource-manager/management/azure-subscription-service-limits?toc=/azure/virtual-network/toc.json#azure-resource-manager-virtual-networking-limits) for further information.. [This training](https://learn.microsoft.com/training/modules/hub-and-spoke-network-architecture/) can help to educate yourself on this.\"\n                        },\n                        \"name\": \"querytext1\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type == 'microsoft.network/virtualnetworks' | mvexpand properties.virtualNetworkPeerings | summarize peeringcount = count() by id | extend compliant = (peeringcount < 450) | distinct id,compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 0,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query1\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Limit the number of routes per route table to 400. Check [this link](https://learn.microsoft.com/azure/azure-resource-manager/management/azure-subscription-service-limits?toc=/azure/virtual-network/toc.json#azure-resource-manager-virtual-networking-limits) for further information.. [This training](https://learn.microsoft.com/training/modules/hub-and-spoke-network-architecture/) can help to educate yourself on this.\"\n                        },\n                        \"name\": \"querytext2\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/routetables' | mvexpand properties.routes | summarize routeCount = count() by id | extend compliant = (routeCount < 360) | distinct id,compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 0,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query2\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Use the setting 'Allow traffic to remote virtual network' when configuring VNet peerings. Check [this link](https://learn.microsoft.com/azure/virtual-network/virtual-network-manage-peering) for further information.. [This training](https://learn.microsoft.com/training/modules/hub-and-spoke-network-architecture/) can help to educate yourself on this.\"\n                        },\n                        \"name\": \"querytext3\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type == 'microsoft.network/virtualnetworks' | mvexpand properties.virtualNetworkPeerings | project id, peeringName=properties_virtualNetworkPeerings.name, compliant = (properties_virtualNetworkPeerings.properties.allowVirtualNetworkAccess == True) | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 0,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query3\"\n                    }\n                ]\n            },\n            \"conditionalVisibility\": {\n                \"parameterName\": \"VisibleTab\",\n                \"comparison\": \"isEqualTo\",\n                \"value\": \"tab2\"\n            },\n            \"name\": \"tab2\"\n        },\n        {\n            \"type\": 12,\n            \"content\": {\n                \"version\": \"NotebookGroup/1.0\",\n                \"groupType\": \"editable\",\n                \"items\": [\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"## IP plan\"\n                        },\n                        \"name\": \"tab3title\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Use IP addresses from the address allocation ranges for private internets (RFC 1918). Check [this link](https://learn.microsoft.com/azure/cloud-adoption-framework/ready/azure-best-practices/plan-for-ip-addressing) for further information.. [This training](https://learn.microsoft.com/learn/paths/architect-network-infrastructure/) can help to educate yourself on this.\"\n                        },\n                        \"name\": \"querytext4\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type == 'microsoft.network/virtualnetworks' | extend addressSpace = todynamic(properties.addressSpace) | extend addressPrefix = todynamic(properties.addressSpace.addressPrefixes) | mvexpand addressSpace | mvexpand addressPrefix | project name, id, location, resourceGroup, subscriptionId, cidr = addressPrefix | extend compliant = (cidr matches regex @'^(10\\\\.|172\\\\.(1[6-9]|2[0-9]|3[01])\\\\.|192\\\\.168\\\\.)')  | project id, compliant, cidr | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 0,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query4\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Ensure that IP address space isn't wasted, don't create unnecessarily large virtual networks (for example /16). Check [this link](https://learn.microsoft.com/azure/cloud-adoption-framework/ready/azure-best-practices/plan-for-ip-addressing) for further information.. [This training](https://learn.microsoft.com/learn/paths/architect-network-infrastructure/) can help to educate yourself on this.\"\n                        },\n                        \"name\": \"querytext5\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type == 'microsoft.network/virtualnetworks' | extend addressSpace = todynamic(properties.addressSpace) | extend addressPrefix = todynamic(properties.addressSpace.addressPrefixes) | mvexpand addressSpace | mvexpand addressPrefix | extend addressMask = split(addressPrefix,'/')[1] | extend compliant = addressMask > 16 | project name, id, subscriptionId, resourceGroup, addressPrefix, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 0,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query5\"\n                    }\n                ]\n            },\n            \"conditionalVisibility\": {\n                \"parameterName\": \"VisibleTab\",\n                \"comparison\": \"isEqualTo\",\n                \"value\": \"tab3\"\n            },\n            \"name\": \"tab3\"\n        },\n        {\n            \"type\": 12,\n            \"content\": {\n                \"version\": \"NotebookGroup/1.0\",\n                \"groupType\": \"editable\",\n                \"items\": [\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"## Firewall\"\n                        },\n                        \"name\": \"tab4title\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Use application rules to filter outbound traffic on destination host name for supported protocols.  Use FQDN-based network rules and Azure Firewall with DNS proxy to filter egress traffic to the Internet over other protocols. Check [this link](https://learn.microsoft.com/azure/firewall/fqdn-filtering-network-rules) for further information.. [This training](https://learn.microsoft.com/learn/paths/secure-networking-infrastructure/) can help to educate yourself on this.\"\n                        },\n                        \"name\": \"querytext14\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/firewallpolicies' | extend compliant = (properties.dnsSettings.enableProxy == true) | distinct id,compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 0,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query14\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Use Azure Firewall Premium to enable additional security features. Check [this link](https://learn.microsoft.com/azure/firewall/premium-features) for further information.. [This training](https://learn.microsoft.com/training/modules/introduction-azure-firewall/) can help to educate yourself on this.\"\n                        },\n                        \"name\": \"querytext15\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/firewallpolicies' | extend compliant = (properties.sku.tier == 'Premium') | distinct id,compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 0,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query15\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Configure Azure Firewall Threat Intelligence mode to Alert and Deny for additional protection. Check [this link](https://learn.microsoft.com/azure/firewall/premium-features#idps-signature-rules) for further information.\"\n                        },\n                        \"name\": \"querytext16\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/firewallpolicies' | extend compliant = (properties.threatIntelMode == 'Deny') | distinct id,compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 0,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query16\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Configure Azure Firewall IDPS mode to Deny for additional protection. Check [this link](https://learn.microsoft.com/azure/firewall/premium-features#idps) for further information.. [This training](https://learn.microsoft.com/training/modules/introduction-azure-firewall/) can help to educate yourself on this.\"\n                        },\n                        \"name\": \"querytext17\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/firewallpolicies' | extend compliant = (properties.intrusionDetection.mode == 'Deny') | project id, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 0,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query17\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"For subnets in VNets not connected to Virtual WAN, attach a route table so that Internet traffic is redirected to Azure Firewall or a Network Virtual Appliance. Check [this link](https://learn.microsoft.com/azure/virtual-network/virtual-networks-udr-overview) for further information.\"\n                        },\n                        \"name\": \"querytext18\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/virtualnetworks' | project id,resourceGroup,name,subnets=properties.subnets | mv-expand subnets | project id,name,subnetId=tostring(subnets.id), subnetName=tostring(subnets.name),subnetRT=subnets.properties.routeTable.id | where not (subnetName in ('GatewaySubnet', 'AzureFirewallSubnet', 'RouteServerSubnet', 'AzureBastionSubnet')) | extend hasRT = isnotnull(subnetRT) | distinct id, hasRT, subnetId | join kind=fullouter (resources | where type == 'microsoft.network/virtualnetworks' | mvexpand properties.virtualNetworkPeerings | extend isVWAN=(tolower(split(properties_virtualNetworkPeerings.name, '_')[0]) == 'remotevnettohubpeering') | mv-expand properties.subnets | project id, isVWAN, name, subnetId=tostring(properties_subnets.id), subnetName=tostring(properties_subnets.name) | summarize PeeredToVWAN=max(isVWAN) by id, subnetId | project id, subnetId, isVWANpeer = (PeeredToVWAN == true)) on subnetId | project id=iff(isnotempty(id), id, id1), subnetId=iff(isnotempty(subnetId), subnetId, subnetId1), hasRT, isVWANpeer | extend compliant = (hasRT==true or isVWANpeer==true) | distinct id, subnetId, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 0,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query18\"\n                    }\n                ]\n            },\n            \"conditionalVisibility\": {\n                \"parameterName\": \"VisibleTab\",\n                \"comparison\": \"isEqualTo\",\n                \"value\": \"tab4\"\n            },\n            \"name\": \"tab4\"\n        },\n        {\n            \"type\": 12,\n            \"content\": {\n                \"version\": \"NotebookGroup/1.0\",\n                \"groupType\": \"editable\",\n                \"items\": [\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"## Internet\"\n                        },\n                        \"name\": \"tab5title\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Use Azure Bastion in a subnet /26 or larger. Check [this link](https://learn.microsoft.com/azure/bastion/bastion-faq#subnet) for further information.. [This training](https://learn.microsoft.com/training/modules/intro-to-azure-bastion/) can help to educate yourself on this.\"\n                        },\n                        \"name\": \"querytext6\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/virtualnetworks' | project id,subnets=properties.subnets | mv-expand subnets | project id, subnetName = subnets.name, subnetPrefix = subnets.properties.addressPrefix | extend subnetPrefixLength = split(subnetPrefix, '/')[1] | where subnetName == 'AzureBastionSubnet' | extend compliant = (subnetPrefixLength <= 26) | distinct id, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 0,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query6\"\n                    }\n                ]\n            },\n            \"conditionalVisibility\": {\n                \"parameterName\": \"VisibleTab\",\n                \"comparison\": \"isEqualTo\",\n                \"value\": \"tab5\"\n            },\n            \"name\": \"tab5\"\n        },\n        {\n            \"type\": 12,\n            \"content\": {\n                \"version\": \"NotebookGroup/1.0\",\n                \"groupType\": \"editable\",\n                \"items\": [\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"## PaaS\"\n                        },\n                        \"name\": \"tab6title\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Don't enable virtual network service endpoints by default on all subnets. Check [this link](https://learn.microsoft.com/azure/virtual-network/virtual-network-service-endpoints-overview) for further information.. [This training](https://learn.microsoft.com/learn/paths/implement-network-security/?source=learn) can help to educate yourself on this.\"\n                        },\n                        \"name\": \"querytext20\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type =~ 'microsoft.network/virtualnetworks' | project id,resourceGroup,name,subnets = properties.subnets | mv-expand subnets | project id = subnets.id, resourceGroup, VNet = name, serviceEndpoints = subnets.properties.serviceEndpoints, compliant = (isnull(subnets.properties.serviceEndpoints) or array_length(subnets.properties.serviceEndpoints) == 0) | order by compliant asc | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 0,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query20\"\n                    }\n                ]\n            },\n            \"conditionalVisibility\": {\n                \"parameterName\": \"VisibleTab\",\n                \"comparison\": \"isEqualTo\",\n                \"value\": \"tab6\"\n            },\n            \"name\": \"tab6\"\n        },\n        {\n            \"type\": 12,\n            \"content\": {\n                \"version\": \"NotebookGroup/1.0\",\n                \"groupType\": \"editable\",\n                \"items\": [\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"## Virtual WAN\"\n                        },\n                        \"name\": \"tab7title\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"For outbound Internet traffic protection and filtering, deploy Azure Firewall in secured hubs. Check [this link](https://learn.microsoft.com/azure/virtual-wan/howto-firewall) for further information.. [This training](https://learn.microsoft.com/learn/paths/secure-networking-infrastructure/) can help to educate yourself on this.\"\n                        },\n                        \"name\": \"querytext24\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/virtualhubs' | extend compliant = isnotnull(properties.azureFirewall.id) | project id, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 0,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query24\"\n                    }\n                ]\n            },\n            \"conditionalVisibility\": {\n                \"parameterName\": \"VisibleTab\",\n                \"comparison\": \"isEqualTo\",\n                \"value\": \"tab7\"\n            },\n            \"name\": \"tab7\"\n        }\n    ],\n    \"$schema\": \"https://github.com/Microsoft/Application-Insights-Workbooks/blob/master/schema/workbook.json\"\n}",
                 "version": "1.0",
                 "sourceId": "[parameters('workbookSourceId')]",
                 "category": "[parameters('workbookType')]"
diff --git a/workbooks/appdelivery_checklist.en_network_counters_workbook.json b/workbooks/appdelivery_checklist.en_network_counters_workbook.json
index 6bb0552c5..14567c325 100644
--- a/workbooks/appdelivery_checklist.en_network_counters_workbook.json
+++ b/workbooks/appdelivery_checklist.en_network_counters_workbook.json
@@ -677,7 +677,7 @@
                 "style": "tabs",
                 "links": [
                     {
-                        "id": "7adadd41-d125-47ab-b59a-87868836eb45",
+                        "id": "8b88c1e6-1057-430b-a77d-3dcc5c551944",
                         "cellValue": "VisibleTab",
                         "linkTarget": "parameter",
                         "linkLabel": "App Gateway ({Tab0Success:value}/{Tab0Total:value})",
@@ -686,7 +686,7 @@
                         "style": "primary"
                     },
                     {
-                        "id": "bb96b9a1-08e1-4c18-aa08-a6df95cbf8eb",
+                        "id": "25376e9f-fd4e-4e40-b1b5-eb361859e567",
                         "cellValue": "VisibleTab",
                         "linkTarget": "parameter",
                         "linkLabel": "Load Balancer ({Tab1Success:value}/{Tab1Total:value})",
@@ -695,7 +695,7 @@
                         "style": "primary"
                     },
                     {
-                        "id": "3bea167d-a6a9-4d1b-989e-d10cd0781436",
+                        "id": "255a1c6b-8cad-429d-b562-7559de75f8ae",
                         "cellValue": "VisibleTab",
                         "linkTarget": "parameter",
                         "linkLabel": "Front Door ({Tab2Success:value}/{Tab2Total:value})",
diff --git a/workbooks/appdelivery_checklist.en_network_counters_workbook_template.json b/workbooks/appdelivery_checklist.en_network_counters_workbook_template.json
index 74dbb15bf..fa6a892c3 100644
--- a/workbooks/appdelivery_checklist.en_network_counters_workbook_template.json
+++ b/workbooks/appdelivery_checklist.en_network_counters_workbook_template.json
@@ -41,7 +41,7 @@
             "dependsOn": [],
             "properties": {
                 "displayName": "[parameters('workbookDisplayName')]",
-                "serializedData": "{\n    \"version\": \"Notebook/1.0\",\n    \"items\": [\n        {\n            \"type\": 9,\n            \"content\": {\n                \"version\": \"KqlParameterItem/1.0\",\n                \"parameters\": [\n                    {\n                        \"id\": \"497a107e-dde8-433e-b263-35ac8e8f7834\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Subscription\",\n                        \"type\": 6,\n                        \"multiSelect\": true,\n                        \"quote\": \"'\",\n                        \"delimiter\": \",\",\n                        \"typeSettings\": {\n                            \"additionalResourceOptions\": [\n                                \"value::all\"\n                            ],\n                            \"includeAll\": true,\n                            \"showDefault\": false\n                        },\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"value\": [\n                            \"value::all\"\n                        ]\n                    },\n                    {\n                        \"id\": \"844e4f4e-df51-4e3c-8eaf-0dc78b92c721\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"OnlyFailed\",\n                        \"label\": \"Only show failed\",\n                        \"type\": 2,\n                        \"typeSettings\": {\n                            \"additionalResourceOptions\": [],\n                            \"showDefault\": false\n                        },\n                        \"jsonData\": \"[\\r\\n    { \\\"value\\\":true, \\\"label\\\":\\\"True\\\" },\\r\\n    { \\\"value\\\":false, \\\"label\\\":\\\"False\\\", \\\"selected\\\":true }\\r\\n]\"\n                    }\n                ],\n                \"style\": \"pills\",\n                \"queryType\": 0,\n                \"resourceType\": \"microsoft.operationalinsights/workspaces\"\n            },\n            \"name\": \"WorkbookSelectors\"\n        },\n        {\n            \"type\": 1,\n            \"content\": {\n                \"json\": \"If you set \\\"Only show failed\\\" to \\\"Yes\\\", the different queries will only show items that have failed their compliance checks.\",\n                \"style\": \"info\"\n            },\n            \"name\": \"InfoBox\"\n        },\n        {\n            \"type\": 9,\n            \"content\": {\n                \"version\": \"KqlParameterItem/1.0\",\n                \"crossComponentResources\": [\n                    \"value::all\"\n                ],\n                \"parameters\": [\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query0Stats\",\n                        \"type\": 1,\n                        \"query\": \"resources | where type == 'microsoft.network/applicationgateways' | project id, compliant = properties.sku.name in ('Standard_v2', 'WAF_v2') | project id,compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                        \"crossComponentResources\": [\n                            \"{Subscription}\"\n                        ],\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 1,\n                        \"resourceType\": \"microsoft.resourcegraph/resources\"\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query0FullyCompliant\",\n                        \"type\": 1,\n                        \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query0Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 8\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query1Stats\",\n                        \"type\": 1,\n                        \"query\": \"resources | where type == 'microsoft.network/loadbalancers' | project id, compliant=(tolower(sku.name) == 'standard')| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                        \"crossComponentResources\": [\n                            \"{Subscription}\"\n                        ],\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 1,\n                        \"resourceType\": \"microsoft.resourcegraph/resources\"\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query1FullyCompliant\",\n                        \"type\": 1,\n                        \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query1Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 8\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query2Stats\",\n                        \"type\": 1,\n                        \"query\": \"resources | where type=='microsoft.network/applicationgateways' | extend subnetId = tostring(properties.gatewayIPConfigurations[0].properties.subnet.id) | project id, subnetId | join (resources | where type=='microsoft.network/virtualnetworks' | project id,subnets=properties.subnets | mv-expand subnets | mv-expand subnets.properties.addressPrefixes | project id, subnetId = tostring(subnets.id), prefix1 = subnets.properties.addressPrefix, prefix2 = subnets.properties.addressPrefixes | mv-expand prefix2 | extend prefix = iff(isnotnull(prefix1), prefix1, prefix2) | extend subnetPrefixLength = split(prefix, '/')[1])on subnetId | extend compliant = (subnetPrefixLength <= 24 or subnetPrefixLength == 64) | distinct id,compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                        \"crossComponentResources\": [\n                            \"{Subscription}\"\n                        ],\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 1,\n                        \"resourceType\": \"microsoft.resourcegraph/resources\"\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query2FullyCompliant\",\n                        \"type\": 1,\n                        \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query2Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 8\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query3Stats\",\n                        \"type\": 1,\n                        \"query\": \"resources | where type =~ 'microsoft.network/applicationGateways' | extend compliant = (isnotnull(properties.autoscaleConfiguration) and properties.autoscaleConfiguration.minCapacity >= 2) | distinct id,compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                        \"crossComponentResources\": [\n                            \"{Subscription}\"\n                        ],\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 1,\n                        \"resourceType\": \"microsoft.resourcegraph/resources\"\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query3FullyCompliant\",\n                        \"type\": 1,\n                        \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query3Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 8\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query4Stats\",\n                        \"type\": 1,\n                        \"query\": \"resources | where type =~ 'microsoft.network/applicationGateways' | extend compliant = (isnotnull(zones) and array_length(zones) > 1) | distinct id,compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                        \"crossComponentResources\": [\n                            \"{Subscription}\"\n                        ],\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 1,\n                        \"resourceType\": \"microsoft.resourcegraph/resources\"\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query4FullyCompliant\",\n                        \"type\": 1,\n                        \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query4Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 8\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query5Stats\",\n                        \"type\": 1,\n                        \"query\": \"resources | where type == 'microsoft.network/frontdoorwebapplicationfirewallpolicies' | project policyName=name, policyId=id,policySku=sku.name, links=properties.securityPolicyLinks, enabledState=properties.policySettings.enabledState, mode=properties.policySettings.mode | mvexpand links | extend securityPolicy=links.id | extend securityPolicyParts=split(securityPolicy, '/') | extend profileId=strcat_array(array_slice(securityPolicyParts, 0, -3), '/') | project id=profileId, compliant=((enabledState=='Enabled') and (mode=='Prevention')), enabledState, mode| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                        \"crossComponentResources\": [\n                            \"{Subscription}\"\n                        ],\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 1,\n                        \"resourceType\": \"microsoft.resourcegraph/resources\"\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query5FullyCompliant\",\n                        \"type\": 1,\n                        \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query5Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 8\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query6Stats\",\n                        \"type\": 1,\n                        \"query\": \"cdnresources | where type =~ 'microsoft.cdn/profiles/origingroups/origins' | extend frontDoorId = substring(id, 0, indexof(id, '/origingroups')) | extend originGroupId = substring(id, 0, indexof(id, '/origins')) | join kind=inner (cdnresources | where type =~ 'microsoft.cdn/profiles/origingroups' | extend originGroupName = name | extend hasHealthProbe = isnotnull(properties.healthProbeSettings)) on $left.originGroupId == $right.id | summarize numberOrigins = count() by originGroupId, subscriptionId, frontDoorId, hasHealthProbe, originGroupName | extend compliant = not(numberOrigins == 1 and hasHealthProbe) | project id = frontDoorId, compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                        \"crossComponentResources\": [\n                            \"{Subscription}\"\n                        ],\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 1,\n                        \"resourceType\": \"microsoft.resourcegraph/resources\"\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query6FullyCompliant\",\n                        \"type\": 1,\n                        \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query6Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 8\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query7Stats\",\n                        \"type\": 1,\n                        \"query\": \"cdnresources | where type =~ 'microsoft.cdn/profiles/origingroups' | extend frontDoorId = substring(id, 0, indexof(id, '/origingroups/')) | extend compliant = (isnull(properties['healthProbeSettings']['probeRequestType']) or toupper(properties['healthProbeSettings']['probeRequestType']) == 'HEAD') | project compliant, id=frontDoorId| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                        \"crossComponentResources\": [\n                            \"{Subscription}\"\n                        ],\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 1,\n                        \"resourceType\": \"microsoft.resourcegraph/resources\"\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query7FullyCompliant\",\n                        \"type\": 1,\n                        \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query7Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 8\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query8Stats\",\n                        \"type\": 1,\n                        \"query\": \"resources | where type=='microsoft.network/loadbalancers' | extend countOutRules=array_length(properties.outboundRules) | extend compliant = (countOutRules == 0) | distinct id,compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                        \"crossComponentResources\": [\n                            \"{Subscription}\"\n                        ],\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 1,\n                        \"resourceType\": \"microsoft.resourcegraph/resources\"\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query8FullyCompliant\",\n                        \"type\": 1,\n                        \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query8Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 8\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query9Stats\",\n                        \"type\": 1,\n                        \"query\": \"cdnresources | where type =~ 'microsoft.cdn/profiles/customdomains' | extend frontDoorId = substring(id, 0, indexof(id, '/customdomains')) | extend compliant = (isnull(properties['tlsSettings']['certificateType']) or tolower(properties['tlsSettings']['certificateType']) =~ 'customercertificate') | project compliant, id = frontDoorId| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                        \"crossComponentResources\": [\n                            \"{Subscription}\"\n                        ],\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 1,\n                        \"resourceType\": \"microsoft.resourcegraph/resources\"\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query9FullyCompliant\",\n                        \"type\": 1,\n                        \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query9Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 8\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query10Stats\",\n                        \"type\": 1,\n                        \"query\": \"resources | where type == 'microsoft.network/applicationgatewaywebapplicationfirewallpolicies' | mv-expand properties.managedRules.managedRuleSets | project id, rulesettype = properties_managedRules_managedRuleSets.ruleSetType | extend compliant1 = (rulesettype == 'Microsoft_BotManagerRuleSet') | project id, compliant1 | summarize compliant = max(compliant1) by id| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                        \"crossComponentResources\": [\n                            \"{Subscription}\"\n                        ],\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 1,\n                        \"resourceType\": \"microsoft.resourcegraph/resources\"\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query10FullyCompliant\",\n                        \"type\": 1,\n                        \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query10Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 8\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query11Stats\",\n                        \"type\": 1,\n                        \"query\": \"resources | where type == 'microsoft.network/frontdoorwebapplicationfirewallpolicies' | project policyName=name, policyId=id,policySku=sku.name, links=properties.securityPolicyLinks, enabledState=properties.policySettings.enabledState, mode=properties.policySettings.mode | mvexpand links | extend securityPolicy=links.id | extend securityPolicyParts=split(securityPolicy, '/') | extend profileId=strcat_array(array_slice(securityPolicyParts, 0, -3), '/') | project id=profileId, compliant=((enabledState=='Enabled') and (mode=='Prevention')), enabledState, mode| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                        \"crossComponentResources\": [\n                            \"{Subscription}\"\n                        ],\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 1,\n                        \"resourceType\": \"microsoft.resourcegraph/resources\"\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query11FullyCompliant\",\n                        \"type\": 1,\n                        \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query11Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 8\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Tab0Success\",\n                        \"type\": 1,\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"criteriaData\": [\n                            {\n                                \"criteriaContext\": {\n                                    \"operator\": \"Default\",\n                                    \"resultValType\": \"expression\",\n                                    \"resultVal\": \"{Query0Stats:$.Success}+{Query2Stats:$.Success}+{Query3Stats:$.Success}+{Query4Stats:$.Success}+{Query10Stats:$.Success}+{Query11Stats:$.Success}\"\n                                }\n                            }\n                        ]\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Tab0Total\",\n                        \"type\": 1,\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"criteriaData\": [\n                            {\n                                \"criteriaContext\": {\n                                    \"operator\": \"Default\",\n                                    \"resultValType\": \"expression\",\n                                    \"resultVal\": \"{Query0Stats:$.Total}+{Query2Stats:$.Total}+{Query3Stats:$.Total}+{Query4Stats:$.Total}+{Query10Stats:$.Total}+{Query11Stats:$.Total}\"\n                                }\n                            }\n                        ]\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Tab0Percent\",\n                        \"type\": 1,\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"criteriaData\": [\n                            {\n                                \"criteriaContext\": {\n                                    \"operator\": \"Default\",\n                                    \"resultValType\": \"expression\",\n                                    \"resultVal\": \"round(100*{Tab0Success}/{Tab0Total})\"\n                                }\n                            }\n                        ]\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Tab1Success\",\n                        \"type\": 1,\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"criteriaData\": [\n                            {\n                                \"criteriaContext\": {\n                                    \"operator\": \"Default\",\n                                    \"resultValType\": \"expression\",\n                                    \"resultVal\": \"{Query1Stats:$.Success}+{Query8Stats:$.Success}\"\n                                }\n                            }\n                        ]\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Tab1Total\",\n                        \"type\": 1,\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"criteriaData\": [\n                            {\n                                \"criteriaContext\": {\n                                    \"operator\": \"Default\",\n                                    \"resultValType\": \"expression\",\n                                    \"resultVal\": \"{Query1Stats:$.Total}+{Query8Stats:$.Total}\"\n                                }\n                            }\n                        ]\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Tab1Percent\",\n                        \"type\": 1,\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"criteriaData\": [\n                            {\n                                \"criteriaContext\": {\n                                    \"operator\": \"Default\",\n                                    \"resultValType\": \"expression\",\n                                    \"resultVal\": \"round(100*{Tab1Success}/{Tab1Total})\"\n                                }\n                            }\n                        ]\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Tab2Success\",\n                        \"type\": 1,\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"criteriaData\": [\n                            {\n                                \"criteriaContext\": {\n                                    \"operator\": \"Default\",\n                                    \"resultValType\": \"expression\",\n                                    \"resultVal\": \"{Query5Stats:$.Success}+{Query6Stats:$.Success}+{Query7Stats:$.Success}+{Query9Stats:$.Success}\"\n                                }\n                            }\n                        ]\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Tab2Total\",\n                        \"type\": 1,\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"criteriaData\": [\n                            {\n                                \"criteriaContext\": {\n                                    \"operator\": \"Default\",\n                                    \"resultValType\": \"expression\",\n                                    \"resultVal\": \"{Query5Stats:$.Total}+{Query6Stats:$.Total}+{Query7Stats:$.Total}+{Query9Stats:$.Total}\"\n                                }\n                            }\n                        ]\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Tab2Percent\",\n                        \"type\": 1,\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"criteriaData\": [\n                            {\n                                \"criteriaContext\": {\n                                    \"operator\": \"Default\",\n                                    \"resultValType\": \"expression\",\n                                    \"resultVal\": \"round(100*{Tab2Success}/{Tab2Total})\"\n                                }\n                            }\n                        ]\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"WorkbookTotal\",\n                        \"type\": 1,\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"criteriaData\": [\n                            {\n                                \"criteriaContext\": {\n                                    \"operator\": \"Default\",\n                                    \"resultValType\": \"expression\",\n                                    \"resultVal\": \"{Query0Stats:$.Total}+{Query2Stats:$.Total}+{Query3Stats:$.Total}+{Query4Stats:$.Total}+{Query10Stats:$.Total}+{Query11Stats:$.Total}+{Query1Stats:$.Total}+{Query8Stats:$.Total}+{Query5Stats:$.Total}+{Query6Stats:$.Total}+{Query7Stats:$.Total}+{Query9Stats:$.Total}\"\n                                }\n                            }\n                        ]\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"WorkbookSuccess\",\n                        \"type\": 1,\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"criteriaData\": [\n                            {\n                                \"criteriaContext\": {\n                                    \"operator\": \"Default\",\n                                    \"resultValType\": \"expression\",\n                                    \"resultVal\": \"{Query0Stats:$.Success}+{Query2Stats:$.Success}+{Query3Stats:$.Success}+{Query4Stats:$.Success}+{Query10Stats:$.Success}+{Query11Stats:$.Success}+{Query1Stats:$.Success}+{Query8Stats:$.Success}+{Query5Stats:$.Success}+{Query6Stats:$.Success}+{Query7Stats:$.Success}+{Query9Stats:$.Success}\"\n                                }\n                            }\n                        ]\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"WorkbookPercent\",\n                        \"type\": 1,\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"criteriaData\": [\n                            {\n                                \"criteriaContext\": {\n                                    \"operator\": \"Default\",\n                                    \"resultValType\": \"expression\",\n                                    \"resultVal\": \"round(100*{WorkbookSuccess}/{WorkbookTotal})\"\n                                }\n                            }\n                        ]\n                    }\n                ],\n                \"style\": \"pills\",\n                \"queryType\": 1,\n                \"resourceType\": \"microsoft.resourcegraph/resources\"\n            },\n            \"name\": \"InvisibleParameters\"\n        },\n        {\n            \"type\": 1,\n            \"content\": {\n                \"json\": \"## Azure Application Delivery Networking - Network\\n\\n---\\n\\nThis workbook has been automatically generated out of the checklists in the [Azure Review Checklists repo](https://github.com/Azure/review-checklists). This repo contains best practices and recommendations around generic Landing Zones as well as specific services such as Azure Virtual Desktop, Azure Kubernetes Service or Azure VMware Solution, to name a few. This repository of best practices is curated by Azure engineers, but open to anybody to contribute.\\n\\nIf you see a problem in the queries that are part of this workbook, please open a Github issue [here](https://github.com/Azure/review-checklists/issues/new).\"\n            },\n            \"customWidth\": \"50\",\n            \"name\": \"MarkdownHeader\"\n        },\n        {\n            \"type\": 3,\n            \"content\": {\n                \"version\": \"KqlItem/1.0\",\n                \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"WorkbookPercent\\\\\\\": \\\\\\\"{WorkbookPercent}\\\\\\\", \\\\\\\"SubTitle\\\\\\\": \\\\\\\"Percent of successful checks\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                \"size\": 4,\n                \"queryType\": 8,\n                \"visualization\": \"tiles\",\n                \"tileSettings\": {\n                    \"titleContent\": {\n                        \"columnMatch\": \"WorkbookPercent\",\n                        \"formatter\": 4,\n                        \"formatOptions\": {\n                            \"min\": 0,\n                            \"max\": 100,\n                            \"palette\": \"redGreen\"\n                        }\n                    },\n                    \"subtitleContent\": {\n                        \"columnMatch\": \"SubTitle\",\n                        \"formatter\": 1\n                    },\n                    \"showBorder\": true\n                }\n            },\n            \"customWidth\": \"50\",\n            \"name\": \"ProgressTile\"\n        },\n        {\n            \"type\": 11,\n            \"content\": {\n                \"version\": \"LinkItem/1.0\",\n                \"style\": \"tabs\",\n                \"links\": [\n                    {\n                        \"id\": \"7adadd41-d125-47ab-b59a-87868836eb45\",\n                        \"cellValue\": \"VisibleTab\",\n                        \"linkTarget\": \"parameter\",\n                        \"linkLabel\": \"App Gateway ({Tab0Success:value}/{Tab0Total:value})\",\n                        \"subTarget\": \"tab0\",\n                        \"preText\": \"App Gateway\",\n                        \"style\": \"primary\"\n                    },\n                    {\n                        \"id\": \"bb96b9a1-08e1-4c18-aa08-a6df95cbf8eb\",\n                        \"cellValue\": \"VisibleTab\",\n                        \"linkTarget\": \"parameter\",\n                        \"linkLabel\": \"Load Balancer ({Tab1Success:value}/{Tab1Total:value})\",\n                        \"subTarget\": \"tab1\",\n                        \"preText\": \"Load Balancer\",\n                        \"style\": \"primary\"\n                    },\n                    {\n                        \"id\": \"3bea167d-a6a9-4d1b-989e-d10cd0781436\",\n                        \"cellValue\": \"VisibleTab\",\n                        \"linkTarget\": \"parameter\",\n                        \"linkLabel\": \"Front Door ({Tab2Success:value}/{Tab2Total:value})\",\n                        \"subTarget\": \"tab2\",\n                        \"preText\": \"Front Door\",\n                        \"style\": \"primary\"\n                    }\n                ]\n            },\n            \"name\": \"Tabs\"\n        },\n        {\n            \"type\": 12,\n            \"content\": {\n                \"version\": \"NotebookGroup/1.0\",\n                \"groupType\": \"editable\",\n                \"items\": [\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"## App Gateway\"\n                        },\n                        \"name\": \"tab0title\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Ensure you are using Application Gateway v2 SKU. Check [this link](https://learn.microsoft.com/azure/application-gateway/overview-v2) for further information.. [This training](https://learn.microsoft.com/learn/paths/secure-application-delivery/) can help to educate yourself on this.\"\n                        },\n                        \"name\": \"querytext0\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type == 'microsoft.network/applicationgateways' | project id, compliant = properties.sku.name in ('Standard_v2', 'WAF_v2') | project id,compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query0\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Your Application Gateways v2 should be deployed in subnets with IP prefixes equal or larger than /24. Check [this link](https://learn.microsoft.com/azure/application-gateway/configuration-infrastructure#size-of-the-subnet) for further information.. [This training](https://learn.microsoft.com/learn/paths/secure-application-delivery/) can help to educate yourself on this.\"\n                        },\n                        \"name\": \"querytext2\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/applicationgateways' | extend subnetId = tostring(properties.gatewayIPConfigurations[0].properties.subnet.id) | project id, subnetId | join (resources | where type=='microsoft.network/virtualnetworks' | project id,subnets=properties.subnets | mv-expand subnets | mv-expand subnets.properties.addressPrefixes | project id, subnetId = tostring(subnets.id), prefix1 = subnets.properties.addressPrefix, prefix2 = subnets.properties.addressPrefixes | mv-expand prefix2 | extend prefix = iff(isnotnull(prefix1), prefix1, prefix2) | extend subnetPrefixLength = split(prefix, '/')[1])on subnetId | extend compliant = (subnetPrefixLength <= 24 or subnetPrefixLength == 64) | distinct id,compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query2\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Configure autoscaling with a minimum amount of instances of two. Check [this link](https://learn.microsoft.com/azure/application-gateway/application-gateway-autoscaling-zone-redundant) for further information.. [This training](https://learn.microsoft.com/learn/paths/secure-application-delivery/) can help to educate yourself on this.\"\n                        },\n                        \"name\": \"querytext3\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type =~ 'microsoft.network/applicationGateways' | extend compliant = (isnotnull(properties.autoscaleConfiguration) and properties.autoscaleConfiguration.minCapacity >= 2) | distinct id,compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query3\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Deploy Application Gateway across Availability Zones. Check [this link](https://learn.microsoft.com/azure/reliability/migrate-app-gateway-v2) for further information.. [This training](https://learn.microsoft.com/learn/paths/secure-application-delivery/) can help to educate yourself on this.\"\n                        },\n                        \"name\": \"querytext4\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type =~ 'microsoft.network/applicationGateways' | extend compliant = (isnotnull(zones) and array_length(zones) > 1) | distinct id,compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query4\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Enable the Azure Application Gateway WAF bot protection rule set. The bot rules detect good and bad bots. Check [this link](https://learn.microsoft.com/azure/web-application-firewall/ag/bot-protection) for further information.\"\n                        },\n                        \"name\": \"querytext10\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type == 'microsoft.network/applicationgatewaywebapplicationfirewallpolicies' | mv-expand properties.managedRules.managedRuleSets | project id, rulesettype = properties_managedRules_managedRuleSets.ruleSetType | extend compliant1 = (rulesettype == 'Microsoft_BotManagerRuleSet') | project id, compliant1 | summarize compliant = max(compliant1) by id | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query10\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Deploy your WAF policy for Application Gateway in 'Prevention' mode. Check [this link](https://learn.microsoft.com/azure/web-application-firewall/afds/waf-front-door-policy-settings) for further information.\"\n                        },\n                        \"name\": \"querytext11\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type == 'microsoft.network/frontdoorwebapplicationfirewallpolicies' | project policyName=name, policyId=id,policySku=sku.name, links=properties.securityPolicyLinks, enabledState=properties.policySettings.enabledState, mode=properties.policySettings.mode | mvexpand links | extend securityPolicy=links.id | extend securityPolicyParts=split(securityPolicy, '/') | extend profileId=strcat_array(array_slice(securityPolicyParts, 0, -3), '/') | project id=profileId, compliant=((enabledState=='Enabled') and (mode=='Prevention')), enabledState, mode | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query11\"\n                    }\n                ]\n            },\n            \"conditionalVisibility\": {\n                \"parameterName\": \"VisibleTab\",\n                \"comparison\": \"isEqualTo\",\n                \"value\": \"tab0\"\n            },\n            \"name\": \"tab0\"\n        },\n        {\n            \"type\": 12,\n            \"content\": {\n                \"version\": \"NotebookGroup/1.0\",\n                \"groupType\": \"editable\",\n                \"items\": [\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"## Load Balancer\"\n                        },\n                        \"name\": \"tab1title\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Ensure you are using the Standard SKU for your Azure Load Balancers. Check [this link](https://learn.microsoft.com/azure/load-balancer/load-balancer-overview) for further information.\"\n                        },\n                        \"name\": \"querytext1\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type == 'microsoft.network/loadbalancers' | project id, compliant=(tolower(sku.name) == 'standard') | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query1\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Use Azure NAT Gateway instead of Load Balancer outbound rules for better SNAT scalability. Check [this link](https://learn.microsoft.com/azure/nat-gateway/nat-overview#outbound-connectivity) for further information.\"\n                        },\n                        \"name\": \"querytext8\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/loadbalancers' | extend countOutRules=array_length(properties.outboundRules) | extend compliant = (countOutRules == 0) | distinct id,compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query8\"\n                    }\n                ]\n            },\n            \"conditionalVisibility\": {\n                \"parameterName\": \"VisibleTab\",\n                \"comparison\": \"isEqualTo\",\n                \"value\": \"tab1\"\n            },\n            \"name\": \"tab1\"\n        },\n        {\n            \"type\": 12,\n            \"content\": {\n                \"version\": \"NotebookGroup/1.0\",\n                \"groupType\": \"editable\",\n                \"items\": [\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"## Front Door\"\n                        },\n                        \"name\": \"tab2title\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Deploy your WAF policy for Front Door in 'Prevention' mode' so that Web Application Firewall takes appropriate action to allow or deny traffic. Check [this link](https://learn.microsoft.com/azure/web-application-firewall/afds/waf-front-door-policy-settings) for further information.\"\n                        },\n                        \"name\": \"querytext5\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type == 'microsoft.network/frontdoorwebapplicationfirewallpolicies' | project policyName=name, policyId=id,policySku=sku.name, links=properties.securityPolicyLinks, enabledState=properties.policySettings.enabledState, mode=properties.policySettings.mode | mvexpand links | extend securityPolicy=links.id | extend securityPolicyParts=split(securityPolicy, '/') | extend profileId=strcat_array(array_slice(securityPolicyParts, 0, -3), '/') | project id=profileId, compliant=((enabledState=='Enabled') and (mode=='Prevention')), enabledState, mode | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query5\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Disable health probes when there is only one origin in an Azure Front Door origin group. Check [this link](https://learn.microsoft.com/azure/frontdoor/best-practices#disable-health-probes-when-theres-only-one-origin-in-an-origin-group) for further information.\"\n                        },\n                        \"name\": \"querytext6\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"cdnresources | where type =~ 'microsoft.cdn/profiles/origingroups/origins' | extend frontDoorId = substring(id, 0, indexof(id, '/origingroups')) | extend originGroupId = substring(id, 0, indexof(id, '/origins')) | join kind=inner (cdnresources | where type =~ 'microsoft.cdn/profiles/origingroups' | extend originGroupName = name | extend hasHealthProbe = isnotnull(properties.healthProbeSettings)) on $left.originGroupId == $right.id | summarize numberOrigins = count() by originGroupId, subscriptionId, frontDoorId, hasHealthProbe, originGroupName | extend compliant = not(numberOrigins == 1 and hasHealthProbe) | project id = frontDoorId, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query6\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Use HEAD health probes with Azure Front Door, to reduce the traffic that Front Door sends to your application. Check [this link](https://learn.microsoft.com/azure/frontdoor/best-practices#use-head-health-probes) for further information.\"\n                        },\n                        \"name\": \"querytext7\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"cdnresources | where type =~ 'microsoft.cdn/profiles/origingroups' | extend frontDoorId = substring(id, 0, indexof(id, '/origingroups/')) | extend compliant = (isnull(properties['healthProbeSettings']['probeRequestType']) or toupper(properties['healthProbeSettings']['probeRequestType']) == 'HEAD') | project compliant, id=frontDoorId | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query7\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Use managed TLS certificates with Azure Front Door. Reduce operational cost and risk of outages due to certificate renewals. Check [this link](https://learn.microsoft.com/azure/frontdoor/best-practices#use-managed-tls-certificates) for further information.\"\n                        },\n                        \"name\": \"querytext9\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"cdnresources | where type =~ 'microsoft.cdn/profiles/customdomains' | extend frontDoorId = substring(id, 0, indexof(id, '/customdomains')) | extend compliant = (isnull(properties['tlsSettings']['certificateType']) or tolower(properties['tlsSettings']['certificateType']) =~ 'customercertificate') | project compliant, id = frontDoorId | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query9\"\n                    }\n                ]\n            },\n            \"conditionalVisibility\": {\n                \"parameterName\": \"VisibleTab\",\n                \"comparison\": \"isEqualTo\",\n                \"value\": \"tab2\"\n            },\n            \"name\": \"tab2\"\n        }\n    ],\n    \"$schema\": \"https://github.com/Microsoft/Application-Insights-Workbooks/blob/master/schema/workbook.json\"\n}",
+                "serializedData": "{\n    \"version\": \"Notebook/1.0\",\n    \"items\": [\n        {\n            \"type\": 9,\n            \"content\": {\n                \"version\": \"KqlParameterItem/1.0\",\n                \"parameters\": [\n                    {\n                        \"id\": \"497a107e-dde8-433e-b263-35ac8e8f7834\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Subscription\",\n                        \"type\": 6,\n                        \"multiSelect\": true,\n                        \"quote\": \"'\",\n                        \"delimiter\": \",\",\n                        \"typeSettings\": {\n                            \"additionalResourceOptions\": [\n                                \"value::all\"\n                            ],\n                            \"includeAll\": true,\n                            \"showDefault\": false\n                        },\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"value\": [\n                            \"value::all\"\n                        ]\n                    },\n                    {\n                        \"id\": \"844e4f4e-df51-4e3c-8eaf-0dc78b92c721\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"OnlyFailed\",\n                        \"label\": \"Only show failed\",\n                        \"type\": 2,\n                        \"typeSettings\": {\n                            \"additionalResourceOptions\": [],\n                            \"showDefault\": false\n                        },\n                        \"jsonData\": \"[\\r\\n    { \\\"value\\\":true, \\\"label\\\":\\\"True\\\" },\\r\\n    { \\\"value\\\":false, \\\"label\\\":\\\"False\\\", \\\"selected\\\":true }\\r\\n]\"\n                    }\n                ],\n                \"style\": \"pills\",\n                \"queryType\": 0,\n                \"resourceType\": \"microsoft.operationalinsights/workspaces\"\n            },\n            \"name\": \"WorkbookSelectors\"\n        },\n        {\n            \"type\": 1,\n            \"content\": {\n                \"json\": \"If you set \\\"Only show failed\\\" to \\\"Yes\\\", the different queries will only show items that have failed their compliance checks.\",\n                \"style\": \"info\"\n            },\n            \"name\": \"InfoBox\"\n        },\n        {\n            \"type\": 9,\n            \"content\": {\n                \"version\": \"KqlParameterItem/1.0\",\n                \"crossComponentResources\": [\n                    \"value::all\"\n                ],\n                \"parameters\": [\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query0Stats\",\n                        \"type\": 1,\n                        \"query\": \"resources | where type == 'microsoft.network/applicationgateways' | project id, compliant = properties.sku.name in ('Standard_v2', 'WAF_v2') | project id,compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                        \"crossComponentResources\": [\n                            \"{Subscription}\"\n                        ],\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 1,\n                        \"resourceType\": \"microsoft.resourcegraph/resources\"\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query0FullyCompliant\",\n                        \"type\": 1,\n                        \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query0Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 8\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query1Stats\",\n                        \"type\": 1,\n                        \"query\": \"resources | where type == 'microsoft.network/loadbalancers' | project id, compliant=(tolower(sku.name) == 'standard')| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                        \"crossComponentResources\": [\n                            \"{Subscription}\"\n                        ],\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 1,\n                        \"resourceType\": \"microsoft.resourcegraph/resources\"\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query1FullyCompliant\",\n                        \"type\": 1,\n                        \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query1Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 8\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query2Stats\",\n                        \"type\": 1,\n                        \"query\": \"resources | where type=='microsoft.network/applicationgateways' | extend subnetId = tostring(properties.gatewayIPConfigurations[0].properties.subnet.id) | project id, subnetId | join (resources | where type=='microsoft.network/virtualnetworks' | project id,subnets=properties.subnets | mv-expand subnets | mv-expand subnets.properties.addressPrefixes | project id, subnetId = tostring(subnets.id), prefix1 = subnets.properties.addressPrefix, prefix2 = subnets.properties.addressPrefixes | mv-expand prefix2 | extend prefix = iff(isnotnull(prefix1), prefix1, prefix2) | extend subnetPrefixLength = split(prefix, '/')[1])on subnetId | extend compliant = (subnetPrefixLength <= 24 or subnetPrefixLength == 64) | distinct id,compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                        \"crossComponentResources\": [\n                            \"{Subscription}\"\n                        ],\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 1,\n                        \"resourceType\": \"microsoft.resourcegraph/resources\"\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query2FullyCompliant\",\n                        \"type\": 1,\n                        \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query2Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 8\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query3Stats\",\n                        \"type\": 1,\n                        \"query\": \"resources | where type =~ 'microsoft.network/applicationGateways' | extend compliant = (isnotnull(properties.autoscaleConfiguration) and properties.autoscaleConfiguration.minCapacity >= 2) | distinct id,compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                        \"crossComponentResources\": [\n                            \"{Subscription}\"\n                        ],\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 1,\n                        \"resourceType\": \"microsoft.resourcegraph/resources\"\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query3FullyCompliant\",\n                        \"type\": 1,\n                        \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query3Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 8\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query4Stats\",\n                        \"type\": 1,\n                        \"query\": \"resources | where type =~ 'microsoft.network/applicationGateways' | extend compliant = (isnotnull(zones) and array_length(zones) > 1) | distinct id,compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                        \"crossComponentResources\": [\n                            \"{Subscription}\"\n                        ],\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 1,\n                        \"resourceType\": \"microsoft.resourcegraph/resources\"\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query4FullyCompliant\",\n                        \"type\": 1,\n                        \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query4Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 8\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query5Stats\",\n                        \"type\": 1,\n                        \"query\": \"resources | where type == 'microsoft.network/frontdoorwebapplicationfirewallpolicies' | project policyName=name, policyId=id,policySku=sku.name, links=properties.securityPolicyLinks, enabledState=properties.policySettings.enabledState, mode=properties.policySettings.mode | mvexpand links | extend securityPolicy=links.id | extend securityPolicyParts=split(securityPolicy, '/') | extend profileId=strcat_array(array_slice(securityPolicyParts, 0, -3), '/') | project id=profileId, compliant=((enabledState=='Enabled') and (mode=='Prevention')), enabledState, mode| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                        \"crossComponentResources\": [\n                            \"{Subscription}\"\n                        ],\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 1,\n                        \"resourceType\": \"microsoft.resourcegraph/resources\"\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query5FullyCompliant\",\n                        \"type\": 1,\n                        \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query5Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 8\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query6Stats\",\n                        \"type\": 1,\n                        \"query\": \"cdnresources | where type =~ 'microsoft.cdn/profiles/origingroups/origins' | extend frontDoorId = substring(id, 0, indexof(id, '/origingroups')) | extend originGroupId = substring(id, 0, indexof(id, '/origins')) | join kind=inner (cdnresources | where type =~ 'microsoft.cdn/profiles/origingroups' | extend originGroupName = name | extend hasHealthProbe = isnotnull(properties.healthProbeSettings)) on $left.originGroupId == $right.id | summarize numberOrigins = count() by originGroupId, subscriptionId, frontDoorId, hasHealthProbe, originGroupName | extend compliant = not(numberOrigins == 1 and hasHealthProbe) | project id = frontDoorId, compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                        \"crossComponentResources\": [\n                            \"{Subscription}\"\n                        ],\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 1,\n                        \"resourceType\": \"microsoft.resourcegraph/resources\"\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query6FullyCompliant\",\n                        \"type\": 1,\n                        \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query6Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 8\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query7Stats\",\n                        \"type\": 1,\n                        \"query\": \"cdnresources | where type =~ 'microsoft.cdn/profiles/origingroups' | extend frontDoorId = substring(id, 0, indexof(id, '/origingroups/')) | extend compliant = (isnull(properties['healthProbeSettings']['probeRequestType']) or toupper(properties['healthProbeSettings']['probeRequestType']) == 'HEAD') | project compliant, id=frontDoorId| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                        \"crossComponentResources\": [\n                            \"{Subscription}\"\n                        ],\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 1,\n                        \"resourceType\": \"microsoft.resourcegraph/resources\"\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query7FullyCompliant\",\n                        \"type\": 1,\n                        \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query7Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 8\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query8Stats\",\n                        \"type\": 1,\n                        \"query\": \"resources | where type=='microsoft.network/loadbalancers' | extend countOutRules=array_length(properties.outboundRules) | extend compliant = (countOutRules == 0) | distinct id,compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                        \"crossComponentResources\": [\n                            \"{Subscription}\"\n                        ],\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 1,\n                        \"resourceType\": \"microsoft.resourcegraph/resources\"\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query8FullyCompliant\",\n                        \"type\": 1,\n                        \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query8Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 8\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query9Stats\",\n                        \"type\": 1,\n                        \"query\": \"cdnresources | where type =~ 'microsoft.cdn/profiles/customdomains' | extend frontDoorId = substring(id, 0, indexof(id, '/customdomains')) | extend compliant = (isnull(properties['tlsSettings']['certificateType']) or tolower(properties['tlsSettings']['certificateType']) =~ 'customercertificate') | project compliant, id = frontDoorId| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                        \"crossComponentResources\": [\n                            \"{Subscription}\"\n                        ],\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 1,\n                        \"resourceType\": \"microsoft.resourcegraph/resources\"\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query9FullyCompliant\",\n                        \"type\": 1,\n                        \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query9Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 8\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query10Stats\",\n                        \"type\": 1,\n                        \"query\": \"resources | where type == 'microsoft.network/applicationgatewaywebapplicationfirewallpolicies' | mv-expand properties.managedRules.managedRuleSets | project id, rulesettype = properties_managedRules_managedRuleSets.ruleSetType | extend compliant1 = (rulesettype == 'Microsoft_BotManagerRuleSet') | project id, compliant1 | summarize compliant = max(compliant1) by id| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                        \"crossComponentResources\": [\n                            \"{Subscription}\"\n                        ],\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 1,\n                        \"resourceType\": \"microsoft.resourcegraph/resources\"\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query10FullyCompliant\",\n                        \"type\": 1,\n                        \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query10Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 8\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query11Stats\",\n                        \"type\": 1,\n                        \"query\": \"resources | where type == 'microsoft.network/frontdoorwebapplicationfirewallpolicies' | project policyName=name, policyId=id,policySku=sku.name, links=properties.securityPolicyLinks, enabledState=properties.policySettings.enabledState, mode=properties.policySettings.mode | mvexpand links | extend securityPolicy=links.id | extend securityPolicyParts=split(securityPolicy, '/') | extend profileId=strcat_array(array_slice(securityPolicyParts, 0, -3), '/') | project id=profileId, compliant=((enabledState=='Enabled') and (mode=='Prevention')), enabledState, mode| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                        \"crossComponentResources\": [\n                            \"{Subscription}\"\n                        ],\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 1,\n                        \"resourceType\": \"microsoft.resourcegraph/resources\"\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query11FullyCompliant\",\n                        \"type\": 1,\n                        \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query11Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 8\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Tab0Success\",\n                        \"type\": 1,\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"criteriaData\": [\n                            {\n                                \"criteriaContext\": {\n                                    \"operator\": \"Default\",\n                                    \"resultValType\": \"expression\",\n                                    \"resultVal\": \"{Query0Stats:$.Success}+{Query2Stats:$.Success}+{Query3Stats:$.Success}+{Query4Stats:$.Success}+{Query10Stats:$.Success}+{Query11Stats:$.Success}\"\n                                }\n                            }\n                        ]\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Tab0Total\",\n                        \"type\": 1,\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"criteriaData\": [\n                            {\n                                \"criteriaContext\": {\n                                    \"operator\": \"Default\",\n                                    \"resultValType\": \"expression\",\n                                    \"resultVal\": \"{Query0Stats:$.Total}+{Query2Stats:$.Total}+{Query3Stats:$.Total}+{Query4Stats:$.Total}+{Query10Stats:$.Total}+{Query11Stats:$.Total}\"\n                                }\n                            }\n                        ]\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Tab0Percent\",\n                        \"type\": 1,\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"criteriaData\": [\n                            {\n                                \"criteriaContext\": {\n                                    \"operator\": \"Default\",\n                                    \"resultValType\": \"expression\",\n                                    \"resultVal\": \"round(100*{Tab0Success}/{Tab0Total})\"\n                                }\n                            }\n                        ]\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Tab1Success\",\n                        \"type\": 1,\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"criteriaData\": [\n                            {\n                                \"criteriaContext\": {\n                                    \"operator\": \"Default\",\n                                    \"resultValType\": \"expression\",\n                                    \"resultVal\": \"{Query1Stats:$.Success}+{Query8Stats:$.Success}\"\n                                }\n                            }\n                        ]\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Tab1Total\",\n                        \"type\": 1,\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"criteriaData\": [\n                            {\n                                \"criteriaContext\": {\n                                    \"operator\": \"Default\",\n                                    \"resultValType\": \"expression\",\n                                    \"resultVal\": \"{Query1Stats:$.Total}+{Query8Stats:$.Total}\"\n                                }\n                            }\n                        ]\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Tab1Percent\",\n                        \"type\": 1,\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"criteriaData\": [\n                            {\n                                \"criteriaContext\": {\n                                    \"operator\": \"Default\",\n                                    \"resultValType\": \"expression\",\n                                    \"resultVal\": \"round(100*{Tab1Success}/{Tab1Total})\"\n                                }\n                            }\n                        ]\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Tab2Success\",\n                        \"type\": 1,\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"criteriaData\": [\n                            {\n                                \"criteriaContext\": {\n                                    \"operator\": \"Default\",\n                                    \"resultValType\": \"expression\",\n                                    \"resultVal\": \"{Query5Stats:$.Success}+{Query6Stats:$.Success}+{Query7Stats:$.Success}+{Query9Stats:$.Success}\"\n                                }\n                            }\n                        ]\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Tab2Total\",\n                        \"type\": 1,\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"criteriaData\": [\n                            {\n                                \"criteriaContext\": {\n                                    \"operator\": \"Default\",\n                                    \"resultValType\": \"expression\",\n                                    \"resultVal\": \"{Query5Stats:$.Total}+{Query6Stats:$.Total}+{Query7Stats:$.Total}+{Query9Stats:$.Total}\"\n                                }\n                            }\n                        ]\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Tab2Percent\",\n                        \"type\": 1,\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"criteriaData\": [\n                            {\n                                \"criteriaContext\": {\n                                    \"operator\": \"Default\",\n                                    \"resultValType\": \"expression\",\n                                    \"resultVal\": \"round(100*{Tab2Success}/{Tab2Total})\"\n                                }\n                            }\n                        ]\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"WorkbookTotal\",\n                        \"type\": 1,\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"criteriaData\": [\n                            {\n                                \"criteriaContext\": {\n                                    \"operator\": \"Default\",\n                                    \"resultValType\": \"expression\",\n                                    \"resultVal\": \"{Query0Stats:$.Total}+{Query2Stats:$.Total}+{Query3Stats:$.Total}+{Query4Stats:$.Total}+{Query10Stats:$.Total}+{Query11Stats:$.Total}+{Query1Stats:$.Total}+{Query8Stats:$.Total}+{Query5Stats:$.Total}+{Query6Stats:$.Total}+{Query7Stats:$.Total}+{Query9Stats:$.Total}\"\n                                }\n                            }\n                        ]\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"WorkbookSuccess\",\n                        \"type\": 1,\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"criteriaData\": [\n                            {\n                                \"criteriaContext\": {\n                                    \"operator\": \"Default\",\n                                    \"resultValType\": \"expression\",\n                                    \"resultVal\": \"{Query0Stats:$.Success}+{Query2Stats:$.Success}+{Query3Stats:$.Success}+{Query4Stats:$.Success}+{Query10Stats:$.Success}+{Query11Stats:$.Success}+{Query1Stats:$.Success}+{Query8Stats:$.Success}+{Query5Stats:$.Success}+{Query6Stats:$.Success}+{Query7Stats:$.Success}+{Query9Stats:$.Success}\"\n                                }\n                            }\n                        ]\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"WorkbookPercent\",\n                        \"type\": 1,\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"criteriaData\": [\n                            {\n                                \"criteriaContext\": {\n                                    \"operator\": \"Default\",\n                                    \"resultValType\": \"expression\",\n                                    \"resultVal\": \"round(100*{WorkbookSuccess}/{WorkbookTotal})\"\n                                }\n                            }\n                        ]\n                    }\n                ],\n                \"style\": \"pills\",\n                \"queryType\": 1,\n                \"resourceType\": \"microsoft.resourcegraph/resources\"\n            },\n            \"name\": \"InvisibleParameters\"\n        },\n        {\n            \"type\": 1,\n            \"content\": {\n                \"json\": \"## Azure Application Delivery Networking - Network\\n\\n---\\n\\nThis workbook has been automatically generated out of the checklists in the [Azure Review Checklists repo](https://github.com/Azure/review-checklists). This repo contains best practices and recommendations around generic Landing Zones as well as specific services such as Azure Virtual Desktop, Azure Kubernetes Service or Azure VMware Solution, to name a few. This repository of best practices is curated by Azure engineers, but open to anybody to contribute.\\n\\nIf you see a problem in the queries that are part of this workbook, please open a Github issue [here](https://github.com/Azure/review-checklists/issues/new).\"\n            },\n            \"customWidth\": \"50\",\n            \"name\": \"MarkdownHeader\"\n        },\n        {\n            \"type\": 3,\n            \"content\": {\n                \"version\": \"KqlItem/1.0\",\n                \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"WorkbookPercent\\\\\\\": \\\\\\\"{WorkbookPercent}\\\\\\\", \\\\\\\"SubTitle\\\\\\\": \\\\\\\"Percent of successful checks\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                \"size\": 4,\n                \"queryType\": 8,\n                \"visualization\": \"tiles\",\n                \"tileSettings\": {\n                    \"titleContent\": {\n                        \"columnMatch\": \"WorkbookPercent\",\n                        \"formatter\": 4,\n                        \"formatOptions\": {\n                            \"min\": 0,\n                            \"max\": 100,\n                            \"palette\": \"redGreen\"\n                        }\n                    },\n                    \"subtitleContent\": {\n                        \"columnMatch\": \"SubTitle\",\n                        \"formatter\": 1\n                    },\n                    \"showBorder\": true\n                }\n            },\n            \"customWidth\": \"50\",\n            \"name\": \"ProgressTile\"\n        },\n        {\n            \"type\": 11,\n            \"content\": {\n                \"version\": \"LinkItem/1.0\",\n                \"style\": \"tabs\",\n                \"links\": [\n                    {\n                        \"id\": \"8b88c1e6-1057-430b-a77d-3dcc5c551944\",\n                        \"cellValue\": \"VisibleTab\",\n                        \"linkTarget\": \"parameter\",\n                        \"linkLabel\": \"App Gateway ({Tab0Success:value}/{Tab0Total:value})\",\n                        \"subTarget\": \"tab0\",\n                        \"preText\": \"App Gateway\",\n                        \"style\": \"primary\"\n                    },\n                    {\n                        \"id\": \"25376e9f-fd4e-4e40-b1b5-eb361859e567\",\n                        \"cellValue\": \"VisibleTab\",\n                        \"linkTarget\": \"parameter\",\n                        \"linkLabel\": \"Load Balancer ({Tab1Success:value}/{Tab1Total:value})\",\n                        \"subTarget\": \"tab1\",\n                        \"preText\": \"Load Balancer\",\n                        \"style\": \"primary\"\n                    },\n                    {\n                        \"id\": \"255a1c6b-8cad-429d-b562-7559de75f8ae\",\n                        \"cellValue\": \"VisibleTab\",\n                        \"linkTarget\": \"parameter\",\n                        \"linkLabel\": \"Front Door ({Tab2Success:value}/{Tab2Total:value})\",\n                        \"subTarget\": \"tab2\",\n                        \"preText\": \"Front Door\",\n                        \"style\": \"primary\"\n                    }\n                ]\n            },\n            \"name\": \"Tabs\"\n        },\n        {\n            \"type\": 12,\n            \"content\": {\n                \"version\": \"NotebookGroup/1.0\",\n                \"groupType\": \"editable\",\n                \"items\": [\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"## App Gateway\"\n                        },\n                        \"name\": \"tab0title\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Ensure you are using Application Gateway v2 SKU. Check [this link](https://learn.microsoft.com/azure/application-gateway/overview-v2) for further information.. [This training](https://learn.microsoft.com/learn/paths/secure-application-delivery/) can help to educate yourself on this.\"\n                        },\n                        \"name\": \"querytext0\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type == 'microsoft.network/applicationgateways' | project id, compliant = properties.sku.name in ('Standard_v2', 'WAF_v2') | project id,compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query0\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Your Application Gateways v2 should be deployed in subnets with IP prefixes equal or larger than /24. Check [this link](https://learn.microsoft.com/azure/application-gateway/configuration-infrastructure#size-of-the-subnet) for further information.. [This training](https://learn.microsoft.com/learn/paths/secure-application-delivery/) can help to educate yourself on this.\"\n                        },\n                        \"name\": \"querytext2\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/applicationgateways' | extend subnetId = tostring(properties.gatewayIPConfigurations[0].properties.subnet.id) | project id, subnetId | join (resources | where type=='microsoft.network/virtualnetworks' | project id,subnets=properties.subnets | mv-expand subnets | mv-expand subnets.properties.addressPrefixes | project id, subnetId = tostring(subnets.id), prefix1 = subnets.properties.addressPrefix, prefix2 = subnets.properties.addressPrefixes | mv-expand prefix2 | extend prefix = iff(isnotnull(prefix1), prefix1, prefix2) | extend subnetPrefixLength = split(prefix, '/')[1])on subnetId | extend compliant = (subnetPrefixLength <= 24 or subnetPrefixLength == 64) | distinct id,compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query2\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Configure autoscaling with a minimum amount of instances of two. Check [this link](https://learn.microsoft.com/azure/application-gateway/application-gateway-autoscaling-zone-redundant) for further information.. [This training](https://learn.microsoft.com/learn/paths/secure-application-delivery/) can help to educate yourself on this.\"\n                        },\n                        \"name\": \"querytext3\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type =~ 'microsoft.network/applicationGateways' | extend compliant = (isnotnull(properties.autoscaleConfiguration) and properties.autoscaleConfiguration.minCapacity >= 2) | distinct id,compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query3\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Deploy Application Gateway across Availability Zones. Check [this link](https://learn.microsoft.com/azure/reliability/migrate-app-gateway-v2) for further information.. [This training](https://learn.microsoft.com/learn/paths/secure-application-delivery/) can help to educate yourself on this.\"\n                        },\n                        \"name\": \"querytext4\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type =~ 'microsoft.network/applicationGateways' | extend compliant = (isnotnull(zones) and array_length(zones) > 1) | distinct id,compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query4\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Enable the Azure Application Gateway WAF bot protection rule set. The bot rules detect good and bad bots. Check [this link](https://learn.microsoft.com/azure/web-application-firewall/ag/bot-protection) for further information.\"\n                        },\n                        \"name\": \"querytext10\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type == 'microsoft.network/applicationgatewaywebapplicationfirewallpolicies' | mv-expand properties.managedRules.managedRuleSets | project id, rulesettype = properties_managedRules_managedRuleSets.ruleSetType | extend compliant1 = (rulesettype == 'Microsoft_BotManagerRuleSet') | project id, compliant1 | summarize compliant = max(compliant1) by id | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query10\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Deploy your WAF policy for Application Gateway in 'Prevention' mode. Check [this link](https://learn.microsoft.com/azure/web-application-firewall/afds/waf-front-door-policy-settings) for further information.\"\n                        },\n                        \"name\": \"querytext11\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type == 'microsoft.network/frontdoorwebapplicationfirewallpolicies' | project policyName=name, policyId=id,policySku=sku.name, links=properties.securityPolicyLinks, enabledState=properties.policySettings.enabledState, mode=properties.policySettings.mode | mvexpand links | extend securityPolicy=links.id | extend securityPolicyParts=split(securityPolicy, '/') | extend profileId=strcat_array(array_slice(securityPolicyParts, 0, -3), '/') | project id=profileId, compliant=((enabledState=='Enabled') and (mode=='Prevention')), enabledState, mode | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query11\"\n                    }\n                ]\n            },\n            \"conditionalVisibility\": {\n                \"parameterName\": \"VisibleTab\",\n                \"comparison\": \"isEqualTo\",\n                \"value\": \"tab0\"\n            },\n            \"name\": \"tab0\"\n        },\n        {\n            \"type\": 12,\n            \"content\": {\n                \"version\": \"NotebookGroup/1.0\",\n                \"groupType\": \"editable\",\n                \"items\": [\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"## Load Balancer\"\n                        },\n                        \"name\": \"tab1title\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Ensure you are using the Standard SKU for your Azure Load Balancers. Check [this link](https://learn.microsoft.com/azure/load-balancer/load-balancer-overview) for further information.\"\n                        },\n                        \"name\": \"querytext1\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type == 'microsoft.network/loadbalancers' | project id, compliant=(tolower(sku.name) == 'standard') | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query1\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Use Azure NAT Gateway instead of Load Balancer outbound rules for better SNAT scalability. Check [this link](https://learn.microsoft.com/azure/nat-gateway/nat-overview#outbound-connectivity) for further information.\"\n                        },\n                        \"name\": \"querytext8\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/loadbalancers' | extend countOutRules=array_length(properties.outboundRules) | extend compliant = (countOutRules == 0) | distinct id,compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query8\"\n                    }\n                ]\n            },\n            \"conditionalVisibility\": {\n                \"parameterName\": \"VisibleTab\",\n                \"comparison\": \"isEqualTo\",\n                \"value\": \"tab1\"\n            },\n            \"name\": \"tab1\"\n        },\n        {\n            \"type\": 12,\n            \"content\": {\n                \"version\": \"NotebookGroup/1.0\",\n                \"groupType\": \"editable\",\n                \"items\": [\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"## Front Door\"\n                        },\n                        \"name\": \"tab2title\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Deploy your WAF policy for Front Door in 'Prevention' mode' so that Web Application Firewall takes appropriate action to allow or deny traffic. Check [this link](https://learn.microsoft.com/azure/web-application-firewall/afds/waf-front-door-policy-settings) for further information.\"\n                        },\n                        \"name\": \"querytext5\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type == 'microsoft.network/frontdoorwebapplicationfirewallpolicies' | project policyName=name, policyId=id,policySku=sku.name, links=properties.securityPolicyLinks, enabledState=properties.policySettings.enabledState, mode=properties.policySettings.mode | mvexpand links | extend securityPolicy=links.id | extend securityPolicyParts=split(securityPolicy, '/') | extend profileId=strcat_array(array_slice(securityPolicyParts, 0, -3), '/') | project id=profileId, compliant=((enabledState=='Enabled') and (mode=='Prevention')), enabledState, mode | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query5\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Disable health probes when there is only one origin in an Azure Front Door origin group. Check [this link](https://learn.microsoft.com/azure/frontdoor/best-practices#disable-health-probes-when-theres-only-one-origin-in-an-origin-group) for further information.\"\n                        },\n                        \"name\": \"querytext6\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"cdnresources | where type =~ 'microsoft.cdn/profiles/origingroups/origins' | extend frontDoorId = substring(id, 0, indexof(id, '/origingroups')) | extend originGroupId = substring(id, 0, indexof(id, '/origins')) | join kind=inner (cdnresources | where type =~ 'microsoft.cdn/profiles/origingroups' | extend originGroupName = name | extend hasHealthProbe = isnotnull(properties.healthProbeSettings)) on $left.originGroupId == $right.id | summarize numberOrigins = count() by originGroupId, subscriptionId, frontDoorId, hasHealthProbe, originGroupName | extend compliant = not(numberOrigins == 1 and hasHealthProbe) | project id = frontDoorId, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query6\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Use HEAD health probes with Azure Front Door, to reduce the traffic that Front Door sends to your application. Check [this link](https://learn.microsoft.com/azure/frontdoor/best-practices#use-head-health-probes) for further information.\"\n                        },\n                        \"name\": \"querytext7\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"cdnresources | where type =~ 'microsoft.cdn/profiles/origingroups' | extend frontDoorId = substring(id, 0, indexof(id, '/origingroups/')) | extend compliant = (isnull(properties['healthProbeSettings']['probeRequestType']) or toupper(properties['healthProbeSettings']['probeRequestType']) == 'HEAD') | project compliant, id=frontDoorId | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query7\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Use managed TLS certificates with Azure Front Door. Reduce operational cost and risk of outages due to certificate renewals. Check [this link](https://learn.microsoft.com/azure/frontdoor/best-practices#use-managed-tls-certificates) for further information.\"\n                        },\n                        \"name\": \"querytext9\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"cdnresources | where type =~ 'microsoft.cdn/profiles/customdomains' | extend frontDoorId = substring(id, 0, indexof(id, '/customdomains')) | extend compliant = (isnull(properties['tlsSettings']['certificateType']) or tolower(properties['tlsSettings']['certificateType']) =~ 'customercertificate') | project compliant, id = frontDoorId | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query9\"\n                    }\n                ]\n            },\n            \"conditionalVisibility\": {\n                \"parameterName\": \"VisibleTab\",\n                \"comparison\": \"isEqualTo\",\n                \"value\": \"tab2\"\n            },\n            \"name\": \"tab2\"\n        }\n    ],\n    \"$schema\": \"https://github.com/Microsoft/Application-Insights-Workbooks/blob/master/schema/workbook.json\"\n}",
                 "version": "1.0",
                 "sourceId": "[parameters('workbookSourceId')]",
                 "category": "[parameters('workbookType')]"
diff --git a/workbooks/appdelivery_checklist.en_network_workbook.json b/workbooks/appdelivery_checklist.en_network_workbook.json
index 8d25ffc71..ecf019c12 100644
--- a/workbooks/appdelivery_checklist.en_network_workbook.json
+++ b/workbooks/appdelivery_checklist.en_network_workbook.json
@@ -70,16 +70,16 @@
                 "style": "tabs",
                 "links": [
                     {
-                        "id": "ac6d5574-38e6-4e4a-8fbe-30db51bf61fb",
+                        "id": "63fa13f2-3760-45a6-a695-e1c45d6c1cef",
                         "cellValue": "VisibleTab",
                         "linkTarget": "parameter",
-                        "linkLabel": "Load Balancer",
+                        "linkLabel": "Front Door",
                         "subTarget": "tab0",
-                        "preText": "Load Balancer",
+                        "preText": "Front Door",
                         "style": "primary"
                     },
                     {
-                        "id": "481894bc-9597-4d06-b6b5-43d508f10dcc",
+                        "id": "4469e868-6f25-4999-a009-da52aeddce54",
                         "cellValue": "VisibleTab",
                         "linkTarget": "parameter",
                         "linkLabel": "App Gateway",
@@ -88,12 +88,12 @@
                         "style": "primary"
                     },
                     {
-                        "id": "a48fb979-d3bd-4123-9138-af2afa921d51",
+                        "id": "7b9fba7f-6c16-4b0d-9e8e-3dad01178646",
                         "cellValue": "VisibleTab",
                         "linkTarget": "parameter",
-                        "linkLabel": "Front Door",
+                        "linkLabel": "Load Balancer",
                         "subTarget": "tab2",
-                        "preText": "Front Door",
+                        "preText": "Load Balancer",
                         "style": "primary"
                     }
                 ]
@@ -109,22 +109,22 @@
                     {
                         "type": 1,
                         "content": {
-                            "json": "## Load Balancer"
+                            "json": "## Front Door"
                         },
                         "name": "tab0title"
                     },
                     {
                         "type": 1,
                         "content": {
-                            "json": "Ensure you are using the Standard SKU for your Azure Load Balancers. Check [this link](https://learn.microsoft.com/azure/load-balancer/load-balancer-overview) for further information."
+                            "json": "Deploy your WAF policy for Front Door in 'Prevention' mode' so that Web Application Firewall takes appropriate action to allow or deny traffic. Check [this link](https://learn.microsoft.com/azure/web-application-firewall/afds/waf-front-door-policy-settings) for further information."
                         },
-                        "name": "querytext1"
+                        "name": "querytext5"
                     },
                     {
                         "type": 3,
                         "content": {
                             "version": "KqlItem/1.0",
-                            "query": "resources | where type == 'microsoft.network/loadbalancers' | project id, compliant=(tolower(sku.name) == 'standard') | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
+                            "query": "resources | where type == 'microsoft.network/frontdoorwebapplicationfirewallpolicies' | project policyName=name, policyId=id,policySku=sku.name, links=properties.securityPolicyLinks, enabledState=properties.policySettings.enabledState, mode=properties.policySettings.mode | mvexpand links | extend securityPolicy=links.id | extend securityPolicyParts=split(securityPolicy, '/') | extend profileId=strcat_array(array_slice(securityPolicyParts, 0, -3), '/') | project id=profileId, compliant=((enabledState=='Enabled') and (mode=='Prevention')), enabledState, mode | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
                             "size": 4,
                             "queryType": 1,
                             "resourceType": "microsoft.resourcegraph/resources",
@@ -173,20 +173,20 @@
                                 ]
                             }
                         },
-                        "name": "query1"
+                        "name": "query5"
                     },
                     {
                         "type": 1,
                         "content": {
-                            "json": "Use Azure NAT Gateway instead of Load Balancer outbound rules for better SNAT scalability. Check [this link](https://learn.microsoft.com/azure/nat-gateway/nat-overview#outbound-connectivity) for further information."
+                            "json": "Disable health probes when there is only one origin in an Azure Front Door origin group. Check [this link](https://learn.microsoft.com/azure/frontdoor/best-practices#disable-health-probes-when-theres-only-one-origin-in-an-origin-group) for further information."
                         },
-                        "name": "querytext8"
+                        "name": "querytext6"
                     },
                     {
                         "type": 3,
                         "content": {
                             "version": "KqlItem/1.0",
-                            "query": "resources | where type=='microsoft.network/loadbalancers' | extend countOutRules=array_length(properties.outboundRules) | extend compliant = (countOutRules == 0) | distinct id,compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
+                            "query": "cdnresources | where type =~ 'microsoft.cdn/profiles/origingroups/origins' | extend frontDoorId = substring(id, 0, indexof(id, '/origingroups')) | extend originGroupId = substring(id, 0, indexof(id, '/origins')) | join kind=inner (cdnresources | where type =~ 'microsoft.cdn/profiles/origingroups' | extend originGroupName = name | extend hasHealthProbe = isnotnull(properties.healthProbeSettings)) on $left.originGroupId == $right.id | summarize numberOrigins = count() by originGroupId, subscriptionId, frontDoorId, hasHealthProbe, originGroupName | extend compliant = not(numberOrigins == 1 and hasHealthProbe) | project id = frontDoorId, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
                             "size": 4,
                             "queryType": 1,
                             "resourceType": "microsoft.resourcegraph/resources",
@@ -235,42 +235,20 @@
                                 ]
                             }
                         },
-                        "name": "query8"
-                    }
-                ]
-            },
-            "conditionalVisibility": {
-                "parameterName": "VisibleTab",
-                "comparison": "isEqualTo",
-                "value": "tab0"
-            },
-            "name": "tab0"
-        },
-        {
-            "type": 12,
-            "content": {
-                "version": "NotebookGroup/1.0",
-                "groupType": "editable",
-                "items": [
-                    {
-                        "type": 1,
-                        "content": {
-                            "json": "## App Gateway"
-                        },
-                        "name": "tab1title"
+                        "name": "query6"
                     },
                     {
                         "type": 1,
                         "content": {
-                            "json": "Ensure you are using Application Gateway v2 SKU. Check [this link](https://learn.microsoft.com/azure/application-gateway/overview-v2) for further information.. [This training](https://learn.microsoft.com/learn/paths/secure-application-delivery/) can help to educate yourself on this."
+                            "json": "Use HEAD health probes with Azure Front Door, to reduce the traffic that Front Door sends to your application. Check [this link](https://learn.microsoft.com/azure/frontdoor/best-practices#use-head-health-probes) for further information."
                         },
-                        "name": "querytext0"
+                        "name": "querytext7"
                     },
                     {
                         "type": 3,
                         "content": {
                             "version": "KqlItem/1.0",
-                            "query": "resources | where type == 'microsoft.network/applicationgateways' | project id, compliant = properties.sku.name in ('Standard_v2', 'WAF_v2') | project id,compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
+                            "query": "cdnresources | where type =~ 'microsoft.cdn/profiles/origingroups' | extend frontDoorId = substring(id, 0, indexof(id, '/origingroups/')) | extend compliant = (isnull(properties['healthProbeSettings']['probeRequestType']) or toupper(properties['healthProbeSettings']['probeRequestType']) == 'HEAD') | project compliant, id=frontDoorId | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
                             "size": 4,
                             "queryType": 1,
                             "resourceType": "microsoft.resourcegraph/resources",
@@ -319,20 +297,20 @@
                                 ]
                             }
                         },
-                        "name": "query0"
+                        "name": "query7"
                     },
                     {
                         "type": 1,
                         "content": {
-                            "json": "Your Application Gateways v2 should be deployed in subnets with IP prefixes equal or larger than /24. Check [this link](https://learn.microsoft.com/azure/application-gateway/configuration-infrastructure#size-of-the-subnet) for further information.. [This training](https://learn.microsoft.com/learn/paths/secure-application-delivery/) can help to educate yourself on this."
+                            "json": "Use managed TLS certificates with Azure Front Door. Reduce operational cost and risk of outages due to certificate renewals. Check [this link](https://learn.microsoft.com/azure/frontdoor/best-practices#use-managed-tls-certificates) for further information."
                         },
-                        "name": "querytext2"
+                        "name": "querytext9"
                     },
                     {
                         "type": 3,
                         "content": {
                             "version": "KqlItem/1.0",
-                            "query": "resources | where type=='microsoft.network/applicationgateways' | extend subnetId = tostring(properties.gatewayIPConfigurations[0].properties.subnet.id) | project id, subnetId | join (resources | where type=='microsoft.network/virtualnetworks' | project id,subnets=properties.subnets | mv-expand subnets | mv-expand subnets.properties.addressPrefixes | project id, subnetId = tostring(subnets.id), prefix1 = subnets.properties.addressPrefix, prefix2 = subnets.properties.addressPrefixes | mv-expand prefix2 | extend prefix = iff(isnotnull(prefix1), prefix1, prefix2) | extend subnetPrefixLength = split(prefix, '/')[1])on subnetId | extend compliant = (subnetPrefixLength <= 24 or subnetPrefixLength == 64) | distinct id,compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
+                            "query": "cdnresources | where type =~ 'microsoft.cdn/profiles/customdomains' | extend frontDoorId = substring(id, 0, indexof(id, '/customdomains')) | extend compliant = (isnull(properties['tlsSettings']['certificateType']) or tolower(properties['tlsSettings']['certificateType']) =~ 'customercertificate') | project compliant, id = frontDoorId | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
                             "size": 4,
                             "queryType": 1,
                             "resourceType": "microsoft.resourcegraph/resources",
@@ -381,20 +359,42 @@
                                 ]
                             }
                         },
-                        "name": "query2"
+                        "name": "query9"
+                    }
+                ]
+            },
+            "conditionalVisibility": {
+                "parameterName": "VisibleTab",
+                "comparison": "isEqualTo",
+                "value": "tab0"
+            },
+            "name": "tab0"
+        },
+        {
+            "type": 12,
+            "content": {
+                "version": "NotebookGroup/1.0",
+                "groupType": "editable",
+                "items": [
+                    {
+                        "type": 1,
+                        "content": {
+                            "json": "## App Gateway"
+                        },
+                        "name": "tab1title"
                     },
                     {
                         "type": 1,
                         "content": {
-                            "json": "Configure autoscaling with a minimum amount of instances of two. Check [this link](https://learn.microsoft.com/azure/application-gateway/application-gateway-autoscaling-zone-redundant) for further information.. [This training](https://learn.microsoft.com/learn/paths/secure-application-delivery/) can help to educate yourself on this."
+                            "json": "Ensure you are using Application Gateway v2 SKU. Check [this link](https://learn.microsoft.com/azure/application-gateway/overview-v2) for further information.. [This training](https://learn.microsoft.com/learn/paths/secure-application-delivery/) can help to educate yourself on this."
                         },
-                        "name": "querytext3"
+                        "name": "querytext0"
                     },
                     {
                         "type": 3,
                         "content": {
                             "version": "KqlItem/1.0",
-                            "query": "resources | where type =~ 'microsoft.network/applicationGateways' | extend compliant = (isnotnull(properties.autoscaleConfiguration) and properties.autoscaleConfiguration.minCapacity >= 2) | distinct id,compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
+                            "query": "resources | where type == 'microsoft.network/applicationgateways' | project id, compliant = properties.sku.name in ('Standard_v2', 'WAF_v2') | project id,compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
                             "size": 4,
                             "queryType": 1,
                             "resourceType": "microsoft.resourcegraph/resources",
@@ -443,20 +443,20 @@
                                 ]
                             }
                         },
-                        "name": "query3"
+                        "name": "query0"
                     },
                     {
                         "type": 1,
                         "content": {
-                            "json": "Deploy Application Gateway across Availability Zones. Check [this link](https://learn.microsoft.com/azure/reliability/migrate-app-gateway-v2) for further information.. [This training](https://learn.microsoft.com/learn/paths/secure-application-delivery/) can help to educate yourself on this."
+                            "json": "Your Application Gateways v2 should be deployed in subnets with IP prefixes equal or larger than /24. Check [this link](https://learn.microsoft.com/azure/application-gateway/configuration-infrastructure#size-of-the-subnet) for further information.. [This training](https://learn.microsoft.com/learn/paths/secure-application-delivery/) can help to educate yourself on this."
                         },
-                        "name": "querytext4"
+                        "name": "querytext2"
                     },
                     {
                         "type": 3,
                         "content": {
                             "version": "KqlItem/1.0",
-                            "query": "resources | where type =~ 'microsoft.network/applicationGateways' | extend compliant = (isnotnull(zones) and array_length(zones) > 1) | distinct id,compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
+                            "query": "resources | where type=='microsoft.network/applicationgateways' | extend subnetId = tostring(properties.gatewayIPConfigurations[0].properties.subnet.id) | project id, subnetId | join (resources | where type=='microsoft.network/virtualnetworks' | project id,subnets=properties.subnets | mv-expand subnets | mv-expand subnets.properties.addressPrefixes | project id, subnetId = tostring(subnets.id), prefix1 = subnets.properties.addressPrefix, prefix2 = subnets.properties.addressPrefixes | mv-expand prefix2 | extend prefix = iff(isnotnull(prefix1), prefix1, prefix2) | extend subnetPrefixLength = split(prefix, '/')[1])on subnetId | extend compliant = (subnetPrefixLength <= 24 or subnetPrefixLength == 64) | distinct id,compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
                             "size": 4,
                             "queryType": 1,
                             "resourceType": "microsoft.resourcegraph/resources",
@@ -505,20 +505,20 @@
                                 ]
                             }
                         },
-                        "name": "query4"
+                        "name": "query2"
                     },
                     {
                         "type": 1,
                         "content": {
-                            "json": "Enable the Azure Application Gateway WAF bot protection rule set. The bot rules detect good and bad bots. Check [this link](https://learn.microsoft.com/azure/web-application-firewall/ag/bot-protection) for further information."
+                            "json": "Configure autoscaling with a minimum amount of instances of two. Check [this link](https://learn.microsoft.com/azure/application-gateway/application-gateway-autoscaling-zone-redundant) for further information.. [This training](https://learn.microsoft.com/learn/paths/secure-application-delivery/) can help to educate yourself on this."
                         },
-                        "name": "querytext10"
+                        "name": "querytext3"
                     },
                     {
                         "type": 3,
                         "content": {
                             "version": "KqlItem/1.0",
-                            "query": "resources | where type == 'microsoft.network/applicationgatewaywebapplicationfirewallpolicies' | mv-expand properties.managedRules.managedRuleSets | project id, rulesettype = properties_managedRules_managedRuleSets.ruleSetType | extend compliant1 = (rulesettype == 'Microsoft_BotManagerRuleSet') | project id, compliant1 | summarize compliant = max(compliant1) by id | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
+                            "query": "resources | where type =~ 'microsoft.network/applicationGateways' | extend compliant = (isnotnull(properties.autoscaleConfiguration) and properties.autoscaleConfiguration.minCapacity >= 2) | distinct id,compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
                             "size": 4,
                             "queryType": 1,
                             "resourceType": "microsoft.resourcegraph/resources",
@@ -567,20 +567,20 @@
                                 ]
                             }
                         },
-                        "name": "query10"
+                        "name": "query3"
                     },
                     {
                         "type": 1,
                         "content": {
-                            "json": "Deploy your WAF policy for Application Gateway in 'Prevention' mode. Check [this link](https://learn.microsoft.com/azure/web-application-firewall/afds/waf-front-door-policy-settings) for further information."
+                            "json": "Deploy Application Gateway across Availability Zones. Check [this link](https://learn.microsoft.com/azure/reliability/migrate-app-gateway-v2) for further information.. [This training](https://learn.microsoft.com/learn/paths/secure-application-delivery/) can help to educate yourself on this."
                         },
-                        "name": "querytext11"
+                        "name": "querytext4"
                     },
                     {
                         "type": 3,
                         "content": {
                             "version": "KqlItem/1.0",
-                            "query": "resources | where type == 'microsoft.network/frontdoorwebapplicationfirewallpolicies' | project policyName=name, policyId=id,policySku=sku.name, links=properties.securityPolicyLinks, enabledState=properties.policySettings.enabledState, mode=properties.policySettings.mode | mvexpand links | extend securityPolicy=links.id | extend securityPolicyParts=split(securityPolicy, '/') | extend profileId=strcat_array(array_slice(securityPolicyParts, 0, -3), '/') | project id=profileId, compliant=((enabledState=='Enabled') and (mode=='Prevention')), enabledState, mode | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
+                            "query": "resources | where type =~ 'microsoft.network/applicationGateways' | extend compliant = (isnotnull(zones) and array_length(zones) > 1) | distinct id,compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
                             "size": 4,
                             "queryType": 1,
                             "resourceType": "microsoft.resourcegraph/resources",
@@ -629,42 +629,20 @@
                                 ]
                             }
                         },
-                        "name": "query11"
-                    }
-                ]
-            },
-            "conditionalVisibility": {
-                "parameterName": "VisibleTab",
-                "comparison": "isEqualTo",
-                "value": "tab1"
-            },
-            "name": "tab1"
-        },
-        {
-            "type": 12,
-            "content": {
-                "version": "NotebookGroup/1.0",
-                "groupType": "editable",
-                "items": [
-                    {
-                        "type": 1,
-                        "content": {
-                            "json": "## Front Door"
-                        },
-                        "name": "tab2title"
+                        "name": "query4"
                     },
                     {
                         "type": 1,
                         "content": {
-                            "json": "Deploy your WAF policy for Front Door in 'Prevention' mode' so that Web Application Firewall takes appropriate action to allow or deny traffic. Check [this link](https://learn.microsoft.com/azure/web-application-firewall/afds/waf-front-door-policy-settings) for further information."
+                            "json": "Enable the Azure Application Gateway WAF bot protection rule set. The bot rules detect good and bad bots. Check [this link](https://learn.microsoft.com/azure/web-application-firewall/ag/bot-protection) for further information."
                         },
-                        "name": "querytext5"
+                        "name": "querytext10"
                     },
                     {
                         "type": 3,
                         "content": {
                             "version": "KqlItem/1.0",
-                            "query": "resources | where type == 'microsoft.network/frontdoorwebapplicationfirewallpolicies' | project policyName=name, policyId=id,policySku=sku.name, links=properties.securityPolicyLinks, enabledState=properties.policySettings.enabledState, mode=properties.policySettings.mode | mvexpand links | extend securityPolicy=links.id | extend securityPolicyParts=split(securityPolicy, '/') | extend profileId=strcat_array(array_slice(securityPolicyParts, 0, -3), '/') | project id=profileId, compliant=((enabledState=='Enabled') and (mode=='Prevention')), enabledState, mode | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
+                            "query": "resources | where type == 'microsoft.network/applicationgatewaywebapplicationfirewallpolicies' | mv-expand properties.managedRules.managedRuleSets | project id, rulesettype = properties_managedRules_managedRuleSets.ruleSetType | extend compliant1 = (rulesettype == 'Microsoft_BotManagerRuleSet') | project id, compliant1 | summarize compliant = max(compliant1) by id | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
                             "size": 4,
                             "queryType": 1,
                             "resourceType": "microsoft.resourcegraph/resources",
@@ -713,20 +691,20 @@
                                 ]
                             }
                         },
-                        "name": "query5"
+                        "name": "query10"
                     },
                     {
                         "type": 1,
                         "content": {
-                            "json": "Disable health probes when there is only one origin in an Azure Front Door origin group. Check [this link](https://learn.microsoft.com/azure/frontdoor/best-practices#disable-health-probes-when-theres-only-one-origin-in-an-origin-group) for further information."
+                            "json": "Deploy your WAF policy for Application Gateway in 'Prevention' mode. Check [this link](https://learn.microsoft.com/azure/web-application-firewall/afds/waf-front-door-policy-settings) for further information."
                         },
-                        "name": "querytext6"
+                        "name": "querytext11"
                     },
                     {
                         "type": 3,
                         "content": {
                             "version": "KqlItem/1.0",
-                            "query": "cdnresources | where type =~ 'microsoft.cdn/profiles/origingroups/origins' | extend frontDoorId = substring(id, 0, indexof(id, '/origingroups')) | extend originGroupId = substring(id, 0, indexof(id, '/origins')) | join kind=inner (cdnresources | where type =~ 'microsoft.cdn/profiles/origingroups' | extend originGroupName = name | extend hasHealthProbe = isnotnull(properties.healthProbeSettings)) on $left.originGroupId == $right.id | summarize numberOrigins = count() by originGroupId, subscriptionId, frontDoorId, hasHealthProbe, originGroupName | extend compliant = not(numberOrigins == 1 and hasHealthProbe) | project id = frontDoorId, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
+                            "query": "resources | where type == 'microsoft.network/frontdoorwebapplicationfirewallpolicies' | project policyName=name, policyId=id,policySku=sku.name, links=properties.securityPolicyLinks, enabledState=properties.policySettings.enabledState, mode=properties.policySettings.mode | mvexpand links | extend securityPolicy=links.id | extend securityPolicyParts=split(securityPolicy, '/') | extend profileId=strcat_array(array_slice(securityPolicyParts, 0, -3), '/') | project id=profileId, compliant=((enabledState=='Enabled') and (mode=='Prevention')), enabledState, mode | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
                             "size": 4,
                             "queryType": 1,
                             "resourceType": "microsoft.resourcegraph/resources",
@@ -775,20 +753,42 @@
                                 ]
                             }
                         },
-                        "name": "query6"
+                        "name": "query11"
+                    }
+                ]
+            },
+            "conditionalVisibility": {
+                "parameterName": "VisibleTab",
+                "comparison": "isEqualTo",
+                "value": "tab1"
+            },
+            "name": "tab1"
+        },
+        {
+            "type": 12,
+            "content": {
+                "version": "NotebookGroup/1.0",
+                "groupType": "editable",
+                "items": [
+                    {
+                        "type": 1,
+                        "content": {
+                            "json": "## Load Balancer"
+                        },
+                        "name": "tab2title"
                     },
                     {
                         "type": 1,
                         "content": {
-                            "json": "Use HEAD health probes with Azure Front Door, to reduce the traffic that Front Door sends to your application. Check [this link](https://learn.microsoft.com/azure/frontdoor/best-practices#use-head-health-probes) for further information."
+                            "json": "Ensure you are using the Standard SKU for your Azure Load Balancers. Check [this link](https://learn.microsoft.com/azure/load-balancer/load-balancer-overview) for further information."
                         },
-                        "name": "querytext7"
+                        "name": "querytext1"
                     },
                     {
                         "type": 3,
                         "content": {
                             "version": "KqlItem/1.0",
-                            "query": "cdnresources | where type =~ 'microsoft.cdn/profiles/origingroups' | extend frontDoorId = substring(id, 0, indexof(id, '/origingroups/')) | extend compliant = (isnull(properties['healthProbeSettings']['probeRequestType']) or toupper(properties['healthProbeSettings']['probeRequestType']) == 'HEAD') | project compliant, id=frontDoorId | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
+                            "query": "resources | where type == 'microsoft.network/loadbalancers' | project id, compliant=(tolower(sku.name) == 'standard') | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
                             "size": 4,
                             "queryType": 1,
                             "resourceType": "microsoft.resourcegraph/resources",
@@ -837,20 +837,20 @@
                                 ]
                             }
                         },
-                        "name": "query7"
+                        "name": "query1"
                     },
                     {
                         "type": 1,
                         "content": {
-                            "json": "Use managed TLS certificates with Azure Front Door. Reduce operational cost and risk of outages due to certificate renewals. Check [this link](https://learn.microsoft.com/azure/frontdoor/best-practices#use-managed-tls-certificates) for further information."
+                            "json": "Use Azure NAT Gateway instead of Load Balancer outbound rules for better SNAT scalability. Check [this link](https://learn.microsoft.com/azure/nat-gateway/nat-overview#outbound-connectivity) for further information."
                         },
-                        "name": "querytext9"
+                        "name": "querytext8"
                     },
                     {
                         "type": 3,
                         "content": {
                             "version": "KqlItem/1.0",
-                            "query": "cdnresources | where type =~ 'microsoft.cdn/profiles/customdomains' | extend frontDoorId = substring(id, 0, indexof(id, '/customdomains')) | extend compliant = (isnull(properties['tlsSettings']['certificateType']) or tolower(properties['tlsSettings']['certificateType']) =~ 'customercertificate') | project compliant, id = frontDoorId | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
+                            "query": "resources | where type=='microsoft.network/loadbalancers' | extend countOutRules=array_length(properties.outboundRules) | extend compliant = (countOutRules == 0) | distinct id,compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
                             "size": 4,
                             "queryType": 1,
                             "resourceType": "microsoft.resourcegraph/resources",
@@ -899,7 +899,7 @@
                                 ]
                             }
                         },
-                        "name": "query9"
+                        "name": "query8"
                     }
                 ]
             },
diff --git a/workbooks/appdelivery_checklist.en_network_workbook_template.json b/workbooks/appdelivery_checklist.en_network_workbook_template.json
index 90b26acfc..328ce8097 100644
--- a/workbooks/appdelivery_checklist.en_network_workbook_template.json
+++ b/workbooks/appdelivery_checklist.en_network_workbook_template.json
@@ -41,7 +41,7 @@
             "dependsOn": [],
             "properties": {
                 "displayName": "[parameters('workbookDisplayName')]",
-                "serializedData": "{\n    \"version\": \"Notebook/1.0\",\n    \"items\": [\n        {\n            \"type\": 9,\n            \"content\": {\n                \"version\": \"KqlParameterItem/1.0\",\n                \"parameters\": [\n                    {\n                        \"id\": \"497a107e-dde8-433e-b263-35ac8e8f7834\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Subscription\",\n                        \"type\": 6,\n                        \"multiSelect\": true,\n                        \"quote\": \"'\",\n                        \"delimiter\": \",\",\n                        \"typeSettings\": {\n                            \"additionalResourceOptions\": [\n                                \"value::all\"\n                            ],\n                            \"includeAll\": true,\n                            \"showDefault\": false\n                        },\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"value\": [\n                            \"value::all\"\n                        ]\n                    },\n                    {\n                        \"id\": \"844e4f4e-df51-4e3c-8eaf-0dc78b92c721\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"OnlyFailed\",\n                        \"label\": \"Only show failed\",\n                        \"type\": 2,\n                        \"typeSettings\": {\n                            \"additionalResourceOptions\": [],\n                            \"showDefault\": false\n                        },\n                        \"jsonData\": \"[\\r\\n    { \\\"value\\\":true, \\\"label\\\":\\\"True\\\" },\\r\\n    { \\\"value\\\":false, \\\"label\\\":\\\"False\\\", \\\"selected\\\":true }\\r\\n]\"\n                    }\n                ],\n                \"style\": \"pills\",\n                \"queryType\": 0,\n                \"resourceType\": \"microsoft.operationalinsights/workspaces\"\n            },\n            \"name\": \"WorkbookSelectors\"\n        },\n        {\n            \"type\": 1,\n            \"content\": {\n                \"json\": \"If you set \\\"Only show failed\\\" to \\\"Yes\\\", the different queries will only show items that have failed their compliance checks.\",\n                \"style\": \"info\"\n            },\n            \"name\": \"InfoBox\"\n        },\n        {\n            \"type\": 1,\n            \"content\": {\n                \"json\": \"## Azure Application Delivery Networking - Network\\n\\n---\\n\\nThis workbook has been automatically generated out of the checklists in the [Azure Review Checklists repo](https://github.com/Azure/review-checklists). This repo contains best practices and recommendations around generic Landing Zones as well as specific services such as Azure Virtual Desktop, Azure Kubernetes Service or Azure VMware Solution, to name a few. This repository of best practices is curated by Azure engineers, but open to anybody to contribute.\\n\\nIf you see a problem in the queries that are part of this workbook, please open a Github issue [here](https://github.com/Azure/review-checklists/issues/new).\"\n            },\n            \"customWidth\": \"100\",\n            \"name\": \"MarkdownHeader\"\n        },\n        {\n            \"type\": 11,\n            \"content\": {\n                \"version\": \"LinkItem/1.0\",\n                \"style\": \"tabs\",\n                \"links\": [\n                    {\n                        \"id\": \"ac6d5574-38e6-4e4a-8fbe-30db51bf61fb\",\n                        \"cellValue\": \"VisibleTab\",\n                        \"linkTarget\": \"parameter\",\n                        \"linkLabel\": \"Load Balancer\",\n                        \"subTarget\": \"tab0\",\n                        \"preText\": \"Load Balancer\",\n                        \"style\": \"primary\"\n                    },\n                    {\n                        \"id\": \"481894bc-9597-4d06-b6b5-43d508f10dcc\",\n                        \"cellValue\": \"VisibleTab\",\n                        \"linkTarget\": \"parameter\",\n                        \"linkLabel\": \"App Gateway\",\n                        \"subTarget\": \"tab1\",\n                        \"preText\": \"App Gateway\",\n                        \"style\": \"primary\"\n                    },\n                    {\n                        \"id\": \"a48fb979-d3bd-4123-9138-af2afa921d51\",\n                        \"cellValue\": \"VisibleTab\",\n                        \"linkTarget\": \"parameter\",\n                        \"linkLabel\": \"Front Door\",\n                        \"subTarget\": \"tab2\",\n                        \"preText\": \"Front Door\",\n                        \"style\": \"primary\"\n                    }\n                ]\n            },\n            \"name\": \"Tabs\"\n        },\n        {\n            \"type\": 12,\n            \"content\": {\n                \"version\": \"NotebookGroup/1.0\",\n                \"groupType\": \"editable\",\n                \"items\": [\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"## Load Balancer\"\n                        },\n                        \"name\": \"tab0title\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Ensure you are using the Standard SKU for your Azure Load Balancers. Check [this link](https://learn.microsoft.com/azure/load-balancer/load-balancer-overview) for further information.\"\n                        },\n                        \"name\": \"querytext1\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type == 'microsoft.network/loadbalancers' | project id, compliant=(tolower(sku.name) == 'standard') | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query1\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Use Azure NAT Gateway instead of Load Balancer outbound rules for better SNAT scalability. Check [this link](https://learn.microsoft.com/azure/nat-gateway/nat-overview#outbound-connectivity) for further information.\"\n                        },\n                        \"name\": \"querytext8\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/loadbalancers' | extend countOutRules=array_length(properties.outboundRules) | extend compliant = (countOutRules == 0) | distinct id,compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query8\"\n                    }\n                ]\n            },\n            \"conditionalVisibility\": {\n                \"parameterName\": \"VisibleTab\",\n                \"comparison\": \"isEqualTo\",\n                \"value\": \"tab0\"\n            },\n            \"name\": \"tab0\"\n        },\n        {\n            \"type\": 12,\n            \"content\": {\n                \"version\": \"NotebookGroup/1.0\",\n                \"groupType\": \"editable\",\n                \"items\": [\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"## App Gateway\"\n                        },\n                        \"name\": \"tab1title\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Ensure you are using Application Gateway v2 SKU. Check [this link](https://learn.microsoft.com/azure/application-gateway/overview-v2) for further information.. [This training](https://learn.microsoft.com/learn/paths/secure-application-delivery/) can help to educate yourself on this.\"\n                        },\n                        \"name\": \"querytext0\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type == 'microsoft.network/applicationgateways' | project id, compliant = properties.sku.name in ('Standard_v2', 'WAF_v2') | project id,compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query0\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Your Application Gateways v2 should be deployed in subnets with IP prefixes equal or larger than /24. Check [this link](https://learn.microsoft.com/azure/application-gateway/configuration-infrastructure#size-of-the-subnet) for further information.. [This training](https://learn.microsoft.com/learn/paths/secure-application-delivery/) can help to educate yourself on this.\"\n                        },\n                        \"name\": \"querytext2\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/applicationgateways' | extend subnetId = tostring(properties.gatewayIPConfigurations[0].properties.subnet.id) | project id, subnetId | join (resources | where type=='microsoft.network/virtualnetworks' | project id,subnets=properties.subnets | mv-expand subnets | mv-expand subnets.properties.addressPrefixes | project id, subnetId = tostring(subnets.id), prefix1 = subnets.properties.addressPrefix, prefix2 = subnets.properties.addressPrefixes | mv-expand prefix2 | extend prefix = iff(isnotnull(prefix1), prefix1, prefix2) | extend subnetPrefixLength = split(prefix, '/')[1])on subnetId | extend compliant = (subnetPrefixLength <= 24 or subnetPrefixLength == 64) | distinct id,compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query2\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Configure autoscaling with a minimum amount of instances of two. Check [this link](https://learn.microsoft.com/azure/application-gateway/application-gateway-autoscaling-zone-redundant) for further information.. [This training](https://learn.microsoft.com/learn/paths/secure-application-delivery/) can help to educate yourself on this.\"\n                        },\n                        \"name\": \"querytext3\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type =~ 'microsoft.network/applicationGateways' | extend compliant = (isnotnull(properties.autoscaleConfiguration) and properties.autoscaleConfiguration.minCapacity >= 2) | distinct id,compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query3\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Deploy Application Gateway across Availability Zones. Check [this link](https://learn.microsoft.com/azure/reliability/migrate-app-gateway-v2) for further information.. [This training](https://learn.microsoft.com/learn/paths/secure-application-delivery/) can help to educate yourself on this.\"\n                        },\n                        \"name\": \"querytext4\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type =~ 'microsoft.network/applicationGateways' | extend compliant = (isnotnull(zones) and array_length(zones) > 1) | distinct id,compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query4\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Enable the Azure Application Gateway WAF bot protection rule set. The bot rules detect good and bad bots. Check [this link](https://learn.microsoft.com/azure/web-application-firewall/ag/bot-protection) for further information.\"\n                        },\n                        \"name\": \"querytext10\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type == 'microsoft.network/applicationgatewaywebapplicationfirewallpolicies' | mv-expand properties.managedRules.managedRuleSets | project id, rulesettype = properties_managedRules_managedRuleSets.ruleSetType | extend compliant1 = (rulesettype == 'Microsoft_BotManagerRuleSet') | project id, compliant1 | summarize compliant = max(compliant1) by id | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query10\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Deploy your WAF policy for Application Gateway in 'Prevention' mode. Check [this link](https://learn.microsoft.com/azure/web-application-firewall/afds/waf-front-door-policy-settings) for further information.\"\n                        },\n                        \"name\": \"querytext11\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type == 'microsoft.network/frontdoorwebapplicationfirewallpolicies' | project policyName=name, policyId=id,policySku=sku.name, links=properties.securityPolicyLinks, enabledState=properties.policySettings.enabledState, mode=properties.policySettings.mode | mvexpand links | extend securityPolicy=links.id | extend securityPolicyParts=split(securityPolicy, '/') | extend profileId=strcat_array(array_slice(securityPolicyParts, 0, -3), '/') | project id=profileId, compliant=((enabledState=='Enabled') and (mode=='Prevention')), enabledState, mode | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query11\"\n                    }\n                ]\n            },\n            \"conditionalVisibility\": {\n                \"parameterName\": \"VisibleTab\",\n                \"comparison\": \"isEqualTo\",\n                \"value\": \"tab1\"\n            },\n            \"name\": \"tab1\"\n        },\n        {\n            \"type\": 12,\n            \"content\": {\n                \"version\": \"NotebookGroup/1.0\",\n                \"groupType\": \"editable\",\n                \"items\": [\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"## Front Door\"\n                        },\n                        \"name\": \"tab2title\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Deploy your WAF policy for Front Door in 'Prevention' mode' so that Web Application Firewall takes appropriate action to allow or deny traffic. Check [this link](https://learn.microsoft.com/azure/web-application-firewall/afds/waf-front-door-policy-settings) for further information.\"\n                        },\n                        \"name\": \"querytext5\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type == 'microsoft.network/frontdoorwebapplicationfirewallpolicies' | project policyName=name, policyId=id,policySku=sku.name, links=properties.securityPolicyLinks, enabledState=properties.policySettings.enabledState, mode=properties.policySettings.mode | mvexpand links | extend securityPolicy=links.id | extend securityPolicyParts=split(securityPolicy, '/') | extend profileId=strcat_array(array_slice(securityPolicyParts, 0, -3), '/') | project id=profileId, compliant=((enabledState=='Enabled') and (mode=='Prevention')), enabledState, mode | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query5\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Disable health probes when there is only one origin in an Azure Front Door origin group. Check [this link](https://learn.microsoft.com/azure/frontdoor/best-practices#disable-health-probes-when-theres-only-one-origin-in-an-origin-group) for further information.\"\n                        },\n                        \"name\": \"querytext6\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"cdnresources | where type =~ 'microsoft.cdn/profiles/origingroups/origins' | extend frontDoorId = substring(id, 0, indexof(id, '/origingroups')) | extend originGroupId = substring(id, 0, indexof(id, '/origins')) | join kind=inner (cdnresources | where type =~ 'microsoft.cdn/profiles/origingroups' | extend originGroupName = name | extend hasHealthProbe = isnotnull(properties.healthProbeSettings)) on $left.originGroupId == $right.id | summarize numberOrigins = count() by originGroupId, subscriptionId, frontDoorId, hasHealthProbe, originGroupName | extend compliant = not(numberOrigins == 1 and hasHealthProbe) | project id = frontDoorId, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query6\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Use HEAD health probes with Azure Front Door, to reduce the traffic that Front Door sends to your application. Check [this link](https://learn.microsoft.com/azure/frontdoor/best-practices#use-head-health-probes) for further information.\"\n                        },\n                        \"name\": \"querytext7\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"cdnresources | where type =~ 'microsoft.cdn/profiles/origingroups' | extend frontDoorId = substring(id, 0, indexof(id, '/origingroups/')) | extend compliant = (isnull(properties['healthProbeSettings']['probeRequestType']) or toupper(properties['healthProbeSettings']['probeRequestType']) == 'HEAD') | project compliant, id=frontDoorId | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query7\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Use managed TLS certificates with Azure Front Door. Reduce operational cost and risk of outages due to certificate renewals. Check [this link](https://learn.microsoft.com/azure/frontdoor/best-practices#use-managed-tls-certificates) for further information.\"\n                        },\n                        \"name\": \"querytext9\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"cdnresources | where type =~ 'microsoft.cdn/profiles/customdomains' | extend frontDoorId = substring(id, 0, indexof(id, '/customdomains')) | extend compliant = (isnull(properties['tlsSettings']['certificateType']) or tolower(properties['tlsSettings']['certificateType']) =~ 'customercertificate') | project compliant, id = frontDoorId | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query9\"\n                    }\n                ]\n            },\n            \"conditionalVisibility\": {\n                \"parameterName\": \"VisibleTab\",\n                \"comparison\": \"isEqualTo\",\n                \"value\": \"tab2\"\n            },\n            \"name\": \"tab2\"\n        }\n    ],\n    \"$schema\": \"https://github.com/Microsoft/Application-Insights-Workbooks/blob/master/schema/workbook.json\"\n}",
+                "serializedData": "{\n    \"version\": \"Notebook/1.0\",\n    \"items\": [\n        {\n            \"type\": 9,\n            \"content\": {\n                \"version\": \"KqlParameterItem/1.0\",\n                \"parameters\": [\n                    {\n                        \"id\": \"497a107e-dde8-433e-b263-35ac8e8f7834\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Subscription\",\n                        \"type\": 6,\n                        \"multiSelect\": true,\n                        \"quote\": \"'\",\n                        \"delimiter\": \",\",\n                        \"typeSettings\": {\n                            \"additionalResourceOptions\": [\n                                \"value::all\"\n                            ],\n                            \"includeAll\": true,\n                            \"showDefault\": false\n                        },\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"value\": [\n                            \"value::all\"\n                        ]\n                    },\n                    {\n                        \"id\": \"844e4f4e-df51-4e3c-8eaf-0dc78b92c721\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"OnlyFailed\",\n                        \"label\": \"Only show failed\",\n                        \"type\": 2,\n                        \"typeSettings\": {\n                            \"additionalResourceOptions\": [],\n                            \"showDefault\": false\n                        },\n                        \"jsonData\": \"[\\r\\n    { \\\"value\\\":true, \\\"label\\\":\\\"True\\\" },\\r\\n    { \\\"value\\\":false, \\\"label\\\":\\\"False\\\", \\\"selected\\\":true }\\r\\n]\"\n                    }\n                ],\n                \"style\": \"pills\",\n                \"queryType\": 0,\n                \"resourceType\": \"microsoft.operationalinsights/workspaces\"\n            },\n            \"name\": \"WorkbookSelectors\"\n        },\n        {\n            \"type\": 1,\n            \"content\": {\n                \"json\": \"If you set \\\"Only show failed\\\" to \\\"Yes\\\", the different queries will only show items that have failed their compliance checks.\",\n                \"style\": \"info\"\n            },\n            \"name\": \"InfoBox\"\n        },\n        {\n            \"type\": 1,\n            \"content\": {\n                \"json\": \"## Azure Application Delivery Networking - Network\\n\\n---\\n\\nThis workbook has been automatically generated out of the checklists in the [Azure Review Checklists repo](https://github.com/Azure/review-checklists). This repo contains best practices and recommendations around generic Landing Zones as well as specific services such as Azure Virtual Desktop, Azure Kubernetes Service or Azure VMware Solution, to name a few. This repository of best practices is curated by Azure engineers, but open to anybody to contribute.\\n\\nIf you see a problem in the queries that are part of this workbook, please open a Github issue [here](https://github.com/Azure/review-checklists/issues/new).\"\n            },\n            \"customWidth\": \"100\",\n            \"name\": \"MarkdownHeader\"\n        },\n        {\n            \"type\": 11,\n            \"content\": {\n                \"version\": \"LinkItem/1.0\",\n                \"style\": \"tabs\",\n                \"links\": [\n                    {\n                        \"id\": \"63fa13f2-3760-45a6-a695-e1c45d6c1cef\",\n                        \"cellValue\": \"VisibleTab\",\n                        \"linkTarget\": \"parameter\",\n                        \"linkLabel\": \"Front Door\",\n                        \"subTarget\": \"tab0\",\n                        \"preText\": \"Front Door\",\n                        \"style\": \"primary\"\n                    },\n                    {\n                        \"id\": \"4469e868-6f25-4999-a009-da52aeddce54\",\n                        \"cellValue\": \"VisibleTab\",\n                        \"linkTarget\": \"parameter\",\n                        \"linkLabel\": \"App Gateway\",\n                        \"subTarget\": \"tab1\",\n                        \"preText\": \"App Gateway\",\n                        \"style\": \"primary\"\n                    },\n                    {\n                        \"id\": \"7b9fba7f-6c16-4b0d-9e8e-3dad01178646\",\n                        \"cellValue\": \"VisibleTab\",\n                        \"linkTarget\": \"parameter\",\n                        \"linkLabel\": \"Load Balancer\",\n                        \"subTarget\": \"tab2\",\n                        \"preText\": \"Load Balancer\",\n                        \"style\": \"primary\"\n                    }\n                ]\n            },\n            \"name\": \"Tabs\"\n        },\n        {\n            \"type\": 12,\n            \"content\": {\n                \"version\": \"NotebookGroup/1.0\",\n                \"groupType\": \"editable\",\n                \"items\": [\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"## Front Door\"\n                        },\n                        \"name\": \"tab0title\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Deploy your WAF policy for Front Door in 'Prevention' mode' so that Web Application Firewall takes appropriate action to allow or deny traffic. Check [this link](https://learn.microsoft.com/azure/web-application-firewall/afds/waf-front-door-policy-settings) for further information.\"\n                        },\n                        \"name\": \"querytext5\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type == 'microsoft.network/frontdoorwebapplicationfirewallpolicies' | project policyName=name, policyId=id,policySku=sku.name, links=properties.securityPolicyLinks, enabledState=properties.policySettings.enabledState, mode=properties.policySettings.mode | mvexpand links | extend securityPolicy=links.id | extend securityPolicyParts=split(securityPolicy, '/') | extend profileId=strcat_array(array_slice(securityPolicyParts, 0, -3), '/') | project id=profileId, compliant=((enabledState=='Enabled') and (mode=='Prevention')), enabledState, mode | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query5\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Disable health probes when there is only one origin in an Azure Front Door origin group. Check [this link](https://learn.microsoft.com/azure/frontdoor/best-practices#disable-health-probes-when-theres-only-one-origin-in-an-origin-group) for further information.\"\n                        },\n                        \"name\": \"querytext6\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"cdnresources | where type =~ 'microsoft.cdn/profiles/origingroups/origins' | extend frontDoorId = substring(id, 0, indexof(id, '/origingroups')) | extend originGroupId = substring(id, 0, indexof(id, '/origins')) | join kind=inner (cdnresources | where type =~ 'microsoft.cdn/profiles/origingroups' | extend originGroupName = name | extend hasHealthProbe = isnotnull(properties.healthProbeSettings)) on $left.originGroupId == $right.id | summarize numberOrigins = count() by originGroupId, subscriptionId, frontDoorId, hasHealthProbe, originGroupName | extend compliant = not(numberOrigins == 1 and hasHealthProbe) | project id = frontDoorId, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query6\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Use HEAD health probes with Azure Front Door, to reduce the traffic that Front Door sends to your application. Check [this link](https://learn.microsoft.com/azure/frontdoor/best-practices#use-head-health-probes) for further information.\"\n                        },\n                        \"name\": \"querytext7\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"cdnresources | where type =~ 'microsoft.cdn/profiles/origingroups' | extend frontDoorId = substring(id, 0, indexof(id, '/origingroups/')) | extend compliant = (isnull(properties['healthProbeSettings']['probeRequestType']) or toupper(properties['healthProbeSettings']['probeRequestType']) == 'HEAD') | project compliant, id=frontDoorId | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query7\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Use managed TLS certificates with Azure Front Door. Reduce operational cost and risk of outages due to certificate renewals. Check [this link](https://learn.microsoft.com/azure/frontdoor/best-practices#use-managed-tls-certificates) for further information.\"\n                        },\n                        \"name\": \"querytext9\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"cdnresources | where type =~ 'microsoft.cdn/profiles/customdomains' | extend frontDoorId = substring(id, 0, indexof(id, '/customdomains')) | extend compliant = (isnull(properties['tlsSettings']['certificateType']) or tolower(properties['tlsSettings']['certificateType']) =~ 'customercertificate') | project compliant, id = frontDoorId | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query9\"\n                    }\n                ]\n            },\n            \"conditionalVisibility\": {\n                \"parameterName\": \"VisibleTab\",\n                \"comparison\": \"isEqualTo\",\n                \"value\": \"tab0\"\n            },\n            \"name\": \"tab0\"\n        },\n        {\n            \"type\": 12,\n            \"content\": {\n                \"version\": \"NotebookGroup/1.0\",\n                \"groupType\": \"editable\",\n                \"items\": [\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"## App Gateway\"\n                        },\n                        \"name\": \"tab1title\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Ensure you are using Application Gateway v2 SKU. Check [this link](https://learn.microsoft.com/azure/application-gateway/overview-v2) for further information.. [This training](https://learn.microsoft.com/learn/paths/secure-application-delivery/) can help to educate yourself on this.\"\n                        },\n                        \"name\": \"querytext0\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type == 'microsoft.network/applicationgateways' | project id, compliant = properties.sku.name in ('Standard_v2', 'WAF_v2') | project id,compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query0\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Your Application Gateways v2 should be deployed in subnets with IP prefixes equal or larger than /24. Check [this link](https://learn.microsoft.com/azure/application-gateway/configuration-infrastructure#size-of-the-subnet) for further information.. [This training](https://learn.microsoft.com/learn/paths/secure-application-delivery/) can help to educate yourself on this.\"\n                        },\n                        \"name\": \"querytext2\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/applicationgateways' | extend subnetId = tostring(properties.gatewayIPConfigurations[0].properties.subnet.id) | project id, subnetId | join (resources | where type=='microsoft.network/virtualnetworks' | project id,subnets=properties.subnets | mv-expand subnets | mv-expand subnets.properties.addressPrefixes | project id, subnetId = tostring(subnets.id), prefix1 = subnets.properties.addressPrefix, prefix2 = subnets.properties.addressPrefixes | mv-expand prefix2 | extend prefix = iff(isnotnull(prefix1), prefix1, prefix2) | extend subnetPrefixLength = split(prefix, '/')[1])on subnetId | extend compliant = (subnetPrefixLength <= 24 or subnetPrefixLength == 64) | distinct id,compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query2\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Configure autoscaling with a minimum amount of instances of two. Check [this link](https://learn.microsoft.com/azure/application-gateway/application-gateway-autoscaling-zone-redundant) for further information.. [This training](https://learn.microsoft.com/learn/paths/secure-application-delivery/) can help to educate yourself on this.\"\n                        },\n                        \"name\": \"querytext3\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type =~ 'microsoft.network/applicationGateways' | extend compliant = (isnotnull(properties.autoscaleConfiguration) and properties.autoscaleConfiguration.minCapacity >= 2) | distinct id,compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query3\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Deploy Application Gateway across Availability Zones. Check [this link](https://learn.microsoft.com/azure/reliability/migrate-app-gateway-v2) for further information.. [This training](https://learn.microsoft.com/learn/paths/secure-application-delivery/) can help to educate yourself on this.\"\n                        },\n                        \"name\": \"querytext4\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type =~ 'microsoft.network/applicationGateways' | extend compliant = (isnotnull(zones) and array_length(zones) > 1) | distinct id,compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query4\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Enable the Azure Application Gateway WAF bot protection rule set. The bot rules detect good and bad bots. Check [this link](https://learn.microsoft.com/azure/web-application-firewall/ag/bot-protection) for further information.\"\n                        },\n                        \"name\": \"querytext10\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type == 'microsoft.network/applicationgatewaywebapplicationfirewallpolicies' | mv-expand properties.managedRules.managedRuleSets | project id, rulesettype = properties_managedRules_managedRuleSets.ruleSetType | extend compliant1 = (rulesettype == 'Microsoft_BotManagerRuleSet') | project id, compliant1 | summarize compliant = max(compliant1) by id | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query10\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Deploy your WAF policy for Application Gateway in 'Prevention' mode. Check [this link](https://learn.microsoft.com/azure/web-application-firewall/afds/waf-front-door-policy-settings) for further information.\"\n                        },\n                        \"name\": \"querytext11\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type == 'microsoft.network/frontdoorwebapplicationfirewallpolicies' | project policyName=name, policyId=id,policySku=sku.name, links=properties.securityPolicyLinks, enabledState=properties.policySettings.enabledState, mode=properties.policySettings.mode | mvexpand links | extend securityPolicy=links.id | extend securityPolicyParts=split(securityPolicy, '/') | extend profileId=strcat_array(array_slice(securityPolicyParts, 0, -3), '/') | project id=profileId, compliant=((enabledState=='Enabled') and (mode=='Prevention')), enabledState, mode | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query11\"\n                    }\n                ]\n            },\n            \"conditionalVisibility\": {\n                \"parameterName\": \"VisibleTab\",\n                \"comparison\": \"isEqualTo\",\n                \"value\": \"tab1\"\n            },\n            \"name\": \"tab1\"\n        },\n        {\n            \"type\": 12,\n            \"content\": {\n                \"version\": \"NotebookGroup/1.0\",\n                \"groupType\": \"editable\",\n                \"items\": [\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"## Load Balancer\"\n                        },\n                        \"name\": \"tab2title\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Ensure you are using the Standard SKU for your Azure Load Balancers. Check [this link](https://learn.microsoft.com/azure/load-balancer/load-balancer-overview) for further information.\"\n                        },\n                        \"name\": \"querytext1\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type == 'microsoft.network/loadbalancers' | project id, compliant=(tolower(sku.name) == 'standard') | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query1\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Use Azure NAT Gateway instead of Load Balancer outbound rules for better SNAT scalability. Check [this link](https://learn.microsoft.com/azure/nat-gateway/nat-overview#outbound-connectivity) for further information.\"\n                        },\n                        \"name\": \"querytext8\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/loadbalancers' | extend countOutRules=array_length(properties.outboundRules) | extend compliant = (countOutRules == 0) | distinct id,compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query8\"\n                    }\n                ]\n            },\n            \"conditionalVisibility\": {\n                \"parameterName\": \"VisibleTab\",\n                \"comparison\": \"isEqualTo\",\n                \"value\": \"tab2\"\n            },\n            \"name\": \"tab2\"\n        }\n    ],\n    \"$schema\": \"https://github.com/Microsoft/Application-Insights-Workbooks/blob/master/schema/workbook.json\"\n}",
                 "version": "1.0",
                 "sourceId": "[parameters('workbookSourceId')]",
                 "category": "[parameters('workbookType')]"